@nice-code/action 0.16.0 → 0.17.0

package/build/{ActionPayload.types-fieMKAgt.d.mts → ActionPayload.types-snDlSIF-.d.cts}

@@ -1,8 +1,8 @@
 import { INiceErrorDomainProps, InferNiceError, NiceError, NiceErrorDomain, err_cast_not_nice } from "@nice-code/error";
+import { StandardSchemaV1 } from "@standard-schema/spec";
 import { RuntimeName } from "std-env";
 import { ClientCryptoKeyLink, StorageAdapter, TSerializedCryptoKeyData_Ed25519_Raw, TSerializedCryptoKeyData_X25519_Raw, TTypeAndId } from "@nice-code/util";
 import * as v from "valibot";
-import { StandardSchemaV1 } from "@standard-schema/spec";
 
 //#region src/ActionDefinition/Schema/ActionSchema.types.d.ts
 type TTransportedValue<RAW_VAL, SERDE_VAL> = [RAW_VAL] | [RAW_VAL, SERDE_VAL];
@@ -752,6 +752,14 @@ declare abstract class PeerLinkHandler extends ActionHandler<EActionHandlerType.
   abstract sendReturnPayload(payload: TActionPayload_Any_Instance<any, any>, config: {
     targetLocalRuntime: ActionRuntime;
   }): Promise<boolean>;
+  /**
+   * Whether this handler currently holds a *live* connection bound to `origin`. The runtime's return-path
+   * dispatch ({@link ActionRuntime.getReturnHandlerForOrigin}) prefers a handler that owns the origin's
+   * connection over a mere coordinate match, so with several duplex acceptors a result/push routes back
+   * over the carrier the client connected on. Defaults to `false`; an acceptor overrides it from its
+   * connection registry.
+   */
+  ownsLiveConnectionFor(_origin: RuntimeCoordinate): boolean;
   /** Release any long-lived connections this handler owns (a teardown). No-op by default. */
   clearTransportCache(): void;
 }
@@ -1288,6 +1296,12 @@ declare class ActionRuntime {
    * Find the best registered external handler that can reach `originClient` directly.
    * Used to locate the return-path channel for dispatching results back to the action origin.
    * Returns `undefined` if no handler matches (score > 0 required, i.e. at least id must match).
+   *
+   * A handler that currently holds the origin's *live* connection always wins over a mere coordinate
+   * match — so with several duplex acceptors (e.g. WS + WebRTC) a result/push routes back over the carrier
+   * the client actually connected on, never a same-coordinate sibling that lacks the socket. Only when no
+   * handler owns a live connection do we fall back to the plain best-coordinate-score pick (the
+   * single-acceptor and connector-only cases, unchanged).
    */
   getReturnHandlerForOrigin(originClient: RuntimeCoordinate): PeerLinkHandler | undefined;
   resetRuntime(): void;
@@ -1594,6 +1608,10 @@ declare class AcceptorHandler<TConn = unknown> extends PeerLinkHandler {
   dropConnection(connection: TConn): void;
   /** Live connection for a client coordinate, if currently registered. */
   getConnectionForClient(client: RuntimeCoordinate): TConn | undefined;
+  /** This acceptor owns the origin's return path when it currently holds a live connection bound to it. */
+  ownsLiveConnectionFor(origin: RuntimeCoordinate): boolean;
+  /** Whether this acceptor currently tracks `connection` — used to pick the owning handler among several. */
+  hasConnection(connection: TConn): boolean;
   /**
    * Send (and optionally await) a server-initiated action to a specific connected client. Pass the
    * connection token directly (e.g. the `ws`) or a client `RuntimeCoordinate` to look one up.
@@ -1682,8 +1700,8 @@ type TChannelCodec = IActionWireFormat;
  * The shared identity of a secure channel (carrier-agnostic — WS, WebRTC, HTTP, …): the wire
  * dictionary version both ends check during the handshake, plus the per-connection codec factory both
  * ends build from the *same* domain list. Define it once (typically in code shared by both peers) and
- * hand it to `secureTransport` on the connector and `acceptChannel` / `createSecureAcceptorHandler` on
- * the acceptor, so the codec and version can never drift apart.
+ * hand it to `secureTransport` on the connector and `serveChannel` (or the lower-level `acceptChannel` /
+ * `createSecureAcceptorHandler`) on the acceptor, so the codec and version can never drift apart.
  */
 interface ISecureChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[]> extends IActionChannel<TO_ACCEPTOR, TO_CONNECTOR> {
   /** Wire dictionary version — derived from the domains by default; the handshake rejects a mismatch. */
@@ -1818,6 +1836,12 @@ interface IAcceptChannelOptions<TConn> {
   storageAdapter: StorageAdapter;
   /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
   send: (connection: TConn, frame: string | Uint8Array | ArrayBuffer) => void;
+  /**
+   * The acceptor's crypto identity. Defaults to a fresh `ClientCryptoKeyLink` over `storageAdapter`.
+   * Pass an existing link to share one identity across several acceptors on the same server (e.g. this
+   * WebSocket acceptor and a secure-HTTP `createActionFetchHandler`), so they present the same keys.
+   */
+  link?: ClientCryptoKeyLink;
   /** Accepted level(s); defaults to negotiating any of none/authenticated/encrypted. */
   securityLevel?: ESecurityLevel | readonly ESecurityLevel[];
   /** Trust decision for a client's verify key; defaults to storage-backed TOFU over `storageAdapter`. */
@@ -1838,6 +1862,351 @@ interface IAcceptChannelOptions<TConn> {
  */
 declare function acceptChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[], TConn = unknown>(runtime: ActionRuntime, channel: ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IAcceptChannelOptions<TConn>): AcceptorHandler<TConn>;
 //#endregion
+//#region src/ActionRuntime/Handler/PeerLink/Acceptor/Hibernation/createHibernatableWsServerAdapter.d.ts
+interface IHibernatableWsServerAdapterOptions<TConn> {
+  /** The handler to drive (from `createSecureAcceptorHandler` or `createAcceptorHandler`). */
+  handler: AcceptorHandler<TConn>;
+  /** All currently-live connections — replayed on construction to rebuild bindings after a wake. */
+  getConnections: () => TConn[];
+  /** Read a connection's persisted binding (e.g. `(ws) => ws.deserializeAttachment()`). */
+  getAttachment: (connection: TConn) => IAcceptorConnectionBinding | undefined;
+  /** Persist a connection's binding when it is bound (e.g. `(ws, b) => ws.serializeAttachment(b)`). */
+  setAttachment: (connection: TConn, binding: IAcceptorConnectionBinding) => void;
+}
+/**
+ * The neutral lifecycle surface for a duplex (push-capable) acceptor: feed it each inbound frame and tell
+ * it when a connection goes away. Carrier-agnostic — a WebSocket, a WebRTC data channel, or any other
+ * duplex connection drives the same two methods.
+ */
+interface IDuplexConnectionRouter<TConn> {
+  /** Feed one inbound frame from a connection into the handler. */
+  receive: (connection: TConn, frame: string | ArrayBuffer | Uint8Array) => void;
+  /** Forget a connection (call on socket close/error). */
+  drop: (connection: TConn) => void;
+}
+/**
+ * Wire the hibernation lifecycle for an acceptor handler on a transport whose connections outlive process
+ * eviction (e.g. a Durable Object's hibernatable WebSockets). It owns persistence end to end:
+ * registers `setAttachment` as the handler's connection-bound callback and immediately replays every
+ * live connection's stored binding via `getAttachment`, so results/pushes still route after a wake.
