httpcat-cli 0.3.0 → 0.3.1

package/dist/commands/sign.js

@@ -0,0 +1,1048 @@
+import { Command } from "commander";
+import { HttpcatClient } from "../client.js";
+import { config } from "../config.js";
+import chalk from "chalk";
+import { printBox, formatAddress, } from "../utils/formatting.js";
+import { withLoading } from "../utils/loading.js";
+import { outputJson, outputError } from "../headless/json-output.js";
+import { handleError, getExitCode } from "../utils/errors.js";
+import { promptForPrivateKey } from "../utils/privateKeyPrompt.js";
+import { privateKeyToAccount } from "viem/accounts";
+import { recoverMessageAddress, recoverTypedDataAddress, hashMessage, hashTypedData, keccak256, } from "viem";
+import { readFileSync, existsSync } from "fs";
+import { createHash } from "crypto";
+import inquirer from "inquirer";
+// ============================================================================
+// Shared Utilities
+// ============================================================================
+function getPrivateKey(cliPrivateKey, accountIndex) {
+    if (cliPrivateKey)
+        return cliPrivateKey;
+    const envKey = process.env.HTTPCAT_PRIVATE_KEY;
+    if (envKey)
+        return envKey;
+    try {
+        const index = accountIndex !== undefined
+            ? accountIndex
+            : config.getActiveAccountIndex();
+        return config.getAccountPrivateKey(index);
+    }
+    catch (error) {
+        return config.get("privateKey");
+    }
+}
+function isConfigured(cliPrivateKey) {
+    if (cliPrivateKey)
+        return true;
+    return config.isConfigured();
+}
+async function ensureWalletUnlocked() {
+    const password = config.getPassword();
+    if (!password) {
+        config.ensureSessionValid();
+        return;
+    }
+    if (!config.isSessionValid()) {
+        const answers = await inquirer.prompt([
+            {
+                type: "password",
+                name: "password",
+                message: "Enter password to unlock wallet:",
+                mask: "•",
+            },
+        ]);
+        await config.unlockSession(answers.password);
+    }
+}
+/**
+ * Parse JSON from string or file path
+ */
+function parseJsonInput(input) {
+    try {
+        return JSON.parse(input);
+    }
+    catch {
+        if (existsSync(input)) {
+            return JSON.parse(readFileSync(input, "utf-8"));
+        }
+        throw new Error(`Invalid JSON: ${input}`);
+    }
+}
+/**
+ * Read message from stdin if input is "-"
+ */
+async function readMessageInput(input) {
+    if (input === "-") {
+        return new Promise((resolve, reject) => {
+            let data = "";
+            process.stdin.setEncoding("utf8");
+            process.stdin.on("data", (chunk) => {
+                data += chunk;
+            });
+            process.stdin.on("end", () => {
+                resolve(data.trim());
+            });
+            process.stdin.on("error", reject);
+            process.stdin.resume();
+        });
+    }
+    return input;
+}
+/**
+ * Hash file contents
+ */
+function hashFile(filePath, algorithm = "sha256") {
+    if (!existsSync(filePath)) {
+        throw new Error(`File not found: ${filePath}`);
+    }
+    const fileContent = readFileSync(filePath);
+    if (algorithm === "sha256") {
+        return createHash("sha256").update(fileContent).digest("hex");
+    }
+    else {
+        // Keccak-256 (used by Ethereum)
+        // Convert Buffer to Hex string first
+        const hexString = `0x${fileContent.toString("hex")}`;
+        return keccak256(hexString).slice(2); // Remove 0x prefix to match sha256 format
+    }
+}
+/**
+ * Format signature in different formats
+ */
+function formatSignature(signature, format = "hex") {
+    if (format === "hex") {
+        return signature;
+    }
+    // RSV format: { r, s, v }
+    if (format === "rsv") {
+        const r = signature.slice(0, 66);
+        const s = "0x" + signature.slice(66, 130);
+        const v = parseInt(signature.slice(130, 132), 16);
+        return { r, s, v };
+    }
+    // Compact format: 65 bytes without 0x
+    if (format === "compact") {
+        return signature.slice(2);
+    }
+    return signature;
+}
+// ============================================================================
+// Sign Command Group
+// ============================================================================
+export function createSignCommand() {
+    const signCommand = new Command("sign")
+        .description("Cryptographic signing operations")
+        .addHelpText("after", `
+Examples:
+  httpcat sign message "Hello, world!"
+  httpcat sign file document.pdf
+  httpcat sign transaction '{"to":"0x...","value":"1000000000000000000"}'
+  httpcat sign eip712 --domain '{"name":"MyApp"}' --types '{}' --message '{}'
+  httpcat sign verify 0x... "Hello, world!"
