@paybond/kit 0.2.1 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -4
- package/dist/index.d.ts +492 -7
- package/dist/index.js +508 -10
- package/dist/mcp-server.d.ts +50 -0
- package/dist/mcp-server.js +903 -0
- package/dist/principal-intent.d.ts +5 -0
- package/dist/principal-intent.js +14 -0
- package/package.json +10 -2
package/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# `@paybond/kit`
|
|
2
2
|
|
|
3
|
-
Paybond Kit for TypeScript provides a tenant-bound Harbor client, gateway-backed service-account sessions, capability verification, canonical signing helpers for intent creation and evidence submission, tenant-scoped ledger provenance reads, and tenant-scoped Signal analytics and reputation reads.
|
|
3
|
+
Paybond Kit for TypeScript provides a tenant-bound Harbor client, gateway-backed service-account sessions, capability verification, canonical signing helpers for intent creation and evidence submission, x402 / USDC-on-Base intent funding helpers, tenant-scoped ledger provenance reads, and tenant-scoped Signal analytics and reputation reads.
|
|
4
4
|
|
|
5
5
|
Install the public package with:
|
|
6
6
|
|
|
@@ -56,21 +56,31 @@ try {
|
|
|
56
56
|
## What the package includes
|
|
57
57
|
|
|
58
58
|
- `Paybond.open(...)` for gateway-authenticated, tenant-derived Harbor sessions
|
|
59
|
-
- `HarborClient` for capability verification, intent creation, evidence submission, and ledger reads
|
|
60
|
-
-
|
|
59
|
+
- `HarborClient` for capability verification, intent creation, x402 funding, evidence submission, and ledger reads
|
|
60
|
+
- Protocol-v2 helpers for mandate verification, replay-safe recognition proof verification, receipt reads, and A2A discovery
|
|
61
|
+
- `GatewaySignalClient` and `ServiceAccountSignalSession` for tenant-scoped Signal reads and signed portfolio artifacts
|
|
61
62
|
- `paybond.signal` on `Paybond` sessions opened from one service-account API key
|
|
62
|
-
- `PaybondIntents` helpers for principal-signed intent creation and payee-signed evidence submission
|
|
63
|
+
- `PaybondIntents` helpers for principal-signed intent creation, x402 funding, and payee-signed evidence submission
|
|
64
|
+
- `paybond-mcp-server` for tenant-bound MCP tool exposure to any MCP-compatible host
|
|
63
65
|
- Low-level signing helpers exported for advanced callers
|
|
64
66
|
|
|
65
67
|
`allowedTools` values are your own tool or operation names, not a Paybond-owned catalog. Harbor enforces string matching against whatever names you chose when creating the intent.
|
|
66
68
|
|
|
69
|
+
`settlementRail` on intent creation is only a rail request. Stripe destinations and x402 receive addresses stay tenant-owned server-side config and are never supplied by the SDK caller.
|
|
70
|
+
|
|
71
|
+
The protocol-v2 surface is trust-first: signed mandates, recognition proofs, and receipts work across supported settlement adapters instead of treating any single rail as the product boundary.
|
|
72
|
+
|
|
73
|
+
Gateway-backed protocol helpers throw `ProtocolHttpError` with parsed `errorCode` and `errorMessage` fields when the gateway returns a JSON error envelope. Recognition-gated flows surface `unregistered_key`, `revoked_key`, `mandate_agent_key_mismatch`, and `protocol_binding_mismatch` explicitly.
|
|
74
|
+
|
|
67
75
|
## What it does not include
|
|
68
76
|
|
|
69
77
|
- No operator-tier settlement or console workflows
|
|
78
|
+
- No model-provider-specific MCP wrapper; the MCP server is host-agnostic and works with any MCP-compatible runtime
|
|
70
79
|
|
|
71
80
|
## Docs
|
|
72
81
|
|
|
73
82
|
- Long-form docs: `docs/kit/`
|
|
83
|
+
- MCP server guide: `docs/kit/mcp-server.md`
|
|
74
84
|
- Agents SDK tutorial: `docs/kit/openai-agents.md`
|
|
75
85
|
- TypeScript quickstart: `docs/kit/quickstart-typescript.md`
|
|
76
86
|
- TypeScript SDK reference: `docs/kit/sdk-reference-typescript.md`
|
package/dist/index.d.ts
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
* Paybond Kit — TypeScript Harbor client with tenant binding, retries, optional upstream JWT,
|
|
3
3
|
* and gateway service-account token exchange (`POST /v1/auth/harbor-access`).
