@rootzero/contracts 0.8.0 → 0.9.1

package/remote/Allowance.sol

@@ -0,0 +1,36 @@
+// SPDX-License-Identifier: GPL-3.0-only
+pragma solidity ^0.8.33;
+
+import {RemoteBase} from "./Base.sol";
+import {AllowanceHook} from "../commands/control/Allowance.sol";
+import {Cursors, Cur, Schemas} from "../Cursors.sol";
+
+using Cursors for Cur;
+
+string constant NAME = "remoteAllowance";
+
+/// @title RemoteAllowance
+/// @notice Remote that lets a trusted remote host request or refresh its own allowance.
+/// Each AMOUNT block in the request is scoped to the remote host and passed to the
+/// shared allowance hook as a host-scoped allowance. Restricted to trusted remotes.
+abstract contract RemoteAllowance is RemoteBase, AllowanceHook {
+    uint internal immutable remoteAllowanceId = remoteId(NAME);
+
+    constructor() {
+        emit Remote(host, remoteAllowanceId, NAME, Schemas.Amount, false);
+    }
+
+    /// @notice Execute the allowance remote call.
+    function remoteAllowance(bytes calldata request) external onlyRemote returns (bytes memory) {
+        (Cur memory amounts, , ) = cursor(request, 1);
+        uint remote = caller();
+
+        while (amounts.i < amounts.bound) {
+            (bytes32 asset, bytes32 meta, uint amount) = amounts.unpackAmount();
+            allowance(remote, asset, meta, amount);
+        }
+
+        amounts.complete();
+        return "";
+    }
+}

package/remote/AssetPull.sol

@@ -0,0 +1,44 @@
+// SPDX-License-Identifier: GPL-3.0-only
+pragma solidity ^0.8.33;
+
+import {RemoteBase} from "./Base.sol";
+import {Cursors, Cur, Schemas} from "../Cursors.sol";
+
+string constant NAME = "remoteAssetPull";
+
+using Cursors for Cur;
+
+abstract contract AssetPullHook {
+    /// @notice Override to process one incoming amount-based asset pull request from a remote host.
+    /// @param remote Remote host node ID for this request.
+    /// @param asset Requested asset identifier.
+    /// @param meta Requested asset metadata slot.
+    /// @param amount Requested amount in the asset's native units.
+    function assetPull(uint remote, bytes32 asset, bytes32 meta, uint amount) internal virtual;
+}
+
+/// @title RemoteAssetPull
+/// @notice Remote that pulls requested asset amounts from a remote host into this one.
+/// Each AMOUNT block in the request calls `assetPull(remote, asset, meta, amount)`.
+/// Restricted to trusted remotes.
+abstract contract RemoteAssetPull is RemoteBase, AssetPullHook {
+    uint internal immutable remoteAssetPullId = remoteId(NAME);
+
+    constructor() {
+        emit Remote(host, remoteAssetPullId, NAME, Schemas.Amount, false);
+    }
+
+    /// @notice Execute the asset-pull remote call.
+    function remoteAssetPull(bytes calldata request) external onlyRemote returns (bytes memory) {
+        (Cur memory assets, , ) = cursor(request, 1);
+        uint remote = caller();
+
+        while (assets.i < assets.bound) {
+            (bytes32 asset, bytes32 meta, uint amount) = assets.unpackAmount();
+            assetPull(remote, asset, meta, amount);
+        }
+
+        assets.complete();
+        return "";
+    }
+}