+    `);
+    // If no subcommand, enter interactive mode
+    signCommand.action(async (options, command) => {
+        const globalOpts = command.parent?.opts() || {};
+        if (globalOpts.json) {
+            outputError("sign", new Error("Please specify a subcommand"), 1);
+            process.exit(1);
+        }
+        // Enter interactive mode
+        await startInteractiveMode(globalOpts);
+    });
+    // ============================================================================
+    // Message Signing (EIP-191)
+    // ============================================================================
+    signCommand
+        .command("message")
+        .description("Sign a message using EIP-191 personal sign")
+        .argument("[message]", "Message to sign (or use --file or stdin with -)")
+        .option("--file <path>", "Read message from file")
+        .option("--stdin", "Read message from stdin")
+        .option("--output <file>", "Save signature to file")
+        .option("--format <format>", "Signature format: hex, rsv, compact", "hex")
+        .option("--verify", "Verify signature after signing")
+        .action(async (message, options, command) => {
+        try {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            const accountIndex = globalOpts.account;
+            await ensureWalletUnlocked();
+            let privateKey = getPrivateKey(globalOpts.privateKey, accountIndex);
+            if (!isConfigured(globalOpts.privateKey)) {
+                if (globalOpts.json) {
+                    console.error('❌ Not configured. Run "httpcat config" first or use --private-key flag.');
+                    process.exit(2);
+                }
+                privateKey = await promptForPrivateKey();
+            }
+            const account = privateKeyToAccount(privateKey);
+            // Get message input
+            let messageText;
+            if (options.file) {
+                messageText = readFileSync(options.file, "utf-8");
+            }
+            else if (options.stdin || message === "-") {
+                messageText = await readMessageInput("-");
+            }
+            else if (message) {
+                messageText = message;
+            }
+            else {
+                throw new Error("Message required. Use argument, --file, or --stdin");
+            }
+            // Compute message hash locally (no API call needed)
+            const messageHash = hashMessage(messageText);
+            // Sign locally using viem
+            const signature = await account.signMessage({ message: messageText });
+            const signerAddress = account.address;
+            // Verify if requested
+            let verified = false;
+            if (options.verify) {
+                const recovered = await recoverMessageAddress({
+                    message: messageText,
+                    signature,
+                });
+                verified = recovered.toLowerCase() === signerAddress.toLowerCase();
+            }
+            const formattedSignature = formatSignature(signature, options.format);
+            // Save to file if requested
+            if (options.output) {
+                const outputData = {
+                    message: messageText,
+                    messageHash: messageHash,
+                    signature: signature,
+                    signer: signerAddress,
+                    verified,
+                    format: options.format,
+                };
+                require("fs").writeFileSync(options.output, JSON.stringify(outputData, null, 2));
+            }
+            if (globalOpts.json) {
+                outputJson("sign_message", {
+                    type: "eip191",
+                    message: messageText,
+                    messageHash: messageHash,
+                    signature: formattedSignature,
+                    signer: signerAddress,
+                    verified,
+                });
+            }
+            else if (!globalOpts.quiet) {
+                console.log();
+                console.log(chalk.magenta.bold("✍️  Signature Created"));
+                console.log();
+                const boxData = {
+                    "Signature Type": chalk.cyan("EIP-191"),
+                    Message: chalk.yellow(messageText.length > 50 ? messageText.substring(0, 50) + "..." : messageText),
+                    "Message Hash": chalk.green.bold(messageHash),
+                    Signature: chalk.yellow(signature),
+                    Signer: formatAddress(signerAddress),
+                };
+                if (options.verify) {
+                    boxData["Verified"] = verified ? chalk.green("✅") : chalk.red("❌");
+                }
+                printBox("Signature Data", boxData);
+                console.log();
+            }
+            process.exit(0);
+        }
+        catch (error) {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            if (globalOpts.json) {
+                outputError("sign_message", error, getExitCode(error));
+            }
+            else {
+                handleError(error, globalOpts.verbose);
+            }
+            process.exit(getExitCode(error));
+        }
+    });
+    // ============================================================================
+    // File Signing
+    // ============================================================================
+    signCommand
+        .command("file")
+        .description("Sign a file (hash + EIP-191 signature)")
+        .argument("<file>", "File path to sign")
+        .option("--hash-algorithm <algorithm>", "Hash algorithm: sha256, keccak256", "sha256")
