npm - @private.me/xbind - Versions diffs - 1.2.0 - Mend

@private.me/xbind 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (295) hide show

package/AGENTS.md +778 -0
package/LICENSE.md +27 -0
package/README.md +400 -0
package/dist-standalone/_deps/crypto/base64.d.ts +29 -0
package/dist-standalone/_deps/crypto/base64.js +97 -0
package/dist-standalone/_deps/crypto/cjs/base64.js +103 -0
package/dist-standalone/_deps/crypto/cjs/errors.js +119 -0
package/dist-standalone/_deps/crypto/cjs/hmac.js +71 -0
package/dist-standalone/_deps/crypto/cjs/index.js +86 -0
package/dist-standalone/_deps/crypto/cjs/padding.js +57 -0
package/dist-standalone/_deps/crypto/cjs/share-header.js +68 -0
package/dist-standalone/_deps/crypto/cjs/shares.js +152 -0
package/dist-standalone/_deps/crypto/cjs/tlv.js +199 -0
package/dist-standalone/_deps/crypto/cjs/uuid.js +61 -0
package/dist-standalone/_deps/crypto/cjs/verify.js +24 -0
package/dist-standalone/_deps/crypto/cjs/xorida.js +221 -0
package/dist-standalone/_deps/crypto/errors.d.ts +51 -0
package/dist-standalone/_deps/crypto/errors.js +109 -0
package/dist-standalone/_deps/crypto/hmac.d.ts +39 -0
package/dist-standalone/_deps/crypto/hmac.js +66 -0
package/dist-standalone/_deps/crypto/index.d.ts +20 -0
package/dist-standalone/_deps/crypto/index.js +45 -0
package/dist-standalone/_deps/crypto/padding.d.ts +19 -0
package/dist-standalone/_deps/crypto/padding.js +53 -0
package/dist-standalone/_deps/crypto/share-header.d.ts +44 -0
package/dist-standalone/_deps/crypto/share-header.js +63 -0
package/dist-standalone/_deps/crypto/shares.d.ts +27 -0
package/dist-standalone/_deps/crypto/shares.js +148 -0
package/dist-standalone/_deps/crypto/tlv.d.ts +26 -0
package/dist-standalone/_deps/crypto/tlv.js +195 -0
package/dist-standalone/_deps/crypto/uuid.d.ts +22 -0
package/dist-standalone/_deps/crypto/uuid.js +56 -0
package/dist-standalone/_deps/crypto/verify.d.ts +15 -0
package/dist-standalone/_deps/crypto/verify.js +15 -0
package/dist-standalone/_deps/crypto/xorida.d.ts +44 -0
package/dist-standalone/_deps/crypto/xorida.js +215 -0
package/dist-standalone/_deps/mldsa-wasm/LICENSE +24 -0
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1920 -0
package/dist-standalone/_deps/mldsa-wasm/package.json +46 -0
package/dist-standalone/_deps/mldsa-wasm/types/mldsa.d.ts +30 -0
package/dist-standalone/_deps/shared/cjs/errors.js +582 -0
package/dist-standalone/_deps/shared/cjs/index.js +492 -0
package/dist-standalone/_deps/shared/cjs/package.json +1 -0
package/dist-standalone/_deps/shared/cjs/types.js +403 -0
package/dist-standalone/_deps/shared/errors.d.ts +48 -0
package/dist-standalone/_deps/shared/errors.d.ts.map +1 -0
package/dist-standalone/_deps/shared/errors.js +192 -0
package/dist-standalone/_deps/shared/errors.js.map +1 -0
package/dist-standalone/_deps/shared/index.d.ts +4 -0
package/dist-standalone/_deps/shared/index.d.ts.map +1 -0
package/dist-standalone/_deps/shared/index.js +78 -0
package/dist-standalone/_deps/shared/index.js.map +1 -0
package/dist-standalone/_deps/shared/types.d.ts +1097 -0
package/dist-standalone/_deps/shared/types.d.ts.map +1 -0
package/dist-standalone/_deps/shared/types.js +89 -0
package/dist-standalone/_deps/shared/types.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/errors.d.ts +115 -0
package/dist-standalone/_deps/ux-helpers/cjs/errors.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/errors.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/index.d.ts +13 -0
package/dist-standalone/_deps/ux-helpers/cjs/index.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/index.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/package.json +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/pagination.d.ts +39 -0
package/dist-standalone/_deps/ux-helpers/cjs/pagination.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +83 -0
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/progress.d.ts +99 -0
package/dist-standalone/_deps/ux-helpers/cjs/progress.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +143 -0
package/dist-standalone/_deps/ux-helpers/cjs/progress.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/search.d.ts +32 -0
