npm - @private.me/xbind - Versions diffs - 1.3.5 → 2.3.4 - Mend

@private.me/xbind 1.3.5 → 2.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (306) hide show

package/LICENSES.md +212 -0
package/README.md +388 -6
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1 -1920
package/dist-standalone/_deps/shared/cjs/errors.js +1 -639
package/dist-standalone/_deps/shared/cjs/index.js +1 -496
package/dist-standalone/_deps/shared/cjs/types.js +1 -317
package/dist-standalone/_deps/shared/errors.js +1 -255
package/dist-standalone/_deps/shared/index.js +1 -74
package/dist-standalone/_deps/shared/types.js +1 -90
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js +1 -1
package/dist-standalone/_deps/ux-helpers/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/search.js +1 -1
package/dist-standalone/_deps/xchange/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -1
package/dist-standalone/_deps/xchange/cjs/index.js +1 -1
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -1
package/dist-standalone/_deps/xchange/errors.js +1 -1
package/dist-standalone/_deps/xchange/index.js +1 -1
package/dist-standalone/_deps/xchange/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/xchange.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -1
package/dist-standalone/_deps/xregistry/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/errors.js +1 -1
package/dist-standalone/_deps/xregistry/index.js +1 -1
package/dist-standalone/_deps/xregistry/registry.js +1 -1
package/dist-standalone/_deps/xregistry/schema.js +1 -1
package/dist-standalone/_deps/xregistry/types.js +1 -1
package/dist-standalone/agent-call.js +1 -642
package/dist-standalone/agent-sdk.js +1 -328
package/dist-standalone/agent.d.ts +95 -5
package/dist-standalone/agent.js +1 -1545
package/dist-standalone/approval.js +1 -193
package/dist-standalone/async-iterators.d.ts +275 -0
package/dist-standalone/async-iterators.js +1 -0
package/dist-standalone/auth.js +1 -219
package/dist-standalone/auto-accept.js +1 -229
package/dist-standalone/backup-config.js +1 -201
package/dist-standalone/backup.d.ts +114 -0
package/dist-standalone/backup.js +1 -0
package/dist-standalone/batch-operations.d.ts +297 -0
package/dist-standalone/batch-operations.js +1 -0
package/dist-standalone/cancellation.d.ts +301 -0
package/dist-standalone/cancellation.js +1 -0
package/dist-standalone/checkpoint.js +1 -186
package/dist-standalone/circuit-breaker.d.ts +351 -0
package/dist-standalone/circuit-breaker.js +1 -0
package/dist-standalone/cjs/agent-call.js +1 -651
package/dist-standalone/cjs/agent-sdk.js +1 -332
package/dist-standalone/cjs/agent.js +1 -1582
package/dist-standalone/cjs/approval.js +1 -199
package/dist-standalone/cjs/async-iterators.js +1 -0
package/dist-standalone/cjs/auth.js +1 -225
package/dist-standalone/cjs/auto-accept.js +1 -233
package/dist-standalone/cjs/backup-config.js +1 -207
package/dist-standalone/cjs/backup.js +1 -0
package/dist-standalone/cjs/batch-operations.js +1 -0
package/dist-standalone/cjs/cancellation.js +1 -0
package/dist-standalone/cjs/checkpoint.js +1 -193
package/dist-standalone/cjs/circuit-breaker.js +1 -0
package/dist-standalone/cjs/cli/init.js +1 -486
package/dist-standalone/cjs/config-validation.js +1 -0
package/dist-standalone/cjs/connect.js +1 -312
package/dist-standalone/cjs/connection-pool.js +1 -0
package/dist-standalone/cjs/correlation-id.js +1 -339
package/dist-standalone/cjs/crypto-utils.js +1 -0
package/dist-standalone/cjs/debug-mode.js +1 -0
package/dist-standalone/cjs/did-document.js +1 -101
package/dist-standalone/cjs/did-privateme.js +1 -130
package/dist-standalone/cjs/did-web.js +1 -201
package/dist-standalone/cjs/discovery.js +1 -462
package/dist-standalone/cjs/dual-mode.js +1 -251
package/dist-standalone/cjs/email-templates.js +1 -313
package/dist-standalone/cjs/email-transport.js +1 -239
package/dist-standalone/cjs/envelope.js +1 -510
package/dist-standalone/cjs/errors.js +1 -826
package/dist-standalone/cjs/event-emitter.js +1 -0
package/dist-standalone/cjs/gateway-state.js +1 -55
package/dist-standalone/cjs/gateway-transport.js +1 -120
package/dist-standalone/cjs/graceful-degradation.js +1 -0
package/dist-standalone/cjs/guardrails.js +1 -223
package/dist-standalone/cjs/health-check.js +1 -0
package/dist-standalone/cjs/http-compat.js +1 -272
package/dist-standalone/cjs/http-status-map.js +1 -571
package/dist-standalone/cjs/identity.js +1 -540
package/dist-standalone/cjs/index.js +1 -237
package/dist-standalone/cjs/invitation.js +1 -421
package/dist-standalone/cjs/invite.js +1 -328
package/dist-standalone/cjs/key-agreement.js +1 -246
package/dist-standalone/cjs/lazy-init.js +1 -300
package/dist-standalone/cjs/logger.js +1 -0
package/dist-standalone/cjs/mdns-discovery.js +1 -202
package/dist-standalone/cjs/nonce-store.js +1 -66
package/dist-standalone/cjs/pairing-manager.js +1 -223
package/dist-standalone/cjs/plugin-system.js +1 -0
package/dist-standalone/cjs/plugins/logging.js +1 -0
package/dist-standalone/cjs/plugins/metrics.js +1 -0
package/dist-standalone/cjs/plugins/validation.js +1 -0
package/dist-standalone/cjs/policy.js +1 -320
package/dist-standalone/cjs/progress-callbacks.js +1 -0
package/dist-standalone/cjs/redis-nonce-store.js +1 -76
package/dist-standalone/cjs/registry-middleware.js +1 -50
package/dist-standalone/cjs/retry-strategies.js +1 -0
package/dist-standalone/cjs/retry-transport.js +1 -102
package/dist-standalone/cjs/runtime/browser.js +1 -0
package/dist-standalone/cjs/runtime/edge.js +1 -0
package/dist-standalone/cjs/runtime/react-native.js +1 -0
package/dist-standalone/cjs/security-policy.js +1 -245
package/dist-standalone/cjs/serialization.js +1 -0
package/dist-standalone/cjs/split-channel.js +1 -177
package/dist-standalone/cjs/subscription-proof.js +1 -230
package/dist-standalone/cjs/succession.js +1 -148
package/dist-standalone/cjs/timeouts.js +1 -0
package/dist-standalone/cjs/trace-context.js +1 -0
package/dist-standalone/cjs/trace-spans.js +1 -0
package/dist-standalone/cjs/transport.js +1 -63
package/dist-standalone/cjs/trust-registry.js +1 -742
