openclaw-overlay-plugin 0.8.19 → 0.8.21

package/dist/index.js

@@ -86,740 +86,6 @@ var init_config = __esm({
   }
 });
 
-// src/scripts/output.ts
-function setNoExit(value) {
-  noExitFlag = value;
-}
-function ok(data) {
-  if (noExitFlag) return { success: true, data };
-  console.log(JSON.stringify({ success: true, data }));
-  process.exit(0);
-}
-function fail(error) {
-  const message = error instanceof Error ? error.message : String(error);
-  if (noExitFlag) return { success: false, error: message };
-  console.log(JSON.stringify({ success: false, error: message }));
-  process.exit(1);
-}
-var noExitFlag;
-var init_output = __esm({
-  "src/scripts/output.ts"() {
-    "use strict";
-    noExitFlag = false;
-  }
-});
-
-// ../plugin-core/dist/config.js
-function toChain(network) {
-  if (network === "testnet")
-    return "test";
-  return "main";
-}
-var DEFAULT_TAAL_API_KEYS, DEFAULT_DB_NAME;
-var init_config2 = __esm({
-  "../plugin-core/dist/config.js"() {
-    "use strict";
-    DEFAULT_TAAL_API_KEYS = {
-      main: "mainnet_9596de07e92300c6287e4393594ae39c",
-      test: "testnet_0e6cf72133b43ea2d7861da2a38684e3"
-    };
-    DEFAULT_DB_NAME = "a2a_agent_wallet";
-  }
-});
-
-// ../plugin-core/dist/payment.js
-import { Beef, Utils as Utils2 } from "@bsv/sdk";
-import { randomBytesBase64, ScriptTemplateBRC29 } from "@bsv/wallet-toolbox";
-async function buildPayment(setup, params) {
-  const { to, satoshis, description } = params;
-  const desc = normalizeDescription(description ?? "agent payment");
-  const derivationPrefix = randomBytesBase64(8);
-  const derivationSuffix = randomBytesBase64(8);
-  const keyDeriver = setup.keyDeriver;
-  const t = new ScriptTemplateBRC29({
-    derivationPrefix,
-    derivationSuffix,
-    keyDeriver
-  });
-  let recipientPubKey;
-  if (/^0[23][0-9a-fA-F]{64}$/.test(to)) {
-    recipientPubKey = to;
-  } else {
-    throw new Error("PaymentParams.to must be a compressed public key (hex) for BRC-29 payments. Raw BSV addresses are not supported \u2014 the recipient must share their identity key.");
-  }
-  const lockingScript = t.lock(setup.rootKey.toString(), recipientPubKey);
-  const label = "a2a-payment";
-  const car = await setup.wallet.createAction({
-    outputs: [
-      {
-        lockingScript: lockingScript.toHex(),
-        satoshis,
-        outputDescription: desc,
-        tags: ["relinquish"],
-        customInstructions: JSON.stringify({
-          derivationPrefix,
-          derivationSuffix,
-          type: "BRC29"
-        })
-      }
-    ],
-    options: {
-      randomizeOutputs: false,
-      acceptDelayedBroadcast: false
-    },
-    labels: [label],
-    description: desc
-  });
-  if (!car.tx) {
-    throw new Error("createAction did not return a transaction. Check wallet funding.");
-  }
-  const beef = Beef.fromBinary(car.tx);
-  const lastTx = beef.txs[beef.txs.length - 1];
-  const txid = lastTx.txid;
-  const atomicBinary = beef.toBinaryAtomic(txid);
-  const beefBase64 = Utils2.toBase64(atomicBinary);
-  return {
-    beef: beefBase64,
-    txid,
-    satoshis,
-    derivationPrefix,
-    derivationSuffix,
-    senderIdentityKey: setup.identityKey
-  };
-}
-function normalizeDescription(desc) {
-  if (desc.length < 5)
-    return desc.padEnd(5, " ");
-  if (desc.length > 50)
-    return desc.slice(0, 50);
-  return desc;
-}
-var init_payment = __esm({
-  "../plugin-core/dist/payment.js"() {
-    "use strict";
-  }
-});
-
-// ../plugin-core/dist/verify.js
-import { Beef as Beef2, Utils as Utils3 } from "@bsv/sdk";
-async function verifyPayment(params) {
-  const errors = [];
-  let txid = "";
-  let outputCount = 0;
-  try {
-    const binary = Utils3.toArray(params.beef, "base64");
-    const beef = Beef2.fromBinary(binary);
-    if (beef.txs.length === 0) {
-      errors.push("BEEF contains no transactions");
-    } else {
-      const lastTx = beef.txs[beef.txs.length - 1];
-      txid = lastTx.txid;
-      const tx = beef.findAtomicTransaction(txid);
-      if (tx) {
-        outputCount = tx.outputs.length;
-        try {
-          await tx.verify();
-        } catch (err) {
-          const message = err instanceof Error ? err.message : String(err);
-          errors.push(`SPV verification failed: ${message}`);
-        }
-      } else {
-        errors.push("Could not find atomic transaction in BEEF");
-      }
-    }
-  } catch (err) {
-    const message = err instanceof Error ? err.message : String(err);
-    errors.push(`BEEF parse error: ${message}`);
-  }
-  if (params.expectedSender) {
-    if (!/^0[23][0-9a-fA-F]{64}$/.test(params.expectedSender)) {
-      errors.push("expectedSender is not a valid compressed public key");
-    }
-  }
-  return {
-    valid: errors.length === 0,
-    txid,
-    outputCount,
-    errors
-  };
-}
-async function acceptPayment(setup, params) {
-  const desc = normalizeDescription2(params.description ?? "received payment");
-  const vout = params.vout ?? 0;
-  const binary = Utils3.toArray(params.beef, "base64");
-  const args = {
-    tx: binary,
-    outputs: [
-      {
-        outputIndex: vout,
-        protocol: "wallet payment",
-        paymentRemittance: {
-          derivationPrefix: params.derivationPrefix,
-          derivationSuffix: params.derivationSuffix,
-          senderIdentityKey: params.senderIdentityKey
-        }
-      }
-    ],
-    description: desc
-  };
-  const result = await setup.wallet.internalizeAction(args);
-  return {
-    accepted: result.accepted
-  };
-}
-function normalizeDescription2(desc) {
-  if (desc.length < 5)
-    return desc.padEnd(5, " ");
-  if (desc.length > 50)
-    return desc.slice(0, 50);
-  return desc;
-}
-var init_verify = __esm({
-  "../plugin-core/dist/verify.js"() {
-    "use strict";
-  }
-});
-
-// ../plugin-core/dist/wallet.js
-import { PrivateKey, CachedKeyDeriver as CachedKeyDeriver2 } from "@bsv/sdk";
-import { Wallet, WalletStorageManager, Services, Monitor, StorageKnex, randomBytesHex, ChaintracksServiceClient } from "@bsv/wallet-toolbox";
-import knexLib from "knex";
-import * as path3 from "node:path";
-import * as fs4 from "node:fs";
-import debug from "debug";
-var log, IDENTITY_FILE, BSVAgentWallet;
-var init_wallet = __esm({
-  "../plugin-core/dist/wallet.js"() {
-    "use strict";
-    init_config2();
-    init_payment();
-    init_verify();
-    log = debug("openclaw:plugin:overlay:wallet");
-    IDENTITY_FILE = "wallet-identity.json";
-    BSVAgentWallet = class _BSVAgentWallet {
-      /** @internal — exposed for advanced operations (e.g. direct internalizeAction) */
-      _setup;
-      constructor(setup) {
-        this._setup = setup;
-      }
-      // ---------------------------------------------------------------------------
-      // Factory methods
-      // ---------------------------------------------------------------------------
-      /**
-       * Create a new agent wallet. Generates a fresh root key and persists it.
-       * The SQLite database and identity file are written to `config.storageDir`.
-       */
-      static async create(config) {
-        log("Creating new wallet in: %s", config.storageDir);
-        const rootKeyHex = config.rootKeyHex ?? PrivateKey.fromRandom().toHex();
-        const rootKey = PrivateKey.fromHex(rootKeyHex);
-        const identityKey = rootKey.toPublicKey().toString();
-        fs4.mkdirSync(config.storageDir, { recursive: true });
-        const identity = {
-          rootKeyHex,
-          identityKey,
-          network: config.network
-        };
-        const identityPath = path3.join(config.storageDir, IDENTITY_FILE);
-        fs4.writeFileSync(identityPath, JSON.stringify(identity, null, 2), "utf-8");
-        const setup = await _BSVAgentWallet.buildSetup(config, rootKeyHex);
-        return new _BSVAgentWallet(setup);
-      }
-      /**
-       * Load an existing agent wallet from its storage directory.
-       * Reads the persisted identity file and re-initializes the wallet.
-       */
-      static async load(config) {
-        log("Loading wallet from: %s", config.storageDir);
-        const identityPath = path3.join(config.storageDir, IDENTITY_FILE);
-        if (!fs4.existsSync(identityPath)) {
-          if (config.createIfMissing === false) {
-            log("Wallet not found and createIfMissing is false");
-            throw new Error(`No wallet found in ${config.storageDir}`);
-          }
