openclaw-overlay-plugin 0.7.22

package/dist/scripts/baemail/handler.js

@@ -0,0 +1,284 @@
+/**
+ * Baemail service handler - processes incoming paid messages.
+ */
+import fs from 'node:fs';
+import path from 'node:path';
+import os from 'node:os';
+import { OVERLAY_URL, PATHS } from '../config.js';
+import { loadBaemailConfig } from './commands.js';
+import { signRelayMessage } from '../wallet/identity.js';
+import { verifyAndAcceptPayment } from '../messaging/handlers.js';
+import { fetchWithTimeout } from '../utils/woc.js';
+import { ensureStateDir } from '../utils/storage.js';
+// Dynamic SDK import
+let _sdk = null;
+async function getSdk() {
+    if (_sdk)
+        return _sdk;
+    try {
+        _sdk = await import('@bsv/sdk');
+        return _sdk;
+    }
+    catch {
+        throw new Error('Cannot load @bsv/sdk');
+    }
+}
+/**
+ * Process incoming baemail service request.
+ */
+export async function processBaemail(msg, identityKey, privKey) {
+    const input = (msg.payload?.input || msg.payload);
+    const payment = msg.payload?.payment;
+    // Load config
+    const config = loadBaemailConfig();
+    if (!config) {
+        const rejectPayload = {
+            requestId: msg.id,
+            serviceId: 'baemail',
+            status: 'rejected',
+            reason: 'Baemail service not configured on this agent.',
+        };
+        const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+        await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+        });
+        return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'not configured', from: msg.from, ack: true };
+    }
+    // Check blocklist
+    if (config.blocklist?.includes(msg.from)) {
+        const rejectPayload = {
+            requestId: msg.id,
+            serviceId: 'baemail',
+            status: 'rejected',
+            reason: 'Sender is blocked.',
+        };
+        const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+        await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+        });
+        return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'blocked', from: msg.from, ack: true };
+    }
+    // Validate message
+    const message = input?.message;
+    if (!message || typeof message !== 'string' || message.trim().length === 0) {
+        const rejectPayload = {
+            requestId: msg.id,
+            serviceId: 'baemail',
+            status: 'rejected',
+            reason: 'Missing or empty message. Send {message: "your message"}',
+        };
+        const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+        await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+        });
+        return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'missing message', from: msg.from, ack: true };
+    }
+    if (message.length > (config.maxMessageLength || 4000)) {
+        const rejectPayload = {
+            requestId: msg.id,
+            serviceId: 'baemail',
+            status: 'rejected',
+            reason: `Message too long. Max ${config.maxMessageLength || 4000} characters.`,
+        };
+        const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+        await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+        });
+        return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'message too long', from: msg.from, ack: true };
+    }
+    // Load wallet identity
+    const sdk = await getSdk();
+    const { PrivateKey, Hash } = sdk;
+    let walletIdentity;
+    try {
+        walletIdentity = JSON.parse(fs.readFileSync(PATHS.walletIdentity, 'utf-8'));
+    }
+    catch (err) {
+        const rejectPayload = {
+            requestId: msg.id,
+            serviceId: 'baemail',
+            status: 'rejected',
+            reason: 'Service temporarily unavailable (wallet error)',
+        };
+        const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+        await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+        });
+        return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'wallet error', from: msg.from, ack: true };
+    }
+    // Sender info
+    const senderName = input?.senderName || 'Anonymous';
+    const replyKey = input?.replyIdentityKey || msg.from;
+    // Check hooks configured
+    let hookToken = null;
+    let hookPort = 18789;
+    const openclawConfigPath = path.join(os.homedir(), '.openclaw', 'openclaw.json');
+    if (fs.existsSync(openclawConfigPath)) {
+        try {
+            const openclawConfig = JSON.parse(fs.readFileSync(openclawConfigPath, 'utf-8'));
+            hookToken = openclawConfig?.hooks?.token;
+            hookPort = openclawConfig?.gateway?.port || 18789;
+        }
+        catch {
+            // Ignore parse errors
+        }
+    }
+    if (!hookToken) {
+        const rejectPayload = {
+            requestId: msg.id,
+            serviceId: 'baemail',
+            status: 'rejected',
+            reason: 'OpenClaw hooks not configured. Payment NOT accepted.',
