@private.me/xbind 3.0.0 → 3.0.2

package/dist-standalone/cjs/registry-middleware.js

@@ -1 +1,50 @@
-"use strict";function createRegistryAuthMiddleware(e){return(t,r,s)=>{const i=t.method.toUpperCase();if("GET"===i||"HEAD"===i)return void s();const o="string"==typeof t.headers.authorization?t.headers.authorization:void 0;if(!o||!o.startsWith("Bearer "))return void r.status(401).json({error:"UNAUTHORIZED"});o.slice(7)===e?s():r.status(401).json({error:"UNAUTHORIZED"})}}Object.defineProperty(exports,"__esModule",{value:!0}),exports.createRegistryAuthMiddleware=createRegistryAuthMiddleware;
+"use strict";
+/**
+ * Express middleware for protecting trust registry endpoints with bearer auth.
+ *
+ * GET/HEAD requests pass through (public reads). POST/PUT/DELETE require
+ * a valid Bearer token matching the configured admin token.
+ *
+ * @example
+ * ```ts
+ * import express from 'express';
+ * import { createRegistryAuthMiddleware } from '@private.me/xbind';
+ *
+ * const app = express();
+ * app.use('/registry', createRegistryAuthMiddleware(process.env.REGISTRY_ADMIN_TOKEN!));
+ * ```
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createRegistryAuthMiddleware = createRegistryAuthMiddleware;
+/**
+ * Create an Express-compatible middleware that protects write operations
+ * on registry endpoints with bearer token authentication.
+ *
+ * GET and HEAD requests pass through without authentication.
+ * POST, PUT, and DELETE require `Authorization: Bearer <token>`.
+ *
+ * @param token - The admin token to validate against.
+ * @returns Express middleware function.
+ */
+function createRegistryAuthMiddleware(token) {
+    return (req, res, next) => {
+        const method = req.method.toUpperCase();
+        if (method === 'GET' || method === 'HEAD') {
+            next();
+            return;
+        }
+        const authHeader = typeof req.headers['authorization'] === 'string'
+            ? req.headers['authorization']
+            : undefined;
+        if (!authHeader || !authHeader.startsWith('Bearer ')) {
+            res.status(401).json({ error: 'UNAUTHORIZED' });
+            return;
+        }
+        const provided = authHeader.slice('Bearer '.length);
+        if (provided !== token) {
+            res.status(401).json({ error: 'UNAUTHORIZED' });
+            return;
+        }
+        next();
+    };
+}

package/dist-standalone/cjs/retry-strategies.js

@@ -1 +1,544 @@
-"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.RetryStrategy=exports.CircuitBreaker=exports.NoRetryStrategy=exports.FixedDelayStrategy=exports.LinearBackoffStrategy=exports.ExponentialBackoffStrategy=void 0,exports.executeWithRetry=executeWithRetry;const shared_1=require("../_deps/shared/index.js");class ExponentialBackoffStrategy{name="ExponentialBackoff";maxAttempts;initialDelayMs;maxDelayMs;multiplier;jitter;jitterFactor;retryableErrors;constructor(t={}){this.maxAttempts=t.maxAttempts??3,this.initialDelayMs=t.initialDelayMs??1e3,this.maxDelayMs=t.maxDelayMs??3e4,this.multiplier=t.multiplier??2,this.jitter=t.jitter??!0,this.jitterFactor=t.jitterFactor??.2,this.retryableErrors=t.retryableErrors?new Set(t.retryableErrors):new Set(["SEND_FAILED","NETWORK_ERROR","RECIPIENT_UNREACHABLE","TIMEOUT"])}shouldRetry(t){if(t.attempt>=this.maxAttempts)return{shouldRetry:!1,reason:`Maximum attempts (${this.maxAttempts}) exceeded`};if(!this.retryableErrors.has(t.error))return{shouldRetry:!1,reason:`Error type '${t.error}' is not retryable`};const