miladyai 2.0.0-alpha.27

package/dist/api/permissions-routes.js

@@ -0,0 +1,109 @@
+//#region src/api/permissions-routes.ts
+async function handlePermissionRoutes(ctx) {
+	const { req, res, method, pathname, state, readJsonBody, json, error, saveConfig, scheduleRuntimeRestart } = ctx;
+	if (!pathname.startsWith("/api/permissions")) return false;
+	if (method === "GET" && pathname === "/api/permissions") {
+		json(res, {
+			permissions: state.permissionStates ?? {},
+			platform: process.platform,
+			shellEnabled: state.shellEnabled ?? true
+		});
+		return true;
+	}
+	if (method === "GET" && pathname === "/api/permissions/shell") {
+		const enabled = state.shellEnabled ?? true;
+		if (!state.permissionStates) state.permissionStates = {};
+		const shellState = state.permissionStates.shell;
+		const permission = {
+			id: "shell",
+			status: enabled ? "granted" : "denied",
+			lastChecked: shellState?.lastChecked ?? Date.now(),
+			canRequest: false
+		};
+		state.permissionStates.shell = permission;
+		json(res, {
+			enabled,
+			...permission,
+			permission
+		});
+		return true;
+	}
+	if (method === "GET" && pathname.startsWith("/api/permissions/")) {
+		const permId = pathname.slice(17);
+		if (!permId || permId.includes("/")) {
+			error(res, "Invalid permission ID", 400);
+			return true;
+		}
+		const permState = (state.permissionStates ?? {})[permId];
+		if (!permState) {
+			json(res, {
+				id: permId,
+				status: "not-applicable",
+				lastChecked: Date.now(),
+				canRequest: false
+			});
+			return true;
+		}
+		json(res, permState);
+		return true;
+	}
+	if (method === "POST" && pathname === "/api/permissions/refresh") {
+		json(res, {
+			message: "Permission refresh requested",
+			action: "ipc:permissions:refresh"
+		});
+		return true;
+	}
+	if (method === "POST" && pathname.match(/^\/api\/permissions\/[^/]+\/request$/)) {
+		const permId = pathname.split("/")[3];
+		json(res, {
+			message: `Permission request for ${permId}`,
+			action: `ipc:permissions:request:${permId}`
+		});
+		return true;
+	}
+	if (method === "POST" && pathname.match(/^\/api\/permissions\/[^/]+\/open-settings$/)) {
+		const permId = pathname.split("/")[3];
+		json(res, {
+			message: `Opening settings for ${permId}`,
+			action: `ipc:permissions:openSettings:${permId}`
+		});
+		return true;
+	}
+	if (method === "PUT" && pathname === "/api/permissions/shell") {
+		const body = await readJsonBody(req, res);
+		if (!body) return true;
+		const enabled = body.enabled === true;
+		state.shellEnabled = enabled;
+		if (!state.permissionStates) state.permissionStates = {};
+		state.permissionStates.shell = {
+			id: "shell",
+			status: enabled ? "granted" : "denied",
+			lastChecked: Date.now(),
+			canRequest: false
+		};
+		if (!state.config.features) state.config.features = {};
+		state.config.features.shellEnabled = enabled;
+		saveConfig(state.config);
+		if (state.runtime) scheduleRuntimeRestart(`Shell access ${enabled ? "enabled" : "disabled"}`);
+		json(res, {
+			shellEnabled: enabled,
+			permission: state.permissionStates.shell
+		});
+		return true;
+	}
+	if (method === "PUT" && pathname === "/api/permissions/state") {
+		const body = await readJsonBody(req, res);
+		if (!body) return true;
+		if (body.permissions && typeof body.permissions === "object") state.permissionStates = body.permissions;
+		json(res, {
+			updated: true,
+			permissions: state.permissionStates
+		});
+		return true;
+	}
+	return false;
+}
+
+//#endregion
+export { handlePermissionRoutes };

package/dist/api/plugin-validation.js

@@ -0,0 +1,198 @@
+//#region src/api/plugin-validation.ts
+const KEY_PREFIX_HINTS = {
+	ANTHROPIC_API_KEY: {
+		prefix: "sk-ant-",
+		label: "Anthropic"
+	},
+	OPENAI_API_KEY: {
+		prefix: "sk-",
+		label: "OpenAI"
+	},
+	GROQ_API_KEY: {
+		prefix: "gsk_",
+		label: "Groq"
+	},
+	XAI_API_KEY: {
+		prefix: "xai-",
+		label: "xAI"
+	},
+	OPENROUTER_API_KEY: {
+		prefix: "sk-or-",
+		label: "OpenRouter"
+	}
+};
+/**
+* Validate a plugin's configuration.
