@greenlandai/sdk 0.1.0

package/dist/index.cjs

@@ -0,0 +1,1011 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// index.js
+var js_exports = {};
+__export(js_exports, {
+  AuthError: () => AuthError,
+  Client: () => Client,
+  ConflictError: () => ConflictError,
+  ENFORCED: () => ENFORCED,
+  GreenlandAIError: () => GreenlandAIError,
+  IDEMPOTENCY_MAP: () => IDEMPOTENCY_MAP,
+  NOT_SUPPORTED: () => NOT_SUPPORTED,
+  NetworkError: () => NetworkError,
+  NotFoundError: () => NotFoundError,
+  RateLimitError: () => RateLimitError,
+  SAFE: () => SAFE,
+  ScopeError: () => ScopeError,
+  ServerError: () => ServerError,
+  VERSION: () => VERSION,
+  ValidationError: () => ValidationError,
+  crypto: () => crypto_exports
+});
+module.exports = __toCommonJS(js_exports);
+
+// src/core/errors.js
+var GreenlandAIError = class extends Error {
+  constructor(statusCode, detail, requestId = null, retryAfter = null) {
+    super(statusCode ? `${statusCode}: ${detail}` : String(detail));
+    this.name = this.constructor.name;
+    this.statusCode = statusCode;
+    this.detail = detail;
+    this.requestId = requestId;
+    this.retryAfter = retryAfter;
+  }
+};
+var AuthError = class extends GreenlandAIError {
+};
+var ScopeError = class extends GreenlandAIError {
+};
+var NotFoundError = class extends GreenlandAIError {
+};
+var ValidationError = class extends GreenlandAIError {
+};
+var ConflictError = class extends GreenlandAIError {
+};
+var RateLimitError = class extends GreenlandAIError {
+};
+var ServerError = class extends GreenlandAIError {
+};
+var NetworkError = class extends GreenlandAIError {
+  constructor(detail) {
+    super(null, detail);
+  }
+};
+function errorForStatus(statusCode, detail, requestId = null, retryAfter = null) {
+  if (statusCode === 401) return new AuthError(statusCode, detail, requestId);
+  if (statusCode === 403) return new ScopeError(statusCode, detail, requestId);
+  if (statusCode === 404) return new NotFoundError(statusCode, detail, requestId);
+  if (statusCode === 400 || statusCode === 422) return new ValidationError(statusCode, detail, requestId);
+  if (statusCode === 409) return new ConflictError(statusCode, detail, requestId, retryAfter);
+  if (statusCode === 429) return new RateLimitError(statusCode, detail, requestId, retryAfter);
+  if (statusCode >= 500) return new ServerError(statusCode, detail, requestId);
+  return new GreenlandAIError(statusCode, detail, requestId);
+}
+
+// src/core/idempotency.js
+var import_node_crypto = require("node:crypto");
+var ENFORCED = "ENFORCED";
+var NOT_SUPPORTED = "NOT_SUPPORTED";
+var SAFE = "SAFE";
+var IDEMPOTENCY_MAP = {
+  // Class A — Pattern A body-PK
+  "POST /api/v1/archive": { field: "client_chunk_id", placement: "body", tier: ENFORCED },
+  "POST /api/v1/timestamp": { field: "client_chunk_id", placement: "body", tier: ENFORCED },
+  "POST /api/v1/agreement/create": { field: "client_chunk_id", placement: "body", tier: ENFORCED },
+  "POST /api/v1/compliance/attest": { field: "client_attestation_id", placement: "body", tier: ENFORCED },
+  // Class B — Pattern B body idempotency_key
+  "POST /api/v1/prove": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/prove-batch": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/prove/share-combination": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/disclose": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/disclose/client-side": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/message/send": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/provide": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/request": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/deliver/{match_id}": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/match/{match_id}/resolve": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/marketplace/provide": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/marketplace/request": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/marketplace/deliver/{match_id}": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  "POST /api/v1/marketplace/match/{match_id}/resolve": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  // Class C — header key (metered gldai)
+  "GET /api/v1/companies": { field: "X-Idempotency-Key", placement: "header", tier: ENFORCED },
+  "GET /api/v1/deposits": { field: "X-Idempotency-Key", placement: "header", tier: ENFORCED },
+  "GET /api/v1/infrastructure": { field: "X-Idempotency-Key", placement: "header", tier: ENFORCED },
+  "GET /api/v1/query": { field: "X-Idempotency-Key", placement: "header", tier: ENFORCED },
+  "GET /api/v1/projects": { field: "X-Idempotency-Key", placement: "header", tier: ENFORCED },
+  "GET /api/v1/mapdata": { field: "X-Idempotency-Key", placement: "header", tier: ENFORCED },
+  // Class D — transfer-class
+  "POST /api/v1/wallet/transfer": { field: "idempotency_key", placement: "body", tier: ENFORCED },
+  // G1 demotions / unenforced mutating endpoints — explicit NOT_SUPPORTED
