@heyanon-arp/sdk 0.0.4 → 0.0.5

package/dist/did/document.d.ts

@@ -5,11 +5,14 @@
  * `identity_pubkey` from the document (not `decoded(did)`) because
  * `identity_pubkey` may have rotated since registration while the DID
  * itself stays stable.
+ *
+ * No `service[]` endpoint: delivery is server-mediated and agents
+ * pull (poll/SSE inbox), so there is no per-agent inbound endpoint
+ * to advertise.
  */
 export interface DidDocument {
     id: string;
     verificationMethod: VerificationMethod[];
-    service: ServiceEndpoint[];
     metadata: {
         key_mode: KeyMode;
         owner_attestation_id: string;
@@ -23,8 +26,3 @@ export interface VerificationMethod {
     controller: string;
     publicKeyMultibase: string;
 }
-export interface ServiceEndpoint {
-    id: string;
-    type: 'ARPEndpoint';
-    serviceEndpoint: string;
-}

package/dist/did/index.d.ts

@@ -1,2 +1,2 @@
 export { formatDid, parseDid, isValidDid } from './format';
-export type { DidDocument, KeyMode, VerificationMethod, ServiceEndpoint } from './document';
+export type { DidDocument, KeyMode, VerificationMethod } from './document';

package/dist/escrow/condition-hash.d.ts

@@ -1,79 +1,66 @@
 import type { AssetIdentifier } from '../types';
 /**
- * Subset of contract terms that the on-chain `condition_hash` binds.
- * Chosen per the escrow design's "condition_hash semantics" decision:
- * fields that the parties must agree on at offer time AND that the
- * release flow must replay against. Excludes timestamps and
- * decline-reason fields (those only exist on terminal rows; including
- * them would make every accepted contract's hash dependent on
- * non-content metadata).
+ * Subset of DELEGATION terms that the on-chain `condition_hash` binds:
+ *   - `delegationId` is the identity binding — it is the root of the
+ *     on-chain derivation chain (`lock_id = sha256("arp-lock-v1" ||
+ *     delegationId_bytes16)`), so it is known before `create_lock` is
+ *     built → NOT circular.
+ *   - `currency` is the single `delegation.currency` field (the one
+ *     asset for both rate + amount); the projection reads the REAL
+ *     delegation field, so a raw delegation row binds currency with no
+ *     caller pre-mapping.
  *
- * The shape MUST match server-side `deriveConditionHash` byte-for-byte;
- * any drift breaks E5 settlement-digest reconstruction (which reads
- * `condition_hash` from the on-chain Lock and expects it to equal a
- * server-side recompute).
+ * `amount` is intentionally NOT here — the concrete locked amount AND its
+ * mint are bound at settlement via the digest (`buildReleaseDigest` binds
+ * `amount` u64 + `mint` 32B) and on-chain in the Lock account. The
+ * condition_hash binds the agreed TERMS (scope / pricing / settlement /
+ * rate / unit / currency), not the amount.
+ *
+ * The shape MUST match server-side + CLI derivation byte-for-byte; the
+ * golden vectors in `condition-hash.test.ts` pin it.
  */
-export interface ContractTermsSubset {
-    contractId: string;
-    version: number;
+export interface DelegationTermsSubset {
+    delegationId: string;
     scopeSummary: string;
     pricingModel: string;
     settlementModel: string;
     rateAmount?: string;
-    rateCurrency?: AssetIdentifier;
     rateUnit?: string;
-    allowedDelegationTags?: string[];
+    currency?: AssetIdentifier;
 }
 /**
- * Loose input shape — the contract DTO / row / public response object
- * may carry many extra fields (`state`, `relationshipId`, timestamps,
- * decline reasons, etc.). Callers pass that whole object; we project
- * onto `ContractTermsSubset` so extra fields can NEVER influence the
- * condition_hash. This protects against silent drift if the public
- * contract shape grows new fields.
- *
- * All fields are typed as optional here so a row pulled directly from
- * Mongoose (where most contract fields are optional in the schema)
- * fits the shape. The actual validity check happens inside
- * `deriveConditionHash`, which throws if a required projected field
- * is undefined — that surface is the right place to fail because
- * `condition_hash` cannot be derived without it.
+ * Loose input for `deriveDelegationConditionHash`. Callers pass a whole
+ * delegation row / DTO; we project onto `DelegationTermsSubset` so extra
+ * fields (`state`, `relationshipId`, `amount`, timestamps, decline
+ * metadata, …) can NEVER influence the hash. Defensive projection:
+ * extra fields can NEVER influence the hash.
  */
-export interface ContractLikeInput {
-    contractId?: string;
-    version?: number;
+export interface DelegationTermsInput {
+    delegationId?: string;
     scopeSummary?: string;
     pricingModel?: string;
     settlementModel?: string;
     rateAmount?: string;
-    rateCurrency?: AssetIdentifier;
     rateUnit?: string;
-    allowedDelegationTags?: string[];
+    currency?: AssetIdentifier;
     [other: string]: unknown;
 }
 /**
- * Compute the 32-byte sha256 condition_hash that binds an on-chain
- * lock to the off-chain contract terms.
- *
- * The function performs an EXPLICIT FIELD PROJECTION before
- * canonicalisation. Even if the caller passes a full contract row
- * with `state`, `createdAt`, `declineReason`, etc., only the eight
- * whitelisted fields are hashed. This is critical for digest
- * stability across SDK versions: adding a field to the public
- * contract shape MUST NOT change `condition_hash` values for existing
- * contracts.
+ * Compute the 32-byte sha256 condition_hash that binds an on-chain lock
+ * to the off-chain DELEGATION terms.
  *
- * Wire procedure:
- *   1. Project the caller's input onto the whitelisted subset.
- *   2. JCS-canonicalize via the SDK's `canonicalBytes`.
- *   3. sha256 → 32-byte digest.
+ * Wire procedure — explicit field
+ * projection → JCS canonicalize (`canonicalBytes`) → sha256. The
+ * projection is the security boundary: adding a field to the public
+ * delegation shape MUST NOT change `condition_hash` for existing
+ * delegations.
  *
- * The same procedure runs on the server during `delegation.offer`
- * validation AND during `receipt cosign` settlement-digest
- * reconstruction. Any field-set drift between offer-time and
- * cosign-time produces a different hash, which fails Ed25519 verify
- * on-chain.
+ * Runs in THREE places that MUST agree byte-for-byte: the buyer's
+ * offer-prep (CLI), the server's `delegation.offer` validation
+ * (recompute + compare to the on-chain bound hash), and the settlement
+ * digest reconstruction. Any field-set drift produces a different hash
+ * → Ed25519 settlement verify fails on-chain.
  *
  * @returns 32-byte condition_hash
  */
-export declare function deriveConditionHash(contract: ContractLikeInput): Uint8Array;
+export declare function deriveDelegationConditionHash(delegation: DelegationTermsInput): Uint8Array;

package/dist/escrow/create-lock.d.ts

@@ -4,7 +4,7 @@ export interface CreateLockArgs {
     lockId: Uint8Array;
     /** u64 amount in base units. */
     amount: bigint;
-    /** 32-byte condition_hash (deriveConditionHash output). */
+    /** 32-byte condition_hash (deriveDelegationConditionHash output). */
     conditionHash: Uint8Array;
     /** u64 unix-seconds expiry. */
     expiry: bigint;

package/dist/escrow/index.d.ts

@@ -1,4 +1,4 @@
 export { deriveLockId, delegationIdToBytes16, bytes16ToDelegationId } from './lock-id';
-export { deriveConditionHash, type ContractTermsSubset, type ContractLikeInput } from './condition-hash';
+export { deriveDelegationConditionHash, type DelegationTermsSubset, type DelegationTermsInput } from './condition-hash';
 export { parseCaip19SolanaAssetId, type ParsedSolanaAssetId } from './caip19';
 export { buildCreateLockIxData, computeCreateLockDiscriminator, CREATE_LOCK_DISCRIMINATOR, type CreateLockArgs, } from './create-lock';

