@atomicmail/langchain 0.3.14

package/esm/lib/core/shared-assets.js

@@ -0,0 +1,46 @@
+import { existsSync, readFileSync } from "node:fs";
+import { dirname, resolve as resolvePath } from "node:path";
+import { fileURLToPath } from "node:url";
+const moduleDir = dirname(fileURLToPath(globalThis[Symbol.for("import-meta-ponyfill-esmodule")](import.meta).url));
+function resolveSharedRoot() {
+    let current = moduleDir;
+    for (let depth = 0; depth < 12; depth++) {
+        const candidate = resolvePath(current, "shared");
+        if (existsSync(candidate))
+            return candidate;
+        const parent = resolvePath(current, "..");
+        if (parent === current)
+            break;
+        current = parent;
+    }
+    throw new Error(`Shared asset directory was not found from module path: ${moduleDir}`);
+}
+let cachedSharedRoot;
+export function getSharedRootPath() {
+    if (!cachedSharedRoot)
+        cachedSharedRoot = resolveSharedRoot();
+    return cachedSharedRoot;
+}
+export function readSharedText(relativePath) {
+    const fullPath = resolvePath(getSharedRootPath(), relativePath);
+    return readFileSync(fullPath, "utf-8");
+}
+export function readSharedJson(relativePath) {
+    return JSON.parse(readSharedText(relativePath));
+}
+export function tryReadSharedText(relativePath) {
+    try {
+        return readSharedText(relativePath);
+    }
+    catch {
+        return undefined;
+    }
+}
+export function tryReadSharedJson(relativePath) {
+    try {
+        return readSharedJson(relativePath);
+    }
+    catch {
+        return undefined;
+    }
+}

package/esm/lib/core/types.d.ts

@@ -0,0 +1,2 @@
+export type MaybePromise<R> = R | Promise<R>;
+//# sourceMappingURL=types.d.ts.map

package/esm/lib/core/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/lib/core/types.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC"}

package/esm/lib/core/types.js

@@ -0,0 +1,2 @@
+// Shared type utilities (lib core).
+export {};

package/esm/lib/core/utils.d.ts

@@ -0,0 +1,12 @@
+import type { MaybePromise } from "./types.js";
+export declare function delay(ms: number): Promise<void>;
+export type RetryCfg = {
+    maxTimeoutMs?: number;
+    startTimeoutMs?: number;
+    backoffMul?: number;
+    /** Optional hook before the next retry; must not throw. */
+    onBeforeRetry?: (e: unknown) => MaybePromise<void>;
+};
+/** Retries `fn` on throw with exponential backoff until `maxTimeoutMs` is exceeded. */
+export declare function retry<R>(fn: () => MaybePromise<R>, config: RetryCfg): Promise<R>;
+//# sourceMappingURL=utils.d.ts.map

package/esm/lib/core/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/lib/core/utils.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C,wBAAgB,KAAK,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAE/C;AAED,MAAM,MAAM,QAAQ,GAAG;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,2DAA2D;IAC3D,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,OAAO,KAAK,YAAY,CAAC,IAAI,CAAC,CAAC;CACpD,CAAC;AAQF,uFAAuF;AACvF,wBAAsB,KAAK,CAAC,CAAC,EAC3B,EAAE,EAAE,MAAM,YAAY,CAAC,CAAC,CAAC,EACzB,MAAM,EAAE,QAAQ,GACf,OAAO,CAAC,CAAC,CAAC,CAgBZ"}

package/esm/lib/core/utils.js

@@ -0,0 +1,29 @@
+// Small async helpers (delay, exponential backoff retry).
+import { ONE_SEC_MS } from "./consts.js";
+export function delay(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+const defaultCfg = {
+    maxTimeoutMs: ONE_SEC_MS * 32,
+    startTimeoutMs: ONE_SEC_MS,
+    backoffMul: 2,
+};
+/** Retries `fn` on throw with exponential backoff until `maxTimeoutMs` is exceeded. */
+export async function retry(fn, config) {
+    const cfg = { ...defaultCfg, ...config };
+    let curTimeoutMs = cfg.startTimeoutMs;
+    while (true) {
+        try {
+            const res = await fn();
+            return res;
+        }
+        catch (e) {
+            if (cfg.onBeforeRetry)
+                await cfg.onBeforeRetry(e);
+            if (curTimeoutMs > cfg.maxTimeoutMs)
+                throw e;
+            await delay(curTimeoutMs);
+            curTimeoutMs = Math.floor(curTimeoutMs * cfg.backoffMul);
+        }
+    }
+}

