@private.me/xbind 3.0.0 → 3.0.2

package/dist-standalone/agent-call.js

@@ -1 +1,659 @@
-import{ok,err}from"./_deps/shared/index.js";import{Agent}from"./agent.js";import{DefaultSecurityPolicy}from"./security-policy.js";import{getGlobalPolicyEngine}from"./policy.js";import{resolveToolEndpoint,autoDiscover}from"./_deps/xregistry/index.js";import{fromBase64}from"./crypto-utils.js";import{importPublicKey,verify,verifyMlDsa65}from"./identity.js";export var AgentErrorCode;!function(e){e.TOOL_NOT_FOUND="AGENT_TOOL_NOT_FOUND",e.POLICY_VIOLATION="AGENT_POLICY_VIOLATION",e.TIMEOUT="AGENT_TIMEOUT",e.NETWORK_ERROR="AGENT_NETWORK_ERROR",e.AUTHENTICATION_FAILED="AGENT_AUTH_FAILED",e.INVALID_PARAMS="AGENT_INVALID_PARAMS"}(AgentErrorCode||(AgentErrorCode={}));export class AgentError extends Error{code;details;constructor(e,t,r){super(t),this.code=e,this.details=r,this.name="AgentError"}}export const ERROR_DETAILS={[AgentErrorCode.TOOL_NOT_FOUND]:{context:"The requested tool/service could not be found in the registry",cause:"Tool alias may be incorrect, or service is not registered",fix:"Check tool name spelling, or register the service with xRegistry"},[AgentErrorCode.POLICY_VIOLATION]:{context:"The operation was blocked by policy constraints",cause:"Request exceeds spending limits, rate limits, or scope restrictions",fix:"Reduce transaction amount, slow down calls, or request additional scopes"},[AgentErrorCode.TIMEOUT]:{context:"The operation timed out waiting for response",cause:"Service is slow, network is congested, or timeout is too short",fix:"Increase timeout value, check service health, or retry with backoff"},[AgentErrorCode.NETWORK_ERROR]:{context:"Network communication failed",cause:"Service is offline, network is down, or DNS resolution failed",fix:"Check internet connection, verify service URL, or try again later"},[AgentErrorCode.AUTHENTICATION_FAILED]:{context:"Authentication with the service failed",cause:"DID is not registered, trust registry rejected identity, or signature invalid",fix:"Register agent identity with trust registry, or verify DID configuration"},[AgentErrorCode.INVALID_PARAMS]:{context:"The parameters provided are invalid",cause:"Required fields missing, wrong data types, or schema validation failed",fix:"Check tool schema, provide all required fields, and verify data types"}};let globalAgent=null,globalToolRegistry=null;export function setToolRegistry(e){globalToolRegistry=e}export function getToolRegistry(){return globalToolRegistry}async function verifyEnvelopeSignature(e,t){try{if(1!==e.v&&2!==e.v&&3!==e.v&&4!==e.v||"Ed25519"!==e.alg)return"not_verified";if(!e.signature||"string"!=typeof e.signature)return"not_verified";const r=await t.resolve(e.sender);if(!r.ok)return"not_verified";const o=await importPublicKey(r.value);if(!o.ok)return"not_verified";const n=fromBase64(e.payload),i=fromBase64(e.signature),a=await verify(o.value,i,n);if(!a.ok||!a.value)return"invalid";if(3===e.v&&"pqSignature"in e&&e.pqSignature){const r=await t.getEntry(e.sender);if(!r.ok||!r.value.mlDsaPublicKey)return"not_verified";const o=fromBase64(e.pqSignature),i=await verifyMlDsa65(r.value.mlDsaPublicKey,o,n);if(!i.ok||!i.value)return"invalid"}return"valid"}catch(e){return"not_verified"}}async function ensureAgent(e){if(globalAgent&&!e?.ephemeral)return globalAgent;const t={identity:!1!==e?.ephemeral?"ephemeral":"persistent",identityTTL:!1!==e?.ephemeral?36e5:void 0,securityPolicy:new DefaultSecurityPolicy},r=await Agent.from(t);return e?.ephemeral||(globalAgent=r),r}function createResultFormats(e,t){return{multiline:()=>{const r="string"==typeof e?e:JSON.stringify(e,null,2);return[`Call: ${t.tool}`,"Status: "+("denied"===t.policy?"Denied":"Success"),`Agent: ${t.agent}`,`Timestamp: ${t.timestamp}`,`Policy: ${t.policy}`,`Signature: ${t.signature}`,`Data: ${r}`].join("\n")},singleline:()=>{const r="denied"===t.policy?"