recon-crypto-mcp 0.1.0

package/dist/modules/feedback/index.js

@@ -0,0 +1,161 @@
+import { requestCapabilityInput } from "./schemas.js";
+import { checkAndRecord, hashPayload, RATE_LIMITS } from "./rate-limit.js";
+const REPO_OWNER = "szhygulin";
+const REPO_NAME = "recon-crypto-mcp";
+const ISSUE_LABEL = "agent-request";
+const USER_AGENT = "recon-crypto-mcp/0.1.0 capability-request";
+const POST_TIMEOUT_MS = 8_000;
+const MAX_POST_BODY_BYTES = 16_384;
+const MAX_PREFILLED_URL_BYTES = 7168;
+const TRUNCATION_MARKER = "\n\n_...(body truncated to fit in GitHub's prefilled-URL length limit — paste the full context into the issue after opening)_";
+/**
+ * Neutralize GitHub @-mentions in agent-supplied strings before they enter the
+ * issue body. Without this, a prompt-injected agent could craft a feedback
+ * payload that pings arbitrary GitHub users when the user clicks "Submit".
+ * Inserting a zero-width space after `@` keeps the text readable while
+ * breaking the mention parser.
+ */
+function neutralizeMentions(input) {
+    return input.replace(/@/g, "@\u200B");
+}
+/** Escape triple-backticks so agent-supplied strings can't break out of fenced code blocks. */
+function escapeCodeFences(input) {
+    return input.replace(/```/g, "`\u200B``");
+}
+export { requestCapabilityInput };
+export async function requestCapability(args) {
+    const { summary, description, category, context, agentName } = args;
+    const hash = hashPayload(summary, description);
+    const check = checkAndRecord(hash);
+    if (!check.ok) {
+        const err = new Error(check.reason);
+        if ("retryAfterSeconds" in check && check.retryAfterSeconds !== undefined) {
+            err.retryAfterSeconds = check.retryAfterSeconds;
+        }
+        throw err;
+    }
+    const title = `[agent-request] ${summary}`;
+    const body = buildIssueBody({ description, category, context, agentName });
+    const labels = [ISSUE_LABEL, category].filter((v) => Boolean(v));
+    const payload = { title, body, labels };
+    const endpoint = process.env.RECON_FEEDBACK_ENDPOINT?.trim();
+    if (endpoint) {
+        if (!/^https:\/\//i.test(endpoint)) {
+            throw new Error("RECON_FEEDBACK_ENDPOINT must be an https:// URL. Refusing to submit over plaintext.");
+        }
+        return await postToEndpoint(endpoint, payload);
+    }
+    const { url: issueUrl, truncated } = buildPrefilledIssueUrl(payload);
+    return {
+        status: "prefilled_url",
+        message: "No data has been transmitted. Show this URL to the user — opening it prefills a GitHub issue on the recon-crypto-mcp repo; " +
+            "submission requires the user to click 'Submit new issue'." +
+            (truncated
+                ? " The issue body was truncated to fit GitHub's prefilled-URL length limit; tell the user to paste the full context into the issue before submitting."
+                : ""),
+        issueUrl,
+        repo: `${REPO_OWNER}/${REPO_NAME}`,
+        title,
+        labels,
+        bodyTruncated: truncated,
+        rateLimit: RATE_LIMITS,
+    };
+}
+function buildIssueBody(opts) {
+    const lines = [];
+    lines.push("### Description", "", neutralizeMentions(opts.description), "");
+    if (opts.category) {
+        lines.push(`**Category:** \`${opts.category}\``, "");
+    }
+    if (opts.context && Object.values(opts.context).some((v) => v)) {
+        lines.push("### Context");