package/dist/escrow/lock-id.d.ts

@@ -41,7 +41,7 @@ export declare function deriveLockId(delegationId: string): Uint8Array;
  * Either way, the same 16-byte representation comes out (UUID body is
  * the lock-id substrate; the `del_` prefix is a wrapper that exists
  * only so the wire shape is unambiguously a delegation reference vs.
- * a contract / receipt id elsewhere in the canonical JSON). Pushing
+ * a receipt id elsewhere in the canonical JSON). Pushing
  * this normalization down into the SDK gives every caller — CLI,
  * server, future TypeScript clients — a single source of truth.
  *

package/dist/index.d.ts

@@ -9,7 +9,6 @@
  *   - envelope     — sign / verify envelope (steps 4-6 of protocol verification)
  *   - cosignature  — receipt + dispute-response co-signatures
  *   - challenge    — ARP-CHALLENGE-v1 ownership proof (registration / rotation)
- *   - webhook      — ARP-WEBHOOK-v1 HMAC header (outbox delivery)
  *   - attestation  — scrypt key-link + key-rotation attestations
  *   - server-chain — signed_message_hash, server_event_hash, audit walker
  *   - settlement   — ARP-SOLANA-* digest stubs (V1.5)
@@ -27,7 +26,6 @@ export * from './did';
 export * from './envelope';
 export * from './cosignature';
 export * from './challenge';
-export * from './webhook';
 export * from './attestation';
 export * from './server-chain';
 export * from './settlement';

package/dist/index.js

@@ -160,8 +160,6 @@ var Purpose = {
   RECEIPT: "ARP-RECEIPT-v1",
   /** Dispute response co-signature payload. */
   DISPUTE_RESPONSE: "ARP-DISPUTE-RESPONSE-v1",
-  /** Webhook delivery HMAC signature payload. */
-  WEBHOOK: "ARP-WEBHOOK-v1",
   /** Identity ownership challenge proof. */
   CHALLENGE: "ARP-CHALLENGE-v1",
   /** Verifiable Credential issued by the platform. */
@@ -267,54 +265,6 @@ function verifyChallenge(challengeBytes, signature, identityPubkey) {
   if (signature.length !== 64) return false;
   return verify2(signature, buildSigningInput(challengeBytes), identityPubkey);
 }
-function buildWebhookSignatureHeader(input, sharedSecret) {
-  const digest = sha2.sha256(canonicalBytes(input));
-  const mac = hmac.hmac(sha2.sha256, sharedSecret, digest);
-  return `${Purpose.WEBHOOK}=${base.base64.encode(mac)}`;
-}
-function verifyWebhookSignatureHeader(headerValue, input, sharedSecret) {
-  const secrets = Array.isArray(sharedSecret) ? sharedSecret : [sharedSecret];
-  if (secrets.length === 0) return false;
-  let matched = false;
-  for (const secret of secrets) {
-    const expected = buildWebhookSignatureHeader(input, secret);
-    matched = constantTimeEqual(expected, headerValue) || matched;
-  }
-  return matched;
-}
-function verifyAndCheckPayload(args) {
-  const tolerance = args.servedAtToleranceMs === void 0 ? 5 * 6e4 : args.servedAtToleranceMs;
-  if (tolerance !== null) {
-    const servedAtMs = Date.parse(args.input.served_at);
-    const nowMs = (args.now ?? /* @__PURE__ */ new Date()).getTime();
-    if (Number.isNaN(servedAtMs) || Math.abs(nowMs - servedAtMs) > tolerance) return "stale_attempt";
-  }
-  const fullInput = { ...args.input, payload_sha256: sha256HexLower(args.rawBody) };
-  if (!verifyWebhookSignatureHeader(args.headerValue, fullInput, args.secrets)) return "invalid_signature";
-  return "ok";
-}
-function isProbeRequest(headers) {
-  for (const [name, value] of Object.entries(headers)) {
-    if (name.toLowerCase() !== "x-arp-probe") continue;
-    const v = Array.isArray(value) ? value[0] : value;
-    if (v === "1" || v === "true") return true;
-  }
-  return false;
-}
-function sha256HexLower(bytes) {
-  const digest = sha2.sha256(bytes);
-  let hex = "";
-  for (const b of digest) hex += b.toString(16).padStart(2, "0");
-  return hex;
-}
-function constantTimeEqual(a, b) {
-  if (a.length !== b.length) return false;
-  let diff = 0;
-  for (let i = 0; i < a.length; i++) {
-    diff |= a.charCodeAt(i) ^ b.charCodeAt(i);
-  }
-  return diff === 0;
-}
 
