@agent-shield/sdk 0.3.1 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +191 -0
- package/README.md +14 -22
- package/dist/idl-json.d.ts +3 -3
- package/dist/idl-json.d.ts.map +1 -1
- package/dist/idl-json.js +2020 -2942
- package/dist/idl-json.js.map +1 -1
- package/dist/idl.d.ts +1403 -2057
- package/dist/idl.d.ts.map +1 -1
- package/dist/index.d.ts +5 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +46 -2
- package/dist/index.js.map +1 -1
- package/dist/instructions.d.ts +893 -893
- package/dist/types.d.ts +2 -2
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +2 -2
- package/dist/types.js.map +1 -1
- package/dist/wrapper/engine.d.ts +17 -0
- package/dist/wrapper/engine.d.ts.map +1 -0
- package/dist/wrapper/engine.js +45 -0
- package/dist/wrapper/engine.js.map +1 -0
- package/dist/wrapper/errors.d.ts +10 -0
- package/dist/wrapper/errors.d.ts.map +1 -0
- package/dist/wrapper/errors.js +20 -0
- package/dist/wrapper/errors.js.map +1 -0
- package/dist/wrapper/harden.d.ts +119 -0
- package/dist/wrapper/harden.d.ts.map +1 -0
- package/dist/wrapper/harden.js +399 -0
- package/dist/wrapper/harden.js.map +1 -0
- package/dist/wrapper/index.d.ts +17 -0
- package/dist/wrapper/index.d.ts.map +1 -0
- package/dist/wrapper/index.js +60 -0
- package/dist/wrapper/index.js.map +1 -0
- package/dist/wrapper/inspector.d.ts +22 -0
- package/dist/wrapper/inspector.d.ts.map +1 -0
- package/dist/wrapper/inspector.js +175 -0
- package/dist/wrapper/inspector.js.map +1 -0
- package/dist/wrapper/policies.d.ts +78 -0
- package/dist/wrapper/policies.d.ts.map +1 -0
- package/dist/wrapper/policies.js +108 -0
- package/dist/wrapper/policies.js.map +1 -0
- package/dist/wrapper/registry.d.ts +24 -0
- package/dist/wrapper/registry.d.ts.map +1 -0
- package/dist/wrapper/registry.js +43 -0
- package/dist/wrapper/registry.js.map +1 -0
- package/dist/wrapper/shield.d.ts +86 -0
- package/dist/wrapper/shield.d.ts.map +1 -0
- package/dist/wrapper/shield.js +226 -0
- package/dist/wrapper/shield.js.map +1 -0
- package/dist/wrapper/state.d.ts +3 -0
- package/dist/wrapper/state.d.ts.map +1 -0
- package/dist/wrapper/state.js +6 -0
- package/dist/wrapper/state.js.map +1 -0
- package/dist/wrapper/x402.d.ts +151 -0
- package/dist/wrapper/x402.d.ts.map +1 -0
- package/dist/wrapper/x402.js +326 -0
- package/dist/wrapper/x402.js.map +1 -0
- package/package.json +15 -11
package/dist/types.d.ts
CHANGED
|
@@ -4,8 +4,8 @@ import type { AgentShield } from "./idl";
|
|
|
4
4
|
export type { AgentShield };
|
|
5
5
|
export declare const AGENT_SHIELD_PROGRAM_ID: PublicKey;
|
|
6
6
|
export declare const FEE_RATE_DENOMINATOR = 1000000;
|
|
7
|
-
export declare const PROTOCOL_FEE_RATE =
|
|
8
|
-
export declare const MAX_DEVELOPER_FEE_RATE =
|
|
7
|
+
export declare const PROTOCOL_FEE_RATE = 200;
|
|
8
|
+
export declare const MAX_DEVELOPER_FEE_RATE = 500;
|
|
9
9
|
export declare const PROTOCOL_TREASURY: PublicKey;
|
|
10
10
|
export declare const USD_DECIMALS = 6;
|
|
11
11
|