|
|
4
4
|
*/
|
|
5
|
-
import { type BuildSignedCreateIntentParams } from "./principal-intent.js";
|
|
5
|
+
import { type BuildSignedCreateIntentParams, type SettlementRail } from "./principal-intent.js";
|
|
6
6
|
import { type SignPayeeEvidenceParams } from "./payee-evidence.js";
|
|
7
7
|
export type VerifyCapabilityResult = {
|
|
8
8
|
allow: boolean;
|
|
@@ -18,6 +18,44 @@ export type SubmitEvidenceResult = {
|
|
|
18
18
|
state: string;
|
|
19
19
|
predicatePassed?: boolean;
|
|
20
20
|
};
|
|
21
|
+
export type IntentFundingResult = {
|
|
22
|
+
settlementRail: SettlementRail;
|
|
23
|
+
harborFundEndpoint?: string;
|
|
24
|
+
status?: string;
|
|
25
|
+
paymentSessionId?: string;
|
|
26
|
+
paymentUrl?: string;
|
|
27
|
+
asset?: string;
|
|
28
|
+
network?: string;
|
|
29
|
+
authorizationId?: string;
|
|
30
|
+
captureId?: string;
|
|
31
|
+
voidId?: string;
|
|
32
|
+
refundId?: string;
|
|
33
|
+
sourceAddress?: string;
|
|
34
|
+
targetAddress?: string;
|
|
35
|
+
authorizationExpiresAt?: string;
|
|
36
|
+
captureExpiresAt?: string;
|
|
37
|
+
refundExpiresAt?: string;
|
|
38
|
+
onchainTransactionHashes?: {
|
|
39
|
+
authorizations?: string[];
|
|
40
|
+
captures?: string[];
|
|
41
|
+
voids?: string[];
|
|
42
|
+
refunds?: string[];
|
|
43
|
+
};
|
|
44
|
+
};
|
|
45
|
+
export type FundIntentResult = {
|
|
46
|
+
statusCode: 200 | 202 | 402;
|
|
47
|
+
paymentRequired?: string;
|
|
48
|
+
paymentResponse?: string;
|
|
49
|
+
intentId: string;
|
|
50
|
+
tenant: string;
|
|
51
|
+
state: string;
|
|
52
|
+
settlementRail: SettlementRail;
|
|
53
|
+
currency: string;
|
|
54
|
+
amountCents: number;
|
|
55
|
+
funded: boolean;
|
|
56
|
+
capabilityToken?: string;
|
|
57
|
+
funding?: IntentFundingResult;
|
|
58
|
+
};
|
|
21
59
|
/** Async supplier for short-lived Harbor JWTs minted by the Paybond gateway. */
|
|
22
60
|
export type HarborBearerSupplier = () => Promise<string | null | undefined>;
|
|
23
61
|
/**
|
|
@@ -57,6 +95,361 @@ export declare class SignalHttpError extends Error {
|
|
|
57
95
|
bodyText: string;
|
|
58
96
|
});
|
|
59
97
|
}
|
|
98
|
+
export type SignalMetrics = {
|
|
99
|
+
terminal_intents: number;
|
|
100
|
+
released: number;
|
|
101
|
+
refunded: number;
|
|
102
|
+
disputed: number;
|
|
103
|
+
success_rate_bps: number;
|
|
104
|
+
dispute_rate_bps: number;
|
|
105
|
+
refund_rate_bps: number;
|
|
106
|
+
mean_latency_nanos: number;
|
|
107
|
+
latency_sample_count: number;
|
|
108
|
+
receipted_volume_cents: number;
|
|
109
|
+
};
|
|
110
|
+
export type SignalConfidence = {
|
|
111
|
+
band: string;
|
|
112
|
+
support_score: number;
|
|
113
|
+
summary: string;
|
|
114
|
+
};
|
|
115
|
+
export type SignalSupportDepth = {
|
|
116
|
+
band: string;
|
|
117
|
+
terminal_intents: number;
|
|
118
|
+
receipted_volume_cents: number;
|
|
119
|
+
history_depth: number;
|
|
120
|
+
latency_sample_count: number;
|
|
121
|
+
};
|
|
122
|
+
export type SignalExplanationMetricDelta = {
|
|
123
|
+
metric: string;
|
|
124
|
+
previous: number;
|
|
125
|
+
current: number;
|
|
126
|
+
delta: number;
|
|
127
|
+
};
|
|
128
|
+
export type SignalExplanationDelta = {
|
|
129
|
+
basis: string;
|
|
130
|
+
previous_score: number;
|
|
131
|
+
score_delta: number;
|
|
132
|
+
