@private.me/xbind 1.3.5 → 3.0.0

package/dist-standalone/cjs/types/error-response.js

@@ -1,56 +1 @@
-"use strict";
-/**
- * Error Response Types
- *
- * Dual-code error response system supporting both AWS standard codes
- * and legacy xBind codes for backward compatibility.
- *
- * @packageDocumentation
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.isErrorResponse = isErrorResponse;
-exports.createErrorResponse = createErrorResponse;
-/**
- * Type guard to check if a value is an ErrorResponse
- *
- * @param value - Value to check
- * @returns True if value is an ErrorResponse
- *
- * @example
- * ```typescript
- * if (isErrorResponse(result)) {
- *   console.error(result.message);
- * }
- * ```
- */
-function isErrorResponse(value) {
-    if (!value || typeof value !== 'object') {
-        return false;
-    }
-    const err = value;
-    return (typeof err.code === 'string' &&
-        typeof err.httpStatus === 'number' &&
-        typeof err.message === 'string');
-}
-/**
- * Create a standardized error response
- *
- * @param params - Error response parameters
- * @returns Standardized ErrorResponse object
- *
- * @example
- * ```typescript
- * const error = createErrorResponse({
- *   code: 'UnauthorizedException',
- *   legacyCode: 'XBIND_AUTH_FAILED',
- *   httpStatus: 401,
- *   message: 'Invalid signature'
- * });
- * ```
- */
-function createErrorResponse(params) {
-    return {
-        ...params,
-        timestamp: params.timestamp ?? Date.now()
-    };
-}
+"use strict";function isErrorResponse(e){if(!e||"object"!=typeof e)return!1;const r=e;return"string"==typeof r.code&&"number"==typeof r.httpStatus&&"string"==typeof r.message}function createErrorResponse(e){return{...e,timestamp:e.timestamp??Date.now()}}Object.defineProperty(exports,"__esModule",{value:!0}),exports.isErrorResponse=isErrorResponse,exports.createErrorResponse=createErrorResponse;

package/dist-standalone/cjs/vault-auth.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.signVaultRequest=signVaultRequest,exports.verifyVaultRequest=verifyVaultRequest;const shared_1=require("../_deps/shared/index.js"),crypto_utils_js_1=require("./crypto-utils.js");async function signVaultRequest(e,t,r){const n=Date.now(),s=generateNonce(),a=JSON.stringify(r),o=`POST\n${t}\n${n}\n${s}\n${await hashString(a)}`;let i;try{const t=(new TextEncoder).encode(o);i=await crypto.subtle.sign({name:"Ed25519"},e.privateKey,t)}catch{return(0,shared_1.err)("SIGN_FAILED")}return(0,shared_1.ok)({signature:(0,crypto_utils_js_1.toBase64)(new Uint8Array(i)),timestamp:n,nonce:s})}function generateNonce(){if("undefined"!=typeof crypto&&crypto.randomUUID)return crypto.randomUUID();const e=new Uint8Array(16);crypto.getRandomValues(e),e[6]=15&e[6]|64,e[8]=63&e[8]|128;const t=Array.from(e).map(e=>e.toString(16).padStart(2,"0")).join("");return[t.slice(0,8),t.slice(8,12),t.slice(12,16),t.slice(16,20),t.slice(20,32)].join("-")}async function hashString(e){const t=(new TextEncoder).encode(e),r=await crypto.subtle.digest("SHA-256",t);return(0,crypto_utils_js_1.toBase64)(new Uint8Array(r))}async function verifyVaultRequest(e,t,r,n,s,a,o){const i=Date.now();if(Math.abs(i-a)>3e5)return!1;const c=`POST\n${r}\n${a}\n${o}\n${await hashString(n)}`;let u;try{const e=new ArrayBuffer(t.byteLength);new Uint8Array(e).set(t),u=await crypto.subtle.importKey("raw",e,{name:"Ed25519"},!1,["verify"])}catch{return!1}try{const e=(new TextEncoder).encode(c),t=Uint8Array.from(atob(s),e=>e.charCodeAt(0));return await crypto.subtle.verify({name:"Ed25519"},u,t,e)}catch{return!1}}

