@aithos/sdk 0.1.0-alpha.2 → 0.1.0-alpha.21

package/dist/src/compute.js

@@ -4,8 +4,8 @@
 //
 // Wraps the JSON-RPC + signed-envelope protocol of `compute.aithos.be`
 // behind an ergonomic method on the SDK. Internally builds a §11 envelope
-// signed with the user's public-sphere key and posts it to
-// `${compute}/v1/invoke`.
+// signed with the user's public-sphere key (read from
+// {@link AithosAuth} at call time) and posts it to `${compute}/v1/invoke`.
 //
 // Server-side guarantees (enforced by the proxy, not by this lib):
 //   - Envelope signature verified against the user's `did.json`.
@@ -18,11 +18,13 @@
 // tool calling on the proxy) will land in a follow-up.
 import { buildSignedEnvelope, } from "@aithos/protocol-client";
 import { computeInvokeUrl, } from "./endpoints.js";
+import { delegateKeyPair, ownerKeyPair, } from "./internal/protocol-client-bridge.js";
 import { AithosSDKError } from "./types.js";
 /**
  * `sdk.compute` namespace. Constructed once by the {@link AithosSDK}
- * constructor; all calls share the SDK's identity, app DID, and endpoint
- * configuration.
+ * constructor; reads the active owner from the supplied
+ * {@link AithosAuth} on every call so signing material follows the
+ * latest sign-in/sign-out state.
  */
 export class ComputeNamespace {
     #deps;
@@ -33,17 +35,38 @@ export class ComputeNamespace {
      * Invoke a Bedrock model through the compute proxy. See
      * {@link InvokeBedrockArgs} and {@link InvokeBedrockResult}.
      *
+     * Two signer paths are supported:
+     *
+     *   - **Owner**: when the caller is signed in as an owner, the
+     *     envelope is signed with the owner's `#public` sphere key and
+     *     no mandate is attached (the proxy resolves the mandate
+     *     server-side from `params.mandate_id`).
+     *   - **Delegate**: when the caller is delegate-only (mandate
+     *     imported via `auth.importMandate`), the envelope is signed
+     *     with the delegate's bound keypair and the full SignedMandate
+     *     is attached so the proxy can verify both signature and
+     *     authorisation in one pass. The mandate must carry the
+     *     `compute.invoke` scope and the proxy enforces its constraints
+     *     (caps, allowed models, …) at server-side.
+     *
+     * Owner takes precedence: if a session has BOTH an owner and a
+     * matching delegate session, we use the owner key (more flexible —
+     * the mandate is dereferenced via `mandate_id` and there's no
+     * lifetime cliff if the delegate seed has been wiped).
+     *
      * @throws {AithosSDKError} on protocol errors. The `code` field is one of
-     *   `network`, `http`, `empty`, or any code returned by the proxy
-     *   (`quota_exceeded`, `mandate_revoked`, `insufficient_credits`, …).
+     *   `sdk_no_signer`, `sdk_no_delegate_for_mandate`, `network`, `http`,
+     *   `empty`, or any code returned by the proxy (`quota_exceeded`,
+     *   `mandate_revoked`, `insufficient_credits`, …).
      */
     async invokeBedrock(args) {
-        const { identity, appDid, endpoints, fetch: fetchImpl } = this.#deps;
+        const { endpoints, fetch: fetchImpl } = this.#deps;
+        const choice = this.#resolveSigner(args.mandateId);
         const url = computeInvokeUrl(endpoints);
         const idempotencyKey = args.idempotencyKey ?? generateIdempotencyKey();
         const params = {
-            app_did: appDid,
-            mandate_id: args.mandateId,
+            app_did: this.#deps.appDid,
+            mandate_id: this.#resolveMandateIdForWire(args.mandateId, choice),
             model: args.model,
             messages: args.messages,
             idempotency_key: idempotencyKey,
@@ -54,13 +77,328 @@ export class ComputeNamespace {
             params.max_tokens = args.maxTokens;
         if (args.temperature !== undefined)
             params.temperature = args.temperature;
+        return await this.#signAndPost({
+            url,
+            method: "aithos.compute_invoke",
+            params,
+            choice,
+            fetchImpl,
+            signal: args.signal,
+        });
+    }
+    /**
+     * Multimodal Bedrock invoke — image + text → text response.
+     * Default model: `claude-sonnet-4-6` (vision-capable, reliable JSON).
