@agent-fuel/sdk 0.1.0 → 0.2.0

package/dist/index.cjs

@@ -63,7 +63,8 @@ function decodeCreditVault(pubkey, raw) {
     balance: total_deposited - total_withdrawn - total_spent + total_claimed,
     frozen: raw.frozen,
     created_slot: bnToNum(raw.createdSlot),
-    last_active_slot: bnToNum(raw.lastActiveSlot)
+    last_active_slot: bnToNum(raw.lastActiveSlot),
+    pending_count: bnToNum(raw.pendingCount)
   };
 }
 var DEFAULT_PUBKEY = web3_js.PublicKey.default.toBase58();
@@ -187,6 +188,28 @@ var NotWhitelistedError = class extends SpendPolicyError {
     this.service = service;
   }
 };
+var RecordPaymentError = class extends AgentFuelError {
+  constructor(message) {
+    super(message);
+    this.name = "RecordPaymentError";
+  }
+};
+var ReceiptAlreadyRecordedError = class extends RecordPaymentError {
+  receiptHash;
+  constructor(receiptHash) {
+    super("payment receipt was already recorded on chain");
+    this.name = "ReceiptAlreadyRecordedError";
+    this.receiptHash = receiptHash;
+  }
+};
+var ServiceInactiveError = class extends RecordPaymentError {
+  service;
+  constructor(service) {
+    super(`service ${service} is paused; record_payment rejected`);
+    this.name = "ServiceInactiveError";
+    this.service = service;
+  }
+};
 
 // src/guardrails.ts
 function guardSpend(args) {
@@ -294,6 +317,12 @@ function wsUrl(apiBase, path) {
   if (apiBase.startsWith("http://")) return apiBase.replace(/^http/, "ws") + path;
   return apiBase + path;
 }
+function subscribeService(apiBase, servicePubkey, opts) {
+  return subscribe(wsUrl(apiBase, `/ws/services/${servicePubkey}`), opts);
+}
+function subscribeVault(apiBase, vaultPubkey, opts) {
+  return subscribe(wsUrl(apiBase, `/ws/vaults/${vaultPubkey}`), opts);
+}
 
 // src/idl/reputation.json
 var reputation_default = {
@@ -849,10 +878,14 @@ var reputation_default = {
       ],
       accounts: [
         {
-          name: "service",
+          name: "sponsor",
           writable: true,
           signer: true
         },
+        {
+          name: "service",
+          signer: true
+        },
         {
           name: "service_registry",
           writable: true,
@@ -899,6 +932,15 @@ var reputation_default = {
               name: "ServiceCategory"
             }
           }
+        },
+        {
+          name: "service_uri",
+          type: {
+            array: [
+              "u8",
+              128
+            ]
+          }
         }
       ]
     },
@@ -1014,6 +1056,61 @@ var reputation_default = {
           }
         }
       ]
+    },
+    {
+      name: "set_service_active",
+      discriminator: [
+        221,
+        172,
+        149,
+        49,
+        212,
+        184,
+        77,
+        101
+      ],
+      accounts: [
+        {
+          name: "service",
+          signer: true
+        },
+        {
+          name: "service_registry",
+          writable: true,
+          pda: {
+            seeds: [
+              {
+                kind: "const",
+                value: [
+                  115,
+                  101,
+                  114,
+                  118,
+                  105,
+                  99,
+                  101
+                ]
+              },
+              {
+                kind: "account",
+                path: "service"
+              }
+            ]
+          }
+        },
+        {
+          name: "authority",
+          relations: [
+            "service_registry"
+          ]
+        }
+      ],
+      args: [
+        {
+          name: "active",
+          type: "bool"
+        }
+      ]
     }
   ],
   accounts: [
@@ -1162,6 +1259,19 @@ var reputation_default = {
         109
       ]
     },
+    {
+      name: "ServiceActiveSet",
+      discriminator: [
+        151,
+        122,
+        7,
+        40,
+        191,
+        139,
+        237,
+        52
+      ]
+    },
     {
       name: "ServiceRegistered",
       discriminator: [
@@ -1226,6 +1336,11 @@ var reputation_default = {
       code: 6009,
       name: "FeedbackRateLimited",
       msg: "Feedback rate limit not yet expired for this (service, agent) pair"
+    },
+    {
+      code: 6010,
+      name: "UnauthorizedService",
+      msg: "Only the service authority may perform this action"
     }
   ],
   types: [
@@ -1666,6 +1781,26 @@ var reputation_default = {
         ]
       }
     },
+    {
+      name: "ServiceActiveSet",
+      type: {
+        kind: "struct",
+        fields: [
+          {
+            name: "service",
+            type: "pubkey"
+          },
+          {
+            name: "active",
+            type: "bool"
+          },
+          {
+            name: "slot",
+            type: "u64"
+          }
+        ]
+      }
+    },
     {
       name: "ServiceCategory",
       type: {
@@ -1698,6 +1833,14 @@ var reputation_default = {
             name: "service",
             type: "pubkey"
           },
+          {
+            name: "sponsor",
+            docs: [
+              'Wallet that paid rent. Lets us answer "who registered this service?"',
+              "without an extra column on the on-chain account."