package/remote/Base.sol

@@ -0,0 +1,40 @@
+// SPDX-License-Identifier: GPL-3.0-only
+pragma solidity ^0.8.33;
+
+import { NodeCalls } from "../core/Calls.sol";
+import { RemoteEvent } from "../events/Remote.sol";
+import { Ids, Selectors } from "../utils/Ids.sol";
+
+/// @notice ABI-encode a remote call from a target remote ID and request block stream.
+/// @dev Derives the function selector from `target` via `Ids.remoteSelector(target)`.
+/// Reverts if `target` is not a valid remote ID.
+/// @param target Destination remote node ID embedding the target selector.
+/// @param request Input block stream for the remote invocation.
+/// @return ABI-encoded calldata for the remote entry point.
+function encodeRemoteCall(uint target, bytes calldata request) pure returns (bytes memory) {
+    bytes4 selector = Ids.remoteSelector(target);
+    return abi.encodeWithSelector(selector, request);
+}
+
+/// @title RemoteBase
+/// @notice Abstract base for all rootzero remote contracts.
+/// Remotes handle inter-host operations and asset allow/deny management
+/// between cooperating hosts. Access is restricted to trusted callers via `onlyRemote`.
+abstract contract RemoteBase is NodeCalls, RemoteEvent {
+    /// @dev Thrown when the commander attempts to call a remote entrypoint directly.
+    error CommanderNotAllowed();
+
+    /// @dev Restrict execution to trusted callers, excluding the commander.
+    modifier onlyRemote() {
+        if (msg.sender == commander) revert CommanderNotAllowed();
+        enforceCaller(msg.sender);
+        _;
+    }
+
+    /// @notice Derive the deterministic node ID for a named remote on this contract.
+    /// @param name Remote function name (without argument list).
+    /// @return Remote node ID.
+    function remoteId(string memory name) internal view returns (uint) {
+        return Ids.toRemote(Selectors.remote(name), address(this));
+    }
+}

package/remote/DenyAssets.sol

@@ -0,0 +1,39 @@
+// SPDX-License-Identifier: GPL-3.0-only
+pragma solidity ^0.8.33;
+
+import {RemoteBase} from "./Base.sol";
+import {DenyAssetsHook} from "../commands/control/DenyAssets.sol";
+import {Cursors, Cur, Schemas} from "../Cursors.sol";
+
+using Cursors for Cur;
+
+string constant NAME = "remoteDenyAssets";
+
+/// @title RemoteDenyAssets
+/// @notice Remote that blocks a list of (asset, meta) pairs on behalf of a remote host.
+/// Each ASSET block in the request calls `denyAsset`. Restricted to trusted remotes.
+abstract contract RemoteDenyAssets is RemoteBase, DenyAssetsHook {
+    uint internal immutable remoteDenyAssetsId = remoteId(NAME);
+
+    constructor() {
+        emit Remote(host, remoteDenyAssetsId, NAME, Schemas.Asset, false);
+    }
+
+    /// @notice Execute the deny-assets remote call.
+    function remoteDenyAssets(bytes calldata request) external onlyRemote returns (bytes memory) {
+        (Cur memory assets, , ) = cursor(request, 1);
+
+        while (assets.i < assets.bound) {
+            (bytes32 asset, bytes32 meta) = assets.unpackAsset();
+            denyAsset(asset, meta);
+        }
+
+        assets.complete();
+        return "";
+    }
+}
+
+
+
+
+

package/remote/Settle.sol

@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: GPL-3.0-only
+pragma solidity ^0.8.33;
+
+import { RemoteBase } from "./Base.sol";
+import { TransferHook } from "../commands/Transfer.sol";
+import { Cursors, Cur, Schemas } from "../Cursors.sol";
+
+using Cursors for Cur;
+
+string constant NAME = "remoteSettle";
+
+/// @title RemoteSettle
+/// @notice Remote that consumes remote-supplied TRANSACTION blocks through the shared transfer hook.
+/// Each TRANSACTION block in the request calls `transfer(value)`. Restricted to trusted remotes.
+abstract contract RemoteSettle is RemoteBase, TransferHook {
+    uint internal immutable remoteSettleId = remoteId(NAME);
+
+    constructor() {
+        emit Remote(host, remoteSettleId, NAME, Schemas.Transaction, false);
+    }
+
+    /// @notice Execute the remote-settle call.
+    function remoteSettle(bytes calldata request) external onlyRemote returns (bytes memory) {
+        (Cur memory state, , ) = cursor(request, 1);
+
+        while (state.i < state.bound) {
+            transfer(state.unpackTxValue());
+        }
+
+        state.complete();
+        return "";
+    }
+}

package/utils/Accounts.sol

@@ -10,7 +10,6 @@ import {isFamily, toLocalBase, toUnspecifiedBase} from "./Utils.sol";
 /// Account IDs embed a 4-byte type tag in bits [255:224]:
 ///   - `Admin` — chain-local EVM address in bits [191:32]
 ///   - `User`  — chain-agnostic EVM address in bits [191:32]
-///   - `Keccak` — 28-byte keccak hash of an arbitrary key
 library Accounts {
     /// @dev Thrown when an account ID does not belong to the EVM family.
     error InvalidAccount();
@@ -31,12 +30,21 @@ library Accounts {
         return uint32(uint(account) >> 224);
     }
 