+     *
+     * Use when you need a VLM to reason about an image: locating
+     * features, structured extraction, semantic Q&A. Prompt the model
+     * to return JSON if you need structured output (the API itself is
+     * unstructured).
+     */
+    async invokeBedrockVision(args) {
+        const { endpoints, fetch: fetchImpl } = this.#deps;
+        const choice = this.#resolveSigner(args.mandateId);
+        let imageBase64;
+        let imageContentType;
+        if ("base64" in args.image) {
+            imageBase64 = args.image.base64;
+            imageContentType = args.image.contentType;
+        }
+        else {
+            const buf = await args.image.arrayBuffer();
+            imageBase64 = arrayBufferToBase64(buf);
+            imageContentType = args.image.type || "image/png";
+        }
+        const url = computeInvokeUrl(endpoints);
+        const idempotencyKey = args.idempotencyKey ?? generateIdempotencyKey();
+        const model = args.model ?? "claude-sonnet-4-6";
+        const params = {
+            app_did: this.#deps.appDid,
+            mandate_id: this.#resolveMandateIdForWire(args.mandateId, choice),
+            model,
+            image_base64: imageBase64,
+            image_content_type: imageContentType,
+            prompt: args.prompt,
+            idempotency_key: idempotencyKey,
+        };
+        if (args.system !== undefined)
+            params.system = args.system;
+        if (args.maxTokens !== undefined)
+            params.max_tokens = args.maxTokens;
+        if (args.temperature !== undefined)
+            params.temperature = args.temperature;
+        return await this.#signAndPost({
+            url,
+            method: "aithos.compute_invoke_bedrock_vision",
+            params,
+            choice,
+            fetchImpl,
+            signal: args.signal,
+        });
+    }
+    /**
+     * Generate one or more images through the Aithos compute proxy
+     * (currently powered by fal.ai FLUX models). Spec mirror of
+     * {@link invokeBedrock}: same envelope, same wallet path, same
+     * mandate-scope gate (`compute.invoke` + `allowed_models`). The
+     * separation at the JSON-RPC method level (`aithos.compute_invoke_image`
+     * vs `aithos.compute_invoke`) commits each envelope to a specific
+     * modality so a stolen text-invoke envelope cannot be replayed
+     * against the image endpoint.
+     *
+     * Default model: `"image:flux-pro-1.1"`. Default aspect ratio: 1:1.
+     * Default count: 1 image.
+     *
+     * Pricing is per image and deterministic (no token-based reconcile):
+     *   - flux-schnell:        3 000 mc + fee per image
+     *   - flux-dev:           25 000 mc + fee per image
+     *   - flux-pro-1.1:       40 000 mc + fee per image
+     *   - flux-pro-1.1-ultra: 60 000 mc + fee per image
+     */
+    async invokeImage(args) {
+        const { endpoints, fetch: fetchImpl } = this.#deps;
+        const choice = this.#resolveSigner(args.mandateId);
+        const url = computeInvokeUrl(endpoints);
+        const idempotencyKey = args.idempotencyKey ?? generateIdempotencyKey();
+        // Default is Imagen 4 since alpha.17 — flat-illustration style is
+        // the right match for brand-mascot use cases. FLUX Pro 1.1 remains
+        // available via explicit `model: "image:flux-pro-1.1"`.
+        const model = args.model ?? "image:imagen-4";
+        const params = {
+            app_did: this.#deps.appDid,
+            mandate_id: this.#resolveMandateIdForWire(args.mandateId, choice),
+            model,
+            prompt: args.prompt,
+            idempotency_key: idempotencyKey,
+        };
+        if (args.negativePrompt !== undefined)
+            params.negative_prompt = args.negativePrompt;
+        if (args.aspectRatio !== undefined)
+            params.aspect_ratio = args.aspectRatio;
+        if (args.seed !== undefined)
+            params.seed = args.seed;
+        if (args.numberOfImages !== undefined)
+            params.number_of_images = args.numberOfImages;
+        return await this.#signAndPost({
+            url,
+            method: "aithos.compute_invoke_image",
+            params,
+            choice,
+            fetchImpl,
+            signal: args.signal,
+        });
+    }
+    /**
+     * Run text-prompted segmentation (Florence-2 referring-expression)
+     * on a source image. Returns one or more polygons hugging the
+     * region matching the text prompt.
+     *
+     * Use cases: locate the chest/torso area of a generated mascot
+     * for logo compositing, find the face zone for a thumbnail crop,
+     * extract a product from a marketing shot — anything that needs
+     * a precise mask + bbox from natural-language description.
