@elizaos/plugin-elizacloud 2.0.0-alpha.8 → 2.0.11-beta.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (452) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +196 -0
  3. package/auto-enable.ts +22 -0
  4. package/dist/browser/index.browser.js +2 -21
  5. package/dist/browser/index.browser.js.map +5 -38
  6. package/dist/cjs/index.d.ts +2 -2
  7. package/dist/cjs/index.node.cjs +9112 -2265
  8. package/dist/cjs/index.node.js.map +68 -30
  9. package/dist/cloud/auth-service-types.d.ts +8 -0
  10. package/dist/cloud/auth-service-types.d.ts.map +1 -0
  11. package/dist/cloud/auth-service-types.js +36 -0
  12. package/dist/cloud/auth-service-types.js.map +10 -0
  13. package/dist/cloud/auth.d.ts +19 -0
  14. package/dist/cloud/auth.d.ts.map +1 -0
  15. package/dist/cloud/auth.js +283 -0
  16. package/dist/cloud/auth.js.map +12 -0
  17. package/dist/cloud/backup.d.ts +18 -0
  18. package/dist/cloud/backup.d.ts.map +1 -0
  19. package/dist/cloud/backup.js +63 -0
  20. package/dist/cloud/backup.js.map +10 -0
  21. package/dist/cloud/base-url.d.ts +7 -0
  22. package/dist/cloud/base-url.d.ts.map +1 -0
  23. package/dist/cloud/base-url.js +29 -0
  24. package/dist/cloud/base-url.js.map +10 -0
  25. package/dist/cloud/bridge-client.d.ts +126 -0
  26. package/dist/cloud/bridge-client.d.ts.map +1 -0
  27. package/dist/cloud/bridge-client.js +384 -0
  28. package/dist/cloud/bridge-client.js.map +11 -0
  29. package/dist/cloud/clack-observer.d.ts +35 -0
  30. package/dist/cloud/clack-observer.d.ts.map +1 -0
  31. package/dist/cloud/clack-observer.js +143 -0
  32. package/dist/cloud/clack-observer.js.map +10 -0
  33. package/dist/cloud/cloud-api-key.d.ts +26 -0
  34. package/dist/cloud/cloud-api-key.d.ts.map +1 -0
  35. package/dist/cloud/cloud-api-key.js +60 -0
  36. package/dist/cloud/cloud-api-key.js.map +10 -0
  37. package/dist/cloud/cloud-manager.d.ts +33 -0
  38. package/dist/cloud/cloud-manager.d.ts.map +1 -0
  39. package/dist/cloud/cloud-manager.js +806 -0
  40. package/dist/cloud/cloud-manager.js.map +16 -0
  41. package/dist/cloud/cloud-proxy.d.ts +20 -0
  42. package/dist/cloud/cloud-proxy.d.ts.map +1 -0
  43. package/dist/cloud/cloud-proxy.js +54 -0
  44. package/dist/cloud/cloud-proxy.js.map +10 -0
  45. package/dist/cloud/cloud-wallet.d.ts +94 -0
  46. package/dist/cloud/cloud-wallet.d.ts.map +1 -0
  47. package/dist/cloud/cloud-wallet.js +362 -0
  48. package/dist/cloud/cloud-wallet.js.map +13 -0
  49. package/dist/cloud/duffel-client.d.ts +181 -0
  50. package/dist/cloud/duffel-client.d.ts.map +1 -0
  51. package/dist/cloud/duffel-client.js +506 -0
  52. package/dist/cloud/duffel-client.js.map +11 -0
  53. package/dist/cloud/index.d.ts +15 -0
  54. package/dist/cloud/index.d.ts.map +1 -0
  55. package/dist/cloud/index.js +1811 -0
  56. package/dist/cloud/index.js.map +24 -0
  57. package/dist/cloud/lifeops-schedule-sync-client.d.ts +43 -0
  58. package/dist/cloud/lifeops-schedule-sync-client.d.ts.map +1 -0
  59. package/dist/cloud/lifeops-schedule-sync-client.js +180 -0
  60. package/dist/cloud/lifeops-schedule-sync-client.js.map +11 -0
  61. package/dist/cloud/lifeops-schedule-sync-contracts.d.ts +89 -0
  62. package/dist/cloud/lifeops-schedule-sync-contracts.d.ts.map +1 -0
  63. package/dist/cloud/lifeops-schedule-sync-contracts.js +39 -0
  64. package/dist/cloud/lifeops-schedule-sync-contracts.js.map +10 -0
  65. package/dist/cloud/managed-payment-clients.d.ts +166 -0
  66. package/dist/cloud/managed-payment-clients.d.ts.map +1 -0
  67. package/dist/cloud/managed-payment-clients.js +238 -0
  68. package/dist/cloud/managed-payment-clients.js.map +11 -0
  69. package/dist/cloud/null-observer.d.ts +35 -0
  70. package/dist/cloud/null-observer.d.ts.map +1 -0
  71. package/dist/cloud/null-observer.js +45 -0
  72. package/dist/cloud/null-observer.js.map +10 -0
  73. package/dist/cloud/reconnect.d.ts +26 -0
  74. package/dist/cloud/reconnect.d.ts.map +1 -0
  75. package/dist/cloud/reconnect.js +104 -0
  76. package/dist/cloud/reconnect.js.map +10 -0
  77. package/dist/cloud/setup-observer.d.ts +98 -0
  78. package/dist/cloud/setup-observer.d.ts.map +1 -0
  79. package/dist/cloud/setup-observer.js +2 -0
  80. package/dist/cloud/setup-observer.js.map +9 -0
  81. package/dist/cloud/validate-url.d.ts +2 -0
  82. package/dist/cloud/validate-url.d.ts.map +1 -0
  83. package/dist/cloud/validate-url.js +175 -0
  84. package/dist/cloud/validate-url.js.map +10 -0
  85. package/dist/cloud/x402-payment-handler.d.ts +85 -0
  86. package/dist/cloud/x402-payment-handler.d.ts.map +1 -0
  87. package/dist/cloud/x402-payment-handler.js +119 -0
  88. package/dist/cloud/x402-payment-handler.js.map +10 -0
  89. package/dist/cloud-providers/cloud-status.d.ts.map +1 -1
  90. package/dist/cloud-providers/cloud-status.js +78 -0
  91. package/dist/cloud-providers/cloud-status.js.map +10 -0
  92. package/dist/cloud-providers/container-health.d.ts.map +1 -1
  93. package/dist/cloud-providers/container-health.js +74 -0
  94. package/dist/cloud-providers/container-health.js.map +10 -0
  95. package/dist/cloud-providers/credit-balance.d.ts.map +1 -1
  96. package/dist/cloud-providers/credit-balance.js +85 -0
  97. package/dist/cloud-providers/credit-balance.js.map +10 -0
  98. package/dist/cloud-providers/index.d.ts.map +1 -1
  99. package/dist/cloud-providers/index.js +24 -0
  100. package/dist/cloud-providers/index.js.map +9 -0
  101. package/dist/cloud-providers/model-registry.d.ts.map +1 -1
  102. package/dist/cloud-providers/model-registry.js +71 -0
  103. package/dist/cloud-providers/model-registry.js.map +10 -0
  104. package/dist/cloud-setup.d.ts +36 -0
  105. package/dist/cloud-setup.d.ts.map +1 -0
  106. package/dist/cloud-setup.js +883 -0
  107. package/dist/cloud-setup.js.map +14 -0
  108. package/dist/cloud-voice-catalog.d.ts +65 -0
  109. package/dist/cloud-voice-catalog.d.ts.map +1 -0
  110. package/dist/cloud-voice-catalog.js +278 -0
  111. package/dist/cloud-voice-catalog.js.map +12 -0
  112. package/dist/index.browser.d.ts +15 -3
  113. package/dist/index.browser.d.ts.map +1 -1
  114. package/dist/index.d.ts +24 -0
  115. package/dist/index.d.ts.map +1 -1
  116. package/dist/index.js +9862 -0
  117. package/dist/index.js.map +77 -0
  118. package/dist/index.node.d.ts +21 -2
  119. package/dist/index.node.d.ts.map +1 -1
  120. package/dist/init.d.ts.map +1 -1
  121. package/dist/init.js +182 -0
  122. package/dist/init.js.map +12 -0
  123. package/dist/lib/cloud-connection.d.ts +77 -0
  124. package/dist/lib/cloud-connection.d.ts.map +1 -0
  125. package/dist/lib/cloud-connection.js +654 -0
  126. package/dist/lib/cloud-connection.js.map +14 -0
  127. package/dist/lib/cloud-secrets.d.ts +10 -0
  128. package/dist/lib/cloud-secrets.d.ts.map +1 -0
  129. package/dist/lib/cloud-secrets.js +36 -0
  130. package/dist/lib/cloud-secrets.js.map +10 -0
  131. package/dist/lib/config-env.d.ts +5 -0
  132. package/dist/lib/config-env.d.ts.map +1 -0
  133. package/dist/lib/config-env.js +191 -0
  134. package/dist/lib/config-env.js.map +11 -0
  135. package/dist/lib/config-like.d.ts +40 -0
  136. package/dist/lib/config-like.d.ts.map +1 -0
  137. package/dist/lib/config-like.js +103 -0
  138. package/dist/lib/config-like.js.map +10 -0
  139. package/dist/lib/credential-type-map.d.ts +53 -0
  140. package/dist/lib/credential-type-map.d.ts.map +1 -0
  141. package/dist/lib/credential-type-map.js +88 -0
  142. package/dist/lib/credential-type-map.js.map +10 -0
  143. package/dist/lib/feature-flags.d.ts +2 -0
  144. package/dist/lib/feature-flags.d.ts.map +1 -0
  145. package/dist/lib/feature-flags.js +40 -0
  146. package/dist/lib/feature-flags.js.map +10 -0
  147. package/dist/lib/http.d.ts +11 -0
  148. package/dist/lib/http.d.ts.map +1 -0
  149. package/dist/lib/http.js +107 -0
  150. package/dist/lib/http.js.map +10 -0
  151. package/dist/lib/server-cloud-tts.d.ts +21 -0
  152. package/dist/lib/server-cloud-tts.d.ts.map +1 -0
  153. package/dist/lib/server-cloud-tts.js +251 -0
  154. package/dist/lib/server-cloud-tts.js.map +10 -0
  155. package/dist/lib/state-paths.d.ts +4 -0
  156. package/dist/lib/state-paths.d.ts.map +1 -0
  157. package/dist/lib/state-paths.js +52 -0
  158. package/dist/lib/state-paths.js.map +10 -0
  159. package/dist/lib/tts-debug.d.ts +6 -0
  160. package/dist/lib/tts-debug.d.ts.map +1 -0
  161. package/dist/lib/tts-debug.js +24 -0
  162. package/dist/lib/tts-debug.js.map +9 -0
  163. package/dist/models/embeddings.d.ts.map +1 -1
  164. package/dist/models/embeddings.js +329 -0
  165. package/dist/models/embeddings.js.map +13 -0
  166. package/dist/models/image.d.ts.map +1 -1
  167. package/dist/models/image.js +401 -0
  168. package/dist/models/image.js.map +14 -0
  169. package/dist/models/index.d.ts +1 -2
  170. package/dist/models/index.d.ts.map +1 -1
  171. package/dist/models/index.js +1896 -0
  172. package/dist/models/index.js.map +19 -0
  173. package/dist/models/research.d.ts.map +1 -1
  174. package/dist/models/research.js +341 -0
  175. package/dist/models/research.js.map +13 -0
  176. package/dist/models/speech.d.ts +61 -3
  177. package/dist/models/speech.d.ts.map +1 -1
  178. package/dist/models/speech.js +429 -0
  179. package/dist/models/speech.js.map +13 -0
  180. package/dist/models/text.d.ts +111 -3
  181. package/dist/models/text.d.ts.map +1 -1
  182. package/dist/models/text.js +1173 -0
  183. package/dist/models/text.js.map +14 -0
  184. package/dist/models/tokenization.d.ts.map +1 -1
  185. package/dist/models/tokenization.js +65 -0
  186. package/dist/models/tokenization.js.map +10 -0
  187. package/dist/models/transcription.d.ts.map +1 -1
  188. package/dist/models/transcription.js +297 -0
  189. package/dist/models/transcription.js.map +13 -0
  190. package/dist/node/index.d.ts +2 -2
  191. package/dist/node/index.node.js +9189 -2295
  192. package/dist/node/index.node.js.map +68 -30
  193. package/dist/plugin.d.ts +20 -0
  194. package/dist/plugin.d.ts.map +1 -0
  195. package/dist/plugin.js +2937 -0
  196. package/dist/plugin.js.map +28 -0
  197. package/dist/providers/openai.d.ts.map +1 -1
  198. package/dist/providers/openai.js +136 -0
  199. package/dist/providers/openai.js.map +11 -0
  200. package/dist/register-routes.d.ts +2 -0
  201. package/dist/register-routes.d.ts.map +1 -0
  202. package/dist/register-routes.js +2938 -0
  203. package/dist/register-routes.js.map +29 -0
  204. package/dist/routes/cloud-billing-routes.d.ts +9 -0
  205. package/dist/routes/cloud-billing-routes.d.ts.map +1 -0
  206. package/dist/routes/cloud-billing-routes.js +764 -0
  207. package/dist/routes/cloud-billing-routes.js.map +15 -0
  208. package/dist/routes/cloud-coding-container-routes.d.ts +8 -0
  209. package/dist/routes/cloud-coding-container-routes.d.ts.map +1 -0
  210. package/dist/routes/cloud-coding-container-routes.js +214 -0
  211. package/dist/routes/cloud-coding-container-routes.js.map +11 -0
  212. package/dist/routes/cloud-compat-routes.d.ts +10 -0
  213. package/dist/routes/cloud-compat-routes.d.ts.map +1 -0
  214. package/dist/routes/cloud-compat-routes.js +495 -0
  215. package/dist/routes/cloud-compat-routes.js.map +15 -0
  216. package/dist/routes/cloud-features-routes.d.ts +9 -0
  217. package/dist/routes/cloud-features-routes.d.ts.map +1 -0
  218. package/dist/routes/cloud-features-routes.js +124 -0
  219. package/dist/routes/cloud-features-routes.js.map +11 -0
  220. package/dist/routes/cloud-provisioning.d.ts +14 -0
  221. package/dist/routes/cloud-provisioning.d.ts.map +1 -0
  222. package/dist/routes/cloud-provisioning.js +37 -0
  223. package/dist/routes/cloud-provisioning.js.map +10 -0
  224. package/dist/routes/cloud-relay-routes.d.ts +23 -0
  225. package/dist/routes/cloud-relay-routes.d.ts.map +1 -0
  226. package/dist/routes/cloud-relay-routes.js +142 -0
  227. package/dist/routes/cloud-relay-routes.js.map +11 -0
  228. package/dist/routes/cloud-routes-autonomous.d.ts +82 -0
  229. package/dist/routes/cloud-routes-autonomous.d.ts.map +1 -0
  230. package/dist/routes/cloud-routes-autonomous.js +1252 -0
  231. package/dist/routes/cloud-routes-autonomous.js.map +18 -0
  232. package/dist/routes/cloud-routes.d.ts +35 -0
  233. package/dist/routes/cloud-routes.d.ts.map +1 -0
  234. package/dist/routes/cloud-routes.js +2173 -0
  235. package/dist/routes/cloud-routes.js.map +23 -0
  236. package/dist/routes/cloud-status-routes-autonomous.d.ts +14 -0
  237. package/dist/routes/cloud-status-routes-autonomous.d.ts.map +1 -0
  238. package/dist/routes/cloud-status-routes-autonomous.js +349 -0
  239. package/dist/routes/cloud-status-routes-autonomous.js.map +13 -0
  240. package/dist/routes/cloud-status-routes.d.ts +4 -0
  241. package/dist/routes/cloud-status-routes.d.ts.map +1 -0
  242. package/dist/routes/cloud-status-routes.js +695 -0
  243. package/dist/routes/cloud-status-routes.js.map +15 -0
  244. package/dist/routes/home-remote-runner-access-url.d.ts +16 -0
  245. package/dist/routes/home-remote-runner-access-url.d.ts.map +1 -0
  246. package/dist/routes/home-remote-runner-access-url.js +91 -0
