npm - @sanctuary-framework/mcp-server - Versions diffs - 0.10.6 → 1.0.0-rc.2 - Mend

@sanctuary-framework/mcp-server 0.10.6 → 1.0.0-rc.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/index.cjs CHANGED Viewed

@@ -20,6 +20,7 @@ var fs = require('fs');
 var index_js = require('@modelcontextprotocol/sdk/client/index.js');
 var stdio_js = require('@modelcontextprotocol/sdk/client/stdio.js');
 var sse_js = require('@modelcontextprotocol/sdk/client/sse.js');
+var url = require('url');
 var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
 var __defProp = Object.defineProperty;
@@ -816,7 +817,8 @@ var RESERVED_NAMESPACE_PREFIXES = [
   "_handshake",
   "_shr",
   "_sovereignty_profile",
-  "_context_gate_policies"
+  "_context_gate_policies",
+  "_fortress_mode"
 ];
 var StateStore = class _StateStore {
   storage;
@@ -1390,7 +1392,8 @@ var RESERVED_NAMESPACE_PREFIXES2 = [
   "_handshake",
   "_shr",
   "_sovereignty_profile",
-  "_context_gate_policies"
+  "_context_gate_policies",
+  "_fortress_mode"
 ];
 function getReservedNamespaceViolation(namespace) {
   for (const prefix of RESERVED_NAMESPACE_PREFIXES2) {
@@ -4143,8 +4146,12 @@ var DEFAULT_POLICY = {
     // Clears all runtime governance state — always requires approval
     "sanctuary_bootstrap",
     // Creates new Ed25519 identity + publishes — always requires approval
-    "sanctuary_export_identity_bundle"
+    "sanctuary_export_identity_bundle",
     // Exports portable identity — always requires approval
+    // WP-MVP-2 Operator Console: federation-node-join requires explicit
+    // operator confirmation per Key 8. No auto-approve path. The console's
+    // JoinApprover drives this gate via `MeshConsoleClient.makeJoinApprover`.
+    "federation_node_join"
   ],
   tier2_anomaly: DEFAULT_TIER2,
   tier3_always_allow: [
@@ -6403,6 +6410,28 @@ function generateDashboardHTML(options) {
         </div>
       </div>
+      <!--
+        Mesh Health panel (WP-MVP-3 Follow-up #3).
+        Subscribes to the existing /events SSE channel \u2014 no new transport.
+        Render shape: per-node row with presence + flags + rollup.
+        On open alert: list inline with operator-decision CTAs (rollback /
+        split-brain / canonical-audit promotion).
+        On post-recovery prompt: render rotation-prompt overlay with
+        broker-credential list + "rotate now" buttons (rotation flow itself
+        is the existing v0.10.x broker rotation surface).
+      -->
+      <div class="mesh-health-panel" id="mesh-health-panel">
+        <div class="panel-header">
+          <div class="panel-title">Mesh Health</div>
+          <span class="card-value" id="mesh-health-updated-at" style="font-size: 11px; color: var(--text-secondary);">\u2014</span>
+        </div>
+        <div id="mesh-health-rows" class="mesh-health-rows">
+          <div class="empty-state">Waiting for mesh health data\u2026</div>
+        </div>
+        <div id="mesh-health-alerts" class="mesh-health-alerts" style="margin-top: 12px;"></div>
+        <div id="mesh-post-recovery-prompt" class="mesh-post-recovery-prompt" style="margin-top: 12px; display: none;"></div>
+      </div>
       <!-- Sovereignty Profile Panel -->
       <div class="profile-panel" id="sovereignty-profile-panel">
         <div class="panel-header">
@@ -7112,12 +7141,96 @@ function generateDashboardHTML(options) {
         loadProxyServers();
       });
+      // \u2500\u2500 Mesh Health (WP-MVP-3 Follow-up #3) \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
+      // The federation FailureModeDetector pushes per-tick snapshots and
+      // per-detection alerts via the existing /events channel. Renders are
+      // best-effort \u2014 if the panel DOM is absent (older HTML cache), we
+      // silently skip rather than crashing.
+      eventSource.addEventListener('mesh-health', (e) => {
+        try {
+          const snap = JSON.parse(e.data);
+          renderMeshHealth(snap);
+        } catch (err) { console.error('mesh-health render failed', err); }
+      });
+      eventSource.addEventListener('mesh-failure-mode-alert', (e) => {
+        try {
+          const alert = JSON.parse(e.data);
+          appendMeshAlert(alert);
+        } catch (err) { console.error('mesh alert render failed', err); }
+      });
+      eventSource.addEventListener('mesh-post-recovery-prompt', (e) => {
+        try {
+          const prompt = JSON.parse(e.data);
+          renderMeshPostRecoveryPrompt(prompt);
+        } catch (err) { console.error('mesh post-recovery render failed', err); }
+      });
       eventSource.onerror = () => {
         console.error('SSE error');
         setTimeout(setupSSE, 5000);
       };
     }
+    // \u2500\u2500 Mesh Health rendering (WP-MVP-3 Follow-up #3) \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
+    function renderMeshHealth(snap) {
+      const updatedAt = document.getElementById('mesh-health-updated-at');
+      const rows = document.getElementById('mesh-health-rows');
+      if (!rows || !snap) return;
+      if (updatedAt) updatedAt.textContent = formatTime(snap.generated_at);
+      const nodes = Array.isArray(snap.nodes) ? snap.nodes : [];
+      if (nodes.length === 0) {
+        rows.innerHTML = '<div class="empty-state">No mesh nodes seen yet.</div>';
+        return;
+      }
+      rows.innerHTML = nodes.map((n) => {
+        const flags = (n.flags || []).map((f) => '<span class="mesh-flag">' + esc(f) + '</span>').join(' ');
+        return '<div class="mesh-row" data-rollup="' + esc(n.rollup) + '">' +
