@deepstrike/wasm 0.1.15 → 0.2.1

package/README.md

@@ -74,7 +74,7 @@ src/
 ```
 
 The kernel (`@deepstrike/wasm-kernel`, Rust/wasm-bindgen) owns:
-- `LoopStateMachine` — drives `call_llm → execute_tools → load_skills → done`
+- `KernelRuntime.step()` — drives `call_provider → execute_tool → evaluate_milestone → done`
 - `ContextEngine` — 5-partition context with pressure-based compression
 - `Governance` — tool veto authority
 - `SignalRouter` — external interrupt queue

package/dist/governance.d.ts

@@ -3,12 +3,24 @@ export interface GovernanceVerdict {
     reason?: string;
     retryAfterMs?: number;
 }
+type DefaultAction = "allow" | "deny" | "ask_user";
+type RuleAction = "allow" | "deny" | "ask_user";
 export declare class Governance {
     private _inner;
-    private _pendingBlocks;
+    private _defaultAction;
+    private _pendingCalls;
+    constructor(defaultAction?: DefaultAction);
     /** Called by Agent after the WASM kernel module is loaded. */
     _attach(kernel: typeof import("@deepstrike/wasm-kernel")): void;
+    private _apply;
+    setIdentity(agentId: string, sessionId: string): this;
+    addPermissionRule(pattern: string, action: RuleAction): this;
     blockTool(name: string): this;
+    setRateLimit(toolName: string, maxCalls: number, windowMs: number): this;
+    requireParam(toolName: string, paramPath: string): this;
+    allowParamValues(toolName: string, paramPath: string, allowedValues: string[]): this;
+    limitParamRange(toolName: string, paramPath: string, min?: number, max?: number): this;
     setTime(nowMs: number): this;
     evaluate(toolName: string, argsJson: string): GovernanceVerdict;
 }
+export {};

package/dist/governance.js

@@ -1,24 +1,49 @@
 export class Governance {
     _inner = null;
-    _pendingBlocks = [];
+    _defaultAction;
+    _pendingCalls = [];
+    constructor(defaultAction = "allow") {
+        this._defaultAction = defaultAction;
+    }
     /** Called by Agent after the WASM kernel module is loaded. */
     _attach(kernel) {
         if (this._inner)
             return;
-        this._inner = new kernel.Governance();
-        for (const name of this._pendingBlocks)
-            this._inner.blockTool(name);
+        this._inner = new kernel.Governance(this._defaultAction);
+        for (const fn_ of this._pendingCalls)
+            fn_(this._inner);
+        this._pendingCalls = [];
     }
-    blockTool(name) {
+    _apply(fn) {
         if (this._inner)
-            this._inner.blockTool(name);
+            fn(this._inner);
         else
-            this._pendingBlocks.push(name);
+            this._pendingCalls.push(fn);
         return this;
     }
+    setIdentity(agentId, sessionId) {
+        return this._apply(g => g.setIdentity(agentId, sessionId));
+    }
+    addPermissionRule(pattern, action) {
+        return this._apply(g => g.addPermissionRule(pattern, action));
+    }
+    blockTool(name) {
+        return this._apply(g => g.blockTool(name));
+    }
+    setRateLimit(toolName, maxCalls, windowMs) {
+        return this._apply(g => g.setRateLimit(toolName, maxCalls, windowMs));
+    }
+    requireParam(toolName, paramPath) {
+        return this._apply(g => g.requireParam(toolName, paramPath));
+    }
+    allowParamValues(toolName, paramPath, allowedValues) {
+        return this._apply(g => g.allowParamValues(toolName, paramPath, allowedValues));
+    }
+    limitParamRange(toolName, paramPath, min, max) {
+        return this._apply(g => g.limitParamRange(toolName, paramPath, min, max));
+    }
     setTime(nowMs) {
-        this._inner?.setTime(nowMs);
-        return this;
+        return this._apply(g => g.setTime(nowMs));
     }
     evaluate(toolName, argsJson) {
         if (!this._inner)

package/dist/index.d.ts

@@ -1,5 +1,9 @@
 export { RuntimeRunner, collectText, InMemorySessionLog, LocalExecutionPlane, } from "./runtime/index.js";
 export type { RuntimeOptions, SessionEvent, SessionLog, RunContext, ExecutionPlane, } from "./runtime/index.js";
+export { FilteredExecutionPlane } from "./runtime/filtered-plane.js";
+export { SubAgentOrchestrator, defaultSubAgentOrchestrator, spawnStandalone } from "./runtime/sub-agent-orchestrator.js";
