nyxora 1.0.8 → 1.1.2

package/dist/agent/reasoning.js

@@ -1,45 +1,10 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.logger = void 0;
 exports.processUserInput = processUserInput;
-const dotenv = __importStar(require("dotenv"));
-dotenv.config();
 const fs_1 = __importDefault(require("fs"));
 const openai_1 = require("openai");
 const parser_1 = require("../config/parser");
@@ -72,21 +37,21 @@ function getOpenAI() {
             currentKeyIndex++; // Increment for next request
         }
     }
-    // Fallbacks if no valid keys found in config
+    // Fallbacks if no valid keys found in config.llm.api_keys
     if (!apiKey) {
         if (config.llm.provider === 'gemini') {
-            apiKey = process.env.GEMINI_API_KEY || '';
+            apiKey = config.llm.credentials?.gemini_key || '';
         }
         else if (config.llm.provider === 'openrouter') {
-            apiKey = process.env.OPENROUTER_API_KEY || '';
+            apiKey = config.llm.credentials?.openrouter_key || '';
         }
         else {
-            apiKey = process.env.OPENAI_API_KEY || '';
+            apiKey = config.llm.credentials?.openai_key || '';
         }
         if (!apiKey) {
-            throw new Error(`No API Key found for ${config.llm.provider} in config or .env`);
+            throw new Error(`No API Key found for ${config.llm.provider} in config.yaml. Please run 'nyxora setup' to configure it.`);
         }
-        console.log(`[LLM] Using default API Key from .env`);
+        console.log(`[LLM] Using default API Key from config.yaml`);
     }
     if (config.llm.provider === 'gemini') {
         return new openai_1.OpenAI({
@@ -138,10 +103,10 @@ If the user doesn't specify a chain, default to: ${config.agent.default_chain}.`
     }
     return basePrompt;
 }
-async function processUserInput(input) {
+async function processUserInput(input, role = 'user') {
     const config = (0, parser_1.loadConfig)();
-    // Add user input to memory
-    exports.logger.addEntry({ role: 'user', content: input });
+    // Add input to memory
+    exports.logger.addEntry({ role, content: input });
     const history = exports.logger.getHistory();
     // Format messages for OpenAI
     const messages = [

package/dist/agent/transactionManager.js

@@ -0,0 +1,38 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.txManager = void 0;
+const crypto_1 = __importDefault(require("crypto"));
+class TransactionManager {
+    transactions = new Map();
+    createPendingTransaction(type, chainName, details) {
+        const id = crypto_1.default.randomUUID();
+        const tx = {
+            id,
+            type,
+            chainName,
+            details,
+            status: 'pending',
+            createdAt: Date.now(),
+        };
+        this.transactions.set(id, tx);
+        return tx;
+    }
+    getPending() {
+        return Array.from(this.transactions.values()).filter(t => t.status === 'pending');
+    }
+    getTransaction(id) {
+        return this.transactions.get(id);
+    }
+    updateStatus(id, status, result) {
+        const tx = this.transactions.get(id);
+        if (tx) {
+            tx.status = status;
+            if (result)
+                tx.result = result;
+        }
+    }
+}
+exports.txManager = new TransactionManager();

