@aithos/sdk 0.1.0-alpha.5 → 0.1.0-alpha.50

package/dist/src/ethos.js

@@ -25,7 +25,7 @@
 // actor and forwards all real work into protocol-client's
 // `loadEditSnapshot` / `publishZoneEdit` / `publishPublicZoneAsDelegate`
 // / `publishPrivateZoneAsDelegate`.
-import { addSectionToList, deleteSectionFromList, loadEditSnapshot, modifySectionInList, publishPrivateZoneAsDelegate, publishPublicZoneAsDelegate, publishZoneEdit, } from "@aithos/protocol-client";
+import { addSectionToList, AithosRpcError, browserIdentityFromStored, buildSignedEnvelope, buildSignedFirstEditionFromSections, deleteSectionFromList, loadEditSnapshot, modifySectionInList, publishPrivateZoneAsDelegate, publishPublicZoneAsDelegate, publishZoneEdit, signedDidDocument, writeEndpoint, } from "@aithos/protocol-client";
 import { delegateKeyPair } from "./internal/protocol-client-bridge.js";
 import { AithosSDKError } from "./types.js";
 export const ZONE_NAMES = ["public", "circle", "self"];
@@ -38,6 +38,15 @@ export class EthosClient {
     #actor;
     #snapshots = new Map();
     #mutations = [];
+    /**
+     * Set to `true` when the server reports that no edition has been
+     * published yet for this subject (JSON-RPC code -32020 with the message
+     * `not found: edition for <did>`). Toggled lazily on the first read /
+     * publish attempt and cleared again after a successful first-edition
+     * publish so subsequent operations take the regular `publishZoneEdit`
+     * path.
+     */
+    #ethosHasNoEditionYet = false;
     constructor(actor) {
         this.#actor = actor;
         this.subjectDid = actor.subjectDid;
@@ -80,8 +89,15 @@ export class EthosClient {
         // have staged mutations for. Build everything we need then call
         // publishZoneEdit once.
         if (this.#actor.kind === "owner") {
-            // Need the snapshot regardless — we read base sections + zoneBytes.
-            const snap = await this.#ensureSnapshotOwner();
+            // First-edition path: no prior edition exists. Detected when the
+            // tolerant snapshot wrapper returned null on a previous read OR
+            // when this is the first network touch and the server responds
+            // with "not found: edition". Skip the snapshot fetch entirely and
+            // build a height=1 manifest from the staged mutations.
+            const snap = await this.#tryEnsureSnapshotOwner();
+            if (snap === null) {
+                return this.#publishFirstEditionOwner();
+            }
             const newPublic = touched.has("public")
                 ? this.#applyMutations("public", snap.publicSections)
                 : undefined;
@@ -142,6 +158,25 @@ export class EthosClient {
             for (const zone of ["circle", "self"]) {
                 if (!touched.has(zone))
                     continue;
+                // CRITICAL — refuse to publish a private zone the delegate
+                // can't decrypt. publishPrivateZoneAsDelegate treats
+                // `newSections` as the COMPLETE new content of the zone (the
+                // server can't merge encrypted bytes it can't read), so if we
+                // forwarded `[]` here the new edition would silently wipe
+                // every section the owner had. This data-loss landed in alpha.9
+                // — alpha.10 turns it into a clean error so the caller knows
+                // the mandate isn't usable until the owner has bootstrapped a
+                // wrap for this delegate (a single owner-side publish on the
+                // zone after mint is enough).
+                if (snap.zoneDecryptErrors?.[zone]) {
+                    throw new AithosSDKError("ethos_delegate_cannot_overwrite_unreadable", `delegate cannot publish to "${zone}": the existing edition is not readable for this delegate (${snap.zoneDecryptErrors[zone]}). Ask the owner to publish ${zone} once so this delegate's wrap is included; only then can the delegate write — otherwise the new edition would replace content this delegate cannot see.`, {
+                        data: {
+                            zone,
+                            mandateId: actor.mandateId,
+                            decryptError: snap.zoneDecryptErrors[zone],
+                        },
+                    });
+                }
                 const base = (zone === "circle"
                     ? snap.circleSections
                     : snap.selfSections) ?? [];
@@ -168,6 +203,98 @@ export class EthosClient {
         throw new AithosSDKError("ethos_invalid_actor", "unsupported actor for publish()");
     }
     /* ------------------------------------------------------------------------ */
+    /*  Bootstrap — first-edition init for fresh Ethos                          */
+    /* ------------------------------------------------------------------------ */
+    /**
+     * Idempotently ensure the subject's Ethos has at least one published
+     * edition. Required because a **delegate** cannot bootstrap a first
+     * edition (the first edition's manifest is signed with the owner's
+     * public-sphere key, which delegates do not have). Without an initial
+     * owner-published edition, subsequent delegate writes via
+     * {@link publish} fail with `not found: edition for did:…`.
