wolverine-ai 3.6.1 → 3.7.0

package/bin/wolverine.js

@@ -127,6 +127,10 @@ if (args.includes("--backups")) {
 
 const scriptPath = args.find(a => !a.startsWith("--")) || "server/index.js";
 
+// Initialize server/ from template if it doesn't exist (first run)
+const { initServer } = require("../src/core/init-server");
+initServer(process.cwd(), scriptPath);
+
 // System detection (for analytics + dashboard, NOT for forking)
 // Wolverine runs as a single process manager. If users want clustering,
 // they handle it inside their server (e.g. @fastify/cluster, pm2 cluster mode).

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wolverine-ai",
-  "version": "3.6.1",
+  "version": "3.7.0",
   "description": "Self-healing Node.js server framework powered by AI. Catches crashes, diagnoses errors, generates fixes, verifies, and restarts — automatically.",
   "main": "src/index.js",
   "bin": {
@@ -47,7 +47,6 @@
   "files": [
     "bin/",
     "src/",
-    "server/",
     "examples/",
     ".env.example"
   ],

package/src/brain/brain.js

@@ -242,7 +242,7 @@ const SEED_DOCS = [
     metadata: { topic: "backup-skill" },
   },
   {
-    text: "CRITICAL: Never run raw 'npm install wolverine-ai' or 'git pull' to update — these OVERWRITE server/, .wolverine/ (brain, backups, events), and .env.local. Always use the safe update skill: wolverine --update (CLI), safeUpdate(cwd) (programmatic), or let auto-update handle it. ALL backups (heal snapshots + update snapshots) stored in ~/.wolverine-safe-backups/ (OUTSIDE project, survives git clean, rm -rf, project deletion). Structure: ~/.wolverine-safe-backups/snapshots/ (heal backups), ~/.wolverine-safe-backups/updates/ (pre-update snapshots), ~/.wolverine-safe-backups/manifest.json (backup registry). Old .wolverine/backups/ auto-migrated on first run. Restore with: wolverine --restore <name>. List: wolverine --backups.",
+    text: "CRITICAL: Never run raw 'npm install wolverine-ai' or 'git pull' to update — these OVERWRITE server/, .wolverine/ (brain, backups, events), and .env.local. Always use the safe update skill: wolverine --update (CLI), safeUpdate(cwd) (programmatic), or let auto-update handle it. Startup backup: wolverine creates a safety snapshot of server/ before first spawn on every start. If the server crashes immediately after a bad update and healing fails/is blocked, wolverine auto-rollbacks to the startup snapshot after max retries — prevents permanent breakage from corrupted server/ files. ALL backups (heal snapshots + update snapshots + startup snapshots) stored in ~/.wolverine-safe-backups/ (OUTSIDE project, survives git clean, rm -rf, project deletion). Restore with: wolverine --restore <name>. List: wolverine --backups.",
     metadata: { topic: "safe-update-warning" },
   },
   {
@@ -304,6 +304,13 @@ class Brain {
       console.log(chalk.gray("  🧠 Framework updated — merging new seed docs..."));
       await this._mergeSeedDocs();
       try { fs.unlinkSync(seedRefreshPath); } catch {}
+    } else {
+      // Auto-detect new seeds: if SEED_DOCS count > docs namespace count, merge
+      const docsCount = (this.store.getNamespace("docs") || []).length;
+      if (SEED_DOCS.length > docsCount) {
+        console.log(chalk.gray(`  🧠 New seed docs detected (${SEED_DOCS.length} vs ${docsCount}) — merging...`));
+        await this._mergeSeedDocs();
+      }
     }
 
     // 2. Scan project for live function map

package/src/core/init-server.js

@@ -0,0 +1,58 @@
+const fs = require("fs");
+const path = require("path");
+const chalk = require("chalk");
+
+/**
+ * Initialize the server/ directory from the built-in template.
+ *
+ * Called on first run if server/ doesn't exist. NEVER overwrites existing files.
+ * This is why wolverine ships without a server/ directory in the npm package —
+ * so `npm install` and `git pull` can never destroy user code.
+ *
+ * The template lives in src/templates/server/ and contains a minimal Fastify
+ * server with health, api, and time routes + default settings.json.
+ */
+function initServer(cwd, scriptPath) {
+  const serverDir = path.join(cwd, "server");
+  const scriptFile = path.resolve(cwd, scriptPath);
+
+  // If the script file already exists, nothing to do
+  if (fs.existsSync(scriptFile)) return false;
+
+  // If server/ exists but the specific script doesn't, don't create — user has their own structure
+  if (fs.existsSync(serverDir) && fs.readdirSync(serverDir).length > 0) {
+    console.log(chalk.yellow(`  ⚠️  ${scriptPath} not found but server/ exists — skipping template init`));
+    return false;
+  }
+
+  // Create server/ from template
+  const templateDir = path.join(__dirname, "..", "templates", "server");
+  if (!fs.existsSync(templateDir)) {
+    console.log(chalk.yellow("  ⚠️  No server template found — create server/index.js manually"));
+    return false;
+  }
+
+  console.log(chalk.blue("  📦 Creating default server/ from template..."));
+  _copyDir(templateDir, serverDir);
+  console.log(chalk.green("  ✅ Server initialized. Edit server/ to build your app."));
+  return true;
+}
+
+function _copyDir(src, dest) {
+  fs.mkdirSync(dest, { recursive: true });
+  for (const entry of fs.readdirSync(src, { withFileTypes: true })) {
+    const srcPath = path.join(src, entry.name);
+    const destPath = path.join(dest, entry.name);
+    if (entry.isDirectory()) {
+      _copyDir(srcPath, destPath);
+    } else {
+      // NEVER overwrite existing files
+      if (!fs.existsSync(destPath)) {
+        fs.copyFileSync(srcPath, destPath);
+        console.log(chalk.gray(`    + ${path.relative(dest, destPath)}`));
+      }
+    }
+  }
+}
+
+module.exports = { initServer };

