@hashgraphonline/standards-sdk 0.1.141 → 0.1.143

package/dist/es/standards-sdk.es128.js

@@ -1,55 +1,2216 @@
-import { AccountId, PrivateKey, LedgerId, SignerSignature } from "@hashgraph/sdk";
-const unsupported = (method) => new Error(`${method} is not supported by the in-memory signer`);
-const createPrivateKeySigner = (options) => {
-  if (!options.privateKey) {
-    throw new Error("privateKey is required to create a ledger signer.");
-  }
-  if (!options.accountId) {
-    throw new Error("accountId is required to create a ledger signer.");
-  }
-  const accountId = AccountId.fromString(options.accountId);
-  const privateKey = PrivateKey.fromString(options.privateKey);
-  const ledgerId = LedgerId.fromString(options.network);
-  return {
-    getLedgerId: () => ledgerId,
-    getAccountId: () => accountId,
-    getAccountKey: () => privateKey.publicKey,
-    getNetwork: () => ({}),
-    getMirrorNetwork: () => [],
-    sign: async (messages) => Promise.all(
-      messages.map(async (message) => {
-        const signature = await privateKey.sign(message);
-        return new SignerSignature({
-          publicKey: privateKey.publicKey,
-          signature,
-          accountId
-        });
-      })
-    ),
-    getAccountBalance: async () => {
-      throw unsupported("getAccountBalance");
-    },
-    getAccountInfo: async () => {
-      throw unsupported("getAccountInfo");
-    },
-    getAccountRecords: async () => {
-      throw unsupported("getAccountRecords");
-    },
-    signTransaction: async (_) => {
-      throw unsupported("signTransaction");
-    },
-    checkTransaction: async (_) => {
-      throw unsupported("checkTransaction");
-    },
-    populateTransaction: async (_) => {
-      throw unsupported("populateTransaction");
-    },
-    call: async (_request) => {
-      throw unsupported("call");
-    }
+import * as path from "node:path";
+import { Buffer } from "node:buffer";
+import { randomBytes, createHash, createCipheriv, createDecipheriv } from "node:crypto";
+import { secp256k1 } from "@noble/curves/secp256k1.js";
+import { canonicalizeLedgerNetwork } from "./standards-sdk.es130.js";
+import { searchResponseSchema, statsResponseSchema, registriesResponseSchema, additionalRegistryCatalogResponseSchema, popularResponseSchema, resolveResponseSchema, registerAgentResponseSchema, registrationQuoteResponseSchema, registrationProgressResponseSchema, creditPurchaseResponseSchema, x402MinimumsResponseSchema, x402CreditPurchaseResponseSchema, ledgerChallengeResponseSchema, ledgerVerifyResponseSchema, protocolsResponseSchema, detectProtocolResponseSchema, registrySearchByNamespaceSchema, vectorSearchResponseSchema, searchStatusResponseSchema, adapterDetailsResponseSchema, websocketStatsResponseSchema, metricsSummaryResponseSchema, uaidValidationResponseSchema, uaidConnectionStatusSchema, dashboardStatsResponseSchema, adaptersResponseSchema, searchFacetsResponseSchema, createSessionResponseSchema, chatHistorySnapshotResponseSchema, chatHistoryCompactionResponseSchema, sessionEncryptionStatusResponseSchema, encryptionHandshakeResponseSchema, registerEncryptionKeyResponseSchema, sendMessageResponseSchema } from "./standards-sdk.es138.js";
+import { ZodError } from "zod";
+import { createPrivateKeySigner } from "./standards-sdk.es129.js";
+import { optionalImport } from "./standards-sdk.es141.js";
+const getFs = async () => {
+  const fsModule = await optionalImport("node:fs");
+  if (fsModule && typeof fsModule.existsSync === "function" && typeof fsModule.readFileSync === "function" && typeof fsModule.writeFileSync === "function" && typeof fsModule.appendFileSync === "function") {
+    return fsModule;
+  }
+  return null;
+};
+const DEFAULT_USER_AGENT = "@hol-org/rb-client";
+const DEFAULT_PROGRESS_INTERVAL_MS = 1500;
+const DEFAULT_PROGRESS_TIMEOUT_MS = 5 * 60 * 1e3;
+const createAbortError = () => typeof DOMException === "function" ? new DOMException("Aborted", "AbortError") : new Error("The operation was aborted");
+const normaliseHeaderName = (name) => name.trim().toLowerCase();
+const isBrowserRuntime = () => typeof window !== "undefined" && typeof window.fetch === "function";
+const DEFAULT_BASE_URL = "https://hol.org/registry/api/v1";
+const JSON_CONTENT_TYPE = /application\/json/i;
+const DEFAULT_HISTORY_TOP_UP_HBAR = 0.25;
+const MINIMUM_REGISTRATION_AUTO_TOP_UP_CREDITS = 1;
+const toJsonValue = (value) => {
+  if (value === null) {
+    return null;
+  }
+  if (value instanceof Date) {
+    return value.toISOString();
+  }
+  if (typeof value === "string" || typeof value === "number" || typeof value === "boolean") {
+    return value;
+  }
+  if (Array.isArray(value)) {
+    return value.map((item) => item === void 0 ? null : toJsonValue(item));
+  }
+  if (typeof value === "object") {
+    const result = {};
+    Object.entries(value).forEach(
+      ([key, entryValue]) => {
+        if (entryValue !== void 0) {
+          result[key] = toJsonValue(entryValue);
+        }
+      }
+    );
+    return result;
+  }
+  throw new TypeError("Only JSON-compatible values are supported");
+};
+const isJsonObject = (value) => typeof value === "object" && value !== null && !Array.isArray(value);
+const toJsonObject = (value) => {
+  const normalised = toJsonValue(value);
+  if (isJsonObject(normalised)) {
+    return normalised;
+  }
+  throw new TypeError("Expected JSON object value");
+};
+const serialiseAuthConfig = (auth) => {
+  const authPayload = {};
+  if (auth.type) {
+    authPayload.type = auth.type;
+  }
+  if (auth.token) {
+    authPayload.token = auth.token;
+  }
+  if (auth.username) {
+    authPayload.username = auth.username;
+  }
+  if (auth.password) {
+    authPayload.password = auth.password;
+  }
+  if (auth.headerName) {
+    authPayload.headerName = auth.headerName;
+  }
+  if (auth.headerValue) {
+    authPayload.headerValue = auth.headerValue;
+  }
+  if (auth.headers) {
+    authPayload.headers = { ...auth.headers };
+  }
+  return authPayload;
+};
+const serialiseAgentRegistrationRequest = (payload) => {
+  const body = {
+    profile: toJsonObject(payload.profile)
   };
+  if (payload.endpoint !== void 0) {
+    body.endpoint = payload.endpoint;
+  }
+  if (payload.protocol !== void 0) {
+    body.protocol = payload.protocol;
+  }
+  if (payload.communicationProtocol !== void 0) {
+    body.communicationProtocol = payload.communicationProtocol;
+  }
+  if (payload.registry !== void 0) {
+    body.registry = payload.registry;
+  }
+  if (payload.additionalRegistries !== void 0) {
+    body.additionalRegistries = payload.additionalRegistries;
+  }
+  if (payload.metadata !== void 0) {
+    body.metadata = toJsonObject(payload.metadata);
+  }
+  return body;
+};
+const normalizeHexPrivateKey = (value) => {
+  const trimmed = value.trim();
+  if (!trimmed) {
+    throw new Error("evmPrivateKey is required");
+  }
+  return trimmed.startsWith("0x") ? trimmed : `0x${trimmed}`;
 };
+class RegistryBrokerError extends Error {
+  constructor(message, details) {
+    super(message);
+    this.status = details.status;
+    this.statusText = details.statusText;
+    this.body = details.body;
+  }
+}
+class RegistryBrokerParseError extends Error {
+  constructor(message, cause, rawValue) {
+    super(message);
+    this.cause = cause;
+    this.rawValue = rawValue;
+  }
+}
+function normaliseBaseUrl(input) {
+  const trimmed = input?.trim();
+  let baseCandidate = trimmed && trimmed.length > 0 ? trimmed : DEFAULT_BASE_URL;
+  try {
+    const url = new URL(baseCandidate.replace(/\/+$/, ""));
+    const hostname = url.hostname.toLowerCase();
+    const ensureRegistryPrefix = () => {
+      if (!url.pathname.startsWith("/registry")) {
+        url.pathname = url.pathname === "/" ? "/registry" : `/registry${url.pathname}`;
+      }
+    };
+    if (hostname === "hol.org") {
+      ensureRegistryPrefix();
+      baseCandidate = url.toString();
+    } else if (hostname === "registry.hashgraphonline.com" || hostname === "hashgraphonline.com") {
+      ensureRegistryPrefix();
+      url.hostname = "hol.org";
+      baseCandidate = url.toString();
+    }
+  } catch {
+  }
+  const withoutTrailing = baseCandidate.replace(/\/+$/, "");
+  if (/\/api\/v\d+$/i.test(withoutTrailing)) {
+    return withoutTrailing;
+  }
+  if (/\/api$/i.test(withoutTrailing)) {
+    return `${withoutTrailing}/v1`;
+  }
+  return `${withoutTrailing}/api/v1`;
+}
+function buildSearchQuery(params) {
+  const query = new URLSearchParams();
+  const appendList = (key, values) => {
+    if (!values) {
+      return;
+    }
+    values.forEach((value) => {
+      if (typeof value === "string") {