+            ],
+            type: "pubkey"
+          },
           {
             name: "name",
             type: {
@@ -1740,6 +1883,19 @@ var reputation_default = {
               ]
             }
           },
+          {
+            name: "service_uri",
+            docs: [
+              "Off-chain metadata URI (pricing, docs, endpoint, logo). Padded to 128 bytes;",
+              "trailing NULs are trimmed when read. Mirrors `AgentProfile::agent_uri`."
+            ],
+            type: {
+              array: [
+                "u8",
+                128
+              ]
+            }
+          },
           {
             name: "category",
             type: {
@@ -1799,21 +1955,25 @@ var credit_vault_default = {
   },
   instructions: [
     {
-      name: "claim",
+      name: "approve_spend",
       discriminator: [
-        62,
-        198,
-        214,
-        193,
-        213,
-        159,
-        108,
-        210
+        248,
+        201,
+        151,
+        15,
+        28,
+        162,
+        112,
+        90
       ],
       accounts: [
         {
-          name: "service",
-          signer: true
+          name: "owner",
+          writable: true,
+          signer: true,
+          relations: [
+            "vault"
+          ]
         },
         {
           name: "vault",
@@ -1832,8 +1992,7 @@ var credit_vault_default = {
               },
               {
                 kind: "account",
-                path: "vault.owner",
-                account: "CreditVault"
+                path: "owner"
               },
               {
                 kind: "account",
@@ -1866,6 +2025,35 @@ var credit_vault_default = {
             ]
           }
         },
+        {
+          name: "pending_spend",
+          writable: true,
+          pda: {
+            seeds: [
+              {
+                kind: "const",
+                value: [
+                  112,
+                  101,
+                  110,
+                  100,
+                  105,
+                  110,
+                  103
+                ]
+              },
+              {
+                kind: "account",
+                path: "vault"
+              },
+              {
+                kind: "account",
+                path: "pending_spend.nonce",
+                account: "PendingSpend"
+              }
+            ]
+          }
+        },
         {
           name: "vault_token_account",
           writable: true
@@ -1879,43 +2067,31 @@ var credit_vault_default = {
           address: "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA"
         }
       ],
-      args: [
-        {
-          name: "amount_usdc",
-          type: "u64"
-        }
-      ]
+      args: []
     },
     {
-      name: "create_vault",
+      name: "cancel_spend",
       discriminator: [
-        29,
-        237,
-        247,
-        208,
-        193,
-        82,
-        54,
-        135
+        122,
+        254,
+        101,
+        132,
+        241,
+        232,
+        205,
+        179
       ],
       accounts: [
         {
           name: "owner",
           writable: true,
-          signer: true
-        },
-        {
-          name: "agent",
-          docs: [
-            "account need not exist on chain; we never read or write its data."
