@agentvault/agentvault 0.19.59 → 0.19.60

package/dist/index.js

@@ -44659,6 +44659,13 @@ function computeFingerprint(publicKey) {
 function createProofOfPossession(privateKey, publicKey) {
   return libsodium_wrappers_default.crypto_sign_detached(publicKey, privateKey);
 }
+function verifyProofOfPossession(proof, publicKey) {
+  try {
+    return libsodium_wrappers_default.crypto_sign_verify_detached(proof, publicKey, publicKey);
+  } catch {
+    return false;
+  }
+}
 var init_keys = __esm({
   async "../crypto/dist/keys.js"() {
     "use strict";
@@ -45127,6 +45134,74 @@ function jsonCanonical(value) {
   }
   return JSON.stringify(value);
 }
+function base58Encode(bytes) {
+  let zeros = 0;
+  for (const b2 of bytes) {
+    if (b2 === 0)
+      zeros++;
+    else
+      break;
+  }
+  let num = BigInt(0);
+  for (const b2 of bytes) {
+    num = num * 256n + BigInt(b2);
+  }
+  let result = "";
+  while (num > 0n) {
+    const remainder = Number(num % 58n);
+    num = num / 58n;
+    result = BASE58_ALPHABET[remainder] + result;
+  }
+  return "1".repeat(zeros) + result;
+}
+function base58Decode(str) {
+  let zeros = 0;
+  for (const c2 of str) {
+    if (c2 === "1")
+      zeros++;
+    else
+      break;
+  }
+  let num = BigInt(0);
+  for (const c2 of str.slice(zeros)) {
+    const idx = BASE58_ALPHABET.indexOf(c2);
+    if (idx === -1)
+      throw new Error(`Invalid base58 character: ${c2}`);
+    num = num * 58n + BigInt(idx);
+  }
+  const hex3 = num === 0n ? "" : num.toString(16).padStart(2, "0");
+  const paddedHex = hex3.length % 2 ? "0" + hex3 : hex3;
+  const dataBytes = new Uint8Array((paddedHex.match(/.{2}/g) ?? []).map((b2) => parseInt(b2, 16)));
+  const result = new Uint8Array(zeros + dataBytes.length);
+  result.set(dataBytes, zeros);
+  return result;
+}
+function publicKeyToMultibase(publicKey) {
+  const prefixed = new Uint8Array(2 + publicKey.length);
+  prefixed[0] = 237;
+  prefixed[1] = 1;
+  prefixed.set(publicKey, 2);
+  return "z" + base58Encode(prefixed);
+}
+function multibaseToPublicKey(multibase) {
+  if (!multibase.startsWith("z")) {
+    throw new Error("Multibase string must start with 'z' (base58btc)");
+  }
+  const decoded = base58Decode(multibase.slice(1));
+  if (decoded.length < 2 || decoded[0] !== 237 || decoded[1] !== 1) {
+    throw new Error("Invalid Ed25519 multicodec prefix");
+  }
+  return decoded.slice(2);
+}
+async function signDocument(document, privateKey) {
+  await libsodium_wrappers_default.ready;
+  const canonical = canonicalize(document);
+  const domainPrefix = libsodium_wrappers_default.from_string(DOMAIN_DID_DOCUMENT);
+  const message = new Uint8Array(domainPrefix.length + canonical.length);
+  message.set(domainPrefix);
+  message.set(canonical, domainPrefix.length);
+  return libsodium_wrappers_default.crypto_sign_detached(message, privateKey);
+}
 async function verifyDocumentSignature(document, signature, publicKey) {
   await libsodium_wrappers_default.ready;
   const canonical = canonicalize(document);
@@ -45140,12 +45215,61 @@ async function verifyDocumentSignature(document, signature, publicKey) {
     return false;
   }
 }
-var DOMAIN_DID_DOCUMENT;
+function buildDidDocument(params) {
+  const { hubAddress, ownerPublicKey, agentPublicKey, serviceEndpoint, profileEndpoint } = params;
+  const didId = `did:hub:${hubAddress}`;
+  const ownerMultibase = publicKeyToMultibase(ownerPublicKey);
+  const agentMultibase = publicKeyToMultibase(agentPublicKey);
+  const controllerDid = `did:key:${ownerMultibase}`;
+  const now = params.created ?? (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  return {
+    "@context": [
+      "https://www.w3.org/ns/did/v1",
+      "https://w3id.org/security/suites/ed25519-2020/v1"
+    ],
+    id: didId,
+    controller: controllerDid,
+    verificationMethod: [
+      {
+        id: `${didId}#owner-key`,
+        type: "Ed25519VerificationKey2020",
+        controller: didId,
+        publicKeyMultibase: ownerMultibase
+      },
+      {
+        id: `${didId}#agent-key`,
+        type: "Ed25519VerificationKey2020",
+        controller: didId,
+        publicKeyMultibase: agentMultibase
+      }
+    ],
+    authentication: [`${didId}#owner-key`],
+    assertionMethod: [`${didId}#owner-key`, `${didId}#agent-key`],
+    service: [
+      {
+        id: `${didId}#messaging`,
+        type: "AgentVaultSecureChannel",
+        serviceEndpoint
+      },
+      {
+        id: `${didId}#profile`,
+        type: "AgentVaultProfile",
+        serviceEndpoint: profileEndpoint
+      }
+    ],
+    created: now,
+    updated: now
+  };
+}
+var DOMAIN_DID_DOCUMENT, DOMAIN_TRANSFER_INTENT, DOMAIN_TRANSFER_ACCEPT, BASE58_ALPHABET;
 var init_did = __esm({
   async "../crypto/dist/did.js"() {
     "use strict";
     await init_libsodium_wrappers();
     DOMAIN_DID_DOCUMENT = "DID-DOCUMENT:";
+    DOMAIN_TRANSFER_INTENT = "TRANSFER-INTENT:";
+    DOMAIN_TRANSFER_ACCEPT = "TRANSFER-ACCEPT:";
+    BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
   }
 });
 
@@ -45428,25 +45552,373 @@ var init_scan_engine = __esm({
 });
 
 // ../crypto/dist/merkle.js
+function jcsCanonical(value) {
+  if (value === void 0)
+    return void 0;
+  if (value === null)
+    return "null";
+  if (typeof value === "boolean" || typeof value === "number")
+    return JSON.stringify(value);
+  if (typeof value === "string")
+    return JSON.stringify(value);
+  if (Array.isArray(value)) {
+    return "[" + value.map(jcsCanonical).join(",") + "]";
+  }
+  if (typeof value === "object") {
+    const keys = Object.keys(value).sort();
+    const entries = keys.map((k2) => {
+      const v2 = jcsCanonical(value[k2]);
+      if (v2 === void 0)
+        return void 0;
+      return JSON.stringify(k2) + ":" + v2;
+    }).filter((entry) => entry !== void 0);
+    return "{" + entries.join(",") + "}";
+  }
+  return JSON.stringify(value);
+}
+function hexToBytes(hex3) {
+  const h2 = hex3.startsWith("0x") ? hex3.slice(2) : hex3;
+  const bytes = new Uint8Array(h2.length / 2);
+  for (let i2 = 0; i2 < bytes.length; i2++) {
+    bytes[i2] = parseInt(h2.substr(i2 * 2, 2), 16);
+  }
+  return bytes;
+}
+function bytesToHex(bytes) {
+  return Array.from(bytes).map((b2) => b2.toString(16).padStart(2, "0")).join("");
+}
+function computeDidHash(didDocument) {
+  const json2 = jcsCanonical(didDocument) ?? "";
+  const bytes = libsodium_wrappers_default.from_string(json2);
+  const hash2 = libsodium_wrappers_default.crypto_hash_sha256(bytes);
+  return "0x" + bytesToHex(hash2);
+}
+function verifyMerkleProof(leafHash, proof, merkleRoot) {
+  let current = hexToBytes(leafHash);
+  for (const step of proof) {
+    const sibling2 = hexToBytes(step.hash);
+    const combined = new Uint8Array(current.length + sibling2.length);
+    if (step.position === "left") {
+      combined.set(sibling2);
+      combined.set(current, sibling2.length);
+    } else {
