@agentvault/agentvault 0.19.58 → 0.19.60

package/dist/cli.js

@@ -44666,6 +44666,13 @@ function computeFingerprint(publicKey) {
 function createProofOfPossession(privateKey, publicKey) {
   return libsodium_wrappers_default.crypto_sign_detached(publicKey, privateKey);
 }
+function verifyProofOfPossession(proof, publicKey) {
+  try {
+    return libsodium_wrappers_default.crypto_sign_verify_detached(proof, publicKey, publicKey);
+  } catch {
+    return false;
+  }
+}
 var init_keys = __esm({
   async "../crypto/dist/keys.js"() {
     "use strict";
@@ -45134,6 +45141,74 @@ function jsonCanonical(value) {
   }
   return JSON.stringify(value);
 }
+function base58Encode(bytes) {
+  let zeros = 0;
+  for (const b2 of bytes) {
+    if (b2 === 0)
+      zeros++;
+    else
+      break;
+  }
+  let num = BigInt(0);
+  for (const b2 of bytes) {
+    num = num * 256n + BigInt(b2);
+  }
+  let result = "";
+  while (num > 0n) {
+    const remainder = Number(num % 58n);
+    num = num / 58n;
+    result = BASE58_ALPHABET[remainder] + result;
+  }
+  return "1".repeat(zeros) + result;
+}
+function base58Decode(str) {
+  let zeros = 0;
+  for (const c2 of str) {
+    if (c2 === "1")
+      zeros++;
+    else
+      break;
+  }
+  let num = BigInt(0);
+  for (const c2 of str.slice(zeros)) {
+    const idx = BASE58_ALPHABET.indexOf(c2);
+    if (idx === -1)
+      throw new Error(`Invalid base58 character: ${c2}`);
+    num = num * 58n + BigInt(idx);
+  }
+  const hex3 = num === 0n ? "" : num.toString(16).padStart(2, "0");
+  const paddedHex = hex3.length % 2 ? "0" + hex3 : hex3;
+  const dataBytes = new Uint8Array((paddedHex.match(/.{2}/g) ?? []).map((b2) => parseInt(b2, 16)));
+  const result = new Uint8Array(zeros + dataBytes.length);
+  result.set(dataBytes, zeros);
+  return result;
+}
+function publicKeyToMultibase(publicKey) {
+  const prefixed = new Uint8Array(2 + publicKey.length);
+  prefixed[0] = 237;
+  prefixed[1] = 1;
+  prefixed.set(publicKey, 2);
+  return "z" + base58Encode(prefixed);
+}
+function multibaseToPublicKey(multibase) {
+  if (!multibase.startsWith("z")) {
+    throw new Error("Multibase string must start with 'z' (base58btc)");
+  }
+  const decoded = base58Decode(multibase.slice(1));
+  if (decoded.length < 2 || decoded[0] !== 237 || decoded[1] !== 1) {
+    throw new Error("Invalid Ed25519 multicodec prefix");
+  }
+  return decoded.slice(2);
+}
+async function signDocument(document, privateKey) {
+  await libsodium_wrappers_default.ready;
+  const canonical = canonicalize(document);
+  const domainPrefix = libsodium_wrappers_default.from_string(DOMAIN_DID_DOCUMENT);
+  const message = new Uint8Array(domainPrefix.length + canonical.length);
+  message.set(domainPrefix);
+  message.set(canonical, domainPrefix.length);
+  return libsodium_wrappers_default.crypto_sign_detached(message, privateKey);
+}
 async function verifyDocumentSignature(document, signature, publicKey) {
   await libsodium_wrappers_default.ready;
   const canonical = canonicalize(document);
@@ -45147,12 +45222,61 @@ async function verifyDocumentSignature(document, signature, publicKey) {
     return false;
   }
 }
-var DOMAIN_DID_DOCUMENT;
+function buildDidDocument(params) {
+  const { hubAddress, ownerPublicKey, agentPublicKey, serviceEndpoint, profileEndpoint } = params;
+  const didId = `did:hub:${hubAddress}`;
+  const ownerMultibase = publicKeyToMultibase(ownerPublicKey);
+  const agentMultibase = publicKeyToMultibase(agentPublicKey);
+  const controllerDid = `did:key:${ownerMultibase}`;
+  const now = params.created ?? (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  return {
+    "@context": [
+      "https://www.w3.org/ns/did/v1",
+      "https://w3id.org/security/suites/ed25519-2020/v1"
+    ],
+    id: didId,
+    controller: controllerDid,
+    verificationMethod: [
+      {
+        id: `${didId}#owner-key`,
+        type: "Ed25519VerificationKey2020",
+        controller: didId,
+        publicKeyMultibase: ownerMultibase
+      },
+      {
+        id: `${didId}#agent-key`,
+        type: "Ed25519VerificationKey2020",
+        controller: didId,
+        publicKeyMultibase: agentMultibase
+      }
+    ],
+    authentication: [`${didId}#owner-key`],
+    assertionMethod: [`${didId}#owner-key`, `${didId}#agent-key`],
+    service: [
+      {
+        id: `${didId}#messaging`,
+        type: "AgentVaultSecureChannel",
+        serviceEndpoint
+      },
+      {
+        id: `${didId}#profile`,
+        type: "AgentVaultProfile",
+        serviceEndpoint: profileEndpoint
+      }
+    ],
+    created: now,
+    updated: now
+  };
+}
+var DOMAIN_DID_DOCUMENT, DOMAIN_TRANSFER_INTENT, DOMAIN_TRANSFER_ACCEPT, BASE58_ALPHABET;
 var init_did = __esm({
   async "../crypto/dist/did.js"() {
     "use strict";
     await init_libsodium_wrappers();
     DOMAIN_DID_DOCUMENT = "DID-DOCUMENT:";
+    DOMAIN_TRANSFER_INTENT = "TRANSFER-INTENT:";
+    DOMAIN_TRANSFER_ACCEPT = "TRANSFER-ACCEPT:";
+    BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
   }
 });
 
@@ -45435,25 +45559,373 @@ var init_scan_engine = __esm({
 });
 
 // ../crypto/dist/merkle.js
+function jcsCanonical(value) {
+  if (value === void 0)
+    return void 0;
+  if (value === null)
+    return "null";
+  if (typeof value === "boolean" || typeof value === "number")
+    return JSON.stringify(value);
+  if (typeof value === "string")
+    return JSON.stringify(value);
+  if (Array.isArray(value)) {
+    return "[" + value.map(jcsCanonical).join(",") + "]";
+  }
+  if (typeof value === "object") {
+    const keys = Object.keys(value).sort();
+    const entries = keys.map((k2) => {
+      const v2 = jcsCanonical(value[k2]);
+      if (v2 === void 0)
+        return void 0;
+      return JSON.stringify(k2) + ":" + v2;
+    }).filter((entry) => entry !== void 0);
+    return "{" + entries.join(",") + "}";
+  }
+  return JSON.stringify(value);
+}
+function hexToBytes(hex3) {
+  const h2 = hex3.startsWith("0x") ? hex3.slice(2) : hex3;
+  const bytes = new Uint8Array(h2.length / 2);
+  for (let i2 = 0; i2 < bytes.length; i2++) {
+    bytes[i2] = parseInt(h2.substr(i2 * 2, 2), 16);
+  }
+  return bytes;
+}
+function bytesToHex(bytes) {
+  return Array.from(bytes).map((b2) => b2.toString(16).padStart(2, "0")).join("");
+}
+function computeDidHash(didDocument) {
+  const json2 = jcsCanonical(didDocument) ?? "";
+  const bytes = libsodium_wrappers_default.from_string(json2);
+  const hash2 = libsodium_wrappers_default.crypto_hash_sha256(bytes);
+  return "0x" + bytesToHex(hash2);
+}
+function verifyMerkleProof(leafHash, proof, merkleRoot) {
+  let current = hexToBytes(leafHash);
+  for (const step of proof) {
+    const sibling2 = hexToBytes(step.hash);
+    const combined = new Uint8Array(current.length + sibling2.length);
+    if (step.position === "left") {
+      combined.set(sibling2);
+      combined.set(current, sibling2.length);
+    } else {
+      combined.set(current);
+      combined.set(sibling2, current.length);
+    }
+    current = libsodium_wrappers_default.crypto_hash_sha256(combined);
+  }
+  const rootBytes = hexToBytes(merkleRoot);
+  if (current.length !== rootBytes.length)
+    return false;
+  for (let i2 = 0; i2 < current.length; i2++) {
+    if (current[i2] !== rootBytes[i2])
+      return false;
+  }
+  return true;
+}
 var init_merkle = __esm({
   async "../crypto/dist/merkle.js"() {
     "use strict";
+    await init_libsodium_wrappers();
   }
 });
 
 // ../crypto/dist/vc.js
+async function sha256(data) {
+  await libsodium_wrappers_default.ready;
+  return libsodium_wrappers_default.crypto_hash_sha256(data);
+}
+function base58Encode2(bytes) {
+  let zeros = 0;
+  for (const b2 of bytes) {
+    if (b2 === 0)
+      zeros++;
+    else
+      break;
+  }
+  let num = BigInt(0);
+  for (const b2 of bytes) {
+    num = num * 256n + BigInt(b2);
+  }
+  let result = "";
+  while (num > 0n) {
+    const remainder = Number(num % 58n);
+    num = num / 58n;
+    result = BASE58_ALPHABET2[remainder] + result;
+  }
+  return "1".repeat(zeros) + result;
+}
+function base58Decode2(str) {
+  let zeros = 0;
+  for (const c2 of str) {
+    if (c2 === "1")
+      zeros++;
+    else
+      break;
+  }
+  let num = BigInt(0);
+  for (const c2 of str.slice(zeros)) {
+    const idx = BASE58_ALPHABET2.indexOf(c2);
+    if (idx === -1)
+      throw new Error(`Invalid base58 character: ${c2}`);
+    num = num * 58n + BigInt(idx);
+  }
+  const hex3 = num === 0n ? "" : num.toString(16).padStart(2, "0");
+  const paddedHex = hex3.length % 2 ? "0" + hex3 : hex3;
+  const dataBytes = new Uint8Array((paddedHex.match(/.{2}/g) ?? []).map((b2) => parseInt(b2, 16)));
+  const result = new Uint8Array(zeros + dataBytes.length);
+  result.set(dataBytes, zeros);
+  return result;
+}
+async function computeHashData(document, proofConfig) {
+  const proofConfigBytes = canonicalize(proofConfig);
+  const proofConfigHash = await sha256(proofConfigBytes);
+  const docWithoutProof = { ...document };
+  delete docWithoutProof.proof;
+  const documentBytes = canonicalize(docWithoutProof);
+  const documentHash = await sha256(documentBytes);
+  const hashData = new Uint8Array(64);
+  hashData.set(proofConfigHash, 0);
+  hashData.set(documentHash, 32);
+  return hashData;
+}
+async function signWithDataIntegrity(document, privateKey, verificationMethod, proofPurpose = "assertionMethod", created) {
+  await libsodium_wrappers_default.ready;
+  const timestamp = created ?? (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  const proofConfig = {
+    type: "DataIntegrityProof",
+    cryptosuite: CRYPTOSUITE,
+    created: timestamp,
+    verificationMethod,
+    proofPurpose
+  };
+  const hashData = await computeHashData(document, proofConfig);
