@avaprotocol/sdk-js 2.17.0 → 3.1.0

package/dist/v4/client.d.ts

@@ -0,0 +1,60 @@
+import { AuthResource } from "./resources/auth";
+import { ExecutionsResource } from "./resources/executions";
+import { HealthResource } from "./resources/health";
+import { NodesResource } from "./resources/nodes";
+import { OperatorsResource } from "./resources/operators";
+import { SecretsResource } from "./resources/secrets";
+import { TokensResource } from "./resources/tokens";
+import { TriggersResource } from "./resources/triggers";
+import { WalletsResource } from "./resources/wallets";
+import { WorkflowsResource } from "./resources/workflows";
+export interface ClientOptions {
+    /**
+     * Base URL of the REST API including the `/api/v1` prefix. Example:
+     * `https://gateway.avaprotocol.org/api/v1`. The SDK does not append
+     * `/api/v1` for you; partners running their own aggregator instance
+     * can point baseUrl elsewhere if their reverse proxy strips the prefix.
+     */
+    baseUrl: string;
+    /**
+     * Optional pre-minted JWT. Skip if you'll call
+     * `client.auth.exchange()` after construction.
+     */
+    token?: string;
+    /** Default request timeout in milliseconds. Defaults to 30s. */
+    defaultTimeoutMs?: number;
+    /** Override the fetch impl. Useful for tests and non-Node runtimes. */
+    fetchImpl?: typeof fetch;
+}
+/**
+ * v4 SDK entry point. Resource-grouped sub-clients (Stripe / OpenAI
+ * convention). Construct one Client per aggregator endpoint; all
+ * requests share the same transport (and therefore the same Bearer
+ * token + timeout + fetch impl).
+ *
+ * @example
+ *   import { Client } from "@avaprotocol/sdk-js";
+ *   const client = new Client({ baseUrl: process.env.AVS_REST_URL! });
+ *   await client.auth.exchangeWithKey(process.env.TEST_PRIVATE_KEY!);
+ *   const wf = await client.workflows.create({ ... });
+ *   await client.workflows.cancel(wf.id);
+ */
+export declare class Client {
+    readonly auth: AuthResource;
+    readonly executions: ExecutionsResource;
+    readonly health: HealthResource;
+    readonly nodes: NodesResource;
+    readonly operators: OperatorsResource;
+    readonly secrets: SecretsResource;
+    readonly tokens: TokensResource;
+    readonly triggers: TriggersResource;
+    readonly wallets: WalletsResource;
+    readonly workflows: WorkflowsResource;
+    private readonly transport;
+    constructor(opts: ClientOptions);
+    /** Replace the current Bearer token. */
+    setToken(token: string | undefined): void;
+    /** Current Bearer token. Returns undefined when anonymous. */
+    get token(): string | undefined;
+}
+//# sourceMappingURL=client.d.ts.map

package/dist/v4/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/v4/client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAE1D,MAAM,WAAW,aAAa;IAC5B;;;;;OAKG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gEAAgE;IAChE,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,uEAAuE;IACvE,SAAS,CAAC,EAAE,OAAO,KAAK,CAAC;CAC1B;AAED;;;;;;;;;;;;GAYG;AACH,qBAAa,MAAM;IACjB,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC;IAC5B,QAAQ,CAAC,UAAU,EAAE,kBAAkB,CAAC;IACxC,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAChC,QAAQ,CAAC,KAAK,EAAE,aAAa,CAAC;IAC9B,QAAQ,CAAC,SAAS,EAAE,iBAAiB,CAAC;IACtC,QAAQ,CAAC,OAAO,EAAE,eAAe,CAAC;IAClC,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAChC,QAAQ,CAAC,QAAQ,EAAE,gBAAgB,CAAC;IACpC,QAAQ,CAAC,OAAO,EAAE,eAAe,CAAC;IAClC,QAAQ,CAAC,SAAS,EAAE,iBAAiB,CAAC;IAEtC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;gBAE1B,IAAI,EAAE,aAAa;IAqB/B,wCAAwC;IACxC,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI;IAIzC,8DAA8D;IAC9D,IAAI,KAAK,IAAI,MAAM,GAAG,SAAS,CAE9B;CACF"}