+export type { SubAgentRunContext } from "./runtime/sub-agent-orchestrator.js";
+export type { AgentCapabilityFilter, AgentIdentity, AgentIsolation, AgentRunSpec, AgentSpawnedObservation, ContextInheritance, KernelAgentRole, LoopResult, MilestoneCheckResult, MilestoneContract, MilestonePhase, MilestonePolicy, SubAgentResult, TerminationReason, } from "./runtime/types/agent.js";
 export { Governance } from "./governance.js";
 export type { GovernanceVerdict } from "./governance.js";
 export { AnthropicProvider } from "./providers/anthropic.js";

package/dist/index.js

@@ -1,4 +1,6 @@
 export { RuntimeRunner, collectText, InMemorySessionLog, LocalExecutionPlane, } from "./runtime/index.js";
+export { FilteredExecutionPlane } from "./runtime/filtered-plane.js";
+export { SubAgentOrchestrator, defaultSubAgentOrchestrator, spawnStandalone } from "./runtime/sub-agent-orchestrator.js";
 export { Governance } from "./governance.js";
 export { AnthropicProvider } from "./providers/anthropic.js";
 export { OpenAIProvider, QwenProvider, DeepSeekProvider, MiniMaxProvider, KimiProvider } from "./providers/openai.js";

package/dist/runtime/execution-plane.js

@@ -27,18 +27,18 @@ export class LocalExecutionPlane {
                 ctx.governance.setTime(Date.now());
                 const v = ctx.governance.evaluate(c.name, c.arguments);
                 if (v.kind === "deny") {
-                    yield { type: "error", message: `permission denied: ${c.name} — ${v.reason ?? ""}` };
-                    yield { type: "tool_result", callId: c.id, name: c.name, content: `permission denied: ${v.reason ?? ""}`, isError: true };
+                    yield { type: "tool_denied", callId: c.id, toolName: c.name, reason: v.reason ?? "" };
+                    yield { type: "tool_result", callId: c.id, name: c.name, content: `permission denied: ${v.reason ?? ""}`, isError: true, isFatal: false, errorKind: "governance_denied" };
                     continue;
                 }
                 if (v.kind === "rate_limited") {
-                    yield { type: "error", message: `rate limited: ${c.name}` };
-                    yield { type: "tool_result", callId: c.id, name: c.name, content: "rate limited", isError: true };
+                    yield { type: "tool_denied", callId: c.id, toolName: c.name, reason: "rate limited" };
+                    yield { type: "tool_result", callId: c.id, name: c.name, content: "rate limited", isError: true, isFatal: false, errorKind: "recoverable" };
                     continue;
                 }
                 if (v.kind === "ask_user") {
                     yield { type: "permission_request", callId: c.id, toolName: c.name, arguments: c.arguments, reason: v.reason ?? "" };
-                    yield { type: "tool_result", callId: c.id, name: c.name, content: "awaiting user approval", isError: true };
+                    yield { type: "tool_result", callId: c.id, name: c.name, content: "awaiting user approval", isError: true, isFatal: false, errorKind: "recoverable" };
                     continue;
                 }
             }
@@ -84,7 +84,7 @@ export class LocalExecutionPlane {
         for (const call of regularCalls) {
             const registered = this.tools.get(call.name);
             if (!registered) {
-                yield { type: "tool_result", callId: call.id, name: call.name, content: `unknown tool: ${call.name}`, isError: true };
+                yield { type: "tool_result", callId: call.id, name: call.name, content: `unknown tool: ${call.name}`, isError: true, isFatal: false, errorKind: "recoverable" };
                 continue;
             }
             try {
@@ -93,7 +93,15 @@ export class LocalExecutionPlane {
                 yield { type: "tool_result", callId: call.id, name: call.name, content: String(output), isError: false };
             }
             catch (err) {
-                yield { type: "tool_result", callId: call.id, name: call.name, content: String(err), isError: true };
+                yield {
+                    type: "tool_result",
+                    callId: call.id,
+                    name: call.name,
+                    content: String(err),
