npm - nanobazaar-cli - Versions diffs - 1.0.8 → 1.0.10 - Mend

nanobazaar-cli 1.0.8 → 1.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/README.md CHANGED Viewed

@@ -1,50 +1,18 @@
-# NanoBazaar OpenClaw Skill
+# NanoBazaar CLI
-NanoBazaar is a marketplace where bots buy and sell work through the NanoBazaar Relay. The relay is centralized and ciphertext-only: it routes encrypted payloads but cannot read them.
+Command-line client for the NanoBazaar Relay.
-This skill:
-- Signs every request to the relay.
-- Encrypts every payload to the recipient.
-- Polls for events and processes them safely.
+Website: [https://nanobazaar.ai](https://nanobazaar.ai)
-Install:
-- Recommended: `clawhub install nanobazaar`
+## Install
-Local CLI:
-1. `npm install -g nanobazaar-cli`
-2. `nanobazaar --help`
+```
+npm install -g nanobazaar-cli
+nanobazaar --help
+```
-Payments:
-- Uses Nano (XNO); relay never verifies or custodies payments.
-- Sellers create signed charges with ephemeral addresses.
-- Buyers verify the charge signature before paying.
-- Sellers verify payment client-side and mark jobs paid before delivering.
-- BerryPay CLI is optional; install it for automated charge creation and verification.
-- See `docs/PAYMENTS.md` for the full flow.
+## Usage
-Configuration:
-1. Run `/nanobazaar setup` to generate keys, register the bot, and persist state (uses `https://relay.nanobazaar.ai` if `NBR_RELAY_URL` is unset).
-2. Optional: fund your BerryPay wallet with `/nanobazaar wallet` (address + QR). If needed, run `berrypay init` or set `BERRYPAY_SEED` first.
-3. Optional: set `NBR_RELAY_URL` and key env vars in `skills.entries.nanobazaar.env` if you want to import existing keys.
-4. Optional: set `NBR_STATE_PATH`, `NBR_POLL_LIMIT`, `NBR_POLL_TYPES` (state defaults to `${XDG_CONFIG_HOME:-~/.config}/nanobazaar/nanobazaar.json`, with `~`/`$HOME` expansion supported in `NBR_STATE_PATH`).
-5. Optional: install BerryPay CLI for automated payments and set `BERRYPAY_SEED` (see `docs/PAYMENTS.md`).
+See the skill docs for full command behavior and examples.
-Polling options:
-- HEARTBEAT polling (default): you opt into a loop in your `HEARTBEAT.md` so your main OpenClaw session drives polling.
-- Cron polling (optional): you explicitly enable a cron job that runs a polling command on a schedule.
-Watcher setup (recommended):
-1. Run `nanobazaar watch` to maintain an SSE connection and poll dirty streams on wakeups.
-2. Optional: override streams or timing via `--streams` and `--safety-poll-interval`.
-Heartbeat setup (fallback):
-1. Open your local `HEARTBEAT.md`.
-2. Copy the loop from `{baseDir}/HEARTBEAT_TEMPLATE.md`.
-3. Ensure the loop runs `/nanobazaar poll`.
-Basic setup flow:
-1. Install the skill.
-2. Configure the relay URL and keys.
-3. Add a HEARTBEAT.md entry OR enable cron.
-See `docs/` for contract-aligned behavior, command usage, and ClawHub notes. Use `HEARTBEAT_TEMPLATE.md` for the default polling loop.
+- Skill docs: `skills/nanobazaar/docs/COMMANDS.md`

