npm - openclaw-overlay-plugin - Versions diffs - 0.7.22 - Mend

openclaw-overlay-plugin 0.7.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (221) hide show

package/README.md +406 -0
package/SKILL.md +78 -0
package/clawdbot.plugin.json +106 -0
package/dist/cli-main.d.ts +7 -0
package/dist/cli-main.js +192 -0
package/dist/cli.d.ts +8 -0
package/dist/cli.js +14 -0
package/dist/core/config.d.ts +11 -0
package/dist/core/config.js +13 -0
package/dist/core/index.d.ts +25 -0
package/dist/core/index.js +26 -0
package/dist/core/payment.d.ts +16 -0
package/dist/core/payment.js +94 -0
package/dist/core/types.d.ts +94 -0
package/dist/core/types.js +4 -0
package/dist/core/verify.d.ts +28 -0
package/dist/core/verify.js +104 -0
package/dist/core/wallet.d.ts +99 -0
package/dist/core/wallet.js +219 -0
package/dist/scripts/baemail/commands.d.ts +64 -0
package/dist/scripts/baemail/commands.js +258 -0
package/dist/scripts/baemail/handler.d.ts +36 -0
package/dist/scripts/baemail/handler.js +284 -0
package/dist/scripts/baemail/index.d.ts +5 -0
package/dist/scripts/baemail/index.js +5 -0
package/dist/scripts/config.d.ts +48 -0
package/dist/scripts/config.js +68 -0
package/dist/scripts/index.d.ts +7 -0
package/dist/scripts/index.js +7 -0
package/dist/scripts/messaging/connect.d.ts +8 -0
package/dist/scripts/messaging/connect.js +114 -0
package/dist/scripts/messaging/handlers.d.ts +21 -0
package/dist/scripts/messaging/handlers.js +334 -0
package/dist/scripts/messaging/inbox.d.ts +11 -0
package/dist/scripts/messaging/inbox.js +51 -0
package/dist/scripts/messaging/index.d.ts +8 -0
package/dist/scripts/messaging/index.js +8 -0
package/dist/scripts/messaging/poll.d.ts +7 -0
package/dist/scripts/messaging/poll.js +52 -0
package/dist/scripts/messaging/send.d.ts +7 -0
package/dist/scripts/messaging/send.js +43 -0
package/dist/scripts/output.d.ts +12 -0
package/dist/scripts/output.js +19 -0
package/dist/scripts/overlay/discover.d.ts +7 -0
package/dist/scripts/overlay/discover.js +72 -0
package/dist/scripts/overlay/index.d.ts +7 -0
package/dist/scripts/overlay/index.js +7 -0
package/dist/scripts/overlay/registration.d.ts +19 -0
package/dist/scripts/overlay/registration.js +176 -0
package/dist/scripts/overlay/services.d.ts +29 -0
package/dist/scripts/overlay/services.js +167 -0
package/dist/scripts/overlay/transaction.d.ts +42 -0
package/dist/scripts/overlay/transaction.js +103 -0
package/dist/scripts/payment/build.d.ts +24 -0
package/dist/scripts/payment/build.js +54 -0
package/dist/scripts/payment/commands.d.ts +15 -0
package/dist/scripts/payment/commands.js +73 -0
package/dist/scripts/payment/index.d.ts +6 -0
package/dist/scripts/payment/index.js +6 -0
package/dist/scripts/payment/types.d.ts +56 -0
package/dist/scripts/payment/types.js +4 -0
package/dist/scripts/services/index.d.ts +6 -0
package/dist/scripts/services/index.js +6 -0
package/dist/scripts/services/queue.d.ts +11 -0
package/dist/scripts/services/queue.js +28 -0
package/dist/scripts/services/request.d.ts +7 -0
package/dist/scripts/services/request.js +82 -0
package/dist/scripts/services/respond.d.ts +11 -0
package/dist/scripts/services/respond.js +132 -0
package/dist/scripts/types.d.ts +107 -0
package/dist/scripts/types.js +4 -0
package/dist/scripts/utils/index.d.ts +6 -0
package/dist/scripts/utils/index.js +6 -0
package/dist/scripts/utils/merkle.d.ts +12 -0
package/dist/scripts/utils/merkle.js +47 -0
package/dist/scripts/utils/storage.d.ts +66 -0
package/dist/scripts/utils/storage.js +211 -0
package/dist/scripts/utils/woc.d.ts +26 -0