  247. package/dist/routes/home-remote-runner-access-url.js.map +10 -0
  248. package/dist/routes/travel-provider-relay-routes.d.ts +9 -0
  249. package/dist/routes/travel-provider-relay-routes.d.ts.map +1 -0
  250. package/dist/routes/travel-provider-relay-routes.js +358 -0
  251. package/dist/routes/travel-provider-relay-routes.js.map +14 -0
  252. package/dist/services/cloud-auth.d.ts +140 -5
  253. package/dist/services/cloud-auth.d.ts.map +1 -1
  254. package/dist/services/cloud-auth.js +368 -0
  255. package/dist/services/cloud-auth.js.map +12 -0
  256. package/dist/services/cloud-backup.d.ts.map +1 -1
  257. package/dist/services/cloud-backup.js +176 -0
  258. package/dist/services/cloud-backup.js.map +11 -0
  259. package/dist/services/cloud-bootstrap.d.ts +38 -0
  260. package/dist/services/cloud-bootstrap.d.ts.map +1 -0
  261. package/dist/services/cloud-bootstrap.js +84 -0
  262. package/dist/services/cloud-bootstrap.js.map +10 -0
  263. package/dist/services/cloud-bridge.d.ts +1 -1
  264. package/dist/services/cloud-bridge.d.ts.map +1 -1
  265. package/dist/services/cloud-bridge.js +308 -0
  266. package/dist/services/cloud-bridge.js.map +11 -0
  267. package/dist/services/cloud-container.d.ts +5 -1
  268. package/dist/services/cloud-container.d.ts.map +1 -1
  269. package/dist/services/cloud-container.js +292 -0
  270. package/dist/services/cloud-container.js.map +11 -0
  271. package/dist/services/cloud-credential-provider.d.ts +55 -0
  272. package/dist/services/cloud-credential-provider.d.ts.map +1 -0
  273. package/dist/services/cloud-credential-provider.js +190 -0
  274. package/dist/services/cloud-credential-provider.js.map +11 -0
  275. package/dist/services/cloud-managed-gateway-relay.d.ts +38 -0
  276. package/dist/services/cloud-managed-gateway-relay.d.ts.map +1 -0
  277. package/dist/services/cloud-managed-gateway-relay.js +479 -0
  278. package/dist/services/cloud-managed-gateway-relay.js.map +10 -0
  279. package/dist/services/cloud-model-registry.d.ts.map +1 -1
  280. package/dist/services/cloud-model-registry.js +175 -0
  281. package/dist/services/cloud-model-registry.js.map +10 -0
  282. package/dist/services/index.d.ts +3 -1
  283. package/dist/services/index.d.ts.map +1 -1
  284. package/dist/services/index.js +29 -0
  285. package/dist/services/index.js.map +9 -0
  286. package/dist/types/cloud.d.ts +42 -19
  287. package/dist/types/cloud.d.ts.map +1 -1
  288. package/dist/types/cloud.js +52 -0
  289. package/dist/types/cloud.js.map +10 -0
  290. package/dist/types/index.d.ts +1 -1
  291. package/dist/types/index.d.ts.map +1 -1
  292. package/dist/types/index.js +24 -0
  293. package/dist/types/index.js.map +9 -0
  294. package/dist/utils/cloud-api.d.ts +2 -27
  295. package/dist/utils/cloud-api.d.ts.map +1 -1
  296. package/dist/utils/cloud-api.js +33 -0
  297. package/dist/utils/cloud-api.js.map +10 -0
  298. package/dist/utils/cloud-sdk/client.d.ts +133 -0
  299. package/dist/utils/cloud-sdk/client.d.ts.map +1 -0
  300. package/dist/utils/cloud-sdk/client.js +3693 -0
  301. package/dist/utils/cloud-sdk/client.js.map +13 -0
  302. package/dist/utils/cloud-sdk/http.d.ts +37 -0
  303. package/dist/utils/cloud-sdk/http.d.ts.map +1 -0
  304. package/dist/utils/cloud-sdk/http.js +237 -0
  305. package/dist/utils/cloud-sdk/http.js.map +11 -0
  306. package/dist/utils/cloud-sdk/index.d.ts +6 -0
  307. package/dist/utils/cloud-sdk/index.d.ts.map +1 -0
  308. package/dist/utils/cloud-sdk/index.js +29 -0
  309. package/dist/utils/cloud-sdk/index.js.map +9 -0
  310. package/dist/utils/cloud-sdk/public-routes.d.ts +5563 -0
  311. package/dist/utils/cloud-sdk/public-routes.d.ts.map +1 -0
  312. package/dist/utils/cloud-sdk/public-routes.js +3048 -0
  313. package/dist/utils/cloud-sdk/public-routes.js.map +10 -0
  314. package/dist/utils/cloud-sdk/types.cloud-api.d.ts +101 -0
  315. package/dist/utils/cloud-sdk/types.cloud-api.d.ts.map +1 -0
  316. package/dist/utils/cloud-sdk/types.cloud-api.js +2 -0
  317. package/dist/utils/cloud-sdk/types.cloud-api.js.map +9 -0
  318. package/dist/utils/cloud-sdk/types.d.ts +653 -0
  319. package/dist/utils/cloud-sdk/types.d.ts.map +1 -0
  320. package/dist/utils/cloud-sdk/types.js +29 -0
  321. package/dist/utils/cloud-sdk/types.js.map +10 -0
  322. package/dist/utils/config.d.ts +16 -3
  323. package/dist/utils/config.d.ts.map +1 -1
  324. package/dist/utils/config.js +147 -0
  325. package/dist/utils/config.js.map +10 -0
  326. package/dist/utils/events.d.ts +23 -2
  327. package/dist/utils/events.d.ts.map +1 -1
  328. package/dist/utils/events.js +45 -0
  329. package/dist/utils/events.js.map +10 -0
  330. package/dist/utils/helpers.d.ts.map +1 -1
  331. package/dist/utils/helpers.js +103 -0
  332. package/dist/utils/helpers.js.map +10 -0
  333. package/dist/utils/responses-output.d.ts +13 -0
  334. package/dist/utils/responses-output.d.ts.map +1 -0
  335. package/dist/utils/responses-output.js +102 -0
  336. package/dist/utils/responses-output.js.map +10 -0
  337. package/dist/utils/sdk-client.d.ts +5 -0
  338. package/dist/utils/sdk-client.d.ts.map +1 -0
  339. package/dist/utils/sdk-client.js +157 -0
  340. package/dist/utils/sdk-client.js.map +11 -0
  341. package/dist/utils/waifu-metering.d.ts +108 -0
  342. package/dist/utils/waifu-metering.d.ts.map +1 -0
  343. package/dist/utils/waifu-metering.js +166 -0
  344. package/dist/utils/waifu-metering.js.map +10 -0
  345. package/package.json +139 -21
  346. package/src/cloud/auth-service-types.ts +24 -0
  347. package/src/cloud/auth.ts +175 -0
  348. package/src/cloud/backup.ts +46 -0
  349. package/src/cloud/base-url.ts +6 -0
  350. package/src/cloud/bridge-client.ts +602 -0
  351. package/src/cloud/clack-observer.ts +189 -0
  352. package/src/cloud/cloud-api-key.ts +80 -0
  353. package/src/cloud/cloud-manager.ts +163 -0
  354. package/src/cloud/cloud-proxy.ts +52 -0
  355. package/src/cloud/cloud-wallet.ts +341 -0
  356. package/src/cloud/duffel-client.ts +847 -0
  357. package/src/cloud/index.ts +38 -0
  358. package/src/cloud/lifeops-schedule-sync-client.ts +245 -0
  359. package/src/cloud/lifeops-schedule-sync-contracts.ts +124 -0
  360. package/src/cloud/managed-payment-clients.ts +374 -0
  361. package/src/cloud/null-observer.ts +45 -0
  362. package/src/cloud/reconnect.ts +111 -0
  363. package/src/cloud/setup-observer.ts +125 -0
  364. package/src/cloud/validate-url.ts +187 -0
  365. package/src/cloud/x402-payment-handler.ts +215 -0
  366. package/src/cloud-providers/cloud-status.ts +75 -0
  367. package/src/cloud-providers/container-health.ts +68 -0
  368. package/src/cloud-providers/credit-balance.ts +70 -0
  369. package/src/cloud-providers/index.ts +3 -0
  370. package/src/cloud-providers/model-registry.ts +74 -0
  371. package/src/cloud-setup.ts +531 -0
  372. package/src/cloud-voice-catalog.test.ts +254 -0
  373. package/src/cloud-voice-catalog.ts +246 -0
  374. package/src/index.browser.ts +39 -0
  375. package/src/index.node.ts +69 -0
  376. package/src/index.ts +419 -0
  377. package/src/init.ts +39 -0
  378. package/src/lib/cloud-connection.ts +661 -0
  379. package/src/lib/cloud-secrets.ts +14 -0
  380. package/src/lib/config-env.ts +168 -0
  381. package/src/lib/config-like.ts +149 -0
  382. package/src/lib/credential-type-map.ts +130 -0
  383. package/src/lib/feature-flags.ts +26 -0
  384. package/src/lib/http.ts +122 -0
  385. package/src/lib/server-cloud-tts.ts +301 -0
  386. package/src/lib/state-paths.ts +28 -0
  387. package/src/lib/tts-debug.ts +5 -0
  388. package/src/models/embeddings.ts +298 -0
  389. package/src/models/image.ts +234 -0
  390. package/src/models/index.ts +16 -0
  391. package/src/models/research.ts +275 -0
  392. package/src/models/speech.ts +324 -0
  393. package/src/models/text.ts +1493 -0
  394. package/src/models/tokenization.ts +67 -0
  395. package/src/models/transcription.ts +101 -0
  396. package/src/plugin.ts +281 -0
  397. package/src/providers/openai.ts +16 -0
  398. package/src/register-routes.ts +6 -0
  399. package/src/routes/cloud-billing-routes.ts +744 -0
  400. package/src/routes/cloud-coding-container-routes.ts +198 -0
  401. package/src/routes/cloud-compat-routes.ts +304 -0
  402. package/src/routes/cloud-features-routes.ts +57 -0
  403. package/src/routes/cloud-provisioning.ts +37 -0
  404. package/src/routes/cloud-relay-routes.ts +135 -0
  405. package/src/routes/cloud-routes-autonomous.ts +993 -0
  406. package/src/routes/cloud-routes.ts +637 -0
  407. package/src/routes/cloud-status-routes-autonomous.ts +238 -0
  408. package/src/routes/cloud-status-routes.ts +73 -0
  409. package/src/routes/home-remote-runner-access-url.ts +83 -0
  410. package/src/routes/travel-provider-relay-routes.ts +193 -0
  411. package/src/services/cloud-auth.ts +574 -0
  412. package/src/services/cloud-backup.ts +208 -0
  413. package/src/services/cloud-bootstrap.ts +106 -0
  414. package/src/services/cloud-bridge.ts +386 -0
  415. package/src/services/cloud-container.ts +390 -0
  416. package/src/services/cloud-credential-provider.ts +210 -0
  417. package/src/services/cloud-managed-gateway-relay.ts +663 -0
  418. package/src/services/cloud-model-registry.ts +202 -0
  419. package/src/services/index.ts +17 -0
  420. package/{types → src/types}/cloud.ts +74 -29
  421. package/{types → src/types}/index.ts +25 -0
  422. package/src/utils/cloud-api.ts +10 -0
  423. package/src/utils/cloud-sdk/client.ts +774 -0
  424. package/src/utils/cloud-sdk/http.ts +291 -0
  425. package/src/utils/cloud-sdk/index.ts +23 -0
  426. package/src/utils/cloud-sdk/public-routes.ts +5238 -0
  427. package/src/utils/cloud-sdk/types.cloud-api.ts +120 -0
  428. package/src/utils/cloud-sdk/types.ts +760 -0
  429. package/src/utils/config.ts +193 -0
  430. package/src/utils/events.ts +65 -0
  431. package/src/utils/helpers.ts +107 -0
  432. package/src/utils/responses-output.ts +115 -0
  433. package/src/utils/sdk-client.ts +41 -0
  434. package/src/utils/waifu-metering.ts +302 -0
  435. package/dist/actions/check-credits.d.ts +0 -6
  436. package/dist/actions/check-credits.d.ts.map +0 -1
  437. package/dist/actions/freeze-agent.d.ts +0 -9
  438. package/dist/actions/freeze-agent.d.ts.map +0 -1
  439. package/dist/actions/index.d.ts +0 -5
  440. package/dist/actions/index.d.ts.map +0 -1
  441. package/dist/actions/provision-agent.d.ts +0 -8
  442. package/dist/actions/provision-agent.d.ts.map +0 -1
  443. package/dist/actions/resume-agent.d.ts +0 -9
  444. package/dist/actions/resume-agent.d.ts.map +0 -1
  445. package/dist/build.d.ts +0 -3
  446. package/dist/build.d.ts.map +0 -1
  447. package/dist/generated/specs/specs.d.ts +0 -55
  448. package/dist/generated/specs/specs.d.ts.map +0 -1
  449. package/dist/models/object.d.ts +0 -4
  450. package/dist/models/object.d.ts.map +0 -1
  451. package/dist/utils/forwarded-settings.d.ts +0 -8
  452. package/dist/utils/forwarded-settings.d.ts.map +0 -1
package/dist/services/cloud-auth.js.map ADDED
@@ -0,0 +1,12 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/types/cloud.ts", "../src/utils/cloud-api.ts", "../src/services/cloud-auth.ts"],
4
+ "sourcesContent": [
5
