@alfe.ai/openclaw-sync 0.0.16 → 0.0.18

package/dist/index.d.ts

@@ -1,61 +1,7 @@
 import plugin, { SyncPluginConfig } from "./plugin.js";
 
-//#region src/config.d.ts
-
-/**
- * AlfeSync configuration.
- *
- * Derives credentials from `@alfe.ai/config` (~/.alfe/config.toml) so the
- * sync plugin works on any agent that's already logged in — no separate
- * `.alfesync/config.json` or manual `alfesync init` required.
- *
- * The only field not directly in @alfe.ai/config is `agentId`, which is
- * resolved once at startup by calling POST /auth/validate (same pattern
- * the gateway daemon uses to bootstrap its own identity).
- */
-interface SyncConfig {
-  agentId: string;
-  orgId: string;
-  token: string;
-  workspacePath: string;
-  apiUrl: string;
-}
-/**
- * Local on-disk state directory (manifest, etc.) — separate from credentials.
- * Lives under ~/.alfe/sync/ so sync state stays alongside the rest of Alfe's
- * agent state, not scattered across the workspace.
- */
-declare function syncStateDir(): string;
-/**
- * True if the agent has logged in (~/.alfe/config.toml exists).
- * Sync needs no separate initialization — login is enough.
- */
-declare function isInitialized(): boolean;
-/**
- * Invalidate the in-memory config cache. Call after login changes.
- */
-declare function invalidateSyncConfigCache(): void;
-/**
- * Resolve the full sync config — apiKey + apiUrl from @alfe.ai/config,
- * agentId/orgId fetched once from /auth/validate.
- *
- * Returns null if the agent isn't logged in or validation fails.
- * Callers that require config should use requireConfig().
- *
- * Concurrent callers share a single in-flight promise; failures are
- * not cached so a transient API blip doesn't poison the process.
- */
-declare function resolveSyncConfig(): Promise<SyncConfig | null>;
-/**
- * Resolve config or throw with a clear message. Use in CLI entry points.
- */
-declare function requireConfig(): Promise<SyncConfig>;
-/**
- * Local-only check: does the on-disk sync state directory exist?
- * Used by manifest loading to decide whether to create it.
- */
-//#endregion
 //#region src/manifest.d.ts
+
 /**
  * AlfeSync manifest — local file manifest at `~/.alfe/sync/manifest.json`.
  *
@@ -153,197 +99,1004 @@ declare function shouldIgnore(relativePath: string, patterns: string[]): boolean
 declare function filterIgnored(paths: string[], patterns: string[]): string[];
 //# sourceMappingURL=ignore.d.ts.map
 //#endregion
-//#region src/api-client.d.ts
-interface ApiClientConfig {
+//#region ../agent-api-client/dist/index.d.ts
+//#region ../../packages-internal/types/dist/access.d.ts
+
+/**
+ * The four resource scopes at which a permission can apply.
+ * Order is meaningful: broader scopes first (`org`) → narrower last (`agent`).
+ *
+ * `IntegrationScope` in integration.ts and `SecretScope` in secrets.ts are
+ * intentional aliases of this same enum — there is only one concept of
+ * "scope" in Alfe.
+ */
+declare const ResourceScope: {
+  readonly Org: "org";
+  readonly Team: "team";
+  readonly Project: "project";
+  readonly Agent: "agent";
+};
+type ResourceScope = (typeof ResourceScope)[keyof typeof ResourceScope];
+/** Ordered tuple of resource scope string values (broad → narrow). */
+//#endregion
+//#region ../../packages-internal/types/dist/integration.d.ts
+/** Controls where an integration appears: public (everyone), hidden (nowhere) */
+declare const IntegrationVisibility: {
+  readonly Public: "public";
+  readonly Hidden: "hidden";
+};
+type IntegrationVisibility = (typeof IntegrationVisibility)[keyof typeof IntegrationVisibility];
+/** Scope at which an integration is installed */
+declare const IntegrationScope: {
+  readonly Org: "org";
+  readonly Team: "team";
+  readonly Project: "project";
+  readonly Agent: "agent";
+};
+type IntegrationScope = ResourceScope;
+declare const IntegrationDesiredStatus: {
+  readonly Active: "active";
+  readonly Removed: "removed";
+};
+type IntegrationDesiredStatus = (typeof IntegrationDesiredStatus)[keyof typeof IntegrationDesiredStatus];
+declare const IntegrationActualStatus: {
+  readonly Installing: "installing";
+  readonly Active: "active";
+  readonly Error: "error";
+  readonly Removing: "removing";
+  readonly Inactive: "inactive";
+  readonly Unknown: "unknown";
+};
+type IntegrationActualStatus = (typeof IntegrationActualStatus)[keyof typeof IntegrationActualStatus];
+interface IntegrationInstall {
+  scope: IntegrationScope;
+  scopeId: string;
+  integrationId: string;
+  tenantId: string;
+  desiredStatus: IntegrationDesiredStatus;
+  actualStatus: IntegrationActualStatus;
+  version: string;
+  config: Record<string, unknown>;
+  errorMessage: string;
+  installedAt: string;
+  updatedAt: string;
+}
+/** @deprecated Use IntegrationInstall instead */
+
+interface IntegrationConfigSchemaField {
+  key: string;
+  label: string;
+  type: string;
+  description?: string;
+  required?: boolean;
+  default?: string | number | boolean;