 // src/types/identity.ts
 var SCRYPT_PARAMS = {
@@ -611,16 +561,15 @@ function u16LE(value) {
 var SPL_TOKEN_PROGRAM_ID_BASE58 = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA";
 var TOKEN_2022_PROGRAM_ID_BASE58 = "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb";
 function detectTokenProgramFromOwner(mintAccountOwnerBase58) {
-  switch (mintAccountOwnerBase58) {
-    case SPL_TOKEN_PROGRAM_ID_BASE58:
-      return { kind: "legacy", programIdBase58: SPL_TOKEN_PROGRAM_ID_BASE58 };
-    case TOKEN_2022_PROGRAM_ID_BASE58:
-      return { kind: "token-2022", programIdBase58: TOKEN_2022_PROGRAM_ID_BASE58 };
-    default:
-      throw new Error(
-        `detectTokenProgram: unsupported mint owner ${mintAccountOwnerBase58}; ARP escrow supports legacy SPL Token (${SPL_TOKEN_PROGRAM_ID_BASE58}) and Token-2022 (${TOKEN_2022_PROGRAM_ID_BASE58}) only`
-      );
+  if (mintAccountOwnerBase58 === SPL_TOKEN_PROGRAM_ID_BASE58) {
+    return { kind: "legacy", programIdBase58: SPL_TOKEN_PROGRAM_ID_BASE58 };
+  }
+  if (mintAccountOwnerBase58 === TOKEN_2022_PROGRAM_ID_BASE58) {
+    throw new Error(
+      `detectTokenProgram: mint owner is the Token-2022 program (${TOKEN_2022_PROGRAM_ID_BASE58}), which ARP escrow does not support; use a legacy SPL Token mint (${SPL_TOKEN_PROGRAM_ID_BASE58}) or native SOL`
+    );
   }
+  throw new Error(`detectTokenProgram: unsupported mint owner ${mintAccountOwnerBase58}; ARP escrow supports legacy SPL Token (${SPL_TOKEN_PROGRAM_ID_BASE58}) only`);
 }
 function detectTokenProgramFromOwnerBytes(mintAccountOwnerBytes) {
   if (mintAccountOwnerBytes.length !== 32) {
@@ -769,24 +718,22 @@ function resolveAsset(input) {
   return null;
 }
 var WELL_KNOWN_ASSET_KEYS = Object.keys(WELL_KNOWN_ASSETS);
-function deriveConditionHash(contract) {
-  const required = ["contractId", "version", "scopeSummary", "pricingModel", "settlementModel"];
+function deriveDelegationConditionHash(delegation) {
+  const required = ["delegationId", "scopeSummary", "pricingModel", "settlementModel"];
   for (const field of required) {
-    if (contract[field] === void 0) {
-      throw new Error(`deriveConditionHash: required field '${String(field)}' is missing from the contract input`);
+    if (delegation[field] === void 0) {
+      throw new Error(`deriveDelegationConditionHash: required field '${String(field)}' is missing from the delegation input`);
     }
   }
   const subset = {
-    contractId: contract.contractId,
-    version: contract.version,
-    scopeSummary: contract.scopeSummary,
-    pricingModel: contract.pricingModel,
-    settlementModel: contract.settlementModel
+    delegationId: delegation.delegationId,
+    scopeSummary: delegation.scopeSummary,
+    pricingModel: delegation.pricingModel,
+    settlementModel: delegation.settlementModel
   };
-  if (contract.rateAmount !== void 0) subset.rateAmount = contract.rateAmount;
-  if (contract.rateCurrency !== void 0) subset.rateCurrency = contract.rateCurrency;
-  if (contract.rateUnit !== void 0) subset.rateUnit = contract.rateUnit;
-  if (contract.allowedDelegationTags !== void 0) subset.allowedDelegationTags = contract.allowedDelegationTags;
+  if (delegation.rateAmount !== void 0) subset.rateAmount = delegation.rateAmount;
+  if (delegation.rateUnit !== void 0) subset.rateUnit = delegation.rateUnit;
+  if (delegation.currency !== void 0) subset.currency = delegation.currency;
   const bytes = canonicalBytes(subset);
   return sha2.sha256(bytes);
 }
@@ -866,7 +813,6 @@ exports.SETTLEMENT_PURPOSES = SETTLEMENT_PURPOSES;
 exports.SLIP44_SOLANA = SLIP44_SOLANA;
 exports.SOLANA_CLUSTER_IDS = SOLANA_CLUSTER_IDS;
 exports.SPL_TOKEN_PROGRAM_ID_BASE58 = SPL_TOKEN_PROGRAM_ID_BASE58;
-exports.TOKEN_2022_PROGRAM_ID_BASE58 = TOKEN_2022_PROGRAM_ID_BASE58;
 exports.USDC_MINTS = USDC_MINTS;
 exports.WELL_KNOWN_ASSETS = WELL_KNOWN_ASSETS;
 exports.WELL_KNOWN_ASSET_KEYS = WELL_KNOWN_ASSET_KEYS;
@@ -876,14 +822,13 @@ exports.buildCreateLockIxData = buildCreateLockIxData;
 exports.buildPartialReleaseDigest = buildPartialReleaseDigest;
 exports.buildRefundDigest = buildRefundDigest;
 exports.buildReleaseDigest = buildReleaseDigest;
-exports.buildWebhookSignatureHeader = buildWebhookSignatureHeader;
 exports.bytes16ToDelegationId = bytes16ToDelegationId;
 exports.canonicalBytes = canonicalBytes;
 exports.canonicalJson = canonicalJson;
 exports.canonicalSha256Hex = canonicalSha256Hex;
 exports.computeCreateLockDiscriminator = computeCreateLockDiscriminator;
 exports.delegationIdToBytes16 = delegationIdToBytes16;
-exports.deriveConditionHash = deriveConditionHash;
+exports.deriveDelegationConditionHash = deriveDelegationConditionHash;
 exports.deriveLockId = deriveLockId;
 exports.deriveScryptKey = deriveScryptKey;
 exports.detectTokenProgramFromOwner = detectTokenProgramFromOwner;
@@ -895,7 +840,6 @@ exports.generateKeyPair = generateKeyPair;
 exports.getPublicKey = getPublicKey2;
 exports.isAssetIdentifier = isAssetIdentifier;
 exports.isDeclineReason = isDeclineReason;
-exports.isProbeRequest = isProbeRequest;
 exports.isValidDid = isValidDid;
 exports.parseCaip19SolanaAssetId = parseCaip19SolanaAssetId;
 exports.parseDid = parseDid;
@@ -906,7 +850,6 @@ exports.scryptPasswordProofSign = scryptPasswordProofSign;
 exports.scryptPasswordProofVerify = scryptPasswordProofVerify;
 exports.senderNonce = senderNonce;
 exports.serverEventHash = serverEventHash;
-exports.sha256HexLower = sha256HexLower;
 exports.sign = sign2;
 exports.signChallenge = signChallenge;
 exports.signCosignature = signCosignature;
@@ -916,10 +859,8 @@ exports.signKeyRotationAttestation = signKeyRotationAttestation;
 exports.signedMessageHash = signedMessageHash;
 exports.uuidV4 = uuidV4;
 exports.verify = verify2;
-exports.verifyAndCheckPayload = verifyAndCheckPayload;
 exports.verifyChallenge = verifyChallenge;
 exports.verifyCosignature = verifyCosignature;
 exports.verifyEnvelope = verifyEnvelope;
 exports.verifyKeyLinkAttestation = verifyKeyLinkAttestation;
 exports.verifyKeyRotationAttestation = verifyKeyRotationAttestation;
-exports.verifyWebhookSignatureHeader = verifyWebhookSignatureHeader;

package/dist/index.mjs

@@ -135,8 +135,6 @@ var Purpose = {
   RECEIPT: "ARP-RECEIPT-v1",
   /** Dispute response co-signature payload. */
   DISPUTE_RESPONSE: "ARP-DISPUTE-RESPONSE-v1",
-  /** Webhook delivery HMAC signature payload. */
-  WEBHOOK: "ARP-WEBHOOK-v1",
   /** Identity ownership challenge proof. */
   CHALLENGE: "ARP-CHALLENGE-v1",
   /** Verifiable Credential issued by the platform. */
@@ -242,54 +240,6 @@ function verifyChallenge(challengeBytes, signature, identityPubkey) {
   if (signature.length !== 64) return false;
   return verify2(signature, buildSigningInput(challengeBytes), identityPubkey);
 }
-function buildWebhookSignatureHeader(input, sharedSecret) {
-  const digest = sha256(canonicalBytes(input));
-  const mac = hmac(sha256, sharedSecret, digest);
-  return `${Purpose.WEBHOOK}=${base64.encode(mac)}`;
-}
-function verifyWebhookSignatureHeader(headerValue, input, sharedSecret) {
-  const secrets = Array.isArray(sharedSecret) ? sharedSecret : [sharedSecret];
-  if (secrets.length === 0) return false;
-  let matched = false;
-  for (const secret of secrets) {
-    const expected = buildWebhookSignatureHeader(input, secret);
-    matched = constantTimeEqual(expected, headerValue) || matched;
-  }
-  return matched;
-}
-function verifyAndCheckPayload(args) {
-  const tolerance = args.servedAtToleranceMs === void 0 ? 5 * 6e4 : args.servedAtToleranceMs;
-  if (tolerance !== null) {
-    const servedAtMs = Date.parse(args.input.served_at);
-    const nowMs = (args.now ?? /* @__PURE__ */ new Date()).getTime();
-    if (Number.isNaN(servedAtMs) || Math.abs(nowMs - servedAtMs) > tolerance) return "stale_attempt";
-  }
-  const fullInput = { ...args.input, payload_sha256: sha256HexLower(args.rawBody) };
-  if (!verifyWebhookSignatureHeader(args.headerValue, fullInput, args.secrets)) return "invalid_signature";
-  return "ok";
-}
-function isProbeRequest(headers) {
-  for (const [name, value] of Object.entries(headers)) {
-    if (name.toLowerCase() !== "x-arp-probe") continue;
-    const v = Array.isArray(value) ? value[0] : value;
-    if (v === "1" || v === "true") return true;
-  }
-  return false;
-}
-function sha256HexLower(bytes) {
-  const digest = sha256(bytes);
-  let hex = "";
-  for (const b of digest) hex += b.toString(16).padStart(2, "0");
-  return hex;
-}
-function constantTimeEqual(a, b) {
-  if (a.length !== b.length) return false;
-  let diff = 0;
-  for (let i = 0; i < a.length; i++) {
-    diff |= a.charCodeAt(i) ^ b.charCodeAt(i);
-  }
-  return diff === 0;
-}
 