+     *
+     * Pricing: flat 5 000 mc per call (~$0.005 — Florence-2 is cheap).
+     */
+    async invokeSegmentation(args) {
+        const { endpoints, fetch: fetchImpl } = this.#deps;
+        const choice = this.#resolveSigner(args.mandateId);
+        // Normalize image input to base64 + content type.
+        let imageBase64;
+        let imageContentType;
+        if ("base64" in args.image) {
+            imageBase64 = args.image.base64;
+            imageContentType = args.image.contentType;
+        }
+        else {
+            const buf = await args.image.arrayBuffer();
+            imageBase64 = arrayBufferToBase64(buf);
+            imageContentType = args.image.type || "image/png";
+        }
+        const url = computeInvokeUrl(endpoints);
+        const idempotencyKey = args.idempotencyKey ?? generateIdempotencyKey();
+        const params = {
+            app_did: this.#deps.appDid,
+            mandate_id: this.#resolveMandateIdForWire(args.mandateId, choice),
+            image_base64: imageBase64,
+            image_content_type: imageContentType,
+            text_input: args.textInput,
+            idempotency_key: idempotencyKey,
+        };
+        return await this.#signAndPost({
+            url,
+            method: "aithos.compute_invoke_segmentation",
+            params,
+            choice,
+            fetchImpl,
+            signal: args.signal,
+        });
+    }
+    /**
+     * Fetch one or more URLs and have Claude analyze the content. Routes
+     * through `api.anthropic.com` with the `web_fetch` server-side tool —
+     * NOT through Bedrock — because Bedrock does not expose Anthropic's
+     * server-side tools (web_fetch, web_search, etc.). The proxy hides
+     * this multi-backend detail from the SDK consumer; the wallet,
+     * envelope, and mandate-scope contracts are unchanged.
+     *
+     * Typical use:
+     * ```ts
+     * const r = await sdk.compute.invokeUrlFetch({
+     *   prompt: "Voici l'URL https://tata.com — résume le service, " +
+     *           "identifie le style et la couleur primaire. JSON.",
+     * });
+     * console.log(r.content);
+     * for (const c of r.citations) console.log(c.url, "→", c.citedText);
+     * ```
+     *
+     * Mandate scope: requires `compute.url_fetch` (distinct from
+     * `compute.invoke` — see {@link InvokeUrlFetchArgs.mandateId}).
+     *
+     * Pricing: same Claude 4.x rates as Bedrock (Anthropic's direct API
+     * and Bedrock list prices are identical). Default Haiku 4.5 ≈
+     * $0.001/1k input + $0.005/1k output. The proxy pre-debits a
+     * conservative upper bound (`maxFetches × maxContentTokens × input
+     * rate + maxTokens × output rate`) and reconciles down to the actual
+     * usage Anthropic reports — so the wallet is always charged the
+     * exact post-call cost.
+     *
+     * @throws {AithosSDKError} on protocol errors. Notable codes:
+     *   `sdk_no_signer`, `sdk_no_delegate_for_mandate`, `network`,
+     *   `http`, `empty`, plus proxy codes `-32042` (mandate scope
+     *   missing), `-32070`/`-32071` (wallet), `-32074` (fetch blocked
+     *   by robots.txt / domain filter), `-32050` (rate limit).
+     */
+    async invokeUrlFetch(args) {
+        const { endpoints, fetch: fetchImpl } = this.#deps;
+        const choice = this.#resolveSigner(args.mandateId);
+        const url = computeInvokeUrl(endpoints);
+        const idempotencyKey = args.idempotencyKey ?? generateIdempotencyKey();
+        const model = args.model ?? "claude-haiku-4-5";
+        const params = {
+            app_did: this.#deps.appDid,
+            mandate_id: this.#resolveMandateIdForWire(args.mandateId, choice),
+            model,
+            prompt: args.prompt,
+            idempotency_key: idempotencyKey,
+        };
+        if (args.system !== undefined)
+            params.system = args.system;
+        if (args.maxTokens !== undefined)
+            params.max_tokens = args.maxTokens;
+        if (args.temperature !== undefined)
+            params.temperature = args.temperature;
+        if (args.maxFetches !== undefined)
+            params.max_fetches = args.maxFetches;
+        if (args.maxContentTokens !== undefined) {
+            params.max_content_tokens = args.maxContentTokens;
+        }
+        if (args.citations !== undefined)
+            params.citations = args.citations;
+        if (args.allowedDomains !== undefined && args.allowedDomains.length > 0) {
+            params.allowed_domains = args.allowedDomains;
+        }
+        if (args.blockedDomains !== undefined && args.blockedDomains.length > 0) {
+            params.blocked_domains = args.blockedDomains;
+        }
+        return await this.#signAndPost({
+            url,
+            method: "aithos.compute_invoke_url_fetch",
+            params,
+            choice,
+            fetchImpl,
+            signal: args.signal,
+        });
+    }
+    /**
+     * Resolve the active signer (owner takes precedence over delegate).