export declare const UNPRICED_SENTINEL: PublicKey;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,EAAE,EAAE,MAAM,mBAAmB,CAAC;AACvC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,OAAO,CAAC;AAEzC,YAAY,EAAE,WAAW,EAAE,CAAC;AAE5B,eAAO,MAAM,uBAAuB,WAEnC,CAAC;AAGF,eAAO,MAAM,oBAAoB,UAAY,CAAC;AAC9C,eAAO,MAAM,iBAAiB,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,EAAE,EAAE,MAAM,mBAAmB,CAAC;AACvC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,OAAO,CAAC;AAEzC,YAAY,EAAE,WAAW,EAAE,CAAC;AAE5B,eAAO,MAAM,uBAAuB,WAEnC,CAAC;AAGF,eAAO,MAAM,oBAAoB,UAAY,CAAC;AAC9C,eAAO,MAAM,iBAAiB,MAAM,CAAC;AACrC,eAAO,MAAM,sBAAsB,MAAM,CAAC;AAC1C,eAAO,MAAM,iBAAiB,WAE7B,CAAC;AAGF,eAAO,MAAM,YAAY,IAAI,CAAC;AAG9B,eAAO,MAAM,iBAAiB,WAA+C,CAAC;AAE9E,mEAAmE;AACnE,oBAAY,WAAW;IACrB,2CAA2C;IAC3C,QAAQ,IAAI;IACZ,2CAA2C;IAC3C,GAAG,IAAI;IACP,4CAA4C;IAC5C,GAAG,IAAI;CACR;AAED,0BAA0B;AAC1B,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,aAAa,CAAC;AAElD,qDAAqD;AACrD,MAAM,WAAW,YAAY;IAC3B,yBAAyB;IACzB,IAAI,EAAE,SAAS,CAAC;IAChB;;uDAEmD;IACnD,UAAU,EAAE,SAAS,CAAC;IACtB,mDAAmD;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,iEAAiE;IACjE,YAAY,EAAE,EAAE,CAAC;IACjB,qEAAqE;IACrE,SAAS,EAAE,EAAE,CAAC;CACf;AAED,8CAA8C;AAC9C,MAAM,MAAM,mBAAmB,GAAG,YAAY,GAAG,eAAe,GAAG,UAAU,CAAC;AAG9E,MAAM,MAAM,iBAAiB,GAAG;IAC9B,KAAK,EAAE,SAAS,CAAC;IACjB,KAAK,EAAE,SAAS,CAAC;IACjB,cAAc,EAAE,SAAS,CAAC;IAC1B,OAAO,EAAE,EAAE,CAAC;IACZ,MAAM,EAAE,WAAW,CAAC;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,EAAE,CAAC;IACd,iBAAiB,EAAE,EAAE,CAAC;IACtB,WAAW,EAAE,EAAE,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,EAAE,CAAC;IACvB,WAAW,EACP;QAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;KAAE,GACnC;QAAE,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;KAAE,GAC9B;QAAE,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;KAAE,CAAC;CACpC,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,KAAK,EAAE,SAAS,CAAC;IACjB,mBAAmB,EAAE,EAAE,CAAC;IACxB,qBAAqB,EAAE,EAAE,CAAC;IAC1B,aAAa,EAAE,YAAY,EAAE,CAAC;IAC9B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,EAAE,CAAC;IACrB,mBAAmB,EAAE,SAAS,EAAE,CAAC;IACjC,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG;IACvC,KAAK,EAAE,SAAS,CAAC;IACjB,QAAQ,EAAE,EAAE,CAAC;IACb,UAAU,EAAE,EAAE,CAAC;IACf,mBAAmB,EAAE,EAAE,GAAG,IAAI,CAAC;IAC/B,uBAAuB,EAAE,EAAE,GAAG,IAAI,CAAC;IACnC,aAAa,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;IACrC,gBAAgB,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACrC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,gBAAgB,EAAE,OAAO,GAAG,IAAI,CAAC;IACjC,sBAAsB,EAAE,MAAM,GAAG,IAAI,CAAC;IACtC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,gBAAgB,EAAE,EAAE,GAAG,IAAI,CAAC;IAC5B,mBAAmB,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACxC,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,KAAK,EAAE,SAAS,CAAC;IACjB,WAAW,EACP;QAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;KAAE,GACnC;QAAE,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;KAAE,GAC9B;QAAE,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;KAAE,CAAC;IACnC,eAAe,EAAE,MAAM,CAAC;IACxB,aAAa,EAAE,UAAU,EAAE,CAAC;IAC5B,kBAAkB,EAAE,iBAAiB,EAAE,CAAC;IACxC,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,EAAE,CAAC;IACd,UAAU,EAAE,EAAE,CAAC;IACf,SAAS,EAAE,EAAE,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,SAAS,EAAE,EAAE,CAAC;IACd,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,EAAE,CAAC;IACX,