@enbox/agent 0.2.2 → 0.3.1

package/src/dwn-discovery-payload.ts

@@ -0,0 +1,308 @@
+/**
+ * Shared types and utilities for the `dwn://register` discovery protocol.
+ *
+ * The payload is the JSON data exchanged between the local DWN server
+ * (electrobun-dwn) and the requesting app during the `dwn://register`
+ * redirect flow. It is encoded as base64url and placed in the URL
+ * fragment (`#`) of the callback URL.
+ *
+ * This module intentionally avoids external dependencies so it can be
+ * consumed from any environment (Bun, browser, Electrobun) without
+ * triggering transitive dependency resolution issues.
+ *
+ * @see https://github.com/enboxorg/enbox/issues/586
+ * @module
+ */
+
+// ─── Types ────────────────────────────────────────────────────────
+
+/**
+ * The JSON payload delivered via the URL fragment in a `dwn://register`
+ * callback redirect.
+ *
+ * Intentionally minimal — everything beyond the endpoint (version,
+ * WebSocket support, etc.) is obtained from `GET {endpoint}/info`.
+ */
+export type DwnDiscoveryPayload = {
+  /** Base URL of the running DWN server (e.g. `"http://127.0.0.1:55557"`). */
+  endpoint: string;
+};
+
+/**
+ * Parsed result from a `dwn://register` URL.
+ */
+export type DwnRegisterUrlParams = {
+  /** The callback URL to redirect to with the discovery payload. */
+  callback: string;
+};
+
+// ─── Constants ────────────────────────────────────────────────────
+
+/** The URL scheme for DWN discovery protocol handlers. */
+export const DWN_PROTOCOL_SCHEME = 'dwn';
+
+/** The `dwn://register` path that triggers the discovery handshake. */
+export const DWN_REGISTER_PATH = 'register';
+
+// ─── Register URL construction ───────────────────────────────────
+
+/**
+ * Build a `dwn://register?callback=<url>` URL that, when opened by the OS,
+ * triggers electrobun-dwn (or another `dwn://` scheme handler) to redirect
+ * back to `callbackUrl` with the local DWN endpoint in the URL fragment.
+ *
+ * This is the **trigger** side of the `dwn://register` browser flow.
+ * The web app opens this URL (e.g. via `window.open()` or `location.href`),
+ * the OS routes it to the registered handler, and the handler redirects
+ * back with the discovery payload.
+ *
+ * @param callbackUrl - The URL to redirect back to after discovery.
+ *   This should be the current page (or a dedicated callback page) that
+ *   will read the payload from `window.location.hash`.
+ * @returns The `dwn://register?callback=<encoded-url>` URL string.
+ *
+ * @example
+ * ```ts
+ * const registerUrl = buildDwnRegisterUrl('https://myapp.com/callback');
+ * // => 'dwn://register?callback=https%3A%2F%2Fmyapp.com%2Fcallback'
+ * window.open(registerUrl);
+ * ```
+ */
+export function buildDwnRegisterUrl(callbackUrl: string): string {
+  return `${DWN_PROTOCOL_SCHEME}://${DWN_REGISTER_PATH}?callback=${encodeURIComponent(callbackUrl)}`;
+}
+
+// ─── Payload encoding/decoding ───────────────────────────────────
+
+/**
+ * Encode a {@link DwnDiscoveryPayload} as a base64url string suitable
+ * for use in a URL fragment.
+ *
+ * @param payload - The discovery payload to encode.
+ * @returns A base64url-encoded string (no padding).
+ */
+export function encodeDwnDiscoveryPayload(payload: DwnDiscoveryPayload): string {
+  const json = JSON.stringify(payload);
+  return stringToBase64Url(json);
+}
+
+/**
+ * Decode a base64url-encoded string back into a {@link DwnDiscoveryPayload}.
+ *
