neozip-mcp 0.1.0-beta

package/dist/connection/onboarding.js

@@ -0,0 +1,524 @@
+import { provisionWalletIdentityKey } from "../account/identity-provision.js";
+import { registerEmailCli, exchangeMagicLinkToken, requestPhoneOtp, runWalletEnsureAndAttach, verifyEmailAndExtractToken, verifyPhoneOtp, } from "../account/token-service-identity.js";
+import { generateEvmIdentity } from "../account/wallet-evm.js";
+import { assertCoordinatorWrapSupported, fetchCoordinatorConfigParsed, } from "./coordinator.js";
+import { activeWalletContext, createLocalWalletIdentity, importWalletFromMnemonic, importWalletFromPrivateKey, requirePhonePreconditions, requireWalletPreconditions, saveImportedWallet, validateWalletImportAgainstServer, WALLET_SETUP_HINT, walletAlreadyConfigured, } from "./wallet-setup.js";
+import { migrateFromMcpProfileStore, hasLegacyMcpProfiles } from "./migrate.js";
+import { extractEmailCodePair, normalizeMagicLinkTokenInput, } from "./magic-link.js";
+import { buildAllAccountDetails, buildAccountDetails, } from "./status-report.js";
+import { computeConnectionPhase, computeConnectionPhaseForId, nextConnectCommand, resolveConnectionPhase } from "./phase.js";
+import { resolveTokenServiceOrigin } from "./origin.js";
+import { isPhoneVerified, needsPhoneVerification, validatePhoneE164, } from "./phone.js";
+import { applyActiveConnectionToEnv, deleteConnection, ensureActiveConnection, getActiveConnection, getConnectionDir, logoutConnection, readActiveConnectionSecrets, saveAccessToken, saveEvmWallet, saveIdentityProvision, savePhoneVerified, saveWalletLink, selectConnection, updateConnection, } from "./store.js";
+function result(phase, extra = {}) {
+    const meta = getActiveConnection();
+    return {
+        success: phase === "ready",
+        phase,
+        connectionId: meta?.id ?? null,
+        tokenServiceOrigin: meta?.tokenServiceOrigin ?? resolveTokenServiceOrigin(),
+        nextCommand: nextConnectCommand(phase, {
+            email: meta?.email,
+            phoneE164: meta?.phoneE164,
+        }),
+        ...extra,
+    };
+}
+export async function connectStatus(options) {
+    if (options?.autoMigrate !== false && hasLegacyMcpProfiles()) {
+        migrateFromMcpProfileStore();
+    }
+    const origin = resolveTokenServiceOrigin(options?.tokenServiceUrl);
+    ensureActiveConnection({ tokenServiceUrl: origin });
+    const phase = await resolveConnectionPhase(origin);
+    const reachable = await fetchCoordinatorConfigParsed(origin);
+    const reportPhase = reachable === null && phase !== "ready" ? "degraded" : phase;
+    const accounts = options?.verbose ? buildAllAccountDetails() : undefined;
+    const active = getActiveConnection();
+    return {
+        ...result(reportPhase, {
+            message: reportPhase === "degraded"
+                ? "Token Service unreachable."
+                : reportPhase === "ready"
+                    ? "Connection ready."
+                    : undefined,
+        }),
+        connectionId: active?.id ?? null,
+        tokenServiceOrigin: origin,
+        accounts,
+    };
+}
+export async function connectRegister(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input.tokenServiceUrl);
+    const email = input.email.trim().toLowerCase();
+    ensureActiveConnection({ label: input.label, tokenServiceUrl: origin });
+    const reg = await registerEmailCli(origin, email);
+    if (!reg.success) {
+        return result("degraded", {
+            success: false,
+            message: reg.error ?? "Failed to send verification email.",
+        });
+    }
+    return result("awaiting_code", {
+        success: true,
+        message: input.resend
+            ? `Verification code re-sent to ${email}. Run neozip-connect verify with the 6-digit code.`
+            : "Verification code sent. Run neozip-connect verify with the 6-digit code.",
+    });
+}
+async function finalizeEmailVerification(origin, connId, accessToken, email, expiresAt) {
+    saveAccessToken(connId, accessToken, email, expiresAt);
+    applyActiveConnectionToEnv();
+    const updated = getActiveConnection();
+    if (await needsPhoneVerification(updated, origin)) {
+        return result("phone_required", {
+            success: true,
+            message: "Email verified. Run neozip-connect phone request --phone +14155551234, then phone verify with the SMS code.",
+        });
+    }
+    const phase = computeConnectionPhase();
+    return result(phase, {
+        success: true,
+        message: phase === "ready"
+            ? "Email verified and connection ready."