+ *
+ * Layered on top of the generic {@link AcceptorHandler} — it touches only the handler's neutral
+ * `setOnConnectionBound` / `rehydrateConnection` / `receive` / `dropConnection` surface, so no
+ * hibernation concern leaks into the handler itself.
+ *
+ * Construct it once when the handler is built, then forward connection events:
+ * ```ts
+ * const duplex = createHibernatableWsServerAdapter({ handler, getConnections, getAttachment, setAttachment });
+ * // webSocketMessage(ws, msg) => duplex.receive(ws, msg);
+ * // webSocketClose/Error(ws)  => duplex.drop(ws);
+ * ```
+ */
+declare function createHibernatableWsServerAdapter<TConn>(options: IHibernatableWsServerAdapterOptions<TConn>): IDuplexConnectionRouter<TConn>;
+//#endregion
+//#region src/ActionRuntime/Transport/Carrier/Carrier.types.d.ts
+/**
+ * Carrier shapes — the only transport-specific surface a new protocol must implement. The secure
+ * session (handshake + frame crypto + codec) and the action routing on top of it are carrier-agnostic;
+ * a carrier just moves frames. Two shapes capture every carrier:
+ *
+ * - {@link IDuplexCarrier} — a persistent, push-capable byte stream (WebSocket, WebRTC `RTCDataChannel`,
+ *   Bluetooth GATT, an in-memory pipe). Either side can send at any time, so it supports server→client
+ *   pushes (the return path + broadcast).
+ * - {@link IExchangeCarrier} — a request → single-correlated-reply carrier with no unsolicited push
+ *   (HTTP, and anything request/response-shaped). The reply rides the response to its own request.
+ *
+ * Frames are `string` (text — handshake control messages and JSON action frames) or binary
+ * (`Uint8Array`/`ArrayBuffer` — the optimized binary wire / encrypted frames).
+ */
+type TFrame$1 = string | Uint8Array | ArrayBuffer;
+/**
+ * A bidirectional, push-capable byte stream. Reduces every duplex carrier to "open, send bytes, receive
+ * bytes, close" — a WebSocket, a WebRTC data channel, a Bluetooth characteristic, or an in-memory pipe
+ * all satisfy this, so the identical secure session runs over each.
+ */
+interface IDuplexCarrier {
+  /** Resolves once the carrier is open and ready to send; rejects if it closes/errors before opening. */
+  readonly ready: Promise<void>;
+  /** Whether the carrier is currently open (a synchronous guard before `send`). */
+  isOpen(): boolean;
+  /** Write one frame to the peer. */
+  send(frame: TFrame$1): void;
+  /**
+   * Register the carrier's handlers. Called exactly once by the session after `ready`. `onMessage`
+   * receives every inbound frame; `onClose` fires when the carrier goes away.
+   */
+  attach(handlers: {
+    onMessage: (frame: TFrame$1) => void;
+    onClose: () => void;
+    onError?: (error: unknown) => void;
+  }): void;
+  /** Close the carrier deliberately (a teardown). */
+  close(): void;
+  /** Optional human-readable endpoint for the devtools route chip. */
+  readonly label?: string;
+}
+/**
+ * A request → single-correlated-reply carrier with no unsolicited push (HTTP). One `exchange` sends a
+ * frame and resolves with exactly the one reply frame for it; the carrier itself correlates them (the
+ * HTTP transaction), so no correlation id is needed on the wire.
+ */
+interface IExchangeCarrier {
+  /** Send one frame, await the single correlated reply frame. */
+  exchange(frame: TFrame$1, opts?: {
+    signal?: AbortSignal;
+  }): Promise<TFrame$1>;
+  /** Optional human-readable endpoint for the devtools route chip. */
+  readonly label?: string;
+}
+type TCarrier = IDuplexCarrier | IExchangeCarrier;
+/**
+ * A reusable opener for a {@link IDuplexCarrier} plus the per-action metadata a duplex transport needs.
+ * Built by the small carrier factories (`wsCarrier`, `rtcCarrier`, `inMemoryCarrier`) and handed to
+ * {@link secureTransport} / `LinkTransport` — so adding a new carrier is "write one of these", nothing
+ * else.
+ */
+interface IDuplexCarrierSource {
+  /** Open (or reuse) the carrier for an action. */
+  open: (input: ITransportRouteActionParams) => IDuplexCarrier;
+  /** Keys identifying a reusable carrier, so one carrier is shared across actions to the same peer. */
+  getCacheKey?: (input: ITransportRouteActionParams) => string[];
+  /** Devtools route info for an action routed over this carrier. */
+  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
+  /** Short carrier-kind label for the devtools chip (e.g. `"ws"`, `"webrtc"`, `"memory"`). */
+  readonly carrierLabel: string;
+}
+/**
+ * The exchange-shape counterpart to {@link IDuplexCarrierSource}: a reusable opener for an
+ * {@link IExchangeCarrier} plus the per-action metadata an exchange transport needs. Built by
+ * `httpCarrier` and handed to {@link secureTransport} — adding a new request/reply protocol is "write
+ * one of these". The `shape` tag lets {@link secureTransport} pick the duplex vs exchange transport.
+ */
+interface IExchangeCarrierSource {
+  /** Discriminant so a generic factory can tell an exchange source from a duplex one. */
+  readonly shape: "exchange";
+  /** Open (or reuse) the carrier for an action. */
+  open: (input: ITransportRouteActionParams) => IExchangeCarrier;
+  /** Keys identifying a reusable carrier, so one carrier is shared across actions to the same peer. */
+  getCacheKey?: (input: ITransportRouteActionParams) => string[];
+  /** Devtools route info for an action routed over this carrier. */
+  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
+  /** Short carrier-kind label for the devtools chip (e.g. `"http"`). */
+  readonly carrierLabel: string;
+}
+//#endregion
+//#region src/ActionRuntime/Transport/Carrier/AcceptorCarrier.types.d.ts
+/**
+ * Acceptor-side carrier descriptors — the accept-in dual of the connector's {@link IDuplexCarrierSource}
+ * / {@link IExchangeCarrierSource}. Where a connector source knows how to *open* a carrier to a peer, an
+ * acceptor carrier knows how to *serve* one peer's traffic on this server. Both shapes are carrier-neutral
+ * about security: `serveChannel` builds the crypto identity (link + TOFU resolver) and the security block
+ * once from `(runtime, channel)` and fans it across every carrier, so a carrier descriptor never restates
+ * it.
+ *
+ * Two shapes mirror the connector side:
+ *
+ * - {@link IDuplexAcceptorCarrier} — a persistent, push-capable byte stream (WebSocket, WebRTC, …). It can
+ *   push acceptor→connector, so it carries the return path and broadcasts, and it may need an upgrade step
+ *   (e.g. a Durable Object's `WebSocketPair`) and optional hibernation persistence.
+ * - {@link IExchangeAcceptorCarrier} — a request → single-correlated-reply carrier with no unsolicited push
+ *   (HTTP). The reply rides the response to its own request; there is nothing to push and nothing to
+ *   upgrade.
+ */
+/**
+ * Persistence + replay hooks for a duplex carrier whose connections outlive process eviction (e.g. a
+ * Durable Object's hibernatable WebSockets). Optional — omit for a transport that never hibernates. The
+ * same surface {@link createHibernatableWsServerAdapter} consumes, minus the handler it's bound to.