 // src/types/identity.ts
 var SCRYPT_PARAMS = {
@@ -586,16 +536,15 @@ function u16LE(value) {
 var SPL_TOKEN_PROGRAM_ID_BASE58 = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA";
 var TOKEN_2022_PROGRAM_ID_BASE58 = "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb";
 function detectTokenProgramFromOwner(mintAccountOwnerBase58) {
-  switch (mintAccountOwnerBase58) {
-    case SPL_TOKEN_PROGRAM_ID_BASE58:
-      return { kind: "legacy", programIdBase58: SPL_TOKEN_PROGRAM_ID_BASE58 };
-    case TOKEN_2022_PROGRAM_ID_BASE58:
-      return { kind: "token-2022", programIdBase58: TOKEN_2022_PROGRAM_ID_BASE58 };
-    default:
-      throw new Error(
-        `detectTokenProgram: unsupported mint owner ${mintAccountOwnerBase58}; ARP escrow supports legacy SPL Token (${SPL_TOKEN_PROGRAM_ID_BASE58}) and Token-2022 (${TOKEN_2022_PROGRAM_ID_BASE58}) only`
-      );
+  if (mintAccountOwnerBase58 === SPL_TOKEN_PROGRAM_ID_BASE58) {
+    return { kind: "legacy", programIdBase58: SPL_TOKEN_PROGRAM_ID_BASE58 };
+  }
+  if (mintAccountOwnerBase58 === TOKEN_2022_PROGRAM_ID_BASE58) {
+    throw new Error(
+      `detectTokenProgram: mint owner is the Token-2022 program (${TOKEN_2022_PROGRAM_ID_BASE58}), which ARP escrow does not support; use a legacy SPL Token mint (${SPL_TOKEN_PROGRAM_ID_BASE58}) or native SOL`
+    );
   }
+  throw new Error(`detectTokenProgram: unsupported mint owner ${mintAccountOwnerBase58}; ARP escrow supports legacy SPL Token (${SPL_TOKEN_PROGRAM_ID_BASE58}) only`);
 }
 function detectTokenProgramFromOwnerBytes(mintAccountOwnerBytes) {
   if (mintAccountOwnerBytes.length !== 32) {
@@ -744,24 +693,22 @@ function resolveAsset(input) {
   return null;
 }
 var WELL_KNOWN_ASSET_KEYS = Object.keys(WELL_KNOWN_ASSETS);
-function deriveConditionHash(contract) {
-  const required = ["contractId", "version", "scopeSummary", "pricingModel", "settlementModel"];
+function deriveDelegationConditionHash(delegation) {
+  const required = ["delegationId", "scopeSummary", "pricingModel", "settlementModel"];
   for (const field of required) {
-    if (contract[field] === void 0) {
-      throw new Error(`deriveConditionHash: required field '${String(field)}' is missing from the contract input`);
+    if (delegation[field] === void 0) {
+      throw new Error(`deriveDelegationConditionHash: required field '${String(field)}' is missing from the delegation input`);
     }
   }
   const subset = {
-    contractId: contract.contractId,
-    version: contract.version,
-    scopeSummary: contract.scopeSummary,
-    pricingModel: contract.pricingModel,
-    settlementModel: contract.settlementModel
+    delegationId: delegation.delegationId,
+    scopeSummary: delegation.scopeSummary,
+    pricingModel: delegation.pricingModel,
+    settlementModel: delegation.settlementModel
   };
-  if (contract.rateAmount !== void 0) subset.rateAmount = contract.rateAmount;
-  if (contract.rateCurrency !== void 0) subset.rateCurrency = contract.rateCurrency;
-  if (contract.rateUnit !== void 0) subset.rateUnit = contract.rateUnit;
-  if (contract.allowedDelegationTags !== void 0) subset.allowedDelegationTags = contract.allowedDelegationTags;
+  if (delegation.rateAmount !== void 0) subset.rateAmount = delegation.rateAmount;
+  if (delegation.rateUnit !== void 0) subset.rateUnit = delegation.rateUnit;
+  if (delegation.currency !== void 0) subset.currency = delegation.currency;
   const bytes = canonicalBytes(subset);
   return sha256(bytes);
 }
@@ -826,4 +773,4 @@ function computeCreateLockDiscriminator() {
   return h.slice(0, 8);
 }
 
-export { CAIP19_REGEX, COSIGNATURE_PURPOSES, CREATE_LOCK_DISCRIMINATOR, DECLINE_REASONS, PROTECTED_PURPOSES, PURPOSE_PARTIAL_RELEASE_STRING, PURPOSE_REFUND_STRING, PURPOSE_RELEASE_STRING, Purpose, REFUND_REASON_BYTES, SCRYPT_PARAMS, SETTLEMENT_PURPOSES, SLIP44_SOLANA, SOLANA_CLUSTER_IDS, SPL_TOKEN_PROGRAM_ID_BASE58, TOKEN_2022_PROGRAM_ID_BASE58, USDC_MINTS, WELL_KNOWN_ASSETS, WELL_KNOWN_ASSET_KEYS, base58btcDecode, base58btcEncode, buildCreateLockIxData, buildPartialReleaseDigest, buildRefundDigest, buildReleaseDigest, buildWebhookSignatureHeader, bytes16ToDelegationId, canonicalBytes, canonicalJson, canonicalSha256Hex, computeCreateLockDiscriminator, delegationIdToBytes16, deriveConditionHash, deriveLockId, deriveScryptKey, detectTokenProgramFromOwner, detectTokenProgramFromOwnerBytes, expiresAt, findFirstChainDivergence, formatDid, generateKeyPair, getPublicKey2 as getPublicKey, isAssetIdentifier, isDeclineReason, isProbeRequest, isValidDid, parseCaip19SolanaAssetId, parseDid, pollUntil, resolveAsset, rfc3339, scryptPasswordProofSign, scryptPasswordProofVerify, senderNonce, serverEventHash, sha256HexLower, sign2 as sign, signChallenge, signCosignature, signEnvelope, signKeyLinkAttestation, signKeyRotationAttestation, signedMessageHash, uuidV4, verify2 as verify, verifyAndCheckPayload, verifyChallenge, verifyCosignature, verifyEnvelope, verifyKeyLinkAttestation, verifyKeyRotationAttestation, verifyWebhookSignatureHeader };
+export { CAIP19_REGEX, COSIGNATURE_PURPOSES, CREATE_LOCK_DISCRIMINATOR, DECLINE_REASONS, PROTECTED_PURPOSES, PURPOSE_PARTIAL_RELEASE_STRING, PURPOSE_REFUND_STRING, PURPOSE_RELEASE_STRING, Purpose, REFUND_REASON_BYTES, SCRYPT_PARAMS, SETTLEMENT_PURPOSES, SLIP44_SOLANA, SOLANA_CLUSTER_IDS, SPL_TOKEN_PROGRAM_ID_BASE58, USDC_MINTS, WELL_KNOWN_ASSETS, WELL_KNOWN_ASSET_KEYS, base58btcDecode, base58btcEncode, buildCreateLockIxData, buildPartialReleaseDigest, buildRefundDigest, buildReleaseDigest, bytes16ToDelegationId, canonicalBytes, canonicalJson, canonicalSha256Hex, computeCreateLockDiscriminator, delegationIdToBytes16, deriveDelegationConditionHash, deriveLockId, deriveScryptKey, detectTokenProgramFromOwner, detectTokenProgramFromOwnerBytes, expiresAt, findFirstChainDivergence, formatDid, generateKeyPair, getPublicKey2 as getPublicKey, isAssetIdentifier, isDeclineReason, isValidDid, parseCaip19SolanaAssetId, parseDid, pollUntil, resolveAsset, rfc3339, scryptPasswordProofSign, scryptPasswordProofVerify, senderNonce, serverEventHash, sign2 as sign, signChallenge, signCosignature, signEnvelope, signKeyLinkAttestation, signKeyRotationAttestation, signedMessageHash, uuidV4, verify2 as verify, verifyChallenge, verifyCosignature, verifyEnvelope, verifyKeyLinkAttestation, verifyKeyRotationAttestation };

