@edge-protocol/sdk 0.5.2 → 0.5.4

package/README.md

@@ -2,80 +2,61 @@
 
 # @edge-protocol/sdk
 
-### Programmable Trust for Autonomous AI Agents on Sui
+### Bounded Financial Authority for Autonomous AI Agents on Sui
 
 [![npm version](https://img.shields.io/npm/v/@edge-protocol/sdk?style=flat-square&color=FF4D6A)](https://npmjs.com/package/@edge-protocol/sdk)
 [![npm downloads](https://img.shields.io/npm/dm/@edge-protocol/sdk?style=flat-square&color=FFB830)](https://npmjs.com/package/@edge-protocol/sdk)
-[![Tests](https://img.shields.io/badge/tests-6%2F6_passing-00D4AA?style=flat-square)](src/test.ts)
+[![Tests](https://img.shields.io/badge/tests-34%2F34_passing-00D4AA?style=flat-square)](src/test.ts)
 [![Built on Sui](https://img.shields.io/badge/Built%20on-Sui-4DA2FF?style=flat-square)](https://sui.io)
 [![License](https://img.shields.io/badge/license-MIT-B8C8E0?style=flat-square)](LICENSE)
 
 **Give agents your rules, not your keys.**
 
-[Live Demo](https://edge-web-git-main-fluturecodes-projects.vercel.app) · [Full Docs](https://github.com/fluturecode/edge/blob/main/packages/sdk/DOCS.md) · [GitHub](https://github.com/fluturecode/edge)
+[Live Demo](https://edge-web-cyan.vercel.app) · [Full Docs](https://github.com/fluturecode/edge/blob/main/packages/sdk/DOCS.md) · [GitHub](https://github.com/fluturecode/edge)
 
 </div>
 
 ---
 
-## The Problem
+Giving an AI agent raw private keys is a security nightmare. Requiring human approval for every transaction defeats the purpose of automation. Edge provides an **on-chain policy layer** that issues scoped, programmatic spend authority (`EdgePass`) directly to agent runtimes — with cryptographic guardrails enforced by the Sui VM.
 
-```
-Option A: Give the agent full wallet access  →  catastrophic risk
-Option B: Human approves every transaction  →  defeats the purpose  
-Option C: Build custom policy logic         →  6-8 weeks of work
-```
+---
 
-**EdgePass is Option D** — a programmable trust boundary that lets agents transact autonomously within user-defined limits, enforced on-chain via Sui Move.
+## ⚡ Quickstart — 3 Lines of Code
 
----
+```typescript
+import { EdgePass, MIST_PER_SUI } from '@edge-protocol/sdk';
 
-## Install
+const sdk = new EdgePass({ network: 'mainnet', enokiApiKey: 'YOUR_KEY' });
 
-```bash
-npm install @edge-protocol/sdk
-# or
-pnpm add @edge-protocol/sdk
-# or
-yarn add @edge-protocol/sdk
+// 1. Issue a 5-dimensional spend authorization (once)
+const pass = await sdk.create(EdgePass.fromTemplate('festival', { owner: userAddress }), signer);
+
+// 2. Agent executes autonomously within policy boundaries (many times)
+const outcome = await sdk.execute(pass, { merchant: 'Shuttle Express', amount: 18n * MIST_PER_SUI }, signer);
+
+console.log(outcome.status); // 'approved' | 'escalated' | 'blocked'
 ```
 
 ---
 
-## Quickstart
+## 🛠 The 5-Dimensional Trust Primitive
 
-```typescript
-import { EdgePass, MIST_PER_SUI } from '@edge-protocol/sdk';
+Every EdgePass is a native Sui Move object encoding five distinct governance dimensions:
 
-const sdk = new EdgePass({ network: 'mainnet', enokiApiKey: 'YOUR_KEY' });
-
-// 1. Create a trust boundary (once)
-const pass = await sdk.create(
-  EdgePass.fromTemplate('festival', {
-    approvedMerchants: ['Shuttle Express', 'Hydra Bar'],
-    owner: userAddress,
-  }),
-  signer
-);
-
-// 2. Execute autonomously (many times)
-const outcome = await sdk.execute(pass, {
-  merchant: 'Shuttle Express',
-  amount:   18_500_000_000n, // 18.5 SUI in MIST
-}, signer);
-
-switch (outcome.status) {
-  case 'approved':   // ✅ executed on-chain, digest on Walrus
-  case 'escalated':  // ⚠️ notify user, await approval
-  case 'blocked':    // 🚫 policy rejected, reason logged
-}
-```
+| Dimension | What it controls |
+|-----------|-----------------|
+| **BUDGET** | Maximum global spending ceiling |
+| **VELOCITY** | Auto-approve threshold before escalation fires |
+| **SCOPE** | Explicit allowlist of approved merchants / contracts |
+| **TIME** | Hard cryptographic expiration date |
+| **ESCALATION** | Programmatic fallback when a limit is exceeded |
 
 ---
 
-## Templates
+## 📋 Templates
 
-Pre-configured trust boundaries for common use cases:
+Pre-configured for common use cases — override any field:
 
