npm - @layr-labs/ecloud-sdk - Versions diffs - 0.2.1-dev → 0.2.2-dev - Mend

@layr-labs/ecloud-sdk 0.2.1-dev → 0.2.2-dev

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/VERSION +2 -2
package/dist/billing.cjs +13 -5
package/dist/billing.cjs.map +1 -1
package/dist/billing.d.cts +1 -1
package/dist/billing.d.ts +1 -1
package/dist/billing.js +13 -5
package/dist/billing.js.map +1 -1
package/dist/browser.cjs +2106 -62
package/dist/browser.cjs.map +1 -1
package/dist/browser.d.cts +202 -5
package/dist/browser.d.ts +202 -5
package/dist/browser.js +2069 -67
package/dist/browser.js.map +1 -1
package/dist/{compute-B85ikS78.d.ts → compute-BYhSs8en.d.ts} +1 -1
package/dist/{compute-CC0R7HEu.d.cts → compute-Bpjb3hYD.d.cts} +1 -1
package/dist/compute.cjs +237 -22
package/dist/compute.cjs.map +1 -1
package/dist/compute.d.cts +2 -2
package/dist/compute.d.ts +2 -2
package/dist/compute.js +238 -27
package/dist/compute.js.map +1 -1
package/dist/helpers-CEvhJz7f.d.cts +742 -0
package/dist/helpers-CQuBwQnu.d.ts +742 -0
package/dist/{index-D5oW73Dx.d.cts → index-DeQzn_yM.d.cts} +309 -2
package/dist/{index-D5oW73Dx.d.ts → index-DeQzn_yM.d.ts} +309 -2
package/dist/index.cjs +394 -44
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +8 -88
package/dist/index.d.ts +8 -88
package/dist/index.js +384 -49
package/dist/index.js.map +1 -1
package/package.json +12 -2
package/dist/eip7702-CXCYfOnk.d.ts +0 -400
package/dist/eip7702-DeqoCP5b.d.cts +0 -400

package/dist/browser.js CHANGED Viewed

@@ -1,3 +1,15 @@
+// src/client/common/types/index.ts
+var noopLogger = {
+  debug: () => {
+  },
+  info: () => {
+  },
+  warn: () => {
+  },
+  error: () => {
+  }
+};
 // src/client/common/config/environment.ts
 var SEPOLIA_CHAIN_ID = 11155111;
 var MAINNET_CHAIN_ID = 1;
@@ -12,6 +24,14 @@ var ChainAddresses = {
     PermissionController: "0x44632dfBdCb6D3E21EF613B0ca8A6A0c618F5a37"
   }
 };
+var BILLING_ENVIRONMENTS = {
+  dev: {
+    billingApiServerURL: "https://billingapi-dev.eigencloud.xyz"
+  },
+  prod: {
+    billingApiServerURL: "https://billingapi.eigencloud.xyz"
+  }
+};
 var ENVIRONMENTS = {
   "sepolia-dev": {
     name: "sepolia",
@@ -70,6 +90,13 @@ function getEnvironmentConfig(environment, chainID) {
     chainID: BigInt(resolvedChainID)
   };
 }
+function getBillingEnvironmentConfig(build) {
+  const config = BILLING_ENVIRONMENTS[build];
+  if (!config) {
+    throw new Error(`Unknown billing environment: ${build}`);
+  }
+  return config;
+}
 function getBuildType() {
   const buildTimeType = true ? "dev"?.toLowerCase() : void 0;
   const runtimeType = process.env.BUILD_TYPE?.toLowerCase();
@@ -103,8 +130,13 @@ import { privateKeyToAccount } from "viem/accounts";
 // src/client/common/constants.ts
 import { sepolia, mainnet } from "viem/chains";
+var SUPPORTED_CHAINS = [mainnet, sepolia];
 // src/client/common/utils/helpers.ts
+function getChainFromID(chainID, fallback = sepolia2) {
+  const id = Number(chainID);
+  return extractChain({ chains: SUPPORTED_CHAINS, id }) || fallback;
+}
 function addHexPrefix(value) {
   return value.startsWith("0x") ? value : `0x${value}`;
 }
@@ -338,6 +370,160 @@ async function calculatePermissionSignature(options) {
   });
   return { signature, digest };
 }
+var generateBillingSigData = (product, expiry) => {
+  return {
+    domain: {
+      name: "EigenCloud Billing API",
+      version: "1"
+    },
+    types: {
+      BillingAuth: [
+        { name: "product", type: "string" },
+        { name: "expiry", type: "uint256" }
+      ]
+    },
+    primaryType: "BillingAuth",
+    message: {
+      product,
+      expiry
+    }
+  };
+};
+async function calculateBillingAuthSignature(options) {
+  const { walletClient, product, expiry } = options;
+  const account = walletClient.account;
+  if (!account) {
+    throw new Error("WalletClient must have an account attached");
+  }
+  const signature = await walletClient.signTypedData({
+    account,
+    ...generateBillingSigData(product, expiry)
+  });
+  return { signature, expiry };
+}
+// src/client/common/auth/session.ts
+var SessionError = class extends Error {
+  constructor(message, code, statusCode) {
+    super(message);
+    this.code = code;
+    this.statusCode = statusCode;
+    this.name = "SessionError";
+  }
+};
+function stripHexPrefix2(hex) {
+  return hex.startsWith("0x") ? hex.slice(2) : hex;
+}
+async function parseErrorResponse(response) {
+  try {
+    const data = await response.json();
+    return data.error || response.statusText;
+  } catch {
+    return response.statusText;
+  }
+}
+async function loginToComputeApi(config, request) {
+  let response;
+  try {
+    response = await fetch(`${config.baseUrl}/auth/siwe/login`, {
+      method: "POST",
+      credentials: "include",
+      // Include cookies for session management
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({
+        message: request.message,
+        signature: stripHexPrefix2(request.signature)
+      })
+    });
+  } catch (error) {
+    throw new SessionError(
+      `Network error connecting to ${config.baseUrl}: ${error instanceof Error ? error.message : String(error)}`,
+      "NETWORK_ERROR"
+    );
+  }
+  if (!response.ok) {
+    const errorMessage = await parseErrorResponse(response);
+    const status = response.status;
+    if (status === 400) {
+      if (errorMessage.toLowerCase().includes("siwe")) {
+        throw new SessionError(`Invalid SIWE message: ${errorMessage}`, "INVALID_MESSAGE", status);
+      }
+      throw new SessionError(`Bad request: ${errorMessage}`, "INVALID_MESSAGE", status);
+    }
+    if (status === 401) {
+      throw new SessionError(`Invalid signature: ${errorMessage}`, "INVALID_SIGNATURE", status);
+    }
+    throw new SessionError(`Login failed: ${errorMessage}`, "UNKNOWN", status);
+  }
+  const data = await response.json();
+  return {
+    success: data.success,
+    address: data.address
+  };
+}
+async function getComputeApiSession(config) {
+  let response;
+  try {
+    response = await fetch(`${config.baseUrl}/auth/session`, {
+      method: "GET",
+      credentials: "include",
+      // Include cookies for session management
+      headers: {
+        "Content-Type": "application/json"
+      }
+    });
+  } catch {
+    return {
+      authenticated: false
+    };
+  }
+  if (response.status === 401) {
+    return {
+      authenticated: false
+    };
+  }
+  if (!response.ok) {
+    const errorMessage = await parseErrorResponse(response);
+    throw new SessionError(`Failed to get session: ${errorMessage}`, "UNKNOWN", response.status);
+  }
+  const data = await response.json();
+  return {
+    authenticated: data.authenticated,
+    address: data.address,
+    chainId: data.chain_id
+  };
+}
+async function logoutFromComputeApi(config) {
+  let response;
+  try {
+    response = await fetch(`${config.baseUrl}/auth/logout`, {
+      method: "POST",
+      credentials: "include",
+      // Include cookies for session management
+      headers: {
+        "Content-Type": "application/json"
+      }
+    });
+  } catch (error) {
+    throw new SessionError(
+      `Network error connecting to ${config.baseUrl}: ${error instanceof Error ? error.message : String(error)}`,
+      "NETWORK_ERROR"
+    );
+  }
+  if (response.status === 401) {
+    return;
+  }
+  if (!response.ok) {
+    const errorMessage = await parseErrorResponse(response);
+    throw new SessionError(`Logout failed: ${errorMessage}`, "UNKNOWN", response.status);
+  }
+}
+async function isSessionValid(config) {
+  const session = await getComputeApiSession(config);
+  return session.authenticated;
+}
 // src/client/common/utils/userapi.ts
 function isJsonObject(value) {
@@ -356,15 +542,16 @@ var CanViewAppLogsPermission = "0x2fd3f2fe";
 var CanViewSensitiveAppInfoPermission = "0x0e67b22f";
 var CanUpdateAppProfilePermission = "0x036fef61";
 function getDefaultClientId() {
-  const version = true ? "0.2.1-dev" : "0.0.0";
+  const version = true ? "0.2.2-dev" : "0.0.0";
   return `ecloud-sdk/v${version}`;
 }
 var UserApiClient = class {
-  constructor(config, walletClient, publicClient, clientId) {
+  constructor(config, walletClient, publicClient, options) {
     this.config = config;
     this.walletClient = walletClient;
     this.publicClient = publicClient;
-    this.clientId = clientId || getDefaultClientId();
+    this.clientId = options?.clientId || getDefaultClientId();
+    this.useSession = options?.useSession ?? false;
   }
   /**
    * Get the address of the connected wallet
@@ -452,7 +639,7 @@ var UserApiClient = class {
     const apps = result.apps || result.Apps || [];
     return apps.map((app, i) => ({
       address: app.address || appIDs[i],
-      status: app.status || app.Status || ""
+      status: app.app_status || app.App_Status || ""
     }));
   }
   /**
@@ -484,9 +671,11 @@ var UserApiClient = class {
     const headers = {
       "x-client-id": this.clientId
     };
-    const expiry = BigInt(Math.floor(Date.now() / 1e3) + 5 * 60);
-    const authHeaders = await this.generateAuthHeaders(CanUpdateAppProfilePermission, expiry);
-    Object.assign(headers, authHeaders);
+    if (!this.useSession) {
+      const expiry = BigInt(Math.floor(Date.now() / 1e3) + 5 * 60);
+      const authHeaders = await this.generateAuthHeaders(CanUpdateAppProfilePermission, expiry);
+      Object.assign(headers, authHeaders);
+    }
     try {
       const response = await axios.post(endpoint, formData, {
         headers,
@@ -495,8 +684,10 @@ var UserApiClient = class {
         // Don't throw on any status
         maxContentLength: Infinity,
         // Allow large file uploads
-        maxBodyLength: Infinity
+        maxBodyLength: Infinity,
         // Allow large file uploads
+        withCredentials: true
+        // Include cookies for session auth
       });
       const status = response.status;
       if (status !== 200 && status !== 201) {
@@ -530,7 +721,7 @@ Please check:
     const headers = {
       "x-client-id": this.clientId
     };
-    if (permission) {
+    if (permission && !this.useSession) {
       const expiry = BigInt(Math.floor(Date.now() / 1e3) + 5 * 60);
       const authHeaders = await this.generateAuthHeaders(permission, expiry);
       Object.assign(headers, authHeaders);
@@ -539,8 +730,10 @@ Please check:
       const response = await axios.get(url, {
         headers,
         maxRedirects: 0,
-        validateStatus: () => true
+        validateStatus: () => true,
         // Don't throw on any status
+        withCredentials: true
+        // Include cookies for session auth
       });
       const status = response.status;
       const statusText = status >= 200 && status < 300 ? "OK" : "Error";
@@ -582,6 +775,65 @@ Please check:
       "X-eigenx-expiry": expiry.toString()
     };
   }
+  // ==========================================================================
+  // SIWE Session Management
+  // ==========================================================================
+  /**
+   * Login to the compute API using SIWE (Sign-In with Ethereum)
+   *
+   * This establishes a session with the compute API by verifying the SIWE message
+   * and signature. On success, a session cookie is set in the browser.
