@provenonce/sdk 0.9.0 → 0.10.1

package/README.md

@@ -1,171 +1,186 @@
-# @provenonce/sdk
-
-Cryptographic identity and accountability SDK for AI agents. Chain-agnostic (Solana + Ethereum).
-
-## Install
-
-```bash
-npm install @provenonce/sdk
-```
-
-## Registration
-
-Before using the SDK, register your agent to get an API key:
-
-```typescript
-import { register } from '@provenonce/sdk';
-
-// No-wallet registration (default — identity only)
-const creds = await register('my-agent-v1', {
-  registryUrl: 'https://provenonce.io',
-  registrationSecret: process.env.REGISTRATION_SECRET, // required in production
-});
-
-console.log(creds.hash);    // unique agent identity
-console.log(creds.api_key); // use this for BeatAgent
-console.log(creds.secret);  // save — shown only once
-
-// Solana self-custody wallet (opt-in)
-const withWallet = await register('my-org', {
-  registryUrl: 'https://provenonce.io',
-  walletModel: 'self-custody',
-});
-// withWallet.wallet.address = Solana address
-// withWallet.wallet.secret_key = SAVE — cannot be recovered
-
-// Child registration (requires parent credentials)
-const child = await register('worker-1', {
-  registryUrl: 'https://provenonce.io',
-  parentHash: creds.hash,
-  parentApiKey: creds.api_key,
-});
-```
-
-## Quick Start
-
-```typescript
-import { BeatAgent } from '@provenonce/sdk';
-
-const agent = new BeatAgent({
-  apiKey: 'pvn_...',
-  registryUrl: 'https://provenonce.io',
-  verbose: true,
-});
-
-await agent.init();           // Birth in Beat time
-
+# @provenonce/sdk
+
+Cryptographic identity and accountability SDK for AI agents. Chain-agnostic (Solana + Ethereum).
+
+## Install
+
+```bash
+npm install @provenonce/sdk
+```
+
+## Registration
+
+Before using the SDK, register your agent to get an API key:
+
+```typescript
+import { register } from '@provenonce/sdk';
+
+// No-wallet registration (default — identity only)
+const creds = await register('my-agent-v1', {
+  registryUrl: 'https://provenonce.io',
+  registrationSecret: process.env.REGISTRATION_SECRET, // required in production
+});
+
+console.log(creds.hash);    // unique agent identity
+console.log(creds.api_key); // use this for BeatAgent
+console.log(creds.secret);  // save — shown only once
+
+// Solana self-custody wallet (opt-in)
+const withWallet = await register('my-org', {
+  registryUrl: 'https://provenonce.io',
+  walletModel: 'self-custody',
+});
+// withWallet.wallet.address = Solana address
+// withWallet.wallet.secret_key = SAVE — cannot be recovered
+
+// Child registration (requires parent credentials)
+const child = await register('worker-1', {
+  registryUrl: 'https://provenonce.io',
+  parentHash: creds.hash,
+  parentApiKey: creds.api_key,
+});
+```
+
+## Quick Start
+
+```typescript
+import { BeatAgent } from '@provenonce/sdk';
+
+const agent = new BeatAgent({
+  apiKey: 'pvn_...',
+  registryUrl: 'https://provenonce.io',
+  verbose: true,
+});
+
+await agent.init();           // Birth in Beat time
+
 // Purchase a SIGIL (cryptographic identity)
 const sigil = await agent.purchaseSigil({
-  identityClass: 'autonomous',
-  paymentTx: 'solana-tx-signature...',
+  identity_class: 'autonomous',
+  principal: 'my-agent',
+  tier: 'ind',
+  payment_tx: 'solana-tx-signature...',
 });
-
-// Start heartbeating (paid liveness proofs)
-agent.startHeartbeat();
-
-// Get your Passport (latest lineage proof)
-const passport = await agent.getPassport();
-console.log(passport?.identity_class);     // 'autonomous'
-console.log(passport?.provenonce_signature); // Ed25519 signed
-
-// Verify any proof offline — no API call needed
-const valid = BeatAgent.verifyProofLocally(passport, authorityPubKeyHex);
-
-agent.stopHeartbeat();
-```
-
-## API
-
+
+// Start heartbeating (paid liveness proofs)
+agent.startHeartbeat();
+
+// Get your Passport (latest lineage proof)
+const passport = await agent.getPassport();