package/dist/scripts/utils/woc.js +91 -0
package/dist/scripts/wallet/balance.d.ts +22 -0
package/dist/scripts/wallet/balance.js +240 -0
package/dist/scripts/wallet/identity.d.ts +70 -0
package/dist/scripts/wallet/identity.js +151 -0
package/dist/scripts/wallet/index.d.ts +6 -0
package/dist/scripts/wallet/index.js +6 -0
package/dist/scripts/wallet/setup.d.ts +15 -0
package/dist/scripts/wallet/setup.js +105 -0
package/dist/scripts/x-verification/commands.d.ts +27 -0
package/dist/scripts/x-verification/commands.js +222 -0
package/dist/scripts/x-verification/index.d.ts +4 -0
package/dist/scripts/x-verification/index.js +4 -0
package/dist/services/built-in/api-proxy/index.d.ts +6 -0
package/dist/services/built-in/api-proxy/index.js +23 -0
package/dist/services/built-in/code-develop/index.d.ts +6 -0
package/dist/services/built-in/code-develop/index.js +23 -0
package/dist/services/built-in/code-review/index.d.ts +10 -0
package/dist/services/built-in/code-review/index.js +51 -0
package/dist/services/built-in/image-analysis/index.d.ts +6 -0
package/dist/services/built-in/image-analysis/index.js +33 -0
package/dist/services/built-in/memory-store/index.d.ts +6 -0
package/dist/services/built-in/memory-store/index.js +22 -0
package/dist/services/built-in/roulette/index.d.ts +6 -0
package/dist/services/built-in/roulette/index.js +27 -0
package/dist/services/built-in/summarize/index.d.ts +6 -0
package/dist/services/built-in/summarize/index.js +21 -0
package/dist/services/built-in/tell-joke/handler.d.ts +7 -0
package/dist/services/built-in/tell-joke/handler.js +122 -0
package/dist/services/built-in/tell-joke/index.d.ts +9 -0
package/dist/services/built-in/tell-joke/index.js +31 -0
package/dist/services/built-in/translate/index.d.ts +6 -0
package/dist/services/built-in/translate/index.js +21 -0
package/dist/services/built-in/web-research/index.d.ts +9 -0
package/dist/services/built-in/web-research/index.js +51 -0
package/dist/services/index.d.ts +13 -0
package/dist/services/index.js +14 -0
package/dist/services/loader.d.ts +77 -0
package/dist/services/loader.js +292 -0
package/dist/services/manager.d.ts +86 -0
package/dist/services/manager.js +255 -0
package/dist/services/registry.d.ts +98 -0
package/dist/services/registry.js +204 -0
package/dist/services/types.d.ts +230 -0
package/dist/services/types.js +30 -0
package/dist/test/cli.test.d.ts +7 -0
package/dist/test/cli.test.js +329 -0
package/dist/test/comprehensive-overlay.test.d.ts +13 -0
package/dist/test/comprehensive-overlay.test.js +593 -0
package/dist/test/key-derivation.test.d.ts +12 -0
package/dist/test/key-derivation.test.js +86 -0
package/dist/test/overlay-submit.test.d.ts +10 -0
package/dist/test/overlay-submit.test.js +460 -0
package/dist/test/request-response-flow.test.d.ts +5 -0
package/dist/test/request-response-flow.test.js +209 -0
package/dist/test/service-system.test.d.ts +5 -0
package/dist/test/service-system.test.js +190 -0
package/dist/test/utils/server-logic.d.ts +98 -0
package/dist/test/utils/server-logic.js +286 -0
package/dist/test/wallet.test.d.ts +7 -0
package/dist/test/wallet.test.js +146 -0
package/index.ts +1965 -0
package/openclaw.plugin.json +106 -0
package/package.json +73 -0
package/src/cli-main.ts +230 -0
package/src/cli.ts +16 -0
package/src/core/README.md +246 -0
package/src/core/config.ts +21 -0
package/src/core/index.ts +42 -0
package/src/core/payment.ts +111 -0
package/src/core/types.ts +102 -0
package/src/core/verify.ts +119 -0
package/src/core/wallet.ts +282 -0