+        };
+        const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+        await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+        });
+        return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: 'hooks not configured', from: msg.from, ack: true };
+    }
+    // Verify and accept payment
+    const ourHash160 = Hash.hash160(PrivateKey.fromHex(walletIdentity.rootKeyHex).toPublicKey().encode(true));
+    const minPrice = config.tiers.standard;
+    const payResult = await verifyAndAcceptPayment(payment, minPrice, msg.from, 'baemail', ourHash160);
+    if (!payResult.accepted) {
+        const rejectPayload = {
+            requestId: msg.id,
+            serviceId: 'baemail',
+            status: 'rejected',
+            reason: `Payment rejected: ${payResult.error}. Minimum: ${minPrice} sats.`,
+        };
+        const sig = signRelayMessage(privKey, msg.from, 'service-response', rejectPayload);
+        await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: rejectPayload, signature: sig }),
+        });
+        return { id: msg.id, type: 'service-request', serviceId: 'baemail', action: 'rejected', reason: payResult.error, from: msg.from, ack: true };
+    }
+    // Determine tier
+    const paidSats = payResult.satoshis;
+    let tier = 'standard';
+    let tierEmoji = '📧';
+    if (paidSats >= config.tiers.urgent) {
+        tier = 'urgent';
+        tierEmoji = '🚨';
+    }
+    else if (paidSats >= config.tiers.priority) {
+        tier = 'priority';
+        tierEmoji = '⚡';
+    }
+    // Format message
+    const formattedMessage = `${tierEmoji} **Baemail** (${tier.toUpperCase()})
+
+**From:** ${senderName}
+**Paid:** ${paidSats} sats
+**Reply to:** \`${replyKey.slice(0, 16)}...\`
+
+---
+
+${message}
+
+---
+_Reply via overlay: \`cli send ${replyKey} ping "your reply"\`_`;
+    // Deliver via hooks
+    let deliverySuccess = false;
+    let deliveryError = null;
+    try {
+        const hookHost = process.env.CLAWDBOT_HOST || process.env.OPENCLAW_HOST || '127.0.0.1';
+        const hookUrl = `http://${hookHost}:${hookPort}/hooks/agent`;
+        const hookResp = await fetchWithTimeout(hookUrl, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${hookToken}`,
+                'x-clawdbot-token': hookToken,
+            },
+            body: JSON.stringify({
+                message: formattedMessage,
+                name: 'Baemail',
+                sessionKey: `baemail:${msg.id}`,
+                wakeMode: 'now',
+                deliver: true,
+                channel: config.deliveryChannel,
+            }),
+        });
+        if (hookResp.ok) {
+            deliverySuccess = true;
+        }
+        else {
+            const body = await hookResp.text().catch(() => '');
+            deliveryError = `Hook failed: ${hookResp.status} ${body}`;
+        }
+    }
+    catch (err) {
+        deliveryError = err.message;
+    }
+    // Log delivery
+    ensureStateDir();
+    const logEntry = {
+        requestId: msg.id,
+        from: msg.from,
+        senderName,
+        tier,
+        paidSats,
+        messageLength: message.length,
+        deliveryChannel: config.deliveryChannel,
+        deliverySuccess,
+        deliveryError: deliveryError ?? null,
+        paymentTxid: payResult.txid || '',
+        refundStatus: deliverySuccess ? null : 'pending',
+        timestamp: new Date().toISOString(),
+    };
+    fs.appendFileSync(PATHS.baemailLog, JSON.stringify(logEntry) + '\n');
+    // Send response
+    const responsePayload = {
+        requestId: msg.id,
+        serviceId: 'baemail',
+        status: deliverySuccess ? 'fulfilled' : 'delivery_failed',
+        result: {
+            delivered: deliverySuccess,
+            tier,
+            channel: config.deliveryChannel,
+            paidSats,
+            error: deliveryError,
+            replyTo: identityKey,
+            refundable: !deliverySuccess,
+            note: deliverySuccess ? undefined : 'Delivery failed. Run: baemail-refund ' + msg.id,
+        },
+        paymentAccepted: true,
+        paymentTxid: payResult.txid,
+        satoshisReceived: payResult.satoshis,
+    };
+    const respSig = signRelayMessage(privKey, msg.from, 'service-response', responsePayload);
+    await fetchWithTimeout(`${OVERLAY_URL}/relay/send`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ from: identityKey, to: msg.from, type: 'service-response', payload: responsePayload, signature: respSig }),
+    });
+    return {
+        id: msg.id,
+        type: 'service-request',
+        serviceId: 'baemail',
+        action: deliverySuccess ? 'fulfilled' : 'delivery_failed',
+        tier,
+        deliverySuccess,
+        deliveryError: deliveryError === null ? undefined : deliveryError,
+        paymentAccepted: true,
+        paymentTxid: payResult.txid || undefined,
+        satoshisReceived: payResult.satoshis,
+        from: msg.from,
+        ack: true,
+    };
+}