+          signer: true,
+          relations: [
+            "vault"
           ]
         },
-        {
-          name: "usdc_mint"
-        },
         {
           name: "vault",
-          writable: true,
           pda: {
             seeds: [
               {
@@ -1934,13 +2110,14 @@ var credit_vault_default = {
               },
               {
                 kind: "account",
-                path: "agent"
+                path: "vault.agent",
+                account: "CreditVault"
               }
             ]
           }
         },
         {
-          name: "policy",
+          name: "pending_spend",
           writable: true,
           pda: {
             seeds: [
@@ -1948,38 +2125,211 @@ var credit_vault_default = {
                 kind: "const",
                 value: [
                   112,
-                  111,
-                  108,
+                  101,
+                  110,
+                  100,
                   105,
-                  99,
-                  121
+                  110,
+                  103
                 ]
               },
               {
                 kind: "account",
                 path: "vault"
+              },
+              {
+                kind: "account",
+                path: "pending_spend.nonce",
+                account: "PendingSpend"
               }
             ]
           }
+        }
+      ],
+      args: []
+    },
+    {
+      name: "claim",
+      discriminator: [
+        62,
+        198,
+        214,
+        193,
+        213,
+        159,
+        108,
+        210
+      ],
+      accounts: [
+        {
+          name: "service",
+          signer: true
         },
         {
-          name: "vault_token_account",
+          name: "vault",
           writable: true,
           pda: {
             seeds: [
+              {
+                kind: "const",
+                value: [
+                  118,
+                  97,
+                  117,
+                  108,
+                  116
+                ]
+              },
               {
                 kind: "account",
-                path: "vault"
+                path: "vault.owner",
+                account: "CreditVault"
               },
               {
-                kind: "const",
-                value: [
-                  6,
-                  221,
-                  246,
-                  225,
-                  215,
-                  101,
+                kind: "account",
+                path: "vault.agent",
+                account: "CreditVault"
+              }
+            ]
+          }
+        },
+        {
+          name: "policy",
+          writable: true,
+          pda: {
+            seeds: [
+              {
+                kind: "const",
+                value: [
+                  112,
+                  111,
+                  108,
+                  105,
+                  99,
+                  121
+                ]
+              },
+              {
+                kind: "account",
+                path: "vault"
+              }
+            ]
+          }
+        },
+        {
+          name: "vault_token_account",
+          writable: true
+        },
+        {
+          name: "service_token_account",
+          writable: true
+        },
+        {
+          name: "token_program",
+          address: "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA"
+        }
+      ],
+      args: [
+        {
+          name: "amount_usdc",
+          type: "u64"
+        }
+      ]
+    },
+    {
+      name: "create_vault",
+      discriminator: [
+        29,
+        237,
+        247,
+        208,
+        193,
+        82,
+        54,
+        135
+      ],
+      accounts: [
+        {
+          name: "owner",
+          writable: true,
+          signer: true
+        },
+        {
+          name: "agent",
+          docs: [
+            "account need not exist on chain; we never read or write its data."
+          ]
+        },
+        {
+          name: "usdc_mint"
+        },
+        {
+          name: "vault",
+          writable: true,
+          pda: {
+            seeds: [
+              {
+                kind: "const",
+                value: [
+                  118,
+                  97,
+                  117,
+                  108,
+                  116
+                ]
+              },
+              {
+                kind: "account",
+                path: "owner"
+              },
+              {
+                kind: "account",
+                path: "agent"
+              }
+            ]
+          }
+        },
+        {
+          name: "policy",
+          writable: true,
+          pda: {
+            seeds: [
+              {
+                kind: "const",
+                value: [
+                  112,
+                  111,
+                  108,
+                  105,
+                  99,
+                  121
+                ]
+              },
+              {
+                kind: "account",
+                path: "vault"
+              }
+            ]
+          }
+        },
+        {
+          name: "vault_token_account",
+          writable: true,
+          pda: {
+            seeds: [
+              {
+                kind: "account",
+                path: "vault"
+              },
+              {
+                kind: "const",
+                value: [
+                  6,
+                  221,
+                  246,
+                  225,
+                  215,
+                  101,
                   161,
                   147,
                   217,
@@ -2204,6 +2554,104 @@ var credit_vault_default = {
       ],
       args: []
     },
+    {
+      name: "request_spend",
+      discriminator: [
+        127,
+        12,
+        23,
+        75,
+        137,
+        178,
+        148,
+        71
+      ],
+      accounts: [
+        {
+          name: "agent",
+          writable: true,
+          signer: true,
+          relations: [
+            "vault"
+          ]
+        },
+        {
+          name: "vault",
+          writable: true,
+          pda: {
+            seeds: [
+              {
+                kind: "const",
+                value: [
+                  118,
+                  97,
+                  117,
+                  108,
+                  116
+                ]
+              },
+              {
+                kind: "account",
+                path: "vault.owner",
+                account: "CreditVault"
+              },
+              {
+                kind: "account",
+                path: "vault.agent",
+                account: "CreditVault"
+              }
+            ]
+          }
+        },
+        {
+          name: "service_token_account",
+          docs: [
+            "The recipient token account. We only need it for its `owner` field",
+            "(the service pubkey we record in PendingSpend); mint constraint is",
+            "belt-and-suspenders since `approve_spend` re-checks both."