package/src/scripts/baemail/commands.ts +326 -0
package/src/scripts/baemail/handler.ts +338 -0
package/src/scripts/baemail/index.ts +6 -0
package/src/scripts/config.ts +81 -0
package/src/scripts/index.ts +8 -0
package/src/scripts/messaging/connect.ts +121 -0
package/src/scripts/messaging/handlers.ts +394 -0
package/src/scripts/messaging/inbox.ts +64 -0
package/src/scripts/messaging/index.ts +9 -0
package/src/scripts/messaging/poll.ts +59 -0
package/src/scripts/messaging/send.ts +54 -0
package/src/scripts/output.ts +21 -0
package/src/scripts/overlay/discover.ts +81 -0
package/src/scripts/overlay/index.ts +8 -0
package/src/scripts/overlay/registration.ts +199 -0
package/src/scripts/overlay/services.ts +199 -0
package/src/scripts/overlay/transaction.ts +124 -0
package/src/scripts/payment/build.ts +65 -0
package/src/scripts/payment/commands.ts +92 -0
package/src/scripts/payment/index.ts +7 -0
package/src/scripts/payment/types.ts +62 -0
package/src/scripts/services/index.ts +7 -0
package/src/scripts/services/queue.ts +35 -0
package/src/scripts/services/request.ts +98 -0
package/src/scripts/services/respond.ts +149 -0
package/src/scripts/types.ts +121 -0
package/src/scripts/utils/index.ts +7 -0
package/src/scripts/utils/merkle.ts +57 -0
package/src/scripts/utils/storage.ts +231 -0
package/src/scripts/utils/woc.ts +106 -0
package/src/scripts/wallet/balance.ts +277 -0
package/src/scripts/wallet/identity.ts +203 -0
package/src/scripts/wallet/index.ts +7 -0
package/src/scripts/wallet/setup.ts +121 -0
package/src/scripts/x-verification/commands.ts +256 -0
package/src/scripts/x-verification/index.ts +5 -0
package/src/services/built-in/api-proxy/index.ts +26 -0
package/src/services/built-in/api-proxy/prompt.md +26 -0
package/src/services/built-in/code-develop/index.ts +26 -0
package/src/services/built-in/code-develop/prompt.md +35 -0
package/src/services/built-in/code-review/index.ts +54 -0
package/src/services/built-in/code-review/prompt.md +105 -0
package/src/services/built-in/image-analysis/index.ts +36 -0
package/src/services/built-in/image-analysis/prompt.md +42 -0
package/src/services/built-in/memory-store/index.ts +25 -0
package/src/services/built-in/memory-store/prompt.md +45 -0
package/src/services/built-in/roulette/index.ts +30 -0
package/src/services/built-in/roulette/prompt.md +35 -0
package/src/services/built-in/summarize/index.ts +24 -0
package/src/services/built-in/summarize/prompt.md +27 -0
package/src/services/built-in/tell-joke/handler.ts +134 -0
package/src/services/built-in/tell-joke/index.ts +34 -0
package/src/services/built-in/tell-joke/prompt.md +59 -0
package/src/services/built-in/translate/index.ts +24 -0
package/src/services/built-in/translate/prompt.md +23 -0
package/src/services/built-in/web-research/index.ts +54 -0
package/src/services/built-in/web-research/prompt.md +110 -0
package/src/services/index.ts +16 -0
package/src/services/loader.ts +344 -0
package/src/services/manager.ts +304 -0
package/src/services/registry.ts +246 -0
package/src/services/types.ts +259 -0
package/src/test/cli.test.ts +352 -0
package/src/test/comprehensive-overlay.test.ts +729 -0
package/src/test/key-derivation.test.ts +102 -0
package/src/test/overlay-submit.test.ts +570 -0
package/src/test/request-response-flow.test.ts +252 -0
package/src/test/service-system.test.ts +241 -0
package/src/test/utils/server-logic.ts +368 -0
package/src/test/wallet.test.ts +166 -0

package/src/scripts/baemail/commands.ts ADDED Viewed

@@ -0,0 +1,326 @@
+/**
+ * Baemail commands - paid message forwarding service.