package/dist/v4/client.js

@@ -0,0 +1,53 @@
+import { Transport } from "./internal/transport";
+import { AuthResource } from "./resources/auth";
+import { ExecutionsResource } from "./resources/executions";
+import { HealthResource } from "./resources/health";
+import { NodesResource } from "./resources/nodes";
+import { OperatorsResource } from "./resources/operators";
+import { SecretsResource } from "./resources/secrets";
+import { TokensResource } from "./resources/tokens";
+import { TriggersResource } from "./resources/triggers";
+import { WalletsResource } from "./resources/wallets";
+import { WorkflowsResource } from "./resources/workflows";
+/**
+ * v4 SDK entry point. Resource-grouped sub-clients (Stripe / OpenAI
+ * convention). Construct one Client per aggregator endpoint; all
+ * requests share the same transport (and therefore the same Bearer
+ * token + timeout + fetch impl).
+ *
+ * @example
+ *   import { Client } from "@avaprotocol/sdk-js";
+ *   const client = new Client({ baseUrl: process.env.AVS_REST_URL! });
+ *   await client.auth.exchangeWithKey(process.env.TEST_PRIVATE_KEY!);
+ *   const wf = await client.workflows.create({ ... });
+ *   await client.workflows.cancel(wf.id);
+ */
+export class Client {
+    constructor(opts) {
+        const transportOpts = {
+            baseUrl: opts.baseUrl,
+            token: opts.token,
+            defaultTimeoutMs: opts.defaultTimeoutMs,
+            fetchImpl: opts.fetchImpl,
+        };
+        this.transport = new Transport(transportOpts);
+        this.auth = new AuthResource(this.transport);
+        this.executions = new ExecutionsResource(this.transport);
+        this.health = new HealthResource(this.transport);
+        this.nodes = new NodesResource(this.transport);
+        this.operators = new OperatorsResource(this.transport);
+        this.secrets = new SecretsResource(this.transport);
+        this.tokens = new TokensResource(this.transport);
+        this.triggers = new TriggersResource(this.transport);
+        this.wallets = new WalletsResource(this.transport);
+        this.workflows = new WorkflowsResource(this.transport);
+    }
+    /** Replace the current Bearer token. */
+    setToken(token) {
+        this.transport.setToken(token);
+    }
+    /** Current Bearer token. Returns undefined when anonymous. */
+    get token() {
+        return this.transport.getToken();
+    }
+}

package/dist/v4/index.d.ts

@@ -0,0 +1,19 @@
+export { Client, type ClientOptions } from "./client";
+export { Chains, type ChainId } from "./chains";
+export { Triggers } from "./builders/triggers";
+export { Nodes } from "./builders/nodes";
+export { Protocols, type AbiFragment, type AddressByChain } from "./protocols";
+export { buildAuthMessage, signAuthMessage, AUTH_TEMPLATE, type BuildAuthMessageInput, type BuiltAuthMessage, } from "./auth";
+export { APIError, NetworkError, AuthRequiredError } from "./internal/errors";
+export { AuthResource } from "./resources/auth";
+export { ExecutionsResource } from "./resources/executions";
+export { HealthResource } from "./resources/health";
+export { NodesResource } from "./resources/nodes";
+export { OperatorsResource } from "./resources/operators";
+export { SecretsResource } from "./resources/secrets";
+export { TokensResource } from "./resources/tokens";
+export { TriggersResource } from "./resources/triggers";
+export { WalletsResource } from "./resources/wallets";
+export { WorkflowsResource } from "./resources/workflows";
+export type { v4 } from "@avaprotocol/types";
+//# sourceMappingURL=index.d.ts.map

