Update mcp server

docs/Agent-Wallet/Developer/CLI-Reference.md

@@ -24,6 +24,16 @@ The system walks you through choosing a wallet type, generating keys, and settin
 The interactive wizard may offer a `raw_secret` option. This type stores your private key **unencrypted** on disk — any program with file system access can read it directly. Only use `raw_secret` in fully isolated test environments. For any wallet holding real funds, always choose `local_secure`.
 :::
 
+:::tip Privy wallet type
+The wizard also offers a `privy` option for Privy-managed server wallets. This type delegates key custody to Privy's infrastructure — no local private key is stored on disk. You'll need a Privy App ID, App Secret, and Wallet ID to configure it:
+
+```bash
+agent-wallet start   # then choose "privy" when prompted
+```
+
+The default wallet ID for Privy wallets is `default_privy`.
+:::
+
 **Custom password:**
 ```bash
 agent-wallet start -p Abc12345!
@@ -59,11 +69,13 @@ When signing with a `local_secure` wallet, the CLI will prompt for the master pa
 **Sign a message:**
 ```bash
 agent-wallet sign msg "Hello" -n tron
+# Output: Signature: d220de880cbc1c3f...
 ```
 
 **Sign a transaction** (build the unsigned tx via RPC first):
 ```bash
 agent-wallet sign tx '{"txID":"abc123...","raw_data_hex":"0a02...","raw_data":{...}}' -n tron
+# Output: Signed tx: { "txID": "abc123...", "signature": ["..."], ... }
 ```
 
 **Sign EIP-712 typed data:**
@@ -81,6 +93,30 @@ agent-wallet sign typed-data '{
 
 ---
 
+### `agent-wallet init` (Initialize Secrets Directory)
+
+Initialize the secrets directory and set the master password — without creating a wallet yet. This is useful for advanced scenarios where you want to prepare the directory before adding wallets.
+
+```bash
+agent-wallet init
+```
+
+**Non-interactive mode:**
+```bash
+agent-wallet init -p 'Abc12345!'
+```
+
+| Flag | Description |
+| :--- | :--- |
+| `--password, -p <pw>` | Master password (skip prompt) |
+| `--save-runtime-secrets` | Persist password to `runtime_secrets.json` |
+
+:::tip When to use `init` vs `start`
+`start` = `init` + create a wallet in one step. If you just need to set up the directory and password first (e.g., for a CI pipeline or when importing keys later), use `init` alone.
+:::
+
+---
+
 ## Wallet Management
 
 Manage multiple wallets — add, switch, inspect, remove.
@@ -105,6 +141,15 @@ agent-wallet use my-bsc-wallet
 agent-wallet inspect my-bsc-wallet
 ```
 
+Show wallet metadata along with derived addresses:
+```bash
+agent-wallet inspect my-bsc-wallet --show-address
+```
+
+| Flag | Description |
+| :--- | :--- |
+| `--show-address` | Derive and display EVM + TRON addresses (requires password for `local_secure` wallets) |
+
 **Sign with a specific wallet** (without switching the active one):
 ```bash
 agent-wallet sign msg "Hello" -n eip155:56 -w my-bsc-wallet -p 'Abc12345!'
@@ -115,6 +160,34 @@ agent-wallet sign msg "Hello" -n eip155:56 -w my-bsc-wallet -p 'Abc12345!'
 agent-wallet remove my-bsc-wallet
 ```
 
+| Flag | Short | Description |
+| :--- | :--- | :--- |
+| `--yes` | `-y` | Skip confirmation prompt (**required in non-interactive / agent contexts**) |
+
+### `agent-wallet resolve-address` (Resolve Wallet Addresses)
+
+Display the on-chain addresses associated with a wallet. For wallets derived from a mnemonic, this shows addresses for all supported networks (EVM and TRON). For private-key-based wallets, it shows the single address for the configured network.
+
+```bash
+agent-wallet resolve-address my-wallet
+```
+
+If you omit the wallet ID, the CLI will present an interactive list to choose from:
+
+```bash
+agent-wallet resolve-address
+```
+
+Example output:
+```
+  Wallet │ my-wallet
+    Type │ local_secure
+
+Addresses
+     EVM │ 0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18
+    TRON │ TJRyWwFs9wTFGZg3JbrVriFbNfCug5tDeC
+```
+
 ---
 
 ## Non-Interactive Execution (For Automation & Background Services)
@@ -227,10 +300,26 @@ agent-wallet sign msg "Hello" -n tron --dir /Volumes/MyUSB/agent-wallet
 
 After changing, **all key files are re-encrypted with the new password**. The old password becomes invalid immediately — make sure to update your password manager.
 