package/dist/purpose.d.ts

@@ -17,8 +17,6 @@ export declare const Purpose: {
     readonly RECEIPT: "ARP-RECEIPT-v1";
     /** Dispute response co-signature payload. */
     readonly DISPUTE_RESPONSE: "ARP-DISPUTE-RESPONSE-v1";
-    /** Webhook delivery HMAC signature payload. */
-    readonly WEBHOOK: "ARP-WEBHOOK-v1";
     /** Identity ownership challenge proof. */
     readonly CHALLENGE: "ARP-CHALLENGE-v1";
     /** Verifiable Credential issued by the platform. */
@@ -45,7 +43,7 @@ export declare const Purpose: {
 export type PurposeValue = (typeof Purpose)[keyof typeof Purpose];
 /**
  * `protected.purpose` accepts a subset — the others are payload-level
- * (co-signature / settlement-signature / webhook).
+ * (co-signature / settlement-signature).
  */
 export declare const PROTECTED_PURPOSES: readonly PurposeValue[];
 export declare const COSIGNATURE_PURPOSES: readonly PurposeValue[];

package/dist/settlement/index.d.ts

@@ -1,4 +1,4 @@
 export { buildReleaseDigest, buildPartialReleaseDigest, buildRefundDigest, REFUND_REASON_BYTES, PURPOSE_RELEASE_STRING, PURPOSE_PARTIAL_RELEASE_STRING, PURPOSE_REFUND_STRING, } from './settlement';
 export type { ReleaseDigestInput, PartialReleaseDigestInput, RefundDigestInput, RefundReasonByte } from './settlement';
-export { detectTokenProgramFromOwner, detectTokenProgramFromOwnerBytes, SPL_TOKEN_PROGRAM_ID_BASE58, TOKEN_2022_PROGRAM_ID_BASE58, } from './token-program';
+export { detectTokenProgramFromOwner, detectTokenProgramFromOwnerBytes, SPL_TOKEN_PROGRAM_ID_BASE58 } from './token-program';
 export type { TokenProgramKind, TokenProgramDetection } from './token-program';

package/dist/settlement/token-program.d.ts

@@ -1,47 +1,34 @@
 /**
- * Token-2022 program detection helpers.
+ * Token program detection helpers.
  *
- * The escrow contract dispatches transfer / close-account CPIs based on
- * the mint's program kind: legacy SPL Token (`TokenkegQ...`) or Token-2022
- * (`TokenzQdB...`). The kind is detected on-chain from the mint account's
- * `owner` field; this helper mirrors that logic for off-chain consumers
- * (tx builders, indexers, decoders).
+ * ARP escrow settles in native SOL or a legacy SPL Token mint. The
+ * escrow contract dispatches transfer / close-account CPIs based on the
+ * mint's program kind, detected on-chain from the mint account's `owner`
+ * field; this helper mirrors that logic for off-chain consumers (tx
+ * builders, indexers, decoders).
  *
- * The function takes a 40-byte (or longer) account info buffer in the
- * standard Solana on-chain account layout — the FIRST 32 bytes are the
- * account's owner pubkey (in the wire-level AccountInfoSerialised shape
- * used by getAccountInfo RPC's "encoding=base64" + custom layout). For
- * the more common `getAccountInfo` response, callers should pass the
- * `owner` field directly via a 32-byte buffer.
+ * Token-2022 (the token-extensions program) is NOT supported — a mint
+ * owned by it is rejected here so it can never enter the escrow flow.
  *
- * NOTE: `mintAccountOwnerPubkey` is the OWNER of the mint account on
- * Solana — i.e. the token program that minted it — NOT the mint's
- * mint_authority. Confusingly, both are called "owner" in different
- * contexts.
+ * The function takes the mint account's `owner` pubkey — the program
+ * that minted it — NOT the mint's mint_authority. Confusingly, both are
+ * called "owner" in different contexts.
  */
 /**
  * Legacy SPL Token program ID (base58: `TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA`).
  */
 export declare const SPL_TOKEN_PROGRAM_ID_BASE58 = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA";
 /**
- * Token-2022 program ID (base58: `TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb`).
- */
-export declare const TOKEN_2022_PROGRAM_ID_BASE58 = "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb";
-/**
- * Token program kind. Maps to the new contract's `token_program_kind`
- * u8 emitted on `LockCreated` events
- * (`apps/arp-solana-contract/programs/arp-solana-contract/src/events.rs`):
- *   'native'     → 0  (mint == `Pubkey::default()`; the program
- *                      ignores the token_program slot but Anchor
- *                      still requires SPL Token or Token-2022 in it)
- *   'legacy'     → 1  (legacy SPL Token program)
- *   'token-2022' → 2  (Token-2022 program)
+ * Token program kind. Maps to the contract's `token_program_kind` u8 on
+ * `LockCreated` events: `native` → 0, `legacy` → 1. (The contract also
+ * defines `2` for Token-2022, but ARP no longer supports it — such a
+ * lock is rejected before it is tracked, so this type never carries it.)
  *
- * `detectTokenProgramFromOwner` below resolves the kind for a NON-
- * native mint by looking at its `.owner` field; native locks are
- * detected from the mint slot value, not from this helper.
+ * `detectTokenProgramFromOwner` resolves the kind for a NON-native mint
+ * by looking at its `.owner` field; native locks are detected from the
+ * mint slot value, not from this helper.
  */
-export type TokenProgramKind = 'legacy' | 'token-2022' | 'native';
+export type TokenProgramKind = 'legacy' | 'native';
 /**
  * Result of `detectTokenProgram`: the program kind + a typed branding for
  * downstream consumers.
@@ -55,9 +42,9 @@ export interface TokenProgramDetection {
  * Detect a mint's token program kind from its OWNER pubkey (the program
  * that owns the mint account in Solana account terms).
  *
- * Throws if the owner is neither legacy SPL Token nor Token-2022 — escrow
- * does not support any other token program (would dispatch CPI to a
- * non-existent surface).
+ * Returns `legacy` for a legacy SPL Token mint. Throws for a Token-2022
+ * mint (unsupported) or any other owner — escrow would otherwise
+ * dispatch a CPI to a surface it does not handle.
  *
  * @param mintAccountOwnerBase58 — the mint account's `.owner` field as
  * a base58 string. From `connection.getAccountInfo(mintPubkey)`, this is