package/dist/scripts/baemail/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Baemail module exports - paid message forwarding service.
+ */
+export * from './commands.js';
+export * from './handler.js';

package/dist/scripts/baemail/index.js

@@ -0,0 +1,5 @@
+/**
+ * Baemail module exports - paid message forwarding service.
+ */
+export * from './commands.js';
+export * from './handler.js';

package/dist/scripts/config.d.ts

@@ -0,0 +1,48 @@
+/**
+ * Configuration constants and environment variables for the overlay CLI.
+ */
+/** Wallet storage directory */
+export declare const WALLET_DIR: string;
+/** Network to use (mainnet or testnet) */
+export declare const NETWORK: 'mainnet' | 'testnet';
+/** Overlay server URL */
+export declare const OVERLAY_URL: string;
+/** Agent display name on the overlay network */
+export declare const AGENT_NAME: string;
+/** Agent description for the overlay identity */
+export declare const AGENT_DESCRIPTION: string;
+/** WhatsOnChain API key (optional, for rate limit bypass) */
+export declare const WOC_API_KEY: string;
+/** Overlay state directory for registration, services, etc. */
+export declare const OVERLAY_STATE_DIR: string;
+/** Protocol identifier for overlay transactions */
+export declare const PROTOCOL_ID = "clawdbot overlay v1";
+/** Topic managers for overlay submissions */
+export declare const TOPICS: {
+    readonly IDENTITY: "tm_clawdbot_identity";
+    readonly SERVICES: "tm_clawdbot_services";
+    readonly X_VERIFICATION: "tm_clawdbot_x_verification";
+};
+/** Lookup services for overlay queries */
+export declare const LOOKUP_SERVICES: {
+    readonly AGENTS: "ls_clawdbot_agents";
+    readonly SERVICES: "ls_clawdbot_services";
+    readonly X_VERIFICATIONS: "ls_clawdbot_x_verifications";
+};
+/** Paths derived from config */
+export declare const PATHS: {
+    readonly walletIdentity: string;
+    readonly registration: string;
+    readonly services: string;
+    readonly latestChange: string;
+    readonly receivedPayments: string;
+    readonly researchQueue: string;
+    readonly serviceQueue: string;
+    readonly notifications: string;
+    readonly xVerifications: string;
+    readonly pendingXVerification: string;
+    readonly xEngagementQueue: string;
+    readonly memoryStore: string;
+    readonly baemailConfig: string;
+    readonly baemailLog: string;
+};

