npm - @agent-shield/sdk - Versions diffs - 0.3.1 → 0.5.1 - Mend

@agent-shield/sdk 0.3.1 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (58) hide show

package/LICENSE +191 -0
package/README.md +14 -22
package/dist/idl-json.d.ts +3 -3
package/dist/idl-json.d.ts.map +1 -1
package/dist/idl-json.js +2020 -2942
package/dist/idl-json.js.map +1 -1
package/dist/idl.d.ts +1403 -2057
package/dist/idl.d.ts.map +1 -1
package/dist/index.d.ts +5 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +46 -2
package/dist/index.js.map +1 -1
package/dist/instructions.d.ts +893 -893
package/dist/types.d.ts +2 -2
package/dist/types.d.ts.map +1 -1
package/dist/types.js +2 -2
package/dist/types.js.map +1 -1
package/dist/wrapper/engine.d.ts +17 -0
package/dist/wrapper/engine.d.ts.map +1 -0
package/dist/wrapper/engine.js +45 -0
package/dist/wrapper/engine.js.map +1 -0
package/dist/wrapper/errors.d.ts +10 -0
package/dist/wrapper/errors.d.ts.map +1 -0
package/dist/wrapper/errors.js +20 -0
package/dist/wrapper/errors.js.map +1 -0
package/dist/wrapper/harden.d.ts +119 -0
package/dist/wrapper/harden.d.ts.map +1 -0
package/dist/wrapper/harden.js +399 -0
package/dist/wrapper/harden.js.map +1 -0
package/dist/wrapper/index.d.ts +17 -0
package/dist/wrapper/index.d.ts.map +1 -0
package/dist/wrapper/index.js +60 -0
package/dist/wrapper/index.js.map +1 -0
package/dist/wrapper/inspector.d.ts +22 -0
package/dist/wrapper/inspector.d.ts.map +1 -0
package/dist/wrapper/inspector.js +175 -0
package/dist/wrapper/inspector.js.map +1 -0
package/dist/wrapper/policies.d.ts +78 -0
package/dist/wrapper/policies.d.ts.map +1 -0
package/dist/wrapper/policies.js +108 -0
package/dist/wrapper/policies.js.map +1 -0
package/dist/wrapper/registry.d.ts +24 -0
package/dist/wrapper/registry.d.ts.map +1 -0
package/dist/wrapper/registry.js +43 -0
package/dist/wrapper/registry.js.map +1 -0
package/dist/wrapper/shield.d.ts +86 -0
package/dist/wrapper/shield.d.ts.map +1 -0
package/dist/wrapper/shield.js +226 -0
package/dist/wrapper/shield.js.map +1 -0
package/dist/wrapper/state.d.ts +3 -0
package/dist/wrapper/state.d.ts.map +1 -0
package/dist/wrapper/state.js +6 -0
package/dist/wrapper/state.js.map +1 -0
package/dist/wrapper/x402.d.ts +151 -0
package/dist/wrapper/x402.d.ts.map +1 -0
package/dist/wrapper/x402.js +326 -0
package/dist/wrapper/x402.js.map +1 -0
package/package.json +15 -11

