nebula-ai-agent 0.3.1

package/src/commands/trust.ts

@@ -0,0 +1,196 @@
+/**
+ * `nebula reputation` + `nebula validation` — ERC-8004 Reputation + Validation.
+ *
+ *   nebula reputation show [<agentId>]
+ *   nebula reputation give --agent <id> --score <0-100> [--tag t] [--uri u]
+ *   nebula validation show <requestId>
+ *   nebula validation request --agent <id> --data <str> [--uri u]
+ *   nebula validation respond --id <reqId> --passed <true|false> [--score n] [--uri u]
+ */
+import { cancel, intro, outro, spinner } from '@clack/prompts'
+import {
+  NETWORK_RPC,
+  agentIdByAddress,
+  explorerTxUrl,
+  getReputation,
+  getValidation,
+  giveFeedback,
+  requestValidation,
+  resolveRegistryAddress,
+  resolveReputationRegistry,
+  resolveValidationRegistry,
+  respondValidation,
+} from 'nebula-ai-core'
+import { http, type Address, createPublicClient, keccak256, toHex } from 'viem'
+import { findAndLoadConfig } from '../config/load'
+import { loadOrPickOperatorSigner } from './init/operator-picker'
+
+function flag(argv: string[], name: string): string | undefined {
+  const i = argv.indexOf(name)
+  return i >= 0 ? argv[i + 1] : undefined
+}
+
+export interface TrustArgs {
+  kind: 'reputation' | 'validation'
+  sub: string
+  argv: string[]
+}
+
+export function parseTrustArgs(
+  kind: 'reputation' | 'validation',
+  argv: string[],
+): TrustArgs | { error: string } {
+  const sub = argv[0] ?? ''
+  const valid = kind === 'reputation' ? ['show', 'give'] : ['show', 'request', 'respond']
+  if (!valid.includes(sub))
+    return { error: `unknown subcommand '${sub || '(none)'}' — try: ${valid.join(' | ')}` }
+  return { kind, sub, argv: argv.slice(1) }
+}
+
+export async function runTrust(args: TrustArgs): Promise<void> {
+  const loaded = await findAndLoadConfig()
+  if (!loaded) {
+    console.error('No nebula.config.ts found. Run `nebula init` first.')
+    process.exit(1)
+  }
+  const { config } = loaded
+  const network = config.network
+  const publicClient = createPublicClient({ transport: http(NETWORK_RPC[network]) })
+  const repReg = resolveReputationRegistry(network)
+  const valReg = resolveValidationRegistry(network)
+  const idReg = resolveRegistryAddress(network)
+
+  // ── reads ──
+  if (args.kind === 'reputation' && args.sub === 'show') {
+    if (!repReg) return fail(`No Reputation Registry for ${network}.`)
+    let id = flag(args.argv, '--agent') ?? args.argv.find(a => !a.startsWith('--'))
+    if (!id) {
+      if (!idReg || !config.identity.agent) return fail('Pass an <agentId>.')
+      const resolved = await agentIdByAddress({
+        publicClient,
+        registry: idReg,
+        agentAddress: config.identity.agent as Address,
+      })
+      if (resolved === 0n)
+        return void console.log('this agent is not registered; run `nebula identity register`')
+      id = resolved.toString()
+    }
+    const { count, averageScore } = await getReputation({
+      publicClient,
+      registry: repReg,
+      agentId: BigInt(id),
+    })
+    console.log(`agent id      ${id}`)
+    console.log(`ratings       ${count}`)
+    console.log(`avg score     ${averageScore} / 100`)
+    return
+  }
+  if (args.kind === 'validation' && args.sub === 'show') {
+    if (!valReg) return fail(`No Validation Registry for ${network}.`)
+    const reqId = flag(args.argv, '--id') ?? args.argv.find(a => !a.startsWith('--'))
+    if (!reqId) return fail('Pass a <requestId>.')
+    const v = await getValidation({ publicClient, registry: valReg, requestId: BigInt(reqId) })
+    console.log(`request id    ${reqId}`)