+**Interactive mode (default):**
 ```bash
 agent-wallet change-password
 ```
 
+**Non-interactive mode** (for automation scripts):
+```bash
+agent-wallet change-password -p 'OldPassword123!' --new-password 'NewPassword456!'
+```
+
+| Flag | Description |
+| :--- | :--- |
+| `--password, -p <pw>` | Current master password (skip prompt) |
+| `--new-password <pw>` | New master password (skip prompt) |
+| `--save-runtime-secrets` | Update cached password in `runtime_secrets.json` |
+
+:::caution
+Both `-p` and `--new-password` will be recorded in shell history. For production use, prefer interactive mode or pipe passwords from a secrets manager.
+:::
+
 ### `agent-wallet reset` (Reset All Data)
 
 Deletes everything under `~/.agent-wallet/`. **This is a nuclear option — once executed, all wallets, keys, and configuration are gone, with no recovery.** The system will ask for confirmation.

docs/Agent-Wallet/Developer/SDK-Cookbook.md

@@ -560,6 +560,24 @@ The x402 SDK automatically constructs the PaymentPermit data and calls the signi
 
 ---
 
+## More Examples
+
+The Agent-wallet repository includes additional ready-to-run examples covering more advanced scenarios:
+
+| Example | Description |
+| :--- | :--- |
+| `dual-sign-typed-data-from-private-key` | Sign EIP-712 typed data on both TRON and EVM from a single private key |
+| `switch-active-wallet` | Programmatically switch between multiple wallets |
+| `create-wallet-provider` | Direct provider instantiation without auto-resolution |
+| `tron-x402-sign-typed-data` | x402 PaymentPermit signing on TRON |
+| `bsc-x402-sign-typed-data` | x402 PaymentPermit signing on BSC |
+| `verify-tron-privy-typed-data` | Verify Privy TRON EIP-712 signatures |
+| `compare-sign-consistency` | Cross-wallet signature consistency testing |
+
+Browse the full set in the [TypeScript examples](https://github.com/BofAI/agent-wallet/tree/main/packages/typescript/examples) and [Python examples](https://github.com/BofAI/agent-wallet/tree/main/packages/python/examples) directories.
+
+---
+
 ## Next Steps
 
 - Prefer the command line? → [CLI Reference](./CLI-Reference.md)

docs/Agent-Wallet/Developer/SDK-Guide.md

@@ -22,13 +22,13 @@ Both installation instructions and code examples are provided for TypeScript and
 
 **Check Your Node.js Version**
 
-Requires Node.js ≥ 18. Check your current version:
+Requires Node.js ≥ 20. Check your current version:
 
 ```bash
 node -v
 ```
 
-If the output is `v18.0.0` or higher, you can proceed directly to installation. Otherwise, follow the instructions below.
+If the output is `v20.0.0` or higher, you can proceed directly to installation. Otherwise, follow the instructions below.
 
 :::tip Install / Upgrade Node.js
 
@@ -41,9 +41,9 @@ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
 # Reload shell config
 source ~/.bashrc   # or source ~/.zshrc
 
-# Install and switch to Node.js 18 LTS
-nvm install 18
-nvm use 18
+# Install and switch to Node.js 20 LTS
+nvm install 20
+nvm use 20
 ```
 
 You can also download the **LTS** installer directly from [nodejs.org](https://nodejs.org).
@@ -513,12 +513,16 @@ Error type hierarchy:
 