package/src/core/runner.js

@@ -246,6 +246,15 @@ class WolverineRunner {
       console.log(chalk.gray("  🔄 Auto-update: disabled"));
     }
 
+    // Create startup backup — safety net for corrupted server/ from bad updates
+    // If the child crashes immediately after this, we can rollback to this known state
+    try {
+      this._startupBackupId = this.backupManager.createBackup("pre-start (safety snapshot)");
+      console.log(chalk.gray(`  📸 Startup backup: ${this._startupBackupId}`));
+    } catch (err) {
+      console.log(chalk.yellow(`  ⚠️  Startup backup failed (non-fatal): ${err.message}`));
+    }
+
     this._spawn();
   }
 
@@ -566,6 +575,20 @@ class WolverineRunner {
           console.log(chalk.yellow("   Retrying...\n"));
           this._spawn();
         } else {
+          // Max retries — try rolling back to startup backup as last resort
+          if (this._startupBackupId) {
+            console.log(chalk.yellow(`\n  🔄 Max retries reached — rolling back to startup backup ${this._startupBackupId}...`));
+            try {
+              this.backupManager.rollbackTo(this._startupBackupId);
+              console.log(chalk.green("  ✅ Rolled back to startup state. Restarting..."));
+              this.retryCount = 0;
+              this._startupBackupId = null; // don't rollback again if this also fails
+              this._spawn();
+              return;
+            } catch (rbErr) {
+              console.log(chalk.red(`  ❌ Rollback failed: ${rbErr.message}`));
+            }
+          }
           console.log(chalk.red("   Max retries reached."));
           this._logRollbackHint();
           this.running = false;

