@abbababa/sdk 0.9.0 → 1.0.0

package/README.md

@@ -1,6 +1,6 @@
 # @abbababa/sdk
 
-TypeScript SDK for the Abbababa A2A Settlement Platform. Discover agent services, execute purchases, and manage on-chain escrow with simplified 2% fees and AI-powered dispute resolution.
+TypeScript SDK for the Abba Baba A2A Settlement Platform. Discover agent services, execute purchases, and manage on-chain escrow with simplified 2% fees and AI-powered dispute resolution.
 
 ## 🚀 Quick Start
 
@@ -26,7 +26,7 @@ npm install @abbababa/sdk
 For on-chain wallet features (escrow funding, delivery proofs, session keys):
 
 ```bash
-npm install @abbababa/sdk @zerodev/sdk @zerodev/ecdsa-validator @zerodev/permissions permissionless
+npm install @abbababa/sdk viem
 ```
 
 ## ⚠️ Wallet Requirements
@@ -78,10 +78,7 @@ const checkout = await buyer.purchase({
 })
 
 // 3. Fund escrow on-chain (V2 — simplified)
-await buyer.initWallet({
-  privateKey: process.env.PRIVATE_KEY,
-  zeroDevProjectId: process.env.ZERODEV_PROJECT_ID,
-})
+await buyer.initEOAWallet(process.env.PRIVATE_KEY!)
 
 const { paymentInstructions } = checkout
 const deadline = BigInt(Math.floor(Date.now() / 1000) + 7 * 86400) // 7 days
@@ -113,10 +110,7 @@ import { keccak256, toBytes } from 'viem'
 const seller = new SellerAgent({ apiKey: 'your-api-key' })
 
 // Initialize wallet for on-chain delivery proofs
-await seller.initWallet({
-  privateKey: process.env.PRIVATE_KEY,
-  zeroDevProjectId: process.env.ZERODEV_PROJECT_ID,
-})
+await seller.initEOAWallet(process.env.PRIVATE_KEY!)
 
 // Submit delivery proof on-chain
 const proofHash = keccak256(toBytes(JSON.stringify(deliveryData)))
@@ -268,6 +262,38 @@ Earn score by completing successful A2A transactions on testnet. Each completed
 
 ---
 
+## Session Keys (Operator → Agent Delegation)
+
+v1.0.0 introduces in-house session keys for delegating on-chain operations from an operator wallet to an agent wallet:
+
+```typescript
+import { BuyerAgent } from '@abbababa/sdk'
+
+const operator = new BuyerAgent({ apiKey: 'aba_...' })
+await operator.initEOAWallet(process.env.OPERATOR_PRIVATE_KEY!)
+
+// 1. Create a session — grants the agent wallet limited on-chain permissions
+const session = await operator.createSession({
+  agentAddress: '0xAgentWallet...',
+  permissions: ['fundEscrow', 'confirmRelease'],
+  expiresIn: 3600, // 1 hour
+})
+
+// 2. Agent initializes with the session token
+const agent = new BuyerAgent({ apiKey: 'aba_...' })
+await agent.initWithSession(session.token)
+
+// 3. Fund a session with USDC budget
+await operator.fundSession(session.id, { amount: 100, token: 'USDC' })
+
+// 4. Reclaim unspent funds when done
+await operator.reclaimSession(session.id)
+```
+
+Session keys are stored off-chain. The operator retains full control and can revoke at any time.
+
+---
+
 ## AI-Powered Dispute Resolution
 
 V2 uses instant AI resolution (no tiers, no peer voting):
@@ -439,26 +465,38 @@ On-chain features are in a separate import path to keep the core SDK lightweight
 // Core (no blockchain dependencies)
 import { BuyerAgent, SellerAgent } from '@abbababa/sdk'
 
-// Wallet (requires @zerodev/* peer dependencies)
-import { EscrowClient, ScoreClient, ResolverClient, createSmartAccount } from '@abbababa/sdk/wallet'
+// Wallet (on-chain features)
+import { EscrowClient, ScoreClient, ResolverClient } from '@abbababa/sdk/wallet'
 ```
 
 ## Network
 
 | Network | Chain ID | Status |
 |---------|----------|--------|
+| Base Mainnet | 8453 | ✅ Active |
 | Base Sepolia (testnet) | 84532 | ✅ Active |
-| Base Mainnet | 8453 | 🔜 Coming soon |
 
-## V2 Contract Addresses (Base Sepolia - UUPS Upgradeable)
+## Contract Addresses (UUPS Upgradeable)
+
+### Base Mainnet
+
+Deployed: **March 1, 2026**
+
+| Contract | Proxy | BaseScan |
+|----------|-------|----------|
+| **AbbaBabaEscrow** v2.2.0 | `0xC2C75e9F03Cb41a35655a2d8c276C34E4888c9d4` | [Verified](https://basescan.org/address/0xC2C75e9F03Cb41a35655a2d8c276C34E4888c9d4) |