package/dist-standalone/cjs/vault-store-loader.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.loadCryptoPackage=loadCryptoPackage,exports.getCrypto=getCrypto,exports.isCryptoLoaded=isCryptoLoaded,exports.clearCryptoCache=clearCryptoCache,exports.getCacheStatus=getCacheStatus;const shared_1=require("../_deps/shared/index.js"),vault_auth_js_1=require("./vault-auth.js"),VAULT_STORE_URL=process.env.VAULT_STORE_URL||"https://private.me/api/vault-store",CACHE_TTL_MS=6048e5;let cryptoCache=null;async function loadCryptoPackage(identity){if(cryptoCache&&Date.now()<cryptoCache.expiresAt)return(0,shared_1.ok)(cryptoCache.module);const signatureResult=await(0,vault_auth_js_1.signVaultRequest)(identity,"/api/vault-store/crypto",{requestedVersion:"latest",clientVersion:"1.5.0"});if(!signatureResult.ok)return(0,shared_1.err)("VAULT_AUTH_FAILED");const{signature:signature,timestamp:timestamp,nonce:nonce}=signatureResult.value;let response,vaultData,cryptoModule;try{response=await fetch(`${VAULT_STORE_URL}/crypto`,{method:"POST",headers:{"Content-Type":"application/json","X-DID":identity.did,"X-Signature":signature,"X-Timestamp":timestamp.toString(),"X-Nonce":nonce},body:JSON.stringify({requestedVersion:"latest",clientVersion:"1.5.0"})})}catch(e){return(0,shared_1.err)("VAULT_FETCH_FAILED")}if(!response.ok)return 402===response.status?(0,shared_1.err)("VAULT_QUOTA_EXCEEDED"):401===response.status||403===response.status?(0,shared_1.err)("VAULT_AUTH_FAILED"):451===response.status?(0,shared_1.err)("VAULT_PAYMENT_REQUIRED"):(0,shared_1.err)("VAULT_FETCH_FAILED");try{vaultData=await response.json()}catch{return(0,shared_1.err)("VAULT_INVALID_RESPONSE")}if(!vaultData.cryptoBundle||!vaultData.version)return(0,shared_1.err)("VAULT_INVALID_RESPONSE");try{const bundleCode=atob(vaultData.cryptoBundle),moduleExports=eval(`(function() {\n      const exports = {};\n      ${bundleCode}\n      return exports;\n    })()`);if(cryptoModule=moduleExports,"function"!=typeof cryptoModule.splitXorIDA||"function"!=typeof cryptoModule.reconstructXorIDA)return(0,shared_1.err)("VAULT_LOAD_FAILED")}catch{return(0,shared_1.err)("VAULT_LOAD_FAILED")}const ttlMs=vaultData.cacheTtl?1e3*vaultData.cacheTtl:CACHE_TTL_MS;return cryptoCache={module:cryptoModule,expiresAt:Date.now()+ttlMs,version:vaultData.version},(0,shared_1.ok)(cryptoModule)}function getCrypto(){return cryptoCache&&Date.now()<cryptoCache.expiresAt?cryptoCache.module:null}function isCryptoLoaded(){return null!==cryptoCache&&Date.now()<cryptoCache.expiresAt}function clearCryptoCache(){cryptoCache=null}function getCacheStatus(){if(!cryptoCache)return{loaded:!1};const e=Date.now();return{loaded:e<cryptoCache.expiresAt,version:cryptoCache.version,expiresAt:cryptoCache.expiresAt,ttlRemaining:Math.max(0,cryptoCache.expiresAt-e)}}

package/dist-standalone/cjs/verify.js

@@ -1,25 +1 @@
-"use strict";
-/**
- * @module verify
- * Lightweight sub-path export for verification-only use cases.
