@r4-sdk/cli 1.0.0 → 1.0.2

package/lib/index.js

@@ -1,13 +1,15 @@
 #!/usr/bin/env node
 
 // src/index.ts
-import { Command as Command44 } from "commander";
+import { Command as Command45 } from "commander";
 
 // src/commands/agent/create.ts
 import { Command } from "commander";
 import ora from "ora";
 
 // src/lib/client.ts
+import os from "os";
+var AGENT_RUNTIME_HOSTNAME_HEADER = "X-R4-Agent-Hostname";
 var CliClient = class {
   apiKey;
   baseUrl;
@@ -15,19 +17,19 @@ var CliClient = class {
     this.apiKey = apiKey;
     this.baseUrl = baseUrl.replace(/\/$/, "");
   }
-  normalizeMachinePath(path7) {
-    if (!path7 || /^\w+:\/\//.test(path7)) {
+  normalizeMachinePath(path6) {
+    if (!path6 || /^\w+:\/\//.test(path6)) {
       throw new Error("Machine request path must be a relative machine API path.");
     }
-    const normalizedPath = path7.startsWith("/") ? path7 : `/${path7}`;
+    const normalizedPath = path6.startsWith("/") ? path6 : `/${path6}`;
     return normalizedPath.startsWith("/api/v1/machine") ? normalizedPath : `/api/v1/machine${normalizedPath}`;
   }
   /**
    * Make an authenticated request to the machine API.
    * Handles error responses consistently with the SDK pattern.
    */
-  async request(method, path7, body) {
-    const url = `${this.baseUrl}${path7}`;
+  async request(method, path6, body) {
+    const url = `${this.baseUrl}${path6}`;
     const response = await fetch(url, {
       method,
       headers: {
@@ -62,11 +64,23 @@ var CliClient = class {
   }
   /** Register or re-confirm the local agent runtime public key. */
   async registerAgentPublicKey(body) {
-    return this.request(
-      "POST",
-      "/api/v1/machine/vault/public-key",
-      body
-    );
+    const response = await fetch(`${this.baseUrl}/api/v1/machine/vault/public-key`, {
+      method: "POST",
+      headers: {
+        "X-API-Key": this.apiKey,
+        "Content-Type": "application/json",
+        [AGENT_RUNTIME_HOSTNAME_HEADER]: os.hostname()
+      },
+      body: JSON.stringify(body)
+    });
+    if (!response.ok) {
+      const errorBody = await response.json().catch(() => ({}));
+      const error = errorBody?.error;
+      const errorMessage = error?.message || `HTTP ${response.status}: ${response.statusText}`;
+      const errorCode = typeof error?.code === "string" ? ` [${error.code}]` : "";
+      throw new Error(`R4 API Error${errorCode}: ${errorMessage}`);
+    }
+    return response.json();
   }
   /** Read the authenticated machine principal and resolved policy context. */
   async getMachineIdentity() {
@@ -95,6 +109,27 @@ var CliClient = class {
       `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/items`
     );
   }
+  /** List directly shared vault items whose parent vault is otherwise hidden. */
+  async getSharedVaultItems() {
+    return this.request(
+      "GET",
+      "/api/v1/machine/vault/shared-items"
+    );
+  }
+  /** Retrieve the full machine vault-item detail payload. */
+  async getVaultItemDetail(vaultId, itemId) {
+    return this.request(
+      "GET",
+      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/items/${encodeURIComponent(itemId)}`
+    );
+  }
+  /** Retrieve a zero-trust download ticket for a vault attachment. */
+  async getVaultAttachmentDownloadTicket(vaultId, assetId) {
+    return this.request(
+      "GET",
+      `/api/v1/machine/attachments/${encodeURIComponent(vaultId)}/assets/${encodeURIComponent(assetId)}/download-ticket`
+    );
+  }
   /** Create a checkpoint-signed vault item from a prebuilt JSON payload. */
   async createVaultItem(vaultId, body) {
     return this.request(
@@ -303,18 +338,18 @@ function withErrorHandler(fn) {
 }
 
 // src/lib/config.ts
-import fs2 from "node:fs";
+import fs2 from "fs";
 
 // src/lib/profile-paths.ts
-import fs from "node:fs";
-import os from "node:os";
-import path from "node:path";
+import fs from "fs";
+import os2 from "os";
+import path from "path";
 function sanitizeProfileName(profileName) {
   const sanitized = profileName.trim().toLowerCase().replace(/[^a-z0-9._-]+/g, "-").replace(/^-+|-+$/g, "");
   return sanitized || "default";
 }
 function getR4HomeDir() {
-  return path.join(os.homedir(), ".r4");
+  return path.join(os2.homedir(), ".r4");
 }
 function getProfilesDir() {
   return path.join(getR4HomeDir(), "profiles");
@@ -539,7 +574,7 @@ function clearManagedProfileDirectory(profileName) {
 }
 
 // src/lib/credentials-store.ts
-import fs3 from "node:fs";
+import fs3 from "fs";
 function buildApiKeyFromParts(accessKey, secretKey) {
   if (!accessKey || !secretKey) {
     return void 0;
@@ -604,9 +639,9 @@ function clearProfileCredentials(profileName) {
 }
 