+        .option("--output <file>", "Save signature to file")
+        .option("--format <format>", "Signature format: hex, rsv, compact", "hex")
+        .option("--verify", "Verify signature after signing")
+        .action(async (file, options, command) => {
+        try {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            const accountIndex = globalOpts.account;
+            await ensureWalletUnlocked();
+            let privateKey = getPrivateKey(globalOpts.privateKey, accountIndex);
+            if (!isConfigured(globalOpts.privateKey)) {
+                if (globalOpts.json) {
+                    console.error('❌ Not configured. Run "httpcat config" first or use --private-key flag.');
+                    process.exit(2);
+                }
+                privateKey = await promptForPrivateKey();
+            }
+            const account = privateKeyToAccount(privateKey);
+            // Hash file
+            const fileHash = hashFile(file, options.hashAlgorithm);
+            const fileHashHex = `0x${fileHash}`;
+            // Compute message hash locally (no API call needed)
+            const messageHash = hashMessage(fileHashHex);
+            // Sign the hash locally
+            const signature = await account.signMessage({ message: fileHashHex });
+            const signerAddress = account.address;
+            // Verify if requested
+            let verified = false;
+            if (options.verify) {
+                const recovered = await recoverMessageAddress({
+                    message: fileHashHex,
+                    signature,
+                });
+                verified = recovered.toLowerCase() === signerAddress.toLowerCase();
+            }
+            const formattedSignature = formatSignature(signature, options.format);
+            // Save to file if requested
+            if (options.output) {
+                const outputData = {
+                    file,
+                    fileHash: fileHashHex,
+                    hashAlgorithm: options.hashAlgorithm,
+                    messageHash: messageHash,
+                    signature: signature,
+                    signer: signerAddress,
+                    verified,
+                    format: options.format,
+                };
+                require("fs").writeFileSync(options.output, JSON.stringify(outputData, null, 2));
+            }
+            if (globalOpts.json) {
+                outputJson("sign_file", {
+                    type: "file",
+                    file,
+                    fileHash: fileHashHex,
+                    hashAlgorithm: options.hashAlgorithm,
+                    messageHash: messageHash,
+                    signature: formattedSignature,
+                    signer: signerAddress,
+                    verified,
+                });
+            }
+            else if (!globalOpts.quiet) {
+                console.log();
+                console.log(chalk.magenta.bold("✍️  File Signature Created"));
+                console.log();
+                const boxData = {
+                    File: chalk.cyan(file),
+                    "Hash Algorithm": chalk.cyan(options.hashAlgorithm),
+                    "File Hash": chalk.green.bold(fileHashHex),
+                    "Message Hash": chalk.green.bold(messageHash),
+                    Signature: chalk.yellow(signature),
+                    Signer: formatAddress(signerAddress),
+                };
+                if (options.verify) {
+                    boxData["Verified"] = verified ? chalk.green("✅") : chalk.red("❌");
+                }
+                printBox("Signature Data", boxData);
+                console.log();
+            }
+            process.exit(0);
+        }
+        catch (error) {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            if (globalOpts.json) {
+                outputError("sign_file", error, getExitCode(error));
+            }
+            else {
+                handleError(error, globalOpts.verbose);
+            }
+            process.exit(getExitCode(error));
+        }
+    });
+    // ============================================================================
+    // Transaction Signing
+    // ============================================================================
+    signCommand
+        .command("transaction")
+        .description("Sign a transaction (EIP-155)")
+        .argument("<tx-json>", "Transaction JSON (string or file path)")
+        .option("--output <file>", "Save signed transaction to file")
+        .action(async (txJson, options, command) => {
+        try {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            const accountIndex = globalOpts.account;
+            await ensureWalletUnlocked();
+            let privateKey = getPrivateKey(globalOpts.privateKey, accountIndex);
+            if (!isConfigured(globalOpts.privateKey)) {
+                if (globalOpts.json) {
+                    console.error('❌ Not configured. Run "httpcat config" first or use --private-key flag.');
+                    process.exit(2);
+                }
+                privateKey = await promptForPrivateKey();
+            }
+            const account = privateKeyToAccount(privateKey);
+            const client = await HttpcatClient.create(privateKey);
+            // Parse transaction JSON
+            const tx = parseJsonInput(txJson);
+            // Prepare transaction via backend
+            // Note: Transaction preparation requires blockchain state (nonce, gas, etc.)
+            // so we use the API for this. The actual signing happens locally.
