@aithos/sdk 0.1.0-alpha.5 → 0.1.0-alpha.51

package/dist/test/ethos-first-edition.test.js

@@ -0,0 +1,371 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// Tests for the alpha.7 first-edition path in EthosClient — the case
+// where an Ethos identity exists on api.aithos.be (provisioned by
+// auth.signUp() since alpha.6) but no edition has been published yet.
+//
+// Two flows must work:
+//   1. Reading any zone returns an empty list (instead of throwing
+//      "not found: edition").
+//   2. Publishing for the first time builds height=1 from staged
+//      mutations and POSTs publish_ethos_edition directly, instead
+//      of going through publishZoneEdit (which requires a previous
+//      manifest).
+//
+// We mock global fetch end-to-end so the tests run offline.
+import { strict as assert } from "node:assert";
+import { afterEach, beforeEach, describe, it } from "node:test";
+import { createBrowserIdentity } from "@aithos/protocol-client";
+import { AithosAuth, AithosSDKError, EthosNamespace, memoryKeyStore, noopStore, } from "../src/index.js";
+import { serializeRecoveryFile } from "../src/internal/recovery-file.js";
+import { DEFAULT_SDK_ENDPOINTS } from "../src/endpoints.js";
+let fetchCalls = [];
+let savedFetch;
+function installFetchMock(handlers) {
+    savedFetch = globalThis.fetch;
+    fetchCalls = [];
+    globalThis.fetch = (async (input, init) => {
+        const url = String(input);
+        const method = init?.method ?? "GET";
+        const bodyText = typeof init?.body === "string"
+            ? init.body
+            : init?.body == null
+                ? null
+                : String(init.body);
+        const body = bodyText ? JSON.parse(bodyText) : null;
+        const call = { url, method, body };
+        fetchCalls.push(call);
+        for (const h of handlers) {
+            if (!url.includes(h.url))
+                continue;
+            if (h.rpcMethod && body?.method !== h.rpcMethod)
+                continue;
+            const out = h.respond(call);
+            const status = out.status ?? 200;
+            return new Response(JSON.stringify(out.json), {
+                status,
+                headers: { "content-type": "application/json" },
+            });
+        }
+        throw new Error(`unhandled fetch: ${method} ${url} (rpc: ${body?.method ?? "n/a"})`);
+    });
+}
+function uninstallFetchMock() {
+    if (savedFetch) {
+        globalThis.fetch = savedFetch;
+        savedFetch = undefined;
+    }
+    fetchCalls = [];
+}
+function makeAuth() {
+    return new AithosAuth({
+        authBaseUrl: "https://auth.test",
+        apiBaseUrl: "https://api.test",
+        fetch: (() => {
+            throw new Error("AithosAuth.fetch must not be called in these tests");
+        }),
+        sessionStore: noopStore(),
+        keyStore: memoryKeyStore(),
+    });
+}
+function makeNamespace(auth) {
+    return new EthosNamespace({
+        auth,
+        endpoints: DEFAULT_SDK_ENDPOINTS,
+        // EthosNamespace itself doesn't read fetch from this slot today;
+        // protocol-client uses the global fetch we mock above.
+        fetch: globalThis.fetch.bind(globalThis),
+    });
+}
+async function signInAsAlice(auth) {
+    const id = createBrowserIdentity("alice", "Alice");
+    const { text } = serializeRecoveryFile(id);
+    const info = await auth.signInWithRecovery({ file: text });
+    return { did: info.did };
+}
+function noEditionYetResponse() {
+    // Mirrors the server's primitives-read `notFound("edition for <did>")`:
+    // JSON-RPC error code -32020, message starts with "not found: edition for ".