 // src/lib/private-key.ts
-import crypto from "node:crypto";
-import fs4 from "node:fs";
-import path2 from "node:path";
+import crypto from "crypto";
+import fs4 from "fs";
+import path2 from "path";
 function getDefaultPrivateKeyPath(profileName) {
   return getManagedPrivateKeyPath(profileName);
 }
@@ -872,1793 +907,135 @@ function buildCreateAgentBody(options) {
   };
 }
 function createCommand() {
-  return new Command("create").description("Create a new agent").requiredOption("--name <name>", "Agent name").requiredOption("--domain-tenant-id <id>", "Target domain tenant ID").option("--budget-id <id>", "Existing budget ID to assign").option("--vault-id <id>", "Optional vault ID to store credentials in").option("--new-budget-name <name>", "Create and assign a new per-agent budget").option("--new-budget-description <text>", "Description for the new per-agent budget").option("--new-budget-target <amount>", "Target amount for the new per-agent budget").option(
-    "--security-group-id <id>",
-    "Security group IDs (repeat or use comma-separated values)",
-    collectOptionValues,
-    []
-  ).option(
-    "--permission <grant>",
-    "Machine permission grant (repeat or use comma-separated values)",
-    collectOptionValues,
-    []
-  ).action(
-    withErrorHandler(
-      async (options, cmd) => {
-        const globalOpts = cmd.optsWithGlobals();
-        const connection = resolveConnection(globalOpts, { requireApiKey: true });
-        const client = new CliClient(connection.apiKey, connection.baseUrl);
-        const body = buildCreateAgentBody(options);
-        const spinner = ora("Creating agent...").start();
-        const response = await client.createAgent(body);
-        spinner.stop();
-        if (globalOpts.json) {
-          console.log(JSON.stringify(response, null, 2));
-          return;
-        }
-        success(`Created agent "${response.name}"`);
-        printDetail(
-          [
-            ["ID", response.id],
-            ["Access Key", response.accessKey],
-            ["Access Secret", response.accessSecret],
-            ["Vault Item", response.vaultItemId]
-          ],
-          false
-        );
-      }
-    )
-  );
-}
-
-// src/commands/agent/get.ts
-import { Command as Command2 } from "commander";
-import chalk2 from "chalk";
-import ora2 from "ora";
-function getCommand() {
-  return new Command2("get").description("Get agent details").argument("<id>", "Agent ID").action(
-    withErrorHandler(async (id, _opts, cmd) => {
-      const globalOpts = cmd.optsWithGlobals();
-      const connection = resolveConnection(globalOpts, { requireApiKey: true });
-      const client = new CliClient(connection.apiKey, connection.baseUrl);
-      const spinner = ora2("Fetching agent...").start();
-      const agent = await client.getAgent(id);
-      spinner.stop();
-      if (globalOpts.json) {
-        console.log(JSON.stringify(agent, null, 2));
-        return;
-      }
-      console.log();
-      console.log(chalk2.bold(`  ${agent.name}`));
-      console.log();
-      printDetail(
-        [
-          ["ID", agent.id],
-          ["Tenant", agent.tenantName],
-          ["Domain", agent.domainName],
-          ["Domain Tenant ID", agent.domainTenantId],
-          ["Budget", agent.budgetId],
-          ["Public Key Ready", agent.isPublicKeyRegistered ? "Yes" : "No"],
-          ["Created At", agent.createdAt],
-          ["Updated At", agent.updatedAt],
-          ["Archived At", agent.archivedAt]
-        ],
-        false
-      );
-      if (agent.securityGroups.length > 0) {
-        console.log();
-        console.log(chalk2.bold("  Security Groups"));
-        console.log();
-        printTable(
-          ["ID", "Name"],
-          agent.securityGroups.map((group) => [group.id, group.name]),
-          false
-        );
-      }
-      console.log();
-    })
-  );
-}
-
-// src/commands/agent/get-tenant-roles.ts
-import { Command as Command3 } from "commander";
-import ora3 from "ora";
-function getTenantRolesCommand() {
-  return new Command3("get-tenant-roles").description("Get the tenant roles assigned to an agent").argument("<id>", "Agent ID").action(
-    withErrorHandler(async (id, _opts, cmd) => {
-      const globalOpts = cmd.optsWithGlobals();
-      const connection = resolveConnection(globalOpts, { requireApiKey: true });
-      const client = new CliClient(connection.apiKey, connection.baseUrl);
-      const spinner = ora3("Fetching agent tenant roles...").start();
-      const response = await client.getAgentTenantRoles(id);
-      spinner.stop();
-      if (globalOpts.json) {
-        console.log(JSON.stringify(response, null, 2));
-        return;
-      }
-      console.log();
-      printDetail(
-        [
-          ["Agent ID", id],
-          ["Explicit Roles", response.roles.join(", ") || "(none)"],
-          ["Inherited Roles", response.inheritedRoles.join(", ") || "(none)"]
-        ],
-        false
-      );
-      console.log();
-    })
-  );
-}
-
-// src/commands/agent/init.ts
-import { Command as Command5 } from "commander";
-import ora5 from "ora";
-
-// src/commands/doctor.ts
-import { Command as Command4 } from "commander";
-import chalk3 from "chalk";
-import ora4 from "ora";
-
-// ../node/lib/index.js
-import { randomUUID } from "node:crypto";
-import path3 from "node:path";
-import crypto2 from "node:crypto";
-import fs5 from "node:fs";
-import path4 from "node:path";
-import fs22 from "node:fs";
-import path22 from "node:path";
-var R4Client = class {
-  apiKey;
-  baseUrl;
-  constructor(apiKey, baseUrl) {
-    this.apiKey = apiKey;
-    this.baseUrl = baseUrl.replace(/\/$/, "");
-  }
-  buildHeaders() {
-    return {
-      "X-API-Key": this.apiKey,
-      "Content-Type": "application/json"
-    };
-  }
-  normalizeMachinePath(path42) {
-    if (!path42 || /^\w+:\/\//.test(path42)) {
-      throw new Error("Machine request path must be a relative machine API path.");
-    }
-    const normalizedPath = path42.startsWith("/") ? path42 : `/${path42}`;
-    return normalizedPath.startsWith("/api/v1/machine") ? normalizedPath : `/api/v1/machine${normalizedPath}`;
-  }
-  async request(path42, init) {
-    const response = await fetch(`${this.baseUrl}${path42}`, {
-      ...init,
-      headers: {
-        ...this.buildHeaders(),
-        ...init.headers ?? {}
-      }
-    });
-    if (!response.ok) {
-      const errorBody = await response.json().catch(() => ({}));
-      const errorMessage = typeof errorBody.error?.message === "string" ? errorBody.error.message : `HTTP ${response.status}: ${response.statusText}`;
-      const errorCode = typeof errorBody.error?.code === "string" ? ` [${errorBody.error.code}]` : "";
-      throw new Error(`R4 API Error${errorCode}: ${errorMessage}`);
-    }
-    if (response.status === 204) {
-      return void 0;
-    }
-    const responseText = await response.text();
-    if (!responseText) {
-      return void 0;
-    }
-    try {
-      return JSON.parse(responseText);
-    } catch {
-      return responseText;
-    }
-  }
-  /**
-   * Calls any existing machine API route through the authenticated client.
-   * Accepts either `/api/v1/machine/...` or the shorter `/...` machine path.
-   */
-  async requestMachine(params) {
-    return this.request(this.normalizeMachinePath(params.path), {
-      method: params.method,
-      body: params.body === void 0 ? void 0 : JSON.stringify(params.body)
-    });
-  }
-  /**
-   * Registers or re-confirms the agent runtime's local RSA public key.
-   */
-  async registerAgentPublicKey(body) {
-    return this.request("/api/v1/machine/vault/public-key", {
-      method: "POST",
-      body: JSON.stringify(body)
-    });
-  }
-  /**
-   * Returns the current machine principal, session context, and resolved policy.
-   */
-  async getMachineIdentity() {
-    return this.request("/api/v1/machine/me", {
-      method: "GET"
-    });
-  }
-  /**
-   * Lists all accessible non-hidden vaults. When `projectId` is provided, the
-   * backend additionally filters to vaults associated with that project.
-   */
-  async listVaults(projectId) {
-    const search = projectId ? `?projectId=${encodeURIComponent(projectId)}` : "";
-    return this.request(`/api/v1/machine/vault${search}`, {
-      method: "GET"
-    });
-  }
-  /**
-   * Retrieves the active wrapped DEK for the authenticated agent on a vault.
-   */
-  async getAgentWrappedKey(vaultId) {
-    return this.request(
-      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/wrapped-key`,
-      { method: "GET" }
-    );
-  }
-  /**
-   * Retrieves the trusted user-key directory for a vault so the runtime can
-   * verify wrapped-DEK signatures locally.
-   */
-  async getVaultUserKeyDirectory(vaultId, params) {
-    const searchParams = new URLSearchParams();
-    if (params?.knownTransparencyVersion !== void 0) {
-      searchParams.set("knownTransparencyVersion", String(params.knownTransparencyVersion));
-    }
-    if (params?.knownTransparencyHash) {
-      searchParams.set("knownTransparencyHash", params.knownTransparencyHash);
-    }
-    const search = searchParams.size > 0 ? `?${searchParams.toString()}` : "";
-    return this.request(
-      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/public-keys${search}`,
-      { method: "GET" }
-    );
-  }
-  /**
-   * Lists all items in a vault with lightweight metadata.
-   */
-  async listVaultItems(vaultId) {
-    return this.request(
-      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/items`,
-      { method: "GET" }
-    );
-  }
-  /**
-   * Retrieves the full field payloads for a vault item.
-   */
-  async getVaultItemDetail(vaultId, itemId) {
-    return this.request(
-      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/items/${encodeURIComponent(itemId)}`,
-      { method: "GET" }
-    );
-  }
-  /**
-   * Retrieves the provider-scoped runtime bundle needed for local decryption.
-   */
-  async getTokenProviderRuntime(tokenProviderId, params) {
-    const searchParams = new URLSearchParams();
-    if (params?.knownTransparencyVersion !== void 0) {
-      searchParams.set("knownTransparencyVersion", String(params.knownTransparencyVersion));
-    }
-    if (params?.knownTransparencyHash) {
-      searchParams.set("knownTransparencyHash", params.knownTransparencyHash);
-    }
-    const search = searchParams.size > 0 ? `?${searchParams.toString()}` : "";
-    return this.request(
-      `/api/v1/machine/intelligence-provider/${encodeURIComponent(tokenProviderId)}/runtime${search}`,
-      { method: "GET" }
-    );
-  }
-  /**
-   * Runs the managed budget gate before a token-provider call is sent to the vendor.
-   */
-  async authorizeTokenProviderUsage(tokenProviderId, body) {
-    return this.request(
-      `/api/v1/machine/intelligence-provider/${encodeURIComponent(tokenProviderId)}/authorize-usage`,
-      {
-        method: "POST",
-        body: JSON.stringify(body)
-      }
-    );
-  }
-  /**
-   * Publishes finalized token usage for a completed managed provider call.
-   */
-  async reportTokenProviderUsage(tokenProviderId, body) {
-    return this.request(
-      `/api/v1/machine/intelligence-provider/${encodeURIComponent(tokenProviderId)}/report-usage`,
-      {
-        method: "POST",
-        body: JSON.stringify(body)
-      }
-    );
-  }
-};
-var TRANSPARENCY_WITNESS_PAYLOAD_PREFIX = "r4-transparency-witness-v1";
-var DEFAULT_TRANSPARENCY_WITNESS_URL = "https://transparency.r4.dev";
-var TRANSPARENCY_WITNESS_ROOT_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA18JhILFiS/BOWR9laubW
-g2vepQy26BXAlnrscZZVQUzBBaCM4hWobpt3Nh77vxP0gqVAJXP1hVhPPwxGQnOF
-4Qg/RK4iEETjMdmh3KMqFX9MeE9tP4cTOGtsgWsedNpu6TvMT+2vu+0ltmr7p4Xv
-H0ID48Q8JLeNksc/RekrsfzQ9DVtXFS7z1FF2VQgzamdJsW9hGMiM7Q+0iXei7PW
-3PsLd1aNtqJ3lIj3t12qFiJiYyKF0hEq0//Abgb9SgDv/WOlRG1Ianf1/fnP2jer
-ZYiZSylXqQdun0Db2d0+FDm/znV2AGAmBEXm6qnCogEHu77LoLyCyJOlB9WNtRwh
-KnbzTmE2Mw/43jxvCcR7pE5kik/tdeMvqGFZfg3ozUG9eM0q0TURH6g9b9J4sBnR
-dxz2PbF4cl/AeL4ANPmLz3kUQaDA6wR0veVk5jV+Uqr55TYz/zEbY1rtJbmnc53Q
-ihPS6xtSiexrqnOgqm/AVbiRhxjPqfg3/VJM3zR5Blnu02AqVR9kCT0WkyEWRz5X
-6HU8DEocJIPz8UwBMKQ7rnjMPv/Fjpuav/EIad5vOdfxCZkjyTYoQg8vLUyfXvgD
-mBWFgKIN8GTRyM+LjZIgznjN58dZ8ZvsGd14oKnH7WgAh9FVh8ri7gNmsdJeRTn/
-2zDkTlx+FQxAxqFaYV7qCvcCAwEAAQ==
------END PUBLIC KEY-----`;
-var buildOrgUserKeyDirectoryWitnessPayload = (orgId, head) => [
-  TRANSPARENCY_WITNESS_PAYLOAD_PREFIX,
-  "org-user-key-directory",
-  orgId,
-  String(head.version),
-  head.hash
-].join(":");
-var buildAgentPublicKeyWitnessPayload = (agentId, head) => [
-  TRANSPARENCY_WITNESS_PAYLOAD_PREFIX,
-  "agent-public-key",
-  agentId,
-  String(head.version),
-  head.hash
-].join(":");
-var buildOrgUserKeyDirectoryWitnessPath = (orgId) => `v1/orgs/${orgId}/user-key-directory-head.json`;
-var buildAgentPublicKeyWitnessPath = (agentId) => `v1/agents/${agentId}/public-key-head.json`;
-var buildTransparencyWitnessUrl = (baseUrl, path42) => `${baseUrl.replace(/\/+$/, "")}/${path42.replace(/^\/+/, "")}`;
-function parseHostname(apiBaseUrl) {
-  const trimmed = apiBaseUrl.trim();
-  if (!trimmed) {
-    return null;
-  }
-  try {
-    const normalized = trimmed.includes("://") ? trimmed : `https://${trimmed}`;
-    return new URL(normalized).hostname.toLowerCase();
-  } catch {
-    return null;
-  }
-}
-var shouldUseDefaultTransparencyWitness = (apiBaseUrl) => {
-  const hostname = parseHostname(apiBaseUrl);
-  return hostname === "r4.dev" || hostname === "api.r4.dev";
-};
-var resolveTransparencyWitnessBaseUrl = (params) => {
-  const configuredBaseUrl = params.configuredBaseUrl?.trim();
-  if (configuredBaseUrl) {
-    return configuredBaseUrl;
-  }
-  return shouldUseDefaultTransparencyWitness(params.apiBaseUrl) ? DEFAULT_TRANSPARENCY_WITNESS_URL : null;
-};
-var RSA_OAEP_CONFIG = {
-  padding: crypto2.constants.RSA_PKCS1_OAEP_PADDING,
-  oaepHash: "sha256"
-};
-var RSA_PSS_SIGN_CONFIG = {
-  padding: crypto2.constants.RSA_PKCS1_PSS_PADDING,
-  saltLength: 32
-};
-var USER_KEY_ROTATION_PREFIX = "r4-user-key-rotation-v1";
-var USER_KEY_DIRECTORY_CHECKPOINT_PREFIX = "r4-user-key-directory-checkpoint-v1";
-var USER_KEY_DIRECTORY_TRANSPARENCY_ENTRY_PREFIX = "r4-user-key-directory-transparency-entry-v1";
-var AGENT_PUBLIC_KEY_TRANSPARENCY_ENTRY_PREFIX = "r4-agent-public-key-transparency-entry-v1";
-var WRAPPED_DEK_SIGNATURE_PREFIX = "r4-wrapped-dek-signature-v1";
-var VAULT_SUMMARY_CHECKPOINT_PREFIX = "r4-vault-summary-checkpoint-v1";
-var VAULT_ITEM_DETAIL_CHECKPOINT_PREFIX = "r4-vault-item-detail-checkpoint-v1";
-function pemToDer(pem, beginLabel, endLabel) {
-  const derBase64 = pem.replace(beginLabel, "").replace(endLabel, "").replace(/\s/g, "");
-  return Buffer.from(derBase64, "base64");
-}
-function getWrappedDekFingerprint(wrappedDek) {
-  return crypto2.createHash("sha256").update(Buffer.from(wrappedDek, "base64")).digest("hex");
-}
-function getCheckpointFingerprint(prefix, canonicalJson) {
-  return `${prefix}:${crypto2.createHash("sha256").update(canonicalJson, "utf8").digest("hex")}`;
-}
-function loadPrivateKey2(privateKeyPath) {
-  return fs5.readFileSync(path4.resolve(privateKeyPath), "utf8").trim();
-}
-function derivePublicKey2(privateKeyPem) {
-  return crypto2.createPublicKey(privateKeyPem).export({
-    type: "spki",
-    format: "pem"
-  }).toString();
-}
-function getPublicKeyFingerprint(publicKeyPem) {
-  const derBytes = pemToDer(publicKeyPem, "-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----");
-  return crypto2.createHash("sha256").update(derBytes).digest("hex");
-}
-function buildUserKeyRotationPayload(previousUserKeyPairId, newPublicKeyFingerprint) {
-  return `${USER_KEY_ROTATION_PREFIX}:${previousUserKeyPairId}:${newPublicKeyFingerprint}`;
-}
-function verifyUserKeyRotation(previousUserKeyPairId, newPublicKeyPem, rotationSignature, previousPublicKeyPem) {
-  const payload = buildUserKeyRotationPayload(
-    previousUserKeyPairId,
-    getPublicKeyFingerprint(newPublicKeyPem)
-  );
-  try {
-    return crypto2.verify(
-      "sha256",
-      Buffer.from(payload, "utf8"),
-      {
-        key: previousPublicKeyPem,
-        ...RSA_PSS_SIGN_CONFIG
-      },
-      Buffer.from(rotationSignature, "base64")
-    );
-  } catch {
-    return false;
-  }
-}
-function verifyTransparencyWitnessPayload(payload, signature, publicKeyPem) {
-  try {
-    return crypto2.verify(
-      "sha256",
-      Buffer.from(payload, "utf8"),
-      {
-        key: publicKeyPem,
-        ...RSA_PSS_SIGN_CONFIG
-      },
-      Buffer.from(signature, "base64")
-    );
-  } catch {
-    return false;
-  }
-}
-function verifyOrgUserKeyDirectoryWitnessArtifact(artifact, publicKeyPem) {
-  return verifyTransparencyWitnessPayload(
-    buildOrgUserKeyDirectoryWitnessPayload(artifact.orgId, artifact.head),
-    artifact.signature,
-    publicKeyPem
-  );
-}
-function verifyAgentPublicKeyWitnessArtifact(artifact, publicKeyPem) {
-  return verifyTransparencyWitnessPayload(
-    buildAgentPublicKeyWitnessPayload(artifact.agentId, artifact.head),
-    artifact.signature,
-    publicKeyPem
-  );
-}
-function buildAgentPublicKeyTransparencyEntryHash(entry) {
-  return getCheckpointFingerprint(
-    AGENT_PUBLIC_KEY_TRANSPARENCY_ENTRY_PREFIX,
-    JSON.stringify({
-      agentId: entry.agentId,
-      version: entry.version,
-      encryptionKeyId: entry.encryptionKeyId,
-      publicKey: entry.publicKey,
-      fingerprint: entry.fingerprint,
-      previousEncryptionKeyId: entry.previousEncryptionKeyId ?? null,
-      rotationSignature: entry.rotationSignature ?? null,
-      previousEntryHash: entry.previousEntryHash ?? null
-    })
-  );
-}
-function buildAgentPublicKeyTransparencyEntry(params) {
-  const normalized = {
-    agentId: params.agentId,
-    version: params.version,
-    encryptionKeyId: params.encryptionKeyId,
-    publicKey: params.publicKey,
-    fingerprint: params.fingerprint ?? getPublicKeyFingerprint(params.publicKey),
-    previousEncryptionKeyId: params.previousEncryptionKeyId ?? null,
-    rotationSignature: params.rotationSignature ?? null,
-    previousEntryHash: params.previousEntryHash ?? null
-  };
-  return {
-    ...normalized,
-    entryHash: buildAgentPublicKeyTransparencyEntryHash(normalized)
-  };
-}
-function verifyAgentPublicKeyTransparencyChain(entries) {
-  let previousVersion = null;
-  let previousHash = null;
-  for (const entry of entries) {
-    if (buildAgentPublicKeyTransparencyEntryHash(entry) !== entry.entryHash) {
-      return false;
-    }
-    if (entry.previousEntryHash !== previousHash) {
-      return false;
-    }
-    if (previousVersion !== null && entry.version !== previousVersion + 1) {
-      return false;
-    }
-    previousVersion = entry.version;
-    previousHash = entry.entryHash;
-  }
-  return true;
-}
-function buildAgentPublicKeyTransparencyHead(entries) {