+        if (opts.context.toolAttempted) {
+            lines.push(`- **Tool attempted:** \`${escapeCodeFences(opts.context.toolAttempted)}\``);
+        }
+        if (opts.context.chain) {
+            lines.push(`- **Chain:** ${neutralizeMentions(opts.context.chain)}`);
+        }
+        if (opts.context.errorObserved) {
+            const safe = escapeCodeFences(neutralizeMentions(opts.context.errorObserved));
+            lines.push("- **Error observed:**");
+            lines.push("  ```");
+            for (const l of safe.split("\n"))
+                lines.push(`  ${l}`);
+            lines.push("  ```");
+        }
+        lines.push("");
+    }
+    const agent = opts.agentName ? neutralizeMentions(opts.agentName) : undefined;
+    const footer = "_Submitted via the `request_capability` tool in recon-crypto-mcp by an AI agent" +
+        (agent ? ` (${agent})` : "") +
+        "._";
+    lines.push("---", footer);
+    return lines.join("\n");
+}
+function buildPrefilledIssueUrl(payload) {
+    const base = `https://github.com/${REPO_OWNER}/${REPO_NAME}/issues/new`;
+    const build = (body) => {
+        const params = new URLSearchParams({
+            title: payload.title,
+            body,
+            labels: payload.labels.join(","),
+        });
+        return `${base}?${params.toString()}`;
+    };
+    const fullUrl = build(payload.body);
+    if (Buffer.byteLength(fullUrl, "utf8") <= MAX_PREFILLED_URL_BYTES) {
+        return { url: fullUrl, truncated: false };
+    }
+    // Binary-search the largest body length whose resulting URL still fits. The
+    // relationship body-length → encoded-URL-length isn't strictly linear
+    // (high-byte chars encode as %XX%XX), so we don't guess a ratio.
+    let lo = 0;
+    let hi = payload.body.length;
+    while (lo < hi) {
+        const mid = Math.floor((lo + hi + 1) / 2);
+        const candidate = payload.body.slice(0, mid) + TRUNCATION_MARKER;
+        if (Buffer.byteLength(build(candidate), "utf8") <= MAX_PREFILLED_URL_BYTES) {
+            lo = mid;
+        }
+        else {
+            hi = mid - 1;
+        }
+    }
+    const trimmedBody = payload.body.slice(0, lo) + TRUNCATION_MARKER;
+    return { url: build(trimmedBody), truncated: true };
+}
+async function postToEndpoint(url, payload) {
+    const serialized = JSON.stringify(payload);
+    if (Buffer.byteLength(serialized, "utf8") > MAX_POST_BODY_BYTES) {
+        throw new Error(`Capability-request payload exceeds ${MAX_POST_BODY_BYTES} bytes after serialization. Trim the description.`);
+    }
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), POST_TIMEOUT_MS);
+    let res;
+    try {
+        res = await fetch(url, {
+            method: "POST",
+            headers: {
+                "content-type": "application/json",
+                "user-agent": USER_AGENT,
+            },
+            body: serialized,
+            signal: controller.signal,
+        });
+    }
+    finally {
+        clearTimeout(timeout);
+    }
+    if (!res.ok) {
+        const text = await res.text().catch(() => "");
+        throw new Error(`Capability-request endpoint returned ${res.status} ${res.statusText}${text ? `: ${text.slice(0, 200)}` : ""}`);
+    }
+    const data = await res.json().catch(() => null);
+    return {
+        status: "submitted",
+        endpoint: url,
+        response: data,
+        rateLimit: RATE_LIMITS,
+    };
+}
+//# sourceMappingURL=index.js.map