package/dist/types/body.d.ts

@@ -9,8 +9,8 @@
  */
 import type { Body, Did, Sha256Hex } from './envelope';
 /**
- * Chain-qualified asset identifier carried by `contract.rate_currency`
- * and `delegation.currency`. Replaces the V1 string-enum `'USDC'`
+ * Chain-qualified asset identifier carried by `delegation.currency`
+ * (the single asset for both rate + amount). Replaces the V1 string-enum `'USDC'`
  * placeholder — that shape can't disambiguate `USDC on Solana mainnet`
  * from `USDC on Polygon` or `USDC.e bridged on Avalanche` (all the same
  * ticker, different on-chain assets). It also can't represent native
@@ -28,14 +28,10 @@ import type { Body, Did, Sha256Hex } from './envelope';
  *   - `symbol` — short human-readable hint for UI ("USDC", "SOL").
  *     Not used for any logic — purely display sugar. Optional.
  *
- * Validation invariants (server-enforced, both `rate_currency` on the
- * contract and `currency` on the delegation):
+ * Validation invariants (server-enforced on `delegation.currency`):
  *   • `asset_id` ∈ /^[-a-z0-9]{3,8}:[-_a-zA-Z0-9]{1,32}\/[-a-z0-9]{3,8}:[-.%a-zA-Z0-9]{1,128}$/
  *   • `decimals` ∈ [0, 18]
  *   • `symbol` length ∈ [1, 16] if present
- *   • For `delegation.currency`: must match the contract's
- *     `rate_currency.asset_id` if the contract specifies one
- *     (a delegation under a USDC-priced contract can't quote in SOL).
  */
 export interface AssetIdentifier {
     /** CAIP-19 chain-qualified asset id — e.g. `solana:5eykt.../spl:EPjFWdd5...` */
@@ -47,9 +43,8 @@ export interface AssetIdentifier {
 }
 /**
  * Closed enum of machine-readable decline reasons used across the
- * three decline sites in V1:
+ * two decline sites in V1:
  *   • `handshake_response.content.decision === 'decline'`
- *   • `contract.content.action === 'decline'`
  *   • `delegation.content.action === 'decline'`
  *
  * Required on every decline envelope so the counterparty's reactor
@@ -77,7 +72,7 @@ export declare const DECLINE_REASONS: readonly DeclineReason[];
 export declare function isDeclineReason(v: unknown): v is DeclineReason;
 /**
  * `handshake` — first signed exchange between two agents. Establishes
- * relationship; not a contract.
+ * the relationship; carries no terms (those live on the delegation).
  */
 export interface HandshakeBody extends Body<HandshakeContent> {
     type: 'handshake';
@@ -110,32 +105,8 @@ export interface HandshakeResponseContent {
     [extra: string]: unknown;
 }
 /**
- * `contract` — co-signed agreement between two agents. `action`
- * discriminates lifecycle events.
- */
-export interface ContractBody extends Body<ContractContent> {
-    type: 'contract';
-}
-export interface ContractContent {
-    action: 'proposal' | 'counter' | 'sign' | 'decline';
-    contract_id: string;
-    version: number;
-    scope_summary?: string;
-    pricing_model?: 'flat' | 'usage_based';
-    settlement_model?: 'prepaid' | 'escrow';
-    rate_amount?: string;
-    rate_currency?: AssetIdentifier;
-    rate_unit?: 'task' | 'thread' | 'handoff';
-    allowed_delegation_tags?: string[];
-    /** Machine-readable reason — REQUIRED when `action === 'decline'`. See `DeclineReason`. */
-    reason?: DeclineReason;
-    /** Optional free-text elaboration (e.g. "rate floor 0.20 USDC for current model pricing"). */
-    reason_detail?: string;
-    [extra: string]: unknown;
-}
-/**
- * `delegation` — concrete task offer or lifecycle action under an
- * active contract. `action` discriminates the lifecycle event.
+ * `delegation` — concrete task offer or lifecycle action. `action`
+ * discriminates the lifecycle event.
  */
 export interface DelegationBody extends Body<DelegationContent> {
     type: 'delegation';
@@ -143,13 +114,17 @@ export interface DelegationBody extends Body<DelegationContent> {
 export interface DelegationContent {
     action: 'offer' | 'accept' | 'decline' | 'cancel';
     delegation_id: string;
-    contract_id: string;
     title?: string;
     brief?: Record<string, unknown>;
     acceptance_criteria?: string[];
     deadline?: string;
     amount?: string;
     currency?: AssetIdentifier;
+    scope_summary?: string;
+    pricing_model?: 'flat' | 'usage_based';
+    settlement_model?: 'prepaid' | 'escrow';
+    rate_amount?: string;
+    rate_unit?: 'task' | 'thread' | 'handoff';
     /** Machine-readable reason — REQUIRED when `action === 'decline'`. See `DeclineReason`. */
     reason?: DeclineReason;
     /** Optional free-text elaboration (e.g. "delegation offer missing required brief.goal field"). */
@@ -210,18 +185,6 @@ export interface ReceiptContent {
     notes_hash?: Sha256Hex;
     [extra: string]: unknown;
 }
-/**
- * `memory_delta` — append-only update to a relationship's shared memory.
- */
-export interface MemoryDeltaBody extends Body<MemoryDeltaContent> {
-    type: 'memory_delta';
-}
-export interface MemoryDeltaContent {
-    kind: 'intro' | 'handoff' | 'preference' | 'note' | 'decision' | 'continuity';
-    scope: 'thread_only' | 'thread_and_pilot';
-    content: string;
-    supersedes?: string;
-}
 /**
  * `dispute` — challenge against a delegation outcome. `action`
  * discriminates lifecycle events.
@@ -336,7 +299,7 @@ export interface SettlementSignatureContent {
      * Base-unit decimal-integer string — required when `purpose ===
      * 'ARP-SOLANA-PARTIAL-RELEASE-v1.5'`, omitted (or undefined) for
      * full RELEASE. The server cross-checks it against
-     * `receipt.usage.computed_amount` for usage_based contracts before
+     * `receipt.usage.computed_amount` for usage_based delegations before
      * verifying the digest (same invariant
      * `ESC_USAGE_COMPUTED_AMOUNT_MISMATCH` already guards on the
      * propose-time receipt body).
@@ -348,7 +311,7 @@ export interface SettlementSignatureContent {
  * Union over every standard body type. Consumers can narrow on
  * `body.type` via discriminated dispatch.
  */
-export type AnyBody = HandshakeBody | HandshakeResponseBody | ContractBody | DelegationBody | WorkRequestBody | WorkResponseBody | ReceiptBody | MemoryDeltaBody | DisputeBody | SettlementSignatureBody;
+export type AnyBody = HandshakeBody | HandshakeResponseBody | DelegationBody | WorkRequestBody | WorkResponseBody | ReceiptBody | DisputeBody | SettlementSignatureBody;
 /** Receipt co-signature payload — what gets `payload_hash`'d in `attachments.co_signature`. */
 export interface ReceiptCosignPayload {
     purpose: 'ARP-RECEIPT-v1';

package/dist/types/envelope.d.ts

@@ -3,7 +3,7 @@ import type { PurposeValue } from '../purpose';
  * Wire-level types per [00-core/protocol.md](../../../00-core/protocol.md)
  * and [00-core/schemas.md](../../../00-core/schemas.md).
  *
- * Body-type-specific shapes (handshake / contract / delegation / receipt
+ * Body-type-specific shapes (handshake / delegation / receipt
  * / etc.) live alongside their handlers in the consumer code — keeping
  * them out of this file avoids the SDK becoming a kitchen-sink of every
  * message type. A consumer who needs typed bodies can extend `Envelope<T>`

package/dist/types/index.d.ts

@@ -1,5 +1,5 @@
 export type { Sha256Hex, Ed25519Sig, Did, ProtectedBlock, Body, Attachments, CoSignature, SettlementSignatures, SettlementParty, EscrowLockAttachment, Envelope, PersistedEvent, } from './envelope';
-export type { HandshakeBody, HandshakeContent, HandshakeResponseBody, HandshakeResponseContent, ContractBody, ContractContent, DelegationBody, DelegationContent, WorkRequestBody, WorkRequestContent, WorkResponseBody, WorkResponseContent, ReceiptBody, ReceiptContent, MemoryDeltaBody, MemoryDeltaContent, DisputeBody, DisputeContent, SettlementSignatureBody, SettlementSignatureContent, AnyBody, ReceiptCosignPayload, DisputeResponseCosignPayload, CosignPayload, DeclineReason, AssetIdentifier, } from './body';
+export type { HandshakeBody, HandshakeContent, HandshakeResponseBody, HandshakeResponseContent, DelegationBody, DelegationContent, WorkRequestBody, WorkRequestContent, WorkResponseBody, WorkResponseContent, ReceiptBody, ReceiptContent, DisputeBody, DisputeContent, SettlementSignatureBody, SettlementSignatureContent, AnyBody, ReceiptCosignPayload, DisputeResponseCosignPayload, CosignPayload, DeclineReason, AssetIdentifier, } from './body';
 export { DECLINE_REASONS, isDeclineReason } from './body';
 export type { OwnerSigningMethod, KeyLinkPayload, KeyRotationPayload, ScryptPasswordAttestation } from './identity';
 export { SCRYPT_PARAMS } from './identity';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@heyanon-arp/sdk",
-  "version": "0.0.4",
+  "version": "0.0.5",
   "description": "TypeScript SDK for the Agent Relationship Protocol — canonical JSON, Ed25519 envelope sign/verify, did:arp identity, receipt co-signatures, scrypt key attestation, chain-audit helpers.",
   "license": "MIT",
   "keywords": [