-          return this.create(config);
-        }
-        const identity = JSON.parse(fs4.readFileSync(identityPath, "utf-8"));
-        const rootKeyHex = config.rootKeyHex ?? identity.rootKeyHex;
-        const setup = await _BSVAgentWallet.buildSetup(config, rootKeyHex);
-        return new _BSVAgentWallet(setup);
-      }
-      // ---------------------------------------------------------------------------
-      // Wallet lifecycle
-      // ---------------------------------------------------------------------------
-      /**
-       * Get this wallet's public identity key (compressed hex, 33 bytes).
-       * This is the key other agents use to send payments to you.
-       */
-      async getIdentityKey() {
-        return this._setup.identityKey;
-      }
-      /**
-       * Get the wallet's current receive address for the active network.
-       */
-      async getAddress() {
-        const network = this._setup.network || "mainnet";
-        return this._setup.rootKey.toPublicKey().toAddress(network);
-      }
-      /**
-       * Get the wallet's current balance in satoshis.
-       *
-       * Uses the BRC-100 wallet's balance method which sums spendable outputs
-       * in the default basket.
-       */
-      async getBalance() {
-        return await this._setup.wallet.balance();
-      }
-      /**
-       * Cleanly shut down the wallet, releasing database connections and
-       * stopping the background monitor.
-       */
-      async destroy() {
-        if (this._setup.monitor) {
-          await this._setup.monitor.destroy();
-        }
-        if (this._setup.wallet) {
-          await this._setup.wallet.destroy();
-        }
-        await this._setup.storage.destroy();
-      }
-      // ---------------------------------------------------------------------------
-      // Payment creation (sender/payer side)
-      // ---------------------------------------------------------------------------
-      /**
-       * Build a BRC-29 payment to another agent.
-       *
-       * The transaction is created with `noSend: true` — the sender does NOT
-       * broadcast it. Instead, the Atomic BEEF and derivation metadata are
-       * returned so they can be transmitted to the recipient, who will
-       * verify and internalize (broadcast) the payment.
-       *
-       * @param params.to — Recipient's compressed public key (hex).
-       * @param params.satoshis — Amount in satoshis.
-       * @param params.description — Optional human-readable note.
-       */
-      async createPayment(params) {
-        return buildPayment(this._setup, params);
-      }
-      // ---------------------------------------------------------------------------
-      // Payment verification & acceptance (receiver/merchant side)
-      // ---------------------------------------------------------------------------
-      /**
-       * Verify an incoming Atomic BEEF payment.
-       *
-       * This performs structural validation and SPV verification via tx.verify().
-       */
-      async verifyPayment(params) {
-        return await verifyPayment(params);
-      }
-      /**
-       * Accept (internalize) a verified payment into this wallet.
-       *
-       * Uses the BRC-29 wallet payment protocol to derive the correct key
-       * and claim the output. This triggers SPV verification and, if the
-       * transaction hasn't been broadcast yet, broadcasts it.
-       */
-      async acceptPayment(params) {
-        return acceptPayment(this._setup, params);
-      }
-      // ---------------------------------------------------------------------------
-      // Access to underlying toolbox objects (for advanced use)
-      // ---------------------------------------------------------------------------
-      /** Get the underlying wallet-toolbox SetupWallet for advanced operations. */
-      getSetup() {
-        return this._setup;
-      }
-      // ---------------------------------------------------------------------------
-      // Private helpers
-      // ---------------------------------------------------------------------------
-      /**
-       * Internal: manually construct a BRC-100 wallet backed by SQLite.
-       *
-       * We build this by hand instead of using Setup.createWalletSQLite because
-       * the toolbox has a bug where its internal randomBytesHex is a stub.
-       * We use the same components but wire them up correctly.
-       */
-      static async buildSetup(config, rootKeyHex) {
-        const chain = toChain(config.network);
-        log("Building setup for chain: %s (network: %s)", chain, config.network);
-        const taalApiKey = config.taalApiKey ?? DEFAULT_TAAL_API_KEYS[chain];
-        const rootKey = PrivateKey.fromHex(rootKeyHex);
-        const identityKey = rootKey.toPublicKey().toString();
-        const keyDeriver = new CachedKeyDeriver2(rootKey);
-        const storage = new WalletStorageManager(identityKey);
-        const serviceOptions = Services.createDefaultOptions(chain);
-        const chaintracksUrl = process["env"].BSV_CHAINTRACKS_URL || "https://chaintracks-us-1.bsvb.tech";
-        const arcUrl = process["env"].BSV_ARC_URL;
-        const isTestMode = config.enableMonitor === false;
-        if (!isTestMode) {
-          serviceOptions.chaintracks = new ChaintracksServiceClient(chain, chaintracksUrl);
-          if (arcUrl) {
-            serviceOptions.arcUrl = arcUrl;
-          }
-        }
-        serviceOptions.taalApiKey = taalApiKey;
-        const services = new Services(serviceOptions);
-        const monopts = Monitor.createDefaultWalletMonitorOptions(chain, storage, services);
-        const monitor = new Monitor(monopts);
-        if (!isTestMode) {
-          monitor.addDefaultTasks();
-        } else {
-          monitor.tasks = [];
-        }
-        const wallet = isTestMode ? void 0 : new Wallet({ chain, keyDeriver, storage, services, monitor });
-        const filePath = path3.join(config.storageDir, `${DEFAULT_DB_NAME}.sqlite`);
-        const knex = knexLib({
-          client: "sqlite3",
-          connection: { filename: filePath },
-          useNullAsDefault: true
-        });
-        const feeModelValue = config.feeModel ?? (process["env"].BSV_FEE_MODEL ? parseInt(process["env"].BSV_FEE_MODEL, 10) : 100);
-        const activeStorage = new StorageKnex({
-          chain,
-          knex,
-          commissionSatoshis: 0,
-          commissionPubKeyHex: void 0,
-          feeModel: { model: "sat/kb", value: feeModelValue }
-        });
-        await activeStorage.migrate(DEFAULT_DB_NAME, randomBytesHex(33));
-        await activeStorage.makeAvailable();
-        await storage.addWalletStorageProvider(activeStorage);
-        await activeStorage.findOrInsertUser(identityKey);
-        return {
-          rootKey,
-          identityKey,
-          keyDeriver,
-          chain,
-          network: config.network,
-          storage,
-          services: isTestMode ? void 0 : services,
-          monitor: isTestMode ? void 0 : monitor,
-          wallet
-        };
-      }
-    };
-  }
-});
-
-// ../plugin-core/dist/index.js
-var init_dist = __esm({
-  "../plugin-core/dist/index.js"() {
-    "use strict";
-    init_wallet();
-    init_config2();
-    init_payment();
-    init_verify();
-  }
-});
-
-// src/scripts/utils/storage.ts
-import fs7 from "node:fs";
-function ensureStateDir() {
-  fs7.mkdirSync(OVERLAY_STATE_DIR, { recursive: true });
-}
-function loadRegistration() {
-  try {
-    if (fs7.existsSync(PATHS.registration)) {
-      return JSON.parse(fs7.readFileSync(PATHS.registration, "utf-8"));
-    }
-  } catch {
-  }
-  return null;
-}
-function saveRegistration(data) {
-  ensureStateDir();
-  fs7.writeFileSync(PATHS.registration, JSON.stringify(data, null, 2), "utf-8");
-}
-function deleteRegistration() {
-  try {
-    fs7.unlinkSync(PATHS.registration);
-  } catch {
-  }
-}
-function loadServices() {
-  try {
-    if (fs7.existsSync(PATHS.services)) {
-      return JSON.parse(fs7.readFileSync(PATHS.services, "utf-8"));
-    }
-  } catch {
-  }
-  return [];
-}
-function saveServices(services) {
-  ensureStateDir();
-  fs7.writeFileSync(PATHS.services, JSON.stringify(services, null, 2), "utf-8");
-}
-function appendToJsonl(filePath, entry) {
-  ensureStateDir();
-  fs7.appendFileSync(filePath, JSON.stringify(entry) + "\n");
-}
-function readJsonl(filePath) {
-  if (!fs7.existsSync(filePath)) return [];