+    console.log(`agent id      ${v.agentId.toString()}`)
+    console.log(`requester     ${v.requester}`)
+    console.log(`status        ${v.responded ? (v.passed ? 'PASSED' : 'FAILED') : 'pending'}`)
+    if (v.responded) {
+      console.log(`validator     ${v.validator}`)
+      console.log(`score         ${v.score} / 100`)
+    }
+    return
+  }
+
+  // ── writes (need the operator wallet) ──
+  intro(`nebula ${args.kind} ${args.sub}`)
+  const operator = await loadOrPickOperatorSigner({ network, hint: config.operator })
+  if (!operator) return cancel('No operator wallet available.')
+  const walletClient = await operator.walletClient(network)
+  const s = spinner()
+  try {
+    if (args.kind === 'reputation' && args.sub === 'give') {
+      if (!repReg) throw new Error(`No Reputation Registry for ${network}.`)
+      const agentId = BigInt(
+        flag(args.argv, '--agent') ??
+          (() => {
+            throw new Error('--agent <id> required')
+          })(),
+      )
+      const score = Number(
+        flag(args.argv, '--score') ??
+          (() => {
+            throw new Error('--score <0-100> required')
+          })(),
+      )
+      s.start('Recording reputation feedback on-chain')
+      const { txHash } = await giveFeedback({
+        walletClient,
+        publicClient,
+        registry: repReg,
+        agentId,
+        score,
+        tag: flag(args.argv, '--tag') ?? '',
+        uri: flag(args.argv, '--uri') ?? '',
+      })
+      s.stop('feedback recorded')
+      outro(`tx ${explorerTxUrl(network, txHash)}`)
+    } else if (args.kind === 'validation' && args.sub === 'request') {
+      if (!valReg) throw new Error(`No Validation Registry for ${network}.`)
+      const agentId = BigInt(
+        flag(args.argv, '--agent') ??
+          (() => {
+            throw new Error('--agent <id> required')
+          })(),
+      )
+      const data =
+        flag(args.argv, '--data') ??
+        (() => {
+          throw new Error('--data <string|0xhash> required')
+        })()
+      const dataHash = /^0x[0-9a-fA-F]{64}$/.test(data)
+        ? (data as `0x${string}`)
+        : keccak256(toHex(data))
+      s.start('Opening validation request on-chain')
+      const { requestId, txHash } = await requestValidation({
+        walletClient,
+        publicClient,
+        registry: valReg,
+        agentId,
+        dataHash,
+        uri: flag(args.argv, '--uri') ?? '',
+      })
+      s.stop(`request id ${requestId.toString()}`)
+      outro(`tx ${explorerTxUrl(network, txHash)}`)
+    } else if (args.kind === 'validation' && args.sub === 'respond') {
+      if (!valReg) throw new Error(`No Validation Registry for ${network}.`)
+      const requestId = BigInt(
+        flag(args.argv, '--id') ??
+          (() => {
+            throw new Error('--id <requestId> required')
+          })(),
+      )
+      const passed = (flag(args.argv, '--passed') ?? 'true') !== 'false'
+      s.start('Publishing validation response on-chain')
+      const { txHash } = await respondValidation({
+        walletClient,
+        publicClient,
+        registry: valReg,
+        requestId,
+        passed,
+        score: Number(flag(args.argv, '--score') ?? '0'),
+        uri: flag(args.argv, '--uri') ?? '',
+      })
+      s.stop('response published')
+      outro(`tx ${explorerTxUrl(network, txHash)}`)
+    }
+  } catch (e) {
+    s.stop(`failed: ${(e as Error).message.slice(0, 200)}`)
+  } finally {
+    await operator.close?.()
+  }
+}
+
+function fail(msg: string): void {
+  console.error(msg)
+  process.exit(1)
+}

