@rootzero/contracts 0.8.0 → 0.9.0

package/docs/GETTING_STARTED.md

@@ -14,7 +14,6 @@ rootzero moves data through a small command context:
 
 ```solidity
 struct CommandContext {
-    uint target;
     bytes32 account;
     bytes state;
     bytes request;
@@ -25,8 +24,7 @@ In practice:
 
 - `account` is the user account the command is acting for.
 - `request` is the new input for this command.
-- `state` is data produced by an earlier command in a pipeline.
-- `target` is the command id you expect to receive, or `0`.
+- `state` is live pipeline state produced by an earlier command.
 
 Most built-in commands follow a simple pattern:
 
@@ -86,7 +84,7 @@ contract ExampleHost is Host, DebitAccount {
         bytes32 meta,
         uint amount
     ) internal override {
-        bytes32 key = Assets.key(asset, meta);
+        bytes32 key = Assets.slot(asset, meta);
         balances[account][key] -= amount;
     }
 }
@@ -105,22 +103,21 @@ The built-in commands are easiest to use when you know which blocks they expect.
 ### Commands That Read `request`
 
 - `deposit`: reads `AMOUNT` blocks, returns `BALANCE`
-- `transfer`: reads `AMOUNT` plus `RECIPIENT`
+- `transfer`: reads `PAYOUT` blocks
 - `debitAccount`: reads `AMOUNT`, returns `BALANCE`
-- `provision`: reads `AMOUNT` plus `NODE`, returns `CUSTODY`
-- `pipe`: reads `STEP` blocks and runs them in order
+- `provision`: reads `ALLOCATION`, returns `CUSTODY` state
+- `pipePayable`: reads `STEP` blocks and runs them in order
 
 ### Commands That Read `state`
 
-- `withdraw`: reads `BALANCE`, optionally reads `RECIPIENT` from `request`
-- `creditAccount`: reads `BALANCE`, optionally reads `RECIPIENT` from `request`
-- `settle`: reads `TX`
-- `provisionFromBalance`: reads `BALANCE` from `state` and `NODE` from `request`
+- `withdraw`: reads `BALANCE`, optionally reads `ACCOUNT` from `request`
+- `creditAccount`: reads `BALANCE`, optionally reads `ACCOUNT` from `request`
 
 This is the main pattern to keep in mind:
 
 - use `request` for the command's direct input
-- use `state` when a previous command already produced the input
+- use `state` for live value threaded through a pipeline, currently `BALANCE` and `CUSTODY`
+- use peer commands such as `peerSettle` for settlement messages such as `TRANSACTION`
 
 ## Step 4: Send A Simple Request
 
@@ -137,7 +134,6 @@ const meta = ethers.ZeroHash;
 const amount = 100n;
 
 const ctx = {
-  target: 0n,
   account: "0x...", // 32-byte rootzero account id
   state: "0x",
   request: encodeAmountBlock(asset, meta, amount),
@@ -160,11 +156,10 @@ When the built-in modules are not enough, add your own command entrypoint.
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.33;
 
-import {Host} from "@rootzero/contracts/Core.sol";
-import {CommandBase, CommandContext, Channels} from "@rootzero/contracts/Commands.sol";
-import {Cursors, Cursor, Schemas} from "@rootzero/contracts/Cursors.sol";
+import {CommandBase, CommandContext, Keys} from "@rootzero/contracts/Commands.sol";
+import {Cursors, Cur, Schemas} from "@rootzero/contracts/Cursors.sol";
 
-using Cursors for Cursor;
+using Cursors for Cur;
 
 string constant NAME = "myCommand";
 string constant ROUTE = "route(uint foo, uint bar)";
@@ -174,16 +169,20 @@ abstract contract MyCommand is CommandBase {
     uint internal immutable myCommandId = commandId(NAME);
 
     constructor() {
-        emit Command(host, NAME, INPUT, myCommandId, Channels.Setup, Channels.Balances);
+        emit Command(host, myCommandId, NAME, INPUT, Keys.Empty, Keys.Balance, false);
     }
 
     function myCommand(
         CommandContext calldata c
-    ) external payable onlyCommand(myCommandId, c.target) returns (bytes memory) {
-        Cursor memory input = Cursors.openBlock(c.request, 0);
-        uint foo = input.unpackRouteUint();
+    ) external onlyCommand(c.account) returns (bytes memory) {
+        Cur memory input = cursor(c.request);
+        uint next = input.bundle();
+
+        bytes calldata route = input.unpackRaw(Keys.Route);
         (bytes32 asset, bytes32 meta, uint amount) = input.unpackAmount();
-        foo;
+        input.ensure(next);
+
+        route;
         return Cursors.toBalanceBlock(asset, meta, amount);
     }
 }
@@ -193,7 +192,7 @@ There are three important ideas here:
 
 - every custom command gets a deterministic command id
 - you announce it with the `Command` event
-- `onlyCommand(myCommandId, c.target)` ensures the trusted caller hit the right endpoint
+- `onlyCommand(c.account)` ensures the caller is trusted and the calldata account matches `c.account`
 
 ## Step 6: Read Input With A Cursor
 
@@ -205,7 +204,7 @@ If your request contains a bundled input like:
 
 your command can:
 
-- open it with `Cursors.openBlock(...)`
+- open it with `cursor(c.request)` or `Cursors.open(...)`
 - consume the route first
 - then consume the amount
 - keep parsing in bundle/member order without indexing helpers
@@ -232,18 +231,27 @@ function buildBalances() internal pure returns (bytes memory) {
     Writer memory writer = Writers.allocBalances(2);
     writer.appendBalance(bytes32(uint256(1)), bytes32(0), 50);
     writer.appendBalance(bytes32(uint256(2)), bytes32(0), 75);
-    return writer.done();
+    return writer.finish();
 }
 ```
 
