spendos 0.1.0

package/acp-seller/src/lib/bounty.ts

@@ -0,0 +1,257 @@
+// =============================================================================
+// Bounty API + local active-bounty state management.
+// =============================================================================
+
+import axios from "axios";
+import * as fs from "fs";
+import * as path from "path";
+import { ROOT, loadApiKey } from "./config.js";
+
+export type BountyStatus =
+  | "open"
+  | "pending_match"
+  | "claimed"
+  | "fulfilled"
+  | "expired"
+  | "rejected";
+
+export interface BountyCreateInput {
+  poster_email?: string;
+  title: string;
+  description: string;
+  budget: number;
+  category: string;
+  tags: string;
+}
+
+export interface BountyMatchCandidate {
+  id: number;
+  name?: string;
+  walletAddress?: string;
+  offeringName?: string;
+  [key: string]: unknown;
+}
+
+export interface BountyMatchStatusResponse {
+  status: BountyStatus | string;
+  candidates: BountyMatchCandidate[];
+  acp_job_id?: string | number | null;
+  [key: string]: unknown;
+}
+
+export interface ActiveBounty {
+  bountyId: string;
+  createdAt: string;
+  status: BountyStatus | string;
+  title: string;
+  description: string;
+  budget: number;
+  category: string;
+  tags: string;
+  posterName: string;
+  posterSecret: string;
+  selectedCandidateId?: number;
+  acpJobId?: string;
+  /** Set to true after the agent has been notified about pending_match candidates. */
+  notifiedPendingMatch?: boolean;
+  /** Channel where this bounty was created (e.g. "telegram", "webchat") for routing notifications. */
+  sourceChannel?: string;
+}
+
+interface ActiveBountiesFile {
+  bounties: ActiveBounty[];
+}
+
+const api = axios.create({
+  baseURL:
+    process.env.ACP_BOUNTY_API_URL || "https://bounty.virtuals.io/api/v1",
+  headers: { "Content-Type": "application/json" },
+});
+
+api.interceptors.request.use((config) => {
+  loadApiKey();
+  if (process.env.LITE_AGENT_API_KEY) {
+    config.headers["x-api-key"] = process.env.LITE_AGENT_API_KEY;
+  }
+  return config;
+});
+
+export const BOUNTY_STATE_PATH = path.resolve(ROOT, "active-bounties.json");
+
+function extractData<T>(raw: any): T {
+  if (raw && typeof raw === "object" && "data" in raw) {
+    return raw.data as T;
+  }
+  return raw as T;
+}
+
+function ensureParent(filePath: string): void {
+  const parent = path.dirname(filePath);
+  fs.mkdirSync(parent, { recursive: true });
+}
+
+function readState(): ActiveBountiesFile {
+  if (!fs.existsSync(BOUNTY_STATE_PATH)) return { bounties: [] };
+  try {
+    const raw = JSON.parse(fs.readFileSync(BOUNTY_STATE_PATH, "utf-8"));
+    if (Array.isArray(raw?.bounties)) {
+      return { bounties: raw.bounties as ActiveBounty[] };
+    }
+  } catch {
+    return { bounties: [] };
+  }
+  return { bounties: [] };
+}
+
+function writeState(next: ActiveBountiesFile): void {
+  ensureParent(BOUNTY_STATE_PATH);
+  fs.writeFileSync(BOUNTY_STATE_PATH, JSON.stringify(next, null, 2) + "\n");
+}
+
+export function listActiveBounties(): ActiveBounty[] {
+  return readState().bounties;
+}
+
+export function getActiveBounty(bountyId: string): ActiveBounty | undefined {
+  return readState().bounties.find((b) => b.bountyId === bountyId);
+}
+
+export function getBountyByJobId(jobId: string): ActiveBounty | undefined {
+  return readState().bounties.find((b) => b.acpJobId === jobId);
+}
+
+export function saveActiveBounty(bounty: ActiveBounty): void {
+  const state = readState();