package/server/lib/gpu-fleet.js

@@ -1,313 +0,0 @@
-const https = require("https");
-const http = require("http");
-
-/**
- * GPU Fleet Manager — controls Vast.ai GPU instances for inference.
- *
- * Features:
- * - Start/stop individual GPUs via Vast API
- * - Health monitoring and auto-discovery
- * - Round-robin routing across active GPUs
- * - Auto-scale: start burst GPUs when queue grows, stop when idle
- * - Cold start tracking (~5s per GPU)
- *
- * Each GPU instance runs llama.cpp with --api-key for security.
- * Only the EC2 backend has the internal keys.
- */
-
-const VAST_API = "https://cloud.vast.ai/api/v0";
-const VAST_KEY = process.env.VAST_API_KEY || "";
-const POLL_INTERVAL_MS = 30000; // health check every 30s
-const IDLE_STOP_MS = parseInt(process.env.GPU_IDLE_STOP_MS, 10) || 300000; // 5 min idle → stop
-const SCALE_UP_QUEUE = parseInt(process.env.GPU_SCALE_UP_QUEUE, 10) || 3; // start burst GPU when 3+ queued
-
-class GpuFleet {
-  constructor(config = {}) {
-    // GPU registry: { instanceId → { host, port, key, status, lastUsed, lastHealth, model } }
-    this.gpus = new Map();
-    this._roundRobinIndex = 0;
-    this._pollTimer = null;
-    this._scaleTimer = null;
-    this._requestQueue = [];
-    this._activeRequests = 0;
-  }
-
-  /**
-   * Register a GPU instance in the fleet.
-   */
-  register(instanceId, { host, port, key, model = "wolverine-test-1", role = "general", autoStop = true }) {
-    this.gpus.set(String(instanceId), {
-      instanceId: String(instanceId),
-      host, port: parseInt(port, 10), key,
-      model, role, autoStop,
-      status: "unknown", // unknown, starting, healthy, unhealthy, stopped
-      lastUsed: 0,
-      lastHealth: null,
-      coldStartMs: null,
-    });
-    return this;
-  }
-
-  /**
-   * Load GPU config from environment or database.
-   */
-  loadFromEnv() {
-    // Primary GPU from env
-    const url = process.env.WOLVERINE_INFERENCE_URL;
-    const key = process.env.WOLVERINE_GPU_KEY;
-    if (url && key) {
-      try {
-        const parsed = new URL(url);
-        const instanceId = process.env.WOLVERINE_GPU_INSTANCE_ID || "primary";
-        this.register(instanceId, {
-          host: parsed.hostname,
-          port: parseInt(parsed.port, 10) || 80,
-          key,
-          role: "primary",
-          autoStop: false, // primary stays on
-        });
-      } catch {}
-    }
-    return this;
-  }
-
-  /**
-   * Load GPU config from database.
-   */
-  async loadFromDb(pool) {
-    try {
-      // Check if gpu_fleet table exists
-      const exists = await pool.query(
-        "SELECT 1 FROM information_schema.tables WHERE table_name = 'gpu_fleet' LIMIT 1"
-      );
-      if (exists.rows.length === 0) {
-        await pool.query(`
-          CREATE TABLE gpu_fleet (
-            instance_id TEXT PRIMARY KEY,
-            vast_id TEXT,
-            host TEXT NOT NULL,
-            port INTEGER NOT NULL DEFAULT 8080,
-            internal_key TEXT NOT NULL,
-            model TEXT DEFAULT 'wolverine-test-1',
-            role TEXT DEFAULT 'general',
-            auto_stop BOOLEAN DEFAULT true,
-            status TEXT DEFAULT 'stopped',
-            gpu_name TEXT,
-            created_at TIMESTAMPTZ DEFAULT NOW()
-          )
-        `);
-      }
-      const { rows } = await pool.query("SELECT * FROM gpu_fleet");
-      for (const r of rows) {
-        this.register(r.instance_id, {
-          host: r.host, port: r.port, key: r.internal_key,
-          model: r.model, role: r.role, autoStop: r.auto_stop,
-        });
-        const gpu = this.gpus.get(r.instance_id);
-        if (gpu) gpu.status = r.status;
-        if (gpu) gpu.vastId = r.vast_id;
-        if (gpu) gpu.gpuName = r.gpu_name;
-      }
-    } catch (err) {
-      console.log("[GPU Fleet] DB load failed:", err.message);
-    }
-    return this;
-  }
-
-  /**
-   * Start health polling.
-   */
-  startPolling() {
-    if (this._pollTimer) return;
-    this._pollTimer = setInterval(() => this._healthCheck(), POLL_INTERVAL_MS);
-    this._healthCheck(); // immediate first check
-    return this;
-  }
-
-  stopPolling() {
-    if (this._pollTimer) { clearInterval(this._pollTimer); this._pollTimer = null; }
-  }
-
-  /**
-   * Get a healthy GPU for inference (round-robin).
-   * Returns { host, port, key, instanceId } or null if none available.
-   */
-  getAvailable() {
-    const healthy = Array.from(this.gpus.values()).filter(g => g.status === "healthy");
-    if (healthy.length === 0) return null;
-    this._roundRobinIndex = (this._roundRobinIndex + 1) % healthy.length;
-    const gpu = healthy[this._roundRobinIndex];
-    gpu.lastUsed = Date.now();
-    return { host: gpu.host, port: gpu.port, key: gpu.key, instanceId: gpu.instanceId, model: gpu.model };
-  }
-
-  /**
-   * Start a stopped GPU instance via Vast API.
-   */
-  async startGpu(instanceId) {
-    const gpu = this.gpus.get(String(instanceId));
-    if (!gpu) throw new Error(`GPU ${instanceId} not registered`);
-    if (gpu.status === "healthy" || gpu.status === "starting") return gpu;
-
-    gpu.status = "starting";
-    gpu.coldStartMs = null;
-    const startTime = Date.now();
-
-    const vastId = gpu.vastId || instanceId;
-    try {
