safehands-pharos 1.3.0 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +64 -26
- package/README.md +333 -445
- package/dist/cli.d.ts +5 -5
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +124 -98
- package/dist/cli.js.map +1 -1
- package/dist/demo.d.ts +1 -1
- package/dist/demo.js +171 -171
- package/dist/index.d.ts +2 -2
- package/dist/index.js +138 -85
- package/dist/index.js.map +1 -1
- package/dist/init.d.ts +1 -1
- package/dist/init.js +65 -65
- package/dist/lib/auditLog.d.ts +9 -0
- package/dist/lib/auditLog.d.ts.map +1 -0
- package/dist/lib/auditLog.js +30 -0
- package/dist/lib/auditLog.js.map +1 -0
- package/dist/lib/constants.d.ts +291 -291
- package/dist/lib/constants.js +292 -292
- package/dist/lib/dodoApi.d.ts +78 -70
- package/dist/lib/dodoApi.d.ts.map +1 -1
- package/dist/lib/dodoApi.js +196 -178
- package/dist/lib/dodoApi.js.map +1 -1
- package/dist/lib/http.d.ts +14 -14
- package/dist/lib/http.js +118 -118
- package/dist/lib/pharosClient.d.ts +58 -58
- package/dist/lib/pharosClient.d.ts.map +1 -1
- package/dist/lib/pharosClient.js +63 -53
- package/dist/lib/pharosClient.js.map +1 -1
- package/dist/lib/policy/actionPolicyEngine.d.ts +53 -53
- package/dist/lib/policy/actionPolicyEngine.js +212 -212
- package/dist/lib/riskEngine.d.ts +26 -26
- package/dist/lib/riskEngine.js +283 -283
- package/dist/lib/signer/index.d.ts +24 -24
- package/dist/lib/signer/index.d.ts.map +1 -1
- package/dist/lib/signer/index.js +88 -89
- package/dist/lib/signer/index.js.map +1 -1
- package/dist/lib/spendAccumulator.d.ts +10 -0
- package/dist/lib/spendAccumulator.d.ts.map +1 -0
- package/dist/lib/spendAccumulator.js +54 -0
- package/dist/lib/spendAccumulator.js.map +1 -0
- package/dist/lib/testDodoLive.d.ts +1 -1
- package/dist/lib/testDodoLive.js +104 -104
- package/dist/lib/testLiveSafehands.d.ts +1 -1
- package/dist/lib/testLiveSafehands.js +92 -92
- package/dist/lib/testRpc.d.ts +1 -1
- package/dist/lib/testRpc.js +29 -29
- package/dist/lib/testRpcLive.d.ts +1 -1
- package/dist/lib/testRpcLive.js +88 -88
- package/dist/lib/testTools.d.ts +1 -1
- package/dist/lib/testTools.js +397 -397
- package/dist/lib/testX402Live.d.ts +1 -1
- package/dist/lib/testX402Live.js +159 -159
- package/dist/lib/toolResponse.d.ts +25 -25
- package/dist/lib/toolResponse.js +53 -53
- package/dist/lib/wallet/index.d.ts +37 -18
- package/dist/lib/wallet/index.d.ts.map +1 -1
- package/dist/lib/wallet/index.js +128 -70
- package/dist/lib/wallet/index.js.map +1 -1
- package/dist/scripts/checkDeploy.d.ts +1 -1
- package/dist/scripts/checkDeploy.js +24 -24
- package/dist/scripts/deployRegistry.d.ts +1 -1
- package/dist/scripts/deployRegistry.js +100 -100
- package/dist/scripts/testRegistry.d.ts +1 -1
- package/dist/scripts/testRegistry.js +43 -43
- package/dist/tools/approveToken.d.ts +45 -46
- package/dist/tools/approveToken.d.ts.map +1 -1
- package/dist/tools/approveToken.js +85 -83
- package/dist/tools/approveToken.js.map +1 -1
- package/dist/tools/assessRisk.d.ts +79 -79
- package/dist/tools/assessRisk.d.ts.map +1 -1
- package/dist/tools/assessRisk.js +104 -93
- package/dist/tools/assessRisk.js.map +1 -1
- package/dist/tools/checkAllowance.d.ts +43 -36
- package/dist/tools/checkAllowance.d.ts.map +1 -1
- package/dist/tools/checkAllowance.js +56 -42
- package/dist/tools/checkAllowance.js.map +1 -1
- package/dist/tools/checkTokenSecurity.d.ts +46 -46
- package/dist/tools/checkTokenSecurity.d.ts.map +1 -1
- package/dist/tools/checkTokenSecurity.js +95 -88
- package/dist/tools/checkTokenSecurity.js.map +1 -1
- package/dist/tools/createAgentWallet.d.ts +26 -26
- package/dist/tools/createAgentWallet.d.ts.map +1 -1
- package/dist/tools/createAgentWallet.js +58 -59
- package/dist/tools/createAgentWallet.js.map +1 -1
- package/dist/tools/estimateGas.d.ts +79 -79
- package/dist/tools/estimateGas.js +124 -124