package/dist-standalone/_deps/ux-helpers/cjs/search.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/search.js +119 -0
package/dist-standalone/_deps/ux-helpers/cjs/search.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/types.d.ts +109 -0
package/dist-standalone/_deps/ux-helpers/cjs/types.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/types.js +8 -0
package/dist-standalone/_deps/ux-helpers/cjs/types.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/errors.d.ts +115 -0
package/dist-standalone/_deps/ux-helpers/errors.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/errors.js +253 -0
package/dist-standalone/_deps/ux-helpers/errors.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/index.d.ts +13 -0
package/dist-standalone/_deps/ux-helpers/index.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/index.js +16 -0
package/dist-standalone/_deps/ux-helpers/index.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/pagination.d.ts +39 -0
package/dist-standalone/_deps/ux-helpers/pagination.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/pagination.js +79 -0
package/dist-standalone/_deps/ux-helpers/pagination.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/progress.d.ts +99 -0
package/dist-standalone/_deps/ux-helpers/progress.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/progress.js +138 -0
package/dist-standalone/_deps/ux-helpers/progress.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/search.d.ts +32 -0
package/dist-standalone/_deps/ux-helpers/search.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/search.js +116 -0
package/dist-standalone/_deps/ux-helpers/search.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/types.d.ts +109 -0
package/dist-standalone/_deps/ux-helpers/types.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/types.js +7 -0
package/dist-standalone/_deps/ux-helpers/types.js.map +1 -0
package/dist-standalone/_deps/xchange/auto-accept.d.ts +127 -0
package/dist-standalone/_deps/xchange/auto-accept.js +1 -0
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -0
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -0
package/dist-standalone/_deps/xchange/cjs/index.js +1 -0
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -0
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -0
package/dist-standalone/_deps/xchange/cjs/package.json +1 -0
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -0
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -0
package/dist-standalone/_deps/xchange/errors.d.ts +69 -0
package/dist-standalone/_deps/xchange/errors.js +1 -0
package/dist-standalone/_deps/xchange/index.d.ts +15 -0
package/dist-standalone/_deps/xchange/index.js +1 -0
package/dist-standalone/_deps/xchange/invite-client.d.ts +178 -0
package/dist-standalone/_deps/xchange/invite-client.js +1 -0
package/dist-standalone/_deps/xchange/lazy-init.d.ts +176 -0
package/dist-standalone/_deps/xchange/lazy-init.js +1 -0
package/dist-standalone/_deps/xchange/trust-integration.d.ts +102 -0
package/dist-standalone/_deps/xchange/trust-integration.js +1 -0
package/dist-standalone/_deps/xchange/xchange.d.ts +60 -0
package/dist-standalone/_deps/xchange/xchange.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/package.json +1 -0
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -0
package/dist-standalone/_deps/xregistry/discovery.d.ts +126 -0
package/dist-standalone/_deps/xregistry/discovery.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/discovery.js +1 -0
package/dist-standalone/_deps/xregistry/discovery.js.map +1 -0
package/dist-standalone/_deps/xregistry/errors.d.ts +41 -0
package/dist-standalone/_deps/xregistry/errors.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/errors.js +1 -0
package/dist-standalone/_deps/xregistry/errors.js.map +1 -0
package/dist-standalone/_deps/xregistry/index.d.ts +8 -0
package/dist-standalone/_deps/xregistry/index.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/index.js +1 -0
package/dist-standalone/_deps/xregistry/index.js.map +1 -0
package/dist-standalone/_deps/xregistry/registry.d.ts +85 -0
package/dist-standalone/_deps/xregistry/registry.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/registry.js +1 -0
package/dist-standalone/_deps/xregistry/registry.js.map +1 -0
