@agent-shield/sdk 0.1.6 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/README.md +14 -12
  2. package/dist/accounts.d.ts +5 -3
  3. package/dist/accounts.d.ts.map +1 -1
  4. package/dist/accounts.js +23 -4
  5. package/dist/accounts.js.map +1 -1
  6. package/dist/client.d.ts +16 -4
  7. package/dist/client.d.ts.map +1 -1
  8. package/dist/client.js +48 -7
  9. package/dist/client.js.map +1 -1
  10. package/dist/composer.d.ts.map +1 -1
  11. package/dist/composer.js +3 -3
  12. package/dist/composer.js.map +1 -1
  13. package/dist/idl-json.d.ts +655 -24
  14. package/dist/idl-json.d.ts.map +1 -1
  15. package/dist/idl-json.js +1174 -87
  16. package/dist/idl-json.js.map +1 -1
  17. package/dist/idl.d.ts +1283 -196
  18. package/dist/idl.d.ts.map +1 -1
  19. package/dist/index.d.ts +6 -3
  20. package/dist/index.d.ts.map +1 -1
  21. package/dist/index.js +25 -1
  22. package/dist/index.js.map +1 -1
  23. package/dist/instructions.d.ts +604 -61
  24. package/dist/instructions.d.ts.map +1 -1
  25. package/dist/instructions.js +76 -8
  26. package/dist/instructions.js.map +1 -1
  27. package/dist/integrations/flash-trade.d.ts.map +1 -1
  28. package/dist/integrations/flash-trade.js +14 -6
  29. package/dist/integrations/flash-trade.js.map +1 -1
  30. package/dist/integrations/jupiter.d.ts.map +1 -1
  31. package/dist/integrations/jupiter.js +4 -1
  32. package/dist/integrations/jupiter.js.map +1 -1
  33. package/dist/oracle.d.ts +31 -0
  34. package/dist/oracle.d.ts.map +1 -0
  35. package/dist/oracle.js +57 -0
  36. package/dist/oracle.js.map +1 -0
  37. package/dist/rewriter.d.ts +21 -0
  38. package/dist/rewriter.d.ts.map +1 -0
  39. package/dist/rewriter.js +33 -0
  40. package/dist/rewriter.js.map +1 -0
  41. package/dist/types.d.ts +82 -12
  42. package/dist/types.d.ts.map +1 -1
  43. package/dist/types.js +5 -1
  44. package/dist/types.js.map +1 -1
  45. package/dist/wrap.d.ts +60 -0
  46. package/dist/wrap.d.ts.map +1 -0
  47. package/dist/wrap.js +88 -0
  48. package/dist/wrap.js.map +1 -0
  49. package/package.json +9 -11
package/dist/idl-json.js CHANGED
@@ -13,6 +13,349 @@ exports.IDL = {
13
13
  "description": "AI Agent Financial Middleware for Solana - Permission controls, spending limits, and audit infrastructure for autonomous agents"
14
14
  },
15
15
  "instructions": [
16
+ {
17
+ "name": "agent_transfer",
18
+ "docs": [
19
+ "Transfer tokens from the vault to an allowed destination.",
20
+ "Only the agent can call this. Respects destination allowlist,",
21
+ "spending caps, and per-token limits."
22
+ ],
23
+ "discriminator": [
24
+ 199,
25
+ 111,
26
+ 151,
27
+ 49,
28
+ 124,
29
+ 13,
30
+ 150,
31
+ 44
32
+ ],
33
+ "accounts": [
34
+ {
35
+ "name": "agent",
36
+ "writable": true,
37
+ "signer": true
38
+ },
39
+ {
40
+ "name": "vault",
41
+ "writable": true,
42
+ "pda": {
43
+ "seeds": [
44
+ {
45
+ "kind": "const",
46
+ "value": [
47
+ 118,
48
+ 97,
49
+ 117,
50
+ 108,
51
+ 116
52
+ ]
53
+ },
54
+ {
55
+ "kind": "account",
56
+ "path": "vault.owner",
57
+ "account": "AgentVault"
58
+ },
59
+ {
60
+ "kind": "account",
61
+ "path": "vault.vault_id",
62
+ "account": "AgentVault"
63
+ }
64
+ ]
65
+ },
66
+ "relations": [
67
+ "policy",
68
+ "tracker"
69
+ ]
70
+ },
71
+ {
72
+ "name": "policy",
73
+ "pda": {
74
+ "seeds": [
75
+ {
76
+ "kind": "const",
77
+ "value": [
78
+ 112,
79
+ 111,
80
+ 108,
81
+ 105,
82
+ 99,
83
+ 121
84
+ ]
85
+ },
86
+ {
87
+ "kind": "account",
88
+ "path": "vault"
89
+ }
90
+ ]
91
+ }
92
+ },
93
+ {
94
+ "name": "tracker",
95
+ "writable": true,
96
+ "pda": {
97
+ "seeds": [
98
+ {
99
+ "kind": "const",
100
+ "value": [
101
+ 116,
102
+ 114,
103
+ 97,
104
+ 99,
105
+ 107,
106
+ 101,
107
+ 114
108
+ ]
109
+ },
110
+ {
111
+ "kind": "account",
112
+ "path": "vault"
113
+ }
114
+ ]
115
+ }
116
+ },
117
+ {
118
+ "name": "vault_token_account",
119
+ "docs": [
120
+ "Vault's PDA-owned token account (source)"
121
+ ],
122
+ "writable": true
123
+ },
124
+ {
125
+ "name": "destination_token_account",
126
+ "docs": [
127
+ "Destination token account (must be in allowed destinations if configured)"
128
+ ],
129
+ "writable": true
130
+ },
131
+ {
132
+ "name": "fee_destination_token_account",
133
+ "docs": [
134
+ "Developer fee destination token account \u2014 must match vault.fee_destination"
135
+ ],
136
+ "writable": true,
137
+ "optional": true
138
+ },
139
+ {
140
+ "name": "protocol_treasury_token_account",
141
+ "docs": [
142
+ "Protocol treasury token account"
143
+ ],
144
+ "writable": true,
145
+ "optional": true
146
+ },
147
+ {
148
+ "name": "token_program",
149
+ "address": "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA"
150
+ }
151
+ ],
152
+ "args": [
153
+ {
154
+ "name": "amount",
155
+ "type": "u64"
156
+ }
157
+ ]
158
+ },
159
+ {
160
+ "name": "apply_pending_policy",
161
+ "docs": [
162
+ "Apply a queued policy update after the timelock period has expired.",
163
+ "Closes the PendingPolicyUpdate PDA and returns rent to the owner."
