@cubist-labs/cubesigner-sdk 0.4.263 → 0.4.266

package/dist/src/schema.d.ts

@@ -1316,6 +1316,12 @@ export interface paths {
          *
          * If a `role` query parameter is provided, all active sessions for the selected role are returned
          * (asserting first that the current user has permissions to read sessions for that role).
+         *
+         * If a `role_created_by` query parameter is provided, all active **role** sessions created by that
+         * user are returned (gated by the same permissions as listing that user's own sessions: the
+         * current user must be that user or an org owner). When combined with `role`, the result is
+         * further restricted to the sessions created by that user for the given role; the permission model
+         * is unchanged. The `user` selector cannot be combined with `role` or `role_created_by`.
          */
         get: operations["listSessions"];
         /**
@@ -1346,6 +1352,14 @@ export interface paths {
          * user is an org owner, only sessions for roles the current user is **still a member of** are
          * revoked (so a user cannot revoke sessions for a role they have since been removed from); org
          * owners revoke across all roles.
+         *
+         * If **both** a `role` and a `role_created_by` query parameter are provided, the selection above
+         * is narrowed to only the sessions created by **THAT USER** for **THAT ROLE**. The permission
+         * model is unchanged from the `role_created_by`-only case (the current user must be that user or
+         * an org owner, and non-owners are still limited to roles they are a member of); `role` is purely
+         * an additional filter.
+         *
+         * The `user` selector cannot be combined with `role` or `role_created_by`.
          */
         delete: operations["revokeSessions"];
     };
@@ -2817,7 +2831,7 @@ export interface components {
         /** @enum {string} */
         BadGatewayErrorCode: "Generic" | "CustomChainRpcError" | "EsploraApiError" | "SentryApiError" | "CallWebhookError" | "OAuthProviderError" | "OidcDisoveryFailed" | "OidcIssuerJwkEndpointUnavailable" | "SmtpServerUnavailable";
         /** @enum {string} */
-        BadRequestErrorCode: "GenericBadRequest" | "DisallowedAllowRuleReference" | "InvalidPaginationToken" | "InvalidEmail" | "InvalidEmailTemplate" | "QueryMetricsError" | "InvalidTelegramData" | "ValidationError" | "WebhookPolicyTimeoutOutOfBounds" | "WebhookPolicyDisallowedUrlScheme" | "WebhookPolicyDisallowedUrlHost" | "WebhookPolicyDisallowedHeaders" | "ReservedName" | "UserEmailNotConfigured" | "EmailPasswordNotFound" | "PasswordAuthNotAllowedByInvitation" | "OneTimeCodeExpired" | "InvalidBody" | "InvalidJwt" | "InvitationNoLongerValid" | "TokenRequestError" | "InvalidMfaReceipt" | "InvalidMfaPolicyCount" | "InvalidMfaPolicyNumAuthFactors" | "InvalidMfaPolicyNumAllowedApprovers" | "InvalidMfaPolicyGracePeriodTooLong" | "InvalidBabylonStakingPolicyParams" | "InvalidSuiTxReceiversEmptyAllowlist" | "InvalidBtcTxReceiversEmptyAllowlist" | "InvalidRequireRoleSessionAllowlist" | "InvalidCreateKeyCount" | "InvalidDiffieHellmanCount" | "OrgInviteExistingUser" | "OrgUserAlreadyExists" | "OrgNameTaken" | "KwkNotFoundInRegion" | "OrgIsNotOrgExport" | "RoleNameTaken" | "PolicyNameTaken" | "NameTaken" | "ContactNameInvalid" | "ContactAddressesInvalid" | "ContactLabelInvalid" | "ContactModified" | "PolicyNotFound" | "PolicyVersionNotFound" | "PolicyRuleDisallowedByType" | "PolicyTypeDisallowed" | "PolicyDuplicateError" | "PolicyStillAttached" | "PolicyModified" | "PolicyNotAttached" | "AddKeyToRoleCountTooHigh" | "InvalidKeyId" | "InvalidTimeLockAlreadyInThePast" | "InvalidRestrictedScopes" | "InvalidUpdate" | "InvalidMetadataLength" | "InvalidLength" | "InvalidKeyMaterialId" | "KeyNotFound" | "SiweChallengeNotFound" | "SiweInvalidRequest" | "SiwsChallengeNotFound" | "SiwsInvalidRequest" | "UserExportDerivedKey" | "UserExportPublicKeyInvalid" | "NistP256PublicKeyInvalid" | "UnableToAccessSmtpRelay" | "UserExportInProgress" | "RoleNotFound" | "InvalidRoleNameOrId" | "InvalidMfaReceiptOrgIdMissing" | "InvalidMfaReceiptInvalidOrgId" | "MfaRequestNotFound" | "InvalidKeyType" | "InvalidPropertiesForKeyType" | "MismatchedKeyPropertiesPatch" | "MissingBinanceApiKey" | "MissingBybitApiKey" | "MissingCoinbaseApiKey" | "BinanceKeyMasterMismatch" | "BybitAccountMismatch" | "InvalidKeyMaterial" | "InvalidHexValue" | "InvalidBase32Value" | "InvalidBase58Value" | "InvalidBase64Value" | "InvalidSs58Value" | "InvalidForkVersionLength" | "InvalidEthAddress" | "InvalidStellarAddress" | "InvalidOrgNameOrId" | "InvalidUpdateOrgRequestDisallowedMfaType" | "InvalidUpdateOrgRequestEmptyAllowedMfaTypes" | "EmailOtpDelayTooShortForRegisterMfa" | "InvalidStakeDeposit" | "InvalidBlobSignRequest" | "InvalidDiffieHellmanRequest" | "InvalidSolanaSignRequest" | "InvalidEip712SignRequest" | "OnlySpecifyOne" | "NoOidcDataInProof" | "InvalidEvmSignRequest" | "InvalidEth2SignRequest" | "InvalidDeriveKeyRequest" | "InvalidStakingAmount" | "CustomStakingAmountNotAllowedForWrapperContract" | "InvalidUnstakeRequest" | "InvalidCreateUserRequest" | "UserAlreadyExists" | "IdpUserAlreadyExists" | "CognitoUserAlreadyOrgMember" | "UserNotFound" | "UserWithEmailNotFound" | "PolicyKeyMismatch" | "EmptyScopes" | "InvalidScopesForRoleSession" | "InvalidLifetime" | "NoSingleKeyForUser" | "InvalidOrgPolicyRule" | "SourceIpAllowlistEmpty" | "LimitWindowTooLong" | "Erc20ContractDisallowed" | "EmptyRuleError" | "PolicyFieldValidationError" | "OptionalListEmpty" | "MultipleExclusiveFieldsProvided" | "DuplicateFieldEntry" | "InvalidRange" | "InvalidOrgPolicyRepeatedRule" | "InvalidSuiTransaction" | "SuiSenderMismatch" | "AvaSignHashError" | "AvaSignError" | "BtcSegwitHashError" | "BtcTaprootHashError" | "BtcSignError" | "TaprootSignError" | "Eip712SignError" | "InvalidMemberRoleInUserAdd" | "InvalidMemberRoleInRecipientAdd" | "ThirdPartyUserAlreadyExists" | "OidcIdentityAlreadyExists" | "UserAlreadyHasIdentity" | "ThirdPartyUserNotFound" | "DeleteOidcUserError" | "DeleteUserError" | "SessionRoleMismatch" | "InvalidOidcToken" | "InvalidOidcIdentity" | "OidcIssuerUnsupported" | "OidcIssuerNotAllowed" | "OidcIssuerNoApplicableJwk" | "FidoKeyAlreadyRegistered" | "FidoKeySignCountTooLow" | "FidoVerificationFailed" | "FidoChallengeMfaMismatch" | "UnsupportedLegacyCognitoSession" | "InvalidIdentityProof" | "PaginationDataExpired" | "ExistingKeysViolateExclusiveKeyAccess" | "ExportDelayTooShort" | "ExportWindowTooLong" | "InvalidTotpFailureLimit" | "InvalidEip191SignRequest" | "CannotResendUserInvitation" | "InvalidNotificationEndpointCount" | "CannotDeletePendingSubscription" | "InvalidNotificationUrlProtocol" | "EmptyOneOfOrgEventFilter" | "EmptyAllExceptOrgEventFilter" | "InvalidTapNodeHash" | "InvalidOneTimeCode" | "MessageNotFound" | "MessageAlreadySigned" | "MessageRejected" | "MessageReplaced" | "InvalidMessageType" | "EmptyAddress" | "InvalidEth2SigningPolicySlotRange" | "InvalidEth2SigningPolicyEpochRange" | "InvalidEth2SigningPolicyTimestampRange" | "InvalidEth2SigningPolicyOverlappingRule" | "RpcUrlMissing" | "MmiChainIdMissing" | "EthersInvalidRpcUrl" | "EthersGetTransactionCountError" | "InvalidPassword" | "BabylonStakingFeePlusDustOverflow" | "BabylonStaking" | "BabylonStakingIncorrectKey" | "BabylonStakingSegwitNonDeposit" | "BabylonStakingRegistrationRequiresTaproot" | "PsbtSigning" | "TooManyResets" | "TooManyRequests" | "TooManyFailedLogins" | "BadBtcMessageSignP2shFlag" | "InvalidTendermintRequest" | "PolicyVersionMaxReached" | "PolicyVersionInvalid" | "PolicySecretLimitReached" | "PolicySecretTooLarge" | "InvalidImportKey" | "AlienOwnerInvalid" | "EmptyUpdateRequest" | "InvalidPolicyReference" | "PolicyEngineDisabled" | "InvalidWasmPolicy" | "CelProgramTooLarge" | "InvalidPolicy" | "RedundantDerivationPath" | "ImportKeyMissing" | "InvalidAbiMethods" | "BabylonCovSign" | "InvalidPolicyLogsRequest" | "UserProfileMigrationMultipleEntries" | "UserProfileMigrationTooManyItems" | "InputTooShort" | "InvalidTweakLength" | "InvalidCustomChains" | "InvalidRpcRequest";