package/esm/lib/mod.d.ts

@@ -0,0 +1,20 @@
+export * from "./network/auth-client.js";
+export * from "./core/utils.js";
+export * from "./core/read-npm-package-readme.js";
+export * from "./core/consts.js";
+export * from "./core/messages.js";
+export * from "./core/shared-assets.js";
+export * from "./core/types.js";
+export * from "./agent/session/agent-credentials-store.js";
+export * from "./agent/session/inbox-id-to-mailbox-email.js";
+export * from "./agent/auth/agent-jwt.js";
+export * from "./agent/auth/agent-pow.js";
+export * from "./agent/auth/agent-auth-http.js";
+export * from "./agent/jmap/agent-jmap.js";
+export * from "./agent/jmap/agent-jmap-verify.js";
+export * from "./agent/session/agent-session.js";
+export * from "./agent/session/agent-resolve-config.js";
+export * from "./agent/session/agent-session-for-dir.js";
+export * from "./agent/jmap/agent-help-content.js";
+export * from "./agent/jmap/agent-vars.js";
+//# sourceMappingURL=mod.d.ts.map

package/esm/lib/mod.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../src/lib/mod.ts"],"names":[],"mappings":"AAAA,cAAc,0BAA0B,CAAC;AACzC,cAAc,iBAAiB,CAAC;AAChC,cAAc,mCAAmC,CAAC;AAClD,cAAc,kBAAkB,CAAC;AACjC,cAAc,oBAAoB,CAAC;AACnC,cAAc,yBAAyB,CAAC;AACxC,cAAc,iBAAiB,CAAC;AAEhC,cAAc,4CAA4C,CAAC;AAC3D,cAAc,8CAA8C,CAAC;AAC7D,cAAc,2BAA2B,CAAC;AAC1C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,iCAAiC,CAAC;AAChD,cAAc,4BAA4B,CAAC;AAC3C,cAAc,mCAAmC,CAAC;AAClD,cAAc,kCAAkC,CAAC;AACjD,cAAc,yCAAyC,CAAC;AACxD,cAAc,0CAA0C,CAAC;AACzD,cAAc,oCAAoC,CAAC;AACnD,cAAc,4BAA4B,CAAC"}

package/esm/lib/mod.js

@@ -0,0 +1,19 @@
+export * from "./network/auth-client.js";
+export * from "./core/utils.js";
+export * from "./core/read-npm-package-readme.js";
+export * from "./core/consts.js";
+export * from "./core/messages.js";
+export * from "./core/shared-assets.js";
+export * from "./core/types.js";
+export * from "./agent/session/agent-credentials-store.js";
+export * from "./agent/session/inbox-id-to-mailbox-email.js";
+export * from "./agent/auth/agent-jwt.js";
+export * from "./agent/auth/agent-pow.js";
+export * from "./agent/auth/agent-auth-http.js";
+export * from "./agent/jmap/agent-jmap.js";
+export * from "./agent/jmap/agent-jmap-verify.js";
+export * from "./agent/session/agent-session.js";
+export * from "./agent/session/agent-resolve-config.js";
+export * from "./agent/session/agent-session-for-dir.js";
+export * from "./agent/jmap/agent-help-content.js";
+export * from "./agent/jmap/agent-vars.js";