+ */
+import fs from 'node:fs';
+import { PATHS } from '../config.js';
+import { ok, fail } from '../output.js';
+import { loadIdentity } from '../wallet/identity.js';
+import { ensureStateDir } from '../utils/storage.js';
+import { fetchWithTimeout } from '../utils/woc.js';
+// Types
+export interface BaemailConfig {
+  deliveryChannel: string;
+  tiers: {
+    standard: number;
+    priority: number;
+    urgent: number;
+  };
+  maxMessageLength: number;
+  blocklist: string[];
+  createdAt: string;
+  updatedAt: string;
+}
+export interface BaemailLogEntry {
+  requestId: string;
+  from: string;
+  senderName: string;
+  tier: string;
+  paidSats: number;
+  messageLength: number;
+  deliveryChannel: string;
+  deliverySuccess: boolean;
+  deliveryError: string | null;
+  paymentTxid: string;
+  refundStatus: string | null;
+  refundTxid?: string;
+  refundedAt?: string;
+  timestamp: string;
+  _lineIdx?: number;
+}
+/**
+ * Load baemail configuration.
+ */
+export function loadBaemailConfig(): BaemailConfig | null {
+  try {
+    if (fs.existsSync(PATHS.baemailConfig)) {
+      return JSON.parse(fs.readFileSync(PATHS.baemailConfig, 'utf-8'));
+    }
+  } catch (err) {
+    console.warn(`[baemail] Warning: Could not read config: ${(err as Error).message}`);
+  }
+  return null;
+}
+/**
+ * Save baemail configuration.
+ */
+export function saveBaemailConfig(config: BaemailConfig): void {
+  ensureStateDir();
+  fs.writeFileSync(PATHS.baemailConfig, JSON.stringify(config, null, 2));
+}
+/**
+ * Setup baemail service with delivery channel and tier pricing.
+ */
+export async function cmdBaemailSetup(
+  channel: string | undefined,
+  standardStr: string | undefined,
+  priorityStr?: string,
+  urgentStr?: string
+): Promise<never> {
+  if (!channel || !standardStr) {
+    return fail('Usage: baemail-setup <channel> <standardSats> [prioritySats] [urgentSats]');
+  }
+  const standard = parseInt(standardStr, 10);
+  const priority = priorityStr ? parseInt(priorityStr, 10) : standard * 2;
+  const urgent = urgentStr ? parseInt(urgentStr, 10) : standard * 5;
+  if (isNaN(standard) || standard < 1) {
+    return fail('Standard rate must be a positive integer (sats)');
+  }
+  if (priority < standard) {
+    return fail('Priority rate must be >= standard rate');
+  }
+  if (urgent < priority) {
+    return fail('Urgent rate must be >= priority rate');
+  }
+  const config: BaemailConfig = {
+    deliveryChannel: channel,
+    tiers: { standard, priority, urgent },
+    maxMessageLength: 4000,
+    blocklist: [],
+    createdAt: new Date().toISOString(),
+    updatedAt: new Date().toISOString(),
+  };
+  saveBaemailConfig(config);
+  return ok({
+    configured: true,
+    deliveryChannel: channel,
+    tiers: config.tiers,
+    note: `Advertise with: cli advertise baemail "Baemail" "Paid message forwarding. Pay ${standard}+ sats to reach me." ${standard}`,
+  });
+}
+/**
+ * View current baemail configuration.
+ */
+export async function cmdBaemailConfig(): Promise<never> {
+  const config = loadBaemailConfig();
+  if (!config) {
+    return fail('Baemail not configured. Run: baemail-setup <channel> <standardSats> [prioritySats] [urgentSats]');
+  }
+  return ok(config);
+}
+/**
+ * Block a sender from using baemail.
