@elizaos/plugin-elizacloud 2.0.0-beta.1 → 2.0.11-beta.7

package/dist/cloud/index.js

@@ -15,16 +15,1797 @@ var __export = (target, all) => {
 };
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
 var __require = /* @__PURE__ */ createRequire(import.meta.url);
+
+// src/cloud/base-url.ts
+import { normalizeCloudSiteUrl, resolveCloudApiBaseUrl } from "@elizaos/shared";
+var init_base_url = () => {};
+
+// src/cloud/validate-url.ts
+import dns from "node:dns";
+import net from "node:net";
+import { promisify } from "node:util";
+function normalizeHostLike(value) {
+  return value.trim().toLowerCase().replace(/^\[|\]$/g, "");
+}
+function decodeIpv6MappedHex(mapped) {
+  const parts = mapped.split(":");
+  if (parts.length < 1 || parts.length > 2)
+    return null;
+  const parsed = parts.map((part) => {
+    if (!/^[0-9a-f]{1,4}$/i.test(part))
+      return Number.NaN;
+    return Number.parseInt(part, 16);
+  });
+  if (parsed.some((value) => !Number.isFinite(value)))
+    return null;
+  const [hi, lo] = parsed.length === 1 ? [0, parsed[0]] : parsed;
+  const octets = [hi >> 8, hi & 255, lo >> 8, lo & 255];
+  return octets.join(".");
+}
+function canonicalizeIpv6(ip) {
+  try {
+    return new URL(`http://[${ip}]/`).hostname.replace(/^\[|\]$/g, "");
+  } catch {
+    return null;
+  }
+}
+function normalizeIpForPolicy(ip) {
+  const base = normalizeHostLike(ip).split("%")[0];
+  if (!base)
+    return base;
+  let normalized = base;
+  if (net.isIP(normalized) === 6) {
+    normalized = canonicalizeIpv6(normalized) ?? normalized;
+  }
+  let mapped = null;
+  if (normalized.startsWith("::ffff:")) {
+    mapped = normalized.slice("::ffff:".length);
+  } else if (normalized.startsWith("0:0:0:0:0:ffff:")) {
+    mapped = normalized.slice("0:0:0:0:0:ffff:".length);
+  }
+  if (!mapped)
+    return normalized;
+  if (net.isIP(mapped) === 4)
+    return mapped;
+  return decodeIpv6MappedHex(mapped) ?? normalized;
+}
+function cidrV4(base, prefix) {
+  const parsed = parseIpv4ToInt(base);
+  if (parsed === null) {
+    throw new Error(`Invalid CIDR base IPv4 address: ${base}`);
+  }
+  const shift = 32 - prefix;
+  const mask = shift === 32 ? 0 : 4294967295 << shift >>> 0;
+  return { base: parsed & mask, mask };
+}
+function parseIpv4ToInt(ip) {
+  const parts = ip.split(".");
+  if (parts.length !== 4)
+    return null;
+  let value = 0;
+  for (const part of parts) {
+    if (!/^\d{1,3}$/.test(part))
+      return null;
+    const octet = Number.parseInt(part, 10);
+    if (!Number.isInteger(octet) || octet < 0 || octet > 255)
+      return null;
+    value = value << 8 | octet;
+  }
+  return value >>> 0;
+}
+function isBlockedIpv4(ip) {
+  const asInt = parseIpv4ToInt(ip);
+  if (asInt === null)
+    return true;
+  return BLOCKED_IPV4_CIDRS.some((cidr) => (asInt & cidr.mask) === cidr.base);
+}
+function isBlockedIpv6(ip) {
+  const normalized = ip.toLowerCase();
+  return normalized === "::" || normalized === "::1" || /^fe[89ab][0-9a-f]:/.test(normalized) || /^f[cd][0-9a-f]{2}:/i.test(normalized) || normalized.startsWith("ff");
+}
+function isBlockedIp(ip) {
+  const normalized = normalizeIpForPolicy(ip);
+  const family = net.isIP(normalized);
+  if (family === 4)
+    return isBlockedIpv4(normalized);
+  if (family === 6)
+    return isBlockedIpv6(normalized);
+  return false;
+}
+async function validateCloudBaseUrl(rawUrl) {
+  let parsed;
+  try {
+    parsed = new URL(rawUrl);
+  } catch {
+    return `Invalid cloud base URL: "${rawUrl}"`;
+  }
+  if (parsed.protocol !== "https:") {
+    return `Cloud base URL must use HTTPS, got "${parsed.protocol}" in "${rawUrl}"`;
+  }
+  const hostname = normalizeHostLike(parsed.hostname);
+  if (!hostname) {
+    return `Invalid cloud base URL: "${rawUrl}"`;
+  }
+  if (hostname === "localhost" || hostname.endsWith(".localhost") || hostname.endsWith(".local")) {
+    return `Cloud base URL "${rawUrl}" points to a blocked local hostname.`;
+  }
+  const elizaDev = process.env.ELIZA_DEV?.trim().toLowerCase();
+  if (true) {
+    return null;
+  }
+  if (isBlockedIp(hostname)) {
+    return `Cloud base URL "${rawUrl}" points to a blocked address.`;
+  }
+  try {
+    const results = await dnsLookupAll(hostname, { all: true });
+    const addresses = Array.isArray(results) ? results : [results];
+    for (const entry of addresses) {
+      const ip = typeof entry === "string" ? entry : entry.address;
+      if (isBlockedIp(ip)) {
+        return `Cloud base URL "${rawUrl}" resolves to ${ip}, ` + "which is a blocked internal/metadata address.";
+      }
+    }
+  } catch {
+    return `Cloud base URL "${rawUrl}" could not be resolved via DNS.`;
+  }
+  return null;
+}
+var dnsLookupAll, BLOCKED_IPV4_CIDRS;
+var init_validate_url = __esm(() => {
+  dnsLookupAll = promisify(dns.lookup);
+  BLOCKED_IPV4_CIDRS = [
+    cidrV4("0.0.0.0", 8),
+    cidrV4("10.0.0.0", 8),
+    cidrV4("172.16.0.0", 12),
+    cidrV4("192.168.0.0", 16),
+    cidrV4("100.64.0.0", 10),
+    cidrV4("127.0.0.0", 8),
+    cidrV4("169.254.0.0", 16),
+    cidrV4("192.0.0.0", 24),
+    cidrV4("198.18.0.0", 15),
+    cidrV4("192.0.2.0", 24),
+    cidrV4("198.51.100.0", 24),
+    cidrV4("203.0.113.0", 24),
+    cidrV4("224.0.0.0", 4),
+    cidrV4("240.0.0.0", 4)
+  ];
+});
+
+// src/cloud/auth-service-types.ts
+function isCloudAuthApiKeyService(value) {
+  return value !== null && value !== undefined && typeof value.isAuthenticated === "function";
+}
+function normalizeCloudApiKey(value) {
+  if (typeof value !== "string")
+    return null;
+  const trimmed = value.trim();
+  if (!trimmed || trimmed.toUpperCase() === "[REDACTED]")
+    return null;
+  return trimmed;
+}
+
+// src/cloud/auth.ts
+init_base_url();
+init_validate_url();
+import crypto2 from "node:crypto";
+import { logger } from "@elizaos/core";
+var DEFAULT_CLOUD_REQUEST_TIMEOUT_MS = 1e4;
+function isRedirectResponse(response) {
+  return response.status >= 300 && response.status < 400;
+}
+function isTimeoutError(err) {
+  if (!(err instanceof Error))
+    return false;
+  if (err.name === "TimeoutError" || err.name === "AbortError")
+    return true;
+  const msg = err.message.toLowerCase();
+  return msg.includes("timed out") || msg.includes("timeout");
+}
+async function fetchWithTimeout(input, init, timeoutMs) {
+  return fetch(input, {
+    ...init,
+    redirect: "manual",
+    signal: AbortSignal.timeout(timeoutMs)
+  });
+}
+async function cloudLogin(options = {}) {
+  const baseUrl = normalizeCloudSiteUrl(options.baseUrl);
+  const urlError = await validateCloudBaseUrl(baseUrl);
+  if (urlError) {
+    throw new Error(urlError);
+  }
+  const timeoutMs = options.timeoutMs ?? 300000;
+  const requestTimeoutMs = options.requestTimeoutMs ?? DEFAULT_CLOUD_REQUEST_TIMEOUT_MS;
+  const pollIntervalMs = options.pollIntervalMs ?? 2000;
+  const sessionId = crypto2.randomUUID();
+  logger.info("[cloud-auth] Creating auth session...");
+  let createResponse;
+  try {
+    createResponse = await fetchWithTimeout(`${baseUrl}/api/auth/cli-session`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ sessionId })
+    }, requestTimeoutMs);
+  } catch (err) {
+    if (isTimeoutError(err)) {
+      throw new Error(`Cloud login request timed out while creating session (>${requestTimeoutMs}ms).`);
+    }
+    throw new Error(`Failed to create auth session: ${String(err)}`);
+  }
+  if (!createResponse.ok) {
+    if (isRedirectResponse(createResponse)) {