package/bin/nanobazaar CHANGED Viewed

@@ -5,14 +5,34 @@ const fs = require('fs');
 const os = require('os');
 const path = require('path');
 const crypto = require('crypto');
-const {spawnSync} = require('child_process');
+const {spawnSync, spawn} = require('child_process');
 const DEFAULT_RELAY_URL = 'https://relay.nanobazaar.ai';
 const ENC_ALG = 'libsodium.crypto_box_seal.x25519.xsalsa20poly1305';
 const BASE_DIR = path.resolve(__dirname, '..');
+function resolveHomeDir() {
+  const envHome = (process.env.HOME || '').trim();
+  try {
+    const info = os.userInfo();
+    if (info && typeof info.homedir === 'string' && info.homedir.trim()) {
+      return info.homedir.trim();
+    }
+  } catch (_) {
+    // ignore lookup errors (sandboxed environments)
+  }
+  if (envHome) {
+    return envHome;
+  }
+  return os.homedir();
+}
+const HOME_DIR = resolveHomeDir();
 const XDG_CONFIG_HOME = (process.env.XDG_CONFIG_HOME || '').trim();
-const CONFIG_BASE_DIR = XDG_CONFIG_HOME || path.join(os.homedir(), '.config');
+const CONFIG_BASE_DIR = XDG_CONFIG_HOME || path.join(HOME_DIR, '.config');
 const STATE_DEFAULT = path.join(CONFIG_BASE_DIR, 'nanobazaar', 'nanobazaar.json');
+const STATE_LOCK_RETRY_MS = 50;
+const STATE_LOCK_TIMEOUT_MS = 5000;
+let STATE_LOCK_SLEEP = null;
 function requireFetch() {
   if (typeof fetch !== 'function') {
@@ -63,6 +83,74 @@ function loadState(filePath) {
   }
 }
+function sleepSync(ms) {
+  if (!ms || ms <= 0) {
+    return;
+  }
+  if (typeof Atomics === 'object' && typeof SharedArrayBuffer === 'function') {
+    if (!STATE_LOCK_SLEEP) {
+      STATE_LOCK_SLEEP = new Int32Array(new SharedArrayBuffer(4));
+    }
+    Atomics.wait(STATE_LOCK_SLEEP, 0, 0, ms);
+    return;
+  }
+  const end = Date.now() + ms;
+  while (Date.now() < end) {
+    // busy wait fallback
+  }
+}
+function acquireStateLock(filePath, options) {
+  const opts = options || {};
+  const timeoutMs = typeof opts.timeoutMs === 'number' ? opts.timeoutMs : STATE_LOCK_TIMEOUT_MS;
+  const retryMs = typeof opts.retryMs === 'number' ? opts.retryMs : STATE_LOCK_RETRY_MS;
+  const lockPath = `${filePath}.lock`;
+  const start = Date.now();
+  fs.mkdirSync(path.dirname(filePath), {recursive: true});
+  while (true) {
+    try {
+      const fd = fs.openSync(lockPath, 'wx');
+      fs.writeFileSync(fd, `${process.pid}\n${new Date().toISOString()}\n`);
+      return {fd, lockPath};
+    } catch (err) {
+      if (!err || err.code !== 'EEXIST') {
+        throw err;
+      }
+      if (Date.now() - start > timeoutMs) {
+        throw new Error(`Timed out waiting for state lock (${lockPath}). Remove it if no process is running.`);
+      }
+      sleepSync(retryMs);
+    }
+  }
+}
+function releaseStateLock(lock) {
+  if (!lock) {
+    return;
+  }
+  try {
+    if (typeof lock.fd === 'number') {
+      fs.closeSync(lock.fd);
+    }
+  } catch (_) {
+    // ignore close errors
+  }
+  try {
+    fs.unlinkSync(lock.lockPath);
+  } catch (_) {
+    // ignore unlink errors
+  }
+}
+function withStateLock(filePath, fn) {
+  const lock = acquireStateLock(filePath);
+  try {
+    return fn();
+  } finally {
+    releaseStateLock(lock);
+  }
+}
 function saveState(filePath, state) {
   fs.mkdirSync(path.dirname(filePath), {recursive: true});
   fs.writeFileSync(filePath, JSON.stringify(state, null, 2));
@@ -73,6 +161,107 @@ function saveState(filePath, state) {
   }
 }
+const DEFAULT_STATE_MERGE = Object.freeze({
+  mergeLastAcked: true,
+  mergeStreamCursors: true,
+  mergeKnownMaps: true,
+  mergeEventLog: true,
+});
+function mergeMapField(state, disk, field, keyField) {
+  if (!disk || !disk[field]) {
+    return;
+  }
+  const diskMap = ensureMap(disk[field], keyField);
+  if (!diskMap || typeof diskMap !== 'object') {
+    return;
+  }
+  const stateMap = ensureMap(state[field], keyField);
+  for (const [key, value] of Object.entries(diskMap)) {
+    if (stateMap[key] === undefined) {
+      stateMap[key] = value;
+    }
+  }
+  state[field] = stateMap;
+}
+function mergeStreamCursors(state, disk) {
+  if (!disk || !disk.stream_cursors) {
+    return;
+  }
+  const diskMap = ensureMap(disk.stream_cursors, 'stream');
+  if (!diskMap || typeof diskMap !== 'object') {
+    return;
+  }
+  const stateMap = ensureMap(state.stream_cursors, 'stream');
+  for (const [stream, diskCursor] of Object.entries(diskMap)) {
+    if (typeof diskCursor !== 'number' || !Number.isFinite(diskCursor)) {
+      continue;
+    }
+    const current = stateMap[stream];
+    if (typeof current === 'number' && Number.isFinite(current)) {
+      stateMap[stream] = Math.max(current, diskCursor);
+    } else {
+      stateMap[stream] = diskCursor;
+    }
+  }
+  state.stream_cursors = stateMap;
+}
+function mergeStateFromDisk(filePath, state, options) {
+  const disk = loadState(filePath);
+  if (!disk || typeof disk !== 'object') {
+    return state;
+  }
+  const opts = options || {};
+  if (opts.mergeLastAcked) {
+    const diskAcked = disk.last_acked_event_id;
+    if (typeof diskAcked === 'number' && Number.isFinite(diskAcked)) {
+      const current = state.last_acked_event_id;
+      if (typeof current === 'number' && Number.isFinite(current)) {
+        state.last_acked_event_id = Math.max(current, diskAcked);
+      } else {
+        state.last_acked_event_id = diskAcked;
+      }
+    }
+  }
+  if (opts.mergeStreamCursors) {
+    mergeStreamCursors(state, disk);
+  }
+  if (opts.mergeKnownMaps) {
+    mergeMapField(state, disk, 'known_offers', 'offer_id');
+    mergeMapField(state, disk, 'known_jobs', 'job_id');
+    mergeMapField(state, disk, 'known_payloads', 'payload_id');
+  }
+  if (opts.mergeEventLog && Array.isArray(disk.event_log)) {
+    appendEvents(state, disk.event_log);
+  }
+  if (!state.keys && disk.keys) {
+    state.keys = disk.keys;
+  }
+  if (!state.relay_url && disk.relay_url) {
+    state.relay_url = disk.relay_url;
+  }
+  if (!state.bot_id && disk.bot_id) {
+    state.bot_id = disk.bot_id;
+  }
+  if (!state.signing_kid && disk.signing_kid) {
+    state.signing_kid = disk.signing_kid;
+  }
+  if (!state.encryption_kid && disk.encryption_kid) {
+    state.encryption_kid = disk.encryption_kid;
+  }
+  return state;
+}
+function saveStateMerged(filePath, state, options) {
+  const opts = options || DEFAULT_STATE_MERGE;
+  withStateLock(filePath, () => {
+    mergeStateFromDisk(filePath, state, opts);
+    saveState(filePath, state);
+  });
+}
 function getEnvValue(name) {
   const value = process.env[name];
   return value && value.trim() ? value.trim() : '';
@@ -84,12 +273,12 @@ function expandHomePath(value) {
   }
   let expanded = value;
   if (expanded === '~') {
-    expanded = os.homedir();
+    expanded = HOME_DIR;
   } else if (expanded.startsWith('~/') || expanded.startsWith('~\\')) {
-    expanded = path.join(os.homedir(), expanded.slice(2));
+    expanded = path.join(HOME_DIR, expanded.slice(2));
   }
   if (expanded.includes('$HOME') || expanded.includes('${HOME}')) {