-  const lastEntry = entries[entries.length - 1];
-  if (!lastEntry) {
-    return null;
-  }
-  return {
-    version: lastEntry.version,
-    hash: lastEntry.entryHash
-  };
-}
-function verifyAgentPublicKeyTransparencyProof(params) {
-  const currentEntryHead = {
-    version: params.currentEntry.version,
-    hash: params.currentEntry.entryHash
-  };
-  if (params.proof.head.version !== currentEntryHead.version || params.proof.head.hash !== currentEntryHead.hash) {
-    return false;
-  }
-  if (!verifyAgentPublicKeyTransparencyChain(params.proof.entries)) {
-    return false;
-  }
-  const proofHead = buildAgentPublicKeyTransparencyHead(params.proof.entries);
-  if (!proofHead || proofHead.version !== currentEntryHead.version || proofHead.hash !== currentEntryHead.hash) {
-    return false;
-  }
-  if (!params.previousHead) {
-    return params.proof.entries.length > 0;
-  }
-  if (params.currentEntry.version < params.previousHead.version) {
-    return false;
-  }
-  const previousEntry = params.proof.entries.find((entry) => entry.version === params.previousHead.version);
-  if (params.currentEntry.version === params.previousHead.version) {
-    return previousEntry?.entryHash === params.previousHead.hash;
-  }
-  return previousEntry?.entryHash === params.previousHead.hash;
-}
-function normalizeUserKeyDirectoryCheckpoint(checkpoint) {
-  return {
-    orgId: checkpoint.orgId,
-    version: checkpoint.version,
-    entries: [...checkpoint.entries].map((entry) => ({
-      userKeyPairId: entry.userKeyPairId,
-      orgUserId: entry.orgUserId,
-      fingerprint: entry.fingerprint,
-      previousUserKeyPairId: entry.previousUserKeyPairId ?? null,
-      rotationSignature: entry.rotationSignature ?? null
-    })).sort((left, right) => left.userKeyPairId.localeCompare(right.userKeyPairId))
-  };
-}
-function canonicalizeUserKeyDirectoryCheckpoint(checkpoint) {
-  return JSON.stringify(normalizeUserKeyDirectoryCheckpoint(checkpoint));
-}
-function buildUserKeyDirectoryCheckpointPayload(checkpoint) {
-  return getCheckpointFingerprint(
-    USER_KEY_DIRECTORY_CHECKPOINT_PREFIX,
-    canonicalizeUserKeyDirectoryCheckpoint(checkpoint)
-  );
-}
-function verifyUserKeyDirectoryCheckpoint(checkpoint, signature, publicKeyPem) {
-  try {
-    return crypto2.verify(
-      "sha256",
-      Buffer.from(buildUserKeyDirectoryCheckpointPayload(checkpoint), "utf8"),
-      {
-        key: publicKeyPem,
-        ...RSA_PSS_SIGN_CONFIG
-      },
-      Buffer.from(signature, "base64")
-    );
-  } catch {
-    return false;
-  }
-}
-function buildUserKeyDirectoryTransparencyEntryHash(entry) {
-  return getCheckpointFingerprint(
-    USER_KEY_DIRECTORY_TRANSPARENCY_ENTRY_PREFIX,
-    JSON.stringify({
-      orgId: entry.orgId,
-      version: entry.version,
-      directoryCheckpointPayload: entry.directoryCheckpointPayload,
-      signerUserKeyPairId: entry.signerUserKeyPairId,
-      signerOrgUserId: entry.signerOrgUserId,
-      signerFingerprint: entry.signerFingerprint,
-      signature: entry.signature,
-      previousEntryHash: entry.previousEntryHash ?? null
-    })
-  );
-}
-function buildUserKeyDirectoryTransparencyEntry(params) {
-  const entryWithoutHash = {
-    orgId: params.checkpoint.orgId,
-    version: params.checkpoint.version,
-    directoryCheckpointPayload: buildUserKeyDirectoryCheckpointPayload(params.checkpoint),
-    signerUserKeyPairId: params.signerUserKeyPairId,
-    signerOrgUserId: params.signerOrgUserId,
-    signerFingerprint: getPublicKeyFingerprint(params.signerPublicKey),
-    signature: params.signature,
-    previousEntryHash: params.previousEntryHash ?? null
-  };
-  return {
-    ...entryWithoutHash,
-    entryHash: buildUserKeyDirectoryTransparencyEntryHash(entryWithoutHash)
-  };
-}
-function verifyUserKeyDirectoryTransparencyProof(params) {
-  if (params.proof.head.version !== params.currentEntry.version || params.proof.head.hash !== params.currentEntry.entryHash) {
-    return false;
-  }
-  if (!params.previousHead) {
-    if (params.proof.entries.length === 0) {
-      return false;
-    }
-    for (let index = 0; index < params.proof.entries.length; index++) {
-      const entry = params.proof.entries[index];
-      if (!entry) {
-        return false;
-      }
-      const expectedHash = buildUserKeyDirectoryTransparencyEntryHash({
-        orgId: entry.orgId,
-        version: entry.version,
-        directoryCheckpointPayload: entry.directoryCheckpointPayload,
-        signerUserKeyPairId: entry.signerUserKeyPairId,
-        signerOrgUserId: entry.signerOrgUserId,
-        signerFingerprint: entry.signerFingerprint,
-        signature: entry.signature,
-        previousEntryHash: entry.previousEntryHash
-      });
-      if (expectedHash !== entry.entryHash) {
-        return false;
-      }
-      if (index === 0) {
-        continue;
-      }
-      const previousEntry = params.proof.entries[index - 1];
-      if (!previousEntry) {
-        return false;
-      }
-      if (entry.previousEntryHash !== previousEntry.entryHash || entry.version !== previousEntry.version + 1) {
-        return false;
-      }
-    }
-    const lastEntry = params.proof.entries[params.proof.entries.length - 1];
-    return lastEntry?.entryHash === params.currentEntry.entryHash && lastEntry.version === params.currentEntry.version;
-  }
-  if (params.currentEntry.version < params.previousHead.version) {
-    return false;
-  }
-  if (params.currentEntry.version === params.previousHead.version) {
-    return params.currentEntry.entryHash === params.previousHead.hash && params.proof.entries.length === 0;
-  }
-  if (params.proof.entries.length === 0) {
-    return false;
-  }
-  let previousVersion = params.previousHead.version;
-  let previousHash = params.previousHead.hash;
-  for (const entry of params.proof.entries) {
-    const expectedHash = buildUserKeyDirectoryTransparencyEntryHash({
-      orgId: entry.orgId,
-      version: entry.version,
-      directoryCheckpointPayload: entry.directoryCheckpointPayload,
-      signerUserKeyPairId: entry.signerUserKeyPairId,
-      signerOrgUserId: entry.signerOrgUserId,
-      signerFingerprint: entry.signerFingerprint,
-      signature: entry.signature,
-      previousEntryHash: entry.previousEntryHash
-    });
-    if (expectedHash !== entry.entryHash || entry.previousEntryHash !== previousHash || entry.version !== previousVersion + 1) {
-      return false;
-    }
-    previousVersion = entry.version;
-    previousHash = entry.entryHash;
-  }
-  return previousHash === params.currentEntry.entryHash && previousVersion === params.currentEntry.version;
-}
-function buildWrappedDekSignaturePayload(vaultId, recipientKeyId, signerUserKeyPairId, dekVersion, wrappedDek) {
-  return [
-    WRAPPED_DEK_SIGNATURE_PREFIX,
-    vaultId,
-    recipientKeyId,
-    signerUserKeyPairId,
-    String(dekVersion),
-    getWrappedDekFingerprint(wrappedDek)
-  ].join(":");
-}
-function verifyWrappedDekSignature(vaultId, recipientKeyId, signerUserKeyPairId, dekVersion, wrappedDek, wrappedDekSignature, signerPublicKeyPem) {
-  const payload = buildWrappedDekSignaturePayload(
-    vaultId,
-    recipientKeyId,
-    signerUserKeyPairId,
-    dekVersion,
-    wrappedDek
-  );
-  try {
-    return crypto2.verify(
-      "sha256",
-      Buffer.from(payload, "utf8"),
-      {
-        key: signerPublicKeyPem,
-        ...RSA_PSS_SIGN_CONFIG
-      },
-      Buffer.from(wrappedDekSignature, "base64")
-    );
-  } catch {
-    return false;
-  }
-}
-function normalizeVaultSummaryCheckpoint(checkpoint) {
-  return {
-    vaultId: checkpoint.vaultId,
-    version: checkpoint.version,
-    name: checkpoint.name,
-    dataClassification: checkpoint.dataClassification ?? null,
-    currentDekVersion: checkpoint.currentDekVersion ?? null,
-    items: [...checkpoint.items].map((item) => ({
-      id: item.id,
-      name: item.name,
-      type: item.type ?? null,
-      websites: [...item.websites],
-      groupId: item.groupId ?? null
-    })).sort((left, right) => left.id.localeCompare(right.id)),
-    groups: [...checkpoint.groups].map((group) => ({
-      id: group.id,
-      name: group.name,
-      parentId: group.parentId ?? null
-    })).sort((left, right) => left.id.localeCompare(right.id))
-  };
-}
-function canonicalizeVaultSummaryCheckpoint(checkpoint) {
-  return JSON.stringify(normalizeVaultSummaryCheckpoint(checkpoint));
-}
-function buildVaultSummaryCheckpointPayload(checkpoint) {
-  return getCheckpointFingerprint(
-    VAULT_SUMMARY_CHECKPOINT_PREFIX,
-    canonicalizeVaultSummaryCheckpoint(checkpoint)
-  );
-}
-function verifyVaultSummaryCheckpoint(checkpoint, signature, publicKeyPem) {
-  try {
-    return crypto2.verify(
-      "sha256",
-      Buffer.from(buildVaultSummaryCheckpointPayload(checkpoint), "utf8"),
-      {
-        key: publicKeyPem,
-        ...RSA_PSS_SIGN_CONFIG
-      },
-      Buffer.from(signature, "base64")
-    );
-  } catch {
-    return false;
-  }
-}
-function normalizeVaultItemDetailCheckpoint(checkpoint) {
-  return {
-    vaultItemId: checkpoint.vaultItemId,
-    vaultId: checkpoint.vaultId,
-    version: checkpoint.version,
-    name: checkpoint.name,
-    type: checkpoint.type ?? null,
-    websites: [...checkpoint.websites],
-    groupId: checkpoint.groupId ?? null,
-    fields: [...checkpoint.fields].map((field) => ({
-      id: field.id,
-      name: field.name,
-      type: field.type,
-      order: field.order,
-      fieldInstanceIds: [...field.fieldInstanceIds].sort(),
-      assetIds: [...field.assetIds].sort()
-    })).sort((left, right) => left.order - right.order || left.id.localeCompare(right.id))
-  };
-}
-function canonicalizeVaultItemDetailCheckpoint(checkpoint) {
-  return JSON.stringify(normalizeVaultItemDetailCheckpoint(checkpoint));
-}
-function buildVaultItemDetailCheckpointPayload(checkpoint) {
-  return getCheckpointFingerprint(
-    VAULT_ITEM_DETAIL_CHECKPOINT_PREFIX,
-    canonicalizeVaultItemDetailCheckpoint(checkpoint)
-  );
-}
-function verifyVaultItemDetailCheckpoint(checkpoint, signature, publicKeyPem) {
-  try {
-    return crypto2.verify(
-      "sha256",
-      Buffer.from(buildVaultItemDetailCheckpointPayload(checkpoint), "utf8"),
-      {
-        key: publicKeyPem,
-        ...RSA_PSS_SIGN_CONFIG
-      },
-      Buffer.from(signature, "base64")
-    );
-  } catch {
-    return false;
-  }
-}
-function isVaultEnvelope(value) {
-  if (!value.startsWith("{")) {
-    return false;
-  }
-  try {
-    const parsed = JSON.parse(value);
-    return parsed.v === 3;
-  } catch {
-    return false;
-  }
-}
-function decryptWithVaultDEK(encryptedValue, dek) {
-  if (!isVaultEnvelope(encryptedValue)) {
-    throw new Error("Invalid encrypted value: expected v3 vault envelope format");
-  }
-  const envelope = JSON.parse(encryptedValue);
-  const decipher = crypto2.createDecipheriv("aes-256-gcm", dek, Buffer.from(envelope.iv, "base64"));
-  decipher.setAuthTag(Buffer.from(envelope.t, "base64"));
-  const decrypted = Buffer.concat([
-    decipher.update(Buffer.from(envelope.d, "base64")),
-    decipher.final()
-  ]);
-  return decrypted.toString("utf8");
-}
-function decryptStoredFieldValue(value, dek) {
-  return isVaultEnvelope(value) ? decryptWithVaultDEK(value, dek) : value;
-}
-function unwrapDEKWithPrivateKey(wrappedDek, privateKeyPem) {
-  return crypto2.privateDecrypt(
-    { key: privateKeyPem, ...RSA_OAEP_CONFIG },
-    Buffer.from(wrappedDek, "base64")
-  );
-}
-function loadTrustStore(trustStorePath) {
-  try {
-    const raw = fs22.readFileSync(trustStorePath, "utf8");
-    const parsed = JSON.parse(raw);
-    return {
-      version: 1,
-      userKeyPins: parsed.userKeyPins ?? {},
-      checkpointVersionPins: parsed.checkpointVersionPins ?? {},
-      transparencyHeadPins: parsed.transparencyHeadPins ?? {}
-    };
-  } catch {
-    return {
-      version: 1,
-      userKeyPins: {},
-      checkpointVersionPins: {},
-      transparencyHeadPins: {}
-    };
-  }
-}
-function saveTrustStore(trustStorePath, store) {
-  fs22.mkdirSync(path22.dirname(trustStorePath), { recursive: true });
-  fs22.writeFileSync(trustStorePath, JSON.stringify(store, null, 2) + "\n", "utf8");
-}
-function getPinStorageKey(orgId, orgUserId) {
-  return `${orgId}:${orgUserId}`;
-}
-function getAgentPinStorageKey(orgId, agentId) {
-  return `agent:${agentId}`;
-}
-function getDirectoryPinStorageKey(orgId) {
-  return `org:${orgId}`;
-}
-function getAgentTransparencyPinStorageKey(orgId, agentId) {
-  return `agent-head:${agentId}`;
-}
-async function fetchWitnessArtifact(witnessBaseUrl, pathName) {
-  const response = await fetch(
-    buildTransparencyWitnessUrl(witnessBaseUrl, pathName),
-    {
-      cache: "no-store"
-    }
-  );
-  if (!response.ok) {
-    throw new Error(
-      `Failed to fetch public transparency witness artifact (${response.status}). Production first-trust bootstrapping needs access to https://transparency.r4.dev. If this is a dev environment, re-run with --dev or set R4_DEV=1. If this is production, verify outbound access to transparency.r4.dev and retry.`
-    );
-  }
-  return response.json();
-}
-function getSinglePinnedTransparencyHead(trustStorePath) {
-  const store = loadTrustStore(trustStorePath);
-  const heads = Object.values(store.transparencyHeadPins);
-  return heads.length === 1 ? heads[0] : null;
-}
-async function getPublicOrgWitnessHead(apiBaseUrl, orgId, configuredWitnessBaseUrl) {
-  const witnessBaseUrl = resolveTransparencyWitnessBaseUrl({
-    apiBaseUrl,
-    configuredBaseUrl: configuredWitnessBaseUrl
-  });
-  if (!witnessBaseUrl) {
-    return null;
-  }
-  const artifact = await fetchWitnessArtifact(
-    witnessBaseUrl,
-    buildOrgUserKeyDirectoryWitnessPath(orgId)
-  );
-  if (artifact.kind !== "org-user-key-directory" || artifact.orgId !== orgId || !verifyOrgUserKeyDirectoryWitnessArtifact(
-    artifact,
-    TRANSPARENCY_WITNESS_ROOT_PUBLIC_KEY_PEM
-  )) {
-    throw new Error(`Public transparency witness verification failed for org ${orgId}.`);
-  }
-  return artifact.head;
-}
-async function getPublicAgentWitnessHead(apiBaseUrl, agentId, configuredWitnessBaseUrl) {
-  const witnessBaseUrl = resolveTransparencyWitnessBaseUrl({
-    apiBaseUrl,
-    configuredBaseUrl: configuredWitnessBaseUrl
-  });
-  if (!witnessBaseUrl) {
-    return null;
-  }
-  const artifact = await fetchWitnessArtifact(
-    witnessBaseUrl,
-    buildAgentPublicKeyWitnessPath(agentId)
-  );
-  if (artifact.kind !== "agent-public-key" || artifact.agentId !== agentId || !verifyAgentPublicKeyWitnessArtifact(
-    artifact,
-    TRANSPARENCY_WITNESS_ROOT_PUBLIC_KEY_PEM
-  )) {
-    throw new Error(`Public transparency witness verification failed for agent ${agentId}.`);
-  }
-  return artifact.head;
-}
-async function pinVaultUserPublicKeys(trustStorePath, orgId, publicKeys) {
-  const store = loadTrustStore(trustStorePath);
-  let changed = false;
-  for (const key of publicKeys) {
-    const storageKey = getPinStorageKey(orgId, key.orgUserId);
-    const computedFingerprint = getPublicKeyFingerprint(key.publicKey);
-    if (computedFingerprint !== key.fingerprint) {
-      throw new Error(`Server returned a mismatched fingerprint for user ${key.orgUserId}.`);
-    }
-    const existing = store.userKeyPins[storageKey];
-    const verifiedAt = (/* @__PURE__ */ new Date()).toISOString();
-    if (!existing) {
-      store.userKeyPins[storageKey] = {
-        keyPairId: key.userKeyPairId,
-        fingerprint: key.fingerprint,
-        publicKey: key.publicKey,
-        pinnedAt: verifiedAt,
-        verifiedAt
-      };
-      changed = true;
-      continue;
-    }
-    if (existing.keyPairId === key.userKeyPairId) {
-      if (existing.fingerprint !== key.fingerprint || existing.publicKey !== key.publicKey) {
-        throw new Error(
-          `Pinned public key ${key.userKeyPairId} changed unexpectedly for user ${key.orgUserId}.`
-        );
-      }
-      if (existing.verifiedAt !== verifiedAt) {
-        store.userKeyPins[storageKey] = {
-          ...existing,
-          verifiedAt
-        };
-        changed = true;
-      }
-      continue;
-    }
-    if (!key.previousUserKeyPairId || key.previousUserKeyPairId !== existing.keyPairId || !key.rotationSignature) {
-      throw new Error(`Public key rotation for user ${key.orgUserId} is missing a trusted continuity proof.`);
-    }
-    const rotationVerified = verifyUserKeyRotation(
-      existing.keyPairId,
-      key.publicKey,
-      key.rotationSignature,
-      existing.publicKey
-    );
-    if (!rotationVerified) {
-      throw new Error(`Public key rotation for user ${key.orgUserId} failed signature verification.`);
-    }
-    store.userKeyPins[storageKey] = {
-      keyPairId: key.userKeyPairId,
-      fingerprint: key.fingerprint,
-      publicKey: key.publicKey,
-      pinnedAt: existing.pinnedAt,
-      verifiedAt
-    };
-    changed = true;
-  }
-  if (changed) {
-    saveTrustStore(trustStorePath, store);
-  }
-  return publicKeys;
-}
-async function pinVaultAgentPublicKeys(trustStorePath, orgId, publicKeys, apiBaseUrl, configuredWitnessBaseUrl) {
-  const store = loadTrustStore(trustStorePath);
-  let changed = false;
-  for (const key of publicKeys) {
-    const storageKey = getAgentPinStorageKey(orgId, key.agentId);
-    const computedFingerprint = getPublicKeyFingerprint(key.publicKey);
-    if (computedFingerprint !== key.fingerprint) {
-      throw new Error(`Server returned a mismatched fingerprint for agent ${key.agentId}.`);
-    }
-    if (!key.transparency) {
-      throw new Error(`Server omitted the agent public-key transparency proof for agent ${key.agentId}.`);
-    }
-    const currentProofEntry = key.transparency.entries[key.transparency.entries.length - 1];
-    if (!currentProofEntry) {
-      throw new Error(`Server returned an empty agent public-key transparency proof for agent ${key.agentId}.`);
-    }
-    const expectedCurrentEntry = buildAgentPublicKeyTransparencyEntry({
-      agentId: key.agentId,
-      version: currentProofEntry.version,
-      encryptionKeyId: key.encryptionKeyId,
-      publicKey: key.publicKey,
-      fingerprint: key.fingerprint,
-      previousEncryptionKeyId: key.previousEncryptionKeyId ?? null,
-      rotationSignature: key.rotationSignature ?? null,
-      previousEntryHash: currentProofEntry.previousEntryHash ?? null
-    });
-    if (expectedCurrentEntry.entryHash !== currentProofEntry.entryHash) {
-      throw new Error(`Agent public-key transparency entry does not match the current key for agent ${key.agentId}.`);
-    }
-    const pinnedTransparencyHead = store.transparencyHeadPins[getAgentTransparencyPinStorageKey(orgId, key.agentId)] ?? null;
-    const witnessHead = !pinnedTransparencyHead ? await getPublicAgentWitnessHead(apiBaseUrl, key.agentId, configuredWitnessBaseUrl) : null;