+ */
+export async function cmdBaemailBlock(identityKey: string | undefined): Promise<never> {
+  if (!identityKey) return fail('Usage: baemail-block <identityKey>');
+  const config = loadBaemailConfig();
+  if (!config) {
+    return fail('Baemail not configured. Run baemail-setup first.');
+  }
+  if (!config.blocklist) config.blocklist = [];
+  if (config.blocklist.includes(identityKey)) {
+    return fail('Identity already blocked');
+  }
+  config.blocklist.push(identityKey);
+  config.updatedAt = new Date().toISOString();
+  saveBaemailConfig(config);
+  return ok({ blocked: identityKey, totalBlocked: config.blocklist.length });
+}
+/**
+ * Unblock a sender.
+ */
+export async function cmdBaemailUnblock(identityKey: string | undefined): Promise<never> {
+  if (!identityKey) return fail('Usage: baemail-unblock <identityKey>');
+  const config = loadBaemailConfig();
+  if (!config) {
+    return fail('Baemail not configured. Run baemail-setup first.');
+  }
+  if (!config.blocklist || !config.blocklist.includes(identityKey)) {
+    return fail('Identity not in blocklist');
+  }
+  config.blocklist = config.blocklist.filter(k => k !== identityKey);
+  config.updatedAt = new Date().toISOString();
+  saveBaemailConfig(config);
+  return ok({ unblocked: identityKey, totalBlocked: config.blocklist.length });
+}
+/**
+ * View baemail delivery log.
+ */
+export async function cmdBaemailLog(limitStr?: string): Promise<never> {
+  const limit = parseInt(limitStr || '20', 10) || 20;
+  if (!fs.existsSync(PATHS.baemailLog)) {
+    return ok({ log: [], count: 0 });
+  }
+  const lines = fs.readFileSync(PATHS.baemailLog, 'utf-8').split('\n').filter(l => l.trim());
+  const entries: BaemailLogEntry[] = lines.map(l => {
+    try { return JSON.parse(l); } catch { return null; }
+  }).filter(Boolean) as BaemailLogEntry[];
+  const recent = entries.slice(-limit).reverse();
+  return ok({ log: recent, count: entries.length, showing: recent.length });
+}
+/**
+ * Refund a failed baemail delivery.
+ */
+export async function cmdBaemailRefund(requestId: string | undefined): Promise<never> {
+  if (!requestId) return fail('Usage: baemail-refund <requestId>');
+  if (!fs.existsSync(PATHS.baemailLog)) {
+    return fail('No baemail log found');
+  }
+  // Find the entry
+  const lines = fs.readFileSync(PATHS.baemailLog, 'utf-8').split('\n').filter(l => l.trim());
+  const entries: BaemailLogEntry[] = lines.map((l, idx) => {
+    try { return { ...JSON.parse(l), _lineIdx: idx }; } catch { return null; }
+  }).filter(Boolean) as BaemailLogEntry[];
+  const entry = entries.find(e => e.requestId === requestId);
+  if (!entry) {
+    return fail(`Request ${requestId} not found in baemail log`);
+  }
+  if (entry.deliverySuccess) {
+    return fail('This delivery was successful — no refund needed');
+  }
+  if (entry.refundStatus === 'completed') {
+    return fail('Refund already processed for this request');
+  }
+  // Load wallet and SDK
+  const { identityKey, privKey } = await loadIdentity();
+  const walletIdentityRaw = fs.readFileSync(PATHS.walletIdentity, 'utf-8');
+  const walletIdentity = JSON.parse(walletIdentityRaw);
+  // Dynamic import SDK
+  let sdk: any;
+  try {
+    sdk = await import('@bsv/sdk');
+  } catch {
+    return fail('Cannot load @bsv/sdk for refund transaction');
+  }
+  const { Transaction, P2PKH, PrivateKey, PublicKey, Hash } = sdk;
+  // Calculate refund amount
+  const refundSats = entry.paidSats - 1; // Keep 1 sat for tx fee
+  if (refundSats < 1) {
+    return fail('Amount too small to refund');
+  }
+  // Derive refund address from sender's identity key
+  const senderPubKey = PublicKey.fromString(entry.from);
+  const refundAddress = senderPubKey.toAddress().toString();
+  try {
+    // Load UTXOs
+    const address = walletIdentity.address;
