Merge pull request #5 from techops-services/KEEP-1136-remove-unecessary-actions

Keep 1136 Initial Web3 integration

Author: taitsengstock

PARA_INTEGRATION.md

@@ -0,0 +1,90 @@
+# Para Wallet Integration
+
+## Overview
+
+This integration automatically creates and manages Para wallets for users, enabling server-side blockchain operations within workflow steps.
+
+## What This Does
+
+1. **Automatic Wallet Creation**: When a user signs up, a Para wallet is automatically created for them
+2. **Secure Storage**: Wallet keyshares are encrypted with AES-256-GCM and stored securely in the database
+3. **Server-Side Access**: Workflow steps can use the user's wallet to perform blockchain operations (sending transactions, signing messages, interacting with smart contracts, etc.)
+4. **User Visibility**: Users can see their wallet address displayed in the user dropdown menu
+
+## How It Works
+
+### Wallet Creation Flow
+1. **User signs up** → Better Auth triggers a database hook
+   - File: `lib/auth.ts`
+   - Hook: `databaseHooks.user.create.after`
+
+2. **Database hook calls Para SDK** to create a pregenerated wallet
+   - `const wallet = await paraClient.createPregenWallet({ type: "EVM", pregenId: { email } })`
+   - Returns: `{ id, address, ... }`
+
+3. **Wallet keyshare is encrypted** and stored in database
+   - File: `lib/encryption.ts`
+   - Function: `encryptUserShare(userShare)`
+   - Stored in: `para_wallets` table
+
+4. **Wallet address is displayed** to the user
+   - File: `components/workflows/user-menu.tsx`
+   - Shown in user dropdown menu
+
+### Workflow Step Usage
+When a workflow step needs to use the wallet:
+1. Fetch encrypted keyshare from database (using authenticated userId)
+2. Decrypt the keyshare
+3. Initialize Para signer for blockchain operations
+4. Perform the operation (send transaction, sign message, call smart contract, etc.)
+
+## Key Components
+
+### Database
+- **Table**: `para_wallets`
+- **Fields**: userId (unique), email, walletId, walletAddress, encrypted userShare, createdAt
+- **Security**: One wallet per user, foreign key to users table, cascading delete
+
+### Encryption
+- **Algorithm**: AES-256-GCM (authenticated encryption)
+- **Key Storage**: Environment variable `WALLET_ENCRYPTION_KEY`
+- **Format**: `iv:authTag:encryptedData` (prevents tampering)
+
+### Helper Functions
+- `getUserWallet(userId)` - Retrieve wallet from database
+- `initializeParaSigner(userId, rpcUrl)` - Get ready-to-use signer for transactions
+- `getUserWalletAddress(userId)` - Get wallet address for display
+- `userHasWallet(userId)` - Check if user has wallet
+
+## What You Can Build
+
+Workflow steps that use the user's wallet can:
+- Send ETH or ERC-20 tokens
+- Interact with smart contracts (DeFi, NFTs, DAOs)
+- Sign messages or data
+- Check balances and token ownership
+- Execute any blockchain operation the user authorizes
+
+## Key Files
+
+- `lib/auth.ts` - Better Auth configuration with wallet creation hook
+- `lib/db/schema.ts` - Database schema for `para_wallets` table
+- `lib/encryption.ts` - AES-256-GCM encryption/decryption utilities
+- `lib/para/wallet-helpers.ts` - Helper functions for wallet operations
+- `app/api/user/route.ts` - API endpoint that includes wallet address
+- `components/workflows/user-menu.tsx` - UI component displaying wallet address
+
+## Environment Variables Required
+
+```env
+PARA_API_KEY=your-para-api-key
+PARA_ENVIRONMENT=beta  # or 'prod'
+WALLET_ENCRYPTION_KEY=64-character-hex-string
+```
+
+## Security Notes
+
+- All Para SDK operations happen server-side only
+- userShare never transmitted to browser
+- Encryption key stored only in environment variables
+- Each user can only access their own wallet (enforced by userId authentication)