- package/dist/tools/executeSwap.d.ts +61 -59
- package/dist/tools/executeSwap.d.ts.map +1 -1
- package/dist/tools/executeSwap.js +141 -129
- package/dist/tools/executeSwap.js.map +1 -1
- package/dist/tools/explainRisk.d.ts +29 -29
- package/dist/tools/explainRisk.js +32 -32
- package/dist/tools/getAgentWallet.d.ts +21 -21
- package/dist/tools/getAgentWallet.js +27 -27
- package/dist/tools/getAgentWalletBalance.d.ts +11 -11
- package/dist/tools/getAgentWalletBalance.js +70 -70
- package/dist/tools/getExecutionHistory.d.ts +49 -51
- package/dist/tools/getExecutionHistory.d.ts.map +1 -1
- package/dist/tools/getExecutionHistory.js +154 -93
- package/dist/tools/getExecutionHistory.js.map +1 -1
- package/dist/tools/getGasPrice.d.ts +43 -43
- package/dist/tools/getGasPrice.js +59 -59
- package/dist/tools/getPoolInfo.d.ts +75 -75
- package/dist/tools/getPoolInfo.js +137 -137
- package/dist/tools/getTokenPrice.d.ts +113 -113
- package/dist/tools/getTokenPrice.js +117 -117
- package/dist/tools/getTransactionStatus.d.ts +43 -57
- package/dist/tools/getTransactionStatus.d.ts.map +1 -1
- package/dist/tools/getTransactionStatus.js +59 -67
- package/dist/tools/getTransactionStatus.js.map +1 -1
- package/dist/tools/getWalletBalance.d.ts +68 -68
- package/dist/tools/getWalletBalance.js +87 -87
- package/dist/tools/publishRiskScore.d.ts +63 -63
- package/dist/tools/publishRiskScore.d.ts.map +1 -1
- package/dist/tools/publishRiskScore.js +88 -85
- package/dist/tools/publishRiskScore.js.map +1 -1
- package/dist/tools/queryRiskRegistry.d.ts +38 -48
- package/dist/tools/queryRiskRegistry.d.ts.map +1 -1
- package/dist/tools/queryRiskRegistry.js +55 -60
- package/dist/tools/queryRiskRegistry.js.map +1 -1
- package/dist/tools/safehandsPreflightCheck.d.ts +77 -77
- package/dist/tools/safehandsPreflightCheck.js +47 -47
- package/dist/tools/safehandsRiskReport.d.ts +81 -81
- package/dist/tools/safehandsRiskReport.js +28 -28
- package/dist/tools/safehandsSafeExecute.d.ts +20 -20
- package/dist/tools/safehandsSafeExecute.d.ts.map +1 -1
- package/dist/tools/safehandsSafeExecute.js +81 -75
- package/dist/tools/safehandsSafeExecute.js.map +1 -1
- package/dist/tools/safehandsWalletHealth.d.ts +14 -14
- package/dist/tools/safehandsWalletHealth.js +103 -103
- package/dist/tools/safehandsX402Preflight.d.ts +26 -26
- package/dist/tools/safehandsX402Preflight.js +65 -65
- package/dist/tools/sendPayment.d.ts +57 -58
- package/dist/tools/sendPayment.d.ts.map +1 -1
- package/dist/tools/sendPayment.js +117 -108
- package/dist/tools/sendPayment.js.map +1 -1
- package/dist/tools/simulateTransaction.d.ts +60 -81
- package/dist/tools/simulateTransaction.d.ts.map +1 -1
- package/dist/tools/simulateTransaction.js +83 -88
- package/dist/tools/simulateTransaction.js.map +1 -1
- package/dist/tools/tokenRegistryStatus.d.ts +26 -26
- package/dist/tools/tokenRegistryStatus.js +96 -96
- package/dist/tools/x402PayAndFetch.d.ts +81 -81
- package/dist/tools/x402PayAndFetch.d.ts.map +1 -1
- package/dist/tools/x402PayAndFetch.js +152 -149
- package/dist/tools/x402PayAndFetch.js.map +1 -1
- package/dist/x402Server.d.ts +1 -1
- package/dist/x402Server.js +252 -252
- package/examples/dashboard/index.html +337 -0
- package/package.json +83 -84
- package/.agents/skill/safehands/SKILL.md +0 -212
- package/.agents/skill/safehands/assets/networks.json +0 -24
- package/.agents/skill/safehands/assets/tokens.json +0 -66
- package/.agents/wallets.json +0 -20
- package/docs/reports/OFFICIAL_DOCS_ALIGNMENT_REPORT.md +0 -137
- package/docs/reports/final_audit_report.md +0 -307
- package/docs/reports/live_verification_report.md +0 -147
- package/docs/reports/pharos_skill_engine_alignment_report.md +0 -85
|
@@ -1,104 +1,104 @@
|
|
|
1
|
-
// ─── Tool: safehands_wallet_health ─────────────────────────────────────
|
|
2
|
-
// Checks whether an AI agent wallet is ready for guarded testnet actions.