+        const trimmed = value.trim();
+        if (trimmed.length > 0) {
+          query.append(key, trimmed);
+        }
+      }
+    });
+  };
+  if (params.q) {
+    const trimmed = params.q.trim();
+    if (trimmed.length > 0) {
+      query.set("q", trimmed);
+    }
+  }
+  if (typeof params.page === "number") {
+    query.set("page", params.page.toString());
+  }
+  if (typeof params.limit === "number") {
+    query.set("limit", params.limit.toString());
+  }
+  if (params.registry) {
+    const trimmed = params.registry.trim();
+    if (trimmed.length > 0) {
+      query.set("registry", trimmed);
+    }
+  }
+  appendList("registries", params.registries);
+  if (typeof params.minTrust === "number") {
+    query.set("minTrust", params.minTrust.toString());
+  }
+  appendList("capabilities", params.capabilities);
+  appendList("protocols", params.protocols);
+  appendList("adapters", params.adapters);
+  if (params.metadata) {
+    Object.entries(params.metadata).forEach(([key, values]) => {
+      if (!key || !Array.isArray(values) || values.length === 0) {
+        return;
+      }
+      const trimmedKey = key.trim();
+      if (trimmedKey.length === 0) {
+        return;
+      }
+      values.forEach((value) => {
+        if (value === void 0 || value === null) {
+          return;
+        }
+        query.append(`metadata.${trimmedKey}`, String(value));
+      });
+    });
+  }
+  if (params.type) {
+    const trimmedType = params.type.trim();
+    if (trimmedType.length > 0 && trimmedType.toLowerCase() !== "all") {
+      query.set("type", trimmedType);
+    }
+  }
+  if (params.verified === true) {
+    query.set("verified", "true");
+  }
+  if (params.online === true) {
+    query.set("online", "true");
+  }
+  if (params.sortBy) {
+    const trimmedSort = params.sortBy.trim();
+    if (trimmedSort.length > 0) {
+      query.set("sortBy", trimmedSort);
+    }
+  }
+  if (params.sortOrder) {
+    const lowered = params.sortOrder.toLowerCase();
+    if (lowered === "asc" || lowered === "desc") {
+      query.set("sortOrder", lowered);
+    }
+  }
+  const queryString = query.toString();
+  return queryString.length > 0 ? `?${queryString}` : "";
+}
+class RegistryBrokerClient {
+  constructor(options = {}) {
+    this.conversationContexts = /* @__PURE__ */ new Map();
+    this.request = async (path2, config) => {
+      const headers = new Headers();
+      Object.entries(this.defaultHeaders).forEach(([key, value]) => {
+        headers.set(key, value);
+      });
+      if (config.headers) {
+        Object.entries(config.headers).forEach(([key, value]) => {
+          headers.set(key, value);
+        });
+      }
+      if (!headers.has("accept")) {
+        headers.set("accept", "application/json");
+      }
+      if (!headers.has("user-agent") && !isBrowserRuntime()) {
+        headers.set("user-agent", DEFAULT_USER_AGENT);
+      }
+      const init = {
+        method: config.method ?? "GET",
+        headers
+      };
+      if (config.body !== void 0) {
+        init.body = JSON.stringify(config.body);
+        if (!headers.has("content-type")) {
+          headers.set("content-type", "application/json");
+        }
+      }
+      const response = await this.fetchImpl(this.buildUrl(path2), init);
+      if (response.ok) {
+        return response;
+      }
+      const errorBody = await this.extractErrorBody(response);
+      throw new RegistryBrokerError("Registry broker request failed", {
+        status: response.status,
+        statusText: response.statusText,
+        body: errorBody
+      });
+    };
+    this.baseUrl = normaliseBaseUrl(options.baseUrl);
+    const fetchCandidate = options.fetchImplementation ?? globalThis.fetch;
+    if (!fetchCandidate) {
+      throw new Error(
+        "A fetch implementation is required for RegistryBrokerClient"
+      );
+    }
+    this.fetchImpl = fetchCandidate;
+    this.defaultHeaders = {};
+    if (options.defaultHeaders) {
+      Object.entries(options.defaultHeaders).forEach(([name, value]) => {
+        if (typeof value === "string") {
+          this.setDefaultHeader(name, value);
+        }
+      });
+    }
+    if (options.apiKey && options.apiKey.trim().length > 0) {
+      this.setApiKey(options.apiKey);
+    }
+    if (options.ledgerApiKey && options.ledgerApiKey.trim().length > 0) {
+      this.setLedgerApiKey(options.ledgerApiKey);
+    }
+    this.registrationAutoTopUp = options.registrationAutoTopUp;
+    this.historyAutoTopUp = options.historyAutoTopUp;
+    this.encryptedChatManager = new EncryptedChatManager(this);
+    this.encryptionOptions = options.encryption;
+    this.encryptionBootstrapPromise = this.bootstrapEncryptionOptions(
+      options.encryption
+    );
+    this.chat = {
+      start: (options2) => this.startChat(options2),
+      createSession: (payload) => this.createSession(payload),
+      sendMessage: (payload) => this.sendMessage(payload),
+      endSession: (sessionId) => this.endSession(sessionId),
+      getHistory: (sessionId, options2) => this.fetchHistorySnapshot(sessionId, options2),
+      compactHistory: (payload) => this.compactHistory(payload),
+      getEncryptionStatus: (sessionId) => this.fetchEncryptionStatus(sessionId),
+      submitEncryptionHandshake: (sessionId, payload) => this.postEncryptionHandshake(sessionId, payload),
+      startConversation: (opts) => this.startConversation(opts),
+      acceptConversation: (opts) => this.acceptConversation(opts)
+    };
+    this.encryption = {
+      registerKey: (payload) => this.registerEncryptionKey(payload),
+      generateEphemeralKeyPair: () => this.createEphemeralKeyPair(),
+      deriveSharedSecret: (options2) => this.deriveSharedSecret(options2),
+      encryptCipherEnvelope: (options2) => this.buildCipherEnvelope(options2),
+      decryptCipherEnvelope: (options2) => this.openCipherEnvelope(options2),
+      ensureAgentKey: (options2) => this.ensureAgentEncryptionKey(options2)
+    };
+    this.chat.createEncryptedSession = (options2) => this.encryptedChatManager.startSession(options2);
+    this.chat.acceptEncryptedSession = (options2) => this.encryptedChatManager.acceptSession(options2);
+  }
+  static async initializeAgent(options) {
+    const { uaid, ensureEncryptionKey = true, ...clientOptions } = options;
+    const client = new RegistryBrokerClient(clientOptions);
+    let encryption = null;
+    if (ensureEncryptionKey) {
+      const ensureOptions = typeof ensureEncryptionKey === "object" ? ensureEncryptionKey : { generateIfMissing: true };
+      encryption = await client.encryption.ensureAgentKey({
+        uaid,
+        ...ensureOptions
+      });
+    }
+    return { client, encryption };
+  }
+  async loadViemAccount(privateKey) {
+    try {
+      const viem = await import("viem/accounts");
+      return viem.privateKeyToAccount(privateKey);
+    } catch (error) {
+      const err = new Error(
+        'EVM ledger authentication requires the optional dependency "viem". Install it to use evmPrivateKey flows.'
+      );
+      err.cause = error;
+      throw err;
+    }
+  }
+  async loadX402Dependencies() {
+    try {
+      const [{ default: axios }, x402Axios, x402Types] = await Promise.all([
+        import("axios"),
+        optionalImport("x402-axios"),
+        optionalImport("x402/types")
+      ]);
+      if (!x402Axios || !x402Types) {
+        throw new Error(
+          "x402-axios and x402/types are required for X402 flows. Install them to enable ledger payments."
+        );
+      }
+      const withPaymentInterceptor = x402Axios.withPaymentInterceptor;
+      const decodePaymentResponse = x402Axios.decodeXPaymentResponse;
+      const createX402Signer = x402Types.createSigner;
+      const createPaymentClient = (walletClient) => {
+        const axiosClient = axios.create({
+          baseURL: this.baseUrl,
+          headers: {
+            ...this.getDefaultHeaders(),
+            "content-type": "application/json"
+          }
+        });
+        const client = withPaymentInterceptor(axiosClient, walletClient);
+        return {
+          post: async (url, body) => {
+            const response = await client.post(url, body);
+            return {
+              data: response.data,
+              headers: response.headers
+            };
+          }
+        };
+      };
+      return {
+        createPaymentClient,
+        decodePaymentResponse,
+        createX402Signer
+      };
+    } catch (error) {
+      const err = new Error(
+        'X402 credit purchases require optional dependencies "axios", "x402-axios", and "x402/types". Install them to enable this feature.'