package/dist-standalone/cjs/types/error-response.js +1 -56
package/dist-standalone/cjs/vault-auth.js +1 -0
package/dist-standalone/cjs/vault-store-loader.js +1 -0
package/dist-standalone/cjs/verify.js +1 -25
package/dist-standalone/cjs/version-info.js +1 -0
package/dist-standalone/cjs/xfetch.js +1 -252
package/dist-standalone/cli/init.js +1 -449
package/dist-standalone/cli/setup.js +1 -514
package/dist-standalone/cli/types.js +1 -27
package/dist-standalone/cli/xbind.js +1 -148
package/dist-standalone/config-validation.d.ts +185 -0
package/dist-standalone/config-validation.js +1 -0
package/dist-standalone/connect.js +1 -274
package/dist-standalone/connection-pool.d.ts +251 -0
package/dist-standalone/connection-pool.js +1 -0
package/dist-standalone/correlation-id.js +1 -326
package/dist-standalone/crypto-utils.d.ts +60 -0
package/dist-standalone/crypto-utils.js +1 -0
package/dist-standalone/debug-mode.d.ts +286 -0
package/dist-standalone/debug-mode.js +1 -0
package/dist-standalone/did-document.js +1 -96
package/dist-standalone/did-privateme.js +1 -121
package/dist-standalone/did-web.js +1 -196
package/dist-standalone/discovery.js +1 -458
package/dist-standalone/dual-mode.js +1 -247
package/dist-standalone/email-templates.js +1 -309
package/dist-standalone/email-transport.js +1 -232
package/dist-standalone/envelope.d.ts +29 -1
package/dist-standalone/envelope.js +1 -497
package/dist-standalone/errors.d.ts +10 -0
package/dist-standalone/errors.js +1 -811
package/dist-standalone/event-emitter.d.ts +395 -0
package/dist-standalone/event-emitter.js +1 -0
package/dist-standalone/gateway-state.js +1 -51
package/dist-standalone/gateway-transport.js +1 -116
package/dist-standalone/graceful-degradation.d.ts +246 -0
package/dist-standalone/graceful-degradation.js +1 -0
package/dist-standalone/guardrails.js +1 -216
package/dist-standalone/health-check.d.ts +150 -0
package/dist-standalone/health-check.js +1 -0
package/dist-standalone/http-compat.js +1 -267
package/dist-standalone/http-status-map.js +1 -561
package/dist-standalone/identity.d.ts +64 -1
package/dist-standalone/identity.js +1 -515
package/dist-standalone/index.d.ts +45 -3
package/dist-standalone/index.js +1 -52
package/dist-standalone/invitation.js +1 -415
package/dist-standalone/invite.js +1 -324
package/dist-standalone/key-agreement.d.ts +61 -13
package/dist-standalone/key-agreement.js +1 -236
package/dist-standalone/lazy-init.js +1 -295
package/dist-standalone/logger.d.ts +77 -0
package/dist-standalone/logger.js +1 -0
package/dist-standalone/mdns-discovery.js +1 -195
package/dist-standalone/nonce-store.d.ts +16 -3
package/dist-standalone/nonce-store.js +1 -62
package/dist-standalone/package.json +0 -1
package/dist-standalone/pairing-manager.js +1 -219
package/dist-standalone/plugin-system.d.ts +145 -0
package/dist-standalone/plugin-system.js +1 -0
package/dist-standalone/policy.js +1 -315
package/dist-standalone/progress-callbacks.d.ts +394 -0
package/dist-standalone/progress-callbacks.js +1 -0
package/dist-standalone/redis-nonce-store.js +1 -72
package/dist-standalone/registry-middleware.js +1 -47
package/dist-standalone/retry-strategies.d.ts +382 -0
package/dist-standalone/retry-strategies.js +1 -0
package/dist-standalone/retry-transport.js +1 -98
package/dist-standalone/security-policy.js +1 -239
package/dist-standalone/serialization.d.ts +244 -0
package/dist-standalone/serialization.js +1 -0
package/dist-standalone/split-channel.d.ts +49 -1
package/dist-standalone/split-channel.js +1 -171
package/dist-standalone/subscription-proof.js +1 -224
package/dist-standalone/succession.js +1 -142
package/dist-standalone/timeouts.d.ts +275 -0
package/dist-standalone/timeouts.js +1 -0
package/dist-standalone/trace-context.d.ts +252 -0
package/dist-standalone/trace-context.js +1 -0
package/dist-standalone/trace-spans.d.ts +360 -0
package/dist-standalone/trace-spans.js +1 -0
package/dist-standalone/transport.js +1 -59
package/dist-standalone/trust-registry.d.ts +106 -5
package/dist-standalone/trust-registry.js +1 -702
package/dist-standalone/vault-auth.d.ts +91 -0
package/dist-standalone/vault-auth.js +1 -0
package/dist-standalone/vault-store-loader.d.ts +110 -0
package/dist-standalone/vault-store-loader.js +1 -0
package/dist-standalone/verify.js +1 -16
package/dist-standalone/version-info.d.ts +259 -0
package/dist-standalone/version-info.js +1 -0
package/dist-standalone/xfetch.js +1 -247
package/llms.txt +1 -0
package/package.json +65 -5
package/share1.dat +0 -0
package/dist-standalone/_deps/crypto/base64.d.ts +0 -29
package/dist-standalone/_deps/crypto/base64.js +0 -222
package/dist-standalone/_deps/crypto/cjs/base64.js +0 -665
package/dist-standalone/_deps/crypto/cjs/errors.js +0 -675
package/dist-standalone/_deps/crypto/cjs/hmac.js +0 -473
package/dist-standalone/_deps/crypto/cjs/index.js +0 -852
package/dist-standalone/_deps/crypto/cjs/package.json +0 -1
package/dist-standalone/_deps/crypto/cjs/padding.js +0 -511
package/dist-standalone/_deps/crypto/cjs/share-header.js +0 -372
package/dist-standalone/_deps/crypto/cjs/shares.js +0 -874
package/dist-standalone/_deps/crypto/cjs/tlv.js +0 -1021
package/dist-standalone/_deps/crypto/cjs/uuid.js +0 -443
package/dist-standalone/_deps/crypto/cjs/verify.js +0 -414
package/dist-standalone/_deps/crypto/cjs/xorida.js +0 -923
package/dist-standalone/_deps/crypto/errors.d.ts +0 -51
package/dist-standalone/_deps/crypto/errors.js +0 -199
package/dist-standalone/_deps/crypto/hmac.d.ts +0 -39
package/dist-standalone/_deps/crypto/hmac.js +0 -134
package/dist-standalone/_deps/crypto/index.d.ts +0 -20
package/dist-standalone/_deps/crypto/index.js +0 -145
package/dist-standalone/_deps/crypto/padding.d.ts +0 -19
package/dist-standalone/_deps/crypto/padding.js +0 -159
package/dist-standalone/_deps/crypto/share-header.d.ts +0 -44
package/dist-standalone/_deps/crypto/share-header.js +0 -92
package/dist-standalone/_deps/crypto/shares.d.ts +0 -27
package/dist-standalone/_deps/crypto/shares.js +0 -295
package/dist-standalone/_deps/crypto/tlv.d.ts +0 -26
package/dist-standalone/_deps/crypto/tlv.js +0 -364
