@agenttrust-sdk/mcp 0.3.0 → 0.3.2

package/dist/tools/write/init-policy.js

@@ -1,9 +1,20 @@
 "use strict";
 /**
  * `agenttrust_init_policy` — initialise a PolicyAccount + VelocityLedger
- * for the caller's `(agent_asset, policy_id)` pair. Requires the
- * PolicyAuthority to already exist with the signer as a member; this
- * tool surfaces a clear error pointing at `init_authority` if not.
+ * for the caller's `(agent_asset, policy_id)` pair.
+ *
+ * Self-healing: if the agent's `PolicyAuthority` PDA does not yet
+ * exist, the tool transparently prepends an `init_authority` instruction
+ * (single-member = signer, threshold = 1) and submits both in a single
+ * atomic transaction. The user never has to learn about Anchor 3012
+ * (AccountNotInitialized) or run a bootstrap script.
+ *
+ * Cap defaults: when the caller specifies ANY spending cap, unspecified
+ * peers default to the MAX of the specified caps rather than 0.
+ * Rationale: v1 policies are immutable post-init, so 0 (literal hard
+ * cap) is hostile — every gated payment fails with
+ * `SpendingPerTxExceeded`. The MAX-of-peers default keeps the explicit
+ * cap binding and leaves the others permissive.
  *
  * The full per-kind config is exposed as JSON; sane defaults zero every
  * field so callers can incrementally enable kinds via the bitmask.
@@ -18,14 +29,16 @@ const config_1 = require("../../config");
 const common_1 = require("../common");
 const POLICY_AUTHORITY_PREFIX = Buffer.from("policy_authority");
 const SpendingSchema = zod_1.z.object({
-    per_tx_max: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(0),
-    daily_max: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(0),
-    weekly_max: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(0),
+    per_tx_max: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(0).describe("Max per-transaction amount. If 0 and any peer cap is non-zero, defaults to the largest specified cap."),
+    daily_max: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(0).describe("Max daily aggregate. If 0 and any peer cap is non-zero, defaults to the largest specified cap."),
+    weekly_max: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(0).describe("Max weekly aggregate. If 0 and any peer cap is non-zero, defaults to the largest specified cap."),
 }).default({ per_tx_max: 0, daily_max: 0, weekly_max: 0 });
 const VelocitySchema = zod_1.z.object({
     window_secs: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(0),
     max_in_window: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(0),
-    tier0_decay_factor: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(10000),
+    tier0_decay_factor: zod_1.z.union([zod_1.z.number().int().nonnegative(), zod_1.z.string().regex(/^\d+$/)]).default(10000).describe("Basis points (10_000 = 100%). Rate the velocity counter decays toward zero per slot. " +
+        "10_000 means full decay every slot (no rollover). 0 means the counter persists forever. " +
+        "Tune per agent's usage pattern."),
 }).default({ window_secs: 0, max_in_window: 0, tier0_decay_factor: 10000 });
 const CounterpartySchema = zod_1.z.object({
     min_tier: zod_1.z.number().int().min(0).max(4).default(0),
@@ -49,12 +62,45 @@ const InputSchema = zod_1.z.object({
     validation: ValidationSchema,
 });
 const ZERO_PUBKEY = new web3_js_1.PublicKey(new Uint8Array(32));
+/**
+ * Apply max-of-peers default-fill. Returns a copy of `spending` where any
+ * `0` field is rewritten to the largest specified (non-zero) cap among
+ * its peers. If every field is `0`, returns the input unchanged — that
+ * means the user explicitly disabled the Spending kind via the bitmask
+ * and we honour it.
+ */
+function applySpendingCapDefaults(spending) {
+    const toBig = (v) => BigInt(typeof v === "string" ? v : v.toString());
+    const perTx = toBig(spending.per_tx_max);
+    const daily = toBig(spending.daily_max);
+    const weekly = toBig(spending.weekly_max);
+    const peers = [perTx, daily, weekly];
+    const maxPeer = peers.reduce((a, b) => (a > b ? a : b), 0n);
+    if (maxPeer === 0n) {
+        // All zero — user didn't specify any cap. Leave as zero (bitmask
+        // gating decides whether Spending is enabled at all).
+        return {
+            per_tx_max: perTx.toString(),
+            daily_max: daily.toString(),
+            weekly_max: weekly.toString(),
+        };
+    }
+    return {
+        per_tx_max: (perTx === 0n ? maxPeer : perTx).toString(),
+        daily_max: (daily === 0n ? maxPeer : daily).toString(),
+        weekly_max: (weekly === 0n ? maxPeer : weekly).toString(),
+    };
+}
 exports.initPolicyTool = {
     name: "agenttrust_init_policy",
     description: "Create a PolicyAccount + VelocityLedger PDA for the caller's agent. " +
-        "Requires KEYPAIR_B58 (the signer must be a member of the agent's " +
-        "PolicyAuthority). Returns the tx signature plus Explorer URLs for " +
-        "both new PDAs.",
+        "Self-healing: if the agent's PolicyAuthority PDA does not yet exist, " +
+        "the tool prepends init_authority (single-member = signer, threshold 1) " +
+        "in the same atomic transaction. Sensible cap defaults: when the caller " +
+        "sets at least one spending cap, unspecified peer caps default to the " +
+        "MAX of the specified caps rather than 0 — important because v1 " +
+        "policies are immutable post-init and 0 is a hostile always-deny. " +
+        "Requires a signer (KEYPAIR_B58 / KEYPAIR_PATH / Solana CLI default).",
     inputSchema: InputSchema,
     async handler(input, ctx) {
         const signer = ctx.chain.requireSigner();
@@ -63,6 +109,7 @@ exports.initPolicyTool = {
         const policyPda = (0, chain_1.derivePolicyPda)(ctx.chain.cfg.programs.policyVault, agent, input.policy_id);
         const velocityPda = (0, chain_1.deriveVelocityPda)(ctx.chain.cfg.programs.policyVault, agent, input.policy_id);
         const authorityPda = web3_js_1.PublicKey.findProgramAddressSync([POLICY_AUTHORITY_PREFIX, agent.toBuffer()], ctx.chain.cfg.programs.policyVault)[0];
+        const effectiveSpending = applySpendingCapDefaults(input.spending);
         const validationHash = input.validation.required_capability_hash_hex
             ? Array.from((0, common_1.hexToBytes)(input.validation.required_capability_hash_hex))
             : Array.from(new Uint8Array(32));
@@ -80,9 +127,9 @@ exports.initPolicyTool = {
             gateMode: input.gate_mode,
             scopeKind: input.scope_kind,
             spending: {
-                perTxMax: new anchor_1.BN(input.spending.per_tx_max.toString()),
-                dailyMax: new anchor_1.BN(input.spending.daily_max.toString()),
-                weeklyMax: new anchor_1.BN(input.spending.weekly_max.toString()),
+                perTxMax: new anchor_1.BN(effectiveSpending.per_tx_max),
+                dailyMax: new anchor_1.BN(effectiveSpending.daily_max),
+                weeklyMax: new anchor_1.BN(effectiveSpending.weekly_max),
             },
             velocity: {
                 windowSecs: new anchor_1.BN(input.velocity.window_secs.toString()),
@@ -100,7 +147,28 @@ exports.initPolicyTool = {
                 acceptedAttestors,
             },
         };
-        const txSignature = await policyVault.methods
+        // Self-heal: if PolicyAuthority is missing, prepend init_authority
+        // (single-member = signer, threshold = 1) in the same tx. The
+        // existing on-chain account is otherwise the source of truth — we
+        // never overwrite different members/threshold silently.
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        const existingAuth = await policyVault.account.policyAuthority.fetchNullable(authorityPda);
+        const healedSteps = [];
+        const tx = new web3_js_1.Transaction();
+        if (!existingAuth) {
+            const initAuthIx = await policyVault.methods
+                .initAuthority(agent, [signer.publicKey], 1)
+                .accounts({
+                payer: signer.publicKey,
+                policyAuthority: authorityPda,
+                systemProgram: web3_js_1.SystemProgram.programId,
+                // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            })
+                .instruction();
+            tx.add(initAuthIx);
+            healedSteps.push("init_authority");
+        }
+        const initPolicyIx = await policyVault.methods
             .initPolicy(agent, args)
             .accounts({
             payer: signer.publicKey,
@@ -110,7 +178,9 @@ exports.initPolicyTool = {
             systemProgram: web3_js_1.SystemProgram.programId,
             // eslint-disable-next-line @typescript-eslint/no-explicit-any
         })
-            .rpc();
+            .instruction();
+        tx.add(initPolicyIx);
+        const txSignature = await ctx.chain.provider.sendAndConfirm(tx, [signer]);
         return {
             txSignature,
             explorerTxUrl: (0, config_1.explorerUrl)(ctx.chain.cfg, "tx", txSignature),
@@ -118,6 +188,13 @@ exports.initPolicyTool = {
             policyExplorer: (0, config_1.explorerUrl)(ctx.chain.cfg, "address", policyPda.toBase58()),
             velocityPda: velocityPda.toBase58(),
             velocityExplorer: (0, config_1.explorerUrl)(ctx.chain.cfg, "address", velocityPda.toBase58()),
+            effectiveSpending: {
+                perTxMax: effectiveSpending.per_tx_max,
+                dailyMax: effectiveSpending.daily_max,
+                weeklyMax: effectiveSpending.weekly_max,
+            },
+            selfHealed: healedSteps.length > 0,
+            healedSteps,
         };
     },
 };