+            : "Email verified. Configure a Data Wallet, then run neozip-connect finish.",
+    });
+}
+export async function connectVerify(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input.tokenServiceUrl);
+    const conn = ensureActiveConnection({ tokenServiceUrl: origin });
+    let email = input.email?.trim().toLowerCase();
+    let code = input.code?.trim();
+    if (input.magicToken?.trim()) {
+        const pair = extractEmailCodePair(input.magicToken);
+        email = email ?? pair.email;
+        code = code ?? pair.code;
+        if (!email || !code) {
+            const opaque = normalizeMagicLinkTokenInput(input.magicToken);
+            if (opaque) {
+                try {
+                    const exchanged = await exchangeMagicLinkToken(origin, opaque);
+                    return finalizeEmailVerification(origin, conn.id, exchanged.accessToken, exchanged.email, exchanged.expiresAt);
+                }
+                catch (err) {
+                    return result("awaiting_code", {
+                        success: false,
+                        message: err instanceof Error ? err.message : String(err),
+                    });
+                }
+            }
+        }
+    }
+    if (!email || !code) {
+        return result("awaiting_code", {
+            success: false,
+            message: "Provide --email and --code, or --magic-token (full link, email=…&code=…, or opaque token).",
+        });
+    }
+    try {
+        const verified = await verifyEmailAndExtractToken(origin, email, code);
+        return finalizeEmailVerification(origin, conn.id, verified.accessToken, verified.email, verified.expiresAt);
+    }
+    catch (err) {
+        return result("awaiting_code", {
+            success: false,
+            message: err instanceof Error ? err.message : String(err),
+        });
+    }
+}
+export function connectSelect(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    try {
+        const meta = selectConnection(input.connectionId.trim());
+        applyActiveConnectionToEnv();
+        return result(computeConnectionPhase(), {
+            success: true,
+            message: `Active connection: ${meta.label} (${meta.id})`,
+            accounts: [buildAccountDetails(meta, meta.id)],
+        });
+    }
+    catch (err) {
+        return result(computeConnectionPhase(), {
+            success: false,
+            message: err instanceof Error ? err.message : String(err),
+        });
+    }
+}
+export function connectRename(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const id = input.connectionId?.trim() || getActiveConnection()?.id;
+    if (!id) {
+        return result("no_profile", {
+            success: false,
+            message: "No connection to rename.",
+        });
+    }
+    const nextLabel = input.label.trim();
+    if (!nextLabel) {
+        return result(computeConnectionPhase(), {
+            success: false,
+            message: "Label is required.",
+        });
+    }
+    try {
+        const meta = updateConnection(id, { label: nextLabel });
+        return result(computeConnectionPhaseForId(id), {
+            success: true,
+            message: `Renamed connection to "${meta.label}".`,
+            accounts: [buildAccountDetails(meta, getActiveConnection()?.id ?? null)],
+        });
+    }
+    catch (err) {
+        return result(computeConnectionPhase(), {
+            success: false,
+            message: err instanceof Error ? err.message : String(err),
+        });
+    }
+}
+export async function connectPhoneRequest(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input.tokenServiceUrl);
+    const conn = ensureActiveConnection({ tokenServiceUrl: origin });
+    const secrets = readActiveConnectionSecrets();
+    if (!secrets?.accessToken || !conn.emailVerified) {
+        return result("email_unverified", {
+            success: false,
+            message: "Verify email first. Run neozip-connect verify.",
+        });
+    }
+    if (isPhoneVerified(conn)) {
+        const phase = computeConnectionPhase();
+        return result(phase, {
+            success: true,
+            message: "Phone already verified.",
+        });
+    }
+    try {
+        validatePhoneE164(input.phone);
+    }
+    catch (err) {
+        return result("phone_required", {
+            success: false,
+            message: err instanceof Error ? err.message : String(err),
+        });
+    }
+    const otp = await requestPhoneOtp(origin, secrets.accessToken, input.phone);
+    if (!otp.success) {
+        return result("phone_required", {
+            success: false,
+            message: otp.error ?? "Failed to send phone verification SMS.",
+        });
+    }
+    return result("phone_required", {
+        success: true,
+        message: `SMS code sent to ${input.phone.trim()}. Run neozip-connect phone verify --phone ${input.phone.trim()} --code <6-digit-code>.`,
+    });
+}
+export async function connectPhoneVerify(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input.tokenServiceUrl);
+    const conn = ensureActiveConnection({ tokenServiceUrl: origin });
+    const secrets = readActiveConnectionSecrets();
+    if (!secrets?.accessToken || !conn.emailVerified) {
+        return result("email_unverified", {
+            success: false,
+            message: "Verify email first. Run neozip-connect verify.",
+        });
+    }
+    try {
+        validatePhoneE164(input.phone);
+    }
+    catch (err) {
+        return result("phone_required", {
+            success: false,
+            message: err instanceof Error ? err.message : String(err),
+        });
+    }
+    const verified = await verifyPhoneOtp(origin, secrets.accessToken, input.phone, input.code);
+    if (!verified.success) {
+        return result("phone_required", {
+            success: false,
+            message: verified.error ?? "Phone verification failed.",
+        });
+    }
+    savePhoneVerified(conn.id, input.phone);
+    applyActiveConnectionToEnv();
+    const phase = computeConnectionPhase();
+    return result(phase, {
+        success: true,
+        message: phase === "ready"
+            ? "Phone verified and connection ready."