previous_ledger_watermark_seq: number;
|
|
133
|
+
changed_metrics: SignalExplanationMetricDelta[];
|
|
134
|
+
reason_codes_added: string[];
|
|
135
|
+
reason_codes_removed: string[];
|
|
136
|
+
summary: string;
|
|
137
|
+
};
|
|
138
|
+
export type SignalSignedReceipt = {
|
|
139
|
+
schema_version: number;
|
|
140
|
+
receipt_version: string;
|
|
141
|
+
tenant_id: string;
|
|
142
|
+
operator_did: string;
|
|
143
|
+
score_version: string;
|
|
144
|
+
scoring_model: string;
|
|
145
|
+
scoring_narrative: string;
|
|
146
|
+
explanation_summary: string;
|
|
147
|
+
ledger_watermark_seq: number;
|
|
148
|
+
reason_codes: string[];
|
|
149
|
+
confidence?: SignalConfidence;
|
|
150
|
+
support_depth?: SignalSupportDepth;
|
|
151
|
+
review_state?: string;
|
|
152
|
+
explanation_delta?: SignalExplanationDelta;
|
|
153
|
+
metrics: SignalMetrics;
|
|
154
|
+
score: number;
|
|
155
|
+
signing_algorithm: string;
|
|
156
|
+
message_digest_hex: string;
|
|
157
|
+
signing_public_key_hex: string;
|
|
158
|
+
signature_hex: string;
|
|
159
|
+
};
|
|
160
|
+
export type SignalReceiptEnvelope = {
|
|
161
|
+
schema_version: number;
|
|
162
|
+
updated_at: string;
|
|
163
|
+
receipt: SignalSignedReceipt;
|
|
164
|
+
};
|
|
165
|
+
export type SignalPortfolioOperator = {
|
|
166
|
+
operator_did: string;
|
|
167
|
+
receipt_version?: string;
|
|
168
|
+
score: number;
|
|
169
|
+
ledger_watermark_seq: number;
|
|
170
|
+
receipt_message_digest_hex: string;
|
|
171
|
+
confidence?: SignalConfidence;
|
|
172
|
+
support_depth?: SignalSupportDepth;
|
|
173
|
+
review_state?: string;
|
|
174
|
+
explanation_delta?: SignalExplanationDelta;
|
|
175
|
+
};
|
|
176
|
+
export type SignalSignedPortfolioArtifact = {
|
|
177
|
+
schema_version: number;
|
|
178
|
+
artifact_version: string;
|
|
179
|
+
kind: string;
|
|
180
|
+
tenant_id: string;
|
|
181
|
+
score_model_version: string;
|
|
182
|
+
scoring_model: string;
|
|
183
|
+
checkpoint_last_ledger_seq: number;
|
|
184
|
+
operators: SignalPortfolioOperator[];
|
|
185
|
+
signing_algorithm: string;
|
|
186
|
+
message_digest_hex: string;
|
|
187
|
+
signing_public_key_hex: string;
|
|
188
|
+
signature_hex: string;
|
|
189
|
+
};
|
|
190
|
+
export type SignalPortfolioSummary = {
|
|
191
|
+
schema_version: number;
|
|
192
|
+
tenant_id: string;
|
|
193
|
+
score_model_version: string;
|
|
194
|
+
scoring_model: string;
|
|
195
|
+
checkpoint_last_ledger_seq: number;
|
|
196
|
+
operator_count: number;
|
|
197
|
+
average_score: number;
|
|
198
|
+
total_terminal_intents: number;
|
|
199
|
+
total_receipted_volume_cents: number;
|
|
200
|
+
operators_under_review: number;
|
|
201
|
+
};
|
|
202
|
+
export type A2AAgentCard = {
|
|
203
|
+
name: string;
|
|
204
|
+
description: string;
|
|
205
|
+
supportedInterfaces: Array<{
|
|
206
|
+
url: string;
|
|
207
|
+
protocolBinding: string;
|
|
208
|
+
protocolVersion: string;
|
|
209
|
+
tenant?: string;
|
|
210
|
+
}>;
|
|
211
|
+
provider?: {
|
|
212
|
+
url: string;
|
|
213
|
+
organization: string;
|
|
214
|
+
};
|
|
215
|
+
version: string;
|
|
216
|
+
documentationUrl?: string;
|
|
217
|
+
capabilities: {
|
|
218
|
+
streaming?: boolean;
|
|
219
|
+
pushNotifications?: boolean;
|
|
220
|
+
extendedAgentCard?: boolean;
|
|