+      throw new Error("Cloud login request was redirected; redirects are not allowed.");
+    }
+    const errorText = await createResponse.text();
+    throw new Error(`Failed to create auth session (HTTP ${createResponse.status}): ${errorText}`);
+  }
+  const browserUrl = `${baseUrl}/auth/cli-login?session=${encodeURIComponent(sessionId)}`;
+  logger.info(`[cloud-auth] Browser URL: ${browserUrl}`);
+  options.onBrowserUrl?.(browserUrl);
+  const deadline = Date.now() + timeoutMs;
+  while (Date.now() < deadline) {
+    const remainingBeforeSleep = deadline - Date.now();
+    if (remainingBeforeSleep <= 0)
+      break;
+    await new Promise((resolve) => setTimeout(resolve, Math.min(pollIntervalMs, remainingBeforeSleep)));
+    const remaining = deadline - Date.now();
+    if (remaining <= 0)
+      break;
+    let pollResponse;
+    try {
+      pollResponse = await fetchWithTimeout(`${baseUrl}/api/auth/cli-session/${encodeURIComponent(sessionId)}`, {}, Math.min(requestTimeoutMs, remaining));
+    } catch (err) {
+      if (isTimeoutError(err)) {
+        if (remaining <= requestTimeoutMs) {
+          break;
+        }
+        throw new Error(`Cloud login polling request timed out (>${Math.min(requestTimeoutMs, remaining)}ms).`);
+      }
+      throw new Error(`Cloud login polling failed: ${String(err)}`);
+    }
+    if (!pollResponse.ok) {
+      if (isRedirectResponse(pollResponse)) {
+        throw new Error("Cloud login polling request was redirected; redirects are not allowed.");
+      }
+      if (pollResponse.status === 404) {
+        throw new Error("Auth session expired or not found. Please try again.");
+      }
+      options.onPollStatus?.("error");
+      continue;
+    }
+    const data = await pollResponse.json();
+    options.onPollStatus?.(data.status);
+    if (data.status === "authenticated" && data.apiKey) {
+      logger.info("[cloud-auth] Authentication complete");
+      return {
+        apiKey: data.apiKey,
+        keyPrefix: data.keyPrefix ?? "",
+        expiresAt: data.expiresAt ?? null
+      };
+    }
+    if (data.status === "authenticated" && !data.apiKey) {
+      throw new Error("Auth session was completed but the API key was already retrieved. Please try logging in again.");
+    }
+  }
+  throw new Error(`Cloud login timed out. The browser login was not completed within ${Math.round(timeoutMs / 1000)} seconds.`);
+}
+
+// src/cloud/bridge-client.ts
+init_base_url();
+
+class CloudBridgeError extends Error {
+  status;
+  body;
+  constructor(message, status, body) {
+    super(message);
+    this.status = status;
+    this.body = body;
+    this.name = "CloudBridgeError";
+  }
+}
+
+class SignatureInvalidError extends CloudBridgeError {
+  constructor(message, body) {
+    super(message, 401, body);
+    this.name = "SignatureInvalidError";
+  }
+}
+
+class NonceReplayError extends CloudBridgeError {
+  constructor(message, body) {
+    super(message, 409, body);
+    this.name = "NonceReplayError";
+  }
+}
+
+class SessionExpiredError extends CloudBridgeError {
+  constructor(message, body) {
+    super(message, 410, body);
+    this.name = "SessionExpiredError";
+  }
+}
+
+class CloudUnavailableError extends CloudBridgeError {
+  constructor(message, status, body) {
+    super(message, status, body);
+    this.name = "CloudUnavailableError";
+  }
+}
+function formatApiErrorBody(text) {
+  if (!text)
+    return null;
+  try {
+    const parsed = JSON.parse(text);
+    const baseError = typeof parsed.error === "string" && parsed.error.trim().length > 0 ? parsed.error.trim() : null;
+    const details = Array.isArray(parsed.details) ? parsed.details.map((detail) => typeof detail?.message === "string" ? detail.message.trim() : "").filter((message) => message.length > 0) : [];
+    if (baseError && details.length > 0) {
+      return `${baseError}: ${details.join("; ")}`;
+    }
+    if (baseError)
+      return baseError;
+  } catch {}
+  return text.slice(0, 200) || null;
+}
+function isRedirectResponse2(response) {
+  return response.status >= 300 && response.status < 400;
+}
+function normalizeChainAddress(addresses, chain) {
+  const value = addresses?.[chain];
+  if (typeof value !== "string")
+    return null;
+  const trimmed = value.trim();
+  return trimmed.length > 0 ? trimmed : null;
+}
+function looksLikeChainAddress(address, chain) {
+  if (chain === "evm") {
+    return /^0x[a-fA-F0-9]{40}$/.test(address);
+  }
+  return /^[1-9A-HJ-NP-Za-km-z]{32,44}$/.test(address);
+}
+function resolveRequestedWalletAddress(data, chain) {
+  const explicit = normalizeChainAddress(data.walletAddresses, chain);
+  if (explicit)
+    return explicit;
+  if (typeof data.walletAddress !== "string")
+    return null;
+  const trimmed = data.walletAddress.trim();
+  if (!trimmed)
+    return null;
+  return looksLikeChainAddress(trimmed, chain) ? trimmed : null;
+}
+
+class ElizaCloudClient {
+  baseUrl;
+  apiKey;
+  constructor(baseUrl, apiKey) {
+    this.baseUrl = normalizeCloudSiteUrl(baseUrl);
+    this.apiKey = apiKey;
+  }
+  async listAgents() {
+    const res = await this.request("GET", "/api/v1/eliza/agents");
+    return res.data ?? [];
+  }
+  async createAgent(params) {
+    const res = await this.request("POST", "/api/v1/eliza/agents", params);
+    if (!res.success || !res.data)
+      throw new Error(res.error ?? "Failed to create cloud agent");
+    return res.data;
+  }
+  async getAgent(agentId) {
+    const res = await this.request("GET", `/api/v1/eliza/agents/${agentId}`);
+    if (!res.success || !res.data)
+      throw new Error(res.error ?? "Agent not found");
+    return res.data;
+  }
+  async deleteAgent(agentId) {
+    const res = await this.request("DELETE", `/api/v1/eliza/agents/${agentId}`);
+    if (!res.success)
+      throw new Error(res.error ?? "Failed to delete agent");
+  }
+  async provision(agentId) {
+    const res = await this.request("POST", `/api/v1/eliza/agents/${agentId}/provision`);
+    if (!res.success || !res.data)
+      throw new Error(res.error ?? "Failed to provision sandbox");
+    return res.data;
+  }
+  async sendMessage(agentId, text, roomId = "web-chat", channelType = "DM") {
+    const url = `${this.baseUrl}/api/v1/eliza/agents/${agentId}/bridge`;
+    const response = await fetch(url, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "X-Api-Key": this.apiKey },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        id: crypto.randomUUID(),
+        method: "message.send",
+        params: { text, roomId, channelType }
+      }),
+      redirect: "manual",
+      signal: AbortSignal.timeout(60000)
+    });
+    if (isRedirectResponse2(response)) {
+      throw new Error("Bridge request was redirected; redirects are not allowed");
+    }
+    if (!response.ok) {
+      const errorText = await response.text().catch(() => "");
+      throw new Error(`Bridge request failed: HTTP ${response.status} ${errorText.slice(0, 200)}`);
+    }
+    const rpc = await response.json();
+    if (rpc.error)
+      throw new Error(rpc.error.message);
+    return rpc.result?.text ?? "(no response)";
+  }
+  async* sendMessageStream(agentId, text, roomId = "web-chat", channelType = "DM") {
+    const url = `${this.baseUrl}/api/v1/eliza/agents/${agentId}/stream`;
+    const response = await fetch(url, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "X-Api-Key": this.apiKey },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        id: crypto.randomUUID(),