+ "/**\n * Cloud-specific types for ElizaCloud integration.\n *\n * These types mirror the eliza-cloud-v2 database schemas and API contracts\n * for containers, auth, credits, bridge messaging, and agent state snapshots.\n */\n\nexport type {\n CloudCodingAgent,\n CloudCodingContainerSession,\n CloudCodingContainerStatus,\n CloudCodingPatch,\n CloudCodingPatchFormat,\n CloudCodingPromotion,\n CloudCodingSyncDirection,\n CloudCodingSyncResult,\n CloudVfsBundle,\n CloudVfsDeletedFile,\n CloudVfsFile,\n CloudVfsFileEncoding,\n CloudVfsSourceKind,\n PromoteVfsToCloudContainerRequest,\n PromoteVfsToCloudContainerResponse,\n RequestCodingAgentContainerRequest,\n RequestCodingAgentContainerResponse,\n SyncCloudCodingContainerRequest,\n SyncCloudCodingContainerResponse,\n} from \"@elizaos/shared\";\n\n// ─── Container Types ────────────────────────────────────────────────────────\n\nexport type ContainerStatus =\n | \"pending\"\n | \"building\"\n | \"deploying\"\n | \"running\"\n | \"stopped\"\n | \"failed\"\n | \"suspended\";\n\nexport type ContainerBillingStatus =\n | \"active\"\n | \"warning\"\n | \"suspended\"\n | \"shutdown_pending\"\n | \"archived\";\n\nexport type ContainerArchitecture = \"arm64\" | \"x86_64\";\n\nexport interface CloudContainer {\n id: string;\n name: string;\n project_name: string;\n description: string | null;\n organization_id: string;\n user_id: string;\n status: ContainerStatus;\n image_tag: string | null;\n port: number;\n desired_count: number;\n cpu: number;\n memory: number;\n architecture: ContainerArchitecture;\n environment_vars: Record<string, string>;\n health_check_path: string;\n load_balancer_url: string | null;\n ecr_repository_uri: string | null;\n ecr_image_tag: string | null;\n cloudformation_stack_name: string | null;\n billing_status: ContainerBillingStatus;\n total_billed: string;\n last_deployed_at: string | null;\n last_health_check: string | null;\n deployment_log: string | null;\n error_message: string | null;\n metadata: Record<string, unknown>;\n created_at: string;\n updated_at: string;\n}\n\nexport interface CreateContainerRequest {\n name: string;\n project_name: string;\n description?: string;\n port?: number;\n desired_count?: number;\n cpu?: number;\n memory?: number;\n environment_vars?: Record<string, string>;\n health_check_path?: string;\n ecr_image_uri: string;\n ecr_repository_uri?: string;\n image_tag?: string;\n architecture?: ContainerArchitecture;\n}\n\nexport interface CreateContainerResponse {\n success: boolean;\n data: CloudContainer;\n message: string;\n creditsDeducted: number;\n creditsRemaining: number;\n stackName: string;\n polling: {\n endpoint: string;\n intervalMs: number;\n expectedDurationMs: number;\n };\n}\n\nexport interface ContainerListResponse {\n success: boolean;\n data: CloudContainer[];\n}\n\nexport interface ContainerGetResponse {\n success: boolean;\n data: CloudContainer;\n}\n\nexport interface ContainerDeleteResponse {\n success: boolean;\n message?: string;\n}\n\nexport interface ContainerHealthResponse {\n success: boolean;\n data: {\n status: string;\n healthy: boolean;\n lastCheck: string | null;\n uptime: number | null;\n };\n}\n\n// ─── Auth Types ─────────────────────────────────────────────────────────────\n\nexport type DevicePlatform = \"ios\" | \"android\" | \"macos\" | \"windows\" | \"linux\" | \"web\";\n\nexport interface DeviceAuthRequest {\n deviceId: string;\n platform: DevicePlatform;\n appVersion: string;\n deviceName?: string;\n}\n\nexport interface DeviceAuthResponse {\n success: boolean;\n data: {\n apiKey: string;\n userId: string;\n organizationId: string;\n credits: number;\n isNew: boolean;\n };\n}\n\nexport interface CloudCredentials {\n apiKey: string;\n userId: string;\n organizationId: string;\n authenticatedAt: number;\n}\n\n// ─── Credits Types ──────────────────────────────────────────────────────────\n\nexport interface CreditBalanceResponse {\n success: boolean;\n data: {\n balance: number;\n currency: string;\n };\n}\n\nexport interface CreditSummaryResponse {\n success: boolean;\n data: {\n balance: number;\n totalSpent: number;\n totalAdded: number;\n recentTransactions: CreditTransaction[];\n };\n}\n\nexport interface CreditTransaction {\n id: string;\n amount: number;\n description: string;\n type: \"credit\" | \"debit\";\n created_at: string;\n}\n\n// ─── Bridge Types ───────────────────────────────────────────────────────────\n\nexport type BridgeConnectionState = \"disconnected\" | \"connecting\" | \"connected\" | \"reconnecting\";\n\nexport interface BridgeMessage {\n jsonrpc: \"2.0\";\n id?: string | number;\n method?: string;\n params?: Record<string, unknown>;\n result?: unknown;\n error?: BridgeError;\n}\n\nexport interface BridgeError {\n code: number;\n message: string;\n data?: unknown;\n}\n\nexport type BridgeMessageHandler = (message: BridgeMessage) => void;\n\nexport interface BridgeConnection {\n containerId: string;\n state: BridgeConnectionState;\n connectedAt: number | null;\n lastHeartbeat: number | null;\n reconnectAttempts: number;\n}\n\n// ─── Managed Gateway Relay Types ───────────────────────────────────────────\n\nexport interface GatewayRelaySession {\n id: string;\n organizationId: string;\n userId: string;\n runtimeAgentId: string;\n agentName: string | null;\n platform: \"local-runtime\";\n createdAt: string;\n lastSeenAt: string;\n}\n\nexport interface GatewayRelayRequest {\n jsonrpc: \"2.0\";\n id?: string | number;\n method: string;\n params?: Record<string, unknown>;\n}\n\nexport interface GatewayRelayResponse {\n jsonrpc: \"2.0\";\n id?: string | number;\n result?: Record<string, unknown>;\n error?: BridgeError;\n}\n\nexport interface GatewayRelayRequestEnvelope {\n requestId: string;\n rpc: GatewayRelayRequest;\n queuedAt: string;\n}\n\nexport interface RegisterGatewayRelaySessionResponse {\n success: boolean;\n data: {\n session: GatewayRelaySession;\n };\n}\n\nexport interface PollGatewayRelayResponse {\n success: boolean;\n data: {\n request: GatewayRelayRequestEnvelope | null;\n };\n}\n\n// ─── Snapshot / Backup Types ────────────────────────────────────────────────\n\nexport type SnapshotType = \"manual\" | \"auto\" | \"pre-eviction\";\n\nexport interface AgentSnapshot {\n id: string;\n containerId: string;\n organizationId: string;\n snapshotType: SnapshotType;\n storageUrl: string;\n sizeBytes: number;\n agentConfig: Record<string, unknown>;\n metadata: Record<string, unknown>;\n created_at: string;\n}\n\nexport interface CreateSnapshotRequest {\n snapshotType?: SnapshotType;\n metadata?: Record<string, unknown>;\n}\n\nexport interface CreateSnapshotResponse {\n success: boolean;\n data: AgentSnapshot;\n}\n\nexport interface SnapshotListResponse {\n success: boolean;\n data: AgentSnapshot[];\n}\n\nexport interface RestoreSnapshotRequest {\n snapshotId: string;\n}\n\nexport interface RestoreSnapshotResponse {\n success: boolean;\n message: string;\n}\n\n// ─── Cloud Config Types ─────────────────────────────────────────────────────\n\nexport type InferenceMode = \"cloud\" | \"byok\" | \"local\";\n\nexport interface CloudPluginConfig {\n /** Enable ElizaCloud integration. */\n enabled: boolean;\n /** ElizaCloud API base URL. */\n baseUrl: string;\n /** Stored API key for authenticated requests. */\n apiKey?: string;\n /** Device ID used for auto-signup authentication. */\n deviceId?: string;\n /** Platform identifier. */\n platform?: DevicePlatform;\n /** Inference mode: cloud (ElizaCloud proxied), byok (user keys), local (no cloud). */\n inferenceMode: InferenceMode;\n /** Auto-deploy agents to cloud on creation. */\n autoProvision: boolean;\n /** Bridge reconnection settings. */\n bridge: {\n reconnectIntervalMs: number;\n maxReconnectAttempts: number;\n heartbeatIntervalMs: number;\n };\n /** Auto-backup settings. */\n backup: {\n autoBackupIntervalMs: number;\n maxSnapshots: number;\n };\n /** Default container settings for new deployments. */\n container: {\n defaultImage: string;\n defaultArchitecture: ContainerArchitecture;\n defaultCpu: number;\n defaultMemory: number;\n defaultPort: number;\n };\n}\n\nexport const DEFAULT_CLOUD_CONFIG: CloudPluginConfig = {\n enabled: false,\n baseUrl: \"https://www.elizacloud.ai/api/v1\",\n inferenceMode: \"cloud\",\n autoProvision: false,\n bridge: {\n reconnectIntervalMs: 3000,\n maxReconnectAttempts: 20,\n heartbeatIntervalMs: 30_000,\n },\n backup: {\n autoBackupIntervalMs: 3_600_000, // 1 hour\n maxSnapshots: 10,\n },\n container: {\n defaultImage: \"elizaos/agent:latest\",\n defaultArchitecture: \"arm64\",\n defaultCpu: 1792,\n defaultMemory: 1792,\n defaultPort: 3000,\n },\n};\n\n// ─── API Error Types ────────────────────────────────────────────────────────\n\nexport type { CloudApiErrorBody } from \"@elizaos/cloud-sdk\";\nexport {\n CloudApiError,\n InsufficientCreditsError,\n} from \"@elizaos/cloud-sdk\";\n",
6
+ "export type {\n CloudApiErrorBody,\n CloudRequestOptions,\n} from \"@elizaos/cloud-sdk\";\nexport {\n CloudApiClient,\n CloudApiError,\n ElizaCloudHttpClient,\n InsufficientCreditsError,\n} from \"@elizaos/cloud-sdk\";\n",
7
+ "/**\n * CloudAuthService — Eliza Cloud authentication entry points.\n *\n * Two distinct auth flows live here:\n *\n * 1. **Device auto-signup** (`authenticateWithDevice`) — convenience-only.\n * Derives a hardware fingerprint and exchanges it for a free-tier API key\n * against the cloud signup endpoint. The result is treated as opaque and\n * is **never** trusted as inbound auth for the local Eliza dashboard.\n * See `docs/security/remote-auth-hardening-plan.md` §7 for the explicit\n * demotion rationale.\n *\n * 2. **Eliza Cloud SSO** (`getSsoRedirectUrl` / `exchangeCodeForSession`) —\n * OAuth-style authorization-code flow against the cloud issuer. The\n * callback handler in `app-core` (`api/auth/cloud-sso.ts`) consumes these\n * methods to bind a verified cloud user to a local Identity. All error\n * paths fail closed: the methods throw and the caller MUST refuse the\n * request. There is no partial-claims fallback.\n */\n\nimport {\n type RuntimeEnvRecord,\n type IAgentRuntime,\n logger,\n Service,\n resolveApiSecurityConfig,\n resolveDesktopApiPort,\n} from \"@elizaos/core\";\nimport { isCloudReachable } from \"@elizaos/shared\";\nimport { createRemoteJWKSet, jwtVerify } from \"jose\";\nimport type { CloudCredentials, DeviceAuthResponse, DevicePlatform } from \"../types/cloud\";\nimport { DEFAULT_CLOUD_CONFIG } from \"../types/cloud\";\nimport { CloudApiClient } from \"../utils/cloud-api\";\nimport type { CloudBootstrapService } from \"./cloud-bootstrap\";\n\n/** SHA-256 hash of hostname + platform + arch + cpu + memory. */\nasync function deriveDeviceId(): Promise<string> {\n const os = await import(\"node:os\");\n const crypto = await import(\"node:crypto\");\n const cpus = os.cpus();\n const raw = [\n os.hostname(),\n os.platform(),\n os.arch(),\n cpus[0]?.model ?? \"?\",\n cpus.length,\n os.totalmem(),\n ].join(\":\");\n return crypto.createHash(\"sha256\").update(raw).digest(\"hex\");\n}\n\nfunction detectPlatform(): DevicePlatform {\n if (typeof process === \"undefined\") return \"web\";\n const map: Record<string, DevicePlatform> = {\n darwin: \"macos\",\n win32: \"windows\",\n linux: \"linux\",\n };\n return map[process.platform] ?? \"linux\";\n}\n\n// ─── Eliza Cloud SSO ───────────────────────────────────────────────────────\n\n/**\n * Required ID-token claims for an Eliza Cloud SSO exchange.\n *\n * `sub` is the cloud user id (canonical identity key). `email` and `name`\n * are surfaced for UI display and identity provisioning. Anything else the\n * cloud issuer adds is preserved on `extra` for callers that need it but\n * is never required for auth decisions.\n */\nexport interface CloudSsoIdTokenClaims {\n iss: string;\n sub: string;\n aud: string | string[];\n exp: number;\n iat: number;\n email: string;\n email_verified?: boolean;\n name: string;\n picture?: string;\n extra: Record<string, unknown>;\n}\n\nexport interface CloudSsoSession {\n cloudUserId: string;\n email: string;\n displayName: string;\n claims: CloudSsoIdTokenClaims;\n}\n\nexport interface SsoRedirectArgs {\n /**\n * Local URL the user should land on after the SSO round-trip\n * (e.g. `/first-run/setup`). The dashboard's callback route forwards\n * to this once the session cookie is set; it is NOT sent to the cloud\n * issuer.\n */\n returnTo?: string;\n /**\n * State nonce. The caller is responsible for generating this with\n * `crypto.randomBytes(32)` and storing it server-side keyed by the\n * issued cookie / pending exchange.\n */\n state: string;\n /**\n * Override for `ELIZA_CLOUD_CLIENT_ID`. Falls through to the env when\n * unset; explicitly throws when neither is provided.\n */\n clientId?: string;\n /** Allows tests to inject a synthetic env record. */\n env?: RuntimeEnvRecord;\n}\n\nexport interface ExchangeCodeArgs {\n /** Authorization code returned on the SSO callback. */\n code: string;\n /** State value the cloud issuer echoed back on the callback. */\n state: string;\n /**\n * State value the caller originally issued. Compared with `state` and\n * mismatch causes a fail-closed throw before any network call is made.\n */\n expectedState: string;\n /**\n * Source for `getJwksUrl()`. The caller resolves this from the runtime\n * service registry (`runtime.getService(\"CLOUD_BOOTSTRAP\")`) so this\n * file does not import from `app-core` directly.\n */\n bootstrap: CloudBootstrapService;\n /** Allows tests to inject a fake fetch for the token endpoint. */\n fetchImpl?: typeof fetch;\n /** Allows tests to inject a synthetic env record. */\n env?: RuntimeEnvRecord;\n /** Optional override for the redirect URI; defaults to the local callback. */\n redirectUri?: string;\n}\n\ninterface RawTokenResponse {\n id_token?: unknown;\n access_token?: unknown;\n token_type?: unknown;\n expires_in?: unknown;\n scope?: unknown;\n}\n\ninterface ApiKeyAuthInput {\n apiKey: string;\n organizationId?: string;\n userId?: string;\n}\n\ninterface RawIdTokenPayload {\n iss?: unknown;\n sub?: unknown;\n aud?: unknown;\n exp?: unknown;\n iat?: unknown;\n email?: unknown;\n email_verified?: unknown;\n name?: unknown;\n picture?: unknown;\n [otherProperty: string]: unknown;\n}\n\nfunction readEnvKey(env: RuntimeEnvRecord, key: string): string | null {\n const value = env[key];\n if (typeof value !== \"string\") return null;\n const trimmed = value.trim();\n return trimmed.length > 0 ? trimmed : null;\n}\n\nfunction processEnv(): RuntimeEnvRecord {\n if (typeof process === \"undefined\") return {};\n return process.env as RuntimeEnvRecord;\n}\n\n/**\n * Build the local SSO callback URL the cloud issuer will redirect back to.\n *\n * Reads `ELIZA_API_BIND` and the desktop API port from `@elizaos/core`'s\n * runtime-env helper so the redirect_uri matches whatever the dashboard\n * is actually serving on. Loopback binds default to `http://127.0.0.1:<port>`;\n * non-loopback binds (cloud-provisioned containers) use `https://`.