+          ]
+        },
+        {
+          name: "pending_spend",
+          writable: true,
+          pda: {
+            seeds: [
+              {
+                kind: "const",
+                value: [
+                  112,
+                  101,
+                  110,
+                  100,
+                  105,
+                  110,
+                  103
+                ]
+              },
+              {
+                kind: "account",
+                path: "vault"
+              },
+              {
+                kind: "account",
+                path: "vault.pending_count",
+                account: "CreditVault"
+              }
+            ]
+          }
+        },
+        {
+          name: "system_program",
+          address: "11111111111111111111111111111111"
+        }
+      ],
+      args: [
+        {
+          name: "amount_usdc",
+          type: "u64"
+        }
+      ]
+    },
     {
       name: "spend",
       discriminator: [
@@ -2529,6 +2977,19 @@ var credit_vault_default = {
         70
       ]
     },
+    {
+      name: "PendingSpend",
+      discriminator: [
+        193,
+        205,
+        85,
+        66,
+        25,
+        3,
+        67,
+        134
+      ]
+    },
     {
       name: "SpendPolicy",
       discriminator: [
@@ -2583,6 +3044,32 @@ var credit_vault_default = {
         161
       ]
     },
+    {
+      name: "SpendRejected",
+      discriminator: [
+        22,
+        233,
+        208,
+        109,
+        202,
+        231,
+        175,
+        22
+      ]
+    },
+    {
+      name: "SpendRequested",
+      discriminator: [
+        144,
+        207,
+        254,
+        247,
+        81,
+        146,
+        84,
+        87
+      ]
+    },
     {
       name: "Spent",
       discriminator: [
@@ -2699,6 +3186,16 @@ var credit_vault_default = {
       code: 6009,
       name: "PostPayDisabled",
       msg: "Post-pay claims are disabled for this vault"
+    },
+    {
+      code: 6010,
+      name: "PendingSpendVaultMismatch",
+      msg: "Pending spend belongs to a different vault"
+    },
+    {
+      code: 6011,
+      name: "PendingNonceOverflow",
+      msg: "Pending spend counter would overflow"
     }
   ],
   types: [
@@ -2787,12 +3284,22 @@ var credit_vault_default = {
             name: "bump",
             type: "u8"
           },
+          {
+            name: "pending_count",
+            docs: [
+              "Monotonic counter used as a PDA seed for PendingSpend accounts so",
+              "every approval request gets a unique deterministic address.",
+              "Borrowed 8 bytes from the original 64-byte padding so the account",
+              "size stays at `ACCOUNT_SIZE` and existing vaults need no migration."
+            ],
+            type: "u64"
+          },
           {
             name: "_padding",
             type: {
               array: [
                 "u8",
-                64
+                56
               ]
             }
           }
@@ -2827,6 +3334,65 @@ var credit_vault_default = {
         ]
       }
     },
+    {
+      name: "PendingSpend",
+      docs: [
+        "A spend request that exceeded one of the policy's rate limits. The agent",
+        "creates this account by calling `request_spend`; the owner reviews from",
+        "the mobile Alerts tab and either calls `approve_spend` (PDA-signed CPI",
+        "transfer, account closed) or `cancel_spend` (account closed, no transfer).",
+        "",
+        'Seeded by `["pending", vault, nonce_le]` where `nonce` is the value of',
+        "`vault.pending_count` at request time, so each request has a unique",
+        "deterministic address that both the agent and the owner can derive."
+      ],
+      type: {
+        kind: "struct",
+        fields: [
+          {
+            name: "vault",
+            type: "pubkey"
+          },
+          {
+            name: "agent",
+            type: "pubkey"
+          },
+          {
+            name: "service",
+            docs: [
+              "Owner of the destination token account (mirrors how `Spent` records",
+              "service: `service_token_account.owner`)."