e=this.initialDelayMs*Math.pow(this.multiplier,t.attempt),s=Math.min(e,this.maxDelayMs),r=this.jitter?this.applyJitter(s):s;return{shouldRetry:!0,delayMs:Math.round(r),reason:`Attempt ${t.attempt+1}/${this.maxAttempts}`}}applyJitter(t){const e=new Uint32Array(1);crypto.getRandomValues(e);return t+(2*(e[0]/4294967295)-1)*(t*this.jitterFactor)}}exports.ExponentialBackoffStrategy=ExponentialBackoffStrategy;class LinearBackoffStrategy{name="LinearBackoff";maxAttempts;delayIncrementMs;initialDelayMs;maxDelayMs;jitter;jitterFactor;retryableErrors;constructor(t={}){this.maxAttempts=t.maxAttempts??3,this.delayIncrementMs=t.delayIncrementMs??1e3,this.initialDelayMs=t.initialDelayMs??1e3,this.maxDelayMs=t.maxDelayMs??3e4,this.jitter=t.jitter??!0,this.jitterFactor=t.jitterFactor??.1,this.retryableErrors=t.retryableErrors?new Set(t.retryableErrors):new Set(["SEND_FAILED","NETWORK_ERROR","RECIPIENT_UNREACHABLE","TIMEOUT"])}shouldRetry(t){if(t.attempt>=this.maxAttempts)return{shouldRetry:!1,reason:`Maximum attempts (${this.maxAttempts}) exceeded`};if(!this.retryableErrors.has(t.error))return{shouldRetry:!1,reason:`Error type '${t.error}' is not retryable`};const e=this.initialDelayMs+t.attempt*this.delayIncrementMs,s=Math.min(e,this.maxDelayMs),r=this.jitter?this.applyJitter(s):s;return{shouldRetry:!0,delayMs:Math.round(r),reason:`Attempt ${t.attempt+1}/${this.maxAttempts}`}}applyJitter(t){const e=new Uint32Array(1);crypto.getRandomValues(e);return t+(2*(e[0]/4294967295)-1)*(t*this.jitterFactor)}}exports.LinearBackoffStrategy=LinearBackoffStrategy;class FixedDelayStrategy{name="FixedDelay";maxAttempts;delayMs;jitter;jitterFactor;retryableErrors;constructor(t={}){this.maxAttempts=t.maxAttempts??3,this.delayMs=t.delayMs??1e3,this.jitter=t.jitter??!1,this.jitterFactor=t.jitterFactor??.1,this.retryableErrors=t.retryableErrors?new Set(t.retryableErrors):new Set(["SEND_FAILED","NETWORK_ERROR","RECIPIENT_UNREACHABLE","TIMEOUT"])}shouldRetry(t){if(t.attempt>=this.maxAttempts)return{shouldRetry:!1,reason:`Maximum attempts (${this.maxAttempts}) exceeded`};if(!this.retryableErrors.has(t.error))return{shouldRetry:!1,reason:`Error type '${t.error}' is not retryable`};const e=this.jitter?this.applyJitter(this.delayMs):this.delayMs;return{shouldRetry:!0,delayMs:Math.round(e),reason:`Attempt ${t.attempt+1}/${this.maxAttempts}`}}applyJitter(t){const e=new Uint32Array(1);crypto.getRandomValues(e);return t+(2*(e[0]/4294967295)-1)*(t*this.jitterFactor)}}exports.FixedDelayStrategy=FixedDelayStrategy;class NoRetryStrategy{name="NoRetry";shouldRetry(t){return{shouldRetry:!1,reason:"No retry policy - fail immediately"}}}exports.NoRetryStrategy=NoRetryStrategy;class CircuitBreaker{state="CLOSED";consecutiveFailures=0;consecutiveSuccesses=0;openedAt;totalRequests=0;totalFailures=0;totalSuccesses=0;failureTimestamps=[];failureThreshold;resetTimeoutMs;successThreshold;windowMs;constructor(t={}){this.failureThreshold=t.failureThreshold??5,this.resetTimeoutMs=t.resetTimeoutMs??6e4,this.successThreshold=t.successThreshold??2,this.windowMs=t.windowMs??6e4}allowRequest(){const t=Date.now();return this.failureTimestamps=this.failureTimestamps.filter(e=>t-e<this.windowMs),"CLOSED"===this.state||("OPEN"!==this.state||!!