+    return {
+        json: {
+            jsonrpc: "2.0",
+            id: "aithos.get_ethos_manifest",
+            error: {
+                code: -32020,
+                message: "not found: edition for did:aithos:zSomething",
+            },
+        },
+    };
+}
+function publishOkResponse() {
+    return {
+        json: {
+            jsonrpc: "2.0",
+            id: "publish_ethos_edition",
+            result: { ok: true, height: 1, manifest_uri: "s3://aithos/.../manifest.json" },
+        },
+    };
+}
+/* -------------------------------------------------------------------------- */
+/*  Tests                                                                     */
+/* -------------------------------------------------------------------------- */
+describe("EthosClient — fresh Ethos (no edition published yet)", () => {
+    beforeEach(() => {
+        fetchCalls = [];
+    });
+    afterEach(() => {
+        uninstallFetchMock();
+    });
+    it("zone(public).sections() returns [] when server says 'not found: edition'", async () => {
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+        ]);
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        const sections = await me.zone("public").sections();
+        assert.deepEqual(sections, []);
+    });
+    it("zone(public).sections() reflects locally staged adds even when no edition exists", async () => {
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+        ]);
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        me.zone("public").addSection({ title: "Hello", body: "World" });
+        const sections = await me.zone("public").sections();
+        assert.equal(sections.length, 1);
+        assert.equal(sections[0].title, "Hello");
+    });
+    it("publish() routes to publish_ethos_edition with height=1 on first publish", async () => {
+        let publishBody = null;
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+            {
+                url: "/mcp/primitives/write",
+                rpcMethod: "aithos.publish_ethos_edition",
+                respond: (call) => {
+                    publishBody = call.body;
+                    return publishOkResponse();
+                },
+            },
+        ]);
+        const auth = makeAuth();
+        const alice = await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        me.zone("public").addSection({ title: "First", body: "Hello." });
+        me.zone("public").addSection({ title: "Second", body: "World." });
+        const r = await me.publish();
+        assert.equal(r.editionHeight, 1);
+        assert.equal(r.subjectDid, alice.did);
+        assert.deepEqual(r.zonesPublished, ["public"]);
+        // Verify the wire shape: JSON-RPC publish_ethos_edition with a height=1
+        // manifest containing both staged sections.
+        assert.equal(publishBody.method, "aithos.publish_ethos_edition");
+        const manifest = publishBody.params.manifest;
+        assert.equal(manifest.edition.height, 1);
+        assert.equal(manifest.edition.prev_hash, null);
+        assert.equal(manifest.edition.supersedes, null);
+        assert.deepEqual(manifest.zones.public.section_titles, ["First", "Second"]);
+        // Envelope is signed under #public.
+        const env = publishBody.params._envelope;
+        assert.equal(env.method, "aithos.publish_ethos_edition");
+        assert.match(env.proof.verificationMethod, /#public$/);
+    });
+    it("publish() accepts circle mutations on first edition with auto-injected public sentinel", async () => {
+        // Regression target: this used to throw `ethos_first_edition_public_only`.
+        // Since aithos-sdk@0.1.0-alpha.43 + protocol-client@0.1.0-alpha.14, the
+        // SDK auto-injects an `aithos-init` public section and seals the circle
+        // sections in the same height=1 manifest.
+        let publishBody = null;
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+            {
+                url: "/mcp/primitives/write",
+                rpcMethod: "aithos.publish_ethos_edition",
+                respond: (call) => {
+                    publishBody = call.body;
+                    return publishOkResponse();
+                },
+            },
+        ]);
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        me.zone("circle").addSection({ title: "Private", body: "..." });
+        const r = await me.publish();
+        assert.equal(r.editionHeight, 1);
+        assert.deepEqual(r.zonesPublished, ["public", "circle"]);
+        const manifest = publishBody.params.manifest;
+        assert.equal(manifest.edition.height, 1);
+        assert.equal(manifest.edition.prev_hash, null);
+        // Auto-injected sentinel.
+        assert.deepEqual(manifest.zones.public.section_titles, ["aithos-init"]);
+        assert.equal(manifest.zones.public.encrypted, false);
+        // Sealed circle zone.
