npm - @highway1/core - Versions diffs - 0.1.47 → 0.1.51 - Mend

@highway1/core 0.1.47 → 0.1.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/index.d.ts +496 -46
package/dist/index.js +1034 -626
package/dist/index.js.map +1 -1
package/package.json +11 -23
package/src/discovery/relay-index.ts +98 -0
package/src/index.ts +9 -3
package/src/messaging/defense.ts +236 -0
package/src/messaging/index.ts +5 -0
package/src/messaging/queue.ts +181 -0
package/src/messaging/rate-limiter.ts +85 -0
package/src/messaging/router.ts +121 -327
package/src/messaging/storage.ts +281 -0
package/src/messaging/types.ts +149 -0
package/src/transport/node.ts +3 -1
package/src/transport/relay-client.ts +390 -0
package/src/transport/relay-types.ts +195 -0
package/LICENSE +0 -21

package/dist/index.js CHANGED Viewed

@@ -1,22 +1,10 @@
 import * as ed25519 from '@noble/ed25519';
 import { base58btc } from 'multiformats/bases/base58';
-import { createLibp2p } from 'libp2p';
-import { tcp } from '@libp2p/tcp';
-import { noise } from '@chainsafe/libp2p-noise';
-import { mplex } from '@libp2p/mplex';
-import { kadDHT, passthroughMapper } from '@libp2p/kad-dht';
-import { bootstrap } from '@libp2p/bootstrap';
-import { identify } from '@libp2p/identify';
-import { ping } from '@libp2p/ping';
-import { circuitRelayTransport, circuitRelayServer } from '@libp2p/circuit-relay-v2';
+import { WebSocket } from 'ws';
 import Ajv from 'ajv';
 import { encode, decode } from 'cbor-x';
-import { fromString } from 'uint8arrays/from-string';
-import { toString } from 'uint8arrays/to-string';
 import lunr from 'lunr';
 import Fuse from 'fuse.js';
-import { peerIdFromString } from '@libp2p/peer-id';
-import { multiaddr } from '@multiformats/multiaddr';
 import { Level } from 'level';
 import { sha256 } from '@noble/hashes/sha256';
 import { bytesToHex } from '@noble/hashes/utils';
@@ -201,107 +189,282 @@ var createLogger = (prefix, level) => {
   return new Logger(prefix, level);
 };
-// src/transport/node.ts
-var logger = createLogger("transport");
-async function createNode(config) {
-  try {
-    const {
-      listenAddresses = ["/ip4/0.0.0.0/tcp/0"],
-      bootstrapPeers = [],
-      enableDHT = true,
-      enableRelay = false,
-      reserveRelaySlot = false,
-      enableMDNS = false,
-      privateKey
-    } = config;
-    const relayListenAddrs = reserveRelaySlot ? bootstrapPeers.map((peer) => `${peer}/p2p-circuit`) : [];
-    const libp2pConfig = {
-      addresses: {
-        listen: [...listenAddresses, ...relayListenAddrs]
-      },
-      ...privateKey ? { privateKey } : {},
-      transports: [
-        tcp(),
-        circuitRelayTransport()
-      ],
-      connectionEncrypters: [noise()],
-      streamMuxers: [mplex()],
-      connectionManager: {
-        minConnections: bootstrapPeers.length > 0 ? 1 : 0,
-        maxConnections: 50
-      },
-      services: {
-        identify: identify(),
-        ping: ping()
-      }
-    };
-    if (enableRelay) {
-      libp2pConfig.services.relay = circuitRelayServer({
-        reservations: {
-          maxReservations: 100
-          // Allow up to 100 concurrent relay reservations
+// src/transport/relay-client.ts
+var logger = createLogger("relay-client");
+var DEFAULT_RECONNECT = {
+  baseMs: 1e3,
+  jitterMs: 2e3,
+  maxDelayMs: 3e4,
+  stableAfterMs: 6e4
+};
+function createRelayClient(config) {
+  const { relayUrls, did, keyPair, card } = config;
+  const reconnectConfig = { ...DEFAULT_RECONNECT, ...config.reconnect };
+  const connections = relayUrls.map((url) => ({
+    url,
+    ws: null,
+    connected: false,
+    reconnectAttempt: 0,
+    reconnectTimer: null,
+    stableTimer: null,
+    peerCount: 0
+  }));
+  let deliveryHandler = null;
+  let deliveryReportHandler = null;
+  let stopped = false;
+  async function connectToRelay(conn) {
+    if (stopped) return;
+    try {
+      logger.info("Connecting to relay", { url: conn.url });
+      const ws = new WebSocket(conn.url);
+      conn.ws = ws;
+      await new Promise((resolve, reject) => {
+        const timeout = setTimeout(() => {
+          reject(new Error("Connection timeout"));
+        }, 1e4);
+        ws.on("open", async () => {
+          clearTimeout(timeout);
+          logger.info("WebSocket connected", { url: conn.url });
+          try {
+            const timestamp = Date.now();
+            const helloData = JSON.stringify({ did, card, timestamp });
+            const signature = await sign(new TextEncoder().encode(helloData), keyPair.privateKey);
+            const hello = {
+              type: "HELLO",
+              protocolVersion: 1,
+              did,
+              card,
+              timestamp,
+              signature
+            };
+            ws.send(JSON.stringify(hello));
+            resolve();
+          } catch (err) {
+            reject(err);
+          }
+        });
+        ws.on("error", (err) => {
+          clearTimeout(timeout);
+          reject(err);
+        });
+      });
+      ws.on("message", async (data) => {
+        try {
+          const msg = JSON.parse(data.toString());
+          await handleRelayMessage(conn, msg);
+        } catch (err) {
+          logger.warn("Failed to parse relay message", { error: err.message });
         }
       });
-    }
-    if (enableDHT) {
-      libp2pConfig.services.dht = kadDHT({
-        clientMode: false,
-        peerInfoMapper: passthroughMapper,
-        validators: {
-          clawiverse: async () => {
-          }
-        },
-        selectors: {
-          clawiverse: () => 0
-        },
-        // Optimize for small networks: reduce replication factor and query timeout
-        kBucketSize: 20,
-        // Default K=20, keep for compatibility
-        querySelfInterval: 3e4,
-        // Self-query every 30 seconds (libp2p default)
-        // Allow queries to complete faster in small networks
-        allowQueryWithZeroPeers: true
+      ws.on("close", () => {
+        logger.info("WebSocket closed", { url: conn.url });
+        conn.connected = false;
+        conn.ws = null;
+        if (conn.stableTimer) {
+          clearTimeout(conn.stableTimer);
+          conn.stableTimer = null;
+        }
+        if (!stopped) {
+          scheduleReconnect(conn);
+        }
+      });
+      ws.on("error", (err) => {
+        logger.warn("WebSocket error", { url: conn.url, error: err.message });
       });
+    } catch (err) {
+      logger.warn("Failed to connect to relay", { url: conn.url, error: err.message });
+      conn.ws = null;
+      conn.connected = false;
+      if (!stopped) {
+        scheduleReconnect(conn);
+      }
     }
-    const peerDiscovery = [];
-    if (bootstrapPeers.length > 0) peerDiscovery.push(bootstrap({ list: bootstrapPeers }));
-    if (enableMDNS) {
-      const { mdns } = await import('@libp2p/mdns');
-      peerDiscovery.push(mdns());
-    }
-    if (peerDiscovery.length > 0) libp2pConfig.peerDiscovery = peerDiscovery;
-    const libp2p = await createLibp2p(libp2pConfig);
-    logger.info("Libp2p node created", {
-      listenAddresses: libp2pConfig.addresses.listen,
-      reserveRelaySlot
-    });
-    return {
-      libp2p,
-      start: async () => {
-        await libp2p.start();
-        logger.info("Node started", {
-          peerId: libp2p.peerId.toString(),
-          addresses: libp2p.getMultiaddrs().map((ma) => ma.toString()),
-          relay: enableRelay,
-          reserveRelaySlot
-        });
-      },
-      stop: async () => {
-        await libp2p.stop();
-        logger.info("Node stopped");
-      },
-      getMultiaddrs: () => {
-        return libp2p.getMultiaddrs().map((ma) => ma.toString());
-      },
-      getPeerId: () => {
-        return libp2p.peerId.toString();
+  }
+  function scheduleReconnect(conn) {
+    if (conn.reconnectTimer) return;
+    const delay = Math.min(
+      reconnectConfig.baseMs * Math.pow(2, conn.reconnectAttempt) + Math.random() * reconnectConfig.jitterMs,
+      reconnectConfig.maxDelayMs
+    );
+    conn.reconnectAttempt++;
+    logger.debug("Scheduling reconnect", { url: conn.url, attempt: conn.reconnectAttempt, delayMs: delay });
+    conn.reconnectTimer = setTimeout(() => {
+      conn.reconnectTimer = null;
+      connectToRelay(conn);
+    }, delay);
+  }
+  async function handleRelayMessage(conn, msg) {
+    switch (msg.type) {
+      case "WELCOME": {
+        const welcome = msg;
+        logger.info("Received WELCOME", { relayId: welcome.relayId, peers: welcome.peers });
+        conn.connected = true;
+        conn.peerCount = welcome.peers;
+        conn.reconnectAttempt = 0;
+        if (conn.stableTimer) clearTimeout(conn.stableTimer);
+        conn.stableTimer = setTimeout(() => {
+          conn.reconnectAttempt = 0;
+          logger.debug("Connection stable", { url: conn.url });
+        }, reconnectConfig.stableAfterMs);
+        break;
       }
-    };
-  } catch (error) {
-    throw new TransportError("Failed to create transport node", error);
+      case "DELIVER": {
+        const deliver = msg;
+        logger.info("Received DELIVER", { messageId: deliver.messageId, from: deliver.from });
+        if (deliveryHandler) {
+          await deliveryHandler(deliver);
+        }
+        break;
+      }
+      case "DELIVERY_REPORT": {
+        const report = msg;
+        logger.info("Received DELIVERY_REPORT", { messageId: report.messageId, status: report.status });
+        if (deliveryReportHandler) {
+          deliveryReportHandler(report);
+        }
+        break;
+      }
+      case "PONG": {
+        conn.peerCount = msg.peers;
+        logger.debug("Received PONG", { peers: msg.peers });
