seal-wallet-agent-sdk 0.1.0

package/README.md

@@ -0,0 +1,257 @@
+# @seal-wallet/agent-sdk
+
+Lightweight SDK for AI agents and bots to authenticate with [Seal](https://github.com/seal-wallet) smart wallets on Solana via the Sigil pairing token flow.
+
+## Overview
+
+Seal wallets are on-chain smart wallets with **session-based authorization**, **spending limits**, and **allowed-program enforcement**. The Sigil system provides a secure pairing flow where wallet owners grant agents ephemeral sessions via **pairing tokens**.
+
+This SDK handles the entire agent-side flow:
+- **Authenticate** with a pairing token (no private keys needed)
+- **Obtain ephemeral sessions** with on-chain spending limits
+- **Wrap instructions** through Seal's `ExecuteViaSession` CPI
+- **Auto-renew** sessions before they expire
+- **Heartbeat** to report agent status
+
+```mermaid
+sequenceDiagram
+    participant App as Sigil App (Wallet Owner)
+    participant Backend as Sigil Backend (Session Broker)
+    participant Chain as Solana (Seal Program)
+    participant Agent as Your Agent (SigilAgent)
+
+    App->>Backend: Pairing token (sgil_xxx)
+    Agent->>Backend: Request session (Bearer sgil_xxx)
+    Backend->>Chain: CreateSession TX (on-chain)
+    Chain-->>Backend: Session PDA created
+    Backend-->>Agent: Session credentials (keypair + limits)
+    Agent->>Chain: ExecuteViaSession TX (signed by session key)
+    Chain-->>Agent: TX confirmed
+```
+
+## Installation
+
+```bash
+npm install @seal-wallet/agent-sdk @solana/web3.js
+```
+
+## Quick Start
+
+```typescript
+import { SigilAgent } from "@seal-wallet/agent-sdk";
+import { Connection, Transaction, SystemProgram, LAMPORTS_PER_SOL } from "@solana/web3.js";
+
+// 1. Initialize with pairing token from Sigil app
+const agent = new SigilAgent({
+  pairingToken: process.env.PAIRING_TOKEN!, // sgil_xxx format
+  apiUrl: "http://localhost:3003",           // Sigil backend URL
+});
+
+// 2. Get a session (auto-creates on-chain session key)
+const session = await agent.getSession({
+  durationSecs: 3600,    // 1 hour
+  maxAmountSol: 5.0,     // 5 SOL daily limit
+  maxPerTxSol: 1.0,      // 1 SOL per transaction limit
+});
+
+// 3. Build your instruction (e.g., SOL transfer, DLMM addLiquidity)
+const transferIx = SystemProgram.transfer({
+  fromPubkey: session.walletPda,        // Seal wallet PDA is the authority
+  toPubkey: recipientAddress,
+  lamports: 0.1 * LAMPORTS_PER_SOL,
+});
+
+// 4. Wrap it through Seal's ExecuteViaSession
+const wrappedIx = agent.wrapInstruction(transferIx, BigInt(0.1 * LAMPORTS_PER_SOL));
+
+// 5. Sign with session keypair and submit
+const tx = new Transaction().add(wrappedIx);
+tx.feePayer = session.sessionKeypair.publicKey;
+const connection = new Connection("https://api.devnet.solana.com");
+await connection.sendTransaction(tx, [session.sessionKeypair]);
+```
+
+## API Reference
+
+### `new SigilAgent(config)`
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+| `pairingToken` | `string` | *required* | Pairing token from Sigil app (`sgil_xxx` format) |
+| `apiUrl` | `string` | `http://localhost:3003` | Sigil backend URL |
+| `autoRefresh` | `boolean` | `true` | Auto-renew session before expiry |
+| `refreshThresholdSecs` | `number` | `300` | Seconds before expiry to trigger renewal |
+
+### `agent.getSession(options?)`
+
+Requests or returns a cached ephemeral session. If the current session is within `refreshThresholdSecs` of expiry, a new one is created automatically.