+          '<span class="mesh-node-id">' + esc(n.node_id) + '</span>' +
+          '<span class="mesh-presence">' + esc(n.presence) + '</span>' +
+          '<span class="mesh-rollup">' + esc(n.rollup) + '</span>' +
+          '<span class="mesh-flags">' + flags + '</span>' +
+        '</div>';
+      }).join('');
+      const alertsBox = document.getElementById('mesh-health-alerts');
+      if (alertsBox && Array.isArray(snap.open_alerts)) {
+        alertsBox.innerHTML = snap.open_alerts.map((a) =>
+          '<div class="mesh-alert" data-mode="' + esc(a.mode) + '">' +
+          '<div class="mesh-alert-mode">' + esc(a.mode) + ' \u2014 ' + esc(a.target_node) + '</div>' +
+          '<div class="mesh-alert-message">' + esc(a.message) + '</div>' +
+          '</div>'
+        ).join('');
+      }
+    }
+    function appendMeshAlert(alert) {
+      const alertsBox = document.getElementById('mesh-health-alerts');
+      if (!alertsBox || !alert) return;
+      const html = '<div class="mesh-alert" data-mode="' + esc(alert.mode) + '">' +
+        '<div class="mesh-alert-mode">' + esc(alert.mode) + ' \u2014 ' + esc(alert.target_node) + '</div>' +
+        '<div class="mesh-alert-message">' + esc(alert.message) + '</div>' +
+        '</div>';
+      alertsBox.insertAdjacentHTML('afterbegin', html);
+    }
+    function renderMeshPostRecoveryPrompt(prompt) {
+      const box = document.getElementById('mesh-post-recovery-prompt');
+      if (!box || !prompt) return;
+      box.style.display = 'block';
+      const creds = Array.isArray(prompt.credentials) ? prompt.credentials : [];
+      box.innerHTML = '<div class="mesh-rotation-banner">' +
+        '<strong>Post-rotation hygiene:</strong> we just rotated your fortress root key. ' +
+        'Rotate externally-scoped broker credentials that third parties may still associate with ' +
+        'the pre-rotation key material.' +
+        '</div>' +
+        '<ul class="mesh-rotation-list">' +
+        creds.map((c) => '<li>' +
+          '<span class="mesh-cred-name">' + esc(c.secret_name) + '</span>' +
+          '<button class="mesh-cred-rotate" data-secret="' + esc(c.secret_name) + '">' +
+          'rotate now</button>' +
+          '</li>').join('') +
+        '</ul>';
+    }
     // Activity Feed
     function addActivityItem(item) {
       activityLog.unshift(item);
@@ -8821,7 +8934,7 @@ var DashboardApprovalChannel = class {
       server = http.createServer(handler);
     }
     this.httpServer = server;
-    return new Promise((resolve, reject) => {
+    return new Promise((resolve2, reject) => {
       const protocol = this.useTLS ? "https" : "http";
       const baseUrl = `${protocol}://${this.config.host}:${this.config.port}`;
       server.listen(this.config.port, this.config.host, () => {
@@ -8846,7 +8959,7 @@ var DashboardApprovalChannel = class {
         if (shouldAutoOpen) {
           this.openInBrowser(sessionUrl);
         }
-        resolve();
+        resolve2();
       });
       server.on("error", (err) => {
         if (err.code === "EADDRINUSE") {
@@ -8892,8 +9005,8 @@ var DashboardApprovalChannel = class {
     }
     this.rateLimits.clear();
     if (this.httpServer) {
-      return new Promise((resolve) => {
-        this.httpServer.close(() => resolve());
+      return new Promise((resolve2) => {
+        this.httpServer.close(() => resolve2());
       });
     }
   }
@@ -8907,7 +9020,7 @@ var DashboardApprovalChannel = class {
       `[Sanctuary] Approval required: ${request.operation} (Tier ${request.tier}) \u2014 open dashboard to respond
 `
     );
-    return new Promise((resolve) => {
+    return new Promise((resolve2) => {
       const timer = setTimeout(() => {
         this.pending.delete(id);
         const response = {
@@ -8921,12 +9034,12 @@ var DashboardApprovalChannel = class {
           decision: response.decision,
           decided_by: "timeout"
         });
-        resolve(response);
+        resolve2(response);
       }, this.config.timeout_seconds * 1e3);
       const pending = {
         id,
         request,
-        resolve,
+        resolve: resolve2,
         timer,
         created_at: (/* @__PURE__ */ new Date()).toISOString()
       };
@@ -9678,6 +9791,27 @@ data: ${JSON.stringify(data)}
   broadcastProtectionStatus(data) {
     this.broadcastSSE("protection-status", data);
   }
+  // ── Mesh-health surface (WP-MVP-3 Follow-up #3) ─────────────────────
+  //
+  // The federation FailureModeDetector pushes per-tick health snapshots and
+  // per-detection alerts here; the existing /events SSE channel transports
+  // them to the browser. No new transport.
+  //
+  // Spec §8 + §9. Spawn-prompt acceptance criterion 7: "Mesh Health dashboard
+  // panel renders via existing SSE /events channel — no new transport. Every
+  // state transition produces an observable SSE event."
+  /** Push a Mesh Health snapshot (full re-render trigger on the client). */
+  broadcastMeshHealth(snapshot) {
+    this.broadcastSSE("mesh-health", snapshot);
+  }
+  /** Push a single failure-mode alert (incremental client update). */
+  broadcastMeshFailureModeAlert(alert) {
+    this.broadcastSSE("mesh-failure-mode-alert", alert);
+  }
+  /** Push a post-recovery prompt update (master rotation hygiene flow). */
+  broadcastMeshPostRecoveryPrompt(prompt) {
+    this.broadcastSSE("mesh-post-recovery-prompt", prompt);
+  }
   /**
    * Open a URL in the system's default browser.
    * Cross-platform: macOS (open), Linux (xdg-open), Windows (start).
@@ -9751,7 +9885,7 @@ var WebhookApprovalChannel = class {
    * Start the callback listener server.