+        break;
+      }
+      default:
+        logger.debug("Received relay message", { type: msg.type });
+    }
   }
+  function getConnectedConnection() {
+    return connections.find((c) => c.connected && c.ws) || null;
+  }
+  async function sendToRelay(msg) {
+    const conn = getConnectedConnection();
+    if (!conn || !conn.ws) {
+      throw new TransportError("No connected relay");
+    }
+    conn.ws.send(JSON.stringify(msg));
+  }
+  return {
+    async start() {
+      stopped = false;
+      logger.info("Starting relay client", { relays: relayUrls.length });
+      for (let i = 0; i < connections.length; i++) {
+        const conn = connections[i];
+        setTimeout(() => {
+          connectToRelay(conn);
+        }, Math.random() * 2e3);
+      }
+      const maxWait = 15e3;
+      const start = Date.now();
+      while (Date.now() - start < maxWait) {
+        if (getConnectedConnection()) {
+          logger.info("Relay client started");
+          return;
+        }
+        await new Promise((resolve) => setTimeout(resolve, 100));
+      }
+      throw new TransportError("Failed to connect to any relay");
+    },
+    async stop() {
+      stopped = true;
+      logger.info("Stopping relay client");
+      for (const conn of connections) {
+        if (conn.reconnectTimer) {
+          clearTimeout(conn.reconnectTimer);
+          conn.reconnectTimer = null;
+        }
+        if (conn.stableTimer) {
+          clearTimeout(conn.stableTimer);
+          conn.stableTimer = null;
+        }
+        if (conn.ws) {
+          conn.ws.close();
+          conn.ws = null;
+        }
+        conn.connected = false;
+      }
+      logger.info("Relay client stopped");
+    },
+    async sendEnvelope(toDid, envelopeBytes) {
+      const msg = {
+        type: "SEND",
+        to: toDid,
+        envelope: envelopeBytes
+      };
+      await sendToRelay(msg);
+      logger.debug("Sent envelope", { to: toDid, size: envelopeBytes.length });
+    },
+    async discover(query, minTrust, limit) {
+      const conn = getConnectedConnection();
+      const ws = conn?.ws;
+      if (!conn || !ws) {
+        throw new TransportError("No connected relay");
+      }
+      return new Promise((resolve, reject) => {
+        const timeout = setTimeout(() => {
+          reject(new TransportError("Discover timeout"));
+        }, 1e4);
+        const handler = (data) => {
+          try {
+            const msg = JSON.parse(data.toString());
+            if (msg.type === "DISCOVERED") {
+              clearTimeout(timeout);
+              ws.off("message", handler);
+              resolve(msg.agents);
+            }
+          } catch (err) {
+          }
+        };
+        ws.on("message", handler);
+        ws.send(JSON.stringify({ type: "DISCOVER", query, minTrust, limit }));
+      });
+    },
+    async fetchCard(did2) {
+      const conn = getConnectedConnection();
+      const ws = conn?.ws;
+      if (!conn || !ws) {
+        throw new TransportError("No connected relay");
+      }
+      return new Promise((resolve, reject) => {
+        const timeout = setTimeout(() => {
+          reject(new TransportError("Fetch card timeout"));
+        }, 5e3);
+        const handler = (data) => {
+          try {
+            const msg = JSON.parse(data.toString());
+            if (msg.type === "CARD" && msg.did === did2) {
+              clearTimeout(timeout);
+              ws.off("message", handler);
+              resolve(msg.card);
+            }
+          } catch (err) {
+          }
+        };
+        ws.on("message", handler);
+        ws.send(JSON.stringify({ type: "FETCH_CARD", did: did2 }));
+      });
+    },
+    onDeliver(handler) {
+      deliveryHandler = handler;
+    },
+    onDeliveryReport(handler) {
+      deliveryReportHandler = handler;
+    },
+    isConnected() {
+      return getConnectedConnection() !== null;
+    },
+    getConnectedRelays() {
+      return connections.filter((c) => c.connected).map((c) => c.url);
+    },
+    getPeerCount() {
+      const conn = getConnectedConnection();
+      return conn ? conn.peerCount : 0;
+    }
+  };
 }
+// src/transport/relay-types.ts
+var RELAY_PROTOCOL_VERSION = 1;
 // src/discovery/agent-card-types.ts
 function isLegacyCard(card) {
   return Array.isArray(card.capabilities) && card.capabilities.length > 0 && typeof card.capabilities[0] === "string";
@@ -557,7 +720,71 @@ function getEncodedSize(card) {
     json: encodeForWeb(card).length
   };
 }
-var logger2 = createLogger("search-index");
+// src/discovery/relay-index.ts
+var logger2 = createLogger("relay-index");
+function createRelayIndexOperations(client) {
+  return {
+    publishAgentCard: async (card) => {
+      logger2.debug("Agent Card published via HELLO", { did: card.did });
+    },
+    queryAgentCard: async (did) => {
+      try {
+        const card = await client.fetchCard(did);
+        if (card) {
+          logger2.debug("Found Agent Card via relay", { did });
+        } else {
+          logger2.debug("Agent Card not found via relay", { did });
+        }
+        return card;
+      } catch (error) {
+        logger2.warn("Failed to query Agent Card", { did, error });
+        return null;
+      }
+    },
+    queryByCapability: async (capability) => {
+      try {
+        const results = await client.discover(capability);
+        const cards = results.map((r) => r.card);
+        logger2.debug("Query by capability", { capability, count: cards.length });
+        return cards;
+      } catch (error) {
+        throw new DiscoveryError("Failed to query by capability", error);
+      }
+    },
+    searchSemantic: async (query) => {
+      try {
+        const queryText = query.text || query.capability || "";
+        const minTrust = query.filters?.minTrustScore;
+        const limit = query.limit || 10;
+        const results = await client.discover(queryText, minTrust, limit);
+        const cards = results.map((r) => r.card);
+        logger2.debug("Semantic search", { query: queryText, count: cards.length });
+        return cards;
+      } catch (error) {
+        throw new DiscoveryError("Failed to perform semantic search", error);
+      }
+    },
+    resolveDID: async (did) => {
+      try {
+        const relays = client.getConnectedRelays();
+        if (relays.length === 0) {
+          logger2.debug("DID resolution failed: no connected relays", { did });
+          return null;
+        }
+        logger2.debug("Resolved DID to relay", { did, relay: relays[0] });
+        return { relayUrl: relays[0] };
+      } catch (error) {
+        logger2.warn("Failed to resolve DID", { did, error });
+        return null;
+      }
+    },
+    queryRelayPeers: async () => {
+      return client.getConnectedRelays();
+    }
+  };
+}
+var logger3 = createLogger("search-index");
 var SearchIndex = class {
   cards = /* @__PURE__ */ new Map();
   lunrIndex;
@@ -569,7 +796,7 @@ var SearchIndex = class {
   indexAgentCard(card) {
     this.cards.set(card.did, card);
     this.needsRebuild = true;
-    logger2.debug("Indexed Agent Card", { did: card.did, capabilities: card.capabilities.length });
+    logger3.debug("Indexed Agent Card", { did: card.did, capabilities: card.capabilities.length });
   }
   /**
    * Remove an Agent Card from the index
@@ -577,7 +804,7 @@ var SearchIndex = class {
   removeAgentCard(did) {
     this.cards.delete(did);
     this.needsRebuild = true;
-    logger2.debug("Removed Agent Card from index", { did });
+    logger3.debug("Removed Agent Card from index", { did });
   }
   /**
    * Search for agents matching a query
@@ -604,7 +831,7 @@ var SearchIndex = class {
     if (query.limit) {
       results = results.slice(0, query.limit);
     }
-    logger2.debug("Search completed", { query, results: results.length });
+    logger3.debug("Search completed", { query, results: results.length });
     return results;
   }
   /**
@@ -621,7 +848,7 @@ var SearchIndex = class {
     this.lunrIndex = void 0;
     this.fuse = void 0;
     this.needsRebuild = false;
-    logger2.info("Search index cleared");
+    logger3.info("Search index cleared");
   }
   /**
    * Get index size
@@ -633,7 +860,7 @@ var SearchIndex = class {
    * Rebuild search indexes
    */
   rebuild() {
-    logger2.info("Rebuilding search indexes", { cards: this.cards.size });
+    logger3.info("Rebuilding search indexes", { cards: this.cards.size });
     const cards = Array.from(this.cards.values());
     this.lunrIndex = lunr(function() {
       this.ref("did");
@@ -660,7 +887,7 @@ var SearchIndex = class {
       includeScore: true
     });
     this.needsRebuild = false;
-    logger2.info("Search indexes rebuilt");
+    logger3.info("Search indexes rebuilt");
   }
   /**
    * Search by text using Lunr
@@ -871,7 +1098,7 @@ var CapabilityMatcher = class {
 };
 // src/discovery/semantic-search.ts
-var logger3 = createLogger("semantic-search");
+var logger4 = createLogger("semantic-search");
 var SemanticSearchEngine = class {
   constructor(dht) {
     this.dht = dht;
@@ -885,12 +1112,12 @@ var SemanticSearchEngine = class {
    * Local-first with network fallback
    */
   async search(query) {
-    logger3.info("Searching for agents", { query });
+    logger4.info("Searching for agents", { query });
     const localResults = this.index.search(query);
-    logger3.debug("Local search results", { count: localResults.length });
+    logger4.debug("Local search results", { count: localResults.length });
     const limit = query.limit || 10;
     if (localResults.length < limit && this.dht) {
-      logger3.debug("Insufficient local results, querying network");