+ */
+interface IAcceptorHibernation<TConn> {
+  /** All currently-live connections — replayed on build to rebuild bindings after a wake. */
+  getConnections: () => TConn[];
+  /** Read a connection's persisted binding (e.g. `(ws) => ws.deserializeAttachment()`). */
+  getAttachment: (connection: TConn) => IAcceptorConnectionBinding | undefined;
+  /** Persist a connection's binding when it is bound (e.g. `(ws, b) => ws.serializeAttachment(b)`). */
+  setAttachment: (connection: TConn, binding: IAcceptorConnectionBinding) => void;
+}
+/**
+ * A duplex carrier is also its own lifecycle handle: once it has been passed to `serveChannel`, feed each
+ * inbound frame to {@link receive} and forget a connection on close/error with {@link drop}. This is how a
+ * server with *several* duplex carriers routes each connection's traffic to the right one — you hold the
+ * carrier you created and feed it directly, so no per-carrier router lookup is needed. The methods throw if
+ * called before the carrier is served. (`serveChannel` binds the live router via {@link _activate}.)
+ */
+interface IDuplexCarrierLifecycle<TConn> {
+  /** Feed one inbound frame from a live connection into the server. Throws until the carrier is served. */
+  receive(connection: TConn, frame: TFrame$1): void;
+  /** Forget a connection on close/error. No-op until the carrier is served. */
+  drop(connection: TConn): void;
+  /** @internal `serveChannel` binds this carrier's live connection router here. */
+  _activate(router: IDuplexConnectionRouter<TConn>): void;
+}
+/**
+ * A duplex (push-capable) carrier on the acceptor side. Describes how to write a frame back to a live
+ * connection, how to perform the transport-specific upgrade that admits one, which requests are such
+ * upgrades, and (optionally) how to persist bindings across hibernation. Built by `wsAcceptorCarrier` and
+ * handed to `serveChannel`'s `carriers` list — the returned carrier is also its own lifecycle handle (see
+ * {@link IDuplexCarrierLifecycle}).
+ */
+interface IDuplexAcceptorCarrier<TConn = unknown> extends IDuplexCarrierLifecycle<TConn> {
+  /** Discriminant so `serveChannel` can tell a duplex carrier from an exchange one. */
+  readonly shape: ETransportShape.duplex;
+  /**
+   * Whether each connection runs the secure handshake (default `true`). `false` makes it a plain duplex
+   * carrier: connections speak the channel's wire codec directly with a self-asserted identity — no
+   * handshake, pins, or encryption (the duplex dual of `httpAcceptorCarrier({ secure: false })`). A plain
+   * carrier ignores the central crypto identity, so it needs no `storage` on `serveChannel`.
+   */
+  secure?: boolean;
+  /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
+  send: (connection: TConn, frame: TFrame$1) => void;
+  /**
+   * Perform the transport-specific upgrade for an inbound request, returning its raw response (e.g. a
+   * Durable Object's `new WebSocketPair()` + `ctx.acceptWebSocket()` → a `101`). Omit for a carrier that
+   * is fed connections out of band (the server then only routes frames via {@link receive}/{@link drop}).
+   */
+  upgrade?: (request: Request, url: URL) => Response | Promise<Response>;
+  /**
+   * Whether an inbound request is an upgrade for this carrier. Defaults to an `Upgrade: websocket` header.
+   * Only consulted when {@link upgrade} is present.
+   */
+  isUpgrade?: (request: Request, url: URL) => boolean;
+  /** Optional persistence + replay for connections that survive eviction (Durable Object hibernation). */
+  hibernation?: IAcceptorHibernation<TConn>;
+  /** Short carrier-kind label for the devtools chip (e.g. `"ws"`, `"webrtc"`). */
+  readonly carrierLabel: string;
+}
+/**
+ * An exchange (request/reply) carrier on the acceptor side, over web-standard `Request`/`Response`. By
+ * default it speaks the *secure* exchange protocol (handshake → token session → encrypted frames), whose
+ * identity is supplied centrally by `serveChannel`. Set {@link secure} to `false` for a plain endpoint
+ * that POSTs the raw action wire and returns the result inline — the request/reply dual of the connector's
+ * `plainTransport({ carrier: httpCarrier(...) })`. So a server can pair a secure duplex (WebSocket) with a
+ * plain HTTP fallback on the same runtime. Built by `httpAcceptorCarrier`.
+ */
+interface IExchangeAcceptorCarrier {
+  /** Discriminant so `serveChannel` can tell an exchange carrier from a duplex one. */
+  readonly shape: ETransportShape.exchange;
+  /**
+   * Whether this endpoint runs the secure exchange protocol (default `true`). `false` makes it a plain
+   * endpoint: the body is the raw action wire and the result is the response body — no handshake, token,
+   * or encryption. A plain endpoint ignores the central crypto identity entirely.
+   */
+  secure?: boolean;
+  /** Which requests carry an action exchange envelope on `POST`. Defaults to `serveChannel`'s path match. */
+  isActionPath?: (url: URL) => boolean;
+  /**
+   * CORS headers merged onto every response (a preflight `OPTIONS` is answered `204`). Defaults to the
+   * permissive `*` set; pass `false` to attach no CORS headers at all.
+   */
+  cors?: Record<string, string> | false;
+  /** Plain mode only: use the error's HTTP status for failures (default `true`). Ignored when secure. */
+  useErrorStatus?: boolean;
+  /** Short carrier-kind label for the devtools chip (e.g. `"http"`). */
+  readonly carrierLabel: string;
+}
+type TAcceptorCarrier<TConn = unknown> = IDuplexAcceptorCarrier<TConn> | IExchangeAcceptorCarrier;
+/**
+ * Narrow an acceptor carrier to the exchange shape via its `shape` discriminant — the one branch
+ * `serveChannel` uses to pick the duplex (push-capable) vs exchange (request/reply) wiring. A duplex
+ * carrier carries `shape: ETransportShape.duplex`, so the `else` branch is the duplex one.
+ */
+declare function isExchangeAcceptorCarrier<TConn>(carrier: TAcceptorCarrier<TConn>): carrier is IExchangeAcceptorCarrier;
+//#endregion
+//#region src/ActionRuntime/Channel/serveChannel.d.ts
+interface IServeChannelOptions<TConn> {
+  /**
+   * Coordinate of the *connecting clients* (typically env-only, e.g. `RuntimeCoordinate.env("web_app")`),
+   * used to score return-path dispatch back to the right connection.
+   */
+  clientEnv: RuntimeCoordinate;
+  /**
+   * One backing store for the server's crypto identity *and* its trust-on-first-use verify-key pins
+   * (their keys don't collide). It is built once and shared across every carrier, so the WebSocket and the
+   * secure-HTTP endpoint present the exact same verify/exchange keys and trust the same pinned clients.
+   * Back it with persistent storage (e.g. a Durable Object's storage) so identity + pins survive eviction.
+   *
+   * Required only when at least one carrier is secure (the default). A fully-plain server (every carrier
+   * `secure: false`) needs no storage and may omit it.
+   */
+  storage?: StorageAdapter;
+  /**
+   * The carriers this channel is served over — the accept-in dual of `connectChannel`'s `transports`.
+   * Build them with `wsAcceptorCarrier` / `httpAcceptorCarrier`. Any number of duplex (push-capable)
+   * carriers are supported (e.g. WebSocket + WebRTC), plus at most one exchange (request/reply) carrier;
+   * all share one crypto identity and one runtime, and each result/push routes back over the carrier its
+   * client connected on.