    */
   async start() {
-    return new Promise((resolve, reject) => {
+    return new Promise((resolve2, reject) => {
       this.callbackServer = http.createServer(
         (req, res) => this.handleCallback(req, res)
       );
@@ -9766,7 +9900,7 @@ var WebhookApprovalChannel = class {
 `
           );
-          resolve();
+          resolve2();
         }
       );
       this.callbackServer.on("error", reject);
@@ -9786,8 +9920,8 @@ var WebhookApprovalChannel = class {
     }
     this.pending.clear();
     if (this.callbackServer) {
-      return new Promise((resolve) => {
-        this.callbackServer.close(() => resolve());
+      return new Promise((resolve2) => {
+        this.callbackServer.close(() => resolve2());
       });
     }
   }
@@ -9800,7 +9934,7 @@ var WebhookApprovalChannel = class {
       `[Sanctuary] Webhook approval sent: ${request.operation} (Tier ${request.tier}) \u2014 awaiting callback
 `
     );
-    return new Promise((resolve) => {
+    return new Promise((resolve2) => {
       const timer = setTimeout(() => {
         this.pending.delete(id);
         const response = {
@@ -9809,12 +9943,12 @@ var WebhookApprovalChannel = class {
           decided_at: (/* @__PURE__ */ new Date()).toISOString(),
           decided_by: "timeout"
         };
-        resolve(response);
+        resolve2(response);
       }, this.config.timeout_seconds * 1e3);
       const pending = {
         id,
         request,
-        resolve,
+        resolve: resolve2,
         timer,
         created_at: (/* @__PURE__ */ new Date()).toISOString()
       };
@@ -13008,7 +13142,7 @@ function createBridgeCommitment(outcome, identity, identityEncryptionKey, includ
   const now = (/* @__PURE__ */ new Date()).toISOString();
   const canonicalBytes = canonicalize(outcome);
   const canonicalString = new TextDecoder().decode(canonicalBytes);
-  const sha2565 = createCommitment(canonicalString);
+  const sha2568 = createCommitment(canonicalString);
   let pedersenData;
   if (includePedersen && Number.isInteger(outcome.rounds) && outcome.rounds >= 0) {
     const pedersen = createPedersenCommitment(outcome.rounds);
@@ -13020,7 +13154,7 @@ function createBridgeCommitment(outcome, identity, identityEncryptionKey, includ
   const commitmentPayload = {
     bridge_commitment_id: commitmentId,
     session_id: outcome.session_id,
-    sha256_commitment: sha2565.commitment,
+    sha256_commitment: sha2568.commitment,
     terms_hash: outcome.terms_hash,
     committer_did: identity.did,
     committed_at: now,
@@ -13031,8 +13165,8 @@ function createBridgeCommitment(outcome, identity, identityEncryptionKey, includ
   return {
     bridge_commitment_id: commitmentId,
     session_id: outcome.session_id,
-    sha256_commitment: sha2565.commitment,
-    blinding_factor: sha2565.blinding_factor,
+    sha256_commitment: sha2568.commitment,
+    blinding_factor: sha2568.blinding_factor,
     committer_did: identity.did,
     signature: toBase64url(signature),
     pedersen_commitment: pedersenData,
@@ -17199,13 +17333,13 @@ var ProxyRouter = class {
    * Call an upstream tool with a timeout.
    */
   async callWithTimeout(serverName, toolName, args, timeoutMs) {
-    return new Promise((resolve, reject) => {
+    return new Promise((resolve2, reject) => {
       const timer = setTimeout(() => {
         reject(new Error(`Upstream tool call timed out after ${timeoutMs}ms`));
       }, timeoutMs);
       this.clientManager.callTool(serverName, toolName, args).then((result) => {
         clearTimeout(timer);
-        resolve(result);
+        resolve2(result);
       }).catch((err) => {
         clearTimeout(timer);
         reject(err);
@@ -21556,8 +21690,15 @@ function l3Card(l3) {
      <div><dt>Proofs today</dt><dd>${escHtml(l3.proofs_today)}</dd></div>`
   );
 }
+var VERASCORE_CLAIM_URL = "https://www.verascore.ai";
 function l4Card(l4) {
-  const score = l4.score != null ? `<div class="score-block"><span class="score-value">${escHtml(l4.score)}</span><span class="score-label">Verascore</span></div>` : `<div class="claim-block">${escHtml(l4.claim_cta ?? "Claim your profile at verascore.ai")}</div>`;
+  let score;
+  if (l4.score != null) {
+    score = `<div class="score-block"><span class="score-value">${escHtml(l4.score)}</span><span class="score-label">Verascore</span></div>`;
+  } else {
+    const claimText = l4.claim_cta ?? "Claim your profile at verascore.ai";
+    score = `<div class="claim-block"><a class="claim-link" href="${VERASCORE_CLAIM_URL}" target="_blank" rel="noopener noreferrer">${escHtml(claimText)}</a></div>`;
+  }
   return layerCard(
     l4,
     `<div class="layer-cta">${score}</div>${l4EvidenceBlock(l4)}`
@@ -22220,6 +22361,1129 @@ details.audit-details .audit-filters { display: flex; gap: 6px; padding: 0 18px
 </html>`;
 }
+// src/policy-engine/constants.ts
+var COMPILED_POLICY_SCHEMA_VERSION = "0.1";
+var POLICY_UPDATE_EVENT_TYPE = "policy_update";
+var POLICY_SLOTS = [
+  "memory",
+  "credentials",
+  "plans",
+  "outputs"
+];
+function isPolicySlot(value) {
+  return typeof value === "string" && POLICY_SLOTS.includes(value);
+}
+var CHANNEL_TEMPLATE_IDS = [
+  "read-outputs-only",
+  "bidirectional-sync",
+  "credential-share-scoped",
+  "plan-inspect-read-only",
+  "escrow-handoff"
+];
+var BUDGET_UNITS = ["tokens", "usd"];
+// src/templates/registry.ts
+var TEMPLATE_NAMES = [
+  "research-assistant",
+  "coding-assistant",
+  "ops-runner",
+  "planner",
+  "handoff-coordinator"
+];
+function isTemplateName(value) {
+  return typeof value === "string" && TEMPLATE_NAMES.includes(value);
+}
+var TemplateValidationError = class extends Error {
+  constructor(templateName, message) {
+    super(`template "${templateName}": ${message}`);
+    this.name = "TemplateValidationError";
+  }
+};
+function validateMetadata(name, data) {
+  if (typeof data !== "object" || data === null) {
+    throw new TemplateValidationError(name, "template.json must be an object");
+  }
+  const d = data;
+  if (typeof d.name !== "string" || d.name !== name) {
+    throw new TemplateValidationError(name, `template.json name must be "${name}"`);
+  }
+  if (typeof d.version !== "string" || !/^\d+\.\d+\.\d+$/.test(d.version)) {