package/dist/tools/write/init-policy.js.map

@@ -1 +1 @@
-{"version":3,"file":"init-policy.js","sourceRoot":"","sources":["../../../src/tools/write/init-policy.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAEH,8CAAuC;AACvC,6CAA2D;AAC3D,6BAAwB;AAExB,uCAAiE;AACjE,yCAA2C;AAC3C,sCAAiF;AAGjF,MAAM,uBAAuB,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AAEhE,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IAC9B,UAAU,EAAG,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5F,SAAS,EAAI,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5F,UAAU,EAAG,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;CAC7F,CAAC,CAAC,OAAO,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC,CAAC;AAE3D,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IAC9B,WAAW,EAAS,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACnG,aAAa,EAAO,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACnG,kBAAkB,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;CACxG,CAAC,CAAC,OAAO,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAAC,CAAC;AAE5E,MAAM,kBAAkB,GAAG,OAAC,CAAC,MAAM,CAAC;IAClC,QAAQ,EAAmB,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACpE,cAAc,EAAa,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IACxE,cAAc,EAAa,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACxE,yBAAyB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;CACrE,CAAC,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,cAAc,EAAE,GAAG,EAAE,cAAc,EAAE,CAAC,EAAE,yBAAyB,EAAE,CAAC,EAAE,CAAC,CAAC;AAElG,MAAM,gBAAgB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChC,4BAA4B,EAAE,sBAAa,CAAC,QAAQ,EAAE;IACtD,kBAAkB,EAAY,OAAC,CAAC,KAAK,CAAC,qBAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CACvE,CAAC,CAAC,OAAO,CAAC,EAAE,kBAAkB,EAAE,EAAE,EAAE,CAAC,CAAC;AAEvC,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,WAAW,EAAY,qBAAY,CAAC,QAAQ,CAAC,yEAAyE,CAAC;IACvH,SAAS,EAAc,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC;IAC9D,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,gGAAgG,CAAC;IAClK,SAAS,EAAc,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,0BAA0B,CAAC;IACrG,UAAU,EAAa,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,qCAAqC,CAAC;IAChH,QAAQ,EAAe,cAAc;IACrC,QAAQ,EAAe,cAAc;IACrC,YAAY,EAAW,kBAAkB;IACzC,UAAU,EAAa,gBAAgB;CACxC,CAAC,CAAC;AAYH,MAAM,WAAW,GAAG,IAAI,mBAAS,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AAEzC,QAAA,cAAc,GAAwB;IACjD,IAAI,EAAS,wBAAwB;IACrC,WAAW,EACT,sEAAsE;QACtE,mEAAmE;QACnE,oEAAoE;QACpE,gBAAgB;IAClB,WAAW,EAAE,WAAW;IAExB,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,GAAgB;QAC1C,MAAM,MAAM,GAAS,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAU,IAAA,oBAAW,EAAC,KAAK,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QACnE,MAAM,WAAW,GAAI,MAAM,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QAEnD,MAAM,SAAS,GAAM,IAAA,uBAAe,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QACjG,MAAM,WAAW,GAAI,IAAA,yBAAiB,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QACnG,MAAM,YAAY,GAAG,mBAAS,CAAC,sBAAsB,CACnD,CAAC,uBAAuB,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC,EAC3C,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CACnC,CAAC,CAAC,CAAC,CAAC;QAEL,MAAM,cAAc,GAAG,KAAK,CAAC,UAAU,CAAC,4BAA4B;YAClE,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAA,mBAAU,EAAC,KAAK,CAAC,UAAU,CAAC,4BAA4B,CAAC,CAAC;YACvE,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QACnC,MAAM,iBAAiB,GAAgB;YACrC,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC;gBACpC,CAAC,CAAC,IAAA,oBAAW,EAAC,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,kCAAkC,CAAC;gBACzF,CAAC,CAAC,WAAW;YACf,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC;gBACpC,CAAC,CAAC,IAAA,oBAAW,EAAC,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,kCAAkC,CAAC;gBACzF,CAAC,CAAC,WAAW;SAChB,CAAC;QAEF,MAAM,IAAI,GAAG;YACX,QAAQ,EAAa,KAAK,CAAC,SAAS;YACpC,mBAAmB,EAAE,KAAK,CAAC,qBAAqB;YAChD,QAAQ,EAAa,KAAK,CAAC,SAAS;YACpC,SAAS,EAAY,KAAK,CAAC,UAAU;YACrC,QAAQ,EAAE;gBACR,QAAQ,EAAG,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;gBACvD,QAAQ,EAAG,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACtD,SAAS,EAAE,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;aACxD;YACD,QAAQ,EAAE;gBACR,UAAU,EAAS,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;gBAChE,WAAW,EAAQ,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;gBAClE,gBAAgB,EAAG,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,EAAE,CAAC;aACxE;YACD,YAAY,EAAE;gBACZ,OAAO,EAAkB,KAAK,CAAC,YAAY,CAAC,QAAQ;gBACpD,YAAY,EAAa,KAAK,CAAC,YAAY,CAAC,cAAc;gBAC1D,aAAa,EAAY,KAAK,CAAC,YAAY,CAAC,cAAc;gBAC1D,uBAAuB,EAAE,KAAK,CAAC,YAAY,CAAC,yBAAyB;aACtE;YACD,UAAU,EAAE;gBACV,sBAAsB,EAAE,cAAc;gBACtC,iBAAiB;aAClB;SACF,CAAC;QAEF,MAAM,WAAW,GAAW,MAAM,WAAW,CAAC,OAAO;aAClD,UAAU,CAAC,KAAK,EAAE,IAAa,CAAC;aAChC,QAAQ,CAAC;YACR,KAAK,EAAY,MAAM,CAAC,SAAS;YACjC,eAAe,EAAE,YAAY;YAC7B,aAAa,EAAI,SAAS;YAC1B,cAAc,EAAG,WAAW;YAC5B,aAAa,EAAI,uBAAa,CAAC,SAAS;YACxC,8DAA8D;SACxD,CAAC;aACR,GAAG,EAAE,CAAC;QAET,OAAO;YACL,WAAW;YACX,aAAa,EAAK,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,EAAO,WAAW,CAAC;YACpE,SAAS,EAAS,SAAS,CAAC,QAAQ,EAAE;YACtC,cAAc,EAAI,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC7E,WAAW,EAAO,WAAW,CAAC,QAAQ,EAAE;YACxC,gBAAgB,EAAE,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC;SAChF,CAAC;IACJ,CAAC;CACF,CAAC"}
+{"version":3,"file":"init-policy.js","sourceRoot":"","sources":["../../../src/tools/write/init-policy.