+   */
+  carriers: readonly TAcceptorCarrier<TConn>[];
+  /** Your execution handlers (e.g. the local handler holding the action cases). Registered for you. */
+  handlers?: TActionRuntimeHandler[];
+  /**
+   * The server's crypto identity. Defaults to a fresh {@link ClientCryptoKeyLink} over `storage`. Pass an
+   * existing link only to share identity with acceptors built outside this call.
+   */
+  link?: ClientCryptoKeyLink;
+  /** Accepted level(s) for every carrier; defaults to negotiating any of none/authenticated/encrypted. */
+  securityLevel?: ESecurityLevel | readonly ESecurityLevel[];
+  /** Trust decision for a client's verify key; defaults to storage-backed TOFU over `storage`. */
+  verifyKeyResolver?: IClientVerifyKeyResolver;
+  /** Timeout (ms) applied to server-initiated actions awaiting a client response. */
+  defaultTimeout?: number;
+}
+/**
+ * One server serving a secure channel over several carriers — the accept-in dual of `connectChannel`,
+ * returned by {@link serveChannel}. Wire its surface straight to the host's request/socket events.
+ */
+interface IChannelServer<TConn> {
+  /**
+   * The duplex acceptor handlers — one per duplex carrier, in carrier order (empty if none). For pushing,
+   * prefer {@link pushToClient} (it resolves the owning handler); reach for these for cross-carrier work
+   * like a per-handler `broadcast`.
+   */
+  handlers: AcceptorHandler<TConn>[];
+  /**
+   * Unified request handler: answers the CORS preflight, performs the duplex upgrade for an upgrade
+   * request, serves a secure-exchange action `POST`, else `404`. Forward the host's `fetch` straight to it.
+   */
+  fetch: (request: Request) => Promise<Response>;
+  /**
+   * Convenience lifecycle for the *sole* duplex carrier — `receive` inbound frames, `drop` on close. Set
+   * only when exactly one duplex carrier was provided; with several, feed each carrier handle directly
+   * (every duplex carrier is its own lifecycle handle). `undefined` when there are zero or multiple.
+   */
+  duplex?: IDuplexConnectionRouter<TConn>;
+  /**
+   * Push a server-initiated action to a connected client (the runtime is bound in, so unlike
+   * {@link AcceptorHandler.pushToClient} you pass only the target + request). It routes through the duplex
+   * carrier the target connected on. Throws if no duplex carrier currently holds the target.
+   */
+  pushToClient: <DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(target: TConn | RuntimeCoordinate, request: ActionPayload_Request<DOM, ID>, options?: {
+    timeout?: number;
+  }) => RunningAction<DOM, ID>;
+}
+/**
+ * Serve a secure channel over one or more carriers from a single call — the accept-in dual of
+ * `connectChannel`. It builds the crypto identity (a {@link ClientCryptoKeyLink} + a storage-backed TOFU
+ * resolver) and the security block (coordinate, dictionary version, accepted levels) *once* from
+ * `(runtime, channel)` and fans them across every carrier, so the WebSocket and the secure-HTTP endpoint
+ * can never drift apart. It registers your handlers (plus the duplex acceptor it builds) on the runtime,
+ * wires hibernation when the duplex carrier declares it, and returns a single {@link IChannelServer} whose
+ * `fetch` / `duplex` / `pushToClient` you forward straight to the host:
+ * ```ts
+ * const server = serveChannel(runtime, channel, {
+ *   clientEnv, storage,
+ *   carriers: [wsAcceptorCarrier({ send, upgrade, hibernation }), httpAcceptorCarrier()],
+ *   handlers: [localHandler],
+ * });
+ * // fetch(req) => server.fetch(req)
+ * // webSocketMessage(conn, m) => server.duplex?.receive(conn, m)
+ * // webSocketClose/Error(conn) => server.duplex?.drop(conn)
+ * ```
+ *
+ * `TConn` (the live-connection token a duplex carrier hands back through `send`/`receive`/`drop`) is
+ * inferred from the carriers — `WebSocket` for `wsAcceptorCarrier`, the data-channel type for a WebRTC
+ * carrier, and so on — so it stays carrier-agnostic.
+ */
+declare function serveChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TConn = unknown>(runtime: ActionRuntime, channel: ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IServeChannelOptions<TConn>): IChannelServer<TConn>;
+//#endregion
 //#region src/ActionRuntime/Transport/SecureSession/exchangeAcceptor.d.ts
 /** Acceptor secure config for the exchange (HTTP) endpoint — same identity an `AcceptorHandler` uses. */
 interface IExchangeAcceptorSecurity {
@@ -1895,6 +2264,13 @@ interface IActionFetchHandlerOptions {
   isActionPath?: (url: URL) => boolean;
   /** Which requests are WebSocket upgrades. Default: pathname ends with `/ws`. */
   isWebSocketPath?: (url: URL) => boolean;
+  /**
+   * Whether a request is a WebSocket upgrade for this endpoint, given the whole request (not just the
+   * URL). When set it *replaces* the default gate (an `Upgrade: websocket` header on an
+   * {@link isWebSocketPath} match) — use it when the discriminant needs a header or method, not only the
+   * path. Only consulted when {@link onWebSocketUpgrade} is present.
+   */
+  isWebSocketUpgrade?: (request: Request, url: URL) => boolean;
   /**
    * Perform the transport-specific WebSocket upgrade (e.g. a Durable Object's
    * `new WebSocketPair()` + `ctx.acceptWebSocket()` returning a `101`). Omit for HTTP-only endpoints.
@@ -1951,6 +2327,13 @@ interface ISecureAcceptorHandlerOptions<TConn> {
   storageAdapter: StorageAdapter;
   /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
   send: (connection: TConn, frame: string | Uint8Array | ArrayBuffer) => void;
+  /**
+   * The server's crypto identity. Defaults to a fresh {@link ClientCryptoKeyLink} over `storageAdapter`.
+   * Pass an existing link to share one identity across several acceptors on the same server (e.g. a
+   * WebSocket acceptor and a secure-HTTP {@link createActionFetchHandler}), so they present the same
+   * verify/exchange keys — avoiding a divergent-key race when two fresh links initialize concurrently.
+   */
+  link?: ClientCryptoKeyLink;
   /** Accepted level(s); defaults to negotiating any of none/authenticated/encrypted. */
   securityLevel?: ESecurityLevel | readonly ESecurityLevel[];
   /** Trust decision for a client's verify key; defaults to storage-backed TOFU over `storageAdapter`. */
@@ -2051,42 +2434,6 @@ declare class ConnectionStateStore<TConn, TApp> {
  */
 declare function createConnectionStateStore<TConn, TApp>(handler: AcceptorHandler<TConn>, options: IConnectionStateStoreOptions<TConn, TApp>): ConnectionStateStore<TConn, TApp>;
 //#endregion
-//#region src/ActionRuntime/Handler/PeerLink/Acceptor/Hibernation/createHibernatableWsServerAdapter.d.ts
-interface IHibernatableWsServerAdapterOptions<TConn> {
-  /** The handler to drive (from `createSecureAcceptorHandler` or `createAcceptorHandler`). */
-  handler: AcceptorHandler<TConn>;
-  /** All currently-live connections — replayed on construction to rebuild bindings after a wake. */
-  getWebSockets: () => TConn[];
-  /** Read a connection's persisted binding (e.g. `(ws) => ws.deserializeAttachment()`). */
-  getAttachment: (connection: TConn) => IAcceptorConnectionBinding | undefined;
-  /** Persist a connection's binding when it is bound (e.g. `(ws, b) => ws.serializeAttachment(b)`). */
-  setAttachment: (connection: TConn, binding: IAcceptorConnectionBinding) => void;
-}
-interface IHibernatableWsServerAdapter<TConn> {
-  /** Feed one inbound frame from a connection into the handler. */
-  receive: (connection: TConn, frame: string | ArrayBuffer | Uint8Array) => void;
-  /** Forget a connection (call on socket close/error). */
-  drop: (connection: TConn) => void;
-}
-/**
- * Wire the hibernation lifecycle for an acceptor handler on a transport whose sockets outlive process
- * eviction (e.g. a Durable Object's hibernatable WebSockets). It owns persistence end to end:
- * registers `setAttachment` as the handler's connection-bound callback and immediately replays every
- * live connection's stored binding via `getAttachment`, so results/pushes still route after a wake.
