@heyanon-arp/sdk 0.0.18 → 0.0.24

package/dist/errors/index.d.ts

@@ -0,0 +1,2 @@
+export { POST_COMMIT_ERROR_CODES, POST_COMMIT_ERROR_CODE_PREFIXES, isPostCommitErrorCode } from './post-commit';
+export type { PostCommitErrorCode } from './post-commit';

package/dist/errors/post-commit.d.ts

@@ -0,0 +1,34 @@
+/**
+ * ARP error codes that fire AFTER the server has committed the envelope
+ * event row to the hash chain (so the sender_sequence is consumed) but
+ * BEFORE the body handler materialises any read-model state.
+ *
+ * This is a single shared contract with two consumers:
+ *  - the CLI advances `lastSenderSequence` on these (otherwise the next
+ *    envelope reuses the consumed sequence and trips ENV_SEQUENCE_BACKWARDS);
+ *  - the server marks the just-committed event `readModelStatus='rejected'`
+ *    (otherwise `events --success-only` / the webhook reconciler would
+ *    treat a rejected action as a materialised one).
+ *
+ * Previously this list lived in FOUR hand-maintained copies — three CLI
+ * sets (delegation/work/receipt) + the server's
+ * `PRE_MATERIALIZATION_REJECTION_CODES` — which had already drifted
+ * (the server was missing `RECEIPT_INVALID_STATE`). It is now owned here.
+ */
+export declare const POST_COMMIT_ERROR_CODES: readonly ["DELEGATION_ALREADY_EXISTS", "DELEGATION_INVALID_STATE", "DELEGATION_NOT_FOUND", "DELEGATION_RELATIONSHIP_MISMATCH", "DELEGATION_ACCEPTER_IS_OFFERER", "DELEGATION_DECLINER_IS_OFFERER", "DELEGATION_CANCELER_NOT_OFFERER", "DELEGATION_ASSET_NOT_ALLOWED", "DELEGATION_PRICING_MISMATCH", "DELEGATION_CAPACITY_EXCEEDED", "DELEGATION_PENDING_LOCK", "DELEGATION_FUNDER_NOT_OFFERER", "DELEGATION_ALREADY_FUNDED", "WORK_DELEGATION_NOT_FOUND", "WORK_DELEGATION_NOT_ACTIVE", "WORK_RELATIONSHIP_MISMATCH", "WORK_REQUESTER_NOT_OFFERER", "WORK_REQUEST_ALREADY_EXISTS", "WORK_REQUEST_NOT_FOUND", "WORK_RESPONDER_IS_CALLER", "WORK_INVALID_STATE", "RECEIPT_ALREADY_EXISTS", "RECEIPT_DELEGATION_NOT_FOUND", "RECEIPT_DELEGATION_NOT_ACTIVE", "RECEIPT_RELATIONSHIP_MISMATCH", "RECEIPT_ISSUER_IS_CALLER", "RECEIPT_NOT_FOUND", "RECEIPT_INVALID_STATE", "RECEIPT_RESPONSE_HASH_NOT_FOUND", "RECEIPT_REQUEST_HASH_NOT_FOUND", "RECEIPT_DELIVERABLE_HASH_MISMATCH"];
+export type PostCommitErrorCode = (typeof POST_COMMIT_ERROR_CODES)[number];
+/**
+ * Code-FAMILY prefixes that are always post-commit, enumerated rather
+ * than listed member-by-member because they grow over time:
+ *  - `ESC_LOCK_*` — on-chain lock-validator cross-check rejections fire
+ *    after the delegation/fund event is committed, before materialisation.
+ *  - `SDK_*` — SDK-layer throws (canonical-encode / signature / id) that
+ *    the server's internal-exception filter stamps with an `SDK_` code.
+ *    These only appear in the FINAL wire code a CLIENT sees, so they
+ *    matter to the CLI. Server-side classification runs in the message
+ *    handler BEFORE that code is assigned, so the prefix is simply never
+ *    matched there — harmless to share the same predicate.
+ */
+export declare const POST_COMMIT_ERROR_CODE_PREFIXES: readonly ["ESC_LOCK_", "SDK_"];
+/** True if `code` is a post-commit error code (explicit member OR prefix family). */
+export declare function isPostCommitErrorCode(code: string): boolean;

package/dist/escrow/index.d.ts

@@ -4,4 +4,4 @@ export { parseCaip19SolanaAssetId, type ParsedSolanaAssetId } from './caip19';
 export type { EscrowConfigStatus } from './config-status';
 export { buildCreateLockIxData, computeCreateLockDiscriminator, CREATE_LOCK_DISCRIMINATOR, CREATE_LOCK_NATIVE_DISCRIMINATOR, type CreateLockArgs, } from './create-lock';
 export { ESCROW_PDA_SEEDS, NO_ARG_LIFECYCLE_INSTRUCTIONS, type NoArgLifecycleInstruction, instructionDiscriminator, buildLifecycleIxData, buildResolveDisputeIxData, type ResolveDisputeArgs, } from './lifecycle-instructions';
-export { LOCK_ACCOUNT_SIZE, LOCK_ACCOUNT_DISCRIMINATOR, LOCK_STATE_NAMES, LOCK_TERMINAL_STATES, LockStates, ESCROW_RELEASE_METHODS, EscrowReleaseMethods, NATIVE_SOL_MINT_BASE58, type LockStateName, type LockTerminalState, type EscrowReleaseMethodName, isEscrowReleaseMethod, type DecodedLockAccount, decodeLockAccount, computeLockAccountDiscriminator, } from './lock-account';
+export { LOCK_ACCOUNT_SIZE, LOCK_ACCOUNT_DISCRIMINATOR, LOCK_STATE_NAMES, LOCK_TERMINAL_STATES, LockStates, LockTerminalStates, ESCROW_RELEASE_METHODS, EscrowReleaseMethods, NATIVE_SOL_MINT_BASE58, type LockStateName, type LockTerminalState, type EscrowReleaseMethodName, isEscrowReleaseMethod, type DecodedLockAccount, decodeLockAccount, computeLockAccountDiscriminator, } from './lock-account';

