@dainprotocol/service-sdk 2.0.94 → 2.1.0

package/dist/protocol/account.d.ts

@@ -0,0 +1,91 @@
+import type { DainActionGrant } from "./grants";
+import type { SMART_ACCOUNT_MEMBER_CATEGORY_BITS, SMART_ACCOUNT_MEMBER_PERMISSION_BITS } from "./programs";
+export type DainAccountType = "dain_account" | "dain_group";
+export type DainAccountState = "reserved" | "funded" | "creating" | "created" | "migration_required" | "suspended";
+export type DainNetwork = "mainnet" | "devnet" | "testnet" | "localnet";
+export type DainSmartAccountPermission = keyof typeof SMART_ACCOUNT_MEMBER_PERMISSION_BITS;
+export type DainSmartAccountMemberCategory = keyof typeof SMART_ACCOUNT_MEMBER_CATEGORY_BITS;
+export interface DainSmartAccountVaultDelegation {
+    vaultId: number;
+    expirationUnixSeconds: number | string;
+}
+export interface DainSmartAccountMember {
+    key: string;
+    permissions: DainSmartAccountPermission[];
+    categories: DainSmartAccountMemberCategory[];
+    permissionMask?: number;
+    categoryMask?: number;
+    vaultDelegations?: DainSmartAccountVaultDelegation[];
+}
+export interface DainSmartAccountDataPermission {
+    organizationId?: number | string;
+    agentId?: number;
+    key?: string;
+    permissionMask: string;
+}
+export type DainLinkedWalletKind = "smart_account_vault" | "privy_extension" | "session_signer" | "external_wallet" | "agent_wallet";
+export interface DainSmartAccountRef {
+    chain: "solana";
+    network: DainNetwork;
+    programId: string;
+    pda: string;
+    ephemeralKey?: string;
+    threshold?: number;
+    timeLockSeconds?: number;
+    transactionId?: number | string;
+    vaults?: Record<string, string>;
+    members?: DainSmartAccountMember[];
+    dataPermissions?: DainSmartAccountDataPermission[];
+}
+export interface DainLinkedWallet {
+    id?: string;
+    kind: DainLinkedWalletKind;
+    chain: string;
+    address: string;
+    label?: string;
+    capabilities?: string[];
+}
+export interface DainAccountCapabilities {
+    solanaSmartAccount?: boolean;
+    externalWallets?: boolean;
+    externalSessionSigners?: boolean;
+    solanaAgentGrants?: boolean;
+    groupExternalActions?: boolean;
+    registryDiscovery?: boolean;
+    dataPermissions?: boolean;
+    payments?: boolean;
+    [key: string]: unknown;
+}
+export interface DainAccountContext {
+    id: string;
+    type: DainAccountType;
+    state: DainAccountState;
+    username?: string;
+    smartAccount?: DainSmartAccountRef;
+    linkedWallets?: DainLinkedWallet[];
+    capabilities?: DainAccountCapabilities;
+}
+export interface DainGroupMemberRef {
+    id: string;
+    kind: "passkey" | "key" | "user" | "nft" | "agent" | "organization";
+    label?: string;
+    address?: string;
+    weight?: number;
+    permissions?: DainSmartAccountPermission[];
+    categories?: DainSmartAccountMemberCategory[];
+}
+export interface DainGroupContext extends DainAccountContext {
+    type: "dain_group";
+    members?: DainGroupMemberRef[];
+    threshold?: number;
+}
+export interface DainAuthContext {
+    subject: string;
+    issuer?: string;
+    sessionId?: string;
+    scopes?: string[];
+    roles?: string[];
+    permissions?: string[];
+    grants?: DainActionGrant[];
+    source?: "dain_id" | "dain_client" | "service" | "api_key";
+}

package/dist/protocol/account.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=account.js.map

package/dist/protocol/account.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"account.js","sourceRoot":"","sources":["../../src/protocol/account.ts"],"names":[],"mappings":""}