 Use this when your command needs to return:
 
 - balances
-- custodies
-- transactions
+- custody state
 
 If you are only consuming built-in commands, you often will not need to touch writers directly.
 
+## Query Forms
+
+Queries use reusable `Forms` as their input and output schema vocabulary. For example, `getBalances` accepts `Forms.AccountAsset` blocks and returns `Forms.AccountAmount` blocks:
+
+```solidity
+emit Query(host, NAME, Forms.AccountAsset, Forms.AccountAmount, getBalancesId);
+```
+
+This keeps query payloads structural: the query name describes what is being asked, while the form describes the fields carried by each block.
+
 ## A Tiny End-To-End Example
 
 Imagine you want a host that keeps internal balances and lets rootzero debit them.
@@ -251,7 +259,7 @@ Imagine you want a host that keeps internal balances and lets rootzero debit the
 1. Deploy a host that inherits `Host` and `DebitAccount`.
 2. Store balances in your own mapping.
 3. Implement `debitAccount(account, asset, meta, amount)`.
-4. Send `debitAccountToBalance` a request containing one or more `AMOUNT` blocks.
+4. Send `debitAccount` a request containing one or more `AMOUNT` blocks.
 5. rootzero returns `BALANCE` blocks representing the debited amounts.
 
 That is already a valid and useful integration.
@@ -272,7 +280,7 @@ If you want to learn by example, these are the best files to read next:
 
 - Passing data in `state` when the command expects it in `request`
 - Forgetting to emit a `Command` event for a custom command
-- Using the wrong `target` value for `onlyCommand`
+- Using an admin account with user-only command flows such as `pipePayable`
 - Trying to parse raw bytes manually when a built-in reader already exists
 - Starting with a custom command when a built-in module already matches the job
 