package/dist/v4/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/v4/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,KAAK,OAAO,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,KAAK,WAAW,EAAE,KAAK,cAAc,EAAE,MAAM,aAAa,CAAC;AAC/E,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,aAAa,EACb,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,GACtB,MAAM,QAAQ,CAAC;AAChB,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAK9E,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAI1D,YAAY,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC"}

package/dist/v4/index.js

@@ -0,0 +1,24 @@
+// Public v4 entrypoint. Consumers should `import { Client } from
+// "@avaprotocol/sdk-js"` once the v3 surface is retired and this
+// becomes the root export. For now the v3 index re-exports the v4
+// names alongside the v3 ones so partners can migrate incrementally.
+export { Client } from "./client";
+export { Chains } from "./chains";
+export { Triggers } from "./builders/triggers";
+export { Nodes } from "./builders/nodes";
+export { Protocols } from "./protocols";
+export { buildAuthMessage, signAuthMessage, AUTH_TEMPLATE, } from "./auth";
+export { APIError, NetworkError, AuthRequiredError } from "./internal/errors";
+// Resource classes are exported in case advanced consumers want to
+// hand-construct one without going through Client. Most callers
+// won't need these.
+export { AuthResource } from "./resources/auth";
+export { ExecutionsResource } from "./resources/executions";
+export { HealthResource } from "./resources/health";
+export { NodesResource } from "./resources/nodes";
+export { OperatorsResource } from "./resources/operators";
+export { SecretsResource } from "./resources/secrets";
+export { TokensResource } from "./resources/tokens";
+export { TriggersResource } from "./resources/triggers";
+export { WalletsResource } from "./resources/wallets";
+export { WorkflowsResource } from "./resources/workflows";

package/dist/v4/internal/errors.d.ts

@@ -0,0 +1,36 @@
+import type { v4 } from "@avaprotocol/types";
+/**
+ * Thrown when the server returns a 4xx/5xx response. The aggregator
+ * speaks RFC 7807 problem+json (`application/problem+json`); this
+ * class surfaces every field plus the underlying HTTP status so SDK
+ * callers can pattern-match without re-parsing the body.
+ */
+export declare class APIError extends Error {
+    /** HTTP status code (echoed from the response). */
+    readonly status: number;
+    /** Machine-readable error code (Problem.code), e.g. `AUTH_INVALID_TOKEN`. */
+    readonly code?: string;
+    /** Short human-readable summary (Problem.title). */
+    readonly title?: string;
+    /** Per-request identifier — also surfaced via X-Request-ID header. */
+    readonly requestId?: string;
+    /** The full parsed Problem body, when the server returned one. */
+    readonly problem?: v4.Problem;
+    constructor(status: number, init: {
+        code?: string;
+        title?: string;
+        detail?: string;
+        requestId?: string;
+        problem?: v4.Problem;
+    });
+}
+/** Thrown when the SDK can't reach the server (DNS failure, fetch threw). */
+export declare class NetworkError extends Error {
+    readonly cause?: unknown;
+    constructor(message: string, cause?: unknown);
+}
+/** Thrown when the auth credential is missing or expired before a call. */
+export declare class AuthRequiredError extends Error {
+    constructor(message?: string);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/v4/internal/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/v4/internal/errors.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AAE7C;;;;;GAKG;AACH,qBAAa,QAAS,SAAQ,KAAK;IACjC,mDAAmD;IACnD,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,6EAA6E;IAC7E,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,oDAAoD;IACpD,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,sEAAsE;IACtE,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,kEAAkE;IAClE,QAAQ,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC;gBAG5B,MAAM,EAAE,MAAM,EACd,IAAI,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,EAAE,CAAC,OAAO,CAAA;KAAE;CAUrG;AAED,6EAA6E;AAC7E,qBAAa,YAAa,SAAQ,KAAK;IACrC,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC;gBACb,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO;CAK7C;AAED,2EAA2E;AAC3E,qBAAa,iBAAkB,SAAQ,KAAK;gBAC9B,OAAO,SAAgE;CAIpF"}