package/dist/escrow/lock-account.d.ts

@@ -16,6 +16,20 @@ export declare const LOCK_TERMINAL_STATES: readonly ["canceled", "paid", "revoke
  * field both source this type instead of re-listing the literals.
  */
 export type LockTerminalState = (typeof LOCK_TERMINAL_STATES)[number];
+/**
+ * Named-member accessor for the terminal lock states (the subset that a
+ * receipt's `release_status` / a delegation's `releaseStatus` can hold).
+ * The server's `ReceiptReleaseStatus` enum and any `releaseStatus`
+ * field source these instead of re-listing the literals. Vocab-tested
+ * against {@link LOCK_TERMINAL_STATES}.
+ */
+export declare const LockTerminalStates: {
+    readonly CANCELED: "canceled";
+    readonly PAID: "paid";
+    readonly REVOKED: "revoked";
+    readonly DISPUTE_RESOLVED: "dispute_resolved";
+    readonly DISPUTE_CLOSED: "dispute_closed";
+};
 /**
  * On-chain `WorkPaymentClaimed.claim_type` → how a paid lock was
  * released. Discriminant order = u8 value (0 = buyer_approved,

package/dist/index.d.ts

@@ -32,3 +32,4 @@ export * from './utils';
 export * from './types';
 export * from './assets';
 export * from './escrow';
+export * from './errors';

package/dist/index.js

@@ -563,6 +563,19 @@ var InboxBlockScopes = {
   DID: "did"
 };
 
+// src/types/cli-auth.ts
+var CLI_LOGIN_SESSION_STORED_STATES = ["pending", "confirmed", "consumed"];
+var CLI_LOGIN_SESSION_STATES = ["pending", "confirmed", "consumed", "expired"];
+function isCliLoginSessionWireState(v) {
+  return typeof v === "string" && CLI_LOGIN_SESSION_STATES.includes(v);
+}
+var CliLoginSessionStates = {
+  PENDING: "pending",
+  CONFIRMED: "confirmed",
+  CONSUMED: "consumed",
+  EXPIRED: "expired"
+};
+
 // src/assets.ts
 var SOLANA_CLUSTER_IDS = {
   "solana-mainnet": "5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
@@ -813,6 +826,13 @@ var LOCK_ACCOUNT_SIZE = 269;
 var LOCK_ACCOUNT_DISCRIMINATOR = new Uint8Array([8, 255, 36, 202, 210, 22, 57, 137]);
 var LOCK_STATE_NAMES = ["created", "canceled", "in_progress", "submitted", "paid", "revoked", "disputing", "dispute_resolved", "dispute_closed"];
 var LOCK_TERMINAL_STATES = ["canceled", "paid", "revoked", "dispute_resolved", "dispute_closed"];
+var LockTerminalStates = {
+  CANCELED: "canceled",
+  PAID: "paid",
+  REVOKED: "revoked",
+  DISPUTE_RESOLVED: "dispute_resolved",
+  DISPUTE_CLOSED: "dispute_closed"
+};
 var ESCROW_RELEASE_METHODS = ["buyer_approved", "review_timeout"];
 function isEscrowReleaseMethod(v) {
   return typeof v === "string" && ESCROW_RELEASE_METHODS.includes(v);
@@ -884,6 +904,49 @@ function readU64LE(buf, off) {
   return v;
 }
 