+      logger4.debug("Insufficient local results, querying network");
       const networkResults = await this.searchNetwork(query);
       return this.mergeResults(localResults, networkResults, limit);
     }
@@ -936,17 +1163,17 @@ var SemanticSearchEngine = class {
     try {
       const capability = query.capability || this.extractPrimaryCapability(query.text);
       if (!capability) {
-        logger3.debug("No capability extracted from query, skipping network search");
+        logger4.debug("No capability extracted from query, skipping network search");
         return [];
       }
       const cards = await this.dht.queryByCapability(capability);
-      logger3.debug("Network search results", { count: cards.length });
+      logger4.debug("Network search results", { count: cards.length });
       return cards.map((card) => {
         const score = this.scoreCard(card, query);
         return { card, score };
       });
     } catch (error) {
-      logger3.error("Network search failed", { error });
+      logger4.error("Network search failed", { error });
       return [];
     }
   }
@@ -1030,236 +1257,6 @@ function createSemanticSearch(dht) {
   return new SemanticSearchEngine(dht);
 }
-// src/discovery/dht.ts
-var logger4 = createLogger("dht");
-var peerCache = /* @__PURE__ */ new Map();
-var CACHE_TTL = 5 * 60 * 1e3;
-function extractValue(event) {
-  if (event.name === "VALUE" && event.value) return event.value;
-  if (event.name === "PEER_RESPONSE" && event.value) return event.value;
-  return null;
-}
-function capKey(cap) {
-  return cap.toLowerCase().replace(/[^a-z0-9_-]/g, "_");
-}
-async function readDIDList(dht, key) {
-  try {
-    for await (const event of dht.get(key, { signal: AbortSignal.timeout(3e4) })) {
-      const raw = extractValue(event);
-      if (raw) {
-        const text = toString(raw);
-        return text.split("\n").filter(Boolean);
-      }
-    }
-  } catch {
-  }
-  return [];
-}
-async function writeDIDList(dht, key, dids) {
-  const value = fromString([...new Set(dids)].join("\n"));
-  for (let attempt = 1; attempt <= 3; attempt++) {
-    try {
-      for await (const _ of dht.put(key, value, { signal: AbortSignal.timeout(3e4) })) {
-      }
-      return;
-    } catch (e) {
-      if (e?.name === "AbortError" && attempt < 3) {
-        logger4.debug(`DHT put timeout, retrying (${attempt}/3)...`);
-        continue;
-      }
-      if (e?.name !== "AbortError") throw e;
-    }
-  }
-}
-function createDHTOperations(libp2p) {
-  const operations = {};
-  const searchEngine = createSemanticSearch(operations);
-  return Object.assign(operations, {
-    publishAgentCard: async (card) => {
-      try {
-        const dht = libp2p.services?.dht;
-        if (!dht) throw new DiscoveryError("DHT service not available");
-        const agentKey = fromString(`/clawiverse/agent/${card.did}`);
-        for (let attempt = 1; attempt <= 3; attempt++) {
-          try {
-            for await (const _ of dht.put(agentKey, encodeForDHT(card), { signal: AbortSignal.timeout(3e4) })) {
-            }
-            break;
-          } catch (e) {
-            if (e?.name === "AbortError" && attempt < 3) {
-              logger4.debug(`DHT put agent card timeout, retrying (${attempt}/3)...`);
-              continue;
-            }
-            logger4.warn("DHT put agent card failed (non-fatal)", { error: e.message });
-            break;
-          }
-        }
-        const caps = (card.capabilities ?? []).flatMap((c) => {
-          if (typeof c === "string") return [c];
-          return [c.name, c.id].filter((v) => typeof v === "string" && v.length > 0);
-        });
-        caps.push("__all__");
-        const importantCaps = ["__all__"];
-        if (caps.some((cap) => capKey(cap) === "relay")) {
-          importantCaps.push("relay");
-        }
-        await Promise.all(importantCaps.map(async (cap) => {
-          const capKeyStr = `/clawiverse/cap/${capKey(cap)}`;
-          const capDHTKey = fromString(capKeyStr);
-          try {
-            const existing = await readDIDList(dht, capDHTKey);
-            if (!existing.includes(card.did)) {
-              await writeDIDList(dht, capDHTKey, [...existing, card.did]);
-              logger4.debug("Indexed capability in DHT", { cap: capKey(cap), did: card.did });
-            }
-          } catch (e) {
-            logger4.warn("Failed to index capability (non-fatal)", { cap: capKey(cap), error: e.message });
-          }
-        }));
-        searchEngine.indexAgentCard(card);
-        logger4.info("Published Agent Card to DHT", { did: card.did });
-      } catch (error) {
-        logger4.warn("Failed to publish Agent Card to DHT (non-fatal)", { error: error.message });
-        searchEngine.indexAgentCard(card);
-      }
-    },
-    queryAgentCard: async (did) => {
-      try {
-        const dht = libp2p.services?.dht;
-        if (!dht) throw new DiscoveryError("DHT service not available");
-        const key = fromString(`/clawiverse/agent/${did}`);
-        for await (const event of dht.get(key)) {
-          const raw = extractValue(event);
-          if (raw) {
-            const card = decodeFromCBOR(raw);
-            searchEngine.indexAgentCard(card);
-            logger4.debug("Found Agent Card in DHT", { did });
-            return card;
-          }
-        }
-        logger4.debug("Agent Card not found in DHT", { did });
-        return null;
-      } catch (error) {
-        logger4.warn("Failed to query Agent Card", { did, error });
-        return null;
-      }
-    },
-    queryByCapability: async (capability) => {
-      try {
-        const dht = libp2p.services?.dht;
-        const local = searchEngine.getAllIndexedCards().filter(
-          (card) => card.capabilities.some((cap) => {
-            const name = typeof cap === "string" ? cap : cap.name;
-            return name?.toLowerCase().includes(capability.toLowerCase());
-          })
-        );
-        if (local.length > 0) return local;
-        if (!dht) return [];
-        const capDHTKey = fromString(`/clawiverse/cap/${capKey(capability)}`);
-        const dids = await readDIDList(dht, capDHTKey);
-        logger4.debug("DHT capability index", { capability, dids });
-        const cards = await Promise.all(
-          dids.map(async (did) => {
-            const key = fromString(`/clawiverse/agent/${did}`);
-            try {
-              for await (const event of dht.get(key)) {
-                const raw = extractValue(event);
-                if (raw) {
-                  const card = decodeFromCBOR(raw);
-                  searchEngine.indexAgentCard(card);
-                  return card;
-                }
-              }
-            } catch {
-            }
-            return null;
-          })
-        );
-        return cards.filter((c) => c !== null);
-      } catch (error) {
-        throw new DiscoveryError("Failed to query by capability", error);
-      }
-    },
-    searchSemantic: async (query) => {
-      try {
-        const dht = libp2p.services?.dht;
-        if (dht) {
-          const allKey = fromString("/clawiverse/cap/__all__");
-          const dids = await readDIDList(dht, allKey);
-          logger4.debug("DHT __all__ index", { count: dids.length });
-          await Promise.all(
-            dids.map(async (did) => {
-              const key = fromString(`/clawiverse/agent/${did}`);
-              try {
-                for await (const event of dht.get(key)) {
-                  const raw = extractValue(event);
-                  if (raw) {
-                    searchEngine.indexAgentCard(decodeFromCBOR(raw));
-                    break;
-                  }
-                }
-              } catch {
-              }
-            })
-          );
-        }
-        return searchEngine.search(query);
-      } catch (error) {
-        throw new DiscoveryError("Failed to perform semantic search", error);
-      }
-    },
-    queryRelayPeers: async () => {
-      const dht = libp2p.services?.dht;
-      if (!dht) return [];
-      const capDHTKey = fromString("/clawiverse/cap/relay");
-      const dids = await readDIDList(dht, capDHTKey);
-      const addrs = [];
-      await Promise.all(dids.map(async (did) => {
-        const card = await operations.queryAgentCard(did);
-        if (card?.endpoints) {
-          addrs.push(...card.endpoints.filter((e) => !e.includes("/p2p-circuit/")));
-        }
-      }));
-      return addrs;
-    },
-    resolveDID: async (did) => {
-      try {
-        const cached = peerCache.get(did);
-        if (cached && Date.now() - cached.timestamp < CACHE_TTL) {
-          logger4.debug("Using cached peer info", { did });
-          return { peerId: cached.peerId, multiaddrs: cached.multiaddrs };
-        }
-        const dht = libp2p.services?.dht;
-        if (!dht) throw new DiscoveryError("DHT service not available");
-        const key = fromString(`/clawiverse/agent/${did}`);
-        for await (const event of dht.get(key)) {
-          const raw = extractValue(event);
-          if (raw) {
-            const card = decodeFromCBOR(raw);
-            if (card.peerId) {
-              logger4.debug("Resolved DID to peer", { did, peerId: card.peerId });
-              const result = { peerId: card.peerId, multiaddrs: card.endpoints || [] };
-              peerCache.set(did, {
-                peerId: result.peerId,
-                multiaddrs: result.multiaddrs,
-                timestamp: Date.now()
-              });
-              return result;
-            }
-            logger4.warn("Agent Card found but has no peerId", { did });