PARA_WORKFLOW_STEP.md

@@ -0,0 +1,44 @@
+# Para Wallet - Send Sepolia ETH Workflow Step
+
+## Goal
+
+Create a workflow step that allows users to send ETH on the Sepolia testnet using their Para wallet.
+
+## File locations
+
+- Plugin definition: plugins/[name]/index.ts
+- Step implementation: plugins/[name]/steps/[step-name].ts
+- Step registry: lib/step-registry.ts (auto-generated)
+- Workflow executor: lib/workflow-executor.workflow.ts
+- Step handler utilities: lib/steps/step-handler.ts
+
+## For this step
+
+You'll need to:
+
+- Create plugins/para/index.ts — register the plugin
+- Create plugins/para/steps/send-eth.ts — step implementation
+- Access userId — look up from executionId via workflowExecutions table
+- Use wallet helpers — initializeParaSigner(userId, rpcUrl) from lib/para/wallet-helpers.ts
+- Define config fields — amount and recipientAddress in plugin registration
+- The PARA integration already exists (wallet creation, encryption, helpers), so you're adding a step that uses it.
+
+## Current Status
+
+- ✅ Para wallet integration is complete (wallets auto-created on user signup)
+- ✅ Wallet addresses display in user dropdown menu
+
+## What Works
+
+1. Users automatically get a Para wallet when they sign up
+2. Wallet keyshares are encrypted and stored securely in the database
+
+## What Doesn't Work
+
+Nothing about the step is yet implemented
+
+## The Issue
+
+## Next Steps
+
+## Key Files

README.md

@@ -79,18 +79,10 @@ Visit [http://localhost:3000](http://localhost:3000) to get started.
 ### Action Nodes
 
 <!-- PLUGINS:START - Do not remove. Auto-generated by discover-plugins -->
-- **AI Gateway**: Generate Text, Generate Image
-- **Blob**: Put Blob, List Blobs
-- **fal.ai**: Generate Image, Generate Video, Upscale Image, Remove Background, Image to Image
-- **Firecrawl**: Scrape URL, Search Web
-- **GitHub**: Create Issue, List Issues, Get Issue, Update Issue
-- **Linear**: Create Ticket, Find Issues
-- **Perplexity**: Search Web, Ask Question, Research Topic
 - **Resend**: Send Email
 - **Slack**: Send Slack Message
-- **Stripe**: Create Customer, Get Customer, Create Invoice
-- **Superagent**: Guard, Redact
 - **v0**: Create Chat, Send Message
+- **Web3**: Transfer Funds
 <!-- PLUGINS:END -->
 
 ## Code Generation

app/api/user/route.ts

@@ -3,6 +3,7 @@ import { NextResponse } from "next/server";
 import { auth } from "@/lib/auth";
 import { db } from "@/lib/db";
 import { accounts, users } from "@/lib/db/schema";
+import { getUserWallet } from "@/lib/para/wallet-helpers";
 
 export async function GET(request: Request) {
   try {
@@ -37,9 +38,20 @@ export async function GET(request: Request) {
       },
     });
 
+    // Get the user's wallet address (if exists)
+    let walletAddress: string | null = null;
+    try {
+      const wallet = await getUserWallet(session.user.id);
+      walletAddress = wallet.walletAddress;
+    } catch (_error) {
+      // User doesn't have a wallet yet, that's ok
+      walletAddress = null;
+    }
+
     return NextResponse.json({
       ...userData,
       providerId: userAccount?.providerId ?? null,
+      walletAddress,
     });
   } catch (error) {
     console.error("Failed to get user:", error);

app/api/user/wallet/route.ts

@@ -0,0 +1,42 @@
+import { NextResponse } from "next/server";
+import { auth } from "@/lib/auth";
+import { getUserWallet, userHasWallet } from "@/lib/para/wallet-helpers";
+
+export async function GET(request: Request) {
+  try {
+    const session = await auth.api.getSession({
+      headers: request.headers,
+    });
+
+    if (!session?.user) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+    }
+
+    const hasWallet = await userHasWallet(session.user.id);
+
+    if (!hasWallet) {
+      return NextResponse.json({
+        hasWallet: false,
+        message: "No Para wallet found for this user",
+      });
+    }
+
+    const wallet = await getUserWallet(session.user.id);
+
+    return NextResponse.json({
+      hasWallet: true,
+      walletAddress: wallet.walletAddress,
+      walletId: wallet.walletId,
+      email: wallet.email,
+      createdAt: wallet.createdAt,
+    });
+  } catch (error) {
+    console.error("Failed to get wallet:", error);
+    return NextResponse.json(
+      {
+        error: error instanceof Error ? error.message : "Failed to get wallet",
+      },
+      { status: 500 }
+    );
+  }
+}

components/settings/integration-form-dialog.tsx

@@ -226,7 +226,7 @@ export function IntegrationFormDialog({
                       <div className="flex items-center gap-2">
                         <IntegrationIcon
                           className="size-4"
-                          integration={type === "ai-gateway" ? "vercel" : type}
+                          integration={type}
                         />
                         {getLabel(type)}
                       </div>

components/settings/integrations-manager.tsx

@@ -130,11 +130,7 @@ export function IntegrationsManager({
               <div className="flex items-center gap-3">
                 <IntegrationIcon
                   className="size-8"
-                  integration={
-                    integration.type === "ai-gateway"
-                      ? "vercel"
-                      : integration.type
-                  }
+                  integration={integration.type}
                 />
                 <div>
                   <p className="font-medium text-sm">{integration.name}</p>

components/workflows/user-menu.tsx

@@ -33,14 +33,21 @@ export const UserMenu = () => {
   const [settingsOpen, setSettingsOpen] = useState(false);
   const [integrationsOpen, setIntegrationsOpen] = useState(false);
   const [providerId, setProviderId] = useState<string | null>(null);
+  const [walletAddress, setWalletAddress] = useState<string | null>(null);
 
