nyxora 1.6.2 → 1.6.3

package/packages/dashboard/src/index.css

@@ -1,16 +1,20 @@
 :root {
-  --bg-color: #0f172a;
-  --bg-secondary: #1e293b;
-  --bg-sidebar: #0b1120;
-  --text-primary: #f8fafc;
-  --text-secondary: #94a3b8;
-  --accent: #3b82f6;
-  --accent-hover: #2563eb;
-  --glass-bg: rgba(30, 41, 59, 0.7);
-  --glass-border: rgba(255, 255, 255, 0.1);
-  --chat-user: #3b82f6;
-  --chat-agent: #1e293b;
-  --tool-bg: #0f172a;
+  /* Nord Theme - Dark Default */
+  --bg-color: #3b4252; /* Main content background */
+  --bg-secondary: #434c5e;
+  --bg-sidebar: #2e3440; /* Sidebar darker background */
+  --text-primary: #eceff4;
+  --text-secondary: #d8dee9;
+  --accent: #88c0d0; /* Frost Light Blue/Cyan */
+  --accent-hover: #81a1c1;
+  --glass-bg: rgba(46, 52, 64, 0.7);
+  --glass-border: rgba(216, 222, 233, 0.1);
+  --chat-user: #88c0d0;
+  --chat-user-text: #2e3440; /* Dark text for contrast against cyan bubble */
+  --chat-agent: #2e3440;
+  --tool-bg: #4c566a;
+  --success: #a3be8c;
+  --danger: #bf616a;
 }
 
 * {
@@ -36,8 +40,7 @@ body {
 /* SIDEBAR */
 .sidebar {
   width: 280px;
-  background-color: rgba(11, 17, 32, 0.85);
-  backdrop-filter: blur(20px);
+  background-color: var(--bg-sidebar);
   border-right: 1px solid var(--glass-border);
   display: flex;
   flex-direction: column;
@@ -56,11 +59,11 @@ body {
 }
 
 .agent-avatar {
-  background: rgba(59, 130, 246, 0.15);
+  background: rgba(136, 192, 208, 0.15);
   padding: 12px;
   border-radius: 16px;
-  border: 1px solid rgba(59, 130, 246, 0.3);
-  box-shadow: 0 0 20px 0 rgba(59, 130, 246, 0.2);
+  border: 1px solid rgba(136, 192, 208, 0.3);
+  box-shadow: 0 0 20px 0 rgba(136, 192, 208, 0.2);
   display: flex;
   justify-content: center;
   align-items: center;
@@ -118,12 +121,10 @@ body {
 }
 
 .sidebar-section {
-  padding: 24px 24px 12px;
-  font-size: 0.7rem;
-  text-transform: uppercase;
-  letter-spacing: 0.15em;
-  color: #64748b;
-  font-weight: 700;
+  padding: 24px 24px 8px;
+  font-size: 0.75rem;
+  color: #8b9bb4;
+  font-weight: 500;
 }
 
 .sidebar-nav {
@@ -136,11 +137,11 @@ body {
 .nav-item {
   display: flex;
   align-items: center;
-  gap: 14px;
-  padding: 12px 16px;
-  border-radius: 12px;
+  gap: 10px;
+  padding: 8px 12px;
+  border-radius: 8px;
   color: #94a3b8;
-  font-size: 0.95rem;
+  font-size: 0.8rem;
   font-weight: 500;
   cursor: pointer;
   transition: all 0.25s cubic-bezier(0.4, 0, 0.2, 1);
@@ -159,7 +160,47 @@ body {
 
 .nav-item:hover .nav-icon {
   transform: scale(1.1);
-  color: var(--accent);
+  color: #fff;
+}
+
+.sessions-list {
+  gap: 0px !important;
+  justify-content: flex-start !important;
+  flex: none !important;
+  height: max-content !important;
+}
+
+.session-item {
+  justify-content: space-between;
+  padding: 4px 10px !important;
+  margin-bottom: 2px !important;
+  margin-top: 0px !important;
+  min-height: 28px !important;
+  height: max-content !important;
+  flex: none !important;
+}
+
+.delete-session-btn {
+  background: transparent;
+  border: none;
+  color: #bf616a;
+  cursor: pointer;
+  opacity: 0;
+  transition: opacity 0.2s ease, transform 0.2s ease;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  padding: 4px;
+  border-radius: 6px;
+}
+
+.delete-session-btn:hover {
+  background: rgba(191, 97, 106, 0.2);
+  transform: scale(1.1);
+}
+
+.session-item:hover .delete-session-btn {
+  opacity: 1;
 }
 
 .nav-item.active {
@@ -192,8 +233,7 @@ body {
   align-items: center;
   justify-content: space-between;
   padding: 0 24px;
-  background: rgba(15, 23, 42, 0.6);
-  backdrop-filter: blur(12px);
+  background: var(--bg-color);
 }
 
 .topbar-left {
@@ -324,12 +364,38 @@ body {
   animation: fadeIn 0.3s ease-out forwards;
 }
 