+     *
+     * Semantics:
+     *   - If an edition already exists (owner OR delegate OR anonymous mode),
+     *     this is a NO-OP and returns `{ alreadyInitialized: true }`.
+     *   - If no edition exists AND the actor is the owner, this stages and
+     *     publishes a height=1 edition containing a single sentinel section
+     *     `aithos-init` in the `public` zone, then returns
+     *     `{ alreadyInitialized: false, editionHeight: 1 }`. Any previously
+     *     staged mutations on this client are preserved and NOT auto-flushed.
+     *   - If no edition exists AND the actor is NOT the owner (delegate or
+     *     anonymous), throws `ethos_bootstrap_not_owner` — only the owner
+     *     can sign a first edition.
+     *
+     * Call site: typically the owner's dashboard, right after sign-in and
+     * before any delegate-mode write (e.g. before triggering a backend
+     * worker that holds a mandate). Idempotent ⇒ safe to call on every
+     * mount.
+     *
+     * Implementation note: this routes through {@link #publishFirstEditionOwner}
+     * which the SDK already uses internally when {@link publish} detects a
+     * fresh Ethos with staged owner mutations. ensureInitialized() exposes
+     * the same code path as an explicit primitive, so the caller doesn't
+     * need to stage a mutation just to trigger first-edition logic.
+     */
+    async ensureInitialized() {
+        // Read attempt — tolerant (returns null if no edition exists). Routes
+        // through the right snapshot method based on actor kind so the
+        // detection is correct in every mode.
+        let snap;
+        if (this.#actor.kind === "anonymous") {
+            snap = await this.#tryEnsureSnapshotAnonymous();
+        }
+        else if (this.#actor.kind === "owner") {
+            snap = await this.#tryEnsureSnapshotOwner();
+        }
+        else {
+            snap = await this.#tryEnsureSnapshotDelegate();
+        }
+        if (snap !== null) {
+            return { alreadyInitialized: true };
+        }
+        // Bootstrap path — owner only.
+        if (this.#actor.kind !== "owner") {
+            throw new AithosSDKError("ethos_bootstrap_not_owner", `subject ${this.subjectDid} has no published edition yet, and only the owner can sign a first edition. Have the owner call ensureInitialized() once (typically from their dashboard at sign-in time).`, { data: { subjectDid: this.subjectDid, actorKind: this.#actor.kind } });
+        }
+        // Stage the sentinel init section. We don't disturb any pre-existing
+        // staged mutations — they'll be picked up by the same first-edition
+        // publish that runs underneath.
+        const prevMutations = this.#mutations.slice();
+        this.#mutations.push({
+            kind: "add",
+            zone: "public",
+            section: {
+                id: "sec_" + randomHex(12),
+                title: "aithos-init",
+                body: "Ethos initialized.\n\n" +
+                    "This section is a sentinel created by `EthosClient.ensureInitialized()` " +
+                    "to materialise the subject's first edition. It is safe to delete or " +
+                    "edit later — its only purpose was to satisfy the protocol's " +
+                    "requirement that an edition contain at least one section.",
+                gamma_ref: "gamma_none_" + randomHex(24),
+            },
+        });
+        try {
+            const result = await this.#publishFirstEditionOwner();
+            // Re-stage the caller's prior mutations (if any) so a subsequent
+            // publish() in the same call sequence picks them up. The init
+            // section we added has been consumed by the publish above.
+            this.#mutations = prevMutations;
+            return {
+                alreadyInitialized: false,
+                editionHeight: result.editionHeight,
+                manifestHash: result.manifestHash,
+            };
+        }
+        catch (e) {
+            // On failure, restore the caller's mutations as they were before
+            // we touched the buffer so the client is left in a consistent state.
+            this.#mutations = prevMutations;
+            throw e;
+        }
+    }
+    /* ------------------------------------------------------------------------ */
     /*  Internal — snapshot management                                          */
     /* ------------------------------------------------------------------------ */
     async _readZone(zone) {
@@ -175,12 +302,18 @@ export class EthosClient {
             if (zone !== "public") {
                 throw new AithosSDKError("ethos_anonymous_private_zone", `anonymous reader cannot access the "${zone}" zone`);
             }
-            const snap = await this.#ensureSnapshotAnonymous();
-            const base = snap.publicSections;
+            const snap = await this.#tryEnsureSnapshotAnonymous();
+            // No edition yet → no base sections; only staged mutations contribute.
