@hsuite/smart-engines-sdk 3.13.1 → 4.0.0

package/CHANGELOG.md

@@ -1,5 +1,40 @@
 # Changelog
 
+## 4.0.0 — 2026-06-25
+
+**SDK revision — align the surface to the REAL reachable endpoints; remove the un-ingressed-tier footguns.** Two profiles, two tiers: `BaasClient` is the app-as-proxy / external profile (host BaaS tier, `{gateway}/host/api/v3/baas/*`); `SmartEngineClient` is the in-cluster / validator-direct profile (raw `/api/v3/*` tier, un-ingressed at the gateway). The web3 authorization proxy is the HOST, which already exposes the entity value-movement routes — so value-movement now lives on `BaasClient.entities`, and the raw-tier transactions arm is removed from `BaasClient`.
+
+### Breaking changes
+
+- **Removed `BaasClient.transactions` (the `TransactionsClient` sub-client) and `BaasClient`'s internal `txHttp`.** This arm rooted at the RAW `{hostUrl}/api/v3/transactions` origin — a sibling of `/host` that is un-ingressed at the public gateway (RFC #1236), so every call from a gateway-routed `BaasClient` 404'd. That was the footgun. The `TransactionsClient` class itself is unchanged and still ships on `SmartEngineClient` (the validator-direct profile). Migration: external/app-as-proxy callers use `BaasClient.entities.{transfer,withdraw,mint,burn,compliance,trustline}` (host BaaS tier) or, for in-cluster prepare/execute, construct a `SmartEngineClient` with an explicit `validatorBaseUrl`.
+- **`SmartEngineClientConfig.baseUrl` → `validatorBaseUrl` (renamed, type-fence).** `SmartEngineClient` is now constructible ONLY with an explicit VALIDATOR origin. The rename makes it impossible to silently pass a gateway URL into the validator-direct client (whose raw `/api/v3/*` tier 404s at the gateway). Migration: `new SmartEngineClient({ baseUrl })` → `new SmartEngineClient({ validatorBaseUrl })`.
+- **Removed `SmartEngineClient.connectToCluster()` (and its `ClusterConnectionConfig` / `ClusterConnectionSeed` / `ClusterConnectionResult` types).** It resolved a cluster's `gatewayUrl` and fed it into a gateway-pointed `SmartEngineClient` — the same footgun. To reach web3 through a cluster use `BaasClient.connectToCluster({ network })` (host BaaS tier); for an explicit in-cluster validator origin use `new SmartEngineClient({ validatorBaseUrl })` or `SmartEngineClient.connectToNetwork(...)` (which resolves a real validator `apiEndpoint` from the HCS registry — never a gateway URL). `connectToNetwork` is unchanged.
+
+### Added
+
+- **`BaasClient.entities` value-movement (prepare-bytes only).** Six new methods mirroring the host's entity-scoped routes (`POST /api/v3/baas/entities/:entityId/{transfer,withdraw,mint,burn,compliance,trustline}`), each returning the host's `PreparedEntityTransactionResult` and threading `HttpCallOptions` (`onBehalfOf` / `customerToken` / `headers`) — owner-acting via the end user's Mode-1 customer-session JWT, exactly as `agents.execute`. The entity is the source / treasury / authority + fee-payer (resolved server-side; never named in the body), so a caller can never name a foreign payer or drain another account; a rule-deny surfaces as a 403 `rule_rejected` (use `isRuleRejected`), never as signed bytes. New signatures:
+  - `entities.transfer(entityId, body: TransferEntityRequest, opts?) → Promise<PreparedEntityTransactionResult>`
+  - `entities.withdraw(entityId, body: WithdrawEntityRequest, opts?) → Promise<PreparedEntityTransactionResult>`
+  - `entities.mint(entityId, body: MintEntityRequest, opts?) → Promise<PreparedEntityTransactionResult>`
+  - `entities.burn(entityId, body: BurnEntityRequest, opts?) → Promise<PreparedEntityTransactionResult>`
+  - `entities.compliance(entityId, body: ComplianceEntityRequest, opts?) → Promise<PreparedEntityTransactionResult>`
+  - `entities.trustline(entityId, body: TrustlineEntityRequest, opts?) → Promise<PreparedEntityTransactionResult>`
+  - New exported types: `TransferEntityRequest`, `WithdrawEntityRequest`, `MintEntityRequest`, `BurnEntityRequest`, `ComplianceEntityRequest`, `ComplianceAction`, `TrustlineEntityRequest`, `PreparedEntityTransactionResult`.
