probable-trader 1.0.0

package/scripts/lib/onboard.py

@@ -0,0 +1,177 @@
+"""Probable Markets onboarding: L1 auth, API key generation, credential storage.
+
+Full flow:
+  1. Get nonce from /public/api/v1/auth/nonce
+  2. EIP-712 sign auth message (domain: "Prob", chain 56)
+  3. Login at /public/api/v1/auth/login
+  4. Generate API key at /public/api/v1/auth/api-key/{chainId} using L1 headers
+  5. Store credentials in .probable/config.json
+"""
+
+import base64
+import hashlib
+import hmac as hmac_mod
+import json
+import time
+from dataclasses import asdict, dataclass
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Optional
+
+import httpx
+from eth_account import Account
+
+from .config import CONFIG_DIR, CONFIG_FILE, ProbableConfig, load_config
+from .safety import ActionResult
+
+
+@dataclass
+class ApiCreds:
+    api_key: str
+    api_secret: str
+    api_passphrase: str
+
+
+# ── EIP-712 Signing (ClobAuthDomain) ────────────────────────────
+
+def _create_l1_headers(private_key: str, chain_id: int = 56, nonce: int = 0) -> dict:
+    """Create L1 auth headers using ClobAuthDomain EIP-712 signing.
+
+    Uses py_clob_client's proven signing logic with prob_* header names.
+    """
+    from py_clob_client.signer import Signer
+    from py_clob_client.headers.headers import create_level_1_headers
+
+    signer = Signer(private_key, chain_id)
+    poly_headers = create_level_1_headers(signer, nonce=nonce)
+
+    # Probable Markets uses prob_* headers (not POLY_*)
+    return {
+        "prob_address": poly_headers["POLY_ADDRESS"],
+        "prob_signature": poly_headers["POLY_SIGNATURE"],
+        "prob_timestamp": poly_headers["POLY_TIMESTAMP"],
+        "prob_nonce": poly_headers["POLY_NONCE"],
+    }
+
+
+# ── HMAC Signing (for L2 auth) ───────────────────────────────────
+
+def build_hmac_signature(secret: str, timestamp: str, method: str, request_path: str, body=None) -> str:
+    """Build HMAC-SHA256 signature for L2 authenticated requests."""
+    secret_bytes = base64.urlsafe_b64decode(secret)
+    message = str(timestamp) + str(method) + str(request_path)
+    if body:
+        if isinstance(body, dict):
+            message += json.dumps(body, separators=(",", ":"), ensure_ascii=False)
+        else:
+            message += str(body).replace("'", '"')
+    h = hmac_mod.new(secret_bytes, message.encode("utf-8"), hashlib.sha256)
+    return base64.urlsafe_b64encode(h.digest()).decode("utf-8")
+
+
+# ── API Calls ────────────────────────────────────────────────────
+
+def _api_url(host: str, path: str) -> str:
+    return f"{host.rstrip('/')}{path}"
+
+
+def get_nonce(host: str) -> dict:
+    """Step 1: Get nonce from API."""
+    url = _api_url(host, "/public/api/v1/auth/nonce")
+    resp = httpx.get(url, timeout=15)
+    resp.raise_for_status()
+    return resp.json()
+
+
+def generate_api_key(host: str, private_key: str, chain_id: int = 56) -> dict:
+    """Generate L2 API key using L1 ClobAuth headers."""
+    url = _api_url(host, f"/public/api/v1/auth/api-key/{chain_id}")
+    headers = _create_l1_headers(private_key, chain_id, nonce=0)
+    resp = httpx.post(url, headers=headers, timeout=15)
+    resp.raise_for_status()