-            return null;
-          }
-        }
-        logger4.debug("DID not found in DHT", { did });
-        return null;
-      } catch (error) {
-        logger4.warn("Failed to resolve DID", { did, error });
-        return null;
-      }
-    }
-  });
-}
 // src/messaging/envelope.ts
 function createEnvelope(from, to, type, protocol, payload, replyTo) {
   return {
@@ -1335,23 +1332,13 @@ function decodeMessageJSON(json) {
     throw new MessagingError("Failed to decode message from JSON", error);
   }
 }
+// src/messaging/router.ts
 var logger5 = createLogger("router");
-function concatUint8Arrays(arrays) {
-  if (arrays.length === 0) return new Uint8Array(0);
-  if (arrays.length === 1) return arrays[0];
-  const totalLength = arrays.reduce((acc, arr) => acc + arr.length, 0);
-  const result = new Uint8Array(totalLength);
-  let offset = 0;
-  for (const arr of arrays) {
-    result.set(arr, offset);
-    offset += arr.length;
-  }
-  return result;
-}
-function createMessageRouter(libp2p, verifyFn, dht, relayPeers) {
+function createMessageRouter(relayClient, verifyFn) {
   const handlers = /* @__PURE__ */ new Map();
   let catchAllHandler;
-  const PROTOCOL_PREFIX = "/clawiverse/msg/1.0.0";
+  const pendingRequests = /* @__PURE__ */ new Map();
   return {
     registerHandler: (protocol, handler) => {
       handlers.set(protocol, handler);
@@ -1365,134 +1352,14 @@ function createMessageRouter(libp2p, verifyFn, dht, relayPeers) {
       catchAllHandler = handler;
       logger5.info("Registered catch-all message handler");
     },
-    sendMessage: async (envelope, peerHint) => {
+    sendMessage: async (envelope) => {
       try {
         if (!validateEnvelope(envelope)) {
           throw new MessagingError("Invalid message envelope");
         }
-        let targetPeerIdStr;
-        let targetMultiaddrs = [];
-        if (peerHint) {
-          targetPeerIdStr = peerHint.peerId;
-          targetMultiaddrs = peerHint.multiaddrs;
-          logger5.info("Using peer hint for direct addressing", { peerId: targetPeerIdStr });
-        } else if (dht) {
-          const resolved = await dht.resolveDID(envelope.to);
-          if (resolved) {
-            targetPeerIdStr = resolved.peerId;
-            targetMultiaddrs = resolved.multiaddrs;
-          }
-        }
-        if (!targetPeerIdStr) {
-          throw new MessagingError(
-            `Cannot resolve recipient: ${envelope.to} \u2014 provide peerHint or ensure agent is in DHT`
-          );
-        }
-        const targetPeerId = peerIdFromString(targetPeerIdStr);
-        if (targetMultiaddrs.length > 0) {
-          const mas = targetMultiaddrs.map((a) => multiaddr(a));
-          await libp2p.peerStore.merge(targetPeerId, { multiaddrs: mas });
-        }
-        logger5.info("Dialing peer for message delivery", {
-          peerId: targetPeerIdStr,
-          multiaddrs: targetMultiaddrs
-        });
-        let stream;
-        const DIAL_TIMEOUT = 3e3;
-        const relayMultiaddrs = targetMultiaddrs.filter((a) => a.includes("/p2p-circuit/"));
-        const directMultiaddrs = targetMultiaddrs.filter((a) => !a.includes("/p2p-circuit/"));
-        if (directMultiaddrs.length > 0) {
-          const directDialPromises = directMultiaddrs.map(async (addr) => {
-            try {
-              const conn = await libp2p.dial(multiaddr(addr), {
-                signal: AbortSignal.timeout(DIAL_TIMEOUT)
-              });
-              const s = await conn.newStream(PROTOCOL_PREFIX, { runOnLimitedConnection: true });
-              logger5.info("Direct dial succeeded", { addr });
-              return { conn, stream: s };
-            } catch {
-              return null;
-            }
-          });
-          const winner = await Promise.race(
-            directDialPromises.map((p) => p.then((r) => r || Promise.reject()))
-          ).catch(() => void 0);
-          if (winner) {
-            stream = winner.stream;
-            Promise.allSettled(directDialPromises).then((results) => {
-              for (const result of results) {
-                if (result.status === "fulfilled" && result.value && result.value.stream !== stream) {
-                  result.value.conn.close().catch(() => {
-                  });
-                }
-              }
-            });
-          }
-        }
-        let lastError;
-        if (!stream) {
-          const allRelayAddrs = [
-            ...relayMultiaddrs,
-            ...(relayPeers ?? []).map((r) => buildCircuitRelayAddr(r, targetPeerIdStr))
-          ];
-          const uniqueRelayAddrs = [...new Set(allRelayAddrs)];
-          if (uniqueRelayAddrs.length > 0) {
-            const relayDialPromises = uniqueRelayAddrs.map(async (addr) => {
-              try {
-                const conn = await libp2p.dial(multiaddr(addr), {
-                  signal: AbortSignal.timeout(DIAL_TIMEOUT)
-                });
-                logger5.info("Relay connection established", { addr });
-                const s = await conn.newStream(PROTOCOL_PREFIX, { runOnLimitedConnection: true });
-                logger5.info("Relay stream opened", { addr });
-                return { conn, stream: s };
-              } catch (relayErr) {
-                logger5.warn("Relay dial failed", { addr, error: relayErr.message });
-                lastError = relayErr;
-                return null;
-              }
-            });
-            const winner = await Promise.race(
-              relayDialPromises.map((p) => p.then((r) => r || Promise.reject()))
-            ).catch(() => void 0);
-            if (winner) {
-              stream = winner.stream;
-              Promise.allSettled(relayDialPromises).then((results) => {
-                for (const result of results) {
-                  if (result.status === "fulfilled" && result.value && result.value.stream !== stream) {
-                    result.value.conn.close().catch(() => {
-                    });
-                  }
-                }
-              });
-            }
-          }
-        }
-        if (!stream && dht && "queryRelayPeers" in dht) {
-          const discoveredRelays = await dht.queryRelayPeers();
-          for (const relayAddr of discoveredRelays) {
-            const circuitAddr = buildCircuitRelayAddr(relayAddr, targetPeerIdStr);
-            try {
-              const conn = await libp2p.dial(multiaddr(circuitAddr));
-              stream = await conn.newStream(PROTOCOL_PREFIX, { runOnLimitedConnection: true });
-              logger5.info("DHT-discovered relay succeeded", { relayAddr });
-              break;
-            } catch (e) {
-              logger5.warn("DHT relay failed", { relayAddr, error: e.message });
-              lastError = e;
-            }
-          }
-        }
-        if (!stream) {
-          throw lastError ?? new MessagingError("All dial attempts failed (including DHT-discovered relays)");
-        }
         const encoded = encodeMessage(envelope);
-        await stream.sink(
-          (async function* () {
-            yield encoded;
-          })()
-        );
-        logger5.info("Message sent over libp2p stream", {
+        await relayClient.sendEnvelope(envelope.to, encoded);
+        logger5.info("Message sent via relay", {
           id: envelope.id,
           from: envelope.from,
           to: envelope.to,
@@ -1500,38 +1367,15 @@ function createMessageRouter(libp2p, verifyFn, dht, relayPeers) {
         });
         if (envelope.type === "request") {
           logger5.debug("Waiting for response to request", { id: envelope.id });
-          try {
-            const RESPONSE_TIMEOUT = 5e3;
-            const responsePromise = (async () => {
-              const responseChunks = [];
-              for await (const chunk of stream.source) {
-                responseChunks.push(chunk.subarray());
-              }
-              if (responseChunks.length > 0) {
-                const responseData = concatUint8Arrays(responseChunks);
-                const responseEnvelope = decodeMessage(responseData);
-                logger5.info("Received response", {
-                  id: responseEnvelope.id,
-                  replyTo: responseEnvelope.replyTo
-                });
-                return responseEnvelope;
-              } else {
-                logger5.warn("No response received for request", { id: envelope.id });
-                return void 0;
-              }
-            })();
-            const timeoutPromise = new Promise((resolve) => {
-              setTimeout(() => {
-                logger5.warn("Response timeout", { id: envelope.id, timeout: RESPONSE_TIMEOUT });
-                resolve(void 0);
-              }, RESPONSE_TIMEOUT);
-            });
-            const response = await Promise.race([responsePromise, timeoutPromise]);
-            return response;
-          } catch (error) {
-            logger5.warn("Error reading response", { error });
-            return void 0;
-          }
+          const RESPONSE_TIMEOUT = 3e4;
+          return new Promise((resolve) => {
+            const timeout = setTimeout(() => {
+              pendingRequests.delete(envelope.id);
+              logger5.warn("Response timeout", { id: envelope.id, timeout: RESPONSE_TIMEOUT });
+              resolve(void 0);
+            }, RESPONSE_TIMEOUT);
+            pendingRequests.set(envelope.id, { resolve, timeout });
+          });
         }
         return void 0;
       } catch (error) {
@@ -1540,107 +1384,671 @@ function createMessageRouter(libp2p, verifyFn, dht, relayPeers) {
       }
     },
     start: async () => {