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;GAmBG;;;AAEH,8CAAuC;AACvC,6CAAwE;AACxE,6BAAwB;AAExB,uCAAiE;AACjE,yCAA2C;AAC3C,sCAAiF;AAGjF,MAAM,uBAAuB,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AAEhE,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IAC9B,UAAU,EAAG,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CACnG,uGAAuG,CACxG;IACD,SAAS,EAAI,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CACnG,gGAAgG,CACjG;IACD,UAAU,EAAG,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CACnG,iGAAiG,CAClG;CACF,CAAC,CAAC,OAAO,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC,CAAC;AAE3D,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IAC9B,WAAW,EAAS,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACnG,aAAa,EAAO,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACnG,kBAAkB,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAC9G,uFAAuF;QACvF,0FAA0F;QAC1F,iCAAiC,CAClC;CACF,CAAC,CAAC,OAAO,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAAC,CAAC;AAE5E,MAAM,kBAAkB,GAAG,OAAC,CAAC,MAAM,CAAC;IAClC,QAAQ,EAAmB,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACpE,cAAc,EAAa,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IACxE,cAAc,EAAa,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACxE,yBAAyB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;CACrE,CAAC,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,cAAc,EAAE,GAAG,EAAE,cAAc,EAAE,CAAC,EAAE,yBAAyB,EAAE,CAAC,EAAE,CAAC,CAAC;AAElG,MAAM,gBAAgB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChC,4BAA4B,EAAE,sBAAa,CAAC,QAAQ,EAAE;IACtD,kBAAkB,EAAY,OAAC,CAAC,KAAK,CAAC,qBAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CACvE,CAAC,CAAC,OAAO,CAAC,EAAE,kBAAkB,EAAE,EAAE,EAAE,CAAC,CAAC;AAEvC,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,WAAW,EAAY,qBAAY,CAAC,QAAQ,CAAC,yEAAyE,CAAC;IACvH,SAAS,EAAc,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC;IAC9D,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,gGAAgG,CAAC;IAClK,SAAS,EAAc,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,0BAA0B,CAAC;IACrG,UAAU,EAAa,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,qCAAqC,CAAC;IAChH,QAAQ,EAAe,cAAc;IACrC,QAAQ,EAAe,cAAc;IACrC,YAAY,EAAW,kBAAkB;IACzC,UAAU,EAAa,gBAAgB;CACxC,CAAC,CAAC;AAqBH,MAAM,WAAW,GAAG,IAAI,mBAAS,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;AAEtD;;;;;;GAMG;AACH,SAAS,wBAAwB,CAAC,QAAkG;IAClI,MAAM,KAAK,GAAG,CAAC,CAAkB,EAAU,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC/F,MAAM,KAAK,GAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAI,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAE1C,MAAM,KAAK,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IACrC,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,IAAI,OAAO,KAAK,EAAE,EAAE,CAAC;QACnB,iEAAiE;QACjE,sDAAsD;QACtD,OAAO;YACL,UAAU,EAAE,KAAK,CAAC,QAAQ,EAAE;YAC5B,SAAS,EAAG,KAAK,CAAC,QAAQ,EAAE;YAC5B,UAAU,EAAE,MAAM,CAAC,QAAQ,EAAE;SAC9B,CAAC;IACJ,CAAC;IAED,OAAO;QACL,UAAU,EAAE,CAAC,KAAK,KAAM,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAE,CAAC,QAAQ,EAAE;QACzD,SAAS,EAAG,CAAC,KAAK,KAAM,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAE,CAAC,QAAQ,EAAE;QACzD,UAAU,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE;KAC1D,CAAC;AACJ,CAAC;AAEY,QAAA,cAAc,GAAwB;IACjD,IAAI,EAAS,wBAAwB;IACrC,WAAW,EACT,sEAAsE;QACtE,uEAAuE;QACvE,yEAAyE;QACzE,yEAAyE;QACzE,uEAAuE;QACvE,iEAAiE;QACjE,mEAAmE;QACnE,sEAAsE;IACxE,WAAW,EAAE,WAAW;IAExB,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,GAAgB;QAC1C,MAAM,MAAM,GAAS,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAU,IAAA,oBAAW,EAAC,KAAK,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QACnE,MAAM,WAAW,GAAI,MAAM,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QAEnD,MAAM,SAAS,GAAM,IAAA,uBAAe,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QACjG,MAAM,WAAW,GAAI,IAAA,yBAAiB,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QACnG,MAAM,YAAY,GAAG,mBAAS,CAAC,sBAAsB,CACnD,CAAC,uBAAuB,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC,EAC3C,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CACnC,CAAC,CAAC,CAAC,CAAC;QAEL,MAAM,iBAAiB,GAAG,wBAAwB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAEnE,MAAM,cAAc,GAAG,KAAK,CAAC,UAAU,CAAC,4BAA4B;YAClE,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAA,mBAAU,EAAC,KAAK,CAAC,UAAU,CAAC,4BAA4B,CAAC,CAAC;YACvE,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QACnC,MAAM,iBAAiB,GAAgB;YACrC,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC;gBACpC,CAAC,CAAC,IAAA,oBAAW,EAAC,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,kCAAkC,CAAC;gBACzF,CAAC,CAAC,WAAW;YACf,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC;gBACpC,CAAC,CAAC,IAAA,oBAAW,EAAC,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,kCAAkC,CAAC;gBACzF,CAAC,CAAC,WAAW;SAChB,CAAC;QAEF,MAAM,IAAI,GAAG;YACX,QAAQ,EAAa,KAAK,CAAC,SAAS;YACpC,mBAAmB,EAAE,KAAK,CAAC,qBAAqB;YAChD,QAAQ,EAAa,KAAK,CAAC,SAAS;YACpC,SAAS,EAAY,KAAK,CAAC,UAAU;YACrC,QAAQ,EAAE;gBACR,QAAQ,EAAG,IAAI,WAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC;gBAC/C,QAAQ,EAAG,IAAI,WAAE,CAAC,iBAAiB,CAAC,SAAS,CAAC;gBAC9C,SAAS,EAAE,IAAI,WAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC;aAChD;YACD,QAAQ,EAAE;gBACR,UAAU,EAAS,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;gBAChE,WAAW,EAAQ,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;gBAClE,gBAAgB,EAAG,IAAI,WAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,EAAE,CAAC;aACxE;YACD,YAAY,EAAE;gBACZ,OAAO,EAAkB,KAAK,CAAC,YAAY,CAAC,QAAQ;gBACpD,YAAY,EAAa,KAAK,CAAC,YAAY,CAAC,cAAc;gBAC1D,aAAa,EAAY,KAAK,CAAC,YAAY,CAAC,cAAc;gBAC1D,uBAAuB,EAAE,KAAK,CAAC,YAAY,CAAC,yBAAyB;aACtE;YACD,UAAU,EAAE;gBACV,sBAAsB,EAAE,cAAc;gBACtC,iBAAiB;aAClB;SACF,CAAC;QAEF,mEAAmE;QACnE,8DAA8D;QAC9D,kEAAkE;QAClE,wDAAwD;QACxD,8DAA8D;QAC9D,MAAM,YAAY,GAAQ,MAAO,WAAW,CAAC,OAAe,CAAC,eAAe,CAAC,aAAa,CACxF,YAAY,CACb,CAAC;QAEF,MAAM,WAAW,GAAa,EAAE,CAAC;QACjC,MAAM,EAAE,GAAG,IAAI,qBAAW,EAAE,CAAC;QAE7B,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,OAAO;iBACzC,aAAa,CAAC,KAAK,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;iBAC3C,QAAQ,CAAC;gBACR,KAAK,EAAY,MAAM,CAAC,SAAS;gBACjC,eAAe,EAAE,YAAY;gBAC7B,aAAa,EAAI,uBAAa,CAAC,SAAS;gBACxC,8DAA8D;aACxD,CAAC;iBACR,WAAW,EAAE,CAAC;YACjB,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QACrC,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC,OAAO;aAC3C,UAAU,CAAC,KAAK,EAAE,IAAa,CAAC;aAChC,QAAQ,CAAC;YACR,KAAK,EAAY,MAAM,CAAC,SAAS;YACjC,eAAe,EAAE,YAAY;YAC7B,aAAa,EAAI,SAAS;YAC1B,cAAc,EAAG,WAAW;YAC5B,aAAa,EAAI,uBAAa,CAAC,SAAS;YACxC,8DAA8D;SACxD,CAAC;aACR,WAAW,EAAE,CAAC;QACjB,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAErB,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QAE1E,OAAO;YACL,WAAW;YACX,aAAa,EAAK,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,EAAO,WAAW,CAAC;YACpE,SAAS,EAAS,SAAS,CAAC,QAAQ,EAAE;YACtC,cAAc,EAAI,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC7E,WAAW,EAAO,WAAW,CAAC,QAAQ,EAAE;YACxC,gBAAgB,EAAE,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC/E,iBAAiB,EAAE;gBACjB,QAAQ,EAAG,iBAAiB,CAAC,UAAU;gBACvC,QAAQ,EAAG,iBAAiB,CAAC,SAAS;gBACtC,SAAS,EAAE,iBAAiB,CAAC,UAAU;aACxC;YACD,UAAU,EAAQ,WAAW,CAAC,MAAM,GAAG,CAAC;YACxC,WAAW;SACZ,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/tools/write/request-validation.js

