npm - @cmdoss/memwal-sdk - Versions diffs - 0.9.0 → 1.0.0 - Mend

@cmdoss/memwal-sdk 0.9.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (174) hide show

package/README.md +157 -52
package/dist/client/ClientMemoryManager.d.ts.map +1 -1
package/dist/client/ClientMemoryManager.js +25 -8
package/dist/client/ClientMemoryManager.js.map +1 -1
package/dist/client/PersonalDataWallet.d.ts.map +1 -1
package/dist/client/SimplePDWClient.d.ts +2 -1
package/dist/client/SimplePDWClient.d.ts.map +1 -1
package/dist/client/SimplePDWClient.js +23 -6
package/dist/client/SimplePDWClient.js.map +1 -1
package/dist/client/namespaces/MemoryNamespace.d.ts +6 -0
package/dist/client/namespaces/MemoryNamespace.d.ts.map +1 -1
package/dist/client/namespaces/MemoryNamespace.js +131 -18
package/dist/client/namespaces/MemoryNamespace.js.map +1 -1
package/dist/client/namespaces/consolidated/StorageNamespace.d.ts +3 -1
package/dist/client/namespaces/consolidated/StorageNamespace.d.ts.map +1 -1
package/dist/client/namespaces/consolidated/StorageNamespace.js.map +1 -1
package/dist/config/ConfigurationHelper.js +61 -61
package/dist/config/index.d.ts +1 -0
package/dist/config/index.d.ts.map +1 -1
package/dist/config/index.js +2 -0
package/dist/config/index.js.map +1 -1
package/dist/config/modelDefaults.d.ts +67 -0
package/dist/config/modelDefaults.d.ts.map +1 -0
package/dist/config/modelDefaults.js +91 -0
package/dist/config/modelDefaults.js.map +1 -0
package/dist/graph/GraphService.d.ts.map +1 -1
package/dist/graph/GraphService.js +22 -21
package/dist/graph/GraphService.js.map +1 -1
package/dist/index.d.ts +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1 -1
package/dist/index.js.map +1 -1
package/dist/langchain/createPDWRAG.js +30 -30
package/dist/pipeline/MemoryPipeline.d.ts.map +1 -1
package/dist/pipeline/MemoryPipeline.js +2 -1
package/dist/pipeline/MemoryPipeline.js.map +1 -1
package/dist/services/GeminiAIService.d.ts.map +1 -1
package/dist/services/GeminiAIService.js +311 -310
package/dist/services/GeminiAIService.js.map +1 -1
package/dist/services/StorageService.d.ts +4 -1
package/dist/services/StorageService.d.ts.map +1 -1
package/dist/services/StorageService.js.map +1 -1
package/dist/services/storage/QuiltBatchManager.d.ts +7 -0
package/dist/services/storage/QuiltBatchManager.d.ts.map +1 -1
package/dist/services/storage/QuiltBatchManager.js +24 -5
package/dist/services/storage/QuiltBatchManager.js.map +1 -1
package/dist/services/storage/WalrusStorageManager.d.ts +10 -1
package/dist/services/storage/WalrusStorageManager.d.ts.map +1 -1
package/dist/services/storage/WalrusStorageManager.js +53 -12
package/dist/services/storage/WalrusStorageManager.js.map +1 -1
package/dist/vector/BrowserHnswIndexService.js +2 -2
package/dist/vector/BrowserHnswIndexService.js.map +1 -1
package/dist/vector/NodeHnswService.js +4 -4
package/dist/vector/NodeHnswService.js.map +1 -1
package/dist/vector/createHnswService.d.ts +4 -0
package/dist/vector/createHnswService.d.ts.map +1 -1
package/dist/vector/createHnswService.js +15 -3
package/dist/vector/createHnswService.js.map +1 -1
package/package.json +1 -1
package/src/access/PermissionService.ts +635 -635
package/src/aggregation/AggregationService.ts +389 -389
package/src/ai-sdk/PDWVectorStore.ts +715 -715
package/src/ai-sdk/index.ts +65 -65
package/src/ai-sdk/tools.ts +460 -460
package/src/ai-sdk/types.ts +404 -404
package/src/batch/BatchManager.ts +597 -597
package/src/batch/BatchingService.ts +429 -429
package/src/batch/MemoryProcessingCache.ts +492 -492
package/src/batch/index.ts +30 -30
package/src/browser.ts +200 -200
package/src/client/ClientMemoryManager.ts +1004 -987
package/src/client/PersonalDataWallet.ts +345 -345
package/src/client/SimplePDWClient.ts +1387 -1369
package/src/client/factory.ts +154 -154
package/src/client/namespaces/AnalyticsNamespace.ts +377 -377
package/src/client/namespaces/BatchNamespace.ts +356 -356
package/src/client/namespaces/CacheNamespace.ts +123 -123
package/src/client/namespaces/CapabilityNamespace.ts +217 -217
package/src/client/namespaces/ClassifyNamespace.ts +169 -169
package/src/client/namespaces/ContextNamespace.ts +297 -297
package/src/client/namespaces/EncryptionNamespace.ts +221 -221
package/src/client/namespaces/GraphNamespace.ts +468 -468
package/src/client/namespaces/IndexNamespace.ts +364 -364
package/src/client/namespaces/MemoryNamespace.ts +1704 -1569
package/src/client/namespaces/PermissionsNamespace.ts +254 -254
package/src/client/namespaces/PipelineNamespace.ts +220 -220
package/src/client/namespaces/StorageNamespace.ts +458 -458