+            ],
+            type: "pubkey"
+          },
+          {
+            name: "amount_usdc",
+            type: "u64"
+          },
+          {
+            name: "requested_slot",
+            type: "u64"
+          },
+          {
+            name: "nonce",
+            type: "u64"
+          },
+          {
+            name: "bump",
+            type: "u8"
+          },
+          {
+            name: "_padding",
+            type: {
+              array: [
+                "u8",
+                31
+              ]
+            }
+          }
+        ]
+      }
+    },
     {
       name: "PolicyUpdated",
       type: {
@@ -2930,6 +3496,70 @@ var credit_vault_default = {
         ]
       }
     },
+    {
+      name: "SpendRejected",
+      type: {
+        kind: "struct",
+        fields: [
+          {
+            name: "vault",
+            type: "pubkey"
+          },
+          {
+            name: "owner",
+            type: "pubkey"
+          },
+          {
+            name: "pending_spend",
+            type: "pubkey"
+          },
+          {
+            name: "nonce",
+            type: "u64"
+          },
+          {
+            name: "slot",
+            type: "u64"
+          }
+        ]
+      }
+    },
+    {
+      name: "SpendRequested",
+      type: {
+        kind: "struct",
+        fields: [
+          {
+            name: "vault",
+            type: "pubkey"
+          },
+          {
+            name: "agent",
+            type: "pubkey"
+          },
+          {
+            name: "service",
+            type: "pubkey"
+          },
+          {
+            name: "pending_spend",
+            type: "pubkey"
+          },
+          {
+            name: "amount_usdc",
+            type: "u64"
+          },
+          {
+            name: "nonce",
+            type: "u64"
+          },
+          {
+            name: "slot",
+            type: "u64"
+          }
+        ]
+      }
+    },
     {
       name: "Spent",
       type: {
@@ -3096,6 +3726,43 @@ function serviceRegistryPda(serviceAuthority) {
   );
   return pda;
 }
+function agentProfilePda(agent) {
+  const [pda] = web3_js.PublicKey.findProgramAddressSync(
+    [Buffer.from("agent"), toPubkey(agent).toBuffer()],
+    PROGRAM_IDS.reputation
+  );
+  return pda;
+}
+function agentServiceLinkPda(agentProfile, serviceRegistry) {
+  const [pda] = web3_js.PublicKey.findProgramAddressSync(
+    [
+      Buffer.from("link"),
+      toPubkey(agentProfile).toBuffer(),
+      toPubkey(serviceRegistry).toBuffer()
+    ],
+    PROGRAM_IDS.reputation
+  );
+  return pda;
+}
+function pendingSpendPda(vault, nonce) {
+  const nonceBuf = Buffer.alloc(8);
+  nonceBuf.writeBigUInt64LE(typeof nonce === "bigint" ? nonce : BigInt(nonce));
+  const [pda] = web3_js.PublicKey.findProgramAddressSync(
+    [Buffer.from("pending"), toPubkey(vault).toBuffer(), nonceBuf],
+    PROGRAM_IDS.creditVault
+  );
+  return pda;
+}
+function receiptUsedPda(receiptHash) {
+  if (receiptHash.length !== 32) {
+    throw new Error(`receiptUsedPda expects a 32-byte hash, got ${receiptHash.length}`);
+  }
+  const [pda] = web3_js.PublicKey.findProgramAddressSync(
+    [Buffer.from("receipt"), Buffer.from(receiptHash)],
+    PROGRAM_IDS.reputation
+  );
+  return pda;
+}
 function buildProvider(connection, keypair) {
   return new anchor.AnchorProvider(connection, new anchor.Wallet(keypair), anchor.AnchorProvider.defaultOptions());
 }
@@ -3106,6 +3773,207 @@ function reputationProgram(provider) {
   return new anchor.Program(reputation_default, provider);
 }
 
+// src/pay.ts
+async function pay(args) {
+  const { agent, service, connection, amountUsdc } = args;
+  const owner = toPubkey(args.owner);
+  if (amountUsdc <= 0) {
+    throw new ZeroAmountError();
+  }
+  if (args.receiptHash.length !== 32) {
+    throw new Error(
+      `pay: receiptHash must be 32 bytes, got ${args.receiptHash.length}`
+    );
+  }
+  const vaultAddr = vaultPda(owner, agent.publicKey);
+  const policyAddr = policyPda(vaultAddr);
+  const provider = buildProvider(connection, agent);