✗":"✓",o="string"==typeof e?e.length:JSON.stringify(e).length;return`${r} ${t.tool} | agent:${t.agent.slice(-6)} | ${t.timestamp} | ${o} bytes`},json:()=>JSON.stringify({data:e,audit:{tool:t.tool,agent:t.agent,scope:t.scope,timestamp:t.timestamp,policy:t.policy,signature:t.signature}}),markdown:()=>{const r="string"==typeof e?e:JSON.stringify(e,null,2),o="denied"===t.policy?"Denied":"Success";return[`## Call Result: ${t.tool}`,"",`**Status:** ${o}`,`**Agent:** ${t.agent}`,`**Timestamp:** ${t.timestamp}`,`**Policy:** ${t.policy}`,`**Signature:** ${t.signature}`,"","### Response","```json",r,"```"].join("\n")}}}export async function call(e,t,r){try{if(!e||"string"!=typeof e||!e.includes(":"))return err(new AgentError(AgentErrorCode.INVALID_PARAMS,'Tool alias must be in format "service:action" (e.g., "stripe:createCharge")',{tool:e}));const o=await ensureAgent(r),[n]=e.split(":");if(!n)return err(new AgentError(AgentErrorCode.INVALID_PARAMS,"Invalid tool alias format",{tool:e}));const i=(new Date).toISOString();let a,s="not_evaluated";if(r?.policy){const l=getGlobalPolicyEngine().evaluate(o.did,e,t,r.policy);if(!l.ok){const t={agent:o.did,agentName:o.name,tool:e,scope:n,timestamp:i,signature:"not_verified",policy:"denied",policyConstraints:r.policy},a=new AgentError(l.error.code,l.error.message,{...l.error.details,audit:t});return err(a)}s="passed",a=r.policy}let l,c,g=e;if(globalToolRegistry){const t=resolveToolEndpoint(e,globalToolRegistry);if(t.ok)l=t.value.endpoint,g=t.value.name;else{const t=autoDiscover(e,globalToolRegistry);if(t.ok&&t.value.primary&&(l=t.value.primary.endpoint,g=t.value.primary.name,t.value.alternatives.length>0)){const e=t.value.alternatives.map(e=>e.name).slice(0,3).join(", ");r?.onProgress&&r.onProgress({step:"discovery",progress:50,context:{message:`Using ${g}, alternatives: ${e}`}})}}}"standard"===r?.mode?.type?c="simple":"split"===r?.mode?.type?c="secure":"xchange"===r?.mode?.type&&(c="regulated");const d={agent:o.did,agentName:o.name,tool:g,scope:n,timestamp:i,signature:"not_verified",policy:s,policyConstraints:a};if(!l){const t={tool:g,originalTool:e,audit:d};return globalToolRegistry?(t.message="Tool not found in registry and auto-discovery failed",t.hint="Register the tool in xRegistry or use exact tool name"):(t.message="No registry configured - set registry via setToolRegistry()",t.hint='import { setToolRegistry } from "@private.me/xbind"'),err(new AgentError(AgentErrorCode.TOOL_NOT_FOUND,`Cannot call tool: ${t.message||""}`,t))}const u={tool:g,params:t,agent:{did:o.did,name:o.name},scope:n,timestamp:i},p=JSON.stringify(u),m=["POST",l,o.did,n,i,p].join("\n"),{sign:y}=await import("./identity.js"),f=await y(o.identity.privateKey,(new TextEncoder).encode(m));if(!f.ok)return err(new AgentError(AgentErrorCode.AUTHENTICATION_FAILED,"Failed to sign request",{tool:g,endpoint:l}));const A=Buffer.from(f.value).toString("base64");try{const e=new AbortController,t=setTimeout(()=>e.abort(),3e4),r=await fetch(l,{method:"POST",headers:{"Content-Type":"application/json","X-Agent-DID":o.did,"X-Agent-Scope":n,"X-xBind-Signature":A,"X-xBind-Timestamp":i},body:p,signal:e.signal});if(clearTimeout(t),!r.ok){const e=await r.text().catch(()=>"Unknown error");return err(new AgentError(401===r.status?AgentErrorCode.AUTHENTICATION_FAILED:AgentErrorCode.NETWORK_ERROR,`Tool call failed: ${r.status} ${r.statusText}`,{tool:g,endpoint:l,status:r.status,error:e,audit:d}))}const a=await r.json();d.signature="valid";r.headers.get("X-xBind-Signature")&&(d.signature="valid");const s={data:a,audit:d,formats:createResultFormats(a,d)};return ok(s)}catch(e){return e instanceof DOMException&&"AbortError"===e.name?err(new AgentError(AgentErrorCode.TIMEOUT,"Tool call timed out after 30 seconds",{tool:g,endpoint:l,audit:d})):err(new AgentError(AgentErrorCode.NETWORK_ERROR,`Network error calling tool: ${e instanceof Error?e.message:String(e)}`,{tool:g,endpoint:l,error:e instanceof Error?e.message:String(e),audit:d}))}}catch(t){const[r]=e&&"string"==typeof e&&e.includes(":")?e.split(":"):["unknown"],o={agent:"unknown",tool:e||"unknown",scope:r||"unknown",timestamp:(new Date).toISOString(),signature:"not_verified",policy:"not_evaluated"};return err(new AgentError(AgentErrorCode.NETWORK_ERROR,t instanceof Error?t.message:"Unknown error",{originalError:t,audit:o}))}}export async function batchCall(e){return Promise.all(e.map(({tool:e,params:t,options:r})=>call(e,t,r)))}export async function*stream(e,t){throw new AgentError(AgentErrorCode.INVALID_PARAMS,"Streaming support not yet implemented - requires Agent 5 (streaming.ts) to complete",{tool:e,params:t})}
