teleton 0.6.0 → 0.7.1

package/dist/{chunk-4IPJ25HE.js → chunk-HZNZT4TG.js}

@@ -1,13 +1,34 @@
+import {
+  ConfigSchema,
+  getKeyPair,
+  getTonPrice,
+  getWalletAddress,
+  getWalletBalance,
+  loadWallet
+} from "./chunk-NERLQY2H.js";
+import {
+  getCachedHttpEndpoint
+} from "./chunk-QUAPFI2N.js";
+import {
+  require_BigInteger
+} from "./chunk-TSKJCWQQ.js";
+import {
+  getErrorMessage
+} from "./chunk-XBE4JB7C.js";
+import {
+  getProviderMetadata
+} from "./chunk-LRCPA7SC.js";
 import {
   createDbWrapper,
   migrateFromMainDb,
   openModuleDb
-} from "./chunk-ECSCVEQQ.js";
+} from "./chunk-UCN6TI25.js";
 import {
-  COINGECKO_API_URL,
-  fetchWithTimeout,
   tonapiFetch
-} from "./chunk-GDCODBNO.js";
+} from "./chunk-XBKSS6DM.js";
+import {
+  PAYMENT_TOLERANCE_RATIO
+} from "./chunk-RO62LO6Z.js";
 import {
   RETRY_BLOCKCHAIN_BASE_DELAY_MS,
   RETRY_BLOCKCHAIN_MAX_DELAY_MS,
@@ -17,10 +38,6 @@ import {
   RETRY_DEFAULT_MAX_DELAY_MS,
   RETRY_DEFAULT_TIMEOUT_MS
 } from "./chunk-4DU3C27M.js";
-import {
-  PAYMENT_TOLERANCE_RATIO,
-  TELEGRAM_MAX_MESSAGE_LENGTH
-} from "./chunk-RO62LO6Z.js";
 import {
   ALLOWED_EXTENSIONS,
   TELETON_ROOT,
@@ -28,244 +45,19 @@ import {
   WORKSPACE_ROOT
 } from "./chunk-EYWNOHMJ.js";
 import {
-  getCachedHttpEndpoint
-} from "./chunk-QUAPFI2N.js";
+  createLogger
+} from "./chunk-RCMD3U65.js";
 import {
-  __require
+  __require,
+  __toESM
 } from "./chunk-QGM4M3NI.js";
 
-// src/config/providers.ts
-var PROVIDER_REGISTRY = {
-  anthropic: {
-    id: "anthropic",
-    displayName: "Anthropic (Claude)",
-    envVar: "ANTHROPIC_API_KEY",
-    keyPrefix: "sk-ant-",
-    keyHint: "sk-ant-api03-...",
-    consoleUrl: "https://console.anthropic.com/",
-    defaultModel: "claude-opus-4-5-20251101",
-    utilityModel: "claude-3-5-haiku-20241022",
-    toolLimit: null,
-    piAiProvider: "anthropic"
-  },
-  openai: {
-    id: "openai",
-    displayName: "OpenAI (GPT-4o)",
-    envVar: "OPENAI_API_KEY",
-    keyPrefix: "sk-",
-    keyHint: "sk-proj-...",
-    consoleUrl: "https://platform.openai.com/api-keys",
-    defaultModel: "gpt-4o",
-    utilityModel: "gpt-4o-mini",
-    toolLimit: 128,
-    piAiProvider: "openai"
-  },
-  google: {
-    id: "google",
-    displayName: "Google (Gemini)",
-    envVar: "GOOGLE_API_KEY",
-    keyPrefix: null,
-    keyHint: "AIza...",
-    consoleUrl: "https://aistudio.google.com/apikey",
-    defaultModel: "gemini-2.5-flash",
-    utilityModel: "gemini-2.0-flash-lite",
-    toolLimit: 128,
-    piAiProvider: "google"
-  },
-  xai: {
-    id: "xai",
-    displayName: "xAI (Grok)",
-    envVar: "XAI_API_KEY",
-    keyPrefix: "xai-",
-    keyHint: "xai-...",
-    consoleUrl: "https://console.x.ai/",
-    defaultModel: "grok-3",
-    utilityModel: "grok-3-mini-fast",
-    toolLimit: 128,
-    piAiProvider: "xai"
-  },
-  groq: {
-    id: "groq",
-    displayName: "Groq",
-    envVar: "GROQ_API_KEY",
-    keyPrefix: "gsk_",
-    keyHint: "gsk_...",
-    consoleUrl: "https://console.groq.com/keys",
-    defaultModel: "llama-3.3-70b-versatile",
-    utilityModel: "llama-3.1-8b-instant",
-    toolLimit: 128,
-    piAiProvider: "groq"
-  },
-  openrouter: {
-    id: "openrouter",
-    displayName: "OpenRouter",
-    envVar: "OPENROUTER_API_KEY",
-    keyPrefix: "sk-or-",
-    keyHint: "sk-or-v1-...",
-    consoleUrl: "https://openrouter.ai/keys",
-    defaultModel: "anthropic/claude-opus-4.5",
-    utilityModel: "google/gemini-2.5-flash-lite",
-    toolLimit: 128,
-    piAiProvider: "openrouter"
-  }
-};
-function getProviderMetadata(provider) {
-  const meta = PROVIDER_REGISTRY[provider];
-  if (!meta) {
-    throw new Error(`Unknown provider: ${provider}`);
-  }
-  return meta;
-}
-function getSupportedProviders() {
-  return Object.values(PROVIDER_REGISTRY);
-}
-function validateApiKeyFormat(provider, key) {
-  const meta = PROVIDER_REGISTRY[provider];
-  if (!meta) return `Unknown provider: ${provider}`;
-  if (!key || key.trim().length === 0) return "API key is required";
-  if (meta.keyPrefix && !key.startsWith(meta.keyPrefix)) {
-    return `Invalid format (should start with ${meta.keyPrefix})`;
-  }
-  return void 0;
-}
-
 // src/config/loader.ts
-import { readFileSync, existsSync, writeFileSync, mkdirSync, chmodSync } from "fs";
+import { readFileSync, existsSync, writeFileSync, mkdirSync } from "fs";
 import { parse, stringify } from "yaml";
 import { homedir } from "os";
 import { dirname, join } from "path";
-
-// src/config/schema.ts
-import { z } from "zod";
-var DMPolicy = z.enum(["pairing", "allowlist", "open", "disabled"]);
-var GroupPolicy = z.enum(["open", "allowlist", "disabled"]);
-var SessionResetPolicySchema = z.object({
-  daily_reset_enabled: z.boolean().default(true).describe("Enable daily session reset"),
-  daily_reset_hour: z.number().min(0).max(23).default(4).describe("Hour of day (0-23) to reset sessions"),
-  idle_expiry_enabled: z.boolean().default(true).describe("Enable session reset after idle period"),
-  idle_expiry_minutes: z.number().default(1440).describe("Minutes of inactivity before session reset (default: 24h)")
-});
-var AgentConfigSchema = z.object({
-  provider: z.enum(["anthropic", "openai", "google", "xai", "groq", "openrouter"]).default("anthropic"),
-  api_key: z.string(),
-  model: z.string().default("claude-opus-4-5-20251101"),
-  utility_model: z.string().optional().describe("Cheap model for summarization (auto-detected if omitted)"),
-  max_tokens: z.number().default(4096),
-  temperature: z.number().default(0.7),
-  system_prompt: z.string().nullable().default(null),
-  max_agentic_iterations: z.number().default(5).describe("Maximum number of agentic loop iterations (tool call \u2192 result \u2192 tool call cycles)"),
-  session_reset_policy: SessionResetPolicySchema.default(SessionResetPolicySchema.parse({}))
-});
-var TelegramConfigSchema = z.object({
-  api_id: z.number(),
-  api_hash: z.string(),
-  phone: z.string(),
-  session_name: z.string().default("teleton_session"),
-  session_path: z.string().default("~/.teleton"),
-  dm_policy: DMPolicy.default("pairing"),
-  allow_from: z.array(z.number()).default([]),
-  group_policy: GroupPolicy.default("open"),
-  group_allow_from: z.array(z.number()).default([]),
-  require_mention: z.boolean().default(true),
-  max_message_length: z.number().default(TELEGRAM_MAX_MESSAGE_LENGTH),
-  typing_simulation: z.boolean().default(true),
-  rate_limit_messages_per_second: z.number().default(1),
-  rate_limit_groups_per_minute: z.number().default(20),
-  admin_ids: z.array(z.number()).default([]),
-  agent_channel: z.string().nullable().default(null),
-  owner_name: z.string().optional().describe("Owner's first name (e.g., 'Alex')"),
-  owner_username: z.string().optional().describe("Owner's Telegram username (without @)"),
-  owner_id: z.number().optional().describe("Owner's Telegram user ID"),
-  debounce_ms: z.number().default(1500).describe("Debounce delay in milliseconds for group messages (0 = disabled)"),
-  bot_token: z.string().optional().describe("Telegram Bot token from @BotFather for inline deal buttons"),
-  bot_username: z.string().optional().describe("Bot username without @ (e.g., 'teleton_deals_bot')")
-});
-var StorageConfigSchema = z.object({
-  sessions_file: z.string().default("~/.teleton/sessions.json"),
-  pairing_file: z.string().default("~/.teleton/pairing.json"),
-  memory_file: z.string().default("~/.teleton/memory.json"),
-  history_limit: z.number().default(100)
-});
-var MetaConfigSchema = z.object({
-  version: z.string().default("1.0.0"),
-  created_at: z.string().optional(),
-  last_modified_at: z.string().optional(),
-  onboard_command: z.string().default("teleton setup")
-});
-var _DealsObject = z.object({
-  enabled: z.boolean().default(true),
-  expiry_seconds: z.number().default(120),
-  buy_max_floor_percent: z.number().default(100),
-  sell_min_floor_percent: z.number().default(105),
-  poll_interval_ms: z.number().default(5e3),
-  max_verification_retries: z.number().default(12),
-  expiry_check_interval_ms: z.number().default(6e4)
-});
-var DealsConfigSchema = _DealsObject.default(_DealsObject.parse({}));
-var _WebUIObject = z.object({
-  enabled: z.boolean().default(false).describe("Enable WebUI server"),
-  port: z.number().default(7777).describe("HTTP server port"),
-  host: z.string().default("127.0.0.1").describe("Bind address (localhost only for security)"),
-  auth_token: z.string().optional().describe("Bearer token for API auth (auto-generated if omitted)"),
-  cors_origins: z.array(z.string()).default(["http://localhost:5173", "http://localhost:7777"]).describe("Allowed CORS origins for development"),
-  log_requests: z.boolean().default(false).describe("Log all HTTP requests")
-});
-var WebUIConfigSchema = _WebUIObject.default(_WebUIObject.parse({}));
-var _EmbeddingObject = z.object({
-  provider: z.enum(["local", "anthropic", "none"]).default("local").describe("Embedding provider: local (ONNX), anthropic (API), or none (FTS5-only)"),
-  model: z.string().optional().describe("Model override (default: Xenova/all-MiniLM-L6-v2 for local)")
-});
-var EmbeddingConfigSchema = _EmbeddingObject.default(_EmbeddingObject.parse({}));
-var _DevObject = z.object({
-  hot_reload: z.boolean().default(false).describe("Enable plugin hot-reload (watches ~/.teleton/plugins/ for changes)")
-});
-var DevConfigSchema = _DevObject.default(_DevObject.parse({}));
-var McpServerSchema = z.object({
-  command: z.string().optional().describe("Stdio command (e.g. 'npx @modelcontextprotocol/server-filesystem /tmp')"),
-  args: z.array(z.string()).optional().describe("Explicit args array (overrides command splitting)"),
-  env: z.record(z.string(), z.string()).optional().describe("Environment variables for stdio server"),
-  url: z.string().url().optional().describe("SSE/HTTP endpoint URL (alternative to command)"),
-  scope: z.enum(["always", "dm-only", "group-only", "admin-only"]).default("always").describe("Tool scope"),
-  enabled: z.boolean().default(true).describe("Enable/disable this server")
-}).refine((s) => s.command || s.url, {
-  message: "Each MCP server needs either 'command' (stdio) or 'url' (SSE/HTTP)"
-});
-var _McpObject = z.object({
-  servers: z.record(z.string(), McpServerSchema).default({})
-});
-var McpConfigSchema = _McpObject.default(_McpObject.parse({}));
-var _ToolRagObject = z.object({
-  enabled: z.boolean().default(false).describe("Enable semantic tool retrieval (Tool RAG)"),
-  top_k: z.number().default(25).describe("Max tools to retrieve per LLM call"),
-  always_include: z.array(z.string()).default([
-    "telegram_send_message",
-    "telegram_reply_message",
-    "telegram_send_photo",
-    "telegram_send_document",
-    "journal_*",
-    "workspace_*",
-    "web_*"
-  ]).describe("Tool name patterns always included (prefix glob with *)"),
-  skip_unlimited_providers: z.boolean().default(false).describe("Skip Tool RAG for providers with no tool limit (e.g. Anthropic)")
-});
-var ToolRagConfigSchema = _ToolRagObject.default(_ToolRagObject.parse({}));
-var ConfigSchema = z.object({
-  meta: MetaConfigSchema.default(MetaConfigSchema.parse({})),
-  agent: AgentConfigSchema,
-  telegram: TelegramConfigSchema,
-  storage: StorageConfigSchema.default(StorageConfigSchema.parse({})),
-  embedding: EmbeddingConfigSchema,
-  deals: DealsConfigSchema,
-  webui: WebUIConfigSchema,
-  dev: DevConfigSchema,
-  tool_rag: ToolRagConfigSchema,
-  mcp: McpConfigSchema,
-  plugins: z.record(z.string(), z.unknown()).default({}).describe("Per-plugin config (key = plugin name with underscores)"),
-  tonapi_key: z.string().optional().describe("TonAPI key for higher rate limits (from @tonapi_bot)"),
-  tavily_api_key: z.string().optional().describe("Tavily API key for web search & extract (free at https://tavily.com)")
-});
-
-// src/config/loader.ts
+var log = createLogger("Config");
 var DEFAULT_CONFIG_PATH = join(TELETON_ROOT, "config.yaml");
 function expandPath(path) {
   if (path.startsWith("~")) {
@@ -292,7 +84,7 @@ Run 'teleton setup' to create one.`);
     throw new Error(`Invalid YAML in ${fullPath}: ${error.message}`);
   }
   if (raw && typeof raw === "object" && "market" in raw) {
-    console.warn("\u26A0\uFE0F  config.market is deprecated and ignored. Use market-api plugin instead.");
+    log.warn("config.market is deprecated and ignored. Use market-api plugin instead.");
     delete raw.market;
   }
   const result = ConfigSchema.safeParse(raw);
@@ -332,12 +124,28 @@ Run 'teleton setup' to create one.`);
   }
   if (process.env.TELETON_WEBUI_PORT) {
     const port = parseInt(process.env.TELETON_WEBUI_PORT, 10);
-    if (!isNaN(port)) {
+    if (!isNaN(port) && port >= 1024 && port <= 65535) {
       config.webui.port = port;
     }
   }
   if (process.env.TELETON_WEBUI_HOST) {
     config.webui.host = process.env.TELETON_WEBUI_HOST;
+    if (!["127.0.0.1", "localhost", "::1"].includes(config.webui.host)) {
+      log.warn(
+        { host: config.webui.host },
+        "WebUI bound to non-loopback address \u2014 ensure auth_token is set"
+      );
+    }
+  }
+  if (process.env.TELETON_BASE_URL) {
+    try {
+      new URL(process.env.TELETON_BASE_URL);
+      config.agent.base_url = process.env.TELETON_BASE_URL;
+    } catch {
+      throw new Error(
+        `Invalid TELETON_BASE_URL: "${process.env.TELETON_BASE_URL}" is not a valid URL`
+      );
+    }
   }
   if (process.env.TELETON_TAVILY_API_KEY) {
     config.tavily_api_key = process.env.TELETON_TAVILY_API_KEY;
@@ -354,169 +162,447 @@ function getDefaultConfigPath() {
   return DEFAULT_CONFIG_PATH;
 }
 