164
+ ],
165
+ "discriminator": [
166
+ 114,
167
+ 212,
168
+ 19,
169
+ 227,
170
+ 89,
171
+ 199,
172
+ 74,
173
+ 62
174
+ ],
175
+ "accounts": [
176
+ {
177
+ "name": "owner",
178
+ "writable": true,
179
+ "signer": true,
180
+ "relations": [
181
+ "vault"
182
+ ]
183
+ },
184
+ {
185
+ "name": "vault",
186
+ "pda": {
187
+ "seeds": [
188
+ {
189
+ "kind": "const",
190
+ "value": [
191
+ 118,
192
+ 97,
193
+ 117,
194
+ 108,
195
+ 116
196
+ ]
197
+ },
198
+ {
199
+ "kind": "account",
200
+ "path": "owner"
201
+ },
202
+ {
203
+ "kind": "account",
204
+ "path": "vault.vault_id",
205
+ "account": "AgentVault"
206
+ }
207
+ ]
208
+ },
209
+ "relations": [
210
+ "policy",
211
+ "pending_policy"
212
+ ]
213
+ },
214
+ {
215
+ "name": "policy",
216
+ "writable": true,
217
+ "pda": {
218
+ "seeds": [
219
+ {
220
+ "kind": "const",
221
+ "value": [
222
+ 112,
223
+ 111,
224
+ 108,
225
+ 105,
226
+ 99,
227
+ 121
228
+ ]
229
+ },
230
+ {
231
+ "kind": "account",
232
+ "path": "vault"
233
+ }
234
+ ]
235
+ }
236
+ },
237
+ {
238
+ "name": "pending_policy",
239
+ "writable": true,
240
+ "pda": {
241
+ "seeds": [
242
+ {
243
+ "kind": "const",
244
+ "value": [
245
+ 112,
246
+ 101,
247
+ 110,
248
+ 100,
249
+ 105,
250
+ 110,
251
+ 103,
252
+ 95,
253
+ 112,
254
+ 111,
255
+ 108,
256
+ 105,
257
+ 99,
258
+ 121
259
+ ]
260
+ },
261
+ {
262
+ "kind": "account",
263
+ "path": "vault"
264
+ }
265
+ ]
266
+ }
267
+ }
268
+ ],
269
+ "args": []
270
+ },
271
+ {
272
+ "name": "cancel_pending_policy",
273
+ "docs": [
274
+ "Cancel a queued policy update. Closes the PendingPolicyUpdate PDA",
275
+ "and returns rent to the owner."
276
+ ],
277
+ "discriminator": [
278
+ 153,
279
+ 36,
280
+ 104,
281
+ 200,
282
+ 50,
283
+ 94,
284
+ 207,
285
+ 33
286
+ ],
287
+ "accounts": [
288
+ {
289
+ "name": "owner",
290
+ "writable": true,
291
+ "signer": true,
292
+ "relations": [
293
+ "vault"
294
+ ]
295
+ },
296
+ {
297
+ "name": "vault",
298
+ "pda": {
299
+ "seeds": [
300
+ {
301
+ "kind": "const",
302
+ "value": [
303
+ 118,
304
+ 97,
305
+ 117,
306
+ 108,
307
+ 116
308
+ ]
309
+ },
310
+ {
311
+ "kind": "account",
312
+ "path": "owner"
313
+ },
314
+ {
315
+ "kind": "account",
316
+ "path": "vault.vault_id",
317
+ "account": "AgentVault"
318
+ }
319
+ ]
320
+ },
321
+ "relations": [
322
+ "pending_policy"
323
+ ]
324
+ },
325
+ {
326
+ "name": "pending_policy",
327
+ "writable": true,
328
+ "pda": {
329
+ "seeds": [
330
+ {
331
+ "kind": "const",
332
+ "value": [
333
+ 112,
334
+ 101,
335
+ 110,
336
+ 100,
337
+ 105,
338
+ 110,
339
+ 103,
340
+ 95,
341
+ 112,
342
+ 111,
343
+ 108,
344
+ 105,
345
+ 99,
346
+ 121
347
+ ]
348
+ },
349
+ {
350
+ "kind": "account",
351
+ "path": "vault"
352
+ }
353
+ ]
354
+ }
355
+ }
356
+ ],
357
+ "args": []
358
+ },
16
359
  {
17
360
  "name": "close_vault",
18
361
  "docs": [
@@ -387,7 +730,8 @@ exports.IDL = {
387
730
  "name": "finalize_session",
388
731
  "docs": [
389
732
  "Finalize a session after the DeFi action completes.",
390
- "Closes the SessionAuthority PDA and records the transaction in the audit log.",
733
+ "Revokes token delegation, collects fees, closes the SessionAuthority PDA,",
734
+ "and records the transaction in the audit log.",
391
735
  "Can be called by the agent or permissionlessly (for cleanup of expired sessions)."
392
736
  ],
393
737
  "discriminator": [
@@ -489,7 +833,8 @@ exports.IDL = {
489
833
  "name": "session",
490
834
  "docs": [
491
835
  "Session rent is returned to the session's agent (who paid for it),",
492
- "not the arbitrary payer, to prevent rent theft."
836
+ "not the arbitrary payer, to prevent rent theft.",
837
+ "Seeds include token_mint for per-token concurrent sessions."