package/dist/protocol/grants.d.ts

@@ -0,0 +1,34 @@
+import type { DainDataPermissionGrant } from "./permissions";
+import type { DainAgentRegistryRef } from "./registry";
+export type DainGrantStatus = "draft" | "active" | "paused" | "revoked" | "expired";
+export type DainGrantScope = "services.interact" | "data.read" | "data.write" | "tx.build" | "tx.relay" | "wallets.read" | "wallets.sign" | "payments.create" | "payments.claim" | string;
+export interface DainGrantLimit {
+    kind: "spend" | "calls" | "period" | "chains" | "tools";
+    value: string | number | string[];
+    periodSeconds?: number;
+}
+export interface DainGrantPolicy {
+    id: string;
+    name?: string;
+    description?: string;
+    required?: boolean;
+    scopes: DainGrantScope[];
+    limits?: DainGrantLimit[];
+    toolIds?: string[];
+    dataFieldIds?: string[];
+    paymentOfferIds?: string[];
+    expiresInSeconds?: number;
+}
+export interface DainActionGrant {
+    id: string;
+    accountId: string;
+    smartAccountPDA?: string;
+    status: DainGrantStatus;
+    scopes: DainGrantScope[];
+    agent?: DainAgentRegistryRef;
+    serviceUrl?: string;
+    dataPermissions?: DainDataPermissionGrant[];
+    limits?: DainGrantLimit[];
+    createdAt?: string;
+    expiresAt?: string;
+}

package/dist/protocol/grants.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=grants.js.map

package/dist/protocol/grants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"grants.js","sourceRoot":"","sources":["../../src/protocol/grants.ts"],"names":[],"mappings":""}

package/dist/protocol/index.d.ts

@@ -0,0 +1,8 @@
+export * from "./account";
+export * from "./grants";
+export * from "./payments";
+export * from "./permissions";
+export * from "./programs";
+export * from "./registry";
+export * from "./runtime";
+export * from "./transactions";

package/dist/protocol/index.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./account"), exports);
+tslib_1.__exportStar(require("./grants"), exports);
+tslib_1.__exportStar(require("./payments"), exports);
+tslib_1.__exportStar(require("./permissions"), exports);
+tslib_1.__exportStar(require("./programs"), exports);
+tslib_1.__exportStar(require("./registry"), exports);
+tslib_1.__exportStar(require("./runtime"), exports);
+tslib_1.__exportStar(require("./transactions"), exports);
+//# sourceMappingURL=index.js.map

package/dist/protocol/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/protocol/index.ts"],"names":[],"mappings":";;;AAAA,oDAA0B;AAC1B,mDAAyB;AACzB,qDAA2B;AAC3B,wDAA8B;AAC9B,qDAA2B;AAC3B,qDAA2B;AAC3B,oDAA0B;AAC1B,yDAA+B"}

package/dist/protocol/payments.d.ts

@@ -0,0 +1,53 @@
+import type { DainAgentRegistryRef } from "./registry";
+import type { SMART_ACCOUNT_PAYMENT_STATUS_BITS, SMART_ACCOUNT_PAYMENT_TYPE } from "./programs";
+export type DainPaymentKind = "one_time" | "pure_subscription" | "hybrid_subscription" | "pay_as_you_go";
+export type DainPaymentState = "draft" | "active" | "pending_cancellation" | "cancelled" | "expired" | "terminated" | "reviewed";
+export type DainPaymentStatusFlag = keyof typeof SMART_ACCOUNT_PAYMENT_STATUS_BITS;
+export type DainPaymentProgramType = keyof typeof SMART_ACCOUNT_PAYMENT_TYPE;
+export interface DainPaymentProgramStatus {
+    mask: number;
+    flags?: DainPaymentStatusFlag[];
+}
+export interface DainPaymentMint {
+    chain: "solana";
+    mint: string;
+    decimals?: number;
+    symbol?: string;
+}
+export interface DainPaymentOffer {
+    id: string;
+    kind: DainPaymentKind;
+    agent?: DainAgentRegistryRef;
+    organizationId?: number | string;
+    agentId?: number;
+    vaultId?: number;
+    mint: DainPaymentMint;
+    amount: string;
+    baseAmount?: string;
+    periodSeconds?: number;
+    trialSeconds?: number;
+    description?: string;
+}
+export interface DainPaymentSubscription {
+    id: string;
+    state: DainPaymentState;
+    programStatus?: DainPaymentProgramStatus;
+    programType?: DainPaymentProgramType;
+    offerId?: string;
+    accountId: string;
+    smartAccountPDA: string;
+    agent?: DainAgentRegistryRef;
+    organizationId?: number | string;
+    agentId?: number;
+    vaultId?: number;
+    mint?: string;
+    paymentAccount?: string;
+    ephemeralKey?: string;
+    currentPeriodStart?: string;
+    currentPeriodEnd?: string;
+    remainingAmount?: string;
+    amount?: string;
+    baseAmount?: string;
+    baseAmountPaid?: string;
+    scheduledTerminationTime?: string;
+}