+   *
+   * @param request - Login request containing SIWE message and signature
+   * @returns Login result with the authenticated address
+   *
+   * @example
+   * ```typescript
+   * import { createSiweMessage } from "@layr-labs/ecloud-sdk/browser";
+   *
+   * const { message } = createSiweMessage({
+   *   address: userAddress,
+   *   chainId: 11155111,
+   *   domain: window.location.host,
+   *   uri: window.location.origin,
+   * });
+   *
+   * const signature = await signMessageAsync({ message });
+   * const result = await client.siweLogin({ message, signature });
+   * ```
+   */
+  async siweLogin(request) {
+    return loginToComputeApi({ baseUrl: this.config.userApiServerURL }, request);
+  }
+  /**
+   * Logout from the compute API
+   *
+   * This destroys the current session and clears the session cookie.
+   *
+   * @example
+   * ```typescript
+   * await client.siweLogout();
+   * ```
+   */
+  async siweLogout() {
+    return logoutFromComputeApi({ baseUrl: this.config.userApiServerURL });
+  }
+  /**
+   * Get the current SIWE session status from the compute API
+   *
+   * @returns Session information including authentication status and address
+   *
+   * @example
+   * ```typescript
+   * const session = await client.getSiweSession();
+   * if (session.authenticated) {
+   *   console.log(`Logged in as ${session.address}`);
+   * }
+   * ```
+   */
+  async getSiweSession() {
+    return getComputeApiSession({ baseUrl: this.config.userApiServerURL });
+  }
 };
 function transformAppReleaseBuild(raw) {
   if (!isJsonObject(raw)) return void 0;
@@ -626,6 +878,241 @@ function transformAppRelease(raw) {
   };
 }
+// src/client/common/utils/billingapi.ts
+import axios2 from "axios";
+var BillingApiClient = class {
+  constructor(config, walletClient) {
+    this.config = config;
+    this.walletClient = walletClient;
+  }
+  /**
+   * Get the address of the connected wallet
+   */
+  get address() {
+    const account = this.walletClient.account;
+    if (!account) {
+      throw new Error("WalletClient must have an account attached");
+    }
+    return account.address;
+  }
+  async createSubscription(productId = "compute", options) {
+    const endpoint = `${this.config.billingApiServerURL}/products/${productId}/subscription`;
+    const body = options ? {
+      success_url: options.successUrl,
+      cancel_url: options.cancelUrl
+    } : void 0;
+    const resp = await this.makeAuthenticatedRequest(endpoint, "POST", productId, body);
+    return resp.json();
+  }
+  async getSubscription(productId = "compute") {
+    const endpoint = `${this.config.billingApiServerURL}/products/${productId}/subscription`;
+    const resp = await this.makeAuthenticatedRequest(endpoint, "GET", productId);
+    return resp.json();
+  }
+  async cancelSubscription(productId = "compute") {
+    const endpoint = `${this.config.billingApiServerURL}/products/${productId}/subscription`;
+    await this.makeAuthenticatedRequest(endpoint, "DELETE", productId);
+  }
+  /**
+   * Make an authenticated request to the billing API
+   */
+  async makeAuthenticatedRequest(url, method, productId, body) {
+    const expiry = BigInt(Math.floor(Date.now() / 1e3) + 5 * 60);
+    const { signature } = await calculateBillingAuthSignature({
+      walletClient: this.walletClient,
+      product: productId,
+      expiry
+    });
+    const headers = {
+      Authorization: `Bearer ${signature}`,
+      "X-Account": this.address,
+      "X-Expiry": expiry.toString()
+    };
+    if (body) {
+      headers["Content-Type"] = "application/json";
+    }
+    try {
+      const response = await axios2({
+        method,
+        url,
+        headers,
+        data: body,
+        timeout: 3e4,
+        maxRedirects: 0,
+        validateStatus: () => true
+        // Don't throw on any status
+      });
+      const status = response.status;
+      const statusText = status >= 200 && status < 300 ? "OK" : "Error";
+      if (status < 200 || status >= 300) {
+        const body2 = typeof response.data === "string" ? response.data : JSON.stringify(response.data);
+        throw new Error(`BillingAPI request failed: ${status} ${statusText} - ${body2}`);
+      }
+      return {
+        json: async () => response.data,
+        text: async () => typeof response.data === "string" ? response.data : JSON.stringify(response.data)
+      };
+    } catch (error) {
+      if (error.message?.includes("fetch failed") || error.message?.includes("ECONNREFUSED") || error.message?.includes("ENOTFOUND") || error.cause) {
+        const cause = error.cause?.message || error.cause || error.message;
+        throw new Error(
+          `Failed to connect to BillingAPI at ${url}: ${cause}
+Please check:
+1. Your internet connection
+2. The API server is accessible: ${this.config.billingApiServerURL}
+3. Firewall/proxy settings`
+        );
+      }
+      throw error;
+    }
+  }
+};
+// src/client/common/utils/buildapi.ts
+import axios3 from "axios";
+var MAX_RETRIES = 5;
+var INITIAL_BACKOFF_MS = 1e3;
+var MAX_BACKOFF_MS = 3e4;
+async function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function getRetryDelay(res, attempt) {
+  const retryAfter = res.headers["retry-after"];
+  if (retryAfter) {
+    const seconds = parseInt(retryAfter, 10);
+    if (!isNaN(seconds)) {
+      return Math.min(seconds * 1e3, MAX_BACKOFF_MS);
+    }
+  }
+  return Math.min(INITIAL_BACKOFF_MS * Math.pow(2, attempt), MAX_BACKOFF_MS);
+}
+async function requestWithRetry(config) {
+  let lastResponse;
+  for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+    const res = await axios3({ ...config, validateStatus: () => true });
+    lastResponse = res;
+    if (res.status !== 429) {
+      return res;
+    }
+    if (attempt < MAX_RETRIES) {
+      const delay = getRetryDelay(res, attempt);
+      await sleep(delay);
+    }
+  }
+  return lastResponse;
+}
+var BuildApiClient = class {
+  constructor(options) {
+    this.baseUrl = options.baseUrl.replace(/\/+$/, "");
+    this.clientId = options.clientId;
+    this.walletClient = options.walletClient;
+  }
+  /**
+   * Get the address of the connected wallet
+   */
+  get address() {
+    const account = this.walletClient?.account;
+    if (!account) {
+      throw new Error("WalletClient must have an account attached");
+    }
+    return account.address;
+  }
+  async submitBuild(payload) {
+    return this.authenticatedJsonRequest("/builds", "POST", payload);
+  }
+  async getBuild(buildId) {
+    return this.publicJsonRequest(`/builds/${encodeURIComponent(buildId)}`);
+  }
+  async getBuildByDigest(digest) {
+    return this.publicJsonRequest(`/builds/image/${encodeURIComponent(digest)}`);
+  }
+  async verify(identifier) {
+    return this.publicJsonRequest(`/builds/verify/${encodeURIComponent(identifier)}`);
+  }
+  async getLogs(buildId) {
+    return this.authenticatedTextRequest(`/builds/${encodeURIComponent(buildId)}/logs`);
+  }
+  async listBuilds(params) {
+    const res = await requestWithRetry({
+      url: `${this.baseUrl}/builds`,
+      method: "GET",
+      params,
+      headers: this.clientId ? { "x-client-id": this.clientId } : void 0,
+      timeout: 6e4
+    });
+    if (res.status < 200 || res.status >= 300) throw buildApiHttpError(res);
+    return res.data;
+  }
+  async publicJsonRequest(path) {
+    const res = await requestWithRetry({
+      url: `${this.baseUrl}${path}`,
+      method: "GET",
+      headers: this.clientId ? { "x-client-id": this.clientId } : void 0,
+      timeout: 6e4
+    });
+    if (res.status < 200 || res.status >= 300) throw buildApiHttpError(res);
+    return res.data;
+  }
+  async authenticatedJsonRequest(path, method, body) {
+    if (!this.walletClient?.account) {
+      throw new Error("WalletClient with account required for authenticated requests");
+    }
+    const headers = {
+      "Content-Type": "application/json"
+    };
+    if (this.clientId) headers["x-client-id"] = this.clientId;
+    const expiry = BigInt(Math.floor(Date.now() / 1e3) + 60);
+    const { signature } = await calculateBillingAuthSignature({
+      walletClient: this.walletClient,
+      product: "compute",
+      expiry
+    });
+    headers.Authorization = `Bearer ${signature}`;
+    headers["X-eigenx-expiry"] = expiry.toString();
+    headers["X-Account"] = this.address;