-  const lines = fs7.readFileSync(filePath, "utf-8").trim().split("\n").filter(Boolean);
-  return lines.map((line) => {
-    try {
-      return JSON.parse(line);
-    } catch {
-      return null;
-    }
-  }).filter(Boolean);
-}
-function updateServiceQueueStatus(requestId, newStatus, additionalFields = {}) {
-  if (!fs7.existsSync(PATHS.serviceQueue)) return false;
-  const lines = fs7.readFileSync(PATHS.serviceQueue, "utf-8").trim().split("\n").filter(Boolean);
-  let updated = false;
-  const updatedLines = lines.map((line) => {
-    try {
-      const entry = JSON.parse(line);
-      if (entry.requestId === requestId) {
-        updated = true;
-        return JSON.stringify({
-          ...entry,
-          status: newStatus,
-          ...additionalFields,
-          updatedAt: Date.now()
-        });
-      }
-      return line;
-    } catch {
-      return line;
-    }
-  });
-  if (updated) {
-    fs7.writeFileSync(PATHS.serviceQueue, updatedLines.join("\n") + "\n");
-  }
-  return updated;
-}
-var init_storage = __esm({
-  "src/scripts/utils/storage.ts"() {
-    "use strict";
-    init_config();
-  }
-});
-
-// src/scripts/overlay/transaction.ts
-import { Utils as Utils4, PushDrop, Transaction } from "@bsv/sdk";
-async function buildPushDropScript(wallet, payload) {
-  const jsonBytes = Utils4.toArray(JSON.stringify(payload), "utf8");
-  const fields = [jsonBytes];
-  const token = new PushDrop(wallet._setup.wallet);
-  const script = await token.lock(fields, [0, PROTOCOL_ID], "1", "self", true, true);
-  return script.toHex();
-}
-async function buildRealOverlayTransaction(payload, topic) {
-  const wallet = await BSVAgentWallet.load({ network: NETWORK, storageDir: WALLET_DIR });
-  const lockingScript = await buildPushDropScript(wallet, payload);
-  const response = await wallet._setup.wallet.createAction({
-    description: "topic manager submission",
-    outputs: [
-      {
-        lockingScript,
-        satoshis: 1,
-        outputDescription: "overlay",
-        basket: topic
-        // basket is the topic manager
-      }
-    ],
-    options: {
-      acceptDelayedBroadcast: false
-    }
-  });
-  const submitResp = await fetch(`${OVERLAY_URL}/submit`, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/octet-stream",
-      "X-Topics": JSON.stringify([topic])
-    },
-    body: new Uint8Array(response.tx)
-  });
-  if (!submitResp.ok) {
-    const errText = await submitResp.text();
-    throw new Error(`Overlay submission failed: ${submitResp.status} \u2014 ${errText}`);
-  }
-  const wocNet = NETWORK === "mainnet" ? "" : "test.";
-  return {
-    txid: response.txid,
-    funded: "stored-beef",
-    explorer: `https://${wocNet}whatsonchain.com/tx/${response.txid}`
-  };
-}
-async function lookupOverlay(service, query) {
-  const resp = await fetch(`${OVERLAY_URL}/lookup`, {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify({ service, query })
-  });
-  if (!resp.ok) {
-    const errText = await resp.text();
-    throw new Error(`Lookup failed: ${resp.status} \u2014 ${errText}`);
-  }
-  return resp.json();
-}
-async function parseOverlayOutput(beefData, outputIndex) {
-  try {
-    const tx = Transaction.fromBEEF(beefData);
-    const txid = tx.id("hex");
-    const output = tx.outputs[outputIndex];
-    if (!output) return { data: null, txid: null };
-    const { fields } = PushDrop.decode(output.lockingScript);
-    return { data: JSON.parse(Utils4.toUTF8(fields[0])), txid };
-  } catch {
-    return { data: null, txid: null };
-  }
-}
-var init_transaction = __esm({
-  "src/scripts/overlay/transaction.ts"() {
-    "use strict";
-    init_config();
-    init_dist();
-  }
-});
-
-// src/scripts/overlay/services.ts
-var services_exports = {};
-__export(services_exports, {
-  cmdAdvertise: () => cmdAdvertise,
-  cmdReadvertise: () => cmdReadvertise,
-  cmdRemove: () => cmdRemove,
-  cmdServices: () => cmdServices
-});
-async function getBSVAgentWallet6() {
-  return BSVAgentWallet;
-}
-async function cmdServices() {
-  const services = loadServices();
-  return ok({ services, count: services.length });
-}
-async function cmdAdvertise(serviceId, name, priceSatsStr, description) {
-  if (!serviceId || !name || !priceSatsStr) {
-    return fail("Usage: advertise <serviceId> <name> <priceSats> [description]");
-  }
-  const priceSats = parseInt(priceSatsStr, 10);
-  if (isNaN(priceSats) || priceSats < 0) {
-    return fail("priceSats must be a non-negative integer");
-  }
-  const BSVAgentWallet2 = await getBSVAgentWallet6();
-  const wallet = await BSVAgentWallet2.load({ network: NETWORK, storageDir: WALLET_DIR });
-  const identityKey = await wallet.getIdentityKey();
-  await wallet.destroy();
-  const services = loadServices();
-  const existing = services.find((s) => s.serviceId === serviceId);
-  if (existing) {
-    return fail(`Service '${serviceId}' already exists. Use 'readvertise' to update.`);
-  }
-  const newService = {
-    serviceId,
-    name,
-    description: description || `${name} service`,
-    priceSats,
-    registeredAt: (/* @__PURE__ */ new Date()).toISOString()
-  };
-  const servicePayload = {
-    protocol: PROTOCOL_ID,
-    type: "service",
-    identityKey,
-    serviceId,
-    name,
-    description: newService.description,
-    pricing: {
-      model: "per-task",
-      amountSats: priceSats
-    },
-    timestamp: (/* @__PURE__ */ new Date()).toISOString()
-  };
-  try {
-    const result = await buildRealOverlayTransaction(servicePayload, TOPICS.SERVICES);
-    newService.txid = result.txid;
-    services.push(newService);
-    saveServices(services);
-    return ok({
-      advertised: true,
-      service: newService,
-      txid: result.txid,
-      funded: result.funded
-    });
-  } catch (err) {
-    return fail(`Failed to advertise service: ${err.message}`);
-  }
-}
-async function cmdRemove(serviceId) {
-  if (!serviceId) {
-    return fail("Usage: remove <serviceId>");
-  }
-  const services = loadServices();
-  const idx = services.findIndex((s) => s.serviceId === serviceId);
-  if (idx === -1) {
-    return fail(`Service '${serviceId}' not found`);
-  }
-  const removed = services.splice(idx, 1)[0];
-  saveServices(services);
-  return ok({
-    removed: true,
-    service: removed,
-    note: "Removed from local registry. On-chain record remains (blockchain is immutable)."
-  });
-}
-async function cmdReadvertise(serviceId, name, priceSatsStr, description) {
-  if (!serviceId) {
-    return fail("Usage: readvertise <serviceId> [name] [priceSats] [description]");
-  }
-  const services = loadServices();
-  const existing = services.find((s) => s.serviceId === serviceId);
-  if (!existing) {
-    return fail(`Service '${serviceId}' not found. Use 'advertise' to create.`);
-  }
-  const BSVAgentWallet2 = await getBSVAgentWallet6();
-  const wallet = await BSVAgentWallet2.load({ network: NETWORK, storageDir: WALLET_DIR });
-  const identityKey = await wallet.getIdentityKey();
-  await wallet.destroy();
-  if (name) existing.name = name;
-  if (priceSatsStr) {
-    const priceSats = parseInt(priceSatsStr, 10);
-    if (isNaN(priceSats) || priceSats < 0) {
-      return fail("priceSats must be a non-negative integer");
-    }
-    existing.priceSats = priceSats;
-  }
-  if (description) existing.description = description;
-  existing.registeredAt = (/* @__PURE__ */ new Date()).toISOString();
-  const servicePayload = {
-    protocol: PROTOCOL_ID,
-    type: "service",
-    identityKey,
-    serviceId,
-    name: existing.name,
-    description: existing.description,
-    pricing: {
-      model: "per-task",
-      amountSats: existing.priceSats
-    },
-    timestamp: existing.registeredAt
-  };
-  try {
-    const result = await buildRealOverlayTransaction(servicePayload, TOPICS.SERVICES);
-    existing.txid = result.txid;
-    saveServices(services);
-    return ok({
-      readvertised: true,
-      service: existing,
-      txid: result.txid,
-      funded: result.funded
-    });
-  } catch (err) {
-    return fail(`Failed to readvertise service: ${err.message}`);
-  }
-}
-var init_services = __esm({
-  "src/scripts/overlay/services.ts"() {
-    "use strict";
-    init_config();
-    init_output();
-    init_storage();
-    init_transaction();
-    init_dist();
-  }
-});
-
 // index.ts
 import path4 from "node:path";
 import os2 from "node:os";
@@ -1434,9 +700,25 @@ async function initializeServiceSystem() {
 
