@powerhousedao/switchboard 6.1.0-staging.0 → 6.1.0

package/dist/server.mjs

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
-import { n as startSwitchboard, r as applySwitchboardReactorDefaults, t as isPortAvailable } from "./server-bMFA4VKj.mjs";
-import "./utils-BVNg1DRI.mjs";
-export { applySwitchboardReactorDefaults, isPortAvailable, startSwitchboard };
-!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="bc45ef41-a766-58da-8c6a-e6dd9d6d0010")}catch(e){}}();
-//# debugId=bc45ef41-a766-58da-8c6a-e6dd9d6d0010
+import { i as applySwitchboardReactorDefaults, n as isPortAvailable, r as startSwitchboard, t as deriveAttachmentServiceConfig } from "./server-CdgQ8Mhi.mjs";
+import "./utils-Baw7rThP.mjs";
+export { applySwitchboardReactorDefaults, deriveAttachmentServiceConfig, isPortAvailable, startSwitchboard };
+!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="4dadbdeb-65f4-5a9c-a028-770910fc26e8")}catch(e){}}();
+//# debugId=4dadbdeb-65f4-5a9c-a028-770910fc26e8

package/dist/{utils-BVNg1DRI.mjs → utils-Baw7rThP.mjs}

@@ -1,8 +1,7 @@
 
-!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="62094c88-5d64-5b09-a31f-23862e9c8977")}catch(e){}}();
+!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="686dcce6-c280-5558-89dd-a18a7e514cdf")}catch(e){}}();
 import { reactorDriveCreateDocument, reactorDriveCreateState } from "@powerhousedao/reactor-drive";
 import { driveCreateDocument, driveCreateState } from "@powerhousedao/shared/document-drive";
-import "@powerhousedao/shared/document-model";
 //#region src/utils.mts
 async function addDefaultDrive(client, drive, serverPort) {
 	let driveId = drive.id;
@@ -77,5 +76,5 @@ function isPostgresUrl(url) {
 //#endregion
 export { addDefaultReactorDrive as n, isPostgresUrl as r, addDefaultDrive as t };
 
-//# sourceMappingURL=utils-BVNg1DRI.mjs.map
-//# debugId=62094c88-5d64-5b09-a31f-23862e9c8977
+//# sourceMappingURL=utils-Baw7rThP.mjs.map
+//# debugId=686dcce6-c280-5558-89dd-a18a7e514cdf

