movehat 0.2.7 → 0.2.9

package/dist/cli.js

@@ -66,7 +66,7 @@ program
 });
 program
     .command('compile')
-    .description('Compile Move smart contracts using Movement CLI')
+    .description('Compile Move smart contracts (auto-detects named addresses and updates Move.toml)')
     .action(compileCommand);
 program
     .command('run <script>')

package/dist/commands/fork/fund.js

@@ -34,9 +34,11 @@ export default async function forkFundCommand(options) {
         // Verify
         const resourceType = `0x1::coin::CoinStore<${coinType}>`;
         const coinStore = await forkManager.getResource(options.account, resourceType);
+        const { assertCoinStore } = await import('../../fork/validation.js');
+        const validated = assertCoinStore(coinStore);
         logger.newline();
         logger.success("Account funded successfully!");
-        logger.plain(`   New balance: ${coinStore.coin.value}`);
+        logger.plain(`   New balance: ${validated.coin.value}`);
         logger.newline();
     }
     catch (error) {

package/dist/commands/fork/serve.js

@@ -2,6 +2,7 @@ import { join } from 'path';
 import { existsSync } from 'fs';
 import { loadUserConfig } from '../../core/config.js';
 import { ForkServer } from '../../fork/server.js';
+import { logger } from '../../ui/index.js';
 /**
  * Fork serve command: Start a local RPC server serving the fork
  */
@@ -26,9 +27,11 @@ export default async function forkServeCommand(options) {
         }
         // Verify fork exists
         if (!existsSync(join(forkPath, 'metadata.json'))) {
-            console.error(`\nError: Fork not found at ${forkPath}`);
-            console.error(`\nCreate a fork first with:`);
-            console.error(`  movehat fork create --network <network> --name <name>`);
+            logger.newline();
+            logger.error(`Fork not found at ${forkPath}`);
+            logger.newline();
+            logger.error("Create a fork first with:");
+            logger.error("  movehat fork create --network <network> --name <name>");
             process.exit(1);
         }
         // Get port (already validated by Commander's parsePort in cli.ts)
@@ -38,7 +41,8 @@ export default async function forkServeCommand(options) {
         const server = new ForkServer(forkPath, port, host);
         // Handle graceful shutdown (use 'once' to prevent duplicate shutdowns)
         const shutdown = async () => {
-            console.log('\n\nShutting down...');
+            logger.newline();
+            logger.step("Shutting down...");
             await server.stop();
             process.exit(0);
         };
@@ -59,7 +63,8 @@ export default async function forkServeCommand(options) {
     }
     catch (error) {
         const msg = error instanceof Error ? error.message : String(error);
-        console.error(`\nError starting fork server:`, msg);
+        logger.newline();
+        logger.error(`Error starting fork server: ${msg}`);
         process.exit(1);
     }
 }

package/dist/commands/test-move.js

@@ -1,7 +1,9 @@
 import { runMoveTests } from "../helpers/move-tests.js";
+import { logger } from "../ui/index.js";
 export default async function testMoveCommand(options = {}) {
     try {
-        console.log("Running Move unit tests...\n");
+        logger.step("Running Move unit tests...");
+        logger.newline();
         await runMoveTests({
             filter: options.filter,
             ignoreWarnings: options.ignoreWarnings,
@@ -10,10 +12,11 @@ export default async function testMoveCommand(options = {}) {
         process.exit(0);
     }
     catch (err) {
-        console.error("\n✗ Move tests failed");
+        logger.newline();
+        logger.error("Move tests failed");
         const msg = err instanceof Error ? err.message : String(err);
         if (msg) {
-            console.error(`   ${msg}`);
+            logger.error(`   ${msg}`);
         }
         process.exit(1);
     }