|
|
3
|
-
// ───────────────────────────────────────────────────────────────────────
|
|
4
|
-
import { z } from "zod";
|
|
5
|
-
import { formatEther, formatUnits } from "viem";
|
|
6
|
-
import { publicClient } from "../lib/pharosClient.js";
|
|
7
|
-
import { ERC20_ABI, USDC_ADDRESS, CHAIN_ID, PHAROS_ENVIRONMENT, IS_MAINNET, MAX_X402_PAYMENT_USDC } from "../lib/constants.js";
|
|
8
|
-
import { ok, classifyExternalError } from "../lib/toolResponse.js";
|
|
9
|
-
import { getSigner, isSignerFailure } from "../lib/signer/index.js";
|
|
10
|
-
import { walletStore } from "../lib/wallet/index.js";
|
|
11
|
-
export const safehandsWalletHealthSchema = z.object({
|
|
12
|
-
agentId: z.string().optional().describe("Managed testnet wallet agentId"),
|
|
13
|
-
walletAddress: z.string().optional().describe("Explicit wallet address for read-only health checks"),
|
|
14
|
-
});
|
|
15
|
-
export async function handleSafeHandsWalletHealth(raw) {
|
|
16
|
-
const input = safehandsWalletHealthSchema.parse(raw);
|
|
17
|
-
const managedWallet = input.agentId ? await walletStore.get(input.agentId) : null;
|
|
18
|
-
const signer = await getSigner(input.agentId);
|
|
19
|
-
const signerAvailable = !isSignerFailure(signer);
|
|
20
|
-
const address = signerAvailable ? signer.address : (input.walletAddress || managedWallet?.address);
|
|
21
|
-
const base = {
|
|
22
|
-
environment: PHAROS_ENVIRONMENT,
|
|
23
|
-
chainId: CHAIN_ID,
|
|
24
|
-
isMainnet: IS_MAINNET,
|
|
25
|
-
walletMode: process.env.WALLET_MODE || "none",
|
|
26
|
-
writeToolsEnabled: process.env.WRITE_TOOLS_ENABLED === "true",
|
|
27
|
-
signerAvailable,
|
|
28
|
-
signerMode: signerAvailable ? signer.mode : null,
|
|
29
|
-
signerError: signerAvailable ? null : signer.error,
|
|
30
|
-
managedWalletExists: Boolean(managedWallet),
|
|
31
|
-
address: address || null,
|
|
32
|
-
};
|
|
33
|
-
if (!address) {
|
|
34
|
-
return ok({
|
|
35
|
-
...base,
|
|
36
|
-
status: "NOT_READY",
|
|
37
|
-
readiness: {
|
|
38
|
-
canReadBalances: false,
|
|
39
|
-
canPayGas: false,
|
|
40
|
-
canPayX402: false,
|
|
41
|
-
canExecuteWrites: false,
|
|
42
|
-
},
|
|
43
|
-
requiredActions: ["Create a managed testnet wallet or provide WALLET_MODE=env with a testnet PRIVATE_KEY."],
|
|
44
|
-
source: "safehands_wallet_health",
|
|
45
|
-
});
|
|
46
|
-
}
|
|
47
|
-
try {
|
|
48
|
-
const [phrsRaw, usdcRaw] = await Promise.all([
|
|
49
|
-
publicClient.getBalance({ address: address }),
|
|
50
|
-
publicClient.readContract({
|
|
51
|
-
address: USDC_ADDRESS,
|
|
52
|
-
abi: ERC20_ABI,
|
|
53
|
-
functionName: "balanceOf",
|
|
54
|
-
args: [address],
|
|
55
|
-
}),
|
|
56
|
-
]);
|
|
57
|
-
const phrs = formatEther(phrsRaw);
|
|
58
|
-
const usdc = formatUnits(usdcRaw, 6);
|
|
59
|
-
const canPayGas = parseFloat(phrs) > 0.001;
|
|
60
|
-
const canPayX402 = parseFloat(usdc) >= Number(MAX_X402_PAYMENT_USDC);
|
|
61
|
-
const canExecuteWrites = signerAvailable && canPayGas && process.env.WRITE_TOOLS_ENABLED === "true";
|
|
62
|
-
return ok({
|
|
63
|
-
...base,
|
|
64
|
-
status: canExecuteWrites ? "READY" : signerAvailable ? "DEGRADED" : "NOT_READY",
|
|
65
|
-
balances: {
|
|
66
|
-
PHRS: { value: phrs, unit: "PHRS", decimals: 18 },
|
|
67
|
-
USDC: { value: usdc, unit: "USDC", decimals: 6, tokenAddress: USDC_ADDRESS },
|
|
68
|
-
},
|
|
69
|
-
readiness: {
|
|
70
|
-
canReadBalances: true,
|
|
71
|
-
canPayGas,
|
|
72
|
-
canPayX402,
|
|
73
|
-
canExecuteWrites,
|
|
74
|
-
},
|
|
75
|
-
dailySpendStatus: {
|
|
76
|
-
implemented: false,
|
|
77
|
-
note: "Daily spend accounting is config-ready but not persisted in this MVP.",
|
|
78
|
-
},
|
|
79
|
-
requiredActions: [
|
|
80
|
-
...(canPayGas ? [] : ["Fund wallet with testnet PHRS for gas."]),
|
|
81
|
-
...(canPayX402 ? [] : [`Fund wallet with at least ${MAX_X402_PAYMENT_USDC} testnet USDC for x402 payments.`]),
|
|
82
|
-
...(process.env.WRITE_TOOLS_ENABLED === "true" ? [] : ["Set WRITE_TOOLS_ENABLED=true only when intentionally executing trusted testnet actions."]),
|
|
83
|
-
],
|
|
84
|
-
source: "safehands_wallet_health",
|
|
85
|
-
});
|
|
86
|
-
}
|
|
87
|
-
catch (err) {
|
|
88
|
-
const rpc = classifyExternalError("pharos_rpc", err);
|
|
89
|
-
return ok({
|
|
90
|
-
...base,
|
|
91
|
-
status: "DEGRADED",
|
|
92
|
-
readiness: {
|
|
93
|
-
canReadBalances: false,
|
|
94
|
-
canPayGas: "unknown",
|
|
95
|
-
canPayX402: "unknown",
|
|
96
|
-
canExecuteWrites: false,
|
|
97
|
-
},
|
|
98
|
-
rpcError: rpc.error,
|
|
99
|
-
requiredActions: ["Retry RPC balance checks later or configure PHAROS_RPC_URL."],
|
|
100
|
-
source: "safehands_wallet_health",
|
|
101
|
-
});
|
|
102
|
-
}
|
|
103
|
-
}
|
|
1
|
+
// ─── Tool: safehands_wallet_health ─────────────────────────────────────
|
|
2
|
+
// Checks whether an AI agent wallet is ready for guarded testnet actions.
