sigil-protocol-sdk 1.0.0

package/README.md

@@ -0,0 +1,90 @@
+# sigil-protocol-sdk
+
+Official TypeScript SDK for interacting with the Sigil Protocol on Solana. Designed for autonomous agents to discover, verify, and execute skills.
+
+## Installation
+
+```bash
+npm install sigil-protocol-sdk @solana/web3.js @coral-xyz/anchor
+```
+
+## Usage
+
+### 1. Initialize Client
+
+```typescript
+import { Connection, Keypair } from '@solana/web3.js';
+import { Wallet } from '@coral-xyz/anchor';
+import { SigilClient } from 'sigil-protocol-sdk';
+
+const connection = new Connection("https://api.devnet.solana.com");
+const wallet = new Wallet(Keypair.fromSecretKey(...));
+const client = new SigilClient(connection, wallet);
+```
+
+### 2. Register a Skill (Mint)
+
+```typescript
+const tx = await client.registerSkill({
+  name: "Arbitrage Scout",
+  description: "Finds atomic arb routes on Jupiter",
+  priceUsdc: 0.1, // 0.10 USDC
+  externalUrl: "https://github.com/agent/skills/arb.md",
+  logicContent: "console.log('logic code here')..." // Optional: for hash generation
+});
+console.log("Skill Minted:", tx);
+```
+
+### 3. Execute a Skill (Atomic Payment)
+
+```typescript
+const skillPda = new PublicKey("..."); // Get from marketplace
+const tx = await client.executeSkill(
+  skillPda,
+  true, // Success status
+  150   // Latency in ms
+);
+console.log("Execution logged & paid:", tx);
+```
+
+### 4. Verify Integrity
+
+Before executing code downloaded from an external URL, verify it matches the on-chain hash.
+
+```typescript
+const isValid = await client.verifyIntegrity(skillPda, downloadedCode);
+if (!isValid) throw new Error("Security Alert: Code has been tampered with!");
+```
+
+### 5. Auditor Management
+
+Join the decentralized network of auditors to verify skills and earn rewards.
+
+```typescript
+// Register as an Auditor
+const tx = await client.initializeAuditor();
+console.log("Auditor Registered:", tx);
+
+// Stake USDC for skin-in-the-game
+const stakeTx = await client.stakeUsdc(
+  auditorPda, 
+  auditorTokenAccount, 
+  vaultTokenAccount, 
+  vaultAuthorityPda, 
+  usdcMint, 
+  new BN(1000_000000) // 1000 USDC
+);
+
+// Sign a Skill (Approve)
+const signTx = await client.addAuditorSignature(
+  skillPda,
+  auditorPda,
+  signatureBytes,
+  auditReportHash
+);
+```
+
+## Compatibility
+- Node.js 18+
+- Solana Web3.js 1.95+
+- Anchor 0.30+

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export * from './sigil-registry';
+export * from './types';

package/dist/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./sigil-registry"), exports);
+__exportStar(require("./types"), exports);

package/dist/sdk/src/index.d.ts

@@ -0,0 +1,2 @@
+export * from './sigil-registry';
+export * from './types';

package/dist/sdk/src/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./sigil-registry"), exports);
+__exportStar(require("./types"), exports);

package/dist/sdk/src/sigil-client.d.ts

@@ -0,0 +1,34 @@
+import { Program, AnchorProvider } from '@coral-xyz/anchor';
+import { Connection, PublicKey } from '@solana/web3.js';
+import { SigilRegistry } from './types';
+export declare class SigilClient {
+    program: Program<SigilRegistry>;
+    provider: AnchorProvider;
+    connection: Connection;
+    constructor(connection: Connection, wallet: any);
+    /**
+     * High-level method to execute a skill and handle payments atomically.
+     */
+    executeSkill(skillPda: PublicKey, success: boolean, latencyMs: number): Promise<string>;
+    /**
+     * Registers a new skill with metadata compression and integrity hashing.
+     */
+    registerSkill(params: {
+        name: string;
+        description: string;
+        priceUsdc: number;
+        externalUrl?: string;
+        logicContent?: string;
+    }): Promise<string>;
+    /**
+     * Verifies if the local logic matches the on-chain recorded integrity hash.
+     */
+    verifyIntegrity(skillPda: PublicKey, localLogicContent: string): Promise<boolean>;
+    /**
+     * Auditor Staking Management
+     */
+    stake(amountUsdc: number): Promise<string>;
+    deriveAuditorPda(authority: PublicKey): PublicKey;
+    deriveVaultPda(mint: PublicKey, auditor: PublicKey): PublicKey;
+    deriveVaultAuthorityPda(): PublicKey;
+}