package/dist/core/Publisher.d.ts

@@ -1,4 +1,4 @@
-import { Account } from "@aptos-labs/ts-sdk";
+import { Account, Aptos } from "@aptos-labs/ts-sdk";
 import { MovehatConfig } from "../types/config.js";
 import { DeploymentInfo } from "./deployments.js";
 import type { ChildProcessAdapter } from "../utils/childProcessAdapter.js";
@@ -12,6 +12,13 @@ export interface PublishInput {
     config: MovehatConfig;
     account: Account;
     packageDir?: string | undefined;
+    /**
+     * Publish via the TypeScript SDK instead of the Movement CLI. Set when the
+     * backend is movelite, whose REST responses the Movement CLI cannot parse.
+     * Requires `aptos`.
+     */
+    sdkPublish?: boolean | undefined;
+    aptos?: Aptos | undefined;
 }
 /**
  * Publishes a Move module via the Movement CLI.
@@ -22,4 +29,16 @@ export declare class Publisher {
     private readonly deps;
     constructor(deps?: PublisherDeps);
     deploy(input: PublishInput): Promise<DeploymentInfo>;
+    /**
+     * Publish via the Movement CLI (`movement move publish`). The default path
+     * for real Movement nodes, forks, and testnet. Returns the parsed tx hash.
+     */
+    private publishViaCli;
+    /**
+     * Publish the already-built package via the TypeScript SDK. Used when the
+     * backend is movelite. Reads the compiled artifacts the CLI build produced
+     * under `<dir>/build/<pkg>/`, submits a `0x1::code::publish_package_txn`,
+     * and waits for it. Returns the on-chain tx hash.
+     */
+    private publishViaSdk;
 }