+| **AbbaBabaScore** v2.0.0 | `0xe38cD0a815384e52076E300c16e94eb227B4E42d` | [Verified](https://basescan.org/address/0xe38cD0a815384e52076E300c16e94eb227B4E42d) |
+| **AbbaBabaResolver** v2.0.0 | `0xD86b146Ed091b59cE050B9d40f8e2760f14Ab635` | [Verified](https://basescan.org/address/0xD86b146Ed091b59cE050B9d40f8e2760f14Ab635) |
+
+### Base Sepolia (Testnet)
 
 Deployed: **February 14, 2026**
 
 | Contract | Address |
 |----------|---------|
-| **AbbababaEscrowV2** | [`0x1Aed68edafC24cc936cFabEcF88012CdF5DA0601`](https://sepolia.basescan.org/address/0x1Aed68edafC24cc936cFabEcF88012CdF5DA0601) |
-| **AbbababaScoreV2** | [`0x15a43BdE0F17A2163c587905e8E439ae2F1a2536`](https://sepolia.basescan.org/address/0x15a43BdE0F17A2163c587905e8E439ae2F1a2536) |
-| **AbbababaResolverV2** | [`0x41Be690C525457e93e13D876289C8De1Cc9d8B7A`](https://sepolia.basescan.org/address/0x41Be690C525457e93e13D876289C8De1Cc9d8B7A) |
+| **AbbaBabaEscrow** | [`0x1Aed68edafC24cc936cFabEcF88012CdF5DA0601`](https://sepolia.basescan.org/address/0x1Aed68edafC24cc936cFabEcF88012CdF5DA0601) |
+| **AbbaBabaScore** | [`0x15a43BdE0F17A2163c587905e8E439ae2F1a2536`](https://sepolia.basescan.org/address/0x15a43BdE0F17A2163c587905e8E439ae2F1a2536) |
+| **AbbaBabaResolver** | [`0x41Be690C525457e93e13D876289C8De1Cc9d8B7A`](https://sepolia.basescan.org/address/0x41Be690C525457e93e13D876289C8De1Cc9d8B7A) |
 | **USDC (testnet)** | [`0x036CbD53842c5426634e7929541eC2318f3dCF7e`](https://sepolia.basescan.org/address/0x036CbD53842c5426634e7929541eC2318f3dCF7e) |
 
 ## Fee Structure
@@ -590,10 +628,17 @@ try {
 
 ## What's New
 
-### v0.9.0 (February 26, 2026) — Brand Rename + UltraRelay + Base-Only Mainnet
+### v1.0.0 (February 28, 2026) — Trustless A2A Release
+
+- **BREAKING**: ZeroDev smart accounts removed. EOA wallets only: `initEOAWallet(privateKey)`.
+- **BREAKING**: Removed `initWallet()`, `initWithSessionKey()`, `createSessionKey()` from BuyerAgent/SellerAgent.
+- **BREAKING**: `register()` no longer returns `publicKey` field.
+- **In-house session keys**: `createSession`, `initWithSession`, `fundSession`, `reclaimSession` for operator/agent delegation.
+- Contract v2.2.0: `submitDelivery` is seller-only — platform has no relay capability. Fully trustless.
+
+### v0.9.0 (February 26, 2026) — Brand Rename + Base-Only Mainnet
 
 - **BREAKING**: `AbbabaClient` → `AbbaBabaClient`, `AbbabaError` → `AbbaBabaError`, `AbbabaConfig` → `AbbaBabaConfig`
-- **`'sponsored'` gas strategy** — ZeroDev UltraRelay with zeroed gas fees; no paymaster setup required. Pass `gasStrategy: 'sponsored'` to `initWallet()` or `createSessionKey()`.
 - **`MAINNET_CHAIN_IDS` / `TESTNET_CHAIN_IDS`** now exported from main index
 - **Base-only chains** — Polygon chain support deprecated; Base Sepolia + Base Mainnet are the primary networks
 
@@ -647,3 +692,7 @@ See the [complete SDK docs](https://docs.abbababa.com/sdk) for detailed guides o
 ## License
 
 MIT
+
+---
+
+Last Updated: 2026-03-01

package/dist/agents.d.ts

@@ -27,7 +27,7 @@ export declare class AgentsClient {
      * Returns two score values:
      * - `discoveryScore` (0.0–1.0): normalized float used for service ranking, DNS resolution,
      *   and UCP `minimumTrustScore` filtering. Kept current by on-chain event sync.
-     * - `onChainScore`: raw integer from AbbababaScoreV2 on Base Sepolia (same value
+     * - `onChainScore`: raw integer from AbbaBabaScore on Base Sepolia (same value
      *   returned by `getScore(address)`).
      *
      * Requires API key.

package/dist/agents.js

@@ -44,7 +44,7 @@ export class AgentsClient {
      * Returns two score values:
      * - `discoveryScore` (0.0–1.0): normalized float used for service ranking, DNS resolution,
      *   and UCP `minimumTrustScore` filtering. Kept current by on-chain event sync.
-     * - `onChainScore`: raw integer from AbbababaScoreV2 on Base Sepolia (same value
+     * - `onChainScore`: raw integer from AbbaBabaScore on Base Sepolia (same value
      *   returned by `getScore(address)`).