+            const prepareResult = await withLoading(async () => {
+                const { data } = await client.invoke("tools/tx/prepare", tx);
+                return data;
+            }, {
+                message: "Preparing transaction...",
+                json: globalOpts.json,
+                quiet: globalOpts.quiet,
+                spinner: "cat",
+                clearOnSuccess: true,
+            });
+            // For transaction signing, we prepare the transaction data
+            // Full RLP-encoded signed transaction requires additional serialization
+            // The prepared transaction contains all necessary fields for signing
+            // Note: To actually broadcast, use httpcat send or another transaction execution method
+            // Create a signed transaction representation
+            // In a full implementation, this would serialize and sign the transaction
+            // For now, we return the prepared transaction with signing metadata
+            const signedTx = {
+                ...prepareResult.transaction,
+                from: account.address,
+                // The actual signed transaction RLP would be generated here
+                // This requires transaction serialization and RLP encoding
+            };
+            // For display purposes, create a placeholder signed transaction string
+            // In production, this would be the actual RLP-encoded signed transaction
+            const signedTxHex = `0x${JSON.stringify(signedTx).slice(0, 100)}...`;
+            // Save to file if requested
+            if (options.output) {
+                const outputData = {
+                    transaction: prepareResult.transaction,
+                    signedTransaction: signedTx,
+                    messageHash: prepareResult.messageHash,
+                    signer: account.address,
+                };
+                require("fs").writeFileSync(options.output, JSON.stringify(outputData, null, 2));
+            }
+            if (globalOpts.json) {
+                outputJson("sign_transaction", {
+                    transaction: prepareResult.transaction,
+                    signedTransaction: signedTx,
+                    messageHash: prepareResult.messageHash,
+                    signer: account.address,
+                    note: "Transaction prepared. Use httpcat send or another method to execute.",
+                });
+            }
+            else if (!globalOpts.quiet) {
+                console.log();
+                console.log(chalk.magenta.bold("✍️  Transaction Prepared"));
+                console.log();
+                const boxData = {
+                    "Transaction Type": chalk.cyan("EIP-155"),
+                    To: formatAddress(prepareResult.transaction.to || "0x0"),
+                    Value: chalk.yellow(prepareResult.transaction.value
+                        ? `${prepareResult.transaction.value} wei`
+                        : "0 wei"),
+                    "Message Hash": chalk.green.bold(prepareResult.messageHash),
+                    Signer: formatAddress(account.address),
+                    Note: chalk.dim("Transaction prepared. Use 'httpcat send' to execute."),
+                };
+                printBox("Transaction Data", boxData);
+                console.log();
+            }
+            process.exit(0);
+        }
+        catch (error) {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            if (globalOpts.json) {
+                outputError("sign_transaction", error, getExitCode(error));
+            }
+            else {
+                handleError(error, globalOpts.verbose);
+            }
+            process.exit(getExitCode(error));
+        }
+    });
+    // ============================================================================
+    // EIP-712 Signing
+    // ============================================================================
+    signCommand
+        .command("eip712")
+        .description("Sign EIP-712 structured data")
+        .requiredOption("--domain <domain>", "Domain JSON (string or file path)")
+        .requiredOption("--types <types>", "Types JSON (string or file path)")
+        .requiredOption("--message <message>", "Message JSON (string or file path)")
+        .option("--output <file>", "Save signature to file")
+        .option("--verify", "Verify signature after signing")
+        .action(async (options, command) => {
+        try {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            const accountIndex = globalOpts.account;
+            await ensureWalletUnlocked();
+            let privateKey = getPrivateKey(globalOpts.privateKey, accountIndex);
+            if (!isConfigured(globalOpts.privateKey)) {
+                if (globalOpts.json) {
+                    console.error('❌ Not configured. Run "httpcat config" first or use --private-key flag.');
+                    process.exit(2);
+                }
+                privateKey = await promptForPrivateKey();
+            }
+            const account = privateKeyToAccount(privateKey);
+            // Parse JSON inputs
+            const domain = parseJsonInput(options.domain);
+            const types = parseJsonInput(options.types);
+            const message = parseJsonInput(options.message);
+            // Compute message hash locally (no API call needed)
+            const primaryType = Object.keys(types).find((k) => k !== "EIP712Domain") || "Message";
+            const messageHash = hashTypedData({
+                domain: domain,
+                types: types,
+                primaryType: primaryType,
+                message: message,
+            });
+            // Sign using account's signTypedData method
+            const signature = await account.signTypedData({
+                domain,
+                types: types,
+                primaryType,
+                message: message,
+            });
+            const signerAddress = account.address;
+            // Verify if requested