+            const base = snap === null ? [] : snap.publicSections;
             return this.#applyMutations(zone, base);
         }
         if (this.#actor.kind === "owner") {
-            const snap = await this.#ensureSnapshotOwner();
+            const snap = await this.#tryEnsureSnapshotOwner();
+            if (snap === null) {
+                // No edition yet for this owner — base sections are empty in every
+                // zone. Staged mutations apply on top of an empty list.
+                return this.#applyMutations(zone, []);
+            }
             const base = baseSectionsFromSnapshot(snap, zone);
             // Surface decryption errors clearly (if reading a private zone we
             // can't unwrap, the snapshot has it in zoneDecryptErrors).
@@ -190,7 +323,10 @@ export class EthosClient {
             return this.#applyMutations(zone, base);
         }
         // Delegate
-        const snap = await this.#ensureSnapshotDelegate();
+        const snap = await this.#tryEnsureSnapshotDelegate();
+        if (snap === null) {
+            return this.#applyMutations(zone, []);
+        }
         const base = baseSectionsFromSnapshot(snap, zone);
         if (zone !== "public" && snap.zoneDecryptErrors?.[zone]) {
             throw new AithosSDKError("ethos_zone_unreadable", `cannot read ${zone}: ${snap.zoneDecryptErrors[zone]}`);
@@ -283,6 +419,57 @@ export class EthosClient {
         this.#cacheSnapshotAllZones(snap);
         return snap;
     }
+    /**
+     * Wrap {@link #ensureSnapshotOwner} so the "no edition published yet"
+     * server response (-32020 with message `not found: edition for <did>`)
+     * is converted into `null`. Once converted, {@link #ethosHasNoEditionYet}
+     * is set to short-circuit subsequent reads without re-hitting the network.
+     *
+     * Returns `null` to mean "subject has an identity but no editions yet —
+     * treat all zones as empty". Any other error is re-thrown.
+     */
+    async #tryEnsureSnapshotOwner() {
+        if (this.#ethosHasNoEditionYet)
+            return null;
+        try {
+            return await this.#ensureSnapshotOwner();
+        }
+        catch (e) {
+            if (isNoEditionYetError(e)) {
+                this.#ethosHasNoEditionYet = true;
+                return null;
+            }
+            throw e;
+        }
+    }
+    async #tryEnsureSnapshotDelegate() {
+        if (this.#ethosHasNoEditionYet)
+            return null;
+        try {
+            return await this.#ensureSnapshotDelegate();
+        }
+        catch (e) {
+            if (isNoEditionYetError(e)) {
+                this.#ethosHasNoEditionYet = true;
+                return null;
+            }
+            throw e;
+        }
+    }
+    async #tryEnsureSnapshotAnonymous() {
+        if (this.#ethosHasNoEditionYet)
+            return null;
+        try {
+            return await this.#ensureSnapshotAnonymous();
+        }
+        catch (e) {
+            if (isNoEditionYetError(e)) {
+                this.#ethosHasNoEditionYet = true;
+                return null;
+            }
+            throw e;
+        }
+    }
     #cacheSnapshotAllZones(snap) {
         for (const z of ZONE_NAMES)
             this.#snapshots.set(z, snap);
@@ -291,6 +478,162 @@ export class EthosClient {
         this.#mutations = [];
         this.#snapshots.clear();
     }
+    /* ------------------------------------------------------------------------ */
+    /*  First-edition publish (owner)                                           */
+    /* ------------------------------------------------------------------------ */
+    /**
+     * Publish height=1 for an owner whose Ethos identity exists on
+     * `api.aithos.be` (provisioned by `auth.signUp()` in alpha.6+) but who
+     * has no editions yet. Builds the manifest from the staged ADD
+     * mutations and POSTs `aithos.publish_ethos_edition`.
+     *
+     * Behaviour:
+     *   - All three zones (public / circle / self) are supported at
+     *     height=1 since `@aithos/protocol-client@>=0.1.0-alpha.14`. Circle
+     *     and self sections are sealed via the same DEK + HKDF wrap
+     *     machinery that the height>=2 path uses, so they're verifiable by
+     *     the existing reader path with no special-casing.
+     *   - If the caller staged only circle / self mutations (typical for
+     *     an app like Linkedone that writes a personality section straight
+     *     to `circle`), an `aithos-init` sentinel is auto-injected into
+     *     the public zone. This preserves the invariant that every Ethos
+     *     has a non-empty public zone at height=1 — which all resolution
+     *     flows (handle lookup, public crawl) depend on.