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,EAAE,CAAC;CACV,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACpC,KAAK,EAAE,SAAS,CAAC;IACjB,KAAK,EAAE,SAAS,CAAC;IACjB,UAAU,EAAE,OAAO,CAAC;IACpB,gBAAgB,EAAE,EAAE,CAAC;IACrB,eAAe,EAAE,SAAS,CAAC;IAC3B,kBAAkB,EAAE,SAAS,CAAC;IAC9B,UAAU,EAAE,UAAU,CAAC;IACvB,aAAa,EAAE,EAAE,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,sBAAsB,EAAE,SAAS,CAAC;IAClC,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAGF,MAAM,MAAM,WAAW,GACnB;IAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GACjC;IAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GACjC;IAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,CAAC;AAEtC,MAAM,MAAM,UAAU,GAClB;IAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GAC/B;IAAE,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GACvC;IAAE,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GACxC;IAAE,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GAC3C;IAAE,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GAC3C;IAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GAClC;IAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,GACnC;IAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;CAAE,CAAC;AAGxC,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,EAAE,CAAC;IACZ,mBAAmB,EAAE,EAAE,CAAC;IACxB,qBAAqB,EAAE,EAAE,CAAC;IAC1B,aAAa,EAAE,YAAY,EAAE,CAAC;IAC9B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,SAAS,CAAC;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,gBAAgB,CAAC,EAAE,EAAE,CAAC;IACtB,mBAAmB,CAAC,EAAE,SAAS,EAAE,CAAC;IAClC,oDAAoD;IACpD,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED,MAAM,WAAW,kBAAkB;IACjC,mBAAmB,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC;IAChC,qBAAqB,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC;IAClC,aAAa,CAAC,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;IACtC,gBAAgB,CAAC,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACtC,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,gBAAgB,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;IAClC,sBAAsB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvC,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,gBAAgB,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC;IAC7B,mBAAmB,CAAC,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;CAC1C;AAED,MAAM,WAAW,uBAAuB;IACtC,mBAAmB,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC;IAChC,uBAAuB,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC;IACpC,aAAa,CAAC,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;IACtC,gBAAgB,CAAC,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;IACtC,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,gBAAgB,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;IAClC,sBAAsB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvC,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,gBAAgB,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC;IAC7B,mBAAmB,CAAC,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;CAC1C;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,EAAE,CAAC;IACX,iBAAiB,EAAE,SAAS,CAAC;IAC7B,uBAAuB,EAAE,SAAS,CAAC;IACnC,0BAA0B,CAAC,EAAE,SAAS,GAAG,IAAI,CAAC;IAC9C,4BAA4B,CAAC,EAAE,SAAS,GAAG,IAAI,CAAC;IAChD,iBAAiB,CAAC,EAAE,SAAS,CAAC;CAC/B;AAED,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,EAAE,CAAC;IACX,cAAc,EAAE,SAAS,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7B;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,SAAS,CAAC;IACjB,KAAK,EAAE,SAAS,CAAC;IACjB,OAAO,EAAE,EAAE,CAAC;IACZ,KAAK,EAAE,SAAS,CAAC;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,EAAE,CAAC;IACX,cAAc,EAAE,SAAS,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,wEAAwE;IACxE,gBAAgB,EAAE,OAAO,iBAAiB,EAAE,sBAAsB,EAAE,CAAC;IACrE,sEAAsE;IACtE,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,oFAAoF;IACpF,iBAAiB,EAAE,SAAS,CAAC;IAC7B,8CAA8C;IAC9C,0BAA0B,CAAC,EAAE,SAAS,GAAG,IAAI,CAAC;IAC9C,iEAAiE;IACjE,4BAA4B,CAAC,EAAE,SAAS,GAAG,IAAI,CAAC;IAChD,yEAAyE;IACzE,iBAAiB,CAAC,EAAE,SAAS,CAAC;CAC/B"}
|
package/dist/types.js
CHANGED
|
@@ -5,8 +5,8 @@ const web3_js_1 = require("@solana/web3.js");
|
|
|
5
5
|
exports.AGENT_SHIELD_PROGRAM_ID = new web3_js_1.PublicKey("4ZeVCqnjUgUtFrHHPG7jELUxvJeoVGHhGNgPrhBPwrHL");
|
|
6
6
|
// Fee constants matching on-chain values
|
|
7
7
|
exports.FEE_RATE_DENOMINATOR = 1000000;
|
|
8
|
-
exports.PROTOCOL_FEE_RATE =
|
|
9
|
-
exports.MAX_DEVELOPER_FEE_RATE =
|
|
8
|
+
exports.PROTOCOL_FEE_RATE = 200; // 2 BPS
|
|
9
|
+
exports.MAX_DEVELOPER_FEE_RATE = 500; // 5 BPS
|
|
10
10
|
exports.PROTOCOL_TREASURY = new web3_js_1.PublicKey("ASHie1dFTnDSnrHMPGmniJhMgfJVGPm3rAaEPnrtWDiT");
|
|
11
11
|
// USD decimals (6) — $500 = 500_000_000
|
|
12
12
|
exports.USD_DECIMALS = 6;
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAM/B,QAAA,uBAAuB,GAAG,IAAI,mBAAS,CAClD,8CAA8C,CAC/C,CAAC;AAEF,yCAAyC;AAC5B,QAAA,oBAAoB,GAAG,OAAS,CAAC;AACjC,QAAA,iBAAiB,GAAG,
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAM/B,QAAA,uBAAuB,GAAG,IAAI,mBAAS,CAClD,8CAA8C,CAC/C,CAAC;AAEF,yCAAyC;AAC5B,QAAA,oBAAoB,GAAG,OAAS,CAAC;AACjC,QAAA,iBAAiB,GAAG,GAAG,CAAC,CAAC,QAAQ;AACjC,QAAA,sBAAsB,GAAG,GAAG,CAAC,CAAC,QAAQ;AACtC,QAAA,iBAAiB,GAAG,IAAI,mBAAS,CAC5C,8CAA8C,CAC/C,CAAC;AAEF,wCAAwC;AAC3B,QAAA,YAAY,GAAG,CAAC,CAAC;AAE9B,+DAA+D;AAClD,QAAA,iBAAiB,GAAG,IAAI,mBAAS,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAE9E,mEAAmE;AACnE,IAAY,WAOX;AAPD,WAAY,WAAW;IACrB,2CAA2C;IAC3C,qDAAY,CAAA;IACZ,2CAA2C;IAC3C,2CAAO,CAAA;IACP,4CAA4C;IAC5C,2CAAO,CAAA;AACT,CAAC,EAPW,WAAW,2BAAX,WAAW,QAOtB"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import type { PolicyViolation } from "@agent-shield/core";
|
|
2
|
+
import { ResolvedPolicies, TransactionAnalysis } from "./policies";
|
|
3
|
+
import { ShieldState } from "./state";
|
|
4
|
+
/**
|
|
5
|
+
* Evaluate a transaction against resolved policies and current state.
|
|
6
|
+
* Returns an array of violations (empty = transaction allowed).
|
|
7
|
+
*/
|
|
8
|
+
export declare function evaluatePolicy(analysis: TransactionAnalysis, policies: ResolvedPolicies, state: ShieldState): PolicyViolation[];
|
|
9
|
+
/**
|
|
10
|
+
* Evaluate policies and throw ShieldDeniedError if any violations found.
|
|
11
|
+
*/
|
|
12
|
+
export declare function enforcePolicy(analysis: TransactionAnalysis, policies: ResolvedPolicies, state: ShieldState): void;
|
|
13
|
+
/**
|
|
14
|
+
* After a transaction is signed, record the spend and transaction in state.