|
|
3
|
+
// ───────────────────────────────────────────────────────────────────────
|
|
4
|
+
import { z } from "zod";
|
|
5
|
+
import { formatEther, formatUnits } from "viem";
|
|
6
|
+
import { publicClient } from "../lib/pharosClient.js";
|
|
7
|
+
import { ERC20_ABI, USDC_ADDRESS, CHAIN_ID, PHAROS_ENVIRONMENT, IS_MAINNET, MAX_X402_PAYMENT_USDC } from "../lib/constants.js";
|
|
8
|
+
import { ok, classifyExternalError } from "../lib/toolResponse.js";
|
|
9
|
+
import { getSigner, isSignerFailure } from "../lib/signer/index.js";
|
|
10
|
+
import { walletStore } from "../lib/wallet/index.js";
|
|
11
|
+
export const safehandsWalletHealthSchema = z.object({
|
|
12
|
+
agentId: z.string().optional().describe("Managed testnet wallet agentId"),
|
|
13
|
+
walletAddress: z.string().optional().describe("Explicit wallet address for read-only health checks"),
|
|
14
|
+
});
|
|
15
|
+
export async function handleSafeHandsWalletHealth(raw) {
|
|
16
|
+
const input = safehandsWalletHealthSchema.parse(raw);
|
|
17
|
+
const managedWallet = input.agentId ? await walletStore.get(input.agentId) : null;
|
|
18
|
+
const signer = await getSigner(input.agentId);
|
|
19
|
+
const signerAvailable = !isSignerFailure(signer);
|
|
20
|
+
const address = signerAvailable ? signer.address : (input.walletAddress || managedWallet?.address);
|
|
21
|
+
const base = {
|
|
22
|
+
environment: PHAROS_ENVIRONMENT,
|
|
23
|
+
chainId: CHAIN_ID,
|
|
24
|
+
isMainnet: IS_MAINNET,
|
|
25
|
+
walletMode: process.env.WALLET_MODE || "none",
|
|
26
|
+
writeToolsEnabled: process.env.WRITE_TOOLS_ENABLED === "true",
|
|
27
|
+
signerAvailable,
|
|
28
|
+
signerMode: signerAvailable ? signer.mode : null,
|
|
29
|
+
signerError: signerAvailable ? null : signer.error,
|
|
30
|
+
managedWalletExists: Boolean(managedWallet),
|
|
31
|
+
address: address || null,
|
|
32
|
+
};
|
|
33
|
+
if (!address) {
|
|
34
|
+
return ok({
|
|
35
|
+
...base,
|
|
36
|
+
status: "NOT_READY",
|
|
37
|
+
readiness: {
|
|
38
|
+
canReadBalances: false,
|
|
39
|
+
canPayGas: false,
|
|
40
|
+
canPayX402: false,
|
|
41
|
+
canExecuteWrites: false,
|
|
42
|
+
},
|
|
43
|
+
requiredActions: ["Create a managed testnet wallet or provide WALLET_MODE=env with a testnet PRIVATE_KEY."],
|
|
44
|
+
source: "safehands_wallet_health",
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
try {
|
|
48
|
+
const [phrsRaw, usdcRaw] = await Promise.all([
|
|
49
|
+
publicClient.getBalance({ address: address }),
|
|
50
|
+
publicClient.readContract({
|
|
51
|
+
address: USDC_ADDRESS,
|
|
52
|
+
abi: ERC20_ABI,
|
|
53
|
+
functionName: "balanceOf",
|
|
54
|
+
args: [address],
|
|
55
|
+
}),
|
|
56
|
+
]);
|
|
57
|
+
const phrs = formatEther(phrsRaw);
|
|
58
|
+
const usdc = formatUnits(usdcRaw, 6);
|
|
59
|
+
const canPayGas = parseFloat(phrs) > 0.001;
|
|
60
|
+
const canPayX402 = parseFloat(usdc) >= Number(MAX_X402_PAYMENT_USDC);
|
|
61
|
+
const canExecuteWrites = signerAvailable && canPayGas && process.env.WRITE_TOOLS_ENABLED === "true";
|
|
62
|
+
return ok({
|
|
63
|
+
...base,
|
|
64
|
+
status: canExecuteWrites ? "READY" : signerAvailable ? "DEGRADED" : "NOT_READY",
|
|
65
|
+
balances: {
|
|
66
|
+
PHRS: { value: phrs, unit: "PHRS", decimals: 18 },
|
|
67
|
+
USDC: { value: usdc, unit: "USDC", decimals: 6, tokenAddress: USDC_ADDRESS },
|
|
68
|
+
},
|
|
69
|
+
readiness: {
|
|
70
|
+
canReadBalances: true,
|
|
71
|
+
canPayGas,
|
|
72
|
+
canPayX402,
|
|
73
|
+
canExecuteWrites,
|
|
74
|
+
},
|
|
75
|
+
dailySpendStatus: {
|
|
76
|
+
implemented: false,
|
|
77
|
+
note: "Daily spend accounting is config-ready but not persisted in this MVP.",
|
|
78
|
+
},
|
|
79
|
+
requiredActions: [
|
|
80
|
+
...(canPayGas ? [] : ["Fund wallet with testnet PHRS for gas."]),
|
|
81
|
+
...(canPayX402 ? [] : [`Fund wallet with at least ${MAX_X402_PAYMENT_USDC} testnet USDC for x402 payments.`]),
|
|
82
|
+