-    const trustedPreviousHead = witnessHead ?? pinnedTransparencyHead;
-    if (witnessHead && key.transparency.head.version < witnessHead.version) {
-      throw new Error(`Public transparency witness head is ahead of the server response for agent ${key.agentId}.`);
-    }
-    if (witnessHead && key.transparency.head.version === witnessHead.version) {
-      if (key.transparency.head.hash !== witnessHead.hash) {
-        throw new Error(`Public transparency witness head fork detected for agent ${key.agentId}.`);
-      }
-      if (currentProofEntry.entryHash !== witnessHead.hash || expectedCurrentEntry.entryHash !== witnessHead.hash) {
-        throw new Error(`Agent public-key transparency witness anchor mismatch for agent ${key.agentId}.`);
-      }
-    } else if (!verifyAgentPublicKeyTransparencyProof({
-      currentEntry: expectedCurrentEntry,
-      proof: key.transparency,
-      previousHead: trustedPreviousHead
-    })) {
-      throw new Error(`Agent public-key transparency proof verification failed for agent ${key.agentId}.`);
-    }
-    const existing = store.userKeyPins[storageKey];
-    const verifiedAt = (/* @__PURE__ */ new Date()).toISOString();
-    if (!existing) {
-      store.userKeyPins[storageKey] = {
-        keyPairId: key.encryptionKeyId,
-        fingerprint: key.fingerprint,
-        publicKey: key.publicKey,
-        pinnedAt: verifiedAt,
-        verifiedAt
-      };
-      store.transparencyHeadPins[getAgentTransparencyPinStorageKey(orgId, key.agentId)] = key.transparency.head;
-      changed = true;
-      continue;
-    }
-    if (existing.keyPairId === key.encryptionKeyId) {
-      if (existing.fingerprint !== key.fingerprint || existing.publicKey !== key.publicKey) {
-        throw new Error(
-          `Pinned public key ${key.encryptionKeyId} changed unexpectedly for agent ${key.agentId}.`
-        );
-      }
-      if (existing.verifiedAt !== verifiedAt || store.transparencyHeadPins[getAgentTransparencyPinStorageKey(orgId, key.agentId)]?.version !== key.transparency.head.version || store.transparencyHeadPins[getAgentTransparencyPinStorageKey(orgId, key.agentId)]?.hash !== key.transparency.head.hash) {
-        store.userKeyPins[storageKey] = {
-          ...existing,
-          verifiedAt
-        };
-        store.transparencyHeadPins[getAgentTransparencyPinStorageKey(orgId, key.agentId)] = key.transparency.head;
-        changed = true;
-      }
-      continue;
-    }
-    if (!key.previousEncryptionKeyId || key.previousEncryptionKeyId !== existing.keyPairId || !key.rotationSignature) {
-      throw new Error(`Public key rotation for agent ${key.agentId} is missing a trusted continuity proof.`);
-    }
-    const rotationVerified = verifyUserKeyRotation(
-      existing.keyPairId,
-      key.publicKey,
-      key.rotationSignature,
-      existing.publicKey
-    );
-    if (!rotationVerified) {
-      throw new Error(`Public key rotation for agent ${key.agentId} failed signature verification.`);
-    }
-    store.userKeyPins[storageKey] = {
-      keyPairId: key.encryptionKeyId,
-      fingerprint: key.fingerprint,
-      publicKey: key.publicKey,
-      pinnedAt: existing.pinnedAt,
-      verifiedAt
-    };
-    store.transparencyHeadPins[getAgentTransparencyPinStorageKey(orgId, key.agentId)] = key.transparency.head;
-    changed = true;
-  }
-  if (changed) {
-    saveTrustStore(trustStorePath, store);
-  }
-  return publicKeys;
-}
-async function verifySignedUserKeyDirectory(trustStorePath, directory, anchorHead) {
-  if (!directory.directoryCheckpoint) {
-    if (directory.publicKeys.length > 0) {
-      throw new Error("Server omitted the user-key directory checkpoint for a non-empty vault signer directory.");
-    }
-    return null;
-  }
-  const { directoryCheckpoint } = directory;
-  const orgId = directoryCheckpoint.checkpoint.orgId;
-  if (!directoryCheckpoint.signerOrgUserId || !directoryCheckpoint.signerPublicKey) {
-    throw new Error("Server returned an incomplete user-key directory signer payload.");
-  }
-  const signerFingerprint = getPublicKeyFingerprint(directoryCheckpoint.signerPublicKey);
-  const signerEntry = directoryCheckpoint.checkpoint.entries.find(
-    (entry) => entry.userKeyPairId === directoryCheckpoint.signerUserKeyPairId && entry.orgUserId === directoryCheckpoint.signerOrgUserId
-  );
-  const signerKey = {
-    userKeyPairId: directoryCheckpoint.signerUserKeyPairId,
-    orgUserId: directoryCheckpoint.signerOrgUserId,
-    publicKey: directoryCheckpoint.signerPublicKey,
-    fingerprint: signerFingerprint,
-    previousUserKeyPairId: signerEntry?.previousUserKeyPairId ?? null,
-    rotationSignature: signerEntry?.rotationSignature ?? null
-  };
-  const storeBeforeVerification = loadTrustStore(trustStorePath);
-  try {
-    await pinVaultUserPublicKeys(trustStorePath, orgId, [signerKey]);
-    const verified = verifyUserKeyDirectoryCheckpoint(
-      directoryCheckpoint.checkpoint,
-      directoryCheckpoint.signature,
-      directoryCheckpoint.signerPublicKey
-    );
-    if (!verified) {
-      throw new Error(`User-key directory signature verification failed for org ${orgId}.`);
-    }
-    if (!directory.transparency) {
-      throw new Error(`Server omitted the user-key directory transparency proof for org ${orgId}.`);
-    }
-    const store = loadTrustStore(trustStorePath);
-    const pinnedTransparencyHead = store.transparencyHeadPins[getDirectoryPinStorageKey(orgId)] ?? null;
-    const trustedPreviousHead = anchorHead ?? pinnedTransparencyHead;
-    const legacyPinnedVersion = store.checkpointVersionPins[getDirectoryPinStorageKey(orgId)] ?? null;
-    if (!trustedPreviousHead && legacyPinnedVersion !== null && directory.transparency.head.version < legacyPinnedVersion) {
-      throw new Error(`User-key transparency head rolled back unexpectedly for org ${orgId}.`);
-    }
-    if (!trustedPreviousHead && directory.transparency.entries.length === 0) {
-      throw new Error(`Server omitted the current transparency entry for org ${orgId}.`);
-    }
-    if (directory.transparency.entries.length > 0) {
-      const currentProofEntry = directory.transparency.entries[directory.transparency.entries.length - 1];
-      if (!currentProofEntry) {
-        throw new Error(`Server returned an empty transparency proof for org ${orgId}.`);
-      }
-      const expectedCurrentEntry = buildUserKeyDirectoryTransparencyEntry({
-        checkpoint: directoryCheckpoint.checkpoint,
-        signerUserKeyPairId: directoryCheckpoint.signerUserKeyPairId,
-        signerOrgUserId: directoryCheckpoint.signerOrgUserId,
-        signerPublicKey: directoryCheckpoint.signerPublicKey,
-        signature: directoryCheckpoint.signature,
-        previousEntryHash: currentProofEntry.previousEntryHash ?? null
-      });
-      if (expectedCurrentEntry.entryHash !== currentProofEntry.entryHash) {
-        throw new Error(`User-key transparency entry does not match the signed directory for org ${orgId}.`);
-      }
-      if (anchorHead && directory.transparency.head.version === anchorHead.version) {
-        if (directory.transparency.head.hash !== anchorHead.hash) {
-          throw new Error(`Public transparency witness head fork detected for org ${orgId}.`);
-        }
-        if (currentProofEntry.entryHash !== anchorHead.hash || expectedCurrentEntry.entryHash !== anchorHead.hash) {
-          throw new Error(`User-key transparency witness anchor mismatch for org ${orgId}.`);
-        }
-      } else if (!verifyUserKeyDirectoryTransparencyProof({
-        currentEntry: expectedCurrentEntry,
-        proof: directory.transparency,
-        previousHead: trustedPreviousHead
-      })) {
-        throw new Error(`User-key transparency proof verification failed for org ${orgId}.`);
-      }
-    } else if (anchorHead && directory.transparency.head.version === anchorHead.version) {
-      throw new Error(`Server omitted the current transparency entry required to verify org ${orgId} against the public witness.`);
-    } else if (!trustedPreviousHead || trustedPreviousHead.version !== directory.transparency.head.version || trustedPreviousHead.hash !== directory.transparency.head.hash) {
-      throw new Error(`Server returned an incomplete user-key transparency proof for org ${orgId}.`);
-    }
-    assertAndPinTransparencyHead(trustStorePath, orgId, directory.transparency.head);
-    const checkpointEntries = new Map(
-      directoryCheckpoint.checkpoint.entries.map((entry) => [entry.userKeyPairId, entry])
-    );
-    for (const key of directory.publicKeys) {
-      const entry = checkpointEntries.get(key.userKeyPairId);
-      if (!entry) {
-        throw new Error(`User key ${key.userKeyPairId} is missing from the signed org directory.`);
-      }
-      if (entry.orgUserId !== key.orgUserId || entry.fingerprint !== key.fingerprint || entry.previousUserKeyPairId !== key.previousUserKeyPairId || entry.rotationSignature !== key.rotationSignature) {
-        throw new Error(`User key ${key.userKeyPairId} does not match the signed org directory.`);
-      }
-    }
-    return orgId;
-  } catch (error) {
-    saveTrustStore(trustStorePath, storeBeforeVerification);
-    throw error;
-  }
-}
-async function verifyAndPinVaultUserPublicKeys(trustStorePath, directory, anchorHead) {
-  const orgId = await verifySignedUserKeyDirectory(trustStorePath, directory, anchorHead);
-  if (!orgId) {
-    return directory.publicKeys;
-  }
-  return pinVaultUserPublicKeys(trustStorePath, orgId, directory.publicKeys);
-}
-async function verifyAndPinVaultAgentPublicKeys(trustStorePath, orgId, publicKeys, apiBaseUrl, configuredWitnessBaseUrl) {
-  return pinVaultAgentPublicKeys(
-    trustStorePath,
-    orgId,
-    publicKeys,
-    apiBaseUrl,
-    configuredWitnessBaseUrl
-  );
-}
-function assertAndPinCheckpointVersion(trustStorePath, storageKey, version) {
-  const store = loadTrustStore(trustStorePath);
-  const pinnedVersion = store.checkpointVersionPins[storageKey];
-  if (pinnedVersion !== void 0 && version < pinnedVersion) {
-    throw new Error(`Checkpoint version rolled back unexpectedly for ${storageKey}.`);
-  }
-  if (pinnedVersion === void 0 || version > pinnedVersion) {
-    store.checkpointVersionPins[storageKey] = version;
-    saveTrustStore(trustStorePath, store);
-  }
-}
-function assertAndPinTransparencyHead(trustStorePath, orgId, head) {
-  const store = loadTrustStore(trustStorePath);
-  const storageKey = getDirectoryPinStorageKey(orgId);
-  const pinnedHead = store.transparencyHeadPins[storageKey];
-  if (pinnedHead) {
-    if (head.version < pinnedHead.version) {
-      throw new Error(`User-key transparency head rolled back unexpectedly for org ${orgId}.`);
-    }
-    if (head.version === pinnedHead.version && head.hash !== pinnedHead.hash) {
-      throw new Error(`User-key transparency head fork detected for org ${orgId}.`);
-    }
-  }
-  if (!pinnedHead || head.version > pinnedHead.version) {
-    store.transparencyHeadPins[storageKey] = head;
-    saveTrustStore(trustStorePath, store);
-  }
-  assertAndPinCheckpointVersion(trustStorePath, storageKey, head.version);
-}
-var R4_DEFAULT_API_BASE_URL2 = "https://r4.dev";
-var R4_DEV_API_BASE_URL2 = "https://dev.r4.dev";
-function toScreamingSnakeCase(input) {
-  return input.replace(/[^a-zA-Z0-9]/g, "_").replace(/_+/g, "_").replace(/^_|_$/g, "").toUpperCase();
-}
-function resolveTrustStorePath2(config) {
-  if (config.trustStorePath) {
-    return path3.resolve(config.trustStorePath);
-  }
-  if (config.privateKeyPath) {
-    return `${path3.resolve(config.privateKeyPath)}.trust.json`;
-  }
-  return path3.resolve(process.cwd(), ".r4-trust-store.json");
-}
-function resolveApiBaseUrl(config) {
-  if (config.baseUrl) {
-    return config.baseUrl;
-  }
-  return config.dev ? R4_DEV_API_BASE_URL2 : R4_DEFAULT_API_BASE_URL2;
-}
-function buildVaultSummaryCheckpointFromListResponse(response, version) {
-  return {
-    vaultId: response.vaultId,
-    version,
-    name: response.vaultName,
-    dataClassification: response.dataClassification ?? null,
-    currentDekVersion: response.currentDekVersion ?? null,
-    items: response.items.map((item) => ({
-      id: item.id,
-      name: item.name,
-      type: item.type ?? null,
-      websites: item.websites ?? [],
-      groupId: item.groupId ?? null
-    })),
-    groups: response.vaultItemGroups.map((group) => ({
-      id: group.id,
-      name: group.name,
-      parentId: group.parentId ?? null
-    }))
-  };
-}
-function buildVaultItemDetailCheckpointFromResponse(item, version) {
-  return {
-    vaultItemId: item.id,
-    vaultId: item.vaultId,
-    version,
-    name: item.name,
-    type: item.type ?? null,
-    websites: item.websites ?? [],
-    groupId: item.groupId ?? null,
-    fields: item.fields.map((field, index) => ({
-      id: field.id,
-      name: field.name,
-      type: field.type,
-      order: field.order ?? index,
-      fieldInstanceIds: field.fieldInstanceIds ?? [],
-      assetIds: field.assetIds ?? []
-    }))
-  };
-}
-function getCheckpointSignerPublicKey(params) {
-  const signerType = params.checkpoint.signerType ?? "USER_KEY_PAIR";
-  if (signerType === "AGENT_ENCRYPTION_KEY") {
-    const signerKey2 = params.agentKeys.find(
-      (publicKey) => publicKey.encryptionKeyId === params.checkpoint.signerEncryptionKeyId
-    );
-    const historicalSignerKey = params.agentKeys.flatMap((publicKey) => publicKey.transparency?.entries ?? []).find((entry) => entry.encryptionKeyId === params.checkpoint.signerEncryptionKeyId);
-    if (!signerKey2 && !historicalSignerKey) {
-      throw new Error(
-        `R4 SDK: checkpoint signer ${params.checkpoint.signerEncryptionKeyId ?? "unknown"} was not present in the trusted agent key directory.`
-      );
-    }
-    return signerKey2?.publicKey ?? historicalSignerKey.publicKey;
-  }
-  const signerKey = params.userKeys.find(
-    (publicKey) => publicKey.userKeyPairId === params.checkpoint.signerUserKeyPairId
-  );
-  if (!signerKey) {
-    throw new Error(
-      `R4 SDK: checkpoint signer ${params.checkpoint.signerUserKeyPairId ?? "unknown"} was not present in the trusted user key directory.`
-    );
-  }
-  return signerKey.publicKey;
-}
-var R4 = class _R4 {
-  client;
-  baseUrl;
-  transparencyWitnessUrl;
-  projectId;
-  privateKeyPem;
-  publicKeyPem;
-  trustStorePath;
-  _env = null;
-  constructor(config) {
-    if (!config.apiKey) {
-      throw new Error("R4 SDK: apiKey is required");
-    }
-    if (!config.privateKey && !config.privateKeyPath) {
-      throw new Error(
-        "R4 SDK: privateKey or privateKeyPath is required for zero-trust local decryption."
-      );
-    }
-    const baseUrl = resolveApiBaseUrl(config);
-    this.baseUrl = baseUrl;
-    this.transparencyWitnessUrl = config.transparencyWitnessUrl;
-    this.client = new R4Client(config.apiKey, baseUrl);
-    this.projectId = config.projectId;
-    this.privateKeyPem = config.privateKey ?? loadPrivateKey2(config.privateKeyPath);
-    this.publicKeyPem = derivePublicKey2(this.privateKeyPem);
-    this.trustStorePath = resolveTrustStorePath2(config);
-  }
-  /**
-   * Static factory method that creates and initializes an R4 instance.
-   */
-  static async create(config) {
-    const instance = new _R4(config);
-    await instance.init();
-    return instance;
-  }
-  /**
-   * Initializes the SDK by registering the agent public key (idempotent) and
-   * decrypting all accessible vault values locally into a flat env map.
-   */
-  async init() {
-    this._env = await this.fetchEnv();
-  }
-  /**
-   * Returns the locally decrypted env map.
-   */
-  get env() {
-    if (!this._env) {
-      throw new Error(
-        "R4 SDK: env is not initialized. Call await r4.init() first, or use R4.create() for automatic initialization."
-      );
-    }
-    return this._env;
-  }
-  /**
-   * Re-fetches and locally re-decrypts the current vault view.
-   */
-  async refresh() {
-    this._env = await this.fetchEnv();
-  }
-  /**
-   * Sends an authenticated request to an arbitrary machine API route so
-   * callers can use the full headless surface without hand-rolling fetch code.
-   */
-  async requestMachine(params) {
-    return this.client.requestMachine(params);
-  }
-  /**
-   * Fetches, verifies, and locally decrypts a token provider's vault-backed
-   * credential fields without exposing plaintext back to R4.
-   */
-  async getTokenProviderFields(tokenProviderId, options) {
-    if (options?.unsafeExport !== true) {
-      throw new Error(
-        "R4 SDK: getTokenProviderFields exports decrypted provider secrets. Pass { unsafeExport: true } to confirm or use callAnthropicWithTokenProvider() instead."
-      );
-    }
-    await this.registerAgentPublicKey();
-    const runtime = await this.getVerifiedTokenProviderRuntime(tokenProviderId);
-    return {
-      id: runtime.id,
-      name: runtime.name,
-      providerType: runtime.providerType,
-      fields: this.decryptTokenProviderFields(runtime)
-    };
-  }
-  /**
-   * Managed Anthropic call path:
-   * 1. decrypt the provider secret locally
-   * 2. preflight the budget gate with estimated usage
-   * 3. call Anthropic directly
-   * 4. publish finalized usage back to R4
-   */
-  async callAnthropicWithTokenProvider(params) {
-    await this.registerAgentPublicKey();
-    const runtime = await this.getVerifiedTokenProviderRuntime(params.tokenProviderId);
-    if (runtime.providerType !== "ANTHROPIC") {
-      throw new Error(
-        `R4 SDK: token provider ${params.tokenProviderId} is ${runtime.providerType}, not ANTHROPIC.`
-      );
-    }
-    const fields = this.decryptTokenProviderFields(runtime);
-    const apiKey = fields["API Key"];
-    const endpoint = fields["Endpoint URL"] || "https://api.anthropic.com/v1/messages";
-    const model = this.requireStringField(params.body.model, "body.model");
-    if (!apiKey) {
-      throw new Error(`R4 SDK: token provider ${params.tokenProviderId} does not contain an API Key field.`);
-    }
-    const requestId = randomUUID();
-    const authorization = await this.client.authorizeTokenProviderUsage(params.tokenProviderId, {
-      model,
-      estimatedInputTokens: params.estimatedInputTokens ?? 0,
-      estimatedOutputTokens: params.estimatedOutputTokens ?? this.inferEstimatedOutputTokens(params.body.max_tokens)
-    });
-    const response = await fetch(endpoint, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        "x-api-key": apiKey,
-        "anthropic-version": "2023-06-01"
-      },
-      body: JSON.stringify(params.body),
-      signal: params.signal
-    });
-    if (!response.ok) {
-      const bodyText = await response.text().catch(() => "");
-      throw new Error(`Anthropic API error: ${response.status} ${response.statusText}${bodyText ? ` - ${bodyText}` : ""}`);