+        BadRequestErrorCode: "GenericBadRequest" | "DisallowedAllowRuleReference" | "InvalidPaginationToken" | "InvalidEmail" | "InvalidEmailTemplate" | "QueryMetricsError" | "InvalidTelegramData" | "ValidationError" | "WebhookPolicyTimeoutOutOfBounds" | "WebhookPolicyDisallowedUrlScheme" | "WebhookPolicyDisallowedUrlHost" | "WebhookPolicyDisallowedHeaders" | "ReservedName" | "UserEmailNotConfigured" | "EmailPasswordNotFound" | "PasswordAuthNotAllowedByInvitation" | "OneTimeCodeExpired" | "InvalidBody" | "InvalidJwt" | "InvitationNoLongerValid" | "TokenRequestError" | "InvalidMfaReceipt" | "InvalidMfaPolicyCount" | "InvalidMfaPolicyNumAuthFactors" | "InvalidMfaPolicyNumAllowedApprovers" | "InvalidMfaPolicyGracePeriodTooLong" | "InvalidBabylonStakingPolicyParams" | "InvalidSuiTxReceiversEmptyAllowlist" | "InvalidBtcTxReceiversEmptyAllowlist" | "InvalidRequireRoleSessionAllowlist" | "InvalidCreateKeyCount" | "InvalidDiffieHellmanCount" | "OrgInviteExistingUser" | "OrgUserAlreadyExists" | "OrgNameTaken" | "KwkNotFoundInRegion" | "OrgIsNotOrgExport" | "RoleNameTaken" | "PolicyNameTaken" | "NameTaken" | "ContactNameInvalid" | "ContactAddressesInvalid" | "ContactLabelInvalid" | "ContactModified" | "PolicyNotFound" | "PolicyVersionNotFound" | "PolicyRuleDisallowedByType" | "PolicyTypeDisallowed" | "PolicyDuplicateError" | "PolicyStillAttached" | "PolicyModified" | "PolicyNotAttached" | "AddKeyToRoleCountTooHigh" | "InvalidKeyId" | "InvalidTimeLockAlreadyInThePast" | "InvalidRestrictedScopes" | "InvalidUpdate" | "InvalidMetadataLength" | "InvalidLength" | "InvalidKeyMaterialId" | "KeyNotFound" | "SiweChallengeNotFound" | "SiweInvalidRequest" | "SiwsChallengeNotFound" | "SiwsInvalidRequest" | "UserExportDerivedKey" | "UserExportPublicKeyInvalid" | "NistP256PublicKeyInvalid" | "UnableToAccessSmtpRelay" | "UserExportInProgress" | "RoleNotFound" | "InvalidRoleNameOrId" | "InvalidMfaReceiptOrgIdMissing" | "InvalidMfaReceiptInvalidOrgId" | "MfaRequestNotFound" | "InvalidKeyType" | "InvalidPropertiesForKeyType" | "MismatchedKeyPropertiesPatch" | "MissingBinanceApiKey" | "MissingBybitApiKey" | "MissingCoinbaseApiKey" | "BinanceKeyMasterMismatch" | "BybitAccountMismatch" | "InvalidKeyMaterial" | "InvalidHexValue" | "InvalidBase32Value" | "InvalidBase58Value" | "InvalidBase64Value" | "InvalidSs58Value" | "InvalidForkVersionLength" | "InvalidEthAddress" | "InvalidStellarAddress" | "InvalidOrgNameOrId" | "InvalidUpdateOrgRequestDisallowedMfaType" | "InvalidUpdateOrgRequestEmptyAllowedMfaTypes" | "EmailOtpDelayTooShortForRegisterMfa" | "InvalidStakeDeposit" | "InvalidBlobSignRequest" | "InvalidDiffieHellmanRequest" | "InvalidSolanaSignRequest" | "InvalidEip712SignRequest" | "OnlySpecifyOne" | "IncompatibleParams" | "NoOidcDataInProof" | "InvalidEvmSignRequest" | "InvalidEth2SignRequest" | "InvalidDeriveKeyRequest" | "InvalidStakingAmount" | "CustomStakingAmountNotAllowedForWrapperContract" | "InvalidUnstakeRequest" | "InvalidCreateUserRequest" | "UserAlreadyExists" | "IdpUserAlreadyExists" | "CognitoUserAlreadyOrgMember" | "UserNotFound" | "UserWithEmailNotFound" | "PolicyKeyMismatch" | "EmptyScopes" | "InvalidScopesForRoleSession" | "InvalidLifetime" | "NoSingleKeyForUser" | "InvalidOrgPolicyRule" | "SourceIpAllowlistEmpty" | "LimitWindowTooLong" | "Erc20ContractDisallowed" | "EmptyRuleError" | "PolicyFieldValidationError" | "OptionalListEmpty" | "MultipleExclusiveFieldsProvided" | "DuplicateFieldEntry" | "InvalidRange" | "InvalidOrgPolicyRepeatedRule" | "InvalidSuiTransaction" | "SuiSenderMismatch" | "AvaSignHashError" | "AvaSignError" | "BtcSegwitHashError" | "BtcTaprootHashError" | "BtcSignError" | "TaprootSignError" | "Eip712SignError" | "InvalidMemberRoleInUserAdd" | "InvalidMemberRoleInRecipientAdd" | "ThirdPartyUserAlreadyExists" | "OidcIdentityAlreadyExists" | "UserAlreadyHasIdentity" | "ThirdPartyUserNotFound" | "DeleteOidcUserError" | "DeleteUserError" | "SessionRoleMismatch" | "InvalidOidcToken" | "InvalidOidcIdentity" | "OidcIssuerUnsupported" | "OidcIssuerNotAllowed" | "OidcIssuerNoApplicableJwk" | "FidoKeyAlreadyRegistered" | "FidoKeySignCountTooLow" | "FidoVerificationFailed" | "FidoChallengeMfaMismatch" | "UnsupportedLegacyCognitoSession" | "InvalidIdentityProof" | "PaginationDataExpired" | "ExistingKeysViolateExclusiveKeyAccess" | "ExportDelayTooShort" | "ExportWindowTooLong" | "InvalidTotpFailureLimit" | "InvalidEip191SignRequest" | "CannotResendUserInvitation" | "InvalidNotificationEndpointCount" | "CannotDeletePendingSubscription" | "InvalidNotificationUrlProtocol" | "EmptyOneOfOrgEventFilter" | "EmptyAllExceptOrgEventFilter" | "InvalidTapNodeHash" | "InvalidOneTimeCode" | "MessageNotFound" | "MessageAlreadySigned" | "MessageRejected" | "MessageReplaced" | "InvalidMessageType" | "EmptyAddress" | "InvalidEth2SigningPolicySlotRange" | "InvalidEth2SigningPolicyEpochRange" | "InvalidEth2SigningPolicyTimestampRange" | "InvalidEth2SigningPolicyOverlappingRule" | "RpcUrlMissing" | "MmiChainIdMissing" | "EthersInvalidRpcUrl" | "EthersGetTransactionCountError" | "InvalidPassword" | "BabylonStakingFeePlusDustOverflow" | "BabylonStaking" | "BabylonStakingIncorrectKey" | "BabylonStakingSegwitNonDeposit" | "BabylonStakingRegistrationRequiresTaproot" | "PsbtSigning" | "TooManyResets" | "TooManyRequests" | "TooManyFailedLogins" | "BadBtcMessageSignP2shFlag" | "InvalidTendermintRequest" | "PolicyVersionMaxReached" | "PolicyVersionInvalid" | "PolicySecretLimitReached" | "PolicySecretTooLarge" | "InvalidImportKey" | "AlienOwnerInvalid" | "EmptyUpdateRequest" | "InvalidPolicyReference" | "PolicyEngineDisabled" | "InvalidWasmPolicy" | "CelProgramTooLarge" | "InvalidPolicy" | "RedundantDerivationPath" | "ImportKeyMissing" | "InvalidAbiMethods" | "BabylonCovSign" | "InvalidPolicyLogsRequest" | "UserProfileMigrationMultipleEntries" | "UserProfileMigrationTooManyItems" | "InputTooShort" | "InvalidTweakLength" | "InvalidCustomChains" | "InvalidRpcRequest";
         BillingArgs: {
             billing_org: components["schemas"]["Id"];
             event_type: components["schemas"]["BillingEvent"];
@@ -2834,7 +2848,7 @@ export interface components {
          * @description Billing event types.
