cairn-cli 0.1.4

Backpac Agent-Native CLI for autonomous settlement workflows
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172

# Cairn CLI

Cairn (`cairn`) is Backpac's agent-native command-line tool designed for autonomous settlement workflows.

Built entirely in Rust for maximum speed, memory safety, and cross-platform compatibility, Cairn operates completely headless (without interactive prompts) by default to favor machine readability and agent instrumentation.

## Core Value Proposition: Deterministic Settlement

Cairn abstracts away the non-deterministic nature of blockchains (local mempools, gas spikes, reorgs) into a structured state machine. Agents treat transactions as **Intents** that are either `PENDING`, `CONFIRMED`, or `FINALIZED`.

## Features

- **Agent Identity Management**: DID-anchored authentication via EIP-4361 (Sign-in with Ethereum).
- **PoI Engine**: Create, link, and trace structured Proofs of Intent across disparate networks.
- **RPC Gateway**: Broadcast zero-knowledge transactions securely over Backpac's endpoint matrix.
- **SSE Real-Time Monitoring**: Stream live state transitions for intents and globally emitted agent events.
- **Trustless Verification**: A dedicated `receive` command for counterparty agents to verify payment finality and context without custom logic.
- **x402 Automation**: Native 402 detection and EIP-712 wallet integration for automatic payment resolution.

## Installation

### Prerequisites

- Rust 1.70 or higher
- Git

### Build from source

```bash
git clone https://github.com/Backpac-Inc/cairn-cli
cd cairn-cli

# Build release optimized binary
cargo build --release

# Place in your PATH
mv target/release/cairn ~/.local/bin/
```

## Quick Start: Configuration & Auth

### 1. Configure the environment

Set your preferred execution chain and network. These can also be overridden via env vars (`CAIRN_CHAIN`, `CAIRN_NETWORK`) or global flags.

```bash
cairn config set chain ethereum
cairn config set network mainnet
```

### 2. Authenticate

Cairn uses EIP-4361 (Sign-In with Ethereum). If you have your private key saved locally (e.g. at `~/.backpac/mykey.pem`), the flow is fully automated:

```bash
cairn auth connect \
  --wallet 0xYOUR_WALLET \
  --chain eip155:1 \
  --did did:key:z6MkYOURDID \
  --key-file ~/.backpac/mykey.pem
```

*Your successful login JWT is securely stored at `~/.backpac/credentials.json`.*

---

## Agent Workflow: The SENDER

The Sender agent is responsible for initializing a Proof of Intent (PoI) and fulfilling it via one or more execution intents.

### 1. Check Pre-requisites
Ensure the agent has sufficient balance to execute:
```bash
cairn rpc balance
```

### 2. Initialize Settlement
Create a PoI which acts as the overarching session:
```bash
POI_ID=$(cairn poi create --ttl 600 | jq -r .id)
```

### 3. Dispatch Intent
Submit the transaction payload bound to the PoI. 
```bash
cairn intent send \
  --method eth_sendRawTransaction \
  --params '["0xSignedTxData"]' \
  --poi-id $POI_ID \
  --confidence 0.99
```

### 4. Wait for Finality
Block until the transaction moves to a `FINALIZED` state:
```bash
cairn intent wait <INTENT_ID> --timeout 120
```

---

## Agent Workflow: The RECEIVER

The Receiver agent uses Cairn to verify that a counterparty has fulfilled their promise trustlessly.

### 1. The Trustless Handshake
Verify that a PoI exists, is finalized (SETTLED), and matches the expected payment context (recipient and value):

```bash
cairn receive \
  --poi-id <POI_ID> \
  --recipient did:key:z6Mk... \
  --expect-value "1.5" \
  --require-finalized
```

*Cairn returns **Exit Code 0** if and only if all conditions are met.*

### 2. Proof Audit & Storage
Fetch the full cryptographic Proof of Transport (PoT) bundle for long-term audit logs:

```bash
# Fetch raw JSON bundle after local signature verification
cairn proof get <INTENT_ID> --verify-signature --raw
```

---

## Advanced Features

### SSE Monitoring
Stream live state transitions for a specific intent or all account-wide events:
```bash
cairn watch intent <INTENT_ID>
cairn watch agent
```

### Automatic x402 Payments
Enable automatic L402 challenge resolution. If an RPC call returns a 402, Cairn will sign and pay the credit invoice using your local wallet:
```bash
export CAIRN_AUTO_PAY=1
cairn intent send ...
```

## Global Flags & Modifiers

| Flag | Env Var | Description |
|:---|:---|:---|
| `--output <FORMAT>` | `CAIRN_OUTPUT` | Switch output format (`json` or `text`). |
| `--quiet`, `-q` | | Suppresses stdout, returning only execution exit codes. |
| `--api-url <URL>` | `BACKPAC_API_URL` | Temporarily overrides API location. |
| `--jwt <TOKEN>` | `BACKPAC_JWT` | Submits the provided token instead of local state. |

## Exit Codes

| Code | Meaning |
|:---:|:---|
| 0 | Success |
| 1 | General error (IO/Serialization) |
| 2 | Value Mismatch (Context verification failure) |
| 3 | Not Finalized (Intent state is still pending) |
| 4 | Forbidden (Access Denied / Wrong recipient) |
| 10 | CLI Operation Timeout |
| 11 | Signature Verification Error (Cryptographic failure) |
| 16 | Insufficient Funds / x402 Trigger |

*See `CLI_DESIGN.md` for the full 16-code mapping.*

## Development

```bash
cargo test
```