...(process.env.WRITE_TOOLS_ENABLED === "true" ? [] : ["Set WRITE_TOOLS_ENABLED=true only when intentionally executing trusted testnet actions."]),
|
|
83
|
+
],
|
|
84
|
+
source: "safehands_wallet_health",
|
|
85
|
+
});
|
|
86
|
+
}
|
|
87
|
+
catch (err) {
|
|
88
|
+
const rpc = classifyExternalError("pharos_rpc", err);
|
|
89
|
+
return ok({
|
|
90
|
+
...base,
|
|
91
|
+
status: "DEGRADED",
|
|
92
|
+
readiness: {
|
|
93
|
+
canReadBalances: false,
|
|
94
|
+
canPayGas: "unknown",
|
|
95
|
+
canPayX402: "unknown",
|
|
96
|
+
canExecuteWrites: false,
|
|
97
|
+
},
|
|
98
|
+
rpcError: rpc.error,
|
|
99
|
+
requiredActions: ["Retry RPC balance checks later or configure PHAROS_RPC_URL."],
|
|
100
|
+
source: "safehands_wallet_health",
|
|
101
|
+
});
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
104
|
//# sourceMappingURL=safehandsWalletHealth.js.map
|
|
@@ -1,27 +1,27 @@
|
|
|
1
|
-
import { z } from "zod";
|
|
2
|
-
import { type ToolResponse } from "../lib/toolResponse.js";
|
|
3
|
-
export declare const safehandsX402PreflightSchema: z.ZodObject<{
|
|
4
|
-
url: z.ZodString;
|
|
5
|
-
method: z.ZodDefault<z.ZodOptional<z.ZodEnum<["GET", "POST", "PUT", "DELETE"]>>>;
|
|
6
|
-
paymentAmountUsdc: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
7
|
-
paymentTokenAddress: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
8
|
-
agentId: z.ZodOptional<z.ZodString>;
|
|
9
|
-
probeEndpoint: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
|
|
10
|
-
}, "strip", z.ZodTypeAny, {
|
|
11
|
-
url: string;
|
|
12
|
-
paymentAmountUsdc: string;
|
|
13
|
-
paymentTokenAddress: string;
|
|
14
|
-
method: "GET" | "POST" | "PUT" | "DELETE";
|
|
15
|
-
probeEndpoint: boolean;
|
|
16
|
-
agentId?: string | undefined;
|
|
17
|
-
}, {
|
|
18
|
-
url: string;
|
|
19
|
-
paymentAmountUsdc?: string | undefined;
|
|
20
|
-
paymentTokenAddress?: string | undefined;
|
|
21
|
-
method?: "GET" | "POST" | "PUT" | "DELETE" | undefined;
|
|
22
|
-
agentId?: string | undefined;
|
|
23
|
-
probeEndpoint?: boolean | undefined;
|
|
24
|
-
}>;
|
|
25
|
-
export type SafeHandsX402PreflightInput = z.input<typeof safehandsX402PreflightSchema>;
|
|
26
|
-
export declare function handleSafeHandsX402Preflight(raw: SafeHandsX402PreflightInput): Promise<ToolResponse<unknown>>;
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { type ToolResponse } from "../lib/toolResponse.js";
|
|
3
|
+
export declare const safehandsX402PreflightSchema: z.ZodObject<{
|
|
4
|
+
url: z.ZodString;
|
|
5
|
+
method: z.ZodDefault<z.ZodOptional<z.ZodEnum<["GET", "POST", "PUT", "DELETE"]>>>;
|
|
6
|
+
paymentAmountUsdc: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
7
|
+
paymentTokenAddress: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
8
|
+
agentId: z.ZodOptional<z.ZodString>;
|
|
9
|
+
probeEndpoint: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
|
|
10
|
+
}, "strip", z.ZodTypeAny, {
|
|
11
|
+
url: string;
|
|
12
|
+
paymentAmountUsdc: string;
|
|
13
|
+
paymentTokenAddress: string;
|
|
14
|
+
method: "GET" | "POST" | "PUT" | "DELETE";
|
|
15
|
+
probeEndpoint: boolean;
|
|
16
|
+
agentId?: string | undefined;
|
|
17
|
+
}, {
|
|
18
|
+
url: string;
|
|
19
|
+
paymentAmountUsdc?: string | undefined;
|
|
20
|
+
paymentTokenAddress?: string | undefined;
|
|
21
|
+
method?: "GET" | "POST" | "PUT" | "DELETE" | undefined;
|
|
22
|
+
agentId?: string | undefined;
|
|
23
|
+
probeEndpoint?: boolean | undefined;
|
|
24
|
+
}>;
|
|
25
|
+
export type SafeHandsX402PreflightInput = z.input<typeof safehandsX402PreflightSchema>;
|
|
26
|
+
export declare function handleSafeHandsX402Preflight(raw: SafeHandsX402PreflightInput): Promise<ToolResponse<unknown>>;
|
|
27
27
|
//# sourceMappingURL=safehandsX402Preflight.d.ts.map
|
|
@@ -1,66 +1,66 @@
|
|
|
1
|
-
// ─── Tool: safehands_x402_preflight ────────────────────────────────────
|
|
2
|
-
// Checks whether an x402 paid resource is safe before payment signing.