+console.log(passport?.identity_class);     // 'autonomous'
+console.log(passport?.provenonce_signature); // Ed25519 signed
+
+// Verify any proof offline — no API call needed
+const valid = BeatAgent.verifyProofLocally(passport, authorityPubKeyHex);
+
+agent.stopHeartbeat();
+```
+
+## API
+
 ### `BeatAgent`
 
 | Method | Description |
 |--------|-------------|
 | `init()` | Initialize the agent's Beat chain (birth in Logical Time) |
 | `purchaseSigil(opts)` | Purchase a SIGIL identity (required for heartbeating) |
-| `heartbeat(opts?)` | Submit a paid heartbeat and receive a signed lineage proof |
+| `updateMetadata(fields)` | Update mutable SIGIL metadata fields |
+| `heartbeat(paymentTx?, globalAnchor?)` | Submit a paid heartbeat and receive a signed lineage proof |
 | `startHeartbeat()` | Start autonomous heartbeat loop |
 | `stopHeartbeat()` | Stop heartbeat |
 | `getPassport()` | Get latest lineage proof (Passport) |
 | `reissueProof(paymentTx?)` | Reissue proof without extending lineage |
-| `requestSpawn(name?)` | Spawn a child agent (requires accumulated beats) |
-| `getStatus()` | Get full beat status from registry |
-| `getLocalState()` | Get local state (no network call) |
-| `static verifyProofLocally(proof, pubKey)` | Verify a lineage proof offline |
-
-### `BeatAgentConfig`
-
-| Option | Default | Description |
-|--------|---------|-------------|
-| `apiKey` | *required* | API key from registration (`pvn_...`) |
-| `registryUrl` | *required* | Provenonce registry URL |
-| `heartbeatIntervalSec` | `300` | Seconds between automatic heartbeats |
-| `onHeartbeat` | — | Callback when heartbeat completes |
-| `onError` | — | Callback on error |
-| `onStatusChange` | — | Callback when status changes |
-| `verbose` | `false` | Enable console logging |
-
-### `register(name, options)`
-
-| Option | Description |
-|--------|-------------|
-| `registryUrl` | Registry URL (required) |
-| `registrationSecret` | Registration gate (mainnet) |
-| `walletModel` | `'self-custody'` or `'operator'` (opt-in wallet) |
-| `walletChain` | `'solana'` or `'ethereum'` |
-| `walletAddress` | Ethereum BYO address |
-| `walletSignFn` | Signing function for BYO wallets |
-| `parentHash` | Parent hash (child registration) |
-| `parentApiKey` | Parent's API key (child registration) |
-
-Returns `RegistrationResult` with `hash`, `api_key`, `secret`, `wallet?`.
-
-**Note:** Agent names should only contain `[a-zA-Z0-9_\-. ]`. Other characters are stripped by the server before signature verification.
-
+| `requestSpawn(name?)` | Spawn a child agent (requires accumulated beats) |
+| `getStatus()` | Get full beat status from registry |
+| `getLocalState()` | Get local state (no network call) |
+| `static verifyProofLocally(proof, pubKey)` | Verify a lineage proof offline |
+
+### `BeatAgentConfig`
+
+| Option | Default | Description |
+|--------|---------|-------------|
+| `apiKey` | *required* | API key from registration (`pvn_...`) |
+| `registryUrl` | *required* | Provenonce registry URL |
+| `heartbeatIntervalSec` | `300` | Seconds between automatic heartbeats |
+| `onHeartbeat` | — | Callback when heartbeat completes |
+| `onError` | — | Callback on error |
+| `onStatusChange` | — | Callback when status changes |
+| `verbose` | `false` | Enable console logging |
+
+### `register(name, options)`
+
+| Option | Description |
+|--------|-------------|
+| `registryUrl` | Registry URL (required) |
+| `registrationSecret` | Registration gate (mainnet) |
+| `walletModel` | `'self-custody'` or `'operator'` (opt-in wallet) |
+| `walletChain` | `'solana'` or `'ethereum'` |
+| `walletAddress` | Ethereum BYO address |
+| `walletSignFn` | Signing function for BYO wallets |
+| `parentHash` | Parent hash (child registration) |
+| `parentApiKey` | Parent's API key (child registration) |
+
+Returns `RegistrationResult` with `hash`, `api_key`, `secret`, `wallet?`.
