@motebit/protocol 1.1.0 → 1.3.0

package/dist/dispute.d.ts

@@ -5,6 +5,7 @@
  * for dispute resolution in agent-to-agent delegations. Any implementation can
  * produce and verify dispute artifacts using these types.
  */
+import type { MerkleInclusionProof } from "./retention-policy.js";
 /** Dispute lifecycle states. Terminal states (final, expired) are irreversible. */
 export type DisputeState = "opened" | "evidence" | "arbitration" | "resolved" | "appealed" | "final" | "expired";
 /** Dispute resolution outcome. */
@@ -87,10 +88,12 @@ export interface DisputeEvidence {
  * Foundation Law (§6.5):
  * - Federation resolution must include individual AdjudicatorVote entries
  * - Aggregated-only verdicts are rejected
- * - Each vote signature MUST cover `dispute_id` — votes are not portable
- *   across disputes (a malicious adjudicator collecting old votes from
- *   other disputes cannot stuff them into a new resolution because the
- *   dispute_id binding breaks the signature).
+ * - Each vote signature MUST cover `dispute_id` AND `round` — votes are
+ *   not portable across disputes OR adjudication rounds (a malicious
+ *   adjudicator collecting old votes from other disputes cannot stuff
+ *   them into a new resolution because the dispute_id binding breaks
+ *   the signature; a leader cannot replay round-1 vote bytes as round-2
+ *   evidence because the round binding breaks the signature).
  */
 export interface AdjudicatorVote {
     /**
@@ -101,6 +104,13 @@ export interface AdjudicatorVote {
      * fails to verify against the wrong binding).
      */
     dispute_id: string;
+    /**
+     * Adjudication round. 1 for original adjudication; 2 for §8.3 appeal.
+     * Signature-bound (§6.5): a peer's round-1 vote bytes do not satisfy
+     * round-2 binding even for the same evidence. The §8.3 round-isolation
+     * property is enforced cryptographically, not by leader bookkeeping.
+     */
+    round: number;
     /** Federation peer MotebitId. */
     peer_id: string;
     /** Vote outcome. */
@@ -115,6 +125,55 @@ export interface AdjudicatorVote {
     /** Ed25519 by the voting peer over canonical JSON of all fields except signature. */
     signature: string;
 }
+/**
+ * Federation vote request — leader-to-peer fan-out body for §6.2
+ * federation adjudication. The leader (the relay where the dispute
+ * resolution was requested AND named in the dispute as filer or
+ * respondent) POSTs this to each active federation peer; each peer
+ * returns a signed `AdjudicatorVote`.
+ *
+ * Wire-format protocol type for `relay-federation@1.2` §16. The
+ * peer-side gate ladder (`spec/relay-federation-v1.md` §16.2) enforces:
+ * schema → known peer → requester-id binding → signature → freshness
+ * → operator policy configured.
+ *
+ * Foundation Law (`spec/dispute-v1.md` §6.5):
+ * - Signature MUST cover `dispute_id`, `round`, `requester_id`, and the
+ *   evidence bundle. Cross-round replay and request-tampering both
+ *   fail-closed.
+ * - For round=2 (appeal), `evidence_bundle` MUST carry the original
+ *   round-1 evidence plus any new evidence introduced with the appeal
+ *   (per §8.4).
+ */
+export interface VoteRequest {
+    /** The dispute being adjudicated. MUST equal the URL `:disputeId` parameter. */
+    dispute_id: string;
+    /**
+     * Adjudication round. 1 for original adjudication; 2 for §8.3 appeal.
+     * Signature-bound — cross-round vote replay is cryptographically
+     * rejected.
+     */
+    round: number;
+    /** Original signed dispute artifact (§4.2). The peer can re-verify the dispute's provenance from this alone. */
+    dispute_request: DisputeRequest;
+    /**
+     * All evidence collected during the dispute's evidence window (§5.2).
+     * For round=2, MUST carry the original round-1 evidence plus any new
+     * evidence introduced with the appeal.
+     */
+    evidence_bundle: DisputeEvidence[];
+    /** Leader relay's `motebit_id`. MUST be a known peer to the receiver (gate 2). */
+    requester_id: string;
+    /** Unix ms when the leader signed. Used by gate 5 freshness check (default ±60s). */
+    requested_at: number;
+    /**
+     * Cryptosuite discriminator. Always `"motebit-jcs-ed25519-b64-v1"`
+     * (see DisputeRequest for the full recipe).
+     */
+    suite: "motebit-jcs-ed25519-b64-v1";
+    /** Base64url Ed25519 by the leader over `canonicalJson(body minus signature)`. */
+    signature: string;
+}
 /**
  * Dispute resolution by adjudicator.
  *
@@ -173,4 +232,91 @@ export interface DisputeAppeal {
     /** Ed25519 over canonical JSON of all fields except signature. */
     signature: string;
 }
+/**
+ * Evidence shape #1: disputant proves their peer pubkey is committed
+ * in the cert's `federation_graph_anchor.merkle_root` via an inclusion
+ * proof, but `witnessed_by[]` does not include them.
+ *
+ * Verifier in `@motebit/crypto` recomputes the proof against the cert's
+ * anchor root and asserts the leaf hash matches the canonical
+ * leaf-of-disputant-pubkey encoding (same hashing recipe as
+ * `relay-federation-v1.md` §7.6 / `credential-anchor-v1.md` §3).
+ */
+export interface WitnessOmissionInclusionProofEvidence {
+    kind: "inclusion_proof";
+    /**
+     * Hex-encoded SHA-256 leaf hash for the disputant's federation pubkey
+     * under the anchor's canonicalization (lowercase hex pubkey bytes).
+     */
+    leaf_hash: string;
+    /** Inclusion proof against `cert.federation_graph_anchor.merkle_root`. */
+    proof: MerkleInclusionProof;
+}
+/**
+ * Evidence shape #2: disputant claims a peering relationship at
+ * `cert.horizon_ts` outside the cert's published anchor — i.e., the
+ * issuer published an incomplete or wrong anchor that omitted a peer
+ * who was peered with them at the horizon.
