sealed-precision-oracle 1.0.0

package/src/oracle.ts

@@ -0,0 +1,308 @@
+import { ethers } from "ethers";
+import { uploadReceipt } from "./uploadReceipt";
+import { fetchMarketData, formatMarketDataForPrompt, type MarketData } from "./fetchMarketData";
+import { teeInference, discoverProviders, type TeeInferenceResult } from "./teeInference";
+import "dotenv/config";
+
+// ─── Configuration ──────────────────────────────────────────────────────────
+
+const OG_RPC_URL = process.env.OG_RPC_URL || "https://evmrpc.0g.ai";
+
+// Contract ABI (only the functions we need)
+const ORACLE_ABI = [
+  "function recordResolution(uint256 tokenId, bytes32 storageRoot, string calldata signedText, bytes calldata teeSignature, address teeSigner) external",
+  "function resolutionCount(uint256 tokenId) external view returns (uint256)",
+];
+
+// ─── Oracle Prompt ──────────────────────────────────────────────────────────
+
+function buildSystemPrompt(marketData: MarketData, dataHash: string): string {
+  const dataBlock = formatMarketDataForPrompt(marketData);
+  return `You are the Sealed Precision Oracle, a tamper-proof AI judge for precision prediction markets.
+
+REAL-TIME DATA PROVIDED (verified from live sources):
+${dataBlock}
+Data integrity hash: ${dataHash}
+
+Your role:
+1. Use the REAL DATA above (do NOT hallucinate values).
+2. Evaluate the market question against this data.
+3. Provide a clear YES or NO resolution.
+4. State your confidence level (0-100%).
+5. Explain your reasoning step by step, referencing the actual data.
+
+Respond in this exact JSON format:
+{
+  "market_question": "<the question>",
+  "resolution": "YES" or "NO",
+  "confidence": <0-100>,
+  "reasoning": "<step-by-step reasoning citing the real data>",
+  "data_integrity_hash": "${dataHash}",
+  "data_used": ${JSON.stringify(marketData.dataPoints)},
+  "timestamp": "<current UTC timestamp>"
+}`;
+}
+
+// ─── Main ───────────────────────────────────────────────────────────────────
+
+async function main() {
+  const marketQuestion =
+    process.argv[2] ||
+    "Will the average Ethereum mainnet gas price exceed 50 gwei right now?";
+  const contractAddress = process.env.ORACLE_CONTRACT_ADDRESS;
+  const tokenId = parseInt(process.env.ORACLE_TOKEN_ID || "1", 10);
+
+  console.log("=== Sealed Precision Oracle v3.0 ===\n");
+
+  const PRIVATE_KEY = process.env.PRIVATE_KEY;
+  const REMOTE_API_URL = process.env.REMOTE_API_URL || "http://localhost:3001";
+
+  if (!PRIVATE_KEY) {
+    console.log("No PRIVATE_KEY found in .env. Attempting to use Managed API Bridge...");
+    try {
+      const response = await fetch(`${REMOTE_API_URL}/api/resolve`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ marketQuestion }),
+      });
+      
+      const result: any = await response.json();
+      if (!result.success) throw new Error(result.error);
+
+      console.log(`AI Resolution:\n \`\`\`json\n${JSON.stringify({
+        market_question: marketQuestion,
+        resolution: result.resolution,
+        confidence: result.confidence,
+        reasoning: result.reasoning,
+        data_used: result.data_used.dataPoints,
+        timestamp: new Date().toISOString()
+      }, null, 2)}\n\`\`\``);
+
+      console.log("\n" + "=".repeat(56));
+      console.log("  SEALED PRECISION ORACLE — RESOLUTION COMPLETE (via API)");
+      console.log("=".repeat(56) + "\n");
+      console.log("Market Question:", marketQuestion);
+      console.log("TEE Attestation: VERIFIED (via Remote TEE Signer)");
+      console.log("  Signer:       ", result.proofs.teeSigner);
+      console.log("\n0G Storage Root:", result.proofs.storageRoot);
+      if (result.proofs.onChainTx !== "0x") {
+        console.log("0G Chain TX:    ", result.proofs.onChainTx);
+        console.log("Explorer:        https://chainscan.0g.ai/tx/" + result.proofs.onChainTx);
+      }
+      return;
+    } catch (err: any) {
+      console.error("Managed API fallback failed:", err.message);
+      console.log("Please set PRIVATE_KEY in .env to run locally.");
+      process.exit(1);
+    }
+  }
+
+  console.log("Contract Address:", contractAddress);