+            let verified = false;
+            if (options.verify) {
+                const recovered = await recoverTypedDataAddress({
+                    domain,
+                    types: types,
+                    primaryType: Object.keys(types).find((k) => k !== "EIP712Domain") || "Message",
+                    message: message,
+                    signature,
+                });
+                verified = recovered.toLowerCase() === signerAddress.toLowerCase();
+            }
+            // Save to file if requested
+            if (options.output) {
+                const outputData = {
+                    domain,
+                    types,
+                    message,
+                    messageHash: messageHash,
+                    signature,
+                    signer: signerAddress,
+                    verified,
+                };
+                require("fs").writeFileSync(options.output, JSON.stringify(outputData, null, 2));
+            }
+            if (globalOpts.json) {
+                outputJson("sign_eip712", {
+                    type: "eip712",
+                    domain,
+                    types,
+                    message,
+                    messageHash: messageHash,
+                    signature,
+                    signer: signerAddress,
+                    verified,
+                });
+            }
+            else if (!globalOpts.quiet) {
+                console.log();
+                console.log(chalk.magenta.bold("✍️  EIP-712 Signature Created"));
+                console.log();
+                const boxData = {
+                    "Signature Type": chalk.cyan("EIP-712"),
+                    Domain: chalk.yellow(JSON.stringify(domain).substring(0, 50) + "..."),
+                    "Message Hash": chalk.green.bold(messageHash),
+                    Signature: chalk.yellow(signature),
+                    Signer: formatAddress(signerAddress),
+                };
+                if (options.verify) {
+                    boxData["Verified"] = verified ? chalk.green("✅") : chalk.red("❌");
+                }
+                printBox("Signature Data", boxData);
+                console.log();
+            }
+            process.exit(0);
+        }
+        catch (error) {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            if (globalOpts.json) {
+                outputError("sign_eip712", error, getExitCode(error));
+            }
+            else {
+                handleError(error, globalOpts.verbose);
+            }
+            process.exit(getExitCode(error));
+        }
+    });
+    // ============================================================================
+    // Permit2 Signing
+    // ============================================================================
+    signCommand
+        .command("permit2")
+        .description("Sign Permit2 token authorization")
+        .requiredOption("--token <address>", "Token address (0x format)")
+        .requiredOption("--amount <amount>", "Amount in wei")
+        .requiredOption("--spender <address>", "Spender address (0x format)")
+        .option("--nonce <nonce>", "Nonce (auto-generated if not provided)")
+        .option("--deadline <deadline>", "Deadline (Unix timestamp, auto-generated if not provided)")
+        .option("--output <file>", "Save signature to file")
+        .option("--verify", "Verify signature after signing")
+        .action(async (options, command) => {
+        try {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            const accountIndex = globalOpts.account;
+            await ensureWalletUnlocked();
+            let privateKey = getPrivateKey(globalOpts.privateKey, accountIndex);
+            if (!isConfigured(globalOpts.privateKey)) {
+                if (globalOpts.json) {
+                    console.error('❌ Not configured. Run "httpcat config" first or use --private-key flag.');
+                    process.exit(2);
+                }
+                privateKey = await promptForPrivateKey();
+            }
+            const account = privateKeyToAccount(privateKey);
+            // Get network for chain ID
+            const { getNetworkConfig } = await import("../utils/constants.js");
+            const { config } = await import("../config.js");
+            const network = config.get("network") || "eip155:84532";
+            const { chain } = await getNetworkConfig(network);
+            // Auto-generate nonce and deadline if not provided
+            const nonce = options.nonce ? parseInt(options.nonce) : Math.floor(Math.random() * 2 ** 32);
+            const deadline = options.deadline
+                ? parseInt(options.deadline)
+                : Math.floor(Date.now() / 1000) + 3600; // 1 hour from now
+            // Construct Permit2 EIP-712 data locally (no API call needed)
+            const PERMIT2_ADDRESS = "0x000000000022D473030F116dDEE9F6B43aC78BA3";
+            const domain = {
+                name: "Permit2",
+                chainId: chain.id,
+                verifyingContract: PERMIT2_ADDRESS,
+            };
+            const types = {
+                PermitSingle: [
+                    { name: "details", type: "PermitDetails" },
+                    { name: "spender", type: "address" },
+                    { name: "sigDeadline", type: "uint256" },
+                ],
+                PermitDetails: [
+                    { name: "token", type: "address" },
+                    { name: "amount", type: "uint160" },
+                    { name: "expiration", type: "uint48" },
+                    { name: "nonce", type: "uint48" },
+                ],
+            };
+            const message = {
+                details: {
+                    token: options.token,
+                    amount: BigInt(options.amount) > BigInt(2 ** 160 - 1) ? BigInt(2 ** 160 - 1) : BigInt(options.amount),
+                    expiration: BigInt(deadline),
+                    nonce: BigInt(nonce),
+                },