+  "POST /api/v1/wallet/fund": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/match/{match_id}/approve": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/match/{match_id}/reject": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/match/{match_id}/dispute": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/match/{match_id}/extend-dispute": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/oracle/confirm/{match_id}": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/oracle/register": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/marketplace/match/{match_id}/approve": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/marketplace/match/{match_id}/reject": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/marketplace/match/{match_id}/dispute": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/marketplace/match/{match_id}/extend-dispute": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/knowledge/upgrade": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/memory/structured-query": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/memory/content-query": { field: null, placement: null, tier: NOT_SUPPORTED },
+  "POST /api/v1/proof/queue": { field: null, placement: null, tier: NOT_SUPPORTED }
+};
+function lookup(method, pathTemplate) {
+  return IDEMPOTENCY_MAP[`${method.toUpperCase()} ${pathTemplate}`] ?? null;
+}
+function dispatch(method, pathTemplate, body, headers, idempotencyKey) {
+  const entry = lookup(method, pathTemplate);
+  if (!entry) {
+    return { body, headers, tier: method.toUpperCase() === "GET" ? SAFE : ENFORCED, resolvedKey: null };
+  }
+  if (entry.tier === NOT_SUPPORTED || !entry.field) {
+    return { body, headers, tier: entry.tier, resolvedKey: null };
+  }
+  const resolved = idempotencyKey || (0, import_node_crypto.randomUUID)();
+  if (entry.placement === "body") {
+    body = { ...body || {}, [entry.field]: resolved };
+  } else if (entry.placement === "header") {
+    headers = { ...headers, [entry.field]: resolved };
+  }
+  return { body, headers, tier: entry.tier, resolvedKey: resolved };
+}
+
+// src/core/transport.js
+var DEFAULT_MAX_RETRIES = 3;
+var DEFAULT_INITIAL_DELAY = 500;
+var DEFAULT_MAX_DELAY = 8e3;
+var DEFAULT_BACKOFF_FACTOR = 2;
+var DEFAULT_JITTER_MIN = 100;
+var DEFAULT_JITTER_MAX = 300;
+var sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+function isRetryable(err) {
+  return err instanceof NetworkError || err instanceof RateLimitError || err instanceof ServerError;
+}
+var noopLogger = { debug() {
+}, info() {
+}, warn() {
+}, error() {
+} };
+var Transport = class {
+  constructor({
+    apiKey,
+    oauthToken,
+    logger,
+    onRetry,
+    onTerminalFailure,
+    onAuthExpired,
+    metrics,
+    fetchImpl
+  } = {}) {
+    if (!apiKey && !oauthToken) throw new Error("apiKey or oauthToken required");
+    this._credential = apiKey || oauthToken;
+    this.logger = logger || noopLogger;
+    this.onRetry = onRetry || null;
+    this.onTerminalFailure = onTerminalFailure || null;
+    this.onAuthExpired = onAuthExpired || null;
+    this.metrics = metrics || null;
+    this._fetch = fetchImpl || fetch;
+  }
+  async request(baseUrl, method, pathTemplate, {
+    pathParams = {},
+    body = null,
+    params = null,
+    idempotencyKey = null,
+    retry = true,
+    maxRetries = DEFAULT_MAX_RETRIES
+  } = {}) {
+    let headers = { Authorization: `Bearer ${this._credential}` };
+    const d = dispatch(method, pathTemplate, body, headers, idempotencyKey);
+    body = d.body;
+    headers = d.headers;
+    if (d.tier === NOT_SUPPORTED) retry = false;
+    let path = pathTemplate;
+    for (const [k, v] of Object.entries(pathParams)) path = path.replace(`{${k}}`, encodeURIComponent(v));
+    let url = `${baseUrl.replace(/\/+$/, "")}${path}`;
+    if (params) {
+      const qs = new URLSearchParams(
+        Object.fromEntries(Object.entries(params).filter(([, v]) => v != null))
+      );
+      url += `?${qs}`;
+    }
+    let attempt = 0;
+    const t0 = Date.now();
+    for (; ; ) {
+      try {
+        const result = await this._once(method, url, headers, body);
+        this._count("sdk.requests");
+        this._hist("sdk.request.duration", (Date.now() - t0) / 1e3);
+        if (result && result.duplicate === true) {
+          this._count("sdk.duplicates");
+          this.logger.info(`duplicate response (idempotent replay) ${method} ${path}`);
+        }
+        return result;
+      } catch (err) {
+        if (err.statusCode === 401 && this.onAuthExpired) this.onAuthExpired(err);
+        if (!retry || attempt >= maxRetries || !isRetryable(err)) {
+          if (this.onTerminalFailure) this.onTerminalFailure(err, attempt + 1);
+          this.logger.warn(`terminal failure ${method} ${path} after ${attempt + 1} attempt(s)`);
+          throw err;
+        }
+        let delay = Math.min(DEFAULT_INITIAL_DELAY * DEFAULT_BACKOFF_FACTOR ** attempt, DEFAULT_MAX_DELAY) + DEFAULT_JITTER_MIN + Math.random() * (DEFAULT_JITTER_MAX - DEFAULT_JITTER_MIN);
+        if (err.retryAfter) delay = Math.max(delay, Number(err.retryAfter) * 1e3);
+        attempt += 1;
+        this._count("sdk.retries");
+        if (this.onRetry) this.onRetry(attempt, delay, err);