+ * @param encoded - The base64url string from the URL fragment.
+ * @returns The parsed payload, or `undefined` if decoding or parsing fails.
+ */
+export function decodeDwnDiscoveryPayload(encoded: string): DwnDiscoveryPayload | undefined {
+  try {
+    const json = base64UrlToString(encoded);
+    const parsed: unknown = JSON.parse(json);
+
+    if (!isValidPayload(parsed)) {
+      return undefined;
+    }
+
+    return parsed;
+  } catch {
+    return undefined;
+  }
+}
+
+// ─── URL parsing ─────────────────────────────────────────────────
+
+/**
+ * Parse a `dwn://register?callback=<url>` URL into its components.
+ *
+ * @param url - The full `dwn://register?callback=...` URL.
+ * @returns The parsed parameters, or `undefined` if the URL is not a
+ *   valid `dwn://register` URL or is missing the `callback` parameter.
+ */
+export function parseDwnRegisterUrl(url: string): DwnRegisterUrlParams | undefined {
+  try {
+    // dwn://register?callback=... is not a standard hierarchical URL, so
+    // we parse it manually to avoid URL constructor quirks with custom schemes.
+    const schemePrefix = `${DWN_PROTOCOL_SCHEME}://`;
+    if (!url.startsWith(schemePrefix)) {
+      return undefined;
+    }
+
+    const withoutScheme = url.slice(schemePrefix.length);
+
+    // Split on '?' to separate the path from query parameters.
+    const questionIndex = withoutScheme.indexOf('?');
+    if (questionIndex === -1) {
+      return undefined;
+    }
+
+    const path = withoutScheme.slice(0, questionIndex);
+    if (path !== DWN_REGISTER_PATH) {
+      return undefined;
+    }
+
+    const queryString = withoutScheme.slice(questionIndex + 1);
+    const params = new URLSearchParams(queryString);
+    const callback = params.get('callback');
+
+    if (!callback || callback.length === 0) {
+      return undefined;
+    }
+
+    return { callback };
+  } catch {
+    return undefined;
+  }
+}
+
+/**
+ * Build the full callback redirect URL with the discovery payload
+ * encoded in the URL fragment.
+ *
+ * @param callbackUrl - The callback URL from the `dwn://register` request.
+ * @param payload - The discovery payload to encode in the fragment.
+ * @returns The full redirect URL (e.g. `https://notes.sh/dwn#eyJ...`).
+ */
+export function buildDwnDiscoveryRedirectUrl(
+  callbackUrl: string,
+  payload: DwnDiscoveryPayload,
+): string {
+  const encoded = encodeDwnDiscoveryPayload(payload);
+  // Strip any existing fragment from the callback URL before appending ours.
+  const base = callbackUrl.split('#')[0];
+  return `${base}#${encoded}`;
+}
+
+/**
+ * Read a {@link DwnDiscoveryPayload} from a URL's fragment (hash).
+ *
+ * Intended for use in the browser callback page that receives the
+ * redirect from electrobun-dwn.
+ *
+ * @param url - The full URL including the `#` fragment, or just the
+ *   fragment string (with or without the leading `#`).
+ * @returns The parsed payload, or `undefined` if the fragment is missing
+ *   or contains an invalid payload.
+ */
+export function readDwnDiscoveryPayloadFromUrl(url: string): DwnDiscoveryPayload | undefined {
+  const hashIndex = url.indexOf('#');
+  if (hashIndex === -1) {
+    // Maybe it's just the fragment without the leading #.
+    return decodeDwnDiscoveryPayload(url);
+  }
+
+  const fragment = url.slice(hashIndex + 1);
+  if (fragment.length === 0) {
+    return undefined;
+  }
+
+  return decodeDwnDiscoveryPayload(fragment);
+}
+