package/dist/wrapper/inspector.js ADDED Viewed

@@ -0,0 +1,175 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.analyzeTransaction = analyzeTransaction;
+exports.extractInstructions = extractInstructions;
+exports.resolveTransactionAddressLookupTables = resolveTransactionAddressLookupTables;
+exports.getNonSystemProgramIds = getNonSystemProgramIds;
+const web3_js_1 = require("@solana/web3.js");
+const spl_token_1 = require("@solana/spl-token");
+const registry_1 = require("./registry");
+/** SPL Token instruction discriminators */
+const SPL_TRANSFER_DISCRIMINATOR = 3;
+const SPL_TRANSFER_CHECKED_DISCRIMINATOR = 12;
+/** Token 2022 program ID */
+const TOKEN_2022_PROGRAM_ID = new web3_js_1.PublicKey("TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb");
+/**
+ * Analyze a transaction to extract program IDs, token transfers, and estimated value.
+ * Works with both legacy Transaction and VersionedTransaction.
+ */
+function analyzeTransaction(tx, signerPubkey, addressLookupTableAccounts) {
+    const instructions = extractInstructions(tx, addressLookupTableAccounts);
+    const programIds = [];
+    const transfers = [];
+    const seenPrograms = new Set();
+    for (const ix of instructions) {
+        const programKey = ix.programId.toBase58();
+        if (!seenPrograms.has(programKey)) {
+            seenPrograms.add(programKey);
+            programIds.push(ix.programId);
+        }
+        // Detect SPL token transfers
+        if (isTokenProgram(ix.programId)) {
+            const transfer = parseTokenTransfer(ix, signerPubkey);
+            if (transfer) {
+                transfers.push(transfer);
+            }
+        }
+    }
+    // Sum outgoing transfer amounts as estimated value
+    const estimatedValueLamports = transfers
+        .filter((t) => t.direction === "outgoing")
+        .reduce((sum, t) => sum + t.amount, BigInt(0));
+    return { programIds, transfers, estimatedValueLamports };
+}
+/**
+ * Extract instructions from either Transaction or VersionedTransaction.
+ */
+function extractInstructions(tx, addressLookupTableAccounts) {
+    if (tx instanceof web3_js_1.Transaction) {
+        return tx.instructions;
+    }
+    // VersionedTransaction — need to resolve from compiled message
+    return extractFromVersionedMessage(tx.message, addressLookupTableAccounts);
+}
+/**
+ * Extract TransactionInstruction-like objects from a VersionedMessage.
+ * When addressLookupTableAccounts are provided, resolves account keys
+ * referenced through Address Lookup Tables (ALTs) in V0 messages.
+ */
+function extractFromVersionedMessage(message, addressLookupTableAccounts) {
+    // MessageV0 (version === 0) supports ALT resolution via
+    // getAccountKeys({ addressLookupTableAccounts }).
+    // Legacy Message (version === 'legacy') does not accept ALT args.
+    const accountKeys = addressLookupTableAccounts?.length && message.version === 0
+        ? message.getAccountKeys({ addressLookupTableAccounts })
+        : message.getAccountKeys();
+    const instructions = [];
+    for (const compiled of message.compiledInstructions) {
+        const programId = accountKeys.get(compiled.programIdIndex);
+        if (!programId)
+            continue;
+        const keys = compiled.accountKeyIndexes.map((idx) => ({
+            pubkey: accountKeys.get(idx) ?? web3_js_1.PublicKey.default,
+            isSigner: message.isAccountSigner(idx),
+            isWritable: message.isAccountWritable(idx),
+        }));
+        instructions.push(new web3_js_1.TransactionInstruction({
+            programId,
+            keys,
+            data: Buffer.from(compiled.data),
+        }));
+    }
+    return instructions;
+}
+/**
+ * Resolve Address Lookup Table accounts for a VersionedTransaction.
+ * Returns empty array if the transaction has no ALT references.
+ */
+async function resolveTransactionAddressLookupTables(tx, connection) {
+    const lookups = tx.message.addressTableLookups;
+    if (!lookups || lookups.length === 0)
+        return [];
+    const results = await Promise.all(lookups.map((lookup) => connection.getAddressLookupTable(lookup.accountKey)));
+    return results
+        .filter((r) => r.value !== null)
+        .map((r) => r.value);
+}
+/**
+ * Check if a program ID is a token program (SPL Token or Token 2022).
+ */
+function isTokenProgram(programId) {
+    return (programId.equals(spl_token_1.TOKEN_PROGRAM_ID) ||
+        programId.equals(TOKEN_2022_PROGRAM_ID));
+}
+/**
+ * Parse an SPL Token transfer instruction to extract amount and direction.
+ * Handles both Transfer (discriminator 3) and TransferChecked (discriminator 12).
+ */
+function parseTokenTransfer(ix, signerPubkey) {
+    if (ix.data.length < 1)
+        return null;
+    const discriminator = ix.data[0];
+    if (discriminator === SPL_TRANSFER_DISCRIMINATOR) {
+        return parseTransfer(ix, signerPubkey);
+    }
+    if (discriminator === SPL_TRANSFER_CHECKED_DISCRIMINATOR) {
+        return parseTransferChecked(ix, signerPubkey);
+    }
+    return null;
+}
+/**
+ * Parse SPL Token Transfer instruction.
+ * Layout: [1 byte disc][8 bytes amount LE]
+ * Accounts: [source, destination, authority]
+ */
+function parseTransfer(ix, signerPubkey) {
+    if (ix.data.length < 9 || ix.keys.length < 3)
+        return null;
+    const amount = readU64LE(ix.data, 1);
+    const source = ix.keys[0].pubkey;
+    const destination = ix.keys[1].pubkey;
+    const authority = ix.keys[2].pubkey;
+    const direction = authority.equals(signerPubkey) ? "outgoing" : "unknown";
+    return {
+        mint: web3_js_1.PublicKey.default, // Transfer (non-checked) doesn't include mint
+        amount,
+        direction,
+        destination: direction === "outgoing" ? destination : undefined,
+    };
+}
+/**
+ * Parse SPL Token TransferChecked instruction.
+ * Layout: [1 byte disc][8 bytes amount LE][1 byte decimals]
+ * Accounts: [source, mint, destination, authority]
+ */
+function parseTransferChecked(ix, signerPubkey) {
+    if (ix.data.length < 10 || ix.keys.length < 4)
+        return null;
+    const amount = readU64LE(ix.data, 1);
+    const source = ix.keys[0].pubkey;
+    const mint = ix.keys[1].pubkey;
+    const destination = ix.keys[2].pubkey;
+    const authority = ix.keys[3].pubkey;
+    const direction = authority.equals(signerPubkey) ? "outgoing" : "unknown";
+    return {
+        mint,
+        amount,
+        direction,
+        destination: direction === "outgoing" ? destination : undefined,
+    };
+}
+/**
+ * Read a little-endian u64 from a buffer at the given offset.
+ */
+function readU64LE(buf, offset) {
+    const view = Buffer.from(buf);
+    return view.readBigUInt64LE(offset);
+}
+/**
+ * Get all non-system program IDs from a transaction analysis.
+ * Useful for checking if a transaction interacts with unknown programs.
+ */
+function getNonSystemProgramIds(analysis) {
+    return analysis.programIds.filter((pid) => !(0, registry_1.isSystemProgram)(pid));
+}
+//# sourceMappingURL=inspector.js.map