 ```typescript
 EdgePass.fromTemplate('festival',     { owner })  // $300 · auto <$50 · escalate >$100 · 48h
@@ -85,179 +66,213 @@ EdgePass.fromTemplate('defi',         { owner })  // $10k · auto <$500 · escal
 EdgePass.fromTemplate('enterprise',   { owner })  // $50k · auto <$1k · escalate >$5k · 30d
 ```
 
-Override any field:
-
-```typescript
-const pass = await sdk.create(
-  EdgePass.fromTemplate('defi', {
-    budget: 25_000n * MIST_PER_SUI,
-    approvedMerchants: ['DeepBook', 'Cetus'],
-    owner: userAddress,
-  }),
-  signer
-);
-```
-
 ---
 
-## Full API
+## 🤖 Agent Framework Integration
+
+### Vercel AI SDK / Mastra
 
-### `new EdgePass(config)`
+Integrate Edge directly into your agent's tool declaration to enforce policy boundaries before any transaction touches the network:
 
 ```typescript
-const sdk = new EdgePass({
-  network:     'mainnet' | 'testnet' | 'devnet',
-  enokiApiKey: string,
+import { tool } from 'ai';
+import { z } from 'zod';
+import { EdgePass, MIST_PER_SUI } from '@edge-protocol/sdk';
+
+export const autonomousPurchaseTool = tool({
+  description: 'Purchase assets or services autonomously within policy boundaries.',
+  parameters: z.object({
+    merchant:   z.string(),
+    amountSUI:  z.number(),
+  }),
+  execute: async ({ merchant, amountSUI }) => {
+    // Edge validates BEFORE the transaction touches the network
+    const outcome = await sdk.execute(currentPass, {
+      merchant,
+      amount: BigInt(Math.floor(amountSUI * 1e9)),
+    }, agentSigner);
+
+    if (outcome.status === 'blocked') {
+      return { success: false, error: `Blocked by EdgePass policy: ${outcome.reason}` };
+    }
+
+    if (outcome.status === 'escalated') {
+      return { success: false, error: `Paused — human approval required: ${outcome.reason}` };
+    }
+
+    return { success: true, digest: outcome.digest };
+  }
 });
 ```
 
-### `sdk.create(config, signer)` → `EdgePassObject`
+### Native Agent System Prompt
 
-Mint a new EdgePass on Sui. Returns the EdgePass object with its on-chain ID.
+Include this in your LLM initialization to teach the agent how to handle EdgePass responses:
 
 ```typescript
-const pass = await sdk.create({
-  budget:            300n * MIST_PER_SUI,
-  autoThreshold:      50n * MIST_PER_SUI,
-  escalateThreshold: 100n * MIST_PER_SUI,
-  maxPerTransaction: 200n * MIST_PER_SUI, // optional
-  approvedMerchants: ['Shuttle Express'],
-  expiryMs:          48 * 60 * 60 * 1000,
-  owner:             userAddress,
-}, signer);
-
-console.log(pass.id); // Sui object ID — verifiable on Suiscan
-```
+const systemPrompt = `
+You are an autonomous agent operating with bounded financial authority via Edge Protocol.
 
-### `sdk.execute(pass, request, signer)` → `TransactionOutcome`
+When a financial tool returns 'escalated': do NOT retry the operation.
+Inform the user that manual approval is required and await confirmation.
 
-Execute a transaction against the EdgePass. Policy enforced before touching the chain.
+When a tool returns 'blocked': the transaction violates policy.
+Explain the constraint to the user and suggest an alternative within limits.
 