+// ─── Internal helpers ─────────────────────────────────────────────
+
+/**
+ * Type guard for a valid {@link DwnDiscoveryPayload}.
+ *
+ * The endpoint MUST point to a loopback address (`127.0.0.1`, `[::1]`,
+ * or `localhost`) because the `dwn://register` payload is only intended
+ * for local DWN discovery. Accepting arbitrary hostnames would allow a
+ * malicious payload to redirect agent traffic to a remote server.
+ *
+ * @see https://github.com/enboxorg/enbox/issues/633
+ */
+function isValidPayload(value: unknown): value is DwnDiscoveryPayload {
+  if (typeof value !== 'object' || value === null) {
+    return false;
+  }
+
+  const record = value as Record<string, unknown>;
+
+  if (typeof record.endpoint !== 'string' || record.endpoint.length === 0) {
+    return false;
+  }
+
+  if (!isLoopbackEndpoint(record.endpoint)) {
+    return false;
+  }
+
+  return true;
+}
+
+/**
+ * Returns `true` if the endpoint URL's hostname resolves to a loopback
+ * address.  Accepts `127.0.0.1`, `::1` (with or without brackets), and
+ * `localhost` (bare or with any subdomain suffix, per RFC 6761 §6.3).
+ *
+ * This is a security boundary: the `dwn://register` redirect flow MUST
+ * NOT allow payloads that point to non-local servers.
+ */
+function isLoopbackEndpoint(endpoint: string): boolean {
+  try {
+    const url = new URL(endpoint);
+    const hostname = url.hostname.toLowerCase();
+
+    // IPv4 loopback: 127.0.0.1
+    if (hostname === '127.0.0.1') {
+      return true;
+    }
+
+    // IPv6 loopback: [::1] — URL.hostname strips the brackets.
+    if (hostname === '::1' || hostname === '[::1]') {
+      return true;
+    }
+
+    // `localhost` or any subdomain (e.g. `foo.localhost`).
+    if (hostname === 'localhost' || hostname.endsWith('.localhost')) {
+      return true;
+    }
+
+    return false;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Encode a UTF-8 string as unpadded base64url (RFC 4648 §5).
+ *
+ * Uses `TextEncoder` to correctly handle all Unicode code points
+ * (including those above U+00FF that `btoa` cannot represent).
+ *
+ * This module MUST remain dependency-free — no imports from
+ * `@enbox/common` or any other package.
+ */
+function stringToBase64Url(input: string): string {
+  const bytes = new TextEncoder().encode(input);
+  // Build a binary string from the UTF-8 byte array so `btoa` can
+  // consume it (btoa only accepts Latin-1 / code points ≤ U+00FF).
+  let binary = '';
+  for (let i = 0; i < bytes.length; i++) {
+    binary += String.fromCharCode(bytes[i]);
+  }
+  return btoa(binary)
+    .replace(/\+/g, '-')
+    .replace(/\//g, '_')
+    .replace(/=+$/, '');
+}
+
+/**
+ * Decode an unpadded base64url string back to a UTF-8 string.
+ *
+ * Re-adds padding and swaps base64url characters back to standard
+ * base64 before calling `atob`, then feeds the resulting bytes through
+ * `TextDecoder` for correct UTF-8 handling.
+ */
+function base64UrlToString(input: string): string {
+  // Restore standard base64 alphabet and padding.
+  let base64 = input.replace(/-/g, '+').replace(/_/g, '/');
+  const remainder = base64.length % 4;
+  if (remainder === 2) {
+    base64 += '==';
+  } else if (remainder === 3) {
+    base64 += '=';
+  }
+  const binary = atob(base64);
+  const bytes = new Uint8Array(binary.length);
+  for (let i = 0; i < binary.length; i++) {
+    bytes[i] = binary.charCodeAt(i);
+  }
+  return new TextDecoder().decode(bytes);
+}