-  // Fetch provider info when session is available
+  // Fetch provider info and wallet when session is available
   useEffect(() => {
     if (session?.user && !session.user.name?.startsWith("Anonymous")) {
       api.user
         .get()
-        .then((user) => setProviderId(user.providerId))
-        .catch(() => setProviderId(null));
+        .then((user) => {
+          setProviderId(user.providerId);
+          setWalletAddress(user.walletAddress || null);
+        })
+        .catch(() => {
+          setProviderId(null);
+          setWalletAddress(null);
+        });
     }
   }, [session?.user]);
 
@@ -128,6 +135,11 @@ export const UserMenu = () => {
             <p className="text-muted-foreground text-xs leading-none">
               {session?.user?.email}
             </p>
+            {walletAddress && (
+              <p className="font-mono text-muted-foreground text-xs leading-none">
+                {walletAddress.slice(0, 6)}...{walletAddress.slice(-4)}
+              </p>
+            )}
           </div>
         </DropdownMenuLabel>
         <DropdownMenuSeparator />

lib/api-client.ts

@@ -377,6 +377,7 @@ export const userApi = {
       image: string | null;
       isAnonymous: boolean | null;
       providerId: string | null;
+      walletAddress: string | null;
     }>("/api/user"),
 
   update: (data: { name?: string; email?: string }) =>

lib/auth.ts

@@ -1,3 +1,4 @@
+import { Environment, Para as ParaServer } from "@getpara/server-sdk";
 import { betterAuth } from "better-auth";
 import { drizzleAdapter } from "better-auth/adapters/drizzle";
 import { anonymous, genericOAuth } from "better-auth/plugins";
@@ -6,6 +7,7 @@ import { db } from "./db";
 import {
   accounts,
   integrations,
+  paraWallets,
   sessions,
   users,
   verifications,
@@ -14,6 +16,7 @@ import {
   workflowExecutionsRelations,
   workflows,
 } from "./db/schema";
+import { encryptUserShare } from "./encryption";
 
 // Construct schema object for drizzle adapter
 const schema = {
@@ -157,4 +160,80 @@ export const auth = betterAuth({
     },
   },
   plugins,
+
+  // Database hooks for automatic Para wallet creation
+  databaseHooks: {
+    user: {
+      create: {
+        after: async (user) => {
+          // Skip wallet creation if no email
+          if (!user.email) {
+            console.log("[Para] Skipping wallet creation - no email");
+            return;
+          }
+
+          console.log(`[Para] Creating wallet for user: ${user.email}`);
+
+          try {
+            const PARA_API_KEY = process.env.PARA_API_KEY;
+            const PARA_ENV = process.env.PARA_ENVIRONMENT || "beta";
+
+            if (!PARA_API_KEY) {
+              console.warn("[Para] PARA_API_KEY not configured");
+              return;
+            }
+
+            // Initialize Para SDK
+            const paraClient = new ParaServer(
+              PARA_ENV === "prod" ? Environment.PROD : Environment.BETA,
+              PARA_API_KEY
+            );
+
+            // Check if wallet already exists
+            const hasWallet = await paraClient.hasPregenWallet({
+              pregenId: { email: user.email },
+            });
+
+            if (hasWallet) {
+              console.log(`[Para] Wallet already exists for ${user.email}`);
+              return;
+            }
+
+            // Create pregenerated wallet
+            const wallet = await paraClient.createPregenWallet({
+              type: "EVM",
+              pregenId: { email: user.email },
+            });
+
+            // Get user's cryptographic share
+            const userShare = await paraClient.getUserShare();
+
+            if (!userShare) {
+              throw new Error("Failed to get user share from Para");
+            }
+
+            if (!(wallet.id && wallet.address)) {
+              throw new Error("Invalid wallet data from Para");
+            }
+
+            // Store encrypted wallet in database
+            await db.insert(paraWallets).values({
+              userId: user.id,
+              email: user.email,
+              walletId: wallet.id, // v2 API uses wallet.id instead of wallet.walletId
+              walletAddress: wallet.address,
+              userShare: encryptUserShare(userShare), // Encrypted!
+            });
+
+            console.log(
+              `[Para] ✓ Wallet created successfully: ${wallet.address}`
+            );
+          } catch (error) {
+            console.error("[Para] Failed to create wallet:", error);
+            // Don't throw - let signup succeed even if wallet creation fails
+          }
+        },
+      },
+    },
+  },
 });