ray-finance 0.2.0

package/dist/cli/setup.js

@@ -0,0 +1,168 @@
+import chalk from "chalk";
+import { existsSync, mkdirSync } from "fs";
+import { dirname } from "path";
+import { config, saveConfig, isConfigured, RAY_PROXY_BASE } from "../config.js";
+import { heading, dim } from "./format.js";
+export async function runSetup() {
+    const inquirer = (await import("inquirer")).default;
+    console.log(`\n${heading("Ray Finance Setup")}\n`);
+    if (isConfigured()) {
+        const { proceed } = await inquirer.prompt([{
+                type: "confirm",
+                name: "proceed",
+                message: "Ray is already configured. Reconfigure?",
+                default: false,
+            }]);
+        if (!proceed)
+            return;
+    }
+    const { setupMode } = await inquirer.prompt([{
+            type: "list",
+            name: "setupMode",
+            message: "How would you like to set up Ray?",
+            choices: [
+                { name: "Quick setup — we handle the API keys, your data stays local", value: "managed" },
+                { name: "Self-hosted — bring your own Anthropic and Plaid credentials", value: "selfhosted" },
+            ],
+        }]);
+    let canLink = false;
+    if (setupMode === "managed") {
+        const { userName } = await inquirer.prompt([{
+                type: "input",
+                name: "userName",
+                message: "Your name:",
+                default: config.userName !== "User" ? config.userName : undefined,
+            }]);
+        const { hasKey } = await inquirer.prompt([{
+                type: "list",
+                name: "hasKey",
+                message: "Do you have a Ray API key?",
+                choices: [
+                    { name: "Yes — I have a key", value: true },
+                    { name: "No — I need to get one ($10/mo)", value: false },
+                ],
+            }]);
+        if (!hasKey) {
+            const open = (await import("open")).default;
+            const ora = (await import("ora")).default;
+            console.log(`\n  Opening Stripe checkout in your browser...\n`);
+            try {
+                const resp = await fetch(`${RAY_PROXY_BASE.replace("/v1", "")}/stripe/checkout`, {
+                    method: "POST",
+                    headers: { "content-type": "application/json" },
+                });
+                const { url } = await resp.json();
+                await open(url);
+            }
+            catch {
+                console.log(dim(`  Could not open checkout automatically.`));
+                console.log(dim(`  Re-run ray setup to try again.\n`));
+            }
+            console.log(dim("  Complete checkout, then paste your key below.\n"));
+        }
+        const { rayApiKey } = await inquirer.prompt([{
+                type: "password",
+                name: "rayApiKey",
+                message: "Ray API key:",
+                validate: (v) => v.startsWith("ray_") || "Should start with ray_",
+            }]);
+        // Auto-generate encryption keys if not already set
+        const { generateKey } = await import("../db/encryption.js");
+        saveConfig({
+            userName,
+            rayApiKey,
+            anthropicKey: "",
+            model: "claude-sonnet-4-6",
+            plaidClientId: "",
+            plaidSecret: "",
+            plaidEnv: "production",
+            dbEncryptionKey: config.dbEncryptionKey || generateKey(),
+            plaidTokenSecret: config.plaidTokenSecret || generateKey(),
+        });
+        canLink = true;
+    }
+    else {
+        const answers = await inquirer.prompt([
+            {
+                type: "input",
+                name: "userName",
+                message: "Your name:",
+                default: config.userName !== "User" ? config.userName : undefined,
+            },
+            {
+                type: "password",
+                name: "anthropicKey",
+                message: "Anthropic API key:",
+                default: config.anthropicKey || undefined,
+                validate: (v) => v.length > 0 || "Required",
+            },
+            {
+                type: "list",
+                name: "model",
+                message: "AI model:",
+                choices: [
+                    { name: "Claude Sonnet 4.6 (recommended)", value: "claude-sonnet-4-6" },
+                    { name: "Claude Haiku 4.5 (faster, cheaper)", value: "claude-haiku-4-5" },
+                    { name: "Claude Opus 4.6 (most capable)", value: "claude-opus-4-6" },
+                ],
+                default: config.model,
+            },
+            {
+                type: "password",
+                name: "plaidClientId",
+                message: "Plaid production client ID (enter to skip):",
+                default: config.plaidClientId || undefined,
+            },
+            {
+                type: "password",
+                name: "plaidSecret",
+                message: "Plaid production secret (enter to skip):",
+                default: config.plaidSecret || undefined,
+            },
+            {
+                type: "password",
+                name: "dbEncryptionKey",
+                message: "Database encryption key (enter to skip):",
+                default: config.dbEncryptionKey || undefined,
+            },
+        ]);
+        const { generateKey } = await import("../db/encryption.js");
+        saveConfig({
+            userName: answers.userName,
+            anthropicKey: answers.anthropicKey,
+            rayApiKey: "",
+            model: answers.model,
+            plaidClientId: answers.plaidClientId || "",
+            plaidSecret: answers.plaidSecret || "",
+            plaidEnv: "production",
+            dbEncryptionKey: answers.dbEncryptionKey || generateKey(),
+            plaidTokenSecret: config.plaidTokenSecret || generateKey(),
+        });
+        canLink = !!(answers.plaidClientId && answers.plaidSecret);
+    }
+    // Ensure data directory exists
+    const dbDir = dirname(config.dbPath);
+    if (!existsSync(dbDir))
+        mkdirSync(dbDir, { recursive: true });
+    // Initialize DB
+    const { getDb } = await import("../db/connection.js");
+    getDb();
+    // Create persistent context file
+    const { createContextTemplate } = await import("../ai/context.js");
+    createContextTemplate(config.userName);
+    console.log(`\n${chalk.green("✓")} Config saved`);
+    // Link first account immediately — this is the critical path
+    if (canLink) {
+        console.log();
+        const { runLink } = await import("./commands.js");
+        await runLink();
+        // Auto-schedule daily sync at 6am after first successful link
+        if (!config.syncSchedule) {
+            saveConfig({ syncSchedule: "06:00" });
+            const { installSyncSchedule } = await import("./scheduler.js");
+            installSyncSchedule("06:00");
+            console.log(`${chalk.green("✓")} Daily sync scheduled at 6:00 AM`);
+        }
+    }
+    console.log(`\n${chalk.green("✓")} Setup complete! Run ${chalk.bold("ray")} to start chatting.\n`);
+}