\n */\nfunction defaultRedirectUri(env: RuntimeEnvRecord): string {\n const security = resolveApiSecurityConfig(env);\n const port = resolveDesktopApiPort(env);\n const scheme = security.isLoopbackBind ? \"http\" : \"https\";\n // Strip any IPv6 brackets the bind host might already include.\n const host = security.bindHost.startsWith(\"[\")\n ? security.bindHost\n : security.bindHost.includes(\":\") && !security.bindHost.startsWith(\"[\")\n ? `[${security.bindHost}]`\n : security.bindHost;\n return `${scheme}://${host}:${port}/api/auth/login/sso/callback`;\n}\n\n/**\n * Returns the absolute URL the dashboard should redirect the user to in\n * order to start an Eliza Cloud SSO authorization-code flow.\n *\n * Throws when `ELIZA_CLOUD_CLIENT_ID` is unset and no `clientId` override\n * is provided — there is no built-in default. `ELIZA_CLOUD_ISSUER` is read\n * via the `CloudBootstrapService`'s service-port and must already be set;\n * if not, this method throws via the bootstrap's existing fail-closed\n * behaviour.\n *\n * The `state` argument MUST be generated by the caller with a cryptographic\n * RNG and stored server-side bound to the issued cookie. This method does\n * NOT generate or persist state.\n *\n * @param bootstrap - Service-port that exposes `getExpectedIssuer()`.\n * @param args - Required `state`, optional `clientId` / `returnTo` / `env`.\n */\nexport function getSsoRedirectUrl(bootstrap: CloudBootstrapService, args: SsoRedirectArgs): string {\n const env = args.env ?? processEnv();\n const clientId = args.clientId ?? readEnvKey(env, \"ELIZA_CLOUD_CLIENT_ID\");\n if (!clientId) {\n throw new Error(\"ELIZA_CLOUD_CLIENT_ID is not configured — cannot start Eliza Cloud SSO\");\n }\n if (args.state.length === 0) {\n throw new Error(\"getSsoRedirectUrl requires a non-empty state nonce\");\n }\n const issuer = bootstrap.getExpectedIssuer();\n const redirectUri = defaultRedirectUri(env);\n const params = new URLSearchParams();\n params.set(\"response_type\", \"code\");\n params.set(\"client_id\", clientId);\n params.set(\"redirect_uri\", redirectUri);\n params.set(\"scope\", \"openid profile\");\n params.set(\"state\", args.state);\n if (args.returnTo) {\n // Forwarded through state on the cloud side is not safe (issuer-controlled);\n // we surface it as a separate hint that the local callback honours.\n params.set(\"eliza_return_to\", args.returnTo);\n }\n return `${issuer}/oauth/authorize?${params.toString()}`;\n}\n\nfunction shapeIdTokenClaims(payload: RawIdTokenPayload): CloudSsoIdTokenClaims {\n if (typeof payload.iss !== \"string\" || payload.iss.length === 0) {\n throw new Error(\"id_token missing issuer claim\");\n }\n if (typeof payload.sub !== \"string\" || payload.sub.length === 0) {\n throw new Error(\"id_token missing sub claim\");\n }\n if (\n typeof payload.aud !== \"string\" &&\n !(Array.isArray(payload.aud) && payload.aud.every((value) => typeof value === \"string\"))\n ) {\n throw new Error(\"id_token missing or malformed aud claim\");\n }\n if (typeof payload.exp !== \"number\" || !Number.isFinite(payload.exp)) {\n throw new Error(\"id_token missing exp claim\");\n }\n if (typeof payload.iat !== \"number\" || !Number.isFinite(payload.iat)) {\n throw new Error(\"id_token missing iat claim\");\n }\n if (typeof payload.email !== \"string\" || payload.email.length === 0) {\n throw new Error(\"id_token missing email claim — Eliza Cloud SSO requires it\");\n }\n if (typeof payload.name !== \"string\" || payload.name.length === 0) {\n throw new Error(\"id_token missing name claim — Eliza Cloud SSO requires it\");\n }\n const extra: Record<string, unknown> = {};\n for (const [key, value] of Object.entries(payload)) {\n if (\n key !== \"iss\" &&\n key !== \"sub\" &&\n key !== \"aud\" &&\n key !== \"exp\" &&\n key !== \"iat\" &&\n key !== \"email\" &&\n key !== \"email_verified\" &&\n key !== \"name\" &&\n key !== \"picture\"\n ) {\n extra[key] = value;\n }\n }\n return {\n iss: payload.iss,\n sub: payload.sub,\n aud: payload.aud as string | string[],\n exp: payload.exp,\n iat: payload.iat,\n email: payload.email,\n email_verified:\n typeof payload.email_verified === \"boolean\" ? payload.email_verified : undefined,\n name: payload.name,\n picture: typeof payload.picture === \"string\" ? payload.picture : undefined,\n extra,\n };\n}\n\nfunction shapeTokenResponse(payload: unknown): { idToken: string } {\n if (!payload || typeof payload !== \"object\") {\n throw new Error(\"Eliza Cloud token endpoint returned a non-object body\");\n }\n const raw = payload as RawTokenResponse;\n if (typeof raw.id_token !== \"string\" || raw.id_token.length === 0) {\n throw new Error(\"Eliza Cloud token endpoint did not return an id_token\");\n }\n return { idToken: raw.id_token };\n}\n\n/**\n * Exchange an authorization code for a verified Eliza Cloud session.\n *\n * Steps:\n * 1. Compare `state === expectedState`. Mismatch throws.\n * 2. POST to `${ELIZA_CLOUD_ISSUER}/oauth/token` with the code,\n * `client_id`, and `client_secret` (the latter from\n * `ELIZA_CLOUD_CLIENT_SECRET`).\n * 3. Verify the returned `id_token` against the JWKS exposed by\n * `CloudBootstrapService.getJwksUrl()`. RS256 only.\n * 4. Project the claims onto a `CloudSsoSession`.\n *\n * Any error in fetch / signature verify / claim shape throws — this method\n * NEVER returns a partial or fallback session.\n */\nexport async function exchangeCodeForSession(args: ExchangeCodeArgs): Promise<CloudSsoSession> {\n if (args.code.length === 0) {\n throw new Error(\"exchangeCodeForSession requires a non-empty code\");\n }\n if (!args.state || !args.expectedState || args.state !== args.expectedState) {\n throw new Error(\"Eliza Cloud SSO state mismatch — refusing to exchange code (possible CSRF)\");\n }\n\n const env = args.env ?? processEnv();\n const clientId = readEnvKey(env, \"ELIZA_CLOUD_CLIENT_ID\");\n if (!clientId) {\n throw new Error(\"ELIZA_CLOUD_CLIENT_ID is not configured — cannot complete Eliza Cloud SSO\");\n }\n const clientSecret = readEnvKey(env, \"ELIZA_CLOUD_CLIENT_SECRET\");\n if (!clientSecret) {\n throw new Error(\n \"ELIZA_CLOUD_CLIENT_SECRET is not configured — cannot complete Eliza Cloud SSO\"\n );\n }\n\n const issuer = args.bootstrap.getExpectedIssuer();\n const redirectUri = args.redirectUri ?? defaultRedirectUri(env);\n const tokenUrl = `${issuer}/oauth/token`;\n\n const fetchImpl = args.fetchImpl ?? fetch;\n const body = new URLSearchParams();\n body.set(\"grant_type\", \"authorization_code\");\n body.set(\"code\", args.code);\n body.set(\"redirect_uri\", redirectUri);\n body.set(\"client_id\", clientId);\n body.set(\"client_secret\", clientSecret);\n\n const response = await fetchImpl(tokenUrl, {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/x-www-form-urlencoded\",\n accept: \"application/json\",\n },\n body: body.toString(),\n });\n if (!response.ok) {\n throw new Error(\n `Eliza Cloud token endpoint returned HTTP ${response.status} for code exchange`\n );\n }\n const payload: unknown = await response.json();\n const { idToken } = shapeTokenResponse(payload);\n\n const jwksUrl = args.bootstrap.getJwksUrl();\n const remoteJwks = createRemoteJWKSet(new URL(jwksUrl));\n\n const verified = await jwtVerify(idToken, remoteJwks, {\n algorithms: [\"RS256\"],\n issuer,\n audience: clientId,\n });\n\n const claims = shapeIdTokenClaims(verified.payload as RawIdTokenPayload);\n\n return {\n cloudUserId: claims.sub,\n email: claims.email,\n displayName: claims.name,\n claims,\n };\n}\n\n// ─── Service ───────────────────────────────────────────────────────────────\n\nexport class CloudAuthService extends Service {\n static serviceType = \"CLOUD_AUTH\";\n capabilityDescription = \"Eliza Cloud device authentication and SSO session helpers\";\n\n private client: CloudApiClient;\n private credentials: CloudCredentials | null = null;\n\n constructor(runtime?: IAgentRuntime) {\n super(runtime);\n this.client = new CloudApiClient(DEFAULT_CLOUD_CONFIG.baseUrl);\n }\n\n static async start(runtime: IAgentRuntime): Promise<Service> {\n const service = new CloudAuthService(runtime);\n await service.initialize();\n return service;\n }\n\n async stop(): Promise<void> {\n this.credentials = null;\n }\n\n private async initialize(): Promise<void> {\n const baseUrl = String(\n this.runtime.getSetting(\"ELIZAOS_CLOUD_BASE_URL\") ?? DEFAULT_CLOUD_CONFIG.baseUrl\n );\n this.client.setBaseUrl(baseUrl);\n\n // Try existing API key first. If the key is present in settings\n // (persisted via config file or character secrets in the DB), trust it\n // immediately so the agent is functional even when the cloud API is\n // temporarily unreachable. A background validation fires to confirm\n // the key — if it turns out to be revoked the next model call will\n // surface the error, but the agent won't stall on startup.\n const existingKey = this.runtime.getSetting(\"ELIZAOS_CLOUD_API_KEY\");\n if (existingKey) {\n const key = String(existingKey);\n this.client.setApiKey(key);\n\n // Accept the key optimistically — no blocking network call.\n this.credentials = {\n apiKey: key,\n userId: String(this.runtime.getSetting(\"ELIZAOS_CLOUD_USER_ID\") ?? \"\"),\n organizationId: String(\n this.runtime.getSetting(\"ELIZAOS_CLOUD_ORG_ID\") ??\n this.runtime.getSetting(\"ELIZA_CLOUD_ORGANIZATION_ID\") ??\n \"\"\n ),\n authenticatedAt: Date.now(),\n };\n logger.info(\"[CloudAuth] Authenticated with saved API key\");\n\n // Non-blocking validation — if the key is invalid the next model\n // call will surface the error; we just log a warning here.\n this.validateApiKey(key)\n .then((valid) => {\n if (!valid) {\n logger.warn(\n \"[CloudAuth] Saved API key could not be validated (cloud may be unreachable or key revoked) — model calls will use the key anyway\"\n );\n }\n })\n .catch(() => {\n // Swallow — already logged inside validateApiKey\n });\n return;\n }\n\n // Device-based auto-signup when explicitly enabled\n const enabled = this.runtime.getSetting(\"ELIZAOS_CLOUD_ENABLED\");\n if (enabled === \"true\" || enabled === \"1\") {\n try {\n await this.authenticateWithDevice();\n } catch (err) {\n const msg = err instanceof Error ? err.message : String(err);\n logger.warn(`[CloudAuth] Device auth failed (cloud may be unreachable): ${msg}`);\n logger.info(\n \"[CloudAuth] Service will start unauthenticated — cloud features disabled until connectivity is restored\"\n );\n }\n } else {\n logger.info(\"[CloudAuth] Cloud not enabled (set ELIZAOS_CLOUD_ENABLED=true)\");\n }\n }\n\n private async validateApiKey(key: string): Promise<boolean> {\n if (!(await isCloudReachable())) {\n logger.warn(\n \"[CloudAuth] Cloud unreachable at boot — skipping API key validation; key will be used as-is\"\n );\n return false;\n }\n try {\n const validationClient = new CloudApiClient(this.client.getBaseUrl(), key);\n await validationClient.get(\"/models\", { timeoutMs: 2_500 });\n return true;\n } catch (err) {\n const msg = err instanceof Error ? err.message : String(err);\n logger.warn(`[CloudAuth] Could not reach cloud API to validate key: ${msg}`);\n return false;\n }\n }\n\n /**\n * Free-tier device auto-signup. **Convenience only — not a security\n * primitive.** The hardware fingerprint is treated as opaque material the\n * cloud signup endpoint can use to mint a fresh API key + $5 free credit\n * for new installs. The result is usable for outbound LLM calls; it never\n * authorizes inbound dashboard access.\n *\n * See `docs/security/remote-auth-hardening-plan.md` §7.\n */\n async authenticateWithDevice(): Promise<CloudCredentials> {\n const deviceId = await deriveDeviceId();\n const platform = detectPlatform();\n const appVersion = process.env.ELIZAOS_CLOUD_APP_VERSION ?? \"2.0.0-beta.0\";\n const os = await import(\"node:os\");\n\n logger.info(`[CloudAuth] Authenticating device (platform=${platform})`);\n\n const response = await this.client.postUnauthenticated<DeviceAuthResponse>(\"/device-auth\", {\n deviceId,\n platform,\n appVersion,\n deviceName: os.hostname(),\n });\n\n this.credentials = {\n apiKey: response.data.apiKey,\n userId: response.data.userId,\n organizationId: response.data.organizationId,\n authenticatedAt: Date.now(),\n };\n this.client.setApiKey(response.data.apiKey);\n\n const action = response.data.isNew ? \"New account created\" : \"Authenticated\";\n logger.info(`[CloudAuth] ${action} (credits: $${response.data.credits.toFixed(2)})`);\n\n return this.credentials;\n }\n\n authenticateWithApiKey(input: ApiKeyAuthInput): CloudCredentials {\n const apiKey = input.apiKey.trim();\n if (!apiKey) {\n throw new Error(\"Eliza Cloud API key is required\");\n }\n\n this.client.setApiKey(apiKey);\n this.credentials = {\n apiKey,\n userId: input.userId ?? \"\",\n organizationId: input.organizationId ?? \"\",\n authenticatedAt: Date.now(),\n };\n\n logger.info(\"[CloudAuth] Authenticated with API key\");\n return this.credentials;\n }\n\n clearAuth(): void {\n this.credentials = null;\n this.client.setApiKey(undefined);\n }\n\n isAuthenticated(): boolean {\n return this.credentials !== null;\n }\n getCredentials(): CloudCredentials | null {\n return this.credentials;\n }\n getApiKey(): string | undefined {\n return this.credentials?.apiKey ?? this.client.getApiKey();\n }\n getClient(): CloudApiClient {\n return this.client;\n }\n getUserId(): string | undefined {\n return this.credentials?.userId;\n }\n getOrganizationId(): string | undefined {\n return this.credentials?.organizationId;\n }\n}\n"