-// src/ton/wallet-service.ts
-import { mnemonicNew, mnemonicToPrivateKey, mnemonicValidate } from "@ton/crypto";
-import { WalletContractV5R1, TonClient, fromNano } from "@ton/ton";
-import { readFileSync as readFileSync2, writeFileSync as writeFileSync2, existsSync as existsSync2, mkdirSync as mkdirSync2, chmodSync as chmodSync2 } from "fs";
-import { join as join2, dirname as dirname2 } from "path";
-var WALLET_FILE = join2(TELETON_ROOT, "wallet.json");
-var _walletCache;
-var _keyPairCache = null;
-async function generateWallet() {
-  const mnemonic = await mnemonicNew(24);
-  const keyPair = await mnemonicToPrivateKey(mnemonic);
-  const wallet = WalletContractV5R1.create({
-    workchain: 0,
-    publicKey: keyPair.publicKey
-  });
-  const address = wallet.address.toString({ bounceable: true, testOnly: false });
+// src/soul/loader.ts
+import { readFileSync as readFileSync3, existsSync as existsSync4 } from "fs";
+
+// src/memory/daily-logs.ts
+import { existsSync as existsSync3, mkdirSync as mkdirSync2, appendFileSync, readFileSync as readFileSync2 } from "fs";
+import { join as join2 } from "path";
+
+// src/workspace/validator.ts
+import { existsSync as existsSync2, lstatSync, readdirSync } from "fs";
+import { resolve, normalize, relative, extname, basename } from "path";
+import { homedir as homedir2 } from "os";
+var WorkspaceSecurityError = class extends Error {
+  constructor(message, attemptedPath) {
+    super(message);
+    this.attemptedPath = attemptedPath;
+    this.name = "WorkspaceSecurityError";
+  }
+};
+function decodeRecursive(str) {
+  let decoded = str;
+  let prev = "";
+  let iterations = 0;
+  const maxIterations = 10;
+  while (decoded !== prev && iterations < maxIterations) {
+    prev = decoded;
+    try {
+      decoded = decodeURIComponent(decoded);
+    } catch {
+      break;
+    }
+    iterations++;
+  }
+  return decoded;
+}
+function validatePath(inputPath, allowCreate = false) {
+  if (!inputPath || inputPath.trim() === "") {
+    throw new WorkspaceSecurityError("Path cannot be empty.", inputPath);
+  }
+  const trimmedPath = inputPath.trim().replace(/\\/g, "/");
+  const decodedPath = decodeRecursive(trimmedPath);
+  let absolutePath;
+  if (decodedPath.startsWith("/")) {
+    absolutePath = resolve(normalize(decodedPath));
+  } else if (decodedPath.startsWith("~/")) {
+    const expanded = decodedPath.replace(/^~(?=$|[\\/])/, homedir2());
+    absolutePath = resolve(expanded);
+  } else {
+    absolutePath = resolve(WORKSPACE_ROOT, normalize(decodedPath));
+  }
+  const relativePath = relative(WORKSPACE_ROOT, absolutePath);
+  if (relativePath.startsWith("..") || relativePath.startsWith("/")) {
+    throw new WorkspaceSecurityError(
+      `Access denied: Path '${inputPath}' is outside the workspace. Only files in ~/.teleton/workspace/ are accessible.`,
+      inputPath
+    );
+  }
+  const exists = existsSync2(absolutePath);
+  if (!exists && !allowCreate) {
+    throw new WorkspaceSecurityError(
+      `File not found: '${inputPath}' does not exist in workspace.`,
+      inputPath
+    );
+  }
+  if (exists) {
+    const stats = lstatSync(absolutePath);
+    if (stats.isSymbolicLink()) {
+      throw new WorkspaceSecurityError(
+        `Access denied: Symbolic links are not allowed for security reasons.`,
+        inputPath
+      );
+    }
+  }
   return {
-    version: "w5r1",
-    address,
-    publicKey: keyPair.publicKey.toString("hex"),
-    mnemonic,
-    createdAt: (/* @__PURE__ */ new Date()).toISOString()
+    absolutePath,
+    relativePath,
+    exists,
+    isDirectory: exists ? lstatSync(absolutePath).isDirectory() : false,
+    extension: extname(absolutePath).toLowerCase(),
+    filename: basename(absolutePath)
   };
 }
-function saveWallet(wallet) {
-  const dir = dirname2(WALLET_FILE);
-  if (!existsSync2(dir)) {
-    mkdirSync2(dir, { recursive: true });
+function validateReadPath(inputPath) {
+  const validated = validatePath(inputPath, false);
+  if (validated.isDirectory) {
+    throw new WorkspaceSecurityError(`Cannot read directory as file: '${inputPath}'`, inputPath);
   }
-  writeFileSync2(WALLET_FILE, JSON.stringify(wallet, null, 2), "utf-8");
-  chmodSync2(WALLET_FILE, 384);
-  _walletCache = void 0;
-  _keyPairCache = null;
+  return validated;
 }
-function loadWallet() {
-  if (_walletCache !== void 0) return _walletCache;
-  if (!existsSync2(WALLET_FILE)) {
-    _walletCache = null;
-    return null;
+var IMMUTABLE_FILES = ["SOUL.md", "STRATEGY.md", "SECURITY.md"];
+function validateWritePath(inputPath, fileType) {
+  const validated = validatePath(inputPath, true);
+  if (IMMUTABLE_FILES.includes(validated.filename)) {
+    throw new WorkspaceSecurityError(
+      `Cannot write to ${validated.filename}. This file is configured by the owner. Use memory_write instead.`,
+      inputPath
+    );
   }
+  if (fileType && ALLOWED_EXTENSIONS[fileType]) {
+    const allowedExts = ALLOWED_EXTENSIONS[fileType];
+    if (!allowedExts.includes(validated.extension)) {
+      throw new WorkspaceSecurityError(
+        `Invalid file type: '${validated.extension}' is not allowed for ${fileType}. Allowed: ${allowedExts.join(", ")}`,
+        inputPath
+      );
+    }
+  }
+  return validated;
+}
+function validateDirectory(inputPath) {
+  const validated = validatePath(inputPath, true);
+  if (validated.exists && !validated.isDirectory) {
+    throw new WorkspaceSecurityError(
+      `Path exists but is not a directory: '${inputPath}'`,
+      inputPath
+    );
+  }
+  return validated;
+}
+
+// src/memory/daily-logs.ts
+var log2 = createLogger("Memory");
+var MEMORY_DIR = WORKSPACE_PATHS.MEMORY_DIR;
+function formatDate(date) {
+  const year = date.getFullYear();
+  const month = String(date.getMonth() + 1).padStart(2, "0");
+  const day = String(date.getDate()).padStart(2, "0");
+  return `${year}-${month}-${day}`;
+}
+function getDailyLogPath(date = /* @__PURE__ */ new Date()) {
+  return join2(MEMORY_DIR, `${formatDate(date)}.md`);
+}
+function ensureMemoryDir() {
+  if (!existsSync3(MEMORY_DIR)) {
+    mkdirSync2(MEMORY_DIR, { recursive: true });
+  }
+}
+function appendToDailyLog(content, date = /* @__PURE__ */ new Date()) {
   try {
-    const content = readFileSync2(WALLET_FILE, "utf-8");
-    _walletCache = JSON.parse(content);
-    return _walletCache;
+    ensureMemoryDir();
+    const logPath = getDailyLogPath(date);
+    const timestamp = date.toLocaleTimeString("en-US", { hour12: false });
+    if (!existsSync3(logPath)) {
+      const header = `# Daily Log - ${formatDate(date)}
+
+`;
+      appendFileSync(logPath, header, "utf-8");
+    }
+    const entry = `## ${timestamp}
+
+${content}
+
+---
+
+`;
+    appendFileSync(logPath, entry, "utf-8");
+    log2.info(`Daily log updated: ${logPath}`);
   } catch (error) {
-    console.error("Failed to load wallet:", error);
-    _walletCache = null;
+    log2.error({ err: error }, "Failed to write daily log");
+  }
+}
+function readDailyLog(date = /* @__PURE__ */ new Date()) {
+  try {
+    const logPath = getDailyLogPath(date);
+    if (!existsSync3(logPath)) return null;
+    return readFileSync2(logPath, "utf-8");
+  } catch {
     return null;
   }
 }
-function walletExists() {
-  return existsSync2(WALLET_FILE);
+var DAILY_LOG_LINE_LIMIT = 100;
+function truncateDailyLog(content) {
+  const lines = content.split("\n");
+  if (lines.length <= DAILY_LOG_LINE_LIMIT) return content;
+  const truncated = lines.slice(-DAILY_LOG_LINE_LIMIT).join("\n");
+  const dropped = lines.length - DAILY_LOG_LINE_LIMIT;
+  return `_[... ${dropped} earlier lines omitted]_
+
+${truncated}`;
 }
-async function importWallet(mnemonic) {
-  const valid = await mnemonicValidate(mnemonic);
-  if (!valid) {
-    throw new Error("Invalid mnemonic: words do not form a valid TON seed phrase");
+function readRecentMemory() {
+  const today = /* @__PURE__ */ new Date();
+  const yesterday = new Date(today);
+  yesterday.setDate(yesterday.getDate() - 1);
+  const parts = [];
+  const yesterdayLog = readDailyLog(yesterday);
+  if (yesterdayLog) {
+    parts.push(`## Yesterday (${formatDate(yesterday)})
+
+${truncateDailyLog(yesterdayLog)}`);
   }
-  const keyPair = await mnemonicToPrivateKey(mnemonic);
-  const wallet = WalletContractV5R1.create({
-    workchain: 0,
-    publicKey: keyPair.publicKey
-  });
-  const address = wallet.address.toString({ bounceable: true, testOnly: false });
-  return {
-    version: "w5r1",
-    address,
-    publicKey: keyPair.publicKey.toString("hex"),
-    mnemonic,
-    createdAt: (/* @__PURE__ */ new Date()).toISOString()
-  };
+  const todayLog = readDailyLog(today);
+  if (todayLog) {
+    parts.push(`## Today (${formatDate(today)})
+
+${truncateDailyLog(todayLog)}`);
+  }
+  if (parts.length === 0) {
+    return null;
+  }
+  return `# Recent Memory
+
+${parts.join("\n\n---\n\n")}`;
 }
-function getWalletAddress() {
-  const wallet = loadWallet();
-  return wallet?.address || null;
+function writeSummaryToDailyLog(summary) {
+  appendToDailyLog(`### Memory Flush (Pre-Compaction)
+
+${summary}`);
 }
-async function getKeyPair() {
-  if (_keyPairCache) return _keyPairCache;
-  const wallet = loadWallet();
-  if (!wallet) return null;
-  _keyPairCache = await mnemonicToPrivateKey(wallet.mnemonic);
-  return _keyPairCache;
+
+// src/utils/sanitize.ts
+function sanitizeForPrompt(text) {
+  return text.replace(/[\x00-\x08\x0b\x0c\x0e-\x1f]/g, "").replace(/[\u00AD\u034F\u061C\u180E\u200B-\u200F\u2060-\u2064\uFEFF]/g, "").replace(/[\u202A-\u202E\u2066-\u2069]/g, "").replace(/[\r\n\u2028\u2029]+/g, " ").replace(/#{1,6}\s/g, "").replace(/<\/?[a-zA-Z_][^>]*>/g, "").replace(/`{3,}/g, "`").trim().slice(0, 128);
+}
+function sanitizeForContext(text) {
+  return text.replace(/[\x00-\x08\x0b\x0c\x0e-\x1f]/g, "").replace(/[\u00AD\u034F\u061C\u180E\u200B-\u200F\u2060-\u2064\uFEFF]/g, "").replace(/[\u202A-\u202E\u2066-\u2069]/g, "").replace(/[\u2028\u2029]/g, "\n").replace(/<\/?[a-zA-Z_][^>]*>/g, "").replace(/`{3,}/g, "``").trim();
 }
-async function getWalletBalance(address) {
+
+// src/soul/loader.ts
+var SOUL_PATHS = [WORKSPACE_PATHS.SOUL];
+var STRATEGY_PATHS = [WORKSPACE_PATHS.STRATEGY];
+var SECURITY_PATHS = [WORKSPACE_PATHS.SECURITY];
+var MEMORY_PATH = WORKSPACE_PATHS.MEMORY;
+var DEFAULT_SOUL = `# Teleton AI
+
+You are Teleton, a personal AI assistant that operates through Telegram.
+
+## Personality
+- Helpful and concise
+- Direct and honest
+- Friendly but professional
+
+## Guidelines
+- Keep responses short and actionable
+- Use markdown when appropriate
+- Respect user privacy
+- Be transparent about capabilities and limitations
+`;
+var fileCache = /* @__PURE__ */ new Map();
+var FILE_CACHE_TTL = 6e4;
+function cachedReadFile(path) {
+  const now = Date.now();
+  const cached = fileCache.get(path);
+  if (cached && now < cached.expiry) return cached.content;
+  let content = null;
   try {
-    const endpoint = await getCachedHttpEndpoint();
-    const client = new TonClient({ endpoint });
-    const { Address: Address2 } = await import("@ton/core");
-    const addressObj = Address2.parse(address);
-    const balance = await client.getBalance(addressObj);
-    const balanceFormatted = fromNano(balance);
-    return {
-      balance: balanceFormatted,
-      balanceNano: balance.toString()
-    };
-  } catch (error) {
-    console.error("Failed to get balance:", error);
-    return null;
+    if (existsSync4(path)) content = readFileSync3(path, "utf-8");
+  } catch {
   }
+  fileCache.set(path, { content, expiry: now + FILE_CACHE_TTL });
+  return content;
+}
+function clearPromptCache() {
+  fileCache.clear();
 }
-var TON_PRICE_CACHE_TTL_MS = 3e4;
-var _tonPriceCache = null;
-async function getTonPrice() {
-  if (_tonPriceCache && Date.now() - _tonPriceCache.timestamp < TON_PRICE_CACHE_TTL_MS) {
-    return { ..._tonPriceCache };
+function loadSoul() {
+  for (const path of SOUL_PATHS) {
+    const content = cachedReadFile(path);
+    if (content) return content;
   }
-  try {
-    const response = await tonapiFetch(`/rates?tokens=ton&currencies=usd`);
-    if (response.ok) {
-      const data = await response.json();
-      const price = data?.rates?.TON?.prices?.USD;
-      if (typeof price === "number" && price > 0) {
-        _tonPriceCache = { usd: price, source: "TonAPI", timestamp: Date.now() };
-        return _tonPriceCache;
-      }
+  return DEFAULT_SOUL;
+}
+function loadStrategy() {
+  for (const path of STRATEGY_PATHS) {
+    const content = cachedReadFile(path);
+    if (content) return content;
+  }
+  return null;
+}
+function loadSecurity() {
+  for (const path of SECURITY_PATHS) {
+    const content = cachedReadFile(path);
+    if (content) return content;
+  }
+  return null;
+}
+var MEMORY_HARD_LIMIT = 150;
+function loadPersistentMemory() {
+  const content = cachedReadFile(MEMORY_PATH);
+  if (!content) return null;
+  const lines = content.split("\n");
+  if (lines.length <= MEMORY_HARD_LIMIT) {
+    return content;
+  }
+  const truncated = lines.slice(0, MEMORY_HARD_LIMIT).join("\n");
+  const remaining = lines.length - MEMORY_HARD_LIMIT;
+  return `${truncated}
+
+_[... ${remaining} more lines not loaded. Consider consolidating MEMORY.md to keep it under ${MEMORY_HARD_LIMIT} lines.]_`;
+}
+function loadMemoryContext() {
+  const parts = [];
+  const persistentMemory = loadPersistentMemory();
+  if (persistentMemory) {
+    parts.push(`## Persistent Memory
+
+${sanitizeForContext(persistentMemory)}`);
+  }
+  const recentMemory = readRecentMemory();
+  if (recentMemory) {
+    parts.push(sanitizeForContext(recentMemory));
+  }
+  if (parts.length === 0) {
+    return null;
+  }
+  return parts.join("\n\n---\n\n");
+}
+function buildSystemPrompt(options) {
+  const soul = options.soul ?? loadSoul();
+  const parts = [soul];
+  const security = loadSecurity();
+  if (security) {
+    parts.push(`
+${security}`);
+  }
+  const includeStrategy = options.includeStrategy ?? true;
+  if (includeStrategy) {
+    const strategy = options.strategy ?? loadStrategy();
+    if (strategy) {
+      parts.push(`
+${strategy}`);
     }
-  } catch {
   }
-  try {
-    const response = await fetchWithTimeout(
-      `${COINGECKO_API_URL}/simple/price?ids=the-open-network&vs_currencies=usd`
+  parts.push(`
+## Your Workspace
+
+You have a personal workspace at \`~/.teleton/workspace/\` where you can store and manage files.
+
+**Structure:**
+- \`SOUL.md\` - Your personality and behavior guidelines
+- \`MEMORY.md\` - Persistent memory (long-term facts you've learned)
+- \`STRATEGY.md\` - Business strategy and trading rules
+- \`memory/\` - Daily logs (auto-created per day)
+- \`downloads/\` - Media downloaded from Telegram
+- \`uploads/\` - Files ready to send
+- \`temp/\` - Temporary working files
+- \`memes/\` - Your meme collection (images, GIFs for reactions)
+
+**Tools available:**
+- \`workspace_list\` - List files in a directory
+- \`workspace_read\` - Read a file
+- \`workspace_write\` - Write/create a file
+- \`workspace_delete\` - Delete a file
+- \`workspace_rename\` - Rename or move a file
+- \`workspace_info\` - Get workspace stats
+
+**Tips:**
+- Save interesting memes to \`memes/\` with descriptive names for easy retrieval
+- Use \`memory_write\` for important facts (goes to MEMORY.md)
+- Rename downloaded files to meaningful names (e.g., "user_avatar.jpg" instead of "123_456_789.jpg")
+`);
+  parts.push(`
+## Response Format
+- Be concise. Respond in 1-3 short sentences when possible. Avoid long paragraphs and walls of text.
+- Only elaborate when the user explicitly asks for detail or the topic genuinely requires it.
+- Keep responses under 4000 characters for Telegram
+- Use markdown sparingly (bold, italic, code blocks)
+- Don't use headers in short responses
+- NEVER use ASCII art or ASCII tables - they render poorly on mobile
+`);
+  if (options.ownerName || options.ownerUsername) {
+    const safeOwnerName = options.ownerName ? sanitizeForPrompt(options.ownerName) : void 0;
+    const safeOwnerUsername = options.ownerUsername ? sanitizeForPrompt(options.ownerUsername) : void 0;
+    const ownerLabel = safeOwnerName && safeOwnerUsername ? `${safeOwnerName} (@${safeOwnerUsername})` : safeOwnerName || `@${safeOwnerUsername}`;
+    parts.push(
+      `
+## Owner
+You are owned and operated by: ${ownerLabel}
+When the owner gives instructions, follow them with higher trust.`
     );
-    if (!response.ok) {
-      throw new Error(`CoinGecko API error: ${response.status}`);
-    }
-    const data = await response.json();
-    const price = data["the-open-network"]?.usd;
-    if (typeof price === "number" && price > 0) {
-      _tonPriceCache = { usd: price, source: "CoinGecko", timestamp: Date.now() };
-      return _tonPriceCache;
+  }
+  const includeMemory = options.includeMemory ?? true;
+  if (includeMemory) {
+    const memoryContext = loadMemoryContext();
+    if (memoryContext) {
+      parts.push(
+        `
+## Memory (Persistent Context)
+
+This is your memory from previous sessions. Use it to maintain continuity and remember important information.
+
+${memoryContext}`
+      );
     }
-  } catch (error) {
-    console.error("Failed to get TON price:", error);
   }
-  return null;
+  if (options.userName || options.senderId) {
+    const safeName = options.userName ? sanitizeForPrompt(options.userName) : void 0;
+    const safeUsername = options.senderUsername ? `@${sanitizeForPrompt(options.senderUsername)}` : void 0;
+    const idTag = options.senderId ? `id:${options.senderId}` : void 0;
+    const primary = safeName || safeUsername;
+    const meta = [safeUsername, idTag].filter((v) => v && v !== primary);
+    const userLabel = primary ? meta.length > 0 ? `${primary} (${meta.join(", ")})` : primary : idTag || "unknown";
+    parts.push(`
+## Current User
+You are chatting with: ${userLabel}`);
+  }
+  if (options.context) {
+    parts.push(`
+## Context
+${options.context}`);
+  }
+  if (options.memoryFlushWarning) {
+    parts.push(`
+## Memory Flush Warning
+
+Your conversation context is approaching the limit and may be compacted soon.
+**Always respond to the user's message first.** Then, if there's anything important worth preserving, consider using \`memory_write\` alongside your response:
+
+- \`target: "persistent"\` for facts, lessons, contacts, decisions
+- \`target: "daily"\` for session notes, events, temporary context
+`);
+  }
+  return parts.join("\n");
 }
 