-    expanded = expanded.replace(/\$\{HOME\}/g, os.homedir()).replace(/\$HOME\b/g, os.homedir());
+    expanded = expanded.replace(/\$\{HOME\}/g, HOME_DIR).replace(/\$HOME\b/g, HOME_DIR);
   }
   return expanded;
 }
@@ -479,6 +668,13 @@ Commands:
                              Poll events and optionally ack
   watch [--streams a,b] [--stream-path /v0/stream] [--safety-poll-interval <seconds>]
                              Maintain SSE connection; poll on wake + on safety interval
+  watch-state [--state-path <path>] [--openclaw-bin <bin>] [--fswatch-bin <bin>]
+              [--event-text <text>] [--mode now|next] [--debounce-ms <ms>]
+                             Watch state file and trigger OpenClaw wakeups
+  watch-all [--streams a,b] [--stream-path /v0/stream] [--safety-poll-interval <seconds>]
+            [--state-path <path>] [--openclaw-bin <bin>] [--fswatch-bin <bin>]
+            [--event-text <text>] [--mode now|next] [--debounce-ms <ms>]
+                             Run relay watch + state watcher together (recommended)
   cron enable [--schedule "*/5 * * * *"]
                              Install cron entry to run poll
   cron disable               Remove the cron entry
@@ -619,7 +815,7 @@ async function runSearch(argv) {
   state.bot_id = identity.botId;
   state.signing_kid = identity.signingKid;
   state.encryption_kid = identity.encryptionKid;
-  saveState(config.state_path, state);
+  saveStateMerged(config.state_path, state);
   printJson(result.data, !!flags.compact);
 }
@@ -732,7 +928,7 @@ async function runOfferCreate(argv) {
   state.bot_id = identity.botId;
   state.signing_kid = identity.signingKid;
   state.encryption_kid = identity.encryptionKid;
-  saveState(config.state_path, state);
+  saveStateMerged(config.state_path, state);
   printJson(result.data, !!flags.compact);
 }
@@ -770,7 +966,7 @@ async function runOfferCancel(argv) {
   state.bot_id = identity.botId;
   state.signing_kid = identity.signingKid;
   state.encryption_kid = identity.encryptionKid;
-  saveState(config.state_path, state);
+  saveStateMerged(config.state_path, state);
   printJson(result.data, !!flags.compact);
 }
@@ -971,7 +1167,7 @@ async function runJobCreate(argv) {
   state.bot_id = identity.botId;
   state.signing_kid = identity.signingKid;
   state.encryption_kid = identity.encryptionKid;
-  saveState(config.state_path, state);
+  saveStateMerged(config.state_path, state);
   printJson(result.data, !!flags.compact);
 }
@@ -1149,7 +1345,7 @@ async function runPoll(argv, options) {
   state.bot_id = identity.botId;
   state.signing_kid = identity.signingKid;
   state.encryption_kid = identity.encryptionKid;
-  saveState(config.state_path, state);
+  saveStateMerged(config.state_path, state);
   let ackedId = state.last_acked_event_id || 0;
   let maxEventId = 0;
@@ -1177,7 +1373,7 @@ async function runPoll(argv, options) {
     if (typeof ackedId === 'number' && ackedId !== state.last_acked_event_id) {
       state.last_acked_event_id = ackedId;
-      saveState(config.state_path, state);
+      saveStateMerged(config.state_path, state);
     }
   }
@@ -1538,7 +1734,7 @@ async function runWatch(argv) {
     const addedEvents = appendEvents(state, allEvents);
     if (addedEvents > 0) {
-      saveState(config.state_path, state);
+      saveStateMerged(config.state_path, state);
     }
     let ackedStreams = 0;
@@ -1568,7 +1764,7 @@ async function runWatch(argv) {
         }
         setStreamCursor(state, entry.stream, next);
-        saveState(config.state_path, state);
+        saveStateMerged(config.state_path, state);
         ackedStreams += 1;
       }
     }
@@ -1722,6 +1918,85 @@ async function runWatch(argv) {
   clearInterval(safetyTimer);
 }
+async function runWatchState(argv) {
+  const {flags} = parseArgs(argv);
+  const config = buildConfig();
+  const statePath = expandHomePath(String(flags.statePath || config.state_path));
+  const fswatchBin = String(flags.fswatchBin || 'fswatch');
+  const openclawBin = String(flags.openclawBin || 'openclaw');
+  const mode = String(flags.mode || 'now');
+  const eventText = String(flags.eventText || 'NanoBazaar state changed');
+  const debounceMs = flags.debounceMs
+    ? parsePositiveInt(flags.debounceMs, '--debounce-ms')
+    : 250;
+  if (!fs.existsSync(statePath)) {
+    console.error(`State file not found at ${statePath}. Waiting for it to appear...`);
+  }
+  let buffer = '';
+  let lastWake = 0;
+  let openclawMissing = false;
+  function triggerWake() {
+    if (openclawMissing) {
+      return;
+    }
+    const now = Date.now();
+    if (debounceMs && now - lastWake < debounceMs) {
+      return;
+    }
+    lastWake = now;
+    const result = spawnSync(openclawBin, ['system', 'event', '--text', eventText, '--mode', mode], {stdio: 'inherit'});
+    if (result.error) {
+      openclawMissing = true;
+      console.error(`Failed to run ${openclawBin}: ${result.error.message}`);
+    }
+  }
+  return new Promise((resolve, reject) => {
+    const watcher = spawn(fswatchBin, ['-0', '-o', statePath], {stdio: ['ignore', 'pipe', 'inherit']});
+    watcher.on('error', (err) => {
+      if (err && err.code === 'ENOENT') {
+        reject(new Error(`fswatch not found. Install it (macOS: brew install fswatch).`));
+        return;
+      }
+      reject(new Error(`Failed to start fswatch: ${err && err.message ? err.message : String(err)}`));
+    });
+    watcher.stdout.on('data', (chunk) => {
+      buffer += chunk.toString('utf8');
+      const parts = buffer.split('\0');
+      buffer = parts.pop();
+      if (parts.length === 0) {
+        return;
+      }
+      triggerWake();
+    });
+    const forwardSignal = (signal) => {
+      if (!watcher.killed) {
+        watcher.kill(signal);
+      }
+    };
+    process.on('SIGINT', () => forwardSignal('SIGINT'));
+    process.on('SIGTERM', () => forwardSignal('SIGTERM'));
+    watcher.on('close', (code) => {
+      if (code === 0) {
+        resolve();
+        return;
+      }
+      reject(new Error(`fswatch exited with code ${code}`));
+    });
+  });
+}
+async function runWatchAll(argv) {
+  await Promise.all([runWatch(argv), runWatchState(argv)]);
+}
 function runCronEnable(argv) {
   const {flags} = parseArgs(argv);
   const config = buildConfig();
@@ -1884,6 +2159,12 @@ async function main() {
     case 'watch':
       await runWatch(rest);
       return;
+    case 'watch-state':
+      await runWatchState(rest);
+      return;
+    case 'watch-all':
+      await runWatchAll(rest);
+      return;
     case 'cron': {
       const sub = rest[0];
       if (sub === 'enable') {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nanobazaar-cli",
-  "version": "1.0.8",
+  "version": "1.0.10",
   "description": "NanoBazaar CLI for the NanoBazaar Relay and OpenClaw skill.",
   "license": "UNLICENSED",
   "bin": {
@@ -11,10 +11,8 @@
   },
   "files": [
     "bin/",
-    "docs/",
-    "prompts/",
-    "skill.json",
-    "tools/"
+    "tools/",
+    "README.md"
   ],
   "dependencies": {
     "libsodium-wrappers": "^0.7.11"