8
+ ],
9
+ "mappings": ";;;;;;;;;;;;;;;;;;;AAsXA;AAAA;AAAA;AAAA;AA1BO,IAAM,uBAA0C;AAAA,EACrD,SAAS;AAAA,EACT,SAAS;AAAA,EACT,eAAe;AAAA,EACf,eAAe;AAAA,EACf,QAAQ;AAAA,IACN,qBAAqB;AAAA,IACrB,sBAAsB;AAAA,IACtB,qBAAqB;AAAA,EACvB;AAAA,EACA,QAAQ;AAAA,IACN,sBAAsB;AAAA,IACtB,cAAc;AAAA,EAChB;AAAA,EACA,WAAW;AAAA,IACT,cAAc;AAAA,IACd,qBAAqB;AAAA,IACrB,YAAY;AAAA,IACZ,eAAe;AAAA,IACf,aAAa;AAAA,EACf;AACF;;;AC7WA;AAAA;AAAA,mBAEE;AAAA;AAAA,8BAEA;AAAA;;;ACYF;AAAA;AAAA;AAAA;AAAA;AAAA;AAQA;AACA;AAOA,eAAe,cAAc,GAAoB;AAAA,EAC/C,MAAM,KAAK,MAAa;AAAA,EACxB,MAAM,SAAS,MAAa;AAAA,EAC5B,MAAM,OAAO,GAAG,KAAK;AAAA,EACrB,MAAM,MAAM;AAAA,IACV,GAAG,SAAS;AAAA,IACZ,GAAG,SAAS;AAAA,IACZ,GAAG,KAAK;AAAA,IACR,KAAK,IAAI,SAAS;AAAA,IAClB,KAAK;AAAA,IACL,GAAG,SAAS;AAAA,EACd,EAAE,KAAK,GAAG;AAAA,EACV,OAAO,OAAO,WAAW,QAAQ,EAAE,OAAO,GAAG,EAAE,OAAO,KAAK;AAAA;AAG7D,SAAS,cAAc,GAAmB;AAAA,EACxC,IAAI,OAAO,YAAY;AAAA,IAAa,OAAO;AAAA,EAC3C,MAAM,MAAsC;AAAA,IAC1C,QAAQ;AAAA,IACR,OAAO;AAAA,IACP,OAAO;AAAA,EACT;AAAA,EACA,OAAO,IAAI,QAAQ,aAAa;AAAA;AA2GlC,SAAS,UAAU,CAAC,KAAuB,KAA4B;AAAA,EACrE,MAAM,QAAQ,IAAI;AAAA,EAClB,IAAI,OAAO,UAAU;AAAA,IAAU,OAAO;AAAA,EACtC,MAAM,UAAU,MAAM,KAAK;AAAA,EAC3B,OAAO,QAAQ,SAAS,IAAI,UAAU;AAAA;AAGxC,SAAS,UAAU,GAAqB;AAAA,EACtC,IAAI,OAAO,YAAY;AAAA,IAAa,OAAO,CAAC;AAAA,EAC5C,OAAO,QAAQ;AAAA;AAWjB,SAAS,kBAAkB,CAAC,KAA+B;AAAA,EACzD,MAAM,WAAW,yBAAyB,GAAG;AAAA,EAC7C,MAAM,OAAO,sBAAsB,GAAG;AAAA,EACtC,MAAM,SAAS,SAAS,iBAAiB,SAAS;AAAA,EAElD,MAAM,OAAO,SAAS,SAAS,WAAW,GAAG,IACzC,SAAS,WACT,SAAS,SAAS,SAAS,GAAG,KAAK,CAAC,SAAS,SAAS,WAAW,GAAG,IAClE,IAAI,SAAS,cACb,SAAS;AAAA,EACf,OAAO,GAAG,YAAY,QAAQ;AAAA;AAoBzB,SAAS,iBAAiB,CAAC,WAAkC,MAA+B;AAAA,EACjG,MAAM,MAAM,KAAK,OAAO,WAAW;AAAA,EACnC,MAAM,WAAW,KAAK,YAAY,WAAW,KAAK,uBAAuB;AAAA,EACzE,IAAI,CAAC,UAAU;AAAA,IACb,MAAM,IAAI,MAAM,wEAAuE;AAAA,EACzF;AAAA,EACA,IAAI,KAAK,MAAM,WAAW,GAAG;AAAA,IAC3B,MAAM,IAAI,MAAM,oDAAoD;AAAA,EACtE;AAAA,EACA,MAAM,SAAS,UAAU,kBAAkB;AAAA,EAC3C,MAAM,cAAc,mBAAmB,GAAG;AAAA,EAC1C,MAAM,SAAS,IAAI;AAAA,EACnB,OAAO,IAAI,iBAAiB,MAAM;AAAA,EAClC,OAAO,IAAI,aAAa,QAAQ;AAAA,EAChC,OAAO,IAAI,gBAAgB,WAAW;AAAA,EACtC,OAAO,IAAI,SAAS,gBAAgB;AAAA,EACpC,OAAO,IAAI,SAAS,KAAK,KAAK;AAAA,EAC9B,IAAI,KAAK,UAAU;AAAA,IAGjB,OAAO,IAAI,mBAAmB,KAAK,QAAQ;AAAA,EAC7C;AAAA,EACA,OAAO,GAAG,0BAA0B,OAAO,SAAS;AAAA;AAGtD,SAAS,kBAAkB,CAAC,SAAmD;AAAA,EAC7E,IAAI,OAAO,QAAQ,QAAQ,YAAY,QAAQ,IAAI,WAAW,GAAG;AAAA,IAC/D,MAAM,IAAI,MAAM,+BAA+B;AAAA,EACjD;AAAA,EACA,IAAI,OAAO,QAAQ,QAAQ,YAAY,QAAQ,IAAI,WAAW,GAAG;AAAA,IAC/D,MAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAAA,EACA,IACE,OAAO,QAAQ,QAAQ,YACvB,EAAE,MAAM,QAAQ,QAAQ,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,UAAU,OAAO,UAAU,QAAQ,IACtF;AAAA,IACA,MAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AAAA,EACA,IAAI,OAAO,QAAQ,QAAQ,YAAY,CAAC,OAAO,SAAS,QAAQ,GAAG,GAAG;AAAA,IACpE,MAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAAA,EACA,IAAI,OAAO,QAAQ,QAAQ,YAAY,CAAC,OAAO,SAAS,QAAQ,GAAG,GAAG;AAAA,IACpE,MAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAAA,EACA,IAAI,OAAO,QAAQ,UAAU,YAAY,QAAQ,MAAM,WAAW,GAAG;AAAA,IACnE,MAAM,IAAI,MAAM,4DAA2D;AAAA,EAC7E;AAAA,EACA,IAAI,OAAO,QAAQ,SAAS,YAAY,QAAQ,KAAK,WAAW,GAAG;AAAA,IACjE,MAAM,IAAI,MAAM,2DAA0D;AAAA,EAC5E;AAAA,EACA,MAAM,QAAiC,CAAC;AAAA,EACxC,YAAY,KAAK,UAAU,OAAO,QAAQ,OAAO,GAAG;AAAA,IAClD,IACE,QAAQ,SACR,QAAQ,SACR,QAAQ,SACR,QAAQ,SACR,QAAQ,SACR,QAAQ,WACR,QAAQ,oBACR,QAAQ,UACR,QAAQ,WACR;AAAA,MACA,MAAM,OAAO;AAAA,IACf;AAAA,EACF;AAAA,EACA,OAAO;AAAA,IACL,KAAK,QAAQ;AAAA,IACb,KAAK,QAAQ;AAAA,IACb,KAAK,QAAQ;AAAA,IACb,KAAK,QAAQ;AAAA,IACb,KAAK,QAAQ;AAAA,IACb,OAAO,QAAQ;AAAA,IACf,gBACE,OAAO,QAAQ,mBAAmB,YAAY,QAAQ,iBAAiB;AAAA,IACzE,MAAM,QAAQ;AAAA,IACd,SAAS,OAAO,QAAQ,YAAY,WAAW,QAAQ,UAAU;AAAA,IACjE;AAAA,EACF;AAAA;AAGF,SAAS,kBAAkB,CAAC,SAAuC;AAAA,EACjE,IAAI,CAAC,WAAW,OAAO,YAAY,UAAU;AAAA,IAC3C,MAAM,IAAI,MAAM,uDAAuD;AAAA,EACzE;AAAA,EACA,MAAM,MAAM;AAAA,EACZ,IAAI,OAAO,IAAI,aAAa,YAAY,IAAI,SAAS,WAAW,GAAG;AAAA,IACjE,MAAM,IAAI,MAAM,uDAAuD;AAAA,EACzE;AAAA,EACA,OAAO,EAAE,SAAS,IAAI,SAAS;AAAA;AAkBjC,eAAsB,sBAAsB,CAAC,MAAkD;AAAA,EAC7F,IAAI,KAAK,KAAK,WAAW,GAAG;AAAA,IAC1B,MAAM,IAAI,MAAM,kDAAkD;AAAA,EACpE;AAAA,EACA,IAAI,CAAC,KAAK,SAAS,CAAC,KAAK,iBAAiB,KAAK,UAAU,KAAK,eAAe;AAAA,IAC3E,MAAM,IAAI,MAAM,4EAA2E;AAAA,EAC7F;AAAA,EAEA,MAAM,MAAM,KAAK,OAAO,WAAW;AAAA,EACnC,MAAM,WAAW,WAAW,KAAK,uBAAuB;AAAA,EACxD,IAAI,CAAC,UAAU;AAAA,IACb,MAAM,IAAI,MAAM,2EAA0E;AAAA,EAC5F;AAAA,EACA,MAAM,eAAe,WAAW,KAAK,2BAA2B;AAAA,EAChE,IAAI,CAAC,cAAc;AAAA,IACjB,MAAM,IAAI,MACR,+EACF;AAAA,EACF;AAAA,EAEA,MAAM,SAAS,KAAK,UAAU,kBAAkB;AAAA,EAChD,MAAM,cAAc,KAAK,eAAe,mBAAmB,GAAG;AAAA,EAC9D,MAAM,WAAW,GAAG;AAAA,EAEpB,MAAM,YAAY,KAAK,aAAa;AAAA,EACpC,MAAM,OAAO,IAAI;AAAA,EACjB,KAAK,IAAI,cAAc,oBAAoB;AAAA,EAC3C,KAAK,IAAI,QAAQ,KAAK,IAAI;AAAA,EAC1B,KAAK,IAAI,gBAAgB,WAAW;AAAA,EACpC,KAAK,IAAI,aAAa,QAAQ;AAAA,EAC9B,KAAK,IAAI,iBAAiB,YAAY;AAAA,EAEtC,MAAM,WAAW,MAAM,UAAU,UAAU;AAAA,IACzC,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,QAAQ;AAAA,IACV;AAAA,IACA,MAAM,KAAK,SAAS;AAAA,EACtB,CAAC;AAAA,EACD,IAAI,CAAC,SAAS,IAAI;AAAA,IAChB,MAAM,IAAI,MACR,4CAA4C,SAAS,0BACvD;AAAA,EACF;AAAA,EACA,MAAM,UAAmB,MAAM,SAAS,KAAK;AAAA,EAC7C,QAAQ,YAAY,mBAAmB,OAAO;AAAA,EAE9C,MAAM,UAAU,KAAK,UAAU,WAAW;AAAA,EAC1C,MAAM,aAAa,mBAAmB,IAAI,IAAI,OAAO,CAAC;AAAA,EAEtD,MAAM,WAAW,MAAM,UAAU,SAAS,YAAY;AAAA,IACpD,YAAY,CAAC,OAAO;AAAA,IACpB;AAAA,IACA,UAAU;AAAA,EACZ,CAAC;AAAA,EAED,MAAM,SAAS,mBAAmB,SAAS,OAA4B;AAAA,EAEvE,OAAO;AAAA,IACL,aAAa,OAAO;AAAA,IACpB,OAAO,OAAO;AAAA,IACd,aAAa,OAAO;AAAA,IACpB;AAAA,EACF;AAAA;AAAA;AAKK,MAAM,yBAAyB,QAAQ;AAAA,SACrC,cAAc;AAAA,EACrB,wBAAwB;AAAA,EAEhB;AAAA,EACA,cAAuC;AAAA,EAE/C,WAAW,CAAC,SAAyB;AAAA,IACnC,MAAM,OAAO;AAAA,IACb,KAAK,SAAS,IAAI,eAAe,qBAAqB,OAAO;AAAA;AAAA,cAGlD,MAAK,CAAC,SAA0C;AAAA,IAC3D,MAAM,UAAU,IAAI,iBAAiB,OAAO;AAAA,IAC5C,MAAM,QAAQ,WAAW;AAAA,IACzB,OAAO;AAAA;AAAA,OAGH,KAAI,GAAkB;AAAA,IAC1B,KAAK,cAAc;AAAA;AAAA,OAGP,WAAU,GAAkB;AAAA,IACxC,MAAM,UAAU,OACd,KAAK,QAAQ,WAAW,wBAAwB,KAAK,qBAAqB,OAC5E;AAAA,IACA,KAAK,OAAO,WAAW,OAAO;AAAA,IAQ9B,MAAM,cAAc,KAAK,QAAQ,WAAW,uBAAuB;AAAA,IACnE,IAAI,aAAa;AAAA,MACf,MAAM,MAAM,OAAO,WAAW;AAAA,MAC9B,KAAK,OAAO,UAAU,GAAG;AAAA,MAGzB,KAAK,cAAc;AAAA,QACjB,QAAQ;AAAA,QACR,QAAQ,OAAO,KAAK,QAAQ,WAAW,uBAAuB,KAAK,EAAE;AAAA,QACrE,gBAAgB,OACd,KAAK,QAAQ,WAAW,sBAAsB,KAC5C,KAAK,QAAQ,WAAW,6BAA6B,KACrD,EACJ;AAAA,QACA,iBAAiB,KAAK,IAAI;AAAA,MAC5B;AAAA,MACA,OAAO,KAAK,8CAA8C;AAAA,MAI1D,KAAK,eAAe,GAAG,EACpB,KAAK,CAAC,UAAU;AAAA,QACf,IAAI,CAAC,OAAO;AAAA,UACV,OAAO,KACL,kIACF;AAAA,QACF;AAAA,OACD,EACA,MAAM,MAAM,EAEZ;AAAA,MACH;AAAA,IACF;AAAA,IAGA,MAAM,UAAU,KAAK,QAAQ,WAAW,uBAAuB;AAAA,IAC/D,IAAI,YAAY,UAAU,YAAY,KAAK;AAAA,MACzC,IAAI;AAAA,QACF,MAAM,KAAK,uBAAuB;AAAA,QAClC,OAAO,KAAK;AAAA,QACZ,MAAM,MAAM,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,QAC3D,OAAO,KAAK,8DAA8D,KAAK;AAAA,QAC/E,OAAO,KACL,yGACF;AAAA;AAAA,IAEJ,EAAO;AAAA,MACL,OAAO,KAAK,gEAAgE;AAAA;AAAA;AAAA,OAIlE,eAAc,CAAC,KAA+B;AAAA,IAC1D,IAAI,CAAE,MAAM,iBAAiB,GAAI;AAAA,MAC/B,OAAO,KACL,6FACF;AAAA,MACA,OAAO;AAAA,IACT;AAAA,IACA,IAAI;AAAA,MACF,MAAM,mBAAmB,IAAI,eAAe,KAAK,OAAO,WAAW,GAAG,GAAG;AAAA,MACzE,MAAM,iBAAiB,IAAI,WAAW,EAAE,WAAW,KAAM,CAAC;AAAA,MAC1D,OAAO;AAAA,MACP,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MAC3D,OAAO,KAAK,0DAA0D,KAAK;AAAA,MAC3E,OAAO;AAAA;AAAA;AAAA,OAaL,uBAAsB,GAA8B;AAAA,IACxD,MAAM,WAAW,MAAM,eAAe;AAAA,IACtC,MAAM,WAAW,eAAe;AAAA,IAChC,MAAM,aAAa,QAAQ,IAAI,6BAA6B;AAAA,IAC5D,MAAM,KAAK,MAAa;AAAA,IAExB,OAAO,KAAK,+CAA+C,WAAW;AAAA,IAEtE,MAAM,WAAW,MAAM,KAAK,OAAO,oBAAwC,gBAAgB;AAAA,MACzF;AAAA,MACA;AAAA,MACA;AAAA,MACA,YAAY,GAAG,SAAS;AAAA,IAC1B,CAAC;AAAA,IAED,KAAK,cAAc;AAAA,MACjB,QAAQ,SAAS,KAAK;AAAA,MACtB,QAAQ,SAAS,KAAK;AAAA,MACtB,gBAAgB,SAAS,KAAK;AAAA,MAC9B,iBAAiB,KAAK,IAAI;AAAA,IAC5B;AAAA,IACA,KAAK,OAAO,UAAU,SAAS,KAAK,MAAM;AAAA,IAE1C,MAAM,SAAS,SAAS,KAAK,QAAQ,wBAAwB;AAAA,IAC7D,OAAO,KAAK,eAAe,qBAAqB,SAAS,KAAK,QAAQ,QAAQ,CAAC,IAAI;AAAA,IAEnF,OAAO,KAAK;AAAA;AAAA,EAGd,sBAAsB,CAAC,OAA0C;AAAA,IAC/D,MAAM,SAAS,MAAM,OAAO,KAAK;AAAA,IACjC,IAAI,CAAC,QAAQ;AAAA,MACX,MAAM,IAAI,MAAM,iCAAiC;AAAA,IACnD;AAAA,IAEA,KAAK,OAAO,UAAU,MAAM;AAAA,IAC5B,KAAK,cAAc;AAAA,MACjB;AAAA,MACA,QAAQ,MAAM,UAAU;AAAA,MACxB,gBAAgB,MAAM,kBAAkB;AAAA,MACxC,iBAAiB,KAAK,IAAI;AAAA,IAC5B;AAAA,IAEA,OAAO,KAAK,wCAAwC;AAAA,IACpD,OAAO,KAAK;AAAA;AAAA,EAGd,SAAS,GAAS;AAAA,IAChB,KAAK,cAAc;AAAA,IACnB,KAAK,OAAO,UAAU,SAAS;AAAA;AAAA,EAGjC,eAAe,GAAY;AAAA,IACzB,OAAO,KAAK,gBAAgB;AAAA;AAAA,EAE9B,cAAc,GAA4B;AAAA,IACxC,OAAO,KAAK;AAAA;AAAA,EAEd,SAAS,GAAuB;AAAA,IAC9B,OAAO,KAAK,aAAa,UAAU,KAAK,OAAO,UAAU;AAAA;AAAA,EAE3D,SAAS,GAAmB;AAAA,IAC1B,OAAO,KAAK;AAAA;AAAA,EAEd,SAAS,GAAuB;AAAA,IAC9B,OAAO,KAAK,aAAa;AAAA;AAAA,EAE3B,iBAAiB,GAAuB;AAAA,IACtC,OAAO,KAAK,aAAa;AAAA;AAE7B;",
10
+ "debugId": "C706585F0178D71764756E2164756E21",
11
+ "names": []
12
+ }
package/dist/services/cloud-backup.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cloud-backup.d.ts","sourceRoot":"","sources":["../../services/cloud-backup.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,KAAK,aAAa,EAAU,OAAO,EAAE,MAAM,eAAe,CAAC;AACpE,OAAO,KAAK,EACV,aAAa,EAIb,YAAY,EACb,MAAM,gBAAgB,CAAC;AAUxB,qBAAa,kBAAmB,SAAQ,OAAO;IAC7C,MAAM,CAAC,WAAW,SAAkB;IACpC,qBAAqB,SAA+C;IAEpE,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,WAAW,CAA2C;IAC9D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAA4C;IACzE,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAoD;WAExE,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAQb,UAAU;IAYlB,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,YAAY,GAAE,YAAuB,EACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,OAAO,CAAC,aAAa,CAAC;IAoBnB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAQ5D,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvE,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAW3E,kBAAkB,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI;IAgClE,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI;IAS3C;;;OAGG;IACG,yBAAyB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAU5E;;;OAGG;YACW,cAAc;IAqB5B,qBAAqB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO;IAInD,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;CAGtD"}
1
+ {"version":3,"file":"cloud-backup.d.ts","sourceRoot":"","sources":["../../src/services/cloud-backup.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,KAAK,aAAa,EAAU,OAAO,EAAE,MAAM,eAAe,CAAC;AACpE,OAAO,KAAK,EACV,aAAa,EAIb,YAAY,EACb,MAAM,gBAAgB,CAAC;AAUxB,qBAAa,kBAAmB,SAAQ,OAAO;IAC7C,MAAM,CAAC,WAAW,SAAkB;IACpC,qBAAqB,SAA+C;IAEpE,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,WAAW,CAA2C;IAC9D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAA4C;IACzE,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAoD;WAExE,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAQb,UAAU;IAYlB,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,YAAY,GAAE,YAAuB,EACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,OAAO,CAAC,aAAa,CAAC;IAoBnB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAQ5D,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvE,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAW3E,kBAAkB,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI;IAgClE,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI;IAS3C;;;OAGG;IACG,yBAAyB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAU5E;;;OAGG;YACW,cAAc;IAqB5B,qBAAqB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO;IAInD,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;CAGtD"}
package/dist/services/cloud-backup.js ADDED
@@ -0,0 +1,176 @@
1
+ import { createRequire } from "node:module";
2
+ var __defProp = Object.defineProperty;
3
+ var __returnValue = (v) => v;
4
+ function __exportSetter(name, newValue) {
5
+ this[name] = __returnValue.bind(null, newValue);
6
+ }
7
+ var __export = (target, all) => {
8
+ for (var name in all)
9
+ __defProp(target, name, {
10
+ get: all[name],
11
+ enumerable: true,
12
+ configurable: true,
13
+ set: __exportSetter.bind(all, name)
14
+ });
15
+ };
16
+ var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
17
+ var __require = /* @__PURE__ */ createRequire(import.meta.url);
18
+
19
+ // src/types/cloud.ts
20
+ import {
21
+ CloudApiError,
22
+ InsufficientCreditsError
23
+ } from "@elizaos/cloud-sdk";
24
+ var DEFAULT_CLOUD_CONFIG = {
25
+ enabled: false,
26
+ baseUrl: "https://www.elizacloud.ai/api/v1",
27
+ inferenceMode: "cloud",
28
+ autoProvision: false,
29
+ bridge: {
30
+ reconnectIntervalMs: 3000,
31
+ maxReconnectAttempts: 20,
32
+ heartbeatIntervalMs: 30000
33
+ },
34
+ backup: {
35
+ autoBackupIntervalMs: 3600000,
36
+ maxSnapshots: 10
37
+ },
38
+ container: {
39
+ defaultImage: "elizaos/agent:latest",
40
+ defaultArchitecture: "arm64",
41
+ defaultCpu: 1792,
42
+ defaultMemory: 1792,
43
+ defaultPort: 3000
44
+ }
45
+ };
46
+
47
+ // src/services/cloud-backup.ts
48
+ import { logger, Service } from "@elizaos/core";
49
+ class CloudBackupService extends Service {