          * @enum {string}
          */
-        BillingEvent: "Mmi" | "MmiMessageGet" | "MmiMessageList" | "MmiMessageSign" | "MmiMessageReject" | "MmiMessageDelete" | "AboutMe" | "UserResetEmailInit" | "UserResetEmailComplete" | "UserDeleteTotp" | "UserResetTotpInit" | "UserResetTotpComplete" | "UserVerifyTotp" | "UserRegisterFidoInit" | "UserRegisterFidoComplete" | "UserDeleteFido" | "CreateProofOidc" | "CreateProofCubeSigner" | "VerifyProof" | "AddOidcIdentity" | "RemoveOidcIdentity" | "ListOidcIdentities" | "GetOrg" | "UpdateOrg" | "GetOrgExport" | "CreateOrg" | "ListKeys" | "AttestKey" | "GetKey" | "GetKeyByMaterialId" | "ListKeyRoles" | "UpdateKey" | "ListHistoricalKeyTx" | "Invite" | "CancelInvitation" | "ListInvitations" | "ListUsers" | "GetUser" | "GetUserByEmail" | "GetUserByOidc" | "UpdateMembership" | "ResetMemberMfa" | "CompleteResetMemberMfa" | "CreateRole" | "AttestRole" | "GetRole" | "ListTokenKeys" | "ListRoles" | "GetRoleKey" | "ListRoleKeys" | "ListRoleUsers" | "UpdateRole" | "DeleteRole" | "ConfigureEmail" | "GetEmailConfig" | "DeleteEmailConfig" | "ListHistoricalRoleTx" | "CreatePolicy" | "GetPolicy" | "ListPolicies" | "DeletePolicy" | "UpdatePolicy" | "InvokePolicy" | "GetPolicyLogs" | "UploadWasmPolicy" | "GetPolicySecrets" | "UpdatePolicySecrets" | "SetPolicySecret" | "DeletePolicySecret" | "CreatePolicyImportKey" | "GetPolicyBucket" | "ListPolicyBuckets" | "UpdatePolicyBucket" | "UserExportDelete" | "UserExportList" | "UserExportInit" | "UserExportComplete" | "AddUserToRole" | "RemoveUserFromRole" | "MfaApproveCs" | "MfaRejectCs" | "MfaGet" | "MfaList" | "AddKeysToRole" | "RemoveKeyFromRole" | "CreateToken" | "CreateSession" | "RevokeSession" | "RevokeCurrentSession" | "RevokeSessions" | "ListSessions" | "GetSession" | "SignerSessionRefresh" | "MfaApproveTotp" | "MfaRejectTotp" | "MfaFidoInit" | "MfaApproveFidoComplete" | "MfaRejectFidoComplete" | "MfaEmailInit" | "MfaEmailComplete" | "Cube3signerHeartbeat" | "CreateContact" | "GetContact" | "ListContacts" | "DeleteContact" | "UpdateContact" | "LookupContactsByAddress" | "QueryMetrics" | "QueryAuditLog" | "Counts" | "CreateKey" | "ImportKey" | "CreateKeyImportKey" | "DeriveKey" | "DeleteKey" | "AvaSign" | "AvaSerializedTxSign" | "BabylonRegistration" | "BabylonStaking" | "BabylonCovSign" | "BinanceSign" | "BybitSign" | "CoinbaseSign" | "BlobSign" | "BtcMessageSign" | "BtcSign" | "DiffieHellmanExchange" | "PsbtSign" | "PsbtLegacyInputSign" | "PsbtSegwitInputSign" | "PsbtTaprootInputSign" | "TaprootSign" | "Eip712Sign" | "Eip191Sign" | "Eth1Sign" | "Eth2Sign" | "SolanaSign" | "SuiSign" | "TendermintSign" | "Stake" | "Unstake" | "PasskeyAuthInit" | "PasskeyAuthComplete" | "OidcAuth" | "Oauth2Twitter" | "OAuth2TokenRefresh" | "EmailOtpAuth" | "SiweInit" | "SiweComplete" | "SiwsInit" | "SiwsComplete" | "TelegramAuth" | "CreateOidcUser" | "DeleteOidcUser" | "DeleteUser" | "CreateEotsNonces" | "EotsSign" | "AuthMigrationIdentityAdd" | "AuthMigrationIdentityRemove" | "AuthMigrationUserUpdate" | "KeyCreated" | "KeyImported" | "InvitationAccept" | "IdpAuthenticate" | "IdpPasswordResetRequest" | "IdpPasswordResetConfirm" | "RpcApi" | "RpcCreateTransaction" | "RpcGetTransaction" | "RpcListTransactions" | "RpcRetryTransaction" | "RpcCancelTransaction" | "RpcBinance" | "RpcBybit" | "RpcCoinbase" | "CustomChainRpcCall" | "EsploraApiCall" | "SentryApiCall" | "SentryApiCallPublic" | "MmiJwkSet" | "AttestationJwkSet" | "UserOrgs" | "PublicOrgInfo" | "EmailMyOrgs";
+        BillingEvent: "Mmi" | "MmiMessageGet" | "MmiMessageList" | "MmiMessageSign" | "MmiMessageReject" | "MmiMessageDelete" | "AboutMe" | "UserResetEmailInit" | "UserResetEmailComplete" | "UserDeleteTotp" | "UserResetTotpInit" | "UserResetTotpComplete" | "UserVerifyTotp" | "UserRegisterFidoInit" | "UserRegisterFidoComplete" | "UserDeleteFido" | "CreateProofOidc" | "CreateProofCubeSigner" | "VerifyProof" | "AddOidcIdentity" | "RemoveOidcIdentity" | "ListOidcIdentities" | "GetOrg" | "UpdateOrg" | "GetOrgExport" | "CreateOrg" | "ListKeys" | "AttestKey" | "GetKey" | "GetKeyByMaterialId" | "ListKeyRoles" | "UpdateKey" | "ListHistoricalKeyTx" | "Invite" | "CancelInvitation" | "ListInvitations" | "ListUsers" | "GetUser" | "GetUserByEmail" | "GetUserByOidc" | "UpdateMembership" | "ResetMemberMfa" | "CompleteResetMemberMfa" | "CreateRole" | "AttestRole" | "GetRole" | "ListTokenKeys" | "ListRoles" | "GetRoleKey" | "ListRoleKeys" | "ListRoleUsers" | "UpdateRole" | "DeleteRole" | "ConfigureEmail" | "GetEmailConfig" | "DeleteEmailConfig" | "ListHistoricalRoleTx" | "CreatePolicy" | "GetPolicy" | "ListPolicies" | "DeletePolicy" | "UpdatePolicy" | "InvokePolicy" | "GetPolicyLogs" | "UploadWasmPolicy" | "GetPolicySecrets" | "UpdatePolicySecrets" | "SetPolicySecret" | "DeletePolicySecret" | "CreatePolicyImportKey" | "GetPolicyBucket" | "ListPolicyBuckets" | "UpdatePolicyBucket" | "UserExportDelete" | "UserExportList" | "UserExportInit" | "UserExportComplete" | "AddUserToRole" | "RemoveUserFromRole" | "MfaApproveCs" | "MfaRejectCs" | "MfaGet" | "MfaList" | "AddKeysToRole" | "RemoveKeyFromRole" | "CreateToken" | "CreateSession" | "RevokeSession" | "RevokeCurrentSession" | "RevokeSessions" | "ListSessions" | "GetSession" | "SignerSessionRefresh" | "MfaApproveTotp" | "MfaRejectTotp" | "MfaFidoInit" | "MfaApproveFidoComplete" | "MfaRejectFidoComplete" | "MfaEmailInit" | "MfaEmailComplete" | "Cube3signerHeartbeat" | "CreateContact" | "GetContact" | "ListContacts" | "DeleteContact" | "UpdateContact" | "LookupContactsByAddress" | "QueryMetrics" | "QueryAuditLog" | "Counts" | "CreateKey" | "ImportKey" | "CreateKeyImportKey" | "DeriveKey" | "DeleteKey" | "AvaSign" | "AvaSerializedTxSign" | "BabylonRegistration" | "BabylonStaking" | "BabylonCovSign" | "BinanceSign" | "BybitSign" | "CoinbaseSign" | "BlobSign" | "BtcMessageSign" | "BtcSign" | "DiffieHellmanExchange" | "PsbtSign" | "PsbtLegacyInputSign" | "PsbtSegwitInputSign" | "PsbtTaprootInputSign" | "TaprootSign" | "Eip712Sign" | "Eip191Sign" | "Eth1Sign" | "Eth2Sign" | "SolanaSign" | "SuiSign" | "TendermintSign" | "Stake" | "Unstake" | "PasskeyAuthInit" | "PasskeyAuthComplete" | "OidcAuth" | "Oauth2Twitter" | "OAuth2TokenRefresh" | "EmailOtpAuth" | "SiweInit" | "SiweComplete" | "SiwsInit" | "SiwsComplete" | "TelegramAuth" | "CreateOidcUser" | "DeleteOidcUser" | "DeleteUser" | "CreateEotsNonces" | "EotsSign" | "AuthMigrationIdentityAdd" | "AuthMigrationIdentityRemove" | "AuthMigrationUserUpdate" | "KeyCreated" | "KeyImported" | "InvitationAccept" | "IdpAuthenticate" | "IdpPasswordResetRequest" | "IdpPasswordResetConfirm" | "RpcApi" | "RpcCreateTransaction" | "RpcGetTransaction" | "RpcListTransactions" | "RpcBtcListUtxos" | "RpcRetryTransaction" | "RpcCancelTransaction" | "RpcBinance" | "RpcBybit" | "RpcCoinbase" | "CustomChainRpcCall" | "EsploraApiCall" | "SentryApiCall" | "SentryApiCallPublic" | "MmiJwkSet" | "AttestationJwkSet" | "UserOrgs" | "PublicOrgInfo" | "EmailMyOrgs";
         /** @description Parameters envelope for all Binance RPC methods. */
         BinanceAccountInfoParams: components["schemas"]["AccountInfoRequest"] & {
             dryRun?: components["schemas"]["BinanceDryRunMode"] | null;
@@ -3197,6 +3211,27 @@ export interface components {
             /** @description Taproot-tagged hash with tag "TapLeaf". */
             leaf_hash: string;
         };
+        /** @description Parameters for the [`cs_btcListUtxos`](CsRpc::BtcListUtxos) method. */
+        BtcListUtxosRequest: {
+            /** @description The Bitcoin address whose unspent outputs (UTXOs) are being queried. */
+            address: string;
+            /**
+             * Format: int32
+             * @description The maximum number of UTXOs to return (1-250).
+             * @default 100
+             */
+            max_results?: number;
+            network: components["schemas"]["BtcNetwork"];
+            /** @description Pagination token returned by a previous call. */
+            next_token?: string | null;
+        };
+        /** @description The response to [`cs_btcListUtxos`](super::request::CsRpc::BtcListUtxos). */
+        BtcListUtxosResponse: {
+            /** @description Pagination token to pass to the next call, if more results remain. */
+            next_token?: string | null;
+            /** @description The unspent transaction outputs for the queried address. */
+            utxos: components["schemas"]["BtcUtxo"][];
+        };
         /** @description Data to sign */
         BtcMessageSignRequest: {
             /** @description Do not produce a valid signature, just evaluate attached policies. */
@@ -3234,6 +3269,11 @@ export interface components {
             /** @description The base64-encoded signature in BIP137 format. */
             sig: string;
         };
+        /**
+         * @description The Bitcoin network to query for UTXOs.
+         * @enum {string}
+         */
+        BtcNetwork: "mainnet" | "testnet";
         /** @enum {string} */
         BtcSighashType: "All" | "None" | "Single" | "AllPlusAnyoneCanPay" | "NonePlusAnyoneCanPay" | "SinglePlusAnyoneCanPay";
         BtcSignRequest: {
@@ -3324,6 +3364,27 @@ export interface components {
              */
             value: number;
         };
+        /** @description A single Bitcoin unspent transaction output (UTXO). */
+        BtcUtxo: {
+            /** @description The address that controls this output. */
+            address?: string | null;
+            /** @description Whether the output has reached finality (is confirmed). */
+            confirmed: boolean;
+            /**
+             * Format: int64
+             * @description The block time of the output, in seconds since the Unix epoch.
+             */
+            time?: number | null;
+            /** @description The hash of the transaction that created this output. */
+            transaction_hash: string;
+            /** @description The output value, in satoshis, as a decimal string. */
+            value?: string | null;
+            /**
+             * Format: int32
+             * @description The index of this output within its transaction.
+             */
+            vout_index?: number | null;
+        };
         /**
          * @description The access-controlled actions that can be performed on a bucket
          * @enum {string}
@@ -3565,7 +3626,7 @@ export interface components {
         };
         /**
          * @description Bybit-family RPC methods. Each variant authenticates as the
-         * [`KeyType::HmacSha256`] key in its `params.key_id` (which must carry
+         * [`KeyType::HmacSha256Bybit`] key in its `params.key_id` (which must carry
          * [`KeyProperties::BybitApi`]).
