Production-harden AGW: workspace restructure, delegated signing, and skill catalog#4
Merged
jarrodwatts merged 38 commits intomainfrom Mar 23, 2026
Merged
Conversation
Privy API requires chain_id as hex-prefixed string (0x2b74) not decimal (11124). Also adds missing chain_type field to RPC body and improves error parsing to surface actual Privy error messages through the proxy. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use @abstract-foundation/agw-client's createAbstractClient directly with a custom EIP-1193 provider that routes signing RPCs to Privy's REST API. This replaces the manual transaction building in AgwActionAdapter with agw-client's native AA handling (tx preparation, EIP-712 signing, hook fetching, serialization, broadcasting). Key changes: - New src/agw/client.ts: custom transport + AbstractClient factory - Delete src/agw/actions.ts: fully replaced by AbstractClient - SessionManager.getAbstractClient(): lazy-cached client creation - All 7 tool handlers simplified to use AbstractClient methods - Privy RPC response: handle signature/signed_transaction/result fields - Privy signTypedData: strip caip2/chain_type, convert primaryType - Bundle agw-client via noExternal to fix broken ESM exports - Proxy route: strip caip2/chain_type for signTypedData forwarding Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit removes the `AGW_ZEROEX_API_KEY` from the public runtime configuration, deletes the ZeroEx configuration and quote adapter files, and updates related documentation and tests to reflect these changes. The `MYRIAD` app has also been removed from the app registry.
This commit introduces a new banner image for the AGW CLI and updates the README to include the banner at the top, enhancing the visual presentation of the project documentation.
Replace flat balance arrays with structured nativeBalance/tokenBalances objects, add tokenAddresses input, surface session and explorer context, and update all field-path references across docs and skills. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Prefer direct getPool reads over DexScreener when an exact pair is named. Add factory query examples, clarify that DexScreener misses are not proof of absence, and align wallet field paths. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Rename the publishable CLI package directory, npm package name, binary entry point, and all references across source, configs, docs, and tests so the installed command becomes `agw-cli` and the npm identifier becomes `@abstract-foundation/agw-cli`. Also fix copy-button positioning in the companion app code blocks so the button stays pinned on horizontal scroll and gets a backdrop blur to avoid text overlap. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Address cursor bot PR feedback: 1. Update publish workflow pnpm filter from @abstract-foundation/agw to @abstract-foundation/agw-cli so releases actually publish. 2. Replace hardcoded abstractTestnet in useSessionWizardState with chain resolution from the store's chainId, set by SessionFlowClient on mount. Mainnet users were hitting the wrong chain for AGW account derivation. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adopt official gerund naming (`verb-ing-object`) for all shipped skills to improve discoverability and align with Anthropic's skill authoring best practices. Update all cross-references in app-catalog, tests, OpenAI agent YAML files, and README. Renames: - agw-auth-session → authenticating-with-agw - agw-wallet-reads → reading-agw-wallet - agw-tx-discipline → executing-agw-transactions - agw-portal-discovery → discovering-abstract-portal - protocol-aborean → trading-on-aborean Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New skill covering token swaps, price quotes, and basic LP operations via Uniswap V2 and V3 on Abstract mainnet and testnet. Includes all deployed contract addresses, function signatures, approval+swap batching patterns, V2 vs V3 decision guidance, slippage calculations, and error handling reference. Key content: - SKILL.md: swap workflow, V2/V3 decision tree, batching guide - references/contracts.md: all V2+V3 addresses (mainnet + testnet) - references/v2-entrypoints.md: router swap/quote/LP signatures - references/v3-entrypoints.md: SwapRouter02, QuoterV2, NFT manager Clarifies that agw tx calls requires raw hex calldata (not ABI-level args), while agw contract write supports ABI-level for readability. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New skill for AI agent identity registration and reputation management via the ERC-8004 Trustless Agents standard on Abstract. Covers both IdentityRegistry (agent registration, metadata, wallet management) and ReputationRegistry (feedback, summaries, revocation). Includes mainnet and testnet contract addresses (deterministic CREATE2 deploys identical across 20+ EVM chains), complete interface documentation, and the agentURI registration file schema. Key fix vs baseline: teaches correct `register(string agentURI)` signature — baselines hallucinate `registerAgent(address, string)` which would revert on-chain. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
bridging-to-abstract: Covers native Ethereum bridge (L1↔L2 deposit/ withdrawal with timing and two-step finalization) and six third-party bridges (Relay, Jumper, Stargate, Symbiosis, thirdweb, deBridge). Includes Relay API for programmatic bridge quotes, bridge selection decision tree, and common failure troubleshooting. building-on-abstract: Developer onboarding skill covering project scaffolding (create-abstract-app), smart contract deployment via Foundry/Hardhat, AGW client and React SDK integration, paymaster development (General and Approval-Based flows), session keys with Policy Registry, and critical ZKsync VM EVM differences. Includes all 17 system contract addresses and network configuration. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New skill for the on-chain AbstractVoting contract at 0x3b50de27506f0a8c1f4122a1e6f470009a76ce2a. Covers vote cost queries, remaining vote checks, casting votes (payable with correct value), checking vote counts per app/epoch, and epoch mechanics. Includes full verified contract ABI, error handling reference (InvalidValue, AlreadyVotedFor, UsedAllVotes, etc.), and the complete voting workflow from cost check through execution. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…trings The AGW CLI schema validation requires ABI array elements to be JSON objects (with type, name, inputs, outputs, stateMutability fields), not human-readable strings like "function balanceOf(address) view returns (uint256)". The latter fails with "json.abi[0] must be an object" at the validation layer before reaching viem. Converted all SKILL.md task-map examples to full JSON ABI format and added an "ABI Format" section to each affected skill explaining the requirement. Reference files retain human-readable signatures for documentation purposes. Verified on-chain via direct RPC eth_call: - IdentityRegistry.balanceOf() ✓ - AbstractVoting.voteCost() = 0 (free), currentEpoch() = 317 ✓ - UniswapV2Router.getAmountsOut(0.1 ETH) = 190.22 USDC ✓ Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Resolve login loop caused by Privy SDK state transitions resetting the wizard to not_logged_in during async AGW on-chain verification. Add a resolving intermediate step, fix effect dependency array to use primitive signerAddress instead of user object, gate login redirect on embedded wallet readiness, and surface explicit errors for missing AGW and RPC failures with proper retry paths. Redesign the SelectPolicy authorization screen as a clean OAuth-style consent page: safety limits shown as prominent pills derived from actual policy defaults, compact permission checklist in plain English, simplified consent text, and green Approve Access CTA. Unify policy constants so the UI preview, preset definitions, and server-side Privy policy all reference the same source of truth in config.ts and default-policy.ts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New skill for the Bigcoin virtual mining simulator. Covers facility purchase/upgrade, miner buying, reward claiming, hashrate checking, and merge mining. Includes full MainV2 game contract interface discovered via Abscan verified source and on-chain state reads. Contracts verified on mainnet via RPC eth_call: - Game proxy: 0x89eb96a0a157f935de38d548b79af511d424e33a - BIG token: 0xdf70075737e9f96b078ab4461eee3e055e061223 - Bigtoshi NFT: 0xb1eefa4f7b3987468441baa339e147a2cfee3d36 - pendingRewards(), getBigcoinPerBlock(), ownerToFacility() all ✓ - Current emission: ~0.039 BIG/block (after 6 halvings) Includes all 9 facility tiers with costs, capacity, and power output. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
PR SummaryMedium Risk Overview Repo hygiene and docs are refreshed around AGW CLI + companion app. Adds ignore rules for Written by Cursor Bugbot for commit cef9e63. This will update automatically on new commits. Configure here. |
- Add missing server-side env vars to app/.env.example (PRIVY_APP_ID, PRIVY_APP_SECRET, callback signing keys) - Add 6 missing skills to README table (uniswap, bridging, building, identity, upvoting, bigcoin) - Remove redundant console.error in useSessionWizardState (error already surfaced via markCreationError) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add pnpm.overrides for hono >=4.12.4, @hono/node-server >=1.19.10, express-rate-limit >=8.2.2, and socket.io-parser >=4.2.6 in both root and app package.json. All are transitive deps from wagmi and @modelcontextprotocol/sdk — floor constraints allow future patches. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The app job was running pnpm --dir app install which bypasses the workspace root and its pnpm.overrides. Switch to full workspace install so transitive dependency overrides take effect for the audit step. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ning - policy-validation test referenced app ID '12' which doesn't exist in the trimmed registry (only '136'/Gacha remains after seed removal). Update to '136' so callPolicies resolve correctly. - Add inlineOnly: false to tsdown config to prevent the intentional @abstract-foundation/agw-client bundling from exiting non-zero. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace per-provision policy creation with a single pre-created policy referenced by PRIVY_DEFAULT_POLICY_ID env var. This eliminates unbounded policy sprawl in the Privy account — previously every session provision created an identical policy with a unique expiry timestamp. - Add getDefaultPolicyId() reading from env - Export buildDefaultCapabilitySummary for direct use in provision route - Remove createPolicy from privy-api.ts (zero callers) - Remove buildDefaultPolicyRequest (dead code, 90 lines of rules generation) - Update tests to cover live code paths - Add PRIVY_DEFAULT_POLICY_ID to .env.example Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Publish workflow triggers undefined lifecycle scripts
- Updated the CLI package
prepublishOnlyscript to run only existingcheck-typesandbuildscripts so filtered publish no longer fails on missing lifecycle scripts.
- Updated the CLI package
Or push these changes by commenting:
@cursor push d088435fd8
Preview (d088435fd8)
diff --git a/packages/agw-cli/package.json b/packages/agw-cli/package.json
--- a/packages/agw-cli/package.json
+++ b/packages/agw-cli/package.json
@@ -32,7 +32,7 @@
"check-types": "tsc -p tsconfig.json --noEmit",
"dev": "tsx src/index.ts",
"start": "node dist/index.mjs",
- "prepublishOnly": "pnpm check-types && pnpm lint && pnpm test && pnpm build"
+ "prepublishOnly": "pnpm check-types && pnpm build"
},
"dependencies": {
"@abstract-foundation/agw-client": "1.10.0",This Bugbot Autofix run was free. To enable autofix for future PRs, go to the Cursor dashboard.
One-time helper to create the shared wallet policy via Privy API. Reads credentials from .env.local, outputs the policy ID to set as PRIVY_DEFAULT_POLICY_ID. Usage: npx tsx scripts/create-default-policy.ts [chainId] Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
packages/agw-coreandpackages/agw-cli, publish as@abstract-foundation/agw-cli. Remove legacy rootsrc/entry point and ZeroEx integration.@abstract-foundation/agw-cli, add release-please config + manifest, add repo-hygiene test.Test plan
agw auth init→ complete companion app approval → verify session status🤖 Generated with Claude Code