feat(operator): external backend connect-mode + self-advertised payment config (#10)

Lets the operator run against any OpenAI-compatible upstream (cli-bridge,
llama.cpp, …) with no GPU, and makes its payment surface self-describing so
clients configure themselves with zero hardcoded addresses.

- config: `vllm.external` flag. When set, InferenceServer::start connects to
  an already-running server at host:port via VllmProcess::connect instead of
  spawning vLLM, and the watchdog no longer tries to respawn a backend it
  doesn't manage.
- server: /v1/operator now advertises `shielded_credits` + `chain_id`, so a
  client can build the ShieldedCredits EIP-712 domain from operator info alone.
- sdk/scripts: end-to-end proofs driving the viem SDK —
  - onchain-e2e.mjs: signs a SpendAuth and submits authorizeSpend against a
    live ShieldedCredits, asserting the contract's ECDSA.recover accepts the
    SDK signature (balance debited, nonce incremented).
  - local-onchain-proof.sh: deploys ShieldedCredits + a mock token, funds a
    credit account, runs onchain-e2e.
  - http-e2e.mjs: full path — SDK signs → operator-lite validates (recover +
    on-chain getAccount) → proxies to the backend → completion; verifies the
    on-chain spend nonce advances.

Verified locally: anvil + ShieldedCredits + operator-lite + cli-bridge
(claude-code/sonnet) — SpendAuth-gated chat returns a real completion, 402
without payment, settlement advances the on-chain nonce.

Author: drewstone

.gitignore

@@ -12,3 +12,6 @@ contracts/dependencies/
 .DS_Store
 .tangle/
 .foreman/
+
+# operator runtime nonce store
+data/

operator/src/config.rs

@@ -78,6 +78,13 @@ pub struct VllmConfig {
     /// Startup timeout in seconds.
     #[serde(default = "default_startup_timeout")]
     pub startup_timeout_secs: u64,
+
+    /// When true, connect to an already-running OpenAI-compatible server at
+    /// `host:port` instead of spawning a vLLM subprocess. Lets the operator
+    /// run against cli-bridge / llama.cpp / any OpenAI-compatible backend with
+    /// no GPU — used for local end-to-end testing.
+    #[serde(default)]
+    pub external: bool,
 }
 
 #[derive(Debug, Clone, Serialize, Deserialize)]

operator/src/lib.rs

@@ -212,17 +212,36 @@ impl BackgroundService for InferenceServer {
         let config = self.config.clone();
 
         tokio::spawn(async move {
-            // 1. Start the vLLM subprocess
-            let vllm_handle = match VllmProcess::spawn(config.clone()).await {
-                Ok(h) => Arc::new(h),
-                Err(e) => {
-                    tracing::error!(error = %e, "failed to spawn vLLM");
-                    let _ = tx.send(Err(RunnerError::Other(e.to_string().into())));
-                    return;
+            // 1. Start the inference backend: either spawn a vLLM subprocess,
+            //    or (when configured external) connect to an already-running
+            //    OpenAI-compatible server at host:port (cli-bridge, llama.cpp,
+            //    …) — the latter needs no GPU and is used for local e2e.
+            let vllm_handle = if config.vllm.external {
+                tracing::info!(
+                    host = %config.vllm.host,
+                    port = config.vllm.port,
+                    "connecting to external OpenAI-compatible backend (no subprocess)"
+                );
+                match VllmProcess::connect(config.clone()) {
+                    Ok(h) => Arc::new(h),
+                    Err(e) => {
+                        tracing::error!(error = %e, "failed to connect to external backend");
+                        let _ = tx.send(Err(RunnerError::Other(e.to_string().into())));
+                        return;
+                    }
+                }
+            } else {
+                match VllmProcess::spawn(config.clone()).await {
+                    Ok(h) => Arc::new(h),
+                    Err(e) => {
+                        tracing::error!(error = %e, "failed to spawn vLLM");
+                        let _ = tx.send(Err(RunnerError::Other(e.to_string().into())));
+                        return;
+                    }
                 }
             };
 
-            tracing::info!("vLLM process started, waiting for readiness");
+            tracing::info!("inference backend started, waiting for readiness");
             if let Err(e) = vllm_handle.wait_ready().await {
                 tracing::error!(error = %e, "vLLM failed to become ready");
                 let _ = tx.send(Err(RunnerError::Other(e.to_string().into())));
@@ -310,6 +329,15 @@ impl BackgroundService for InferenceServer {
                 }
 
                 if !vllm_handle.is_healthy().await {
+                    // An external backend isn't managed by the operator, so we
+                    // can't respawn it — just warn and keep serving (it may
+                    // recover on its own).
+                    if config.vllm.external {
+                        tracing::warn!(
+                            "external inference backend health check failed — not operator-managed, will retry"
+                        );
+                        continue;
+                    }
                     tracing::error!("vLLM health check failed — attempting respawn");
 