+      combined.set(current);
+      combined.set(sibling2, current.length);
+    }
+    current = libsodium_wrappers_default.crypto_hash_sha256(combined);
+  }
+  const rootBytes = hexToBytes(merkleRoot);
+  if (current.length !== rootBytes.length)
+    return false;
+  for (let i2 = 0; i2 < current.length; i2++) {
+    if (current[i2] !== rootBytes[i2])
+      return false;
+  }
+  return true;
+}
 var init_merkle = __esm({
   async "../crypto/dist/merkle.js"() {
     "use strict";
+    await init_libsodium_wrappers();
   }
 });
 
 // ../crypto/dist/vc.js
+async function sha256(data) {
+  await libsodium_wrappers_default.ready;
+  return libsodium_wrappers_default.crypto_hash_sha256(data);
+}
+function base58Encode2(bytes) {
+  let zeros = 0;
+  for (const b2 of bytes) {
+    if (b2 === 0)
+      zeros++;
+    else
+      break;
+  }
+  let num = BigInt(0);
+  for (const b2 of bytes) {
+    num = num * 256n + BigInt(b2);
+  }
+  let result = "";
+  while (num > 0n) {
+    const remainder = Number(num % 58n);
+    num = num / 58n;
+    result = BASE58_ALPHABET2[remainder] + result;
+  }
+  return "1".repeat(zeros) + result;
+}
+function base58Decode2(str) {
+  let zeros = 0;
+  for (const c2 of str) {
+    if (c2 === "1")
+      zeros++;
+    else
+      break;
+  }
+  let num = BigInt(0);
+  for (const c2 of str.slice(zeros)) {
+    const idx = BASE58_ALPHABET2.indexOf(c2);
+    if (idx === -1)
+      throw new Error(`Invalid base58 character: ${c2}`);
+    num = num * 58n + BigInt(idx);
+  }
+  const hex3 = num === 0n ? "" : num.toString(16).padStart(2, "0");
+  const paddedHex = hex3.length % 2 ? "0" + hex3 : hex3;
+  const dataBytes = new Uint8Array((paddedHex.match(/.{2}/g) ?? []).map((b2) => parseInt(b2, 16)));
+  const result = new Uint8Array(zeros + dataBytes.length);
+  result.set(dataBytes, zeros);
+  return result;
+}
+async function computeHashData(document, proofConfig) {
+  const proofConfigBytes = canonicalize(proofConfig);
+  const proofConfigHash = await sha256(proofConfigBytes);
+  const docWithoutProof = { ...document };
+  delete docWithoutProof.proof;
+  const documentBytes = canonicalize(docWithoutProof);
+  const documentHash = await sha256(documentBytes);
+  const hashData = new Uint8Array(64);
+  hashData.set(proofConfigHash, 0);
+  hashData.set(documentHash, 32);
+  return hashData;
+}
+async function signWithDataIntegrity(document, privateKey, verificationMethod, proofPurpose = "assertionMethod", created) {
+  await libsodium_wrappers_default.ready;
+  const timestamp = created ?? (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  const proofConfig = {
+    type: "DataIntegrityProof",
+    cryptosuite: CRYPTOSUITE,
+    created: timestamp,
+    verificationMethod,
+    proofPurpose
+  };
+  const hashData = await computeHashData(document, proofConfig);
+  const signature = libsodium_wrappers_default.crypto_sign_detached(hashData, privateKey);
+  const proofValue = "z" + base58Encode2(signature);
+  const proof = {
+    type: "DataIntegrityProof",
+    cryptosuite: CRYPTOSUITE,
+    created: timestamp,
+    verificationMethod,
+    proofPurpose,
+    proofValue
+  };
+  return { ...document, proof };
+}
+async function verifyDataIntegrity(document, publicKey) {
+  await libsodium_wrappers_default.ready;
+  const proof = document.proof;
+  if (!proof || proof.type !== "DataIntegrityProof" || proof.cryptosuite !== CRYPTOSUITE) {
+    return false;
+  }
+  if (!proof.proofValue.startsWith("z")) {
+    return false;
+  }
+  const signature = base58Decode2(proof.proofValue.slice(1));
+  if (signature.length !== 64) {
+    return false;
+  }
+  const proofConfig = {
+    type: proof.type,
+    cryptosuite: proof.cryptosuite,
+    created: proof.created,
+    verificationMethod: proof.verificationMethod,
+    proofPurpose: proof.proofPurpose
+  };
+  const hashData = await computeHashData(document, proofConfig);
+  try {
+    return libsodium_wrappers_default.crypto_sign_verify_detached(signature, hashData, publicKey);
+  } catch {
+    return false;
+  }
+}
+function buildAgentTrustCredential(params) {
+  const now = (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  return {
+    "@context": [
+      VC_CONTEXT_V2,
+      {
+        AgentTrustCredential: "https://agentvault.chat/vocab#AgentTrustCredential",
+        trustTier: "https://agentvault.chat/vocab#trustTier",
+        compositeScore: "https://agentvault.chat/vocab#compositeScore",
+        scoreWindow: "https://agentvault.chat/vocab#scoreWindow",
+        scoreDimensions: "https://agentvault.chat/vocab#scoreDimensions",
+        volume: "https://agentvault.chat/vocab#volume",
+        responsiveness: "https://agentvault.chat/vocab#responsiveness",
+        uptime: "https://agentvault.chat/vocab#uptime",
+        compliance: "https://agentvault.chat/vocab#compliance",
+        verificationEndpoint: "https://agentvault.chat/vocab#verificationEndpoint"
+      }
+    ],
+    id: params.credentialId,
+    type: ["VerifiableCredential", "AgentTrustCredential"],
+    issuer: params.issuerName ? { id: params.issuerDid, name: params.issuerName } : params.issuerDid,
+    validFrom: params.validFrom ?? now,
+    ...params.validUntil ? { validUntil: params.validUntil } : {},
+    credentialSubject: {
+      id: params.subjectDid,
+      trustTier: params.trustTier,
+      compositeScore: params.compositeScore,
+      scoreWindow: params.scoreWindow,
+      ...params.dimensions ? {
+        scoreDimensions: {
+          volume: params.dimensions.volume,
+          responsiveness: params.dimensions.responsiveness,
+          uptime: params.dimensions.uptime,
+          compliance: params.dimensions.compliance
+        }
+      } : {},
+      ...params.verificationEndpoint ? { verificationEndpoint: params.verificationEndpoint } : {}
+    }
+  };
+}
+function buildSkillAttestation(params) {
+  const now = (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  return {
+    "@context": [
+      VC_CONTEXT_V2,
+      {
+        SkillAttestation: "https://agentvault.chat/vocab#SkillAttestation",
+        skillName: "https://agentvault.chat/vocab#skillName",
+        skillNamespace: "https://agentvault.chat/vocab#skillNamespace",
+        proficiencyLevel: "https://agentvault.chat/vocab#proficiencyLevel",
+        totalInvocations: "https://agentvault.chat/vocab#totalInvocations",
+        successRate: "https://agentvault.chat/vocab#successRate",
+        assessedAt: "https://agentvault.chat/vocab#assessedAt"
+      }
+    ],
+    id: params.credentialId,
+    type: ["VerifiableCredential", "SkillAttestation"],
+    issuer: params.issuerName ? { id: params.issuerDid, name: params.issuerName } : params.issuerDid,
+    validFrom: params.validFrom ?? now,
+    ...params.validUntil ? { validUntil: params.validUntil } : {},
+    credentialSubject: {
+      id: params.subjectDid,
+      skillName: params.skillName,
+      skillNamespace: params.skillNamespace,