-    }
-    const parsedResponse = await response.json();
-    const inputTokens = this.toNonNegativeInt(parsedResponse.usage?.input_tokens);
-    const outputTokens = this.toNonNegativeInt(parsedResponse.usage?.output_tokens);
-    const usage = await this.client.reportTokenProviderUsage(params.tokenProviderId, {
-      requestId,
-      model,
-      vendorRequestId: typeof parsedResponse.id === "string" ? parsedResponse.id : null,
-      inputTokens,
-      outputTokens,
-      totalTokens: inputTokens + outputTokens,
-      estimatedCostUsd: authorization.estimatedCostUsd,
-      metadata: {
-        providerType: runtime.providerType
-      }
-    });
-    return {
-      response: parsedResponse,
-      usage,
-      authorization,
-      requestId
-    };
-  }
-  /**
-   * Registers the local agent public key, loads all accessible vaults, verifies
-   * wrapped-DEK signatures against pinned signer keys, unwraps each vault DEK,
-   * and builds a flat SCREAMING_SNAKE_CASE env map from decrypted field values.
-   */
-  async fetchEnv() {
-    await this.registerAgentPublicKey();
-    const { vaults } = await this.client.listVaults(this.projectId);
-    const envEntries = await Promise.all(vaults.map((vault) => this.fetchVaultEnv(vault.id)));
-    return Object.assign({}, ...envEntries);
-  }
-  /**
-   * Ensures the local agent public key is registered before any zero-trust
-   * wrapped-key or token-provider flow runs.
-   */
-  async registerAgentPublicKey() {
-    try {
-      await this.client.registerAgentPublicKey({
-        publicKey: this.publicKeyPem
-      });
-    } catch (error) {
-      throw new Error(
-        `R4 SDK: failed to register the local agent public key. The zero-trust SDK requires an AGENT-scoped API key and a matching local private key. ${error instanceof Error ? error.message : String(error)}`
-      );
-    }
-  }
-  /**
-   * Fetches a single vault's wrapped DEK, verifies it against the pinned signer
-   * directory, unwraps the DEK locally, then decrypts every field value in that
-   * vault item-by-item.
-   */
-  async fetchVaultEnv(vaultId) {
-    const pinnedTransparencyHead = getSinglePinnedTransparencyHead(this.trustStorePath);
-    const [wrappedKey, itemsResponse, initialPublicKeyDirectory] = await Promise.all([
-      this.client.getAgentWrappedKey(vaultId),
-      this.client.listVaultItems(vaultId),
-      this.client.getVaultUserKeyDirectory(
-        vaultId,
-        pinnedTransparencyHead ? {
-          knownTransparencyVersion: pinnedTransparencyHead.version,
-          knownTransparencyHash: pinnedTransparencyHead.hash
-        } : void 0
-      )
-    ]);
-    let publicKeyDirectory = initialPublicKeyDirectory;
-    let witnessAnchorHead = null;
-    if (!pinnedTransparencyHead) {
-      const orgId = initialPublicKeyDirectory.directoryCheckpoint?.checkpoint.orgId ?? null;
-      if (orgId && initialPublicKeyDirectory.directoryCheckpoint && initialPublicKeyDirectory.transparency) {
-        witnessAnchorHead = await getPublicOrgWitnessHead(
-          this.baseUrl,
-          orgId,
-          this.transparencyWitnessUrl
-        );
-        if (witnessAnchorHead) {
-          if (initialPublicKeyDirectory.transparency.head.version < witnessAnchorHead.version) {
-            throw new Error(`R4 SDK: public transparency witness head is ahead of the server response for org ${orgId}.`);
-          }
-          if (initialPublicKeyDirectory.transparency.head.version === witnessAnchorHead.version) {
-            if (initialPublicKeyDirectory.transparency.head.hash !== witnessAnchorHead.hash) {
-              throw new Error(`R4 SDK: public transparency witness head fork detected for org ${orgId}.`);
-            }
-          } else {
-            publicKeyDirectory = await this.client.getVaultUserKeyDirectory(vaultId, {
-              knownTransparencyVersion: witnessAnchorHead.version,
-              knownTransparencyHash: witnessAnchorHead.hash
-            });
-          }
+  return new Command("create").description("Create a new agent").requiredOption("--name <name>", "Agent name").requiredOption("--domain-tenant-id <id>", "Target domain tenant ID").option("--budget-id <id>", "Existing budget ID to assign").option("--vault-id <id>", "Optional vault ID to store credentials in").option("--new-budget-name <name>", "Create and assign a new per-agent budget").option("--new-budget-description <text>", "Description for the new per-agent budget").option("--new-budget-target <amount>", "Target amount for the new per-agent budget").option(
+    "--security-group-id <id>",
+    "Security group IDs (repeat or use comma-separated values)",
+    collectOptionValues,
+    []
+  ).option(
+    "--permission <grant>",
+    "Machine permission grant (repeat or use comma-separated values)",
+    collectOptionValues,
+    []
+  ).action(
+    withErrorHandler(
+      async (options, cmd) => {
+        const globalOpts = cmd.optsWithGlobals();
+        const connection = resolveConnection(globalOpts, { requireApiKey: true });
+        const client = new CliClient(connection.apiKey, connection.baseUrl);
+        const body = buildCreateAgentBody(options);
+        const spinner = ora("Creating agent...").start();
+        const response = await client.createAgent(body);
+        spinner.stop();
+        if (globalOpts.json) {
+          console.log(JSON.stringify(response, null, 2));
+          return;
         }
+        success(`Created agent "${response.name}"`);
+        printDetail(
+          [
+            ["ID", response.id],
+            ["Access Key", response.accessKey],
+            ["Access Secret", response.accessSecret],
+            ["Vault Item", response.vaultItemId]
+          ],
+          false
+        );
       }
-    }
-    const trustedPublicKeys = await verifyAndPinVaultUserPublicKeys(
-      this.trustStorePath,
-      publicKeyDirectory,
-      witnessAnchorHead
-    );
-    const checkpointOrgId = publicKeyDirectory.directoryCheckpoint?.checkpoint.orgId ?? vaultId;
-    const trustedAgentPublicKeys = await verifyAndPinVaultAgentPublicKeys(
-      this.trustStorePath,
-      checkpointOrgId,
-      publicKeyDirectory.agentPublicKeys ?? [],
-      this.baseUrl,
-      this.transparencyWitnessUrl
-    );
-    const signerKey = trustedPublicKeys.find(
-      (publicKey) => publicKey.userKeyPairId === wrappedKey.signerUserKeyPairId
-    );
-    const historicalAgentSignerKey = trustedAgentPublicKeys.flatMap((publicKey) => publicKey.transparency?.entries ?? []).find((entry) => entry.encryptionKeyId === wrappedKey.signerEncryptionKeyId);
-    const wrappedKeySignerPublicKey = wrappedKey.signerEncryptionKeyId ? trustedAgentPublicKeys.find(
-      (publicKey) => publicKey.encryptionKeyId === wrappedKey.signerEncryptionKeyId
-    )?.publicKey ?? historicalAgentSignerKey?.publicKey : signerKey?.publicKey;
-    if (!wrappedKeySignerPublicKey) {
-      throw new Error(
-        `R4 SDK: wrapped DEK signer ${wrappedKey.signerEncryptionKeyId ?? wrappedKey.signerUserKeyPairId ?? "unknown"} was not present in the trusted key directory.`
-      );
-    }
-    const signatureVerified = verifyWrappedDekSignature(
-      vaultId,
-      wrappedKey.encryptionKeyId,
-      wrappedKey.signerEncryptionKeyId ?? wrappedKey.signerUserKeyPairId,
-      wrappedKey.dekVersion,
-      wrappedKey.wrappedDek,
-      wrappedKey.wrappedDekSignature,
-      wrappedKeySignerPublicKey
-    );
-    if (!signatureVerified) {
-      throw new Error(`R4 SDK: wrapped DEK signature verification failed for vault ${vaultId}.`);
-    }
-    const dek = unwrapDEKWithPrivateKey(wrappedKey.wrappedDek, this.privateKeyPem);
-    if (!itemsResponse.summaryCheckpoint) {
-      throw new Error(`R4 SDK: vault ${vaultId} is missing a signed summary checkpoint.`);
-    }
-    const expectedSummaryCheckpoint = buildVaultSummaryCheckpointFromListResponse(
-      itemsResponse,
-      itemsResponse.summaryCheckpoint.checkpoint.version
-    );
-    const summaryVerified = verifyVaultSummaryCheckpoint(
-      expectedSummaryCheckpoint,
-      itemsResponse.summaryCheckpoint.signature,
-      getCheckpointSignerPublicKey({
-        checkpoint: itemsResponse.summaryCheckpoint,
-        userKeys: trustedPublicKeys,
-        agentKeys: trustedAgentPublicKeys
-      })
-    );
-    if (!summaryVerified) {
-      throw new Error(`R4 SDK: vault summary checkpoint verification failed for vault ${vaultId}.`);
-    }
-    assertAndPinCheckpointVersion(
-      this.trustStorePath,
-      `summary:${vaultId}`,
-      expectedSummaryCheckpoint.version
-    );
-    const itemDetails = await Promise.all(
-      itemsResponse.items.map((item) => this.client.getVaultItemDetail(vaultId, item.id))
-    );
-    const env = {};
-    for (const item of itemDetails) {
-      if (!item.detailCheckpoint) {
-        throw new Error(`R4 SDK: vault item ${item.id} is missing a signed detail checkpoint.`);
-      }
-      const expectedDetailCheckpoint = buildVaultItemDetailCheckpointFromResponse(
-        item,
-        item.detailCheckpoint.checkpoint.version
-      );
-      const detailVerified = verifyVaultItemDetailCheckpoint(
-        expectedDetailCheckpoint,
-        item.detailCheckpoint.signature,
-        getCheckpointSignerPublicKey({
-          checkpoint: item.detailCheckpoint,
-          userKeys: trustedPublicKeys,
-          agentKeys: trustedAgentPublicKeys
-        })
-      );
-      if (!detailVerified) {
-        throw new Error(`R4 SDK: vault item checkpoint verification failed for item ${item.id}.`);
+    )
+  );
+}
+
+// src/commands/agent/get.ts
+import { Command as Command2 } from "commander";
+import chalk2 from "chalk";
+import ora2 from "ora";
+function getCommand() {
+  return new Command2("get").description("Get agent details").argument("<id>", "Agent ID").action(
+    withErrorHandler(async (id, _opts, cmd) => {
+      const globalOpts = cmd.optsWithGlobals();
+      const connection = resolveConnection(globalOpts, { requireApiKey: true });
+      const client = new CliClient(connection.apiKey, connection.baseUrl);
+      const spinner = ora2("Fetching agent...").start();
+      const agent = await client.getAgent(id);
+      spinner.stop();
+      if (globalOpts.json) {
+        console.log(JSON.stringify(agent, null, 2));
+        return;
       }
-      assertAndPinCheckpointVersion(
-        this.trustStorePath,
-        `detail:${item.id}`,
-        expectedDetailCheckpoint.version
+      console.log();
+      console.log(chalk2.bold(`  ${agent.name}`));
+      console.log();
+      printDetail(
+        [
+          ["ID", agent.id],
+          ["Tenant", agent.tenantName],
+          ["Domain", agent.domainName],
+          ["Domain Tenant ID", agent.domainTenantId],
+          ["Budget", agent.budgetId],
+          ["Public Key Ready", agent.isPublicKeyRegistered ? "Yes" : "No"],
+          ["Created At", agent.createdAt],
+          ["Updated At", agent.updatedAt],
+          ["Archived At", agent.archivedAt]
+        ],
+        false
       );
-      for (const field of item.fields) {
-        if (field.value === null) {
-          continue;
-        }
-        env[toScreamingSnakeCase(`${item.name}_${field.name}`)] = decryptStoredFieldValue(
-          field.value,
-          dek
-        );
-      }
-    }
-    return env;
-  }
-  async getVerifiedTokenProviderRuntime(tokenProviderId) {
-    const pinnedTransparencyHead = getSinglePinnedTransparencyHead(this.trustStorePath);
-    let runtime = await this.client.getTokenProviderRuntime(
-      tokenProviderId,
-      pinnedTransparencyHead ? {
-        knownTransparencyVersion: pinnedTransparencyHead.version,
-        knownTransparencyHash: pinnedTransparencyHead.hash
-      } : void 0
-    );
-    let witnessAnchorHead = null;
-    if (!pinnedTransparencyHead) {
-      const orgId = runtime.keyDirectory.directoryCheckpoint?.checkpoint.orgId ?? null;
-      if (orgId && runtime.keyDirectory.directoryCheckpoint && runtime.keyDirectory.transparency) {
-        witnessAnchorHead = await getPublicOrgWitnessHead(
-          this.baseUrl,
-          orgId,
-          this.transparencyWitnessUrl
+      if (agent.securityGroups.length > 0) {
+        console.log();
+        console.log(chalk2.bold("  Security Groups"));
+        console.log();
+        printTable(
+          ["ID", "Name"],
+          agent.securityGroups.map((group) => [group.id, group.name]),
+          false
         );
-        if (witnessAnchorHead) {
-          if (runtime.keyDirectory.transparency.head.version < witnessAnchorHead.version) {
-            throw new Error(
-              `R4 SDK: public transparency witness head is ahead of the server response for org ${orgId}.`
-            );
-          }
-          if (runtime.keyDirectory.transparency.head.version === witnessAnchorHead.version) {
-            if (runtime.keyDirectory.transparency.head.hash !== witnessAnchorHead.hash) {
-              throw new Error(`R4 SDK: public transparency witness head fork detected for org ${orgId}.`);
-            }
-          } else {
-            runtime = await this.client.getTokenProviderRuntime(tokenProviderId, {
-              knownTransparencyVersion: witnessAnchorHead.version,
-              knownTransparencyHash: witnessAnchorHead.hash
-            });
-          }
-        }
       }
-    }
-    const trustedPublicKeys = await verifyAndPinVaultUserPublicKeys(
-      this.trustStorePath,
-      runtime.keyDirectory,
-      witnessAnchorHead
-    );
-    const checkpointOrgId = runtime.keyDirectory.directoryCheckpoint?.checkpoint.orgId ?? runtime.vaultId;
-    const trustedAgentPublicKeys = await verifyAndPinVaultAgentPublicKeys(
-      this.trustStorePath,
-      checkpointOrgId,
-      runtime.keyDirectory.agentPublicKeys ?? [],
-      this.baseUrl,
-      this.transparencyWitnessUrl
-    );
-    const wrappedKeySignerPublicKey = this.getWrappedKeySignerPublicKey(
-      runtime.wrappedKey,
-      trustedPublicKeys,
-      trustedAgentPublicKeys
-    );
-    if (!verifyWrappedDekSignature(
-      runtime.vaultId,
-      runtime.wrappedKey.encryptionKeyId,
-      runtime.wrappedKey.signerEncryptionKeyId ?? runtime.wrappedKey.signerUserKeyPairId,
-      runtime.wrappedKey.dekVersion,
-      runtime.wrappedKey.wrappedDek,
-      runtime.wrappedKey.wrappedDekSignature,
-      wrappedKeySignerPublicKey
-    )) {
-      throw new Error(`R4 SDK: wrapped DEK signature verification failed for vault ${runtime.vaultId}.`);
-    }
-    const expectedDetailCheckpoint = buildVaultItemDetailCheckpointFromResponse(
-      runtime.vaultItemDetail,
-      runtime.vaultItemDetail.detailCheckpoint?.checkpoint.version ?? 0
-    );
-    if (!runtime.vaultItemDetail.detailCheckpoint) {
-      throw new Error(`R4 SDK: vault item ${runtime.vaultItemDetail.id} is missing a signed detail checkpoint.`);
-    }
-    const detailVerified = verifyVaultItemDetailCheckpoint(
-      expectedDetailCheckpoint,
-      runtime.vaultItemDetail.detailCheckpoint.signature,
-      getCheckpointSignerPublicKey({
-        checkpoint: runtime.vaultItemDetail.detailCheckpoint,
-        userKeys: trustedPublicKeys,
-        agentKeys: trustedAgentPublicKeys
-      })
-    );
-    if (!detailVerified) {
-      throw new Error(
-        `R4 SDK: vault item checkpoint verification failed for item ${runtime.vaultItemDetail.id}.`
-      );
-    }
-    assertAndPinCheckpointVersion(
-      this.trustStorePath,
-      `detail:${runtime.vaultItemDetail.id}`,
-      expectedDetailCheckpoint.version
-    );
-    return runtime;
-  }
-  decryptTokenProviderFields(runtime) {
-    const dek = unwrapDEKWithPrivateKey(runtime.wrappedKey.wrappedDek, this.privateKeyPem);
-    const fields = {};
-    for (const field of runtime.vaultItemDetail.fields) {
-      if (field.value === null) {
-        continue;
+      console.log();
+    })
+  );
+}
+
+// src/commands/agent/get-tenant-roles.ts
+import { Command as Command3 } from "commander";
+import ora3 from "ora";
+function getTenantRolesCommand() {
+  return new Command3("get-tenant-roles").description("Get the tenant roles assigned to an agent").argument("<id>", "Agent ID").action(
+    withErrorHandler(async (id, _opts, cmd) => {
+      const globalOpts = cmd.optsWithGlobals();
+      const connection = resolveConnection(globalOpts, { requireApiKey: true });
+      const client = new CliClient(connection.apiKey, connection.baseUrl);
+      const spinner = ora3("Fetching agent tenant roles...").start();
+      const response = await client.getAgentTenantRoles(id);
+      spinner.stop();
+      if (globalOpts.json) {
+        console.log(JSON.stringify(response, null, 2));
+        return;
       }
-      fields[field.name] = decryptStoredFieldValue(field.value, dek);
-    }
-    return fields;
-  }
-  getWrappedKeySignerPublicKey(wrappedKey, userKeys, agentKeys) {
-    const signerKey = userKeys.find(
-      (publicKey) => publicKey.userKeyPairId === wrappedKey.signerUserKeyPairId
-    );
-    const historicalAgentSignerKey = agentKeys.flatMap((publicKey) => publicKey.transparency?.entries ?? []).find((entry) => entry.encryptionKeyId === wrappedKey.signerEncryptionKeyId);
-    const wrappedKeySignerPublicKey = wrappedKey.signerEncryptionKeyId ? agentKeys.find(
-      (publicKey) => publicKey.encryptionKeyId === wrappedKey.signerEncryptionKeyId
-    )?.publicKey ?? historicalAgentSignerKey?.publicKey : signerKey?.publicKey;
-    if (!wrappedKeySignerPublicKey) {
-      throw new Error(
-        `R4 SDK: wrapped DEK signer ${wrappedKey.signerEncryptionKeyId ?? wrappedKey.signerUserKeyPairId ?? "unknown"} was not present in the trusted key directory.`
+      console.log();
+      printDetail(
+        [
+          ["Agent ID", id],
+          ["Explicit Roles", response.roles.join(", ") || "(none)"],
+          ["Inherited Roles", response.inheritedRoles.join(", ") || "(none)"]
+        ],
+        false
       );
-    }
-    return wrappedKeySignerPublicKey;
-  }
-  requireStringField(value, label) {
-    if (typeof value !== "string" || value.length === 0) {
-      throw new Error(`R4 SDK: ${label} must be a non-empty string.`);
-    }
-    return value;
-  }
-  inferEstimatedOutputTokens(value) {
-    if (typeof value === "number" && Number.isFinite(value) && value >= 0) {
-      return Math.floor(value);
-    }
-    return 0;
-  }
-  toNonNegativeInt(value) {
-    if (typeof value === "number" && Number.isFinite(value) && value >= 0) {
-      return Math.floor(value);
-    }
-    return 0;
-  }
-};
-var src_default = R4;
+      console.log();
+    })
+  );
+}
+
+// src/commands/agent/init.ts
+import { Command as Command5 } from "commander";
+import ora5 from "ora";
+
+// src/commands/doctor.ts
+import { Command as Command4 } from "commander";
+import chalk3 from "chalk";
+import ora4 from "ora";
 
