npm - opentool - Versions diffs - 0.7.7 → 0.7.9 - Mend

opentool 0.7.7 → 0.7.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/README.md +53 -3
package/dist/cli/index.d.ts +2 -2
package/dist/cli/index.js +65 -16
package/dist/cli/index.js.map +1 -1
package/dist/index.d.ts +37 -4
package/dist/index.js +65 -16
package/dist/index.js.map +1 -1
package/dist/{validate-BrOwtVYW.d.ts → validate-BBjyq5nS.d.ts} +1 -1
package/dist/x402/index.js +35 -16
package/dist/x402/index.js.map +1 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -5,12 +5,14 @@
 Build serverless TypeScript tools that work with AI assistants, handle crypto payments, and deploy to AWS Lambda automatically.
-**For LLMs/AI Code Generation:** [`dist/opentool-context.ts`](./scripts/build-context.ts)
+**For LLMs/AI Code Generation:** [`context/opentool-context.ts`](./context/opentool-context.ts)
 ## What is it?
 OpenTool lets you write simple TypeScript functions that can be called by other agents, monetized with crypto payments, and deployed as serverless functions. It handles the boring stuff like:
+Tools are either Public or Private. Public tools are accessible to the public and are monetized with crypto payments using x402. Private tools are accessible only to the app developer and are mainly for trading and onchain interaction use cases.
 ## Installation
 ```bash
@@ -65,9 +67,57 @@ npx opentool validate
 npx opentool dev
 ```
-### 4. Add x402 payments (optional)
+### Private tools: GET-only and POST-only
+For private tools, say for internal trading apps:
+- GET-only (scheduled default profile)
+- POST-only (one-off, parameterized with Zod)
+GET-only (scheduled default)
+```typescript
+// tools/aave-stake.ts
+export const profile = {
+  description: "Stake 100 USDC daily at 12:00 UTC",
+  fixedAmount: "100",
+  tokenSymbol: "USDC",
+  schedule: { cron: "0 12 * * *", enabled: true },
+  limits: { concurrency: 1, dailyCap: 1 },
+};
+export async function GET(_req: Request) {
+  const amount = profile.fixedAmount;
+  return Response.json({
+    ok: true,
+    action: "stake",
+    amount,
+    token: profile.tokenSymbol,
+  });
+}
+```
+POST-only (one-off)
+```typescript
+// tools/aave-unstake.ts
+import { z } from "zod";
+export const schema = z.object({
+  amount: z.string(),
+  token: z.string().default("USDC"),
+});
+export async function POST(req: Request) {
+  const body = await req.json();
+  const { amount, token } = schema.parse(body);
+  return Response.json({ ok: true, action: "unstake", amount, token });
+}
+```
+### Public tools: Add x402 payments (optional)
-Protect your tools with crypto payments using x402:
+Protect your public tools with crypto payments using x402:
 ```typescript
 // tools/premium-report.ts

package/dist/cli/index.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
-import { h as Metadata, I as InternalToolDefinition } from '../validate-BrOwtVYW.js';
-export { G as GenerateMetadataOptions, j as GenerateMetadataResult, V as ValidateOptions, g as generateMetadata, a as generateMetadataCommand, l as loadAndValidateTools, v as validateCommand, k as validateFullCommand } from '../validate-BrOwtVYW.js';
+import { M as Metadata, I as InternalToolDefinition } from '../validate-BBjyq5nS.js';
+export { G as GenerateMetadataOptions, a as GenerateMetadataResult, V as ValidateOptions, b as generateMetadata, g as generateMetadataCommand, l as loadAndValidateTools, v as validateCommand, c as validateFullCommand } from '../validate-BBjyq5nS.js';
 import 'zod';
 import '../x402/index.js';
 import 'viem';

package/dist/cli/index.js CHANGED Viewed

@@ -535,6 +535,7 @@ function extractX402Attempt(request) {
 }
 async function verifyX402Payment(attempt, definition, options = {}) {
   const fetchImpl = options.fetchImpl ?? fetch;
+  const timeout = options.timeout ?? 25e3;
   const facilitator = definition.facilitator;
   const verifierUrl = new URL(
     facilitator.verifyPath ?? "/verify",
@@ -550,13 +551,18 @@ async function verifyX402Payment(attempt, definition, options = {}) {
     };
     console.log("[x402] Calling facilitator /verify", {
       url: verifierUrl,
-      bodyPreview: JSON.stringify(verifyBody).substring(0, 200)
-    });
-    const verifyResponse = await fetchImpl(verifierUrl, {
-      method: "POST",
-      headers,
-      body: JSON.stringify(verifyBody)
+      fullBody: JSON.stringify(verifyBody, null, 2)
     });
+    const verifyResponse = await Promise.race([
+      fetchImpl(verifierUrl, {
+        method: "POST",
+        headers,
+        body: JSON.stringify(verifyBody)
+      }),
+      new Promise(
+        (_, reject) => setTimeout(() => reject(new Error(`Verification timeout after ${timeout}ms`)), timeout)
+      )
+    ]);
