Skip to main content
The Prometheus Protocol provides two primary command-line tools for interacting with the ecosystem: the App Store CLI for managing the full application lifecycle, and the Auth CLI for managing OAuth client registration.

The App Store CLI

The official CLI for developers, auditors, and community members. It handles everything from submitting an app for verification to performing audits and finalizing governance votes.

Usage

The way you invoke the CLI depends on your role:
  • For Developers
  • For Auditors & Community Members
The CLI is included in projects created with create-motoko-mcp-server. You interact with it via npm run scripts. Note the required -- to pass arguments.
npm run app-store -- <command> [options]

Developer Commands

Commands for managing the application lifecycle from within your project.

init

Initializes a new prometheus.yml configuration file in the current directory. This file contains the metadata for your service. 
npm run app-store init -y

status

Checks the current verification status of your application (e.g., Pending, Auditing, Verified, Rejected). 
npm run app-store status

publish

Publishes a new, verified version of your application to the App Store, making it visible to end-users. 
npm run app-store publish 1.0.0

Auditor & Bounty Commands

Commands for discovering, auditing, and claiming rewards.

bounty list

Lists all available bounties on the network, showing their status (Open, Reserved, or Claimed). 
npx @prometheus-protocol/app-store-cli bounty list

bounty reserve <bounty-id>

Reserves an open bounty by staking your reputation tokens. This grants you an exclusive lock to perform the audit. 
npx @prometheus-protocol/app-store-cli bounty reserve <bounty-id>

bounty create

Creates a new bounty to incentivize a specific audit for a WASM. 
npx @prometheus-protocol/app-store-cli bounty create <amount> <token-canister-id> --wasm-id <id> --audit-type <type>

bounty claim <bounty-id>

Claims the reward for a reserved bounty after your corresponding attestation has been successfully submitted and approved. 
npx @prometheus-protocol/app-store-cli bounty claim <bounty-id>

attest generate

Generates a template YAML file for a specific audit type (e.g., security_v1). 
npx @prometheus-protocol/app-store-cli attest generate --type security_v1

attest submit <file>

Submits a completed attestation file for a bounty you have reserved. 
npx @prometheus-protocol/app-store-cli attest submit attestation.yml --bounty-id <bounty_id>

The Auth CLI

This tool manages your service’s registration with the Prometheus OAuth provider. It is typically used via npm run scripts from within a service developer’s project.

register

Interactively registers your service as a new OAuth client. It saves the output to .auth_client.json. 
npm run auth register

update

Interactively updates an existing OAuth client registration. This is commonly used to change the redirect URI when moving from a local to a production environment. 
npm run auth update

list

Lists all resource servers (OAuth clients) registered by your current identity. 
npm run auth list

delete

Deletes an existing resource server registration. 
npm run auth delete
I