+
+**Options:**
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+| `durationSecs` | `number` | `86400` | Session duration (60s – 7 days) |
+| `maxAmountSol` | `number` | `5.0` | Max total SOL for this session |
+| `maxPerTxSol` | `number` | `1.0` | Max SOL per single transaction |
+
+**Returns:**
+```typescript
+{
+  credentials: SessionCredentials; // Full session metadata
+  sessionKeypair: Keypair;         // For signing transactions
+  walletPda: PublicKey;            // Seal wallet PDA (use as authority)
+  agentConfigPda: PublicKey;       // Agent config PDA
+}
+```
+
+**Throws:**
+- `Error("Session request pending manual approval...")` if the agent's `autoApprove` is `false` — the wallet owner must approve in the Sigil app.
+- `Error("Session request failed: ...")` on backend/network errors (automatically retried up to 3 times with exponential backoff).
+
+### `agent.wrapInstruction(innerIx, amountLamports?)`
+
+Wraps a `TransactionInstruction` inside Seal's `ExecuteViaSession` CPI envelope. The Seal program verifies:
+- Session key is valid and not expired
+- Amount is within per-TX and daily limits
+- Target program is in the agent's `allowed_programs` list
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+| `innerIx` | `TransactionInstruction` | *required* | The instruction to execute |
+| `amountLamports` | `bigint` | `0n` | Amount of lamports being spent |
+
+### `agent.heartbeat(status?, metadata?)`
+
+Sends a keepalive to the Sigil backend. Shows up in the wallet owner's activity feed.
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+| `status` | `"active" \| "idle" \| "trading"` | `"active"` | Agent status |
+| `metadata` | `Record<string, unknown>` | — | Custom metadata (pool name, action, etc.) |
+
+### `agent.isSessionValid()`
+
+Returns `true` if the cached session has not expired.
+
+### `agent.getSessionKeypair()`
+
+Returns the current session `Keypair`. Throws if no session is active.
+
+### `agent.getWalletPda()`
+
+Returns the Seal wallet `PublicKey`. Throws if no session is active.
+
+## Meteora DLMM Integration
+
+The primary use case is autonomous LP trading on Meteora DLMM pools:
+
+```typescript
+import DLMM from "@meteora-ag/dlmm";
+import { SigilAgent } from "@seal-wallet/agent-sdk";
+import { Connection, Keypair, Transaction } from "@solana/web3.js";
+import BN from "bn.js";
+
+const agent = new SigilAgent({ pairingToken: process.env.PAIRING_TOKEN! });
+const session = await agent.getSession({ maxAmountSol: 2.0 });
+const connection = new Connection("https://api.devnet.solana.com");
+
+// Load DLMM pool
+const poolAddress = new PublicKey("POOL_ADDRESS_HERE");
+const dlmm = await DLMM.create(connection, poolAddress);
+
+// Build add-liquidity instructions with Seal wallet PDA as user
+const positionKeypair = Keypair.generate();
+const { instructions } = await dlmm.initializePositionAndAddLiquidityByStrategy({
+  positionPubKey: positionKeypair.publicKey,
+  user: session.walletPda,           // Seal wallet PDA is the authority
+  totalXAmount: new BN(0.5 * 1e9),   // 0.5 SOL
+  totalYAmount: new BN(0),
+  strategy: {
+    maxBinId: activeBin.binId + 10,
+    minBinId: activeBin.binId - 10,
+    strategyType: StrategyType.SpotBalanced,
+  },
+});
+
+// Wrap EACH instruction through Seal's ExecuteViaSession
+const wrappedInstructions = instructions.map((ix) =>
+  agent.wrapInstruction(ix, 500_000_000n) // 0.5 SOL
+);
+
+const tx = new Transaction().add(...wrappedInstructions);
+tx.feePayer = session.sessionKeypair.publicKey;
+
+await connection.sendTransaction(tx, [session.sessionKeypair, positionKeypair]);
+```
+
+## Session Auto-Renewal
+
+Sessions are ephemeral and have an expiry time. The SDK automatically renews them:
+
+```typescript
+const agent = new SigilAgent({
+  pairingToken: "sgil_xxx",
+  autoRefresh: true,           // default
+  refreshThresholdSecs: 300,   // renew 5 min before expiry (default)
+});
+
+// First call creates a session
+const s1 = await agent.getSession();
+
+// Subsequent calls return cached session
+const s2 = await agent.getSession(); // same session (if still valid)
+
+// When session nears expiry, a new one is automatically created
+// No manual session management needed
+```
+
+## Error Handling & Retry
+
+The SDK includes built-in retry with exponential backoff for transient failures:
+- **Network errors**: Retried up to 3 times (1s → 2s → 4s backoff)
+- **5xx server errors**: Retried with backoff
+- **4xx client errors**: NOT retried (invalid token, locked wallet, etc.)