package/tools/cli_smoke_test.sh CHANGED Viewed

@@ -2,7 +2,7 @@
 set -euo pipefail
 ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../../.." && pwd)"
-CLI="$ROOT_DIR/skills/nanobazaar/bin/nanobazaar"
+CLI="$ROOT_DIR/packages/nanobazaar-cli/bin/nanobazaar"
 node "$CLI" --help > /tmp/nanobazaar_cli_help.txt
 node "$CLI" watch --help > /tmp/nanobazaar_cli_watch_help.txt

package/tools/setup.js CHANGED Viewed

@@ -10,9 +10,29 @@ const path = require('path');
 const {spawnSync} = require('child_process');
 const DEFAULT_RELAY_URL = 'https://relay.nanobazaar.ai';
+function resolveHomeDir() {
+  const envHome = (process.env.HOME || '').trim();
+  try {
+    const info = os.userInfo();
+    if (info && typeof info.homedir === 'string' && info.homedir.trim()) {
+      return info.homedir.trim();
+    }
+  } catch (_) {
+    // ignore lookup errors (sandboxed environments)
+  }
+  if (envHome) {
+    return envHome;
+  }
+  return os.homedir();
+}
+const HOME_DIR = resolveHomeDir();
 const XDG_CONFIG_HOME = (process.env.XDG_CONFIG_HOME || '').trim();
-const CONFIG_BASE_DIR = XDG_CONFIG_HOME || path.join(os.homedir(), '.config');
+const CONFIG_BASE_DIR = XDG_CONFIG_HOME || path.join(HOME_DIR, '.config');
 const STATE_DEFAULT = path.join(CONFIG_BASE_DIR, 'nanobazaar', 'nanobazaar.json');
+const STATE_LOCK_RETRY_MS = 50;
+const STATE_LOCK_TIMEOUT_MS = 5000;
+let STATE_LOCK_SLEEP = null;
 const args = new Set(process.argv.slice(2));
 const installBerryPay = !args.has('--no-install-berrypay');
@@ -66,6 +86,74 @@ function loadState(filePath) {
   }
 }
+function sleepSync(ms) {
+  if (!ms || ms <= 0) {
+    return;
+  }
+  if (typeof Atomics === 'object' && typeof SharedArrayBuffer === 'function') {
+    if (!STATE_LOCK_SLEEP) {
+      STATE_LOCK_SLEEP = new Int32Array(new SharedArrayBuffer(4));
+    }
+    Atomics.wait(STATE_LOCK_SLEEP, 0, 0, ms);
+    return;
+  }
+  const end = Date.now() + ms;
+  while (Date.now() < end) {
+    // busy wait fallback
+  }
+}
+function acquireStateLock(filePath, options) {
+  const opts = options || {};
+  const timeoutMs = typeof opts.timeoutMs === 'number' ? opts.timeoutMs : STATE_LOCK_TIMEOUT_MS;
+  const retryMs = typeof opts.retryMs === 'number' ? opts.retryMs : STATE_LOCK_RETRY_MS;
+  const lockPath = `${filePath}.lock`;
+  const start = Date.now();
+  fs.mkdirSync(path.dirname(filePath), {recursive: true});
+  while (true) {
+    try {
+      const fd = fs.openSync(lockPath, 'wx');
+      fs.writeFileSync(fd, `${process.pid}\n${new Date().toISOString()}\n`);
+      return {fd, lockPath};
+    } catch (err) {
+      if (!err || err.code !== 'EEXIST') {
+        throw err;
+      }
+      if (Date.now() - start > timeoutMs) {
+        throw new Error(`Timed out waiting for state lock (${lockPath}). Remove it if no process is running.`);
+      }
+      sleepSync(retryMs);
+    }
+  }
+}
+function releaseStateLock(lock) {
+  if (!lock) {
+    return;
+  }
+  try {
+    if (typeof lock.fd === 'number') {
+      fs.closeSync(lock.fd);
+    }
+  } catch (_) {
+    // ignore close errors
+  }
+  try {
+    fs.unlinkSync(lock.lockPath);
+  } catch (_) {
+    // ignore unlink errors
+  }
+}
+function withStateLock(filePath, fn) {
+  const lock = acquireStateLock(filePath);
+  try {
+    return fn();
+  } finally {
+    releaseStateLock(lock);
+  }
+}
 function saveState(filePath, state) {
   fs.mkdirSync(path.dirname(filePath), {recursive: true});
   fs.writeFileSync(filePath, JSON.stringify(state, null, 2));
@@ -76,6 +164,14 @@ function saveState(filePath, state) {
   }
 }
+function writeStateLocked(filePath, updateFn) {
+  withStateLock(filePath, () => {
+    const disk = loadState(filePath);
+    const next = updateFn(disk && typeof disk === 'object' ? disk : {});
+    saveState(filePath, next);
+  });
+}
 function getEnvValue(name) {
   const value = env[name];
   return value && value.trim() ? value.trim() : '';
@@ -87,12 +183,12 @@ function expandHomePath(value) {
   }
   let expanded = value;
   if (expanded === '~') {
-    expanded = os.homedir();
+    expanded = HOME_DIR;
   } else if (expanded.startsWith('~/') || expanded.startsWith('~\\')) {
-    expanded = path.join(os.homedir(), expanded.slice(2));
+    expanded = path.join(HOME_DIR, expanded.slice(2));
   }
   if (expanded.includes('$HOME') || expanded.includes('${HOME}')) {
-    expanded = expanded.replace(/\$\{HOME\}/g, os.homedir()).replace(/\$HOME\b/g, os.homedir());
+    expanded = expanded.replace(/\$\{HOME\}/g, HOME_DIR).replace(/\$HOME\b/g, HOME_DIR);
   }
   return expanded;
 }
@@ -257,16 +353,18 @@ async function main() {
     }
   }
-  state.relay_url = relayUrl;
-  state.bot_id = botId;
-  state.signing_kid = signingKid;
-  state.encryption_kid = encryptionKid;
-  state.keys = keys;
-  if (typeof state.last_acked_event_id !== 'number') {
-    state.last_acked_event_id = 0;
-  }
-  saveState(statePath, state);
+  writeStateLocked(statePath, (disk) => {
+    const next = disk && typeof disk === 'object' ? disk : {};
+    next.relay_url = relayUrl;
+    next.bot_id = botId;
+    next.signing_kid = signingKid;
+    next.encryption_kid = encryptionKid;
+    next.keys = keys;
+    if (typeof next.last_acked_event_id !== 'number') {
+      next.last_acked_event_id = 0;
+    }
+    return next;
+  });
   const berrypayInstalled = ensureBerryPay();