+  console.log("Market Question:", marketQuestion);
+
+  // ── Step 1: Fetch real market data ───────────────────────────────────
+  console.log("\n[1/5] Fetching real-time market data...\n");
+
+  const marketData = await fetchMarketData(marketQuestion);
+  console.log("  Type:", marketData.marketType);
+  for (const [k, v] of Object.entries(marketData.dataPoints)) {
+    if (v !== null) console.log(`  ${k}: ${v}`);
+  }
+  console.log("  Source:", marketData.source);
+
+  // Compute data integrity hash from data points only (excludes timestamp for stability)
+  const stableData = JSON.stringify(marketData.dataPoints);
+  const dataHash = ethers.keccak256(ethers.toUtf8Bytes(stableData));
+  console.log("  Data hash:", dataHash);
+
+  // ── Step 2: Run TEE-attested inference ──────────────────────────────
+  console.log("\n[2/5] Running TEE-attested inference (direct provider)...\n");
+
+  const systemPrompt = buildSystemPrompt(marketData, dataHash);
+  const userPrompt = `Resolve this market: ${marketQuestion}`;
+
+  let inferenceResult: TeeInferenceResult;
+  try {
+    inferenceResult = await teeInference(systemPrompt, userPrompt);
+  } catch (err: any) {
+    console.warn("\n  ╔══════════════════════════════════════════════════════════╗");
+    console.warn("  ║  WARNING: FALLING BACK TO ROUTER API                    ║");
+    console.warn("  ║  No per-inference TEE attestation will be available.     ║");
+    console.warn("  ║  The AI response will NOT be cryptographically signed.   ║");
+    console.warn("  ╚══════════════════════════════════════════════════════════╝\n");
+    console.warn("[TEE] Reason:", err.message);
+
+    // Fallback to Router if no direct providers available
+    const { OpenAI } = await import("openai");
+    const client = new OpenAI({
+      baseURL: "https://router-api.0g.ai/v1",
+      apiKey: process.env.ZG_API_KEY || "not-needed-for-testnet",
+    });
+    const completion = await client.chat.completions.create({
+      model: "Qwen/Qwen2.5-7B-Instruct",
+      messages: [
+        { role: "system", content: systemPrompt },
+        { role: "user", content: userPrompt },
+      ],
+      temperature: 0.1,
+      max_tokens: 1024,
+    });
+
+    inferenceResult = {
+      content: completion.choices[0]?.message?.content || "",
+      chatId: completion.id || "unknown",
+      model: "Qwen/Qwen2.5-7B-Instruct",
+      providerAddress: "router-api (no direct provider)",
+      providerUrl: "https://router-api.0g.ai/v1",
+      attestation: null,
+      attestationNote:
+        "FALLBACK: Used Router API. No per-inference TEE attestation available. " +
+        "Direct provider access failed: " + err.message,
+    };
+  }
+
+  if (!inferenceResult.content) throw new Error("No response from inference");
+  console.log("\nAI Resolution:\n", inferenceResult.content);
+
+  // ── Step 3: Build receipt with cryptographic binding ────────────────
+  console.log("\n[3/5] Building tamper-evident receipt...\n");
+
+  // Hash the AI response for integrity binding
+  const responseHash = ethers.keccak256(
+    ethers.toUtf8Bytes(inferenceResult.content)
+  );
+
+  const receipt = {
+    oracle: "Sealed Precision Oracle v3.0",
+    model: inferenceResult.model,
+    provider: {
+      address: inferenceResult.providerAddress,
+      url: inferenceResult.providerUrl,
+    },
+    tee_attestation: inferenceResult.attestation
+      ? {
+          verified: inferenceResult.attestation.verified,
+          signed_text: inferenceResult.attestation.signedText,
+          signature: inferenceResult.attestation.signature,
+          tee_signer: inferenceResult.attestation.teeSigner,
+          recovered_address: inferenceResult.attestation.recoveredAddress,
+          chat_id: inferenceResult.chatId,
+          note: inferenceResult.attestationNote,
+        }
+      : {
+          verified: false,
+          note: inferenceResult.attestationNote,
+        },
+    integrity: {
+      data_hash: dataHash,
+      response_hash: responseHash,
+      note:
+        "data_hash = keccak256(market_data_json). response_hash = keccak256(ai_response). " +
+        "data_hash is embedded in the AI prompt so the TEE-signed response implicitly commits to the data.",
+    },
+    market_data: {
+      type: marketData.marketType,
+      data_points: marketData.dataPoints,
+      source: marketData.source,
+      fetched_at: marketData.fetchedAt,
+    },
+    market_question: marketQuestion,
+    ai_response: inferenceResult.content,
+    created_at: new Date().toISOString(),
+  };
+
+  // ── Step 4: Upload to 0G Storage ───────────────────────────────────
+  console.log("[4/5] Uploading receipt to 0G Storage...\n");
+
+  const receiptJSON = JSON.stringify(receipt, null, 2);
+  const { rootHash, txHash } = await uploadReceipt(receiptJSON);
+
+  // ── Step 5: Record on-chain with TEE signature ─────────────────────
+  let chainTxHash: string | null = null;
+
+  if (contractAddress) {
+    console.log("\n[5/5] Recording resolution on-chain...\n");
+
+    const privateKey = process.env.PRIVATE_KEY;
+    if (!privateKey) throw new Error("PRIVATE_KEY required for on-chain recording");
+
+    const provider = new ethers.JsonRpcProvider(OG_RPC_URL);
+    const signer = new ethers.Wallet(privateKey, provider);
+    const contract = new ethers.Contract(contractAddress, ORACLE_ABI, signer);
+
+    // rootHash is 0x-prefixed hex — convert to bytes32
+    const rootHashBytes32 = ethers.zeroPadValue(rootHash, 32);
+
+    // Pass TEE signature and signer for on-chain verification
+    const signedText = inferenceResult.attestation?.signedText || "";
+    const teeSignature = inferenceResult.attestation?.signature
+      ? inferenceResult.attestation.signature
+      : "0x";
+    const teeSigner = inferenceResult.attestation?.teeSigner
+      ? inferenceResult.attestation.teeSigner
+      : ethers.ZeroAddress;
+
+    const tx = await contract.recordResolution(
+      tokenId,
+      rootHashBytes32,
+      signedText,
+      teeSignature,
+      teeSigner
+    );
+    const receiptTx = await tx.wait();
+    chainTxHash = receiptTx?.hash || tx.hash;
+
+    const count = await contract.resolutionCount(tokenId);
+    const chainId = (await provider.getNetwork()).chainId;
+    const explorerBase = chainId === 16661n 
+      ? "https://chainscan.0g.ai/tx/" 
+      : "https://chainscan-galileo.0g.ai/tx/";
+
+    console.log("  On-chain TX:", chainTxHash);
+    console.log("  Total resolutions for token", tokenId + ":", count.toString());
+  } else {
+    console.log("\n[5/5] Skipped on-chain recording (ORACLE_CONTRACT_ADDRESS not set)");
+    console.log("  Set ORACLE_CONTRACT_ADDRESS in .env after deploying the contract.");
+  }
+
+  // ── Final Summary ────────────────────────────────────────────────────
+  console.log("\n" + "=".repeat(56));
+  console.log("  SEALED PRECISION ORACLE — RESOLUTION COMPLETE");
+  console.log("=".repeat(56) + "\n");
+  console.log("Market Question:", marketQuestion);
+  const dataPreview = Object.entries(marketData.dataPoints)
+    .filter(([_, v]) => v !== null)
+    .map(([k, v]) => `${k}=${v}`)
+    .join(", ");
+  console.log("Real Data:      ", dataPreview);
+  console.log("Data Hash:      ", dataHash.slice(0, 18) + "...");
+  console.log("Response Hash:  ", responseHash.slice(0, 18) + "...");
+
+  if (inferenceResult.attestation?.verified) {
+    console.log("TEE Attestation: VERIFIED (per-inference signature)");
+    console.log("  Signer:       ", inferenceResult.attestation.teeSigner);
+  } else {
+    console.log("TEE Attestation:", inferenceResult.attestationNote.slice(0, 80));
+  }
+
+  console.log("\n0G Storage Root:", rootHash);
+  console.log("0G Storage TX:  ", txHash);
+  if (chainTxHash) {
+    const chainId = (await new ethers.JsonRpcProvider(OG_RPC_URL).getNetwork()).chainId;
+    const explorerBase = chainId === 16661n ? "https://chainscan.0g.ai/tx/" : "https://chainscan-galileo.0g.ai/tx/";
+    console.log("0G Chain TX:    ", chainTxHash);
+    console.log("Explorer:        " + explorerBase + chainTxHash);
+  }
+  console.log(
+    "\nVerification: Download the receipt from 0G Storage using the root hash."