 // src/lib/doctor.ts
+import R4 from "@r4-sdk/node";
 function getAgentIdFromRegistration(registration) {
   const entryCount = registration?.transparency?.entries.length ?? 0;
   if (!registration?.transparency || entryCount === 0) {
@@ -2932,7 +1309,7 @@ async function runDoctorChecks(connection) {
     return report;
   }
   try {
-    const r4 = await src_default.create({
+    const r4 = await R4.create({
       apiKey: connection.apiKey,
       baseUrl: connection.baseUrl,
       dev: connection.dev,
@@ -3048,8 +1425,8 @@ function doctorCommand(commandName = "doctor", description = "Verify CLI auth, r
 }
 
 // src/lib/credentials-file.ts
-import fs6 from "node:fs";
-import path5 from "node:path";
+import fs5 from "fs";
+import path3 from "path";
 function normalizeFieldName(fieldName) {
   return fieldName.trim().toLowerCase().replace(/[^a-z0-9]+/g, "");
 }
@@ -3255,9 +1632,9 @@ function parsePlainTextContent(content) {
   return {};
 }
 function parseCredentialsFile(credentialsFilePath) {
-  const resolvedPath = path5.resolve(credentialsFilePath);
-  const content = fs6.readFileSync(resolvedPath, "utf8");
-  const extension = path5.extname(resolvedPath).toLowerCase();
+  const resolvedPath = path3.resolve(credentialsFilePath);
+  const content = fs5.readFileSync(resolvedPath, "utf8");
+  const extension = path3.extname(resolvedPath).toLowerCase();
   if (extension === ".json") {
     return parseJsonContent(content);
   }
@@ -3380,8 +1757,8 @@ function cacheProfileIdentity(profileName, identity) {
 }
 