package/dist/v4/internal/errors.js

@@ -0,0 +1,32 @@
+/**
+ * Thrown when the server returns a 4xx/5xx response. The aggregator
+ * speaks RFC 7807 problem+json (`application/problem+json`); this
+ * class surfaces every field plus the underlying HTTP status so SDK
+ * callers can pattern-match without re-parsing the body.
+ */
+export class APIError extends Error {
+    constructor(status, init) {
+        super(init.detail || init.title || `HTTP ${status}`);
+        this.name = "APIError";
+        this.status = status;
+        this.code = init.code;
+        this.title = init.title;
+        this.requestId = init.requestId;
+        this.problem = init.problem;
+    }
+}
+/** Thrown when the SDK can't reach the server (DNS failure, fetch threw). */
+export class NetworkError extends Error {
+    constructor(message, cause) {
+        super(message);
+        this.name = "NetworkError";
+        this.cause = cause;
+    }
+}
+/** Thrown when the auth credential is missing or expired before a call. */
+export class AuthRequiredError extends Error {
+    constructor(message = "Authentication required — call client.auth.exchange() first") {
+        super(message);
+        this.name = "AuthRequiredError";
+    }
+}

package/dist/v4/internal/transport.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Minimal fetch wrapper used by every v4 sub-client. Owns the
+ * baseURL, the Bearer JWT, default timeouts, and the
+ * problem+json → APIError translation.
+ *
+ * Built on top of `globalThis.fetch` so it works in Node 20+ and in
+ * the browser without bundling node-fetch. Streaming endpoints
+ * (executions:stream) bypass `request()` and use `stream()` instead so
+ * the response body can be read incrementally.
+ */
+export interface TransportOptions {
+    /** Base URL including the `/api/v1` prefix, no trailing slash. */
+    readonly baseUrl: string;
+    /** Bearer JWT minted via POST /auth:exchange. */
+    token?: string;
+    /** Default request timeout in milliseconds (per request). */
+    defaultTimeoutMs?: number;
+    /** Optional fetch implementation override (tests / non-Node runtimes). */
+    fetchImpl?: typeof fetch;
+}
+export interface RequestOptions {
+    /** Path appended to baseUrl, e.g. `/workflows/01ABC`. */
+    path: string;
+    /** HTTP method — defaults to GET. */
+    method?: "GET" | "POST" | "PUT" | "PATCH" | "DELETE";
+    /**
+     * Query parameters; arrays repeat the key
+     * (`?status=enabled&status=disabled`). Typed as `object` so
+     * resource handlers can pass through their own param interfaces
+     * without adding index signatures.
+     */
+    query?: object;
+    /** Body payload — JSON-serialized before send. */
+    body?: unknown;
+    /** Per-request timeout override. */
+    timeoutMs?: number;
+    /** Extra headers merged on top of the transport defaults. */
+    headers?: Record<string, string>;
+    /** Pre-resolved AbortSignal for cancellation. */
+    signal?: AbortSignal;
+}
+export declare class Transport {
+    private readonly baseUrl;
+    private readonly defaultTimeoutMs;
+    private readonly fetchImpl;
+    private bearerToken?;
+    constructor(opts: TransportOptions);
+    /** Replace the Bearer token. Used after `client.auth.exchange()`. */
+    setToken(token: string | undefined): void;
+    /** Read the current Bearer token (for tests / debugging). */
+    getToken(): string | undefined;
+    /** Issue a JSON request and decode the response body. */
+    request<T>(opts: RequestOptions): Promise<T>;
+    /**
+     * Issue a request and return the raw Response so the caller can
+     * read it incrementally. Used by the executions:stream SSE handler.
+     * Throws APIError on non-2xx exactly like `request()` does.
+     */
+    stream(opts: RequestOptions): Promise<Response>;
+    private send;
+    private toAPIError;
+    private buildUrl;
+}
+//# sourceMappingURL=transport.d.ts.map