|
|
3
|
-
// ───────────────────────────────────────────────────────────────────────
|
|
4
|
-
import { z } from "zod";
|
|
5
|
-
import { ok, fail } from "../lib/toolResponse.js";
|
|
6
|
-
import { assertSafeFetchUrl, fetchWithTimeoutAndRetry } from "../lib/http.js";
|
|
7
|
-
import { CHAIN_ID, PHAROS_ENVIRONMENT, MAX_X402_PAYMENT_USDC, X402_PAYMENT_TOKEN_ADDRESS } from "../lib/constants.js";
|
|
8
|
-
import { evaluateActionPolicy } from "../lib/policy/actionPolicyEngine.js";
|
|
9
|
-
import { getSigner, isSignerFailure } from "../lib/signer/index.js";
|
|
10
|
-
export const safehandsX402PreflightSchema = z.object({
|
|
11
|
-
url: z.string(),
|
|
12
|
-
method: z.enum(["GET", "POST", "PUT", "DELETE"]).optional().default("GET"),
|
|
13
|
-
paymentAmountUsdc: z.string().optional().default("0.001"),
|
|
14
|
-
paymentTokenAddress: z.string().optional().default(X402_PAYMENT_TOKEN_ADDRESS),
|
|
15
|
-
agentId: z.string().optional(),
|
|
16
|
-
probeEndpoint: z.boolean().optional().default(false),
|
|
17
|
-
});
|
|
18
|
-
export async function handleSafeHandsX402Preflight(raw) {
|
|
19
|
-
const input = safehandsX402PreflightSchema.parse(raw);
|
|
20
|
-
try {
|
|
21
|
-
await assertSafeFetchUrl(input.url);
|
|
22
|
-
}
|
|
23
|
-
catch (err) {
|
|
24
|
-
return fail("SSRF_BLOCKED", err instanceof Error ? err.message.replace(/^SSRF_BLOCKED:\s*/, "") : String(err), false, "safehands_x402_preflight");
|
|
25
|
-
}
|
|
26
|
-
let detectedStatus = null;
|
|
27
|
-
let paymentRequired = "unknown";
|
|
28
|
-
if (input.probeEndpoint) {
|
|
29
|
-
try {
|
|
30
|
-
const res = await fetchWithTimeoutAndRetry(input.url, { method: input.method, timeoutMs: 7_500, retries: 0 });
|
|
31
|
-
detectedStatus = res.status;
|
|
32
|
-
paymentRequired = res.status === 402;
|
|
33
|
-
}
|
|
34
|
-
catch {
|
|
35
|
-
paymentRequired = "unknown";
|
|
36
|
-
}
|
|
37
|
-
}
|
|
38
|
-
const signer = await getSigner(input.agentId, { purpose: "x402" });
|
|
39
|
-
const signerAvailable = !isSignerFailure(signer);
|
|
40
|
-
const policy = evaluateActionPolicy({
|
|
41
|
-
actionType: "x402_pay_and_fetch",
|
|
42
|
-
url: input.url,
|
|
43
|
-
paymentAmountUsdc: input.paymentAmountUsdc,
|
|
44
|
-
paymentTokenAddress: input.paymentTokenAddress,
|
|
45
|
-
signerAvailable,
|
|
46
|
-
requiresSigner: paymentRequired === true,
|
|
47
|
-
chainId: CHAIN_ID,
|
|
48
|
-
environment: PHAROS_ENVIRONMENT,
|
|
49
|
-
isMainnet: false,
|
|
50
|
-
});
|
|
51
|
-
return ok({
|
|
52
|
-
...policy,
|
|
53
|
-
url: input.url,
|
|
54
|
-
method: input.method,
|
|
55
|
-
paymentAmountUsdc: input.paymentAmountUsdc,
|
|
56
|
-
maxPaymentUsdc: MAX_X402_PAYMENT_USDC,
|
|
57
|
-
paymentTokenAddress: input.paymentTokenAddress,
|
|
58
|
-
signerAvailable,
|
|
59
|
-
signerMode: signerAvailable ? signer.mode : null,
|
|
60
|
-
signerError: signerAvailable ? null : signer.error,
|
|
61
|
-
probe: { enabled: input.probeEndpoint, status: detectedStatus, paymentRequired },
|
|
62
|
-
testnetPayment: true,
|
|
63
|
-
source: "safehands_x402_preflight",
|
|
64
|
-
});
|
|
65
|
-
}
|
|
1
|
+
// ─── Tool: safehands_x402_preflight ────────────────────────────────────
|
|
2
|
+
// Checks whether an x402 paid resource is safe before payment signing.
