feat(agents): AI analyzers + agent trading with spend budgets ("Coinbase for Agents")#20
Open
ralyodio wants to merge 1 commit into
Open
feat(agents): AI analyzers + agent trading with spend budgets ("Coinbase for Agents")#20ralyodio wants to merge 1 commit into
ralyodio wants to merge 1 commit into
Conversation
…ase for Agents")
Adds three layers, all enforcing one server-side spend-budget primitive:
Phase 1 — Crypto spend budget + ledger (foundation)
- packages/source-crypto-trade/spend-budget.ts: pure, tested budget/window
math (daily/weekly/monthly UTC rollover, clamp). Engine guard applied at all
three buy-sizing paths (evaluate gate, DEX exec, CEX exec); per-user override
of the per-position cap. Spend recorded on fill + buffered for the daemon to
persist to a durable crypto_spend_ledger (survives restarts; shared by agents).
- Daemon reads CRYPTO_SPEND_BUDGET_USD / window / max-position from
crypto-ui-settings (per-user channel, NOT operator env) and seeds/persists the
ledger. New "Budget" settings tab.
Phase 2 — AI analyzer (b1dz -> Claude/ChatGPT)
- New @b1dz/ai-analyzer: dep-free Anthropic + OpenAI clients, analyze(), and a
pure size-overlay (regime/bias/confidence -> bounded [0.25,1.5] multiplier).
- BYO per-user key (strict getUserSecret; never operator env — env-leak + SPOF
lessons). Daemon runs it throttled, sets the engine AI multiplier (budget still
the hard cap), persists the latest view. New "AI Analyzer" settings tab.
Phase 3 — Agent API + MCP (Claude/ChatGPT -> b1dz)
- agent_tokens / agent_actions tables; scoped tokens each with their own
sub-account budget drawn from the ledger. authenticateAgent() (hashed bearer,
fail-closed, service-role scoped by user_id).
- REST /api/agent/{tokens,budget,portfolio,quote,orders} + an MCP JSON-RPC HTTP
server at /api/agent/mcp (get_budget/get_portfolio/get_quote/place_order).
Orders are scope/allowlist/budget-checked then enqueued; the daemon executes
via an isolated engine entrypoint that re-applies the global budget and tags
ledger spend with the token id. New "Agents" settings tab.
Tests: spend-budget (16), ai-analyzer (21), agent-tokens (11), agent-trade
contract (10), MCP route e2e (8). Root typecheck + test + frozen-lockfile green.
Operator: apply migrations 20260618130000 + 20260618130100; set provider OAuth
not required (BYO API keys). PRD at docs/prd-ai-agents-v1.md.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
vu1nz Security Review0 finding(s) in PR #? No security issues found. |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds Coinbase-style AI analyzers + agent trading, all gated by one server-side spend-budget primitive. Authority model: execute-within-budget.
Phase 1 — Crypto spend budget + ledger (foundation)
@b1dz/source-crypto-trade/spend-budget.ts: pure, tested budget math (daily/weekly/monthly UTC rollover + clamp). Guard applied at all three buy-sizing paths; per-user per-position-cap override. Spend recorded on fill + persisted to a durablecrypto_spend_ledger(survives restarts, shared with agents).CRYPTO_SPEND_BUDGET_USD/ window / max-position flows viacrypto-ui-settings(not operator env — keeps multi-tenant posture). New Budget settings tab.Phase 2 — AI analyzer (b1dz → Claude/ChatGPT)
@b1dz/ai-analyzer: dep-free Anthropic + OpenAI clients,analyze(), and a pure size-overlay (regime/bias/confidence → bounded[0.25,1.5]×). The deterministic engine stays the gate; the budget is still the hard cap.getUserSecret(never operator env — env-leak + shared-key SPOF lessons). New AI Analyzer settings tab.Phase 3 — Agent API + MCP (Claude/ChatGPT → b1dz)
agent_tokens/agent_actionstables; scoped tokens, each a sub-account with its own budget drawn from the ledger.authenticateAgent()(hashed bearer, fail-closed, service-role scoped byuser_id)./api/agent/{tokens,budget,portfolio,quote,orders}+ an MCP JSON-RPC HTTP server at/api/agent/mcp(get_budget/get_portfolio/get_quote/place_order). Orders are scope/allowlist/budget-checked, enqueued, then executed by the daemon via an isolated engine entrypoint that re-applies the global budget and tags ledger spend with the token id. New Agents settings tab.Tests
spend-budget (16) · ai-analyzer (21) · agent-tokens (11) · agent-trade contract (10) · MCP route e2e (8). Root
typecheck+test+--frozen-lockfileall green.Operator follow-ups
20260618130000_crypto_spend_ledger+20260618130100_agent_tokens.docs/prd-ai-agents-v1.md.🤖 Generated with Claude Code