@nice-code/action 0.23.0 → 0.24.0

package/build/{ActionPayload.types-B-OSg09t.d.mts → AcceptorHandler-11-QMdx2.d.mts}

@@ -175,6 +175,28 @@ type TInferOutputFromSchema<SCH extends ActionSchema<any, any, any>> = SCH exten
 } : never;
 type TWrappableDomainActionHandler<DOM extends IActionDomain> = { [K in TDomainActionId<DOM>]: (...args: [TInferInputFromSchema<DOM["actionSchema"][K]>["Input"]] extends [never] ? [] : [input: TInferInputFromSchema<DOM["actionSchema"][K]>["Input"]]) => [TInferOutputFromSchema<DOM["actionSchema"][K]>["Output"]] extends [never] ? Promise<void> | void : Promise<TInferOutputFromSchema<DOM["actionSchema"][K]>["Output"]> };
 //#endregion
+//#region src/ActionDefinition/Action/ActionBase.d.ts
+declare abstract class ActionBase<FORM extends EActionForm, DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> implements IActionBase<FORM, DOM, ID> {
+  readonly form: FORM;
+  readonly _domain: ActionDomain<DOM>;
+  readonly id: ID;
+  readonly domain: DOM["domain"];
+  readonly allDomains: DOM["allDomains"];
+  readonly schema: DOM["actionSchema"][ID];
+  constructor(form: FORM, _domain: ActionDomain<DOM>, id: ID);
+  protected toJsonObject(): IActionBase_JsonObject<FORM, DOM, ID>;
+  protected toJsonString(): string;
+}
+//#endregion
+//#region src/ActionDefinition/Action/Core/ActionCore.types.d.ts
+interface IActionCore<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends IActionBase<EActionForm.core, DOM, ID> {}
+type IActionCore_JsonObject<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = {
+  form: EActionForm.core;
+  domain: DOM["domain"];
+  allDomains: DOM["allDomains"];
+  id: ID;
+};
+//#endregion
 //#region src/ActionRuntime/RuntimeCoordinate.d.ts
 interface IRuntimeCoordinateSpecifics {
   /**
@@ -238,43 +260,6 @@ declare class RuntimeCoordinate implements IRuntimeCoordinate {
   toStringIds(): TRuntimeCoordinateStringId[];
 }
 //#endregion
-//#region src/ActionDefinition/Action/ActionBase.types.d.ts
-declare enum EActionForm {
-  core = "core",
-  context = "context",
-  data = "data"
-}
-interface INiceActionIdAndDomain<DOM extends IActionDomain = IActionDomain> {
-  domain: DOM["domain"];
-  id: keyof DOM["actionSchema"] & string;
-}
-interface IActionBase<FORM extends EActionForm, DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends INiceActionIdAndDomain<DOM> {
-  id: ID;
-  form: FORM;
-  _domain: ActionDomain<DOM>;
-  allDomains: DOM["allDomains"];
-  schema: DOM["actionSchema"][ID];
-}
-interface IActionBase_JsonObject<FORM extends EActionForm = EActionForm, DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> {
-  form: FORM;
-  domain: DOM["domain"];
-  allDomains: DOM["allDomains"];
-  id: ID;
-}
-//#endregion
-//#region src/ActionDefinition/Action/ActionBase.d.ts
-declare abstract class ActionBase<FORM extends EActionForm, DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> implements IActionBase<FORM, DOM, ID> {
-  readonly form: FORM;
-  readonly _domain: ActionDomain<DOM>;
-  readonly id: ID;
-  readonly domain: DOM["domain"];
-  readonly allDomains: DOM["allDomains"];
-  readonly schema: DOM["actionSchema"][ID];
-  constructor(form: FORM, _domain: ActionDomain<DOM>, id: ID);
-  protected toJsonObject(): IActionBase_JsonObject<FORM, DOM, ID>;
-  protected toJsonString(): string;
-}
-//#endregion
 //#region src/ActionDefinition/Action/Context/ActionContext.types.d.ts
 interface IActionRouteItem {
   runtime: RuntimeCoordinate;
@@ -338,6 +323,17 @@ declare abstract class ActionPayload<DT extends EActionPayloadType, DOM extends
   abstract toJsonObject(): IActionPayload_Base_JsonObject<DT, DOM, ID>;
 }
 //#endregion
+//#region src/ActionDefinition/Action/Payload/ActionPayload_Progress.d.ts
+declare class ActionPayload_Progress<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends ActionPayload<EActionPayloadType.progress, DOM, ID> implements IActionPayload_Progress<DOM, ID> {
+  readonly progress: TActionProgress;
+  constructor(params: {
+    context: ActionContext<DOM, ID>;
+  } | ActionPayload_Request<DOM, ID>, progress: TActionProgress, data: IActionPayload_Data_Base);
+  toJsonObject(): IActionPayload_Progress_JsonObject<DOM, ID>;
+  toJsonString(): string;
+  toHttpResponse(): Response;
+}
+//#endregion
 //#region src/ActionDefinition/Action/Payload/ActionPayload_Result.d.ts
 declare class ActionPayload_Result<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends ActionPayload<EActionPayloadType.result, DOM, ID> {
   readonly result: TActionResultOutcome<TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"], TInferActionError<DOM["actionSchema"][ID]>>;
@@ -420,40 +416,79 @@ interface IRunningActionUserMethods<DOM extends IActionDomain, ID extends keyof
   abort(reason?: unknown): void;
 }
 //#endregion
-//#region src/ActionDefinition/Action/Core/ActionCore.types.d.ts
-interface IActionCore<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends IActionBase<EActionForm.core, DOM, ID> {}
-type IActionCore_JsonObject<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = {
-  form: EActionForm.core;
-  domain: DOM["domain"];
-  allDomains: DOM["allDomains"];
-  id: ID;
-};
+//#region src/ActionDefinition/Action/RunningAction.d.ts
+declare class RunningAction<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> implements IRunningActionUserMethods<DOM, ID> {
+  protected _state: IRunningActionState<DOM, ID>;
+  readonly context: ActionContext<DOM, ID>;
+  readonly cuid: string;
+  readonly id: ID;
+  readonly _domain: ActionDomain<DOM>;
+  readonly domain: DOM["domain"];
+  readonly allDomains: DOM["allDomains"];
+  readonly parentCuid?: string;
+  readonly callSite?: string;
+  private readonly _resultPayloadPromise;
+  private _resolveResult;
+  private _rejectResult;
+  private _isAborted;
+  private readonly _updates;
+  private readonly _updateListeners;
+  constructor(initialState: IRunningActionState_ConstructorParams<DOM, ID>);
+  get state(): IRunningActionState<DOM, ID>;
+  abort(reason?: unknown): void;
+  addUpdateListeners(listeners: TRunningActionUpdateListener<DOM, ID>[]): () => void;
+  iterateUpdates(): AsyncIterable<TRunningActionUpdate<DOM, ID>>;
+  _sendUpdate(update: TRunningActionUpdate<DOM, ID>): void;
+  _completeWithResult(result: ActionPayload_Result<DOM, ID>): boolean;
+  _abort(reason?: unknown): boolean;
+  _failWithError(error: unknown): boolean;
+  _updateProgress(progress: ActionPayload_Progress<DOM, ID>): void;
+  waitForResultPayload(): Promise<ActionPayload_Result<DOM, ID>>;
+  _resolveFromJson(resultJson: IActionPayload_Result_JsonObject<DOM, ID>): boolean;
+}
 //#endregion
-//#region src/ActionDefinition/Action/Action.combined.types.d.ts
-/**
- * Distributes a union ID into a proper discriminated union of ActionPayload_Request instances,
- * so that narrowing on `.id` also narrows `.input`.
- */
-type TDistributeActionPayload_Request<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string> = ID extends keyof DOM["actionSchema"] & string ? ActionPayload_Request<DOM, ID> : never;
-/**
- * Distributes a union ID into a proper discriminated union of ActionPayload_Result instances,
- * so that narrowing on `.id` also narrows `.result`.
- */
-type TDistributeActionPayload_Result<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string> = ID extends keyof DOM["actionSchema"] & string ? ActionPayload_Result<DOM, ID> : never;
-/**
- *
- *  COMBINED JSON TYPES
- *
- */
-type TAction_Any_JsonObject<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = IActionCore_JsonObject<DOM, ID> | TActionPayload_Any_JsonObject<DOM, ID> | IActionContext_JsonObject<DOM, ID>;
-/**
- *
- *  UTILITY TYPES
- *
- */
-type TDistributedDomainActions<DOM extends IActionDomain, ACT extends IActionBase<any, DOM, any>> = { [ID in keyof DOM["actionSchema"] & string]: TNarrowActionType<DOM, ACT, ID> }[keyof DOM["actionSchema"] & string];
-type TNarrowActionType<DOM extends IActionDomain, ACT extends IActionBase<any, DOM, any>, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = ACT extends ActionPayload_Result<any> ? ActionPayload_Result<DOM, ID> : ACT extends ActionPayload_Request<any> ? ActionPayload_Request<DOM, ID> : ACT extends ActionPayload_Progress<any> ? ActionPayload_Progress<DOM, ID> : ACT extends ActionCore<any> ? ActionCore<DOM, ID> : never;
-type TNarrowActionJsonTypeToActionInstanceType<DOM extends IActionDomain, ACT extends TAction_Any_JsonObject<DOM>, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = ACT extends IActionPayload_Request_JsonObject<any> ? ActionPayload_Request<DOM, ID> : ACT extends IActionPayload_Result_JsonObject<any> ? ActionPayload_Result<DOM, ID> : ACT extends IActionPayload_Progress_JsonObject<any> ? ActionPayload_Progress<DOM, ID> : ACT extends IActionCore_JsonObject<any> ? ActionCore<DOM, ID> : never;
+//#region src/ActionDefinition/Domain/ActionDomainBase.d.ts
+declare abstract class ActionDomainBase<ACT_DOM extends IActionDomain = IActionDomain> implements IActionDomain<ACT_DOM["allDomains"], ACT_DOM["actionSchema"]> {
+  readonly domain: ACT_DOM["domain"];
+  readonly allDomains: ACT_DOM["allDomains"];
+  readonly actionSchema: ACT_DOM["actionSchema"];
+  protected _listeners: TRunningActionUpdateListener<any, any>[];
+  constructor(definition: ACT_DOM);
+  /**
+   * Add an observer that is called after every action dispatched through this domain.
+   * Returns an unsubscribe function — call it to remove the listener.
+   */
+  addActionListener(listener: TDistributeRunningActionUpdateListener<ACT_DOM, keyof ACT_DOM["actionSchema"] & string>): () => void;
+  /**
+   * @internal
+   * Observers registered directly on this domain via {@link addActionListener}.
+   * Used to wire observers (e.g. devtools) onto RunningActions that aren't created
+   * through the local-dispatch path — notably inbound actions pushed from a backend
+   * or another client over a bidirectional transport.
+   */
+  _getActionObservers(): TRunningActionUpdateListener<any, any>[];
+}
+//#endregion
+//#region src/ActionDefinition/Domain/ActionRootDomain.d.ts
+declare class ActionRootDomain<ROOT_DOM extends IActionRootDomain = IActionRootDomain> extends ActionDomainBase<ROOT_DOM> {
+  readonly domainDefinition: {
+    domain: ROOT_DOM["domain"];
+  };
+  private _actionRuntimeManager;
+  constructor(domainDefinition: {
+    domain: ROOT_DOM["domain"];
+  });
+  createChildDomain<SUB_DOM extends IActionDomainChildOptions>(subDomainDef: SUB_DOM & { [K in Exclude<keyof SUB_DOM, keyof IActionDomainChildOptions>]: never }): ActionDomain<TActionDomainChildDef<ROOT_DOM, SUB_DOM>>;
+  _registerRuntime(runtime: ActionRuntime): void;
+  _hasRuntime(runtime: ActionRuntime): boolean;
+  getRuntime(clientSpecifier: IRuntimeCoordinate): ActionRuntime | undefined;
+  _runAction<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string, ACT extends ActionPayload_Request<DOM, ID> = ActionPayload_Request<DOM, ID>>(actionPayload: ACT, options?: IExecuteActionOptions<DOM, ID>): Promise<RunningAction<DOM, ID>>;
+}
+//#endregion
+//#region src/ActionDefinition/Domain/helpers/createRootActionDomain.d.ts
+declare const createActionRootDomain: <ID extends string>(definition: {
+  domain: ID;
+}) => ActionRootDomain<IActionRootDomain<ID>>;
 //#endregion
 //#region src/ActionRuntime/ActionDomainManager.d.ts
 declare class ActionDomainManager {
@@ -532,133 +567,20 @@ declare class ActionRouter<DATA> {
   private _push;
 }
 //#endregion
-//#region src/ActionRuntime/Handler/ActionHandler.types.d.ts
-declare enum EActionHandlerType {
-  peer = "peer",
-  local = "local"
-}
-interface IActionHandler_Json<T extends EActionHandlerType> {
-  type: T;
-}
-interface IActionHandler_Peer_Json extends IActionHandler_Json<EActionHandlerType.peer> {
-  client: IRuntimeCoordinate;
-}
-interface IActionHandler_Local_Json extends IActionHandler_Json<EActionHandlerType.local> {}
-type TActionHandler_Json = IActionHandler_Local_Json | IActionHandler_Peer_Json;
-interface IHandleActionOptions {
-  timeout?: number;
-  targetPeer?: RuntimeCoordinate;
-  targetLocalRuntime?: ActionRuntime;
-}
-interface IExecuteActionOptions<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends IHandleActionOptions {
-  listeners?: TRunningActionUpdateListener<DOM, ID>[];
-}
-interface IActionHandler_Base<T extends EActionHandlerType> {
-  cuid: string;
-  handlerType: T;
-  getActionRouter: () => ActionRouter<any>;
-}
-/**
- *
- *  LOCAL ACTION HANDLER
- *
- */
-interface IHandleActionOptions_Local extends IHandleActionOptions {}
-interface IActionHandler_Local extends IActionHandler_Base<EActionHandlerType.local> {
-  handleActionRequest: <DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: ActionPayload_Request<DOM, ID>, config?: IHandleActionOptions_Local) => Promise<RunningAction<DOM, ID>>;
-}
-/**
- *
- *  PEER-LINK ACTION HANDLER
- *
- */
-interface IHandleActionOptions_Peer extends IHandleActionOptions {}
-interface IActionHandler_Peer extends IActionHandler_Base<EActionHandlerType.peer> {
-  peerClient: RuntimeCoordinate;
-  handleActionRequest: <DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: ActionPayload_Request<DOM, ID>, config?: IHandleActionOptions_Peer) => Promise<RunningAction<DOM, ID>>;
-  _setIncomingActionDataListener(listener: (json: TActionPayload_Any_JsonObject<any>) => void): void;
+//#region src/ActionRuntime/Handler/ActionHandler.d.ts
+declare abstract class ActionHandler<T extends EActionHandlerType> implements IActionHandler_Base<T> {
+  abstract readonly handlerType: T;
+  readonly cuid: string;
+  abstract readonly actionRouter: ActionRouter<any>;
+  constructor();
+  getActionRouter(): ActionRouter<any>;
+  abstract handleActionRequest<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: ActionPayload_Request<DOM, ID>, config?: IHandleActionOptions): Promise<RunningAction<DOM, ID>>;
+  abstract toJsonObject(): TActionHandler_Json;
+  abstract toHandlerRouteItem(...args: any[]): IActionRouteItemHandler;
 }
-/**
- *
- *  COMBINED
- *
- */
-type TActionHandler = IActionHandler_Local | IActionHandler_Peer;
 //#endregion
-//#region src/ActionDefinition/Action/Payload/ActionPayload_Request.d.ts
-declare class ActionPayload_Request<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends ActionPayload<EActionPayloadType.request, DOM, ID> {
-  readonly input: TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"];
-  readonly inputHash: string;
-  _callSite?: string;
-  constructor(params: {
-    context: ActionContext<DOM, ID>;
-  }, input: TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"], data: IActionPayload_Data_Base);
-  successResult(...args: [TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"]] extends [never] ? [] | [output: TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"]] : [output: TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"]]): ActionPayload_Result<DOM, ID>;
-  errorResult(err: TInferActionError<DOM["actionSchema"][ID]>): ActionPayload_Result<DOM, ID>;
-  progress(progress: TActionProgress): ActionPayload_Progress<DOM, ID>;
-  toJsonObject(): IActionPayload_Request_JsonObject<DOM, ID>;
-  toJsonString(): string;
-  runToOutput(options?: IExecuteActionOptions<DOM, ID>): Promise<TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"]>;
-  runToResultPayload(options?: IExecuteActionOptions<DOM, ID>): Promise<ActionPayload_Result<DOM, ID>>;
-  run(options?: IExecuteActionOptions<DOM, ID>): Promise<RunningAction<DOM, ID>>;
-}
-//#endregion
-//#region src/ActionDefinition/Action/Payload/ActionPayload_Progress.d.ts
-declare class ActionPayload_Progress<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends ActionPayload<EActionPayloadType.progress, DOM, ID> implements IActionPayload_Progress<DOM, ID> {
-  readonly progress: TActionProgress;
-  constructor(params: {
-    context: ActionContext<DOM, ID>;
-  } | ActionPayload_Request<DOM, ID>, progress: TActionProgress, data: IActionPayload_Data_Base);
-  toJsonObject(): IActionPayload_Progress_JsonObject<DOM, ID>;
-  toJsonString(): string;
-  toHttpResponse(): Response;
-}
-//#endregion
-//#region src/ActionDefinition/Action/RunningAction.d.ts
-declare class RunningAction<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> implements IRunningActionUserMethods<DOM, ID> {
-  protected _state: IRunningActionState<DOM, ID>;
-  readonly context: ActionContext<DOM, ID>;
-  readonly cuid: string;
-  readonly id: ID;
-  readonly _domain: ActionDomain<DOM>;
-  readonly domain: DOM["domain"];
-  readonly allDomains: DOM["allDomains"];
-  readonly parentCuid?: string;
-  readonly callSite?: string;
-  private readonly _resultPayloadPromise;
-  private _resolveResult;
-  private _rejectResult;
-  private _isAborted;
-  private readonly _updates;
-  private readonly _updateListeners;
-  constructor(initialState: IRunningActionState_ConstructorParams<DOM, ID>);
-  get state(): IRunningActionState<DOM, ID>;
-  abort(reason?: unknown): void;
-  addUpdateListeners(listeners: TRunningActionUpdateListener<DOM, ID>[]): () => void;
-  iterateUpdates(): AsyncIterable<TRunningActionUpdate<DOM, ID>>;
-  _sendUpdate(update: TRunningActionUpdate<DOM, ID>): void;
-  _completeWithResult(result: ActionPayload_Result<DOM, ID>): boolean;
-  _abort(reason?: unknown): boolean;
-  _failWithError(error: unknown): boolean;
-  _updateProgress(progress: ActionPayload_Progress<DOM, ID>): void;
-  waitForResultPayload(): Promise<ActionPayload_Result<DOM, ID>>;
-  _resolveFromJson(resultJson: IActionPayload_Result_JsonObject<DOM, ID>): boolean;
-}
-//#endregion
-//#region src/ActionRuntime/Handler/ActionHandler.d.ts
-declare abstract class ActionHandler<T extends EActionHandlerType> implements IActionHandler_Base<T> {
-  abstract readonly handlerType: T;
-  readonly cuid: string;
-  abstract readonly actionRouter: ActionRouter<any>;
-  constructor();
-  getActionRouter(): ActionRouter<any>;
-  abstract handleActionRequest<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: ActionPayload_Request<DOM, ID>, config?: IHandleActionOptions): Promise<RunningAction<DOM, ID>>;
-  abstract toJsonObject(): TActionHandler_Json;
-  abstract toHandlerRouteItem(...args: any[]): IActionRouteItemHandler;
-}
-//#endregion
-//#region src/utils/typescript/MaybePromise.d.ts
-type MaybePromise<T> = T | Promise<T>;
+//#region src/utils/typescript/MaybePromise.d.ts
+type MaybePromise<T> = T | Promise<T>;
 //#endregion
 //#region src/ActionRuntime/Handler/Local/ActionLocalHandler.types.d.ts
 type THandleActionExecutionFn<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = (action: TDistributeActionPayload_Request<DOM, ID>) => MaybePromise<ActionPayload_Result<DOM, ID> | IActionPayload_Result_JsonObject<DOM, ID> | TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"] | undefined>;
@@ -708,72 +630,6 @@ declare class ActionLocalHandler extends ActionHandler<EActionHandlerType.local>
 }
 declare const createLocalHandler: () => ActionLocalHandler;
 //#endregion
-//#region src/ActionRuntime/Handler/PeerLink/PeerLinkHandler.d.ts
-/**
- * Shared base for every handler that routes a domain set to/from *another runtime* (a "peer") — the
- * unified peer-link concept. Both specializations extend this as siblings, differing only in *who
- * establishes the connection*, which is a transport trait, not a routing one:
- *
- * - {@link ConnectorHandler} — **dial-out**: this runtime opens connection(s) to one peer
- *   over a transport stack (with caching + fallback). The classic "client → backend" link.
- * - {@link AcceptorHandler} — **accept-in**: connections are accepted from many peers and fed in
- *   via `receive()`; it keeps a per-connection registry and can push to any of them.