+            : "Phone verified. Configure a Data Wallet, then run neozip-connect finish.",
+    });
+}
+export async function connectWalletCreate(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input.tokenServiceUrl);
+    ensureActiveConnection({ tokenServiceUrl: origin });
+    const { conn, secrets } = activeWalletContext();
+    try {
+        requireWalletPreconditions(conn, secrets);
+        await requirePhonePreconditions(conn, origin);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        const phase = message.includes("Phone") ? "phone_required" : "email_unverified";
+        return result(phase, { success: false, message });
+    }
+    if (walletAlreadyConfigured(conn, secrets)) {
+        const phase = computeConnectionPhase();
+        return result(phase, {
+            success: true,
+            message: `Data Wallet already configured (${conn.evmAddress}). Run neozip-connect finish.`,
+        });
+    }
+    if (!input.ackBackup) {
+        return result("no_wallet", {
+            success: false,
+            message: "Creating a wallet requires --ack-backup (recovery phrase is shown once on stderr). " +
+                WALLET_SETUP_HINT,
+        });
+    }
+    const evm = createLocalWalletIdentity();
+    console.error(`
+Back up your Data Wallet recovery phrase (shown once):
+Address: ${evm.address}
+
+Recovery phrase:
+${evm.mnemonic}
+`);
+    saveImportedWallet(conn.id, evm);
+    applyActiveConnectionToEnv();
+    const phase = computeConnectionPhase();
+    return result(phase, {
+        success: true,
+        message: `Data Wallet created (${evm.address}). Run neozip-connect finish.`,
+    });
+}
+export async function connectWalletImportMnemonic(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input.tokenServiceUrl);
+    ensureActiveConnection({ tokenServiceUrl: origin });
+    const { conn, secrets } = activeWalletContext();
+    try {
+        requireWalletPreconditions(conn, secrets);
+        await requirePhonePreconditions(conn, origin);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        const phase = message.includes("Phone") ? "phone_required" : "email_unverified";
+        return result(phase, { success: false, message });
+    }
+    if (walletAlreadyConfigured(conn, secrets)) {
+        const phase = computeConnectionPhase();
+        return result(phase, {
+            success: true,
+            message: `Data Wallet already configured (${conn.evmAddress}). Run neozip-connect finish.`,
+        });
+    }
+    const mnemonic = input.mnemonic.trim();
+    if (!mnemonic) {
+        return result("no_wallet", { success: false, message: "--mnemonic is required." });
+    }
+    try {
+        const evm = importWalletFromMnemonic(mnemonic);
+        await validateWalletImportAgainstServer({
+            origin,
+            accessToken: secrets.accessToken,
+            derivedAddress: evm.address,
+            force: input.force,
+        });
+        saveImportedWallet(conn.id, evm);
+        applyActiveConnectionToEnv();
+        const phase = computeConnectionPhase();
+        return result(phase, {
+            success: true,
+            message: `Imported Data Wallet (${evm.address}). Run neozip-connect finish.`,
+        });
+    }
+    catch (err) {
+        return result("no_wallet", {
+            success: false,
+            message: err instanceof Error ? err.message : String(err),
+        });
+    }
+}
+export async function connectWalletImportKey(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input.tokenServiceUrl);
+    ensureActiveConnection({ tokenServiceUrl: origin });
+    const { conn, secrets } = activeWalletContext();
+    try {
+        requireWalletPreconditions(conn, secrets);
+        await requirePhonePreconditions(conn, origin);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        const phase = message.includes("Phone") ? "phone_required" : "email_unverified";
+        return result(phase, { success: false, message });
+    }
+    if (walletAlreadyConfigured(conn, secrets)) {