+        assert.deepEqual(manifest.zones.circle.section_titles, ["Private"]);
+        assert.equal(manifest.zones.circle.encrypted, true);
+        assert.ok(manifest.zones.circle.cipher, "circle cipher must be present");
+        // Both zones uploaded.
+        assert.ok(publishBody.params.zones.public?.bytes_base64);
+        assert.ok(publishBody.params.zones.circle?.bytes_base64);
+        assert.equal(publishBody.params.zones.self, undefined);
+    });
+    it("publish() preserves the caller's explicit public section when mixed with circle", async () => {
+        // When the caller stages BOTH a public and a circle add, the SDK
+        // must NOT inject a sentinel — the user's public section is enough.
+        let publishBody = null;
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+            {
+                url: "/mcp/primitives/write",
+                rpcMethod: "aithos.publish_ethos_edition",
+                respond: (call) => {
+                    publishBody = call.body;
+                    return publishOkResponse();
+                },
+            },
+        ]);
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        me.zone("public").addSection({ title: "About", body: "Public bio." });
+        me.zone("circle").addSection({ title: "Notes", body: "Private notes." });
+        const r = await me.publish();
+        assert.deepEqual(r.zonesPublished, ["public", "circle"]);
+        const manifest = publishBody.params.manifest;
+        // No sentinel — the user's section is the public titles entry.
+        assert.deepEqual(manifest.zones.public.section_titles, ["About"]);
+        assert.deepEqual(manifest.zones.circle.section_titles, ["Notes"]);
+    });
+    it("publish() auto-injects public sentinel when only self mutations are staged", async () => {
+        let publishBody = null;
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+            {
+                url: "/mcp/primitives/write",
+                rpcMethod: "aithos.publish_ethos_edition",
+                respond: (call) => {
+                    publishBody = call.body;
+                    return publishOkResponse();
+                },
+            },
+        ]);
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        me.zone("self").addSection({ title: "Journal", body: "Private." });
+        const r = await me.publish();
+        assert.deepEqual(r.zonesPublished, ["public", "self"]);
+        const manifest = publishBody.params.manifest;
+        assert.deepEqual(manifest.zones.public.section_titles, ["aithos-init"]);
+        assert.deepEqual(manifest.zones.self.section_titles, ["Journal"]);
+        assert.equal(manifest.zones.self.encrypted, true);
+        assert.equal(manifest.zones.circle, undefined);
+    });
+    it("publish() lands public + circle + self in a single height=1 edition", async () => {
+        let publishBody = null;
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+            {
+                url: "/mcp/primitives/write",
+                rpcMethod: "aithos.publish_ethos_edition",
+                respond: (call) => {
+                    publishBody = call.body;
+                    return publishOkResponse();
+                },
+            },
+        ]);
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        me.zone("public").addSection({ title: "Bio", body: "Bio body." });
+        me.zone("circle").addSection({ title: "Circle", body: "Circle body." });
+        me.zone("self").addSection({ title: "Self", body: "Self body." });
+        const r = await me.publish();
+        assert.equal(r.editionHeight, 1);
+        assert.deepEqual(r.zonesPublished, ["public", "circle", "self"]);
+        const manifest = publishBody.params.manifest;
+        assert.deepEqual(manifest.zones.public.section_titles, ["Bio"]);
+        assert.deepEqual(manifest.zones.circle.section_titles, ["Circle"]);
+        assert.deepEqual(manifest.zones.self.section_titles, ["Self"]);
+        assert.ok(publishBody.params.zones.public?.bytes_base64);
+        assert.ok(publishBody.params.zones.circle?.bytes_base64);
+        assert.ok(publishBody.params.zones.self?.bytes_base64);
+    });
+    it("publish() rejects update/delete operations on a fresh Ethos", async () => {
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+        ]);
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        // Stage a delete for a section that doesn't exist (no edition exists at all).
+        me.zone("public")["_parent"]; // type-safety placeholder; we use the public API
+        // EthosZone exposes deleteSection — go via that.