+        method: "message.send",
+        params: { text, roomId, channelType }
+      }),
+      redirect: "manual"
+    });
+    if (isRedirectResponse2(response)) {
+      throw new Error("Stream request was redirected; redirects are not allowed");
+    }
+    if (!response.ok || !response.body) {
+      throw new Error(`Stream request failed: HTTP ${response.status}`);
+    }
+    const reader = response.body.getReader();
+    const decoder = new TextDecoder;
+    let buffer = "";
+    for (;; ) {
+      const { done, value } = await reader.read();
+      if (done)
+        break;
+      buffer += decoder.decode(value, { stream: true });
+      const parts = buffer.split(`
+
+`);
+      buffer = parts.pop() ?? "";
+      for (const part of parts) {
+        if (!part.trim())
+          continue;
+        let eventType = "message";
+        let eventData = "";
+        for (const line of part.split(`
+`)) {
+          if (line.startsWith("event: "))
+            eventType = line.slice(7).trim();
+          else if (line.startsWith("data: "))
+            eventData += (eventData ? `
+` : "") + line.slice(6);
+        }
+        if (eventData) {
+          let data;
+          try {
+            data = JSON.parse(eventData);
+          } catch {
+            continue;
+          }
+          yield { type: eventType, data };
+        }
+      }
+    }
+  }
+  async snapshot(agentId) {
+    const res = await this.request("POST", `/api/v1/eliza/agents/${agentId}/snapshot`);
+    if (!res.success || !res.data)
+      throw new Error(res.error ?? "Snapshot failed");
+    return res.data;
+  }
+  async listBackups(agentId) {
+    const res = await this.request("GET", `/api/v1/eliza/agents/${agentId}/backups`);
+    return res.data ?? [];
+  }
+  async restore(agentId, backupId) {
+    const res = await this.request("POST", `/api/v1/eliza/agents/${agentId}/restore`, backupId ? { backupId } : {});
+    if (!res.success)
+      throw new Error(res.error ?? "Restore failed");
+  }
+  async heartbeat(agentId) {
+    const url = `${this.baseUrl}/api/v1/eliza/agents/${agentId}/bridge`;
+    try {
+      const response = await fetch(url, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "X-Api-Key": this.apiKey
+        },
+        body: JSON.stringify({ jsonrpc: "2.0", method: "heartbeat" }),
+        redirect: "manual",
+        signal: AbortSignal.timeout(1e4)
+      });
+      if (isRedirectResponse2(response))
+        return false;
+      return response.ok;
+    } catch {
+      return false;
+    }
+  }
+  async getAgentWallet(agentId, chain) {
+    const res = await this.request("GET", `/api/v1/eliza/agents/${encodeURIComponent(agentId)}/wallet?chain=${encodeURIComponent(chain)}`);
+    if (!res.success || !res.data) {
+      throw new CloudBridgeError(res.error ?? "Failed to fetch agent wallet");
+    }
+    const data = res.data;
+    const walletAddress = resolveRequestedWalletAddress(data, chain);
+    if (!walletAddress || !data.walletProvider) {
+      throw new CloudBridgeError(`Agent has no cloud ${chain} wallet provisioned`);
+    }
+    return {
+      agentWalletId: data.agentId ?? agentId,
+      walletAddress,
+      walletProvider: data.walletProvider,
+      chainType: chain,
+      balance: data.balance ?? undefined
+    };
+  }
+  async provisionWallet(input) {
+    const res = await this.request("POST", "/api/v1/user/wallets/provision", input);
+    if (!res.success || !res.data) {
+      throw new CloudBridgeError(res.error ?? "Failed to provision wallet");
+    }
+    return {
+      walletId: res.data.id,
+      address: res.data.address,
+      chainType: res.data.chainType,
+      provider: res.data.provider ?? "privy"
+    };
+  }
+  async executeRpc(envelope) {
+    const { correlationId, ...body } = envelope;
+    const headers = {
+      "Content-Type": "application/json"
+    };
+    if (correlationId) {
+      headers["X-Correlation-Id"] = correlationId;
+    }
+    let response;
+    try {
+      response = await fetch(`${this.baseUrl}/api/v1/user/wallets/rpc`, {
+        method: "POST",
+        headers,
+        body: JSON.stringify(body),
+        redirect: "manual",
+        signal: AbortSignal.timeout(60000)
+      });
+    } catch (err) {
+      throw new CloudUnavailableError(`Cloud RPC network error: ${err.message}`, 0);
+    }
+    if (isRedirectResponse2(response)) {
+      throw new CloudBridgeError("Cloud RPC request was redirected; redirects are not allowed", response.status);
+    }
+    const text = await response.text().catch(() => "");
+    if (response.ok) {
+      try {
+        const parsed = JSON.parse(text);
+        if (!parsed.success || parsed.data === undefined) {
+          throw new CloudBridgeError(parsed.error ?? "Cloud RPC returned no data", response.status, text);
+        }
+        return parsed.data;
+      } catch (err) {
+        if (err instanceof CloudBridgeError)
+          throw err;
+        throw new CloudBridgeError(`Cloud RPC returned malformed JSON: ${err.message}`, response.status, text);
+      }
+    }
+    let errMessage = `HTTP ${response.status}`;
+    try {
+      const parsed = JSON.parse(text);
+      if (parsed.error)
+        errMessage = parsed.error;
+    } catch {
+      if (text)
+        errMessage = text.slice(0, 200);
+    }
+    if (response.status === 401) {
+      throw new SignatureInvalidError(errMessage, text);
+    }
+    if (response.status === 409) {
+      throw new NonceReplayError(errMessage, text);
+    }
+    if (response.status === 410) {
+      throw new SessionExpiredError(errMessage, text);
+    }
+    if (response.status >= 500) {
+      throw new CloudUnavailableError(errMessage, response.status, text);
+    }
+    throw new CloudBridgeError(errMessage, response.status, text);
+  }
+  async request(method, path, body) {
+    const headers = { "X-Api-Key": this.apiKey };
+    if (body !== undefined)
+      headers["Content-Type"] = "application/json";
+    const response = await fetch(`${this.baseUrl}${path}`, {
+      method,
+      headers,
+      body: body !== undefined ? JSON.stringify(body) : undefined,
+      redirect: "manual",
+      signal: AbortSignal.timeout(30000)
+    });
+    if (isRedirectResponse2(response)) {
+      return {
+        success: false,
+        error: "Cloud API request was redirected; redirects are not allowed"
+      };
+    }
+    if (!response.ok) {
+      const text = await response.text().catch(() => "");
+      return {
+        success: false,
+        error: formatApiErrorBody(text) ?? `HTTP ${response.status}`
+      };
+    }
+    return await response.json();
+  }
+}
+
+// src/cloud/backup.ts
+import { logger as logger2 } from "@elizaos/core";
+
+class BackupScheduler {
+  client;
+  agentId;
+  intervalMs;
+  timer = null;
+  running = false;
+  constructor(client, agentId, intervalMs = 60000) {
+    this.client = client;
+    this.agentId = agentId;
+    this.intervalMs = intervalMs;
+  }
+  start() {
+    if (this.timer)
+      return;
+    this.running = true;
+    this.timer = setInterval(() => {
+      this.client.snapshot(this.agentId).catch((err) => {
+        logger2.warn(`[cloud-backup] Auto-backup failed: ${String(err)}`);
+      });
+    }, this.intervalMs);
+  }
+  stop() {
+    if (this.timer) {
+      clearInterval(this.timer);
+      this.timer = null;
+    }
+    this.running = false;
+  }