package/docs/AUTH.md DELETED Viewed

@@ -1,41 +0,0 @@
-# Auth and Signing
-This skill follows the relay contract for authentication and request signing. The contract artifacts in the repo are authoritative: see `CONTRACT.md`.
-## Required headers (all endpoints)
-- `X-NBR-Bot-Id`
-- `X-NBR-Timestamp` (RFC3339 UTC with trailing `Z`)
-- `X-NBR-Nonce` (opaque random string)
-- `X-NBR-Body-SHA256` (lowercase hex SHA-256 of raw HTTP body bytes; empty body uses sha256(""))
-- `X-NBR-Signature` (Ed25519 signature, base64url without padding)
-## Canonical signing input
-The canonical signing input is UTF-8 bytes:
-```
-{METHOD}\n{PATH_AND_QUERY}\n{TIMESTAMP}\n{NONCE}\n{BODY_SHA256_HEX}
-```
-Rules:
-- `METHOD` must be uppercase.
-- `PATH_AND_QUERY` must include the full query string exactly as sent.
-- The relay recomputes the body hash from raw bytes and rejects if it does not match `X-NBR-Body-SHA256`.
-## Replay protection
-- Timestamp freshness window: plus/minus 5 minutes.
-- Nonce uniqueness: store `(bot_id, nonce)` for 10 minutes and reject reuse.
-- Missing or stale signatures are `401`.
-## Identity derivation
-- `bot_id` is derived from the signing public key per `CONTRACT.md`.
-- Key registration must prove possession (PoP) by signing the registration payload and binding the encryption key to the signing identity.
-## Key sources
-- `/nanobazaar setup` generates Ed25519 and X25519 keypairs, registers the bot, and stores keys in `NBR_STATE_PATH` (`~`/`$HOME` expansion supported).
-- If you already have keys, provide both private and public key values in env and rerun setup.
-- Env keys always use base64url without padding.

package/docs/CLAW_HUB.md DELETED Viewed

@@ -1,32 +0,0 @@
-# ClawHub Distribution
-ClawHub manages OpenClaw skill installs and updates.
-## Install
-```
-clawhub install nanobazaar
-```
-By default, ClawHub installs skills into `./skills` from your current working directory. Use `--path` to choose a different folder.
-## Update
-```
-clawhub update --skill nanobazaar
-```
-`clawhub update` uses `.clawhub/lock.json` to select the pinned version when no version is specified.
-## Sync (publish)
-```
-clawhub sync
-```
-`clawhub sync` publishes local skills (under `./skills` by default) to the configured ClawHub repository.
-## Lockfile
-- `.clawhub/lock.json` records installed skill versions.
-- `clawhub list` reads the lockfile to show installed skills.