|
|
15
|
+
*/
|
|
16
|
+
export declare function recordTransaction(analysis: TransactionAnalysis, state: ShieldState): void;
|
|
17
|
+
//# sourceMappingURL=engine.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/wrapper/engine.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAE1D,OAAO,EACL,gBAAgB,EAChB,mBAAmB,EAEpB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEtC;;;GAGG;AACH,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,mBAAmB,EAC7B,QAAQ,EAAE,gBAAgB,EAC1B,KAAK,EAAE,WAAW,GACjB,eAAe,EAAE,CAiBnB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,QAAQ,EAAE,mBAAmB,EAC7B,QAAQ,EAAE,gBAAgB,EAC1B,KAAK,EAAE,WAAW,GACjB,IAAI,CAKN;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,mBAAmB,EAC7B,KAAK,EAAE,WAAW,GACjB,IAAI,CAGN"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.evaluatePolicy = evaluatePolicy;
|
|
4
|
+
exports.enforcePolicy = enforcePolicy;
|
|
5
|
+
exports.recordTransaction = recordTransaction;
|
|
6
|
+
const core_1 = require("@agent-shield/core");
|
|
7
|
+
const errors_1 = require("./errors");
|
|
8
|
+
const policies_1 = require("./policies");
|
|
9
|
+
/**
|
|
10
|
+
* Evaluate a transaction against resolved policies and current state.
|
|
11
|
+
* Returns an array of violations (empty = transaction allowed).
|
|
12
|
+
*/
|
|
13
|
+
function evaluatePolicy(analysis, policies, state) {
|
|
14
|
+
const coreAnalysis = (0, policies_1.toCoreAnalysis)(analysis);
|
|
15
|
+
const violations = (0, core_1.evaluatePolicy)(coreAnalysis, policies, state);
|
|
16
|
+
// Handle wrapper-specific customCheck (receives PublicKey-based analysis)
|
|
17
|
+
if (policies.customCheck) {
|
|
18
|
+
const result = policies.customCheck(analysis);
|
|
19
|
+
if (!result.allowed) {
|
|
20
|
+
violations.push({
|
|
21
|
+
rule: "unknown_program",
|
|
22
|
+
message: result.reason ?? "Blocked by custom policy check",
|
|
23
|
+
suggestion: "Review the custom policy configuration.",
|
|
24
|
+
});
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
return violations;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Evaluate policies and throw ShieldDeniedError if any violations found.
|
|
31
|
+
*/
|
|
32
|
+
function enforcePolicy(analysis, policies, state) {
|
|
33
|
+
const violations = evaluatePolicy(analysis, policies, state);
|
|
34
|
+
if (violations.length > 0) {
|
|
35
|
+
throw new errors_1.ShieldDeniedError(violations);
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* After a transaction is signed, record the spend and transaction in state.
|
|
40
|
+
*/
|
|
41
|
+
function recordTransaction(analysis, state) {
|
|
42
|
+
const coreAnalysis = (0, policies_1.toCoreAnalysis)(analysis);
|
|
43
|
+
(0, core_1.recordTransaction)(coreAnalysis, state);
|
|
44
|
+
}
|
|
45
|
+
//# sourceMappingURL=engine.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../src/wrapper/engine.ts"],"names":[],"mappings":";;AAiBA,wCAqBC;AAKD,sCASC;AAKD,8CAMC;AA/DD,6CAG4B;AAE5B,qCAA6C;AAC7C,yCAIoB;AAGpB;;;GAGG;AACH,SAAgB,cAAc,CAC5B,QAA6B,EAC7B,QAA0B,EAC1B,KAAkB;IAElB,MAAM,YAAY,GAAG,IAAA,yBAAc,EAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,UAAU,GAAG,IAAA,qBAAkB,EAAC,YAAY,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IAErE,0EAA0E;IAC1E,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,MAAM,CAAC,MAAM,IAAI,gCAAgC;gBAC1D,UAAU,EAAE,yCAAyC;aACtD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAC3B,QAA6B,EAC7B,QAA0B,EAC1B,KAAkB;IAElB,MAAM,UAAU,GAAG,cAAc,CAAC,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC7D,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,0BAAiB,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAC/B,QAA6B,EAC7B,KAAkB;IAElB,MAAM,YAAY,GAAG,IAAA,yBAAc,EAAC,QAAQ,CAAC,CAAC;IAC9C,IAAA,wBAAqB,EAAC,YAAY,EAAE,KAAK,CAAC,CAAC;AAC7C,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
export { ShieldDeniedError, ShieldConfigError } from "@agent-shield/core";
|
|
2
|
+
export type { PolicyViolation } from "@agent-shield/core";
|
|
3
|
+
/**
|
|
4
|
+
* Thrown when harden() or withVault() is called without a TEE wallet
|
|
5
|
+
* and unsafeSkipTeeCheck is not set to true.