package/dist-standalone/_deps/xregistry/schema.d.ts +81 -0
package/dist-standalone/_deps/xregistry/schema.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/schema.js +1 -0
package/dist-standalone/_deps/xregistry/schema.js.map +1 -0
package/dist-standalone/_deps/xregistry/types.d.ts +95 -0
package/dist-standalone/_deps/xregistry/types.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/types.js +1 -0
package/dist-standalone/_deps/xregistry/types.js.map +1 -0
package/dist-standalone/agent-call.d.ts +286 -0
package/dist-standalone/agent-call.js +642 -0
package/dist-standalone/agent-sdk.d.ts +207 -0
package/dist-standalone/agent-sdk.js +328 -0
package/dist-standalone/agent.d.ts +670 -0
package/dist-standalone/agent.js +1529 -0
package/dist-standalone/approval.d.ts +145 -0
package/dist-standalone/approval.js +193 -0
package/dist-standalone/auth.d.ts +75 -0
package/dist-standalone/auth.js +219 -0
package/dist-standalone/auto-accept.d.ts +102 -0
package/dist-standalone/auto-accept.js +229 -0
package/dist-standalone/backup-config.d.ts +150 -0
package/dist-standalone/backup-config.js +201 -0
package/dist-standalone/checkpoint.d.ts +125 -0
package/dist-standalone/checkpoint.js +186 -0
package/dist-standalone/cjs/agent-call.js +651 -0
package/dist-standalone/cjs/agent-sdk.js +332 -0
package/dist-standalone/cjs/agent.js +1566 -0
package/dist-standalone/cjs/approval.js +199 -0
package/dist-standalone/cjs/auth.js +225 -0
package/dist-standalone/cjs/auto-accept.js +233 -0
package/dist-standalone/cjs/backup-config.js +207 -0
package/dist-standalone/cjs/checkpoint.js +193 -0
package/dist-standalone/cjs/cli/init.js +487 -0
package/dist-standalone/cjs/connect.js +312 -0
package/dist-standalone/cjs/did-document.js +101 -0
package/dist-standalone/cjs/did-privateme.js +130 -0
package/dist-standalone/cjs/did-web.js +201 -0
package/dist-standalone/cjs/discovery.js +462 -0
package/dist-standalone/cjs/dual-mode.js +251 -0
package/dist-standalone/cjs/email-templates.js +313 -0
package/dist-standalone/cjs/email-transport.js +239 -0
package/dist-standalone/cjs/envelope.js +510 -0
package/dist-standalone/cjs/errors.js +562 -0
package/dist-standalone/cjs/gateway-state.js +55 -0
package/dist-standalone/cjs/gateway-transport.js +120 -0
package/dist-standalone/cjs/guardrails.js +223 -0
package/dist-standalone/cjs/http-compat.js +272 -0
package/dist-standalone/cjs/identity.js +541 -0
package/dist-standalone/cjs/index.js +224 -0
package/dist-standalone/cjs/invitation.js +421 -0
package/dist-standalone/cjs/invite.js +328 -0
package/dist-standalone/cjs/key-agreement.js +246 -0
package/dist-standalone/cjs/lazy-init.js +300 -0
package/dist-standalone/cjs/mdns-discovery.js +202 -0
package/dist-standalone/cjs/nonce-store.js +66 -0
package/dist-standalone/cjs/package.json +3 -0
package/dist-standalone/cjs/pairing-manager.js +223 -0
package/dist-standalone/cjs/policy.js +320 -0
package/dist-standalone/cjs/redis-nonce-store.js +76 -0
package/dist-standalone/cjs/registry-middleware.js +50 -0
package/dist-standalone/cjs/retry-transport.js +102 -0
package/dist-standalone/cjs/security-policy.js +204 -0
package/dist-standalone/cjs/split-channel.js +177 -0
package/dist-standalone/cjs/subscription-proof.js +230 -0
package/dist-standalone/cjs/succession.js +148 -0
package/dist-standalone/cjs/transport.js +63 -0
package/dist-standalone/cjs/trust-registry.js +742 -0
package/dist-standalone/cjs/verify.js +25 -0
package/dist-standalone/cjs/xfetch.js +252 -0
package/dist-standalone/cli/init.d.ts +63 -0
package/dist-standalone/cli/init.js +450 -0
package/dist-standalone/connect.d.ts +143 -0
package/dist-standalone/connect.js +274 -0
package/dist-standalone/did-document.d.ts +65 -0
package/dist-standalone/did-document.js +96 -0
package/dist-standalone/did-privateme.d.ts +70 -0
package/dist-standalone/did-privateme.js +121 -0
package/dist-standalone/did-web.d.ts +73 -0
package/dist-standalone/did-web.js +196 -0
package/dist-standalone/discovery.d.ts +176 -0
package/dist-standalone/discovery.js +458 -0
package/dist-standalone/dual-mode.d.ts +145 -0
package/dist-standalone/dual-mode.js +247 -0
package/dist-standalone/email-templates.d.ts +41 -0
package/dist-standalone/email-templates.js +309 -0