+
+```typescript
+try {
+  const session = await agent.getSession();
+} catch (err) {
+  if (err.message.includes("pending manual approval")) {
+    // Agent's autoApprove is false — owner must approve in Sigil app
+  } else if (err.message.includes("Wallet is locked")) {
+    // Owner locked the wallet — agent cannot create sessions
+  } else {
+    // Network/server error after 3 retries
+  }
+}
+```
+
+## Security Model
+
+| Feature | Protection |
+|---------|------------|
+| Pairing tokens | Bcrypt-hashed, never stored in plaintext |
+| Session keys | AES-256-GCM encrypted at rest on backend |
+| Session secret delivery | Transmitted once over HTTPS, never logged |
+| Spending limits | Enforced on-chain by Seal program (tamper-proof) |
+| Allowed programs | On-chain whitelist — agent can only call approved programs |
+| Wallet lock | Owner can instantly lock wallet, blocking all new sessions |
+| Session revocation | Owner can revoke individual or all sessions instantly |
+
+## Examples
+
+See the [examples/](./examples/) directory:
+- [`demo.ts`](./examples/demo.ts) — Full SDK lifecycle demo
+- [`meteora-integration.ts`](./examples/meteora-integration.ts) — Meteora DLMM integration pattern
+
+```bash
+# Run the demo
+PAIRING_TOKEN=sgil_xxx npx tsx examples/demo.ts
+
+# Run with on-chain transaction
+PAIRING_TOKEN=sgil_xxx npx tsx examples/demo.ts --send
+```
+
+## License
+
+MIT

package/dist/agent.d.ts

@@ -0,0 +1,64 @@
+import { Keypair, PublicKey, TransactionInstruction } from "@solana/web3.js";
+import type { SigilAgentConfig, SessionCredentials, SessionRequestOptions } from "./types.js";
+/**
+ * SigilAgent — the primary class for agents to interact with Seal wallets.
+ *
+ * Usage:
+ * ```ts
+ * const agent = new SigilAgent({ pairingToken: "sgil_abc123..." });
+ * const session = await agent.getSession();
+ *
+ * // Use session.sessionKeypair to sign transactions
+ * // Use session.walletPda as the wallet authority in DLMM instructions
+ * // Wrap instructions with agent.wrapInstruction(innerIx, amountLamports)
+ * ```
+ */
+export declare class SigilAgent {
+    private readonly pairingToken;
+    private readonly apiUrl;
+    private readonly autoRefresh;
+    private readonly refreshThresholdSecs;
+    private credentials;
+    private sessionKeypair;
+    constructor(config: SigilAgentConfig);
+    /**
+     * Get or create a session. Returns cached session if still valid.
+     * Automatically requests a new session if expired or about to expire.
+     */
+    getSession(options?: SessionRequestOptions): Promise<{
+        credentials: SessionCredentials;
+        sessionKeypair: Keypair;
+        walletPda: PublicKey;
+        agentConfigPda: PublicKey;
+    }>;
+    /**
+     * Build an ExecuteViaSession wrapper instruction.
+     * This wraps an inner instruction (e.g., DLMM addLiquidity) with Seal's
+     * session-based authorization.
+     */
+    wrapInstruction(innerIx: TransactionInstruction, amountLamports?: bigint): TransactionInstruction;
+    /**
+     * Send a heartbeat to the Sigil backend.
+     */
+    heartbeat(status?: "active" | "idle" | "trading", metadata?: Record<string, unknown>): Promise<void>;
+    /**
+     * Get the current session keypair (for signing transactions).
+     */
+    getSessionKeypair(): Keypair;
+    /**
+     * Get the wallet PDA (for use as authority in DLMM and other instructions).
+     */
+    getWalletPda(): PublicKey;
+    /**
+     * Check if the current session is still valid.
+     */
+    isSessionValid(): boolean;
+    private requestSession;
+    /**
+     * Make an API request with exponential backoff retry for transient failures.