+  const idx = state.bounties.findIndex((b) => b.bountyId === bounty.bountyId);
+  if (idx >= 0) {
+    state.bounties[idx] = bounty;
+  } else {
+    state.bounties.push(bounty);
+  }
+  writeState(state);
+}
+
+export function removeActiveBounty(bountyId: string): void {
+  const state = readState();
+  state.bounties = state.bounties.filter((b) => b.bountyId !== bountyId);
+  writeState(state);
+}
+
+export async function createBounty(
+  input: BountyCreateInput,
+): Promise<{ bountyId: string; posterSecret: string; raw: unknown }> {
+  const res = await api.post("/bounties/", input);
+  const body = extractData<any>(res.data);
+
+  const bountyNode =
+    body?.bounty && typeof body.bounty === "object" ? body.bounty : body;
+
+  const bountyId =
+    bountyNode?.id ??
+    bountyNode?.bounty_id ??
+    bountyNode?.bountyId ??
+    body?.id ??
+    body?.bounty_id ??
+    body?.bountyId;
+  const posterSecret =
+    body?.poster_secret ??
+    body?.posterSecret ??
+    body?.data?.poster_secret ??
+    body?.data?.posterSecret;
+
+  if (!bountyId || !posterSecret) {
+    throw new Error(
+      "Invalid create bounty response: missing id or poster_secret",
+    );
+  }
+
+  return {
+    bountyId: String(bountyId),
+    posterSecret: String(posterSecret),
+    raw: body,
+  };
+}
+
+export async function getBountyDetails(
+  bountyId: string,
+): Promise<Record<string, unknown>> {
+  const res = await api.get(`/bounties/${encodeURIComponent(bountyId)}`);
+  return extractData<Record<string, unknown>>(res.data);
+}
+
+export async function getMatchStatus(
+  bountyId: string,
+): Promise<BountyMatchStatusResponse> {
+  const res = await api.get(
+    `/bounties/${encodeURIComponent(bountyId)}/match-status`,
+  );
+  const body = extractData<any>(res.data);
+
+  return {
+    ...body,
+    status: String(body?.status ?? ""),
+    candidates: Array.isArray(body?.candidates) ? body.candidates : [],
+  };
+}
+
+export async function confirmMatch(params: {
+  bountyId: string;
+  posterSecret: string;
+  candidateId: number;
+  acpJobId: string;
+}): Promise<unknown> {
+  const { bountyId, posterSecret, candidateId, acpJobId } = params;
+  const res = await api.post(
+    `/bounties/${encodeURIComponent(bountyId)}/confirm-match`,
+    {
+      poster_secret: posterSecret,
+      candidate_id: candidateId,
+      acp_job_id: acpJobId,
+    },
+  );
+  return extractData<unknown>(res.data);
+}
+
+export interface BountyUpdateInput {
+  poster_secret: string;
+  title?: string;
+  description?: string;
+  budget?: number;
+  tags?: string;
+}
+
+export async function updateBounty(
+  bountyId: string,
+  input: BountyUpdateInput,
+): Promise<unknown> {
+  const res = await api.put(`/bounties/${encodeURIComponent(bountyId)}`, input);
+  return extractData<unknown>(res.data);
+}
+
+export async function rejectCandidates(params: {
+  bountyId: string;
+  posterSecret: string;
+}): Promise<unknown> {
+  const { bountyId, posterSecret } = params;
+  const res = await api.post(
+    `/bounties/${encodeURIComponent(bountyId)}/reject-candidates`,
+    {
+      poster_secret: posterSecret,
+    },
+  );
+  return extractData<unknown>(res.data);
+}
+
+export async function syncBountyJobStatus(params: {
+  bountyId: string;
+  posterSecret: string;
+}): Promise<unknown> {
+  const { bountyId, posterSecret } = params;
+  const res = await api.post(
+    `/bounties/${encodeURIComponent(bountyId)}/job-status`,
+    {
+      poster_secret: posterSecret,
+    },
+  );
+  return extractData<unknown>(res.data);
+}

