npm - @agentfield/sdk - Versions diffs - 0.1.92-rc.2 → 0.1.92-rc.20 - Mend

@agentfield/sdk 0.1.92-rc.2 → 0.1.92-rc.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -5,6 +5,7 @@ import { z } from 'zod';
 import { AxiosInstance } from 'axios';
 import { WriteStream } from 'node:tty';
 import { ToolSet } from 'ai';
+import { JWK } from 'jose';
 type ZodSchema<T> = z.Schema<T, z.ZodTypeDef, any>;
 interface AIRequestOptions {
@@ -273,6 +274,14 @@ interface ExecutionStatusUpdate {
     progress?: number;
     statusReason?: string;
 }
+interface RestartExecutionOptions {
+    scope?: 'workflow' | 'execution';
+    reuse?: 'succeeded-before' | 'all-succeeded' | 'none';
+    fork?: boolean;
+    reason?: string;
+    input?: Record<string, unknown>;
+    context?: Record<string, unknown>;
+}
 declare class AgentFieldClient {
     private readonly http;
     private readonly config;
@@ -294,7 +303,11 @@ declare class AgentFieldClient {
         targetDid?: string;
         agentNodeDid?: string;
         agentNodeId?: string;
+        replaySourceRunId?: string;
+        replayBeforeExecutionId?: string;
+        replayMode?: string;
     }): Promise<T>;
+    restartExecution(executionId: string, options?: RestartExecutionOptions): Promise<any>;
     publishWorkflowEvent(event: {
         executionId: string;
         runId: string;
@@ -369,6 +382,9 @@ interface ExecutionMetadata {
     callerDid?: string;
     targetDid?: string;
     agentNodeDid?: string;
+    replaySourceRunId?: string;
+    replayBeforeExecutionId?: string;
+    replayMode?: string;
 }
 declare class ExecutionContext {
     readonly input: any;
@@ -1085,6 +1101,45 @@ declare class HarnessRunner {
     private sleep;
 }
+interface SessionDefinition {
+    name: string;
+    provider: string;
+    transport: string;
+    model?: string;
+    modalities: string[];
+    voice?: string;
+    tools: string[];
+    tags: string[];
+    proposed_tags: string[];
+    approved_tags: string[];
+    metadata: Record<string, unknown>;
+}
+interface SessionOptions {
+    provider: string;
+    transport: string;
+    model?: string;
+    modalities?: string[];
+    voice?: string;
+    tools?: string[];
+    tags?: string[];
+    metadata?: Record<string, unknown>;
+}
+interface SessionTurn {
+    text?: string;
+    transcript?: string;
+    audio?: unknown;
+    audioFormat?: string;
+    channel?: string;
+    metadata?: Record<string, unknown>;
+}
+declare class RealtimeSession {
+    readonly sessionId: string;
+    readonly definition: SessionDefinition;
+    constructor(sessionId: string, definition: SessionDefinition);
+    input(): Promise<SessionTurn>;
+}
+declare function buildSessionDefinition(name: string, options: SessionOptions): SessionDefinition;
 declare class Agent {
     readonly config: AgentConfig;
     readonly app: express.Express;
@@ -1101,6 +1156,7 @@ declare class Agent {
     private readonly memoryWatchers;
     private readonly localVerifier?;
     private readonly realtimeValidationFunctions;
+    private readonly sessions;
     private readonly processLogRing;
     private readonly executionLogger;
     /** Tracks an AbortController per in-flight execution_id so the
@@ -1112,6 +1168,8 @@ declare class Agent {
     reasoner<TInput = any, TOutput = any>(name: string, handler: ReasonerHandler<TInput, TOutput>, options?: ReasonerOptions): this;
     skill<TInput = any, TOutput = any>(name: string, handler: SkillHandler<TInput, TOutput>, options?: SkillOptions): this;
     includeRouter(router: AgentRouter): void;
+    session(name: string, options: SessionOptions, handler: (session: RealtimeSession) => Promise<unknown> | unknown): this;
+    sessionDefinitions(): SessionDefinition[];
     handler(adapter?: (event: any, context?: any) => ServerlessEvent): AgentHandler;
     watchMemory(pattern: string | string[], handler: MemoryWatchHandler, options?: {
         scope?: string;
@@ -1227,6 +1285,67 @@ declare class DidManager {
     getIdentitySummary(): Record<string, any>;
 }
+/**
+ * DID-based payload encryption (JWE over X25519 keyAgreement keys).