package/dist/webhook/index.d.ts

@@ -1,3 +0,0 @@
-export { buildWebhookSignatureHeader, isProbeRequest, sha256HexLower, verifyAndCheckPayload, verifyWebhookSignatureHeader } from './webhook';
-export type { WebhookSignableInput, WebhookSignableSource } from './webhook';
-export type { ChainEventRecoveryRow, ChainEventRecoveryRowCommon, ChainPayloadCommon, ChainWebhookPayload, DisputeResolvedWebhookPayload, EnvelopeWebhookPayload, LockCreatedWebhookPayload, LockPartiallyReleasedWebhookPayload, LockRefundedWebhookPayload, LockReleasedWebhookPayload, WebhookPayload, } from './payload-types';

package/dist/webhook/payload-types.d.ts

@@ -1,198 +0,0 @@
-/**
- * SDK consumer types for the on-the-wire body the OutboxDeliveryWorker
- * POSTs to a recipient's `webhookUrl`. Mirrors the JSON shape the
- * server's `OutboxDeliveryWorkerService.deliver` builds.
- *
- * The body is a discriminated union on `event_type`:
- *
- *   - `envelope.<type>` → `payload` is the envelope `EventPublic`
- *     shape (eventId, messageId, sender/recipient DIDs, protected
- *     block, body, attachments, server-derived hashes).
- *   - `escrow.<event>` → `payload` is the per-event-type chain shape
- *     (delegation/lock IDs, amounts, verdict, etc.).
- *
- * Recipient TypeScript consumers `switch (payload.event_type)` to
- * branch exhaustively without `default` — drift on either side
- * surfaces as a missing-case compile error.
- */
-/**
- * What the server-side `events` collection row looks like on the wire
- * after `buildEnvelopeDeliveryPayload` formatting. Recipients see the
- * full canonical envelope so they can re-verify the signature locally
- * with the SDK (same call they'd make on `/inbox?since=` rows).
- *
- * Body shape varies by `type` — keep `body` open (the SDK's
- * type-narrowing for each `BodyType` lives in
- * `packages/sdk/src/envelope/*` and is consumed when the recipient
- * branches on body.type).
- */
-export interface EnvelopeWebhookPayload {
-    event_type: `envelope.${string}`;
-    delivery_id: string;
-    attempt_n: number;
-    served_at: string;
-    payload: {
-        eventId: string;
-        messageId: string;
-        senderDid: string;
-        recipientDid: string;
-        relationshipId: string;
-        senderSequence: number;
-        protocolVersion: string;
-        purpose: string;
-        type: string;
-        protectedBlock: Record<string, unknown>;
-        body: Record<string, unknown>;
-        attachments?: Record<string, unknown>;
-        senderSignature: string;
-        relationshipEventIndex: number;
-        prevServerEventHash: string | null;
-        serverTimestamp: string;
-        signedMessageHash: string;
-        serverEventHash: string;
-    };
-}
-/**
- * Fields every chain-source payload carries. `chain_event_id` +
- * `instruction_idx` let the recipient reconstruct
- * `WebhookSignableInput.source` for HMAC verification from the body
- * alone — no reverse-parse of `delivery_id` required.
- */
-export interface ChainPayloadCommon {
-    chain_event_id: string;
-    instruction_idx: number;
-    delegation_id: string;
-    relationship_id: string;
-    payer_did: string;
-    payee_did: string;
-    tx_signature: string;
-    slot: number;
-    block_time_iso?: string;
-    lock_id: string;
-}
-export interface LockCreatedWebhookPayload {
-    event_type: 'escrow.lock_created';
-    delivery_id: string;
-    attempt_n: number;
-    served_at: string;
-    payload: ChainPayloadCommon & {
-        amount: string;
-        asset_id?: string;
-        expiry_unix?: number;
-        fee_bps?: number;
-        fee_recipient?: string;
-    };
-}
-export interface LockReleasedWebhookPayload {
-    event_type: 'escrow.lock_released';
-    delivery_id: string;
-    attempt_n: number;
-    served_at: string;
-    payload: ChainPayloadCommon & {
-        released_amount: string;
-    };
-}
-export interface LockPartiallyReleasedWebhookPayload {
-    event_type: 'escrow.lock_partially_released';
-    delivery_id: string;
-    attempt_n: number;
-    served_at: string;
-    payload: ChainPayloadCommon & {
-        released_amount: string;
-        refunded_amount: string;
-    };
-}
-export interface LockRefundedWebhookPayload {
-    event_type: 'escrow.lock_refunded';
-    delivery_id: string;
-    attempt_n: number;
-    served_at: string;
-    payload: ChainPayloadCommon & {
-        refunded_amount: string;
-        reason?: string;
-    };
-}
-export interface DisputeResolvedWebhookPayload {
-    event_type: 'escrow.dispute_resolved';
-    delivery_id: string;
-    attempt_n: number;
-    served_at: string;
-    payload: ChainPayloadCommon & {
-        verdict: string;
-    };
-}
-/**
- * Discriminated union of every webhook delivery the recipient might
- * receive. Use exhaustive `switch` on `event_type`:
- *
- * ```ts
- * function handle(p: WebhookPayload) {
- *   switch (p.event_type) {
- *     case 'escrow.lock_created': return onLockCreated(p);
- *     case 'escrow.lock_released': return onLockReleased(p);
- *     case 'escrow.lock_partially_released': return onPartial(p);
- *     case 'escrow.lock_refunded': return onRefund(p);
- *     case 'escrow.dispute_resolved': return onDispute(p);
- *     default:
- *       // p.event_type is `envelope.${string}` here
- *       return onEnvelope(p);
- *   }
- * }
- * ```
- *
- * The chain branches narrow exhaustively because each is a string-
- * literal type; the envelope branch carries the catch-all
- * `envelope.${string}` template-literal type so recipients can
- * still narrow on `payload.type` if they care about specific body
- * types.
- */
-export type ChainWebhookPayload = LockCreatedWebhookPayload | LockReleasedWebhookPayload | LockPartiallyReleasedWebhookPayload | LockRefundedWebhookPayload | DisputeResolvedWebhookPayload;
-export type WebhookPayload = EnvelopeWebhookPayload | ChainWebhookPayload;
-/**
- * Fields every recovery row carries irrespective of event type — the
- * envelope around the per-event-type `payload`.
- */
-export interface ChainEventRecoveryRowCommon {
-    chain_event_id: string;
-    delegation_id: string;
-    relationship_id: string;
-    lock_id: string;
-    tx_signature: string;
-    slot: number;
-    block_time_iso?: string;
-    created_at: string;
-}
-/**
- * Recovery channel for chain events. Returned by the
- * `GET /v1/agents/me/chain-events?since=…` endpoint. Recipients call
- * this on handler restart / reconnection to catch any chain events
- * they missed while their handler was down.
- *
- * **Discriminated union**: both `event_type` and `payload` come from
- * the SAME tagged union — `switch (row.event_type)` narrows
- * `row.payload` to the right per-event-type shape so the advertised
- * "share a single handler between push and pull" actually type-checks.
- *
- *   switch (row.event_type) {
- *     case 'escrow.lock_released':
- *       // row.payload is LockReleasedWebhookPayload['payload'] here
- *       break;
- *     ...
- *   }
- */
-export type ChainEventRecoveryRow = ChainEventRecoveryRowCommon & ({
-    event_type: 'escrow.lock_created';
-    payload: LockCreatedWebhookPayload['payload'];
-} | {
-    event_type: 'escrow.lock_released';
-    payload: LockReleasedWebhookPayload['payload'];
-} | {
-    event_type: 'escrow.lock_partially_released';
-    payload: LockPartiallyReleasedWebhookPayload['payload'];
-} | {
-    event_type: 'escrow.lock_refunded';
-    payload: LockRefundedWebhookPayload['payload'];
-} | {
-    event_type: 'escrow.dispute_resolved';
-    payload: DisputeResolvedWebhookPayload['payload'];
-});