+    const res = await requestWithRetry({
+      url: `${this.baseUrl}${path}`,
+      method,
+      headers,
+      data: body,
+      timeout: 6e4
+    });
+    if (res.status < 200 || res.status >= 300) throw buildApiHttpError(res);
+    return res.data;
+  }
+  async authenticatedTextRequest(path) {
+    if (!this.walletClient?.account) {
+      throw new Error("WalletClient with account required for authenticated requests");
+    }
+    const headers = {};
+    if (this.clientId) headers["x-client-id"] = this.clientId;
+    const expiry = BigInt(Math.floor(Date.now() / 1e3) + 60);
+    const { signature } = await calculateBillingAuthSignature({
+      walletClient: this.walletClient,
+      product: "compute",
+      expiry
+    });
+    headers.Authorization = `Bearer ${signature}`;
+    headers["X-eigenx-expiry"] = expiry.toString();
+    headers["X-Account"] = this.address;
+    const res = await requestWithRetry({
+      url: `${this.baseUrl}${path}`,
+      method: "GET",
+      headers,
+      timeout: 6e4,
+      responseType: "text"
+    });
+    if (res.status < 200 || res.status >= 300) throw buildApiHttpError(res);
+    return typeof res.data === "string" ? res.data : JSON.stringify(res.data);
+  }
+};
+function buildApiHttpError(res) {
+  const status = res.status;
+  const body = typeof res.data === "string" ? res.data : res.data ? JSON.stringify(res.data) : "";
+  const url = res.config?.url ? ` ${res.config.url}` : "";
+  return new Error(`BuildAPI request failed: ${status}${url} - ${body || "Unknown error"}`);
+}
 // src/client/common/contract/eip7702.ts
 import { encodeFunctionData, encodeAbiParameters, decodeErrorResult } from "viem";
@@ -1706,13 +2193,99 @@ async function estimateBatchGas(options) {
     maxCostEth: formatETH(maxCostWei)
   };
 }
+async function checkERC7702Delegation(publicClient, account, delegatorAddress) {
+  const code = await publicClient.getCode({ address: account });
+  if (!code) {
+    return false;
+  }
+  const expectedCode = `0xef0100${delegatorAddress.slice(2)}`;
+  return code.toLowerCase() === expectedCode.toLowerCase();
+}
+async function executeBatch(options, logger = noopLogger) {
+  const { walletClient, publicClient, environmentConfig, executions, pendingMessage, gas } = options;
+  const account = walletClient.account;
+  if (!account) {
+    throw new Error("Wallet client must have an account");
+  }
+  const chain = walletClient.chain;
+  if (!chain) {
+    throw new Error("Wallet client must have a chain");
+  }
+  const executeBatchData = encodeExecuteBatchData(executions);
+  const isDelegated2 = await checkERC7702Delegation(
+    publicClient,
+    account.address,
+    environmentConfig.erc7702DelegatorAddress
+  );
+  let authorizationList = [];
+  if (!isDelegated2) {
+    const transactionNonce = await publicClient.getTransactionCount({
+      address: account.address,
+      blockTag: "pending"
+    });
+    const chainId = await publicClient.getChainId();
+    const authorizationNonce = transactionNonce + 1;
+    logger.debug("Using wallet client signing for EIP-7702 authorization");
+    const signedAuthorization = await walletClient.signAuthorization({
+      account: account.address,
+      contractAddress: environmentConfig.erc7702DelegatorAddress,
+      chainId,
+      nonce: Number(authorizationNonce)
+    });
+    authorizationList = [signedAuthorization];
+  }
+  if (pendingMessage) {
+    logger.info(pendingMessage);
+  }
+  const txRequest = {
+    account: walletClient.account,
+    chain,
+    to: account.address,
+    data: executeBatchData,
+    value: 0n
+  };
+  if (authorizationList.length > 0) {
+    txRequest.authorizationList = authorizationList;
+  }
+  if (gas?.maxFeePerGas) {
+    txRequest.maxFeePerGas = gas.maxFeePerGas;
+  }
+  if (gas?.maxPriorityFeePerGas) {
+    txRequest.maxPriorityFeePerGas = gas.maxPriorityFeePerGas;
+  }
+  const hash = await walletClient.sendTransaction(txRequest);
+  logger.info(`Transaction sent: ${hash}`);
+  const receipt = await publicClient.waitForTransactionReceipt({ hash });
+  if (receipt.status === "reverted") {
+    let revertReason = "Unknown reason";
+    try {
+      await publicClient.call({
+        to: account.address,
+        data: executeBatchData,
+        account: account.address
+      });
+    } catch (callError) {
+      if (callError.data) {
+        try {
+          const decoded = decodeErrorResult({
+            abi: ERC7702Delegator_default,
+            data: callError.data
+          });
+          revertReason = `${decoded.errorName}: ${JSON.stringify(decoded.args)}`;
+        } catch {
+          revertReason = callError.message || "Unknown reason";
+        }
+      } else {
+        revertReason = callError.message || "Unknown reason";
+      }
+    }
+    throw new Error(`Transaction reverted: ${hash}. Reason: ${revertReason}`);
+  }
+  return hash;
+}
 // src/client/common/contract/caller.ts
-import {
-  encodeFunctionData as encodeFunctionData2,
-  decodeErrorResult as decodeErrorResult2,
-  bytesToHex
-} from "viem";
+import { encodeFunctionData as encodeFunctionData2, decodeErrorResult as decodeErrorResult2, bytesToHex } from "viem";
 // src/client/common/abis/AppController.json
 var AppController_default = [
@@ -2762,57 +3335,1049 @@ var AppController_default = [
   }
 ];
-// src/client/common/contract/caller.ts
-function formatETH(wei) {
-  const eth = Number(wei) / 1e18;
-  const costStr = eth.toFixed(6);
-  const trimmed = costStr.replace(/\.?0+$/, "");
-  if (trimmed === "0" && wei > 0n) {
-    return "<0.000001";
-  }
-  return trimmed;
-}
-async function estimateTransactionGas(options) {
-  const { publicClient, from, to, data, value = 0n } = options;
-  const fees = await publicClient.estimateFeesPerGas();
-  const gasLimit = await publicClient.estimateGas({
-    account: from,
-    to,
-    data,
-    value
-  });
-  const maxFeePerGas = fees.maxFeePerGas;
-  const maxPriorityFeePerGas = fees.maxPriorityFeePerGas;
-  const maxCostWei = gasLimit * maxFeePerGas;
-  const maxCostEth = formatETH(maxCostWei);
-  return {
-    gasLimit,
-    maxFeePerGas,
-    maxPriorityFeePerGas,
-    maxCostWei,
-    maxCostEth
-  };
-}
-async function getActiveAppCount(publicClient, environmentConfig, user) {
-  const count = await publicClient.readContract({
-    address: environmentConfig.appControllerAddress,
-    abi: AppController_default,
-    functionName: "getActiveAppCount",
-    args: [user]
-  });
-  return Number(count);
-}
-async function getMaxActiveAppsPerUser(publicClient, environmentConfig, user) {
-  const quota = await publicClient.readContract({
-    address: environmentConfig.appControllerAddress,
-    abi: AppController_default,
-    functionName: "getMaxActiveAppsPerUser",
-    args: [user]
-  });
-  return Number(quota);
-}
-async function getAppsByCreator(publicClient, environmentConfig, creator, offset, limit) {
-  const result = await publicClient.readContract({
+// src/client/common/abis/PermissionController.json
+var PermissionController_default = [
+  {
+    type: "function",
+    name: "acceptAdmin",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "addPendingAdmin",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "admin",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "canCall",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "caller",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "target",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "selector",
+        type: "bytes4",
+        internalType: "bytes4"
+      }
+    ],
+    outputs: [
+      {
+        name: "",
+        type: "bool",
+        internalType: "bool"
+      }
+    ],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "getAdmins",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [
+      {
+        name: "",
+        type: "address[]",
+        internalType: "address[]"
+      }
+    ],
+    stateMutability: "view"
+  },
+  {
+    type: "function",
+    name: "getAppointeePermissions",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "appointee",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [
+      {
+        name: "",
+        type: "address[]",
+        internalType: "address[]"
+      },
+      {
+        name: "",
+        type: "bytes4[]",
+        internalType: "bytes4[]"
+      }