+      );
+      err.cause = error;
+      throw err;
+    }
+  }
+  setApiKey(apiKey) {
+    this.setDefaultHeader("x-api-key", apiKey);
+  }
+  setLedgerApiKey(apiKey) {
+    this.setDefaultHeader("x-ledger-api-key", apiKey);
+  }
+  setDefaultHeader(name, value) {
+    if (!name || name.trim().length === 0) {
+      return;
+    }
+    const headerName = normaliseHeaderName(name);
+    if (!value || value.trim().length === 0) {
+      delete this.defaultHeaders[headerName];
+      return;
+    }
+    this.defaultHeaders[headerName] = value.trim();
+  }
+  getDefaultHeaders() {
+    return { ...this.defaultHeaders };
+  }
+  async encryptionReady() {
+    if (!this.encryptionBootstrapPromise) {
+      return;
+    }
+    await this.encryptionBootstrapPromise;
+  }
+  async search(params = {}) {
+    const query = buildSearchQuery(params);
+    const raw = await this.requestJson(`/search${query}`, {
+      method: "GET"
+    });
+    return this.parseWithSchema(raw, searchResponseSchema, "search response");
+  }
+  async stats() {
+    const raw = await this.requestJson("/stats", { method: "GET" });
+    return this.parseWithSchema(raw, statsResponseSchema, "stats response");
+  }
+  async registries() {
+    const raw = await this.requestJson("/registries", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      registriesResponseSchema,
+      "registries response"
+    );
+  }
+  async getAdditionalRegistries() {
+    const raw = await this.requestJson(
+      "/register/additional-registries",
+      {
+        method: "GET"
+      }
+    );
+    return this.parseWithSchema(
+      raw,
+      additionalRegistryCatalogResponseSchema,
+      "additional registry catalog response"
+    );
+  }
+  bootstrapEncryptionOptions(options) {
+    if (!options?.autoRegister || options.autoRegister.enabled === false) {
+      return null;
+    }
+    return this.autoRegisterEncryptionKey(options.autoRegister).then(
+      () => void 0
+    );
+  }
+  async autoRegisterEncryptionKey(config) {
+    const identity = this.normalizeAutoRegisterIdentity(config);
+    if (!identity) {
+      throw new Error(
+        "Auto-registration requires uaid, ledgerAccountId, or email"
+      );
+    }
+    const material = await this.resolveAutoRegisterKeyMaterial(config);
+    if (!material) {
+      throw new Error(
+        "Unable to resolve encryption public key for auto-registration"
+      );
+    }
+    await this.registerEncryptionKey({
+      keyType: config.keyType ?? "secp256k1",
+      publicKey: material.publicKey,
+      ...identity
+    });
+    return material;
+  }
+  normalizeAutoRegisterIdentity(config) {
+    const identity = {};
+    if (config.uaid) {
+      identity.uaid = config.uaid;
+    }
+    if (config.ledgerAccountId) {
+      identity.ledgerAccountId = config.ledgerAccountId;
+      if (config.ledgerNetwork) {
+        identity.ledgerNetwork = config.ledgerNetwork;
+      }
+    }
+    if (config.email) {
+      identity.email = config.email;
+    }
+    if (identity.uaid || identity.ledgerAccountId || identity.email) {
+      return identity;
+    }
+    return null;
+  }
+  async resolveAutoRegisterKeyMaterial(config) {
+    if (config.publicKey?.trim()) {
+      return { publicKey: config.publicKey.trim() };
+    }
+    let privateKey = config.privateKey?.trim();
+    const envVar = config.envVar ?? "RB_ENCRYPTION_PRIVATE_KEY";
+    if (!privateKey && envVar && process?.env?.[envVar]?.trim()) {
+      privateKey = process.env[envVar]?.trim();
+    }
+    if (!privateKey && config.generateIfMissing) {
+      const pair = await this.generateEncryptionKeyPair({
+        keyType: config.keyType ?? "secp256k1",
+        envVar,
+        envPath: config.envPath,
+        overwrite: config.overwriteEnv
+      });
+      if (envVar) {
+        process.env[envVar] = pair.privateKey;
+      }
+      return { publicKey: pair.publicKey, privateKey: pair.privateKey };
+    }
+    if (privateKey) {
+      const publicKey = this.derivePublicKeyFromPrivateKey(privateKey);
+      return { publicKey, privateKey };
+    }
+    return null;
+  }
+  derivePublicKeyFromPrivateKey(privateKey) {
+    const normalized = this.hexToBuffer(privateKey);
+    const publicKey = secp256k1.getPublicKey(normalized, true);
+    return Buffer.from(publicKey).toString("hex");
+  }
+  ensureAgentEncryptionKey(options) {
+    return this.autoRegisterEncryptionKey({
+      ...options,
+      uaid: options.uaid,
+      enabled: true
+    });
+  }
+  async popularSearches() {
+    const raw = await this.requestJson("/popular", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      popularResponseSchema,
+      "popular searches response"
+    );
+  }
+  async resolveUaid(uaid) {
+    const raw = await this.requestJson(
+      `/resolve/${encodeURIComponent(uaid)}`,
+      {
+        method: "GET"
+      }
+    );
+    return this.parseWithSchema(
+      raw,
+      resolveResponseSchema,
+      "resolve UAID response"
+    );
+  }
+  async performRegisterAgent(payload) {
+    const raw = await this.requestJson("/register", {
+      method: "POST",
+      body: serialiseAgentRegistrationRequest(payload),
+      headers: { "content-type": "application/json" }
+    });
+    return this.parseWithSchema(
+      raw,
+      registerAgentResponseSchema,
+      "register agent response"
+    );
+  }
+  async registerAgent(payload, options) {
+    const autoTopUp = options?.autoTopUp ?? this.registrationAutoTopUp;
+    if (!autoTopUp) {
+      return this.performRegisterAgent(payload);
+    }
+    await this.ensureCreditsForRegistration(payload, autoTopUp);
+    let retried = false;
+    while (true) {
+      try {
+        return await this.performRegisterAgent(payload);
+      } catch (error) {
+        const shortfall = this.extractInsufficientCreditsDetails(error);
+        if (shortfall && !retried) {
+          await this.ensureCreditsForRegistration(payload, autoTopUp);
+          retried = true;
+          continue;
+        }
+        throw error;
+      }
+    }
+  }
+  async getRegistrationQuote(payload) {
+    const raw = await this.requestJson("/register/quote", {
+      method: "POST",
+      body: serialiseAgentRegistrationRequest(payload),
+      headers: { "content-type": "application/json" }
+    });
+    return this.parseWithSchema(
+      raw,
+      registrationQuoteResponseSchema,
+      "registration quote response"
+    );
+  }
+  async updateAgent(uaid, payload) {
+    const raw = await this.requestJson(
+      `/register/${encodeURIComponent(uaid)}`,
+      {
+        method: "PUT",
+        body: serialiseAgentRegistrationRequest(payload),
+        headers: { "content-type": "application/json" }
+      }
+    );
+    return this.parseWithSchema(
+      raw,
+      registerAgentResponseSchema,
+      "update agent response"
+    );
+  }
+  async getRegistrationProgress(attemptId) {
+    const normalisedAttemptId = attemptId.trim();
+    if (!normalisedAttemptId) {
+      throw new Error("attemptId is required");
+    }
+    try {
+      const raw = await this.requestJson(
+        `/register/progress/${encodeURIComponent(normalisedAttemptId)}`,
+        { method: "GET" }
+      );
+      const parsed = this.parseWithSchema(
+        raw,
+        registrationProgressResponseSchema,
+        "registration progress response"
+      );
+      return parsed.progress;
+    } catch (error) {
+      if (error instanceof RegistryBrokerError && error.status === 404) {
+        return null;
+      }
+      throw error;
+    }
+  }
+  async waitForRegistrationCompletion(attemptId, options = {}) {
+    const normalisedAttemptId = attemptId.trim();
+    if (!normalisedAttemptId) {
+      throw new Error("attemptId is required");
+    }
+    const interval = Math.max(
+      250,
+      options.intervalMs ?? DEFAULT_PROGRESS_INTERVAL_MS
+    );
+    const timeoutMs = options.timeoutMs ?? DEFAULT_PROGRESS_TIMEOUT_MS;
+    const throwOnFailure = options.throwOnFailure ?? true;
+    const signal = options.signal;
+    const startedAt = Date.now();
+    while (true) {
+      if (signal?.aborted) {
+        throw createAbortError();
+      }
+      const progress = await this.getRegistrationProgress(normalisedAttemptId);
+      if (progress) {
+        options.onProgress?.(progress);
+        if (progress.status === "completed") {
+          return progress;
+        }
+        if (progress.status === "partial" || progress.status === "failed") {
+          if (throwOnFailure) {
+            throw new RegistryBrokerError(
+              "Registration did not complete successfully",
+              {
+                status: 409,
+                statusText: progress.status,
+                body: progress
+              }
+            );
+          }
+          return progress;
+        }
+      }
+      if (Date.now() - startedAt >= timeoutMs) {
+        throw new Error(
+          `Registration progress polling timed out after ${timeoutMs}ms`
+        );
+      }
+      await this.delay(interval, signal);
+    }
+  }
+  async purchaseCreditsWithHbar(params) {
+    const body = {
+      accountId: params.accountId,
+      payerKey: params.privateKey,
+      hbarAmount: this.calculateHbarAmountParam(params.hbarAmount)
+    };
+    if (params.memo) {
+      body.memo = params.memo;
+    }
+    if (params.metadata) {
+      body.metadata = params.metadata;
+    }
+    const raw = await this.requestJson("/credits/purchase", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body
+    });
+    return this.parseWithSchema(
+      raw,
+      creditPurchaseResponseSchema,
+      "credit purchase response"
+    );
+  }
+  async getX402Minimums() {
+    const raw = await this.requestJson(
+      "/credits/purchase/x402/minimums",
+      { method: "GET" }
+    );
+    return this.parseWithSchema(
+      raw,
+      x402MinimumsResponseSchema,
+      "x402 minimums response"
+    );
+  }
+  async purchaseCreditsWithX402(params) {
+    const { createPaymentClient, decodePaymentResponse } = await this.loadX402Dependencies();
+    if (!Number.isFinite(params.credits) || params.credits <= 0) {
+      throw new Error("credits must be a positive number");
+    }
+    if (params.usdAmount !== void 0 && (!Number.isFinite(params.usdAmount) || params.usdAmount <= 0)) {
+      throw new Error("usdAmount must be a positive number when provided");
+    }
+    const body = {
+      accountId: params.accountId,
+      credits: params.credits
+    };
+    if (params.usdAmount !== void 0) {
+      body.usdAmount = params.usdAmount;