+  const signature = libsodium_wrappers_default.crypto_sign_detached(hashData, privateKey);
+  const proofValue = "z" + base58Encode2(signature);
+  const proof = {
+    type: "DataIntegrityProof",
+    cryptosuite: CRYPTOSUITE,
+    created: timestamp,
+    verificationMethod,
+    proofPurpose,
+    proofValue
+  };
+  return { ...document, proof };
+}
+async function verifyDataIntegrity(document, publicKey) {
+  await libsodium_wrappers_default.ready;
+  const proof = document.proof;
+  if (!proof || proof.type !== "DataIntegrityProof" || proof.cryptosuite !== CRYPTOSUITE) {
+    return false;
+  }
+  if (!proof.proofValue.startsWith("z")) {
+    return false;
+  }
+  const signature = base58Decode2(proof.proofValue.slice(1));
+  if (signature.length !== 64) {
+    return false;
+  }
+  const proofConfig = {
+    type: proof.type,
+    cryptosuite: proof.cryptosuite,
+    created: proof.created,
+    verificationMethod: proof.verificationMethod,
+    proofPurpose: proof.proofPurpose
+  };
+  const hashData = await computeHashData(document, proofConfig);
+  try {
+    return libsodium_wrappers_default.crypto_sign_verify_detached(signature, hashData, publicKey);
+  } catch {
+    return false;
+  }
+}
+function buildAgentTrustCredential(params) {
+  const now = (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  return {
+    "@context": [
+      VC_CONTEXT_V2,
+      {
+        AgentTrustCredential: "https://agentvault.chat/vocab#AgentTrustCredential",
+        trustTier: "https://agentvault.chat/vocab#trustTier",
+        compositeScore: "https://agentvault.chat/vocab#compositeScore",
+        scoreWindow: "https://agentvault.chat/vocab#scoreWindow",
+        scoreDimensions: "https://agentvault.chat/vocab#scoreDimensions",
+        volume: "https://agentvault.chat/vocab#volume",
+        responsiveness: "https://agentvault.chat/vocab#responsiveness",
+        uptime: "https://agentvault.chat/vocab#uptime",
+        compliance: "https://agentvault.chat/vocab#compliance",
+        verificationEndpoint: "https://agentvault.chat/vocab#verificationEndpoint"
+      }
+    ],
+    id: params.credentialId,
+    type: ["VerifiableCredential", "AgentTrustCredential"],
+    issuer: params.issuerName ? { id: params.issuerDid, name: params.issuerName } : params.issuerDid,
+    validFrom: params.validFrom ?? now,
+    ...params.validUntil ? { validUntil: params.validUntil } : {},
+    credentialSubject: {
+      id: params.subjectDid,
+      trustTier: params.trustTier,
+      compositeScore: params.compositeScore,
+      scoreWindow: params.scoreWindow,
+      ...params.dimensions ? {
+        scoreDimensions: {
+          volume: params.dimensions.volume,
+          responsiveness: params.dimensions.responsiveness,
+          uptime: params.dimensions.uptime,
+          compliance: params.dimensions.compliance
+        }
+      } : {},
+      ...params.verificationEndpoint ? { verificationEndpoint: params.verificationEndpoint } : {}
+    }
+  };
+}
+function buildSkillAttestation(params) {
+  const now = (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  return {
+    "@context": [
+      VC_CONTEXT_V2,
+      {
+        SkillAttestation: "https://agentvault.chat/vocab#SkillAttestation",
+        skillName: "https://agentvault.chat/vocab#skillName",
+        skillNamespace: "https://agentvault.chat/vocab#skillNamespace",
+        proficiencyLevel: "https://agentvault.chat/vocab#proficiencyLevel",
+        totalInvocations: "https://agentvault.chat/vocab#totalInvocations",
+        successRate: "https://agentvault.chat/vocab#successRate",
+        assessedAt: "https://agentvault.chat/vocab#assessedAt"
+      }
+    ],
+    id: params.credentialId,
+    type: ["VerifiableCredential", "SkillAttestation"],
+    issuer: params.issuerName ? { id: params.issuerDid, name: params.issuerName } : params.issuerDid,
+    validFrom: params.validFrom ?? now,
+    ...params.validUntil ? { validUntil: params.validUntil } : {},
+    credentialSubject: {
+      id: params.subjectDid,
+      skillName: params.skillName,
+      skillNamespace: params.skillNamespace,
+      ...params.proficiencyLevel ? { proficiencyLevel: params.proficiencyLevel } : {},
+      ...params.totalInvocations !== void 0 ? { totalInvocations: params.totalInvocations } : {},
+      ...params.successRate !== void 0 ? { successRate: params.successRate } : {},
+      ...params.assessedAt ? { assessedAt: params.assessedAt } : {}
+    }
+  };
+}
+function buildPerformanceRecord(params) {
+  const now = (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  return {
+    "@context": [
+      VC_CONTEXT_V2,
+      {
+        PerformanceRecord: "https://agentvault.chat/vocab#PerformanceRecord",
+        periodStart: "https://agentvault.chat/vocab#periodStart",
+        periodEnd: "https://agentvault.chat/vocab#periodEnd",
+        messagesHandled: "https://agentvault.chat/vocab#messagesHandled",
+        avgResponseTimeMs: "https://agentvault.chat/vocab#avgResponseTimeMs",
+        uptimePercentage: "https://agentvault.chat/vocab#uptimePercentage",
+        policyViolations: "https://agentvault.chat/vocab#policyViolations",
+        compositeScore: "https://agentvault.chat/vocab#compositeScore"
+      }
+    ],
+    id: params.credentialId,
+    type: ["VerifiableCredential", "PerformanceRecord"],
+    issuer: params.issuerName ? { id: params.issuerDid, name: params.issuerName } : params.issuerDid,
+    validFrom: params.validFrom ?? now,
+    ...params.validUntil ? { validUntil: params.validUntil } : {},
+    credentialSubject: {
+      id: params.subjectDid,
+      periodStart: params.periodStart,
+      periodEnd: params.periodEnd,
+      messagesHandled: params.messagesHandled,
+      avgResponseTimeMs: params.avgResponseTimeMs,
+      uptimePercentage: params.uptimePercentage,
+      policyViolations: params.policyViolations,
+      compositeScore: params.compositeScore
+    }
+  };
+}
+function buildAgentTrustReportCredential(params) {
+  const now = (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  const subject = {
+    id: params.subjectDid,
+    reportPeriod: {
+      start: params.reportPeriodStart,
+      end: params.reportPeriodEnd
+    },
+    trustTier: params.trustTier,
+    compositeScore: params.compositeScore
+  };
+  if (params.dimensions)
+    subject.dimensions = params.dimensions;
+  if (params.trending)
+    subject.trending = params.trending;
+  if (params.fleetComparison)
+    subject.fleetComparison = params.fleetComparison;
+  if (params.driftStatus)
+    subject.driftStatus = params.driftStatus;
+  if (params.auditIntegrity)
+    subject.auditIntegrity = params.auditIntegrity;
+  if (params.telemetrySummary)
+    subject.telemetrySummary = params.telemetrySummary;
+  if (params.verificationEndpoint)
+    subject.verificationEndpoint = params.verificationEndpoint;
+  return {
+    "@context": [
+      VC_CONTEXT_V2,
+      {
+        AgentTrustReport: "https://agentvault.chat/vocab#AgentTrustReport",
+        reportPeriod: "https://agentvault.chat/vocab#reportPeriod",
+        trustTier: "https://agentvault.chat/vocab#trustTier",
+        compositeScore: "https://agentvault.chat/vocab#compositeScore",
+        dimensions: "https://agentvault.chat/vocab#dimensions",
+        trending: "https://agentvault.chat/vocab#trending",
+        fleetComparison: "https://agentvault.chat/vocab#fleetComparison",
+        driftStatus: "https://agentvault.chat/vocab#driftStatus",
+        auditIntegrity: "https://agentvault.chat/vocab#auditIntegrity",
+        telemetrySummary: "https://agentvault.chat/vocab#telemetrySummary",
+        verificationEndpoint: "https://agentvault.chat/vocab#verificationEndpoint"
+      }
+    ],
+    id: params.credentialId,
+    type: ["VerifiableCredential", "AgentTrustReport"],
+    issuer: params.issuerName ? { id: params.issuerDid, name: params.issuerName } : params.issuerDid,
+    validFrom: params.validFrom ?? now,
+    ...params.validUntil ? { validUntil: params.validUntil } : {},
+    credentialSubject: subject
+  };
+}
+function buildVerifiablePresentation(holderDid, credentials, presentationId) {
+  return {
+    "@context": [VC_CONTEXT_V2],
+    type: "VerifiablePresentation",
+    ...presentationId ? { id: presentationId } : {},
+    holder: holderDid,
+    verifiableCredential: credentials
+  };
+}
+async function issueCredential(credential, privateKey, verificationMethod) {
+  return signWithDataIntegrity(credential, privateKey, verificationMethod, "assertionMethod");
+}
+async function presentCredentials(presentation, privateKey, verificationMethod) {
+  return signWithDataIntegrity(presentation, privateKey, verificationMethod, "authentication");
+}
+var VC_CONTEXT_V2, AV_CREDENTIAL_CONTEXT, CRYPTOSUITE, BASE58_ALPHABET2;
 var init_vc = __esm({
   async "../crypto/dist/vc.js"() {
     "use strict";
+    await init_libsodium_wrappers();
     await init_did();
+    VC_CONTEXT_V2 = "https://www.w3.org/ns/credentials/v2";
+    AV_CREDENTIAL_CONTEXT = "https://agentvault.chat/ns/credentials/v1";
+    CRYPTOSUITE = "eddsa-jcs-2022";
+    BASE58_ALPHABET2 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
   }
 });
 
 // ../crypto/dist/transport.js
-function hexToBytes(hex3) {
+function hexToBytes2(hex3) {
   return libsodium_wrappers_default.from_hex(hex3);
 }
-function bytesToHex(bytes) {
+function bytesToHex2(bytes) {
   return libsodium_wrappers_default.to_hex(bytes);
 }
 function base64ToBytes(b64) {
@@ -45491,6 +45963,70 @@ function transportToEncryptedMessage(transport) {
     ciphertext: base64ToBytes(transport.ciphertext)
   };
 }
+function encryptedMessageToTransportV2(msg) {
+  if (!msg.encryptedHeader || !msg.headerNonce) {
+    throw new Error("encryptedMessageToTransportV2 requires v2 encrypted message");
+  }
+  return {
+    envelope_version: "2.0.0",