package/dist/wrapper/inspector.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"inspector.js","sourceRoot":"","sources":["../../src/wrapper/inspector.ts"],"names":[],"mappings":";;AA2BA,gDAgCC;AAKD,kDAUC;AA+CD,sFAgBC;AAmGD,wDAIC;AAhPD,6CASyB;AACzB,iDAAqD;AAErD,yCAA6C;AAE7C,2CAA2C;AAC3C,MAAM,0BAA0B,GAAG,CAAC,CAAC;AACrC,MAAM,kCAAkC,GAAG,EAAE,CAAC;AAE9C,4BAA4B;AAC5B,MAAM,qBAAqB,GAAG,IAAI,mBAAS,CACzC,6CAA6C,CAC9C,CAAC;AAEF;;;GAGG;AACH,SAAgB,kBAAkB,CAChC,EAAsC,EACtC,YAAuB,EACvB,0BAAwD;IAExD,MAAM,YAAY,GAAG,mBAAmB,CAAC,EAAE,EAAE,0BAA0B,CAAC,CAAC;IACzE,MAAM,UAAU,GAAgB,EAAE,CAAC;IACnC,MAAM,SAAS,GAAoB,EAAE,CAAC;IACtC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;IAEvC,KAAK,MAAM,EAAE,IAAI,YAAY,EAAE,CAAC;QAC9B,MAAM,UAAU,GAAG,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;QAC3C,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;YAClC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAC7B,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;QAChC,CAAC;QAED,6BAA6B;QAC7B,IAAI,cAAc,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC;YACjC,MAAM,QAAQ,GAAG,kBAAkB,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;YACtD,IAAI,QAAQ,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;IAED,mDAAmD;IACnD,MAAM,sBAAsB,GAAG,SAAS;SACrC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,UAAU,CAAC;SACzC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAEjD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,sBAAsB,EAAE,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CACjC,EAAsC,EACtC,0BAAwD;IAExD,IAAI,EAAE,YAAY,qBAAW,EAAE,CAAC;QAC9B,OAAO,EAAE,CAAC,YAAY,CAAC;IACzB,CAAC;IAED,+DAA+D;IAC/D,OAAO,2BAA2B,CAAC,EAAE,CAAC,OAAO,EAAE,0BAA0B,CAAC,CAAC;AAC7E,CAAC;AAED;;;;GAIG;AACH,SAAS,2BAA2B,CAClC,OAAyB,EACzB,0BAAwD;IAExD,wDAAwD;IACxD,kDAAkD;IAClD,kEAAkE;IAClE,MAAM,WAAW,GACf,0BAA0B,EAAE,MAAM,IAAI,OAAO,CAAC,OAAO,KAAK,CAAC;QACzD,CAAC,CAAE,OAAqB,CAAC,cAAc,CAAC,EAAE,0BAA0B,EAAE,CAAC;QACvE,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;IAE/B,MAAM,YAAY,GAA6B,EAAE,CAAC;IAElD,KAAK,MAAM,QAAQ,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;QACpD,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAC3D,IAAI,CAAC,SAAS;YAAE,SAAS;QAEzB,MAAM,IAAI,GAAG,QAAQ,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACpD,MAAM,EAAE,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,mBAAS,CAAC,OAAO;YACjD,QAAQ,EAAE,OAAO,CAAC,eAAe,CAAC,GAAG,CAAC;YACtC,UAAU,EAAE,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC;SAC3C,CAAC,CAAC,CAAC;QAEJ,YAAY,CAAC,IAAI,CACf,IAAI,gCAAsB,CAAC;YACzB,SAAS;YACT,IAAI;YACJ,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;SACjC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,qCAAqC,CACzD,EAAwB,EACxB,UAAsB;IAEtB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,CAAC,mBAAmB,CAAC;IAC/C,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAEhD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CACrB,UAAU,CAAC,qBAAqB,CAAC,MAAM,CAAC,UAAU,CAAC,CACpD,CACF,CAAC;IAEF,OAAO,OAAO;SACX,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC;SAC/B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAkC,CAAC,CAAC;AACtD,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,SAAoB;IAC1C,OAAO,CACL,SAAS,CAAC,MAAM,CAAC,4BAAgB,CAAC;QAClC,SAAS,CAAC,MAAM,CAAC,qBAAqB,CAAC,CACxC,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CACzB,EAA0B,EAC1B,YAAuB;IAEvB,IAAI,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,aAAa,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAEjC,IAAI,aAAa,KAAK,0BAA0B,EAAE,CAAC;QACjD,OAAO,aAAa,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;IACzC,CAAC;IAED,IAAI,aAAa,KAAK,kCAAkC,EAAE,CAAC;QACzD,OAAO,oBAAoB,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,SAAS,aAAa,CACpB,EAA0B,EAC1B,YAAuB;IAEvB,IAAI,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1D,MAAM,MAAM,GAAG,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjC,MAAM,WAAW,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACtC,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAEpC,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;IAE1E,OAAO;QACL,IAAI,EAAE,mBAAS,CAAC,OAAO,EAAE,8CAA8C;QACvE,MAAM;QACN,SAAS;QACT,WAAW,EAAE,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;KAChE,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAC3B,EAA0B,EAC1B,YAAuB;IAEvB,IAAI,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,EAAE,IAAI,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3D,MAAM,MAAM,GAAG,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjC,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAC/B,MAAM,WAAW,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACtC,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAEpC,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;IAE1E,OAAO;QACL,IAAI;QACJ,MAAM;QACN,SAAS;QACT,WAAW,EAAE,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;KAChE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,SAAS,CAAC,GAAwB,EAAE,MAAc;IACzD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC9B,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;AACtC,CAAC;AAED;;;GAGG;AACH,SAAgB,sBAAsB,CACpC,QAA6B;IAE7B,OAAO,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC,CAAC;AACpE,CAAC"}