- *
- * Import as `@private.me/xbind/verify` for tree-shaking on edge/serverless:
- * ```ts
- * import { verify, importPublicKey, validateEnvelope } from '@private.me/xbind/verify';
- * ```
- *
- * This module re-exports only the functions needed to verify signatures
- * and validate envelopes — no key generation, no encryption, no transport.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.openSignedEnvelope = exports.deserializeEnvelope = exports.validateEnvelope = exports.didToPublicKeyBytes = exports.importPublicKey = exports.verify = void 0;
-// Identity — verify + key import only
-var identity_js_1 = require("./identity.js");
-Object.defineProperty(exports, "verify", { enumerable: true, get: function () { return identity_js_1.verify; } });
-Object.defineProperty(exports, "importPublicKey", { enumerable: true, get: function () { return identity_js_1.importPublicKey; } });
-Object.defineProperty(exports, "didToPublicKeyBytes", { enumerable: true, get: function () { return identity_js_1.didToPublicKeyBytes; } });
-// Envelope — validation + signed envelope verification
-var envelope_js_1 = require("./envelope.js");
-Object.defineProperty(exports, "validateEnvelope", { enumerable: true, get: function () { return envelope_js_1.validateEnvelope; } });
-Object.defineProperty(exports, "deserializeEnvelope", { enumerable: true, get: function () { return envelope_js_1.deserializeEnvelope; } });
-Object.defineProperty(exports, "openSignedEnvelope", { enumerable: true, get: function () { return envelope_js_1.openSignedEnvelope; } });
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.openSignedEnvelope=exports.deserializeEnvelope=exports.validateEnvelope=exports.didToPublicKeyBytes=exports.importPublicKey=exports.verify=void 0;var identity_js_1=require("./identity.js");Object.defineProperty(exports,"verify",{enumerable:!0,get:function(){return identity_js_1.verify}}),Object.defineProperty(exports,"importPublicKey",{enumerable:!0,get:function(){return identity_js_1.importPublicKey}}),Object.defineProperty(exports,"didToPublicKeyBytes",{enumerable:!0,get:function(){return identity_js_1.didToPublicKeyBytes}});var envelope_js_1=require("./envelope.js");Object.defineProperty(exports,"validateEnvelope",{enumerable:!0,get:function(){return envelope_js_1.validateEnvelope}}),Object.defineProperty(exports,"deserializeEnvelope",{enumerable:!0,get:function(){return envelope_js_1.deserializeEnvelope}}),Object.defineProperty(exports,"openSignedEnvelope",{enumerable:!0,get:function(){return envelope_js_1.openSignedEnvelope}});

package/dist-standalone/cjs/version-info.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.Capability=void 0,exports.getVersion=getVersion,exports.hasCapability=hasCapability,exports.getCapabilities=getCapabilities,exports.getDeprecationInfo=getDeprecationInfo,exports.warnIfDeprecated=warnIfDeprecated,exports.parseVersion=parseVersion,exports.compareVersions=compareVersions,exports.checkCompatibility=checkCompatibility,exports.getMinimumVersionFor=getMinimumVersionFor,exports.assertMinimumVersion=assertMinimumVersion;const logger_js_1=require("./logger.js"),logger=(0,logger_js_1.createLogger)("version-info");var