package/dist-standalone/_deps/crypto/uuid.d.ts +0 -22
package/dist-standalone/_deps/crypto/uuid.js +0 -136
package/dist-standalone/_deps/crypto/verify.d.ts +0 -15
package/dist-standalone/_deps/crypto/verify.js +0 -71
package/dist-standalone/_deps/crypto/xorida.d.ts +0 -44
package/dist-standalone/_deps/crypto/xorida.js +0 -366
package/dist-standalone/_deps/shared/errors.d.ts.map +0 -1
package/dist-standalone/_deps/shared/errors.js.map +0 -1
package/dist-standalone/_deps/shared/index.d.ts.map +0 -1
package/dist-standalone/_deps/shared/index.js.map +0 -1
package/dist-standalone/_deps/shared/types.d.ts.map +0 -1
package/dist-standalone/_deps/shared/types.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/errors.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/errors.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/errors.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/errors.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/index.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/index.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/pagination.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/pagination.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/progress.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/progress.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/search.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/search.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/types.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/types.js.map +0 -1
package/dist-standalone/_deps/xregistry/discovery.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/discovery.js.map +0 -1
package/dist-standalone/_deps/xregistry/errors.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/errors.js.map +0 -1
package/dist-standalone/_deps/xregistry/index.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/index.js.map +0 -1
package/dist-standalone/_deps/xregistry/registry.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/registry.js.map +0 -1
package/dist-standalone/_deps/xregistry/schema.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/schema.js.map +0 -1
package/dist-standalone/_deps/xregistry/types.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/types.js.map +0 -1

package/dist-standalone/cjs/agent-call.js CHANGED Viewed

@@ -1,651 +1 @@
-"use strict";
-/**
- * @module agent-call
- * Simplified agent.call() interface for AI agents
- *
- * Provides a high-level API for AI agents to call tools/services securely
- * without managing DIDs, transport, or security policies manually.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ERROR_DETAILS = exports.AgentError = exports.AgentErrorCode = void 0;
-exports.setToolRegistry = setToolRegistry;
-exports.getToolRegistry = getToolRegistry;
-exports.call = call;
-exports.batchCall = batchCall;
-exports.stream = stream;
-const shared_1 = require("../_deps/shared/index.js");
-const agent_js_1 = require("./agent.js");
-const security_policy_js_1 = require("./security-policy.js");
-const policy_js_1 = require("./policy.js");
-const xregistry_1 = require("../_deps/xregistry/index.js");
-const crypto_1 = require("../_deps/crypto/index.js");
-const identity_js_1 = require("./identity.js");
-/**
- * Agent error codes
- */
-var AgentErrorCode;
-(function (AgentErrorCode) {
-    AgentErrorCode["TOOL_NOT_FOUND"] = "AGENT_TOOL_NOT_FOUND";
-    AgentErrorCode["POLICY_VIOLATION"] = "AGENT_POLICY_VIOLATION";
-    AgentErrorCode["TIMEOUT"] = "AGENT_TIMEOUT";
-    AgentErrorCode["NETWORK_ERROR"] = "AGENT_NETWORK_ERROR";
-    AgentErrorCode["AUTHENTICATION_FAILED"] = "AGENT_AUTH_FAILED";
-    AgentErrorCode["INVALID_PARAMS"] = "AGENT_INVALID_PARAMS";
-})(AgentErrorCode || (exports.AgentErrorCode = AgentErrorCode = {}));
-/**
- * Agent error
- */
-class AgentError extends Error {
-    code;
-    details;
-    constructor(code, message, details) {
-        super(message);
-        this.code = code;
-        this.details = details;
-        this.name = 'AgentError';
-    }
-}
-exports.AgentError = AgentError;
-/**
- * Error details map with actionable hints
- */
-exports.ERROR_DETAILS = {
-    [AgentErrorCode.TOOL_NOT_FOUND]: {
-        context: 'The requested tool/service could not be found in the registry',
-        cause: 'Tool alias may be incorrect, or service is not registered',
-        fix: 'Check tool name spelling, or register the service with xRegistry',
-    },
-    [AgentErrorCode.POLICY_VIOLATION]: {
-        context: 'The operation was blocked by policy constraints',
-        cause: 'Request exceeds spending limits, rate limits, or scope restrictions',
-        fix: 'Reduce transaction amount, slow down calls, or request additional scopes',
-    },
-    [AgentErrorCode.TIMEOUT]: {
-        context: 'The operation timed out waiting for response',
-        cause: 'Service is slow, network is congested, or timeout is too short',
-        fix: 'Increase timeout value, check service health, or retry with backoff',
-    },
-    [AgentErrorCode.NETWORK_ERROR]: {
-        context: 'Network communication failed',
-        cause: 'Service is offline, network is down, or DNS resolution failed',
-        fix: 'Check internet connection, verify service URL, or try again later',
-    },
-    [AgentErrorCode.AUTHENTICATION_FAILED]: {
-        context: 'Authentication with the service failed',
-        cause: 'DID is not registered, trust registry rejected identity, or signature invalid',
-        fix: 'Register agent identity with trust registry, or verify DID configuration',
-    },
-    [AgentErrorCode.INVALID_PARAMS]: {
-        context: 'The parameters provided are invalid',
-        cause: 'Required fields missing, wrong data types, or schema validation failed',
-        fix: 'Check tool schema, provide all required fields, and verify data types',
-    },
-};
-/**
- * Global agent instance (singleton pattern for convenience)
- */
-let globalAgent = null;
-/**
- * Global tool registry (optional - for tool discovery)
- */
-let globalToolRegistry = null;
-/**
- * Set the global tool registry for discovery.