-      await this._vastApi("PUT", `/instances/${vastId}/`, { state: "running" });
-
-      // Poll until healthy (max 60s)
-      for (let i = 0; i < 120; i++) {
-        await new Promise(r => setTimeout(r, 500));
-        try {
-          const res = await this._httpGet(gpu.host, gpu.port, "/v1/models", gpu.key);
-          if (res && res.includes("gemma")) {
-            gpu.status = "healthy";
-            gpu.coldStartMs = Date.now() - startTime;
-            gpu.lastHealth = Date.now();
-            console.log(`[GPU Fleet] ${instanceId} started in ${gpu.coldStartMs}ms`);
-            return gpu;
-          }
-        } catch {}
-      }
-      gpu.status = "unhealthy";
-      throw new Error(`GPU ${instanceId} failed to start within 60s`);
-    } catch (err) {
-      gpu.status = "unhealthy";
-      throw err;
-    }
-  }
-
-  /**
-   * Stop a GPU instance via Vast API.
-   */
-  async stopGpu(instanceId) {
-    const gpu = this.gpus.get(String(instanceId));
-    if (!gpu) throw new Error(`GPU ${instanceId} not registered`);
-
-    const vastId = gpu.vastId || instanceId;
-    try {
-      await this._vastApi("PUT", `/instances/${vastId}/`, { state: "stopped" });
-      gpu.status = "stopped";
-      console.log(`[GPU Fleet] ${instanceId} stopped`);
-    } catch (err) {
-      console.log(`[GPU Fleet] Stop failed for ${instanceId}:`, err.message);
-    }
-    return gpu;
-  }
-
-  /**
-   * Auto-scale: start burst GPUs when needed, stop idle ones.
-   */
-  async autoScale(queueLength) {
-    // Scale up: start a stopped GPU if queue is long
-    if (queueLength >= SCALE_UP_QUEUE) {
-      const stopped = Array.from(this.gpus.values()).find(g => g.status === "stopped" && g.autoStop);
-      if (stopped) {
-        console.log(`[GPU Fleet] Queue at ${queueLength}, starting burst GPU ${stopped.instanceId}`);
-        try { await this.startGpu(stopped.instanceId); } catch (e) { console.log("[GPU Fleet] Scale-up failed:", e.message); }
-      }
-    }
-
-    // Scale down: stop idle burst GPUs
-    const now = Date.now();
-    for (const gpu of this.gpus.values()) {
-      if (gpu.autoStop && gpu.status === "healthy" && gpu.lastUsed > 0 && (now - gpu.lastUsed) > IDLE_STOP_MS) {
-        console.log(`[GPU Fleet] ${gpu.instanceId} idle for ${Math.round((now - gpu.lastUsed) / 1000)}s, stopping`);
-        try { await this.stopGpu(gpu.instanceId); } catch {}
-      }
-    }
-  }
-
-  /**
-   * Get fleet status for dashboard/API.
-   */
-  getStatus() {
-    const gpus = Array.from(this.gpus.values()).map(g => ({
-      instanceId: g.instanceId,
-      vastId: g.vastId,
-      gpuName: g.gpuName,
-      host: g.host,
-      port: g.port,
-      model: g.model,
-      role: g.role,
-      status: g.status,
-      autoStop: g.autoStop,
-      lastUsed: g.lastUsed ? new Date(g.lastUsed).toISOString() : null,
-      lastHealth: g.lastHealth ? new Date(g.lastHealth).toISOString() : null,
-      coldStartMs: g.coldStartMs,
-    }));
-    return {
-      total: gpus.length,
-      healthy: gpus.filter(g => g.status === "healthy").length,
-      stopped: gpus.filter(g => g.status === "stopped").length,
-      starting: gpus.filter(g => g.status === "starting").length,
-      gpus,
-    };
-  }
-
-  // ── Private ──
-
-  async _healthCheck() {
-    for (const gpu of this.gpus.values()) {
-      if (gpu.status === "stopped" || gpu.status === "starting") continue;
-      try {
-        const res = await this._httpGet(gpu.host, gpu.port, "/v1/models", gpu.key);
-        if (res && (res.includes("gemma") || res.includes("wolverine"))) {
-          gpu.status = "healthy";
-          gpu.lastHealth = Date.now();
-        } else {
-          gpu.status = "unhealthy";
-        }
-      } catch {
-        gpu.status = "unhealthy";
-      }
-    }
-  }
-
-  _vastApi(method, path, body) {
-    return new Promise((resolve, reject) => {
-      const bodyStr = body ? JSON.stringify(body) : null;
-      const req = https.request({
-        hostname: "cloud.vast.ai",
-        path: `/api/v0${path}`,
-        method,
-        timeout: 15000,
-        headers: {
-          "Authorization": `Bearer ${VAST_KEY}`,
-          "Content-Type": "application/json",
-          ...(bodyStr ? { "Content-Length": Buffer.byteLength(bodyStr) } : {}),
-        },
-      }, (res) => {
-        let data = "";
-        res.on("data", c => { data += c; });
-        res.on("end", () => {
-          try { resolve(JSON.parse(data)); } catch { resolve({ raw: data }); }
-        });
-      });
-      req.on("error", reject);
-      req.on("timeout", () => { req.destroy(); reject(new Error("Vast API timeout")); });
-      if (bodyStr) req.write(bodyStr);
-      req.end();
-    });
-  }
-
-  _httpGet(host, port, path, key) {
-    return new Promise((resolve, reject) => {
-      const req = http.request({
-        hostname: host, port, path, method: "GET", timeout: 5000,
-        headers: key ? { "Authorization": `Bearer ${key}` } : {},
-      }, (res) => {
-        let data = "";
-        res.on("data", c => { data += c; });
-        res.on("end", () => resolve(data));
-      });
-      req.on("error", reject);
-      req.on("timeout", () => { req.destroy(); reject(new Error("timeout")); });
-      req.end();
-    });
-  }
-}
-
-module.exports = { GpuFleet };

