@private.me/xbind 3.0.2 → 3.0.4

package/dist-standalone/index.d.ts

@@ -10,6 +10,7 @@ export type { RedisClient, RedisNonceStoreOptions } from './redis-nonce-store.js
 export { RedisNonceStore } from './redis-nonce-store.js';
 export type { XailTransportAdapter, TransportError, EnvelopeHandler, HttpsTransportOptions, } from './transport.js';
 export { HttpsTransportAdapter } from './transport.js';
+export { LoopbackTransport } from './loopback-transport.js';
 export type { RetryOptions } from './retry-transport.js';
 export { RetryTransportAdapter } from './retry-transport.js';
 export type { RetryContext, RetryDecision, ExponentialBackoffConfig, LinearBackoffConfig, FixedDelayConfig, CircuitBreakerConfig, CircuitState, CircuitBreakerStats, IRetryStrategy, } from './retry-strategies.js';
@@ -19,7 +20,7 @@ export { TimeoutConfig, OperationTimeoutController, TimeoutError, createTimeoutC
 export type { QoSLevel, OperationContext, CacheConfig, RetryConfig, CacheEntry, ServiceStatus, } from './graceful-degradation.js';
 export { GracefulDegradationManager, registryLookupWithFallback, sendWithTransportFallback, enhanceError, } from './graceful-degradation.js';
 export type { TrustRegistry, RegistryEntry, RegistryError, HttpTrustRegistryOptions, FileTrustRegistryOptions, } from './trust-registry.js';
-export { MemoryTrustRegistry, HttpTrustRegistry, FileTrustRegistry, createEnterpriseTrustRegistry, } from './trust-registry.js';
+export { MemoryTrustRegistry, HttpTrustRegistry, FileTrustRegistry, createEnterpriseTrustRegistry, RegistrationRateLimiter, } from './trust-registry.js';
 export type { EphemeralKeyPair, KeyAgreementResult, HybridKeyAgreementResult, KeyAgreementError, } from './key-agreement.js';
 export { generateEphemeralKeyPair, importX25519PublicKey, deriveSharedKeyECDH, senderKeyAgreement, receiverKeyAgreement, combineSharedSecrets, senderHybridKeyAgreement, receiverHybridKeyAgreement, } from './key-agreement.js';
 export type { AgentOptions, AgentCreateOptions, AgentSendOptions, AgentMessage, AgentError, AgentReceiveOptions, AgentErrorDetail, } from './agent.js';
@@ -34,8 +35,8 @@ export type { XFetchOptions, XFetchResponse, } from './xfetch.js';
 export { xfetch, isXBindSupported, getXBindCapability, } from './xfetch.js';
 export type { AxiosRequestConfig, AxiosResponse, GotOptions, GotResponse, } from './http-compat.js';
 export { createAxiosCompat, createGotCompat, wrapFetch, } from './http-compat.js';
-export type { SecurityPolicy, SecurityMode, SecurityLevel, SecurityContext, SecurityDecision, } from './security-policy.js';
-export { DefaultSecurityPolicy, describeSecurityMode } from './security-policy.js';
+export type { SecurityPolicy, SecurityMode, SecurityLevel, SecurityContext, SecurityDecision, SecurityModeDescription, } from './security-policy.js';
+export { DefaultSecurityPolicy, describeSecurityMode, describeSecurityModeStructured } from './security-policy.js';
 export type { PolicyResult, PolicyViolationDetails, PolicyLimits } from './policy.js';
 export { PolicyEngine, getGlobalPolicyEngine } from './policy.js';
 export type { ApprovalOptions, ApprovalToken, ApprovalResult, ApprovalPresenter, } from './approval.js';
@@ -56,7 +57,15 @@ export { requestAuth, respondToChallenge, onChallenge, generateRegistrationQR, }
 export type { XchangeKey, XchangeError } from '@private.me/xchange';
 export { generateXchangeKey, xchangeEncrypt, xchangeDecrypt } from '@private.me/xchange';
 export { AES_KEY_BYTES, AES_IV_BYTES, BUNDLE_HEADER_BYTES } from '@private.me/xchange';
-export { XBindError, XBindIdentityError, XBindEnvelopeError, XBindTransportError, XBindRegistryError, XBindKeyAgreementError, XBindSplitChannelError, XBindAgentError, toXBindError, isXBindError, createXBindErrorDetail, } from './errors.js';
+export { setMockCrypto, clearCryptoCache } from './crypto-utils.js';
+export type { CryptoPackage } from './vault-store-loader.js';
+export { XBindError, XBindIdentityError, XBindEnvelopeError, XBindTransportError, XBindRegistryError, XBindKeyAgreementError, XBindSplitChannelError, XBindAgentError, XBindBillingError, VaultStoreError, QuotaExceededError, toXBindError, isXBindError, createXBindErrorDetail, } from './errors.js';
+import type { XBindTransportError, XBindIdentityError, XBindEnvelopeError, XBindBillingError, XBindAgentError } from './errors.js';
+export type ConnectionError = XBindTransportError;
+export type AuthenticationError = XBindIdentityError;
+export type ValidationError = XBindEnvelopeError;
+export type RateLimitError = XBindBillingError;
+export type ServerError = XBindAgentError;
 export type { ValidationResult } from './config-validation.js';
 export { ConfigValidationError, validateAgentOptions, validateAgentCreateOptions, getValidationDetails, assertValidConfig, assertValidCreateConfig, AGENT_OPTIONS_DEFAULTS, AGENT_CREATE_OPTIONS_DEFAULTS, } from './config-validation.js';