+// src/errors/post-commit.ts
+var POST_COMMIT_ERROR_CODES = [
+  // delegation handler (offer / accept / decline / cancel / fund)
+  "DELEGATION_ALREADY_EXISTS",
+  "DELEGATION_INVALID_STATE",
+  "DELEGATION_NOT_FOUND",
+  "DELEGATION_RELATIONSHIP_MISMATCH",
+  "DELEGATION_ACCEPTER_IS_OFFERER",
+  "DELEGATION_DECLINER_IS_OFFERER",
+  "DELEGATION_CANCELER_NOT_OFFERER",
+  "DELEGATION_ASSET_NOT_ALLOWED",
+  "DELEGATION_PRICING_MISMATCH",
+  "DELEGATION_CAPACITY_EXCEEDED",
+  "DELEGATION_PENDING_LOCK",
+  "DELEGATION_FUNDER_NOT_OFFERER",
+  "DELEGATION_ALREADY_FUNDED",
+  // work handler (request / respond)
+  "WORK_DELEGATION_NOT_FOUND",
+  "WORK_DELEGATION_NOT_ACTIVE",
+  "WORK_RELATIONSHIP_MISMATCH",
+  "WORK_REQUESTER_NOT_OFFERER",
+  "WORK_REQUEST_ALREADY_EXISTS",
+  "WORK_REQUEST_NOT_FOUND",
+  "WORK_RESPONDER_IS_CALLER",
+  "WORK_INVALID_STATE",
+  // receipt handler (propose)
+  "RECEIPT_ALREADY_EXISTS",
+  "RECEIPT_DELEGATION_NOT_FOUND",
+  "RECEIPT_DELEGATION_NOT_ACTIVE",
+  "RECEIPT_RELATIONSHIP_MISMATCH",
+  "RECEIPT_ISSUER_IS_CALLER",
+  "RECEIPT_NOT_FOUND",
+  "RECEIPT_INVALID_STATE",
+  "RECEIPT_RESPONSE_HASH_NOT_FOUND",
+  "RECEIPT_REQUEST_HASH_NOT_FOUND",
+  "RECEIPT_DELIVERABLE_HASH_MISMATCH"
+];
+var POST_COMMIT_ERROR_CODE_PREFIXES = ["ESC_LOCK_", "SDK_"];
+var POST_COMMIT_SET = new Set(POST_COMMIT_ERROR_CODES);
+function isPostCommitErrorCode(code) {
+  return POST_COMMIT_SET.has(code) || POST_COMMIT_ERROR_CODE_PREFIXES.some((p) => code.startsWith(p));
+}
+
 exports.ASSET_DECIMALS_MAX = ASSET_DECIMALS_MAX;
 exports.ASSET_DECIMALS_MIN = ASSET_DECIMALS_MIN;
 exports.ASSET_SYMBOL_MAX_LEN = ASSET_SYMBOL_MAX_LEN;
@@ -893,9 +956,12 @@ exports.ASSOCIATED_TOKEN_PROGRAM_ID_BASE58 = ASSOCIATED_TOKEN_PROGRAM_ID_BASE58;
 exports.BODY_TYPES = BODY_TYPES;
 exports.BodyTypes = BodyTypes;
 exports.CAIP19_REGEX = CAIP19_REGEX;
+exports.CLI_LOGIN_SESSION_STATES = CLI_LOGIN_SESSION_STATES;
+exports.CLI_LOGIN_SESSION_STORED_STATES = CLI_LOGIN_SESSION_STORED_STATES;
 exports.CREATE_LOCK_DISCRIMINATOR = CREATE_LOCK_DISCRIMINATOR;
 exports.CREATE_LOCK_NATIVE_DISCRIMINATOR = CREATE_LOCK_NATIVE_DISCRIMINATOR;
 exports.CURRENT_PROTOCOL_VERSION = CURRENT_PROTOCOL_VERSION;
+exports.CliLoginSessionStates = CliLoginSessionStates;
 exports.DECIMAL_AMOUNT_REGEX = DECIMAL_AMOUNT_REGEX;
 exports.DECLINE_REASONS = DECLINE_REASONS;
 exports.DELEGATION_ACTIONS = DELEGATION_ACTIONS;
@@ -921,12 +987,15 @@ exports.LOCK_ACCOUNT_SIZE = LOCK_ACCOUNT_SIZE;
 exports.LOCK_STATE_NAMES = LOCK_STATE_NAMES;
 exports.LOCK_TERMINAL_STATES = LOCK_TERMINAL_STATES;
 exports.LockStates = LockStates;
+exports.LockTerminalStates = LockTerminalStates;
 exports.MAINNET_MINTS = MAINNET_MINTS;
 exports.MAX_CLOCK_SKEW_SECONDS = MAX_CLOCK_SKEW_SECONDS;
 exports.MAX_ENVELOPE_TTL_SECONDS = MAX_ENVELOPE_TTL_SECONDS;
 exports.NATIVE_SOL_MINT_BASE58 = NATIVE_SOL_MINT_BASE58;
 exports.NO_ARG_LIFECYCLE_INSTRUCTIONS = NO_ARG_LIFECYCLE_INSTRUCTIONS;
 exports.OWNER_SIGNING_METHODS = OWNER_SIGNING_METHODS;
+exports.POST_COMMIT_ERROR_CODES = POST_COMMIT_ERROR_CODES;
+exports.POST_COMMIT_ERROR_CODE_PREFIXES = POST_COMMIT_ERROR_CODE_PREFIXES;
 exports.PROTOCOL_VERSIONS = PROTOCOL_VERSIONS;
 exports.Purpose = Purpose;
 exports.READ_MODEL_STATUSES = READ_MODEL_STATUSES;
@@ -973,6 +1042,7 @@ exports.getPublicKey = getPublicKey2;
 exports.instructionDiscriminator = instructionDiscriminator;
 exports.isAssetIdentifier = isAssetIdentifier;
 exports.isBodyType = isBodyType;
+exports.isCliLoginSessionWireState = isCliLoginSessionWireState;
 exports.isDecimalAmountString = isDecimalAmountString;
 exports.isDeclineReason = isDeclineReason;
 exports.isDelegationAction = isDelegationAction;
@@ -981,6 +1051,7 @@ exports.isDiscoverySort = isDiscoverySort;
 exports.isEscrowReleaseMethod = isEscrowReleaseMethod;
 exports.isHandshakeDecision = isHandshakeDecision;
 exports.isInboxBlockScope = isInboxBlockScope;
+exports.isPostCommitErrorCode = isPostCommitErrorCode;
 exports.isReadModelStatus = isReadModelStatus;
 exports.isReceiptVerdict = isReceiptVerdict;
 exports.isRelationshipState = isRelationshipState;

package/dist/index.mjs

@@ -538,6 +538,19 @@ var InboxBlockScopes = {
   DID: "did"
 };
 
+// src/types/cli-auth.ts
+var CLI_LOGIN_SESSION_STORED_STATES = ["pending", "confirmed", "consumed"];
+var CLI_LOGIN_SESSION_STATES = ["pending", "confirmed", "consumed", "expired"];
+function isCliLoginSessionWireState(v) {
+  return typeof v === "string" && CLI_LOGIN_SESSION_STATES.includes(v);
+}
+var CliLoginSessionStates = {
+  PENDING: "pending",
+  CONFIRMED: "confirmed",
+  CONSUMED: "consumed",
+  EXPIRED: "expired"
+};
+
 // src/assets.ts
 var SOLANA_CLUSTER_IDS = {
   "solana-mainnet": "5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
@@ -788,6 +801,13 @@ var LOCK_ACCOUNT_SIZE = 269;
 var LOCK_ACCOUNT_DISCRIMINATOR = new Uint8Array([8, 255, 36, 202, 210, 22, 57, 137]);
 var LOCK_STATE_NAMES = ["created", "canceled", "in_progress", "submitted", "paid", "revoked", "disputing", "dispute_resolved", "dispute_closed"];
 var LOCK_TERMINAL_STATES = ["canceled", "paid", "revoked", "dispute_resolved", "dispute_closed"];
+var LockTerminalStates = {
+  CANCELED: "canceled",
+  PAID: "paid",
+  REVOKED: "revoked",
+  DISPUTE_RESOLVED: "dispute_resolved",
+  DISPUTE_CLOSED: "dispute_closed"
+};
 var ESCROW_RELEASE_METHODS = ["buyer_approved", "review_timeout"];
 function isEscrowReleaseMethod(v) {
   return typeof v === "string" && ESCROW_RELEASE_METHODS.includes(v);
@@ -859,4 +879,47 @@ function readU64LE(buf, off) {
   return v;
 }
 