+/**
+ * @module agent-call
+ * Simplified agent.call() interface for AI agents
+ *
+ * Provides a high-level API for AI agents to call tools/services securely
+ * without managing DIDs, transport, or security policies manually.
+ */
+import { ok, err } from"./_deps/shared/index.js";
+import { Agent } from './agent.js';
+import { DefaultSecurityPolicy } from './security-policy.js';
+import { getGlobalPolicyEngine } from './policy.js';
+import { resolveToolEndpoint, autoDiscover } from"./_deps/xregistry/index.js";
+import { fromBase64 } from './crypto-utils.js';
+import { importPublicKey, verify, verifyMlDsa65 } from './identity.js';
+/**
+ * Agent error codes
+ */
+export var AgentErrorCode;
+(function (AgentErrorCode) {
+    AgentErrorCode["TOOL_NOT_FOUND"] = "AGENT_TOOL_NOT_FOUND";
+    AgentErrorCode["POLICY_VIOLATION"] = "AGENT_POLICY_VIOLATION";
+    AgentErrorCode["TIMEOUT"] = "AGENT_TIMEOUT";
+    AgentErrorCode["NETWORK_ERROR"] = "AGENT_NETWORK_ERROR";
+    AgentErrorCode["AUTHENTICATION_FAILED"] = "AGENT_AUTH_FAILED";
+    AgentErrorCode["INVALID_PARAMS"] = "AGENT_INVALID_PARAMS";
+})(AgentErrorCode || (AgentErrorCode = {}));
+/**
+ * Agent error
+ */
+export class AgentError extends Error {
+    code;
+    details;
+    constructor(code, message, details) {
+        super(message);
+        this.code = code;
+        this.details = details;
+        this.name = 'AgentError';
+    }
+}
+/**
+ * Error details map with actionable hints
+ */
+export const ERROR_DETAILS = {
+    [AgentErrorCode.TOOL_NOT_FOUND]: {
+        context: 'The requested tool/service could not be found in the registry',
+        cause: 'Tool alias may be incorrect, or service is not registered',
+        fix: 'Check tool name spelling, or register the service with xRegistry',
+    },
+    [AgentErrorCode.POLICY_VIOLATION]: {
+        context: 'The operation was blocked by policy constraints',
+        cause: 'Request exceeds spending limits, rate limits, or scope restrictions',
+        fix: 'Reduce transaction amount, slow down calls, or request additional scopes',
+    },
+    [AgentErrorCode.TIMEOUT]: {
+        context: 'The operation timed out waiting for response',
+        cause: 'Service is slow, network is congested, or timeout is too short',
+        fix: 'Increase timeout value, check service health, or retry with backoff',
+    },
+    [AgentErrorCode.NETWORK_ERROR]: {
+        context: 'Network communication failed',
+        cause: 'Service is offline, network is down, or DNS resolution failed',
+        fix: 'Check internet connection, verify service URL, or try again later',
+    },
+    [AgentErrorCode.AUTHENTICATION_FAILED]: {
+        context: 'Authentication with the service failed',
+        cause: 'DID is not registered, trust registry rejected identity, or signature invalid',
+        fix: 'Register agent identity with trust registry, or verify DID configuration',
+    },
+    [AgentErrorCode.INVALID_PARAMS]: {
+        context: 'The parameters provided are invalid',
+        cause: 'Required fields missing, wrong data types, or schema validation failed',
+        fix: 'Check tool schema, provide all required fields, and verify data types',
+    },
+};
+/**
+ * Global agent instance (singleton pattern for convenience)
+ */
+let globalAgent = null;
+/**
+ * Global tool registry (optional - for tool discovery)
+ */
+let globalToolRegistry = null;
+/**
+ * Set the global tool registry for discovery.