package/dist/wrapper/policies.d.ts ADDED Viewed

@@ -0,0 +1,78 @@
+import { PublicKey } from "@solana/web3.js";
+import * as Core from "@agent-shield/core";
+export type { RateLimitConfig, PolicyCheckResult } from "@agent-shield/core";
+export { DEFAULT_POLICIES, parseSpendLimit } from "@agent-shield/core";
+/** Policy configuration for the shield wrapper (accepts PublicKey or string) */
+export interface ShieldPolicies {
+    /** Maximum spend per rolling 24h window, per token. e.g. "500 USDC/day" or { mint, amount } */
+    maxSpend?: SpendLimit | SpendLimit[] | string | string[];
+    /** Maximum single transaction size in lamports-equivalent value */
+    maxTransactionSize?: bigint | string;
+    /** Allowed protocol program IDs. If set, only these + system programs are allowed. */
+    allowedProtocols?: (PublicKey | string)[];
+    /** Allowed token mints for transfers. If set, only these tokens can be sent. */
+    allowedTokens?: (PublicKey | string)[];
+    /** Block unknown (unregistered) program IDs. Default: true */
+    blockUnknownPrograms?: boolean;
+    /** Maximum transactions per time window */
+    rateLimit?: Core.RateLimitConfig;
+    /** Custom policy evaluation hook — runs AFTER built-in checks */
+    customCheck?: (analysis: TransactionAnalysis) => Core.PolicyCheckResult;
+}
+export interface SpendLimit {
+    /** SPL token mint address */
+    mint: PublicKey | string;
+    /** Maximum amount in token's native decimals (e.g. 500_000_000 for 500 USDC) */
+    amount: bigint;
+    /** Window duration in milliseconds. Default: 86_400_000 (24h) */
+    windowMs?: number;
+}
+/** Analysis of a transaction's contents, passed to policy engine and custom checks */
+export interface TransactionAnalysis {
+    /** Program IDs invoked by the transaction */
+    programIds: PublicKey[];
+    /** Token transfers detected in the transaction */
+    transfers: TokenTransfer[];
+    /** Total estimated value of outgoing transfers, in lamports-equivalent */
+    estimatedValueLamports: bigint;
+}
+export interface TokenTransfer {
+    mint: PublicKey;
+    amount: bigint;
+    /** "outgoing" = tokens leaving the wallet, "incoming" = tokens arriving */
+    direction: "outgoing" | "incoming" | "unknown";
+    /** Destination account */
+    destination?: PublicKey;
+}
+/** Summary of current spending state relative to policy limits */
+export interface SpendingSummary {
+    tokens: Array<{
+        mint: string;
+        symbol: string | undefined;
+        spent: bigint;
+        limit: bigint;
+        remaining: bigint;
+        windowMs: number;
+    }>;
+    rateLimit: {
+        count: number;
+        limit: number;
+        remaining: number;
+        windowMs: number;
+    };
+    isPaused: boolean;
+}
+/** Internal resolved policy representation (extends core with customCheck) */
+export interface ResolvedPolicies extends Core.ResolvedPolicies {
+    customCheck: ((analysis: TransactionAnalysis) => Core.PolicyCheckResult) | undefined;
+}
+/**
+ * Normalize user-provided policies into a resolved internal format.
+ * Handles PublicKey → string conversion, string parsing, defaults, and validation.
+ */
+export declare function resolvePolicies(input?: ShieldPolicies): ResolvedPolicies;
+/**
+ * Convert wrapper TransactionAnalysis (PublicKey-based) to core format (string-based).
+ */
+export declare function toCoreAnalysis(analysis: TransactionAnalysis): Core.TransactionAnalysis;
+//# sourceMappingURL=policies.d.ts.map