493
838
  ],
494
839
  "writable": true,
495
840
  "pda": {
@@ -514,6 +859,11 @@ exports.IDL = {
514
859
  "kind": "account",
515
860
  "path": "session.agent",
516
861
  "account": "SessionAuthority"
862
+ },
863
+ {
864
+ "kind": "account",
865
+ "path": "session.authorized_token",
866
+ "account": "SessionAuthority"
517
867
  }
518
868
  ]
519
869
  }
@@ -528,7 +878,7 @@ exports.IDL = {
528
878
  {
529
879
  "name": "vault_token_account",
530
880
  "docs": [
531
- "Vault's PDA token account for the session's token (fee source)"
881
+ "Vault's PDA token account for the session's token (fee source + delegation revocation)"
532
882
  ],
533
883
  "writable": true,
534
884
  "optional": true
@@ -542,54 +892,216 @@ exports.IDL = {
542
892
  "optional": true
543
893
  },
544
894
  {
545
- "name": "protocol_treasury_token_account",
546
- "docs": [
547
- "Protocol treasury token account \u2014 must be owned by PROTOCOL_TREASURY"
548
- ],
549
- "writable": true,
550
- "optional": true
895
+ "name": "protocol_treasury_token_account",
896
+ "docs": [
897
+ "Protocol treasury token account \u2014 must be owned by PROTOCOL_TREASURY"
898
+ ],
899
+ "writable": true,
900
+ "optional": true
901
+ },
902
+ {
903
+ "name": "token_program",
904
+ "address": "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA"
905
+ },
906
+ {
907
+ "name": "system_program",
908
+ "address": "11111111111111111111111111111111"
909
+ }
910
+ ],
911
+ "args": [
912
+ {
913
+ "name": "success",
914
+ "type": "bool"
915
+ }
916
+ ]
917
+ },
918
+ {
919
+ "name": "initialize_vault",
920
+ "docs": [
921
+ "Initialize a new agent vault with policy configuration.",
922
+ "Only the owner can call this. Creates vault PDA, policy PDA, and spend tracker PDA."
923
+ ],
924
+ "discriminator": [
925
+ 48,
926
+ 191,
927
+ 163,
928
+ 44,
929
+ 71,
930
+ 129,
931
+ 63,
932
+ 164
933
+ ],
934
+ "accounts": [
935
+ {
936
+ "name": "owner",
937
+ "writable": true,
938
+ "signer": true
939
+ },
940
+ {
941
+ "name": "vault",
942
+ "writable": true,
943
+ "pda": {
944
+ "seeds": [
945
+ {
946
+ "kind": "const",
947
+ "value": [
948
+ 118,
949
+ 97,
950
+ 117,
951
+ 108,
952
+ 116
953
+ ]
954
+ },
955
+ {
956
+ "kind": "account",
957
+ "path": "owner"
958
+ },
959
+ {
960
+ "kind": "arg",
961
+ "path": "vault_id"
962
+ }
963
+ ]
964
+ }
965
+ },
966
+ {
967
+ "name": "policy",
968
+ "writable": true,
969
+ "pda": {
970
+ "seeds": [
971
+ {
972
+ "kind": "const",
973
+ "value": [
974
+ 112,
975
+ 111,
976
+ 108,
977
+ 105,
978
+ 99,
979
+ 121
980
+ ]
981
+ },
982
+ {
983
+ "kind": "account",
984
+ "path": "vault"
985
+ }
986
+ ]
987
+ }
988
+ },
989
+ {
990
+ "name": "tracker",
991
+ "writable": true,
992
+ "pda": {
993
+ "seeds": [
994
+ {
995
+ "kind": "const",
996
+ "value": [
997
+ 116,
998
+ 114,
999
+ 97,
1000
+ 99,
1001
+ 107,
1002
+ 101,
1003
+ 114
1004
+ ]
1005
+ },
1006
+ {
1007
+ "kind": "account",
1008
+ "path": "vault"
1009
+ }
1010
+ ]
1011
+ }
1012
+ },
1013
+ {
1014
+ "name": "fee_destination",
1015
+ "docs": [
1016
+ "The protocol treasury that receives fees"
1017
+ ]
1018
+ },
1019
+ {
1020
+ "name": "system_program",
1021
+ "address": "11111111111111111111111111111111"
1022
+ }
1023
+ ],
1024
+ "args": [
1025
+ {
1026
+ "name": "vault_id",
1027
+ "type": "u64"
1028
+ },
1029
+ {
1030
+ "name": "daily_spending_cap_usd",
1031
+ "type": "u64"
1032
+ },
1033
+ {
1034
+ "name": "max_transaction_size_usd",
1035
+ "type": "u64"
1036
+ },
1037
+ {
1038
+ "name": "allowed_tokens",
1039
+ "type": {
1040
+ "vec": {
1041
+ "defined": {
1042
+ "name": "AllowedToken"
1043
+ }
1044
+ }
1045
+ }
1046
+ },
1047
+ {
1048
+ "name": "allowed_protocols",
1049
+ "type": {
1050
+ "vec": "pubkey"
1051
+ }
1052
+ },
1053
+ {
1054
+ "name": "max_leverage_bps",
1055
+ "type": "u16"
551
1056
  },
552
1057
  {
553
- "name": "token_program",
554
- "address": "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA"
1058
+ "name": "max_concurrent_positions",
1059
+ "type": "u8"
555
1060
  },
556
1061
  {
557
- "name": "system_program",
558
- "address": "11111111111111111111111111111111"
559
- }
560
- ],
561
- "args": [
1062
+ "name": "developer_fee_rate",
1063
+ "type": "u16"
1064
+ },
562
1065
  {
563
- "name": "success",
564
- "type": "bool"
1066
+ "name": "timelock_duration",
1067
+ "type": "u64"
1068
+ },
1069
+ {
1070
+ "name": "allowed_destinations",
1071
+ "type": {
1072
+ "vec": "pubkey"
1073
+ }
565
1074
  }
566
1075
  ]
567
1076
  },
568
1077
  {
569
- "name": "initialize_vault",
1078
+ "name": "queue_policy_update",
570
1079
  "docs": [
571
- "Initialize a new agent vault with policy configuration.",
572
- "Only the owner can call this. Creates vault PDA, policy PDA, and spend tracker PDA."
1080
+ "Queue a policy update when timelock is active.",
1081
+ "Creates a PendingPolicyUpdate PDA that becomes executable after",
1082
+ "the timelock period expires."