+    /// @notice Return true if `account` uses the Account category tag in the type field.
+    function isAccount(bytes32 account) internal pure returns (bool) {
+        return uint8(uint(account) >> 232) == Layout.Account;
+    }
+
     /// @notice Return true if `account` is an admin account.
     function isAdmin(bytes32 account) internal pure returns (bool) {
         return prefix(account) == Admin;
     }
 
-    /// @notice Return true if `account` is a keccak account.
+    /// @notice Return true if `account` is a user account.
+    function isUser(bytes32 account) internal pure returns (bool) {
+        return prefix(account) == User;
+    }
+
     function isKeccak(bytes32 account) internal pure returns (bool) {
         return prefix(account) == Keccak;
     }
@@ -55,19 +63,12 @@ library Accounts {
         return bytes32(toUnspecifiedBase(User) | (uint(uint160(addr)) << 32));
     }
 
-    /// @notice Encode arbitrary calldata as a keccak account ID.
-    /// The lower 28 bytes of the ID hold the lower 28 bytes of `keccak256(raw)`.
-    /// @param raw Arbitrary key bytes to hash.
-    /// @return Keccak account ID.
-    function toKeccak(bytes calldata raw) internal pure returns (bytes32) {
-        return bytes32(toUnspecifiedBase(Keccak) | uint224(uint256(keccak256(raw))));
+    function toKeccak(bytes32 head, bytes32 meta) internal pure returns (bytes32) {
+        return bytes32(toUnspecifiedBase(Keccak) | uint224(uint256(keccak256(bytes.concat(head, meta)))));
     }
 
-    /// @notice Return true if `account` is the keccak account ID of `raw`.
-    /// @param account Account ID to compare.
-    /// @param raw Raw key bytes to hash and compare against.
-    function matchesKeccak(bytes32 account, bytes calldata raw) internal pure returns (bool) {
-        return account == toKeccak(raw);
+    function matchesKeccak(bytes32 account, bytes32 head, bytes32 meta) internal pure returns (bool) {
+        return account == toKeccak(head, meta);
     }
 
     /// @notice Assert that `account` uses the Account layout tag and return it unchanged.

package/utils/Assets.sol

@@ -27,14 +27,71 @@ library Assets {
     /// @dev Full 4-byte type prefix for ERC-1155 assets.
     uint32 constant Erc1155 = (uint32(Layout.Evm64) << 16) | (uint32(Layout.Asset) << 8) | uint32(Layout.Erc1155);
 
+    /// @notice Return true if `asset` uses the Asset category tag in the type field.
+    function isAsset(bytes32 asset) internal pure returns (bool) {
+        return uint8(uint(asset) >> 232) == Layout.Asset;
+    }
+
     /// @notice Return true if `asset` uses the 32-byte asset layout with no metadata identity (top byte is `0x20`).
     function is32(bytes32 asset) internal pure returns (bool) {
-        return bytes1(asset) == 0x20;
+        return isAsset(asset) && bytes1(asset) == 0x20;
     }
 
