minara 0.1.5 → 0.2.0

package/dist/touchid.js

@@ -0,0 +1,181 @@
+// ═══════════════════════════════════════════════════════════════════════════
+//  Touch ID (macOS) — biometric verification for sensitive operations
+// ═══════════════════════════════════════════════════════════════════════════
+import { execFileSync } from 'node:child_process';
+import { existsSync, writeFileSync, unlinkSync, chmodSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { platform } from 'node:os';
+import chalk from 'chalk';
+import { loadConfig, getMinaraDir } from './config.js';
+// Bump this when SWIFT_SOURCE changes to force recompilation
+const TOUCHID_BINARY_VERSION = '1';
+const SWIFT_SOURCE = `
+import Foundation
+import LocalAuthentication
+
+// Mode: "check" = just check availability, "auth" = perform authentication
+let mode = CommandLine.arguments.count > 1 ? CommandLine.arguments[1] : "auth"
+let context = LAContext()
+var error: NSError?
+
+guard context.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) else {
+    let msg = error?.localizedDescription ?? "Touch ID not available"
+    fputs("unavailable:\\(msg)\\n", stderr)
+    exit(2)
+}
+
+if mode == "check" {
+    print("available")
+    exit(0)
+}
+
+// Auth mode — prompt for Touch ID
+let reason = CommandLine.arguments.count > 2
+    ? CommandLine.arguments[2]
+    : "Minara CLI: Authorize transaction"
+
+let semaphore = DispatchSemaphore(value: 0)
+var authSuccess = false
+
+context.evaluatePolicy(
+    .deviceOwnerAuthenticationWithBiometrics,
+    localizedReason: reason
+) { result, authError in
+    authSuccess = result
+    if !result {
+        let msg = authError?.localizedDescription ?? "Authentication failed"
+        fputs("failed:\\(msg)\\n", stderr)
+    }
+    semaphore.signal()
+}
+
+semaphore.wait()
+exit(authSuccess ? 0 : 1)
+`;
+// ─── Binary management ───────────────────────────────────────────────────
+const BINARY_NAME = 'touchid_auth';
+const VERSION_FILE = 'touchid_auth.version';
+function getBinaryPath() {
+    return join(getMinaraDir(), BINARY_NAME);
+}
+function getVersionPath() {
+    return join(getMinaraDir(), VERSION_FILE);
+}
+function isBinaryUpToDate() {
+    const binaryPath = getBinaryPath();
+    const versionPath = getVersionPath();
+    if (!existsSync(binaryPath) || !existsSync(versionPath))
+        return false;
+    try {
+        const ver = readFileSync(versionPath, 'utf-8').trim();
+        return ver === TOUCHID_BINARY_VERSION;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Compile the Touch ID Swift helper binary (cached in ~/.minara/).
+ * Returns the path to the compiled binary.
+ */
+function ensureBinary() {
+    const binaryPath = getBinaryPath();
+    if (isBinaryUpToDate())
+        return binaryPath;
+    const dir = getMinaraDir();
+    const sourcePath = join(dir, 'touchid_auth.swift');
+    writeFileSync(sourcePath, SWIFT_SOURCE, 'utf-8');
+    try {
+        execFileSync('/usr/bin/swiftc', [
+            '-O', // optimized build
+            '-o', binaryPath,
+            sourcePath,
+        ], {
+            timeout: 120_000, // 2 min timeout for first compile
+            stdio: 'pipe',
+        });
+        chmodSync(binaryPath, 0o700);
+        writeFileSync(getVersionPath(), TOUCHID_BINARY_VERSION, 'utf-8');
+    }
+    catch (err) {
+        // Clean up on failure
+        if (existsSync(binaryPath))
+            unlinkSync(binaryPath);
+        const msg = err instanceof Error ? err.message : String(err);
+        throw new Error(`Failed to compile Touch ID helper: ${msg}`);
+    }
+    finally {
+        if (existsSync(sourcePath))
+            unlinkSync(sourcePath);
+    }
+    return binaryPath;
+}
+// ─── Public API ──────────────────────────────────────────────────────────
+/**
+ * Check whether Touch ID hardware is available on this machine.
+ * Returns `false` on non-macOS or when hardware is absent / not enrolled.
+ */
+export function isTouchIdAvailable() {
+    if (platform() !== 'darwin')
+        return false;
+    try {
+        const binary = ensureBinary();
+        execFileSync(binary, ['check'], { timeout: 10_000, stdio: 'pipe' });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Perform a Touch ID verification.
+ * Resolves on success, throws on failure or cancellation.
+ */
+export function verifyTouchId(reason) {
+    const binary = ensureBinary();
+    const args = ['auth'];
+    if (reason)
+        args.push(reason);
+    execFileSync(binary, args, { timeout: 60_000, stdio: ['pipe', 'pipe', 'pipe'] });
+}
+/**
+ * If Touch ID is enabled in config, prompt the user for biometric
+ * verification. Exits the process on failure.
+ *
+ * Call this before any sensitive financial operation.
+ * On non-macOS platforms a warning is shown and execution continues.
+ */
+export async function requireTouchId() {
+    const config = loadConfig();
+    if (!config.touchId)
+        return; // Touch ID not enabled — no-op
+    if (platform() !== 'darwin') {
+        console.log(chalk.yellow('⚠'), 'Touch ID is only available on macOS. Skipping biometric check.');
+        return;
+    }
+    console.log('');
+    console.log(chalk.blue('🔐'), chalk.bold('Touch ID verification required'));
+    try {
+        verifyTouchId();
+        console.log(chalk.green('✔'), 'Touch ID verified');
+        console.log('');
+    }
+    catch (err) {
+        // Parse stderr for details
+        const stderr = (err && typeof err === 'object' && 'stderr' in err)
+            ? err.stderr?.toString().trim()
+            : '';
+        if (stderr.startsWith('unavailable:')) {
+            console.error(chalk.red('✖'), 'Touch ID is not available on this device.');
+            console.error(chalk.dim('  Tip: Run `minara config` to disable Touch ID protection.'));
+        }
+        else {
+            console.error(chalk.red('✖'), 'Touch ID verification failed. Operation cancelled.');
+            if (stderr) {
+                const detail = stderr.startsWith('failed:') ? stderr.slice(7) : stderr;
+                console.error(chalk.dim(`  ${detail}`));
+            }
+        }
+        process.exit(1);
+    }
+}