package/dist/utils-Baw7rThP.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils-Baw7rThP.mjs","sources":["../src/utils.mts"],"sourcesContent":["import type { IReactorClient } from \"@powerhousedao/reactor\";\nimport {\n  reactorDriveCreateDocument,\n  reactorDriveCreateState,\n} from \"@powerhousedao/reactor-drive\";\nimport {\n  driveCreateDocument,\n  driveCreateState,\n} from \"@powerhousedao/shared/document-drive\";\nimport type { DriveInput } from \"@powerhousedao/shared/document-drive\";\n\nexport async function addDefaultDrive(\n  client: IReactorClient,\n  drive: DriveInput,\n  serverPort: number,\n) {\n  let driveId = drive.id;\n  if (!driveId || driveId.length === 0) {\n    driveId = drive.slug;\n  }\n\n  if (!driveId || driveId.length === 0) {\n    throw new Error(\"Invalid Drive Id\");\n  }\n\n  // check if the drive already exists\n  let existingDrive;\n  try {\n    existingDrive = await client.get(driveId);\n  } catch {\n    //\n  }\n\n  // already exists, return the existing drive url\n  if (existingDrive) {\n    return `http://localhost:${serverPort}/d/${driveId}`;\n  }\n\n  const { global } = driveCreateState();\n  const document = driveCreateDocument({\n    global: {\n      ...global,\n      name: drive.global.name,\n      icon: drive.global.icon ?? global.icon,\n    },\n    local: {\n      availableOffline: drive.local?.availableOffline ?? false,\n      sharingType: drive.local?.sharingType ?? \"public\",\n      listeners: drive.local?.listeners ?? [],\n      triggers: drive.local?.triggers ?? [],\n    },\n  });\n\n  if (drive.id && drive.id.length > 0) {\n    document.header.id = drive.id;\n  }\n  if (drive.slug && drive.slug.length > 0) {\n    document.header.slug = drive.slug;\n  }\n  if (drive.global.name) {\n    document.header.name = drive.global.name;\n  }\n  if (drive.preferredEditor) {\n    document.header.meta = { preferredEditor: drive.preferredEditor };\n  }\n\n  try {\n    await client.create(document);\n  } catch (e) {\n    const errorMessage = e instanceof Error ? e.message : String(e);\n    if (!errorMessage.includes(\"already exists\")) {\n      throw e;\n    }\n  }\n\n  return `http://localhost:${serverPort}/d/${driveId}`;\n}\n\nexport async function addDefaultReactorDrive(\n  client: IReactorClient,\n  drive: DriveInput,\n  serverPort: number,\n) {\n  let driveId = drive.id;\n  if (!driveId || driveId.length === 0) {\n    driveId = drive.slug;\n  }\n\n  if (!driveId || driveId.length === 0) {\n    throw new Error(\"Invalid Drive Id\");\n  }\n\n  let existingDrive;\n  try {\n    existingDrive = await client.get(driveId);\n  } catch {\n    //\n  }\n\n  if (existingDrive) {\n    return `http://localhost:${serverPort}/d/${driveId}`;\n  }\n\n  const { global, local } = reactorDriveCreateState();\n  const document = reactorDriveCreateDocument({\n    global: {\n      ...global,\n      name: drive.global.name,\n      icon: drive.global.icon ?? global.icon,\n    },\n    local: {\n      ...local,\n      availableOffline: drive.local?.availableOffline ?? local.availableOffline,\n      sharingType: drive.local?.sharingType ?? local.sharingType,\n    },\n  });\n\n  if (drive.id && drive.id.length > 0) {\n    document.header.id = drive.id;\n  }\n  if (drive.slug && drive.slug.length > 0) {\n    document.header.slug = drive.slug;\n  }\n  if (drive.global.name) {\n    document.header.name = drive.global.name;\n  }\n  if (drive.preferredEditor) {\n    document.header.meta = { preferredEditor: drive.preferredEditor };\n  }\n\n  try {\n    await client.create(document);\n  } catch (e) {\n    const errorMessage = e instanceof Error ? e.message : String(e);\n    if (!errorMessage.includes(\"already exists\")) {\n      throw e;\n    }\n  }\n\n  return `http://localhost:${serverPort}/d/${driveId}`;\n}\n\nexport function isPostgresUrl(url: string) {\n  return url.startsWith(\"postgresql\") || url.startsWith(\"postgres\");\n}\n"],"names":[],"mappings":";;;;;AAWA,eAAsB,gBACpB,QACA,OACA,YACA;CACA,IAAI,UAAU,MAAM;AACpB,KAAI,CAAC,WAAW,QAAQ,WAAW,EACjC,WAAU,MAAM;AAGlB,KAAI,CAAC,WAAW,QAAQ,WAAW,EACjC,OAAM,IAAI,MAAM,mBAAmB;CAIrC,IAAI;AACJ,KAAI;AACF,kBAAgB,MAAM,OAAO,IAAI,QAAQ;SACnC;AAKR,KAAI,cACF,QAAO,oBAAoB,WAAW,KAAK;CAG7C,MAAM,EAAE,WAAW,kBAAkB;CACrC,MAAM,WAAW,oBAAoB;EACnC,QAAQ;GACN,GAAG;GACH,MAAM,MAAM,OAAO;GACnB,MAAM,MAAM,OAAO,QAAQ,OAAO;GACnC;EACD,OAAO;GACL,kBAAkB,MAAM,OAAO,oBAAoB;GACnD,aAAa,MAAM,OAAO,eAAe;GACzC,WAAW,MAAM,OAAO,aAAa,EAAE;GACvC,UAAU,MAAM,OAAO,YAAY,EAAE;GACtC;EACF,CAAC;AAEF,KAAI,MAAM,MAAM,MAAM,GAAG,SAAS,EAChC,UAAS,OAAO,KAAK,MAAM;AAE7B,KAAI,MAAM,QAAQ,MAAM,KAAK,SAAS,EACpC,UAAS,OAAO,OAAO,MAAM;AAE/B,KAAI,MAAM,OAAO,KACf,UAAS,OAAO,OAAO,MAAM,OAAO;AAEtC,KAAI,MAAM,gBACR,UAAS,OAAO,OAAO,EAAE,iBAAiB,MAAM,iBAAiB;AAGnE,KAAI;AACF,QAAM,OAAO,OAAO,SAAS;UACtB,GAAG;AAEV,MAAI,EADiB,aAAa,QAAQ,EAAE,UAAU,OAAO,EAAE,EAC7C,SAAS,iBAAiB,CAC1C,OAAM;;AAIV,QAAO,oBAAoB,WAAW,KAAK;;AAG7C,eAAsB,uBACpB,QACA,OACA,YACA;CACA,IAAI,UAAU,MAAM;AACpB,KAAI,CAAC,WAAW,QAAQ,WAAW,EACjC,WAAU,MAAM;AAGlB,KAAI,CAAC,WAAW,QAAQ,WAAW,EACjC,OAAM,IAAI,MAAM,mBAAmB;CAGrC,IAAI;AACJ,KAAI;AACF,kBAAgB,MAAM,OAAO,IAAI,QAAQ;SACnC;AAIR,KAAI,cACF,QAAO,oBAAoB,WAAW,KAAK;CAG7C,MAAM,EAAE,QAAQ,UAAU,yBAAyB;CACnD,MAAM,WAAW,2BAA2B;EAC1C,QAAQ;GACN,GAAG;GACH,MAAM,MAAM,OAAO;GACnB,MAAM,MAAM,OAAO,QAAQ,OAAO;GACnC;EACD,OAAO;GACL,GAAG;GACH,kBAAkB,MAAM,OAAO,oBAAoB,MAAM;GACzD,aAAa,MAAM,OAAO,eAAe,MAAM;GAChD;EACF,CAAC;AAEF,KAAI,MAAM,MAAM,MAAM,GAAG,SAAS,EAChC,UAAS,OAAO,KAAK,MAAM;AAE7B,KAAI,MAAM,QAAQ,MAAM,KAAK,SAAS,EACpC,UAAS,OAAO,OAAO,MAAM;AAE/B,KAAI,MAAM,OAAO,KACf,UAAS,OAAO,OAAO,MAAM,OAAO;AAEtC,KAAI,MAAM,gBACR,UAAS,OAAO,OAAO,EAAE,iBAAiB,MAAM,iBAAiB;AAGnE,KAAI;AACF,QAAM,OAAO,OAAO,SAAS;UACtB,GAAG;AAEV,MAAI,EADiB,aAAa,QAAQ,EAAE,UAAU,OAAO,EAAE,EAC7C,SAAS,iBAAiB,CAC1C,OAAM;;AAIV,QAAO,oBAAoB,WAAW,KAAK;;AAG7C,SAAgB,cAAc,KAAa;AACzC,QAAO,IAAI,WAAW,aAAa,IAAI,IAAI,WAAW,WAAW","debug_id":"686dcce6-c280-5558-89dd-a18a7e514cdf"}