     /// @notice Return true if `asset` uses the 64-byte asset layout with metadata-backed identity (top byte is `0x40`).
     function is64(bytes32 asset) internal pure returns (bool) {
-        return bytes1(asset) == 0x40;
+        return isAsset(asset) && bytes1(asset) == 0x40;
+    }
+
+    /// @notice Return true if `asset` is the local native value asset.
+    function isValue(bytes32 asset) internal view returns (bool) {
+        return asset == toValue();
+    }
+
+    /// @notice Return true if `asset` is a local ERC-20 asset.
+    function isErc20(bytes32 asset) internal view returns (bool) {
+        return matchesBase(asset, toLocalBase(Erc20));
+    }
+
+    /// @notice Return true if `asset` is a local ERC-721 asset.
+    function isErc721(bytes32 asset) internal view returns (bool) {
+        return matchesBase(asset, toLocalBase(Erc721));
+    }
+
+    /// @notice Return true if `asset` is a local ERC-1155 asset.
+    function isErc1155(bytes32 asset) internal view returns (bool) {
+        return matchesBase(asset, toLocalBase(Erc1155));
+    }
+
+    /// @notice Assert that `input` is the local native value asset and return it unchanged.
+    /// @param input Asset identifier to validate.
+    /// @return asset The same `input` if it is the local native value asset.
+    function value(bytes32 input) internal view returns (bytes32 asset) {
+        if (!isValue(input)) revert InvalidAsset();
+        return input;
+    }
+
+    /// @notice Assert that `input` is a local ERC-20 asset and return it unchanged.
+    /// @param input Asset identifier to validate.
+    /// @return asset The same `input` if it is a local ERC-20 asset.
+    function erc20(bytes32 input) internal view returns (bytes32 asset) {
+        if (!isErc20(input)) revert InvalidAsset();
+        return input;
+    }
+
+    /// @notice Assert that `input` is a local ERC-721 asset and return it unchanged.
+    /// @param input Asset identifier to validate.
+    /// @return asset The same `input` if it is a local ERC-721 asset.
+    function erc721(bytes32 input) internal view returns (bytes32 asset) {
+        if (!isErc721(input)) revert InvalidAsset();
+        return input;
+    }
+
+    /// @notice Assert that `input` is a local ERC-1155 asset and return it unchanged.
+    /// @param input Asset identifier to validate.
+    /// @return asset The same `input` if it is a local ERC-1155 asset.
+    function erc1155(bytes32 input) internal view returns (bytes32 asset) {
+        if (!isErc1155(input)) revert InvalidAsset();
+        return input;
     }
 
     /// @notice Create a chain-local native value asset ID.
@@ -64,52 +121,12 @@ library Assets {
         return bytes32(toLocalBase(Erc1155) | (uint(uint160(collection)) << 32));
     }
 
-    /// @notice Derive a storage key for an (asset, meta) pair.
-    /// For 32-byte EVM assets (no meta), the key is the asset ID itself.
-    /// For assets with metadata (e.g. ERC-721 or ERC-1155 token IDs), the key is
-    /// `keccak256(asset ++ meta)`.
-    /// Reverts only if `asset` is zero.
-    /// For 32-byte assets, `meta` is ignored and does not affect the derived key.
-    /// @param asset Asset identifier.
-    /// @param meta Asset metadata slot (e.g. token ID context).
-    /// @return Storage key for the (asset, meta) combination.
-    function key(bytes32 asset, bytes32 meta) internal pure returns (bytes32) {
-        if (asset == 0) revert InvalidAsset();
-        return bytes1(asset) == 0x20 ? asset : keccak256(bytes.concat(asset, meta));
-    }
-
-    /// @notice Return true when two local ERC-20 assets are already in canonical token-address order.
-    /// Useful for pair-style integrations that require a stable token ordering
-    /// regardless of the caller's input order.
-    /// Reverts if either asset is not a local ERC-20 asset.
-    /// @param a First ERC-20 asset identifier.
-    /// @param b Second ERC-20 asset identifier.
-    /// @return ordered Whether `a`'s token address is lower than `b`'s token address.
-    function isSortedErc20(bytes32 a, bytes32 b) internal view returns (bool ordered) {
-        return erc20Addr(a) < erc20Addr(b);
-    }
-
-    /// @notice Extract the token addresses for two local ERC-20 assets and report whether they are already ordered.
-    /// The returned addresses preserve the original input order.
-    /// Reverts if either asset is not a local ERC-20 asset.
-    /// @param a First ERC-20 asset identifier.
-    /// @param b Second ERC-20 asset identifier.
-    /// @return addrA Token address extracted from `a`.
-    /// @return addrB Token address extracted from `b`.
-    /// @return ordered Whether `addrA` is lower than `addrB`.
-    function erc20Addrs(bytes32 a, bytes32 b) internal view returns (address addrA, address addrB, bool ordered) {
-        addrA = erc20Addr(a);
-        addrB = erc20Addr(b);
-        ordered = addrA < addrB;
-    }
-
     /// @notice Extract the ERC-20 contract address from an asset ID.
     /// Reverts if `asset` is not a local ERC-20 asset.
     /// @param asset ERC-20 asset identifier.
     /// @return Token contract address embedded in bits [191:32].
     function erc20Addr(bytes32 asset) internal view returns (address) {
-        if (!matchesBase(asset, toLocalBase(Erc20))) revert InvalidAsset();
-        return address(uint160(uint(asset) >> 32));
+        return address(uint160(uint(erc20(asset)) >> 32));
     }
 