Capability;!function(e){e.ENVELOPE_V1="envelope-v1",e.ENVELOPE_V2="envelope-v2",e.ENVELOPE_V3="envelope-v3",e.ENVELOPE_V4="envelope-v4",e.ML_KEM_768="ml-kem-768",e.ML_DSA_65="ml-dsa-65",e.X25519_ECDH="x25519-ecdh",e.ED25519_SIG="ed25519-sig",e.XORIDA="xorida",e.SPLIT_CHANNEL="split-channel",e.TRUST_REGISTRY="trust-registry",e.SERVICE_DISCOVERY="service-discovery",e.INVITE_SYSTEM="invite-system",e.AGENT_CALL="agent-call",e.XFETCH="xfetch",e.DUAL_MODE="dual-mode",e.BACKUP_RESTORE="backup-restore",e.CORRELATION_ID="correlation-id",e.STRUCTURED_LOGGING="structured-logging",e.DID_SUCCESSION="did-succession",e.GATEWAY_STATE="gateway-state",e.SUBSCRIPTION_PROOF="subscription-proof",e.POLICY_ENGINE="policy-engine",e.APPROVAL_FLOW="approval-flow",e.GUARDRAILS="guardrails",e.HTTP_COMPAT="http-compat",e.DID_WEB="did-web",e.DID_PRIVATEME="did:privateme",e.REDIS_NONCE="redis-nonce",e.RETRY_TRANSPORT="retry-transport"}(Capability||(exports.Capability=Capability={}));const VERSION_METADATA={semver:"3.0.0",major:1,minor:4,patch:2,prerelease:void 0,build:void 0,features:[Capability.ENVELOPE_V1,Capability.ENVELOPE_V2,Capability.ENVELOPE_V3,Capability.ENVELOPE_V4,Capability.ML_KEM_768,Capability.ML_DSA_65,Capability.X25519_ECDH,Capability.ED25519_SIG,Capability.XORIDA,Capability.SPLIT_CHANNEL,Capability.TRUST_REGISTRY,Capability.SERVICE_DISCOVERY,Capability.INVITE_SYSTEM,Capability.AGENT_CALL,Capability.XFETCH,Capability.DUAL_MODE,Capability.BACKUP_RESTORE,Capability.CORRELATION_ID,Capability.STRUCTURED_LOGGING,Capability.DID_SUCCESSION,Capability.GATEWAY_STATE,Capability.SUBSCRIPTION_PROOF,Capability.POLICY_ENGINE,Capability.APPROVAL_FLOW,Capability.GUARDRAILS,Capability.HTTP_COMPAT,Capability.DID_WEB,Capability.DID_PRIVATEME,Capability.REDIS_NONCE,Capability.RETRY_TRANSPORT],deprecated:[{name:"envelope-v1",since:"1.2.0",removedIn:"2.0.0",migration:"Use createEnvelopeV2() or higher for split-channel support",docs:"https://private.me/docs/xbind/migration-v2"}],buildDate:(new Date).toISOString(),nodeVersion:process.version};function getVersion(){return Object.freeze({...VERSION_METADATA})}function hasCapability(e){return VERSION_METADATA.features.includes(e)}function getCapabilities(){return Object.freeze([...VERSION_METADATA.features])}function getDeprecationInfo(e){return VERSION_METADATA.deprecated.find(i=>i.name===e)}const warnedFeatures=new Set;function warnIfDeprecated(e){if(warnedFeatures.has(e))return;const i=getDeprecationInfo(e);if(!i)return;warnedFeatures.add(e);const r=[`Feature "${e}" is deprecated since v${i.since}`,i.removedIn?`and will be removed in v${i.removedIn}.`:".",i.migration].join(" ");logger.warn(r,{feature:e,deprecatedSince:i.since,removedIn:i.removedIn,docs:i.docs}),"undefined"!=typeof console&&console.warn&&(console.warn(`[xBind] ${r}`),i.docs&&console.warn(`[xBind] See: ${i.docs}`))}function parseVersion(e){const i=e.match(/^(\d+)\.(\d+)\.(\d+)(?:-([a-zA-Z0-9.-]+))?(?:\+([a-zA-Z0-9.-]+))?$/);if(!(i&&i[1]&&i[2]&&i[3]))throw new Error(`Invalid semantic version: ${e}`);return{major:parseInt(i[1],10),minor:parseInt(i[2],10),patch:parseInt(i[3],10),prerelease:i[4]||void 0,build:i[5]||void 0}}function compareVersions(e,i){const r=parseVersion(e),a=parseVersion(i);if(r.major<a.major)return-1;if(r.major>a.major)return 1;if(r.minor<a.minor)return-1;if(r.minor>a.minor)return 1;if(r.patch<a.patch)return-1;if(r.patch>a.patch)return 1;if(r.prerelease&&!a.prerelease)return-1;if(!r.prerelease&&a.prerelease)return 1;if(r.prerelease&&a.prerelease){if(r.prerelease<a.prerelease)return-1;if(r.prerelease>a.prerelease)return 1}return 0}function checkCompatibility(e){const i=VERSION_METADATA.semver;if(e.startsWith("^")){const r=e.slice(1),a=parseVersion(r);return parseVersion(i).major!