@@ -22,14 +22,18 @@ const InputSchema = zod_1.z.object({
         .describe("Direct 32-byte capability hash (hex); use only if you already have the digest"),
     claim_uri_hash_hex: common_1.HexHashSchema.describe("32-byte hash of the off-chain claim URI"),
     deadline_slot: zod_1.z.union([zod_1.z.number().int().positive(), zod_1.z.string().regex(/^\d+$/)])
-        .describe("Slot by which an attestor must respond"),
+        .describe("Slot by which an attestor must respond. Must be greater than the " +
+        "current Solana slot. Devnet slots advance roughly every 400ms " +
+        "(so `current_slot + 60 * 1000 / 400 = current_slot + 150` is " +
+        "approximately one minute in the future)."),
 });
 exports.requestValidationTool = {
     name: "agenttrust_request_validation",
     description: "Open a ValidationRequest PDA inviting attestors to attest to a " +
         "subject's capability. Pass either capability_name (preferred — the SDK " +
         "computes SHA256(name) and stamps it as the hash) or capability_hash_hex " +
-        "directly. Requires KEYPAIR_B58. Returns the request PDA's Explorer URL.",
+        "directly. Requires a signer (KEYPAIR_B58 / KEYPAIR_PATH / Solana CLI " +
+        "default). Returns the request PDA's Explorer URL.",
     inputSchema: InputSchema,
     async handler(input, ctx) {
         const signer = ctx.chain.requireSigner();

package/dist/tools/write/request-validation.js.map

@@ -1 +1 @@
-{"version":3,"file":"request-validation.js","sourceRoot":"","sources":["../../../src/tools/write/request-validation.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAEH,6CAA8C;AAC9C,6BAAwB;AAExB,uCAIqB;AACrB,yCAA2C;AAC3C,sCAA6F;AAG7F,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,aAAa,EAAS,qBAAY,CAAC,QAAQ,CAAC,uDAAuD,CAAC;IACpG,eAAe,EAAO,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;SACjC,QAAQ,CAAC,sEAAsE,CAAC;IACzG,mBAAmB,EAAG,sBAAa,CAAC,QAAQ,EAAE;SACrB,QAAQ,CAAC,+EAA+E,CAAC;IAClH,kBAAkB,EAAI,sBAAa,CAAC,QAAQ,CAAC,yCAAyC,CAAC;IACvF,aAAa,EAAS,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;SAC9D,QAAQ,CAAC,wCAAwC,CAAC;CAC5E,CAAC,CAAC;AAWU,QAAA,qBAAqB,GAAwB;IACxD,IAAI,EAAS,+BAA+B;IAC5C,WAAW,EACT,iEAAiE;QACjE,yEAAyE;QACzE,0EAA0E;QAC1E,yEAAyE;IAC3E,WAAW,EAAE,WAAW;IAExB,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,GAAgB;QAC1C,MAAM,MAAM,GAAI,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAA,oBAAW,EAAC,KAAK,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,eAAe,IAAI,CAAC,KAAK,CAAC,mBAAmB,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QACD,MAAM,OAAO,GAAG,KAAK,CAAC,eAAe;YACnC,CAAC,CAAC,IAAA,6BAAqB,EAAC,KAAK,CAAC,eAAe,CAAC;YAC9C,CAAC,CAAC,IAAA,mBAAU,EAAC,KAAK,CAAC,mBAAoB,CAAC,CAAC;QAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QAC/E,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACvD,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAEvF,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,EAAE,CAAC;QACrD,MAAM,EAAE,GAAG,MAAM,IAAA,gCAAwB,EAAC;YACxC,OAAO;YACP,SAAS,EAAO,MAAM,CAAC,SAAS;YAChC,YAAY,EAAI,OAAO;YACvB,cAAc,EAAE,OAAO;YACvB,YAAY,EAAI,SAAS;YACzB,YAAY,EAAI,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;SACvD,CAAC,CAAC;QAEH,MAAM,EAAE,GAAG,IAAI,qBAAW,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrC,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1E,MAAM,UAAU,GAAG,IAAA,kCAA0B,EAC3C,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,SAAS,CAC9E,CAAC;QAEF,OAAO;YACL,WAAW;YACX,aAAa,EAAM,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,EAAO,WAAW,CAAC;YACrE,UAAU,EAAS,UAAU,CAAC,QAAQ,EAAE;YACxC,eAAe,EAAI,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,UAAU,CAAC,QAAQ,EAAE,CAAC;YAC/E,iBAAiB,EAAE,IAAA,mBAAU,EAAC,OAAO,CAAC;SACvC,CAAC;IACJ,CAAC;CACF,CAAC"}
+{"version":3,"file":"request-validation.js","sourceRoot":"","sources":["../../../src/tools/write/request-validation.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAEH,6CAA8C;AAC9C,6BAAwB;AAExB,uCAIqB;AACrB,yCAA2C;AAC3C,sCAA6F;AAG7F,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,aAAa,EAAS,qBAAY,CAAC,QAAQ,CAAC,uDAAuD,CAAC;IACpG,eAAe,EAAO,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;SACjC,QAAQ,CAAC,sEAAsE,CAAC;IACzG,mBAAmB,EAAG,sBAAa,CAAC,QAAQ,EAAE;SACrB,QAAQ,CAAC,+EAA+E,CAAC;IAClH,kBAAkB,EAAI,sBAAa,CAAC,QAAQ,CAAC,yCAAyC,CAAC;IACvF,aAAa,EAAS,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;SAC9D,QAAQ,CACP,mEAAmE;QACnE,gEAAgE;QAChE,+DAA+D;QAC/D,0CAA0C,CAC3C;CAC1B,CAAC,CAAC;AAWU,QAAA,qBAAqB,GAAwB;IACxD,IAAI,EAAS,+BAA+B;IAC5C,WAAW,EACT,iEAAiE;QACjE,yEAAyE;QACzE,0EAA0E;QAC1E,uEAAuE;QACvE,mDAAmD;IACrD,WAAW,EAAE,WAAW;IAExB,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,GAAgB;QAC1C,MAAM,MAAM,GAAI,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAA,oBAAW,EAAC,KAAK,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,eAAe,IAAI,CAAC,KAAK,CAAC,mBAAmB,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QACD,MAAM,OAAO,GAAG,KAAK,CAAC,eAAe;YACnC,CAAC,CAAC,IAAA,6BAAqB,EAAC,KAAK,CAAC,eAAe,CAAC;YAC9C,CAAC,CAAC,IAAA,mBAAU,EAAC,KAAK,CAAC,mBAAoB,CAAC,CAAC;QAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QAC/E,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACvD,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAEvF,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,EAAE,CAAC;QACrD,MAAM,EAAE,GAAG,MAAM,IAAA,gCAAwB,EAAC;YACxC,OAAO;YACP,SAAS,EAAO,MAAM,CAAC,SAAS;YAChC,YAAY,EAAI,OAAO;YACvB,cAAc,EAAE,OAAO;YACvB,YAAY,EAAI,SAAS;YACzB,YAAY,EAAI,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;SACvD,CAAC,CAAC;QAEH,MAAM,EAAE,GAAG,IAAI,qBAAW,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrC,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1E,MAAM,UAAU,GAAG,IAAA,kCAA0B,EAC3C,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,SAAS,CAC9E,CAAC;QAEF,OAAO;YACL,WAAW;YACX,aAAa,EAAM,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,EAAO,WAAW,CAAC;YACrE,UAAU,EAAS,UAAU,CAAC,QAAQ,EAAE;YACxC,eAAe,EAAI,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,UAAU,CAAC,QAAQ,EAAE,CAAC;YAC/E,iBAAiB,EAAE,IAAA,mBAAU,EAAC,OAAO,CAAC;SACvC,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/tools/write/respond-to-validation.d.ts