-export { ASSET_DECIMALS_MAX, ASSET_DECIMALS_MIN, ASSET_SYMBOL_MAX_LEN, ASSET_SYMBOL_MIN_LEN, ASSET_WHITELIST, ASSOCIATED_TOKEN_PROGRAM_ID_BASE58, BODY_TYPES, BodyTypes, CAIP19_REGEX, CREATE_LOCK_DISCRIMINATOR, CREATE_LOCK_NATIVE_DISCRIMINATOR, CURRENT_PROTOCOL_VERSION, DECIMAL_AMOUNT_REGEX, DECLINE_REASONS, DELEGATION_ACTIONS, DELEGATION_ACTIVE_STATES, DELEGATION_STATES, DEVNET_MINTS, DISCOVERY_SORTS, DelegationActions, DelegationStates, DiscoverySorts, ED25519_SIG_PREFIX, ESCROW_PDA_SEEDS, ESCROW_PROGRAM_ID_BASE58, ESCROW_RELEASE_METHODS, EscrowReleaseMethods, HANDSHAKE_DECISIONS, HandshakeDecisions, INBOX_BLOCK_SCOPES, InboxBlockScopes, LIVE_RELATIONSHIP_STATE_NAMES, LOCK_ACCOUNT_DISCRIMINATOR, LOCK_ACCOUNT_SIZE, LOCK_STATE_NAMES, LOCK_TERMINAL_STATES, LockStates, MAINNET_MINTS, MAX_CLOCK_SKEW_SECONDS, MAX_ENVELOPE_TTL_SECONDS, NATIVE_SOL_MINT_BASE58, NO_ARG_LIFECYCLE_INSTRUCTIONS, OWNER_SIGNING_METHODS, PROTOCOL_VERSIONS, Purpose, READ_MODEL_STATUSES, RECEIPT_VERDICTS, RELATIONSHIP_STATE_NAMES, ReadModelStatuses, ReceiptVerdicts, RelationshipStates, SCRYPT_PARAMS, SHA256_HEX_RE, SLIP44_SOLANA, SOLANA_CLUSTER_IDS, SPL_TOKEN_PROGRAM_ID_BASE58, SYSTEM_PROGRAM_ID_BASE58, TOKEN_2022_PROGRAM_ID_BASE58, WELL_KNOWN_ASSETS, WELL_KNOWN_ASSET_KEYS, WORK_LOG_STATES, WorkLogStates, base58btcDecode, base58btcEncode, buildCreateLockIxData, buildLifecycleIxData, buildResolveDisputeIxData, bytes16ToDelegationId, canonicalBytes, canonicalJson, canonicalSha256Hex, computeCreateLockDiscriminator, computeLockAccountDiscriminator, decodeLockAccount, delegationIdToBytes16, deriveDelegationConditionHash, deriveLockId, deriveScryptKey, detectTokenProgramFromOwner, detectTokenProgramFromOwnerBytes, expiresAt, findAssetByAssetId, findFirstChainDivergence, formatDid, generateKeyPair, getPublicKey2 as getPublicKey, instructionDiscriminator, isAssetIdentifier, isBodyType, isDecimalAmountString, isDeclineReason, isDelegationAction, isDelegationState, isDiscoverySort, isEscrowReleaseMethod, isHandshakeDecision, isInboxBlockScope, isReadModelStatus, isReceiptVerdict, isRelationshipState, isSha256Hex, isValidDid, isWhitelistedAssetId, isWorkLogState, listWhitelistedAssets, parseCaip19SolanaAssetId, parseDid, pollUntil, resolveAsset, rfc3339, scryptPasswordProofSign, scryptPasswordProofVerify, senderNonce, serverEventHash, sign2 as sign, signChallenge, signEnvelope, signKeyLinkAttestation, signedMessageHash, uuidV4, verify2 as verify, verifyChallenge, verifyEnvelope, verifyKeyLinkAttestation };
+// src/errors/post-commit.ts
+var POST_COMMIT_ERROR_CODES = [
+  // delegation handler (offer / accept / decline / cancel / fund)
+  "DELEGATION_ALREADY_EXISTS",
+  "DELEGATION_INVALID_STATE",
+  "DELEGATION_NOT_FOUND",
+  "DELEGATION_RELATIONSHIP_MISMATCH",
+  "DELEGATION_ACCEPTER_IS_OFFERER",
+  "DELEGATION_DECLINER_IS_OFFERER",
+  "DELEGATION_CANCELER_NOT_OFFERER",
+  "DELEGATION_ASSET_NOT_ALLOWED",
+  "DELEGATION_PRICING_MISMATCH",
+  "DELEGATION_CAPACITY_EXCEEDED",
+  "DELEGATION_PENDING_LOCK",
+  "DELEGATION_FUNDER_NOT_OFFERER",
+  "DELEGATION_ALREADY_FUNDED",
+  // work handler (request / respond)
+  "WORK_DELEGATION_NOT_FOUND",
+  "WORK_DELEGATION_NOT_ACTIVE",
+  "WORK_RELATIONSHIP_MISMATCH",
+  "WORK_REQUESTER_NOT_OFFERER",
+  "WORK_REQUEST_ALREADY_EXISTS",
+  "WORK_REQUEST_NOT_FOUND",
+  "WORK_RESPONDER_IS_CALLER",
+  "WORK_INVALID_STATE",