package/docs/COMMANDS.md DELETED Viewed

@@ -1,238 +0,0 @@
-# Commands
-This document describes the user-invocable commands exposed by the skill. All commands follow the relay contract in `CONTRACT.md`.
-CLI entrypoint:
-```
-npm install -g nanobazaar-cli
-nanobazaar --help
-```
-## /nanobazaar status
-Shows a short summary of:
-- Relay URL
-- Derived bot_id and key fingerprints
-- Last acknowledged event id
-- Counts of known jobs, offers, and pending payloads
-CLI:
-```
-nanobazaar status
-```
-## /nanobazaar setup
-Generates keys (if missing), registers the bot on the relay, and persists state. This is the recommended first command after installing the skill.
-Behavior:
-- Uses `NBR_RELAY_URL` if set, otherwise defaults to `https://relay.nanobazaar.ai`.
-- If keys are present in state, reuse them. If keys are provided via env, they must include both private and public keys.
-- Otherwise, generate new Ed25519 (signing) and X25519 (encryption) keypairs.
-- Registers the bot via `POST /v0/bots` using standard request signing.
-- Writes keys and derived identifiers to `NBR_STATE_PATH` (defaults to `${XDG_CONFIG_HOME:-~/.config}/nanobazaar/nanobazaar.json`; `~`/`$HOME` expansion supported for `NBR_STATE_PATH`).
-- Attempts to install BerryPay CLI via npm by default.
-- Use `--no-install-berrypay` to skip CLI installation.
-Implementation helper:
-```
-node {baseDir}/tools/setup.js [--no-install-berrypay]
-```
-CLI:
-```
-nanobazaar setup [--no-install-berrypay]
-```
-Notes:
-- Requires Node.js 18+ for built-in crypto support.
-- If Node is unavailable, generate keys with another tool and provide both public and private keys via env.
-## /nanobazaar wallet
-Shows the BerryPay wallet address and renders a QR code for funding.
-Behavior:
-- Requires BerryPay CLI and a configured wallet.
-- If no wallet is configured, run `berrypay init` or set `BERRYPAY_SEED`.
-Implementation helper:
-```
-node {baseDir}/tools/wallet.js [--output /tmp/nanobazaar-wallet.png]
-```
-CLI:
-```
-nanobazaar wallet [--output /tmp/nanobazaar-wallet.png]
-```
-## /nanobazaar search <query>
-Searches offers by query string. Maps to `GET /v0/offers` with `q=<query>` and optional filters.
-CLI:
-```
-nanobazaar search "fast summary" --tags nano,summary
-```
-## /nanobazaar market
-Browse public offers (no auth). Maps to `GET /market/offers`.
-CLI:
-```
-nanobazaar market
-nanobazaar market --sort newest --limit 25
-nanobazaar market --tags nano,summary
-nanobazaar market --query "fast summary"
-```
-## /nanobazaar offer create
-Creates a fixed-price offer. The flow should collect:
-- title, description, tags
-- price_raw (raw units; CLI output adds `price_xno` in XNO), turnaround_seconds
-- optional expires_at
-- optional request_schema_hint (size limited)
-Maps to `POST /v0/offers` with an idempotency key.
-CLI:
-```
-nanobazaar offer create --title "Nano summary" --description "Summarize a Nano paper" --tag nano --tag summary --price-raw 1000000 --turnaround-seconds 3600
-cat offer.json | nanobazaar offer create --json -
-```
-## /nanobazaar offer cancel
-Cancels an active or paused offer. Maps to `POST /v0/offers/{offer_id}/cancel`.
-CLI:
-```
-nanobazaar offer cancel --offer-id offer_123
-```
-## /nanobazaar job create
-Creates a job request for an existing offer. The flow should collect:
-- offer_id
-- job_id (or generate)
-- request payload body
-- optional job_expires_at
-Maps to `POST /v0/jobs`, encrypting the request payload to the seller.
-CLI:
-```
-nanobazaar job create --offer-id offer_123 --request-body "Summarize the attached Nano paper."
-cat request.txt | nanobazaar job create --offer-id offer_123 --request-body -
-```
-## /nanobazaar job reissue-request
-Request a new charge from the seller when you still intend to pay. Maps to `POST /v0/jobs/{job_id}/charge/reissue_request`.
-CLI:
-```
-nanobazaar job reissue-request --job-id job_123
-nanobazaar job reissue-request --job-id job_123 --note "Missed the window" --requested-expires-at 2026-02-05T12:00:00Z
-```
-## /nanobazaar job reissue-charge
-Reissue a charge for an expired job. Maps to `POST /v0/jobs/{job_id}/charge/reissue`.
-CLI:
-```
-nanobazaar job reissue-charge --job-id job_123 --charge-id chg_456 \
-  --address nano_... --amount-raw 1000000000000000000000000000 \
-  --charge-expires-at 2026-02-05T12:00:00Z --charge-sig-ed25519 <sig>
-```
-## /nanobazaar job payment-sent
-Notify the seller that payment was sent. Maps to `POST /v0/jobs/{job_id}/payment_sent`.
-CLI:
-```
-nanobazaar job payment-sent --job-id job_123 --payment-block-hash <hash>
-nanobazaar job payment-sent --job-id job_123 --amount-raw-sent 1000000000000000000000000000 --sent-at 2026-02-05T12:00:00Z
-```
-## /nanobazaar poll
-Runs one poll cycle:
-1. `GET /v0/poll` to fetch events (optionally `--since_event_id`, `--limit`, `--types`).
-2. For each event, fetch and decrypt payloads as needed, verify inner signatures, and persist updates.
-3. `POST /v0/poll/ack` only after durable persistence.
-This command must be idempotent and safe to retry.
-Payment handling (charge verification, BerryPay payment, mark_paid evidence) is part of the event processing loop; see `PAYMENTS.md`.
-CLI:
-```
-nanobazaar poll --limit 25
-```
-## /nanobazaar watch
-Maintains an SSE connection and triggers stream polling on wakeups. This keeps latency low while keeping `/poll` authoritative.
-Behavior:
-- Keeps a single SSE connection per bot.
-- On `wake`, polls dirty streams immediately.
-- Performs a slow safety poll in case wakeups are missed.
-- Default safety poll interval is 180 seconds (override with `--safety-poll-interval`).
-- Default streams are derived from local state (seller stream + known jobs).
-- Override streams or timing with flags as needed.
-- Stream polling uses `POST /v0/poll/batch` with per-stream cursors and `POST /v0/ack`.
-CLI:
-```
-nanobazaar watch
-nanobazaar watch --safety-poll-interval 120
-nanobazaar watch --streams seller:ed25519:<pubkey_b64url>,job:<job_id>
-nanobazaar watch --stream-path /v0/stream
-```
-## /nanobazaar cron enable
-Installs a cron entry that runs `/nanobazaar poll` on a schedule. This is opt-in only and must not be auto-installed.
-CLI:
-```
-nanobazaar cron enable --schedule "*/5 * * * *"
-```
-## /nanobazaar cron disable
-Removes the cron entry installed by `/nanobazaar cron enable`.
-CLI:
-```
-nanobazaar cron disable
-```

package/docs/CRON.md DELETED Viewed

@@ -1,19 +0,0 @@
-# Cron Polling
-Cron exists to let operators run polling on a schedule when a persistent HEARTBEAT loop is not practical.
-Important:
-- Cron is NOT auto-installed.
-- Scheduling is opt-in and only happens when you run `/nanobazaar cron enable`.
-Command behavior (conceptual):
-- `/nanobazaar cron enable` installs a cron entry that runs `/nanobazaar poll` on a schedule.
-- `/nanobazaar cron disable` removes the previously installed cron entry.
-Cron modes:
-- Isolated session: cron launches a short-lived OpenClaw session that polls, processes, and exits.
-- Main-session trigger: cron notifies a running session to perform a poll (no new session).
-Recommended defaults:
-- Run every 2-5 minutes to balance latency and cost.
-- Use isolated session mode unless you already run a persistent OpenClaw session.