package/dist/protocol/payments.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=payments.js.map

package/dist/protocol/payments.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"payments.js","sourceRoot":"","sources":["../../src/protocol/payments.ts"],"names":[],"mappings":""}

package/dist/protocol/permissions.d.ts

@@ -0,0 +1,21 @@
+export type DainDataAccessMode = "read" | "write";
+export type DainDataSensitivity = "public" | "personal" | "financial" | "credential" | "secret";
+export interface DainDataFieldRequirement {
+    id: string;
+    label: string;
+    description?: string;
+    mode: DainDataAccessMode;
+    required?: boolean;
+    sensitivity?: DainDataSensitivity;
+    purpose?: string;
+    retention?: "none" | "session" | "automation" | "service";
+}
+export interface DainDataPermissionGrant {
+    id: string;
+    serviceId?: string;
+    agentId?: string;
+    accountId?: string;
+    fields: DainDataFieldRequirement[];
+    expiresAt?: string;
+    revokedAt?: string;
+}

package/dist/protocol/permissions.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=permissions.js.map

package/dist/protocol/permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/protocol/permissions.ts"],"names":[],"mappings":""}

package/dist/protocol/programs.d.ts

@@ -0,0 +1,44 @@
+export declare const DAIN_PROGRAM_IDS: {
+    readonly registry: "4Phn622SNGS2oA9B2uJzDwFSMdKmBe1JzFeWB37b4XuQ";
+    readonly smartAccount: "21ZvHhaFLsTGkEWZmyyt7NrY8XQQJjArgCwwEgJ8NXdr";
+};
+export declare const DAIN_PROGRAM_SEEDS: {
+    readonly registry: "registry";
+    readonly organization: "organization";
+    readonly agent: "agent";
+    readonly smartAccount: "smart_account";
+    readonly vault: "vault";
+    readonly payments: "payments";
+    readonly passkey: "passkey";
+};
+export declare const SMART_ACCOUNT_MEMBER_PERMISSION_BITS: {
+    readonly initiate: number;
+    readonly vote: number;
+    readonly execute: number;
+    readonly review: number;
+};
+export declare const SMART_ACCOUNT_MEMBER_CATEGORY_BITS: {
+    readonly user: number;
+    readonly agent: number;
+    readonly organization: number;
+    readonly passkey: number;
+    readonly nft: number;
+};
+export declare const SMART_ACCOUNT_PAYMENT_STATUS_BITS: {
+    readonly active: number;
+    readonly cancelled: number;
+    readonly terminated: number;
+    readonly expired: number;
+    readonly reviewed: number;
+    readonly activated: number;
+    readonly pendingCancellation: number;
+    readonly baseClaimed: number;
+};
+export declare const SMART_ACCOUNT_PAYMENT_TYPE: {
+    readonly oneTime: 0;
+    readonly pureSubscription: 1;
+    readonly hybridSubscription: 2;
+    readonly payAsYouGo: 3;
+};
+export type SmartAccountProgramInstruction = "smart_account_create" | "proposal_activate" | "proposal_approve" | "proposal_reject" | "proposal_cancel" | "vault_transaction_create" | "vault_transaction_create_from_buffer" | "vault_transaction_execute" | "batch_create" | "batch_add_transaction" | "batch_execute_transaction" | "transaction_buffer_create" | "transaction_buffer_extend" | "transaction_buffer_close" | "internal_transaction_create" | "internal_transaction_execute" | "internal_spending_limit_usage" | "payments_transaction_create" | "payments_transaction_execute" | "payments_claim" | "payments_claim_rent" | "payments_submit_review" | "payments_terminate";
+export type RegistryProgramInstruction = "registry_initialize" | "registry_update" | "registry_update_base_fees" | "registry_update_vip_levels_agent" | "registry_update_vip_levels_organization" | "registry_add_new_admin" | "registry_accept_new_admin" | "registry_remove_pending_new_admin" | "registry_lock" | "organization_reserve" | "organization_create" | "organization_update" | "organization_verify" | "organization_add_provider" | "organization_remove_provider" | "organization_freeze_agent" | "organization_defreeze_agent" | "organization_children_create" | "organization_child_update" | "organization_child_freeze" | "organization_child_defreeze" | "organization_claim_tokens" | "organization_children_claim_tokens" | "agent_reserve" | "agent_create" | "agent_update" | "agent_update_business_data" | "agent_verify" | "agent_add_payment_mint" | "agent_claim_tokens" | "reputation_create_agent" | "reputation_submit_review" | "reputation_claim_payment";