+    ],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "getAppointees",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "target",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "selector",
+        type: "bytes4",
+        internalType: "bytes4"
+      }
+    ],
+    outputs: [
+      {
+        name: "",
+        type: "address[]",
+        internalType: "address[]"
+      }
+    ],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "getPendingAdmins",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [
+      {
+        name: "",
+        type: "address[]",
+        internalType: "address[]"
+      }
+    ],
+    stateMutability: "view"
+  },
+  {
+    type: "function",
+    name: "isAdmin",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "caller",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [
+      {
+        name: "",
+        type: "bool",
+        internalType: "bool"
+      }
+    ],
+    stateMutability: "view"
+  },
+  {
+    type: "function",
+    name: "isPendingAdmin",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "pendingAdmin",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [
+      {
+        name: "",
+        type: "bool",
+        internalType: "bool"
+      }
+    ],
+    stateMutability: "view"
+  },
+  {
+    type: "function",
+    name: "removeAdmin",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "admin",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "removeAppointee",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "appointee",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "target",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "selector",
+        type: "bytes4",
+        internalType: "bytes4"
+      }
+    ],
+    outputs: [],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "removePendingAdmin",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "admin",
+        type: "address",
+        internalType: "address"
+      }
+    ],
+    outputs: [],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "setAppointee",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "appointee",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "target",
+        type: "address",
+        internalType: "address"
+      },
+      {
+        name: "selector",
+        type: "bytes4",
+        internalType: "bytes4"
+      }
+    ],
+    outputs: [],
+    stateMutability: "nonpayable"
+  },
+  {
+    type: "function",
+    name: "version",
+    inputs: [],
+    outputs: [
+      {
+        name: "",
+        type: "string",
+        internalType: "string"
+      }
+    ],
+    stateMutability: "view"
+  },
+  {
+    type: "event",
+    name: "AdminRemoved",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        indexed: true,
+        internalType: "address"
+      },
+      {
+        name: "admin",
+        type: "address",
+        indexed: false,
+        internalType: "address"
+      }
+    ],
+    anonymous: false
+  },
+  {
+    type: "event",
+    name: "AdminSet",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        indexed: true,
+        internalType: "address"
+      },
+      {
+        name: "admin",
+        type: "address",
+        indexed: false,
+        internalType: "address"
+      }
+    ],
+    anonymous: false
+  },
+  {
+    type: "event",
+    name: "AppointeeRemoved",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        indexed: true,
+        internalType: "address"
+      },
+      {
+        name: "appointee",
+        type: "address",
+        indexed: true,
+        internalType: "address"
+      },
+      {
+        name: "target",
+        type: "address",
+        indexed: false,
+        internalType: "address"
+      },
+      {
+        name: "selector",
+        type: "bytes4",
+        indexed: false,
+        internalType: "bytes4"
+      }
+    ],
+    anonymous: false
+  },
+  {
+    type: "event",
+    name: "AppointeeSet",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        indexed: true,
+        internalType: "address"
+      },
+      {
+        name: "appointee",
+        type: "address",
+        indexed: true,
+        internalType: "address"
+      },
+      {
+        name: "target",
+        type: "address",
+        indexed: false,
+        internalType: "address"
+      },
+      {
+        name: "selector",
+        type: "bytes4",
+        indexed: false,
+        internalType: "bytes4"
+      }
+    ],
+    anonymous: false
+  },
+  {
+    type: "event",
+    name: "PendingAdminAdded",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        indexed: true,
+        internalType: "address"
+      },
+      {
+        name: "admin",
+        type: "address",
+        indexed: false,
+        internalType: "address"
+      }
+    ],
+    anonymous: false
+  },
+  {
+    type: "event",
+    name: "PendingAdminRemoved",
+    inputs: [
+      {
+        name: "account",
+        type: "address",
+        indexed: true,
+        internalType: "address"
+      },
+      {
+        name: "admin",
+        type: "address",
+        indexed: false,
+        internalType: "address"
+      }
+    ],
+    anonymous: false
+  },
+  {
+    type: "error",
+    name: "AdminAlreadyPending",
+    inputs: []
+  },
+  {
+    type: "error",
+    name: "AdminAlreadySet",
+    inputs: []
+  },
+  {
+    type: "error",
+    name: "AdminNotPending",
+    inputs: []
+  },
+  {
+    type: "error",
+    name: "AdminNotSet",
+    inputs: []
+  },
+  {
+    type: "error",
+    name: "AppointeeAlreadySet",
+    inputs: []
+  },
+  {
+    type: "error",
+    name: "AppointeeNotSet",
+    inputs: []
+  },
+  {
+    type: "error",
+    name: "CannotHaveZeroAdmins",
+    inputs: []
+  },
+  {
+    type: "error",
+    name: "NotAdmin",
+    inputs: []
+  }
+];
+// src/client/common/contract/caller.ts
+function formatETH(wei) {
+  const eth = Number(wei) / 1e18;
+  const costStr = eth.toFixed(6);
+  const trimmed = costStr.replace(/\.?0+$/, "");
+  if (trimmed === "0" && wei > 0n) {
+    return "<0.000001";
+  }
+  return trimmed;
+}
+async function estimateTransactionGas(options) {
+  const { publicClient, from, to, data, value = 0n } = options;
+  const fees = await publicClient.estimateFeesPerGas();
+  const gasLimit = await publicClient.estimateGas({
+    account: from,
+    to,
+    data,
+    value
+  });
+  const maxFeePerGas = fees.maxFeePerGas;
+  const maxPriorityFeePerGas = fees.maxPriorityFeePerGas;
+  const maxCostWei = gasLimit * maxFeePerGas;
+  const maxCostEth = formatETH(maxCostWei);
+  return {
+    gasLimit,
+    maxFeePerGas,
+    maxPriorityFeePerGas,
+    maxCostWei,
+    maxCostEth
+  };
+}
+async function calculateAppID(options) {
+  const { publicClient, environmentConfig, ownerAddress, salt } = options;
+  const saltHexString = bytesToHex(salt).slice(2);
+  const paddedSaltHex = saltHexString.padStart(64, "0");
+  const saltHex = `0x${paddedSaltHex}`;
+  const appID = await publicClient.readContract({
+    address: environmentConfig.appControllerAddress,
+    abi: AppController_default,
+    functionName: "calculateAppId",
+    args: [ownerAddress, saltHex]
+  });
+  return appID;
+}
+async function prepareDeployBatch(options, logger = noopLogger) {
+  const { walletClient, publicClient, environmentConfig, salt, release, publicLogs } = options;
+  const account = walletClient.account;
+  if (!account) {
+    throw new Error("WalletClient must have an account attached");
+  }
+  logger.info("Calculating app ID...");
+  const appId = await calculateAppID({
+    publicClient,
+    environmentConfig,
+    ownerAddress: account.address,
+    salt
+  });
+  logger.debug(`App ID calculated: ${appId}`);
+  logger.debug(`This address will be used for acceptAdmin call`);
+  const saltHexString = bytesToHex(salt).slice(2);
+  const paddedSaltHex = saltHexString.padStart(64, "0");
+  const saltHex = `0x${paddedSaltHex}`;
+  const releaseForViem = {
+    rmsRelease: {
+      artifacts: release.rmsRelease.artifacts.map((artifact) => ({
+        digest: `0x${bytesToHex(artifact.digest).slice(2).padStart(64, "0")}`,
+        registry: artifact.registry
+      })),
+      upgradeByTime: release.rmsRelease.upgradeByTime
+    },
+    publicEnv: bytesToHex(release.publicEnv),
+    encryptedEnv: bytesToHex(release.encryptedEnv)
+  };
+  const createData = encodeFunctionData2({
+    abi: AppController_default,
+    functionName: "createApp",
+    args: [saltHex, releaseForViem]