package/events/Asset.sol

@@ -8,7 +8,7 @@ string constant ABI = "event Asset(uint indexed host, bytes32 name, uint32 prefi
 /// @notice Emitted when an asset is registered or updated on a host.
 abstract contract AssetEvent is EventEmitter {
     /// @param host Host node ID that registered the asset.
-    /// @param name Asset identifier.
+    /// @param name Asset name encoded as a bytes32 string.
     /// @param prefix 4-byte type prefix of the asset ID.
     event Asset(uint indexed host, bytes32 name, uint32 prefix);
 

package/events/Command.sol

@@ -4,24 +4,24 @@ pragma solidity ^0.8.33;
 import { EventEmitter } from "./Emitter.sol";
 
 string constant ABI =
-    "event Command(uint indexed host, string name, string schema, uint cid, uint8 stateIn, uint8 stateOut, bool acceptsValue)";
+    "event Command(uint indexed host, uint id, string name, string request, bytes4 state, bytes4 output, bool acceptsValue)";
 
-/// @notice Emitted once per command during host deployment to publish its schema and state types.
+/// @notice Emitted once per command during host deployment to publish its request schema and state keys.
 abstract contract CommandEvent is EventEmitter {
     /// @param host Host node ID that owns this command.
+    /// @param id Command node ID.
     /// @param name Human-readable command name.
-    /// @param schema Schema DSL string describing the request shape.
-    /// @param cid Command node ID.
-    /// @param stateIn State type discriminant for the input state (see `State` library).
-    /// @param stateOut State type discriminant for the output state.
+    /// @param request Schema DSL string describing the request shape.
+    /// @param state Block key expected for input state, or `Keys.Empty`.
+    /// @param output Block key produced for output state, or `Keys.Empty`.
     /// @param acceptsValue Whether the command entrypoint accepts nonzero `msg.value`.
     event Command(
         uint indexed host,
+        uint id,
         string name,
-        string schema,
-        uint cid,
-        uint8 stateIn,
-        uint8 stateOut,
+        string request,
+        bytes4 state,
+        bytes4 output,
         bool acceptsValue
     );
 

package/events/Deposit.sol

@@ -3,16 +3,15 @@ pragma solidity ^0.8.33;
 
 import { EventEmitter } from "./Emitter.sol";
 
-string constant ABI = "event Deposit(bytes32 indexed account, bytes32 asset, bytes32 meta, uint amount, uint cid)";
+string constant ABI = "event Deposit(bytes32 indexed account, bytes32 asset, bytes32 meta, uint amount)";
 
 /// @notice Emitted when assets are deposited into an account.
 abstract contract DepositEvent is EventEmitter {
-    /// @param account Recipient account identifier.
+    /// @param account Destination account identifier.
     /// @param asset Asset identifier.
     /// @param meta Asset metadata slot.
     /// @param amount Amount deposited.
-    /// @param cid Command ID that triggered the deposit.
-    event Deposit(bytes32 indexed account, bytes32 asset, bytes32 meta, uint amount, uint cid);
+    event Deposit(bytes32 indexed account, bytes32 asset, bytes32 meta, uint amount);
 
     constructor() {
         emit EventAbi(ABI);

package/events/Listing.sol

@@ -11,7 +11,7 @@ abstract contract ListingEvent is EventEmitter {
     /// @param asset Asset identifier.
     /// @param meta Asset metadata slot.
     /// @param active True if the listing is currently active.
-    /// @param created True if this is a new listing (false if it is an update).
+    /// @param created True if the asset was created as part of this listing.
     event Listing(uint indexed host, bytes32 asset, bytes32 meta, bool active, bool created);
 
     constructor() {

package/events/Peer.sol

@@ -4,16 +4,16 @@ pragma solidity ^0.8.33;
 import { EventEmitter } from "./Emitter.sol";
 
 string constant ABI =
-    "event Peer(uint indexed host, string name, string schema, uint pid, bool acceptsValue)";
+    "event Peer(uint indexed host, uint id, string name, string schema, bool acceptsValue)";
 