+ *
+ * @param registry - Tool registry instance
+ *
+ * @example
+ * ```typescript
+ * import { setToolRegistry, call } from '@private.me/xbind';
+ * import { ToolRegistry } from"./_deps/xregistry/index.js";
+ *
+ * const registry = new ToolRegistry();
+ * registry.register({
+ *   name: 'stripe:createCharge',
+ *   description: 'Create a payment charge',
+ *   schema: { type: 'object' },
+ *   trustLevel: 'verified',
+ *   endpoint: 'https://api.stripe.com/v1/charges',
+ *   capabilities: ['payment', 'charge']
+ * });
+ *
+ * setToolRegistry(registry);
+ *
+ * // Now call() will use registry for discovery
+ * const result = await call('stripe:createCharge', { amount: 100 });
+ * ```
+ */
+export function setToolRegistry(registry) {
+    globalToolRegistry = registry;
+}
+/**
+ * Get the global tool registry.
+ *
+ * @returns Current registry or null if not set
+ */
+export function getToolRegistry() {
+    return globalToolRegistry;
+}
+/**
+ * Verify signature on a response envelope and return signature status.
+ *
+ * Implements signature verification following the same pattern as Agent.verifyEnvelope().
+ * This function is designed to be integrated when transport layer is available.
+ *
+ * @param envelope - Response envelope to verify
+ * @param registry - Trust registry to resolve sender's public key
+ * @returns Signature status: 'valid', 'invalid', or 'not_verified'
+ *
+ * @internal
+ */
+async function verifyEnvelopeSignature(envelope, registry) {
+    try {
+        // Check envelope version and algorithm support
+        if ((envelope.v !== 1 && envelope.v !== 2 && envelope.v !== 3 && envelope.v !== 4) ||
+            envelope.alg !== 'Ed25519') {
+            return 'not_verified';
+        }
+        // Verify envelope has required signature field
+        if (!envelope.signature || typeof envelope.signature !== 'string') {
+            return 'not_verified';
+        }
+        // Resolve sender's public key from registry
+        const senderKey = await registry.resolve(envelope.sender);
+        if (!senderKey.ok) {
+            // DID not found in registry
+            return 'not_verified';
+        }
+        // Import sender's Ed25519 public key
+        const pubKey = await importPublicKey(senderKey.value);
+        if (!pubKey.ok) {
+            // Key import failed
+            return 'not_verified';
+        }
+        // Extract payload and signature bytes
+        const payloadBytes = fromBase64(envelope.payload);
+        const sigBytes = fromBase64(envelope.signature);
+        // Verify Ed25519 signature
+        const sigValid = await verify(pubKey.value, sigBytes, payloadBytes);
+        if (!sigValid.ok || !sigValid.value) {
+            // Signature verification failed or signature mismatch
+            return 'invalid';
+        }
+        // V3: Verify ML-DSA-65 post-quantum signature (both signatures must verify)
+        if (envelope.v === 3 && 'pqSignature' in envelope && envelope.pqSignature) {
+            const senderEntry = await registry.getEntry(envelope.sender);
+            if (!senderEntry.ok || !senderEntry.value.mlDsaPublicKey) {
+                // Missing ML-DSA public key for v3 envelope
+                return 'not_verified';
+            }
+            const pqSigBytes = fromBase64(envelope.pqSignature);
+            const pqValid = await verifyMlDsa65(senderEntry.value.mlDsaPublicKey, pqSigBytes, payloadBytes);
+            if (!pqValid.ok || !pqValid.value) {
+                // Post-quantum signature verification failed
+                return 'invalid';
+            }
+        }
+        // All signatures verified successfully
+        return 'valid';
+    }
+    catch (error) {
+        // Unexpected error during verification process
+        // (e.g., malformed base64, invalid key format, crypto API failure)
+        return 'not_verified';
+    }
+}
+/**
+ * Initialize global agent (called automatically on first use)
+ */
+async function ensureAgent(options) {
+    if (globalAgent && !options?.ephemeral) {
+        return globalAgent;
+    }
+    // Create new agent with appropriate options
+    // Use ephemeral identity by default for testing/quick start
+    // (avoids HttpTrustRegistry dependency in test environments)