+  });
+  const acceptAdminData = encodeFunctionData2({
+    abi: PermissionController_default,
+    functionName: "acceptAdmin",
+    args: [appId]
+  });
+  const executions = [
+    {
+      target: environmentConfig.appControllerAddress,
+      value: 0n,
+      callData: createData
+    },
+    {
+      target: environmentConfig.permissionControllerAddress,
+      value: 0n,
+      callData: acceptAdminData
+    }
+  ];
+  if (publicLogs) {
+    const anyoneCanViewLogsData = encodeFunctionData2({
+      abi: PermissionController_default,
+      functionName: "setAppointee",
+      args: [
+        appId,
+        "0x493219d9949348178af1f58740655951a8cd110c",
+        // AnyoneCanCallAddress
+        "0x57ee1fb74c1087e26446abc4fb87fd8f07c43d8d",
+        // ApiPermissionsTarget
+        "0x2fd3f2fe"
+        // CanViewAppLogsPermission
+      ]
+    });
+    executions.push({
+      target: environmentConfig.permissionControllerAddress,
+      value: 0n,
+      callData: anyoneCanViewLogsData
+    });
+  }
+  return {
+    appId,
+    salt,
+    executions,
+    walletClient,
+    publicClient,
+    environmentConfig
+  };
+}
+async function executeDeployBatch(data, context, gas, logger = noopLogger) {
+  const pendingMessage = "Deploying new app...";
+  const txHash = await executeBatch(
+    {
+      walletClient: context.walletClient,
+      publicClient: context.publicClient,
+      environmentConfig: context.environmentConfig,
+      executions: data.executions,
+      pendingMessage,
+      gas
+    },
+    logger
+  );
+  return { appId: data.appId, txHash };
+}
+async function deployApp(options, logger = noopLogger) {
+  const prepared = await prepareDeployBatch(options, logger);
+  const data = {
+    appId: prepared.appId,
+    salt: prepared.salt,
+    executions: prepared.executions
+  };
+  const context = {
+    walletClient: prepared.walletClient,
+    publicClient: prepared.publicClient,
+    environmentConfig: prepared.environmentConfig
+  };
+  return executeDeployBatch(data, context, options.gas, logger);
+}
+function supportsEIP7702(walletClient) {
+  const account = walletClient.account;
+  if (!account) return false;
+  return account.type === "local";
+}
+async function executeDeploySequential(options, logger = noopLogger) {
+  const { walletClient, publicClient, environmentConfig, data, publicLogs, onProgress } = options;
+  const account = walletClient.account;
+  if (!account) {
+    throw new Error("WalletClient must have an account attached");
+  }
+  const chain = getChainFromID(environmentConfig.chainID);
+  const txHashes = {
+    createApp: "0x",
+    acceptAdmin: "0x"
+  };
+  logger.info("Step 1/3: Creating app...");
+  onProgress?.("createApp");
+  const createAppExecution = data.executions[0];
+  const createAppHash = await walletClient.sendTransaction({
+    account,
+    to: createAppExecution.target,
+    data: createAppExecution.callData,
+    value: createAppExecution.value,
+    chain
+  });
+  logger.info(`createApp transaction sent: ${createAppHash}`);
+  const createAppReceipt = await publicClient.waitForTransactionReceipt({ hash: createAppHash });
+  if (createAppReceipt.status === "reverted") {
+    throw new Error(`createApp transaction reverted: ${createAppHash}`);
+  }
+  txHashes.createApp = createAppHash;
+  logger.info(`createApp confirmed in block ${createAppReceipt.blockNumber}`);
+  logger.info("Step 2/3: Accepting admin role...");
+  onProgress?.("acceptAdmin", createAppHash);
+  const acceptAdminExecution = data.executions[1];
+  const acceptAdminHash = await walletClient.sendTransaction({
+    account,
+    to: acceptAdminExecution.target,
+    data: acceptAdminExecution.callData,
+    value: acceptAdminExecution.value,
+    chain
+  });
+  logger.info(`acceptAdmin transaction sent: ${acceptAdminHash}`);
+  const acceptAdminReceipt = await publicClient.waitForTransactionReceipt({
+    hash: acceptAdminHash
+  });
+  if (acceptAdminReceipt.status === "reverted") {
+    throw new Error(`acceptAdmin transaction reverted: ${acceptAdminHash}`);
+  }
+  txHashes.acceptAdmin = acceptAdminHash;
+  logger.info(`acceptAdmin confirmed in block ${acceptAdminReceipt.blockNumber}`);
+  if (publicLogs && data.executions.length > 2) {
+    logger.info("Step 3/3: Setting public logs permission...");
+    onProgress?.("setPublicLogs", acceptAdminHash);
+    const setAppointeeExecution = data.executions[2];
+    const setAppointeeHash = await walletClient.sendTransaction({
+      account,
+      to: setAppointeeExecution.target,
+      data: setAppointeeExecution.callData,
+      value: setAppointeeExecution.value,
+      chain
+    });
+    logger.info(`setAppointee transaction sent: ${setAppointeeHash}`);
+    const setAppointeeReceipt = await publicClient.waitForTransactionReceipt({
+      hash: setAppointeeHash
+    });
+    if (setAppointeeReceipt.status === "reverted") {
+      throw new Error(`setAppointee transaction reverted: ${setAppointeeHash}`);
+    }
+    txHashes.setPublicLogs = setAppointeeHash;
+    logger.info(`setAppointee confirmed in block ${setAppointeeReceipt.blockNumber}`);
+  }
+  onProgress?.("complete", txHashes.setPublicLogs || txHashes.acceptAdmin);
+  logger.info(`Deployment complete! App ID: ${data.appId}`);
+  return {
+    appId: data.appId,
+    txHashes
+  };
+}
+async function supportsEIP5792(walletClient) {
+  try {
+    if (typeof walletClient.getCapabilities !== "function") {
+      return false;
+    }
+    const account = walletClient.account;
+    if (!account) return false;
+    const capabilities = await walletClient.getCapabilities({
+      account: account.address
+    });
+    return capabilities !== null && capabilities !== void 0 && Object.keys(capabilities).length > 0;
+  } catch {
+    return false;
+  }
+}
+async function executeDeployBatched(options, logger = noopLogger) {
+  const { walletClient, environmentConfig, data, publicLogs, onProgress } = options;
+  const account = walletClient.account;
+  if (!account) {
+    throw new Error("WalletClient must have an account attached");
+  }
+  const chain = getChainFromID(environmentConfig.chainID);
+  const calls = data.executions.map(
+    (execution) => ({
+      to: execution.target,
+      data: execution.callData,
+      value: execution.value
+    })
+  );
+  const filteredCalls = publicLogs ? calls : calls.slice(0, 2);
+  logger.info(`Deploying with EIP-5792 sendCalls (${filteredCalls.length} calls)...`);
+  onProgress?.("createApp");
+  try {
+    const { id: batchId } = await walletClient.sendCalls({
+      account,
+      chain,
+      calls: filteredCalls,
+      forceAtomic: true
+    });
+    logger.info(`Batch submitted with ID: ${batchId}`);
+    onProgress?.("acceptAdmin");
+    let status;
+    let attempts = 0;
+    const maxAttempts = 120;
+    while (attempts < maxAttempts) {
+      try {
+        status = await walletClient.getCallsStatus({ id: batchId });
+        if (status.status === "success" || status.status === "confirmed") {
+          logger.info(`Batch confirmed with ${status.receipts?.length || 0} receipts`);
+          break;
+        }
+        if (status.status === "failed" || status.status === "reverted") {
+          throw new Error(`Batch transaction failed: ${status.status}`);
+        }
+      } catch (statusError) {
+        if (statusError.message?.includes("not supported")) {
+          logger.warn("getCallsStatus not supported, waiting for chain confirmation...");
+          await new Promise((resolve) => setTimeout(resolve, 15e3));
+          break;
+        }
+        throw statusError;
+      }
+      await new Promise((resolve) => setTimeout(resolve, 5e3));
+      attempts++;
+    }
+    if (attempts >= maxAttempts) {
+      throw new Error("Timeout waiting for batch confirmation");
+    }
+    if (publicLogs) {
+      onProgress?.("setPublicLogs");
+    }
+    onProgress?.("complete");
+    const receipts = (status?.receipts || []).map((r) => ({
+      transactionHash: r.transactionHash || r.hash
+    }));
+    logger.info(`Deployment complete! App ID: ${data.appId}`);
+    return {
+      appId: data.appId,
+      batchId,
+      receipts
+    };
+  } catch (error) {
+    if (error.message?.includes("not supported") || error.message?.includes("wallet_sendCalls") || error.code === -32601) {
+      throw new Error("EIP5792_NOT_SUPPORTED");