 // src/lib/prompt.ts
-import readline from "node:readline";
-import { Writable } from "node:stream";
+import readline from "readline";
+import { Writable } from "stream";
 var MutableOutput = class extends Writable {
   muted = false;
   _write(chunk, _encoding, callback) {
@@ -3860,14 +2237,14 @@ function logoutCommand() {
 import { Command as Command11 } from "commander";
 
 // src/lib/public-auth-client.ts
-import crypto3 from "node:crypto";
+import crypto2 from "crypto";
 var PublicAuthClient = class {
   baseUrl;
   constructor(baseUrl) {
     this.baseUrl = baseUrl.replace(/\/$/, "");
   }
-  async request(path7, body) {
-    const response = await fetch(`${this.baseUrl}${path7}`, {
+  async request(path6, body) {
+    const response = await fetch(`${this.baseUrl}${path6}`, {
       method: "POST",
       headers: {
         "Content-Type": "application/json",
@@ -3893,7 +2270,7 @@ var PublicAuthClient = class {
   }
 };
 function solveAgentChallenge(nonce) {
-  return crypto3.createHash("sha256").update(nonce).digest("hex");
+  return crypto2.createHash("sha256").update(nonce).digest("hex");
 }
 
 // src/lib/register-agent.ts
@@ -4273,8 +2650,8 @@ import { Command as Command16 } from "commander";
 import ora10 from "ora";
 
 // src/lib/json-input.ts
-import fs7 from "node:fs";
-import path6 from "node:path";
+import fs6 from "fs";
+import path4 from "path";
 function parseJsonInput(params) {
   const bodyFlagName = params.bodyFlagName ?? "--body";
   const bodyFileFlagName = params.bodyFileFlagName ?? "--body-file";
@@ -4284,7 +2661,7 @@ function parseJsonInput(params) {
   if (!params.body && !params.bodyFile) {
     return void 0;
   }
-  const rawInput = params.bodyFile ? fs7.readFileSync(path6.resolve(params.bodyFile), "utf8") : params.body;
+  const rawInput = params.bodyFile ? fs6.readFileSync(path4.resolve(params.bodyFile), "utf8") : params.body;
   const sourceLabel = params.bodyFile ? `${bodyFileFlagName} ${params.bodyFile}` : bodyFlagName;
   try {
     return JSON.parse(rawInput);
@@ -4385,7 +2762,7 @@ function registerBudgetCommands(program2) {
 
 // src/commands/configure.ts
 import { Command as Command18 } from "commander";
-import fs8 from "node:fs";
+import fs7 from "fs";
 async function promptRuntimeTarget(existingProfile) {
   const defaultTarget = existingProfile.baseUrl ? "custom" : existingProfile.dev ? "dev" : "prod";
   const runtimeTarget = await promptChoice(
@@ -4418,7 +2795,7 @@ async function promptRuntimeTarget(existingProfile) {
 }
 async function resolvePrivateKeyMaterial(profileName, existingProfile) {
   const managedPrivateKeyPath = getDefaultPrivateKeyPath(profileName);
-  const defaultMode = existingProfile.privateKeyPath || fs8.existsSync(managedPrivateKeyPath) ? "existing" : "generate";
+  const defaultMode = existingProfile.privateKeyPath || fs7.existsSync(managedPrivateKeyPath) ? "existing" : "generate";
   const privateKeyMode = await promptChoice(
     "How should this profile handle its local private key?",
     [
@@ -4721,13 +3098,13 @@ function normalizeMethod(method) {
 function requestCommand() {
   return new Command23("request").description("Call an arbitrary machine API route").argument("<method>", "HTTP method (GET, POST, PUT, PATCH, DELETE)").argument("<path>", "Machine path like /webhook or /api/v1/machine/webhook").option("--body <json>", "Optional JSON request body").option("--body-file <path>", "Read the JSON request body from a file").action(
     withErrorHandler(
-      async (method, path7, options, cmd) => {
+      async (method, path6, options, cmd) => {
         const globalOpts = cmd.optsWithGlobals();
         const config = resolveAuth(globalOpts);
         const client = new CliClient(config.apiKey, config.baseUrl);
         const result = await client.requestMachine({
           method: normalizeMethod(method),
-          path: path7,
+          path: path6,
           body: parseJsonInput({
             body: options.body,
             bodyFile: options.bodyFile
@@ -5032,17 +3409,64 @@ function createItemCommand() {
   );
 }
 
-// src/commands/vault/list.ts
+// src/commands/vault/download-asset.ts
+import path5 from "path";
 import { Command as Command32 } from "commander";
 import ora21 from "ora";
-import R42 from "@r4-sdk/sdk";
+import R42 from "@r4-sdk/node";
+function downloadAssetCommand() {
+  return new Command32("download-asset").description("Download and locally decrypt a vault attachment by vault ID and asset ID").argument("<vaultId>", "Vault ID that owns the attachment").argument("<assetId>", "Attachment asset ID to download").option(
+    "--output <path>",
+    "Destination file path (defaults to ./${assetId}.bin when omitted)"
+  ).action(
+    withErrorHandler(
+      async (vaultId, assetId, opts, cmd) => {
+        const globalOpts = cmd.optsWithGlobals();
+        const config = resolveAuth(globalOpts);
+        const sdk = new R42(config);
+        const outputPath = path5.resolve(opts.output ?? `${assetId}.bin`);
+        const spinner = ora21("Downloading and decrypting attachment...").start();
+        const result = await sdk.downloadVaultAttachment({
+          vaultId,
+          assetId,
+          outputPath
+        });
+        spinner.stop();
+        if (globalOpts.json) {
+          console.log(
+            JSON.stringify(
+              {
+                assetId: result.assetId,
+                vaultId: result.vaultId,
+                outputPath: result.outputPath,
+                plaintextSize: result.checkpoint.plaintextSize,
+                plaintextSha256: result.checkpoint.plaintextSha256,
+                ciphertextSize: result.checkpoint.ciphertextSize,
+                ciphertextSha256: result.checkpoint.ciphertextSha256
+              },
+              null,
+              2
+            )
+          );
+          return;
+        }
+        success(`Saved decrypted attachment to ${outputPath}`);
+      }
+    )
+  );
+}
+
+// src/commands/vault/list.ts
+import { Command as Command33 } from "commander";
+import ora22 from "ora";
+import R43 from "@r4-sdk/node";
 function listCommand5() {
-  return new Command32("list").description("List all locally decrypted environment variables").action(
+  return new Command33("list").description("List all locally decrypted environment variables").action(
     withErrorHandler(async (_opts, cmd) => {
       const globalOpts = cmd.optsWithGlobals();
       const config = resolveAuth(globalOpts);
-      const spinner = ora21("Fetching environment variables...").start();
-      const r4 = await R42.create(config);
+      const spinner = ora22("Fetching environment variables...").start();
+      const r4 = await R43.create(config);
       spinner.stop();
       const env = r4.env;
       const keys = Object.keys(env).sort();
@@ -5063,12 +3487,13 @@ function listCommand5() {
 }
 
 // src/commands/vault/list-items.ts
-import { Command as Command34 } from "commander";
+import { Command as Command35 } from "commander";
 
 // src/commands/vault/items.ts
-import { Command as Command33 } from "commander";
-import ora22 from "ora";
-import R43 from "@r4-sdk/sdk";
+import { Command as Command34 } from "commander";
+import ora23 from "ora";
+import R44 from "@r4-sdk/node";
+var DIRECT_ITEM_SHARE_VAULT_LABEL = "[Direct Item Share]";
 function deriveItems(env) {
   const keys = Object.keys(env).sort();
   return keys.map((key) => ({
@@ -5079,15 +3504,18 @@ function deriveItems(env) {
 async function loadVaultMetadataRows(globalOpts) {
   const connection = resolveConnection(globalOpts, { requireApiKey: true });
   const client = new CliClient(connection.apiKey, connection.baseUrl);
-  const { vaults } = await client.listVaults(connection.projectId);
-  const rows = [];
+  const [{ vaults }, sharedItemsResponse] = await Promise.all([
+    client.listVaults(connection.projectId),
+    connection.projectId ? Promise.resolve(null) : client.getSharedVaultItems()
+  ]);
+  const rowsByItemId = /* @__PURE__ */ new Map();
   for (const vault of vaults) {
     const response = await client.listVaultItems(vault.id);
     const groupNames = Object.fromEntries(
       response.vaultItemGroups.map((group) => [group.id, group.name])
     );
     for (const item of response.items) {
-      rows.push({
+      rowsByItemId.set(item.id, {
         vaultId: vault.id,
         vaultName: vault.name,
         itemId: item.id,
@@ -5099,13 +3527,33 @@ async function loadVaultMetadataRows(globalOpts) {
       });
     }
   }
-  return rows.sort((left, right) => {
+  if (sharedItemsResponse) {
+    const groupNames = Object.fromEntries(
+      sharedItemsResponse.vaultItemGroups.map((group) => [group.id, group.name])
+    );
+    for (const item of sharedItemsResponse.vaultItems) {
+      if (rowsByItemId.has(item.id)) {
+        continue;
+      }
+      rowsByItemId.set(item.id, {
+        vaultId: item.vaultId,
+        vaultName: DIRECT_ITEM_SHARE_VAULT_LABEL,
+        itemId: item.id,
+        itemName: item.name,
+        type: item.type,
+        fieldCount: item.fieldCount ?? null,
+        groupName: item.groupId ? groupNames[item.groupId] ?? item.groupId : null,
+        websites: item.websites
+      });
+    }
+  }
+  return [...rowsByItemId.values()].sort((left, right) => {
     const vaultCompare = left.vaultName.localeCompare(right.vaultName);
     return vaultCompare !== 0 ? vaultCompare : left.itemName.localeCompare(right.itemName);
   });
 }
 async function renderVaultMetadataRows(globalOpts) {
-  const spinner = ora22("Fetching vault item metadata...").start();
+  const spinner = ora23("Fetching vault item metadata...").start();
   const rows = await loadVaultMetadataRows(globalOpts);
   spinner.stop();
   if (globalOpts.json) {
@@ -5123,7 +3571,7 @@ async function renderVaultMetadataRows(globalOpts) {
       row.vaultName,
       row.itemName,
       row.type || "-",
-      String(row.fieldCount),
+      row.fieldCount === null ? "-" : String(row.fieldCount),
       row.groupName || "-",
       row.websites.join(", ") || "-"
     ]),
@@ -5132,7 +3580,7 @@ async function renderVaultMetadataRows(globalOpts) {
   console.log();
 }
 function itemsCommand() {
-  return new Command33("items").description("List vault items from the decrypted env map, or use --metadata-only for raw machine metadata").option("--metadata-only", "List item metadata without local decryption").action(
+  return new Command34("items").description("List vault items from the decrypted env map, or use --metadata-only for raw machine metadata").option("--metadata-only", "List item metadata without local decryption").action(
     withErrorHandler(async (opts, cmd) => {
       const globalOpts = cmd.optsWithGlobals();
       if (opts.metadataOnly) {
@@ -5140,8 +3588,8 @@ function itemsCommand() {
         return;
       }
       const config = resolveAuth(globalOpts);
-      const spinner = ora22("Fetching vault items...").start();
-      const r4 = await R43.create(config);
+      const spinner = ora23("Fetching vault items...").start();
+      const r4 = await R44.create(config);
       spinner.stop();
       const env = r4.env;
       const items = deriveItems(env);
@@ -5167,7 +3615,7 @@ function itemsCommand() {
 