package/dist/core/Publisher.js

@@ -1,4 +1,6 @@
 import { PrivateKey, PrivateKeyVariants } from "@aptos-labs/ts-sdk";
+import { existsSync, readFileSync, readdirSync } from "node:fs";
+import { join } from "node:path";
 import { extractNamedAddresses } from "../commands/compile.js";
 import { saveDeployment, loadDeployment, validateSafeName, } from "./deployments.js";
 import { validatePathSafety } from "./shell.js";
@@ -74,103 +76,34 @@ export class Publisher {
                         .join(","),
                 ]
                 : [];
+            // The SDK publish path reads package-metadata.bcs from the build
+            // output; `--save-metadata` makes the build emit it. The CLI path
+            // doesn't need it (`move publish` rebuilds metadata internally).
+            const saveMetadataArgs = input.sdkPublish ? ["--save-metadata"] : [];
             // Build first with named addresses
             const buildResult = await withSpinner("Building package", () => runCli({
                 command: "movement",
-                args: ["move", "build", "--package-dir", safeDir, ...namedAddrArgs],
+                args: [
+                    "move",
+                    "build",
+                    "--package-dir",
+                    safeDir,
+                    ...namedAddrArgs,
+                    ...saveMetadataArgs,
+                ],
                 timeoutMs: 120000, // 2 minutes for git dependency downloads
             }, { adapter: this.deps.adapter }));
             if (isVerbose() && buildResult.stdout) {
                 logger.info(buildResult.stdout.trim(), 2);
             }
-            // Publish using direct parameters (avoid config file issues)
-            // Format the private key into AIP-80 shape so the Movement CLI
-            // doesn't emit its raw-hex deprecation warning. `formatPrivateKey`
-            // is idempotent for already-prefixed inputs.
-            const formattedPrivateKey = PrivateKey.formatPrivateKey(config.privateKey, PrivateKeyVariants.Ed25519);
-            // Move.toml is NOT mutated. All address overrides flow through
-            // the `--named-addresses` flag above, which Movement CLI applies
-            // during build + publish. Rewriting Move.toml on disk would risk
-            // leaving the user's file mutated if the process died before the
-            // restore step.
-            let publishOut = "";
-            let publishErr = "";
-            // Pass the private key to Movement CLI via a 0o600 temp file
-            // (`--private-key-file <path>`) and the on-chain address via
-            // `--sender-account <addr>`. This avoids the CLI's profile-yaml
-            // lookup chain entirely — no CWD / HOME / .aptos / .movement
-            // dance, no CLI-variant dependency.
-            const keyFilePath = writeTempKeyFile(formattedPrivateKey);
-            // Register a sync cleanup hook BEFORE invoking the CLI. If the
-            // user Ctrl+C's (or the process is SIGTERM'd) between the file
-            // write and our finally, the SIGINT handler iterates every
-            // registered callback and unlinks this deploy's key file
-            // synchronously so the private key never persists on disk after
-            // an abnormal exit. The signal-handler path uses the
-            // best-effort variant because the event loop is dead and we
-            // cannot logger.warning.
-            ensureSignalHandler();
-            const syncCleanup = () => removeKeyFileSyncBestEffort(keyFilePath);
-            cleanupCallbacks.add(syncCleanup);
-            try {
-                // Execute publish command. Private key reaches the CLI via the
-                // temp key file path (--private-key-file) — never on the
-                // command line — so it can't leak through `ps aux`. runCli's
-                // stdout/stderr redaction still applies as defense in depth
-                // for any `ed25519-priv-…` substring that surfaces in CLI
-                // output (Movement CLI sometimes echoes the key on error).
-                const publishResult = await withSpinner("Publishing to blockchain", () => runCli({
-                    command: "movement",
-                    args: [
-                        "move",
-                        "publish",
-                        "--package-dir",
-                        safeDir,
-                        "--url",
-                        config.rpc,
-                        "--private-key-file",
-                        keyFilePath,
-                        "--sender-account",
-                        deployerAddress,
-                        "--assume-yes",
-                        ...namedAddrArgs,
-                    ],
-                    timeoutMs: 120000, // 2 minutes for blockchain transactions
-                }, { adapter: this.deps.adapter }));
-                publishOut = publishResult.stdout;
-                publishErr = publishResult.stderr;
-                // Both stdout and stderr from the publish subprocess are gated
-                // behind isVerbose() — Movement CLI emits progress to both
-                // streams ("Compiling, may take a little while..."), so a