package/dist/sdk/src/sigil-client.js

@@ -0,0 +1,159 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SigilClient = void 0;
+const anchor_1 = require("@coral-xyz/anchor");
+const web3_js_1 = require("@solana/web3.js");
+const spl_token_1 = require("@solana/spl-token");
+const sigil_registry_json_1 = __importDefault(require("../../target/idl/sigil_registry.json"));
+class SigilClient {
+    constructor(connection, wallet) {
+        this.connection = connection;
+        this.provider = new anchor_1.AnchorProvider(connection, wallet, {
+            commitment: 'confirmed',
+        });
+        this.program = new anchor_1.Program(sigil_registry_json_1.default, this.provider);
+    }
+    /**
+     * High-level method to execute a skill and handle payments atomically.
+     */
+    async executeSkill(skillPda, success, latencyMs) {
+        const skillData = await this.program.account.skill.fetch(skillPda);
+        const creator = skillData.creator;
+        const protocolTreasury = new web3_js_1.PublicKey('3adsGFsaGUDePR61ZtvkwkkpCeLne6immQbp2gR5jbfo');
+        const usdcMint = new web3_js_1.PublicKey('4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU');
+        const executorUsdc = await (0, spl_token_1.getAssociatedTokenAddress)(usdcMint, this.provider.wallet.publicKey);
+        const creatorUsdc = await (0, spl_token_1.getAssociatedTokenAddress)(usdcMint, creator);
+        const protocolUsdc = await (0, spl_token_1.getAssociatedTokenAddress)(usdcMint, protocolTreasury);
+        const executionLog = web3_js_1.Keypair.generate();
+        return await this.program.methods
+            .logExecution(success, latencyMs)
+            .accounts({
+            skill: skillPda,
+            executionLog: executionLog.publicKey,
+            executor: this.provider.wallet.publicKey,
+            executorUsdc,
+            creatorUsdc,
+            protocolUsdc,
+        })
+            .signers([executionLog])
+            .rpc();
+    }
+    /**
+     * Registers a new skill with metadata compression and integrity hashing.
+     */
+    async registerSkill(params) {
+        const skillId = Array.from(crypto.getRandomValues(new Uint8Array(32)));
+        const priceBN = new anchor_1.BN(params.priceUsdc * 1000000);
+        // 1. Calculate Integrity Hash
+        let integrityHash = "";
+        if (params.logicContent) {
+            const msgBuffer = new TextEncoder().encode(params.logicContent);
+            const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
+            integrityHash = Array.from(new Uint8Array(hashBuffer))
+                .map(b => b.toString(16).padStart(2, '0'))
+                .join('');
+        }
+        // 2. Prepare Metadata
+        const metadataObj = {
+            n: params.name,
+            d: params.description,
+            u: params.externalUrl,
+            h: integrityHash
+        };
+        // 3. Compress using Gzip
+        const metadataStr = JSON.stringify(metadataObj);
+        const blob = new Blob([metadataStr]);
+        const compressedStream = blob.stream().pipeThrough(new window.DecompressionStream('gzip'));
+        const compressedBuffer = await new Response(compressedStream).arrayBuffer();
+        const finalMetadata = `gz:${Buffer.from(compressedBuffer).toString('base64')}`;
+        // 4. Generate Signature
+        let signature = Array(64).fill(0);
+        if (this.provider.wallet.signMessage) {
+            const message = new TextEncoder().encode(`Minting Sigil Skill: ${params.name}`);
+            const sig = await this.provider.wallet.signMessage(message);
+            signature = Array.from(sig);
+        }