package/dist/protocol/programs.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SMART_ACCOUNT_PAYMENT_TYPE = exports.SMART_ACCOUNT_PAYMENT_STATUS_BITS = exports.SMART_ACCOUNT_MEMBER_CATEGORY_BITS = exports.SMART_ACCOUNT_MEMBER_PERMISSION_BITS = exports.DAIN_PROGRAM_SEEDS = exports.DAIN_PROGRAM_IDS = void 0;
+exports.DAIN_PROGRAM_IDS = {
+    registry: "4Phn622SNGS2oA9B2uJzDwFSMdKmBe1JzFeWB37b4XuQ",
+    smartAccount: "21ZvHhaFLsTGkEWZmyyt7NrY8XQQJjArgCwwEgJ8NXdr",
+};
+exports.DAIN_PROGRAM_SEEDS = {
+    registry: "registry",
+    organization: "organization",
+    agent: "agent",
+    smartAccount: "smart_account",
+    vault: "vault",
+    payments: "payments",
+    passkey: "passkey",
+};
+exports.SMART_ACCOUNT_MEMBER_PERMISSION_BITS = {
+    initiate: 1 << 0,
+    vote: 1 << 1,
+    execute: 1 << 2,
+    review: 1 << 3,
+};
+exports.SMART_ACCOUNT_MEMBER_CATEGORY_BITS = {
+    user: 1 << 0,
+    agent: 1 << 1,
+    organization: 1 << 2,
+    passkey: 1 << 3,
+    nft: 1 << 4,
+};
+exports.SMART_ACCOUNT_PAYMENT_STATUS_BITS = {
+    active: 1 << 0,
+    cancelled: 1 << 1,
+    terminated: 1 << 2,
+    expired: 1 << 3,
+    reviewed: 1 << 4,
+    activated: 1 << 5,
+    pendingCancellation: 1 << 6,
+    baseClaimed: 1 << 7,
+};
+exports.SMART_ACCOUNT_PAYMENT_TYPE = {
+    oneTime: 0,
+    pureSubscription: 1,
+    hybridSubscription: 2,
+    payAsYouGo: 3,
+};
+//# sourceMappingURL=programs.js.map

