@enbox/auth 0.3.1

package/dist/types/flows/dwn-registration.d.ts

@@ -0,0 +1,39 @@
+/**
+ * DWN registration flow.
+ *
+ * Registers the agent DID and connected DID with DWN endpoints.
+ * Supports two registration paths:
+ * 1. Provider auth (`provider-auth-v0`) — OAuth-style with tokens
+ * 2. Proof of Work (default) — PoW challenge-response
+ *
+ * This matches the registration logic from `Enbox.connect()` but as a
+ * standalone, reusable function.
+ * @module
+ */
+import type { EnboxUserAgent } from '@enbox/agent';
+import type { RegistrationOptions } from '../types.js';
+/** @internal */
+export interface RegistrationContext {
+    /** The user agent with RPC access for getServerInfo(). */
+    userAgent: EnboxUserAgent;
+    /** DWN endpoints to register with. */
+    dwnEndpoints: string[];
+    /** The agent DID URI. */
+    agentDid: string;
+    /** The connected DID URI (the identity's DID). */
+    connectedDid: string;
+}
+/**
+ * Register the agent and connected DIDs with the configured DWN endpoints.
+ *
+ * For each endpoint:
+ * 1. Fetches server info to check registration requirements.
+ * 2. If the server requires `provider-auth-v0` and the app provides
+ *    `onProviderAuthRequired`, runs the OAuth flow (with token refresh).
+ * 3. Otherwise falls back to PoW registration.
+ * 4. Calls `onSuccess` when all endpoints succeed, `onFailure` on error.
+ *
+ * @internal
+ */
+export declare function registerWithDwnEndpoints(ctx: RegistrationContext, registration: RegistrationOptions): Promise<void>;
+//# sourceMappingURL=dwn-registration.d.ts.map

package/dist/types/flows/dwn-registration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dwn-registration.d.ts","sourceRoot":"","sources":["../../../src/flows/dwn-registration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAInD,OAAO,KAAK,EACV,mBAAmB,EAEpB,MAAM,aAAa,CAAC;AAErB,gBAAgB;AAChB,MAAM,WAAW,mBAAmB;IAClC,0DAA0D;IAC1D,SAAS,EAAE,cAAc,CAAC;IAE1B,sCAAsC;IACtC,YAAY,EAAE,MAAM,EAAE,CAAC;IAEvB,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IAEjB,kDAAkD;IAClD,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,wBAAwB,CAC5C,GAAG,EAAE,mBAAmB,EACxB,YAAY,EAAE,mBAAmB,GAChC,OAAO,CAAC,IAAI,CAAC,CAwGf"}

package/dist/types/flows/import-identity.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Identity import flows.
+ *
+ * - Import from BIP-39 recovery phrase (re-derive vault + identity).
+ * - Import from PortableIdentity JSON.
+ * @module
+ */
+import type { EnboxUserAgent } from '@enbox/agent';
+import type { AuthEventEmitter } from '../events.js';
+import { AuthSession } from '../identity-session.js';
+import type { ImportFromPhraseOptions, ImportFromPortableOptions, RegistrationOptions, StorageAdapter, SyncOption } from '../types.js';
+/** @internal */
+export interface ImportContext {
+    userAgent: EnboxUserAgent;
+    emitter: AuthEventEmitter;
+    storage: StorageAdapter;
+    defaultSync?: SyncOption;
+    defaultDwnEndpoints?: string[];
+    registration?: RegistrationOptions;
+}
+/**
+ * Import (or recover) an identity from a BIP-39 recovery phrase.
+ *
+ * This re-initializes the vault with the given phrase and password,
+ * recovering the agent DID and all derived keys.
+ */
+export declare function importFromPhrase(ctx: ImportContext, options: ImportFromPhraseOptions): Promise<AuthSession>;
+/**
+ * Import an identity from a PortableIdentity JSON object.
+ *
+ * The portable identity contains the DID's private keys and metadata,
+ * allowing it to be used on this device.
+ */
+export declare function importFromPortable(ctx: ImportContext, options: ImportFromPortableOptions): Promise<AuthSession>;
+//# sourceMappingURL=import-identity.d.ts.map