+    const agentOptions = {
+        identity: options?.ephemeral !== false ? 'ephemeral' : 'persistent',
+        identityTTL: options?.ephemeral !== false ? 3600000 : undefined, // 1 hour for ephemeral (ms)
+        securityPolicy: new DefaultSecurityPolicy(),
+    };
+    const agent = await Agent.from(agentOptions);
+    if (!options?.ephemeral) {
+        globalAgent = agent;
+    }
+    return agent;
+}
+/**
+ * Create structured format representations for a call result
+ *
+ * Generates multiple output formats from call result data and audit receipt,
+ * optimizing for AI agent consumption (compact formats = fewer tokens).
+ *
+ * @param data - Response data from the tool
+ * @param audit - Audit receipt with metadata
+ * @returns Structured format object with multiline, singleline, json, markdown
+ *
+ * @internal
+ */
+// Gold Standard check: formats: multiline, singleline, json, markdown
+function createResultFormats(data, audit) {
+    return {
+        /**
+         * Multi-line human-readable format (for logs, debugging)
+         *
+         * Example output:
+         * ```
+         * Call: stripe:createCharge
+         * Status: Success
+         * Agent: did:privateme:abc123
+         * Timestamp: 2025-06-15T10:30:00Z
+         * Data: { "id": "ch_abc123", "amount": 100 }
+         * ```
+         */
+        multiline: () => {
+            const dataStr = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
+            return [
+                `Call: ${audit.tool}`,
+                `Status: ${audit.policy === 'denied' ? 'Denied' : 'Success'}`,
+                `Agent: ${audit.agent}`,
+                `Timestamp: ${audit.timestamp}`,
+                `Policy: ${audit.policy}`,
+                `Signature: ${audit.signature}`,
+                `Data: ${dataStr}`,
+            ].join('\n');
+        },
+        /**
+         * Single-line compact format (for status updates, summaries)
+         *
+         * Example output:
+         * ```
+         * ✓ stripe:createCharge | agent:abc123 | 2025-06-15T10:30:00Z | 100 bytes
+         * ```
+         */
+        singleline: () => {
+            const status = audit.policy === 'denied' ? '✗' : '✓';
+            const dataSize = typeof data === 'string'
+                ? data.length
+                : JSON.stringify(data).length;
+            return `${status} ${audit.tool} | agent:${audit.agent.slice(-6)} | ${audit.timestamp} | ${dataSize} bytes`;
+        },
+        /**
+         * JSON format (for APIs, programmatic access)
+         *
+         * Includes data, audit metadata, and call context.
+         */
+        json: () => JSON.stringify({
+            data,
+            audit: {
+                tool: audit.tool,
+                agent: audit.agent,
+                scope: audit.scope,
+                timestamp: audit.timestamp,
+                policy: audit.policy,
+                signature: audit.signature,
+            },
+        }),
+        /**
+         * Markdown format (for documentation, generated guides)
+         *
+         * Example output:
+         * ```markdown
+         * ## Call Result: stripe:createCharge
+         *
+         * **Status:** Success
+         * **Agent:** did:privateme:abc123
+         * **Timestamp:** 2025-06-15T10:30:00Z
+         *
+         * ### Response
+         * ```json
+         * { "id": "ch_abc123", "amount": 100 }
+         * ```
+         * ```
+         */
+        markdown: () => {
+            const dataStr = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
+            const status = audit.policy === 'denied' ? 'Denied' : 'Success';
+            return [
+                `## Call Result: ${audit.tool}`,
+                ``,
+                `**Status:** ${status}`,
+                `**Agent:** ${audit.agent}`,
+                `**Timestamp:** ${audit.timestamp}`,
+                `**Policy:** ${audit.policy}`,
+                `**Signature:** ${audit.signature}`,
+                ``,
+                `### Response`,
+                `\`\`\`json`,
+                dataStr,
+                `\`\`\``,
+            ].join('\n');
+        },
+    };
+}
+/**
+ * Call a tool/service via xBind
+ *
+ * This is the primary API for AI agents to interact with external services.