package/dist-standalone/email-transport.d.ts +139 -0
package/dist-standalone/email-transport.js +232 -0
package/dist-standalone/envelope.d.ts +288 -0
package/dist-standalone/envelope.js +497 -0
package/dist-standalone/errors.d.ts +74 -0
package/dist-standalone/errors.js +548 -0
package/dist-standalone/gateway-state.d.ts +32 -0
package/dist-standalone/gateway-state.js +51 -0
package/dist-standalone/gateway-transport.d.ts +59 -0
package/dist-standalone/gateway-transport.js +116 -0
package/dist-standalone/guardrails.d.ts +136 -0
package/dist-standalone/guardrails.js +216 -0
package/dist-standalone/http-compat.d.ts +150 -0
package/dist-standalone/http-compat.js +267 -0
package/dist-standalone/identity.d.ts +176 -0
package/dist-standalone/identity.js +516 -0
package/dist-standalone/index.d.ts +83 -0
package/dist-standalone/index.js +51 -0
package/dist-standalone/invitation.d.ts +211 -0
package/dist-standalone/invitation.js +415 -0
package/dist-standalone/invite.d.ts +192 -0
package/dist-standalone/invite.js +324 -0
package/dist-standalone/key-agreement.d.ts +122 -0
package/dist-standalone/key-agreement.js +236 -0
package/dist-standalone/lazy-init.d.ts +167 -0
package/dist-standalone/lazy-init.js +295 -0
package/dist-standalone/mdns-discovery.d.ts +117 -0
package/dist-standalone/mdns-discovery.js +195 -0
package/dist-standalone/nonce-store.d.ts +39 -0
package/dist-standalone/nonce-store.js +62 -0
package/dist-standalone/package.json +11 -0
package/dist-standalone/pairing-manager.d.ts +147 -0
package/dist-standalone/pairing-manager.js +219 -0
package/dist-standalone/policy.d.ts +150 -0
package/dist-standalone/policy.js +315 -0
package/dist-standalone/redis-nonce-store.d.ts +93 -0
package/dist-standalone/redis-nonce-store.js +72 -0
package/dist-standalone/registry-middleware.d.ts +38 -0
package/dist-standalone/registry-middleware.js +47 -0
package/dist-standalone/retry-transport.d.ts +76 -0
package/dist-standalone/retry-transport.js +98 -0
package/dist-standalone/security-policy.d.ts +146 -0
package/dist-standalone/security-policy.js +198 -0
package/dist-standalone/split-channel.d.ts +69 -0
package/dist-standalone/split-channel.js +171 -0
package/dist-standalone/subscription-proof.d.ts +103 -0
package/dist-standalone/subscription-proof.js +224 -0
package/dist-standalone/succession.d.ts +57 -0
package/dist-standalone/succession.js +142 -0
package/dist-standalone/transport.d.ts +50 -0
package/dist-standalone/transport.js +59 -0
package/dist-standalone/trust-registry.d.ts +286 -0
package/dist-standalone/trust-registry.js +702 -0
package/dist-standalone/verify.d.ts +16 -0
package/dist-standalone/verify.js +16 -0
package/dist-standalone/xfetch.d.ts +129 -0
package/dist-standalone/xfetch.js +247 -0
package/llms.txt +800 -0
package/package.json +79 -0
package/share1.dat +0 -0

package/dist-standalone/cjs/gateway-transport.js ADDED Viewed

@@ -0,0 +1,120 @@
+"use strict";
+/**
+ * Gateway transport adapter for delivering envelopes to Xail inbox users.
+ *
+ * Sends envelopes via POST /gateway/deliver on the hosted gateway API.
+ * For agent-to-agent (M2M), use HttpsTransportAdapter with direct URLs.
+ * Optionally polls for incoming messages.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GatewayTransport = void 0;
+const shared_1 = require("../_deps/shared/index.js");
+/**
+ * Transport adapter for the Xail Gateway.
+ *
+ * Sends envelopes via POST /gateway/deliver with API key auth.
+ * Optionally polls GET /gateway/messages/:did for incoming messages.
+ */
+class GatewayTransport {
+    apiKey;
+    gateway;
+    timeoutMs;
+    fetchFn;
+    pollIntervalMs;
+    handlers = [];
+    pollTimer = null;
+    senderDid = null;
+    constructor(opts) {
+        this.apiKey = opts.apiKey;
+        this.gateway = opts.gateway.replace(/\/$/, '');
+        this.timeoutMs = opts.timeoutMs ?? 15_000;
+        this.fetchFn = opts.fetch ?? globalThis.fetch.bind(globalThis);
+        this.pollIntervalMs = opts.pollIntervalMs ?? 0;
+    }
+    /**
+     * Send a signed envelope to a recipient via the gateway.
+     * @param envelope - The signed transport envelope.
+     * @param _recipientDid - Recipient DID (already in envelope.recipient).
+     * @returns Success or transport error.