package/dist/types/flows/import-identity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"import-identity.d.ts","sourceRoot":"","sources":["../../../src/flows/import-identity.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAEnD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAGrD,OAAO,KAAK,EACV,uBAAuB,EACvB,yBAAyB,EACzB,mBAAmB,EACnB,cAAc,EACd,UAAU,EACX,MAAM,aAAa,CAAC;AAErB,gBAAgB;AAChB,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,WAAW,CAAC,EAAE,UAAU,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,YAAY,CAAC,EAAE,mBAAmB,CAAC;CACpC;AAED;;;;;GAKG;AACH,wBAAsB,gBAAgB,CACpC,GAAG,EAAE,aAAa,EAClB,OAAO,EAAE,uBAAuB,GAC/B,OAAO,CAAC,WAAW,CAAC,CAuGtB;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,aAAa,EAClB,OAAO,EAAE,yBAAyB,GACjC,OAAO,CAAC,WAAW,CAAC,CA6DtB"}

package/dist/types/flows/local-connect.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Local DID connect flow.
+ *
+ * Creates or reconnects a local identity with vault-protected keys.
+ * This replaces the "Mode D/E" paths in Enbox.connect().
+ * @module
+ */
+import type { EnboxUserAgent } from '@enbox/agent';
+import type { AuthEventEmitter } from '../events.js';
+import type { LocalConnectOptions, RegistrationOptions, StorageAdapter, SyncOption } from '../types.js';
+import { AuthSession } from '../identity-session.js';
+/** @internal */
+export interface LocalConnectContext {
+    userAgent: EnboxUserAgent;
+    emitter: AuthEventEmitter;
+    storage: StorageAdapter;
+    defaultPassword?: string;
+    defaultSync?: SyncOption;
+    defaultDwnEndpoints?: string[];
+    registration?: RegistrationOptions;
+}
+/**
+ * Execute the local connect flow.
+ *
+ * - On first launch: initializes the vault, creates a new DID, returns recovery phrase.
+ * - On subsequent launches: unlocks the vault and reconnects to the existing identity.
+ */
+export declare function localConnect(ctx: LocalConnectContext, options?: LocalConnectOptions): Promise<AuthSession>;
+//# sourceMappingURL=local-connect.d.ts.map

package/dist/types/flows/local-connect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"local-connect.d.ts","sourceRoot":"","sources":["../../../src/flows/local-connect.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAEnD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,KAAK,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGxG,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAIrD,gBAAgB;AAChB,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,UAAU,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,YAAY,CAAC,EAAE,mBAAmB,CAAC;CACpC;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAChC,GAAG,EAAE,mBAAmB,EACxB,OAAO,GAAE,mBAAwB,GAChC,OAAO,CAAC,WAAW,CAAC,CAoItB"}

package/dist/types/flows/session-restore.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Session restore flow.
+ *
+ * Restores a previously established session from persisted storage,
+ * replacing the "previouslyConnected" pattern in apps.
+ * @module
+ */
+import type { EnboxUserAgent } from '@enbox/agent';
+import type { AuthEventEmitter } from '../events.js';
+import type { RestoreSessionOptions, StorageAdapter, SyncOption } from '../types.js';
+import { AuthSession } from '../identity-session.js';
+/** @internal */
+export interface SessionRestoreContext {
+    userAgent: EnboxUserAgent;
+    emitter: AuthEventEmitter;
+    storage: StorageAdapter;
+    defaultPassword?: string;
+    defaultSync?: SyncOption;
+}
+/**
+ * Attempt to restore a previous session.
+ *
+ * Returns `undefined` if no previous session exists.
+ * Returns an `AuthSession` if the session was successfully restored.
+ */
+export declare function restoreSession(ctx: SessionRestoreContext, options?: RestoreSessionOptions): Promise<AuthSession | undefined>;
+//# sourceMappingURL=session-restore.d.ts.map