+      ...params.proficiencyLevel ? { proficiencyLevel: params.proficiencyLevel } : {},
+      ...params.totalInvocations !== void 0 ? { totalInvocations: params.totalInvocations } : {},
+      ...params.successRate !== void 0 ? { successRate: params.successRate } : {},
+      ...params.assessedAt ? { assessedAt: params.assessedAt } : {}
+    }
+  };
+}
+function buildPerformanceRecord(params) {
+  const now = (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  return {
+    "@context": [
+      VC_CONTEXT_V2,
+      {
+        PerformanceRecord: "https://agentvault.chat/vocab#PerformanceRecord",
+        periodStart: "https://agentvault.chat/vocab#periodStart",
+        periodEnd: "https://agentvault.chat/vocab#periodEnd",
+        messagesHandled: "https://agentvault.chat/vocab#messagesHandled",
+        avgResponseTimeMs: "https://agentvault.chat/vocab#avgResponseTimeMs",
+        uptimePercentage: "https://agentvault.chat/vocab#uptimePercentage",
+        policyViolations: "https://agentvault.chat/vocab#policyViolations",
+        compositeScore: "https://agentvault.chat/vocab#compositeScore"
+      }
+    ],
+    id: params.credentialId,
+    type: ["VerifiableCredential", "PerformanceRecord"],
+    issuer: params.issuerName ? { id: params.issuerDid, name: params.issuerName } : params.issuerDid,
+    validFrom: params.validFrom ?? now,
+    ...params.validUntil ? { validUntil: params.validUntil } : {},
+    credentialSubject: {
+      id: params.subjectDid,
+      periodStart: params.periodStart,
+      periodEnd: params.periodEnd,
+      messagesHandled: params.messagesHandled,
+      avgResponseTimeMs: params.avgResponseTimeMs,
+      uptimePercentage: params.uptimePercentage,
+      policyViolations: params.policyViolations,
+      compositeScore: params.compositeScore
+    }
+  };
+}
+function buildAgentTrustReportCredential(params) {
+  const now = (/* @__PURE__ */ new Date()).toISOString().replace(/\.\d{3}Z$/, "Z");
+  const subject = {
+    id: params.subjectDid,
+    reportPeriod: {
+      start: params.reportPeriodStart,
+      end: params.reportPeriodEnd
+    },
+    trustTier: params.trustTier,
+    compositeScore: params.compositeScore
+  };
+  if (params.dimensions)
+    subject.dimensions = params.dimensions;
+  if (params.trending)
+    subject.trending = params.trending;
+  if (params.fleetComparison)
+    subject.fleetComparison = params.fleetComparison;
+  if (params.driftStatus)
+    subject.driftStatus = params.driftStatus;
+  if (params.auditIntegrity)
+    subject.auditIntegrity = params.auditIntegrity;
+  if (params.telemetrySummary)
+    subject.telemetrySummary = params.telemetrySummary;
+  if (params.verificationEndpoint)
+    subject.verificationEndpoint = params.verificationEndpoint;
+  return {
+    "@context": [
+      VC_CONTEXT_V2,
+      {
+        AgentTrustReport: "https://agentvault.chat/vocab#AgentTrustReport",
+        reportPeriod: "https://agentvault.chat/vocab#reportPeriod",
+        trustTier: "https://agentvault.chat/vocab#trustTier",
+        compositeScore: "https://agentvault.chat/vocab#compositeScore",
+        dimensions: "https://agentvault.chat/vocab#dimensions",
+        trending: "https://agentvault.chat/vocab#trending",
+        fleetComparison: "https://agentvault.chat/vocab#fleetComparison",
+        driftStatus: "https://agentvault.chat/vocab#driftStatus",
+        auditIntegrity: "https://agentvault.chat/vocab#auditIntegrity",
+        telemetrySummary: "https://agentvault.chat/vocab#telemetrySummary",
+        verificationEndpoint: "https://agentvault.chat/vocab#verificationEndpoint"
+      }
+    ],
+    id: params.credentialId,
+    type: ["VerifiableCredential", "AgentTrustReport"],
+    issuer: params.issuerName ? { id: params.issuerDid, name: params.issuerName } : params.issuerDid,
+    validFrom: params.validFrom ?? now,
+    ...params.validUntil ? { validUntil: params.validUntil } : {},
+    credentialSubject: subject
+  };
+}
+function buildVerifiablePresentation(holderDid, credentials, presentationId) {
+  return {
+    "@context": [VC_CONTEXT_V2],
+    type: "VerifiablePresentation",
+    ...presentationId ? { id: presentationId } : {},
+    holder: holderDid,
+    verifiableCredential: credentials
+  };
+}
+async function issueCredential(credential, privateKey, verificationMethod) {
+  return signWithDataIntegrity(credential, privateKey, verificationMethod, "assertionMethod");
+}
+async function presentCredentials(presentation, privateKey, verificationMethod) {
+  return signWithDataIntegrity(presentation, privateKey, verificationMethod, "authentication");
+}
+var VC_CONTEXT_V2, AV_CREDENTIAL_CONTEXT, CRYPTOSUITE, BASE58_ALPHABET2;
 var init_vc = __esm({
   async "../crypto/dist/vc.js"() {
     "use strict";
+    await init_libsodium_wrappers();
     await init_did();
+    VC_CONTEXT_V2 = "https://www.w3.org/ns/credentials/v2";
+    AV_CREDENTIAL_CONTEXT = "https://agentvault.chat/ns/credentials/v1";
+    CRYPTOSUITE = "eddsa-jcs-2022";
+    BASE58_ALPHABET2 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
   }
 });
 
 // ../crypto/dist/transport.js
-function hexToBytes(hex3) {
+function hexToBytes2(hex3) {
   return libsodium_wrappers_default.from_hex(hex3);
 }
-function bytesToHex(bytes) {
+function bytesToHex2(bytes) {
   return libsodium_wrappers_default.to_hex(bytes);
 }
 function base64ToBytes(b64) {
@@ -45484,6 +45956,70 @@ function transportToEncryptedMessage(transport) {
     ciphertext: base64ToBytes(transport.ciphertext)
   };
 }
+function encryptedMessageToTransportV2(msg) {
+  if (!msg.encryptedHeader || !msg.headerNonce) {
+    throw new Error("encryptedMessageToTransportV2 requires v2 encrypted message");
+  }
+  return {
+    envelope_version: "2.0.0",
+    encrypted_header: bytesToBase64(msg.encryptedHeader),
+    header_nonce: bytesToBase64(msg.headerNonce),
+    header_signature: bytesToBase64(msg.headerSignature),
+    nonce: bytesToBase64(msg.nonce),
+    ciphertext: bytesToBase64(msg.ciphertext)
+  };
+}
+function transportV2ToEncryptedMessage(transport, plaintextHeader) {
+  return {
+    header: plaintextHeader,
+    headerSignature: base64ToBytes(transport.header_signature),
+    ciphertext: base64ToBytes(transport.ciphertext),
+    nonce: base64ToBytes(transport.nonce),
+    envelopeVersion: "2.0.0",
+    encryptedHeader: base64ToBytes(transport.encrypted_header),
+    headerNonce: base64ToBytes(transport.header_nonce)
+  };
+}
+function encryptedMessageToTransportV2Full(msg) {
+  if (!msg.encryptedHeader || !msg.headerNonce) {
+    throw new Error("encryptedMessageToTransportV2Full requires v2 encrypted message");
+  }
+  const v1 = encryptedMessageToTransport(msg);
+  return {
+    ...v1,
+    envelope_version: "2.0.0",
+    encrypted_header: bytesToBase64(msg.encryptedHeader),
+    header_nonce: bytesToBase64(msg.headerNonce)
+  };
+}
+function encryptedMessageToHexTransport(msg) {