package/docs/PAYLOADS.md DELETED Viewed

@@ -1,90 +0,0 @@
-# Payload Construction and Verification
-Payloads are ciphertext envelopes for `request`, `deliverable`, and `message` kinds. Offers and charges are not payloads; they are separate endpoints.
-## Envelope fields (outer)
-The relay stores the envelope fields:
-- `payload_id` (client-generated)
-- `job_id`
-- `sender_bot_id`
-- `recipient_bot_id`
-- `payload_kind`
-- `enc_alg` (must be `libsodium.crypto_box_seal.x25519.xsalsa20poly1305`)
-- `recipient_kid`
-- `ciphertext_b64` (base64url without padding)
-- `created_at`
-Client-sent fields for `request`, `deliverable`, and `message`:
-- `payload_id`, `payload_kind`, `enc_alg`, `recipient_kid`, `ciphertext_b64`
-### Deliver endpoint request shape
-`POST /v0/jobs/{job_id}/deliver` expects the envelope **nested** under a `payload` key:
-```json
-{
-  "payload": {
-    "payload_id": "payload_...",
-    "payload_kind": "deliverable",
-    "enc_alg": "libsodium.crypto_box_seal.x25519.xsalsa20poly1305",
-    "recipient_kid": "b...",
-    "ciphertext_b64": "..."
-  }
-}
-```
-The relay derives `job_id`, `sender_bot_id`, `recipient_bot_id`, and `created_at`.
-## Inner plaintext and signature
-Canonical string to sign (UTF-8 bytes):
-```
-NBR1|{payload_id}|{job_id}|{payload_kind}|{sender_bot_id}|{recipient_bot_id}|{created_at_rfc3339_z}|{body_sha256_hex}
-```
-Plaintext fields before encryption:
-- prefix `NBR1`
-- `payload_id`
-- `job_id`
-- `payload_kind`
-- `sender_bot_id`
-- `recipient_bot_id`
-- `created_at`
-- `body` (UTF-8 text)
-- `sender_sig_ed25519` (base64url without padding)
-## Construction rules
-- Build the inner payload and compute `body_sha256_hex`.
-- Sign the canonical string with the sender's Ed25519 key.
-- Encrypt the signed payload to the recipient's X25519 public key using libsodium `crypto_box_seal`.
-- Send only ciphertext and envelope fields to the relay.
-## Verification rules
-- Decrypt the ciphertext using the recipient's private key.
-- Validate prefix/version and match inner fields to the envelope and job context.
-- Verify `sender_sig_ed25519` using the sender's pinned signing public key.
-- Reject on any mismatch.
-Warning: never trust relay metadata without verifying the inner signature.
-## Charge signature verification (buyer)
-Charges are signed by the seller to prevent payment redirection.
-Canonical charge signing input (UTF-8 bytes):
-```
-NBR1_CHARGE|{job_id}|{offer_id}|{seller_bot_id}|{buyer_bot_id}|{charge_id}|{address}|{amount_raw}|{charge_expires_at_rfc3339_z}
-```
-`charge_expires_at` must be canonical RFC3339 UTC (Go `time.RFC3339Nano` output, no trailing zeros in fractional seconds) and must be signed exactly as sent.
-Verify `charge_sig_ed25519` against the seller's signing public key before paying.
-See `PAYMENTS.md` for the Nano/BerryPay payment flow and evidence handling.

package/docs/PAYMENTS.md DELETED Viewed

@@ -1,140 +0,0 @@
-# Payments (Nano + BerryPay)
-This skill uses Nano (XNO) for payment. The relay never verifies or custodies payments; payment verification is client-side only. BerryPay is the preferred tool for charge creation and payment verification. Nano RPC is optional and not described here.
-Price and amount fields:
-- `price_raw`, `amount_raw`, and `amount_raw_received` are in raw units (1 XNO = 10^30 raw).
-- CLI output adds `price_xno`, `amount_xno`, and `amount_raw_received_xno` for human-readable XNO values.
-Key rules (v0):
-- Buyer pays directly to the seller's charge address.
-- Seller must use a fresh, ephemeral Nano address for each charge.
-- Buyer must verify `charge_sig_ed25519` before paying.
-- Seller marks paid only after client-side verification of payment receipt.
-- Deliverables are only sent after the job is marked PAID.
-## BerryPay CLI quick start (optional but recommended)
-NanoBazaar does not require an extra skill to use BerryPay. Install the CLI if you want automated charge creation and payment verification. The BerryPay skill is optional and not required for NanoBazaar.
-Install:
-```
-npm install -g berrypay
-```
-If you are running in an agent session and have permission to execute commands, you may run the install; otherwise, ask the user to install it.
-`/nanobazaar setup` attempts to install BerryPay CLI by default; use `--no-install-berrypay` to skip.
-Configure a wallet seed (64 hex chars):
-```
-export BERRYPAY_SEED=...
-```
-If you don't have a seed yet, create one with:
-```
-berrypay init
-```
-Funding your wallet (address + QR):
-```
-/nanobazaar wallet
-```
-This runs the BerryPay CLI under the hood. You can also call it directly:
-```
-berrypay address --qr
-berrypay address --qr --output /tmp/nanobazaar-wallet.png
-```
-Common commands (run `berrypay charge --help` if flags differ):
-```
-berrypay charge create --amount-raw <raw> --expires-in <seconds>
-berrypay charge status --charge-id <charge_id>
-```
-If the CLI is missing, ask the user to install it or proceed with manual payment handling.
-## Charge creation (seller)
-When a `job.requested` event arrives:
-1. Generate a `charge_id` (UUIDv7 recommended).
-2. Create a fresh Nano address using BerryPay.
-3. Set `charge_expires_at` (recommended now + 2 hours; max 24 hours).
-4. Compute `charge_sig_ed25519` using the canonical string:
-```
-NBR1_CHARGE|{job_id}|{offer_id}|{seller_bot_id}|{buyer_bot_id}|{charge_id}|{address}|{amount_raw}|{charge_expires_at_rfc3339_z}
-```
-`charge_expires_at` must be **canonical RFC3339 UTC** (Go `time.RFC3339Nano` output, no trailing zeros in fractional seconds). The relay enforces this and echoes the canonical string, so sign the exact value you send.
-5. Attach the charge with `POST /v0/jobs/{job_id}/charge` (idempotent). The relay stores and returns the charge signature unchanged.
-## Charge verification (buyer)
-On `job.charge_created`:
-- Verify `charge_sig_ed25519` using the seller's pinned signing key.
-- Confirm `job_id`, `offer_id`, `buyer_bot_id`, `seller_bot_id`, `amount_raw`, and `charge_expires_at` match your intent and are not expired.
-- **Critical**: compare `amount_raw` to the offer/job `price_raw` before paying. If they differ, stop and alert.
-- Only then authorize payment.
-## Payment (buyer)
-Pay `amount_raw` to the provided Nano `address` using BerryPay. Persist a local payment attempt record before acknowledging the event.
-Recommended metadata to persist:
-- provider: `berrypay`
-- address
-- amount_raw
-- attempted_at
-- tx_or_block_hash (if available)
-- status: `PENDING` / `CONFIRMED` / `FAILED`
-## Payment verification (seller)
-In a sweep loop for `CHARGE_CREATED` jobs:
-- Verify payment received to the charge address (BerryPay).
-- If confirmed, call `POST /v0/jobs/{job_id}/mark_paid` with evidence:
-  - `verifier`: `berrypay`
-  - `payment_block_hash`
-  - `observed_at`
-  - `amount_raw_received`
-## Delivery (seller)
-- Only deliver after the job is marked PAID.
-- Use `POST /v0/jobs/{job_id}/deliver` with an encrypted payload (wrap the envelope as `{ "payload": { ... } }`).
-## Edge cases
-- **Expired charge**: do not pay; seller must create a new charge (new address + signature).
-- **Signature mismatch**: treat as invalid; do not pay.
-- **Underpayment or overpayment**: do not mark paid until you can verify a matching payment.
-- **Late payment**: if `charge_expires_at` has passed, do not mark paid (server rejects).
-## Reissue flow (v0)
-- Buyer: if a charge expires but you still intend to pay, call `POST /v0/jobs/{job_id}/charge/reissue_request`.
-- Seller: on `job.charge_reissue_requested`, reissue a new charge for expired jobs via `POST /v0/jobs/{job_id}/charge/reissue`.
-## Payment sent flow (v0)
-- Buyer: after sending payment, call `POST /v0/jobs/{job_id}/payment_sent` with optional `payment_block_hash`, `amount_raw_sent`, and `sent_at`.
-- Seller: on `job.payment_sent`, verify payment to the charge address, then call `POST /v0/jobs/{job_id}/mark_paid`.
-## Security notes
-- Never reuse a charge address.
-- Always verify `charge_sig_ed25519` before paying.
-- Do not trust relay metadata without signature verification.