package/dist/gateway/cli.js

@@ -1,49 +1,19 @@
 #!/usr/bin/env node
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
-const dotenv = __importStar(require("dotenv"));
 const open_1 = __importDefault(require("open"));
 const paths_1 = require("../config/paths");
 const server_1 = require("./server");
 const setup_1 = require("./setup");
+const prompts_1 = require("@clack/prompts");
+const crypto_1 = require("../utils/crypto");
+const state_1 = require("../utils/state");
+const picocolors_1 = __importDefault(require("picocolors"));
 async function main() {
     // 1. Determine configuration directory
     const appDir = (0, paths_1.getAppDir)();
@@ -60,23 +30,12 @@ async function main() {
     // 2. Setup boilerplate files if in global mode and they don't exist
     let isFirstBoot = false;
     if (isGlobalMode) {
-        const globalEnvPath = path_1.default.join(appDir, '.env');
         const globalConfigPath = path_1.default.join(appDir, 'config.yaml');
         const globalUserMdPath = path_1.default.join(appDir, 'user.md');
         const globalIdentityMdPath = path_1.default.join(appDir, 'IDENTITY.md');
-        // Copy .env.example to ~/.nyxora/.env if it doesn't exist
-        if (!fs_1.default.existsSync(globalEnvPath)) {
-            isFirstBoot = true;
-            const exampleEnvPath = path_1.default.resolve(__dirname, '../../../.env.example');
-            if (fs_1.default.existsSync(exampleEnvPath)) {
-                fs_1.default.copyFileSync(exampleEnvPath, globalEnvPath);
-            }
-            else {
-                fs_1.default.writeFileSync(globalEnvPath, '# Nyxora Environment Variables\nPRIVATE_KEY=\n');
-            }
-        }
         // Copy default config.yaml
         if (!fs_1.default.existsSync(globalConfigPath)) {
+            isFirstBoot = true;
             const exampleConfigPath = path_1.default.resolve(__dirname, '../../../config.yaml');
             if (fs_1.default.existsSync(exampleConfigPath)) {
                 fs_1.default.copyFileSync(exampleConfigPath, globalConfigPath);
@@ -86,24 +45,47 @@ async function main() {
             }
         }
         if (!fs_1.default.existsSync(globalUserMdPath)) {
-            fs_1.default.writeFileSync(globalUserMdPath, 'Tuliskan instruksi kustom, aturan khusus, profil pengguna, atau persona yang Anda inginkan untuk Nyxora AI di file ini.\n');
+            fs_1.default.writeFileSync(globalUserMdPath, 'Write custom instructions, special rules, user profiles, or the persona you want for Nyxora AI in this file.\n');
         }
         if (!fs_1.default.existsSync(globalIdentityMdPath)) {
-            fs_1.default.writeFileSync(globalIdentityMdPath, 'Kamu adalah Nyxora, asisten Web3 pintar.\n');
+            fs_1.default.writeFileSync(globalIdentityMdPath, 'You are a Web3 AI assistant named Nyxora.\n');
         }
     }
     if (isFirstBoot) {
-        console.log('[Setup] Instalasi baru terdeteksi. Memulai Setup Wizard...');
+        console.log('[Setup] New installation detected. Starting Setup Wizard...');
         await (0, setup_1.runSetupWizard)();
     }
-    // 3. Load Environment Variables from the determined directory
-    dotenv.config({ path: path_1.default.join(appDir, '.env') });
+    // 3. Load Private Key into Memory
+    const keystorePath = path_1.default.join(appDir, 'keystore.json');
+    if (fs_1.default.existsSync(keystorePath)) {
+        const masterPassword = await (0, prompts_1.password)({
+            message: '🔒 Vault locked! Enter Master Password to access Nyxora:',
+        });
+        if ((0, prompts_1.isCancel)(masterPassword) || !masterPassword) {
+            console.log(picocolors_1.default.red('Access denied. Exiting Nyxora.'));
+            return process.exit(0);
+        }
+        try {
+            const keystore = JSON.parse(fs_1.default.readFileSync(keystorePath, 'utf8'));
+            const privateKey = (0, crypto_1.decryptKey)(keystore, masterPassword);
+            (0, state_1.setPrivateKey)(privateKey);
+            console.log(picocolors_1.default.green('✅ Private Key successfully decrypted into memory.'));
+        }
+        catch (error) {
+            console.log(picocolors_1.default.red('❌ Invalid Master Password or corrupted keystore. Exiting Nyxora.'));
+            return process.exit(1);
+        }
+    }
+    else {
+        console.log(picocolors_1.default.yellow('⚠️ Keystore not found. Web3 features will be disabled unless you run `nyxora setup`.'));
+    }
     // 4. Start the Express API Server (which also serves the static dashboard and Telegram bot)
     (0, server_1.startServer)();
     // 5. Open the Dashboard in the default browser
     const PORT = process.env.PORT || 3000;
+    const token = (0, state_1.getSessionToken)();
     setTimeout(() => {
-        const url = `http://localhost:${PORT}`;
+        const url = `http://localhost:${PORT}?token=${token}`;
         console.log(`🌐 Opening Dashboard at ${url}`);
         (0, open_1.default)(url);
     }, 1500);