- *
- * Layered on top of the generic {@link AcceptorHandler} — it touches only the handler's neutral
- * `setOnConnectionBound` / `rehydrateConnection` / `receive` / `dropConnection` surface, so no
- * hibernation concern leaks into the handler itself.
- *
- * Construct it once when the handler is built, then forward socket events:
- * ```ts
- * const wsServer = createHibernatableWsServerAdapter({ handler, getWebSockets, getAttachment, setAttachment });
- * // webSocketMessage(ws, msg) => wsServer.receive(ws, msg);
- * // webSocketClose/Error(ws)  => wsServer.drop(ws);
- * ```
- */
-declare function createHibernatableWsServerAdapter<TConn>(options: IHibernatableWsServerAdapterOptions<TConn>): IHibernatableWsServerAdapter<TConn>;
-//#endregion
 //#region src/ActionRuntime/Handler/PeerLink/Connector/err_nice_external_client.d.ts
 declare const err_nice_external_client: import("@nice-code/error").NiceErrorDomain<{
   domain: string;
@@ -2094,97 +2441,6 @@ declare const err_nice_external_client: import("@nice-code/error").NiceErrorDoma
   schema: {};
 }>;
 //#endregion
-//#region src/ActionRuntime/Transport/Carrier/Carrier.types.d.ts
-/**
- * Carrier shapes — the only transport-specific surface a new protocol must implement. The secure
- * session (handshake + frame crypto + codec) and the action routing on top of it are carrier-agnostic;
- * a carrier just moves frames. Two shapes capture every carrier:
- *
- * - {@link IDuplexCarrier} — a persistent, push-capable byte stream (WebSocket, WebRTC `RTCDataChannel`,
- *   Bluetooth GATT, an in-memory pipe). Either side can send at any time, so it supports server→client
- *   pushes (the return path + broadcast).
- * - {@link IExchangeCarrier} — a request → single-correlated-reply carrier with no unsolicited push
- *   (HTTP, and anything request/response-shaped). The reply rides the response to its own request.
- *
- * Frames are `string` (text — handshake control messages and JSON action frames) or binary
- * (`Uint8Array`/`ArrayBuffer` — the optimized binary wire / encrypted frames).
- */
-type TFrame$1 = string | Uint8Array | ArrayBuffer;
-/**
- * A bidirectional, push-capable byte stream. Reduces every duplex carrier to "open, send bytes, receive
- * bytes, close" — a WebSocket, a WebRTC data channel, a Bluetooth characteristic, or an in-memory pipe
- * all satisfy this, so the identical secure session runs over each.
- */
-interface IDuplexCarrier {
-  /** Resolves once the carrier is open and ready to send; rejects if it closes/errors before opening. */
-  readonly ready: Promise<void>;
-  /** Whether the carrier is currently open (a synchronous guard before `send`). */
-  isOpen(): boolean;
-  /** Write one frame to the peer. */
-  send(frame: TFrame$1): void;
-  /**
-   * Register the carrier's handlers. Called exactly once by the session after `ready`. `onMessage`
-   * receives every inbound frame; `onClose` fires when the carrier goes away.
-   */
-  attach(handlers: {
-    onMessage: (frame: TFrame$1) => void;
-    onClose: () => void;
-    onError?: (error: unknown) => void;
-  }): void;
-  /** Close the carrier deliberately (a teardown). */
-  close(): void;
-  /** Optional human-readable endpoint for the devtools route chip. */
-  readonly label?: string;
-}
-/**
- * A request → single-correlated-reply carrier with no unsolicited push (HTTP). One `exchange` sends a
- * frame and resolves with exactly the one reply frame for it; the carrier itself correlates them (the
- * HTTP transaction), so no correlation id is needed on the wire.
- */
-interface IExchangeCarrier {
-  /** Send one frame, await the single correlated reply frame. */
-  exchange(frame: TFrame$1, opts?: {
-    signal?: AbortSignal;
-  }): Promise<TFrame$1>;
-  /** Optional human-readable endpoint for the devtools route chip. */
-  readonly label?: string;
-}
-type TCarrier = IDuplexCarrier | IExchangeCarrier;
-/**
- * A reusable opener for a {@link IDuplexCarrier} plus the per-action metadata a duplex transport needs.
- * Built by the small carrier factories (`wsCarrier`, `rtcCarrier`, `inMemoryCarrier`) and handed to
- * {@link secureTransport} / `LinkTransport` — so adding a new carrier is "write one of these", nothing
- * else.
- */
-interface IDuplexCarrierSource {
-  /** Open (or reuse) the carrier for an action. */
-  open: (input: ITransportRouteActionParams) => IDuplexCarrier;
-  /** Keys identifying a reusable carrier, so one carrier is shared across actions to the same peer. */
-  getCacheKey?: (input: ITransportRouteActionParams) => string[];
-  /** Devtools route info for an action routed over this carrier. */
-  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
-  /** Short carrier-kind label for the devtools chip (e.g. `"ws"`, `"webrtc"`, `"memory"`). */
-  readonly carrierLabel: string;
-}
-/**
- * The exchange-shape counterpart to {@link IDuplexCarrierSource}: a reusable opener for an
- * {@link IExchangeCarrier} plus the per-action metadata an exchange transport needs. Built by
- * `httpCarrier` and handed to {@link secureTransport} — adding a new request/reply protocol is "write
- * one of these". The `shape` tag lets {@link secureTransport} pick the duplex vs exchange transport.
- */
-interface IExchangeCarrierSource {
-  /** Discriminant so a generic factory can tell an exchange source from a duplex one. */
-  readonly shape: "exchange";
-  /** Open (or reuse) the carrier for an action. */
-  open: (input: ITransportRouteActionParams) => IExchangeCarrier;
-  /** Keys identifying a reusable carrier, so one carrier is shared across actions to the same peer. */
-  getCacheKey?: (input: ITransportRouteActionParams) => string[];
-  /** Devtools route info for an action routed over this carrier. */
-  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
-  /** Short carrier-kind label for the devtools chip (e.g. `"http"`). */
-  readonly carrierLabel: string;
-}
-//#endregion
 //#region src/ActionRuntime/Transport/Carrier/duplex/inMemory/createInMemoryChannel.d.ts
 type TFrame = string | ArrayBuffer | Uint8Array;
 /** The peer (server) end of an in-memory pair — what you feed into an `AcceptorHandler`. */
@@ -2266,6 +2522,56 @@ interface IRtcCarrierOptions {
  */
 declare function rtcCarrier(dataChannel: IRtcDataChannelLike, options?: IRtcCarrierOptions): IDuplexCarrierSource;
 //#endregion
+//#region src/ActionRuntime/Transport/Carrier/duplex/ws/err_nice_transport_ws.d.ts
+declare enum EErrId_NiceTransport_WebSocket {
+  ws_disconnected = "ws_disconnected",
+  ws_create_failed = "ws_create_failed",
+  ws_error = "ws_error"
+}
+declare const err_nice_transport_ws: import("@nice-code/error").NiceErrorDomain<{
+  domain: string;
+  allDomains: [string, string, string, string, "err_nice"];
+  schema: {
+    ws_disconnected: import("@nice-code/error").INiceErrorIdMetadata<Record<string, never>, import("@nice-code/error").JSONSerializableValue>;
+    ws_create_failed: import("@nice-code/error").INiceErrorIdMetadata<{
+      originalError?: Error;
+    }, import("@nice-code/error").JSONSerializableValue>;
+    ws_error: import("@nice-code/error").INiceErrorIdMetadata<{
+      originalError?: Error;
+    }, import("@nice-code/error").JSONSerializableValue>;
+  };
+}>;
+//#endregion
+//#region src/ActionRuntime/Transport/Carrier/duplex/ws/wsAcceptorCarrier.d.ts
+interface IWsAcceptorCarrierOptions<TConn> {
+  /**
+   * Whether each socket runs the secure handshake (default `true`). Pass `false` for a plain WS endpoint
+   * — connections speak the channel's wire codec with a self-asserted identity, no handshake/pins/encryption
+   * (and `serveChannel` then needs no `storage` for this carrier).