+        const [skillPda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('skill'), new Uint8Array(skillId)], this.program.programId);
+        const [registryPda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('registry_v1')], this.program.programId);
+        return await this.program.methods
+            .mintSkill(skillId, priceBN, finalMetadata, signature)
+            .accounts({
+            skill: skillPda,
+            creator: this.provider.wallet.publicKey,
+            registry: registryPda,
+        })
+            .rpc();
+    }
+    /**
+     * Verifies if the local logic matches the on-chain recorded integrity hash.
+     */
+    async verifyIntegrity(skillPda, localLogicContent) {
+        const skillData = await this.program.account.skill.fetch(skillPda);
+        const ipfsHash = skillData.ipfsHash;
+        if (!ipfsHash.startsWith('gz:'))
+            return false;
+        // Decompress
+        const base64Data = ipfsHash.slice(3);
+        const binaryString = window.atob(base64Data);
+        const bytes = new Uint8Array(binaryString.length);
+        for (let i = 0; i < binaryString.length; i++)
+            bytes[i] = binaryString.charCodeAt(i);
+        const decompressedStream = new Blob([bytes]).stream().pipeThrough(new window.DecompressionStream('gzip'));
+        const metadata = JSON.parse(await new Response(decompressedStream).text());
+        if (!metadata.h)
+            return true; // No hash to verify
+        // Calculate local hash
+        const msgBuffer = new TextEncoder().encode(localLogicContent);
+        const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
+        const localHash = Array.from(new Uint8Array(hashBuffer))
+            .map(b => b.toString(16).padStart(2, '0'))
+            .join('');
+        return localHash === metadata.h;
+    }
+    /**
+     * Auditor Staking Management
+     */
+    async stake(amountUsdc) {
+        const amount = new anchor_1.BN(amountUsdc * 1000000);
+        const auditorPda = this.deriveAuditorPda(this.provider.wallet.publicKey);
+        // Check if initialized
+        try {
+            await this.program.account.auditor.fetch(auditorPda);
+        }
+        catch {
+            await this.program.methods.initializeAuditor().accounts({
+                auditor: auditorPda,
+                authority: this.provider.wallet.publicKey,
+            }).rpc();
+        }
+        const usdcMint = new web3_js_1.PublicKey('4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU');
+        const auditorTokenAccount = await (0, spl_token_1.getAssociatedTokenAddress)(usdcMint, this.provider.wallet.publicKey);
+        const vaultTokenAccount = this.deriveVaultPda(usdcMint, auditorPda);
+        const vaultAuthority = this.deriveVaultAuthorityPda();
+        return await this.program.methods
+            .stakeUsdc(amount)
+            .accounts({
+            auditor: auditorPda,
+            auditorTokenAccount,
+            vaultTokenAccount,
+            vaultAuthority,
+            usdcMint,
+            authority: this.provider.wallet.publicKey,
+        })
+            .rpc();
+    }
+    // PDA Derivation Helpers
+    deriveAuditorPda(authority) {
+        return web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('auditor'), authority.toBuffer()], this.program.programId)[0];
+    }
+    deriveVaultPda(mint, auditor) {
+        return web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('vault'), mint.toBuffer(), auditor.toBuffer()], this.program.programId)[0];
+    }
+    deriveVaultAuthorityPda() {
+        return web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('vault_authority')], this.program.programId)[0];
+    }
+}
+exports.SigilClient = SigilClient;

