@aithos/sdk 0.1.0-alpha.40 → 0.1.0-alpha.41

package/dist/src/apps.d.ts

@@ -0,0 +1,155 @@
+import type { AithosAuth } from "./auth.js";
+import type { AithosSdkEndpoints } from "./endpoints.js";
+/**
+ * The audience set scopes which consumers are eligible. `"open"` lets
+ * any DID invoke the app; `"list"` restricts to an explicit allowlist.
+ */
+export type AudienceSet = "open" | "list";
+export interface SponsorshipBudgetInput {
+    /**
+     * Authority-interpreted unit of account. Default `"aithos.mc"` (the
+     * platform microcredit, ≈ €0.001 of AWS pass-through cost). Authorities
+     * MAY accept other units — see draft §13.3.4.
+     */
+    readonly unit?: string;
+    /** Lifetime cap per consumer, in `unit`. */
+    readonly perUserCap: number;
+    /** If set, the per-user cap applies over a sliding window. */
+    readonly perUserWindowSeconds?: number | null;
+    /** UTC-day cap on total sponsored consumption across all consumers. */
+    readonly perDayTotalCap: number;
+    /** Lifetime pool cap across all consumers. `null` ≡ no cap. */
+    readonly poolCapTotal?: number | null;
+}
+export interface SponsorshipAudienceInput {
+    /** App DID the sponsorship covers (typically `sdk.appDid`). */
+    readonly appDid: string;
+    readonly audienceSet: AudienceSet;
+    /** Required iff `audienceSet === "list"`. */
+    readonly consumers?: readonly string[];
+}
+export interface SponsorshipAccountingAuthorityInput {
+    readonly did: string;
+    readonly endpoint: string;
+}
+export interface CreateSponsorshipMandateArgs {
+    readonly audience: SponsorshipAudienceInput;
+    readonly scopes: readonly string[];
+    readonly allowedMethods: readonly string[];
+    readonly allowedModels?: readonly string[];
+    readonly budget: SponsorshipBudgetInput;
+    readonly accountingAuthority: SponsorshipAccountingAuthorityInput;
+    /** Defaults to now. */
+    readonly notBefore?: Date;
+    /** Defaults to 365 days. */
+    readonly ttlSeconds?: number;
+}
+/**
+ * Signed sponsorship mandate, ready to seed into the authority's
+ * `aithos-app-sponsorships` table. Same shape as
+ * `@aithos/protocol-core`'s `SponsorshipMandate`.
+ */
+export interface SignedSponsorshipMandate {
+    readonly "aithos-sponsorship-mandate": "0.1.0";
+    readonly id: string;
+    readonly issuer: string;
+    readonly issued_by_key: string;
+    readonly audience: {
+        readonly app_did: string;
+        readonly audience_set: AudienceSet;
+        readonly consumers?: readonly string[];
+    };
+    readonly scopes: readonly string[];
+    readonly allowed_methods: readonly string[];
+    readonly allowed_models?: readonly string[];
+    readonly budget: {
+        readonly unit: string;
+        readonly per_user_cap: number;
+        readonly per_user_window_seconds: number | null;
+        readonly per_day_total_cap: number;
+        readonly pool_cap_total: number | null;
+    };
+    readonly accounting_authority: {
+        readonly did: string;
+        readonly endpoint: string;
+    };
+    readonly not_before: string;
+    readonly not_after: string;
+    readonly issued_at: string;
+    readonly nonce: string;
+    readonly signature: {
+        readonly alg: "ed25519";
+        readonly key: string;
+        readonly value: string;
+    };
+}
+export interface SignedSponsorshipRevocation {
+    readonly "aithos-revocation": "0.1.0";
+    readonly mandate_id: string;
+    readonly mandate_kind: "sponsorship-mandate";
+    readonly issuer: string;
+    readonly issued_by_key: string;
+    readonly revoked_at: string;
+    readonly reason: string;
+    readonly signature: {
+        readonly alg: "ed25519";
+        readonly key: string;
+        readonly value: string;
+    };
+}
+export type AppCreditPackId = "app-credits-10k" | "app-credits-50k" | "app-credits-200k";
+export interface CreateAppTopupSessionArgs {
+    /** Which app-credits pack to purchase. */
+    readonly packId: AppCreditPackId;
+    /** Where Stripe redirects after a successful payment. */
+    readonly successUrl: string;
+    /** Where Stripe redirects if the user cancels. */
+    readonly cancelUrl: string;
+    /** Abort signal to cancel the request. */
+    readonly signal?: AbortSignal;
+}
+export interface CreateAppTopupSessionResult {
+    readonly checkoutUrl: string;
+    readonly sessionId: string;
+}
+export interface AppsNamespaceDeps {
+    readonly auth: AithosAuth;
+    readonly appDid: string;
+    readonly endpoints: AithosSdkEndpoints;
+    readonly fetch: typeof fetch;
+}
+export declare class AppsNamespace {
+    #private;
+    constructor(deps: AppsNamespaceDeps);
+    /**
+     * Build and sign a `SponsorshipMandate` as the calling owner. The
+     * returned JSON is signed by the owner's `#public` sphere key, ready
+     * to be seeded into the authority's `aithos-app-sponsorships` table.
+     *
+     * V0.1 has no server endpoint — get the row into DDB via:
+     *   1. `aws dynamodb put-item --table-name aithos-app-sponsorships
+     *      --item file://mandate.json` (raw), or
+     *   2. The ops bootstrap script in
+     *      `innoesate/aithos/platform/scripts/seed-sponsorship.mjs`
+     *      (planned for V0.2).
+     *
+     * Hash with `sponsorshipMandateHash()` from `@aithos/protocol-core`
+     * if you need to embed it in an envelope's `sponsorship.hash` field.
+     */
+    createSponsorshipMandate(args: CreateSponsorshipMandateArgs): Promise<SignedSponsorshipMandate>;
+    /**
+     * Build and sign a §4.6 revocation document targeting a sponsorship
+     * mandate. Same upload caveat as `createSponsorshipMandate`.
+     */
+    revokeSponsorshipMandate(mandate: SignedSponsorshipMandate, reason: string): Promise<SignedSponsorshipRevocation>;
+    /**
+     * Stripe Checkout session for an `app-credits-*` pack. The session is
+     * bound to the calling owner's DID (which is treated as the app's
+     * funding DID — Option A unified wallet, see plan §3.4).
+     *
+     * Same endpoint and auth pattern as `sdk.wallet.createTopupSession`,
+     * just with the app-credits pack id family.
+     */
+    createAppTopupSession(args: CreateAppTopupSessionArgs): Promise<CreateAppTopupSessionResult>;
+}
+//# sourceMappingURL=apps.d.ts.map