package/dist/types/flows/session-restore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-restore.d.ts","sourceRoot":"","sources":["../../../src/flows/session-restore.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAEnD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,KAAK,EAAE,qBAAqB,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGrF,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAGrD,gBAAgB;AAChB,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,UAAU,CAAC;CAC1B;AAED;;;;;GAKG;AACH,wBAAsB,cAAc,CAClC,GAAG,EAAE,qBAAqB,EAC1B,OAAO,GAAE,qBAA0B,GAClC,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC,CAmGlC"}

package/dist/types/flows/wallet-connect.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Wallet connect (OIDC/QR) flow.
+ *
+ * Connects to an external wallet via the WalletConnect relay protocol,
+ * importing a delegated DID with permission grants.
+ * This replaces the "Mode B/C" paths in Enbox.connect().
+ * @module
+ */
+import type { DwnDataEncodedRecordsWriteMessage, EnboxUserAgent } from '@enbox/agent';
+import type { AuthEventEmitter } from '../events.js';
+import { AuthSession } from '../identity-session.js';
+import type { RegistrationOptions, StorageAdapter, SyncOption, WalletConnectOptions } from '../types.js';
+/** @internal */
+export interface WalletConnectContext {
+    userAgent: EnboxUserAgent;
+    emitter: AuthEventEmitter;
+    storage: StorageAdapter;
+    defaultSync?: SyncOption;
+    defaultDwnEndpoints?: string[];
+    registration?: RegistrationOptions;
+}
+/**
+ * Process connected grants by storing them in the local DWN as the owner.
+ *
+ * This is the agent-level equivalent of `Enbox.processConnectedGrants()`.
+ * It stores each grant, signed as owner, and returns the deduplicated
+ * list of protocol URIs represented by the grants.
+ *
+ * @internal
+ */
+export declare function processConnectedGrants(params: {
+    agent: EnboxUserAgent;
+    delegateDid: string;
+    grants: DwnDataEncodedRecordsWriteMessage[];
+}): Promise<string[]>;
+/**
+ * Execute the wallet connect flow.
+ *
+ * 1. Passes the permission requests directly to `WalletConnect.initClient()`.
+ * 2. Imports the delegate DID and processes grants.
+ * 3. Sets up sync and returns an AuthSession.
+ */
+export declare function walletConnect(ctx: WalletConnectContext, options: WalletConnectOptions): Promise<AuthSession>;
+//# sourceMappingURL=wallet-connect.d.ts.map

package/dist/types/flows/wallet-connect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wallet-connect.d.ts","sourceRoot":"","sources":["../../../src/flows/wallet-connect.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,KAAK,EAAE,iCAAiC,EAAyD,cAAc,EAAE,MAAM,cAAc,CAAC;AAG7I,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAGrD,OAAO,KAAK,EAAE,mBAAmB,EAAE,cAAc,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEzG,gBAAgB;AAChB,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,WAAW,CAAC,EAAE,UAAU,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,YAAY,CAAC,EAAE,mBAAmB,CAAC;CACpC;AAED;;;;;;;;GAQG;AACH,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,KAAK,EAAE,cAAc,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,iCAAiC,EAAE,CAAC;CAC7C,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAmCpB;AAED;;;;;;GAMG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,oBAAoB,EACzB,OAAO,EAAE,oBAAoB,GAC5B,OAAO,CAAC,WAAW,CAAC,CAsItB"}