+    throw new TemplateValidationError(name, "template.json version must be semver");
+  }
+  if (typeof d.channel !== "string" || !CHANNEL_TEMPLATE_IDS.includes(d.channel)) {
+    throw new TemplateValidationError(
+      name,
+      `template.json channel must be one of: ${CHANNEL_TEMPLATE_IDS.join(", ")}`
+    );
+  }
+  if (typeof d.tier !== "string" || !["A", "B", "C"].includes(d.tier)) {
+    throw new TemplateValidationError(name, "template.json tier must be A, B, or C");
+  }
+  if (typeof d.target_archetype !== "string" || d.target_archetype.length === 0) {
+    throw new TemplateValidationError(name, "template.json target_archetype must be a non-empty string");
+  }
+  if (typeof d.description !== "string" || d.description.length === 0) {
+    throw new TemplateValidationError(name, "template.json description must be a non-empty string");
+  }
+}
+function validateDefaults(name, data) {
+  if (typeof data !== "object" || data === null) {
+    throw new TemplateValidationError(name, "defaults.json must be an object");
+  }
+  const d = data;
+  if (!Array.isArray(d.egress)) {
+    throw new TemplateValidationError(name, "defaults.json egress must be an array");
+  }
+  for (const entry of d.egress) {
+    if (typeof entry !== "object" || entry === null) {
+      throw new TemplateValidationError(name, "defaults.json egress entry must be an object");
+    }
+    const e = entry;
+    if (typeof e.destination !== "string" || e.destination.length === 0) {
+      throw new TemplateValidationError(name, "egress entry destination must be a non-empty string");
+    }
+    if (!Array.isArray(e.methods)) {
+      throw new TemplateValidationError(name, "egress entry methods must be an array");
+    }
+  }
+  if (typeof d.budgets !== "object" || d.budgets === null) {
+    throw new TemplateValidationError(name, "defaults.json budgets must be an object");
+  }
+  if (typeof d.retention !== "object" || d.retention === null) {
+    throw new TemplateValidationError(name, "defaults.json retention must be an object");
+  }
+  const ret = d.retention;
+  if (typeof ret.windows !== "object" || ret.windows === null) {
+    throw new TemplateValidationError(name, "defaults.json retention.windows must be an object");
+  }
+}
+function validateCommitments(name, data) {
+  if (typeof data !== "object" || data === null) {
+    throw new TemplateValidationError(name, "commitments.json must be an object");
+  }
+  const d = data;
+  if (!Array.isArray(d.shapes)) {
+    throw new TemplateValidationError(name, "commitments.json shapes must be an array");
+  }
+  for (const shape of d.shapes) {
+    if (typeof shape !== "object" || shape === null) {
+      throw new TemplateValidationError(name, "commitment shape must be an object");
+    }
+    const s = shape;
+    if (typeof s.commitment_class !== "string" || s.commitment_class.length === 0) {
+      throw new TemplateValidationError(name, "commitment shape commitment_class must be a non-empty string");
+    }
+    if (typeof s.example_deliverable !== "string") {
+      throw new TemplateValidationError(name, "commitment shape example_deliverable must be a string");
+    }
+    if (typeof s.example_deadline_or_terminal !== "string") {
+      throw new TemplateValidationError(name, "commitment shape example_deadline_or_terminal must be a string");
+    }
+  }
+}
+function lintOnboarding(_name, content) {
+  const violations = [];
+  if (content.includes("\u2014")) {
+    violations.push("onboarding.md contains em-dashes (U+2014). Replace with commas, semicolons, colons, or parentheses.");
+  }
+  if (content.includes("\u2013")) {
+    violations.push("onboarding.md contains en-dashes (U+2013). Replace with hyphens or other punctuation.");
+  }
+  return { clean: violations.length === 0, violations };
+}
+function resolveTemplatesDir() {
+  const thisFile = url.fileURLToPath((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)));
+  const thisDir = path.dirname(thisFile);
+  if (thisDir.includes("/dist/")) {
+    return thisDir.replace("/dist/templates", "/src/templates");
+  }
+  return thisDir;
+}
+function loadTemplateBundle(name, templatesDir) {
+  const dir = path.join(templatesDir, name);
+  if (!fs.existsSync(dir) || !fs.statSync(dir).isDirectory()) {
+    throw new TemplateValidationError(name, `template directory not found: ${dir}`);
+  }
+  const metadataRaw = JSON.parse(fs.readFileSync(path.join(dir, "template.json"), "utf-8"));
+  validateMetadata(name, metadataRaw);
+  const policyEnglish = fs.readFileSync(path.join(dir, "policy.md"), "utf-8").trim();
+  if (policyEnglish.length === 0) {
+    throw new TemplateValidationError(name, "policy.md must not be empty");
+  }
+  const defaultsRaw = JSON.parse(fs.readFileSync(path.join(dir, "defaults.json"), "utf-8"));
+  validateDefaults(name, defaultsRaw);
+  const commitmentsRaw = JSON.parse(fs.readFileSync(path.join(dir, "commitments.json"), "utf-8"));
+  validateCommitments(name, commitmentsRaw);
+  const onboarding = fs.readFileSync(path.join(dir, "onboarding.md"), "utf-8").trim();
+  if (onboarding.length === 0) {
+    throw new TemplateValidationError(name, "onboarding.md must not be empty");
+  }
+  const lint = lintOnboarding(name, onboarding);
+  if (!lint.clean) {
+    throw new TemplateValidationError(name, lint.violations.join("; "));
+  }
+  return {
+    metadata: metadataRaw,
+    policy_english: policyEnglish,
+    defaults: defaultsRaw,
+    commitments: commitmentsRaw,
+    onboarding
+  };
+}
+var _cache = null;
+function ensureLoaded() {
+  if (_cache) return _cache;
+  _cache = /* @__PURE__ */ new Map();
+  const dir = resolveTemplatesDir();
+  for (const name of TEMPLATE_NAMES) {
+    _cache.set(name, loadTemplateBundle(name, dir));
+  }
+  return _cache;
+}
+function listTemplates() {
+  const cache = ensureLoaded();
+  return TEMPLATE_NAMES.map((name) => {
+    const bundle = cache.get(name);
+    return {
+      metadata: bundle.metadata,
+      onboarding: bundle.onboarding
+    };
+  });
+}
+function getTemplate2(name) {
+  if (!isTemplateName(name)) return null;
+  const cache = ensureLoaded();
+  return cache.get(name) ?? null;
+}
+function getTemplateEntry(name) {
+  const bundle = getTemplate2(name);