+   */
+  secure?: boolean;
+  /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
+  send: (connection: TConn, frame: TFrame$1) => void;
+  /**
+   * Perform the transport-specific WebSocket upgrade, returning its raw response (e.g. a Durable Object's
+   * `new WebSocketPair()` + `ctx.acceptWebSocket()` → a `101`). Omit if sockets are fed in out of band.
+   */
+  upgrade?: (request: Request, url: URL) => Response | Promise<Response>;
+  /** Whether an inbound request is a WS upgrade. Defaults to an `Upgrade: websocket` header. */
+  isUpgrade?: (request: Request, url: URL) => boolean;
+  /** Persistence + replay hooks for hibernatable sockets (e.g. a Durable Object). */
+  hibernation?: IAcceptorHibernation<TConn>;
+  /** Override the devtools carrier-kind label (defaults to `"ws"`). */
+  carrierLabel?: string;
+}
+/**
+ * A WebSocket {@link IDuplexAcceptorCarrier}: the accept-in dual of {@link wsCarrier}. It describes how to
+ * write frames back to a live socket, how to upgrade an inbound request into one, and (optionally) how to
+ * persist bindings across hibernation. Hand it to `serveChannel`'s `carriers` list — the secure session,
+ * codec, and crypto identity are supplied centrally there, so this only carries the WS-specific surface.
+ */
+declare function wsAcceptorCarrier<TConn = WebSocket>(options: IWsAcceptorCarrierOptions<TConn>): IDuplexAcceptorCarrier<TConn>;
+//#endregion
 //#region src/ActionRuntime/Transport/Carrier/duplex/ws/wsCarrier.d.ts
 interface IWsCarrierOptions {
   /** Override socket creation (defaults to a `new WebSocket(url)` with `binaryType = "arraybuffer"`). */
@@ -2282,6 +2588,36 @@ interface IWsCarrierOptions {
  */
 declare function wsCarrier(url: string, options?: IWsCarrierOptions): IDuplexCarrierSource;
 //#endregion
+//#region src/ActionRuntime/Transport/Carrier/exchange/http/httpAcceptorCarrier.d.ts
+interface IHttpAcceptorCarrierOptions {
+  /**
+   * Whether this endpoint runs the secure exchange protocol (default `true`). Pass `false` for a plain
+   * endpoint — the body is the raw action wire and the result is the response body, the request/reply dual
+   * of `plainTransport({ carrier: httpCarrier(...) })`. A plain endpoint ignores the crypto identity, so it
+   * can sit alongside a secure WebSocket on the same server (e.g. a secure WS preferred, plain HTTP fallback).
+   */
+  secure?: boolean;
+  /** Which requests carry an action exchange envelope on `POST`. Defaults to `serveChannel`'s path match. */
+  isActionPath?: (url: URL) => boolean;
+  /**
+   * CORS headers merged onto every response (a preflight `OPTIONS` is answered `204`). Defaults to the
+   * permissive `*` set; pass `false` to attach no CORS headers at all.
+   */
+  cors?: Record<string, string> | false;
+  /** Plain mode only: use the error's HTTP status for failures (default `true`). Ignored when secure. */
+  useErrorStatus?: boolean;
+  /** Override the devtools carrier-kind label (defaults to `"http"`). */
+  carrierLabel?: string;
+}
+/**
+ * An HTTP {@link IExchangeAcceptorCarrier}: the accept-in dual of {@link httpCarrier}. It serves the
+ * secure exchange protocol (handshake → token session → encrypted frames) over web-standard
+ * `Request`/`Response`. The crypto identity, runtime coordinate, dictionary version, and accepted security
+ * levels are all supplied centrally by `serveChannel`, so this only needs to say which requests carry an
+ * action envelope and how to answer CORS.
+ */
+declare function httpAcceptorCarrier(options?: IHttpAcceptorCarrierOptions): IExchangeAcceptorCarrier;
+//#endregion
 //#region src/ActionRuntime/Transport/Carrier/exchange/http/httpCarrier.d.ts
 /** The HTTP request an action is sent over (the body is supplied by the secure exchange session). */
 interface IHttpCarrierRequest {
@@ -2455,26 +2791,6 @@ declare const err_nice_transport: import("@nice-code/error").NiceErrorDomain<{
   };
 }>;
 //#endregion
-//#region src/ActionRuntime/Transport/Carrier/duplex/ws/err_nice_transport_ws.d.ts
-declare enum EErrId_NiceTransport_WebSocket {
-  ws_disconnected = "ws_disconnected",
-  ws_create_failed = "ws_create_failed",
-  ws_error = "ws_error"
-}
-declare const err_nice_transport_ws: import("@nice-code/error").NiceErrorDomain<{
-  domain: string;
-  allDomains: [string, string, string, string, "err_nice"];
-  schema: {
-    ws_disconnected: import("@nice-code/error").INiceErrorIdMetadata<Record<string, never>, import("@nice-code/error").JSONSerializableValue>;
-    ws_create_failed: import("@nice-code/error").INiceErrorIdMetadata<{
-      originalError?: Error;
-    }, import("@nice-code/error").JSONSerializableValue>;
-    ws_error: import("@nice-code/error").INiceErrorIdMetadata<{
-      originalError?: Error;
-    }, import("@nice-code/error").JSONSerializableValue>;
-  };
-}>;
-//#endregion
 //#region src/ActionRuntime/Transport/Link/TransportLink.types.d.ts
 /** The per-connection codec (positional binary wire / JSON fallback) the carrier's session uses. */
 type TLinkFormatMessage = IActionWireFormat;
@@ -2835,5 +3151,5 @@ interface IActionPayload_Result_JsonObject<DOM extends IActionDomain = IActionDo
 type TActionPayload_Any_Instance<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = ActionPayload_Request<DOM, ID> | ActionPayload_Result<DOM, ID> | ActionPayload_Progress<DOM, ID>;
 type TActionPayload_Any_JsonObject<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = IActionPayload_Request_JsonObject<DOM, ID> | IActionPayload_Progress_JsonObject<DOM, ID> | IActionPayload_Result_JsonObject<DOM, ID>;
 //#endregion