573
1083
  ],
574
1084
  "discriminator": [
575
- 48,
576
- 191,
577
- 163,
578
- 44,
579
- 71,
580
- 129,
581
- 63,
582
- 164
1085
+ 149,
1086
+ 18,
1087
+ 76,
1088
+ 197,
1089
+ 179,
1090
+ 193,
1091
+ 91,
1092
+ 77
583
1093
  ],
584
1094
  "accounts": [
585
1095
  {
586
1096
  "name": "owner",
587
1097
  "writable": true,
588
- "signer": true
1098
+ "signer": true,
1099
+ "relations": [
1100
+ "vault"
1101
+ ]
589
1102
  },
590
1103
  {
591
1104
  "name": "vault",
592
- "writable": true,
593
1105
  "pda": {
594
1106
  "seeds": [
595
1107
  {
@@ -607,15 +1119,18 @@ exports.IDL = {
607
1119
  "path": "owner"
608
1120
  },
609
1121
  {
610
- "kind": "arg",
611
- "path": "vault_id"
1122
+ "kind": "account",
1123
+ "path": "vault.vault_id",
1124
+ "account": "AgentVault"
612
1125
  }
613
1126
  ]
614
- }
1127
+ },
1128
+ "relations": [
1129
+ "policy"
1130
+ ]
615
1131
  },
616
1132
  {
617
1133
  "name": "policy",
618
- "writable": true,
619
1134
  "pda": {
620
1135
  "seeds": [
621
1136
  {
@@ -637,20 +1152,27 @@ exports.IDL = {
637
1152
  }
638
1153
  },
639
1154
  {
640
- "name": "tracker",
1155
+ "name": "pending_policy",
641
1156
  "writable": true,
642
1157
  "pda": {
643
1158
  "seeds": [
644
1159
  {
645
1160
  "kind": "const",
646
1161
  "value": [
647
- 116,
648
- 114,
649
- 97,
650
- 99,
651
- 107,
1162
+ 112,
652
1163
  101,
653
- 114
1164
+ 110,
1165
+ 100,
1166
+ 105,
1167
+ 110,
1168
+ 103,
1169
+ 95,
1170
+ 112,
1171
+ 111,
1172
+ 108,
1173
+ 105,
1174
+ 99,
1175
+ 121
654
1176
  ]
655
1177
  },
656
1178
  {
@@ -660,12 +1182,6 @@ exports.IDL = {
660
1182
  ]
661
1183
  }
662
1184
  },
663
- {
664
- "name": "fee_destination",
665
- "docs": [
666
- "The protocol treasury that receives fees"
667
- ]
668
- },
669
1185
  {
670
1186
  "name": "system_program",
671
1187
  "address": "11111111111111111111111111111111"
@@ -673,40 +1189,74 @@ exports.IDL = {
673
1189
  ],
674
1190
  "args": [
675
1191
  {
676
- "name": "vault_id",
677
- "type": "u64"
678
- },
679
- {
680
- "name": "daily_spending_cap",
681
- "type": "u64"
1192
+ "name": "daily_spending_cap_usd",
1193
+ "type": {
1194
+ "option": "u64"
1195
+ }
682
1196
  },
683
1197
  {
684
- "name": "max_transaction_size",
685
- "type": "u64"
1198
+ "name": "max_transaction_amount_usd",
1199
+ "type": {
1200
+ "option": "u64"
1201
+ }
686
1202
  },
687
1203
  {
688
1204
  "name": "allowed_tokens",
689
1205
  "type": {
690
- "vec": "pubkey"
1206
+ "option": {
1207
+ "vec": {
1208
+ "defined": {
1209
+ "name": "AllowedToken"
1210
+ }
1211
+ }
1212
+ }
691
1213
  }
692
1214
  },
693
1215
  {
694
1216
  "name": "allowed_protocols",
695
1217
  "type": {
696
- "vec": "pubkey"
1218
+ "option": {
1219
+ "vec": "pubkey"
1220
+ }
697
1221
  }
698
1222
  },
699
1223
  {
700
1224
  "name": "max_leverage_bps",
701
- "type": "u16"
1225
+ "type": {
1226
+ "option": "u16"
1227
+ }
1228
+ },
1229
+ {
1230
+ "name": "can_open_positions",
1231
+ "type": {
1232
+ "option": "bool"
1233
+ }
702
1234
  },
703
1235
  {
704
1236
  "name": "max_concurrent_positions",
705
- "type": "u8"
1237
+ "type": {
1238
+ "option": "u8"
1239
+ }
706
1240
  },
707
1241
  {
708
1242
  "name": "developer_fee_rate",
709
- "type": "u16"
1243
+ "type": {
1244
+ "option": "u16"
1245
+ }
1246
+ },
1247
+ {
1248
+ "name": "timelock_duration",
1249
+ "type": {
1250
+ "option": "u64"
1251
+ }
1252
+ },
1253
+ {
1254
+ "name": "allowed_destinations",
1255
+ "type": {
1256
+ "option": {
1257
+ "vec": "pubkey"
1258
+ }
1259
+ }
710
1260
  }
711
1261
  ]
712
1262
  },
@@ -888,7 +1438,8 @@ exports.IDL = {
888
1438
  "name": "update_policy",
889
1439
  "docs": [
890
1440
  "Update the policy configuration for a vault.",
891
- "Only the owner can call this. Cannot be called by the agent."
1441
+ "Only the owner can call this. Cannot be called by the agent.",
1442
+ "Blocked when timelock_duration > 0 \u2014 use queue_policy_update instead."