+                spender: options.spender,
+                sigDeadline: BigInt(deadline),
+            };
+            // Compute message hash locally
+            const messageHash = hashTypedData({
+                domain,
+                types: types,
+                primaryType: "PermitSingle",
+                message: message,
+            });
+            // Sign using account's signTypedData method
+            const signature = await account.signTypedData({
+                domain,
+                types: types,
+                primaryType: "PermitSingle",
+                message: message,
+            });
+            const signerAddress = account.address;
+            // Verify if requested
+            let verified = false;
+            if (options.verify) {
+                const recovered = await recoverTypedDataAddress({
+                    domain,
+                    types: types,
+                    primaryType: "PermitSingle",
+                    message: message,
+                    signature,
+                });
+                verified = recovered.toLowerCase() === signerAddress.toLowerCase();
+            }
+            // Save to file if requested
+            if (options.output) {
+                const outputData = {
+                    token: options.token,
+                    amount: options.amount,
+                    spender: options.spender,
+                    nonce,
+                    deadline,
+                    messageHash: messageHash,
+                    signature,
+                    signer: signerAddress,
+                    verified,
+                };
+                require("fs").writeFileSync(options.output, JSON.stringify(outputData, null, 2));
+            }
+            if (globalOpts.json) {
+                outputJson("sign_permit2", {
+                    type: "permit2",
+                    token: options.token,
+                    amount: options.amount,
+                    spender: options.spender,
+                    nonce,
+                    deadline,
+                    messageHash: messageHash,
+                    signature,
+                    signer: signerAddress,
+                    verified,
+                });
+            }
+            else if (!globalOpts.quiet) {
+                console.log();
+                console.log(chalk.magenta.bold("✍️  Permit2 Signature Created"));
+                console.log();
+                const boxData = {
+                    "Signature Type": chalk.cyan("Permit2"),
+                    Token: formatAddress(options.token),
+                    Amount: chalk.yellow(options.amount),
+                    Spender: formatAddress(options.spender),
+                    Nonce: chalk.cyan(nonce.toString()),
+                    Deadline: chalk.cyan(new Date(deadline * 1000).toISOString()),
+                    "Message Hash": chalk.green.bold(messageHash),
+                    Signature: chalk.yellow(signature),
+                    Signer: formatAddress(signerAddress),
+                };
+                if (options.verify) {
+                    boxData["Verified"] = verified ? chalk.green("✅") : chalk.red("❌");
+                }
+                printBox("Signature Data", boxData);
+                console.log();
+            }
+            process.exit(0);
+        }
+        catch (error) {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            if (globalOpts.json) {
+                outputError("sign_permit2", error, getExitCode(error));
+            }
+            else {
+                handleError(error, globalOpts.verbose);
+            }
+            process.exit(getExitCode(error));
+        }
+    });
+    // ============================================================================
+    // Batch Signing
+    // ============================================================================
+    signCommand
+        .command("batch")
+        .description("Batch sign multiple messages/files")
+        .argument("<batch-json>", "Batch JSON (string or file path)")
+        .option("--output <file>", "Save all signatures to file")
+        .action(async (batchJson, options, command) => {
+        try {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            const accountIndex = globalOpts.account;
+            await ensureWalletUnlocked();
+            let privateKey = getPrivateKey(globalOpts.privateKey, accountIndex);
+            if (!isConfigured(globalOpts.privateKey)) {
+                if (globalOpts.json) {
+                    console.error('❌ Not configured. Run "httpcat config" first or use --private-key flag.');
+                    process.exit(2);
+                }
+                privateKey = await promptForPrivateKey();
+            }
+            const account = privateKeyToAccount(privateKey);
+            // Parse batch JSON
+            const batch = parseJsonInput(batchJson);
+            if (!Array.isArray(batch) && !batch.messages && !batch.files) {
+                throw new Error("Batch JSON must be an array or object with 'messages' and/or 'files' arrays");
+            }
+            const messages = Array.isArray(batch) ? batch : batch.messages || [];
+            const files = Array.isArray(batch) ? [] : batch.files || [];
+            const results = [];
+            // Sign messages
+            for (const msg of messages) {
+                const messageText = typeof msg === "string" ? msg : msg.message;
+                // Compute message hash locally (no API call needed)
+                const messageHash = hashMessage(messageText);
+                const signature = await account.signMessage({ message: messageText });
+                results.push({
+                    type: "message",
+                    message: messageText,
+                    messageHash: messageHash,
+                    signature,
+                    signer: account.address,
+                });
+            }
+            // Sign files
+            for (const file of files) {