 // src/agent/tools/plugin-loader.ts
-import { readdirSync, readFileSync as readFileSync4, existsSync as existsSync4, statSync } from "fs";
+import { readdirSync as readdirSync2, readFileSync as readFileSync5, existsSync as existsSync6, statSync } from "fs";
 import { join as join4 } from "path";
 import { pathToFileURL } from "url";
 import { execFile } from "child_process";
 import { promisify } from "util";
 
 // src/agent/tools/plugin-validator.ts
-import { z as z2 } from "zod";
-var ManifestSchema = z2.object({
-  name: z2.string().min(1).max(64).regex(
+import { z } from "zod";
+var log3 = createLogger("PluginValidator");
+var ManifestSchema = z.object({
+  name: z.string().min(1).max(64).regex(
     /^[a-z0-9][a-z0-9-]*$/,
     "Must be lowercase alphanumeric with hyphens, starting with a letter or number"
   ),
-  version: z2.string().regex(/^\d+\.\d+\.\d+$/, "Must be semver (e.g., 1.0.0)"),
-  author: z2.string().max(128).optional(),
-  description: z2.string().max(256).optional(),
-  dependencies: z2.array(z2.string()).optional(),
-  defaultConfig: z2.record(z2.string(), z2.unknown()).optional(),
-  sdkVersion: z2.string().max(32).optional(),
-  secrets: z2.record(
-    z2.string(),
-    z2.object({
-      required: z2.boolean(),
-      description: z2.string().max(256),
-      env: z2.string().max(128).optional()
+  version: z.string().regex(/^\d+\.\d+\.\d+$/, "Must be semver (e.g., 1.0.0)"),
+  author: z.string().max(128).optional(),
+  description: z.string().max(256).optional(),
+  dependencies: z.array(z.string()).optional(),
+  defaultConfig: z.record(z.string(), z.unknown()).optional(),
+  sdkVersion: z.string().max(32).optional(),
+  secrets: z.record(
+    z.string(),
+    z.object({
+      required: z.boolean(),
+      description: z.string().max(256),
+      env: z.string().max(128).optional()
     })
   ).optional()
 });
@@ -527,20 +613,20 @@ function validateToolDefs(defs, pluginName) {
   const valid = [];
   for (const def of defs) {
     if (!def || typeof def !== "object") {
-      console.warn(`\u26A0\uFE0F  [${pluginName}] tool is not an object, skipping`);
+      log3.warn(`[${pluginName}] tool is not an object, skipping`);
       continue;
     }
     const t = def;
     if (!t.name || typeof t.name !== "string") {
-      console.warn(`\u26A0\uFE0F  [${pluginName}] tool missing 'name', skipping`);
+      log3.warn(`[${pluginName}] tool missing 'name', skipping`);
       continue;
     }
     if (!t.description || typeof t.description !== "string") {
-      console.warn(`\u26A0\uFE0F  [${pluginName}] tool "${t.name}" missing 'description', skipping`);
+      log3.warn(`[${pluginName}] tool "${t.name}" missing 'description', skipping`);
       continue;
     }
     if (!t.execute || typeof t.execute !== "function") {
-      console.warn(`\u26A0\uFE0F  [${pluginName}] tool "${t.name}" missing 'execute' function, skipping`);
+      log3.warn(`[${pluginName}] tool "${t.name}" missing 'execute' function, skipping`);
       continue;
     }
     valid.push(t);
@@ -572,35 +658,40 @@ var PluginSDKError = class extends Error {
 var SDK_VERSION = "1.0.0";
 