+        me.zone("public").deleteSection("sec_doesnotexist000");
+        await assert.rejects(() => me.publish(), (e) => e instanceof AithosSDKError && e.code === "ethos_first_edition_invalid_op");
+    });
+    it("publish() surfaces server JSON-RPC errors as ethos_first_edition_rejected", async () => {
+        installFetchMock([
+            {
+                url: "/mcp/primitives/read",
+                rpcMethod: "aithos.get_ethos_manifest",
+                respond: noEditionYetResponse,
+            },
+            {
+                url: "/mcp/primitives/write",
+                rpcMethod: "aithos.publish_ethos_edition",
+                respond: () => ({
+                    json: {
+                        jsonrpc: "2.0",
+                        id: "publish_ethos_edition",
+                        error: {
+                            code: -32020,
+                            message: "subject identity not published (call publish_identity first)",
+                        },
+                    },
+                }),
+            },
+        ]);
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const me = makeNamespace(auth).me();
+        me.zone("public").addSection({ title: "Hi", body: "There." });
+        await assert.rejects(() => me.publish(), (e) => e instanceof AithosSDKError && e.code === "ethos_first_edition_rejected");
+    });
+});
+//# sourceMappingURL=ethos-first-edition.test.js.map

package/dist/test/mandates-compute.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=mandates-compute.test.d.ts.map

package/dist/test/mandates-compute.test.js

@@ -0,0 +1,256 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+/**
+ * Tests for the `compute` namespace on `MandatesNamespace.create`.
+ *
+ * Invariants under test (mirror of the protocol-core v0.4.0 invariants,
+ * enforced at the SDK boundary so callers fail fast with a precise
+ * error rather than only blowing up server-side):
+ *
+ *   1. Passing `compute.invoke` directly in `scopes[]` is rejected.
+ *      The opt-in must go through the typed `compute` namespace, which
+ *      is what a consent UI can review.
+ *   2. The `compute` namespace requires at least one of
+ *      `dailyCapMicrocredits` or `totalCapMicrocredits` — an unbounded
+ *      compute mandate is the bearer-token footgun this whole namespace
+ *      exists to prevent.
+ *   3. Numeric caps must be positive integers.
+ *   4. `allowedModels`, when present, must be an array of non-empty
+ *      strings.
+ *   5. A compute-only mandate (`scopes: []` + `compute: {…}`) is
+ *      legitimate and accepted — the grantee gets no ethos data
+ *      access, only bounded compute spending. Empty scopes WITHOUT
+ *      compute is still rejected.
+ *
+ * Network-dependent paths (real mint, list, revoke) ride on the same
+ * integration suite as the rest of the namespace — see the note in
+ * `mandates.test.ts`. We intentionally don't go through `mintDelegateBundle`
+ * here; failures fire BEFORE that boundary.
+ */
+import { strict as assert } from "node:assert";
+import { describe, it } from "node:test";
+import { createBrowserIdentity } from "@aithos/protocol-client";
+import { AithosAuth, AithosSDKError, COMPUTE_INVOKE_SCOPE, MandatesNamespace, memoryKeyStore, noopStore, } from "../src/index.js";
+import { DEFAULT_SDK_ENDPOINTS } from "../src/endpoints.js";
+import { serializeRecoveryFile } from "../src/internal/recovery-file.js";
+function makeAuth() {
+    return new AithosAuth({
+        authBaseUrl: "https://auth.test",
+        fetch: (() => {
+            throw new Error("network not expected");
+        }),
+        sessionStore: noopStore(),
+        keyStore: memoryKeyStore(),
+    });
+}
+function makeMandates(auth) {
+    return new MandatesNamespace({
+        auth,
+        endpoints: DEFAULT_SDK_ENDPOINTS,
+        fetch: globalThis.fetch.bind(globalThis),
+    });
+}
+async function signInAsAlice(auth) {
+    const id = createBrowserIdentity("alice", "Alice");
+    const { text } = serializeRecoveryFile(id);
+    const info = await auth.signInWithRecovery({ file: text });
+    return info.did;
+}
+/* -------------------------------------------------------------------------- */
+/*  Constant export sanity                                                    */
+/* -------------------------------------------------------------------------- */
+describe("COMPUTE_INVOKE_SCOPE constant", () => {
+    it("is the canonical 'compute.invoke' string", () => {
+        assert.equal(COMPUTE_INVOKE_SCOPE, "compute.invoke");
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Smuggling guard: compute.invoke in scopes[] is rejected                   */
+/* -------------------------------------------------------------------------- */
+describe("MandatesNamespace.create — compute.invoke smuggling guard", () => {
+    it("rejects a mandate that smuggles compute.invoke into scopes[]", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            // Up-cast through string[] — this is exactly the path the
+            // runtime check has to catch. Type-checking can't (the union
+            // doesn't include "compute.invoke", but cast slips through).