package/dist/webhook/webhook.d.ts

@@ -1,158 +0,0 @@
-/**
- * `ARP-WEBHOOK-v1` HMAC over the canonical webhook envelope. Used by
- * the OutboxDeliveryWorker for the `X-ARP-Signature` header.
- *
- * The signable input is a discriminated `source` union covering BOTH
- * envelope deliveries (`source.kind === 'envelope'`) AND chain
- * settlement events (`source.kind === 'chain'`). The single
- * canonical-JSON output binds the HMAC to the source variant so a
- * recipient receiving a chain webhook can't accidentally verify
- * against an envelope-shaped signable, and vice versa.
- *
- * The body-tampering defence (`payload_sha256`) is mandatory on the
- * new shape — recipients SHOULD verify the hash matches their
- * received raw body BEFORE the HMAC check (cheap, and surfaces
- * "wrong body" as a separate diagnostic from "wrong HMAC").
- */
-export type WebhookSignableSource = {
-    kind: 'envelope';
-    envelope_message_id: string;
-    server_event_hash: string;
-} | {
-    kind: 'chain';
-    chain_event_id: string;
-    tx_signature: string;
-    instruction_idx: number;
-};
-export interface WebhookSignableInput {
-    /** Outbox row id (deterministic per delivery attempt). */
-    delivery_id: string;
-    recipient_did: string;
-    /** Public event-type discriminator (`envelope.<type>` or `escrow.<event>`). */
-    event_type: string;
-    /** Source-variant discriminated union. Binds the HMAC to the kind. */
-    source: WebhookSignableSource;
-    /** SHA-256 (lowercase hex, no `sha256:` prefix) of the canonical raw body bytes the recipient receives. */
-    payload_sha256: string;
-    /** 1-based retry counter — participates in canonical input so replays of an old header on a fresh attempt fail. */
-    attempt_n: number;
-    /** RFC 3339 wall-clock time the server generated this attempt. Recipient policy MAY reject outside a tolerance window. */
-    served_at: string;
-}
-/**
- * Compute `X-ARP-Signature` value:
- *   `<purpose>=<base64(HMAC-SHA256(secret, sha256(canonical_json(input))))>`.
- *
- * Recipients lookup their per-sender shared secret(s), recompute the
- * HMAC over the same canonical input, and compare against the
- * received header. See `verifyWebhookSignatureHeader` for the
- * standard recipient flow with rotation grace.
- */
-export declare function buildWebhookSignatureHeader(input: WebhookSignableInput, sharedSecret: Uint8Array): string;
-/**
- * Verify an inbound `X-ARP-Signature` header against the reconstructed
- * signable input. The 3-argument form is the convenience for
- * single-secret consumers (most use); the array form is the rotation-
- * grace path (two-phase rotate: recipient verifies against
- * `[current, pending, previous]` during the 1h grace window).
- *
- * Returns `false` on shape mismatch, missing purpose label, OR HMAC
- * mismatch under EVERY supplied secret. Never throws.
- *
- * **Timing-uniform across rotation slots** — the array form runs ALL
- * HMAC computations + constant-time compares before returning, so the
- * total time is proportional to N (number of secrets) regardless of
- * which slot matched. A short-circuiting implementation would leak
- * the position of the matching key via total time. Practical impact
- * is small (attacker would only learn "current vs pending vs previous
- * matched", not key material), but timing-uniform is the right
- * default for a verification primitive.
- *
- * Recipient flow:
- *   1. Receive POST with `X-ARP-Signature` header + raw body bytes.
- *   2. Compute `payload_sha256 = sha256-hex(rawBodyBytes)`.
- *   3. Reconstruct `WebhookSignableInput` from headers + payload sha256.
- *   4. Call `verifyWebhookSignatureHeader(header, input, [current, pending, previous].filter(Boolean))`.
- *   5. On `true`, accept. On `false`, 401 the request.
- *
- * Helper `verifyAndCheckPayload` (below) bundles steps 2-4 into one
- * call for the common path.
- */
-export declare function verifyWebhookSignatureHeader(headerValue: string, input: WebhookSignableInput, sharedSecret: Uint8Array | Uint8Array[]): boolean;
-/**
- * Recipient convenience: combine body-hash binding + HMAC verify +
- * optional `served_at` clock-skew tolerance into one call.
- *
- *   1. Compute `payload_sha256 = sha256-hex(rawBody)` and OVERLAY it
- *      onto `input.payload_sha256` (caller's value, if any, is
- *      replaced).
- *   2. Verify `served_at` is within `toleranceMs` of `now()` (default
- *      ±5 minutes; pass `null` to skip).
- *   3. Verify HMAC against each secret in `secrets`.
- *
- * Returns a tagged outcome the caller can branch on:
- *   - `'ok'` — accept the delivery
- *   - `'stale_attempt'` — served_at outside the tolerance window
- *   - `'invalid_signature'` — HMAC didn't verify under any secret
- *
- * **Why no `body_mismatch` outcome** — `payload_sha256` is a derived
- * field bound to the raw body. The HMAC signs the input INCLUDING
- * `payload_sha256`, so a tampered body causes the recipient's
- * recomputed hash to differ from the server-signed one, which fails
- * the HMAC check as `'invalid_signature'`. Body tampering is
- * detected via the HMAC failure; if you need a dedicated diagnostic,
- * compute `sha256HexLower(rawBody)` yourself and compare to an
- * out-of-band trusted source (e.g. a signed mirror of the body).
- */
-export declare function verifyAndCheckPayload(args: {
-    headerValue: string;
-    /** Reconstructed signable input MINUS `payload_sha256` — helper computes that field from `rawBody`. */
-    input: Omit<WebhookSignableInput, 'payload_sha256'>;
-    rawBody: Uint8Array;
-    secrets: Uint8Array | Uint8Array[];
-    servedAtToleranceMs?: number | null;
-    now?: Date;
-}): 'ok' | 'stale_attempt' | 'invalid_signature';
-/**
- * Probe-skip helper for recipient handlers. The `POST /v1/agents/me/webhook-config`
- * flow fires an UNSIGNED probe POST with the `X-ARP-Probe: 1` header.
- * Recipient handlers MUST 2xx without HMAC verification on probe
- * requests — otherwise the operator can't set their webhook URL
- * (the probe gets rejected as unsigned, the URL persist step fails).
- *
- * Use this at the top of your handler:
- *
- * ```ts
- * if (isProbeRequest(req.headers)) {
- *   res.statusCode = 200;
- *   res.end();
- *   return;
- * }
- * // Otherwise: verify signature normally.
- * ```
- *
- * Header values are inspected case-insensitively per Node's
- * IncomingMessage convention.
- *
- * **SECURITY (spoofability)** — the helper is a pure header check;
- * it cannot itself defend against an attacker setting
- * `X-ARP-Probe: 1` to bypass HMAC verification. The probe branch
- * in your handler MUST be side-effect-free:
- *
- *   - Respond 2xx with an empty body — no DB write, no downstream
- *     fan-out, no metric increment that an attacker could amplify.
- *   - Consider rate-limiting probe-skipped requests per source IP if
- *     the surrounding stack doesn't already.
- *   - Do NOT log full request bodies on the probe branch (an
- *     attacker can pump log noise).
- *   - If your handler genuinely has zero side-effects on a 200
- *     response, this is automatic; otherwise treat the probe branch
- *     as you would an unauthenticated health-check endpoint.
- */
-export declare function isProbeRequest(headers: Record<string, string | string[] | undefined>): boolean;
-/**
- * SHA-256 hex digest of the input bytes, lowercase. Exported for unit
- * tests + the rare consumer that needs to compute payload_sha256
- * outside `verifyAndCheckPayload`.
- */
-export declare function sha256HexLower(bytes: Uint8Array): string;