package/esm/lib/network/auth-client.d.ts

@@ -0,0 +1,57 @@
+export interface AuthClientOptions {
+    /** Base URL of auth-service, e.g. "http://localhost:8000". Trailing slashes are stripped. */
+    baseUrl: string;
+    /**
+     * PoW scrypt salt (hex string). When omitted, {@link DEFAULT_POW_SCRYPT_SALT_HEX}
+     * is used so clients match the bundled auth-service.
+     */
+    scryptSaltHex?: string;
+}
+export interface SignupResult {
+    /** Freshly minted API key. The server only returns it once — persist it. */
+    apiKey: string;
+    sessionJWT: string;
+}
+export interface LoginResult {
+    sessionJWT: string;
+}
+export interface RenewResult {
+    capabilityJWT: string;
+}
+/** Thrown for any non-2xx HTTP response or malformed payload. */
+export declare class AuthClientError extends Error {
+    status: number;
+    bodyText: string;
+    constructor(status: number, bodyText: string, message: string);
+}
+export declare class AuthClient {
+    private readonly baseUrl;
+    private readonly scryptSaltHex;
+    constructor(options: AuthClientOptions);
+    /**
+     * Register a new inbox under `username`. Returns the freshly minted API key
+     * (the server only ever returns it once — the caller MUST persist it) and
+     * a session JWT.
+     */
+    signup(username: string): Promise<SignupResult>;
+    /** Exchange an existing API key for a fresh session JWT. */
+    login(apiKey: string): Promise<LoginResult>;
+    /**
+     * Exchange a session JWT for a short-lived capability JWT (audience:
+     * api-service).
+     */
+    renew(sessionJWT: string): Promise<RenewResult>;
+    private fetchChallenge;
+    private postSession;
+    private parseJsonOrThrow;
+    /**
+     * Brute-force a PoW nonce. Mirrors `generatePow` in
+     * services/auth-service/src/crypto.ts: scrypt(`${challenge}:${nonce}`, salt,
+     * 64) until `difficulty` leading bits of the digest are zero.
+     *
+     * Expected work at the server's POW_DIFFICULTY=6 is ~2^6 = 64 attempts; well
+     * within the challenge JWT's 3-minute TTL.
+     */
+    private solvePoW;
+}
+//# sourceMappingURL=auth-client.d.ts.map

package/esm/lib/network/auth-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-client.d.ts","sourceRoot":"","sources":["../../../src/lib/network/auth-client.ts"],"names":[],"mappings":"AAmBA,MAAM,WAAW,iBAAiB;IAChC,6FAA6F;IAC7F,OAAO,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,YAAY;IAC3B,4EAA4E;IAC5E,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,iEAAiE;AACjE,qBAAa,eAAgB,SAAQ,KAAK;IACxC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;gBAEL,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAM9D;AAOD,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAE3B,OAAO,EAAE,iBAAiB;IAKtC;;;;OAIG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAyBrD,4DAA4D;IACtD,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAgBjD;;;OAGG;IACG,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;YAoBvC,cAAc;YAsCd,WAAW;YAyCX,gBAAgB;IAuB9B;;;;;;;OAOG;YACW,QAAQ;CAgBvB"}