+    return resp.json()
+
+
+# ── Credential Storage ───────────────────────────────────────────
+
+def save_creds(cfg: ProbableConfig, api_key: str, api_secret: str = "", api_passphrase: str = ""):
+    """Save API credentials to .probable/config.json."""
+    config_dir = Path(CONFIG_DIR)
+    config_dir.mkdir(exist_ok=True)
+    config_path = config_dir / CONFIG_FILE
+
+    # Load existing or create new
+    data = {}
+    if config_path.exists():
+        try:
+            data = json.loads(config_path.read_text())
+        except (json.JSONDecodeError, OSError):
+            pass
+
+    data["api_key"] = api_key
+    if api_secret:
+        data["api_secret"] = api_secret
+    if api_passphrase:
+        data["api_passphrase"] = api_passphrase
+    data["host"] = cfg.host
+    data["chain_id"] = cfg.chain_id
+    if cfg.multi_sig_addr:
+        data["multi_sig_addr"] = cfg.multi_sig_addr
+
+    config_path.write_text(json.dumps(data, indent=2))
+    return config_path
+
+
+# ── Full Onboarding Orchestration ────────────────────────────────
+
+def run_onboard(cfg: ProbableConfig) -> ActionResult:
+    """Run complete onboarding: L1 ClobAuth sign → generate API key → save.
+
+    Requires: PROB_PRIVATE_KEY set in config.
+    """
+    steps = {}
+
+    if not cfg.private_key:
+        return ActionResult(
+            success=False, action="onboard",
+            error="PROB_PRIVATE_KEY is required. Set it as env var or in .probable/config.json"
+        )
+
+    # Derive EOA address from private key
+    try:
+        acct = Account.from_key(cfg.private_key)
+        eoa_address = acct.address
+        steps["eoa_address"] = eoa_address
+    except Exception as e:
+        return ActionResult(success=False, action="onboard", error=f"Invalid private key: {e}")
+
+    # Generate API key (one step: L1 ClobAuth headers → POST api-key)
+    try:
+        api_resp = generate_api_key(cfg.host, cfg.private_key, cfg.chain_id)
+        api_key = api_resp.get("apiKey", "")
+        api_secret = api_resp.get("secret", "")
+        api_passphrase = api_resp.get("passphrase", "")
+
+        if not api_key:
+            return ActionResult(success=False, action="onboard",
+                                error=f"API key not found in response: {api_resp}", data=steps)
+
+        steps["api_key_generated"] = True
+        steps["api_key_preview"] = api_key[:12] + "..."
+    except Exception as e:
+        return ActionResult(success=False, action="onboard", error=f"Failed to generate API key: {e}", data=steps)
+
+    # Save credentials
+    try:
+        path = save_creds(cfg, api_key, api_secret, api_passphrase)
+        steps["saved_to"] = str(path)
+    except Exception as e:
+        return ActionResult(success=False, action="onboard", error=f"Failed to save credentials: {e}", data=steps)
+
+    steps["next_steps"] = [
+        "Run: python3 scripts/prob.py doctor --json  (verify connectivity)",
+        "Run: python3 scripts/prob.py setup --confirm  (approve tokens for trading)",
+        "Run: python3 scripts/prob.py market list --json  (browse markets)",
+    ]
+
+    return ActionResult(success=True, action="onboard", data=steps)