          */
         BybitRpc: {
@@ -4567,33 +4628,31 @@ export interface components {
             options: components["schemas"]["PublicKeyCredentialCreationOptions"];
         };
         /** @description Core RPC methods (transaction CRUD). */
-        CsRpc: OneOf<[
-            {
-                /** @enum {string} */
-                method: "cs_createTransaction";
-                params: components["schemas"]["CreateTransactionRequest"];
-            },
-            {
-                /** @enum {string} */
-                method: "cs_retryTransaction";
-                params: components["schemas"]["RetryTransactionRequest"];
-            },
-            {
-                /** @enum {string} */
-                method: "cs_cancelTransaction";
-                params: components["schemas"]["CancelTransactionRequest"];
-            },
-            {
-                /** @enum {string} */
-                method: "cs_getTransaction";
-                params: components["schemas"]["GetTransactionRequest"];
-            },
-            {
-                /** @enum {string} */
-                method: "cs_listTransactions";
-                params: components["schemas"]["ListTransactionsRequest"];
-            }
-        ]>;
+        CsRpc: {
+            /** @enum {string} */
+            method: "cs_createTransaction";
+            params: components["schemas"]["CreateTransactionRequest"];
+        } | {
+            /** @enum {string} */
+            method: "cs_retryTransaction";
+            params: components["schemas"]["RetryTransactionRequest"];
+        } | {
+            /** @enum {string} */
+            method: "cs_cancelTransaction";
+            params: components["schemas"]["CancelTransactionRequest"];
+        } | {
+            /** @enum {string} */
+            method: "cs_getTransaction";
+            params: components["schemas"]["GetTransactionRequest"];
+        } | {
+            /** @enum {string} */
+            method: "cs_listTransactions";
+            params: components["schemas"]["ListTransactionsRequest"];
+        } | {
+            /** @enum {string} */
+            method: "cs_btcListUtxos";
+            params: components["schemas"]["BtcListUtxosRequest"];
+        };
         CubeSignerUserInfo: {
             /** @description All multi-factor authentication methods configured for this user */
             configured_mfa: components["schemas"]["ConfiguredMfa"][];
@@ -5586,7 +5645,7 @@ export interface components {
          * @description Explicitly named scopes for accessing CubeSigner APIs
          * @enum {string}
          */
-        ExplicitScope: "sign:*" | "sign:ava" | "sign:binance:*" | "sign:binance:subToMaster" | "sign:binance:subToSub" | "sign:binance:universalTransfer" | "sign:binance:subAccountAssets" | "sign:binance:accountInfo" | "sign:binance:subAccountTransferHistory" | "sign:binance:universalTransferHistory" | "sign:binance:withdraw" | "sign:binance:withdrawHistory" | "sign:binance:deposit" | "sign:binance:depositHistory" | "sign:binance:listSubAccounts" | "sign:binance:coinInfo" | "sign:bybit:*" | "sign:bybit:queryUser" | "sign:bybit:querySubMembers" | "sign:bybit:queryCoinsBalance" | "sign:bybit:queryDepositAddress" | "sign:bybit:universalTransfer" | "sign:bybit:withdraw" | "sign:bybit:withdrawals" | "sign:coinbase:*" | "sign:coinbase:accounts:list" | "sign:coinbase:portfolios:list" | "sign:coinbase:funds:move" | "sign:blob" | "sign:diffieHellman" | "sign:btc:*" | "sign:btc:segwit" | "sign:btc:taproot" | "sign:btc:psbt:*" | "sign:btc:psbt:doge" | "sign:btc:psbt:legacy" | "sign:btc:psbt:segwit" | "sign:btc:psbt:taproot" | "sign:btc:psbt:ltcSegwit" | "sign:btc:message:*" | "sign:btc:message:segwit" | "sign:btc:message:legacy" | "sign:babylon:*" | "sign:babylon:eots:*" | "sign:babylon:eots:nonces" | "sign:babylon:eots:sign" | "sign:babylon:staking:*" | "sign:babylon:staking:deposit" | "sign:babylon:staking:unbond" | "sign:babylon:staking:withdraw" | "sign:babylon:staking:slash" | "sign:babylon:registration" | "sign:babylon:covenant" | "sign:evm:*" | "sign:evm:tx" | "sign:evm:eip191" | "sign:evm:eip712" | "sign:eth2:*" | "sign:eth2:validate" | "sign:eth2:stake" | "sign:eth2:unstake" | "sign:solana" | "sign:sui" | "sign:tendermint" | "sign:mmi" | "manage:*" | "manage:readonly" | "manage:email:*" | "manage:email:get" | "manage:email:update" | "manage:email:delete" | "manage:mfa:*" | "manage:mfa:readonly" | "manage:mfa:list" | "manage:mfa:vote:*" | "manage:mfa:vote:cs" | "manage:mfa:vote:email" | "manage:mfa:vote:fido" | "manage:mfa:vote:totp" | "manage:mfa:register:*" | "manage:mfa:register:fido" | "manage:mfa:register:totp" | "manage:mfa:register:email" | "manage:mfa:unregister:*" | "manage:mfa:unregister:fido" | "manage:mfa:unregister:totp" | "manage:mfa:verify:*" | "manage:mfa:verify:totp" | "manage:key:*" | "manage:key:readonly" | "manage:key:get" | "manage:key:attest" | "manage:key:listRoles" | "manage:key:list" | "manage:key:history:tx:list" | "manage:key:create" | "manage:key:import" | "manage:key:update:*" | "manage:key:update:owner" | "manage:key:update:policy" | "manage:key:update:enabled" | "manage:key:update:region" | "manage:key:update:metadata" | "manage:key:update:properties" | "manage:key:update:editPolicy" | "manage:key:delete" | "manage:policy:*" | "manage:policy:readonly" | "manage:policy:create" | "manage:policy:get" | "manage:policy:list" | "manage:policy:delete" | "manage:policy:update:*" | "manage:policy:update:owner" | "manage:policy:update:name" | "manage:policy:update:acl" | "manage:policy:update:editPolicy" | "manage:policy:update:metadata" | "manage:policy:update:rule" | "manage:policy:invoke" | "manage:policy:wasm:*" | "manage:policy:wasm:upload" | "manage:policy:secrets:*" | "manage:policy:secrets:get" | "manage:policy:secrets:update:*" | "manage:policy:secrets:update:values" | "manage:policy:secrets:update:acl" | "manage:policy:secrets:update:editPolicy" | "manage:policy:buckets:*" | "manage:policy:buckets:get" | "manage:policy:buckets:list" | "manage:policy:buckets:update:*" | "manage:policy:buckets:update:owner" | "manage:policy:buckets:update:acl" | "manage:policy:buckets:update:metadata" | "manage:contact:*" | "manage:contact:readonly" | "manage:contact:create" | "manage:contact:get" | "manage:contact:list" | "manage:contact:delete" | "manage:contact:update:*" | "manage:contact:update:name" | "manage:contact:update:addresses" | "manage:contact:update:owner" | "manage:contact:update:labels" | "manage:contact:update:metadata" | "manage:contact:update:editPolicy" | "manage:contact:lookup:*" | "manage:contact:lookup:address" | "manage:policy:createImportKey" | "manage:role:*" | "manage:role:readonly" | "manage:role:create" | "manage:role:delete" | "manage:role:get:*" | "manage:role:attest" | "manage:role:get:keys" | "manage:role:get:keys:list" | "manage:role:get:keys:get" | "manage:role:get:users" | "manage:role:list" | "manage:role:update:*" | "manage:role:update:enabled" | "manage:role:update:policy" | "manage:role:update:editPolicy" | "manage:role:update:actions" | "manage:role:update:key:*" | "manage:role:update:key:add" | "manage:role:update:key:remove" | "manage:role:update:user:*" | "manage:role:update:user:add" | "manage:role:update:user:remove" | "manage:role:history:tx:list" | "manage:identity:*" | "manage:identity:readonly" | "manage