(this.openedAt&&t-this.openedAt>=this.resetTimeoutMs)&&(this.state="HALF_OPEN",this.consecutiveSuccesses=0,!0))}recordSuccess(){this.totalRequests++,this.totalSuccesses++,this.consecutiveFailures=0,"HALF_OPEN"===this.state&&(this.consecutiveSuccesses++,this.consecutiveSuccesses>=this.successThreshold&&(this.state="CLOSED",this.consecutiveSuccesses=0,this.openedAt=void 0))}recordFailure(){this.totalRequests++,this.totalFailures++,this.consecutiveFailures++,this.consecutiveSuccesses=0;const t=Date.now();if(this.failureTimestamps.push(t),"CLOSED"===this.state||"HALF_OPEN"===this.state){this.failureTimestamps.filter(e=>t-e<this.windowMs).length>=this.failureThreshold&&(this.state="OPEN",this.openedAt=t)}}getStats(){return{state:this.state,consecutiveFailures:this.consecutiveFailures,consecutiveSuccesses:this.consecutiveSuccesses,openedAt:this.openedAt,totalRequests:this.totalRequests,totalFailures:this.totalFailures,totalSuccesses:this.totalSuccesses}}reset(){this.state="CLOSED",this.consecutiveFailures=0,this.consecutiveSuccesses=0,this.openedAt=void 0,this.totalRequests=0,this.totalFailures=0,this.totalSuccesses=0,this.failureTimestamps=[]}forceOpen(){this.state="OPEN",this.openedAt=Date.now()}forceClose(){this.state="CLOSED",this.consecutiveFailures=0,this.consecutiveSuccesses=0,this.openedAt=void 0}}exports.CircuitBreaker=CircuitBreaker;class RetryStrategy{static exponentialBackoff(t){return new ExponentialBackoffStrategy(t)}static linearBackoff(t){return new LinearBackoffStrategy(t)}static fixedDelay(t){return new FixedDelayStrategy(t)}static noRetry(){return new NoRetryStrategy}static aggressive(){return new ExponentialBackoffStrategy({maxAttempts:5,initialDelayMs:500,maxDelayMs:1e4,multiplier:2,jitter:!0})}static conservative(){return new LinearBackoffStrategy({maxAttempts:2,initialDelayMs:2e3,delayIncrementMs:1e3,maxDelayMs:5e3,jitter:!0})}static default(){return new ExponentialBackoffStrategy({maxAttempts:3,initialDelayMs:1e3,maxDelayMs:3e4,multiplier:2,jitter:!0})}}async function executeWithRetry(t,e,s){const r=Date.now();let a=0,i="NETWORK_ERROR";for(;;){if(s&&!s.allowRequest())return(0,shared_1.err)("SEND_FAILED");const o=await t();if(o.ok)return s?.recordSuccess(),o;i=o.error,s?.recordFailure();const l={attempt:a,error:i,startTime:r,elapsedMs:Date.now()-r},n=e.shouldRetry(l);if(!n.shouldRetry)return(0,shared_1.err)(i);n.delayMs&&n.delayMs>0&&await sleep(n.delayMs),a++}}function sleep(t){return new Promise(e=>setTimeout(e,t))}exports.RetryStrategy=RetryStrategy;
+"use strict";
+/**
+ * @module retry-strategies
+ * Configurable retry strategies for enhanced reliability.
+ *
+ * Provides flexible retry policies with exponential backoff, jitter, circuit breakers,
+ * and error-specific retry logic. Designed for production-grade fault tolerance.
+ *
+ * @example
+ * ```typescript
+ * import { RetryStrategy, CircuitBreaker } from '@private.me/xbind/retry-strategies';
+ *
+ * // Exponential backoff with circuit breaker
+ * const strategy = RetryStrategy.exponentialBackoff({
+ *   maxAttempts: 5,
+ *   initialDelayMs: 1000,
+ *   maxDelayMs: 30000,
+ *   multiplier: 2,
+ *   jitter: true
+ * });
+ *
+ * const circuitBreaker = new CircuitBreaker({
+ *   failureThreshold: 5,
+ *   resetTimeoutMs: 60000
+ * });
+ * ```
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RetryStrategy = exports.CircuitBreaker = exports.NoRetryStrategy = exports.FixedDelayStrategy = exports.LinearBackoffStrategy = exports.ExponentialBackoffStrategy = void 0;
+exports.executeWithRetry = executeWithRetry;
+const shared_1 = require("../_deps/shared/index.js");
+/* ── Retry Strategy Implementations ── */
+/**
+ * Exponential backoff retry strategy.
+ *
+ * Delay formula: min(initialDelay * multiplier^attempt, maxDelay) ± jitter
+ *
+ * Best for: Network requests, API calls, database operations.
+ * Avoids overwhelming failing services with exponentially increasing delays.