+  options?: string[];
+  select_options?: {
+    value: string;
+    label: string;
+  }[];
+  oauth_provider?: string;
+  oauth_scopes?: string[];
+  oauth_integration_id?: string;
+  editable?: string;
+  hidden?: boolean;
+}
+interface IntegrationConfigResult {
+  integrationId: string;
+  config: Record<string, unknown>;
+  configSchema: IntegrationConfigSchemaField[];
+}
+interface RegistryEntry {
+  id: string;
+  name: string;
+  description: string;
+  versions: string[];
+  latest: string;
+  repository: string;
+  commit: string;
+  icon?: string;
+  author?: {
+    name: string;
+    url?: string;
+  } | string;
+  pricing?: {
+    type: "free" | "paid" | "usage";
+    price?: number;
+    currency?: string;
+    interval?: "month" | "year";
+    description?: string;
+  };
+  features?: string[];
+  preview_images?: string[];
+  config_schema?: IntegrationConfigSchemaField[];
+  supported_agents?: string[];
+  /** Scopes where this integration can be installed */
+  supported_scopes?: IntegrationScope[];
+  /** Visibility status — controls where integration appears */
+  visibility?: IntegrationVisibility;
+}
+//# sourceMappingURL=integration.d.ts.map
+//#endregion
+//#region ../../packages-internal/types/dist/secrets.d.ts
+/** Scope levels at which a secret can be owned. Aliased to ResourceScope. */
+type SecretScope = ResourceScope;
+/**
+ * v1 encrypted envelope as persisted by services/secrets and exchanged with
+ * agents. Values are AES-256-GCM ciphertext; iv/authTag/ciphertext/dataKeyCiphertext
+ * are all base64-encoded.
+ */
+interface EncryptedEnvelopeV1 {
+  version: 1;
+  iv: string;
+  ciphertext: string;
+  authTag: string;
+  dataKeyCiphertext: string;
+}
+/**
+ * Display/validation hint for a field's value. `"json"` signals that the
+ * string is a JSON-stringified payload that consumers should `JSON.parse`.
+ */
+declare const FIELD_FORMATS: readonly ["text", "email", "url", "phone", "date", "number", "json"];
+type FieldFormat = (typeof FIELD_FORMATS)[number];
+/**
+ * Whether a field is stored in plaintext (visible to anyone with read access)
+ * or encrypted (requires KMS + the right encryption context to read).
+ */
+declare const FIELD_SENSITIVITIES: readonly ["plaintext", "encrypted"];
+type FieldSensitivity = (typeof FIELD_SENSITIVITIES)[number];
+/**
+ * A field on a secret. `value` is always a string at the wire; for encrypted
+ * fields it's the plaintext at the API edge (the service encrypts before
+ * persistence). Reads from the dashboard omit `value` for encrypted fields;
+ * agents get a `FieldEnvelope` instead and decrypt locally.
+ */
+
+/**
+ * Secret category — drives icon/template/filter behaviour. Defaults to
+ * `"other"` for migrated rows.
+ */
+declare const SECRET_CATEGORIES: readonly ["login", "api_key", "database", "ssh_key", "certificate", "secure_note", "credit_card", "identity", "wifi", "other"];
+type SecretCategory = (typeof SECRET_CATEGORIES)[number];
+/**
+ * One field as exposed to readers. Encrypted fields have no `value` on the
+ * dashboard read path; the agent-side aggregate carries `envelope` instead.
+ */
+interface FieldView {
+  key: string;
+  format?: FieldFormat;
+  sensitivity: FieldSensitivity;
+  /** Present for `sensitivity: "plaintext"` only. */
+  value?: string;
+  /** Present for `sensitivity: "encrypted"` on agent-side reads only. */
+  envelope?: EncryptedEnvelopeV1;
+  /** Plaintext fields that opt into `format: "json"` are pre-parsed for callers. */
+  parsedValue?: unknown;
+  rotatedAt?: string;
+  createdAt: string;
+  updatedAt: string;
+}
+/** A secret as assembled from its multi-row aggregate. */
+interface SecretAggregate {
+  secretId: string;
+  secretName: string;
+  description?: string;
+  tags: string[];
+  category: SecretCategory;
+  fields: FieldView[];
+  changelogVersion: number;
+  createdAt: string;
+  updatedAt: string;
+}
+/** Metadata-only projection — used by list endpoints. */
+interface SecretMetadata {
+  secretId: string;
+  secretName: string;
+  description?: string;
+  tags: string[];
+  category: SecretCategory;
+  fieldKeys: string[];
+  changelogVersion: number;
+  createdAt: string;
+  updatedAt: string;
+}
+/**
+ * Per-field encrypted envelope returned to agents on the agent-side aggregate.
+ * Agents decrypt locally using a data key fetched from `/decrypt-data-key`.
+ */
+interface FieldEnvelope {
+  key: string;
+  format?: FieldFormat;
+  envelope: EncryptedEnvelopeV1;
+  rotatedAt?: string;
+  createdAt: string;
+  updatedAt: string;
+}
+/** A scope the caller can read or write secrets in. */
+interface ScopeInfo {
+  scope: SecretScope;
+  scopeId: string;
+  name?: string;
+}
+/**
+ * KMS-issued data key, returned by the secrets service's
+ * `/secrets/generate-data-key` KMS proxy endpoint. The plaintext key is
+ * returned base64-encoded; callers MUST decode it to a Buffer and zero the
+ * Buffer after use — never keep the plaintext as a JS string.