+     */
+    async send(envelope, _recipientDid) {
+        const url = `${this.gateway}/gateway/deliver`;
+        try {
+            const controller = new AbortController();
+            const timer = setTimeout(() => controller.abort(), this.timeoutMs);
+            const response = await this.fetchFn(url, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${this.apiKey}`,
+                },
+                body: JSON.stringify(envelope),
+                signal: controller.signal,
+            });
+            clearTimeout(timer);
+            if (!response.ok) {
+                return (0, shared_1.err)(response.status === 404
+                    ? 'RECIPIENT_UNREACHABLE'
+                    : 'SEND_FAILED');
+            }
+            return (0, shared_1.ok)(undefined);
+        }
+        catch (e) {
+            if (e instanceof DOMException && e.name === 'AbortError') {
+                return (0, shared_1.err)('TIMEOUT');
+            }
+            return (0, shared_1.err)('NETWORK_ERROR');
+        }
+    }
+    /** Register a handler for incoming envelopes. */
+    onReceive(handler) {
+        this.handlers.push(handler);
+    }
+    /**
+     * Start polling for incoming messages.
+     * Must be called after Agent.create() sets the sender DID.
+     * @param did - The agent's own DID for polling.
+     */
+    startPolling(did) {
+        this.senderDid = did;
+        if (this.pollIntervalMs > 0 && !this.pollTimer) {
+            this.pollTimer = setInterval(() => void this.poll(), this.pollIntervalMs);
+        }
+    }
+    /** Shut down the transport (stop polling, clear handlers). */
+    dispose() {
+        if (this.pollTimer) {
+            clearInterval(this.pollTimer);
+            this.pollTimer = null;
+        }
+        this.handlers = [];
+    }
+    /** Poll for incoming messages and dispatch to handlers. */
+    async poll() {
+        if (!this.senderDid)
+            return;
+        try {
+            const url = `${this.gateway}/gateway/messages/${encodeURIComponent(this.senderDid)}`;
+            const res = await this.fetchFn(url, {
+                headers: { Authorization: `Bearer ${this.apiKey}` },
+            });
+            if (!res.ok)
+                return;
+            const data = (await res.json());
+            for (const msg of data.messages) {
+                for (const handler of this.handlers) {
+                    handler(msg.envelope);
+                }
+                // Ack delivery
+                await this.fetchFn(`${this.gateway}/gateway/ack/${msg.id}`, {
+                    method: 'POST',
+                    headers: { Authorization: `Bearer ${this.apiKey}` },
+                });
+            }
+        }
+        catch {
+            // Silent failure — polling errors are non-fatal
+        }
+    }
+}
+exports.GatewayTransport = GatewayTransport;

package/dist-standalone/cjs/guardrails.js ADDED Viewed

@@ -0,0 +1,223 @@
+"use strict";
+/**
+ * @module guardrails
+ * Enhanced error messages with actionable suggestions for policy violations
+ *
+ * When policies deny requests, guardrails provide specific, actionable
+ * guidance on how to fix the issue or what to request from admins.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Guardrails = exports.PolicyDenied = void 0;
+exports.extractSuggestion = extractSuggestion;
+exports.toPolicyDenied = toPolicyDenied;
+/**
+ * Policy violation error with actionable suggestions
+ */
+class PolicyDenied extends Error {
+    rule;
+    allowed;
+    requested;
+    suggestion;
+    details;
+    constructor(
+    /** Which policy rule was violated */
+    rule,
+    /** What the policy allows */
+    allowed,
+    /** What was requested */
+    requested,
+    /** Actionable suggestion for how to fix */
+    suggestion,
+    /** Full policy violation details */
+    details) {
+        super(`Policy violation: ${rule}`);
+        this.rule = rule;
+        this.allowed = allowed;
+        this.requested = requested;
+        this.suggestion = suggestion;
+        this.details = details;
+        this.name = 'PolicyDenied';
+    }
+    /**
+     * Format error for AI agent consumption
+     *
+     * Structured format optimized for LLM parsing
+     */
+    toAgentFormat() {
+        return [
+            `POLICY_VIOLATION: ${this.rule}`,
+            `REQUESTED: ${JSON.stringify(this.requested)}`,
+            `ALLOWED: ${JSON.stringify(this.allowed)}`,
+            `SUGGESTION: ${this.suggestion}`,
+        ].join('\n');
+    }
+    /**
+     * Format error for human consumption
+     *
+     * User-friendly format with clear next steps
+     */
+    toUserFormat() {
+        return [
+            `❌ Policy Violation: ${this.rule}`,
+            '',
+            `You requested: ${this.formatValue(this.requested)}`,
+            `Policy allows: ${this.formatValue(this.allowed)}`,
+            '',
+            `💡 Suggestion: ${this.suggestion}`,
+        ].join('\n');
+    }
+    /**
+     * Format error for logs (structured JSON)
+     */
+    toLogFormat() {
+        return {
+            error: 'PolicyDenied',
+            rule: this.rule,
+            allowed: this.allowed,
+            requested: this.requested,
+            suggestion: this.suggestion,
+            details: this.details,
+            timestamp: new Date().toISOString(),
+        };
+    }
+    formatValue(value) {
+        if (typeof value === 'number') {
+            // Format currency if it looks like money
+            if (this.rule.includes('amount') || this.rule.includes('Amount')) {
+                return `$${value.toLocaleString()}`;
+            }
+            return value.toLocaleString();