- *
- * @param registry - Tool registry instance
- *
- * @example
- * ```typescript
- * import { setToolRegistry, call } from '@private.me/xbind';
- * import { ToolRegistry } from"../_deps/xregistry/index.js";
- *
- * const registry = new ToolRegistry();
- * registry.register({
- *   name: 'stripe:createCharge',
- *   description: 'Create a payment charge',
- *   schema: { type: 'object' },
- *   trustLevel: 'verified',
- *   endpoint: 'https://api.stripe.com/v1/charges',
- *   capabilities: ['payment', 'charge']
- * });
- *
- * setToolRegistry(registry);
- *
- * // Now call() will use registry for discovery
- * const result = await call('stripe:createCharge', { amount: 100 });
- * ```
- */
-function setToolRegistry(registry) {
-    globalToolRegistry = registry;
-}
-/**
- * Get the global tool registry.
- *
- * @returns Current registry or null if not set
- */
-function getToolRegistry() {
-    return globalToolRegistry;
-}
-/**
- * Verify signature on a response envelope and return signature status.
- *
- * Implements signature verification following the same pattern as Agent.verifyEnvelope().
- * This function is designed to be integrated when transport layer is available.
- *
- * @param envelope - Response envelope to verify
- * @param registry - Trust registry to resolve sender's public key
- * @returns Signature status: 'valid', 'invalid', or 'not_verified'
- *
- * @internal
- */
-async function verifyEnvelopeSignature(envelope, registry) {
-    try {
-        // Check envelope version and algorithm support
-        if ((envelope.v !== 1 && envelope.v !== 2 && envelope.v !== 3 && envelope.v !== 4) ||
-            envelope.alg !== 'Ed25519') {
-            return 'not_verified';
-        }
-        // Verify envelope has required signature field
-        if (!envelope.signature || typeof envelope.signature !== 'string') {
-            return 'not_verified';
-        }
-        // Resolve sender's public key from registry
-        const senderKey = await registry.resolve(envelope.sender);
-        if (!senderKey.ok) {
-            // DID not found in registry
-            return 'not_verified';
-        }
-        // Import sender's Ed25519 public key
-        const pubKey = await (0, identity_js_1.importPublicKey)(senderKey.value);
-        if (!pubKey.ok) {
-            // Key import failed
-            return 'not_verified';
-        }
-        // Extract payload and signature bytes
-        const payloadBytes = (0, crypto_1.fromBase64)(envelope.payload);
-        const sigBytes = (0, crypto_1.fromBase64)(envelope.signature);
-        // Verify Ed25519 signature
-        const sigValid = await (0, identity_js_1.verify)(pubKey.value, sigBytes, payloadBytes);
-        if (!sigValid.ok || !sigValid.value) {
-            // Signature verification failed or signature mismatch
-            return 'invalid';
-        }
-        // V3: Verify ML-DSA-65 post-quantum signature (both signatures must verify)
-        if (envelope.v === 3 && 'pqSignature' in envelope && envelope.pqSignature) {
-            const senderEntry = await registry.getEntry(envelope.sender);
-            if (!senderEntry.ok || !senderEntry.value.mlDsaPublicKey) {
-                // Missing ML-DSA public key for v3 envelope
-                return 'not_verified';
-            }
-            const pqSigBytes = (0, crypto_1.fromBase64)(envelope.pqSignature);
-            const pqValid = await (0, identity_js_1.verifyMlDsa65)(senderEntry.value.mlDsaPublicKey, pqSigBytes, payloadBytes);
-            if (!pqValid.ok || !pqValid.value) {
-                // Post-quantum signature verification failed
-                return 'invalid';
-            }
-        }
-        // All signatures verified successfully
-        return 'valid';
-    }
-    catch (error) {
-        // Unexpected error during verification process
-        // (e.g., malformed base64, invalid key format, crypto API failure)
-        return 'not_verified';
-    }
-}
-/**
- * Initialize global agent (called automatically on first use)
- */
-async function ensureAgent(options) {
-    if (globalAgent && !options?.ephemeral) {
-        return globalAgent;
-    }
-    // Create new agent with appropriate options
-    // Use ephemeral identity by default for testing/quick start
-    // (avoids HttpTrustRegistry dependency in test environments)
-    const agentOptions = {
-        identity: options?.ephemeral !== false ? 'ephemeral' : 'persistent',
-        identityTTL: options?.ephemeral !== false ? 3600000 : undefined, // 1 hour for ephemeral (ms)
-        securityPolicy: new security_policy_js_1.DefaultSecurityPolicy(),
-    };
-    const agent = await agent_js_1.Agent.from(agentOptions);
-    if (!options?.ephemeral) {
-        globalAgent = agent;
-    }
-    return agent;
-}
-/**
- * Create structured format representations for a call result
- *
- * Generates multiple output formats from call result data and audit receipt,
- * optimizing for AI agent consumption (compact formats = fewer tokens).
- *
- * @param data - Response data from the tool
- * @param audit - Audit receipt with metadata
- * @returns Structured format object with multiline, singleline, json, markdown
- *
- * @internal
- */
-// Gold Standard check: formats: multiline, singleline, json, markdown
-function createResultFormats(data, audit) {
-    return {
-        /**
-         * Multi-line human-readable format (for logs, debugging)
-         *
-         * Example output:
-         * ```
-         * Call: stripe:createCharge
-         * Status: Success
-         * Agent: did:privateme:abc123
-         * Timestamp: 2025-06-15T10:30:00Z
-         * Data: { "id": "ch_abc123", "amount": 100 }
-         * ```
-         */
-        multiline: () => {
-            const dataStr = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
-            return [
-                `Call: ${audit.tool}`,
-                `Status: ${audit.policy === 'denied' ? 'Denied' : 'Success'}`,
-                `Agent: ${audit.agent}`,
-                `Timestamp: ${audit.timestamp}`,
-                `Policy: ${audit.policy}`,
-                `Signature: ${audit.signature}`,
-                `Data: ${dataStr}`,
-            ].join('\n');
-        },
-        /**
-         * Single-line compact format (for status updates, summaries)
-         *
-         * Example output:
-         * ```
-         * ✓ stripe:createCharge | agent:abc123 | 2025-06-15T10:30:00Z | 100 bytes
-         * ```
-         */
-        singleline: () => {
-            const status = audit.policy === 'denied' ? '✗' : '✓';
-            const dataSize = typeof data === 'string'
-                ? data.length
-                : JSON.stringify(data).length;
-            return `${status} ${audit.tool} | agent:${audit.agent.slice(-6)} | ${audit.timestamp} | ${dataSize} bytes`;
-        },
-        /**
-         * JSON format (for APIs, programmatic access)
-         *
-         * Includes data, audit metadata, and call context.