+ *
+ * The disputant supplies a signed peering artifact issued by the cert's
+ * issuer (e.g., a relay-federation PeeringConfirm or Heartbeat) whose
+ * timestamp window covers `cert.horizon_ts`. The verifier in
+ * `@motebit/crypto` asserts the embedded signature validates against
+ * the cert issuer's pubkey and the artifact's window covers
+ * `cert.horizon_ts`. Wire format of `peering_artifact` is opaque at this
+ * layer; verification dispatches on the artifact's own kind/spec.
+ */
+export interface WitnessOmissionAlternativePeeringEvidence {
+    kind: "alternative_peering";
+    /**
+     * Signed peering artifact from the cert issuer — embeds its own
+     * signature. Carries enough fields for the verifier to re-check
+     * the issuer's signature and the peering window.
+     */
+    peering_artifact: Record<string, unknown>;
+}
+/** Discriminated evidence union — exactly one shape per dispute. */
+export type WitnessOmissionEvidence = WitnessOmissionInclusionProofEvidence | WitnessOmissionAlternativePeeringEvidence;
+/**
+ * Witness-omission dispute — files within 24h of `cert.issued_at`
+ * (`WITNESS_OMISSION_DISPUTE_WINDOW_MS` in `@motebit/crypto`) by a peer
+ * claiming the disputed cert's `witnessed_by[]` wrongly omits them.
+ *
+ * Foundation Law (Phase 4b-3 §4.4):
+ * - `cert_issuer` + `cert_signature` together pin the disputed cert —
+ *   the relay reconciles the dispute against the cert in its local
+ *   `relay_horizon_certs` table at validation time.
+ * - At least one evidence shape is required at filing time — either
+ *   `inclusion_proof` (membership in the published anchor) or
+ *   `alternative_peering` (peering attested outside the anchor).
+ * - The cert's `issued_at` is the lookup-derived clock for the 24h
+ *   window — disputant-attested timestamps cannot widen the window.
+ * - Sustained disputes are reputation signals; the cert remains
+ *   terminal (retention-policy.md decision 5).
+ */
+export interface WitnessOmissionDispute {
+    /** UUID v7, generated by the disputant. */
+    dispute_id: string;
+    /** MotebitId / operator-id of the cert issuer — the relay that signed the disputed horizon cert. */
+    cert_issuer: string;
+    /**
+     * Hex-encoded signature of the disputed `append_only_horizon` cert.
+     * Opaque pointer; the relay resolves the cert from its local
+     * `relay_horizon_certs` table.
+     */
+    cert_signature: string;
+    /** MotebitId of the disputant peer claiming wrongful omission. */
+    disputant_motebit_id: string;
+    /** Exactly one of the two evidence shapes. */
+    evidence: WitnessOmissionEvidence;
+    /** Unix ms. */
+    filed_at: number;
+    /**
+     * Cryptosuite discriminator. Always `"motebit-jcs-ed25519-b64-v1"`
+     * (see DisputeRequest for the full recipe).
+     */
+    suite: "motebit-jcs-ed25519-b64-v1";
+    /** Ed25519 by disputant over canonical JSON of all fields except signature. */
+    signature: string;
+}
 //# sourceMappingURL=dispute.d.ts.map

package/dist/dispute.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"dispute.d.ts","sourceRoot":"","sources":["../src/dispute.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,mFAAmF;AACnF,MAAM,MAAM,YAAY,GACpB,QAAQ,GACR,UAAU,GACV,aAAa,GACb,UAAU,GACV,UAAU,GACV,OAAO,GACP,SAAS,CAAC;AAEd,kCAAkC;AAClC,MAAM,MAAM,cAAc,GAAG,QAAQ,GAAG,YAAY,GAAG,OAAO,CAAC;AAE/D,+BAA+B;AAC/B,MAAM,MAAM,eAAe,GACvB,SAAS,GACT,aAAa,GACb,iBAAiB,GACjB,cAAc,GACd,OAAO,CAAC;AAEZ,4DAA4D;AAC5D,MAAM,MAAM,iBAAiB,GAAG,mBAAmB,GAAG,qBAAqB,GAAG,OAAO,CAAC;AAItF;;;;;;;;GAQG;AACH,MAAM,WAAW,cAAc;IAC7B,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,uCAAuC;IACvC,OAAO,EAAE,MAAM,CAAC;IAChB,kDAAkD;IAClD,aAAa,EAAE,MAAM,CAAC;IACtB,qCAAqC;IACrC,QAAQ,EAAE,MAAM,CAAC;IACjB,yCAAyC;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,EAAE,eAAe,CAAC;IAC1B,kCAAkC;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,mDAAmD;IACnD,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB;;;;OAIG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kEAAkE;IAClE,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,gEAAgE;AAChE,MAAM,MAAM,mBAAmB,GAC3B,mBAAmB,GACnB,YAAY,GACZ,cAAc,GACd,kBAAkB,GAClB,kBAAkB,GAClB,aAAa,CAAC;AAElB;;;;;;;GAOG;AACH,MAAM,WAAW,eAAe;IAC9B,sCAAsC;IACtC,UAAU,EAAE,MAAM,CAAC;IACnB,yCAAyC;IACzC,YAAY,EAAE,MAAM,CAAC;IACrB,qBAAqB;IACrB,aAAa,EAAE,mBAAmB,CAAC;IACnC,kCAAkC;IAClC,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,uCAAuC;IACvC,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe;IACf,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kEAAkE;IAClE,SAAS,EAAE,MAAM,CAAC;CACnB;AAID;;;;;;;;;;GAUG;AACH,MAAM,WAAW,eAAe;IAC9B;;;;;;OAMG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB,iCAAiC;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB;IACpB,IAAI,EAAE,cAAc,CAAC;IACrB,4BAA4B;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,qFAAqF;IACrF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;GAMG;AACH,MAAM,WAAW,iBAAiB;IAChC,kCAAkC;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,0BAA0B;IAC1B,UAAU,EAAE,cAAc,CAAC;IAC3B,0CAA0C;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,iCAAiC;IACjC,WAAW,EAAE,iBAAiB,CAAC;IAC/B,qDAAqD;IACrD,WAAW,EAAE,MAAM,CAAC;IACpB,wDAAwD;IACxD,WAAW,EAAE,MAAM,CAAC;IACpB,+CAA+C;IAC/C,iBAAiB,EAAE,eAAe,EAAE,CAAC;IACrC,eAAe;IACf,WAAW,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kEAAkE;IAClE,SAAS,EAAE,MAAM,CAAC;CACnB;AAID;;;;;;GAMG;AACH,MAAM,WAAW,aAAa;IAC5B,yCAAyC;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,wCAAwC;IACxC,WAAW,EAAE,MAAM,CAAC;IACpB,uCAAuC;IACvC,MAAM,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,eAAe;IACf,WAAW,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kEAAkE;IAClE,SAAS,EAAE,MAAM,CAAC;CACnB"}