+        }
+        if (Array.isArray(value)) {
+            return value.map((v) => `"${String(v)}"`).join(', ');
+        }
+        return JSON.stringify(value);
+    }
+}
+exports.PolicyDenied = PolicyDenied;
+/**
+ * Guardrail builder - fluent API for creating policy errors with suggestions
+ *
+ * @example
+ * ```typescript
+ * const error = Guardrails.amountExceeded({
+ *   requested: 5000,
+ *   limit: 1000,
+ *   type: 'per-transaction'
+ * });
+ *
+ * throw error;
+ * // ❌ Policy Violation: maxAmount
+ * // You requested: $5,000
+ * // Policy allows: $1,000
+ * // 💡 Suggestion: Reduce amount to $1,000 or request policy update from admin
+ * ```
+ */
+class Guardrails {
+    /**
+     * Amount exceeded (per-transaction limit)
+     */
+    static amountExceeded(options) {
+        let rule;
+        let suggestion;
+        switch (options.type) {
+            case 'per-transaction':
+                rule = 'maxAmount';
+                suggestion = `Reduce amount to $${options.limit.toLocaleString()} or request policy update from admin`;
+                break;
+            case 'daily':
+                rule = 'dailyAmount';
+                suggestion = `Reduce amount to stay within daily limit of $${options.limit.toLocaleString()}, or wait until tomorrow`;
+                break;
+            case 'monthly':
+                rule = 'monthlyAmount';
+                suggestion = `Reduce amount to stay within monthly limit of $${options.limit.toLocaleString()}, or wait until next month`;
+                break;
+        }
+        return new PolicyDenied(rule, options.limit, options.requested, suggestion);
+    }
+    /**
+     * Rate limit exceeded
+     */
+    static rateLimitExceeded(options) {
+        const windowSec = options.windowMs / 1000;
+        const suggestion = windowSec >= 60
+            ? `Wait ${Math.ceil(windowSec / 60)} minutes before making additional calls`
+            : `Wait ${windowSec} seconds before making additional calls`;
+        return new PolicyDenied('callsPerMinute', options.limit, options.current + 1, suggestion);
+    }
+    /**
+     * Tool not allowed
+     */
+    static toolDenied(options) {
+        const [service] = options.tool.split(':');
+        const suggestion = options.allowed.length === 0
+            ? `No tools are currently allowed. Request approval from admin to enable "${options.tool}"`
+            : `Request approval from admin to add "${options.tool}" or "${service}:*" to allowed tools`;
+        return new PolicyDenied('allowedTools', options.allowed, options.tool, suggestion);
+    }
+    /**
+     * Scope not allowed
+     */
+    static scopeDenied(options) {
+        const suggestion = options.allowed.length === 0
+            ? `No scopes are currently allowed. Request approval from admin to enable "${options.scope}"`
+            : `Request approval from admin to add "${options.scope}" to allowed scopes`;
+        return new PolicyDenied('allowedScopes', options.allowed, options.scope, suggestion);
+    }
+    /**
+     * Field filter denied (data access restriction)
+     */
+    static fieldDenied(options) {
+        const suggestion = `Field "${options.field}" is restricted. Contact admin to update policy.fieldFilters for "${options.tool}"`;
+        return new PolicyDenied('fieldFilters', options.allowed, options.field, suggestion);
+    }
+    /**
+     * Time window restriction
+     */
+    static timeWindowDenied(options) {
+        const suggestion = `Actions are only allowed between ${options.allowedStart} and ${options.allowedEnd}. Current time is ${options.current.toTimeString()}`;
+        return new PolicyDenied('timeWindow', `${options.allowedStart} - ${options.allowedEnd}`, options.current.toTimeString(), suggestion);
+    }
+    /**
+     * Generic policy violation
+     */
+    static custom(options) {
+        return new PolicyDenied(options.rule, options.allowed, options.requested, options.suggestion);
+    }
+}
+exports.Guardrails = Guardrails;
+/**
+ * Helper: Extract actionable suggestion from AgentError details
+ *
+ * Used by agent.call() to convert PolicyViolationDetails into PolicyDenied
+ */
+function extractSuggestion(details) {
+    return details.fix ?? 'Contact administrator to update policy';
+}
+/**
+ * Helper: Convert PolicyViolationDetails to PolicyDenied
+ */
+function toPolicyDenied(details) {
+    let rule;
+    switch (details.constraint) {
+        case 'amountPerTxn':
+            rule = 'maxAmount';
+            break;
+        case 'dailyAmount':
+            rule = 'dailyAmount';
+            break;
+        case 'callsPerMinute':
+            rule = 'callsPerMinute';
+            break;
+        case 'scope':
+            rule = 'allowedScopes';
+            break;
+        case 'tool':
+            rule = 'allowedTools';
+            break;
+        default:
+            rule = String(details.constraint);
+    }
+    return new PolicyDenied(rule, details.allowed, details.requested, details.fix, details);
+}

package/dist-standalone/cjs/http-compat.js ADDED Viewed

@@ -0,0 +1,272 @@
+"use strict";
+/**
+ * @module http-compat
+ * HTTP client compatibility adapters for xBind auto-upgrade
+ *
+ * Provides drop-in replacements for popular HTTP clients (fetch, axios, got)
+ * that transparently upgrade to xBind when both parties support it.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAxiosCompat = createAxiosCompat;
+exports.createGotCompat = createGotCompat;
+exports.wrapFetch = wrapFetch;
+const xfetch_js_1 = require("./xfetch.js");
+/**
+ * Create axios-compatible HTTP client with xBind auto-upgrade
+ *
+ * Drop-in replacement for axios that transparently upgrades to xBind.