package/src/client/namespaces/TxNamespace.ts +260 -260
package/src/client/namespaces/WalletNamespace.ts +243 -243
package/src/client/namespaces/consolidated/BlockchainNamespace.ts +607 -607
package/src/client/namespaces/consolidated/SecurityNamespace.ts +648 -648
package/src/client/namespaces/consolidated/StorageNamespace.ts +1143 -1141
package/src/client/namespaces/consolidated/index.ts +41 -41
package/src/client/signers/KeypairSigner.ts +108 -108
package/src/client/signers/UnifiedSigner.ts +110 -110
package/src/client/signers/WalletAdapterSigner.ts +159 -159
package/src/client/signers/index.ts +26 -26
package/src/config/ConfigurationHelper.ts +412 -412
package/src/config/defaults.ts +56 -56
package/src/config/index.ts +16 -9
package/src/config/modelDefaults.ts +103 -0
package/src/config/validation.ts +70 -70
package/src/core/index.ts +14 -14
package/src/core/interfaces/IService.ts +307 -307
package/src/core/interfaces/index.ts +8 -8
package/src/core/types/capability.ts +297 -297
package/src/core/types/index.ts +874 -874
package/src/core/types/wallet.ts +270 -270
package/src/core/types.ts +9 -9
package/src/core/wallet.ts +222 -222
package/src/embedding/index.ts +19 -19
package/src/embedding/types.ts +357 -357
package/src/errors/index.ts +602 -602
package/src/errors/recovery.ts +461 -461
package/src/errors/validation.ts +567 -567
package/src/generated/pdw/capability.ts +319 -319
package/src/graph/GraphService.ts +888 -887
package/src/graph/KnowledgeGraphManager.ts +728 -728
package/src/graph/index.ts +25 -25
package/src/index.ts +498 -498
package/src/infrastructure/index.ts +22 -22
package/src/infrastructure/seal/EncryptionService.ts +628 -628
package/src/infrastructure/seal/SealService.ts +613 -613
package/src/infrastructure/seal/index.ts +9 -9
package/src/infrastructure/sui/BlockchainManager.ts +627 -627
package/src/infrastructure/sui/SuiService.ts +888 -888
package/src/infrastructure/sui/index.ts +9 -9
package/src/infrastructure/walrus/StorageManager.ts +604 -604
package/src/infrastructure/walrus/WalrusStorageService.ts +637 -637
package/src/infrastructure/walrus/index.ts +9 -9
package/src/langchain/createPDWRAG.ts +303 -303
package/src/langchain/index.ts +47 -47
package/src/permissions/ConsentRepository.browser.ts +249 -249
package/src/permissions/ConsentRepository.ts +364 -364
package/src/pipeline/MemoryPipeline.ts +863 -862
package/src/pipeline/PipelineManager.ts +683 -683
package/src/pipeline/index.ts +26 -26
package/src/retrieval/AdvancedSearchService.ts +629 -629
package/src/retrieval/MemoryAnalyticsService.ts +711 -711
package/src/retrieval/MemoryDecryptionPipeline.ts +825 -825
package/src/retrieval/index.ts +42 -42
package/src/services/BatchService.ts +352 -352
package/src/services/CapabilityService.ts +464 -464
package/src/services/ClassifierService.ts +465 -465
package/src/services/CrossContextPermissionService.ts +486 -486
package/src/services/EmbeddingService.ts +796 -796
package/src/services/EncryptionService.ts +712 -712
package/src/services/GeminiAIService.ts +754 -753
package/src/services/MemoryIndexService.ts +1009 -1009
package/src/services/MemoryService.ts +369 -369
package/src/services/QueryService.ts +890 -890
package/src/services/StorageService.ts +1185 -1182
package/src/services/TransactionService.ts +838 -838
package/src/services/VectorService.ts +462 -462
package/src/services/ViewService.ts +484 -484
package/src/services/index.ts +25 -25
package/src/services/storage/BlobAttributesManager.ts +333 -333
package/src/services/storage/KnowledgeGraphManager.ts +425 -425
package/src/services/storage/MemorySearchManager.ts +387 -387
package/src/services/storage/QuiltBatchManager.ts +1157 -1130
package/src/services/storage/WalrusMetadataManager.ts +268 -268
package/src/services/storage/WalrusStorageManager.ts +333 -287
package/src/services/storage/index.ts +57 -57
package/src/types/index.ts +13 -13
package/src/utils/index.ts +76 -76
package/src/utils/memoryIndexOnChain.ts +507 -507
package/src/vector/BrowserHnswIndexService.ts +758 -758
package/src/vector/HnswWasmService.ts +731 -731
package/src/vector/IHnswService.ts +233 -233
package/src/vector/NodeHnswService.ts +833 -833
package/src/vector/createHnswService.ts +147 -135
package/src/vector/index.ts +56 -56
package/src/wallet/ContextWalletService.ts +656 -656
package/src/wallet/MainWalletService.ts +317 -317

package/src/infrastructure/seal/SealService.ts CHANGED Viewed

@@ -1,614 +1,614 @@
-/**
- * SEAL Service Integration
- *
- * Production-ready SEAL service wrapper with comprehensive error handling,
- * session management, and performance analytics integration.