package/dist/modules/feedback/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/modules/feedback/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAA8B,MAAM,cAAc,CAAC;AAClF,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAE3E,MAAM,UAAU,GAAG,WAAW,CAAC;AAC/B,MAAM,SAAS,GAAG,kBAAkB,CAAC;AACrC,MAAM,WAAW,GAAG,eAAe,CAAC;AACpC,MAAM,UAAU,GAAG,2CAA2C,CAAC;AAC/D,MAAM,eAAe,GAAG,KAAK,CAAC;AAC9B,MAAM,mBAAmB,GAAG,MAAM,CAAC;AACnC,MAAM,uBAAuB,GAAG,IAAI,CAAC;AACrC,MAAM,iBAAiB,GACrB,+HAA+H,CAAC;AAElI;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,KAAa;IACvC,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;AACxC,CAAC;AAED,+FAA+F;AAC/F,SAAS,gBAAgB,CAAC,KAAa;IACrC,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;AAC5C,CAAC;AAED,OAAO,EAAE,sBAAsB,EAAE,CAAC;AAKlC,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAA2B;IACjE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACpE,MAAM,IAAI,GAAG,WAAW,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAE/C,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IACnC,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACd,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,CAA2C,CAAC;QAC9E,IAAI,mBAAmB,IAAI,KAAK,IAAI,KAAK,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;YAC1E,GAAG,CAAC,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,CAAC;QAClD,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,MAAM,KAAK,GAAG,mBAAmB,OAAO,EAAE,CAAC;IAC3C,MAAM,IAAI,GAAG,cAAc,CAAC,EAAE,WAAW,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9E,MAAM,OAAO,GAAiB,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAEtD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,IAAI,EAAE,CAAC;IAC7D,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,qFAAqF,CACtF,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,cAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;IACrE,OAAO;QACL,MAAM,EAAE,eAAwB;QAChC,OAAO,EACL,6HAA6H;YAC7H,2DAA2D;YAC3D,CAAC,SAAS;gBACR,CAAC,CAAC,qJAAqJ;gBACvJ,CAAC,CAAC,EAAE,CAAC;QACT,QAAQ;QACR,IAAI,EAAE,GAAG,UAAU,IAAI,SAAS,EAAE;QAClC,KAAK;QACL,MAAM;QACN,aAAa,EAAE,SAAS;QACxB,SAAS,EAAE,WAAW;KACvB,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,IAKvB;IACC,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,EAAE,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC;IAE5E,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,KAAK,CAAC,IAAI,CAAC,mBAAmB,IAAI,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,IAAI,IAAI,CAAC,OAAO,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1B,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YAC/B,KAAK,CAAC,IAAI,CACR,2BAA2B,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAC5E,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,gBAAgB,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACvE,CAAC;QACD,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,gBAAgB,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;YAC9E,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YACpC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACpB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACvD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACtB,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9E,MAAM,MAAM,GACV,iFAAiF;QACjF,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5B,IAAI,CAAC;IACP,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAC1B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,sBAAsB,CAAC,OAAqB;IACnD,MAAM,IAAI,GAAG,sBAAsB,UAAU,IAAI,SAAS,aAAa,CAAC;IACxE,MAAM,KAAK,GAAG,CAAC,IAAY,EAAU,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,IAAI;YACJ,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;SACjC,CAAC,CAAC;QACH,OAAO,GAAG,IAAI,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IACxC,CAAC,CAAC;IAEF,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACpC,IAAI,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,uBAAuB,EAAE,CAAC;QAClE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,4EAA4E;IAC5E,sEAAsE;IACtE,iEAAiE;IACjE,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,IAAI,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC;IAC7B,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC;QACf,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,iBAAiB,CAAC;QACjE,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,IAAI,uBAAuB,EAAE,CAAC;YAC3E,EAAE,GAAG,GAAG,CAAC;QACX,CAAC;aAAM,CAAC;YACN,EAAE,GAAG,GAAG,GAAG,CAAC,CAAC;QACf,CAAC;IACH,CAAC;IACD,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,iBAAiB,CAAC;IAClE,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;AACtD,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,GAAW,EAAE,OAAqB;IAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IAC3C,IAAI,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,MAAM,CAAC,GAAG,mBAAmB,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CACb,sCAAsC,mBAAmB,mDAAmD,CAC7G,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,eAAe,CAAC,CAAC;IACtE,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YACrB,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,YAAY,EAAE,UAAU;aACzB;YACD,IAAI,EAAE,UAAU;YAChB,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;IACL,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;IAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QAC9C,MAAM,IAAI,KAAK,CACb,wCAAwC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,GAClE,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EACrC,EAAE,CACH,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAY,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IACzD,OAAO;QACL,MAAM,EAAE,WAAoB;QAC5B,QAAQ,EAAE,GAAG;QACb,QAAQ,EAAE,IAAI;QACd,SAAS,EAAE,WAAW;KACvB,CAAC;AACJ,CAAC"}