==a.major?{compatible:!1,message:`Incompatible major version. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ^${r})`,severity:"info",required:e,actual:i}}if(e.startsWith("~")){const r=e.slice(1),a=parseVersion(r),t=parseVersion(i);return t.major!==a.major||t.minor!==a.minor?{compatible:!1,message:`Incompatible version. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ~${r})`,severity:"info",required:e,actual:i}}let r,a,t;try{r=compareVersions(i,e)}catch(r){return{compatible:!1,message:`Invalid version format: ${e}`,severity:"error",required:e,actual:i}}if(0===r)return{compatible:!0,message:`Exact version match (${i})`,severity:"info",required:e,actual:i};if(r<0)return{compatible:!1,message:`SDK version too old. Required: ${e}, Current: ${i}`,severity:"error",required:e,actual:i};try{a=parseVersion(e),t=parseVersion(i)}catch(r){return{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}return t.major>a.major?{compatible:!1,message:`Breaking changes in SDK. Required: ${e}, Current: ${i}`,severity:"warning",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}function getMinimumVersionFor(e){return{[Capability.ENVELOPE_V1]:"1.0.0",[Capability.ENVELOPE_V2]:"1.1.0",[Capability.ENVELOPE_V3]:"1.2.0",[Capability.ENVELOPE_V4]:"1.3.0",[Capability.ML_KEM_768]:"1.2.0",[Capability.ML_DSA_65]:"1.3.0",[Capability.X25519_ECDH]:"1.0.0",[Capability.ED25519_SIG]:"1.0.0",[Capability.XORIDA]:"1.0.0",[Capability.SPLIT_CHANNEL]:"1.1.0",[Capability.TRUST_REGISTRY]:"1.0.0",[Capability.SERVICE_DISCOVERY]:"1.1.0",[Capability.INVITE_SYSTEM]:"1.1.0",[Capability.AGENT_CALL]:"1.0.0",[Capability.XFETCH]:"1.2.0",[Capability.DUAL_MODE]:"1.2.0",[Capability.BACKUP_RESTORE]:"1.3.0",[Capability.CORRELATION_ID]:"1.3.0",[Capability.STRUCTURED_LOGGING]:"1.3.0",[Capability.DID_SUCCESSION]:"1.2.0",[Capability.GATEWAY_STATE]:"1.2.0",[Capability.SUBSCRIPTION_PROOF]:"1.2.0",[Capability.POLICY_ENGINE]:"1.1.0",[Capability.APPROVAL_FLOW]:"1.1.0",[Capability.GUARDRAILS]:"1.2.0",[Capability.HTTP_COMPAT]:"1.2.0",[Capability.DID_WEB]:"1.1.0",[Capability.DID_PRIVATEME]:"1.2.0",[Capability.REDIS_NONCE]:"1.1.0",[Capability.RETRY_TRANSPORT]:"1.1.0"}[e]}function assertMinimumVersion(e,i){const r=checkCompatibility(e);if(!r.compatible&&"error"===r.severity){const a=i?`${i} requires xBind >= ${e} (current: ${VERSION_METADATA.semver})`:r.message;throw new Error(a)}}

package/dist-standalone/cjs/xfetch.js

@@ -1,252 +1 @@
-"use strict";
-/**
- * @module xfetch
- * Drop-in fetch() replacement with auto-upgrade to xBind
- *
- * Provides transparent upgrade from HTTP to xBind when both parties support it.
- * Falls back to regular HTTP fetch() when xBind is not available.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.xfetch = xfetch;
-exports.isXBindSupported = isXBindSupported;
-exports.getXBindCapability = getXBindCapability;
-const agent_js_1 = require("./agent.js");
-const agent_call_js_1 = require("./agent-call.js");
-/**
- * Check if endpoint supports xBind
- *
- * Sends OPTIONS request with xBind capability header.
- * Endpoint responds with xBind-Support header if available.
