@haaaiawd/second-nature 0.1.8 → 0.1.10

package/runtime/storage/quiet/quiet-artifact-types.d.ts

@@ -0,0 +1,18 @@
+import type { SourceRef } from "../life-evidence/types.js";
+export type QuietArtifactKind = "daily_report" | "narrative_reflection" | "curated_memory_candidate" | "empty_state";
+export type QuietClaimType = "fact" | "emotion" | "interpretation" | "next_step";
+export interface QuietClaim {
+    id: string;
+    text: string;
+    sourceRefs: SourceRef[];
+    claimType: QuietClaimType;
+}
+export interface QuietArtifactWrite {
+    day: string;
+    kind: QuietArtifactKind;
+    title: string;
+    body: string;
+    claims: QuietClaim[];
+    sourceRefs: SourceRef[];
+    memoryCandidateRefs?: SourceRef[];
+}

package/runtime/storage/quiet/quiet-artifact-types.js

@@ -0,0 +1 @@
+export {};

package/runtime/storage/quiet/quiet-artifact-writer.d.ts

@@ -0,0 +1,15 @@
+import type { SourceRef } from "../life-evidence/types.js";
+import type { SourceCoverage } from "../snapshots/types.js";
+import type { QuietArtifactWrite } from "./quiet-artifact-types.js";
+import type { QuietClaim } from "./quiet-artifact-types.js";
+export declare function calculateQuietSourceCoverage(claims: QuietClaim[]): SourceCoverage;
+/** Ratio of factual claims whose refs intersect the artifact's evidence bundle (T4.4.1). */
+export declare function evidenceGroundingRatio(input: Pick<QuietArtifactWrite, "claims" | "sourceRefs">): number;
+export interface QuietArtifactAck {
+    artifactId: string;
+    artifactRef: SourceRef;
+    sourceCoverage: SourceCoverage;
+}
+export declare function writeQuietArtifact(input: QuietArtifactWrite, opts?: {
+    minimumCoverageRatio?: number;
+}): QuietArtifactAck;

package/runtime/storage/quiet/quiet-artifact-writer.js

@@ -0,0 +1,56 @@
+/**
+ * Quiet artifact validation + source coverage gate (T4.4.1 / ADR-003).
+ * Returns artifact identity for persistence layers; does not write FS/SQLite here.
+ */
+import * as crypto from "node:crypto";
+const DEFAULT_MIN_COVERAGE_RATIO = 0.51;
+export function calculateQuietSourceCoverage(claims) {
+    const factual = claims.filter((c) => c.claimType === "fact");
+    const claimCoverage = claims.map((c) => {
+        const backed = c.claimType !== "fact" || c.sourceRefs.length > 0;
+        return { claimId: c.id, backed, sourceRefs: [...c.sourceRefs] };
+    });
+    const unsupportedClaims = claimCoverage.filter((x) => !x.backed).map((x) => x.claimId);
+    const coverageRatio = factual.length === 0 ? 1 : factual.filter((c) => c.sourceRefs.length > 0).length / factual.length;
+    return { coverageRatio, unsupportedClaims, claimCoverage };
+}
+/** Ratio of factual claims whose refs intersect the artifact's evidence bundle (T4.4.1). */
+export function evidenceGroundingRatio(input) {
+    const allowedIds = new Set(input.sourceRefs.map((s) => s.id));
+    const facts = input.claims.filter((c) => c.claimType === "fact");
+    if (facts.length === 0)
+        return 1;
+    let grounded = 0;
+    for (const f of facts) {
+        if (f.sourceRefs.length === 0)
+            continue;
+        if (f.sourceRefs.some((r) => allowedIds.has(r.id)))
+            grounded += 1;
+    }
+    return grounded / facts.length;
+}
+export function writeQuietArtifact(input, opts) {
+    const minCov = opts?.minimumCoverageRatio ?? DEFAULT_MIN_COVERAGE_RATIO;
+    if (input.sourceRefs.length === 0 && input.kind !== "empty_state") {
+        throw new Error("quiet_artifact_requires_source_refs");
+    }
+    const localCoverage = calculateQuietSourceCoverage(input.claims);
+    if (input.kind !== "empty_state" && localCoverage.unsupportedClaims.length > 0) {
+        throw new Error("quiet_artifact_unsupported_factual_claim");
+    }
+    const grounding = evidenceGroundingRatio(input);
+    if (input.kind !== "empty_state" && grounding < minCov) {
+        throw new Error("quiet_artifact_source_coverage_too_low");
+    }
+    const artifactId = crypto.randomUUID();
+    const artifactRef = {
+        id: `quiet:${artifactId}`,
+        kind: "workspace_artifact",
+        uri: `urn:second-nature:quiet:${input.day}:${input.kind}:${artifactId}`,
+    };
+    const sourceCoverage = {
+        ...localCoverage,
+        coverageRatio: input.kind === "empty_state" ? 1 : grounding,
+    };
+    return { artifactId, artifactRef, sourceCoverage };
+}