+     *
+     * - When an owner is signed in: returns the owner-signer regardless
+     *   of `mandateId` (the proxy ignores params.mandate_id on
+     *   owner-signed envelopes, so owners can omit it).
+     * - When delegate-only: requires `mandateId` to find the matching
+     *   imported bundle. Throws `sdk_no_delegate_for_mandate` if absent
+     *   or no match.
+     */
+    #resolveSigner(mandateId) {
+        const { auth } = this.#deps;
+        const owner = auth._getOwnerSigners();
+        const ownerLoaded = owner !== null && !owner.destroyed;
+        if (ownerLoaded) {
+            const publicKp = ownerKeyPair(owner, "public");
+            return {
+                kind: "owner",
+                iss: owner.did,
+                verificationMethod: `${owner.did}#public`,
+                signer: publicKp,
+                mandate: undefined,
+            };
+        }
+        if (mandateId === undefined || mandateId.length === 0) {
+            throw new AithosSDKError("sdk_no_signer", "no owner signed in and no mandateId provided — pass a mandateId for a delegate session, or sign in as an owner first.");
+        }
+        const actor = auth._getDelegateActor(mandateId);
+        if (!actor || actor.destroyed) {
+            throw new AithosSDKError("sdk_no_delegate_for_mandate", `no owner signed in and no imported delegate mandate matches '${mandateId}'. Sign in as an owner, or import a delegate bundle for that mandate via auth.importMandate.`);
+        }
+        const kp = delegateKeyPair(actor);
+        return {
+            kind: "delegate",
+            iss: actor.subjectDid,
+            verificationMethod: actor.granteePubkeyMultibase,
+            signer: kp,
+            // The DelegateActor stores the SignedMandate as a structurally
+            // opaque object so the SDK doesn't have to import the
+            // protocol-client type at the storage boundary. Round-trip
+            // through `unknown` for the TS cast — at runtime the bytes are
+            // the canonical SignedMandate the bundle parser already
+            // validated.
+            mandate: actor.mandate,
+        };
+    }
+    /**
+     * Resolve the `mandate_id` value the SDK writes into the JSON-RPC
+     * params for the wire. The proxy requires this field to be a
+     * non-empty string but only consults it for the delegate path —
+     * for owner-signed envelopes it's audit-log metadata, with no
+     * security implication.
+     *
+     * Strategy:
+     *   - Caller-provided id always wins (owner who wants to attribute
+     *     to a specific minted mandate can still pass it).
+     *   - Delegate path: the choice carries the real mandate.id — use it
+     *     so a delegate cannot accidentally lie about which mandate
+     *     it claims to spend under.
+     *   - Owner path with no explicit id: use the owner DID followed
+     *     by `#self` — a stable sentinel that's unambiguously not a
+     *     real mandate id (mandate ids are ULIDs).
+     */
+    #resolveMandateIdForWire(explicit, choice) {
+        if (explicit && explicit.length > 0)
+            return explicit;
+        if (choice.kind === "delegate")
+            return choice.mandate.id;
+        // Owner-direct sentinel. The proxy never inspects this value
+        // beyond non-empty-string validation when no mandate is attached.
+        return `${choice.iss}#self`;
+    }
+    /**
+     * Sign the params with the resolved signer and POST a JSON-RPC
+     * request. Shared between `invokeBedrock` and `invokeImage` — the
+     * only difference between those two is the method name and the
+     * params shape; the envelope construction + transport + error
+     * mapping is identical.