package/dist/types/identity-session.d.ts

@@ -0,0 +1,52 @@
+/**
+ * AuthSession represents an active, authenticated session with a specific identity.
+ * @module
+ */
+import type { EnboxAgent } from '@enbox/agent';
+import type { IdentityInfo } from './types.js';
+/**
+ * An active, authenticated session bound to a specific identity.
+ *
+ * The session exposes the authenticated **agent**, **did**, and
+ * **delegateDid** — the primitives needed to interact with the DWN
+ * network. Consumers that use `@enbox/api` can construct an `Enbox`
+ * instance from these properties:
+ *
+ * ```ts
+ * import { Enbox } from '@enbox/api';
+ *
+ * const session = await auth.connect();
+ * const enbox = Enbox.connect({
+ *   agent: session.agent,
+ *   connectedDid: session.did,
+ *   delegateDid: session.delegateDid,
+ * });
+ * ```
+ */
+export declare class AuthSession {
+    /** The authenticated Enbox agent managing keys, DIDs, and DWN access. */
+    readonly agent: EnboxAgent;
+    /** The DID URI of the connected identity. */
+    readonly did: string;
+    /**
+     * The delegate DID URI, present when connected via wallet connect.
+     * This is the locally-created DID that holds delegated permissions
+     * from the wallet's identity.
+     */
+    readonly delegateDid?: string;
+    /**
+     * The BIP-39 recovery phrase, present only on first-time local connect.
+     * Should be shown to the user for backup and then discarded from memory.
+     */
+    readonly recoveryPhrase?: string;
+    /** Metadata about the connected identity. */
+    readonly identity: IdentityInfo;
+    constructor(params: {
+        agent: EnboxAgent;
+        did: string;
+        delegateDid?: string;
+        recoveryPhrase?: string;
+        identity: IdentityInfo;
+    });
+}
+//# sourceMappingURL=identity-session.d.ts.map

package/dist/types/identity-session.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity-session.d.ts","sourceRoot":"","sources":["../../src/identity-session.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE/C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAAa,WAAW;IACtB,yEAAyE;IACzE,QAAQ,CAAC,KAAK,EAAE,UAAU,CAAC;IAE3B,6CAA6C;IAC7C,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IAErB;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAE9B;;;OAGG;IACH,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IAEjC,6CAA6C;IAC7C,QAAQ,CAAC,QAAQ,EAAE,YAAY,CAAC;gBAEpB,MAAM,EAAE;QAClB,KAAK,EAAE,UAAU,CAAC;QAClB,GAAG,EAAE,MAAM,CAAC;QACZ,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,QAAQ,EAAE,YAAY,CAAC;KACxB;CAOF"}

package/dist/types/index.d.ts

@@ -0,0 +1,45 @@
+/**
+ * @enbox/auth — Headless authentication and identity management SDK.
+ *
+ * Provides composable, multi-identity-aware authentication that works
+ * in both browser and CLI environments. Depends only on `@enbox/agent`
+ * and can be used standalone or consumed by `@enbox/api`.
+ *
+ * @example Standalone auth
+ * ```ts
+ * import { AuthManager } from '@enbox/auth';
+ *
+ * const auth = await AuthManager.create({ sync: '15s' });
+ * const session = await auth.restoreSession() ?? await auth.connect();
+ *
+ * // session.agent — the authenticated Enbox agent
+ * // session.did   — the connected DID URI
+ * ```
+ *
+ * @example With @enbox/api
+ * ```ts
+ * import { AuthManager } from '@enbox/auth';
+ * import { Enbox } from '@enbox/api';
+ *
+ * const auth = await AuthManager.create({ sync: '15s' });
+ * const session = await auth.connect();
+ *
+ * const enbox = Enbox.connect({
+ *   agent: session.agent,
+ *   connectedDid: session.did,
+ *   delegateDid: session.delegateDid,
+ * });
+ * ```
+ *
+ * @packageDocumentation
+ */
+export { AuthManager } from './auth-manager.js';
+export { AuthSession } from './identity-session.js';
+export { VaultManager } from './vault/vault-manager.js';
+export { AuthEventEmitter } from './events.js';
+export { EnboxUserAgent, HdIdentityVault } from '@enbox/agent';
+export { processConnectedGrants } from './flows/wallet-connect.js';
+export { applyLocalDwnDiscovery, checkUrlForDwnDiscoveryPayload, clearLocalDwnEndpoint, persistLocalDwnEndpoint, probeLocalDwn, requestLocalDwnDiscovery, restoreLocalDwnEndpoint, } from './flows/dwn-discovery.js';
+export { BrowserStorage, LevelStorage, MemoryStorage, createDefaultStorage } from './storage/storage.js';
+export type { AuthEvent, AuthEventHandler, AuthEventMap, AuthManagerOptions, AuthSessionInfo, AuthState, ConnectPermissionRequest, DisconnectOptions, IdentityInfo, IdentityVaultBackup, ImportFromPhraseOptions, ImportFromPortableOptions, LocalConnectOptions, LocalDwnStrategy, PortableIdentity, ProviderAuthParams, ProviderAuthResult, RegistrationOptions, RegistrationTokenData, RestoreSessionOptions, StorageAdapter, SyncOption, WalletConnectOptions, } from './types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/types/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAI/C,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAG/D,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAGnE,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,qBAAqB,EACrB,uBAAuB,EACvB,aAAa,EACb,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAGzG,YAAY,EACV,SAAS,EACT,gBAAgB,EAChB,YAAY,EACZ,kBAAkB,EAClB,eAAe,EACf,SAAS,EACT,wBAAwB,EACxB,iBAAiB,EACjB,YAAY,EACZ,mBAAmB,EACnB,uBAAuB,EACvB,yBAAyB,EACzB,mBAAmB,EACnB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,qBAAqB,EACrB,cAAc,EACd,UAAU,EACV,oBAAoB,GACrB,MAAM,YAAY,CAAC"}

