Merge branch 'main' into resolve-conflicts

Author: ai16z-demirix

.env.example

@@ -91,4 +91,5 @@ STARKNET_ADDRESS=
 STARKNET_PRIVATE_KEY=
 STARKNET_RPC_URL=
 
-
+# Coinbase Commerce
+COINBASE_COMMERCE_KEY=

SECURITY.md

@@ -17,74 +17,79 @@ We take the security of Eliza seriously. If you believe you have found a securit
 
 1. **DO NOT** create a public GitHub issue for the vulnerability
 2. Send an email to security@eliza.builders with:
-   - A detailed description of the vulnerability
-   - Steps to reproduce the issue
-   - Potential impact of the vulnerability
-   - Any possible mitigations you've identified
+    - A detailed description of the vulnerability
+    - Steps to reproduce the issue
+    - Potential impact of the vulnerability
+    - Any possible mitigations you've identified
 
 ### What to Expect
 
-- **Initial Response**: Within 48 hours, you will receive an acknowledgment of your report
-- **Updates**: We will provide updates every 5 business days about the progress
-- **Resolution Timeline**: We aim to resolve critical issues within 15 days
-- **Disclosure**: We will coordinate with you on the public disclosure timing
+-   **Initial Response**: Within 48 hours, you will receive an acknowledgment of your report
+-   **Updates**: We will provide updates every 5 business days about the progress
+-   **Resolution Timeline**: We aim to resolve critical issues within 15 days
+-   **Disclosure**: We will coordinate with you on the public disclosure timing
 
 ## Security Best Practices
 
 ### For Contributors
 
 1. **API Keys and Secrets**
-   - Never commit API keys, passwords, or other secrets to the repository
-   - Use environment variables as described in our secrets management guide
-   - Rotate any accidentally exposed credentials immediately
+
+    - Never commit API keys, passwords, or other secrets to the repository
+    - Use environment variables as described in our secrets management guide
+    - Rotate any accidentally exposed credentials immediately
 
 2. **Dependencies**
-   - Keep all dependencies up to date
-   - Review security advisories for dependencies regularly
-   - Use `pnpm audit` to check for known vulnerabilities
+
+    - Keep all dependencies up to date
+    - Review security advisories for dependencies regularly
+    - Use `pnpm audit` to check for known vulnerabilities
 
 3. **Code Review**
-   - All code changes must go through pull request review
-   - Security-sensitive changes require additional review
-   - Enable branch protection on main branches
+    - All code changes must go through pull request review
+    - Security-sensitive changes require additional review
+    - Enable branch protection on main branches
 
 ### For Users
 
 1. **Environment Setup**
-   - Follow our [secrets management guide](docs/guides/secrets-management.md) for secure configuration
-   - Use separate API keys for development and production
-   - Regularly rotate credentials
+
+    - Follow our [secrets management guide](docs/guides/secrets-management.md) for secure configuration
+    - Use separate API keys for development and production
+    - Regularly rotate credentials
 
 2. **Model Provider Security**
-   - Use appropriate rate limiting for API calls
-   - Monitor usage patterns for unusual activity
-   - Implement proper authentication for exposed endpoints
+
+    - Use appropriate rate limiting for API calls
+    - Monitor usage patterns for unusual activity
+    - Implement proper authentication for exposed endpoints
 
 3. **Platform Integration**
-   - Use separate bot tokens for different environments
-   - Implement proper permission scoping for platform APIs
-   - Regular audit of platform access and permissions
+    - Use separate bot tokens for different environments
+    - Implement proper permission scoping for platform APIs
+    - Regular audit of platform access and permissions
 
 ## Security Features
 
 ### Current Implementation
 
-- Environment variable based secrets management
-- Type-safe API implementations
-- Automated dependency updates via Renovate
-- Continuous Integration security checks
+-   Environment variable based secrets management
+-   Type-safe API implementations
+-   Automated dependency updates via Renovate
+-   Continuous Integration security checks
 
 ### Planned Improvements
 
 1. **Q4 2024**
-   - Automated security scanning in CI pipeline
-   - Enhanced rate limiting implementation
-   - Improved audit logging
+
+    - Automated security scanning in CI pipeline
+    - Enhanced rate limiting implementation
+    - Improved audit logging
 