+  const headerObj = {
+    dhPublicKey: bytesToHex2(msg.header.dhPublicKey),
+    previousChainLength: msg.header.previousChainLength,
+    messageNumber: msg.header.messageNumber
+  };
+  const headerBlobHex = Buffer.from(JSON.stringify(headerObj)).toString("hex");
+  return {
+    header_blob: headerBlobHex,
+    header_signature: bytesToHex2(msg.headerSignature),
+    ciphertext: bytesToHex2(msg.ciphertext),
+    nonce: bytesToHex2(msg.nonce)
+  };
+}
+function hexTransportToEncryptedMessage(transport) {
+  const headerJson = Buffer.from(transport.header_blob, "hex").toString("utf-8");
+  const headerObj = JSON.parse(headerJson);
+  return {
+    header: {
+      dhPublicKey: hexToBytes2(headerObj.dhPublicKey),
+      previousChainLength: headerObj.previousChainLength,
+      messageNumber: headerObj.messageNumber
+    },
+    headerSignature: hexToBytes2(transport.header_signature),
+    ciphertext: hexToBytes2(transport.ciphertext),
+    nonce: hexToBytes2(transport.nonce)
+  };
+}
 var init_transport = __esm({
   async "../crypto/dist/transport.js"() {
     "use strict";
@@ -45747,6 +46283,33 @@ function buildEvalSpan(opts) {
     status: { code: 0 }
   };
 }
+function buildForgeSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "ai.agent.forge.session_id": opts.forgeSessionId,
+    "ai.agent.forge.phase": opts.phase
+  };
+  if (opts.stageNumber !== void 0)
+    attributes["ai.agent.forge.stage_number"] = opts.stageNumber;
+  if (opts.artifactCount !== void 0)
+    attributes["ai.agent.forge.artifact_count"] = opts.artifactCount;
+  if (opts.scanStatus !== void 0)
+    attributes["ai.agent.forge.scan_status"] = opts.scanStatus;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: `forge.${opts.phase}`,
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
 function buildPolicyViolationSpan(opts) {
   const now = Date.now();
   const attributes = {
@@ -45775,9 +46338,306 @@ function buildPolicyViolationSpan(opts) {
     status: isBlock ? { code: 2, message: `Policy violation: ${opts.violationType}` } : { code: 0 }
   };
 }
+function buildDecisionSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.decision.id": opts.decisionId,
+    "av.decision.phase": opts.phase
+  };
+  if (opts.priority)
+    attributes["av.decision.priority"] = opts.priority;
+  if (opts.category)
+    attributes["av.decision.category"] = opts.category;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.decision",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildResyncSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.resync.conversation_id": opts.conversationId,
+    "av.resync.phase": opts.phase
+  };
+  if (opts.reason)
+    attributes["av.resync.reason"] = opts.reason;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.resync",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildA2aSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.a2a.channel_id": opts.channelId,
+    "av.a2a.operation": opts.operation
+  };
+  if (opts.peerHubAddress)
+    attributes["av.a2a.peer_hub_address"] = opts.peerHubAddress;
+  if (opts.role)
+    attributes["av.a2a.role"] = opts.role;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.a2a",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildScanSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.scan.target": opts.scanTarget,
+    "av.scan.type": opts.scanType,
+    "av.scan.violation_count": opts.violationCount,
+    "av.scan.rule_count": opts.ruleCount
+  };
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error" || opts.violationCount > 0;
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.scan",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildWorkspaceSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.workspace.id": opts.workspaceId,
+    "av.workspace.operation": opts.operation
+  };
+  if (opts.fileName)
+    attributes["av.workspace.file_name"] = opts.fileName;
+  if (opts.fileSizeBytes !== void 0)
+    attributes["av.workspace.file_size_bytes"] = opts.fileSizeBytes;
+  if (opts.encrypted !== void 0)
+    attributes["av.workspace.encrypted"] = opts.encrypted;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.workspace",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildCapabilitySpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.skill.operation": opts.operation,
+    "av.skill.success": opts.success
+  };
+  if (opts.skillName)
+    attributes["av.skill.name"] = opts.skillName;
+  if (opts.version)
+    attributes["av.skill.version"] = opts.version;
+  if (opts.certificationTier)
+    attributes["av.skill.certification_tier"] = opts.certificationTier;
+  if (opts.toolsUsed?.length)
+    attributes["av.skill.tools_used"] = opts.toolsUsed.join(",");
+  const status = opts.success ? { code: 0 } : { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.skill.invoke",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildEnrollmentSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.enrollment.phase": opts.phase
+  };
+  if (opts.deviceId)
+    attributes["av.enrollment.device_id"] = opts.deviceId;
+  if (opts.enrollmentType)
+    attributes["av.enrollment.type"] = opts.enrollmentType;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error" || opts.phase === "fail";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.enrollment",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildRoomSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.room.id": opts.roomId,
+    "av.room.operation": opts.operation
+  };
+  if (opts.roomName)
+    attributes["av.room.name"] = opts.roomName;
+  if (opts.memberCount !== void 0)
+    attributes["av.room.member_count"] = opts.memberCount;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.room",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildTrustSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.trust.agent_hub_address": opts.agentHubAddress,
+    "av.trust.operation": opts.operation
+  };
+  if (opts.previousTier)
+    attributes["av.trust.previous_tier"] = opts.previousTier;
+  if (opts.newTier)
+    attributes["av.trust.new_tier"] = opts.newTier;
+  if (opts.overallScore !== void 0)
+    attributes["av.trust.overall_score"] = opts.overallScore;
+  if (opts.dimension)
+    attributes["av.trust.dimension"] = opts.dimension;
+  if (opts.dimensionScore !== void 0)
+    attributes["av.trust.dimension_score"] = opts.dimensionScore;
+  applySkillName(attributes, opts.skillName);
+  const isError = opts.status === "error";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.trust",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
+function buildEvalRunSpan(opts) {
+  const now = Date.now();
+  const attributes = {
+    "av.eval.scenario_id": opts.scenarioId,
+    "av.eval.agent_id": opts.agentId,
+    "av.eval.status": opts.status,
+    "av.eval.latency_ms": opts.latencyMs
+  };
+  if (opts.scenarioName)
+    attributes["av.eval.scenario_name"] = opts.scenarioName;