+
+## 3.14.0 — 2026-06-25
+
+### Added
+
+- **Agent + BaaS SDK completeness (from the showcase boundary audit).** Lets app-as-proxy consumers drop hand-rolled raw-fetch workarounds.
+  - `AgentsClient.certification(agentId, opts?)` → typed `AgentCertification` (entityId, owner/agent/treasury wallets, primaryChain, rulesHash, BLS group key, state-history topic, recent events + tx ids).
+  - `AgentsClient.fund()` now returns the discriminated union `AgentPreparedTransactionResponse | AgentPendingApprovalResponse` (the owner approval-threshold path), plus the `isAgentFundPending()` type guard.
+  - `AgentInfo` gains the on-chain DKG identity the host already returns: optional `agentWallet`, `treasuryAccount`, `entityId` (additive).
+  - `FunctionsClient.getCode(functionId, opts?)` → `BaasFunctionCode` (`{ functionId, code, codeHash }`) for function source reveal.
+  - `StorageClient.downloadWithMeta(cid, opts?)` → `{ bytes, contentType?, filename? }` (the bytes-only `download()` discards the headers), backed by a new `HttpClient.getBinaryWithMeta`.
+  - `HttpCallOptions.onBehalfOf` — owner-acting pass-through: forwards an end user's Mode-1 customer-session JWT as BOTH `Authorization: Bearer` and `X-Customer-Session-Claim` (no client-side signing; owner-gated agent routes accept only the Mode-1 JWT — the Mode-2 BLS claim is host-minted and rejected there). Distinct from the metering-only `customerToken`.
+  - Error helpers for consumers (e.g. a NestJS exception filter): `SdkHttpError.isRetryable` getter, `isSmartEngineSdkError()` guard, and `toHttpError()` (verbatim mapping with a sub-400 → 502 clamp).
+- **`EntitiesClient.prepareCreateAgent(req)` + `executeCreateAgent(req)` — payer-funded two-phase agent create.** Agent creation now mirrors the account create-flow: the synchronous `createAgent` 400s on payer-funded chains (e.g. `chain=xrpl uses prepare-create / execute-create`), so consumers drive the host's generic two-phase create (`POST /api/v3/baas/entities/prepare-create` + `/execute-create`, `entityType: 'agent'`). `prepareCreateAgent` returns `PreparedEntityCreation` (the unsigned payer-funding tx the dapp signs + submits) and `executeCreateAgent` returns `EntityCreationResult` after the validator finalizes (relaying the signed funding blob on XRPL/Stellar, threading the Hedera `createTxId` receipt). `prepareCreateAgent` remaps the agent's `primaryChain` onto the generic prepare/execute DTO's `chain` key. (#117)
+
 ## 3.8.0 — 2026-06-17
 
 ### Added

package/README.md

@@ -79,15 +79,15 @@ baas.setAppId(init.appId);
 ```ts
 import { SmartEngineClient } from '@hsuite/smart-engines-sdk';
 
-const { client, cluster, session } = await SmartEngineClient.connectToCluster({
-  network: 'testnet',           // resolves canonical gateway entrypoint
+const { client, validator, session } = await SmartEngineClient.connectToNetwork({
+  network: 'testnet',           // resolves a real validator origin from the HCS registry
   chain: 'xrpl',
   address: wallet.address,
   publicKey: wallet.publicKey,
   signFn: (challenge) => /* sign the challenge */ '',
 });
 
-// All sub-clients are wired against the discovered cluster
+// All sub-clients are wired against the discovered validator
 await client.tss.signMPC({ chain: 'hedera', entityId: '...', transactionBytes: '0x...' });
 await client.ipfs.upload(file, 'document.pdf');
 ```
@@ -115,8 +115,11 @@ const baas = new BaasClient({
   pathPrefix: '/host',          // gateway routes /host/* → smart-host
 });
 
+// `SmartEngineClient` is validator-direct: `validatorBaseUrl` MUST be a
+// validator origin, NEVER the gateway. Its raw `/api/v3/*` tier is un-ingressed
+// at the gateway (RFC #1236), so a gateway URL here 404s every call.