package/dist/types.d.ts

@@ -32,6 +32,17 @@ export interface AuthUser {
     accounts?: Record<string, unknown>;
     invitationCode?: string;
     mfaSettings?: Record<string, unknown>;
+    subscription?: {
+        planId?: number;
+        planName?: string;
+        status?: string;
+        interval?: string;
+        currentPeriodEnd?: string;
+        cancelAtPeriodEnd?: boolean;
+        [key: string]: unknown;
+    };
+    plan?: Record<string, unknown>;
+    [key: string]: unknown;
 }
 export interface DeviceAuthStartResponse {
     device_code: string;
@@ -68,7 +79,6 @@ export interface ChatRequestDTO {
     chatId?: string;
     parentMessageId?: string;
     thinking?: boolean;
-    deepresearch?: boolean;
     workMode?: string;
     platform?: string;
     message: {
@@ -292,9 +302,15 @@ export interface TokenInfo {
     name?: string;
     address?: string;
     chain?: string;
+    logo?: string;
+    description?: string;
     price?: number;
-    change24h?: number;
+    priceChange24H?: number;
+    volume?: number;
+    volume24H?: number;
     marketCap?: number;
+    fdv?: number;
+    socialUrls?: Record<string, string>;
 }
 export interface DiscoverEvent {
     id: string;
@@ -304,11 +320,44 @@ export interface DiscoverEvent {
     createdAt?: string;
 }
 export interface PaymentPlan {
-    id: string;
-    name?: string;
-    price?: number;
+    _id: string;
+    id: number;
+    name: string;
+    price: number;
+    status: string;
+    interval: 'month' | 'year';
+    rules: {
+        limitDegenMode?: number;
+        limitDeepresearch?: number;
+        limitCredit?: string;
+        limitWorkflows?: number;
+    };
+    stripePriceId?: string;
+    inviteCount?: number;
+}
+export interface CreditPackage {
+    _id: string;
+    id: number;
+    amount: number;
+    degenMode: number;
+    stripePriceId: string;
+    credit: string;
+}
+export interface PlansResponse {
+    plans: PaymentPlan[];
+    packages: CreditPackage[];
+}
+export interface CheckoutSession {
+    url?: string;
+    sessionId?: string;
+    [key: string]: unknown;
+}
+export interface CryptoCheckout {
+    url?: string;
+    address?: string;
+    amount?: number;
     currency?: string;
-    interval?: string;
+    [key: string]: unknown;
 }
 export interface GasFeeInfo {
     chain?: string;