package/dist/utils.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.mts","names":[],"sources":["../src/utils.mts"],"mappings":";;;;iBAasB,eAAA,CACpB,MAAA,EAAQ,cAAA,EACR,KAAA,EAAO,UAAA,EACP,UAAA,WAAkB,OAAA;AAAA,iBAgEE,sBAAA,CACpB,MAAA,EAAQ,cAAA,EACR,KAAA,EAAO,UAAA,EACP,UAAA,WAAkB,OAAA;AAAA,iBA6DJ,aAAA,CAAc,GAAA"}
+{"version":3,"file":"utils.d.mts","names":[],"sources":["../src/utils.mts"],"mappings":";;;;iBAWsB,eAAA,CACpB,MAAA,EAAQ,cAAA,EACR,KAAA,EAAO,UAAA,EACP,UAAA,WAAkB,OAAA;AAAA,iBAgEE,sBAAA,CACpB,MAAA,EAAQ,cAAA,EACR,KAAA,EAAO,UAAA,EACP,UAAA,WAAkB,OAAA;AAAA,iBA6DJ,aAAA,CAAc,GAAA"}

package/dist/utils.mjs

@@ -1,4 +1,4 @@
-import { n as addDefaultReactorDrive, r as isPostgresUrl, t as addDefaultDrive } from "./utils-BVNg1DRI.mjs";
+import { n as addDefaultReactorDrive, r as isPostgresUrl, t as addDefaultDrive } from "./utils-Baw7rThP.mjs";
 export { addDefaultDrive, addDefaultReactorDrive, isPostgresUrl };
-!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="d3cbfa9b-aa13-5d02-b8eb-918b66a4c4e2")}catch(e){}}();
-//# debugId=d3cbfa9b-aa13-5d02-b8eb-918b66a4c4e2
+!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="8227e60f-e412-513a-b0cb-502740b7f818")}catch(e){}}();
+//# debugId=8227e60f-e412-513a-b0cb-502740b7f818