+  if (!bundle) return null;
+  return { metadata: bundle.metadata, onboarding: bundle.onboarding };
+}
+// src/policy-engine/null-policy.ts
+function buildNullPolicy(params) {
+  const denyRule = (slot) => ({
+    slot,
+    mode: "deny",
+    grants: []
+  });
+  return {
+    schema_version: "0.1",
+    agent_id: params.agent_id,
+    fortress_id: params.fortress_id,
+    policy_version: 0,
+    slots: {
+      memory: denyRule("memory"),
+      credentials: denyRule("credentials"),
+      plans: denyRule("plans"),
+      outputs: denyRule("outputs")
+    },
+    capabilities: {
+      concordia_commitment_classes: [],
+      honeypot_skill_ids: [],
+      is_sentinel: false
+    },
+    auto_trigger_ladder: {
+      honeypot_auto_freeze: true,
+      threshold_rule_action: "operator_approved",
+      ml_anomaly_action: "operator_approved"
+    },
+    source_english: "(null policy \u2014 no operator authoring yet; hermetic default denies all four slots)",
+    compiled_at: "1970-01-01T00:00:00.000Z"
+  };
+}
+// src/policy-engine/channel-templates.ts
+function basePolicy(params) {
+  if (params.merge_into) {
+    const p2 = {
+      ...params.merge_into,
+      policy_version: params.policy_version,
+      compiled_at: (/* @__PURE__ */ new Date()).toISOString(),
+      slots: {
+        memory: cloneRule(params.merge_into.slots.memory),
+        credentials: cloneRule(params.merge_into.slots.credentials),
+        plans: cloneRule(params.merge_into.slots.plans),
+        outputs: cloneRule(params.merge_into.slots.outputs)
+      },
+      capabilities: {
+        ...params.merge_into.capabilities,
+        concordia_commitment_classes: [
+          ...params.merge_into.capabilities.concordia_commitment_classes
+        ],
+        honeypot_skill_ids: [...params.merge_into.capabilities.honeypot_skill_ids]
+      },
+      auto_trigger_ladder: { ...params.merge_into.auto_trigger_ladder }
+    };
+    if (params.parent_version !== void 0) p2.parent_version = params.parent_version;
+    else delete p2.parent_version;
+    return p2;
+  }
+  const p = buildNullPolicy({
+    agent_id: params.agent_id,
+    fortress_id: params.fortress_id
+  });
+  p.policy_version = params.policy_version;
+  p.compiled_at = (/* @__PURE__ */ new Date()).toISOString();
+  if (params.parent_version !== void 0) p.parent_version = params.parent_version;
+  return p;
+}
+function cloneRule(r) {
+  return {
+    slot: r.slot,
+    mode: r.mode,
+    grants: r.grants.map((g) => ({ ...g, scope: g.scope ? { ...g.scope } : void 0 }))
+  };
+}
+function grantOn(policy, slot, grant) {
+  const rule = policy.slots[slot];
+  rule.mode = "grant";
+  const dup = rule.grants.find(
+    (g) => g.counterparty === grant.counterparty && g.action === grant.action
+  );
+  if (dup) {
+    if (grant.scope) {
+      dup.scope = { ...dup.scope ?? {}, ...grant.scope };
+    }
+    return;
+  }
+  rule.grants.push(grant);
+  rule.grants.sort((a, b) => {
+    if (a.counterparty === b.counterparty) return a.action.localeCompare(b.action);
+    return a.counterparty.localeCompare(b.counterparty);
+  });
+}
+var readOutputsOnly = (params) => {
+  const p = basePolicy(params);
+  p.source_english = `${params.counterparty} may read ${params.agent_id}'s outputs \u2014 read-only, no other access.`;
+  grantOn(p, "outputs", {
+    counterparty: params.counterparty,
+    action: "read",
+    ...params.scope ? { scope: { ...params.scope } } : {}
+  });
+  return p;
+};
+var bidirectionalSync = (params) => {
+  const p = basePolicy(params);
+  p.source_english = `Bidirectional sync between ${params.agent_id} and ${params.counterparty} on memory + outputs.`;
+  for (const slot of ["memory", "outputs"]) {
+    for (const action of ["read", "subscribe"]) {
+      grantOn(p, slot, {
+        counterparty: params.counterparty,
+        action,
+        ...params.scope ? { scope: { ...params.scope } } : {}
+      });
+    }
+  }
+  return p;
+};
+var credentialShareScoped = (params) => {
+  const p = basePolicy(params);
+  const credentialId = (params.scope && typeof params.scope.credential_id === "string" ? params.scope.credential_id : void 0) ?? "(unspecified)";
+  p.source_english = `${params.agent_id} may share credential "${credentialId}" with ${params.counterparty}; no other credential access.`;
+  grantOn(p, "credentials", {
+    counterparty: params.counterparty,
+    action: "share",
+    scope: {
+      credential_id: credentialId,
+      ...params.scope ?? {}
+    }
+  });
+  return p;
+};
+var planInspectReadOnly = (params) => {
+  const p = basePolicy(params);
+  p.source_english = `${params.counterparty} may read-only inspect ${params.agent_id}'s plans.`;
+  grantOn(p, "plans", {
+    counterparty: params.counterparty,
+    action: "read",
+    ...params.scope ? { scope: { ...params.scope } } : {}
+  });
+  return p;
+};
+var escrowHandoff = (params) => {
+  const p = basePolicy(params);
+  p.source_english = `${params.agent_id} may escrow-handoff outputs and plan-read to ${params.counterparty}. Commitment class: intra-mesh-escrow.`;
+  grantOn(p, "plans", {
+    counterparty: params.counterparty,
+    action: "read",
+    ...params.scope ? { scope: { ...params.scope } } : {}
+  });
+  for (const action of ["read", "subscribe"]) {
+    grantOn(p, "outputs", {
+      counterparty: params.counterparty,
+      action,
+      ...params.scope ? { scope: { ...params.scope } } : {}
+    });
+  }
+  const cls = "intra-mesh-escrow";
+  if (!p.capabilities.concordia_commitment_classes.includes(cls)) {
+    p.capabilities.concordia_commitment_classes.push(cls);
+    p.capabilities.concordia_commitment_classes.sort();
+  }
+  return p;
+};
+var REGISTRY = {
+  "read-outputs-only": {
+    id: "read-outputs-only",
+    label: "Read outputs only",
+    description: "Counterparty may read this agent's outputs. No memory, credentials, or plans access.",
+    factory: readOutputsOnly
+  },
+  "bidirectional-sync": {
+    id: "bidirectional-sync",
+    label: "Bidirectional memory + output sync",
+    description: "Both agents may read and subscribe to each other's memory and outputs. Credentials and plans remain hermetic.",
+    factory: bidirectionalSync
+  },
