@btc-vision/cli
v1.0.13
Published
CLI for the OPNet plugin ecosystem - scaffolding, compilation, signing, and registry interaction
Maintainers
blobmaster41Readme
@btc-vision/cli
Official command-line interface for the OPNet plugin ecosystem. Build, sign, verify, and publish plugins with quantum-resistant MLDSA signatures.
Installation
npm install -g @btc-vision/cliOr use npx:
npx @btc-vision/cli <command>Quick Start
# Initialize a new plugin project
opnet init my-plugin
# Build and compile to .opnet binary
cd my-plugin
npm install
npm run build
opnet compile
# Verify the compiled binary
opnet verify build/my-plugin.opnet
# Configure your wallet for signing
opnet login
# Publish to the registry
opnet publishCommands
Configuration
opnet config
Manage CLI configuration.
# Show all configuration
opnet config list
# Get a specific value
opnet config get defaultNetwork
opnet config get rpcUrls.mainnet
# Set a value
opnet config set defaultNetwork testnet
opnet config set ipfsPinningApiKey "your-api-key"
# Reset to defaults
opnet config reset --yes
# Show config file path
opnet config pathAuthentication
opnet login
Configure wallet credentials for signing and publishing.
# Interactive mode
opnet login
# With mnemonic phrase
opnet login --mnemonic "your 24 word phrase..."
# With specific network and MLDSA level
opnet login --network testnet --mldsa-level 65
# Advanced: WIF + standalone MLDSA key
opnet login --wif "KwDiBf..." --mldsa "hex-key..."Options:
-m, --mnemonic <phrase>- BIP-39 mnemonic phrase (24 words)--wif <key>- Bitcoin WIF private key (advanced)--mldsa <key>- MLDSA private key hex (advanced, requires --wif)-l, --mldsa-level <level>- MLDSA security level (44, 65, 87) [default: 44]-n, --network <network>- Network (mainnet, testnet, regtest) [default: mainnet]-y, --yes- Skip confirmation prompts
opnet logout
Remove stored wallet credentials.
opnet logout
opnet logout --yesopnet whoami
Display current wallet identity and configuration.
opnet whoami
opnet whoami --verbose
opnet whoami --public-keyKey Generation
opnet keygen
Generate cryptographic keys.
# Generate a new mnemonic phrase
opnet keygen mnemonic
opnet keygen mnemonic --output my-mnemonic.txt
# Generate standalone MLDSA keypair
opnet keygen mldsa
opnet keygen mldsa --level 65
opnet keygen mldsa --output my-key --json
# Show MLDSA key size information
opnet keygen infoPlugin Development
opnet init
Initialize a new OPNet plugin project.
# Interactive mode
opnet init
# With name
opnet init my-plugin
# With options
opnet init my-plugin --template library --yes
# Force overwrite
opnet init --forceOptions:
-t, --template <type>- Template type (standalone, library) [default: standalone]-y, --yes- Skip prompts and use defaults--force- Overwrite existing files
opnet compile
Compile plugin to .opnet binary format.
# Compile current directory
opnet compile
# Compile specific directory
opnet compile --dir ./my-plugin
# Custom output path
opnet compile --output ./dist/plugin.opnet
# Skip signing (for testing)
opnet compile --no-signOptions:
-o, --output <path>- Output file path-d, --dir <path>- Plugin directory [default: current]--no-sign- Skip signing (produce unsigned binary)--minify- Minify the bundled code [default: true]--sourcemap- Generate source maps
opnet verify
Verify a .opnet binary signature and integrity.
opnet verify plugin.opnet
opnet verify plugin.opnet --verbose
opnet verify plugin.opnet --jsonOptions:
-v, --verbose- Show detailed information--json- Output as JSON
opnet info
Display information about a plugin or .opnet file.
# Show project info
opnet info
# Show binary info
opnet info plugin.opnet
# JSON output
opnet info --jsonopnet sign
Sign or re-sign a .opnet binary with your MLDSA key.
opnet sign plugin.opnet
opnet sign plugin.opnet --output signed.opnet
opnet sign plugin.opnet --force # Re-sign with different keyOptions:
-o, --output <path>- Output file path [default: overwrites input]--force- Force re-signing even if already signed by different key
Registry Commands
opnet publish
Publish a plugin to the OPNet registry.
# Publish from current directory
opnet publish
# Publish specific file
opnet publish plugin.opnet
# Dry run
opnet publish --dry-run
# Specific network
opnet publish --network testnetOptions:
-n, --network <network>- Network to publish to [default: mainnet]--dry-run- Show what would be published without publishing-y, --yes- Skip confirmation prompts
opnet deprecate
Mark a package version as deprecated.
opnet deprecate @scope/plugin
opnet deprecate @scope/plugin 1.0.0
opnet deprecate @scope/plugin 1.0.0 --message "Security vulnerability"Options:
-m, --message <message>- Deprecation reason/message-n, --network <network>- Network [default: mainnet]-y, --yes- Skip confirmation
opnet undeprecate
Remove deprecation from a package version.
opnet undeprecate @scope/plugin 1.0.0opnet transfer
Initiate ownership transfer of a package or scope.
# Transfer a package
opnet transfer my-plugin bc1q...
# Transfer a scope
opnet transfer @myscope bc1q...