package/runtime/storage/repositories/credential-repository.js

@@ -12,8 +12,19 @@ export class CredentialRepository {
         });
     }
     async findByPlatformId(platformId) {
-        return this.database.db.query.credentialRecords.findFirst({
+        const row = await this.database.db.query.credentialRecords.findFirst({
             where: eq(credentialRecords.platformId, platformId),
         });
+        if (row == null) {
+            return undefined;
+        }
+        const r = row;
+        const pid = (r.platformId ?? r.platform_id);
+        const enc = (r.encryptedValue ?? r.encrypted_value);
+        // sql.js + Drizzle: no-match can still return a "shell" row (keys present, values undefined).
+        if (pid == null || pid === "" || enc == null || enc === "") {
+            return undefined;
+        }
+        return row;
     }
 }

package/runtime/storage/rhythm/rhythm-policy-snapshot.d.ts

@@ -0,0 +1,10 @@
+import type { StateDatabase } from "../db/index.js";
+export interface RhythmPolicySnapshot {
+    snapshotId: string;
+    generatedAt: string;
+    quietEnabled: boolean;
+    socialDailyLimit: number;
+    outreachDailyBudget: number;
+    updatedAt: string;
+}
+export declare function loadRhythmPolicySnapshot(db: StateDatabase): Promise<RhythmPolicySnapshot>;

package/runtime/storage/rhythm/rhythm-policy-snapshot.js

@@ -0,0 +1,34 @@
+/**
+ * Rhythm policy read model: state produces policy fields only (T4.1.2 owner boundary).
+ *
+ * Core logic: load workspace-scoped policy row or defaults; never emit control-plane decision fields.
+ *
+ * Test coverage: tests/unit/storage/rhythm-policy-snapshot.test.ts
+ */
+import * as crypto from "node:crypto";
+import { eq } from "drizzle-orm";
+import { policyRecords } from "../db/schema/policies.js";
+const WORKSPACE_SCOPE = "workspace";
+export async function loadRhythmPolicySnapshot(db) {
+    const scoped = await db.db.select().from(policyRecords).where(eq(policyRecords.platformId, WORKSPACE_SCOPE)).limit(1);
+    const row = scoped[0] ?? (await db.db.select().from(policyRecords).limit(1))[0];
+    const generatedAt = new Date().toISOString();
+    if (!row) {
+        return {
+            snapshotId: crypto.randomUUID(),
+            generatedAt,
+            quietEnabled: true,
+            socialDailyLimit: 5,
+            outreachDailyBudget: 2,
+            updatedAt: generatedAt,
+        };
+    }
+    return {
+        snapshotId: crypto.randomUUID(),
+        generatedAt,
+        quietEnabled: row.quietEnabled,
+        socialDailyLimit: row.socialDailyLimit,
+        outreachDailyBudget: row.outreachDailyBudget ?? 2,
+        updatedAt: row.updatedAt,
+    };
+}

package/runtime/storage/services/credential-vault.d.ts

@@ -1,5 +1,10 @@
 import type { StateDatabase } from "../db/index.js";
 import type { CredentialContextWrite, CredentialContext, CredentialState } from "../../shared/types/index.js";
+/** Three colon-separated hex segments produced by `encryptCredentialAtRest`. */
+export declare function isCredentialCiphertext(value: string): boolean;
+/** Encrypts non-empty plaintext; empty string returns empty. */
+export declare function encryptCredentialAtRest(plaintext: string): string;
+export declare function decryptCredentialAtRest(ciphertext: string): string;
 export interface CredentialVault {
     saveCredentialContext(input: CredentialContextWrite): Promise<void>;
     loadCredentialContext(platformId: string): Promise<CredentialContext | null>;