+  "credential-share-scoped": {
+    id: "credential-share-scoped",
+    label: "Scoped credential share",
+    description: "Share one specific credential with counterparty. Requires scope.credential_id. No broad credential access.",
+    factory: credentialShareScoped
+  },
+  "plan-inspect-read-only": {
+    id: "plan-inspect-read-only",
+    label: "Plan inspect (read-only)",
+    description: "Counterparty may read-only inspect this agent's plans. Intended for supervisor / sentinel patterns.",
+    factory: planInspectReadOnly
+  },
+  "escrow-handoff": {
+    id: "escrow-handoff",
+    label: "Escrow handoff",
+    description: "Escrow-style handoff. Counterparty reads plan, reads + subscribes to outputs, and the intra-mesh-escrow commitment class is declared. Memory and credentials remain hermetic.",
+    factory: escrowHandoff
+  }
+};
+function applyChannelTemplate(id, params) {
+  const entry = REGISTRY[id];
+  if (!entry) {
+    throw new Error(`unknown channel template: ${id}`);
+  }
+  return entry.factory(params);
+}
+// src/mesh/errors.ts
+var MeshError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "MeshError";
+  }
+};
+var MeshEnvelopeError = class extends MeshError {
+  constructor(message) {
+    super(message);
+    this.name = "MeshEnvelopeError";
+  }
+};
+var MeshReservedExtensionKeyError = class extends MeshEnvelopeError {
+  constructor(key) {
+    super(
+      `v0.1 emitters MUST NOT populate reserved extension_envelope key: ${key}`
+    );
+    this.name = "MeshReservedExtensionKeyError";
+  }
+};
+var MeshReservedEventTypeError = class extends MeshEnvelopeError {
+  constructor(eventType) {
+    super(
+      `v0.1 emitters MUST NOT emit reserved-namespace event_type: ${eventType}`
+    );
+    this.name = "MeshReservedEventTypeError";
+  }
+};
+// src/mesh/canonical-json.ts
+var MeshCanonicalJsonError = class extends MeshError {
+  constructor(message) {
+    super(message);
+    this.name = "MeshCanonicalJsonError";
+  }
+};
+function canonicalize2(value) {
+  if (value === void 0) {
+    throw new MeshCanonicalJsonError(
+      "canonicalize(): top-level undefined is not serializable"
+    );
+  }
+  return encode(value);
+}
+function encode(value) {
+  if (value === null) return "null";
+  if (typeof value === "boolean") return value ? "true" : "false";
+  if (typeof value === "number") {
+    if (!Number.isFinite(value)) {
+      throw new MeshCanonicalJsonError(
+        `canonicalize(): non-finite number (${String(value)}) is not serializable`
+      );
+    }
+    return JSON.stringify(value);
+  }
+  if (typeof value === "string") return JSON.stringify(value);
+  if (Array.isArray(value)) return encodeArray(value);
+  if (typeof value === "object") return encodeObject(value);
+  throw new MeshCanonicalJsonError(
+    `canonicalize(): unsupported type ${typeof value}`
+  );
+}
+function encodeArray(arr) {
+  const parts = [];
+  for (const item of arr) {
+    parts.push(item === void 0 ? "null" : encode(item));
+  }
+  return "[" + parts.join(",") + "]";
+}
+function encodeObject(obj) {
+  const keys = Object.keys(obj).filter((k) => obj[k] !== void 0).sort();
+  const parts = [];
+  for (const k of keys) {
+    parts.push(JSON.stringify(k) + ":" + encode(obj[k]));
+  }
+  return "{" + parts.join(",") + "}";
+}
+function canonicalizeToBytes(value) {
+  return new TextEncoder().encode(canonicalize2(value));
+}
+// src/policy-engine/canonical-policy.ts
+init_encoding();
+// src/policy-engine/errors.ts
+var PolicyEngineError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "PolicyEngineError";
+  }
+};
+var CompiledPolicyShapeError = class extends PolicyEngineError {
+  constructor(message) {
+    super(message);
+    this.name = "CompiledPolicyShapeError";
+  }
+};
+// src/policy-engine/canonical-policy.ts
+function checkSlotGrant(value, path) {
+  if (typeof value !== "object" || value === null) {
+    throw new CompiledPolicyShapeError(`${path}: grant must be an object`);
+  }
+  const g = value;
+  if (typeof g.counterparty !== "string" || g.counterparty.length === 0) {
+    throw new CompiledPolicyShapeError(
+      `${path}.counterparty must be a non-empty string`
+    );
+  }
+  if (typeof g.action !== "string" || g.action.length === 0) {
+    throw new CompiledPolicyShapeError(
+      `${path}.action must be a non-empty string`
+    );
+  }
+  if (g.scope !== void 0) {
+    if (typeof g.scope !== "object" || g.scope === null || Array.isArray(g.scope)) {
+      throw new CompiledPolicyShapeError(
+        `${path}.scope must be an object when present`
+      );
+    }
+  }
+  if (g.max_uses_per_day !== void 0) {
+    if (typeof g.max_uses_per_day !== "number" || !Number.isInteger(g.max_uses_per_day) || g.max_uses_per_day < 0) {
+      throw new CompiledPolicyShapeError(
+        `${path}.max_uses_per_day must be a non-negative integer when present`
+      );
+    }
+  }
+}
+function checkSlotRule(slot, value, path) {
+  if (typeof value !== "object" || value === null) {
+    throw new CompiledPolicyShapeError(`${path}: slot rule must be an object`);
+  }
+  const r = value;
+  if (r.slot !== slot) {
+    throw new CompiledPolicyShapeError(
+      `${path}.slot expected ${slot}, got ${String(r.slot)}`
+    );
+  }
+  if (r.mode !== "deny" && r.mode !== "grant") {
+    throw new CompiledPolicyShapeError(
+      `${path}.mode must be "deny" or "grant"`
+    );
+  }
+  if (!Array.isArray(r.grants)) {
+    throw new CompiledPolicyShapeError(
+      `${path}.grants must be an array (possibly empty)`
+    );
+  }
+  if (r.mode === "deny" && r.grants.length > 0) {
+    throw new CompiledPolicyShapeError(
+      `${path}: deny-mode slot rule must carry zero grants`
+    );
+  }
+  r.grants.forEach((g, i) => checkSlotGrant(g, `${path}.grants[${i}]`));
+}
+function validateCompiledPolicyShape(candidate) {
+  if (typeof candidate !== "object" || candidate === null) {
+    throw new CompiledPolicyShapeError("compiled policy must be an object");
+  }
+  const p = candidate;
+  if (p.schema_version !== COMPILED_POLICY_SCHEMA_VERSION) {
+    throw new CompiledPolicyShapeError(
+      `schema_version ${String(p.schema_version)} not supported at v0.1 (expected "${COMPILED_POLICY_SCHEMA_VERSION}")`
