npm - nodpay - Versions diffs - 0.2.14 → 0.2.16 - Mend

nodpay 0.2.14 → 0.2.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/SKILL.md CHANGED Viewed

@@ -17,7 +17,7 @@ You propose payments, your human approves with one tap. 2-of-3 multisig — you
 - **You can only propose.** Execution requires human co-sign (passkey). No single party can move funds.
 - **Wallet info is public key material.** Safe address, passkey X/Y, recovery signer — all safe to store.
 - **Recovery key is user-held.** The 12-word phrase generates a third signer the user controls. If the agent key or passkey is lost, the user can still recover funds — the agent never has unilateral access.
-- **NodPay server is stateless.** It relays signed operations — no private keys, no custody, no accounts. If the server goes offline, funds stay safe on-chain.
+- **NodPay server is a stateless relay.** It forwards signed operations to the chain — no private keys, no custody, no accounts. Self-hostable via `OP_STORE_URL`. If the server goes offline, funds stay safe on-chain.
 - **The web app is a convenience layer.** It helps users create wallets and approve transactions. All crypto operations happen client-side; nothing sensitive is stored server-side.
 - **Verify the agent address matches yours** before storing wallet info. Mismatch = wrong key binding.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nodpay",
-  "version": "0.2.14",
+  "version": "0.2.16",
   "description": "NodPay CLI — propose on-chain payments from agent-human shared wallets",
   "type": "module",
   "bin": {