+        this.logger.info(`retry ${attempt}/${maxRetries} ${method} ${path} in ${Math.round(delay)}ms`);
+        await sleep(delay);
+      }
+    }
+  }
+  async _once(method, url, headers, body) {
+    const redacted = { ...headers, Authorization: "[REDACTED]" };
+    this.logger.debug(`request ${method} ${url} headers=${JSON.stringify(redacted)}`);
+    let resp;
+    try {
+      const opts = { method, headers: { ...headers } };
+      if (body != null) {
+        opts.headers["Content-Type"] = "application/json";
+        opts.body = JSON.stringify(body);
+      }
+      resp = await this._fetch(url, opts);
+    } catch (err) {
+      throw new NetworkError(String(err && err.message ? err.message : err));
+    }
+    const requestId = resp.headers?.get ? resp.headers.get("x-request-id") : null;
+    const ra = resp.headers?.get ? resp.headers.get("retry-after") : null;
+    const retryAfter = ra ? Number(ra) : null;
+    if (resp.status >= 400) {
+      let detail;
+      try {
+        const data = await resp.json();
+        detail = data.detail ?? resp.statusText;
+      } catch {
+        detail = resp.statusText;
+      }
+      if (typeof detail === "object") detail = JSON.stringify(detail);
+      throw errorForStatus(resp.status, String(detail), requestId, retryAfter);
+    }
+    if (resp.status === 204) return null;
+    return resp.json();
+  }
+  _count(name) {
+    if (this.metrics) this.metrics.count(name, 1);
+  }
+  _hist(name, v) {
+    if (this.metrics) this.metrics.histogram(name, v);
+  }
+};
+
+// src/core/crypto.js
+var crypto_exports = {};
+__export(crypto_exports, {
+  combineSharesAndDecrypt: () => combineSharesAndDecrypt,
+  decryptKnowledgeNode: () => decryptKnowledgeNode,
+  deriveSharesFromMnemonic: () => deriveSharesFromMnemonic,
+  verifyShareCombination: () => verifyShareCombination
+});
+var import_bip39 = require("@scure/bip39");
+var import_english = require("@scure/bip39/wordlists/english");
+var GF256_EXP = new Uint8Array(512);
+var GF256_LOG = new Uint8Array(256);
+(function initGF256() {
+  let x = 1;
+  for (let i = 0; i < 255; i++) {
+    GF256_EXP[i] = x;
+    GF256_LOG[x] = i;
+    let hi = x << 1;
+    if (hi & 256) hi ^= 283;
+    x = hi ^ x;
+  }
+  for (let i = 255; i < 512; i++) {
+    GF256_EXP[i] = GF256_EXP[i - 255];
+  }
+})();
+function gf256Mul(a, b) {
+  if (a === 0 || b === 0) return 0;
+  return GF256_EXP[(GF256_LOG[a] + GF256_LOG[b]) % 255];
+}
+function gf256Inv(a) {
+  if (a === 0) throw new Error("Zero has no inverse in GF(256)");
+  return GF256_EXP[255 - GF256_LOG[a]];
+}
+function shamirCombine(share1, share2) {
+  if (share1.length !== 33 || share2.length !== 33) {
+    throw new Error("Share combination failed \u2014 each share must be 33 bytes");
+  }
+  const x1 = share1[0], x2 = share2[0];
+  if (x1 === 0 || x2 === 0 || x1 === x2) {
+    throw new Error("Share combination failed \u2014 invalid share indices");
+  }
+  const d = x1 ^ x2;
+  const dInv = gf256Inv(d);
+  const secret = new Uint8Array(32);
+  for (let i = 0; i < 32; i++) {
+    const y1 = share1[1 + i], y2 = share2[1 + i];
+    const num = gf256Mul(y1, x2) ^ gf256Mul(y2, x1);
+    secret[i] = gf256Mul(num, dInv);
+  }
+  return secret;
+}
+function hexToBytes(hex) {
+  hex = hex.trim();
+  if (hex.length % 2 !== 0) throw new Error("Hex string has odd length");
+  const bytes = new Uint8Array(hex.length / 2);
+  for (let i = 0; i < hex.length; i += 2) {
+    bytes[i / 2] = parseInt(hex.substr(i, 2), 16);
+  }
+  return bytes;
+}
+function bytesToHex(bytes) {
+  return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+function base64ToBytes(b64) {
+  const bin = atob(b64);
+  const bytes = new Uint8Array(bin.length);
+  for (let i = 0; i < bin.length; i++) bytes[i] = bin.charCodeAt(i);
+  return bytes;
+}
+async function memoryKDF(sharedSecret) {
+  const salt = new Uint8Array(32);
+  const prkKey = await crypto.subtle.importKey("raw", salt, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
+  const prk = new Uint8Array(await crypto.subtle.sign("HMAC", prkKey, sharedSecret));
+  const okmKey = await crypto.subtle.importKey("raw", prk, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
+  const context = new TextEncoder().encode("joulepai-memory-v1");
+  const info = new Uint8Array(context.length + 1);
+  info.set(context);
+  info[context.length] = 1;
+  return new Uint8Array(await crypto.subtle.sign("HMAC", okmKey, info));
+}
+async function aesGcmDecrypt(keyBytes, iv, ciphertext, tag) {
+  const aesKey = await crypto.subtle.importKey("raw", keyBytes, { name: "AES-GCM" }, false, ["decrypt"]);
+  const ctWithTag = new Uint8Array(ciphertext.length + tag.length);
+  ctWithTag.set(ciphertext);
+  ctWithTag.set(tag, ciphertext.length);
+  try {
+    const plaintext = await crypto.subtle.decrypt(
+      { name: "AES-GCM", iv, tagLength: 128 },
+      aesKey,
+      ctWithTag
+    );
+    return new Uint8Array(plaintext);
+  } catch (_) {
+    throw new Error(
+      "Share combination failed \u2014 invalid recovery phrase or share. Please verify your recovery phrase and try again."