-      await libp2p.handle(PROTOCOL_PREFIX, async ({ stream }) => {
+      relayClient.onDeliver(async (deliverMsg) => {
         try {
-          await handleIncomingStream(stream, handlers, catchAllHandler, verifyFn);
+          const envelope = decodeMessage(deliverMsg.envelope);
+          if (!validateEnvelope(envelope)) {
+            logger5.warn("Received invalid message envelope");
+            return;
+          }
+          const isValidSignature = await verifyEnvelope(envelope, async (signature, data) => {
+            const senderPublicKey = extractPublicKey(envelope.from);
+            return verify(signature, data, senderPublicKey);
+          });
+          if (!isValidSignature) {
+            logger5.warn("Received message with invalid signature", {
+              id: envelope.id,
+              from: envelope.from
+            });
+            return;
+          }
+          try {
+            const { signature, ...envelopeWithoutSig } = envelope;
+            const dataBytes = new TextEncoder().encode(JSON.stringify(envelopeWithoutSig));
+            const signatureBytes = Buffer.from(signature, "hex");
+            const hookValid = await verifyFn(signatureBytes, dataBytes);
+            if (!hookValid) {
+              logger5.warn("Message rejected by custom verifier", {
+                id: envelope.id,
+                from: envelope.from
+              });
+              return;
+            }
+          } catch (error) {
+            logger5.warn("Custom verification hook failed", {
+              id: envelope.id,
+              from: envelope.from,
+              error: error.message
+            });
+            return;
+          }
+          logger5.info("Received message", {
+            id: envelope.id,
+            from: envelope.from,
+            to: envelope.to,
+            protocol: envelope.protocol,
+            type: envelope.type
+          });
+          if (envelope.type === "response" && envelope.replyTo) {
+            const pending = pendingRequests.get(envelope.replyTo);
+            if (pending) {
+              clearTimeout(pending.timeout);
+              pendingRequests.delete(envelope.replyTo);
+              pending.resolve(envelope);
+              logger5.info("Matched response to pending request", {
+                requestId: envelope.replyTo,
+                responseId: envelope.id
+              });
+              return;
+            }
+          }
+          const handler = handlers.get(envelope.protocol);
+          let response = void 0;
+          if (handler) {
+            response = await handler(envelope);
+          } else if (catchAllHandler) {
+            logger5.debug("Using catch-all handler for protocol", { protocol: envelope.protocol });
+            response = await catchAllHandler(envelope);
+          } else {
+            logger5.warn("No handler for protocol", { protocol: envelope.protocol });
+          }
+          if (response) {
+            const encoded = encodeMessage(response);
+            await relayClient.sendEnvelope(response.to, encoded);
+            logger5.info("Sent response back to sender", {
+              responseId: response.id,
+              replyTo: response.replyTo
+            });
+          }
         } catch (error) {
-          logger5.error("Error handling incoming stream", error);
+          logger5.error("Error handling incoming message", error);
         }
-      }, { runOnLimitedConnection: true });
+      });
       logger5.info("Message router started");
     },
     stop: async () => {
-      await libp2p.unhandle(PROTOCOL_PREFIX);
+      for (const [, pending] of pendingRequests.entries()) {
+        clearTimeout(pending.timeout);
+        pending.resolve(void 0);
+      }
+      pendingRequests.clear();
       handlers.clear();
       catchAllHandler = void 0;
       logger5.info("Message router stopped");
     }
   };
 }
-function buildCircuitRelayAddr(relayAddr, targetPeerId) {
-  return `${relayAddr}/p2p-circuit/p2p/${targetPeerId}`;
-}
-async function handleIncomingStream(stream, handlers, catchAllHandler, verifyFn) {
-  try {
-    const chunks = [];
-    for await (const chunk of stream.source) {
-      chunks.push(chunk.subarray());
-    }
-    const data = concatUint8Arrays(chunks);
-    if (data.length === 0) {
-      logger5.debug("Received empty stream, ignoring");
-      return;
-    }
-    const envelope = decodeMessage(data);
-    if (!validateEnvelope(envelope)) {
-      logger5.warn("Received invalid message envelope");
-      return;
-    }
-    const isValidSignature = await verifyEnvelope(envelope, async (signature, data2) => {
-      const senderPublicKey = extractPublicKey(envelope.from);
-      return verify(signature, data2, senderPublicKey);
-    });
-    if (!isValidSignature) {
-      logger5.warn("Received message with invalid signature", {
-        id: envelope.id,
-        from: envelope.from
-      });
-      return;
+var logger6 = createLogger("message-storage");
+var MessageStorage = class {
+  db;
+  ready = false;
+  constructor(dbPath) {
+    this.db = new Level(dbPath, { valueEncoding: "json" });
+  }
+  async open() {
+    await this.db.open();
+    this.ready = true;
+    logger6.info("Message storage opened");
+  }
+  async close() {
+    if (this.ready) {
+      await this.db.close();
+      this.ready = false;
+      logger6.info("Message storage closed");
+    }
+  }
+  // ─── Message Operations ───────────────────────────────────────────────────
+  async putMessage(msg) {
+    const ts = String(msg.receivedAt ?? msg.sentAt ?? Date.now()).padStart(16, "0");
+    const key = `msg:${msg.direction}:${ts}:${msg.envelope.id}`;
+    await this.db.put(key, msg);
+    const idxKey = `idx:from:${msg.envelope.from}:${ts}:${msg.envelope.id}`;
+    await this.db.put(idxKey, "1");
+  }
+  async getMessage(id) {
+    for (const direction of ["inbound", "outbound"]) {
+      const prefix = `msg:${direction}:`;
+      for await (const [, value] of this.db.iterator({
+        gte: prefix,
+        lte: prefix + "\xFF",
+        valueEncoding: "json"
+      })) {
+        if (value.envelope.id === id) return value;
+      }
+    }
+    return null;
+  }
+  async updateMessage(id, updates) {
+    const msg = await this.getMessage(id);
+    if (!msg) return;
+    const ts = String(msg.receivedAt ?? msg.sentAt ?? Date.now()).padStart(16, "0");
+    const key = `msg:${msg.direction}:${ts}:${id}`;
+    await this.db.put(key, { ...msg, ...updates });
+  }
+  async deleteMessage(id) {
+    const msg = await this.getMessage(id);
+    if (!msg) return;
+    const ts = String(msg.receivedAt ?? msg.sentAt ?? Date.now()).padStart(16, "0");
+    const key = `msg:${msg.direction}:${ts}:${id}`;
+    const idxKey = `idx:from:${msg.envelope.from}:${ts}:${id}`;
+    await this.db.batch([
+      { type: "del", key },
+      { type: "del", key: idxKey }
+    ]);
+  }
+  async queryMessages(direction, filter = {}, pagination = {}) {
+    const { limit = 50, offset = 0 } = pagination;
+    const prefix = `msg:${direction}:`;
+    const results = [];
+    let total = 0;
+    let skipped = 0;
+    for await (const [, value] of this.db.iterator({
+      gte: prefix,
+      lte: prefix + "\xFF",
+      reverse: true,
+      // newest first
+      valueEncoding: "json"
+    })) {
+      if (!this.matchesFilter(value, filter)) continue;
+      total++;
+      if (skipped < offset) {
+        skipped++;
+        continue;
+      }
+      if (results.length < limit) results.push(value);
+    }
+    return {
+      messages: results,
+      total,
+      hasMore: total > offset + results.length
+    };
+  }
+  matchesFilter(msg, filter) {
+    if (filter.fromDid) {
+      const froms = Array.isArray(filter.fromDid) ? filter.fromDid : [filter.fromDid];
+      if (!froms.includes(msg.envelope.from)) return false;
+    }
+    if (filter.toDid) {
+      const tos = Array.isArray(filter.toDid) ? filter.toDid : [filter.toDid];
+      if (!tos.includes(msg.envelope.to)) return false;
+    }
+    if (filter.protocol) {
+      const protos = Array.isArray(filter.protocol) ? filter.protocol : [filter.protocol];
+      if (!protos.includes(msg.envelope.protocol)) return false;
     }
+    if (filter.type && msg.envelope.type !== filter.type) return false;
+    if (filter.unreadOnly && msg.readAt != null) return false;
+    if (filter.status) {
+      const statuses = Array.isArray(filter.status) ? filter.status : [filter.status];
+      if (!statuses.includes(msg.status)) return false;
+    }
+    if (filter.maxAge) {
+      const age = Date.now() - (msg.receivedAt ?? msg.sentAt ?? 0);
+      if (age > filter.maxAge) return false;
+    }
+    if (filter.minTrustScore != null && (msg.trustScore ?? 0) < filter.minTrustScore) return false;
+    return true;
+  }
+  async countMessages(direction, filter = {}) {
+    const prefix = `msg:${direction}:`;
+    let count = 0;
+    for await (const [, value] of this.db.iterator({
+      gte: prefix,
+      lte: prefix + "\xFF",
+      valueEncoding: "json"
+    })) {
+      if (this.matchesFilter(value, filter)) count++;
+    }
+    return count;
+  }
+  // ─── Blocklist ────────────────────────────────────────────────────────────
+  async putBlock(entry) {
+    await this.db.put(`block:${entry.did}`, entry);
+  }
+  async getBlock(did) {
     try {
-      const { signature, ...envelopeWithoutSig } = envelope;
-      const dataBytes = new TextEncoder().encode(JSON.stringify(envelopeWithoutSig));
-      const signatureBytes = Buffer.from(signature, "hex");
-      const hookValid = await verifyFn(signatureBytes, dataBytes);
-      if (!hookValid) {