package/scripts/lib/report.py

@@ -0,0 +1,105 @@
+"""Daily trading report generator for Probable Markets Skill."""
+
+import json
+from datetime import datetime, timezone
+from typing import Optional
+
+from .db import ProbableDB
+from .safety import ActionResult
+
+
+def generate_daily_report(db: ProbableDB, fmt: str = "markdown", hours: int = 24) -> ActionResult:
+    """Generate a trading report for the past N hours."""
+    trades = db.get_recent_trades(hours)
+    orders = db.get_recent_orders(hours)
+    audit = db.get_audit_log(hours)
+
+    # Compute stats
+    total_trades = len(trades)
+    total_orders = len(orders)
+    total_actions = len(audit)
+
+    buy_trades = [t for t in trades if t.get("side", "").upper() == "BUY"]
+    sell_trades = [t for t in trades if t.get("side", "").upper() == "SELL"]
+
+    orders_by_status = {}
+    for o in orders:
+        s = o.get("status", "unknown")
+        orders_by_status[s] = orders_by_status.get(s, 0) + 1
+
+    # Build report data
+    report_data = {
+        "period_hours": hours,
+        "generated_at": datetime.now(timezone.utc).isoformat(),
+        "summary": {
+            "total_trades": total_trades,
+            "buy_trades": len(buy_trades),
+            "sell_trades": len(sell_trades),
+            "total_orders": total_orders,
+            "orders_by_status": orders_by_status,
+            "total_audit_actions": total_actions,
+        },
+        "trades": trades,
+        "orders": orders,
+    }
+
+    if fmt == "json":
+        return ActionResult(success=True, action="report.daily", data=report_data)
+
+    # Markdown format
+    md_lines = [
+        f"# Probable Markets Daily Report",
+        f"",
+        f"**Period:** Last {hours} hours | **Generated:** {report_data['generated_at']}",
+        f"",
+        f"## Summary",
+        f"",
+        f"| Metric | Value |",
+        f"|--------|-------|",
+        f"| Total Trades | {total_trades} |",
+        f"| Buy Trades | {len(buy_trades)} |",
+        f"| Sell Trades | {len(sell_trades)} |",
+        f"| Total Orders | {total_orders} |",
+    ]
+
+    for status, count in orders_by_status.items():
+        md_lines.append(f"| Orders ({status}) | {count} |")
+
+    md_lines.append(f"| Audit Actions | {total_actions} |")
+
+    if trades:
+        md_lines.extend([
+            f"",
+            f"## Recent Trades",
+            f"",
+            f"| Trade ID | Market | Side | Price | Amount | Time |",
+            f"|----------|--------|------|-------|--------|------|",
+        ])
+        for t in trades[:20]:  # Limit to 20
+            md_lines.append(
+                f"| {t.get('trade_id', '-')[:8]} | {t.get('market_id', '-')} | "
+                f"{t.get('side', '-')} | {t.get('price', '-')} | {t.get('amount', '-')} | "
+                f"{t.get('timestamp', '-')} |"
+            )
+
+    if orders:
+        md_lines.extend([
+            f"",
+            f"## Recent Orders",
+            f"",
+            f"| Order ID | Market | Side | Price | Amount | Status |",
+            f"|----------|--------|------|-------|--------|--------|",
+        ])
+        for o in orders[:20]:
+            md_lines.append(
+                f"| {o.get('order_id', '-')[:8]} | {o.get('market_id', '-')} | "
+                f"{o.get('side', '-')} | {o.get('price', '-')} | {o.get('amount', '-')} | "
+                f"{o.get('status', '-')} |"
+            )
+
+    report_data["markdown"] = "\n".join(md_lines)
+
+    if fmt == "both":
+        return ActionResult(success=True, action="report.daily", data=report_data)
+    else:  # markdown
+        return ActionResult(success=True, action="report.daily", data={"markdown": report_data["markdown"]})

package/scripts/lib/safety.py

@@ -0,0 +1,76 @@
+"""Safety layer: dry-run, confirmation, secret masking, action result envelope."""
+
+import json
+import re
+import sys
+import uuid
+from dataclasses import asdict, dataclass, field
+from datetime import datetime, timezone
+from typing import Any, Optional
+
+
+@dataclass
+class ActionResult:
+    success: bool
+    action: str
+    data: Any = None
+    error: Optional[str] = None
+    dry_run: bool = False
+    request_id: str = field(default_factory=lambda: uuid.uuid4().hex[:12])
+    timestamp: str = field(default_factory=lambda: datetime.now(timezone.utc).isoformat())
+
+    def to_dict(self) -> dict:
+        return asdict(self)
+
+    def to_json(self) -> str:
+        return json.dumps(self.to_dict(), indent=2, default=str)
+
+
+# Patterns that look like private keys or secrets
+_SECRET_PATTERNS = [
+    re.compile(r"0x[0-9a-fA-F]{64}"),          # Hex private key
+    re.compile(r"[0-9a-fA-F]{64}"),             # Hex private key without 0x
+    re.compile(r"(?i)(api[_-]?key|secret|passphrase|password|private[_-]?key)\s*[:=]\s*\S+"),
+]
+
+
+def mask_secrets(text: str) -> str:
+    """Redact private keys and secrets from text."""
+    result = text
+    for pat in _SECRET_PATTERNS:
+        result = pat.sub("***REDACTED***", result)
+    return result
+
+
+def require_confirm(action_name: str, details: dict, confirmed: bool, dry_run: bool) -> Optional[ActionResult]:
+    """Check if action is confirmed. Returns ActionResult if blocked, None if OK."""
+    if dry_run:
+        return ActionResult(
+            success=True,
+            action=action_name,
+            data=details,
+            dry_run=True,
+        )
+    if not confirmed:
+        return ActionResult(
+            success=False,
+            action=action_name,
+            error=f"Action '{action_name}' requires --confirm flag. Use --dry-run to preview.",
+            data=details,
+            dry_run=False,
+        )
+    return None  # Proceed
+
+
+def output_result(result: ActionResult, json_mode: bool = False):
+    """Print ActionResult to stdout."""
+    if json_mode:
+        print(result.to_json())
+    else:
+        status = "OK" if result.success else "FAILED"
+        dry = " [DRY-RUN]" if result.dry_run else ""
+        print(f"[{status}]{dry} {result.action}")
+        if result.error:
+            print(f"  Error: {result.error}")
+        if result.data:
+            print(json.dumps(result.data, indent=2, default=str))