+*
+* Checks all required parameters (from the plugin's package.json metadata)
+* and applies format-specific warnings for known API key patterns.
+*
+* @param pluginId - The plugin identifier (e.g. "anthropic", "discord")
+* @param category - Plugin category
+* @param envKey - Primary environment variable key (legacy, used as fallback)
+* @param configKeys - All known config key names for this plugin
+* @param providedConfig - Config values being set (for PUT validation)
+* @param paramDefs - Full parameter definitions with required/sensitive metadata
+*/
+function validatePluginConfig(_pluginId, _category, envKey, configKeys, providedConfig, paramDefs) {
+	const errors = [];
+	const warnings = [];
+	const allowedConfigKeys = new Set(configKeys);
+	const canonicalKeyByNormalized = new Map(configKeys.map((key) => [key.trim().toUpperCase(), key]));
+	if (providedConfig) for (const key of Object.keys(providedConfig)) {
+		if (allowedConfigKeys.has(key)) continue;
+		const canonical = canonicalKeyByNormalized.get(key.trim().toUpperCase());
+		if (canonical) {
+			errors.push({
+				field: key,
+				message: `${key} does not match declared config key casing; use ${canonical}`
+			});
+			continue;
+		}
+		errors.push({
+			field: key,
+			message: `${key} is not a declared config key for this plugin`
+		});
+	}
+	if (paramDefs && paramDefs.length > 0) for (const param of paramDefs) {
+		if (!param.required) continue;
+		const value = providedConfig?.[param.key] ?? process.env[param.key];
+		if (!value || !value.trim()) {
+			if (param.default) warnings.push({
+				field: param.key,
+				message: `${param.key} is not set (will use default: ${param.default})`
+			});
+			else errors.push({
+				field: param.key,
+				message: `${param.key} is required but not set`
+			});
+			continue;
+		}
+		const hint = KEY_PREFIX_HINTS[param.key];
+		if (hint && !value.startsWith(hint.prefix)) warnings.push({
+			field: param.key,
+			message: `${hint.label} key should start with "${hint.prefix}" — the current value may be invalid`
+		});
+		if (param.sensitive && value.trim().length < 10) warnings.push({
+			field: param.key,
+			message: `${param.key} looks too short (${value.trim().length} chars)`
+		});
+	}
+	else if (envKey) {
+		const currentValue = providedConfig?.[envKey] ?? process.env[envKey];
+		if (!currentValue || !currentValue.trim()) errors.push({
+			field: envKey,
+			message: `${envKey} is required but not set`
+		});
+		else {
+			const hint = KEY_PREFIX_HINTS[envKey];
+			if (hint && !currentValue.startsWith(hint.prefix)) warnings.push({
+				field: envKey,
+				message: `${hint.label} key should start with "${hint.prefix}" — the current value may be invalid`
+			});
+			if (currentValue.trim().length < 10) warnings.push({
+				field: envKey,
+				message: `${envKey} looks too short (${currentValue.trim().length} chars)`
+			});
+		}
+	}
+	return {
+		valid: errors.length === 0,
+		errors,
+		warnings
+	};
+}
+/**
+* Validate a runtime context object for null, undefined, empty, and
+* non-serializable fields.