package/dist/modules/feedback/rate-limit.d.ts

@@ -0,0 +1,15 @@
+export declare const RATE_LIMITS: {
+    readonly minIntervalSeconds: number;
+    readonly perHour: 3;
+    readonly perDay: 10;
+    readonly dedupeWindowDays: number;
+};
+export declare function hashPayload(summary: string, description: string): string;
+export type RateLimitResult = {
+    ok: true;
+} | {
+    ok: false;
+    reason: string;
+    retryAfterSeconds?: number;
+};
+export declare function checkAndRecord(hash: string, now?: number): RateLimitResult;

package/dist/modules/feedback/rate-limit.js

@@ -0,0 +1,110 @@
+import { createHash } from "node:crypto";
+import { existsSync, lstatSync, mkdirSync, readFileSync, writeFileSync, } from "node:fs";
+import { homedir } from "node:os";
+import { dirname, join } from "node:path";
+/**
+ * The state-file path is computed lazily from an env-var override so tests can
+ * redirect writes into a temp dir. Default: `~/.recon-crypto-mcp/feedback-log.json`.
+ */
+function getStateFilePath() {
+    return (process.env.RECON_FEEDBACK_STATE_FILE ??
+        join(homedir(), ".recon-crypto-mcp", "feedback-log.json"));
+}
+const MIN_INTERVAL_MS = 30_000;
+const MAX_PER_HOUR = 3;
+const MAX_PER_DAY = 10;
+const DEDUPE_WINDOW_MS = 7 * 24 * 60 * 60 * 1000;
+const RETENTION_MS = 30 * 24 * 60 * 60 * 1000;
+const MAX_EVENTS_STORED = 200;
+export const RATE_LIMITS = {
+    minIntervalSeconds: MIN_INTERVAL_MS / 1000,
+    perHour: MAX_PER_HOUR,
+    perDay: MAX_PER_DAY,
+    dedupeWindowDays: DEDUPE_WINDOW_MS / (24 * 60 * 60 * 1000),
+};
+export function hashPayload(summary, description) {
+    return createHash("sha256")
+        .update(`${summary.trim().toLowerCase()}\n${description.trim().toLowerCase()}`)
+        .digest("hex")
+        .slice(0, 16);
+}
+export function checkAndRecord(hash, now = Date.now()) {
+    const events = readEvents();
+    const last = events.length > 0 ? events[events.length - 1] : undefined;
+    if (last && now - last.ts < MIN_INTERVAL_MS) {
+        const retry = Math.ceil((MIN_INTERVAL_MS - (now - last.ts)) / 1000);
+        return {
+            ok: false,
+            reason: `Too many capability requests in quick succession. Wait ${retry}s between calls.`,
+            retryAfterSeconds: retry,
+        };
+    }
+    const hourAgo = now - 60 * 60 * 1000;
+    if (events.filter((e) => e.ts > hourAgo).length >= MAX_PER_HOUR) {
+        return {
+            ok: false,
+            reason: `Hourly capability-request limit (${MAX_PER_HOUR}/hour) reached. Try again later.`,
+        };
+    }
+    const dayAgo = now - 24 * 60 * 60 * 1000;
+    if (events.filter((e) => e.ts > dayAgo).length >= MAX_PER_DAY) {
+        return {
+            ok: false,
+            reason: `Daily capability-request limit (${MAX_PER_DAY}/24h) reached. Try again tomorrow.`,
+        };
+    }
+    const dedupeAgo = now - DEDUPE_WINDOW_MS;
+    if (events.some((e) => e.hash === hash && e.ts > dedupeAgo)) {
+        return {
+            ok: false,
+            reason: "An equivalent capability request (same summary + description) was already submitted in the last 7 days. " +
+                "Refine the summary/description with new information, or wait for triage.",
+        };
+    }
+    const next = [...events, { ts: now, hash }];
+    const retentionCutoff = now - RETENTION_MS;
+    const pruned = next.filter((e) => e.ts > retentionCutoff).slice(-MAX_EVENTS_STORED);
+    writeEvents(pruned);
+    return { ok: true };
+}
+function readEvents() {
+    const stateFile = getStateFilePath();
+    if (!existsSync(stateFile))
+        return [];
+    try {
+        const raw = readFileSync(stateFile, "utf8");
+        const parsed = JSON.parse(raw);
+        if (!Array.isArray(parsed))
+            return [];
+        return parsed.filter((e) => typeof e === "object" &&
+            e !== null &&
+            Number.isFinite(e.ts) &&
+            typeof e.hash === "string" &&
+            e.hash.length > 0);
+    }
+    catch {
+        return [];
+    }
+}
+/**
+ * Writes the event log atomically. Throws on any condition that would make the
+ * rate limiter silently lose state (refused symlink, EPERM, etc.) — callers
+ * MUST propagate, so a failed write fails the capability-request outright
+ * rather than letting it proceed with no counter increment (fail-closed).
+ */
+function writeEvents(events) {
+    const stateFile = getStateFilePath();
+    const dir = dirname(stateFile);
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true, mode: 0o700 });
+    }
+    if (existsSync(stateFile)) {
+        const st = lstatSync(stateFile);
+        if (!st.isFile() || st.isSymbolicLink() || st.nlink > 1) {
+            throw new Error(`Refusing to write feedback rate-limit log at ${stateFile}: path is a symlink, hardlink, or non-regular file. ` +
+                `Inspect it manually and remove it to restore DDoS protection.`);
+        }
+    }
+    writeFileSync(stateFile, JSON.stringify(events, null, 2) + "\n", { mode: 0o600 });
+}
+//# sourceMappingURL=rate-limit.js.map