- *
- * @param url - Target URL
- * @returns Capability check result
- */
-async function checkXBindSupport(url) {
-    try {
-        const response = await fetch(url, {
-            method: 'OPTIONS',
-            headers: {
-                'X-Capability-Check': 'xbind',
-            },
-        });
-        const supported = response.headers.get('X-xBind-Support') === 'true';
-        if (!supported) {
-            return { supported: false };
-        }
-        return {
-            supported: true,
-            endpoint: response.headers.get('X-xBind-Endpoint') || undefined,
-            peerDID: response.headers.get('X-xBind-DID') || undefined,
-            version: response.headers.get('X-xBind-Version') || undefined,
-        };
-    }
-    catch (error) {
-        // Network error or CORS - assume no xBind support
-        return { supported: false };
-    }
-}
-/**
- * Send request via xBind transport
- *
- * @param url - Target URL
- * @param capability - xBind capability info
- * @param options - Request options
- * @param agent - Agent instance
- * @returns xBind response
- */
-async function sendViaXBind(url, capability, options, agent) {
-    const startTime = Date.now();
-    // TODO: Integrate with Agent.send() when transport layer is ready
-    // For now, placeholder that will be completed by transport layer work
-    throw new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.NETWORK_ERROR, 'xBind transport not yet implemented - requires transport layer (xchange/xfetch integration)', {
-        url,
-        peerDID: capability.peerDID,
-        nextSteps: [
-            'Complete Agent.send() integration',
-            'Implement xBind message envelope',
-            'Add DID-based authentication',
-        ],
-    });
-}
-/**
- * Send request via standard HTTP fetch
- *
- * @param url - Target URL
- * @param options - Request options
- * @returns HTTP response wrapped as XFetchResponse
- */
-async function sendViaHTTP(url, options) {
-    const startTime = Date.now();
-    // Remove xFetch-specific options before passing to fetch
-    const { forceXBind, disableXBind, agent, retry, ...fetchOptions } = options;
-    const response = await fetch(url, fetchOptions);
-    const latency = Date.now() - startTime;
-    // Wrap Response with xFetch metadata
-    return Object.assign(response, {
-        usedXBind: false,
-        transport: {
-            protocol: url.startsWith('https') ? 'https' : 'http',
-            latency,
-        },
-    });
-}
-/**
- * Retry logic with exponential backoff
- *
- * @param fn - Function to retry
- * @param options - Retry configuration
- * @returns Result of function
- */
-async function withRetry(fn, options) {
-    const maxAttempts = options?.maxAttempts ?? 3;
-    const initialDelay = options?.initialDelay ?? 1000;
-    const multiplier = options?.multiplier ?? 2;
-    let lastError;
-    let delay = initialDelay;
-    for (let attempt = 1; attempt <= maxAttempts; attempt++) {
-        try {
-            return await fn();
-        }
-        catch (error) {
-            lastError = error instanceof Error ? error : new Error(String(error));
-            // Don't retry on client errors (4xx)
-            if (error instanceof Response && error.status >= 400 && error.status < 500) {
-                throw error;
-            }
-            if (attempt < maxAttempts) {
-                await new Promise((resolve) => setTimeout(resolve, delay));
-                delay *= multiplier;
-            }
-        }
-    }
-    throw lastError;
-}
-/**
- * xFetch - Drop-in fetch() replacement with auto-upgrade to xBind
- *
- * @param url - Target URL
- * @param options - Request options (extends fetch RequestInit)
- * @returns Response with xBind metadata
- *
- * @example
- * ```typescript
- * // Basic usage (auto-upgrades to xBind if supported)
- * const response = await xfetch('https://api.example.com/data');
- * console.log('Used xBind?', response.usedXBind);