221
|
+
extensions?: Array<{
|
|
222
|
+
uri?: string;
|
|
223
|
+
description?: string;
|
|
224
|
+
required?: boolean;
|
|
225
|
+
params?: Record<string, unknown>;
|
|
226
|
+
}>;
|
|
227
|
+
};
|
|
228
|
+
securitySchemes?: Record<string, unknown>;
|
|
229
|
+
defaultInputModes: string[];
|
|
230
|
+
defaultOutputModes: string[];
|
|
231
|
+
skills: Array<{
|
|
232
|
+
id: string;
|
|
233
|
+
name: string;
|
|
234
|
+
description: string;
|
|
235
|
+
tags: string[];
|
|
236
|
+
examples?: string[];
|
|
237
|
+
inputModes?: string[];
|
|
238
|
+
outputModes?: string[];
|
|
239
|
+
securityRequirements?: Array<Record<string, string[]>>;
|
|
240
|
+
}>;
|
|
241
|
+
};
|
|
242
|
+
export type A2ATaskField = {
|
|
243
|
+
name: string;
|
|
244
|
+
type: string;
|
|
245
|
+
required: boolean;
|
|
246
|
+
description: string;
|
|
247
|
+
};
|
|
248
|
+
export type A2ATaskParticipant = {
|
|
249
|
+
role: string;
|
|
250
|
+
required: boolean;
|
|
251
|
+
description: string;
|
|
252
|
+
};
|
|
253
|
+
export type A2ATaskExample = {
|
|
254
|
+
name: string;
|
|
255
|
+
description: string;
|
|
256
|
+
sampleInput?: Record<string, unknown>;
|
|
257
|
+
sampleResponse?: Record<string, unknown>;
|
|
258
|
+
};
|
|
259
|
+
export type A2ASettlementTaskContractV1 = {
|
|
260
|
+
schemaVersion: number;
|
|
261
|
+
kind: string;
|
|
262
|
+
id: string;
|
|
263
|
+
name: string;
|
|
264
|
+
description: string;
|
|
265
|
+
url: string;
|
|
266
|
+
routeBindings: string[];
|
|
267
|
+
requiredTrustArtifacts: string[];
|
|
268
|
+
settlementPhases: string[];
|
|
269
|
+
participants: A2ATaskParticipant[];
|
|
270
|
+
inputModes: string[];
|
|
271
|
+
outputModes: string[];
|
|
272
|
+
taskMetadataFields?: A2ATaskField[];
|
|
273
|
+
inputFields: A2ATaskField[];
|
|
274
|
+
resultFields: A2ATaskField[];
|
|
275
|
+
examples?: A2ATaskExample[];
|
|
276
|
+
};
|
|
277
|
+
export type A2ATaskContractCatalogV1 = {
|
|
278
|
+
schemaVersion: number;
|
|
279
|
+
kind: string;
|
|
280
|
+
agentCardUrl: string;
|
|
281
|
+
documentationUrl?: string;
|
|
282
|
+
contracts: A2ASettlementTaskContractV1[];
|
|
283
|
+
};
|
|
284
|
+
export type AgentMandateAuthorization = {
|
|
285
|
+
kind: string;
|
|
286
|
+
tenant_id: string;
|
|
287
|
+
principal_subject?: string;
|
|
288
|
+
principal_type?: string;
|
|
289
|
+
};
|
|
290
|
+
export type AgentMandateAgentIdentity = {
|
|
291
|
+
subject: string;
|
|
292
|
+
issuer?: string;
|
|
293
|
+
key_id?: string;
|
|
294
|
+
display_name?: string;
|
|
295
|
+
};
|
|
296
|
+
export type AgentMandateSpendCeiling = {
|
|
297
|
+
amount_minor: number;
|
|
298
|
+
currency: string;
|
|
299
|
+
};
|
|
300
|
+
export type AgentMandateSettlementRailPolicy = {
|
|
301
|
+
default_rail: string;
|
|
302
|
+
allowed_rails: string[];
|
|
303
|
+
};
|
|
304
|
+
export type AgentMandateConstraintReference = {
|
|
305
|
+
kind: string;
|
|
306
|
+
id?: string;
|
|
307
|
+
version?: string;
|
|
308
|
+
digest_sha256_hex?: string;
|
|
309
|
+
uri?: string;
|
|
310
|
+
};
|
|
311
|
+
export type AgentMandateV1 = {
|
|
312
|
+
schema_version: number;
|
|
313
|
+
kind: string;
|
|
314
|
+
authorization: AgentMandateAuthorization;
|
|
315
|
+
agent: AgentMandateAgentIdentity;
|
|
316
|
+
allowed_actions: string[];