- */
-import { SuiClient } from '@mysten/sui/client';
-import { Transaction } from '@mysten/sui/transactions';
-import { fromHex, toHex, normalizeSuiAddress } from '@mysten/sui/utils';
-import { SealClient, SessionKey, EncryptedObject } from '@mysten/seal';
-import type {
-  SealClientOptions,
-  EncryptOptions,
-  DecryptOptions,
-  KeyServerConfig
-} from '@mysten/seal';
-// SEAL SDK types and interfaces
-interface SealConfig {
-  suiClient: SuiClient;
-  packageId: string;
-  keyServerUrls: string[];
-  keyServerObjectIds: string[];
-  threshold: number;
-  network: 'testnet' | 'mainnet';
-  enableMetrics: boolean;
-  retryAttempts: number;
-  timeoutMs: number;
-}
-interface EncryptionOptions {
-  data: Uint8Array;
-  id: string;
-  threshold?: number;
-}
-interface DecryptionOptions {
-  encryptedObject: Uint8Array;
-  sessionKey: any;
-  txBytes: Uint8Array;
-}
-interface SessionConfig {
-  address: string;
-  packageId: string;
-  ttlMin: number;
-}
-interface PerformanceMetric {
-  operation: string;
-  startTime: number;
-  endTime: number;
-  duration: number;
-  success: boolean;
-  errorType?: string;
-  metadata?: any;
-}
-/**
- * SEAL Service - Production Implementation
- */
-export class SealService {
-  private sealClient: SealClient | null = null;
-  private sessionKey: SessionKey | null = null;
-  private config: SealConfig;
-  private performanceMetrics: PerformanceMetric[] = [];
-  private activeSessions: Map<string, any> = new Map();
-  constructor(config: SealConfig) {
-    this.config = config;
-    console.log('✅ SEAL SDK components loaded successfully');
-  }
-  /**
-   * Initialize SEAL client with retry logic
-   */
-  async initializeClient(): Promise<void> {
-    const metric = this.startMetric('seal_client_init');
-    try {
-      // Configure server configs from testnet servers
-      const serverConfigs: KeyServerConfig[] = this.config.keyServerObjectIds.map((objectId, index) => ({
-        objectId,
-        weight: 1
-      }));
-      const sealClientOptions: SealClientOptions = {
-        suiClient: this.config.suiClient,
-        serverConfigs,
-        verifyKeyServers: this.config.network === 'mainnet' // Only verify on mainnet
-      };
-      this.sealClient = new SealClient(sealClientOptions);
-      this.completeMetric(metric, true, { serverCount: serverConfigs.length });
-      console.log('✅ SEAL client initialized with', serverConfigs.length, 'servers');
-    } catch (error) {
-      this.completeMetric(metric, false, undefined, error);
-      throw new Error(`Failed to initialize SEAL client: ${error}`);
-    }
-  }
-  /**
-   * Create and manage session key
-   */
-  async createSession(config: SessionConfig, signature?: Uint8Array | string): Promise<any> {
-    const metric = this.startMetric('session_creation');
-    try {
-      const sessionKey = await SessionKey.create({
-        address: config.address,
-        packageId: config.packageId,
-        ttlMin: config.ttlMin,
-        suiClient: this.config.suiClient
-      });
-      const message = sessionKey.getPersonalMessage();
-      // In production, signature would come from wallet
-      if (signature) {
-        // Convert Uint8Array to hex string if needed
-        const signatureString = typeof signature === 'string' ? signature : toHex(signature);
-        await sessionKey.setPersonalMessageSignature(signatureString);
-      }
-      // Store session for management
-      this.activeSessions.set(config.address, {
-        sessionKey,
-        createdAt: Date.now(),
-        ttl: config.ttlMin * 60 * 1000,
-        address: config.address
-      });
-      this.completeMetric(metric, true, {
-        address: config.address,
-        ttlMin: config.ttlMin,
-        messageLength: message.length
-      });
-      return { sessionKey, personalMessage: message };
-    } catch (error) {
-      this.completeMetric(metric, false, undefined, error);
-      throw new Error(`Failed to create session: ${error}`);
-    }
-  }
-  /**
-   * Encrypt data with comprehensive error handling
-   */
-  async encryptData(options: EncryptionOptions): Promise<{ encryptedObject: Uint8Array; key: Uint8Array }> {
-    const metric = this.startMetric('encryption');
-    try {
-      if (!this.sealClient) {
-        await this.initializeClient();
-      }
-      if (!this.sealClient) {
-        throw new Error('Failed to initialize SEAL client');
-      }
-      const threshold = options.threshold || this.config.threshold;
-      // Validate threshold against available servers
-      if (threshold > this.config.keyServerObjectIds.length) {
-        throw new Error(`Threshold ${threshold} exceeds available servers ${this.config.keyServerObjectIds.length}`);
-      }
-      const result = await this.sealClient.encrypt({
-        threshold,
-        packageId: this.config.packageId,
-        id: options.id,
-        data: options.data
-      });
-      this.completeMetric(metric, true, {
-        dataSize: options.data.length,
-        threshold,
-        encryptedSize: result.encryptedObject.length,
-        keySize: result.key.length
-      });
-      return result;
-    } catch (error) {
-      this.completeMetric(metric, false, undefined, error);
-      // Enhanced error handling
-      const errorMessage = error instanceof Error ? error.message : String(error);
-      if (errorMessage.includes('threshold')) {
-        throw new Error(`Encryption threshold error: ${errorMessage}`);
-      }
-      if (errorMessage.includes('network')) {
-        throw new Error(`Network error during encryption: ${errorMessage}`);
-      }
-      throw new Error(`Encryption failed: ${errorMessage}`);
-    }
-  }
-  /**
-   * Decrypt data with session management
-   */
-  async decryptData(options: DecryptionOptions): Promise<Uint8Array> {
-    const metric = this.startMetric('decryption');