package/dist/src/apps.js

@@ -0,0 +1,288 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// `sdk.apps` namespace — sponsorship lifecycle for app developers.
+//
+// V0.1 surface (2026-05-27) — minimal but sufficient to bootstrap a free
+// trial flow on Linkedone and similar apps:
+//
+//   createSponsorshipMandate(args)
+//       Build + sign a SponsorshipMandate as the calling owner. Returns
+//       the signed JSON. The caller is responsible for getting the row
+//       into the authority's `aithos-app-sponsorships` table — V0.1 has
+//       no server endpoint for it (manual `aws dynamodb put-item` or a
+//       Terraform-managed seed). V0.2 will add a server endpoint.
+//
+//   revokeSponsorshipMandate(mandate, reason)
+//       Build + sign a §4.6 revocation document targeting the mandate.
+//       Same upload caveat as create — V0.1 has no server endpoint.
+//
+//   createAppTopupSession(args)
+//       Stripe Checkout session for an `app-credits-*` pack. Reuses the
+//       existing wallet-topup endpoint; the difference is the pack id
+//       and the DID being credited (the app's, not the user's).
+//
+// Why no `getSponsorshipStatus*` in V0.1: the read side requires either
+// a CloudFront-fronted read endpoint or direct DDB access. We'll add it
+// in V0.2 once the sponsorship-api Lambda exists; for now, devs check
+// their sponsorship via the AWS Console.
+import { base64url, sign } from "@aithos/protocol-client";
+import { walletTopupCheckoutUrl } from "./endpoints.js";
+import { ownerKeyPair } from "./internal/protocol-client-bridge.js";
+import { AithosSDKError } from "./types.js";
+/* -------------------------------------------------------------------------- */
+/*  Class                                                                     */
+/* -------------------------------------------------------------------------- */
+export class AppsNamespace {
+    #deps;
+    constructor(deps) {
+        this.#deps = deps;
+    }
+    /**
+     * Build and sign a `SponsorshipMandate` as the calling owner. The
+     * returned JSON is signed by the owner's `#public` sphere key, ready
+     * to be seeded into the authority's `aithos-app-sponsorships` table.
+     *
+     * V0.1 has no server endpoint — get the row into DDB via:
+     *   1. `aws dynamodb put-item --table-name aithos-app-sponsorships
+     *      --item file://mandate.json` (raw), or
+     *   2. The ops bootstrap script in
+     *      `innoesate/aithos/platform/scripts/seed-sponsorship.mjs`
+     *      (planned for V0.2).
+     *
+     * Hash with `sponsorshipMandateHash()` from `@aithos/protocol-core`
+     * if you need to embed it in an envelope's `sponsorship.hash` field.
+     */
+    async createSponsorshipMandate(args) {
+        const owner = this.#requireOwner();
+        validateBudget(args.budget);
+        validateAudience(args.audience);
+        if (args.scopes.length === 0) {
+            throw new AithosSDKError("invalid_input", "scopes must be non-empty");
+        }
+        if (args.allowedMethods.length === 0) {
+            throw new AithosSDKError("invalid_input", "allowedMethods must be non-empty");
+        }
+        const nb = args.notBefore ?? new Date();
+        const ttl = args.ttlSeconds ?? 365 * 24 * 3600;
+        const na = new Date(nb.getTime() + ttl * 1000);
+        if (na <= nb) {
+            throw new AithosSDKError("invalid_input", "ttlSeconds must produce not_after > not_before");
+        }
+        const nonce = base64url(randomBytes(9));
+        const unsigned = {
+            "aithos-sponsorship-mandate": "0.1.0",
+            id: `spons_${ulid()}`,
+            issuer: owner.did,
+            issued_by_key: `${owner.did}#public`,
+            audience: {
+                app_did: args.audience.appDid,
+                audience_set: args.audience.audienceSet,
+                ...(args.audience.consumers !== undefined
+                    ? { consumers: [...args.audience.consumers] }
+                    : {}),
+            },
+            scopes: [...args.scopes],
+            allowed_methods: [...args.allowedMethods],
+            ...(args.allowedModels ? { allowed_models: [...args.allowedModels] } : {}),
+            budget: {
+                unit: args.budget.unit ?? "aithos.mc",
+                per_user_cap: args.budget.perUserCap,