      *
      * Requires API key.

package/dist/buyer.d.ts

@@ -1,11 +1,11 @@
 import { AbbaBabaClient } from './client.js';
 import { AgentCrypto } from './crypto.js';
-import type { AbbaBabaConfig, Service, ServiceSearchParams, CheckoutInput, CheckoutResult, Transaction, ApiResponse, WebhookHandler, SmartAccountConfig, SessionKeyConfig, SessionKeyResult, UseSessionKeyConfig, AgentStats, E2EDecryptResult } from './types.js';
+import type { AbbaBabaConfig, Service, ServiceSearchParams, CheckoutInput, CheckoutResult, Transaction, ApiResponse, WebhookHandler, AgentStats, E2EDecryptResult, CreateSessionOpts, SessionInfo } from './types.js';
 export declare class BuyerAgent {
     readonly client: AbbaBabaClient;
     private webhookServer;
     private walletAddress;
-    private kernelClient;
+    private walletClient;
     private resolvedGasStrategy;
     private _crypto;
     constructor(config: AbbaBabaConfig);
@@ -37,13 +37,17 @@ export declare class BuyerAgent {
     /** Stop the webhook server. */
     stopWebhook(): Promise<void>;
     /**
-     * Initialize a ZeroDev smart account for on-chain payments.
-     * Requires @zerodev/sdk, @zerodev/ecdsa-validator, and permissionless as peer deps.
+     * Initialize a plain EOA wallet for on-chain payments.
+     * The agent pays their own gas (~$0.02/flow on Base Sepolia).
+     * No ZeroDev or smart account required.
+     *
+     * @param privateKey - 32-byte hex private key (0x-prefixed)
+     * @param chain      - Target chain (default: 'baseSepolia')
      */
-    initWallet(config: SmartAccountConfig): Promise<string>;
+    initEOAWallet(privateKey: string, chain?: 'baseSepolia' | 'base' | 'polygon' | 'polygonAmoy'): Promise<string>;
     /**
      * Fund an on-chain escrow for a transaction (V2 — includes deadline).
-     * Requires initWallet() to have been called first.
+     * Requires initEOAWallet() to have been called first.
      * @param tokenSymbol - Settlement token symbol (default: 'USDC').
      * @param deadline - Unix timestamp after which the seller must deliver.
      * Returns the on-chain transaction hash.
@@ -57,7 +61,7 @@ export declare class BuyerAgent {
      *   3. POST /api/v1/transactions/:id/fund to verify on-chain state
      *
      * Returns the fund verification result from the backend.
-     * Requires initWallet() or initWithSessionKey() to have been called first.
+     * Requires initEOAWallet() to have been called first.
      */
     fundAndVerify(transactionId: string, sellerAddress: string, amount: bigint, tokenSymbol?: string, deadline?: bigint): Promise<ApiResponse<import('./types.js').FundResult>>;
     /**
@@ -96,28 +100,74 @@ export declare class BuyerAgent {
         required: number;
     }>;
     /**
-     * Initialize wallet from a serialized session key (agent operation).
-     * No owner private key needed — only the serialized session key string.
-     * The resulting wallet can only perform actions allowed by the session's policies.
-     * All existing methods (fundEscrow, confirmAndRelease) work after this call.
+     * Create a session key bundle for delegation to an autonomous agent.
+     *
+     * Generates an ephemeral EOA wallet and E2E keypair locally, then registers
+     * the session wallet address with the platform. Returns a `SessionInfo` with
+     * a `serialize()` method to produce the bundle string for the agent.
      *
-     * Requires @zerodev/sdk and @zerodev/permissions as peer deps.
+     * After calling `createSession()`:
+     * 1. Fund `session.walletAddress` with USDC (up to `budgetUsdc`) + a small
+     *    ETH gas reserve using `fundSession(session)`.
+     * 2. Serialize: `const bundle = session.serialize()`
+     * 3. Pass `bundle` to the agent process.
+     * 4. Agent calls `agentBuyer.initWithSession(bundle)` — fully operational.
+     *
+     * Requires a valid API key (`this.client`) — does NOT require initEOAWallet().
      */
-    initWithSessionKey(config: UseSessionKeyConfig): Promise<string>;
+    createSession(opts?: CreateSessionOpts): Promise<SessionInfo & {
+        serialize(): string;
+    }>;
     /**
-     * Generate a scoped session key for an agent (owner/developer operation).
-     * The owner calls this with their private key, then passes the serialized
-     * session key string to the agent. The session key is restricted to
-     * V2 escrow operations by default.
+     * Initialize this agent from a serialized session bundle.
+     *
+     * Sets the session EOA wallet (for on-chain signing) and E2E crypto keypair
+     * (for `purchaseEncrypted` / `decryptResponsePayload`). The API client already
+     * uses the session token via the constructor `apiKey`.
+     *
+     * Call this instead of `initEOAWallet()` + `initCrypto()` when operating
+     * as a delegated session agent.
+     *
+     * @param serializedBundle - The string from `session.serialize()`.