package/server/routes/fleet.js

@@ -1,167 +0,0 @@
-/**
- * GPU Fleet Management API — admin routes for controlling inference GPUs.
- *
- * Endpoints:
- *   GET  /status          — fleet overview (all GPUs, health, queue)
- *   POST /start/:id       — start a stopped GPU
- *   POST /stop/:id        — stop a running GPU
- *   POST /register        — add a new GPU to the fleet
- *   POST /remove/:id      — remove a GPU from the fleet
- *   POST /scale           — trigger auto-scale check
- *   GET  /benchmark/:id   — run inference benchmark on a GPU
- */
-
-async function routes(fastify) {
-  const { pool } = require("../lib/db");
-
-  // Fleet instance is attached to fastify by index.js
-  function getFleet() {
-    return fastify.gpuFleet;
-  }
-
-  // Admin auth
-  async function requireAdmin(request, reply) {
-    const settings = require("../config/settings.json");
-    const token = request.headers.authorization?.replace("Bearer ", "") || request.headers["x-api-key"];
-    if (token !== settings.platform?.apiKey) {
-      return reply.code(401).send({ error: "Admin access required" });
-    }
-  }
-
-  // GET /status — fleet overview
-  fastify.get("/status", { preHandler: requireAdmin }, async (request, reply) => {
-    const fleet = getFleet();
-    return fleet.getStatus();
-  });
-
-  // POST /start/:id — start a GPU
-  fastify.post("/start/:id", { preHandler: requireAdmin }, async (request, reply) => {
-    const fleet = getFleet();
-    const { id } = request.params;
-    try {
-      const gpu = await fleet.startGpu(id);
-      // Update DB
-      await pool.query("UPDATE gpu_fleet SET status = 'healthy' WHERE instance_id = $1", [id]).catch(() => {});
-      return { status: "started", instanceId: id, coldStartMs: gpu.coldStartMs };
-    } catch (err) {
-      return reply.code(500).send({ error: err.message });
-    }
-  });
-
-  // POST /stop/:id — stop a GPU
-  fastify.post("/stop/:id", { preHandler: requireAdmin }, async (request, reply) => {
-    const fleet = getFleet();
-    const { id } = request.params;
-    try {
-      await fleet.stopGpu(id);
-      await pool.query("UPDATE gpu_fleet SET status = 'stopped' WHERE instance_id = $1", [id]).catch(() => {});
-      return { status: "stopped", instanceId: id };
-    } catch (err) {
-      return reply.code(500).send({ error: err.message });
-    }
-  });
-
-  // POST /register — add a GPU to the fleet
-  fastify.post("/register", { preHandler: requireAdmin }, async (request, reply) => {
-    const fleet = getFleet();
-    const { instanceId, vastId, host, port, key, model, role, gpuName, autoStop } = request.body || {};
-    if (!instanceId || !host || !key) {
-      return reply.code(400).send({ error: "instanceId, host, and key required" });
-    }
-
-    fleet.register(instanceId, { host, port: port || 8080, key, model, role, autoStop: autoStop !== false });
-    const gpu = fleet.gpus.get(instanceId);
-    if (vastId) gpu.vastId = vastId;
-    if (gpuName) gpu.gpuName = gpuName;
-
-    // Save to DB
-    await pool.query(
-      `INSERT INTO gpu_fleet (instance_id, vast_id, host, port, internal_key, model, role, auto_stop, gpu_name)
-       VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
-       ON CONFLICT (instance_id) DO UPDATE SET
-         host = $3, port = $4, internal_key = $5, model = $6, role = $7, auto_stop = $8, gpu_name = $9, vast_id = $2`,
-      [instanceId, vastId || null, host, port || 8080, key, model || "wolverine-test-1", role || "general", autoStop !== false, gpuName || null]
-    );
-
-    return { registered: instanceId, fleet: fleet.getStatus() };
-  });
-
-  // POST /remove/:id — remove a GPU from the fleet
-  fastify.post("/remove/:id", { preHandler: requireAdmin }, async (request, reply) => {
-    const fleet = getFleet();
-    const { id } = request.params;
-    fleet.gpus.delete(id);
-    await pool.query("DELETE FROM gpu_fleet WHERE instance_id = $1", [id]).catch(() => {});
-    return { removed: id };
-  });
-
-  // POST /scale — trigger auto-scale
-  fastify.post("/scale", { preHandler: requireAdmin }, async (request, reply) => {
-    const fleet = getFleet();
-    const queueLength = request.body?.queueLength || 0;
-    await fleet.autoScale(queueLength);
-    return fleet.getStatus();
-  });
-
-  // GET /benchmark/:id — quick benchmark
-  fastify.get("/benchmark/:id", { preHandler: requireAdmin }, async (request, reply) => {
-    const fleet = getFleet();
-    const gpu = fleet.gpus.get(request.params.id);
-    if (!gpu || gpu.status !== "healthy") {
-      return reply.code(400).send({ error: "GPU not available" });
-    }
-
-    const http = require("http");
-    const results = [];
-
-    for (const prompt of ["2+2?", "Write isPrime in JS.", "Explain TCP in 1 sentence."]) {
-      const start = Date.now();
-      try {
-        const body = JSON.stringify({
-          model: gpu.model,
-          messages: [{ role: "user", content: prompt }],
-          max_tokens: 50, temperature: 0,
-        });
-        const res = await new Promise((resolve, reject) => {
-          const req = http.request({
-            hostname: gpu.host, port: gpu.port, path: "/v1/chat/completions",
-            method: "POST", timeout: 30000,
-            headers: { "Content-Type": "application/json", "Authorization": `Bearer ${gpu.key}`, "Content-Length": Buffer.byteLength(body) },
-          }, (res) => {
-            let data = "";
-            res.on("data", c => { data += c; });
-            res.on("end", () => { try { resolve(JSON.parse(data)); } catch { resolve(null); } });
-          });
-          req.on("error", reject);
-          req.write(body);
-          req.end();
-        });
-
-        const elapsed = Date.now() - start;
-        const usage = res?.usage || {};
-        const tokOut = usage.completion_tokens || 0;
-        results.push({
-          prompt: prompt.slice(0, 30),
-          latencyMs: elapsed,
-          tokensOut: tokOut,
-          tokPerSec: tokOut > 0 ? Math.round(tokOut / (elapsed / 1000)) : 0,
-          response: res?.choices?.[0]?.message?.content?.slice(0, 60),
-        });
-      } catch (err) {
-        results.push({ prompt: prompt.slice(0, 30), error: err.message });
-      }
-    }
-
-    const avgTokPerSec = results.filter(r => r.tokPerSec).reduce((s, r) => s + r.tokPerSec, 0) / Math.max(results.filter(r => r.tokPerSec).length, 1);
-
-    return {
-      instanceId: request.params.id,
-      gpu: gpu.gpuName,
-      model: gpu.model,
-      results,
-      avgTokPerSec: Math.round(avgTokPerSec),
-    };
-  });
-}
-
-module.exports = routes;