package/esm/lib/network/auth-client.js

@@ -0,0 +1,210 @@
+// Thin HTTP client for auth-service (PoW challenge → session → capability).
+//
+// Encapsulates the full PoW challenge → session → capability flow so callers
+// (integration tests, the future agent skill, etc.) don't have to reimplement scrypt grinding.
+//
+// The PoW digest is scrypt-based and uses the SAME salt the auth-service
+// uses on the verify path (see services/auth-service/src/crypto.ts). The
+// client must therefore be configured with that salt — there is no public
+// hash function here, the salt is part of the protocol.
+import { scrypt } from "node:crypto";
+import { DEFAULT_POW_SCRYPT_SALT_HEX } from "../core/consts.js";
+// Mirror services/auth-service/src/crypto.ts exactly. Changing any of these
+// constants on either side breaks PoW interop.
+const SCRYPT_PARAMS = { N: 16384, r: 8, p: 1 };
+const POW_HASH_BYTES = 64;
+/** Thrown for any non-2xx HTTP response or malformed payload. */
+export class AuthClientError extends Error {
+    status;
+    bodyText;
+    constructor(status, bodyText, message) {
+        super(message);
+        this.name = "AuthClientError";
+        this.status = status;
+        this.bodyText = bodyText;
+    }
+}
+export class AuthClient {
+    baseUrl;
+    scryptSaltHex;
+    constructor(options) {
+        this.baseUrl = options.baseUrl.replace(/\/+$/, "");
+        this.scryptSaltHex = options.scryptSaltHex ?? DEFAULT_POW_SCRYPT_SALT_HEX;
+    }
+    /**
+     * Register a new inbox under `username`. Returns the freshly minted API key
+     * (the server only ever returns it once — the caller MUST persist it) and
+     * a session JWT.
+     */
+    async signup(username) {
+        const { challengeJWT, challenge, difficulty } = await this.fetchChallenge();
+        const { powHex, nonce } = await this.solvePoW(challenge, difficulty);
+        const { sessionJWT, data } = await this.postSession(challengeJWT, {
+            powHex,
+            nonce: nonce.toString(),
+            username,
+        });
+        if (typeof data.apiKey !== "string") {
+            throw new AuthClientError(200, JSON.stringify(data), "Signup response missing apiKey.");
+        }
+        return { apiKey: data.apiKey, sessionJWT };
+    }
+    /** Exchange an existing API key for a fresh session JWT. */
+    async login(apiKey) {
+        const { challengeJWT, challenge, difficulty } = await this.fetchChallenge();
+        const { powHex, nonce } = await this.solvePoW(challenge, difficulty);
+        const { sessionJWT } = await this.postSession(challengeJWT, {
+            powHex,
+            nonce: nonce.toString(),
+            apiKey,
+        });
+        return { sessionJWT };
+    }
+    /**
+     * Exchange a session JWT for a short-lived capability JWT (audience:
+     * api-service).
+     */
+    async renew(sessionJWT) {
+        const res = await fetch(`${this.baseUrl}/api/v1/capability`, {
+            method: "POST",
+            headers: { Authorization: `Bearer ${sessionJWT}` },
+        });
+        const text = await res.text();
+        if (!res.ok) {
+            throw new AuthClientError(res.status, text, `auth-service capability returned ${res.status}: ${text}`);
+        }
+        const capabilityJWT = readBearerToken(res.headers.get("Authorization"), "Capability response missing Authorization bearer token.");
+        return { capabilityJWT };
+    }
+    async fetchChallenge() {
+        const res = await fetch(`${this.baseUrl}/api/v1/challenge`, {
+            method: "POST",
+        });
+        const text = await res.text();
+        if (!res.ok) {
+            throw new AuthClientError(res.status, text, `auth-service challenge returned ${res.status}: ${text}`);
+        }
+        const challengeJWT = readBearerToken(res.headers.get("Authorization"), "Challenge response missing Authorization bearer token.");
+        const payload = decodeJwtPayload(challengeJWT);
+        if (typeof payload.jti !== "string" ||
+            typeof payload.difficulty !== "number") {
+            throw new AuthClientError(res.status, challengeJWT, "Challenge JWT payload is malformed (missing jti or difficulty).");