 const client = new SmartEngineClient({
-  baseUrl: 'https://v3-testnet-gateway.hsuite.network',
+  validatorBaseUrl: 'http://smart-validator:3000', // in-cluster validator origin
   authToken: '<jwt-from-validator-auth-verify>',
 });
 ```
@@ -357,12 +360,12 @@ await baas.deployment.rollback(init.appId, { toTag: 'v0' });
 
 For direct chain operations independent of BaaS — e.g., a custodial backend
 that creates accounts and tokens on behalf of users — use the methods on the
-`SmartEngineClient` returned by `connectToCluster`:
+`SmartEngineClient` returned by `connectToNetwork`:
 
 ```ts
 import { SmartEngineClient } from '@hsuite/smart-engines-sdk';
 
-const { client } = await SmartEngineClient.connectToCluster({
+const { client } = await SmartEngineClient.connectToNetwork({
   network: 'testnet',
   chain: 'xrpl',
   address: wallet.address,
@@ -420,7 +423,7 @@ import { SmartEngineModule } from '@hsuite/smart-engines-sdk/nestjs';
     SmartEngineModule.forRootAsync({
       imports: [ConfigModule],
       useFactory: (config: ConfigService) => ({
-        baseUrl: config.get('VALIDATOR_URL')!,
+        validatorBaseUrl: config.get('VALIDATOR_URL')!,
         timeout: 30000,
         testConnection: true,
         autoReconnect: true,

package/dist/index.d.ts

@@ -1956,6 +1956,7 @@ export declare class ClusterDiscoveryClient {
 }
 export type HttpCallOptions = {
 	customerToken?: string;
+	onBehalfOf?: string;
 	headers?: Record<string, string>;
 };
 export type HttpClient = {
@@ -1966,6 +1967,11 @@ export type HttpClient = {
 	delete<T = any>(path: string, opts?: HttpCallOptions): Promise<T>;
 	getText(path: string, opts?: HttpCallOptions): Promise<string>;
 	getBinary(path: string, opts?: HttpCallOptions): Promise<Uint8Array>;
+	getBinaryWithMeta(path: string, opts?: HttpCallOptions): Promise<{
+		bytes: Uint8Array;
+		contentType?: string;
+		filename?: string;
+	}>;
 	upload<T = any>(path: string, file: Blob | Buffer, filename: string, metadata?: Record<string, string>, fieldName?: string, opts?: HttpCallOptions): Promise<T>;
 	setAuthToken(token: string | undefined): void;
 	getAuthToken(): string | undefined;
@@ -1981,6 +1987,7 @@ export declare class SdkHttpError extends Error {
 	readonly statusCode: number;
 	readonly details?: any | undefined;
 	constructor(message: string, statusCode: number, details?: any | undefined);
+	get isRetryable(): boolean;
 }
 export declare function createHttpClient(config: HttpClientConfig): HttpClient;
 export declare function encodePathParam(param: string): string;
@@ -1992,6 +1999,14 @@ export interface RuleRejectedDetails {
 export declare function isRuleRejected(err: unknown): err is SdkHttpError & {
 	details: RuleRejectedDetails;
 };
+export declare function isSmartEngineSdkError(err: unknown): err is SdkHttpError;
+export declare function toHttpError(err: unknown): {
+	statusCode: number;
+	code: string;
+	message: string;
+	isRetryable: boolean;
+	details?: unknown;
+};
 export type DiscoveryClusterEndpoints = {
 	clusterId: string;
 	gatewayUrl: string;
@@ -3839,6 +3854,29 @@ export type AgentInfo = {
 	owner: string;
 	createdAt: string;
 	lastActiveAt?: string;
+	agentWallet?: string;
+	treasuryAccount?: string;
+	entityId?: string;
+};
+export type AgentCertification = {
+	agentId: string;
+	entityId?: string;
+	ownerWallet?: string;
+	status?: string;
+	agentWallet?: string;
+	treasuryAccount?: string;
+	primaryChain?: string;
+	rulesHash?: string;
+	ruleRef?: string;
+	blsGroupPublicKey?: string;