|
|
317
|
+
allowed_tools: string[];
|
|
318
|
+
spend_ceiling: AgentMandateSpendCeiling;
|
|
319
|
+
settlement: AgentMandateSettlementRailPolicy;
|
|
320
|
+
constraint: AgentMandateConstraintReference;
|
|
321
|
+
expires_at: string;
|
|
322
|
+
nonce: string;
|
|
323
|
+
human_presence_mode: string;
|
|
324
|
+
};
|
|
325
|
+
export type SignedAgentMandateV1 = AgentMandateV1 & {
|
|
326
|
+
signing_algorithm: string;
|
|
327
|
+
message_digest_sha256_hex: string;
|
|
328
|
+
signing_public_key_ed25519_hex: string;
|
|
329
|
+
ed25519_signature_hex: string;
|
|
330
|
+
};
|
|
331
|
+
export type AgentRecognitionVerifierContext = {
|
|
332
|
+
tenant_id: string;
|
|
333
|
+
verifier_id: string;
|
|
334
|
+
};
|
|
335
|
+
export type AgentRecognitionRequestEnvelope = {
|
|
336
|
+
method: string;
|
|
337
|
+
path: string;
|
|
338
|
+
body_digest_sha256_hex: string;
|
|
339
|
+
};
|
|
340
|
+
export type AgentRecognitionProofV1 = {
|
|
341
|
+
schema_version?: number;
|
|
342
|
+
kind?: string;
|
|
343
|
+
key_id: string;
|
|
344
|
+
signature_algorithm?: string;
|
|
345
|
+
issued_at: string;
|
|
346
|
+
expires_at: string;
|
|
347
|
+
nonce: string;
|
|
348
|
+
purpose: string;
|
|
349
|
+
verifier_context: AgentRecognitionVerifierContext;
|
|
350
|
+
request_envelope: AgentRecognitionRequestEnvelope;
|
|
351
|
+
message_digest_sha256_hex?: string;
|
|
352
|
+
signing_public_key_ed25519_hex?: string;
|
|
353
|
+
ed25519_signature_hex?: string;
|
|
354
|
+
};
|
|
355
|
+
export type ProtocolTransportBindingV1 = {
|
|
356
|
+
source_protocol?: string;
|
|
357
|
+
partner_platform?: string;
|
|
358
|
+
external_authorization_id?: string;
|
|
359
|
+
request_id?: string;
|
|
360
|
+
};
|
|
361
|
+
export type ProtocolAuthorizationReceiptV1 = {
|
|
362
|
+
schema_version: number;
|
|
363
|
+
kind: string;
|
|
364
|
+
receipt_version: string;
|
|
365
|
+
receipt_id: string;
|
|
366
|
+
issued_at: string;
|
|
367
|
+
status: string;
|
|
368
|
+
intent_id: string;
|
|
369
|
+
tenant_id: string;
|
|
370
|
+
verifier_id: string;
|
|
371
|
+
transport_binding: ProtocolTransportBindingV1;
|
|
372
|
+
mandate_digest_sha256_hex: string;
|
|
373
|
+
imported_mandate_signing_public_key_ed25519_hex: string;
|
|
374
|
+
authorization: AgentMandateAuthorization;
|
|
375
|
+
agent: AgentMandateAgentIdentity;
|
|
376
|
+
allowed_actions: string[];
|
|
377
|
+
allowed_tools: string[];
|
|
378
|
+
spend_ceiling: AgentMandateSpendCeiling;
|
|
379
|
+
settlement: AgentMandateSettlementRailPolicy;
|
|
380
|
+
constraint: AgentMandateConstraintReference;
|
|
381
|
+
expires_at: string;
|
|
382
|
+
nonce: string;
|
|
383
|
+
human_presence_mode: string;
|
|
384
|
+
signing_algorithm: string;
|
|
385
|
+
message_digest_sha256_hex: string;
|
|
386
|
+
signing_public_key_ed25519_hex: string;
|
|
387
|
+
ed25519_signature_hex: string;
|
|
388
|
+
};
|
|
389
|
+
export type ProtocolSettlementReceiptV1 = {
|
|
390
|
+
schema_version: number;
|
|
391
|
+
kind: string;
|
|
392
|
+
receipt_version: string;
|
|
393
|
+
receipt_id: string;
|
|
394
|
+
issued_at: string;
|
|
395
|
+
intent_id: string;
|
|
396
|
+
tenant_id: string;
|
|
397
|
+
verifier_id: string;
|
|
398
|
+
transport_binding: ProtocolTransportBindingV1;
|
|
399
|
+