|
|
6
|
+
*/
|
|
7
|
+
export declare class TeeRequiredError extends Error {
|
|
8
|
+
constructor();
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=errors.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/wrapper/errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,YAAY,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAE1D;;;GAGG;AACH,qBAAa,gBAAiB,SAAQ,KAAK;;CAS1C"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.TeeRequiredError = exports.ShieldConfigError = exports.ShieldDeniedError = void 0;
|
|
4
|
+
var core_1 = require("@agent-shield/core");
|
|
5
|
+
Object.defineProperty(exports, "ShieldDeniedError", { enumerable: true, get: function () { return core_1.ShieldDeniedError; } });
|
|
6
|
+
Object.defineProperty(exports, "ShieldConfigError", { enumerable: true, get: function () { return core_1.ShieldConfigError; } });
|
|
7
|
+
/**
|
|
8
|
+
* Thrown when harden() or withVault() is called without a TEE wallet
|
|
9
|
+
* and unsafeSkipTeeCheck is not set to true.
|
|
10
|
+
*/
|
|
11
|
+
class TeeRequiredError extends Error {
|
|
12
|
+
constructor() {
|
|
13
|
+
super("TEE wallet required. AgentShield requires a TEE-backed wallet (Crossmint, Turnkey, or Privy) " +
|
|
14
|
+
"for production use. Pass a TeeWallet, set teeProvider in options, or set " +
|
|
15
|
+
"unsafeSkipTeeCheck: true for devnet testing only.");
|
|
16
|
+
this.name = "TeeRequiredError";
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
exports.TeeRequiredError = TeeRequiredError;
|
|
20
|
+
//# sourceMappingURL=errors.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/wrapper/errors.ts"],"names":[],"mappings":";;;AAAA,2CAA0E;AAAjE,yGAAA,iBAAiB,OAAA;AAAE,yGAAA,iBAAiB,OAAA;AAG7C;;;GAGG;AACH,MAAa,gBAAiB,SAAQ,KAAK;IACzC;QACE,KAAK,CACH,+FAA+F;YAC7F,2EAA2E;YAC3E,mDAAmD,CACtD,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF;AATD,4CASC"}
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
import { PublicKey, Connection, Keypair } from "@solana/web3.js";
|
|
2
|
+
import { ShieldedWallet, WalletLike } from "./shield";
|
|
3
|
+
import { ResolvedPolicies } from "./policies";
|
|
4
|
+
import type { ShieldPolicies } from "./policies";
|
|
5
|
+
/**
|
|
6
|
+
* Configuration for hardening a shielded wallet to on-chain enforcement.
|
|
7
|
+
*/
|
|
8
|
+
export interface HardenOptions {
|
|
9
|
+
/** Solana RPC connection */
|
|
10
|
+
connection: Connection;
|
|
11
|
+
/** Owner wallet — vault administrator. Auto-generates a Keypair if omitted. */
|
|
12
|
+
ownerWallet?: WalletLike;
|
|
13
|
+
/** Vault ID (auto-incremented if not provided) */
|
|
14
|
+
vaultId?: number;
|
|
15
|
+
/** Fee destination for the vault */
|
|
16
|
+
feeDestination?: PublicKey;
|
|
17
|
+
/** Developer fee rate (0-500, maps to on-chain rate). Default: 0 */
|
|
18
|
+
developerFeeRate?: number;
|
|
19
|
+
/** Override program ID (for devnet/testing) */
|
|
20
|
+
programId?: PublicKey;
|
|
21
|
+
/** Maximum leverage in basis points. Default: 0 */
|
|
22
|
+
maxLeverageBps?: number;
|
|
23
|
+
/** Maximum concurrent positions. Default: 5 */
|
|
24
|
+
maxConcurrentPositions?: number;
|
|
25
|
+
/** Skip TEE wallet requirement — devnet testing only. Default: false */
|
|
26
|
+
unsafeSkipTeeCheck?: boolean;
|
|
27
|
+
/** Auto-provision a TEE wallet from a custody provider */
|
|
28
|
+
teeProvider?: "crossmint" | "turnkey" | "privy";
|
|
29
|
+
}
|
|
30
|
+
/**
|
|
31
|
+
* Result of hardening a shielded wallet.