     /// @notice Assert that `asset` is a local ERC-20 for `token` and return it unchanged.
@@ -127,8 +144,7 @@ library Assets {
     /// @param asset ERC-721 asset identifier.
     /// @return Collection contract address embedded in bits [191:32].
     function erc721Collection(bytes32 asset) internal view returns (address) {
-        if (!matchesBase(asset, toLocalBase(Erc721))) revert InvalidAsset();
-        return address(uint160(uint(asset) >> 32));
+        return address(uint160(uint(erc721(asset)) >> 32));
     }
 
     /// @notice Assert that `asset` is a local ERC-721 for `collection` and return it unchanged.
@@ -146,8 +162,7 @@ library Assets {
     /// @param asset ERC-1155 asset identifier.
     /// @return Collection contract address embedded in bits [191:32].
     function erc1155Collection(bytes32 asset) internal view returns (address) {
-        if (!matchesBase(asset, toLocalBase(Erc1155))) revert InvalidAsset();
-        return address(uint160(uint(asset) >> 32));
+        return address(uint160(uint(erc1155(asset)) >> 32));
     }
 
     /// @notice Assert that `asset` is a local ERC-1155 for `collection` and return it unchanged.
@@ -159,6 +174,21 @@ library Assets {
         if (erc1155Collection(asset) != collection) revert InvalidAsset();
         return asset;
     }
+
+    /// @notice Derive a storage slot for an (asset, meta) pair.
+    /// For 32-byte EVM assets (no meta), the slot is the asset ID itself.
+    /// For assets with metadata (e.g. ERC-721 or ERC-1155 token IDs), the slot is
+    /// `keccak256(asset ++ meta)`.
+    /// Reverts only if `asset` is zero.
+    /// For 32-byte assets, `meta` is ignored and does not affect the derived slot.
+    /// @param asset Asset identifier.
+    /// @param meta Asset metadata slot (e.g. token ID context).
+    /// @return Storage slot for the (asset, meta) combination.
+    function slot(bytes32 asset, bytes32 meta) internal pure returns (bytes32) {
+        if (is32(asset)) return asset;
+        if (meta == 0 || !is64(asset)) revert InvalidAsset();
+        return keccak256(bytes.concat(asset, meta));
+    }
 }
 
 /// @title Amounts
@@ -191,16 +221,6 @@ library Amounts {
         return amount;
     }
 
-    /// @notice Assert non-zero amount and derive the storage key for the (asset, meta) pair.
-    /// @param asset Asset identifier.
-    /// @param meta Asset metadata slot.
-    /// @param amount Amount to validate (must be non-zero).
-    /// @return key_ Storage key from `Assets.key(asset, meta)`.
-    function ensureKey(bytes32 asset, bytes32 meta, uint amount) internal pure returns (bytes32 key_) {
-        ensure(amount);
-        return Assets.key(asset, meta);
-    }
-
     /// @notice Clamp `available` to `[min, max]`.
     /// Uses all of `available` if it does not exceed `max`; reverts if the result
     /// would fall below `min`.

package/utils/Ids.sol

@@ -8,9 +8,9 @@ import {isLocalFamily, matchesBase, toLocalBase} from "./Utils.sol";
 /// @notice Encoding and decoding helpers for 256-bit node identifiers.
 ///
 /// Node IDs share a common layout:
-///   - bits [255:224] — 4-byte type prefix (`Host`, `Command`, or `Peer`)
+///   - bits [255:224] — 4-byte type prefix (`Host`, `Command`, or `Remote`)
 ///   - bits [223:192] — current `block.chainid` (makes IDs chain-local)
-///   - bits [191:160] — 4-byte ABI selector (commands and peers only)
+///   - bits [191:160] — 4-byte ABI selector (commands and remotes only)
 ///   - bits [159:0]   — 160-bit EVM contract address
 library Ids {
     /// @dev Thrown when an ID does not match the expected node type or chain.
@@ -22,8 +22,8 @@ library Ids {
     uint32 constant Host = (uint32(Layout.Evm32) << 16) | (uint32(Layout.Node) << 8) | uint32(Layout.Host);
     /// @dev Full 4-byte type prefix for command nodes.
     uint32 constant Command = (uint32(Layout.Evm32) << 16) | (uint32(Layout.Node) << 8) | uint32(Layout.Command);
-    /// @dev Full 4-byte type prefix for peer nodes.
-    uint32 constant Peer = (uint32(Layout.Evm32) << 16) | (uint32(Layout.Node) << 8) | uint32(Layout.Peer);
+    /// @dev Full 4-byte type prefix for remote nodes.
+    uint32 constant Remote = (uint32(Layout.Evm32) << 16) | (uint32(Layout.Node) << 8) | uint32(Layout.Remote);
     /// @dev Full 4-byte type prefix for query nodes.
     uint32 constant Query = (uint32(Layout.Evm32) << 16) | (uint32(Layout.Node) << 8) | uint32(Layout.Query);
 