package/runtime/storage/services/credential-vault.js

@@ -1,32 +1,63 @@
+/**
+ * Credential encryption at rest (AES-256-GCM).
+ *
+ * Key material: `SECOND_NATURE_ENCRYPTION_KEY` (UTF-8, first 32 bytes used). Lazy read so tests can set env before first encrypt.
+ * Test coverage: tests/integration/cli/cli-ops-surface.test.ts (credential save path via state-api).
+ */
 import * as crypto from "crypto";
 import { eq } from "drizzle-orm";
 import { credentialRecords } from "../db/schema/index.js";
-const ENCRYPTION_KEY = process.env.SECOND_NATURE_ENCRYPTION_KEY || crypto.randomBytes(32).toString("hex");
 const ALGORITHM = "aes-256-gcm";
-function encrypt(plaintext) {
+function resolveKeyBuffer() {
+    const raw = process.env.SECOND_NATURE_ENCRYPTION_KEY?.trim();
+    if (!raw || raw.length < 32) {
+        throw new Error("SECOND_NATURE_ENCRYPTION_KEY is required for credential encryption at rest (min 32 UTF-8 characters)");
+    }
+    return Buffer.from(raw.slice(0, 32), "utf8");
+}
+function encryptInternal(plaintext) {
     const iv = crypto.randomBytes(16);
-    const key = Buffer.from(ENCRYPTION_KEY.slice(0, 32), "utf8");
+    const key = resolveKeyBuffer();
     const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
     const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
     const authTag = cipher.getAuthTag();
     return iv.toString("hex") + ":" + authTag.toString("hex") + ":" + encrypted.toString("hex");
 }
-function decrypt(ciphertext) {
+function decryptInternal(ciphertext) {
     const parts = ciphertext.split(":");
-    if (parts.length !== 3)
-        return ciphertext;
+    if (parts.length !== 3) {
+        throw new Error("credential_ciphertext_invalid_format");
+    }
     const iv = Buffer.from(parts[0], "hex");
     const authTag = Buffer.from(parts[1], "hex");
     const encrypted = Buffer.from(parts[2], "hex");
-    const key = Buffer.from(ENCRYPTION_KEY.slice(0, 32), "utf8");
+    const key = resolveKeyBuffer();
     const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
     decipher.setAuthTag(authTag);
     return decipher.update(encrypted) + decipher.final("utf8");
 }
+/** Three colon-separated hex segments produced by `encryptCredentialAtRest`. */
+export function isCredentialCiphertext(value) {
+    const parts = value.split(":");
+    if (parts.length !== 3)
+        return false;
+    return parts.every((p) => /^[0-9a-f]+$/i.test(p));
+}
+/** Encrypts non-empty plaintext; empty string returns empty. */
+export function encryptCredentialAtRest(plaintext) {
+    if (!plaintext)
+        return "";
+    return encryptInternal(plaintext);
+}
+export function decryptCredentialAtRest(ciphertext) {
+    if (!ciphertext)
+        return "";
+    return decryptInternal(ciphertext);
+}
 export function createCredentialVault(db) {
     return {
         async saveCredentialContext(input) {
-            const encrypted = input.encryptedValue ? encrypt(input.encryptedValue) : "";
+            const encrypted = input.encryptedValue ? encryptCredentialAtRest(input.encryptedValue) : "";
             await db.insert(credentialRecords).values({
                 platformId: input.platformId,
                 credentialType: input.credentialType,
@@ -57,11 +88,18 @@ export function createCredentialVault(db) {
             });
             if (!record)
                 return null;
+            let plain;
+            if (record.encryptedValue) {
+                if (!isCredentialCiphertext(record.encryptedValue)) {
+                    throw new Error("credential_store_plaintext_or_invalid_legacy_record");
+                }
+                plain = decryptCredentialAtRest(record.encryptedValue);
+            }
             return {
                 platformId: record.platformId,
                 credentialType: record.credentialType,
                 status: record.status,
-                encryptedValue: record.encryptedValue ? decrypt(record.encryptedValue) : undefined,
+                encryptedValue: plain,
                 verificationCode: record.verificationCode ?? undefined,
                 challengeText: record.challengeText ?? undefined,
                 verificationDeadline: record.expiresAt ?? undefined,

