npm - nous-token - Versions diffs - 0.1.0 → 0.2.0 - Mend

nous-token 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/PROTOCOL.md CHANGED Viewed

@@ -79,11 +79,11 @@ Users identify themselves with an Ethereum wallet address. The wallet is the per
 ### How it works
-1. User runs `npx nous-token setup`, enters wallet address + API key
-2. CLI computes `user_hash = SHA-256(api_key)[0:16]` locally, sends `{api_key, wallet}` to `/api/link`
-3. Gateway computes the same hash, verifies it exists in records, links all records to the wallet
-4. Future API calls include `?wallet=0x...` in the base URL (set by CLI) or `X-Nous-Wallet` header (set by plugin)
-5. Gateway stores wallet with each new record and backfills old records for the same hash
+1. User runs `npx nous-token setup`, enters wallet address
+2. CLI configures AI tools with base URL: `https://gateway.nousai.cc/{provider}/w/{wallet}/...`
+3. First API call through the gateway: gateway hashes the auth token, records usage with wallet
+4. Wallet binding is automatic — no separate linking step, no API key transmission
+5. Old records for the same auth token hash are backfilled to the wallet
 ### Binding rules
@@ -161,7 +161,6 @@ Both options use self-to-self transactions with data as calldata. No smart contr
 | `/api/wallet/{address}` | GET | Usage for a wallet (all linked hashes aggregated) |
 | `/api/user/{hash}` | GET | Single user aggregated stats |
 | `/api/user/{hash}/receipts` | GET | Signed receipts (paginated) |
-| `/api/link` | POST | Link hash to wallet (`{api_key, wallet}`) — first bind wins |
 | `/api/records` | GET | Raw records for sentinel verification |
 | `/api/chain` | GET | Merkle root and MMR state |
 | `/api/sign` | POST | Signed summary (optional aggregation) |