+.message-wrapper.agent {
+  align-self: flex-start;
+  flex-direction: row;
+  align-items: flex-end;
+  gap: 8px;
+}
 .message-wrapper.user {
   align-self: flex-end;
+  flex-direction: row-reverse;
+  align-items: flex-end;
+  gap: 8px;
 }
 
-.message-wrapper.agent {
-  align-self: flex-start;
+.copy-btn {
+  background: transparent;
+  border: none;
+  color: var(--text-secondary);
+  cursor: pointer;
+  padding: 6px;
+  border-radius: 6px;
+  opacity: 0;
+  transition: opacity 0.2s, background 0.2s;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+}
+.copy-btn:hover {
+  background: var(--bg-secondary);
+  color: var(--text-primary);
+}
+.message-wrapper:hover .copy-btn {
+  opacity: 1;
 }
 
 .message-bubble {
@@ -343,7 +409,7 @@ body {
 
 .user .message-bubble {
   background-color: var(--chat-user);
-  color: white;
+  color: var(--chat-user-text);
   border-bottom-right-radius: 4px;
 }
 
@@ -351,6 +417,7 @@ body {
   background-color: var(--chat-agent);
   border: 1px solid var(--glass-border);
   border-bottom-left-radius: 4px;
+  color: var(--text-primary);
 }
 
 .tool-call {
@@ -360,14 +427,14 @@ body {
   padding: 10px 14px;
   border-radius: 12px;
   margin-top: 10px;
-  border: 1px solid rgba(255, 255, 255, 0.05);
+  border: 1px solid var(--glass-border);
   display: flex;
   align-items: center;
   gap: 8px;
 }
 
 .tool-call code {
-  color: #a78bfa;
+  color: var(--accent);
   font-family: monospace;
 }
 
@@ -507,3 +574,47 @@ body {
   from { opacity: 0; transform: translateY(10px); }
   to { opacity: 1; transform: translateY(0); }
 }
+
+.prompt-suggestions {
+  display: flex;
+  gap: 12px;
+  margin-bottom: 12px;
+  overflow-x: auto;
+}
+.prompt-suggestions button {
+  background: var(--bg-secondary);
+  color: var(--text-secondary);
+  border: 1px solid var(--glass-border);
+  padding: 8px 16px;
+  border-radius: 20px;
+  font-size: 0.85rem;
+  cursor: pointer;
+  white-space: nowrap;
+  transition: all 0.2s;
+}
+.prompt-suggestions button:hover {
+  border-color: var(--accent);
+  color: var(--text-primary);
+}
+.trending-tokens {
+  display: flex;
+  align-items: center;
+  gap: 12px;
+  margin-top: 12px;
+  font-size: 0.8rem;
+  color: var(--text-secondary);
+}
+.token-tag {
+  background: var(--accent);
+  color: var(--bg-color);
+  padding: 4px 10px;
+  border-radius: 12px;
+  font-weight: 600;
+  cursor: pointer;
+  transition: transform 0.2s, filter 0.2s;
+}
+
+.token-tag:hover {
+  transform: translateY(-2px);
+  filter: brightness(1.2);
+}

package/packages/policy/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nyxora/policy",
-  "version": "1.6.2",
+  "version": "1.6.3",
   "private": true,
   "main": "src/server.ts",
   "dependencies": {

package/packages/policy/src/server.ts

@@ -5,6 +5,7 @@ import yaml from 'yaml';
 import http from 'http';
 import { z } from 'zod';
 import path from 'path';
+import crypto from 'crypto';
 
 const PORT = 3001;
 const JWT_SECRET = process.env.INTERNAL_AUTH_TOKEN;
@@ -77,33 +78,6 @@ app.get('/address', (req, res) => {
   signerReq.end();
 });
 
-// Proxy POST /unlock to Signer
-app.post('/unlock', (req, res) => {
-  const { keystore, password } = req.body;
-  const requestPayload = JSON.stringify({ keystore, password });
-  
-  const options = {
-    socketPath: SIGNER_SOCKET,
-    path: '/unlock',
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/json',
-      'Authorization': `Bearer ${jwt.sign({ service: 'policy' }, JWT_SECRET, { expiresIn: '1m' })}`,
-      'Content-Length': Buffer.byteLength(requestPayload)
-    }
-  };
-
-  const signerReq = http.request(options, (signerRes) => {
-    let data = '';
-    signerRes.on('data', chunk => data += chunk);
-    signerRes.on('end', () => res.status(signerRes.statusCode || 200).json(JSON.parse(data)));
-  });
-
-  signerReq.on('error', (e) => res.status(500).json({ error: 'Failed to unlock vault: ' + e.message }));
-  signerReq.write(requestPayload);
-  signerReq.end();
-});
-
 app.post('/request-tx', (req, res) => {
   try {
     const payload = TxRequestSchema.parse(req.body);
@@ -111,6 +85,17 @@ app.post('/request-tx', (req, res) => {
     