-    try {
-      if (!this.sealClient) {
-        await this.initializeClient();
-      }
-      if (!this.sealClient) {
-        throw new Error('Failed to initialize SEAL client');
-      }
-      // Add detailed debugging for SEAL decryption
-      console.log('🔍 SEAL decrypt parameters:');
-      console.log(`   - Encrypted data type: ${typeof options.encryptedObject}`);
-      console.log(`   - Encrypted data length: ${options.encryptedObject.length}`);
-      console.log(`   - Session key type: ${typeof options.sessionKey}`);
-      console.log(`   - Session key constructor: ${options.sessionKey?.constructor?.name}`);
-      console.log(`   - Transaction bytes type: ${typeof options.txBytes}`);
-      console.log(`   - Transaction bytes length: ${options.txBytes.length}`);
-      // Check if session key has expected methods
-      if (options.sessionKey) {
-        console.log(`   - Session key methods: ${Object.getOwnPropertyNames(Object.getPrototypeOf(options.sessionKey)).join(', ')}`);
-      }
-      // Try SEAL decryption with error boundary
-      let result;
-      try {
-        console.log('🔍 Attempting SEAL client decrypt...');
-        result = await this.sealClient.decrypt({
-          data: options.encryptedObject,
-          sessionKey: options.sessionKey,
-          txBytes: options.txBytes
-        });
-        console.log('🔍 SEAL decrypt completed without throwing');
-      } catch (innerError) {
-        console.log('🔍 SEAL decrypt threw an error:', innerError);
-        throw innerError;
-      }
-      console.log(`🔍 SEAL decrypt result:`, {
-        result,
-        resultType: typeof result,
-        resultLength: result ? result.length : 'undefined',
-        hasResult: !!result,
-        isUint8Array: result instanceof Uint8Array
-      });
-      if (!result) {
-        throw new Error('SEAL decrypt returned undefined/null result');
-      }
-      this.completeMetric(metric, true, {
-        encryptedSize: options.encryptedObject.length,
-        decryptedSize: result ? result.length : 0
-      });
-      return result;
-    } catch (error) {
-      this.completeMetric(metric, false, undefined, error);
-      // Enhanced error handling for decryption with detailed logging
-      console.log('🚨 SEAL decrypt error details:', {
-        error,
-        errorType: typeof error,
-        errorConstructor: error?.constructor?.name,
-        errorMessage: error instanceof Error ? error.message : String(error),
-        errorStack: error instanceof Error ? error.stack : 'No stack trace'
-      });
-      const errorMessage = error instanceof Error ? error.message : String(error);
-      if (errorMessage.includes('access')) {
-        throw new Error(`Access denied for decryption: ${errorMessage}`);
-      }
-      if (errorMessage.includes('session')) {
-        throw new Error(`Session error during decryption: ${errorMessage}`);
-      }
-      throw new Error(`Decryption failed: ${errorMessage}`);
-    }
-  }
-  /**
-   * Create transaction for seal_approve using capability pattern
-   * Matches Move signature: seal_approve(cap: &MemoryCap, key_id: vector<u8>, ctx: &TxContext)
-   *
-   * @param keyId - SEAL key ID (hex string or bytes)
-   * @param userAddress - User's wallet address (sender)
-   * @param memoryCapId - Object ID of the MemoryCap
-   */
-  async createSealApproveTransaction(
-    keyId: string,
-    userAddress: string,
-    memoryCapId: string,
-    _accessRegistry?: string // Deprecated, kept for backward compatibility
-  ): Promise<Uint8Array> {
-    const metric = this.startMetric('transaction_creation');
-    try {
-      const tx = new Transaction();
-      // Capability-based seal_approve call
-      // CRITICAL: key_id MUST be first argument for SEAL key server!
-      // entry fun seal_approve(key_id: vector<u8>, cap: &MemoryCap, ctx: &TxContext)
-      tx.moveCall({
-        target: `${this.config.packageId}::capability::seal_approve`,
-        arguments: [
-          tx.pure.vector("u8", fromHex(keyId)),      // Arg 1: SEAL key ID (MUST BE FIRST!)
-          tx.object(memoryCapId),                    // Arg 2: MemoryCap object reference
-          // ctx: &TxContext is auto-provided by Sui
-        ]
-      });
-      // Set the sender for the transaction
-      tx.setSender(userAddress);
-      const txBytes = await tx.build({
-        client: this.config.suiClient,
-        onlyTransactionKind: true
-      });
-      this.completeMetric(metric, true, {
-        keyId,
-        memoryCapId,
-        txSize: txBytes.length,
-        userAddress
-      });
-      return txBytes;
-    } catch (error) {
-      this.completeMetric(metric, false, undefined, error);
-      const errorMessage = error instanceof Error ? error.message : String(error);
-      throw new Error(`Failed to create transaction: ${errorMessage}`);
-    }
-  }
-  /**
-   * Build a seal_approve transaction using capability pattern
-   * Matches Move signature: seal_approve(cap: &MemoryCap, key_id: vector<u8>, ctx: &TxContext)
-   *
-   * @param keyId - SEAL key ID (bytes)
-   * @param memoryCapId - Object ID of the MemoryCap
-   */
-  buildSealApproveTransaction(
-    keyId: Uint8Array,
-    memoryCapId: string,
-    _accessRegistry?: string // Deprecated, kept for backward compatibility
-  ): Transaction {
-    const metric = this.startMetric('transaction_creation_wallet');
-    try {
-      const tx = new Transaction();
-      // Capability-based seal_approve call
-      // CRITICAL: key_id MUST be first argument for SEAL key server!
-      // entry fun seal_approve(key_id: vector<u8>, cap: &MemoryCap, ctx: &TxContext)
-      tx.moveCall({
-        target: `${this.config.packageId}::capability::seal_approve`,
-        arguments: [
-          tx.pure.vector('u8', Array.from(keyId)),     // Arg 1: SEAL key ID (MUST BE FIRST!)