 export type { ProgressCallback, ACIErrorDetail, ACIErrorOptions, PaginationOptions, PaginatedResult, SearchOptions, } from '@private.me/ux-helpers';
@@ -125,3 +134,5 @@ export type { SerializationFormat, SerializationOptions, SerializedData, Deseria
 export { serialize, deserialize, detectFormat, negotiateFormat, compareFormats, getContentType, parseContentType, } from './serialization.js';
 export type { ConnectionPoolOptions, ConnectionPoolMetrics, } from './connection-pool.js';
 export { ConnectionPool, getGlobalPool, resetGlobalPool, } from './connection-pool.js';
+export type { Result } from '@private.me/shared';
+export { err, ok } from '@private.me/shared';

package/dist-standalone/index.js

@@ -1,78 +1 @@
-// @private.me/xbind — public API
-export { initCommand, main as cliMain } from './cli/init.js';
-export { generateIdentity, sign, verify, importPublicKey, publicKeyToDid, didToPublicKeyBytes, exportPKCS8, exportX25519PKCS8, importFromPKCS8, importIdentity, identityFromSeed, extractRawEd25519, extractRawX25519, exportMlKemSecretKey, exportMlKemPublicKey, signMlDsa65, verifyMlDsa65, exportMlDsaSecretKey, exportMlDsaPublicKey, rotateKeys, ML_DSA65_SIG_BYTES, ML_DSA65_PK_BYTES, ML_DSA65_SK_BYTES, } from './identity.js';
-export { createEnvelope, createEnvelopeV2, createEnvelopeV3, createEnvelopeV4, decryptPayload, serializeEnvelope, deserializeEnvelope, validateEnvelope, generateSharedKey, createSignedEnvelope, openSignedEnvelope, } from './envelope.js';
-export { MemoryNonceStore } from './nonce-store.js';
-export { RedisNonceStore } from './redis-nonce-store.js';
-export { HttpsTransportAdapter } from './transport.js';
-export { RetryTransportAdapter } from './retry-transport.js';
-export { ExponentialBackoffStrategy, LinearBackoffStrategy, FixedDelayStrategy, NoRetryStrategy, CircuitBreaker, RetryStrategy, executeWithRetry, } from './retry-strategies.js';
-export { TimeoutConfig, OperationTimeoutController, TimeoutError, createTimeoutController, withTimeout, withTimeoutResult, createOperationTimeoutSignal, createOperationTimeout, isTimeoutError, getTimeoutFromError, createTimeoutConfigFromEnv, globalTimeoutConfig, DEFAULT_TIMEOUTS, } from './timeouts.js';
-export { GracefulDegradationManager, registryLookupWithFallback, sendWithTransportFallback, enhanceError, } from './graceful-degradation.js';
-export { MemoryTrustRegistry, HttpTrustRegistry, FileTrustRegistry, createEnterpriseTrustRegistry, } from './trust-registry.js';
-export { generateEphemeralKeyPair, importX25519PublicKey, deriveSharedKeyECDH, senderKeyAgreement, receiverKeyAgreement, combineSharedSecrets, senderHybridKeyAgreement, receiverHybridKeyAgreement, } from './key-agreement.js';
-export { Agent, parseAgentError } from './agent.js';
-export { MessageStream, collectMessages, mapStream, filterStream, takeStream, mergeStreams, installAsyncIterators, } from './async-iterators.js';
-export { call, batchCall, stream, AgentErrorCode, ERROR_DETAILS, setToolRegistry, getToolRegistry, } from './agent-call.js';
-export { AgentError as AgentCallError } from './agent-call.js';
-export { xfetch, isXBindSupported, getXBindCapability, } from './xfetch.js';
-export { createAxiosCompat, createGotCompat, wrapFetch, } from './http-compat.js';
-export { DefaultSecurityPolicy, describeSecurityMode } from './security-policy.js';
-export { PolicyEngine, getGlobalPolicyEngine } from './policy.js';
-export { ApprovalFlow, CLIApprovalPresenter, ApprovalError, ApprovalErrorCode, } from './approval.js';
-// Guardrails (enhanced error messages with actionable suggestions)
-export { PolicyDenied, Guardrails, extractSuggestion, toPolicyDenied, } from './guardrails.js';
-// Registry auth middleware
-export { createRegistryAuthMiddleware } from './registry-middleware.js';
-export { GatewayTransport } from './gateway-transport.js';
-export { DidWebResolver, didWebToUrl } from './did-web.js';
-export { generateDidDocument, resolveDid, getServiceEndpoints, } from './did-document.js';
-// did:privateme method (Mechanism 4: new DID format for PRIVATE.ME)
-export { publicKeyToPrivateMeDid, privateMeDidToPublicKeyBytes, isPrivateMeDid, isDidKeyFormat, convertDidFormat, normalizeDid, parseDid, } from './did-privateme.js';
-export { splitForChannel, splitForChannelWithGroupId, reconstructFromChannel, DEFAULT_SPLIT_CONFIG, } from './split-channel.js';
-export { requestAuth, respondToChallenge, onChallenge, generateRegistrationQR, } from './auth.js';
-export { generateXchangeKey, xchangeEncrypt, xchangeDecrypt } from"./_deps/xchange/index.js";
-export { AES_KEY_BYTES, AES_IV_BYTES, BUNDLE_HEADER_BYTES } from"./_deps/xchange/index.js";
-// Error class hierarchy (supplementary — existing string codes unchanged)
-export { XBindError, XBindIdentityError, XBindEnvelopeError, XBindTransportError, XBindRegistryError, XBindKeyAgreementError, XBindSplitChannelError, XBindAgentError, toXBindError, isXBindError, createXBindErrorDetail, } from './errors.js';