+    encrypted_header: bytesToBase64(msg.encryptedHeader),
+    header_nonce: bytesToBase64(msg.headerNonce),
+    header_signature: bytesToBase64(msg.headerSignature),
+    nonce: bytesToBase64(msg.nonce),
+    ciphertext: bytesToBase64(msg.ciphertext)
+  };
+}
+function transportV2ToEncryptedMessage(transport, plaintextHeader) {
+  return {
+    header: plaintextHeader,
+    headerSignature: base64ToBytes(transport.header_signature),
+    ciphertext: base64ToBytes(transport.ciphertext),
+    nonce: base64ToBytes(transport.nonce),
+    envelopeVersion: "2.0.0",
+    encryptedHeader: base64ToBytes(transport.encrypted_header),
+    headerNonce: base64ToBytes(transport.header_nonce)
+  };
+}
+function encryptedMessageToTransportV2Full(msg) {
+  if (!msg.encryptedHeader || !msg.headerNonce) {
+    throw new Error("encryptedMessageToTransportV2Full requires v2 encrypted message");
+  }
+  const v1 = encryptedMessageToTransport(msg);
+  return {
+    ...v1,
+    envelope_version: "2.0.0",
+    encrypted_header: bytesToBase64(msg.encryptedHeader),
+    header_nonce: bytesToBase64(msg.headerNonce)
+  };
+}
+function encryptedMessageToHexTransport(msg) {
+  const headerObj = {
+    dhPublicKey: bytesToHex2(msg.header.dhPublicKey),
+    previousChainLength: msg.header.previousChainLength,
+    messageNumber: msg.header.messageNumber
+  };
+  const headerBlobHex = Buffer.from(JSON.stringify(headerObj)).toString("hex");
+  return {
+    header_blob: headerBlobHex,
+    header_signature: bytesToHex2(msg.headerSignature),
+    ciphertext: bytesToHex2(msg.ciphertext),
+    nonce: bytesToHex2(msg.nonce)
+  };
+}
+function hexTransportToEncryptedMessage(transport) {
+  const headerJson = Buffer.from(transport.header_blob, "hex").toString("utf-8");
+  const headerObj = JSON.parse(headerJson);
+  return {
+    header: {
+      dhPublicKey: hexToBytes2(headerObj.dhPublicKey),
+      previousChainLength: headerObj.previousChainLength,
+      messageNumber: headerObj.messageNumber
+    },
+    headerSignature: hexToBytes2(transport.header_signature),
+    ciphertext: hexToBytes2(transport.ciphertext),
+    nonce: hexToBytes2(transport.nonce)
+  };
+}
 var init_transport = __esm({
   async "../crypto/dist/transport.js"() {
     "use strict";
@@ -45695,6 +46231,40 @@ function buildTaskSpan(opts) {
     status
   };
 }
+function buildSkillInvocationSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "ai.agent.skill.invocation.id": opts.invocationId,
+    "ai.agent.skill.phase": opts.phase
+  };
+  if (opts.skillName)
+    attributes["ai.agent.skill.name"] = opts.skillName;
+  if (opts.version !== void 0)
+    attributes["ai.agent.skill.version"] = opts.version;
+  if (opts.inputTokens !== void 0)
+    attributes["ai.agent.skill.input_tokens"] = opts.inputTokens;
+  if (opts.outputTokens !== void 0)
+    attributes["ai.agent.skill.output_tokens"] = opts.outputTokens;
+  if (opts.costCents !== void 0)
+    attributes["ai.agent.skill.cost_cents"] = opts.costCents;
+  if (opts.toolsUsed !== void 0)
+    attributes["ai.agent.skill.tools_used"] = opts.toolsUsed.join(",");
+  if (opts.schemaMatch !== void 0)
+    attributes["ai.agent.skill.schema_match"] = opts.schemaMatch;
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "skill.invoke",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
 function buildEvalSpan(opts) {
   const now = Date.now();
   const attributes = {
@@ -45717,12 +46287,364 @@ function buildEvalSpan(opts) {
     startTime: now,
     endTime: now,
     attributes,
-    status: { code: 0 }
+    status: { code: 0 }
+  };
+}
+function buildForgeSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "ai.agent.forge.session_id": opts.forgeSessionId,
+    "ai.agent.forge.phase": opts.phase
+  };
+  if (opts.stageNumber !== void 0)
+    attributes["ai.agent.forge.stage_number"] = opts.stageNumber;
+  if (opts.artifactCount !== void 0)
+    attributes["ai.agent.forge.artifact_count"] = opts.artifactCount;
+  if (opts.scanStatus !== void 0)
+    attributes["ai.agent.forge.scan_status"] = opts.scanStatus;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: `forge.${opts.phase}`,
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildPolicyViolationSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.policy.rule_id": opts.ruleId,
+    "av.policy.scope": opts.policyScope,
+    "av.policy.action_taken": opts.actionTaken,
+    "av.policy.violation_type": opts.violationType
+  };
+  if (opts.targetTool)
+    attributes["av.policy.target_tool"] = opts.targetTool;
+  if (opts.targetModel)
+    attributes["av.policy.target_model"] = opts.targetModel;
+  if (opts.messageType)
+    attributes["av.policy.message_type"] = opts.messageType;
+  applySkillName(attributes, opts.skillName);
+  const isBlock = opts.actionTaken === "block";
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.policy.evaluate",
+    kind: "internal",
+    startTime: now,
+    endTime: now,
+    attributes,
+    status: isBlock ? { code: 2, message: `Policy violation: ${opts.violationType}` } : { code: 0 }
+  };
+}
+function buildDecisionSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.decision.id": opts.decisionId,
+    "av.decision.phase": opts.phase
+  };
+  if (opts.priority)
+    attributes["av.decision.priority"] = opts.priority;
+  if (opts.category)
+    attributes["av.decision.category"] = opts.category;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.decision",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildResyncSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.resync.conversation_id": opts.conversationId,
+    "av.resync.phase": opts.phase
+  };
+  if (opts.reason)
+    attributes["av.resync.reason"] = opts.reason;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.resync",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildA2aSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.a2a.channel_id": opts.channelId,
+    "av.a2a.operation": opts.operation
+  };
+  if (opts.peerHubAddress)
+    attributes["av.a2a.peer_hub_address"] = opts.peerHubAddress;
+  if (opts.role)
+    attributes["av.a2a.role"] = opts.role;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.a2a",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildScanSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.scan.target": opts.scanTarget,
+    "av.scan.type": opts.scanType,
+    "av.scan.violation_count": opts.violationCount,
+    "av.scan.rule_count": opts.ruleCount
+  };
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error" || opts.violationCount > 0;
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.scan",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildWorkspaceSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.workspace.id": opts.workspaceId,
+    "av.workspace.operation": opts.operation
+  };
+  if (opts.fileName)
+    attributes["av.workspace.file_name"] = opts.fileName;
+  if (opts.fileSizeBytes !== void 0)
+    attributes["av.workspace.file_size_bytes"] = opts.fileSizeBytes;
+  if (opts.encrypted !== void 0)
+    attributes["av.workspace.encrypted"] = opts.encrypted;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.workspace",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildCapabilitySpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.skill.operation": opts.operation,
+    "av.skill.success": opts.success
+  };
+  if (opts.skillName)
+    attributes["av.skill.name"] = opts.skillName;
+  if (opts.version)
+    attributes["av.skill.version"] = opts.version;
+  if (opts.certificationTier)
+    attributes["av.skill.certification_tier"] = opts.certificationTier;
+  if (opts.toolsUsed?.length)
+    attributes["av.skill.tools_used"] = opts.toolsUsed.join(",");
+  const status = opts.success ? { code: 0 } : { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.skill.invoke",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildEnrollmentSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.enrollment.phase": opts.phase
+  };
+  if (opts.deviceId)
+    attributes["av.enrollment.device_id"] = opts.deviceId;
+  if (opts.enrollmentType)
+    attributes["av.enrollment.type"] = opts.enrollmentType;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error" || opts.phase === "fail";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.enrollment",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildRoomSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.room.id": opts.roomId,
+    "av.room.operation": opts.operation
+  };
+  if (opts.roomName)
+    attributes["av.room.name"] = opts.roomName;
+  if (opts.memberCount !== void 0)
+    attributes["av.room.member_count"] = opts.memberCount;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.room",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildTrustSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.trust.agent_hub_address": opts.agentHubAddress,
+    "av.trust.operation": opts.operation
+  };
+  if (opts.previousTier)
+    attributes["av.trust.previous_tier"] = opts.previousTier;
+  if (opts.newTier)
+    attributes["av.trust.new_tier"] = opts.newTier;
+  if (opts.overallScore !== void 0)
+    attributes["av.trust.overall_score"] = opts.overallScore;
+  if (opts.dimension)
+    attributes["av.trust.dimension"] = opts.dimension;
+  if (opts.dimensionScore !== void 0)
+    attributes["av.trust.dimension_score"] = opts.dimensionScore;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.trust",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildEvalRunSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.eval.scenario_id": opts.scenarioId,
+    "av.eval.agent_id": opts.agentId,
+    "av.eval.status": opts.status,
+    "av.eval.latency_ms": opts.latencyMs
+  };
+  if (opts.scenarioName)
+    attributes["av.eval.scenario_name"] = opts.scenarioName;