+*
+* Used after provider + plugin resolution to detect and surface invalid
+* or malformed context early — before it reaches the agent runtime.
+*
+* @param context - The context object to validate.
+* @param maxDepth - Maximum nesting depth to inspect (default: 5).
+*/
+function validateRuntimeContext(context, maxDepth = 5) {
+	const nullFields = [];
+	const undefinedFields = [];
+	const emptyFields = [];
+	const nonSerializableFields = [];
+	function walk(obj, prefix, depth) {
+		if (depth > maxDepth) return;
+		for (const [key, value] of Object.entries(obj)) {
+			const path = prefix ? `${prefix}.${key}` : key;
+			if (value === null) {
+				nullFields.push(path);
+				continue;
+			}
+			if (value === void 0) {
+				undefinedFields.push(path);
+				continue;
+			}
+			if (typeof value === "string" && value.trim() === "") {
+				emptyFields.push(path);
+				continue;
+			}
+			if (typeof value === "function") {
+				nonSerializableFields.push(path);
+				continue;
+			}
+			if (typeof value === "symbol") {
+				nonSerializableFields.push(path);
+				continue;
+			}
+			if (typeof value === "bigint") {
+				nonSerializableFields.push(path);
+				continue;
+			}
+			if (typeof value === "object" && !Array.isArray(value) && !(value instanceof Date) && !(value instanceof RegExp)) walk(value, path, depth + 1);
+		}
+	}
+	walk(context, "", 0);
+	let serializable = true;
+	if (nonSerializableFields.length > 0) serializable = false;
+	else try {
+		JSON.stringify(context);
+	} catch {
+		serializable = false;
+	}
+	return {
+		valid: nullFields.length === 0 && undefinedFields.length === 0 && emptyFields.length === 0,
+		serializable,
+		nullFields,
+		undefinedFields,
+		emptyFields,
+		nonSerializableFields
+	};
+}
+/**
+* Log the full resolved plugin/provider context for debugging.
+*
+* Prints a structured summary of all loaded plugins, providers,
+* and any validation issues detected in the context.
+*
+* @param plugins - Array of resolved plugin names.
+* @param providers - Array of resolved provider names.
+* @param context - The runtime context object to inspect.
+* @param log - Logger function (defaults to console.debug).
+*/
+function debugLogResolvedContext(plugins, providers, context, log = console.debug) {
+	log("[milady:debug] ══════ Resolved Plugin/Provider Context ══════");
+	log(`[milady:debug] Plugins loaded (${plugins.length}):`);
+	for (const name of plugins) log(`[milady:debug]   • ${name}`);
+	log(`[milady:debug] Providers loaded (${providers.length}):`);
+	for (const name of providers) log(`[milady:debug]   • ${name}`);
+	const validation = validateRuntimeContext(context);
+	if (validation.valid && validation.serializable) log("[milady:debug] Context validation: ✓ PASS (all fields valid, serializable)");
+	else {
+		log("[milady:debug] Context validation: ✗ ISSUES DETECTED");
+		if (validation.nullFields.length > 0) log(`[milady:debug]   null fields: ${validation.nullFields.join(", ")}`);
+		if (validation.undefinedFields.length > 0) log(`[milady:debug]   undefined fields: ${validation.undefinedFields.join(", ")}`);
+		if (validation.emptyFields.length > 0) log(`[milady:debug]   empty fields: ${validation.emptyFields.join(", ")}`);
+		if (validation.nonSerializableFields.length > 0) log(`[milady:debug]   non-serializable fields: ${validation.nonSerializableFields.join(", ")}`);
+	}
+	log("[milady:debug] ══════════════════════════════════════════════");
+}
+
+//#endregion
+export { debugLogResolvedContext, validatePluginConfig, validateRuntimeContext };

package/dist/api/provider-switch-config.js

@@ -0,0 +1,41 @@
+import { SUBSCRIPTION_PROVIDER_MAP } from "../auth/types.js";
+
+//#region src/api/provider-switch-config.ts
+/**
+* Apply subscription provider configuration to the config object.