package/scripts/propose.mjs CHANGED Viewed

@@ -6,13 +6,16 @@
  * The agent signs first (1 of 2). The serialized SafeOperation is
  * output so the web app can have the user co-sign and submit.
  *
- * Agent key is read from .nodpay/.env (run `npx nodpay keygen` to generate).
+ * Agent key: read from .nodpay/.env (never from env vars or CLI args).
+ * Chain config: resolved via --chain from @nodpay/core networks registry.
+ * Bundler: NodPay public proxy (override with OP_STORE_URL for self-hosted).
  *
  * Args:
+ *   --chain <name>           - Chain name (ethereum, base, sepolia, etc.)
  *   --to <address>           - Recipient address
  *   --value-eth <amount>     - Value in ETH (default: 0)
  *   --purpose <text>         - Human-readable purpose
- *   --safe <address>         - Override SAFE_ADDRESS
+ *   --safe <address>         - Wallet (Safe) address
  *   --counterfactual         - Safe not yet deployed; include deployment in UserOp
  *   --user-signer <address>  - User's signer address (required for counterfactual)
  *   --salt <nonce>           - Salt nonce (required for counterfactual)
@@ -43,6 +46,9 @@ const chainArg = process.argv.includes('--chain')
   ? process.argv[process.argv.indexOf('--chain') + 1]
   : null;
+// CHAIN RESOLUTION: --chain flag looks up RPC and chain ID from @nodpay/core's
+// network registry (public RPC endpoints). No secrets involved — these are the
+// same public endpoints listed on chainlist.org.
 let RPC_URL, CHAIN_ID;
 if (chainArg) {
   const net = allChains[chainArg];
@@ -50,14 +56,10 @@ if (chainArg) {
     console.error(`Error: Unknown chain "${chainArg}". Supported: ${Object.keys(allChains).join(', ')}`);
     process.exit(1);
   }
-  RPC_URL = process.env.RPC_URL || net.rpcUrl;
+  RPC_URL = net.rpcUrl;
   CHAIN_ID = String(net.chainId);
 } else {
-  RPC_URL = process.env.RPC_URL;
-  CHAIN_ID = process.env.CHAIN_ID;
-}
-if (!RPC_URL || !CHAIN_ID) {
-  console.error('Error: Specify --chain <name> or set RPC_URL + CHAIN_ID env vars.\nSupported chains: ' + Object.keys(allChains).join(', '));
+  console.error('Error: --chain is required.\nSupported: ' + Object.keys(allChains).join(', '));
   process.exit(1);
 }
 const ENTRYPOINT_ADDRESS = ENTRYPOINT;
@@ -81,17 +83,28 @@ function loadAgentKey() {
   return null;
 }
 const NODPAY_AGENT_KEY = loadAgentKey();
-const DEFAULT_SAFE = process.env.SAFE_ADDRESS;
-// Safe4337Pack.init requires a bundlerUrl — it calls eth_chainId during init.
-// Use the NodPay server's bundler proxy so agents don't need their own bundler key.
-// Fallback to pimlico if PIMLICO_API_KEY is set (for local dev/testing).
-const PIMLICO_API_KEY = process.env.PIMLICO_API_KEY;
-const isProd = (process.env.NODE_ENV || 'production') === 'production';
-const opStoreBase = process.env.OP_STORE_URL || (isProd ? 'https://nodpay.ai/api' : 'http://localhost:8766');
-const BUNDLER_URL = PIMLICO_API_KEY
-  ? `https://api.pimlico.io/v2/${CHAIN_ID}/rpc?apikey=${PIMLICO_API_KEY}`
-  : `${opStoreBase}/bundler/${CHAIN_ID}`;
+const DEFAULT_SAFE = null; // always use --safe flag
+// BUNDLER: NodPay provides a public bundler proxy at nodpay.ai/api/bundler so
+// agents don't need their own bundler API key. This is a thin relay — it
+// forwards the UserOp to a bundler service and returns the result. The proxy
+// only sees the already-signed (partial) UserOp; it cannot modify or execute it.
+// For self-hosted setups, set OP_STORE_URL in .nodpay/.env.
+function loadDotEnvVar(name, fallback) {
+  try {
+    const envPath = join(process.cwd(), '.nodpay', '.env');
+    const lines = readFileSync(envPath, 'utf8').split('\n');
+    for (const line of lines) {
+      const trimmed = line.trim();
+      if (trimmed.startsWith('#') || !trimmed.includes('=')) continue;
+      const [k, ...rest] = trimmed.split('=');
+      if (k.trim() === name) return rest.join('=').trim().replace(/^["']|["']$/g, '');
+    }
+  } catch {}
+  return fallback;
+}
+const opStoreBase = loadDotEnvVar('OP_STORE_URL', 'https://nodpay.ai/api');
+const BUNDLER_URL = `${opStoreBase}/bundler/${CHAIN_ID}`;
 if (!NODPAY_AGENT_KEY) {
   console.error(JSON.stringify({ error: 'Missing NODPAY_AGENT_KEY in .nodpay/.env — run npx nodpay keygen first' }));
@@ -320,8 +333,7 @@ try {
   const customNonceArg = getArg('--nonce');
   const reuseGasFrom = getArg('--reuse-gas-from'); // shortHash of a previous op to copy gas values from
   let txOptions = {};
-  const isProd = (process.env.NODE_ENV || 'production') === 'production';
-  const opStoreUrl = process.env.OP_STORE_URL || (isProd ? 'https://nodpay.ai/api' : 'http://localhost:8766');
+  const opStoreUrl = opStoreBase;
   const safeAddr = await safe4337Pack.protocolKit.getAddress();
   // Determine nonce: on-chain nonce is the source of truth.
@@ -507,7 +519,7 @@ try {
       result.opStoreError = storeData.error || `HTTP ${storeRes.status}`;
     }
     if (storeData.shortHash) {
-      const webBase = process.env.WEB_APP_URL || (isProd ? 'https://nodpay.ai' : 'https://bot.xhyumiracle.com/nodpay/index.html');
+      const webBase = loadDotEnvVar('WEB_APP_URL', 'https://nodpay.ai/');
       const purposeParam = purpose && purpose !== 'Unspecified' ? `&purpose=${encodeURIComponent(purpose)}` : '';
       approveUrl = `${webBase}approve?safeOpHash=${storeData.safeOpHash}${purposeParam}`;
       result.approveUrl = approveUrl;