+     * Retries on network errors and 5xx responses. Does NOT retry 4xx.
+     */
+    private apiRequestWithRetry;
+    private apiRequest;
+    private sleep;
+}

package/dist/agent.js

@@ -0,0 +1,217 @@
+import { Keypair, PublicKey, TransactionInstruction, } from "@solana/web3.js";
+const DEFAULT_API_URL = "http://localhost:3003";
+const DEFAULT_REFRESH_THRESHOLD = 300; // 5 minutes
+const MAX_RETRIES = 3;
+const INITIAL_BACKOFF_MS = 1000;
+/**
+ * SigilAgent — the primary class for agents to interact with Seal wallets.
+ *
+ * Usage:
+ * ```ts
+ * const agent = new SigilAgent({ pairingToken: "sgil_abc123..." });
+ * const session = await agent.getSession();
+ *
+ * // Use session.sessionKeypair to sign transactions
+ * // Use session.walletPda as the wallet authority in DLMM instructions
+ * // Wrap instructions with agent.wrapInstruction(innerIx, amountLamports)
+ * ```
+ */
+export class SigilAgent {
+    pairingToken;
+    apiUrl;
+    autoRefresh;
+    refreshThresholdSecs;
+    credentials = null;
+    sessionKeypair = null;
+    constructor(config) {
+        if (!config.pairingToken.startsWith("sgil_")) {
+            throw new Error("Invalid pairing token format. Expected: sgil_<token>");
+        }
+        this.pairingToken = config.pairingToken;
+        this.apiUrl = config.apiUrl ?? DEFAULT_API_URL;
+        this.autoRefresh = config.autoRefresh ?? true;
+        this.refreshThresholdSecs =
+            config.refreshThresholdSecs ?? DEFAULT_REFRESH_THRESHOLD;
+    }
+    /**
+     * Get or create a session. Returns cached session if still valid.
+     * Automatically requests a new session if expired or about to expire.
+     */
+    async getSession(options) {
+        // Check if we have a valid, non-expiring session
+        if (this.credentials && this.sessionKeypair) {
+            const expiresAt = new Date(this.credentials.expiresAt).getTime();
+            const remaining = (expiresAt - Date.now()) / 1000;
+            if (remaining > this.refreshThresholdSecs) {
+                return {
+                    credentials: this.credentials,
+                    sessionKeypair: this.sessionKeypair,
+                    walletPda: new PublicKey(this.credentials.walletPda),
+                    agentConfigPda: new PublicKey(this.credentials.agentConfigPda),
+                };
+            }
+        }
+        // Request new session
+        const creds = await this.requestSession(options);
+        this.credentials = creds;
+        this.sessionKeypair = Keypair.fromSecretKey(Buffer.from(creds.sessionSecretKey, "base64"));
+        return {
+            credentials: creds,
+            sessionKeypair: this.sessionKeypair,
+            walletPda: new PublicKey(creds.walletPda),
+            agentConfigPda: new PublicKey(creds.agentConfigPda),
+        };
+    }
+    /**
+     * Build an ExecuteViaSession wrapper instruction.
+     * This wraps an inner instruction (e.g., DLMM addLiquidity) with Seal's
+     * session-based authorization.
+     */
+    wrapInstruction(innerIx, amountLamports = 0n) {
+        if (!this.credentials || !this.sessionKeypair) {
+            throw new Error("No active session. Call getSession() first.");
+        }
+        const walletPda = new PublicKey(this.credentials.walletPda);
+        const agentPda = new PublicKey(this.credentials.agentConfigPda);
+        const sessionPda = new PublicKey(this.credentials.sessionPda);
+        const sealProgramId = new PublicKey("EV3TKRVz7pTHpAqBTjP8jmwuvoRBRCpjmVSPHhcMnXqb");
+        // Build remaining accounts from inner instruction
+        const remainingAccounts = innerIx.keys.map((key) => ({
+            pubkey: key.pubkey,
+            isSigner: key.pubkey.equals(walletPda) ? false : key.isSigner,
+            isWritable: key.isWritable,
+        }));
+        // Instruction data: [disc(1)] + [amount(8)] + [inner_data(N)]
+        const amountBuf = Buffer.alloc(8);
+        amountBuf.writeBigUInt64LE(amountLamports);
+        const data = Buffer.concat([
+            Buffer.from([3]), // ExecuteViaSession discriminant
+            amountBuf,
+            innerIx.data,
+        ]);
+        return new TransactionInstruction({
+            programId: sealProgramId,
+            keys: [
+                {
+                    pubkey: this.sessionKeypair.publicKey,
+                    isSigner: true,
+                    isWritable: false,
+                },
+                { pubkey: walletPda, isSigner: false, isWritable: true },
+                { pubkey: agentPda, isSigner: false, isWritable: true },
+                { pubkey: sessionPda, isSigner: false, isWritable: true },
+                { pubkey: innerIx.programId, isSigner: false, isWritable: false },
+                ...remainingAccounts,
+            ],
+            data,
+        });
+    }
+    /**
+     * Send a heartbeat to the Sigil backend.