package/dist/v4/internal/transport.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"transport.d.ts","sourceRoot":"","sources":["../../../src/v4/internal/transport.ts"],"names":[],"mappings":"AAGA;;;;;;;;;GASG;AACH,MAAM,WAAW,gBAAgB;IAC/B,kEAAkE;IAClE,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,iDAAiD;IACjD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,6DAA6D;IAC7D,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,0EAA0E;IAC1E,SAAS,CAAC,EAAE,OAAO,KAAK,CAAC;CAC1B;AAED,MAAM,WAAW,cAAc;IAC7B,yDAAyD;IACzD,IAAI,EAAE,MAAM,CAAC;IACb,qCAAqC;IACrC,MAAM,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAC;IACrD;;;;;OAKG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kDAAkD;IAClD,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,oCAAoC;IACpC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,6DAA6D;IAC7D,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,iDAAiD;IACjD,MAAM,CAAC,EAAE,WAAW,CAAC;CACtB;AAED,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAe;IACzC,OAAO,CAAC,WAAW,CAAC,CAAS;gBAEjB,IAAI,EAAE,gBAAgB;IAOlC,qEAAqE;IACrE,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI;IAIzC,6DAA6D;IAC7D,QAAQ,IAAI,MAAM,GAAG,SAAS;IAI9B,yDAAyD;IACnD,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,CAAC,CAAC;IAmBlD;;;;OAIG;IACG,MAAM,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC;YAIvC,IAAI;YAgDJ,UAAU;IAyBxB,OAAO,CAAC,QAAQ;CAiBjB"}

package/dist/v4/internal/transport.js

@@ -0,0 +1,133 @@
+import { APIError, NetworkError } from "./errors";
+export class Transport {
+    constructor(opts) {
+        this.baseUrl = opts.baseUrl.replace(/\/$/, "");
+        this.defaultTimeoutMs = opts.defaultTimeoutMs ?? 30000;
+        this.fetchImpl = opts.fetchImpl ?? globalThis.fetch.bind(globalThis);
+        this.bearerToken = opts.token;
+    }
+    /** Replace the Bearer token. Used after `client.auth.exchange()`. */
+    setToken(token) {
+        this.bearerToken = token;
+    }
+    /** Read the current Bearer token (for tests / debugging). */
+    getToken() {
+        return this.bearerToken;
+    }
+    /** Issue a JSON request and decode the response body. */
+    async request(opts) {
+        const response = await this.send(opts);
+        if (response.status === 204) {
+            // 204 No Content — used by DELETE / PUT acks. Callers should
+            // type T as `void`.
+            return undefined;
+        }
+        const text = await response.text();
+        if (!text)
+            return undefined;
+        try {
+            return JSON.parse(text);
+        }
+        catch (err) {
+            throw new NetworkError(`Failed to parse JSON response from ${opts.path}: ${err.message}`, err);
+        }
+    }
+    /**
+     * Issue a request and return the raw Response so the caller can
+     * read it incrementally. Used by the executions:stream SSE handler.
+     * Throws APIError on non-2xx exactly like `request()` does.
+     */
+    async stream(opts) {
+        return this.send(opts);
+    }
+    async send(opts) {
+        const url = this.buildUrl(opts.path, opts.query);
+        const controller = new AbortController();
+        const timeoutMs = opts.timeoutMs ?? this.defaultTimeoutMs;
+        // timeoutMs <= 0 means "no timeout" (used by SSE streams). With
+        // a positive value we schedule an abort; otherwise the only
+        // cancellation channel is the caller-supplied signal.
+        const timeoutId = timeoutMs > 0
+            ? setTimeout(() => controller.abort(), timeoutMs)
+            : undefined;
+        if (opts.signal) {
+            opts.signal.addEventListener("abort", () => controller.abort(), { once: true });
+        }
+        const headers = {
+            Accept: "application/json",
+            ...opts.headers,
+        };
+        if (this.bearerToken) {
+            headers.Authorization = `Bearer ${this.bearerToken}`;
+        }
+        let body;
+        if (opts.body !== undefined && opts.body !== null) {
+            headers["Content-Type"] ?? (headers["Content-Type"] = "application/json");
+            body = JSON.stringify(opts.body);
+        }
+        let response;
+        try {
+            response = await this.fetchImpl(url, {
+                method: opts.method ?? "GET",
+                headers,
+                body,
+                signal: controller.signal,
+            });
+        }
+        catch (err) {
+            throw new NetworkError(`fetch ${opts.path}: ${err.message}`, err);
+        }
+        finally {
+            clearTimeout(timeoutId);
+        }
+        if (!response.ok) {
+            throw await this.toAPIError(response);
+        }
+        return response;
+    }
+    async toAPIError(response) {
+        const requestId = response.headers.get("X-Request-ID") ?? undefined;
+        const contentType = response.headers.get("Content-Type") ?? "";
+        const isProblem = contentType.includes("problem+json") || contentType.includes("application/json");
+        let problem;
+        let code;
+        let title;
+        let detail;
+        if (isProblem) {
+            try {
+                const text = await response.text();
+                if (text) {
+                    const parsed = JSON.parse(text);
+                    problem = parsed;
+                    code = parsed.code ?? undefined;
+                    title = parsed.title;
+                    detail = parsed.detail ?? undefined;
+                }
+            }
+            catch {
+                // fall through — APIError still carries status + requestId.
+            }
+        }
+        return new APIError(response.status, { code, title, detail, requestId, problem });
+    }
+    buildUrl(path, query) {
+        const url = new URL(this.baseUrl + (path.startsWith("/") ? path : "/" + path));
+        if (query) {
+            for (const [key, value] of Object.entries(query)) {
+                if (value === undefined || value === null || value === "")
+                    continue;
+                if (Array.isArray(value)) {
+                    for (const v of value) {
+                        if (v === undefined || v === null || v === "")
+                            continue;
+                        url.searchParams.append(key, String(v));
+                    }
+                }
+                else {
+                    url.searchParams.append(key, String(value));
+                }
+            }
+        }
+        return url.toString();
+    }
+}