package/dist/protocol/programs.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"programs.js","sourceRoot":"","sources":["../../src/protocol/programs.ts"],"names":[],"mappings":";;;AAAa,QAAA,gBAAgB,GAAG;IAC9B,QAAQ,EAAE,8CAA8C;IACxD,YAAY,EAAE,8CAA8C;CACpD,CAAC;AAEE,QAAA,kBAAkB,GAAG;IAChC,QAAQ,EAAE,UAAU;IACpB,YAAY,EAAE,cAAc;IAC5B,KAAK,EAAE,OAAO;IACd,YAAY,EAAE,eAAe;IAC7B,KAAK,EAAE,OAAO;IACd,QAAQ,EAAE,UAAU;IACpB,OAAO,EAAE,SAAS;CACV,CAAC;AAEE,QAAA,oCAAoC,GAAG;IAClD,QAAQ,EAAE,CAAC,IAAI,CAAC;IAChB,IAAI,EAAE,CAAC,IAAI,CAAC;IACZ,OAAO,EAAE,CAAC,IAAI,CAAC;IACf,MAAM,EAAE,CAAC,IAAI,CAAC;CACN,CAAC;AAEE,QAAA,kCAAkC,GAAG;IAChD,IAAI,EAAE,CAAC,IAAI,CAAC;IACZ,KAAK,EAAE,CAAC,IAAI,CAAC;IACb,YAAY,EAAE,CAAC,IAAI,CAAC;IACpB,OAAO,EAAE,CAAC,IAAI,CAAC;IACf,GAAG,EAAE,CAAC,IAAI,CAAC;CACH,CAAC;AAEE,QAAA,iCAAiC,GAAG;IAC/C,MAAM,EAAE,CAAC,IAAI,CAAC;IACd,SAAS,EAAE,CAAC,IAAI,CAAC;IACjB,UAAU,EAAE,CAAC,IAAI,CAAC;IAClB,OAAO,EAAE,CAAC,IAAI,CAAC;IACf,QAAQ,EAAE,CAAC,IAAI,CAAC;IAChB,SAAS,EAAE,CAAC,IAAI,CAAC;IACjB,mBAAmB,EAAE,CAAC,IAAI,CAAC;IAC3B,WAAW,EAAE,CAAC,IAAI,CAAC;CACX,CAAC;AAEE,QAAA,0BAA0B,GAAG;IACxC,OAAO,EAAE,CAAC;IACV,gBAAgB,EAAE,CAAC;IACnB,kBAAkB,EAAE,CAAC;IACrB,UAAU,EAAE,CAAC;CACL,CAAC"}

package/dist/protocol/registry.d.ts

@@ -0,0 +1,43 @@
+import type { DainDataFieldRequirement } from "./permissions";
+import type { DainPaymentOffer } from "./payments";
+import type { DAIN_PROGRAM_IDS } from "./programs";
+import type { DainGrantPolicy, DainGrantScope } from "./grants";
+export type DainRegistryId = number | string;
+export type DainRegistryProgramId = typeof DAIN_PROGRAM_IDS.registry;
+export type DainSmartAccountProgramId = typeof DAIN_PROGRAM_IDS.smartAccount;
+export interface DainRegistryRef {
+    programId: string;
+    network: "mainnet" | "devnet" | "testnet" | "localnet";
+    address?: string;
+}
+export interface DainOrganizationRegistryRef {
+    id: DainRegistryId;
+    address?: string;
+    name?: string;
+    description?: string;
+    uri?: string;
+    verified?: boolean;
+    statusMask?: number;
+    reputationAddress?: string;
+}
+export interface DainAgentRegistryRef {
+    organizationId: DainRegistryId;
+    agentId: number;
+    address?: string;
+    name?: string;
+    description?: string;
+    endpoint?: string;
+    verified?: boolean;
+    statusMask?: number;
+    signatories?: string[];
+    reputationAddress?: string;
+    organization?: DainOrganizationRegistryRef;
+}
+export interface DainServiceRegistryPolicy {
+    registry?: DainRegistryRef;
+    agent?: DainAgentRegistryRef;
+    requiredDataFields?: DainDataFieldRequirement[];
+    paymentOffers?: DainPaymentOffer[];
+    requiredScopes?: DainGrantScope[];
+    grantPolicies?: DainGrantPolicy[];
+}

package/dist/protocol/registry.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=registry.js.map

package/dist/protocol/registry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry.js","sourceRoot":"","sources":["../../src/protocol/registry.ts"],"names":[],"mappings":""}

package/dist/protocol/runtime.d.ts

@@ -0,0 +1,15 @@
+import type { DainAccountContext, DainAuthContext, DainGroupContext } from "./account";
+import type { DainActionGrant } from "./grants";
+import type { DainDataPermissionGrant } from "./permissions";
+import type { DainServiceRegistryPolicy } from "./registry";
+export interface DainRuntimeContext {
+    dainAccountId?: string;
+    dainGroupId?: string;
+    smartAccountPDA?: string;
+    account?: DainAccountContext;
+    group?: DainGroupContext;
+    auth?: DainAuthContext;
+    grants?: DainActionGrant[];
+    dataPermissions?: DainDataPermissionGrant[];
+    registryPolicy?: DainServiceRegistryPolicy;
+}