-        logger5.warn("Message rejected by custom verifier", {
-          id: envelope.id,
-          from: envelope.from
+      return await this.db.get(`block:${did}`);
+    } catch {
+      return null;
+    }
+  }
+  async deleteBlock(did) {
+    try {
+      await this.db.del(`block:${did}`);
+    } catch {
+    }
+  }
+  async listBlocked() {
+    const results = [];
+    for await (const [, value] of this.db.iterator({
+      gte: "block:",
+      lte: "block:\xFF",
+      valueEncoding: "json"
+    })) {
+      results.push(value);
+    }
+    return results;
+  }
+  // ─── Allowlist ────────────────────────────────────────────────────────────
+  async putAllow(entry) {
+    await this.db.put(`allow:${entry.did}`, entry);
+  }
+  async getAllow(did) {
+    try {
+      return await this.db.get(`allow:${did}`);
+    } catch {
+      return null;
+    }
+  }
+  async deleteAllow(did) {
+    try {
+      await this.db.del(`allow:${did}`);
+    } catch {
+    }
+  }
+  async listAllowed() {
+    const results = [];
+    for await (const [, value] of this.db.iterator({
+      gte: "allow:",
+      lte: "allow:\xFF",
+      valueEncoding: "json"
+    })) {
+      results.push(value);
+    }
+    return results;
+  }
+  // ─── Seen Cache ───────────────────────────────────────────────────────────
+  async putSeen(entry) {
+    await this.db.put(`seen:${entry.messageId}`, entry);
+  }
+  async getSeen(messageId) {
+    try {
+      return await this.db.get(`seen:${messageId}`);
+    } catch {
+      return null;
+    }
+  }
+  async cleanupSeen(maxAgeMs) {
+    const cutoff = Date.now() - maxAgeMs;
+    const toDelete = [];
+    for await (const [key, value] of this.db.iterator({
+      gte: "seen:",
+      lte: "seen:\xFF",
+      valueEncoding: "json"
+    })) {
+      if (value.seenAt < cutoff) toDelete.push(key);
+    }
+    await this.db.batch(toDelete.map((key) => ({ type: "del", key })));
+  }
+  // ─── Rate Limit State ─────────────────────────────────────────────────────
+  async putRateLimit(state) {
+    await this.db.put(`rate:${state.did}`, state);
+  }
+  async getRateLimit(did) {
+    try {
+      return await this.db.get(`rate:${did}`);
+    } catch {
+      return null;
+    }
+  }
+  async cleanupRateLimits(maxAgeMs) {
+    const cutoff = Date.now() - maxAgeMs;
+    const toDelete = [];
+    for await (const [key, value] of this.db.iterator({
+      gte: "rate:",
+      lte: "rate:\xFF",
+      valueEncoding: "json"
+    })) {
+      if (value.lastRefill < cutoff) toDelete.push(key);
+    }
+    await this.db.batch(toDelete.map((key) => ({ type: "del", key })));
+  }
+};
+// src/messaging/queue.ts
+var logger7 = createLogger("message-queue");
+var MessageQueue = class {
+  storage;
+  subscriptions = /* @__PURE__ */ new Map();
+  subCounter = 0;
+  constructor(config) {
+    this.storage = new MessageStorage(config.dbPath);
+  }
+  get store() {
+    return this.storage;
+  }
+  async start() {
+    await this.storage.open();
+    logger7.info("Message queue started");
+  }
+  async stop() {
+    await this.storage.close();
+    this.subscriptions.clear();
+    logger7.info("Message queue stopped");
+  }
+  // ─── Inbox ────────────────────────────────────────────────────────────────
+  async getInbox(filter = {}, pagination = {}) {
+    return this.storage.queryMessages("inbound", filter, pagination);
+  }
+  async getMessage(id) {
+    return this.storage.getMessage(id);
+  }
+  async markAsRead(id) {
+    await this.storage.updateMessage(id, { readAt: Date.now() });
+  }
+  async deleteMessage(id) {
+    await this.storage.deleteMessage(id);
+  }
+  // ─── Outbox ───────────────────────────────────────────────────────────────
+  async getOutbox(pagination = {}) {
+    return this.storage.queryMessages("outbound", {}, pagination);
+  }
+  async retryMessage(id) {
+    await this.storage.updateMessage(id, { status: "pending", error: void 0 });
+  }
+  // ─── Enqueue ──────────────────────────────────────────────────────────────
+  async enqueueInbound(envelope, trustScore) {
+    const msg = {
+      envelope,
+      direction: "inbound",
+      status: "pending",
+      receivedAt: Date.now(),
+      trustScore
+    };
+    await this.storage.putMessage(msg);
+    logger7.debug("Enqueued inbound message", { id: envelope.id, from: envelope.from });
+    this.notifySubscribers(msg);
+    return msg;
+  }
+  async enqueueOutbound(envelope) {
+    const msg = {
+      envelope,
+      direction: "outbound",
+      status: "pending",
+      sentAt: Date.now()
+    };
+    await this.storage.putMessage(msg);
+    logger7.debug("Enqueued outbound message", { id: envelope.id, to: envelope.to });
+    return msg;
+  }
+  async markOutboundDelivered(id) {
+    await this.storage.updateMessage(id, { status: "delivered" });
+  }
+  async markOutboundFailed(id, error) {
+    await this.storage.updateMessage(id, { status: "failed", error });
+  }
+  // ─── Subscriptions ────────────────────────────────────────────────────────
+  subscribe(filter, callback) {
+    const id = `sub_${++this.subCounter}`;
+    this.subscriptions.set(id, { id, filter, callback });
+    logger7.debug("Subscription added", { id });
+    return id;
+  }
+  unsubscribe(subscriptionId) {
+    this.subscriptions.delete(subscriptionId);
+    logger7.debug("Subscription removed", { id: subscriptionId });
+  }
+  notifySubscribers(msg) {
+    for (const sub of this.subscriptions.values()) {
+      if (this.matchesSubscriptionFilter(msg, sub.filter)) {
+        Promise.resolve(sub.callback(msg)).catch((err) => {
+          logger7.warn("Subscription callback error", { id: sub.id, error: err.message });
         });
-        return;
       }
-    } catch (error) {
-      logger5.warn("Custom verification hook failed", {
+    }
+  }
+  matchesSubscriptionFilter(msg, filter) {
+    if (filter.fromDid) {
+      const froms = Array.isArray(filter.fromDid) ? filter.fromDid : [filter.fromDid];
+      if (!froms.includes(msg.envelope.from)) return false;
+    }
+    if (filter.protocol) {
+      const protos = Array.isArray(filter.protocol) ? filter.protocol : [filter.protocol];
+      if (!protos.includes(msg.envelope.protocol)) return false;
+    }
+    if (filter.type && msg.envelope.type !== filter.type) return false;
+    return true;
+  }
+  // ─── Stats ────────────────────────────────────────────────────────────────
+  async getStats() {
+    const [inboxTotal, inboxUnread, outboxPending, outboxFailed, blocked, allowed] = await Promise.all([
+      this.storage.countMessages("inbound"),
+      this.storage.countMessages("inbound", { unreadOnly: true }),
+      this.storage.countMessages("outbound", { status: "pending" }),
+      this.storage.countMessages("outbound", { status: "failed" }),
+      this.storage.listBlocked().then((l) => l.length),
+      this.storage.listAllowed().then((l) => l.length)
+    ]);
+    return {
+      inboxTotal,
+      inboxUnread,
+      outboxPending,
+      outboxFailed,
+      blockedAgents: blocked,
+      allowedAgents: allowed,
+      rateLimitedAgents: 0
+    };
+  }
+};
+// src/messaging/rate-limiter.ts
+var TokenBucket = class {
+  tokens;
+  lastRefill;
+  capacity;
+  refillRate;
+  // tokens per ms
+  constructor(config, initialTokens, lastRefill) {
+    this.capacity = config.capacity;
+    this.refillRate = config.refillRate;
+    this.tokens = initialTokens ?? config.capacity;
+    this.lastRefill = lastRefill ?? Date.now();
+  }
+  /** Attempt to consume one token. Returns true if allowed. */
+  consume() {
+    this.refill();
+    if (this.tokens >= 1) {
+      this.tokens -= 1;
+      return true;
+    }
+    return false;
+  }
+  getRemaining() {
+    this.refill();
+    return Math.floor(this.tokens);
+  }
+  /** Milliseconds until at least one token is available */
+  getResetTime() {
+    this.refill();
+    if (this.tokens >= 1) return 0;
+    const needed = 1 - this.tokens;
+    return Math.ceil(needed / this.refillRate);
+  }
+  /** Serialize state for persistence */
+  toState() {
+    return { tokens: this.tokens, lastRefill: this.lastRefill };
+  }
+  refill() {
+    const now = Date.now();
+    const elapsed = now - this.lastRefill;
+    const newTokens = elapsed * this.refillRate;
+    this.tokens = Math.min(this.capacity, this.tokens + newTokens);
+    this.lastRefill = now;
+  }
+};
+var DEFAULT_RATE_LIMIT_TIERS = {
+  newAgent: { capacity: 10, refillRate: 10 / (60 * 1e3) },
+  // 10/min, burst 10
+  established: { capacity: 100, refillRate: 60 / (60 * 1e3) },
+  // 60/min, burst 100
+  trusted: { capacity: 1e3, refillRate: 600 / (60 * 1e3) }
+  // 600/min, burst 1000
+};
+function getTierConfig(trustScore, tiers) {
+  if (trustScore >= 0.6) return tiers.trusted;
+  if (trustScore >= 0.3) return tiers.established;
+  return tiers.newAgent;
+}
+// src/messaging/defense.ts
+var logger8 = createLogger("defense");
+var DefenseMiddleware = class {
+  trust;
+  storage;
+  minTrustScore;
+  autoBlockThreshold;
+  tiers;
+  seenTtlMs;
+  // In-memory LRU-style seen cache (backed by LevelDB for persistence)
+  seenCache = /* @__PURE__ */ new Map();
+  // id → seenAt
+  MAX_SEEN_CACHE = 1e4;
+  // In-memory token buckets (backed by LevelDB for persistence)
+  buckets = /* @__PURE__ */ new Map();
+  constructor(config) {
+    this.trust = config.trustSystem;
+    this.storage = config.storage;
+    this.minTrustScore = config.minTrustScore ?? 0;
+    this.autoBlockThreshold = config.autoBlockThreshold ?? 0.1;
+    this.tiers = config.rateLimitTiers ?? DEFAULT_RATE_LIMIT_TIERS;
+    this.seenTtlMs = config.seenTtlMs ?? 60 * 60 * 1e3;
+  }
+  /**
+   * Run all defense checks on an incoming message.