+{"version":3,"file":"dispute.d.ts","sourceRoot":"","sources":["../src/dispute.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAIlE,mFAAmF;AACnF,MAAM,MAAM,YAAY,GACpB,QAAQ,GACR,UAAU,GACV,aAAa,GACb,UAAU,GACV,UAAU,GACV,OAAO,GACP,SAAS,CAAC;AAEd,kCAAkC;AAClC,MAAM,MAAM,cAAc,GAAG,QAAQ,GAAG,YAAY,GAAG,OAAO,CAAC;AAE/D,+BAA+B;AAC/B,MAAM,MAAM,eAAe,GACvB,SAAS,GACT,aAAa,GACb,iBAAiB,GACjB,cAAc,GACd,OAAO,CAAC;AAEZ,4DAA4D;AAC5D,MAAM,MAAM,iBAAiB,GAAG,mBAAmB,GAAG,qBAAqB,GAAG,OAAO,CAAC;AAItF;;;;;;;;GAQG;AACH,MAAM,WAAW,cAAc;IAC7B,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,uCAAuC;IACvC,OAAO,EAAE,MAAM,CAAC;IAChB,kDAAkD;IAClD,aAAa,EAAE,MAAM,CAAC;IACtB,qCAAqC;IACrC,QAAQ,EAAE,MAAM,CAAC;IACjB,yCAAyC;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,EAAE,eAAe,CAAC;IAC1B,kCAAkC;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,mDAAmD;IACnD,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB;;;;OAIG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kEAAkE;IAClE,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,gEAAgE;AAChE,MAAM,MAAM,mBAAmB,GAC3B,mBAAmB,GACnB,YAAY,GACZ,cAAc,GACd,kBAAkB,GAClB,kBAAkB,GAClB,aAAa,CAAC;AAElB;;;;;;;GAOG;AACH,MAAM,WAAW,eAAe;IAC9B,sCAAsC;IACtC,UAAU,EAAE,MAAM,CAAC;IACnB,yCAAyC;IACzC,YAAY,EAAE,MAAM,CAAC;IACrB,qBAAqB;IACrB,aAAa,EAAE,mBAAmB,CAAC;IACnC,kCAAkC;IAClC,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,uCAAuC;IACvC,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe;IACf,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kEAAkE;IAClE,SAAS,EAAE,MAAM,CAAC;CACnB;AAID;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,eAAe;IAC9B;;;;;;OAMG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB;;;;;OAKG;IACH,KAAK,EAAE,MAAM,CAAC;IACd,iCAAiC;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB;IACpB,IAAI,EAAE,cAAc,CAAC;IACrB,4BAA4B;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,qFAAqF;IACrF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,WAAW,WAAW;IAC1B,gFAAgF;IAChF,UAAU,EAAE,MAAM,CAAC;IACnB;;;;OAIG;IACH,KAAK,EAAE,MAAM,CAAC;IACd,gHAAgH;IAChH,eAAe,EAAE,cAAc,CAAC;IAChC;;;;OAIG;IACH,eAAe,EAAE,eAAe,EAAE,CAAC;IACnC,kFAAkF;IAClF,YAAY,EAAE,MAAM,CAAC;IACrB,qFAAqF;IACrF,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kFAAkF;IAClF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;GAMG;AACH,MAAM,WAAW,iBAAiB;IAChC,kCAAkC;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,0BAA0B;IAC1B,UAAU,EAAE,cAAc,CAAC;IAC3B,0CAA0C;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,iCAAiC;IACjC,WAAW,EAAE,iBAAiB,CAAC;IAC/B,qDAAqD;IACrD,WAAW,EAAE,MAAM,CAAC;IACpB,wDAAwD;IACxD,WAAW,EAAE,MAAM,CAAC;IACpB,+CAA+C;IAC/C,iBAAiB,EAAE,eAAe,EAAE,CAAC;IACrC,eAAe;IACf,WAAW,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kEAAkE;IAClE,SAAS,EAAE,MAAM,CAAC;CACnB;AAID;;;;;;GAMG;AACH,MAAM,WAAW,aAAa;IAC5B,yCAAyC;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,wCAAwC;IACxC,WAAW,EAAE,MAAM,CAAC;IACpB,uCAAuC;IACvC,MAAM,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,eAAe;IACf,WAAW,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,kEAAkE;IAClE,SAAS,EAAE,MAAM,CAAC;CACnB;AAeD;;;;;;;;;GASG;AACH,MAAM,WAAW,qCAAqC;IACpD,IAAI,EAAE,iBAAiB,CAAC;IACxB;;;OAGG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB,0EAA0E;IAC1E,KAAK,EAAE,oBAAoB,CAAC;CAC7B;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,WAAW,yCAAyC;IACxD,IAAI,EAAE,qBAAqB,CAAC;IAC5B;;;;OAIG;IACH,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC3C;AAED,oEAAoE;AACpE,MAAM,MAAM,uBAAuB,GAC/B,qCAAqC,GACrC,yCAAyC,CAAC;AAE9C;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,sBAAsB;IACrC,2CAA2C;IAC3C,UAAU,EAAE,MAAM,CAAC;IACnB,oGAAoG;IACpG,WAAW,EAAE,MAAM,CAAC;IACpB;;;;OAIG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB,kEAAkE;IAClE,oBAAoB,EAAE,MAAM,CAAC;IAC7B,8CAA8C;IAC9C,QAAQ,EAAE,uBAAuB,CAAC;IAClC,eAAe;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB;;;OAGG;IACH,KAAK,EAAE,4BAA4B,CAAC;IACpC,+EAA+E;IAC/E,SAAS,EAAE,MAAM,CAAC;CACnB"}

package/dist/index.d.ts

@@ -85,6 +85,53 @@ export interface AgentTrustRecord {
     avg_quality?: number;
     /** Number of quality samples collected. */
     quality_sample_count?: number;
+    /**
+     * Most-recent verified hardware-attestation snapshot about the remote
+     * agent. Projected from the latest peer-issued `AgentTrustCredential`
+     * in the credential store at read time — never persisted on
+     * `agent_trust`. The credential is the authoritative source; caching
+     * the claim on the trust row would invite drift on revocation /
+     * re-attestation. Absent when no credential carries a claim.