892
1443
  ],
893
1444
  "discriminator": [
894
1445
  212,
@@ -963,13 +1514,13 @@ exports.IDL = {
963
1514
  ],
964
1515
  "args": [
965
1516
  {
966
- "name": "daily_spending_cap",
1517
+ "name": "daily_spending_cap_usd",
967
1518
  "type": {
968
1519
  "option": "u64"
969
1520
  }
970
1521
  },
971
1522
  {
972
- "name": "max_transaction_size",
1523
+ "name": "max_transaction_size_usd",
973
1524
  "type": {
974
1525
  "option": "u64"
975
1526
  }
@@ -978,7 +1529,11 @@ exports.IDL = {
978
1529
  "name": "allowed_tokens",
979
1530
  "type": {
980
1531
  "option": {
981
- "vec": "pubkey"
1532
+ "vec": {
1533
+ "defined": {
1534
+ "name": "AllowedToken"
1535
+ }
1536
+ }
982
1537
  }
983
1538
  }
984
1539
  },
@@ -1013,6 +1568,20 @@ exports.IDL = {
1013
1568
  "type": {
1014
1569
  "option": "u16"
1015
1570
  }
1571
+ },
1572
+ {
1573
+ "name": "timelock_duration",
1574
+ "type": {
1575
+ "option": "u64"
1576
+ }
1577
+ },
1578
+ {
1579
+ "name": "allowed_destinations",
1580
+ "type": {
1581
+ "option": {
1582
+ "vec": "pubkey"
1583
+ }
1584
+ }
1016
1585
  }
1017
1586
  ]
1018
1587
  },
@@ -1020,8 +1589,9 @@ exports.IDL = {
1020
1589
  "name": "validate_and_authorize",
1021
1590
  "docs": [
1022
1591
  "Core permission check. Called by the agent before a DeFi action.",
1023
- "Validates the action against all policy constraints.",
1024
- "If approved, creates a SessionAuthority PDA and updates spend tracking.",
1592
+ "Validates the action against all policy constraints (USD caps, per-token caps).",
1593
+ "If approved, creates a SessionAuthority PDA, delegates tokens to agent,",
1594
+ "and updates spend tracking.",
1025
1595
  "If denied, reverts the entire transaction (including subsequent DeFi instructions)."
1026
1596
  ],
1027
1597
  "discriminator": [
@@ -1121,7 +1691,8 @@ exports.IDL = {
1121
1691
  {
1122
1692
  "name": "session",
1123
1693
  "docs": [
1124
- "Ephemeral session PDA \u2014 `init` ensures no double-authorization"
1694
+ "Ephemeral session PDA \u2014 `init` ensures no double-authorization.",
1695
+ "Seeds include token_mint for per-token concurrent sessions."
1125
1696
  ],
1126
1697
  "writable": true,
1127
1698
  "pda": {
@@ -1145,10 +1716,31 @@ exports.IDL = {
1145
1716
  {
1146
1717
  "kind": "account",
1147
1718
  "path": "agent"
1719
+ },
1720
+ {
1721
+ "kind": "arg",
1722
+ "path": "token_mint"
1148
1723
  }
1149
1724
  ]
1150
1725
  }
1151
1726
  },
1727
+ {
1728
+ "name": "vault_token_account",
1729
+ "docs": [
1730
+ "Vault's PDA-owned token account for the spend token (delegation source)"
1731
+ ],
1732
+ "writable": true
1733
+ },
1734
+ {
1735
+ "name": "token_mint_account",
1736
+ "docs": [
1737
+ "The token mint being spent"
1738
+ ]
1739
+ },
1740
+ {
1741
+ "name": "token_program",
1742
+ "address": "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA"
1743
+ },
1152
1744
  {
1153
1745
  "name": "system_program",
1154
1746
  "address": "11111111111111111111111111111111"
@@ -1450,6 +2042,19 @@ exports.IDL = {
1450
2042
  194
1451
2043
  ]
1452
2044
  },
2045
+ {
2046
+ "name": "PendingPolicyUpdate",
2047
+ "discriminator": [
2048
+ 77,
2049
+ 255,
2050
+ 2,
2051
+ 51,
2052
+ 79,
2053
+ 237,
2054
+ 183,
2055
+ 239
2056
+ ]
2057
+ },
1453
2058
  {
1454
2059
  "name": "PolicyConfig",
1455
2060
  "discriminator": [
@@ -1543,6 +2148,32 @@ exports.IDL = {
1543
2148
  116
1544
2149
  ]
1545
2150
  },
2151
+ {
2152
+ "name": "AgentTransferExecuted",
2153
+ "discriminator": [
2154
+ 88,
2155
+ 52,
2156
+ 117,
2157
+ 69,
2158
+ 112,
2159
+ 152,
2160
+ 167,
2161
+ 40
2162
+ ]
2163
+ },
2164
+ {
2165
+ "name": "DelegationRevoked",
2166
+ "discriminator": [
2167
+ 59,
2168
+ 158,
2169
+ 142,
2170
+ 49,
2171
+ 164,
2172
+ 116,
2173
+ 220,
2174
+ 8
2175
+ ]
2176
+ },
1546
2177
  {
1547
2178
  "name": "FeesCollected",
1548
2179
  "discriminator": [
@@ -1582,6 +2213,45 @@ exports.IDL = {
1582
2213
  118
1583
2214
  ]
1584
2215
  },
2216
+ {
2217
+ "name": "PolicyChangeApplied",
2218
+ "discriminator": [
2219
+ 104,
2220
+ 89,
2221
+ 5,
2222
+ 100,
2223
+ 180,
2224
+ 202,
2225
+ 52,
2226
+ 73
2227
+ ]
2228
+ },
2229
+ {
2230
+ "name": "PolicyChangeCancelled",
2231
+ "discriminator": [
2232
+ 200,
2233
+ 158,
2234
+ 226,
2235
+ 255,
2236
+ 25,
2237
+ 211,
2238
+ 30,
2239
+ 151
2240
+ ]
2241
+ },
2242
+ {
2243
+ "name": "PolicyChangeQueued",
2244
+ "discriminator": [
2245
+ 73,
2246
+ 231,
2247
+ 182,
2248
+ 136,
2249
+ 141,
2250
+ 120,
2251
+ 32,
2252
+ 79
2253
+ ]
2254
+ },
1585
2255
  {
1586
2256
  "name": "PolicyUpdated",
1587
2257
  "discriminator": [
@@ -1780,14 +2450,99 @@ exports.IDL = {
1780
2450
  "msg": "Invalid agent: cannot be the zero address"
1781
2451
  },
1782
2452
  {
1783
- "code": 6026,
1784
- "name": "AgentIsOwner",
1785
- "msg": "Invalid agent: agent cannot be the vault owner"
2453
+ "code": 6026,
2454
+ "name": "AgentIsOwner",
2455
+ "msg": "Invalid agent: agent cannot be the vault owner"
2456
+ },
2457
+ {
2458
+ "code": 6027,
2459
+ "name": "Overflow",
2460
+ "msg": "Arithmetic overflow"
2461
+ },
2462
+ {
2463
+ "code": 6028,
2464