package/dist/v4/protocols/index.d.ts

@@ -0,0 +1,2 @@
+export { Protocols, type AbiFragment, type AddressByChain } from "@avaprotocol/protocols";
+//# sourceMappingURL=index.d.ts.map

package/dist/v4/protocols/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/v4/protocols/index.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,SAAS,EAAE,KAAK,WAAW,EAAE,KAAK,cAAc,EAAE,MAAM,wBAAwB,CAAC"}

package/dist/v4/protocols/index.js

@@ -0,0 +1,13 @@
+// Protocol catalog re-export.
+//
+// Address/ABI/topic data lives in the standalone
+// `@avaprotocol/protocols` package — the SDK ships a thin re-export
+// so consumers don't have to install a second package and the
+// existing `import { Protocols } from "@avaprotocol/sdk-js"` surface
+// keeps working.
+//
+// Update `@avaprotocol/protocols` (https://github.com/AvaProtocol/protocols)
+// when a new protocol address lands or a new chain comes online;
+// bumping `@avaprotocol/protocols` minor version + republishing this
+// SDK package picks it up automatically.
+export { Protocols } from "@avaprotocol/protocols";

package/dist/v4/resources/auth.d.ts

@@ -0,0 +1,48 @@
+import type { v4 } from "@avaprotocol/types";
+import { Transport } from "../internal/transport";
+/**
+ * `client.auth.*` — JWT exchange for the REST API.
+ *
+ * The aggregator's POST /auth:exchange takes (ownerAddress, signature,
+ * message) and returns a JWT bound to the EOA. The SDK keeps the JWT
+ * on the shared transport so subsequent requests carry it as a
+ * Bearer token automatically.
+ */
+export declare class AuthResource {
+    private readonly transport;
+    constructor(transport: Transport);
+    /**
+     * POST /auth:exchange — verify an EIP-191 signature and stash the
+     * returned JWT on the transport. Returns the raw response so
+     * callers can persist the token externally (browser localStorage,
+     * keychain, etc.).
+     */
+    exchange(req: v4.AuthExchangeRequest): Promise<v4.AuthExchangeResponse>;
+    /**
+     * Convenience wrapper: sign the canonical message with a private
+     * key, exchange it, and return the JWT. The exchanged token is
+     * stashed on the transport. Designed for Node tooling — browser
+     * callers should use `buildAuthMessage` + a wallet's
+     * `personal_sign` and then call `exchange()` directly.
+     *
+     * `uri`, `chainId`, and `version` are required for the same reasons
+     * as `buildAuthMessage` — silent defaults would lie about the origin
+     * the user is signing for, mis-route wallet RPCs, or hide which
+     * gateway minted the JWT. `version` is the gateway binary version;
+     * the simplest source is the `version` field returned by
+     * `client.health.check()`. `uri` is the calling origin (the studio
+     * URL the user is on right now).
+     */
+    exchangeWithKey(privateKey: string, opts: {
+        ownerAddress?: string;
+        uri: string;
+        chainId: number;
+        version: string;
+    }): Promise<v4.AuthExchangeResponse>;
+    /**
+     * Forget the currently-stored JWT. Future requests fall back to
+     * anonymous and most endpoints will return 401.