+     *
+     * Shape mirrors `AgentHardwareAttestation` in `@motebit/panels` so
+     * surfaces can pass `AgentTrustRecord[]` straight to the Agents-panel
+     * adapter without per-field transformation. `score` is computed once
+     * at projection time via `scoreAttestation`
+     * (`packages/semiring/src/hardware-attestation.ts`) — keep both shapes
+     * byte-aligned. The same data flows into `HardwareAttestationSemiring`
+     * for routing — see `docs/doctrine/self-attesting-system.md`: a
+     * routing-input claim MUST be visible to the user.
+     */
+    hardware_attestation?: {
+        platform: HardwareAttestationClaim["platform"];
+        key_exported?: boolean;
+        score: number;
+    };
+    /**
+     * Most-recent observed-latency snapshot for delegations to this peer.
+     * Projected from the local `LatencyStatsStore` at read time — never
+     * persisted on `agent_trust`. The store is the authoritative source;
+     * caching avg/p95 on the trust row would invite drift on every new
+     * task. Absent when the store has zero samples for this pair.
+     *
+     * Same surface contract as `hardware_attestation`: every routing-input
+     * the runtime computes against MUST be visible to the user, per
+     * `docs/doctrine/self-attesting-system.md`. Latency factors into peer
+     * ranking through `agent-graph.ts`'s latency map (default 3000ms when
+     * stats are absent); the Agents-panel latency render is the user-facing
+     * surface for that input.
+     *
+     * Shape mirrors `AgentLatencyStats` in `@motebit/panels` so surfaces
+     * can pass `AgentTrustRecord[]` straight to the Agents-panel adapter
+     * without per-field transformation. Numbers in milliseconds; integer
+     * sample counts. The relay-side enricher uses the same shape from its
+     * `relay_latency_stats` table.
+     */
+    latency_stats?: {
+        avg_ms: number;
+        p95_ms: number;
+        sample_count: number;
+    };
 }
 /** Thresholds for automatic trust level promotion/demotion. */
 export interface TrustTransitionThresholds {
@@ -200,7 +247,12 @@ export declare enum EventType {
     TrustLevelChanged = "trust_level_changed",
     KeyRotated = "key_rotated",
     ComputerSessionOpened = "computer_session_opened",
-    ComputerSessionClosed = "computer_session_closed"
+    ComputerSessionClosed = "computer_session_closed",
+    ComputerSessionSummarized = "computer_session_summarized",
+    CoBrowseControlChanged = "co_browse_control_changed",
+    UserInputForwarded = "user_input_forwarded",
+    SkillLoaded = "skill_loaded",
+    SensitivityGateFired = "sensitivity_gate_fired"
 }
 export declare enum MemoryType {
     Episodic = "episodic",
@@ -321,6 +373,16 @@ export interface ToolAuditEntry {
     injection?: InjectionWarning;
     costUnits?: number;
     timestamp: number;
+    /**
+     * Sensitivity tier classified at write time. Optional in v1: pre-
+     * phase-5 entries drop the field, and the consolidation-cycle flush
+     * phase lazy-classifies on read per docs/doctrine/retention-policy.md
+     * §"Decision 6b". Tool-audit entries also carry an obligation floor
+     * resolved per record (settlement window, dispute window, regulatory
+     * floor); the cycle's flush phase computes
+     * `max(sensitivity_floor, obligation_floor)` per decision 3.
+     */
+    sensitivity?: SensitivityLevel;
 }
 export interface ToolDefinition {
     name: string;
@@ -340,11 +402,103 @@ export interface ToolDefinition {
      * last. See `@motebit/protocol/tool-mode`.
      */
     mode?: ToolMode;
+    /**
+     * Outbound axis — true when execution sends bytes outside the device
+     * (HTTP fetch, search-engine query, MCP server call,
+     * cross-motebit delegation). Independent of `riskHint` (which
+     * captures local risk: file overwrite, irreversible side effect).
+     *
+     * Consumed by the runtime's sensitivity-routing gate: an outbound
+     * tool refuses to execute when session sensitivity is
+     * medical/financial/secret AND the configured provider is not
+     * sovereign — the same fail-closed contract that gates AI provider
+     * calls (CLAUDE.md privacy doctrine: "Medical/financial/secret never
+     * reach external AI"; the principle generalizes to any outbound
+     * surface). Default `false`/absent ≡ local — matches the
+     * pre-existing builtin set (read_file, recall_memories, current_time).
+     *
+     * Tools added through `@motebit/mcp-client` always set this to
+     * `true` (MCP tools execute against a remote server by definition).
+     * See `check-tool-modes` for the cost-tier sibling and
+     * `check-sensitivity-routing` for the outbound enforcement gate.