- *
- * To the runtime there is no "client" vs "server" — both are peer-link handlers (`handlerType =
- * external`) keyed to a peer coordinate, chosen by the return-path dispatch via {@link sendReturnPayload}.
- */
-declare abstract class PeerLinkHandler extends ActionHandler<EActionHandlerType.peer> implements IActionHandler_Peer {
-  /** The peer runtime this handler links to (an env-only coordinate for an accept-in handler). */
-  readonly peerClient: RuntimeCoordinate;
-  readonly handlerType = EActionHandlerType.peer;
-  /**
-   * Whether this link can deliver an *unsolicited* frame to the peer (a result/progress pushed back on
-   * the return path, or a `broadcast`). A duplex carrier (WebSocket/WebRTC/…) can; an exchange-only
-   * carrier (HTTP) cannot — its reply must ride the response to its own request. The runtime's
-   * return-path dispatch ({@link ActionRuntime.getReturnHandlerForOrigin}) skips handlers that can't
-   * push, so an exchange-only handler is never asked to deliver one.
-   */
-  abstract readonly canPush: boolean;
-  readonly actionRouter: ActionRouter<true>;
-  /** Listeners installed by the runtime (`resolveIncomingActionPayload`) for inbound peer frames. */
-  private readonly _incomingActionDataListeners;
-  constructor(peerCoordinate: RuntimeCoordinate);
-  forDomain<FOR_DOM extends IActionDomain>(domain: ActionDomain<FOR_DOM>): this;
-  forAction<ACT_DOM extends IActionDomain, ID extends keyof ACT_DOM["actionSchema"] & string>(action: ActionCore<ACT_DOM, ID>): this;
-  forActionIds<ACT_DOM extends IActionDomain, IDS extends ReadonlyArray<keyof ACT_DOM["actionSchema"] & string>>(domain: ActionDomain<ACT_DOM>, ids: IDS): this;
-  _setIncomingActionDataListener(listener: (json: TActionPayload_Any_JsonObject<any, any>) => void): void;
-  /** Hand a decoded inbound frame to the runtime (called by each specialization's receive path). */
-  protected _emitIncoming(json: TActionPayload_Any_JsonObject<any, any>): void;
-  /**
-   * Dispatch a result/progress payload back to the action's origin peer over this link. The runtime's
-   * return-path dispatch calls it on whichever peer-link handler best reaches `originClient`. Returns
-   * `true` if it was sent, `false` if no channel was available.
-   */
-  abstract sendReturnPayload(payload: TActionPayload_Any_Instance<any, any>, config: {
-    targetLocalRuntime: ActionRuntime;
-  }): Promise<boolean>;
-  /**
-   * Whether this handler currently holds a *live* connection bound to `origin`. The runtime's return-path
-   * dispatch ({@link ActionRuntime.getReturnHandlerForOrigin}) prefers a handler that owns the origin's
-   * connection over a mere coordinate match, so with several duplex acceptors a result/push routes back
-   * over the carrier the client connected on. Defaults to `false`; an acceptor overrides it from its
-   * connection registry.
-   */
-  ownsLiveConnectionFor(_origin: RuntimeCoordinate): boolean;
-  /** Release any long-lived connections this handler owns (a teardown). No-op by default. */
-  clearTransportCache(): void;
-}
-//#endregion
-//#region src/ActionRuntime/ActionRuntime.types.d.ts
-interface IRuntimeMeta {
-  assumed: boolean;
-  runtimeName: RuntimeName;
-}
-interface IActionRuntimeManagerContext {
-  domain?: string;
-}
-type TActionRuntimeHandler = ActionLocalHandler | PeerLinkHandler;
-//#endregion
 //#region src/ActionRuntime/Transport/crypto/actionHandshake.d.ts
 /** How much the channel protects after the handshake — chosen by the consumer (perf vs security). */
 declare enum ESecurityLevel {
@@ -958,6 +814,50 @@ declare function createServerHandshake(config: IServerHandshakeConfig): {
   getResult(): IHandshakeResult | undefined;
 };
 //#endregion
+//#region src/ActionRuntime/Handler/PeerLink/Acceptor/createSecureActionServer.d.ts
+interface ISecureAcceptorHandlerOptions<TConn> {
+  /** The shared channel identity (codec + dictionary version) — same one the clients use. */
+  channel: IActionChannel;
+  /**
+   * Coordinate of the *connecting clients* (typically env-only, e.g. `RuntimeCoordinate.env("web_app")`),
+   * used to route results/pushes back over this handler.
+   */
+  clientEnv: RuntimeCoordinate;
+  /** This server's runtime — its coordinate is the server identity presented in the handshake. */
+  runtime: ActionRuntime;
+  /**
+   * One backing store for the server's crypto identity *and* its trust-on-first-use verify-key pins.
+   * Their keys don't collide, so a single adapter is enough; back it with persistent storage (e.g. a
+   * Durable Object's storage) so identity and pins survive eviction.
+   */
+  storage: StorageAdapter;
+  /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
+  send: (connection: TConn, frame: string | Uint8Array | ArrayBuffer) => void;
+  /**
+   * The server's crypto identity. Defaults to a fresh {@link ClientCryptoKeyLink} over `storage`.
+   * Pass an existing link to share one identity across several acceptors on the same server (e.g. a
+   * WebSocket acceptor and a secure-HTTP {@link createActionFetchHandler}), so they present the same
+   * verify/exchange keys — avoiding a divergent-key race when two fresh links initialize concurrently.
+   */
+  link?: ClientCryptoKeyLink;
+  /** Accepted level(s); defaults to negotiating any of none/authenticated/encrypted. */
+  securityLevel?: ESecurityLevel | readonly ESecurityLevel[];
+  /** Trust decision for a client's verify key; defaults to storage-backed TOFU over `storage`. */
+  verifyKeyResolver?: IClientVerifyKeyResolver;
+  /** Timeout (ms) applied to server-initiated actions awaiting a client response. */
+  defaultTimeout?: number;
+}
+/**
+ * Build an {@link AcceptorHandler} for the secure binary channel with the boilerplate folded in:
+ * it creates the {@link ClientCryptoKeyLink} and the storage-backed TOFU resolver from a single
+ * `storage`, installs the channel's per-connection codec, and assembles the `security` block
+ * from the runtime coordinate + channel version (accepting all three levels by default).
+ *
+ * For a hibernatable transport (e.g. a Durable Object), pair it with
+ * {@link createHibernatableWsServerAdapter} to wire persistence + replay.
+ */
+declare function createSecureAcceptorHandler<TConn = unknown>(options: ISecureAcceptorHandlerOptions<TConn>): AcceptorHandler<TConn>;
+//#endregion
 //#region src/ActionRuntime/Transport/Transport.d.ts
 /**
  * Context handed to a {@link Transport} definition when a handler builds a live connection from it.
@@ -967,9 +867,8 @@ interface ITransportConnectionContext {
   resolvers?: IActionTransportResolvers;
 }
 /**
- * Reusable transport definition. Devs construct these (`secureTransport({ carrier: wsCarrier(() => ({ url })) })`,
- * `plainTransport({ carrier: httpCarrier(...) })`, …) and pass them to a
- * `ConnectorHandler`. A single
+ * Reusable transport definition. Built by the internal `transport({ carrier, secure })` factory (which
+ * `connectChannel` / `serveChannel` drive) and passed to a `ConnectorHandler`. A single
  * definition can be shared across multiple handlers — each handler builds its own live
  * {@link TransportConnection} via {@link TransportConnection._createConnection}.
  */
@@ -1197,6 +1096,62 @@ interface IActionTransportDef<TYPE extends ETransportShape, INIT extends IAction
   initialize: () => INIT;
 }
 //#endregion
+//#region src/ActionRuntime/Handler/PeerLink/PeerLinkHandler.d.ts
+/**
+ * Shared base for every handler that routes a domain set to/from *another runtime* (a "peer") — the
+ * unified peer-link concept. Both specializations extend this as siblings, differing only in *who
+ * establishes the connection*, which is a transport trait, not a routing one:
+ *
+ * - {@link ConnectorHandler} — **dial-out**: this runtime opens connection(s) to one peer
+ *   over a transport stack (with caching + fallback). The classic "client → backend" link.
+ * - {@link AcceptorHandler} — **accept-in**: connections are accepted from many peers and fed in
+ *   via `receive()`; it keeps a per-connection registry and can push to any of them.
+ *
+ * To the runtime there is no "client" vs "server" — both are peer-link handlers (`handlerType =
+ * external`) keyed to a peer coordinate, chosen by the return-path dispatch via {@link sendReturnPayload}.
+ */
+declare abstract class PeerLinkHandler extends ActionHandler<EActionHandlerType.peer> implements IActionHandler_Peer {
+  /** The peer runtime this handler links to (an env-only coordinate for an accept-in handler). */
+  readonly peerClient: RuntimeCoordinate;
+  readonly handlerType = EActionHandlerType.peer;
+  /**
+   * Whether this link can deliver an *unsolicited* frame to the peer (a result/progress pushed back on
+   * the return path, or a `broadcast`). A duplex carrier (WebSocket/WebRTC/…) can; an exchange-only
+   * carrier (HTTP) cannot — its reply must ride the response to its own request. The runtime's
+   * return-path dispatch ({@link ActionRuntime.getReturnHandlerForOrigin}) skips handlers that can't
+   * push, so an exchange-only handler is never asked to deliver one.
+   */
+  abstract readonly canPush: boolean;
+  readonly actionRouter: ActionRouter<true>;
+  /** Listeners installed by the runtime (`resolveIncomingActionPayload`) for inbound peer frames. */
+  private readonly _incomingActionDataListeners;
+  constructor(peerCoordinate: RuntimeCoordinate);
+  forDomain<FOR_DOM extends IActionDomain>(domain: ActionDomain<FOR_DOM>): this;
+  forAction<ACT_DOM extends IActionDomain, ID extends keyof ACT_DOM["actionSchema"] & string>(action: ActionCore<ACT_DOM, ID>): this;
+  forActionIds<ACT_DOM extends IActionDomain, IDS extends ReadonlyArray<keyof ACT_DOM["actionSchema"] & string>>(domain: ActionDomain<ACT_DOM>, ids: IDS): this;
+  _setIncomingActionDataListener(listener: (json: TActionPayload_Any_JsonObject<any, any>) => void): void;
+  /** Hand a decoded inbound frame to the runtime (called by each specialization's receive path). */
+  protected _emitIncoming(json: TActionPayload_Any_JsonObject<any, any>): void;
+  /**
+   * Dispatch a result/progress payload back to the action's origin peer over this link. The runtime's
+   * return-path dispatch calls it on whichever peer-link handler best reaches `originClient`. Returns
+   * `true` if it was sent, `false` if no channel was available.
+   */
+  abstract sendReturnPayload(payload: TActionPayload_Any_Instance<any, any>, config: {
+    targetLocalRuntime: ActionRuntime;
+  }): Promise<boolean>;
+  /**
+   * Whether this handler currently holds a *live* connection bound to `origin`. The runtime's return-path
+   * dispatch ({@link ActionRuntime.getReturnHandlerForOrigin}) prefers a handler that owns the origin's
+   * connection over a mere coordinate match, so with several duplex acceptors a result/push routes back
+   * over the carrier the client connected on. Defaults to `false`; an acceptor overrides it from its
+   * connection registry.
+   */
+  ownsLiveConnectionFor(_origin: RuntimeCoordinate): boolean;
+  /** Release any long-lived connections this handler owns (a teardown). No-op by default. */
+  clearTransportCache(): void;
+}
+//#endregion
 //#region src/ActionRuntime/Handler/PeerLink/Connector/ConnectorHandler.types.d.ts
 interface IConnectorHandlerConfig {
   defaultTimeout?: number;
@@ -1242,180 +1197,98 @@ declare class ConnectorHandler extends PeerLinkHandler {
 }
 declare const createConnectorHandler: (config: IConnectorHandlerConfig) => ConnectorHandler;
 //#endregion
-//#region src/ActionRuntime/ActionRuntime.d.ts
-declare class ActionRuntime {
-  private _coordinate;
-  readonly timeCreated: number;
-  readonly runtimeInfo: IRuntimeMeta;
-  private readonly actionRouter;
-  private readonly _pendingRunningActions;
-  private readonly _registeredPeerHandlers;
-  private _applied;
-  static getDefault(): ActionRuntime;
-  constructor(coordinate: RuntimeCoordinate);
-  get coordinate(): RuntimeCoordinate;
-  specifyRuntimeCoordinate(specifics: IRuntimeCoordinateSpecifics & {
-    envId?: string;
-  }): void;
-  registerRunningAction(ra: RunningAction<any, any>): void;
-  resolveIncomingActionPayload(json: TActionPayload_Any_JsonObject<any, any>): void;
-  /**
-   * Handle an incoming action wire (e.g. from a transport layer), route it to
-   * the correct handler, and return the response. The most specific handler
-   * match is chosen (action-ID-specific beats domain-wildcard).
-   */
-  handleActionPayloadWire<D extends IActionDomain, ID extends keyof D["actionSchema"] & string>(wire: TActionPayload_Any_JsonObject<D, ID>): Promise<RunningAction<D, ID>>;
-  handleActionPayloadWire(wire: unknown): Promise<RunningAction<any, any>>;
-  handleActionPayload<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: TActionPayload_Any_Instance<DOM, ID>, options?: Omit<IHandleActionOptions, "targetLocalRuntime">): Promise<RunningAction<DOM, ID>>;
-  /**
-   * @internal
-   *
-   * Return the first handler registered for the given action, or `undefined`
-   * if none has been registered (action-ID-specific beats domain-wildcard).
-   */
-  _getHandlerForAction<ACT extends TActionPayload_Any_Instance<any, any>>(action: ACT, options?: Omit<IHandleActionOptions, "targetLocalRuntime">): TActionHandler | undefined;
-  getHandlerForActionOrThrow<ACT extends TActionPayload_Any_Instance<any, any>>(action: ACT, options?: Omit<IHandleActionOptions, "localRuntime">): TActionHandler;
-  /**
-   * Register one or more handlers. Each handler's own `actionRouter` defines
-   * which domains/actions it handles — those routing keys are mirrored into
-   * this runtime's router so the same action can be served by multiple handlers.
-   * Duplicate registrations (same handler cuid for the same key) are skipped.
-   */
-  addHandlers(handlers: TActionRuntimeHandler[]): this;
-  /**
-   * @internal Low-level primitive — the public way to open a connection is `connectChannel`, which
-   * derives routing from a channel and binds the crypto identity for you. This stays as the raw building
-   * block it sits on (it restates domain lists by hand) and is not part of the supported surface.
-   *
-   * Declare an external "backend client" in one call: build an
-   * {@link ConnectorHandler} for `externalCoordinate` carrying the given
-   * `transports`, route the listed `domains`/`actions` to it, register it (plus any
-   * `localHandlers` — e.g. server→client push handlers that share the same channel)
-   * on this runtime, and `apply()`. Returns the external handler so the caller can
-   * later `clearTransportCache()` it.
-   */
-  connectTo(externalCoordinate: RuntimeCoordinate, options: {
-    transports: Transport[];
-    domains?: ActionDomain<any>[];
-    actions?: ActionCore<any, any>[];
-    localHandlers?: TActionRuntimeHandler[];
-    defaultTimeout?: number;
-  }): ConnectorHandler;
-  private applyRuntimeForDomain;
-  /**
-   * Register this runtime with all root domains covered by its currently-added handlers,
-   * making it eligible to execute actions dispatched from those domains.
-   * After apply() is called, any subsequent addHandlers() calls also auto-register.
-   */
-  apply(): this;
-  /**
-   * Find the best registered external handler that can reach `originClient` directly.
-   * Used to locate the return-path channel for dispatching results back to the action origin.
-   * Returns `undefined` if no handler matches (score > 0 required, i.e. at least id must match).
-   *
-   * A handler that currently holds the origin's *live* connection always wins over a mere coordinate
-   * match — so with several duplex acceptors (e.g. WS + WebRTC) a result/push routes back over the carrier
-   * the client actually connected on, never a same-coordinate sibling that lacks the socket. Only when no
-   * handler owns a live connection do we fall back to the plain best-coordinate-score pick (the
-   * single-acceptor and connector-only cases, unchanged).
-   */
-  getReturnHandlerForOrigin(originClient: RuntimeCoordinate): PeerLinkHandler | undefined;
-  resetRuntime(): void;
-  private _trySetupReturnDispatch;
-}
-//#endregion
-//#region src/ActionDefinition/Domain/ActionDomainBase.d.ts
-declare abstract class ActionDomainBase<ACT_DOM extends IActionDomain = IActionDomain> implements IActionDomain<ACT_DOM["allDomains"], ACT_DOM["actionSchema"]> {
-  readonly domain: ACT_DOM["domain"];
-  readonly allDomains: ACT_DOM["allDomains"];
-  readonly actionSchema: ACT_DOM["actionSchema"];
-  protected _listeners: TRunningActionUpdateListener<any, any>[];
-  constructor(definition: ACT_DOM);
-  /**
-   * Add an observer that is called after every action dispatched through this domain.
-   * Returns an unsubscribe function — call it to remove the listener.
-   */
-  addActionListener(listener: TDistributeRunningActionUpdateListener<ACT_DOM, keyof ACT_DOM["actionSchema"] & string>): () => void;
+//#region src/ActionRuntime/Transport/Carrier/Carrier.types.d.ts
+/**
+ * Carrier shapes — the only transport-specific surface a new protocol must implement. The secure
+ * session (handshake + frame crypto + codec) and the action routing on top of it are carrier-agnostic;
+ * a carrier just moves frames. Two shapes capture every carrier:
+ *
+ * - {@link IDuplexCarrier} — a persistent, push-capable byte stream (WebSocket, WebRTC `RTCDataChannel`,
+ *   Bluetooth GATT, an in-memory pipe). Either side can send at any time, so it supports server→client
+ *   pushes (the return path + broadcast).
+ * - {@link IExchangeCarrier} — a request → single-correlated-reply carrier with no unsolicited push
+ *   (HTTP, and anything request/response-shaped). The reply rides the response to its own request.
+ *
+ * Frames are `string` (text — handshake control messages and JSON action frames) or binary
+ * (`Uint8Array`/`ArrayBuffer` — the optimized binary wire / encrypted frames).
+ */
+type TFrame$1 = string | Uint8Array | ArrayBuffer;
+/**
+ * A bidirectional, push-capable byte stream. Reduces every duplex carrier to "open, send bytes, receive
+ * bytes, close" — a WebSocket, a WebRTC data channel, a Bluetooth characteristic, or an in-memory pipe
+ * all satisfy this, so the identical secure session runs over each.
+ */
+interface IDuplexCarrier {
+  /** Resolves once the carrier is open and ready to send; rejects if it closes/errors before opening. */
+  readonly ready: Promise<void>;
+  /** Whether the carrier is currently open (a synchronous guard before `send`). */
+  isOpen(): boolean;
+  /** Write one frame to the peer. */
+  send(frame: TFrame$1): void;
   /**
-   * @internal
-   * Observers registered directly on this domain via {@link addActionListener}.
-   * Used to wire observers (e.g. devtools) onto RunningActions that aren't created
-   * through the local-dispatch path — notably inbound actions pushed from a backend
-   * or another client over a bidirectional transport.
+   * Register the carrier's handlers. Called exactly once by the session after `ready`. `onMessage`
+   * receives every inbound frame; `onClose` fires when the carrier goes away.
    */
-  _getActionObservers(): TRunningActionUpdateListener<any, any>[];
+  attach(handlers: {
+    onMessage: (frame: TFrame$1) => void;
+    onClose: () => void;
+    onError?: (error: unknown) => void;
+  }): void;
+  /** Close the carrier deliberately (a teardown). */
+  close(): void;
+  /** Optional human-readable endpoint for the devtools route chip. */
+  readonly label?: string;
 }
-//#endregion
-//#region src/ActionDefinition/Domain/ActionRootDomain.d.ts
-declare class ActionRootDomain<ROOT_DOM extends IActionRootDomain = IActionRootDomain> extends ActionDomainBase<ROOT_DOM> {
-  readonly domainDefinition: {
-    domain: ROOT_DOM["domain"];
-  };
-  private _actionRuntimeManager;
-  constructor(domainDefinition: {
-    domain: ROOT_DOM["domain"];
-  });
-  createChildDomain<SUB_DOM extends IActionDomainChildOptions>(subDomainDef: SUB_DOM & { [K in Exclude<keyof SUB_DOM, keyof IActionDomainChildOptions>]: never }): ActionDomain<TActionDomainChildDef<ROOT_DOM, SUB_DOM>>;
-  _registerRuntime(runtime: ActionRuntime): void;
-  _hasRuntime(runtime: ActionRuntime): boolean;
-  getRuntime(clientSpecifier: IRuntimeCoordinate): ActionRuntime | undefined;
-  _runAction<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string, ACT extends ActionPayload_Request<DOM, ID> = ActionPayload_Request<DOM, ID>>(actionPayload: ACT, options?: IExecuteActionOptions<DOM, ID>): Promise<RunningAction<DOM, ID>>;
+/**
+ * A request → single-correlated-reply carrier with no unsolicited push (HTTP). One `exchange` sends a
+ * frame and resolves with exactly the one reply frame for it; the carrier itself correlates them (the
+ * HTTP transaction), so no correlation id is needed on the wire.