+
+**Note:** Agent names should only contain `[a-zA-Z0-9_\-. ]`. Other characters are stripped by the server before signature verification.
+
 ### Phase 2 Types
-
-```typescript
-import type { Passport, LineageProof, IdentityClass, SigilResult, HeartbeatResult } from '@provenonce/sdk';
-
-// Passport = LineageProof (type alias)
-// Contains: agent_hash, agent_public_key, identity_class, lineage_chain_hash,
-//           provenonce_signature, issued_at, valid_until, etc.
-
+
+```typescript
+import type { Passport, LineageProof, IdentityClass, SigilResult, HeartbeatResult } from '@provenonce/sdk';
+
+// Passport = LineageProof (type alias)
+// Contains: agent_hash, agent_public_key, identity_class, lineage_chain_hash,
+//           provenonce_signature, issued_at, valid_until, etc.
+
 // IdentityClass = 'narrow_task' | 'autonomous' | 'orchestrator'
 ```
 
-### Error Handling
+### `purchaseSigil(opts)` required fields
 
 ```typescript
-import { ProvenonceError, AuthError, RateLimitError, FrozenError, ErrorCode } from '@provenonce/sdk';
-
-try {
-  await agent.heartbeat();
-} catch (err) {
-  if (err instanceof RateLimitError) {
-    console.log(`Retry after ${err.retryAfterMs}ms`);
-  } else if (err instanceof FrozenError) {
-    console.log('Agent is frozen — heartbeat refused');
-  } else if (err instanceof AuthError) {
-    console.log('Invalid API key');
-  }
-}
+await agent.purchaseSigil({
+  identity_class: 'narrow_task' | 'autonomous' | 'orchestrator',
+  principal: 'my-agent',
+  tier: 'sov' | 'org' | 'ind' | 'eph' | 'sbx',
+  payment_tx: 'solana-tx-signature...', // or 'devnet-skip' on devnet
+  name: 'optional-display-name'
+});
 ```
-
-## Framework Integration Examples
-
-Ready-to-run examples for popular agent frameworks are in [`examples/`](./examples/):
-
-| Framework | File | What it shows |
-|-----------|------|---------------|
-| **CrewAI** | [`crewai_example.py`](./examples/crewai_example.py) | Register a research crew with parent-child lineage |
-| **AutoGen** | [`autogen_example.py`](./examples/autogen_example.py) | Coder + reviewer agents with post-run provenance audit |
-| **LangGraph** | [`langgraph_example.py`](./examples/langgraph_example.py) | Pipeline nodes with on-chain audit trail |
-| **Any (Node.js)** | [`add-provenonce.ts`](./examples/add-provenonce.ts) | 20-line generic integration |
-
-Python examples use the REST API directly — no Python SDK needed. See [`examples/README.md`](./examples/README.md) for details.
-
-## Links
-
+
+### Error Handling
+
+```typescript
+import { ProvenonceError, AuthError, RateLimitError, FrozenError, ErrorCode } from '@provenonce/sdk';
+
+try {
+  await agent.heartbeat();
+} catch (err) {
+  if (err instanceof RateLimitError) {
+    console.log(`Retry after ${err.retryAfterMs}ms`);
+  } else if (err instanceof FrozenError) {
+    console.log('Agent is frozen — heartbeat refused');
+  } else if (err instanceof AuthError) {
+    console.log('Invalid API key');
+  }
+}
+```
+
+## Framework Integration Examples
+
+Ready-to-run examples for popular agent frameworks are in [`examples/`](./examples/):
+
+| Framework | File | What it shows |
+|-----------|------|---------------|
+| **CrewAI** | [`crewai_example.py`](./examples/crewai_example.py) | Register a research crew with parent-child lineage |
+| **AutoGen** | [`autogen_example.py`](./examples/autogen_example.py) | Coder + reviewer agents with post-run provenance audit |
+| **LangGraph** | [`langgraph_example.py`](./examples/langgraph_example.py) | Pipeline nodes with on-chain audit trail |
+| **Any (Node.js)** | [`add-provenonce.ts`](./examples/add-provenonce.ts) | 20-line generic integration |
+
+Python examples use the REST API directly — no Python SDK needed. See [`examples/README.md`](./examples/README.md) for details.