+*
+* Sets `agents.defaults.subscriptionProvider` and `agents.defaults.model.primary`
+* so the runtime auto-detects the correct provider on restart.
+*
+* Mutates `config` in place.
+*/
+function applySubscriptionProviderConfig(config, provider) {
+	config.agents ??= {};
+	config.agents.defaults ??= {};
+	const defaults = config.agents.defaults;
+	const subscriptionKey = provider === "openai-subscription" ? "openai-codex" : provider;
+	const modelProvider = SUBSCRIPTION_PROVIDER_MAP[subscriptionKey];
+	if (modelProvider) {
+		defaults.subscriptionProvider = subscriptionKey;
+		defaults.model = {
+			...defaults.model,
+			primary: modelProvider
+		};
+	}
+}
+/**
+* Clear subscription provider configuration from the config object.
+*
+* Removes `agents.defaults.subscriptionProvider` so the runtime
+* doesn't try to auto-detect a subscription provider on restart.
+*
+* Mutates `config` in place.
+*/
+function clearSubscriptionProviderConfig(config) {
+	config.agents ??= {};
+	config.agents.defaults ??= {};
+	delete config.agents.defaults.subscriptionProvider;
+}
+
+//#endregion
+export { applySubscriptionProviderConfig, clearSubscriptionProviderConfig };

package/dist/api/registry-routes.js

@@ -0,0 +1,86 @@
+import { parseClampedInteger } from "../utils/number-parsing.js";
+
+//#region src/api/registry-routes.ts
+async function handleRegistryRoutes(ctx) {
+	const { res, method, pathname, url, json, error, getPluginManager, getLoadedPluginNames, getBundledPluginIds } = ctx;
+	if (method === "GET" && pathname === "/api/registry/plugins") {
+		try {
+			const pluginManager = getPluginManager();
+			const registry = await pluginManager.refreshRegistry();
+			const installed = await pluginManager.listInstalledPlugins();
+			const installedNames = new Set(installed.map((plugin) => plugin.name));
+			const loadedNames = new Set(getLoadedPluginNames());
+			const bundledIds = getBundledPluginIds();
+			const plugins = Array.from(registry.values()).map((plugin) => {
+				const shortId = plugin.name.replace(/^@[^/]+\/plugin-/, "").replace(/^@[^/]+\//, "").replace(/^plugin-/, "");
+				return {
+					...plugin,
+					installed: installedNames.has(plugin.name),
+					installedVersion: installed.find((entry) => entry.name === plugin.name)?.version ?? null,
+					loaded: loadedNames.has(plugin.name) || loadedNames.has(plugin.name.replace("@elizaos/", "")),
+					bundled: bundledIds.has(shortId)
+				};
+			});
+			json(res, {
+				count: plugins.length,
+				plugins
+			});
+		} catch (err) {
+			error(res, `Failed to fetch registry: ${err instanceof Error ? err.message : String(err)}`, 502);
+		}
+		return true;
+	}
+	if (method === "GET" && pathname.startsWith("/api/registry/plugins/") && pathname.length > 22) {
+		const name = decodeURIComponent(pathname.slice(22));
+		try {
+			const info = await getPluginManager().getRegistryPlugin(name);
+			if (!info) {
+				error(res, `Plugin "${name}" not found in registry`, 404);
+				return true;
+			}
+			json(res, { plugin: info });
+		} catch (err) {
+			error(res, `Failed to look up plugin: ${err instanceof Error ? err.message : String(err)}`, 502);
+		}
+		return true;
+	}
+	if (method === "GET" && pathname === "/api/registry/search") {
+		const query = url.searchParams.get("q") || "";
+		if (!query.trim()) {
+			error(res, "Query parameter 'q' is required", 400);
+			return true;
+		}
+		try {
+			const limitParam = url.searchParams.get("limit");
+			const limit = limitParam ? parseClampedInteger(limitParam, {
+				min: 1,
+				max: 50,
+				fallback: 15
+			}) : 15;
+			const results = await getPluginManager().searchRegistry(query, limit);
+			json(res, {
+				query,
+				count: results.length,
+				results
+			});
+		} catch (err) {
+			error(res, `Search failed: ${err instanceof Error ? err.message : String(err)}`, 502);
+		}
+		return true;
+	}
+	if (method === "POST" && pathname === "/api/registry/refresh") {
+		try {
+			json(res, {
+				ok: true,
+				count: (await getPluginManager().refreshRegistry()).size
+			});
+		} catch (err) {
+			error(res, `Refresh failed: ${err instanceof Error ? err.message : String(err)}`, 502);
+		}
+		return true;
+	}
+	return false;
+}
+
+//#endregion
+export { handleRegistryRoutes };

package/dist/api/registry-service.js

@@ -0,0 +1,164 @@
+import { logger } from "@elizaos/core";
+import { ethers } from "ethers";
+
+//#region src/api/registry-service.ts
+/**
+* ERC-8004 Agent Identity Registry service.