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@powerhousedao/switchboard",
   "type": "module",
-  "version": "6.1.0-staging.0",
+  "version": "6.1.0",
   "main": "dist/index.mjs",
   "exports": {
     ".": {
@@ -42,37 +42,37 @@
     "@openfeature/env-var-provider": "0.3.1",
     "@openfeature/server-sdk": "1.19.0",
     "@opentelemetry/api": "^1.9.0",
-    "@opentelemetry/exporter-metrics-otlp-http": "^0.57.2",
-    "@opentelemetry/exporter-trace-otlp-http": "^0.57.2",
-    "@opentelemetry/instrumentation-express": "^0.48.0",
-    "@opentelemetry/instrumentation-graphql": "^0.48.0",
-    "@opentelemetry/instrumentation-http": "^0.200.0",
-    "@opentelemetry/instrumentation-pg": "^0.52.0",
-    "@opentelemetry/resources": "^1.29.0",
-    "@opentelemetry/sdk-metrics": "^1.29.0",
-    "@opentelemetry/sdk-node": "^0.57.2",
-    "@opentelemetry/sdk-trace-base": "^1.29.0",
-    "@opentelemetry/semantic-conventions": "^1.29.0",
+    "@opentelemetry/exporter-metrics-otlp-http": "^0.218.0",
+    "@opentelemetry/exporter-trace-otlp-http": "^0.218.0",
+    "@opentelemetry/instrumentation-express": "^0.66.0",
+    "@opentelemetry/instrumentation-graphql": "^0.66.0",
+    "@opentelemetry/instrumentation-http": "^0.218.0",
+    "@opentelemetry/instrumentation-pg": "^0.70.0",
+    "@opentelemetry/resources": "^2.7.1",
+    "@opentelemetry/sdk-metrics": "^2.7.1",
+    "@opentelemetry/sdk-node": "^0.218.0",
+    "@opentelemetry/sdk-trace-base": "^2.7.1",
+    "@opentelemetry/semantic-conventions": "^1.41.1",
     "@pyroscope/nodejs": "^0.4.5",
-    "@sentry/node": "^9.6.1",
-    "@sentry/opentelemetry": "^9.6.1",
+    "@sentry/node": "^10.52.0",
+    "@sentry/opentelemetry": "^10.52.0",
     "dotenv": "^16.4.7",
     "express": "^4.21.2",
     "kysely": "0.28.16",
     "kysely-pglite-dialect": "1.2.0",
     "pg": "8.18.0",
     "vite": "8.0.8",
-    "@powerhousedao/config": "6.1.0-staging.0",
-    "@powerhousedao/opentelemetry-instrumentation-reactor": "6.1.0-staging.0",
-    "@powerhousedao/reactor": "6.1.0-staging.0",
-    "@powerhousedao/vetra": "6.1.0-staging.0",
-    "@powerhousedao/shared": "6.1.0-staging.0",
-    "@powerhousedao/reactor-attachments": "6.1.0-staging.0",
-    "@powerhousedao/reactor-api": "6.1.0-staging.0",
-    "@powerhousedao/reactor-drive": "6.1.0-staging.0",
-    "@powerhousedao/pglite-fs": "6.1.0-staging.0",
-    "@renown/sdk": "6.1.0-staging.0",
-    "document-model": "6.1.0-staging.0"
+    "@powerhousedao/config": "6.1.0",
+    "@powerhousedao/reactor": "6.1.0",
+    "@powerhousedao/opentelemetry-instrumentation-reactor": "6.1.0",
+    "@powerhousedao/vetra": "6.1.0",
+    "@powerhousedao/shared": "6.1.0",
+    "@powerhousedao/reactor-api": "6.1.0",
+    "@powerhousedao/reactor-attachments": "6.1.0",
+    "@renown/sdk": "6.1.0",
+    "@powerhousedao/reactor-drive": "6.1.0",
+    "document-model": "6.1.0",
+    "@powerhousedao/pglite-fs": "6.1.0"
   },
   "devDependencies": {
     "@types/express": "^4.17.25",