@@ -7,8 +7,9 @@
  * must be the attestor (matches `attestor_profile.attestor`).
  *
  * If the attestor profile doesn't exist yet, this tool surfaces a clear
- * error pointing at the planned `register_attestor` flow — the
- * attestor-demo's bootstrap script is the source-of-truth lifecycle.
+ * error pointing at the attestor-demo bootstrap script and the SDK's
+ * validation-registry helpers — there's no MCP `register_attestor`
+ * tool, the SDK + demo path is the canonical bootstrap surface.
  */
 import { z } from "zod";
 import type { Tool } from "../types";

package/dist/tools/write/respond-to-validation.js

@@ -8,8 +8,9 @@
  * must be the attestor (matches `attestor_profile.attestor`).
  *
  * If the attestor profile doesn't exist yet, this tool surfaces a clear
- * error pointing at the planned `register_attestor` flow — the
- * attestor-demo's bootstrap script is the source-of-truth lifecycle.
+ * error pointing at the attestor-demo bootstrap script and the SDK's
+ * validation-registry helpers — there's no MCP `register_attestor`
+ * tool, the SDK + demo path is the canonical bootstrap surface.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.respondToValidationTool = void 0;
@@ -30,10 +31,10 @@ const InputSchema = zod_1.z.object({
 exports.respondToValidationTool = {
     name: "agenttrust_respond_to_validation",
     description: "Attestor responds to a ValidationRequest by creating a " +
-        "ValidationAttestation PDA. Requires KEYPAIR_B58 (must equal the " +
-        "attestor pubkey registered in AttestorProfile). Surfaces the " +
-        "attestation PDA + Explorer URL for downstream PolicyVault " +
-        "RequireValidation reads.",
+        "ValidationAttestation PDA. Requires a signer (KEYPAIR_B58 / " +
+        "KEYPAIR_PATH / Solana CLI default) whose pubkey must equal the " +
+        "attestor registered in AttestorProfile. Surfaces the attestation " +
+        "PDA + Explorer URL for downstream PolicyVault RequireValidation reads.",
     inputSchema: InputSchema,
     async handler(input, ctx) {
         const signer = ctx.chain.requireSigner();
@@ -52,7 +53,9 @@ exports.respondToValidationTool = {
         const profile = await (0, chain_1.fetchAttestorProfile)(program, signer.publicKey);
         if (!profile.data) {
             throw new Error(`AttestorProfile not initialised for signer ${signer.publicKey.toBase58()}. ` +
-                `Run the attestor-demo bootstrap (or register_attestor instruction) first.`);
+                `Bootstrap an attestor profile by running the demo script at ` +
+                `examples/attestor-demo/scripts/init.ts or composing a register_attestor ` +
+                `transaction with @agenttrust-sdk/trustgate's validation-registry helpers.`);
         }
         const ix = await (0, chain_1.buildRespondToValidationIx)({
             program,

package/dist/tools/write/respond-to-validation.js.map

@@ -1 +1 @@
-{"version":3,"file":"respond-to-validation.js","sourceRoot":"","sources":["../../../src/tools/write/respond-to-validation.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAEH,6CAA8C;AAC9C,6BAAwB;AAExB,uCAMqB;AACrB,yCAA2C;AAC3C,sCAA6F;AAG7F,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,aAAa,EAAS,qBAAY;IAClC,eAAe,EAAO,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC1D,mBAAmB,EAAG,sBAAa,CAAC,QAAQ,EAAE;IAC9C,sBAAsB,EAAE,sBAAa,CAAC,QAAQ,CAAC,qDAAqD,CAAC;IACrG,kBAAkB,EAAI,sBAAa,CAAC,QAAQ,CAAC,yCAAyC,CAAC;IACvF,eAAe,EAAO,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;SAC9D,QAAQ,CAAC,qCAAqC,CAAC;CACzE,CAAC,CAAC;AAYU,QAAA,uBAAuB,GAAwB;IAC1D,IAAI,EAAS,kCAAkC;IAC/C,WAAW,EACT,yDAAyD;QACzD,kEAAkE;QAClE,+DAA+D;QAC/D,4DAA4D;QAC5D,0BAA0B;IAC5B,WAAW,EAAE,WAAW;IAExB,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,GAAgB;QAC1C,MAAM,MAAM,GAAI,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAA,oBAAW,EAAC,KAAK,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,eAAe,IAAI,CAAC,KAAK,CAAC,mBAAmB,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QACD,MAAM,OAAO,GAAG,KAAK,CAAC,eAAe;YACnC,CAAC,CAAC,IAAA,6BAAqB,EAAC,KAAK,CAAC,eAAe,CAAC;YAC9C,CAAC,CAAC,IAAA,mBAAU,EAAC,KAAK,CAAC,mBAAoB,CAAC,CAAC;QAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QAC/E,MAAM,gBAAgB,GAAG,IAAA,mBAAU,EAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAClE,MAAM,YAAY,GAAO,IAAA,mBAAU,EAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QAE9D,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,EAAE,CAAC;QAErD,MAAM,OAAO,GAAG,MAAM,IAAA,4BAAoB,EAAC,OAAO,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACtE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI;gBAC7E,2EAA2E,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,GAAG,MAAM,IAAA,kCAA0B,EAAC;YAC1C,OAAO;YACP,KAAK,EAAa,MAAM,CAAC,SAAS;YAClC,QAAQ,EAAU,MAAM,CAAC,SAAS;YAClC,YAAY,EAAM,OAAO;YACzB,cAAc,EAAI,OAAO;YACzB,gBAAgB;YAChB,YAAY;YACZ,aAAa,EAAK,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,QAAQ,EAAE,CAAC;SAC3D,CAAC,CAAC;QAEH,MAAM,EAAE,GAAG,IAAI,qBAAW,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrC,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QAE1E,MAAM,cAAc,GAAG,IAAA,sCAA8B,EACnD,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,SAAS,CAC9E,CAAC;QACF,MAAM,kBAAkB,GAAG,IAAA,gCAAwB,EACjD,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAC5D,CAAC;QAEF,OAAO;YACL,WAAW;YACX,aAAa,EAAS,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,EAAO,WAAW,CAAC;YACxE,cAAc,EAAQ,cAAc,CAAC,QAAQ,EAAE;YAC/C,mBAAmB,EAAG,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,cAAc,CAAC,QAAQ,EAAE,CAAC;YACtF,kBAAkB,EAAI,kBAAkB,CAAC,QAAQ,EAAE;YACnD,iBAAiB,EAAK,IAAA,mBAAU,EAAC,OAAO,CAAC;SAC1C,CAAC;IACJ,CAAC;CACF,CAAC"}
+{"version":3,"file":"respond-to-validation.js","sourceRoot":"","sources":["../../../src/tools/write/respond-to-validation.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;AAEH,6CAA8C;AAC9C,6BAAwB;AAExB,uCAMqB;AACrB,yCAA2C;AAC3C,sCAA6F;AAG7F,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,aAAa,EAAS,qBAAY;IAClC,eAAe,EAAO,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC1D,mBAAmB,EAAG,sBAAa,CAAC,QAAQ,EAAE;IAC9C,sBAAsB,EAAE,sBAAa,CAAC,QAAQ,CAAC,qDAAqD,CAAC;IACrG,kBAAkB,EAAI,sBAAa,CAAC,QAAQ,CAAC,yCAAyC,CAAC;IACvF,eAAe,EAAO,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;SAC9D,QAAQ,CAAC,qCAAqC,CAAC;CACzE,CAAC,CAAC;AAYU,QAAA,uBAAuB,GAAwB;IAC1D,IAAI,EAAS,kCAAkC;IAC/C,WAAW,EACT,yDAAyD;QACzD,8DAA8D;QAC9D,iEAAiE;QACjE,mEAAmE;QACnE,wEAAwE;IAC1E,WAAW,EAAE,WAAW;IAExB,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,GAAgB;QAC1C,MAAM,MAAM,GAAI,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAA,oBAAW,EAAC,KAAK,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,eAAe,IAAI,CAAC,KAAK,CAAC,mBAAmB,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QACD,MAAM,OAAO,GAAG,KAAK,CAAC,eAAe;YACnC,CAAC,CAAC,IAAA,6BAAqB,EAAC,KAAK,CAAC,eAAe,CAAC;YAC9C,CAAC,CAAC,IAAA,mBAAU,EAAC,KAAK,CAAC,mBAAoB,CAAC,CAAC;QAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QAC/E,MAAM,gBAAgB,GAAG,IAAA,mBAAU,EAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAClE,MAAM,YAAY,GAAO,IAAA,mBAAU,EAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QAE9D,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,EAAE,CAAC;QAErD,MAAM,OAAO,GAAG,MAAM,IAAA,4BAAoB,EAAC,OAAO,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACtE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI;gBAC7E,8DAA8D;gBAC9D,0EAA0E;gBAC1E,2EAA2E,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,GAAG,MAAM,IAAA,kCAA0B,EAAC;YAC1C,OAAO;YACP,KAAK,EAAa,MAAM,CAAC,SAAS;YAClC,QAAQ,EAAU,MAAM,CAAC,SAAS;YAClC,YAAY,EAAM,OAAO;YACzB,cAAc,EAAI,OAAO;YACzB,gBAAgB;YAChB,YAAY;YACZ,aAAa,EAAK,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,QAAQ,EAAE,CAAC;SAC3D,CAAC,CAAC;QAEH,MAAM,EAAE,GAAG,IAAI,qBAAW,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrC,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QAE1E,MAAM,cAAc,GAAG,IAAA,sCAA8B,EACnD,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,SAAS,CAC9E,CAAC;QACF,MAAM,kBAAkB,GAAG,IAAA,gCAAwB,EACjD,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAC5D,CAAC;QAEF,OAAO;YACL,WAAW;YACX,aAAa,EAAS,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,EAAO,WAAW,CAAC;YACxE,cAAc,EAAQ,cAAc,CAAC,QAAQ,EAAE;YAC/C,mBAAmB,EAAG,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,cAAc,CAAC,QAAQ,EAAE,CAAC;YACtF,kBAAkB,EAAI,kBAAkB,CAAC,QAAQ,EAAE;YACnD,iBAAiB,EAAK,IAAA,mBAAU,EAAC,OAAO,CAAC;SAC1C,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/tools/write/set-killswitch.d.ts