-export { IRtcDataChannelLike as $, PeerLinkHandler as $n, ConnectorHandler as $t, ILinkTransportOptions as A, TTransportCache as An, TDomainActionId as Ar, TChannelAcceptorCases as At, IActionTransportReadyData_Exchange as B, IClientVerifyKeyResolveInput as Bn, TActionSerializationDefinition as Br, AcceptorHandler as Bt, decodeActionFrame as C, TOnResolveAnyIncomingActionData_Json as Cn, TRuntimeCoordinateEnvId as Cr, createActionFetchHandler as Ct, secureTransport as D, TOnResolveIncomingResponseJson as Dn, IActionRootDomain as Dr, IAcceptChannelOptions as Dt, ISecureTransportOptions as E, TOnResolveIncomingResponse as En, IActionDomainChildOptions as Er, IExchangeAcceptorSecurity as Et, err_nice_transport_ws as F, ITransportConnectionContext as Fn, ActionSchema as Fr, defineChannel as Ft, IHttpCarrierOptions as G, THandshakeMessage as Gn, TActionConnectionEncoding as Gt, IActionFrameCryptoConfig as H, IHandshakeEncryptionKeyMaterial as Hn, IAcceptorHandlerOptions as Ht, EErrId_NiceTransport as I, Transport as In, EActionResponseMode as Ir, ISecureChannel as It, httpCarrier as J, createServerHandshake as Jn, createActionRootDomain as Jt, IHttpCarrierRequest as K, createClientHandshake as Kn, createAcceptorHandler as Kt, err_nice_transport as L, EHandshakeMessageType as Ln, TInferActionError as Lr, defineSecureChannel as Lt, IActionTransportReadyData_Link as M, TTransportStatusInfo as Mn, TInferOutputFromSchema as Mr, acceptChannel as Mt, TLinkFormatMessage as N, TTransportStatusInfo_GetTransport_Output as Nn, TPossibleDomainId as Nr, acceptChannelConnections as Nt, IPlainTransportOptions as O, TSendActionDataMethod as On, TActionDomainChildDef as Or, IActionChannel as Ot, EErrId_NiceTransport_WebSocket as P, TUpdateActionRunConfig as Pn, TPossibleDomainIdList as Pr, connectChannel as Pt, rtcCarrier as Q, runtimeLinkId as Qn, ActionRuntime as Qt, ExchangeTransport as R, ESecurityLevel as Rn, actionSchema as Rr, IBinaryWireSessionOptions as Rt, IActionFrameDecoder as S, TOnResolveAnyIncomingActionData as Sn, RuntimeCoordinate as Sr, IActionFetchHandlerOptions as St, err_nice_action as T, TOnResolveIncomingRequestJson as Tn, IActionDomain as Tr, IExchangeAcceptorConfig as Tt, createActionFrameCrypto as U, IHandshakeResult as Un, TAcceptorConnectionCaseFn as Ut, IActionFrameCrypto as V, IClientVerifyKeyResolver as Vn, TTransportedValue as Vr, IAcceptorConnectionBinding as Vt, createBinaryWireAdapter as W, IServerHandshakeConfig as Wn, TActionChannelFormatMessage as Wt, wsCarrier as X, decodeHandshakeMessage as Xn, ActionDomain as Xt, IWsCarrierOptions as Y, createStorageTofuVerifyKeyResolver as Yn, ActionCore as Yt, IRtcCarrierOptions as Z, encodeHandshakeMessage as Zn, ActionRootDomain as Zt, TActionProgress as _, ITransportStatusInfo_Initializing as _n, TRunningActionUpdateListener as _r, IConnectionAttachment as _t, IActionPayload_Data_Base as a, IActionTransportReady as an, ActionPayload_Request as ar, createInMemoryChannelPair as at, isActionPayload_Request_JsonObject as b, IUpdateActionRunConfig_Output as bn, IRuntimeCoordinateSpecifics as br, ISecureAcceptorHandlerOptions as bt, IActionPayload_Request_JsonObject as c, IActionTransportResolvers as cn, ERunningActionFinishedType as cr, IExchangeCarrier as ct, IActionProgress_Custom as d, ITransportMethod_SendActionData_Input as dn, IRunningActionUpdate_Abort as dr, TFrame$1 as dt, createConnectorHandler as en, ActionLocalHandler as er, rtcDataChannelByteChannel as et, IActionProgress_None as f, ITransportRouteActionParams as fn, IRunningActionUpdate_Progress as fr, err_nice_external_client as ft, TActionPayload_Any_JsonObject as g, ITransportStatusInfo_Failed as gn, TRunningActionUpdateFinished as gr, ConnectionStateStore as gt, TActionPayload_Any_Instance as h, ITransportStatusInfo_Base as hn, TRunningActionUpdate as hr, createHibernatableWsServerAdapter as ht, IActionPayload_Base_JsonObject as i, IActionTransportInitialized as in, ActionPayload_Progress as ir, IInMemoryServerEndpoint as it, LinkTransport as j, TTransportInitializationFinishedInfo as jn, TInferInputFromSchema as jr, TChannelPushHandlers as jt, plainTransport as k, TSendReturnDataMethod as kn, TActionDomainSchema as kr, IConnectChannelOptions as kt, IActionPayload_Result as l, ISecureClientConfig as ln, ERunningActionState as lr, IExchangeCarrierSource as lt, IActionRouteItemHandler as m, ITransportRouteInfo as mn, IRunningActionUpdate_Success as mr, IHibernatableWsServerAdapterOptions as mt, EActionProgressType as n, ETransportStatus as nn, MaybePromise as nr, inMemoryCarrier as nt, IActionPayload_Progress as o, IActionTransportReadyData_Base as on, IActionCore as or, IDuplexCarrier as ot, IActionProgress_Percentage as p, ITransportRouteClientParams as pn, IRunningActionUpdate_Started as pr, IHibernatableWsServerAdapter as pt, TCarrierFetch as q, createInMemoryTofuVerifyKeyResolver as qn, IActionWireFormat as qt, IActionPayload_Base as r, IActionTransportDef as rn, RunningAction as rr, IInMemoryChannelPair as rt, IActionPayload_Progress_JsonObject as s, IActionTransportReadyData_Methods as sn, IActionCore_JsonObject as sr, IDuplexCarrierSource as st, EActionPayloadType as t, ETransportShape as tn, createLocalHandler as tr, IInMemoryCarrier as tt, IActionPayload_Result_JsonObject as u, ITransportDispatchAction as un, ERunningActionUpdateType as ur, TCarrier as ut, TActionResultOutcome as v, ITransportStatusInfo_Ready as vn, ActionPayload_Result as vr, IConnectionStateStoreOptions as vt, EErrId_NiceAction as w, TOnResolveIncomingRequest as wn, TRuntimeCoordinateStringId as wr, ExchangeAcceptor as wt, isActionPayload_Any_JsonObject as x, TGetTransportFn as xn, IRuntimeFullCoordinates as xr, createSecureAcceptorHandler as xt, isActionPayload_Result_JsonObject as y, ITransportStatusInfo_Unsupported as yn, IRuntimeCoordinate as yr, createConnectionStateStore as yt, IExchangeTransportOptions as z, IClientHandshakeConfig as zn, TActionSchemaOptions as zr, createBinaryWireSessionFactory as zt };
-//# sourceMappingURL=ActionPayload.types-fieMKAgt.d.mts.map