     console.log("[x402] Facilitator /verify response", { status: verifyResponse.status });
     if (!verifyResponse.ok) {
       const errorText = await verifyResponse.text().catch(() => "");
@@ -586,27 +592,39 @@ async function verifyX402Payment(attempt, definition, options = {}) {
         ensureTrailingSlash(facilitator.url)
       ).toString();
       try {
-        console.log("[x402] Calling facilitator /settle", { url: settleUrl });
-        const settleResponse = await fetchImpl(settleUrl, {
-          method: "POST",
-          headers,
-          body: JSON.stringify({
-            x402Version: attempt.payload.x402Version,
-            paymentPayload: attempt.payload,
-            paymentRequirements: requirement
-          })
+        const settleBody = {
+          x402Version: attempt.payload.x402Version,
+          paymentPayload: attempt.payload,
+          paymentRequirements: requirement
+        };
+        console.log("[x402] Calling facilitator /settle", {
+          url: settleUrl,
+          bodyPreview: JSON.stringify(settleBody).substring(0, 300)
         });
+        const settleResponse = await Promise.race([
+          fetchImpl(settleUrl, {
+            method: "POST",
+            headers,
+            body: JSON.stringify(settleBody)
+          }),
+          new Promise(
+            (_, reject) => setTimeout(() => reject(new Error(`Settlement timeout after ${timeout}ms`)), timeout)
+          )
+        ]);
         console.log("[x402] Facilitator /settle response", { status: settleResponse.status });
         if (!settleResponse.ok) {
+          const errorText = await settleResponse.text().catch(() => "");
+          console.error("[x402] Facilitator /settle error", { status: settleResponse.status, body: errorText });
           return {
             success: false,
             failure: {
-              reason: `Facilitator settlement failed: ${settleResponse.status}`,
+              reason: `Facilitator settlement failed: ${settleResponse.status}${errorText ? ` - ${errorText}` : ""}`,
               code: "settlement_failed"
             }
           };
         }
         const settlePayload = await settleResponse.json();
+        console.log("[x402] Facilitator /settle success", { txHash: settlePayload.txHash });
         if (settlePayload.txHash) {
           responseHeaders[HEADER_PAYMENT_RESPONSE] = JSON.stringify({
             settled: true,
@@ -614,6 +632,7 @@ async function verifyX402Payment(attempt, definition, options = {}) {
           });
         }
       } catch (error) {
+        console.error("[x402] Settlement exception", { error: error instanceof Error ? error.message : String(error) });
         return {
           success: false,
           failure: {
@@ -989,6 +1008,12 @@ async function loadAndValidateTools(toolsDir, options = {}) {
   if (fs4.existsSync(tempDir)) {
     fs4.rmSync(tempDir, { recursive: true, force: true });
   }
+  const kebabCase = /^[a-z0-9]+(?:-[a-z0-9]+)*\.[a-z]+$/;
+  for (const f of files) {
+    if (!kebabCase.test(f)) {
+      throw new Error(`Tool filename must be kebab-case: ${f}`);
+    }
+  }
   const entryPoints = files.map((file) => path5.join(toolsDir, file));
   const { outDir, cleanup } = await transpileWithEsbuild({
     entryPoints,
@@ -1013,6 +1038,30 @@ async function loadAndValidateTools(toolsDir, options = {}) {
       const inputSchemaRaw = schema ? toJsonSchema(toolName, schema) : void 0;
       const inputSchema = normalizeInputSchema(inputSchemaRaw);
       const httpHandlersRaw = collectHttpHandlers(toolModule, file);
+      const hasGET = typeof toolModule.GET === "function";
+      const hasPOST = typeof toolModule.POST === "function";
+      const otherMethods = HTTP_METHODS.filter((m) => m !== "GET" && m !== "POST").filter(
+        (m) => typeof toolModule[m] === "function"
+      );
+      if (otherMethods.length > 0) {
+        throw new Error(
+          `${file} must not export ${otherMethods.join(", ")}. Only one of GET or POST is allowed.`
+        );
+      }
+      if (hasGET === hasPOST) {
+        throw new Error(`${file}: export exactly one of GET or POST`);
+      }
+      if (hasGET) {
+        const schedule = toolModule?.profile?.schedule;
+        if (!schedule || typeof schedule?.cron !== "string" || schedule.cron.trim().length === 0) {
+          throw new Error(`${file}: GET tools require profile.schedule { cron }`);
+        }
+      }
+      if (hasPOST) {
+        if (!schema) {
+          throw new Error(`${file}: POST tools must export a Zod schema as 'schema'`);
+        }
+      }
       const httpHandlers = [...httpHandlersRaw];
       if (httpHandlers.length === 0) {
         throw new Error(