package/src/dwn-encryption.ts

@@ -9,7 +9,7 @@ import type {
 } from '@enbox/dwn-sdk-js';
 import type { KeyIdentifier, PublicKeyJwk } from '@enbox/crypto';
 
-import type { Web5PlatformAgent } from './types/agent.js';
+import type { EnboxPlatformAgent } from './types/agent.js';
 import type {
   DwnMessageReply,
   ProcessDwnRequest,
@@ -93,7 +93,7 @@ export async function encryptAndComputeCid(
  * @throws If the DID has no keyAgreement verification method or it's not X25519.
  */
 export async function getEncryptionKeyInfo(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   didUri: string,
 ): Promise<{
   keyId: string;
@@ -172,7 +172,7 @@ export async function getEncryptionKeyInfo(
  * @param iv - Initialization vector
  */
 export async function deriveContextEncryptionInput(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   didUri: string,
   contextId: string,
   dek: Uint8Array,
@@ -208,7 +208,7 @@ export async function deriveContextEncryptionInput(
  * @param derivationScheme - The key derivation scheme
  */
 export function buildKmsDecryptCallback(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   keyId: string,
   keyUri: KeyIdentifier,
   derivationScheme: typeof KeyDerivationScheme.ProtocolPath | typeof KeyDerivationScheme.ProtocolContext,
@@ -240,7 +240,7 @@ export function buildKmsDecryptCallback(
  * @returns An EncryptionKeyDeriver callback object
  */
 export async function getEncryptionKeyDeriver(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   didUri: string,
 ): Promise<EncryptionKeyDeriver> {
   const { keyId, keyUri } = await getEncryptionKeyInfo(agent, didUri);
@@ -266,7 +266,7 @@ export async function getEncryptionKeyDeriver(
  * @returns A KeyDecrypter callback object
  */
 export async function getKeyDecrypter(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   didUri: string,
 ): Promise<KeyDecrypter> {
   const { keyId, keyUri } = await getEncryptionKeyInfo(agent, didUri);
@@ -311,7 +311,7 @@ export function buildContextKeyDecrypter(
  * @param fetchContextKeyRecordFn - Function to fetch context key records from key-delivery protocol
  */
 export async function resolveKeyDecrypter(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   authorDid: string,
   recordsWrite: RecordsWriteMessage,
   targetDid: string | undefined,
@@ -409,7 +409,7 @@ export async function resolveKeyDecrypter(
 export async function maybeDecryptReply<T extends DwnInterface>(
   request: ProcessDwnRequest<T> | SendDwnRequest<T>,
   reply: DwnMessageReply[T],
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   contextDerivedKeyCache: { get(key: string): DerivedPrivateJwk | undefined; set(key: string, value: DerivedPrivateJwk): void },
   fetchContextKeyRecordFn: (params: {
     ownerDid: string;

package/src/dwn-key-delivery.ts

@@ -6,7 +6,7 @@ import type {
   RecordsReadReply,
 } from '@enbox/dwn-sdk-js';
 
-import type { Web5PlatformAgent } from './types/agent.js';
+import type { EnboxPlatformAgent } from './types/agent.js';
 import type {
   DwnMessage,
   DwnMessageReply,
@@ -65,7 +65,7 @@ type ProcessRequestFn = <T extends DwnInterface>(
  * @param installedCache - Cache for installation status
  */
 export async function ensureKeyDeliveryProtocol(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   tenantDid: string,
   processRequest: ProcessRequestFn,
   getProtocolDefinition: (tenantDid: string, protocolUri: string) => Promise<any>,
@@ -120,7 +120,7 @@ export async function ensureKeyDeliveryProtocol(
  * @returns The recordId of the written contextKey record
  */
 export async function writeContextKeyRecord(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   params: WriteContextKeyParams,
   processRequest: ProcessRequestFn,
   ensureProtocol: (tenantDid: string) => Promise<void>,
@@ -221,7 +221,7 @@ export async function writeContextKeyRecord(
  * @param getDwnEndpointUrlsForTarget - Function to resolve DWN endpoint URLs (with local discovery)
  */
 export async function eagerSendContextKeyRecord(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   tenantDid: string,
   contextKeyMessage: DwnMessage[DwnInterface.RecordsWrite],
   getDwnMessage: (params: { author: string; messageType: DwnInterface; messageCid: string }) => Promise<{ message: any; data?: Blob }>,
@@ -271,7 +271,7 @@ export async function eagerSendContextKeyRecord(
  * @returns The decrypted `DerivedPrivateJwk`, or `undefined` if no matching record found
  */
 export async function fetchContextKeyRecord(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   params: FetchContextKeyParams,
   processRequest: ProcessRequestFn,
   getSigner: (author: string) => Promise<any>,