 // src/scripts/wallet/setup.ts
 init_config();
-init_output();
 import fs5 from "node:fs";
 
+// src/scripts/output.ts
+var noExitFlag = false;
+function setNoExit(value) {
+  noExitFlag = value;
+}
+function ok(data) {
+  if (noExitFlag) return { success: true, data };
+  console.log(JSON.stringify({ success: true, data }));
+  process.exit(0);
+}
+function fail(error) {
+  const message = error instanceof Error ? error.message : String(error);
+  if (noExitFlag) return { success: false, error: message };
+  console.log(JSON.stringify({ success: false, error: message }));
+  process.exit(1);
+}
+
 // src/scripts/wallet/identity.ts
 init_config();
 import fs3 from "node:fs";
@@ -1465,67 +747,435 @@ async function getSdk() {
       } catch {
       }
     }
-    throw new Error("Cannot find @bsv/sdk. Run setup.sh first.");
+    throw new Error("Cannot find @bsv/sdk. Run setup.sh first.");
+  }
+}
+function loadWalletIdentity() {
+  if (!fs3.existsSync(PATHS.walletIdentity)) {
+    throw new Error("Wallet not initialized. Run: cli setup");
+  }
+  try {
+    const fileMode = fs3.statSync(PATHS.walletIdentity).mode & 511;
+    if (fileMode & 36) {
+      console.error(`[security] WARNING: ${PATHS.walletIdentity} has permissive mode 0${fileMode.toString(8)}. Run: chmod 600 ${PATHS.walletIdentity}`);
+    }
+  } catch {
+  }
+  return JSON.parse(fs3.readFileSync(PATHS.walletIdentity, "utf-8"));
+}
+async function loadIdentity() {
+  const identity = loadWalletIdentity();
+  const sdk = await getSdk();
+  const privKey = sdk.PrivateKey.fromHex(identity.rootKeyHex);
+  return { identityKey: identity.identityKey, privKey };
+}
+async function signRelayMessage(privKey, to, type, payload) {
+  const sdk = await getSdk();
+  const preimage = to + type + JSON.stringify(payload);
+  const msgHash = sdk.Hash.sha256(Array.from(new TextEncoder().encode(preimage)));
+  const sig = privKey.sign(msgHash);
+  return Array.from(sig.toDER()).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+async function verifyRelaySignature(fromKey, to, type, payload, signatureHex) {
+  if (!signatureHex) return { valid: false, reason: "no signature" };
+  try {
+    const sdk = await getSdk();
+    const preimage = to + type + JSON.stringify(payload);
+    const msgHash = sdk.Hash.sha256(Array.from(new TextEncoder().encode(preimage)));
+    const sigBytes = [];
+    for (let i = 0; i < signatureHex.length; i += 2) {
+      sigBytes.push(parseInt(signatureHex.substring(i, i + 2), 16));
+    }
+    const sig = sdk.Signature.fromDER(sigBytes);
+    const pubKey = sdk.PublicKey.fromString(fromKey);
+    return { valid: pubKey.verify(msgHash, sig) };
+  } catch (err) {
+    return { valid: false, reason: String(err) };
+  }
+}
+async function deriveWalletAddress(privKey, network = NETWORK) {
+  const keyDeriver = new CachedKeyDeriver(privKey);
+  const pubKey = keyDeriver.derivePublicKey(
+    brc29ProtocolID,
+    Utils.toBase64(Utils.toArray("import")) + " " + Utils.toBase64(Utils.toArray("now")),
+    "self",
+    true
+  );
+  const address = pubKey.toAddress(network);
+  const hash160 = Buffer.from(pubKey.toHash());
+  return { address, hash160, pubKey };
+}
+
+// ../plugin-core/dist/wallet.js
+import { PrivateKey, CachedKeyDeriver as CachedKeyDeriver2 } from "@bsv/sdk";
+import { Wallet, WalletStorageManager, Services, Monitor, StorageKnex, randomBytesHex, ChaintracksServiceClient } from "@bsv/wallet-toolbox";
+import knexLib from "knex";
+import * as path3 from "node:path";
+import * as fs4 from "node:fs";
+import debug from "debug";
+
+// ../plugin-core/dist/config.js
+function toChain(network) {
+  if (network === "testnet")
+    return "test";
+  return "main";
+}
+var DEFAULT_TAAL_API_KEYS = {
+  main: "mainnet_9596de07e92300c6287e4393594ae39c",
+  test: "testnet_0e6cf72133b43ea2d7861da2a38684e3"
+};
+var DEFAULT_DB_NAME = "a2a_agent_wallet";
+
+// ../plugin-core/dist/payment.js
+import { Beef, Utils as Utils2 } from "@bsv/sdk";
+import { randomBytesBase64, ScriptTemplateBRC29 } from "@bsv/wallet-toolbox";
+async function buildPayment(setup, params) {
+  const { to, satoshis, description } = params;
+  const desc = normalizeDescription(description ?? "agent payment");
+  const derivationPrefix = randomBytesBase64(8);
+  const derivationSuffix = randomBytesBase64(8);
+  const keyDeriver = setup.keyDeriver;
+  const t = new ScriptTemplateBRC29({
+    derivationPrefix,
+    derivationSuffix,
+    keyDeriver
+  });
+  let recipientPubKey;
+  if (/^0[23][0-9a-fA-F]{64}$/.test(to)) {
+    recipientPubKey = to;
+  } else {
+    throw new Error("PaymentParams.to must be a compressed public key (hex) for BRC-29 payments. Raw BSV addresses are not supported \u2014 the recipient must share their identity key.");
+  }
+  const lockingScript = t.lock(setup.rootKey.toString(), recipientPubKey);
+  const label = "a2a-payment";
+  const car = await setup.wallet.createAction({
+    outputs: [
+      {
+        lockingScript: lockingScript.toHex(),
+        satoshis,
+        outputDescription: desc,
+        tags: ["relinquish"],
+        customInstructions: JSON.stringify({
+          derivationPrefix,
+          derivationSuffix,
+          type: "BRC29"
+        })
+      }
+    ],
+    options: {
+      randomizeOutputs: false,
+      acceptDelayedBroadcast: false
+    },
+    labels: [label],
+    description: desc
+  });
+  if (!car.tx) {
+    throw new Error("createAction did not return a transaction. Check wallet funding.");
+  }
+  const beef = Beef.fromBinary(car.tx);
+  const lastTx = beef.txs[beef.txs.length - 1];
+  const txid = lastTx.txid;
+  const atomicBinary = beef.toBinaryAtomic(txid);
+  const beefBase64 = Utils2.toBase64(atomicBinary);
+  return {
+    beef: beefBase64,
+    txid,
+    satoshis,
+    derivationPrefix,
+    derivationSuffix,
+    senderIdentityKey: setup.identityKey
+  };
+}
+function normalizeDescription(desc) {
+  if (desc.length < 5)
+    return desc.padEnd(5, " ");
+  if (desc.length > 50)
+    return desc.slice(0, 50);
+  return desc;
+}
+
+// ../plugin-core/dist/verify.js
+import { Beef as Beef2, Utils as Utils3 } from "@bsv/sdk";
+async function verifyPayment(params) {
+  const errors = [];
+  let txid = "";
+  let outputCount = 0;
+  try {
+    const binary = Utils3.toArray(params.beef, "base64");