package/dist/modules/feedback/rate-limit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.js","sourceRoot":"","sources":["../../../src/modules/feedback/rate-limit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EACL,UAAU,EACV,SAAS,EACT,SAAS,EACT,YAAY,EACZ,aAAa,GACd,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAI1C;;;GAGG;AACH,SAAS,gBAAgB;IACvB,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACrC,IAAI,CAAC,OAAO,EAAE,EAAE,mBAAmB,EAAE,mBAAmB,CAAC,CAC1D,CAAC;AACJ,CAAC;AAED,MAAM,eAAe,GAAG,MAAM,CAAC;AAC/B,MAAM,YAAY,GAAG,CAAC,CAAC;AACvB,MAAM,WAAW,GAAG,EAAE,CAAC;AACvB,MAAM,gBAAgB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AACjD,MAAM,YAAY,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAC9C,MAAM,iBAAiB,GAAG,GAAG,CAAC;AAE9B,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,kBAAkB,EAAE,eAAe,GAAG,IAAI;IAC1C,OAAO,EAAE,YAAY;IACrB,MAAM,EAAE,WAAW;IACnB,gBAAgB,EAAE,gBAAgB,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;CAClD,CAAC;AAEX,MAAM,UAAU,WAAW,CAAC,OAAe,EAAE,WAAmB;IAC9D,OAAO,UAAU,CAAC,QAAQ,CAAC;SACxB,MAAM,CAAC,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;SAC9E,MAAM,CAAC,KAAK,CAAC;SACb,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AAMD,MAAM,UAAU,cAAc,CAAC,IAAY,EAAE,MAAc,IAAI,CAAC,GAAG,EAAE;IACnE,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAE5B,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACvE,IAAI,IAAI,IAAI,GAAG,GAAG,IAAI,CAAC,EAAE,GAAG,eAAe,EAAE,CAAC;QAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,eAAe,GAAG,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACpE,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,0DAA0D,KAAK,kBAAkB;YACzF,iBAAiB,EAAE,KAAK;SACzB,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACrC,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,CAAC,CAAC,MAAM,IAAI,YAAY,EAAE,CAAC;QAChE,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,oCAAoC,YAAY,kCAAkC;SAC3F,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACzC,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,MAAM,IAAI,WAAW,EAAE,CAAC;QAC9D,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mCAAmC,WAAW,oCAAoC;SAC3F,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,GAAG,GAAG,gBAAgB,CAAC;IACzC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CAAC,CAAC,EAAE,GAAG,SAAS,CAAC,EAAE,CAAC;QAC5D,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EACJ,0GAA0G;gBAC1G,0EAA0E;SAC7E,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAoB,CAAC,GAAG,MAAM,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7D,MAAM,eAAe,GAAG,GAAG,GAAG,YAAY,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,eAAe,CAAC,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC;IACpF,WAAW,CAAC,MAAM,CAAC,CAAC;IAEpB,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;AACtB,CAAC;AAED,SAAS,UAAU;IACjB,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;IACrC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,EAAE,CAAC;IACtC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QAC5C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;YAAE,OAAO,EAAE,CAAC;QACtC,OAAO,MAAM,CAAC,MAAM,CAClB,CAAC,CAAC,EAAsB,EAAE,CACxB,OAAO,CAAC,KAAK,QAAQ;YACrB,CAAC,KAAK,IAAI;YACV,MAAM,CAAC,QAAQ,CAAE,CAAmB,CAAC,EAAE,CAAC;YACxC,OAAQ,CAAmB,CAAC,IAAI,KAAK,QAAQ;YAC5C,CAAmB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CACvC,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,WAAW,CAAC,MAAuB;IAC1C,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;IACrC,MAAM,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAC/B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACnD,CAAC;IACD,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC1B,MAAM,EAAE,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC;QAChC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,cAAc,EAAE,IAAI,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;YACxD,MAAM,IAAI,KAAK,CACb,gDAAgD,SAAS,sDAAsD;gBAC7G,+DAA+D,CAClE,CAAC;QACJ,CAAC;IACH,CAAC;IACD,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AACpF,CAAC"}

package/dist/modules/feedback/schemas.d.ts

@@ -0,0 +1,41 @@
+import { z } from "zod";
+export declare const requestCapabilityInput: z.ZodObject<{
+    summary: z.ZodString;
+    description: z.ZodString;
+    category: z.ZodOptional<z.ZodEnum<["new_protocol", "new_chain", "tool_gap", "bug_report", "other"]>>;
+    context: z.ZodOptional<z.ZodObject<{
+        toolAttempted: z.ZodOptional<z.ZodString>;
+        chain: z.ZodOptional<z.ZodString>;
+        errorObserved: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        chain?: string | undefined;
+        toolAttempted?: string | undefined;
+        errorObserved?: string | undefined;
+    }, {
+        chain?: string | undefined;
+        toolAttempted?: string | undefined;
+        errorObserved?: string | undefined;
+    }>>;
+    agentName: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    description: string;
+    summary: string;
+    category?: "new_protocol" | "new_chain" | "tool_gap" | "bug_report" | "other" | undefined;
+    context?: {
+        chain?: string | undefined;
+        toolAttempted?: string | undefined;
+        errorObserved?: string | undefined;
+    } | undefined;
+    agentName?: string | undefined;
+}, {
+    description: string;
+    summary: string;
+    category?: "new_protocol" | "new_chain" | "tool_gap" | "bug_report" | "other" | undefined;
+    context?: {
+        chain?: string | undefined;
+        toolAttempted?: string | undefined;
+        errorObserved?: string | undefined;
+    } | undefined;
+    agentName?: string | undefined;
+}>;
+export type RequestCapabilityArgs = z.infer<typeof requestCapabilityInput>;