 /// @notice Emitted once per peer during host deployment to publish its schema.
 abstract contract PeerEvent is EventEmitter {
     /// @param host Host node ID that owns this peer.
+    /// @param id Peer node ID.
     /// @param name Human-readable peer name.
     /// @param schema Schema DSL string describing the peer request shape.
-    /// @param pid Peer node ID.
     /// @param acceptsValue Whether the peer entrypoint accepts nonzero `msg.value`.
-    event Peer(uint indexed host, string name, string schema, uint pid, bool acceptsValue);
+    event Peer(uint indexed host, uint id, string name, string schema, bool acceptsValue);
 
     constructor() {
         emit EventAbi(ABI);

package/events/Position.sol

@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: GPL-3.0-only
+pragma solidity ^0.8.33;
+
+import {EventEmitter} from "./Emitter.sol";
+
+string constant ABI = "event AssetPosition(bytes32 indexed account, bytes32 asset, bytes32 meta, uint value, uint queryId)";
+
+/// @notice Emitted when the reported value of an asset-backed position changes or is observed.
+/// A value of 0 should be interpreted as a closed position.
+abstract contract AssetPositionEvent is EventEmitter {
+    /// @param account Account identifier that owns or is associated with the position.
+    /// @param asset Asset identifier for the asset class.
+    /// @param meta Asset metadata slot carrying the position context.
+    /// @param value Context-specific position value; 0 indicates a closed position.
+    /// @param queryId Query ID associated with the position lookup or reporting context.
+    event AssetPosition(bytes32 indexed account, bytes32 asset, bytes32 meta, uint value, uint queryId);
+
+    constructor() {
+        emit EventAbi(ABI);
+    }
+}

package/events/Query.sol

@@ -3,16 +3,16 @@ pragma solidity ^0.8.33;
 
 import {EventEmitter} from "./Emitter.sol";
 
-string constant ABI = "event Query(uint indexed host, string name, string input, string output, uint qid)";
+string constant ABI = "event Query(uint indexed host, uint id, string name, string input, string output)";
 
 /// @notice Emitted once per query during host deployment to publish its request and response schemas.
 abstract contract QueryEvent is EventEmitter {
     /// @param host Host node ID that owns this query.
+    /// @param id Query node ID.
     /// @param name Human-readable query name.
     /// @param input Schema DSL string describing the query request shape.
     /// @param output Schema DSL string describing the query response shape.
-    /// @param qid Query node ID.
-    event Query(uint indexed host, string name, string input, string output, uint qid);
+    event Query(uint indexed host, uint id, string name, string input, string output);
 
     constructor() {
         emit EventAbi(ABI);

package/events/Withdraw.sol

@@ -3,7 +3,7 @@ pragma solidity ^0.8.33;
 
 import { EventEmitter } from "./Emitter.sol";
 
-string constant ABI = "event Withdrawal(bytes32 indexed account, bytes32 asset, bytes32 meta, uint amount, uint cid)";
+string constant ABI = "event Withdrawal(bytes32 indexed account, bytes32 asset, bytes32 meta, uint amount)";
 
 /// @notice Emitted when assets are withdrawn from an account.
 abstract contract WithdrawalEvent is EventEmitter {
@@ -11,8 +11,7 @@ abstract contract WithdrawalEvent is EventEmitter {
     /// @param asset Asset identifier.
     /// @param meta Asset metadata slot.
     /// @param amount Amount withdrawn.
-    /// @param cid Command ID that triggered the withdrawal.
-    event Withdrawal(bytes32 indexed account, bytes32 asset, bytes32 meta, uint amount, uint cid);
+    event Withdrawal(bytes32 indexed account, bytes32 asset, bytes32 meta, uint amount);
 
     constructor() {
         emit EventAbi(ABI);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rootzero/contracts",
-  "version": "0.8.0",
+  "version": "0.9.0",
   "description": "Solidity contracts and protocol building blocks for rootzero hosts and commands.",
   "private": false,
   "license": "GPL-3.0-only",

package/peer/AllowAssets.sol

@@ -16,7 +16,7 @@ abstract contract PeerAllowAssets is PeerBase, AllowAssetsHook {
     uint internal immutable peerAllowAssetsId = peerId(NAME);
 
     constructor() {
-        emit Peer(host, NAME, Schemas.Asset, peerAllowAssetsId, false);
+        emit Peer(host, peerAllowAssetsId, NAME, Schemas.Asset, false);
     }
 