|
|
3
|
+
// ───────────────────────────────────────────────────────────────────────
|
|
4
|
+
import { z } from "zod";
|
|
5
|
+
import { ok, fail } from "../lib/toolResponse.js";
|
|
6
|
+
import { assertSafeFetchUrl, fetchWithTimeoutAndRetry } from "../lib/http.js";
|
|
7
|
+
import { CHAIN_ID, PHAROS_ENVIRONMENT, MAX_X402_PAYMENT_USDC, X402_PAYMENT_TOKEN_ADDRESS } from "../lib/constants.js";
|
|
8
|
+
import { evaluateActionPolicy } from "../lib/policy/actionPolicyEngine.js";
|
|
9
|
+
import { getSigner, isSignerFailure } from "../lib/signer/index.js";
|
|
10
|
+
export const safehandsX402PreflightSchema = z.object({
|
|
11
|
+
url: z.string(),
|
|
12
|
+
method: z.enum(["GET", "POST", "PUT", "DELETE"]).optional().default("GET"),
|
|
13
|
+
paymentAmountUsdc: z.string().optional().default("0.001"),
|
|
14
|
+
paymentTokenAddress: z.string().optional().default(X402_PAYMENT_TOKEN_ADDRESS),
|
|
15
|
+
agentId: z.string().optional(),
|
|
16
|
+
probeEndpoint: z.boolean().optional().default(false),
|
|
17
|
+
});
|
|
18
|
+
export async function handleSafeHandsX402Preflight(raw) {
|
|
19
|
+
const input = safehandsX402PreflightSchema.parse(raw);
|
|
20
|
+
try {
|
|
21
|
+
await assertSafeFetchUrl(input.url);
|
|
22
|
+
}
|
|
23
|
+
catch (err) {
|
|
24
|
+
return fail("SSRF_BLOCKED", err instanceof Error ? err.message.replace(/^SSRF_BLOCKED:\s*/, "") : String(err), false, "safehands_x402_preflight");
|
|
25
|
+
}
|
|
26
|
+
let detectedStatus = null;
|
|
27
|
+
let paymentRequired = "unknown";
|
|
28
|
+
if (input.probeEndpoint) {
|
|
29
|
+
try {
|
|
30
|
+
const res = await fetchWithTimeoutAndRetry(input.url, { method: input.method, timeoutMs: 7_500, retries: 0 });
|
|
31
|
+
detectedStatus = res.status;
|
|
32
|
+
paymentRequired = res.status === 402;
|
|
33
|
+
}
|
|
34
|
+
catch {
|
|
35
|
+
paymentRequired = "unknown";
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
const signer = await getSigner(input.agentId, { purpose: "x402" });
|
|
39
|
+
const signerAvailable = !isSignerFailure(signer);
|
|
40
|
+
const policy = evaluateActionPolicy({
|
|
41
|
+
actionType: "x402_pay_and_fetch",
|
|
42
|
+
url: input.url,
|
|
43
|
+
paymentAmountUsdc: input.paymentAmountUsdc,
|
|
44
|
+
paymentTokenAddress: input.paymentTokenAddress,
|
|
45
|
+
signerAvailable,
|
|
46
|
+
requiresSigner: paymentRequired === true,
|
|
47
|
+
chainId: CHAIN_ID,
|
|
48
|
+
environment: PHAROS_ENVIRONMENT,
|
|
49
|
+
isMainnet: false,
|
|
50
|
+
});
|
|
51
|
+
return ok({
|
|
52
|
+
...policy,
|
|
53
|
+
url: input.url,
|
|
54
|
+
method: input.method,
|
|
55
|
+
paymentAmountUsdc: input.paymentAmountUsdc,
|
|
56
|
+
maxPaymentUsdc: MAX_X402_PAYMENT_USDC,
|
|
57
|
+
paymentTokenAddress: input.paymentTokenAddress,
|
|
58
|
+
signerAvailable,
|
|
59
|
+
signerMode: signerAvailable ? signer.mode : null,
|
|
60
|
+
signerError: signerAvailable ? null : signer.error,
|
|
61
|
+
probe: { enabled: input.probeEndpoint, status: detectedStatus, paymentRequired },
|
|
62
|
+
testnetPayment: true,
|
|
63
|
+
source: "safehands_x402_preflight",
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
66
|
//# sourceMappingURL=safehandsX402Preflight.js.map
|
|
@@ -1,59 +1,58 @@
|
|
|
1
|
-
import { z } from "zod";
|
|
2
|
-
export declare const sendPaymentSchema: z.ZodObject<{
|
|
3
|
-
toAddress: z.ZodString;
|
|
4
|
-
amount: z.ZodString;
|
|
5
|
-
memo: z.ZodOptional<z.ZodString>;
|
|
6
|
-
agentId: z.ZodOptional<z.ZodString>;
|
|
7
|
-
}, "strip", z.ZodTypeAny, {
|
|
8
|
-
amount: string;
|
|
9
|
-
toAddress: string;
|
|
10
|
-
agentId?: string | undefined;
|
|
11
|
-
memo?: string | undefined;
|
|
12
|
-
}, {
|
|
13
|
-
amount: string;
|
|
14
|
-
toAddress: string;
|
|
15
|
-
agentId?: string | undefined;
|
|
16
|
-
memo?: string | undefined;