-export { ConfigValidationError, validateAgentOptions, validateAgentCreateOptions, getValidationDetails, assertValidConfig, assertValidCreateConfig, AGENT_OPTIONS_DEFAULTS, AGENT_CREATE_OPTIONS_DEFAULTS, } from './config-validation.js';
-export { ProgressReporter, createStagedProgress, createDetailedError, formatErrorForUser, formatErrorForLog, isACIError, toACIError, paginate, createPaginationMetadata, search, } from"./_deps/ux-helpers/index.js";
-export { OperationProgressTracker, TransferProgressTracker, ShareDistributionTracker, EncryptionProgressTracker, } from './progress-callbacks.js';
-export { ServiceDiscovery, DiscoveryErrorCode } from './discovery.js';
-export { MdnsDiscoveryManager } from './mdns-discovery.js';
-export { InviteService, InviteErrorCode } from './invite.js';
-export { DualModeAdapter, DualModeErrorCode } from './dual-mode.js';
-export { PairingManager } from './pairing-manager.js';
-export { connect, acceptInvite, ConnectErrorCode } from './connect.js';
-export { autoAcceptInvite, AutoAcceptErrorCode } from './auto-accept.js';
-export { LazyAgent, createLazyAgent, LazyAgentErrorCode } from './lazy-init.js';
-export { InvitationErrorCode, InvitationClient, InvitationStore, generateInvitationToken, } from './invitation.js';
-export { AgentBuilder } from './agent-sdk.js';
-// DID Succession (trust infrastructure)
-export { createSuccession, verifySuccession, encodeSuccession, decodeSuccession, } from './succession.js';
-// Gateway Connection State (trust infrastructure)
-export { GatewayConnectionState } from './gateway-state.js';
-export { createCheckpoint, verifyCheckpoint, isCacheStale, encodeCheckpoint, decodeCheckpoint, } from './checkpoint.js';
-export { createSubscriptionProof, verifySubscriptionProof, resumeSubscription, hashBloomFilter, } from './subscription-proof.js';
-export { DEFAULT_BACKUP_CONFIG, validateBackupConfig, splitKeyWithBackup, reconstructKeyFromBackup, } from './backup-config.js';
-export { exportBackup, importBackup } from './backup.js';
-export { generateCorrelationId, validateCorrelationId, parseCorrelationId, attachCorrelationId, extractCorrelationId, getOrCreateCorrelationId, createCorrelationIdFromTimestamp, getCorrelationIdAge, isCorrelationIdExpired, correlationIdMiddleware, CORRELATION_ID_HEADER, CORRELATION_ID_ALIASES, } from './correlation-id.js';
-export { createLogger, LogLevel, getGlobalLogger, setGlobalLogger, logger, } from './logger.js';
-export { CancellationError, createTimeoutSignal, combineSignals, onCancellation, throwIfAborted, withCancellation, delay, withRetry, createCancellationController, isCancellationError, } from './cancellation.js';
-export { enableDebugMode, disableDebugMode, isDebugEnabled, getDebugOptions, createDebugLogger, startProfiling, endProfiling, getPerformanceMeasurements, clearPerformanceMeasurements, traceNetworkRequest, traceNetworkResponse, getNetworkTraces, clearNetworkTraces, traceCryptoOperation, getCryptoTraces, clearCryptoTraces, dumpState, getStateSnapshots, clearStateSnapshots, exportDebugData, clearAllDebugData, generateDebugReport, } from './debug-mode.js';
-export { getVersion, hasCapability, getCapabilities, getDeprecationInfo, warnIfDeprecated, parseVersion, compareVersions, checkCompatibility, getMinimumVersionFor, assertMinimumVersion, Capability, } from './version-info.js';
-export { createHealthChecker, healthEndpoint } from './health-check.js';
-export { batchSend, batchReceive, batchRegistryOps, batchResolve, batchGetEntries, BatchOperationError, } from './batch-operations.js';
-export { detectRuntime, isBrowser, isNode, isServiceWorker, getRandomBytes, generateUUID, LocalStorageAdapter, IndexedDBAdapter, MemoryStorageAdapter, isWasmSupported, loadWasmModule, detectCapabilities, installNodePolyfills, initServiceWorker, DEFAULT_SERVICE_WORKER_CONFIG, } from './runtime/browser.js';
-// Auto-install async iterators on Agent prototype
-import { installAsyncIterators as _installAsyncIterators } from './async-iterators.js';
-import { Agent as _Agent } from './agent.js';
-_installAsyncIterators(_Agent);
-export { XBindEventEmitter, createScopedEmitter, } from './event-emitter.js';
-export { MiddlewareChain, createPluginContext, createPlugin, PluginBuilder, } from './plugin-system.js';
-// Built-in Plugins
-export { LoggingPlugin, createLoggingPlugin } from './plugins/logging.js';
-export { MetricsPlugin, createMetricsPlugin } from './plugins/metrics.js';
-export { ValidationPlugin, createValidationPlugin, CommonRules } from './plugins/validation.js';
-export { serialize, deserialize, detectFormat, negotiateFormat, compareFormats, getContentType, parseContentType, } from './serialization.js';
-export { ConnectionPool, getGlobalPool, resetGlobalPool, } from './connection-pool.js';