 2. **Q1 2025**
-   - Security-focused documentation improvements
-   - Enhanced platform permission management
-   - Automated vulnerability scanning
+    - Security-focused documentation improvements
+    - Enhanced platform permission management
+    - Automated vulnerability scanning
 
 ## Vulnerability Disclosure Policy
 
@@ -100,21 +105,21 @@ We follow a coordinated disclosure process:
 
 We believe in recognizing security researchers who help improve our security. Contributors who report valid security issues will be:
 
-- Credited in our security acknowledgments (unless they wish to remain anonymous)
-- Added to our security hall of fame
-- Considered for our bug bounty program (coming soon)
+-   Credited in our security acknowledgments (unless they wish to remain anonymous)
+-   Added to our security hall of fame
+-   Considered for our bug bounty program (coming soon)
 
 ## License Considerations
 
 As an MIT licensed project, users should understand:
 
-- The software is provided "as is"
-- No warranty is provided
-- Users are responsible for their own security implementations
-- Contributors grant perpetual license to their contributions
+-   The software is provided "as is"
+-   No warranty is provided
+-   Users are responsible for their own security implementations
+-   Contributors grant perpetual license to their contributions
 
 ## Contact
 
-- Security Issues: security@eliza.builders
-- General Questions: Join our [Discord](https://discord.gg/ai16z)
-- Updates: Follow our [security advisory page](https://github.com/ai16z/eliza/security/advisories)
+-   Security Issues: security@eliza.builders
+-   General Questions: Join our [Discord](https://discord.gg/ai16z)
+-   Updates: Follow our [security advisory page](https://github.com/ai16z/eliza/security/advisories)

agent/package.json

@@ -25,6 +25,7 @@
         "@ai16z/plugin-node": "workspace:*",
         "@ai16z/plugin-solana": "workspace:*",
         "@ai16z/plugin-starknet": "workspace:*",
+        "@ai16z/plugin-coinbase": "workspace:*",
         "readline": "^1.3.0",
         "ws": "^8.18.0",
         "yargs": "17.7.2"

agent/src/index.ts

@@ -25,6 +25,7 @@ import {
 import { bootstrapPlugin } from "@ai16z/plugin-bootstrap";
 import { solanaPlugin } from "@ai16z/plugin-solana";
 import { nodePlugin } from "@ai16z/plugin-node";
+import { coinbaseCommercePlugin } from "@ai16z/plugin-coinbase";
 import Database from "better-sqlite3";
 import fs from "fs";
 import readline from "readline";
@@ -249,6 +250,10 @@ export function createAgent(
             bootstrapPlugin,
             nodePlugin,
             character.settings.secrets?.WALLET_PUBLIC_KEY ? solanaPlugin : null,
+            character.settings.secrets?.COINBASE_COMMERCE_KEY ||
+            process.env.COINBASE_COMMERCE_KEY
+                ? coinbaseCommercePlugin
+                : null,
         ].filter(Boolean),
         providers: [],
         actions: [],

client/package.json

@@ -25,8 +25,8 @@
     "devDependencies": {
         "@eslint/js": "^9.13.0",
         "@types/node": "22.8.4",
-        "@types/react": "^18.3.12",
-        "@types/react-dom": "^18.3.1",
+        "@types/react": "18.3.12",
+        "@types/react-dom": "18.3.1",
         "@vitejs/plugin-react": "^4.3.3",
         "autoprefixer": "^10.4.20",
         "eslint": "^9.13.0",