     /// @notice Execute the allow-assets peer call.

package/peer/Allowance.sol

@@ -0,0 +1,36 @@
+// SPDX-License-Identifier: GPL-3.0-only
+pragma solidity ^0.8.33;
+
+import {PeerBase} from "./Base.sol";
+import {AllowanceHook} from "../commands/admin/Allowance.sol";
+import {Cursors, Cur, Schemas} from "../Cursors.sol";
+
+using Cursors for Cur;
+
+string constant NAME = "peerAllowance";
+
+/// @title PeerAllowance
+/// @notice Peer that lets a trusted remote host request or refresh its own allowance.
+/// Each AMOUNT block in the request is scoped to `caller()` and passed to the shared
+/// allowance hook as a host-scoped allowance. Restricted to trusted peers.
+abstract contract PeerAllowance is PeerBase, AllowanceHook {
+    uint internal immutable peerAllowanceId = peerId(NAME);
+
+    constructor() {
+        emit Peer(host, peerAllowanceId, NAME, Schemas.Amount, false);
+    }
+
+    /// @notice Execute the allowance peer call.
+    function peerAllowance(bytes calldata request) external onlyPeer returns (bytes memory) {
+        (Cur memory amounts, , ) = cursor(request, 1);
+        uint peer = caller();
+
+        while (amounts.i < amounts.bound) {
+            (bytes32 asset, bytes32 meta, uint amount) = amounts.unpackAmount();
+            allowance(peer, asset, meta, amount);
+        }
+
+        amounts.complete();
+        return "";
+    }
+}

package/peer/AssetPull.sol

@@ -25,7 +25,7 @@ abstract contract PeerAssetPull is PeerBase, PeerAssetPullHook {
     uint internal immutable peerAssetPullId = peerId(NAME);
 
     constructor() {
-        emit Peer(host, NAME, Schemas.Amount, peerAssetPullId, false);
+        emit Peer(host, peerAssetPullId, NAME, Schemas.Amount, false);
     }
 
     /// @notice Execute the asset-pull peer call.

package/peer/Base.sol

@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: GPL-3.0-only
 pragma solidity ^0.8.33;
 
-import { OperationBase } from "../core/Operation.sol";
+import { NodeCalls } from "../core/Calls.sol";
 import { PeerEvent } from "../events/Peer.sol";
 import { Ids, Selectors } from "../utils/Ids.sol";
 
@@ -18,11 +18,15 @@ function encodePeerCall(uint target, bytes calldata request) pure returns (bytes
 
 /// @title PeerBase
 /// @notice Abstract base for all rootzero peer contracts.
-/// Peers handle inter-host asset flows (push/pull) and asset allow/deny management
+/// Peers handle inter-host operations and asset allow/deny management
 /// between cooperating hosts. Access is restricted to trusted callers via `onlyPeer`.
-abstract contract PeerBase is OperationBase, PeerEvent {
-    /// @dev Restrict execution to trusted callers (authorized hosts or the commander).
+abstract contract PeerBase is NodeCalls, PeerEvent {
+    /// @dev Thrown when the commander attempts to call a peer entrypoint directly.
+    error CommanderNotAllowed();
+
+    /// @dev Restrict execution to trusted callers, excluding the commander.
     modifier onlyPeer() {
+        if (msg.sender == commander) revert CommanderNotAllowed();
         enforceCaller(msg.sender);
         _;
     }

package/peer/DenyAssets.sol

@@ -16,7 +16,7 @@ abstract contract PeerDenyAssets is PeerBase, DenyAssetsHook {
     uint internal immutable peerDenyAssetsId = peerId(NAME);
 
     constructor() {
-        emit Peer(host, NAME, Schemas.Asset, peerDenyAssetsId, false);
+        emit Peer(host, peerDenyAssetsId, NAME, Schemas.Asset, false);
     }
 