+
+## Links
+
 - [Live prototype](https://provenonce.io)
 - [npm package](https://www.npmjs.com/package/@provenonce/sdk)
 - [API docs](https://provenonce.dev)

package/dist/index.d.mts

@@ -28,6 +28,18 @@
  */
 /** SIGIL identity class — determines tier pricing and heartbeat volume caps */
 type IdentityClass = 'narrow_task' | 'autonomous' | 'orchestrator';
+/** SIGIL trust governance tier — orthogonal to identity_class (fee axis) */
+type SigilTier = 'sov' | 'org' | 'ind' | 'eph' | 'sbx';
+/** Substrate — what the agent runs on */
+type Substrate = 'frontier' | 'open' | 'local' | 'symbolic' | 'hybrid' | 'human';
+/** Substrate provider */
+type SubstrateProvider = 'anthropic' | 'openai' | 'google' | 'meta' | 'mistral' | 'xai' | 'cohere' | 'deepseek' | 'custom';
+/** Capability — what the agent primarily does */
+type Capability = 'analyst' | 'executor' | 'orchestrator' | 'guardian' | 'retriever' | 'renderer' | 'witness';
+/** Protocol — how to reach the agent */
+type SigilProtocol = 'http' | 'grpc' | 'websocket' | 'mcp' | 'a2a' | 'custom';
+/** Compliance regime */
+type ComplianceRegime = 'gdpr' | 'pdpa' | 'hipaa' | 'sox' | 'aisi' | 'none' | 'custom';
 /**
  * Ed25519-signed lineage proof — portable, offline-verifiable credential.
  * Also known as the agent's "passport" — a cryptographic proof of identity
@@ -47,10 +59,48 @@ interface LineageProof {
 }
 /** Passport = LineageProof. The agent's portable, offline-verifiable credential. */
 type Passport = LineageProof;
+/** Options for purchasing a SIGIL with full namespace */
+interface SigilPurchaseOptions {
+    identity_class: IdentityClass;
+    principal: string;
+    tier: SigilTier;
+    name?: string;
+    payment_tx: string;
+    substrate?: Substrate;
+    substrate_provider?: SubstrateProvider;
+    substrate_model?: string;
+    capability?: Capability;
+    capability_scope?: string;
+    tools?: string[];
+    modality_input?: string[];
+    modality_output?: string[];
+    protocol?: SigilProtocol;
+    endpoint?: string;
+    compliance_regime?: ComplianceRegime;
+}
+/** Mutable SIGIL metadata fields for PATCH updates */
+interface SigilMutableFields {
+    substrate?: Substrate;
+    substrate_provider?: SubstrateProvider;
+    substrate_model?: string;
+    capability?: Capability;
+    capability_scope?: string;
+    generation_trigger?: string;
+    tools?: string[];
+    modality_input?: string[];
+    modality_output?: string[];
+    protocol?: SigilProtocol;
+    endpoint?: string;
+    compliance_regime?: ComplianceRegime;
+}
 /** Result from purchasing a SIGIL (Structured Identity Governance and Intelligent Lookup) */
 interface SigilResult {
     ok: boolean;
     sigil?: {
+        sigil: string;
+        sigil_name: string;
+        principal: string;
+        tier: SigilTier;
         identity_class: IdentityClass;
         issued_at_beat: number;
         birth_tx: string | null;
@@ -64,6 +114,29 @@ interface SigilResult {
     };
     error?: string;
 }
+/** Result from updating mutable SIGIL metadata */
+interface MetadataUpdateResult {
+    ok: boolean;
+    sigil?: string;
+    generation?: number;
+    updated_fields?: string[];
+    error?: string;
+}
+/** Result from offline lineage proof verification */
+interface VerificationResult {
+    /** Overall validity: signature is valid AND not expired */
+    valid: boolean;
+    /** Ed25519 signature verification passed */
+    signatureValid: boolean;
+    /** Proof has passed its valid_until timestamp */
+    expired: boolean;
+    /** The beat index of the agent's last heartbeat */
+    lastHeartbeatBeat: number;
+    /** Beats elapsed since last heartbeat (null if currentBeat not provided) */
+    beatsSinceHeartbeat: number | null;
+    /** Human-readable warning if proof is expired or stale */
+    warning?: string;
+}
 /** Result from a paid heartbeat */
 interface HeartbeatResult {
     ok: boolean;
@@ -332,10 +405,20 @@ declare class BeatAgent {
      * SIGILs gate heartbeating, lineage proofs, and offline verification.