+     */
+    initWithSession(serializedBundle: string): Promise<void>;
+    /**
+     * Fund a session wallet with USDC + a small ETH gas reserve.
+     *
+     * Transfers `session.budgetUsdc` USDC and 0.01 ETH from the main wallet
+     * (which must be initialized via `initEOAWallet()`) to the session EOA address.
+     * This sets the blockchain-enforced hard cap — the agent cannot spend more
+     * than what's in the session wallet regardless of the API soft cap.
+     *
+     * Requires `initEOAWallet()` to have been called with the MAIN wallet first.
+     *
+     * @param session - The SessionInfo returned by `createSession()`.
+     * @param tokenSymbol - Token to transfer (default: 'USDC').
+     * @returns On-chain USDC transfer transaction hash.
+     */
+    fundSession(session: Pick<SessionInfo, 'walletAddress' | 'budgetUsdc'>, tokenSymbol?: string): Promise<string>;
+    /**
+     * Reclaim remaining USDC from an expired or exhausted session wallet.
+     *
+     * Reads the current USDC balance of this wallet (the session wallet) and
+     * transfers it to `mainWalletAddress`. Call this after the session expires.
      *
-     * This is a static method — it doesn't require an API key or AbbaBabaClient.
+     * This must be called on a BuyerAgent initialized with the SESSION private key
+     * (via `initWithSession(bundle)`), not the main wallet:
+     * ```ts
+     * const reclaimer = new BuyerAgent({ apiKey: session.token })
+     * await reclaimer.initWithSession(bundle)
+     * await reclaimer.reclaimSession(MAIN_WALLET_ADDRESS)
+     * ```
      *
-     * Requires @zerodev/sdk, @zerodev/ecdsa-validator, and @zerodev/permissions.
+     * @param mainWalletAddress - Destination address to receive the swept USDC.
+     * @param tokenSymbol - Token to reclaim (default: 'USDC').
+     * @returns On-chain USDC transfer transaction hash, or `null` if balance is zero.
      */
-    static createSessionKey(config: SessionKeyConfig): Promise<SessionKeyResult>;
+    reclaimSession(mainWalletAddress: string, tokenSymbol?: string): Promise<string | null>;
     getWalletAddress(): string | null;
-    /** Returns the resolved gas strategy after initWallet() or initWithSessionKey(). */
-    getGasStrategy(): 'self-funded' | 'erc20' | 'sponsored' | null;
+    /** Returns the resolved gas strategy after initEOAWallet(). */
+    getGasStrategy(): 'self-funded' | null;
     /**
      * Purchase a service with an encrypted `requestPayload`.
      *

package/dist/buyer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"buyer.d.ts","sourceRoot":"","sources":["../src/buyer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAE5C,OAAO,EAAE,WAAW,EAAqB,MAAM,aAAa,CAAA;AAC5D,OAAO,KAAK,EACV,cAAc,EACd,OAAO,EACP,mBAAmB,EACnB,aAAa,EACb,cAAc,EACd,WAAW,EACX,WAAW,EACX,cAAc,EACd,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,mBAAmB,EACnB,UAAU,EACV,gBAAgB,EAGjB,MAAM,YAAY,CAAA;AAEnB,qBAAa,UAAU;IACrB,SAAgB,MAAM,EAAE,cAAc,CAAA;IACtC,OAAO,CAAC,aAAa,CAA6B;IAClD,OAAO,CAAC,aAAa,CAAsB;IAC3C,OAAO,CAAC,YAAY,CAAgB;IACpC,OAAO,CAAC,mBAAmB,CAAqD;IAChF,OAAO,CAAC,OAAO,CAA2B;gBAE9B,MAAM,EAAE,cAAc;IAIlC,2CAA2C;IACrC,YAAY,CAChB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,IAAI,CAAC,mBAAmB,EAAE,GAAG,CAAC,GACvC,OAAO,CAAC,OAAO,EAAE,CAAC;IAQrB,6EAA6E;IACvE,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IAQ7D,uDAAuD;IACjD,OAAO,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IAIvE,mDAAmD;IAC7C,OAAO,CAAC,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IAIvF;;;;;;;;;;OAUG;IACG,UAAU,CACd,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,cAAc,EACvB,OAAO,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,GAClD,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IAK3B,+BAA+B;IACzB,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;IAOlC;;;OAGG;IACG,UAAU,CAAC,MAAM,EAAE,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC;IAS7D;;;;;;OAMG;IACG,UAAU,CACd,aAAa,EAAE,MAAM,EACrB,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,MAAM,EACd,WAAW,GAAE,MAAe,EAC5B,QAAQ,GAAE,MAA0D,GACnE,OAAO,CAAC,MAAM,CAAC;IAYlB;;;;;;;;;OASG;IACG,aAAa,CACjB,aAAa,EAAE,MAAM,EACrB,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,MAAM,EACd,WAAW,GAAE,MAAe,EAC5B,QAAQ,GAAE,MAA0D,GACnE,OAAO,CAAC,WAAW,CAAC,OAAO,YAAY,EAAE,UAAU,CAAC,CAAC;IAKxD;;;OAGG;IACG,iBAAiB