+                const filePath = typeof file === "string" ? file : file.path;
+                const hashAlgo = typeof file === "string" ? "sha256" : (file.hashAlgorithm || "sha256");
+                const fileHash = hashFile(filePath, hashAlgo);
+                const fileHashHex = `0x${fileHash}`;
+                // Compute message hash locally (no API call needed)
+                const messageHash = hashMessage(fileHashHex);
+                const signature = await account.signMessage({ message: fileHashHex });
+                results.push({
+                    type: "file",
+                    file: filePath,
+                    fileHash: fileHashHex,
+                    hashAlgorithm: hashAlgo,
+                    messageHash: messageHash,
+                    signature,
+                    signer: account.address,
+                });
+            }
+            // Save to file if requested
+            if (options.output) {
+                require("fs").writeFileSync(options.output, JSON.stringify(results, null, 2));
+            }
+            if (globalOpts.json) {
+                outputJson("sign_batch", {
+                    count: results.length,
+                    signatures: results,
+                });
+            }
+            else if (!globalOpts.quiet) {
+                console.log();
+                console.log(chalk.magenta.bold(`✍️  Batch Signature Created (${results.length} items)`));
+                console.log();
+                for (const result of results) {
+                    const boxData = {
+                        Type: chalk.cyan(result.type),
+                    };
+                    if (result.type === "message") {
+                        boxData["Message"] = chalk.yellow(result.message.substring(0, 50) + (result.message.length > 50 ? "..." : ""));
+                    }
+                    else {
+                        boxData["File"] = chalk.cyan(result.file);
+                        boxData["File Hash"] = chalk.green.bold(result.fileHash);
+                    }
+                    boxData["Signature"] = chalk.yellow(result.signature);
+                    boxData["Signer"] = formatAddress(result.signer);
+                    printBox(`Signature ${results.indexOf(result) + 1}`, boxData);
+                    console.log();
+                }
+            }
+            process.exit(0);
+        }
+        catch (error) {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            if (globalOpts.json) {
+                outputError("sign_batch", error, getExitCode(error));
+            }
+            else {
+                handleError(error, globalOpts.verbose);
+            }
+            process.exit(getExitCode(error));
+        }
+    });
+    // ============================================================================
+    // Signature Verification
+    // ============================================================================
+    signCommand
+        .command("verify")
+        .description("Verify a signature")
+        .requiredOption("--signature <sig>", "Signature to verify (hex format)")
+        .requiredOption("--message <msg>", "Original message")
+        .option("--type <type>", "Signature type: eip191, eip712", "eip191")
+        .option("--domain <domain>", "EIP-712 domain (required for eip712 type)")
+        .option("--types <types>", "EIP-712 types (required for eip712 type)")
+        .option("--primary-type <type>", "EIP-712 primary type (required for eip712 type)")
+        .action(async (options, command) => {
+        try {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            const signature = options.signature;
+            const message = options.message;
+            let recoveredAddress;
+            let verified = false;
+            if (options.type === "eip712") {
+                if (!options.domain || !options.types || !options.primaryType) {
+                    throw new Error("EIP-712 verification requires --domain, --types, and --primary-type");
+                }
+                const domain = parseJsonInput(options.domain);
+                const types = parseJsonInput(options.types);
+                const messageObj = parseJsonInput(message);
+                recoveredAddress = await recoverTypedDataAddress({
+                    domain,
+                    types: types,
+                    primaryType: options.primaryType,
+                    message: messageObj,
+                    signature,
+                });
+                verified = true; // If recovery succeeds, signature is valid
+            }
+            else {
+                // EIP-191
+                recoveredAddress = await recoverMessageAddress({
+                    message,
+                    signature,
+                });
+                verified = true; // If recovery succeeds, signature is valid
+            }
+            if (globalOpts.json) {
+                outputJson("verify_signature", {
+                    verified,
+                    recoveredAddress,
+                    signature,
+                    message,
+                    type: options.type,
+                });
+            }
+            else if (!globalOpts.quiet) {
+                console.log();
+                console.log(chalk.magenta.bold("🔍 Signature Verification"));
+                console.log();
+                const boxData = {
+                    "Signature Type": chalk.cyan(options.type.toUpperCase()),
+                    Verified: verified ? chalk.green("✅ Yes") : chalk.red("❌ No"),
+                    "Recovered Address": formatAddress(recoveredAddress),
+                    Signature: chalk.yellow(signature),
+                };
+                printBox("Verification Result", boxData);
+                console.log();
+            }
+            process.exit(verified ? 0 : 1);
+        }
+        catch (error) {
+            const globalOpts = command.parent?.parent?.opts() || {};