+        const phase = computeConnectionPhase();
+        return result(phase, {
+            success: true,
+            message: `Data Wallet already configured (${conn.evmAddress}). Run neozip-connect finish.`,
+        });
+    }
+    const privateKey = input.privateKey.trim();
+    if (!privateKey) {
+        return result("no_wallet", { success: false, message: "--private-key is required." });
+    }
+    try {
+        const evm = importWalletFromPrivateKey(privateKey);
+        await validateWalletImportAgainstServer({
+            origin,
+            accessToken: secrets.accessToken,
+            derivedAddress: evm.address,
+            force: input.force,
+        });
+        saveImportedWallet(conn.id, evm);
+        applyActiveConnectionToEnv();
+        const phase = computeConnectionPhase();
+        return result(phase, {
+            success: true,
+            message: `Imported Data Wallet (${evm.address}). Run neozip-connect finish.`,
+        });
+    }
+    catch (err) {
+        return result("no_wallet", {
+            success: false,
+            message: err instanceof Error ? err.message : String(err),
+        });
+    }
+}
+export async function connectFinish(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input?.tokenServiceUrl);
+    const conn = ensureActiveConnection({ tokenServiceUrl: origin });
+    const secrets = readActiveConnectionSecrets();
+    if (!secrets?.accessToken || !conn.emailVerified) {
+        return result("email_unverified", {
+            success: false,
+            message: "Email not verified. Run neozip-connect to continue setup.",
+        });
+    }
+    const coordinator = await fetchCoordinatorConfigParsed(origin);
+    assertCoordinatorWrapSupported(coordinator);
+    if (await needsPhoneVerification(conn, origin)) {
+        return result("phone_required", {
+            success: false,
+            message: "Phone verification required. Run neozip-connect phone request --phone +14155551234, then phone verify.",
+        });
+    }
+    let meta = conn;
+    let sec = secrets;
+    if (!sec.evmPrivateKeyHex || !meta.evmAddress) {
+        if (!input?.createWallet) {
+            return result("no_wallet", {
+                success: false,
+                message: WALLET_SETUP_HINT,
+            });
+        }
+        const evm = generateEvmIdentity();
+        meta = saveEvmWallet(meta.id, evm.privateKey, evm.address);
+        sec = readActiveConnectionSecrets();
+    }
+    if (!meta.walletId || meta.linkId == null) {
+        const linked = await runWalletEnsureAndAttach(origin, sec.accessToken, sec.evmPrivateKeyHex, meta.evmAddress);
+        meta = saveWalletLink(meta.id, linked.walletId, linked.linkId, linked.evmAddress);
+    }
+    if (!meta.identityKeyId) {
+        const provisioned = await provisionWalletIdentityKey({
+            baseUrl: origin,
+            accessToken: sec.accessToken,
+            walletId: meta.walletId,
+            evmPrivateKey: sec.evmPrivateKeyHex,
+            evmAddress: meta.evmAddress,
+        });
+        meta = saveIdentityProvision(meta.id, provisioned.identityKeyId, provisioned.x25519PublicKey);
+    }
+    applyActiveConnectionToEnv();
+    return result("ready", {
+        success: true,
+        message: `Connection ready. Profile stored under ${getConnectionDir()}. Reload MCP in Cursor.`,
+    });
+}
+export async function connectSetup(input) {
+    if (hasLegacyMcpProfiles())
+        migrateFromMcpProfileStore();
+    const origin = resolveTokenServiceOrigin(input.tokenServiceUrl);
+    ensureActiveConnection({
+        label: input.label,
+        tokenServiceUrl: origin,
+    });
+    const ver = await connectVerify({
+        email: input.email,
+        code: input.code,
+        tokenServiceUrl: input.tokenServiceUrl,
+    });
+    if (ver.phase === "phone_required")
+        return ver;
+    if (ver.phase === "ready")
+        return ver;
+    const phase = computeConnectionPhase();
+    if (phase === "no_wallet" || phase === "wallet_unlinked" || phase === "identity_missing") {