+     */
+    outbound?: boolean;
+    /**
+     * Embodiment mode the slab item should stamp when this tool's
+     * activity lands on the slab. One of: `"mind"` | `"tool_result"` |
+     * `"virtual_browser"` | `"shared_gaze"` | `"desktop_drive"` |
+     * `"peer_viewport"`. The string union is canonically declared as
+     * `EmbodimentMode` in `@motebit/render-engine` (typed as `string`
+     * here to avoid the protocol→render-engine layer break — promoting
+     * the type into `@motebit/protocol` is a separate slice the doctrine
+     * names as deferred).
+     *
+     * Why this lives on the tool definition (not on each chunk): the
+     * embodiment is determined at registration time by the surface
+     * wiring the dispatcher. The `computer` tool's wire format is
+     * surface-agnostic but its embodiment is dispatcher-specific:
+     * `apps/web/src/computer-tool.ts` registers it with
+     * `embodimentMode: "virtual_browser"` (cloud Chromium); the desktop
+     * surface registers the same name with `embodimentMode:
+     * "desktop_drive"` (real OS). The runtime's slab-projection picks
+     * `chunk.mode` (sourced from this field) over `tool-policy.ts`'s
+     * generic floor — so the same tool name produces the right
+     * embodiment per surface without forcing surface-aware code into
+     * the central registry. Doctrine: motebit-computer.md §"v1
+     * implementation status — Deferred to v1.5+: per-dispatcher mode
+     * stamping" — landed as v1.1 of the virtual_browser arc.
+     */
+    embodimentMode?: string;
+    /**
+     * Slab-projection policy for this tool. Closed string-literal union:
+     *
+     *   - `"tool_call"` (default when omitted) — open a generic
+     *     `tool_call` slab item on each invocation. The familiar
+     *     "REQUEST_X / calling…" card. Right for tools that produce
+     *     body acts (web_search, read_file, computer).
+     *   - `"none"` — do NOT open a slab item. The tool is **state
+     *     chrome**, not a body act, and its visible representation is
+     *     a different surface (e.g. `request_control`'s visible
+     *     surface is the slab control band, not a tool_call card).
+     *     Without this, state-chrome tools would render duplicate UI:
+     *     the affordance card AND the chrome both visible, competing
+     *     for attention and obscuring the band's Grant/Deny buttons.
+     *
+     * Doctrine: motebit-computer.md — slab content is body acts
+     * (browser, peer viewport, memory artifact, tool result, desktop
+     * surface). Slab CHROME is state-aware overlays (control band,
+     * address bar, halt indicator). State-chrome tools belong in the
+     * latter; the slab item projection is for the former.
+     *
+     * Plumbing: read on the tool_status chunk by ai-core's loop.ts
+     * and consumed by the runtime's slab-projection at open time.
+     * The closed-string-literal union keeps additions backward
+     * compatible (a future `"observation"` variant could narrow
+     * further without breaking existing consumers).
+     */
+    slabProjection?: "none" | "tool_call";
 }
 export interface ToolResult {
     ok: boolean;
     data?: unknown;
     error?: string;
+    /**
+     * Optional structured failure category, set by handlers that wrap
+     * a typed error carrying its own `reason` field (e.g.
+     * `ComputerDispatcherError`). Lets downstream consumers route on
+     * category without parsing the human-readable `error` text.
+     *
+     * v1 carriers:
+     *   - `not_in_control` — Slice 1 co-browse gate denial. The
+     *     runtime's slab projection uses this to suppress a body
+     *     `tool_call` item: control-state denials' canonical surface
+     *     is the slab control band (Slice 2b doorbell), not the body.
+     *
+     * Open string-literal — additive. New reason categories land
+     * without breaking existing callers (consumers either route on
+     * the value they care about or ignore the field).
+     */
+    reason?: string;
     /** Set by adapters that already applied boundary wrapping (e.g. MCP client). */
     _sanitized?: boolean;
 }
@@ -398,6 +552,14 @@ export interface SyncConversationMessage {
     tool_call_id: string | null;
     created_at: number;
     token_estimate: number;
+    /**
+     * Sensitivity tier classified at write time. Optional in v1: peers
+     * running pre-phase-5 builds drop the field on push, and the receiver
+     * lazy-classifies on flush per docs/doctrine/retention-policy.md
+     * §"Decision 6b" using the operator's
+     * `pre_classification_default_sensitivity`.
+     */
+    sensitivity?: import("./retention-policy.js").SensitivityLevelString;
 }
 /** Result of a conversation sync cycle. */
 export interface ConversationSyncResult {
@@ -721,10 +883,10 @@ export interface ConsolidationReceipt {
     finished_at: number;
     /** Phases that ran to completion. Closed union — adding a phase is a
      *  protocol-coordinated change. */
-    phases_run: ReadonlyArray<"orient" | "gather" | "consolidate" | "prune">;
+    phases_run: ReadonlyArray<"orient" | "gather" | "consolidate" | "prune" | "flush">;
     /** Phases that yielded mid-execution because their AbortSignal fired
      *  (budget exhausted or parent signal aborted). Subset of `phases_run`. */
-    phases_yielded: ReadonlyArray<"orient" | "gather" | "consolidate" | "prune">;
+    phases_yielded: ReadonlyArray<"orient" | "gather" | "consolidate" | "prune" | "flush">;
     /** Structural counts only — never memory content. The privacy boundary
      *  is the type: there is no field here that could leak a memory's text
      *  or embedding. Adding such a field is a protocol break. */
@@ -736,6 +898,10 @@ export interface ConsolidationReceipt {
         pruned_decay?: number;
         pruned_notability?: number;
         pruned_retention?: number;
+        /** Conversation messages flushed under `consolidation_flush` (phase 5-ship). */
+        flushed_conversations?: number;
+        /** Tool-audit entries flushed under `consolidation_flush` (phase 5-ship). */
+        flushed_tool_audits?: number;
     };
     /**
      * Cryptosuite discriminator. Always `"motebit-jcs-ed25519-b64-v1"` for
@@ -1073,7 +1239,13 @@ export interface ExecutionStepSummary {
     };
 }
 export interface GoalExecutionManifest {
-    spec: "motebit/execution-ledger@1.0";
+    /**
+     * `motebit/execution-ledger@1.0` for legacy ledgers, `motebit/execution-ledger@1.1`
+     * for ledgers that embed byte-identical inner signed receipts via `signed_receipts`.