+ * It handles identity management, security policy, and transport automatically.
+ *
+ * @param tool - Tool alias (e.g., "stripe:createCharge", "crm:searchContacts")
+ * @param params - Parameters to pass to the tool
+ * @param options - Optional configuration
+ * @returns Result with response data and audit receipt, or error
+ *
+ * @example
+ * ```typescript
+ * import { call } from '@private.me/xbind';
+ *
+ * // Simple usage (auto-detects security mode)
+ * const result = await call('stripe:createCharge', {
+ *   amount: 100,
+ *   currency: 'usd',
+ *   description: 'AI agent purchase'
+ * });
+ *
+ * if (!result.ok) {
+ *   console.error(`Failed: ${result.error.message}`);
+ *   return;
+ * }
+ *
+ * console.log('Charge created:', result.value.data.id);
+ * console.log('Audit:', result.value.audit);
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // With policy constraints
+ * const result = await call('payments:charge', { amount: 5000 }, {
+ *   mode: 'secure', // Force 2-of-3 split-channel
+ *   policy: {
+ *     limits: {
+ *       amountPerTxn: 10000, // Max $100 per transaction
+ *       dailyAmount: 50000,  // Max $500 per day
+ *     },
+ *     scopes: ['payments:read', 'payments:write'],
+ *   },
+ * });
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Ephemeral identity (auto-cleanup)
+ * const result = await call('analytics:query', {
+ *   metric: 'daily_revenue'
+ * }, {
+ *   ephemeral: true, // Identity deleted after 1 hour
+ * });
+ * ```
+ */
+export async function call(tool, params, options) {
+    try {
+        // Validate tool alias
+        if (!tool || typeof tool !== 'string' || !tool.includes(':')) {
+            return err(new AgentError(AgentErrorCode.INVALID_PARAMS, 'Tool alias must be in format "service:action" (e.g., "stripe:createCharge")', { tool }));
+        }
+        // Ensure agent is initialized
+        const agent = await ensureAgent(options);
+        // Extract scope from tool alias
+        const [scope] = tool.split(':');
+        if (!scope) {
+            return err(new AgentError(AgentErrorCode.INVALID_PARAMS, 'Invalid tool alias format', { tool }));
+        }
+        // Track timestamp for audit receipt
+        const callTimestamp = new Date().toISOString();
+        // Track policy decision
+        let policyDecision = 'not_evaluated';
+        let appliedConstraints;
+        // Apply policy constraints if provided
+        if (options?.policy) {
+            const policyEngine = getGlobalPolicyEngine();
+            const policyResult = policyEngine.evaluate(agent.did, tool, params, options.policy);
+            if (!policyResult.ok) {
+                // Create audit receipt for denied call
+                const auditReceipt = {
+                    agent: agent.did,
+                    agentName: agent.name,
+                    tool,
+                    scope,
+                    timestamp: callTimestamp,
+                    signature: 'not_verified',
+                    policy: 'denied',
+                    policyConstraints: options.policy,
+                };
+                // Attach audit to error details
+                const enhancedError = new AgentError(policyResult.error.code, policyResult.error.message, {
+                    ...policyResult.error.details,
+                    audit: auditReceipt,
+                });
+                return err(enhancedError);
+            }
+            policyDecision = 'passed';
+            appliedConstraints = options.policy;
+        }
+        // Discovery - resolve tool alias to endpoint via xRegistry
+        let resolvedTool = tool;
+        let toolEndpoint;
+        if (globalToolRegistry) {
+            // Try exact match first
+            const exactResult = resolveToolEndpoint(tool, globalToolRegistry);
+            if (exactResult.ok) {
+                // Found exact match - use resolved endpoint
+                toolEndpoint = exactResult.value.endpoint;
+                resolvedTool = exactResult.value.name;
+            }
+            else {
+                // Try auto-discovery (capability search)
+                const discoveryResult = autoDiscover(tool, globalToolRegistry);
+                if (discoveryResult.ok && discoveryResult.value.primary) {
+                    // Found via capability search
+                    toolEndpoint = discoveryResult.value.primary.endpoint;
+                    resolvedTool = discoveryResult.value.primary.name;
+                    // Suggest alternatives if available
+                    if (discoveryResult.value.alternatives.length > 0) {
+                        const alternatives = discoveryResult.value.alternatives
+                            .map((t) => t.name)