+     *   - First-edition publishes don't accept update/delete mutations
+     *     (there's nothing to update or delete yet) — those are rejected
+     *     with `ethos_first_edition_invalid_op`.
+     *   - The `ethos_first_edition_public_only` error code is no longer
+     *     emitted; the bucket-and-auto-inject path replaces it.
+     */
+    async #publishFirstEditionOwner() {
+        if (this.#actor.kind !== "owner") {
+            // Defensive — caller already checked this branch.
+            throw new AithosSDKError("ethos_invalid_actor", "expected owner actor");
+        }
+        // Validate the staged operation set and bucket by zone. First
+        // edition = ADD mutations only; update / delete are rejected because
+        // there's no prior state to mutate.
+        const publicAdds = [];
+        const circleAdds = [];
+        const selfAdds = [];
+        for (const m of this.#mutations) {
+            if (m.kind !== "add") {
+                throw new AithosSDKError("ethos_first_edition_invalid_op", `first edition: cannot ${m.kind} a section before any edition exists; only addSection is supported on a fresh Ethos`, { data: { mutation: m } });
+            }
+            if (m.zone === "public")
+                publicAdds.push(m.section);
+            else if (m.zone === "circle")
+                circleAdds.push(m.section);
+            else if (m.zone === "self")
+                selfAdds.push(m.section);
+        }
+        if (publicAdds.length === 0 &&
+            circleAdds.length === 0 &&
+            selfAdds.length === 0) {
+            // Should never reach here — publish() short-circuits on empty
+            // mutations. Belt-and-braces in case the contract drifts.
+            throw new AithosSDKError("ethos_first_edition_empty", "first edition: stage at least one section before publishing");
+        }
+        // Public zone invariant: every Ethos has a non-empty public zone at
+        // height=1. If the caller only staged encrypted-zone mutations
+        // (typical for apps like Linkedone that write straight to circle),
+        // auto-inject an `aithos-init` sentinel — identical in shape to
+        // what `ensureInitialized()` would produce if called explicitly.
+        if (publicAdds.length === 0) {
+            publicAdds.push({
+                id: "sec_" + randomHex(12),
+                title: "aithos-init",
+                body: "Ethos initialized.\n\n" +
+                    "This section is a sentinel created by `EthosClient.publish()` " +
+                    "to materialise the subject's first edition alongside the " +
+                    "encrypted-zone content the caller staged. It is safe to delete " +
+                    "or edit later — its only purpose is to satisfy the invariant " +
+                    "that every Ethos has a non-empty public zone at height=1.",
+                gamma_ref: "gamma_none_" + randomHex(24),
+            });
+        }
+        const identity = this.#actor.signers._unsafeStoredIdentity();
+        const browserId = browserIdentityFromStored(identity);
+        const signedDoc = signedDidDocument(browserId);
+        const built = buildSignedFirstEditionFromSections({
+            identity: browserId,
+            signedDidDoc: signedDoc,
+            publicSections: publicAdds,
+            ...(circleAdds.length > 0 ? { circleSections: circleAdds } : {}),
+            ...(selfAdds.length > 0 ? { selfSections: selfAdds } : {}),
+        });
+        const url = writeEndpoint();
+        const zonesPayload = {
+            public: { bytes_base64: bytesToBase64Padded(built.publicMarkdownBytes) },
+        };
+        if (built.circleBytes) {
+            zonesPayload.circle = {
+                bytes_base64: bytesToBase64Padded(built.circleBytes),
+            };
+        }
+        if (built.selfBytes) {
+            zonesPayload.self = {
+                bytes_base64: bytesToBase64Padded(built.selfBytes),
+            };
+        }
+        const params = {
+            manifest: built.manifest,
+            zones: zonesPayload,
+        };
+        const envelope = buildSignedEnvelope({
+            iss: browserId.did,
+            aud: url,
+            method: "aithos.publish_ethos_edition",
+            verificationMethod: `${browserId.did}#public`,
+            params,
+            signer: browserId.public,
+        });
+        const body = JSON.stringify({
+            jsonrpc: "2.0",
+            id: "publish_ethos_edition",
+            method: "aithos.publish_ethos_edition",
+            params: { ...params, _envelope: envelope },
+        });
+        let res;
+        try {
+            res = await fetch(url, {
+                method: "POST",
+                headers: { "content-type": "application/json" },
+                body,
+            });
+        }
+        catch (e) {
+            throw new AithosSDKError("ethos_publish_network", `publish_ethos_edition (first edition): network error: ${e.message ?? "unknown"}`);
+        }
+        let json;
+        try {
+            json = (await res.json());
+        }
+        catch {
+            throw new AithosSDKError("ethos_publish_invalid_response", `publish_ethos_edition (first edition): server returned non-JSON (HTTP ${res.status})`);
+        }
+        if (json.error) {
+            throw new AithosSDKError("ethos_first_edition_rejected", `publish_ethos_edition (first edition) rejected: ${json.error.message}`, {
+                status: res.status,
+                data: { rpc_code: json.error.code, ...(json.error.data ?? {}) },
+            });
+        }
+        // Success: clear the no-edition flag so subsequent reads/publishes
+        // take the regular next-edition path.