authorization_receipt_id: string;
|
|
400
|
+
mandate_digest_sha256_hex: string;
|
|
401
|
+
harbor_state: string;
|
|
402
|
+
predicate_passed?: boolean;
|
|
403
|
+
settlement_rail: string;
|
|
404
|
+
settlement_mode: string;
|
|
405
|
+
principal_did: string;
|
|
406
|
+
payee_did: string;
|
|
407
|
+
currency: string;
|
|
408
|
+
amount_cents: number;
|
|
409
|
+
terminal_observed_at: string;
|
|
410
|
+
signing_algorithm: string;
|
|
411
|
+
message_digest_sha256_hex: string;
|
|
412
|
+
signing_public_key_ed25519_hex: string;
|
|
413
|
+
ed25519_signature_hex: string;
|
|
414
|
+
};
|
|
415
|
+
export type ImportAgentMandateV1Result = {
|
|
416
|
+
valid: boolean;
|
|
417
|
+
intent_id: string;
|
|
418
|
+
mandate_digest_sha256_hex: string;
|
|
419
|
+
mandate: AgentMandateV1;
|
|
420
|
+
authorization_receipt: ProtocolAuthorizationReceiptV1;
|
|
421
|
+
};
|
|
422
|
+
export type VerifyProtocolReceiptV1Result = {
|
|
423
|
+
valid: boolean;
|
|
424
|
+
kind: string;
|
|
425
|
+
receipt_id: string;
|
|
426
|
+
tenant_id: string;
|
|
427
|
+
receipt: ProtocolAuthorizationReceiptV1 | ProtocolSettlementReceiptV1 | Record<string, unknown>;
|
|
428
|
+
};
|
|
429
|
+
export declare class A2AHttpError extends Error {
|
|
430
|
+
readonly statusCode: number;
|
|
431
|
+
readonly url: string;
|
|
432
|
+
readonly bodyText: string;
|
|
433
|
+
constructor(message: string, init: {
|
|
434
|
+
statusCode: number;
|
|
435
|
+
url: string;
|
|
436
|
+
bodyText: string;
|
|
437
|
+
});
|
|
438
|
+
}
|
|
439
|
+
export declare class ProtocolHttpError extends Error {
|
|
440
|
+
readonly statusCode: number;
|
|
441
|
+
readonly url: string;
|
|
442
|
+
readonly bodyText: string;
|
|
443
|
+
readonly errorCode?: string;
|
|
444
|
+
readonly errorMessage?: string;
|
|
445
|
+
constructor(message: string, init: {
|
|
446
|
+
statusCode: number;
|
|
447
|
+
url: string;
|
|
448
|
+
bodyText: string;
|
|
449
|
+
errorCode?: string;
|
|
450
|
+
errorMessage?: string;
|
|
451
|
+
});
|
|
452
|
+
}
|
|
60
453
|
/**
|
|
61
454
|
* Exchanges a `paybond_sk_` API key for short-lived Harbor JWTs and caches tenant realm from the
|
|
62
455
|
* gateway response (no separate tenant env var for the default path).
|
|
@@ -172,6 +565,21 @@ export declare class HarborClient {
|
|
|
172
565
|
createIntent(body: Record<string, unknown>, options?: {
|
|
173
566
|
idempotencyKey?: string;
|
|
174
567
|
}): Promise<Record<string, unknown>>;
|
|
568
|
+
/**
|
|
569
|
+
* POST `/intents/{intentId}/fund` for x402 / USDC-on-Base funding.
|
|
570
|
+
*
|
|
571
|
+
* Harbor returns:
|
|
572
|
+
* - `402` with `paymentRequired` details when a facilitator or wallet must sign
|
|
573
|
+
* - `202` while authorization is pending
|
|
574
|
+
* - `200` once the intent is funded and any capability token is available
|
|
575
|
+
*
|
|
576
|
+
* @throws HarborHttpError for non-funding HTTP errors
|
|
577
|
+
* @throws Error when Harbor echoes a different tenant or intent than requested
|
|
578
|
+
*/
|
|
579
|
+
fundIntent(intentId: string, options?: {
|
|
580
|
+
paymentSignature?: string;
|
|
581
|
+
idempotencyKey?: string;
|
|
582
|
+
}): Promise<FundIntentResult>;
|
|
175
583
|
/**
|
|
176
584
|
* POST `/intents/{intentId}/evidence` with a signed evidence JSON body.