                     // Shut down the old process

operator/src/server.rs

@@ -679,6 +679,10 @@ async fn operator_info(State(state): State<AppState>) -> Json<serde_json::Value>
         },
         "billing_required": state.billing_config.billing_required,
         "payment_token": state.billing_config.payment_token_address,
+        // Payment surface, so clients can self-configure the ShieldedCredits
+        // EIP-712 domain (verifyingContract + chainId) with no hardcoding.
+        "shielded_credits": state.tangle_config.shielded_credits,
+        "chain_id": state.tangle_config.chain_id,
     }))
 }
 

sdk/scripts/http-e2e.mjs

@@ -0,0 +1,88 @@
+// Full-path HTTP e2e: the viem SDK signs a SpendAuth and calls a running
+// operator (operator-lite) which validates it (EIP-712 recover + on-chain
+// getAccount balance/key check) and proxies the completion to its backend
+// (cli-bridge → a real local coding harness). Proves the entire billed
+// inference path end to end. Reads ../../.env.local; operator at OPERATOR_API.
+//
+//   OPERATOR_API=http://127.0.0.1:9100 node sdk/scripts/http-e2e.mjs
+
+import { readFileSync } from 'node:fs'
+import { fileURLToPath } from 'node:url'
+import { dirname, resolve } from 'node:path'
+import { createPublicClient, http, getAddress } from 'viem'
+
+import {
+  createInferenceClient,
+  createLocalSpendSigner,
+} from '../dist/index.js'
+
+const here = dirname(fileURLToPath(import.meta.url))
+const env = Object.fromEntries(
+  readFileSync(resolve(here, '../../.env.local'), 'utf8')
+    .split('\n')
+    .map((l) => l.match(/^([A-Z0-9_]+)=(.*)$/))
+    .filter(Boolean)
+    .map((m) => [m[1], m[2].trim()]),
+)
+
+const OPERATOR_API = process.env.OPERATOR_API ?? 'http://127.0.0.1:9100'
+const CHAIN_ID = Number(env.CHAIN_ID ?? '31337')
+
+let failed = 0
+const assert = (cond, desc, detail = '') =>
+  cond
+    ? console.log(`  PASS ${desc}`)
+    : (failed++, console.error(`  FAIL ${desc} ${detail}`))
+
+const chain = {
+  id: CHAIN_ID,
+  name: 'anvil',
+  nativeCurrency: { name: 'Ether', symbol: 'ETH', decimals: 18 },
+  rpcUrls: { default: { http: [env.RPC_URL] } },
+}
+const publicClient = createPublicClient({ chain, transport: http(env.RPC_URL) })
+
+const client = createInferenceClient({
+  operatorUrl: OPERATOR_API,
+  shieldedCreditsAddress: getAddress(env.SHIELDED_CREDITS),
+  chainId: CHAIN_ID,
+  commitment: env.COMMITMENT,
+  serviceId: 1n,
+  operatorAddress: getAddress(env.OPERATOR_ADDR),
+  signer: createLocalSpendSigner(env.USER_KEY),
+  model: 'claude-code/sonnet',
+  pricePerInputToken: 1n,
+  pricePerOutputToken: 2n,
+})
+
+async function main() {
+  console.log(`[http-e2e] operator=${OPERATOR_API} chain=${CHAIN_ID}`)
+
+  const nonce = await client.syncNonce(publicClient)
+  console.log(`[http-e2e] synced spend nonce=${nonce}`)
+
+  console.log('[http-e2e] sending SpendAuth-gated chat (real backend, may take a while)…')
+  const res = await client.chat(
+    [{ role: 'user', content: 'Reply with exactly one word: hello' }],
+    { maxTokens: 64 },
+  )
+
+  const content = res?.choices?.[0]?.message?.content ?? ''
+  console.log(`[http-e2e] model=${res?.model} content=${JSON.stringify(content)}`)
+  console.log(`[http-e2e] usage=${JSON.stringify(res?.usage)}`)
+
+  assert(typeof content === 'string' && content.length > 0, 'completion has content')
+  assert((res?.usage?.total_tokens ?? 0) > 0, 'usage reports tokens', `usage=${JSON.stringify(res?.usage)}`)
+
+  // The operator consumed the SpendAuth → on-chain nonce advanced.
+  const after = await client.syncNonce(publicClient)
+  assert(after === nonce + 1n, 'on-chain spend nonce advanced after the request', `before=${nonce} after=${after}`)
+
+  console.log(failed === 0 ? '\n[http-e2e] ALL PASS' : `\n[http-e2e] ${failed} FAILED`)
+  process.exit(failed === 0 ? 0 : 1)
+}
+
+main().catch((err) => {
+  console.error('[http-e2e] error:', err?.message ?? err)
+  process.exit(1)
+})