+        }
+        return {
+            challengeJWT,
+            challenge: payload.jti,
+            difficulty: payload.difficulty,
+        };
+    }
+    async postSession(challengeJWT, body) {
+        const res = await fetch(`${this.baseUrl}/api/v1/session`, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                Authorization: `Bearer ${challengeJWT}`,
+            },
+            body: JSON.stringify(body),
+        });
+        const text = await res.text();
+        if (!res.ok) {
+            throw new AuthClientError(res.status, text, `auth-service session returned ${res.status}: ${text}`);
+        }
+        const sessionJWT = readBearerToken(res.headers.get("Authorization"), "Session response missing Authorization bearer token.");
+        let data = {};
+        if (text.trim().length > 0) {
+            try {
+                data = JSON.parse(text);
+            }
+            catch {
+                throw new AuthClientError(res.status, text, "auth-service session returned non-JSON body.");
+            }
+        }
+        return { sessionJWT, data };
+    }
+    async parseJsonOrThrow(res, endpoint) {
+        const text = await res.text();
+        if (!res.ok) {
+            throw new AuthClientError(res.status, text, `auth-service ${endpoint} returned ${res.status}: ${text}`);
+        }
+        try {
+            return JSON.parse(text);
+        }
+        catch {
+            throw new AuthClientError(res.status, text, `auth-service ${endpoint} returned non-JSON body.`);
+        }
+    }
+    /**
+     * Brute-force a PoW nonce. Mirrors `generatePow` in
+     * services/auth-service/src/crypto.ts: scrypt(`${challenge}:${nonce}`, salt,
+     * 64) until `difficulty` leading bits of the digest are zero.
+     *
+     * Expected work at the server's POW_DIFFICULTY=6 is ~2^6 = 64 attempts; well
+     * within the challenge JWT's 3-minute TTL.
+     */
+    async solvePoW(challenge, difficulty) {
+        let nonce = 0n;
+        while (true) {
+            const digest = await scryptHash(`${challenge}:${nonce}`, this.scryptSaltHex);
+            if (hasLeadingZeroBits(digest, difficulty)) {
+                return { powHex: bytesToHex(digest), nonce };
+            }
+            nonce++;
+        }
+    }
+}
+function scryptHash(data, salt) {
+    const bytes = new TextEncoder().encode(data);
+    return new Promise((resolve, reject) => {
+        scrypt(bytes, salt, POW_HASH_BYTES, SCRYPT_PARAMS, (err, derived) => {
+            if (err)
+                return reject(err);
+            resolve(new Uint8Array(derived));
+        });
+    });
+}
+function hasLeadingZeroBits(hash, bits) {
+    if (bits > hash.length * 8)
+        return false;
+    const fullBytes = Math.floor(bits / 8);
+    const remainingBits = bits % 8;
+    for (let i = 0; i < fullBytes; i++) {
+        if (hash[i] !== 0)
+            return false;
+    }
+    if (remainingBits > 0) {
+        const mask = (0xff << (8 - remainingBits)) & 0xff;
+        if ((hash[fullBytes] & mask) !== 0)
+            return false;
+    }
+    return true;
+}
+function bytesToHex(bytes) {
+    let hex = "";
+    for (let i = 0; i < bytes.length; i++) {
+        hex += bytes[i].toString(16).padStart(2, "0");
+    }
+    return hex;
+}
+function decodeJwtPayload(jwt) {
+    const parts = jwt.split(".");
+    if (parts.length < 2) {
+        throw new Error("Malformed JWT: expected at least 2 dot-separated segments.");
+    }
+    const payloadB64Url = parts[1];
+    const padLen = (4 - (payloadB64Url.length % 4)) % 4;
+    const base64 = payloadB64Url
+        .replace(/-/g, "+")
+        .replace(/_/g, "/")
+        .padEnd(payloadB64Url.length + padLen, "=");
+    return JSON.parse(atob(base64));
+}
+function readBearerToken(headerValue, missingError) {
+    if (!headerValue) {
+        throw new Error(missingError);
+    }
+    const match = /^\s*Bearer\s+(.+?)\s*$/i.exec(headerValue);
+    if (!match || !match[1]) {
+        throw new Error("Authorization header must use Bearer scheme.");
+    }
+    return match[1];
+}