package/src/dwn-record-upgrade.ts

@@ -8,7 +8,7 @@ import type {
 } from '@enbox/dwn-sdk-js';
 
 import type { DwnSigner } from './types/dwn.js';
-import type { Web5PlatformAgent } from './types/agent.js';
+import type { EnboxPlatformAgent } from './types/agent.js';
 
 import {
   Encoder,
@@ -42,7 +42,7 @@ import { DwnInterface, dwnMessageConstructors } from './types/dwn.js';
  * @param contextKeyCache - Cache for context key info
  */
 export async function upgradeExternalRootRecord(
-  agent: Web5PlatformAgent,
+  agent: EnboxPlatformAgent,
   tenantDid: string,
   recordsWrite: RecordsWriteMessage,
   dwn: Dwn,

package/src/{web5-user-agent.ts → enbox-user-agent.ts}

@@ -1,8 +1,8 @@
 import type { AgentKeyManager } from './types/key-manager.js';
 import type { BearerDid } from '@enbox/dids';
+import type { EnboxPlatformAgent } from './types/agent.js';
+import type { EnboxRpc } from '@enbox/dwn-clients';
 import type { LocalDwnStrategy } from './local-dwn.js';
-import type { Web5PlatformAgent } from './types/agent.js';
-import type { Web5Rpc } from '@enbox/dwn-clients';
 import type { DidInterface, DidRequest, DidResponse } from './did-api.js';
 import type { DwnInterface, DwnResponse, ProcessDwnRequest, SendDwnRequest } from './types/dwn.js';
 import type { ProcessVcRequest, SendVcRequest, VcResponse } from './types/vc.js';
@@ -17,15 +17,15 @@ import { AgentSyncApi } from './sync-api.js';
 import { DwnDidStore } from './store-did.js';
 import { DwnIdentityStore } from './store-identity.js';
 import { DwnKeyStore } from './store-key.js';
+import { EnboxRpcClient } from '@enbox/dwn-clients';
 import { HdIdentityVault } from './hd-identity-vault.js';
 import { LevelStore } from '@enbox/common';
 import { LocalKeyManager } from './local-key-manager.js';
 import { SyncEngineLevel } from './sync-engine-level.js';
-import { Web5RpcClient } from '@enbox/dwn-clients';
 import { DidDht, DidJwk } from '@enbox/dids';
 
 /**
- * Initialization parameters for {@link Web5UserAgent}, including an optional recovery phrase that
+ * Initialization parameters for {@link EnboxUserAgent}, including an optional recovery phrase that
  * can be used to derive keys to encrypt the vault and generate a DID.
  */
 export type AgentInitializeParams = {
@@ -46,10 +46,10 @@ export type AgentInitializeParams = {
    recoveryPhrase?: string;
 
   /**
-   * Optional dwnEndpoints to register didService endpoints during Web5UserAgent initialization
+   * Optional dwnEndpoints to register didService endpoints during EnboxUserAgent initialization
    *
    * The dwnEndpoints are used to register DWN endpoints against the agent DID created during
-   * Web5UserAgent.initialize() =>  DidDht.create(). This allows the
+   * EnboxUserAgent.initialize() =>  DidDht.create(). This allows the
    * agent to properly recover connectedDids from DWN. Also, this pattern can be used on the server
    * side in place of the agentDid-->connectedDids pattern.
    */
@@ -64,7 +64,7 @@ export type AgentStartParams = {
  };
 