package/src/config/load.ts

@@ -0,0 +1,35 @@
+import { existsSync } from 'node:fs'
+import { resolve } from 'node:path'
+import { type NebulaConfig, agentPaths } from 'nebula-ai-core'
+
+/**
+ * Load the user's `nebula.config.ts`.
+ *
+ * Phase 6.6: canonical location is `~/.nebula/config.ts` (returned by
+ * `agentPaths.config`). If that file exists, it wins. Otherwise, fall back
+ * to walking upward from cwd looking for `nebula.config.ts` (legacy v0.5.0
+ * pattern, kept so existing dev setups still work without a migration step).
+ */
+export async function findAndLoadConfig(
+  startDir: string = process.cwd(),
+): Promise<{ config: NebulaConfig; path: string } | null> {
+  const canonical = agentPaths.config
+  if (existsSync(canonical)) {
+    const mod = (await import(canonical)) as { default: NebulaConfig }
+    if (!mod.default) throw new Error(`nebula config at ${canonical} has no default export`)
+    return { config: mod.default, path: canonical }
+  }
+
+  let dir = resolve(startDir)
+  while (true) {
+    const candidate = resolve(dir, 'nebula.config.ts')
+    if (existsSync(candidate)) {
+      const mod = (await import(candidate)) as { default: NebulaConfig }
+      if (!mod.default) throw new Error(`nebula.config.ts at ${candidate} has no default export`)
+      return { config: mod.default, path: candidate }
+    }
+    const parent = resolve(dir, '..')
+    if (parent === dir) return null
+    dir = parent
+  }
+}