package/dist/wrapper/policies.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"policies.d.ts","sourceRoot":"","sources":["../../src/wrapper/policies.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,KAAK,IAAI,MAAM,oBAAoB,CAAC;AAG3C,YAAY,EAAE,eAAe,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAC7E,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAEvE,gFAAgF;AAChF,MAAM,WAAW,cAAc;IAC7B,+FAA+F;IAC/F,QAAQ,CAAC,EAAE,UAAU,GAAG,UAAU,EAAE,GAAG,MAAM,GAAG,MAAM,EAAE,CAAC;IACzD,mEAAmE;IACnE,kBAAkB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACrC,sFAAsF;IACtF,gBAAgB,CAAC,EAAE,CAAC,SAAS,GAAG,MAAM,CAAC,EAAE,CAAC;IAC1C,gFAAgF;IAChF,aAAa,CAAC,EAAE,CAAC,SAAS,GAAG,MAAM,CAAC,EAAE,CAAC;IACvC,8DAA8D;IAC9D,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,2CAA2C;IAC3C,SAAS,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC;IACjC,iEAAiE;IACjE,WAAW,CAAC,EAAE,CAAC,QAAQ,EAAE,mBAAmB,KAAK,IAAI,CAAC,iBAAiB,CAAC;CACzE;AAED,MAAM,WAAW,UAAU;IACzB,6BAA6B;IAC7B,IAAI,EAAE,SAAS,GAAG,MAAM,CAAC;IACzB,gFAAgF;IAChF,MAAM,EAAE,MAAM,CAAC;IACf,iEAAiE;IACjE,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,sFAAsF;AACtF,MAAM,WAAW,mBAAmB;IAClC,6CAA6C;IAC7C,UAAU,EAAE,SAAS,EAAE,CAAC;IACxB,kDAAkD;IAClD,SAAS,EAAE,aAAa,EAAE,CAAC;IAC3B,0EAA0E;IAC1E,sBAAsB,EAAE,MAAM,CAAC;CAChC;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,SAAS,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,2EAA2E;IAC3E,SAAS,EAAE,UAAU,GAAG,UAAU,GAAG,SAAS,CAAC;IAC/C,0BAA0B;IAC1B,WAAW,CAAC,EAAE,SAAS,CAAC;CACzB;AAED,kEAAkE;AAClE,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,KAAK,CAAC;QACZ,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;QAC3B,KAAK,EAAE,MAAM,CAAC;QACd,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC,CAAC;IACH,SAAS,EAAE;QACT,KAAK,EAAE,MAAM,CAAC;QACd,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,8EAA8E;AAC9E,MAAM,WAAW,gBAAiB,SAAQ,IAAI,CAAC,gBAAgB;IAC7D,WAAW,EACP,CAAC,CAAC,QAAQ,EAAE,mBAAmB,KAAK,IAAI,CAAC,iBAAiB,CAAC,GAC3D,SAAS,CAAC;CACf;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,KAAK,CAAC,EAAE,cAAc,GAAG,gBAAgB,CA0BxE;AA6BD;;GAEG;AACH,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,mBAAmB,GAC5B,IAAI,CAAC,mBAAmB,CAW1B"}

package/dist/wrapper/policies.js ADDED Viewed

@@ -0,0 +1,108 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseSpendLimit = exports.DEFAULT_POLICIES = void 0;
+exports.resolvePolicies = resolvePolicies;
+exports.toCoreAnalysis = toCoreAnalysis;
+const Core = __importStar(require("@agent-shield/core"));
+var core_1 = require("@agent-shield/core");
+Object.defineProperty(exports, "DEFAULT_POLICIES", { enumerable: true, get: function () { return core_1.DEFAULT_POLICIES; } });
+Object.defineProperty(exports, "parseSpendLimit", { enumerable: true, get: function () { return core_1.parseSpendLimit; } });
+/**
+ * Normalize user-provided policies into a resolved internal format.
+ * Handles PublicKey → string conversion, string parsing, defaults, and validation.
+ */
+function resolvePolicies(input) {
+    // Convert Solana-aware input to core format
+    const coreInput = input
+        ? {
+            maxSpend: input.maxSpend !== undefined
+                ? convertSpendLimits(input.maxSpend)
+                : undefined,
+            maxTransactionSize: input.maxTransactionSize,
+            allowedProtocols: input.allowedProtocols?.map((p) => typeof p === "string" ? p : p.toBase58()),
+            allowedTokens: input.allowedTokens?.map((t) => typeof t === "string" ? t : t.toBase58()),
+            blockUnknownPrograms: input.blockUnknownPrograms,
+            rateLimit: input.rateLimit,
+        }
+        : undefined;
+    const coreResolved = Core.resolvePolicies(coreInput);
+    return {
+        ...coreResolved,
+        customCheck: input?.customCheck ?? undefined,
+    };
+}
+/** Convert wrapper SpendLimit (PublicKey | string mint) to core SpendLimit (string mint) */
+function convertSpendLimits(input) {
+    if (typeof input === "string")
+        return input;
+    if (Array.isArray(input)) {
+        // Check if all elements are strings
+        if (input.every((l) => typeof l === "string")) {
+            return input;
+        }
+        // Otherwise convert each element to Core.SpendLimit
+        return input.map((l) => {
+            if (typeof l === "string")
+                return Core.parseSpendLimit(l);
+            return {
+                mint: typeof l.mint === "string" ? l.mint : l.mint.toBase58(),
+                amount: l.amount,
+                windowMs: l.windowMs,
+            };
+        });
+    }
+    return {
+        mint: typeof input.mint === "string" ? input.mint : input.mint.toBase58(),
+        amount: input.amount,
+        windowMs: input.windowMs,
+    };
+}
+/**
+ * Convert wrapper TransactionAnalysis (PublicKey-based) to core format (string-based).
+ */
+function toCoreAnalysis(analysis) {
+    return {
+        programIds: analysis.programIds.map((p) => p.toBase58()),
+        transfers: analysis.transfers.map((t) => ({
+            mint: t.mint.toBase58(),
+            amount: t.amount,
+            direction: t.direction,
+            destination: t.destination?.toBase58(),
+        })),
+        estimatedValueLamports: analysis.estimatedValueLamports,
+    };
+}
+//# sourceMappingURL=policies.js.map