:identity:verify" | "manage:identity:add" | "manage:identity:remove" | "manage:identity:list" | "manage:org:*" | "manage:org:create" | "manage:org:metrics:query" | "manage:org:audit:query" | "manage:org:readonly" | "manage:org:addUser" | "manage:org:inviteUser" | "manage:org:inviteAlien" | "manage:org:invitation:list" | "manage:org:invitation:cancel" | "manage:org:updateMembership:*" | "manage:org:updateMembership:owner" | "manage:org:updateMembership:member" | "manage:org:updateMembership:alien" | "manage:org:listUsers" | "manage:org:user:get" | "manage:org:deleteUser:*" | "manage:org:deleteUser:owner" | "manage:org:deleteUser:member" | "manage:org:deleteUser:alien" | "manage:org:get" | "manage:org:update:*" | "manage:org:update:enabled" | "manage:org:update:policy" | "manage:org:update:signPolicy" | "manage:org:update:export" | "manage:org:update:totpFailureLimit" | "manage:org:update:notificationEndpoints" | "manage:org:update:defaultInviteKind" | "manage:org:update:idpConfiguration" | "manage:org:update:passkeyConfiguration" | "manage:org:update:emailPreferences" | "manage:org:update:historicalData" | "manage:org:update:requireScopeCeiling" | "manage:org:update:alienLoginRequirement" | "manage:org:update:memberLoginRequirement" | "manage:org:update:keyExportRequirement" | "manage:org:update:allowedMfaTypes" | "manage:org:update:policyEngineConf" | "manage:org:update:customChains" | "manage:org:update:extProps" | "manage:org:update:editPolicy" | "manage:org:user:resetMfa" | "manage:session:*" | "manage:session:readonly" | "manage:session:get" | "manage:session:list" | "manage:session:create" | "manage:session:extend" | "manage:session:revoke" | "manage:export:*" | "manage:export:readonly" | "manage:export:org:*" | "manage:export:org:get" | "manage:export:user:*" | "manage:export:user:delete" | "manage:export:user:list" | "manage:authMigration:*" | "manage:authMigration:identity:add" | "manage:authMigration:identity:remove" | "manage:authMigration:user:update" | "manage:mmi:*" | "manage:mmi:readonly" | "manage:mmi:get" | "manage:mmi:list" | "manage:mmi:reject" | "manage:mmi:delete" | "export:*" | "export:user:*" | "export:user:init" | "export:user:complete" | "mmi:*" | "orgAccess:*" | "orgAccess:child:*" | "rpc:*" | "rpc:createTransaction:*" | "rpc:createTransaction:evm" | "rpc:retryTransaction" | "rpc:cancelTransaction" | "rpc:getTransaction" | "rpc:listTransactions" | "rpc:binance" | "rpc:bybit" | "rpc:coinbase";
+        ExplicitScope: "sign:*" | "sign:ava" | "sign:binance:*" | "sign:binance:subToMaster" | "sign:binance:subToSub" | "sign:binance:universalTransfer" | "sign:binance:subAccountAssets" | "sign:binance:accountInfo" | "sign:binance:subAccountTransferHistory" | "sign:binance:universalTransferHistory" | "sign:binance:withdraw" | "sign:binance:withdrawHistory" | "sign:binance:deposit" | "sign:binance:depositHistory" | "sign:binance:listSubAccounts" | "sign:binance:coinInfo" | "sign:bybit:*" | "sign:bybit:queryUser" | "sign:bybit:querySubMembers" | "sign:bybit:queryCoinsBalance" | "sign:bybit:queryDepositAddress" | "sign:bybit:universalTransfer" | "sign:bybit:withdraw" | "sign:bybit:withdrawals" | "sign:coinbase:*" | "sign:coinbase:accounts:list" | "sign:coinbase:portfolios:list" | "sign:coinbase:funds:move" | "sign:blob" | "sign:diffieHellman" | "sign:btc:*" | "sign:btc:segwit" | "sign:btc:taproot" | "sign:btc:psbt:*" | "sign:btc:psbt:doge" | "sign:btc:psbt:legacy" | "sign:btc:psbt:segwit" | "sign:btc:psbt:taproot" | "sign:btc:psbt:ltcSegwit" | "sign:btc:message:*" | "sign:btc:message:segwit" | "sign:btc:message:legacy" | "sign:babylon:*" | "sign:babylon:eots:*" | "sign:babylon:eots:nonces" | "sign:babylon:eots:sign" | "sign:babylon:staking:*" | "sign:babylon:staking:deposit" | "sign:babylon:staking:unbond" | "sign:babylon:staking:withdraw" | "sign:babylon:staking:slash" | "sign:babylon:registration" | "sign:babylon:covenant" | "sign:evm:*" | "sign:evm:tx" | "sign:evm:eip191" | "sign:evm:eip712" | "sign:eth2:*" | "sign:eth2:validate" | "sign:eth2:stake" | "sign:eth2:unstake" | "sign:solana" | "sign:sui" | "sign:tendermint" | "sign:mmi" | "manage:*" | "manage:readonly" | "manage:email:*" | "manage:email:get" | "manage:email:update" | "manage:email:delete" | "manage:mfa:*" | "manage:mfa:readonly" | "manage:mfa:list" | "manage:mfa:vote:*" | "manage:mfa:vote:cs" | "manage:mfa:vote:email" | "manage:mfa:vote:fido" | "manage:mfa:vote:totp" | "manage:mfa:register:*" | "manage:mfa:register:fido" | "manage:mfa:register:totp" | "manage:mfa:register:email" | "manage:mfa:unregister:*" | "manage:mfa:unregister:fido" | "manage:mfa:unregister:totp" | "manage:mfa:verify:*" | "manage:mfa:verify:totp" | "manage:key:*" | "manage:key:readonly" | "manage:key:get" | "manage:key:attest" | "manage:key:listRoles" | "manage:key:list" | "manage:key:history:tx:list" | "manage:key:create" | "manage:key:import" | "manage:key:update:*" | "manage:key:update:owner" | "manage:key:update:policy" | "manage:key:update:enabled" | "manage:key:update:region" | "manage:key:update:metadata" | "manage:key:update:properties" | "manage:key:update:editPolicy" | "manage:key:delete" | "manage:policy:*" | "manage:policy:readonly" | "manage:policy:create" | "manage:policy:get" | "manage:policy:list" | "manage:policy:delete" | "manage:policy:update:*" | "manage:policy:update:owner" | "manage:policy:update:name" | "manage:policy:update:acl" | "manage:policy:update:editPolicy" | "manage:policy:update:metadata" | "manage:policy:update:rule" | "manage:policy:invoke" | "manage:policy:wasm:*" | "manage:policy:wasm:upload" | "manage:policy:secrets:*" | "manage:policy:secrets:get" | "manage:policy:secrets:update:*" | "manage:policy:secrets:update:values" | "manage:policy:secrets:update:acl" | "manage:policy:secrets:update:editPolicy" | "manage:policy:buckets:*" | "manage:policy:buckets:get" | "manage:policy:buckets:list" | "manage:policy:buckets:update:*" | "manage:policy:buckets:update:owner" | "manage:policy:buckets:update:acl" | "manage:policy:buckets:update:metadata" | "manage:contact:*" | "manage:contact:readonly" | "manage:contact:create" | "manage:contact:get" | "manage:contact:list" | "manage:contact:delete" | "manage:contact:update:*" | "manage:contact:update:name" | "manage:contact:update:addresses" | "manage:contact:update:owner" | "manage:contact:update:labels" | "manage:contact:update:metadata" | "manage:contact:update:editPolicy" | "manage:contact:lookup:*" | "manage:contact:lookup:address" | "manage:policy:createImportKey" | "manage:role:*" | "manage:role:readonly" | "manage:role:create" | "manage:role:delete" | "manage:role:get:*" | "manage:role:attest" | "manage:role:get:keys" | "manage:role:get:keys:list" | "manage:role:get:keys:get" | "manage:role:get:users" | "manage:role:list" | "manage:role:update:*" | "manage:role:update:enabled" | "manage:role:update:policy" | "manage:role:update:editPolicy" | "manage:role:update:actions" | "manage:role:update:key:*" | "manage:role:update:key:add" | "manage:role:update:key:remove" | "manage:role:update:user:*" | "manage:role:update:user:add" | "manage:role:update:user:remove" | "manage:role:history:tx:list" | "manage:identity:*" | "manage:identity:readonly" | "manage:identity:verify" | "manage:identity:add" | "manage:identity:remove" | "manage:identity:list" | "manage:org:*" | "manage:org:create" | "manage:org:metrics