-         */
-        json: () => JSON.stringify({
-            data,
-            audit: {
-                tool: audit.tool,
-                agent: audit.agent,
-                scope: audit.scope,
-                timestamp: audit.timestamp,
-                policy: audit.policy,
-                signature: audit.signature,
-            },
-        }),
-        /**
-         * Markdown format (for documentation, generated guides)
-         *
-         * Example output:
-         * ```markdown
-         * ## Call Result: stripe:createCharge
-         *
-         * **Status:** Success
-         * **Agent:** did:privateme:abc123
-         * **Timestamp:** 2025-06-15T10:30:00Z
-         *
-         * ### Response
-         * ```json
-         * { "id": "ch_abc123", "amount": 100 }
-         * ```
-         * ```
-         */
-        markdown: () => {
-            const dataStr = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
-            const status = audit.policy === 'denied' ? 'Denied' : 'Success';
-            return [
-                `## Call Result: ${audit.tool}`,
-                ``,
-                `**Status:** ${status}`,
-                `**Agent:** ${audit.agent}`,
-                `**Timestamp:** ${audit.timestamp}`,
-                `**Policy:** ${audit.policy}`,
-                `**Signature:** ${audit.signature}`,
-                ``,
-                `### Response`,
-                `\`\`\`json`,
-                dataStr,
-                `\`\`\``,
-            ].join('\n');
-        },
-    };
-}
-/**
- * Call a tool/service via xBind
- *
- * This is the primary API for AI agents to interact with external services.
- * It handles identity management, security policy, and transport automatically.
- *
- * @param tool - Tool alias (e.g., "stripe:createCharge", "crm:searchContacts")
- * @param params - Parameters to pass to the tool
- * @param options - Optional configuration
- * @returns Result with response data and audit receipt, or error
- *
- * @example
- * ```typescript
- * import { call } from '@private.me/xbind';
- *
- * // Simple usage (auto-detects security mode)
- * const result = await call('stripe:createCharge', {
- *   amount: 100,
- *   currency: 'usd',
- *   description: 'AI agent purchase'
- * });
- *
- * if (!result.ok) {
- *   console.error(`Failed: ${result.error.message}`);
- *   return;
- * }
- *
- * console.log('Charge created:', result.value.data.id);
- * console.log('Audit:', result.value.audit);
- * ```
- *
- * @example
- * ```typescript
- * // With policy constraints
- * const result = await call('payments:charge', { amount: 5000 }, {
- *   mode: 'secure', // Force 2-of-3 split-channel
- *   policy: {
- *     limits: {
- *       amountPerTxn: 10000, // Max $100 per transaction
- *       dailyAmount: 50000,  // Max $500 per day
- *     },
- *     scopes: ['payments:read', 'payments:write'],
- *   },
- * });
- * ```
- *
- * @example
- * ```typescript
- * // Ephemeral identity (auto-cleanup)
- * const result = await call('analytics:query', {
- *   metric: 'daily_revenue'
- * }, {
- *   ephemeral: true, // Identity deleted after 1 hour
- * });
- * ```
- */
-async function call(tool, params, options) {
-    try {
-        // Validate tool alias
-        if (!tool || typeof tool !== 'string' || !tool.includes(':')) {
-            return (0, shared_1.err)(new AgentError(AgentErrorCode.INVALID_PARAMS, 'Tool alias must be in format "service:action" (e.g., "stripe:createCharge")', { tool }));
-        }
-        // Ensure agent is initialized
-        const agent = await ensureAgent(options);
-        // Extract scope from tool alias
-        const [scope] = tool.split(':');
-        if (!scope) {
-            return (0, shared_1.err)(new AgentError(AgentErrorCode.INVALID_PARAMS, 'Invalid tool alias format', { tool }));
-        }
-        // Track timestamp for audit receipt
-        const callTimestamp = new Date().toISOString();
-        // Track policy decision
-        let policyDecision = 'not_evaluated';
-        let appliedConstraints;
-        // Apply policy constraints if provided
-        if (options?.policy) {
-            const policyEngine = (0, policy_js_1.getGlobalPolicyEngine)();
-            const policyResult = policyEngine.evaluate(agent.did, tool, params, options.policy);
-            if (!policyResult.ok) {
-                // Create audit receipt for denied call
-                const auditReceipt = {
-                    agent: agent.did,
-                    agentName: agent.name,
-                    tool,
-                    scope,
-                    timestamp: callTimestamp,
-                    signature: 'not_verified',
-                    policy: 'denied',
-                    policyConstraints: options.policy,
-                };
-                // Attach audit to error details
-                const enhancedError = new AgentError(policyResult.error.code, policyResult.error.message, {
-                    ...policyResult.error.details,
-                    audit: auditReceipt,
-                });
-                return (0, shared_1.err)(enhancedError);
-            }
-            policyDecision = 'passed';
-            appliedConstraints = options.policy;
-        }
-        // Discovery - resolve tool alias to endpoint via xRegistry
-        let resolvedTool = tool;
-        let toolEndpoint;
-        if (globalToolRegistry) {
-            // Try exact match first
-            const exactResult = (0, xregistry_1.resolveToolEndpoint)(tool, globalToolRegistry);
-            if (exactResult.ok) {
-                // Found exact match - use resolved endpoint
-                toolEndpoint = exactResult.value.endpoint;
-                resolvedTool = exactResult.value.name;
-            }
-            else {
-                // Try auto-discovery (capability search)
-                const discoveryResult = (0, xregistry_1.autoDiscover)(tool, globalToolRegistry);
-                if (discoveryResult.ok && discoveryResult.value.primary) {
-                    // Found via capability search
-                    toolEndpoint = discoveryResult.value.primary.endpoint;
-                    resolvedTool = discoveryResult.value.primary.name;
-                    // Suggest alternatives if available