package/dist/sdk/src/sigil-registry.d.ts

@@ -0,0 +1,63 @@
+import { Program, AnchorProvider, BN } from '@coral-xyz/anchor';
+import { Connection, PublicKey } from '@solana/web3.js';
+import { SigilRegistry } from './types';
+export declare class SigilRegistryClient {
+    program: Program<SigilRegistry>;
+    provider: AnchorProvider;
+    constructor(connection: Connection, wallet: any);
+    initializeRegistry(): Promise<string>;
+    initializeAuditor(): Promise<string>;
+    mintSkill(skillId: number[], priceUsdc: BN, ipfsHash: string, creatorSignature: number[]): Promise<string>;
+    addAuditorSignature(skillPda: PublicKey, auditorPda: PublicKey, signature: number[], auditReportHash: string): Promise<string>;
+    logExecution(skillPda: PublicKey, executionLogPda: PublicKey, executorUsdc: PublicKey, creatorUsdc: PublicKey, protocolUsdc: PublicKey, success: boolean, latencyMs: number): Promise<string>;
+    getSkill(skillPda: PublicKey): Promise<{
+        skillId: number[];
+        creator: PublicKey;
+        creatorSignature: number[];
+        priceUsdc: BN;
+        ipfsHash: string;
+        auditReportHash: string;
+        auditorCount: number;
+        auditors: any[];
+        consensusStatus: any;
+        consensusRecord: PublicKey | null;
+        trustScore: number;
+        executionCount: BN;
+        successCount: BN;
+        totalEarned: BN;
+        lastUsed: BN;
+        createdAt: BN;
+        bump: number;
+    }>;
+    getAllSkills(): Promise<import("@coral-xyz/anchor").ProgramAccount<{
+        skillId: number[];
+        creator: PublicKey;
+        creatorSignature: number[];
+        priceUsdc: BN;
+        ipfsHash: string;
+        auditReportHash: string;
+        auditorCount: number;
+        auditors: any[];
+        consensusStatus: any;
+        consensusRecord: PublicKey | null;
+        trustScore: number;
+        executionCount: BN;
+        successCount: BN;
+        totalEarned: BN;
+        lastUsed: BN;
+        createdAt: BN;
+        bump: number;
+    }>[]>;
+    getAllLogs(): Promise<any>;
+    getAuditor(auditorPda: PublicKey): Promise<any>;
+    getAllAuditors(): Promise<any>;
+    getRegistry(): Promise<any>;
+    stakeUsdc(auditorPda: PublicKey, auditorTokenAccount: PublicKey, vaultTokenAccount: PublicKey, vaultAuthorityPda: PublicKey, usdcMint: PublicKey, amount: BN): Promise<string>;
+    requestUnstake(auditorPda: PublicKey): Promise<string>;
+    withdrawStake(auditorPda: PublicKey, auditorTokenAccount: PublicKey, vaultTokenAccount: PublicKey, vaultAuthorityPda: PublicKey, usdcMint: PublicKey): Promise<string>;
+    deriveSkillPda(skillId: number[] | Uint8Array): PublicKey;
+    deriveAuditorPda(auditorPubkey: PublicKey): PublicKey;
+    deriveVaultPda(usdcMint: PublicKey, auditorPda: PublicKey): PublicKey;
+    deriveVaultAuthorityPda(): PublicKey;
+    deriveExecutionLogPda(skillPda: PublicKey, executor: PublicKey, timestamp: BN): PublicKey;
+}