+    );
+  }
+  if (typeof p.agent_id !== "string" || p.agent_id.length === 0) {
+    throw new CompiledPolicyShapeError("agent_id must be a non-empty string");
+  }
+  if (typeof p.fortress_id !== "string" || p.fortress_id.length === 0) {
+    throw new CompiledPolicyShapeError(
+      "fortress_id must be a non-empty string"
+    );
+  }
+  if (typeof p.policy_version !== "number" || !Number.isInteger(p.policy_version) || p.policy_version < 0) {
+    throw new CompiledPolicyShapeError(
+      "policy_version must be a non-negative integer"
+    );
+  }
+  if (p.parent_version !== void 0 && (typeof p.parent_version !== "number" || !Number.isInteger(p.parent_version) || p.parent_version < 0)) {
+    throw new CompiledPolicyShapeError(
+      "parent_version must be a non-negative integer when present"
+    );
+  }
+  if (typeof p.slots !== "object" || p.slots === null) {
+    throw new CompiledPolicyShapeError("slots must be an object");
+  }
+  const slots = p.slots;
+  const slotKeys = Object.keys(slots).sort();
+  const expectedSlotKeys = [...POLICY_SLOTS].sort();
+  if (slotKeys.length !== expectedSlotKeys.length || !slotKeys.every((k, i) => k === expectedSlotKeys[i])) {
+    throw new CompiledPolicyShapeError(
+      `slots must contain exactly ${expectedSlotKeys.join(", ")}; got ${slotKeys.join(", ") || "(none)"}`
+    );
+  }
+  for (const slot of POLICY_SLOTS) {
+    checkSlotRule(slot, slots[slot], `slots.${slot}`);
+  }
+  if (typeof p.capabilities !== "object" || p.capabilities === null) {
+    throw new CompiledPolicyShapeError("capabilities must be an object");
+  }
+  const caps = p.capabilities;
+  if (!Array.isArray(caps.concordia_commitment_classes) || !caps.concordia_commitment_classes.every((c) => typeof c === "string")) {
+    throw new CompiledPolicyShapeError(
+      "capabilities.concordia_commitment_classes must be a string[]"
+    );
+  }
+  if (!Array.isArray(caps.honeypot_skill_ids) || !caps.honeypot_skill_ids.every((c) => typeof c === "string")) {
+    throw new CompiledPolicyShapeError(
+      "capabilities.honeypot_skill_ids must be a string[]"
+    );
+  }
+  if (typeof caps.is_sentinel !== "boolean") {
+    throw new CompiledPolicyShapeError(
+      "capabilities.is_sentinel must be boolean"
+    );
+  }
+  if (typeof p.auto_trigger_ladder !== "object" || p.auto_trigger_ladder === null) {
+    throw new CompiledPolicyShapeError(
+      "auto_trigger_ladder must be an object"
+    );
+  }
+  const lad = p.auto_trigger_ladder;
+  if (typeof lad.honeypot_auto_freeze !== "boolean") {
+    throw new CompiledPolicyShapeError(
+      "auto_trigger_ladder.honeypot_auto_freeze must be boolean"
+    );
+  }
+  if (lad.threshold_rule_action !== "operator_approved" && lad.threshold_rule_action !== "auto") {
+    throw new CompiledPolicyShapeError(
+      'auto_trigger_ladder.threshold_rule_action must be "operator_approved" or "auto"'
+    );
+  }
+  if (lad.ml_anomaly_action !== "operator_approved" && lad.ml_anomaly_action !== "auto") {
+    throw new CompiledPolicyShapeError(
+      'auto_trigger_ladder.ml_anomaly_action must be "operator_approved" or "auto"'
+    );
+  }
+  if (typeof p.source_english !== "string") {
+    throw new CompiledPolicyShapeError("source_english must be a string");
+  }
+  if (typeof p.compiled_at !== "string" || Number.isNaN(Date.parse(p.compiled_at))) {
+    throw new CompiledPolicyShapeError(
+      "compiled_at must be an ISO8601 timestamp string"
+    );
+  }
+  for (const key of slotKeys) {
+    if (!isPolicySlot(key)) {
+      throw new CompiledPolicyShapeError(
+        `slots.${key} is not a recognized policy slot`
+      );
+    }
+  }
+  if (p.egress !== void 0) {
+    checkEgressPolicy(p.egress, "egress");
+  }
+  if (p.budgets !== void 0) {
+    checkBudgetPolicy(p.budgets, "budgets");
+  }
+  if (p.retention !== void 0) {
+    checkRetentionPolicy(p.retention, "retention");
+  }
+}
+function checkEgressPolicy(value, path) {
+  if (typeof value !== "object" || value === null) {
+    throw new CompiledPolicyShapeError(`${path} must be an object`);
+  }
+  const eg = value;
+  if (!Array.isArray(eg.allowlist)) {
+    throw new CompiledPolicyShapeError(`${path}.allowlist must be an array`);
+  }
+  for (let i = 0; i < eg.allowlist.length; i++) {
+    const rule = eg.allowlist[i];
+    if (typeof rule !== "object" || rule === null) {
+      throw new CompiledPolicyShapeError(
+        `${path}.allowlist[${i}] must be an object`
+      );
+    }
+    const r = rule;
+    if (typeof r.destination !== "string" || r.destination.length === 0) {
+      throw new CompiledPolicyShapeError(
+        `${path}.allowlist[${i}].destination must be a non-empty string`
+      );
+    }
+    if (!Array.isArray(r.methods) || !r.methods.every((m) => typeof m === "string")) {
+      throw new CompiledPolicyShapeError(
+        `${path}.allowlist[${i}].methods must be a string[]`
+      );
+    }
+  }
+}
+function checkBudgetLimit(value, path) {
+  if (typeof value !== "object" || value === null) {
+    throw new CompiledPolicyShapeError(`${path} must be an object`);
+  }
+  const lim = value;
+  if (typeof lim.amount !== "number" || lim.amount <= 0 || !Number.isFinite(lim.amount)) {
+    throw new CompiledPolicyShapeError(
+      `${path}.amount must be a positive finite number`
+    );
+  }
+  if (!BUDGET_UNITS.includes(lim.unit)) {
+    throw new CompiledPolicyShapeError(
+      `${path}.unit must be one of: ${BUDGET_UNITS.join(", ")}`
+    );
+  }
+  if (lim.soft_warn_threshold !== void 0) {
+    if (typeof lim.soft_warn_threshold !== "number" || lim.soft_warn_threshold <= 0 || lim.soft_warn_threshold >= 1) {
+      throw new CompiledPolicyShapeError(
+        `${path}.soft_warn_threshold must be in (0, 1) when present`
+      );
+    }
+  }
+}
+function checkBudgetPolicy(value, path) {
+  if (typeof value !== "object" || value === null) {
+    throw new CompiledPolicyShapeError(`${path} must be an object`);
+  }
+  const bp = value;
+  if (bp.daily !== void 0) checkBudgetLimit(bp.daily, `${path}.daily`);
+  if (bp.monthly !== void 0) checkBudgetLimit(bp.monthly, `${path}.monthly`);
+  if (bp.daily === void 0 && bp.monthly === void 0) {
+    throw new CompiledPolicyShapeError(