     /// @notice Execute the deny-assets peer call.

package/peer/Settle.sol

@@ -3,7 +3,7 @@ pragma solidity ^0.8.33;
 
 import { PeerBase } from "./Base.sol";
 import { TransferHook } from "../commands/Transfer.sol";
-import { Cursors, Cur, Tx, Schemas } from "../Cursors.sol";
+import { Cursors, Cur, Schemas } from "../Cursors.sol";
 
 using Cursors for Cur;
 
@@ -16,7 +16,7 @@ abstract contract PeerSettle is PeerBase, TransferHook {
     uint internal immutable peerSettleId = peerId(NAME);
 
     constructor() {
-        emit Peer(host, NAME, Schemas.Transaction, peerSettleId, false);
+        emit Peer(host, peerSettleId, NAME, Schemas.Transaction, false);
     }
 
     /// @notice Execute the peer-settle call.
@@ -24,8 +24,7 @@ abstract contract PeerSettle is PeerBase, TransferHook {
         (Cur memory state, , ) = cursor(request, 1);
 
         while (state.i < state.bound) {
-            Tx memory value = state.unpackTxValue();
-            transfer(value);
+            transfer(state.unpackTxValue());
         }
 
         state.complete();

package/queries/Assets.sol

@@ -1,14 +1,14 @@
 // SPDX-License-Identifier: GPL-3.0-only
 pragma solidity ^0.8.33;
 
-import {Cur, Cursors, Writer, Writers, Keys} from "../Cursors.sol";
-import {Schemas} from "../blocks/Schema.sol";
+import {Cur, Cursors, Writer, Writers} from "../Cursors.sol";
+import {Forms, Schemas} from "../blocks/Schema.sol";
 import {QueryBase} from "./Base.sol";
 
 using Cursors for Cur;
+using Writers for Writer;
 
 string constant NAME = "isAllowedAsset";
-string constant OUTPUT = "response(uint allowed)";
 
 abstract contract IsAllowedAssetHook {
     /// @notice Resolve whether one asset tuple is allowed.
@@ -22,25 +22,25 @@ abstract contract IsAllowedAssetHook {
 /// @title IsAllowedAsset
 /// @notice Rootzero query that checks whether one or more `(asset, meta)` tuples are allowed.
 /// The request is a run of `ASSET` blocks.
-/// The response returns one `RESPONSE` block per query entry, preserving request order.
+/// The response returns one `STATUS` form block per query entry, preserving request order.
 abstract contract IsAllowedAsset is QueryBase, IsAllowedAssetHook {
     uint public immutable isAllowedAssetId = queryId(NAME);
 
     constructor() {
-        emit Query(host, NAME, Schemas.Asset, OUTPUT, isAllowedAssetId);
+        emit Query(host, isAllowedAssetId, NAME, Schemas.Asset, Forms.Status);
     }
 
     /// @notice Resolve allowlist status for a run of requested `(asset, meta)` tuples.
     /// @param request Block-stream request consisting of `asset(asset, meta)*`.
-    /// @return Block-stream response containing one `response(allowed)` per asset block.
+    /// @return Block-stream response containing one `status(ok)` per asset block.
     function isAllowedAsset(bytes calldata request) external view returns (bytes memory) {
         (Cur memory query, uint count, ) = cursor(request, 1);
-        Writer memory response = Writers.alloc32s(count);
+        Writer memory response = Writers.allocStatuses(count);
 
         while (query.i < query.bound) {
             (bytes32 asset, bytes32 meta) = query.unpackAsset();
             bool allowed = isAllowedAsset(asset, meta);
-            Writers.appendBool(response, Keys.Response, allowed);
+            response.appendStatus(allowed);
         }
 
         return query.complete(response);

package/queries/Balances.sol

@@ -1,13 +1,13 @@
 // SPDX-License-Identifier: GPL-3.0-only
 pragma solidity ^0.8.33;
 