+  // receipt handler (propose)
+  "RECEIPT_ALREADY_EXISTS",
+  "RECEIPT_DELEGATION_NOT_FOUND",
+  "RECEIPT_DELEGATION_NOT_ACTIVE",
+  "RECEIPT_RELATIONSHIP_MISMATCH",
+  "RECEIPT_ISSUER_IS_CALLER",
+  "RECEIPT_NOT_FOUND",
+  "RECEIPT_INVALID_STATE",
+  "RECEIPT_RESPONSE_HASH_NOT_FOUND",
+  "RECEIPT_REQUEST_HASH_NOT_FOUND",
+  "RECEIPT_DELIVERABLE_HASH_MISMATCH"
+];
+var POST_COMMIT_ERROR_CODE_PREFIXES = ["ESC_LOCK_", "SDK_"];
+var POST_COMMIT_SET = new Set(POST_COMMIT_ERROR_CODES);
+function isPostCommitErrorCode(code) {
+  return POST_COMMIT_SET.has(code) || POST_COMMIT_ERROR_CODE_PREFIXES.some((p) => code.startsWith(p));
+}
+
+export { ASSET_DECIMALS_MAX, ASSET_DECIMALS_MIN, ASSET_SYMBOL_MAX_LEN, ASSET_SYMBOL_MIN_LEN, ASSET_WHITELIST, ASSOCIATED_TOKEN_PROGRAM_ID_BASE58, BODY_TYPES, BodyTypes, CAIP19_REGEX, CLI_LOGIN_SESSION_STATES, CLI_LOGIN_SESSION_STORED_STATES, CREATE_LOCK_DISCRIMINATOR, CREATE_LOCK_NATIVE_DISCRIMINATOR, CURRENT_PROTOCOL_VERSION, CliLoginSessionStates, DECIMAL_AMOUNT_REGEX, DECLINE_REASONS, DELEGATION_ACTIONS, DELEGATION_ACTIVE_STATES, DELEGATION_STATES, DEVNET_MINTS, DISCOVERY_SORTS, DelegationActions, DelegationStates, DiscoverySorts, ED25519_SIG_PREFIX, ESCROW_PDA_SEEDS, ESCROW_PROGRAM_ID_BASE58, ESCROW_RELEASE_METHODS, EscrowReleaseMethods, HANDSHAKE_DECISIONS, HandshakeDecisions, INBOX_BLOCK_SCOPES, InboxBlockScopes, LIVE_RELATIONSHIP_STATE_NAMES, LOCK_ACCOUNT_DISCRIMINATOR, LOCK_ACCOUNT_SIZE, LOCK_STATE_NAMES, LOCK_TERMINAL_STATES, LockStates, LockTerminalStates, MAINNET_MINTS, MAX_CLOCK_SKEW_SECONDS, MAX_ENVELOPE_TTL_SECONDS, NATIVE_SOL_MINT_BASE58, NO_ARG_LIFECYCLE_INSTRUCTIONS, OWNER_SIGNING_METHODS, POST_COMMIT_ERROR_CODES, POST_COMMIT_ERROR_CODE_PREFIXES, PROTOCOL_VERSIONS, Purpose, READ_MODEL_STATUSES, RECEIPT_VERDICTS, RELATIONSHIP_STATE_NAMES, ReadModelStatuses, ReceiptVerdicts, RelationshipStates, SCRYPT_PARAMS, SHA256_HEX_RE, SLIP44_SOLANA, SOLANA_CLUSTER_IDS, SPL_TOKEN_PROGRAM_ID_BASE58, SYSTEM_PROGRAM_ID_BASE58, TOKEN_2022_PROGRAM_ID_BASE58, WELL_KNOWN_ASSETS, WELL_KNOWN_ASSET_KEYS, WORK_LOG_STATES, WorkLogStates, base58btcDecode, base58btcEncode, buildCreateLockIxData, buildLifecycleIxData, buildResolveDisputeIxData, bytes16ToDelegationId, canonicalBytes, canonicalJson, canonicalSha256Hex, computeCreateLockDiscriminator, computeLockAccountDiscriminator, decodeLockAccount, delegationIdToBytes16, deriveDelegationConditionHash, deriveLockId, deriveScryptKey, detectTokenProgramFromOwner, detectTokenProgramFromOwnerBytes, expiresAt, findAssetByAssetId, findFirstChainDivergence, formatDid, generateKeyPair, getPublicKey2 as getPublicKey, instructionDiscriminator, isAssetIdentifier, isBodyType, isCliLoginSessionWireState, isDecimalAmountString, isDeclineReason, isDelegationAction, isDelegationState, isDiscoverySort, isEscrowReleaseMethod, isHandshakeDecision, isInboxBlockScope, isPostCommitErrorCode, isReadModelStatus, isReceiptVerdict, isRelationshipState, isSha256Hex, isValidDid, isWhitelistedAssetId, isWorkLogState, listWhitelistedAssets, parseCaip19SolanaAssetId, parseDid, pollUntil, resolveAsset, rfc3339, scryptPasswordProofSign, scryptPasswordProofVerify, senderNonce, serverEventHash, sign2 as sign, signChallenge, signEnvelope, signKeyLinkAttestation, signedMessageHash, uuidV4, verify2 as verify, verifyChallenge, verifyEnvelope, verifyKeyLinkAttestation };