+  const cv = creditVaultProgram(provider);
+  const rep = reputationProgram(provider);
+  const [rawVault, rawPolicy, currentSlot] = await Promise.all([
+    cv.account.creditVault.fetchNullable(vaultAddr),
+    cv.account.spendPolicy.fetchNullable(policyAddr),
+    connection.getSlot()
+  ]);
+  if (!rawVault) throw new AccountNotFoundError(vaultAddr.toBase58());
+  if (!rawPolicy) throw new AccountNotFoundError(policyAddr.toBase58());
+  const vault = decodeCreditVault(vaultAddr, rawVault);
+  const policy = decodeSpendPolicy(policyAddr, rawPolicy);
+  guardSpend({
+    vault,
+    policy,
+    service: service.publicKey,
+    amountUsdc,
+    currentSlot
+  });
+  const serviceTokenAccount = getAssociatedTokenAddress(
+    vault.usdc_mint,
+    service.publicKey
+  );
+  const createAtaIx = createAssociatedTokenAccountIdempotentInstruction(
+    agent.publicKey,
+    serviceTokenAccount,
+    service.publicKey,
+    vault.usdc_mint
+  );
+  const agentProfile = agentProfilePda(agent.publicKey);
+  const serviceRegistry = serviceRegistryPda(service.publicKey);
+  const link = agentServiceLinkPda(agentProfile, serviceRegistry);
+  const receipt = receiptUsedPda(args.receiptHash);
+  const spendBuilder = cv.methods.spend(new anchor.BN(amountUsdc)).accounts({
+    agent: agent.publicKey,
+    vault: vaultAddr,
+    policy: policyAddr,
+    vaultTokenAccount: vault.vault_token_account,
+    serviceTokenAccount,
+    tokenProgram: TOKEN_PROGRAM_ID
+  });
+  const recordBuilder = rep.methods.recordPayment(new anchor.BN(amountUsdc), args.receiptHash).accounts({
+    service: service.publicKey,
+    agentProfile,
+    serviceRegistry,
+    agentServiceLink: link,
+    receiptUsed: receipt,
+    systemProgram: web3_js.SystemProgram.programId
+  });
+  const spendIx = await spendBuilder.instruction();
+  const recordIx = await recordBuilder.instruction();
+  const tx = new web3_js.Transaction().add(createAtaIx, spendIx, recordIx);
+  try {
+    const signature = await web3_js.sendAndConfirmTransaction(
+      connection,
+      tx,
+      [agent, service],
+      { commitment: "confirmed" }
+    );
+    return { signature };
+  } catch (err) {
+    throw mapPayError(err, {
+      service: service.publicKey,
+      amountUsdc,
+      vault,
+      policy,
+      receiptHash: args.receiptHash
+    });
+  }
+}
+function mapPayError(err, ctx) {
+  const message = err instanceof Error ? err.message : String(err);
+  if (/already in use/i.test(message)) {
+    return new ReceiptAlreadyRecordedError(ctx.receiptHash);
+  }
+  if (!(err instanceof anchor.AnchorError)) return err;
+  switch (err.error.errorCode.number) {
+    case 6001:
+      return new ZeroAmountError();
+    case 6002:
+      return new VaultFrozenError();
+    case 6003:
+      return new NotWhitelistedError(ctx.service.toBase58());
+    case 6004:
+      return new PerTxLimitExceededError(ctx.amountUsdc, ctx.policy.per_tx_limit_usdc);
+    case 6005:
+      return new HourlyLimitExceededError(
+        ctx.amountUsdc,
+        ctx.policy.hourly_window_spent_usdc,
+        ctx.policy.hourly_limit_usdc
+      );
+    case 6006:
+      return new LifetimeLimitExceededError(
+        ctx.amountUsdc,
+        ctx.vault.total_spent,
+        ctx.policy.lifetime_limit_usdc
+      );
+    // Reputation errors:
+    case 6e3:
+      return new RecordPaymentError("counter overflow on chain");
+    case 6011:
+      return new ServiceInactiveError(ctx.service.toBase58());
+    default:
+      return err;
+  }
+}
+async function requestSpend(args) {
+  const { agent, connection, amountUsdc } = args;
+  const owner = toPubkey(args.owner);
+  const service = toPubkey(args.service);
+  if (amountUsdc <= 0) {
+    throw new Error("requestSpend: amountUsdc must be > 0");
+  }
+  const vaultAddr = vaultPda(owner, agent.publicKey);
+  const provider = buildProvider(connection, agent);
+  const cv = creditVaultProgram(provider);
+  const rawVault = await cv.account.creditVault.fetchNullable(vaultAddr);
+  if (!rawVault) throw new AccountNotFoundError(vaultAddr.toBase58());
+  const vault = decodeCreditVault(vaultAddr, rawVault);