package/dist/gateway/server.js

@@ -1,37 +1,4 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -40,17 +7,19 @@ exports.startServer = startServer;
 const express_1 = __importDefault(require("express"));
 const cors_1 = __importDefault(require("cors"));
 const path_1 = __importDefault(require("path"));
-const dotenv = __importStar(require("dotenv"));
-const paths_1 = require("../config/paths");
-dotenv.config({ path: (0, paths_1.getPath)('.env') });
+const state_1 = require("../utils/state");
 const reasoning_1 = require("../agent/reasoning");
 const parser_1 = require("../config/parser");
 const tracker_1 = require("./tracker");
-const getBalance_1 = require("../web3/skills/getBalance");
+const transactionManager_1 = require("../agent/transactionManager");
 const transfer_1 = require("../web3/skills/transfer");
-const getPrice_1 = require("../web3/skills/getPrice");
 const swapToken_1 = require("../web3/skills/swapToken");
+const getBalance_1 = require("../web3/skills/getBalance");
+const transfer_2 = require("../web3/skills/transfer");
+const getPrice_1 = require("../web3/skills/getPrice");
+const swapToken_2 = require("../web3/skills/swapToken");
 const telegram_1 = require("./telegram");
+const formatter_1 = require("../utils/formatter");
 // Intercept console.log and console.error
 const originalLog = console.log;
 const originalError = console.error;
@@ -63,8 +32,16 @@ console.error = function (...args) {
     originalError.apply(console, args);
 };
 const app = (0, express_1.default)();
-app.use((0, cors_1.default)());
+app.use((0, cors_1.default)({ origin: ['http://localhost:3000', 'http://localhost:5173'] }));
 app.use(express_1.default.json());
+// API Auth Middleware
+app.use('/api', (req, res, next) => {
+    const token = req.headers['x-nyxora-token'];
+    if (token !== (0, state_1.getSessionToken)()) {
+        return res.status(401).json({ error: 'Unauthorized: Invalid or missing token' });
+    }
+    next();
+});
 // Serve static frontend from dashboard/dist
 app.use(express_1.default.static(path_1.default.join(__dirname, '../../dashboard/dist')));
 app.get('/api/history', (req, res) => {
@@ -117,11 +94,53 @@ app.get('/api/logs', (req, res) => {
 app.get('/api/skills', (req, res) => {
     res.json([
         getBalance_1.getBalanceToolDefinition,
-        transfer_1.transferToolDefinition,
+        transfer_2.transferToolDefinition,
         getPrice_1.getPriceToolDefinition,
-        swapToken_1.swapTokenToolDefinition
+        swapToken_2.swapTokenToolDefinition
     ]);
 });
+app.get('/api/transactions', (req, res) => {
+    res.json(transactionManager_1.txManager.getPending());
+});
+app.post('/api/transactions/:id/approve', async (req, res) => {
+    const id = req.params.id;
+    const tx = transactionManager_1.txManager.getTransaction(id);
+    if (!tx || tx.status !== 'pending')
+        return res.status(404).json({ error: 'Transaction not found or not pending' });
+    try {
+        let result = '';
+        if (tx.type === 'transfer') {
+            result = await (0, transfer_1.executeTransfer)(tx.chainName, tx.details.toAddress, tx.details.amountEth);
+        }
+        else if (tx.type === 'swap') {
+            result = await (0, swapToken_1.executeSwap)(tx.chainName, tx.details.fromToken, tx.details.toToken, tx.details.amount);
+        }
+        transactionManager_1.txManager.updateStatus(id, 'executed', result);
+        // Add programmatic beautiful message directly to chat
+        const prettyMsg = (0, formatter_1.formatTransactionSuccess)(tx, result);
+        reasoning_1.logger.addEntry({ role: 'assistant', content: `✅ Transaction processed:\n\n${prettyMsg}` });
+        // Background update to LLM
+        (0, reasoning_1.processUserInput)(`Transaction ${id} was APPROVED and EXECUTED by the user via Dashboard. Result: ${result}`, 'system').catch(() => { });
+        res.json({ success: true, result });
+    }
+    catch (err) {
+        transactionManager_1.txManager.updateStatus(id, 'failed', err.message);
+        // Add programmatic beautiful error message directly to chat
+        const prettyError = (0, formatter_1.formatTransactionError)(tx, err.message);
+        reasoning_1.logger.addEntry({ role: 'assistant', content: prettyError });
+        (0, reasoning_1.processUserInput)(`Transaction ${id} was APPROVED but FAILED to execute. Error: ${err.message}`, 'system').catch(() => { });
+        res.status(500).json({ error: err.message });
+    }
+});
+app.post('/api/transactions/:id/reject', (req, res) => {
+    const id = req.params.id;
+    const tx = transactionManager_1.txManager.getTransaction(id);
+    if (!tx || tx.status !== 'pending')
+        return res.status(404).json({ error: 'Transaction not found or not pending' });
+    transactionManager_1.txManager.updateStatus(id, 'rejected');
+    (0, reasoning_1.processUserInput)(`Transaction ${id} was REJECTED by the user via Dashboard. Acknowledge this briefly.`, 'system').catch(() => { });
+    res.json({ success: true });
+});
 app.post('/api/chat', async (req, res) => {
     try {
         const { message } = req.body;