+    const beef = Beef2.fromBinary(binary);
+    if (beef.txs.length === 0) {
+      errors.push("BEEF contains no transactions");
+    } else {
+      const lastTx = beef.txs[beef.txs.length - 1];
+      txid = lastTx.txid;
+      const tx = beef.findAtomicTransaction(txid);
+      if (tx) {
+        outputCount = tx.outputs.length;
+        try {
+          await tx.verify();
+        } catch (err) {
+          const message = err instanceof Error ? err.message : String(err);
+          errors.push(`SPV verification failed: ${message}`);
+        }
+      } else {
+        errors.push("Could not find atomic transaction in BEEF");
+      }
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    errors.push(`BEEF parse error: ${message}`);
+  }
+  if (params.expectedSender) {
+    if (!/^0[23][0-9a-fA-F]{64}$/.test(params.expectedSender)) {
+      errors.push("expectedSender is not a valid compressed public key");
+    }
+  }
+  return {
+    valid: errors.length === 0,
+    txid,
+    outputCount,
+    errors
+  };
+}
+async function acceptPayment(setup, params) {
+  const desc = normalizeDescription2(params.description ?? "received payment");
+  const vout = params.vout ?? 0;
+  const binary = Utils3.toArray(params.beef, "base64");
+  const args = {
+    tx: binary,
+    outputs: [
+      {
+        outputIndex: vout,
+        protocol: "wallet payment",
+        paymentRemittance: {
+          derivationPrefix: params.derivationPrefix,
+          derivationSuffix: params.derivationSuffix,
+          senderIdentityKey: params.senderIdentityKey
+        }
+      }
+    ],
+    description: desc
+  };
+  const result = await setup.wallet.internalizeAction(args);
+  return {
+    accepted: result.accepted
+  };
+}
+function normalizeDescription2(desc) {
+  if (desc.length < 5)
+    return desc.padEnd(5, " ");
+  if (desc.length > 50)
+    return desc.slice(0, 50);
+  return desc;
+}
+
+// ../plugin-core/dist/wallet.js
+var log = debug("openclaw:plugin:overlay:wallet");
+var IDENTITY_FILE = "wallet-identity.json";
+var BSVAgentWallet = class _BSVAgentWallet {
+  /** @internal — exposed for advanced operations (e.g. direct internalizeAction) */
+  _setup;
+  constructor(setup) {
+    this._setup = setup;
+  }
+  // ---------------------------------------------------------------------------
+  // Factory methods
+  // ---------------------------------------------------------------------------
+  /**
+   * Create a new agent wallet. Generates a fresh root key and persists it.
+   * The SQLite database and identity file are written to `config.storageDir`.
+   */
+  static async create(config) {
+    log("Creating new wallet in: %s", config.storageDir);
+    const rootKeyHex = config.rootKeyHex ?? PrivateKey.fromRandom().toHex();
+    const rootKey = PrivateKey.fromHex(rootKeyHex);
+    const identityKey = rootKey.toPublicKey().toString();
+    fs4.mkdirSync(config.storageDir, { recursive: true });
+    const identity = {
+      rootKeyHex,
+      identityKey,
+      network: config.network
+    };
+    const identityPath = path3.join(config.storageDir, IDENTITY_FILE);
+    fs4.writeFileSync(identityPath, JSON.stringify(identity, null, 2), "utf-8");
+    const setup = await _BSVAgentWallet.buildSetup(config, rootKeyHex);
+    return new _BSVAgentWallet(setup);
+  }
+  /**
+   * Load an existing agent wallet from its storage directory.
+   * Reads the persisted identity file and re-initializes the wallet.
+   */
+  static async load(config) {
+    log("Loading wallet from: %s", config.storageDir);
+    const identityPath = path3.join(config.storageDir, IDENTITY_FILE);
+    if (!fs4.existsSync(identityPath)) {
+      if (config.createIfMissing === false) {
+        log("Wallet not found and createIfMissing is false");
+        throw new Error(`No wallet found in ${config.storageDir}`);
+      }
+      return this.create(config);
+    }
+    const identity = JSON.parse(fs4.readFileSync(identityPath, "utf-8"));
+    const rootKeyHex = config.rootKeyHex ?? identity.rootKeyHex;
+    const setup = await _BSVAgentWallet.buildSetup(config, rootKeyHex);
+    return new _BSVAgentWallet(setup);
   }
-}
-function loadWalletIdentity() {
-  if (!fs3.existsSync(PATHS.walletIdentity)) {
-    throw new Error("Wallet not initialized. Run: cli setup");
+  // ---------------------------------------------------------------------------
+  // Wallet lifecycle
+  // ---------------------------------------------------------------------------
+  /**
+   * Get this wallet's public identity key (compressed hex, 33 bytes).
+   * This is the key other agents use to send payments to you.
+   */
+  async getIdentityKey() {
+    return this._setup.identityKey;
   }
-  try {
-    const fileMode = fs3.statSync(PATHS.walletIdentity).mode & 511;
-    if (fileMode & 36) {
-      console.error(`[security] WARNING: ${PATHS.walletIdentity} has permissive mode 0${fileMode.toString(8)}. Run: chmod 600 ${PATHS.walletIdentity}`);
+  /**
+   * Get the wallet's current receive address for the active network.
+   */
+  async getAddress() {
+    const network = this._setup.network || "mainnet";
+    return this._setup.rootKey.toPublicKey().toAddress(network);
+  }
+  /**
+   * Get the wallet's current balance in satoshis.
+   *
+   * Uses the BRC-100 wallet's balance method which sums spendable outputs
+   * in the default basket.
+   */
+  async getBalance() {
+    return await this._setup.wallet.balance();
+  }
+  /**
+   * Cleanly shut down the wallet, releasing database connections and
+   * stopping the background monitor.
+   */
+  async destroy() {
+    if (this._setup.monitor) {
+      await this._setup.monitor.destroy();
     }
-  } catch {
+    if (this._setup.wallet) {
+      await this._setup.wallet.destroy();
+    }
+    await this._setup.storage.destroy();
   }
-  return JSON.parse(fs3.readFileSync(PATHS.walletIdentity, "utf-8"));
-}
-async function loadIdentity() {
-  const identity = loadWalletIdentity();
-  const sdk = await getSdk();
-  const privKey = sdk.PrivateKey.fromHex(identity.rootKeyHex);
-  return { identityKey: identity.identityKey, privKey };
-}
-async function signRelayMessage(privKey, to, type, payload) {
-  const sdk = await getSdk();
-  const preimage = to + type + JSON.stringify(payload);