+  );
+  console.log(
+    "The receipt contains the TEE signature — verify it against the on-chain TEE signer."
+  );
+  console.log();
+}
+
+main().catch((err) => {
+  console.error("Oracle execution failed:", err);
+  process.exit(1);
+});

package/src/teeInference.ts

@@ -0,0 +1,272 @@
+/**
+ * Direct TEE-attested inference via the 0G Compute SDK.
+ *
+ * Bypasses the Router API entirely. Instead:
+ *  1. Discovers providers on-chain from the InferenceServing contract
+ *  2. Calls inference directly to the provider's broker URL
+ *  3. Fetches the per-inference TEE signature from the provider
+ *  4. Verifies the signature against the on-chain TEE signer address
+ *
+ * This provides REAL per-inference attestation, not just metadata.
+ */
+
+import { ethers } from "ethers";
+import {
+  createZGComputeNetworkBroker,
+  createZGComputeNetworkReadOnlyBroker,
+} from "@0gfoundation/0g-compute-ts-sdk";
+import { OpenAI } from "openai";
+import "dotenv/config";
+
+const OG_RPC_URL = process.env.OG_RPC_URL || "https://evmrpc.0g.ai";
+
+export interface TeeAttestation {
+  signedText: string;
+  signature: string;
+  teeSigner: string;
+  recoveredAddress: string;
+  verified: boolean;
+}
+
+export interface TeeInferenceResult {
+  content: string;
+  chatId: string;
+  model: string;
+  providerAddress: string;
+  providerUrl: string;
+  attestation: TeeAttestation | null;
+  attestationNote: string;
+}
+
+export interface ProviderInfo {
+  provider: string;
+  url: string;
+  model: string;
+  verifiability: string;
+  teeSignerAddress: string;
+}
+
+/**
+ * Discover TEE-attested providers for a given model from the on-chain registry.
+ */
+export async function discoverProviders(
+  modelQuery?: string
+): Promise<ProviderInfo[]> {
+  const broker = await createZGComputeNetworkReadOnlyBroker(OG_RPC_URL);
+  const services = await broker.inference.listService();
+
+  return services
+    .filter((s: any) => {
+      const isTee =
+        s.verifiability === "TeeML" || s.verifiability === "TeeTLS";
+      const modelMatch = modelQuery
+        ? s.model?.toLowerCase().includes(modelQuery.toLowerCase())
+        : true;
+      return isTee && modelMatch;
+    })
+    .map((s: any) => ({
+      provider: s.provider,
+      url: s.url,
+      model: s.model,
+      verifiability: s.verifiability,
+      teeSignerAddress: s.teeSignerAddress,
+    }));
+}
+
+/**
+ * Run inference directly on a TEE-attested provider and verify the response signature.
+ */
+export async function teeInference(
+  systemPrompt: string,
+  userPrompt: string,
+  modelQuery?: string
+): Promise<TeeInferenceResult> {
+  const privateKey = process.env.PRIVATE_KEY;
+  if (!privateKey) throw new Error("PRIVATE_KEY not set in .env");
+
+  const provider = new ethers.JsonRpcProvider(OG_RPC_URL);
+  const wallet = new ethers.Wallet(privateKey, provider);
+
+  // 1. Create broker with wallet (needed for auth headers + fees)
+  console.log("[TEE] Creating compute broker...");
+  const broker = await createZGComputeNetworkBroker(wallet);
+
+  // 2. Discover providers on-chain
+  console.log("[TEE] Discovering providers from on-chain registry...");
+  const services = await broker.inference.listService();
+  const service = services.find((s: any) => {
+    const isTee =
+      s.verifiability === "TeeML" || s.verifiability === "TeeTLS";
+    const modelMatch = modelQuery
+      ? s.model?.toLowerCase().includes(modelQuery.toLowerCase())
+      : true;
+    return isTee && modelMatch;
+  });
+
+  if (!service) {
+    // Fallback: list what's available
+    const available = services.map((s: any) => `${s.model} (${s.verifiability})`);
+    throw new Error(
+      `No TEE provider found for model query "${modelQuery}". ` +
+      `Available: ${available.join(", ") || "none"}`
+    );
+  }
+
+  const providerAddress = service.provider;
+  const providerUrl = service.url;
+  const model = service.model;
+  const teeSigner = service.teeSignerAddress;
+
+  console.log(`[TEE] Found provider: ${providerAddress}`);
+  console.log(`[TEE] Model: ${model}`);
+  console.log(`[TEE] URL: ${providerUrl}`);