+        return result(phase, {
+            success: true,
+            message: `Email verified (phase: ${phase}). ${WALLET_SETUP_HINT}`,
+        });
+    }
+    return connectFinish({ tokenServiceUrl: input.tokenServiceUrl });
+}
+export function connectLogout() {
+    const out = logoutConnection();
+    return result(computeConnectionPhase(), {
+        success: true,
+        message: `Logged out connection "${out.label}". Run neozip-connect to set up again.`,
+    });
+}
+export function connectDelete(input) {
+    const id = input?.connectionId?.trim() || getActiveConnection()?.id;
+    if (!id) {
+        return result("no_profile", {
+            success: false,
+            message: "No connection to delete.",
+        });
+    }
+    const out = deleteConnection(id);
+    return result(computeConnectionPhase(), {
+        success: true,
+        connectionId: out.newActiveConnectionId,
+        message: out.newActiveConnectionId != null
+            ? `Deleted connection "${out.label}". Active connection updated.`
+            : `Deleted connection "${out.label}". No accounts remain.`,
+    });
+}
+export function connectMigrate() {
+    const out = migrateFromMcpProfileStore();
+    return {
+        success: out.migrated > 0,
+        phase: computeConnectionPhase(),
+        connectionId: out.activeConnectionId,
+        tokenServiceOrigin: resolveTokenServiceOrigin(),
+        message: out.migrated > 0
+            ? `Migrated ${out.migrated} profile(s) to ${out.connectionDir}.`
+            : "Nothing to migrate (connection store already populated or no legacy profiles).",
+        nextCommand: nextConnectCommand(computeConnectionPhase(), {
+            email: getActiveConnection()?.email,
+            phoneE164: getActiveConnection()?.phoneE164,
+        }),
+    };
+}
+//# sourceMappingURL=onboarding.js.map

package/dist/connection/origin.js

@@ -0,0 +1,63 @@
+/** Default token service when none is configured. */
+export const NEOZIP_TOKEN_SERVICE_DEFAULT_URL = "https://testnet.token-service.neozip.io";
+/** Local token service URL for development. */
+export const NEOZIP_TOKEN_SERVICE_LOCALHOST = "http://localhost:14789";
+/** Production token service URL. */
+export const NEOZIP_TOKEN_SERVICE_PRODUCTION_URL = "https://token-service.neozip.io";
+/** Interactive menu order for Token Service deployment picker. */
+export const KNOWN_TOKEN_SERVICE_PRESETS = [
+    {
+        name: "NeoZip Testnet",
+        url: NEOZIP_TOKEN_SERVICE_DEFAULT_URL,
+        description: "NeoZip Token Service (testnet)",
+    },
+    {
+        name: "NeoZip Production",
+        url: NEOZIP_TOKEN_SERVICE_PRODUCTION_URL,
+        description: "NeoZip Token Service (production)",
+    },
+    {
+        name: "Local Development",
+        url: NEOZIP_TOKEN_SERVICE_LOCALHOST,
+        description: "Local NeoZip Token Service",
+    },
+];
+export function defaultTokenServiceMenuChoice(serverUrl) {
+    const raw = serverUrl?.trim() || process.env.TOKEN_SERVICE_URL?.trim();
+    if (!raw)
+        return "1";
+    const normalized = normalizeTokenServiceOrigin(raw);
+    const presetIdx = KNOWN_TOKEN_SERVICE_PRESETS.findIndex((p) => sameTokenServiceOrigin(p.url, normalized));
+    if (presetIdx >= 0)
+        return String(presetIdx + 1);
+    return "4";
+}
+export function connectionLabelForOrigin(origin) {
+    const normalized = normalizeTokenServiceOrigin(origin);
+    const preset = KNOWN_TOKEN_SERVICE_PRESETS.find((p) => sameTokenServiceOrigin(p.url, normalized));
+    return preset?.name ?? normalized;
+}
+export function normalizeTokenServiceOrigin(url) {
+    const trimmed = (url || "").trim();
+    if (!trimmed)
+        return "";
+    const noSlash = trimmed.replace(/\/+$/, "");
+    try {
+        const u = new URL(noSlash);
+        const host = u.hostname.toLowerCase();
+        return `${u.protocol}//${host}${u.port ? `:${u.port}` : ""}${u.pathname.replace(/\/+$/, "") || ""}`;
+    }
+    catch {
+        return noSlash;
+    }
+}
+export function sameTokenServiceOrigin(a, b) {