+            scopes: ["ethos.read.public", "compute.invoke"],
+            ttlSeconds: 3600,
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_scopes" &&
+            /compute' namespace/.test(e.message));
+    });
+    it("rejects even when 'compute.invoke' is the ONLY scope passed", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["compute.invoke"],
+            ttlSeconds: 3600,
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_scopes");
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Compute namespace — input validation                                      */
+/* -------------------------------------------------------------------------- */
+describe("MandatesNamespace.create — compute namespace validation", () => {
+    it("rejects compute namespace with no caps at all", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+            compute: {}, // empty — neither daily nor total cap
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_compute" &&
+            /at least one of dailyCapMicrocredits or totalCapMicrocredits/.test(e.message));
+    });
+    it("rejects compute namespace with only allowedModels (no cap)", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+            compute: { allowedModels: ["claude-haiku-4-5"] },
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_compute");
+    });
+    it("rejects non-positive caps", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        for (const bad of [0, -1, 3.14]) {
+            await assert.rejects(() => m.create({
+                granteeId: "urn:agent:bob",
+                scopes: ["ethos.read.public"],
+                ttlSeconds: 3600,
+                compute: { dailyCapMicrocredits: bad },
+            }), (e) => e instanceof AithosSDKError &&
+                e.code === "mandates_invalid_compute" &&
+                /must be a positive integer/.test(e.message), `expected rejection for dailyCapMicrocredits=${bad}`);
+        }
+    });
+    it("rejects malformed allowedModels (empty string entry)", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+            compute: {
+                dailyCapMicrocredits: 5_000,
+                allowedModels: ["claude-haiku-4-5", ""],
+            },
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_compute" &&
+            /allowedModels entries must be non-empty strings/.test(e.message));
+    });
+    it("rejects allowedModels that is not an array", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+            compute: {
+                dailyCapMicrocredits: 5_000,
+                // @ts-expect-error — runtime check guards against bad casts
+                allowedModels: "claude-haiku-4-5",
+            },
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_compute");
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Read-only mandate is unaffected                                           */
+/* -------------------------------------------------------------------------- */
+describe("MandatesNamespace.create — read-only mandates unaffected", () => {
+    it("does NOT reject a clean read-only mandate (no compute, no smuggling)", async () => {
+        // We can't run the full mint here because the installed
+        // @aithos/protocol-core (0.5.1, pre-0.4.0-mandate) doesn't yet
+        // accept compute.invoke on the public sphere whitelist — the real
+        // mint would still succeed for a read-only mandate, but it goes
+        // out to S3 etc. Instead we check the synchronous validation
+        // surface: passing a clean read-only input must not throw before
+        // the mint call.
+        //
+        // (The async `m.create(...)` would still error later on the
+        // network path — that's the integration suite's job.)
+        //
+        // What we ARE asserting here: no SDK-side validation rejection.
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        // The mint will fail with a network error (fetch throws), but
+        // crucially NOT with a validation error — that proves our compute
+        // guard is precisely scoped to compute-related inputs.