+ "name": "DelegationFailed",
2465
+ "msg": "Token delegation approval failed"
2466
+ },
2467
+ {
2468
+ "code": 6029,
2469
+ "name": "RevocationFailed",
2470
+ "msg": "Token delegation revocation failed"
2471
+ },
2472
+ {
2473
+ "code": 6030,
2474
+ "name": "OracleFeedStale",
2475
+ "msg": "Oracle feed value is too stale"
2476
+ },
2477
+ {
2478
+ "code": 6031,
2479
+ "name": "OracleFeedInvalid",
2480
+ "msg": "Cannot parse oracle feed data"
2481
+ },
2482
+ {
2483
+ "code": 6032,
2484
+ "name": "TokenSpendBlocked",
2485
+ "msg": "Unpriced token cannot be spent (receive-only)"
2486
+ },
2487
+ {
2488
+ "code": 6033,
2489
+ "name": "InvalidTokenAccount",
2490
+ "msg": "Token account does not belong to vault or has wrong mint"
2491
+ },
2492
+ {
2493
+ "code": 6034,
2494
+ "name": "OracleAccountMissing",
2495
+ "msg": "Oracle-priced token requires feed account in remaining_accounts"
2496
+ },
2497
+ {
2498
+ "code": 6035,
2499
+ "name": "PerTokenCapExceeded",
2500
+ "msg": "Per-token daily spending cap would be exceeded"
2501
+ },
2502
+ {
2503
+ "code": 6036,
2504
+ "name": "PerTokenTxLimitExceeded",
2505
+ "msg": "Per-token single transaction limit exceeded"
2506
+ },
2507
+ {
2508
+ "code": 6037,
2509
+ "name": "OracleConfidenceTooWide",
2510
+ "msg": "Oracle price confidence interval too wide"
2511
+ },
2512
+ {
2513
+ "code": 6038,
2514
+ "name": "OracleUnsupportedType",
2515
+ "msg": "Oracle account owner is not a recognized oracle program"
2516
+ },
2517
+ {
2518
+ "code": 6039,
2519
+ "name": "OracleNotVerified",
2520
+ "msg": "Pyth price update not fully verified by Wormhole"
2521
+ },
2522
+ {
2523
+ "code": 6040,
2524
+ "name": "TimelockNotExpired",
2525
+ "msg": "Timelock period has not expired yet"
2526
+ },
2527
+ {
2528
+ "code": 6041,
2529
+ "name": "TimelockActive",
2530
+ "msg": "Vault has timelock active \u2014 use queue_policy_update instead"
2531
+ },
2532
+ {
2533
+ "code": 6042,
2534
+ "name": "NoTimelockConfigured",
2535
+ "msg": "No timelock configured on this vault"
1786
2536
  },
1787
2537
  {
1788
- "code": 6027,
1789
- "name": "Overflow",
1790
- "msg": "Arithmetic overflow"
2538
+ "code": 6043,
2539
+ "name": "DestinationNotAllowed",
2540
+ "msg": "Destination not in allowed list"
2541
+ },
2542
+ {
2543
+ "code": 6044,
2544
+ "name": "TooManyDestinations",
2545
+ "msg": "Too many destinations (max 10)"
1791
2546
  }
1792
2547
  ],
1793
2548
  "types": [
@@ -1820,18 +2575,38 @@ exports.IDL = {
1820
2575
  "name": "amount",
1821
2576
  "type": "u64"
1822
2577
  },
2578
+ {
2579
+ "name": "usd_amount",
2580
+ "type": "u64"
2581
+ },
1823
2582
  {
1824
2583
  "name": "protocol",
1825
2584
  "type": "pubkey"
1826
2585
  },
1827
2586
  {
1828
- "name": "rolling_spend_after",
2587
+ "name": "rolling_spend_usd_after",
1829
2588
  "type": "u64"
1830
2589
  },
1831
2590
  {
1832
- "name": "daily_cap",
2591
+ "name": "daily_cap_usd",
1833
2592
  "type": "u64"
1834
2593
  },
2594
+ {
2595
+ "name": "delegated",
2596
+ "type": "bool"
2597
+ },
2598
+ {
2599
+ "name": "oracle_price",
2600
+ "type": {
2601
+ "option": "i128"
2602
+ }
2603
+ },
2604
+ {
2605
+ "name": "oracle_source",
2606
+ "type": {
2607
+ "option": "u8"
2608
+ }
2609
+ },
1835
2610
  {
1836
2611
  "name": "timestamp",
1837
2612
  "type": "i64"
@@ -1891,6 +2666,9 @@ exports.IDL = {
1891
2666
  },
1892
2667
  {
1893
2668
  "name": "Withdraw"
2669
+ },
2670
+ {
2671
+ "name": "Transfer"
1894
2672
  }
1895
2673
  ]
1896
2674
  }
@@ -1935,6 +2713,30 @@ exports.IDL = {
1935
2713
  ]
1936
2714
  }
1937
2715
  },
2716
+ {
2717
+ "name": "AgentTransferExecuted",
2718
+ "type": {
2719
+ "kind": "struct",
2720
+ "fields": [
2721
+ {
2722
+ "name": "vault",
2723
+ "type": "pubkey"
2724
+ },
2725
+ {
2726
+ "name": "destination",
2727
+ "type": "pubkey"
2728
+ },
2729
+ {
2730
+ "name": "amount",
2731
+ "type": "u64"
2732
+ },
2733
+ {
2734
+ "name": "mint",
2735
+ "type": "pubkey"
2736
+ }
2737
+ ]
2738
+ }
2739
+ },
1938
2740
  {
1939
2741
  "name": "AgentVault",
1940
2742
  "type": {
@@ -2027,6 +2829,82 @@ exports.IDL = {
2027
2829
  ]
2028
2830
  }
2029
2831
  },
2832
+ {
2833
+ "name": "AllowedToken",
2834
+ "docs": [
2835
+ "Per-token configuration including oracle feed and per-token caps.",
2836
+ "Replaces the old `Vec<Pubkey>` allowed_tokens with richer metadata.",
2837
+ "",
2838
+ "Oracle feed classification:",
2839
+ "- `Pubkey::default()` = stablecoin (1:1 USD, no oracle needed)",
2840
+ "- `UNPRICED_SENTINEL` ([0xFF; 32]) = unpriced token (receive-only)",
2841
+ "- Any other pubkey = Oracle feed account (Pyth PriceUpdateV2 or Switchboard PullFeed)"
2842
+ ],
2843
+ "type": {
2844
+ "kind": "struct",
2845
+ "fields": [
2846
+ {
2847
+ "name": "mint",
2848
+ "docs": [
2849
+ "Token mint address"
2850
+ ],
2851
+ "type": "pubkey"
2852
+ },
2853
+ {
2854
+ "name": "oracle_feed",
2855
+ "docs": [
2856
+ "Oracle feed account (Pyth PriceUpdateV2 or Switchboard PullFeed) for USD pricing.",
2857
+ "`Pubkey::default()` = stablecoin (1:1 USD).",
2858
+ "`UNPRICED_SENTINEL` = unpriced (receive-only, cannot be spent)."