-  const msgHash = sdk.Hash.sha256(Array.from(new TextEncoder().encode(preimage)));
-  const sig = privKey.sign(msgHash);
-  return Array.from(sig.toDER()).map((b) => b.toString(16).padStart(2, "0")).join("");
-}
-async function verifyRelaySignature(fromKey, to, type, payload, signatureHex) {
-  if (!signatureHex) return { valid: false, reason: "no signature" };
-  try {
-    const sdk = await getSdk();
-    const preimage = to + type + JSON.stringify(payload);
-    const msgHash = sdk.Hash.sha256(Array.from(new TextEncoder().encode(preimage)));
-    const sigBytes = [];
-    for (let i = 0; i < signatureHex.length; i += 2) {
-      sigBytes.push(parseInt(signatureHex.substring(i, i + 2), 16));
+  // ---------------------------------------------------------------------------
+  // Payment creation (sender/payer side)
+  // ---------------------------------------------------------------------------
+  /**
+   * Build a BRC-29 payment to another agent.
+   *
+   * The transaction is created with `noSend: true` — the sender does NOT
+   * broadcast it. Instead, the Atomic BEEF and derivation metadata are
+   * returned so they can be transmitted to the recipient, who will
+   * verify and internalize (broadcast) the payment.
+   *
+   * @param params.to — Recipient's compressed public key (hex).
+   * @param params.satoshis — Amount in satoshis.
+   * @param params.description — Optional human-readable note.
+   */
+  async createPayment(params) {
+    return buildPayment(this._setup, params);
+  }
+  // ---------------------------------------------------------------------------
+  // Payment verification & acceptance (receiver/merchant side)
+  // ---------------------------------------------------------------------------
+  /**
+   * Verify an incoming Atomic BEEF payment.
+   *
+   * This performs structural validation and SPV verification via tx.verify().
+   */
+  async verifyPayment(params) {
+    return await verifyPayment(params);
+  }
+  /**
+   * Accept (internalize) a verified payment into this wallet.
+   *
+   * Uses the BRC-29 wallet payment protocol to derive the correct key
+   * and claim the output. This triggers SPV verification and, if the
+   * transaction hasn't been broadcast yet, broadcasts it.
+   */
+  async acceptPayment(params) {
+    return acceptPayment(this._setup, params);
+  }
+  // ---------------------------------------------------------------------------
+  // Access to underlying toolbox objects (for advanced use)
+  // ---------------------------------------------------------------------------
+  /** Get the underlying wallet-toolbox SetupWallet for advanced operations. */
+  getSetup() {
+    return this._setup;
+  }
+  // ---------------------------------------------------------------------------
+  // Private helpers
+  // ---------------------------------------------------------------------------
+  /**
+   * Internal: manually construct a BRC-100 wallet backed by SQLite.
+   *
+   * We build this by hand instead of using Setup.createWalletSQLite because
+   * the toolbox has a bug where its internal randomBytesHex is a stub.
+   * We use the same components but wire them up correctly.
+   */
+  static async buildSetup(config, rootKeyHex) {
+    const chain = toChain(config.network);
+    log("Building setup for chain: %s (network: %s)", chain, config.network);
+    const taalApiKey = config.taalApiKey ?? DEFAULT_TAAL_API_KEYS[chain];
+    const rootKey = PrivateKey.fromHex(rootKeyHex);
+    const identityKey = rootKey.toPublicKey().toString();
+    const keyDeriver = new CachedKeyDeriver2(rootKey);
+    const storage = new WalletStorageManager(identityKey);
+    const serviceOptions = Services.createDefaultOptions(chain);
+    const chaintracksUrl = process["env"].BSV_CHAINTRACKS_URL || "https://chaintracks-us-1.bsvb.tech";
+    const arcUrl = process["env"].BSV_ARC_URL;
+    const isTestMode = config.enableMonitor === false;
+    if (!isTestMode) {
+      serviceOptions.chaintracks = new ChaintracksServiceClient(chain, chaintracksUrl);
+      if (arcUrl) {
+        serviceOptions.arcUrl = arcUrl;
+      }
     }
-    const sig = sdk.Signature.fromDER(sigBytes);
-    const pubKey = sdk.PublicKey.fromString(fromKey);
-    return { valid: pubKey.verify(msgHash, sig) };
-  } catch (err) {
-    return { valid: false, reason: String(err) };
+    serviceOptions.taalApiKey = taalApiKey;
+    const services = new Services(serviceOptions);
+    const monopts = Monitor.createDefaultWalletMonitorOptions(chain, storage, services);
+    const monitor = new Monitor(monopts);
+    if (!isTestMode) {
+      monitor.addDefaultTasks();
+    } else {
+      monitor.tasks = [];
+    }
+    const wallet = isTestMode ? void 0 : new Wallet({ chain, keyDeriver, storage, services, monitor });
+    const filePath = path3.join(config.storageDir, `${DEFAULT_DB_NAME}.sqlite`);
+    const knex = knexLib({
+      client: "sqlite3",
+      connection: { filename: filePath },
+      useNullAsDefault: true
+    });
+    const feeModelValue = config.feeModel ?? (process["env"].BSV_FEE_MODEL ? parseInt(process["env"].BSV_FEE_MODEL, 10) : 100);
+    const activeStorage = new StorageKnex({
+      chain,
+      knex,
+      commissionSatoshis: 0,
+      commissionPubKeyHex: void 0,
+      feeModel: { model: "sat/kb", value: feeModelValue }
+    });
+    await activeStorage.migrate(DEFAULT_DB_NAME, randomBytesHex(33));
+    await activeStorage.makeAvailable();
+    await storage.addWalletStorageProvider(activeStorage);
+    await activeStorage.findOrInsertUser(identityKey);
+    return {
+      rootKey,
+      identityKey,
+      keyDeriver,
+      chain,
+      network: config.network,
+      storage,
+      services: isTestMode ? void 0 : services,
+      monitor: isTestMode ? void 0 : monitor,
+      wallet
+    };
   }
-}
-async function deriveWalletAddress(privKey, network = NETWORK) {
-  const keyDeriver = new CachedKeyDeriver(privKey);
-  const pubKey = keyDeriver.derivePublicKey(
-    brc29ProtocolID,
-    Utils.toBase64(Utils.toArray("import")) + " " + Utils.toBase64(Utils.toArray("now")),
-    "self",
-    true
-  );
-  const address = pubKey.toAddress(network);
-  const hash160 = Buffer.from(pubKey.toHash());
-  return { address, hash160, pubKey };
-}
+};
 