      * One-time purchase — cannot be re-purchased.
      *
-     * @param identityClass - 'narrow_task' (0.05 SOL), 'autonomous' (0.15 SOL), or 'orchestrator' (0.35 SOL)
-     * @param paymentTx - Solana transaction signature proving payment. Use 'devnet-skip' on devnet.
+     * @param options - SIGIL purchase options (identity_class, principal, tier, name, payment_tx, + optional metadata)
+     *
+     * Legacy signature (deprecated):
+     * @param identityClass - 'narrow_task' | 'autonomous' | 'orchestrator'
+     * @param paymentTx - Solana transaction signature or 'devnet-skip'
+     */
+    purchaseSigil(optionsOrClass: SigilPurchaseOptions | IdentityClass, paymentTx?: string): Promise<SigilResult>;
+    /**
+     * Update mutable SIGIL metadata fields.
+     * Requires a SIGIL. Cannot modify immutable fields.
+     *
+     * @param fields - Subset of mutable SIGIL fields to update
      */
-    purchaseSigil(identityClass: IdentityClass, paymentTx: string): Promise<SigilResult>;
+    updateMetadata(fields: Partial<SigilMutableFields>): Promise<MetadataUpdateResult>;
     /**
      * Send a paid heartbeat to the registry.
      * Requires a SIGIL. Returns a signed lineage proof.
@@ -371,10 +454,14 @@ declare class BeatAgent {
      * Verify a lineage proof locally using the authority public key.
      * Offline verification — no API call, no SOL cost.
      *
+     * Returns a VerificationResult object. The object is truthy when valid,
+     * so `if (BeatAgent.verifyProofLocally(proof, key))` still works.
+     *
      * @param proof - The LineageProof to verify
      * @param authorityPubKeyHex - 32-byte hex-encoded Ed25519 public key from /.well-known/provenonce-authority.json
+     * @param currentBeat - Optional current global beat index (for beatsSinceHeartbeat calculation)
      */
-    static verifyProofLocally(proof: LineageProof, authorityPubKeyHex: string): boolean;
+    static verifyProofLocally(proof: LineageProof, authorityPubKeyHex: string, currentBeat?: number): VerificationResult;
     /**
      * Get this agent's full beat status from the registry.