-          tx.object(memoryCapId),                      // Arg 2: MemoryCap object reference
-          // ctx: &TxContext is auto-provided by Sui
-        ]
-      });
-      this.completeMetric(metric, true, {
-        keyIdLength: keyId.length,
-        memoryCapId
-      });
-      return tx;
-    } catch (error) {
-      this.completeMetric(metric, false, undefined, error);
-      const errorMessage = error instanceof Error ? error.message : String(error);
-      throw new Error(`Failed to create transaction for capability: ${errorMessage}`);
-    }
-  }
-  /**
-   * Parse encrypted object structure
-   */
-  parseEncryptedObject(encryptedBytes: Uint8Array): any {
-    const metric = this.startMetric('object_parsing');
-    try {
-      const parsed = EncryptedObject.parse(encryptedBytes);
-      this.completeMetric(metric, true, {
-        version: parsed.version,
-        packageId: parsed.packageId,
-        threshold: parsed.threshold,
-        dataSize: encryptedBytes.length
-      });
-      return parsed;
-    } catch (error) {
-      this.completeMetric(metric, false, undefined, error);
-      throw new Error(`Failed to parse encrypted object: ${error}`);
-    }
-  }
-  /**
-   * Session management utilities
-   */
-  getActiveSession(address: string): any | null {
-    const session = this.activeSessions.get(address);
-    if (!session) return null;
-    // Check if session is expired
-    const now = Date.now();
-    if (now > session.createdAt + session.ttl) {
-      this.activeSessions.delete(address);
-      return null;
-    }
-    return session.sessionKey;
-  }
-  cleanupExpiredSessions(): number {
-    const now = Date.now();
-    let cleanedCount = 0;
-    for (const [address, session] of this.activeSessions.entries()) {
-      if (now > session.createdAt + session.ttl) {
-        this.activeSessions.delete(address);
-        cleanedCount++;
-      }
-    }
-    console.log(`🧹 Cleaned up ${cleanedCount} expired sessions`);
-    return cleanedCount;
-  }
-  getSessionStats(): { total: number; expired: number; active: number } {
-    const now = Date.now();
-    let active = 0;
-    let expired = 0;
-    for (const session of this.activeSessions.values()) {
-      if (now > session.createdAt + session.ttl) {
-        expired++;
-      } else {
-        active++;
-      }
-    }
-    return { total: this.activeSessions.size, active, expired };
-  }
-  /**
-   * Performance metrics and analytics
-   */
-  private startMetric(operation: string): PerformanceMetric {
-    const metric: PerformanceMetric = {
-      operation,
-      startTime: Date.now(),
-      endTime: 0,
-      duration: 0,
-      success: false
-    };
-    return metric;
-  }
-  private completeMetric(metric: PerformanceMetric, success: boolean, metadata?: any, error?: any): void {
-    metric.endTime = Date.now();
-    metric.duration = metric.endTime - metric.startTime;
-    metric.success = success;
-    metric.metadata = metadata;
-    if (error) {
-      metric.errorType = error.constructor.name;
-    }
-    this.performanceMetrics.push(metric);
-    // Limit metrics storage to prevent memory leaks
-    if (this.performanceMetrics.length > 1000) {
-      this.performanceMetrics.splice(0, 500); // Keep last 500 metrics
-    }
-  }
-  getPerformanceMetrics(): PerformanceMetric[] {
-    return [...this.performanceMetrics];
-  }
-  getPerformanceStats() {
-    if (this.performanceMetrics.length === 0) {
-      return { totalOperations: 0, averageTime: 0, successRate: 0 };
-    }
-    const successful = this.performanceMetrics.filter(m => m.success);
-    const totalTime = this.performanceMetrics.reduce((sum, m) => sum + m.duration, 0);
-    return {
-      totalOperations: this.performanceMetrics.length,
-      successfulOperations: successful.length,
-      successRate: (successful.length / this.performanceMetrics.length) * 100,
-      averageTime: totalTime / this.performanceMetrics.length,
-      averageSuccessTime: successful.length > 0 ?
-        successful.reduce((sum, m) => sum + m.duration, 0) / successful.length : 0,
-      operationBreakdown: this.getOperationBreakdown()
-    };
-  }
-  private getOperationBreakdown(): Record<string, any> {
-    const breakdown: Record<string, any> = {};
-    for (const metric of this.performanceMetrics) {
-      if (!breakdown[metric.operation]) {
-        breakdown[metric.operation] = {
-          count: 0,
-          totalTime: 0,
-          successCount: 0,
-          avgTime: 0,
-          successRate: 0
-        };
-      }
-      const op = breakdown[metric.operation];
-      op.count++;
-      op.totalTime += metric.duration;
-      if (metric.success) op.successCount++;
-    }
-    // Calculate averages and rates
-    for (const op of Object.values(breakdown) as any[]) {
-      op.avgTime = op.totalTime / op.count;
-      op.successRate = (op.successCount / op.count) * 100;
-    }
-    return breakdown;
-  }
-  /**
-   * Health checks and diagnostics
-   */
-  async healthCheck(): Promise<{ status: 'healthy' | 'degraded' | 'unhealthy'; details: any }> {
-    const checks = {
-      sealClientInitialized: !!this.sealClient,
-      activeSessions: this.activeSessions.size,
-      performanceMetrics: this.performanceMetrics.length,
-      keyServers: this.config.keyServerObjectIds.length
-    };
-    // Test key server connectivity
-    const serverHealth = await Promise.allSettled(
-      this.config.keyServerUrls.map(async (url) => {
-        const response = await fetch(url, { signal: AbortSignal.timeout(5000) });
-        return { url, status: response.status, ok: response.ok };
-      })
-    );
-    const healthyServers = serverHealth.filter(result =>
-      result.status === 'fulfilled' && result.value.ok
-    ).length;
-    let status: 'healthy' | 'degraded' | 'unhealthy';
-    if (healthyServers === this.config.keyServerUrls.length) {
-      status = 'healthy';
-    } else if (healthyServers >= this.config.threshold) {
-      status = 'degraded';
-    } else {
-      status = 'unhealthy';
-    }
-    return {
-      status,
-      details: {
-        ...checks,
-        serverHealth: {
-          total: this.config.keyServerUrls.length,
-          healthy: healthyServers,
-          threshold: this.config.threshold
-        },
-        performanceStats: this.getPerformanceStats()
-      }
-    };
-  }
-  /**
-   * Configuration and utilities
-   */
-  getConfiguration(): Partial<SealConfig> {
-    return {
-      packageId: this.config.packageId,
-      network: this.config.network,
-      threshold: this.config.threshold,
-      enableMetrics: this.config.enableMetrics,
-      retryAttempts: this.config.retryAttempts,
-      timeoutMs: this.config.timeoutMs
-    };
-  }
-  updateConfiguration(updates: Partial<SealConfig>): void {
-    this.config = { ...this.config, ...updates };
-    // Reinitialize client if critical settings changed
-    if (updates.keyServerObjectIds || updates.suiClient) {
-      this.sealClient = null;
-    }
-  }
+/**
+ * SEAL Service Integration
+ *
+ * Production-ready SEAL service wrapper with comprehensive error handling,
+ * session management, and performance analytics integration.