:query" | "manage:org:audit:query" | "manage:org:readonly" | "manage:org:addUser" | "manage:org:inviteUser" | "manage:org:inviteAlien" | "manage:org:invitation:list" | "manage:org:invitation:cancel" | "manage:org:updateMembership:*" | "manage:org:updateMembership:owner" | "manage:org:updateMembership:member" | "manage:org:updateMembership:alien" | "manage:org:listUsers" | "manage:org:user:get" | "manage:org:deleteUser:*" | "manage:org:deleteUser:owner" | "manage:org:deleteUser:member" | "manage:org:deleteUser:alien" | "manage:org:get" | "manage:org:update:*" | "manage:org:update:enabled" | "manage:org:update:policy" | "manage:org:update:signPolicy" | "manage:org:update:export" | "manage:org:update:totpFailureLimit" | "manage:org:update:notificationEndpoints" | "manage:org:update:defaultInviteKind" | "manage:org:update:idpConfiguration" | "manage:org:update:passkeyConfiguration" | "manage:org:update:emailPreferences" | "manage:org:update:historicalData" | "manage:org:update:requireScopeCeiling" | "manage:org:update:alienLoginRequirement" | "manage:org:update:memberLoginRequirement" | "manage:org:update:keyExportRequirement" | "manage:org:update:allowedMfaTypes" | "manage:org:update:policyEngineConf" | "manage:org:update:customChains" | "manage:org:update:extProps" | "manage:org:update:editPolicy" | "manage:org:user:resetMfa" | "manage:session:*" | "manage:session:readonly" | "manage:session:get" | "manage:session:list" | "manage:session:create" | "manage:session:extend" | "manage:session:revoke" | "manage:export:*" | "manage:export:readonly" | "manage:export:org:*" | "manage:export:org:get" | "manage:export:user:*" | "manage:export:user:delete" | "manage:export:user:list" | "manage:authMigration:*" | "manage:authMigration:identity:add" | "manage:authMigration:identity:remove" | "manage:authMigration:user:update" | "manage:mmi:*" | "manage:mmi:readonly" | "manage:mmi:get" | "manage:mmi:list" | "manage:mmi:reject" | "manage:mmi:delete" | "export:*" | "export:user:*" | "export:user:init" | "export:user:complete" | "mmi:*" | "orgAccess:*" | "orgAccess:child:*" | "rpc:*" | "rpc:createTransaction:*" | "rpc:createTransaction:evm" | "rpc:retryTransaction" | "rpc:cancelTransaction" | "rpc:getTransaction" | "rpc:listTransactions" | "rpc:btcListUtxos" | "rpc:binance" | "rpc:bybit" | "rpc:coinbase";
         /**
          * @description This type specifies the interpretation of the `fee` field in Babylon
          * staking requests. If `sats`, the field is intpreted as a fixed value
@@ -5642,7 +5701,7 @@ export interface components {
             request_device_identifier?: boolean;
         };
         /** @enum {string} */
-        ForbiddenErrorCode: "AlienKeyCreate" | "CannotAssumeIdentity" | "SentryDisallowed" | "PasskeyLoginDisabled" | "PasskeyNotRegistered" | "CannotCreateOrg" | "WrongMfaEmailOtpJwt" | "OrgFlagNotSet" | "FidoRequiredToRemoveTotp" | "OidcIdentityLimitReached" | "OidcScopeCeilingMissing" | "OidcIssuerNotAllowedForMemberRole" | "OidcNoMemberRolesAllowed" | "EmailOtpNotConfigured" | "MfaChallengeExpired" | "ChainIdNotAllowed" | "InvalidOrg" | "OrgIdMismatch" | "SessionForWrongOrg" | "SelfDelete" | "SelfDisable" | "InvalidOrgMembershipRoleChange" | "UserDisabled" | "OrgDisabled" | "OrgNotFound" | "OrgWithoutOwner" | "OrphanedUser" | "OidcUserNotFound" | "UserNotInOrg" | "UserNotOrgOwner" | "UserNotKeyOwner" | "InvalidRole" | "DisabledRole" | "KeyDisabled" | "KeyNotInRole" | "ContactNotInOrg" | "UserExportRequestNotInOrg" | "UserExportRequestInvalid" | "UserExportDisabled" | "UserNotOriginalKeyOwner" | "UserNotInRole" | "MustBeFullMember" | "SessionExpired" | "SessionChanged" | "SessionRevoked" | "ExpectedUserSession" | "SessionRoleChanged" | "ScopedNameNotFound" | "SessionInvalidEpochToken" | "SessionInvalidRefreshToken" | "SessionRefreshTokenExpired" | "InvalidAuthHeader" | "SessionNotFound" | "InvalidArn" | "SessionInvalidAuthToken" | "SessionAuthTokenExpired" | "SessionPossiblyStolenToken" | "MfaDisallowedIdentity" | "MfaDisallowedApprover" | "MfaTypeNotAllowed" | "MfaNotApprovedYet" | "MfaConfirmationCodeMismatch" | "MfaHttpRequestMismatch" | "MfaRemoveBelowMin" | "MfaOrgRequirementNotMet" | "MfaRegistrationDisallowed" | "TotpAlreadyConfigured" | "TotpConfigurationChanged" | "MfaTotpBadConfiguration" | "MfaTotpBadCode" | "MfaTotpRateLimit" | "ImproperSessionScope" | "FullSessionRequired" | "SessionWithoutAnyScopeUnder" | "UserRoleUnprivileged" | "MemberRoleForbidden" | "MfaNotConfigured" | "RemoveLastOidcIdentity" | "OperationNotAllowed" | "OrgExportRetrievalDisabled" | "ChangingKeyExportRequirementIsDisabled" | "AutoAddBlsKeyToProtectedRole" | "UserNotPolicyOwner" | "UserNotContactOwner" | "UserNotBucketOwner" | "LegacySessionCannotHaveScopeCeiling" | "RoleInParentOrgNotAllowed" | "RemoveKeyFromRoleUserNotAllowed" | "SiweChallengeExpired" | "SiweMessageNotValid" | "SiweMessageInvalidSignature" | "SiwsChallengeExpired" | "SiwsMessageInvalid" | "Acl";
+        ForbiddenErrorCode: "AlienKeyCreate" | "CannotAssumeIdentity" | "SentryDisallowed" | "PasskeyLoginDisabled" | "PasskeyNotRegistered" | "CannotCreateOrg" | "WrongMfaEmailOtpJwt" | "OrgFlagNotSet" | "FidoRequiredToRemoveTotp" | "OidcIdentityLimitReached" | "OidcScopeCeilingMissing" | "OidcIssuerNotAllowedForMemberRole" | "OidcNoMemberRolesAllowed" | "EmailOtpNotConfigured" | "MfaChallengeExpired" | "ChainIdNotAllowed" | "InvalidOrg" | "OrgIdMismatch" | "SessionForWrongOrg" | "SelfDelete" | "SelfDisable" | "InvalidOrgMembershipRoleChange" | "UserDisabled" | "OrgDisabled" | "OrgNotFound" | "OrgWithoutOwner" | "OrphanedUser" | "OidcUserNotFound" | "UserNotInOrg" | "UserNotOrgOwner" | "UserNotKeyOwner" | "InvalidRole" | "DisabledRole" | "KeyDisabled" | "KeyNotInRole" | "ContactNotInOrg" | "UserExportRequestNotInOrg" | "UserExportRequestInvalid" | "UserExportDisabled" | "UserNotOriginalKeyOwner" | "UserNotInRole" | "MustBeFullMember" | "SessionExpired" | "SessionChanged" | "SessionRevoked" | "ExpectedUserSession" | "SessionRoleChanged" | "ScopedNameNotFound" | "SessionInvalidEpochToken" | "SessionInvalidRefreshToken" | "SessionRefreshTokenExpired" | "InvalidAuthHeader" | "SessionNotFound" | "InvalidArn" | "SessionInvalidAuthToken" | "SessionAuthTokenExpired" | "SessionPossiblyStolenToken" | "MfaDisallowedIdentity" | "MfaDisallowedApprover" | "MfaTypeNotAllowed" | "MfaNotApprovedYet" | "MfaConfirmationCodeMismatch" | "MfaHttpRequestMismatch" | "MfaRemoveBelowMin" | "MfaOrgRequirementNotMet" | "MfaRegistrationDisallowed" | "TotpAlreadyConfigured" | "TotpConfigurationChanged" | "MfaTotpBadConfiguration" | "MfaTotpBadCode" | "MfaTotpRateLimit" | "ImproperSessionScope" | "FullSessionRequired" | "SessionWithoutAnyScopeUnder" | "UserRoleUnprivileged" | "MemberRoleForbidden" | "MfaNotConfigured" | "RemoveLastOidcIdentity" | "OperationNotAllowed" | "OrgExportRetrievalDisabled" | "ChangingKeyExportRequirementIsDisabled" | "AutoAddBlsKeyToProtectedRole" | "UserNotPolicyOwner" | "UserNotContactOwner" | "UserNotBucketOwner" | "LegacySessionCannotHaveScopeCeiling" | "RoleInParentOrgNotAllowed" | "RemoveKeyFromRoleUserNotAllowed" | "SiweChallengeExpired" | "SiweMessageNotValid" | "SiweMessageInvalidSignature" | "SiwsChallengeExpired" | "SiwsDomain" | "SiwsMessageInvalid" | "Acl";
         /**
          * @description Specifies a fork of the `BeaconChain`, to prevent replay attacks.