+export{initCommand,main as cliMain}from"./cli/init.js";export{generateIdentity,sign,verify,importPublicKey,publicKeyToDid,didToPublicKeyBytes,exportPKCS8,exportX25519PKCS8,importFromPKCS8,importIdentity,identityFromSeed,extractRawEd25519,extractRawX25519,exportMlKemSecretKey,exportMlKemPublicKey,signMlDsa65,verifyMlDsa65,exportMlDsaSecretKey,exportMlDsaPublicKey,rotateKeys,ML_DSA65_SIG_BYTES,ML_DSA65_PK_BYTES,ML_DSA65_SK_BYTES}from"./identity.js";export{createEnvelope,createEnvelopeV2,createEnvelopeV3,createEnvelopeV4,decryptPayload,serializeEnvelope,deserializeEnvelope,validateEnvelope,generateSharedKey,createSignedEnvelope,openSignedEnvelope}from"./envelope.js";export{MemoryNonceStore}from"./nonce-store.js";export{RedisNonceStore}from"./redis-nonce-store.js";export{HttpsTransportAdapter}from"./transport.js";export{LoopbackTransport}from"./loopback-transport.js";export{RetryTransportAdapter}from"./retry-transport.js";export{ExponentialBackoffStrategy,LinearBackoffStrategy,FixedDelayStrategy,NoRetryStrategy,CircuitBreaker,RetryStrategy,executeWithRetry}from"./retry-strategies.js";export{TimeoutConfig,OperationTimeoutController,TimeoutError,createTimeoutController,withTimeout,withTimeoutResult,createOperationTimeoutSignal,createOperationTimeout,isTimeoutError,getTimeoutFromError,createTimeoutConfigFromEnv,globalTimeoutConfig,DEFAULT_TIMEOUTS}from"./timeouts.js";export{GracefulDegradationManager,registryLookupWithFallback,sendWithTransportFallback,enhanceError}from"./graceful-degradation.js";export{MemoryTrustRegistry,HttpTrustRegistry,FileTrustRegistry,createEnterpriseTrustRegistry,RegistrationRateLimiter}from"./trust-registry.js";export{generateEphemeralKeyPair,importX25519PublicKey,deriveSharedKeyECDH,senderKeyAgreement,receiverKeyAgreement,combineSharedSecrets,senderHybridKeyAgreement,receiverHybridKeyAgreement}from"./key-agreement.js";export{Agent,parseAgentError}from"./agent.js";export{MessageStream,collectMessages,mapStream,filterStream,takeStream,mergeStreams,installAsyncIterators}from"./async-iterators.js";export{call,batchCall,stream,AgentErrorCode,ERROR_DETAILS,setToolRegistry,getToolRegistry}from"./agent-call.js";export{AgentError as AgentCallError}from"./agent-call.js";export{xfetch,isXBindSupported,getXBindCapability}from"./xfetch.js";export{createAxiosCompat,createGotCompat,wrapFetch}from"./http-compat.js";export{DefaultSecurityPolicy,describeSecurityMode,describeSecurityModeStructured}from"./security-policy.js";export{PolicyEngine,getGlobalPolicyEngine}from"./policy.js";export{ApprovalFlow,CLIApprovalPresenter,ApprovalError,ApprovalErrorCode}from"./approval.js";export{PolicyDenied,Guardrails,extractSuggestion,toPolicyDenied}from"./guardrails.js";export{createRegistryAuthMiddleware}from"./registry-middleware.js";export{GatewayTransport}from"./gateway-transport.js";export{DidWebResolver,didWebToUrl}from"./did-web.js";export{generateDidDocument,resolveDid,getServiceEndpoints}from"./did-document.js";export{publicKeyToPrivateMeDid,privateMeDidToPublicKeyBytes,isPrivateMeDid,isDidKeyFormat,convertDidFormat,normalizeDid,parseDid}from"./did-privateme.js";export{splitForChannel,splitForChannelWithGroupId,reconstructFromChannel,DEFAULT_SPLIT_CONFIG}from"./split-channel.js";export{requestAuth,respondToChallenge,onChallenge,generateRegistrationQR}from"./auth.js";export{generateXchangeKey,xchangeEncrypt,xchangeDecrypt}from"./_deps/xchange/index.js";export{AES_KEY_BYTES,AES_IV_BYTES,BUNDLE_HEADER_BYTES}from"./_deps/xchange/index.js";export{setMockCrypto,clearCryptoCache}from"./crypto-utils.js";export{XBindError,XBindIdentityError,XBindEnvelopeError,XBindTransportError,XBindRegistryError,XBindKeyAgreementError,XBindSplitChannelError,XBindAgentError,XBindBillingError,VaultStoreError,QuotaExceededError,toXBindError,isXBindError,createXBindErrorDetail}from"./errors.js";export{ConfigValidationError,validateAgentOptions,validateAgentCreateOptions,getValidationDetails,assertValidConfig,assertValidCreateConfig,AGENT_OPTIONS_DEFAULTS,AGENT_CREATE_OPTIONS_DEFAULTS}from"./config-validation.js";export{ProgressReporter,createStagedProgress,createDetailedError,formatErrorForUser,formatErrorForLog,isACIError,toACIError,paginate,createPaginationMetadata,search}from"./_deps/ux-helpers/index.js";export{OperationProgressTracker,TransferProgressTracker,ShareDistributionTracker,EncryptionProgressTracker}from"./progress-callbacks.js";export{ServiceDiscovery,DiscoveryErrorCode}from"./discovery.js";export{MdnsDiscoveryManager}from"./mdns-discovery.js";export{InviteService,InviteErrorCode}from"./invite.js";export{DualModeAdapter,DualModeErrorCode}from"./dual-mode.js";export{PairingManager}from"./pairing-manager.js";export{connect,acceptInvite,ConnectErrorCode}from"./connect.js";export{autoAcceptInvite,AutoAcceptErrorCode}from"./auto-accept.js";export{LazyAgent,createLazyAgent,LazyAgentErrorCode}from"./lazy-init.js";export