+ */
+interface IExchangeCarrier {
+  /** Send one frame, await the single correlated reply frame. */
+  exchange(frame: TFrame$1, opts?: {
+    signal?: AbortSignal;
+  }): Promise<TFrame$1>;
+  /** Optional human-readable endpoint for the devtools route chip. */
+  readonly label?: string;
 }
-//#endregion
-//#region src/ActionDefinition/Domain/ActionDomain.d.ts
-type TActionMap<ACT_DOM extends IActionDomain> = { [K in keyof ACT_DOM["actionSchema"] & string]: ActionCore<ACT_DOM, K> };
-declare class ActionDomain<ACT_DOM extends IActionDomain = IActionDomain> extends ActionDomainBase<ACT_DOM> {
-  private _rootDomain;
-  private readonly _actionMap;
-  constructor(definition: ACT_DOM, {
-    rootDomain
-  }: {
-    rootDomain: ActionRootDomain<any>;
-  });
-  get rootDomain(): ActionRootDomain<any>;
-  /**
-   * @internal
-   * All action observers that should see actions on this domain: the root domain's
-   * observers plus this subdomain's own. Mirrors the listener set the local-dispatch
-   * path assembles in `runAction`/`_runAction`, so inbound actions (pushed from a
-   * backend or another client) can be wired up identically and surface in devtools.
-   */
-  _collectActionObservers(): TRunningActionUpdateListener<any, any>[];
-  _registerRuntime(runtime: ActionRuntime): void;
-  createChildDomain<SUB_DOM extends IActionDomainChildOptions>(subDomainDef: SUB_DOM & { [K in Exclude<keyof SUB_DOM, keyof IActionDomainChildOptions>]: never }): ActionDomain<TActionDomainChildDef<ACT_DOM, SUB_DOM>>;
-  get action(): TActionMap<ACT_DOM>;
-  actionsMap(): TActionMap<ACT_DOM>;
-  actionForId<ID extends keyof ACT_DOM["actionSchema"] & string>(id: ID): ActionCore<ACT_DOM, ID>;
-  wrapAsPartialLocalHandler(wrappedActionExecutor: Partial<TWrappableDomainActionHandler<ACT_DOM>>): ActionLocalHandler;
-  wrapAsLocalHandler(wrappedActionExecutor: TWrappableDomainActionHandler<ACT_DOM>): ActionLocalHandler;
-  hydrateContext<ID extends keyof ACT_DOM["actionSchema"] & string>(id: ID, contextData: IActionContext_Data_JsonObject): ActionContext<ACT_DOM, ID>;
-  isDomainAction<ACT extends IActionBase<any, ACT_DOM, any>>(action: ACT | unknown | null | undefined): action is TDistributedDomainActions<ACT_DOM, ACT>;
-  hydrateRequestPayload<ID extends keyof ACT_DOM["actionSchema"] & string, P extends IActionPayload_Request_JsonObject<ACT_DOM, ID>>(serialized: P): TDistributeActionPayload_Request<ACT_DOM, ID>;
-  hydrateResultPayload<ID extends keyof ACT_DOM["actionSchema"] & string, R extends IActionPayload_Result_JsonObject<ACT_DOM, ID>>(serialized: R): TDistributeActionPayload_Result<ACT_DOM, ID>;
-  hydrateAnyAction<ID extends keyof ACT_DOM["actionSchema"] & string, AJ extends TAction_Any_JsonObject<ACT_DOM, ID>>(actionJson: AJ): TNarrowActionJsonTypeToActionInstanceType<ACT_DOM, AJ, ID>;
-  runAction<ID extends keyof ACT_DOM["actionSchema"] & string, ACT extends ActionPayload_Request<ACT_DOM, ID>>(request: ACT, options?: IExecuteActionOptions<ACT_DOM, ID>): Promise<RunningAction<ACT_DOM, ID>>;
-  private createActionMap;
+type TCarrier = IDuplexCarrier | IExchangeCarrier;
+/**
+ * A reusable opener for a {@link IDuplexCarrier} plus the per-action metadata a duplex transport needs.
+ * Built by the small carrier factories (`wsCarrier`, `rtcCarrier`, `inMemoryCarrier`) and passed as a
+ * `carrier` to `connectChannel`'s transports (the internal `transport()` factory drives it) — so adding a
+ * new carrier is "write one of these", nothing else.
+ */
+interface IDuplexCarrierSource {
+  /** Open (or reuse) the carrier for an action. */
+  open: (input: ITransportRouteActionParams) => IDuplexCarrier;
+  /** Keys identifying a reusable carrier, so one carrier is shared across actions to the same peer. */
+  getCacheKey?: (input: ITransportRouteActionParams) => string[];
+  /** Devtools route info for an action routed over this carrier. */
+  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
+  /** Short carrier-kind label for the devtools chip (e.g. `"ws"`, `"webrtc"`, `"memory"`). */
+  readonly carrierLabel: string;
 }
-//#endregion
-//#region src/ActionDefinition/Action/Core/ActionCore.d.ts
-declare class ActionCore<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends ActionBase<EActionForm.core, DOM, ID> implements IActionCore<DOM, ID> {
-  readonly _domain: ActionDomain<DOM>;
-  readonly form = EActionForm.core;
-  constructor(_domain: ActionDomain<DOM>, id: ID);
-  is<ACT extends IActionBase<any, any, any>>(action: ACT | unknown | null | undefined): action is TNarrowActionType<DOM, ACT, ID>;
-  toJsonObject(): IActionBase_JsonObject<EActionForm.core, DOM, ID>;
-  request(...args: [TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"]] extends [never] ? [input?: never] : [input: TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"]]): ActionPayload_Request<DOM, ID>;
-  deserializeInput(serialized: TInferInputFromSchema<DOM["actionSchema"][ID]>["SerdeInput"]): TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"];
-  serializeInput(raw: TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"]): TInferInputFromSchema<DOM["actionSchema"][ID]>["SerdeInput"];
-  validateInput(input: unknown): TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"];
-  validateOutput(output: unknown): TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"];
+/**
+ * The exchange-shape counterpart to {@link IDuplexCarrierSource}: a reusable opener for an
+ * {@link IExchangeCarrier} plus the per-action metadata an exchange transport needs. Built by
+ * `httpCarrier` and passed as a `carrier` to `connectChannel`'s transports — adding a new request/reply
+ * protocol is "write one of these". The `shape` tag lets the internal `transport()` factory pick the
+ * duplex vs exchange transport.
+ */
+interface IExchangeCarrierSource {
+  /** Discriminant so a generic factory can tell an exchange source from a duplex one. */
+  readonly shape: "exchange";
+  /** Open (or reuse) the carrier for an action. */
+  open: (input: ITransportRouteActionParams) => IExchangeCarrier;
+  /** Keys identifying a reusable carrier, so one carrier is shared across actions to the same peer. */
+  getCacheKey?: (input: ITransportRouteActionParams) => string[];
+  /** Devtools route info for an action routed over this carrier. */
+  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
+  /** Short carrier-kind label for the devtools chip (e.g. `"http"`). */
+  readonly carrierLabel: string;
 }
 //#endregion
-//#region src/ActionDefinition/Domain/helpers/createRootActionDomain.d.ts
-declare const createActionRootDomain: <ID extends string>(definition: {
-  domain: ID;
-}) => ActionRootDomain<IActionRootDomain<ID>>;
-//#endregion
 //#region src/ActionRuntime/Transport/codec/actionWireCodec.d.ts
 /**
  * Shared building blocks for the binary action codecs (the stateless {@link createBinaryWireAdapter} and
@@ -1441,507 +1314,145 @@ interface IActionWireFormat {
   incoming?: (input: string | ArrayBuffer | Uint8Array | Blob) => TActionPayload_Any_JsonObject<any, any> | undefined;
 }
 //#endregion
-//#region src/ActionRuntime/Handler/PeerLink/Acceptor/AcceptorHandler.d.ts
-/** The codec shape `AcceptorHandler` uses to pack/unpack frames — same as the Link transport's. */
-type TActionChannelFormatMessage = IActionWireFormat;
-/** How a connection encodes its frames, remembered so we answer each client in its own dialect. */
-type TActionConnectionEncoding = "json" | "binary";
-/** A connection's restorable identity — what to persist so a binding survives transport eviction. */
-interface IAcceptorConnectionBinding {
-  /** Full client coordinate, so `originClient` can be re-injected into frames that omit it. */
-  client: IRuntimeCoordinate;
-  encoding: TActionConnectionEncoding;
-  /**
-   * Secure-session state (set once a connection's handshake completes). Persist it alongside the
-   * binding so an authenticated/encrypted connection resumes after eviction without re-handshaking —
-   * the `keyMaterial` lets the server re-derive the shared key from its own persisted identity.
-   */
-  secure?: {
-    securityLevel: ESecurityLevel;
-    linkedClientId: TTypeAndId;
-    keyMaterial?: IHandshakeEncryptionKeyMaterial;
-  };
+//#region src/ActionRuntime/Transport/codec/createBinaryWireSessionFactory.d.ts
+type TFormatMessage = IActionWireFormat;
+interface IBinaryWireSessionOptions {
+  /** Override how long an unresolved correlation is retained before being swept (ms). */
+  correlationTtlMs?: number;
 }
 /**
- * Server-side secure-channel config. When set, each connection negotiates a level from
- * {@link securityLevel}: an `authenticated`/`encrypted` client must complete the handshake (and is then
- * bound to its *authenticated* coordinate) before any action frame is accepted. A `none` client (only
- * when `none` is in the allowed set) is accepted as-is with a self-asserted identity. For the
- * `encrypted` level the codec source should be a session factory (`createFormatMessage`).
- */
-interface IAcceptorSecurity {
-  /**
-   * Accepted level(s). A single level is strict; an array is a negotiable allowed set — the server
-   * adopts whichever level each client requests (e.g. `[none, authenticated, encrypted]` serves all
-   * three over one endpoint).
-   */
-  securityLevel: ESecurityLevel | readonly ESecurityLevel[];
-  /** This server's crypto identity (verify + exchange key pairs, optionally persisted). */
-  link: ClientCryptoKeyLink;
-  /** This server's coordinate — its identity to clients during the handshake. */
-  localCoordinate: IRuntimeCoordinate;
-  /** Wire dictionary version; the handshake rejects a client on a mismatch. */
-  dictionaryVersion: string;
-  /** Trust decision for a client's verify key (defaults to in-memory TOFU inside the handshake). */
-  verifyKeyResolver?: IClientVerifyKeyResolver;
-}
-interface IAcceptorHandlerBaseOptions<TConn> {
-  /**
-   * Coordinate of the *connecting clients* (typically env-only, e.g. `RuntimeCoordinate.env("web_app")`).
-   * The runtime's return-path dispatch scores incoming actions' `originClient` against this to pick
-   * this handler for sending results/pushes back over the right channel.
-   */
-  clientEnv: RuntimeCoordinate;
-  /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
-  send: (connection: TConn, frame: string | Uint8Array | ArrayBuffer) => void;
-  /**
-   * The runtime this handler belongs to. When set, {@link AcceptorHandler.broadcast} can be called
-   * without threading a runtime through each call. Optional — `pushToClient` still takes one explicitly.
-   */
-  runtime?: ActionRuntime;
-  /** Timeout (ms) applied to server-initiated actions awaiting a client response. */
-  defaultTimeout?: number;
+ * Builds a factory of *stateful, per-connection* codecs for {@link LinkTransport} /
+ * `AcceptorHandler` — the maximally compact binary wire. Call the returned factory once per live
+ * connection (each socket on the client, each accepted connection on the server) so every channel
+ * gets its own correlation + identity state.
+ *
+ * On top of everything {@link createBinaryWireAdapter} drops, a session also drops:
+ * - **`cuid`** — replaced by a per-connection integer correlation id. The initiator maps it to its
+ *   real cuid; the responder echoes it; each side reconstructs the cuid from its own map. Correlation
+ *   only needs to be unique per socket, so a counter suffices.
+ * - **`originClient` after the first request** — the first request each side sends carries its
+ *   identity; the peer remembers it and injects it into later frames. Replies omit it entirely (a
+ *   reply carries the initiator's own origin, which the initiator already knows).
+ *
+ * Both ends MUST build the factory from the same domains in the same order (positional dictionary).
+ * Text frames still return `undefined` from `incoming`, so JSON clients remain interoperable.
+ *
+ * Hibernation note: after a server connection is evicted its session resets, so a still-connected
+ * client (whose session persists) will keep omitting `originClient`. The server must therefore restore
+ * the connection→client binding from its own store (see `AcceptorHandler.rehydrateConnection`) and
+ * inject `originClient` from there — the session alone can't recover it.
+ */
+declare function createBinaryWireSessionFactory(domains: ActionDomain<any>[], options?: IBinaryWireSessionOptions): () => TFormatMessage;
+//#endregion
+//#region src/ActionRuntime/Channel/ActionChannel.d.ts
+/**
+ * A transport-agnostic routing contract between two runtimes, declared *by role* rather than by
+ * "client"/"server". The two ends are named for the only asymmetry that survives every carrier (WS,
+ * WebRTC, BLE, raw TCP): which side dials and which side accepts.
+ *
+ * - The **connector** dials out and opens the link ({@link connectChannel}).
+ * - The **acceptor** accepts incoming links and can push back ({@link acceptChannelConnections}).
+ *
+ * `toAcceptor` domains flow connector→acceptor (the classic "request"); `toConnector` domains flow
+ * acceptor→connector (the classic "push"). Both ends derive their routing from the same channel instead
+ * of restating domain lists — and because the contract is independent of how bytes move, the very same
+ * channel can be carried over HTTP, secure WebSockets, or a mix (WS preferred, HTTP fallback).
+ *
+ * Beyond the routing, a channel also carries its *wire identity* — the per-connection binary codec both
+ * ends build from the same domain list, plus the `dictionaryVersion` the handshake checks for drift.
+ * Whether a given transport runs encrypted is a per-transport choice (see {@link IConnectTransport.secure}
+ * and the acceptor's `securityLevel`), not a property of the channel — so one `defineChannel` definition
+ * serves both plain and secure transports.
+ */
+interface IActionChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[]> {
   /**
-   * Called once when a connection is first bound to a client identity. Use it to persist the binding
-   * for transports that can resume after eviction — e.g. a Durable Object's hibernatable WebSocket:
-   * `(ws, binding) => ws.serializeAttachment(binding)` — then replay it via {@link AcceptorHandler.rehydrateConnection}
-   * when the channel comes back.
+   * Domains the connector *sends to the acceptor* (connector→acceptor requests). The connector forwards
+   * them over its transport(s); the acceptor executes them.
    */
-  onConnectionBound?: (connection: TConn, binding: IAcceptorConnectionBinding) => void;
+  toAcceptorDomains: TO_ACCEPTOR;
   /**
-   * Enable the authenticated (optionally encrypted) handshake. When omitted, connections are trusted
-   * as-is (identity self-asserted) — fine for dev / trusted networks.
+   * Domains the acceptor *pushes to the connector* (acceptor→connector). The connector registers local
+   * handlers for them ({@link connectChannel}'s `onPush`); the acceptor broadcasts them. Pushes need a
+   * bidirectional transport (e.g. a WebSocket) — over a request-only transport like HTTP they simply
+   * never flow.
    */
-  security?: IAcceptorSecurity;
+  toConnectorDomains: TO_CONNECTOR;
+  /** Wire dictionary version — derived from the domains by default; the handshake rejects a mismatch. */
+  dictionaryVersion: string;
+  /** Per-connection session codec factory (call once per live connection). */
+  createCodec: () => IActionWireFormat;
 }
 /**
- * Provide exactly one codec source:
- * - `formatMessage` — a single shared codec for every connection (stateless, e.g. `createBinaryWireAdapter`).
- * - `createFormatMessage` — a per-connection factory for stateful codecs (e.g.
- *   `createBinaryWireSessionFactory`, whose sessions hold correlation + identity state). Required for the
- *   leanest binary wire; the handler creates and caches one codec per connection.
- */
-type IAcceptorHandlerOptions<TConn> = IAcceptorHandlerBaseOptions<TConn> & ({
-  formatMessage: TActionChannelFormatMessage;
-  createFormatMessage?: never;
-} | {
-  createFormatMessage: () => TActionChannelFormatMessage;
-  formatMessage?: never;
-});
-/**
- * A connection-aware execution case (see {@link AcceptorHandler.forConnectionDomainCases}). It receives
- * the primed request plus a per-invocation `context` — whatever the wiring's context mapper produces from
- * the originating connection. The low-level handler passes the raw connection (`TConn | undefined`); the
- * higher-level `serveChannel` enriches it into an `IConnectionContext` (state + broadcast + pushBack). A
- * case may return the action's raw output, a result payload, or nothing (auto-wrapped as an empty
- * success) — exactly like a local handler case.
+ * Declare a transport-agnostic channel by role — the single source of truth both peers share. Each end
+ * MUST call this with the same domains in the same order (the binary wire dictionary is positional); the
+ * `dictionaryVersion` is derived from those domains unless you pin an explicit one. The wire dictionary
+ * spans `[...toAcceptor, ...toConnector]` in that order, so add new domains to the end of their list to
+ * keep older peers compatible.
+ *
+ * Declare the domains *by role* — `toAcceptor` (connector→acceptor requests) and `toConnector`
+ * (acceptor→connector pushes) — so the routing for both ends is derived from the channel (see
+ * {@link connectChannel} and {@link serveChannel}) instead of being restated at each end. Security is a
+ * per-transport concern, not a channel one, so this same definition is used whether a transport runs
+ * plain or encrypted.
  */
-type TAcceptorCaseFn<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string, TCtx> = (action: TDistributeActionPayload_Request<DOM, ID>, context: TCtx) => ReturnType<THandleActionExecutionFn<DOM, ID>> | void;
+declare function defineChannel<const TO_ACCEPTOR extends readonly ActionDomain<any>[] = [], const TO_CONNECTOR extends readonly ActionDomain<any>[] = []>(options: {
+  /** Domains the connector sends to the acceptor (connector→acceptor requests), in a stable order. */toAcceptor: TO_ACCEPTOR; /** Domains the acceptor pushes to the connector (acceptor→connector), in a stable order. */
+  toConnector: TO_CONNECTOR; /** Pin a human-readable version instead of the derived hash (must match on both ends). */
+  dictionaryVersion?: string; /** Tuning for the per-connection binary session (e.g. correlation TTL). */
+  sessionOptions?: IBinaryWireSessionOptions;
+}): IActionChannel<TO_ACCEPTOR, TO_CONNECTOR>;
+type TUnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends ((k: infer I) => void) ? I : never;
+type TDomainPushHandlers<D> = D extends ActionDomain<infer DEF> ? Partial<TWrappableDomainActionHandler<DEF>> : never;
 /**
- * The connection-aware case the bare {@link AcceptorHandler} serves: its `context` is the originating
- * client's live connection (resolved from the request's `originClient`, `undefined` if the socket is
- * gone). It's {@link TAcceptorCaseFn} fixed to `TConn | undefined` — the un-enriched shape used by
- * {@link AcceptorHandler.forConnectionDomainCases} and `acceptChannelConnections`.
+ * The `onPush` map for a channel: the merged set of every acceptor→connector (`toConnector`) action
+ * handler, each receiving the pushed action's input. Derived from the channel's `toConnectorDomains`, so
+ * the keys and input types follow the channel definition.
  */
-type TAcceptorConnectionCaseFn<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string, TConn> = TAcceptorCaseFn<DOM, ID, TConn | undefined>;
+type TChannelPushHandlers<TO_CONNECTOR extends readonly ActionDomain<any>[]> = TUnionToIntersection<TDomainPushHandlers<TO_CONNECTOR[number]>>;
 /**
- * Server-side handler for backends that accept many client connections over a single open channel
- * (WebSockets, Durable Objects, …). It is transport-agnostic: you feed it inbound frames with
- * {@link receive} and tell it how to write outbound frames via the `send` option.
- *
- * Add it alongside your local execution handler:
- * ```ts
- * const serverHandler = createAcceptorHandler({ clientEnv, formatMessage, send: (ws, f) => ws.send(f) });
- * runtime.addHandlers([localHandler, serverHandler]);
- * // per inbound message (e.g. a Durable Object's webSocketMessage):
- * serverHandler.receive(ws, message);
- * ```
- *
- * Inbound requests route to your local handler; the runtime's return dispatch then calls this
- * handler back (it is an external handler keyed to `clientEnv`) to send the result to the originating
- * connection. The handler keeps a per-connection identity registry so each result lands on the right
- * socket, and remembers each connection's encoding so binary and JSON clients can share the channel.
+ * One transport to the peer, declared by *carrier* — the dial-out dual of `serveChannel`'s acceptor
+ * carriers. {@link connectChannel} binds the shared facts (channel codec/version, runtime, crypto
+ * identity) into each one, so a descriptor only carries what differs between transports: the carrier and
+ * whether it runs the secure handshake.
  *
- * It registers an empty action router, so it is never chosen to *execute* an inbound request — only
- * to ferry results/pushes back out.
+ * A duplex carrier (`wsCarrier(() => ({ url }))`, `rtcCarrier(dc)`) builds a push-capable link; an exchange carrier
+ * (`httpCarrier(...)`) builds a request/reply transport. List them in preference order — the connection
+ * prefers the first that's ready and falls through on failure (e.g. secure WS preferred, HTTP fallback).