 // src/commands/vault/list-items.ts
 function listItemsCommand() {
-  return new Command34("list-items").description("List vault item metadata only, without requiring local decryption").action(
+  return new Command35("list-items").description("List vault item metadata only, without requiring local decryption").action(
     withErrorHandler(async (_opts, cmd) => {
       const globalOpts = cmd.optsWithGlobals();
       await renderVaultMetadataRows(globalOpts);
@@ -5176,15 +3624,15 @@ function listItemsCommand() {
 }
 
 // src/commands/vault/list-vaults.ts
-import { Command as Command35 } from "commander";
-import ora23 from "ora";
+import { Command as Command36 } from "commander";
+import ora24 from "ora";
 function listVaultsCommand() {
-  return new Command35("list-vaults").description("List visible vaults without requiring local decryption").action(
+  return new Command36("list-vaults").description("List visible vaults without requiring local decryption").action(
     withErrorHandler(async (_opts, cmd) => {
       const globalOpts = cmd.optsWithGlobals();
       const connection = resolveConnection(globalOpts, { requireApiKey: true });
       const client = new CliClient(connection.apiKey, connection.baseUrl);
-      const spinner = ora23("Fetching visible vaults...").start();
+      const spinner = ora24("Fetching visible vaults...").start();
       const response = await client.listVaults(connection.projectId);
       spinner.stop();
       if (globalOpts.json) {
@@ -5213,17 +3661,17 @@ function listVaultsCommand() {
 }
 
 // src/commands/vault/get.ts
-import { Command as Command36 } from "commander";
-import ora24 from "ora";
-import R44 from "@r4-sdk/sdk";
+import { Command as Command37 } from "commander";
+import ora25 from "ora";
+import R45 from "@r4-sdk/node";
 function getCommand2() {
-  return new Command36("get").description("Get a specific locally decrypted environment variable value").argument("<key>", "Environment variable key (SCREAMING_SNAKE_CASE)").action(
+  return new Command37("get").description("Get a specific locally decrypted environment variable value").argument("<key>", "Environment variable key (SCREAMING_SNAKE_CASE)").action(
     withErrorHandler(
       async (keyArg, _opts, cmd) => {
         const globalOpts = cmd.optsWithGlobals();
         const config = resolveAuth(globalOpts);
-        const spinner = ora24("Fetching environment variables...").start();
-        const r4 = await R44.create(config);
+        const spinner = ora25("Fetching environment variables...").start();
+        const r4 = await R45.create(config);
         spinner.stop();
         const env = r4.env;
         const key = keyArg.toUpperCase();
@@ -5243,17 +3691,17 @@ function getCommand2() {
 }
 
 // src/commands/vault/search.ts
-import { Command as Command37 } from "commander";
-import ora25 from "ora";
-import R45 from "@r4-sdk/sdk";
+import { Command as Command38 } from "commander";
+import ora26 from "ora";
+import R46 from "@r4-sdk/node";
 function searchCommand() {
-  return new Command37("search").description("Search vault items by name").argument("<query>", "Search query (case-insensitive match against key names)").action(
+  return new Command38("search").description("Search vault items by name").argument("<query>", "Search query (case-insensitive match against key names)").action(
     withErrorHandler(
       async (query, _opts, cmd) => {
         const globalOpts = cmd.optsWithGlobals();
         const config = resolveAuth(globalOpts);
-        const spinner = ora25("Searching vault items...").start();
-        const r4 = await R45.create(config);
+        const spinner = ora26("Searching vault items...").start();
+        const r4 = await R46.create(config);
         spinner.stop();
         const env = r4.env;
         const lowerQuery = query.toLowerCase();
@@ -5283,6 +3731,7 @@ function registerVaultCommands(program2) {
   const vault = program2.command("vault").description("Manage vault secrets");
   vault.addCommand(createCommand3());
   vault.addCommand(createItemCommand());
+  vault.addCommand(downloadAssetCommand());
   vault.addCommand(listCommand5());
   vault.addCommand(listVaultsCommand());
   vault.addCommand(listItemsCommand());
@@ -5292,16 +3741,16 @@ function registerVaultCommands(program2) {
 }
 
 // src/commands/project/add-vault.ts
-import { Command as Command38 } from "commander";
-import ora26 from "ora";
+import { Command as Command39 } from "commander";
+import ora27 from "ora";
 function addVaultCommand() {
-  return new Command38("add-vault").description("Associate a vault with a project").argument("<projectId>", "Project ID").argument("<vaultId>", "Vault ID").action(
+  return new Command39("add-vault").description("Associate a vault with a project").argument("<projectId>", "Project ID").argument("<vaultId>", "Vault ID").action(
     withErrorHandler(
       async (projectId, vaultId, _opts, cmd) => {
         const globalOpts = cmd.optsWithGlobals();
         const connection = resolveConnection(globalOpts, { requireApiKey: true });
         const client = new CliClient(connection.apiKey, connection.baseUrl);
-        const spinner = ora26("Associating vault with project...").start();
+        const spinner = ora27("Associating vault with project...").start();
         await client.associateProjectVault({
           projectId,
           vaultId
@@ -5318,15 +3767,15 @@ function addVaultCommand() {
 }
 
 // src/commands/project/list.ts
-import { Command as Command39 } from "commander";
-import ora27 from "ora";
+import { Command as Command40 } from "commander";
+import ora28 from "ora";
 function listCommand6() {
-  return new Command39("list").description("List all projects").action(
+  return new Command40("list").description("List all projects").action(
     withErrorHandler(async (_opts, cmd) => {
       const globalOpts = cmd.optsWithGlobals();
       const connection = resolveConnection(globalOpts, { requireApiKey: true });
       const client = new CliClient(connection.apiKey, connection.baseUrl);
-      const spinner = ora27("Fetching projects...").start();
+      const spinner = ora28("Fetching projects...").start();
       const response = await client.listProjects();
       spinner.stop();
       const rows = response.projects.map((p) => [
@@ -5350,16 +3799,16 @@ function listCommand6() {
 }
 
 // src/commands/project/get.ts
-import { Command as Command40 } from "commander";
+import { Command as Command41 } from "commander";
 import chalk6 from "chalk";
-import ora28 from "ora";
+import ora29 from "ora";
 function getCommand3() {
-  return new Command40("get").description("Get project details").argument("<id>", "Project ID").action(
+  return new Command41("get").description("Get project details").argument("<id>", "Project ID").action(
     withErrorHandler(async (id, _opts, cmd) => {
       const globalOpts = cmd.optsWithGlobals();
       const connection = resolveConnection(globalOpts, { requireApiKey: true });
       const client = new CliClient(connection.apiKey, connection.baseUrl);
-      const spinner = ora28("Fetching project...").start();
+      const spinner = ora29("Fetching project...").start();
       const project = await client.getProject(id);
       spinner.stop();
       if (globalOpts.json) {
@@ -5417,9 +3866,9 @@ function getCommand3() {
 }
 
 // src/commands/project/create.ts
-import { Command as Command41 } from "commander";
-import readline2 from "node:readline";
-import ora29 from "ora";
+import { Command as Command42 } from "commander";
+import readline2 from "readline";
+import ora30 from "ora";
 function prompt(question) {
   const rl = readline2.createInterface({ input: process.stdin, output: process.stdout });
   return new Promise((resolve) => {
@@ -5430,7 +3879,7 @@ function prompt(question) {
   });
 }
 function createCommand4() {
-  return new Command41("create").description("Create a new project").option("--name <name>", "Project name").option("--description <description>", "Project description").option("--external-id <externalId>", "External identifier").action(
+  return new Command42("create").description("Create a new project").option("--name <name>", "Project name").option("--description <description>", "Project description").option("--external-id <externalId>", "External identifier").action(
     withErrorHandler(async (opts, cmd) => {
       const globalOpts = cmd.optsWithGlobals();
       const connection = resolveConnection(globalOpts, { requireApiKey: true });
@@ -5442,7 +3891,7 @@ function createCommand4() {
       if (!name) {
         throw new Error("Project name is required.");
       }
-      const spinner = ora29("Creating project...").start();
+      const spinner = ora30("Creating project...").start();
       const response = await client.createProject({
         name,
         description: opts.description,
@@ -5459,10 +3908,10 @@ function createCommand4() {
 }
 
 // src/commands/project/set-agents.ts
-import { Command as Command42 } from "commander";
-import ora30 from "ora";
+import { Command as Command43 } from "commander";
+import ora31 from "ora";
 function setAgentsCommand() {
-  return new Command42("set-agents").description("Replace the explicit agent membership for a project").argument("<projectId>", "Project ID").option(
+  return new Command43("set-agents").description("Replace the explicit agent membership for a project").argument("<projectId>", "Project ID").option(
     "--agent-id <id>",
     "Agent ID to keep on the project (repeat or use comma-separated values)",
     collectOptionValues,
@@ -5473,7 +3922,7 @@ function setAgentsCommand() {
         const globalOpts = cmd.optsWithGlobals();
         const connection = resolveConnection(globalOpts, { requireApiKey: true });
         const client = new CliClient(connection.apiKey, connection.baseUrl);
-        const spinner = ora30("Updating project agents...").start();
+        const spinner = ora31("Updating project agents...").start();
         await client.updateProjectAgents(projectId, {
           agentIds: options.agentId
         });
@@ -5499,17 +3948,17 @@ function registerProjectCommands(program2) {
 }
 
 // src/commands/run/index.ts
-import { spawn } from "node:child_process";
-import ora31 from "ora";
-import R46 from "@r4-sdk/sdk";
+import { spawn } from "child_process";
+import ora32 from "ora";
+import R47 from "@r4-sdk/node";
 function registerRunCommand(program2) {
   program2.command("run").description("Run a command with vault secrets injected as environment variables").argument("<command...>", "Command and arguments to execute").option("--prefix <prefix>", "Add prefix to all injected env var names").action(
     withErrorHandler(
       async (commandParts, opts, cmd) => {
         const globalOpts = cmd.optsWithGlobals();
         const config = resolveAuth(globalOpts);
-        const spinner = ora31("Loading vault secrets...").start();
-        const r4 = await R46.create(config);
+        const spinner = ora32("Loading vault secrets...").start();
+        const r4 = await R47.create(config);
         spinner.stop();
         const env = r4.env;
         const secretEnv = {};
@@ -5535,10 +3984,10 @@ function registerRunCommand(program2) {
 }
 
 // src/commands/security-group/create.ts
-import { Command as Command43 } from "commander";
-import ora32 from "ora";
+import { Command as Command44 } from "commander";
+import ora33 from "ora";
 function createCommand5() {
-  return new Command43("create").description("Create a tenant security group").requiredOption("--name <name>", "Security group name").requiredOption("--tenant-id <id>", "Tenant ID").option("--parent-id <id>", "Optional parent security group ID").option(
+  return new Command44("create").description("Create a tenant security group").requiredOption("--name <name>", "Security group name").requiredOption("--tenant-id <id>", "Tenant ID").option("--parent-id <id>", "Optional parent security group ID").option(
     "--role <role>",
     "Tenant role to grant through this group (repeat or use comma-separated values)",
     collectOptionValues,
@@ -5549,7 +3998,7 @@ function createCommand5() {
         const globalOpts = cmd.optsWithGlobals();
         const connection = resolveConnection(globalOpts, { requireApiKey: true });
         const client = new CliClient(connection.apiKey, connection.baseUrl);
-        const spinner = ora32("Creating security group...").start();
+        const spinner = ora33("Creating security group...").start();
         await client.createSecurityGroup({
           name: options.name,
           parentId: options.parentId ?? null,
@@ -5585,8 +4034,8 @@ function registerSecurityGroupCommands(program2) {
 }
 
 // src/index.ts
-var program = new Command44();
-program.name("r4").description("R4 CLI \u2014 manage vaults, projects, and secrets from the terminal").version("1.0.0").option("--api-key <key>", "API key (overrides R4_API_KEY env var and config file)").option("--profile <name>", "CLI profile name (overrides R4_PROFILE and the saved current profile)").option("--project-id <id>", "Optional project ID filter (overrides R4_PROJECT_ID env var and config file)").option("--dev", "Use https://dev.r4.dev unless an explicit base URL override is set").option("--base-url <url>", "API base URL (default: https://r4.dev)").option("--private-key-path <path>", "Path to the agent private key PEM (overrides R4_PRIVATE_KEY_PATH env var and config file)").option("--trust-store-path <path>", "Path to the local signer trust-store JSON (overrides R4_TRUST_STORE_PATH env var and config file)").option("--json", "Output as JSON for scripting and piping", false);
+var program = new Command45();
+program.name("r4").description("R4 CLI \u2014 manage vaults, projects, and secrets from the terminal").version("1.0.2").option("--api-key <key>", "API key (overrides R4_API_KEY env var and config file)").option("--profile <name>", "CLI profile name (overrides R4_PROFILE and the saved current profile)").option("--project-id <id>", "Optional project ID filter (overrides R4_PROJECT_ID env var and config file)").option("--dev", "Use https://dev.r4.dev unless an explicit base URL override is set").option("--base-url <url>", "API base URL (default: https://r4.dev)").option("--private-key-path <path>", "Path to the agent private key PEM (overrides R4_PRIVATE_KEY_PATH env var and config file)").option("--trust-store-path <path>", "Path to the local signer trust-store JSON (overrides R4_TRUST_STORE_PATH env var and config file)").option("--json", "Output as JSON for scripting and piping", false);
 registerAgentCommands(program);
 registerAuthCommands(program);
 registerBillingCommands(program);