+  if (opts.variationType)
+    attributes["av.eval.variation_type"] = opts.variationType;
+  if (opts.shiftMagnitude !== void 0)
+    attributes["av.eval.shift_magnitude"] = opts.shiftMagnitude;
+  if (opts.outcomeMatch !== void 0)
+    attributes["av.eval.outcome_match"] = opts.outcomeMatch;
+  if (opts.flagged !== void 0)
+    attributes["av.eval.flagged"] = opts.flagged;
+  if (opts.flagReason)
+    attributes["av.eval.flag_reason"] = opts.flagReason;
+  const isError = opts.status === "failed";
+  const status = isError ? { code: 2, ...opts.statusMessage ? { message: opts.statusMessage } : {} } : { code: 0 };
+  return {
+    traceId: opts.traceId ?? generateTraceId(),
+    spanId: opts.spanId ?? generateSpanId(),
+    parentSpanId: opts.parentSpanId,
+    name: "av.eval.run",
+    kind: "internal",
+    startTime: now - opts.latencyMs,
+    endTime: now,
+    attributes,
+    status
+  };
+}
 function buildTraceparent(span) {
   return `00-${span.traceId}-${span.spanId}-01`;
 }
+function parseTraceparent(header) {
+  const parts = header.split("-");
+  if (parts.length !== 4)
+    return null;
+  const [version2, traceId, parentId, traceFlags] = parts;
+  if (!version2 || !traceId || !parentId || !traceFlags)
+    return null;
+  if (traceId.length !== 32 || parentId.length !== 16)
+    return null;
+  return { version: version2, traceId, parentId, traceFlags };
+}
+function spanToTraceContext(span, tracestate) {
+  return {
+    traceparent: buildTraceparent(span),
+    tracestate: tracestate ?? `av=s:${span.spanId}`
+  };
+}
+function propagateContext(incomingTraceparent) {
+  const parsed = parseTraceparent(incomingTraceparent);
+  if (!parsed)
+    return null;
+  return {
+    traceId: parsed.traceId,
+    parentSpanId: parsed.parentId,
+    spanId: generateSpanId()
+  };
+}
+function spanToW3CHeaders(span, tracestate) {
+  return {
+    traceparent: buildTraceparent(span),
+    tracestate: tracestate ?? `av=s:${span.spanId}`
+  };
+}
 var init_telemetry = __esm({
   "../crypto/dist/telemetry.js"() {
     "use strict";
@@ -45948,6 +46808,29 @@ var init_telemetry_reporter = __esm({
 });
 
 // ../crypto/dist/backup.js
+async function generateBackupCode() {
+  await libsodium_wrappers_default.ready;
+  const bytes = libsodium_wrappers_default.randombytes_buf(13);
+  let bits = 0n;
+  for (const b2 of bytes) {
+    bits = bits << 8n | BigInt(b2);
+  }
+  bits >>= 4n;
+  let code = "";
+  for (let i2 = 0; i2 < 20; i2++) {
+    const idx = Number(bits & 0x1fn);
+    code = CROCKFORD[idx] + code;
+    bits >>= 5n;
+  }
+  return code;
+}
+function formatBackupCode(code) {
+  const clean5 = code.replace(/[-\s]/g, "").toUpperCase();
+  return clean5.match(/.{1,4}/g)?.join("-") ?? clean5;
+}
+function normalizeBackupCode(input) {
+  return input.replace(/[-\s]/g, "").toUpperCase();
+}
 async function deriveBackupKey(code, salt) {
   await libsodium_wrappers_default.ready;
   return libsodium_wrappers_default.crypto_pwhash(KEY_BYTES, code, salt, ARGON2_OPSLIMIT, ARGON2_MEMLIMIT, libsodium_wrappers_default.crypto_pwhash_ALG_ARGON2ID13);
@@ -45969,28 +46852,88 @@ async function encryptBackupWithKey(bundle, key, salt) {
   result.set(ciphertext, SALT_BYTES + NONCE_BYTES);
   return result;
 }
+async function decryptBackup(encrypted, code) {
+  await libsodium_wrappers_default.ready;
+  const minLen = SALT_BYTES + NONCE_BYTES + libsodium_wrappers_default.crypto_aead_xchacha20poly1305_ietf_ABYTES;
+  if (encrypted.length < minLen) {
+    throw new Error("Incorrect backup code or corrupt backup");
+  }
+  const salt = encrypted.slice(0, SALT_BYTES);
+  const nonce = encrypted.slice(SALT_BYTES, SALT_BYTES + NONCE_BYTES);
+  const ciphertext = encrypted.slice(SALT_BYTES + NONCE_BYTES);
+  const key = await deriveBackupKey(code, salt);
+  let plaintext;
+  try {
+    plaintext = libsodium_wrappers_default.crypto_aead_xchacha20poly1305_ietf_decrypt(null, ciphertext, null, nonce, key);
+  } catch {
+    throw new Error("Incorrect backup code or corrupt backup");
+  }
+  let bundle;
+  try {
+    bundle = JSON.parse(libsodium_wrappers_default.to_string(plaintext));
+  } catch {
+    throw new Error("Incorrect backup code or corrupt backup");
+  }
+  if (bundle.version !== BACKUP_VERSION) {
+    throw new Error(`Unsupported backup version: ${bundle.version}`);
+  }
+  return bundle;
+}
 async function hashBackupCode(code) {
   await libsodium_wrappers_default.ready;
   return libsodium_wrappers_default.crypto_generichash(32, libsodium_wrappers_default.from_string(code));
 }
-var ARGON2_OPSLIMIT, ARGON2_MEMLIMIT, SALT_BYTES, NONCE_BYTES, KEY_BYTES, MAX_BACKUP_SIZE;
+var CROCKFORD, ARGON2_OPSLIMIT, ARGON2_MEMLIMIT, SALT_BYTES, NONCE_BYTES, KEY_BYTES, BACKUP_VERSION, MAX_BACKUP_SIZE;
 var init_backup = __esm({
   async "../crypto/dist/backup.js"() {
     "use strict";
     await init_libsodium_wrappers();
+    CROCKFORD = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
     ARGON2_OPSLIMIT = 2;
     ARGON2_MEMLIMIT = 67108864;
     SALT_BYTES = 16;
     NONCE_BYTES = 24;
     KEY_BYTES = 32;
+    BACKUP_VERSION = 1;
     MAX_BACKUP_SIZE = 512 * 1024;
   }
 });
 
 // ../crypto/dist/approval.js
+async function createApprovalArtifact(content, privateKeyHex) {
+  await libsodium_wrappers_default.ready;
+  const sodium = libsodium_wrappers_default;
+  const privateKey = sodium.from_hex(privateKeyHex);
+  const publicKey = privateKey.slice(32);
+  const message = canonicalize(content);
+  const signatureBytes = sodium.crypto_sign_detached(message, privateKey);
+  return {
+    content,
+    signature: sodium.to_hex(signatureBytes),
+    signerPublicKey: sodium.to_hex(publicKey),
+    createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+    version: 1
+  };
+}
+async function verifyApprovalArtifact(artifact, expectedPublicKeyHex) {
+  await libsodium_wrappers_default.ready;
+  const sodium = libsodium_wrappers_default;
+  if (expectedPublicKeyHex && artifact.signerPublicKey !== expectedPublicKeyHex) {
+    return false;
+  }
+  try {
+    const publicKey = sodium.from_hex(artifact.signerPublicKey);
+    const signature = sodium.from_hex(artifact.signature);
+    const message = canonicalize(artifact.content);
+    return sodium.crypto_sign_verify_detached(signature, message, publicKey);
+  } catch {
+    return false;
+  }
+}
 var init_approval = __esm({
   async "../crypto/dist/approval.js"() {
     "use strict";
+    await init_libsodium_wrappers();
     await init_did();
   }
 });
@@ -54937,7 +55880,7 @@ function byteSwap32(arr) {
   }
   return arr;
 }
-function bytesToHex3(bytes) {
+function bytesToHex4(bytes) {
   abytes3(bytes);
   if (hasHexBuiltin)
     return bytes.toHex();
@@ -54956,7 +55899,7 @@ function asciiToBase16(ch) {
     return ch - (asciis.a - 10);
   return;
 }
-function hexToBytes3(hex3) {
+function hexToBytes4(hex3) {
   if (typeof hex3 !== "string")
     throw new Error("hex string expected, got " + typeof hex3);