 ```
 WalletError
-├── WalletNotFoundError      # Specified wallet not found
-├── DecryptionError          # Wrong password or corrupted key file
-├── SigningError              # Signing operation failed
-├── NetworkError             # Network identifier mismatch
-├── InsufficientBalanceError # Insufficient balance
-└── UnsupportedOperationError # Operation not supported by this wallet type
+├── WalletNotFoundError        # Specified wallet not found
+├── DecryptionError            # Wrong password or corrupted key file
+├── SigningError                # Signing operation failed
+├── NetworkError               # Network identifier mismatch
+├── InsufficientBalanceError   # Insufficient balance
+├── UnsupportedOperationError  # Operation not supported by this wallet type
+├── PrivyConfigError           # Privy wallet configuration error
+├── PrivyRequestError          # Privy API request failed
+├── PrivyRateLimitError        # Privy API rate limit exceeded
+└── PrivyAuthError             # Privy authentication failed
 ```
 
 :::tip About InsufficientBalanceError

docs/Agent-Wallet/FAQ.md

@@ -68,18 +68,23 @@ No limit. You can create separate wallets for different AI agents, different cha
 
 ## Wallet Types
 
-### What's the difference between `local_secure` and `raw_secret`?
+### What's the difference between `local_secure`, `raw_secret`, and `privy`?
 
-| | `local_secure` | `raw_secret` |
-| :--- | :---: | :---: |
-| **Key encryption** | ✅ Strong encryption | ❌ Plaintext |
-| **If an agent reads the file** | ✅ Key is inaccessible | ❌ Stolen instantly |
-| **Use case** | ✅ All scenarios | ⚠️ Fully isolated dev environments only |
+| | `local_secure` | `raw_secret` | `privy` |
+| :--- | :---: | :---: | :---: |
+| **Key storage** | ✅ Encrypted locally | ❌ Plaintext locally | ☁️ Privy cloud custody |
+| **If an agent reads the file** | ✅ Key is inaccessible | ❌ Stolen instantly | ✅ No local key file |
+| **Requires master password** | ✅ Yes | ❌ No | ❌ No (uses API credentials) |
+| **Use case** | ✅ All scenarios | ⚠️ Fully isolated dev only | ✅ Server-side agents with Privy |
 
 :::danger `raw_secret` exposes your private key as plaintext
 `raw_secret` stores your key unencrypted — the exact exposure `local_secure` mode is designed to prevent. If any other process on your machine can read files, your key can be stolen instantly. **Always use `local_secure`** unless you're 100% certain no other agent is running on that machine and it's a fully isolated, offline test environment.
 :::
 
+:::tip Privy wallets
+The `privy` type delegates key custody to [Privy](https://privy.io)'s server-side wallet infrastructure. No private key is stored on your local disk — signing requests are sent to Privy's API. This is ideal for server-side AI agents that already use Privy for wallet management. You'll need a Privy App ID, App Secret, and Wallet ID to set it up.
+:::
+
 ### What values does the `network` parameter accept?
 
 | Value | Description |
@@ -136,7 +141,7 @@ Agent-wallet uses the Keystore V3 standard encryption (scrypt + AES-128-CTR), th
 
 ### What operating systems are supported?
 
-macOS and Linux. As long as you can run Node.js >= 18 or Python >= 3.11, you're good to go. Windows is not currently supported.
+macOS, Linux, and Windows. As long as you can run Node.js >= 20 or Python >= 3.11, you're good to go. Windows support was added in v2.3.x — file permission features (like `chmod 600`) are gracefully skipped on Windows since it doesn't support Unix-style permissions.
 
 ### `npm install -g` gives a permission error?
 

docs/Agent-Wallet/QuickStart.md

@@ -15,15 +15,15 @@ This page only walks you through the shortest path. For password-free configurat
 
 ### 1.1 Prepare Your Environment: Install Node.js
 
-Agent-wallet requires Node.js (a runtime environment, version >= 18) on your computer.
+Agent-wallet requires Node.js (a runtime environment, version >= 20) on your computer.
 
 Open a terminal (Mac users press `Command + Space` and search for "Terminal"), then type:
 
 ```bash
 node -v
 ```
 
-- **If the output shows `v18.x.x` or higher:** Great, skip straight to 1.2!
+- **If the output shows `v20.x.x` or higher:** Great, skip straight to 1.2!
 - **If there's no output or an error:** Don't panic — go to the **[Node.js official website](https://nodejs.org)** and download the latest **LTS** installer. Install it like any regular software — double-click and follow the prompts. After installation, close and reopen your terminal, then run `node -v` again to confirm.
 
 <details>
@@ -36,8 +36,8 @@ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
 # 2. Reload your terminal config
 source ~/.bashrc   # zsh users: source ~/.zshrc
 
-# 3. Install and switch to Node.js 18
-nvm install 18 && nvm use 18
+# 3. Install and switch to Node.js 20
+nvm install 20 && nvm use 20
 ```
 
 </details>

docs/McpServer-Skills/MCP/SUNMCPServer/FAQ.md

@@ -85,19 +85,12 @@ This page collects frequently asked questions when using SUN MCP Server and thei
 
 **Solution:**
 
-1. **Configure [Agent Wallet](../../../Agent-Wallet/Intro)** (recommended) — set `AGENT_WALLET_PASSWORD`
-
-2. **Or Configure Private Key (Testnet Only)**
+1. **Configure [Agent Wallet](../../../Agent-Wallet/Intro.md)** — set `AGENT_WALLET_PASSWORD`
    ```bash
-   export TRON_PRIVATE_KEY="your_64_hex_char_private_key"
+   export AGENT_WALLET_PASSWORD='your_password'
    ```
 
-3. **Or Configure Mnemonic**
-   ```bash
-   export TRON_MNEMONIC="word1 word2 ... word12"
-   ```
-
-4. **Restart server** and reconnect MCP client
+2. **Restart server** and reconnect MCP client
 
 Verify successful configuration by checking [Full Capability List](ToolList.md) for Full Capability List.
 