+ */
+interface GeneratedDataKey {
+  plaintextKey: string;
+  dataKeyCiphertext: string;
+}
+/**
+ * Action types recorded in the secret changelog. Append-only.
+ */
+declare const CHANGELOG_ACTIONS: readonly ["created", "deleted", "metadata_updated", "field_added", "field_rotated", "field_removed", "tag_added", "tag_removed"];
+type ChangelogAction = (typeof CHANGELOG_ACTIONS)[number];
+/** Who triggered a changelog entry. */
+interface ChangelogActor {
+  kind: "user" | "agent" | "system";
+  id: string;
+}
+/**
+ * One audit row from the secret's changelog. Metadata only — never carries
+ * field VALUES (old or new). Rolling back a rotated secret is intentionally
+ * not supported.
+ */
+interface ChangelogEntry {
+  changelogVersion: number;
+  action: ChangelogAction;
+  fieldKey?: string;
+  fieldSensitivity?: FieldSensitivity;
+  changedBy: ChangelogActor;
+  reason?: string;
+  timestamp: string;
+}
+//# sourceMappingURL=secrets.d.ts.map
+//#endregion
+//#region src/index.d.ts
+interface AgentApiClientConfig {
+  apiKey: string;
   apiUrl: string;
-  token: string;
+}
+interface SyncAgentInfo {
   agentId: string;
+  tenantId: string;
+  displayName: string;
+  s3Prefix: string;
+  status: "stale" | "syncing" | "synced";
+  fileCount?: number;
+  totalSize?: number;
+  lastSync?: string;
 }
-interface PresignResult {
-  path: string;
-  url: string;
-  expiresAt: string;
+interface SyncManifestEntry {
+  hash: string;
+  size: number;
+  modified: string;
+  etag?: string;
+  storageClass?: string;
+  compressed?: boolean;
 }
-interface AgentStats {
+interface SyncManifest {
+  version: 1;
   agentId: string;
-  standardBytes: number;
-  glacierBytes: number;
-  fileCount: number;
-  lastSyncAt: string | null;
+  lastSync: string;
+  files: Record<string, SyncManifestEntry>;
 }
-interface RegisterAgentResult {
-  agent: {
-    agentId: string;
-    orgId: string;
-    displayName: string;
-    status: string;
-    createdAt: string;
-  };
+interface SyncPresignedUrl {
+  path: string;
+  url: string;
+  expiresAt: string;
 }
-interface ConfirmResult {
+interface SyncConfirmedUpload {
   filePath: string;
   hash: string;
   size: number;
-  storageClass: string;
+  storageClass: "STANDARD" | "GLACIER_IR";
   syncedAt: string;
 }
-interface ReconstructResult {
+interface SyncReconstructFile {
+  path: string;
+  size: number;
+  url: string;
+  storageClass?: string;
+  compressed?: boolean;
+}
+interface SyncReconstructBundle {
   agentId: string;
   mode: "full" | "active" | "memory";
   fileCount: number;
   totalSize: number;
-  files: {
-    path: string;
-    url: string;
-    size: number;
-    compressed: boolean;
-    expiresAt: string;
-  }[];
-  generatedAt: string;
+  files: SyncReconstructFile[];
   expiresAt: string;
 }
-interface FileHistoryEntry {
-  versionId: string;
-  isLatest: boolean;
+interface SyncAgentStats {
+  agentId: string;
+  standardBytes: number;
+  glacierBytes: number;
+  fileCount: number;
+  lastSyncAt: string | null;
+}
+interface SyncFileEntry {
+  filePath: string;
+  size: number;
+  modified: string;
+  contentHash: string;
+  storageClass?: string;
+  compressed?: boolean;
+}
+interface SyncSessionEntry {
+  sessionId: string;
+  size: number;
   lastModified: string;
+  storageClass?: string;
+  isArchived: boolean;
+}
+interface SyncSessionContent {
+  sessionId: string;
+  content: string;
+  compressed: boolean;
+}
+interface SharedFileEntry {
+  filePath: string;
+  fileName: string;
   size: number;
-  etag?: string;
+  contentType?: string;
 }
-/**
- * Create an AlfeSync API client.
- */
-declare function createApiClient(config: ApiClientConfig): {
-  /**
-   * Get the remote manifest for this agent.
-   */
-  getManifest(): Promise<RemoteManifest>;
-  /**
-   * Request a presigned PUT URL for uploading a file.
-   */
-  presignPut(filePath: string, contentType?: string): Promise<PresignResult>;
-  /**
-   * Request presigned PUT URLs for multiple files.
-   */
-  presignPutBatch(files: {
-    path: string;
-    contentType?: string;
-  }[]): Promise<PresignResult[]>;
-  /**
-   * Confirm a presigned upload completed — updates DynamoDB.
-   */
-  confirmUpload(filePath: string, hash: string, size: number, storageClass?: "STANDARD" | "GLACIER_IR"): Promise<ConfirmResult>;
-  /**
-   * Request a presigned GET URL for downloading a file.