      */
@@ -486,4 +573,4 @@ declare class ServerError extends ProvenonceError {
     constructor(message: string, statusCode?: number);
 }
 
-export { type AgentStatus, AuthError, type Beat, BeatAgent, type BeatAgentConfig, type CheckinResult, ErrorCode, FrozenError, type HeartbeatResult, type IdentityClass, type LineageProof, NetworkError, NotFoundError, type Passport, ProvenonceError, RateLimitError, type RegistrationResult, ServerError, type SigilResult, type SpawnResult, StateError, ValidationError, type WalletInfo, computeBeat, computeBeatsLite, generateWalletKeypair, register };
+export { type AgentStatus, AuthError, type Beat, BeatAgent, type BeatAgentConfig, type Capability, type CheckinResult, type ComplianceRegime, ErrorCode, FrozenError, type HeartbeatResult, type IdentityClass, type LineageProof, type MetadataUpdateResult, NetworkError, NotFoundError, type Passport, ProvenonceError, RateLimitError, type RegistrationResult, ServerError, type SigilMutableFields, type SigilProtocol, type SigilPurchaseOptions, type SigilResult, type SigilTier, type SpawnResult, StateError, type Substrate, type SubstrateProvider, ValidationError, type VerificationResult, type WalletInfo, computeBeat, computeBeatsLite, generateWalletKeypair, register };

package/dist/index.d.ts

@@ -28,6 +28,18 @@
  */
 /** SIGIL identity class — determines tier pricing and heartbeat volume caps */
 type IdentityClass = 'narrow_task' | 'autonomous' | 'orchestrator';
+/** SIGIL trust governance tier — orthogonal to identity_class (fee axis) */
+type SigilTier = 'sov' | 'org' | 'ind' | 'eph' | 'sbx';
+/** Substrate — what the agent runs on */
+type Substrate = 'frontier' | 'open' | 'local' | 'symbolic' | 'hybrid' | 'human';
+/** Substrate provider */
+type SubstrateProvider = 'anthropic' | 'openai' | 'google' | 'meta' | 'mistral' | 'xai' | 'cohere' | 'deepseek' | 'custom';
+/** Capability — what the agent primarily does */
+type Capability = 'analyst' | 'executor' | 'orchestrator' | 'guardian' | 'retriever' | 'renderer' | 'witness';
+/** Protocol — how to reach the agent */
+type SigilProtocol = 'http' | 'grpc' | 'websocket' | 'mcp' | 'a2a' | 'custom';
+/** Compliance regime */
+type ComplianceRegime = 'gdpr' | 'pdpa' | 'hipaa' | 'sox' | 'aisi' | 'none' | 'custom';
 /**
  * Ed25519-signed lineage proof — portable, offline-verifiable credential.
  * Also known as the agent's "passport" — a cryptographic proof of identity
@@ -47,10 +59,48 @@ interface LineageProof {
 }
 /** Passport = LineageProof. The agent's portable, offline-verifiable credential. */
 type Passport = LineageProof;
+/** Options for purchasing a SIGIL with full namespace */
+interface SigilPurchaseOptions {
+    identity_class: IdentityClass;
+    principal: string;
+    tier: SigilTier;
+    name?: string;
+    payment_tx: string;
+    substrate?: Substrate;
+    substrate_provider?: SubstrateProvider;
+    substrate_model?: string;
+    capability?: Capability;
+    capability_scope?: string;
+    tools?: string[];
+    modality_input?: string[];
+    modality_output?: string[];
+    protocol?: SigilProtocol;
+    endpoint?: string;
+    compliance_regime?: ComplianceRegime;
+}
+/** Mutable SIGIL metadata fields for PATCH updates */
+interface SigilMutableFields {
+    substrate?: Substrate;
+    substrate_provider?: SubstrateProvider;
+    substrate_model?: string;
+    capability?: Capability;
+    capability_scope?: string;
+    generation_trigger?: string;
+    tools?: string[];
+    modality_input?: string[];
+    modality_output?: string[];
+    protocol?: SigilProtocol;
+    endpoint?: string;
+    compliance_regime?: ComplianceRegime;
+}
 /** Result from purchasing a SIGIL (Structured Identity Governance and Intelligent Lookup) */
 interface SigilResult {
     ok: boolean;
     sigil?: {
+        sigil: string;
+        sigil_name: string;
+        principal: string;
+        tier: SigilTier;
         identity_class: IdentityClass;
         issued_at_beat: number;
         birth_tx: string | null;
@@ -64,6 +114,29 @@ interface SigilResult {
     };
     error?: string;
 }
+/** Result from updating mutable SIGIL metadata */
+interface MetadataUpdateResult {
+    ok: boolean;
+    sigil?: string;
+    generation?: number;
+    updated_fields?: string[];
+    error?: string;
+}
+/** Result from offline lineage proof verification */
+interface VerificationResult {
+    /** Overall validity: signature is valid AND not expired */
+    valid: boolean;
+    /** Ed25519 signature verification passed */
+    signatureValid: boolean;
+    /** Proof has passed its valid_until timestamp */
+    expired: boolean;
+    /** The beat index of the agent's last heartbeat */
+    lastHeartbeatBeat: number;
+    /** Beats elapsed since last heartbeat (null if currentBeat not provided) */
+    beatsSinceHeartbeat: number | null;
+    /** Human-readable warning if proof is expired or stale */
+    warning?: string;
+}
 /** Result from a paid heartbeat */
 interface HeartbeatResult {
     ok: boolean;
@@ -332,10 +405,20 @@ declare class BeatAgent {
      * SIGILs gate heartbeating, lineage proofs, and offline verification.