+ */
+import { SuiClient } from '@mysten/sui/client';
+import { Transaction } from '@mysten/sui/transactions';
+import { fromHex, toHex, normalizeSuiAddress } from '@mysten/sui/utils';
+import { SealClient, SessionKey, EncryptedObject } from '@mysten/seal';
+import type {
+  SealClientOptions,
+  EncryptOptions,
+  DecryptOptions,
+  KeyServerConfig
+} from '@mysten/seal';
+// SEAL SDK types and interfaces
+interface SealConfig {
+  suiClient: SuiClient;
+  packageId: string;
+  keyServerUrls: string[];
+  keyServerObjectIds: string[];
+  threshold: number;
+  network: 'testnet' | 'mainnet';
+  enableMetrics: boolean;
+  retryAttempts: number;
+  timeoutMs: number;
+}
+interface EncryptionOptions {
+  data: Uint8Array;
+  id: string;
+  threshold?: number;
+}
+interface DecryptionOptions {
+  encryptedObject: Uint8Array;
+  sessionKey: any;
+  txBytes: Uint8Array;
+}
+interface SessionConfig {
+  address: string;
+  packageId: string;
+  ttlMin: number;
+}
+interface PerformanceMetric {
+  operation: string;
+  startTime: number;
+  endTime: number;
+  duration: number;
+  success: boolean;
+  errorType?: string;
+  metadata?: any;
+}
+/**
+ * SEAL Service - Production Implementation
+ */
+export class SealService {
+  private sealClient: SealClient | null = null;
+  private sessionKey: SessionKey | null = null;
+  private config: SealConfig;
+  private performanceMetrics: PerformanceMetric[] = [];
+  private activeSessions: Map<string, any> = new Map();
+  constructor(config: SealConfig) {
+    this.config = config;
+    console.log('✅ SEAL SDK components loaded successfully');
+  }
+  /**
+   * Initialize SEAL client with retry logic
+   */
+  async initializeClient(): Promise<void> {
+    const metric = this.startMetric('seal_client_init');
+    try {
+      // Configure server configs from testnet servers
+      const serverConfigs: KeyServerConfig[] = this.config.keyServerObjectIds.map((objectId, index) => ({
+        objectId,
+        weight: 1
+      }));
+      const sealClientOptions: SealClientOptions = {
+        suiClient: this.config.suiClient,
+        serverConfigs,
+        verifyKeyServers: this.config.network === 'mainnet' // Only verify on mainnet
+      };
+      this.sealClient = new SealClient(sealClientOptions);
+      this.completeMetric(metric, true, { serverCount: serverConfigs.length });
+      console.log('✅ SEAL client initialized with', serverConfigs.length, 'servers');
+    } catch (error) {
+      this.completeMetric(metric, false, undefined, error);
+      throw new Error(`Failed to initialize SEAL client: ${error}`);
+    }
+  }
+  /**
+   * Create and manage session key
+   */
+  async createSession(config: SessionConfig, signature?: Uint8Array | string): Promise<any> {
+    const metric = this.startMetric('session_creation');
+    try {
+      const sessionKey = await SessionKey.create({
+        address: config.address,
+        packageId: config.packageId,
+        ttlMin: config.ttlMin,
+        suiClient: this.config.suiClient
+      });
+      const message = sessionKey.getPersonalMessage();
+      // In production, signature would come from wallet
+      if (signature) {
+        // Convert Uint8Array to hex string if needed
+        const signatureString = typeof signature === 'string' ? signature : toHex(signature);
+        await sessionKey.setPersonalMessageSignature(signatureString);
+      }
+      // Store session for management
+      this.activeSessions.set(config.address, {
+        sessionKey,
+        createdAt: Date.now(),
+        ttl: config.ttlMin * 60 * 1000,
+        address: config.address
+      });
+      this.completeMetric(metric, true, {
+        address: config.address,
+        ttlMin: config.ttlMin,
+        messageLength: message.length
+      });
+      return { sessionKey, personalMessage: message };
+    } catch (error) {
+      this.completeMetric(metric, false, undefined, error);
+      throw new Error(`Failed to create session: ${error}`);
+    }
+  }
+  /**
+   * Encrypt data with comprehensive error handling
+   */
+  async encryptData(options: EncryptionOptions): Promise<{ encryptedObject: Uint8Array; key: Uint8Array }> {
+    const metric = this.startMetric('encryption');
+    try {
+      if (!this.sealClient) {
+        await this.initializeClient();
+      }
+      if (!this.sealClient) {
+        throw new Error('Failed to initialize SEAL client');
+      }
+      const threshold = options.threshold || this.config.threshold;
+      // Validate threshold against available servers
+      if (threshold > this.config.keyServerObjectIds.length) {
+        throw new Error(`Threshold ${threshold} exceeds available servers ${this.config.keyServerObjectIds.length}`);
+      }
+      const result = await this.sealClient.encrypt({
+        threshold,
+        packageId: this.config.packageId,
+        id: options.id,
+        data: options.data
+      });
+      this.completeMetric(metric, true, {
+        dataSize: options.data.length,
+        threshold,
+        encryptedSize: result.encryptedObject.length,
+        keySize: result.key.length
+      });
+      return result;
+    } catch (error) {
+      this.completeMetric(metric, false, undefined, error);
+      // Enhanced error handling
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (errorMessage.includes('threshold')) {
+        throw new Error(`Encryption threshold error: ${errorMessage}`);
+      }
+      if (errorMessage.includes('network')) {
+        throw new Error(`Network error during encryption: ${errorMessage}`);
+      }
+      throw new Error(`Encryption failed: ${errorMessage}`);
+    }
+  }
+  /**
+   * Decrypt data with session management
+   */
+  async decryptData(options: DecryptionOptions): Promise<Uint8Array> {
+    const metric = this.startMetric('decryption');