package/dist/gateway/setup.js

@@ -10,6 +10,7 @@ const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
 const paths_1 = require("../config/paths");
 const parser_1 = require("../config/parser");
+const crypto_1 = require("../utils/crypto");
 async function runSetupWizard() {
     console.clear();
     const logo = `
@@ -21,62 +22,62 @@ async function runSetupWizard() {
 ╚═╝  ╚═══╝   ╚═╝   ╚═╝  ╚═╝ ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝
   `;
     console.log(picocolors_1.default.cyan(logo));
-    (0, prompts_1.intro)(picocolors_1.default.inverse(' Pengaturan Nyxora CLI '));
+    (0, prompts_1.intro)(picocolors_1.default.inverse(' Nyxora CLI Setup '));
     const appDir = (0, paths_1.getAppDir)();
     const config = (0, parser_1.loadConfig)();
-    const disclaimer = `Nyxora adalah Asisten Web3 yang beroperasi dengan akses penuh atas kendali anda.
+    const disclaimer = `Nyxora is a Web3 Assistant that operates with full access under your control.
 
-Tindakan Pencegahan Kritis:
-- Private Key Anda adalah nyawa aset Anda. JANGAN PERNAH menyalin atau membagikan file .env.
-- Segala instruksi yang Anda berikan via Telegram atau Dashboard dapat memicu transaksi on-chain.
-- Disarankan menggunakan model AI yang cerdas untuk akurasi maksimal.
+Critical Precautions:
+- Your Private Key is the lifeblood of your assets. NEVER copy or share the keystore.json file.
+- Any instructions you provide via Telegram or Dashboard can trigger on-chain transactions.
+- It is recommended to use a smart AI model for maximum accuracy.
 