+    }
+    if (params.description) {
+      body.description = params.description;
+    }
+    if (params.metadata) {
+      body.metadata = params.metadata;
+    }
+    const paymentClient = createPaymentClient(params.walletClient);
+    const response = await paymentClient.post("/credits/purchase/x402", body);
+    const parsed = this.parseWithSchema(
+      response.data,
+      x402CreditPurchaseResponseSchema,
+      "x402 credit purchase response"
+    );
+    const responseHeaders = response.headers ?? {};
+    const paymentHeader = typeof responseHeaders["x-payment-response"] === "string" ? responseHeaders["x-payment-response"] : void 0;
+    const decodedPayment = paymentHeader !== void 0 ? decodePaymentResponse(paymentHeader) : void 0;
+    return {
+      ...parsed,
+      paymentResponseHeader: paymentHeader,
+      paymentResponse: decodedPayment
+    };
+  }
+  async buyCreditsWithX402(params) {
+    const network = params.network ?? "base";
+    const { createX402Signer } = await this.loadX402Dependencies();
+    const normalizedKey = normalizeHexPrivateKey(params.evmPrivateKey);
+    const walletClient = await createX402Signer(network, normalizedKey);
+    return this.purchaseCreditsWithX402({
+      accountId: params.accountId,
+      credits: params.credits,
+      usdAmount: params.usdAmount,
+      description: params.description,
+      metadata: params.metadata,
+      walletClient
+    });
+  }
+  calculateHbarAmount(creditsToPurchase, creditsPerHbar) {
+    if (creditsPerHbar <= 0) {
+      throw new Error("creditsPerHbar must be positive");
+    }
+    if (creditsToPurchase <= 0) {
+      throw new Error("creditsToPurchase must be positive");
+    }
+    const rawHbar = creditsToPurchase / creditsPerHbar;
+    const tinybars = Math.ceil(rawHbar * 1e8);
+    return tinybars / 1e8;
+  }
+  resolveCreditsToPurchase(shortfallCredits) {
+    if (!Number.isFinite(shortfallCredits) || shortfallCredits <= 0) {
+      return 0;
+    }
+    return Math.max(
+      Math.ceil(shortfallCredits),
+      MINIMUM_REGISTRATION_AUTO_TOP_UP_CREDITS
+    );
+  }
+  calculateHbarAmountParam(hbarAmount) {
+    const tinybars = Math.ceil(hbarAmount * 1e8);
+    if (tinybars <= 0) {
+      throw new Error("Calculated purchase amount must be positive");
+    }
+    return tinybars / 1e8;
+  }
+  shouldAutoTopUpHistory(payload, error) {
+    if (!this.historyAutoTopUp || payload.historyTtlSeconds === void 0) {
+      return false;
+    }
+    if (!(error instanceof RegistryBrokerError)) {
+      return false;
+    }
+    if (error.status !== 402) {
+      return false;
+    }
+    const message = this.extractErrorMessage(error.body);
+    if (!message) {
+      return true;
+    }
+    const normalised = message.toLowerCase();
+    return normalised.includes("history") || normalised.includes("chat history");
+  }
+  extractErrorMessage(body) {
+    if (typeof body === "string") {
+      return body;
+    }
+    if (isJsonObject(body) && typeof body.error === "string") {
+      return body.error;
+    }
+    if (isJsonObject(body) && typeof body.message === "string") {
+      return body.message;
+    }
+    return void 0;
+  }
+  async executeHistoryAutoTopUp(reason) {
+    if (!this.historyAutoTopUp) {
+      return;
+    }
+    const hbarAmount = this.historyAutoTopUp.hbarAmount && this.historyAutoTopUp.hbarAmount > 0 ? this.historyAutoTopUp.hbarAmount : DEFAULT_HISTORY_TOP_UP_HBAR;
+    await this.purchaseCreditsWithHbar({
+      accountId: this.historyAutoTopUp.accountId,
+      privateKey: this.historyAutoTopUp.privateKey,
+      hbarAmount,
+      memo: this.historyAutoTopUp.memo ?? "registry-broker-client:chat-history-topup",
+      metadata: {
+        purpose: "chat-history",
+        reason
+      }
+    });
+  }
+  async ensureCreditsForRegistration(payload, autoTopUp) {
+    const details = autoTopUp ?? null;
+    if (!details) {
+      return;
+    }
+    if (!details.accountId || !details.accountId.trim()) {
+      throw new Error("autoTopUp.accountId is required");
+    }
+    if (!details.privateKey || !details.privateKey.trim()) {
+      throw new Error("autoTopUp.privateKey is required");
+    }
+    for (let attempt = 0; attempt < 3; attempt += 1) {
+      const quote = await this.getRegistrationQuote(payload);
+      const shortfall = quote.shortfallCredits ?? 0;
+      if (shortfall <= 0) {
+        return;
+      }
+      const creditsToPurchase = this.resolveCreditsToPurchase(shortfall);
+      if (creditsToPurchase <= 0) {
+        return;
+      }
+      const creditsPerHbar = quote.creditsPerHbar ?? null;
+      if (!creditsPerHbar || creditsPerHbar <= 0) {
+        throw new Error("Unable to determine credits per HBAR for auto top-up");
+      }
+      const hbarAmount = this.calculateHbarAmount(
+        creditsToPurchase,
+        creditsPerHbar
+      );
+      await this.purchaseCreditsWithHbar({
+        accountId: details.accountId.trim(),
+        privateKey: details.privateKey.trim(),
+        hbarAmount,
+        memo: details.memo ?? "Registry Broker auto top-up",
+        metadata: {
+          shortfallCredits: shortfall,
+          requiredCredits: quote.requiredCredits,
+          purchasedCredits: creditsToPurchase
+        }
+      });
+    }
+    const finalQuote = await this.getRegistrationQuote(payload);
+    if ((finalQuote.shortfallCredits ?? 0) > 0) {
+      throw new Error("Unable to purchase sufficient credits for registration");
+    }
+  }
+  extractInsufficientCreditsDetails(error) {
+    if (!(error instanceof RegistryBrokerError) || error.status !== 402) {
+      return null;
+    }
+    const body = error.body;
+    if (!body || typeof body !== "object" || Array.isArray(body)) {
+      return null;
+    }
+    const maybeShortfall = body["shortfallCredits"];
+    if (typeof maybeShortfall !== "number" || maybeShortfall <= 0) {
+      return null;
+    }
+    return { shortfallCredits: maybeShortfall };
+  }
+  async createLedgerChallenge(payload) {
+    const resolvedNetwork = canonicalizeLedgerNetwork(payload.network);
+    const network = resolvedNetwork.kind === "hedera" ? resolvedNetwork.hederaNetwork ?? resolvedNetwork.canonical : resolvedNetwork.canonical;
+    const raw = await this.requestJson("/auth/ledger/challenge", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: {
+        accountId: payload.accountId,
+        network
+      }
+    });
+    return this.parseWithSchema(
+      raw,
+      ledgerChallengeResponseSchema,
+      "ledger challenge response"
+    );
+  }
+  async verifyLedgerChallenge(payload) {
+    const resolvedNetwork = canonicalizeLedgerNetwork(payload.network);
+    const network = resolvedNetwork.kind === "hedera" ? resolvedNetwork.hederaNetwork ?? resolvedNetwork.canonical : resolvedNetwork.canonical;
+    const body = {
+      challengeId: payload.challengeId,
+      accountId: payload.accountId,
+      network,
+      signature: payload.signature
+    };
+    if (payload.signatureKind) {
+      body.signatureKind = payload.signatureKind;
+    }
+    if (payload.publicKey) {
+      body.publicKey = payload.publicKey;
+    }
+    if (typeof payload.expiresInMinutes === "number") {
+      body.expiresInMinutes = payload.expiresInMinutes;
+    }
+    const raw = await this.requestJson("/auth/ledger/verify", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body
+    });
+    const result = this.parseWithSchema(
+      raw,
+      ledgerVerifyResponseSchema,
+      "ledger verification response"
+    );
+    this.setLedgerApiKey(result.key);
+    return result;
+  }
+  async authenticateWithLedger(options) {
+    const challenge = await this.createLedgerChallenge({
+      accountId: options.accountId,
+      network: options.network
+    });
+    const signed = await this.resolveLedgerAuthSignature(
+      challenge.message,
+      options
+    );
+    const verification = await this.verifyLedgerChallenge({
+      challengeId: challenge.challengeId,
+      accountId: options.accountId,
+      network: options.network,
+      signature: signed.signature,
+      signatureKind: signed.signatureKind,
+      publicKey: signed.publicKey,
+      expiresInMinutes: options.expiresInMinutes
+    });
+    return verification;
+  }
+  async resolveLedgerAuthSignature(message, options) {
+    if (typeof options.sign === "function") {
+      const result = await options.sign(message);
+      if (!result || typeof result.signature !== "string" || result.signature.length === 0) {
+        throw new Error("Custom ledger signer failed to produce a signature.");
+      }
+      return result;
+    }
+    if (!options.signer || typeof options.signer.sign !== "function") {
+      throw new Error(
+        "Ledger authentication requires a Hedera Signer or custom sign function."
+      );
+    }
+    const payload = Buffer.from(message, "utf8");
+    const signatures = await options.signer.sign([payload]);
+    const signatureEntry = signatures?.[0];
+    if (!signatureEntry) {
+      throw new Error("Signer did not return any signatures.");
+    }
+    let derivedPublicKey;
+    if (signatureEntry.publicKey) {
+      derivedPublicKey = signatureEntry.publicKey.toString();
+    } else if (typeof options.signer.getAccountKey === "function") {
+      const accountKey = await options.signer.getAccountKey();
+      if (accountKey && typeof accountKey.toString === "function") {
+        derivedPublicKey = accountKey.toString();
+      }
+    }
+    return {
+      signature: Buffer.from(signatureEntry.signature).toString("base64"),
+      signatureKind: "raw",
+      publicKey: derivedPublicKey
+    };
+  }
+  async authenticateWithLedgerCredentials(options) {
+    const {
+      accountId,
+      network,
+      signer,
+      sign,
+      hederaPrivateKey,
+      evmPrivateKey,
+      expiresInMinutes,
+      setAccountHeader = true,
+      label,
+      logger
+    } = options;
+    const resolvedNetwork = canonicalizeLedgerNetwork(network);
+    const labelSuffix = label ? ` for ${label}` : "";
+    const networkPayload = resolvedNetwork.canonical;
+    const authOptions = {
+      accountId,
+      network: networkPayload,
+      expiresInMinutes
+    };
+    if (sign) {
+      authOptions.sign = sign;
+    } else if (signer) {
+      authOptions.signer = signer;
+    } else if (hederaPrivateKey) {
+      if (resolvedNetwork.kind !== "hedera" || !resolvedNetwork.hederaNetwork) {
+        throw new Error(
+          "hederaPrivateKey can only be used with hedera:mainnet or hedera:testnet networks."