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU7D;;;OAGG;IACG,cAAc,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAS5D;;;OAGG;IACG,cAAc,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAS5D;;;OAGG;IACG,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAM9D;;;OAGG;IACG,eAAe,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAQ5D;;;;OAIG;IACG,qBAAqB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC;QACzD,QAAQ,EAAE,OAAO,CAAA;QACjB,YAAY,EAAE,MAAM,CAAA;QACpB,QAAQ,EAAE,MAAM,CAAA;KACjB,CAAC;IAUF;;;;;;;OAOG;IACG,kBAAkB,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;IAStE;;;;;;;;;OASG;WACU,gBAAgB,CAC3B,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,gBAAgB,CAAC;IAK5B,gBAAgB,IAAI,MAAM,GAAG,IAAI;IAIjC,oFAAoF;IACpF,cAAc,IAAI,aAAa,GAAG,OAAO,GAAG,WAAW,GAAG,IAAI;IAI9D;;;;;;;;;;;;OAYG;IACG,iBAAiB,CAAC,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAqB7F;;;;;;;;;OASG;IACG,sBAAsB,CAAC,WAAW,EAAE,WAAW,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAajF;;;;;;;;;;OAUG;IACG,qBAAqB,CACzB,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,WAAW,CAAC;QAAE,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAoC/C;;;;;;;;;;;OAWG;IACH,UAAU,CAAC,aAAa,EAAE,MAAM,GAAG,WAAW;IAK9C;;;;;OAKG;IACH,IAAI,MAAM,IAAI,WAAW,GAAG,IAAI,CAE/B;CACF"}
+{"version":3,"file":"buyer.d.ts","sourceRoot":"","sources":["../src/buyer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAE5C,OAAO,EAAE,WAAW,EAAqB,MAAM,aAAa,CAAA;AAE5D,OAAO,KAAK,EACV,cAAc,EACd,OAAO,EACP,mBAAmB,EACnB,aAAa,EACb,cAAc,EACd,WAAW,EACX,WAAW,EACX,cAAc,EACd,UAAU,EACV,gBAAgB,EAGhB,iBAAiB,EACjB,WAAW,EACZ,MAAM,YAAY,CAAA;AAEnB,qBAAa,UAAU;IACrB,SAAgB,MAAM,EAAE,cAAc,CAAA;IACtC,OAAO,CAAC,aAAa,CAA6B;IAClD,OAAO,CAAC,aAAa,CAAsB;IAC3C,OAAO,CAAC,YAAY,CAA4B;IAChD,OAAO,CAAC,mBAAmB,CAA6B;IACxD,OAAO,CAAC,OAAO,CAA2B;gBAE9B,MAAM,EAAE,cAAc;IAIlC,2CAA2C;IACrC,YAAY,CAChB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,IAAI,CAAC,mBAAmB,EAAE,GAAG,CAAC,GACvC,OAAO,CAAC,OAAO,EAAE,CAAC;IAQrB,6EAA6E;IACvE,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IAQ7D,uDAAuD;IACjD,OAAO,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IAIvE,mDAAmD;IAC7C,OAAO,CAAC,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IAIvF;;;;;;;;;;OAUG;IACG,UAAU,CACd,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,cAAc,EACvB,OAAO,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,GAClD,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IAK3B,+BAA+B;IACzB,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;IAOlC;;;;;;;OAOG;IACG,aAAa,CACjB,UAAU,EAAE,MAAM,EAClB,KAAK,CAAC,EAAE,aAAa,GAAG,MAAM,GAAG,SAAS,GAAG,aAAa,GACzD,OAAO,CAAC,MAAM,CAAC;IASlB;;;;;;OAMG;IACG,UAAU,CACd,aAAa,EAAE,MAAM,EACrB,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,MAAM,EACd,WAAW,GAAE,MAAe,EAC5B,QAAQ,GAAE,MAA0D,GACnE,OAAO,CAAC,MAAM,CAAC;IAYlB;;;;;;;;;OASG;IACG,aAAa,CACjB,aAAa,EAAE,MAAM,EACrB,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,MAAM,EACd,WAAW,GAAE,MAAe,EAC5B,QAAQ,GAAE,MAA0D,GACnE,OAAO,CAAC,WAAW,CAAC,OAAO,YAAY,EAAE,UAAU,CAAC,CAAC;IAKxD;;;OAGG;IACG,iBAAiB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU7D;;;OAGG;IACG,cAAc,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAS5D;;;OAGG;IACG,cAAc,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAS5D;;;OAGG;IACG,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAM9D;;;OAGG;IACG,eAAe,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAQ5D;;;;OAIG;IACG,qBAAqB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC;QACzD,QAAQ,EAAE,OAAO,CAAA;QACjB,YAAY,EAAE,MAAM,CAAA;QACpB,QAAQ,EAAE,MAAM,CAAA;KACjB,CAAC;IAUF;;;;;;;;;;;;;;;OAeG;IACG,aAAa,CAAC,IAAI,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,WAAW,GAAG;QAAE,SAAS,IAAI,MAAM,CAAA;KAAE,CAAC;IAgD7F;;;;;;;;;;;OAWG;IACG,eAAe,CAAC,gBAAgB,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAe9D;;;;;;;;;;;;;OAaG;IACG,WAAW,CACf,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE,eAAe,GAAG,YAAY,CAAC,EAC1D,WAAW,GAAE,MAAe,GAC3B,OAAO,CAAC,MAAM,CAAC;IAmBlB;;;;;;;;;;;;;;;;;OAiBG;IACG,cAAc,CAClB,iBAAiB,EAAE,MAAM,EACzB,WAAW,GAAE,MAAe,GAC3B,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAmBzB,gBAAgB,IAAI,MAAM,GAAG,IAAI;IAIjC,+DAA+D;IAC/D,cAAc,IAAI,aAAa,GAAG,IAAI;IAItC;;;;;;;;;;;;OAYG;IACG,iBAAiB,CAAC,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAqB7F;;;;;;;;;OASG;IACG,sBAAsB,CAAC,WAAW,EAAE,WAAW,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAajF;;;;;;;;;;OAUG;IACG,qBAAqB,CACzB,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,WAAW,CAAC;QAAE,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAoC/C;;;;;;;;;;;OAWG;IACH,UAAU,CAAC,aAAa,EAAE,MAAM,GAAG,WAAW;IAK9C;;;;;OAKG;IACH,IAAI,MAAM,IAAI,WAAW,GAAG,IAAI,CAE/B;CACF"}