package/server/routes/inference.js

@@ -1,329 +0,0 @@
-const https = require("https");
-const http = require("http");
-const crypto = require("crypto");
-
-/**
- * Wolverine Inference API
- *
- * Credit system: $1 = 100 credits. 1 credit = $0.01 of compute.
- * Token pricing (in credits per million tokens):
- *   wolverine-test-1: 1 credit input / 4 credits output per 1M tokens
- *   (= $0.01/$0.04 per 1M — 15x cheaper than gpt-4o-mini, 80x cheaper than haiku)
- *
- * Rate limiting: per API key, configurable per tier.
- * Queue: when GPU is at capacity, requests queue with timeout.
- */
-
-const INFERENCE_URL = process.env.WOLVERINE_INFERENCE_URL || "http://ssh8.vast.ai:24233";
-const GPU_KEY = process.env.WOLVERINE_GPU_KEY || "";
-
-// Pricing in CREDITS per million tokens ($1 = 100 credits)
-const MODEL_PRICING = {
-  "wolverine-test-1":  { input: 1.0, output: 4.0 },   // $0.01/$0.04 per 1M
-  "wolverine-coding":  { input: 1.0, output: 4.0 },
-  "wolverine-reasoning": { input: 2.5, output: 10.0 }, // heavier model when available
-};
-
-const MODEL_MAP = {
-  "wolverine-test-1": "wolverine-test-1",
-  "wolverine-coding": "wolverine-test-1",
-  "wolverine-reasoning": "wolverine-test-1",
-};
-
-const TIER_LIMITS = {
-  free: { rpm: 10, maxTokens: 1024 },
-  starter: { rpm: 60, maxTokens: 4096 },
-  pro: { rpm: 300, maxTokens: 4096 },
-  admin: { rpm: 9999, maxTokens: 4096 },
-};
-
-function tokenCost(model, inputTokens, outputTokens) {
-  const p = MODEL_PRICING[model] || MODEL_PRICING["wolverine-test-1"];
-  return ((inputTokens / 1_000_000) * p.input) + ((outputTokens / 1_000_000) * p.output);
-}
-
-// ── Request Queue (handles GPU saturation) ──
-const queue = [];
-let activeRequests = 0;
-const MAX_CONCURRENT = 8; // vLLM max-num-seqs
-const QUEUE_TIMEOUT_MS = 30000;
-
-function enqueue() {
-  return new Promise((resolve, reject) => {
-    if (activeRequests < MAX_CONCURRENT) {
-      activeRequests++;
-      resolve();
-      return;
-    }
-    const timer = setTimeout(() => {
-      const idx = queue.indexOf(entry);
-      if (idx >= 0) queue.splice(idx, 1);
-      reject(new Error("Queue timeout — GPU at capacity. Try again in a few seconds."));
-    }, QUEUE_TIMEOUT_MS);
-    const entry = { resolve: () => { clearTimeout(timer); activeRequests++; resolve(); }, reject };
-    queue.push(entry);
-  });
-}
-
-function dequeue() {
-  activeRequests = Math.max(0, activeRequests - 1);
-  if (queue.length > 0) {
-    const next = queue.shift();
-    next.resolve();
-  }
-}
-
-async function routes(fastify) {
-  const { pool } = require("../lib/db");
-
-  // Rate limit state (in-memory)
-  const rateWindows = new Map();
-
-  async function authenticate(request, reply) {
-    const apiKey = request.headers.authorization?.replace("Bearer ", "") || request.headers["x-api-key"];
-    if (!apiKey) return reply.code(401).send({ error: { message: "API key required. Pass via Authorization: Bearer <key>", type: "auth_error" } });
-
-    // Platform key bypass
-    let settings = {};
-    try { settings = require("../config/settings.json"); } catch {}
-    if (apiKey === settings.platform?.apiKey) {
-      request.account = { api_key: apiKey, owner: "platform", tier: "admin", credits_remaining: 999999, rate_limit_rpm: 9999 };
-      return;
-    }
-
-    const result = await pool.query("SELECT * FROM api_credits WHERE api_key = $1", [apiKey]);
-    if (result.rows.length === 0) return reply.code(401).send({ error: { message: "Invalid API key", type: "auth_error" } });
-
-    const account = result.rows[0];
-
-    // Credit check
-    if (parseFloat(account.credits_remaining) <= 0) {
-      return reply.code(402).send({ error: { message: "Insufficient credits. Add credits at wolverinenode.xyz", type: "billing_error", credits_remaining: 0 } });
-    }
-
-    // Rate limit
-    const now = Date.now();
-    const window = rateWindows.get(apiKey) || { count: 0, resetAt: now + 60000 };
-    if (now > window.resetAt) { window.count = 0; window.resetAt = now + 60000; }
-    const limit = account.rate_limit_rpm || TIER_LIMITS[account.tier]?.rpm || 10;
-    if (window.count >= limit) {
-      const retryAfter = Math.ceil((window.resetAt - now) / 1000);
-      return reply.code(429).send({ error: { message: `Rate limit: ${limit} requests/min. Retry in ${retryAfter}s`, type: "rate_limit", retry_after: retryAfter } });
-    }
-    window.count++;
-    rateWindows.set(apiKey, window);
-
-    request.account = account;
-  }
-
-  // ── POST /chat/completions ──
-  fastify.post("/chat/completions", { preHandler: authenticate }, async (request, reply) => {
-    const body = request.body || {};
-    const requestedModel = body.model || "wolverine-test-1";
-    const account = request.account;
-    const tier = TIER_LIMITS[account.tier] || TIER_LIMITS.free;