package/dist/scripts/config.js

@@ -0,0 +1,68 @@
+/**
+ * Configuration constants and environment variables for the overlay CLI.
+ */
+import path from 'node:path';
+import os from 'node:os';
+import fs from 'node:fs';
+// Auto-load .env from overlay state dir if it exists
+const overlayEnvPath = path.join(os.homedir(), '.clawdbot', 'bsv-overlay', '.env');
+try {
+    if (fs.existsSync(overlayEnvPath)) {
+        for (const line of fs.readFileSync(overlayEnvPath, 'utf-8').split('\n')) {
+            const match = line.match(/^([A-Z_]+)=(.+)$/);
+            if (match && !process.env[match[1]]) {
+                process.env[match[1]] = match[2].trim();
+            }
+        }
+    }
+}
+catch {
+    // Ignore errors loading .env
+}
+/** Wallet storage directory */
+export const WALLET_DIR = process.env.BSV_WALLET_DIR
+    || path.join(os.homedir(), '.clawdbot', 'bsv-wallet');
+/** Network to use (mainnet or testnet) */
+export const NETWORK = process.env.BSV_NETWORK || 'mainnet';
+/** Overlay server URL */
+export const OVERLAY_URL = process.env.OVERLAY_URL || 'https://clawoverlay.com';
+/** Agent display name on the overlay network */
+export const AGENT_NAME = process.env.AGENT_NAME || 'clawdbot-agent';
+/** Agent description for the overlay identity */
+export const AGENT_DESCRIPTION = process.env.AGENT_DESCRIPTION ||
+    `AI agent on the OpenClaw Overlay Network. Offers services for BSV micropayments.`;
+/** WhatsOnChain API key (optional, for rate limit bypass) */
+export const WOC_API_KEY = process.env.WOC_API_KEY || '';
+/** Overlay state directory for registration, services, etc. */
+export const OVERLAY_STATE_DIR = path.join(os.homedir(), '.clawdbot', 'bsv-overlay');
+/** Protocol identifier for overlay transactions */
+export const PROTOCOL_ID = 'clawdbot overlay v1';
+/** Topic managers for overlay submissions */
+export const TOPICS = {
+    IDENTITY: 'tm_clawdbot_identity',
+    SERVICES: 'tm_clawdbot_services',
+    X_VERIFICATION: 'tm_clawdbot_x_verification',
+};
+/** Lookup services for overlay queries */
+export const LOOKUP_SERVICES = {
+    AGENTS: 'ls_clawdbot_agents',
+    SERVICES: 'ls_clawdbot_services',
+    X_VERIFICATIONS: 'ls_clawdbot_x_verifications',
+};
+/** Paths derived from config */
+export const PATHS = {
+    walletIdentity: path.join(WALLET_DIR, 'wallet-identity.json'),
+    registration: path.join(OVERLAY_STATE_DIR, 'registration.json'),
+    services: path.join(OVERLAY_STATE_DIR, 'services.json'),
+    latestChange: path.join(OVERLAY_STATE_DIR, 'latest-change.json'),
+    receivedPayments: path.join(OVERLAY_STATE_DIR, 'received-payments.jsonl'),
+    researchQueue: path.join(OVERLAY_STATE_DIR, 'research-queue.jsonl'),
+    serviceQueue: path.join(OVERLAY_STATE_DIR, 'service-queue.jsonl'),
+    notifications: path.join(OVERLAY_STATE_DIR, 'notifications.jsonl'),
+    xVerifications: path.join(OVERLAY_STATE_DIR, 'x-verifications.json'),
+    pendingXVerification: path.join(OVERLAY_STATE_DIR, 'pending-x-verification.json'),
+    xEngagementQueue: path.join(OVERLAY_STATE_DIR, 'x-engagement-queue.jsonl'),
+    memoryStore: path.join(WALLET_DIR, 'memory-store.json'),
+    baemailConfig: path.join(OVERLAY_STATE_DIR, 'baemail-config.json'),
+    baemailLog: path.join(OVERLAY_STATE_DIR, 'baemail-log.jsonl'),
+};

package/dist/scripts/index.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Main exports for lib modules.
+ */
+export * from './types.js';
+export * from './config.js';
+export * from './output.js';
+export * from './baemail/index.js';

package/dist/scripts/index.js

@@ -0,0 +1,7 @@
+/**
+ * Main exports for lib modules.
+ */
+export * from './types.js';
+export * from './config.js';
+export * from './output.js';
+export * from './baemail/index.js';

package/dist/scripts/messaging/connect.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Connect command: WebSocket real-time message processing.
+ */
+/**
+ * Connect command: establish WebSocket connection for real-time messaging.
+ * Note: This function never returns normally - it runs until SIGINT/SIGTERM.
+ */
+export declare function cmdConnect(): Promise<void>;