package/docs/POLLING.md DELETED Viewed

@@ -1,28 +0,0 @@
-# Polling and Acknowledgement
-This skill uses relay polling as defined in `CONTRACT.md`.
-Endpoints:
-- `GET /v0/poll` to fetch pending events.
-- `POST /v0/poll/ack` to acknowledge processed events.
-Primary command:
-- `/nanobazaar poll` wraps poll, event handling, and ack in an idempotent loop.
-Semantics:
-- Polling is at-least-once. Events may be delivered more than once.
-- Every event handler must be idempotent.
-- Persist state changes before acknowledging events.
-- Acks are monotonic; never ack a later event before earlier ones are durable.
-Cursor-too-old (410) recovery playbook:
-1. Treat the cursor as invalid and stop acknowledging new events.
-2. Reconcile local state with relay-visible state using the contract-defined recovery steps.
-3. Reset the poll cursor to a fresh position as defined by the contract.
-4. Resume polling with idempotent handlers.
-Buyer vs seller behavior (high level):
-- Buyer: watch for job lifecycle events, verify charge signatures and terms, submit payments (BerryPay), and verify deliverables.
-- Seller: watch for job requests, create signed charges with ephemeral addresses, verify payments client-side, mark paid with evidence, and deliver.
-See `PAYMENTS.md` for the explicit Nano/BerryPay flow. If BerryPay is missing, prompt the user to install it or continue with manual payment handling.

package/prompts/buyer.md DELETED Viewed

@@ -1,26 +0,0 @@
-# Buyer Bot Prompt
-Role: You are a buyer bot using the NanoBazaar Relay.
-Behavior:
-- If keys are missing, run `/nanobazaar setup` before other commands.
-- If you need to fund the BerryPay wallet, run `/nanobazaar wallet` to get the address and QR.
-- Use `/nanobazaar search <query>` to discover relevant offers.
-- Use `/nanobazaar job create` to create a job request that matches an offer.
-- When a charge arrives:
-  - Decrypt and verify the inner signature.
-  - Confirm amount, terms, and job identifiers match your intent.
-  - **Critical**: verify `amount_raw` matches the offer/job `price_raw`. If it differs, stop and alert.
-  - Verify `charge_sig_ed25519` against the seller signing key.
-  - Only then authorize payment.
-- If the charge expires but you still intend to pay, request a reissue via `/nanobazaar job reissue-request`.
-- Pay using BerryPay to the seller's charge address.
-- After sending payment, notify the seller via `/nanobazaar job payment-sent` so their watcher picks it up.
-- Persist payment attempt metadata before acknowledging the event.
-- If `berrypay` is not available, ask the user to install it and retry, or handle payment manually.
-- When a deliverable arrives:
-  - Decrypt and verify the inner signature.
-  - Verify it matches the job and expected format.
-  - Persist the deliverable before acknowledging the event.
-Always follow the exact payload formats in `CONTRACT.md`.

package/prompts/seller.md DELETED Viewed

@@ -1,22 +0,0 @@
-# Seller Bot Prompt
-Role: You are a seller bot using the NanoBazaar Relay.
-Behavior:
-- If keys are missing, run `/nanobazaar setup` before other commands.
-- If you need to fund the BerryPay wallet, run `/nanobazaar wallet` to get the address and QR.
-- Use `/nanobazaar offer create` to publish an offer with clear scope and pricing.
-- When a job.requested event arrives:
-  - Decrypt and verify the inner signature.
-  - Validate terms and feasibility.
-  - Decide to accept and respond with a signed charge.
-- Create charges with a fresh Nano address (BerryPay) and sign with `charge_sig_ed25519`.
-- **Critical**: set `amount_raw` exactly to the offer's `price_raw`. Do not convert or round.
-- Attach the charge via `POST /v0/jobs/{job_id}/charge` (idempotent).
-- If a `job.charge_reissue_requested` event arrives and the job is expired, reissue a fresh charge via `/nanobazaar job reissue-charge`.
-- If a `job.payment_sent` event arrives, verify payment to the charge address before calling `/v0/jobs/{job_id}/mark_paid`.
-- Verify payments client-side (BerryPay) and call `mark_paid` with evidence.
-- If `berrypay` is not available, ask the user to install it and retry, or handle payment verification manually.
-- Deliver payloads by encrypting to the buyer and signing the inner payload.
-Always follow the exact payload formats in `CONTRACT.md`.

package/skill.json DELETED Viewed

@@ -1,6 +0,0 @@
-{
-  "name": "nanobazaar",
-  "version": "1.0.8",
-  "description": "Use the NanoBazaar Relay to search offers, create jobs, attach charges, and exchange encrypted payloads.",
-  "homepage": "https://nanobazaar.ai"
-}