+        );
+      }
+      authOptions.signer = createPrivateKeySigner({
+        accountId,
+        privateKey: hederaPrivateKey,
+        network: resolvedNetwork.hederaNetwork
+      });
+    } else if (evmPrivateKey) {
+      if (resolvedNetwork.kind !== "evm") {
+        throw new Error(
+          "evmPrivateKey can only be used with CAIP-2 EVM networks (eip155:<chainId>)."
+        );
+      }
+      const formattedKey = evmPrivateKey.startsWith("0x") ? evmPrivateKey : `0x${evmPrivateKey}`;
+      const account = await this.loadViemAccount(formattedKey);
+      authOptions.sign = async (message) => ({
+        signature: await account.signMessage({ message }),
+        signatureKind: "evm",
+        publicKey: account.publicKey
+      });
+    } else {
+      throw new Error(
+        "Provide a signer, sign function, hederaPrivateKey, or evmPrivateKey to authenticate with the ledger."
+      );
+    }
+    logger?.info?.(
+      `Authenticating ledger account ${accountId} (${resolvedNetwork.canonical})${labelSuffix}...`
+    );
+    const verification = await this.authenticateWithLedger(authOptions);
+    if (setAccountHeader) {
+      this.setDefaultHeader("x-account-id", verification.accountId);
+    }
+    logger?.info?.(
+      `Ledger authentication complete${labelSuffix}. Issued key prefix: ${verification.apiKey.prefix}…${verification.apiKey.lastFour}`
+    );
+    return verification;
+  }
+  async listProtocols() {
+    const raw = await this.requestJson("/protocols", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      protocolsResponseSchema,
+      "protocols response"
+    );
+  }
+  async detectProtocol(message) {
+    const raw = await this.requestJson("/detect-protocol", {
+      method: "POST",
+      body: { message },
+      headers: { "content-type": "application/json" }
+    });
+    return this.parseWithSchema(
+      raw,
+      detectProtocolResponseSchema,
+      "detect protocol response"
+    );
+  }
+  async registrySearchByNamespace(registry, query) {
+    const params = new URLSearchParams();
+    if (query) {
+      params.set("q", query);
+    }
+    const suffix = params.size > 0 ? `?${params.toString()}` : "";
+    const raw = await this.requestJson(
+      `/registries/${encodeURIComponent(registry)}/search${suffix}`,
+      {
+        method: "GET"
+      }
+    );
+    return this.parseWithSchema(
+      raw,
+      registrySearchByNamespaceSchema,
+      "registry search response"
+    );
+  }
+  async vectorSearch(request) {
+    try {
+      const raw = await this.requestJson("/search", {
+        method: "POST",
+        body: request,
+        headers: { "content-type": "application/json" }
+      });
+      return this.parseWithSchema(
+        raw,
+        vectorSearchResponseSchema,
+        "vector search response"
+      );
+    } catch (error) {
+      if (error instanceof RegistryBrokerError && error.status === 501) {
+        const fallback = await this.search(
+          this.buildVectorFallbackSearchParams(request)
+        );
+        return this.convertSearchResultToVectorResponse(fallback);
+      }
+      throw error;
+    }
+  }
+  async searchStatus() {
+    const raw = await this.requestJson("/search/status", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      searchStatusResponseSchema,
+      "search status response"
+    );
+  }
+  async adaptersDetailed() {
+    const raw = await this.requestJson("/adapters/details", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      adapterDetailsResponseSchema,
+      "adapter details response"
+    );
+  }
+  async websocketStats() {
+    const raw = await this.requestJson("/websocket/stats", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      websocketStatsResponseSchema,
+      "websocket stats response"
+    );
+  }
+  async metricsSummary() {
+    const raw = await this.requestJson("/metrics", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      metricsSummaryResponseSchema,
+      "metrics summary response"
+    );
+  }
+  async validateUaid(uaid) {
+    const raw = await this.requestJson(
+      `/uaids/validate/${encodeURIComponent(uaid)}`,
+      {
+        method: "GET"
+      }
+    );
+    return this.parseWithSchema(
+      raw,
+      uaidValidationResponseSchema,
+      "UAID validation response"
+    );
+  }
+  async getUaidConnectionStatus(uaid) {
+    const raw = await this.requestJson(
+      `/uaids/connections/${encodeURIComponent(uaid)}/status`,
+      {
+        method: "GET"
+      }
+    );
+    return this.parseWithSchema(
+      raw,
+      uaidConnectionStatusSchema,
+      "UAID connection status"
+    );
+  }
+  async closeUaidConnection(uaid) {
+    await this.request(`/uaids/connections/${encodeURIComponent(uaid)}`, {
+      method: "DELETE"
+    });
+  }
+  async dashboardStats() {
+    const raw = await this.requestJson("/dashboard/stats", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      dashboardStatsResponseSchema,
+      "dashboard stats response"
+    );
+  }
+  async adapters() {
+    const raw = await this.requestJson("/adapters", {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      adaptersResponseSchema,
+      "adapters response"
+    );
+  }
+  async facets(adapter) {
+    const params = new URLSearchParams();
+    if (adapter) {
+      params.set("adapter", adapter);
+    }
+    const suffix = params.size > 0 ? `?${params.toString()}` : "";
+    const raw = await this.requestJson(`/search/facets${suffix}`, {
+      method: "GET"
+    });
+    return this.parseWithSchema(
+      raw,
+      searchFacetsResponseSchema,
+      "search facets response"
+    );
+  }
+  async createSession(payload, allowHistoryAutoTopUp = true) {
+    const body = {};
+    if ("uaid" in payload && payload.uaid) {
+      body.uaid = payload.uaid;
+    }
+    if ("agentUrl" in payload && payload.agentUrl) {
+      body.agentUrl = payload.agentUrl;
+    }
+    if (payload.auth) {
+      body.auth = serialiseAuthConfig(payload.auth);
+    }
+    if (payload.historyTtlSeconds !== void 0) {
+      body.historyTtlSeconds = payload.historyTtlSeconds;
+    }
+    if (payload.encryptionRequested !== void 0) {
+      body.encryptionRequested = payload.encryptionRequested;
+    }
+    if (payload.senderUaid) {
+      body.senderUaid = payload.senderUaid;
+    }
+    try {
+      const raw = await this.requestJson("/chat/session", {
+        method: "POST",
+        body,
+        headers: { "content-type": "application/json" }
+      });
+      return this.parseWithSchema(
+        raw,
+        createSessionResponseSchema,
+        "chat session response"
+      );
+    } catch (error) {
+      if (allowHistoryAutoTopUp && this.shouldAutoTopUpHistory(payload, error)) {
+        await this.executeHistoryAutoTopUp("chat.session");
+        return this.createSession(payload, false);
+      }
+      throw error;
+    }
+  }
+  async startChat(options) {
+    if ("uaid" in options && options.uaid) {
+      return this.startConversation({
+        uaid: options.uaid,
+        senderUaid: options.senderUaid,
+        historyTtlSeconds: options.historyTtlSeconds,
+        auth: options.auth,
+        encryption: options.encryption,
+        onSessionCreated: options.onSessionCreated
+      });
+    }
+    if ("agentUrl" in options && options.agentUrl) {
+      const session = await this.createSession({
+        agentUrl: options.agentUrl,
+        auth: options.auth,
+        historyTtlSeconds: options.historyTtlSeconds,
+        senderUaid: options.senderUaid
+      });
+      options.onSessionCreated?.(session.sessionId);
+      return this.createPlaintextConversationHandle(
+        session.sessionId,
+        session.encryption ?? null,
+        options.auth,
+        { agentUrl: options.agentUrl, uaid: options.uaid }
+      );
+    }
+    throw new Error("startChat requires either uaid or agentUrl");
+  }
+  async startConversation(options) {
+    const preference = options.encryption?.preference ?? "preferred";
+    const requestEncryption = preference !== "disabled";
+    if (!requestEncryption) {
+      const session = await this.createSession({
+        uaid: options.uaid,
+        auth: options.auth,
+        historyTtlSeconds: options.historyTtlSeconds,
+        senderUaid: options.senderUaid,
+        encryptionRequested: false
+      });
+      options.onSessionCreated?.(session.sessionId);
+      return this.createPlaintextConversationHandle(
+        session.sessionId,
+        session.encryption ?? null,
+        options.auth,
+        { uaid: options.uaid }
+      );
+    }
+    try {
+      const handle = await this.encryptedChatManager.startSession({
+        uaid: options.uaid,
+        senderUaid: options.senderUaid,
+        historyTtlSeconds: options.historyTtlSeconds,
+        handshakeTimeoutMs: options.encryption?.handshakeTimeoutMs,
+        pollIntervalMs: options.encryption?.pollIntervalMs,
+        onSessionCreated: (sessionId) => {
+          options.onSessionCreated?.(sessionId);
+        },
+        auth: options.auth
+      });
+      return handle;
+    } catch (error) {
+      if (error instanceof EncryptionUnavailableError) {
+        if (preference === "required") {
+          throw error;
+        }
+        return this.createPlaintextConversationHandle(
+          error.sessionId,
+          error.summary ?? null,
+          options.auth,
+          { uaid: options.uaid }
+        );
+      }
+      throw error;
+    }
+  }
+  async acceptConversation(options) {