+   * Returns { allowed: true } if the message should be processed,
+   * or { allowed: false, reason } if it should be dropped.
+   */
+  async checkMessage(envelope) {
+    const did = envelope.from;
+    if (await this.isAllowed(did)) {
+      this.markAsSeen(envelope.id);
+      return { allowed: true };
+    }
+    if (await this.isBlocked(did)) {
+      logger8.debug("Message rejected: blocked", { id: envelope.id, from: did });
+      return { allowed: false, reason: "blocked" };
+    }
+    if (this.hasSeen(envelope.id)) {
+      logger8.debug("Message rejected: duplicate", { id: envelope.id });
+      return { allowed: false, reason: "duplicate" };
+    }
+    let trustScore = 0;
+    try {
+      const score = await this.trust.getTrustScore(did);
+      trustScore = score.interactionScore;
+      if (trustScore < this.autoBlockThreshold && trustScore > 0) {
+        logger8.warn("Auto-blocking low-trust agent", { did, trustScore });
+        await this.blockAgent(did, `Auto-blocked: trust score ${trustScore.toFixed(2)} below threshold`);
+        return { allowed: false, reason: "blocked" };
+      }
+      if (trustScore < this.minTrustScore) {
+        logger8.debug("Message rejected: trust too low", { id: envelope.id, trustScore });
+        return { allowed: false, reason: "trust_too_low", trustScore };
+      }
+    } catch (err) {
+      logger8.warn("Trust score lookup failed, using 0", { did, error: err.message });
+    }
+    const rateLimitResult = await this.checkRateLimit(did, trustScore);
+    if (!rateLimitResult.allowed) {
+      logger8.debug("Message rejected: rate limited", {
         id: envelope.id,
-        from: envelope.from,
-        error: error.message
+        from: did,
+        resetTime: rateLimitResult.resetTime
       });
-      return;
-    }
-    logger5.info("Received message", {
-      id: envelope.id,
-      from: envelope.from,
-      to: envelope.to,
-      protocol: envelope.protocol,
-      payload: envelope.payload
+      return {
+        allowed: false,
+        reason: "rate_limited",
+        remainingTokens: rateLimitResult.remaining,
+        resetTime: rateLimitResult.resetTime
+      };
+    }
+    this.markAsSeen(envelope.id);
+    return { allowed: true, trustScore, remainingTokens: rateLimitResult.remaining };
+  }
+  // ─── Blocklist ────────────────────────────────────────────────────────────
+  async blockAgent(did, reason, blockedBy = "local") {
+    await this.storage.putBlock({ did, reason, blockedAt: Date.now(), blockedBy });
+    logger8.info("Agent blocked", { did, reason });
+  }
+  async unblockAgent(did) {
+    await this.storage.deleteBlock(did);
+    logger8.info("Agent unblocked", { did });
+  }
+  async isBlocked(did) {
+    return await this.storage.getBlock(did) !== null;
+  }
+  // ─── Allowlist ────────────────────────────────────────────────────────────
+  async allowAgent(did, note) {
+    await this.storage.putAllow({ did, addedAt: Date.now(), note });
+    logger8.info("Agent allowlisted", { did });
+  }
+  async removeFromAllowlist(did) {
+    await this.storage.deleteAllow(did);
+    logger8.info("Agent removed from allowlist", { did });
+  }
+  async isAllowed(did) {
+    return await this.storage.getAllow(did) !== null;
+  }
+  // ─── Rate Limiting ────────────────────────────────────────────────────────
+  async checkRateLimit(did, trustScore) {
+    const tierConfig = getTierConfig(trustScore, this.tiers);
+    let bucket = this.buckets.get(did);
+    if (!bucket) {
+      const persisted = await this.storage.getRateLimit(did);
+      if (persisted) {
+        bucket = new TokenBucket(tierConfig, persisted.tokens, persisted.lastRefill);
+      } else {
+        bucket = new TokenBucket(tierConfig);
+      }
+      this.buckets.set(did, bucket);
+    }
+    const allowed = bucket.consume();
+    const state = bucket.toState();
+    await this.storage.putRateLimit({
+      did,
+      tokens: state.tokens,
+      lastRefill: state.lastRefill,
+      totalRequests: 0,
+      firstSeen: Date.now()
     });
-    const handler = handlers.get(envelope.protocol);
-    let response = void 0;
-    if (handler) {
-      response = await handler(envelope);
-    } else if (catchAllHandler) {
-      logger5.debug("Using catch-all handler for protocol", { protocol: envelope.protocol });
-      response = await catchAllHandler(envelope);
-    } else {
-      logger5.warn("No handler for protocol", { protocol: envelope.protocol });
-    }
-    if (response) {
-      const encoded = encodeMessage(response);
-      logger5.info("Sending response back to sender", {
-        responseId: response.id,
-        replyTo: response.replyTo,
-        size: encoded.length
-      });
-      await stream.sink(
-        (async function* () {
-          yield encoded;
-        })()
-      );
+    return {
+      allowed,
+      remaining: bucket.getRemaining(),
+      resetTime: bucket.getResetTime(),
+      limit: tierConfig.capacity
+    };
+  }
+  // ─── Seen Cache (deduplication) ───────────────────────────────────────────
+  hasSeen(messageId) {
+    return this.seenCache.has(messageId);
+  }
+  markAsSeen(messageId) {
+    if (this.seenCache.size >= this.MAX_SEEN_CACHE) {
+      const firstKey = this.seenCache.keys().next().value;
+      if (firstKey) this.seenCache.delete(firstKey);
     }
-  } catch (error) {
-    logger5.error("Error handling incoming message", error);
+    this.seenCache.set(messageId, Date.now());
+    this.storage.putSeen({ messageId, seenAt: Date.now(), fromDid: "" }).catch(() => {
+    });
   }
-}
+  /** Periodic cleanup of expired seen entries */
+  async cleanupSeen() {
+    const cutoff = Date.now() - this.seenTtlMs;
+    for (const [id, seenAt] of this.seenCache) {
+      if (seenAt < cutoff) this.seenCache.delete(id);
+    }
+    await this.storage.cleanupSeen(this.seenTtlMs);
+  }
+  /** Periodic cleanup of stale rate limit buckets (24h inactive) */
+  async cleanupRateLimits() {
+    const staleMs = 24 * 60 * 60 * 1e3;
+    const cutoff = Date.now() - staleMs;
+    for (const [did, bucket] of this.buckets) {
+      if (bucket.toState().lastRefill < cutoff) this.buckets.delete(did);
+    }
+    await this.storage.cleanupRateLimits(staleMs);
+  }
+};
 // src/trust/trust-score.ts
 var TrustMetrics = class {
@@ -1710,7 +2118,7 @@ function createDefaultTrustScore() {
     lastUpdated: Date.now()
   };
 }
-var logger6 = createLogger("interaction-history");
+var logger9 = createLogger("interaction-history");
 var InteractionHistory = class {
   db;
   constructor(dbPath) {
@@ -1721,14 +2129,14 @@ var InteractionHistory = class {
    */
   async open() {
     await this.db.open();
-    logger6.info("Interaction history database opened", { path: this.db.location });
+    logger9.info("Interaction history database opened", { path: this.db.location });
   }
   /**
    * Close database connection
    */
   async close() {
     await this.db.close();
-    logger6.info("Interaction history database closed");
+    logger9.info("Interaction history database closed");
   }
   /**
    * Record an interaction
@@ -1736,7 +2144,7 @@ var InteractionHistory = class {
   async record(interaction) {
     const key = `interaction:${interaction.agentDid}:${interaction.timestamp}`;
     await this.db.put(key, interaction);
-    logger6.debug("Recorded interaction", { agentDid: interaction.agentDid, type: interaction.type });
+    logger9.debug("Recorded interaction", { agentDid: interaction.agentDid, type: interaction.type });
   }
   /**
    * Get interaction history for an agent
@@ -1755,7 +2163,7 @@ var InteractionHistory = class {
         interactions.push(value);
       }
     } catch (error) {
-      logger6.error("Failed to get interaction history", { agentDid, error });
+      logger9.error("Failed to get interaction history", { agentDid, error });
     }
     return interactions;
   }
@@ -1794,7 +2202,7 @@ var InteractionHistory = class {
         }
       }
     } catch (error) {
-      logger6.error("Failed to get all agents", { error });
+      logger9.error("Failed to get all agents", { error });
     }
     return Array.from(agents);
   }
@@ -1811,7 +2219,7 @@ var InteractionHistory = class {
       keysToDelete.push(key);
     }
     await this.db.batch(keysToDelete.map((key) => ({ type: "del", key })));