package/scripts/lib/ws_client.py

@@ -0,0 +1,109 @@
+"""WebSocket client for Probable Markets — book updates and execution reports."""
+
+import asyncio
+import json
+import sys
+import time
+from typing import Optional
+
+WS_BASE = "wss://ws.probable.markets"
+WS_MARKET_PATH = "/ws/market"
+WS_USER_PATH = "/ws/user"
+PING_INTERVAL = 10
+RECONNECT_BASE_DELAY = 1
+RECONNECT_MAX_DELAY = 30
+
+
+def _print_event(event: dict, json_mode: bool):
+    """Print a WebSocket event as JSON line."""
+    if json_mode:
+        print(json.dumps(event, default=str), flush=True)
+    else:
+        etype = event.get("type", event.get("event", "unknown"))
+        print(f"[WS] {etype}: {json.dumps(event, default=str)}", flush=True)
+
+
+async def _connect_and_stream(url: str, subscribe_msg: Optional[dict], duration: int,
+                               json_mode: bool, on_event=None):
+    """Connect to WebSocket, send subscription, stream events for duration seconds."""
+    try:
+        import websockets
+    except ImportError:
+        print("Error: 'websockets' package required. Install with: pip install websockets", file=sys.stderr)
+        return
+
+    deadline = time.time() + duration
+    delay = RECONNECT_BASE_DELAY
+
+    while time.time() < deadline:
+        try:
+            async with websockets.connect(url) as ws:
+                delay = RECONNECT_BASE_DELAY  # Reset on successful connect
+
+                if subscribe_msg:
+                    await ws.send(json.dumps(subscribe_msg))
+
+                # Ping task
+                async def ping_loop():
+                    while True:
+                        await asyncio.sleep(PING_INTERVAL)
+                        try:
+                            await ws.send("PING")
+                        except Exception:
+                            break
+
+                ping_task = asyncio.create_task(ping_loop())
+
+                try:
+                    while time.time() < deadline:
+                        try:
+                            msg = await asyncio.wait_for(ws.recv(), timeout=min(5, deadline - time.time()))
+                        except asyncio.TimeoutError:
+                            continue
+
+                        if msg == "PONG" or msg == "pong":
+                            continue
+
+                        try:
+                            event = json.loads(msg)
+                        except json.JSONDecodeError:
+                            event = {"raw": msg}
+
+                        _print_event(event, json_mode)
+                        if on_event:
+                            on_event(event)
+                finally:
+                    ping_task.cancel()
+                    try:
+                        await ping_task
+                    except asyncio.CancelledError:
+                        pass
+
+        except Exception as e:
+            if time.time() >= deadline:
+                break
+            _print_event({"type": "reconnecting", "error": str(e), "delay": delay}, json_mode)
+            await asyncio.sleep(delay)
+            delay = min(delay * 2, RECONNECT_MAX_DELAY)
+
+
+async def subscribe_book(token_id: str, duration: int = 60, json_mode: bool = False):
+    """Subscribe to orderbook updates for a token."""
+    url = f"{WS_BASE}{WS_MARKET_PATH}"
+    sub_msg = {
+        "assets_ids": [token_id],
+        "type": "market",
+    }
+    _print_event({"type": "subscribing", "url": url, "token_id": token_id, "duration": duration}, json_mode)
+    await _connect_and_stream(url, sub_msg, duration, json_mode)
+
+
+async def subscribe_user(cfg, duration: int = 60, json_mode: bool = False):
+    """Subscribe to user execution reports (authenticated)."""
+    url = f"{WS_BASE}{WS_USER_PATH}"
+    sub_msg = {
+        "type": "user",
+        "apiKey": cfg.api_key,
+    }
+    _print_event({"type": "subscribing", "url": url, "duration": duration}, json_mode)
+    await _connect_and_stream(url, sub_msg, duration, json_mode)