+    );
+  }
+}
+async function combineSharesAndDecrypt(customerShare, custodialShare, chunk, p256ScalarMul) {
+  const privateKey = shamirCombine(customerShare, custodialShare);
+  const ephemPub = hexToBytes(chunk.encryption_metadata.ecdh_public_key_hex);
+  const sharedSecretX = await p256ScalarMul(privateKey, ephemPub);
+  const aesKey = await memoryKDF(sharedSecretX);
+  const iv = hexToBytes(chunk.encryption_metadata.iv_hex);
+  const tag = hexToBytes(chunk.encryption_metadata.tag_hex);
+  const ct = base64ToBytes(chunk.encrypted_payload);
+  return aesGcmDecrypt(aesKey, iv, ct, tag);
+}
+async function verifyShareCombination(customerShare, custodialShare, poseidonKeyHash, wasmUrl) {
+  const moduleUrl = wasmUrl || "/static/shamir_verify.js";
+  const mod = await import(moduleUrl);
+  await mod.default(moduleUrl.replace(".js", ".wasm"));
+  const result = mod.verify_share_combination(
+    bytesToHex(customerShare),
+    bytesToHex(custodialShare),
+    poseidonKeyHash
+  );
+  return JSON.parse(result);
+}
+function deriveSharesFromMnemonic(mnemonicPhrase, passphrase = "") {
+  const norm = mnemonicPhrase.trim().split(/\s+/).join(" ");
+  if (!(0, import_bip39.validateMnemonic)(norm, import_english.wordlist)) {
+    throw new ValidationError(null, "Invalid BIP39 mnemonic (bad word or checksum)");
+  }
+  const seed = (0, import_bip39.mnemonicToSeedSync)(norm, passphrase);
+  const customerShare = new Uint8Array(33);
+  customerShare[0] = 1;
+  customerShare.set(seed.slice(0, 32), 1);
+  return { seed, customerShare };
+}
+async function decryptKnowledgeNode(node, keyBase64) {
+  const key = await crypto.subtle.importKey(
+    "raw",
+    Uint8Array.from(atob(keyBase64), (c) => c.charCodeAt(0)),
+    { name: "AES-GCM" },
+    false,
+    ["decrypt"]
+  );
+  node.name = await _decryptNodeField(node.name, key);
+  node.summary = await _decryptNodeField(node.summary, key);
+  return node;
+}
+async function _decryptNodeField(b64, key) {
+  if (!b64) return "";
+  try {
+    const d = Uint8Array.from(atob(b64), (c) => c.charCodeAt(0));
+    if (d.length < 13) return b64;
+    const dec = await crypto.subtle.decrypt({ name: "AES-GCM", iv: d.slice(0, 12) }, key, d.slice(12));
+    return new TextDecoder().decode(dec);
+  } catch {
+    return b64;
+  }
+}
+
+// src/enyal.js
+var ENYAL_BASE = "https://api.enyal.ai";
+var EnyalSubmodule = class {
+  constructor(transport, baseUrl = ENYAL_BASE) {
+    this._t = transport;
+    this._base = baseUrl;
+    this.crypto = crypto_exports;
+  }
+  // ── class A (ENFORCED) ──
+  /** 2.1.0: enyal-client.js:444. */
+  archive({ agentId, chunkType, chunkKey, data, metadata, proofTier, idempotencyKey, retry = true }) {
+    if (typeof data !== "string") data = JSON.stringify(data);
+    const body = {
+      agent_id: agentId,
+      chunk_type: chunkType,
+      chunk_key: chunkKey,
+      data: Buffer.from(data).toString("base64")
+    };
+    if (metadata) body.metadata = metadata;
+    if (proofTier) body.proof_tier = proofTier;
+    return this._t.request(this._base, "POST", "/api/v1/archive", { body, idempotencyKey, retry });
+  }
+  /** 2.1.0: enyal-client.js:499. ENFORCED (G1: trust_routes.py:123-138). */
+  timestamp({ payload, description, idempotencyKey, retry = true }) {
+    if (typeof payload !== "string") payload = JSON.stringify(payload);
+    const body = { payload };
+    if (description) body.description = description;
+    return this._t.request(this._base, "POST", "/api/v1/timestamp", { body, idempotencyKey, retry });
+  }
+  /** ENFORCED (G1: trust_routes.py:223-238). */
+  createAgreement({ terms, parties, title, idempotencyKey, retry = true }) {
+    const body = { terms, parties };
+    if (title) body.title = title;
+    return this._t.request(this._base, "POST", "/api/v1/agreement/create", { body, idempotencyKey, retry });
+  }
+  /** ENFORCED (G1: trust_routes.py:453-471). */
+  complianceAttest({ periodStart, periodEnd, systems, idempotencyKey, retry = true }) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/api/v1/compliance/attest",
+      { body: { period_start: periodStart, period_end: periodEnd, systems }, idempotencyKey, retry }
+    );
+  }
+  // ── class B (ENFORCED) ──
+  /** 2.1.0: enyal-client.js:472. ENFORCED (prove_routes.py:204). */
+  prove({
+    resourceType,
+    geographicRegion,
+    supplyChainStage,
+    chunkIds,
+    quantumResistant = false,
+    idempotencyKey,
+    retry = true
+  } = {}) {
+    const body = { quantum_resistant: quantumResistant };
