feat(sdk): add timestamps, pagination improvements, and dashboard cleanup

SDK:
- Add approximate createdAt timestamps to parsed attestations
- Redesign listAllAgents: 0-based offset, newest-first default, returns totalAgents
- Add buildFeedbackContent(), hexToBytes(), bytesToHex() helpers
- Add reputationScoreSchema/credential typed getters
- Extend FeedbackContent with reviewer, feedbackURI, feedbackHash fields

Dashboard:
- Replace raw RPC calls with SDK methods (getCurrentSlot, listAllAgents)
- Remove duplicated hex utils, use SDK exports
- Fix stale module-level config in VerifiedFeedbackDialog
- Add localStorage query cache persistence with BigInt deserialization
- Sort feedbacks/validations newest-first
- Use counterparty filter server-side instead of client-side
- Use typed FeedbackContent instead of Record<string, unknown> casts
- Consolidate Sati client creation in worker

Author: tenequm

apps/dashboard/package.json

@@ -36,7 +36,9 @@
     "@solana/kit": "^5.1.0",
     "@solana/react-hooks": "^1.1.1",
     "@tailwindcss/vite": "^4.1.17",
+    "@tanstack/query-async-storage-persister": "^5.90.22",
     "@tanstack/react-query": "^5.90.11",
+    "@tanstack/react-query-persist-client": "^5.90.22",
     "@x402/core": "^2.2.0",
     "@x402/fetch": "^2.2.0",
     "@x402/hono": "^2.2.0",

apps/dashboard/src/react-app/components/VerifiedFeedbackDialog.tsx

@@ -16,13 +16,15 @@ import { toast } from "sonner";
 import type { Address } from "@solana/kit";
 import {
   type Outcome,
-  loadDeployedConfig,
   MAX_COUNTERPARTY_SIGNED_CONTENT_SIZE,
   buildCounterpartyMessage,
   serializeFeedback,
   type FeedbackData,
   handleTransactionError,
+  hexToBytes,
+  bytesToHex,
 } from "@cascade-fyi/sati-sdk";
+import { getSatiClient } from "@/lib/sati";
 import { getChain, getNetwork, getSolscanUrl, getRpcUrl } from "@/lib/network";
 import { createPaymentFetch } from "@/lib/x402";
 
@@ -40,9 +42,10 @@ import { Label } from "@/components/ui/label";
 import { Textarea } from "@/components/ui/textarea";
 import { Loader2, CheckCircle2 } from "lucide-react";
 
-// Get deployed Feedback schema address (DualSignature mode)
-const deployedConfig = loadDeployedConfig(getNetwork());
-const FEEDBACK_SCHEMA_ADDRESS = deployedConfig?.schemas?.feedback as Address | undefined;
+// Get deployed Feedback schema address (DualSignature mode) - fetched fresh from client
+function getFeedbackSchemaAddress(): Address | undefined {
+  return getSatiClient().feedbackSchema;
+}
 
 // Pre-filled agent signature data (for skipping Step 1)
 interface PrefilledSignatureData {
@@ -107,25 +110,6 @@ interface SubmitFeedbackResponse {
   error?: string;
 }
 
-// Hex helpers
-function bytesToHex(bytes: Uint8Array): string {
-  return Array.from(bytes)
-    .map((b) => b.toString(16).padStart(2, "0"))
-    .join("");
-}
-
-function hexToBytes(hex: string): Uint8Array {
-  const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
-  if (!/^[0-9a-fA-F]*$/.test(cleanHex) || cleanHex.length % 2 !== 0) {
-    throw new Error(`Invalid hex string: ${hex.slice(0, 20)}${hex.length > 20 ? "..." : ""}`);
-  }
-  const bytes = new Uint8Array(cleanHex.length / 2);
-  for (let i = 0; i < bytes.length; i++) {
-    bytes[i] = parseInt(cleanHex.slice(i * 2, i * 2 + 2), 16);
-  }
-  return bytes;
-}
-
 // Agent signature data from Step 1
 interface AgentSignatureData {
   taskRef: string; // hex
@@ -199,7 +183,8 @@ export function VerifiedFeedbackDialog({
   // Step 1: Interact - Pay and get agent's blind signature
   // ==========================================================================
   const handleInteract = async () => {
-    if (!session || !FEEDBACK_SCHEMA_ADDRESS) return;
+    const feedbackSchema = getFeedbackSchemaAddress();
+    if (!session || !feedbackSchema) return;
     setIsInteracting(true);
 
     const toastId = toast.loading("Preparing interaction...");
@@ -225,7 +210,7 @@ export function VerifiedFeedbackDialog({
 