package/runtime/storage/snapshots/continuity-snapshot.d.ts

@@ -0,0 +1,9 @@
+import type { ObservabilityDatabase } from "../../observability/db/index.js";
+import type { StateDatabase } from "../db/index.js";
+import type { ContinuitySnapshot } from "./types.js";
+export interface LoadContinuitySnapshotParams {
+    state: StateDatabase;
+    workspaceRoot: string;
+    observability?: ObservabilityDatabase;
+}
+export declare function loadContinuitySnapshot(params: LoadContinuitySnapshotParams): Promise<ContinuitySnapshot>;

package/runtime/storage/snapshots/continuity-snapshot.js

@@ -0,0 +1,41 @@
+/**
+ * Continuity snapshot read model (T4.2.1) — lightweight bridge until full state feeds land.
+ */
+import * as crypto from "node:crypto";
+import { desc } from "drizzle-orm";
+import { decisionLedger } from "../../observability/db/schema/index.js";
+import { repairStateIndexes } from "../bootstrap/repair-gate.js";
+import { loadLifeEvidenceSnapshot } from "./life-evidence-snapshot.js";
+export async function loadContinuitySnapshot(params) {
+    await repairStateIndexes(params.state, { startupGate: true, workspaceRoot: params.workspaceRoot });
+    const life = await loadLifeEvidenceSnapshot(params.state, params.workspaceRoot, { limit: 50 }, { runRepairGate: false });
+    let recentDecisionRefs = [];
+    if (params.observability) {
+        const rows = await params.observability.db
+            .select()
+            .from(decisionLedger)
+            .orderBy(desc(decisionLedger.createdAt))
+            .limit(5);
+        recentDecisionRefs = rows.map((r) => ({
+            id: r.id,
+            kind: "decision_record",
+            uri: `sn://decision/${r.id}`,
+        }));
+    }
+    const pendingCount = life.platformEvents.length + life.workEvents.length + life.userInteractionEvents.length;
+    const oldest = [...life.platformEvents, ...life.workEvents, ...life.userInteractionEvents]
+        .map((e) => e.timestamp)
+        .sort()[0];
+    return {
+        snapshotId: crypto.randomUUID(),
+        generatedAt: new Date().toISOString(),
+        recentDecisionRefs,
+        openObligations: [],
+        quietDebt: {
+            hasUnprocessedEvidence: !life.empty,
+            oldestUnprocessedEvidenceAt: oldest,
+            pendingCount,
+        },
+        fallbackRefs: [],
+    };
+}

package/runtime/storage/snapshots/life-evidence-snapshot.d.ts

@@ -0,0 +1,6 @@
+import type { StateDatabase } from "../db/index.js";
+import type { LifeEvidenceQuery, LifeEvidenceSnapshot } from "./types.js";
+export interface LoadLifeEvidenceSnapshotOptions {
+    runRepairGate?: boolean;
+}
+export declare function loadLifeEvidenceSnapshot(state: StateDatabase, workspaceRoot: string, query: LifeEvidenceQuery, options?: LoadLifeEvidenceSnapshotOptions): Promise<LifeEvidenceSnapshot>;