 export type AgentParams<TKeyManager extends AgentKeyManager = LocalKeyManager> = {
-  /** Optional. The Decentralized Identifier (DID) representing this Web5 User Agent. */
+  /** Optional. The Decentralized Identifier (DID) representing this Enbox User Agent. */
   agentDid?: BearerDid;
   /** Encrypted vault used for managing the Agent's DID and associated keys. */
   agentVault: HdIdentityVault;
@@ -82,8 +82,8 @@ export type AgentParams<TKeyManager extends AgentKeyManager = LocalKeyManager> =
   keyManager: TKeyManager;
   /** Facilitates fetching, requesting, creating, revoking and validating revocation status of permissions */
   permissionsApi: AgentPermissionsApi;
-  /** Remote procedure call (RPC) client used to communicate with other Web5 services. */
-  rpcClient: Web5Rpc;
+  /** Remote procedure call (RPC) client used to communicate with other Enbox services. */
+  rpcClient: EnboxRpc;
   /** Facilitates data synchronization of DWN records between nodes. */
   syncApi: AgentSyncApi;
 };
@@ -92,14 +92,14 @@ export type CreateUserAgentParams = Partial<AgentParams> & {
   localDwnStrategy?: LocalDwnStrategy;
 };
 
-export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager> implements Web5PlatformAgent<TKeyManager> {
+export class EnboxUserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager> implements EnboxPlatformAgent<TKeyManager> {
   public crypto: AgentCryptoApi;
   public did: AgentDidApi<TKeyManager>;
   public dwn: AgentDwnApi;
   public identity: AgentIdentityApi<TKeyManager>;
   public keyManager: TKeyManager;
   public permissions: AgentPermissionsApi;
-  public rpc: Web5Rpc;
+  public rpc: EnboxRpc;
   public sync: AgentSyncApi;
   public vault: HdIdentityVault;
 
@@ -129,7 +129,7 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
   get agentDid(): BearerDid {
     if (this._agentDid === undefined) {
       throw new Error(
-        'Web5UserAgent: The "agentDid" property is not set. Ensure the agent is properly ' +
+        'EnboxUserAgent: The "agentDid" property is not set. Ensure the agent is properly ' +
         'initialized and a DID is assigned.'
       );
     }
@@ -148,7 +148,7 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
     localDwnStrategy,
     agentDid, agentVault, cryptoApi, didApi, dwnApi, identityApi, keyManager, permissionsApi, rpcClient, syncApi
   }: CreateUserAgentParams = {}
-  ): Promise<Web5UserAgent> {
+  ): Promise<EnboxUserAgent> {
 
     agentVault ??= new HdIdentityVault({
       keyDerivationWorkFactor : 210_000,
@@ -177,12 +177,12 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
 
     permissionsApi ??= new AgentPermissionsApi();
 
-    rpcClient ??= new Web5RpcClient();
+    rpcClient ??= new EnboxRpcClient();
 
     syncApi ??= new AgentSyncApi({ syncEngine: new SyncEngineLevel({ dataPath }) });
 
     // Instantiate the Agent using the provided or default components.
-    return new Web5UserAgent({
+    return new EnboxUserAgent({
       agentDid,
       agentVault,
       cryptoApi,
@@ -206,7 +206,7 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
    *
    * This method is typically called once, the first time the Agent is launched, and is responsible
    * for setting up the agent's operational environment, cryptographic key material, and readiness
-   * for processing Web5 requests.
+   * for processing requests.
    *
    * The password is used to secure the Agent vault, and the recovery phrase is used to derive the
    * cryptographic keys for the vault. If a recovery phrase is not provided, a new recovery phrase
@@ -261,3 +261,13 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
     this.agentDid = await this.vault.getDid();
   }
 }
+
+// ---------------------------------------------------------------------------
+// Deprecated aliases — migration aid
+// ---------------------------------------------------------------------------
+
+/** @deprecated Use {@link EnboxUserAgent} instead. Will be removed in a future version. */
+export const Web5UserAgent = EnboxUserAgent;
+
+/** @deprecated Use {@link EnboxUserAgent} instead. Will be removed in a future version. */
+export type Web5UserAgent = EnboxUserAgent;

