New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

difcli

Package Overview
Dependencies
Maintainers
1
Versions
16
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

difcli

CLI tool for Diffuse Prime

latest
Source
npmnpm
Version
0.0.17
Version published
Maintainers
1
Created
Source

Prime CLI

A CLI tool for Diffuse Prime built with TypeScript and viem.

Installation

npm install -g difcli
# or
npx difcli

Usage

Main Commands

difcli --help          # Show help
difcli --version       # Show version

Wallet Commands

Set Private Key

difcli wallet set-private-key 0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80

Show Wallet Information

difcli wallet show

Displays wallet address and type.

Remove Wallet

difcli wallet remove

Removes the stored private key from local storage.

Balance Command

Show Balance

difcli balance

Displays wallet balance in native BERA tokens and configured token contract balance.

Contracts Command

Display Contract Addresses

difcli contracts

Displays all configured contract addresses including RPC endpoint, vault contract, and token contract.

Token Commands

Mint Tokens

difcli token mint <amount>

Mints the specified amount of tokens to the configured wallet. Amount is in token units (will be multiplied by 1e18 for the transaction).

Burn Tokens

difcli token burn <amount>

Burns the specified amount of tokens from the configured wallet. Amount is in token units (will be multiplied by 1e18 for the transaction).

Both commands will:

  • Display transaction hash
  • Wait for transaction confirmation
  • Show success/failure status
  • Display gas usage information

Lender Commands

Deposit Tokens

difcli lender deposit <amount>

Deposits tokens into the vault as a lender. Amount is in token units (will be multiplied by 1e18 for the transaction).

The command will:

  • Check token balance to ensure sufficient funds
  • Check token allowance for the vault contract
  • Approve tokens if allowance is insufficient
  • Execute deposit transaction to vault contract
  • Display transaction hashes and confirmation status
  • Show gas usage information

Validation: Command will fail with clear error message if token balance is insufficient.

Withdraw Tokens

difcli lender withdraw <amount>

Withdraws tokens from the vault as a lender. Amount is in token units (will be multiplied by 1e18 for the transaction).

The command will:

  • Check maximum withdrawable amount from vault
  • Execute withdraw transaction from vault contract (if sufficient balance)
  • Display transaction hash and confirmation status
  • Show gas usage information

Note: Both receiver and owner addresses are set to the configured wallet address.

Validation: Command will fail with clear error message if requested amount exceeds maximum withdrawable balance.

Borrower Commands

Activate a pending position (unsafe SGX bypass)

difcli borrower activate <positionId>

Calls sgxActivateBorrowerPosition(positionId, liquidationPrice=getBorrowerPosition(id).liquidationPrice, blocksAndHashes=[], proof=0x, data) and simulates first.

⚠️ Warning: this only works on vaults where SGX proof checks are disabled. On normal vaults it will revert.

For Aegis strategies, the CLI will auto-fetch data via Prime API POST /mint (slippage is entered interactively).

Exit (unborrow) a position

difcli borrower exit <positionId>

Runs an eth_call simulation of unborrow and then submits the transaction.

If the preview shows Finished in one tx: No (async), the exit is intercepted by an async adapter and will require one or more follow-up calls:

  • Use difcli borrower exit-status <positionId> to see the intercepted adapter.
  • Use difcli borrower exit-continue <positionId> to continue until finished.

Check async-exit status

difcli borrower exit-status <positionId>

Shows hasUnfinishedSwap + getUnfinishedSwap (intercepted adapter + hop index best-effort).

Continue an unfinished async exit

difcli borrower exit-continue <positionId>

Notes:

  • The CLI derives per-hop minAssetsOut from an eth_call simulation (returnedPerHop) and applies slippage per hop. Hops that output 0 keep minOut=0 automatically (required for unfinished async hops).
  • Aegis async redeem is supported automatically if the intercepted adapter matches the expected interface (instanceLocked/getInfoForPosition), and will call Prime API POST /redeem to obtain encodedData.

Environment variables:

  • PRIME_API_BASE_URL (default https://api.prime.diffuse.fi)

Aegis enter (mint yUSD) — preview integration

For strategies with Aegis in the strategy name, previewBorrow(..., data) requires Prime API POST /mint encodedData (used by AegisMintAdapter).

collateral_amount sent to /mint should match the exact amountIn that will go into AegisMintAdapter.buy(...):

  • collateralType=OriginalAsset: collateralAmount + assetsToBorrow
  • collateralType=StrategyAsset: assetsToBorrow

In this CLI, this currently affects preview/simulation only (because borrowRequest(...) does not take a data argument). When you run difcli borrower preview or difcli borrower request, the CLI will auto-call /mint for Aegis strategies to make preview work.

Environment variables (mint):

  • PRIME_API_BASE_URL (default https://api.prime.diffuse.fi) Slippage for Prime API (/mint and /redeem) is entered interactively as percent when needed.

Vault Commands

Set Vault Address

difcli vault set <chain> <address>

Sets a custom vault contract address for a specific chain.

difcli vault set berachain 0x1234567890123456789012345678901234567890

Show Vault Addresses

difcli vault show

Displays current vault addresses for all chains, showing both default and custom addresses.

Reset Vault Address

difcli vault reset <chain>

Resets the vault address for a specific chain back to the default.

difcli vault reset berachain

Note: Custom vault addresses are stored per chain and persist across sessions.

Vault Status

difcli lender status

Displays comprehensive vault status and lender-specific information:

Vault Statistics:

  • Total assets in vault
  • Assets currently utilized
  • Base asset deficit

Lender Information:

  • Maximum withdrawable amount
  • Current vault balance (shares)
  • Accrued yield information

Vault Status:

  • Pause status and reason (if paused)

Security

⚠️ WARNING: This CLI tool stores private keys locally with encryption. While the keys are encrypted, this is NOT suitable for production use with real funds.

For production use:

  • Use hardware wallets
  • Implement proper key management systems
  • Never store private keys on disk

The current implementation uses a default encryption key. For better security, consider:

  • User-provided passwords for encryption
  • Hardware security modules
  • Secure key vaults

Development

# Install dependencies
npm install

# Build the project
npm run build

# Run in development mode
npm run dev

# Test locally
node dist/index.js [command]
# or
npx difcli [command]

Dependencies

  • viem - Ethereum library for TypeScript
  • commander - CLI framework
  • crypto-js - Encryption utilities
  • chalk - Terminal styling

License

MIT

Keywords

cli
crypto
viem
blockchain
ethereum
wallet

FAQs

Package last updated on 09 Jan 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Security News

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.

By Sarah Gooding  -  Apr 02, 2026