+    if (resourceType) body.resource_type = resourceType;
+    if (geographicRegion) body.geographic_region = geographicRegion;
+    if (supplyChainStage) body.supply_chain_stage = supplyChainStage;
+    if (chunkIds) body.chunk_ids = chunkIds;
+    return this._t.request(this._base, "POST", "/api/v1/prove", { body, idempotencyKey, retry });
+  }
+  proveBatch({ queries, quantumResistant = true, compress = true, idempotencyKey, retry = true }) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/api/v1/prove-batch",
+      { body: { queries, quantum_resistant: quantumResistant, compress }, idempotencyKey, retry }
+    );
+  }
+  /** 2.1.0: enyal-client.js:292. ENFORCED (prove_routes.py:666). */
+  proveShareCombination({ customerShareHex, poseidonKeyHash, idempotencyKey, retry = true }) {
+    const body = { customer_share_hex: customerShareHex };
+    if (poseidonKeyHash) body.poseidon_key_hash = poseidonKeyHash;
+    return this._t.request(this._base, "POST", "/api/v1/prove/share-combination", { body, idempotencyKey, retry });
+  }
+  /** 2.1.0: enyal-client.js:483. ENFORCED (disclose_routes.py:274). */
+  disclose({ chunkIds, recipientPubkeyHex, purpose, idempotencyKey, retry = true }) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/api/v1/disclose",
+      { body: { chunk_ids: chunkIds, recipient_pubkey_hex: recipientPubkeyHex, purpose }, idempotencyKey, retry }
+    );
+  }
+  /** 2.1.0: enyal-client.js:201. ENFORCED (disclose_routes.py:654). */
+  requestClientDisclosure({ chunkIds, purpose, idempotencyKey, retry = true }) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/api/v1/disclose/client-side",
+      { body: { chunk_ids: chunkIds, purpose }, idempotencyKey, retry }
+    );
+  }
+  /** ENFORCED (message_routes.py:312). */
+  sendMessage({ senderAgentId, threadId, recipientAgentId, messageType, payload, idempotencyKey, retry = true }) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/api/v1/message/send",
+      {
+        body: {
+          sender_agent_id: senderAgentId,
+          thread_id: threadId,
+          recipient_agent_id: recipientAgentId,
+          message_type: messageType,
+          payload
+        },
+        idempotencyKey,
+        retry
+      }
+    );
+  }
+  getInbox({ agentId, direction = "inbox", ...params } = {}) {
+    return this._t.request(
+      this._base,
+      "GET",
+      "/api/v1/message/inbox",
+      { params: { agent_id: agentId, direction, ...params } }
+    );
+  }
+  getThread(threadId) {
+    return this._t.request(
+      this._base,
+      "GET",
+      "/api/v1/message/thread/{thread_id}",
+      { pathParams: { thread_id: threadId } }
+    );
+  }
+  markRead(messageIds, retry = true) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/api/v1/message/read",
+      { body: { message_ids: messageIds }, retry }
+    );
+  }
+  // ── reads ──
+  search(params = {}) {
+    return this._t.request(this._base, "GET", "/api/v1/search", { params });
+  }
+  verifyAgreement({ agreementChunkId, terms }) {
+    return this._t.request(
+      this._base,
+      "GET",
+      "/api/v1/agreement/verify",
+      { params: { agreement_chunk_id: agreementChunkId, terms } }
+    );
+  }
+  getLineage(chunkId) {
+    return this._t.request(this._base, "GET", "/api/v1/lineage/{chunk_id}", { pathParams: { chunk_id: chunkId } });
+  }
+  getKnowledgeNodes(params = {}) {
+    return this._t.request(this._base, "GET", "/api/v1/knowledge/nodes", { params });
+  }
+  getKnowledgeNode(nodeId) {
+    return this._t.request(this._base, "GET", "/api/v1/knowledge/node/{node_id}", { pathParams: { node_id: nodeId } });
+  }
+  getKnowledgeConnections(nodeId, hops = 2) {
+    return this._t.request(
+      this._base,
+      "GET",
+      "/api/v1/knowledge/connections/{node_id}",
+      { pathParams: { node_id: nodeId }, params: { hops } }
+    );
+  }
+  getContradictions() {
+    return this._t.request(this._base, "GET", "/api/v1/knowledge/contradictions", {});
+  }
+  getKnowledgeStats() {
+    return this._t.request(this._base, "GET", "/api/v1/knowledge/stats", {});
+  }
+  getKnowledgeIndex() {
+    return this._t.request(this._base, "GET", "/api/v1/knowledge/index", {});
+  }
+  getKnowledgeHealth() {
+    return this._t.request(this._base, "GET", "/api/v1/knowledge/health", {});
+  }
+  /** Absorbed stray (AUDIT.6: index.js:342). */
+  getContext({ depth = 1, topic, format = "json" } = {}) {
+    const params = { depth, format };
+    if (topic) params.topic = topic;
+    return this._t.request(this._base, "GET", "/api/v1/knowledge/context", { params });