package/acp-seller/src/lib/client.ts

@@ -0,0 +1,42 @@
+// =============================================================================
+// Axios HTTP client for the ACP API.
+// =============================================================================
+
+import axios from "axios";
+import dotenv from "dotenv";
+import { loadApiKey } from "./config.js";
+
+dotenv.config();
+
+// Ensure API key is loaded from config into process.env
+loadApiKey();
+
+const client = axios.create({
+  baseURL: process.env.ACP_API_URL || "https://claw-api.virtuals.io",
+  timeout: 30_000,
+});
+
+// Set the API key at REQUEST TIME (not module load) so env changes are
+// picked up and the header is never baked in as undefined.
+// Only set if the caller hasn't already provided an explicit x-api-key.
+client.interceptors.request.use((config) => {
+  if (!config.headers["x-api-key"]) {
+    const apiKey = loadApiKey();
+    if (apiKey) {
+      config.headers["x-api-key"] = apiKey;
+    }
+  }
+  return config;
+});
+
+client.interceptors.response.use(
+  (response) => response,
+  (error) => {
+    if (error.response) {
+      throw new Error(JSON.stringify(error.response.data));
+    }
+    throw error;
+  },
+);
+
+export default client;

package/acp-seller/src/lib/config.ts

@@ -0,0 +1,240 @@
+// =============================================================================
+// Configuration file management.
+// Reads/writes config.json at the repo root.
+// =============================================================================
+
+import * as fs from "fs";
+import * as path from "path";
+import { fileURLToPath } from "url";
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+/** Repo root — two levels up from src/lib/ */
+export const ROOT = path.resolve(__dirname, "..", "..");
+export const CONFIG_JSON_PATH = path.resolve(ROOT, "config.json");
+export const LOGS_DIR = path.resolve(ROOT, "logs");
+
+export interface AgentEntry {
+  id: string;
+  name: string;
+  walletAddress: string;
+  apiKey: string | undefined; // only present for active/previously-switched agents
+  active: boolean;
+}
+
+export interface RailwayProjectConfig {
+  project: string;
+  environment: string;
+}
+
+export interface DeployInfo {
+  provider: string;
+  agentName: string;
+  offerings: string[];
+  deployedAt: string;
+  railwayConfig: RailwayProjectConfig;
+}
+
+export interface ConfigJson {
+  SESSION_TOKEN?: {
+    token: string;
+  };
+  LITE_AGENT_API_KEY?: string;
+  SELLER_PID?: number;
+  OPENCLAW_BOUNTY_CRON_JOB_ID?: string;
+  agents?: AgentEntry[];
+  DEPLOYS?: Record<string, DeployInfo>; // keyed by agent ID
+}
+
+export function readConfig(): ConfigJson {
+  if (!fs.existsSync(CONFIG_JSON_PATH)) {
+    return {};
+  }
+  try {
+    const content = fs.readFileSync(CONFIG_JSON_PATH, "utf-8");
+    return JSON.parse(content);
+  } catch {
+    return {};
+  }
+}
+
+export function writeConfig(config: ConfigJson): void {
+  try {
+    fs.writeFileSync(CONFIG_JSON_PATH, JSON.stringify(config, null, 2) + "\n");
+  } catch (err) {
+    console.error(`Failed to write config.json: ${err}`);
+  }
+}
+
+/** Load the API key from config.json or environment. */
+export function loadApiKey(): string | undefined {
+  if (process.env.LITE_AGENT_API_KEY?.trim()) {
+    return process.env.LITE_AGENT_API_KEY.trim();
+  }
+  const config = readConfig();
+  const key = config.LITE_AGENT_API_KEY;
+  if (typeof key === "string" && key.trim()) {
+    process.env.LITE_AGENT_API_KEY = key;
+    return key;
+  }
+  return undefined;
+}
+
+/** Ensure API key is loaded, or exit with error. */
+export function requireApiKey(): string {
+  const key = loadApiKey();
+  if (!key) {
+    console.error(
+      "Error: LITE_AGENT_API_KEY is not set. Run `acp setup` first.",
+    );
+    process.exit(1);
+  }
+  return key;
+}
+
+export function isProcessRunning(pid: number): boolean {
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch (err: any) {
+    return err.code !== "ESRCH";
+  }
+}
+
+export function writePidToConfig(pid: number): void {
+  try {
+    const config = readConfig();
+    config.SELLER_PID = pid;
+    writeConfig(config);
+  } catch (err) {
+    console.error(`Failed to write PID to config.json: ${err}`);
+  }
+}
+
+export function removePidFromConfig(): void {
+  try {
+    const config = readConfig();
+    if (config.SELLER_PID !== undefined) {
+      delete config.SELLER_PID;
+      writeConfig(config);
+    }
+  } catch {
+    // Best effort cleanup
+  }
+}
+
+export function checkForExistingProcess(): void {