package/dist/modules/feedback/schemas.js

@@ -0,0 +1,40 @@
+import { z } from "zod";
+export const requestCapabilityInput = z.object({
+    summary: z
+        .string()
+        .trim()
+        .min(10)
+        .max(120)
+        .describe("One-line title of the missing capability (used as the GitHub issue title). E.g. 'Support Aerodrome LP positions on Base' or 'Add Pendle PT/YT position reader'."),
+    description: z
+        .string()
+        .trim()
+        .min(20)
+        .max(4000)
+        .describe("What the user asked for, what the agent tried, what's missing, and why the existing tools don't cover it. Include protocol name, chain, contract addresses, and a concrete example if relevant."),
+    category: z
+        .enum(["new_protocol", "new_chain", "tool_gap", "bug_report", "other"])
+        .optional()
+        .describe("Rough bucket to help triage."),
+    context: z
+        .object({
+        toolAttempted: z
+            .string()
+            .max(100)
+            .optional()
+            .describe("Name of the recon-crypto-mcp tool the agent tried first, if any."),
+        chain: z.string().max(50).optional().describe("Chain involved, if relevant."),
+        errorObserved: z
+            .string()
+            .max(800)
+            .optional()
+            .describe("Error message or unexpected output from an existing tool."),
+    })
+        .optional(),
+    agentName: z
+        .string()
+        .max(80)
+        .optional()
+        .describe("MCP client identifier (e.g. 'Claude Code', 'Cursor'). Helps triage."),
+});
+//# sourceMappingURL=schemas.js.map

package/dist/modules/feedback/schemas.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../../../src/modules/feedback/schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7C,OAAO,EAAE,CAAC;SACP,MAAM,EAAE;SACR,IAAI,EAAE;SACN,GAAG,CAAC,EAAE,CAAC;SACP,GAAG,CAAC,GAAG,CAAC;SACR,QAAQ,CACP,iKAAiK,CAClK;IACH,WAAW,EAAE,CAAC;SACX,MAAM,EAAE;SACR,IAAI,EAAE;SACN,GAAG,CAAC,EAAE,CAAC;SACP,GAAG,CAAC,IAAI,CAAC;SACT,QAAQ,CACP,iMAAiM,CAClM;IACH,QAAQ,EAAE,CAAC;SACR,IAAI,CAAC,CAAC,cAAc,EAAE,WAAW,EAAE,UAAU,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;SACtE,QAAQ,EAAE;SACV,QAAQ,CAAC,8BAA8B,CAAC;IAC3C,OAAO,EAAE,CAAC;SACP,MAAM,CAAC;QACN,aAAa,EAAE,CAAC;aACb,MAAM,EAAE;aACR,GAAG,CAAC,GAAG,CAAC;aACR,QAAQ,EAAE;aACV,QAAQ,CAAC,kEAAkE,CAAC;QAC/E,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8BAA8B,CAAC;QAC7E,aAAa,EAAE,CAAC;aACb,MAAM,EAAE;aACR,GAAG,CAAC,GAAG,CAAC;aACR,QAAQ,EAAE;aACV,QAAQ,CAAC,2DAA2D,CAAC;KACzE,CAAC;SACD,QAAQ,EAAE;IACb,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,GAAG,CAAC,EAAE,CAAC;SACP,QAAQ,EAAE;SACV,QAAQ,CAAC,qEAAqE,CAAC;CACnF,CAAC,CAAC"}

package/dist/modules/morpho/actions.d.ts

@@ -0,0 +1,8 @@
+import type { PrepareMorphoSupplyArgs, PrepareMorphoWithdrawArgs, PrepareMorphoBorrowArgs, PrepareMorphoRepayArgs, PrepareMorphoSupplyCollateralArgs, PrepareMorphoWithdrawCollateralArgs } from "./schemas.js";
+import type { UnsignedTx } from "../../types/index.js";
+export declare function buildMorphoSupply(p: PrepareMorphoSupplyArgs): Promise<UnsignedTx>;
+export declare function buildMorphoWithdraw(p: PrepareMorphoWithdrawArgs): Promise<UnsignedTx>;
+export declare function buildMorphoBorrow(p: PrepareMorphoBorrowArgs): Promise<UnsignedTx>;
+export declare function buildMorphoRepay(p: PrepareMorphoRepayArgs): Promise<UnsignedTx>;
+export declare function buildMorphoSupplyCollateral(p: PrepareMorphoSupplyCollateralArgs): Promise<UnsignedTx>;
+export declare function buildMorphoWithdrawCollateral(p: PrepareMorphoWithdrawCollateralArgs): Promise<UnsignedTx>;