+     */
+    async #signAndPost(opts) {
+        const { url, method, params, choice, fetchImpl, signal } = opts;
         const envelope = buildSignedEnvelope({
-            iss: identity.did,
+            iss: choice.iss,
             aud: url,
-            method: "aithos.compute_invoke",
-            verificationMethod: `${identity.did}#public`,
+            method,
+            verificationMethod: choice.verificationMethod,
             params,
-            signer: identity.public,
+            signer: choice.signer,
+            ...(choice.kind === "delegate" ? { mandate: choice.mandate } : {}),
         });
         let res;
         try {
@@ -69,11 +407,11 @@ export class ComputeNamespace {
                 headers: { "content-type": "application/json" },
                 body: JSON.stringify({
                     jsonrpc: "2.0",
-                    id: "aithos.compute_invoke",
-                    method: "aithos.compute_invoke",
+                    id: method,
+                    method,
                     params: { ...params, _envelope: envelope },
                 }),
-                ...(args.signal ? { signal: args.signal } : {}),
+                ...(signal ? { signal } : {}),
             });
         }
         catch (e) {
@@ -101,4 +439,19 @@ function generateIdempotencyKey() {
     }
     return hex;
 }
+/**
+ * Encode an ArrayBuffer as base64 in environments where `Buffer` is
+ * not available (browser). Uses btoa over a binary string — safe for
+ * the small payload sizes the SDK deals with (≤ a few MB).
+ */
+function arrayBufferToBase64(buf) {
+    const bytes = new Uint8Array(buf);
+    let bin = "";
+    // Process in chunks to avoid stack overflow on String.fromCharCode.apply
+    const CHUNK = 0x8000;
+    for (let i = 0; i < bytes.length; i += CHUNK) {
+        bin += String.fromCharCode.apply(null, Array.from(bytes.subarray(i, i + CHUNK)));
+    }
+    return btoa(bin);
+}
 //# sourceMappingURL=compute.js.map

package/dist/src/ethos.d.ts

@@ -1,2 +1,165 @@
-export { parsePublicZone, type ParsedZone, loadEditSnapshot, publishZoneEdit, publishPublicZoneAsDelegate, publishPrivateZoneAsDelegate, type EditSnapshot, type AddSectionInput, type ModifySectionInput, type PublishEditArgs, type PublishEditResult, addSectionToList, modifySectionInList, deleteSectionFromList, buildSignedFirstEdition, buildSignedNextEdition, type ZoneDoc, type ZoneManifest, type Section, SPHERES, type Sphere, } from "@aithos/protocol-client";
+import { type Section } from "@aithos/protocol-client";
+import type { AithosAuth } from "./auth.js";
+import type { AithosSdkEndpoints } from "./endpoints.js";
+import type { DelegateActor } from "./internal/delegate-state.js";
+import type { OwnerSigners } from "./internal/owner-signers.js";
+export type ZoneName = "public" | "circle" | "self";
+export declare const ZONE_NAMES: readonly ZoneName[];
+export interface AddSectionInput {
+    readonly title: string;
+    readonly body: string;
+    readonly tags?: readonly string[];
+}
+export interface UpdateSectionPatch {
+    readonly title?: string;
+    readonly body?: string;
+    readonly tags?: readonly string[];
+}
+export type StagedChange = {
+    readonly kind: "add";
+    readonly zone: ZoneName;
+    readonly section: Section;
+} | {
+    readonly kind: "update";
+    readonly zone: ZoneName;
+    readonly sectionId: string;
+    readonly patch: UpdateSectionPatch;
+} | {
+    readonly kind: "delete";
+    readonly zone: ZoneName;
+    readonly sectionId: string;
+};
+export interface PublishResult {
+    /** New manifest height after publish. */
+    readonly editionHeight: number;
+    /** SHA-256 hex of the canonical manifest. */
+    readonly manifestHash: string;
+    /** DID of the subject we published for. */
+    readonly subjectDid: string;
+    /** Zones whose contents changed in this edition. */
+    readonly zonesPublished: readonly ZoneName[];
+}
+type ActorOwner = {
+    readonly kind: "owner";
+    readonly subjectDid: string;
+    readonly signers: OwnerSigners;
+};
+type ActorDelegate = {
+    readonly kind: "delegate";
+    readonly subjectDid: string;
+    readonly actor: DelegateActor;
+};
+type ActorAnonymous = {
+    readonly kind: "anonymous";
+    readonly subjectDid: string;
+};
+type Actor = ActorOwner | ActorDelegate | ActorAnonymous;
+export declare class EthosClient {
+    #private;
+    readonly subjectDid: string;
+    readonly mode: Actor["kind"];
+    constructor(actor: Actor);
+    /** Return the per-zone proxy. */
+    zone(name: ZoneName): EthosZone;
+    hasPendingChanges(): boolean;
+    pendingChanges(): readonly StagedChange[];
+    discard(): void;
+    /**
+     * Build and publish a new edition with all staged mutations applied.