+     * v1.1 is purely additive — every v1.0 consumer continues to parse v1.1 bodies
+     * by ignoring the optional field. See `spec/execution-ledger-v1.md` §4.3.
+     */
+    spec: "motebit/execution-ledger@1.0" | "motebit/execution-ledger@1.1";
     motebit_id: string;
     goal_id: string;
     plan_id: string;
@@ -1083,6 +1255,19 @@ export interface GoalExecutionManifest {
     timeline: ExecutionTimelineEntry[];
     steps: ExecutionStepSummary[];
     delegation_receipts: DelegationReceiptSummary[];
+    /**
+     * Byte-identical canonical-JSON of each delegated motebit's signed
+     * `ExecutionReceipt`. Optional and only present in v1.1 reconstructions
+     * where the relay has the receipts archived (per
+     * `services/relay/CLAUDE.md` Rule 11). Each element is the JSON-stringified
+     * receipt the motebit signed; verifiers MAY parse + recursively verify
+     * each one's Ed25519 signature independently. Closes the operator-trust
+     * gap that v1.0 summaries leave open — a relay that lies about which
+     * motebit did the work is detectable because the inner signature can be
+     * checked against the named motebit's public key without trusting the
+     * relay. See `spec/execution-ledger-v1.md` §4.3.
+     */
+    signed_receipts?: string[];
     content_hash: string;
     signature?: string;
 }
@@ -1095,6 +1280,14 @@ export interface DelegationReceiptSummary {
     tools_used: string[];
     signature_prefix: string;
 }
+/**
+ * Canonical spec identifiers for the execution-ledger reconstruction.
+ * v1.1 adds the optional `signed_receipts` field; the wire shape is
+ * otherwise identical to v1.0. Verifiers that recognize v1.1 SHOULD
+ * iterate `signed_receipts` and verify each inner signature when present.
+ */
+export declare const EXECUTION_LEDGER_SPEC_V1_0: "motebit/execution-ledger@1.0";
+export declare const EXECUTION_LEDGER_SPEC_V1_1: "motebit/execution-ledger@1.1";
 export interface AgentCapabilities {
     motebit_id: MotebitId;
     public_key: string;
@@ -1168,7 +1361,7 @@ export declare const PLATFORM_FEE_RATE = 0.05;
 /**
  * Per-task settlement bookkeeping artifact.
  *
- * Foundation Law (services/api/CLAUDE.md rule 6):
+ * Foundation Law (services/relay/CLAUDE.md rule 6):
  * - Every truth the relay asserts (credential anchor proofs,
  *   revocation memos, settlement receipts) is independently
  *   verifiable onchain without relay contact.
@@ -1578,6 +1771,15 @@ export interface ConversationStoreAdapter {
         content: string;
         toolCalls?: string;
         toolCallId?: string;
+        /**
+         * Sensitivity tier the message was classified at on write.
+         * Optional in v1: pre-classification messages and adapters that
+         * haven't yet been migrated to the phase-5-ship column drop the
+         * field, and the consolidation-cycle flush phase lazy-classifies
+         * on read per docs/doctrine/retention-policy.md §"Decision 6b"
+         * (operator manifest's `pre_classification_default_sensitivity`).
+         */
+        sensitivity?: SensitivityLevel;
     }): void;
     loadMessages(conversationId: string, limit?: number): Array<{
         messageId: string;
@@ -1589,6 +1791,7 @@ export interface ConversationStoreAdapter {
         toolCallId: string | null;
         createdAt: number;
         tokenEstimate: number;
+        sensitivity?: SensitivityLevel;
     }>;
     getActiveConversation(motebitId: string): {
         conversationId: string;
@@ -1606,6 +1809,28 @@ export interface ConversationStoreAdapter {
         messageCount: number;
     }>;
     deleteConversation(conversationId: string): void;
+    /**
+     * Enumerate messages older than `beforeCreatedAt`. The
+     * consolidation-cycle flush phase calls this per
+     * docs/doctrine/retention-policy.md §"Consolidation flush" to find
+     * candidates whose retention floor may have passed. Optional — when
+     * absent, the flush phase is a no-op for this store on this surface.
+     */
+    enumerateForFlush?(motebitId: string, beforeCreatedAt: number): Array<{
+        messageId: string;
+        conversationId: string;
+        role: string;
+        content: string;
+        createdAt: number;
+        sensitivity?: SensitivityLevel;
+    }>;
+    /**
+     * Erase a single message row — physical row removal, the storage
+     * operation behind a `consolidation_flush` deletion certificate per
+     * decision 7. Distinct from `deleteConversation` (whole-conversation
+     * tombstone). Optional — paired with `enumerateForFlush`.
+     */
+    eraseMessage?(messageId: string): void;
 }
 export interface StateSnapshotAdapter {
     saveState(motebitId: string, stateJson: string, versionClock?: number): void;
@@ -1670,6 +1895,19 @@ export interface EventStoreAdapter {
     tombstone(eventId: string, motebitId: string): Promise<void>;
     /** Delete events with version_clock <= beforeClock. Returns count deleted. */
     compact?(motebitId: string, beforeClock: number): Promise<number>;
+    /**
+     * Erase events with `timestamp < horizonTs`. Returns count erased.
+     * Distinct from `compact` (state-snapshot driven, version-clock-keyed):
+     * `truncateBeforeHorizon` is the storage operation behind an
+     * `append_only_horizon` deletion certificate per
+     * docs/doctrine/retention-policy.md §"Decision 4". Whole-prefix
+     * truncation only — entries before `horizonTs` are unrecoverable.