+     */
+    clear(): void;
+}
+//# sourceMappingURL=auth.d.ts.map

package/dist/v4/resources/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/v4/resources/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AAG7C,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAElD;;;;;;;GAOG;AACH,qBAAa,YAAY;IACX,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAAT,SAAS,EAAE,SAAS;IAEjD;;;;;OAKG;IACG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,mBAAmB,GAAG,OAAO,CAAC,EAAE,CAAC,oBAAoB,CAAC;IAY7E;;;;;;;;;;;;;;OAcG;IACG,eAAe,CACnB,UAAU,EAAE,MAAM,EAClB,IAAI,EAAE;QAAE,YAAY,CAAC,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,GAC7E,OAAO,CAAC,EAAE,CAAC,oBAAoB,CAAC;IASnC;;;OAGG;IACH,KAAK,IAAI,IAAI;CAGd"}

package/dist/v4/resources/auth.js

@@ -0,0 +1,61 @@
+import { signAuthMessage } from "../auth";
+/**
+ * `client.auth.*` — JWT exchange for the REST API.
+ *
+ * The aggregator's POST /auth:exchange takes (ownerAddress, signature,
+ * message) and returns a JWT bound to the EOA. The SDK keeps the JWT
+ * on the shared transport so subsequent requests carry it as a
+ * Bearer token automatically.
+ */
+export class AuthResource {
+    constructor(transport) {
+        this.transport = transport;
+    }
+    /**
+     * POST /auth:exchange — verify an EIP-191 signature and stash the
+     * returned JWT on the transport. Returns the raw response so
+     * callers can persist the token externally (browser localStorage,
+     * keychain, etc.).
+     */
+    async exchange(req) {
+        const resp = await this.transport.request({
+            path: "/auth:exchange",
+            method: "POST",
+            body: req,
+        });
+        if (resp.token) {
+            this.transport.setToken(resp.token);
+        }
+        return resp;
+    }
+    /**
+     * Convenience wrapper: sign the canonical message with a private
+     * key, exchange it, and return the JWT. The exchanged token is
+     * stashed on the transport. Designed for Node tooling — browser
+     * callers should use `buildAuthMessage` + a wallet's
+     * `personal_sign` and then call `exchange()` directly.
+     *
+     * `uri`, `chainId`, and `version` are required for the same reasons
+     * as `buildAuthMessage` — silent defaults would lie about the origin
+     * the user is signing for, mis-route wallet RPCs, or hide which
+     * gateway minted the JWT. `version` is the gateway binary version;
+     * the simplest source is the `version` field returned by
+     * `client.health.check()`. `uri` is the calling origin (the studio
+     * URL the user is on right now).
+     */
+    async exchangeWithKey(privateKey, opts) {
+        const signed = await signAuthMessage(privateKey, opts);
+        return this.exchange({
+            ownerAddress: signed.ownerAddress,
+            signature: signed.signature,
+            message: signed.message,
+        });
+    }
+    /**
+     * Forget the currently-stored JWT. Future requests fall back to
+     * anonymous and most endpoints will return 401.
+     */
+    clear() {
+        this.transport.setToken(undefined);
+    }
+}