package/src/config/render.ts

@@ -0,0 +1,99 @@
+import { mkdir, writeFile } from 'node:fs/promises'
+import { dirname } from 'node:path'
+import type { NebulaConfig } from 'nebula-ai-core'
+
+export interface RenderConfigOpts {
+  header?: string
+}
+
+/**
+ * Serialize an NebulaConfig into a `~/.nebula/config.ts` file body.
+ *
+ * Phase 6.6: the config lives at `~/.nebula/config.ts` which is outside any
+ * workspace, so it MUST NOT import `nebula-ai-core` (the import won't
+ * resolve from `~/.nebula/`). We emit a plain `export default { ... }` object;
+ * the runtime loader treats it as `NebulaConfig` directly.
+ */
+export function renderConfigTs(cfg: NebulaConfig, opts: RenderConfigOpts = {}): string {
+  const header = opts.header ?? ''
+  const operatorLine = cfg.operator ? `  operator: ${JSON.stringify(cfg.operator)},\n` : ''
+  // Emit either the operator's chosen sandbox config OR an annotated
+  // "OPTION 1/2/3" block so the operator can opt in by uncommenting. Default
+  // mode stays `none` (passthrough); documentation IS the UX.
+  const sandboxBlock = renderSandboxBlock(cfg.sandbox)
+  return `${header ? `${header}\n\n` : ''}export default {
+  identity: ${JSON.stringify(cfg.identity)},
+  network: ${JSON.stringify(cfg.network)},
+  storage: { network: ${JSON.stringify(cfg.storage.network)} },
+  brain: {
+    provider: ${JSON.stringify(cfg.brain.provider)},
+    model: ${JSON.stringify(cfg.brain.model)},
+  },
+  plugins: ${JSON.stringify(cfg.plugins)},
+  tools: ${JSON.stringify(cfg.tools)},
+  imports: { claudeCode: ${cfg.imports.claudeCode} },
+${operatorLine}${sandboxBlock}}
+`
+}
+
+function renderSandboxBlock(sandbox: NebulaConfig['sandbox']): string {
+  // Phase 11: deploy-target sandbox metadata (id/providerAddress/endpoint/
+  // snapshotName) OR Phase 9.5 limb-sandbox mode = anything non-default → emit
+  // verbatim. Only surface the doc-comment template when the operator has
+  // touched neither.
+  const hasNonDefaultLimbMode = sandbox?.mode && sandbox.mode !== 'none'
+  if (hasNonDefaultLimbMode) {
+    return `  sandbox: ${JSON.stringify(sandbox, null, 2).replace(/\n/g, '\n  ')},\n`
+  }
+  // Fresh install: write the active default + commented examples for the
+  // other tiers. Operator can opt in by uncommenting and editing.
+  return `  sandbox: { mode: 'none' },
+  // ---------------------------------------------------------------------------
+  //  Limb sandbox (Phase 9.5). Defense-in-depth beneath the permission floor:
+  //  even when the modal grants 'allow session' or YOLO disables prompts,
+  //  the sandbox profile/container blocks writes outside an allowlist.
+  //  All shell.run / code.execute / shell.process_start spawns route through
+  //  the chosen backend. fs.* and browser.* still run on the host (PathGuard
+  //  applies). Override at runtime via NEBULA_SANDBOX_MODE=os|docker|none.
+  //
+  //  OPTION 1: none (default): passthrough, fastest, permission floor only.
+  //
+  //  OPTION 2: os (macOS sandbox-exec / seatbelt). Allows writes to agentDir +
+  //    cwd + /tmp/nebula-* + /var/folders. Denies reads of ~/.ssh, ~/.aws,
+  //    ~/Library/Keychains, ~/.config/gcloud. Linux bubblewrap pending.
+  //  sandbox: { mode: 'os' },
+  //
+  //  OPTION 3: docker (long-lived container per session), every shell-class
+  //    spawn through 'docker exec'. Auto-detects Docker Desktop or Podman.
+  //    Default image 'nikolaik/python-nodejs:python3.11-nodejs20' (matches
+  //    hermes; ~700 MB; bash + python3 + node + npm + git on standard PATH).
+  //    Override with 'oven/bun:1' (~250 MB) if you only need bun/ts.
+  //    'dockerMountWorkspace: true' bind-mounts your launch cwd into
+  //    /workspace (off by default for max isolation). 'dockerRuntimePath'
+  //    forces a specific runtime binary. Resource caps are unset by default
+  //    (container competes fairly with host work). Set them to mirror hermes'
+  //    production hardening: dockerCpu=1, dockerMemoryMb=5120, dockerDiskMb=
+  //    51200 (Linux+overlay2 only). dockerNoNetwork=true blocks all internet
+  //    access from the container (max paranoia for code.execute).
+  //  sandbox: {
+  //    mode: 'docker',
+  //    dockerImage: 'nikolaik/python-nodejs:python3.11-nodejs20',
+  //    dockerMountWorkspace: false,
+  //    // dockerRuntimePath: '/opt/homebrew/bin/podman',
+  //    // dockerCpu: 1,           // CPU cores cap
+  //    // dockerMemoryMb: 5120,   // 5 GB memory cap
+  //    // dockerDiskMb: 51200,    // 50 GB disk cap (Linux + overlay2 only)
+  //    // dockerNoNetwork: true,  // block all network from inside container
+  //  },
+  // ---------------------------------------------------------------------------
+`
+}
+
+export async function writeConfigTs(
+  path: string,
+  cfg: NebulaConfig,
+  opts: RenderConfigOpts = {},
+): Promise<void> {
+  await mkdir(dirname(path), { recursive: true })
+  await writeFile(path, renderConfigTs(cfg, opts), 'utf8')
+}