package/esm/package.json

@@ -0,0 +1,3 @@
+{
+  "type": "module"
+}

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "@atomicmail/langchain",
+  "version": "0.3.14",
+  "description": "Atomic Mail LangChain toolkit — register, jmap_request, and help tools for JS/TS agents.",
+  "keywords": [
+    "atomic-mail",
+    "atomicmail",
+    "langchain",
+    "toolkit",
+    "agent",
+    "ai",
+    "jmap",
+    "email",
+    "proof-of-work"
+  ],
+  "author": "Atomic Mail",
+  "homepage": "https://atomicmail.ai?utm_source=npm&utm_medium=package&utm_campaign=website",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Atomic-Mail/atomic-mail-agentic.git"
+  },
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/Atomic-Mail/atomic-mail-agentic/issues"
+  },
+  "module": "./esm/langchain/mod.js",
+  "exports": {
+    ".": {
+      "import": "./esm/langchain/mod.js"
+    }
+  },
+  "scripts": {},
+  "publishConfig": {
+    "access": "public"
+  },
+  "atomicmail": {
+    "channel": "default"
+  },
+  "engines": {
+    "node": ">=20"
+  },
+  "dependencies": {
+    "@langchain/core": "^1.1.49",
+    "zod": "^4.4.3",
+    "langchain": "^1.4.5"
+  },
+  "devDependencies": {
+    "@types/node": "^20.12.0"
+  },
+  "_generatedBy": "dnt@dev"
+}

package/presets/list_inbox.json

@@ -0,0 +1,46 @@
+{
+  "using": [
+    "urn:ietf:params:jmap:core",
+    "urn:ietf:params:jmap:mail"
+  ],
+  "methodCalls": [
+    [
+      "Email/query",
+      {
+        "accountId": "$ACCOUNT_ID",
+        "filter": {
+          "inMailbox": "$INBOX_MAILBOX_ID"
+        },
+        "sort": [
+          {
+            "property": "receivedAt",
+            "isAscending": false
+          }
+        ],
+        "limit": 50
+      },
+      "q0"
+    ],
+    [
+      "Email/get",
+      {
+        "accountId": "$ACCOUNT_ID",
+        "#ids": {
+          "resultOf": "q0",
+          "name": "Email/query",
+          "path": "/ids"
+        },
+        "properties": [
+          "id",
+          "threadId",
+          "receivedAt",
+          "from",
+          "to",
+          "subject",
+          "preview"
+        ]
+      },
+      "g0"
+    ]
+  ]
+}

package/presets/reply.json

@@ -0,0 +1,97 @@
+{
+  "using": [
+    "urn:ietf:params:jmap:core",
+    "urn:ietf:params:jmap:mail",
+    "urn:ietf:params:jmap:submission"
+  ],
+  "methodCalls": [
+    [
+      "Email/get",
+      {
+        "accountId": "$ACCOUNT_ID",
+        "ids": [
+          "$MAIL_ID"
+        ],
+        "properties": [
+          "id",
+          "threadId",
+          "from",
+          "replyTo",
+          "subject",
+          "messageId"
+        ]
+      },
+      "g0"
+    ],
+    [
+      "Email/set",
+      {
+        "accountId": "$ACCOUNT_ID",
+        "create": {
+          "d1": {
+            "mailboxIds": {
+              "$INBOX_MAILBOX_ID": true
+            },
+            "from": [
+              {
+                "email": "$INBOX"
+              }
+            ],
+            "#to": {
+              "resultOf": "g0",
+              "name": "Email/get",
+              "path": "/list/0/replyTo"
+            },
+            "#subject": {
+              "resultOf": "g0",
+              "name": "Email/get",
+              "path": "/list/0/subject"
+            },
+            "#inReplyTo": {
+              "resultOf": "g0",
+              "name": "Email/get",
+              "path": "/list/0/messageId"
+            },
+            "textBody": [
+              {
+                "partId": "b",
+                "type": "text/plain"
+              }
+            ],
+            "bodyValues": {
+              "b": {
+                "value": "$BODY"
+              }
+            },
+            "keywords": {
+              "$draft": true
+            }
+          }
+        }
+      },
+      "c0"
+    ],
+    [
+      "EmailSubmission/set",
+      {
+        "accountId": "$ACCOUNT_ID",
+        "create": {
+          "s1": {
+            "emailId": "#d1",
+            "envelope": {
+              "mailFrom": {
+                "email": "$INBOX"
+              },
+              "#rcptTo": {
+                "resultOf": "g0",
+                "name": "Email/get",
+                "path": "/list/0/replyTo"
+              }
+            }
+          }
+        }
+      },
+      "c1"
+    ]
+  ]
+}