+ */
+class ExponentialBackoffStrategy {
+    name = 'ExponentialBackoff';
+    maxAttempts;
+    initialDelayMs;
+    maxDelayMs;
+    multiplier;
+    jitter;
+    jitterFactor;
+    retryableErrors;
+    constructor(config = {}) {
+        this.maxAttempts = config.maxAttempts ?? 3;
+        this.initialDelayMs = config.initialDelayMs ?? 1000;
+        this.maxDelayMs = config.maxDelayMs ?? 30000;
+        this.multiplier = config.multiplier ?? 2;
+        this.jitter = config.jitter ?? true;
+        this.jitterFactor = config.jitterFactor ?? 0.2;
+        this.retryableErrors = config.retryableErrors
+            ? new Set(config.retryableErrors)
+            : new Set(['SEND_FAILED', 'NETWORK_ERROR', 'RECIPIENT_UNREACHABLE', 'TIMEOUT']);
+    }
+    shouldRetry(context) {
+        // Check if we've exceeded max attempts
+        if (context.attempt >= this.maxAttempts) {
+            return {
+                shouldRetry: false,
+                reason: `Maximum attempts (${this.maxAttempts}) exceeded`,
+            };
+        }
+        // Check if error is retryable
+        if (!this.retryableErrors.has(context.error)) {
+            return {
+                shouldRetry: false,
+                reason: `Error type '${context.error}' is not retryable`,
+            };
+        }
+        // Calculate exponential backoff delay
+        const baseDelay = this.initialDelayMs * Math.pow(this.multiplier, context.attempt);
+        const cappedDelay = Math.min(baseDelay, this.maxDelayMs);
+        // Apply jitter if enabled
+        const finalDelay = this.jitter ? this.applyJitter(cappedDelay) : cappedDelay;
+        return {
+            shouldRetry: true,
+            delayMs: Math.round(finalDelay),
+            reason: `Attempt ${context.attempt + 1}/${this.maxAttempts}`,
+        };
+    }
+    applyJitter(delayMs) {
+        // Use crypto.getRandomValues for secure random jitter (OWASP-compliant)
+        const randomArray = new Uint32Array(1);
+        crypto.getRandomValues(randomArray);
+        const random = randomArray[0] / 0xffffffff; // Normalize to [0, 1]
+        // Apply jitter: delay ± (delay * jitterFactor)
+        const jitterRange = delayMs * this.jitterFactor;
+        const jitter = (random * 2 - 1) * jitterRange; // Range: [-jitterRange, +jitterRange]
+        return delayMs + jitter;
+    }
+}
+exports.ExponentialBackoffStrategy = ExponentialBackoffStrategy;
+/**
+ * Linear backoff retry strategy.
+ *
+ * Delay formula: min(initialDelay + attempt * increment, maxDelay) ± jitter
+ *
+ * Best for: Rate-limited APIs, gradual load recovery.
+ * More predictable than exponential, suitable when service recovery is linear.
+ */
+class LinearBackoffStrategy {
+    name = 'LinearBackoff';
+    maxAttempts;
+    delayIncrementMs;
+    initialDelayMs;
+    maxDelayMs;
+    jitter;
+    jitterFactor;
+    retryableErrors;
+    constructor(config = {}) {
+        this.maxAttempts = config.maxAttempts ?? 3;
+        this.delayIncrementMs = config.delayIncrementMs ?? 1000;
+        this.initialDelayMs = config.initialDelayMs ?? 1000;
+        this.maxDelayMs = config.maxDelayMs ?? 30000;
+        this.jitter = config.jitter ?? true;
+        this.jitterFactor = config.jitterFactor ?? 0.1;
+        this.retryableErrors = config.retryableErrors
+            ? new Set(config.retryableErrors)
+            : new Set(['SEND_FAILED', 'NETWORK_ERROR', 'RECIPIENT_UNREACHABLE', 'TIMEOUT']);
+    }
+    shouldRetry(context) {
+        if (context.attempt >= this.maxAttempts) {
+            return {
+                shouldRetry: false,
+                reason: `Maximum attempts (${this.maxAttempts}) exceeded`,
+            };
+        }
+        if (!this.retryableErrors.has(context.error)) {
+            return {
+                shouldRetry: false,
+                reason: `Error type '${context.error}' is not retryable`,
+            };
+        }
+        // Calculate linear backoff delay
+        const baseDelay = this.initialDelayMs + context.attempt * this.delayIncrementMs;
+        const cappedDelay = Math.min(baseDelay, this.maxDelayMs);
+        // Apply jitter if enabled
+        const finalDelay = this.jitter ? this.applyJitter(cappedDelay) : cappedDelay;
+        return {
+            shouldRetry: true,
+            delayMs: Math.round(finalDelay),
+            reason: `Attempt ${context.attempt + 1}/${this.maxAttempts}`,
+        };
+    }
+    applyJitter(delayMs) {
+        const randomArray = new Uint32Array(1);
+        crypto.getRandomValues(randomArray);
+        const random = randomArray[0] / 0xffffffff;
+        const jitterRange = delayMs * this.jitterFactor;
+        const jitter = (random * 2 - 1) * jitterRange;
+        return delayMs + jitter;
+    }
+}
+exports.LinearBackoffStrategy = LinearBackoffStrategy;
+/**
+ * Fixed delay retry strategy.