+        this.#ethosHasNoEditionYet = false;
+        this.#afterPublish();
+        const zonesPublished = ["public"];
+        if (built.circleBytes)
+            zonesPublished.push("circle");
+        if (built.selfBytes)
+            zonesPublished.push("self");
+        return {
+            editionHeight: 1,
+            manifestHash: "", // protocol-client surfaces this on later editions; not on first
+            subjectDid: browserId.did,
+            zonesPublished,
+        };
+    }
 }
 /* -------------------------------------------------------------------------- */
 /*  EthosZone — per-zone proxy                                                */
@@ -318,6 +661,89 @@ export class EthosZone {
     deleteSection(sectionId) {
         this.#parent._stageDelete(this.#name, sectionId);
     }
+    /* ------------------------------------------------------------------------ */
+    /*  By-title helpers                                                        */
+    /*                                                                          */
+    /*  The Aithos protocol does not (yet) treat section titles as a queryable  */
+    /*  index — only `section.id` is a normative anchor. These three methods    */
+    /*  are an ergonomic SDK-side affordance for the common LLM-driven case    */
+    /*  "act on the section called X". They resolve titles client-side by      */
+    /*  loading the full zone (`sections()`) and exact-match filtering on      */
+    /*  `Section.title`.                                                       */
+    /*                                                                          */
+    /*  When a future revision of `aithos.get_ethos_zone` (or a new            */
+    /*  `aithos.find_sections` primitive) supports server-side title           */
+    /*  filtering, the implementation behind these three methods can swap to   */
+    /*  the server call without changing the public signatures here. The      */
+    /*  contract — async, exact case-sensitive match, plural semantics — is    */
+    /*  intentionally aligned with what such an API would return.             */
+    /* ------------------------------------------------------------------------ */
+    /**
+     * Return every section in this zone whose `title` is exactly `title`.
+     *
+     * Match is exact and case-sensitive. The result is always an array — it
+     * may be empty (no match), have one element (the typical case), or have
+     * more than one element when the author has happened to publish two
+     * sections with the same title. Section titles are not required by the
+     * protocol to be unique within a zone.
+     *
+     * The order of returned sections is the zone's authored order
+     * (`sections()` ordering, spec §2.5.2).
+     *
+     * @param title Section title to look up — exact, case-sensitive.
+     */
+    async findSectionsByTitle(title) {
+        const all = await this.#parent._readZone(this.#name);
+        return all.filter((s) => s.title === title);
+    }
+    /**
+     * Stage an update for **every** section in this zone whose `title`
+     * matches `title` exactly. Returns the list of section IDs that were
+     * staged — empty when nothing matched.
+     *
+     * Apply with `client.publish()` like any other staged mutation. The
+     * staged entries are identical to what `updateSection(id, patch)` would
+     * produce, one per matched section, so `pendingChanges()` /
+     * `discard()` behave normally.
+     *
+     * Note: this method does NOT throw when there is no match — it returns
+     * `[]`. That's intentional: callers driven by an LLM frequently want to
+     * upsert (try update, then fall back to add) and shouldn't have to
+     * catch.
+     *
+     * @param title Section title to look up — exact, case-sensitive.
+     * @param patch Same patch shape accepted by `updateSection`.
+     * @returns Array of `section.id` strings whose updates were staged.
+     */
+    async updateSectionsByTitle(title, patch) {
+        const matches = await this.findSectionsByTitle(title);
+        const ids = [];
+        for (const s of matches) {
+            this.#parent._stageUpdate(this.#name, s.id, patch);
+            ids.push(s.id);
+        }
+        return ids;
+    }
+    /**
+     * Stage a delete for **every** section in this zone whose `title`
+     * matches `title` exactly. Returns the list of section IDs that were
+     * staged — empty when nothing matched.