+     */
+    async heartbeat(status = "active", metadata) {
+        if (!this.credentials)
+            return;
+        await this.apiRequestWithRetry("/api/agent/session/heartbeat", {
+            method: "POST",
+            body: JSON.stringify({
+                sessionPda: this.credentials.sessionPda,
+                status,
+                metadata,
+            }),
+        });
+    }
+    /**
+     * Get the current session keypair (for signing transactions).
+     */
+    getSessionKeypair() {
+        if (!this.sessionKeypair) {
+            throw new Error("No active session. Call getSession() first.");
+        }
+        return this.sessionKeypair;
+    }
+    /**
+     * Get the wallet PDA (for use as authority in DLMM and other instructions).
+     */
+    getWalletPda() {
+        if (!this.credentials) {
+            throw new Error("No active session. Call getSession() first.");
+        }
+        return new PublicKey(this.credentials.walletPda);
+    }
+    /**
+     * Check if the current session is still valid.
+     */
+    isSessionValid() {
+        if (!this.credentials)
+            return false;
+        const expiresAt = new Date(this.credentials.expiresAt).getTime();
+        return Date.now() < expiresAt;
+    }
+    // ═══════════════════════════════════════════════════════════
+    // Private
+    // ═══════════════════════════════════════════════════════════
+    async requestSession(options) {
+        const response = await this.apiRequestWithRetry("/api/agent/session/request", {
+            method: "POST",
+            body: JSON.stringify({
+                durationSecs: options?.durationSecs,
+                maxAmountSol: options?.maxAmountSol,
+                maxPerTxSol: options?.maxPerTxSol,
+            }),
+        });
+        if (response.status === 202) {
+            throw new Error("Session request pending manual approval. Check the Sigil app to approve.");
+        }
+        if (!response.ok) {
+            const error = await response.json().catch(() => ({ error: "Unknown" }));
+            throw new Error(`Session request failed: ${error.error ?? response.statusText}`);
+        }
+        return response.json();
+    }
+    /**
+     * Make an API request with exponential backoff retry for transient failures.
+     * Retries on network errors and 5xx responses. Does NOT retry 4xx.
+     */
+    async apiRequestWithRetry(path, init = {}, retries = MAX_RETRIES) {
+        let lastError;
+        for (let attempt = 0; attempt <= retries; attempt++) {
+            try {
+                const response = await this.apiRequest(path, init);
+                // Don't retry client errors (4xx) — they won't change
+                if (response.status >= 400 && response.status < 500) {
+                    return response;
+                }
+                // Retry server errors (5xx)
+                if (response.status >= 500 && attempt < retries) {
+                    const delay = INITIAL_BACKOFF_MS * Math.pow(2, attempt);
+                    await this.sleep(delay);
+                    continue;
+                }
+                return response;
+            }
+            catch (error) {
+                lastError = error instanceof Error ? error : new Error(String(error));
+                if (attempt < retries) {
+                    const delay = INITIAL_BACKOFF_MS * Math.pow(2, attempt);
+                    await this.sleep(delay);
+                }
+            }
+        }
+        throw lastError ?? new Error(`Request to ${path} failed after ${retries + 1} attempts`);
+    }
+    async apiRequest(path, init = {}) {
+        return fetch(`${this.apiUrl}${path}`, {
+            ...init,
+            headers: {
+                "Content-Type": "application/json",
+                Authorization: `Bearer ${this.pairingToken}`,
+                ...(init.headers ?? {}),
+            },
+        });
+    }
+    sleep(ms) {
+        return new Promise((resolve) => setTimeout(resolve, ms));
+    }
+}
+//# sourceMappingURL=agent.js.map