+ *
+ * Delay formula: delayMs ± jitter (constant for all attempts)
+ *
+ * Best for: Simple retry scenarios, testing.
+ * Predictable timing, no backoff complexity.
+ */
+class FixedDelayStrategy {
+    name = 'FixedDelay';
+    maxAttempts;
+    delayMs;
+    jitter;
+    jitterFactor;
+    retryableErrors;
+    constructor(config = {}) {
+        this.maxAttempts = config.maxAttempts ?? 3;
+        this.delayMs = config.delayMs ?? 1000;
+        this.jitter = config.jitter ?? false;
+        this.jitterFactor = config.jitterFactor ?? 0.1;
+        this.retryableErrors = config.retryableErrors
+            ? new Set(config.retryableErrors)
+            : new Set(['SEND_FAILED', 'NETWORK_ERROR', 'RECIPIENT_UNREACHABLE', 'TIMEOUT']);
+    }
+    shouldRetry(context) {
+        if (context.attempt >= this.maxAttempts) {
+            return {
+                shouldRetry: false,
+                reason: `Maximum attempts (${this.maxAttempts}) exceeded`,
+            };
+        }
+        if (!this.retryableErrors.has(context.error)) {
+            return {
+                shouldRetry: false,
+                reason: `Error type '${context.error}' is not retryable`,
+            };
+        }
+        const finalDelay = this.jitter ? this.applyJitter(this.delayMs) : this.delayMs;
+        return {
+            shouldRetry: true,
+            delayMs: Math.round(finalDelay),
+            reason: `Attempt ${context.attempt + 1}/${this.maxAttempts}`,
+        };
+    }
+    applyJitter(delayMs) {
+        const randomArray = new Uint32Array(1);
+        crypto.getRandomValues(randomArray);
+        const random = randomArray[0] / 0xffffffff;
+        const jitterRange = delayMs * this.jitterFactor;
+        const jitter = (random * 2 - 1) * jitterRange;
+        return delayMs + jitter;
+    }
+}
+exports.FixedDelayStrategy = FixedDelayStrategy;
+/**
+ * No retry strategy (fail immediately).
+ *
+ * Best for: Operations that must succeed on first try, testing.
+ */
+class NoRetryStrategy {
+    name = 'NoRetry';
+    shouldRetry(_context) {
+        return {
+            shouldRetry: false,
+            reason: 'No retry policy - fail immediately',
+        };
+    }
+}
+exports.NoRetryStrategy = NoRetryStrategy;
+/* ── Circuit Breaker ── */
+/**
+ * Circuit breaker for preventing cascading failures.
+ *
+ * States:
+ * - CLOSED: Normal operation, requests pass through
+ * - OPEN: Circuit tripped, requests fail immediately
+ * - HALF_OPEN: Testing recovery, limited requests allowed
+ *
+ * Best practices:
+ * - Use with retry strategies for comprehensive fault tolerance
+ * - Monitor circuit state changes for alerting
+ * - Tune thresholds based on service characteristics
+ *
+ * @example
+ * ```typescript
+ * const breaker = new CircuitBreaker({
+ *   failureThreshold: 5,
+ *   resetTimeoutMs: 60000,
+ *   successThreshold: 2
+ * });
+ *
+ * // Check before operation
+ * if (breaker.allowRequest()) {
+ *   const result = await operation();
+ *   if (result.ok) {
+ *     breaker.recordSuccess();
+ *   } else {
+ *     breaker.recordFailure();
+ *   }
+ * }
+ * ```
+ */
+class CircuitBreaker {
+    state = 'CLOSED';
+    consecutiveFailures = 0;
+    consecutiveSuccesses = 0;
+    openedAt;
+    totalRequests = 0;
+    totalFailures = 0;
+    totalSuccesses = 0;
+    failureTimestamps = [];
+    failureThreshold;
+    resetTimeoutMs;
+    successThreshold;
+    windowMs;
+    constructor(config = {}) {
+        this.failureThreshold = config.failureThreshold ?? 5;
+        this.resetTimeoutMs = config.resetTimeoutMs ?? 60000;
+        this.successThreshold = config.successThreshold ?? 2;
+        this.windowMs = config.windowMs ?? 60000;
+    }
+    /**
+     * Check if request should be allowed through circuit.