+ *
+ * @returns Axios-compatible client
+ *
+ * @example
+ * ```typescript
+ * import { createAxiosCompat } from '@private.me/xbind/http-compat';
+ *
+ * const axios = createAxiosCompat();
+ *
+ * // Auto-upgrades to xBind if supported
+ * const response = await axios.get('https://api.example.com/data');
+ * console.log('Used xBind?', response.xbind?.used);
+ * console.log('Data:', response.data);
+ * ```
+ */
+function createAxiosCompat() {
+    async function request(config) {
+        // Normalize config
+        const cfg = typeof config === 'string' ? { url: config } : config;
+        const method = cfg.method?.toUpperCase() ?? 'GET';
+        const url = cfg.baseURL
+            ? new URL(cfg.url ?? '', cfg.baseURL).toString()
+            : cfg.url ?? '';
+        // Build headers
+        const headers = { ...cfg.headers };
+        // Build URL with query params
+        let finalUrl = url;
+        if (cfg.params) {
+            const params = new URLSearchParams();
+            for (const [key, value] of Object.entries(cfg.params)) {
+                params.append(key, String(value));
+            }
+            finalUrl = `${url}?${params.toString()}`;
+        }
+        // Build request body
+        let body;
+        if (cfg.data) {
+            if (typeof cfg.data === 'string') {
+                body = cfg.data;
+            }
+            else {
+                body = JSON.stringify(cfg.data);
+                headers['Content-Type'] = 'application/json';
+            }
+        }
+        // Convert to xfetch options
+        const xfetchOpts = {
+            method,
+            headers,
+            body,
+            timeout: cfg.timeout,
+            forceXBind: cfg.forceXBind,
+            disableXBind: cfg.disableXBind,
+        };
+        // Make request via xfetch
+        const response = await (0, xfetch_js_1.xfetch)(finalUrl, xfetchOpts);
+        // Parse response body based on responseType
+        let data;
+        const responseType = cfg.responseType ?? 'json';
+        switch (responseType) {
+            case 'json':
+                data = (await response.json());
+                break;
+            case 'text':
+                data = (await response.text());
+                break;
+            case 'blob':
+                data = (await response.blob());
+                break;
+            case 'arraybuffer':
+                data = (await response.arrayBuffer());
+                break;
+            default:
+                data = (await response.json());
+        }
+        // Validate status if custom validator provided
+        if (cfg.validateStatus && !cfg.validateStatus(response.status)) {
+            throw new Error(`Request failed with status ${response.status}`);
+        }
+        // Convert headers to object
+        const responseHeaders = {};
+        response.headers.forEach((value, key) => {
+            responseHeaders[key] = value;
+        });
+        return {
+            data,
+            status: response.status,
+            statusText: response.statusText,
+            headers: responseHeaders,
+            config: cfg,
+            xbind: {
+                used: response.usedXBind,
+                protocol: response.transport.protocol,
+                latency: response.transport.latency,
+                peerDID: response.transport.peerDID,
+            },
+        };
+    }
+    // Convenience methods
+    async function get(url, config) {
+        return request({ ...config, url, method: 'GET' });
+    }
+    async function post(url, data, config) {
+        return request({ ...config, url, method: 'POST', data });
+    }
+    async function put(url, data, config) {
+        return request({ ...config, url, method: 'PUT', data });
+    }
+    async function patch(url, data, config) {
+        return request({ ...config, url, method: 'PATCH', data });
+    }
+    async function del(url, config) {
+        return request({ ...config, url, method: 'DELETE' });
+    }
+    return {
+        request,
+        get,
+        post,
+        put,
+        patch,
+        delete: del,
+    };
+}
+/**
+ * Create got-compatible HTTP client with xBind auto-upgrade
+ *
+ * Drop-in replacement for got that transparently upgrades to xBind.