package/dist/sdk/src/sigil-registry.js

@@ -0,0 +1,191 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SigilRegistryClient = void 0;
+const anchor_1 = require("@coral-xyz/anchor");
+const web3_js_1 = require("@solana/web3.js");
+const sigil_registry_json_1 = __importDefault(require("../../target/idl/sigil_registry.json"));
+class SigilRegistryClient {
+    constructor(connection, wallet) {
+        this.provider = new anchor_1.AnchorProvider(connection, wallet, {
+            commitment: 'confirmed',
+        });
+        this.program = new anchor_1.Program(sigil_registry_json_1.default, this.provider);
+    }
+    async initializeRegistry() {
+        const [registryPda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('registry_v1')], this.program.programId);
+        return await this.program.methods
+            .initializeRegistry()
+            .accounts({
+            registry: registryPda,
+            authority: this.provider.wallet.publicKey,
+        })
+            .rpc();
+    }
+    async initializeAuditor() {
+        const [auditorPda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('auditor'), this.provider.wallet.publicKey.toBuffer()], this.program.programId);
+        return await this.program.methods
+            .initializeAuditor()
+            .accounts({
+            auditor: auditorPda,
+            authority: this.provider.wallet.publicKey,
+        })
+            .rpc();
+    }
+    async mintSkill(skillId, priceUsdc, ipfsHash, creatorSignature) {
+        const [skillPda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('skill'), Buffer.from(skillId)], this.program.programId);
+        const [registryPda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('registry_v1')], this.program.programId);
+        return await this.program.methods
+            .mintSkill(skillId, priceUsdc, ipfsHash, creatorSignature)
+            .accounts({
+            skill: skillPda,
+            creator: this.provider.wallet.publicKey,
+            registry: registryPda,
+        })
+            .rpc();
+    }
+    async addAuditorSignature(skillPda, auditorPda, signature, auditReportHash) {
+        return await this.program.methods
+            .addAuditorSignature(signature, auditReportHash)
+            .accounts({
+            skill: skillPda,
+            auditor: auditorPda,
+            auditorSigner: this.provider.wallet.publicKey,
+        })
+            .rpc();
+    }
+    async logExecution(skillPda, executionLogPda, executorUsdc, creatorUsdc, protocolUsdc, success, latencyMs) {
+        return await this.program.methods
+            .logExecution(success, latencyMs)
+            .accounts({
+            skill: skillPda,
+            executionLog: executionLogPda,
+            executor: this.provider.wallet.publicKey,
+            executorUsdc,
+            creatorUsdc,
+            protocolUsdc,
+        })
+            .rpc();
+    }
+    async getSkill(skillPda) {
+        return await this.program.account.skill.fetch(skillPda);
+    }
+    async getAllSkills() {
+        return await this.program.account.skill.all();
+    }
+    async getAllLogs() {
+        // ExecutionLog account may not be defined in current IDL
+        // Return empty array for MVP - logs are tracked via transaction history
+        try {
+            // Try to fetch if account exists
+            const accounts = await this.program.account.executionLog?.all();
+            return accounts || [];
+        }
+        catch {
+            console.warn('ExecutionLog account not available in current program version');
+            return [];
+        }
+    }
+    async getAuditor(auditorPda) {
+        // Auditor account may not be defined in current IDL
+        try {
+            return await this.program.account.auditor?.fetch(auditorPda);
+        }
+        catch {
+            console.warn('Auditor account not available in current program version');
+            return null;
+        }
+    }
+    async getAllAuditors() {
+        // Auditor account may not be defined in current IDL
+        try {
+            const accounts = await this.program.account.auditor?.all();
+            return accounts || [];
+        }
+        catch {
+            console.warn('Auditor account not available in current program version');
+            return [];
+        }
+    }
+    async getRegistry() {
+        const [registryPda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('registry_v1')], this.program.programId);
+        try {
+            // Account names in Anchor are camelCase versions of the struct name
+            return await this.program.account.skillRegistry.fetch(registryPda);
+        }
+        catch (e) {
+            // Try PascalCase as fallback
+            try {
+                return await this.program.account.SkillRegistry.fetch(registryPda);
+            }
+            catch {
+                console.warn('Registry not initialized');
+                return null;
+            }
+        }
+    }
+    async stakeUsdc(auditorPda, auditorTokenAccount, vaultTokenAccount, vaultAuthorityPda, usdcMint, amount) {
+        return await this.program.methods
+            .stakeUsdc(amount)
+            .accounts({
+            auditor: auditorPda,
+            auditorTokenAccount,
+            vaultTokenAccount,
+            vaultAuthority: vaultAuthorityPda,
+            usdcMint,
+            authority: this.provider.wallet.publicKey,
+        })
+            .rpc();
+    }
+    async requestUnstake(auditorPda) {
+        return await this.program.methods
+            .requestUnstake()
+            .accounts({
+            auditor: auditorPda,
+            authority: this.provider.wallet.publicKey,
+        })
+            .rpc();
+    }
+    async withdrawStake(auditorPda, auditorTokenAccount, vaultTokenAccount, vaultAuthorityPda, usdcMint) {
+        return await this.program.methods
+            .withdrawStake()
+            .accounts({
+            auditor: auditorPda,
+            auditorTokenAccount,
+            vaultTokenAccount,
+            vaultAuthority: vaultAuthorityPda,
+            usdcMint,
+            authority: this.provider.wallet.publicKey,
+        })
+            .rpc();
+    }
+    // Helper to derive PDAs
+    deriveSkillPda(skillId) {
+        const [pda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('skill'), Buffer.from(skillId)], this.program.programId);
+        return pda;
+    }
+    deriveAuditorPda(auditorPubkey) {
+        const [pda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('auditor'), auditorPubkey.toBuffer()], this.program.programId);
+        return pda;
+    }
+    deriveVaultPda(usdcMint, auditorPda) {
+        const [pda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('vault'), usdcMint.toBuffer(), auditorPda.toBuffer()], this.program.programId);
+        return pda;
+    }
+    deriveVaultAuthorityPda() {
+        const [pda] = web3_js_1.PublicKey.findProgramAddressSync([Buffer.from('vault_authority')], this.program.programId);
+        return pda;
+    }
+    deriveExecutionLogPda(skillPda, executor, timestamp) {
+        const [pda] = web3_js_1.PublicKey.findProgramAddressSync([
+            Buffer.from('execution'),
+            skillPda.toBuffer(),
+            executor.toBuffer(),
+            timestamp.toArrayLike(Buffer, 'le', 8)
+        ], this.program.programId);
+        return pda;
+    }
+}
+exports.SigilRegistryClient = SigilRegistryClient;