-   */
-  presignGet(filePath: string): Promise<PresignResult>;
+declare class AgentApiClient {
+  private readonly apiKey;
+  private readonly apiUrl;
+  constructor(config: AgentApiClientConfig);
+  private request;
+  syncRegister(args?: {
+    displayName?: string;
+  }): Promise<{
+    agent: SyncAgentInfo;
+  }>;
+  syncGetManifest(): Promise<SyncManifest>;
+  syncPresign(args: {
+    files: {
+      path: string;
+      operation: "put" | "get";
+      contentType?: string;
+    }[];
+  }): Promise<{
+    urls: SyncPresignedUrl[];
+  }>;
+  syncConfirmUpload(args: {
+    filePath: string;
+    hash: string;
+    size: number;
+    storageClass?: "STANDARD" | "GLACIER_IR";
+  }): Promise<SyncConfirmedUpload>;
+  syncReconstruct(args: {
+    mode: "full" | "active" | "memory";
+  }): Promise<SyncReconstructBundle>;
+  syncGetStats(): Promise<SyncAgentStats>;
+  syncListFiles(args?: {
+    prefix?: string;
+  }): Promise<{
+    files: SyncFileEntry[];
+  }>;
+  syncListSessions(): Promise<{
+    sessions: SyncSessionEntry[];
+  }>;
+  syncGetSession(sessionId: string): Promise<SyncSessionContent>;
+  syncDeleteFile(filePath: string): Promise<{
+    removed: boolean;
+  }>;
+  sharedListFiles(args: {
+    scope: "org" | "team" | "project";
+    scopeId: string;
+  }): Promise<{
+    files: SharedFileEntry[];
+    nextCursor: string | null;
+  }>;
+  sharedDownloadUrl(args: {
+    scope: "org" | "team" | "project";
+    scopeId: string;
+    filePath: string;
+  }): Promise<{
+    downloadUrl: string;
+    expiresIn: number;
+  }>;
+  listIntegrations(): Promise<IntegrationInstall[]>;
+  getIntegrationConfig(integrationId: string): Promise<IntegrationConfigResult>;
+  updateIntegrationConfig(integrationId: string, config: Record<string, unknown>): Promise<void>;
+  installIntegration(integrationId: string, options?: {
+    version?: string;
+    config?: Record<string, unknown>;
+  }): Promise<IntegrationInstall>;
+  removeIntegration(integrationId: string): Promise<IntegrationInstall>;
+  getOAuthUrl(provider: string, scopes?: string[]): Promise<{
+    url: string;
+    provider: string;
+    expiresIn: number;
+  }>;
+  getOAuthStatus(provider: string): Promise<{
+    provider: string;
+    connected: boolean;
+    config?: Record<string, string>;
+  }>;
+  getRegistry(): Promise<{
+    integrations: RegistryEntry[];
+  }>;
+  getGoogleCredentials(): Promise<{
+    accounts?: {
+      email: string;
+      refreshToken: string;
+      clientId: string;
+      clientSecret: string;
+      enabledServices?: string[];
+      isDefault: boolean;
+      displayName?: string;
+    }[];
+    email: string;
+    refreshToken: string;
+    clientId: string;
+    clientSecret: string;
+    projectId: string;
+    enabledServices?: string[];
+  }>;
+  disconnectGoogleAccount(email: string): Promise<{
+    accounts: {
+      email: string;
+      displayName?: string;
+      isDefault: boolean;
+    }[];
+  }>;
+  setDefaultGoogleAccount(email: string): Promise<{
+    accounts: {
+      email: string;
+      displayName?: string;
+      isDefault: boolean;
+    }[];
+  }>;
+  getGoogleChatCredentials(): Promise<{
+    email: string;
+    refreshToken: string;
+    clientId: string;
+    clientSecret: string;
+    displayName?: string;
+  }>;
+  getGithubCredentials(): Promise<{
+    login: string;
+    accessToken: string;
+  }>;
+  getXeroCredentials(): Promise<{
+    accessToken: string;
+    accessTokenExpiresAt: string;
+    xeroTenantId: string;
+  }>;
+  refreshXeroToken(): Promise<{
+    accessToken: string;
+    expiresAt: string;
+  }>;
+  getNotionCredentials(): Promise<{
+    accessToken: string;
+    workspaceId: string;
+    workspaceName: string;
+  }>;
+  getAtlassianCredentials(): Promise<{
+    accessToken: string;
+    refreshToken: string;
+    accessTokenExpiresAt: string;
+    cloudId: string;
+    siteName: string;
+    siteUrl: string;
+    email: string;
+    enabledProducts: string[];
+    clientId: string;
+    clientSecret: string;
+  }>;
+  refreshAtlassianToken(): Promise<{
+    accessToken: string;
+    expiresAt: string;
+  }>;
+  getMYOBCredentials(): Promise<{
+    accessToken: string;
+    accessTokenExpiresAt: string;
+    myobBusinessId: string;
+    clientId: string;
+  }>;
+  refreshMYOBToken(): Promise<{
+    accessToken: string;
+    expiresAt: string;
+  }>;
+  getTeamsCredentials(): Promise<{
+    agentId: string;
+    tenantId: string;
+    azureAppId: string;
+    azureBotId: string;
+    azureClientSecret: string;
+    botDisplayName?: string;
+    teamsTenantId?: string;
+    serviceUrl?: string;
+  }>;
+  sendTeamsMessage(data: {
+    conversationId: string;
+    text?: string;
+    adaptiveCard?: Record<string, unknown>;
+  }): Promise<{
+    ok: boolean;
+    activityId: string;
+  }>;
+  listTeamsChannels(): Promise<{
+    channels: {
+      id: string;
+      name: string;
+      description?: string;
+    }[];
+  }>;
+  presignAttachments(files: {
+    filename: string;
+    mimeType: string;
+    size: number;
+  }[]): Promise<{
+    attachments: {
+      id: string;
+      uploadUrl: string;
+      downloadUrl: string;
+      s3Key: string;
+      expiresAt: string;
+    }[];
+  }>;
+  recordActivity(data: {
+    userId?: string;
+    channel: string;
+    role: "user" | "assistant";
+  }): Promise<{
+    recorded: boolean;
+  }>;
   /**
-   * Request presigned GET URLs for multiple files.