 // src/ton/transfer.ts
-import { WalletContractV5R1 as WalletContractV5R12, TonClient as TonClient2, toNano, internal } from "@ton/ton";
+import { WalletContractV5R1, TonClient, toNano, internal } from "@ton/ton";
 import { Address, SendMode } from "@ton/core";
+var log4 = createLogger("TON");
 async function sendTon(params) {
   try {
     const { toAddress, amount, comment = "", bounce = false } = params;
+    if (!Number.isFinite(amount) || amount <= 0) {
+      log4.error({ amount }, "Invalid transfer amount");
+      return null;
+    }
     let recipientAddress;
     try {
       recipientAddress = Address.parse(toAddress);
     } catch (e) {
-      console.error(`Invalid recipient address: ${toAddress}`, e);
+      log4.error({ err: e }, `Invalid recipient address: ${toAddress}`);
       return null;
     }
     const keyPair = await getKeyPair();
     if (!keyPair) {
-      console.error("Wallet not initialized");
+      log4.error("Wallet not initialized");
       return null;
     }
-    const wallet = WalletContractV5R12.create({
+    const wallet = WalletContractV5R1.create({
       workchain: 0,
       publicKey: keyPair.publicKey
     });
     const endpoint = await getCachedHttpEndpoint();
-    const client = new TonClient2({ endpoint });
+    const client = new TonClient({ endpoint });
     const contract = client.open(wallet);
     const seqno = await contract.getSeqno();
     await contract.sendTransfer({
       seqno,
       secretKey: keyPair.secretKey,
-      sendMode: SendMode.PAY_GAS_SEPARATELY + SendMode.IGNORE_ERRORS,
+      sendMode: SendMode.PAY_GAS_SEPARATELY,
       messages: [
         internal({
           to: recipientAddress,
@@ -611,15 +702,16 @@ async function sendTon(params) {
       ]
     });
     const pseudoHash = `${seqno}_${Date.now()}_${amount.toFixed(2)}`;
-    console.log(`\u{1F4B8} [TON] Sent ${amount} TON to ${toAddress.slice(0, 8)}... - seqno: ${seqno}`);
+    log4.info(`Sent ${amount} TON to ${toAddress.slice(0, 8)}... - seqno: ${seqno}`);
     return pseudoHash;
   } catch (error) {
-    console.error("Error sending TON:", error);
+    log4.error({ err: error }, "Error sending TON");
     return null;
   }
 }
 
 // src/utils/retry.ts
+var log5 = createLogger("Utils");
 var DEFAULT_OPTIONS = {
   maxAttempts: RETRY_DEFAULT_MAX_ATTEMPTS,
   baseDelayMs: RETRY_DEFAULT_BASE_DELAY_MS,
@@ -643,7 +735,7 @@ async function withRetry(fn, options = {}) {
       return result;
     } catch (error) {
       lastError = error instanceof Error ? error : new Error(String(error));
-      console.warn(`Retry attempt ${attempt}/${opts.maxAttempts} failed:`, lastError.message);
+      log5.warn(`Retry attempt ${attempt}/${opts.maxAttempts} failed: ${lastError.message}`);
       if (attempt < opts.maxAttempts) {
         const delay = Math.min(opts.baseDelayMs * Math.pow(2, attempt - 1), opts.maxDelayMs);
         await sleep(delay);
@@ -661,7 +753,7 @@ async function withBlockchainRetry(fn, operation = "blockchain operation") {
       timeout: RETRY_BLOCKCHAIN_TIMEOUT_MS
     });
   } catch (error) {
-    const message = error instanceof Error ? error.message : String(error);
+    const message = getErrorMessage(error);
     throw new Error(`${operation} failed after retries: ${message}`);
   }
 }
@@ -670,25 +762,25 @@ async function withBlockchainRetry(fn, operation = "blockchain operation") {
 var DEFAULT_MAX_AGE_MINUTES = 10;
 var DEFAULT_TX_RETENTION_DAYS = 30;
 var CLEANUP_PROBABILITY = 0.1;
-function cleanupOldTransactions(db, retentionDays, log) {
+function cleanupOldTransactions(db, retentionDays, log7) {
   if (Math.random() > CLEANUP_PROBABILITY) return;
   try {
     const cutoff = Math.floor(Date.now() / 1e3) - retentionDays * 24 * 60 * 60;
     const result = db.prepare("DELETE FROM used_transactions WHERE used_at < ?").run(cutoff);
     if (result.changes > 0) {
-      log.debug(`Cleaned up ${result.changes} old transaction records (>${retentionDays}d)`);
+      log7.debug(`Cleaned up ${result.changes} old transaction records (>${retentionDays}d)`);
     }
   } catch (err) {
-    log.error("Transaction cleanup failed:", err);
+    log7.error("Transaction cleanup failed:", err);
   }
 }
-function createTonSDK(log, db) {
+function createTonSDK(log7, db) {
   return {
     getAddress() {
       try {
         return getWalletAddress();
       } catch (err) {
-        log.error("ton.getAddress() failed:", err);
+        log7.error("ton.getAddress() failed:", err);
         return null;
       }
     },
@@ -698,7 +790,7 @@ function createTonSDK(log, db) {
         if (!addr) return null;
         return await getWalletBalance(addr);
       } catch (err) {
-        log.error("ton.getBalance() failed:", err);
+        log7.error("ton.getBalance() failed:", err);
         return null;
       }
     },
@@ -706,7 +798,7 @@ function createTonSDK(log, db) {
       try {
         return await getTonPrice();
       } catch (err) {
-        log.error("ton.getPrice() failed:", err);
+        log7.error("ton.getPrice() failed:", err);
         return null;
       }
     },
@@ -748,13 +840,13 @@ function createTonSDK(log, db) {
     },
     async getTransactions(address, limit) {
       try {
-        const { TonClient: TonClient3 } = await import("@ton/ton");
+        const { TonClient: TonClient2 } = await import("@ton/ton");
         const { Address: Address2 } = await import("@ton/core");
         const { getCachedHttpEndpoint: getCachedHttpEndpoint2 } = await import("./endpoint-FLYNEZ2F.js");
         const { formatTransactions } = await import("./format-transactions-FD74HI5N.js");
         const addressObj = Address2.parse(address);
         const endpoint = await getCachedHttpEndpoint2();
-        const client = new TonClient3({ endpoint });
+        const client = new TonClient2({ endpoint });
         const transactions = await withBlockchainRetry(
           () => client.getTransactions(addressObj, {
             limit: Math.min(limit ?? 10, 50)
@@ -763,7 +855,7 @@ function createTonSDK(log, db) {
         );
         return formatTransactions(transactions);
       } catch (err) {
-        log.error("ton.getTransactions() failed:", err);
+        log7.error("ton.getTransactions() failed:", err);
         return [];
       }
     },
@@ -779,7 +871,7 @@ function createTonSDK(log, db) {
         throw new PluginSDKError("Wallet not initialized", "WALLET_NOT_INITIALIZED");
       }
       const maxAgeMinutes = params.maxAgeMinutes ?? DEFAULT_MAX_AGE_MINUTES;
-      cleanupOldTransactions(db, DEFAULT_TX_RETENTION_DAYS, log);
+      cleanupOldTransactions(db, DEFAULT_TX_RETENTION_DAYS, log7);
       try {
         const txs = await this.getTransactions(address, 20);
         for (const tx of txs) {
@@ -813,7 +905,7 @@ function createTonSDK(log, db) {
         };
       } catch (err) {
         if (err instanceof PluginSDKError) throw err;
-        log.error("ton.verifyPayment() failed:", err);
+        log7.error("ton.verifyPayment() failed:", err);
         return {
           verified: false,
           error: `Verification failed: ${err instanceof Error ? err.message : String(err)}`
@@ -827,7 +919,7 @@ function createTonSDK(log, db) {
         if (!addr) return [];
         const response = await tonapiFetch(`/accounts/${addr}/jettons`);
         if (!response.ok) {
-          log.error(`ton.getJettonBalances() TonAPI error: ${response.status}`);
+          log7.error(`ton.getJettonBalances() TonAPI error: ${response.status}`);
           return [];
         }
         const data = await response.json();
@@ -835,7 +927,7 @@ function createTonSDK(log, db) {
         for (const item of data.balances || []) {
           const { balance, wallet_address, jetton } = item;
           if (jetton.verification === "blacklist") continue;
-          const decimals = jetton.decimals || 9;
+          const decimals = jetton.decimals ?? 9;
           const rawBalance = BigInt(balance);
           const divisor = BigInt(10 ** decimals);
           const wholePart = rawBalance / divisor;
@@ -855,7 +947,7 @@ function createTonSDK(log, db) {
         }
         return balances;
       } catch (err) {
-        log.error("ton.getJettonBalances() failed:", err);
+        log7.error("ton.getJettonBalances() failed:", err);
         return [];
       }
     },
@@ -864,7 +956,7 @@ function createTonSDK(log, db) {
         const response = await tonapiFetch(`/jettons/${jettonAddress}`);
         if (response.status === 404) return null;
         if (!response.ok) {
-          log.error(`ton.getJettonInfo() TonAPI error: ${response.status}`);
+          log7.error(`ton.getJettonInfo() TonAPI error: ${response.status}`);
           return null;
         }
         const data = await response.json();
@@ -882,13 +974,13 @@ function createTonSDK(log, db) {
           image: data.preview || metadata.image || void 0
         };
       } catch (err) {
-        log.error("ton.getJettonInfo() failed:", err);
+        log7.error("ton.getJettonInfo() failed:", err);
         return null;
       }
     },
     async sendJetton(jettonAddress, to, amount, opts) {
       const { Address: Address2, beginCell, SendMode: SendMode2 } = await import("@ton/core");
-      const { WalletContractV5R1: WalletContractV5R13, TonClient: TonClient3, toNano: toNano2, internal: internal2 } = await import("@ton/ton");
+      const { WalletContractV5R1: WalletContractV5R12, TonClient: TonClient2, toNano: toNano2, internal: internal2 } = await import("@ton/ton");
       const { getCachedHttpEndpoint: getCachedHttpEndpoint2 } = await import("./endpoint-FLYNEZ2F.js");
       const walletData = loadWallet();
       if (!walletData) {
@@ -902,72 +994,82 @@ function createTonSDK(log, db) {
       } catch {
         throw new PluginSDKError("Invalid recipient address", "INVALID_ADDRESS");
       }
-      const jettonsResponse = await tonapiFetch(`/accounts/${walletData.address}/jettons`);
-      if (!jettonsResponse.ok) {
-        throw new PluginSDKError(
-          `Failed to fetch jetton balances: ${jettonsResponse.status}`,
-          "OPERATION_FAILED"
-        );
-      }
-      const jettonsData = await jettonsResponse.json();
-      const jettonBalance = jettonsData.balances?.find(
-        (b) => b.jetton.address.toLowerCase() === jettonAddress.toLowerCase() || Address2.parse(b.jetton.address).toString() === Address2.parse(jettonAddress).toString()
-      );
-      if (!jettonBalance) {
-        throw new PluginSDKError(
-          `You don't own any of this jetton: ${jettonAddress}`,
-          "OPERATION_FAILED"
+      try {
+        const jettonsResponse = await tonapiFetch(`/accounts/${walletData.address}/jettons`);
+        if (!jettonsResponse.ok) {
+          throw new PluginSDKError(
+            `Failed to fetch jetton balances: ${jettonsResponse.status}`,
+            "OPERATION_FAILED"
+          );
+        }
+        const jettonsData = await jettonsResponse.json();
+        const jettonBalance = jettonsData.balances?.find(
+          (b) => b.jetton.address.toLowerCase() === jettonAddress.toLowerCase() || Address2.parse(b.jetton.address).toString() === Address2.parse(jettonAddress).toString()
         );
-      }
-      const senderJettonWallet = jettonBalance.wallet_address.address;
-      const decimals = jettonBalance.jetton.decimals || 9;
-      const currentBalance = BigInt(jettonBalance.balance);
-      const amountInUnits = BigInt(Math.floor(amount * 10 ** decimals));
-      if (amountInUnits > currentBalance) {
+        if (!jettonBalance) {
+          throw new PluginSDKError(
+            `You don't own any of this jetton: ${jettonAddress}`,
+            "OPERATION_FAILED"
+          );
+        }
+        const senderJettonWallet = jettonBalance.wallet_address.address;
+        const decimals = jettonBalance.jetton.decimals ?? 9;
+        const currentBalance = BigInt(jettonBalance.balance);
+        const amountStr = amount.toFixed(decimals);
+        const [whole, frac = ""] = amountStr.split(".");
+        const amountInUnits = BigInt(whole + (frac + "0".repeat(decimals)).slice(0, decimals));
+        if (amountInUnits > currentBalance) {
+          throw new PluginSDKError(
+            `Insufficient balance. Have ${Number(currentBalance) / 10 ** decimals}, need ${amount}`,
+            "OPERATION_FAILED"
+          );
+        }
+        const comment = opts?.comment;
+        let forwardPayload = beginCell().endCell();
+        if (comment) {
+          forwardPayload = beginCell().storeUint(0, 32).storeStringTail(comment).endCell();
+        }
+        const JETTON_TRANSFER_OP = 260734629;
+        const messageBody = beginCell().storeUint(JETTON_TRANSFER_OP, 32).storeUint(0, 64).storeCoins(amountInUnits).storeAddress(Address2.parse(to)).storeAddress(Address2.parse(walletData.address)).storeBit(false).storeCoins(comment ? toNano2("0.01") : BigInt(1)).storeBit(comment ? true : false).storeMaybeRef(comment ? forwardPayload : null).endCell();
+        const keyPair = await getKeyPair();
+        if (!keyPair) {
+          throw new PluginSDKError("Wallet key derivation failed", "OPERATION_FAILED");
+        }
+        const wallet = WalletContractV5R12.create({
+          workchain: 0,
+          publicKey: keyPair.publicKey
+        });
+        const endpoint = await getCachedHttpEndpoint2();
+        const client = new TonClient2({ endpoint });
+        const walletContract = client.open(wallet);
+        const seqno = await walletContract.getSeqno();
+        await walletContract.sendTransfer({
+          seqno,
+          secretKey: keyPair.secretKey,
+          sendMode: SendMode2.PAY_GAS_SEPARATELY,
+          messages: [
+            internal2({
+              to: Address2.parse(senderJettonWallet),
+              value: toNano2("0.05"),
+              body: messageBody,
+              bounce: true
+            })
+          ]
+        });
+        return { success: true, seqno };
+      } catch (err) {
+        if (err instanceof PluginSDKError) throw err;
         throw new PluginSDKError(
-          `Insufficient balance. Have ${Number(currentBalance) / 10 ** decimals}, need ${amount}`,
+          `Failed to send jetton: ${err instanceof Error ? err.message : String(err)}`,
           "OPERATION_FAILED"
         );
       }
-      const comment = opts?.comment;
-      let forwardPayload = beginCell().endCell();
-      if (comment) {
-        forwardPayload = beginCell().storeUint(0, 32).storeStringTail(comment).endCell();
-      }
-      const JETTON_TRANSFER_OP = 260734629;
-      const messageBody = beginCell().storeUint(JETTON_TRANSFER_OP, 32).storeUint(0, 64).storeCoins(amountInUnits).storeAddress(Address2.parse(to)).storeAddress(Address2.parse(walletData.address)).storeBit(false).storeCoins(comment ? toNano2("0.01") : BigInt(1)).storeBit(comment ? true : false).storeMaybeRef(comment ? forwardPayload : null).endCell();
-      const keyPair = await getKeyPair();
-      if (!keyPair) {
-        throw new PluginSDKError("Wallet key derivation failed", "OPERATION_FAILED");
-      }
-      const wallet = WalletContractV5R13.create({
-        workchain: 0,
-        publicKey: keyPair.publicKey
-      });
-      const endpoint = await getCachedHttpEndpoint2();
-      const client = new TonClient3({ endpoint });
-      const walletContract = client.open(wallet);
-      const seqno = await walletContract.getSeqno();
-      await walletContract.sendTransfer({
-        seqno,
-        secretKey: keyPair.secretKey,
-        sendMode: SendMode2.PAY_GAS_SEPARATELY + SendMode2.IGNORE_ERRORS,
-        messages: [
-          internal2({
-            to: Address2.parse(senderJettonWallet),
-            value: toNano2("0.05"),
-            body: messageBody,
-            bounce: true
-          })
-        ]
-      });
-      return { success: true, seqno };
     },
     async getJettonWalletAddress(ownerAddress, jettonAddress) {
       try {
         const response = await tonapiFetch(`/accounts/${ownerAddress}/jettons`);
         if (!response.ok) {
-          log.error(`ton.getJettonWalletAddress() TonAPI error: ${response.status}`);
+          log7.error(`ton.getJettonWalletAddress() TonAPI error: ${response.status}`);
           return null;
         }
         const { Address: Address2 } = await import("@ton/core");
@@ -977,7 +1079,7 @@ function createTonSDK(log, db) {
         );
         return match ? match.wallet_address.address : null;
       } catch (err) {
-        log.error("ton.getJettonWalletAddress() failed:", err);
+        log7.error("ton.getJettonWalletAddress() failed:", err);
         return null;
       }
     },
@@ -990,14 +1092,14 @@ function createTonSDK(log, db) {
           `/accounts/${encodeURIComponent(addr)}/nfts?limit=100&indirect_ownership=true`
         );
         if (!response.ok) {
-          log.error(`ton.getNftItems() TonAPI error: ${response.status}`);
+          log7.error(`ton.getNftItems() TonAPI error: ${response.status}`);
           return [];
         }
         const data = await response.json();
         if (!Array.isArray(data.nft_items)) return [];
         return data.nft_items.filter((item) => item.trust !== "blacklist").map((item) => mapNftItem(item));
       } catch (err) {
-        log.error("ton.getNftItems() failed:", err);
+        log7.error("ton.getNftItems() failed:", err);
         return [];
       }
     },
@@ -1006,13 +1108,13 @@ function createTonSDK(log, db) {
         const response = await tonapiFetch(`/nfts/${nftAddress}`);
         if (response.status === 404) return null;
         if (!response.ok) {
-          log.error(`ton.getNftInfo() TonAPI error: ${response.status}`);
+          log7.error(`ton.getNftInfo() TonAPI error: ${response.status}`);
           return null;
         }
         const item = await response.json();
         return mapNftItem(item);
       } catch (err) {
-        log.error("ton.getNftInfo() failed:", err);
+        log7.error("ton.getNftInfo() failed:", err);
         return null;
       }
     },
@@ -1061,12 +1163,18 @@ function mapNftItem(item) {
   };
 }
 