@@ -4,6 +4,13 @@
  * signers in `remainingAccounts` must reach the PolicyAuthority's
  * threshold count.
  *
+ * Self-healing: this tool depends on two PDAs being initialised —
+ * `PolicyAuthority` (created by `init_authority`) and `KillSwitchState`
+ * (created by `init_killswitch`). When either is missing, the tool
+ * prepends the corresponding init instruction in the same atomic
+ * transaction. The user never has to learn about Anchor 3012
+ * (AccountNotInitialized) or run a bootstrap script.
+ *
  * v1 ships the lead-signer-only happy path; thresholds > 1 require the
  * caller to assemble the multisig out-of-band and pass cosigner pubkeys
  * via `cosigner_pubkeys` (each must be available in the local keypair
@@ -29,6 +36,9 @@ interface Output {
     killSwitchPda: string;
     killSwitchExplorer: string;
     paused: boolean;
+    /** True when the tool transparently bootstrapped any prerequisite PDA in the same tx. */
+    selfHealed: boolean;
+    healedSteps: string[];
 }
 export declare const setKillswitchTool: Tool<Input, Output>;
 export {};

package/dist/tools/write/set-killswitch.js

@@ -5,6 +5,13 @@
  * signers in `remainingAccounts` must reach the PolicyAuthority's
  * threshold count.
  *
+ * Self-healing: this tool depends on two PDAs being initialised —
+ * `PolicyAuthority` (created by `init_authority`) and `KillSwitchState`
+ * (created by `init_killswitch`). When either is missing, the tool
+ * prepends the corresponding init instruction in the same atomic
+ * transaction. The user never has to learn about Anchor 3012
+ * (AccountNotInitialized) or run a bootstrap script.
+ *
  * v1 ships the lead-signer-only happy path; thresholds > 1 require the
  * caller to assemble the multisig out-of-band and pass cosigner pubkeys
  * via `cosigner_pubkeys` (each must be available in the local keypair
@@ -25,10 +32,12 @@ const InputSchema = zod_1.z.object({
 });
 exports.setKillswitchTool = {
     name: "agenttrust_set_killswitch",
-    description: "Pause or unpause an agent's KillSwitchState. Requires KEYPAIR_B58 to " +
-        "be the lead signer (a member of the agent's PolicyAuthority). When the " +
-        "authority's threshold > 1 the call needs additional cosigners; this " +
-        "tool currently only supports lead-only multisigs (threshold=1).",
+    description: "Pause or unpause an agent's KillSwitchState. Self-healing: if " +
+        "PolicyAuthority or KillSwitchState is missing, the tool prepends " +
+        "init_authority (single-member = signer, threshold 1) and/or " +
+        "init_killswitch in the same atomic transaction. Lead-signer must be a " +
+        "member of the PolicyAuthority; threshold > 1 (multi-sig) is not yet " +
+        "supported by this tool. Requires a signer.",
     inputSchema: InputSchema,
     async handler(input, ctx) {
         const signer = ctx.chain.requireSigner();
@@ -36,20 +45,56 @@ exports.setKillswitchTool = {
         const policy = await ctx.chain.policyVault();
         const ksPda = (0, chain_1.deriveKillSwitchPda)(ctx.chain.cfg.programs.policyVault, agent);
         const authPda = web3_js_1.PublicKey.findProgramAddressSync([POLICY_AUTHORITY_PREFIX, agent.toBuffer()], ctx.chain.cfg.programs.policyVault)[0];
-        // Friendly preflight: confirm the authority threshold is satisfiable
-        // by the lead signer alone.
+        // Self-heal preflight: confirm PolicyAuthority + KillSwitchState
+        // exist; if not, prepend the matching init instructions to the same
+        // transaction. Existing accounts are the source of truth — we never
+        // overwrite different members/threshold silently.
         // eslint-disable-next-line @typescript-eslint/no-explicit-any
         const auth = await policy.account.policyAuthority.fetchNullable(authPda);
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        const ks = await policy.account.killSwitchState.fetchNullable(ksPda);
+        const healedSteps = [];
+        const tx = new web3_js_1.Transaction();
         if (!auth) {
-            throw new Error(`PolicyAuthority not initialised for ${agent.toBase58()}. Call ` +
-                `init_authority before set_killswitch.`);
+            const initAuthIx = await policy.methods
+                .initAuthority(agent, [signer.publicKey], 1)
+                .accounts({
+                payer: signer.publicKey,
+                policyAuthority: authPda,
+                systemProgram: web3_js_1.SystemProgram.programId,
+                // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            })
+                .instruction();
+            tx.add(initAuthIx);
+            healedSteps.push("init_authority");
+        }
+        else {
+            // Lead-signer-only constraint — only checkable when authority exists.
+            // When self-healed in-tx, threshold = 1 by construction.
+            const threshold = Number(auth.threshold ?? 0);
+            if (threshold > 1) {
+                throw new Error(`PolicyAuthority threshold is ${threshold}. This tool only supports ` +
+                    `lead-only signing (threshold=1). Cosigner support is roadmap. ` +
+                    `To run a multi-sig killswitch today, use the Anchor CLI flow at ` +
+                    `https://docs.agenttrust.tech/programs/policy-vault/kill-switch-policy ` +
+                    `(or build a custom transaction via @agenttrust-sdk/trustgate's ` +
+                    `set_killswitch composer).`);
+            }
         }
-        const threshold = Number(auth.threshold ?? 0);
-        if (threshold > 1) {
-            throw new Error(`PolicyAuthority threshold is ${threshold}; this tool only supports ` +
-                `lead-only signing (threshold=1). Cosigner support is roadmap.`);
+        if (!ks) {
+            const initKsIx = await policy.methods
+                .initKillswitch(agent)
+                .accounts({
+                payer: signer.publicKey,
+                killSwitchState: ksPda,
+                systemProgram: web3_js_1.SystemProgram.programId,
+                // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            })
+                .instruction();
+            tx.add(initKsIx);
+            healedSteps.push("init_killswitch");
         }
-        const txSignature = await policy.methods
+        const setKsIx = await policy.methods
             .setKillswitch(agent, input.paused)
             .accounts({
             signer: signer.publicKey,
@@ -57,13 +102,17 @@ exports.setKillswitchTool = {
             killSwitchState: ksPda,
             // eslint-disable-next-line @typescript-eslint/no-explicit-any
         })
-            .rpc();
+            .instruction();
+        tx.add(setKsIx);
+        const txSignature = await ctx.chain.provider.sendAndConfirm(tx, [signer]);
         return {
             txSignature,
             explorerTxUrl: (0, config_1.explorerUrl)(ctx.chain.cfg, "tx", txSignature),
             killSwitchPda: ksPda.toBase58(),
             killSwitchExplorer: (0, config_1.explorerUrl)(ctx.chain.cfg, "address", ksPda.toBase58()),
             paused: input.paused,
+            selfHealed: healedSteps.length > 0,
+            healedSteps,
         };
     },
 };