package/src/index.ts

@@ -0,0 +1,184 @@
+/**
+ * CLI argv dispatch. No subcommand → chat REPL, otherwise route to
+ * commands/<name>.
+ */
+
+const argv = process.argv.slice(2)
+// First arg starting with `--` means the user invoked the default subcommand
+// (chat) with flags, e.g. `nebula --yolo`. Treat it as if `chat` were implicit.
+// Exception: `--help` and `--version` are top-level commands, not chat flags.
+const first = argv[0]
+const isTopLevelFlag = first === '--help' || first === '--version'
+const sub = first?.startsWith('--') && !isTopLevelFlag ? 'chat' : first
+
+async function main(): Promise<void> {
+  switch (sub) {
+    case undefined:
+    case 'chat': {
+      const { runChat } = await import('./commands/chat')
+      await runChat({ yolo: argv.includes('--yolo') })
+      return
+    }
+    case 'init': {
+      const { runInit } = await import('./commands/init')
+      await runInit()
+      return
+    }
+    case 'status': {
+      const { runStatus } = await import('./commands/status')
+      await runStatus()
+      return
+    }
+    case 'login': {
+      const { runLogin } = await import('./commands/login')
+      await runLogin()
+      return
+    }
+    case 'logout': {
+      const { runLogout } = await import('./commands/login')
+      await runLogout()
+      return
+    }
+    case 'agent': {
+      const { runAgentWallet } = await import('./commands/agent-wallet')
+      await runAgentWallet()
+      return
+    }
+    case 'logs': {
+      const { runLogs } = await import('./commands/logs')
+      const tailIdx = argv.indexOf('--tail')
+      const tail = tailIdx >= 0 ? Number(argv[tailIdx + 1]) : undefined
+      const agentIdx = argv.indexOf('--agent')
+      const agent = agentIdx >= 0 ? argv[agentIdx + 1] : undefined
+      await runLogs({ agent, tail })
+      return
+    }
+    case 'model': {
+      const { runModel } = await import('./commands/model')
+      await runModel()
+      return
+    }
+    case 'drain': {
+      const toIdx = argv.indexOf('--to')
+      const to = toIdx >= 0 ? argv[toIdx + 1] : undefined
+      const yes = argv.includes('--yes') || argv.includes('-y')
+      const { runDrain } = await import('./commands/drain')
+      await runDrain({ to, yes })
+      return
+    }
+    case 'identity': {
+      const { parseIdentityArgs, runIdentity } = await import('./commands/identity')
+      const parsed = parseIdentityArgs(argv.slice(1))
+      if ('error' in parsed) {
+        console.error(`nebula identity: ${parsed.error}`)
+        process.exit(1)
+      }
+      await runIdentity(parsed)
+      return
+    }
+    case 'reputation':
+    case 'validation': {
+      const { parseTrustArgs, runTrust } = await import('./commands/trust')
+      const parsed = parseTrustArgs(sub, argv.slice(1))
+      if ('error' in parsed) {
+        console.error(`nebula ${sub}: ${parsed.error}`)
+        process.exit(1)
+      }
+      await runTrust(parsed)
+      return
+    }
+    case 'telegram': {
+      const { parseTelegramArgs, runTelegram } = await import('./commands/telegram')
+      const parsed = parseTelegramArgs(argv.slice(1))
+      if ('error' in parsed) {
+        console.error(`nebula telegram: ${parsed.error}`)
+        process.exit(1)
+      }
+      await runTelegram(parsed)
+      return
+    }
+    case 'pairing': {
+      const { parsePairingArgs, runPairing } = await import('./commands/pairing')
+      const parsed = parsePairingArgs(argv.slice(1))
+      if ('error' in parsed) {
+        console.error(`nebula pairing: ${parsed.error}`)
+        process.exit(1)
+      }
+      await runPairing(parsed)
+      return
+    }
+    case 'gateway': {
+      const { parseGatewayArgs, runGateway } = await import('./commands/gateway')
+      const parsed = parseGatewayArgs(argv.slice(1))
+      if ('error' in parsed) {
+        console.error(`nebula gateway: ${parsed.error}`)
+        process.exit(1)
+      }
+      await runGateway(parsed)
+      return
+    }
+    case '-h':
+    case '--help':
+    case 'help': {
+      printHelp()
+      return
+    }
+    case '-v':
+    case '--version':
+    case 'version': {
+      const { resolveCliVersion } = await import('./util/cli-version')
+      const v = await resolveCliVersion()
+      console.log(v)
+      return
+    }
+    default: {
+      console.log(`Unknown command: ${sub}`)
+      printHelp()
+      process.exit(1)
+    }
+  }
+}
+
+function printHelp(): void {
+  console.log(
+    [
+      'nebula: a Mantle-native, policy-aware AI treasury assistant',
+      '',
+      'Commands:',
+      '  nebula init                bootstrap a new agent identity + local keystore',
+      '  nebula [--yolo]            interactive chat with your agent (default; --yolo skips approvals)',
+      '  nebula status              show agent + wallet + config state',
+      '  nebula login               unlock with a password profile (no per-command operator sign)',
+      '  nebula logout              clear the login session',
+      '  nebula agent               show your deterministic agent wallet (same as the web console)',
+      '  nebula logs                tail the activity log  (flags: --tail N, --agent <id>)',
+      '  nebula drain --to <addr>   sweep agent EOA balance to address (default: operator)',
+      '  nebula model               re-pick the brain model',
+      '  nebula identity <sub>      ERC-8004 agent identity  (subs: card | register | show)',
+      '  nebula reputation <sub>    ERC-8004 reputation  (subs: show | give)',
+      '  nebula validation <sub>    ERC-8004 validation  (subs: show | request | respond)',
+      '  nebula telegram <sub>      configure phone-DM gateway  (subs: setup | status | remove)',
+      '  nebula pairing <sub>       manage DM pairing approvals (subs: list | approve | revoke | clear-pending)',
+      '                            usage: nebula pairing approve telegram <code>',
+      '  nebula gateway <sub>       always-on agent gateway daemon  (subs: run | start | stop | restart | status | logs)',
+      '                            run = foreground, start = bg + Touch ID, stop = SIGTERM via lock',
+      '  nebula version             print CLI version  (aliases: --version, -v)',
+      '  nebula help                show this message  (aliases: --help, -h)',
+      '',
+    ].join('\n'),
+  )
+}
+
+main()
+  .then(() => {
+    // Force-exit on success because some SDKs (e.g. the WalletConnect relay)
+    // leak open handles (websockets, heartbeat timers) we have no hooks to
+    // drain. Without this, one-shot commands like `nebula init` would hang at
+    // the prompt indefinitely after their work completed. `chat` returns only
+    // when the user actually quits, so this also gives chat a clean exit.
+    process.exit(0)
+  })
+  .catch(e => {
+    console.error('fatal:', (e as Error).message)
+    process.exit(1)
+  })