+	stateHistoryTopicId?: string;
+	recentEvents: Array<{
+		agentId: string;
+		type: string;
+		payload: Record<string, unknown>;
+		timestamp: string;
+	}>;
+	recentTxIds: string[];
 };
 export type AgentEvent = {
 	eventId: string;
@@ -3900,6 +3938,15 @@ export type AgentExecuteResponse = {
 export type AgentPreparedTransactionResponse = PreparedTransactionResponse & {
 	success: true;
 };
+export type AgentPendingApprovalResponse = {
+	success: true;
+	pendingOpId: string;
+	agentId: string;
+	action: string;
+	status: "awaiting_approval";
+	description: string;
+};
+export declare function isAgentFundPending(r: AgentPreparedTransactionResponse | AgentPendingApprovalResponse): r is AgentPendingApprovalResponse;
 export declare class AgentsClient {
 	private readonly http;
 	constructor(http: HttpClient);
@@ -3909,7 +3956,7 @@ export declare class AgentsClient {
 		agents: AgentInfo[];
 		total: number;
 	}>;
-	fund(agentId: string, request: AgentFundRequest, opts?: HttpCallOptions): Promise<AgentPreparedTransactionResponse>;
+	fund(agentId: string, request: AgentFundRequest, opts?: HttpCallOptions): Promise<AgentPreparedTransactionResponse | AgentPendingApprovalResponse>;
 	trade(agentId: string, request: AgentTradeRequest, opts?: HttpCallOptions): Promise<AgentPreparedTransactionResponse>;
 	withdraw(agentId: string, request: AgentWithdrawRequest, opts?: HttpCallOptions): Promise<AgentPreparedTransactionResponse>;
 	execute(agentId: string, request: AgentExecuteRequest, opts?: HttpCallOptions): Promise<AgentExecuteResponse & {
@@ -3927,6 +3974,7 @@ export declare class AgentsClient {
 		success: boolean;
 		status: string;
 	}>;
+	certification(agentId: string, opts?: HttpCallOptions): Promise<AgentCertification>;
 	updateRules(agentId: string, rules: Partial<AgentRules>, opts?: HttpCallOptions): Promise<AgentInfo>;
 	getEvents(agentId: string, opts?: HttpCallOptions): Promise<{
 		events: AgentEvent[];
@@ -4212,6 +4260,11 @@ export type BaasFunctionInfo = {
 	lastInvokedAt?: string;
 	invocationCount: number;
 };
+export type BaasFunctionCode = {
+	functionId: string;
+	code: string | null;
+	codeHash?: string;
+};
 export type BaasFunctionLog = {
 	timestamp: string;
 	level: "debug" | "info" | "warn" | "error";
@@ -4688,7 +4741,7 @@ export declare class OperatorClient {
 	getTopup(chain: OperatorChain, accountId: string): Promise<OperatorTopUpResponse>;
 }
 export interface SmartEngineClientConfig {
-	baseUrl: string;
+	validatorBaseUrl: string;
 	apiKey?: string;
 	authToken?: string;
 	timeout?: number;
@@ -4708,35 +4761,6 @@ export interface NetworkConnectionConfig {
 	mirrorNodeUrl?: string;
 	allowInsecure?: boolean;
 }
-export interface ClusterConnectionAuth {
-	chain: AuthChain;
-	address: string;
-	publicKey: string;
-	signFn: (challenge: string) => string | Promise<string>;
-	metadata?: {
-		appId?: string;
-		appName?: string;
-	};
-	trustAnchor?: {
-		network: "mainnet" | "testnet" | "previewnet";
-		registryTopicId: string;
-		mirrorNodeUrl?: string;
-	};
-	allowInsecure?: boolean;
-}
-export type ClusterConnectionSeed = {
-	bootstrap: string[];
-	network?: never;
-} | {
-	bootstrap?: never;
-	network: NetworkName;
-};
-export type ClusterConnectionConfig = ClusterConnectionSeed & ClusterConnectionAuth;
-export interface ClusterConnectionResult {
-	client: SmartEngineClient;
-	cluster: ClusterInfo;
-	session: AuthenticateResponse;
-}
 export interface NetworkConnectionResult {
 	client: SmartEngineClient;
