Conversation
gabririgo
commented
Apr 21, 2026
gabririgo
commented
- refactor schema
- auth improvements
- refactor schema - auth improvements
There was a problem hiding this comment.
Pull request overview
This PR updates the LLM/tool orchestration flow and request gating to better separate “reasoning” vs “tool execution”, while also expanding agent-discovery endpoints and aligning SDK/types for new routing modes.
Changes:
- Add DeepSeek→Llama dual-model routing (plus new
llama_onlymode), improved streaming behavior, and stricter browser vs agent tool gating. - Improve swap quoting/building robustness (0x taker fallback, gas-estimation fallbacks, NAV precheck warning behavior).
- Add agent discovery endpoints/headers + new skill doc, and update x402 route metadata.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
| src/types.ts | Adds ASSETS binding and isBrowserRequest; extends routingMode union. |
| src/services/zeroXTrading.ts | Avoids invalid 0x taker (zero-address) for quote-only flows. |
| src/routes/chat.ts | Passes isBrowserRequest into request context; adjusts SSE event emission. |
| src/middleware/x402.ts | Updates protected route metadata; adds extra diagnostic logging on payments. |
| src/llm/client.ts | Implements DeepSeek-first reasoning + Llama tool execution; adds vault-tx gating; defaults swaps to 0x; improves error extraction. |
| src/index.ts | Adds /api discovery 402 response and homepage Link headers; adds well-known discovery endpoints. |
| sdk/src/types.ts | Extends SDK routingMode types to include llama_only. |
| scripts/trigger-bazaar.ts | Updates bazaar trigger timings and tool arguments format. |
| public/rigoblock-skill/SKILL.md | Adds a comprehensive external-agent skill doc. |
| public/openapi.json | Updates OpenAPI descriptions/paths (but currently contains corrupted/placeholder content). |
| public/index.html | UI streaming fixes + per-address auth caching + WebMCP tool registration. |
| public/_headers | Adds Link header for discovery on /. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 16 out of 16 changed files in this pull request and generated 6 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 16 out of 16 changed files in this pull request and generated 11 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 2 comments.
Comments suppressed due to low confidence (1)
src/middleware/x402.ts:266
- The payment-exemption logic grants free access based solely on
Origin/Referer. Any non-browser client can forge these headers and bypass x402 payment for protected routes. If the intent is to exempt only your own frontend, consider requiring an additional server-issued proof (e.g. an HttpOnly cookie / signed token set by the Worker) or removing the exemption for non-authenticated requests in production.
// Exempt own-frontend requests from payment
server.onProtectedRequest(async (ctx) => {
const adapter = ctx.adapter;
const origin = adapter.getHeader("origin");
if (origin && EXEMPT_ORIGINS.has(origin)) {
return { grantAccess: true };
}
const referer = adapter.getHeader("referer");
if (referer) {
for (const o of EXEMPT_ORIGINS) {
if (referer.startsWith(o)) {
return { grantAccess: true };
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 18 out of 18 changed files in this pull request and generated 8 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 20 out of 21 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 21 out of 22 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