+                    isError: true,
+                    isFatal: Boolean(err?.isFatal),
+                    errorKind: err?.errorKind,
+                };
             }
         }
     }

package/dist/runtime/filtered-plane.d.ts

@@ -0,0 +1,14 @@
+import type { ToolCall, ToolSchema, StreamEvent } from "../types.js";
+import type { RegisteredTool } from "../tools/index.js";
+import type { ExecutionPlane, RunContext } from "./execution-plane.js";
+/** Wraps an execution plane, allowing only manifest-permitted tool IDs (+ meta-tools). */
+export declare class FilteredExecutionPlane implements ExecutionPlane {
+    private readonly inner;
+    private readonly permittedIds;
+    private readonly metaTools;
+    constructor(inner: ExecutionPlane, permittedIds: Set<string>, metaTools?: Set<string>);
+    register(...tools: RegisteredTool[]): this;
+    unregister(name: string): this;
+    schemas(): ToolSchema[];
+    executeAll(calls: ToolCall[], ctx: RunContext): AsyncIterable<StreamEvent>;
+}

package/dist/runtime/filtered-plane.js

@@ -0,0 +1,45 @@
+const DEFAULT_META_TOOLS = new Set(["skill", "memory", "knowledge", "update_plan"]);
+/** Wraps an execution plane, allowing only manifest-permitted tool IDs (+ meta-tools). */
+export class FilteredExecutionPlane {
+    inner;
+    permittedIds;
+    metaTools;
+    constructor(inner, permittedIds, metaTools = DEFAULT_META_TOOLS) {
+        this.inner = inner;
+        this.permittedIds = permittedIds;
+        this.metaTools = metaTools;
+    }
+    register(...tools) {
+        this.inner.register(...tools);
+        return this;
+    }
+    unregister(name) {
+        this.inner.unregister(name);
+        return this;
+    }
+    schemas() {
+        return this.inner.schemas().filter(s => this.permittedIds.has(s.name) || this.metaTools.has(s.name));
+    }
+    async *executeAll(calls, ctx) {
+        const permitted = [];
+        for (const call of calls) {
+            if (this.metaTools.has(call.name) || this.permittedIds.has(call.name)) {
+                permitted.push(call);
+                continue;
+            }
+            const reason = `capability not permitted for sub-agent: ${call.name}`;
+            yield { type: "tool_denied", callId: call.id, toolName: call.name, reason };
+            yield {
+                type: "tool_result",
+                callId: call.id,
+                name: call.name,
+                content: reason,
+                isError: true,
+                errorKind: "governance_denied",
+            };
+        }
+        if (permitted.length > 0) {
+            yield* this.inner.executeAll(permitted, ctx);
+        }
+    }
+}

package/dist/runtime/kernel-step.d.ts

@@ -0,0 +1,88 @@
+import type { Message, RenderedContext, ToolCall, ToolResult, ToolSchema } from "../types.js";
+import type { RollbackReason } from "./session-log.js";
+interface TaskUpdate {
+    plan?: string[];
+    currentStep?: number;
+    progress?: string;
+    scratchpad?: string;
+    blockedOn?: string[];
+    preservedRefs?: string[];
+}
+interface SkillMetadata {
+    name: string;
+    description: string;
+    whenToUse?: string;
+    effort?: number;
+    estimatedTokens?: number;
+}
+export declare const KERNEL_ABI_VERSION = 1;
+export interface KernelRuntimeHandle {
+    step(inputJson: string): string;
+    isTerminal(): boolean;
+    turn(): number;
+    recoveryContentBytes(): number;
+    render(): RenderedContext;
+    drainNewMessages(): Message[];
+    preservedRefs(): string[];
+}
+export interface KernelLoopResult {
+    termination: string;
+    turnsUsed: number;
+    totalTokensUsed: number;
+}
+export type KernelRunnerAction = {
+    kind: "call_provider";
+    context: RenderedContext;
+    tools: ToolSchema[];
+} | {
+    kind: "execute_tool";
+    calls: ToolCall[];
+} | {
+    kind: "evaluate_milestone";
+    phaseId: string;
+    criteria: string[];
+    requiredEvidence?: string[];
+} | {
+    kind: "done";
+    result: KernelLoopResult;
+};
+export interface KernelObservation {
+    kind: string;
+    action?: string;
+    rho_after?: number;
+    sprint?: number;
+    summary?: string;
+    archived?: Message[];
+    turn?: number;