+    return normalizeTokenServiceOrigin(a) === normalizeTokenServiceOrigin(b);
+}
+export function resolveTokenServiceOrigin(serverUrl) {
+    const raw = serverUrl?.trim() ||
+        process.env.TOKEN_SERVICE_URL?.trim() ||
+        NEOZIP_TOKEN_SERVICE_DEFAULT_URL;
+    return normalizeTokenServiceOrigin(raw);
+}
+//# sourceMappingURL=origin.js.map

package/dist/connection/phase.js

@@ -0,0 +1,93 @@
+import { needsPhoneVerification } from "./phone.js";
+import { getActiveConnection, getActiveConnectionId, listConnectionIds, listConnections, readActiveConnectionSecrets, readConnectionPublic, readConnectionSecrets, } from "./store.js";
+function shellQuote(value) {
+    if (/^[a-zA-Z0-9@._+-]+$/.test(value))
+        return value;
+    return `"${value.replace(/"/g, '\\"')}"`;
+}
+function phaseFromConnection(meta, secrets) {
+    if (!meta || !secrets)
+        return "no_profile";
+    if (!secrets.accessToken || !meta.emailVerified) {
+        return "email_unverified";
+    }
+    if (meta.phoneE164 && !meta.phoneVerifiedAt) {
+        return "phone_required";
+    }
+    if (!secrets.evmPrivateKeyHex || !meta.evmAddress) {
+        return "no_wallet";
+    }
+    if (!meta.walletId || meta.linkId == null) {
+        return "wallet_unlinked";
+    }
+    if (!meta.identityKeyId) {
+        return "identity_missing";
+    }
+    return "ready";
+}
+export function computeConnectionPhaseForId(connectionId) {
+    return phaseFromConnection(readConnectionPublic(connectionId), readConnectionSecrets(connectionId));
+}
+export function listReadyConnectionIds() {
+    return listConnectionIds().filter((id) => computeConnectionPhaseForId(id) === "ready");
+}
+export function computeConnectionPhase() {
+    const connectionId = getActiveConnectionId();
+    if (!connectionId) {
+        return listConnections().length > 0 ? "no_profile" : "no_profile";
+    }
+    return phaseFromConnection(getActiveConnection(), readActiveConnectionSecrets());
+}
+/** Async phase that accounts for coordinator phone requirement. */
+export async function resolveConnectionPhase(tokenServiceUrl) {
+    const phase = computeConnectionPhase();
+    if (phase === "phone_required")
+        return phase;
+    const meta = getActiveConnection();
+    if (!meta)
+        return phase;
+    const origin = tokenServiceUrl?.trim() || meta.tokenServiceOrigin;
+    if (await needsPhoneVerification(meta, origin)) {
+        return "phone_required";
+    }
+    return phase;
+}
+export function accountPhaseFromConnection() {
+    const phase = computeConnectionPhase();
+    if (phase === "awaiting_code" || phase === "phone_required") {
+        return "email_unverified";
+    }
+    return phase;
+}
+/** Scriptable next step for incomplete phases (used by CLI JSON and MCP errors). */
+export function nextConnectCommand(phase, context) {
+    const email = context?.email?.trim().toLowerCase();
+    const phone = context?.phoneE164?.trim();
+    switch (phase) {
+        case "ready":
+            return undefined;
+        case "no_profile":
+            return email
+                ? `neozip-connect register --email ${shellQuote(email)}`
+                : "neozip-connect register --email user@example.com";
+        case "awaiting_code":
+        case "email_unverified":
+            return email
+                ? `neozip-connect verify --email ${shellQuote(email)} --code 123456`
+                : "neozip-connect register --email user@example.com";
+        case "phone_required":
+            return phone
+                ? `neozip-connect phone verify --phone ${shellQuote(phone)} --code 123456`
+                : "neozip-connect phone request --phone +14155551234";
+        case "no_wallet":
+            return "neozip-connect wallet create --ack-backup";
+        case "wallet_unlinked":
+        case "identity_missing":
+            return "neozip-connect finish";
+        case "degraded":
+            return "neozip-connect status";
+        default:
+            return "neozip-connect";
+    }
+}
+//# sourceMappingURL=phase.js.map