+  const config = readConfig();
+
+  if (config.SELLER_PID !== undefined) {
+    if (isProcessRunning(config.SELLER_PID)) {
+      console.error(
+        `Seller process already running with PID: ${config.SELLER_PID}`,
+      );
+      console.error(
+        "Please stop the existing process before starting a new one.",
+      );
+      process.exit(1);
+    } else {
+      removePidFromConfig();
+    }
+  }
+}
+
+/** Find the PID of a running seller process (config check + OS fallback). */
+export function findSellerPid(): number | undefined {
+  const config = readConfig();
+  if (config.SELLER_PID !== undefined && isProcessRunning(config.SELLER_PID)) {
+    return config.SELLER_PID;
+  }
+  if (config.SELLER_PID !== undefined) {
+    removePidFromConfig();
+  }
+  // Fallback: scan OS processes
+  try {
+    const { execSync } = require("child_process");
+    const out = execSync(
+      'ps ax -o pid,command | grep "seller/runtime/seller.ts" | grep -v grep',
+      {
+        encoding: "utf-8",
+        stdio: ["pipe", "pipe", "pipe"],
+      },
+    );
+    for (const line of out.trim().split("\n")) {
+      const trimmed = line.trim();
+      if (!trimmed) continue;
+      const pid = parseInt(trimmed.split(/\s+/)[0], 10);
+      if (!isNaN(pid) && pid !== process.pid) return pid;
+    }
+  } catch {
+    // grep returns exit code 1 when no matches
+  }
+  return undefined;
+}
+
+/** Get the currently active agent from the agents array. */
+export function getActiveAgent(): AgentEntry | undefined {
+  const config = readConfig();
+  return config.agents?.find((a) => a.active);
+}
+
+/** Find an agent by name (case-insensitive). */
+export function findAgentByName(name: string): AgentEntry | undefined {
+  const config = readConfig();
+  return config.agents?.find(
+    (a) => a.name.toLowerCase() === name.toLowerCase(),
+  );
+}
+
+export function findAgentByWalletAddress(
+  walletAddress: string,
+): AgentEntry | undefined {
+  const config = readConfig();
+  return config.agents?.find(
+    (a) => a.walletAddress.toLowerCase() === walletAddress.toLowerCase(),
+  );
+}
+
+/** Activate an agent with a (possibly new) API key. Updates active flags and LITE_AGENT_API_KEY. */
+export function activateAgent(agentId: string, apiKey: string): void {
+  const config = readConfig();
+  const agents = (config.agents ?? []).map((a) => ({
+    ...a,
+    active: a.id === agentId,
+    apiKey: a.id === agentId ? apiKey : a.apiKey,
+  }));
+
+  writeConfig({
+    ...config,
+    agents,
+    LITE_AGENT_API_KEY: apiKey,
+  });
+}
+
+/** Sanitize an agent name for use as a directory name. */
+export function sanitizeAgentName(name: string): string {
+  const sanitized = name
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, "-")
+    .replace(/(^-|-$)/g, "");
+  return sanitized || "unnamed-agent";
+}
+
+export function formatPrice(price: unknown, priceType?: unknown): string {
+  const p = price != null ? String(price) : "-";
+  const type = String(priceType).toLowerCase();
+  if (type === "fixed") {
+    return `${p} USDC`;
+  } else if (type === "percentage") {
+    // Percentage is stored as decimal
+    const numPrice = typeof price === "number" ? price : parseFloat(p);
+    if (!isNaN(numPrice)) {
+      return `${(numPrice * 100).toFixed(2)}%`;
+    }
+    return `${p}%`;
+  } else if (priceType != null) {
+    return `${p} ${priceType}`;
+  }
+  return p;
+}

package/acp-seller/src/lib/open.ts

@@ -0,0 +1,41 @@
+// =============================================================================
+// Open a URL in the user's default browser. Platform-specific, no dependencies.
+// =============================================================================
+
+import { execFile } from "node:child_process";
+
+const CONTROL_CHAR_REGEX = /[\u0000-\u001F\u007F]/;
+
+function isSafeHttpUrl(url: string): boolean {
+  if (!url || CONTROL_CHAR_REGEX.test(url)) return false;
+
+  try {
+    const parsed = new URL(url);
+    return parsed.protocol === "http:" || parsed.protocol === "https:";
+  } catch {
+    return false;
+  }
+}
+
+export function openUrl(url: string): void {
+  if (!isSafeHttpUrl(url)) {
+    return;
+  }
+
+  const platform = process.platform;
+  let command = "xdg-open";
+  let args = [url];
+
+  if (platform === "darwin") {
+    command = "open";
+  } else if (platform === "win32") {
+    command = "rundll32";
+    args = ["url.dll,FileProtocolHandler", url];
+  }
+
+  execFile(command, args, (err) => {
+    if (err) {
+      // Silently fail — the URL is always printed as fallback
+    }
+  });
+}