 	validator: ValidatorInfo;
@@ -4774,7 +4798,6 @@ export declare class SmartEngineClient {
 	constructor(config: SmartEngineClientConfig);
 	static fromEnv(env: Record<string, string | undefined>): SmartEngineClient;
 	static connectToNetwork(config: NetworkConnectionConfig): Promise<NetworkConnectionResult>;
-	static connectToCluster(config: ClusterConnectionConfig): Promise<ClusterConnectionResult>;
 	getBaseUrl(): string;
 	isAuthenticated(): boolean;
 	getHttpHealth(): {
@@ -5513,6 +5536,11 @@ export declare class StorageClient {
 	constructor(http: HttpClient, getAppId: () => string);
 	upload(file: Blob | Buffer, filename: string, metadata?: Record<string, string>, opts?: HttpCallOptions): Promise<BaasUploadResult>;
 	download(cid: string, opts?: HttpCallOptions): Promise<Uint8Array>;
+	downloadWithMeta(cid: string, opts?: HttpCallOptions): Promise<{
+		bytes: Uint8Array;
+		contentType?: string;
+		filename?: string;
+	}>;
 	getMetadata(cid: string, opts?: HttpCallOptions): Promise<BaasFileMetadata>;
 	delete(cid: string, opts?: HttpCallOptions): Promise<{
 		success: boolean;
@@ -5543,6 +5571,7 @@ export declare class FunctionsClient {
 		total: number;
 	}>;
 	get(functionId: string, opts?: HttpCallOptions): Promise<BaasFunctionInfo>;
+	getCode(functionId: string, opts?: HttpCallOptions): Promise<BaasFunctionCode>;
 	update(functionId: string, updates: Partial<BaasFunctionDeployRequest>, opts?: HttpCallOptions): Promise<BaasFunctionInfo>;
 	delete(functionId: string, opts?: HttpCallOptions): Promise<{
 		success: boolean;
@@ -25297,6 +25326,9 @@ export type CreateAgentRequest = {
 	ruleRef: RuleRef;
 	name: string;
 	agentType?: string;
+	securityMode?: EntitySecurityMode;
+	payerAccountId?: string;
+	fundWith?: FundWith;
 };
 export type EntityCreationResult = {
 	entityId: string;
@@ -25347,6 +25379,56 @@ export type LaunchpadEntityResult = {
 	tokenId: string;
 	chainAccounts: Record<string, string>;
 };
+export type TransferEntityRequest = {
+	chain: ChainType;
+	to: string;
+	amount: string;
+	tokenId?: string;
+	memo?: string;
+};
+export type WithdrawEntityRequest = {
+	chain: ChainType;
+	destination: string;
+	amount: string;
+	tokenId?: string;
+	memo?: string;
+};
+export type MintEntityRequest = {
+	chain: ChainType;
+	tokenId: string;
+	amount: string;
+	memo?: string;
+};
+export type BurnEntityRequest = {
+	chain: ChainType;
+	tokenId: string;
+	amount: string;
+	memo?: string;
+};
+export type ComplianceAction = "pause" | "restrict" | "wipe";
+export type ComplianceEntityRequest = {
+	action: ComplianceAction;
+	chain: ChainType;
+	tokenId: string;
+	account?: string;
+	amount?: string;
+	memo?: string;
+};
+export type TrustlineEntityRequest = {
+	chain: ChainType;
+	currency: string;
+	issuerAddress: string;
+	limit?: string;
+};
+export type PreparedEntityTransactionResult = {
+	chain: string;
+	transactionId: string;
+	transactionBytes: string;
+	transactionType?: string;
+	payerAccountId?: string;
+	expiresAt?: string;
+	metadata?: Record<string, unknown>;
+};
 export declare class EntitiesClient {
 	private readonly http;
 	constructor(http: HttpClient);
@@ -25380,9 +25462,23 @@ export declare class EntitiesClient {
 	}): Promise<EntityCreationResult>;
 	createTopic(req: CreateTopicRequest): Promise<EntityCreationResult>;
 	createAgent(req: CreateAgentRequest): Promise<EntityCreationResult>;
+	prepareCreateAgent(req: Omit<CreateAgentRequest, "fundWith">): Promise<PreparedEntityCreation>;
+	executeCreateAgent(req: {