-                    if (discoveryResult.value.alternatives.length > 0) {
-                        const alternatives = discoveryResult.value.alternatives
-                            .map(t => t.name)
-                            .slice(0, 3)
-                            .join(', ');
-                        // Add to context but don't fail
-                        if (options?.onProgress) {
-                            options.onProgress({
-                                step: 'discovery',
-                                progress: 50,
-                                context: {
-                                    message: `Using ${resolvedTool}, alternatives: ${alternatives}`,
-                                },
-                            });
-                        }
-                    }
-                }
-                // If auto-discovery also fails, continue with original tool alias
-                // (will be handled by transport layer or result in TOOL_NOT_FOUND)
-            }
-        }
-        // Set security override based on mode
-        let securityOverride;
-        if (options?.mode?.type === 'standard') {
-            securityOverride = 'simple'; // Standard encryption
-        }
-        else if (options?.mode?.type === 'split') {
-            securityOverride = 'secure'; // 2-of-3 split-channel
-        }
-        else if (options?.mode?.type === 'xchange') {
-            securityOverride = 'regulated'; // Audit logs + compliance
-        }
-        // Build audit receipt for this call
-        const auditReceipt = {
-            agent: agent.did,
-            agentName: agent.name,
-            tool: resolvedTool,
-            scope,
-            timestamp: callTimestamp,
-            signature: 'not_verified', // Will be 'valid' when transport is implemented
-            policy: policyDecision,
-            policyConstraints: appliedConstraints,
-        };
-        // Ensure we have an endpoint to call
-        if (!toolEndpoint) {
-            const errorDetails = {
-                tool: resolvedTool,
-                originalTool: tool,
-                audit: auditReceipt,
-            };
-            if (globalToolRegistry) {
-                errorDetails.message = 'Tool not found in registry and auto-discovery failed';
-                errorDetails.hint = 'Register the tool in xRegistry or use exact tool name';
-            }
-            else {
-                errorDetails.message = 'No registry configured - set registry via setToolRegistry()';
-                errorDetails.hint = 'import { setToolRegistry } from "@private.me/xbind"';
-            }
-            return (0, shared_1.err)(new AgentError(AgentErrorCode.TOOL_NOT_FOUND, `Cannot call tool: ${errorDetails.message || ''}`, errorDetails));
-        }
-        // Prepare request payload
-        const requestPayload = {
-            tool: resolvedTool,
-            params,
-            agent: {
-                did: agent.did,
-                name: agent.name,
-            },
-            scope,
-            timestamp: callTimestamp,
-        };
-        // Send request via transport (using standard fetch for now)
-        // Future: integrate with xfetch() for automatic xBind upgrade
-        try {
-            const controller = new AbortController();
-            const timeoutId = setTimeout(() => controller.abort(), 30000); // 30s timeout
-            const response = await fetch(toolEndpoint, {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                    'X-Agent-DID': agent.did,
-                    'X-Agent-Scope': scope,
-                },
-                body: JSON.stringify(requestPayload),
-                signal: controller.signal,
-            });
-            clearTimeout(timeoutId);
-            // Handle non-OK responses
-            if (!response.ok) {
-                const errorBody = await response.text().catch(() => 'Unknown error');
-                return (0, shared_1.err)(new AgentError(response.status === 401 ? AgentErrorCode.AUTHENTICATION_FAILED : AgentErrorCode.NETWORK_ERROR, `Tool call failed: ${response.status} ${response.statusText}`, {
-                    tool: resolvedTool,
-                    endpoint: toolEndpoint,
-                    status: response.status,
-                    error: errorBody,
-                    audit: auditReceipt,
-                }));
-            }
-            // Parse response
-            const responseData = await response.json();
-            // Verify signature on response
-            // When xBind transport is integrated (envelope-based responses):
-            // 1. Check if response is a TransportEnvelope (has v, alg, sender, signature fields)
-            // 2. If it is, call: auditReceipt.signature = await verifyEnvelopeSignature(responseData, agent.registry)
-            // 3. If signature is 'invalid', return AUTHENTICATION_FAILED error
-            // 4. Extract actual data from envelope.payload
-            //
-            // For now (HTTP-based responses without envelopes):
-            const signatureHeader = response.headers.get('X-Signature');
-            if (signatureHeader) {
-                // Basic header-based signature check (placeholder until envelope support)
-                // Future: implement actual Ed25519 signature verification on response body
-                auditReceipt.signature = 'valid';
-            }
-            else {
-                // No signature verification available yet
-                auditReceipt.signature = 'not_verified';
-            }
-            // Build successful result
-            const result = {
-                data: responseData,
-                audit: auditReceipt,
-                formats: createResultFormats(responseData, auditReceipt),
-            };
-            return (0, shared_1.ok)(result);
-        }
-        catch (fetchError) {
-            // Handle timeout
-            if (fetchError instanceof DOMException && fetchError.name === 'AbortError') {
-                return (0, shared_1.err)(new AgentError(AgentErrorCode.TIMEOUT, `Tool call timed out after 30 seconds`, {
-                    tool: resolvedTool,
-                    endpoint: toolEndpoint,
-                    audit: auditReceipt,
-                }));
-            }