+     *
+     * @returns True if request should proceed, false if circuit is open
+     */
+    allowRequest() {
+        const now = Date.now();
+        // Clean up old failure timestamps outside the window
+        this.failureTimestamps = this.failureTimestamps.filter(timestamp => now - timestamp < this.windowMs);
+        // CLOSED: Allow all requests
+        if (this.state === 'CLOSED') {
+            return true;
+        }
+        // OPEN: Check if reset timeout has elapsed
+        if (this.state === 'OPEN') {
+            if (this.openedAt && now - this.openedAt >= this.resetTimeoutMs) {
+                // Transition to HALF_OPEN
+                this.state = 'HALF_OPEN';
+                this.consecutiveSuccesses = 0;
+                return true;
+            }
+            return false; // Circuit still open
+        }
+        // HALF_OPEN: Allow limited requests to test recovery
+        return true;
+    }
+    /**
+     * Record a successful operation.
+     */
+    recordSuccess() {
+        this.totalRequests++;
+        this.totalSuccesses++;
+        this.consecutiveFailures = 0;
+        if (this.state === 'HALF_OPEN') {
+            this.consecutiveSuccesses++;
+            // Enough successes to close circuit
+            if (this.consecutiveSuccesses >= this.successThreshold) {
+                this.state = 'CLOSED';
+                this.consecutiveSuccesses = 0;
+                this.openedAt = undefined;
+            }
+        }
+    }
+    /**
+     * Record a failed operation.
+     */
+    recordFailure() {
+        this.totalRequests++;
+        this.totalFailures++;
+        this.consecutiveFailures++;
+        this.consecutiveSuccesses = 0;
+        const now = Date.now();
+        this.failureTimestamps.push(now);
+        // Trip circuit if threshold exceeded
+        if (this.state === 'CLOSED' || this.state === 'HALF_OPEN') {
+            // Count failures within the time window
+            const recentFailures = this.failureTimestamps.filter(timestamp => now - timestamp < this.windowMs).length;
+            if (recentFailures >= this.failureThreshold) {
+                this.state = 'OPEN';
+                this.openedAt = now;
+            }
+        }
+    }
+    /**
+     * Get current circuit breaker statistics.
+     */
+    getStats() {
+        return {
+            state: this.state,
+            consecutiveFailures: this.consecutiveFailures,
+            consecutiveSuccesses: this.consecutiveSuccesses,
+            openedAt: this.openedAt,
+            totalRequests: this.totalRequests,
+            totalFailures: this.totalFailures,
+            totalSuccesses: this.totalSuccesses,
+        };
+    }
+    /**
+     * Reset circuit breaker to initial state.
+     */
+    reset() {
+        this.state = 'CLOSED';
+        this.consecutiveFailures = 0;
+        this.consecutiveSuccesses = 0;
+        this.openedAt = undefined;
+        this.totalRequests = 0;
+        this.totalFailures = 0;
+        this.totalSuccesses = 0;
+        this.failureTimestamps = [];
+    }
+    /**
+     * Force circuit to open (for testing or manual intervention).
+     */
+    forceOpen() {
+        this.state = 'OPEN';
+        this.openedAt = Date.now();
+    }
+    /**
+     * Force circuit to close (for testing or manual recovery).
+     */
+    forceClose() {
+        this.state = 'CLOSED';
+        this.consecutiveFailures = 0;
+        this.consecutiveSuccesses = 0;
+        this.openedAt = undefined;
+    }
+}
+exports.CircuitBreaker = CircuitBreaker;
+/* ── Factory Functions ── */
+/**
+ * Factory for creating retry strategies with common configurations.