package/dist/v4/resources/executions.d.ts

@@ -0,0 +1,74 @@
+import type { v4 } from "@avaprotocol/types";
+import { Transport } from "../internal/transport";
+export interface ListExecutionsParams {
+    /** Required for the flat list endpoint; pass one or more workflowIds. */
+    workflowId?: string[];
+    chainId?: number;
+    before?: string;
+    after?: string;
+    limit?: number;
+}
+export interface CountExecutionsParams {
+    workflowId?: string[];
+    chainId?: number;
+}
+export interface ExecutionStatsParams {
+    workflowId?: string[];
+    chainId?: number;
+}
+export interface RetrieveExecutionParams {
+    /**
+     * Workflow id the execution belongs to. Required because executions
+     * are stored under their parent workflow's chain-scoped prefix in
+     * BadgerDB — there is no global execution index.
+     */
+    workflowId: string;
+}
+export interface StreamExecutionParams {
+    workflowId: string;
+    /** Poll interval as a Go-style duration. Defaults to `1s`. */
+    interval?: string;
+    /** Optional AbortSignal to close the stream early. */
+    signal?: AbortSignal;
+}
+/**
+ * `client.executions.*` — read-only access to past workflow runs and
+ * a live SSE stream for in-flight ones. Workflow executions are
+ * created by the operator when a trigger fires (or by `workflows.trigger`
+ * for manual runs); this resource never creates them, only reads.
+ */
+export declare class ExecutionsResource {
+    private readonly transport;
+    constructor(transport: Transport);
+    /** GET /executions */
+    list(params: ListExecutionsParams): Promise<v4.ExecutionList>;
+    /** GET /workflows/{id}/executions — convenience nested form. */
+    listForWorkflow(workflowId: string, params?: {
+        before?: string;
+        after?: string;
+        limit?: number;
+    }): Promise<v4.ExecutionList>;
+    /** GET /executions/{id}?workflowId=... */
+    retrieve(id: string, params: RetrieveExecutionParams): Promise<v4.Execution>;
+    /** GET /executions/{id}:getStatus?workflowId=... */
+    getStatus(id: string, params: RetrieveExecutionParams): Promise<v4.ExecutionStatusSummary>;
+    /** GET /executions:count */
+    count(params?: CountExecutionsParams): Promise<v4.ExecutionCount>;
+    /** GET /executions:stats */
+    stats(params?: ExecutionStatsParams): Promise<v4.ExecutionStats>;
+    /**
+     * GET /executions/{id}:stream — yields one `ExecutionStatusSummary`
+     * per status change. The stream closes on terminal status, when
+     * `signal` aborts, or when the connection drops. Implementation
+     * uses fetch streaming + a minimal SSE parser so it works in Node
+     * 20+ and browsers without an external EventSource polyfill.
+     */
+    stream(id: string, params: StreamExecutionParams): AsyncGenerator<v4.ExecutionStatusSummary, void, undefined>;
+    /**
+     * Poll-and-wait helper — yields the final ExecutionStatusSummary
+     * once the execution reaches a terminal status. Use `stream()`
+     * when you want every intermediate status update.
+     */
+    waitForTerminal(id: string, params: StreamExecutionParams): Promise<v4.ExecutionStatusSummary>;
+}
+//# sourceMappingURL=executions.d.ts.map