|
|
177
585
|
*
|
|
@@ -220,11 +628,73 @@ export declare class GatewaySignalClient {
|
|
|
220
628
|
private fetchGetWithRetries;
|
|
221
629
|
private assertTenant;
|
|
222
630
|
private scoreQuery;
|
|
223
|
-
getReputationReceipt(operatorDid: string, scoreVersion?: string): Promise<
|
|
224
|
-
getPortfolioSummary(scoreVersion?: string): Promise<
|
|
631
|
+
getReputationReceipt(operatorDid: string, scoreVersion?: string): Promise<SignalReceiptEnvelope | null>;
|
|
632
|
+
getPortfolioSummary(scoreVersion?: string): Promise<SignalPortfolioSummary>;
|
|
633
|
+
getSignedPortfolioArtifact(scoreVersion?: string): Promise<SignalSignedPortfolioArtifact>;
|
|
225
634
|
getOperatorExplanation(operatorDid: string, scoreVersion?: string): Promise<Record<string, unknown> | null>;
|
|
226
635
|
getOperatorReviewStatus(operatorDid: string, scoreVersion?: string): Promise<Record<string, unknown> | null>;
|
|
227
636
|
}
|
|
637
|
+
type GatewayA2AClientOptions = {
|
|
638
|
+
staticGatewayBearerToken?: string;
|
|
639
|
+
maxRetries?: number;
|
|
640
|
+
};
|
|
641
|
+
/**
|
|
642
|
+
* Public or optionally authenticated reader for the gateway's A2A discovery surface.
|
|
643
|
+
*/
|
|
644
|
+
export declare class GatewayA2AClient {
|
|
645
|
+
private readonly base;
|
|
646
|
+
private readonly bearerToken?;
|
|
647
|
+
private readonly maxRetries;
|
|
648
|
+
constructor(gatewayBaseUrl: string, options?: GatewayA2AClientOptions);
|
|
649
|
+
private fetchGetWithRetries;
|
|
650
|
+
getAgentCard(): Promise<A2AAgentCard>;
|
|
651
|
+
getTaskContracts(): Promise<A2ATaskContractCatalogV1>;
|
|
652
|
+
getTaskContract(contractId: string): Promise<A2ASettlementTaskContractV1>;
|
|
653
|
+
}
|
|
654
|
+
export declare class GatewayProtocolClient {
|
|
655
|
+
readonly tenantId: string;
|
|
656
|
+
private readonly base;
|
|
657
|
+
private readonly staticGatewayBearerToken;
|
|
658
|
+
private readonly maxRetries;
|
|
659
|
+
constructor(gatewayBaseUrl: string, tenantId: string, init?: {
|
|
660
|
+
staticGatewayBearerToken?: string;
|
|
661
|
+
maxRetries?: number;
|
|
662
|
+
});
|
|
663
|
+
private fetchWithRetries;
|
|
664
|
+
private headers;
|
|
665
|
+
private postJSON;
|
|
666
|
+
importAgentMandateV1(init: {
|
|
667
|
+
signedMandate: SignedAgentMandateV1;
|
|
668
|
+
intentId: string;
|
|
669
|
+
transportBinding?: ProtocolTransportBindingV1;
|
|
670
|
+
recognitionProof: AgentRecognitionProofV1 | Record<string, unknown>;
|
|
671
|
+
}): Promise<ImportAgentMandateV1Result>;
|
|
672
|
+
getSettlementReceiptV1(receiptId: string): Promise<ProtocolSettlementReceiptV1>;
|
|
673
|
+
verifyProtocolReceiptV1(receipt: ProtocolAuthorizationReceiptV1 | ProtocolSettlementReceiptV1 | Record<string, unknown>): Promise<VerifyProtocolReceiptV1Result>;
|
|
674
|
+
createHarborIntent(init: {
|
|
675
|
+
body: Record<string, unknown>;
|
|
676
|
+
recognitionProof: AgentRecognitionProofV1 | Record<string, unknown>;
|
|
677
|
+
idempotencyKey?: string;
|
|
678
|
+
}): Promise<Record<string, unknown>>;
|
|
679
|
+
fundHarborIntent(init: {
|
|
680
|
+
intentId: string;
|
|
681
|
+
recognitionProof: AgentRecognitionProofV1 | Record<string, unknown>;
|
|
682
|
+
paymentSignature?: string;
|
|
683
|
+
idempotencyKey?: string;
|
|
684
|
+
}): Promise<Record<string, unknown>>;
|
|
685
|
+
submitHarborEvidence(init: {
|
|
686
|
+
intentId: string;
|
|
687
|
+
body: Record<string, unknown>;
|
|
688
|
+
recognitionProof: AgentRecognitionProofV1 | Record<string, unknown>;
|
|
689
|
+
idempotencyKey?: string;
|
|
690
|
+
}): Promise<Record<string, unknown>>;
|
|
691
|
+
confirmHarborSettlement(init: {
|
|
692
|
+
intentId: string;
|
|
693
|
+
body: Record<string, unknown>;
|
|
694
|
+
recognitionProof: AgentRecognitionProofV1 | Record<string, unknown>;
|
|
695
|
+
idempotencyKey?: string;
|
|
696
|
+
}): Promise<Record<string, unknown>>;
|
|
697
|
+
}
|
|
228
698
|
export type ServiceAccountSignalSessionInit = {
|
|
229
699
|
gatewayBaseUrl: string;
|
|
230
700
|
apiKey: string;
|
|
@@ -240,24 +710,37 @@ export declare class ServiceAccountSignalSession {
|
|
|
240
710
|
static open(init: ServiceAccountSignalSessionInit): Promise<ServiceAccountSignalSession>;
|
|
241
711
|
aclose(): Promise<void>;
|
|
242
712
|
}
|
|
243
|
-
/**
|
|
713
|
+
/**
|
|
714
|
+
* Parameters for {@link PaybondIntents.create} (tenant is taken from the bound Harbor client).