+		entityId: string;
+		chain: ChainType;
+		securityMode?: EntitySecurityMode;
+		signedFundingBlob?: string;
+		createTxId?: string;
+	}): Promise<EntityCreationResult>;
 	launchpad(req: LaunchpadEntityRequest): Promise<LaunchpadEntityResult>;
 	get(entityId: string): Promise<EntityInfo>;
 	listByOwner(filter?: ListEntitiesFilter): Promise<ListEntitiesResponse>;
+	transfer(entityId: string, body: TransferEntityRequest, opts?: HttpCallOptions): Promise<PreparedEntityTransactionResult>;
+	withdraw(entityId: string, body: WithdrawEntityRequest, opts?: HttpCallOptions): Promise<PreparedEntityTransactionResult>;
+	mint(entityId: string, body: MintEntityRequest, opts?: HttpCallOptions): Promise<PreparedEntityTransactionResult>;
+	burn(entityId: string, body: BurnEntityRequest, opts?: HttpCallOptions): Promise<PreparedEntityTransactionResult>;
+	compliance(entityId: string, body: ComplianceEntityRequest, opts?: HttpCallOptions): Promise<PreparedEntityTransactionResult>;
+	trustline(entityId: string, body: TrustlineEntityRequest, opts?: HttpCallOptions): Promise<PreparedEntityTransactionResult>;
 }
 export type AuthenticateOptions = {
 	chain: BaasSupportedChain;
@@ -25416,7 +25512,6 @@ export declare class BaasClient {
 	private readonly timeout;
 	private readonly allowInsecure;
 	private readonly http;
-	private readonly txHttp;
 	private lastHttpError?;
 	private authContext?;
 	readonly db: DatabaseClient;
@@ -25428,7 +25523,6 @@ export declare class BaasClient {
 	readonly customerSession: CustomerSessionClient;
 	readonly rules: RulesClient;
 	readonly entities: EntitiesClient;
-	readonly transactions: TransactionsClient;
 	constructor(config: BaasClientConfig);
 	static connectToCluster(config: BaasConnectToClusterConfig): Promise<BaasClient>;
 	setAppId(appId: string): void;
@@ -25648,7 +25742,7 @@ declare namespace personhood {
 	export { PERSONHOOD_VERIFIER_NOT_CONFIGURED, PersonhoodAttestationMethod, PersonhoodCert, PersonhoodClient, PersonhoodProof, PersonhoodVerifyParams, isPersonhoodVerifierNotConfigured };
 }
 declare namespace baas {
-	export { AgentBalance, AgentEvent, AgentFundRequest, AgentInfo, AgentOperation, AgentRegisterRequest, AgentRules, AgentRulesValidationResult, AgentStatus, AgentTradeRequest, AgentWithdrawRequest, AgentsClient, AuthenticateOptions, BaasAppListResponse, BaasAuthConfig, BaasAuthResult, BaasChallengeRequest, BaasChallengeResponse, BaasChannelConfig, BaasClient, BaasClientConfig, BaasConnectToClusterConfig, BaasDeleteResult, BaasDeployRequest, BaasDeployResponse, BaasDocument, BaasEndpoints, BaasError, BaasErrorDetails, BaasErrorResponse, BaasFileInfo, BaasFileMetadata, BaasFindResult, BaasFunctionDeployRequest, BaasFunctionDeployResult, BaasFunctionEvalRequest, BaasFunctionInfo, BaasFunctionLog, BaasFunctionLogOptions, BaasFunctionResources, BaasFunctionResult, BaasFunctionRuntime, BaasHistoryOptions, BaasInitRequest, BaasInitResponse, BaasInsertResult, BaasMerkleProof, BaasMessage, BaasPresenceInfo, BaasPresenceMember, BaasPublishResult, BaasQueryOptions, BaasReissuePushCredentialsResponse, BaasRevokeKekResponse, BaasRollbackRequest, BaasRotateKekResponse, BaasRuntimeStatus, BaasService, BaasSessionInfo, BaasSetWebhookResponse, BaasSignedCode, BaasStateTransition, BaasStorageUsage, BaasSupportedChain, BaasTriggerType, BaasUpdateResult, BaasUploadFrontendResponse, BaasUploadResult, BaasVerifyRequest, ChannelSubscription, CreateAccountRequest$1 as BaasCreateAccountRequest, CreateAgentRequest, CreateTokenRequest$1 