+     *
+     * Same semantics as {@link updateSectionsByTitle}: silent on no-match,
+     * apply with `client.publish()`.
+     *
+     * @param title Section title to look up — exact, case-sensitive.
+     * @returns Array of `section.id` strings whose deletes were staged.
+     */
+    async deleteSectionsByTitle(title) {
+        const matches = await this.findSectionsByTitle(title);
+        const ids = [];
+        for (const s of matches) {
+            this.#parent._stageDelete(this.#name, s.id);
+            ids.push(s.id);
+        }
+        return ids;
+    }
 }
 export class EthosNamespace {
     #deps;
@@ -410,6 +836,36 @@ function projectPublishResult(manifest, subjectDid, zones) {
         zonesPublished: zones,
     };
 }
+/**
+ * Detect the server-side "no edition published yet" response. Matches the
+ * exact error shape emitted by primitives-read's `notFound("edition for
+ * <did>")` helper: JSON-RPC code -32020 + message starting with `not
+ * found: edition for `. Other -32020 cases (e.g. "not found: manifest
+ * <did>@<height>" raised when the index advertises an edition the S3
+ * bucket can't serve) deliberately fall through — they're symptoms, not
+ * the "fresh subject" case we're trying to swallow.
+ */
+function isNoEditionYetError(e) {
+    if (!(e instanceof AithosRpcError))
+        return false;
+    if (e.code !== -32020)
+        return false;
+    return typeof e.message === "string"
+        && e.message.startsWith("not found: edition for ");
+}
+/**
+ * Standard base64 with `=` padding — matches what protocol-client's
+ * publishZoneEdit uses for `zones.<zone>.bytes_base64`. The server is
+ * tolerant of either padded or unpadded variants per the API contract,
+ * but we mirror the existing wire to keep payloads byte-identical for
+ * easy diffing in dev tools.
+ */
+function bytesToBase64Padded(bytes) {
+    let bin = "";
+    for (let i = 0; i < bytes.length; i++)
+        bin += String.fromCharCode(bytes[i]);
+    return btoa(bin);
+}
 function randomHex(n) {
     const bytes = new Uint8Array(Math.ceil(n / 2));
     crypto.getRandomValues(bytes);

package/dist/src/index.d.ts

@@ -1,21 +1,32 @@
-export declare const VERSION = "0.1.0-alpha.5";
+export declare const VERSION = "0.1.0-alpha.44";
 export { AithosSDK } from "./sdk.js";
 export type { AithosSDKConfig } from "./types.js";
 export { AithosSDKError } from "./types.js";
+export { AithosRpcError } from "@aithos/protocol-client";
 export type { AithosSdkEndpoints } from "./endpoints.js";
 export { DEFAULT_SDK_ENDPOINTS } from "./endpoints.js";
-export type { ComputeMessage, InvokeBedrockArgs, InvokeBedrockResult, StopReason, } from "./compute.js";
+export type { ComputeMessage, ImageAspectRatio, ImageModelId, InvokeBedrockArgs, InvokeBedrockResult, InvokeBedrockVisionArgs, InvokeBedrockVisionResult, InvokeImageArgs, InvokeImageImage, InvokeImageResult, InvokeSegmentationArgs, InvokeSegmentationResult, SegmentPolygon, StopReason, TranscribeModelId, TranscribeProgressState, TranscribeSegment, TranscribeWord, InvokeTranscribeArgs, InvokeTranscribeResult, PrepareTranscribeArgs, PrepareTranscribeResult, StartTranscribeArgs, StartTranscribeResult, TranscribeStatusResult, TranscribeJobSummary, } from "./compute.js";
 export { ComputeNamespace } from "./compute.js";
+export type { LocalPendingEntry, LocalPendingStatus, TranscribeDraftMeta, TranscribeDraftRecord, } from "./transcribe-resilience.js";
+export { LocalPendingTranscribeTracker, TranscribeDraftStore, TranscribeDraftUnavailableError, } from "./transcribe-resilience.js";
 export type { CreditPackId, CreateTopupSessionArgs, CreateTopupSessionResult, GetBalanceArgs, GetBalanceResult, } from "./wallet.js";
 export { WalletNamespace } from "./wallet.js";
-export { AithosAuth, DEFAULT_AUTH_BASE_URL } from "./auth.js";
-export type { AithosAuthConfig, AithosSession, DelegateInfo, ImportMandateInput, OwnerInfo, SignInInput, SignInWithGoogleOptions, SignInWithRecoveryInput, SignUpInput, SignUpResult, } from "./auth.js";