package/dist/types/storage/storage.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Storage adapter implementations for session persistence.
+ * @module
+ */
+import type { StorageAdapter } from '../types.js';
+/**
+ * Browser storage adapter backed by `localStorage`.
+ *
+ * All keys are prefixed to avoid collisions with other localStorage users.
+ */
+export declare class BrowserStorage implements StorageAdapter {
+    private readonly _prefix;
+    constructor(prefix?: string);
+    get(key: string): Promise<string | null>;
+    set(key: string, value: string): Promise<void>;
+    remove(key: string): Promise<void>;
+    clear(): Promise<void>;
+}
+/**
+ * In-memory storage adapter for testing or environments without persistence.
+ */
+export declare class MemoryStorage implements StorageAdapter {
+    private readonly _store;
+    get(key: string): Promise<string | null>;
+    set(key: string, value: string): Promise<void>;
+    remove(key: string): Promise<void>;
+    clear(): Promise<void>;
+}
+/**
+ * LevelDB-backed storage adapter for Node / CLI environments.
+ *
+ * Uses the `level` package (v8), which selects `classic-level` (LevelDB)
+ * in Node and `browser-level` (IndexedDB) in browsers.  Level auto-opens
+ * on construction and queues operations until ready, so no explicit
+ * `open()` call is required.
+ */
+export declare class LevelStorage implements StorageAdapter {
+    private readonly _db;
+    constructor(dataPath?: string);
+    get(key: string): Promise<string | null>;
+    set(key: string, value: string): Promise<void>;
+    remove(key: string): Promise<void>;
+    clear(): Promise<void>;
+    /** Close the underlying LevelDB database. */
+    close(): Promise<void>;
+}
+/**
+ * Detect the runtime environment and return an appropriate default storage adapter.
+ *
+ * - If `localStorage` is available → `BrowserStorage`
+ * - Otherwise → `LevelStorage` (persistent on disk via LevelDB)
+ */
+export declare function createDefaultStorage(): StorageAdapter;
+//# sourceMappingURL=storage.d.ts.map

package/dist/types/storage/storage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../../src/storage/storage.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAElD;;;;GAIG;AACH,qBAAa,cAAe,YAAW,cAAc;IACnD,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,SAAW;IAIvB,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAIxC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAY7B;AAED;;GAEG;AACH,qBAAa,aAAc,YAAW,cAAc;IAClD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IAE9C,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAIxC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAG7B;AAED;;;;;;;GAOG;AACH,qBAAa,YAAa,YAAW,cAAc;IACjD,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAwB;gBAEhC,QAAQ,SAA0B;IAIxC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAYxC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAYlC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAI5B,6CAA6C;IACvC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAG7B;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,IAAI,cAAc,CAMrD"}