package/runtime/storage/snapshots/life-evidence-snapshot.js

@@ -0,0 +1,114 @@
+/**
+ * Bounded life evidence snapshot read model (T4.2.1).
+ */
+import * as crypto from "node:crypto";
+import fs from "node:fs";
+import path from "node:path";
+import { and, desc, gte, inArray, lte } from "drizzle-orm";
+import { lifeEvidenceIndex } from "../db/schema/life-evidence-index.js";
+import { repairStateIndexes } from "../bootstrap/repair-gate.js";
+function toReadModel(stored) {
+    return {
+        id: stored.id,
+        timestamp: stored.timestamp,
+        evidenceType: stored.evidenceType,
+        platformId: stored.platformId,
+        summary: stored.summary,
+        rawContentRef: stored.rawContentRef,
+        sourceRefs: stored.sourceRefs,
+        sensitivity: stored.sensitivity,
+        confidence: stored.confidence,
+        tags: stored.tags,
+        producer: stored.producer,
+    };
+}
+function buildCoverage(events) {
+    if (events.length === 0) {
+        return { coverageRatio: 1, unsupportedClaims: [], claimCoverage: [] };
+    }
+    const backed = events.filter((e) => e.sourceRefs.length > 0).length;
+    return {
+        coverageRatio: backed / events.length,
+        unsupportedClaims: [],
+        claimCoverage: events.map((e, i) => ({
+            claimId: `ev:${e.id}:${i}`,
+            backed: e.sourceRefs.length > 0,
+            sourceRefs: e.sourceRefs,
+        })),
+    };
+}
+export async function loadLifeEvidenceSnapshot(state, workspaceRoot, query, options) {
+    const runGate = options?.runRepairGate !== false;
+    if (runGate) {
+        const repair = await repairStateIndexes(state, { startupGate: true, workspaceRoot });
+        if (repair.status === "repair_required") {
+            const err = new Error("state_repair_required");
+            err.code = "repair_required";
+            throw err;
+        }
+    }
+    const now = new Date().toISOString();
+    const windowEnd = query.windowEnd ?? now;
+    const windowStart = query.windowStart ?? new Date(Date.now() - 7 * 86400000).toISOString();
+    const limit = query.limit ?? 50;
+    const conditions = [gte(lifeEvidenceIndex.timestamp, windowStart), lte(lifeEvidenceIndex.timestamp, windowEnd)];
+    if (query.evidenceTypes?.length) {
+        conditions.push(inArray(lifeEvidenceIndex.evidenceType, query.evidenceTypes));
+    }
+    const rows = await state.db
+        .select()
+        .from(lifeEvidenceIndex)
+        .where(and(...conditions))
+        .orderBy(desc(lifeEvidenceIndex.timestamp))
+        .limit(limit);
+    const platformEvents = [];
+    const workEvents = [];
+    const userInteractionEvents = [];
+    const quietArtifacts = [];
+    const evidenceRefs = [];
+    for (const row of rows) {
+        const abs = path.join(workspaceRoot, row.artifactPath.replace(/\//g, path.sep));
+        if (!fs.existsSync(abs)) {
+            continue;
+        }
+        const stored = JSON.parse(fs.readFileSync(abs, "utf-8"));
+        const model = toReadModel(stored);
+        evidenceRefs.push({
+            id: `ref:${model.id}`,
+            kind: "workspace_artifact",
+            uri: row.artifactPath,
+        });
+        if (model.evidenceType === "platform_browse" || model.evidenceType === "platform_interaction") {
+            platformEvents.push(model);
+        }
+        else if (model.evidenceType === "work_progress" || model.evidenceType === "task_discovery") {
+            workEvents.push(model);
+        }
+        else if (model.evidenceType === "user_interaction") {
+            userInteractionEvents.push(model);
+        }
+        else if (model.evidenceType === "quiet_reflection") {
+            quietArtifacts.push({
+                id: `quiet:${model.id}`,
+                kind: "workspace_artifact",
+                uri: row.artifactPath,
+            });
+        }
+    }
+    const all = [...platformEvents, ...workEvents, ...userInteractionEvents];
+    const coverage = buildCoverage(all);
+    const empty = all.length === 0;
+    return {
+        snapshotId: crypto.randomUUID(),
+        generatedAt: now,
+        windowStart,
+        windowEnd,
+        evidenceRefs,
+        platformEvents,
+        workEvents,
+        userInteractionEvents,
+        quietArtifacts,
+        coverage,
+        empty,
+    };
+}