package/dist/agent.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent.js","sourceRoot":"","sources":["../src/agent.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,OAAO,EACP,SAAS,EACT,sBAAsB,GAEvB,MAAM,iBAAiB,CAAC;AAOzB,MAAM,eAAe,GAAG,uBAAuB,CAAC;AAChD,MAAM,yBAAyB,GAAG,GAAG,CAAC,CAAC,YAAY;AACnD,MAAM,WAAW,GAAG,CAAC,CAAC;AACtB,MAAM,kBAAkB,GAAG,IAAI,CAAC;AAEhC;;;;;;;;;;;;GAYG;AACH,MAAM,OAAO,UAAU;IACJ,YAAY,CAAS;IACrB,MAAM,CAAS;IACf,WAAW,CAAU;IACrB,oBAAoB,CAAS;IAEtC,WAAW,GAA8B,IAAI,CAAC;IAC9C,cAAc,GAAmB,IAAI,CAAC;IAE9C,YAAY,MAAwB;QAClC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;QAED,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;QACxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,eAAe,CAAC;QAC/C,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC;QAC9C,IAAI,CAAC,oBAAoB;YACvB,MAAM,CAAC,oBAAoB,IAAI,yBAAyB,CAAC;IAC7D,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU,CACd,OAA+B;QAO/B,iDAAiD;QACjD,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC5C,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;YACjE,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC;YAElD,IAAI,SAAS,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC1C,OAAO;oBACL,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,cAAc,EAAE,IAAI,CAAC,cAAc;oBACnC,SAAS,EAAE,IAAI,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC;oBACpD,cAAc,EAAE,IAAI,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC;iBAC/D,CAAC;YACJ,CAAC;QACH,CAAC;QAED,sBAAsB;QACtB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACjD,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QACzB,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,aAAa,CACzC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAC9C,CAAC;QAEF,OAAO;YACL,WAAW,EAAE,KAAK;YAClB,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,SAAS,EAAE,IAAI,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC;YACzC,cAAc,EAAE,IAAI,SAAS,CAAC,KAAK,CAAC,cAAc,CAAC;SACpD,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,eAAe,CACb,OAA+B,EAC/B,iBAAyB,EAAE;QAE3B,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAC5D,MAAM,QAAQ,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAChE,MAAM,UAAU,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAC9D,MAAM,aAAa,GAAG,IAAI,SAAS,CACjC,8CAA8C,CAC/C,CAAC;QAEF,kDAAkD;QAClD,MAAM,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACnD,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ;YAC7D,UAAU,EAAE,GAAG,CAAC,UAAU;SAC3B,CAAC,CAAC,CAAC;QAEJ,8DAA8D;QAC9D,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAClC,SAAS,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAC;QAE3C,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,iCAAiC;YACnD,SAAS;YACT,OAAO,CAAC,IAAI;SACb,CAAC,CAAC;QAEH,OAAO,IAAI,sBAAsB,CAAC;YAChC,SAAS,EAAE,aAAa;YACxB,IAAI,EAAE;gBACJ;oBACE,MAAM,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;oBACrC,QAAQ,EAAE,IAAI;oBACd,UAAU,EAAE,KAAK;iBAClB;gBACD,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE;gBACxD,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE;gBACvD,EAAE,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE;gBACzD,EAAE,MAAM,EAAE,OAAO,CAAC,SAAS,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE;gBACjE,GAAG,iBAAiB;aACrB;YACD,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CACb,SAAwC,QAAQ,EAChD,QAAkC;QAElC,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,OAAO;QAE9B,MAAM,IAAI,CAAC,mBAAmB,CAAC,8BAA8B,EAAE;YAC7D,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,UAAU;gBACvC,MAAM;gBACN,QAAQ;aACT,CAAC;SACH,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,iBAAiB;QACf,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACjE,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,YAAY;QACV,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACjE,CAAC;QACD,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,OAAO,KAAK,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;QACjE,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAChC,CAAC;IAED,8DAA8D;IAC9D,UAAU;IACV,8DAA8D;IAEtD,KAAK,CAAC,cAAc,CAC1B,OAA+B;QAE/B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,4BAA4B,EAAE;YAC5E,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