2859
+ ],
2860
+ "type": "pubkey"
2861
+ },
2862
+ {
2863
+ "name": "decimals",
2864
+ "docs": [
2865
+ "Token decimals (e.g., 6 for USDC, 9 for SOL)"
2866
+ ],
2867
+ "type": "u8"
2868
+ },
2869
+ {
2870
+ "name": "daily_cap_base",
2871
+ "docs": [
2872
+ "Per-token daily cap in base units (0 = no per-token limit,",
2873
+ "only the aggregate USD cap applies)"
2874
+ ],
2875
+ "type": "u64"
2876
+ },
2877
+ {
2878
+ "name": "max_tx_base",
2879
+ "docs": [
2880
+ "Per-token max single transaction in base units",
2881
+ "(0 = no per-token tx limit, only USD tx limit applies)"
2882
+ ],
2883
+ "type": "u64"
2884
+ }
2885
+ ]
2886
+ }
2887
+ },
2888
+ {
2889
+ "name": "DelegationRevoked",
2890
+ "type": {
2891
+ "kind": "struct",
2892
+ "fields": [
2893
+ {
2894
+ "name": "vault",
2895
+ "type": "pubkey"
2896
+ },
2897
+ {
2898
+ "name": "token_account",
2899
+ "type": "pubkey"
2900
+ },
2901
+ {
2902
+ "name": "timestamp",
2903
+ "type": "i64"
2904
+ }
2905
+ ]
2906
+ }
2907
+ },
2030
2908
  {
2031
2909
  "name": "FeesCollected",
2032
2910
  "type": {
@@ -2131,6 +3009,163 @@ exports.IDL = {
2131
3009
  ]
2132
3010
  }
2133
3011
  },
3012
+ {
3013
+ "name": "PendingPolicyUpdate",
3014
+ "docs": [
3015
+ "Queued policy update that becomes executable after a timelock period.",
3016
+ "Created by `queue_policy_update`, applied by `apply_pending_policy`,",
3017
+ "or cancelled by `cancel_pending_policy`.",
3018
+ "",
3019
+ "PDA seeds: `[b\"pending_policy\", vault.key().as_ref()]`"
3020
+ ],
3021
+ "type": {
3022
+ "kind": "struct",
3023
+ "fields": [
3024
+ {
3025
+ "name": "vault",
3026
+ "docs": [
3027
+ "Associated vault pubkey"
3028
+ ],
3029
+ "type": "pubkey"
3030
+ },
3031
+ {
3032
+ "name": "queued_at",
3033
+ "docs": [
3034
+ "Unix timestamp when this update was queued"
3035
+ ],
3036
+ "type": "i64"
3037
+ },
3038
+ {
3039
+ "name": "executes_at",
3040
+ "docs": [
3041
+ "Unix timestamp when this update becomes executable"
3042
+ ],
3043
+ "type": "i64"
3044
+ },
3045
+ {
3046
+ "name": "daily_spending_cap_usd",
3047
+ "type": {
3048
+ "option": "u64"
3049
+ }
3050
+ },
3051
+ {
3052
+ "name": "max_transaction_amount_usd",
3053
+ "type": {
3054
+ "option": "u64"
3055
+ }
3056
+ },
3057
+ {
3058
+ "name": "allowed_tokens",
3059
+ "type": {
3060
+ "option": {
3061
+ "vec": {
3062
+ "defined": {
3063
+ "name": "AllowedToken"
3064
+ }
3065
+ }
3066
+ }
3067
+ }
3068
+ },
3069
+ {
3070
+ "name": "allowed_protocols",
3071
+ "type": {
3072
+ "option": {
3073
+ "vec": "pubkey"
3074
+ }
3075
+ }
3076
+ },
3077
+ {
3078
+ "name": "max_leverage_bps",
3079
+ "type": {
3080
+ "option": "u16"
3081
+ }
3082
+ },
3083
+ {
3084
+ "name": "can_open_positions",
3085
+ "type": {
3086
+ "option": "bool"
3087
+ }
3088
+ },
3089
+ {
3090
+ "name": "max_concurrent_positions",
3091
+ "type": {
3092
+ "option": "u8"
3093
+ }
3094
+ },
3095
+ {
3096
+ "name": "developer_fee_rate",
3097
+ "type": {
3098
+ "option": "u16"
3099
+ }
3100
+ },
3101
+ {
3102
+ "name": "timelock_duration",
3103
+ "type": {
3104
+ "option": "u64"
3105
+ }
3106
+ },
3107
+ {
3108
+ "name": "allowed_destinations",
3109
+ "type": {
3110
+ "option": {
3111
+ "vec": "pubkey"
3112
+ }
3113
+ }
3114
+ },
3115
+ {
3116
+ "name": "bump",
3117
+ "docs": [
3118
+ "Bump seed for PDA"
3119
+ ],
3120
+ "type": "u8"
3121
+ }
3122
+ ]
3123
+ }
3124
+ },
3125
+ {
3126
+ "name": "PolicyChangeApplied",
3127
+ "type": {
3128
+ "kind": "struct",
3129
+ "fields": [
3130
+ {
3131
+ "name": "vault",
3132
+ "type": "pubkey"
3133
+ },
3134
+ {
3135
+ "name": "applied_at",
3136
+ "type": "i64"
3137
+ }
3138
+ ]
3139
+ }
3140
+ },
3141
+ {
3142
+ "name": "PolicyChangeCancelled",
3143
+ "type": {
3144
+ "kind": "struct",
3145
+ "fields": [
3146
+ {
3147
+ "name": "vault",
3148
+ "type": "pubkey"
3149
+ }
3150
+ ]
3151
+ }
3152
+ },
3153
+ {
3154
+ "name": "PolicyChangeQueued",
3155
+ "type": {
3156
+ "kind": "struct",
3157
+ "fields": [
3158
+ {
3159
+ "name": "vault",
3160
+ "type": "pubkey"
3161
+ },
3162
+ {
3163
+ "name": "executes_at",
3164
+ "type": "i64"
3165
+ }
3166
+ ]
3167
+ }
3168
+ },
2134
3169
  {
2135
3170
  "name": "PolicyConfig",
2136
3171
  "type": {
@@ -2144,27 +3179,32 @@ exports.IDL = {
2144
3179
  "type": "pubkey"
2145
3180
  },
2146
3181
  {
2147
- "name": "daily_spending_cap",
3182
+ "name": "daily_spending_cap_usd",
2148
3183
  "docs": [
2149
- "Maximum spend per rolling 24h period (in token base units)"
3184
+ "Maximum aggregate spend per rolling 24h period in USD (6 decimals).",
3185
+ "$500 = 500_000_000. This is the primary spending cap."