package/runtime/storage/snapshots/types.d.ts

@@ -0,0 +1,58 @@
+/**
+ * Read-model snapshots aligned with state-system v5 (subset for S1/S2).
+ */
+import type { LifeEvidenceType, SourceRef } from "../life-evidence/types.js";
+export interface LifeEvidenceQuery {
+    windowStart?: string;
+    windowEnd?: string;
+    evidenceTypes?: LifeEvidenceType[];
+    limit?: number;
+}
+export interface SourceCoverage {
+    coverageRatio: number;
+    unsupportedClaims: string[];
+    claimCoverage: Array<{
+        claimId: string;
+        backed: boolean;
+        sourceRefs: SourceRef[];
+    }>;
+}
+export interface LifeEvidenceReadModel {
+    id: string;
+    timestamp: string;
+    evidenceType: LifeEvidenceType;
+    platformId?: string;
+    summary: string;
+    rawContentRef?: string;
+    sourceRefs: SourceRef[];
+    sensitivity: import("../life-evidence/types.js").Sensitivity;
+    confidence: number;
+    tags: string[];
+    producer: string;
+}
+export interface LifeEvidenceSnapshot {
+    snapshotId: string;
+    generatedAt: string;
+    windowStart: string;
+    windowEnd: string;
+    evidenceRefs: SourceRef[];
+    platformEvents: LifeEvidenceReadModel[];
+    workEvents: LifeEvidenceReadModel[];
+    userInteractionEvents: LifeEvidenceReadModel[];
+    quietArtifacts: SourceRef[];
+    coverage: SourceCoverage;
+    empty: boolean;
+}
+export interface ContinuitySnapshot {
+    snapshotId: string;
+    generatedAt: string;
+    lastHeartbeatAt?: string;
+    recentDecisionRefs: SourceRef[];
+    openObligations: SourceRef[];
+    quietDebt: {
+        hasUnprocessedEvidence: boolean;
+        oldestUnprocessedEvidenceAt?: string;
+        pendingCount: number;
+    };
+    fallbackRefs: SourceRef[];
+}

package/runtime/storage/snapshots/types.js

@@ -0,0 +1 @@
+export {};

package/runtime/storage/state-api.js

@@ -7,6 +7,7 @@ import { PolicyRepository } from "./repositories/policy-repository.js";
 import { createDailyLogPipeline, } from "./services/daily-log-pipeline.js";
 import { createQuietInputLoader, } from "./services/quiet-input-loader.js";
 import { createPersonaCandidateLoader } from "./services/persona-candidate-loader.js";
+import { encryptCredentialAtRest, isCredentialCiphertext } from "./services/credential-vault.js";
 export class DefaultStateAPI {
     database;
     read;
@@ -31,11 +32,13 @@ export class DefaultStateAPI {
                 const record = await policyRepository.findByPlatformId(platformId);
                 if (!record)
                     return undefined;
+                const r = record;
                 return {
-                    platformId: record.platformId ?? record.platform_id,
-                    socialDailyLimit: record.socialDailyLimit ?? record.social_daily_limit,
-                    quietEnabled: record.quietEnabled ?? Boolean(record.quiet_enabled),
-                    updatedAt: record.updatedAt ?? record.updated_at,
+                    platformId: r.platformId ?? r.platform_id ?? platformId,
+                    socialDailyLimit: r.socialDailyLimit ?? r.social_daily_limit ?? 0,
+                    quietEnabled: r.quietEnabled ?? Boolean(r.quiet_enabled),
+                    outreachDailyBudget: r.outreachDailyBudget ?? r.outreach_daily_budget ?? 2,
+                    updatedAt: r.updatedAt ?? r.updated_at ?? "",
                 };
             },
             loadPersonaCandidates: (sceneContext) => personaCandidateLoader.loadPersonaCandidates(sceneContext),
@@ -50,6 +53,7 @@ export class DefaultStateAPI {
                     platformId: policy.platformId,
                     socialDailyLimit: policy.socialDailyLimit,
                     quietEnabled: policy.quietEnabled,
+                    outreachDailyBudget: policy.outreachDailyBudget ?? 2,
                     updatedAt: new Date().toISOString(),
                 });
             },
@@ -74,8 +78,11 @@ export class DefaultStateAPI {
             },
             saveCredentialContext: async (input) => {
                 const ctx = input;
+                const raw = ctx.encryptedValue != null ? String(ctx.encryptedValue) : "";
+                const encryptedValue = !raw || isCredentialCiphertext(raw) ? raw : encryptCredentialAtRest(raw);
                 await credentialRepository.upsert({
                     ...ctx,
+                    encryptedValue,
                     updatedAt: ctx.updatedAt ?? new Date().toISOString(),
                 });
             },

package/runtime/storage/user-interest/load-user-interest-snapshot.d.ts

@@ -0,0 +1,2 @@
+import type { UserInterestSnapshot } from "./types.js";
+export declare function loadUserInterestSnapshot(workspaceRoot: string): Promise<UserInterestSnapshot>;