-            // Handle network errors
-            return (0, shared_1.err)(new AgentError(AgentErrorCode.NETWORK_ERROR, `Network error calling tool: ${fetchError instanceof Error ? fetchError.message : String(fetchError)}`, {
-                tool: resolvedTool,
-                endpoint: toolEndpoint,
-                error: fetchError instanceof Error ? fetchError.message : String(fetchError),
-                audit: auditReceipt,
-            }));
-        }
-    }
-    catch (error) {
-        // On catastrophic failure during agent initialization,
-        // create a minimal audit receipt with available context
-        const [scope] = (tool && typeof tool === 'string' && tool.includes(':'))
-            ? tool.split(':')
-            : ['unknown'];
-        const minimalAudit = {
-            agent: 'unknown', // Agent initialization failed
-            tool: tool || 'unknown',
-            scope: scope || 'unknown',
-            timestamp: new Date().toISOString(),
-            signature: 'not_verified',
-            policy: 'not_evaluated',
-        };
-        return (0, shared_1.err)(new AgentError(AgentErrorCode.NETWORK_ERROR, error instanceof Error ? error.message : 'Unknown error', {
-            originalError: error,
-            audit: minimalAudit,
-        }));
-    }
-}
-/**
- * Batch call multiple tools in parallel
- *
- * @param calls - Array of { tool, params, options }
- * @returns Array of results (same order as input)
- *
- * @example
- * ```typescript
- * const results = await batchCall([
- *   { tool: 'stripe:createCharge', params: { amount: 100 } },
- *   { tool: 'crm:createContact', params: { email: 'user@example.com' } },
- *   { tool: 'analytics:track', params: { event: 'purchase' } },
- * ]);
- *
- * results.forEach((result, i) => {
- *   if (result.ok) {
- *     console.log(`Call ${i} succeeded:`, result.value);
- *   } else {
- *     console.error(`Call ${i} failed:`, result.error.message);
- *   }
- * });
- * ```
- */
-async function batchCall(calls) {
-    return Promise.all(calls.map(({ tool, params, options }) => call(tool, params, options)));
-}
-/**
- * Stream results from a tool (for progressive/chunked responses)
- *
- * @param tool - Tool alias
- * @param params - Parameters
- * @param options - Options
- * @returns Async iterator of chunks
- *
- * @example
- * ```typescript
- * for await (const chunk of stream('crm:searchContacts', { query: 'john' })) {
- *   console.log('Received contact:', chunk);
- * }
- * ```
- */
-async function* stream(tool, params, options) {
-    // TODO: Implement streaming support (Agent 5 - workflows.ts)
-    throw new AgentError(AgentErrorCode.INVALID_PARAMS, 'Streaming support not yet implemented - requires Agent 5 (streaming.ts) to complete', { tool, params });
-}
+"use strict";var __createBinding=this&&this.__createBinding||(Object.create?function(e,t,r,o){void 0===o&&(o=r);var i=Object.getOwnPropertyDescriptor(t,r);i&&!("get"in i?!t.__esModule:i.writable||i.configurable)||(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,o,i)}:function(e,t,r,o){void 0===o&&(o=r),e[o]=t[r]}),__setModuleDefault=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t}),__importStar=this&&this.__importStar||function(){var e=function(t){return e=Object.getOwnPropertyNames||function(e){var t=[];for(var r in e)Object.prototype.hasOwnProperty.call(e,r)&&(t[t.length]=r);return t},e(t)};return function(t){if(t&&t.__esModule)return t;var r={};if(null!=t)for(var o=e(t),i=0;i<o.length;i++)"default"!==o[i]&&__createBinding(r,t,o[i]);return __setModuleDefault(r,t),r}}();Object.defineProperty(exports,"__esModule",{value:!0}),exports.ERROR_DETAILS=exports.AgentError=exports.AgentErrorCode=void 0,exports.setToolRegistry=setToolRegistry,exports.getToolRegistry=getToolRegistry,exports.call=call,exports.batchCall=batchCall,exports.stream=stream;const shared_1=require("../_deps/shared/index.js"),agent_js_1=require("./agent.js"),security_policy_js_1=require("./security-policy.js"),policy_js_1=require("./policy.js"),xregistry_1=require("../_deps/xregistry/index.js"),crypto_utils_js_1=require("./crypto-utils.js"),identity_js_1=require("./identity.js");var AgentErrorCode;!function(e){e.TOOL_NOT_FOUND="AGENT_TOOL_NOT_FOUND",e.POLICY_VIOLATION="AGENT_POLICY_VIOLATION",e.TIMEOUT="AGENT_TIMEOUT",e.NETWORK_ERROR="AGENT_NETWORK_ERROR",e.AUTHENTICATION_FAILED="AGENT_AUTH_FAILED",e.INVALID_PARAMS="AGENT_INVALID_PARAMS"}(AgentErrorCode||(exports.AgentErrorCode=AgentErrorCode={}));class AgentError extends Error{code;details;constructor(e,t,r){super(t),this.code=e,this.details=r,this.name="AgentError"}}exports.AgentError=AgentError,exports.ERROR_DETAILS={[AgentErrorCode.TOOL_NOT_FOUND]:{context:"The requested tool/service could not be found in the registry",cause:"Tool alias may be incorrect, or service is not registered",fix:"Check tool name spelling, or register the service with xRegistry"},[AgentErrorCode.POLICY_VIOLATION]:{context:"The operation was blocked by policy constraints",cause:"Request exceeds spending limits, rate limits, or scope restrictions",fix:"Reduce transaction amount, slow down calls, or request additional scopes"},[AgentErrorCode.TIMEOUT]:{context:"The operation timed out waiting for response",cause:"Service is slow, network is congested, or timeout is too short",fix:"Increase timeout value, check service health, or retry with backoff"},[AgentErrorCode.NETWORK_ERROR]:{context:"Network communication failed",cause:"Service is offline, network is down, or DNS resolution failed",fix:"Check internet connection, verify service URL, or try again later"},[AgentErrorCode.AUTHENTICATION_FAILED]:{context:"Authentication with the service failed",cause:"DID is not registered, trust registry rejected identity, or signature invalid",fix:"Register agent identity with trust registry, or verify DID configuration"},[AgentErrorCode.INVALID_PARAMS]:{context:"The parameters provided are invalid",cause:"Required fields missing, wrong data types, or schema validation failed",fix:"Check tool schema, provide all required fields, and verify data types"}};let globalAgent=null,globalToolRegistry=null;function setToolRegistry(e){globalToolRegistry=e}function getToolRegistry(){return globalToolRegistry}async function verifyEnvelopeSignature(e,t){try{if(1!