package/dist/types/agent.d.ts

@@ -1,3 +1,4 @@
+import type { DidDocument } from '../did/document';
 /**
  * Agent accept-preferences ("PricingPolicy") — the worker-side "what I
  * accept" constraints a registered agent publishes on its profile.
@@ -56,3 +57,105 @@ export interface AcceptCurrency {
      */
     maxAmount?: string;
 }
+/**
+ * Response from agent registration (`POST /v1/agents`; the server DTO
+ * is `AgentRegisteredDto`). The {@link DidDocument} shape is the SDK's
+ * canonical one from `../did/document`.
+ */
+export interface AgentRegisteredResponse {
+    did: string;
+    didDocument: DidDocument;
+}
+/**
+ * Public view of an ARP agent — signed reads (`GET /v1/agents/:did`)
+ * and the profile `PATCH` response. Owner-only material (raw scrypt,
+ * encrypted secrets) never appears here.
+ */
+export interface AgentPublic {
+    did: string;
+    /** Identity public key, base58btc. Immutable — the DID derives from it. */
+    identityPublicKey: string;
+    /** Settlement (Solana) public key, base58btc. */
+    settlementPublicKey: string;
+    /** attestationId of the live KEY-LINK row. */
+    currentAttestationId: string;
+    name?: string;
+    description?: string;
+    /** Capability tags — always present (empty array when none). */
+    tags: string[];
+    /** Accept-preferences — absent ⇒ the agent accepts anything. */
+    acceptPrefs?: AcceptPrefs;
+    registeredAt: string;
+    createdAt: string;
+    updatedAt: string;
+}
+/**
+ * Partial profile-update body for `PATCH /v1/agents/:did`. Omitted
+ * fields stay as-is; `tags` present REPLACES the whole list (send `[]`
+ * to clear); `acceptPrefs` present REPLACES the object (`null` clears).
+ */
+export interface UpdateAgentBody {
+    name?: string;
+    description?: string;
+    tags?: string[];
+    acceptPrefs?: AcceptPrefs | null;
+}
+/** 0..100 reputation score vector (neutral 50 cold-start). */
+export interface ReputationScores {
+    reliability: number;
+    settlement: number;
+    disputeHealth: number;
+    composite: number;
+}
+/** Raw evidence counters behind the reputation scores. */
+export interface ReputationCounters {
+    onchainCycles: number;
+    completedDelegations: number;
+    completedAsPayer: number;
+    completedAsPayee: number;
+    failedDelegations: number;
+    settledEscrows: number;
+    refundedEscrows: number;
+    disputedEscrows: number;
+    disputesAdverse: number;
+    distinctCounterparts: number;
+    activeRelationships: number;
+}
+/**
+ * Public reputation view — `GET /v1/agents/:did/reputation`.
+ * INFORMATIONAL ONLY (a display + soft-sort signal, never a money /
+ * eligibility gate; `informational` is always true in alpha). Scores
+ * are 0..100 with a neutral 50 cold-start; `computed: false` ⇒ the
+ * agent has never settled a cycle and the neutral vector is shown.
+ */
+export interface AgentReputation {
+    did: string;
+    informational: boolean;
+    scores: ReputationScores;
+    counters: ReputationCounters;
+    computed: boolean;
+    lastComputedAt?: string | null;
+}
+/**
+ * Request body for `POST /v1/agents` (registration). The server DTO is
+ * `RegisterAgentDto`; `ownerAttestation` mirrors the SDK
+ * `ScryptPasswordAttestation<KeyLinkPayload>` wire shape but stays a
+ * generic object here — its inner fields are verified by canonical-JSON
+ * + HMAC at the server, not structurally.
+ */
+export interface RegisterAgentRequest {
+    challengeId: string;
+    identityPublicKey: string;
+    settlementPublicKey: string;
+    ownerAttestation: {
+        payload: Record<string, unknown>;
+        sig: string;
+        scrypt_salt_id: string;
+    };
+    scryptKeyB64: string;
+    scryptSaltB64: string;
+    name?: string;
+    description?: string;
+    /** Capability tags — lowercase alphanumeric + dash/underscore, max 20. */
+    tags?: string[];
+}

package/dist/types/cli-auth.d.ts

@@ -4,12 +4,36 @@
  * CLI's response types — both are plain framework-agnostic interfaces
  * (the server declares them in a service, not a NestJS DTO class), so
  * this is a pure lift-and-share with no decorator coupling.
+ */
+/**
+ * `heyarp login` session lifecycle. TWO tiers because the wire vocab is
+ * a strict superset of what's persisted:
+ *
+ *   - {@link CLI_LOGIN_SESSION_STORED_STATES} — what the server's Mongo
+ *     row actually holds (`@Prop enum`): `pending` → `confirmed` →
+ *     `consumed`.
+ *   - {@link CLI_LOGIN_SESSION_STATES} — what the `GET …/sessions/:id`
+ *     endpoint can RETURN. Adds `expired`, which the service COMPUTES on
+ *     read for a `pending` row past its TTL (and the CLI also derives
+ *     from a 404). `expired` is never stored.
  *
- * NOT included here: the cli-auth SESSION-STATE union
- * ('pending'|'confirmed'|'consumed'|...) — the CLI and server disagree
- * on the terminal members, so it needs reconciliation before it can be
- * centralized.
+ * Same `as const` array + union + guard + const-object shape as the
+ * protocol vocabularies; the server sources its `@Prop enum` from the
+ * stored array and types the read endpoint with the full wire union,
+ * and the CLI types its wire response from the full union.
  */
+export declare const CLI_LOGIN_SESSION_STORED_STATES: readonly ["pending", "confirmed", "consumed"];
+export type CliLoginSessionStoredState = (typeof CLI_LOGIN_SESSION_STORED_STATES)[number];
+export declare const CLI_LOGIN_SESSION_STATES: readonly ["pending", "confirmed", "consumed", "expired"];
+export type CliLoginSessionWireState = (typeof CLI_LOGIN_SESSION_STATES)[number];
+export declare function isCliLoginSessionWireState(v: unknown): v is CliLoginSessionWireState;
+/** Named-member accessor for {@link CliLoginSessionWireState} (vocab-tested). */
+export declare const CliLoginSessionStates: {
+    readonly PENDING: "pending";
+    readonly CONFIRMED: "confirmed";
+    readonly CONSUMED: "consumed";
+    readonly EXPIRED: "expired";
+};
 /** `POST /v1/auth/cli/sessions` → a new login session. */
 export interface CliSessionCreated {
     sessionId: string;