+    const preference = options.encryption?.preference ?? "preferred";
+    if (preference === "disabled") {
+      return this.createPlaintextConversationHandle(options.sessionId, null);
+    }
+    try {
+      const handle = await this.encryptedChatManager.acceptSession({
+        sessionId: options.sessionId,
+        responderUaid: options.responderUaid,
+        handshakeTimeoutMs: options.encryption?.handshakeTimeoutMs,
+        pollIntervalMs: options.encryption?.pollIntervalMs
+      });
+      return handle;
+    } catch (error) {
+      if (error instanceof EncryptionUnavailableError && preference !== "required") {
+        return this.createPlaintextConversationHandle(
+          options.sessionId,
+          null,
+          void 0,
+          { uaid: options.responderUaid }
+        );
+      }
+      throw error;
+    }
+  }
+  async fetchHistorySnapshot(sessionId, options) {
+    if (!sessionId || sessionId.trim().length === 0) {
+      throw new Error("sessionId is required to fetch chat history");
+    }
+    const raw = await this.requestJson(
+      `/chat/session/${encodeURIComponent(sessionId)}/history`,
+      {
+        method: "GET"
+      }
+    );
+    const snapshot = this.parseWithSchema(
+      raw,
+      chatHistorySnapshotResponseSchema,
+      "chat history snapshot response"
+    );
+    return this.attachDecryptedHistory(sessionId, snapshot, options);
+  }
+  attachDecryptedHistory(sessionId, snapshot, options) {
+    const shouldDecrypt = options?.decrypt !== void 0 ? options.decrypt : this.encryptionOptions?.autoDecryptHistory === true;
+    if (!shouldDecrypt) {
+      return snapshot;
+    }
+    const context = this.resolveDecryptionContext(sessionId, options);
+    if (!context) {
+      throw new Error(
+        "Unable to decrypt chat history: encryption context unavailable"
+      );
+    }
+    const decryptedHistory = snapshot.history.map((entry) => ({
+      entry,
+      plaintext: this.decryptHistoryEntryFromContext(sessionId, entry, context)
+    }));
+    return { ...snapshot, decryptedHistory };
+  }
+  registerConversationContext(context) {
+    const normalized = {
+      sessionId: context.sessionId,
+      sharedSecret: Buffer.from(context.sharedSecret),
+      identity: context.identity ? { ...context.identity } : void 0
+    };
+    const entries = this.conversationContexts.get(context.sessionId) ?? [];
+    const existingIndex = entries.findIndex(
+      (existing) => this.identitiesMatch(existing.identity, normalized.identity)
+    );
+    if (existingIndex >= 0) {
+      entries[existingIndex] = normalized;
+    } else {
+      entries.push(normalized);
+    }
+    this.conversationContexts.set(context.sessionId, entries);
+  }
+  // Exposed for EncryptedChatManager to persist decryption context
+  registerConversationContextForEncryption(context) {
+    this.registerConversationContext(context);
+  }
+  resolveDecryptionContext(sessionId, options) {
+    if (options?.sharedSecret) {
+      return {
+        sessionId,
+        sharedSecret: this.normalizeSharedSecret(options.sharedSecret),
+        identity: options.identity
+      };
+    }
+    const contexts = this.conversationContexts.get(sessionId);
+    if (!contexts || contexts.length === 0) {
+      return null;
+    }
+    if (options?.identity) {
+      const match = contexts.find(
+        (context) => this.identitiesMatch(context.identity, options.identity)
+      );
+      if (match) {
+        return match;
+      }
+    }
+    return contexts[0];
+  }
+  decryptHistoryEntryFromContext(sessionId, entry, context) {
+    const envelope = entry.cipherEnvelope;
+    if (!envelope) {
+      return entry.content;
+    }
+    const secret = Buffer.from(context.sharedSecret);
+    try {
+      return this.encryption.decryptCipherEnvelope({
+        envelope,
+        sharedSecret: secret
+      });
+    } catch (_error) {
+      return null;
+    }
+  }
+  identitiesMatch(a, b) {
+    if (!a && !b) {
+      return true;
+    }
+    if (!a || !b) {
+      return false;
+    }
+    if (a.uaid && b.uaid && a.uaid.toLowerCase() === b.uaid.toLowerCase()) {
+      return true;
+    }
+    if (a.ledgerAccountId && b.ledgerAccountId && a.ledgerAccountId.toLowerCase() === b.ledgerAccountId.toLowerCase()) {
+      return true;
+    }
+    if (a.userId && b.userId && a.userId === b.userId) {
+      return true;
+    }
+    if (a.email && b.email && a.email.toLowerCase() === b.email.toLowerCase()) {
+      return true;
+    }
+    return false;
+  }
+  identityMatchesRecipient(recipient, identity) {
+    if (identity.uaid && recipient.uaid?.toLowerCase() === identity.uaid.toLowerCase()) {
+      return true;
+    }
+    if (identity.ledgerAccountId && recipient.ledgerAccountId?.toLowerCase() === identity.ledgerAccountId.toLowerCase()) {
+      return true;
+    }
+    if (identity.userId && recipient.userId === identity.userId) {
+      return true;
+    }
+    if (identity.email && recipient.email?.toLowerCase() === identity.email.toLowerCase()) {
+      return true;
+    }
+    return false;
+  }
+  createPlaintextConversationHandle(sessionId, summary, defaultAuth, context) {
+    const uaid = context?.uaid?.trim();
+    const agentUrl = context?.agentUrl?.trim();
+    return {
+      sessionId,
+      mode: "plaintext",
+      summary: summary ?? null,
+      send: async (options) => {
+        const plaintext = options.plaintext;
+        if (!plaintext || plaintext.trim().length === 0) {
+          throw new Error("plaintext is required for chat messages");
+        }
+        const message = options.message ?? plaintext;
+        return this.sendMessage({
+          sessionId,
+          message,
+          streaming: options.streaming,
+          auth: options.auth ?? defaultAuth,
+          uaid,
+          agentUrl
+        });
+      },
+      decryptHistoryEntry: (entry) => entry.content
+    };
+  }
+  async compactHistory(payload) {
+    if (!payload.sessionId || payload.sessionId.trim().length === 0) {
+      throw new Error("sessionId is required to compact chat history");
+    }
+    const body = {};
+    if (typeof payload.preserveEntries === "number" && Number.isFinite(payload.preserveEntries) && payload.preserveEntries >= 0) {
+      body.preserveEntries = Math.floor(payload.preserveEntries);
+    }
+    const raw = await this.requestJson(
+      `/chat/session/${encodeURIComponent(payload.sessionId)}/compact`,
+      {
+        method: "POST",
+        headers: { "content-type": "application/json" },
+        body
+      }
+    );
+    return this.parseWithSchema(
+      raw,
+      chatHistoryCompactionResponseSchema,
+      "chat history compaction response"
+    );
+  }
+  async fetchEncryptionStatus(sessionId) {
+    if (!sessionId || sessionId.trim().length === 0) {
+      throw new Error("sessionId is required for encryption status");
+    }
+    const raw = await this.requestJson(
+      `/chat/session/${encodeURIComponent(sessionId)}/encryption`,
+      {
+        method: "GET"
+      }
+    );
+    return this.parseWithSchema(
+      raw,
+      sessionEncryptionStatusResponseSchema,
+      "session encryption status response"
+    );
+  }
+  async postEncryptionHandshake(sessionId, payload) {
+    if (!sessionId || sessionId.trim().length === 0) {
+      throw new Error("sessionId is required for encryption handshake");
+    }
+    const raw = await this.requestJson(
+      `/chat/session/${encodeURIComponent(sessionId)}/encryption-handshake`,
+      {
+        method: "POST",
+        headers: { "content-type": "application/json" },
+        body: {
+          role: payload.role,
+          keyType: payload.keyType,
+          ephemeralPublicKey: payload.ephemeralPublicKey,
+          longTermPublicKey: payload.longTermPublicKey,
+          signature: payload.signature,
+          uaid: payload.uaid,
+          userId: payload.userId,
+          ledgerAccountId: payload.ledgerAccountId,
+          metadata: payload.metadata
+        }
+      }
+    );
+    const response = this.parseWithSchema(
+      raw,
+      encryptionHandshakeResponseSchema,
+      "encryption handshake response"
+    );
+    return response.handshake;
+  }
+  async registerEncryptionKey(payload) {
+    const raw = await this.requestJson("/encryption/keys", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: payload
+    });
+    return this.parseWithSchema(
+      raw,
+      registerEncryptionKeyResponseSchema,
+      "register encryption key response"
+    );
+  }
+  async sendMessage(payload) {
+    const body = {
+      message: payload.message
+    };
+    if (payload.streaming !== void 0) {
+      body.streaming = payload.streaming;
+    }
+    if (payload.auth) {
+      body.auth = serialiseAuthConfig(payload.auth);
+    }
+    if ("uaid" in payload) {
+      body.uaid = payload.uaid;
+    }
+    if ("sessionId" in payload && payload.sessionId) {
+      body.sessionId = payload.sessionId;
+    }
+    if ("agentUrl" in payload && payload.agentUrl) {
+      body.agentUrl = payload.agentUrl;
+    }
+    let cipherEnvelope = payload.cipherEnvelope ?? null;
+    if (payload.encryption) {
+      const sessionIdForEncryption = payload.encryption.sessionId ?? (typeof body.sessionId === "string" ? body.sessionId : void 0);
+      if (!sessionIdForEncryption) {
+        throw new Error(
+          "sessionId is required when using encrypted chat payloads"
+        );
+      }
+      if (!payload.encryption.recipients?.length) {