package/src/profile/crypto.ts

@@ -0,0 +1,68 @@
+/**
+ * Password-based encryption for the CLI profile. The agent private key is
+ * encrypted at rest with a key derived from the operator's password via scrypt,
+ * sealed with AES-256-GCM (authenticated — a wrong password fails to decrypt
+ * rather than returning garbage). No plaintext key is ever written to the
+ * profile file.
+ */
+import { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'node:crypto'
+
+export interface ProfileCipher {
+  v: 1
+  kdf: 'scrypt'
+  /** scrypt cost params. */
+  n: number
+  r: number
+  p: number
+  salt: string // hex
+  iv: string // hex
+  ct: string // hex (ciphertext)
+  tag: string // hex (GCM auth tag)
+}
+
+const N = 1 << 15 // 32768
+const R = 8
+const P = 1
+const KEYLEN = 32
+// 128 * N * r ≈ 33.5 MB; default maxmem (32 MB) is just under, so bump it.
+const MAXMEM = 96 * 1024 * 1024
+
+function deriveKey(password: string, salt: Buffer): Buffer {
+  return scryptSync(password.normalize('NFKC'), salt, KEYLEN, { N, r: R, p: P, maxmem: MAXMEM })
+}
+
+/** Encrypt a secret string (e.g. a 0x private key) under a password. */
+export function encryptSecret(secret: string, password: string): ProfileCipher {
+  const salt = randomBytes(16)
+  const iv = randomBytes(12)
+  const key = deriveKey(password, salt)
+  const cipher = createCipheriv('aes-256-gcm', key, iv)
+  const ct = Buffer.concat([cipher.update(secret, 'utf8'), cipher.final()])
+  const tag = cipher.getAuthTag()
+  return {
+    v: 1,
+    kdf: 'scrypt',
+    n: N,
+    r: R,
+    p: P,
+    salt: salt.toString('hex'),
+    iv: iv.toString('hex'),
+    ct: ct.toString('hex'),
+    tag: tag.toString('hex'),
+  }
+}
+
+/** Decrypt a ProfileCipher with a password. Throws on a wrong password (GCM auth failure). */
+export function decryptSecret(blob: ProfileCipher, password: string): string {
+  const salt = Buffer.from(blob.salt, 'hex')
+  const key = scryptSync(password.normalize('NFKC'), salt, KEYLEN, {
+    N: blob.n,
+    r: blob.r,
+    p: blob.p,
+    maxmem: MAXMEM,
+  })
+  const decipher = createDecipheriv('aes-256-gcm', key, Buffer.from(blob.iv, 'hex'))
+  decipher.setAuthTag(Buffer.from(blob.tag, 'hex'))
+  const out = Buffer.concat([decipher.update(Buffer.from(blob.ct, 'hex')), decipher.final()])
+  return out.toString('utf8')
+}

package/src/profile/derive.ts

@@ -0,0 +1,25 @@
+/**
+ * Deterministic agent wallet derivation — MUST stay byte-for-byte identical to
+ * the web (apps/web/lib/agent-wallet.ts) so the same operator/main wallet
+ * resolves to the SAME agent wallet in the CLI and the browser.
+ *
+ * The operator signs the fixed message; keccak256 of that signature is the agent
+ * private key. Relies on deterministic (RFC-6979) ECDSA, which viem and most
+ * wallets use.
+ */
+import { type Hex, keccak256 } from 'viem'
+import { privateKeyToAccount } from 'viem/accounts'
+
+// KEEP IN SYNC with apps/web/lib/agent-wallet.ts AGENT_DERIVE_MESSAGE.
+export const AGENT_DERIVE_MESSAGE =
+  'nebula · derive my agent wallet (v1)\n\n' +
+  'Signing this proves you own this wallet and unlocks your deterministic Mantle ' +
+  'agent wallet. This signature IS your agent key — only ever sign it on nebula.'
+
+export function deriveAgentKeyFromSignature(signature: Hex): Hex {
+  return keccak256(signature)
+}
+
+export function deriveAgentAccountFromSignature(signature: Hex) {
+  return privateKeyToAccount(deriveAgentKeyFromSignature(signature))
+}