package/dist/config.d.ts

@@ -0,0 +1,22 @@
+import "dotenv/config";
+export interface RayConfig {
+    anthropicKey: string;
+    rayApiKey: string;
+    model: string;
+    plaidClientId: string;
+    plaidSecret: string;
+    plaidEnv: string;
+    dbPath: string;
+    dbEncryptionKey: string;
+    plaidTokenSecret: string;
+    port: number;
+    userName: string;
+    thinkingBudget: number;
+    syncSchedule: string;
+}
+export declare const RAY_PROXY_BASE = "https://api.rayfinance.app/v1";
+export declare function useManaged(): boolean;
+export declare function getConfigPath(): string;
+export declare const config: RayConfig;
+export declare function isConfigured(): boolean;
+export declare function saveConfig(partial: Partial<RayConfig>): void;

package/dist/config.js

@@ -0,0 +1,60 @@
+import "dotenv/config";
+import { readFileSync, writeFileSync, existsSync, mkdirSync, chmodSync } from "fs";
+import { resolve } from "path";
+import { homedir } from "os";
+export const RAY_PROXY_BASE = "https://api.rayfinance.app/v1";
+export function useManaged() {
+    return !!config.rayApiKey;
+}
+const RAY_DIR = resolve(homedir(), ".ray");
+export function getConfigPath() {
+    return resolve(RAY_DIR, "config.json");
+}
+function loadFileConfig() {
+    const configPath = getConfigPath();
+    if (!existsSync(configPath))
+        return {};
+    try {
+        return JSON.parse(readFileSync(configPath, "utf-8"));
+    }
+    catch {
+        return {};
+    }
+}
+function buildConfig() {
+    const file = loadFileConfig();
+    return {
+        anthropicKey: file.anthropicKey || process.env.ANTHROPIC_API_KEY || "",
+        rayApiKey: file.rayApiKey || process.env.RAY_API_KEY || "",
+        model: file.model || process.env.RAY_MODEL || "claude-sonnet-4-6",
+        plaidClientId: file.plaidClientId || process.env.PLAID_CLIENT_ID || "",
+        plaidSecret: file.plaidSecret || process.env.PLAID_SECRET || "",
+        plaidEnv: file.plaidEnv || process.env.PLAID_ENV || "production",
+        dbPath: file.dbPath || process.env.DB_PATH || resolve(RAY_DIR, "data", "finance.db"),
+        dbEncryptionKey: file.dbEncryptionKey || process.env.DB_ENCRYPTION_KEY || "",
+        plaidTokenSecret: file.plaidTokenSecret || process.env.PLAID_TOKEN_SECRET || "",
+        port: file.port || Number(process.env.RAY_PORT) || 9876,
+        userName: file.userName || process.env.RAY_USER_NAME || "User",
+        thinkingBudget: file.thinkingBudget ?? (Number(process.env.RAY_THINKING_BUDGET) || 8000),
+        syncSchedule: file.syncSchedule || "",
+    };
+}
+export const config = buildConfig();
+export function isConfigured() {
+    return !!config.anthropicKey || !!config.rayApiKey;
+}
+export function saveConfig(partial) {
+    const configPath = getConfigPath();
+    const dir = resolve(RAY_DIR);
+    if (!existsSync(dir))
+        mkdirSync(dir, { recursive: true });
+    const existing = loadFileConfig();
+    const merged = { ...existing, ...partial };
+    writeFileSync(configPath, JSON.stringify(merged, null, 2) + "\n", { mode: 0o600 });
+    try {
+        chmodSync(configPath, 0o600);
+    }
+    catch { }
+    // Update live config
+    Object.assign(config, merged);
+}