+  console.log(`[TEE] TEE signer: ${teeSigner}`);
+  console.log(`[TEE] Verifiability: ${service.verifiability}`);
+
+  // 3. Setup: deposit funds and acknowledge provider
+  try {
+    await broker.ledger.depositFund(0.001); // Small deposit for testnet
+    console.log("[TEE] Deposited funds to ledger");
+  } catch (err: any) {
+    // May fail if already deposited — that's OK
+    console.log("[TEE] Deposit skipped (may already have funds):", err.message?.slice(0, 80));
+  }
+
+  try {
+    await broker.inference.acknowledgeProviderSigner(providerAddress);
+    console.log("[TEE] Acknowledged provider TEE signer");
+  } catch (err: any) {
+    console.log("[TEE] Acknowledge skipped (may already be done):", err.message?.slice(0, 80));
+  }
+
+  // 4. Get endpoint and auth headers
+  const metadata = await broker.inference.getServiceMetadata(providerAddress);
+  const headers = await broker.inference.getRequestHeaders(providerAddress);
+
+  console.log("[TEE] Calling inference directly on provider...");
+
+  // 5. Direct inference call to provider (no Router)
+  const openai = new OpenAI({ baseURL: metadata.endpoint, apiKey: "not-needed" });
+  const { data: completion, response: httpResponse } =
+    await openai.chat.completions
+      .create(
+        {
+          model: metadata.model,
+          messages: [
+            { role: "system", content: systemPrompt },
+            { role: "user", content: userPrompt },
+          ],
+          temperature: 0.1,
+          max_tokens: 1024,
+        },
+        { headers: { ...headers } }
+      )
+      .withResponse();
+
+  const content = completion.choices[0]?.message?.content;
+  if (!content) throw new Error("No response from provider");
+
+  // Get chat ID from response header (for signature lookup)
+  const chatId =
+    httpResponse.headers.get("ZG-Res-Key") || completion.id || "unknown";
+
+  console.log("[TEE] Got response, chat ID:", chatId);
+
+  // 6. Process response (fees + signature verification via SDK)
+  let sdkVerified: boolean | null = null;
+  try {
+    sdkVerified = await broker.inference.processResponse(
+      providerAddress,
+      chatId,
+      JSON.stringify(completion.usage || {})
+    );
+    console.log("[TEE] SDK processResponse result:", sdkVerified);
+  } catch (err: any) {
+    console.log("[TEE] SDK processResponse failed:", err.message?.slice(0, 100));
+  }
+
+  // 7. Manual signature verification for full transparency
+  let attestation: TeeAttestation | null = null;
+  let attestationNote = "";
+
+  try {
+    const sigUrl = `${providerUrl}/v1/proxy/signature/${chatId}?model=${model}`;
+    console.log("[TEE] Fetching per-inference signature...");
+    const sigRes = await fetch(sigUrl, { signal: AbortSignal.timeout(10_000) });
+
+    if (sigRes.ok) {
+      const { text: signedText, signature } = (await sigRes.json()) as {
+        text: string;
+        signature: string;
+      };
+
+      // Determine the expected signing address
+      let expectedSigner = teeSigner;
+      try {
+        const additionalInfo = JSON.parse(
+          (service as any).additionalInfo || "{}"
+        );
+        if (
+          additionalInfo.TargetSeparated &&
+          additionalInfo.ProviderType !== "centralized" &&
+          additionalInfo.TargetTeeAddress
+        ) {
+          expectedSigner = additionalInfo.TargetTeeAddress;
+        }
+      } catch {}
+
+      // Verify ECDSA signature
+      const messageHash = ethers.hashMessage(signedText);
+      const recoveredAddress = ethers.recoverAddress(messageHash, signature);
+      const verified =
+        recoveredAddress.toLowerCase() === expectedSigner.toLowerCase();
+
+      attestation = {
+        signedText,
+        signature,
+        teeSigner: expectedSigner,
+        recoveredAddress,
+        verified,
+      };
+
+      attestationNote = verified
+        ? `PER-INFERENCE TEE attestation VERIFIED. ` +
+          `Response signed by ${recoveredAddress}, matches on-chain TEE signer ${expectedSigner}.`
+        : `PER-INFERENCE TEE signature recovered ${recoveredAddress} but expected ${expectedSigner}. MISMATCH.`;