-                // visible stderr line is not by itself a failure signal. The
-                // surrounding withSpinner converts the runCli throw on real
-                // failure into the visible spinner.fail() output instead.
-                if (isVerbose() && publishOut)
-                    logger.info(publishOut.trim(), 2);
-                if (isVerbose() && publishErr)
-                    logger.info(publishErr.trim(), 2);
-            }
-            finally {
-                // Unlink the temp key file via the observable cleanup helper.
-                // ENOENT and other already-gone outcomes are benign (null).
-                // A non-null Error means the unlink failed AND the file still
-                // exists on disk — the private key would persist silently
-                // otherwise, so we emit a warning with the manual-cleanup
-                // hint. The SIGINT signal handler's sync callback below also
-                // tries to remove the same file; if SIGINT fires before this
-                // finally runs the file is gone and the next finally call
-                // sees ENOENT (benign).
-                const cleanupErr = removeKeyFile(keyFilePath);
-                if (cleanupErr) {
-                    logger.warning(`Failed to remove temp key file '${keyFilePath}': ${cleanupErr.message}. ` +
-                        `The file has mode 0o600 but should be removed manually: rm ${keyFilePath}`);
-                }
-                cleanupCallbacks.delete(syncCleanup);
-            }
-            // Extract transaction hash from output via the shared helper
-            // (`utils/parseCliOutput.ts`). Same regex pair as before; lifted
-            // for reuse by harness/codeObject.ts and harness/script.ts.
-            const txHash = parseTxHash(publishOut);
+            // Publish the freshly-built package. movelite cannot consume the
+            // Movement CLI's `move publish` REST flow (its responses omit the
+            // ledger headers and fields the CLI requires), so when the backend
+            // is movelite we publish via the TypeScript SDK instead. Every other
+            // backend keeps the CLI path.
+            const txHash = input.sdkPublish
+                ? await this.publishViaSdk(input, safeDir)
+                : await this.publishViaCli(config, safeDir, deployerAddress, namedAddrArgs);
             logger.success("Module published successfully!");
             // ←← "Publish succeeded" boundary. Anything thrown below this
             // point did NOT cause the publish to fail — the module is on
@@ -226,4 +159,149 @@ export class Publisher {
             throw error;
         }
     }
+    /**
+     * Publish via the Movement CLI (`movement move publish`). The default path
+     * for real Movement nodes, forks, and testnet. Returns the parsed tx hash.
+     */
+    async publishViaCli(config, safeDir, deployerAddress, namedAddrArgs) {
+        // Format the private key into AIP-80 shape so the Movement CLI
+        // doesn't emit its raw-hex deprecation warning. `formatPrivateKey`
+        // is idempotent for already-prefixed inputs.
+        const formattedPrivateKey = PrivateKey.formatPrivateKey(config.privateKey, PrivateKeyVariants.Ed25519);
+        // Move.toml is NOT mutated. All address overrides flow through
+        // the `--named-addresses` flag above, which Movement CLI applies
+        // during build + publish. Rewriting Move.toml on disk would risk
+        // leaving the user's file mutated if the process died before the
+        // restore step.
+        let publishOut = "";
+        let publishErr = "";
+        // Pass the private key to Movement CLI via a 0o600 temp file
+        // (`--private-key-file <path>`) and the on-chain address via
+        // `--sender-account <addr>`. This avoids the CLI's profile-yaml
+        // lookup chain entirely — no CWD / HOME / .aptos / .movement
+        // dance, no CLI-variant dependency.
+        const keyFilePath = writeTempKeyFile(formattedPrivateKey);
+        // Register a sync cleanup hook BEFORE invoking the CLI. If the
+        // user Ctrl+C's (or the process is SIGTERM'd) between the file
+        // write and our finally, the SIGINT handler iterates every
+        // registered callback and unlinks this deploy's key file
+        // synchronously so the private key never persists on disk after
+        // an abnormal exit. The signal-handler path uses the
+        // best-effort variant because the event loop is dead and we
+        // cannot logger.warning.
+        ensureSignalHandler();
+        const syncCleanup = () => removeKeyFileSyncBestEffort(keyFilePath);
+        cleanupCallbacks.add(syncCleanup);
+        try {
+            // Execute publish command. Private key reaches the CLI via the
+            // temp key file path (--private-key-file) — never on the
+            // command line — so it can't leak through `ps aux`. runCli's
+            // stdout/stderr redaction still applies as defense in depth
+            // for any `ed25519-priv-…` substring that surfaces in CLI
+            // output (Movement CLI sometimes echoes the key on error).
+            const publishResult = await withSpinner("Publishing to blockchain", () => runCli({