+ *
+ * Encrypt a payload *to* an agent's DID so that only that agent — the holder of
+ * the matching X25519 private key — can decrypt it. This underpins the
+ * discuss/aggregator split: hax-sdk encrypts a scoped payload to the
+ * aggregator's DID; the untrusted discuss agent forwards the ciphertext but
+ * cannot read it; only the aggregator decrypts.
+ *
+ * Wire format is standard **JWE compact, `ECDH-ES` + `A256GCM`** over an X25519
+ * key (RFC 7518 / RFC 8037), interoperable with the Python SDK's
+ * `encrypt_for_did` / `decrypt` (which use `joserfc`). A ciphertext produced
+ * here decrypts there and vice-versa.
+ *
+ * Key-ownership model: the agent owns its keypair. The X25519 private key lives
+ * in the agent's environment; the public key is published in the agent's DID
+ * document as a `keyAgreement` verification method of type
+ * `X25519KeyAgreementKey2020`. The control plane never holds the private key.
+ */
+/** JOSE parameters. Must match the Python SDK exactly for interop. */
+declare const JWE_ALG: "ECDH-ES";
+declare const JWE_ENC: "A256GCM";
+/** W3C verification-method type published in the DID document for the X25519 key. */
+declare const KEY_AGREEMENT_TYPE: "X25519KeyAgreementKey2020";
+declare class PayloadEncryptionError extends Error {
+    constructor(message: string);
+}
+/** Resolves a DID string to its document (or a control-plane resolve response). */
+type DidResolver = (did: string) => Promise<Record<string, unknown> | null>;
+type Payload = string | Uint8Array | Record<string, unknown>;
+/**
+ * Generate a fresh X25519 keypair for an agent. Persist `privateJwk` into the
+ * agent's environment and publish `publicJwk` as the DID `keyAgreement` key.
+ */
+declare function generateX25519KeyPair(): Promise<{
+    privateJwk: JWK;
+    publicJwk: JWK;
+}>;
+/**
+ * Pull the X25519 `keyAgreement` public JWK out of a resolved DID document.
+ * Handles a bare W3C document or a control-plane response wrapping it under
+ * `did_document`, and a `keyAgreement` entry that is either inline (with
+ * `publicKeyJwk`) or a string reference into `verificationMethod`.
+ */
+declare function extractKeyAgreementJwk(didDocument: Record<string, unknown>): JWK;
+/** Encrypt `payload` to an X25519 public JWK, returning a compact JWE string. */
+declare function encryptToJwk(publicJwk: JWK, payload: Payload): Promise<string>;
+/**
+ * Resolve `did`, read its X25519 keyAgreement key, and encrypt `payload` to it.
+ * Returns a compact JWE that only the DID's owner can decrypt.
+ */
+declare function encryptForDid(did: string, payload: Payload, resolver: DidResolver): Promise<string>;
+/**
+ * Decrypt a compact JWE produced by {@link encryptForDid} or the Python SDK.
+ * Returns the raw plaintext bytes.
+ */
+declare function decrypt(token: string, privateJwk: JWK): Promise<Uint8Array>;
+/** Convenience: decrypt and decode the plaintext as UTF-8 text. */
+declare function decryptToString(token: string, privateJwk: JWK): Promise<string>;
 declare class RateLimitError extends Error {
     retryAfter?: number;
     status?: number;
@@ -1929,4 +2048,23 @@ declare class ApprovalClient {
     waitForApproval(executionId: string, opts?: WaitForApprovalOptions): Promise<ApprovalStatusResponse>;
 }
-export { ACTIVE_STATUSES, AIClient, type AIConfig, type AIEmbeddingOptions, type AIRequestOptions, type AIStream, type AIToolRequestOptions, Agent, type AgentCapability, type AgentConfig, type AgentHandler, AgentRouter, type AgentRouterOptions, type AgentState, ApprovalClient, type ApprovalRequestResponse, type ApprovalStatusResponse, Audio, type AudioOutput, type AudioRequest, type AuditTrailExport, type AuditTrailFilters, type Awaitable, CANONICAL_STATUSES, type CompactCapability, type CompactDiscoveryResponse, DIDAuthenticator, type DIDIdentity, type DIDIdentityPackage, type DIDRegistrationRequest, type DIDRegistrationResponse, type DeploymentType, DidClient, DidInterface, DidManager, type DiscoveryFormat, type DiscoveryOptions, type DiscoveryPagination, type