+
+      console.log("[TEE]", attestationNote);
+    } else {
+      attestationNote = `Signature endpoint returned ${sigRes.status}. Per-inference attestation unavailable.`;
+      console.log("[TEE]", attestationNote);
+    }
+  } catch (err: any) {
+    attestationNote = `Signature fetch failed: ${err.message}. Per-inference attestation unavailable.`;
+    console.log("[TEE]", attestationNote);
+  }
+
+  return {
+    content,
+    chatId,
+    model,
+    providerAddress,
+    providerUrl,
+    attestation,
+    attestationNote,
+  };
+}
+
+// Allow direct execution for testing
+if (require.main === module) {
+  (async () => {
+    console.log("=== TEE Provider Discovery ===\n");
+    try {
+      const providers = await discoverProviders();
+      console.log(`Found ${providers.length} TEE providers:\n`);
+      for (const p of providers) {
+        console.log(`  ${p.model} | ${p.verifiability} | ${p.provider.slice(0, 10)}...`);
+      }
+    } catch (err) {
+      console.error("Discovery failed:", err);
+    }
+  })();
+}

package/src/uploadReceipt.ts

@@ -0,0 +1,92 @@
+import { ZgFile, Indexer } from "@0gfoundation/0g-ts-sdk";
+import { ethers } from "ethers";
+import * as fs from "fs";
+import * as path from "path";
+import * as os from "os";
+import "dotenv/config";
+
+const OG_RPC_URL = process.env.OG_RPC_URL || "https://evmrpc.0g.ai";
+const OG_INDEXER_RPC =
+  process.env.OG_INDEXER_RPC ||
+  "https://indexer-storage-mainnet-turbo.0g.ai";
+
+export interface UploadResult {
+  rootHash: string;
+  txHash: string;
+}
+
+/**
+ * Upload an AI resolution receipt to 0G Storage.
+ *
+ * Writes the content to a temp file, computes its Merkle tree root,
+ * uploads via the 0G Indexer, and returns the root hash + tx hash.
+ */
+export async function uploadReceipt(content: string): Promise<UploadResult> {
+  const privateKey = process.env.PRIVATE_KEY;
+  if (!privateKey) throw new Error("PRIVATE_KEY not set in .env");
+
+  // Write content to a temp file (ZgFile works with file paths)
+  const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "oracle-"));
+  const tmpFile = path.join(tmpDir, "resolution.json");
+  fs.writeFileSync(tmpFile, content, { encoding: "utf-8", mode: 0o600 });
+
+  try {
+    // Create ZgFile and compute Merkle tree
+    const file = await ZgFile.fromFilePath(tmpFile);
+    const [tree, treeErr] = await file.merkleTree();
+    if (treeErr !== null || tree === null) {
+      throw new Error(`Merkle tree error: ${treeErr}`);
+    }
+
+    const rootHash = tree.rootHash() as string;
+    if (!rootHash) throw new Error("Failed to compute Merkle root hash");
+    console.log("[0G Storage] Merkle root hash:", rootHash);
+
+    // Connect signer
+    const provider = new ethers.JsonRpcProvider(OG_RPC_URL);
+    const signer = new ethers.Wallet(privateKey, provider);
+
+    // Upload via Indexer
+    const indexer = new Indexer(OG_INDEXER_RPC);
+    console.log("[0G Storage] Uploading receipt...");
+
+    const [tx, uploadErr] = await indexer.upload(file, OG_RPC_URL, signer);
+    await file.close();
+
+    if (uploadErr !== null) {
+      throw new Error(`Upload error: ${uploadErr}`);
+    }
+
+    const txHash =
+      tx && "txHash" in tx ? (tx as any).txHash : "unknown";
+
+    console.log("[0G Storage] Upload complete!");
+    console.log("[0G Storage] TX hash:", txHash);
+
+    return { rootHash, txHash };
+  } finally {
+    // Clean up temp files
+    fs.rmSync(tmpDir, { recursive: true, force: true });
+  }
+}
+
+// Allow running directly: ts-node src/uploadReceipt.ts "your content here"
+if (require.main === module) {
+  const content = process.argv[2] || JSON.stringify({
+    market: "ETH Gas > 50 gwei",
+    resolution: "NO",
+    reasoning: "Sample test resolution",
+    timestamp: new Date().toISOString(),
+  });
+
+  uploadReceipt(content)
+    .then((result) => {
+      console.log("\n--- Upload Result ---");
+      console.log("Root Hash:", result.rootHash);
+      console.log("TX Hash:", result.txHash);
+    })
+    .catch((err) => {
+      console.error("Upload failed:", err);
+      process.exit(1);
+    });
+}