+export { EErrId_NiceTransport_WebSocket as $, IClientVerifyKeyResolver as $n, TTransportedValue as $r, IAcceptorConnectionBinding as $t, ILinkTransportOptions as A, ITransportStatusInfo_Ready as An, ActionPayload_Result as Ar, IDuplexCarrier as At, IActionFrameCryptoConfig as B, TSendActionDataMethod as Bn, TActionDomainChildDef as Br, IActionChannel as Bt, decodeActionFrame as C, ITransportMethod_SendActionData_Input as Cn, IRunningActionUpdate_Abort as Cr, IServeChannelOptions as Ct, secureTransport as D, ITransportStatusInfo_Base as Dn, TRunningActionUpdate as Dr, IExchangeAcceptorCarrier as Dt, ISecureTransportOptions as E, ITransportRouteInfo as En, IRunningActionUpdate_Success as Er, IDuplexAcceptorCarrier as Et, err_nice_transport as F, TOnResolveAnyIncomingActionData_Json as Fn, TRuntimeCoordinateEnvId as Fr, TFrame$1 as Ft, TCarrierFetch as G, TTransportStatusInfo_GetTransport_Output as Gn, TPossibleDomainId as Gr, acceptChannelConnections as Gt, createBinaryWireAdapter as H, TTransportCache as Hn, TDomainActionId as Hr, TChannelAcceptorCases as Ht, ExchangeTransport as I, TOnResolveIncomingRequest as In, TRuntimeCoordinateStringId as Ir, IDuplexConnectionRouter as It, httpAcceptorCarrier as J, Transport as Jn, EActionResponseMode as Jr, ISecureChannel as Jt, httpCarrier as K, TUpdateActionRunConfig as Kn, TPossibleDomainIdList as Kr, connectChannel as Kt, IExchangeTransportOptions as L, TOnResolveIncomingRequestJson as Ln, IActionDomain as Lr, IHibernatableWsServerAdapterOptions as Lt, IActionTransportReadyData_Link as M, IUpdateActionRunConfig_Output as Mn, IRuntimeCoordinateSpecifics as Mr, IExchangeCarrier as Mt, TLinkFormatMessage as N, TGetTransportFn as Nn, IRuntimeFullCoordinates as Nr, IExchangeCarrierSource as Nt, IPlainTransportOptions as O, ITransportStatusInfo_Failed as On, TRunningActionUpdateFinished as Or, TAcceptorCarrier as Ot, EErrId_NiceTransport as P, TOnResolveAnyIncomingActionData as Pn, RuntimeCoordinate as Pr, TCarrier as Pt, wsAcceptorCarrier as Q, IClientVerifyKeyResolveInput as Qn, TActionSerializationDefinition as Qr, AcceptorHandler as Qt, IActionTransportReadyData_Exchange as R, TOnResolveIncomingResponse as Rn, IActionDomainChildOptions as Rr, createHibernatableWsServerAdapter as Rt, IActionFrameDecoder as S, ITransportDispatchAction as Sn, ERunningActionUpdateType as Sr, IChannelServer as St, err_nice_action as T, ITransportRouteClientParams as Tn, IRunningActionUpdate_Started as Tr, IAcceptorHibernation as Tt, IHttpCarrierOptions as U, TTransportInitializationFinishedInfo as Un, TInferInputFromSchema as Ur, TChannelPushHandlers as Ut, createActionFrameCrypto as V, TSendReturnDataMethod as Vn, TActionDomainSchema as Vr, IConnectChannelOptions as Vt, IHttpCarrierRequest as W, TTransportStatusInfo as Wn, TInferOutputFromSchema as Wr, acceptChannel as Wt, wsCarrier as X, ESecurityLevel as Xn, actionSchema as Xr, IBinaryWireSessionOptions as Xt, IWsCarrierOptions as Y, EHandshakeMessageType as Yn, TInferActionError as Yr, defineSecureChannel as Yt, IWsAcceptorCarrierOptions as Z, IClientHandshakeConfig as Zn, TActionSchemaOptions as Zr, createBinaryWireSessionFactory as Zt, TActionProgress as _, IActionTransportReady as _n, ActionPayload_Request as _r, IActionFetchHandlerOptions as _t, IActionPayload_Data_Base as a, IActionWireFormat as an, createInMemoryTofuVerifyKeyResolver as ar, IInMemoryCarrier as at, isActionPayload_Request_JsonObject as b, IActionTransportResolvers as bn, ERunningActionFinishedType as br, IExchangeAcceptorConfig as bt, IActionPayload_Request_JsonObject as c, ActionDomain as cn, decodeHandshakeMessage as cr, IInMemoryServerEndpoint as ct, IActionProgress_Custom as d, ConnectorHandler as dn, PeerLinkHandler as dr, ConnectionStateStore as dt, IAcceptorHandlerOptions as en, IHandshakeEncryptionKeyMaterial as er, err_nice_transport_ws as et, IActionProgress_None as f, createConnectorHandler as fn, ActionLocalHandler as fr, IConnectionAttachment as ft, TActionPayload_Any_JsonObject as g, IActionTransportInitialized as gn, ActionPayload_Progress as gr, createSecureAcceptorHandler as gt, TActionPayload_Any_Instance as h, IActionTransportDef as hn, RunningAction as hr, ISecureAcceptorHandlerOptions as ht, IActionPayload_Base_JsonObject as i, createAcceptorHandler as in, createClientHandshake as ir, rtcDataChannelByteChannel as it, LinkTransport as j, ITransportStatusInfo_Unsupported as jn, IRuntimeCoordinate as jr, IDuplexCarrierSource as jt, plainTransport as k, ITransportStatusInfo_Initializing as kn, TRunningActionUpdateListener as kr, isExchangeAcceptorCarrier as kt, IActionPayload_Result as l, ActionRootDomain as ln, encodeHandshakeMessage as lr, createInMemoryChannelPair as lt, IActionRouteItemHandler as m, ETransportStatus as mn, MaybePromise as mr, createConnectionStateStore as mt, EActionProgressType as n, TActionChannelFormatMessage as nn, IServerHandshakeConfig as nr, rtcCarrier as nt, IActionPayload_Progress as o, createActionRootDomain as on, createServerHandshake as or, inMemoryCarrier as ot, IActionProgress_Percentage as p, ETransportShape as pn, createLocalHandler as pr, IConnectionStateStoreOptions as pt, IHttpAcceptorCarrierOptions as q, ITransportConnectionContext as qn, ActionSchema as qr, defineChannel as qt, IActionPayload_Base as r, TActionConnectionEncoding as rn, THandshakeMessage as rr, IRtcDataChannelLike as rt, IActionPayload_Progress_JsonObject as s, ActionCore as sn, createStorageTofuVerifyKeyResolver as sr, IInMemoryChannelPair as st, EActionPayloadType as t, TAcceptorConnectionCaseFn as tn, IHandshakeResult as tr, IRtcCarrierOptions as tt, IActionPayload_Result_JsonObject as u, ActionRuntime as un, runtimeLinkId as ur, err_nice_external_client as ut, TActionResultOutcome as v, IActionTransportReadyData_Base as vn, IActionCore as vr, createActionFetchHandler as vt, EErrId_NiceAction as w, ITransportRouteActionParams as wn, IRunningActionUpdate_Progress as wr, serveChannel as wt, isActionPayload_Any_JsonObject as x, ISecureClientConfig as xn, ERunningActionState as xr, IExchangeAcceptorSecurity as xt, isActionPayload_Result_JsonObject as y, IActionTransportReadyData_Methods as yn, IActionCore_JsonObject as yr, ExchangeAcceptor as yt, IActionFrameCrypto as z, TOnResolveIncomingResponseJson as zn, IActionRootDomain as zr, IAcceptChannelOptions as zt };
+//# sourceMappingURL=ActionPayload.types-snDlSIF-.d.cts.map