package/dist/wrapper/policies.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"policies.js","sourceRoot":"","sources":["../../src/wrapper/policies.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmFA,0CA0BC;AAgCD,wCAaC;AAzJD,yDAA2C;AAI3C,2CAAuE;AAA9D,wGAAA,gBAAgB,OAAA;AAAE,uGAAA,eAAe,OAAA;AA0E1C;;;GAGG;AACH,SAAgB,eAAe,CAAC,KAAsB;IACpD,4CAA4C;IAC5C,MAAM,SAAS,GAAoC,KAAK;QACtD,CAAC,CAAC;YACE,QAAQ,EACN,KAAK,CAAC,QAAQ,KAAK,SAAS;gBAC1B,CAAC,CAAC,kBAAkB,CAAC,KAAK,CAAC,QAAQ,CAAC;gBACpC,CAAC,CAAC,SAAS;YACf,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;YAC5C,gBAAgB,EAAE,KAAK,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAClD,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CACzC;YACD,aAAa,EAAE,KAAK,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC5C,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CACzC;YACD,oBAAoB,EAAE,KAAK,CAAC,oBAAoB;YAChD,SAAS,EAAE,KAAK,CAAC,SAAS;SAC3B;QACH,CAAC,CAAC,SAAS,CAAC;IAEd,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;IAErD,OAAO;QACL,GAAG,YAAY;QACf,WAAW,EAAE,KAAK,EAAE,WAAW,IAAI,SAAS;KAC7C,CAAC;AACJ,CAAC;AAED,4FAA4F;AAC5F,SAAS,kBAAkB,CACzB,KAAoD;IAEpD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,oCAAoC;QACpC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;YAC3D,OAAO,KAAK,CAAC;QACf,CAAC;QACD,oDAAoD;QACpD,OAAQ,KAAiC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAmB,EAAE;YACnE,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,OAAO,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC1D,OAAO;gBACL,IAAI,EAAE,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE;gBAC7D,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,QAAQ,EAAE,CAAC,CAAC,QAAQ;aACrB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IACD,OAAO;QACL,IAAI,EAAE,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE;QACzE,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,QAAQ,EAAE,KAAK,CAAC,QAAQ;KACzB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAC5B,QAA6B;IAE7B,OAAO;QACL,UAAU,EAAE,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxD,SAAS,EAAE,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACxC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE;YACvB,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,WAAW,EAAE,CAAC,CAAC,WAAW,EAAE,QAAQ,EAAE;SACvC,CAAC,CAAC;QACH,sBAAsB,EAAE,QAAQ,CAAC,sBAAsB;KACxD,CAAC;AACJ,CAAC"}

package/dist/wrapper/registry.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import { PublicKey } from "@solana/web3.js";
+export { KNOWN_PROTOCOLS, KNOWN_TOKENS, SYSTEM_PROGRAMS, } from "@agent-shield/core";
+/**
+ * Look up a token's symbol and decimals by mint address.
+ * Returns undefined for unknown tokens.
+ */
+export declare function getTokenInfo(mint: PublicKey | string): {
+    symbol: string;
+    decimals: number;
+} | undefined;
+/**
+ * Look up a protocol's name by program ID.
+ * Returns undefined for unknown protocols.
+ */
+export declare function getProtocolName(programId: PublicKey | string): string | undefined;
+/**
+ * Check if a program ID is a known system program (always allowed).
+ */
+export declare function isSystemProgram(programId: PublicKey | string): boolean;
+/**
+ * Check if a program ID is a known DeFi protocol.
+ */
+export declare function isKnownProtocol(programId: PublicKey | string): boolean;
+//# sourceMappingURL=registry.d.ts.map

package/dist/wrapper/registry.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../src/wrapper/registry.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAQ5C,OAAO,EACL,eAAe,EACf,YAAY,EACZ,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAE5B;;;GAGG;AACH,wBAAgB,YAAY,CAC1B,IAAI,EAAE,SAAS,GAAG,MAAM,GACvB;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAGlD;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAC7B,SAAS,EAAE,SAAS,GAAG,MAAM,GAC5B,MAAM,GAAG,SAAS,CAGpB;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,SAAS,EAAE,SAAS,GAAG,MAAM,GAAG,OAAO,CAGtE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,SAAS,EAAE,SAAS,GAAG,MAAM,GAAG,OAAO,CAGtE"}