-import {Cur, Cursors, Schemas, Writer, Writers} from "../Cursors.sol";
+import {Cur, Cursors, Forms, Writer, Writers} from "../Cursors.sol";
 import {QueryBase} from "./Base.sol";
 
 using Cursors for Cur;
+using Writers for Writer;
 
 string constant NAME = "getBalances";
-string constant INPUT = "query(bytes32 account, bytes32 asset, bytes32 meta)";
 
 abstract contract GetBalancesHook {
     /// @notice Resolve one account's balance for one supported asset.
@@ -21,26 +21,26 @@ abstract contract GetBalancesHook {
 
 /// @title GetBalances
 /// @notice Rootzero query that resolves balances for one or more `(account, asset, meta)` tuples.
-/// The request is a run of `QUERY` blocks, each encoding `(bytes32 account, bytes32 asset, bytes32 meta)`.
-/// The response returns one `BALANCE` block per query entry, preserving request order.
+/// The request is a run of `ACCOUNT_ASSET` form blocks.
+/// The response returns one `ACCOUNT_AMOUNT` form block per requested position, preserving request order.
 abstract contract GetBalances is QueryBase, GetBalancesHook {
     uint public immutable getBalancesId = queryId(NAME);
 
     constructor() {
-        emit Query(host, NAME, INPUT, Schemas.Balance, getBalancesId);
+        emit Query(host, getBalancesId, NAME, Forms.AccountAsset, Forms.AccountAmount);
     }
 
     /// @notice Resolve balances for a run of requested `(account, asset, meta)` tuples.
-    /// @param request Block-stream request consisting of `query(account, asset, meta)*`.
-    /// @return Block-stream response containing one `balance(asset, meta, amount)` per query block.
+    /// @param request Block-stream request consisting of `accountAsset(account, asset, meta)*`.
+    /// @return Block-stream response containing one `accountAmount(account, asset, meta, amount)` block per request block.
     function getBalances(bytes calldata request) external view returns (bytes memory) {
         (Cur memory query, uint count, ) = cursor(request, 1);
-        Writer memory response = Writers.allocBalances(count);
+        Writer memory response = Writers.allocAccountAmounts(count);
 
         while (query.i < query.bound) {
-            (bytes32 account, bytes32 asset, bytes32 meta) = query.unpackQuery96();
-            uint balance = getBalance(account, asset, meta);
-            Writers.appendBalance(response, asset, meta, balance);
+            (bytes32 account, bytes32 asset, bytes32 meta) = query.unpackAccountAsset();
+            uint amount = getBalance(account, asset, meta);
+            response.appendAccountAmount(account, asset, meta, amount);
         }
 
         return query.complete(response);

package/queries/Base.sol

@@ -1,8 +1,7 @@
 // SPDX-License-Identifier: GPL-3.0-only
 pragma solidity ^0.8.33;
 
-import { CursorBase } from "../core/CursorBase.sol";
-import { HostBound } from "../core/HostBound.sol";
+import { RootZeroContext } from "../core/Context.sol";
 import { QueryEvent } from "../events/Query.sol";
 import { Ids, Selectors } from "../utils/Ids.sol";
 
@@ -21,7 +20,7 @@ function encodeQueryCall(uint target, bytes calldata request) pure returns (byte
 /// @notice Abstract base for rootzero query contracts.
 /// Queries are view-only entry points that consume a block-stream request and
 /// return a block-stream response.
-abstract contract QueryBase is CursorBase, HostBound, QueryEvent {
+abstract contract QueryBase is RootZeroContext, QueryEvent {
 
     /// @notice Derive the deterministic node ID for a named query on this contract.
     /// The ID encodes the ABI selector of `name(bytes)` and `address(this)`,