-// src/sdk/telegram.ts
-import { randomBytes as randomBytes3 } from "crypto";
+// src/utils/gramjs-bigint.ts
+var import_big_integer = __toESM(require_BigInteger(), 1);
+import { randomBytes } from "crypto";
+function toLong(value) {
+  return (0, import_big_integer.default)(String(value));
+}
+function randomLong() {
+  return toLong(randomBytes(8).readBigUInt64BE());
+}
 
 // src/sdk/telegram-messages.ts
-import { randomBytes } from "crypto";
-function createTelegramMessagesSDK(bridge, log) {
+function createTelegramMessagesSDK(bridge, log7) {
   function requireBridge() {
     if (!bridge.isAvailable()) {
       throw new PluginSDKError(
@@ -1128,12 +1236,11 @@ function createTelegramMessagesSDK(bridge, log) {
             fromPeer: fromChatId,
             toPeer: toChatId,
             id: [messageId],
-            randomId: [randomBytes(8).readBigUInt64BE()]
+            randomId: [randomLong()]
           })
         );
-        const updates = result;
-        if (updates.updates) {
-          for (const update of updates.updates) {
+        if (result instanceof Api.Updates || result instanceof Api.UpdatesCombined) {
+          for (const update of result.updates) {
             if (update.className === "UpdateNewMessage" || update.className === "UpdateNewChannelMessage") {
               return update.message.id;
             }
@@ -1187,7 +1294,7 @@ function createTelegramMessagesSDK(bridge, log) {
         return (resultData.messages ?? []).map(toSimpleMessage);
       } catch (err) {
         if (err instanceof PluginSDKError) throw err;
-        log.error("telegram.searchMessages() failed:", err);
+        log7.error("telegram.searchMessages() failed:", err);
         return [];
       }
     },
@@ -1213,7 +1320,7 @@ function createTelegramMessagesSDK(bridge, log) {
       try {
         const gramJsClient = getClient();
         const { Api } = await import("telegram");
-        const bigInt = (await import("./BigInteger-DQ33LTTE.js")).default;
+        const bigInt2 = (await import("./BigInteger-DQ33LTTE.js")).default;
         const peer = await gramJsClient.getInputEntity(chatId);
         const result = await gramJsClient.invoke(
           new Api.messages.GetReplies({
@@ -1225,7 +1332,7 @@ function createTelegramMessagesSDK(bridge, log) {
             limit,
             maxId: 0,
             minId: 0,
-            hash: bigInt(0)
+            hash: bigInt2(0)
           })
         );
         const messages = [];
@@ -1412,8 +1519,7 @@ function createTelegramMessagesSDK(bridge, log) {
 }
 
 // src/sdk/telegram-social.ts
-import { randomBytes as randomBytes2 } from "crypto";
-function createTelegramSocialSDK(bridge, log) {
+function createTelegramSocialSDK(bridge, log7) {
   function requireBridge() {
     if (!bridge.isAvailable()) {
       throw new PluginSDKError(
@@ -1455,9 +1561,7 @@ function createTelegramSocialSDK(bridge, log) {
           let description;
           let membersCount;
           try {
-            const fullChannel = await client.invoke(
-              new Api.channels.GetFullChannel({ channel: entity })
-            );
+            const fullChannel = await client.invoke(new Api.channels.GetFullChannel({ channel }));
             const fullChat = fullChannel.fullChat;
             description = fullChat.about || void 0;
             membersCount = fullChat.participantsCount || void 0;
@@ -1495,7 +1599,7 @@ function createTelegramSocialSDK(bridge, log) {
         return null;
       } catch (err) {
         if (err instanceof PluginSDKError) throw err;
-        log.error("telegram.getChatInfo() failed:", err);
+        log7.error("telegram.getChatInfo() failed:", err);
         return null;
       }
     },
@@ -1548,12 +1652,14 @@ function createTelegramSocialSDK(bridge, log) {
         }
         if (result.users && result.users.length > 0) {
           const user = result.users[0];
-          return {
-            id: Number(user.id),
-            type: "user",
-            username: user.username || void 0,
-            title: user.firstName || void 0
-          };
+          if (user instanceof Api.User) {
+            return {
+              id: Number(user.id),
+              type: "user",
+              username: user.username || void 0,
+              title: user.firstName || void 0
+            };
+          }
         }
         if (result.chats && result.chats.length > 0) {
           const chat = result.chats[0];
@@ -1561,8 +1667,8 @@ function createTelegramSocialSDK(bridge, log) {
           return {
             id: Number(chat.id),
             type,
-            username: chat.username || void 0,
-            title: chat.title || void 0
+            username: chat instanceof Api.Channel ? chat.username || void 0 : void 0,
+            title: chat instanceof Api.Channel || chat instanceof Api.Chat ? chat.title || void 0 : void 0
           };
         }
         return null;
@@ -1586,20 +1692,23 @@ function createTelegramSocialSDK(bridge, log) {
             filter: new Api.ChannelParticipantsRecent(),
             offset: 0,
             limit: limit ?? 100,
-            hash: 0
+            hash: toLong(0)
           })
         );
         const resultData = result;
-        return (resultData.users || []).map((user) => ({
-          id: Number(user.id),
-          firstName: user.firstName || "",
-          lastName: user.lastName || void 0,
-          username: user.username || void 0,
-          isBot: user.bot || false
-        }));
+        return (resultData.users || []).map((user) => {
+          const u = user;
+          return {
+            id: Number(u.id),
+            firstName: u.firstName || "",
+            lastName: u.lastName || void 0,
+            username: u.username || void 0,
+            isBot: u.bot || false
+          };
+        });
       } catch (err) {
         if (err instanceof PluginSDKError) throw err;
-        log.error("telegram.getParticipants() failed:", err);
+        log7.error("telegram.getParticipants() failed:", err);
         return [];
       }
     },
@@ -1618,7 +1727,7 @@ function createTelegramSocialSDK(bridge, log) {
         const anonymous = opts?.isAnonymous ?? true;
         const multipleChoice = opts?.multipleChoice ?? false;
         const poll = new Api.Poll({
-          id: randomBytes2(8).readBigUInt64BE(),
+          id: randomLong(),
           question: new Api.TextWithEntities({ text: question, entities: [] }),
           answers: answers.map(
             (opt, idx) => new Api.PollAnswer({
@@ -1634,10 +1743,10 @@ function createTelegramSocialSDK(bridge, log) {
             peer: chatId,
             media: new Api.InputMediaPoll({ poll }),
             message: "",
-            randomId: randomBytes2(8).readBigUInt64BE()
+            randomId: randomLong()
           })
         );
-        if (result.className === "Updates" || result.className === "UpdatesCombined") {
+        if (result instanceof Api.Updates || result instanceof Api.UpdatesCombined) {
           for (const update of result.updates) {
             if (update.className === "UpdateNewMessage" || update.className === "UpdateNewChannelMessage") {
               return update.message?.id ?? 0;
@@ -1671,7 +1780,7 @@ function createTelegramSocialSDK(bridge, log) {
         const client = getClient();
         const { Api } = await import("telegram");
         const poll = new Api.Poll({
-          id: randomBytes2(8).readBigUInt64BE(),
+          id: randomLong(),
           question: new Api.TextWithEntities({ text: question, entities: [] }),
           answers: answers.map(
             (opt, idx) => new Api.PollAnswer({
@@ -1693,10 +1802,10 @@ function createTelegramSocialSDK(bridge, log) {
               solutionEntities: []
             }),
             message: "",
-            randomId: randomBytes2(8).readBigUInt64BE()
+            randomId: randomLong()
           })
         );
-        if (result.className === "Updates" || result.className === "UpdatesCombined") {
+        if (result instanceof Api.Updates || result instanceof Api.UpdatesCombined) {
           for (const update of result.updates) {
             if (update.className === "UpdateNewMessage" || update.className === "UpdateNewChannelMessage") {
               return update.message?.id ?? 0;
@@ -1962,12 +2071,32 @@ function createTelegramSocialSDK(bridge, log) {
         const client = getClient();
         const { Api, helpers } = await import("telegram");
         const { CustomFile } = await import("telegram/client/uploads.js");
-        const { readFileSync: readFileSync5, statSync: statSync2 } = await import("fs");
+        const { readFileSync: readFileSync7, statSync: statSync2 } = await import("fs");
         const { basename: basename2 } = await import("path");
-        const filePath = mediaPath;
+        const { resolve: resolve2, normalize: normalize2 } = await import("path");
+        const { homedir: homedir3 } = await import("os");
+        const { realpathSync } = await import("fs");
+        const filePath = realpathSync(resolve2(normalize2(mediaPath)));
+        const home = homedir3();
+        const teletonWorkspace = `${home}/.teleton/workspace/`;
+        const allowedPrefixes = [
+          "/tmp/",
+          `${home}/Downloads/`,
+          `${home}/Pictures/`,
+          `${home}/Videos/`,
+          `${teletonWorkspace}uploads/`,
+          `${teletonWorkspace}downloads/`,
+          `${teletonWorkspace}memes/`
+        ];
+        if (!allowedPrefixes.some((p) => filePath.startsWith(p))) {
+          throw new PluginSDKError(
+            "sendStory: media path must be within /tmp, Downloads, Pictures, or Videos",
+            "OPERATION_FAILED"
+          );
+        }
         const fileName = basename2(filePath);
         const fileSize = statSync2(filePath).size;
-        const fileBuffer = readFileSync5(filePath);
+        const fileBuffer = readFileSync7(filePath);
         const isVideo = filePath.toLowerCase().match(/\.(mp4|mov|avi)$/);
         const customFile = new CustomFile(fileName, fileSize, filePath, fileBuffer);
         const uploadedFile = await client.uploadFile({
@@ -2004,7 +2133,8 @@ function createTelegramSocialSDK(bridge, log) {
             randomId: helpers.generateRandomBigInt()
           })
         );
-        return result.id || 0;
+        const storyUpdate = result instanceof Api.Updates ? result.updates.find((u) => u.className === "UpdateStory") : void 0;
+        return storyUpdate?.story?.id ?? 0;
       } catch (err) {
         if (err instanceof PluginSDKError) throw err;
         throw new PluginSDKError(
@@ -2017,7 +2147,7 @@ function createTelegramSocialSDK(bridge, log) {
 }
 