+  if (opts.variationType)
+    attributes["av.eval.variation_type"] = opts.variationType;
+  if (opts.shiftMagnitude !== void 0)
+    attributes["av.eval.shift_magnitude"] = opts.shiftMagnitude;
+  if (opts.outcomeMatch !== void 0)
+    attributes["av.eval.outcome_match"] = opts.outcomeMatch;
+  if (opts.flagged !== void 0)
+    attributes["av.eval.flagged"] = opts.flagged;
+  if (opts.flagReason)
+    attributes["av.eval.flag_reason"] = opts.flagReason;
+  const isError = opts.status === "failed";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.eval.run",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
   };
 }
 function buildTraceparent(span) {
   return `00-${span.traceId}-${span.spanId}-01`;
 }
+function parseTraceparent(header) {
+  const parts = header.split("-");
+  if (parts.length !== 4)
+    return null;
+  const [version2, traceId, parentId, traceFlags] = parts;
+  if (!version2 || !traceId || !parentId || !traceFlags)
+    return null;
+  if (traceId.length !== 32 || parentId.length !== 16)
+    return null;
+  return { version: version2, traceId, parentId, traceFlags };
+}
+function spanToTraceContext(span, tracestate) {
+  return {
+    traceparent: buildTraceparent(span),
+    tracestate: tracestate ?? `av=s:${span.spanId}`
+  };
+}
+function propagateContext(incomingTraceparent) {
+  const parsed = parseTraceparent(incomingTraceparent);
+  if (!parsed)
+    return null;
+  return {
+    traceId: parsed.traceId,
+    parentSpanId: parsed.parentId,
+    spanId: generateSpanId()
+  };
+}
+function spanToW3CHeaders(span, tracestate) {
+  return {
+    traceparent: buildTraceparent(span),
+    tracestate: tracestate ?? `av=s:${span.spanId}`
+  };
+}
 var init_telemetry = __esm({
   "../crypto/dist/telemetry.js"() {
     "use strict";
@@ -45893,6 +46815,29 @@ var init_telemetry_reporter = __esm({
 });
 
 // ../crypto/dist/backup.js
+async function generateBackupCode() {
+  await libsodium_wrappers_default.ready;
+  const bytes = libsodium_wrappers_default.randombytes_buf(13);
+  let bits = 0n;
+  for (const b2 of bytes) {
+    bits = bits << 8n | BigInt(b2);
+  }
+  bits >>= 4n;
+  let code = "";
+  for (let i2 = 0; i2 < 20; i2++) {
+    const idx = Number(bits & 0x1fn);
+    code = CROCKFORD[idx] + code;
+    bits >>= 5n;
+  }
+  return code;
+}
+function formatBackupCode(code) {
+  const clean5 = code.replace(/[-\s]/g, "").toUpperCase();
+  return clean5.match(/.{1,4}/g)?.join("-") ?? clean5;
+}
+function normalizeBackupCode(input) {
+  return input.replace(/[-\s]/g, "").toUpperCase();
+}
 async function deriveBackupKey(code, salt) {
   await libsodium_wrappers_default.ready;
   return libsodium_wrappers_default.crypto_pwhash(KEY_BYTES, code, salt, ARGON2_OPSLIMIT, ARGON2_MEMLIMIT, libsodium_wrappers_default.crypto_pwhash_ALG_ARGON2ID13);
@@ -45914,28 +46859,88 @@ async function encryptBackupWithKey(bundle, key, salt) {
   result.set(ciphertext, SALT_BYTES + NONCE_BYTES);
   return result;
 }
+async function decryptBackup(encrypted, code) {
+  await libsodium_wrappers_default.ready;
+  const minLen = SALT_BYTES + NONCE_BYTES + libsodium_wrappers_default.crypto_aead_xchacha20poly1305_ietf_ABYTES;
+  if (encrypted.length < minLen) {
+    throw new Error("Incorrect backup code or corrupt backup");
+  }
+  const salt = encrypted.slice(0, SALT_BYTES);
+  const nonce = encrypted.slice(SALT_BYTES, SALT_BYTES + NONCE_BYTES);
+  const ciphertext = encrypted.slice(SALT_BYTES + NONCE_BYTES);
+  const key = await deriveBackupKey(code, salt);
+  let plaintext;
+  try {
+    plaintext = libsodium_wrappers_default.crypto_aead_xchacha20poly1305_ietf_decrypt(null, ciphertext, null, nonce, key);
+  } catch {
+    throw new Error("Incorrect backup code or corrupt backup");
+  }
+  let bundle;
+  try {
+    bundle = JSON.parse(libsodium_wrappers_default.to_string(plaintext));
+  } catch {
+    throw new Error("Incorrect backup code or corrupt backup");
+  }
+  if (bundle.version !== BACKUP_VERSION) {
+    throw new Error(`Unsupported backup version: ${bundle.version}`);
+  }
+  return bundle;
+}
 async function hashBackupCode(code) {
   await libsodium_wrappers_default.ready;
   return libsodium_wrappers_default.crypto_generichash(32, libsodium_wrappers_default.from_string(code));
 }
-var ARGON2_OPSLIMIT, ARGON2_MEMLIMIT, SALT_BYTES, NONCE_BYTES, KEY_BYTES, MAX_BACKUP_SIZE;
+var CROCKFORD, ARGON2_OPSLIMIT, ARGON2_MEMLIMIT, SALT_BYTES, NONCE_BYTES, KEY_BYTES, BACKUP_VERSION, MAX_BACKUP_SIZE;
 var init_backup = __esm({
   async "../crypto/dist/backup.js"() {
     "use strict";
     await init_libsodium_wrappers();
+    CROCKFORD = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
     ARGON2_OPSLIMIT = 2;
     ARGON2_MEMLIMIT = 67108864;
     SALT_BYTES = 16;
     NONCE_BYTES = 24;
     KEY_BYTES = 32;
+    BACKUP_VERSION = 1;
     MAX_BACKUP_SIZE = 512 * 1024;
   }
 });
 
 // ../crypto/dist/approval.js
+async function createApprovalArtifact(content, privateKeyHex) {
+  await libsodium_wrappers_default.ready;
+  const sodium = libsodium_wrappers_default;
+  const privateKey = sodium.from_hex(privateKeyHex);
+  const publicKey = privateKey.slice(32);
+  const message = canonicalize(content);
+  const signatureBytes = sodium.crypto_sign_detached(message, privateKey);
+  return {
+    content,
+    signature: sodium.to_hex(signatureBytes),
+    signerPublicKey: sodium.to_hex(publicKey),
+    createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+    version: 1
+  };
+}
+async function verifyApprovalArtifact(artifact, expectedPublicKeyHex) {
+  await libsodium_wrappers_default.ready;
+  const sodium = libsodium_wrappers_default;
+  if (expectedPublicKeyHex && artifact.signerPublicKey !== expectedPublicKeyHex) {
+    return false;
+  }
+  try {
+    const publicKey = sodium.from_hex(artifact.signerPublicKey);
+    const signature = sodium.from_hex(artifact.signature);
+    const message = canonicalize(artifact.content);
+    return sodium.crypto_sign_verify_detached(signature, message, publicKey);
+  } catch {
+    return false;
+  }
+}
 var init_approval = __esm({
   async "../crypto/dist/approval.js"() {
     "use strict";
+    await init_libsodium_wrappers();
     await init_did();
   }
 });
@@ -54882,7 +55887,7 @@ function byteSwap32(arr) {
   }
   return arr;
 }
-function bytesToHex3(bytes) {
+function bytesToHex4(bytes) {
   abytes3(bytes);
   if (hasHexBuiltin)
     return bytes.toHex();
@@ -54901,7 +55906,7 @@ function asciiToBase16(ch) {
     return ch - (asciis.a - 10);
   return;
 }
-function hexToBytes3(hex3) {
+function hexToBytes4(hex3) {
   if (typeof hex3 !== "string")
     throw new Error("hex string expected, got " + typeof hex3);
   if (hasHexBuiltin)
@@ -55197,7 +56202,7 @@ var init_u642 = __esm({
 });
 
 // ../../node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha2.js
-var SHA256_K, SHA256_W, SHA256, K512, SHA512_Kh, SHA512_Kl, SHA512_W_H, SHA512_W_L, SHA512, SHA384, sha2562, sha5122, sha3842;
+var SHA256_K, SHA256_W, SHA256, K512, SHA512_Kh, SHA512_Kl, SHA512_W_H, SHA512_W_L, SHA512, SHA384, sha2563, sha5122, sha3842;
 var init_sha22 = __esm({
   "../../node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha2.js"() {
     init_md2();
@@ -55558,7 +56563,7 @@ var init_sha22 = __esm({
         this.Hl = SHA384_IV2[15] | 0;
       }
     };
-    sha2562 = /* @__PURE__ */ createHasher2(() => new SHA256());
+    sha2563 = /* @__PURE__ */ createHasher2(() => new SHA256());
     sha5122 = /* @__PURE__ */ createHasher2(() => new SHA512());
     sha3842 = /* @__PURE__ */ createHasher2(() => new SHA384());
   }
@@ -55594,14 +56599,14 @@ function hexToNumber3(hex3) {
   return hex3 === "" ? _0n2 : BigInt("0x" + hex3);
 }
 function bytesToNumberBE(bytes) {
-  return hexToNumber3(bytesToHex3(bytes));
+  return hexToNumber3(bytesToHex4(bytes));
 }
 function bytesToNumberLE2(bytes) {
   abytes3(bytes);
-  return hexToNumber3(bytesToHex3(Uint8Array.from(bytes).reverse()));
+  return hexToNumber3(bytesToHex4(Uint8Array.from(bytes).reverse()));
 }
 function numberToBytesBE2(n2, len) {
-  return hexToBytes3(n2.toString(16).padStart(len * 2, "0"));
+  return hexToBytes4(n2.toString(16).padStart(len * 2, "0"));
 }
 function numberToBytesLE2(n2, len) {
   return numberToBytesBE2(n2, len).reverse();
@@ -55610,7 +56615,7 @@ function ensureBytes(title, hex3, expectedLength) {
   let res;
   if (typeof hex3 === "string") {
     try {
-      res = hexToBytes3(hex3);
+      res = hexToBytes4(hex3);
     } catch (e) {
       throw new Error(title + " must be hex string or Uint8Array, cause: " + e);
     }
@@ -56638,7 +57643,7 @@ function edwards(params, extraOpts = {}) {
       return bytes;
     }
     toHex() {
-      return bytesToHex3(this.toBytes());
+      return bytesToHex4(this.toBytes());
     }
     toString() {
       return `<Point ${this.is0() ? "ZERO" : this.toHex()}>`;
@@ -56910,7 +57915,7 @@ var init_edwards = __esm({
         return this.ep.toAffine(invertedZ);
       }
       toHex() {
-        return bytesToHex3(this.toBytes());
+        return bytesToHex4(this.toBytes());
       }
       toString() {
         return this.toHex();
@@ -58711,7 +59716,7 @@ function weierstrassN(params, extraOpts = {}) {
       return encodePoint(Point, this, isCompressed);
     }
     toHex(isCompressed = true) {
-      return bytesToHex3(this.toBytes(isCompressed));
+      return bytesToHex4(this.toBytes(isCompressed));
     }
     toString() {
       return `<Point ${this.is0() ? "ZERO" : this.toHex()}>`;
@@ -58995,7 +60000,7 @@ function ecdsa(Point, hash2, ecdsaOpts = {}) {
       return new Signature(Fn3.fromBytes(r2), Fn3.fromBytes(s2), recid);
     }
     static fromHex(hex3, format) {
-      return this.fromBytes(hexToBytes3(hex3), format);
+      return this.fromBytes(hexToBytes4(hex3), format);
     }