as CreateTokenRequest, CreateTopicRequest, DatabaseClient, DatabaseStatsResponse, DbComparisonOperator, DbDocument, DbQuery, DeployedApp, DeployedAppInfo, DeployedAppLimits, DeployedAppStatus, DeployedAppUsage, DeploymentClient, DeprecateRuleResponse, DocumentProofResponse, EntitiesClient, EntityCreationResult, EntityInfo, EntitySecurityMode, EntityType$1 as BaasEntityType, FunctionsClient, FundWith, LaunchpadEntityRequest, LaunchpadEntityResult, ListEntitiesFilter, ListEntitiesResponse, ListRulesFilter, ListRulesResponse, MessageHandler, MessagingClient, PreparedEntityCreation, PublishRuleResponse, RulesClient, SimulateRuleRequest, StateRootResponse, StateTransitionsResponse, StorageClient, ValidationResult, VersionHistoryResponse, validateAgentRules };
+	export { AgentBalance, AgentCertification, AgentEvent, AgentFundRequest, AgentInfo, AgentOperation, AgentPendingApprovalResponse, AgentPreparedTransactionResponse, AgentRegisterRequest, AgentRules, AgentRulesValidationResult, AgentStatus, AgentTradeRequest, AgentWithdrawRequest, AgentsClient, AuthenticateOptions, BaasAppListResponse, BaasAuthConfig, BaasAuthResult, BaasChallengeRequest, BaasChallengeResponse, BaasChannelConfig, BaasClient, BaasClientConfig, BaasConnectToClusterConfig, BaasDeleteResult, BaasDeployRequest, BaasDeployResponse, BaasDocument, BaasEndpoints, BaasError, BaasErrorDetails, BaasErrorResponse, BaasFileInfo, BaasFileMetadata, BaasFindResult, BaasFunctionCode, BaasFunctionDeployRequest, BaasFunctionDeployResult, BaasFunctionEvalRequest, BaasFunctionInfo, BaasFunctionLog, BaasFunctionLogOptions, BaasFunctionResources, BaasFunctionResult, BaasFunctionRuntime, BaasHistoryOptions, BaasInitRequest, BaasInitResponse, BaasInsertResult, BaasMerkleProof, BaasMessage, BaasPresenceInfo, BaasPresenceMember, BaasPublishResult, BaasQueryOptions, BaasReissuePushCredentialsResponse, BaasRevokeKekResponse, BaasRollbackRequest, BaasRotateKekResponse, BaasRuntimeStatus, BaasService, BaasSessionInfo, BaasSetWebhookResponse, BaasSignedCode, BaasStateTransition, BaasStorageUsage, BaasSupportedChain, BaasTriggerType, BaasUpdateResult, BaasUploadFrontendResponse, BaasUploadResult, BaasVerifyRequest, BurnEntityRequest, ChannelSubscription, ComplianceAction, ComplianceEntityRequest, CreateAccountRequest$1 as BaasCreateAccountRequest, CreateAgentRequest, CreateTokenRequest$1 as CreateTokenRequest, CreateTopicRequest, DatabaseClient, DatabaseStatsResponse, DbComparisonOperator, DbDocument, DbQuery, DeployedApp, DeployedAppInfo, DeployedAppLimits, DeployedAppStatus, DeployedAppUsage, DeploymentClient, DeprecateRuleResponse, DocumentProofResponse, EntitiesClient, EntityCreationResult, EntityInfo, EntitySecurityMode, EntityType$1 as BaasEntityType, FunctionsClient, FundWith, LaunchpadEntityRequest, LaunchpadEntityResult, ListEntitiesFilter, ListEntitiesResponse, ListRulesFilter, ListRulesResponse, MessageHandler, MessagingClient, MintEntityRequest, PreparedEntityCreation, PreparedEntityTransactionResult, PublishRuleResponse, RulesClient, SimulateRuleRequest, StateRootResponse, StateTransitionsResponse, StorageClient, TransferEntityRequest, TrustlineEntityRequest, ValidationResult, VersionHistoryResponse, WithdrawEntityRequest, isAgentFundPending, validateAgentRules };
 }
 declare namespace pqcVerify {
 	export { FetchRegistryOptions, PqcCertV1, PqcCertV1Schema, PqcCertV1Signer, ValidatorRegistrySnapshot, VerifyResult, fetchRegistrySnapshot, parsePqcCert, verifyPqcAttestation };