package/dist/tools/write/set-killswitch.js.map

@@ -1 +1 @@
-{"version":3,"file":"set-killswitch.js","sourceRoot":"","sources":["../../../src/tools/write/set-killswitch.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAEH,6CAA4C;AAC5C,6BAAwB;AAExB,uCAAkD;AAClD,yCAA2C;AAC3C,sCAAsD;AAGtD,MAAM,uBAAuB,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AAEhE,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,WAAW,EAAE,qBAAY,CAAC,QAAQ,CAAC,oBAAoB,CAAC;IACxD,MAAM,EAAO,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC,iCAAiC,CAAC;CACrE,CAAC,CAAC;AAWU,QAAA,iBAAiB,GAAwB;IACpD,IAAI,EAAS,2BAA2B;IACxC,WAAW,EACT,uEAAuE;QACvE,yEAAyE;QACzE,sEAAsE;QACtE,iEAAiE;IACnE,WAAW,EAAE,WAAW;IAExB,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,GAAgB;QAC1C,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QACzC,MAAM,KAAK,GAAI,IAAA,oBAAW,EAAC,KAAK,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QAC7D,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QAE7C,MAAM,KAAK,GAAK,IAAA,2BAAmB,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QAC/E,MAAM,OAAO,GAAG,mBAAS,CAAC,sBAAsB,CAC9C,CAAC,uBAAuB,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC,EAC3C,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CACnC,CAAC,CAAC,CAAC,CAAC;QAEL,qEAAqE;QACrE,4BAA4B;QAC5B,8DAA8D;QAC9D,MAAM,IAAI,GAAQ,MAAO,MAAM,CAAC,OAAe,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QACvF,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CACb,uCAAuC,KAAK,CAAC,QAAQ,EAAE,SAAS;gBAChE,uCAAuC,CACxC,CAAC;QACJ,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC;QAC9C,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CACb,gCAAgC,SAAS,4BAA4B;gBACrE,+DAA+D,CAChE,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAW,MAAM,MAAM,CAAC,OAAO;aAC7C,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC;aAClC,QAAQ,CAAC;YACR,MAAM,EAAY,MAAM,CAAC,SAAS;YAClC,eAAe,EAAG,OAAO;YACzB,eAAe,EAAG,KAAK;YACvB,8DAA8D;SACxD,CAAC;aACR,GAAG,EAAE,CAAC;QAET,OAAO;YACL,WAAW;YACX,aAAa,EAAO,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,EAAO,WAAW,CAAC;YACtE,aAAa,EAAO,KAAK,CAAC,QAAQ,EAAE;YACpC,kBAAkB,EAAE,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3E,MAAM,EAAc,KAAK,CAAC,MAAM;SACjC,CAAC;IACJ,CAAC;CACF,CAAC"}
+{"version":3,"file":"set-killswitch.js","sourceRoot":"","sources":["../../../src/tools/write/set-killswitch.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;AAEH,6CAAwE;AACxE,6BAAwB;AAExB,uCAAkD;AAClD,yCAA2C;AAC3C,sCAAsD;AAGtD,MAAM,uBAAuB,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AAEhE,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,WAAW,EAAE,qBAAY,CAAC,QAAQ,CAAC,oBAAoB,CAAC;IACxD,MAAM,EAAO,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC,iCAAiC,CAAC;CACrE,CAAC,CAAC;AAcU,QAAA,iBAAiB,GAAwB;IACpD,IAAI,EAAS,2BAA2B;IACxC,WAAW,EACT,gEAAgE;QAChE,mEAAmE;QACnE,8DAA8D;QAC9D,wEAAwE;QACxE,sEAAsE;QACtE,4CAA4C;IAC9C,WAAW,EAAE,WAAW;IAExB,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,GAAgB;QAC1C,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QACzC,MAAM,KAAK,GAAI,IAAA,oBAAW,EAAC,KAAK,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QAC7D,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QAE7C,MAAM,KAAK,GAAK,IAAA,2BAAmB,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QAC/E,MAAM,OAAO,GAAG,mBAAS,CAAC,sBAAsB,CAC9C,CAAC,uBAAuB,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC,EAC3C,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CACnC,CAAC,CAAC,CAAC,CAAC;QAEL,iEAAiE;QACjE,oEAAoE;QACpE,oEAAoE;QACpE,kDAAkD;QAClD,8DAA8D;QAC9D,MAAM,IAAI,GAAQ,MAAO,MAAM,CAAC,OAAe,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QACvF,8DAA8D;QAC9D,MAAM,EAAE,GAAU,MAAO,MAAM,CAAC,OAAe,CAAC,eAAe,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAErF,MAAM,WAAW,GAAa,EAAE,CAAC;QACjC,MAAM,EAAE,GAAG,IAAI,qBAAW,EAAE,CAAC;QAE7B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,OAAO;iBACpC,aAAa,CAAC,KAAK,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;iBAC3C,QAAQ,CAAC;gBACR,KAAK,EAAY,MAAM,CAAC,SAAS;gBACjC,eAAe,EAAE,OAAO;gBACxB,aAAa,EAAI,uBAAa,CAAC,SAAS;gBACxC,8DAA8D;aACxD,CAAC;iBACR,WAAW,EAAE,CAAC;YACjB,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QACrC,CAAC;aAAM,CAAC;YACN,sEAAsE;YACtE,yDAAyD;YACzD,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC;YAC9C,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CACb,gCAAgC,SAAS,4BAA4B;oBACrE,gEAAgE;oBAChE,kEAAkE;oBAClE,wEAAwE;oBACxE,iEAAiE;oBACjE,2BAA2B,CAC5B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,OAAO;iBAClC,cAAc,CAAC,KAAK,CAAC;iBACrB,QAAQ,CAAC;gBACR,KAAK,EAAY,MAAM,CAAC,SAAS;gBACjC,eAAe,EAAE,KAAK;gBACtB,aAAa,EAAI,uBAAa,CAAC,SAAS;gBACxC,8DAA8D;aACxD,CAAC;iBACR,WAAW,EAAE,CAAC;YACjB,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACjB,WAAW,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACtC,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO;aACjC,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC;aAClC,QAAQ,CAAC;YACR,MAAM,EAAY,MAAM,CAAC,SAAS;YAClC,eAAe,EAAG,OAAO;YACzB,eAAe,EAAG,KAAK;YACvB,8DAA8D;SACxD,CAAC;aACR,WAAW,EAAE,CAAC;QACjB,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAEhB,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QAE1E,OAAO;YACL,WAAW;YACX,aAAa,EAAO,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,EAAO,WAAW,CAAC;YACtE,aAAa,EAAO,KAAK,CAAC,QAAQ,EAAE;YACpC,kBAAkB,EAAE,IAAA,oBAAW,EAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC3E,MAAM,EAAc,KAAK,CAAC,MAAM;YAChC,UAAU,EAAU,WAAW,CAAC,MAAM,GAAG,CAAC;YAC1C,WAAW;SACZ,CAAC;IACJ,CAAC;CACF,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agenttrust-sdk/mcp",
-  "version": "0.3.0",
+  "version": "0.3.2",
   "description": "MCP server for AgentTrust \u2014 query and call deployed Solana programs from Claude Desktop / Cursor / any MCP client",
   "author": "AgentTrust Labs (https://agenttrust.tech)",
   "license": "MIT",