      * One-time purchase — cannot be re-purchased.
      *
-     * @param identityClass - 'narrow_task' (0.05 SOL), 'autonomous' (0.15 SOL), or 'orchestrator' (0.35 SOL)
-     * @param paymentTx - Solana transaction signature proving payment. Use 'devnet-skip' on devnet.
+     * @param options - SIGIL purchase options (identity_class, principal, tier, name, payment_tx, + optional metadata)
+     *
+     * Legacy signature (deprecated):
+     * @param identityClass - 'narrow_task' | 'autonomous' | 'orchestrator'
+     * @param paymentTx - Solana transaction signature or 'devnet-skip'
+     */
+    purchaseSigil(optionsOrClass: SigilPurchaseOptions | IdentityClass, paymentTx?: string): Promise<SigilResult>;
+    /**
+     * Update mutable SIGIL metadata fields.
+     * Requires a SIGIL. Cannot modify immutable fields.
+     *
+     * @param fields - Subset of mutable SIGIL fields to update
      */
-    purchaseSigil(identityClass: IdentityClass, paymentTx: string): Promise<SigilResult>;
+    updateMetadata(fields: Partial<SigilMutableFields>): Promise<MetadataUpdateResult>;
     /**
      * Send a paid heartbeat to the registry.
      * Requires a SIGIL. Returns a signed lineage proof.
@@ -371,10 +454,14 @@ declare class BeatAgent {
      * Verify a lineage proof locally using the authority public key.
      * Offline verification — no API call, no SOL cost.
      *
+     * Returns a VerificationResult object. The object is truthy when valid,
+     * so `if (BeatAgent.verifyProofLocally(proof, key))` still works.
+     *
      * @param proof - The LineageProof to verify
      * @param authorityPubKeyHex - 32-byte hex-encoded Ed25519 public key from /.well-known/provenonce-authority.json
+     * @param currentBeat - Optional current global beat index (for beatsSinceHeartbeat calculation)
      */
-    static verifyProofLocally(proof: LineageProof, authorityPubKeyHex: string): boolean;
+    static verifyProofLocally(proof: LineageProof, authorityPubKeyHex: string, currentBeat?: number): VerificationResult;
     /**
      * Get this agent's full beat status from the registry.
      */
@@ -486,4 +573,4 @@ declare class ServerError extends ProvenonceError {
     constructor(message: string, statusCode?: number);
 }
 
-export { type AgentStatus, AuthError, type Beat, BeatAgent, type BeatAgentConfig, type CheckinResult, ErrorCode, FrozenError, type HeartbeatResult, type IdentityClass, type LineageProof, NetworkError, NotFoundError, type Passport, ProvenonceError, RateLimitError, type RegistrationResult, ServerError, type SigilResult, type SpawnResult, StateError, ValidationError, type WalletInfo, computeBeat, computeBeatsLite, generateWalletKeypair, register };
+export { type AgentStatus, AuthError, type Beat, BeatAgent, type BeatAgentConfig, type Capability, type CheckinResult, type ComplianceRegime, ErrorCode, FrozenError, type HeartbeatResult, type IdentityClass, type LineageProof, type MetadataUpdateResult, NetworkError, NotFoundError, type Passport, ProvenonceError, RateLimitError, type RegistrationResult, ServerError, type SigilMutableFields, type SigilProtocol, type SigilPurchaseOptions, type SigilResult, type SigilTier, type SpawnResult, StateError, type Substrate, type SubstrateProvider, ValidationError, type VerificationResult, type WalletInfo, computeBeat, computeBeatsLite, generateWalletKeypair, register };