  */
-declare class AcceptorHandler<TConn = unknown> extends PeerLinkHandler {
-  /** Accept-in over a live (duplex) connection registry — it pushes results/broadcasts to bound sockets. */
-  readonly canPush = true;
-  private readonly _formatMessage?;
-  private readonly _createFormatMessage?;
-  private readonly _send;
-  private readonly _runtime?;
-  private readonly _serverTimeout;
-  private _onConnectionBound?;
-  private readonly _security?;
-  /** Normalized accepted levels; whether `none` (plain) is allowed; whether any level needs a handshake. */
-  private readonly _allowedLevels;
-  private readonly _noneAllowed;
-  private readonly _handshakeMode;
-  private readonly _connByClient;
-  private readonly _clientByConn;
-  private readonly _connEncoding;
-  private readonly _codecByConn;
-  private readonly _sessionByConn;
-  constructor(options: IAcceptorHandlerOptions<TConn>);
-  /**
-   * The codec for a connection: a per-connection session (cached) when a factory was provided, else
-   * the single shared `formatMessage`.
-   */
-  private _codecFor;
-  /**
-   * Register (or replace) the connection-bound persistence callback after construction. Used by
-   * lifecycle helpers like {@link createHibernatableWsServerAdapter} so persistence and replay are
-   * owned by one place instead of being split across the constructor options.
-   */
-  setOnConnectionBound(onConnectionBound: (connection: TConn, binding: IAcceptorConnectionBinding) => void): void;
-  /**
-   * Feed one inbound frame from a connection into the runtime. Decodes text or binary, binds the
-   * connection to the requesting client's identity, then routes it (requests execute locally;
-   * results/progress resolve pending server-initiated actions).
-   */
-  receive(connection: TConn, frame: string | ArrayBuffer | Uint8Array): void;
-  private _receivePlain;
-  /**
-   * The secure session for a connection (built lazily on its first secure-mode frame), with the
-   * handler-owned effects — raw send, identity binding + persistence, and inbound routing — wired in as
-   * callbacks. The session owns all crypto/handshake/chain state; the handler keeps only the registry.
-   */
-  private _sessionFor;
-  /** Bind + persist a connection's authenticated identity once its handshake completes. */
-  private _onConnectionAuthenticated;
-  /** Decode a decrypted authenticated frame, inject the *authenticated* identity, and route it. */
-  private _routeAuthedActionBytes;
+interface IConnectTransport {
+  /** How to reach the peer — a duplex carrier (push-capable) or an exchange carrier (request/reply). */
+  carrier: IDuplexCarrierSource | IExchangeCarrierSource;
   /**
-   * Ensure an inbound request carries the client's identity and that this connection is bound to it,
-   * so its result can be routed back. A session codec omits `originClient` after the first request, so
-   * when it's missing we restore it from the (possibly rehydrated) binding instead. (Plain mode only;
-   * secure mode binds the authenticated coordinate at handshake time.)
+   * Run the authenticated/encrypted handshake over this carrier. Defaults to `true`. A secure transport
+   * draws its identity from the connection's shared `link`/`storage`; set `false` for a plain transport
+   * (e.g. a bare HTTP fallback beside a secure WS), which then needs no `storage`.
    */
-  private _resolveRequestIdentity;
+  secure?: boolean;
+  /** Security level for this secure transport; defaults to the connection-level `securityLevel`. */
+  securityLevel?: ESecurityLevel;
   /**
-   * Restore a connection→client binding without an inbound frame — for transports that resume after
-   * eviction. Pair it with the {@link IAcceptorHandlerOptions.onConnectionBound} hook: persist
-   * the binding there, then replay each live connection here when the channel comes back (e.g. a
-   * Durable Object iterating `ctx.getWebSockets()` as it wakes from hibernation).
+   * Optional availability gate — when it returns `false` this transport is skipped and the connection
+   * falls through to the next in preference order, re-evaluated per dispatch. Omit = always available.
    */
-  rehydrateConnection(connection: TConn, binding: IAcceptorConnectionBinding): void;
-  toJsonObject(): IActionHandler_Peer_Json;
-  toHandlerRouteItem(): IActionRouteItemHandler;
-  /** Forget a connection (call on socket close) so stale entries don't misroute later results. */
-  dropConnection(connection: TConn): void;
-  /** Live connection for a client coordinate, if currently registered. */
-  getConnectionForClient(client: RuntimeCoordinate): TConn | undefined;
-  /** This acceptor owns the origin's return path when it currently holds a live connection bound to it. */
-  ownsLiveConnectionFor(origin: RuntimeCoordinate): boolean;
-  /** Whether this acceptor currently tracks `connection` — used to pick the owning handler among several. */
-  hasConnection(connection: TConn): boolean;
+  available?: (input: ITransportRouteActionParams) => boolean;
+  /** Override the devtools chip label (defaults to the carrier's own label). */
+  label?: string;
+}
+interface IConnectChannelOptions<TO_CONNECTOR extends readonly ActionDomain<any>[]> {
+  /** The peer's runtime coordinate — the acceptor this connection dials. */
+  peer: RuntimeCoordinate;
   /**
-   * Send (and optionally await) a server-initiated action to a specific connected client. Pass the
-   * connection token directly (e.g. the `ws`) or a client `RuntimeCoordinate` to look one up.
+   * The transports to the peer, by carrier, in preference order (e.g. secure WS preferred, HTTP fallback).
+   * They all carry the channel's `toAcceptor` domains; the connection prefers the first that's ready and
+   * falls through on failure. {@link connectChannel} binds the channel + runtime + crypto identity into
+   * each — the dial-out dual of `serveChannel`'s `carriers`.
    */
-  pushToClient<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(runtime: ActionRuntime, target: TConn | RuntimeCoordinate, request: ActionPayload_Request<DOM, ID>, options?: {
-    timeout?: number;
-  }): RunningAction<DOM, ID>;
+  transports: readonly IConnectTransport[];
   /**
-   * Build a local handler whose cases are connection-aware: each case receives the primed request and
-   * the originating client's live connection (resolved from `originClient`), so handlers don't repeat
-   * the `getConnectionForClient(action.context.originClient)` lookup. Cases may return raw output or
-   * nothing, just like {@link ActionLocalHandler.forDomainActionCases}. Add the returned handler to the
-   * runtime alongside this server handler:
-   * ```ts
-   * runtime.addHandlers([serverHandler.forConnectionDomainCases(domain, { … }), serverHandler]);
-   * ```
-   */
-  forConnectionDomainCases<FOR_DOM extends IActionDomain>(domain: ActionDomain<FOR_DOM>, cases: { [ID in keyof FOR_DOM["actionSchema"] & string]?: TAcceptorConnectionCaseFn<FOR_DOM, ID, TConn> }): ActionLocalHandler;
-  /**
-   * Like {@link forConnectionDomainCases} but spanning several domains with one merged case map — used
-   * by channel-derived wiring (`acceptChannelConnections` / `serveChannel`) where the channel's
-   * `toAcceptor` domains are served together. Each domain takes only the cases whose ids it owns, so a
-   * single map can cover several domains and unrelated ids are ignored.
-   *
-   * `mapContext` turns the resolved connection into whatever the case's second argument should be: the
-   * raw connection for the low-level helper, or an enriched `IConnectionContext` for `serveChannel`. It's
-   * called once per inbound action, after the originating connection is resolved.
-   */
-  forConnectionDomainCasesMulti<TCtx>(domains: readonly ActionDomain<any>[], cases: Record<string, TAcceptorCaseFn<any, any, TCtx> | undefined>, mapContext: (connection: TConn | undefined, request: ActionPayload_Request<any, any>) => TCtx): ActionLocalHandler;
-  /**
-   * Fan a server-initiated request out to every currently-bound connection. A fresh request is built
-   * per connection (each push mutates its own action context) and dispatched fire-and-forget. Pass
-   * `except` to skip the originating socket and `where` to filter by connection (e.g. read its
-   * attachment for a role). Iterating bound connections (rather than every accepted socket) skips
-   * sockets that are still mid-handshake and so can't yet receive a frame.
-   */
-  broadcast<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(makeRequest: () => ActionPayload_Request<DOM, ID>, options?: {
-    runtime?: ActionRuntime;
-    except?: TConn | null;
-    where?: (connection: TConn) => boolean;
-    timeout?: number;
-    onError?: (error: unknown, connection: TConn) => void;
-  }): void;
-  sendReturnPayload(payload: TActionPayload_Any_Instance<any, any>, config: {
-    targetLocalRuntime: ActionRuntime;
-  }): Promise<boolean>;
-  handleActionRequest<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: ActionPayload_Request<DOM, ID>, config?: IHandleActionOptions): Promise<RunningAction<DOM, ID>>;
-  private _dispatch;
-  private _sendPayload;
-  private _bindConnection;
-  private _resolveConnection;
-  private _resolveSingleConnection;
-}
-declare const createAcceptorHandler: <TConn = unknown>(options: IAcceptorHandlerOptions<TConn>) => AcceptorHandler<TConn>;
-//#endregion
-//#region src/ActionRuntime/Transport/Carrier/Carrier.types.d.ts
-/**
- * Carrier shapes — the only transport-specific surface a new protocol must implement. The secure
- * session (handshake + frame crypto + codec) and the action routing on top of it are carrier-agnostic;
- * a carrier just moves frames. Two shapes capture every carrier:
- *
- * - {@link IDuplexCarrier} — a persistent, push-capable byte stream (WebSocket, WebRTC `RTCDataChannel`,
- *   Bluetooth GATT, an in-memory pipe). Either side can send at any time, so it supports server→client
- *   pushes (the return path + broadcast).
- * - {@link IExchangeCarrier} — a request → single-correlated-reply carrier with no unsolicited push
- *   (HTTP, and anything request/response-shaped). The reply rides the response to its own request.
- *
- * Frames are `string` (text — handshake control messages and JSON action frames) or binary
- * (`Uint8Array`/`ArrayBuffer` — the optimized binary wire / encrypted frames).
- */
-type TFrame$1 = string | Uint8Array | ArrayBuffer;
-/**
- * A bidirectional, push-capable byte stream. Reduces every duplex carrier to "open, send bytes, receive
- * bytes, close" — a WebSocket, a WebRTC data channel, a Bluetooth characteristic, or an in-memory pipe
- * all satisfy this, so the identical secure session runs over each.
- */
-interface IDuplexCarrier {
-  /** Resolves once the carrier is open and ready to send; rejects if it closes/errors before opening. */
-  readonly ready: Promise<void>;
-  /** Whether the carrier is currently open (a synchronous guard before `send`). */
-  isOpen(): boolean;
-  /** Write one frame to the peer. */
-  send(frame: TFrame$1): void;
-  /**
-   * Register the carrier's handlers. Called exactly once by the session after `ready`. `onMessage`
-   * receives every inbound frame; `onClose` fires when the carrier goes away.
-   */
-  attach(handlers: {
-    onMessage: (frame: TFrame$1) => void;
-    onClose: () => void;
-    onError?: (error: unknown) => void;
-  }): void;
-  /** Close the carrier deliberately (a teardown). */
-  close(): void;
-  /** Optional human-readable endpoint for the devtools route chip. */
-  readonly label?: string;
-}
-/**
- * A request → single-correlated-reply carrier with no unsolicited push (HTTP). One `exchange` sends a
- * frame and resolves with exactly the one reply frame for it; the carrier itself correlates them (the
- * HTTP transaction), so no correlation id is needed on the wire.
- */
-interface IExchangeCarrier {
-  /** Send one frame, await the single correlated reply frame. */
-  exchange(frame: TFrame$1, opts?: {
-    signal?: AbortSignal;
-  }): Promise<TFrame$1>;
-  /** Optional human-readable endpoint for the devtools route chip. */
-  readonly label?: string;
-}
-type TCarrier = IDuplexCarrier | IExchangeCarrier;
-/**
- * A reusable opener for a {@link IDuplexCarrier} plus the per-action metadata a duplex transport needs.
- * Built by the small carrier factories (`wsCarrier`, `rtcCarrier`, `inMemoryCarrier`) and handed to
- * {@link secureTransport} / `LinkTransport` — so adding a new carrier is "write one of these", nothing
- * else.
- */
-interface IDuplexCarrierSource {
-  /** Open (or reuse) the carrier for an action. */
-  open: (input: ITransportRouteActionParams) => IDuplexCarrier;
-  /** Keys identifying a reusable carrier, so one carrier is shared across actions to the same peer. */
-  getCacheKey?: (input: ITransportRouteActionParams) => string[];
-  /** Devtools route info for an action routed over this carrier. */
-  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
-  /** Short carrier-kind label for the devtools chip (e.g. `"ws"`, `"webrtc"`, `"memory"`). */
-  readonly carrierLabel: string;
-}
-/**
- * The exchange-shape counterpart to {@link IDuplexCarrierSource}: a reusable opener for an
- * {@link IExchangeCarrier} plus the per-action metadata an exchange transport needs. Built by
- * `httpCarrier` and handed to {@link secureTransport} — adding a new request/reply protocol is "write
- * one of these". The `shape` tag lets {@link secureTransport} pick the duplex vs exchange transport.
- */
-interface IExchangeCarrierSource {
-  /** Discriminant so a generic factory can tell an exchange source from a duplex one. */
-  readonly shape: "exchange";
-  /** Open (or reuse) the carrier for an action. */
-  open: (input: ITransportRouteActionParams) => IExchangeCarrier;
-  /** Keys identifying a reusable carrier, so one carrier is shared across actions to the same peer. */
-  getCacheKey?: (input: ITransportRouteActionParams) => string[];
-  /** Devtools route info for an action routed over this carrier. */
-  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
-  /** Short carrier-kind label for the devtools chip (e.g. `"http"`). */
-  readonly carrierLabel: string;
-}
-//#endregion
-//#region src/ActionRuntime/Transport/codec/createBinaryWireSessionFactory.d.ts
-type TFormatMessage = IActionWireFormat;
-interface IBinaryWireSessionOptions {
-  /** Override how long an unresolved correlation is retained before being swept (ms). */
-  correlationTtlMs?: number;
-}
-/**
- * Builds a factory of *stateful, per-connection* codecs for {@link LinkTransport} /
- * `AcceptorHandler` — the maximally compact binary wire. Call the returned factory once per live
- * connection (each socket on the client, each accepted connection on the server) so every channel
- * gets its own correlation + identity state.
- *
- * On top of everything {@link createBinaryWireAdapter} drops, a session also drops:
- * - **`cuid`** — replaced by a per-connection integer correlation id. The initiator maps it to its
- *   real cuid; the responder echoes it; each side reconstructs the cuid from its own map. Correlation
- *   only needs to be unique per socket, so a counter suffices.
- * - **`originClient` after the first request** — the first request each side sends carries its
- *   identity; the peer remembers it and injects it into later frames. Replies omit it entirely (a
- *   reply carries the initiator's own origin, which the initiator already knows).
- *
- * Both ends MUST build the factory from the same domains in the same order (positional dictionary).
- * Text frames still return `undefined` from `incoming`, so JSON clients remain interoperable.
- *
- * Hibernation note: after a server connection is evicted its session resets, so a still-connected
- * client (whose session persists) will keep omitting `originClient`. The server must therefore restore
- * the connection→client binding from its own store (see `AcceptorHandler.rehydrateConnection`) and
- * inject `originClient` from there — the session alone can't recover it.
- */
-declare function createBinaryWireSessionFactory(domains: ActionDomain<any>[], options?: IBinaryWireSessionOptions): () => TFormatMessage;
-//#endregion
-//#region src/ActionRuntime/Channel/secureChannel.d.ts
-/** The per-connection binary session codec — built once per socket from the channel's domains. */
-type TChannelCodec = IActionWireFormat;
-/**
- * The shared identity of a secure channel (carrier-agnostic — WS, WebRTC, HTTP, …): the wire
- * dictionary version both ends check during the handshake, plus the per-connection codec factory both
- * ends build from the *same* domain list. Define it once (typically in code shared by both peers) and
- * hand it to `secureTransport` on the connector and `serveChannel` (or the lower-level `acceptChannel` /
- * `createSecureAcceptorHandler`) on the acceptor, so the codec and version can never drift apart.
- */
-interface ISecureChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[]> extends IActionChannel<TO_ACCEPTOR, TO_CONNECTOR> {
-  /** Wire dictionary version — derived from the domains by default; the handshake rejects a mismatch. */
-  dictionaryVersion: string;
-  /** Per-connection session codec factory (call once per live connection). */
-  createCodec: () => TChannelCodec;
-}
-/**
- * Bundle a secure channel's shared identity from its transported domains. Both ends MUST call this
- * with the same domains in the same order (the binary wire dictionary is positional). The
- * `dictionaryVersion` is derived from those domains unless you pin an explicit one.
- *
- * Declare the domains *by role* — `toAcceptor` (connector→acceptor requests) and `toConnector`
- * (acceptor→connector pushes) — so the routing for both ends is derived from the channel (see
- * {@link connectChannel} and `acceptChannelConnections`) instead of being restated at each end. The
- * wire dictionary spans `[...toAcceptor, ...toConnector]` in that order; add new domains to the end of
- * their list to keep older peers compatible. (`domains` is still accepted as a legacy alias for
- * `toAcceptor`.)
- */
-declare function defineSecureChannel<const TO_ACCEPTOR extends readonly ActionDomain<any>[] = [], const TO_CONNECTOR extends readonly ActionDomain<any>[] = []>(options: {
-  /** Domains the connector sends to the acceptor (connector→acceptor requests), in a stable order. */toAcceptor: TO_ACCEPTOR; /** Domains the acceptor pushes to the connector (acceptor→connector), in a stable order. */
-  toConnector: TO_CONNECTOR; /** Pin a human-readable version instead of the derived hash (must match on both ends). */
-  dictionaryVersion?: string; /** Tuning for the per-connection binary session (e.g. correlation TTL). */
-  sessionOptions?: IBinaryWireSessionOptions;
-}): ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>;
-//#endregion
-//#region src/ActionRuntime/Channel/ActionChannel.d.ts
-/**
- * A transport-agnostic routing contract between two runtimes, declared *by role* rather than by
- * "client"/"server". The two ends are named for the only asymmetry that survives every carrier (WS,
- * WebRTC, BLE, raw TCP): which side dials and which side accepts.
- *
- * - The **connector** dials out and opens the link ({@link connectChannel}).
- * - The **acceptor** accepts incoming links and can push back ({@link acceptChannelConnections}).
- *
- * `toAcceptor` domains flow connector→acceptor (the classic "request"); `toConnector` domains flow
- * acceptor→connector (the classic "push"). Both ends derive their routing from the same channel instead
- * of restating domain lists — and because the contract is independent of how bytes move, the very same
- * channel can be carried over HTTP, secure WebSockets, or a mix (WS preferred, HTTP fallback).
- *
- * Build a plain one with {@link defineChannel}; layer wire-specific identity on top with
- * `defineSecureChannel` (which returns an `ISecureChannel` — still an `IActionChannel`, so it works
- * everywhere a channel is expected).
- */
-interface IActionChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[]> {
-  /**
-   * Domains the connector *sends to the acceptor* (connector→acceptor requests). The connector forwards
-   * them over its transport(s); the acceptor executes them.
-   */
-  toAcceptorDomains: TO_ACCEPTOR;
-  /**
-   * Domains the acceptor *pushes to the connector* (acceptor→connector). The connector registers local
-   * handlers for them ({@link connectChannel}'s `onPush`); the acceptor broadcasts them. Pushes need a
-   * bidirectional transport (e.g. a WebSocket) — over a request-only transport like HTTP they simply
-   * never flow.
-   */
-  toConnectorDomains: TO_CONNECTOR;
-}
-/**
- * Declare a transport-agnostic channel by role. Use it for HTTP, custom transports, or as the routing
- * half of a richer channel. The order of each list is part of the contract for wire formats that pack
- * positionally (see `defineSecureChannel`) — add new domains to the end of their list. (`domains` is
- * accepted as a legacy alias for `toAcceptor`.)
- */
-declare function defineChannel<const TO_ACCEPTOR extends readonly ActionDomain<any>[] = [], const TO_CONNECTOR extends readonly ActionDomain<any>[] = []>(options: {
-  toAcceptor: TO_ACCEPTOR;
-  toConnector: TO_CONNECTOR;
-}): IActionChannel<TO_ACCEPTOR, TO_CONNECTOR>;
-type TUnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends ((k: infer I) => void) ? I : never;
-type TDomainPushHandlers<D> = D extends ActionDomain<infer DEF> ? Partial<TWrappableDomainActionHandler<DEF>> : never;
-/**
- * The `onPush` map for a channel: the merged set of every acceptor→connector (`toConnector`) action
- * handler, each receiving the pushed action's input. Derived from the channel's `toConnectorDomains`, so
- * the keys and input types follow the channel definition.
- */
-type TChannelPushHandlers<TO_CONNECTOR extends readonly ActionDomain<any>[]> = TUnionToIntersection<TDomainPushHandlers<TO_CONNECTOR[number]>>;
-/**
- * One transport to the peer, declared by *carrier* — the dial-out dual of `serveChannel`'s acceptor
- * carriers. {@link connectChannel} binds the shared facts (channel codec/version, runtime, crypto
- * identity) into each one, so a descriptor only carries what differs between transports: the carrier and
- * whether it runs the secure handshake.
- *
- * A duplex carrier (`wsCarrier(() => ({ url }))`, `rtcCarrier(dc)`) builds a push-capable link; an exchange carrier
- * (`httpCarrier(...)`) builds a request/reply transport. List them in preference order — the connection
- * prefers the first that's ready and falls through on failure (e.g. secure WS preferred, HTTP fallback).