+  isRunning() {
+    return this.running;
+  }
+  async finalSnapshot() {
+    await this.client.snapshot(this.agentId).catch((err) => {
+      logger2.warn(`[cloud-backup] Final snapshot failed: ${String(err)}`);
+    });
+  }
+}
+
+// src/cloud/cloud-proxy.ts
+class CloudRuntimeProxy {
+  client;
+  agentId;
+  _agentName;
+  constructor(client, agentId, _agentName) {
+    this.client = client;
+    this.agentId = agentId;
+    this._agentName = _agentName;
+  }
+  get agentName() {
+    return this._agentName;
+  }
+  async handleChatMessage(text, roomId = "web-chat", channelType = "DM") {
+    return this.client.sendMessage(this.agentId, text, roomId, channelType);
+  }
+  async* handleChatMessageStream(text, roomId = "web-chat", channelType = "DM") {
+    for await (const event of this.client.sendMessageStream(this.agentId, text, roomId, channelType)) {
+      if (event.type === "chunk" && typeof event.data.text === "string") {
+        yield event.data.text;
+      }
+    }
+  }
+  async getStatus() {
+    const agent = await this.client.getAgent(this.agentId);
+    return { state: agent.status, agentName: agent.agentName };
+  }
+  async isAlive() {
+    return this.client.heartbeat(this.agentId).catch(() => false);
+  }
+}
+
+// src/cloud/reconnect.ts
+import { logger as logger3 } from "@elizaos/core";
+
+class ConnectionMonitor {
+  client;
+  agentId;
+  callbacks;
+  heartbeatIntervalMs;
+  maxFailures;
+  timer = null;
+  consecutiveFailures = 0;
+  reconnecting = false;
+  constructor(client, agentId, callbacks, heartbeatIntervalMs = 30000, maxFailures = 3) {
+    this.client = client;
+    this.agentId = agentId;
+    this.callbacks = callbacks;
+    this.heartbeatIntervalMs = heartbeatIntervalMs;
+    this.maxFailures = maxFailures;
+  }
+  start() {
+    if (this.timer)
+      return;
+    logger3.info(`[cloud-monitor] Starting connection monitor (interval: ${this.heartbeatIntervalMs}ms, maxFailures: ${this.maxFailures})`);
+    this.consecutiveFailures = 0;
+    this.timer = setInterval(() => {
+      this.tick();
+    }, this.heartbeatIntervalMs);
+  }
+  stop() {
+    if (this.timer) {
+      clearInterval(this.timer);
+      this.timer = null;
+    }
+    this.consecutiveFailures = 0;
+    this.reconnecting = false;
+    logger3.info("[cloud-monitor] Connection monitor stopped");
+  }
+  isMonitoring() {
+    return this.timer !== null;
+  }
+  async tick() {
+    if (this.reconnecting)
+      return;
+    const alive = await this.client.heartbeat(this.agentId).catch(() => false);
+    if (alive) {
+      if (this.consecutiveFailures > 0) {
+        this.consecutiveFailures = 0;
+        this.callbacks.onStatusChange?.("connected");
+      }
+      return;
+    }
+    this.consecutiveFailures++;
+    logger3.warn(`[cloud-monitor] Heartbeat failed (${this.consecutiveFailures}/${this.maxFailures})`);
+    if (this.consecutiveFailures >= this.maxFailures) {
+      this.callbacks.onDisconnect();
+      await this.attemptReconnect();
+    }
+  }
+  async attemptReconnect() {
+    this.reconnecting = true;
+    this.callbacks.onStatusChange?.("reconnecting");
+    let delay = 3000;
+    for (let attempt = 1;attempt <= 10; attempt++) {
+      logger3.info(`[cloud-monitor] Reconnect attempt ${attempt}/10...`);
+      const ok = await this.client.provision(this.agentId).then(() => true).catch(() => false);
+      if (ok) {
+        logger3.info("[cloud-monitor] Reconnection successful");
+        this.consecutiveFailures = 0;
+        this.reconnecting = false;
+        this.callbacks.onStatusChange?.("connected");
+        this.callbacks.onReconnect();
+        return;
+      }
+      await new Promise((r) => setTimeout(r, delay));
+      delay = Math.min(delay * 2, 60000);
+    }
+    logger3.error("[cloud-monitor] Failed to reconnect after 10 attempts");
+    this.reconnecting = false;
+    this.callbacks.onStatusChange?.("disconnected");
+  }
+}
+
+// src/cloud/cloud-manager.ts
+import { logger as logger4 } from "@elizaos/core";
+init_base_url();
+init_validate_url();
+
+class CloudManager {
+  cloudConfig;
+  callbacks;
+  client = null;
+  proxy = null;
+  backupScheduler = null;
+  connectionMonitor = null;
+  status = "disconnected";
+  activeAgentId = null;
+  constructor(cloudConfig, callbacks = {}) {
+    this.cloudConfig = cloudConfig;
+    this.callbacks = callbacks;
+  }
+  async init() {
+    const rawUrl = normalizeCloudSiteUrl(this.cloudConfig.baseUrl);
+    const apiKey = this.cloudConfig.apiKey;
+    if (!apiKey)
+      throw new Error("Cloud API key is not configured. Run cloud login first.");
+    const urlError = await validateCloudBaseUrl(rawUrl);
+    if (urlError) {
+      throw new Error(urlError);
+    }
+    this.client = new ElizaCloudClient(rawUrl, apiKey);
+    logger4.info(`[cloud-manager] Client initialised (baseUrl=${rawUrl})`);
+  }
+  async connect(agentId) {
+    if (!this.client)
+      await this.init();
+    if (!this.client)
+      throw new Error("Cloud client failed to initialise");
+    this.setStatus("connecting");
+    this.activeAgentId = agentId;
+    try {
+      await this.client.provision(agentId);
+      const agent = await this.client.getAgent(agentId);
+      this.proxy = new CloudRuntimeProxy(this.client, agentId, agent.agentName);
+      this.backupScheduler = new BackupScheduler(this.client, agentId, this.cloudConfig.backup?.autoBackupIntervalMs ?? 60000);
+      this.backupScheduler.start();
+      this.connectionMonitor = new ConnectionMonitor(this.client, agentId, {
+        onDisconnect: () => this.setStatus("reconnecting"),
+        onReconnect: () => this.setStatus("connected"),
+        onStatusChange: (s) => {
+          if (s === "connected")
+            this.setStatus("connected");
+          else if (s === "reconnecting")
+            this.setStatus("reconnecting");
+          else
+            this.setStatus("error");
+        }
+      }, this.cloudConfig.bridge?.heartbeatIntervalMs ?? 30000);
+      this.connectionMonitor.start();
+      this.setStatus("connected");
+      logger4.info(`[cloud-manager] Connected to cloud agent (agentId=${agentId}, agentName=${agent.agentName})`);
+      return this.proxy;
+    } catch (err) {
+      this.setStatus("error");
+      if (this.backupScheduler) {
+        this.backupScheduler.stop();
+        this.backupScheduler = null;
+      }
+      if (this.connectionMonitor) {
+        this.connectionMonitor.stop();
+        this.connectionMonitor = null;
+      }
+      this.proxy = null;
+      this.activeAgentId = null;
+      this.setStatus("disconnected");
+      throw err;
+    }
+  }
+  async disconnect() {
+    if (this.backupScheduler) {
+      await this.backupScheduler.finalSnapshot();
+      this.backupScheduler.stop();
+      this.backupScheduler = null;
+    }
+    if (this.connectionMonitor) {
+      this.connectionMonitor.stop();
+      this.connectionMonitor = null;
+    }
+    this.proxy = null;
+    this.activeAgentId = null;
+    this.setStatus("disconnected");
+  }
+  async replaceApiKey(apiKey) {
+    await this.disconnect();
+    this.cloudConfig = {
+      ...this.cloudConfig,
+      apiKey
+    };
+    this.client = null;
+    await this.init();
+  }
+  getProxy() {
+    return this.proxy;
+  }
+  getClient() {
+    return this.client;
+  }
+  getActiveAgentId() {
+    return this.activeAgentId;
+  }
+  getStatus() {
+    return this.status;
+  }
+  isEnabled() {