package/dist/utils.d.ts

@@ -30,5 +30,39 @@ export declare function selectChain(message?: string, compact?: boolean): Promis
  * prints a clean error instead of a raw stack trace.
  */
 export declare function wrapAction<A extends unknown[]>(fn: (...args: A) => Promise<void>): (...args: A) => Promise<void>;
+export interface TokenDisplayInfo {
+    symbol?: string;
+    name?: string;
+    address: string;
+}
+/**
+ * Look up token metadata by address, ticker, or name.
+ *
+ * - Input starting with `$` (e.g. `$BONK`) is treated as an exact ticker
+ *   search. Results are filtered to those whose symbol matches (case-insensitive).
+ * - Otherwise the raw input is sent to the search API and may match by
+ *   address, ticker, or name.
+ *
+ * When multiple candidates remain the user is prompted to disambiguate.
+ * The returned `address` is always the resolved contract address.
+ */
+export declare function lookupToken(tokenInput: string): Promise<TokenDisplayInfo>;
+/**
+ * Format token info for display: "$BONK — Bonk" or just the address when
+ * symbol/name are unavailable.
+ */
+export declare function formatTokenLabel(token: TokenDisplayInfo): string;
+/**
+ * Prompt the user for a mandatory second confirmation before executing a
+ * fund-related operation. Controlled by `confirmBeforeTransaction` in config
+ * (default: enabled). This confirmation is independent of the `-y` flag and
+ * Touch ID — it serves as an extra safety net.
+ *
+ * @param description  Short one-line summary of the operation.
+ * @param token        Optional token metadata to highlight in the prompt.
+ *
+ * Exits the process if the user declines.
+ */
+export declare function requireTransactionConfirmation(description: string, token?: TokenDisplayInfo): Promise<void>;
 /** Open a URL in the user's default browser (cross-platform). */
 export declare function openBrowser(url: string): void;