+  }
+  /** Session-auth only — raise-stub preserved per 2.1.0 + design §6. */
+  synthesiseKnowledge() {
+    throw new Error("knowledge/synthesise requires session auth (not API key). Use the ENYAL web console at enyal.ai.");
+  }
+  // ── NOT SUPPORTED tier (auto-retry OFF at wrapper) ──
+  /** NOT retry-safe (knowledge_routes.py:448 — 500j billed, no server idempotency). */
+  knowledgeUpgrade(body = {}) {
+    return this._t.request(this._base, "POST", "/api/v1/knowledge/upgrade", { body });
+  }
+  /** NOT retry-safe (knowledge_routes.py:1337). */
+  memoryStructuredQuery(body = {}) {
+    return this._t.request(this._base, "POST", "/api/v1/memory/structured-query", { body });
+  }
+  /** NOT retry-safe (knowledge_routes.py:1374). */
+  memoryContentQuery(body = {}) {
+    return this._t.request(this._base, "POST", "/api/v1/memory/content-query", { body });
+  }
+  /** NOT retry-safe (archive_routes.py:440). */
+  queueProof(chunkId, quantumResistant = false) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/api/v1/proof/queue",
+      { body: { chunk_id: chunkId, quantum_resistant: quantumResistant } }
+    );
+  }
+  // ── recovery round-trip (design §4.1.3; wrapped-master-key invariant) ──
+  async recoverFromRecoveryFile(recoveryFile, mnemonic, passphrase = "") {
+    if (typeof recoveryFile === "string") recoveryFile = JSON.parse(recoveryFile);
+    const { customerShare } = deriveSharesFromMnemonic(mnemonic, passphrase);
+    const custodial = (void 0)(recoveryFile.custodial_share_hex);
+    return combineSharesAndDecrypt(customerShare, custodial, recoveryFile.encrypted_payload);
+  }
+  // ── Arch-3 stubs (design §4.1.4 — activate when render phases B-D ship) ──
+  memoryQuery() {
+    throw new Error("NotImplemented: Render phases B-D not yet deployed (Arch-3, REV15-7)");
+  }
+  executePlan() {
+    throw new Error("NotImplemented: Render phases B-D not yet deployed (Arch-3, REV15-7)");
+  }
+  renderNode() {
+    throw new Error("NotImplemented: Render phases B-D not yet deployed (Arch-3, REV15-7)");
+  }
+  renderContext() {
+    throw new Error("NotImplemented: Render phases B-D not yet deployed (Arch-3, REV15-7)");
+  }
+};
+
+// src/joulepai.js
+var JOULEPAI_BASE = "https://joulepai.ai/api/v1";
+var UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+var JoulepaiSubmodule = class {
+  constructor(transport, baseUrl = JOULEPAI_BASE) {
+    this._t = transport;
+    this._base = baseUrl;
+    this._walletId = null;
+  }
+  async _ensureId() {
+    if (!this._walletId) {
+      this._walletId = (await this._t.request(this._base, "GET", "/wallet/me", {})).id;
+    }
+    return this._walletId;
+  }
+  /** Absorbs Wallet.create (index.js:50). */
+  createWallet({ email, ownerId, ownerType = "human", handle }) {
+    const body = { owner_id: ownerId || crypto.randomUUID(), owner_type: ownerType, email };
+    if (handle) body.handle = handle;
+    return this._t.request(this._base, "POST", "/wallet/create", { body });
+  }
+  /** Absorbs pay() (index.js:117). ENFORCED class D — dispatch auto-generates the key. */
+  async transfer(destination, amount, {
+    platform = "rareeai",
+    note,
+    privacyMode,
+    idempotencyKey,
+    retry = true
+  } = {}) {
+    const body = { from_wallet_id: await this._ensureId(), amount, platform };
+    const dest = destination.replace(/^@/, "");
+    body[UUID_RE.test(dest) ? "to_wallet_id" : "to_handle"] = dest;
+    if (note != null) body.note = note;
+    if (privacyMode != null) body.privacy_mode = privacyMode;
+    return this._t.request(this._base, "POST", "/api/v1/wallet/transfer", { body, idempotencyKey, retry });
+  }
+  pay(...args) {
+    return this.transfer(...args);
+  }
+  transferStatus(transferId) {
+    return this._t.request(this._base, "GET", "/wallet/transfer/{tid}/status", { pathParams: { tid: transferId } });
+  }
+  /** Absorbs fund() (index.js:152). NOT retry-safe (G1 demotion — duplicate Stripe sessions). */
+  async fund(amountFiat, { method = "stripe" } = {}) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/api/v1/wallet/fund",
+      { body: { wallet_id: await this._ensureId(), amount_fiat: amountFiat, method } }
+    );
+  }
+  async balance() {
+    return (await this._t.request(
+      this._base,
+      "GET",
+      "/wallet/balance/{wid}",
+      { pathParams: { wid: await this._ensureId() } }
+    )).balance;
+  }
+  async info() {
+    return this._t.request(
+      this._base,
+      "GET",
+      "/wallet/balance/{wid}",
+      { pathParams: { wid: await this._ensureId() } }