{InvitationErrorCode,InvitationClient,InvitationStore,generateInvitationToken}from"./invitation.js";export{AgentBuilder}from"./agent-sdk.js";export{createSuccession,verifySuccession,encodeSuccession,decodeSuccession}from"./succession.js";export{GatewayConnectionState}from"./gateway-state.js";export{createCheckpoint,verifyCheckpoint,isCacheStale,encodeCheckpoint,decodeCheckpoint}from"./checkpoint.js";export{createSubscriptionProof,verifySubscriptionProof,resumeSubscription,hashBloomFilter}from"./subscription-proof.js";export{DEFAULT_BACKUP_CONFIG,validateBackupConfig,splitKeyWithBackup,reconstructKeyFromBackup}from"./backup-config.js";export{exportBackup,importBackup}from"./backup.js";export{generateCorrelationId,validateCorrelationId,parseCorrelationId,attachCorrelationId,extractCorrelationId,getOrCreateCorrelationId,createCorrelationIdFromTimestamp,getCorrelationIdAge,isCorrelationIdExpired,correlationIdMiddleware,CORRELATION_ID_HEADER,CORRELATION_ID_ALIASES}from"./correlation-id.js";export{createLogger,LogLevel,getGlobalLogger,setGlobalLogger,logger}from"./logger.js";export{CancellationError,createTimeoutSignal,combineSignals,onCancellation,throwIfAborted,withCancellation,delay,withRetry,createCancellationController,isCancellationError}from"./cancellation.js";export{enableDebugMode,disableDebugMode,isDebugEnabled,getDebugOptions,createDebugLogger,startProfiling,endProfiling,getPerformanceMeasurements,clearPerformanceMeasurements,traceNetworkRequest,traceNetworkResponse,getNetworkTraces,clearNetworkTraces,traceCryptoOperation,getCryptoTraces,clearCryptoTraces,dumpState,getStateSnapshots,clearStateSnapshots,exportDebugData,clearAllDebugData,generateDebugReport}from"./debug-mode.js";export{getVersion,hasCapability,getCapabilities,getDeprecationInfo,warnIfDeprecated,parseVersion,compareVersions,checkCompatibility,getMinimumVersionFor,assertMinimumVersion,Capability}from"./version-info.js";export{createHealthChecker,healthEndpoint}from"./health-check.js";export{batchSend,batchReceive,batchRegistryOps,batchResolve,batchGetEntries,BatchOperationError}from"./batch-operations.js";export{detectRuntime,isBrowser,isNode,isServiceWorker,getRandomBytes,generateUUID,LocalStorageAdapter,IndexedDBAdapter,MemoryStorageAdapter,isWasmSupported,loadWasmModule,detectCapabilities,installNodePolyfills,initServiceWorker,DEFAULT_SERVICE_WORKER_CONFIG}from"./runtime/browser.js";import{installAsyncIterators as _installAsyncIterators}from"./async-iterators.js";import{Agent as _Agent}from"./agent.js";_installAsyncIterators(_Agent);export{XBindEventEmitter,createScopedEmitter}from"./event-emitter.js";export{MiddlewareChain,createPluginContext,createPlugin,PluginBuilder}from"./plugin-system.js";export{LoggingPlugin,createLoggingPlugin}from"./plugins/logging.js";export{MetricsPlugin,createMetricsPlugin}from"./plugins/metrics.js";export{ValidationPlugin,createValidationPlugin,CommonRules}from"./plugins/validation.js";export{serialize,deserialize,detectFormat,negotiateFormat,compareFormats,getContentType,parseContentType}from"./serialization.js";export{ConnectionPool,getGlobalPool,resetGlobalPool}from"./connection-pool.js";export{err,ok}from"./_deps/shared/index.js";

package/dist-standalone/invitation.js

@@ -1,415 +1 @@
-/**
- * @module invitation
- * Growth hack: Turn recipient-not-found failures into invitation opportunities.
- *
- * When agent.send() fails because recipient is not registered, this module
- * provides an invitation mechanism to turn failures into viral growth.
- *
- * Flow:
- * 1. Sender calls agent.send({ to: 'unregistered@example.com', ... })
- * 2. send() fails with RECIPIENT_NOT_FOUND
- * 3. Error includes invitationToken and inviteUrl
- * 4. Sender shares URL with recipient
- * 5. Recipient clicks link, signs up, joins Xail
- * 6. Connection auto-establishes
- */
-import { ok, err } from"./_deps/shared/index.js";
-/**
- * Error codes for invitation operations.
- */
-export var InvitationErrorCode;
-(function (InvitationErrorCode) {
-    /** Invitation token is invalid format */
-    InvitationErrorCode["INVALID_TOKEN"] = "INVITATION_INVALID_TOKEN";
-    /** Invitation token has expired */
-    InvitationErrorCode["EXPIRED_TOKEN"] = "INVITATION_EXPIRED_TOKEN";
-    /** Invitation token already redeemed */
-    InvitationErrorCode["ALREADY_REDEEMED"] = "INVITATION_ALREADY_REDEEMED";
-    /** Rate limit exceeded (10 invitations/day per DID) */
-    InvitationErrorCode["RATE_LIMIT_EXCEEDED"] = "INVITATION_RATE_LIMIT_EXCEEDED";
-    /** Server communication failed */
-    InvitationErrorCode["SERVER_ERROR"] = "INVITATION_SERVER_ERROR";
-})(InvitationErrorCode || (InvitationErrorCode = {}));
-/**
- * Client-side invitation manager.
- * Creates invitations after send() failures and manages their lifecycle.
- */
-export class InvitationClient {
-    invitationApiUrl;
-    /**
-     * Create invitation client.