|
|
32
|
+
*/
|
|
33
|
+
export interface HardenResult {
|
|
34
|
+
/** Hardened wallet with dual enforcement (client-side + on-chain) */
|
|
35
|
+
wallet: ShieldedWallet;
|
|
36
|
+
/** The owner keypair, only set if ownerWallet was NOT provided */
|
|
37
|
+
ownerKeypair?: Keypair;
|
|
38
|
+
/** The vault PDA address */
|
|
39
|
+
vaultAddress: PublicKey;
|
|
40
|
+
/** The vault ID used */
|
|
41
|
+
vaultId: number;
|
|
42
|
+
/** The policy PDA address */
|
|
43
|
+
policyAddress: PublicKey;
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Map resolved client-side policies to on-chain InitializeVaultParams.
|
|
47
|
+
*
|
|
48
|
+
* Multiple per-token SpendLimits collapse to the largest value as the
|
|
49
|
+
* on-chain dailySpendingCap (conservative ceiling). Per-token granularity
|
|
50
|
+
* is enforced client-side. Fields with no on-chain equivalent
|
|
51
|
+
* (blockUnknownPrograms, rateLimit, customCheck) stay client-side only.
|
|
52
|
+
*/
|
|
53
|
+
export declare function mapPoliciesToVaultParams(resolved: ResolvedPolicies, vaultId: number, feeDestination: PublicKey, opts?: {
|
|
54
|
+
developerFeeRate?: number;
|
|
55
|
+
maxLeverageBps?: number;
|
|
56
|
+
maxConcurrentPositions?: number;
|
|
57
|
+
}): {
|
|
58
|
+
vaultId: any;
|
|
59
|
+
dailySpendingCap: bigint;
|
|
60
|
+
maxTransactionSize: bigint;
|
|
61
|
+
allowedTokens: PublicKey[];
|
|
62
|
+
allowedProtocols: PublicKey[];
|
|
63
|
+
maxLeverageBps: number;
|
|
64
|
+
maxConcurrentPositions: number;
|
|
65
|
+
feeDestination: PublicKey;
|
|
66
|
+
developerFeeRate: number;
|
|
67
|
+
};
|
|
68
|
+
/**
|
|
69
|
+
* Probe vault PDAs starting from 0 to find the next available vault ID.
|
|
70
|
+
* Returns 0 for a new owner, or the first unused ID.
|
|
71
|
+
*/
|
|
72
|
+
export declare function findNextVaultId(connection: Connection, ownerPubkey: PublicKey, programId?: PublicKey): Promise<number>;
|
|
73
|
+
/**
|
|
74
|
+
* Harden a shielded wallet with on-chain vault enforcement.
|
|
75
|
+
*
|
|
76
|
+
* Creates an on-chain AgentShield vault, registers the wallet as an agent,
|
|
77
|
+
* and configures policies matching the wrapper config. Requires a TEE-backed
|
|
78
|
+
* wallet unless unsafeSkipTeeCheck is set (devnet only).
|
|
79
|
+
*
|
|
80
|
+
* @example
|
|
81
|
+
* ```typescript
|
|
82
|
+
* import { withVault } from '@agent-shield/sdk';
|
|
83
|
+
*
|
|
84
|
+
* const result = await withVault(teeWallet, { maxSpend: '500 USDC/day' }, {
|
|
85
|
+
* connection,
|
|
86
|
+
* });
|
|
87
|
+
* // result.wallet is ready with full on-chain enforcement
|
|
88
|
+
* ```
|
|
89
|
+
*/
|
|
90
|
+
export declare function harden(shieldedWallet: ShieldedWallet, options: HardenOptions): Promise<HardenResult>;
|
|
91
|
+
/**
|
|
92
|
+
* The primary developer-facing function. Wraps a wallet with client-side policy
|
|
93
|
+
* enforcement and hardens it to on-chain vault enforcement in one call.
|
|
94
|
+
*
|
|
95
|
+
* One call = full protection: client-side fast deny + on-chain vault enforcement.