+     *
+     * Optional in phase 4a (local-only horizon advance ships first).
+     * Phase 4b tightens to required once federation co-witness lands and
+     * every operator's event log is expected to support horizon advance.
+     */
+    truncateBeforeHorizon?(motebitId: string, horizonTs: number): Promise<number>;
     /** Count total events for a motebit. */
     countEvents?(motebitId: string): Promise<number>;
 }
@@ -1715,6 +1953,41 @@ export interface AuditStatsSince {
     blocked: number;
     failed: number;
 }
+/**
+ * audit-chain — single entry in the hash-linked tamper-evident
+ * audit trail. Each entry's `hash` is `SHA-256(canonical({
+ * previous_hash, entry_id, timestamp, event_type, actor_id, data
+ * }))`; `previous_hash` references the prior entry's `hash` (or
+ * `"genesis"` for the first entry). The runtime computes hashes on
+ * append; verifiers recompute and compare.
+ *
+ * Lives in protocol (permissive-floor wire-format type) so
+ * `StorageAdapters.auditChainStore` can reference it without sdk
+ * importing the BSL `@motebit/policy` package. The concrete
+ * primitives (`appendAuditEntry`, `verifyAuditChain`, the
+ * `crypto.subtle` hashing) live in `@motebit/policy`'s
+ * `audit-chain.ts` — that's where the algorithm runs.
+ */
+export interface AuditChainEntry {
+    readonly entry_id: string;
+    readonly timestamp: number;
+    readonly event_type: string;
+    readonly actor_id: string;
+    readonly data: Record<string, unknown>;
+    readonly previous_hash: string;
+    readonly hash: string;
+}
+/**
+ * audit-chain — minimal storage interface adapters implement.
+ * Append-only — the chain breaks if entries are deleted or
+ * reordered, which is the whole tamper-evidence point.
+ */
+export interface AuditChainStoreAdapter {
+    append(entry: AuditChainEntry): Promise<void>;
+    getEntries(from?: number, to?: number): Promise<AuditChainEntry[]>;
+    getHead(): Promise<AuditChainEntry | undefined>;
+    count(): Promise<number>;
+}
 export interface AuditLogSink {
     append(entry: ToolAuditEntry): void;
     query(turnId: string): ToolAuditEntry[];
@@ -1722,6 +1995,20 @@ export interface AuditLogSink {
     queryStatsSince(afterTimestamp: number): AuditStatsSince;
     /** Query tool audit entries by run_id (plan execution). Optional — returns [] if not implemented. */
     queryByRunId?(runId: string): ToolAuditEntry[];
+    /**
+     * Enumerate entries older than `beforeTimestamp`. The
+     * consolidation-cycle flush phase calls this per
+     * docs/doctrine/retention-policy.md §"Consolidation flush" to find
+     * candidates whose retention floor may have passed. Optional — when
+     * absent, the flush phase is a no-op for this store on this surface.
+     */
+    enumerateForFlush?(beforeTimestamp: number): ToolAuditEntry[];
+    /**
+     * Erase a single tool-audit entry — physical row removal, the storage
+     * operation behind a `consolidation_flush` deletion certificate per
+     * decision 7. Optional — paired with `enumerateForFlush`.
+     */
+    erase?(callId: string): void;
 }
 export interface PlanStoreAdapter {
     savePlan(plan: Plan): void;
@@ -1775,16 +2062,33 @@ export type { CredentialAnchorBatch, CredentialChainAnchor, CredentialAnchorProo
 export type { AgentSettlementAnchorBatch, AgentSettlementChainAnchor, AgentSettlementAnchorProof, } from "./agent-settlement-anchor.js";
 export type { RelayMetadata, RelayMetadataPeer, AgentResolutionResult } from "./discovery.js";
 export type { MigrationState, MigrationRequest, MigrationToken, DepartureAttestation, CredentialBundle, BalanceWaiver, MigrationPresentation, } from "./migration.js";
-export type { DisputeState, DisputeOutcome, DisputeCategory, DisputeFundAction, DisputeRequest, DisputeEvidence, DisputeEvidenceType, AdjudicatorVote, DisputeResolution, DisputeAppeal, } from "./dispute.js";
+export type { DisputeState, DisputeOutcome, DisputeCategory, DisputeFundAction, DisputeRequest, DisputeEvidence, DisputeEvidenceType, AdjudicatorVote, VoteRequest, DisputeResolution, DisputeAppeal, WitnessOmissionDispute, WitnessOmissionEvidence, WitnessOmissionInclusionProofEvidence, WitnessOmissionAlternativePeeringEvidence, } from "./dispute.js";
 export type { SettlementMode, P2pPaymentProof, PaymentVerificationStatus, SettlementEligibility, SolvencyProof, } from "./settlement-mode.js";
 export type { SuiteId, SuiteEntry, SuiteStatus, SuiteAlgorithm, SuiteCanonicalization, SuiteSignatureEncoding, SuitePublicKeyEncoding, } from "./crypto-suite.js";
 export { SUITE_REGISTRY, ALL_SUITE_IDS, isSuiteId, getSuiteEntry } from "./crypto-suite.js";
+export { MAX_RETENTION_DAYS_BY_SENSITIVITY, REFERENCE_RETENTION_DAYS_BY_SENSITIVITY, RUNTIME_RETENTION_REGISTRY, EMPTY_FEDERATION_GRAPH_ANCHOR, } from "./retention-policy.js";