package/dist/wrapper/registry.js ADDED Viewed

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SYSTEM_PROGRAMS = exports.KNOWN_TOKENS = exports.KNOWN_PROTOCOLS = void 0;
+exports.getTokenInfo = getTokenInfo;
+exports.getProtocolName = getProtocolName;
+exports.isSystemProgram = isSystemProgram;
+exports.isKnownProtocol = isKnownProtocol;
+const core_1 = require("@agent-shield/core");
+var core_2 = require("@agent-shield/core");
+Object.defineProperty(exports, "KNOWN_PROTOCOLS", { enumerable: true, get: function () { return core_2.KNOWN_PROTOCOLS; } });
+Object.defineProperty(exports, "KNOWN_TOKENS", { enumerable: true, get: function () { return core_2.KNOWN_TOKENS; } });
+Object.defineProperty(exports, "SYSTEM_PROGRAMS", { enumerable: true, get: function () { return core_2.SYSTEM_PROGRAMS; } });
+/**
+ * Look up a token's symbol and decimals by mint address.
+ * Returns undefined for unknown tokens.
+ */
+function getTokenInfo(mint) {
+    const key = typeof mint === "string" ? mint : mint.toBase58();
+    return (0, core_1.getTokenInfo)(key);
+}
+/**
+ * Look up a protocol's name by program ID.
+ * Returns undefined for unknown protocols.
+ */
+function getProtocolName(programId) {
+    const key = typeof programId === "string" ? programId : programId.toBase58();
+    return (0, core_1.getProtocolName)(key);
+}
+/**
+ * Check if a program ID is a known system program (always allowed).
+ */
+function isSystemProgram(programId) {
+    const key = typeof programId === "string" ? programId : programId.toBase58();
+    return (0, core_1.isSystemProgram)(key);
+}
+/**
+ * Check if a program ID is a known DeFi protocol.
+ */
+function isKnownProtocol(programId) {
+    const key = typeof programId === "string" ? programId : programId.toBase58();
+    return (0, core_1.isKnownProtocol)(key);
+}
+//# sourceMappingURL=registry.js.map

package/dist/wrapper/registry.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"registry.js","sourceRoot":"","sources":["../../src/wrapper/registry.ts"],"names":[],"mappings":";;;AAkBA,oCAKC;AAMD,0CAKC;AAKD,0CAGC;AAKD,0CAGC;AAjDD,6CAK4B;AAE5B,2CAI4B;AAH1B,uGAAA,eAAe,OAAA;AACf,oGAAA,YAAY,OAAA;AACZ,uGAAA,eAAe,OAAA;AAGjB;;;GAGG;AACH,SAAgB,YAAY,CAC1B,IAAwB;IAExB,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC9D,OAAO,IAAA,mBAAgB,EAAC,GAAG,CAAC,CAAC;AAC/B,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAC7B,SAA6B;IAE7B,MAAM,GAAG,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;IAC7E,OAAO,IAAA,sBAAmB,EAAC,GAAG,CAAC,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,SAA6B;IAC3D,MAAM,GAAG,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;IAC7E,OAAO,IAAA,sBAAmB,EAAC,GAAG,CAAC,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,SAA6B;IAC3D,MAAM,GAAG,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;IAC7E,OAAO,IAAA,sBAAmB,EAAC,GAAG,CAAC,CAAC;AAClC,CAAC"}