+export type { ComponentStyle, ExtractArgs, ExtractContent, ExtractData, ExtractForm, ExtractFormField, ExtractHeading, ExtractIconDeclaration, ExtractImage, ExtractLink, ExtractLogo, ExtractMeta, ExtractResult, ExtractSection, ExtractStructure, ExtractStyles, FetchAssetArgs, FetchAssetResult, PaletteEntry, VisualSignature, WebNamespaceDeps, } from "./web.js";
+export { WebNamespace, WEB_EXTRACT_SCOPE } from "./web.js";
+export { AithosAuth, DEFAULT_API_BASE_URL, DEFAULT_AUTH_BASE_URL, } from "./auth.js";
+export type { AcceptInviteInput, AcceptInviteResult, AithosAuthConfig, AithosSession, ApplyPasswordResetInput, ApplyPasswordResetResult, CompleteSsoFirstLoginInput, CompleteSsoFirstLoginResult, CustodialSignInInput, CustodialSignInResult, CustodialSignUpInput, CustodialSignUpResult, DelegateInfo, ImportMandateInput, InviteCustodialInput, InviteCustodialResult, OwnerInfo, RequestPasswordResetInput, ResendVerificationInput, SignInInput, SignInWithGoogleOptions, SignInWithRecoveryInput, SignUpInput, SignUpResult, VerifyEmailInput, VerifyEmailResult, } from "./auth.js";
+export type { SignedEnvelope } from "./internal/envelope.js";
 export { DEFAULT_SESSION_STORAGE_KEY, defaultSessionStore, localStorageStore, noopStore, sessionStorageStore, type AithosSessionStore, } from "./session-store.js";
 export { DEFAULT_KEYSTORE_DB_NAME, defaultKeyStore, indexedDbKeyStore, memoryKeyStore, type AithosKeyStore, type StoredDelegateKeys, type StoredOwnerKeys, } from "./key-store.js";
 export { EthosClient, EthosNamespace, EthosZone, ZONE_NAMES, } from "./ethos.js";
 export type { AddSectionInput, PublishResult, StagedChange, UpdateSectionPatch, ZoneName, } from "./ethos.js";
-export { MandatesNamespace } from "./mandates.js";
-export type { ActorSphere, CreateMandateInput, MintedMandate, OwnedMandate, Scope, } from "./mandates.js";
+export { COMPUTE_INVOKE_SCOPE, MandatesNamespace } from "./mandates.js";
+export type { ActorSphere, CreateMandateComputeInput, CreateMandateInput, MintedMandate, OwnedMandate, Scope, } from "./mandates.js";
+export { AppsNamespace } from "./apps.js";
+export type { AudienceSet, AppCreditPackId, CreateAppTopupSessionArgs, CreateAppTopupSessionResult, CreateSponsorshipMandateArgs, SignedSponsorshipMandate, SignedSponsorshipRevocation, SponsorshipAccountingAuthorityInput, SponsorshipAudienceInput, SponsorshipBudgetInput, } from "./apps.js";
 export * as onboarding from "./onboarding.js";
 export { createBrowserIdentity, browserIdentityFromStored, type BrowserIdentity, } from "@aithos/protocol-client";
+export type { Section } from "@aithos/protocol-client";
+export { createDataClient, createDelegateDataClient, createAppendDataClient, type CreateDataClientArgs, type CreateDelegateDataClientArgs, type CreateAppendDataClientArgs, type DataClient, type DataCollection, type ReadonlyDataClient, type ReadonlyDataCollection, type AppendOnlyDataClient, type AppendOnlyDataCollection, type ListOpts, type AithosSchemaLite, } from "./data.js";
+export { createAssetsClient, AssetsClient, type CreateAssetsClientArgs, type AttachedContext, type AssetUploadInput, type AssetUploadResult, type AssetFetchResult, type AssetBrief, type ListAssetsOpts, type ThumbnailUploadInput, type ThumbnailUploadResult, type RecipientResolver, type RecipientSet, } from "./assets.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/src/index.js

@@ -17,18 +17,24 @@
 // Public types specific to the SDK (`AithosSDKConfig`, `AithosSDKError`)
 // are exported from here. Endpoint config (`AithosSdkEndpoints`,
 // `DEFAULT_SDK_ENDPOINTS`) likewise.
-export const VERSION = "0.1.0-alpha.5";
+export const VERSION = "0.1.0-alpha.44";
 export { AithosSDK } from "./sdk.js";
 export { AithosSDKError } from "./types.js";
+// Re-export protocol-client's JSON-RPC error type so consumers can
+// `instanceof`-check server-side errors and inspect the JSON-RPC code
+// without taking a direct dependency on @aithos/protocol-client.