package/src/identity-api.ts

@@ -3,7 +3,7 @@ import type { RequireOnly } from '@enbox/common';
 import type { AgentDataStore } from './store-data.js';
 import type { AgentKeyManager } from './types/key-manager.js';
 import type { DidMethodCreateOptions } from './did-api.js';
-import type { Web5PlatformAgent } from './types/agent.js';
+import type { EnboxPlatformAgent } from './types/agent.js';
 import type { IdentityMetadata, PortableIdentity } from './types/identity.js';
 
 import { isPortableDid } from '@enbox/dids';
@@ -12,7 +12,7 @@ import { BearerIdentity } from './bearer-identity.js';
 import { InMemoryIdentityStore } from './store-identity.js';
 
 export interface IdentityApiParams<TKeyManager extends AgentKeyManager> {
-  agent?: Web5PlatformAgent<TKeyManager>;
+  agent?: EnboxPlatformAgent<TKeyManager>;
 
   store?: AgentDataStore<IdentityMetadata>;
 }
@@ -36,7 +36,7 @@ export function isPortableIdentity(obj: unknown): obj is PortableIdentity {
 }
 
 /**
- * This API is used to manage and interact with Identities within the Web5 Agent framework.
+ * This API is used to manage and interact with Identities within the Enbox Agent framework.
  * An Identity is a DID that is associated with metadata that describes the Identity.
  * Metadata includes A name(label), and whether or not the Identity is connected (delegated to act on the behalf of another DID).
  *
@@ -47,12 +47,12 @@ export function isPortableIdentity(obj: unknown): obj is PortableIdentity {
  */
 export class AgentIdentityApi<TKeyManager extends AgentKeyManager = AgentKeyManager> {
   /**
-   * Holds the instance of a `Web5PlatformAgent` that represents the current execution context for
-   * the `AgentIdentityApi`. This agent is used to interact with other Web5 agent components. It's
+   * Holds the instance of a `EnboxPlatformAgent` that represents the current execution context for
+   * the `AgentIdentityApi`. This agent is used to interact with other Enbox agent components. It's
    * vital to ensure this instance is set to correctly contextualize operations within the broader
-   * Web5 Agent framework.
+   * Enbox Agent framework.
    */
-  private _agent?: Web5PlatformAgent<TKeyManager>;
+  private _agent?: EnboxPlatformAgent<TKeyManager>;
 
   private _store: AgentDataStore<IdentityMetadata>;
 
@@ -64,12 +64,12 @@ export class AgentIdentityApi<TKeyManager extends AgentKeyManager = AgentKeyMana
   }
 
   /**
-   * Retrieves the `Web5PlatformAgent` execution context.
+   * Retrieves the `EnboxPlatformAgent` execution context.
    *
-   * @returns The `Web5PlatformAgent` instance that represents the current execution context.
+   * @returns The `EnboxPlatformAgent` instance that represents the current execution context.
    * @throws Will throw an error if the `agent` instance property is undefined.
    */
-  get agent(): Web5PlatformAgent<TKeyManager> {
+  get agent(): EnboxPlatformAgent<TKeyManager> {
     if (this._agent === undefined) {
       throw new Error('AgentIdentityApi: Unable to determine agent execution context.');
     }
@@ -77,7 +77,7 @@ export class AgentIdentityApi<TKeyManager extends AgentKeyManager = AgentKeyMana
     return this._agent;
   }
 
-  set agent(agent: Web5PlatformAgent<TKeyManager>) {
+  set agent(agent: EnboxPlatformAgent<TKeyManager>) {
     this._agent = agent;
   }
 

package/src/index.ts

@@ -13,6 +13,8 @@ export * from './bearer-identity.js';
 export * from './crypto-api.js';
 export * from './did-api.js';
 export * from './dwn-api.js';
+export * from './dwn-discovery-file.js';
+export * from './dwn-discovery-payload.js';
 export * from './dwn-encryption.js';
 export * from './dwn-key-delivery.js';
 export * from './dwn-record-upgrade.js';
@@ -33,4 +35,4 @@ export * from './test-harness.js';
 export * from './utils.js';
 export * from './connect.js';
 export * from './oidc.js';
-export * from './web5-user-agent.js';
+export * from './enbox-user-agent.js';