-Dengan menggunakan Nyxora, Anda sepenuhnya memegang kendali atas kunci Anda sendiri.`;
-    (0, prompts_1.note)(disclaimer, 'Peringatan Keamanan');
+By using Nyxora, you retain full control over your own keys.`;
+    (0, prompts_1.note)(disclaimer, 'Security Warning');
     const understand = await (0, prompts_1.confirm)({
-        message: 'Saya mengerti bahwa keamanan Private Key adalah tanggung jawab saya. Lanjutkan?',
+        message: 'I understand that Private Key security is my responsibility. Continue?',
         initialValue: true,
     });
     if ((0, prompts_1.isCancel)(understand) || !understand) {
-        (0, prompts_1.cancel)('Pengaturan dibatalkan.');
+        (0, prompts_1.cancel)('Setup cancelled.');
         return process.exit(0);
     }
     const existingConfigNote = `Workspace: ${appDir}
-Model Saat Ini: ${config.llm.model}
+Current Model: ${config.llm.model}
 Provider: ${config.llm.provider}`;
-    (0, prompts_1.note)(existingConfigNote, 'Konfigurasi Terdeteksi');
+    (0, prompts_1.note)(existingConfigNote, 'Configuration Detected');
     const action = await (0, prompts_1.select)({
-        message: 'Apa yang ingin Anda lakukan?',
+        message: 'What would you like to do?',
         options: [
-            { value: 'keep', label: 'Pertahankan nilai saat ini' },
-            { value: 'update', label: 'Tinjau dan perbarui pengaturan' },
+            { value: 'keep', label: 'Keep current values' },
+            { value: 'update', label: 'Review and update settings' },
         ],
     });
     if ((0, prompts_1.isCancel)(action)) {
-        (0, prompts_1.cancel)('Pengaturan dibatalkan.');
+        (0, prompts_1.cancel)('Setup cancelled.');
         return process.exit(0);
     }
     if (action === 'keep') {
-        (0, prompts_1.outro)(picocolors_1.default.green('Selesai! Konfigurasi tidak diubah. Menjalankan Nyxora...'));
+        (0, prompts_1.outro)(picocolors_1.default.green('Done! Configuration unchanged. Starting Nyxora...'));
         return;
     }
     // --- WIZARD FORM ---
     // 1. LLM Provider
     const provider = await (0, prompts_1.select)({
-        message: 'Pilih Mesin AI (Provider):',
+        message: 'Select AI Engine (Provider):',
         initialValue: config.llm.provider,
         options: [
-            { value: 'openai', label: 'OpenAI (Rekomendasi)' },
+            { value: 'openai', label: 'OpenAI (Recommended)' },
             { value: 'gemini', label: 'Google Gemini' },
-            { value: 'openrouter', label: 'OpenRouter (Banyak Model)' },
-            { value: 'ollama', label: 'Ollama (Lokal)' },
+            { value: 'openrouter', label: 'OpenRouter (Many Models)' },
+            { value: 'ollama', label: 'Ollama (Local)' },
         ],
     });
     if ((0, prompts_1.isCancel)(provider))
         return process.exit(0);
     // 2. Model Name
     const model = await (0, prompts_1.text)({
-        message: 'Masukkan nama model AI (contoh: gpt-4o, gemini-2.5-flash):',
+        message: 'Enter AI model name (e.g. gpt-4o, gemini-2.5-flash):',
         initialValue: config.llm.model,
     });
     if ((0, prompts_1.isCancel)(model))
@@ -85,14 +86,14 @@ Provider: ${config.llm.provider}`;
     let apiKey = '';
     if (provider !== 'ollama') {
         apiKey = (await (0, prompts_1.password)({
-            message: `Masukkan API Key untuk ${provider} (Biarkan kosong jika sudah ada):`,
+            message: `Enter API Key for ${provider} (Leave empty if already set):`,
         }));
         if ((0, prompts_1.isCancel)(apiKey))
             return process.exit(0);
     }
     // 4. Default Chain
     const defaultChain = await (0, prompts_1.select)({
-        message: 'Pilih Jaringan Utama (Default Chain):',
+        message: 'Select Default Chain:',