@@ -37,9 +37,9 @@ library Ids {
         return uint32(id >> 224) == Command;
     }
 
-    /// @notice Return true if `id` is a peer node ID.
-    function isPeer(uint id) internal pure returns (bool) {
-        return uint32(id >> 224) == Peer;
+    /// @notice Return true if `id` is a remote node ID.
+    function isRemote(uint id) internal pure returns (bool) {
+        return uint32(id >> 224) == Remote;
     }
 
     /// @notice Return true if `id` is a query node ID.
@@ -63,26 +63,26 @@ library Ids {
         return bytes4(uint32(id >> 160));
     }
 
-    /// @notice Assert that `id` is a peer ID and return it unchanged.
+    /// @notice Assert that `id` is a remote ID and return it unchanged.
     /// @param id Node ID to validate.
-    /// @return pid The same `id` value if it is a peer.
-    function peer(uint id) internal pure returns (uint pid) {
-        if (!isPeer(id)) revert InvalidId();
+    /// @return pid The same `id` value if it is a remote.
+    function remote(uint id) internal pure returns (uint pid) {
+        if (!isRemote(id)) revert InvalidId();
         return id;
     }
 
-    /// @notice Assert that `id` is a peer ID and return its embedded ABI selector.
+    /// @notice Assert that `id` is a remote ID and return its embedded ABI selector.
     /// @param id Node ID to validate.
-    /// @return selector 4-byte peer selector stored in bits [191:160].
-    function peerSelector(uint id) internal pure returns (bytes4 selector) {
-        if (!isPeer(id)) revert InvalidId();
+    /// @return selector 4-byte remote selector stored in bits [191:160].
+    function remoteSelector(uint id) internal pure returns (bytes4 selector) {
+        if (!isRemote(id)) revert InvalidId();
         return bytes4(uint32(id >> 160));
     }
 
     /// @notice Assert that `id` is a query ID and return it unchanged.
     /// @param id Node ID to validate.
-    /// @return qid The same `id` value if it is a query.
-    function query(uint id) internal pure returns (uint qid) {
+    /// @return queryId The same `id` value if it is a query.
+    function query(uint id) internal pure returns (uint queryId) {
         if (!isQuery(id)) revert InvalidId();
         return id;
     }
@@ -121,12 +121,12 @@ library Ids {
         return id;
     }
 
-    /// @notice Build a chain-local peer ID for the given selector and contract.
-    /// @param selector 4-byte ABI selector of the peer entry point.
-    /// @param target Peer contract address.
-    /// @return Peer node ID embedding both the selector and address.
-    function toPeer(bytes4 selector, address target) internal view returns (uint) {
-        uint id = toLocalBase(Peer) | uint(uint160(target));
+    /// @notice Build a chain-local remote ID for the given selector and contract.
+    /// @param selector 4-byte ABI selector of the remote entry point.
+    /// @param target Remote contract address.
+    /// @return Remote node ID embedding both the selector and address.
+    function toRemote(bytes4 selector, address target) internal view returns (uint) {
+        uint id = toLocalBase(Remote) | uint(uint160(target));
         id |= uint(uint32(selector)) << 160;
         return id;
     }
@@ -143,7 +143,7 @@ library Ids {
 