-     *
-     * @param options - Configuration
-     * @param options.invitationApiUrl - Invitation API URL (default: https://api.private.me)
-     *
-     * @example
-     * ```ts
-     * const inviteClient = new InvitationClient();
-     * ```
-     */
-    constructor(options = {}) {
-        this.invitationApiUrl = options.invitationApiUrl || 'https://api.private.me';
-    }
-    /**
-     * Create an invitation for a recipient who is not yet registered.
-     *
-     * Called automatically when agent.send() returns RECIPIENT_NOT_FOUND.
-     * Generates a time-limited invitation token that can be shared via email/SMS.
-     *
-     * @param senderDid - DID of the agent sending the invitation
-     * @param recipientContact - Email address or identifier of recipient
-     * @param expiryDays - Days until invitation expires (default: 7)
-     * @returns Invitation token with shareable URL or error
-     *
-     * @example
-     * ```ts
-     * const inviteResult = await inviteClient.create(
-     *   'did:key:z6Mk...',
-     *   'alice@example.com',
-     *   7 // 7-day expiry
-     * );
-     *
-     * if (inviteResult.ok) {
-     *   // Share inviteResult.value.inviteUrl with recipient
-     *   console.log('Share this link:', inviteResult.value.inviteUrl);
-     * } else {
-     *   // Handle error
-     *   console.error('Failed:', inviteResult.error.message);
-     * }
-     * ```
-     */
-    async create(senderDid, recipientContact, expiryDays = 7) {
-        try {
-            const response = await fetch(`${this.invitationApiUrl}/invitations/create`, {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                },
-                body: JSON.stringify({
-                    senderDid,
-                    recipientContact,
-                    expiryDays,
-                }),
-            });
-            if (response.status === 429) {
-                return err({
-                    code: InvitationErrorCode.RATE_LIMIT_EXCEEDED,
-                    message: 'Too many invitations created. Limit: 10 per day',
-                    hint: 'Wait before creating more invitations',
-                });
-            }
-            if (!response.ok) {
-                return err({
-                    code: InvitationErrorCode.SERVER_ERROR,
-                    message: `Server error: ${response.status}`,
-                });
-            }
-            const data = await response.json();
-            return ok({
-                token: data.token,
-                expiresAt: new Date(data.expiresAt),
-                senderDid: data.senderDid,
-                recipientContact: data.recipientContact,
-                inviteUrl: data.inviteUrl,
-            });
-        }
-        catch (error) {
-            return err({
-                code: InvitationErrorCode.SERVER_ERROR,
-                message: error instanceof Error ? error.message : 'Network error',
-            });
-        }
-    }
-    /**
-     * Redeem an invitation token and create a new DID for the recipient.
-     *
-     * Called by recipient after clicking invitation link.
-     * Returns a new DID that can be used immediately for messaging.
-     *
-     * @param token - Invitation token from URL query parameter
-     * @returns New DID for recipient or error
-     *
-     * @example
-     * ```ts
-     * // From URL: https://private.me/invite?token=abc123
-     * const urlParams = new URLSearchParams(window.location.search);
-     * const token = urlParams.get('token');
-     *
-     * const redeemResult = await inviteClient.redeem(token);
-     * if (redeemResult.ok) {
-     *   // Auto-create agent with new DID
-     *   const agent = await Agent.create(redeemResult.value);
-     * } else {
-     *   // Handle: expired, already used, invalid
-     *   console.error(redeemResult.error.message);
-     * }
-     * ```
-     */
-    async redeem(token) {
-        try {
-            if (!token || typeof token !== 'string') {
-                return err({
-                    code: InvitationErrorCode.INVALID_TOKEN,
-                    message: 'Invitation token is required',
-                });
-            }
-            const response = await fetch(`${this.invitationApiUrl}/invitations/redeem`, {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                },
-                body: JSON.stringify({ token }),
-            });
-            if (response.status === 400) {
-                return err({
-                    code: InvitationErrorCode.INVALID_TOKEN,
-                    message: 'Invitation token is invalid',
-                    hint: 'Check the token in your URL',
-                });
-            }
-            if (response.status === 410) {
-                const data = await response.json();
-                if (data.reason === 'expired') {
-                    return err({
-                        code: InvitationErrorCode.EXPIRED_TOKEN,
-                        message: 'Invitation has expired',
-                        hint: 'Ask the sender for a new invitation',
-                    });
-                }
-                return err({
-                    code: InvitationErrorCode.ALREADY_REDEEMED,
-                    message: 'Invitation has already been used',
-                    hint: 'Each invitation can only be used once',
-                });
-            }
-            if (!response.ok) {
-                return err({
-                    code: InvitationErrorCode.SERVER_ERROR,
-                    message: `Server error: ${response.status}`,
-                });
-            }
-            const data = await response.json();
-            return ok(data.did);
-        }
-        catch (error) {
-            return err({
-                code: InvitationErrorCode.SERVER_ERROR,
-                message: error instanceof Error ? error.message : 'Network error',
-            });
-        }
-    }
-    /**
-     * Get invitation details without redeeming.
-     *
-     * Used to preview sender name before accepting invitation.