package/test/attachments/auth.test.ts

@@ -60,7 +60,7 @@ function makeAuthService(
 }
 
 describe("requireAuth", () => {
-  it("returns the original handler unchanged when authService is undefined", async () => {
+  it("returns the original handler unchanged when authService is undefined", () => {
     const handler: NodeHandler = vi.fn();
     const wrapped = requireAuth(undefined, handler);
     expect(wrapped).toBe(handler);
@@ -77,11 +77,13 @@ describe("requireAuth", () => {
   });
 
   it("returns 401 with { error: 'Authentication required' } when Authorization header is missing", async () => {
-    const { service, spy } = makeAuthService(async () => ({
-      user: undefined,
-      admins: [],
-      auth_enabled: true,
-    }));
+    const { service, spy } = makeAuthService(() =>
+      Promise.resolve({
+        user: undefined,
+        admins: [],
+        auth_enabled: true,
+      }),
+    );
     const handler = vi.fn<NodeHandler>();
     const wrapped = requireAuth(service, handler);
 
@@ -96,12 +98,13 @@ describe("requireAuth", () => {
   });
 
   it("forwards a Response from AuthService (status, content-type, body) for an invalid bearer token", async () => {
-    const { service } = makeAuthService(
-      async () =>
+    const { service } = makeAuthService(() =>
+      Promise.resolve(
         new Response(JSON.stringify({ error: "Verification failed" }), {
           status: 401,
           headers: { "content-type": "application/json" },
         }),
+      ),
     );
     const handler = vi.fn<NodeHandler>();
     const wrapped = requireAuth(service, handler);
@@ -119,12 +122,13 @@ describe("requireAuth", () => {
   });
 
   it("forwards a Response with a non-JSON content-type verbatim", async () => {
-    const { service } = makeAuthService(
-      async () =>
+    const { service } = makeAuthService(() =>
+      Promise.resolve(
         new Response("nope", {
           status: 403,
           headers: { "content-type": "text/plain" },
         }),
+      ),
     );
     const handler = vi.fn<NodeHandler>();
     const wrapped = requireAuth(service, handler);
@@ -142,11 +146,13 @@ describe("requireAuth", () => {
   });
 
   it("invokes the handler and leaves the response untouched on a valid bearer token", async () => {
-    const { service } = makeAuthService(async () => ({
-      user: { address: "0x123", chainId: 1, networkId: "mainnet" },
-      admins: [],
-      auth_enabled: true,
-    }));
+    const { service } = makeAuthService(() =>
+      Promise.resolve({
+        user: { address: "0x123", chainId: 1, networkId: "mainnet" },
+        admins: [],
+        auth_enabled: true,
+      }),
+    );
     const handler = vi.fn<NodeHandler>();
     const wrapped = requireAuth(service, handler);
 
@@ -166,6 +172,7 @@ describe("requireAuth", () => {
 
   it("returns 500 with a sanitized body when AuthService throws", async () => {
     const { service } = makeAuthService(async () => {
+      await Promise.resolve();
       throw new Error("transient Renown failure: secret-internal-detail");
     });
     const handler = vi.fn<NodeHandler>();
@@ -187,11 +194,13 @@ describe("requireAuth", () => {
   });
 
   it("calls authService.verifyBearer with the incoming authorization header", async () => {
-    const { service, spy } = makeAuthService(async () => ({
-      user: { address: "0x1", chainId: 1, networkId: "mainnet" },
-      admins: [],
-      auth_enabled: true,
-    }));
+    const { service, spy } = makeAuthService(() =>
+      Promise.resolve({
+        user: { address: "0x1", chainId: 1, networkId: "mainnet" },
+        admins: [],
+        auth_enabled: true,
+      }),
+    );
     const wrapped = requireAuth(service, vi.fn());
 
     await wrapped(
@@ -204,11 +213,13 @@ describe("requireAuth", () => {
   });
 
   it("calls verifyBearer with undefined when no authorization header is present", async () => {
-    const { service, spy } = makeAuthService(async () => ({
-      user: undefined,
-      admins: [],
-      auth_enabled: true,
-    }));
+    const { service, spy } = makeAuthService(() =>
+      Promise.resolve({
+        user: undefined,
+        admins: [],
+        auth_enabled: true,
+      }),
+    );
     const wrapped = requireAuth(service, vi.fn());
 