+                command: "movement",
+                args: [
+                    "move",
+                    "publish",
+                    "--package-dir",
+                    safeDir,
+                    "--url",
+                    config.rpc,
+                    "--private-key-file",
+                    keyFilePath,
+                    "--sender-account",
+                    deployerAddress,
+                    "--assume-yes",
+                    ...namedAddrArgs,
+                ],
+                timeoutMs: 120000, // 2 minutes for blockchain transactions
+            }, { adapter: this.deps.adapter }));
+            publishOut = publishResult.stdout;
+            publishErr = publishResult.stderr;
+            // Both stdout and stderr from the publish subprocess are gated
+            // behind isVerbose() — Movement CLI emits progress to both
+            // streams ("Compiling, may take a little while..."), so a
+            // visible stderr line is not by itself a failure signal. The
+            // surrounding withSpinner converts the runCli throw on real
+            // failure into the visible spinner.fail() output instead.
+            if (isVerbose() && publishOut)
+                logger.info(publishOut.trim(), 2);
+            if (isVerbose() && publishErr)
+                logger.info(publishErr.trim(), 2);
+        }
+        finally {
+            // Unlink the temp key file via the observable cleanup helper.
+            // ENOENT and other already-gone outcomes are benign (null).
+            // A non-null Error means the unlink failed AND the file still
+            // exists on disk — the private key would persist silently
+            // otherwise, so we emit a warning with the manual-cleanup
+            // hint. The SIGINT signal handler's sync callback below also
+            // tries to remove the same file; if SIGINT fires before this
+            // finally runs the file is gone and the next finally call
+            // sees ENOENT (benign).
+            const cleanupErr = removeKeyFile(keyFilePath);
+            if (cleanupErr) {
+                logger.warning(`Failed to remove temp key file '${keyFilePath}': ${cleanupErr.message}. ` +
+                    `The file has mode 0o600 but should be removed manually: rm ${keyFilePath}`);
+            }
+            cleanupCallbacks.delete(syncCleanup);
+        }
+        // Extract transaction hash from output via the shared helper
+        // (`utils/parseCliOutput.ts`). Same regex pair as before; lifted
+        // for reuse by harness/codeObject.ts and harness/script.ts.
+        return parseTxHash(publishOut);
+    }
+    /**
+     * Publish the already-built package via the TypeScript SDK. Used when the
+     * backend is movelite. Reads the compiled artifacts the CLI build produced
+     * under `<dir>/build/<pkg>/`, submits a `0x1::code::publish_package_txn`,
+     * and waits for it. Returns the on-chain tx hash.
+     */
+    async publishViaSdk(input, safeDir) {
+        const aptos = input.aptos;
+        if (!aptos) {
+            throw new Error("sdkPublish requires an Aptos client");
+        }
+        const buildRoot = join(safeDir, "build");
+        // The root package's compiled output is the single directory under
+        // build/ that carries a package-metadata.bcs; dependency builds live
+        // in nested bytecode_modules/dependencies/ and have no metadata here.
+        const pkgDirs = existsSync(buildRoot)
+            ? readdirSync(buildRoot, { withFileTypes: true })
+                .filter((e) => e.isDirectory())
+                .map((e) => join(buildRoot, e.name))
+                .filter((d) => existsSync(join(d, "package-metadata.bcs")))
+            : [];
+        if (pkgDirs.length !== 1) {
+            throw new Error(`Expected exactly one compiled package under ${buildRoot}, found ${pkgDirs.length}.`);
+        }
+        const pkgDir = pkgDirs[0];
+        const metadataBytes = new Uint8Array(readFileSync(join(pkgDir, "package-metadata.bcs")));
+        const modulesDir = join(pkgDir, "bytecode_modules");
+        const moduleBytecode = readdirSync(modulesDir)
+            .filter((f) => f.endsWith(".mv"))
+            .sort()
+            .map((f) => new Uint8Array(readFileSync(join(modulesDir, f))));
+        if (moduleBytecode.length === 0) {
+            throw new Error(`No compiled modules (*.mv) found in ${modulesDir}`);
+        }
+        return withSpinner("Publishing to blockchain", async () => {
+            const tx = await aptos.publishPackageTransaction({
+                account: input.account.accountAddress,
+                metadataBytes,
+                moduleBytecode,
+            });
+            const senderAuth = aptos.transaction.sign({
+                signer: input.account,
+                transaction: tx,
+            });
+            const committed = await aptos.transaction.submit.simple({
+                transaction: tx,
+                senderAuthenticator: senderAuth,
+            });
+            await aptos.waitForTransaction({ transactionHash: committed.hash });
+            return committed.hash;
+        });
+    }
 }