package/dist/daily-sync.d.ts

@@ -0,0 +1,7 @@
+import type BetterSqlite3 from "better-sqlite3-multiple-ciphers";
+type Database = BetterSqlite3.Database;
+/** Run the daily sync for a single database */
+export declare function runDailySync(db: Database): Promise<void>;
+/** Run daily sync (cron / CLI entry point) */
+export declare function runDailySyncAll(): Promise<void>;
+export {};

package/dist/daily-sync.js

@@ -0,0 +1,94 @@
+import { syncTransactions, syncBalances, syncInvestments, syncLiabilities, } from "./plaid/sync.js";
+import { calculateDailyScore, checkAchievements } from "./scoring/index.js";
+/** Run the daily sync for a single database */
+export async function runDailySync(db) {
+    const institutions = db
+        .prepare(`SELECT item_id, access_token, name, products, cursor FROM institutions`)
+        .all();
+    if (institutions.length === 0) {
+        console.log("No linked institutions.");
+        return;
+    }
+    for (const inst of institutions) {
+        if (inst.access_token === "manual") {
+            console.log(`Skipping ${inst.name} (manual entry)`);
+            continue;
+        }
+        const products = JSON.parse(inst.products);
+        console.log(`Syncing: ${inst.name} (${products.join(", ")})`);
+        try {
+            // Always sync balances
+            const accountCount = await syncBalances(db, inst.access_token);
+            console.log(`  Accounts: ${accountCount}`);
+            // Sync transactions if available
+            if (products.includes("transactions")) {
+                const txResult = await syncTransactions(db, inst.item_id, inst.access_token, inst.cursor);
+                console.log(`  Transactions: +${txResult.added} ~${txResult.modified} -${txResult.removed}`);
+            }
+            // Sync investments if available
+            if (products.includes("investments")) {
+                const invResult = await syncInvestments(db, inst.access_token);
+                console.log(`  Investments: ${invResult.holdings} holdings, ${invResult.securities} securities`);
+            }
+            // Sync liabilities if available
+            if (products.includes("liabilities")) {
+                await syncLiabilities(db, inst.access_token);
+                console.log(`  Liabilities: synced`);
+            }
+        }
+        catch (err) {
+            console.error(`  Error syncing ${inst.name}: ${err.message}`);
+        }
+    }
+    // Snapshot net worth
+    const assets = db
+        .prepare(`SELECT COALESCE(SUM(current_balance), 0) as total FROM accounts WHERE type IN ('depository', 'investment', 'other')`)
+        .get();
+    const liabs = db
+        .prepare(`SELECT COALESCE(SUM(current_balance), 0) as total FROM accounts WHERE type IN ('credit', 'loan')`)
+        .get();
+    const netWorth = assets.total - liabs.total;
+    const today = new Date().toISOString().slice(0, 10);
+    db.prepare(`INSERT INTO net_worth_history (date, total_assets, total_liabilities, net_worth)
+     VALUES (?, ?, ?, ?)
+     ON CONFLICT(date) DO UPDATE SET total_assets=excluded.total_assets, total_liabilities=excluded.total_liabilities, net_worth=excluded.net_worth`).run(today, assets.total, liabs.total, netWorth);
+    console.log(`Net worth snapshot: $${netWorth.toLocaleString()} (assets: $${assets.total.toLocaleString()}, liabilities: $${liabs.total.toLocaleString()})`);
+    // Calculate daily score for yesterday
+    const yesterday = new Date(Date.now() - 24 * 60 * 60 * 1000).toISOString().slice(0, 10);
+    const dailyScore = calculateDailyScore(db, yesterday);
+    console.log(`  Daily score (${yesterday}): ${dailyScore.score}/100`);
+    const newAchievements = checkAchievements(db);
+    if (newAchievements.length > 0) {
+        for (const a of newAchievements) {
+            console.log(`  Achievement unlocked: ${a.name} — ${a.description}`);
+        }
+    }
+    // Auto-recategorize using rules from recategorization_rules table
+    const rules = db.prepare(`SELECT match_field, match_pattern, target_category, target_subcategory, label FROM recategorization_rules`).all();
+    let totalRecat = 0;
+    for (const rule of rules) {
+        // Validate match_field to prevent SQL injection — only allow known column names
+        const allowedFields = ["name", "merchant_name", "category", "subcategory"];
+        if (!allowedFields.includes(rule.match_field)) {
+            console.error(`  Skipping recat rule with invalid match_field: ${rule.match_field}`);
+            continue;
+        }
+        const result = rule.target_subcategory
+            ? db.prepare(`UPDATE transactions SET category = ?, subcategory = ? WHERE ${rule.match_field} LIKE ? AND category != ?`).run(rule.target_category, rule.target_subcategory, rule.match_pattern, rule.target_category)
+            : db.prepare(`UPDATE transactions SET category = ? WHERE ${rule.match_field} LIKE ? AND category != ?`).run(rule.target_category, rule.match_pattern, rule.target_category);
+        if (result.changes > 0) {
+            console.log(`  Recategorized ${result.changes} txn(s): ${rule.label}`);
+            totalRecat += result.changes;
+        }
+    }
+    if (totalRecat > 0) {
+        console.log(`Auto-recategorized ${totalRecat} transaction(s).`);
+    }
+    console.log("Sync complete.");
+}
+/** Run daily sync (cron / CLI entry point) */
+export async function runDailySyncAll() {
+    const { getDb } = await import("./db/connection.js");
+    const db = getDb();
+    await runDailySync(db);
+}