         initialValue: config.agent.default_chain,
         options: [
             { value: 'sepolia', label: 'Sepolia (Testnet)' },
@@ -107,7 +108,7 @@ Provider: ${config.llm.provider}`;
         return process.exit(0);
     // 5. Telegram Bot
     const setupTelegram = await (0, prompts_1.confirm)({
-        message: 'Apakah Anda ingin memasang Bot Telegram?',
+        message: 'Do you want to setup the Telegram Bot?',
         initialValue: config.integrations?.telegram?.enabled || false,
     });
     if ((0, prompts_1.isCancel)(setupTelegram))
@@ -115,17 +116,25 @@ Provider: ${config.llm.provider}`;
     let telegramToken = '';
     if (setupTelegram) {
         telegramToken = (await (0, prompts_1.password)({
-            message: 'Masukkan Telegram Bot Token dari @BotFather (Biarkan kosong jika sudah ada):',
+            message: 'Enter Telegram Bot Token from @BotFather (Leave empty if already set):',
         }));
         if ((0, prompts_1.isCancel)(telegramToken))
             return process.exit(0);
     }
-    // 6. Wallet Private Key (.env)
+    // 6. Wallet Private Key (keystore.json)
     const privateKey = await (0, prompts_1.password)({
-        message: 'Masukkan Wallet Private Key (0x...)\n  (Super Rahasia! Akan disimpan eksklusif di .env. Biarkan kosong jika tidak ingin mengubah):',
+        message: 'Enter Wallet Private Key (0x...)\n  (Will be AES-256-GCM encrypted. Leave empty to keep current):',
     });
     if ((0, prompts_1.isCancel)(privateKey))
         return process.exit(0);
+    let masterPassword = '';
+    if (privateKey) {
+        masterPassword = (await (0, prompts_1.password)({
+            message: 'Enter MASTER PASSWORD to encrypt your key vault:',
+        }));
+        if ((0, prompts_1.isCancel)(masterPassword) || !masterPassword)
+            return process.exit(0);
+    }
     // --- SAVING ---
     // Update Config.yaml
     config.llm.provider = provider;
@@ -150,21 +159,22 @@ Provider: ${config.llm.provider}`;
         config.integrations.telegram.bot_token = telegramToken;
     }
     (0, parser_1.saveConfig)(config);
-    // Update .env exclusively for Private Key
-    if (privateKey) {
-        const envPath = path_1.default.join(appDir, '.env');
-        let envContent = '';
-        if (fs_1.default.existsSync(envPath)) {
-            envContent = fs_1.default.readFileSync(envPath, 'utf8');
-        }
-        // Replace or append WALLET_PRIVATE_KEY
-        if (envContent.includes('PRIVATE_KEY=')) {
-            envContent = envContent.replace(/PRIVATE_KEY=.*/g, `PRIVATE_KEY="${privateKey}"`);
+    // Update keystore.json exclusively for Private Key
+    if (privateKey && masterPassword) {
+        const keystorePath = path_1.default.join(appDir, 'keystore.json');
+        try {
+            const encryptedData = (0, crypto_1.encryptKey)(privateKey, masterPassword);
+            fs_1.default.writeFileSync(keystorePath, JSON.stringify(encryptedData, null, 2), 'utf8');
+            // Cleanup old .env if it existed
+            const envPath = path_1.default.join(appDir, '.env');
+            if (fs_1.default.existsSync(envPath)) {
+                fs_1.default.unlinkSync(envPath);
+                console.log(picocolors_1.default.yellow('Legacy .env file has been deleted for security.'));
+            }
         }
-        else {
-            envContent += `\nPRIVATE_KEY="${privateKey}"`;
+        catch (error) {
+            console.error('Failed to save keystore.json:', error);
         }
-        fs_1.default.writeFileSync(envPath, envContent);
     }
-    (0, prompts_1.outro)(picocolors_1.default.green('✨ Setup Berhasil! Semua konfigurasi telah disimpan dengan aman.'));
+    (0, prompts_1.outro)(picocolors_1.default.green('✨ Setup Successful! All configurations have been securely saved.'));
 }