+    }
+    throw error;
+  }
+}
+async function prepareUpgradeBatch(options) {
+  const {
+    walletClient,
+    publicClient,
+    environmentConfig,
+    appID,
+    release,
+    publicLogs,
+    needsPermissionChange
+  } = options;
+  const releaseForViem = {
+    rmsRelease: {
+      artifacts: release.rmsRelease.artifacts.map((artifact) => ({
+        digest: `0x${bytesToHex(artifact.digest).slice(2).padStart(64, "0")}`,
+        registry: artifact.registry
+      })),
+      upgradeByTime: release.rmsRelease.upgradeByTime
+    },
+    publicEnv: bytesToHex(release.publicEnv),
+    encryptedEnv: bytesToHex(release.encryptedEnv)
+  };
+  const upgradeData = encodeFunctionData2({
+    abi: AppController_default,
+    functionName: "upgradeApp",
+    args: [appID, releaseForViem]
+  });
+  const executions = [
+    {
+      target: environmentConfig.appControllerAddress,
+      value: 0n,
+      callData: upgradeData
+    }
+  ];
+  if (needsPermissionChange) {
+    if (publicLogs) {
+      const addLogsData = encodeFunctionData2({
+        abi: PermissionController_default,
+        functionName: "setAppointee",
+        args: [
+          appID,
+          "0x493219d9949348178af1f58740655951a8cd110c",
+          // AnyoneCanCallAddress
+          "0x57ee1fb74c1087e26446abc4fb87fd8f07c43d8d",
+          // ApiPermissionsTarget
+          "0x2fd3f2fe"
+          // CanViewAppLogsPermission
+        ]
+      });
+      executions.push({
+        target: environmentConfig.permissionControllerAddress,
+        value: 0n,
+        callData: addLogsData
+      });
+    } else {
+      const removeLogsData = encodeFunctionData2({
+        abi: PermissionController_default,
+        functionName: "removeAppointee",
+        args: [
+          appID,
+          "0x493219d9949348178af1f58740655951a8cd110c",
+          // AnyoneCanCallAddress
+          "0x57ee1fb74c1087e26446abc4fb87fd8f07c43d8d",
+          // ApiPermissionsTarget
+          "0x2fd3f2fe"
+          // CanViewAppLogsPermission
+        ]
+      });
+      executions.push({
+        target: environmentConfig.permissionControllerAddress,
+        value: 0n,
+        callData: removeLogsData
+      });
+    }
+  }
+  return {
+    appId: appID,
+    executions,
+    walletClient,
+    publicClient,
+    environmentConfig
+  };
+}
+async function executeUpgradeBatch(data, context, gas, logger = noopLogger) {
+  const pendingMessage = `Upgrading app ${data.appId}...`;
+  const txHash = await executeBatch(
+    {
+      walletClient: context.walletClient,
+      publicClient: context.publicClient,
+      environmentConfig: context.environmentConfig,
+      executions: data.executions,
+      pendingMessage,
+      gas
+    },
+    logger
+  );
+  return txHash;
+}
+async function upgradeApp(options, logger = noopLogger) {
+  const prepared = await prepareUpgradeBatch(options);
+  const data = {
+    appId: prepared.appId,
+    executions: prepared.executions
+  };
+  const context = {
+    walletClient: prepared.walletClient,
+    publicClient: prepared.publicClient,
+    environmentConfig: prepared.environmentConfig
+  };
+  return executeUpgradeBatch(data, context, options.gas, logger);
+}
+async function sendAndWaitForTransaction(options, logger = noopLogger) {
+  const {
+    walletClient,
+    publicClient,
+    environmentConfig,
+    to,
+    data,
+    value = 0n,
+    pendingMessage,
+    txDescription,
+    gas
+  } = options;
+  const account = walletClient.account;
+  if (!account) {
+    throw new Error("WalletClient must have an account attached");
+  }
+  const chain = getChainFromID(environmentConfig.chainID);
+  if (pendingMessage) {
+    logger.info(`
+${pendingMessage}`);
+  }
+  const hash = await walletClient.sendTransaction({
+    account,
+    to,
+    data,
+    value,
+    ...gas?.maxFeePerGas && { maxFeePerGas: gas.maxFeePerGas },
+    ...gas?.maxPriorityFeePerGas && {
+      maxPriorityFeePerGas: gas.maxPriorityFeePerGas
+    },
+    chain
+  });
+  logger.info(`Transaction sent: ${hash}`);
+  const receipt = await publicClient.waitForTransactionReceipt({ hash });
+  if (receipt.status === "reverted") {
+    let revertReason = "Unknown reason";
+    try {
+      await publicClient.call({
+        to,
+        data,
+        account: account.address
+      });
+    } catch (callError) {
+      if (callError.data) {
+        try {
+          const decoded = decodeErrorResult2({
+            abi: AppController_default,
+            data: callError.data
+          });
+          const formattedError = formatAppControllerError(decoded);
+          revertReason = formattedError.message;
+        } catch {
+          revertReason = callError.message || "Unknown reason";
+        }
+      } else {
+        revertReason = callError.message || "Unknown reason";
+      }
+    }
+    logger.error(`${txDescription} transaction (hash: ${hash}) reverted: ${revertReason}`);
+    throw new Error(`${txDescription} transaction (hash: ${hash}) reverted: ${revertReason}`);
+  }
+  return hash;
+}
+function formatAppControllerError(decoded) {
+  const errorName = decoded.errorName;
+  switch (errorName) {
+    case "MaxActiveAppsExceeded":
+      return new Error(
+        "you have reached your app deployment limit. To request access or increase your limit, please visit https://onboarding.eigencloud.xyz/ or reach out to the Eigen team"
+      );
+    case "GlobalMaxActiveAppsExceeded":
+      return new Error(
+        "the platform has reached the maximum number of active apps. please try again later"
+      );
+    case "InvalidPermissions":
+      return new Error("you don't have permission to perform this operation");
+    case "AppAlreadyExists":
+      return new Error("an app with this owner and salt already exists");
+    case "AppDoesNotExist":
+      return new Error("the specified app does not exist");
+    case "InvalidAppStatus":
+      return new Error("the app is in an invalid state for this operation");
+    case "MoreThanOneArtifact":
+      return new Error("only one artifact is allowed per release");
+    case "InvalidSignature":
+      return new Error("invalid signature provided");
+    case "SignatureExpired":
+      return new Error("the provided signature has expired");
+    case "InvalidReleaseMetadataURI":
+      return new Error("invalid release metadata URI provided");
+    case "InvalidShortString":
+      return new Error("invalid short string format");
+    default:
+      return new Error(`contract error: ${errorName}`);
+  }
+}
+async function getActiveAppCount(publicClient, environmentConfig, user) {
+  const count = await publicClient.readContract({
+    address: environmentConfig.appControllerAddress,
+    abi: AppController_default,
+    functionName: "getActiveAppCount",
+    args: [user]
+  });
+  return Number(count);
+}
+async function getMaxActiveAppsPerUser(publicClient, environmentConfig, user) {
+  const quota = await publicClient.readContract({
+    address: environmentConfig.appControllerAddress,
+    abi: AppController_default,
+    functionName: "getMaxActiveAppsPerUser",
+    args: [user]
+  });
+  return Number(quota);
+}
+async function getAppsByCreator(publicClient, environmentConfig, creator, offset, limit) {
+  const result = await publicClient.readContract({
     address: environmentConfig.appControllerAddress,
     abi: AppController_default,
     functionName: "getAppsByCreator",
@@ -2840,7 +4405,13 @@ async function getAllAppsByDeveloper(publicClient, env, developer, pageSize = 10
   const allApps = [];
   const allConfigs = [];
   while (true) {
-    const { apps, appConfigs } = await getAppsByDeveloper(publicClient, env, developer, offset, pageSize);
+    const { apps, appConfigs } = await getAppsByDeveloper(
+      publicClient,
+      env,
+      developer,
+      offset,
+      pageSize
+    );
     if (apps.length === 0) break;
     allApps.push(...apps);
     allConfigs.push(...appConfigs);
@@ -2852,6 +4423,74 @@ async function getAllAppsByDeveloper(publicClient, env, developer, pageSize = 10
     appConfigs: allConfigs
   };
 }
+async function suspend(options, logger = noopLogger) {
+  const { walletClient, publicClient, environmentConfig, account, apps } = options;
+  const suspendData = encodeFunctionData2({
+    abi: AppController_default,
+    functionName: "suspend",