package/dist/db/connection.d.ts

@@ -0,0 +1,5 @@
+import Database from "better-sqlite3-multiple-ciphers";
+/** Get the single DB instance */
+export declare function getDb(): Database.Database;
+/** Close all connections (for graceful shutdown) */
+export declare function closeAll(): void;

package/dist/db/connection.js

@@ -0,0 +1,37 @@
+import Database from "better-sqlite3-multiple-ciphers";
+import { config } from "../config.js";
+import { migrate } from "./schema.js";
+import { dirname } from "path";
+import { mkdirSync, existsSync, chmodSync } from "fs";
+let singleDb = null;
+function openDb(dbPath, encryptionKey) {
+    const dir = dirname(dbPath);
+    if (!existsSync(dir))
+        mkdirSync(dir, { recursive: true });
+    const db = new Database(dbPath);
+    if (encryptionKey) {
+        // Use hex key format to avoid pragma injection from special characters
+        const hexKey = Buffer.from(encryptionKey, "utf8").toString("hex");
+        db.pragma(`key="x'${hexKey}'"`);
+    }
+    db.pragma("journal_mode = WAL");
+    db.pragma("foreign_keys = ON");
+    migrate(db);
+    try {
+        chmodSync(dbPath, 0o600);
+    }
+    catch { }
+    return db;
+}
+/** Get the single DB instance */
+export function getDb() {
+    if (!singleDb) {
+        singleDb = openDb(config.dbPath, config.dbEncryptionKey || undefined);
+    }
+    return singleDb;
+}
+/** Close all connections (for graceful shutdown) */
+export function closeAll() {
+    singleDb?.close();
+    singleDb = null;
+}

package/dist/db/encryption.d.ts

@@ -0,0 +1,3 @@
+export declare function generateKey(): string;
+export declare function encryptPlaidToken(token: string, secret: string): string;
+export declare function decryptPlaidToken(encrypted: string, secret: string): string;