-```typescript
-const outcome = await sdk.execute(pass, {
-  merchant: 'Shuttle Express',
-  amount:   18_500_000_000n,
-}, signer);
-
-// outcome.status  → 'approved' | 'escalated' | 'blocked'
-// outcome.digest  → tx digest (if approved)
-// outcome.reason  → explanation (if escalated or blocked)
+When a tool returns 'approved': proceed normally.
+The transaction was executed on-chain and logged to Walrus.
+`;
 ```
 
-### `sdk.validate(pass, request)` → `PolicyValidation`
+---
+
+## 📊 Execution Results
 
-Preview the outcome without executing. Zero network calls. Use for UI previews.
+Every `sdk.execute()` returns a structured outcome — not a flat string:
 
 ```typescript
-const preview = sdk.validate(pass, { merchant, amount });
-// { allowed: boolean, requiresEscalation: boolean, reason: string }
+type TransactionOutcome =
+  | { status: 'approved';  digest: string; auto: true;  }
+  | { status: 'escalated'; reason: string; auto: false; }
+  | { status: 'blocked';   reason: string; auto: false; }
+
+// Example approved outcome
+{
+  status:  'approved',
+  digest:  'AwGc1j8CJvsJtqMMj1cnoJP9uGgbUCGHJ2gVatKQ1y4d',
+  auto:    true,
+}
+
+// Example blocked outcome
+{
+  status: 'blocked',
+  reason: 'Merchant "ShadyTokens.xyz" is not approved',
+  auto:   false,
+}
 ```
 
-### `sdk.revoke(pass, signer)`
+---
 
-Revoke an EdgePass. All future `execute()` calls return `blocked` immediately.
+## 🔔 Events System
 
-### `sdk.remainingBudget(pass)` → `bigint`
+React to decisions without polling:
 
-Returns remaining budget in MIST.
+```typescript
+sdk
+  .on('approved', ({ outcome, pass, request }) => {
+    updateBudgetUI(pass);
+    console.log('executed:', outcome.digest);
+  })
+  .on('escalated', ({ outcome, request }) => {
+    sendPushNotification(`Approve $${request.amount} at ${request.merchant}?`);
+  })
+  .on('blocked', ({ outcome }) => {
+    logger.warn('blocked:', outcome.reason);
+  });
+
+// Events fire automatically on execute
+await sdk.execute(pass, request, signer);
+```
 
-### `sdk.isValid(pass)` → `boolean`
+---
 
-Returns `true` if the pass is active and not expired.
+## 🔌 Pluggable Escalation Handlers
 
-### `EdgePass.fromTemplate(template, overrides)` → `EdgePassConfig`
+Route escalation alerts to dashboards, Slack, or Telegram:
 
-Create a config from a pre-built template.
+```typescript
+sdk.on('escalated', async ({ outcome, request }) => {
+  // Slack webhook
+  await fetch('https://hooks.slack.com/your-webhook', {
+    method: 'POST',
+    body: JSON.stringify({
+      text: `⚠️ Agent escalation: $${request.amount} at ${request.merchant}\n${outcome.reason}`,
+    }),
+  });
+});
+```
 
 ---
 
-## Policy Validation Rules
+## 📜 Cryptographic Audit Trail
 
-PolicyEngine validates in this order:
+Every execution writes an immutable receipt to Walrus — decentralized, tamper-evident, permanent. No database. No server. Cryptographically committed.
 
-1. Pass must be active
-2. Pass must not be expired
-3. Merchant must be in approved list
-4. Amount must not exceed remaining budget
-5. Amount must not exceed `maxPerTransaction` (if set)
-6. If amount > `escalateThreshold` → escalate
-7. If amount ≤ `autoThreshold` → auto-approve
+```typescript
+// After execution, the Walrus blob ID is available
+const outcome = await sdk.execute(pass, request, signer);
+// audit receipt automatically written to Walrus
+// verifiable at walruscan.com/testnet/blob/{blobId}
+```
 
 ---
 
-## Why Sui
+## 🔍 Preview Without Executing
 
-Five primitives make this only possible on Sui:
+Zero network calls. Sub-millisecond. Use for UI previews:
 
-- **zkLogin** — invisible wallet from Google, no seed phrase
-- **Sponsored Transactions** — users never pay gas
-- **PTBs** — atomic policy + execution + audit in one block
-- **Object Model** — EdgePass owned directly by user, not a contract
-- **Walrus** — immutable audit receipts, no database needed
+```typescript
+const preview = sdk.validate(pass, { merchant, amount });
+// { allowed: boolean, requiresEscalation: boolean, reason: string }
+
+if (!preview.allowed) showBlockedUI(preview.reason);
+if (preview.requiresEscalation) showEscalationModal(preview.reason);
+```
 
 ---
 
-## Live Demo
+## 🔒 Security Model
 
-Festival Mode: Claude autonomously manages purchases within an EdgePass.
+Edge has two enforcement layers:
 
-```
-🧠 Claude:       "Shuttle from parking — $18.50"
-⚙️ PolicyEngine: ✅ auto-approved · trusted merchant
-⛓ Sui:          execute_transaction · Success · Suiscan verified
+**Layer 1 — TypeScript PolicyEngine** — pre-flight, zero network calls, under 1ms. Can be bypassed by a compromised agent. Treat as a UX convenience, not a security boundary.
 
-🧠 Claude:       "Artist meet & greet — $149"  
-⚙️ PolicyEngine: ⚠️ escalated · exceeds $100 threshold
-👤 User:         approves via modal
+**Layer 2 — Sui Move Contract** — on-chain enforcement by the Sui VM. Cannot be bypassed. The EdgePass object validates all policy dimensions independently. This is the source of truth.
 
-3 transactions · $54.50 spent · 0 wallet popups
+```
+sdk.validate()  →  TypeScript (instant preview, saves gas)
+sdk.execute()   →  TypeScript + Move contract (atomic, tamper-proof)
 ```
 