   if (hasHexBuiltin)
@@ -55252,7 +56195,7 @@ var init_u642 = __esm({
 });
 
 // ../../node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha2.js
-var SHA256_K, SHA256_W, SHA256, K512, SHA512_Kh, SHA512_Kl, SHA512_W_H, SHA512_W_L, SHA512, SHA384, sha2562, sha5122, sha3842;
+var SHA256_K, SHA256_W, SHA256, K512, SHA512_Kh, SHA512_Kl, SHA512_W_H, SHA512_W_L, SHA512, SHA384, sha2563, sha5122, sha3842;
 var init_sha22 = __esm({
   "../../node_modules/@noble/curves/node_modules/@noble/hashes/esm/sha2.js"() {
     init_md2();
@@ -55613,7 +56556,7 @@ var init_sha22 = __esm({
         this.Hl = SHA384_IV2[15] | 0;
       }
     };
-    sha2562 = /* @__PURE__ */ createHasher2(() => new SHA256());
+    sha2563 = /* @__PURE__ */ createHasher2(() => new SHA256());
     sha5122 = /* @__PURE__ */ createHasher2(() => new SHA512());
     sha3842 = /* @__PURE__ */ createHasher2(() => new SHA384());
   }
@@ -55649,14 +56592,14 @@ function hexToNumber3(hex3) {
   return hex3 === "" ? _0n2 : BigInt("0x" + hex3);
 }
 function bytesToNumberBE(bytes) {
-  return hexToNumber3(bytesToHex3(bytes));
+  return hexToNumber3(bytesToHex4(bytes));
 }
 function bytesToNumberLE2(bytes) {
   abytes3(bytes);
-  return hexToNumber3(bytesToHex3(Uint8Array.from(bytes).reverse()));
+  return hexToNumber3(bytesToHex4(Uint8Array.from(bytes).reverse()));
 }
 function numberToBytesBE2(n2, len) {
-  return hexToBytes3(n2.toString(16).padStart(len * 2, "0"));
+  return hexToBytes4(n2.toString(16).padStart(len * 2, "0"));
 }
 function numberToBytesLE2(n2, len) {
   return numberToBytesBE2(n2, len).reverse();
@@ -55665,7 +56608,7 @@ function ensureBytes(title, hex3, expectedLength) {
   let res;
   if (typeof hex3 === "string") {
     try {
-      res = hexToBytes3(hex3);
+      res = hexToBytes4(hex3);
     } catch (e) {
       throw new Error(title + " must be hex string or Uint8Array, cause: " + e);
     }
@@ -56693,7 +57636,7 @@ function edwards(params, extraOpts = {}) {
       return bytes;
     }
     toHex() {
-      return bytesToHex3(this.toBytes());
+      return bytesToHex4(this.toBytes());
     }
     toString() {
       return `<Point ${this.is0() ? "ZERO" : this.toHex()}>`;
@@ -56965,7 +57908,7 @@ var init_edwards = __esm({
         return this.ep.toAffine(invertedZ);
       }
       toHex() {
-        return bytesToHex3(this.toBytes());
+        return bytesToHex4(this.toBytes());
       }
       toString() {
         return this.toHex();
@@ -58766,7 +59709,7 @@ function weierstrassN(params, extraOpts = {}) {
       return encodePoint(Point, this, isCompressed);
     }
     toHex(isCompressed = true) {
-      return bytesToHex3(this.toBytes(isCompressed));
+      return bytesToHex4(this.toBytes(isCompressed));
     }
     toString() {
       return `<Point ${this.is0() ? "ZERO" : this.toHex()}>`;
@@ -59050,7 +59993,7 @@ function ecdsa(Point, hash2, ecdsaOpts = {}) {
       return new Signature(Fn3.fromBytes(r2), Fn3.fromBytes(s2), recid);
     }
     static fromHex(hex3, format) {
-      return this.fromBytes(hexToBytes3(hex3), format);
+      return this.fromBytes(hexToBytes4(hex3), format);
     }
     addRecoveryBit(recovery) {
       return new Signature(this.r, this.s, recovery);
@@ -59085,7 +60028,7 @@ function ecdsa(Point, hash2, ecdsaOpts = {}) {
     toBytes(format = defaultSigOpts_format) {
       validateSigFormat(format);
       if (format === "der")
-        return hexToBytes3(DER.hexFromSig(this));
+        return hexToBytes4(DER.hexFromSig(this));
       const r2 = Fn3.toBytes(this.r);
       const s2 = Fn3.toBytes(this.s);
       if (format === "recovered") {
@@ -59096,7 +60039,7 @@ function ecdsa(Point, hash2, ecdsaOpts = {}) {
       return concatBytes2(r2, s2);
     }
     toHex(format) {
-      return bytesToHex3(this.toBytes(format));
+      return bytesToHex4(this.toBytes(format));
     }
     // TODO: remove
     assertValidity() {
@@ -59114,13 +60057,13 @@ function ecdsa(Point, hash2, ecdsaOpts = {}) {
       return this.toBytes("der");
     }
     toDERHex() {
-      return bytesToHex3(this.toBytes("der"));
+      return bytesToHex4(this.toBytes("der"));
     }
     toCompactRawBytes() {
       return this.toBytes("compact");
     }
     toCompactHex() {
-      return bytesToHex3(this.toBytes("compact"));
+      return bytesToHex4(this.toBytes("compact"));
     }
   }
   const bits2int = ecdsaOpts.bits2int || function bits2int_def(bytes) {
@@ -59499,7 +60442,7 @@ var init_nist = __esm({
     Fp256 = Field(p256_CURVE.p);
     Fp384 = Field(p384_CURVE.p);
     Fp521 = Field(p521_CURVE.p);
-    p256 = createCurve({ ...p256_CURVE, Fp: Fp256, lowS: false }, sha2562);
+    p256 = createCurve({ ...p256_CURVE, Fp: Fp256, lowS: false }, sha2563);
     p256_hasher = /* @__PURE__ */ (() => {
       return createHasher3(p256.Point, createSWU(p256.Point, {
         A: p256_CURVE.a,
@@ -59512,7 +60455,7 @@ var init_nist = __esm({
         m: 1,
         k: 128,
         expand: "xmd",
-        hash: sha2562
+        hash: sha2563
       });
     })();
     p384 = createCurve({ ...p384_CURVE, Fp: Fp384, lowS: false }, sha3842);
@@ -60020,7 +60963,7 @@ var init_u643 = __esm({
 });
 
 // ../crypto/node_modules/@noble/hashes/sha2.js
-var SHA256_K2, SHA256_W2, SHA2_32B, _SHA256, K5122, SHA512_Kh2, SHA512_Kl2, SHA512_W_H2, SHA512_W_L2, SHA2_64B, _SHA512, _SHA384, sha2563, sha5123, sha3843;
+var SHA256_K2, SHA256_W2, SHA2_32B, _SHA256, K5122, SHA512_Kh2, SHA512_Kl2, SHA512_W_H2, SHA512_W_L2, SHA2_64B, _SHA512, _SHA384, sha2564, sha5123, sha3843;
 var init_sha23 = __esm({
   "../crypto/node_modules/@noble/hashes/sha2.js"() {
     init_md3();
@@ -60393,7 +61336,7 @@ var init_sha23 = __esm({
         super(48);
       }
     };
-    sha2563 = /* @__PURE__ */ createHasher4(
+    sha2564 = /* @__PURE__ */ createHasher4(
       () => new _SHA256(),
       /* @__PURE__ */ oidNist2(1)
     );
@@ -60491,7 +61434,7 @@ function makeHashImpl2(h2) {
     async digest(data) {
       switch (h2) {
         case "SHA-256":
-          return sha2563(data);
+          return sha2564(data);
         case "SHA-384":
           return sha3843(data);
         case "SHA-512":
@@ -60503,7 +61446,7 @@ function makeHashImpl2(h2) {
     async mac(key, data) {
       switch (h2) {
         case "SHA-256":
-          return hmac3(sha2563, key, data);
+          return hmac3(sha2564, key, data);
         case "SHA-384":
           return hmac3(sha3843, key, data);
         case "SHA-512":
@@ -61670,6 +62613,92 @@ var init_mls_group = __esm({
 });
 
 // ../crypto/dist/index.js
+var dist_exports = {};
+__export(dist_exports, {
+  AV_CREDENTIAL_CONTEXT: () => AV_CREDENTIAL_CONTEXT,
+  CRYPTOSUITE: () => CRYPTOSUITE,
+  DOMAIN_DID_DOCUMENT: () => DOMAIN_DID_DOCUMENT,
+  DOMAIN_TRANSFER_ACCEPT: () => DOMAIN_TRANSFER_ACCEPT,
+  DOMAIN_TRANSFER_INTENT: () => DOMAIN_TRANSFER_INTENT,
+  DoubleRatchet: () => DoubleRatchet,
+  MLSGroupManager: () => MLSGroupManager,