 // src/sdk/telegram.ts
-function createTelegramSDK(bridge, log) {
+function createTelegramSDK(bridge, log7) {
   function requireBridge() {
     if (!bridge.isAvailable()) {
       throw new PluginSDKError(
@@ -2073,17 +2203,17 @@ function createTelegramSDK(bridge, log) {
             peer: chatId,
             media: new Api.InputMediaDice({ emoticon }),
             message: "",
-            randomId: randomBytes3(8).readBigUInt64BE(),
+            randomId: randomLong(),
             replyTo: replyToId ? new Api.InputReplyToMessage({ replyToMsgId: replyToId }) : void 0
           })
         );
         let value;
         let messageId;
-        if (result.className === "Updates" || result.className === "UpdatesCombined") {
+        if (result instanceof Api.Updates || result instanceof Api.UpdatesCombined) {
           for (const update of result.updates) {
             if (update.className === "UpdateNewMessage" || update.className === "UpdateNewChannelMessage") {
               const msg = update.message;
-              if (msg?.media?.className === "MessageMediaDice") {
+              if (msg instanceof Api.Message && msg.media?.className === "MessageMediaDice") {
                 value = msg.media.value;
                 messageId = msg.id;
                 break;
@@ -2127,7 +2257,7 @@ function createTelegramSDK(bridge, log) {
           timestamp: m.timestamp
         }));
       } catch (err) {
-        log.error("telegram.getMessages() failed:", err);
+        log7.error("telegram.getMessages() failed:", err);
         return [];
       }
     },
@@ -2149,6 +2279,7 @@ function createTelegramSDK(bridge, log) {
       return bridge.isAvailable();
     },
     getRawClient() {
+      log7.warn("getRawClient() called \u2014 this bypasses SDK sandbox guarantees");
       if (!bridge.isAvailable()) return null;
       try {
         return bridge.getClient().getClient();
@@ -2157,13 +2288,13 @@ function createTelegramSDK(bridge, log) {
       }
     },
     // Spread extended methods from sub-modules
-    ...createTelegramMessagesSDK(bridge, log),
-    ...createTelegramSocialSDK(bridge, log)
+    ...createTelegramMessagesSDK(bridge, log7),
+    ...createTelegramSocialSDK(bridge, log7)
   };
 }
 
 // src/sdk/secrets.ts
-import { readFileSync as readFileSync3, writeFileSync as writeFileSync3, mkdirSync as mkdirSync3, existsSync as existsSync3 } from "fs";
+import { readFileSync as readFileSync4, writeFileSync as writeFileSync2, mkdirSync as mkdirSync3, existsSync as existsSync5 } from "fs";
 import { join as join3 } from "path";
 var SECRETS_DIR = join3(TELETON_ROOT, "plugins", "data");
 function getSecretsPath(pluginName) {
@@ -2172,8 +2303,8 @@ function getSecretsPath(pluginName) {
 function readSecretsFile(pluginName) {
   const filePath = getSecretsPath(pluginName);
   try {
-    if (!existsSync3(filePath)) return {};
-    const raw = readFileSync3(filePath, "utf-8");
+    if (!existsSync5(filePath)) return {};
+    const raw = readFileSync4(filePath, "utf-8");
     const parsed = JSON.parse(raw);
     if (typeof parsed !== "object" || parsed === null) return {};
     return parsed;
@@ -2182,40 +2313,40 @@ function readSecretsFile(pluginName) {
   }
 }
 function writePluginSecret(pluginName, key, value) {
-  mkdirSync3(SECRETS_DIR, { recursive: true });
+  mkdirSync3(SECRETS_DIR, { recursive: true, mode: 448 });
   const filePath = getSecretsPath(pluginName);
   const existing = readSecretsFile(pluginName);
   existing[key] = value;
-  writeFileSync3(filePath, JSON.stringify(existing, null, 2), { mode: 384 });
+  writeFileSync2(filePath, JSON.stringify(existing, null, 2), { mode: 384 });
 }
 function deletePluginSecret(pluginName, key) {
   const existing = readSecretsFile(pluginName);
   if (!(key in existing)) return false;
   delete existing[key];
   const filePath = getSecretsPath(pluginName);
-  writeFileSync3(filePath, JSON.stringify(existing, null, 2), { mode: 384 });
+  writeFileSync2(filePath, JSON.stringify(existing, null, 2), { mode: 384 });
   return true;
 }
 function listPluginSecretKeys(pluginName) {
   return Object.keys(readSecretsFile(pluginName));
 }
-function createSecretsSDK(pluginName, pluginConfig, log) {
+function createSecretsSDK(pluginName, pluginConfig, log7) {
   const envPrefix = pluginName.replace(/-/g, "_").toUpperCase();
   function get(key) {
     const envKey = `${envPrefix}_${key.toUpperCase()}`;
     const envValue = process.env[envKey];
     if (envValue) {
-      log.debug(`Secret "${key}" resolved from env var ${envKey}`);
+      log7.debug(`Secret "${key}" resolved from env var ${envKey}`);
       return envValue;
     }
     const stored = readSecretsFile(pluginName);
     if (key in stored && stored[key]) {
-      log.debug(`Secret "${key}" resolved from secrets store`);
+      log7.debug(`Secret "${key}" resolved from secrets store`);
       return stored[key];
     }
     const configValue = pluginConfig[key];
     if (configValue !== void 0 && configValue !== null) {
-      log.debug(`Secret "${key}" resolved from pluginConfig`);
+      log7.debug(`Secret "${key}" resolved from pluginConfig`);
       return String(configValue);
     }
     return void 0;
@@ -2307,38 +2438,61 @@ function createStorageSDK(db) {
 }
 
 // src/sdk/index.ts
+var sdkLog = createLogger("SDK");
+var BLOCKED_SQL_RE = /\b(ATTACH|DETACH)\s+DATABASE\b/i;
+function createSafeDb(db) {
+  return new Proxy(db, {
+    get(target, prop, receiver) {
+      const value = Reflect.get(target, prop, receiver);
+      if (prop === "exec") {
+        return (sql) => {
+          if (BLOCKED_SQL_RE.test(sql)) {
+            throw new Error("ATTACH/DETACH DATABASE is not allowed in plugin context");
+          }
+          return target.exec(sql);
+        };
+      }
+      if (prop === "prepare") {
+        return (sql) => {
+          if (BLOCKED_SQL_RE.test(sql)) {
+            throw new Error("ATTACH/DETACH DATABASE is not allowed in plugin context");
+          }
+          return target.prepare(sql);
+        };
+      }
+      return typeof value === "function" ? value.bind(target) : value;
+    }
+  });
+}
 function createPluginSDK(deps, opts) {
-  const log = createLogger(opts.pluginName);
-  const ton = Object.freeze(createTonSDK(log, opts.db));
-  const telegram = Object.freeze(createTelegramSDK(deps.bridge, log));
-  const secrets = Object.freeze(createSecretsSDK(opts.pluginName, opts.pluginConfig, log));
-  const storage = opts.db ? Object.freeze(createStorageSDK(opts.db)) : null;
-  const frozenLog = Object.freeze(log);
+  const log7 = createLogger2(opts.pluginName);
+  const safeDb = opts.db ? createSafeDb(opts.db) : null;
+  const ton = Object.freeze(createTonSDK(log7, safeDb));
+  const telegram = Object.freeze(createTelegramSDK(deps.bridge, log7));
+  const secrets = Object.freeze(createSecretsSDK(opts.pluginName, opts.pluginConfig, log7));
+  const storage = safeDb ? Object.freeze(createStorageSDK(safeDb)) : null;
+  const frozenLog = Object.freeze(log7);
   const frozenConfig = Object.freeze(opts.sanitizedConfig);
-  const frozenPluginConfig = Object.freeze(opts.pluginConfig);
+  const frozenPluginConfig = Object.freeze(JSON.parse(JSON.stringify(opts.pluginConfig ?? {})));
   return Object.freeze({
     version: SDK_VERSION,
     ton,
     telegram,
     secrets,
     storage,
-    db: opts.db,
+    db: safeDb,
     config: frozenConfig,
     pluginConfig: frozenPluginConfig,
     log: frozenLog
   });
 }
-function createLogger(pluginName) {
-  const prefix = `[${pluginName}]`;
+function createLogger2(pluginName) {
+  const pinoChild = createLogger(`plugin:${pluginName}`);
   return {
-    info: (...args) => console.log(prefix, ...args),
-    warn: (...args) => console.warn(`\u26A0\uFE0F ${prefix}`, ...args),
-    error: (...args) => console.error(`\u274C ${prefix}`, ...args),
-    debug: (...args) => {
-      if (process.env.DEBUG || process.env.VERBOSE) {
-        console.log(`\u{1F50D} ${prefix}`, ...args);
-      }
-    }
+    info: (...args) => pinoChild.info(args.map(String).join(" ")),
+    warn: (...args) => pinoChild.warn(args.map(String).join(" ")),
+    error: (...args) => pinoChild.error(args.map(String).join(" ")),
+    debug: (...args) => pinoChild.debug(args.map(String).join(" "))
   };
 }
 function parseSemver(v) {
@@ -2358,22 +2512,22 @@ function semverGte(a, b) {
 function semverSatisfies(current, range) {
   const cur = parseSemver(current);
   if (!cur) {
-    console.warn(`\u26A0\uFE0F  [SDK] Could not parse current version "${current}", skipping check`);
-    return true;
+    sdkLog.warn(`[SDK] Could not parse current version "${current}", rejecting`);
+    return false;
   }
   if (range.startsWith(">=")) {
     const req2 = parseSemver(range.slice(2));
     if (!req2) {
-      console.warn(`\u26A0\uFE0F  [SDK] Malformed sdkVersion range "${range}", skipping check`);
-      return true;
+      sdkLog.warn(`[SDK] Malformed sdkVersion range "${range}", rejecting`);
+      return false;
     }
     return semverGte(cur, req2);
   }
   if (range.startsWith("^")) {
     const req2 = parseSemver(range.slice(1));
     if (!req2) {
-      console.warn(`\u26A0\uFE0F  [SDK] Malformed sdkVersion range "${range}", skipping check`);
-      return true;
+      sdkLog.warn(`[SDK] Malformed sdkVersion range "${range}", rejecting`);
+      return false;
     }
     if (req2.major === 0) {
       return cur.major === 0 && cur.minor === req2.minor && semverGte(cur, req2);
@@ -2382,14 +2536,15 @@ function semverSatisfies(current, range) {
   }
   const req = parseSemver(range);
   if (!req) {
-    console.warn(`\u26A0\uFE0F  [SDK] Malformed sdkVersion "${range}", skipping check`);
-    return true;
+    sdkLog.warn(`[SDK] Malformed sdkVersion "${range}", rejecting`);
+    return false;
   }
   return cur.major === req.major && cur.minor === req.minor && cur.patch === req.patch;
 }
 