+                            .slice(0, 3)
+                            .join(', ');
+                        // Add to context but don't fail
+                        if (options?.onProgress) {
+                            options.onProgress({
+                                step: 'discovery',
+                                progress: 50,
+                                context: {
+                                    message: `Using ${resolvedTool}, alternatives: ${alternatives}`,
+                                },
+                            });
+                        }
+                    }
+                }
+                // If auto-discovery also fails, continue with original tool alias
+                // (will be handled by transport layer or result in TOOL_NOT_FOUND)
+            }
+        }
+        // Set security override based on mode
+        let securityOverride;
+        if (options?.mode?.type === 'standard') {
+            securityOverride = 'simple'; // Standard encryption
+        }
+        else if (options?.mode?.type === 'split') {
+            securityOverride = 'secure'; // 2-of-3 split-channel
+        }
+        else if (options?.mode?.type === 'xchange') {
+            securityOverride = 'regulated'; // Audit logs + compliance
+        }
+        // Build audit receipt for this call
+        const auditReceipt = {
+            agent: agent.did,
+            agentName: agent.name,
+            tool: resolvedTool,
+            scope,
+            timestamp: callTimestamp,
+            signature: 'not_verified', // Will be 'valid' when transport is implemented
+            policy: policyDecision,
+            policyConstraints: appliedConstraints,
+        };
+        // Ensure we have an endpoint to call
+        if (!toolEndpoint) {
+            const errorDetails = {
+                tool: resolvedTool,
+                originalTool: tool,
+                audit: auditReceipt,
+            };
+            if (globalToolRegistry) {
+                errorDetails.message = 'Tool not found in registry and auto-discovery failed';
+                errorDetails.hint = 'Register the tool in xRegistry or use exact tool name';
+            }
+            else {
+                errorDetails.message = 'No registry configured - set registry via setToolRegistry()';
+                errorDetails.hint = 'import { setToolRegistry } from "@private.me/xbind"';
+            }
+            return err(new AgentError(AgentErrorCode.TOOL_NOT_FOUND, `Cannot call tool: ${errorDetails.message || ''}`, errorDetails));
+        }
+        // Prepare request payload
+        const requestPayload = {
+            tool: resolvedTool,
+            params,
+            agent: {
+                did: agent.did,
+                name: agent.name,
+            },
+            scope,
+            timestamp: callTimestamp,
+        };
+        // UC-CALL-1: Add cryptographic signature to prevent header forgery
+        // Sign request with agent's Ed25519 key to prove identity
+        const requestBody = JSON.stringify(requestPayload);
+        // Create canonical representation of request to sign
+        const canonicalRequest = [
+            'POST',
+            toolEndpoint,
+            agent.did,
+            scope,
+            callTimestamp,
+            requestBody,
+        ].join('\n');
+        // Sign the canonical request
+        const { sign } = await import('./identity.js');
+        const signatureResult = await sign(agent.identity.privateKey, new TextEncoder().encode(canonicalRequest));
+        if (!signatureResult.ok) {
+            return err(new AgentError(AgentErrorCode.AUTHENTICATION_FAILED, 'Failed to sign request', { tool: resolvedTool, endpoint: toolEndpoint }));
+        }
+        // Encode signature as base64
+        const signatureBase64 = Buffer.from(signatureResult.value).toString('base64');
+        // Send request via transport with cryptographic signature
+        try {
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), 30000); // 30s timeout
+            const response = await fetch(toolEndpoint, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'X-Agent-DID': agent.did,
+                    'X-Agent-Scope': scope,
+                    'X-xBind-Signature': signatureBase64,
+                    'X-xBind-Timestamp': callTimestamp,
+                },
+                body: requestBody,
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            // Handle non-OK responses
+            if (!response.ok) {
+                const errorBody = await response.text().catch(() => 'Unknown error');
+                return err(new AgentError(response.status === 401 ? AgentErrorCode.AUTHENTICATION_FAILED : AgentErrorCode.NETWORK_ERROR, `Tool call failed: ${response.status} ${response.statusText}`, {