+export type { RetentionCeilingDays, RetentionShape, RetentionShapeDeclaration, RetentionStoreDeclaration, RetentionManifest, RuntimeStoreId, DeletionCertificate, DeletionReason, HorizonSubject, HorizonWitness, HorizonWitnessRequestBody, WitnessSolicitationRequest, WitnessSolicitationResponse, FederationGraphAnchor, MerkleAlgo, MerkleInclusionProof, SubjectSignature, OperatorSignature, DelegateSignature, GuardianSignature, SensitivityLevelString, } from "./retention-policy.js";
 export type { MemoryDecayedPayload, MemoryFormedPayload, MemoryAccessedPayload, MemoryPinnedPayload, MemoryDeletedPayload, MemoryConsolidatedPayload, MemoryAuditPayload, MemoryPromotedPayload, } from "./memory-events.js";
 export type { GoalCreatedPayload, GoalExecutedPayload, GoalProgressPayload, GoalCompletedPayload, GoalRemovedPayload, } from "./goal-lifecycle.js";
 export type { PlanCreatedPayload, PlanStepStartedPayload, PlanStepCompletedPayload, PlanStepFailedPayload, PlanStepDelegatedPayload, PlanCompletedPayload, PlanFailedPayload, } from "./plan-lifecycle.js";
-export type { ComputerPoint, ComputerTargetHint, ScreenshotAction, CursorPositionAction, ClickAction, DoubleClickAction, MouseMoveAction, DragAction, TypeAction, KeyAction, ScrollAction, ComputerAction, ComputerActionKind, ComputerActionRequest, ComputerObservationResult, ComputerRedaction, ScreenshotObservation, CursorPositionObservation, ComputerSessionOpened, ComputerSessionClosed, ComputerFailureReason, } from "./computer-use.js";
+export type { ComputerPoint, ComputerTargetHint, ScreenshotAction, CursorPositionAction, ClickAction, DoubleClickAction, MouseMoveAction, DragAction, TypeAction, KeyAction, ScrollAction, NavigateAction, ClickElementAction, FocusElementAction, TypeIntoAction, ComputerAction, ComputerActionKind, ComputerActionRequest, ComputerObservationResult, ComputerRedaction, ScreenshotObservation, CursorPositionObservation, ReadPageResult, ReadPageHeading, ReadPageLink, ReadPageInput, ReadPageButton, ComputerSessionOpened, ComputerSessionClosed, ComputerFailureReason, ComputerSessionActionRecord, SignableComputerSessionReceipt, ComputerSessionReceipt, ScreencastFrame, ScreencastFrameSource, } from "./computer-use.js";
 export { COMPUTER_ACTION_KINDS, COMPUTER_FAILURE_REASONS } from "./computer-use.js";
+export type { ControlHolder, ControlState, CoBrowseTransitionKind, CoBrowseControlChangedPayload, KeyModifiers, UserInputEvent, UserInputForwardOutcome, UserInputRejectionReason, CharacterClass, KeyRole, UserInputForwardedDetail, UserInputForwardedPayload, } from "./co-browse.js";
+export { CO_BROWSE_TRANSITION_KINDS } from "./co-browse.js";
 export type { ToolMode } from "./tool-mode.js";
 export { TOOL_MODES, toolModePriority } from "./tool-mode.js";
+export type { DropPayloadKind, DropTarget, DropPayload, UserActionAttestation, SensitivityGateEntry, SensitivityElevationSource, SensitivityGateFiredPayload, } from "./perception.js";
+export { resolveDropTarget } from "./perception.js";
+export { rankSensitivity, maxSensitivity, sensitivityPermits } from "./sensitivity.js";
+export { MICRO, CENTS, toMicro, fromMicro, toCents, fromCents } from "./money.js";
+export type { TokenAudience } from "./audience.js";
+export { ALL_TOKEN_AUDIENCES, isTokenAudience, SYNC_AUDIENCE, DEVICE_AUTH_AUDIENCE, PAIR_AUDIENCE, ROTATE_KEY_AUDIENCE, PUSH_REGISTER_AUDIENCE, TASK_SUBMIT_AUDIENCE, ADMIN_QUERY_AUDIENCE, PROPOSAL_AUDIENCE, ACCOUNT_BALANCE_AUDIENCE, ACCOUNT_DEPOSIT_AUDIENCE, ACCOUNT_WITHDRAW_AUDIENCE, ACCOUNT_WITHDRAWALS_AUDIENCE, ACCOUNT_CHECKOUT_AUDIENCE, BROWSER_SANDBOX_GRANT_AUDIENCE, BROWSER_SANDBOX_AUDIENCE, } from "./audience.js";
+export type { ContentArtifactType } from "./artifact-type.js";
+export { ALL_CONTENT_ARTIFACT_TYPES, isContentArtifactType, STATE_SNAPSHOT_ARTIFACT, MEMORY_EXPORT_ARTIFACT, GOAL_LIST_ARTIFACT, CONVERSATION_LIST_ARTIFACT, CONVERSATION_MESSAGES_ARTIFACT, DEVICE_LIST_ARTIFACT, AUDIT_TRAIL_ARTIFACT, PLAN_LIST_ARTIFACT, PLAN_DETAIL_ARTIFACT, GRADIENT_HISTORY_ARTIFACT, SYNC_PULL_ARTIFACT, EXECUTION_LEDGER_ARTIFACT, } from "./artifact-type.js";
+export type { SignedTransparencyDeclaration, TransparencySignedPayload, TransparencyAnchorRecord, } from "./transparency.js";
+export { TRANSPARENCY_SUITE, TRANSPARENCY_ANCHOR_MEMO_PREFIX, TRANSPARENCY_SPEC_ID, isSignedTransparencyDeclaration, } from "./transparency.js";
 import type { ToolMode } from "./tool-mode.js";
+export type { SkillSensitivity, SkillPlatform, SkillHardwareAttestationGate, SkillSignature, SkillManifestMetadata, SkillManifestMotebit, SkillManifest, SkillEnvelopeFile, SkillEnvelopeSkillRef, SkillEnvelope, SkillLoadPayload, } from "./skills.js";
+export { SKILL_SENSITIVITY_TIERS, SKILL_AUTO_LOADABLE_TIERS, SKILL_PLATFORMS } from "./skills.js";
+export type { SkillRegistryEntry, SkillRegistrySubmitRequest, SkillRegistrySubmitResponse, SkillRegistryListing, SkillRegistryBundle, } from "./skills.js";
 //# sourceMappingURL=index.d.ts.map