+    try {
+      if (!this.sealClient) {
+        await this.initializeClient();
+      }
+      if (!this.sealClient) {
+        throw new Error('Failed to initialize SEAL client');
+      }
+      // Add detailed debugging for SEAL decryption
+      console.log('🔍 SEAL decrypt parameters:');
+      console.log(`   - Encrypted data type: ${typeof options.encryptedObject}`);
+      console.log(`   - Encrypted data length: ${options.encryptedObject.length}`);
+      console.log(`   - Session key type: ${typeof options.sessionKey}`);
+      console.log(`   - Session key constructor: ${options.sessionKey?.constructor?.name}`);
+      console.log(`   - Transaction bytes type: ${typeof options.txBytes}`);
+      console.log(`   - Transaction bytes length: ${options.txBytes.length}`);
+      // Check if session key has expected methods
+      if (options.sessionKey) {
+        console.log(`   - Session key methods: ${Object.getOwnPropertyNames(Object.getPrototypeOf(options.sessionKey)).join(', ')}`);
+      }
+      // Try SEAL decryption with error boundary
+      let result;
+      try {
+        console.log('🔍 Attempting SEAL client decrypt...');
+        result = await this.sealClient.decrypt({
+          data: options.encryptedObject,
+          sessionKey: options.sessionKey,
+          txBytes: options.txBytes
+        });
+        console.log('🔍 SEAL decrypt completed without throwing');
+      } catch (innerError) {
+        console.log('🔍 SEAL decrypt threw an error:', innerError);
+        throw innerError;
+      }
+      console.log(`🔍 SEAL decrypt result:`, {
+        result,
+        resultType: typeof result,
+        resultLength: result ? result.length : 'undefined',
+        hasResult: !!result,
+        isUint8Array: result instanceof Uint8Array
+      });
+      if (!result) {
+        throw new Error('SEAL decrypt returned undefined/null result');
+      }
+      this.completeMetric(metric, true, {
+        encryptedSize: options.encryptedObject.length,
+        decryptedSize: result ? result.length : 0
+      });
+      return result;
+    } catch (error) {
+      this.completeMetric(metric, false, undefined, error);
+      // Enhanced error handling for decryption with detailed logging
+      console.log('🚨 SEAL decrypt error details:', {
+        error,
+        errorType: typeof error,
+        errorConstructor: error?.constructor?.name,
+        errorMessage: error instanceof Error ? error.message : String(error),
+        errorStack: error instanceof Error ? error.stack : 'No stack trace'
+      });
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (errorMessage.includes('access')) {
+        throw new Error(`Access denied for decryption: ${errorMessage}`);
+      }
+      if (errorMessage.includes('session')) {
+        throw new Error(`Session error during decryption: ${errorMessage}`);
+      }
+      throw new Error(`Decryption failed: ${errorMessage}`);
+    }
+  }
+  /**
+   * Create transaction for seal_approve using capability pattern
+   * Matches Move signature: seal_approve(cap: &MemoryCap, key_id: vector<u8>, ctx: &TxContext)
+   *
+   * @param keyId - SEAL key ID (hex string or bytes)
+   * @param userAddress - User's wallet address (sender)
+   * @param memoryCapId - Object ID of the MemoryCap
+   */
+  async createSealApproveTransaction(
+    keyId: string,
+    userAddress: string,
+    memoryCapId: string,
+    _accessRegistry?: string // Deprecated, kept for backward compatibility
+  ): Promise<Uint8Array> {
+    const metric = this.startMetric('transaction_creation');
+    try {
+      const tx = new Transaction();
+      // Capability-based seal_approve call
+      // CRITICAL: key_id MUST be first argument for SEAL key server!
+      // entry fun seal_approve(key_id: vector<u8>, cap: &MemoryCap, ctx: &TxContext)
+      tx.moveCall({
+        target: `${this.config.packageId}::capability::seal_approve`,
+        arguments: [
+          tx.pure.vector("u8", fromHex(keyId)),      // Arg 1: SEAL key ID (MUST BE FIRST!)
+          tx.object(memoryCapId),                    // Arg 2: MemoryCap object reference
+          // ctx: &TxContext is auto-provided by Sui
+        ]
+      });
+      // Set the sender for the transaction
+      tx.setSender(userAddress);
+      const txBytes = await tx.build({
+        client: this.config.suiClient,
+        onlyTransactionKind: true
+      });
+      this.completeMetric(metric, true, {
+        keyId,
+        memoryCapId,
+        txSize: txBytes.length,
+        userAddress
+      });
+      return txBytes;
+    } catch (error) {
+      this.completeMetric(metric, false, undefined, error);
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      throw new Error(`Failed to create transaction: ${errorMessage}`);
+    }
+  }
+  /**
+   * Build a seal_approve transaction using capability pattern
+   * Matches Move signature: seal_approve(cap: &MemoryCap, key_id: vector<u8>, ctx: &TxContext)
+   *
+   * @param keyId - SEAL key ID (bytes)
+   * @param memoryCapId - Object ID of the MemoryCap
+   */
+  buildSealApproveTransaction(
+    keyId: Uint8Array,
+    memoryCapId: string,
+    _accessRegistry?: string // Deprecated, kept for backward compatibility
+  ): Transaction {
+    const metric = this.startMetric('transaction_creation_wallet');
+    try {
+      const tx = new Transaction();
+      // Capability-based seal_approve call
+      // CRITICAL: key_id MUST be first argument for SEAL key server!
+      // entry fun seal_approve(key_id: vector<u8>, cap: &MemoryCap, ctx: &TxContext)
+      tx.moveCall({
+        target: `${this.config.packageId}::capability::seal_approve`,
+        arguments: [
+          tx.pure.vector('u8', Array.from(keyId)),     // Arg 1: SEAL key ID (MUST BE FIRST!)