|
|
715
|
+
* `settlementRail`, when set, requests one allowed rail; Harbor still resolves the destination
|
|
716
|
+
* from tenant-owned settlement config.
|
|
717
|
+
*/
|
|
244
718
|
export type PaybondCreateIntentParams = Omit<BuildSignedCreateIntentParams, "tenantId" | "intentId"> & {
|
|
245
719
|
intentId?: string;
|
|
246
720
|
};
|
|
247
721
|
/** Parameters for {@link PaybondIntents.submitEvidence} (tenant is taken from the bound Harbor client). */
|
|
248
722
|
export type PaybondSubmitEvidenceParams = Omit<SignPayeeEvidenceParams, "tenantId">;
|
|
249
723
|
/**
|
|
250
|
-
* Ergonomic intent helpers: principal-signed intent create and payee-signed evidence.
|
|
724
|
+
* Ergonomic intent helpers: principal-signed intent create, x402 funding, and payee-signed evidence.
|
|
251
725
|
*/
|
|
252
726
|
export declare class PaybondIntents {
|
|
253
727
|
private readonly harbor;
|
|
254
728
|
constructor(harbor: HarborClient);
|
|
255
729
|
/**
|
|
256
|
-
* Build a principal-signed `POST /intents` body and submit it. `principalSigningSeed` must be
|
|
730
|
+
* Build a principal-signed `POST /intents` body and submit it. `principalSigningSeed` must be
|
|
731
|
+
* 32 bytes. `settlementRail` only requests an allowed rail; destinations stay server-owned.
|
|
257
732
|
*/
|
|
258
733
|
create(params: PaybondCreateIntentParams & {
|
|
259
734
|
idempotencyKey?: string;
|
|
260
735
|
}): Promise<Record<string, unknown>>;
|
|
736
|
+
/**
|
|
737
|
+
* Advance Harbor `/intents/{id}/fund` for x402 / USDC-on-Base intents.
|
|
738
|
+
*/
|
|
739
|
+
fund(params: {
|
|
740
|
+
intentId: string;
|
|
741
|
+
paymentSignature?: string;
|
|
742
|
+
idempotencyKey?: string;
|
|
743
|
+
}): Promise<FundIntentResult>;
|
|
261
744
|
/**
|
|
262
745
|
* Sign payee evidence and POST it. `payeeSigningSeed` must be 32 bytes.
|
|
263
746
|
*/
|
|
@@ -271,6 +754,8 @@ export declare class PaybondIntents {
|
|
|
271
754
|
export declare class Paybond {
|
|
272
755
|
readonly harbor: HarborClient;
|
|
273
756
|
readonly signal: GatewaySignalClient;
|
|
757
|
+
readonly a2a: GatewayA2AClient;
|
|
758
|
+
readonly protocol: GatewayProtocolClient;
|
|
274
759
|
readonly intents: PaybondIntents;
|
|
275
760
|
private readonly session;
|
|
276
761
|
private constructor();
|
|
@@ -281,5 +766,5 @@ export declare class Paybond {
|
|
|
281
766
|
aclose(): Promise<void>;
|
|
282
767
|
}
|
|
283
768
|
export { normalizeJson, jsonValueDigest } from "./json-digest.js";
|
|
284
|
-
export { buildSignedCreateIntentBody, intentCreationSignBytesRaw, type BuildSignedCreateIntentParams, } from "./principal-intent.js";
|
|
769
|
+
export { buildSignedCreateIntentBody, intentCreationSignBytesRaw, type BuildSignedCreateIntentParams, type SettlementRail, } from "./principal-intent.js";
|
|
285
770
|
export { artifactsDigest, signPayeeEvidenceBinding, type SignPayeeEvidenceParams } from "./payee-evidence.js";
|