DiscoveryResponse, type DiscoveryResult, ExecutionContext, type ExecutionCredential, type ExecutionLogAttributes, type ExecutionLogBatchPayload, type ExecutionLogContext, type ExecutionLogEmitOptions, type ExecutionLogEntry, type ExecutionLogLevel, type ExecutionLogTransport, type ExecutionLogTransportPayload, type ExecutionLogWireEntry, ExecutionLogger, type ExecutionLoggerOptions, type ExecutionMetadata, ExecutionStatus, type ExecutionStatusValue, File, type FileOutput, type GenerateCredentialOptions, type GenerateCredentialParams, HEADER_CALLER_DID, HEADER_DID_NONCE, HEADER_DID_SIGNATURE, HEADER_DID_TIMESTAMP, type HarnessConfig, type HarnessOptions, type HarnessProvider, type HarnessResult, HarnessRunner, type HealthStatus, Image, type ImageOutput, type ImageRequest, type MediaProvider, MediaProviderError, type MediaResponse, MediaRouter, type MemoryChangeEvent, MemoryClient, MemoryClientBase, type MemoryConfig, MemoryEventClient, type MemoryEventHandler, type MemoryEventHistoryOptions, MemoryInterface, type MemoryRequestMetadata, type MemoryRequestOptions, type MemoryScope, type MemoryWatchHandler, type Metrics, type MultimodalContent, MultimodalResponse, OpenRouterMediaProvider, type OpenRouterMediaProviderOptions, RateLimitError, type RateLimiterOptions, type RawExecutionContext, type RawResult, type ReasonerCapability, ReasonerContext, type ReasonerDefinition, type ReasonerHandler, type ReasonerOptions, type RequestApprovalPayload, SUPPORTED_PROVIDERS, type ServerlessAdapter, type ServerlessEvent, type ServerlessResponse, type SkillCapability, SkillContext, type SkillDefinition, type SkillHandler, type SkillOptions, StatelessRateLimiter, TERMINAL_STATUSES, Text, type ToolCallConfig, type ToolCallRecord, type ToolCallTrace, type ToolsOption, type VectorSearchOptions, type VectorSearchResult, Video, type VideoFrameImage, type VideoInputReference, type VideoRequest, type WaitForApprovalOptions, type WorkflowCredential, type WorkflowMetadata, type WorkflowProgressOptions, WorkflowReporter, type ZodSchema, audioFromBase64, audioFromBuffer, audioFromFile, audioFromUrl, buildProvider, buildToolConfig, capabilitiesToTools, capabilityToMetadataTool, capabilityToTool, createExecutionLogger, createHarnessResult, createMetrics, createMultimodalResponse, createRawResult, executeToolCallLoop, fileFromBase64, fileFromBuffer, fileFromPath, fileFromUrl, getCurrentContext, getCurrentSkillContext, imageFromBase64, imageFromBuffer, imageFromFile, imageFromUrl, isActive, isExecutionLogBatchPayload, isTerminal, normalizeExecutionLogEntry, normalizeStatus, serializeExecutionLogEntry, text, videoFromBase64, videoFromBuffer, videoFromFile, videoFromUrl };
+declare const SUPPORTED_SESSION_TRANSPORTS: {
+    readonly openai: readonly ["webrtc", "websocket"];
+    readonly openrouter: readonly ["audio_turns"];
+};
+type SessionProvider = keyof typeof SUPPORTED_SESSION_TRANSPORTS;
+type SessionTransport = (typeof SUPPORTED_SESSION_TRANSPORTS)[SessionProvider][number];
+interface SessionTransportCapability {
+    provider: SessionProvider;
+    transport: SessionTransport;
+}
+declare class SessionTransportError extends Error {
+    readonly provider: string;
+    readonly transport: string;
+    readonly supported: readonly string[];
+    constructor(provider: string, transport: string, supported: readonly string[]);
+}
+declare function normalizeSessionTransportValue(value: string): string;
+declare function validateSessionTransport(provider: string, transport: string): SessionTransportCapability;