+ */
+class RetryStrategy {
+    /**
+     * Create exponential backoff strategy.
+     *
+     * @param config - Configuration options
+     * @returns Exponential backoff strategy
+     */
+    static exponentialBackoff(config) {
+        return new ExponentialBackoffStrategy(config);
+    }
+    /**
+     * Create linear backoff strategy.
+     *
+     * @param config - Configuration options
+     * @returns Linear backoff strategy
+     */
+    static linearBackoff(config) {
+        return new LinearBackoffStrategy(config);
+    }
+    /**
+     * Create fixed delay strategy.
+     *
+     * @param config - Configuration options
+     * @returns Fixed delay strategy
+     */
+    static fixedDelay(config) {
+        return new FixedDelayStrategy(config);
+    }
+    /**
+     * Create no retry strategy (fail immediately).
+     *
+     * @returns No retry strategy
+     */
+    static noRetry() {
+        return new NoRetryStrategy();
+    }
+    /**
+     * Create aggressive retry strategy for critical operations.
+     *
+     * Config: 5 attempts, 500ms initial, max 10s, exponential backoff.
+     *
+     * @returns Aggressive retry strategy
+     */
+    static aggressive() {
+        return new ExponentialBackoffStrategy({
+            maxAttempts: 5,
+            initialDelayMs: 500,
+            maxDelayMs: 10000,
+            multiplier: 2,
+            jitter: true,
+        });
+    }
+    /**
+     * Create conservative retry strategy for non-critical operations.
+     *
+     * Config: 2 attempts, 2s initial, max 5s, linear backoff.
+     *
+     * @returns Conservative retry strategy
+     */
+    static conservative() {
+        return new LinearBackoffStrategy({
+            maxAttempts: 2,
+            initialDelayMs: 2000,
+            delayIncrementMs: 1000,
+            maxDelayMs: 5000,
+            jitter: true,
+        });
+    }
+    /**
+     * Create default retry strategy (balanced).
+     *
+     * Config: 3 attempts, 1s initial, max 30s, exponential backoff.
+     *
+     * @returns Default retry strategy
+     */
+    static default() {
+        return new ExponentialBackoffStrategy({
+            maxAttempts: 3,
+            initialDelayMs: 1000,
+            maxDelayMs: 30000,
+            multiplier: 2,
+            jitter: true,
+        });
+    }
+}
+exports.RetryStrategy = RetryStrategy;
+/* ── Retry Executor ── */
+/**
+ * Execute an operation with retry strategy and optional circuit breaker.
+ *
+ * @param operation - Async operation to execute
+ * @param strategy - Retry strategy to use
+ * @param circuitBreaker - Optional circuit breaker
+ * @returns Result of the operation
+ *
+ * @example
+ * ```typescript
+ * const result = await executeWithRetry(
+ *   async () => transport.send(envelope, did),
+ *   RetryStrategy.exponentialBackoff(),
+ *   circuitBreaker
+ * );
+ * ```
+ */
+async function executeWithRetry(operation, strategy, circuitBreaker) {
+    const startTime = Date.now();
+    let attempt = 0;
+    let lastError = 'NETWORK_ERROR'; // Default error
+    while (true) {
+        // Check circuit breaker
+        if (circuitBreaker && !circuitBreaker.allowRequest()) {
+            return (0, shared_1.err)('SEND_FAILED');
+        }
+        // Execute operation
+        const result = await operation();
+        if (result.ok) {
+            // Success - record and return
+            circuitBreaker?.recordSuccess();
+            return result;
+        }
+        // Failure - record error
+        lastError = result.error;
+        circuitBreaker?.recordFailure();
+        // Check retry decision
+        const elapsedMs = Date.now() - startTime;
+        const context = {
+            attempt,
+            error: lastError,
+            startTime,
+            elapsedMs,
+        };
+        const decision = strategy.shouldRetry(context);
+        if (!decision.shouldRetry) {
+            // No more retries - return last error
+            return (0, shared_1.err)(lastError);
+        }
+        // Wait before retry
+        if (decision.delayMs && decision.delayMs > 0) {
+            await sleep(decision.delayMs);
+        }
+        attempt++;
+    }
+}
+/**
+ * Sleep for specified milliseconds.
+ *
+ * @param ms - Duration in milliseconds
+ */
+function sleep(ms) {
+    return new Promise(resolve => setTimeout(resolve, ms));
+}