          * The schema of `Fork` is defined in the [Beacon chain
@@ -6060,7 +6119,7 @@ export interface components {
             result?: Record<string, unknown> | null;
         };
         /** @description Valid `result` from the JSON-RPC API. */
-        JsonRpcResult: components["schemas"]["TransactionInfo"] | components["schemas"]["ListTransactionsPaginatedResponse"] | components["schemas"]["SubAccountTransferResponse"] | components["schemas"]["UniversalTransferResponse"] | components["schemas"]["SubAccountAssetsResponse"] | components["schemas"]["AccountInfoResponse"] | components["schemas"]["SubAccountTransferHistoryResponse"] | components["schemas"]["UniversalTransferHistoryResponse"] | components["schemas"]["WithdrawResponse"] | components["schemas"]["WithdrawHistoryResponse"] | components["schemas"]["DepositResponse"] | components["schemas"]["DepositHistoryResponse"] | components["schemas"]["ListSubAccountsResponse"] | components["schemas"]["CoinInfoResponse"] | components["schemas"]["BybitQueryUserResponse"] | components["schemas"]["BybitQuerySubMembersResponse"] | components["schemas"]["BybitQueryCoinsBalanceResponse"] | components["schemas"]["BybitQueryDepositAddressResponse"] | components["schemas"]["BybitUniversalTransferResponse"] | components["schemas"]["BybitWithdrawResponse"] | components["schemas"]["BybitWithdrawalsResponse"] | components["schemas"]["CoinbaseListAccountsResponse"] | components["schemas"]["CoinbaseListPortfoliosResponse"] | components["schemas"]["CoinbaseMoveFundsResponse"];
+        JsonRpcResult: components["schemas"]["TransactionInfo"] | components["schemas"]["ListTransactionsPaginatedResponse"] | components["schemas"]["SubAccountTransferResponse"] | components["schemas"]["UniversalTransferResponse"] | components["schemas"]["SubAccountAssetsResponse"] | components["schemas"]["AccountInfoResponse"] | components["schemas"]["SubAccountTransferHistoryResponse"] | components["schemas"]["UniversalTransferHistoryResponse"] | components["schemas"]["WithdrawResponse"] | components["schemas"]["WithdrawHistoryResponse"] | components["schemas"]["DepositResponse"] | components["schemas"]["DepositHistoryResponse"] | components["schemas"]["ListSubAccountsResponse"] | components["schemas"]["CoinInfoResponse"] | components["schemas"]["BybitQueryUserResponse"] | components["schemas"]["BybitQuerySubMembersResponse"] | components["schemas"]["BybitQueryCoinsBalanceResponse"] | components["schemas"]["BybitQueryDepositAddressResponse"] | components["schemas"]["BybitUniversalTransferResponse"] | components["schemas"]["BybitWithdrawResponse"] | components["schemas"]["BybitWithdrawalsResponse"] | components["schemas"]["CoinbaseListAccountsResponse"] | components["schemas"]["CoinbaseListPortfoliosResponse"] | components["schemas"]["CoinbaseMoveFundsResponse"] | components["schemas"]["BtcListUtxosResponse"];
         JwkSetResponse: {
             /** @description The keys included in this set */
             keys: Record<string, never>[];
@@ -6214,7 +6273,7 @@ export interface components {
             }
         ]>;
         /** @enum {string} */
-        KeyType: "SecpEthAddr" | "SecpBtc" | "SecpBtcTest" | "SecpBtcLegacy" | "SecpBtcLegacyTest" | "SecpAvaAddr" | "SecpAvaTestAddr" | "BlsPub" | "BlsInactive" | "BlsAvaIcm" | "Ed25519SolanaAddr" | "Ed25519SuiAddr" | "Ed25519AptosAddr" | "Ed25519CardanoAddrVk" | "Ed25519StellarAddr" | "Ed25519SubstrateAddr" | "Ed25519CantonAddr" | "Ed25519BinanceApi" | "Ed25519CoinbaseApi" | "Mnemonic" | "Stark" | "BabylonEots" | "BabylonCov" | "TaprootBtc" | "TaprootBtcTest" | "SecpCosmosAddr" | "P256CosmosAddr" | "P256OntologyAddr" | "P256Neo3Addr" | "Ed25519TendermintAddr" | "SecpTronAddr" | "Ed25519TonAddr" | "SecpDogeAddr" | "SecpDogeTestAddr" | "SecpKaspaAddr" | "SecpKaspaTestAddr" | "SchnorrKaspaAddr" | "SchnorrKaspaTestAddr" | "SecpLtc" | "SecpLtcTest" | "SecpXrpAddr" | "Ed25519XrpAddr" | "BabyJubjub" | "HmacSha256";
+        KeyType: "SecpEthAddr" | "SecpBtc" | "SecpBtcTest" | "SecpBtcLegacy" | "SecpBtcLegacyTest" | "SecpAvaAddr" | "SecpAvaTestAddr" | "BlsPub" | "BlsInactive" | "BlsAvaIcm" | "Ed25519SolanaAddr" | "Ed25519SuiAddr" | "Ed25519AptosAddr" | "Ed25519CardanoAddrVk" | "Ed25519StellarAddr" | "Ed25519SubstrateAddr" | "Ed25519CantonAddr" | "Ed25519BinanceApi" | "Ed25519CoinbaseApi" | "Mnemonic" | "Stark" | "BabylonEots" | "BabylonCov" | "TaprootBtc" | "TaprootBtcTest" | "SecpCosmosAddr" | "P256CosmosAddr" | "P256OntologyAddr" | "P256Neo3Addr" | "Ed25519TendermintAddr" | "SecpTronAddr" | "Ed25519TonAddr" | "SecpDogeAddr" | "SecpDogeTestAddr" | "SecpKaspaAddr" | "SecpKaspaTestAddr" | "SchnorrKaspaAddr" | "SchnorrKaspaTestAddr" | "SecpLtc" | "SecpLtcTest" | "SecpXrpAddr" | "Ed25519XrpAddr" | "BabyJubjub" | "HmacSha256" | "HmacSha256Bybit";
         KeyTypeAndDerivationPath: {
             /**
              * @description List of derivation paths for which to derive.
@@ -6569,7 +6628,7 @@ export interface components {
              * @example 1701879640
              */
             expiration?: number;
-            org_id?: components["schemas"]["Id"] | null;
+            org_id: components["schemas"]["Id"];
             /** @description Token that can be used to refresh this session. */
             refresh_token: string;
             session_info: components["schemas"]["ClientSessionInfo"];
@@ -11106,7 +11165,7 @@ export interface components {
                      * @example 1701879640
                      */
                     expiration?: number;
-                    org_id?: components["schemas"]["Id"] | null;
+                    org_id: components["schemas"]["Id"];
                     /** @description Token that can be used to refresh this session. */
                     refresh_token: string;
                     session_info: components["schemas"]["ClientSessionInfo"];
@@ -16620,6 +16679,12 @@ export interface operations {
      *
      * If a `role` query parameter is provided, all active sessions for the selected role are returned
      * (asserting first that the current user has permissions to read sessions for that role).
+     *
+     * If a `role_created_by` query parameter is provided, all active **role** sessions created by that
+     * user are returned (gated by the same permissions as listing that user's own sessions: the
+     * current user must be that user or an org owner). When combined with `role`, the result is
+     * further restricted to the sessions created by that user for the given role; the permission model
+     * is unchanged. The `user` selector cannot be combined with `role` or `role_created_by`.
      */
     listSessions: {
         parameters: {
@@ -16639,7 +16704,8 @@ export interface operations {
                 "page.start"?: string | null;
                 /**
                  * @description If provided, the name or ID of a role to operate on.
-                 * Cannot be specified together with other selectors.
+                 * Cannot be specified together with `user`, but may be combined with `role_created_by`
+                 * to operate on the role sessions created by a given user for this specific role.
                  * @example my-role
                  */
                 role?: string | null;
@@ -16652,7 +16718,8 @@ export interface operations {
                 /**
                  * @description If provided, the ID of the user whose created role sessions to operate on.
                  * Selects all *role* sessions created by that user (user sessions are not affected).
-                 * Cannot be specified together with other selectors.
+                 * Cannot be specified together with `user`. When combined with `role`, the selection is
+                 * further restricted to the sessions created by that user for the given role.
                  * @example User#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
                  */
                 role_created_by?: string | null;
@@ -16725,13 +16792,22 @@ export interface operations {
      * user is an org owner, only sessions for roles the current user is **still a member of** are
      * revoked (so a user cannot revoke sessions for a role they have since been removed from); org
      * owners revoke across all roles.
+     *
+     * If **both** a `role` and a `role_created_by` query parameter are provided, the selection above
+     * is narrowed to only the sessions created by **THAT USER** for **THAT ROLE**. The permission
+     * model is unchanged from the `role_created_by`-only case (the current user must be that user or
+     * an org owner, and non-owners are still limited to roles they are a member of); `role` is purely
+     * an additional filter.
+     *
+     * The `user` selector cannot be combined with `role` or `role_created_by`.
      */
     revokeSessions: {
         parameters: {
             query?: {
                 /**
                  * @description If provided, the name or ID of a role to operate on.
-                 * Cannot be specified together with other selectors.
+                 * Cannot be specified together with `user`, but may be combined with `role_created_by`
+                 * to operate on the role sessions created by a given user for this specific role.
                  * @example my-role
                  */
                 role?: string | null;
@@ -16744,7 +16820,8 @@ export interface operations {
                 /**
                  * @description If provided, the ID of the user whose created role sessions to operate on.
                  * Selects all *role* sessions created by that user (user sessions are not affected).
-                 * Cannot be specified together with other selectors.
+                 * Cannot be specified together with `user`. When combined with `role`, the selection is
+                 * further restricted to the sessions created by that user for the given role.
                  * @example User#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
                  */
                 role_created_by?: string | null;