+export { ACTIVE_STATUSES, AIClient, type AIConfig, type AIEmbeddingOptions, type AIRequestOptions, type AIStream, type AIToolRequestOptions, Agent, type AgentCapability, type AgentConfig, type AgentHandler, AgentRouter, type AgentRouterOptions, type AgentState, ApprovalClient, type ApprovalRequestResponse, type ApprovalStatusResponse, Audio, type AudioOutput, type AudioRequest, type AuditTrailExport, type AuditTrailFilters, type Awaitable, CANONICAL_STATUSES, type CompactCapability, type CompactDiscoveryResponse, DIDAuthenticator, type DIDIdentity, type DIDIdentityPackage, type DIDRegistrationRequest, type DIDRegistrationResponse, type DeploymentType, DidClient, DidInterface, DidManager, type DidResolver, type DiscoveryFormat, type DiscoveryOptions, type DiscoveryPagination, type DiscoveryResponse, type DiscoveryResult, ExecutionContext, type ExecutionCredential, type ExecutionLogAttributes, type ExecutionLogBatchPayload, type ExecutionLogContext, type ExecutionLogEmitOptions, type ExecutionLogEntry, type ExecutionLogLevel, type ExecutionLogTransport, type ExecutionLogTransportPayload, type ExecutionLogWireEntry, ExecutionLogger, type ExecutionLoggerOptions, type ExecutionMetadata, ExecutionStatus, type ExecutionStatusValue, File, type FileOutput, type GenerateCredentialOptions, type GenerateCredentialParams, HEADER_CALLER_DID, HEADER_DID_NONCE, HEADER_DID_SIGNATURE, HEADER_DID_TIMESTAMP, type HarnessConfig, type HarnessOptions, type HarnessProvider, type HarnessResult, HarnessRunner, type HealthStatus, Image, type ImageOutput, type ImageRequest, JWE_ALG, JWE_ENC, KEY_AGREEMENT_TYPE, type MediaProvider, MediaProviderError, type MediaResponse, MediaRouter, type MemoryChangeEvent, MemoryClient, MemoryClientBase, type MemoryConfig, MemoryEventClient, type MemoryEventHandler, type MemoryEventHistoryOptions, MemoryInterface, type MemoryRequestMetadata, type MemoryRequestOptions, type MemoryScope, type MemoryWatchHandler, type Metrics, type MultimodalContent, MultimodalResponse, OpenRouterMediaProvider, type OpenRouterMediaProviderOptions, type Payload, PayloadEncryptionError, RateLimitError, type RateLimiterOptions, type RawExecutionContext, type RawResult, RealtimeSession, type ReasonerCapability, ReasonerContext, type ReasonerDefinition, type ReasonerHandler, type ReasonerOptions, type RequestApprovalPayload, SUPPORTED_PROVIDERS, SUPPORTED_SESSION_TRANSPORTS, type ServerlessAdapter, type ServerlessEvent, type ServerlessResponse, type SessionDefinition, type SessionOptions, type SessionProvider, type SessionTransport, type SessionTransportCapability, SessionTransportError, type SessionTurn, type SkillCapability, SkillContext, type SkillDefinition, type SkillHandler, type SkillOptions, StatelessRateLimiter, TERMINAL_STATUSES, Text, type ToolCallConfig, type ToolCallRecord, type ToolCallTrace, type ToolsOption, type VectorSearchOptions, type VectorSearchResult, Video, type VideoFrameImage, type VideoInputReference, type VideoRequest, type WaitForApprovalOptions, type WorkflowCredential, type WorkflowMetadata, type WorkflowProgressOptions, WorkflowReporter, type ZodSchema, audioFromBase64, audioFromBuffer, audioFromFile, audioFromUrl, buildProvider, buildSessionDefinition, buildToolConfig, capabilitiesToTools, capabilityToMetadataTool, capabilityToTool, createExecutionLogger, createHarnessResult, createMetrics, createMultimodalResponse, createRawResult, decrypt, decryptToString, encryptForDid, encryptToJwk, executeToolCallLoop, extractKeyAgreementJwk, fileFromBase64, fileFromBuffer, fileFromPath, fileFromUrl, generateX25519KeyPair, getCurrentContext, getCurrentSkillContext, imageFromBase64, imageFromBuffer, imageFromFile, imageFromUrl, isActive, isExecutionLogBatchPayload, isTerminal, normalizeExecutionLogEntry, normalizeSessionTransportValue, normalizeStatus, serializeExecutionLogEntry, text, validateSessionTransport, videoFromBase64, videoFromBuffer, videoFromFile, videoFromUrl };

package/dist/index.js CHANGED Viewed

@@ -23,12 +23,18 @@ import https from 'https';
 import WebSocket from 'ws';
 import { Buffer as Buffer$1 } from 'buffer';
 import { zodToJsonSchema } from 'zod-to-json-schema';
+import { generateKeyPair, exportJWK, importJWK, CompactEncrypt, compactDecrypt } from 'jose';
 import { readFile } from 'fs/promises';
 var __defProp = Object.defineProperty;
 var __getOwnPropNames = Object.getOwnPropertyNames;
-var __esm = (fn, res) => function __init() {
-  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+var __esm = (fn, res, err) => function __init() {