package/dist/utils.js

@@ -2,8 +2,9 @@ import chalk from 'chalk';
 import ora from 'ora';
 import { exec } from 'node:child_process';
 import { platform } from 'node:os';
-import { select } from '@inquirer/prompts';
+import { select, confirm } from '@inquirer/prompts';
 import { SUPPORTED_CHAINS } from './types.js';
+import { loadConfig } from './config.js';
 // ─── Logging helpers ─────────────────────────────────────────────────────────
 export function success(msg) {
     console.log(chalk.green('✔'), msg);
@@ -114,6 +115,111 @@ export function wrapAction(fn) {
         }
     };
 }
+/**
+ * Look up token metadata by address, ticker, or name.
+ *
+ * - Input starting with `$` (e.g. `$BONK`) is treated as an exact ticker
+ *   search. Results are filtered to those whose symbol matches (case-insensitive).
+ * - Otherwise the raw input is sent to the search API and may match by
+ *   address, ticker, or name.
+ *
+ * When multiple candidates remain the user is prompted to disambiguate.
+ * The returned `address` is always the resolved contract address.
+ */
+export async function lookupToken(tokenInput) {
+    const isTicker = tokenInput.startsWith('$');
+    const keyword = isTicker ? tokenInput.slice(1) : tokenInput;
+    const spin = spinner('Looking up token…');
+    try {
+        const { searchTokens } = await import('./api/tokens.js');
+        const res = await searchTokens(keyword);
+        spin.stop();
+        if (!res.success || !res.data || res.data.length === 0) {
+            if (isTicker) {
+                warn(`No token found for ticker $${keyword}`);
+            }
+            return { address: tokenInput };
+        }
+        let tokens = res.data;
+        if (isTicker) {
+            const filtered = tokens.filter((t) => t.symbol?.toLowerCase() === keyword.toLowerCase());
+            if (filtered.length > 0)
+                tokens = filtered;
+        }
+        if (!isTicker) {
+            const exact = tokens.find((t) => t.address?.toLowerCase() === keyword.toLowerCase());
+            if (exact) {
+                return { symbol: exact.symbol, name: exact.name, address: exact.address ?? tokenInput };
+            }
+        }
+        if (tokens.length === 1) {
+            const t = tokens[0];
+            return { symbol: t.symbol, name: t.name, address: t.address ?? tokenInput };
+        }
+        info(`Found ${tokens.length} tokens matching "${tokenInput}"`);
+        const selected = await select({
+            message: 'Select the correct token:',
+            choices: tokens.map((t) => ({
+                name: `${t.symbol ? chalk.bold('$' + t.symbol) : '?'} — ${t.name ?? 'Unknown'}\n    ${chalk.yellow(t.address ?? '')}`,
+                value: t,
+            })),
+        });
+        return {
+            symbol: selected.symbol,
+            name: selected.name,
+            address: selected.address ?? tokenInput,
+        };
+    }
+    catch {
+        spin.stop();
+        return { address: tokenInput };
+    }
+}
+/**
+ * Format token info for display: "$BONK — Bonk" or just the address when
+ * symbol/name are unavailable.
+ */
+export function formatTokenLabel(token) {
+    if (!token.symbol)
+        return chalk.yellow(token.address);
+    const ticker = chalk.bold('$' + token.symbol);
+    return token.name ? `${ticker} ${chalk.dim('—')} ${token.name}` : ticker;
+}
+// ─── Transaction confirmation ─────────────────────────────────────────────────
+/**
+ * Prompt the user for a mandatory second confirmation before executing a
+ * fund-related operation. Controlled by `confirmBeforeTransaction` in config
+ * (default: enabled). This confirmation is independent of the `-y` flag and
+ * Touch ID — it serves as an extra safety net.
+ *
+ * @param description  Short one-line summary of the operation.
+ * @param token        Optional token metadata to highlight in the prompt.
+ *
+ * Exits the process if the user declines.
+ */
+export async function requireTransactionConfirmation(description, token) {
+    const config = loadConfig();
+    if (config.confirmBeforeTransaction === false)
+        return;
+    console.log('');
+    console.log(chalk.yellow('⚠'), chalk.bold('Transaction confirmation'));
+    if (token) {
+        const ticker = token.symbol ? '$' + token.symbol : undefined;
+        const label = [ticker, token.name].filter(Boolean).join(' — ');
+        console.log(chalk.dim('  Token    : ') + (label ? chalk.bold(label) : chalk.dim('Unknown token')));
+        console.log(chalk.dim('  Address  : ') + chalk.yellow(token.address));
+    }
+    console.log(chalk.dim(`  Action   : ${description}`));
+    console.log('');
+    const ok = await confirm({
+        message: 'Are you sure you want to proceed?',
+        default: false,
+    });
+    if (!ok) {
+        console.log(chalk.dim('Operation cancelled.'));
+        process.exit(0);
+    }
+}
 // ─── Browser ──────────────────────────────────────────────────────────────────
 /** Open a URL in the user's default browser (cross-platform). */
 export function openBrowser(url) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "minara",
-  "version": "0.1.5",
+  "version": "0.2.0",
   "description": "CLI client for Minara.ai — login, trade, deposit/withdraw, chat and more from your terminal.",
   "type": "module",
   "main": "dist/index.js",