+    return Boolean(this.cloudConfig.enabled && this.cloudConfig.apiKey);
+  }
+  setStatus(status) {
+    if (this.status === status)
+      return;
+    this.status = status;
+    this.callbacks.onStatusChange?.(status);
+  }
+}
+
+// src/cloud/x402-payment-handler.ts
+import { logger as logger5 } from "@elizaos/core";
+function readString(value) {
+  if (typeof value !== "string")
+    return null;
+  const trimmed = value.trim();
+  return trimmed.length > 0 ? trimmed : null;
+}
+function readAmount(value) {
+  if (typeof value === "string") {
+    const trimmed = value.trim();
+    return trimmed.length > 0 ? trimmed : null;
+  }
+  if (typeof value === "number" && Number.isFinite(value)) {
+    return String(value);
+  }
+  return null;
+}
+function normalizeRequirement(raw) {
+  if (!raw || typeof raw !== "object")
+    return null;
+  const amount = readAmount(raw.amount);
+  const asset = readString(raw.asset);
+  const network = readString(raw.network);
+  const payTo = readString(raw.payTo);
+  if (!amount || !asset || !network || !payTo)
+    return null;
+  const scheme = readString(raw.scheme) ?? "exact";
+  return {
+    amount,
+    asset,
+    network,
+    payTo,
+    scheme,
+    expiresAt: readString(raw.expiresAt),
+    description: readString(raw.description)
+  };
+}
+function parseRequirementsArray(raw) {
+  if (!Array.isArray(raw))
+    return [];
+  const out = [];
+  for (const entry of raw) {
+    const normalized = normalizeRequirement(entry);
+    if (normalized)
+      out.push(normalized);
+  }
+  return out;
+}
+async function parseX402Response(response) {
+  const headerValue = response.headers.get("www-authenticate");
+  if (headerValue?.toLowerCase().startsWith("x402")) {
+    const jsonPart = headerValue.slice(4).trim();
+    if (jsonPart.length > 0) {
+      const parsed = JSON.parse(jsonPart);
+      const requirements2 = Array.isArray(parsed) ? parseRequirementsArray(parsed) : parseRequirementsArray(parsed.paymentRequirements ?? parsed.accepts);
+      if (requirements2.length > 0)
+        return requirements2;
+    }
+  }
+  const cloned = response.clone();
+  const text = await cloned.text();
+  if (text.length === 0)
+    return null;
+  const body = JSON.parse(text);
+  const requirements = parseRequirementsArray(body.paymentRequirements ?? body.accepts);
+  return requirements.length > 0 ? requirements : null;
+}
+
+class PaymentRequiredError extends Error {
+  code = "PAYMENT_REQUIRED";
+  requirements;
+  constructor(requirements, message) {
+    const text = message ?? `Eliza Cloud returned HTTP 402 — your credit balance can't cover this call. ${requirements.length} payment option(s) available.`;
+    super(text);
+    this.name = "PaymentRequiredError";
+    this.requirements = requirements;
+  }
+}
+async function requestPayment(runtime, requirements) {
+  if (requirements.length === 0) {
+    throw new Error("[x402] requestPayment called with no requirements — adapter bug");
+  }
+  const preferred = requirements[0];
+  logger5.warn({
+    boundary: "elizacloud",
+    integration: "x402",
+    asset: preferred.asset,
+    network: preferred.network,
+    amount: preferred.amount,
+    runtimeId: runtime.agentId
+  }, `[x402] payment-required: ${preferred.amount} ${preferred.asset} on ${preferred.network} → ${preferred.payTo}${preferred.description ? ` (${preferred.description})` : ""}`);
+  return { status: "surfaced", requirement: preferred, txId: null };
+}
+
+// src/cloud/duffel-client.ts
+import { logger as logger6 } from "@elizaos/core";
+class DuffelConfigError extends Error {
+  code = "DUFFEL_NOT_CONFIGURED";
+  constructor(message) {
+    super(message);
+    this.name = "DuffelConfigError";
+  }
+}
+var DUFFEL_API_BASE_DEFAULT = "https://api.duffel.com";
+var DUFFEL_API_VERSION = "v2";
+var DEFAULT_CLOUD_RELAY_BASE = "http://127.0.0.1:31337";
+var NOOP_DUFFEL_SPAN = {
+  success() {},
+  failure() {}
+};
+function getDuffelApiBase() {
+  return process.env.LIFEOPS_DUFFEL_API_BASE?.trim() || DUFFEL_API_BASE_DEFAULT;
+}
+function resolveDirectFlag(env) {
+  const value = env.ELIZA_DUFFEL_DIRECT?.trim().toLowerCase();
+  return value === "1" || value === "true";
+}
+function resolveLocalApiBase(env) {
+  const port = env.ELIZA_API_PORT?.trim();
+  if (port && /^\d+$/.test(port)) {
+    return `http://127.0.0.1:${port}`;
+  }
+  return DEFAULT_CLOUD_RELAY_BASE;
+}
+function readDuffelConfigFromEnv(env = process.env) {
+  if (resolveDirectFlag(env)) {
+    const apiKey = env.DUFFEL_API_KEY?.trim();
+    if (!apiKey) {
+      throw new DuffelConfigError("Duffel direct mode requested but DUFFEL_API_KEY is not set.");
+    }
+    return { mode: "direct", apiKey, cloudRelayBaseUrl: null };
+  }
+  return {
+    mode: "cloud",
+    apiKey: null,
+    cloudRelayBaseUrl: resolveLocalApiBase(env)
+  };
+}
+var DIRECT_MODE_COST = {
+  totalUsd: 0,
+  creatorMarkupUsd: 0,
+  platformFeeUsd: 0,
+  markupPercent: null,
+  metered: false
+};
+function buildHeaders(apiKey) {
+  return {
+    Authorization: `Bearer ${apiKey}`,
+    "Content-Type": "application/json",
+    "Duffel-Version": DUFFEL_API_VERSION,
+    Accept: "application/json"
+  };
+}
+function mapOffer(raw) {
+  const cabinClass = raw.slices[0]?.fare_brand_name ?? null;
+  const slices = raw.slices.map((slice) => ({
+    origin: slice.origin.iata_code,
+    destination: slice.destination.iata_code,
+    duration: slice.duration,
+    segments: slice.segments.map((seg) => ({
+      origin: seg.origin.iata_code,
+      destination: seg.destination.iata_code,
+      departingAt: seg.departing_at,
+      arrivingAt: seg.arriving_at,
+      carrierIataCode: seg.operating_carrier.iata_code,
+      flightNumber: seg.flight_number ?? "",
+      duration: seg.duration
+    }))
+  }));
+  const passengers = raw.passengers.map((passenger, index) => ({
+    id: passenger.id?.trim() || `passenger_${index}`,
+    type: passenger.type?.trim() || "adult",
+    givenName: passenger.given_name?.trim() || null,
+    familyName: passenger.family_name?.trim() || null
+  }));
+  const paymentRequirements = raw.payment_requirements ? {
+    requiresInstantPayment: raw.payment_requirements.requires_instant_payment !== false,
+    priceGuaranteeExpiresAt: raw.payment_requirements.price_guarantee_expires_at ?? null,
+    paymentRequiredBy: raw.payment_requirements.payment_required_by ?? null
+  } : null;
+  return {
+    id: raw.id,
+    totalAmount: raw.total_amount,
+    totalCurrency: raw.total_currency,
+    passengerCount: passengers.length > 0 ? passengers.length : 1,
+    slices,
+    expiresAt: raw.expires_at,
+    cabinClass,
+    passengers,
+    paymentRequirements
+  };
+}
+function mapOrder(raw) {
+  return {
+    id: raw.id,
+    bookingReference: raw.booking_reference ?? null,
+    totalAmount: raw.total_amount,
+    totalCurrency: raw.total_currency,
+    slices: raw.slices.map((slice) => ({
+      origin: slice.origin.iata_code,
+      destination: slice.destination.iata_code,
+      duration: slice.duration,
+      segments: slice.segments.map((segment) => ({
+        origin: segment.origin.iata_code,
+        destination: segment.destination.iata_code,
+        departingAt: segment.departing_at,
+        arrivingAt: segment.arriving_at,
+        carrierIataCode: segment.operating_carrier.iata_code,
+        flightNumber: segment.flight_number ?? "",
+        duration: segment.duration
+      }))
+    })),