+  if (err) throw err[0];
+  try {
+    return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+  } catch (e) {
+    throw err = [e], e;
+  }
 };
 var __export = (target, all) => {
   for (var name in all)
@@ -813,6 +819,7 @@ var init_runner = __esm({
       constructor(config) {
         this.config = config;
       }
+      config;
       async run(prompt, options = {}) {
         const { schema, ...rest } = options;
         const resolved = this.resolveOptions(this.config, rest);
@@ -2323,6 +2330,9 @@ var AgentFieldClient = class {
     if (metadata?.targetDid) headers["X-Target-DID"] = metadata.targetDid;
     if (metadata?.agentNodeDid) headers["X-Agent-Node-DID"] = metadata.agentNodeDid;
     if (metadata?.agentNodeId) headers["X-Agent-Node-ID"] = metadata.agentNodeId;
+    if (metadata?.replaySourceRunId) headers["X-AgentField-Replay-Source-Run-ID"] = metadata.replaySourceRunId;
+    if (metadata?.replayBeforeExecutionId) headers["X-AgentField-Replay-Before-Execution-ID"] = metadata.replayBeforeExecutionId;
+    if (metadata?.replayMode) headers["X-AgentField-Replay-Mode"] = metadata.replayMode;
     const bodyStr = JSON.stringify({ input });
     const authHeaders = this.didAuthenticator.signRequest(Buffer.from(bodyStr));
     try {
@@ -2349,6 +2359,44 @@ var AgentFieldClient = class {
       throw err;
     }
   }
+  async restartExecution(executionId, options = {}) {
+    if (!executionId) {
+      throw new Error("executionId is required");
+    }
+    const body = {
+      scope: options.scope ?? "workflow",
+      reuse: options.reuse ?? "succeeded-before",
+      fork: options.fork,
+      reason: options.reason,
+      input: options.input,
+      context: options.context
+    };
+    const bodyStr = JSON.stringify(body);
+    const authHeaders = this.didAuthenticator.signRequest(Buffer.from(bodyStr));
+    try {
+      const res = await this.http.post(
+        `/api/v1/executions/${encodeURIComponent(executionId)}/restart`,
+        bodyStr,
+        { headers: this.mergeHeaders({ "Content-Type": "application/json", ...authHeaders }) }
+      );
+      return res.data;
+    } catch (err) {
+      const respData = err?.response?.data;
+      if (respData) {
+        const status = err.response.status;
+        const msg = respData.message || respData.error || JSON.stringify(respData);
+        const enriched = Object.assign(
+          new Error(`restart execution ${executionId} failed (${status}): ${msg}`),
+          {
+            status,
+            responseData: respData
+          }
+        );
+        throw enriched;
+      }
+      throw err;
+    }
+  }
   async publishWorkflowEvent(event) {
     const payload = {
       execution_id: event.executionId,
@@ -2545,6 +2593,9 @@ var AgentFieldClient = class {
     if (metadata.targetDid) headers["x-target-did"] = metadata.targetDid;
     if (metadata.agentNodeDid) headers["x-agent-node-did"] = metadata.agentNodeDid;
     if (metadata.agentNodeId) headers["x-agent-node-id"] = metadata.agentNodeId;
+    if (metadata.replaySourceRunId) headers["x-agentfield-replay-source-run-id"] = metadata.replaySourceRunId;
+    if (metadata.replayBeforeExecutionId) headers["x-agentfield-replay-before-execution-id"] = metadata.replayBeforeExecutionId;
+    if (metadata.replayMode) headers["x-agentfield-replay-mode"] = metadata.replayMode;
     return headers;
   }
   setDIDCredentials(did, privateKeyJwk) {
@@ -3805,6 +3856,83 @@ function registerAgentfieldLogsRoute(app, ring) {
   });
 }
+// src/sessionTransport.ts
+var SUPPORTED_SESSION_TRANSPORTS = {
+  openai: ["webrtc", "websocket"],
+  openrouter: ["audio_turns"]
+};
+var SessionTransportError = class extends Error {
+  provider;
+  transport;
+  supported;
+  constructor(provider, transport, supported) {
+    const supportedDisplay = supported.length > 0 ? supported.join(", ") : "none";
+    super(
+      `Unsupported session transport '${transport}' for provider '${provider}'. Supported transports: ${supportedDisplay}. AgentField does not infer or switch providers; set provider and transport explicitly.`