package/dist/modules/morpho/actions.js

@@ -0,0 +1,265 @@
+import { encodeFunctionData, parseUnits } from "viem";
+import { morphoBlueAbi } from "../../abis/morpho-blue.js";
+import { erc20Abi } from "../../abis/erc20.js";
+import { getClient } from "../../data/rpc.js";
+import { CONTRACTS } from "../../config/contracts.js";
+import { buildApprovalTx, resolveApprovalCap } from "../shared/approval.js";
+function morphoAddress(chain) {
+    const addr = CONTRACTS[chain]?.morpho
+        ?.blue;
+    if (!addr)
+        throw new Error(`Morpho Blue is not deployed on ${chain}`);
+    return addr;
+}
+async function resolveMarketParams(chain, marketId) {
+    const client = getClient(chain);
+    const morpho = morphoAddress(chain);
+    const result = (await client.readContract({
+        address: morpho,
+        abi: morphoBlueAbi,
+        functionName: "idToMarketParams",
+        args: [marketId],
+    }));
+    const [loanToken, collateralToken, oracle, irm, lltv] = result;
+    if (loanToken === "0x0000000000000000000000000000000000000000") {
+        throw new Error(`Unknown Morpho market id ${marketId} on ${chain}`);
+    }
+    return { loanToken, collateralToken, oracle, irm, lltv };
+}
+async function tokenMeta(chain, asset) {
+    const client = getClient(chain);
+    const [decimals, symbol] = await client.multicall({
+        contracts: [
+            { address: asset, abi: erc20Abi, functionName: "decimals" },
+            { address: asset, abi: erc20Abi, functionName: "symbol" },
+        ],
+        allowFailure: false,
+    });
+    return { decimals: Number(decimals), symbol: symbol };
+}
+function paramsTuple(p) {
+    return {
+        loanToken: p.loanToken,
+        collateralToken: p.collateralToken,
+        oracle: p.oracle,
+        irm: p.irm,
+        lltv: p.lltv,
+    };
+}
+export async function buildMorphoSupply(p) {
+    const chain = p.chain;
+    const wallet = p.wallet;
+    const morpho = morphoAddress(chain);
+    const params = await resolveMarketParams(chain, p.marketId);
+    const meta = await tokenMeta(chain, params.loanToken);
+    const amountWei = parseUnits(p.amount, meta.decimals);
+    const { approvalAmount, display } = resolveApprovalCap(p.approvalCap, amountWei, meta.decimals);
+    const approval = await buildApprovalTx({
+        chain,
+        wallet,
+        asset: params.loanToken,
+        spender: morpho,
+        amountWei,
+        approvalAmount,
+        approvalDisplay: display,
+        symbol: meta.symbol,
+        spenderLabel: "Morpho Blue",
+    });
+    const supplyTx = {
+        chain,
+        to: morpho,
+        data: encodeFunctionData({
+            abi: morphoBlueAbi,
+            functionName: "supply",
+            args: [paramsTuple(params), amountWei, 0n, wallet, "0x"],
+        }),
+        value: "0",
+        from: wallet,
+        description: `Supply ${p.amount} ${meta.symbol} to Morpho Blue market ${p.marketId} on ${chain}`,
+        decoded: {
+            functionName: "supply",
+            args: { marketId: p.marketId, amount: p.amount, onBehalf: wallet },
+        },
+    };
+    if (approval) {
+        let tail = approval;
+        while (tail.next)
+            tail = tail.next;
+        tail.next = supplyTx;
+        return approval;
+    }
+    return supplyTx;
+}
+export async function buildMorphoWithdraw(p) {
+    const chain = p.chain;
+    const wallet = p.wallet;
+    const morpho = morphoAddress(chain);
+    const params = await resolveMarketParams(chain, p.marketId);
+    const meta = await tokenMeta(chain, params.loanToken);
+    // "max" withdraw is encoded as shares=MaxUint256/2 would exceed position; safer to ask by assets with
+    // a very large number. Morpho reverts on overdraw, so callers should read their position first.
+    // Here we only support explicit amounts for withdraw.
+    if (p.amount === "max") {
+        throw new Error(`"max" is not supported for Morpho withdraw — read position and pass an explicit amount.`);
+    }
+    const amountWei = parseUnits(p.amount, meta.decimals);
+    return {
+        chain,
+        to: morpho,
+        data: encodeFunctionData({
+            abi: morphoBlueAbi,
+            functionName: "withdraw",
+            args: [paramsTuple(params), amountWei, 0n, wallet, wallet],
+        }),
+        value: "0",
+        from: wallet,
+        description: `Withdraw ${p.amount} ${meta.symbol} from Morpho Blue market ${p.marketId} on ${chain}`,
+        decoded: {
+            functionName: "withdraw",
+            args: { marketId: p.marketId, amount: p.amount, receiver: wallet },
+        },
+    };
+}
+export async function buildMorphoBorrow(p) {
+    const chain = p.chain;
+    const wallet = p.wallet;
+    const morpho = morphoAddress(chain);
+    const params = await resolveMarketParams(chain, p.marketId);
+    const meta = await tokenMeta(chain, params.loanToken);