     await wrapped(makeReq({ headers: {} }), makeRes());

package/test/attachments/index.test.ts

@@ -61,11 +61,13 @@ function makeRes() {
 
 describe("mountAuthenticatedNodeRoute", () => {
   it("wraps the handler with auth enforcement when authService is defined", async () => {
-    const verifyBearer = vi.fn(async () => ({
-      user: undefined,
-      admins: [],
-      auth_enabled: true,
-    }));
+    const verifyBearer = vi.fn(() =>
+      Promise.resolve({
+        user: undefined,
+        admins: [],
+        auth_enabled: true,
+      }),
+    );
     const authService = { verifyBearer } as unknown as AuthService;
     const { api, captured } = makeFakeApi(authService);
     const inner = vi.fn();
@@ -88,11 +90,13 @@ describe("mountAuthenticatedNodeRoute", () => {
   });
 
   it("invokes the inner handler when verifyBearer returns a valid user", async () => {
-    const verifyBearer = vi.fn(async () => ({
-      user: { address: "0x1", chainId: 1, networkId: "mainnet" },
-      admins: [],
-      auth_enabled: true,
-    }));
+    const verifyBearer = vi.fn(() =>
+      Promise.resolve({
+        user: { address: "0x1", chainId: 1, networkId: "mainnet" },
+        admins: [],
+        auth_enabled: true,
+      }),
+    );
     const authService = { verifyBearer } as unknown as AuthService;
     const { api, captured } = makeFakeApi(authService);
     const inner = vi.fn();