+    );
+    this.name = "SessionTransportError";
+    this.provider = provider;
+    this.transport = transport;
+    this.supported = supported;
+  }
+};
+function normalizeSessionTransportValue(value) {
+  return value.trim().toLowerCase().replace(/-/g, "_");
+}
+function validateSessionTransport(provider, transport) {
+  const normalizedProvider = normalizeSessionTransportValue(provider);
+  const normalizedTransport = normalizeSessionTransportValue(transport);
+  if (!normalizedProvider) {
+    throw new Error("Session provider is required; AgentField does not infer providers.");
+  }
+  if (!normalizedTransport) {
+    throw new Error("Session transport is required; AgentField does not infer transports.");
+  }
+  const supported = SUPPORTED_SESSION_TRANSPORTS[normalizedProvider];
+  if (!supported) {
+    const known = Object.keys(SUPPORTED_SESSION_TRANSPORTS).sort().join(", ");
+    throw new Error(
+      `Unknown session provider '${provider}'. Known providers: ${known}. Register provider capabilities before using a custom session provider.`
+    );
+  }
+  if (!supported.includes(normalizedTransport)) {
+    throw new SessionTransportError(normalizedProvider, normalizedTransport, supported);
+  }
+  return {
+    provider: normalizedProvider,
+    transport: normalizedTransport
+  };
+}
+// src/session.ts
+var RealtimeSession = class {
+  sessionId;
+  definition;
+  constructor(sessionId, definition) {
+    this.sessionId = sessionId;
+    this.definition = definition;
+  }
+  async input() {
+    throw new Error("session.input() is populated by the AgentField control plane transport adapter");
+  }
+};
+function buildSessionDefinition(name, options) {
+  const capability = validateSessionTransport(options.provider, options.transport);
+  return {
+    name,
+    provider: capability.provider,
+    transport: capability.transport,
+    model: options.model,
+    modalities: options.modalities ?? ["audio", "text"],
+    voice: options.voice,
+    tools: options.tools ?? [],
+    tags: options.tags ?? [],
+    proposed_tags: options.tags ?? [],
+    approved_tags: [],
+    metadata: options.metadata ?? {}
+  };
+}
 // src/agent/Agent.ts
 var TargetNotFoundError = class extends Error {
 };
@@ -3841,6 +3969,7 @@ var Agent = class {
   memoryWatchers = [];
   localVerifier;
   realtimeValidationFunctions = /* @__PURE__ */ new Set();
+  sessions = /* @__PURE__ */ new Map();
   processLogRing = new ProcessLogRing();
   executionLogger;
   /** Tracks an AbortController per in-flight execution_id so the
@@ -3905,6 +4034,13 @@ var Agent = class {
     this.reasoners.includeRouter(router);
     this.skills.includeRouter(router);
   }
+  session(name, options, handler) {
+    this.sessions.set(name, { definition: buildSessionDefinition(name, options), handler });
+    return this;
+  }
+  sessionDefinitions() {
+    return Array.from(this.sessions.values()).map((entry) => entry.definition);
+  }
   handler(adapter) {
     return async (event, res) => {
       if (res && typeof res === "object" && typeof res.setHeader === "function") {
@@ -4252,7 +4388,10 @@ var Agent = class {
         callerDid: parentMetadata?.callerDid,
         targetDid: parentMetadata?.targetDid,
         agentNodeDid: parentMetadata?.agentNodeDid,
-        agentNodeId: this.config.nodeId
+        agentNodeId: this.config.nodeId,
+        replaySourceRunId: parentMetadata?.replaySourceRunId,
+        replayBeforeExecutionId: parentMetadata?.replayBeforeExecutionId,
+        replayMode: parentMetadata?.replayMode
       });
       this.executionLogger.system("agent.call.completed", "Remote agent call completed", {
         target,
@@ -4518,7 +4657,10 @@ var Agent = class {
       reasonerId: overrides?.reasonerId ?? normalized["x-reasoner-id"],
       callerDid: overrides?.callerDid ?? normalized["x-caller-did"],
       targetDid: overrides?.targetDid ?? normalized["x-target-did"],