+    checkpoint_history_len?: number;
+    added?: string[];
+    removed?: string[];
+    change_kind?: string;
+    capability_id?: string;
+    version?: string;
+    mounted_by?: string;
+    mount_reason?: string;
+    phase_id?: string;
+    capabilities_unlocked?: string[];
+    evidence?: string[];
+    reason?: RollbackReason;
+    agent_id?: string;
+    parent_session_id?: string;
+    role?: string;
+    isolation?: string;
+    context_inheritance?: string;
+    permitted_capability_ids?: string[];
+    history_len?: number;
+}
+export declare function toolSchemaToKernel(schema: ToolSchema): Record<string, unknown>;
+export declare function skillMetadataToKernel(skill: SkillMetadata): Record<string, unknown>;
+export declare function messageToKernelMessage(message: Message): Record<string, unknown>;
+export declare function toolResultToKernel(result: ToolResult): Record<string, unknown>;
+export declare function taskUpdateToKernel(update: TaskUpdate): Record<string, unknown>;
+export declare function capabilityTool(schema: ToolSchema): Record<string, unknown>;
+export declare function capabilitySkill(skill: SkillMetadata): Record<string, unknown>;
+export declare function capabilityMarker(kind: string, id: string, description: string): Record<string, unknown>;
+export declare function kernelApply(runtime: KernelRuntimeHandle, pending: KernelObservation[], event: Record<string, unknown>): KernelObservation[];
+export declare function kernelAction(runtime: KernelRuntimeHandle, pending: KernelObservation[], event: Record<string, unknown>): KernelRunnerAction;
+export declare function forceCompact(runtime: KernelRuntimeHandle, pending: KernelObservation[]): boolean;
+export {};

package/dist/runtime/kernel-step.js

@@ -0,0 +1,181 @@
+export const KERNEL_ABI_VERSION = 1;
+function tryParseJson(s) {
+    try {
+        return JSON.parse(s);
+    }
+    catch {
+        return null;
+    }
+}
+export function toolSchemaToKernel(schema) {
+    return {
+        name: schema.name,
+        description: schema.description,
+        parameters: tryParseJson(schema.parameters) ?? {},
+    };
+}
+export function skillMetadataToKernel(skill) {
+    const out = {
+        name: skill.name,
+        description: skill.description,
+        estimated_tokens: skill.estimatedTokens ?? 0,
+    };
+    if (skill.whenToUse)
+        out.when_to_use = skill.whenToUse;
+    if (skill.effort !== undefined)
+        out.effort = skill.effort;
+    return out;
+}
+export function messageToKernelMessage(message) {
+    const out = {
+        role: message.role,
+        tool_calls: (message.toolCalls ?? []).map(tc => ({
+            id: tc.id,
+            name: tc.name,
+            arguments: tryParseJson(tc.arguments) ?? {},
+        })),
+    };
+    if (message.tokenCount !== undefined) {
+        out.token_count = message.tokenCount;
+    }
+    out.content = message.content;
+    return out;
+}
+export function toolResultToKernel(result) {
+    const out = {
+        call_id: result.callId,
+        output: result.output,
+        is_error: result.isError,
+        is_fatal: result.isFatal ?? false,
+        token_count: result.tokenCount ?? null,
+    };
+    if (result.errorKind !== undefined) {
+        out.error_kind = result.errorKind;
+    }
+    return out;
+}
+export function taskUpdateToKernel(update) {
+    return {
+        plan: update.plan,
+        current_step: update.currentStep,
+        progress: update.progress,
+        scratchpad: update.scratchpad,
+        blocked_on: update.blockedOn,
+        preserved_refs: update.preservedRefs,
+    };
+}
+export function capabilityTool(schema) {
+    return {
+        id: schema.name,
+        kind: "tool",
+        description: schema.description,
+        tool_schema: toolSchemaToKernel(schema),
+    };
+}
+export function capabilitySkill(skill) {
+    return {
+        id: skill.name,
+        kind: "skill",
+        description: skill.description,
+        skill: skillMetadataToKernel(skill),
+    };
+}
+export function capabilityMarker(kind, id, description) {
+    return { id, kind, description };
+}
+function parseStep(raw) {
+    return JSON.parse(raw);
+}
+function kernelMessageToSdk(raw) {