package/dist/fork/api.d.ts

@@ -55,7 +55,7 @@ export declare class MovementApiClient {
     /**
      * Get a specific account resource
      */
-    getAccountResource(address: string, resourceType: string): Promise<any>;
+    getAccountResource(address: string, resourceType: string): Promise<AccountResource>;
     /**
      * Get all resources for an account
      */

package/dist/fork/api.js

@@ -2,6 +2,7 @@ import https from 'https';
 import http from 'http';
 import { URL } from 'url';
 import { normalizeAddressShort } from '../utils/address.js';
+import { assertLedgerInfo, assertAccountData, assertAccountResource, assertAccountResourceArray, } from './validation.js';
 const DEFAULT_TIMEOUT_MS = 30_000;
 const DEFAULT_MAX_BYTES = 16 * 1024 * 1024;
 /**
@@ -191,14 +192,16 @@ export class MovementApiClient {
      * Get ledger information
      */
     async getLedgerInfo() {
-        return this.get(this.apiPath('/'));
+        const raw = await this.get(this.apiPath('/'));
+        return assertLedgerInfo(raw);
     }
     /**
      * Get account information
      */
     async getAccount(address) {
         const normalizedAddress = normalizeAddressShort(address);
-        return this.get(this.apiPath(`/accounts/${normalizedAddress}`));
+        const raw = await this.get(this.apiPath(`/accounts/${normalizedAddress}`));
+        return assertAccountData(raw);
     }
     /**
      * Get a specific account resource
@@ -207,14 +210,16 @@ export class MovementApiClient {
         const normalizedAddress = normalizeAddressShort(address);
         // URL encode the resource type
         const encodedType = encodeURIComponent(resourceType);
-        return this.get(this.apiPath(`/accounts/${normalizedAddress}/resource/${encodedType}`));
+        const raw = await this.get(this.apiPath(`/accounts/${normalizedAddress}/resource/${encodedType}`));
+        return assertAccountResource(raw);
     }
     /**
      * Get all resources for an account
      */
     async getAccountResources(address) {
         const normalizedAddress = normalizeAddressShort(address);
-        return this.get(this.apiPath(`/accounts/${normalizedAddress}/resources`));
+        const raw = await this.get(this.apiPath(`/accounts/${normalizedAddress}/resources`));
+        return assertAccountResourceArray(raw);
     }
     /**
      * Execute a Move view function via the upstream node's POST /v1/view.

package/dist/fork/manager.d.ts

@@ -36,8 +36,8 @@ export declare class ForkManager {
     load(): void;
     getMetadata(): ForkMetadata;
     getAccount(address: string): Promise<AccountState>;
-    getResource(address: string, resourceType: string): Promise<any>;
-    getAllResources(address: string): Promise<Record<string, any>>;
+    getResource(address: string, resourceType: string): Promise<unknown>;
+    getAllResources(address: string): Promise<Record<string, unknown>>;
     /**
      * Stateless passthrough of `POST /v1/view` to the upstream RPC.
      *

package/dist/fork/manager.js

@@ -3,6 +3,7 @@ import { MovementApiClient } from './api.js';
 import { ForkStorage } from './storage.js';
 import { normalizeAddress } from '../utils/address.js';
 import { logger } from '../ui/index.js';
+import { assertCoinStore } from './validation.js';
 /**
  * Derive a deterministic 32-byte hex placeholder for the `authentication_key`
  * of a fork-funded account. The real auth_key is `sha3_256(public_key || 0x00)`
@@ -182,17 +183,12 @@ export class ForkManager {
     async fundAccount(address, amount, coinType = '0x1::aptos_coin::AptosCoin') {
         const normalizedAddress = normalizeAddress(address);
         const resourceType = `0x1::coin::CoinStore<${coinType}>`;
-        // Try to get existing coin store. The coin store is a CoinStore<T>
-        // resource whose `data` is Movement-side untyped JSON; we shape it
-        // locally as a structural object with `coin.value: string`.
-        // any: full CoinStore schema lives at the Movement REST boundary —
-        // proper validation deferred to the boundary-validation follow-up of #57.
         let coinStore;
         try {
-            coinStore = await this.getResource(normalizedAddress, resourceType);
+            const raw = await this.getResource(normalizedAddress, resourceType);
+            coinStore = assertCoinStore(raw);
         }
         catch (error) {
-            // Only catch "not found" errors, rethrow others (network, API, etc.)
             const msg = error instanceof Error ? error.message : String(error);
             if (!msg.includes('not found')) {
                 throw error;
@@ -220,7 +216,7 @@ export class ForkManager {
                 frozen: false,
             };
         }
-        const currentBalance = BigInt(coinStore.coin.value ?? '0');
+        const currentBalance = BigInt(coinStore.coin.value);
         const newBalance = currentBalance + BigInt(amount);
         coinStore.coin.value = newBalance.toString();
         await this.setResource(normalizedAddress, resourceType, coinStore);