50
+ static serviceType = "CLOUD_BACKUP";
51
+ capabilityDescription = "ElizaCloud agent state backup and restore";
52
+ authService;
53
+ autoBackups = new Map;
54
+ maxSnapshots = DEFAULT_CLOUD_CONFIG.backup.maxSnapshots;
55
+ backupIntervalMs = DEFAULT_CLOUD_CONFIG.backup.autoBackupIntervalMs;
56
+ static async start(runtime) {
57
+ const service = new CloudBackupService(runtime);
58
+ await service.initialize();
59
+ return service;
60
+ }
61
+ async stop() {
62
+ for (const [, entry] of this.autoBackups) {
63
+ clearInterval(entry.timer);
64
+ }
65
+ this.autoBackups.clear();
66
+ logger.info("[CloudBackup] Service stopped");
67
+ }
68
+ async initialize() {
69
+ const auth = this.runtime.getService("CLOUD_AUTH");
70
+ if (!auth) {
71
+ logger.debug("[CloudBackup] CloudAuthService not available");
72
+ return;
73
+ }
74
+ this.authService = auth;
75
+ logger.info("[CloudBackup] Service initialized");
76
+ }
77
+ async createSnapshot(containerId, snapshotType = "manual", metadata) {
78
+ const client = this.authService.getClient();
79
+ const response = await client.post(`/agent-state/${containerId}/snapshot`, { snapshotType, metadata });
80
+ logger.info(`[CloudBackup] Created ${snapshotType} snapshot for container ${containerId} (id=${response.data.id}, size=${formatBytes(response.data.sizeBytes)})`);
81
+ const autoEntry = this.autoBackups.get(containerId);
82
+ if (autoEntry) {
83
+ autoEntry.lastBackupAt = Date.now();
84
+ }
85
+ return response.data;
86
+ }
87
+ async listSnapshots(containerId) {
88
+ const client = this.authService.getClient();
89
+ const response = await client.get(`/agent-state/${containerId}/snapshots`);
90
+ return response.data;
91
+ }
92
+ async restoreSnapshot(containerId, snapshotId) {
93
+ const client = this.authService.getClient();
94
+ await client.post(`/agent-state/${containerId}/restore`, {
95
+ snapshotId
96
+ });
97
+ logger.info(`[CloudBackup] Restored snapshot ${snapshotId} for container ${containerId}`);
98
+ }
99
+ async getLatestSnapshot(containerId) {
100
+ const snapshots = await this.listSnapshots(containerId);
101
+ if (snapshots.length === 0)
102
+ return null;
103
+ snapshots.sort((a, b) => new Date(b.created_at).getTime() - new Date(a.created_at).getTime());
104
+ return snapshots[0];
105
+ }
106
+ scheduleAutoBackup(containerId, intervalMs) {
107
+ if (this.autoBackups.has(containerId)) {
108
+ logger.debug(`[CloudBackup] Auto-backup already scheduled for ${containerId}`);
109
+ return;
110
+ }
111
+ const interval = intervalMs ?? this.backupIntervalMs;
112
+ const timer = setInterval(() => {
113
+ logger.debug(`[CloudBackup] Running auto-backup for container ${containerId}`);
114
+ this.createSnapshot(containerId, "auto", {
115
+ trigger: "scheduled",
116
+ scheduledIntervalMs: interval
117
+ }).then(() => this.pruneSnapshots(containerId)).catch((err) => {
118
+ logger.error(`[CloudBackup] Auto-backup failed for ${containerId}: ${err.message}`);
119
+ });
120
+ }, interval);
121
+ this.autoBackups.set(containerId, {
122
+ containerId,
123
+ timer,
124
+ lastBackupAt: null
125
+ });
126
+ logger.info(`[CloudBackup] Scheduled auto-backup for ${containerId} every ${Math.round(interval / 60000)} minutes`);
127
+ }
128
+ cancelAutoBackup(containerId) {
129
+ const entry = this.autoBackups.get(containerId);
130
+ if (!entry)
131
+ return;
132
+ clearInterval(entry.timer);
133
+ this.autoBackups.delete(containerId);
134
+ logger.info(`[CloudBackup] Cancelled auto-backup for ${containerId}`);
135
+ }
136
+ async createPreEvictionSnapshot(containerId) {
137
+ logger.info(`[CloudBackup] Creating pre-eviction snapshot for ${containerId}`);
138
+ return this.createSnapshot(containerId, "pre-eviction", {
139
+ trigger: "billing-eviction",
140
+ createdAt: new Date().toISOString()
141
+ });
142
+ }
143
+ async pruneSnapshots(containerId) {
144
+ const snapshots = await this.listSnapshots(containerId);
145
+ const autoSnapshots = snapshots.filter((s) => s.snapshotType === "auto").sort((a, b) => new Date(b.created_at).getTime() - new Date(a.created_at).getTime());
146
+ const excess = autoSnapshots.slice(this.maxSnapshots);
147
+ if (excess.length === 0)
148
+ return;
149
+ const client = this.authService.getClient();
150
+ for (const snapshot of excess) {
151
+ await client.delete(`/agent-state/${containerId}/snapshots/${snapshot.id}`);
152
+ logger.debug(`[CloudBackup] Pruned old auto snapshot ${snapshot.id} for ${containerId}`);
153
+ }
154
+ logger.info(`[CloudBackup] Pruned ${excess.length} old auto snapshot(s) for ${containerId}`);
155
+ }
156
+ isAutoBackupScheduled(containerId) {
157
+ return this.autoBackups.has(containerId);
158
+ }
159
+ getLastBackupTime(containerId) {
160
+ return this.autoBackups.get(containerId)?.lastBackupAt ?? null;
161
+ }
162
+ }
163
+ function formatBytes(bytes) {
164
+ if (bytes < 1024)
165
+ return `${bytes} B`;
166
+ if (bytes < 1024 * 1024)
167
+ return `${(bytes / 1024).toFixed(1)} KB`;
168
+ if (bytes < 1024 * 1024 * 1024)
169
+ return `${(bytes / (1024 * 1024)).toFixed(1)} MB`;
170
+ return `${(bytes / (1024 * 1024 * 1024)).toFixed(1)} GB`;
171
+ }
172
+ export {
173
+ CloudBackupService
174
+ };
175
+
176
+ //# debugId=3A3130D224AC9DB064756E2164756E21
package/dist/services/cloud-backup.js.map ADDED
@@ -0,0 +1,11 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/types/cloud.ts", "../src/services/cloud-backup.ts"],
4
+ "sourcesContent": [
5
+ "/**\n * Cloud-specific types for ElizaCloud integration.\n *\n * These types mirror the eliza-cloud-v2 database schemas and API contracts\n * for containers, auth, credits, bridge messaging, and agent state snapshots.\n */\n\nexport type {\n CloudCodingAgent,\n CloudCodingContainerSession,\n CloudCodingContainerStatus,\n CloudCodingPatch,\n CloudCodingPatchFormat,\n CloudCodingPromotion,\n CloudCodingSyncDirection,\n CloudCodingSyncResult,\n CloudVfsBundle,\n CloudVfsDeletedFile,\n CloudVfsFile,\n CloudVfsFileEncoding,\n CloudVfsSourceKind,\n PromoteVfsToCloudContainerRequest,\n PromoteVfsToCloudContainerResponse,\n RequestCodingAgentContainerRequest,\n RequestCodingAgentContainerResponse,\n SyncCloudCodingContainerRequest,\n SyncCloudCodingContainerResponse,\n} from \"@elizaos/shared\";\n\n// ─── Container Types ────────────────────────────────────────────────────────\n\nexport type ContainerStatus =\n | \"pending\"\n | \"building\"\n | \"deploying\"\n | \"running\"\n | \"stopped\"\n | \"failed\"\n | \"suspended\";\n\nexport type ContainerBillingStatus =\n | \"active\"\n | \"warning\"\n | \"suspended\"\n | \"shutdown_pending\"\n | \"archived\";\n\nexport type ContainerArchitecture = \"arm64\" | \"x86_64\";\n\nexport interface CloudContainer {\n id: string;\n name: string;\n project_name: string;\n description: string | null;\n organization_id: string;\n user_id: string;\n status: ContainerStatus;\n image_tag: string | null;\n port: number;\n desired_count: number;\n cpu: number;\n memory: number;\n architecture: ContainerArchitecture;\n environment_vars: Record<string, string>;\n health_check_path: string;\n load_balancer_url: string | null;\n ecr_repository_uri: string | null;\n ecr_image_tag: string | null;\n cloudformation_stack_name: string | null;\n billing_status: ContainerBillingStatus;\n total_billed: string;\n last_deployed_at: string | null;\n last_health_check: string | null;\n deployment_log: string | null;\n error_message: string | null;\n metadata: Record<string, unknown>;\n created_at: string;\n updated_at: string;\n}\n\nexport interface CreateContainerRequest {\n name: string;\n project_name: string;\n description?: string;\n port?: number;\n desired_count?: number;\n cpu?: number;\n memory?: number;\n environment_vars?: Record<string, string>;\n health_check_path?: string;\n ecr_image_uri: string;\n ecr_repository_uri?: string;\n image_tag?: string;\n architecture?: ContainerArchitecture;\n}\n\nexport interface CreateContainerResponse {\n success: boolean;\n data: CloudContainer;\n message: string;\n creditsDeducted: number;\n creditsRemaining: number;\n stackName: string;\n polling: {\n endpoint: string;\n intervalMs: number;\n expectedDurationMs: number;\n };\n}\n\nexport interface ContainerListResponse {\n success: boolean;\n data: CloudContainer[];\n}\n\nexport interface ContainerGetResponse {\n success: boolean;\n data: CloudContainer;\n}\n\nexport interface ContainerDeleteResponse {\n success: boolean;\n message?: string;\n}\n\nexport interface ContainerHealthResponse {\n success: boolean;\n data: {\n status: string;\n healthy: boolean;\n lastCheck: string | null;\n uptime: number | null;\n };\n}\n\n// ─── Auth Types ─────────────────────────────────────────────────────────────\n\nexport type DevicePlatform = \"ios\" | \"android\" | \"macos\" | \"windows\" | \"linux\" | \"web\";\n\nexport interface DeviceAuthRequest {\n deviceId: string;\n platform: DevicePlatform;\n appVersion: string;\n deviceName?: string;\n}\n\nexport interface DeviceAuthResponse {\n success: boolean;\n data: {\n apiKey: string;\n userId: string;\n organizationId: string;\n credits: number;\n isNew: boolean;\n };\n}\n\nexport interface CloudCredentials {\n apiKey: string;\n userId: string;\n organizationId: string;\n authenticatedAt: number;\n}\n\n// ─── Credits Types ──────────────────────────────────────────────────────────\n\nexport interface CreditBalanceResponse {\n success: boolean;\n data: {\n balance: number;\n currency: string;\n };\n}\n\nexport interface CreditSummaryResponse {\n success: boolean;\n data: {\n balance: number;\n totalSpent: number;\n totalAdded: number;\n recentTransactions: CreditTransaction[];\n };\n}\n\nexport interface CreditTransaction {\n id: string;\n amount: number;\n description: string;\n type: \"credit\" | \"debit\";\n created_at: string;\n}\n\n// ─── Bridge Types ───────────────────────────────────────────────────────────\n\nexport type BridgeConnectionState = \"disconnected\" | \"connecting\" | \"connected\" | \"reconnecting\";\n\nexport interface BridgeMessage {\n jsonrpc: \"2.0\";\n id?: string | number;\n method?: string;\n params?: Record<string, unknown>;\n result?: unknown;\n error?: BridgeError;\n}\n\nexport interface BridgeError {\n code: number;\n message: string;\n data?: unknown;\n}\n\nexport type BridgeMessageHandler = (message: BridgeMessage) => void;\n\nexport interface BridgeConnection {\n containerId: string;\n state: BridgeConnectionState;\n connectedAt: number | null;\n lastHeartbeat: number | null;\n reconnectAttempts: number;\n}\n\n// ─── Managed Gateway Relay Types ───────────────────────────────────────────\n\nexport interface GatewayRelaySession {\n id: string;\n organizationId: string;\n userId: string;\n runtimeAgentId: string;\n agentName: string | null;\n platform: \"local-runtime\";\n createdAt: string;\n lastSeenAt: string;\n}\n\nexport interface GatewayRelayRequest {\n jsonrpc: \"2.0\";\n id?: string | number;\n method: string;\n params?: Record<string, unknown>;\n}\n\nexport interface GatewayRelayResponse {\n jsonrpc: \"2.0\";\n id?: string | number;\n result?: Record<string, unknown>;\n error?: BridgeError;\n}\n\nexport interface GatewayRelayRequestEnvelope {\n requestId: string;\n rpc: GatewayRelayRequest;\n queuedAt: string;\n}\n\nexport interface RegisterGatewayRelaySessionResponse {\n success: boolean;\n data: {\n session: GatewayRelaySession;\n };\n}\n\nexport interface PollGatewayRelayResponse {\n success: boolean;\n data: {\n request: GatewayRelayRequestEnvelope | null;\n };\n}\n\n// ─── Snapshot / Backup Types ────────────────────────────────────────────────\n\nexport type SnapshotType = \"manual\" | \"auto\" | \"pre-eviction\";\n\nexport interface AgentSnapshot {\n id: string;\n containerId: string;\n organizationId: string;\n snapshotType: SnapshotType;\n storageUrl: string;\n sizeBytes: number;\n agentConfig: Record<string, unknown>;\n metadata: Record<string, unknown>;\n created_at: string;\n}\n\nexport interface CreateSnapshotRequest {\n snapshotType?: SnapshotType;\n metadata?: Record<string, unknown>;\n}\n\nexport interface CreateSnapshotResponse {\n success: boolean;\n data: AgentSnapshot;\n}\n\nexport interface SnapshotListResponse {\n success: boolean;\n data: AgentSnapshot[];\n}\n\nexport interface RestoreSnapshotRequest {\n snapshotId: string;\n}\n\nexport interface RestoreSnapshotResponse {\n success: boolean;\n message: string;\n}\n\n// ─── Cloud Config Types ─────────────────────────────────────────────────────\n\nexport type InferenceMode = \"cloud\" | \"byok\" | \"local\";\n\nexport interface CloudPluginConfig {\n /** Enable ElizaCloud integration. */\n enabled: boolean;\n /** ElizaCloud API base URL. */\n baseUrl: string;\n /** Stored API key for authenticated requests. */\n apiKey?: string;\n /** Device ID used for auto-signup authentication. */\n deviceId?: string;\n /** Platform identifier. */\n platform?: DevicePlatform;\n /** Inference mode: cloud (ElizaCloud proxied), byok (user keys), local (no cloud). */\n inferenceMode: InferenceMode;\n /** Auto-deploy agents to cloud on creation. */\n autoProvision: boolean;\n /** Bridge reconnection settings. */\n bridge: {\n reconnectIntervalMs: number;\n maxReconnectAttempts: number;\n heartbeatIntervalMs: number;\n };\n /** Auto-backup settings. */\n backup: {\n autoBackupIntervalMs: number;\n maxSnapshots: number;\n };\n /** Default container settings for new deployments. */\n container: {\n defaultImage: string;\n defaultArchitecture: ContainerArchitecture;\n defaultCpu: number;\n defaultMemory: number;\n defaultPort: number;\n };\n}\n\nexport const DEFAULT_CLOUD_CONFIG: CloudPluginConfig = {\n enabled: false,\n baseUrl: \"https://www.elizacloud.ai/api/v1\",\n inferenceMode: \"cloud\",\n autoProvision: false,\n bridge: {\n reconnectIntervalMs: 3000,\n maxReconnectAttempts: 20,\n heartbeatIntervalMs: 30_000,\n },\n backup: {\n autoBackupIntervalMs: 3_600_000, // 1 hour\n maxSnapshots: 10,\n },\n container: {\n defaultImage: \"elizaos/agent:latest\",\n defaultArchitecture: \"arm64\",\n defaultCpu: 1792,\n defaultMemory: 1792,\n defaultPort: 3000,\n },\n};\n\n// ─── API Error Types ────────────────────────────────────────────────────────\n\nexport type { CloudApiErrorBody } from \"@elizaos/cloud-sdk\";\nexport {\n CloudApiError,\n InsufficientCreditsError,\n} from \"@elizaos/cloud-sdk\";\n",