-    const startMs = Date.now();
-
-    // Enforce max tokens per tier
-    if (body.max_tokens && body.max_tokens > tier.maxTokens) {
-      body.max_tokens = tier.maxTokens;
-    }
-
-    // Map model name for backend
-    const backendBody = { ...body, model: MODEL_MAP[requestedModel] || requestedModel };
-
-    // Queue if GPU saturated
-    try {
-      await enqueue();
-    } catch (err) {
-      return reply.code(503).send({ error: { message: err.message, type: "capacity_error", queue_length: queue.length } });
-    }
-
-    try {
-      const result = await proxyToInference("/v1/chat/completions", backendBody);
-      const latencyMs = Date.now() - startMs;
-
-      const usage = result.usage || {};
-      const inputTokens = usage.prompt_tokens || 0;
-      const outputTokens = usage.completion_tokens || 0;
-      const cost = tokenCost(requestedModel, inputTokens, outputTokens);
-
-      // Bill credits (skip for platform)
-      if (account.owner !== "platform") {
-        await pool.query(
-          "UPDATE api_credits SET credits_remaining = credits_remaining - $1, credits_used = credits_used + $1, last_used = NOW() WHERE api_key = $2",
-          [cost, account.api_key]
-        );
-        await pool.query(
-          "INSERT INTO api_usage_log (api_key, model, input_tokens, output_tokens, total_tokens, cost, latency_ms, success, endpoint) VALUES ($1, $2, $3, $4, $5, $6, $7, true, $8)",
-          [account.api_key, requestedModel, inputTokens, outputTokens, inputTokens + outputTokens, cost, latencyMs, "/v1/chat/completions"]
-        );
-      }
-
-      // Rewrite response
-      if (result.model) result.model = requestedModel;
-      result.x_wolverine = {
-        credits_used: Math.round(cost * 1000000) / 1000000,
-        credits_remaining: Math.max(0, parseFloat(account.credits_remaining) - cost),
-        latency_ms: latencyMs,
-        queued: activeRequests > MAX_CONCURRENT,
-      };
-
-      return result;
-    } catch (err) {
-      if (account.owner !== "platform") {
-        await pool.query(
-          "INSERT INTO api_usage_log (api_key, model, input_tokens, output_tokens, total_tokens, cost, latency_ms, success, endpoint) VALUES ($1, $2, 0, 0, 0, 0, $3, false, $4)",
-          [account.api_key, requestedModel, Date.now() - startMs, "/v1/chat/completions"]
-        ).catch(() => {});
-      }
-      return reply.code(502).send({ error: { message: `Inference error: ${err.message}`, type: "inference_error" } });
-    } finally {
-      dequeue();
-    }
-  });
-
-  // ── GET /models ──
-  fastify.get("/models", async () => ({
-    object: "list",
-    data: Object.entries(MODEL_PRICING).map(([id, p]) => ({
-      id, object: "model", owned_by: "wolverine",
-      created: Math.floor(Date.now() / 1000),
-      pricing: { input_credits_per_million: p.input, output_credits_per_million: p.output, usd_per_credit: 0.01 },
-    })),
-  }));
-
-  // ── POST /keys/create — generate new API key ──
-  fastify.post("/keys/create", { preHandler: authenticate }, async (request, reply) => {
-    const account = request.account;
-    if (account.tier !== "admin") return reply.code(403).send({ error: { message: "Only admins can create API keys", type: "auth_error" } });
-
-    const { owner, email, credits, tier, rpm } = request.body || {};
-    if (!owner) return reply.code(400).send({ error: { message: "owner required", type: "validation_error" } });
-
-    const newKey = "wlv_" + crypto.randomBytes(24).toString("hex");
-    const keyTier = tier || "free";
-    const keyCredits = credits || (keyTier === "free" ? 10 : 0);
-    const keyRpm = rpm || TIER_LIMITS[keyTier]?.rpm || 10;
-
-    await pool.query(
-      "INSERT INTO api_credits (api_key, owner, email, credits_remaining, tier, plan_name, rate_limit_rpm) VALUES ($1, $2, $3, $4, $5, $6, $7)",
-      [newKey, owner, email || null, keyCredits, keyTier, keyTier, keyRpm]
-    );
-
-    return { api_key: newKey, owner, tier: keyTier, credits: keyCredits, rate_limit_rpm: keyRpm };
-  });
-
-  // ── POST /keys/add-credits — add credits to a key ──
-  fastify.post("/keys/add-credits", { preHandler: authenticate }, async (request, reply) => {
-    const account = request.account;
-    if (account.tier !== "admin") return reply.code(403).send({ error: { message: "Only admins can add credits", type: "auth_error" } });
-
-    const { api_key, credits } = request.body || {};
-    if (!api_key || !credits) return reply.code(400).send({ error: { message: "api_key and credits required" } });
-
-    await pool.query("UPDATE api_credits SET credits_remaining = credits_remaining + $1 WHERE api_key = $2", [credits, api_key]);
-    const updated = await pool.query("SELECT credits_remaining FROM api_credits WHERE api_key = $1", [api_key]);