+    const amountWei = parseUnits(p.amount, meta.decimals);
+    return {
+        chain,
+        to: morpho,
+        data: encodeFunctionData({
+            abi: morphoBlueAbi,
+            functionName: "borrow",
+            args: [paramsTuple(params), amountWei, 0n, wallet, wallet],
+        }),
+        value: "0",
+        from: wallet,
+        description: `Borrow ${p.amount} ${meta.symbol} from Morpho Blue market ${p.marketId} on ${chain}`,
+        decoded: {
+            functionName: "borrow",
+            args: { marketId: p.marketId, amount: p.amount, receiver: wallet },
+        },
+    };
+}
+export async function buildMorphoRepay(p) {
+    const chain = p.chain;
+    const wallet = p.wallet;
+    const morpho = morphoAddress(chain);
+    const params = await resolveMarketParams(chain, p.marketId);
+    const meta = await tokenMeta(chain, params.loanToken);
+    if (p.amount === "max") {
+        throw new Error(`"max" is not supported for Morpho repay — read borrowShares and pass an explicit amount.`);
+    }
+    const amountWei = parseUnits(p.amount, meta.decimals);
+    const { approvalAmount, display } = resolveApprovalCap(p.approvalCap, amountWei, meta.decimals);
+    const approval = await buildApprovalTx({
+        chain,
+        wallet,
+        asset: params.loanToken,
+        spender: morpho,
+        amountWei,
+        approvalAmount,
+        approvalDisplay: display,
+        symbol: meta.symbol,
+        spenderLabel: "Morpho Blue",
+    });
+    const repayTx = {
+        chain,
+        to: morpho,
+        data: encodeFunctionData({
+            abi: morphoBlueAbi,
+            functionName: "repay",
+            args: [paramsTuple(params), amountWei, 0n, wallet, "0x"],
+        }),
+        value: "0",
+        from: wallet,
+        description: `Repay ${p.amount} ${meta.symbol} to Morpho Blue market ${p.marketId} on ${chain}`,
+        decoded: {
+            functionName: "repay",
+            args: { marketId: p.marketId, amount: p.amount, onBehalf: wallet },
+        },
+    };
+    if (approval) {
+        let tail = approval;
+        while (tail.next)
+            tail = tail.next;
+        tail.next = repayTx;
+        return approval;
+    }
+    return repayTx;
+}
+export async function buildMorphoSupplyCollateral(p) {
+    const chain = p.chain;
+    const wallet = p.wallet;
+    const morpho = morphoAddress(chain);
+    const params = await resolveMarketParams(chain, p.marketId);
+    const meta = await tokenMeta(chain, params.collateralToken);
+    const amountWei = parseUnits(p.amount, meta.decimals);
+    const { approvalAmount, display } = resolveApprovalCap(p.approvalCap, amountWei, meta.decimals);
+    const approval = await buildApprovalTx({
+        chain,
+        wallet,
+        asset: params.collateralToken,
+        spender: morpho,
+        amountWei,
+        approvalAmount,
+        approvalDisplay: display,
+        symbol: meta.symbol,
+        spenderLabel: "Morpho Blue",
+    });
+    const tx = {
+        chain,
+        to: morpho,
+        data: encodeFunctionData({
+            abi: morphoBlueAbi,
+            functionName: "supplyCollateral",
+            args: [paramsTuple(params), amountWei, wallet, "0x"],
+        }),
+        value: "0",
+        from: wallet,
+        description: `Supply ${p.amount} ${meta.symbol} as collateral to Morpho Blue market ${p.marketId} on ${chain}`,
+        decoded: {
+            functionName: "supplyCollateral",
+            args: { marketId: p.marketId, amount: p.amount, onBehalf: wallet },
+        },
+    };
+    if (approval) {
+        let tail = approval;
+        while (tail.next)
+            tail = tail.next;
+        tail.next = tx;
+        return approval;
+    }
+    return tx;
+}
+export async function buildMorphoWithdrawCollateral(p) {
+    const chain = p.chain;
+    const wallet = p.wallet;
+    const morpho = morphoAddress(chain);
+    const params = await resolveMarketParams(chain, p.marketId);
+    const meta = await tokenMeta(chain, params.collateralToken);
+    if (p.amount === "max") {
+        throw new Error(`"max" is not supported for Morpho withdrawCollateral — read position.collateral and pass an explicit amount.`);
+    }
+    const amountWei = parseUnits(p.amount, meta.decimals);
+    return {
+        chain,
+        to: morpho,
+        data: encodeFunctionData({
+            abi: morphoBlueAbi,
+            functionName: "withdrawCollateral",
+            args: [paramsTuple(params), amountWei, wallet, wallet],
+        }),
+        value: "0",
+        from: wallet,
+        description: `Withdraw ${p.amount} ${meta.symbol} collateral from Morpho Blue market ${p.marketId} on ${chain}`,
+        decoded: {
+            functionName: "withdrawCollateral",
+            args: { marketId: p.marketId, amount: p.amount, receiver: wallet },
+        },
+    };
+}
+//# sourceMappingURL=actions.js.map