     addRecoveryBit(recovery) {
       return new Signature(this.r, this.s, recovery);
@@ -59030,7 +60035,7 @@ function ecdsa(Point, hash2, ecdsaOpts = {}) {
     toBytes(format = defaultSigOpts_format) {
       validateSigFormat(format);
       if (format === "der")
-        return hexToBytes3(DER.hexFromSig(this));
+        return hexToBytes4(DER.hexFromSig(this));
       const r2 = Fn3.toBytes(this.r);
       const s2 = Fn3.toBytes(this.s);
       if (format === "recovered") {
@@ -59041,7 +60046,7 @@ function ecdsa(Point, hash2, ecdsaOpts = {}) {
       return concatBytes2(r2, s2);
     }
     toHex(format) {
-      return bytesToHex3(this.toBytes(format));
+      return bytesToHex4(this.toBytes(format));
     }
     // TODO: remove
     assertValidity() {
@@ -59059,13 +60064,13 @@ function ecdsa(Point, hash2, ecdsaOpts = {}) {
       return this.toBytes("der");
     }
     toDERHex() {
-      return bytesToHex3(this.toBytes("der"));
+      return bytesToHex4(this.toBytes("der"));
     }
     toCompactRawBytes() {
       return this.toBytes("compact");
     }
     toCompactHex() {
-      return bytesToHex3(this.toBytes("compact"));
+      return bytesToHex4(this.toBytes("compact"));
     }
   }
   const bits2int = ecdsaOpts.bits2int || function bits2int_def(bytes) {
@@ -59444,7 +60449,7 @@ var init_nist = __esm({
     Fp256 = Field(p256_CURVE.p);
     Fp384 = Field(p384_CURVE.p);
     Fp521 = Field(p521_CURVE.p);
-    p256 = createCurve({ ...p256_CURVE, Fp: Fp256, lowS: false }, sha2562);
+    p256 = createCurve({ ...p256_CURVE, Fp: Fp256, lowS: false }, sha2563);
     p256_hasher = /* @__PURE__ */ (() => {
       return createHasher3(p256.Point, createSWU(p256.Point, {
         A: p256_CURVE.a,
@@ -59457,7 +60462,7 @@ var init_nist = __esm({
         m: 1,
         k: 128,
         expand: "xmd",
-        hash: sha2562
+        hash: sha2563
       });
     })();
     p384 = createCurve({ ...p384_CURVE, Fp: Fp384, lowS: false }, sha3842);
@@ -59965,7 +60970,7 @@ var init_u643 = __esm({
 });
 
 // ../crypto/node_modules/@noble/hashes/sha2.js
-var SHA256_K2, SHA256_W2, SHA2_32B, _SHA256, K5122, SHA512_Kh2, SHA512_Kl2, SHA512_W_H2, SHA512_W_L2, SHA2_64B, _SHA512, _SHA384, sha2563, sha5123, sha3843;
+var SHA256_K2, SHA256_W2, SHA2_32B, _SHA256, K5122, SHA512_Kh2, SHA512_Kl2, SHA512_W_H2, SHA512_W_L2, SHA2_64B, _SHA512, _SHA384, sha2564, sha5123, sha3843;
 var init_sha23 = __esm({
   "../crypto/node_modules/@noble/hashes/sha2.js"() {
     init_md3();
@@ -60338,7 +61343,7 @@ var init_sha23 = __esm({
         super(48);
       }
     };
-    sha2563 = /* @__PURE__ */ createHasher4(
+    sha2564 = /* @__PURE__ */ createHasher4(
       () => new _SHA256(),
       /* @__PURE__ */ oidNist2(1)
     );
@@ -60436,7 +61441,7 @@ function makeHashImpl2(h2) {
     async digest(data) {
       switch (h2) {
         case "SHA-256":
-          return sha2563(data);
+          return sha2564(data);
         case "SHA-384":
           return sha3843(data);
         case "SHA-512":
@@ -60448,7 +61453,7 @@ function makeHashImpl2(h2) {
     async mac(key, data) {
       switch (h2) {
         case "SHA-256":
-          return hmac3(sha2563, key, data);
+          return hmac3(sha2564, key, data);
         case "SHA-384":
           return hmac3(sha3843, key, data);
         case "SHA-512":
@@ -61615,6 +62620,92 @@ var init_mls_group = __esm({
 });
 
 // ../crypto/dist/index.js
+var dist_exports = {};
+__export(dist_exports, {
+  AV_CREDENTIAL_CONTEXT: () => AV_CREDENTIAL_CONTEXT,
+  CRYPTOSUITE: () => CRYPTOSUITE,
+  DOMAIN_DID_DOCUMENT: () => DOMAIN_DID_DOCUMENT,
+  DOMAIN_TRANSFER_ACCEPT: () => DOMAIN_TRANSFER_ACCEPT,
+  DOMAIN_TRANSFER_INTENT: () => DOMAIN_TRANSFER_INTENT,
+  DoubleRatchet: () => DoubleRatchet,
+  MLSGroupManager: () => MLSGroupManager,
+  ScanEngine: () => ScanEngine,
+  TelemetryReporter: () => TelemetryReporter,
+  VC_CONTEXT_V2: () => VC_CONTEXT_V2,
+  base64ToBytes: () => base64ToBytes,
+  buildA2aSpan: () => buildA2aSpan,
+  buildActionSpan: () => buildActionSpan,
+  buildAgentTrustCredential: () => buildAgentTrustCredential,
+  buildAgentTrustReportCredential: () => buildAgentTrustReportCredential,
+  buildCapabilitySpan: () => buildCapabilitySpan,
+  buildDecisionSpan: () => buildDecisionSpan,
+  buildDidDocument: () => buildDidDocument,
+  buildEnrollmentSpan: () => buildEnrollmentSpan,
+  buildErrorSpan: () => buildErrorSpan,
+  buildEvalRunSpan: () => buildEvalRunSpan,
+  buildEvalSpan: () => buildEvalSpan,
+  buildForgeSpan: () => buildForgeSpan,
+  buildHttpSpan: () => buildHttpSpan,
+  buildLlmSpan: () => buildLlmSpan,
+  buildNavSpan: () => buildNavSpan,
+  buildPerformanceRecord: () => buildPerformanceRecord,
+  buildPolicyViolationSpan: () => buildPolicyViolationSpan,
+  buildResyncSpan: () => buildResyncSpan,
+  buildRoomSpan: () => buildRoomSpan,
+  buildScanSpan: () => buildScanSpan,
+  buildSkillAttestation: () => buildSkillAttestation,
+  buildSkillInvocationSpan: () => buildSkillInvocationSpan,
+  buildTaskSpan: () => buildTaskSpan,
+  buildToolSpan: () => buildToolSpan,
+  buildTraceparent: () => buildTraceparent,
+  buildTrustSpan: () => buildTrustSpan,
+  buildVerifiablePresentation: () => buildVerifiablePresentation,
+  buildWorkspaceSpan: () => buildWorkspaceSpan,
+  bytesToBase64: () => bytesToBase64,
+  bytesToHex: () => bytesToHex2,
+  canonicalize: () => canonicalize,
+  computeDidHash: () => computeDidHash,
+  computeFileDigest: () => computeFileDigest,
+  computeFingerprint: () => computeFingerprint,
+  createApprovalArtifact: () => createApprovalArtifact,
+  createProofOfPossession: () => createProofOfPossession,
+  decryptBackup: () => decryptBackup,
+  decryptFile: () => decryptFile,
+  deriveBackupKey: () => deriveBackupKey,
+  encryptBackup: () => encryptBackup,
+  encryptBackupWithKey: () => encryptBackupWithKey,
+  encryptFile: () => encryptFile,
+  encryptedMessageToHexTransport: () => encryptedMessageToHexTransport,
+  encryptedMessageToTransport: () => encryptedMessageToTransport,
+  encryptedMessageToTransportV2: () => encryptedMessageToTransportV2,
+  encryptedMessageToTransportV2Full: () => encryptedMessageToTransportV2Full,
+  formatBackupCode: () => formatBackupCode,
+  generateBackupCode: () => generateBackupCode,
+  generateEphemeralKeypair: () => generateEphemeralKeypair,
+  generateIdentityKeypair: () => generateIdentityKeypair,
+  hashBackupCode: () => hashBackupCode,
+  hexToBytes: () => hexToBytes2,
+  hexTransportToEncryptedMessage: () => hexTransportToEncryptedMessage,
+  issueCredential: () => issueCredential,
+  multibaseToPublicKey: () => multibaseToPublicKey,
+  normalizeBackupCode: () => normalizeBackupCode,
+  parseTraceparent: () => parseTraceparent,
+  performX3DH: () => performX3DH,
+  presentCredentials: () => presentCredentials,
+  propagateContext: () => propagateContext,
+  publicKeyToMultibase: () => publicKeyToMultibase,
+  signDocument: () => signDocument,
+  signWithDataIntegrity: () => signWithDataIntegrity,
+  spanToTraceContext: () => spanToTraceContext,
+  spanToW3CHeaders: () => spanToW3CHeaders,
+  transportToEncryptedMessage: () => transportToEncryptedMessage,
+  transportV2ToEncryptedMessage: () => transportV2ToEncryptedMessage,
+  verifyApprovalArtifact: () => verifyApprovalArtifact,
+  verifyDataIntegrity: () => verifyDataIntegrity,
+  verifyDocumentSignature: () => verifyDocumentSignature,
+  verifyMerkleProof: () => verifyMerkleProof,
+  verifyProofOfPossession: () => verifyProofOfPossession
+});
 var init_dist = __esm({
   async "../crypto/dist/index.js"() {
     "use strict";
@@ -61905,7 +62996,7 @@ async function uploadBackupToServer(state, backupCode, apiUrl2, deviceJwt) {
     },
     body: JSON.stringify({
       backup_blob: bytesToBase64(encrypted),
-      backup_code_hash: bytesToHex(codeHash)
+      backup_code_hash: bytesToHex2(codeHash)
     })
   });
   if (!resp.ok) {
@@ -62549,6 +63640,8 @@ var init_channel = __esm({
       _mlsGroups = /* @__PURE__ */ new Map();
       /** Cached MLS KeyPackage bundle for this device (regenerated on each connect). */
       _mlsKeyPackage = null;
+      /** Pending KeyPackage bundle from request-Welcome flow (used by _handleMlsWelcome). */
+      _pendingMlsKpBundle;
       /** In-memory credential store for renter-provided credentials (never persisted). */
       _credentialStore = new CredentialStore();
       /** Dedup buffer for A2A message IDs (prevents double-delivery via direct + Redis) */
@@ -62647,6 +63740,24 @@ var init_channel = __esm({
           if (this._persisted.seenA2AMessageIds) {
             this._a2aSeenMessageIds = new Set(this._persisted.seenA2AMessageIds.slice(-_SecureChannel.A2A_SEEN_MAX));
           }
+          if (this._persisted?.rooms) {
+            const roomConvIds = /* @__PURE__ */ new Set();
+            for (const room of Object.values(this._persisted.rooms)) {
+              for (const cid of room.conversationIds || []) {
+                roomConvIds.add(cid);
+              }
+            }
+            let cleanedCount = 0;
+            for (const cid of roomConvIds) {
+              if (this._persisted.sessions[cid]) {
+                delete this._persisted.sessions[cid];
+                cleanedCount++;
+              }
+            }
+            if (cleanedCount > 0) {
+              console.log(`[SecureChannel] Cleaned ${cleanedCount} stale DR room sessions`);
+            }
+          }
           for (const [convId, sessionData] of Object.entries(
             this._persisted.sessions
           )) {
@@ -63019,89 +64130,21 @@ var init_channel = __esm({
       }
       // --- Multi-agent room methods ---
       /**
-       * Join a room by performing X3DH key exchange with each member
-       * for the pairwise conversations involving this device.