+   * Mint a fresh AES-256 data key for a specific (secret, field) pair. The
+   * encryption context is rebuilt server-side from `auth.tenantId` + the body
+   * fields including `fieldKey`; the agent cannot forge context for a scope
+   * or field it doesn't own. Legacy single-envelope secrets are migrated to
+   * `field#value` rows by the data migration, so call with `fieldKey: "value"`
+   * to reach them.
    */
-  presignGetBatch(paths: string[]): Promise<PresignResult[]>;
+  generateSecretDataKey(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+    fieldKey: string;
+  }): Promise<GeneratedDataKey>;
   /**
-   * Get agent storage stats.
+   * Unwrap a wrapped data key so the agent can decrypt the envelope locally.
+   * `fieldKey` MUST match the value supplied when the data key was generated
+   * (it's bound into KMS encryption context); mismatch fails with
+   * `InvalidCiphertextException`.
    */
-  getStats(): Promise<AgentStats>;
+  decryptSecretDataKey(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+    fieldKey: string;
+    dataKeyCiphertext: string;
+  }): Promise<{
+    plaintextKey: string;
+  }>;
   /**
-   * Register this agent with the sync service.
+   * Create a new secret with one or more fields. Encrypted fields must arrive
+   * pre-sealed (the agent has already obtained per-field data keys via
+   * `generateSecretDataKey({ ..., fieldKey })` and AES-encrypted locally).
+   * Plaintext fields ship the value inline.
    */
-  registerAgent(displayName?: string): Promise<RegisterAgentResult>;
+  createSecret(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+    secretName: string;
+    category?: SecretCategory;
+    description?: string;
+    tags?: string[];
+    fields: {
+      key: string;
+      format?: FieldFormat;
+      sensitivity: FieldSensitivity;
+      value?: string;
+      envelope?: EncryptedEnvelopeV1;
+    }[];
+    reason?: string;
+  }): Promise<SecretAggregate>;
+  /** Fetch the secret aggregate plus per-field encrypted envelopes. */
+  getSecret(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+  }): Promise<{
+    aggregate: SecretAggregate;
+    envelopes: FieldEnvelope[];
+  }>;
+  /** Fetch one field. Plaintext: value inline. Encrypted: envelope. */
+  getSecretField(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+    fieldKey: string;
+  }): Promise<{
+    key: string;
+    sensitivity: FieldSensitivity;
+    format?: FieldFormat;
+    value?: string;
+    envelope?: EncryptedEnvelopeV1;
+    rotatedAt?: string;
+    createdAt: string;
+    updatedAt: string;
+  }>;
+  /** Add OR rotate one field. */
+  setSecretField(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+    fieldKey: string;
+    sensitivity: FieldSensitivity;
+    format?: FieldFormat;
+    value?: string;
+    envelope?: EncryptedEnvelopeV1;
+    reason?: string;
+  }): Promise<{
+    fieldKey: string;
+    rotated: boolean;
+  }>;
+  /** Remove one field. */
+  removeSecretField(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+    fieldKey: string;
+  }): Promise<void>;
+  /** Update secret-level metadata (name/description/tags/category). */
+  updateSecretMetadata(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+    secretName?: string;
+    description?: string;
+    tags?: string[];
+    category?: SecretCategory;
+    reason?: string;
+  }): Promise<SecretAggregate>;
+  /** List metadata for secrets in a scope. Optional filters route through the byFacet GSI. */
+  listSecrets(args: {
+    scope: SecretScope;
+    scopeId: string;
+    category?: SecretCategory;
+    tag?: string;
+    fieldKey?: string;
+  }): Promise<SecretMetadata[]>;
+  /** Bounded changelog read — metadata-only audit entries. */
+  getSecretHistory(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+    limit?: number;
+    cursor?: string;
+  }): Promise<{
+    entries: ChangelogEntry[];
+    nextCursor?: string;
+  }>;