-     *
-     * @param token - Invitation token
-     * @returns Invitation details or error
-     *
-     * @example
-     * ```ts
-     * const detailsResult = await inviteClient.get(token);
-     * if (detailsResult.ok) {
-     *   console.log(`${detailsResult.value.senderDid} invited you`);
-     * }
-     * ```
-     */
-    async get(token) {
-        try {
-            const response = await fetch(`${this.invitationApiUrl}/invitations/${encodeURIComponent(token)}`, {
-                headers: {
-                    'Accept': 'application/json',
-                },
-            });
-            if (response.status === 404) {
-                return err({
-                    code: InvitationErrorCode.INVALID_TOKEN,
-                    message: 'Invitation not found',
-                });
-            }
-            if (!response.ok) {
-                return err({
-                    code: InvitationErrorCode.SERVER_ERROR,
-                    message: `Server error: ${response.status}`,
-                });
-            }
-            const data = await response.json();
-            return ok({
-                senderDid: data.senderDid,
-                recipientContact: data.recipientContact,
-                expiresAt: new Date(data.expiresAt),
-            });
-        }
-        catch (error) {
-            return err({
-                code: InvitationErrorCode.SERVER_ERROR,
-                message: error instanceof Error ? error.message : 'Network error',
-            });
-        }
-    }
-}
-/**
- * Server-side invitation store (in-memory with JSONL persistence).
- * Used by /invitations/* API endpoints.
- */
-export class InvitationStore {
-    invitations = new Map();
-    redeemedTokens = new Set();
-    /** Track invitation creation per DID for rate limiting (10/day) */
-    creationCounts = new Map();
-    /**
-     * Create an invitation and return token + expiry.
-     * Enforces rate limit: 10 invitations per DID per 24 hours.
-     *
-     * @param senderDid - DID creating the invitation
-     * @param recipientContact - Email or identifier
-     * @param expiryDays - Days until expiry
-     * @returns Token + metadata or error
-     */
-    create(senderDid, recipientContact, expiryDays = 7) {
-        // Check rate limit
-        const now = Date.now();
-        const limit = this.creationCounts.get(senderDid);
-        if (limit && limit.count >= 10 && now < limit.resetTime) {
-            return err({
-                code: InvitationErrorCode.RATE_LIMIT_EXCEEDED,
-                message: 'Rate limit exceeded. Maximum 10 invitations per day.',
-            });
-        }
-        // Reset counter if window expired
-        if (limit && now >= limit.resetTime) {
-            this.creationCounts.delete(senderDid);
-        }
-        // Generate token
-        const token = generateInvitationToken();
-        const expiresAt = now + (expiryDays * 24 * 60 * 60 * 1000);
-        const invitation = {
-            token,
-            senderDid,
-            recipientContact,
-            createdAt: now,
-            expiresAt,
-            redeemed: false,
-        };
-        this.invitations.set(token, invitation);
-        // Update rate limit counter
-        if (!limit) {
-            this.creationCounts.set(senderDid, {
-                count: 1,
-                resetTime: now + (24 * 60 * 60 * 1000), // 24-hour window
-            });
-        }
-        else {
-            limit.count += 1;
-        }
-        return ok(invitation);
-    }
-    /**
-     * Get invitation by token without marking as redeemed.
-     *
-     * @param token - Token to lookup
-     * @returns Invitation or error
-     */
-    get(token) {
-        const invitation = this.invitations.get(token);
-        if (!invitation) {
-            return err({
-                code: InvitationErrorCode.INVALID_TOKEN,
-                message: 'Invitation not found',
-            });
-        }
-        const now = Date.now();
-        if (now > invitation.expiresAt) {
-            // Clean up expired invitation
-            this.invitations.delete(token);
-            return err({
-                code: InvitationErrorCode.EXPIRED_TOKEN,
-                message: 'Invitation has expired',
-            });
-        }
-        if (invitation.redeemed) {
-            return err({
-                code: InvitationErrorCode.ALREADY_REDEEMED,
-                message: 'Invitation has already been redeemed',
-            });
-        }
-        return ok(invitation);
-    }
-    /**
-     * Redeem an invitation (one-time use).
-     * Mark as redeemed and generate new DID.
-     *
-     * @param token - Token to redeem
-     * @returns New DID or error
-     */
-    redeem(token) {
-        const getResult = this.get(token);
-        if (!getResult.ok) {
-            return getResult;
-        }
-        const invitation = getResult.value;
-        invitation.redeemed = true;
-        this.redeemedTokens.add(token);
-        // Generate DID for recipient
-        const did = generateRecipientDid(invitation.senderDid, invitation.recipientContact);
-        return ok(did);
-    }
-    /**
-     * Clean up expired invitations (run daily).
-     * @returns Number of invitations deleted
-     */
-    cleanup() {
-        const now = Date.now();
-        let count = 0;
-        for (const [token, invitation] of this.invitations.entries()) {
-            if (now > invitation.expiresAt || invitation.redeemed) {
-                this.invitations.delete(token);
-                count += 1;
-            }
-        }
-        return count;
-    }
-    /** Get active invitation count */
-    get count() {
-        return this.invitations.size;
-    }
-}
-/**
- * Generate a cryptographically secure invitation token.
- * Format: 48-character hex string (192 bits).
- * @returns Random token
- */
-export function generateInvitationToken() {
-    const bytes = new Uint8Array(24);
-    crypto.getRandomValues(bytes);
-    return Array.from(bytes)
-        .map(b => b.toString(16).padStart(2, '0'))
-        .join('');
-}
-/**
- * Generate a deterministic DID for invited recipient.
- * Ensures consistent identity across sessions.
- *
- * @param senderDid - DID of sender
- * @param recipientContact - Email or identifier
- * @returns Generated DID for recipient
- */
-function generateRecipientDid(senderDid, recipientContact) {
-    // Create a simple derived identifier
-    // In production: derive from email + hash(senderDid) for uniqueness
-    const hash = hashString(`${senderDid}:${recipientContact}`);
-    return `did:key:z6Mk${hash}`;
-}
-/**
- * Simple hash function for DID generation.