+    args: [account, apps]
+  });
+  const pendingMessage = `Suspending ${apps.length} app(s)...`;
+  return sendAndWaitForTransaction(
+    {
+      walletClient,
+      publicClient,
+      environmentConfig,
+      to: environmentConfig.appControllerAddress,
+      data: suspendData,
+      pendingMessage,
+      txDescription: "Suspend"
+    },
+    logger
+  );
+}
+async function isDelegated(options) {
+  const { publicClient, environmentConfig, address } = options;
+  return checkERC7702Delegation(
+    publicClient,
+    address,
+    environmentConfig.erc7702DelegatorAddress
+  );
+}
+async function undelegate(options, logger = noopLogger) {
+  const { walletClient, publicClient, environmentConfig } = options;
+  const account = walletClient.account;
+  if (!account) {
+    throw new Error("WalletClient must have an account attached");
+  }
+  const chain = getChainFromID(environmentConfig.chainID);
+  const transactionNonce = await publicClient.getTransactionCount({
+    address: account.address,
+    blockTag: "pending"
+  });
+  const chainId = await publicClient.getChainId();
+  const authorizationNonce = BigInt(transactionNonce) + 1n;
+  logger.debug("Signing undelegate authorization");
+  const signedAuthorization = await walletClient.signAuthorization({
+    contractAddress: "0x0000000000000000000000000000000000000000",
+    chainId,
+    nonce: Number(authorizationNonce),
+    account
+  });
+  const authorizationList = [signedAuthorization];
+  const hash = await walletClient.sendTransaction({
+    account,
+    to: account.address,
+    // Send to self
+    data: "0x",
+    // Empty data
+    value: 0n,
+    authorizationList,
+    chain
+  });
+  logger.info(`Transaction sent: ${hash}`);
+  const receipt = await publicClient.waitForTransactionReceipt({ hash });
+  if (receipt.status === "reverted") {
+    logger.error(`Undelegate transaction (hash: ${hash}) reverted`);
+    throw new Error(`Undelegate transaction (hash: ${hash}) reverted`);
+  }
+  return hash;
+}
 // src/client/common/contract/encoders.ts
 import { parseAbi as parseAbi2, encodeFunctionData as encodeFunctionData3 } from "viem";
@@ -2881,32 +4520,395 @@ function encodeTerminateAppData(appId) {
     args: [appId]
   });
 }
+// src/client/common/auth/siwe.ts
+import { SiweMessage, generateNonce as siweGenerateNonce } from "siwe";
+var generateNonce = siweGenerateNonce;
+function createSiweMessage(params) {
+  const now = /* @__PURE__ */ new Date();
+  const nonce = params.nonce || generateNonce();
+  const issuedAt = params.issuedAt || now;
+  const expirationTime = params.expirationTime || new Date(now.getTime() + 24 * 60 * 60 * 1e3);
+  const siweMessage = new SiweMessage({
+    domain: params.domain,
+    address: params.address,
+    statement: params.statement,
+    uri: params.uri,
+    version: "1",
+    chainId: params.chainId,
+    nonce,
+    issuedAt: issuedAt.toISOString(),
+    expirationTime: expirationTime.toISOString(),
+    notBefore: params.notBefore?.toISOString(),
+    requestId: params.requestId,
+    resources: params.resources
+  });
+  return {
+    message: siweMessage.prepareMessage(),
+    params: {
+      address: params.address,
+      chainId: params.chainId,
+      domain: params.domain,
+      uri: params.uri,
+      nonce,
+      issuedAt,
+      statement: params.statement,
+      expirationTime,
+      notBefore: params.notBefore,
+      requestId: params.requestId,
+      resources: params.resources
+    }
+  };
+}
+function parseSiweMessage(message) {
+  try {
+    const siweMessage = new SiweMessage(message);
+    return {
+      address: siweMessage.address,
+      chainId: siweMessage.chainId,
+      domain: siweMessage.domain,
+      uri: siweMessage.uri,
+      nonce: siweMessage.nonce,
+      statement: siweMessage.statement,
+      issuedAt: siweMessage.issuedAt ? new Date(siweMessage.issuedAt) : void 0,
+      expirationTime: siweMessage.expirationTime ? new Date(siweMessage.expirationTime) : void 0,
+      notBefore: siweMessage.notBefore ? new Date(siweMessage.notBefore) : void 0,
+      requestId: siweMessage.requestId,
+      resources: siweMessage.resources
+    };
+  } catch {
+    return null;
+  }
+}
+function isSiweMessageExpired(params) {
+  if (!params.expirationTime) return false;
+  return /* @__PURE__ */ new Date() > params.expirationTime;
+}
+function isSiweMessageNotYetValid(params) {
+  if (!params.notBefore) return false;
+  return /* @__PURE__ */ new Date() < params.notBefore;
+}
+// src/client/common/hooks/useComputeSession.ts
+import { useCallback, useEffect, useRef, useState } from "react";
+function useComputeSession(config) {
+  const {
+    baseUrl,
+    refreshInterval = 6e4,
+    // 1 minute default
+    checkOnMount = true,
+    onSessionExpired,
+    onSessionRefreshed,
+    onError
+  } = config;
+  const [session, setSession] = useState(null);
+  const [isLoading, setIsLoading] = useState(checkOnMount);
+  const [error, setError] = useState(null);
+  const wasAuthenticatedRef = useRef(false);
+  const isMountedRef = useRef(true);
+  const refreshIntervalRef = useRef(null);
+  const apiConfig = { baseUrl };
+  const checkSession = useCallback(async () => {
+    try {
+      const sessionInfo = await getComputeApiSession(apiConfig);
+      if (!isMountedRef.current) {
+        return sessionInfo;
+      }
+      setSession(sessionInfo);
+      setError(null);
+      if (wasAuthenticatedRef.current && !sessionInfo.authenticated) {
+        onSessionExpired?.();
+      }
+      wasAuthenticatedRef.current = sessionInfo.authenticated;
+      if (sessionInfo.authenticated) {
+        onSessionRefreshed?.(sessionInfo);
+      }
+      return sessionInfo;
+    } catch (err) {
+      if (!isMountedRef.current) {
+        throw err;
+      }
+      const sessionError = err instanceof SessionError ? err : new SessionError(`Failed to check session: ${String(err)}`, "UNKNOWN");
+      setError(sessionError);
+      onError?.(sessionError);
+      const fallbackSession = { authenticated: false };
+      setSession(fallbackSession);
+      return fallbackSession;
+    }
+  }, [baseUrl, onSessionExpired, onSessionRefreshed, onError]);
+  const refresh = useCallback(async () => {
+    setIsLoading(true);
+    try {
+      return await checkSession();
+    } finally {
+      if (isMountedRef.current) {
+        setIsLoading(false);
+      }
+    }
+  }, [checkSession]);
+  const login = useCallback(
+    async (params, signMessage) => {
+      setIsLoading(true);
+      setError(null);
+      try {
+        let domain = params.domain;
+        let uri = params.uri;
+        if (typeof window !== "undefined") {
+          domain = domain || window.location.host;
+          uri = uri || window.location.origin;
+        }
+        if (!domain || !uri) {
+          throw new SessionError(
+            "domain and uri are required when not in browser environment",
+            "INVALID_MESSAGE"
+          );
+        }
+        const siweMessage = createSiweMessage({
+          ...params,
+          domain,
+          uri,
+          statement: params.statement || "Sign in to EigenCloud Compute API"
+        });
+        const signature = await signMessage({ message: siweMessage.message });
+        await loginToComputeApi(apiConfig, {
+          message: siweMessage.message,
+          signature
+        });
+        const sessionInfo = await checkSession();
+        if (!isMountedRef.current) {
+          return sessionInfo;
+        }
+        wasAuthenticatedRef.current = sessionInfo.authenticated;
+        return sessionInfo;
+      } catch (err) {
+        if (!isMountedRef.current) {
+          throw err;
+        }
+        const sessionError = err instanceof SessionError ? err : new SessionError(`Login failed: ${String(err)}`, "UNKNOWN");
+        setError(sessionError);
+        onError?.(sessionError);
+        throw sessionError;
+      } finally {
+        if (isMountedRef.current) {
+          setIsLoading(false);
+        }
+      }
+    },
+    [baseUrl, checkSession, onError]
+  );
+  const logout = useCallback(async () => {
+    setIsLoading(true);
+    setError(null);
+    try {
+      await logoutFromComputeApi(apiConfig);
+      if (!isMountedRef.current) {
+        return;
+      }
+      const newSession = { authenticated: false };
+      setSession(newSession);