+                per_user_window_seconds: args.budget.perUserWindowSeconds === undefined
+                    ? null
+                    : args.budget.perUserWindowSeconds,
+                per_day_total_cap: args.budget.perDayTotalCap,
+                pool_cap_total: args.budget.poolCapTotal === undefined
+                    ? null
+                    : args.budget.poolCapTotal,
+            },
+            accounting_authority: { ...args.accountingAuthority },
+            not_before: nb.toISOString(),
+            not_after: na.toISOString(),
+            issued_at: new Date().toISOString(),
+            nonce,
+            signature: { alg: "ed25519", key: `${owner.did}#public`, value: "" },
+        };
+        const bytes = new TextEncoder().encode(jcsCanonicalize(unsigned));
+        const ownerPub = ownerKeyPair(owner, "public");
+        const sigBytes = sign(bytes, ownerPub.seed);
+        return {
+            ...unsigned,
+            signature: { ...unsigned.signature, value: base64url(sigBytes) },
+        };
+    }
+    /**
+     * Build and sign a §4.6 revocation document targeting a sponsorship
+     * mandate. Same upload caveat as `createSponsorshipMandate`.
+     */
+    async revokeSponsorshipMandate(mandate, reason) {
+        const owner = this.#requireOwner();
+        if (mandate.issuer !== owner.did) {
+            throw new AithosSDKError("invalid_input", `mandate.issuer (${mandate.issuer}) does not match signed-in owner (${owner.did}) — only the sponsor can revoke`);
+        }
+        const unsigned = {
+            "aithos-revocation": "0.1.0",
+            mandate_id: mandate.id,
+            mandate_kind: "sponsorship-mandate",
+            issuer: owner.did,
+            issued_by_key: `${owner.did}#public`,
+            revoked_at: new Date().toISOString(),
+            reason,
+            signature: { alg: "ed25519", key: `${owner.did}#public`, value: "" },
+        };
+        const bytes = new TextEncoder().encode(jcsCanonicalize(unsigned));
+        const ownerPub = ownerKeyPair(owner, "public");
+        const sigBytes = sign(bytes, ownerPub.seed);
+        return {
+            ...unsigned,
+            signature: { ...unsigned.signature, value: base64url(sigBytes) },
+        };
+    }
+    /**
+     * Stripe Checkout session for an `app-credits-*` pack. The session is
+     * bound to the calling owner's DID (which is treated as the app's
+     * funding DID — Option A unified wallet, see plan §3.4).
+     *
+     * Same endpoint and auth pattern as `sdk.wallet.createTopupSession`,
+     * just with the app-credits pack id family.
+     */
+    async createAppTopupSession(args) {
+        const { auth, endpoints, fetch: fetchImpl } = this.#deps;
+        const owner = auth._getOwnerSigners();
+        if (!owner || owner.destroyed) {
+            throw new AithosSDKError("sdk_no_owner", "no owner signed in; sign in first");
+        }
+        const url = walletTopupCheckoutUrl(endpoints);
+        let res;
+        try {
+            res = await fetchImpl(url, {
+                method: "POST",
+                headers: { "content-type": "application/json" },
+                body: JSON.stringify({
+                    // Same endpoint as user-pack top-ups. The Lambda's pack-table
+                    // distinguishes `app-credits-*` from `credits-*` and routes
+                    // the credit to the same `aithos-wallet-user` row keyed on
+                    // `user_did`, which for an app is its DID (= sdk.appDid).
+                    user_did: this.#deps.appDid,
+                    pack_id: args.packId,
+                    success_url: args.successUrl,
+                    cancel_url: args.cancelUrl,
+                }),
+                ...(args.signal ? { signal: args.signal } : {}),
+            });
+        }
+        catch (e) {
+            throw new AithosSDKError("network", e.message);
+        }
+        let body;
+        try {
+            body = await res.json();
+        }
+        catch {
+            throw new AithosSDKError("http", `HTTP ${res.status} ${res.statusText} — non-JSON response`, { status: res.status });
+        }
+        if (!res.ok) {
+            const err = body;
+            throw new AithosSDKError(err.error ?? "http", err.detail ?? `HTTP ${res.status} ${res.statusText}`, { status: res.status });