+     * Throws if there's nothing staged. After a successful publish, the
+     * mutation buffer is cleared and any cached snapshot is invalidated
+     * so the next read picks up the fresh edition.
+     */
+    publish(): Promise<PublishResult>;
+    _readZone(zone: ZoneName): Promise<readonly Section[]>;
+    _stageAdd(zone: ZoneName, input: AddSectionInput): void;
+    _stageUpdate(zone: ZoneName, sectionId: string, patch: UpdateSectionPatch): void;
+    _stageDelete(zone: ZoneName, sectionId: string): void;
+}
+export declare class EthosZone {
+    #private;
+    constructor(parent: EthosClient, name: ZoneName);
+    get name(): ZoneName;
+    /** Effective sections (persisted + staged mutations applied). */
+    sections(): Promise<readonly Section[]>;
+    addSection(input: AddSectionInput): void;
+    updateSection(sectionId: string, patch: UpdateSectionPatch): void;
+    deleteSection(sectionId: string): void;
+    /**
+     * Return every section in this zone whose `title` is exactly `title`.
+     *
+     * Match is exact and case-sensitive. The result is always an array — it
+     * may be empty (no match), have one element (the typical case), or have
+     * more than one element when the author has happened to publish two
+     * sections with the same title. Section titles are not required by the
+     * protocol to be unique within a zone.
+     *
+     * The order of returned sections is the zone's authored order
+     * (`sections()` ordering, spec §2.5.2).
+     *
+     * @param title Section title to look up — exact, case-sensitive.
+     */
+    findSectionsByTitle(title: string): Promise<readonly Section[]>;
+    /**
+     * Stage an update for **every** section in this zone whose `title`
+     * matches `title` exactly. Returns the list of section IDs that were
+     * staged — empty when nothing matched.
+     *
+     * Apply with `client.publish()` like any other staged mutation. The
+     * staged entries are identical to what `updateSection(id, patch)` would
+     * produce, one per matched section, so `pendingChanges()` /
+     * `discard()` behave normally.
+     *
+     * Note: this method does NOT throw when there is no match — it returns
+     * `[]`. That's intentional: callers driven by an LLM frequently want to
+     * upsert (try update, then fall back to add) and shouldn't have to
+     * catch.
+     *
+     * @param title Section title to look up — exact, case-sensitive.
+     * @param patch Same patch shape accepted by `updateSection`.
+     * @returns Array of `section.id` strings whose updates were staged.
+     */
+    updateSectionsByTitle(title: string, patch: UpdateSectionPatch): Promise<readonly string[]>;
+    /**
+     * Stage a delete for **every** section in this zone whose `title`
+     * matches `title` exactly. Returns the list of section IDs that were
+     * staged — empty when nothing matched.
+     *
+     * Same semantics as {@link updateSectionsByTitle}: silent on no-match,
+     * apply with `client.publish()`.
+     *
+     * @param title Section title to look up — exact, case-sensitive.
+     * @returns Array of `section.id` strings whose deletes were staged.
+     */
+    deleteSectionsByTitle(title: string): Promise<readonly string[]>;
+}
+export interface EthosNamespaceDeps {
+    readonly auth: AithosAuth;
+    readonly endpoints: AithosSdkEndpoints;
+    readonly fetch: typeof fetch;
+}
+export declare class EthosNamespace {
+    #private;
+    constructor(deps: EthosNamespaceDeps);
+    /**
+     * EthosClient for the currently signed-in owner. Throws if there is
+     * no owner — callers should check `auth.canSignAsOwner()` first or
+     * surface the error to the user as "please sign in".
+     */
+    me(): EthosClient;
+    /**
+     * EthosClient for an arbitrary subject DID. The mode is resolved at
+     * construction time:
+     *   - if `did` matches the currently signed-in owner → owner mode
+     *   - else if a mandate held by `auth` covers this subject → delegate mode
+     *   - else → anonymous read-only mode
+     *
+     * Async signature so future implementations may do an eager manifest
+     * fetch (e.g. to fail fast on unknown DIDs); today resolution is sync
+     * and the actual fetch happens on the first `sections()` / `publish()`
+     * call.
+     */
+    of(did: string): Promise<EthosClient>;
+}
+export {};
 //# sourceMappingURL=ethos.d.ts.map