package/dist/wrapper/shield.d.ts ADDED Viewed

@@ -0,0 +1,86 @@
+import { Connection, PublicKey, Transaction, VersionedTransaction } from "@solana/web3.js";
+import { ShieldPolicies, SpendingSummary, ResolvedPolicies } from "./policies";
+import { ShieldDeniedError } from "./errors";
+import { ShieldState, ShieldStorage } from "./state";
+/**
+ * A wallet-like object that shield() can wrap.
+ * Compatible with Keypair wallets, wallet adapters, Turnkey, Privy, Coinbase, etc.
+ */
+export interface WalletLike {
+    publicKey: PublicKey;
+    signTransaction<T extends Transaction | VersionedTransaction>(tx: T): Promise<T>;
+    signAllTransactions?<T extends Transaction | VersionedTransaction>(txs: T[]): Promise<T[]>;
+}
+/**
+ * A TEE-backed wallet — extends WalletLike with a provider identifier.
+ * Compatible with Crossmint, Turnkey, Privy, or any TEE custody provider.
+ */
+export interface TeeWallet extends WalletLike {
+    readonly provider: string;
+}
+/**
+ * Type guard to detect TEE-backed wallets at runtime.
+ */
+export declare function isTeeWallet(wallet: WalletLike): wallet is TeeWallet;
+/**
+ * A shielded wallet — same interface as the input wallet, with policy enforcement.
+ */
+export interface ShieldedWallet extends WalletLike {
+    /** The underlying wallet before shielding */
+    readonly innerWallet: WalletLike;
+    /** Current shield state (spending tracker, rate limiter) */
+    readonly shieldState: ShieldState;
+    /** Whether this wallet has been hardened (on-chain enforcement) */
+    readonly isHardened: boolean;
+    /** The currently active resolved policies */
+    readonly resolvedPolicies: ResolvedPolicies;
+    /** Whether policy enforcement is currently paused */
+    readonly isPaused: boolean;
+    /** Update policies at runtime */
+    updatePolicies(policies: ShieldPolicies): void;
+    /** Reset all spending state */
+    resetState(): void;
+    /** Pause policy enforcement — transactions pass through without checks or spend recording */
+    pause(): void;
+    /** Resume policy enforcement after a pause */
+    resume(): void;
+    /** Get a summary of current spending relative to policy limits */
+    getSpendingSummary(): SpendingSummary;
+    /** Make an HTTP request with automatic x402 payment support */
+    fetch?: (url: string | URL, init?: RequestInit) => Promise<Response>;
+}
+export interface ShieldOptions {
+    /** Solana RPC connection — enables Address Lookup Table resolution for VersionedTransactions */
+    connection?: Connection;
+    /** Custom storage backend for state persistence. Default: auto-detect (localStorage in browser, in-memory in Node.js) */
+    storage?: ShieldStorage;
+    /** Event handler called when a transaction is denied */
+    onDenied?: (error: ShieldDeniedError) => void;
+    /** Event handler called when a transaction is approved and signed */
+    onApproved?: (txHash: string | null) => void;
+    /** Event handler called when policies are updated via updatePolicies() */
+    onPolicyUpdate?: (policies: ShieldPolicies) => void;
+    /** Event handler called when the shield is paused */
+    onPause?: () => void;
+    /** Event handler called when the shield is resumed */
+    onResume?: () => void;
+}
+/**
+ * Wrap any wallet with client-side spending controls.
+ *
+ * @example
+ * ```typescript
+ * import { shieldWallet } from '@agent-shield/sdk';
+ *
+ * const protectedWallet = shieldWallet(wallet, { maxSpend: '500 USDC/day' });
+ * const agent = new SolanaAgentKit(protectedWallet, RPC_URL, config);
+ * ```
+ *
+ * With no config, secure defaults are applied:
+ * - 1000 USDC/day, 1000 USDT/day, 10 SOL/day spending caps
+ * - Unknown programs blocked
+ * - 60 transactions/hour rate limit
+ * @internal Use shieldWallet() instead
+ */
+export declare function shield(wallet: WalletLike, policies?: ShieldPolicies, options?: ShieldOptions): ShieldedWallet;
+//# sourceMappingURL=shield.d.ts.map

package/dist/wrapper/shield.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"shield.d.ts","sourceRoot":"","sources":["../../src/wrapper/shield.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,UAAU,EACV,SAAS,EACT,WAAW,EACX,oBAAoB,EACrB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,cAAc,EACd,eAAe,EACf,gBAAgB,EAEjB,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAGrD;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,SAAS,CAAC;IACrB,eAAe,CAAC,CAAC,SAAS,WAAW,GAAG,oBAAoB,EAC1D,EAAE,EAAE,CAAC,GACJ,OAAO,CAAC,CAAC,CAAC,CAAC;IACd,mBAAmB,CAAC,CAAC,CAAC,SAAS,WAAW,GAAG,oBAAoB,EAC/D,GAAG,EAAE,CAAC,EAAE,GACP,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;CACjB;AAED;;;GAGG;AACH,MAAM,WAAW,SAAU,SAAQ,UAAU;IAC3C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,IAAI,SAAS,CAEnE;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,UAAU;IAChD,6CAA6C;IAC7C,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC;IACjC,4DAA4D;IAC5D,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC;IAClC,mEAAmE;IACnE,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;IAC7B,6CAA6C;IAC7C,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAC5C,qDAAqD;IACrD,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;IAC3B,iCAAiC;IACjC,cAAc,CAAC,QAAQ,EAAE,cAAc,GAAG,IAAI,CAAC;IAC/C,+BAA+B;IAC/B,UAAU,IAAI,IAAI,CAAC;IACnB,6FAA6F;IAC7F,KAAK,IAAI,IAAI,CAAC;IACd,8CAA8C;IAC9C,MAAM,IAAI,IAAI,CAAC;IACf,kEAAkE;IAClE,kBAAkB,IAAI,eAAe,CAAC;IACtC,+DAA+D;IAC/D,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;CACtE;AAED,MAAM,WAAW,aAAa;IAC5B,gGAAgG;IAChG,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,yHAAyH;IACzH,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,wDAAwD;IACxD,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,IAAI,CAAC;IAC9C,qEAAqE;IACrE,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,KAAK,IAAI,CAAC;IAC7C,0EAA0E;IAC1E,cAAc,CAAC,EAAE,CAAC,QAAQ,EAAE,cAAc,KAAK,IAAI,CAAC;IACpD,qDAAqD;IACrD,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,sDAAsD;IACtD,QAAQ,CAAC,EAAE,MAAM,IAAI,CAAC;CACvB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,MAAM,CACpB,MAAM,EAAE,UAAU,EAClB,QAAQ,CAAC,EAAE,cAAc,EACzB,OAAO,CAAC,EAAE,aAAa,GACtB,cAAc,CA4MhB"}