package/dist/scripts/messaging/connect.js

@@ -0,0 +1,114 @@
+/**
+ * Connect command: WebSocket real-time message processing.
+ */
+import fs from 'node:fs';
+import { OVERLAY_URL, PATHS } from '../config.js';
+import { fail } from '../output.js';
+import { loadIdentity } from '../wallet/identity.js';
+import { processMessage } from './handlers.js';
+import { ensureStateDir } from '../utils/storage.js';
+/**
+ * Connect command: establish WebSocket connection for real-time messaging.
+ * Note: This function never returns normally - it runs until SIGINT/SIGTERM.
+ */
+export async function cmdConnect() {
+    let WebSocketClient;
+    try {
+        const ws = await import('ws');
+        WebSocketClient = ws.default || ws.WebSocket || ws;
+    }
+    catch {
+        return fail('WebSocket client not available. Install it: npm install ws');
+    }
+    const { identityKey, privKey } = await loadIdentity();
+    const wsUrl = OVERLAY_URL.replace(/^http/, 'ws') + '/relay/subscribe?identity=' + identityKey;
+    let reconnectDelay = 1000;
+    let shouldReconnect = true;
+    let currentWs = null;
+    function shutdown() {
+        shouldReconnect = false;
+        if (currentWs) {
+            try {
+                currentWs.close();
+            }
+            catch { }
+        }
+        process.exit(0);
+    }
+    process.on('SIGINT', shutdown);
+    process.on('SIGTERM', shutdown);
+    function connect() {
+        const ws = new WebSocketClient(wsUrl);
+        currentWs = ws;
+        ws.on('open', () => {
+            reconnectDelay = 1000; // reset on successful connect
+            console.error(JSON.stringify({ event: 'connected', identity: identityKey, overlay: OVERLAY_URL }));
+        });
+        ws.on('message', async (data) => {
+            try {
+                const envelope = JSON.parse(data.toString());
+                if (envelope.type === 'message') {
+                    const result = await processMessage(envelope.message, identityKey, privKey);
+                    // Output the result as a JSON line to stdout
+                    console.log(JSON.stringify(result));
+                    // Also append to notification log
+                    ensureStateDir();
+                    try {
+                        fs.appendFileSync(PATHS.notifications, JSON.stringify({ ...result, _ts: Date.now() }) + '\n');
+                    }
+                    catch { }
+                    // Ack the message
+                    if (result.ack) {
+                        try {
+                            await fetch(OVERLAY_URL + '/relay/ack', {
+                                method: 'POST',
+                                headers: { 'Content-Type': 'application/json' },
+                                body: JSON.stringify({ identity: identityKey, messageIds: [result.id] }),
+                            });
+                        }
+                        catch (ackErr) {
+                            console.error(JSON.stringify({ event: 'ack-error', id: result.id, message: String(ackErr) }));
+                        }
+                    }
+                }
+                // Handle service announcements
+                if (envelope.type === 'service-announced') {
+                    const svc = envelope.service || {};
+                    const announcement = {
+                        event: 'service-announced',
+                        serviceId: svc.serviceId,
+                        name: svc.name,
+                        description: svc.description,
+                        priceSats: svc.pricingSats,
+                        provider: svc.identityKey,
+                        txid: envelope.txid,
+                        _ts: Date.now(),
+                    };
+                    console.log(JSON.stringify(announcement));
+                    ensureStateDir();
+                    try {
+                        fs.appendFileSync(PATHS.notifications, JSON.stringify(announcement) + '\n');
+                    }
+                    catch { }
+                }
+            }
+            catch (err) {
+                console.error(JSON.stringify({ event: 'process-error', message: String(err) }));
+            }
+        });
+        ws.on('close', () => {
+            currentWs = null;
+            if (shouldReconnect) {
+                console.error(JSON.stringify({ event: 'disconnected', reconnectMs: reconnectDelay }));
+                setTimeout(connect, reconnectDelay);
+                reconnectDelay = Math.min(reconnectDelay * 2, 30000);
+            }
+        });
+        ws.on('error', (err) => {
+            console.error(JSON.stringify({ event: 'error', message: err.message }));
+        });
+    }
+    connect();
+    // Keep the process alive — never resolves
+    await new Promise(() => { });
+}

package/dist/scripts/messaging/handlers.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Message type handlers and processMessage function.
+ */
+import type { RelayMessage, ProcessMessageResult } from '../types.js';
+/**
+ * Verify and accept a payment from a service request.
+ * Uses a2a-bsv wallet.acceptPayment() for proper BRC-29 handling.
+ */
+export declare function verifyAndAcceptPayment(payment: any, minSats: number, senderKey: string, serviceId: string, ourHash160: Uint8Array): Promise<{
+    accepted: boolean;
+    txid: string | null;
+    satoshis: number;
+    outputIndex: number;
+    walletAccepted: boolean;
+    error: string | null;
+}>;
+/**
+ * Process a single relay message.
+ * Handles pings, service requests, pongs, and service responses.
+ */
+export declare function processMessage(msg: RelayMessage, identityKey: string, privKey: any): Promise<ProcessMessageResult>;