-      agentNodeDid: overrides?.agentNodeDid ?? normalized["x-agent-node-did"] ?? normalized["x-agent-did"]
+      agentNodeDid: overrides?.agentNodeDid ?? normalized["x-agent-node-did"] ?? normalized["x-agent-did"],
+      replaySourceRunId: overrides?.replaySourceRunId ?? normalized["x-agentfield-replay-source-run-id"],
+      replayBeforeExecutionId: overrides?.replayBeforeExecutionId ?? normalized["x-agentfield-replay-before-execution-id"],
+      replayMode: overrides?.replayMode ?? normalized["x-agentfield-replay-mode"]
     };
   }
   handleHttpRequest(req, res) {
@@ -4701,7 +4843,8 @@ var Agent = class {
       version: this.config.version,
       deployment_type: deploymentType,
       reasoners: this.reasonerDefinitions(),
-      skills: this.skillDefinitions()
+      skills: this.skillDefinitions(),
+      sessions: this.sessionDefinitions()
     };
   }
   async executeInvocation(params) {
@@ -4986,7 +5129,8 @@ var Agent = class {
             sdk: {
               language: "typescript",
               version: AGENTFIELD_TS_SDK_VERSION
-            }
+            },
+            sessions: this.sessionDefinitions()
           }
         }
       });
@@ -5104,6 +5248,105 @@ var AgentRouter = class {
 function sanitize(value) {
   return value.replace(/[^0-9a-zA-Z]+/g, "_").replace(/_+/g, "_").replace(/^_+|_+$/g, "");
 }
+var JWE_ALG = "ECDH-ES";
+var JWE_ENC = "A256GCM";
+var KEY_AGREEMENT_TYPE = "X25519KeyAgreementKey2020";
+var PayloadEncryptionError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "PayloadEncryptionError";
+  }
+};
+var encoder = new TextEncoder();
+function payloadToBytes(payload) {
+  if (payload instanceof Uint8Array) return payload;
+  if (typeof payload === "string") return encoder.encode(payload);
+  return encoder.encode(JSON.stringify(payload));
+}
+async function generateX25519KeyPair() {
+  const { privateKey, publicKey } = await generateKeyPair("ECDH-ES", {
+    crv: "X25519",
+    extractable: true
+  });
+  const privateJwk = await exportJWK(privateKey);
+  const publicJwk = await exportJWK(publicKey);
+  return { privateJwk, publicJwk };
+}
+function extractKeyAgreementJwk(didDocument) {
+  if (typeof didDocument !== "object" || didDocument === null) {
+    throw new PayloadEncryptionError("DID document must be an object");
+  }
+  const doc = didDocument["did_document"] ?? didDocument;
+  const flat = doc["key_agreement"];
+  if (flat && typeof flat === "object" && flat.crv === "X25519") {
+    return flat;
+  }
+  const keyAgreement = doc["keyAgreement"];
+  if (!keyAgreement || Array.isArray(keyAgreement) && keyAgreement.length === 0) {
+    throw new PayloadEncryptionError(
+      "DID document has no keyAgreement key; the agent has not published an X25519 encryption key"
+    );
+  }
+  const verificationMethods = /* @__PURE__ */ new Map();
+  for (const vm2 of doc["verificationMethod"] ?? []) {
+    if (vm2 && typeof vm2 === "object" && typeof vm2["id"] === "string") {
+      verificationMethods.set(vm2["id"], vm2);
+    }
+  }
+  const entry = Array.isArray(keyAgreement) ? keyAgreement[0] : keyAgreement;
+  let vm;
+  if (typeof entry === "string") {
+    vm = verificationMethods.get(entry);
+    if (!vm) {
+      throw new PayloadEncryptionError(
+        `keyAgreement references unknown verification method ${entry}`
+      );
+    }
+  } else if (entry && typeof entry === "object") {
+    vm = entry;
+  } else {
+    throw new PayloadEncryptionError("unsupported keyAgreement entry shape");
+  }
+  const jwk = vm["publicKeyJwk"];
+  if (!jwk || jwk.crv !== "X25519") {
+    throw new PayloadEncryptionError(
+      "keyAgreement verification method does not carry an X25519 publicKeyJwk"
+    );
+  }
+  return jwk;
+}
+async function encryptToJwk(publicJwk, payload) {
+  if (!publicJwk || publicJwk.crv !== "X25519") {
+    throw new PayloadEncryptionError("publicJwk must be an X25519 OKP JWK");
+  }
+  try {
+    const key = await importJWK(publicJwk, JWE_ALG);