+       * Join a room by collecting pairwise conversation IDs involving this device.
+       * Encryption is handled by MLS group operations, not per-member DR sessions.
        */
       async joinRoom(roomData) {
         if (!this._persisted) {
           throw new Error("Channel not initialized");
         }
         await libsodium_wrappers_default.ready;
-        if (roomData.forceRekey) {
-          let cleared = 0;
-          const existingRoom = this._persisted.rooms?.[roomData.roomId];
-          if (existingRoom) {
-            for (const convId of existingRoom.conversationIds) {
-              if (this._sessions.has(convId)) {
-                this._sessions.delete(convId);
-                cleared++;
-              }
-              delete this._persisted.sessions[convId];
-            }
-          }
-          if (this._persisted) {
-            this._persisted.lastMessageTimestamp = (/* @__PURE__ */ new Date()).toISOString();
-          }
-          console.log(
-            `[SecureChannel] Force rekey: cleared ${cleared} sessions for room ${roomData.roomId.slice(0, 8)}...`
-          );
-        }
-        const identity = this._persisted.identityKeypair;
-        const ephemeral = this._persisted.ephemeralKeypair;
         const myDeviceId = this._deviceId;
         const conversationIds = [];
         for (const conv of roomData.conversations) {
           if (conv.participantA !== myDeviceId && conv.participantB !== myDeviceId) {
             continue;
           }
-          if (this._sessions.has(conv.id)) {
-            conversationIds.push(conv.id);
-            continue;
-          }
-          const otherDeviceId = conv.participantA === myDeviceId ? conv.participantB : conv.participantA;
-          const otherMember = roomData.members.find((m2) => m2.deviceId === otherDeviceId);
-          if (!otherMember?.identityPublicKey) {
-            console.warn(
-              `[SecureChannel] No public key for member ${otherDeviceId.slice(0, 8)}..., skipping`
-            );
-            continue;
-          }
-          const isInitiator = myDeviceId < otherDeviceId;
-          const theirEphKey = otherMember.ephemeralPublicKey ?? otherMember.identityPublicKey;
-          const sharedSecret = performX3DH({
-            myIdentityPrivate: hexToBytes(identity.privateKey),
-            myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-            theirIdentityPublic: hexToBytes(otherMember.identityPublicKey),
-            theirEphemeralPublic: hexToBytes(theirEphKey),
-            isInitiator
-          });
-          const peerIdentityPub = hexToBytes(otherMember.identityPublicKey);
-          const ratchet = isInitiator ? DoubleRatchet.initSender(sharedSecret, {
-            publicKey: hexToBytes(identity.publicKey),
-            privateKey: hexToBytes(identity.privateKey),
-            keyType: "ed25519"
-          }, peerIdentityPub) : DoubleRatchet.initReceiver(sharedSecret, {
-            publicKey: hexToBytes(identity.publicKey),
-            privateKey: hexToBytes(identity.privateKey),
-            keyType: "ed25519"
-          }, peerIdentityPub);
-          this._sessions.set(conv.id, {
-            ownerDeviceId: otherDeviceId,
-            ratchet,
-            activated: isInitiator,
-            // initiator can send immediately
-            epoch: 1
-          });
-          this._persisted.sessions[conv.id] = {
-            ownerDeviceId: otherDeviceId,
-            ratchetState: ratchet.serialize(),
-            activated: isInitiator,
-            epoch: 1
-          };
           conversationIds.push(conv.id);
-          console.log(
-            `[SecureChannel] Room session initialized: conv ${conv.id.slice(0, 8)}... with ${otherDeviceId.slice(0, 8)}... (initiator=${isInitiator})`
-          );
         }
         if (!this._persisted.rooms) {
           this._persisted.rooms = {};
@@ -63197,68 +64240,15 @@ var init_channel = __esm({
               }
               return;
             } catch (mlsErr) {
-              console.warn(`[SecureChannel] MLS encrypt failed for room ${roomId.slice(0, 8)}, falling through to legacy:`, mlsErr);
-            }
-          }
-        }
-        const recipients = [];
-        for (const convId of room.conversationIds) {
-          const session = this._sessions.get(convId);
-          if (!session) {
-            console.warn(`[SecureChannel] No session for room conv ${convId.slice(0, 8)}..., skipping`);
-            continue;
-          }
-          const encrypted = session.ratchet.encrypt(plaintext);
-          const transport = encryptedMessageToTransport(encrypted);
-          recipients.push({
-            device_id: session.ownerDeviceId,
-            header_blob: transport.header_blob,
-            ciphertext: transport.ciphertext
-          });
-        }
-        if (recipients.length === 0) {
-          throw new Error("No active sessions in room");
-        }
-        await this._persistState();
-        if (this._state === "ready" && this._ws) {
-          this._ws.send(
-            JSON.stringify({
-              event: "room_message",
-              data: {
-                room_id: roomId,
-                recipients,
-                message_type: messageType,
-                priority: opts?.priority ?? "normal",
-                metadata: opts?.metadata
-              }
-            })
-          );
-        } else {
-          try {
-            const res = await fetch(
-              `${this.config.apiUrl}/api/v1/rooms/${roomId}/messages`,
-              {
-                method: "POST",
-                headers: {
-                  "Content-Type": "application/json",
-                  Authorization: `Bearer ${this._deviceJwt}`
-                },
-                body: JSON.stringify({
-                  recipients,
-                  message_type: messageType,
-                  priority: opts?.priority ?? "normal",
-                  metadata: opts?.metadata
-                })
-              }
-            );
-            if (!res.ok) {
-              const detail = await res.text();
-              throw new Error(`Room message failed (${res.status}): ${detail}`);
+              throw new Error(
+                `MLS encrypt failed for room ${roomId.slice(0, 8)}... \u2014 MLS group must be initialized before sending. Error: ${mlsErr}`
+              );
             }
-          } catch (err) {
-            throw new Error(`Failed to send room message: ${err}`);
           }
         }
+        throw new Error(
+          `Room ${roomId.slice(0, 8)}... has no initialized MLS group. MLS initialization must complete before messages can be sent.`
+        );
       }
       /**
        * Leave a room: remove sessions and persisted room state.
@@ -64088,9 +65078,9 @@ var init_channel = __esm({
           const result = await enrollDevice(
             this.config.apiUrl,
             this.config.inviteToken,
-            bytesToHex(identity.publicKey),
-            bytesToHex(ephemeral.publicKey),
-            bytesToHex(proof),
+            bytesToHex2(identity.publicKey),
+            bytesToHex2(ephemeral.publicKey),
+            bytesToHex2(proof),
             this.config.platform
           );
           this._deviceId = result.device_id;
@@ -64104,12 +65094,12 @@ var init_channel = __esm({
             sessions: {},
             // populated after activation
             identityKeypair: {
-              publicKey: bytesToHex(identity.publicKey),
-              privateKey: bytesToHex(identity.privateKey)
+              publicKey: bytesToHex2(identity.publicKey),
+              privateKey: bytesToHex2(identity.privateKey)
             },
             ephemeralKeypair: {
-              publicKey: bytesToHex(ephemeral.publicKey),
-              privateKey: bytesToHex(ephemeral.privateKey)
+              publicKey: bytesToHex2(ephemeral.publicKey),
+              privateKey: bytesToHex2(ephemeral.privateKey)
             },
             fingerprint: result.fingerprint,
             messageHistory: []
@@ -64172,17 +65162,17 @@ var init_channel = __esm({
             const ownerIdentityKey = conv.owner_identity_public_key || result.owner_identity_public_key;
             const ownerEphemeralKey = conv.owner_ephemeral_public_key || result.owner_ephemeral_public_key || ownerIdentityKey;
             const sharedSecret = performX3DH({
-              myIdentityPrivate: hexToBytes(identity.privateKey),
-              myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-              theirIdentityPublic: hexToBytes(ownerIdentityKey),
-              theirEphemeralPublic: hexToBytes(ownerEphemeralKey),
+              myIdentityPrivate: hexToBytes2(identity.privateKey),
+              myEphemeralPrivate: hexToBytes2(ephemeral.privateKey),
+              theirIdentityPublic: hexToBytes2(ownerIdentityKey),
+              theirEphemeralPublic: hexToBytes2(ownerEphemeralKey),
               isInitiator: false
             });
             const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
-              publicKey: hexToBytes(identity.publicKey),
-              privateKey: hexToBytes(identity.privateKey),
+              publicKey: hexToBytes2(identity.publicKey),
+              privateKey: hexToBytes2(identity.privateKey),
               keyType: "ed25519"
-            }, hexToBytes(ownerIdentityKey));
+            }, hexToBytes2(ownerIdentityKey));
             this._sessions.set(conv.conversation_id, {
               ownerDeviceId: conv.owner_device_id,
               ratchet,
@@ -65308,19 +66298,19 @@ ${messageText}`;
           const identity = this._persisted.identityKeypair;
           const ephemeral = this._persisted.ephemeralKeypair;
           const sharedSecret = performX3DH({
-            myIdentityPrivate: hexToBytes(identity.privateKey),
-            myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-            theirIdentityPublic: hexToBytes(event.owner_identity_public_key),
-            theirEphemeralPublic: hexToBytes(
+            myIdentityPrivate: hexToBytes2(identity.privateKey),
+            myEphemeralPrivate: hexToBytes2(ephemeral.privateKey),
+            theirIdentityPublic: hexToBytes2(event.owner_identity_public_key),
+            theirEphemeralPublic: hexToBytes2(
               event.owner_ephemeral_public_key ?? event.owner_identity_public_key
             ),
             isInitiator: false
           });
           const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
-            publicKey: hexToBytes(identity.publicKey),
-            privateKey: hexToBytes(identity.privateKey),
+            publicKey: hexToBytes2(identity.publicKey),
+            privateKey: hexToBytes2(identity.privateKey),
             keyType: "ed25519"
-          }, hexToBytes(event.owner_identity_public_key));
+          }, hexToBytes2(event.owner_identity_public_key));
           this._sessions.set(event.conversation_id, {
             ownerDeviceId: event.owner_device_id,
             ratchet,
@@ -65367,17 +66357,17 @@ ${messageText}`;
           const identity = this._persisted.identityKeypair;
           const ephemeral = this._persisted.ephemeralKeypair;
           const sharedSecret = performX3DH({
-            myIdentityPrivate: hexToBytes(identity.privateKey),
-            myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-            theirIdentityPublic: hexToBytes(data.identity_public_key),
-            theirEphemeralPublic: hexToBytes(data.ephemeral_public_key),
+            myIdentityPrivate: hexToBytes2(identity.privateKey),
+            myEphemeralPrivate: hexToBytes2(ephemeral.privateKey),
+            theirIdentityPublic: hexToBytes2(data.identity_public_key),
+            theirEphemeralPublic: hexToBytes2(data.ephemeral_public_key),
             isInitiator: false
           });
           const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
-            publicKey: hexToBytes(identity.publicKey),
-            privateKey: hexToBytes(identity.privateKey),
+            publicKey: hexToBytes2(identity.publicKey),
+            privateKey: hexToBytes2(identity.privateKey),
             keyType: "ed25519"
-          }, hexToBytes(data.identity_public_key));
+          }, hexToBytes2(data.identity_public_key));
           const existingSession = this._sessions.get(convId);
           const existingPersisted = this._persisted.sessions[convId];
           const ownerDeviceId = data.sender_device_id ?? existingSession?.ownerDeviceId ?? "";
@@ -65418,250 +66408,8 @@ ${messageText}`;
           this.emit("error", err);
         }
       }
-      /**
-       * Send a resync_request for a room conversation if the cooldown has elapsed.