+  /** Delete a secret (and all its field rows + tag rows + changelog rows). */
+  deleteSecret(args: {
+    scope: SecretScope;
+    scopeId: string;
+    secretId: string;
+  }): Promise<void>;
+  /** Enumerate scopes (org/team/project/agent) this agent can access. */
+  listSecretScopes(): Promise<ScopeInfo[]>;
+  resolveIdentity(args: {
+    provider: string;
+    platformId: string;
+    kind?: "user" | "agent" | "service" | "bot" | "workspace";
+    displayName?: string;
+  }): Promise<{
+    identityId: string | null;
+    status: string;
+    accessAllowed: boolean;
+    created?: boolean;
+    reason?: string;
+  }>;
+  searchIdentities(args?: {
+    q?: string;
+    status?: string;
+    limit?: number;
+  }): Promise<{
+    identities: unknown[];
+  }>;
+  getIdentityContext(identityId: string): Promise<{
+    context: unknown;
+  }>;
+  mergeIdentities(survivorId: string, args: {
+    mergedId: string;
+    changedBy: {
+      type: string;
+      id: string;
+      name?: string;
+    };
+  }): Promise<{
+    ok: boolean;
+    error?: string;
+  }>;
+  unmergeIdentity(identityId: string, args: {
+    changedBy: {
+      type: string;
+      id: string;
+      name?: string;
+    };
+  }): Promise<{
+    ok: boolean;
+    error?: string;
+  }>;
+  addIdentityNote(identityId: string, args: {
+    content: string;
+    category?: string;
+    changedBy: {
+      type: string;
+      id: string;
+      name?: string;
+    };
+  }): Promise<{
+    noteId: string | null;
+  }>;
+  tagIdentity(identityId: string, args: {
+    tag: string;
+    action: "add" | "remove";
+    changedBy: {
+      type: string;
+      id: string;
+      name?: string;
+    };
+  }): Promise<{
+    ok: boolean;
+  }>;
+  getIdentityChangelog(identityId: string, args?: {
+    limit?: number;
+  }): Promise<{
+    entries: unknown[];
+  }>;
+  rollbackIdentity(identityId: string, args: {
+    targetVersion: number;
+    changedBy: {
+      type: string;
+      id: string;
+      name?: string;
+    };
+  }): Promise<{
+    ok: boolean;
+    entry?: unknown;
+  }>;
+  requestIdentityVerification(args: {
+    claimedIdentityId: string;
+    requestingIdentityId: string;
+    requestingProvider: string;
+    requestingPlatformId: string;
+    preferredChannel?: "mobile" | "email";
+    /**
+     * Phase 2: agent-supplied contact endpoint. When provided, the top-level
+     * `preferredChannel` is ignored — the contact's channel wins.
+     */
+    contact?: {
+      channel: "email" | "mobile";
+      value: string;
+    };
+  }): Promise<{
+    verificationId: string;
+    channel: string;
+    deliveredTo: string;
+    expiresAt: string;
+    availableChannels: {
+      channel: string;
+      deliveredTo: string;
+    }[];
+  } | {
+    error: string;
+  }>;
+  confirmIdentityVerification(args: {
+    claimedIdentityId: string;
+    verificationId: string;
+    phrase: string;
+  }): Promise<{
+    verified: boolean;
+    identityId?: string;
+    /** Phase 2: how the confirm resolved — Scenario A vs B. */
+    action?: "merged" | "contact_verified";
+    error?: string;
+  }>;
   /**
-   * Get file version history.
+   * Update display-shape fields on an Identity. Body excludes `email` /
+   * `phone` / `title` / `company` / `metadata` per Section D4 — contacts go
+   * via the verify flow, title/company live on OrgMembership, metadata is
+   * not agent-writable.
    */
-  getFileHistory(filePath: string): Promise<FileHistoryEntry[]>;
+  updateIdentity(identityId: string, args: {
+    name?: string;
+    avatarUrl?: string;
+    timezone?: string;
+    locale?: string;
+  }): Promise<{
+    ok: boolean;
+  }>;
   /**
-   * Generate a reconstruction bundle.
+   * Phase 2 (Section H): server-side verification of a Google Chat sender via
+   * the agent's existing Google OAuth credentials. Returns the resolved
+   * identity (created or matched via Scenario-B email enrichment).