package/test/attachments/service-config.test.ts

@@ -0,0 +1,170 @@
+import { PGlite } from "@electric-sql/pglite";
+import type { API } from "@powerhousedao/reactor-api";
+import { createHttpAdapter } from "@powerhousedao/reactor-api";
+import {
+  AttachmentBuilder,
+  type AttachmentBuildResult,
+  createRemoteAttachmentService,
+} from "@powerhousedao/reactor-attachments";
+import type { IRenown } from "@renown/sdk/node";
+import { Kysely } from "kysely";
+import { PGliteDialect } from "kysely-pglite-dialect";
+import { mkdtemp, rm } from "node:fs/promises";
+import type { Server } from "node:http";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { afterAll, afterEach, beforeAll, describe, expect, it } from "vitest";
+import { registerAttachmentRoutes } from "../../src/attachments/index.js";
+import { deriveAttachmentServiceConfig } from "../../src/server.mjs";
+
+describe("deriveAttachmentServiceConfig", () => {
+  const ORIGINAL_PUBLIC_URL = process.env.PH_SWITCHBOARD_PUBLIC_URL;
+
+  afterEach(() => {
+    if (ORIGINAL_PUBLIC_URL === undefined) {
+      delete process.env.PH_SWITCHBOARD_PUBLIC_URL;
+    } else {
+      process.env.PH_SWITCHBOARD_PUBLIC_URL = ORIGINAL_PUBLIC_URL;
+    }
+  });
+
+  it("defaults to http://localhost:${port} with no auth when renown is null", () => {
+    delete process.env.PH_SWITCHBOARD_PUBLIC_URL;
+    const config = deriveAttachmentServiceConfig({}, 4001, null);
+    expect(config.remoteUrl).toBe("http://localhost:4001");
+    expect(config.jwtHandler).toBeUndefined();
+  });
+
+  it("uses https when options.https is set", () => {
+    delete process.env.PH_SWITCHBOARD_PUBLIC_URL;
+    const config = deriveAttachmentServiceConfig({ https: true }, 4443, null);
+    expect(config.remoteUrl).toBe("https://localhost:4443");
+  });
+
+  it("prefers PH_SWITCHBOARD_PUBLIC_URL over the localhost default", () => {
+    process.env.PH_SWITCHBOARD_PUBLIC_URL = "https://sb.example.com";
+    const config = deriveAttachmentServiceConfig({}, 4001, null);
+    expect(config.remoteUrl).toBe("https://sb.example.com");
+  });
+
+  it("prefers the explicit attachmentServiceUrl option above all else", () => {
+    process.env.PH_SWITCHBOARD_PUBLIC_URL = "https://sb.example.com";
+    const config = deriveAttachmentServiceConfig(
+      { attachmentServiceUrl: "https://override.example.com" },
+      4001,
+      null,
+    );
+    expect(config.remoteUrl).toBe("https://override.example.com");
+  });
+
+  it("builds a jwtHandler from renown that scopes the token to the request url", async () => {
+    const calls: Array<{ expiresIn: number; aud: string }> = [];
+    const renown = {
+      user: { address: "0xabc" },
+      getBearerToken: (opts: { expiresIn: number; aud: string }) => {
+        calls.push(opts);
+        return Promise.resolve("tok-for-" + opts.aud);
+      },
+    } as unknown as IRenown;
+
+    const { jwtHandler } = deriveAttachmentServiceConfig({}, 4001, renown);
+    expect(jwtHandler).toBeDefined();
+    const token = await jwtHandler!("http://localhost:4001/attachments/x");
+    expect(token).toBe("tok-for-http://localhost:4001/attachments/x");
+    expect(calls[0]).toEqual({
+      expiresIn: 10,
+      aud: "http://localhost:4001/attachments/x",
+    });
+  });
+
+  it("returns undefined token when renown has no user identity", async () => {
+    const renown = {
+      user: null,
+      getBearerToken: () => Promise.resolve("should-not-be-called"),
+    } as unknown as IRenown;
+
+    const { jwtHandler } = deriveAttachmentServiceConfig({}, 4001, renown);
+    expect(jwtHandler).toBeDefined();
+    await expect(
+      jwtHandler!("http://localhost:4001/x"),
+    ).resolves.toBeUndefined();
+  });
+});
+
+describe("attachment service built from deriveAttachmentServiceConfig round-trips", () => {
+  let attachments: AttachmentBuildResult;
+  let kysely: Kysely<unknown>;
+  let storagePath: string;
+  let server: Server;
+  let port: number;
+
+  beforeAll(async () => {
+    const pglite = new PGlite();
+    kysely = new Kysely<unknown>({ dialect: new PGliteDialect(pglite) });
+    storagePath = await mkdtemp(join(tmpdir(), "switchboard-attach-cfg-"));
+    attachments = await new AttachmentBuilder(kysely, storagePath).build();
+
+    const { adapter } = await createHttpAdapter("express");
+    adapter.setupMiddleware({});
+    registerAttachmentRoutes({
+      httpAdapter: adapter,
+      attachments,
+      authService: undefined,
+    } as unknown as API);
+
+    server = await adapter.listen(0);
+    const addr = server.address();
+    if (!addr || typeof addr === "string") throw new Error("no addr");
+    port = addr.port;
+  });
+
+  afterAll(async () => {
+    await new Promise<void>((resolve) => server.close(() => resolve()));
+    await kysely.destroy();
+    await rm(storagePath, { recursive: true, force: true });
+  });
+
+  it("reserve -> upload -> get works against the live routes", async () => {
+    const config = deriveAttachmentServiceConfig(
+      { attachmentServiceUrl: `http://127.0.0.1:${port}` },
+      port,
+      null,
+    );
+    const service = createRemoteAttachmentService(config);
+
+    const upload = await service.reserve({
+      mimeType: "text/plain",
+      fileName: "hello.txt",
+      extension: "txt",
+    });
+
+    const payload = "switchboard attachment service";
+    const bytes = new TextEncoder().encode(payload);
+    const stream = new ReadableStream<Uint8Array>({
+      start(controller) {
+        controller.enqueue(bytes);
+        controller.close();
+      },
+    });
+    const result = await upload.send(stream);
+    expect(result.header.sizeBytes).toBe(bytes.byteLength);
+
+    const got = await service.get(result.ref);
+    expect(got.header.mimeType).toBe("text/plain");
+    const reader = got.body.getReader();
+    const chunks: Uint8Array[] = [];
+    for (;;) {
+      const { done, value } = await reader.read();
+      if (done) break;
+      chunks.push(value);
+    }
+    const total = chunks.reduce((n, c) => n + c.byteLength, 0);
+    const merged = new Uint8Array(total);
+    let off = 0;
+    for (const c of chunks) {
+      merged.set(c, off);
+      off += c.byteLength;
+    }
+    expect(new TextDecoder().decode(merged)).toBe(payload);
+  });
+});