+        throw new Error("recipients are required for encrypted chat payloads");
+      }
+      cipherEnvelope = this.encryption.encryptCipherEnvelope({
+        ...payload.encryption,
+        sessionId: sessionIdForEncryption
+      });
+    }
+    if (cipherEnvelope) {
+      body.cipherEnvelope = cipherEnvelope;
+    }
+    delete body.encryption;
+    const raw = await this.requestJson("/chat/message", {
+      method: "POST",
+      body,
+      headers: { "content-type": "application/json" }
+    });
+    return this.parseWithSchema(
+      raw,
+      sendMessageResponseSchema,
+      "chat message response"
+    );
+  }
+  async endSession(sessionId) {
+    await this.request(`/chat/session/${encodeURIComponent(sessionId)}`, {
+      method: "DELETE"
+    });
+  }
+  async generateEncryptionKeyPair(options = {}) {
+    this.assertNodeRuntime("generateEncryptionKeyPair");
+    const keyType = options.keyType ?? "secp256k1";
+    if (keyType !== "secp256k1") {
+      throw new Error("Only secp256k1 key generation is supported currently");
+    }
+    const privateKeyBytes = randomBytes(32);
+    const privateKey = Buffer.from(privateKeyBytes).toString("hex");
+    const publicKeyBytes = secp256k1.getPublicKey(privateKeyBytes, true);
+    const publicKey = Buffer.from(publicKeyBytes).toString("hex");
+    const envVar = options.envVar ?? "RB_ENCRYPTION_PRIVATE_KEY";
+    const resolvedPath = options.envPath ? path.resolve(options.envPath) : void 0;
+    if (resolvedPath) {
+      const fsModule = await getFs();
+      if (!fsModule) {
+        throw new Error(
+          "File system module is not available; cannot write encryption key env file"
+        );
+      }
+      const envLine = `${envVar}=${privateKey}`;
+      if (fsModule.existsSync(resolvedPath)) {
+        const content = fsModule.readFileSync(resolvedPath, "utf-8");
+        const lineRegex = new RegExp(`^${envVar}=.*$`, "m");
+        if (lineRegex.test(content)) {
+          if (!options.overwrite) {
+            throw new Error(
+              `${envVar} already exists in ${resolvedPath}; set overwrite=true to replace it`
+            );
+          }
+          const updated = content.replace(lineRegex, envLine);
+          fsModule.writeFileSync(resolvedPath, updated);
+        } else {
+          const needsNewline = !content.endsWith("\n");
+          fsModule.appendFileSync(
+            resolvedPath,
+            `${needsNewline ? "\n" : ""}${envLine}
+`
+          );
+        }
+      } else {
+        fsModule.writeFileSync(resolvedPath, `${envLine}
+`);
+      }
+    }
+    return {
+      privateKey,
+      publicKey,
+      envPath: resolvedPath,
+      envVar
+    };
+  }
+  buildUrl(path2) {
+    const normalisedPath = path2.startsWith("/") ? path2 : `/${path2}`;
+    return `${this.baseUrl}${normalisedPath}`;
+  }
+  buildVectorFallbackSearchParams(request) {
+    const params = {
+      q: request.query
+    };
+    let effectiveLimit;
+    if (typeof request.limit === "number" && Number.isFinite(request.limit)) {
+      effectiveLimit = request.limit;
+      params.limit = request.limit;
+    }
+    if (typeof request.offset === "number" && Number.isFinite(request.offset) && request.offset > 0) {
+      const limit = effectiveLimit && effectiveLimit > 0 ? effectiveLimit : 20;
+      params.limit = limit;
+      params.page = Math.floor(request.offset / limit) + 1;
+    }
+    if (request.filter?.registry) {
+      params.registry = request.filter.registry;
+    }
+    if (request.filter?.protocols?.length) {
+      params.protocols = [...request.filter.protocols];
+    }
+    if (request.filter?.adapter?.length) {
+      params.adapters = [...request.filter.adapter];
+    }
+    if (request.filter?.capabilities?.length) {
+      params.capabilities = request.filter.capabilities.map(
+        (value) => typeof value === "number" ? value.toString(10) : value
+      );
+    }
+    if (request.filter?.type) {
+      params.type = request.filter.type;
+    }
+    return params;
+  }
+  convertSearchResultToVectorResponse(result) {
+    const hits = result.hits.map((agent) => ({
+      agent,
+      score: 0,
+      highlights: {}
+    }));
+    const total = result.total;
+    const limit = result.limit;
+    const page = result.page;
+    const totalVisible = page * limit;
+    const limited = total > totalVisible || page > 1;
+    return {
+      hits,
+      total,
+      took: 0,
+      totalAvailable: total,
+      visible: hits.length,
+      limited,
+      credits_used: 0
+    };
+  }
+  async delay(ms, signal) {
+    if (ms <= 0) {
+      if (signal?.aborted) {
+        throw createAbortError();
+      }
+      return;
+    }
+    await new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        if (signal) {
+          signal.removeEventListener("abort", onAbort);
+        }
+        resolve();
+      }, ms);
+      const onAbort = () => {
+        clearTimeout(timer);
+        signal?.removeEventListener("abort", onAbort);
+        reject(createAbortError());
+      };
+      if (signal) {
+        if (signal.aborted) {
+          clearTimeout(timer);
+          reject(createAbortError());
+          return;
+        }
+        signal.addEventListener("abort", onAbort, { once: true });
+      }
+    });
+  }
+  async requestJson(path2, config) {
+    const response = await this.request(path2, config);
+    const contentType = response.headers?.get("content-type") ?? "";
+    if (!JSON_CONTENT_TYPE.test(contentType)) {
+      const body = await response.text();
+      throw new RegistryBrokerParseError(
+        "Expected JSON response from registry broker",
+        body
+      );
+    }
+    return await response.json();
+  }
+  async extractErrorBody(response) {
+    const contentType = response.headers?.get("content-type") ?? "";
+    if (JSON_CONTENT_TYPE.test(contentType)) {
+      try {
+        return await response.json();
+      } catch (error) {
+        return { parseError: String(error) };
+      }
+    }
+    try {
+      return await response.text();
+    } catch (error) {
+      return { parseError: String(error) };
+    }
+  }
+  parseWithSchema(value, schema, context) {
+    try {
+      return schema.parse(value);
+    } catch (error) {
+      throw new RegistryBrokerParseError(
+        `Failed to parse ${context}`,
+        error instanceof ZodError || error instanceof Error ? error : String(error),
+        value
+      );
+    }
+  }
+  assertNodeRuntime(feature) {
+    if (typeof process === "undefined" || !process.versions?.node) {
+      throw new Error(`${feature} is only available in Node.js environments`);
+    }
+  }
+  createEphemeralKeyPair() {
+    this.assertNodeRuntime("generateEphemeralKeyPair");
+    const privateKeyBytes = randomBytes(32);
+    const publicKey = secp256k1.getPublicKey(privateKeyBytes, true);
+    return {
+      privateKey: Buffer.from(privateKeyBytes).toString("hex"),
+      publicKey: Buffer.from(publicKey).toString("hex")
+    };
+  }
+  deriveSharedSecret(options) {
+    this.assertNodeRuntime("deriveSharedSecret");
+    const privateKey = this.hexToBuffer(options.privateKey);
+    const peerPublicKey = this.hexToBuffer(options.peerPublicKey);
+    const shared = secp256k1.getSharedSecret(privateKey, peerPublicKey, true);
+    return createHash("sha256").update(Buffer.from(shared)).digest();
+  }
+  buildCipherEnvelope(options) {
+    this.assertNodeRuntime("encryptCipherEnvelope");
+    const sharedSecret = this.normalizeSharedSecret(options.sharedSecret);
+    const iv = randomBytes(12);
+    const cipher = createCipheriv("aes-256-gcm", sharedSecret, iv);
+    const aadSource = options.associatedData ?? options.sessionId;
+    const associatedDataEncoded = aadSource ? Buffer.from(aadSource, "utf8").toString("base64") : void 0;
+    if (aadSource) {
+      cipher.setAAD(Buffer.from(aadSource, "utf8"));
+    }
+    const ciphertext = Buffer.concat([
+      cipher.update(Buffer.from(options.plaintext, "utf8")),
+      cipher.final()
+    ]);
+    const tag = cipher.getAuthTag();
+    const payload = Buffer.concat([ciphertext, tag]);
+    return {
+      algorithm: "aes-256-gcm",
+      ciphertext: payload.toString("base64"),
+      nonce: iv.toString("base64"),
+      associatedData: associatedDataEncoded,
+      keyLocator: {
+        sessionId: options.sessionId,
+        revision: options.revision ?? 1
+      },
+      recipients: options.recipients.map((recipient) => ({
+        ...recipient,
+        encryptedShare: ""
+      }))
+    };
+  }
+  openCipherEnvelope(options) {
+    this.assertNodeRuntime("decryptCipherEnvelope");
+    const sharedSecret = this.normalizeSharedSecret(options.sharedSecret);
+    const payload = Buffer.from(options.envelope.ciphertext, "base64");
+    const nonce = Buffer.from(options.envelope.nonce, "base64");
+    const ciphertext = payload.slice(0, payload.length - 16);
+    const tag = payload.slice(payload.length - 16);
+    const decipher = createDecipheriv("aes-256-gcm", sharedSecret, nonce);
+    if (options.envelope.associatedData) {
+      decipher.setAAD(Buffer.from(options.envelope.associatedData, "base64"));
+    }
+    decipher.setAuthTag(tag);
+    const plaintext = Buffer.concat([
+      decipher.update(ciphertext),
+      decipher.final()
+    ]);
+    return plaintext.toString(options.encoding ?? "utf8");
+  }
+  normalizeSharedSecret(input) {
+    if (Buffer.isBuffer(input)) {
+      return Buffer.from(input);
+    }
+    if (input instanceof Uint8Array) {
+      return Buffer.from(input);