-[See it live →](https://edge-web-git-main-fluturecodes-projects.vercel.app)
+For production: always execute via the Move contract. The TypeScript layer is a preview — the chain is the guarantee.
 
 ---
 
-## Testing
+## 🧪 Testing
 
 ```bash
 pnpm test
 ```
 
 ```
-✓ auto-approves under threshold
-✓ escalates above threshold  
-✓ blocks unlisted merchant
-✓ blocks when budget exceeded
-✓ blocks when expired
-✓ blocks when inactive
-34/34 passing ✅
-```
+📋 PolicyEngine.validate()     10 tests ✓
+📋 PolicyEngine helpers         5 tests ✓
+📋 EdgePass.fromTemplate()      7 tests ✓
+📋 Constants                    5 tests ✓
+📋 Events system                7 tests ✓
 
+34 passed · 0 failed ✅
+```
 
 ---
 
-## Security Model
-
-Edge has two enforcement layers:
-
-**Layer 1 — TypeScript PolicyEngine** — pre-flight validation, zero network calls, under 1ms. Can be bypassed by a malicious agent runtime. Use as a UX convenience, not a security boundary.
-
-**Layer 2 — Sui Move Contract** — on-chain enforcement by the Sui VM. Cannot be bypassed. The EdgePass object validates budget, expiry, and merchant allowlist independently. This is the source of truth.
+## ⛓ Move Contract
 
 ```
-sdk.validate()  →  TypeScript check (fast preview, no gas)
-sdk.execute()   →  TypeScript check + Move contract check (atomic, final)
+Package:  0x9f4065009494aa5acd92a5c72a6c22ce80939b2bddae3b34345459bc98d2501d
+Network:  Sui Testnet (Mainnet coming)
 ```
 
-For production: always execute via the Move contract. The TypeScript layer is a preview — the chain is the guarantee.
-
 ---
 
-## Move Contract
+## 📦 Install
 
-```
-Package:  0x9f4065009494aa5acd92a5c72a6c22ce80939b2bddae3b34345459bc98d2501d
-Network:  Sui Testnet (Mainnet coming)
+```bash
+npm install @edge-protocol/sdk
+# or
+pnpm add @edge-protocol/sdk
+# or
+yarn add @edge-protocol/sdk
 ```
 
 ---
@@ -268,4 +283,7 @@ Network:  Sui Testnet (Mainnet coming)
 
 Built for [Sui Overflow 2026](https://overflow.sui.io) · MIT License
 
+[![GitHub](https://img.shields.io/badge/GitHub-fluturecode%2Fedge-181717?style=flat-square&logo=github)](https://github.com/fluturecode/edge)
+[![npm](https://img.shields.io/badge/npm-%40edge--protocol%2Fsdk-CB3837?style=flat-square&logo=npm)](https://npmjs.com/package/@edge-protocol/sdk)
+
 </div>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@edge-protocol/sdk",
-  "version": "0.5.2",
+  "version": "0.5.4",
   "description": "Programmable trust infrastructure for autonomous AI agents on Sui. Give agents your rules, not your keys.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",