+    );
+  }
+  async handle() {
+    return (await this.info()).handle ?? null;
+  }
+  async transactions({ limit = 50, offset = 0 } = {}) {
+    return this._t.request(
+      this._base,
+      "GET",
+      "/wallet/transactions/{wid}",
+      { pathParams: { wid: await this._ensureId() }, params: { limit, offset } }
+    );
+  }
+  async setHandle(h) {
+    return this._t.request(
+      this._base,
+      "PUT",
+      "/wallet/handle",
+      { body: { wallet_id: await this._ensureId(), handle: h.replace(/^@/, "") } }
+    );
+  }
+  async exchangeRate(currency = "EUR") {
+    return (await this._t.request(
+      this._base,
+      "GET",
+      "/wallet/exchange-rate/{cur}",
+      { pathParams: { cur: currency.toUpperCase() } }
+    )).joules_per_unit;
+  }
+  async getLimits() {
+    return this._t.request(
+      this._base,
+      "GET",
+      "/wallet/limits/{wid}",
+      { pathParams: { wid: await this._ensureId() } }
+    );
+  }
+  async setLimits({ daily, perTransaction, allowedPlatforms } = {}) {
+    const body = { agent_wallet_id: await this._ensureId() };
+    if (daily != null) body.daily_cap = daily;
+    if (perTransaction != null) body.per_transaction_cap = perTransaction;
+    if (allowedPlatforms != null) body.allowed_platforms = allowedPlatforms;
+    return this._t.request(this._base, "PUT", "/wallet/limits", { body });
+  }
+  async depositInfo() {
+    return this._t.request(
+      this._base,
+      "GET",
+      "/wallet/deposit-info/{wid}",
+      { pathParams: { wid: await this._ensureId() } }
+    );
+  }
+  depositAddress() {
+    return this._t.request(this._base, "GET", "/wallet/deposit-address", {});
+  }
+  fundingStatus(fundingEventId) {
+    return this._t.request(this._base, "GET", "/wallet/fund/{fid}", { pathParams: { fid: fundingEventId } });
+  }
+  resetCredentials(walletId, email) {
+    return this._t.request(
+      this._base,
+      "POST",
+      "/wallet/reset-credentials",
+      { body: { wallet_id: walletId, email } }
+    );
+  }
+  verify(transactionId) {
+    return this._t.request(this._base, "GET", "/wallet/transaction/{tid}", { pathParams: { tid: transactionId } });
+  }
+  async verifyPayment(transactionId, expectedAmount, recipient) {
+    return (await this._t.request(
+      this._base,
+      "POST",
+      "/wallet/verify-payment",
+      { params: { transaction_id: transactionId, expected_amount: expectedAmount, recipient } }
+    )).verified;
+  }
+};
+
+// src/rareeai.js
+var DIRECT_BASE = "https://joulepai.ai";
+var UNIFIED_BASE = "https://joulepai.ai";
+var DIRECT_PREFIX = "/api/v1";
+var UNIFIED_PREFIX = "/api/v1/marketplace";
+var RareeaiEntry = class {
+  constructor(transport, baseUrl, prefix, rateLabel) {
+    this._t = transport;
+    this._base = baseUrl;
+    this._p = prefix;
+    this.rate = rateLabel;
+  }
+  // Pattern B — ENFORCED (G1 row 5)
+  createProvider({ resourceType, capacity, idempotencyKey, retry = true, ...fields }) {
+    const body = { resource_type: resourceType, ...fields };
+    if (capacity) body.capacity = capacity;
+    return this._t.request(this._base, "POST", `${this._p}/provide`, { body, idempotencyKey, retry });
+  }
+  createRequest({ resourceType, idempotencyKey, retry = true, ...fields }) {
+    return this._t.request(
+      this._base,
+      "POST",
+      `${this._p}/request`,
+      { body: { resource_type: resourceType, ...fields }, idempotencyKey, retry }
+    );
+  }
+  deliver(matchId, { idempotencyKey, retry = true, ...fields } = {}) {
+    return this._t.request(
+      this._base,
+      "POST",
+      `${this._p}/deliver/{match_id}`,
+      { pathParams: { match_id: matchId }, body: fields, idempotencyKey, retry }
+    );
+  }
+  resolve(matchId, { idempotencyKey, retry = true, ...fields } = {}) {
+    return this._t.request(
+      this._base,
+      "POST",
+      `${this._p}/match/{match_id}/resolve`,
+      { pathParams: { match_id: matchId }, body: fields, idempotencyKey, retry }
+    );
+  }
+  // FSM transitions — NOT SUPPORTED (auto-retry OFF; G1 row 5)
+  approve(matchId, fields = {}) {
+    return this._t.request(
+      this._base,
+      "POST",
+      `${this._p}/match/{match_id}/approve`,
+      { pathParams: { match_id: matchId }, body: fields }
+    );
+  }
+  reject(matchId, fields = {}) {
+    return this._t.request(
+      this._base,
+      "POST",
+      `${this._p}/match/{match_id}/reject`,
+      { pathParams: { match_id: matchId }, body: fields }
+    );
+  }
+  dispute(matchId, fields = {}) {
+    return this._t.request(