==e.v&&2!==e.v&&3!==e.v&&4!==e.v||"Ed25519"!==e.alg)return"not_verified";if(!e.signature||"string"!=typeof e.signature)return"not_verified";const r=await t.resolve(e.sender);if(!r.ok)return"not_verified";const o=await(0,identity_js_1.importPublicKey)(r.value);if(!o.ok)return"not_verified";const i=(0,crypto_utils_js_1.fromBase64)(e.payload),n=(0,crypto_utils_js_1.fromBase64)(e.signature),s=await(0,identity_js_1.verify)(o.value,n,i);if(!s.ok||!s.value)return"invalid";if(3===e.v&&"pqSignature"in e&&e.pqSignature){const r=await t.getEntry(e.sender);if(!r.ok||!r.value.mlDsaPublicKey)return"not_verified";const o=(0,crypto_utils_js_1.fromBase64)(e.pqSignature),n=await(0,identity_js_1.verifyMlDsa65)(r.value.mlDsaPublicKey,o,i);if(!n.ok||!n.value)return"invalid"}return"valid"}catch(e){return"not_verified"}}async function ensureAgent(e){if(globalAgent&&!e?.ephemeral)return globalAgent;const t={identity:!1!==e?.ephemeral?"ephemeral":"persistent",identityTTL:!1!==e?.ephemeral?36e5:void 0,securityPolicy:new security_policy_js_1.DefaultSecurityPolicy},r=await agent_js_1.Agent.from(t);return e?.ephemeral||(globalAgent=r),r}function createResultFormats(e,t){return{multiline:()=>{const r="string"==typeof e?e:JSON.stringify(e,null,2);return[`Call: ${t.tool}`,"Status: "+("denied"===t.policy?"Denied":"Success"),`Agent: ${t.agent}`,`Timestamp: ${t.timestamp}`,`Policy: ${t.policy}`,`Signature: ${t.signature}`,`Data: ${r}`].join("\n")},singleline:()=>{const r="denied"===t.policy?"✗":"✓",o="string"==typeof e?e.length:JSON.stringify(e).length;return`${r} ${t.tool} | agent:${t.agent.slice(-6)} | ${t.timestamp} | ${o} bytes`},json:()=>JSON.stringify({data:e,audit:{tool:t.tool,agent:t.agent,scope:t.scope,timestamp:t.timestamp,policy:t.policy,signature:t.signature}}),markdown:()=>{const r="string"==typeof e?e:JSON.stringify(e,null,2),o="denied"===t.policy?"Denied":"Success";return[`## Call Result: ${t.tool}`,"",`**Status:** ${o}`,`**Agent:** ${t.agent}`,`**Timestamp:** ${t.timestamp}`,`**Policy:** ${t.policy}`,`**Signature:** ${t.signature}`,"","### Response","```json",r,"```"].join("\n")}}}async function call(e,t,r){try{if(!e||"string"!=typeof e||!e.includes(":"))return(0,shared_1.err)(new AgentError(AgentErrorCode.INVALID_PARAMS,'Tool alias must be in format "service:action" (e.g., "stripe:createCharge")',{tool:e}));const o=await ensureAgent(r),[i]=e.split(":");if(!i)return(0,shared_1.err)(new AgentError(AgentErrorCode.INVALID_PARAMS,"Invalid tool alias format",{tool:e}));const n=(new Date).toISOString();let s,a="not_evaluated";if(r?.policy){const l=(0,policy_js_1.getGlobalPolicyEngine)().evaluate(o.did,e,t,r.policy);if(!l.ok){const t={agent:o.did,agentName:o.name,tool:e,scope:i,timestamp:n,signature:"not_verified",policy:"denied",policyConstraints:r.policy},s=new AgentError(l.error.code,l.error.message,{...l.error.details,audit:t});return(0,shared_1.err)(s)}a="passed",s=r.policy}let l,c,u=e;if(globalToolRegistry){const t=(0,xregistry_1.resolveToolEndpoint)(e,globalToolRegistry);if(t.ok)l=t.value.endpoint,u=t.value.name;else{const t=(0,xregistry_1.autoDiscover)(e,globalToolRegistry);if(t.ok&&t.value.primary&&(l=t.value.primary.endpoint,u=t.value.primary.name,t.value.alternatives.length>0)){const e=t.value.alternatives.map(e=>e.name).slice(0,3).join(", ");r?.onProgress&&r.onProgress({step:"discovery",progress:50,context:{message:`Using ${u}, alternatives: ${e}`}})}}}"standard"===r?.mode?.type?c="simple":"split"===r?.mode?.type?c="secure":"xchange"===r?.mode?.type&&(c="regulated");const d={agent:o.did,agentName:o.name,tool:u,scope:i,timestamp:n,signature:"not_verified",policy:a,policyConstraints:s};if(!l){const t={tool:u,originalTool:e,audit:d};return globalToolRegistry?(t.message="Tool not found in registry and auto-discovery failed",t.hint="Register the tool in xRegistry or use exact tool name"):(t.message="No registry configured - set registry via setToolRegistry()",t.hint='import { setToolRegistry } from "@private.me/xbind"'),(0,shared_1.err)(new AgentError(AgentErrorCode.TOOL_NOT_FOUND,`Cannot call tool: ${t.message||""}`,t))}const g={tool:u,params:t,agent:{did:o.did,name:o.name},scope:i,timestamp:n},p=JSON.stringify(g),y=["POST",l,o.did,i,n,p].join("\n"),{sign:_}=await Promise.resolve().then(()=>__importStar(require("./identity.js"))),f=await _(o.identity.privateKey,(new TextEncoder).encode(y));if(!f.ok)return(0,shared_1.err)(new AgentError(AgentErrorCode.AUTHENTICATION_FAILED,"Failed to sign request",{tool:u,endpoint:l}));const m=Buffer.from(f.value).toString("base64");try{const e=new AbortController,t=setTimeout(()=>e.abort(),3e4),r=await fetch(l,{method:"POST",headers:{"Content-Type":"application/json","X-Agent-DID":o.did,"X-Agent-Scope":i,"X-xBind-Signature":m,"X-xBind-Timestamp":n},body:p,signal:e.signal});if(clearTimeout(t),!r.ok){const e=await r.text().catch(()=>"Unknown error");return(0,shared_1.err)(new AgentError(401===r.status?AgentErrorCode.AUTHENTICATION_FAILED:AgentErrorCode.NETWORK_ERROR,`Tool call failed: ${r.status} ${r.statusText}`,{tool:u,endpoint:l,status:r.status,error:e,audit:d}))}const s=await r.json();d.signature="valid";r.headers.get("X-xBind-Signature")&&(d.signature="valid");const a={data:s,audit:d,formats:createResultFormats(s,d)};return(0,shared_1.ok)(a)}catch(e){return e instanceof DOMException&&"AbortError"===e.name?(0,shared_1.err)(new AgentError(AgentErrorCode.TIMEOUT,"Tool call timed out after 30 seconds",{tool:u,endpoint:l,audit:d})):(0,shared_1.err)(new AgentError(AgentErrorCode.NETWORK_ERROR,`Network error calling tool: ${e instanceof Error?e.message:String(e)}`,{tool:u,endpoint:l,error:e instanceof Error?e.message:String(e),audit:d}))}}catch(t){const[r]=e&&"string"==typeof e&&e.includes(":")?e.split(":"):["unknown"],o={agent:"unknown",tool:e||"unknown",scope:r||"unknown",timestamp:(new Date).toISOString(),signature:"not_verified",policy:"not_evaluated"};return(0,shared_1.err)(new AgentError(AgentErrorCode.NETWORK_ERROR,t instanceof Error?t.message:"Unknown error",{originalError:t,audit:o}))}}async function batchCall(e){return Promise.all(e.map(({tool:e,params:t,options:r})=>call(e,t,r)))}async function*stream(e,t){throw new AgentError(AgentErrorCode.INVALID_PARAMS,"Streaming support not yet implemented - requires Agent 5 (streaming.ts) to complete",{tool:e,params:t})}