- * const data = await response.json();
- * ```
- *
- * @example
- * ```typescript
- * // Force xBind (fail if not supported)
- * const response = await xfetch('https://api.example.com/secure', {
- *   forceXBind: true,
- * });
- * ```
- *
- * @example
- * ```typescript
- * // Disable xBind (HTTP only)
- * const response = await xfetch('https://api.example.com/public', {
- *   disableXBind: true,
- * });
- * ```
- *
- * @example
- * ```typescript
- * // With retry and timeout
- * const response = await xfetch('https://api.example.com/data', {
- *   timeout: 10000,
- *   retry: {
- *     maxAttempts: 5,
- *     initialDelay: 500,
- *     multiplier: 2,
- *   },
- * });
- * ```
- */
-async function xfetch(url, options = {}) {
-    // Validate URL
-    let parsedURL;
-    try {
-        parsedURL = new URL(url);
-    }
-    catch (error) {
-        throw new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.INVALID_PARAMS, `Invalid URL: ${url}`, { url, error });
-    }
-    // Only support HTTP(S) protocols
-    if (!['http:', 'https:'].includes(parsedURL.protocol)) {
-        throw new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.INVALID_PARAMS, `Unsupported protocol: ${parsedURL.protocol}`, { url, protocol: parsedURL.protocol });
-    }
-    // Apply timeout if specified
-    const timeout = options.timeout ?? 30000;
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), timeout);
-    try {
-        // Merge abort signals if user provided one
-        const signal = options.signal
-            ? AbortSignal.any?.([options.signal, controller.signal]) ?? controller.signal
-            : controller.signal;
-        const requestOptions = {
-            ...options,
-            signal,
-        };
-        // If xBind is explicitly disabled, use HTTP directly
-        if (options.disableXBind) {
-            return await withRetry(() => sendViaHTTP(url, requestOptions), options.retry);
-        }
-        // Check if endpoint supports xBind
-        const capability = await checkXBindSupport(url);
-        // If xBind is forced but not supported, fail
-        if (options.forceXBind && !capability.supported) {
-            throw new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.NETWORK_ERROR, `xBind required but endpoint does not support it: ${url}`, { url, forceXBind: true, capability });
-        }
-        // If xBind is supported, use it
-        if (capability.supported) {
-            // Create or use provided agent
-            const agent = options.agent ?? await agent_js_1.Agent.from({ identity: 'ephemeral', identityTTL: 3600000 });
-            return await withRetry(() => sendViaXBind(url, capability, requestOptions, agent), options.retry);
-        }
-        // Fallback to HTTP
-        return await withRetry(() => sendViaHTTP(url, requestOptions), options.retry);
-    }
-    finally {
-        clearTimeout(timeoutId);
-    }
-}
-/**
- * Check if a URL supports xBind
- *
- * Utility function for checking xBind support before making a request.
- *
- * @param url - URL to check
- * @returns True if endpoint supports xBind
- *
- * @example
- * ```typescript
- * const supported = await isXBindSupported('https://api.example.com');
- * if (supported) {
- *   console.log('Endpoint supports xBind - request will be upgraded');
- * }
- * ```
- */
-async function isXBindSupported(url) {
-    const capability = await checkXBindSupport(url);
-    return capability.supported;
-}
-/**
- * Get xBind capability information for a URL
- *
- * @param url - URL to check
- * @returns Capability information
- *
- * @example
- * ```typescript
- * const info = await getXBindCapability('https://api.example.com');
- * console.log('Peer DID:', info.peerDID);
- * console.log('xBind version:', info.version);
- * ```
- */
-async function getXBindCapability(url) {
-    return checkXBindSupport(url);
-}