6
+ "/**\n * CloudBackupService — Agent state snapshots and restore.\n *\n * Creates, lists, and restores agent state snapshots through the ElizaCloud\n * API. Supports manual snapshots, periodic auto-backup, and pre-eviction\n * snapshots triggered by the billing system's low-credit warning.\n */\n\nimport { type IAgentRuntime, logger, Service } from \"@elizaos/core\";\nimport type {\n AgentSnapshot,\n CreateSnapshotResponse,\n RestoreSnapshotResponse,\n SnapshotListResponse,\n SnapshotType,\n} from \"../types/cloud\";\nimport { DEFAULT_CLOUD_CONFIG } from \"../types/cloud\";\nimport type { CloudAuthService } from \"./cloud-auth\";\n\ninterface AutoBackupEntry {\n containerId: string;\n timer: ReturnType<typeof setInterval>;\n lastBackupAt: number | null;\n}\n\nexport class CloudBackupService extends Service {\n static serviceType = \"CLOUD_BACKUP\";\n capabilityDescription = \"ElizaCloud agent state backup and restore\";\n\n private authService!: CloudAuthService;\n private autoBackups: Map<string, AutoBackupEntry> = new Map();\n private readonly maxSnapshots = DEFAULT_CLOUD_CONFIG.backup.maxSnapshots;\n private readonly backupIntervalMs = DEFAULT_CLOUD_CONFIG.backup.autoBackupIntervalMs;\n\n static async start(runtime: IAgentRuntime): Promise<Service> {\n const service = new CloudBackupService(runtime);\n await service.initialize();\n return service;\n }\n\n async stop(): Promise<void> {\n for (const [, entry] of this.autoBackups) {\n clearInterval(entry.timer);\n }\n this.autoBackups.clear();\n logger.info(\"[CloudBackup] Service stopped\");\n }\n\n private async initialize(): Promise<void> {\n const auth = this.runtime.getService(\"CLOUD_AUTH\");\n if (!auth) {\n logger.debug(\"[CloudBackup] CloudAuthService not available\");\n return;\n }\n this.authService = auth as CloudAuthService;\n logger.info(\"[CloudBackup] Service initialized\");\n }\n\n // ─── Snapshot CRUD ─────────────────────────────────────────────────────\n\n async createSnapshot(\n containerId: string,\n snapshotType: SnapshotType = \"manual\",\n metadata?: Record<string, unknown>\n ): Promise<AgentSnapshot> {\n const client = this.authService.getClient();\n const response = await client.post<CreateSnapshotResponse>(\n `/agent-state/${containerId}/snapshot`,\n { snapshotType, metadata }\n );\n\n logger.info(\n `[CloudBackup] Created ${snapshotType} snapshot for container ${containerId} (id=${response.data.id}, size=${formatBytes(response.data.sizeBytes)})`\n );\n\n // Update last backup timestamp for auto-backup tracking\n const autoEntry = this.autoBackups.get(containerId);\n if (autoEntry) {\n autoEntry.lastBackupAt = Date.now();\n }\n\n return response.data;\n }\n\n async listSnapshots(containerId: string): Promise<AgentSnapshot[]> {\n const client = this.authService.getClient();\n const response = await client.get<SnapshotListResponse>(\n `/agent-state/${containerId}/snapshots`\n );\n return response.data;\n }\n\n async restoreSnapshot(containerId: string, snapshotId: string): Promise<void> {\n const client = this.authService.getClient();\n\n await client.post<RestoreSnapshotResponse>(`/agent-state/${containerId}/restore`, {\n snapshotId,\n });\n\n logger.info(`[CloudBackup] Restored snapshot ${snapshotId} for container ${containerId}`);\n }\n\n async getLatestSnapshot(containerId: string): Promise<AgentSnapshot | null> {\n const snapshots = await this.listSnapshots(containerId);\n if (snapshots.length === 0) return null;\n\n // Sort by created_at descending and return the most recent\n snapshots.sort((a, b) => new Date(b.created_at).getTime() - new Date(a.created_at).getTime());\n return snapshots[0];\n }\n\n // ─── Auto-Backup Scheduling ────────────────────────────────────────────\n\n scheduleAutoBackup(containerId: string, intervalMs?: number): void {\n // Don't double-schedule\n if (this.autoBackups.has(containerId)) {\n logger.debug(`[CloudBackup] Auto-backup already scheduled for ${containerId}`);\n return;\n }\n\n const interval = intervalMs ?? this.backupIntervalMs;\n\n const timer = setInterval(() => {\n logger.debug(`[CloudBackup] Running auto-backup for container ${containerId}`);\n this.createSnapshot(containerId, \"auto\", {\n trigger: \"scheduled\",\n scheduledIntervalMs: interval,\n })\n .then(() => this.pruneSnapshots(containerId))\n .catch((err: Error) => {\n logger.error(`[CloudBackup] Auto-backup failed for ${containerId}: ${err.message}`);\n });\n }, interval);\n\n this.autoBackups.set(containerId, {\n containerId,\n timer,\n lastBackupAt: null,\n });\n\n logger.info(\n `[CloudBackup] Scheduled auto-backup for ${containerId} every ${Math.round(interval / 60_000)} minutes`\n );\n }\n\n cancelAutoBackup(containerId: string): void {\n const entry = this.autoBackups.get(containerId);\n if (!entry) return;\n\n clearInterval(entry.timer);\n this.autoBackups.delete(containerId);\n logger.info(`[CloudBackup] Cancelled auto-backup for ${containerId}`);\n }\n\n /**\n * Create a pre-eviction snapshot. Called when the billing system sends\n * a low-credit warning before shutting down the container.\n */\n async createPreEvictionSnapshot(containerId: string): Promise<AgentSnapshot> {\n logger.info(`[CloudBackup] Creating pre-eviction snapshot for ${containerId}`);\n return this.createSnapshot(containerId, \"pre-eviction\", {\n trigger: \"billing-eviction\",\n createdAt: new Date().toISOString(),\n });\n }\n\n // ─── Snapshot Pruning ──────────────────────────────────────────────────\n\n /**\n * Remove the oldest auto snapshots beyond maxSnapshots limit.\n * Manual and pre-eviction snapshots are never pruned.\n */\n private async pruneSnapshots(containerId: string): Promise<void> {\n const snapshots = await this.listSnapshots(containerId);\n\n const autoSnapshots = snapshots\n .filter((s) => s.snapshotType === \"auto\")\n .sort((a, b) => new Date(b.created_at).getTime() - new Date(a.created_at).getTime());\n\n const excess = autoSnapshots.slice(this.maxSnapshots);\n if (excess.length === 0) return;\n\n const client = this.authService.getClient();\n for (const snapshot of excess) {\n await client.delete(`/agent-state/${containerId}/snapshots/${snapshot.id}`);\n logger.debug(`[CloudBackup] Pruned old auto snapshot ${snapshot.id} for ${containerId}`);\n }\n\n logger.info(`[CloudBackup] Pruned ${excess.length} old auto snapshot(s) for ${containerId}`);\n }\n\n // ─── Accessors ─────────────────────────────────────────────────────────\n\n isAutoBackupScheduled(containerId: string): boolean {\n return this.autoBackups.has(containerId);\n }\n\n getLastBackupTime(containerId: string): number | null {\n return this.autoBackups.get(containerId)?.lastBackupAt ?? null;\n }\n}\n\nfunction formatBytes(bytes: number): string {\n if (bytes < 1024) return `${bytes} B`;\n if (bytes < 1024 * 1024) return `${(bytes / 1024).toFixed(1)} KB`;\n if (bytes < 1024 * 1024 * 1024) return `${(bytes / (1024 * 1024)).toFixed(1)} MB`;\n return `${(bytes / (1024 * 1024 * 1024)).toFixed(1)} GB`;\n}\n"
7
+ ],
8
+ "mappings": ";;;;;;;;;;;;;;;;;;;AAsXA;AAAA;AAAA;AAAA;AA1BO,IAAM,uBAA0C;AAAA,EACrD,SAAS;AAAA,EACT,SAAS;AAAA,EACT,eAAe;AAAA,EACf,eAAe;AAAA,EACf,QAAQ;AAAA,IACN,qBAAqB;AAAA,IACrB,sBAAsB;AAAA,IACtB,qBAAqB;AAAA,EACvB;AAAA,EACA,QAAQ;AAAA,IACN,sBAAsB;AAAA,IACtB,cAAc;AAAA,EAChB;AAAA,EACA,WAAW;AAAA,IACT,cAAc;AAAA,IACd,qBAAqB;AAAA,IACrB,YAAY;AAAA,IACZ,eAAe;AAAA,IACf,aAAa;AAAA,EACf;AACF;;;ACzWA;AAiBO,MAAM,2BAA2B,QAAQ;AAAA,SACvC,cAAc;AAAA,EACrB,wBAAwB;AAAA,EAEhB;AAAA,EACA,cAA4C,IAAI;AAAA,EACvC,eAAe,qBAAqB,OAAO;AAAA,EAC3C,mBAAmB,qBAAqB,OAAO;AAAA,cAEnD,MAAK,CAAC,SAA0C;AAAA,IAC3D,MAAM,UAAU,IAAI,mBAAmB,OAAO;AAAA,IAC9C,MAAM,QAAQ,WAAW;AAAA,IACzB,OAAO;AAAA;AAAA,OAGH,KAAI,GAAkB;AAAA,IAC1B,cAAc,UAAU,KAAK,aAAa;AAAA,MACxC,cAAc,MAAM,KAAK;AAAA,IAC3B;AAAA,IACA,KAAK,YAAY,MAAM;AAAA,IACvB,OAAO,KAAK,+BAA+B;AAAA;AAAA,OAG/B,WAAU,GAAkB;AAAA,IACxC,MAAM,OAAO,KAAK,QAAQ,WAAW,YAAY;AAAA,IACjD,IAAI,CAAC,MAAM;AAAA,MACT,OAAO,MAAM,8CAA8C;AAAA,MAC3D;AAAA,IACF;AAAA,IACA,KAAK,cAAc;AAAA,IACnB,OAAO,KAAK,mCAAmC;AAAA;AAAA,OAK3C,eAAc,CAClB,aACA,eAA6B,UAC7B,UACwB;AAAA,IACxB,MAAM,SAAS,KAAK,YAAY,UAAU;AAAA,IAC1C,MAAM,WAAW,MAAM,OAAO,KAC5B,gBAAgB,wBAChB,EAAE,cAAc,SAAS,CAC3B;AAAA,IAEA,OAAO,KACL,yBAAyB,uCAAuC,mBAAmB,SAAS,KAAK,YAAY,YAAY,SAAS,KAAK,SAAS,IAClJ;AAAA,IAGA,MAAM,YAAY,KAAK,YAAY,IAAI,WAAW;AAAA,IAClD,IAAI,WAAW;AAAA,MACb,UAAU,eAAe,KAAK,IAAI;AAAA,IACpC;AAAA,IAEA,OAAO,SAAS;AAAA;AAAA,OAGZ,cAAa,CAAC,aAA+C;AAAA,IACjE,MAAM,SAAS,KAAK,YAAY,UAAU;AAAA,IAC1C,MAAM,WAAW,MAAM,OAAO,IAC5B,gBAAgB,uBAClB;AAAA,IACA,OAAO,SAAS;AAAA;AAAA,OAGZ,gBAAe,CAAC,aAAqB,YAAmC;AAAA,IAC5E,MAAM,SAAS,KAAK,YAAY,UAAU;AAAA,IAE1C,MAAM,OAAO,KAA8B,gBAAgB,uBAAuB;AAAA,MAChF;AAAA,IACF,CAAC;AAAA,IAED,OAAO,KAAK,mCAAmC,4BAA4B,aAAa;AAAA;AAAA,OAGpF,kBAAiB,CAAC,aAAoD;AAAA,IAC1E,MAAM,YAAY,MAAM,KAAK,cAAc,WAAW;AAAA,IACtD,IAAI,UAAU,WAAW;AAAA,MAAG,OAAO;AAAA,IAGnC,UAAU,KAAK,CAAC,GAAG,MAAM,IAAI,KAAK,EAAE,UAAU,EAAE,QAAQ,IAAI,IAAI,KAAK,EAAE,UAAU,EAAE,QAAQ,CAAC;AAAA,IAC5F,OAAO,UAAU;AAAA;AAAA,EAKnB,kBAAkB,CAAC,aAAqB,YAA2B;AAAA,IAEjE,IAAI,KAAK,YAAY,IAAI,WAAW,GAAG;AAAA,MACrC,OAAO,MAAM,mDAAmD,aAAa;AAAA,MAC7E;AAAA,IACF;AAAA,IAEA,MAAM,WAAW,cAAc,KAAK;AAAA,IAEpC,MAAM,QAAQ,YAAY,MAAM;AAAA,MAC9B,OAAO,MAAM,mDAAmD,aAAa;AAAA,MAC7E,KAAK,eAAe,aAAa,QAAQ;AAAA,QACvC,SAAS;AAAA,QACT,qBAAqB;AAAA,MACvB,CAAC,EACE,KAAK,MAAM,KAAK,eAAe,WAAW,CAAC,EAC3C,MAAM,CAAC,QAAe;AAAA,QACrB,OAAO,MAAM,wCAAwC,gBAAgB,IAAI,SAAS;AAAA,OACnF;AAAA,OACF,QAAQ;AAAA,IAEX,KAAK,YAAY,IAAI,aAAa;AAAA,MAChC;AAAA,MACA;AAAA,MACA,cAAc;AAAA,IAChB,CAAC;AAAA,IAED,OAAO,KACL,2CAA2C,qBAAqB,KAAK,MAAM,WAAW,KAAM,WAC9F;AAAA;AAAA,EAGF,gBAAgB,CAAC,aAA2B;AAAA,IAC1C,MAAM,QAAQ,KAAK,YAAY,IAAI,WAAW;AAAA,IAC9C,IAAI,CAAC;AAAA,MAAO;AAAA,IAEZ,cAAc,MAAM,KAAK;AAAA,IACzB,KAAK,YAAY,OAAO,WAAW;AAAA,IACnC,OAAO,KAAK,2CAA2C,aAAa;AAAA;AAAA,OAOhE,0BAAyB,CAAC,aAA6C;AAAA,IAC3E,OAAO,KAAK,oDAAoD,aAAa;AAAA,IAC7E,OAAO,KAAK,eAAe,aAAa,gBAAgB;AAAA,MACtD,SAAS;AAAA,MACT,WAAW,IAAI,KAAK,EAAE,YAAY;AAAA,IACpC,CAAC;AAAA;AAAA,OASW,eAAc,CAAC,aAAoC;AAAA,IAC/D,MAAM,YAAY,MAAM,KAAK,cAAc,WAAW;AAAA,IAEtD,MAAM,gBAAgB,UACnB,OAAO,CAAC,MAAM,EAAE,iBAAiB,MAAM,EACvC,KAAK,CAAC,GAAG,MAAM,IAAI,KAAK,EAAE,UAAU,EAAE,QAAQ,IAAI,IAAI,KAAK,EAAE,UAAU,EAAE,QAAQ,CAAC;AAAA,IAErF,MAAM,SAAS,cAAc,MAAM,KAAK,YAAY;AAAA,IACpD,IAAI,OAAO,WAAW;AAAA,MAAG;AAAA,IAEzB,MAAM,SAAS,KAAK,YAAY,UAAU;AAAA,IAC1C,WAAW,YAAY,QAAQ;AAAA,MAC7B,MAAM,OAAO,OAAO,gBAAgB,yBAAyB,SAAS,IAAI;AAAA,MAC1E,OAAO,MAAM,0CAA0C,SAAS,UAAU,aAAa;AAAA,IACzF;AAAA,IAEA,OAAO,KAAK,wBAAwB,OAAO,mCAAmC,aAAa;AAAA;AAAA,EAK7F,qBAAqB,CAAC,aAA8B;AAAA,IAClD,OAAO,KAAK,YAAY,IAAI,WAAW;AAAA;AAAA,EAGzC,iBAAiB,CAAC,aAAoC;AAAA,IACpD,OAAO,KAAK,YAAY,IAAI,WAAW,GAAG,gBAAgB;AAAA;AAE9D;AAEA,SAAS,WAAW,CAAC,OAAuB;AAAA,EAC1C,IAAI,QAAQ;AAAA,IAAM,OAAO,GAAG;AAAA,EAC5B,IAAI,QAAQ,OAAO;AAAA,IAAM,OAAO,IAAI,QAAQ,MAAM,QAAQ,CAAC;AAAA,EAC3D,IAAI,QAAQ,OAAO,OAAO;AAAA,IAAM,OAAO,IAAI,SAAS,OAAO,OAAO,QAAQ,CAAC;AAAA,EAC3E,OAAO,IAAI,SAAS,OAAO,OAAO,OAAO,QAAQ,CAAC;AAAA;",
9
+ "debugId": "3A3130D224AC9DB064756E2164756E21",
10
+ "names": []
11
+ }
package/dist/services/cloud-bootstrap.d.ts ADDED
@@ -0,0 +1,38 @@
1
+ /**
2
+ * CloudBootstrapService — service-port that exposes Eliza Cloud bootstrap
3
+ * verification endpoints to `app-core` via the runtime service registry.
4
+ *
5
+ * The actual JWKS fetch / cache and bootstrap-token verify path lives in
6
+ * `app-core` (`services/cloud-jwks-store.ts` and `api/auth/bootstrap-token.ts`).
7
+ * This service intentionally has a minimal surface: it answers questions
8
+ * about the cloud trust anchor (issuer, JWKS URL, revocation list URL,
9
+ * expected container id) so that `app-core` does not need to import
10
+ * directly from `@elizaos/plugin-elizacloud`.
11
+ *
12
+ * Hard rule (per remote-auth-hardening-plan §3.2): no fail-open. If the
13
+ * cloud issuer is not configured, `getExpectedIssuer()` throws and the
14
+ * consumer must reject the bootstrap exchange — the runtime never silently
15
+ * trusts a default URL.