package/dist/types/discovery.d.ts

@@ -1,3 +1,4 @@
+import type { AcceptPrefs, AgentReputation } from './agent';
 /**
  * Discovery catalog sort order for `GET /v1/discovery/agents`. Single
  * source of truth for the server's `@IsIn`/`@ApiProperty` allowlist and
@@ -16,3 +17,95 @@ export declare const DiscoverySorts: {
     readonly RECENT: "recent";
     readonly CREATED: "created";
 };
+/**
+ * Query for `GET /v1/discovery/search` (server DTO
+ * `DiscoverySearchQueryDto`). Every field optional; filters AND-compose.
+ * Reputation is a SOFT sort, never a gate.
+ */
+export interface DiscoverySearchQuery {
+    /** Full-text over name + description. */
+    q?: string;
+    /** Capability tags — AND-require all. */
+    tag?: string[];
+    /** Creator wallet (base58) — you must already know it; never echoed back. */
+    accountId?: string;
+    /** CAIP-19 payment asset; matches explicit listers AND accept-anything agents. */
+    accepts?: string;
+    /** Only agents seen within the liveness window. */
+    online?: boolean;
+    /** `reputation` (composite desc, default) | `recent` | `created` (cursor). */
+    sort?: DiscoverySort;
+    /** Zero-based page index (offset = page × limit) — reputation/recent sorts. */
+    page?: number;
+    /** Cursor for `sort=created`: the previous page's last row id. */
+    after?: string;
+    limit?: number;
+}
+/** Reputation digest carried inline on each discovery row (the soft-sort key). */
+export interface DiscoveryReputation {
+    composite: number;
+    reliability: number;
+    settlement: number;
+    disputeHealth: number;
+    computed: boolean;
+}
+/** Liveness digest — how recently / whether the agent is reachable. */
+export interface DiscoveryLiveness {
+    /** Durable: a signed request within the liveness window (replica-accurate). */
+    online: boolean;
+    /** Live: an open SSE inbox stream on the serving instance (per-process). */
+    inboxStreamActive: boolean;
+    /** RFC 3339 of the last signed request; null ⇒ never seen since registration. */
+    lastSeenAt?: string | null;
+}
+/**
+ * One discovery search row — a privacy-safe subset of the agent
+ * profile (NO accountId / key material) enriched with the reputation
+ * soft-sort key + liveness.
+ */
+export interface DiscoveryResult {
+    id: string;
+    did: string;
+    name?: string;
+    description?: string;
+    tags: string[];
+    acceptPrefs?: AcceptPrefs;
+    reputation: DiscoveryReputation;
+    liveness: DiscoveryLiveness;
+    registeredAt: string;
+}
+/** Pagination envelope metadata on a discovery search page. */
+export interface DiscoveryPagination {
+    /** Count of ALL agents matching the filters (ignores the page window). */
+    total: number;
+    limit: number;
+    /** ceil(total / limit). */
+    totalPages: number;
+    hasMore: boolean;
+    /** Zero-based page index — offset sorts (reputation / recent) only. */
+    page?: number;
+    /** Cursor for the next page — `sort=created` only, when hasMore (pass as `after`). */
+    nextCursor?: string | null;
+}
+/** `GET /v1/discovery/search` response — a page of rows + pagination metadata. */
+export interface DiscoverySearchResponse {
+    results: DiscoveryResult[];
+    pagination: DiscoveryPagination;
+}
+/**
+ * `GET /v1/discovery/agents/:did/profile` — the composed single-agent
+ * view: public profile + full reputation + liveness in one read.
+ */
+export interface DiscoveryProfile {
+    did: string;
+    name?: string;
+    description?: string;
+    tags: string[];
+    acceptPrefs?: AcceptPrefs;
+    registeredAt: string;
+    reputation: AgentReputation;
+    /** Liveness, plus `lastEventAt` (last protocol event either side). */
+    liveness: DiscoveryLiveness & {
+        lastEventAt?: string | null;
+    };
+}

package/dist/types/inbox.d.ts

@@ -15,3 +15,32 @@ export declare const InboxBlockScopes: {
     readonly ACCOUNT: "account";
     readonly DID: "did";
 };
+/**
+ * One row of the owner's inbox block list (`/v1/inbox/blocks`).
+ * Privacy-safe: it echoes back only the DID you NAMED + scope — never
+ * the resolved owner `accountId` and never the swept sibling DIDs. For
+ * `account` scope you learn "I blocked the owner of this DID", not who
+ * else that owner runs.
+ */
+export interface InboxBlock {
+    scope: InboxBlockScope;
+    /** The DID you named when blocking. */
+    did: string;
+    /** Your private note, or null. */
+    reason: string | null;
+    /** When the block was set (ISO 8601). */
+    blockedAt: string;
+}
+/**
+ * Body for `POST /v1/inbox/blocks` (server DTO `CreateInboxBlockDto`).
+ * You always NAME a DID; by default the server resolves its owner and
+ * blocks every sibling agent (account scope). The target account id is
+ * never returned.
+ */
+export interface BlockInboxBody {
+    did: string;
+    /** Block only this exact DID instead of the whole owner account. */
+    didOnly?: boolean;
+    /** Optional private note (max 512 chars). Visible only to you. */
+    reason?: string;
+}

package/dist/types/index.d.ts

@@ -10,11 +10,13 @@ export type { WorkLogState } from './work-log';
 export { WORK_LOG_STATES, WorkLogStates, isWorkLogState } from './work-log';
 export type { ReadModelStatus } from './event';
 export { READ_MODEL_STATUSES, ReadModelStatuses, isReadModelStatus } from './event';
-export type { DiscoverySort } from './discovery';
+export type { DiscoverySort, DiscoverySearchQuery, DiscoveryReputation, DiscoveryLiveness, DiscoveryResult, DiscoveryPagination, DiscoverySearchResponse, DiscoveryProfile, } from './discovery';
 export { DISCOVERY_SORTS, DiscoverySorts, isDiscoverySort } from './discovery';
-export type { InboxBlockScope } from './inbox';
+export type { InboxBlockScope, InboxBlock, BlockInboxBody } from './inbox';
 export { INBOX_BLOCK_SCOPES, InboxBlockScopes, isInboxBlockScope } from './inbox';
-export type { CliSessionCreated, CliTokenIssued, CliWhoami, MyAgentSummary } from './cli-auth';
-export type { AcceptPrefs, AcceptCurrency } from './agent';
+export type { CliSessionCreated, CliTokenIssued, CliWhoami, MyAgentSummary, CliLoginSessionStoredState, CliLoginSessionWireState, } from './cli-auth';
+export { CLI_LOGIN_SESSION_STORED_STATES, CLI_LOGIN_SESSION_STATES, CliLoginSessionStates, isCliLoginSessionWireState } from './cli-auth';
+export type { AssetIdentifierWire, DelegationPublic, ReceiptPublic, RelationshipPublic, WorkLogPublic, EventPublic, IngestResult } from './read-model';
+export type { AcceptPrefs, AcceptCurrency, AgentRegisteredResponse, AgentPublic, UpdateAgentBody, RegisterAgentRequest, ReputationScores, ReputationCounters, AgentReputation, } from './agent';
 export type { OwnerSigningMethod, KeyLinkPayload, ScryptPasswordAttestation } from './identity';
 export { SCRYPT_PARAMS, OWNER_SIGNING_METHODS } from './identity';