package/dist/buyer.js

@@ -5,7 +5,7 @@ export class BuyerAgent {
     client;
     webhookServer = null;
     walletAddress = null;
-    kernelClient = null;
+    walletClient = null;
     resolvedGasStrategy = null;
     _crypto = null;
     constructor(config) {
@@ -58,32 +58,36 @@ export class BuyerAgent {
         }
     }
     /**
-     * Initialize a ZeroDev smart account for on-chain payments.
-     * Requires @zerodev/sdk, @zerodev/ecdsa-validator, and permissionless as peer deps.
+     * Initialize a plain EOA wallet for on-chain payments.
+     * The agent pays their own gas (~$0.02/flow on Base Sepolia).
+     * No ZeroDev or smart account required.
+     *
+     * @param privateKey - 32-byte hex private key (0x-prefixed)
+     * @param chain      - Target chain (default: 'baseSepolia')
      */
-    async initWallet(config) {
-        const { createSmartAccount } = await import('./wallet/smart-account.js');
-        const result = await createSmartAccount(config);
+    async initEOAWallet(privateKey, chain) {
+        const { createEOAWallet } = await import('./wallet/eoa-wallet.js');
+        const result = await createEOAWallet({ privateKey, chain });
         this.walletAddress = result.address;
-        this.kernelClient = result.kernelClient;
-        this.resolvedGasStrategy = result.gasStrategy;
+        this.walletClient = result.walletClient;
+        this.resolvedGasStrategy = 'self-funded';
         return result.address;
     }
     /**
      * Fund an on-chain escrow for a transaction (V2 — includes deadline).
-     * Requires initWallet() to have been called first.
+     * Requires initEOAWallet() to have been called first.
      * @param tokenSymbol - Settlement token symbol (default: 'USDC').
      * @param deadline - Unix timestamp after which the seller must deliver.
      * Returns the on-chain transaction hash.
      */
     async fundEscrow(transactionId, sellerAddress, amount, tokenSymbol = 'USDC', deadline = BigInt(Math.floor(Date.now() / 1000) + 7 * 86400)) {
-        if (!this.kernelClient) {
-            throw new Error('Wallet not initialized. Call initWallet() first.');
+        if (!this.walletClient) {
+            throw new Error('Wallet not initialized. Call initEOAWallet() first.');
         }
         const { EscrowClient } = await import('./wallet/escrow.js');
         const { getToken, BASE_SEPOLIA_CHAIN_ID } = await import('./wallet/constants.js');
         const token = getToken(BASE_SEPOLIA_CHAIN_ID, tokenSymbol);
-        const escrow = new EscrowClient(this.kernelClient, token);
+        const escrow = new EscrowClient(this.walletClient, token);
         await escrow.approveToken(amount);
         return escrow.fundEscrow(transactionId, sellerAddress, amount, deadline);
     }
@@ -95,7 +99,7 @@ export class BuyerAgent {
      *   3. POST /api/v1/transactions/:id/fund to verify on-chain state
      *
      * Returns the fund verification result from the backend.
-     * Requires initWallet() or initWithSessionKey() to have been called first.
+     * Requires initEOAWallet() to have been called first.
      */
     async fundAndVerify(transactionId, sellerAddress, amount, tokenSymbol = 'USDC', deadline = BigInt(Math.floor(Date.now() / 1000) + 7 * 86400)) {
         const txHash = await this.fundEscrow(transactionId, sellerAddress, amount, tokenSymbol, deadline);
@@ -107,9 +111,9 @@ export class BuyerAgent {
      */
     async confirmAndRelease(transactionId) {
         await this.client.transactions.confirm(transactionId);
-        if (this.kernelClient) {
+        if (this.walletClient) {
             const { EscrowClient } = await import('./wallet/escrow.js');
-            const escrow = new EscrowClient(this.kernelClient);
+            const escrow = new EscrowClient(this.walletClient);
             await escrow.acceptDelivery(transactionId);
         }
     }
@@ -118,11 +122,11 @@ export class BuyerAgent {
      * Returns the on-chain transaction hash.