       // Call /api/echo with x402 payment - agent signs WITHOUT knowing outcome
       const echoRequest: EchoRequest = {
-        sasSchema: FEEDBACK_SCHEMA_ADDRESS,
+        sasSchema: feedbackSchema,
         taskRef,
         agentMint,
         dataHash,
@@ -270,7 +255,8 @@ export function VerifiedFeedbackDialog({
   // ==========================================================================
   const submitMutation = useMutation({
     mutationFn: async (selectedOutcome: Outcome) => {
-      if (!session || !agentSignatureData || !FEEDBACK_SCHEMA_ADDRESS) {
+      const feedbackSchema = getFeedbackSchemaAddress();
+      if (!session || !agentSignatureData || !feedbackSchema) {
         throw new Error("Missing required data");
       }
 
@@ -323,7 +309,7 @@ export function VerifiedFeedbackDialog({
 
         const submitRequest: SubmitFeedbackRequest = {
           network: getNetwork(),
-          sasSchema: FEEDBACK_SCHEMA_ADDRESS,
+          sasSchema: feedbackSchema,
           taskRef: agentSignatureData.taskRef,
           agentMint,
           dataHash: agentSignatureData.dataHash,
@@ -462,7 +448,7 @@ export function VerifiedFeedbackDialog({
 
             <Button
               onClick={handleInteract}
-              disabled={!session || isInteracting || !FEEDBACK_SCHEMA_ADDRESS}
+              disabled={!session || isInteracting || !getFeedbackSchemaAddress()}
               className="w-full"
               size="lg"
             >

apps/dashboard/src/react-app/lib/sati.ts

@@ -7,7 +7,6 @@
 
 import {
   Sati,
-  SATI_PROGRAM_ADDRESS,
   type AgentIdentity,
   type ParsedAttestation,
   type ParsedValidationAttestation,
@@ -134,6 +133,11 @@ export function getFeedbackSchemaType(feedback: ParsedFeedback): FeedbackSchemaT
   return "unknown";
 }
 
+/** Sort attestations by createdAt descending (newest first) */
+function sortByCreatedAtDesc<T extends { createdAt?: number }>(items: T[]): T[] {
+  return items.sort((a, b) => (b.createdAt ?? 0) - (a.createdAt ?? 0));
+}
+
 /**
  * Parsed feedback from SDK - re-exported for convenience
  */
@@ -159,7 +163,7 @@ export async function listAgentFeedbacks(agentMint: Address): Promise<ParsedFeed
       allFeedbacks.push(...result.items);
     }
 
-    return allFeedbacks;
+    return sortByCreatedAtDesc(allFeedbacks);
   } catch (e) {
     console.error("Failed to list agent feedbacks:", e);
     return [];
@@ -179,7 +183,7 @@ export async function listAgentValidations(agentMint: Address): Promise<ParsedVa
 
   try {
     const result = await sati.listValidations({ sasSchema: validationSchema, agentMint });
-    return result.items;
+    return sortByCreatedAtDesc(result.items);
   } catch (e) {
     console.error("Failed to list agent validations:", e);
     return [];
@@ -207,7 +211,7 @@ export async function listAllFeedbacks(): Promise<ParsedFeedback[]> {
       allFeedbacks.push(...result.items);
     }
 
-    return allFeedbacks;
+    return sortByCreatedAtDesc(allFeedbacks);
   } catch (e) {
     console.error("Failed to list all feedbacks:", e);
     return [];
@@ -218,10 +222,18 @@ export async function listAllFeedbacks(): Promise<ParsedFeedback[]> {
  * List feedbacks submitted by a specific counterparty
  */
 export async function listFeedbacksByCounterparty(counterparty: Address): Promise<ParsedFeedback[]> {
-  // Counterparty is in the schema data, filter client-side
+  const sati = getSatiClient();
+  const { feedback, feedbackPublic } = getFeedbackSchemas();
+  const schemas = [feedback, feedbackPublic].filter(Boolean) as Address[];
+  if (schemas.length === 0) return [];
+
   try {
-    const allFeedbacks = await listAllFeedbacks();
-    return allFeedbacks.filter((f) => f.data.counterparty === counterparty);
+    const all: ParsedFeedback[] = [];
+    for (const sasSchema of schemas) {
+      const result = await sati.listFeedbacks({ sasSchema, counterparty });
+      all.push(...result.items);
+    }
+    return sortByCreatedAtDesc(all);
   } catch (e) {
     console.error("Failed to list feedbacks by counterparty:", e);
     return [];
@@ -295,44 +307,21 @@ export function formatSlotTime(slot: bigint, currentSlot: bigint): string {
  */
 export async function getCurrentSlot(): Promise<bigint> {
   try {
-    const rpcUrl = getCurrentRpcUrl();
-    const response = await fetch(rpcUrl, {
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({
-        jsonrpc: "2.0",
-        id: "get-slot",
-        method: "getSlot",
-        params: [{ commitment: "confirmed" }],
-      }),
-    });
-    const data = await response.json();
-    return BigInt(data.result ?? 0);
+    const sati = getSatiClient();
+    const rpc = sati.getRpc();
+    const slot = await rpc.getSlot({ commitment: "confirmed" }).send();
+    return slot;
   } catch {
     return 0n;
   }
 }
 