+    return await new CompactEncrypt(payloadToBytes(payload)).setProtectedHeader({ alg: JWE_ALG, enc: JWE_ENC }).encrypt(key);
+  } catch (err) {
+    if (err instanceof PayloadEncryptionError) throw err;
+    throw new PayloadEncryptionError(`encryption failed: ${err.message}`);
+  }
+}
+async function encryptForDid(did, payload, resolver) {
+  const document = await resolver(did);
+  if (!document) {
+    throw new PayloadEncryptionError(`could not resolve DID ${did}`);
+  }
+  const publicJwk = extractKeyAgreementJwk(document);
+  return encryptToJwk(publicJwk, payload);
+}
+async function decrypt(token, privateJwk) {
+  try {
+    const key = await importJWK(privateJwk, JWE_ALG);
+    const { plaintext } = await compactDecrypt(token, key);
+    return Uint8Array.from(plaintext);
+  } catch (err) {
+    throw new PayloadEncryptionError(`decryption failed: ${err.message}`);
+  }
+}
+async function decryptToString(token, privateJwk) {
+  return new TextDecoder().decode(await decrypt(token, privateJwk));
+}
 var IMAGE_MIME_TYPES = {
   ".jpg": "image/jpeg",
   ".jpeg": "image/jpeg",
@@ -6525,6 +6768,6 @@ function sleep2(ms) {
   return new Promise((resolve2) => setTimeout(resolve2, ms));
 }
-export { ACTIVE_STATUSES, AIClient, Agent, AgentRouter, ApprovalClient, Audio, CANONICAL_STATUSES, DIDAuthenticator, DidClient, DidInterface, DidManager, ExecutionContext, ExecutionLogger, ExecutionStatus, File, HEADER_CALLER_DID, HEADER_DID_NONCE, HEADER_DID_SIGNATURE, HEADER_DID_TIMESTAMP, HarnessRunner, Image, MediaProviderError, MediaRouter, MemoryClient, MemoryClientBase, MemoryEventClient, MemoryInterface, MultimodalResponse, OpenRouterMediaProvider, RateLimitError, ReasonerContext, SUPPORTED_PROVIDERS, SkillContext, StatelessRateLimiter, TERMINAL_STATUSES, Text, Video, WorkflowReporter, audioFromBase64, audioFromBuffer, audioFromFile, audioFromUrl, buildProvider, buildToolConfig, capabilitiesToTools, capabilityToMetadataTool, capabilityToTool, createExecutionLogger, createHarnessResult, createMetrics, createMultimodalResponse, createRawResult, executeToolCallLoop, fileFromBase64, fileFromBuffer, fileFromPath, fileFromUrl, getCurrentContext, getCurrentSkillContext, imageFromBase64, imageFromBuffer, imageFromFile, imageFromUrl, isActive, isExecutionLogBatchPayload, isTerminal, normalizeExecutionLogEntry, normalizeStatus, serializeExecutionLogEntry, text, videoFromBase64, videoFromBuffer, videoFromFile, videoFromUrl };
+export { ACTIVE_STATUSES, AIClient, Agent, AgentRouter, ApprovalClient, Audio, CANONICAL_STATUSES, DIDAuthenticator, DidClient, DidInterface, DidManager, ExecutionContext, ExecutionLogger, ExecutionStatus, File, HEADER_CALLER_DID, HEADER_DID_NONCE, HEADER_DID_SIGNATURE, HEADER_DID_TIMESTAMP, HarnessRunner, Image, JWE_ALG, JWE_ENC, KEY_AGREEMENT_TYPE, MediaProviderError, MediaRouter, MemoryClient, MemoryClientBase, MemoryEventClient, MemoryInterface, MultimodalResponse, OpenRouterMediaProvider, PayloadEncryptionError, RateLimitError, RealtimeSession, ReasonerContext, SUPPORTED_PROVIDERS, SUPPORTED_SESSION_TRANSPORTS, SessionTransportError, SkillContext, StatelessRateLimiter, TERMINAL_STATUSES, Text, Video, WorkflowReporter, audioFromBase64, audioFromBuffer, audioFromFile, audioFromUrl, buildProvider, buildSessionDefinition, buildToolConfig, capabilitiesToTools, capabilityToMetadataTool, capabilityToTool, createExecutionLogger, createHarnessResult, createMetrics, createMultimodalResponse, createRawResult, decrypt, decryptToString, encryptForDid, encryptToJwk, executeToolCallLoop, extractKeyAgreementJwk, fileFromBase64, fileFromBuffer, fileFromPath, fileFromUrl, generateX25519KeyPair, getCurrentContext, getCurrentSkillContext, imageFromBase64, imageFromBuffer, imageFromFile, imageFromUrl, isActive, isExecutionLogBatchPayload, isTerminal, normalizeExecutionLogEntry, normalizeSessionTransportValue, normalizeStatus, serializeExecutionLogEntry, text, validateSessionTransport, videoFromBase64, videoFromBuffer, videoFromFile, videoFromUrl };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map