+        }
+        const ok = body;
+        if (typeof ok.checkout_url !== "string" ||
+            typeof ok.session_id !== "string") {
+            throw new AithosSDKError("empty", "wallet response missing checkout_url or session_id");
+        }
+        return { checkoutUrl: ok.checkout_url, sessionId: ok.session_id };
+    }
+    #requireOwner() {
+        const owner = this.#deps.auth._getOwnerSigners();
+        if (!owner || owner.destroyed) {
+            throw new AithosSDKError("sdk_no_owner", "no owner signed in; sign in first");
+        }
+        return owner;
+    }
+}
+/* -------------------------------------------------------------------------- */
+/*  Validation                                                                */
+/* -------------------------------------------------------------------------- */
+function validateBudget(b) {
+    if (!Number.isInteger(b.perUserCap) || b.perUserCap < 0) {
+        throw new AithosSDKError("invalid_input", "budget.perUserCap must be a non-negative integer");
+    }
+    if (!Number.isInteger(b.perDayTotalCap) || b.perDayTotalCap < 0) {
+        throw new AithosSDKError("invalid_input", "budget.perDayTotalCap must be a non-negative integer");
+    }
+    if (b.perUserWindowSeconds !== undefined &&
+        b.perUserWindowSeconds !== null) {
+        if (!Number.isInteger(b.perUserWindowSeconds) ||
+            b.perUserWindowSeconds <= 0) {
+            throw new AithosSDKError("invalid_input", "budget.perUserWindowSeconds must be null or a positive integer");
+        }
+    }
+    if (b.poolCapTotal !== undefined && b.poolCapTotal !== null) {
+        if (!Number.isInteger(b.poolCapTotal) || b.poolCapTotal < 0) {
+            throw new AithosSDKError("invalid_input", "budget.poolCapTotal must be null or a non-negative integer");
+        }
+    }
+}
+function validateAudience(a) {
+    if (!a.appDid || typeof a.appDid !== "string") {
+        throw new AithosSDKError("invalid_input", "audience.appDid must be a DID string");
+    }
+    if (a.audienceSet === "open") {
+        if (a.consumers !== undefined) {
+            throw new AithosSDKError("invalid_input", "audience.consumers MUST be absent when audienceSet is 'open'");
+        }
+    }
+    else if (a.audienceSet === "list") {
+        if (!Array.isArray(a.consumers) || a.consumers.length === 0) {
+            throw new AithosSDKError("invalid_input", "audience.consumers MUST be a non-empty array when audienceSet is 'list'");
+        }
+    }
+    else {
+        throw new AithosSDKError("invalid_input", `audience.audienceSet must be 'open' or 'list' (got: ${String(a.audienceSet)})`);
+    }
+}
+/* -------------------------------------------------------------------------- */
+/*  ULID + JCS — local copies to avoid a runtime dep                          */
+/* -------------------------------------------------------------------------- */
+const ULID_ALPHABET = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
+function ulid(now = Date.now()) {
+    // 10 chars timestamp + 16 chars random = 26 chars
+    let timePart = "";
+    let t = now;
+    for (let i = 0; i < 10; i++) {
+        const mod = t % 32;
+        timePart = ULID_ALPHABET[mod] + timePart;
+        t = (t - mod) / 32;
+    }
+    let randPart = "";
+    for (let i = 0; i < 16; i++) {
+        randPart += ULID_ALPHABET[Math.floor(Math.random() * 32)];
+    }
+    return timePart + randPart;
+}
+function randomBytes(n) {
+    const out = new Uint8Array(n);
+    crypto.getRandomValues(out);
+    return out;
+}
+/**
+ * Minimal RFC-8785 (JCS) canonicalization. Sorts object keys
+ * lexicographically by code point, no whitespace, JSON.stringify for
+ * primitives. Matches the protocol-core canonicalize used to compute
+ * the hash the signature commits to.
+ */
+function jcsCanonicalize(value) {
+    if (value === null || typeof value !== "object") {
+        return JSON.stringify(value);
+    }
+    if (Array.isArray(value)) {
+        return "[" + value.map(jcsCanonicalize).join(",") + "]";
+    }
+    const obj = value;
+    const keys = Object.keys(obj).sort();
+    return ("{" +
+        keys
+            .map((k) => JSON.stringify(k) + ":" + jcsCanonicalize(obj[k]))
+            .join(",") +
+        "}");
+}
+//# sourceMappingURL=apps.js.map