+    const content = raw.content;
+    const message = {
+        role: raw.role,
+        content: typeof content === "string"
+            ? content
+            : Array.isArray(content)
+                ? content
+                    .filter((part) => {
+                    return typeof part === "object" && part !== null && part.type === "text";
+                })
+                    .map(part => String(part.text ?? ""))
+                    .join("")
+                : "",
+        toolCalls: (raw.tool_calls ?? []).map(tc => ({
+            id: String(tc.id ?? ""),
+            name: String(tc.name ?? ""),
+            arguments: JSON.stringify(tc.arguments ?? {}),
+        })),
+    };
+    if (typeof raw.token_count === "number") {
+        message.tokenCount = raw.token_count;
+    }
+    return message;
+}
+function renderedContextToSdk(raw) {
+    return {
+        systemText: String(raw.system_text ?? raw.systemText ?? ""),
+        turns: (raw.turns ?? []).map(kernelMessageToSdk),
+    };
+}
+function mapKernelAction(raw) {
+    switch (raw.kind) {
+        case "call_provider":
+            return {
+                kind: "call_provider",
+                context: renderedContextToSdk(raw.context ?? {}),
+                tools: (raw.tools ?? []).map(t => ({
+                    name: String(t.name ?? ""),
+                    description: String(t.description ?? ""),
+                    parameters: JSON.stringify(t.parameters ?? {}),
+                })),
+            };
+        case "execute_tool":
+            return {
+                kind: "execute_tool",
+                calls: (raw.calls ?? []).map(c => ({
+                    id: String(c.id ?? ""),
+                    name: String(c.name ?? ""),
+                    arguments: JSON.stringify(c.arguments ?? {}),
+                })),
+            };
+        case "evaluate_milestone":
+            return {
+                kind: "evaluate_milestone",
+                phaseId: String(raw.phase_id ?? ""),
+                criteria: raw.criteria ?? [],
+                requiredEvidence: raw.required_evidence ?? [],
+            };
+        case "done": {
+            const result = raw.result ?? {};
+            return {
+                kind: "done",
+                result: {
+                    termination: String(result.termination ?? "error"),
+                    turnsUsed: Number(result.turns_used ?? 0),
+                    totalTokensUsed: Number(result.total_tokens_used ?? 0),
+                },
+            };
+        }
+        default:
+            throw new Error(`unknown KernelAction kind: ${String(raw.kind)}`);
+    }
+}
+function stepInput(event) {
+    return JSON.stringify({ version: KERNEL_ABI_VERSION, event });
+}
+export function kernelApply(runtime, pending, event) {
+    const step = parseStep(runtime.step(stepInput(event)));
+    pending.push(...step.observations);
+    return step.observations;
+}
+export function kernelAction(runtime, pending, event) {
+    const step = parseStep(runtime.step(stepInput(event)));
+    pending.push(...step.observations);
+    const raw = step.actions[0];
+    if (!raw)
+        throw new Error("kernel transition must return one action");
+    return mapKernelAction(raw);
+}
+export function forceCompact(runtime, pending) {
+    return kernelApply(runtime, pending, { kind: "force_compact" }).some(o => o.kind === "compressed");
+}

package/dist/runtime/provider-replay.js

@@ -1,3 +1,4 @@
+import { effectiveProviderReplay } from "./session-repair.js";
 export function assistantReplayKey(message) {
     return JSON.stringify({
         content: message.content,
@@ -8,9 +9,13 @@ export function seedProviderReplayFromEvents(provider, events) {
     if (!provider.seedProviderReplay)
         return;
     for (const { event } of events) {
-        if (event.kind !== "llm_completed" || !event.provider_replay)
+        if (event.kind !== "llm_completed")
             continue;
-        provider.seedProviderReplay({ content: event.content, toolCalls: event.tool_calls ?? [] }, event.provider_replay);
+        const toolCalls = event.tool_calls ?? [];
+        const replay = effectiveProviderReplay(event.content, toolCalls, event.provider_replay);