package/dist/db/encryption.js

@@ -0,0 +1,24 @@
+import { createCipheriv, createDecipheriv, randomBytes, scryptSync } from "crypto";
+const SCRYPT_SALT = "ray-finance-plaid-token"; // Static salt is fine — secret is already high-entropy
+const SCRYPT_KEYLEN = 32;
+export function generateKey() {
+    return randomBytes(32).toString("hex");
+}
+function deriveKey(secret) {
+    return scryptSync(secret, SCRYPT_SALT, SCRYPT_KEYLEN);
+}
+export function encryptPlaidToken(token, secret) {
+    const key = deriveKey(secret);
+    const iv = randomBytes(16);
+    const cipher = createCipheriv("aes-256-gcm", key, iv);
+    const encrypted = Buffer.concat([cipher.update(token, "utf8"), cipher.final()]);
+    const authTag = cipher.getAuthTag();
+    return `${iv.toString("hex")}:${authTag.toString("hex")}:${encrypted.toString("hex")}`;
+}
+export function decryptPlaidToken(encrypted, secret) {
+    const [ivHex, authTagHex, dataHex] = encrypted.split(":");
+    const key = deriveKey(secret);
+    const decipher = createDecipheriv("aes-256-gcm", key, Buffer.from(ivHex, "hex"));
+    decipher.setAuthTag(Buffer.from(authTagHex, "hex"));
+    return decipher.update(Buffer.from(dataHex, "hex")) + decipher.final("utf8");
+}

package/dist/db/helpers.d.ts

@@ -0,0 +1,16 @@
+export declare function resolvePeriod(period: string): {
+    start: string;
+    end: string;
+};
+export declare function shiftDays(date: Date, days: number): Date;
+export declare function simulatePayoff(balance: number, annualRate: number, monthlyPayment: number): {
+    months: number;
+    totalInterest: number;
+    schedule: {
+        month: number;
+        payment: number;
+        principal: number;
+        interest: number;
+        remaining: number;
+    }[];
+};

package/dist/db/helpers.js

@@ -0,0 +1,45 @@
+export function resolvePeriod(period) {
+    const now = new Date();
+    const y = now.getFullYear();
+    const m = now.getMonth();
+    switch (period) {
+        case "this_month":
+            return { start: new Date(y, m, 1).toISOString().slice(0, 10), end: now.toISOString().slice(0, 10) };
+        case "last_month":
+            return { start: new Date(y, m - 1, 1).toISOString().slice(0, 10), end: new Date(y, m, 0).toISOString().slice(0, 10) };
+        case "this_year":
+            return { start: new Date(y, 0, 1).toISOString().slice(0, 10), end: now.toISOString().slice(0, 10) };
+        case "last_30":
+            return { start: shiftDays(now, -30).toISOString().slice(0, 10), end: now.toISOString().slice(0, 10) };
+        case "last_90":
+            return { start: shiftDays(now, -90).toISOString().slice(0, 10), end: now.toISOString().slice(0, 10) };
+        default: {
+            const parts = period.split(":");
+            if (parts.length === 2)
+                return { start: parts[0], end: parts[1] };
+            throw new Error(`Unknown period: ${period}. Use this_month, last_month, this_year, last_30, last_90, or START:END`);
+        }
+    }
+}
+export function shiftDays(date, days) {
+    const d = new Date(date);
+    d.setDate(d.getDate() + days);
+    return d;
+}
+export function simulatePayoff(balance, annualRate, monthlyPayment) {
+    const monthlyRate = annualRate / 100 / 12;
+    let remaining = balance;
+    let totalInterest = 0;
+    const schedule = [];
+    let month = 0;
+    while (remaining > 0.01 && month < 600) {
+        month++;
+        const interest = remaining * monthlyRate;
+        const payment = Math.min(monthlyPayment, remaining + interest);
+        const principal = payment - interest;
+        remaining -= principal;
+        totalInterest += interest;
+        schedule.push({ month, payment: Math.round(payment * 100) / 100, principal: Math.round(principal * 100) / 100, interest: Math.round(interest * 100) / 100, remaining: Math.round(Math.max(0, remaining) * 100) / 100 });
+    }
+    return { months: month, totalInterest: Math.round(totalInterest * 100) / 100, schedule };
+}

package/dist/db/schema.d.ts

@@ -0,0 +1,2 @@
+import type Database from "better-sqlite3-multiple-ciphers";
+export declare function migrate(db: Database.Database): void;