+    const utxosResp = await fetchWithTimeout(`https://api.whatsonchain.com/v1/bsv/main/address/${address}/unspent`);
+    const utxos = await utxosResp.json();
+    if (!utxos || utxos.length === 0) {
+      return fail('No UTXOs available for refund');
+    }
+    // Build transaction
+    const tx = new Transaction();
+    let totalInput = 0;
+    const rootKey = PrivateKey.fromHex(walletIdentity.rootKeyHex);
+    for (const utxo of utxos) {
+      if (totalInput >= refundSats + 50) break;
+      tx.addInput({
+        sourceTXID: utxo.tx_hash,
+        sourceOutputIndex: utxo.tx_pos,
+        sourceSatoshis: utxo.value,
+        script: new P2PKH().lock(rootKey.toPublicKey().toAddress()).toHex(),
+        unlockingScriptTemplate: new P2PKH().unlock(rootKey),
+      });
+      totalInput += utxo.value;
+    }
+    if (totalInput < refundSats + 10) {
+      return fail('Insufficient funds for refund');
+    }
+    // Refund output
+    tx.addOutput({
+      satoshis: refundSats,
+      lockingScript: new P2PKH().lock(refundAddress),
+    });
+    // Change output
+    const fee = 10;
+    const change = totalInput - refundSats - fee;
+    if (change > 1) {
+      tx.addOutput({
+        satoshis: change,
+        lockingScript: new P2PKH().lock(rootKey.toPublicKey().toAddress()),
+      });
+    }
+    await tx.sign();
+    // Broadcast
+    const broadcastResp = await fetchWithTimeout('https://api.whatsonchain.com/v1/bsv/main/tx/raw', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ txhex: tx.toHex() }),
+    });
+    if (!broadcastResp.ok) {
+      const errBody = await broadcastResp.text();
+      return fail(`Broadcast failed: ${errBody}`);
+    }
+    const txid = tx.id('hex');
+    // Update log entry
+    const updatedLines = lines.map((l, idx) => {
+      if (idx === entry._lineIdx) {
+        const updated = { ...JSON.parse(l), refundStatus: 'completed', refundTxid: txid, refundedAt: new Date().toISOString() };
+        return JSON.stringify(updated);
+      }
+      return l;
+    });
+    fs.writeFileSync(PATHS.baemailLog, updatedLines.join('\n') + '\n');
+    return ok({
+      refunded: true,
+      requestId,
+      refundSats,
+      refundAddress,
+      txid,
+      note: `Refunded ${refundSats} sats to sender`,
+    });
+  } catch (err) {
+    return fail(`Refund failed: ${(err as Error).message}`);
+  }
+}

package/src/scripts/baemail/handler.ts ADDED Viewed

@@ -0,0 +1,338 @@
+/**
+ * Baemail service handler - processes incoming paid messages.
+ */
+import fs from 'node:fs';
+import path from 'node:path';
+import os from 'node:os';
+import { OVERLAY_URL, PATHS } from '../config.js';
+import { loadBaemailConfig, BaemailLogEntry } from './commands.js';
+import { signRelayMessage } from '../wallet/identity.js';
+import { verifyAndAcceptPayment } from '../messaging/handlers.js';
+import { fetchWithTimeout } from '../utils/woc.js';
+import { ensureStateDir } from '../utils/storage.js';
+// Dynamic SDK import
+let _sdk: any = null;
+async function getSdk(): Promise<any> {
+  if (_sdk) return _sdk;
+  try {
+    _sdk = await import('@bsv/sdk');
+    return _sdk;
+  } catch {
+    throw new Error('Cannot load @bsv/sdk');
+  }
+}
+interface BaemailInput {
+  message?: string;
+  senderName?: string;
+  replyIdentityKey?: string;
+}
+interface ServiceMessage {
+  id: string;
+  from: string;
+  payload?: {
+    input?: BaemailInput;
+    payment?: any;
+  };
+}
+interface ProcessResult {
+  id: string;
+  type: string;
+  serviceId: string;
+  action: string;
+  tier?: string;
+  deliverySuccess?: boolean;
+  deliveryError?: string | null | undefined;
+  paymentAccepted?: boolean;
+  paymentTxid?: string;
+  satoshisReceived?: number;
+  from: string;
+  ack: boolean;
+  reason?: string | null;
+}
+/**
+ * Process incoming baemail service request.