+ *
+ * @returns Got-compatible client
+ *
+ * @example
+ * ```typescript
+ * import { createGotCompat } from '@private.me/xbind/http-compat';
+ *
+ * const got = createGotCompat();
+ *
+ * // Auto-upgrades to xBind if supported
+ * const response = await got('https://api.example.com/data', {
+ *   responseType: 'json',
+ * });
+ * console.log('Used xBind?', response.xbind?.used);
+ * console.log('Body:', response.body);
+ * ```
+ */
+function createGotCompat() {
+    async function got(url, options) {
+        // Normalize options
+        const opts = typeof url === 'string' ? { ...options, url } : url;
+        const method = opts.method?.toUpperCase() ?? 'GET';
+        const finalUrl = opts.url ?? '';
+        // Build headers
+        const headers = { ...opts.headers };
+        // Build URL with search params
+        let urlWithParams = finalUrl;
+        if (opts.searchParams) {
+            const params = new URLSearchParams();
+            for (const [key, value] of Object.entries(opts.searchParams)) {
+                params.append(key, String(value));
+            }
+            urlWithParams = `${finalUrl}?${params.toString()}`;
+        }
+        // Build request body
+        let body;
+        if (opts.json) {
+            body = JSON.stringify(opts.json);
+            headers['Content-Type'] = 'application/json';
+        }
+        else if (opts.body) {
+            // Convert Buffer to string for compatibility with xfetch
+            // SAFETY: After instanceof check, both branches produce string type
+            body = (opts.body instanceof Buffer ? opts.body.toString() : opts.body);
+        }
+        // Extract timeout
+        const timeout = typeof opts.timeout === 'number'
+            ? opts.timeout
+            : opts.timeout?.request;
+        // Convert to xfetch options
+        const xfetchOpts = {
+            method,
+            headers,
+            body,
+            timeout,
+            forceXBind: opts.forceXBind,
+            disableXBind: opts.disableXBind,
+        };
+        // Make request via xfetch
+        const response = await (0, xfetch_js_1.xfetch)(urlWithParams, xfetchOpts);
+        // Parse response body based on responseType
+        let responseBody;
+        const responseType = opts.responseType ?? 'text';
+        switch (responseType) {
+            case 'json':
+                responseBody = (await response.json());
+                break;
+            case 'text':
+                responseBody = (await response.text());
+                break;
+            case 'buffer':
+                const arrayBuffer = await response.arrayBuffer();
+                responseBody = Buffer.from(arrayBuffer);
+                break;
+            default:
+                responseBody = (await response.text());
+        }
+        // Convert headers to object
+        const responseHeaders = {};
+        response.headers.forEach((value, key) => {
+            responseHeaders[key] = value;
+        });
+        return {
+            body: responseBody,
+            statusCode: response.status,
+            headers: responseHeaders,
+            url: response.url,
+            requestUrl: urlWithParams,
+            xbind: {
+                used: response.usedXBind,
+                protocol: response.transport.protocol,
+                latency: response.transport.latency,
+                peerDID: response.transport.peerDID,
+            },
+        };
+    }
+    // Convenience methods
+    got.get = (url, options) => got(url, { ...options, method: 'GET' });
+    got.post = (url, options) => got(url, { ...options, method: 'POST' });
+    got.put = (url, options) => got(url, { ...options, method: 'PUT' });
+    got.patch = (url, options) => got(url, { ...options, method: 'PATCH' });
+    got.delete = (url, options) => got(url, { ...options, method: 'DELETE' });
+    return got;
+}
+/**
+ * Wrap existing fetch implementation with xBind auto-upgrade
+ *
+ * Use this to upgrade an existing fetch instance (like node-fetch, cross-fetch, etc.)
+ *
+ * @param fetchImpl - Fetch implementation to wrap
+ * @returns Wrapped fetch with xBind support
+ *
+ * @example
+ * ```typescript
+ * import { wrapFetch } from '@private.me/xbind/http-compat';
+ * import nodeFetch from 'node-fetch';
+ *
+ * const fetch = wrapFetch(nodeFetch);
+ *
+ * // Uses xBind if supported, falls back to node-fetch
+ * const response = await fetch('https://api.example.com/data');
+ * ```
+ */
+function wrapFetch(fetchImpl) {
+    // Return xfetch (which already handles auto-upgrade and fallback)
+    // The original fetchImpl is not used because xfetch uses global fetch
+    return xfetch_js_1.xfetch;
+}