 // src/agent/tools/plugin-loader.ts
 var execFileAsync = promisify(execFile);
+var log6 = createLogger("PluginLoader");
 var PLUGIN_DATA_DIR = join4(TELETON_ROOT, "plugins", "data");
 function adaptPlugin(raw, entryName, config, loadedModuleNames, sdkDeps) {
   let manifest = null;
@@ -2397,17 +2552,16 @@ function adaptPlugin(raw, entryName, config, loadedModuleNames, sdkDeps) {
     try {
       manifest = validateManifest(raw.manifest);
     } catch (err) {
-      console.warn(
-        `\u26A0\uFE0F  [${entryName}] invalid manifest, ignoring:`,
-        err instanceof Error ? err.message : err
+      log6.warn(
+        `[${entryName}] invalid manifest, ignoring: ${err instanceof Error ? err.message : err}`
       );
     }
   }
   if (!manifest) {
     const manifestPath = join4(WORKSPACE_PATHS.PLUGINS_DIR, entryName, "manifest.json");
     try {
-      if (existsSync4(manifestPath)) {
-        const diskManifest = JSON.parse(readFileSync4(manifestPath, "utf-8"));
+      if (existsSync6(manifestPath)) {
+        const diskManifest = JSON.parse(readFileSync5(manifestPath, "utf-8"));
         if (diskManifest && typeof diskManifest.version === "string") {
           manifest = {
             name: entryName,
@@ -2439,12 +2593,13 @@ function adaptPlugin(raw, entryName, config, loadedModuleNames, sdkDeps) {
   const pluginConfigKey = pluginName.replace(/-/g, "_");
   const rawPluginConfig = config.plugins?.[pluginConfigKey] ?? {};
   const pluginConfig = { ...manifest?.defaultConfig, ...rawPluginConfig };
-  const log = (...args) => console.log(`[${pluginName}]`, ...args);
+  const pluginLog = createLogger(`Plugin:${pluginName}`);
+  const logFn = (...args) => pluginLog.info(args.map(String).join(" "));
   if (manifest?.secrets) {
     const dummyLogger = {
-      info: log,
-      warn: (...a) => console.warn(`\u26A0\uFE0F [${pluginName}]`, ...a),
-      error: (...a) => console.error(`\u274C [${pluginName}]`, ...a),
+      info: (...a) => pluginLog.info(a.map(String).join(" ")),
+      warn: (...a) => pluginLog.warn(a.map(String).join(" ")),
+      error: (...a) => pluginLog.error(a.map(String).join(" ")),
       debug: () => {
       }
     };
@@ -2458,8 +2613,8 @@ function adaptPlugin(raw, entryName, config, loadedModuleNames, sdkDeps) {
       }
     }
     if (missing.length > 0) {
-      console.warn(
-        `\u26A0\uFE0F  [${pluginName}] Missing required secrets:
+      pluginLog.warn(
+        `Missing required secrets:
 ` + missing.map((m) => `   \u2022 ${m}`).join("\n") + `
    Set via: /plugin set ${pluginName} <key> <value>`
       );
@@ -2492,10 +2647,7 @@ function adaptPlugin(raw, entryName, config, loadedModuleNames, sdkDeps) {
           }
         }
       } catch (err) {
-        console.error(
-          `\u274C [${pluginName}] migrate() failed:`,
-          err instanceof Error ? err.message : err
-        );
+        pluginLog.error(`migrate() failed: ${err instanceof Error ? err.message : err}`);
         if (pluginDb) {
           try {
             pluginDb.close();
@@ -2546,10 +2698,7 @@ function adaptPlugin(raw, entryName, config, loadedModuleNames, sdkDeps) {
           };
         });
       } catch (err) {
-        console.error(
-          `\u274C [${pluginName}] tools() failed:`,
-          err instanceof Error ? err.message : err
-        );
+        pluginLog.error(`tools() failed: ${err instanceof Error ? err.message : err}`);
         return [];
       }
     },
@@ -2561,24 +2710,18 @@ function adaptPlugin(raw, entryName, config, loadedModuleNames, sdkDeps) {
           db: pluginDb ?? null,
           config: sanitizedConfig,
           pluginConfig,
-          log
+          log: logFn
         };
         await raw.start(enhancedContext);
       } catch (err) {
-        console.error(
-          `\u274C [${pluginName}] start() failed:`,
-          err instanceof Error ? err.message : err
-        );
+        pluginLog.error(`start() failed: ${err instanceof Error ? err.message : err}`);
       }
     },
     async stop() {
       try {
         await raw.stop?.();
       } catch (err) {
-        console.error(
-          `\u274C [${pluginName}] stop() failed:`,
-          err instanceof Error ? err.message : err
-        );
+        pluginLog.error(`stop() failed: ${err instanceof Error ? err.message : err}`);
       } finally {
         if (pluginDb) {
           try {
@@ -2596,35 +2739,35 @@ async function ensurePluginDeps(pluginDir, pluginEntry) {
   const pkgJson = join4(pluginDir, "package.json");
   const lockfile = join4(pluginDir, "package-lock.json");
   const nodeModules = join4(pluginDir, "node_modules");
-  if (!existsSync4(pkgJson)) return;
-  if (!existsSync4(lockfile)) {
-    console.warn(
-      `\u26A0\uFE0F  [${pluginEntry}] package.json without package-lock.json \u2014 skipping (lockfile required)`
+  if (!existsSync6(pkgJson)) return;
+  if (!existsSync6(lockfile)) {
+    log6.warn(
+      `[${pluginEntry}] package.json without package-lock.json \u2014 skipping (lockfile required)`
     );
     return;
   }
-  if (existsSync4(nodeModules)) {
+  if (existsSync6(nodeModules)) {
     const marker = join4(nodeModules, ".package-lock.json");
-    if (existsSync4(marker) && statSync(marker).mtimeMs >= statSync(lockfile).mtimeMs) return;
+    if (existsSync6(marker) && statSync(marker).mtimeMs >= statSync(lockfile).mtimeMs) return;
   }
-  console.log(`\u{1F4E6} [${pluginEntry}] Installing dependencies...`);
+  log6.info(`[${pluginEntry}] Installing dependencies...`);
   try {
     await execFileAsync("npm", ["ci", "--ignore-scripts", "--no-audit", "--no-fund"], {
       cwd: pluginDir,
       timeout: 6e4,
       env: { ...process.env, NODE_ENV: "production" }
     });
-    console.log(`\u{1F4E6} [${pluginEntry}] Dependencies installed`);
+    log6.info(`[${pluginEntry}] Dependencies installed`);
   } catch (err) {
-    console.error(`\u274C [${pluginEntry}] Failed to install deps: ${String(err).slice(0, 300)}`);
+    log6.error(`[${pluginEntry}] Failed to install deps: ${String(err).slice(0, 300)}`);
   }
 }
 async function loadEnhancedPlugins(config, loadedModuleNames, sdkDeps) {
   const pluginsDir = WORKSPACE_PATHS.PLUGINS_DIR;
-  if (!existsSync4(pluginsDir)) {
+  if (!existsSync6(pluginsDir)) {
     return [];
   }
-  const entries = readdirSync(pluginsDir);
+  const entries = readdirSync2(pluginsDir);
   const modules = [];
   const loadedNames = /* @__PURE__ */ new Set();
   const pluginPaths = [];
@@ -2638,7 +2781,7 @@ async function loadEnhancedPlugins(config, loadedModuleNames, sdkDeps) {
         modulePath = entryPath;
       } else if (stat.isDirectory()) {
         const indexPath = join4(entryPath, "index.js");
-        if (existsSync4(indexPath)) {
+        if (existsSync6(indexPath)) {
           modulePath = indexPath;
         }
       }
@@ -2661,156 +2804,402 @@ async function loadEnhancedPlugins(config, loadedModuleNames, sdkDeps) {
   );
   for (const result of loadResults) {
     if (result.status === "rejected") {
-      console.error(
-        `\u274C Plugin failed to load:`,
-        result.reason instanceof Error ? result.reason.message : result.reason
+      log6.error(
+        `Plugin failed to load: ${result.reason instanceof Error ? result.reason.message : result.reason}`
       );
       continue;
     }
     const { entry, mod } = result.value;
     try {
       if (!mod.tools || typeof mod.tools !== "function" && !Array.isArray(mod.tools)) {
-        console.warn(`\u26A0\uFE0F  Plugin "${entry}": no 'tools' array or function exported, skipping`);
+        log6.warn(`Plugin "${entry}": no 'tools' array or function exported, skipping`);
         continue;
       }
       const adapted = adaptPlugin(mod, entry, config, loadedModuleNames, sdkDeps);
       if (loadedNames.has(adapted.name)) {
-        console.warn(
-          `\u26A0\uFE0F  Plugin "${adapted.name}" already loaded, skipping duplicate from "${entry}"`
-        );
+        log6.warn(`Plugin "${adapted.name}" already loaded, skipping duplicate from "${entry}"`);
         continue;
       }
       loadedNames.add(adapted.name);
       modules.push(adapted);
     } catch (err) {
-      console.error(
-        `\u274C Plugin "${entry}" failed to adapt:`,
-        err instanceof Error ? err.message : err
-      );
+      log6.error(`Plugin "${entry}" failed to adapt: ${err instanceof Error ? err.message : err}`);
     }
   }
   return modules;
 }
 