+ */
+export async function processBaemail(
+  msg: ServiceMessage,
+  identityKey: string,
+  privKey: any
+): Promise<ProcessResult> {
+  const input = (msg.payload?.input || msg.payload) as BaemailInput;
+  const payment = msg.payload?.payment;
+  // Load config
+  const config = loadBaemailConfig();
+  if (!config) {
+    const rejectPayload = {
+      requestId: msg.id,
+      serviceId: 'baemail',
+      status: 'rejected',
+      reason: 'Baemail service not configured on this agent.',
+    };
+    const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+    await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+    });
+    return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'not configured', from: msg.from, ack: true };
+  }
+  // Check blocklist
+  if (config.blocklist?.includes(msg.from)) {
+    const rejectPayload = {
+      requestId: msg.id,
+      serviceId: 'baemail',
+      status: 'rejected',
+      reason: 'Sender is blocked.',
+    };
+    const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+    await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+    });
+    return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'blocked', from: msg.from, ack: true };
+  }
+  // Validate message
+  const message = input?.message;
+  if (!message || typeof message !== 'string' || message.trim().length === 0) {
+    const rejectPayload = {
+      requestId: msg.id,
+      serviceId: 'baemail',
+      status: 'rejected',
+      reason: 'Missing or empty message. Send {message: "your message"}',
+    };
+    const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+    await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+    });
+    return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'missing message', from: msg.from, ack: true };
+  }
+  if (message.length > (config.maxMessageLength || 4000)) {
+    const rejectPayload = {
+      requestId: msg.id,
+      serviceId: 'baemail',
+      status: 'rejected',
+      reason: `Message too long. Max ${config.maxMessageLength || 4000} characters.`,
+    };
+    const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+    await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+    });
+    return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'message too long', from: msg.from, ack: true };
+  }
+  // Load wallet identity
+  const sdk = await getSdk();
+  const { PrivateKey, Hash } = sdk;
+  let walletIdentity: any;
+  try {
+    walletIdentity = JSON.parse(fs.readFileSync(PATHS.walletIdentity, 'utf-8'));
+  } catch (err) {
+    const rejectPayload = {
+      requestId: msg.id,
+      serviceId: 'baemail',
+      status: 'rejected',
+      reason: 'Service temporarily unavailable (wallet error)',
+    };
+    const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+    await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+    });
+    return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'wallet error', from: msg.from, ack: true };
+  }
+  // Sender info
+  const senderName = input?.senderName || 'Anonymous';
+  const replyKey = input?.replyIdentityKey || msg.from;
+  // Check hooks configured
+  let hookToken: string | null = null;
+  let hookPort = 18789;
+  const openclawConfigPath = path.join(os.homedir(), '.openclaw', 'openclaw.json');
+  if (fs.existsSync(openclawConfigPath)) {
+    try {
+      const openclawConfig = JSON.parse(fs.readFileSync(openclawConfigPath, 'utf-8'));
+      hookToken = openclawConfig?.hooks?.token;
+      hookPort = openclawConfig?.gateway?.port || 18789;
+    } catch {
+      // Ignore parse errors
+    }
+  }
+  if (!hookToken) {
+    const rejectPayload = {
+      requestId: msg.id,
+      serviceId: 'baemail',
+      status: 'rejected',
+      reason: 'OpenClaw hooks not configured. Payment NOT accepted.',
+    };
+    const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+    await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+    });
+    return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'hooks not configured', from: msg.from, ack: true };
+  }
+  // Verify and accept payment
+  const ourHash160 = Hash.hash160(PrivateKey.fromHex(walletIdentity.rootKeyHex).toPublicKey().encode(true));