-       * Shared by all room ratchet failure paths to avoid code duplication.
-       */
-      _sendRoomResyncIfCooled(convId, reason, session) {
-        const RESYNC_COOLDOWN_MS = 5 * 60 * 1e3;
-        const lastResync = this._lastResyncRequest.get(convId) ?? 0;
-        if (Date.now() - lastResync > RESYNC_COOLDOWN_MS && this._ws && this._persisted) {
-          this._lastResyncRequest.set(convId, Date.now());
-          this._ws.send(
-            JSON.stringify({
-              event: "resync_request",
-              data: {
-                conversation_id: convId,
-                reason,
-                identity_public_key: this._persisted.identityKeypair.publicKey,
-                ephemeral_public_key: this._persisted.ephemeralKeypair.publicKey,
-                epoch: session?.epoch
-              }
-            })
-          );
-          console.log(
-            `[SecureChannel] Room resync requested for conv ${convId.slice(0, 8)} (${reason})`
-          );
-        }
-      }
-      /**
-       * Handle an incoming room message (pairwise path — used by sync replay and pairwise room fallback).
-       * Finds the pairwise conversation for the sender, decrypts, and emits a room_message event.
-       */
-      async _handleRoomMessage(msgData) {
-        if (msgData.sender_device_id === this._deviceId) return;
-        this._lastInboundRoomId = msgData.room_id;
-        const convId = msgData.conversation_id ?? this._findConversationForSender(msgData.sender_device_id, msgData.room_id);
-        if (!convId) {
-          console.warn(
-            `[SecureChannel] No conversation found for sender ${msgData.sender_device_id.slice(0, 8)}... in room ${msgData.room_id}`
-          );
-          return;
-        }
-        let session = this._sessions.get(convId);
-        if (!session) {
-          console.warn(
-            `[SecureChannel] No session for room conv ${convId.slice(0, 8)}..., fetching room data`
-          );
-          try {
-            const roomRes = await fetch(
-              `${this.config.apiUrl}/api/v1/rooms/${msgData.room_id}`,
-              {
-                headers: {
-                  Authorization: `Bearer ${this._persisted.deviceJwt}`
-                }
-              }
-            );
-            if (roomRes.ok) {
-              const roomData = await roomRes.json();
-              await this.joinRoom({
-                roomId: roomData.id,
-                name: roomData.name,
-                members: (roomData.members || []).map((m2) => ({
-                  deviceId: m2.device_id,
-                  entityType: m2.entity_type,
-                  displayName: m2.display_name,
-                  identityPublicKey: m2.identity_public_key,
-                  ephemeralPublicKey: m2.ephemeral_public_key
-                })),
-                conversations: (roomData.conversations || []).map((c2) => ({
-                  id: c2.id,
-                  participantA: c2.participant_a,
-                  participantB: c2.participant_b
-                }))
-              });
-              session = this._sessions.get(convId);
-            }
-          } catch (fetchErr) {
-            console.error(
-              `[SecureChannel] Failed to fetch room data for ${msgData.room_id}:`,
-              fetchErr
-            );
-          }
-          if (!session) {
-            console.warn(
-              `[SecureChannel] Still no session for room conv ${convId.slice(0, 8)}... after refresh, skipping`
-            );
-            return;
-          }
-        }
-        const encrypted = transportToEncryptedMessage({
-          header_blob: msgData.header_blob,
-          ciphertext: msgData.ciphertext
-        });
-        let plaintext;
-        const ratchetSnapshot = session.ratchet.serialize();
-        try {
-          plaintext = session.ratchet.decrypt(encrypted);
-        } catch (decryptErr) {
-          try {
-            session.ratchet = DoubleRatchet.deserialize(ratchetSnapshot);
-          } catch {
-          }
-          console.warn(
-            `[SecureChannel] Room decrypt failed for conv ${convId.slice(0, 8)}...: ${String(decryptErr)}, re-initializing ratchet`
-          );
-          try {
-            const roomEntry = this._persisted?.rooms ? Object.values(this._persisted.rooms).find(
-              (r2) => r2.conversationIds.includes(convId)
-            ) : null;
-            if (!roomEntry) throw new Error("Room not found for conversation");
-            const otherMember = roomEntry.members.find(
-              (m2) => m2.deviceId === msgData.sender_device_id
-            );
-            if (!otherMember?.identityPublicKey) throw new Error("No key for sender");
-            const isInitiator = this._deviceId < msgData.sender_device_id;
-            const identity = this._persisted.identityKeypair;
-            const ephemeral = this._persisted.ephemeralKeypair;
-            const sharedSecret = performX3DH({
-              myIdentityPrivate: hexToBytes(identity.privateKey),
-              myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-              theirIdentityPublic: hexToBytes(otherMember.identityPublicKey),
-              theirEphemeralPublic: hexToBytes(
-                otherMember.ephemeralPublicKey ?? otherMember.identityPublicKey
-              ),
-              isInitiator
-            });
-            const peerIdPub = hexToBytes(otherMember.identityPublicKey);
-            const newRatchet = isInitiator ? DoubleRatchet.initSender(sharedSecret, {
-              publicKey: hexToBytes(identity.publicKey),
-              privateKey: hexToBytes(identity.privateKey),
-              keyType: "ed25519"
-            }, peerIdPub) : DoubleRatchet.initReceiver(sharedSecret, {
-              publicKey: hexToBytes(identity.publicKey),
-              privateKey: hexToBytes(identity.privateKey),
-              keyType: "ed25519"
-            }, peerIdPub);
-            session.ratchet = newRatchet;
-            session.activated = false;
-            this._persisted.sessions[convId] = {
-              ownerDeviceId: session.ownerDeviceId,
-              ratchetState: newRatchet.serialize(),
-              activated: false
-            };
-            await this._persistState();
-            console.log(
-              `[SecureChannel] Room ratchet re-initialized for conv ${convId.slice(0, 8)}...`
-            );
-            const incomingMsgNum = encrypted.header.messageNumber;
-            if (incomingMsgNum <= 5) {
-              try {
-                plaintext = session.ratchet.decrypt(encrypted);
-                session.activated = true;
-                if (this._persisted.sessions[convId]) {
-                  this._persisted.sessions[convId].activated = true;
-                }
-                await this._persistState();
-                console.log(
-                  `[SecureChannel] Room session ${convId.slice(0, 8)}... re-activated after ratchet re-init`
-                );
-              } catch (retryErr) {
-                console.warn(
-                  `[SecureChannel] Room re-init retry failed for conv ${convId.slice(0, 8)} (msgNum=${incomingMsgNum}):`,
-                  retryErr
-                );
-                this._sendRoomResyncIfCooled(convId, "room_reinit_retry_failed", session);
-                return;
-              }
-            } else {
-              console.log(
-                `[SecureChannel] Room re-init: skipping message with msgNum=${incomingMsgNum} for conv ${convId.slice(0, 8)} (too far ahead for fresh ratchet)`
-              );
-              this._sendRoomResyncIfCooled(convId, "room_message_skip");
-              return;
-            }
-          } catch (reinitErr) {
-            console.error(
-              `[SecureChannel] Room ratchet re-init failed for conv ${convId.slice(0, 8)}...:`,
-              reinitErr
-            );
-            this._sendRoomResyncIfCooled(convId, "room_reinit_failed");
-            return;
-          }
-        }
-        let messageText;
-        let messageType;
-        try {
-          const parsed = JSON.parse(plaintext);
-          messageType = parsed.type || "message";
-          messageText = parsed.text || plaintext;
-        } catch {
-          messageType = "message";
-          messageText = plaintext;
-        }
-        if (CREDENTIAL_MESSAGE_TYPES.has(messageType)) {
-          this._handleCredentialMessage(msgData.room_id, messageType, messageText, msgData.message_id);
-          if (msgData.created_at && this._persisted) {
-            this._persisted.lastMessageTimestamp = msgData.created_at;
-          }
-          await this._persistState();
-          return;
-        }
-        if (!ROOM_AGENT_TYPES.has(messageType)) {
-          return;
-        }
-        if (!session.activated) {
-          session.activated = true;
-          console.log(
-            `[SecureChannel] Room session ${convId.slice(0, 8)}... activated by first message`
-          );
-        }
-        if (msgData.message_id) {
-          this._sendAck(msgData.message_id);
-        }
-        if (msgData.created_at && this._persisted) {
-          this._persisted.lastMessageTimestamp = msgData.created_at;
-        }
-        await this._persistState();
-        const legacyRoomMembers = this._persisted?.rooms?.[msgData.room_id]?.members ?? [];
-        const legacySenderMember = legacyRoomMembers.find((m2) => m2.deviceId === msgData.sender_device_id);
-        const legacySenderIsAgent = legacySenderMember?.entityType === "agent";
-        const legacySenderLabel = legacySenderMember?.displayName || "someone";
-        const metadata = {
-          messageId: msgData.message_id ?? "",
-          conversationId: convId,
-          timestamp: msgData.created_at ?? (/* @__PURE__ */ new Date()).toISOString(),
-          messageType,
-          roomId: msgData.room_id,
-          senderDeviceId: msgData.sender_device_id,
-          senderIsAgent: legacySenderIsAgent,
-          senderName: legacySenderLabel,
-          roomName: this._persisted?.rooms?.[msgData.room_id]?.name
-        };
-        this._appendHistory("owner", messageText, `room:${msgData.room_id}`);
-        this.emit("room_message", {
-          roomId: msgData.room_id,
-          senderDeviceId: msgData.sender_device_id,
-          senderName: legacySenderLabel,
-          plaintext: messageText,
-          messageType,
-          timestamp: msgData.created_at ?? (/* @__PURE__ */ new Date()).toISOString()
-        });
-        const legacyContextualMessage = legacySenderIsAgent ? messageText : `[${legacySenderLabel}]: ${messageText}`;
-        Promise.resolve(this.config.onMessage?.(legacyContextualMessage, metadata)).catch((err) => {
-          console.error("[SecureChannel] onMessage callback error:", err);
-        });
-      }
+      // _sendRoomResyncIfCooled removed — rooms are MLS-only now
+      // _handleRoomMessage removed — rooms are MLS-only now
       /**
        * Handle credential protocol messages (grant, revoke, request).