+      this._base,
+      "POST",
+      `${this._p}/match/{match_id}/dispute`,
+      { pathParams: { match_id: matchId }, body: fields }
+    );
+  }
+  extendDispute(matchId, fields = {}) {
+    return this._t.request(
+      this._base,
+      "POST",
+      `${this._p}/match/{match_id}/extend-dispute`,
+      { pathParams: { match_id: matchId }, body: fields }
+    );
+  }
+  // reads
+  providers(params = {}) {
+    return this._t.request(this._base, "GET", `${this._p}/providers`, { params });
+  }
+  myProviders() {
+    return this._t.request(this._base, "GET", `${this._p}/providers/mine`, {});
+  }
+  getRequest(requestId) {
+    return this._t.request(
+      this._base,
+      "GET",
+      `${this._p}/request/{request_id}`,
+      { pathParams: { request_id: requestId } }
+    );
+  }
+};
+var RareeaiSubmodule = class {
+  constructor(transport, directBase = DIRECT_BASE, unifiedBase = UNIFIED_BASE) {
+    this.direct = new RareeaiEntry(transport, directBase, DIRECT_PREFIX, "0.25%");
+    this.intelligence = new RareeaiEntry(transport, unifiedBase, UNIFIED_PREFIX, "0.5%");
+  }
+};
+
+// src/gldai.js
+var GLDAI_BASE = "https://greenlandai.ai";
+var GldaiSubmodule = class {
+  constructor(transport, baseUrl = GLDAI_BASE) {
+    this._t = transport;
+    this._base = baseUrl;
+  }
+  companies({ idempotencyKey, ...params } = {}) {
+    return this._t.request(this._base, "GET", "/api/v1/companies", { params, idempotencyKey });
+  }
+  company(companyId) {
+    return this._t.request(this._base, "GET", "/api/v1/companies/{cid}", { pathParams: { cid: companyId } });
+  }
+  deposits({ idempotencyKey, ...params } = {}) {
+    return this._t.request(this._base, "GET", "/api/v1/deposits", { params, idempotencyKey });
+  }
+  deposit(depositId) {
+    return this._t.request(this._base, "GET", "/api/v1/deposits/{did}", { pathParams: { did: depositId } });
+  }
+  infrastructureList({ idempotencyKey, ...params } = {}) {
+    return this._t.request(this._base, "GET", "/api/v1/infrastructure", { params, idempotencyKey });
+  }
+  infrastructure(infraId) {
+    return this._t.request(this._base, "GET", "/api/v1/infrastructure/{iid}", { pathParams: { iid: infraId } });
+  }
+  query(q, { idempotencyKey, ...params } = {}) {
+    return this._t.request(this._base, "GET", "/api/v1/query", { params: { q, ...params }, idempotencyKey });
+  }
+  projects({ idempotencyKey, ...params } = {}) {
+    return this._t.request(this._base, "GET", "/api/v1/projects", { params, idempotencyKey });
+  }
+  project(projectId) {
+    return this._t.request(this._base, "GET", "/api/v1/projects/{pid}", { pathParams: { pid: projectId } });
+  }
+  mapdata({ idempotencyKey, ...params } = {}) {
+    return this._t.request(this._base, "GET", "/api/v1/mapdata", { params, idempotencyKey });
+  }
+};
+
+// index.js
+var VERSION = "0.1.0";
+var Client = class {
+  /**
+   * @param {object} opts
+   * @param {string} [opts.apiKey] - eyl_ API key (primary for SDK consumers).
+   * @param {string} [opts.oauthToken] - ENYAL-issued OAuth JWT (web sessions).
+   * @param {object} [opts.logger] - console-shaped logger (console/winston/pino).
+   * @param {function} [opts.onRetry] / [opts.onTerminalFailure] / [opts.onAuthExpired]
+   * @param {object} [opts.metrics] - {count(name,v), histogram(name,v)} sink (OFF default).
+   */
+  constructor({
+    apiKey,
+    oauthToken,
+    logger,
+    onRetry,
+    onTerminalFailure,
+    onAuthExpired,
+    metrics,
+    fetchImpl,
+    enyalBaseUrl,
+    joulepaiBaseUrl,
+    rareeaiDirectBaseUrl,
+    rareeaiUnifiedBaseUrl,
+    gldaiBaseUrl
+  } = {}) {
+    this._transport = new Transport({
+      apiKey,
+      oauthToken,
+      logger,
+      onRetry,
+      onTerminalFailure,
+      onAuthExpired,
+      metrics,
+      fetchImpl
+    });
+    this.enyal = new EnyalSubmodule(this._transport, enyalBaseUrl || ENYAL_BASE);
+    this.joulepai = new JoulepaiSubmodule(this._transport, joulepaiBaseUrl || JOULEPAI_BASE);
+    this.rareeai = new RareeaiSubmodule(
+      this._transport,
+      rareeaiDirectBaseUrl || DIRECT_BASE,
+      rareeaiUnifiedBaseUrl || UNIFIED_BASE
+    );
+    this.gldai = new GldaiSubmodule(this._transport, gldaiBaseUrl || GLDAI_BASE);
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AuthError,
+  Client,
+  ConflictError,
+  ENFORCED,
+  GreenlandAIError,
+  IDEMPOTENCY_MAP,
+  NOT_SUPPORTED,
+  NetworkError,
+  NotFoundError,
+  RateLimitError,
+  SAFE,
+  ScopeError,
+  ServerError,
+  VERSION,
+  ValidationError,
+  crypto
+});