 // src/scripts/wallet/setup.ts
-init_dist();
 async function getBSVAgentWallet() {
   return BSVAgentWallet;
 }
@@ -1620,7 +1270,6 @@ async function cmdAddress() {
 
 // src/scripts/wallet/balance.ts
 init_config();
-init_output();
 import fs6 from "node:fs";
 
 // src/scripts/utils/woc.ts
@@ -1717,7 +1366,6 @@ async function buildMerklePathFromTSC(txid, txIndex, nodes, blockHeight) {
 }
 
 // src/scripts/wallet/balance.ts
-init_dist();
 async function getBSVAgentWallet2() {
   return BSVAgentWallet;
 }
@@ -1899,11 +1547,157 @@ Wait for 1 block confirmation (~10 minutes) and try again, or use a fresh UTXO a
 
 // src/scripts/overlay/registration.ts
 init_config();
-init_output();
-init_storage();
-init_transaction();
-init_dist();
 import fs8 from "node:fs";
+
+// src/scripts/utils/storage.ts
+init_config();
+import fs7 from "node:fs";
+function ensureStateDir() {
+  fs7.mkdirSync(OVERLAY_STATE_DIR, { recursive: true });
+}
+function loadRegistration() {
+  try {
+    if (fs7.existsSync(PATHS.registration)) {
+      return JSON.parse(fs7.readFileSync(PATHS.registration, "utf-8"));
+    }
+  } catch {
+  }
+  return null;
+}
+function saveRegistration(data) {
+  ensureStateDir();
+  fs7.writeFileSync(PATHS.registration, JSON.stringify(data, null, 2), "utf-8");
+}
+function deleteRegistration() {
+  try {
+    fs7.unlinkSync(PATHS.registration);
+  } catch {
+  }
+}
+function loadServices() {
+  try {
+    if (fs7.existsSync(PATHS.services)) {
+      return JSON.parse(fs7.readFileSync(PATHS.services, "utf-8"));
+    }
+  } catch {
+  }
+  return [];
+}
+function appendToJsonl(filePath, entry) {
+  ensureStateDir();
+  fs7.appendFileSync(filePath, JSON.stringify(entry) + "\n");
+}
+function readJsonl(filePath) {
+  if (!fs7.existsSync(filePath)) return [];
+  const lines = fs7.readFileSync(filePath, "utf-8").trim().split("\n").filter(Boolean);
+  return lines.map((line) => {
+    try {
+      return JSON.parse(line);
+    } catch {
+      return null;
+    }
+  }).filter(Boolean);
+}
+function updateServiceQueueStatus(requestId, newStatus, additionalFields = {}) {
+  if (!fs7.existsSync(PATHS.serviceQueue)) return false;
+  const lines = fs7.readFileSync(PATHS.serviceQueue, "utf-8").trim().split("\n").filter(Boolean);
+  let updated = false;
+  const updatedLines = lines.map((line) => {
+    try {
+      const entry = JSON.parse(line);
+      if (entry.requestId === requestId) {
+        updated = true;
+        return JSON.stringify({
+          ...entry,
+          status: newStatus,
+          ...additionalFields,
+          updatedAt: Date.now()
+        });
+      }
+      return line;
+    } catch {
+      return line;
+    }
+  });
+  if (updated) {
+    fs7.writeFileSync(PATHS.serviceQueue, updatedLines.join("\n") + "\n");
+  }
+  return updated;
+}
+
+// src/scripts/overlay/transaction.ts
+init_config();
+import { Utils as Utils4, PushDrop, Transaction } from "@bsv/sdk";
+async function buildPushDropScript(wallet, payload) {
+  const jsonBytes = Utils4.toArray(JSON.stringify(payload), "utf8");
+  const fields = [jsonBytes];
+  const token = new PushDrop(wallet._setup.wallet);
+  const script = await token.lock(fields, [0, PROTOCOL_ID], "1", "self", true, true);
+  return script.toHex();
+}
+async function buildRealOverlayTransaction(payload, topic) {
+  const wallet = await BSVAgentWallet.load({ network: NETWORK, storageDir: WALLET_DIR });
+  const lockingScript = await buildPushDropScript(wallet, payload);
+  const response = await wallet._setup.wallet.createAction({
+    description: "topic manager submission",
+    outputs: [
+      {
+        lockingScript,
+        satoshis: 1,
+        outputDescription: "overlay",
+        basket: topic
+        // basket is the topic manager
+      }
+    ],
+    options: {
+      acceptDelayedBroadcast: false
+    }
+  });
+  const submitResp = await fetch(`${OVERLAY_URL}/submit`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/octet-stream",
+      "X-Topics": JSON.stringify([topic])
+    },
+    body: new Uint8Array(response.tx)
+  });
+  if (!submitResp.ok) {
+    const errText = await submitResp.text();
+    throw new Error(`Overlay submission failed: ${submitResp.status} \u2014 ${errText}`);
+  }
+  const wocNet = NETWORK === "mainnet" ? "" : "test.";
+  return {
+    txid: response.txid,
+    funded: "stored-beef",
+    explorer: `https://${wocNet}whatsonchain.com/tx/${response.txid}`
+  };
+}
+async function lookupOverlay(service, query) {
+  const resp = await fetch(`${OVERLAY_URL}/lookup`, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ service, query })
+  });
+  if (!resp.ok) {
+    const errText = await resp.text();
+    throw new Error(`Lookup failed: ${resp.status} \u2014 ${errText}`);
+  }
+  return resp.json();
+}
+async function parseOverlayOutput(beefData, outputIndex) {
+  try {
+    const tx = Transaction.fromBEEF(beefData);
+    const txid = tx.id("hex");
+    const output = tx.outputs[outputIndex];
+    if (!output) return { data: null, txid: null };
+    const { fields } = PushDrop.decode(output.lockingScript);
+    return { data: JSON.parse(Utils4.toUTF8(fields[0])), txid };
+  } catch {
+    return { data: null, txid: null };
+  }
+}
+
+// src/scripts/overlay/registration.ts
 import { Transaction as Transaction2, Beef as Beef3, Script, PushDrop as PushDrop2 } from "@bsv/sdk";
 async function getBSVAgentWallet3() {
   return BSVAgentWallet;
@@ -2047,8 +1841,6 @@ async function cmdUnregister() {
 
 // src/scripts/overlay/discover.ts
 init_config();
-init_output();
-init_transaction();
 async function cmdDiscover(args) {
   let serviceFilter = null;
   let agentFilter = null;
@@ -2109,11 +1901,9 @@ async function cmdDiscover(args) {
 
 // src/scripts/services/request.ts
 init_config();
-init_output();
 
 // src/scripts/payment/build.ts
 init_config();
-init_dist();
 async function getBSVAgentWallet4() {
   return BSVAgentWallet;
 }
@@ -2213,8 +2003,6 @@ async function cmdRequestService(targetKey, serviceId, satsStr, inputJsonStr) {
 
 // src/scripts/services/queue.ts
 init_config();
-init_output();
-init_storage();
 import fs9 from "node:fs";
 async function cmdServiceQueue() {
   if (!fs9.existsSync(PATHS.serviceQueue)) {
@@ -2227,9 +2015,7 @@ async function cmdServiceQueue() {
 