- */
-interface IConnectTransport {
-  /** How to reach the peer — a duplex carrier (push-capable) or an exchange carrier (request/reply). */
-  carrier: IDuplexCarrierSource | IExchangeCarrierSource;
-  /**
-   * Run the authenticated/encrypted handshake over this carrier. Defaults to `true`. A secure transport
-   * draws its identity from the connection's shared `link`/`storage`; set `false` for a plain transport
-   * (e.g. a bare HTTP fallback beside a secure WS), which then needs no `storage`.
-   */
-  secure?: boolean;
-  /** Security level for this secure transport; defaults to the connection-level `securityLevel`. */
-  securityLevel?: ESecurityLevel;
-  /**
-   * Optional availability gate — when it returns `false` this transport is skipped and the connection
-   * falls through to the next in preference order, re-evaluated per dispatch. Omit = always available.
-   */
-  available?: (input: ITransportRouteActionParams) => boolean;
-  /** Override the devtools chip label (defaults to the carrier's own label). */
-  label?: string;
-}
-interface IConnectChannelOptions<TO_CONNECTOR extends readonly ActionDomain<any>[]> {
-  /** The peer's runtime coordinate — the acceptor this connection dials. */
-  peer: RuntimeCoordinate;
-  /**
-   * The transports to the peer, by carrier, in preference order (e.g. secure WS preferred, HTTP fallback).
-   * They all carry the channel's `toAcceptor` domains; the connection prefers the first that's ready and
-   * falls through on failure. {@link connectChannel} binds the channel + runtime + crypto identity into
-   * each — the dial-out dual of `serveChannel`'s `carriers`.
-   */
-  transports: readonly IConnectTransport[];
-  /**
-   * One backing store for this connection's crypto identity, fanned across every *secure* transport so
-   * they present the same verify/exchange keys. Required when any transport is secure (the default); a
-   * fully-plain connection (every transport `secure: false`) may omit it. Pass `link` instead to share an
-   * existing identity.
+   * One backing store for this connection's crypto identity, fanned across every *secure* transport so
+   * they present the same verify/exchange keys. Required when any transport is secure (the default); a
+   * fully-plain connection (every transport `secure: false`) may omit it. Pass `link` instead to share an
+   * existing identity.
    */
   storage?: StorageAdapter;
   /** The connection's crypto identity. Defaults to a fresh {@link ClientCryptoKeyLink} over `storage`. */
@@ -1970,7 +1481,7 @@ interface IConnectChannelOptions<TO_CONNECTOR extends readonly ActionDomain<any>
  * ```
  * Returns the {@link ConnectorHandler} so the caller can later `clearTransportCache()` it.
  */
-declare function connectChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[]>(runtime: ActionRuntime, channel: ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IConnectChannelOptions<TO_CONNECTOR>): ConnectorHandler;
+declare function connectChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[]>(runtime: ActionRuntime, channel: IActionChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IConnectChannelOptions<TO_CONNECTOR>): ConnectorHandler;
 type TDomainAcceptorCases<D, TCtx> = D extends ActionDomain<infer DEF> ? { [ID in keyof DEF["actionSchema"] & string]?: TAcceptorCaseFn<DEF, ID, TCtx> } : never;
 /**
  * The connection-aware case map for a channel's acceptor side: the merged set of every
@@ -1995,44 +1506,33 @@ type TChannelAcceptorCases<TO_ACCEPTOR extends readonly ActionDomain<any>[], TCt
  * broadcast + pushBack context, serve the channel through `serveChannel`'s `channelCases` instead.
  */
 declare function acceptChannelConnections<TO_ACCEPTOR extends readonly ActionDomain<any>[], TConn>(serverHandler: AcceptorHandler<TConn>, channel: IActionChannel<TO_ACCEPTOR, any>, cases: TChannelAcceptorCases<TO_ACCEPTOR, TConn | undefined>): ActionLocalHandler;
-interface IAcceptChannelOptions<TConn> {
-  /**
-   * Coordinate of the *connecting clients* (typically env-only, e.g. `RuntimeCoordinate.env("web_app")`),
-   * used to score return-path dispatch back to the right connection.
-   */
-  clientEnv: RuntimeCoordinate;
-  /**
-   * One backing store for the acceptor's crypto identity *and* its trust-on-first-use verify-key pins
-   * (their keys don't collide). Back it with persistent storage so identity + pins survive eviction.
-   */
-  storageAdapter: StorageAdapter;
-  /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
-  send: (connection: TConn, frame: string | Uint8Array | ArrayBuffer) => void;
-  /**
-   * The acceptor's crypto identity. Defaults to a fresh `ClientCryptoKeyLink` over `storageAdapter`.
-   * Pass an existing link to share one identity across several acceptors on the same server (e.g. this
-   * WebSocket acceptor and a secure-HTTP `createActionFetchHandler`), so they present the same keys.
-   */
-  link?: ClientCryptoKeyLink;
-  /** Accepted level(s); defaults to negotiating any of none/authenticated/encrypted. */
-  securityLevel?: ESecurityLevel | readonly ESecurityLevel[];
-  /** Trust decision for a client's verify key; defaults to storage-backed TOFU over `storageAdapter`. */
-  verifyKeyResolver?: IClientVerifyKeyResolver;
-  /** Timeout (ms) applied to acceptor-initiated actions awaiting a client response. */
-  defaultTimeout?: number;
-}
+/**
+ * {@link acceptChannel}'s options — the secure-acceptor builder options minus the `channel` and `runtime`
+ * it already takes positionally. One option bag, shared with the underlying {@link createSecureAcceptorHandler}.
+ */
+type IAcceptChannelOptions<TConn> = Omit<ISecureAcceptorHandlerOptions<TConn>, "channel" | "runtime">;
 /**
  * Build the secure {@link AcceptorHandler} for a channel — the accept-in counterpart to
- * {@link connectChannel}. It folds in the same boilerplate as {@link createSecureAcceptorHandler} (the
- * `ClientCryptoKeyLink` + storage-backed TOFU resolver from one `storageAdapter`, the channel's codec +
+ * {@link connectChannel}. It folds in the boilerplate of {@link createSecureAcceptorHandler} (the
+ * `ClientCryptoKeyLink` + storage-backed TOFU resolver from one `storage`, the channel's codec +
  * dictionary version, the `security` block from the runtime coordinate) but takes the `(runtime, channel,
  * options)` shape of the channel family. Pair it with {@link acceptChannelConnections} for execution:
  * ```ts
- * const acceptor = acceptChannel(runtime, gameChannel, { clientEnv, storageAdapter, send });
+ * const acceptor = acceptChannel(runtime, gameChannel, { clientEnv, storage, send });
  * runtime.addHandlers([acceptChannelConnections(acceptor, gameChannel, { … }), acceptor]);
  * ```
  */
-declare function acceptChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[], TConn = unknown>(runtime: ActionRuntime, channel: ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IAcceptChannelOptions<TConn>): AcceptorHandler<TConn>;
+declare function acceptChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[], TConn = unknown>(runtime: ActionRuntime, channel: IActionChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IAcceptChannelOptions<TConn>): AcceptorHandler<TConn>;
+//#endregion
+//#region src/ActionRuntime/ActionRuntime.types.d.ts
+interface IRuntimeMeta {
+  assumed: boolean;
+  runtimeName: RuntimeName;
+}
+interface IActionRuntimeManagerContext {
+  domain?: string;
+}
+type TActionRuntimeHandler = ActionLocalHandler | PeerLinkHandler;
 //#endregion
 //#region src/ActionRuntime/Handler/PeerLink/Acceptor/Hibernation/ConnectionStateStore.d.ts
 /**
@@ -2251,8 +1751,8 @@ interface IDuplexAcceptorCarrier<TConn = unknown> extends IDuplexCarrierLifecycl
  * default it speaks the *secure* exchange protocol (handshake → token session → encrypted frames), whose
  * identity is supplied centrally by `serveChannel`. Set {@link secure} to `false` for a plain endpoint
  * that POSTs the raw action wire and returns the result inline — the request/reply dual of the connector's
- * `plainTransport({ carrier: httpCarrier(...) })`. So a server can pair a secure duplex (WebSocket) with a
- * plain HTTP fallback on the same runtime. Built by `httpAcceptorCarrier`.
+ * plain HTTP transport (`{ carrier: httpCarrier(...), secure: false }`). So a server can pair a secure
+ * duplex (WebSocket) with a plain HTTP fallback on the same runtime. Built by `httpAcceptorCarrier`.
  */
 interface IExchangeAcceptorCarrier {
   /** Discriminant so `serveChannel` can tell an exchange carrier from a duplex one. */
@@ -2465,12 +1965,12 @@ interface IChannelServer<TConn, TApp = unknown> {
  * carrier, and so on — so it stays carrier-agnostic. Passing `connectionState` narrows the return so
  * `server.connections` is non-optional.
  */
-declare function serveChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[], TConn, TApp>(runtime: ActionRuntime, channel: ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IServeChannelOptions<TO_ACCEPTOR, TConn, TApp> & {
+declare function serveChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[], TConn, TApp>(runtime: ActionRuntime, channel: IActionChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IServeChannelOptions<TO_ACCEPTOR, TConn, TApp> & {
   connectionState: IServeConnectionStateOptions<TApp>;
 }): IChannelServer<TConn, TApp> & {
   connections: ConnectionStateStore<TConn, TApp>;
 };
-declare function serveChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TConn = unknown, TApp = unknown>(runtime: ActionRuntime, channel: ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IServeChannelOptions<TO_ACCEPTOR, TConn, TApp>): IChannelServer<TConn, TApp>;
+declare function serveChannel<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TConn = unknown, TApp = unknown>(runtime: ActionRuntime, channel: IActionChannel<TO_ACCEPTOR, TO_CONNECTOR>, options: IServeChannelOptions<TO_ACCEPTOR, TConn, TApp>): IChannelServer<TConn, TApp>;
 //#endregion
 //#region src/ActionRuntime/Channel/serveHost.d.ts
 /**
@@ -2503,157 +2003,12 @@ type TServeHostOptions<TO_ACCEPTOR extends readonly ActionDomain<any>[], TConn,
  * the host adapter and nothing else. Passing `connectionState` narrows the return so `server.connections`
  * is non-optional, exactly as with `serveChannel`.
  */
-declare function serveHost<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[], TConn, TApp>(runtime: ActionRuntime, channel: ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>, host: IChannelHostAdapter<TConn>, options: TServeHostOptions<TO_ACCEPTOR, TConn, TApp> & {
+declare function serveHost<TO_ACCEPTOR extends readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[], TConn, TApp>(runtime: ActionRuntime, channel: IActionChannel<TO_ACCEPTOR, TO_CONNECTOR>, host: IChannelHostAdapter<TConn>, options: TServeHostOptions<TO_ACCEPTOR, TConn, TApp> & {
   connectionState: IServeConnectionStateOptions<TApp>;
 }): IChannelServer<TConn, TApp> & {
   connections: ConnectionStateStore<TConn, TApp>;
 };
-declare function serveHost<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TConn = unknown, TApp = unknown>(runtime: ActionRuntime, channel: ISecureChannel<TO_ACCEPTOR, TO_CONNECTOR>, host: IChannelHostAdapter<TConn>, options: TServeHostOptions<TO_ACCEPTOR, TConn, TApp>): IChannelServer<TConn, TApp>;
-//#endregion
-//#region src/ActionRuntime/Transport/SecureSession/exchangeAcceptor.d.ts
-/** Acceptor secure config for the exchange (HTTP) endpoint — same identity an `AcceptorHandler` uses. */
-interface IExchangeAcceptorSecurity {
-  /** This acceptor's crypto identity (verify + exchange key pairs, optionally persisted). */
-  link: ClientCryptoKeyLink;
-  /** This acceptor's coordinate — its identity to clients during the handshake. */
-  localCoordinate: IRuntimeCoordinate;
-  /** Wire dictionary version; the handshake rejects a client on a mismatch. */
-  dictionaryVersion: string;
-  /** Accepted level(s) — a single level is strict, an array is a negotiable allowed set. */
-  securityLevel: ESecurityLevel | readonly ESecurityLevel[];
-  /** Trust decision for a client's verify key (defaults to in-memory TOFU inside the handshake). */
-  verifyKeyResolver?: IClientVerifyKeyResolver;
-}
-interface IExchangeAcceptorConfig {
-  security: IExchangeAcceptorSecurity;
-  /** The runtime that executes an inbound action wire and produces its result. */
-  runtime: ActionRuntime;
-}
-/**
- * Acceptor (accept-in) side of the secure exchange protocol — the HTTP counterpart to
- * {@link AcceptorSecureSession}. Each POST body is one {@link decodeExchangeRequest} envelope; the
- * acceptor drives the server handshake over the two `hs` POSTs (correlated by `hsid`, since stateless
- * requests can't rely on channel ordering), mints a session **token** on accept, and on every later `act`
- * POST resolves the session by token, decrypts the body (at `encrypted`), routes it through the runtime,
- * and returns the (encrypted) result inline as the reply.
- *
- * Sessions and in-flight handshakes are held in memory — fine for a single-instance server. (Surviving a
- * Durable-Object eviction would persist each token's `keyMaterial` and re-derive the key on a miss, the
- * same primitive `AcceptorSecureSession.rehydrate` uses; left as a follow-up.)
- */
-declare class ExchangeAcceptor {
-  private readonly _security;
-  private readonly _runtime;
-  private readonly _allowedLevels;
-  private readonly _noneAllowed;
-  private readonly _pendingHandshakes;
-  private readonly _sessions;
-  constructor(config: IExchangeAcceptorConfig);
-  /** Process one POST body (an exchange envelope), returning the reply body to send back. */
-  handlePost(body: string): Promise<string>;
-  private _handleHandshake;
-  private _handleAction;
-  private _err;
-}
-//#endregion
-//#region src/ActionRuntime/Handler/PeerLink/Acceptor/createActionFetchHandler.d.ts
-interface IActionFetchHandlerOptions {
-  /**
-   * CORS headers merged onto every response (a preflight `OPTIONS` is answered `204` with them).
-   * Defaults to permissive `*`; pass `false` to attach no CORS headers at all.
-   */
-  cors?: Record<string, string> | false;
-  /** Which requests carry an action wire on `POST`. Default: pathname ends with `/action`. */
-  isActionPath?: (url: URL) => boolean;
-  /** Which requests are WebSocket upgrades. Default: pathname ends with `/ws`. */
-  isWebSocketPath?: (url: URL) => boolean;
-  /**
-   * Whether a request is a WebSocket upgrade for this endpoint, given the whole request (not just the
-   * URL). When set it *replaces* the default gate (an `Upgrade: websocket` header on an
-   * {@link isWebSocketPath} match) — use it when the discriminant needs a header or method, not only the
-   * path. Only consulted when {@link onWebSocketUpgrade} is present.
-   */
-  isWebSocketUpgrade?: (request: Request, url: URL) => boolean;
-  /**
-   * Perform the transport-specific WebSocket upgrade (e.g. a Durable Object's
-   * `new WebSocketPair()` + `ctx.acceptWebSocket()` returning a `101`). Omit for HTTP-only endpoints.
-   * Its response is returned as-is — a `101` upgrade carries no CORS headers.
-   */
-  onWebSocketUpgrade?: (request: Request, url: URL) => Response | Promise<Response>;
-  /** Forwarded to `ActionPayload_Result.toHttpResponse` — use the error's HTTP status (default true). */
-  useErrorStatus?: boolean;
-  /**
-   * Enable the secure exchange protocol (handshake + token sessions + body encryption) on the `/action`
-   * endpoint, mirroring an `AcceptorHandler`'s `security`. The matching connector is
-   * `secureTransport({ carrier: httpCarrier(...), securityLevel })`. When omitted, the endpoint speaks
-   * today's plain protocol (the raw action wire is POSTed and the result is the response body).
-   */
-  security?: IExchangeAcceptorSecurity;
-}
-/**
- * Build the `fetch` handler a server/Durable-Object exposes for action traffic, folding in the
- * boilerplate every endpoint repeats: CORS (incl. the `OPTIONS` preflight), routing the `/action`
- * `POST` body through the runtime (`handleActionPayloadWire` → `waitForResultPayload` →
- * `toHttpResponse`), an optional WebSocket-upgrade hook, and a `404` fallback.
- *
- * It only touches web-standard `Request`/`Response`, so it stays transport-agnostic — the one
- * environment-specific bit (the WS upgrade) is injected via {@link IActionFetchHandlerOptions.onWebSocketUpgrade}:
- * ```ts
- * this.fetchHandler = createActionFetchHandler(this.runtime, {
- *   onWebSocketUpgrade: () => {
- *     const pair = new WebSocketPair();
- *     this.ctx.acceptWebSocket(pair[1]);
- *     return new Response(null, { status: 101, webSocket: pair[0] });
- *   },
- * });
- * // async fetch(request) { return this.fetchHandler(request); }
- * ```
- */
-declare function createActionFetchHandler(runtime: ActionRuntime, options?: IActionFetchHandlerOptions): (request: Request) => Promise<Response>;
-//#endregion
-//#region src/ActionRuntime/Handler/PeerLink/Acceptor/createSecureActionServer.d.ts
-interface ISecureAcceptorHandlerOptions<TConn> {
-  /** The shared channel identity (codec + dictionary version) — same one the clients use. */
-  channel: ISecureChannel;
-  /**
-   * Coordinate of the *connecting clients* (typically env-only, e.g. `RuntimeCoordinate.env("web_app")`),
-   * used to route results/pushes back over this handler.
-   */
-  clientEnv: RuntimeCoordinate;
-  /** This server's runtime — its coordinate is the server identity presented in the handshake. */
-  runtime: ActionRuntime;
-  /**
-   * One backing store for the server's crypto identity *and* its trust-on-first-use verify-key pins.
-   * Their keys don't collide, so a single adapter is enough; back it with persistent storage (e.g. a
-   * Durable Object's storage) so identity and pins survive eviction.
-   */
-  storageAdapter: StorageAdapter;
-  /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
-  send: (connection: TConn, frame: string | Uint8Array | ArrayBuffer) => void;
-  /**
-   * The server's crypto identity. Defaults to a fresh {@link ClientCryptoKeyLink} over `storageAdapter`.
-   * Pass an existing link to share one identity across several acceptors on the same server (e.g. a
-   * WebSocket acceptor and a secure-HTTP {@link createActionFetchHandler}), so they present the same
-   * verify/exchange keys — avoiding a divergent-key race when two fresh links initialize concurrently.
-   */
-  link?: ClientCryptoKeyLink;
-  /** Accepted level(s); defaults to negotiating any of none/authenticated/encrypted. */
-  securityLevel?: ESecurityLevel | readonly ESecurityLevel[];
-  /** Trust decision for a client's verify key; defaults to storage-backed TOFU over `storageAdapter`. */
-  verifyKeyResolver?: IClientVerifyKeyResolver;
-  /** Timeout (ms) applied to server-initiated actions awaiting a client response. */
-  defaultTimeout?: number;
-}
-/**
- * Build an {@link AcceptorHandler} for the secure binary channel with the boilerplate folded in:
- * it creates the {@link ClientCryptoKeyLink} and the storage-backed TOFU resolver from a single
- * `storageAdapter`, installs the channel's per-connection codec, and assembles the `security` block
- * from the runtime coordinate + channel version (accepting all three levels by default).
- *
- * For a hibernatable transport (e.g. a Durable Object), pair it with
- * {@link createHibernatableWsServerAdapter} to wire persistence + replay.
- */
-declare function createSecureAcceptorHandler<TConn = unknown>(options: ISecureAcceptorHandlerOptions<TConn>): AcceptorHandler<TConn>;
+declare function serveHost<TO_ACCEPTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TO_CONNECTOR extends readonly ActionDomain<any>[] = readonly ActionDomain<any>[], TConn = unknown, TApp = unknown>(runtime: ActionRuntime, channel: IActionChannel<TO_ACCEPTOR, TO_CONNECTOR>, host: IChannelHostAdapter<TConn>, options: TServeHostOptions<TO_ACCEPTOR, TConn, TApp>): IChannelServer<TConn, TApp>;
 //#endregion
 //#region src/ActionRuntime/Handler/PeerLink/Connector/err_nice_external_client.d.ts
 declare const err_nice_external_client: import("@nice-code/error").NiceErrorDomain<{
@@ -2693,16 +2048,15 @@ declare function createInMemoryChannelPair(): IInMemoryChannelPair;
 //#endregion
 //#region src/ActionRuntime/Transport/Carrier/duplex/inMemory/inMemoryCarrier.d.ts
 interface IInMemoryCarrier {
-  /** The connector end — pass as the `carrier` to {@link secureTransport} / `LinkTransport`. */
+  /** The connector end — pass as the `carrier` to one of `connectChannel`'s transports. */
   carrier: IDuplexCarrierSource;
   /** The acceptor end — wire into an `AcceptorHandler` (`send` + `receive`). */
   serverEndpoint: IInMemoryServerEndpoint;
 }
 /**
  * A loopback duplex carrier with no socket — two cross-wired in-process ends. The connector end is an
- * {@link IDuplexCarrierSource} for {@link secureTransport}; the acceptor end plugs into an
- * `AcceptorHandler`. Ideal for tests and for running two runtimes in one process, or proving a
- * non-WS carrier end to end.