package/dist/fork/storage.js

@@ -1,6 +1,7 @@
 import { chmodSync, existsSync, mkdirSync, readFileSync, writeFileSync, readdirSync, unlinkSync } from 'fs';
 import { join } from 'path';
 import { isHexAddress } from '../utils/address.js';
+import { assertForkMetadata, assertAccountStateRecord } from './validation.js';
 /**
  * Sanitize address to create a safe filename. Validates the address through
  * the shared `isHexAddress` helper (length 1–64 hex chars, optional `0x`),
@@ -108,7 +109,7 @@ export class ForkStorage {
         if (!existsSync(metadataPath)) {
             throw new Error(`Fork metadata not found at ${metadataPath}`);
         }
-        return readJsonFile(metadataPath, 'fork metadata');
+        return assertForkMetadata(readJsonFile(metadataPath, 'fork metadata'));
     }
     /**
      * Get account state
@@ -118,7 +119,7 @@ export class ForkStorage {
         if (!existsSync(accountsPath)) {
             return null;
         }
-        const accounts = readJsonFile(accountsPath, 'fork accounts');
+        const accounts = assertAccountStateRecord(readJsonFile(accountsPath, 'fork accounts'));
         return accounts[address] || null;
     }
     /**
@@ -128,7 +129,7 @@ export class ForkStorage {
         const accountsPath = join(this.forkPath, 'accounts.json');
         let accounts = {};
         if (existsSync(accountsPath)) {
-            accounts = readJsonFile(accountsPath, 'fork accounts');
+            accounts = assertAccountStateRecord(readJsonFile(accountsPath, 'fork accounts'));
         }
         accounts[address] = state;
         writePrivateFile(accountsPath, JSON.stringify(accounts, null, 2));
@@ -193,7 +194,7 @@ export class ForkStorage {
         if (!existsSync(accountsPath)) {
             return [];
         }
-        const accounts = readJsonFile(accountsPath, 'fork accounts');
+        const accounts = assertAccountStateRecord(readJsonFile(accountsPath, 'fork accounts'));
         return Object.keys(accounts);
     }
     /**

package/dist/fork/test.d.ts

@@ -59,7 +59,7 @@ export declare function getForkInfo(path: string): Promise<ForkInfo>;
  */
 export declare function viewForkResource(sessionPath: string, account: string, resourceType: string, options?: {
     adapter?: ChildProcessAdapter;
-}): Promise<any>;
+}): Promise<unknown>;
 /**
  * Compare a resource between current network state and a fork
  * Useful for verifying state changes after tests

package/dist/fork/validation.d.ts

@@ -0,0 +1,9 @@
+import type { LedgerInfo, AccountData, AccountResource, ForkMetadata, AccountState, CoinStore } from "../types/fork.js";
+export declare function assertLedgerInfo(v: unknown): LedgerInfo;
+export declare function assertAccountData(v: unknown): AccountData;
+export declare function assertAccountResource(v: unknown): AccountResource;
+export declare function assertAccountResourceArray(v: unknown): AccountResource[];
+export declare function assertForkMetadata(v: unknown): ForkMetadata;
+export declare function assertAccountState(v: unknown): AccountState;
+export declare function assertAccountStateRecord(v: unknown): Record<string, AccountState>;
+export declare function assertCoinStore(v: unknown): CoinStore;