+  const minPrice = config.tiers.standard;
+  const payResult = await verifyAndAcceptPayment(payment, minPrice, msg.from, 'baemail', ourHash160);
+  if (!payResult.accepted) {
+    const rejectPayload = {
+      requestId: msg.id,
+      serviceId: 'baemail',
+      status: 'rejected',
+      reason: `Payment rejected: ${payResult.error}. Minimum: ${minPrice} sats.`,
+    };
+    const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+    await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+    });
+    return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: payResult.error, from: msg.from, ack: true };
+  }
+  // Determine tier
+  const paidSats = payResult.satoshis;
+  let tier = 'standard';
+  let tierEmoji = '📧';
+  if (paidSats >= config.tiers.urgent) {
+    tier = 'urgent';
+    tierEmoji = '🚨';
+  } else if (paidSats >= config.tiers.priority) {
+    tier = 'priority';
+    tierEmoji = '⚡';
+  }
+  // Format message
+  const formattedMessage = `${tierEmoji} **Baemail** (${tier.toUpperCase()})
+**From:** ${senderName}
+**Paid:** ${paidSats} sats
+**Reply to:** \`${replyKey.slice(0, 16)}...\`
+---
+${message}
+---
+_Reply via overlay: \`cli send ${replyKey} ping "your reply"\`_`;
+  // Deliver via hooks
+  let deliverySuccess = false;
+  let deliveryError: string | null = null;
+  try {
+    const hookHost = process.env.CLAWDBOT_HOST || process.env.OPENCLAW_HOST || '127.0.0.1';
+    const hookUrl = `http://${hookHost}:${hookPort}/hooks/agent`;
+    const hookResp = await fetchWithTimeout(hookUrl, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${hookToken}`,
+        'x-clawdbot-token': hookToken,
+      },
+      body: JSON.stringify({
+        message: formattedMessage,
+        name: 'Baemail',
+        sessionKey: `baemail:${msg.id}`,
+        wakeMode: 'now',
+        deliver: true,
+        channel: config.deliveryChannel,
+      }),
+    });
+    if (hookResp.ok) {
+      deliverySuccess = true;
+    } else {
+      const body = await hookResp.text().catch(() => '');
+      deliveryError = `Hook failed: ${hookResp.status} ${body}`;
+    }
+  } catch (err) {
+    deliveryError = (err as Error).message;
+  }
+  // Log delivery
+  ensureStateDir();
+  const logEntry: BaemailLogEntry = {
+    requestId: msg.id,
+    from: msg.from,
+    senderName,
+    tier,
+    paidSats,
+    messageLength: message.length,
+    deliveryChannel: config.deliveryChannel,
+    deliverySuccess,
+    deliveryError: deliveryError ?? null,
+    paymentTxid: payResult.txid || '',
+    refundStatus: deliverySuccess ? null : 'pending',
+    timestamp: new Date().toISOString(),
+  };
+  fs.appendFileSync(PATHS.baemailLog, JSON.stringify(logEntry) + '\n');
+  // Send response
+  const responsePayload = {
+    requestId: msg.id,
+    serviceId: 'baemail',
+    status: deliverySuccess ? 'fulfilled' : 'delivery_failed',
+    result: {
+      delivered: deliverySuccess,
+      tier,
+      channel: config.deliveryChannel,
+      paidSats,
+      error: deliveryError,
+      replyTo: identityKey,
+      refundable: !deliverySuccess,
+      note: deliverySuccess ? undefined : 'Delivery failed. Run: baemail-refund ' + msg.id,
+    },
+    paymentAccepted: true,
+    paymentTxid: payResult.txid,
+    satoshisReceived: payResult.satoshis,
+  };
+  const respSig = signRelayMessage(privKey, msg.from, 'service-response', responsePayload);
+  await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: responsePayload, signature: respSig }),
+  });
+  return {
+    id: msg.id,
+    type: 'service-request',
+    serviceId: 'baemail',
+    action: deliverySuccess ? 'fulfilled' : 'delivery_failed',
+    tier,
+    deliverySuccess,
+    deliveryError: deliveryError === null ? undefined : deliveryError,
+    paymentAccepted: true,
+    paymentTxid: payResult.txid || undefined,
+    satoshisReceived: payResult.satoshis,
+    from: msg.from,
+    ack: true,
+  };
+}

package/src/scripts/baemail/index.ts ADDED Viewed

@@ -0,0 +1,6 @@
+/**
+ * Baemail module exports - paid message forwarding service.
+ */
+export * from './commands.js';
+export * from './handler.js';