+ * {@link IDuplexCarrierSource} for `connectChannel`; the acceptor end plugs into an `AcceptorHandler`.
+ * Ideal for tests and for running two runtimes in one process, or proving a non-WS carrier end to end.
  */
 declare function inMemoryCarrier(): IInMemoryCarrier;
 //#endregion
@@ -2738,8 +2092,8 @@ interface IRtcCarrierOptions {
 }
 /**
  * A WebRTC {@link IDuplexCarrierSource} over an already-negotiated `RTCDataChannel` (signaling is the
- * app's concern). Hand it to {@link secureTransport} so two browsers/apps linked peer-to-peer run the
- * identical secure session as a WebSocket.
+ * app's concern). Pass it as a `carrier` to `connectChannel` so two browsers/apps linked peer-to-peer run
+ * the identical secure session as a WebSocket.
  */
 declare function rtcCarrier(dataChannel: IRtcDataChannelLike, options?: IRtcCarrierOptions): IDuplexCarrierSource;
 //#endregion
@@ -2806,8 +2160,8 @@ interface IWsCarrierOptions {
 }
 /**
  * A WebSocket {@link IDuplexCarrierSource}: opens an `arraybuffer` socket (cached per endpoint) and adapts
- * it to a carrier. Hand it to {@link secureTransport} (or `LinkTransport`) — the WebSocket is now "just
- * another carrier" under the shared secure session, with no WS-specific transport class.
+ * it to a carrier. Pass it as a `carrier` to `connectChannel` — the WebSocket is now "just another
+ * carrier" under the shared secure session, with no WS-specific transport class.
  *
  * `createRequest` derives the socket URL per action (keep it simple with `() => ({ url })`), so dynamic
  * endpoints (e.g. a per-run query param) need no `createWebSocket` escape hatch.
@@ -2819,8 +2173,9 @@ interface IHttpAcceptorCarrierOptions {
   /**
    * Whether this endpoint runs the secure exchange protocol (default `true`). Pass `false` for a plain
    * endpoint — the body is the raw action wire and the result is the response body, the request/reply dual
-   * of `plainTransport({ carrier: httpCarrier(...) })`. A plain endpoint ignores the crypto identity, so it
-   * can sit alongside a secure WebSocket on the same server (e.g. a secure WS preferred, plain HTTP fallback).
+   * of a connector's plain HTTP transport (`{ carrier: httpCarrier(...), secure: false }`). A plain
+   * endpoint ignores the crypto identity, so it can sit alongside a secure WebSocket on the same server
+   * (e.g. a secure WS preferred, plain HTTP fallback).
    */
   secure?: boolean;
   /** Which requests carry an action exchange envelope on `POST`. Defaults to `serveChannel`'s path match. */
@@ -2863,129 +2218,16 @@ interface IHttpCarrierOptions {
 }
 /**
  * An HTTP {@link IExchangeCarrierSource}: each `exchange` POSTs one frame body to the action endpoint and
- * resolves with the response body as the single correlated reply. Hand it to {@link secureTransport} —
- * HTTP then runs the *same* secure session as a duplex carrier (handshake → token → encrypted frames),
- * the request/reply correlation provided for free by the HTTP transaction.
+ * resolves with the response body as the single correlated reply. Pass it as a `carrier` to
+ * `connectChannel` — a secure HTTP transport then runs the *same* secure session as a duplex carrier
+ * (handshake → token → encrypted frames), the request/reply correlation provided for free by the HTTP
+ * transaction.
  *
  * `createRequest` derives the URL/headers per action (keep it simple with `() => ({ url })`). The body is
  * the session's responsibility, so it is never built here.
  */
 declare function httpCarrier(createRequest: (input: ITransportRouteActionParams) => IHttpCarrierRequest, options?: IHttpCarrierOptions): IExchangeCarrierSource;
 //#endregion
-//#region src/ActionRuntime/Transport/codec/createBinaryWireAdapter.d.ts
-/**
- * Builds a *stateless* `formatMessage` pipeline for {@link LinkTransport}, packing action
- * payloads into a compact msgpackr binary frame instead of JSON. The `domain`/`id` route collapses to
- * a single integer drawn from a shared dictionary; `form`/`type`, the recomputable
- * `inputHash`/`outputHash`, and the per-frame `context.routing`/`context.timeCreated` are all dropped
- * (see {@link ENVELOPE}).
- *
- * No validation runs here: `incoming` blindly reconstructs the wire JSON shape and hands it back to
- * the connection, which flows into `ActionRuntime` → `domain.hydrateAnyAction()` where the Valibot
- * schemas validate it exactly as they would for a JSON frame.
- *
- * Both ends of the socket MUST construct the adapter with the same domains in the same order — the
- * integer dictionary is positional. Mismatched dictionaries will route to the wrong action.
- *
- * Because `incoming` returns `undefined` for text frames, a binary server can still serve plain-JSON
- * clients on the same runtime (the connection falls back to its built-in JSON parser).
- */
-declare function createBinaryWireAdapter(domains: ActionDomain<any>[]): IActionWireFormat;
-//#endregion
-//#region src/ActionRuntime/Transport/crypto/actionFrameCrypto.d.ts
-/**
- * Async AES-GCM transform for the `encrypted` security level. It wraps the opaque binary frame a
- * session codec produces (it does NOT look inside it), encrypting on the way out and decrypting on the
- * way in with the shared key established by the handshake.
- *
- * It is deliberately separate from the (synchronous) session `formatMessage`: WebCrypto is always
- * Promise-based, so encryption has to happen at the transport's async I/O boundary — the connection
- * encrypts after `session.outgoing()` and decrypts before `session.incoming()`. The `authenticated`
- * and `none` levels use no crypto transform at all (frames go out as the session produced them).
- *
- * Wire shape of an encrypted frame: `pack([nonceBytes, ciphertextBytes])` — msgpack carries the two
- * binary fields with a couple of bytes of overhead, no base64 inflation.
- */
-interface IActionFrameCrypto {
-  /** Encrypt one session frame for sending. */
-  encryptFrame(frame: Uint8Array): Promise<Uint8Array>;
-  /** Decrypt one received frame back to the session frame. Throws on a non-binary / malformed /
-   * tampered frame — the caller (transport) decides how to react (drop / close). */
-  decryptFrame(frame: string | ArrayBuffer | Uint8Array): Promise<Uint8Array>;
-}
-interface IActionFrameCryptoConfig {
-  link: ClientCryptoKeyLink;
-  /** The handshake-established link id for the remote (key + connection-registry id). */
-  linkedClientId: TTypeAndId;
-}
-/**
- * Build the encrypt/decrypt transform for a connection whose handshake settled on the `encrypted`
- * level. Keyed by the link + `linkedClientId`, so it reuses the cached shared AES-GCM key.
- */
-declare function createActionFrameCrypto({
-  link,
-  linkedClientId
-}: IActionFrameCryptoConfig): IActionFrameCrypto;
-//#endregion
-//#region src/ActionRuntime/Transport/Exchange/TransportExchange.types.d.ts
-interface IActionTransportReadyData_Exchange extends IActionTransportReadyData_Base {
-  /** The live request/reply carrier this connection drives its session over. */
-  carrier: IExchangeCarrier;
-  /** Optional authenticated/encrypted config; the handshake runs once at bring-up when set. */
-  secureChannel?: ISecureClientConfig;
-}
-interface IActionTransportInitialized_Exchange extends IActionTransportInitialized<ITransportRouteActionParams, IActionTransportReadyData_Exchange> {}
-interface IActionTransportDef_Exchange extends IActionTransportDef<ETransportShape.exchange, IActionTransportInitialized_Exchange> {}
-//#endregion
-//#region src/ActionRuntime/Transport/Exchange/ExchangeConnection.d.ts
-/**
- * Carrier-agnostic live connection for the exchange (request → single reply) shape — the HTTP
- * counterpart to {@link LinkConnection}. It owns only the bring-up (run the secure handshake on first
- * use); the request/reply lifecycle + crypto live in the shared `establishExchangeSession`.
- */
-declare class ExchangeConnection extends TransportConnection<ETransportShape.exchange, ITransportRouteActionParams, IActionTransportReadyData_Exchange, IActionTransportInitialized_Exchange, IActionTransportDef_Exchange> {
-  constructor(def: Omit<IActionTransportDef_Exchange, "type">);
-  protected _getCacheKey(input: ITransportRouteActionParams): string;
-  protected _needsAsyncBringUp(data: IActionTransportReadyData_Exchange): boolean;
-  protected _finalizeReady(data: IActionTransportReadyData_Exchange): IActionTransportReadyData_Methods | Promise<IActionTransportReadyData_Methods>;
-  _finalizeTransportMethods(data: IActionTransportReadyData_Exchange): IActionTransportReadyData_Methods;
-  private _sessionContext;
-}
-//#endregion
-//#region src/ActionRuntime/Transport/Exchange/ExchangeTransport.d.ts
-interface IExchangeTransportOptions {
-  /** Open (or reuse) the exchange carrier for an action — e.g. `httpCarrier(...).open`. */
-  openCarrier: (input: ITransportRouteActionParams) => IExchangeCarrier;
-  /** Secure config; when set (and `securityLevel !== none`) the handshake runs once at bring-up. */
-  security?: ISecureClientConfig;
-  updateRunConfig?: TUpdateActionRunConfig;
-  /** Keys identifying a reusable session, so one carrier is shared across actions to the same peer. */
-  getTransportCacheKey?: (input: ITransportRouteActionParams) => string[];
-  /**
-   * Optional availability gate. When it returns `false`, the manager skips this transport for that action
-   * (reporting `unsupported`) and falls through to the next — without opening the carrier or computing its
-   * cache key. Re-evaluated per dispatch, so the transport can become available later with no reconnect.
-   */
-  available?: (input: ITransportRouteActionParams) => boolean;
-  /** Short label for the devtools chip (defaults to "exchange"). */
-  label?: string;
-  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
-}
-/**
- * A carrier-agnostic exchange (request → single reply) transport: it drives nice-action's secure session
- * over any {@link IExchangeCarrier} (HTTP being the one built-in). The duplex counterpart is
- * {@link LinkTransport}; this is the no-push half — its reply rides the response to its own request, so it
- * can't deliver an unsolicited frame (the runtime never picks it for the return path).
- */
-declare class ExchangeTransport extends Transport<ETransportShape.exchange> {
-  private readonly options;
-  readonly type = ETransportShape.exchange;
-  constructor(options: IExchangeTransportOptions);
-  static create(options: IExchangeTransportOptions): ExchangeTransport;
-  _createConnection(_ctx: ITransportConnectionContext): ExchangeConnection;
-  getRouteInfo(input: ITransportRouteActionParams): ITransportRouteInfo;
-}
-//#endregion
 //#region src/ActionRuntime/Transport/err_nice_transport.d.ts
 declare enum EErrId_NiceTransport {
   timeout = "timeout",
@@ -3023,130 +2265,6 @@ declare const err_nice_transport: import("@nice-code/error").NiceErrorDomain<{
   };
 }>;
 //#endregion
-//#region src/ActionRuntime/Transport/Link/TransportLink.types.d.ts
-/** The per-connection codec (positional binary wire / JSON fallback) the carrier's session uses. */
-type TLinkFormatMessage = IActionWireFormat;
-interface IActionTransportReadyData_Link extends IActionTransportReadyData_Base {
-  /** The live carrier this connection drives its session over. */
-  channel: IDuplexCarrier;
-  formatMessage?: TLinkFormatMessage;
-  /** Optional authenticated/encrypted channel; the connection runs the handshake during init. */
-  secureChannel?: ISecureClientConfig;
-}
-interface IActionTransportInitialized_Link extends IActionTransportInitialized<ITransportRouteActionParams, IActionTransportReadyData_Link> {}
-interface IActionTransportDef_Link extends IActionTransportDef<ETransportShape.duplex, IActionTransportInitialized_Link> {}
-//#endregion
-//#region src/ActionRuntime/Transport/Link/LinkConnection.d.ts
-/**
- * Carrier-agnostic live connection. It owns only the *bring-up* (open the carrier, then run the secure
- * session); the session itself — handshake, frame crypto, codec, send/receive — lives in the shared
- * {@link finalizeSecureLinkMethods}/{@link finalizePlainLinkMethods}, so a WebSocket, a WebRTC data
- * channel, a Bluetooth characteristic, and an in-memory pipe all run the identical secure layer.
- */
-declare class LinkConnection extends TransportConnection<ETransportShape.duplex, ITransportRouteActionParams, IActionTransportReadyData_Link, IActionTransportInitialized_Link, IActionTransportDef_Link> {
-  private resolvers;
-  constructor(def: Omit<IActionTransportDef_Link, "type">, resolvers?: IActionTransportResolvers);
-  protected _getCacheKey(input: ITransportRouteActionParams): string;
-  protected _needsAsyncBringUp(): boolean;
-  protected _awaitCarrierReady(data: IActionTransportReadyData_Link): Promise<void>;
-  protected _finalizeReady(data: IActionTransportReadyData_Link): IActionTransportReadyData_Methods | Promise<IActionTransportReadyData_Methods>;
-  private _sessionContext;
-  _finalizeTransportMethods(data: IActionTransportReadyData_Link): IActionTransportReadyData_Methods;
-}
-//#endregion
-//#region src/ActionRuntime/Transport/Link/LinkTransport.d.ts
-interface ILinkTransportOptions {
-  /**
-   * Open (or reuse) the carrier for an action — a WebSocket adapter, a WebRTC data channel, a Bluetooth
-   * characteristic, an in-memory pipe, anything that satisfies {@link IDuplexCarrier}.
-   */
-  openChannel: (input: ITransportRouteActionParams) => IDuplexCarrier;
-  /** Shared codec for every channel (stateless). */
-  formatMessage?: TLinkFormatMessage;
-  /**
-   * Per-channel codec factory — called once per opened channel so stateful codecs (e.g. the binary
-   * session) get their own instance. Takes precedence over `formatMessage`.
-   */
-  createFormatMessage?: () => TLinkFormatMessage;
-  /** Secure-channel config; when set (and `securityLevel !== none`) the handshake runs on init. */
-  security?: ISecureClientConfig;
-  updateRunConfig?: TUpdateActionRunConfig;
-  /** Keys identifying a reusable channel, so one carrier is shared across actions to the same peer. */
-  getTransportCacheKey?: (input: ITransportRouteActionParams) => string[];
-  /**
-   * Optional availability gate. When it returns `false`, the manager skips this transport for that action
-   * (reporting `unsupported`) and falls through to the next — without opening the carrier or computing its
-   * cache key. Re-evaluated per dispatch, so the transport can become available later with no reconnect.
-   */
-  available?: (input: ITransportRouteActionParams) => boolean;
-  /** Short label for the devtools chip (defaults to "link"). */
-  label?: string;
-  getRouteInfo?: (input: ITransportRouteActionParams) => ITransportRouteInfo;
-}
-/**
- * A carrier-agnostic transport: it drives nice-action's secure session + action routing over any
- * {@link IDuplexCarrier}. The WebSocket transport is the special case that opens a `WebSocket`;
- * this opens whatever `openChannel` returns, so the identical secure layer works over WebRTC, Bluetooth,
- * or an in-memory pipe. Reported with an overridable carrier label in the devtools (defaults to "link").
- */
-declare class LinkTransport extends Transport<ETransportShape.duplex> {
-  private readonly options;
-  readonly type = ETransportShape.duplex;
-  constructor(options: ILinkTransportOptions);
-  static create(options: ILinkTransportOptions): LinkTransport;
-  _createConnection(ctx: ITransportConnectionContext): LinkConnection;
-  getRouteInfo(input: ITransportRouteActionParams): ITransportRouteInfo;
-}
-//#endregion
-//#region src/ActionRuntime/Transport/SecureSession/exchangeProtocol.d.ts
-/**
- * The application-level envelope for secure action traffic over an {@link IExchangeCarrier} (HTTP). An
- * exchange carrier only moves one request frame → one reply frame with no unsolicited push, so the
- * handshake and the per-action token + crypto all ride in this envelope (a JSON string body) rather than
- * on a persistent channel. The three security levels share it:
- *
- * - `none` — no handshake, no token: an `act` envelope carries the plaintext wire both ways.
- * - `authenticated` — a one-time handshake yields a session `token`; each later `act` carries it +
- *   the plaintext wire.
- * - `encrypted` — same, but the wire is AES-GCM ciphertext, base64 in the `c` field.
- *
- * The handshake runs as two `hs` exchanges (hello→welcome, prove→accept) correlated by a client-chosen
- * `hsid`, since stateless requests can't rely on channel ordering. The `accept` reply carries the token.