package/dist/src/compute.d.ts

@@ -58,6 +58,36 @@ export interface InvokeBedrockResult {
     readonly walletBalance: number;
     /** Audit log id for traceability. */
     readonly auditId: string;
+    /**
+     * Which wallet was actually debited (draft §13.8, V0.1 sponsorship).
+     *   - `"sponsored"` — the app developer's wallet (free trial / promo).
+     *   - `"grant"`     — the user's grant bucket (Aithos-donated credits).
+     *   - `"purchase"`  — the user's own paid credits.
+     * Absent on legacy server responses (pre-2026-05-27).
+     */
+    readonly fundedBy?: "sponsored" | "grant" | "purchase";
+    /**
+     * If `fundedBy === "sponsored"`, the sponsor's DID (= the developer
+     * who pre-paid the pool). Absent otherwise.
+     */
+    readonly sponsoredBy?: string;
+    /**
+     * If sponsored, the signed `ConsumptionReceipt` id (`rcpt_…`) the
+     * authority issued for this debit. The receipt itself can be fetched
+     * later via the receipts API (V0.2). Present on every signed call
+     * when the authority is configured, regardless of `fundedBy`.
+     */
+    readonly receiptId?: string;
+    /**
+     * If sponsored, remaining microcredits for THIS consumer in this
+     * sponsorship pool. Useful for displaying "X free calls remaining"
+     * without an extra round-trip. May be `0` even when the user can
+     * still consume — when the authority can't compute the remainder
+     * cheaply (e.g. windowed caps), the SDK gets a conservative 0 and
+     * the SPA should fall back to calling `sdk.apps.getSponsorshipStatusForUser`
+     * (V0.2).
+     */
+    readonly sponsoredRemainingForUser?: number;
 }
 /**
  * Stable cross-provider image model ids supported by the Aithos compute

package/dist/src/index.d.ts

@@ -1,4 +1,4 @@
-export declare const VERSION = "0.1.0-alpha.39";
+export declare const VERSION = "0.1.0-alpha.41";
 export { AithosSDK } from "./sdk.js";
 export type { AithosSDKConfig } from "./types.js";
 export { AithosSDKError } from "./types.js";
@@ -20,6 +20,8 @@ export { EthosClient, EthosNamespace, EthosZone, ZONE_NAMES, } from "./ethos.js"
 export type { AddSectionInput, PublishResult, StagedChange, UpdateSectionPatch, ZoneName, } from "./ethos.js";
 export { COMPUTE_INVOKE_SCOPE, MandatesNamespace } from "./mandates.js";
 export type { ActorSphere, CreateMandateComputeInput, CreateMandateInput, MintedMandate, OwnedMandate, Scope, } from "./mandates.js";
+export { AppsNamespace } from "./apps.js";
+export type { AudienceSet, AppCreditPackId, CreateAppTopupSessionArgs, CreateAppTopupSessionResult, CreateSponsorshipMandateArgs, SignedSponsorshipMandate, SignedSponsorshipRevocation, SponsorshipAccountingAuthorityInput, SponsorshipAudienceInput, SponsorshipBudgetInput, } from "./apps.js";
 export * as onboarding from "./onboarding.js";
 export { createBrowserIdentity, browserIdentityFromStored, type BrowserIdentity, } from "@aithos/protocol-client";
 export type { Section } from "@aithos/protocol-client";