package/README.md CHANGED Viewed

@@ -12,11 +12,9 @@ One command to track all your AI spending across every provider. Your data is si
 npx nous-token setup
 ```
-The CLI asks two things:
-1. **Wallet address** (0x...) — your permanent identity across API keys
-2. **API key** — used locally to compute your hash, never sent anywhere
+The CLI asks one thing: your **wallet address** (0x...) — your permanent identity.
-Then it auto-detects your AI tools (Claude Code, Cursor, Python SDKs, etc.) and routes them through the gateway.
+Then it auto-detects your AI tools (Claude Code, Cursor, Python SDKs, etc.) and routes them through the gateway. Works with both API keys and subscription plans (Claude Max, etc.).
 ## How It Works
@@ -56,9 +54,10 @@ Works with any OpenAI-compatible API out of the box:
 Your wallet address is your permanent identity. API keys expire and rotate — your wallet doesn't.
 - Run `npx nous-token setup` with your wallet address
-- All usage across any API key links to your wallet
-- Switch keys, switch machines — your history follows you
-- First bind is permanent (prevents rebind with leaked keys)
+- All usage across any API key or OAuth token links to your wallet
+- Switch keys, switch machines, switch plans — your history follows you
+- First bind is permanent per auth token (prevents rebind with leaked keys)
+- Works with API keys and subscription plans (Claude Max, ChatGPT Plus, etc.)
 ## Privacy by Structure
@@ -66,7 +65,7 @@ Not by promise — by code. [Audit the source](gateway/src/index.ts).
 | Data | What happens |
 |------|-------------|
-| API Key | Hashed (SHA-256) for identity. Never stored. |
+| Auth Token | Hashed (SHA-256) for identity. Never stored. Works with API keys and OAuth tokens. |
 | Prompts | `request.body` piped directly to provider. Never read. |
 | Responses (streaming) | Tee'd. Only last 4KB buffered to extract `.usage`. |
 | Responses (non-streaming) | In V8 isolate memory. Only `.usage` accessed. GC'd after request. |
@@ -107,7 +106,6 @@ Gateway: `https://gateway.nousai.cc`
 | `/api/wallet/{address}` | GET | Usage for a wallet (all linked hashes) |
 | `/api/user/{hash}` | GET | Single user stats |
 | `/api/user/{hash}/receipts` | GET | Signed receipts (paginated) |
-| `/api/link` | POST | Link hash to wallet (`{api_key, wallet}`) |
 | `/api/records` | GET | Raw records for sentinel verification |
 | `/api/chain` | GET | Merkle root and MMR state |
 | `/api/sign` | POST | Signed summary for on-chain storage |

package/cli/setup.ts CHANGED Viewed

@@ -7,11 +7,10 @@
 // Scans for installed AI tools, configures them to route through
 // the nous-token gateway for usage tracking.
-import { existsSync, readFileSync, writeFileSync, mkdirSync, appendFileSync } from "fs";
+import { existsSync, readFileSync, writeFileSync } from "fs";
 import { homedir } from "os";
 import { join } from "path";
 import { execSync } from "child_process";
-import { createHash } from "crypto";
 const GATEWAY = "https://gateway.nousai.cc";
 const HOME = homedir();
@@ -26,7 +25,7 @@ function saveWallet(wallet: string): void {
 }
 function gatewayUrl(path: string, wallet: string): string {
-  return wallet ? `${GATEWAY}${path}?wallet=${wallet}` : `${GATEWAY}${path}`;
+  return wallet ? `${GATEWAY}${path}/w/${wallet}` : `${GATEWAY}${path}`;
 }
 interface Tool {
@@ -181,27 +180,6 @@ function setShellEnv(key: string, value: string, toolName: string): ConfigResult
   return { success: true, message: `set ${key} in ${rcName}` };
 }
-// ── Find first available API key ──
-function findFirstApiKey(): string | null {
-  const keys = [
-    process.env.OPENAI_API_KEY,
-    process.env.ANTHROPIC_API_KEY,
-    process.env.DEEPSEEK_API_KEY,
-    process.env.GEMINI_API_KEY,
-    process.env.GROQ_API_KEY,
-  ];
-  for (const key of keys) {
-    if (key) return key.replace(/^Bearer\s+/i, "");
-  }
-  return null;
-}
-function computeUserHash(): string | null {
-  const key = findFirstApiKey();
-  if (!key) return null;
-  return createHash("sha256").update(key).digest("hex").slice(0, 32);
-}
 // ── Prompt helper ──
@@ -242,39 +220,7 @@ if (wallet) {
   process.exit(0);
 }
-// Step 2: API key — read from env or ask
-let apiKey = findFirstApiKey();
-if (!apiKey) {
-  const input = await ask("  API key (sk-...): ");
-  if (input) {
-    apiKey = input.replace(/^Bearer\s+/i, "");
-  }
-}
-// Step 3: Link hash → wallet via gateway
-if (apiKey) {
-  const hash = createHash("sha256").update(apiKey).digest("hex").slice(0, 32);
-  console.log(`  \x1b[90mUser hash: ${hash}\x1b[0m`);
-  try {
-    const res = await fetch(`${GATEWAY}/api/link`, {
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({ api_key: apiKey, wallet }),
-    });
-    const data = await res.json() as { ok?: boolean; error?: string };
-    if (data.ok) {
-      console.log(`  \x1b[32m✓ Linked to wallet\x1b[0m\n`);
-    } else {
-      console.log(`  \x1b[90m${data.error || "No existing records to link — they'll link automatically on first use."}\x1b[0m\n`);
-    }
-  } catch {
-    console.log("  \x1b[90mCouldn't reach gateway — linking will happen on first use.\x1b[0m\n");
-  }
-} else {
-  console.log("  \x1b[90mNo API key found. Wallet will link on first use through the gateway.\x1b[0m\n");
-}
-// Step 4: Configure tools
+// Step 2: Configure tools
 console.log("  Scanning for AI tools...\n");
 let configured = 0;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nous-token",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Open-source AI usage tracker. One command to track all your AI spending.",
   "type": "module",
   "main": "index.ts",