- */
-type TWireJson = TActionPayload_Any_JsonObject<any, any>;
-/** Connector → acceptor request envelope. */
-type TExchangeRequest = {
-  k: "hs";
-  hsid: string;
-  m: string;
-} | {
-  k: "act";
-  t?: string;
-  w: TWireJson;
-} | {
-  k: "act";
-  t?: string;
-  c: string;
-};
-/** Acceptor → connector reply envelope. */
-type TExchangeReply = {
-  k: "hs";
-  m: string;
-  t?: string;
-} | {
-  k: "act";
-  w: TWireJson;
-} | {
-  k: "act";
-  c: string;
-} | {
-  k: "err";
-  message: string;
-};
-declare function encodeExchange(envelope: TExchangeRequest | TExchangeReply): string;
-declare function decodeExchangeRequest(raw: string): TExchangeRequest | undefined;
-declare function decodeExchangeReply(raw: string): TExchangeReply | undefined;
-//#endregion
 //#region src/errors/err_nice_action.d.ts
 declare enum EErrId_NiceAction {
   not_implemented = "not_implemented",
@@ -3372,5 +2490,508 @@ interface IActionPayload_Result_JsonObject<DOM extends IActionDomain = IActionDo
 type TActionPayload_Any_Instance<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = ActionPayload_Request<DOM, ID> | ActionPayload_Result<DOM, ID> | ActionPayload_Progress<DOM, ID>;
 type TActionPayload_Any_JsonObject<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = IActionPayload_Request_JsonObject<DOM, ID> | IActionPayload_Progress_JsonObject<DOM, ID> | IActionPayload_Result_JsonObject<DOM, ID>;
 //#endregion
-export { wsAcceptorCarrier as $, TTransportStatusInfo_GetTransport_Output as $n, TPossibleDomainId as $r, IDuplexCarrier as $t, encodeExchange as A, ITransportDispatchAction as An, ERunningActionUpdateType as Ar, TAcceptorCarrier as At, IActionFrameCrypto as B, IUpdateActionRunConfig_Output as Bn, IRuntimeCoordinateSpecifics as Br, IActionChannel as Bt, decodeActionFrame as C, IActionTransportDef as Cn, RunningAction as Cr, IConnectionContext as Ct, TExchangeRequest as D, IActionTransportReadyData_Methods as Dn, IActionCore_JsonObject as Dr, IAcceptorAttachmentStore as Dt, TExchangeReply as E, IActionTransportReadyData_Base as En, IActionCore as Er, serveChannel as Et, EErrId_NiceTransport as F, ITransportStatusInfo_Base as Fn, TRunningActionUpdate as Fr, ConnectionStateStore as Ft, IHttpCarrierRequest as G, TOnResolveIncomingRequestJson as Gn, IActionDomain as Gr, acceptChannel as Gt, createActionFrameCrypto as H, TOnResolveAnyIncomingActionData as Hn, RuntimeCoordinate as Hr, IConnectTransport as Ht, err_nice_transport as I, ITransportStatusInfo_Failed as In, TRunningActionUpdateFinished as Ir, IConnectionAttachment as It, IHttpAcceptorCarrierOptions as J, TSendActionDataMethod as Jn, TActionDomainChildDef as Jr, defineChannel as Jt, TCarrierFetch as K, TOnResolveIncomingResponse as Kn, IActionDomainChildOptions as Kr, acceptChannelConnections as Kt, ExchangeTransport as L, ITransportStatusInfo_Initializing as Ln, TRunningActionUpdateListener as Lr, IConnectionStateStoreOptions as Lt, LinkTransport as M, ITransportRouteActionParams as Mn, IRunningActionUpdate_Progress as Mr, IDuplexConnectionRouter as Mt, IActionTransportReadyData_Link as N, ITransportRouteClientParams as Nn, IRunningActionUpdate_Started as Nr, IHibernatableWsServerAdapterOptions as Nt, decodeExchangeReply as O, IActionTransportResolvers as On, ERunningActionFinishedType as Or, IDuplexAcceptorCarrier as Ot, TLinkFormatMessage as P, ITransportRouteInfo as Pn, IRunningActionUpdate_Success as Pr, createHibernatableWsServerAdapter as Pt, IWsAcceptorCarrierOptions as Q, TTransportStatusInfo as Qn, TInferOutputFromSchema as Qr, createBinaryWireSessionFactory as Qt, IExchangeTransportOptions as R, ITransportStatusInfo_Ready as Rn, ActionPayload_Result as Rr, createConnectionStateStore as Rt, IActionFrameDecoder as S, ETransportStatus as Sn, MaybePromise as Sr, IChannelServer as St, err_nice_action as T, IActionTransportReady as Tn, ActionPayload_Request as Tr, IServeConnectionStateOptions as Tt, createBinaryWireAdapter as U, TOnResolveAnyIncomingActionData_Json as Un, TRuntimeCoordinateEnvId as Ur, TChannelAcceptorCases as Ut, IActionFrameCryptoConfig as V, TGetTransportFn as Vn, IRuntimeFullCoordinates as Vr, IConnectChannelOptions as Vt, IHttpCarrierOptions as W, TOnResolveIncomingRequest as Wn, TRuntimeCoordinateStringId as Wr, TChannelPushHandlers as Wt, IWsCarrierOptions as X, TTransportCache as Xn, TDomainActionId as Xr, defineSecureChannel as Xt, httpAcceptorCarrier as Y, TSendReturnDataMethod as Yn, TActionDomainSchema as Yr, ISecureChannel as Yt, wsCarrier as Z, TTransportInitializationFinishedInfo as Zn, TInferInputFromSchema as Zr, IBinaryWireSessionOptions as Zt, TActionProgress as _, ActionRootDomain as _n, encodeHandshakeMessage as _r, IExchangeAcceptorConfig as _t, IActionPayload_Data_Base as a, TActionSchemaOptions as ai, AcceptorHandler as an, IClientHandshakeConfig as ar, rtcDataChannelByteChannel as at, isActionPayload_Request_JsonObject as b, createConnectorHandler as bn, ActionLocalHandler as br, TServeHostOptions as bt, IActionPayload_Request_JsonObject as c, TAcceptorCaseFn as cn, IHandshakeEncryptionKeyMaterial as cr, IInMemoryChannelPair as ct, IActionProgress_Custom as d, TActionConnectionEncoding as dn, THandshakeMessage as dr, err_nice_external_client as dt, TPossibleDomainIdList as ei, IDuplexCarrierSource as en, TUpdateActionRunConfig as er, EErrId_NiceTransport_WebSocket as et, IActionProgress_None as f, createAcceptorHandler as fn, createClientHandshake as fr, ISecureAcceptorHandlerOptions as ft, TActionPayload_Any_JsonObject as g, ActionDomain as gn, decodeHandshakeMessage as gr, ExchangeAcceptor as gt, TActionPayload_Any_Instance as h, ActionCore as hn, createStorageTofuVerifyKeyResolver as hr, createActionFetchHandler as ht, IActionPayload_Base_JsonObject as i, actionSchema as ii, TFrame$1 as in, ESecurityLevel as ir, IRtcDataChannelLike as it, ILinkTransportOptions as j, ITransportMethod_SendActionData_Input as jn, IRunningActionUpdate_Abort as jr, isExchangeAcceptorCarrier as jt, decodeExchangeRequest as k, ISecureClientConfig as kn, ERunningActionState as kr, IExchangeAcceptorCarrier as kt, IActionPayload_Result as l, TAcceptorConnectionCaseFn as ln, IHandshakeResult as lr, IInMemoryServerEndpoint as lt, IActionRouteItemHandler as m, createActionRootDomain as mn, createServerHandshake as mr, IActionFetchHandlerOptions as mt, EActionProgressType as n, EActionResponseMode as ni, IExchangeCarrierSource as nn, Transport as nr, IRtcCarrierOptions as nt, IActionPayload_Progress as o, TActionSerializationDefinition as oi, IAcceptorConnectionBinding as on, IClientVerifyKeyResolveInput as or, IInMemoryCarrier as ot, IActionProgress_Percentage as p, IActionWireFormat as pn, createInMemoryTofuVerifyKeyResolver as pr, createSecureAcceptorHandler as pt, httpCarrier as q, TOnResolveIncomingResponseJson as qn, IActionRootDomain as qr, connectChannel as qt, IActionPayload_Base as r, TInferActionError as ri, TCarrier as rn, EHandshakeMessageType as rr, rtcCarrier as rt, IActionPayload_Progress_JsonObject as s, TTransportedValue as si, IAcceptorHandlerOptions as sn, IClientVerifyKeyResolver as sr, inMemoryCarrier as st, EActionPayloadType as t, ActionSchema as ti, IExchangeCarrier as tn, ITransportConnectionContext as tr, err_nice_transport_ws as tt, IActionPayload_Result_JsonObject as u, TActionChannelFormatMessage as un, IServerHandshakeConfig as ur, createInMemoryChannelPair as ut, TActionResultOutcome as v, ActionRuntime as vn, runtimeLinkId as vr, IExchangeAcceptorSecurity as vt, EErrId_NiceAction as w, IActionTransportInitialized as wn, ActionPayload_Progress as wr, IServeChannelOptions as wt, isActionPayload_Any_JsonObject as x, ETransportShape as xn, createLocalHandler as xr, serveHost as xt, isActionPayload_Result_JsonObject as y, ConnectorHandler as yn, PeerLinkHandler as yr, IChannelHostAdapter as yt, IActionTransportReadyData_Exchange as z, ITransportStatusInfo_Unsupported as zn, IRuntimeCoordinate as zr, IAcceptChannelOptions as zt };
-//# sourceMappingURL=ActionPayload.types-B-OSg09t.d.mts.map
+//#region src/ActionRuntime/Handler/ActionHandler.types.d.ts
+declare enum EActionHandlerType {
+  peer = "peer",
+  local = "local"
+}
+interface IActionHandler_Json<T extends EActionHandlerType> {
+  type: T;
+}
+interface IActionHandler_Peer_Json extends IActionHandler_Json<EActionHandlerType.peer> {
+  client: IRuntimeCoordinate;
+}
+interface IActionHandler_Local_Json extends IActionHandler_Json<EActionHandlerType.local> {}
+type TActionHandler_Json = IActionHandler_Local_Json | IActionHandler_Peer_Json;
+interface IHandleActionOptions {
+  timeout?: number;
+  targetPeer?: RuntimeCoordinate;
+  targetLocalRuntime?: ActionRuntime;
+}
+interface IExecuteActionOptions<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends IHandleActionOptions {
+  listeners?: TRunningActionUpdateListener<DOM, ID>[];
+}
+interface IActionHandler_Base<T extends EActionHandlerType> {
+  cuid: string;
+  handlerType: T;
+  getActionRouter: () => ActionRouter<any>;
+}
+/**
+ *
+ *  LOCAL ACTION HANDLER
+ *
+ */
+interface IHandleActionOptions_Local extends IHandleActionOptions {}
+interface IActionHandler_Local extends IActionHandler_Base<EActionHandlerType.local> {
+  handleActionRequest: <DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: ActionPayload_Request<DOM, ID>, config?: IHandleActionOptions_Local) => Promise<RunningAction<DOM, ID>>;
+}
+/**
+ *
+ *  PEER-LINK ACTION HANDLER
+ *
+ */
+interface IHandleActionOptions_Peer extends IHandleActionOptions {}
+interface IActionHandler_Peer extends IActionHandler_Base<EActionHandlerType.peer> {
+  peerClient: RuntimeCoordinate;
+  handleActionRequest: <DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: ActionPayload_Request<DOM, ID>, config?: IHandleActionOptions_Peer) => Promise<RunningAction<DOM, ID>>;
+  _setIncomingActionDataListener(listener: (json: TActionPayload_Any_JsonObject<any>) => void): void;
+}
+/**
+ *
+ *  COMBINED
+ *
+ */
+type TActionHandler = IActionHandler_Local | IActionHandler_Peer;
+//#endregion
+//#region src/ActionDefinition/Action/Payload/ActionPayload_Request.d.ts
+declare class ActionPayload_Request<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends ActionPayload<EActionPayloadType.request, DOM, ID> {
+  readonly input: TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"];
+  readonly inputHash: string;
+  _callSite?: string;
+  constructor(params: {
+    context: ActionContext<DOM, ID>;
+  }, input: TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"], data: IActionPayload_Data_Base);
+  successResult(...args: [TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"]] extends [never] ? [] | [output: TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"]] : [output: TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"]]): ActionPayload_Result<DOM, ID>;
+  errorResult(err: TInferActionError<DOM["actionSchema"][ID]>): ActionPayload_Result<DOM, ID>;
+  progress(progress: TActionProgress): ActionPayload_Progress<DOM, ID>;
+  toJsonObject(): IActionPayload_Request_JsonObject<DOM, ID>;
+  toJsonString(): string;
+  runToOutput(options?: IExecuteActionOptions<DOM, ID>): Promise<TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"]>;
+  runToResultPayload(options?: IExecuteActionOptions<DOM, ID>): Promise<ActionPayload_Result<DOM, ID>>;
+  run(options?: IExecuteActionOptions<DOM, ID>): Promise<RunningAction<DOM, ID>>;
+}
+//#endregion
+//#region src/ActionDefinition/Action/Core/ActionCore.d.ts
+declare class ActionCore<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends ActionBase<EActionForm.core, DOM, ID> implements IActionCore<DOM, ID> {
+  readonly _domain: ActionDomain<DOM>;
+  readonly form = EActionForm.core;
+  constructor(_domain: ActionDomain<DOM>, id: ID);
+  is<ACT extends IActionBase<any, any, any>>(action: ACT | unknown | null | undefined): action is TNarrowActionType<DOM, ACT, ID>;
+  toJsonObject(): IActionBase_JsonObject<EActionForm.core, DOM, ID>;
+  request(...args: [TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"]] extends [never] ? [input?: never] : [input: TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"]]): ActionPayload_Request<DOM, ID>;
+  deserializeInput(serialized: TInferInputFromSchema<DOM["actionSchema"][ID]>["SerdeInput"]): TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"];
+  serializeInput(raw: TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"]): TInferInputFromSchema<DOM["actionSchema"][ID]>["SerdeInput"];
+  validateInput(input: unknown): TInferInputFromSchema<DOM["actionSchema"][ID]>["Input"];
+  validateOutput(output: unknown): TInferOutputFromSchema<DOM["actionSchema"][ID]>["Output"];
+}
+//#endregion
+//#region src/ActionRuntime/ActionRuntime.d.ts
+declare class ActionRuntime {
+  private _coordinate;
+  readonly timeCreated: number;
+  readonly runtimeInfo: IRuntimeMeta;
+  private readonly actionRouter;
+  private readonly _pendingRunningActions;
+  private readonly _registeredPeerHandlers;
+  private _applied;
+  static getDefault(): ActionRuntime;
+  constructor(coordinate: RuntimeCoordinate);
+  get coordinate(): RuntimeCoordinate;
+  specifyRuntimeCoordinate(specifics: IRuntimeCoordinateSpecifics & {
+    envId?: string;
+  }): void;
+  registerRunningAction(ra: RunningAction<any, any>): void;
+  resolveIncomingActionPayload(json: TActionPayload_Any_JsonObject<any, any>): void;
+  /**
+   * Handle an incoming action wire (e.g. from a transport layer), route it to
+   * the correct handler, and return the response. The most specific handler
+   * match is chosen (action-ID-specific beats domain-wildcard).
+   */
+  handleActionPayloadWire<D extends IActionDomain, ID extends keyof D["actionSchema"] & string>(wire: TActionPayload_Any_JsonObject<D, ID>): Promise<RunningAction<D, ID>>;
+  handleActionPayloadWire(wire: unknown): Promise<RunningAction<any, any>>;
+  handleActionPayload<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: TActionPayload_Any_Instance<DOM, ID>, options?: Omit<IHandleActionOptions, "targetLocalRuntime">): Promise<RunningAction<DOM, ID>>;
+  /**
+   * @internal
+   *
+   * Return the first handler registered for the given action, or `undefined`
+   * if none has been registered (action-ID-specific beats domain-wildcard).
+   */
+  _getHandlerForAction<ACT extends TActionPayload_Any_Instance<any, any>>(action: ACT, options?: Omit<IHandleActionOptions, "targetLocalRuntime">): TActionHandler | undefined;
+  getHandlerForActionOrThrow<ACT extends TActionPayload_Any_Instance<any, any>>(action: ACT, options?: Omit<IHandleActionOptions, "localRuntime">): TActionHandler;
+  /**
+   * Register one or more handlers. Each handler's own `actionRouter` defines
+   * which domains/actions it handles — those routing keys are mirrored into
+   * this runtime's router so the same action can be served by multiple handlers.
+   * Duplicate registrations (same handler cuid for the same key) are skipped.
+   */
+  addHandlers(handlers: TActionRuntimeHandler[]): this;
+  /**
+   * @internal Low-level primitive — the public way to open a connection is `connectChannel`, which
+   * derives routing from a channel and binds the crypto identity for you. This stays as the raw building
+   * block it sits on (it restates domain lists by hand) and is not part of the supported surface.
+   *
+   * Declare an external "backend client" in one call: build an
+   * {@link ConnectorHandler} for `externalCoordinate` carrying the given
+   * `transports`, route the listed `domains`/`actions` to it, register it (plus any
+   * `localHandlers` — e.g. server→client push handlers that share the same channel)
+   * on this runtime, and `apply()`. Returns the external handler so the caller can
+   * later `clearTransportCache()` it.
+   */
+  connectTo(externalCoordinate: RuntimeCoordinate, options: {
+    transports: Transport[];
+    domains?: ActionDomain<any>[];
+    actions?: ActionCore<any, any>[];
+    localHandlers?: TActionRuntimeHandler[];
+    defaultTimeout?: number;
+  }): ConnectorHandler;
+  private applyRuntimeForDomain;
+  /**
+   * Register this runtime with all root domains covered by its currently-added handlers,
+   * making it eligible to execute actions dispatched from those domains.
+   * After apply() is called, any subsequent addHandlers() calls also auto-register.
+   */
+  apply(): this;
+  /**
+   * Find the best registered external handler that can reach `originClient` directly.
+   * Used to locate the return-path channel for dispatching results back to the action origin.
+   * Returns `undefined` if no handler matches (score > 0 required, i.e. at least id must match).
+   *
+   * A handler that currently holds the origin's *live* connection always wins over a mere coordinate
+   * match — so with several duplex acceptors (e.g. WS + WebRTC) a result/push routes back over the carrier
+   * the client actually connected on, never a same-coordinate sibling that lacks the socket. Only when no
+   * handler owns a live connection do we fall back to the plain best-coordinate-score pick (the
+   * single-acceptor and connector-only cases, unchanged).
+   */
+  getReturnHandlerForOrigin(originClient: RuntimeCoordinate): PeerLinkHandler | undefined;
+  resetRuntime(): void;
+  private _trySetupReturnDispatch;
+}
+//#endregion
+//#region src/ActionDefinition/Domain/ActionDomain.d.ts
+type TActionMap<ACT_DOM extends IActionDomain> = { [K in keyof ACT_DOM["actionSchema"] & string]: ActionCore<ACT_DOM, K> };
+declare class ActionDomain<ACT_DOM extends IActionDomain = IActionDomain> extends ActionDomainBase<ACT_DOM> {
+  private _rootDomain;
+  private readonly _actionMap;
+  constructor(definition: ACT_DOM, {
+    rootDomain
+  }: {
+    rootDomain: ActionRootDomain<any>;
+  });
+  get rootDomain(): ActionRootDomain<any>;
+  /**
+   * @internal
+   * All action observers that should see actions on this domain: the root domain's
+   * observers plus this subdomain's own. Mirrors the listener set the local-dispatch
+   * path assembles in `runAction`/`_runAction`, so inbound actions (pushed from a
+   * backend or another client) can be wired up identically and surface in devtools.
+   */
+  _collectActionObservers(): TRunningActionUpdateListener<any, any>[];
+  _registerRuntime(runtime: ActionRuntime): void;
+  createChildDomain<SUB_DOM extends IActionDomainChildOptions>(subDomainDef: SUB_DOM & { [K in Exclude<keyof SUB_DOM, keyof IActionDomainChildOptions>]: never }): ActionDomain<TActionDomainChildDef<ACT_DOM, SUB_DOM>>;
+  get action(): TActionMap<ACT_DOM>;
+  actionsMap(): TActionMap<ACT_DOM>;
+  actionForId<ID extends keyof ACT_DOM["actionSchema"] & string>(id: ID): ActionCore<ACT_DOM, ID>;
+  wrapAsPartialLocalHandler(wrappedActionExecutor: Partial<TWrappableDomainActionHandler<ACT_DOM>>): ActionLocalHandler;
+  wrapAsLocalHandler(wrappedActionExecutor: TWrappableDomainActionHandler<ACT_DOM>): ActionLocalHandler;
+  hydrateContext<ID extends keyof ACT_DOM["actionSchema"] & string>(id: ID, contextData: IActionContext_Data_JsonObject): ActionContext<ACT_DOM, ID>;
+  isDomainAction<ACT extends IActionBase<any, ACT_DOM, any>>(action: ACT | unknown | null | undefined): action is TDistributedDomainActions<ACT_DOM, ACT>;
+  hydrateRequestPayload<ID extends keyof ACT_DOM["actionSchema"] & string, P extends IActionPayload_Request_JsonObject<ACT_DOM, ID>>(serialized: P): TDistributeActionPayload_Request<ACT_DOM, ID>;
+  hydrateResultPayload<ID extends keyof ACT_DOM["actionSchema"] & string, R extends IActionPayload_Result_JsonObject<ACT_DOM, ID>>(serialized: R): TDistributeActionPayload_Result<ACT_DOM, ID>;
+  hydrateAnyAction<ID extends keyof ACT_DOM["actionSchema"] & string, AJ extends TAction_Any_JsonObject<ACT_DOM, ID>>(actionJson: AJ): TNarrowActionJsonTypeToActionInstanceType<ACT_DOM, AJ, ID>;
+  runAction<ID extends keyof ACT_DOM["actionSchema"] & string, ACT extends ActionPayload_Request<ACT_DOM, ID>>(request: ACT, options?: IExecuteActionOptions<ACT_DOM, ID>): Promise<RunningAction<ACT_DOM, ID>>;
+  private createActionMap;
+}
+//#endregion
+//#region src/ActionDefinition/Action/ActionBase.types.d.ts
+declare enum EActionForm {
+  core = "core",
+  context = "context",
+  data = "data"
+}
+interface INiceActionIdAndDomain<DOM extends IActionDomain = IActionDomain> {
+  domain: DOM["domain"];
+  id: keyof DOM["actionSchema"] & string;
+}
+interface IActionBase<FORM extends EActionForm, DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> extends INiceActionIdAndDomain<DOM> {
+  id: ID;
+  form: FORM;
+  _domain: ActionDomain<DOM>;
+  allDomains: DOM["allDomains"];
+  schema: DOM["actionSchema"][ID];
+}
+interface IActionBase_JsonObject<FORM extends EActionForm = EActionForm, DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> {
+  form: FORM;
+  domain: DOM["domain"];
+  allDomains: DOM["allDomains"];
+  id: ID;
+}
+//#endregion
+//#region src/ActionDefinition/Action/Action.combined.types.d.ts
+/**
+ * Distributes a union ID into a proper discriminated union of ActionPayload_Request instances,
+ * so that narrowing on `.id` also narrows `.input`.
+ */
+type TDistributeActionPayload_Request<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string> = ID extends keyof DOM["actionSchema"] & string ? ActionPayload_Request<DOM, ID> : never;
+/**
+ * Distributes a union ID into a proper discriminated union of ActionPayload_Result instances,
+ * so that narrowing on `.id` also narrows `.result`.
+ */
+type TDistributeActionPayload_Result<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string> = ID extends keyof DOM["actionSchema"] & string ? ActionPayload_Result<DOM, ID> : never;
+/**
+ *
+ *  COMBINED JSON TYPES
+ *
+ */
+type TAction_Any_JsonObject<DOM extends IActionDomain = IActionDomain, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = IActionCore_JsonObject<DOM, ID> | TActionPayload_Any_JsonObject<DOM, ID> | IActionContext_JsonObject<DOM, ID>;
+/**
+ *
+ *  UTILITY TYPES
+ *
+ */
+type TDistributedDomainActions<DOM extends IActionDomain, ACT extends IActionBase<any, DOM, any>> = { [ID in keyof DOM["actionSchema"] & string]: TNarrowActionType<DOM, ACT, ID> }[keyof DOM["actionSchema"] & string];
+type TNarrowActionType<DOM extends IActionDomain, ACT extends IActionBase<any, DOM, any>, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = ACT extends ActionPayload_Result<any> ? ActionPayload_Result<DOM, ID> : ACT extends ActionPayload_Request<any> ? ActionPayload_Request<DOM, ID> : ACT extends ActionPayload_Progress<any> ? ActionPayload_Progress<DOM, ID> : ACT extends ActionCore<any> ? ActionCore<DOM, ID> : never;
+type TNarrowActionJsonTypeToActionInstanceType<DOM extends IActionDomain, ACT extends TAction_Any_JsonObject<DOM>, ID extends keyof DOM["actionSchema"] & string = keyof DOM["actionSchema"] & string> = ACT extends IActionPayload_Request_JsonObject<any> ? ActionPayload_Request<DOM, ID> : ACT extends IActionPayload_Result_JsonObject<any> ? ActionPayload_Result<DOM, ID> : ACT extends IActionPayload_Progress_JsonObject<any> ? ActionPayload_Progress<DOM, ID> : ACT extends IActionCore_JsonObject<any> ? ActionCore<DOM, ID> : never;
+//#endregion
+//#region src/ActionRuntime/Handler/PeerLink/Acceptor/AcceptorHandler.d.ts
+/** The codec shape `AcceptorHandler` uses to pack/unpack frames — same as the Link transport's. */
+type TActionChannelFormatMessage = IActionWireFormat;
+/** How a connection encodes its frames, remembered so we answer each client in its own dialect. */
+type TActionConnectionEncoding = "json" | "binary";
+/** A connection's restorable identity — what to persist so a binding survives transport eviction. */
+interface IAcceptorConnectionBinding {
+  /** Full client coordinate, so `originClient` can be re-injected into frames that omit it. */
+  client: IRuntimeCoordinate;
+  encoding: TActionConnectionEncoding;
+  /**
+   * Secure-session state (set once a connection's handshake completes). Persist it alongside the
+   * binding so an authenticated/encrypted connection resumes after eviction without re-handshaking —
+   * the `keyMaterial` lets the server re-derive the shared key from its own persisted identity.