,YAAY,EAAE,OAAO,EAAE,YAAY;gBACnC,YAAY,EAAE,OAAO,EAAE,YAAY;gBACnC,WAAW,EAAE,OAAO,EAAE,WAAW;aAClC,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CACb,0EAA0E,CAC3E,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;YACxE,MAAM,IAAI,KAAK,CACb,2BAA2B,KAAK,CAAC,KAAK,IAAI,QAAQ,CAAC,UAAU,EAAE,CAChE,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,mBAAmB,CAC/B,IAAY,EACZ,OAAoB,EAAE,EACtB,OAAO,GAAG,WAAW;QAErB,IAAI,SAA4B,CAAC;QAEjC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC;YACpD,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBAEnD,sDAAsD;gBACtD,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;oBACpD,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,4BAA4B;gBAC5B,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;oBAChD,MAAM,KAAK,GAAG,kBAAkB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;oBACxD,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBACxB,SAAS;gBACX,CAAC;gBAED,OAAO,QAAQ,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,SAAS,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEtE,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;oBACtB,MAAM,KAAK,GAAG,kBAAkB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;oBACxD,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBAC1B,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,SAAS,IAAI,IAAI,KAAK,CAAC,cAAc,IAAI,iBAAiB,OAAO,GAAG,CAAC,WAAW,CAAC,CAAC;IAC1F,CAAC;IAEO,KAAK,CAAC,UAAU,CACtB,IAAY,EACZ,OAAoB,EAAE;QAEtB,OAAO,KAAK,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,EAAE,EAAE;YACpC,GAAG,IAAI;YACP,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,IAAI,CAAC,YAAY,EAAE;gBAC5C,GAAG,CAAE,IAAI,CAAC,OAAkC,IAAI,EAAE,CAAC;aACpD;SACF,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,EAAU;QACtB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF"}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export { SigilAgent } from "./agent.js";
+export type { SigilAgentConfig, SessionCredentials, SessionRequestOptions, } from "./types.js";

package/dist/index.js

@@ -0,0 +1,2 @@
+export { SigilAgent } from "./agent.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,27 @@
+export interface SigilAgentConfig {
+    /** The pairing token obtained from the Sigil app (format: sgil_xxx) */
+    pairingToken: string;
+    /** Sigil backend URL (default: http://localhost:3003) */
+    apiUrl?: string;
+    /** Auto-refresh session before expiry (default: true) */
+    autoRefresh?: boolean;
+    /** Minimum remaining session time before refresh, in seconds (default: 300 = 5min) */
+    refreshThresholdSecs?: number;
+}
+export interface SessionCredentials {
+    sessionPubkey: string;
+    sessionSecretKey: string;
+    sessionPda: string;
+    walletPda: string;
+    agentConfigPda: string;
+    agentPubkey: string;
+    expiresAt: string;
+    maxAmountLamports: string;
+    maxPerTxLamports: string;
+    txSignature: string;
+}
+export interface SessionRequestOptions {
+    durationSecs?: number;
+    maxAmountSol?: number;
+    maxPerTxSol?: number;
+}

package/dist/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "seal-wallet-agent-sdk",
+  "version": "0.1.0",
+  "description": "Lightweight SDK for AI agents to authenticate with Seal smart wallets on Solana via Sigil pairing tokens",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": ["dist", "README.md"],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "prepublishOnly": "npm run build"
+  },
+  "dependencies": {
+    "@solana/web3.js": "^1.98.0"
+  },
+  "peerDependencies": {
+    "@solana/web3.js": "^1.90.0"
+  },
+  "peerDependenciesMeta": {
+    "@solana/web3.js": {
+      "optional": false
+    }
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.7.0"
+  },
+  "keywords": ["solana", "seal", "agent", "wallet", "sigil", "dlmm", "meteora", "smart-wallet", "session-key", "autonomous"],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/seal-wallet/agent-sdk"
+  },
+  "homepage": "https://github.com/seal-wallet/agent-sdk#readme",
+  "bugs": {
+    "url": "https://github.com/seal-wallet/agent-sdk/issues"
+  },
+  "engines": {
+    "node": ">=18"
+  }
+}