package/dist/embedded-docs/getting-started/architecture-overview.mdx

@@ -1,85 +0,0 @@
----
-title: Architecture overview
-description: How AgentTrust composes x402 facilitators, Solana policy, settlement, and feedback.
----
-
-AgentTrust has three on-chain programs, one TypeScript SDK, and one facilitator-adapter layer. Pay.sh is the first concrete adapter. The design keeps protocol-specific wire shapes outside the policy and feedback path.
-
-## Current flow
-
-```txt
-agent request
-  -> x402 facilitator (Pay.sh today)
-  -> FacilitatorAdapter.parseRequest
-  -> VerifyContext
-  -> PolicyVault gate_payment
-  -> Allow | Deny | RequireValidation
-  -> signed settlement path
-     -> SPL transfer
-     -> TrustGate emit_feedback
-     -> Quantu agent_registry_8004 give_feedback
-```
-
-## Components
-
-| Component | Location | Responsibility |
-| --- | --- | --- |
-| PolicyVault | `programs/policy-vault` | compose five policy kinds and return a decision |
-| TrustGate | `programs/trustgate` | sign feedback CPI as the facilitator PDA |
-| ValidationRegistry | `programs/validation-registry` | store capability attestations read by PolicyVault |
-| Facilitator adapters | `trustgate/server/src/facilitators` | translate Pay.sh / Dexter / atxp_ai / MCPay wire shapes into `VerifyContext` |
-| SDK | `trustgate/sdk` | expose client helpers and Express routes |
-
-## Why adapters exist
-
-Every x402 facilitator carries the same payment intent but differs in headers, body shape, proof payload, retry behavior, and settlement metadata. AgentTrust isolates those differences in five adapter methods:
-
-| Method | Responsibility |
-| --- | --- |
-| `parseRequest` | turn a facilitator request into `VerifyContext` |
-| `formatChallenge` | render Allow / Deny / RequireValidation back into that facilitator's wire shape |
-| `formatSettlement` | produce settlement metadata or an unsigned transaction skeleton |
-| `validatePaymentProof` | verify proof shape and cross-check transfer context |
-| `emitFeedback` | call the feedback CPI idempotently |
-
-Routes, policy logic, and registry reads do not branch on a facilitator name.
-
-## Decision path
-
-PolicyVault is deliberately fail-fast:
-
-1. `KillSwitch`
-2. `Spending`
-3. `Velocity`
-4. `CounterpartyTier`
-5. `RequireValidation`
-
-State changes are applied only on `Allow`. `Deny` and `RequireValidation` return a decision without mutating spending or velocity counters.
-
-## Trust reads
-
-PolicyVault reads foreign PDAs defensively:
-
-| Data | Parser | Locked offset |
-| --- | --- | --- |
-| Quantu `AtomStats.risk_score` | `policy-vault/src/ext/atom_engine.rs` | byte `549` |
-| Quantu `AtomStats.trust_tier` | `policy-vault/src/ext/atom_engine.rs` | byte `551` |
-| Quantu `AtomStats.confidence` | `policy-vault/src/ext/atom_engine.rs` | bytes `557..558` |
-| AgentTrust attestation subject | `policy-vault/src/ext/validation_registry.rs` | byte `8` |
-| AgentTrust attestation expiry | `policy-vault/src/ext/validation_registry.rs` | byte `208` |
-
-## Verification boundary
-
-<KaniProofBadge />
-
-The Kani harnesses target the pure Rust policy/composer layer rather than the Anchor wrappers. That keeps proofs short, deterministic, and tied to the code that makes decisions.
-
-## Atomic settlement boundary
-
-For production settlement, the policy check, SPL transfer, and feedback emission must share the same signed transaction path. If one part fails, the user should not get a successful payment with missing feedback or feedback for a missing payment.
-
-The Pay.sh demo uses stubs for RPC and CPI so local tests run quickly. Those seams are the same seams a production factory fills with devnet programs and SPL transfer parsing.
-
-## Deployment boundary
-
-The docs and SDK default to devnet program IDs. Quantu mainnet IDs are used for local validator cloning and reference-grade byte layouts.

package/dist/embedded-docs/reference/formal-verification.mdx

@@ -1,19 +0,0 @@
----
-title: Formal verification
-description: Kani proof harnesses that guard PolicyVault invariants.
----
-
-`In progress`
-
-AgentTrust runs five Kani harnesses for the current PolicyVault safety surface.
-
-| Harness | Property |
-| --- | --- |
-| `paused_implies_no_allow` | paused KillSwitch cannot allow |
-| `velocity_counter_le_limit` | allow-path counter stays within limit |
-| `counterparty_tier_monotone` | looser tier requirement cannot fail after tighter pass |
-| `validation_expiry_correct` | expired attestation cannot allow |
-| `multisig_threshold_enforced` | threshold requires distinct signing members |
-
-Sources: [`programs/policy-vault/src/proofs`](https://github.com/agenttrust-labs/agenttrust/tree/main/programs/policy-vault/src/proofs), [`.github/workflows/kani-prove.yml`](https://github.com/agenttrust-labs/agenttrust/blob/main/.github/workflows/kani-prove.yml)
-

package/dist/embedded-docs/sdk/atomic-tx-invariant.mdx

@@ -1,37 +0,0 @@
----
-title: Atomic-tx invariant
-description: SDK and facilitator rules that keep policy checks tied to settlement.
----
-
-AgentTrust treats a policy check as useful only when the facilitator enforces the same payment context through settlement.
-
-Production settlement must compose:
-
-1. `gate_payment`
-2. SPL transfer
-3. `emit_feedback`
-
-All three succeed, or all three revert. That is the invariant that keeps a Pay.sh payment from settling without the AgentTrust feedback record, and keeps feedback from being emitted for a payment that never moved.
-
-## Adapter responsibilities
-
-The adapter validates that the retry proof still matches the verify-time context:
-
-| Check | Why it exists |
-| --- | --- |
-| `paymentIdHash` replay binding | prevents duplicate or raced settlement calls |
-| amount, mint, recipient cross-check | prevents paying a different asset or recipient than the policy checked |
-| facilitator fee payer != transfer authority | prevents self-pay feedback |
-| SERVICE-signed challenge | prevents forged `paymentRequirements` racing a legitimate one |
-| idempotent feedback lookup | makes retries return a stable receipt instead of double-emitting |
-
-## Demo vs production
-
-`examples/pay-sh-demo` stubs `validateOnChainTx` and `emitFeedbackCpi` so the route can run in CI. Production fills those same dependency seams with RPC parsing and the Anchor feedback call.
-
-| Source | Path |
-| --- | --- |
-| facilitator routes | [`trustgate/server/src/routes/settle.ts`](https://github.com/agenttrust-labs/agenttrust/blob/main/trustgate/server/src/routes/settle.ts) |
-| Pay.sh proof validator | [`trustgate/server/src/facilitators/pay-sh/proof-validator.ts`](https://github.com/agenttrust-labs/agenttrust/blob/main/trustgate/server/src/facilitators/pay-sh/proof-validator.ts) |
-| Pay.sh feedback helper | [`trustgate/server/src/facilitators/pay-sh/feedback.ts`](https://github.com/agenttrust-labs/agenttrust/blob/main/trustgate/server/src/facilitators/pay-sh/feedback.ts) |
-| Pay.sh demo deps | [`examples/pay-sh-demo/src/deps.ts`](https://github.com/agenttrust-labs/agenttrust/blob/main/examples/pay-sh-demo/src/deps.ts) |