    */
-  reconstruct(mode?: "full" | "active" | "memory"): Promise<ReconstructResult>;
-};
-type ApiClient = ReturnType<typeof createApiClient>;
-//# sourceMappingURL=api-client.d.ts.map
+  resolveGoogleChatSender(args: {
+    senderUserId: string;
+    spaceId?: string;
+  }): Promise<{
+    identityId: string | null;
+    status: string;
+    accessAllowed: boolean;
+  }>;
+  memorySearch(query: string, opts?: {
+    limit?: number;
+    topic?: string;
+    subtopic?: string;
+    tag?: string;
+    includeKnowledge?: boolean;
+  }): Promise<{
+    facts: {
+      subject: string;
+      predicate: string;
+      object: string;
+      since: string;
+      confidence: number;
+    }[];
+    memories: {
+      id: string;
+      text: string;
+      topic: string;
+      subtopic: string;
+      tag: string;
+      importance: number;
+      timestamp: number;
+      score: number;
+    }[];
+  }>;
+  memoryStore(text: string, opts?: {
+    topic?: string;
+    subtopic?: string;
+    tag?: string;
+    importance?: number;
+  }): Promise<{
+    memoryId: string;
+  }>;
+  memoryIngest(sessionKey: string, messages: {
+    role: string;
+    content: string;
+    index: number;
+    timestamp?: string;
+  }[], metadata?: {
+    channelId?: string;
+    userId?: string;
+    userName?: string;
+  }): Promise<{
+    queued: boolean;
+    messageCount: number;
+  }>;
+  memoryLoadContext(tier?: number, topicHint?: string): Promise<{
+    formatted: string;
+    [key: string]: unknown;
+  }>;
+  memoryLookupEntity(subject: string): Promise<{
+    subject: string;
+    triples: {
+      tripleId: string;
+      predicate: string;
+      object: string;
+      validFrom: string;
+      validTo?: string;
+      confidence: number;
+    }[];
+  }>;
+  memoryNavigate(): Promise<{
+    topics: {
+      name: string;
+      tripleCount: number;
+      subtopics: string[];
+    }[];
+    cursor: string | null;
+  }>;
+  memoryDelete(memoryId: string): Promise<{
+    deleted: boolean;
+  }>;
+  memoryStats(): Promise<{
+    vectorCount: number;
+    tripleCount: number;
+    storageEstimateBytes: number;
+    lastIngestionAt?: string;
+  }>;
+  searchWeb(params: {
+    query: string;
+    count?: number;
+    offset?: number;
+    country?: string;
+    freshness?: string;
+  }): Promise<unknown>;
+  searchImages(params: {
+    query: string;
+    count?: number;
+  }): Promise<unknown>;
+  searchNews(params: {
+    query: string;
+    count?: number;
+    freshness?: string;
+  }): Promise<unknown>;
+  registerDatabaseCredentials(): Promise<{
+    connectionString: string;
+    username: string;
+    password: string;
+    databases: string[];
+  }>;
+  reportDatabaseAudit(entry: {
+    database: string;
+    collection: string;
+    operation: string;
+    summary?: string;
+  }): Promise<void>;
+}
+//# sourceMappingURL=index.d.ts.map
+//#endregion
 //#endregion
 //#region src/sync-engine.d.ts
-/**
- * AlfeSync engine — orchestrates push, pull, and full sync operations.
- *
- * Handles:
- *   - push(paths[]): upload changed files to S3
- *   - pull(): download files newer on remote
- *   - fullSync(): bidirectional sync with conflict detection
- *
- * Conflict resolution: if remote file is newer than local manifest entry
- * AND local file has changed → write `.conflict-{timestamp}` alongside original.
- */
 interface SyncResult {
   pushed: number;
   pulled: number;
   conflicts: number;
   errors: number;
 }
+interface SyncEngineOptions {
+  workspacePath: string;
+  client: AgentApiClient;
+}
 /**
- * Create a sync engine. Workspace path defaults to `config.workspacePath`
- * from the resolved Alfe config, but can be overridden (e.g. for tests).
+ * Construct a sync engine bound to a workspace + agent API client.
+ *
+ * The client is constructed once in plugin.ts (or the CLI) and passed in,
+ * so credentials never leak into multiple places.
  */
-declare function createSyncEngine(workspacePathOverride?: string): Promise<{
-  config: SyncConfig;
-  client: {
-    getManifest(): Promise<RemoteManifest>;
-    presignPut(filePath: string, contentType?: string): Promise<PresignResult>;
-    presignPutBatch(files: {
-      path: string;
-      contentType?: string;
-    }[]): Promise<PresignResult[]>;
-    confirmUpload(filePath: string, hash: string, size: number, storageClass?: "STANDARD" | "GLACIER_IR"): Promise<ConfirmResult>;
-    presignGet(filePath: string): Promise<PresignResult>;
-    presignGetBatch(paths: string[]): Promise<PresignResult[]>;
-    getStats(): Promise<AgentStats>;
-    registerAgent(displayName?: string): Promise<RegisterAgentResult>;
-    getFileHistory(filePath: string): Promise<FileHistoryEntry[]>;
-    reconstruct(mode?: "full" | "active" | "memory"): Promise<ReconstructResult>;
-  };
+declare function createSyncEngine({
+  workspacePath,
+  client
+}: SyncEngineOptions): {
+  workspacePath: string;
+  client: AgentApiClient;
   /**
-   * Push changed files to remote.
-   *
-   * If paths are provided, only push those files.
-   * If no paths, detect all changed files and push them.
+   * Upload changed files. Pass `paths` for an explicit list, or omit
+   * to scan the workspace for anything that drifted from the manifest.
    */
   push(paths?: string[], options?: {
     quiet?: boolean;
     filter?: string;
   }): Promise<SyncResult>;
-  /**
-   * Pull files from remote that are newer than local.
-   */
+  /** Download files newer on remote. */
   pull(options?: {
     quiet?: boolean;
   }): Promise<SyncResult>;
   /**
-   * Full bidirectional sync with conflict detection.
-   *
-   * For conflicts: if remote file is newer than local manifest entry AND
-   * local file has changed → write `.conflict-{timestamp}` file alongside
-   * the original, then pull the remote version.
+   * Bidirectional sync. True conflicts (changed on both sides) are saved
+   * locally as `.conflict-<ts>` files and the remote version wins.
    */
   fullSync(options?: {
     quiet?: boolean;
   }): Promise<SyncResult>;
   /**
-   * Pull specific files by path without a full manifest diff.
-   *
-   * Used for notification-driven pulls where we already know which
-   * files changed on the remote.