package/dist/src/index.js

@@ -17,7 +17,7 @@
 // Public types specific to the SDK (`AithosSDKConfig`, `AithosSDKError`)
 // are exported from here. Endpoint config (`AithosSdkEndpoints`,
 // `DEFAULT_SDK_ENDPOINTS`) likewise.
-export const VERSION = "0.1.0-alpha.39";
+export const VERSION = "0.1.0-alpha.41";
 export { AithosSDK } from "./sdk.js";
 export { AithosSDKError } from "./types.js";
 // Re-export protocol-client's JSON-RPC error type so consumers can
@@ -52,6 +52,12 @@ export { DEFAULT_KEYSTORE_DB_NAME, defaultKeyStore, indexedDbKeyStore, memoryKey
 export { EthosClient, EthosNamespace, EthosZone, ZONE_NAMES, } from "./ethos.js";
 // `sdk.mandates` namespace — owner-side mandate lifecycle.
 export { COMPUTE_INVOKE_SCOPE, MandatesNamespace } from "./mandates.js";
+// `sdk.apps` namespace — sponsorship mandates + app-credit top-ups
+// (draft §13, V0.1). Pre-pay a pool that funds your users' compute
+// calls within explicit caps. Per-user caps + per-day caps + lifetime
+// pool cap enforced server-side. Fallback to user wallet when caps
+// are reached or pool is empty.
+export { AppsNamespace } from "./apps.js";
 // Onboarding re-exports kept for advanced callers — the curated API
 // for first-run flows is `auth.signUp` (already shipped in J3).
 export * as onboarding from "./onboarding.js";

package/dist/src/sdk.d.ts

@@ -1,4 +1,5 @@
 import type { AithosAuth } from "./auth.js";
+import { AppsNamespace } from "./apps.js";
 import { ComputeNamespace } from "./compute.js";
 import { type AithosSdkEndpoints } from "./endpoints.js";
 import { EthosNamespace } from "./ethos.js";
@@ -47,6 +48,12 @@ export declare class AithosSDK {
     readonly mandates: MandatesNamespace;
     /** Web extraction namespace — aithos.web_extract through the web extractor proxy. */
     readonly web: WebNamespace;
+    /**
+     * App lifecycle namespace — sponsorship mandates + app-credit top-ups.
+     * V0.1 (2026-05-27 — draft §13). Lets a developer pre-pay a pool that
+     * funds compute calls from their app's users within explicit caps.
+     */
+    readonly apps: AppsNamespace;
     constructor(config: AithosSDKConfig);
     /** DID of the currently signed-in owner, or null if no owner is loaded. */
     get userDid(): string | null;

package/dist/src/sdk.js

@@ -1,5 +1,6 @@
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2026 Mathieu Colla
+import { AppsNamespace } from "./apps.js";
 import { ComputeNamespace } from "./compute.js";
 import { resolveEndpoints } from "./endpoints.js";
 import { EthosNamespace } from "./ethos.js";
@@ -23,6 +24,12 @@ export class AithosSDK {
     mandates;
     /** Web extraction namespace — aithos.web_extract through the web extractor proxy. */
     web;
+    /**
+     * App lifecycle namespace — sponsorship mandates + app-credit top-ups.
+     * V0.1 (2026-05-27 — draft §13). Lets a developer pre-pay a pool that
+     * funds compute calls from their app's users within explicit caps.
+     */
+    apps;
     constructor(config) {
         if (!config.auth) {
             throw new TypeError("AithosSDK: config.auth is required");
@@ -62,6 +69,12 @@ export class AithosSDK {
             endpoints: this.endpoints,
             fetch: fetchImpl,
         });
+        this.apps = new AppsNamespace({
+            auth: config.auth,
+            appDid: config.appDid,
+            endpoints: this.endpoints,
+            fetch: fetchImpl,
+        });
     }
     /** DID of the currently signed-in owner, or null if no owner is loaded. */
     get userDid() {

package/dist/test/auth-j3.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=auth-j3.test.d.ts.map