# Cancel pending transfer
opnet transfer my-plugin --cancelOptions:
-n, --network <network>- Network [default: mainnet]-y, --yes- Skip confirmation--cancel- Cancel pending transfer
opnet accept
Accept pending ownership transfer.
opnet accept my-plugin
opnet accept @myscopeopnet install
Download and verify a plugin from the registry.
# Install latest version
opnet install @scope/plugin
# Install specific version
opnet install @scope/[email protected]
# Install from IPFS CID
opnet install QmXyz...
# Custom output directory
opnet install @scope/plugin --output ./my-pluginsOptions:
-o, --output <path>- Output directory [default: ./plugins/]-n, --network <network>- Network [default: mainnet]--skip-verify- Skip signature verification
opnet update
Update installed plugins to latest versions.
# Update all plugins
opnet update
# Update specific plugin
opnet update @scope/plugin
# Custom plugins directory
opnet update --dir ./my-pluginsOptions:
-d, --dir <path>- Plugins directory [default: ./plugins/]-n, --network <network>- Network [default: mainnet]--skip-verify- Skip signature verification
opnet list
List installed plugins.
opnet list
opnet ls
opnet list --verbose
opnet list --json
opnet list --dir ./my-pluginsOptions:
-d, --dir <path>- Plugins directory [default: ./plugins/]--json- Output as JSON-v, --verbose- Show detailed information
opnet search
Search for plugins in the registry.
opnet search plugin-name
opnet search @scope/plugin
opnet search plugin-name --jsonOptions:
-n, --network <network>- Network [default: mainnet]--json- Output as JSON
Configuration
Configuration is stored in ~/.opnet/config.json:
{
"defaultNetwork": "mainnet",
"rpcUrls": {
"mainnet": "https://api.opnet.org",
"testnet": "https://testnet.opnet.org",
"regtest": "https://regtest.opnet.org"
},
"ipfsGateway": "https://ipfs.opnet.org/ipfs/",
"ipfsGateways": [
"https://ipfs.opnet.org/ipfs/",
"https://ipfs.io/ipfs/"
],
"ipfsPinningEndpoint": "https://ipfs.opnet.org/api/v0/add",
"ipfsPinningApiKey": "",
"registryAddresses": {
"mainnet": "",
"testnet": "",
"regtest": ""
},
"defaultMldsaLevel": 44,
"indexerUrl": "https://indexer.opnet.org"
}Environment Variables
| Variable | Description |
|-------------------------------|-------------------------------------|
| OPNET_MNEMONIC | BIP-39 mnemonic phrase |
| OPNET_PRIVATE_KEY | Bitcoin WIF private key |
| OPNET_MLDSA_KEY | MLDSA private key (hex) |
| OPNET_MLDSA_LEVEL | MLDSA security level (44, 65, 87) |
| OPNET_NETWORK | Network (mainnet, testnet, regtest) |
| OPNET_RPC_URL | RPC endpoint URL |
| OPNET_IPFS_GATEWAY | IPFS gateway URL |
| OPNET_IPFS_PINNING_ENDPOINT | IPFS pinning service endpoint |
| OPNET_IPFS_PINNING_KEY | IPFS pinning API key |
| OPNET_REGISTRY_ADDRESS | Registry contract address |
| OPNET_INDEXER_URL | Indexer API URL |
MLDSA Security Levels
| Level | Public Key | Signature | Security | |----------|-------------|-------------|----------| | MLDSA-44 | 1,312 bytes | 2,420 bytes | ~128-bit | | MLDSA-65 | 1,952 bytes | 3,309 bytes | ~192-bit | | MLDSA-87 | 2,592 bytes | 4,627 bytes | ~256-bit |
.opnet Binary Format (OIP-0003)
The .opnet binary format consists of:
- Magic bytes (8 bytes):
OPNETPLG - Format version (4 bytes): uint32 LE
- MLDSA level (1 byte): 0=44, 1=65, 2=87
- Public key (variable): Based on MLDSA level
- Signature (variable): Based on MLDSA level
- Metadata length (4 bytes): uint32 LE
- Metadata (variable): JSON bytes
- Bytecode length (4 bytes): uint32 LE
- Bytecode (variable): V8 bytecode
- Proto length (4 bytes): uint32 LE
- Proto (variable): Protobuf definitions
- Checksum (32 bytes): SHA-256 of metadata + bytecode + proto
Plugin Manifest (plugin.json)
{
"name": "my-plugin",
"version": "1.0.0",
"opnetVersion": "^1.0.0",
"main": "dist/index.jsc",
"target": "bytenode",
"type": "plugin",
"author": {
"name": "Developer Name",
"email": "[email protected]"
},
"description": "My OPNet plugin",
"pluginType": "standalone",
"permissions": {
"database": {
"enabled": false,
"collections": []
},
"blocks": {
"preProcess": false,
"postProcess": false,
"onChange": false
},
"epochs": {
"onChange": false,
"onFinalized": false
},
"mempool": {
"txFeed": false
},
"api": {
"addEndpoints": false,
"addWebsocket": false
},
"filesystem": {
"configDir": false,
"tempDir": false
}
},
"resources": {
"maxMemoryMB": 256,
"maxCpuPercent": 25,
"maxStorageMB": 100
},
"dependencies": {},
"lifecycle": {
"autoStart": true,
"restartOnCrash": true,
"maxRestarts": 3
}
}Security
- Credentials are stored with restricted permissions (0600)
- All binaries are signed with quantum-resistant MLDSA signatures
- Checksums verify binary integrity
- IPFS CIDs provide content-addressed storage
License
Apache-2.0