+  ScanEngine: () => ScanEngine,
+  TelemetryReporter: () => TelemetryReporter,
+  VC_CONTEXT_V2: () => VC_CONTEXT_V2,
+  base64ToBytes: () => base64ToBytes,
+  buildA2aSpan: () => buildA2aSpan,
+  buildActionSpan: () => buildActionSpan,
+  buildAgentTrustCredential: () => buildAgentTrustCredential,
+  buildAgentTrustReportCredential: () => buildAgentTrustReportCredential,
+  buildCapabilitySpan: () => buildCapabilitySpan,
+  buildDecisionSpan: () => buildDecisionSpan,
+  buildDidDocument: () => buildDidDocument,
+  buildEnrollmentSpan: () => buildEnrollmentSpan,
+  buildErrorSpan: () => buildErrorSpan,
+  buildEvalRunSpan: () => buildEvalRunSpan,
+  buildEvalSpan: () => buildEvalSpan,
+  buildForgeSpan: () => buildForgeSpan,
+  buildHttpSpan: () => buildHttpSpan,
+  buildLlmSpan: () => buildLlmSpan,
+  buildNavSpan: () => buildNavSpan,
+  buildPerformanceRecord: () => buildPerformanceRecord,
+  buildPolicyViolationSpan: () => buildPolicyViolationSpan,
+  buildResyncSpan: () => buildResyncSpan,
+  buildRoomSpan: () => buildRoomSpan,
+  buildScanSpan: () => buildScanSpan,
+  buildSkillAttestation: () => buildSkillAttestation,
+  buildSkillInvocationSpan: () => buildSkillInvocationSpan,
+  buildTaskSpan: () => buildTaskSpan,
+  buildToolSpan: () => buildToolSpan,
+  buildTraceparent: () => buildTraceparent,
+  buildTrustSpan: () => buildTrustSpan,
+  buildVerifiablePresentation: () => buildVerifiablePresentation,
+  buildWorkspaceSpan: () => buildWorkspaceSpan,
+  bytesToBase64: () => bytesToBase64,
+  bytesToHex: () => bytesToHex2,
+  canonicalize: () => canonicalize,
+  computeDidHash: () => computeDidHash,
+  computeFileDigest: () => computeFileDigest,
+  computeFingerprint: () => computeFingerprint,
+  createApprovalArtifact: () => createApprovalArtifact,
+  createProofOfPossession: () => createProofOfPossession,
+  decryptBackup: () => decryptBackup,
+  decryptFile: () => decryptFile,
+  deriveBackupKey: () => deriveBackupKey,
+  encryptBackup: () => encryptBackup,
+  encryptBackupWithKey: () => encryptBackupWithKey,
+  encryptFile: () => encryptFile,
+  encryptedMessageToHexTransport: () => encryptedMessageToHexTransport,
+  encryptedMessageToTransport: () => encryptedMessageToTransport,
+  encryptedMessageToTransportV2: () => encryptedMessageToTransportV2,
+  encryptedMessageToTransportV2Full: () => encryptedMessageToTransportV2Full,
+  formatBackupCode: () => formatBackupCode,
+  generateBackupCode: () => generateBackupCode,
+  generateEphemeralKeypair: () => generateEphemeralKeypair,
+  generateIdentityKeypair: () => generateIdentityKeypair,
+  hashBackupCode: () => hashBackupCode,
+  hexToBytes: () => hexToBytes2,
+  hexTransportToEncryptedMessage: () => hexTransportToEncryptedMessage,
+  issueCredential: () => issueCredential,
+  multibaseToPublicKey: () => multibaseToPublicKey,
+  normalizeBackupCode: () => normalizeBackupCode,
+  parseTraceparent: () => parseTraceparent,
+  performX3DH: () => performX3DH,
+  presentCredentials: () => presentCredentials,
+  propagateContext: () => propagateContext,
+  publicKeyToMultibase: () => publicKeyToMultibase,
+  signDocument: () => signDocument,
+  signWithDataIntegrity: () => signWithDataIntegrity,
+  spanToTraceContext: () => spanToTraceContext,
+  spanToW3CHeaders: () => spanToW3CHeaders,
+  transportToEncryptedMessage: () => transportToEncryptedMessage,
+  transportV2ToEncryptedMessage: () => transportV2ToEncryptedMessage,
+  verifyApprovalArtifact: () => verifyApprovalArtifact,
+  verifyDataIntegrity: () => verifyDataIntegrity,
+  verifyDocumentSignature: () => verifyDocumentSignature,
+  verifyMerkleProof: () => verifyMerkleProof,
+  verifyProofOfPossession: () => verifyProofOfPossession
+});
 var init_dist = __esm({
   async "../crypto/dist/index.js"() {
     "use strict";
@@ -61960,7 +62989,7 @@ async function uploadBackupToServer(state, backupCode, apiUrl, deviceJwt) {
     },
     body: JSON.stringify({
       backup_blob: bytesToBase64(encrypted),
-      backup_code_hash: bytesToHex(codeHash)
+      backup_code_hash: bytesToHex2(codeHash)
     })
   });
   if (!resp.ok) {
@@ -62604,6 +63633,8 @@ var init_channel = __esm({
       _mlsGroups = /* @__PURE__ */ new Map();
       /** Cached MLS KeyPackage bundle for this device (regenerated on each connect). */
       _mlsKeyPackage = null;
+      /** Pending KeyPackage bundle from request-Welcome flow (used by _handleMlsWelcome). */
+      _pendingMlsKpBundle;
       /** In-memory credential store for renter-provided credentials (never persisted). */
       _credentialStore = new CredentialStore();
       /** Dedup buffer for A2A message IDs (prevents double-delivery via direct + Redis) */
@@ -64040,9 +65071,9 @@ var init_channel = __esm({
           const result = await enrollDevice(
             this.config.apiUrl,
             this.config.inviteToken,
-            bytesToHex(identity.publicKey),
-            bytesToHex(ephemeral.publicKey),
-            bytesToHex(proof),
+            bytesToHex2(identity.publicKey),
+            bytesToHex2(ephemeral.publicKey),
+            bytesToHex2(proof),
             this.config.platform
           );
           this._deviceId = result.device_id;
@@ -64056,12 +65087,12 @@ var init_channel = __esm({
             sessions: {},
             // populated after activation
             identityKeypair: {
-              publicKey: bytesToHex(identity.publicKey),
-              privateKey: bytesToHex(identity.privateKey)
+              publicKey: bytesToHex2(identity.publicKey),
+              privateKey: bytesToHex2(identity.privateKey)
             },
             ephemeralKeypair: {
-              publicKey: bytesToHex(ephemeral.publicKey),
-              privateKey: bytesToHex(ephemeral.privateKey)
+              publicKey: bytesToHex2(ephemeral.publicKey),
+              privateKey: bytesToHex2(ephemeral.privateKey)
             },
             fingerprint: result.fingerprint,
             messageHistory: []
@@ -64124,17 +65155,17 @@ var init_channel = __esm({
             const ownerIdentityKey = conv.owner_identity_public_key || result.owner_identity_public_key;
             const ownerEphemeralKey = conv.owner_ephemeral_public_key || result.owner_ephemeral_public_key || ownerIdentityKey;
             const sharedSecret = performX3DH({
-              myIdentityPrivate: hexToBytes(identity.privateKey),
-              myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-              theirIdentityPublic: hexToBytes(ownerIdentityKey),
-              theirEphemeralPublic: hexToBytes(ownerEphemeralKey),
+              myIdentityPrivate: hexToBytes2(identity.privateKey),
+              myEphemeralPrivate: hexToBytes2(ephemeral.privateKey),
+              theirIdentityPublic: hexToBytes2(ownerIdentityKey),
+              theirEphemeralPublic: hexToBytes2(ownerEphemeralKey),
               isInitiator: false
             });