        * These are intercepted before reaching the agent's onMessage callback.
@@ -65750,20 +66498,7 @@ ${messageText}`;
       purgeRoomCredentials(roomId) {
         this._credentialStore.purgeForRoom(roomId);
       }
-      /**
-       * Find the pairwise conversation ID for a given sender in a room.
-       */
-      _findConversationForSender(senderDeviceId, roomId) {
-        const room = this._persisted?.rooms?.[roomId];
-        if (!room) return null;
-        for (const convId of room.conversationIds) {
-          const session = this._sessions.get(convId);
-          if (session && session.ownerDeviceId === senderDeviceId) {
-            return convId;
-          }
-        }
-        return null;
-      }
+      // _findConversationForSender removed — rooms are MLS-only now
       // ---------------------------------------------------------------------------
       // MLS room message handlers
       // ---------------------------------------------------------------------------
@@ -65787,11 +66522,33 @@ ${messageText}`;
             return;
           }
         }
-        this._lastInboundRoomId = roomId;
-        const mlsGroup = this._mlsGroups.get(roomId);
-        console.log(`[SecureChannel] MLS decrypt attempt room=${roomId.slice(0, 8)} group=${groupId?.slice(0, 8)} loaded=${!!mlsGroup} init=${mlsGroup?.isInitialized} mlsGroupsKeys=[${Array.from(this._mlsGroups.keys()).join(",")}]`);
+        const resolvedRoomId = roomId;
+        this._lastInboundRoomId = resolvedRoomId;
+        const mlsGroup = this._mlsGroups.get(resolvedRoomId);
+        console.log(`[SecureChannel] MLS decrypt attempt room=${resolvedRoomId.slice(0, 8)} group=${groupId?.slice(0, 8)} loaded=${!!mlsGroup} init=${mlsGroup?.isInitialized} mlsGroupsKeys=[${Array.from(this._mlsGroups.keys()).join(",")}]`);
         if (!mlsGroup?.isInitialized) {
-          console.warn(`[SecureChannel] MLS group not loaded for room ${roomId.slice(0, 8)}`);
+          console.warn(`[SecureChannel] MLS group not loaded for room ${resolvedRoomId.slice(0, 8)}, requesting Welcome`);
+          try {
+            const { MLSGroupManager: MLS } = await init_dist().then(() => dist_exports);
+            const mgr = new MLS();
+            const kp = await mgr.generateKeyPackage(new TextEncoder().encode(this._deviceId));
+            const kpBytes = MLS.serializeKeyPackage(kp.publicPackage);
+            const kpHex = Buffer.from(kpBytes).toString("hex");
+            await fetch(`${this.config.apiUrl}/api/v1/mls/key-packages`, {
+              method: "POST",
+              headers: { Authorization: `Bearer ${this._deviceJwt}`, "Content-Type": "application/json" },
+              body: JSON.stringify({ key_package: kpHex, device_id: this._deviceId })
+            });
+            this._pendingMlsKpBundle = kp;
+            await fetch(`${this.config.apiUrl}/api/v1/mls/groups/${groupId}/request-welcome`, {
+              method: "POST",
+              headers: { Authorization: `Bearer ${this._deviceJwt}`, "Content-Type": "application/json" },
+              body: JSON.stringify({ device_id: this._deviceId })
+            });
+            console.log(`[SecureChannel] Welcome requested for room ${resolvedRoomId.slice(0, 8)} group ${groupId?.slice(0, 8)}`);
+          } catch (reqErr) {
+            console.warn(`[SecureChannel] Welcome request failed for room ${resolvedRoomId.slice(0, 8)}:`, reqErr);
+          }
           return;
         }
         try {
@@ -65813,7 +66570,7 @@ ${messageText}`;
             messageText = rawPlaintext;
           }
           if (CREDENTIAL_MESSAGE_TYPES.has(messageType)) {
-            this._handleCredentialMessage(roomId, messageType, messageText, data.message_id);
+            this._handleCredentialMessage(resolvedRoomId, messageType, messageText, data.message_id);
             if (data.created_at && this._persisted) {
               this._persisted.lastMessageTimestamp = data.created_at;
             }
@@ -65828,13 +66585,13 @@ ${messageText}`;
           }
           if (data.created_at && this._persisted) {
             this._persisted.lastMessageTimestamp = data.created_at;
-            const roomState = this._persisted.rooms?.[roomId];
+            const roomState = this._persisted.rooms?.[resolvedRoomId];
             if (roomState) {
               roomState.lastMlsMessageTs = data.created_at;
             }
           }
           await this._persistState();
-          const roomMembers = this._persisted?.rooms?.[roomId]?.members ?? [];
+          const roomMembers = this._persisted?.rooms?.[resolvedRoomId]?.members ?? [];
           const senderMember = roomMembers.find((m2) => m2.deviceId === senderDeviceId);
           const senderIsAgent = senderMember?.entityType === "agent";
           const metadata = {
@@ -65842,16 +66599,16 @@ ${messageText}`;
             conversationId: "",
             timestamp: data.created_at ?? (/* @__PURE__ */ new Date()).toISOString(),
             messageType,
-            roomId,
+            roomId: resolvedRoomId,
             senderDeviceId,
             senderIsAgent,
             senderName: senderMember?.displayName || "unknown",
-            roomName: this._persisted?.rooms?.[roomId]?.name
+            roomName: this._persisted?.rooms?.[resolvedRoomId]?.name
           };
           const senderLabel = senderMember?.displayName || "someone";
-          this._appendHistory("owner", messageText, `room:${roomId}`);
+          this._appendHistory("owner", messageText, `room:${resolvedRoomId}`);
           this.emit("room_message", {
-            roomId,
+            roomId: resolvedRoomId,
             senderDeviceId,
             senderName: senderLabel,
             plaintext: messageText,
@@ -65863,7 +66620,7 @@ ${messageText}`;
             console.error("[SecureChannel] onMessage callback error (MLS):", err);
           });
         } catch (err) {
-          console.error(`[SecureChannel] MLS room decrypt failed for ${roomId.slice(0, 8)}:`, err);
+          console.error(`[SecureChannel] MLS room decrypt failed for ${resolvedRoomId.slice(0, 8)}:`, err);
         }
       }
       async _handleMlsCommit(data) {
@@ -65892,7 +66649,7 @@ ${messageText}`;
         try {
           const welcomeBytes = new Uint8Array(Buffer.from(data.payload, "hex"));
           const mgr = new MLSGroupManager();
-          const kp = this._mlsKeyPackage ?? await (async () => {
+          const kp = this._pendingMlsKpBundle ?? this._mlsKeyPackage ?? await (async () => {
             const identity = new TextEncoder().encode(this._deviceId);
             return mgr.generateKeyPackage(identity);
           })();
@@ -65909,11 +66666,15 @@ ${messageText}`;
             console.log(`[SecureChannel] Joined 1:1 MLS group for conv ${conversationId.slice(0, 8)} via Welcome (epoch=${mgr.epoch})`);
             return;
           }
+          const welcomeRoomId = data.room_id;
           for (const [roomId, room] of Object.entries(this._persisted?.rooms ?? {})) {
-            if (room.mlsGroupId === groupId) {
+            if (room.mlsGroupId === groupId || roomId === welcomeRoomId) {
+              room.mlsGroupId = groupId;
               this._mlsGroups.set(roomId, mgr);
               await saveMlsState(this.config.dataDir, groupId, JSON.stringify(mgr.exportState()));
+              await this._persistState();
               console.log(`[SecureChannel] Joined MLS group for room ${roomId.slice(0, 8)} via Welcome (epoch=${mgr.epoch})`);
+              this._pendingMlsKpBundle = void 0;
               return;
             }
           }
@@ -66190,22 +66951,6 @@ ${messageText}`;
                 }
               }
               if (roomId) {
-                try {
-                  await this._handleRoomMessage({
-                    room_id: roomId,
-                    sender_device_id: msg.sender_device_id,
-                    conversation_id: msg.conversation_id,
-                    header_blob: msg.header_blob,
-                    ciphertext: msg.ciphertext,
-                    message_id: msg.id,
-                    created_at: msg.created_at
-                  });
-                } catch (roomErr) {
-                  console.warn(
-                    `[SecureChannel] Sync room message failed for ${msg.conversation_id.slice(0, 8)}...:`,
-                    roomErr
-                  );
-                }
                 this._persisted.lastMessageTimestamp = msg.created_at;
                 since = msg.created_at;
                 continue;