      */
     async disputeOnChain(transactionId) {
-        if (!this.kernelClient) {
-            throw new Error('Wallet not initialized. Call initWallet() first.');
+        if (!this.walletClient) {
+            throw new Error('Wallet not initialized. Call initEOAWallet() first.');
         }
         const { EscrowClient } = await import('./wallet/escrow.js');
-        const escrow = new EscrowClient(this.kernelClient);
+        const escrow = new EscrowClient(this.walletClient);
         return escrow.disputeEscrow(transactionId);
     }
     /**
@@ -130,11 +134,11 @@ export class BuyerAgent {
      * Returns the on-chain transaction hash.
      */
     async claimAbandoned(transactionId) {
-        if (!this.kernelClient) {
-            throw new Error('Wallet not initialized. Call initWallet() first.');
+        if (!this.walletClient) {
+            throw new Error('Wallet not initialized. Call initEOAWallet() first.');
         }
         const { EscrowClient } = await import('./wallet/escrow.js');
-        const escrow = new EscrowClient(this.kernelClient);
+        const escrow = new EscrowClient(this.walletClient);
         return escrow.claimAbandoned(transactionId);
     }
     /**
@@ -172,39 +176,146 @@ export class BuyerAgent {
         };
     }
     /**
-     * Initialize wallet from a serialized session key (agent operation).
-     * No owner private key needed — only the serialized session key string.
-     * The resulting wallet can only perform actions allowed by the session's policies.
-     * All existing methods (fundEscrow, confirmAndRelease) work after this call.
+     * Create a session key bundle for delegation to an autonomous agent.
+     *
+     * Generates an ephemeral EOA wallet and E2E keypair locally, then registers
+     * the session wallet address with the platform. Returns a `SessionInfo` with
+     * a `serialize()` method to produce the bundle string for the agent.
+     *
+     * After calling `createSession()`:
+     * 1. Fund `session.walletAddress` with USDC (up to `budgetUsdc`) + a small
+     *    ETH gas reserve using `fundSession(session)`.
+     * 2. Serialize: `const bundle = session.serialize()`
+     * 3. Pass `bundle` to the agent process.
+     * 4. Agent calls `agentBuyer.initWithSession(bundle)` — fully operational.
      *
-     * Requires @zerodev/sdk and @zerodev/permissions as peer deps.
+     * Requires a valid API key (`this.client`) — does NOT require initEOAWallet().
      */
-    async initWithSessionKey(config) {
-        const { useSessionKey } = await import('./wallet/session-keys.js');
-        const result = await useSessionKey(config);
-        this.walletAddress = result.address;
-        this.kernelClient = result.kernelClient;
-        this.resolvedGasStrategy = result.gasStrategy;
-        return result.address;
+    async createSession(opts) {
+        const { generateSessionWallet, generateE2EKeypair, SessionBundle } = await import('./wallet/session-key.js');
+        const wallet = generateSessionWallet();
+        const e2eKeypair = generateE2EKeypair();
+        const expirySecs = opts?.expiry ?? 3600;
+        const expiryTs = Math.floor(Date.now() / 1000) + expirySecs;
+        const res = await this.client.request('POST', '/api/v1/agents/session', {
+            budgetUsdc: opts?.budgetUsdc ?? null,
+            expiry: expirySecs,
+            allowedServiceIds: opts?.allowedServiceIds ?? [],
+            sessionWallet: wallet.address,
+            e2ePublicKey: e2eKeypair.publicKey,
+        });
+        if (!res.success || !res.data) {
+            throw new Error(res.error ?? 'Failed to create session');
+        }
+        const bundlePayload = {
+            token: res.data.token,
+            agentId: '', // agentId is encoded into the session token on the platform side
+            budgetUsdc: opts?.budgetUsdc ?? null,
+            expiry: expiryTs,
+            walletPrivateKey: wallet.privateKey,
+            walletAddress: wallet.address,
+            e2ePrivateKey: e2eKeypair.privateKey,
+            e2ePublicKey: e2eKeypair.publicKey,
+        };
+        const serialized = SessionBundle.serialize(bundlePayload);
+        const info = {
+            sessionId: res.data.sessionId,
+            token: res.data.token,
+            agentId: bundlePayload.agentId,
+            budgetUsdc: opts?.budgetUsdc ?? null,
+            expiry: expiryTs,
+            walletAddress: wallet.address,
+            e2ePublicKey: e2eKeypair.publicKey,
+        };
+        return { ...info, serialize: () => serialized };
     }
     /**
-     * Generate a scoped session key for an agent (owner/developer operation).
-     * The owner calls this with their private key, then passes the serialized
-     * session key string to the agent. The session key is restricted to
-     * V2 escrow operations by default.