             const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
-              publicKey: hexToBytes(identity.publicKey),
-              privateKey: hexToBytes(identity.privateKey),
+              publicKey: hexToBytes2(identity.publicKey),
+              privateKey: hexToBytes2(identity.privateKey),
               keyType: "ed25519"
-            }, hexToBytes(ownerIdentityKey));
+            }, hexToBytes2(ownerIdentityKey));
             this._sessions.set(conv.conversation_id, {
               ownerDeviceId: conv.owner_device_id,
               ratchet,
@@ -65260,19 +66291,19 @@ ${messageText}`;
           const identity = this._persisted.identityKeypair;
           const ephemeral = this._persisted.ephemeralKeypair;
           const sharedSecret = performX3DH({
-            myIdentityPrivate: hexToBytes(identity.privateKey),
-            myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-            theirIdentityPublic: hexToBytes(event.owner_identity_public_key),
-            theirEphemeralPublic: hexToBytes(
+            myIdentityPrivate: hexToBytes2(identity.privateKey),
+            myEphemeralPrivate: hexToBytes2(ephemeral.privateKey),
+            theirIdentityPublic: hexToBytes2(event.owner_identity_public_key),
+            theirEphemeralPublic: hexToBytes2(
               event.owner_ephemeral_public_key ?? event.owner_identity_public_key
             ),
             isInitiator: false
           });
           const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
-            publicKey: hexToBytes(identity.publicKey),
-            privateKey: hexToBytes(identity.privateKey),
+            publicKey: hexToBytes2(identity.publicKey),
+            privateKey: hexToBytes2(identity.privateKey),
             keyType: "ed25519"
-          }, hexToBytes(event.owner_identity_public_key));
+          }, hexToBytes2(event.owner_identity_public_key));
           this._sessions.set(event.conversation_id, {
             ownerDeviceId: event.owner_device_id,
             ratchet,
@@ -65319,17 +66350,17 @@ ${messageText}`;
           const identity = this._persisted.identityKeypair;
           const ephemeral = this._persisted.ephemeralKeypair;
           const sharedSecret = performX3DH({
-            myIdentityPrivate: hexToBytes(identity.privateKey),
-            myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-            theirIdentityPublic: hexToBytes(data.identity_public_key),
-            theirEphemeralPublic: hexToBytes(data.ephemeral_public_key),
+            myIdentityPrivate: hexToBytes2(identity.privateKey),
+            myEphemeralPrivate: hexToBytes2(ephemeral.privateKey),
+            theirIdentityPublic: hexToBytes2(data.identity_public_key),
+            theirEphemeralPublic: hexToBytes2(data.ephemeral_public_key),
             isInitiator: false
           });
           const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
-            publicKey: hexToBytes(identity.publicKey),
-            privateKey: hexToBytes(identity.privateKey),
+            publicKey: hexToBytes2(identity.publicKey),
+            privateKey: hexToBytes2(identity.privateKey),
             keyType: "ed25519"
-          }, hexToBytes(data.identity_public_key));
+          }, hexToBytes2(data.identity_public_key));
           const existingSession = this._sessions.get(convId);
           const existingPersisted = this._persisted.sessions[convId];
           const ownerDeviceId = data.sender_device_id ?? existingSession?.ownerDeviceId ?? "";
@@ -65489,7 +66520,28 @@ ${messageText}`;
         const mlsGroup = this._mlsGroups.get(resolvedRoomId);
         console.log(`[SecureChannel] MLS decrypt attempt room=${resolvedRoomId.slice(0, 8)} group=${groupId?.slice(0, 8)} loaded=${!!mlsGroup} init=${mlsGroup?.isInitialized} mlsGroupsKeys=[${Array.from(this._mlsGroups.keys()).join(",")}]`);
         if (!mlsGroup?.isInitialized) {
-          console.warn(`[SecureChannel] MLS group not loaded for room ${resolvedRoomId.slice(0, 8)}`);
+          console.warn(`[SecureChannel] MLS group not loaded for room ${resolvedRoomId.slice(0, 8)}, requesting Welcome`);
+          try {
+            const { MLSGroupManager: MLS } = await init_dist().then(() => dist_exports);
+            const mgr = new MLS();
+            const kp = await mgr.generateKeyPackage(new TextEncoder().encode(this._deviceId));
+            const kpBytes = MLS.serializeKeyPackage(kp.publicPackage);
+            const kpHex = Buffer.from(kpBytes).toString("hex");
+            await fetch(`${this.config.apiUrl}/api/v1/mls/key-packages`, {
+              method: "POST",
+              headers: { Authorization: `Bearer ${this._deviceJwt}`, "Content-Type": "application/json" },
+              body: JSON.stringify({ key_package: kpHex, device_id: this._deviceId })
+            });
+            this._pendingMlsKpBundle = kp;
+            await fetch(`${this.config.apiUrl}/api/v1/mls/groups/${groupId}/request-welcome`, {
+              method: "POST",
+              headers: { Authorization: `Bearer ${this._deviceJwt}`, "Content-Type": "application/json" },
+              body: JSON.stringify({ device_id: this._deviceId })
+            });
+            console.log(`[SecureChannel] Welcome requested for room ${resolvedRoomId.slice(0, 8)} group ${groupId?.slice(0, 8)}`);
+          } catch (reqErr) {
+            console.warn(`[SecureChannel] Welcome request failed for room ${resolvedRoomId.slice(0, 8)}:`, reqErr);
+          }
           return;
         }
         try {
@@ -65590,7 +66642,7 @@ ${messageText}`;
         try {
           const welcomeBytes = new Uint8Array(Buffer.from(data.payload, "hex"));
           const mgr = new MLSGroupManager();
-          const kp = this._mlsKeyPackage ?? await (async () => {
+          const kp = this._pendingMlsKpBundle ?? this._mlsKeyPackage ?? await (async () => {
             const identity = new TextEncoder().encode(this._deviceId);
             return mgr.generateKeyPackage(identity);
           })();
@@ -65607,11 +66659,15 @@ ${messageText}`;
             console.log(`[SecureChannel] Joined 1:1 MLS group for conv ${conversationId.slice(0, 8)} via Welcome (epoch=${mgr.epoch})`);
             return;
           }
+          const welcomeRoomId = data.room_id;
           for (const [roomId, room] of Object.entries(this._persisted?.rooms ?? {})) {
-            if (room.mlsGroupId === groupId) {
+            if (room.mlsGroupId === groupId || roomId === welcomeRoomId) {
+              room.mlsGroupId = groupId;
               this._mlsGroups.set(roomId, mgr);
               await saveMlsState(this.config.dataDir, groupId, JSON.stringify(mgr.exportState()));
+              await this._persistState();
               console.log(`[SecureChannel] Joined MLS group for room ${roomId.slice(0, 8)} via Welcome (epoch=${mgr.epoch})`);
+              this._pendingMlsKpBundle = void 0;
               return;
             }
           }