2150
3186
  ],
2151
3187
  "type": "u64"
2152
3188
  },
2153
3189
  {
2154
- "name": "max_transaction_size",
3190
+ "name": "max_transaction_size_usd",
2155
3191
  "docs": [
2156
- "Maximum single transaction size (in token base units)"
3192
+ "Maximum single transaction size in USD (6 decimals)."
2157
3193
  ],
2158
3194
  "type": "u64"
2159
3195
  },
2160
3196
  {
2161
3197
  "name": "allowed_tokens",
2162
3198
  "docs": [
2163
- "Allowed token mints the agent can interact with",
2164
- "Bounded to MAX_ALLOWED_TOKENS entries"
3199
+ "Allowed token mints with oracle feeds and per-token caps.",
3200
+ "Bounded to MAX_ALLOWED_TOKENS entries."
2165
3201
  ],
2166
3202
  "type": {
2167
- "vec": "pubkey"
3203
+ "vec": {
3204
+ "defined": {
3205
+ "name": "AllowedToken"
3206
+ }
3207
+ }
2168
3208
  }
2169
3209
  },
2170
3210
  {
@@ -2210,6 +3250,25 @@ exports.IDL = {
2210
3250
  ],
2211
3251
  "type": "u16"
2212
3252
  },
3253
+ {
3254
+ "name": "timelock_duration",
3255
+ "docs": [
3256
+ "Timelock duration in seconds for policy changes. 0 = no timelock",
3257
+ "(immediate updates allowed). When > 0, policy changes must go",
3258
+ "through queue_policy_update \u2192 apply_pending_policy."
3259
+ ],
3260
+ "type": "u64"
3261
+ },
3262
+ {
3263
+ "name": "allowed_destinations",
3264
+ "docs": [
3265
+ "Allowed destination addresses for agent transfers.",
3266
+ "Empty = any destination allowed. Bounded to MAX_ALLOWED_DESTINATIONS."
3267
+ ],
3268
+ "type": {
3269
+ "vec": "pubkey"
3270
+ }
3271
+ },
2213
3272
  {
2214
3273
  "name": "bump",
2215
3274
  "docs": [
@@ -2230,11 +3289,11 @@ exports.IDL = {
2230
3289
  "type": "pubkey"
2231
3290
  },
2232
3291
  {
2233
- "name": "daily_cap",
3292
+ "name": "daily_cap_usd",
2234
3293
  "type": "u64"
2235
3294
  },
2236
3295
  {
2237
- "name": "max_transaction_size",
3296
+ "name": "max_transaction_size_usd",
2238
3297
  "type": "u64"
2239
3298
  },
2240
3299
  {
@@ -2319,6 +3378,21 @@ exports.IDL = {
2319
3378
  ],
2320
3379
  "type": "u64"
2321
3380
  },
3381
+ {
3382
+ "name": "delegated",
3383
+ "docs": [
3384
+ "Whether token delegation was set up (approve CPI)"
3385
+ ],
3386
+ "type": "bool"
3387
+ },
3388
+ {
3389
+ "name": "delegation_token_account",
3390
+ "docs": [
3391
+ "The vault's token account that was delegated to the agent",
3392
+ "(only meaningful when delegated == true)"
3393
+ ],
3394
+ "type": "pubkey"
3395
+ },
2322
3396
  {
2323
3397
  "name": "bump",
2324
3398
  "docs": [
@@ -2360,10 +3434,23 @@ exports.IDL = {
2360
3434
  "fields": [
2361
3435
  {
2362
3436
  "name": "token_mint",
3437
+ "docs": [
3438
+ "Token mint for audit trail"
3439
+ ],
2363
3440
  "type": "pubkey"
2364
3441
  },
2365
3442
  {
2366
- "name": "amount_spent",
3443
+ "name": "usd_amount",
3444
+ "docs": [
3445
+ "USD value of this spend (6 decimals, e.g., $500 = 500_000_000)"
3446
+ ],
3447
+ "type": "u64"
3448
+ },
3449
+ {
3450
+ "name": "base_amount",
3451
+ "docs": [
3452
+ "Original amount in token base units (for per-token cap checks)"
3453
+ ],
2367
3454
  "type": "u64"
2368
3455
  },
2369
3456
  {
@@ -2388,7 +3475,7 @@ exports.IDL = {
2388
3475
  {
2389
3476
  "name": "rolling_spends",
2390
3477
  "docs": [
2391
- "Rolling spend entries: (token_mint, amount, timestamp)",
3478
+ "Rolling spend entries: (token_mint, usd_amount, base_amount, timestamp)",
2392
3479
  "Entries older than ROLLING_WINDOW_SECONDS are pruned on each access"
2393
3480
  ],
2394
3481
  "type": {