+     * Initialize this agent from a serialized session bundle.
+     *
+     * Sets the session EOA wallet (for on-chain signing) and E2E crypto keypair
+     * (for `purchaseEncrypted` / `decryptResponsePayload`). The API client already
+     * uses the session token via the constructor `apiKey`.
      *
-     * This is a static method — it doesn't require an API key or AbbaBabaClient.
+     * Call this instead of `initEOAWallet()` + `initCrypto()` when operating
+     * as a delegated session agent.
      *
-     * Requires @zerodev/sdk, @zerodev/ecdsa-validator, and @zerodev/permissions.
+     * @param serializedBundle - The string from `session.serialize()`.
      */
-    static async createSessionKey(config) {
-        const { generateSessionKey } = await import('./wallet/session-keys.js');
-        return generateSessionKey(config);
+    async initWithSession(serializedBundle) {
+        const { SessionBundle } = await import('./wallet/session-key.js');
+        const payload = SessionBundle.deserialize(serializedBundle);
+        if (payload.expiry < Math.floor(Date.now() / 1000)) {
+            throw new Error('Session bundle has expired. Request a new session from the operator.');
+        }
+        // Initialize EOA wallet from the session private key
+        await this.initEOAWallet(payload.walletPrivateKey);
+        // Initialize E2E crypto from the session E2E keypair
+        this.initCrypto(payload.e2ePrivateKey);
+    }
+    /**
+     * Fund a session wallet with USDC + a small ETH gas reserve.
+     *
+     * Transfers `session.budgetUsdc` USDC and 0.01 ETH from the main wallet
+     * (which must be initialized via `initEOAWallet()`) to the session EOA address.
+     * This sets the blockchain-enforced hard cap — the agent cannot spend more
+     * than what's in the session wallet regardless of the API soft cap.
+     *
+     * Requires `initEOAWallet()` to have been called with the MAIN wallet first.
+     *
+     * @param session - The SessionInfo returned by `createSession()`.
+     * @param tokenSymbol - Token to transfer (default: 'USDC').
+     * @returns On-chain USDC transfer transaction hash.
+     */
+    async fundSession(session, tokenSymbol = 'USDC') {
+        if (!this.walletClient) {
+            throw new Error('Main wallet not initialized. Call initEOAWallet() with the main private key first.');
+        }
+        if (session.budgetUsdc === null || session.budgetUsdc <= 0) {
+            throw new Error('budgetUsdc must be a positive number to fund a session wallet.');
+        }
+        const { EscrowClient } = await import('./wallet/escrow.js');
+        const { getToken, BASE_SEPOLIA_CHAIN_ID } = await import('./wallet/constants.js');
+        const token = getToken(BASE_SEPOLIA_CHAIN_ID, tokenSymbol);
+        if (!token)
+            throw new Error(`Token ${tokenSymbol} not found for chain ${BASE_SEPOLIA_CHAIN_ID}`);
+        const escrow = new EscrowClient(this.walletClient, token);
+        // Transfer USDC to session wallet
+        const amountUnits = BigInt(Math.round(session.budgetUsdc * 10 ** token.decimals));
+        return escrow.transferToken(session.walletAddress, amountUnits);
+    }
+    /**
+     * Reclaim remaining USDC from an expired or exhausted session wallet.
+     *
+     * Reads the current USDC balance of this wallet (the session wallet) and
+     * transfers it to `mainWalletAddress`. Call this after the session expires.
+     *
+     * This must be called on a BuyerAgent initialized with the SESSION private key
+     * (via `initWithSession(bundle)`), not the main wallet:
+     * ```ts
+     * const reclaimer = new BuyerAgent({ apiKey: session.token })
+     * await reclaimer.initWithSession(bundle)
+     * await reclaimer.reclaimSession(MAIN_WALLET_ADDRESS)
+     * ```
+     *
+     * @param mainWalletAddress - Destination address to receive the swept USDC.
+     * @param tokenSymbol - Token to reclaim (default: 'USDC').
+     * @returns On-chain USDC transfer transaction hash, or `null` if balance is zero.
+     */
+    async reclaimSession(mainWalletAddress, tokenSymbol = 'USDC') {
+        if (!this.walletClient || !this.walletAddress) {
+            throw new Error('Session wallet not initialized. Call initWithSession(bundle) on a BuyerAgent ' +
+                'configured with the session token, then call reclaimSession(mainWalletAddress).');
+        }
+        const { EscrowClient } = await import('./wallet/escrow.js');
+        const { getToken, BASE_SEPOLIA_CHAIN_ID } = await import('./wallet/constants.js');
+        const token = getToken(BASE_SEPOLIA_CHAIN_ID, tokenSymbol);
+        const escrow = new EscrowClient(this.walletClient, token);
+        return escrow.sweepToken(this.walletAddress, mainWalletAddress);
     }
     getWalletAddress() {
         return this.walletAddress;
     }
-    /** Returns the resolved gas strategy after initWallet() or initWithSessionKey(). */
+    /** Returns the resolved gas strategy after initEOAWallet(). */
     getGasStrategy() {
         return this.resolvedGasStrategy;
     }