     // Auto-approve bypass for internal trusted features like CL/TP
     if (payload.autoApprove) {
+        const providedSig = req.body.internalSignature;
+        if (!providedSig) return res.status(403).json({ error: 'Missing internal signature for autoApprove' });
+        
+        // Ensure amountWei exists
+        const amountWei = payload.details?.amountWei || '';
+        const expectedSig = crypto.createHmac('sha256', JWT_SECRET).update(payload.chainName + amountWei).digest('hex');
+        
+        if (providedSig !== expectedSig) {
+            return res.status(403).json({ error: 'Invalid internal signature for autoApprove' });
+        }
+
         const requestPayload = JSON.stringify({ txPayload: payload });
         const options = {
             socketPath: SIGNER_SOCKET,
@@ -153,11 +138,19 @@ app.get('/pending-tx', (req, res) => {
 
 app.post('/approve-tx/:id', (req, res) => {
   const txId = req.params.id;
+  const { nonce, approvalHash } = req.body;
   const tx = pendingTransactions[txId];
   
   if (!tx) return res.status(404).json({ error: 'Transaction not found' });
   if (tx.status !== 'pending') return res.status(400).json({ error: 'Transaction not pending' });
-  
+  if (!nonce || !approvalHash) return res.status(400).json({ error: 'Missing cryptographic approval parameters' });
+
+  // Cryptographically Bound Approval verification
+  const expectedHash = crypto.createHash('sha256').update(txId + nonce + JWT_SECRET).digest('hex');
+  if (approvalHash !== expectedHash) {
+      return res.status(403).json({ error: 'Invalid Challenge Nonce Hash. Cryptographic approval failed.' });
+  }
+
   const requestPayload = JSON.stringify({
     txPayload: tx
   });

package/packages/signer/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nyxora/signer",
-  "version": "1.6.2",
+  "version": "1.6.3",
   "private": true,
   "main": "src/server.ts",
   "dependencies": {

package/packages/signer/src/server.ts

@@ -17,9 +17,48 @@ if (!JWT_SECRET) {
 const app = express();
 app.use(express.json());
 
+import keytar from 'keytar';
+import path from 'path';
+import os from 'os';
+
 let vaultPrivateKey: `0x${string}` | null = null;
 let vaultAddress: string | null = null;
 
+// Auto-unlock from OS Keyring or fallback .env
+async function loadPrivateKey() {
+  try {
+    const pk = await keytar.getPassword('nyxora', 'wallet');
+    if (pk) {
+      vaultPrivateKey = pk.startsWith('0x') ? (pk as `0x${string}`) : (`0x${pk}` as `0x${string}`);
+      const account = privateKeyToAccount(vaultPrivateKey);
+      vaultAddress = account.address;
+      console.log(`✅ [Signer] Vault unlocked securely from OS Keyring. Agent Address: ${vaultAddress}`);
+      return;
+    }
+  } catch (e) {
+    console.warn(`⚠️ [Signer] OS Keyring failed (module mismatch or headless). Using fallback.`);
+  }
+
+  // Fallback to vault.key
+  const vaultPath = path.join(os.homedir(), '.nyxora', 'vault.key');
+  if (fs.existsSync(vaultPath)) {
+    const content = fs.readFileSync(vaultPath, 'utf8');
+    const match = content.match(/PRIVATE_KEY=(.+)/);
+    if (match && match[1]) {
+      const pk = match[1].trim();
+      vaultPrivateKey = pk.startsWith('0x') ? (pk as `0x${string}`) : (`0x${pk}` as `0x${string}`);
+      const account = privateKeyToAccount(vaultPrivateKey);
+      vaultAddress = account.address;
+      console.log(`✅ [Signer] Vault unlocked from vault.key fallback. Agent Address: ${vaultAddress}`);
+    }
+  } else {
+    console.log(`❌ [Signer] No Private Key found in OS Keyring or vault.key. Web3 features will fail.`);
+  }
+}
+
+// Load it immediately
+loadPrivateKey();
+
 // Nonce Management
 const nonceLocks: Record<number, Promise<void>> = {};
 const nonceCache: Record<number, number> = {};
@@ -42,19 +81,6 @@ app.use((req, res, next) => {
   }
 });
 
-app.post('/unlock', (req, res) => {
-  const { keystore, password } = req.body;
-  try {
-    const pk = decryptKey(keystore, password);
-    vaultPrivateKey = pk.startsWith('0x') ? pk as `0x${string}` : `0x${pk}` as `0x${string}`;
-    const account = privateKeyToAccount(vaultPrivateKey);
-    vaultAddress = account.address;
-    res.json({ success: true, address: vaultAddress });
-  } catch (err: any) {
-    res.status(401).json({ error: 'Invalid password or keystore' });
-  }
-});
-
 app.get('/address', (req, res) => {
   if (!vaultAddress) return res.status(403).json({ error: 'Vault is locked' });
   res.json({ address: vaultAddress });

package/bin/nyxora.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-const path = require('path');
-process.env.TS_NODE_SKIP_IGNORE = "true";
-process.env.TS_NODE_TRANSPILE_ONLY = "true";
-process.env.TS_NODE_PROJECT = path.join(__dirname, '../tsconfig.json');
-require('ts-node/register');
-
-const args = process.argv.slice(2);
-if (args[0] === 'setup') {
-  require('../packages/core/src/gateway/cli.ts');
-} else {
-  require('../launcher.ts');
-}