+export { AithosRpcError } from "@aithos/protocol-client";
 export { DEFAULT_SDK_ENDPOINTS } from "./endpoints.js";
 export { ComputeNamespace } from "./compute.js";
+export { LocalPendingTranscribeTracker, TranscribeDraftStore, TranscribeDraftUnavailableError, } from "./transcribe-resilience.js";
 export { WalletNamespace } from "./wallet.js";
+export { WebNamespace, WEB_EXTRACT_SCOPE } from "./web.js";
 // Sign-up, sign-in, sign-in-with-Google. Lives outside the AithosSDK
 // class because the auth flow runs *before* the user has a
 // BrowserIdentity (sign-up creates one, sign-in restores it from the
 // server). The class also owns the session store — see
 // ./session-store.ts for pluggable persistence.
-export { AithosAuth, DEFAULT_AUTH_BASE_URL } from "./auth.js";
+export { AithosAuth, DEFAULT_API_BASE_URL, DEFAULT_AUTH_BASE_URL, } from "./auth.js";
 // Session storage backends used by AithosAuth. `sessionStorageStore` is
 // the default in browser environments ; pass another store at construction
 // time if you need different persistence.
@@ -46,11 +52,27 @@ export { DEFAULT_KEYSTORE_DB_NAME, defaultKeyStore, indexedDbKeyStore, memoryKey
 // the entry points.
 export { EthosClient, EthosNamespace, EthosZone, ZONE_NAMES, } from "./ethos.js";
 // `sdk.mandates` namespace — owner-side mandate lifecycle.
-export { MandatesNamespace } from "./mandates.js";
+export { COMPUTE_INVOKE_SCOPE, MandatesNamespace } from "./mandates.js";
+// `sdk.apps` namespace — sponsorship mandates + app-credit top-ups
+// (draft §13, V0.1). Pre-pay a pool that funds your users' compute
+// calls within explicit caps. Per-user caps + per-day caps + lifetime
+// pool cap enforced server-side. Fallback to user wallet when caps
+// are reached or pool is empty.
+export { AppsNamespace } from "./apps.js";
 // Onboarding re-exports kept for advanced callers — the curated API
 // for first-run flows is `auth.signUp` (already shipped in J3).
 export * as onboarding from "./onboarding.js";
 // Convenience direct re-exports of the most-used identity primitives so the
 // quick-start example doesn't need a namespace import.
 export { createBrowserIdentity, browserIdentityFromStored, } from "@aithos/protocol-client";
+// `sdk.data` namespace — Aithos data sub-protocol PDS client. Manages
+// the lifecycle of subject-owned, encrypted, schema-validated records.
+// See spec/data/ in the aithos-protocol repo.
+export { createDataClient, createDelegateDataClient, createAppendDataClient, } from "./data.js";
+// `sdk.assets` — Aithos assets sub-protocol PDS client. Upload,
+// fetch, list, ref/unref binary content (images, PDFs, audio, video)
+// owned by a subject. AEAD-encrypted per-asset under AMKs wrapped for
+// the subject's X25519 sphere keys (and, in v0.2, mandate grantees).
+// See spec/assets/ in the aithos-protocol repo.
+export { createAssetsClient, AssetsClient, } from "./assets.js";
 //# sourceMappingURL=index.js.map

package/dist/src/internal/delegate-bundle.js

@@ -50,13 +50,18 @@ export function parseDelegateBundle(text) {
     }
     const m = mandate;
     const mandateId = m["id"];
-    const subjectDid = m["subject_did"] ?? m["subjectDid"];
+    // The mandate subject's DID is carried by `issuer` in the wire format
+    // emitted by `mintDelegateBundle()` (cf. SignedMandate.issuer in
+    // protocol-client). We accept the legacy `subject_did` / camelCase
+    // variants too so older test fixtures and any externally-minted
+    // bundles using the older shape keep working.
+    const subjectDid = m["issuer"] ?? m["subject_did"] ?? m["subjectDid"];
     const grantee = m["grantee"];
     if (typeof mandateId !== "string" || !mandateId) {
         throw bad("mandate.id missing");
     }
     if (typeof subjectDid !== "string" || !subjectDid.startsWith("did:")) {
-        throw bad("mandate.subject_did missing or malformed");
+        throw bad("mandate.issuer missing or malformed (expected a `did:` URL)");
     }
     if (typeof grantee !== "object" || grantee === null) {
         throw bad("mandate.grantee missing");