-    logger6.info("Deleted interaction history", { agentDid, count: keysToDelete.length });
+    logger9.info("Deleted interaction history", { agentDid, count: keysToDelete.length });
   }
   /**
    * Clean up old interactions (older than 90 days)
@@ -1826,14 +2234,14 @@ var InteractionHistory = class {
     }
     if (keysToDelete.length > 0) {
       await this.db.batch(keysToDelete.map((key) => ({ type: "del", key })));
-      logger6.info("Cleaned up old interactions", { count: keysToDelete.length });
+      logger9.info("Cleaned up old interactions", { count: keysToDelete.length });
     }
     return keysToDelete.length;
   }
 };
 // src/trust/endorsement.ts
-var logger7 = createLogger("endorsement");
+var logger10 = createLogger("endorsement");
 var EndorsementManager = class {
   constructor(db, getPublicKey) {
     this.db = db;
@@ -1860,7 +2268,7 @@ var EndorsementManager = class {
       ...endorsement,
       signature
     };
-    logger7.info("Created endorsement", { from: fromDid, to: toDid, score });
+    logger10.info("Created endorsement", { from: fromDid, to: toDid, score });
     return signedEndorsement;
   }
   /**
@@ -1874,7 +2282,7 @@ var EndorsementManager = class {
       const publicKey = await this.getPublicKey(endorsement.from);
       return await verifyFn(signatureBytes, data, publicKey);
     } catch (error) {
-      logger7.error("Failed to verify endorsement", { error });
+      logger10.error("Failed to verify endorsement", { error });
       return false;
     }
   }
@@ -1884,7 +2292,7 @@ var EndorsementManager = class {
   async publish(endorsement) {
     const key = `endorsement:${endorsement.to}:${endorsement.from}`;
     await this.db.put(key, endorsement);
-    logger7.info("Published endorsement", { from: endorsement.from, to: endorsement.to });
+    logger10.info("Published endorsement", { from: endorsement.from, to: endorsement.to });
   }
   /**
    * Get all endorsements for an agent
@@ -1900,7 +2308,7 @@ var EndorsementManager = class {
         endorsements.push(value);
       }
     } catch (error) {
-      logger7.error("Failed to get endorsements", { agentDid, error });
+      logger10.error("Failed to get endorsements", { agentDid, error });
     }
     return endorsements;
   }
@@ -1916,7 +2324,7 @@ var EndorsementManager = class {
         }
       }
     } catch (error) {
-      logger7.error("Failed to get endorsements by agent", { fromDid, error });
+      logger10.error("Failed to get endorsements by agent", { fromDid, error });
     }
     return endorsements;
   }
@@ -1937,10 +2345,10 @@ var EndorsementManager = class {
   async deleteEndorsement(fromDid, toDid) {
     const key = `endorsement:${toDid}:${fromDid}`;
     await this.db.del(key);
-    logger7.info("Deleted endorsement", { from: fromDid, to: toDid });
+    logger10.info("Deleted endorsement", { from: fromDid, to: toDid });
   }
 };
-var logger8 = createLogger("sybil-defense");
+var logger11 = createLogger("sybil-defense");
 var SybilDefense = class {
   rateLimits = /* @__PURE__ */ new Map();
   peerFirstSeen = /* @__PURE__ */ new Map();
@@ -1970,7 +2378,7 @@ var SybilDefense = class {
   verifyChallenge(solution) {
     const { challenge, solution: solutionNonce } = solution;
     if (Date.now() - challenge.timestamp > 60 * 60 * 1e3) {
-      logger8.warn("Challenge expired", { did: challenge.did });
+      logger11.warn("Challenge expired", { did: challenge.did });
       return false;
     }
     const data = `${challenge.did}:${challenge.nonce}:${solutionNonce}`;
@@ -1978,9 +2386,9 @@ var SybilDefense = class {
     const leadingZeros = this.countLeadingZeroBits(hash);
     const valid = leadingZeros >= challenge.difficulty;
     if (valid) {
-      logger8.info("Challenge verified", { did: challenge.did, leadingZeros });
+      logger11.info("Challenge verified", { did: challenge.did, leadingZeros });
     } else {
-      logger8.warn("Challenge failed", { did: challenge.did, leadingZeros, required: challenge.difficulty });
+      logger11.warn("Challenge failed", { did: challenge.did, leadingZeros, required: challenge.difficulty });
     }
     return valid;
   }
@@ -2020,7 +2428,7 @@ var SybilDefense = class {
     record.requests = record.requests.filter(
       (t) => now - t < this.RATE_LIMIT_WINDOW
     );
-    logger8.debug("Recorded request", { did, count: record.requests.length });
+    logger11.debug("Recorded request", { did, count: record.requests.length });
   }
   /**
    * Get peer trust level based on age
@@ -2045,7 +2453,7 @@ var SybilDefense = class {
   recordPeerSeen(peerId) {
     if (!this.peerFirstSeen.has(peerId)) {
       this.peerFirstSeen.set(peerId, Date.now());
-      logger8.debug("Recorded new peer", { peerId });
+      logger11.debug("Recorded new peer", { peerId });
     }
   }
   /**
@@ -2059,7 +2467,7 @@ var SybilDefense = class {
         this.rateLimits.delete(did);
       }
     }
-    logger8.info("Cleaned up Sybil defense records", {
+    logger11.info("Cleaned up Sybil defense records", {
       rateLimits: this.rateLimits.size,
       peers: this.peerFirstSeen.size
     });
@@ -2092,7 +2500,7 @@ var SybilDefense = class {
     return count;
   }
 };
-var logger9 = createLogger("trust-system");
+var logger12 = createLogger("trust-system");
 var TrustSystem = class {
   metrics;
   history;
@@ -2115,14 +2523,14 @@ var TrustSystem = class {
    */
   async start() {
     await this.history.open();
-    logger9.info("Trust system started");
+    logger12.info("Trust system started");
   }
   /**
    * Shutdown the trust system
    */
   async stop() {
     await this.history.close();
-    logger9.info("Trust system stopped");
+    logger12.info("Trust system stopped");
   }
   /**
    * Record an interaction
@@ -2211,13 +2619,13 @@ var TrustSystem = class {
     await this.history.cleanup();
     this.sybilDefense.cleanup();
     this.trustCache.clear();
-    logger9.info("Trust system cleanup completed");
+    logger12.info("Trust system cleanup completed");
   }
 };
 function createTrustSystem(config) {
   return new TrustSystem(config);
 }
-export { CLAWIVERSE_CONTEXT, CapabilityMatcher, CapabilityTypes, ClawiverseError, DiscoveryError, EndorsementManager, IdentityError, InteractionHistory, LogLevel, Logger, MessagingError, ParameterTypes, SCHEMA_ORG_CONTEXT, SearchIndex, SemanticSearchEngine, SybilDefense, TransportError, TrustMetrics, TrustSystem, clawiverseContext, createAgentCard, createDHTOperations, createDefaultTrustScore, createEnvelope, createLegacyAgentCard, createLogger, createMessageRouter, createNode, createSemanticSearch, createTrustSystem, decodeAgentCard, decodeFromCBOR, decodeFromJSON, decodeMessage, decodeMessageJSON, deriveDID, downgradeToLegacyCard, encodeForDHT, encodeForWeb, encodeMessage, encodeMessageJSON, exportKeyPair, extractPublicKey, generateKeyPair, getAgentCardContext, getEncodedSize, importKeyPair, isLegacyCard, isValidContext, matchesCapability, sign, signAgentCard, signEnvelope, signMessage, upgradeLegacyCard, validateAgentCard, validateDID, validateEnvelope, verify, verifyAgentCard, verifyEnvelope, verifyMessage };
+export { CLAWIVERSE_CONTEXT, CapabilityMatcher, CapabilityTypes, ClawiverseError, DEFAULT_RATE_LIMIT_TIERS, DefenseMiddleware, DiscoveryError, EndorsementManager, IdentityError, InteractionHistory, LogLevel, Logger, MessageQueue, MessageStorage, MessagingError, ParameterTypes, RELAY_PROTOCOL_VERSION, SCHEMA_ORG_CONTEXT, SearchIndex, SemanticSearchEngine, SybilDefense, TokenBucket, TransportError, TrustMetrics, TrustSystem, clawiverseContext, createAgentCard, createDefaultTrustScore, createEnvelope, createLegacyAgentCard, createLogger, createMessageRouter, createRelayClient, createRelayIndexOperations, createSemanticSearch, createTrustSystem, decodeAgentCard, decodeFromCBOR, decodeFromJSON, decodeMessage, decodeMessageJSON, deriveDID, downgradeToLegacyCard, encodeForDHT, encodeForWeb, encodeMessage, encodeMessageJSON, exportKeyPair, extractPublicKey, generateKeyPair, getAgentCardContext, getEncodedSize, getTierConfig, importKeyPair, isLegacyCard, isValidContext, matchesCapability, sign, signAgentCard, signEnvelope, signMessage, upgradeLegacyCard, validateAgentCard, validateDID, validateEnvelope, verify, verifyAgentCard, verifyEnvelope, verifyMessage };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map