-// src/workspace/validator.ts
-import { existsSync as existsSync5, lstatSync, readdirSync as readdirSync2 } from "fs";
-import { resolve, normalize, relative, extname, basename } from "path";
-import { homedir as homedir2 } from "os";
-var WorkspaceSecurityError = class extends Error {
-  constructor(message, attemptedPath) {
-    super(message);
-    this.attemptedPath = attemptedPath;
-    this.name = "WorkspaceSecurityError";
+// src/config/configurable-keys.ts
+import { readFileSync as readFileSync6, writeFileSync as writeFileSync3, existsSync as existsSync7 } from "fs";
+import { parse as parse2, stringify as stringify2 } from "yaml";
+var noValidation = () => void 0;
+var identity = (v) => v;
+var nonEmpty = (v) => v.length > 0 ? void 0 : "Must not be empty";
+function numberInRange(min, max) {
+  return (v) => {
+    const n = Number(v);
+    if (isNaN(n)) return "Must be a number";
+    if (n < min || n > max) return `Must be between ${min} and ${max}`;
+    return void 0;
+  };
+}
+function enumValidator(options) {
+  return (v) => options.includes(v) ? void 0 : `Must be one of: ${options.join(", ")}`;
+}
+var CONFIGURABLE_KEYS = {
+  // ─── API Keys ──────────────────────────────────────────────────────
+  "agent.api_key": {
+    type: "string",
+    category: "API Keys",
+    description: "LLM provider API key",
+    sensitive: true,
+    validate: (v) => v.length >= 10 ? void 0 : "Must be at least 10 characters",
+    mask: (v) => v.slice(0, 8) + "****",
+    parse: identity
+  },
+  tavily_api_key: {
+    type: "string",
+    category: "API Keys",
+    description: "Tavily API key for web search",
+    sensitive: true,
+    validate: (v) => v.startsWith("tvly-") ? void 0 : "Must start with 'tvly-'",
+    mask: (v) => v.slice(0, 9) + "****",
+    parse: identity
+  },
+  tonapi_key: {
+    type: "string",
+    category: "API Keys",
+    description: "TonAPI key for higher rate limits",
+    sensitive: true,
+    validate: (v) => v.length >= 10 ? void 0 : "Must be at least 10 characters",
+    mask: (v) => v.slice(0, 10) + "****",
+    parse: identity
+  },
+  "telegram.bot_token": {
+    type: "string",
+    category: "API Keys",
+    description: "Bot token from @BotFather",
+    sensitive: true,
+    validate: (v) => v.includes(":") ? void 0 : "Must contain ':' (e.g., 123456:ABC...)",
+    mask: (v) => v.split(":")[0] + ":****",
+    parse: identity
+  },
+  // ─── Agent ─────────────────────────────────────────────────────────
+  "agent.provider": {
+    type: "enum",
+    category: "Agent",
+    description: "LLM provider",
+    sensitive: false,
+    options: [
+      "anthropic",
+      "openai",
+      "google",
+      "xai",
+      "groq",
+      "openrouter",
+      "moonshot",
+      "mistral",
+      "cocoon",
+      "local"
+    ],
+    validate: enumValidator([
+      "anthropic",
+      "openai",
+      "google",
+      "xai",
+      "groq",
+      "openrouter",
+      "moonshot",
+      "mistral",
+      "cocoon",
+      "local"
+    ]),
+    mask: identity,
+    parse: identity
+  },
+  "agent.model": {
+    type: "string",
+    category: "Agent",
+    description: "Main LLM model ID",
+    sensitive: false,
+    validate: nonEmpty,
+    mask: identity,
+    parse: identity
+  },
+  "agent.utility_model": {
+    type: "string",
+    category: "Agent",
+    description: "Cheap model for summarization (auto-detected if empty)",
+    sensitive: false,
+    validate: noValidation,
+    mask: identity,
+    parse: identity
+  },
+  "agent.temperature": {
+    type: "number",
+    category: "Agent",
+    description: "Response creativity (0.0 = deterministic, 2.0 = max)",
+    sensitive: false,
+    validate: numberInRange(0, 2),
+    mask: identity,
+    parse: (v) => Number(v)
+  },
+  "agent.max_tokens": {
+    type: "number",
+    category: "Agent",
+    description: "Maximum response length in tokens",
+    sensitive: false,
+    validate: numberInRange(256, 128e3),
+    mask: identity,
+    parse: (v) => Number(v)
+  },
+  "agent.max_agentic_iterations": {
+    type: "number",
+    category: "Agent",
+    description: "Max tool-call loop iterations per message",
+    sensitive: false,
+    validate: numberInRange(1, 20),
+    mask: identity,
+    parse: (v) => Number(v)
+  },
+  // ─── Session ───────────────────────────────────────────────────
+  "agent.session_reset_policy.daily_reset_enabled": {
+    type: "boolean",
+    category: "Session",
+    description: "Enable daily session reset at specified hour",
+    sensitive: false,
+    validate: enumValidator(["true", "false"]),
+    mask: identity,
+    parse: (v) => v === "true"
+  },
+  "agent.session_reset_policy.daily_reset_hour": {
+    type: "number",
+    category: "Session",
+    description: "Hour (0-23 UTC) for daily session reset",
+    sensitive: false,
+    validate: numberInRange(0, 23),
+    mask: identity,
+    parse: (v) => Number(v)
+  },
+  "agent.session_reset_policy.idle_expiry_enabled": {
+    type: "boolean",
+    category: "Session",
+    description: "Enable automatic session expiry after idle period",
+    sensitive: false,
+    validate: enumValidator(["true", "false"]),
+    mask: identity,
+    parse: (v) => v === "true"
+  },
+  "agent.session_reset_policy.idle_expiry_minutes": {
+    type: "number",
+    category: "Session",
+    description: "Idle minutes before session expires (minimum 1)",
+    sensitive: false,
+    validate: numberInRange(1, Number.MAX_SAFE_INTEGER),
+    mask: identity,
+    parse: (v) => Number(v)
+  },
+  // ─── Telegram ──────────────────────────────────────────────────────
+  "telegram.bot_username": {
+    type: "string",
+    category: "Telegram",
+    description: "Bot username without @",
+    sensitive: false,
+    validate: (v) => v.length >= 3 ? void 0 : "Must be at least 3 characters",
+    mask: identity,
+    parse: identity
+  },
+  "telegram.dm_policy": {
+    type: "enum",
+    category: "Telegram",
+    description: "DM access policy",
+    sensitive: false,
+    options: ["pairing", "allowlist", "open", "disabled"],
+    validate: enumValidator(["pairing", "allowlist", "open", "disabled"]),
+    mask: identity,
+    parse: identity
+  },
+  "telegram.group_policy": {
+    type: "enum",
+    category: "Telegram",
+    description: "Group access policy",
+    sensitive: false,
+    options: ["open", "allowlist", "disabled"],
+    validate: enumValidator(["open", "allowlist", "disabled"]),
+    mask: identity,
+    parse: identity
+  },
+  "telegram.require_mention": {
+    type: "boolean",
+    category: "Telegram",
+    description: "Require @mention in groups to respond",
+    sensitive: false,
+    validate: enumValidator(["true", "false"]),
+    mask: identity,
+    parse: (v) => v === "true"
+  },
+  "telegram.owner_name": {
+    type: "string",
+    category: "Telegram",
+    description: "Owner's first name (used in system prompt)",
+    sensitive: false,
+    validate: noValidation,
+    mask: identity,
+    parse: identity
+  },
+  "telegram.owner_username": {
+    type: "string",
+    category: "Telegram",
+    description: "Owner's Telegram username (without @)",
+    sensitive: false,
+    validate: noValidation,
+    mask: identity,
+    parse: identity
+  },
+  "telegram.debounce_ms": {
+    type: "number",
+    category: "Telegram",
+    description: "Group message debounce delay in ms (0 = disabled)",
+    sensitive: false,
+    validate: numberInRange(0, 1e4),
+    mask: identity,
+    parse: (v) => Number(v)
+  },
+  "telegram.agent_channel": {
+    type: "string",
+    category: "Telegram",
+    description: "Channel username for auto-publishing",
+    sensitive: false,
+    validate: noValidation,
+    mask: identity,
+    parse: identity
+  },
+  "telegram.typing_simulation": {
+    type: "boolean",
+    category: "Telegram",
+    description: "Simulate typing indicator before sending replies",
+    sensitive: false,
+    validate: enumValidator(["true", "false"]),
+    mask: identity,
+    parse: (v) => v === "true"
+  },
+  // ─── Embedding ─────────────────────────────────────────────────────
+  "embedding.provider": {
+    type: "enum",
+    category: "Embedding",
+    description: "Embedding provider for RAG",
+    sensitive: false,
+    options: ["local", "anthropic", "none"],
+    validate: enumValidator(["local", "anthropic", "none"]),
+    mask: identity,
+    parse: identity
+  },
+  // ─── WebUI ─────────────────────────────────────────────────────────
+  "webui.port": {
+    type: "number",
+    category: "WebUI",
+    description: "HTTP server port (requires restart)",
+    sensitive: false,
+    validate: numberInRange(1024, 65535),
+    mask: identity,
+    parse: (v) => Number(v)
+  },
+  "webui.log_requests": {
+    type: "boolean",
+    category: "WebUI",
+    description: "Log all HTTP requests to console",
+    sensitive: false,
+    validate: enumValidator(["true", "false"]),
+    mask: identity,
+    parse: (v) => v === "true"
+  },
+  // ─── Deals ─────────────────────────────────────────────────────────
+  "deals.enabled": {
+    type: "boolean",
+    category: "Deals",
+    description: "Enable the deals/escrow module",
+    sensitive: false,
+    validate: enumValidator(["true", "false"]),
+    mask: identity,
+    parse: (v) => v === "true"
+  },
+  // ─── Developer ─────────────────────────────────────────────────────
+  "dev.hot_reload": {
+    type: "boolean",
+    category: "Developer",
+    description: "Watch ~/.teleton/plugins/ for live changes",
+    sensitive: false,
+    validate: enumValidator(["true", "false"]),
+    mask: identity,
+    parse: (v) => v === "true"
   }
 };
-function decodeRecursive(str) {
-  let decoded = str;
-  let prev = "";
-  let iterations = 0;
-  const maxIterations = 10;
-  while (decoded !== prev && iterations < maxIterations) {
-    prev = decoded;
-    try {
-      decoded = decodeURIComponent(decoded);
-    } catch {
-      break;
-    }
-    iterations++;
+var FORBIDDEN_SEGMENTS = /* @__PURE__ */ new Set(["__proto__", "constructor", "prototype"]);
+function assertSafePath(parts) {
+  if (parts.some((p) => FORBIDDEN_SEGMENTS.has(p))) {
+    throw new Error("Invalid config path: forbidden segment");
   }
-  return decoded;
 }
-function validatePath(inputPath, allowCreate = false) {
-  if (!inputPath || inputPath.trim() === "") {
-    throw new WorkspaceSecurityError("Path cannot be empty.", inputPath);
-  }
-  const trimmedPath = inputPath.trim().replace(/\\/g, "/");
-  const decodedPath = decodeRecursive(trimmedPath);
-  let absolutePath;
-  if (decodedPath.startsWith("/")) {
-    absolutePath = resolve(normalize(decodedPath));
-  } else if (decodedPath.startsWith("~/")) {
-    const expanded = decodedPath.replace(/^~(?=$|[\\/])/, homedir2());
-    absolutePath = resolve(expanded);
-  } else {
-    absolutePath = resolve(WORKSPACE_ROOT, normalize(decodedPath));
-  }
-  const relativePath = relative(WORKSPACE_ROOT, absolutePath);
-  if (relativePath.startsWith("..") || relativePath.startsWith("/")) {
-    throw new WorkspaceSecurityError(
-      `Access denied: Path '${inputPath}' is outside the workspace. Only files in ~/.teleton/workspace/ are accessible.`,
-      inputPath
-    );
-  }
-  const exists = existsSync5(absolutePath);
-  if (!exists && !allowCreate) {
-    throw new WorkspaceSecurityError(
-      `File not found: '${inputPath}' does not exist in workspace.`,
-      inputPath
-    );
-  }
-  if (exists) {
-    const stats = lstatSync(absolutePath);
-    if (stats.isSymbolicLink()) {
-      throw new WorkspaceSecurityError(
-        `Access denied: Symbolic links are not allowed for security reasons.`,
-        inputPath
-      );
+function getNestedValue(obj, path) {
+  const parts = path.split(".");
+  assertSafePath(parts);
+  let current = obj;
+  for (const part of parts) {
+    if (current == null || typeof current !== "object") return void 0;
+    current = current[part];
+  }
+  return current;
+}
+function setNestedValue(obj, path, value) {
+  const parts = path.split(".");
+  assertSafePath(parts);
+  let current = obj;
+  for (let i = 0; i < parts.length - 1; i++) {
+    if (current[parts[i]] == null || typeof current[parts[i]] !== "object") {
+      current[parts[i]] = {};
     }
+    current = current[parts[i]];
   }
-  return {
-    absolutePath,
-    relativePath,
-    exists,
-    isDirectory: exists ? lstatSync(absolutePath).isDirectory() : false,
-    extension: extname(absolutePath).toLowerCase(),
-    filename: basename(absolutePath)
-  };
+  current[parts[parts.length - 1]] = value;
 }
-function validateReadPath(inputPath) {
-  const validated = validatePath(inputPath, false);
-  if (validated.isDirectory) {
-    throw new WorkspaceSecurityError(`Cannot read directory as file: '${inputPath}'`, inputPath);
+function deleteNestedValue(obj, path) {
+  const parts = path.split(".");
+  assertSafePath(parts);
+  let current = obj;
+  for (let i = 0; i < parts.length - 1; i++) {
+    if (current == null || typeof current !== "object") return;
+    current = current[parts[i]];
+  }
+  if (current != null && typeof current === "object") {
+    delete current[parts[parts.length - 1]];
   }
-  return validated;
 }
-var IMMUTABLE_FILES = ["SOUL.md", "STRATEGY.md", "SECURITY.md"];
-function validateWritePath(inputPath, fileType) {
-  const validated = validatePath(inputPath, true);
-  if (IMMUTABLE_FILES.includes(validated.filename)) {
-    throw new WorkspaceSecurityError(
-      `Cannot write to ${validated.filename}. This file is configured by the owner. Use memory_write instead.`,
-      inputPath
-    );
+function readRawConfig(configPath) {
+  const fullPath = expandPath(configPath);
+  if (!existsSync7(fullPath)) {
+    throw new Error(`Config file not found: ${fullPath}
+Run 'teleton setup' to create one.`);
   }
-  if (fileType && ALLOWED_EXTENSIONS[fileType]) {
-    const allowedExts = ALLOWED_EXTENSIONS[fileType];
-    if (!allowedExts.includes(validated.extension)) {
-      throw new WorkspaceSecurityError(
-        `Invalid file type: '${validated.extension}' is not allowed for ${fileType}. Allowed: ${allowedExts.join(", ")}`,
-        inputPath
-      );
-    }
+  const raw = parse2(readFileSync6(fullPath, "utf-8"));
+  if (!raw || typeof raw !== "object") {
+    throw new Error(`Invalid config file: ${fullPath}`);
   }
-  return validated;
+  return raw;
 }
-function validateDirectory(inputPath) {
-  const validated = validatePath(inputPath, true);
-  if (validated.exists && !validated.isDirectory) {
-    throw new WorkspaceSecurityError(
-      `Path exists but is not a directory: '${inputPath}'`,
-      inputPath
-    );
+function writeRawConfig(raw, configPath) {
+  const clone = { ...raw };
+  delete clone.market;
+  const result = ConfigSchema.safeParse(clone);
+  if (!result.success) {
+    throw new Error(`Refusing to save invalid config: ${result.error.message}`);
   }
-  return validated;
+  raw.meta = raw.meta ?? {};
+  raw.meta.last_modified_at = (/* @__PURE__ */ new Date()).toISOString();
+  const fullPath = expandPath(configPath);
+  writeFileSync3(fullPath, stringify2(raw), { encoding: "utf-8", mode: 384 });
 }
 
 export {
-  DealsConfigSchema,
-  ConfigSchema,
-  getProviderMetadata,
-  getSupportedProviders,
-  validateApiKeyFormat,
-  expandPath,
   loadConfig,
   configExists,
   getDefaultConfigPath,
@@ -2819,21 +3208,27 @@ export {
   validateReadPath,
   validateWritePath,
   validateDirectory,
-  generateWallet,
-  saveWallet,
-  loadWallet,
-  walletExists,
-  importWallet,
-  getWalletAddress,
-  getKeyPair,
-  getWalletBalance,
-  getTonPrice,
+  appendToDailyLog,
+  writeSummaryToDailyLog,
+  sanitizeForPrompt,
+  sanitizeForContext,
+  clearPromptCache,
+  loadSoul,
+  buildSystemPrompt,
   writePluginSecret,
   deletePluginSecret,
   listPluginSecretKeys,
+  toLong,
+  randomLong,
   withBlockchainRetry,
   sendTon,
   adaptPlugin,
   ensurePluginDeps,
-  loadEnhancedPlugins
+  loadEnhancedPlugins,
+  CONFIGURABLE_KEYS,
+  getNestedValue,
+  setNestedValue,
+  deleteNestedValue,
+  readRawConfig,
+  writeRawConfig
 };