+        await assert.rejects(() => m.create({
+            granteeId: "urn:viewer:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+        }), (e) => {
+            if (!(e instanceof AithosSDKError))
+                return true; // any non-validation error fine
+            const code = e.code;
+            // Anything except a validation rejection is fine — the network
+            // is not wired up in this fake auth.
+            return (code !== "mandates_invalid_scopes" &&
+                code !== "mandates_invalid_compute");
+        });
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Compute-only mandate (scopes: [] + compute namespace)                     */
+/* -------------------------------------------------------------------------- */
+describe("MandatesNamespace.create — compute-only mandate", () => {
+    it("accepts an empty scopes[] when compute is provided (no ethos data access, just bounded spending)", async () => {
+        // Same caveat as the "read-only unaffected" suite: the installed
+        // @aithos/protocol-core does not yet whitelist compute.invoke on
+        // the public sphere, so the real `mintDelegateBundle` call would
+        // still reject downstream. What this test proves is that the
+        // SDK validation layer (a) does NOT throw `mandates_invalid_scopes`
+        // for the empty list when compute is set, and (b) does NOT throw
+        // `mandates_invalid_compute` for a properly-capped budget. The
+        // request is allowed to proceed past validation.
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:creative",
+            scopes: [], // no ethos data access
+            ttlSeconds: 3600,
+            compute: { dailyCapMicrocredits: 1_000 },
+        }), (e) => {
+            if (!(e instanceof AithosSDKError))
+                return true;
+            const code = e.code;
+            // Validation must NOT have rejected this input.
+            return (code !== "mandates_invalid_scopes" &&
+                code !== "mandates_invalid_compute");
+        });
+    });
+    it("STILL rejects empty scopes[] when compute is NOT provided", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: [],
+            ttlSeconds: 3600,
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_scopes" &&
+            /compute-only mandate/.test(e.message));
+    });
+});
+//# sourceMappingURL=mandates-compute.test.js.map

package/dist/test/sdk.test.js

@@ -33,6 +33,9 @@ describe("DEFAULT_SDK_ENDPOINTS", () => {
     it("points at the production Aithos hosts", () => {
         assert.equal(DEFAULT_SDK_ENDPOINTS.compute, "https://compute.aithos.be");
         assert.equal(DEFAULT_SDK_ENDPOINTS.wallet, "https://wallet.aithos.be");
+        assert.equal(DEFAULT_SDK_ENDPOINTS.web, "https://extract.aithos.be");
+        assert.equal(DEFAULT_SDK_ENDPOINTS.pds, "https://pds.aithos.be");
+        assert.equal(DEFAULT_SDK_ENDPOINTS.assets, "https://assets.aithos.be");
     });
 });
 describe("AithosSDK constructor", () => {
@@ -101,7 +104,12 @@ describe("AithosSDK constructor", () => {
         assert.equal(typeof sdk.ethos.me, "function");
         assert.equal(typeof sdk.mandates.create, "function");
     });
-    it("compute.invokeBedrock rejects when no owner is signed in", async () => {
+    it("compute.invokeBedrock rejects when no owner AND no delegate matches the mandate", async () => {
+        // Since alpha.9, invokeBedrock supports a delegate signing path. The
+        // failure mode here (no owner loaded AND no imported mandate matching
+        // the requested id) returns code `sdk_no_delegate_for_mandate`.
+        // The previous `sdk_no_owner` code now applies only to other entry
+        // points where there's no delegate fallback.
         const auth = makeAuth();
         const sdk = new AithosSDK({
             auth,
@@ -114,7 +122,8 @@ describe("AithosSDK constructor", () => {
             mandateId: "mandate:x",
             model: "claude-sonnet-4-6",
             messages: [{ role: "user", content: "hi" }],
-        }), (e) => e instanceof AithosSDKError && e.code === "sdk_no_owner");
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "sdk_no_delegate_for_mandate");
     });
 });
 //# sourceMappingURL=sdk.test.js.map

package/dist/test/signup-bootstrap.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=signup-bootstrap.test.d.ts.map