package/dist/protocol/runtime.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=runtime.js.map

package/dist/protocol/runtime.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../../src/protocol/runtime.ts"],"names":[],"mappings":""}

package/dist/protocol/transactions.d.ts

@@ -0,0 +1,63 @@
+import type { DainActionGrant } from "./grants";
+import type { DainDataPermissionGrant } from "./permissions";
+export type DainExecutionModel = "solana_smart_account" | "solana_agent_grant" | "external_session_signer" | "external_user_signature" | "offchain_typed_data";
+export interface SmartAccountExecutionContext {
+    accountId: string;
+    smartAccountPDA: string;
+    registrySmartAccountPDA?: string;
+    vaultPDA?: string;
+    vaultId?: number;
+    proposalPDA?: string;
+    transactionPDA?: string;
+    transactionId?: number | string;
+    batchPDA?: string;
+    batchId?: number | string;
+    programId?: string;
+}
+export interface DainOptionalPasskeyInput {
+    optionalClientDataJson: string;
+}
+export interface DainSmartAccountCompiledInstruction {
+    programIdIndex: number;
+    accountIndexes: number[];
+    data: string;
+}
+export interface DainSmartAccountMessageAlt {
+    accountKey: string;
+    writableIndexes: number[];
+    readonlyIndexes: number[];
+}
+export interface DainVaultTransactionMessage {
+    numSigners: number;
+    numWritableSigners: number;
+    numWritableNonSigners: number;
+    accountKeys: string[];
+    instructions: DainSmartAccountCompiledInstruction[];
+    alts?: DainSmartAccountMessageAlt[];
+}
+export interface DainTransactionAction {
+    id?: string;
+    chain: string;
+    description?: string;
+    encodedTx?: string;
+    solanaMessage?: DainVaultTransactionMessage;
+    smartAccountInstruction?: "vault_transaction_create" | "vault_transaction_execute" | "batch_create" | "batch_execute_transaction" | "payments_transaction_create" | "payments_transaction_execute";
+    optionalPasskeyInput?: DainOptionalPasskeyInput;
+    typedData?: unknown;
+    target?: string;
+    value?: string;
+    metadata?: Record<string, unknown>;
+}
+export interface DainTransactionEnvelope {
+    id: string;
+    executionModel: DainExecutionModel;
+    accountAuthority?: string;
+    signatureProvider?: "passkey" | "smart_account" | "session_signer" | "user_wallet";
+    payer?: string;
+    smartAccount?: SmartAccountExecutionContext;
+    actions: DainTransactionAction[];
+    grants?: DainActionGrant[];
+    dataPermissions?: DainDataPermissionGrant[];
+    ui?: unknown;
+    metadata?: Record<string, unknown>;
+}

package/dist/protocol/transactions.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=transactions.js.map

package/dist/protocol/transactions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"transactions.js","sourceRoot":"","sources":["../../src/protocol/transactions.ts"],"names":[],"mappings":""}

package/dist/service/auth.d.ts

@@ -26,8 +26,22 @@ export interface JWTVerificationResult {
     error?: string;
 }
 export declare function extractBearerToken(authHeader: string | undefined): string | null;
+/**
+ * Verify a JWT against the supplied PEM key or JWKS URL.
+ *
+ * `options.issuer` accepts a string or array of strings. During the
+ * dainid → dain-client cutover, callers should pass both issuers
+ * (`["dainid-oauth", "dain-client-oauth"]`) for the dual-acceptance
+ * window so in-flight tokens minted by either issuer continue to verify.
+ *
+ * When `publicKeyPEMOrUrl` is a URL, this function reads the JWT header
+ * `kid` and selects the matching key from the JWKS. If no `kid` is
+ * present in either the header or the JWKS, it falls back to trying
+ * every key in turn — supports both single-key (legacy) and multi-key
+ * (rotation overlap) JWKS shapes.
+ */
 export declare function verifyJWT(token: string, publicKeyPEMOrUrl: string, options?: {
-    issuer?: string;
+    issuer?: string | string[];
     audience?: string | string[];
 }): Promise<JWTVerificationResult>;
 export interface ParsedAPIKey {