-/**
- * Get deployed reputation score schema address (always fresh for current network)
- */
-export function getReputationScoreSchema(): Address | undefined {
-  return getSatiClient().deployedConfig?.schemas?.reputationScore as Address | undefined;
-}
-
-/**
- * Get deployed SATI credential address (always fresh for current network)
- */
-export function getSatiCredential(): Address | undefined {
-  return getSatiClient().deployedConfig?.credential as Address | undefined;
-}
-
 /**
  * List reputation scores for a specific agent.
  */
 export async function listAgentReputationScores(agentMint: Address): Promise<ReputationScoreData[]> {
   const sati = getSatiClient();
-  const reputationSchema = getReputationScoreSchema();
+  const reputationSchema = sati.reputationScoreSchema;
 
   if (!reputationSchema) {
     return [];
@@ -349,121 +338,13 @@ export async function listAgentReputationScores(agentMint: Address): Promise<Rep
 // Re-export getSolscanUrl from network module
 export { getSolscanUrl } from "./network";
 
-/**
- * Helius getTransactionsForAddress response types
- */
-interface HeliusTransaction {
-  transaction: {
-    message: {
-      accountKeys: Array<{ pubkey: string; signer: boolean; writable: boolean } | string>;
-    };
-  };
-}
-
-interface HeliusResponse {
-  result?: {
-    data?: HeliusTransaction[];
-  };
-  error?: { message: string };
-}
-
 /**
  * List all agents registered in the SATI registry.
- *
- * Uses Helius getTransactionsForAddress to discover mints, then SDK's registry.load
- * for proper ownership resolution (owner = current token holder, not registrant).
+ * Uses SDK's AgentIndex-based enumeration for reliable discovery.
  */
 export async function listAllAgents(params?: { offset?: number; limit?: number }): Promise<ListAgentsResult> {
-  const { offset = 0, limit = 20 } = params ?? {};
-
   const sati = getSatiClient();
-  const rpcUrl = getCurrentRpcUrl();
-  const stats = await sati.getRegistryStats();
-  const groupMint = stats.groupMint;
-
-  try {
-    // Step 1: Discover mints via Helius getTransactionsForAddress
-    const response = await fetch(rpcUrl, {
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({
-        jsonrpc: "2.0",
-        id: "list-agents",
-        method: "getTransactionsForAddress",
-        params: [
-          SATI_PROGRAM_ADDRESS,
-          {
-            transactionDetails: "full",
-            encoding: "jsonParsed",
-            limit: 100,
-            sortOrder: "desc",
-            filters: { status: "succeeded" },
-          },
-        ],
-      }),
-    });
-
-    const data: HeliusResponse = await response.json();
-
-    if (data.error) {
-      console.warn("Helius getTransactionsForAddress error:", data.error.message);
-      return { agents: [], totalAgents: stats.totalAgents };
-    }
-
-    const transactions = data.result?.data ?? [];
-
-    if (transactions.length === 0) {
-      return { agents: [], totalAgents: stats.totalAgents };
-    }
-
-    // Step 2: Extract agent mints from registerAgent transactions
-    const agentMints: string[] = [];
-
-    for (const tx of transactions) {
-      if (!tx?.transaction?.message) continue;
-
-      const accounts = tx.transaction.message.accountKeys;
-      const pubkeys = accounts.map((acc) => (typeof acc === "object" && "pubkey" in acc ? acc.pubkey : String(acc)));
-
-      // Check if this transaction involves the group mint (indicates registerAgent)
-      if (!pubkeys.includes(groupMint)) continue;
-
-      // Find the agent mint - it's the second signer (first is payer)
-      const signerAccounts = accounts.filter((acc) => typeof acc === "object" && "signer" in acc && acc.signer);
-
-      if (signerAccounts.length >= 2) {
-        const agentMint =
-          typeof signerAccounts[1] === "object" && "pubkey" in signerAccounts[1] ? signerAccounts[1].pubkey : null;
-
-        // Skip if this is the groupMint itself (from initialize transaction)
-        if (agentMint && agentMint !== groupMint && !agentMints.includes(agentMint)) {
-          agentMints.push(agentMint);
-        }
-      }
-    }
-
-    if (agentMints.length === 0) {
-      return { agents: [], totalAgents: stats.totalAgents };
-    }
-
-    // Step 3: Apply pagination
-    const paginatedMints = agentMints.slice(offset, offset + limit);
-
-    // Step 4: Load agents via SDK (handles owner lookup correctly)
-    const agentPromises = paginatedMints.map((mint) => sati.loadAgent(mint as Address));
-    const loadedAgents = await Promise.all(agentPromises);
-
-    // Filter out nulls (failed loads)
-    const agents = loadedAgents.filter((agent): agent is AgentIdentity => agent !== null);
-
-    return {
-      agents,
-      totalAgents: stats.totalAgents,
-    };
-  } catch (error) {
-    console.warn("Failed to fetch agents:", error);
-    return { agents: [], totalAgents: stats.totalAgents };
-  }
+  return sati.listAllAgents(params);
 }
 
 /**