+          tx.object(memoryCapId),                      // Arg 2: MemoryCap object reference
+          // ctx: &TxContext is auto-provided by Sui
+        ]
+      });
+      this.completeMetric(metric, true, {
+        keyIdLength: keyId.length,
+        memoryCapId
+      });
+      return tx;
+    } catch (error) {
+      this.completeMetric(metric, false, undefined, error);
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      throw new Error(`Failed to create transaction for capability: ${errorMessage}`);
+    }
+  }
+  /**
+   * Parse encrypted object structure
+   */
+  parseEncryptedObject(encryptedBytes: Uint8Array): any {
+    const metric = this.startMetric('object_parsing');
+    try {
+      const parsed = EncryptedObject.parse(encryptedBytes);
+      this.completeMetric(metric, true, {
+        version: parsed.version,
+        packageId: parsed.packageId,
+        threshold: parsed.threshold,
+        dataSize: encryptedBytes.length
+      });
+      return parsed;
+    } catch (error) {
+      this.completeMetric(metric, false, undefined, error);
+      throw new Error(`Failed to parse encrypted object: ${error}`);
+    }
+  }
+  /**
+   * Session management utilities
+   */
+  getActiveSession(address: string): any | null {
+    const session = this.activeSessions.get(address);
+    if (!session) return null;
+    // Check if session is expired
+    const now = Date.now();
+    if (now > session.createdAt + session.ttl) {
+      this.activeSessions.delete(address);
+      return null;
+    }
+    return session.sessionKey;
+  }
+  cleanupExpiredSessions(): number {
+    const now = Date.now();
+    let cleanedCount = 0;
+    for (const [address, session] of this.activeSessions.entries()) {
+      if (now > session.createdAt + session.ttl) {
+        this.activeSessions.delete(address);
+        cleanedCount++;
+      }
+    }
+    console.log(`🧹 Cleaned up ${cleanedCount} expired sessions`);
+    return cleanedCount;
+  }
+  getSessionStats(): { total: number; expired: number; active: number } {
+    const now = Date.now();
+    let active = 0;
+    let expired = 0;
+    for (const session of this.activeSessions.values()) {
+      if (now > session.createdAt + session.ttl) {
+        expired++;
+      } else {
+        active++;
+      }
+    }
+    return { total: this.activeSessions.size, active, expired };
+  }
+  /**
+   * Performance metrics and analytics
+   */
+  private startMetric(operation: string): PerformanceMetric {
+    const metric: PerformanceMetric = {
+      operation,
+      startTime: Date.now(),
+      endTime: 0,
+      duration: 0,
+      success: false
+    };
+    return metric;
+  }
+  private completeMetric(metric: PerformanceMetric, success: boolean, metadata?: any, error?: any): void {
+    metric.endTime = Date.now();
+    metric.duration = metric.endTime - metric.startTime;
+    metric.success = success;
+    metric.metadata = metadata;
+    if (error) {
+      metric.errorType = error.constructor.name;
+    }
+    this.performanceMetrics.push(metric);
+    // Limit metrics storage to prevent memory leaks
+    if (this.performanceMetrics.length > 1000) {
+      this.performanceMetrics.splice(0, 500); // Keep last 500 metrics
+    }
+  }
+  getPerformanceMetrics(): PerformanceMetric[] {
+    return [...this.performanceMetrics];
+  }
+  getPerformanceStats() {
+    if (this.performanceMetrics.length === 0) {
+      return { totalOperations: 0, averageTime: 0, successRate: 0 };
+    }
+    const successful = this.performanceMetrics.filter(m => m.success);
+    const totalTime = this.performanceMetrics.reduce((sum, m) => sum + m.duration, 0);
+    return {
+      totalOperations: this.performanceMetrics.length,
+      successfulOperations: successful.length,
+      successRate: (successful.length / this.performanceMetrics.length) * 100,
+      averageTime: totalTime / this.performanceMetrics.length,
+      averageSuccessTime: successful.length > 0 ?
+        successful.reduce((sum, m) => sum + m.duration, 0) / successful.length : 0,
+      operationBreakdown: this.getOperationBreakdown()
+    };
+  }
+  private getOperationBreakdown(): Record<string, any> {
+    const breakdown: Record<string, any> = {};
+    for (const metric of this.performanceMetrics) {
+      if (!breakdown[metric.operation]) {
+        breakdown[metric.operation] = {
+          count: 0,
+          totalTime: 0,
+          successCount: 0,
+          avgTime: 0,
+          successRate: 0
+        };
+      }
+      const op = breakdown[metric.operation];
+      op.count++;
+      op.totalTime += metric.duration;
+      if (metric.success) op.successCount++;
+    }
+    // Calculate averages and rates
+    for (const op of Object.values(breakdown) as any[]) {
+      op.avgTime = op.totalTime / op.count;
+      op.successRate = (op.successCount / op.count) * 100;
+    }
+    return breakdown;
+  }
+  /**
+   * Health checks and diagnostics
+   */
+  async healthCheck(): Promise<{ status: 'healthy' | 'degraded' | 'unhealthy'; details: any }> {
+    const checks = {
+      sealClientInitialized: !!this.sealClient,
+      activeSessions: this.activeSessions.size,
+      performanceMetrics: this.performanceMetrics.length,
+      keyServers: this.config.keyServerObjectIds.length
+    };
+    // Test key server connectivity
+    const serverHealth = await Promise.allSettled(
+      this.config.keyServerUrls.map(async (url) => {
+        const response = await fetch(url, { signal: AbortSignal.timeout(5000) });
+        return { url, status: response.status, ok: response.ok };
+      })
+    );
+    const healthyServers = serverHealth.filter(result =>
+      result.status === 'fulfilled' && result.value.ok
+    ).length;
+    let status: 'healthy' | 'degraded' | 'unhealthy';
+    if (healthyServers === this.config.keyServerUrls.length) {
+      status = 'healthy';
+    } else if (healthyServers >= this.config.threshold) {
+      status = 'degraded';
+    } else {
+      status = 'unhealthy';
+    }
+    return {
+      status,
+      details: {
+        ...checks,
+        serverHealth: {
+          total: this.config.keyServerUrls.length,
+          healthy: healthyServers,
+          threshold: this.config.threshold
+        },
+        performanceStats: this.getPerformanceStats()
+      }
+    };
+  }
+  /**
+   * Configuration and utilities
+   */
+  getConfiguration(): Partial<SealConfig> {
+    return {
+      packageId: this.config.packageId,
+      network: this.config.network,
+      threshold: this.config.threshold,
+      enableMetrics: this.config.enableMetrics,
+      retryAttempts: this.config.retryAttempts,
+      timeoutMs: this.config.timeoutMs
+    };
+  }
+  updateConfiguration(updates: Partial<SealConfig>): void {
+    this.config = { ...this.config, ...updates };
+    // Reinitialize client if critical settings changed
+    if (updates.keyServerObjectIds || updates.suiClient) {
+      this.sealClient = null;
+    }
+  }
 }