|
|
96
|
+
*
|
|
97
|
+
* @example
|
|
98
|
+
* ```typescript
|
|
99
|
+
* import { withVault } from '@agent-shield/sdk';
|
|
100
|
+
*
|
|
101
|
+
* // Simplest path: bring your TEE wallet
|
|
102
|
+
* const result = await withVault(teeWallet, { maxSpend: '500 USDC/day' }, {
|
|
103
|
+
* connection,
|
|
104
|
+
* });
|
|
105
|
+
*
|
|
106
|
+
* // Devnet testing (no TEE required)
|
|
107
|
+
* const result = await withVault(wallet, { maxSpend: '500 USDC/day' }, {
|
|
108
|
+
* connection,
|
|
109
|
+
* unsafeSkipTeeCheck: true,
|
|
110
|
+
* });
|
|
111
|
+
* ```
|
|
112
|
+
*/
|
|
113
|
+
export declare function withVault(wallet: WalletLike, policies: ShieldPolicies | undefined, options: HardenOptions): Promise<HardenResult>;
|
|
114
|
+
/**
|
|
115
|
+
* Public API for client-side-only shielding (no on-chain vault).
|
|
116
|
+
* For most users, prefer withVault() for full enforcement.
|
|
117
|
+
*/
|
|
118
|
+
export declare function shieldWallet(wallet: WalletLike, policies?: ShieldPolicies, options?: import("./shield").ShieldOptions): ShieldedWallet;
|
|
119
|
+
//# sourceMappingURL=harden.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"harden.d.ts","sourceRoot":"","sources":["../../src/wrapper/harden.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,SAAS,EACT,UAAU,EACV,OAAO,EAMR,MAAM,iBAAiB,CAAC;AAMzB,OAAO,EAAE,cAAc,EAAE,UAAU,EAAe,MAAM,UAAU,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAuB,MAAM,YAAY,CAAC;AAWnE,OAAO,KAAK,EAAE,cAAc,EAAmB,MAAM,YAAY,CAAC;AAMlE;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,4BAA4B;IAC5B,UAAU,EAAE,UAAU,CAAC;IACvB,+EAA+E;IAC/E,WAAW,CAAC,EAAE,UAAU,CAAC;IACzB,kDAAkD;IAClD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oCAAoC;IACpC,cAAc,CAAC,EAAE,SAAS,CAAC;IAC3B,oEAAoE;IACpE,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,+CAA+C;IAC/C,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,mDAAmD;IACnD,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+CAA+C;IAC/C,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,wEAAwE;IACxE,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,0DAA0D;IAC1D,WAAW,CAAC,EAAE,WAAW,GAAG,SAAS,GAAG,OAAO,CAAC;CACjD;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,qEAAqE;IACrE,MAAM,EAAE,cAAc,CAAC;IACvB,kEAAkE;IAClE,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,4BAA4B;IAC5B,YAAY,EAAE,SAAS,CAAC;IACxB,wBAAwB;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,6BAA6B;IAC7B,aAAa,EAAE,SAAS,CAAC;CAC1B;AAED;;;;;;;GAOG;AACH,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,gBAAgB,EAC1B,OAAO,EAAE,MAAM,EACf,cAAc,EAAE,SAAS,EACzB,IAAI,CAAC,EAAE;IACL,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC,GACA;IACD,OAAO,EAAE,GAAG,CAAC;IACb,gBAAgB,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,SAAS,EAAE,CAAC;IAC3B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,SAAS,CAAC;IAC1B,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CA+CA;AAED;;;GAGG;AACH,wBAAsB,eAAe,CACnC,UAAU,EAAE,UAAU,EACtB,WAAW,EAAE,SAAS,EACtB,SAAS,CAAC,EAAE,SAAS,GACpB,OAAO,CAAC,MAAM,CAAC,CASjB;AA6PD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,MAAM,CAC1B,cAAc,EAAE,cAAc,EAC9B,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,YAAY,CAAC,CA8HvB;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,SAAS,CAC7B,MAAM,EAAE,UAAU,EAClB,QAAQ,EAAE,cAAc,GAAG,SAAS,EACpC,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,YAAY,CAAC,CAGvB;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAC1B,MAAM,EAAE,UAAU,EAClB,QAAQ,CAAC,EAAE,cAAc,EACzB,OAAO,CAAC,EAAE,OAAO,UAAU,EAAE,aAAa,GACzC,cAAc,CAEhB"}
|