+   * Pull a known list of files (used for relay-driven notifications,
+   * where we already know which paths changed remotely).
    */
   pullFiles(paths: string[], options?: {
     quiet?: boolean;
   }): Promise<SyncResult>;
   /**
-   * Remove a file locally and from the manifest.
-   *
-   * Used for notification-driven deletes when a remote file is removed.
+   * Delete a file locally and from the manifest. Used when the sync relay
+   * tells us a file was removed remotely.
    */
   removeLocalFile(filePath: string, options?: {
     quiet?: boolean;
   }): Promise<void>;
-}>;
-type SyncEngine = Awaited<ReturnType<typeof createSyncEngine>>;
+};
+type SyncEngine = ReturnType<typeof createSyncEngine>;
 //# sourceMappingURL=sync-engine.d.ts.map
 //#endregion
 //#region src/watcher.d.ts
@@ -377,11 +1130,9 @@ interface UploadResult {
   error?: string;
 }
 /**
- * Upload multiple files to S3.
- *
- * Uploads are performed in parallel with a concurrency limit.
+ * Upload many files, batched by `concurrency`.
  */
-declare function uploadFiles(workspacePath: string, relativePaths: string[], client: ApiClient, options?: {
+declare function uploadFiles(workspacePath: string, relativePaths: string[], client: AgentApiClient, options?: {
   concurrency?: number;
   quiet?: boolean;
 }): Promise<UploadResult[]>;
@@ -394,26 +1145,30 @@ interface DownloadResult {
   size?: number;
   error?: string;
 }
-/**
- * Download multiple files from S3.
- *
- * Downloads are performed in parallel with a concurrency limit.
- */
-declare function downloadFiles(workspacePath: string, relativePaths: string[], client: ApiClient, remoteManifest?: RemoteManifest, options?: {
+declare function downloadFiles(workspacePath: string, relativePaths: string[], client: AgentApiClient, remoteManifest?: RemoteManifest, options?: {
   concurrency?: number;
   quiet?: boolean;
 }): Promise<DownloadResult[]>;
 //# sourceMappingURL=downloader.d.ts.map
 //#endregion
-//#region src/shared-sync.d.ts
+//#region src/retry.d.ts
 /**
- * Shared file sync engine for org/team/project scoped files.
- *
- * Syncs shared files to a `shared/` directory in the agent's workspace,
- * organized by scope: shared/org/, shared/teams/{id}/, shared/projects/{id}/
- *
- * Uses the agent self-service API (/agents/org/...) with the agent's API key.
+ * Tiny retry helper used by uploader/downloader. Extracted so both
+ * use the same timing and surface the same final error shape.
  */
+interface RetryOptions {
+  maxRetries?: number;
+  baseDelayMs?: number;
+}
+/**
+ * Run `fn` up to `maxRetries + 1` times with exponential backoff
+ * (`base * 2^attempt`). Returns the first successful value, or rethrows
+ * the last error.
+ */
+declare function withRetry<T>(fn: () => Promise<T>, options?: RetryOptions): Promise<T>;
+//# sourceMappingURL=retry.d.ts.map
+//#endregion
+//#region src/shared-sync.d.ts
 interface SharedScope {
   scopeType: "team" | "project" | "org";
   scopeId: string;
@@ -421,9 +1176,7 @@ interface SharedScope {
 }
 interface SharedSyncConfig {
   workspacePath: string;
-  apiUrl: string;
-  token: string;
-  agentId: string;
+  client: AgentApiClient;
 }
 interface PluginLogger {
   info(msg: string): void;
@@ -440,5 +1193,5 @@ interface SharedSyncEngine {
 }
 declare function createSharedSyncEngine(config: SharedSyncConfig, log: PluginLogger): SharedSyncEngine;
 //#endregion
-export { type AgentStats, type ApiClient, type ApiClientConfig, type ConfirmResult, type DownloadResult, type FileHistoryEntry, type LocalManifest, type ManifestDiff, type ManifestEntry, type PresignResult, type ReconstructResult, type RegisterAgentResult, type RemoteManifest, type SharedScope, type SharedSyncConfig, type SharedSyncEngine, type SyncConfig, type SyncEngine, type SyncPluginConfig, type SyncResult, type UploadResult, type WatcherOptions, computeFileHash, createApiClient, createSharedSyncEngine, createSyncEngine, diffManifests, downloadFiles, filterIgnored, invalidateSyncConfigCache, isInitialized, loadIgnorePatterns, plugin, readManifest, removeManifestEntry, requireConfig, resolveSyncConfig, shouldIgnore, startWatcher, syncStateDir, updateManifestEntry, uploadFiles, writeManifest };
+export { type DownloadResult, type LocalManifest, type ManifestDiff, type ManifestEntry, type RemoteManifest, type RetryOptions, type SharedScope, type SharedSyncConfig, type SharedSyncEngine, type SyncEngine, type SyncPluginConfig, type SyncResult, type UploadResult, type WatcherOptions, computeFileHash, createSharedSyncEngine, createSyncEngine, diffManifests, downloadFiles, filterIgnored, loadIgnorePatterns, plugin, readManifest, removeManifestEntry, shouldIgnore, startWatcher, updateManifestEntry, uploadFiles, withRetry, writeManifest };
 //# sourceMappingURL=index.d.ts.map