+  const nonce = vault.pending_count;
+  const pendingSpend = pendingSpendPda(vaultAddr, nonce);
+  const serviceTokenAccount = getAssociatedTokenAddress(
+    vault.usdc_mint,
+    service
+  );
+  const signature = await cv.methods.requestSpend(new anchor.BN(amountUsdc)).accounts({
+    agent: agent.publicKey,
+    vault: vaultAddr,
+    serviceTokenAccount,
+    pendingSpend,
+    systemProgram: web3_js.SystemProgram.programId
+  }).signers([agent]).rpc();
+  return { signature, pendingSpend, nonce };
+}
+var NAME_BYTES = 32;
+var URI_BYTES = 128;
+async function registerService(args) {
+  const { sponsor, service, connection } = args;
+  if (args.name.length === 0) {
+    throw new Error("registerService: name must not be empty");
+  }
+  if (Buffer.byteLength(args.name, "utf8") > NAME_BYTES) {
+    throw new Error(
+      `registerService: name exceeds ${NAME_BYTES} bytes (got ${Buffer.byteLength(args.name, "utf8")})`
+    );
+  }
+  const uri = args.serviceUri ?? "";
+  if (Buffer.byteLength(uri, "utf8") > URI_BYTES) {
+    throw new Error(
+      `registerService: serviceUri exceeds ${URI_BYTES} bytes (got ${Buffer.byteLength(uri, "utf8")})`
+    );
+  }
+  const registry = serviceRegistryPda(service.publicKey);
+  const provider = buildProvider(connection, sponsor);
+  const rep = reputationProgram(provider);
+  const signature = await rep.methods.registerService(
+    packFixed(args.name, NAME_BYTES),
+    categoryArg(args.category),
+    packFixed(uri, URI_BYTES)
+  ).accounts({
+    sponsor: sponsor.publicKey,
+    service: service.publicKey,
+    serviceRegistry: registry,
+    systemProgram: web3_js.SystemProgram.programId
+  }).signers([sponsor, service]).rpc();
+  return { signature };
+}
+function packFixed(s, length) {
+  const buf = Buffer.alloc(length);
+  buf.write(s, 0, "utf8");
+  return Array.from(buf);
+}
+function categoryArg(c) {
+  switch (c) {
+    case "DataFeed":
+      return { dataFeed: {} };
+    case "Compute":
+      return { compute: {} };
+    case "Swap":
+      return { swap: {} };
+    case "Rpc":
+      return { rpc: {} };
+    case "Other":
+      return { other: {} };
+  }
+}
+
 // src/client.ts
 var DEFAULT_API_BASE = "http://localhost:8080";
 var AgentFuel = class {
@@ -3204,6 +4072,53 @@ var AgentFuel = class {
       throw mapSpendError(err, { service, amountUsdc, vault, policy });
     }
   }
+  /// Atomic spend + record_payment in one transaction. Use this instead
+  /// of `spend()` + `recordPayment()` when you want the vault burn and
+  /// the reputation accrual to be all-or-nothing. The service keypair
+  /// co-signs.
+  async pay(args) {
+    return pay({
+      agent: this.agent,
+      owner: this.resolveOwner(args.owner),
+      service: args.service,
+      amountUsdc: args.amountUsdc,
+      receiptHash: args.receiptHash,
+      connection: this.connection
+    });
+  }
+  /// Submit an over-limit spend request the owner can approve from the
+  /// mobile app. Returns the `pendingSpend` PDA so the bot can poll for
+  /// resolution.
+  async requestSpend(args) {
+    return requestSpend({
+      agent: this.agent,
+      owner: this.resolveOwner(args.owner),
+      service: args.service,
+      amountUsdc: args.amountUsdc,
+      connection: this.connection
+    });
+  }
+  /// Register a service on chain. The `sponsor` (typically `this.agent`'s
+  /// owner wallet) pays rent; the `service` keypair is the long-lived
+  /// identity that will co-sign every future `record_payment`.
+  async registerService(args) {
+    return registerService({ ...args, connection: this.connection });
+  }
+  /// Triggers an on-chain recomputation of the agent's reputation score.
+  /// Permissionless — any signer can call it; we use the agent itself since
+  /// the SDK already has its keypair available and it already pays tx fees
+  /// for spends. The instruction reads the agent's already-public counters
+  /// (volume, diversity, streak, tenure, feedback), recalculates the score
+  /// to a single u16 ≤ 1000, and emits a `ScoreComputed` event. The webhook
+  /// picks that up; the next `getScore()` returns the fresh value.