+    passengers: raw.passengers.map((passenger, index) => ({
+      id: passenger.id?.trim() || `passenger_${index}`,
+      givenName: passenger.given_name?.trim() || null,
+      familyName: passenger.family_name?.trim() || null
+    })),
+    paymentStatus: raw.payment_status ? {
+      awaitingPayment: raw.payment_status.awaiting_payment === true,
+      paymentRequiredBy: raw.payment_status.payment_required_by ?? null,
+      priceGuaranteeExpiresAt: raw.payment_status.price_guarantee_expires_at ?? null
+    } : null,
+    documents: (raw.documents ?? []).map((document) => ({
+      type: document.type ?? null,
+      uniqueIdentifier: document.unique_identifier ?? null
+    }))
+  };
+}
+function mapPayment(raw) {
+  return {
+    id: raw.id,
+    orderId: raw.order_id,
+    status: raw.status,
+    currency: raw.currency,
+    amount: raw.amount,
+    type: raw.type,
+    failureReason: raw.failure_reason ?? null,
+    createdAt: raw.created_at ?? null
+  };
+}
+function readRelayCost(envelope) {
+  if (envelope === null || typeof envelope !== "object" || !("_meta" in envelope)) {
+    throw new Error("Duffel cloud relay response missing _meta envelope. Update Eliza Cloud or set ELIZA_DUFFEL_DIRECT=1.");
+  }
+  const meta = envelope._meta;
+  const cost = meta?.cost;
+  if (!cost || typeof cost.total_usd !== "number" || typeof cost.creator_markup_usd !== "number" || typeof cost.platform_fee_usd !== "number") {
+    throw new Error("Duffel cloud relay returned malformed _meta.cost. Refusing to proceed without billing receipt.");
+  }
+  const totalUsd = cost.total_usd;
+  const platformFeeUsd = cost.platform_fee_usd;
+  const markupPercent = totalUsd > 0 ? platformFeeUsd / totalUsd : null;
+  return {
+    totalUsd,
+    creatorMarkupUsd: cost.creator_markup_usd,
+    platformFeeUsd,
+    markupPercent,
+    metered: true
+  };
+}
+async function duffelFetch(args) {
+  const { config, method, directPath, cloudRelayPath, body, operation } = args;
+  const isCloud = config.mode === "cloud";
+  const url = isCloud ? `${config.cloudRelayBaseUrl ?? ""}${cloudRelayPath}` : `${getDuffelApiBase()}${directPath}`;
+  const headers = isCloud ? { "Content-Type": "application/json", Accept: "application/json" } : buildHeaders(config.apiKey ?? "");
+  const span = NOOP_DUFFEL_SPAN;
+  let response;
+  try {
+    response = await fetch(url, {
+      method,
+      headers,
+      body: body !== undefined ? JSON.stringify(body) : undefined,
+      signal: AbortSignal.timeout(30000)
+    });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : String(error);
+    logger6.error({
+      boundary: "elizacloud",
+      integration: "duffel",
+      operation,
+      mode: config.mode,
+      err: error instanceof Error ? error : undefined
+    }, `[elizacloud-duffel] Duffel ${operation} network error: ${msg}`);
+    span.failure({ error, errorKind: "network_error" });
+    throw new Error(`Duffel ${operation} failed: ${msg}`);
+  }
+  if (response.status === 402 && isCloud) {
+    const requirements = await parseX402Response(response);
+    logger6.warn({
+      boundary: "elizacloud",
+      integration: "duffel",
+      operation,
+      mode: config.mode,
+      statusCode: 402,
+      requirementCount: requirements?.length ?? 0
+    }, `[elizacloud-duffel] Duffel ${operation} returned 402 payment-required`);
+    span.failure({ statusCode: 402, errorKind: "payment_required" });
+    if (!requirements || requirements.length === 0) {
+      throw new PaymentRequiredError([], `Duffel ${operation} requires payment but the upstream did not advertise any payment options.`);
+    }
+    throw new PaymentRequiredError(requirements);
+  }
+  if (!response.ok) {
+    const errorBody = await response.text().catch(() => "");
+    const errorMsg = errorBody || `HTTP ${response.status}`;
+    logger6.warn({
+      boundary: "elizacloud",
+      integration: "duffel",
+      operation,
+      mode: config.mode,
+      statusCode: response.status
+    }, `[elizacloud-duffel] Duffel ${operation} HTTP error: ${errorMsg}`);
+    span.failure({ statusCode: response.status, errorKind: "http_error" });
+    throw new Error(`Duffel ${operation} failed (${response.status}): ${errorMsg}`);
+  }
+  const payload = await response.json();
+  span.success({ statusCode: response.status });
+  const cost = isCloud ? readRelayCost(payload) : DIRECT_MODE_COST;
+  return { data: payload, cost };
+}
+async function searchFlights(request, config) {
+  const resolvedConfig = config ?? readDuffelConfigFromEnv();
+  const passengerCount = Math.max(1, Math.round(request.passengers ?? 1));
+  const slices = [
+    {
+      origin: request.origin.toUpperCase().trim(),
+      destination: request.destination.toUpperCase().trim(),
+      departure_date: request.departureDate
+    }
+  ];
+  if (request.returnDate) {
+    slices.push({
+      origin: request.destination.toUpperCase().trim(),
+      destination: request.origin.toUpperCase().trim(),
+      departure_date: request.returnDate
+    });
+  }
+  const requestBody = {
+    data: {
+      slices,
+      passengers: Array.from({ length: passengerCount }, () => ({
+        type: "adult"
+      })),
+      cabin_class: "economy"
+    }
+  };
+  logger6.info({
+    boundary: "elizacloud",
+    integration: "duffel",
+    origin: request.origin,
+    destination: request.destination
+  }, `[elizacloud-duffel] Searching flights ${request.origin} → ${request.destination} on ${request.departureDate}`);
+  const { data: responseData, cost } = await duffelFetch({
+    config: resolvedConfig,
+    method: "POST",
+    directPath: "/air/offer_requests?return_offers=true",
+    cloudRelayPath: "/api/cloud/travel-providers/duffel/offer-requests",
+    body: requestBody,
+    operation: "offer_request"
+  });
+  const offers = responseData.data.offers.map(mapOffer);
+  logger6.info({
+    boundary: "elizacloud",
+    integration: "duffel",
+    offerRequestId: responseData.data.id,
+    offerCount: offers.length,
+    costUsd: cost.totalUsd
+  }, `[elizacloud-duffel] Duffel returned ${offers.length} offers for request ${responseData.data.id}`);
+  return {
+    offerRequestId: responseData.data.id,
+    offers,
+    cost
+  };
+}
+async function getOffer(id, config) {
+  const resolvedConfig = config ?? readDuffelConfigFromEnv();
+  if (!id || id.trim().length === 0) {
+    throw new Error("Duffel getOffer: offer id is required");
+  }
+  const { data: responseData } = await duffelFetch({
+    config: resolvedConfig,
+    method: "GET",
+    directPath: `/air/offers/${encodeURIComponent(id.trim())}`,
+    cloudRelayPath: `/api/cloud/travel-providers/duffel/offers/${encodeURIComponent(id.trim())}`,
+    operation: "offer_retrieve"
+  });
+  return mapOffer(responseData.data);
+}
+async function createOrder(request, config) {
+  const resolvedConfig = config ?? readDuffelConfigFromEnv();
+  if (request.selectedOffers.length !== 1) {
+    throw new Error("Duffel createOrder: exactly one selected offer is required");
+  }
+  if (request.passengers.length === 0) {
+    throw new Error("Duffel createOrder: at least one passenger is required");
+  }
+  const data = {
+    type: request.type,
+    selected_offers: [...request.selectedOffers],
+    passengers: request.passengers.map((passenger) => ({
+      id: passenger.id,
+      title: passenger.title,
+      gender: passenger.gender,
+      given_name: passenger.givenName,