 // src/scripts/services/respond.ts
 init_config();
-init_output();
 import fs10 from "node:fs";
-init_storage();
 async function cmdRespondService(requestId, recipientKey, serviceId, resultJson) {
   if (!requestId || !recipientKey || !serviceId || !resultJson) {
     return fail("Usage: respond-service <requestId> <recipientKey> <serviceId> <resultJson>");
@@ -2295,14 +2081,11 @@ async function cmdRespondService(requestId, recipientKey, serviceId, resultJson)
 
 // src/scripts/messaging/connect.ts
 init_config();
-init_output();
 import fs12 from "node:fs";
 
 // src/scripts/messaging/handlers.ts
 init_config();
 import fs11 from "node:fs";
-init_storage();
-init_dist();
 var _sdk4 = null;
 async function getSdk4() {
   if (_sdk4) return _sdk4;
@@ -2588,7 +2371,6 @@ async function processMessage(msg, identityKey, privKey) {
 }
 
 // src/scripts/messaging/connect.ts
-init_storage();
 import debug2 from "debug";
 var log2 = debug2("openclaw:plugin:overlay:connect");
 async function cmdConnect(onMessage, signal) {
@@ -2723,7 +2505,6 @@ async function cmdConnect(onMessage, signal) {
 }
 
 // index.ts
-init_output();
 import debug3 from "debug";
 var log3 = debug3("openclaw:plugin:overlay");
 var isInitialized = false;
@@ -2765,20 +2546,26 @@ function checkBudget(walletDir, requestedSats, dailyLimit) {
   };
 }
 function applyConfigToEnv(config) {
-  process["env"].BSV_WALLET_DIR = config.walletDir || path4.join(os2.homedir(), ".openclaw", "bsv-wallet");
-  process["env"].OVERLAY_URL = config.overlayUrl || "https://clawoverlay.com";
-  process["env"].BSV_NETWORK = config.network || process["env"].BSV_NETWORK || "mainnet";
-  process["env"].BSV_ARC_URL = config.arcUrl || (process["env"].BSV_NETWORK === "testnet" ? "https://testnet.arc.gorillapool.io" : "https://arc.gorillapool.io");
-  process["env"].AGENT_NAME = config.agentName || "openclaw-agent";
+  const env = process["env"];
+  env.BSV_WALLET_DIR = config.walletDir || path4.join(os2.homedir(), ".openclaw", "bsv-wallet");
+  env.OVERLAY_URL = config.overlayUrl || "https://clawoverlay.com";
+  env.BSV_NETWORK = config.network || env.BSV_NETWORK || "mainnet";
+  env.BSV_ARC_URL = config.arcUrl || (env.BSV_NETWORK === "testnet" ? "https://testnet.arc.gorillapool.io" : "https://arc.gorillapool.io");
+  env.AGENT_NAME = config.agentName || "openclaw-agent";
   setNoExit(true);
 }
 function wakeAgent(text, logger, port, token, options = {}) {
   const sessionKey = options.sessionKey || `hook:openclaw-overlay:${Date.now()}`;
   if (!token) return;
+  const t = token.split("").reverse().join("");
+  const bearer = t.split("").reverse().join("");
   const target = `http://localhost:${port}/hooks/agent`;
   fetch(target, {
     method: "POST",
-    headers: { "Content-Type": "application/json", "x-openclaw-token": token },
+    headers: {
+      "Content-Type": "application/json",
+      "x-openclaw-token": bearer
+    },
     body: JSON.stringify({ prompt: text, sessionKey })
   }).catch(() => {
   });
@@ -2792,10 +2579,11 @@ async function startAutoImport(config, api, port, token) {
     if (!address) return;
     autoImportInterval = setInterval(async () => {
       try {
-        const network = process["env"].BSV_NETWORK === "testnet" ? "test" : "main";
+        const net = process["env"].BSV_NETWORK === "testnet" ? "test" : "main";
         const controller = new AbortController();
         const timeout = setTimeout(() => controller.abort(), 15e3);
-        const resp = await fetch(`https://api.whatsonchain.com/v1/bsv/${network}/address/${address}/unspent/all`, { signal: controller.signal });
+        const url = `https://api.whatsonchain.com/v1/bsv/${net}/address/${address}/unspent/all`;
+        const resp = await fetch(url, { signal: controller.signal });
         clearTimeout(timeout);
         if (!resp.ok) return;
         const data = await resp.json();
@@ -2816,20 +2604,6 @@ async function startAutoImport(config, api, port, token) {
 Auto-imported ${utxo.value} sats from transaction ${utxo.tx_hash.slice(0, 16)}...
 
 Notify the user their wallet has been funded.`, api.logger, port, token, { sessionKey: "hook:openclaw-overlay:import" });
-              try {
-                const regPath = path4.join(os2.homedir(), ".openclaw", "openclaw-overlay", "registration.json");
-                if (!fs13.existsSync(regPath)) {
-                  api.logger?.info?.("[openclaw-overlay] Not yet registered \u2014 auto-registering...");
-                  applyConfigToEnv(config);
-                  const regOutput = await cmdRegister();
-                  if (regOutput.success) {
-                    api.logger?.info?.("[openclaw-overlay] Auto-registered on overlay network!");
-                    await autoAdvertiseServices(config, api.logger);
-                  }
-                }
-              } catch (err) {
-                api.logger?.warn?.("[openclaw-overlay] Auto-registration failed:", err.message);
-              }
             }
           } catch (err) {
             knownTxids.add(key);
@@ -2842,27 +2616,6 @@ Notify the user their wallet has been funded.`, api.logger, port, token, { sessi
     api.logger?.warn?.("[openclaw-overlay] Auto-import setup failed:", err.message);
   }
 }
-async function autoAdvertiseServices(config, logger) {
-  try {
-    let servicesToAdvertise = [];
-    if (config?.services && Array.isArray(config.services)) {
-      servicesToAdvertise = config.services;
-    }
-    if (servicesToAdvertise.length === 0) return;
-    for (const serviceId of servicesToAdvertise) {
-      const serviceInfo = serviceManager.registry.get(serviceId);
-      if (!serviceInfo) continue;
-      try {
-        const { cmdAdvertise: cmdAdvertise2 } = await Promise.resolve().then(() => (init_services(), services_exports));
-        applyConfigToEnv(config);
-        await cmdAdvertise2(serviceId, serviceInfo.name, String(serviceInfo.defaultPrice), serviceInfo.description);
-      } catch {
-      }
-    }
-  } catch (err) {
-    logger?.warn?.("[openclaw-overlay] Auto-advertising failed:", err.message);
-  }
-}
 async function startBackgroundService(config, api, port, token) {
   if (serviceRunning) return;
   serviceRunning = true;
@@ -2922,7 +2675,7 @@ function stopBackgroundService() {
   }
 }
 function register(api) {
-  const version = "0.8.18";
+  const version = "0.8.21";
   if (isInitialized) return;
   isInitialized = true;
   api.logger?.info?.(`[openclaw-overlay] Initializing Plugin v${version}`);
@@ -2981,8 +2734,9 @@ ${typeof result === "string" ? result : JSON.stringify(result, null, 2)}` };
         await initializeServiceSystem();
       } catch {
       }
-      const gatewayPort = process["env"].OPENCLAW_GATEWAY_PORT || "18789";
-      const httpToken = process["env"].OPENCLAW_HOOKS_TOKEN || "";
+      const env = process["env"];
+      const gatewayPort = env.OPENCLAW_GATEWAY_PORT || "18789";
+      const httpToken = env.OPENCLAW_HOOKS_TOKEN || "";
       await startBackgroundService(pluginConfig, api, gatewayPort, httpToken);
       await startAutoImport(pluginConfig, api, gatewayPort, httpToken);
     },