-    return { api_key, credits_added: credits, credits_remaining: parseFloat(updated.rows[0]?.credits_remaining || 0) };
-  });
-
-  // ── GET /keys — list all keys (admin only) ──
-  fastify.get("/keys", { preHandler: authenticate }, async (request, reply) => {
-    if (request.account.tier !== "admin") return reply.code(403).send({ error: { message: "Admin only" } });
-    const { rows } = await pool.query("SELECT api_key, owner, email, tier, credits_remaining, credits_used, rate_limit_rpm, created_at, last_used FROM api_credits ORDER BY created_at DESC");
-    return { keys: rows };
-  });
-
-  // ── GET /credits ──
-  fastify.get("/credits", { preHandler: authenticate }, async (request, reply) => {
-    const a = request.account;
-    return {
-      credits_remaining: parseFloat(a.credits_remaining),
-      credits_used: parseFloat(a.credits_used || 0),
-      usd_remaining: parseFloat(a.credits_remaining) * 0.01,
-      usd_used: parseFloat(a.credits_used || 0) * 0.01,
-      tier: a.tier, rate_limit_rpm: a.rate_limit_rpm, owner: a.owner,
-    };
-  });
-
-  // ── GET /usage ──
-  fastify.get("/usage", { preHandler: authenticate }, async (request, reply) => {
-    const apiKey = request.account.api_key;
-    const period = request.query.period || "7d";
-    const interval = { "1h": "1 hour", "1d": "1 day", "7d": "7 days", "30d": "30 days" }[period] || "7 days";
-
-    const summary = await pool.query(
-      `SELECT model, COUNT(*) AS calls, SUM(input_tokens) AS input, SUM(output_tokens) AS output,
-              SUM(total_tokens) AS tokens, SUM(cost) AS credits_spent, AVG(latency_ms) AS avg_latency,
-              COUNT(*) FILTER (WHERE success) AS successes
-       FROM api_usage_log WHERE api_key = $1 AND timestamp > NOW() - $2::interval
-       GROUP BY model ORDER BY credits_spent DESC`, [apiKey, interval]
-    );
-
-    const timeline = await pool.query(
-      `SELECT date_trunc('hour', timestamp) AS hour, SUM(cost) AS credits, SUM(total_tokens) AS tokens, COUNT(*) AS calls
-       FROM api_usage_log WHERE api_key = $1 AND timestamp > NOW() - $2::interval
-       GROUP BY hour ORDER BY hour`, [apiKey, interval]
-    );
-
-    const totalCredits = summary.rows.reduce((s, r) => s + parseFloat(r.credits_spent || 0), 0);
-
-    return {
-      period,
-      total_credits_spent: Math.round(totalCredits * 1000000) / 1000000,
-      total_usd_spent: Math.round(totalCredits * 0.01 * 1000000) / 1000000,
-      byModel: summary.rows.map(r => ({
-        model: r.model, calls: parseInt(r.calls), input: parseInt(r.input || 0), output: parseInt(r.output || 0),
-        tokens: parseInt(r.tokens || 0), credits_spent: parseFloat(r.credits_spent || 0),
-        usd_spent: parseFloat(r.credits_spent || 0) * 0.01,
-        avgLatencyMs: Math.round(parseFloat(r.avg_latency || 0)),
-        successRate: parseInt(r.calls) > 0 ? parseFloat(((parseInt(r.successes) / parseInt(r.calls)) * 100).toFixed(2)) : 0,
-      })),
-      timeline: timeline.rows.map(r => ({
-        hour: r.hour, credits: parseFloat(r.credits), tokens: parseInt(r.tokens), calls: parseInt(r.calls),
-      })),
-      queue: { active: activeRequests, waiting: queue.length, max: MAX_CONCURRENT },
-    };
-  });
-
-  // ── GET /health ──
-  fastify.get("/health", async () => {
-    try {
-      const result = await proxyToInference("/health", null, "GET");
-      return { status: "ok", inference: result, queue: { active: activeRequests, waiting: queue.length, max: MAX_CONCURRENT } };
-    } catch (err) {
-      return { status: "down", error: err.message, queue: { active: activeRequests, waiting: queue.length, max: MAX_CONCURRENT } };
-    }
-  });
-}
-
-function proxyToInference(path, body, method = "POST") {
-  return new Promise((resolve, reject) => {
-    const url = new (require("url").URL)(INFERENCE_URL + path);
-    const client = url.protocol === "https:" ? https : http;
-    const bodyStr = body ? JSON.stringify(body) : null;
-
-    const req = client.request({
-      hostname: url.hostname,
-      port: url.port || (url.protocol === "https:" ? 443 : 80),
-      path: url.pathname,
-      method,
-      timeout: 120000,
-      headers: {
-        "Content-Type": "application/json",
-        ...(GPU_KEY ? { "Authorization": `Bearer ${GPU_KEY}` } : {}),
-        ...(bodyStr ? { "Content-Length": Buffer.byteLength(bodyStr) } : {}),
-      },
-    }, (res) => {
-      let data = "";
-      res.on("data", (c) => { data += c; });
-      res.on("end", () => { try { resolve(JSON.parse(data)); } catch { resolve({ raw: data }); } });
-    });
-    req.on("error", reject);
-    req.on("timeout", () => { req.destroy(); reject(new Error("Inference timeout")); });
-    if (bodyStr) req.write(bodyStr);
-    req.end();
-  });
-}
-
-module.exports = routes;