- * @param input - String to hash
- * @returns Hex string
- */
-function hashString(input) {
-    let hash = 0;
-    for (let i = 0; i < input.length; i += 1) {
-        hash = ((hash << 5) - hash) + input.charCodeAt(i);
-        hash = hash & hash; // Convert to 32bit integer
-    }
-    return Math.abs(hash).toString(16).padStart(8, '0');
-}
+import{ok,err}from"./_deps/shared/index.js";export var InvitationErrorCode;!function(e){e.INVALID_TOKEN="INVITATION_INVALID_TOKEN",e.EXPIRED_TOKEN="INVITATION_EXPIRED_TOKEN",e.ALREADY_REDEEMED="INVITATION_ALREADY_REDEEMED",e.RATE_LIMIT_EXCEEDED="INVITATION_RATE_LIMIT_EXCEEDED",e.SERVER_ERROR="INVITATION_SERVER_ERROR"}(InvitationErrorCode||(InvitationErrorCode={}));export class InvitationClient{invitationApiUrl;constructor(e={}){this.invitationApiUrl=e.invitationApiUrl||"https://api.private.me"}async create(e,t,r=7){try{const n=await fetch(`${this.invitationApiUrl}/invitations/create`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({senderDid:e,recipientContact:t,expiryDays:r})});if(429===n.status)return err({code:InvitationErrorCode.RATE_LIMIT_EXCEEDED,message:"Too many invitations created. Limit: 10 per day",hint:"Wait before creating more invitations"});if(!n.ok)return err({code:InvitationErrorCode.SERVER_ERROR,message:`Server error: ${n.status}`});const i=await n.json();return ok({token:i.token,expiresAt:new Date(i.expiresAt),senderDid:i.senderDid,recipientContact:i.recipientContact,inviteUrl:i.inviteUrl})}catch(e){return err({code:InvitationErrorCode.SERVER_ERROR,message:e instanceof Error?e.message:"Network error"})}}async redeem(e){try{if(!e||"string"!=typeof e)return err({code:InvitationErrorCode.INVALID_TOKEN,message:"Invitation token is required"});const t=await fetch(`${this.invitationApiUrl}/invitations/redeem`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({token:e})});if(400===t.status)return err({code:InvitationErrorCode.INVALID_TOKEN,message:"Invitation token is invalid",hint:"Check the token in your URL"});if(410===t.status){return"expired"===(await t.json()).reason?err({code:InvitationErrorCode.EXPIRED_TOKEN,message:"Invitation has expired",hint:"Ask the sender for a new invitation"}):err({code:InvitationErrorCode.ALREADY_REDEEMED,message:"Invitation has already been used",hint:"Each invitation can only be used once"})}if(!t.ok)return err({code:InvitationErrorCode.SERVER_ERROR,message:`Server error: ${t.status}`});const r=await t.json();return ok(r.did)}catch(e){return err({code:InvitationErrorCode.SERVER_ERROR,message:e instanceof Error?e.message:"Network error"})}}async get(e){try{const t=await fetch(`${this.invitationApiUrl}/invitations/${encodeURIComponent(e)}`,{headers:{Accept:"application/json"}});if(404===t.status)return err({code:InvitationErrorCode.INVALID_TOKEN,message:"Invitation not found"});if(!t.ok)return err({code:InvitationErrorCode.SERVER_ERROR,message:`Server error: ${t.status}`});const r=await t.json();return ok({senderDid:r.senderDid,recipientContact:r.recipientContact,expiresAt:new Date(r.expiresAt)})}catch(e){return err({code:InvitationErrorCode.SERVER_ERROR,message:e instanceof Error?e.message:"Network error"})}}}export class InvitationStore{invitations=new Map;redeemedTokens=new Set;creationCounts=new Map;create(e,t,r=7){const n=Date.now(),i=this.creationCounts.get(e);if(i&&i.count>=10&&n<i.resetTime)return err({code:InvitationErrorCode.RATE_LIMIT_EXCEEDED,message:"Rate limit exceeded. Maximum 10 invitations per day."});i&&n>=i.resetTime&&this.creationCounts.delete(e);const o=generateInvitationToken(),a={token:o,senderDid:e,recipientContact:t,createdAt:n,expiresAt:n+24*r*60*60*1e3,redeemed:!1};return this.invitations.set(o,a),i?i.count+=1:this.creationCounts.set(e,{count:1,resetTime:n+864e5}),ok(a)}get(e){const t=this.invitations.get(e);if(!t)return err({code:InvitationErrorCode.INVALID_TOKEN,message:"Invitation not found"});return Date.now()>t.expiresAt?(this.invitations.delete(e),err({code:InvitationErrorCode.EXPIRED_TOKEN,message:"Invitation has expired"})):t.redeemed?err({code:InvitationErrorCode.ALREADY_REDEEMED,message:"Invitation has already been redeemed"}):ok(t)}redeem(e){const t=this.get(e);if(!t.ok)return t;const r=t.value;r.redeemed=!0,this.redeemedTokens.add(e);const n=generateRecipientDid(r.senderDid,r.recipientContact);return ok(n)}cleanup(){const e=Date.now();let t=0;for(const[r,n]of this.invitations.entries())(e>n.expiresAt||n.redeemed)&&(this.invitations.delete(r),t+=1);return t}get count(){return this.invitations.size}}export function generateInvitationToken(){const e=new Uint8Array(24);return crypto.getRandomValues(e),Array.from(e).map(e=>e.toString(16).padStart(2,"0")).join("")}function generateRecipientDid(e,t){return`did:key:z6Mk${hashString(`${e}:${t}`)}`}function hashString(e){let t=0;for(let r=0;r<e.length;r+=1)t=(t<<5)-t+e.charCodeAt(r),t&=t;return Math.abs(t).toString(16).padStart(8,"0")}