+*
+* Handles all interactions with the MiladyAgentRegistry contract:
+* - Registration (self and delegated)
+* - Profile updates
+* - Metadata (tokenURI) management
+* - Status queries
+*/
+const REGISTRY_ABI = [
+	"function registerAgent(string,string,bytes32,string) external returns (uint256)",
+	"function registerAgentFor(address,string,string,bytes32,string) external returns (uint256)",
+	"function updateAgent(string,bytes32) external",
+	"function updateAgentProfile(string,string,bytes32,string) external",
+	"function updateTokenURI(uint256,string) external",
+	"function deactivateAgent() external",
+	"function reactivateAgent() external",
+	"function getAgentInfo(uint256) view returns (string,string,bytes32,bool)",
+	"function addressToTokenId(address) view returns (uint256)",
+	"function isRegistered(address) view returns (bool)",
+	"function getTokenId(address) view returns (uint256)",
+	"function totalAgents() view returns (uint256)",
+	"function isEndpointTaken(string) view returns (bool)",
+	"function balanceOf(address) view returns (uint256)",
+	"function ownerOf(uint256) view returns (address)",
+	"function tokenURI(uint256) view returns (string)",
+	"event AgentRegistered(uint256 indexed tokenId, address indexed owner, string name, string endpoint)",
+	"event AgentUpdated(uint256 indexed tokenId, string endpoint, bytes32 capabilitiesHash)"
+];
+const DEFAULT_CAPABILITIES_HASH = ethers.id("milady-agent");
+var RegistryService = class {
+	constructor(txService, registryAddress) {
+		this.txService = txService;
+		this.registryAddress = registryAddress;
+		this.contract = txService.getContract(registryAddress, REGISTRY_ABI);
+	}
+	get address() {
+		return this.txService.address;
+	}
+	get contractAddress() {
+		return this.registryAddress;
+	}
+	async getChainId() {
+		return this.txService.getChainId();
+	}
+	/**
+	* Get the full registration status for the current wallet.
+	*/
+	async getStatus() {
+		const addr = this.txService.address;
+		const [registered, totalAgentsBN] = await Promise.all([this.contract.isRegistered(addr), this.contract.totalAgents()]);
+		if (!registered) return {
+			registered: false,
+			tokenId: 0,
+			agentName: "",
+			agentEndpoint: "",
+			capabilitiesHash: "",
+			isActive: false,
+			tokenURI: "",
+			walletAddress: addr,
+			totalAgents: Number(totalAgentsBN)
+		};
+		const tokenId = Number(await this.contract.getTokenId(addr));
+		const [[name, endpoint, capHash, isActive], uri] = await Promise.all([this.contract.getAgentInfo(tokenId), this.contract.tokenURI(tokenId)]);
+		return {
+			registered: true,
+			tokenId,
+			agentName: name,
+			agentEndpoint: endpoint,
+			capabilitiesHash: capHash,
+			isActive,
+			tokenURI: uri,
+			walletAddress: addr,
+			totalAgents: Number(totalAgentsBN)
+		};
+	}
+	/**
+	* Register the current wallet as an agent.