16
+ */
17
+ import { type IAgentRuntime, Service } from "@elizaos/core";
18
+ export interface CloudBootstrapService {
19
+ /** Returns `${ELIZA_CLOUD_ISSUER}/.well-known/jwks.json`. */
20
+ getJwksUrl(): string;
21
+ /** Returns `${ELIZA_CLOUD_ISSUER}/.well-known/revocations.json`. */
22
+ getRevocationListUrl(): string;
23
+ /** Returns the configured `ELIZA_CLOUD_ISSUER`. Throws when unset. */
24
+ getExpectedIssuer(): string;
25
+ /** Returns the configured `ELIZA_CLOUD_CONTAINER_ID`, or `null` when unset. */
26
+ getExpectedContainerId(): string | null;
27
+ }
28
+ export declare class CloudBootstrapServiceImpl extends Service implements CloudBootstrapService {
29
+ static serviceType: string;
30
+ capabilityDescription: string;
31
+ static start(runtime: IAgentRuntime): Promise<Service>;
32
+ stop(): Promise<void>;
33
+ getExpectedIssuer(): string;
34
+ getJwksUrl(): string;
35
+ getRevocationListUrl(): string;
36
+ getExpectedContainerId(): string | null;
37
+ }
38
+ //# sourceMappingURL=cloud-bootstrap.d.ts.map
package/dist/services/cloud-bootstrap.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cloud-bootstrap.d.ts","sourceRoot":"","sources":["../../src/services/cloud-bootstrap.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,KAAK,aAAa,EAA+B,OAAO,EAAE,MAAM,eAAe,CAAC;AAEzF,MAAM,WAAW,qBAAqB;IACpC,6DAA6D;IAC7D,UAAU,IAAI,MAAM,CAAC;IACrB,oEAAoE;IACpE,oBAAoB,IAAI,MAAM,CAAC;IAC/B,sEAAsE;IACtE,iBAAiB,IAAI,MAAM,CAAC;IAC5B,+EAA+E;IAC/E,sBAAsB,IAAI,MAAM,GAAG,IAAI,CAAC;CACzC;AA+BD,qBAAa,yBAA0B,SAAQ,OAAQ,YAAW,qBAAqB;IACrF,MAAM,CAAC,WAAW,SAAqB;IACvC,qBAAqB,SAC2G;WAEnH,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAgBtD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAI3B,iBAAiB,IAAI,MAAM;IAU3B,UAAU,IAAI,MAAM;IAIpB,oBAAoB,IAAI,MAAM;IAI9B,sBAAsB,IAAI,MAAM,GAAG,IAAI;CAGxC"}
package/dist/services/cloud-bootstrap.js ADDED
@@ -0,0 +1,84 @@
1
+ import { createRequire } from "node:module";
2
+ var __defProp = Object.defineProperty;
3
+ var __returnValue = (v) => v;
4
+ function __exportSetter(name, newValue) {
5
+ this[name] = __returnValue.bind(null, newValue);
6
+ }
7
+ var __export = (target, all) => {
8
+ for (var name in all)
9
+ __defProp(target, name, {
10
+ get: all[name],
11
+ enumerable: true,
12
+ configurable: true,
13
+ set: __exportSetter.bind(all, name)
14
+ });
15
+ };
16
+ var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
17
+ var __require = /* @__PURE__ */ createRequire(import.meta.url);
18
+
19
+ // src/services/cloud-bootstrap.ts
20
+ import { logger, Service } from "@elizaos/core";
21
+ function readEnv() {
22
+ if (typeof process === "undefined") {
23
+ return {};
24
+ }
25
+ return process.env;
26
+ }
27
+ function readSetting(runtime, key) {
28
+ if (runtime && typeof runtime.getSetting === "function") {
29
+ const value = runtime.getSetting(key);
30
+ if (typeof value === "string" && value.length > 0) {
31
+ return value;
32
+ }
33
+ }
34
+ const fromEnv = readEnv()[key];
35
+ if (typeof fromEnv === "string" && fromEnv.length > 0) {
36
+ return fromEnv;
37
+ }
38
+ return null;
39
+ }
40
+ function trimTrailingSlash(input) {
41
+ let end = input.length;
42
+ while (end > 0 && input.charCodeAt(end - 1) === 47) {
43
+ end -= 1;
44
+ }
45
+ return end === input.length ? input : input.slice(0, end);
46
+ }
47
+
48
+ class CloudBootstrapServiceImpl extends Service {
49
+ static serviceType = "CLOUD_BOOTSTRAP";
50
+ capabilityDescription = "Exposes Eliza Cloud bootstrap-token trust anchor (issuer, JWKS URL, revocation list URL, expected container id) to app-core";
51
+ static async start(runtime) {
52
+ const service = new CloudBootstrapServiceImpl(runtime);
53
+ const issuer = readSetting(runtime, "ELIZA_CLOUD_ISSUER");
54
+ const containerId = readSetting(runtime, "ELIZA_CLOUD_CONTAINER_ID");
55
+ if (issuer) {
56
+ logger.info(`[CloudBootstrap] Trust anchor configured (issuer=${issuer}, containerId=${containerId ?? "<unset>"})`);
57
+ } else {
58
+ logger.debug("[CloudBootstrap] ELIZA_CLOUD_ISSUER unset — bootstrap-token verification will reject until configured");
59
+ }
60
+ return service;
61
+ }
62
+ async stop() {}
63
+ getExpectedIssuer() {
64
+ const issuer = readSetting(this.runtime, "ELIZA_CLOUD_ISSUER");
65
+ if (!issuer) {
66
+ throw new Error("ELIZA_CLOUD_ISSUER is not configured — bootstrap-token verification cannot proceed");
67
+ }
68
+ return trimTrailingSlash(issuer);
69
+ }
70
+ getJwksUrl() {
71
+ return `${this.getExpectedIssuer()}/.well-known/jwks.json`;
72
+ }
73
+ getRevocationListUrl() {
74
+ return `${this.getExpectedIssuer()}/.well-known/revocations.json`;
75
+ }
76
+ getExpectedContainerId() {
77
+ return readSetting(this.runtime, "ELIZA_CLOUD_CONTAINER_ID");
78
+ }
79
+ }
80
+ export {
81
+ CloudBootstrapServiceImpl
82
+ };
83
+
84
+ //# debugId=8AC6CE0E4399D14364756E2164756E21
package/dist/services/cloud-bootstrap.js.map ADDED
@@ -0,0 +1,10 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/services/cloud-bootstrap.ts"],
4
+ "sourcesContent": [
5
+ "/**\n * CloudBootstrapService — service-port that exposes Eliza Cloud bootstrap\n * verification endpoints to `app-core` via the runtime service registry.\n *\n * The actual JWKS fetch / cache and bootstrap-token verify path lives in\n * `app-core` (`services/cloud-jwks-store.ts` and `api/auth/bootstrap-token.ts`).\n * This service intentionally has a minimal surface: it answers questions\n * about the cloud trust anchor (issuer, JWKS URL, revocation list URL,\n * expected container id) so that `app-core` does not need to import\n * directly from `@elizaos/plugin-elizacloud`.\n *\n * Hard rule (per remote-auth-hardening-plan §3.2): no fail-open. If the\n * cloud issuer is not configured, `getExpectedIssuer()` throws and the\n * consumer must reject the bootstrap exchange — the runtime never silently\n * trusts a default URL.\n */\n\nimport { type IAgentRuntime, logger, type ProcessEnvLike, Service } from \"@elizaos/core\";\n\nexport interface CloudBootstrapService {\n /** Returns `${ELIZA_CLOUD_ISSUER}/.well-known/jwks.json`. */\n getJwksUrl(): string;\n /** Returns `${ELIZA_CLOUD_ISSUER}/.well-known/revocations.json`. */\n getRevocationListUrl(): string;\n /** Returns the configured `ELIZA_CLOUD_ISSUER`. Throws when unset. */\n getExpectedIssuer(): string;\n /** Returns the configured `ELIZA_CLOUD_CONTAINER_ID`, or `null` when unset. */\n getExpectedContainerId(): string | null;\n}\n\nfunction readEnv(): ProcessEnvLike {\n if (typeof process === \"undefined\") {\n return {};\n }\n return process.env as ProcessEnvLike;\n}\n\nfunction readSetting(runtime: IAgentRuntime | undefined, key: string): string | null {\n if (runtime && typeof runtime.getSetting === \"function\") {\n const value = runtime.getSetting(key);\n if (typeof value === \"string\" && value.length > 0) {\n return value;\n }\n }\n const fromEnv = readEnv()[key];\n if (typeof fromEnv === \"string\" && fromEnv.length > 0) {\n return fromEnv;\n }\n return null;\n}\n\nfunction trimTrailingSlash(input: string): string {\n let end = input.length;\n while (end > 0 && input.charCodeAt(end - 1) === 0x2f) {\n end -= 1;\n }\n return end === input.length ? input : input.slice(0, end);\n}\n\nexport class CloudBootstrapServiceImpl extends Service implements CloudBootstrapService {\n static serviceType = \"CLOUD_BOOTSTRAP\";\n capabilityDescription =\n \"Exposes Eliza Cloud bootstrap-token trust anchor (issuer, JWKS URL, revocation list URL, expected container id) to app-core\";\n\n static async start(runtime: IAgentRuntime): Promise<Service> {\n const service = new CloudBootstrapServiceImpl(runtime);\n const issuer = readSetting(runtime, \"ELIZA_CLOUD_ISSUER\");\n const containerId = readSetting(runtime, \"ELIZA_CLOUD_CONTAINER_ID\");\n if (issuer) {\n logger.info(\n `[CloudBootstrap] Trust anchor configured (issuer=${issuer}, containerId=${containerId ?? \"<unset>\"})`\n );\n } else {\n logger.debug(\n \"[CloudBootstrap] ELIZA_CLOUD_ISSUER unset — bootstrap-token verification will reject until configured\"\n );\n }\n return service;\n }\n\n async stop(): Promise<void> {\n // No persistent state to tear down.\n }\n\n getExpectedIssuer(): string {\n const issuer = readSetting(this.runtime, \"ELIZA_CLOUD_ISSUER\");\n if (!issuer) {\n throw new Error(\n \"ELIZA_CLOUD_ISSUER is not configured — bootstrap-token verification cannot proceed\"\n );\n }\n return trimTrailingSlash(issuer);\n }\n\n getJwksUrl(): string {\n return `${this.getExpectedIssuer()}/.well-known/jwks.json`;\n }\n\n getRevocationListUrl(): string {\n return `${this.getExpectedIssuer()}/.well-known/revocations.json`;\n }\n\n getExpectedContainerId(): string | null {\n return readSetting(this.runtime, \"ELIZA_CLOUD_CONTAINER_ID\");\n }\n}\n"
6
+ ],
7
+ "mappings": ";;;;;;;;;;;;;;;;;;;AAiBA;AAaA,SAAS,OAAO,GAAmB;AAAA,EACjC,IAAI,OAAO,YAAY,aAAa;AAAA,IAClC,OAAO,CAAC;AAAA,EACV;AAAA,EACA,OAAO,QAAQ;AAAA;AAGjB,SAAS,WAAW,CAAC,SAAoC,KAA4B;AAAA,EACnF,IAAI,WAAW,OAAO,QAAQ,eAAe,YAAY;AAAA,IACvD,MAAM,QAAQ,QAAQ,WAAW,GAAG;AAAA,IACpC,IAAI,OAAO,UAAU,YAAY,MAAM,SAAS,GAAG;AAAA,MACjD,OAAO;AAAA,IACT;AAAA,EACF;AAAA,EACA,MAAM,UAAU,QAAQ,EAAE;AAAA,EAC1B,IAAI,OAAO,YAAY,YAAY,QAAQ,SAAS,GAAG;AAAA,IACrD,OAAO;AAAA,EACT;AAAA,EACA,OAAO;AAAA;AAGT,SAAS,iBAAiB,CAAC,OAAuB;AAAA,EAChD,IAAI,MAAM,MAAM;AAAA,EAChB,OAAO,MAAM,KAAK,MAAM,WAAW,MAAM,CAAC,MAAM,IAAM;AAAA,IACpD,OAAO;AAAA,EACT;AAAA,EACA,OAAO,QAAQ,MAAM,SAAS,QAAQ,MAAM,MAAM,GAAG,GAAG;AAAA;AAAA;AAGnD,MAAM,kCAAkC,QAAyC;AAAA,SAC/E,cAAc;AAAA,EACrB,wBACE;AAAA,cAEW,MAAK,CAAC,SAA0C;AAAA,IAC3D,MAAM,UAAU,IAAI,0BAA0B,OAAO;AAAA,IACrD,MAAM,SAAS,YAAY,SAAS,oBAAoB;AAAA,IACxD,MAAM,cAAc,YAAY,SAAS,0BAA0B;AAAA,IACnE,IAAI,QAAQ;AAAA,MACV,OAAO,KACL,oDAAoD,uBAAuB,eAAe,YAC5F;AAAA,IACF,EAAO;AAAA,MACL,OAAO,MACL,uGACF;AAAA;AAAA,IAEF,OAAO;AAAA;AAAA,OAGH,KAAI,GAAkB;AAAA,EAI5B,iBAAiB,GAAW;AAAA,IAC1B,MAAM,SAAS,YAAY,KAAK,SAAS,oBAAoB;AAAA,IAC7D,IAAI,CAAC,QAAQ;AAAA,MACX,MAAM,IAAI,MACR,oFACF;AAAA,IACF;AAAA,IACA,OAAO,kBAAkB,MAAM;AAAA;AAAA,EAGjC,UAAU,GAAW;AAAA,IACnB,OAAO,GAAG,KAAK,kBAAkB;AAAA;AAAA,EAGnC,oBAAoB,GAAW;AAAA,IAC7B,OAAO,GAAG,KAAK,kBAAkB;AAAA;AAAA,EAGnC,sBAAsB,GAAkB;AAAA,IACtC,OAAO,YAAY,KAAK,SAAS,0BAA0B;AAAA;AAE/D;",
8
+ "debugId": "8AC6CE0E4399D14364756E2164756E21",
9
+ "names": []
10
+ }
package/dist/services/cloud-bridge.d.ts CHANGED
@@ -2,7 +2,7 @@
2
2
  * CloudBridgeService — WebSocket bridge to cloud-hosted agents.
3
3
  *
4
4
  * Establishes a JSON-RPC 2.0 WebSocket connection per container, allowing
5
- * the local milady client to send messages to and receive events from
5
+ * the local eliza client to send messages to and receive events from
6
6
  * cloud-hosted ElizaOS agents. Handles reconnection with exponential
7
7
  * backoff and heartbeat keepalive.
8
8
  */
package/dist/services/cloud-bridge.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cloud-bridge.d.ts","sourceRoot":"","sources":["../../services/cloud-bridge.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,KAAK,aAAa,EAAU,OAAO,EAAE,MAAM,eAAe,CAAC;AAEpE,OAAO,KAAK,EACV,gBAAgB,EAChB,qBAAqB,EAErB,oBAAoB,EACrB,MAAM,gBAAgB,CAAC;AAwBxB,qBAAa,kBAAmB,SAAQ,OAAO;IAC7C,MAAM,CAAC,WAAW,SAAkB;IACpC,qBAAqB,SAAqD;IAE1E,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAA+B;IAC5D,OAAO,CAAC,WAAW,CAA4C;WAElD,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAOb,UAAU;IAYlB,OAAO,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY3C,UAAU,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;YAsBtC,mBAAmB;IAyFjC,OAAO,CAAC,iBAAiB;IA2BzB,OAAO,CAAC,aAAa;IAerB;;OAEG;IACG,WAAW,CACf,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,SAAS,SAAS,GACjB,OAAO,CAAC,OAAO,CAAC;IAyBnB;;OAEG;IACH,gBAAgB,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAe5F;;OAEG;IACG,eAAe,CACnB,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,MAAM,EACZ,MAAM,CAAC,EAAE,MAAM,EACf,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC;IAShE;;OAEG;IACG,cAAc,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAK3E;;OAEG;IACG,iBAAiB,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAM5F,SAAS,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,oBAAoB,GAAG,MAAM,IAAI;IA6BzE,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,qBAAqB;IAI9D,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,gBAAgB,GAAG,IAAI;IAa/D,wBAAwB,IAAI,MAAM,EAAE;CAOrC"}
1
+ {"version":3,"file":"cloud-bridge.d.ts","sourceRoot":"","sources":["../../src/services/cloud-bridge.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,KAAK,aAAa,EAAU,OAAO,EAAE,MAAM,eAAe,CAAC;AAEpE,OAAO,KAAK,EACV,gBAAgB,EAChB,qBAAqB,EAErB,oBAAoB,EACrB,MAAM,gBAAgB,CAAC;AA+BxB,qBAAa,kBAAmB,SAAQ,OAAO;IAC7C,MAAM,CAAC,WAAW,SAAkB;IACpC,qBAAqB,SAAqD;IAE1E,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAA+B;IAC5D,OAAO,CAAC,WAAW,CAA4C;WAElD,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAOb,UAAU;IAYlB,OAAO,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY3C,UAAU,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;YAuBtC,mBAAmB;IA0FjC,OAAO,CAAC,iBAAiB;IA2BzB,OAAO,CAAC,aAAa;IAerB;;OAEG;IACG,WAAW,CACf,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,SAAS,SAAS,GACjB,OAAO,CAAC,OAAO,CAAC;IAyBnB;;OAEG;IACH,gBAAgB,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAe5F;;OAEG;IACG,eAAe,CACnB,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,MAAM,EACZ,MAAM,CAAC,EAAE,MAAM,EACf,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC;IAShE;;OAEG;IACG,cAAc,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAK3E;;OAEG;IACG,iBAAiB,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAM5F,SAAS,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,oBAAoB,GAAG,MAAM,IAAI;IA6BzE,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,qBAAqB;IAI9D,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,gBAAgB,GAAG,IAAI;IAa/D,wBAAwB,IAAI,MAAM,EAAE;CAOrC"}