+      family_name: passenger.familyName,
+      born_on: passenger.bornOn,
+      email: passenger.email,
+      phone_number: passenger.phoneNumber
+    }))
+  };
+  if (request.payment) {
+    data.payments = [
+      {
+        type: request.payment.type,
+        amount: request.payment.amount,
+        currency: request.payment.currency
+      }
+    ];
+  }
+  if (request.metadata && Object.keys(request.metadata).length > 0) {
+    data.metadata = request.metadata;
+  }
+  const { data: response } = await duffelFetch({
+    config: resolvedConfig,
+    method: "POST",
+    directPath: "/air/orders",
+    cloudRelayPath: "/api/cloud/travel-providers/duffel/orders",
+    body: { data },
+    operation: "order_create"
+  });
+  return mapOrder(response.data);
+}
+async function getOrder(orderId, config) {
+  const resolvedConfig = config ?? readDuffelConfigFromEnv();
+  if (!orderId || orderId.trim().length === 0) {
+    throw new Error("Duffel getOrder: order id is required");
+  }
+  const { data: response } = await duffelFetch({
+    config: resolvedConfig,
+    method: "GET",
+    directPath: `/air/orders/${encodeURIComponent(orderId.trim())}`,
+    cloudRelayPath: `/api/cloud/travel-providers/duffel/orders/${encodeURIComponent(orderId.trim())}`,
+    operation: "order_retrieve"
+  });
+  return mapOrder(response.data);
+}
+async function createPayment(args, config) {
+  const resolvedConfig = config ?? readDuffelConfigFromEnv();
+  if (args.orderId.trim().length === 0) {
+    throw new Error("Duffel createPayment: order id is required");
+  }
+  if (args.amount.trim().length === 0) {
+    throw new Error("Duffel createPayment: amount is required");
+  }
+  if (args.currency.trim().length === 0) {
+    throw new Error("Duffel createPayment: currency is required");
+  }
+  const { data: response } = await duffelFetch({
+    config: resolvedConfig,
+    method: "POST",
+    directPath: "/air/payments",
+    cloudRelayPath: "/api/cloud/travel-providers/duffel/payments",
+    body: {
+      data: {
+        order_id: args.orderId.trim(),
+        payment: {
+          type: "balance",
+          amount: args.amount.trim(),
+          currency: args.currency.trim().toUpperCase()
+        }
+      }
+    },
+    operation: "payment_create"
+  });
+  return mapPayment(response.data);
+}
+
+// src/cloud/lifeops-schedule-sync-client.ts
+init_base_url();
+var LIFEOPS_SCHEDULE_REQUEST_TIMEOUT_MS = 20000;
+
+class LifeOpsScheduleSyncClientError extends Error {
+  status;
+  constructor(status, message) {
+    super(message);
+    this.status = status;
+    this.name = "LifeOpsScheduleSyncClientError";
+  }
+}
+function normalizeOptionalString(value) {
+  const trimmed = value?.trim();
+  return trimmed && trimmed.length > 0 ? trimmed : null;
+}
+function normalizeLifeOpsScheduleSyncSecret(value) {
+  const trimmed = normalizeOptionalString(value);
+  if (!trimmed) {
+    return null;
+  }
+  return trimmed.toUpperCase() === "[REDACTED]" ? null : trimmed;
+}
+function resolveLifeOpsScheduleSyncConfig(config = {}) {
+  const remoteApiBase = normalizeOptionalString(config.remoteApiBase);
+  if (remoteApiBase) {
+    return {
+      configured: true,
+      mode: "remote",
+      baseUrl: remoteApiBase.replace(/\/+$/, ""),
+      accessToken: normalizeLifeOpsScheduleSyncSecret(config.remoteAccessToken) ?? normalizeLifeOpsScheduleSyncSecret(process.env.ELIZA_REMOTE_ACCESS_TOKEN)
+    };
+  }
+  const apiKey = normalizeLifeOpsScheduleSyncSecret(config.apiKey) ?? normalizeLifeOpsScheduleSyncSecret(process.env.ELIZAOS_CLOUD_API_KEY);
+  const agentId = normalizeLifeOpsScheduleSyncSecret(config.agentId) ?? normalizeLifeOpsScheduleSyncSecret(process.env.ELIZAOS_CLOUD_AGENT_ID);
+  if (!apiKey || !agentId) {
+    return {
+      configured: false,
+      mode: "none"
+    };
+  }
+  return {
+    configured: true,
+    mode: "cloud",
+    apiBaseUrl: resolveCloudApiBaseUrl(normalizeOptionalString(config.baseUrl) ?? process.env.ELIZAOS_CLOUD_BASE_URL),
+    apiKey,
+    agentId
+  };
+}
+function buildTimeoutSignal() {
+  return AbortSignal.timeout(LIFEOPS_SCHEDULE_REQUEST_TIMEOUT_MS);
+}
+async function readJsonResponse(response) {
+  if (!response.ok) {
+    let detail = `${response.status} ${response.statusText}`.trim();
+    const text = await response.text();
+    const trimmed = text.trim();
+    if (trimmed.length > 0) {
+      try {
+        const parsed = JSON.parse(trimmed);
+        detail = parsed.message ?? parsed.error ?? trimmed;
+      } catch {
+        detail = trimmed.slice(0, 200);
+      }
+    }
+    throw new LifeOpsScheduleSyncClientError(response.status, detail);
+  }
+  return await response.json();
+}
+function resolveLifeOpsScheduleSyncSiteUrl(rawUrl) {
+  return normalizeCloudSiteUrl(rawUrl);
+}
+
+class LifeOpsScheduleSyncClient {
+  configSource;
+  constructor(configSource = resolveLifeOpsScheduleSyncConfig) {
+    this.configSource = configSource;
+  }
+  getConfig() {
+    return typeof this.configSource === "function" ? this.configSource() : this.configSource;
+  }
+  get configured() {
+    return this.getConfig().configured;
+  }
+  requireConfig() {
+    const config = this.getConfig();
+    if (!config.configured) {
+      throw new LifeOpsScheduleSyncClientError(409, "LifeOps schedule sync is not configured.");
+    }
+    return config;
+  }
+  resolvePath(pathname) {
+    const config = this.requireConfig();
+    const normalizedPath = pathname.replace(/^\/+/, "");
+    if (config.mode === "remote") {
+      return new URL(`api/lifeops/schedule/${normalizedPath}`, `${config.baseUrl.replace(/\/+$/, "")}/`).toString();
+    }
+    return new URL(`eliza/agents/${encodeURIComponent(config.agentId)}/lifeops/schedule/${normalizedPath}`, `${config.apiBaseUrl.replace(/\/+$/, "")}/`).toString();
+  }
+  requestHeaders(initHeaders) {
+    const config = this.requireConfig();
+    const headers = {
+      Accept: "application/json",
+      "Content-Type": "application/json"
+    };
+    if (config.mode === "cloud") {
+      headers["X-API-Key"] = config.apiKey;
+    }
+    if (config.mode === "remote" && config.accessToken) {
+      headers.Authorization = `Bearer ${config.accessToken}`;
+    }
+    if (initHeaders instanceof Headers) {
+      for (const [key, value] of initHeaders.entries()) {
+        headers[key] = value;
+      }
+      return headers;
+    }
+    if (Array.isArray(initHeaders)) {
+      for (const [key, value] of initHeaders) {
+        headers[key] = value;
+      }
+      return headers;
+    }
+    return {
+      ...headers,
+      ...initHeaders ?? {}
+    };
+  }
+  async request(pathname, init) {
+    const response = await fetch(this.resolvePath(pathname), {
+      ...init,
+      headers: this.requestHeaders(init.headers),
+      signal: init.signal ?? buildTimeoutSignal()
+    });
+    return readJsonResponse(response);
+  }
+  async syncObservations(request) {
+    return this.request("observations", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+  }
+  async getMergedState(timezone, scope = "cloud") {
+    const query = new URLSearchParams({ timezone, scope });
+    return this.request(`merged-state?${query.toString()}`, {
+      method: "GET"
+    });
+  }
+}
+
+// src/cloud/lifeops-schedule-sync-contracts.ts
+var LIFEOPS_SCHEDULE_DEVICE_KINDS = [
+  "iphone",
+  "ipad",
+  "mac",
+  "watch",
+  "cloud",
+  "unknown"
+];
+var LIFEOPS_SCHEDULE_OBSERVATION_ORIGINS = [