|
|
17
|
-
}>;
|
|
18
|
-
export type SendPaymentInput = z.input<typeof sendPaymentSchema>;
|
|
19
|
-
export declare const sendPaymentTool: {
|
|
20
|
-
name: string;
|
|
21
|
-
description: string;
|
|
22
|
-
inputSchema: z.ZodObject<{
|
|
23
|
-
toAddress: z.ZodString;
|
|
24
|
-
amount: z.ZodString;
|
|
25
|
-
memo: z.ZodOptional<z.ZodString>;
|
|
26
|
-
agentId: z.ZodOptional<z.ZodString>;
|
|
27
|
-
}, "strip", z.ZodTypeAny, {
|
|
28
|
-
amount: string;
|
|
29
|
-
toAddress: string;
|
|
30
|
-
agentId?: string | undefined;
|
|
31
|
-
memo?: string | undefined;
|
|
32
|
-
}, {
|
|
33
|
-
amount: string;
|
|
34
|
-
toAddress: string;
|
|
35
|
-
agentId?: string | undefined;
|
|
36
|
-
memo?: string | undefined;
|
|
37
|
-
}>;
|
|
38
|
-
};
|
|
39
|
-
export declare function handleSendPayment(raw: SendPaymentInput): Promise<import("../lib/toolResponse.js").ToolFailure | import("../lib/toolResponse.js").ToolSuccess<{
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
}>>;
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export declare const sendPaymentSchema: z.ZodObject<{
|
|
3
|
+
toAddress: z.ZodString;
|
|
4
|
+
amount: z.ZodString;
|
|
5
|
+
memo: z.ZodOptional<z.ZodString>;
|
|
6
|
+
agentId: z.ZodOptional<z.ZodString>;
|
|
7
|
+
}, "strip", z.ZodTypeAny, {
|
|
8
|
+
amount: string;
|
|
9
|
+
toAddress: string;
|
|
10
|
+
agentId?: string | undefined;
|
|
11
|
+
memo?: string | undefined;
|
|
12
|
+
}, {
|
|
13
|
+
amount: string;
|
|
14
|
+
toAddress: string;
|
|
15
|
+
agentId?: string | undefined;
|
|
16
|
+
memo?: string | undefined;
|
|
17
|
+
}>;
|
|
18
|
+
export type SendPaymentInput = z.input<typeof sendPaymentSchema>;
|
|
19
|
+
export declare const sendPaymentTool: {
|
|
20
|
+
name: string;
|
|
21
|
+
description: string;
|
|
22
|
+
inputSchema: z.ZodObject<{
|
|
23
|
+
toAddress: z.ZodString;
|
|
24
|
+
amount: z.ZodString;
|
|
25
|
+
memo: z.ZodOptional<z.ZodString>;
|
|
26
|
+
agentId: z.ZodOptional<z.ZodString>;
|
|
27
|
+
}, "strip", z.ZodTypeAny, {
|
|
28
|
+
amount: string;
|
|
29
|
+
toAddress: string;
|
|
30
|
+
agentId?: string | undefined;
|
|
31
|
+
memo?: string | undefined;
|
|
32
|
+
}, {
|
|
33
|
+
amount: string;
|
|
34
|
+
toAddress: string;
|
|
35
|
+
agentId?: string | undefined;
|
|
36
|
+
memo?: string | undefined;
|
|
37
|
+
}>;
|
|
38
|
+
};
|
|
39
|
+
export declare function handleSendPayment(raw: SendPaymentInput): Promise<import("../lib/toolResponse.js").ToolFailure | import("../lib/toolResponse.js").ToolSuccess<{
|
|
40
|
+
txHash: `0x${string}`;
|
|
41
|
+
explorerUrl: string;
|
|
42
|
+
amountSent: string;
|
|
43
|
+
signerMode: import("../lib/signer/index.js").SignerMode;
|
|
44
|
+
walletAddress: `0x${string}`;
|
|
45
|
+
gasUsed: string;
|
|
46
|
+
validation: {
|
|
47
|
+
addressValid: boolean;
|
|
48
|
+
balanceSufficient: boolean;
|
|
49
|
+
warnings: string[];
|
|
50
|
+
};
|
|
51
|
+
policy: import("../lib/policy/actionPolicyEngine.js").ActionPolicyResult;
|
|
52
|
+
riskAssessment: {
|
|
53
|
+
riskScore: number;
|
|
54
|
+
wasBlocked: boolean;
|
|
55
|
+
};
|
|
56
|
+
source: string;
|
|
57
|
+
}>>;
|
|
59
58
|
//# sourceMappingURL=sendPayment.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sendPayment.d.ts","sourceRoot":"","sources":["../../src/tools/sendPayment.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"sendPayment.d.ts","sourceRoot":"","sources":["../../src/tools/sendPayment.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAUxB,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;EAK5B,CAAC;AAEH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAEjE,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;CAI3B,CAAC;AAEF,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,gBAAgB;;;;;;;;;;;;;;;;;;IAwH5D"}
|