+            if (globalOpts.json) {
+                outputError("verify_signature", error, getExitCode(error));
+            }
+            else {
+                handleError(error, globalOpts.verbose);
+            }
+            process.exit(getExitCode(error));
+        }
+    });
+    return signCommand;
+}
+// ============================================================================
+// Interactive Mode
+// ============================================================================
+async function startInteractiveMode(globalOpts) {
+    try {
+        await ensureWalletUnlocked();
+        let privateKey = getPrivateKey(globalOpts.privateKey);
+        if (!isConfigured(globalOpts.privateKey)) {
+            privateKey = await promptForPrivateKey();
+        }
+        const account = privateKeyToAccount(privateKey);
+        console.log();
+        console.log(chalk.magenta.bold("✍️  Interactive Signing Mode"));
+        console.log();
+        const { signatureType } = await inquirer.prompt([
+            {
+                type: "list",
+                name: "signatureType",
+                message: "What would you like to sign?",
+                choices: [
+                    { name: "Message (EIP-191)", value: "message" },
+                    { name: "File", value: "file" },
+                    { name: "Transaction", value: "transaction" },
+                    { name: "EIP-712 Structured Data", value: "eip712" },
+                    { name: "Permit2 Authorization", value: "permit2" },
+                ],
+            },
+        ]);
+        switch (signatureType) {
+            case "message": {
+                const { message } = await inquirer.prompt([
+                    {
+                        type: "input",
+                        name: "message",
+                        message: "Enter message to sign:",
+                    },
+                ]);
+                const { verify } = await inquirer.prompt([
+                    {
+                        type: "confirm",
+                        name: "verify",
+                        message: "Verify signature after signing?",
+                        default: true,
+                    },
+                ]);
+                // Execute message signing (no API call needed)
+                const messageHash = hashMessage(message);
+                const signature = await account.signMessage({ message });
+                let verified = false;
+                if (verify) {
+                    const recovered = await recoverMessageAddress({
+                        message,
+                        signature,
+                    });
+                    verified = recovered.toLowerCase() === account.address.toLowerCase();
+                }
+                console.log();
+                console.log(chalk.magenta.bold("✍️  Signature Created"));
+                console.log();
+                const boxData = {
+                    "Signature Type": chalk.cyan("EIP-191"),
+                    Message: chalk.yellow(message),
+                    "Message Hash": chalk.green.bold(messageHash),
+                    Signature: chalk.yellow(signature),
+                    Signer: formatAddress(account.address),
+                };
+                if (verify) {
+                    boxData["Verified"] = verified ? chalk.green("✅") : chalk.red("❌");
+                }
+                printBox("Signature Data", boxData);
+                console.log();
+                break;
+            }
+            case "file": {
+                const { filePath } = await inquirer.prompt([
+                    {
+                        type: "input",
+                        name: "filePath",
+                        message: "Enter file path:",
+                        validate: (input) => {
+                            if (!existsSync(input)) {
+                                return "File does not exist";
+                            }
+                            return true;
+                        },
+                    },
+                ]);
+                const { hashAlgo } = await inquirer.prompt([
+                    {
+                        type: "list",
+                        name: "hashAlgo",
+                        message: "Hash algorithm:",
+                        choices: [
+                            { name: "SHA-256", value: "sha256" },
+                            { name: "Keccak-256 (Ethereum)", value: "keccak256" },
+                        ],
+                        default: "sha256",
+                    },
+                ]);
+                const fileHash = hashFile(filePath, hashAlgo);
+                const fileHashHex = `0x${fileHash}`;
+                // Compute message hash locally (no API call needed)
+                const messageHash = hashMessage(fileHashHex);
+                const signature = await account.signMessage({ message: fileHashHex });
+                console.log();
+                console.log(chalk.magenta.bold("✍️  File Signature Created"));
+                console.log();
+                const boxData = {
+                    File: chalk.cyan(filePath),
+                    "Hash Algorithm": chalk.cyan(hashAlgo),
+                    "File Hash": chalk.green.bold(fileHashHex),
+                    "Message Hash": chalk.green.bold(messageHash),
+                    Signature: chalk.yellow(signature),
+                    Signer: formatAddress(account.address),
+                };
+                printBox("Signature Data", boxData);
+                console.log();
+                break;
+            }
+            default:
+                console.log(chalk.yellow(`Interactive mode for ${signatureType} coming soon!`));
+                console.log(chalk.dim(`Use: httpcat sign ${signatureType} --help for CLI usage`));
+        }
+    }
+    catch (error) {
+        handleError(error, globalOpts.verbose);
+        process.exit(getExitCode(error));
+    }
+}
+//# sourceMappingURL=sign.js.map