+  async computeScore() {
+    const profile = agentProfilePda(this.agentPubkey);
+    const signature = await this.reputation.methods.computeScore().accounts({
+      caller: this.agentPubkey,
+      agentProfile: profile
+    }).signers([this.agent]).rpc();
+    return { signature };
+  }
   onEvent(callback, options) {
     const target = options?.agent ? toPubkey(options.agent) : this.agentPubkey;
     const url = wsUrl(this.apiBase, `/ws/agents/${target.toBase58()}`);
@@ -3248,6 +4163,56 @@ async function safeText(res) {
     return void 0;
   }
 }
+async function recordPayment(args) {
+  const { service, connection, amountUsdc } = args;
+  const agentPubkey = toPubkey(args.agent);
+  if (amountUsdc <= 0) {
+    throw new Error("recordPayment: amountUsdc must be > 0");
+  }
+  if (args.receiptHash.length !== 32) {
+    throw new Error(
+      `recordPayment: receiptHash must be 32 bytes, got ${args.receiptHash.length}`
+    );
+  }
+  const provider = buildProvider(connection, service);
+  const program = reputationProgram(provider);
+  const agentProfile = agentProfilePda(agentPubkey);
+  const serviceRegistry = serviceRegistryPda(service.publicKey);
+  const link = agentServiceLinkPda(agentProfile, serviceRegistry);
+  const receipt = receiptUsedPda(args.receiptHash);
+  try {
+    const signature = await program.methods.recordPayment(new anchor.BN(amountUsdc), args.receiptHash).accounts({
+      service: service.publicKey,
+      agentProfile,
+      serviceRegistry,
+      agentServiceLink: link,
+      receiptUsed: receipt,
+      systemProgram: web3_js.SystemProgram.programId
+    }).signers([service]).rpc();
+    return { signature };
+  } catch (err) {
+    throw mapRecordPaymentError(err, args.receiptHash);
+  }
+}
+function mapRecordPaymentError(err, receiptHash) {
+  const message = err instanceof Error ? err.message : String(err);
+  if (/already in use/i.test(message)) {
+    return new ReceiptAlreadyRecordedError(receiptHash);
+  }
+  if (!(err instanceof anchor.AnchorError)) return err;
+  switch (err.error.errorCode.number) {
+    case 6e3:
+      return new RecordPaymentError("counter overflow on chain");
+    case 6001:
+      return new ServiceInactiveError(
+        err.error.origin?.toString() ?? "<unknown service>"
+      );
+    case 6002:
+      return new ZeroAmountError();
+    default:
+      return err;
+  }
+}
 
 // src/x402.ts
 var HEADER = "X-Payment-Required";
@@ -3346,16 +4311,29 @@ exports.OwnerNotConfiguredError = OwnerNotConfiguredError;
 exports.PROGRAM_IDS = PROGRAM_IDS;
 exports.PaymentParseError = PaymentParseError;
 exports.PerTxLimitExceededError = PerTxLimitExceededError;
+exports.ReceiptAlreadyRecordedError = ReceiptAlreadyRecordedError;
+exports.RecordPaymentError = RecordPaymentError;
 exports.SLOTS_PER_HOUR = SLOTS_PER_HOUR;
+exports.ServiceInactiveError = ServiceInactiveError;
 exports.SpendPolicyError = SpendPolicyError;
 exports.TOKEN_PROGRAM_ID = TOKEN_PROGRAM_ID;
 exports.VaultFrozenError = VaultFrozenError;
 exports.ZeroAmountError = ZeroAmountError;
+exports.agentProfilePda = agentProfilePda;
+exports.agentServiceLinkPda = agentServiceLinkPda;
 exports.createAssociatedTokenAccountIdempotentInstruction = createAssociatedTokenAccountIdempotentInstruction;
 exports.getAssociatedTokenAddress = getAssociatedTokenAddress;
+exports.pay = pay;
 exports.paymentRequired = paymentRequired;
+exports.pendingSpendPda = pendingSpendPda;
 exports.policyPda = policyPda;
+exports.receiptUsedPda = receiptUsedPda;
+exports.recordPayment = recordPayment;
+exports.registerService = registerService;
+exports.requestSpend = requestSpend;
 exports.serviceRegistryPda = serviceRegistryPda;
+exports.subscribeService = subscribeService;
+exports.subscribeVault = subscribeVault;
 exports.vaultPda = vaultPda;
 //# sourceMappingURL=index.cjs.map
 //# sourceMappingURL=index.cjs.map