     /// @notice Extract the contract address from any local node ID.
     /// Reverts if `id` does not belong to the local node family.
-    /// @param id Node ID (host, command, or peer).
+    /// @param id Node ID (host, command, or remote).
     /// @return Contract address in the lower 160 bits of `id`.
     function nodeAddr(uint id) internal view returns (address) {
         if (!isLocalFamily(id, Node)) revert InvalidId();
@@ -161,12 +161,12 @@ library Ids {
 }
 
 /// @title Selectors
-/// @notice ABI-selector derivation helpers for command, peer, and query dispatch.
+/// @notice ABI-selector derivation helpers for command, remote, and query dispatch.
 library Selectors {
-    /// @dev ABI argument encoding for command entry points: `((uint256,bytes32,bytes,bytes))`.
-    string constant CommandArgs = "((uint256,bytes32,bytes,bytes))";
-    /// @dev ABI argument encoding for peer entry points: `(bytes)`.
-    string constant PeerArgs = "(bytes)";
+    /// @dev ABI argument encoding for command entry points: `((bytes32,bytes,bytes))`.
+    string constant CommandArgs = "((bytes32,bytes,bytes))";
+    /// @dev ABI argument encoding for remote entry points: `(bytes)`.
+    string constant RemoteArgs = "(bytes)";
     /// @dev ABI argument encoding for query entry points: `(bytes)`.
     string constant QueryArgs = "(bytes)";
 
@@ -178,12 +178,12 @@ library Selectors {
         return bytes4(keccak256(bytes.concat(bytes(name), bytes(CommandArgs))));
     }
 
-    /// @notice Derive the 4-byte ABI selector for a named peer.
-    /// The selector is `keccak256(name ++ PeerArgs)[0:4]`.
-    /// @param name Peer function name (without arguments).
+    /// @notice Derive the 4-byte ABI selector for a named remote.
+    /// The selector is `keccak256(name ++ RemoteArgs)[0:4]`.
+    /// @param name Remote function name (without arguments).
     /// @return 4-byte selector.
-    function peer(string memory name) internal pure returns (bytes4) {
-        return bytes4(keccak256(bytes.concat(bytes(name), bytes(PeerArgs))));
+    function remote(string memory name) internal pure returns (bytes4) {
+        return bytes4(keccak256(bytes.concat(bytes(name), bytes(RemoteArgs))));
     }
 
     /// @notice Derive the 4-byte ABI selector for a named query.

package/utils/Layout.sol

@@ -26,7 +26,7 @@ library Layout {
 
     /// @dev ID encodes an account.
     uint8 constant Account = 0x01;
-    /// @dev ID encodes a network node (host, command, or peer).
+    /// @dev ID encodes a network node (host, command, or remote).
     uint8 constant Node = 0x02;
     /// @dev ID encodes an asset.
     uint8 constant Asset = 0x03;
@@ -39,7 +39,7 @@ library Layout {
     uint8 constant Admin = 0x01;
     /// @dev User account — chain-agnostic, backed by an EVM address.
     uint8 constant User = 0x02;
-    /// @dev Keccak account — opaque 28-byte hash of an arbitrary key.
+    /// @dev Keccak account — opaque 28-byte keccak commitment.
     uint8 constant Keccak = 0x03;
 
     // -------------------------------------------------------------------------
@@ -50,8 +50,8 @@ library Layout {
     uint8 constant Host = 0x01;
     /// @dev Node is a command contract.
     uint8 constant Command = 0x02;
-    /// @dev Node is a peer contract.
-    uint8 constant Peer = 0x03;
+    /// @dev Node is a remote contract.
+    uint8 constant Remote = 0x03;
     /// @dev Node is a query contract.
     uint8 constant Query = 0x04;
 

package/utils/Utils.sol

@@ -92,6 +92,16 @@ function addrOr(address addr, address or) pure returns (address) {
     return addr == address(0) ? or : addr;
 }
 
+/// @notice Convert a signed integer to its 32-byte two's-complement representation.
+function intToBytes32(int value) pure returns (bytes32) {
+    return bytes32(uint(value));
+}
+
+/// @notice Convert a 32-byte two's-complement representation to a signed integer.
+function bytes32ToInt(bytes32 value) pure returns (int) {
+    return int(uint(value));
+}
+
 /// @notice Convert a null-terminated `bytes32` value to a Solidity string.
 /// Stops at the first zero byte and returns only the meaningful prefix.
 function bytes32ToString(bytes32 value) pure returns (string memory result) {