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.xfetch=xfetch,exports.isXBindSupported=isXBindSupported,exports.getXBindCapability=getXBindCapability;const agent_js_1=require("./agent.js"),agent_call_js_1=require("./agent-call.js");async function checkXBindSupport(t){try{const e=await fetch(t,{method:"OPTIONS",headers:{"X-Capability-Check":"xbind"}});return"true"===e.headers.get("X-xBind-Support")?{supported:!0,endpoint:e.headers.get("X-xBind-Endpoint")||void 0,peerDID:e.headers.get("X-xBind-DID")||void 0,version:e.headers.get("X-xBind-Version")||void 0}:{supported:!1}}catch(t){return{supported:!1}}}async function sendViaXBind(t,e,r,n){const o=Date.now();if(!e.peerDID)throw new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.NETWORK_ERROR,"Server supports xBind but did not provide X-xBind-DID header",{url:t,capability:e});const a=e.peerDID,i=e.endpoint||t,s=new Uint8Array(16);crypto.getRandomValues(s);const c=Array.from(s).map(t=>t.toString(16).padStart(2,"0")).join(""),d=`xfetch_${Date.now()}_${c}`,l={correlationId:d,method:r.method||"GET",url:t,headers:r.headers||{},body:r.body?"string"==typeof r.body?r.body:JSON.stringify(r.body):void 0};return new Promise((e,s)=>{const c=setTimeout(()=>{s(new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.TIMEOUT,"xBind request timed out waiting for response",{url:t,correlationId:d,timeout:r.timeout||3e4}))},r.timeout||3e4);(async()=>{try{const p=await n.send({to:a,payload:l,scope:"xfetch",action:"http_request"});if(!p.ok)return clearTimeout(c),void s(new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.NETWORK_ERROR,`Failed to send xBind request: ${p.error}`,{url:t,error:p.error}));const u=`${i}/response/${d}`,_=100,g=(r.timeout||3e4)/_;for(let t=0;t<g;t++){await new Promise(t=>setTimeout(t,_));try{const t=await fetch(u);if(200===t.status){clearTimeout(c);const r=Date.now()-o;return void e(Object.assign(t,{usedXBind:!0,transport:{protocol:"xbind",latency:r,peerDID:a}}))}}catch(t){continue}}clearTimeout(c),s(new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.TIMEOUT,"Response not available after polling",{url:t,correlationId:d,polls:g}))}catch(e){clearTimeout(c),s(e instanceof agent_call_js_1.AgentError?e:new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.NETWORK_ERROR,"xBind request failed",{url:t,error:String(e)}))}})()})}async function sendViaHTTP(t,e){const r=Date.now(),{forceXBind:n,disableXBind:o,agent:a,retry:i,...s}=e,c=await fetch(t,s),d=Date.now()-r;return Object.assign(c,{usedXBind:!1,transport:{protocol:t.startsWith("https")?"https":"http",latency:d}})}async function withRetry(t,e){const r=e?.maxAttempts??3,n=e?.initialDelay??1e3,o=e?.multiplier??2;let a,i=n;for(let e=1;e<=r;e++)try{return await t()}catch(t){if(a=t instanceof Error?t:new Error(String(t)),t instanceof Response&&t.status>=400&&t.status<500)throw t;e<r&&(await new Promise(t=>setTimeout(t,i)),i*=o)}throw a}async function xfetch(t,e={}){let r;try{r=new URL(t)}catch(e){throw new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.INVALID_PARAMS,`Invalid URL: ${t}`,{url:t,error:e})}if(!["http:","https:"].includes(r.protocol))throw new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.INVALID_PARAMS,`Unsupported protocol: ${r.protocol}`,{url:t,protocol:r.protocol});const n=e.timeout??3e4,o=new AbortController,a=setTimeout(()=>o.abort(),n);try{const r=e.signal?AbortSignal.any?.([e.signal,o.signal])??o.signal:o.signal,n={...e,signal:r};if(e.disableXBind)return await withRetry(()=>sendViaHTTP(t,n),e.retry);const a=await checkXBindSupport(t);if(e.forceXBind&&!a.supported)throw new agent_call_js_1.AgentError(agent_call_js_1.AgentErrorCode.NETWORK_ERROR,`xBind required but endpoint does not support it: ${t}`,{url:t,forceXBind:!0,capability:a});if(a.supported){const r=e.agent??await agent_js_1.Agent.from({identity:"ephemeral",identityTTL:36e5});return await withRetry(()=>sendViaXBind(t,a,n,r),e.retry)}return await withRetry(()=>sendViaHTTP(t,n),e.retry)}finally{clearTimeout(a)}}async function isXBindSupported(t){return(await checkXBindSupport(t)).supported}async function getXBindCapability(t){return checkXBindSupport(t)}