package/dist/types/read-model.d.ts

@@ -0,0 +1,160 @@
+/**
+ * Public read-model row shapes returned by the server's relationship
+ * read endpoints and consumed by the CLI. Framework-agnostic plain
+ * interfaces (no decorators): the server's NestJS DTO classes
+ * `implements` these (keeping their @ApiProperty/@nestjs decorators for
+ * OpenAPI) and the CLI imports them directly — so the wire contract
+ * lives in ONE place and can't drift between the two packages.
+ */
+import type { LockTerminalState } from '../escrow/lock-account';
+import type { BodyType, ReceiptVerdict } from './body';
+import type { DelegationState } from './delegation';
+import type { ReadModelStatus } from './event';
+import type { RelationshipState } from './relationship';
+import type { WorkLogState } from './work-log';
+/**
+ * camelCase REST projection of an asset identifier (the snake_case
+ * envelope form is {@link AssetIdentifier} in body.ts). Embedded on
+ * `DelegationPublic.currency`.
+ */
+export interface AssetIdentifierWire {
+    /** CAIP-19 chain-qualified asset id. */
+    assetId: string;
+    /** Decimals 0-18, for amount → base-unit conversion. */
+    decimals: number;
+    /** Optional UI hint ("USDC", "SOL"). */
+    symbol?: string;
+}
+/**
+ * Public projection of one delegation row (one per delegationId).
+ * `id` is the per-row Mongo ObjectId hex — the opaque `?after=` cursor.
+ */
+export interface DelegationPublic {
+    id: string;
+    delegationId: string;
+    relationshipId: string;
+    offererDid: string;
+    state: DelegationState;
+    title?: string;
+    brief?: Record<string, unknown>;
+    acceptanceCriteria?: string[];
+    deadline?: string;
+    amount?: string;
+    currency?: AssetIdentifierWire;
+    /** Inline agreed terms the on-chain condition_hash binds. */
+    scopeSummary?: string;
+    createdAt: string;
+    updatedAt: string;
+    /** Machine-readable decline reason — present only on DECLINED rows. */
+    declineReason?: string | null;
+    declineReasonDetail?: string | null;
+    /** On-chain settlement outcome, set by the indexer at the terminal flip. */
+    releaseStatus?: LockTerminalState;
+}
+/**
+ * Public projection of one receipt row (one per
+ * delegationId/requestHash/responseHash). Receipts are propose-only.
+ */
+export interface ReceiptPublic {
+    id: string;
+    delegationId: string;
+    relationshipId: string;
+    payeeDid: string;
+    callerDid: string;
+    requestHash: string;
+    /** Opaque request_id from the matching work_request, denormalised at propose. */
+    requestId?: string;
+    responseHash: string;
+    verdictProposed: ReceiptVerdict;
+    usage?: {
+        input_tokens?: number;
+        output_tokens?: number;
+        latency_ms?: number;
+        model?: string;
+        computed_amount?: string;
+    };
+    deliverableHash?: string;
+    notesHash?: string;
+    receiptEventHash: string;
+    /** On-chain settlement outcome, stamped by the indexer on terminal. */
+    releaseStatus?: LockTerminalState;
+    createdAt: string;
+    updatedAt: string;
+}
+/** Public projection of one relationship row (per DID pair). */
+export interface RelationshipPublic {
+    relationshipId: string;
+    pairDidA: string;
+    pairDidB: string;
+    state: RelationshipState;
+    lastEventIndex: number;
+    lastServerEventHash: string | null;
+    lastEventAt: string | null;
+    createdAt: string;
+    updatedAt: string;
+    /** Handshake decline reason — present on CLOSED rows from a decline. */
+    declineReason?: string | null;
+    declineReasonDetail?: string | null;
+}
+/**
+ * Public projection of one work-log row (per delegationId/requestId).
+ * Two-step FSM: a RESPONDED row carries exactly one of responseOutput /
+ * responseError.
+ */
+export interface WorkLogPublic {
+    id: string;
+    delegationId: string;
+    requestId: string;
+    relationshipId: string;
+    callerDid: string;
+    payeeDid: string;
+    state: WorkLogState;
+    requestParams: Record<string, unknown>;
+    responseOutput?: Record<string, unknown>;
+    responseError?: {
+        code: string;
+        message: string;
+    };
+    createdAt: string;
+    updatedAt: string;
+}
+/**
+ * Public projection of one event row — the FULL canonical envelope
+ * (protectedBlock + body + optional attachments + senderSignature) plus
+ * the server-assigned chain coordinates, so a recipient can
+ * re-canonicalise + re-verify locally. `type` is widened to
+ * `BodyType | string` for forward-compat (a server may emit a body type
+ * a given client's union doesn't yet know).
+ */
+export interface EventPublic {
+    eventId: string;
+    messageId: string;
+    senderDid: string;
+    recipientDid: string;
+    relationshipId: string;
+    senderSequence: number;
+    protocolVersion: string;
+    purpose: string;
+    type: BodyType | string;
+    protectedBlock: Record<string, unknown>;
+    body: Record<string, unknown>;
+    attachments?: Record<string, unknown>;
+    senderSignature: string;
+    relationshipEventIndex: number;
+    prevServerEventHash: string | null;
+    serverTimestamp: string;
+    signedMessageHash: string;
+    serverEventHash: string;
+    /** Read-model outcome; `rejected` = committed to chain but body handler threw post-commit. */
+    readModelStatus: ReadModelStatus;
+}
+/** Response shape for `POST /v1/messages` (202 accepted, chain already committed). */
+export interface IngestResult {
+    eventId: string;
+    relationshipEventIndex: number;
+    prevServerEventHash: string | null;
+    signedMessageHash: string;
+    serverEventHash: string;
+    serverTimestamp: string;
+    relationshipId: string;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@heyanon-arp/sdk",
-  "version": "0.0.18",
+  "version": "0.0.24",
   "description": "TypeScript SDK for the Agent Relationship Protocol — canonical JSON, Ed25519 envelope sign/verify, did:arp identity, scrypt key attestation, chain-audit helpers.",
   "license": "MIT",
   "keywords": [