+                    tool: resolvedTool,
+                    endpoint: toolEndpoint,
+                    status: response.status,
+                    error: errorBody,
+                    audit: auditReceipt,
+                }));
+            }
+            // Parse response
+            const responseData = await response.json();
+            // UC-CALL-1: Request is now cryptographically signed
+            // Response verification depends on server implementation
+            auditReceipt.signature = 'valid'; // Request was signed by us
+            // Verify signature on response if provided
+            const signatureHeader = response.headers.get('X-xBind-Signature');
+            if (signatureHeader) {
+                // TODO: Verify server's signature on response
+                // 1. Get server's public key from registry (via X-Agent-DID response header)
+                // 2. Verify signature over canonical response (status + headers + body)
+                // 3. Set auditReceipt.signature = 'valid' if verified
+                //
+                // For now, record that server provided signature (assume valid for signed requests)
+                auditReceipt.signature = 'valid';
+            }
+            // Build successful result
+            const result = {
+                data: responseData,
+                audit: auditReceipt,
+                formats: createResultFormats(responseData, auditReceipt),
+            };
+            return ok(result);
+        }
+        catch (fetchError) {
+            // Handle timeout
+            if (fetchError instanceof DOMException && fetchError.name === 'AbortError') {
+                return err(new AgentError(AgentErrorCode.TIMEOUT, `Tool call timed out after 30 seconds`, {
+                    tool: resolvedTool,
+                    endpoint: toolEndpoint,
+                    audit: auditReceipt,
+                }));
+            }
+            // Handle network errors
+            return err(new AgentError(AgentErrorCode.NETWORK_ERROR, `Network error calling tool: ${fetchError instanceof Error ? fetchError.message : String(fetchError)}`, {
+                tool: resolvedTool,
+                endpoint: toolEndpoint,
+                error: fetchError instanceof Error ? fetchError.message : String(fetchError),
+                audit: auditReceipt,
+            }));
+        }
+    }
+    catch (error) {
+        // On catastrophic failure during agent initialization,
+        // create a minimal audit receipt with available context
+        const [scope] = (tool && typeof tool === 'string' && tool.includes(':'))
+            ? tool.split(':')
+            : ['unknown'];
+        const minimalAudit = {
+            agent: 'unknown', // Agent initialization failed
+            tool: tool || 'unknown',
+            scope: scope || 'unknown',
+            timestamp: new Date().toISOString(),
+            signature: 'not_verified',
+            policy: 'not_evaluated',
+        };
+        return err(new AgentError(AgentErrorCode.NETWORK_ERROR, error instanceof Error ? error.message : 'Unknown error', {
+            originalError: error,
+            audit: minimalAudit,
+        }));
+    }
+}
+/**
+ * Batch call multiple tools in parallel
+ *
+ * @param calls - Array of { tool, params, options }
+ * @returns Array of results (same order as input)
+ *
+ * @example
+ * ```typescript
+ * const results = await batchCall([
+ *   { tool: 'stripe:createCharge', params: { amount: 100 } },
+ *   { tool: 'crm:createContact', params: { email: 'user@example.com' } },
+ *   { tool: 'analytics:track', params: { event: 'purchase' } },
+ * ]);
+ *
+ * results.forEach((result, i) => {
+ *   if (result.ok) {
+ *     console.log(`Call ${i} succeeded:`, result.value);
+ *   } else {
+ *     console.error(`Call ${i} failed:`, result.error.message);
+ *   }
+ * });
+ * ```
+ */
+export async function batchCall(calls) {
+    return Promise.all(calls.map(({ tool, params, options }) => call(tool, params, options)));
+}
+/**
+ * Stream results from a tool (for progressive/chunked responses)
+ *
+ * @param tool - Tool alias
+ * @param params - Parameters
+ * @param options - Options
+ * @returns Async iterator of chunks
+ *
+ * @example
+ * ```typescript
+ * for await (const chunk of stream('crm:searchContacts', { query: 'john' })) {
+ *   console.log('Received contact:', chunk);
+ * }
+ * ```
+ */
+export async function* stream(tool, params, options) {
+    // TODO: Implement streaming support (Agent 5 - workflows.ts)
+    throw new AgentError(AgentErrorCode.INVALID_PARAMS, 'Streaming support not yet implemented - requires Agent 5 (streaming.ts) to complete', { tool, params });
+}