+  "local_inference",
+  "device_sync"
+];
+var LIFEOPS_SCHEDULE_STATE_SCOPES = ["local", "cloud"];
+
+// src/cloud/managed-payment-clients.ts
+init_base_url();
+init_base_url();
+function normalizeElizaCloudApiKey(value) {
+  const trimmed = value?.trim();
+  if (!trimmed)
+    return null;
+  return trimmed.toUpperCase() === "[REDACTED]" ? null : trimmed;
+}
+function resolveEnvElizaCloudManagedClientConfig(env = typeof process === "undefined" ? {} : process.env) {
+  const apiKey = normalizeElizaCloudApiKey(env.ELIZAOS_CLOUD_API_KEY);
+  const baseUrl = env.ELIZAOS_CLOUD_BASE_URL;
+  return {
+    configured: Boolean(apiKey),
+    apiKey,
+    apiBaseUrl: resolveCloudApiBaseUrl(baseUrl),
+    siteUrl: normalizeCloudSiteUrl(baseUrl)
+  };
+}
+var PLAID_REQUEST_TIMEOUT_MS = 30000;
+var PAYPAL_REQUEST_TIMEOUT_MS = 30000;
+
+class PlaidManagedClientError extends Error {
+  status;
+  constructor(status, message) {
+    super(message);
+    this.status = status;
+    this.name = "PlaidManagedClientError";
+  }
+}
+
+class PaypalManagedClientError extends Error {
+  status;
+  fallback;
+  constructor(status, message, fallback = null) {
+    super(message);
+    this.status = status;
+    this.fallback = fallback;
+    this.name = "PaypalManagedClientError";
+  }
+}
+async function readPlaidJson(response) {
+  if (!response.ok) {
+    let detail = `${response.status} ${response.statusText}`.trim();
+    const text = await response.text();
+    if (text.trim().length > 0) {
+      try {
+        const parsed = JSON.parse(text);
+        detail = parsed.message ?? parsed.error ?? text.slice(0, 240);
+      } catch {
+        detail = text.slice(0, 240);
+      }
+    }
+    throw new PlaidManagedClientError(response.status, detail);
+  }
+  return await response.json();
+}
+async function readPaypalJson(response) {
+  if (!response.ok) {
+    let detail = `${response.status} ${response.statusText}`.trim();
+    let fallback = null;
+    const text = await response.text();
+    if (text.trim().length > 0) {
+      try {
+        const parsed = JSON.parse(text);
+        detail = parsed.message ?? parsed.error ?? text.slice(0, 240);
+        fallback = parsed.fallback ?? null;
+      } catch {
+        detail = text.slice(0, 240);
+      }
+    }
+    throw new PaypalManagedClientError(response.status, detail, fallback);
+  }
+  return await response.json();
+}
+
+class PlaidManagedClient {
+  configSource;
+  constructor(configSource = resolveEnvElizaCloudManagedClientConfig) {
+    this.configSource = configSource;
+  }
+  requireConfig() {
+    const config = this.configSource();
+    if (!config.apiKey) {
+      throw new PlaidManagedClientError(409, "Eliza Cloud is not connected.");
+    }
+    return { ...config, apiKey: config.apiKey };
+  }
+  get configured() {
+    return this.configSource().configured;
+  }
+  async createLinkToken() {
+    const config = this.requireConfig();
+    const response = await fetch(`${config.apiBaseUrl}/v1/eliza/plaid/link-token`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${config.apiKey}`,
+        "Content-Type": "application/json"
+      },
+      body: "{}",
+      signal: AbortSignal.timeout(PLAID_REQUEST_TIMEOUT_MS)
+    });
+    return readPlaidJson(response);
+  }
+  async exchangePublicToken(args) {
+    const config = this.requireConfig();
+    const response = await fetch(`${config.apiBaseUrl}/v1/eliza/plaid/exchange`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${config.apiKey}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({ publicToken: args.publicToken }),
+      signal: AbortSignal.timeout(PLAID_REQUEST_TIMEOUT_MS)
+    });
+    return readPlaidJson(response);
+  }
+  async syncTransactions(args) {
+    const config = this.requireConfig();
+    const response = await fetch(`${config.apiBaseUrl}/v1/eliza/plaid/sync`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${config.apiKey}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({
+        accessToken: args.accessToken,
+        cursor: args.cursor ?? "",
+        count: args.count ?? 250
+      }),
+      signal: AbortSignal.timeout(PLAID_REQUEST_TIMEOUT_MS * 2)
+    });
+    return readPlaidJson(response);
+  }
+}
+
+class PaypalManagedClient {
+  configSource;
+  constructor(configSource = resolveEnvElizaCloudManagedClientConfig) {
+    this.configSource = configSource;
+  }
+  requireConfig() {
+    const config = this.configSource();
+    if (!config.apiKey) {
+      throw new PaypalManagedClientError(409, "Eliza Cloud is not connected.");
+    }
+    return { ...config, apiKey: config.apiKey };
+  }
+  get configured() {
+    return this.configSource().configured;
+  }
+  async buildAuthorizeUrl(args) {
+    const config = this.requireConfig();
+    const response = await fetch(`${config.apiBaseUrl}/v1/eliza/paypal/authorize`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${config.apiKey}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({ state: args.state }),
+      signal: AbortSignal.timeout(PAYPAL_REQUEST_TIMEOUT_MS)
+    });
+    return readPaypalJson(response);
+  }
+  async exchangeCode(args) {
+    const config = this.requireConfig();
+    const response = await fetch(`${config.apiBaseUrl}/v1/eliza/paypal/callback`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${config.apiKey}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({ code: args.code }),
+      signal: AbortSignal.timeout(PAYPAL_REQUEST_TIMEOUT_MS)
+    });
+    return readPaypalJson(response);
+  }
+  async refreshAccessToken(args) {
+    const config = this.requireConfig();
+    const response = await fetch(`${config.apiBaseUrl}/v1/eliza/paypal/refresh`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${config.apiKey}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({ refreshToken: args.refreshToken }),
+      signal: AbortSignal.timeout(PAYPAL_REQUEST_TIMEOUT_MS)
+    });
+    return readPaypalJson(response);
+  }
+  async searchTransactions(args) {
+    const config = this.requireConfig();
+    const response = await fetch(`${config.apiBaseUrl}/v1/eliza/paypal/transactions`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${config.apiKey}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify(args),
+      signal: AbortSignal.timeout(PAYPAL_REQUEST_TIMEOUT_MS * 2)
+    });
+    return readPaypalJson(response);
+  }
+}
+
+// src/cloud/index.ts
+init_base_url();
+init_validate_url();
 export {
   validateCloudBaseUrl,
+  searchFlights,
+  resolveLifeOpsScheduleSyncSiteUrl,
+  resolveLifeOpsScheduleSyncConfig,
+  resolveEnvElizaCloudManagedClientConfig,
   resolveCloudApiBaseUrl,
+  requestPayment,
+  readDuffelConfigFromEnv,
+  parseX402Response,
+  normalizeLifeOpsScheduleSyncSecret,
+  normalizeElizaCloudApiKey,
   normalizeCloudSiteUrl,
+  normalizeCloudApiKey,
+  isCloudAuthApiKeyService,
+  getOrder,
+  getOffer,
+  createPayment,
+  createOrder,
   cloudLogin,
+  PlaidManagedClientError,
+  PlaidManagedClient,
+  PaypalManagedClientError,
+  PaypalManagedClient,
+  PaymentRequiredError,
+  LifeOpsScheduleSyncClientError,
+  LifeOpsScheduleSyncClient,
+  LIFEOPS_SCHEDULE_STATE_SCOPES,
+  LIFEOPS_SCHEDULE_OBSERVATION_ORIGINS,
+  LIFEOPS_SCHEDULE_DEVICE_KINDS,
   ElizaCloudClient,
+  DuffelConfigError,
   ConnectionMonitor,
   CloudRuntimeProxy,
   CloudManager,
   BackupScheduler
 };
 
-//# debugId=D795A73DE077BF4564756E2164756E21
+//# debugId=4E32E0FBB0A20BF564756E2164756E21