+        if (!replay)
+            continue;
+        provider.seedProviderReplay({ content: event.content, toolCalls }, replay);
     }
 }
 export function peekProviderReplay(provider, content, toolCalls) {

package/dist/runtime/replay-sanitize.d.ts

@@ -0,0 +1,4 @@
+/** UTF-8-safe text helpers for session replay (defense in depth). */
+export declare const REPLAY_CONTENT_MAX_BYTES = 32768;
+export declare function truncateBytesAtCharBoundary(text: string, maxBytes: number): string;
+export declare function sanitizeReplayText(text: string, maxBytes?: number): string;

package/dist/runtime/replay-sanitize.js

@@ -0,0 +1,26 @@
+/** UTF-8-safe text helpers for session replay (defense in depth). */
+export const REPLAY_CONTENT_MAX_BYTES = 32_768;
+export function truncateBytesAtCharBoundary(text, maxBytes) {
+    const data = new TextEncoder().encode(text);
+    if (data.length <= maxBytes)
+        return text;
+    let end = maxBytes;
+    while (end > 0) {
+        try {
+            return new TextDecoder("utf-8", { fatal: true }).decode(data.subarray(0, end));
+        }
+        catch {
+            end -= 1;
+        }
+    }
+    return "";
+}
+export function sanitizeReplayText(text, maxBytes = REPLAY_CONTENT_MAX_BYTES) {
+    if (!text)
+        return text;
+    const bytes = new TextEncoder().encode(text);
+    if (bytes.length <= maxBytes)
+        return text;
+    const prefix = truncateBytesAtCharBoundary(text, maxBytes);
+    return `${prefix}… [replay truncated]`;
+}

package/dist/runtime/runner.d.ts

@@ -1,11 +1,13 @@
-import type { LLMProvider, StreamEvent } from "../types.js";
+import type { LLMProvider, Message, StreamEvent } from "../types.js";
 import type { ToolSuspendEvent } from "./execution-plane.js";
 import type { DreamStore, DreamResult } from "../memory/index.js";
 import type { KnowledgeSource } from "../knowledge/index.js";
 import type { SignalSource } from "../signals/index.js";
-import type { SessionLog } from "./session-log.js";
+import type { SessionLog, SessionEvent } from "./session-log.js";
 import type { ExecutionPlane } from "./execution-plane.js";
 import type { Governance } from "../governance.js";
+import type { AgentRunSpec, SubAgentResult, MilestonePolicy, MilestoneContract, MilestoneCheckResult } from "./types/agent.js";
+import { type SubAgentOrchestrator } from "./sub-agent-orchestrator.js";
 export interface RuntimeOptions {
     provider: LLMProvider;
     sessionLog: SessionLog;
@@ -24,21 +26,42 @@ export interface RuntimeOptions {
     extensions?: Record<string, unknown>;
     governance?: Governance;
     onToolSuspend?: (event: ToolSuspendEvent) => Promise<unknown> | unknown;
+    subAgentOrchestrator?: SubAgentOrchestrator;
+    milestonePolicy?: MilestonePolicy;
+    milestoneContract?: MilestoneContract;
+    onMilestoneEvaluate?: (ctx: {
+        phaseId: string;
+        criteria: string[];
+        requiredEvidence: string[];
+    }) => Promise<MilestoneCheckResult> | MilestoneCheckResult;
+    runSpec?: AgentRunSpec;
 }
 export declare class RuntimeRunner {
     private readonly opts;
     private interrupted;
+    private pendingObservations;
+    private activeKernel;
+    private currentSessionId;
+    private nextArchiveStart;
     constructor(opts: RuntimeOptions);
+    get hostOptions(): RuntimeOptions;
     interrupt(): void;
     run(req: {
         sessionId: string;
         goal: string;
         criteria?: string[];
         extensions?: Record<string, unknown>;
+        inheritEvents?: Array<{
+            seq: number;
+            event: SessionEvent;
+        }>;
     }): AsyncIterable<StreamEvent>;
     wake(sessionId: string, extensions?: Record<string, unknown>): AsyncIterable<StreamEvent>;
+    /** Push a large artifact into the kernel artifacts partition (not inlined in history). */
+    pushArtifact(message: Message, tokens?: number): void;
     dream(agentId: string, nowMs?: number): Promise<DreamResult>;
     private execute;
+    spawnSubAgent(spec: AgentRunSpec): Promise<SubAgentResult>;
     private appendObservations;
 }
 export declare function collectText(stream: AsyncIterable<StreamEvent>): Promise<string>;