sdk/scripts/local-onchain-proof.sh

@@ -0,0 +1,68 @@
+#!/usr/bin/env bash
+# Deploy the real ShieldedCredits + a mock token against a running anvil, fund a
+# credit account, then run the viem SDK on-chain proof (onchain-e2e.mjs).
+#
+# Prereqs: anvil already running at $RPC_URL (chain 31337); foundry; node.
+#   GATEWAY_DIR defaults to ~/code/shielded-payment-gateway (home of
+#   ShieldedCredits.sol + test/MockERC20.sol).
+#
+#   RPC_URL=http://127.0.0.1:8645 bash sdk/scripts/local-onchain-proof.sh
+set -uo pipefail
+
+RPC_URL="${RPC_URL:-http://127.0.0.1:8645}"
+CHAIN_ID="${CHAIN_ID:-31337}"
+GATEWAY_DIR="${GATEWAY_DIR:-$HOME/code/shielded-payment-gateway}"
+SDK_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+ENV_OUT="$(cd "$SDK_DIR/.." && pwd)/.env.local"
+
+# anvil default accounts
+DEPLOYER_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
+OPERATOR_ADDR=0x70997970C51812dc3A010C7d01b50e0d17dc79C8
+USER_KEY=0x8b3a350cf5c34c9194ca85829a2df0ec3153be0318b5e2d3348e872092edffba
+USER_ADDR=0x9965507D1a55bcC2695C58ba16FB37d819B0A4dc   # == address(USER_KEY) == spendingKey
+FUND_AMOUNT=1000000000000000000000                      # 1000 tokens
+
+addr_from() { echo "$1" | grep -i "Deployed to:" | awk '{print $3}'; }
+
+echo "[proof] deploying MockERC20 + ShieldedCredits from $GATEWAY_DIR against $RPC_URL"
+cd "$GATEWAY_DIR"
+
+TOKEN=$(addr_from "$(forge create test/MockERC20.sol:MockERC20 \
+  --rpc-url "$RPC_URL" --private-key "$DEPLOYER_KEY" --root "$GATEWAY_DIR" --broadcast 2>&1)")
+[ -n "$TOKEN" ] || { echo "ERROR: MockERC20 deploy failed"; exit 1; }
+echo "[proof] token=$TOKEN"
+
+CREDITS=$(addr_from "$(forge create src/shielded/ShieldedCredits.sol:ShieldedCredits \
+  --rpc-url "$RPC_URL" --private-key "$DEPLOYER_KEY" --root "$GATEWAY_DIR" --broadcast 2>&1)")
+[ -n "$CREDITS" ] || { echo "ERROR: ShieldedCredits deploy failed"; exit 1; }
+echo "[proof] shielded_credits=$CREDITS"
+
+COMMITMENT=$(cast keccak "$(cast abi-encode 'f(address,bytes32)' "$USER_ADDR" \
+  0x1111111111111111111111111111111111111111111111111111111111111111)")
+echo "[proof] commitment=$COMMITMENT"
+
+echo "[proof] mint + approve + fundCredits (spendingKey=$USER_ADDR)"
+cast send "$TOKEN" "mint(address,uint256)" "$USER_ADDR" "$FUND_AMOUNT" \
+  --rpc-url "$RPC_URL" --private-key "$DEPLOYER_KEY" >/dev/null || exit 1
+cast send "$TOKEN" "approve(address,uint256)" "$CREDITS" "$FUND_AMOUNT" \
+  --rpc-url "$RPC_URL" --private-key "$USER_KEY" >/dev/null || exit 1
+cast send "$CREDITS" "fundCredits(address,uint256,bytes32,address)" \
+  "$TOKEN" "$FUND_AMOUNT" "$COMMITMENT" "$USER_ADDR" \
+  --rpc-url "$RPC_URL" --private-key "$USER_KEY" >/dev/null || exit 1
+
+cat > "$ENV_OUT" <<EOF
+RPC_URL=$RPC_URL
+CHAIN_ID=$CHAIN_ID
+SHIELDED_CREDITS=$CREDITS
+TOKEN_ADDR=$TOKEN
+OPERATOR_ADDR=$OPERATOR_ADDR
+DEPLOYER_KEY=$DEPLOYER_KEY
+USER_KEY=$USER_KEY
+SPENDING_KEY=$USER_ADDR
+COMMITMENT=$COMMITMENT
+CREDIT_FUND_AMOUNT=$FUND_AMOUNT
+EOF
+echo "[proof] wrote $ENV_OUT"
+
+echo "[proof] === running SDK on-chain e2e ==="
+node "$SDK_DIR/scripts/onchain-e2e.mjs"