+    }
+    if (typeof input === "string") {
+      return this.bufferFromString(input);
+    }
+    throw new Error("Unsupported shared secret input");
+  }
+  bufferFromString(value) {
+    const trimmed = value.trim();
+    if (!trimmed) {
+      throw new Error("sharedSecret string cannot be empty");
+    }
+    const normalized = trimmed.startsWith("0x") ? trimmed.slice(2) : trimmed;
+    if (/^[0-9a-fA-F]+$/.test(normalized) && normalized.length % 2 === 0) {
+      return Buffer.from(normalized, "hex");
+    }
+    return Buffer.from(trimmed, "base64");
+  }
+  hexToBuffer(value) {
+    const normalized = value.startsWith("0x") ? value.slice(2) : value;
+    if (!/^[0-9a-fA-F]+$/.test(normalized) || normalized.length % 2 !== 0) {
+      throw new Error("Expected hex-encoded value");
+    }
+    return Buffer.from(normalized, "hex");
+  }
+}
+const isPendingRegisterAgentResponse = (response) => response.status === "pending";
+const isPartialRegisterAgentResponse = (response) => response.status === "partial" && response.success === false;
+const isSuccessRegisterAgentResponse = (response) => response.success === true && response.status !== "pending";
+class EncryptedChatManager {
+  constructor(client) {
+    this.client = client;
+  }
+  registerConversationContext(context) {
+    this.client.registerConversationContextForEncryption(context);
+  }
+  async startSession(options) {
+    await this.client.encryptionReady();
+    const session = await this.client.chat.createSession({
+      uaid: options.uaid,
+      senderUaid: options.senderUaid,
+      encryptionRequested: true,
+      historyTtlSeconds: options.historyTtlSeconds,
+      auth: options.auth
+    });
+    options.onSessionCreated?.(session.sessionId);
+    const summary = session.encryption;
+    if (!summary?.enabled) {
+      throw new EncryptionUnavailableError(
+        session.sessionId,
+        session.encryption ?? null
+      );
+    }
+    const handle = await this.establishRequesterContext({
+      sessionId: session.sessionId,
+      summary,
+      senderUaid: options.senderUaid,
+      handshakeTimeoutMs: options.handshakeTimeoutMs,
+      pollIntervalMs: options.pollIntervalMs
+    });
+    return handle;
+  }
+  async acceptSession(options) {
+    await this.client.encryptionReady();
+    const summary = await this.waitForEncryptionSummary(
+      options.sessionId,
+      options.handshakeTimeoutMs,
+      options.pollIntervalMs
+    );
+    const handle = await this.establishResponderContext({
+      sessionId: options.sessionId,
+      summary,
+      responderUaid: options.responderUaid,
+      handshakeTimeoutMs: options.handshakeTimeoutMs,
+      pollIntervalMs: options.pollIntervalMs
+    });
+    return handle;
+  }
+  async establishRequesterContext(params) {
+    const keyPair = this.client.encryption.generateEphemeralKeyPair();
+    await this.client.chat.submitEncryptionHandshake(params.sessionId, {
+      role: "requester",
+      keyType: "secp256k1",
+      ephemeralPublicKey: keyPair.publicKey,
+      uaid: params.senderUaid ?? params.summary.requester?.uaid ?? void 0
+    });
+    const { summary, record } = await this.waitForHandshakeCompletion(
+      params.sessionId,
+      params.handshakeTimeoutMs,
+      params.pollIntervalMs
+    );
+    const responderKey = record.responder?.ephemeralPublicKey;
+    if (!responderKey) {
+      throw new Error("Responder handshake was not completed in time");
+    }
+    const sharedSecret = this.client.encryption.deriveSharedSecret({
+      privateKey: keyPair.privateKey,
+      peerPublicKey: responderKey
+    }).subarray();
+    const recipients = this.buildRecipients(summary);
+    return this.createHandle({
+      sessionId: params.sessionId,
+      sharedSecret,
+      summary,
+      recipients,
+      identity: summary.requester ?? void 0
+    });
+  }
+  async establishResponderContext(params) {
+    const keyPair = this.client.encryption.generateEphemeralKeyPair();
+    await this.client.chat.submitEncryptionHandshake(params.sessionId, {
+      role: "responder",
+      keyType: "secp256k1",
+      ephemeralPublicKey: keyPair.publicKey,
+      uaid: params.responderUaid ?? params.summary.responder?.uaid ?? void 0
+    });
+    const { summary, record } = await this.waitForHandshakeCompletion(
+      params.sessionId,
+      params.handshakeTimeoutMs,
+      params.pollIntervalMs
+    );
+    const requesterKey = record.requester?.ephemeralPublicKey;
+    if (!requesterKey) {
+      throw new Error("Requester handshake was not detected in time");
+    }
+    const sharedSecret = this.client.encryption.deriveSharedSecret({
+      privateKey: keyPair.privateKey,
+      peerPublicKey: requesterKey
+    }).subarray();
+    const recipients = this.buildRecipients(summary);
+    return this.createHandle({
+      sessionId: params.sessionId,
+      sharedSecret,
+      summary,
+      recipients,
+      identity: summary.responder ?? void 0
+    });
+  }
+  async waitForHandshakeCompletion(sessionId, timeoutMs = 3e4, pollIntervalMs = 1e3) {
+    const deadline = Date.now() + timeoutMs;
+    while (true) {
+      const status = await this.client.chat.getEncryptionStatus(sessionId);
+      const summary = status.encryption;
+      const record = summary?.handshake;
+      if (summary && record && record.status === "complete") {
+        return { summary, record };
+      }
+      if (Date.now() >= deadline) {
+        throw new Error("Timed out waiting for encrypted handshake completion");
+      }
+      await this.delay(pollIntervalMs);
+    }
+  }
+  async waitForEncryptionSummary(sessionId, _timeoutMs = 3e4, _pollIntervalMs = 1e3) {
+    const status = await this.client.chat.getEncryptionStatus(sessionId);
+    if (!status.encryption?.enabled) {
+      throw new EncryptionUnavailableError(
+        sessionId,
+        status.encryption ?? null
+      );
+    }
+    return status.encryption;
+  }
+  buildRecipients(summary) {
+    const candidates = [summary.requester, summary.responder].filter(Boolean);
+    const normalized = candidates.map((candidate) => {
+      if (!candidate) {
+        return null;
+      }
+      const recipient = {};
+      if (candidate.uaid) {
+        recipient.uaid = candidate.uaid;
+      }
+      if (candidate.ledgerAccountId) {
+        recipient.ledgerAccountId = candidate.ledgerAccountId;
+      }
+      if (candidate.userId) {
+        recipient.userId = candidate.userId;
+      }
+      if (candidate.email) {
+        recipient.email = candidate.email;
+      }
+      return recipient;
+    }).filter(
+      (entry) => Boolean(
+        entry?.uaid || entry?.ledgerAccountId || entry?.userId || entry?.email
+      )
+    );
+    if (normalized.length > 0) {
+      return normalized;
+    }
+    if (summary.responder?.uaid) {
+      return [{ uaid: summary.responder.uaid }];
+    }
+    return [];
+  }
+  createHandle(context) {
+    const sharedSecret = context.sharedSecret;
+    const uaid = context.summary.requester?.uaid ?? context.summary.responder?.uaid ?? context.identity?.uaid;
+    const handle = {
+      sessionId: context.sessionId,
+      mode: "encrypted",
+      summary: context.summary,
+      send: async (options) => {
+        const recipients = options.recipients ?? context.recipients;
+        return this.client.chat.sendMessage({
+          sessionId: context.sessionId,
+          message: options.message ?? "[ciphertext omitted]",
+          streaming: options.streaming,
+          auth: options.auth,
+          uaid,
+          encryption: {
+            plaintext: options.plaintext,
+            sharedSecret: Buffer.from(sharedSecret),
+            recipients
+          }
+        });
+      },
+      decryptHistoryEntry: (entry) => this.decryptEntry(entry, context.identity, sharedSecret)
+    };
+    this.registerConversationContext({
+      sessionId: context.sessionId,
+      sharedSecret,
+      identity: context.identity
+    });
+    return handle;
+  }
+  decryptEntry(entry, identity, fallbackSecret) {
+    const envelope = entry.cipherEnvelope;
+    if (!envelope) {
+      return null;
+    }
+    const secret = Buffer.from(fallbackSecret);
+    try {
+      return this.client.encryption.decryptCipherEnvelope({
+        envelope,
+        sharedSecret: secret
+      });
+    } catch (_error) {
+      return null;
+    }
+  }
+  recipientMatches(candidate, target) {
+    if (target.uaid && candidate.uaid?.toLowerCase() === target.uaid.toLowerCase()) {
+      return true;
+    }
+    if (target.ledgerAccountId && candidate.ledgerAccountId?.toLowerCase() === target.ledgerAccountId.toLowerCase()) {
+      return true;
+    }
+    if (target.userId && candidate.userId === target.userId) {
+      return true;
+    }
+    if (target.email && candidate.email?.toLowerCase() === target.email.toLowerCase()) {
+      return true;
+    }
+    return false;
+  }
+  async delay(ms) {
+    if (ms <= 0) {
+      return;
+    }
+    await new Promise((resolve) => setTimeout(resolve, ms));
+  }
+}
+class EncryptionUnavailableError extends Error {
+  constructor(sessionId, summary) {
+    super("Encryption is not enabled for this session");
+    this.sessionId = sessionId;
+    this.summary = summary;
+  }
+}
 export {
-  createPrivateKeySigner
+  RegistryBrokerClient,
+  RegistryBrokerError,
+  RegistryBrokerParseError,
+  isPartialRegisterAgentResponse,
+  isPendingRegisterAgentResponse,
+  isSuccessRegisterAgentResponse
 };
 //# sourceMappingURL=standards-sdk.es128.js.map