+   */
+  secure?: {
+    securityLevel: ESecurityLevel;
+    linkedClientId: TTypeAndId;
+    keyMaterial?: IHandshakeEncryptionKeyMaterial;
+  };
+}
+/**
+ * Server-side secure-channel config. When set, each connection negotiates a level from
+ * {@link securityLevel}: an `authenticated`/`encrypted` client must complete the handshake (and is then
+ * bound to its *authenticated* coordinate) before any action frame is accepted. A `none` client (only
+ * when `none` is in the allowed set) is accepted as-is with a self-asserted identity. For the
+ * `encrypted` level the codec source should be a session factory (`createFormatMessage`).
+ */
+interface IAcceptorSecurity {
+  /**
+   * Accepted level(s). A single level is strict; an array is a negotiable allowed set — the server
+   * adopts whichever level each client requests (e.g. `[none, authenticated, encrypted]` serves all
+   * three over one endpoint).
+   */
+  securityLevel: ESecurityLevel | readonly ESecurityLevel[];
+  /** This server's crypto identity (verify + exchange key pairs, optionally persisted). */
+  link: ClientCryptoKeyLink;
+  /** This server's coordinate — its identity to clients during the handshake. */
+  localCoordinate: IRuntimeCoordinate;
+  /** Wire dictionary version; the handshake rejects a client on a mismatch. */
+  dictionaryVersion: string;
+  /** Trust decision for a client's verify key (defaults to in-memory TOFU inside the handshake). */
+  verifyKeyResolver?: IClientVerifyKeyResolver;
+}
+interface IAcceptorHandlerBaseOptions<TConn> {
+  /**
+   * Coordinate of the *connecting clients* (typically env-only, e.g. `RuntimeCoordinate.env("web_app")`).
+   * The runtime's return-path dispatch scores incoming actions' `originClient` against this to pick
+   * this handler for sending results/pushes back over the right channel.
+   */
+  clientEnv: RuntimeCoordinate;
+  /** Write an encoded frame to a specific live connection (e.g. `(ws, frame) => ws.send(frame)`). */
+  send: (connection: TConn, frame: string | Uint8Array | ArrayBuffer) => void;
+  /**
+   * The runtime this handler belongs to. When set, {@link AcceptorHandler.broadcast} can be called
+   * without threading a runtime through each call. Optional — `pushToClient` still takes one explicitly.
+   */
+  runtime?: ActionRuntime;
+  /** Timeout (ms) applied to server-initiated actions awaiting a client response. */
+  defaultTimeout?: number;
+  /**
+   * Called once when a connection is first bound to a client identity. Use it to persist the binding
+   * for transports that can resume after eviction — e.g. a Durable Object's hibernatable WebSocket:
+   * `(ws, binding) => ws.serializeAttachment(binding)` — then replay it via {@link AcceptorHandler.rehydrateConnection}
+   * when the channel comes back.
+   */
+  onConnectionBound?: (connection: TConn, binding: IAcceptorConnectionBinding) => void;
+  /**
+   * Enable the authenticated (optionally encrypted) handshake. When omitted, connections are trusted
+   * as-is (identity self-asserted) — fine for dev / trusted networks.
+   */
+  security?: IAcceptorSecurity;
+}
+/**
+ * Provide exactly one codec source:
+ * - `formatMessage` — a single shared codec for every connection (stateless, e.g. `createBinaryWireAdapter`).
+ * - `createFormatMessage` — a per-connection factory for stateful codecs (e.g.
+ *   `createBinaryWireSessionFactory`, whose sessions hold correlation + identity state). Required for the
+ *   leanest binary wire; the handler creates and caches one codec per connection.
+ */
+type IAcceptorHandlerOptions<TConn> = IAcceptorHandlerBaseOptions<TConn> & ({
+  formatMessage: TActionChannelFormatMessage;
+  createFormatMessage?: never;
+} | {
+  createFormatMessage: () => TActionChannelFormatMessage;
+  formatMessage?: never;
+});
+/**
+ * A connection-aware execution case (see {@link AcceptorHandler.forConnectionDomainCases}). It receives
+ * the primed request plus a per-invocation `context` — whatever the wiring's context mapper produces from
+ * the originating connection. The low-level handler passes the raw connection (`TConn | undefined`); the
+ * higher-level `serveChannel` enriches it into an `IConnectionContext` (state + broadcast + pushBack). A
+ * case may return the action's raw output, a result payload, or nothing (auto-wrapped as an empty
+ * success) — exactly like a local handler case.
+ */
+type TAcceptorCaseFn<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string, TCtx> = (action: TDistributeActionPayload_Request<DOM, ID>, context: TCtx) => ReturnType<THandleActionExecutionFn<DOM, ID>> | void;
+/**
+ * The connection-aware case the bare {@link AcceptorHandler} serves: its `context` is the originating
+ * client's live connection (resolved from the request's `originClient`, `undefined` if the socket is
+ * gone). It's {@link TAcceptorCaseFn} fixed to `TConn | undefined` — the un-enriched shape used by
+ * {@link AcceptorHandler.forConnectionDomainCases} and `acceptChannelConnections`.
+ */
+type TAcceptorConnectionCaseFn<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string, TConn> = TAcceptorCaseFn<DOM, ID, TConn | undefined>;
+/**
+ * Server-side handler for backends that accept many client connections over a single open channel
+ * (WebSockets, Durable Objects, …). It is transport-agnostic: you feed it inbound frames with
+ * {@link receive} and tell it how to write outbound frames via the `send` option.
+ *
+ * Add it alongside your local execution handler:
+ * ```ts
+ * const serverHandler = createAcceptorHandler({ clientEnv, formatMessage, send: (ws, f) => ws.send(f) });
+ * runtime.addHandlers([localHandler, serverHandler]);
+ * // per inbound message (e.g. a Durable Object's webSocketMessage):
+ * serverHandler.receive(ws, message);
+ * ```
+ *
+ * Inbound requests route to your local handler; the runtime's return dispatch then calls this
+ * handler back (it is an external handler keyed to `clientEnv`) to send the result to the originating
+ * connection. The handler keeps a per-connection identity registry so each result lands on the right
+ * socket, and remembers each connection's encoding so binary and JSON clients can share the channel.
+ *
+ * It registers an empty action router, so it is never chosen to *execute* an inbound request — only
+ * to ferry results/pushes back out.
+ */
+declare class AcceptorHandler<TConn = unknown> extends PeerLinkHandler {
+  /** Accept-in over a live (duplex) connection registry — it pushes results/broadcasts to bound sockets. */
+  readonly canPush = true;
+  private readonly _formatMessage?;
+  private readonly _createFormatMessage?;
+  private readonly _send;
+  private readonly _runtime?;
+  private readonly _serverTimeout;
+  private _onConnectionBound?;
+  private readonly _security?;
+  /** Normalized accepted levels; whether `none` (plain) is allowed; whether any level needs a handshake. */
+  private readonly _allowedLevels;
+  private readonly _noneAllowed;
+  private readonly _handshakeMode;
+  private readonly _connByClient;
+  private readonly _clientByConn;
+  private readonly _connEncoding;
+  private readonly _codecByConn;
+  private readonly _sessionByConn;
+  constructor(options: IAcceptorHandlerOptions<TConn>);
+  /**
+   * The codec for a connection: a per-connection session (cached) when a factory was provided, else
+   * the single shared `formatMessage`.
+   */
+  private _codecFor;
+  /**
+   * Register (or replace) the connection-bound persistence callback after construction. Used by
+   * lifecycle helpers like {@link createHibernatableWsServerAdapter} so persistence and replay are
+   * owned by one place instead of being split across the constructor options.
+   */
+  setOnConnectionBound(onConnectionBound: (connection: TConn, binding: IAcceptorConnectionBinding) => void): void;
+  /**
+   * Feed one inbound frame from a connection into the runtime. Decodes text or binary, binds the
+   * connection to the requesting client's identity, then routes it (requests execute locally;
+   * results/progress resolve pending server-initiated actions).
+   */
+  receive(connection: TConn, frame: string | ArrayBuffer | Uint8Array): void;
+  private _receivePlain;
+  /**
+   * The secure session for a connection (built lazily on its first secure-mode frame), with the
+   * handler-owned effects — raw send, identity binding + persistence, and inbound routing — wired in as
+   * callbacks. The session owns all crypto/handshake/chain state; the handler keeps only the registry.
+   */
+  private _sessionFor;
+  /** Bind + persist a connection's authenticated identity once its handshake completes. */
+  private _onConnectionAuthenticated;
+  /** Decode a decrypted authenticated frame, inject the *authenticated* identity, and route it. */
+  private _routeAuthedActionBytes;
+  /**
+   * Ensure an inbound request carries the client's identity and that this connection is bound to it,
+   * so its result can be routed back. A session codec omits `originClient` after the first request, so
+   * when it's missing we restore it from the (possibly rehydrated) binding instead. (Plain mode only;
+   * secure mode binds the authenticated coordinate at handshake time.)
+   */
+  private _resolveRequestIdentity;
+  /**
+   * Restore a connection→client binding without an inbound frame — for transports that resume after
+   * eviction. Pair it with the {@link IAcceptorHandlerOptions.onConnectionBound} hook: persist
+   * the binding there, then replay each live connection here when the channel comes back (e.g. a
+   * Durable Object iterating `ctx.getWebSockets()` as it wakes from hibernation).
+   */
+  rehydrateConnection(connection: TConn, binding: IAcceptorConnectionBinding): void;
+  toJsonObject(): IActionHandler_Peer_Json;
+  toHandlerRouteItem(): IActionRouteItemHandler;
+  /** Forget a connection (call on socket close) so stale entries don't misroute later results. */
+  dropConnection(connection: TConn): void;
+  /** Live connection for a client coordinate, if currently registered. */
+  getConnectionForClient(client: RuntimeCoordinate): TConn | undefined;
+  /** This acceptor owns the origin's return path when it currently holds a live connection bound to it. */
+  ownsLiveConnectionFor(origin: RuntimeCoordinate): boolean;
+  /** Whether this acceptor currently tracks `connection` — used to pick the owning handler among several. */
+  hasConnection(connection: TConn): boolean;
+  /**
+   * Send (and optionally await) a server-initiated action to a specific connected client. Pass the
+   * connection token directly (e.g. the `ws`) or a client `RuntimeCoordinate` to look one up.
+   */
+  pushToClient<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(runtime: ActionRuntime, target: TConn | RuntimeCoordinate, request: ActionPayload_Request<DOM, ID>, options?: {
+    timeout?: number;
+  }): RunningAction<DOM, ID>;
+  /**
+   * Build a local handler whose cases are connection-aware: each case receives the primed request and
+   * the originating client's live connection (resolved from `originClient`), so handlers don't repeat
+   * the `getConnectionForClient(action.context.originClient)` lookup. Cases may return raw output or
+   * nothing, just like {@link ActionLocalHandler.forDomainActionCases}. Add the returned handler to the
+   * runtime alongside this server handler:
+   * ```ts
+   * runtime.addHandlers([serverHandler.forConnectionDomainCases(domain, { … }), serverHandler]);
+   * ```
+   */
+  forConnectionDomainCases<FOR_DOM extends IActionDomain>(domain: ActionDomain<FOR_DOM>, cases: { [ID in keyof FOR_DOM["actionSchema"] & string]?: TAcceptorConnectionCaseFn<FOR_DOM, ID, TConn> }): ActionLocalHandler;
+  /**
+   * Like {@link forConnectionDomainCases} but spanning several domains with one merged case map — used
+   * by channel-derived wiring (`acceptChannelConnections` / `serveChannel`) where the channel's
+   * `toAcceptor` domains are served together. Each domain takes only the cases whose ids it owns, so a
+   * single map can cover several domains and unrelated ids are ignored.
+   *
+   * `mapContext` turns the resolved connection into whatever the case's second argument should be: the
+   * raw connection for the low-level helper, or an enriched `IConnectionContext` for `serveChannel`. It's
+   * called once per inbound action, after the originating connection is resolved.
+   */
+  forConnectionDomainCasesMulti<TCtx>(domains: readonly ActionDomain<any>[], cases: Record<string, TAcceptorCaseFn<any, any, TCtx> | undefined>, mapContext: (connection: TConn | undefined, request: ActionPayload_Request<any, any>) => TCtx): ActionLocalHandler;
+  /**
+   * Fan a server-initiated request out to every currently-bound connection. A fresh request is built
+   * per connection (each push mutates its own action context) and dispatched fire-and-forget. Pass
+   * `except` to skip the originating socket and `where` to filter by connection (e.g. read its
+   * attachment for a role). Iterating bound connections (rather than every accepted socket) skips
+   * sockets that are still mid-handshake and so can't yet receive a frame.
+   */
+  broadcast<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(makeRequest: () => ActionPayload_Request<DOM, ID>, options?: {
+    runtime?: ActionRuntime;
+    except?: TConn | null;
+    where?: (connection: TConn) => boolean;
+    timeout?: number;
+    onError?: (error: unknown, connection: TConn) => void;
+  }): void;
+  sendReturnPayload(payload: TActionPayload_Any_Instance<any, any>, config: {
+    targetLocalRuntime: ActionRuntime;
+  }): Promise<boolean>;
+  handleActionRequest<DOM extends IActionDomain, ID extends keyof DOM["actionSchema"] & string>(action: ActionPayload_Request<DOM, ID>, config?: IHandleActionOptions): Promise<RunningAction<DOM, ID>>;
+  private _dispatch;
+  private _sendPayload;
+  private _bindConnection;
+  private _resolveConnection;
+  private _resolveSingleConnection;
+}
+declare const createAcceptorHandler: <TConn = unknown>(options: IAcceptorHandlerOptions<TConn>) => AcceptorHandler<TConn>;
+//#endregion
+export { rtcCarrier as $, MaybePromise as $n, IActionTransportInitialized as $t, TActionResultOutcome as A, TransportConnection as An, TInferOutputFromSchema as Ar, IConnectChannelOptions as At, IHttpCarrierOptions as B, IHandshakeEncryptionKeyMaterial as Bn, IActionWireFormat as Bt, IActionProgress_Custom as C, TSendActionDataMethod as Cn, IActionDomain as Cr, createHibernatableWsServerAdapter as Ct, TActionPayload_Any_Instance as D, TTransportStatusInfo as Dn, TActionDomainSchema as Dr, createConnectionStateStore as Dt, IActionRouteItemHandler as E, TTransportInitializationFinishedInfo as En, TActionDomainChildDef as Er, IConnectionStateStoreOptions as Et, decodeActionFrame as F, EHandshakeMessageType as Fn, TInferActionError as Fr, acceptChannelConnections as Ft, httpAcceptorCarrier as G, createInMemoryTofuVerifyKeyResolver as Gn, TCarrier as Gt, TCarrierFetch as H, IServerHandshakeConfig as Hn, IDuplexCarrierSource as Ht, EErrId_NiceAction as I, ESecurityLevel as In, actionSchema as Ir, connectChannel as It, IWsAcceptorCarrierOptions as J, decodeHandshakeMessage as Jn, createConnectorHandler as Jt, IWsCarrierOptions as K, createServerHandshake as Kn, TFrame$1 as Kt, err_nice_action as L, IClientHandshakeConfig as Ln, TActionSchemaOptions as Lr, defineChannel as Lt, isActionPayload_Request_JsonObject as M, Transport as Mn, TPossibleDomainIdList as Mr, TChannelAcceptorCases as Mt, isActionPayload_Any_JsonObject as N, ISecureAcceptorHandlerOptions as Nn, ActionSchema as Nr, TChannelPushHandlers as Nt, TActionPayload_Any_JsonObject as O, TTransportStatusInfo_GetTransport_Output as On, TDomainActionId as Or, IAcceptChannelOptions as Ot, IActionFrameDecoder as P, createSecureAcceptorHandler as Pn, EActionResponseMode as Pr, acceptChannel as Pt, IRtcCarrierOptions as Q, createLocalHandler as Qn, IActionTransportDef as Qt, EErrId_NiceTransport as R, IClientVerifyKeyResolveInput as Rn, TActionSerializationDefinition as Rr, IBinaryWireSessionOptions as Rt, IActionPayload_Result_JsonObject as S, TOnResolveIncomingResponseJson as Sn, IActionCore_JsonObject as Sr, IHibernatableWsServerAdapterOptions as St, IActionProgress_Percentage as T, TTransportCache as Tn, IActionRootDomain as Tr, IConnectionAttachment as Tt, httpCarrier as U, THandshakeMessage as Un, IExchangeCarrier as Ut, IHttpCarrierRequest as V, IHandshakeResult as Vn, IDuplexCarrier as Vt, IHttpAcceptorCarrierOptions as W, createClientHandshake as Wn, IExchangeCarrierSource as Wt, EErrId_NiceTransport_WebSocket as X, runtimeLinkId as Xn, ETransportShape as Xt, wsAcceptorCarrier as Y, encodeHandshakeMessage as Yn, PeerLinkHandler as Yt, err_nice_transport_ws as Z, ActionLocalHandler as Zn, ETransportStatus as Zt, IActionPayload_Data_Base as _, TOnResolveAnyIncomingActionData as _n, IRuntimeFullCoordinates as _r, IDuplexAcceptorCarrier as _t, TAcceptorConnectionCaseFn as a, ITransportDispatchAction as an, ERunningActionUpdateType as ar, IInMemoryServerEndpoint as at, IActionPayload_Request_JsonObject as b, TOnResolveIncomingRequestJson as bn, TRuntimeCoordinateStringId as br, isExchangeAcceptorCarrier as bt, createAcceptorHandler as c, ITransportRouteClientParams as cn, IRunningActionUpdate_Started as cr, IChannelHostAdapter as ct, ActionCore as d, ITransportStatusInfo_Failed as dn, TRunningActionUpdateFinished as dr, IChannelServer as dt, IActionTransportReady as en, createActionRootDomain as er, IRtcDataChannelLike as et, ActionPayload_Request as f, ITransportStatusInfo_Initializing as fn, TRunningActionUpdateListener as fr, IConnectionContext as ft, IActionPayload_Base_JsonObject as g, TGetTransportFn as gn, IRuntimeCoordinateSpecifics as gr, IAcceptorAttachmentStore as gt, IActionPayload_Base as h, IUpdateActionRunConfig_Output as hn, IRuntimeCoordinate as hr, serveChannel as ht, TAcceptorCaseFn as i, ISecureClientConfig as in, ERunningActionState as ir, IInMemoryChannelPair as it, isActionPayload_Result_JsonObject as j, ITransportConnectionContext as jn, TPossibleDomainId as jr, IConnectTransport as jt, TActionProgress as k, TUpdateActionRunConfig as kn, TInferInputFromSchema as kr, IActionChannel as kt, ActionDomain as l, ITransportRouteInfo as ln, IRunningActionUpdate_Success as lr, TServeHostOptions as lt, EActionProgressType as m, ITransportStatusInfo_Unsupported as mn, ActionPayload_Progress as mr, IServeConnectionStateOptions as mt, IAcceptorConnectionBinding as n, IActionTransportReadyData_Methods as nn, RunningAction as nr, IInMemoryCarrier as nt, TActionChannelFormatMessage as o, ITransportMethod_SendActionData_Input as on, IRunningActionUpdate_Abort as or, createInMemoryChannelPair as ot, EActionPayloadType as p, ITransportStatusInfo_Ready as pn, ActionPayload_Result as pr, IServeChannelOptions as pt, wsCarrier as q, createStorageTofuVerifyKeyResolver as qn, ConnectorHandler as qt, IAcceptorHandlerOptions as r, IActionTransportResolvers as rn, ERunningActionFinishedType as rr, inMemoryCarrier as rt, TActionConnectionEncoding as s, ITransportRouteActionParams as sn, IRunningActionUpdate_Progress as sr, err_nice_external_client as st, AcceptorHandler as t, IActionTransportReadyData_Base as tn, ActionRootDomain as tr, rtcDataChannelByteChannel as tt, ActionRuntime as u, ITransportStatusInfo_Base as un, TRunningActionUpdate as ur, serveHost as ut, IActionPayload_Progress as v, TOnResolveAnyIncomingActionData_Json as vn, RuntimeCoordinate as vr, IExchangeAcceptorCarrier as vt, IActionProgress_None as w, TSendReturnDataMethod as wn, IActionDomainChildOptions as wr, ConnectionStateStore as wt, IActionPayload_Result as x, TOnResolveIncomingResponse as xn, IActionCore as xr, IDuplexConnectionRouter as xt, IActionPayload_Progress_JsonObject as y, TOnResolveIncomingRequest as yn, TRuntimeCoordinateEnvId as yr, TAcceptorCarrier as yt, err_nice_transport as z, IClientVerifyKeyResolver as zn, TTransportedValue as zr, createBinaryWireSessionFactory as zt };
+//# sourceMappingURL=AcceptorHandler-11-QMdx2.d.mts.map