+      wasAuthenticatedRef.current = false;
+    } catch (err) {
+      if (!isMountedRef.current) {
+        throw err;
+      }
+      const sessionError = err instanceof SessionError ? err : new SessionError(`Logout failed: ${String(err)}`, "UNKNOWN");
+      setError(sessionError);
+      onError?.(sessionError);
+      setSession({ authenticated: false });
+      wasAuthenticatedRef.current = false;
+    } finally {
+      if (isMountedRef.current) {
+        setIsLoading(false);
+      }
+    }
+  }, [baseUrl, onError]);
+  const clearError = useCallback(() => {
+    setError(null);
+  }, []);
+  useEffect(() => {
+    isMountedRef.current = true;
+    if (checkOnMount) {
+      checkSession().finally(() => {
+        if (isMountedRef.current) {
+          setIsLoading(false);
+        }
+      });
+    }
+    return () => {
+      isMountedRef.current = false;
+    };
+  }, [checkOnMount, checkSession]);
+  useEffect(() => {
+    if (refreshInterval <= 0) {
+      return;
+    }
+    if (refreshIntervalRef.current) {
+      clearInterval(refreshIntervalRef.current);
+    }
+    refreshIntervalRef.current = setInterval(() => {
+      if (wasAuthenticatedRef.current) {
+        checkSession();
+      }
+    }, refreshInterval);
+    return () => {
+      if (refreshIntervalRef.current) {
+        clearInterval(refreshIntervalRef.current);
+        refreshIntervalRef.current = null;
+      }
+    };
+  }, [refreshInterval, checkSession]);
+  return {
+    session,
+    isLoading,
+    error,
+    isAuthenticated: session?.authenticated ?? false,
+    login,
+    logout,
+    refresh,
+    clearError
+  };
+}
+// src/client/common/encryption/kms.ts
+import { importSPKI, CompactEncrypt } from "jose";
+function getAppProtectedHeaders(appID) {
+  return {
+    "x-eigenx-app-id": appID
+  };
+}
+async function encryptRSAOAEPAndAES256GCM(encryptionKeyPEM, plaintext, protectedHeaders) {
+  const pemString = typeof encryptionKeyPEM === "string" ? encryptionKeyPEM : encryptionKeyPEM.toString("utf-8");
+  const publicKey = await importSPKI(pemString, "RSA-OAEP-256", {
+    extractable: true
+  });
+  const header = {
+    alg: "RSA-OAEP-256",
+    // Key encryption algorithm (SHA-256)
+    enc: "A256GCM",
+    // Content encryption algorithm
+    ...protectedHeaders || {}
+    // Add custom protected headers
+  };
+  const plaintextBytes = new Uint8Array(plaintext);
+  const jwe = await new CompactEncrypt(plaintextBytes).setProtectedHeader(header).encrypt(publicKey);
+  return jwe;
+}
+// keys/mainnet-alpha/prod/kms-encryption-public-key.pem
+var kms_encryption_public_key_default = "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0kHU86k17ofCIGcJKDcf\nAFurFhSLeWmOL0bwWLCeVnTPG0MMHtJOq+woE0XXSWw6lzm+jzavBBTwKde1dgal\nAp91vULAZFMUpiUdd2dNUVtvU89qW0Pgf1Eu5FDj7BkY/SnyECbWJM4ga0BmpiGy\nnQwLNN9mMGhjVoVLn2zwEGZ7JzS9Nz11EZKO/k/9DcO6LaoIFmKuvVf3jl6lvZg8\naeA0LoZXjkycHlRUt/kfKwZnhakUaYHP1ksV7ZNmolS5GYDTSKGB2KPPNR1s4/Xu\nu8zeEFC8HuGRU8XuuBeaAunitnGhbNVREUNJGff6HZOGB6CIFNXjbQETeZ3p5uro\n0v+hd1QqQYBv7+DEaMCmGnJNGAyIMr2mn4vr7wGsIj0HonlSHmQ8rmdUhL2ocNTc\nLhKgZiZmBuDpSbFW/r53R2G7CHcqaqGeUBnT54QCH4zsYKw0/4dOtwFxQpTyBf9/\n+k+KaWEJYKkx9d9OzKGyAvzrTDVOFoajddiJ6LPvRlMdOUQr3hl4IAC0/nh9lhHq\nD0R+i5WAU96TkdAe7B7iTGH2D22k0KUPR6Q9W3aF353SLxQAMPNrgG4QQufAdRJn\nAF+8ntun5TkTqjTWRSwAsUJZ1z4wb96DympWJbDi0OciJRZ3Fz3j9+amC43yCHGg\naaEMjdt35ewbztUSc04F10MCAwEAAQ==\n-----END PUBLIC KEY-----";
+// keys/mainnet-alpha/prod/kms-signing-public-key.pem
+var kms_signing_public_key_default = "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfxbhXJjH4D0DH/iW5/rK1HzWS+f9\nEyooZTrCYjCfezuOEmRuOWNaZLvwXN8SdzrvjWA7gSvOS85hLzp4grANRQ==\n-----END PUBLIC KEY-----";
+// keys/sepolia/dev/kms-encryption-public-key.pem
+var kms_encryption_public_key_default2 = "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr/vqttU6aXX35HtsXavU\n5teysunDzZB3HyaFM4qcuRnqj+70KxqLOwZsERN5SwZ/56Jm8T2ds1CcXsQCMUMw\n+MPlsF6KMGfzghLtYHONwvKLnn+U9y886aAay6W8a0A7O7YCZehNYD3kQnCXjOIc\nMj6v8AEvMw+w/lNabjRXnwSBMKVIGp/cSL0hGwt8fGoC3TsxQN9opzvU1Z4rAw9K\na119l6dlPnqezDva378TCaXDjqKe/jSZOI1CcYpaSK2SJ+95Wbvte5j3lXbg1oT2\n0rXeJUHEJ68QxMtJplfw0Sg+Ek4CUJ2c/kbdg0u7sIIO5wcB4WHL/Lfbw2XPmcBI\nt0r0EC575D3iHF/aI01Ms2IRA0GDeHnNcr5FJLWJljTjNLEt4tFITrXwBe1Ealm3\nNCxamApl5bBSwQ72Gb5fiQFwB8Fl2/XG3wfGTFInFEvWE4c/H8dtu1wHTsyEFZcG\nB47IkD5GBSZq90Hd9xuZva55dxGpqUVrEJO88SqHGP9Oa+HLTYdEe5AR5Hitw4Mu\ndk1cCH+X5OqY9dfpdoCNbKAM0N2SJvNAnDTU2JKGYheXrnDslXR6atBmU5gDkH+W\nQVryDYl9xbwWIACMQsAQjrrtKw5xqJ4V89+06FN/wyEVF7KWAcJ4AhKiVnCvLqzb\nBbISc+gOkRsefhCDJVPEKDkCAwEAAQ==\n-----END PUBLIC KEY-----";
+// keys/sepolia/dev/kms-signing-public-key.pem
+var kms_signing_public_key_default2 = "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEb2Q88/cxdic2xi4jS2V0dtYHjLwq\n4wVFBFmaY8TTXoMXNggKEdU6PuE8EovocVKMpw3SIlaM27z9uxksNVL2xw==\n-----END PUBLIC KEY-----\n";
+// keys/sepolia/prod/kms-encryption-public-key.pem
+var kms_encryption_public_key_default3 = "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApDvk8pAivkgtiC5li5MP\nxMTJDduTeorBl18ynrooTxp2BwwgPwXfXbJaCA0qRubvc0aO2uh2VDrPM27CqMLH\no2S9YLtpLii4A1Nl7SE/MdWKWdG6v94xNGpc2YyPP7yWtHfqOkgDWp8sokl3Uq/9\nMS0pjUaI7RyS5boCTy8Qw90BxGMpucjOmqm+luw4EdPWZCrgriUR2bbGRRgAmrT1\nK4ou4IgPp799r120hwHbCWxnOvLdQdpiv2507b900xS/3yZahhnHCAn66146LU/f\nBrRpQKSM0qSpktXrrc9MH/ru2VLR5cGLp89ZcZMQA9cRGglWM5XWVY3Ti2TPJ6Kd\nAn1d7qNkGJaSdVa3x3HkOf6c6HeTyqis5/L/6L+PFhUsTRbmKg1FtwD+3xxdyf7h\nabFxryE9rv+WatHL6r6z5ztV0znJ/Fpfs5A45FWA6pfb28fA59RGpi/DQ8RxgdCH\nnZRNvdz8dTgRaXSPgkfGXBcCFqb/QhFmad7XbWDthGzfhbPOxNPtiaGRQ1Dr/Pgq\nn0ugdLbRQLmDOAFgaQcnr0U4y1TUlWJnvoZMETkVN7gmITtXA4F324ALT7Rd+Lgk\nHikW5vG+NjAEwXfPsK0YzT+VbHd7o1lbru9UxiDlN03XVEkz/oRQi47CvSTo3FSr\n5dB4lz8kov3UUcNJfQFZolMCAwEAAQ==\n-----END PUBLIC KEY-----";
+// keys/sepolia/prod/kms-signing-public-key.pem
+var kms_signing_public_key_default3 = "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsk6ZdmmvBqFfKHs+1cYjIemRGN7h\n1NatIEitFRyx+3q8wmTJ9LknTE1FwWBLcCNTseJDti8Rh+SaVxfGOyJuuA==\n-----END PUBLIC KEY-----";
+// src/client/common/utils/keys.ts
+var KEYS = {
+  "mainnet-alpha": {
+    prod: {
+      encryption: kms_encryption_public_key_default,
+      signing: kms_signing_public_key_default
+    }
+  },
+  sepolia: {
+    dev: {
+      encryption: kms_encryption_public_key_default2,
+      signing: kms_signing_public_key_default2
+    },
+    prod: {
+      encryption: kms_encryption_public_key_default3,
+      signing: kms_signing_public_key_default3
+    }
+  }
+};
+function getKMSKeysForEnvironment(environment, build = "prod") {
+  const envKeys = KEYS[environment];
+  if (!envKeys) {
+    throw new Error(`No keys found for environment: ${environment}`);
+  }
+  const buildKeys = envKeys[build];
+  if (!buildKeys) {
+    throw new Error(`No keys found for environment: ${environment}, build: ${build}`);
+  }
+  return {
+    encryptionKey: Buffer.from(buildKeys.encryption),
+    signingKey: Buffer.from(buildKeys.signing)
+  };
+}
 export {
+  BillingApiClient,
+  BuildApiClient,
+  SessionError,
   UserApiClient,
+  addHexPrefix,
   assertValidImageReference,
   assertValidPrivateKey,
+  calculateAppID,
+  checkERC7702Delegation,
+  createSiweMessage,
+  deployApp,
   encodeStartAppData,
   encodeStopAppData,
   encodeTerminateAppData,
+  encryptRSAOAEPAndAES256GCM,
   estimateBatchGas,
   estimateTransactionGas,
+  executeBatch,
+  executeDeployBatch,
+  executeDeployBatched,
+  executeDeploySequential,
+  executeUpgradeBatch,
   extractAppNameFromImage,
   formatETH,
   generateNewPrivateKey,
+  generateNonce,
   getActiveAppCount,
   getAllAppsByDeveloper,
+  getAppProtectedHeaders,
   getAppsByCreator,
   getAppsByDeveloper,
   getAvailableEnvironments,
+  getBillingEnvironmentConfig,
   getBuildType,
+  getChainFromID,
+  getComputeApiSession,
   getEnvironmentConfig,
+  getKMSKeysForEnvironment,
   getMaxActiveAppsPerUser,
+  isDelegated,
   isEnvironmentAvailable,
   isMainnet,
+  isSessionValid,
+  isSiweMessageExpired,
+  isSiweMessageNotYetValid,
   isSubscriptionActive,
+  loginToComputeApi,
+  logoutFromComputeApi,
+  noopLogger,
+  parseSiweMessage,
+  prepareDeployBatch,
+  prepareUpgradeBatch,
   sanitizeString,
   sanitizeURL,
   sanitizeXURL,
+  sendAndWaitForTransaction,
+  stripHexPrefix,
+  supportsEIP5792,
+  supportsEIP7702,
+  suspend,
+  undelegate,
+  upgradeApp,
+  useComputeSession,
   validateAppID,
   validateAppName,
   validateCreateAppParams,