@@ -135,46 +128,30 @@ echo "your_private_key" | grep -E '^[0-9a-fA-F]{64}$'
 
 1. **Verify password is set**: Run `[[ -n "$AGENT_WALLET_PASSWORD" ]] && echo "Password is set" || echo "Password NOT set"` to confirm the variable is set without revealing the value.
 2. **Check wallet directory**: Verify `~/.agent-wallet/` exists and contains wallet files. If you used a custom directory, ensure `AGENT_WALLET_DIR` points to the correct path.
-3. **If password is lost**: You'll need to re-initialize the wallet. **Warning: this wipes all wallets and keys — ensure funds are moved or mnemonics backed up before proceeding.** Run `agent-wallet reset` to wipe and start over — see [CLI Reference → Reset](../../../Agent-Wallet/Developer/CLI-Reference#agent-wallet-reset-reset-all-data) and [Agent-Wallet FAQ](../../../Agent-Wallet/FAQ) for details. Passwords with special characters are supported — use single quotes when setting the environment variable.
+3. **If password is lost**: You'll need to re-initialize the wallet. **Warning: this wipes all wallets and keys — ensure funds are moved or mnemonics backed up before proceeding.** Run `agent-wallet reset` to wipe and start over — see [CLI Reference → Reset](../../../Agent-Wallet/Developer/CLI-Reference.md#agent-wallet-reset-reset-all-data) and [Agent-Wallet FAQ](../../../Agent-Wallet/FAQ.md) for details. Passwords with special characters are supported — use single quotes when setting the environment variable.
 
 
-### "Conflicting Wallet Modes"
+### "Wallet Not Found" or Initialization Error
 
-**Symptom:** Error "Conflicting wallet modes detected".
+**Symptom:** Server cannot find or initialize wallet.
 
-**Cause:** Multiple wallet environment variables set simultaneously.
+**Cause:** Agent Wallet not properly configured.
 
-**Solution:** Set only one of the following:
+**Solution:** Ensure Agent Wallet is installed and configured:
 
 ```bash
-# Option 1: Agent Wallet (recommended for production)
+# Set Agent Wallet password
 export AGENT_WALLET_PASSWORD='your_password'
-unset TRON_PRIVATE_KEY
-unset TRON_MNEMONIC
-
-# Option 2: Private Key (testnet only)
-export TRON_PRIVATE_KEY='your_64_hex_chars'
-unset AGENT_WALLET_PASSWORD
-unset TRON_MNEMONIC
-
-# Option 3: Mnemonic
-export TRON_MNEMONIC='word1 word2 ... word12'
-unset AGENT_WALLET_PASSWORD
-unset TRON_PRIVATE_KEY
-```
 
-**Verify Configuration:**
-```bash
-# Clear all wallet-related environment variables
-unset AGENT_WALLET_PASSWORD TRON_PRIVATE_KEY TRON_MNEMONIC
-
-# Set only one
-export AGENT_WALLET_PASSWORD='your_password'
+# Optional: specify custom wallet directory
+export AGENT_WALLET_DIR="$HOME/.agent-wallet"
 
 # Restart server
 sun-mcp-server
 ```
 
+If you haven't initialized Agent Wallet yet, see the [Agent-Wallet documentation](../../../Agent-Wallet/Intro.md) for setup instructions.
+
 ## DeFi Operation Errors
 
 ### "Swap Failed"
@@ -271,7 +248,7 @@ sun-mcp-server
    - Check Permit2 request structured data
    - Confirm chain ID, token address, deadline correct
 
-3. **Reinitialize Wallet** — run `agent-wallet reset` to wipe and start over. See [CLI Reference → Reset](../../../Agent-Wallet/Developer/CLI-Reference#agent-wallet-reset-reset-all-data) for details.
+3. **Reinitialize Wallet** — run `agent-wallet reset` to wipe and start over. See [CLI Reference → Reset](../../../Agent-Wallet/Developer/CLI-Reference.md#agent-wallet-reset-reset-all-data) for details.
 
 4. **Use Alternate Authorization Method**
    ```
@@ -414,7 +391,7 @@ Check transaction hash details on https://tronscan.org for error message
       "args": ["--port", "8081"],
       "env": {
         "TRON_NETWORK": "nile",
-        "TRON_PRIVATE_KEY": "your_testnet_private_key"
+        "AGENT_WALLET_PASSWORD": "your_testnet_password"
       }
     }
   }