+	* The NFT is minted to the wallet address stored in EVM_PRIVATE_KEY.
+	*/
+	async register(params) {
+		const capHash = params.capabilitiesHash || DEFAULT_CAPABILITIES_HASH;
+		logger.info(`[registry] Registering agent "${params.name}" from ${this.txService.address}`);
+		const nonce = await this.txService.getFreshNonce();
+		const tx = await this.contract.registerAgent(params.name, params.endpoint, capHash, params.tokenURI, { nonce });
+		logger.info(`[registry] Registration tx submitted: ${tx.hash}`);
+		const receipt = await tx.wait();
+		const iface = new ethers.Interface(REGISTRY_ABI);
+		let tokenId = 0;
+		for (const log of receipt.logs) {
+			const parsed = iface.parseLog({
+				topics: log.topics,
+				data: log.data
+			});
+			if (parsed && parsed.name === "AgentRegistered") {
+				tokenId = Number(parsed.args[0]);
+				break;
+			}
+		}
+		if (tokenId === 0) tokenId = Number(await this.contract.getTokenId(this.txService.address));
+		logger.info(`[registry] Agent registered: tokenId=${tokenId} txHash=${receipt.hash}`);
+		return {
+			tokenId,
+			txHash: receipt.hash
+		};
+	}
+	/**
+	* Update the tokenURI (metadata pointer) for the current wallet's agent.
+	* Called when the character is edited.
+	*/
+	async updateTokenURI(newURI) {
+		const tokenId = Number(await this.contract.getTokenId(this.txService.address));
+		if (tokenId === 0) throw new Error("Agent not registered, cannot update token URI");
+		logger.info(`[registry] Updating tokenURI for token ${tokenId}: ${newURI}`);
+		const nonce = await this.txService.getFreshNonce();
+		const receipt = await (await this.contract.updateTokenURI(tokenId, newURI, { nonce })).wait();
+		logger.info(`[registry] TokenURI updated: txHash=${receipt.hash}`);
+		return receipt.hash;
+	}
+	/**
+	* Update the agent's endpoint and capabilities hash.
+	*/
+	async updateAgent(endpoint, capabilitiesHash) {
+		const capHash = capabilitiesHash || DEFAULT_CAPABILITIES_HASH;
+		logger.info(`[registry] Updating agent profile: endpoint=${endpoint}`);
+		const nonce = await this.txService.getFreshNonce();
+		const receipt = await (await this.contract.updateAgent(endpoint, capHash, { nonce })).wait();
+		logger.info(`[registry] Agent updated: txHash=${receipt.hash}`);
+		return receipt.hash;
+	}
+	/**
+	* Check if a specific address is registered.
+	*/
+	/**
+	* Sync the full agent profile on-chain: name, endpoint, capabilities, and tokenURI.
+	* Called when the character is edited and user wants to push changes to chain.
+	*/
+	async syncProfile(params) {
+		const capHash = params.capabilitiesHash || DEFAULT_CAPABILITIES_HASH;
+		logger.info(`[registry] Syncing profile: name="${params.name}" endpoint="${params.endpoint}"`);
+		const nonce = await this.txService.getFreshNonce();
+		const tx = await this.contract.updateAgentProfile(params.name, params.endpoint, capHash, params.tokenURI, { nonce });
+		logger.info(`[registry] Sync tx submitted: ${tx.hash}`);
+		const receipt = await tx.wait();
+		logger.info(`[registry] Profile synced: txHash=${receipt.hash}`);
+		return receipt.hash;
+	}
+	async isRegistered(address) {
+		return this.contract.isRegistered(address);
+	}
+	/**
+	* Build the default capabilities hash used for Milady agents.
+	*/
+	static defaultCapabilitiesHash() {
+		return DEFAULT_CAPABILITIES_HASH;
+	}
+};
+
+//#endregion
+export { RegistryService };