docs/docs/packages/plugins.md

@@ -106,6 +106,111 @@ const character = {
 };
 ```
 
+Here is the updated README with the Coinbase Commerce plugin information added:
+
+---
+
+# 🧩 Plugins
+
+## Overview
+
+Eliza's plugin system provides a modular way to extend the core functionality with additional features, actions, evaluators, and providers. Plugins are self-contained modules that can be easily added or removed to customize your agent's capabilities.
+
+## Core Plugin Concepts
+
+### Plugin Structure
+
+Each plugin in Eliza must implement the `Plugin` interface with the following properties:
+
+```typescript
+interface Plugin {
+  name: string; // Unique identifier for the plugin
+  description: string; // Brief description of plugin functionality
+  actions?: Action[]; // Custom actions provided by the plugin
+  evaluators?: Evaluator[]; // Custom evaluators for behavior assessment
+  providers?: Provider[]; // Context providers for message generation
+  services?: Service[]; // Additional services (optional)
+}
+```
+
+### Available Plugins
+
+#### 1. Bootstrap Plugin (`@eliza/plugin-bootstrap`)
+
+The bootstrap plugin provides essential baseline functionality:
+
+**Actions:**
+
+- `continue` - Continue the current conversation flow
+- `followRoom` - Follow a room for updates
+- `unfollowRoom` - Unfollow a room
+- `ignore` - Ignore specific messages
+- `muteRoom` - Mute notifications from a room
+- `unmuteRoom` - Unmute notifications from a room
+
+**Evaluators:**
+
+- `fact` - Evaluate factual accuracy
+- `goal` - Assess goal completion
+
+**Providers:**
+
+- `boredom` - Manages engagement levels
+- `time` - Provides temporal context
+- `facts` - Supplies factual information
+
+#### 2. Image Generation Plugin (`@eliza/plugin-image-generation`)
+
+Enables AI image generation capabilities:
+
+**Actions:**
+
+- `GENERATE_IMAGE` - Create images based on text descriptions
+- Supports multiple image generation services (Anthropic, Together)
+- Auto-generates captions for created images
+
+#### 3. Node Plugin (`@eliza/plugin-node`)
+
+Provides core Node.js-based services:
+
+**Services:**
+
+- `BrowserService` - Web browsing capabilities
+- `ImageDescriptionService` - Image analysis
+- `LlamaService` - LLM integration
+- `PdfService` - PDF processing
+- `SpeechService` - Text-to-speech
+- `TranscriptionService` - Speech-to-text
+- `VideoService` - Video processing
+
+#### 4. Solana Plugin (`@eliza/plugin-solana`)
+
+Integrates Solana blockchain functionality:
+
+**Evaluators:**
+
+- `trustEvaluator` - Assess transaction trust scores
+
+**Providers:**
+
+- `walletProvider` - Wallet management
+- `trustScoreProvider` - Transaction trust metrics
+
+#### 5. Coinbase Commerce Plugin (`@eliza/plugin-coinbase-commerce`)
+
+Integrates Coinbase Commerce for payment and transaction management:
+
+**Actions:**
+
+- `CREATE_CHARGE` - Create a payment charge using Coinbase Commerce
+- `GET_ALL_CHARGES` - Fetch all payment charges
+- `GET_CHARGE_DETAILS` - Retrieve details for a specific charge
+
+**Description:**
+This plugin enables Eliza to interact with the Coinbase Commerce API to create and manage payment charges, providing seamless integration with cryptocurrency-based payment systems.
+
+---
+
 ### Writing Custom Plugins
 
 Create a new plugin by implementing the Plugin interface:

docs/package.json

@@ -25,8 +25,8 @@
     "clsx": "2.1.0",
     "docusaurus-lunr-search": "^3.5.0",
     "prism-react-renderer": "2.3.1",
-    "react": "18.2.0",
-    "react-dom": "18.2.0",
+    "react": "18.3.1",
+    "react-dom": "18.3.1",
     "react-router-dom": "6.22.1"
   },
   "devDependencies": {

package.json

@@ -47,7 +47,8 @@
     "dependencies": {
         "ollama-ai-provider": "^0.16.1",
         "optional": "^0.1.4",
-        "sharp": "^0.33.5"
+        "sharp": "^0.33.5",
+        "tslog": "^4.9.3"
     },
     "packageManager": "pnpm@9.12.3+sha512.cce0f9de9c5a7c95bef944169cc5dfe8741abfb145078c0d508b868056848a87c81e626246cb60967cbd7fd29a6c062ef73ff840d96b3c86c40ac92cf4a813ee"
 }