+      `${path} must have at least one of daily or monthly`
+    );
+  }
+}
+function checkRetentionPolicy(value, path) {
+  if (typeof value !== "object" || value === null) {
+    throw new CompiledPolicyShapeError(`${path} must be an object`);
+  }
+  const rp = value;
+  if (typeof rp.windows !== "object" || rp.windows === null) {
+    throw new CompiledPolicyShapeError(`${path}.windows must be an object`);
+  }
+  const wins = rp.windows;
+  for (const key of Object.keys(wins)) {
+    if (!isPolicySlot(key)) {
+      throw new CompiledPolicyShapeError(
+        `${path}.windows.${key} is not a recognized policy slot`
+      );
+    }
+    const w = wins[key];
+    if (typeof w !== "object" || w === null) {
+      throw new CompiledPolicyShapeError(
+        `${path}.windows.${key} must be an object`
+      );
+    }
+    const win = w;
+    if (typeof win.max_age_seconds !== "number" || !Number.isInteger(win.max_age_seconds) || win.max_age_seconds <= 0) {
+      throw new CompiledPolicyShapeError(
+        `${path}.windows.${key}.max_age_seconds must be a positive integer`
+      );
+    }
+    if (win.archive !== void 0 && typeof win.archive !== "boolean") {
+      throw new CompiledPolicyShapeError(
+        `${path}.windows.${key}.archive must be boolean when present`
+      );
+    }
+  }
+}
+function encodePolicyBlob(policy) {
+  validateCompiledPolicyShape(policy);
+  return toBase64url(canonicalizeToBytes(policy));
+}
+// src/mesh/envelope.ts
+init_encoding();
+init_random();
+// src/mesh/constants.ts
+var PROTOCOL_VERSION = "0.1";
+var RESERVED_EVENT_TYPE_PREFIXES = [
+  "EXTENSION_",
+  "cross_fortress_",
+  "multi_master_"
+];
+function isReservedEventType(s) {
+  return RESERVED_EVENT_TYPE_PREFIXES.some((p) => s.startsWith(p));
+}
+var RESERVED_EXTENSION_ENVELOPE_KEYS = [
+  "cross_fortress_read_grant",
+  "cross_fortress_read_query",
+  "cross_fortress_read_response",
+  "multi_master_policy_merge",
+  "audit_replication_full_n_way",
+  "auto_promote_canonical_audit",
+  "agent_live_migration"
+];
+function isReservedExtensionKey(k) {
+  return RESERVED_EXTENSION_ENVELOPE_KEYS.includes(k);
+}
+// src/mesh/trust-root.ts
+init_encoding();
+init_identity();
+init_random();
+// src/mesh/envelope.ts
+function packSignedEvent(params) {
+  if (isReservedEventType(params.event_type)) {
+    throw new MeshReservedEventTypeError(params.event_type);
+  }
+  const ext = params.extension_envelope ?? {};
+  for (const key of Object.keys(ext)) {
+    if (isReservedExtensionKey(key)) {
+      throw new MeshReservedExtensionKeyError(key);
+    }
+  }
+  const payloadBytes = canonicalizeToBytes(params.payload);
+  const payload_hash = toBase64url(sha256.sha256(payloadBytes));
+  const body = {
+    protocol_version: PROTOCOL_VERSION,
+    event_type: params.event_type,
+    event_id: generateEventId(),
+    emitter_node: params.emitter_node,
+    emitter_principal: params.emitter_principal,
+    fortress_id: params.fortress_id,
+    causal_parents: params.causal_parents ?? [],
+    payload: params.payload,
+    payload_hash,
+    emitted_at: (/* @__PURE__ */ new Date()).toISOString(),
+    monotonic_seq: params.monotonic_seq,
+    extension_envelope: ext
+  };
+  const bytesToSign = canonicalizeToBytes(body);
+  const nodeSig = ed25519.ed25519.sign(bytesToSign, params.node_private_key);
+  const evt = {
+    ...body,
+    node_signature: toBase64url(nodeSig)
+  };
+  if (params.principal_private_key) {
+    const principalSig = ed25519.ed25519.sign(bytesToSign, params.principal_private_key);
+    evt.principal_signature = toBase64url(principalSig);
+  }
+  return evt;
+}
+function generateEventId() {
+  const bytes = randomBytes(16);
+  let hex = "";
+  for (const b of bytes) hex += b.toString(16).padStart(2, "0");
+  return hex;
+}
+// src/policy-engine/envelope.ts
+function packPolicyUpdate(params) {
+  validateCompiledPolicyShape(params.policy);
+  const blob = encodePolicyBlob(params.policy);
+  const payload = {
+    agent_id: params.policy.agent_id,
+    policy_version: params.policy.policy_version,
+    policy_blob: blob,
+    ...params.policy.parent_version !== void 0 ? { parent_version: params.policy.parent_version } : {}
+  };
+  return packSignedEvent({
+    event_type: POLICY_UPDATE_EVENT_TYPE,
+    emitter_node: params.emitter_node,
+    emitter_principal: params.emitter_principal,
+    fortress_id: params.policy.fortress_id,
+    causal_parents: params.causal_parents,
+    payload,
+    monotonic_seq: params.monotonic_seq,
+    node_private_key: params.node_private_key,
+    principal_private_key: params.principal_private_key
+  });
+}
+// src/templates/init.ts
+function deterministicCompiledAt(version) {
+  const [major, minor, patch] = version.split(".").map(Number);
+  const epoch = /* @__PURE__ */ new Date("2026-01-01T00:00:00.000Z");
+  epoch.setUTCDate(epoch.getUTCDate() + (major - 1) * 365 + minor * 30 + patch);
+  return epoch.toISOString();
+}
+function buildCompiledPolicyFromTemplate(bundle, params) {
+  const policy = applyChannelTemplate(
+    bundle.metadata.channel,
+    {
+      agent_id: params.agent_id,
+      counterparty: params.counterparty,
+      fortress_id: params.fortress_id,
+      policy_version: params.policy_version
+    }
+  );
+  policy.compiled_at = deterministicCompiledAt(bundle.metadata.version);
+  policy.source_english = bundle.policy_english;
+  if (bundle.defaults.egress.length > 0) {
+    const egress = {
+      allowlist: bundle.defaults.egress.map((e) => ({
+        destination: e.destination,
+        methods: [...e.methods]
+      }))
+    };
+    policy.egress = egress;
+  }
+  const budgets = {};
+  if (bundle.defaults.budgets.daily) {
+    budgets.daily = { ...bundle.defaults.budgets.daily };
+  }
+  if (bundle.defaults.budgets.monthly) {
+    budgets.monthly = { ...bundle.defaults.budgets.monthly };
+  }
+  if (budgets.daily || budgets.monthly) {
+    policy.budgets = budgets;
+  }
+  const windows = bundle.defaults.retention.windows;
+  if (Object.keys(windows).length > 0) {
+    const retention = {
+      windows: {}
+    };
+    for (const [slot, win] of Object.entries(windows)) {
+      if (win) {
+        retention.windows[slot] = { ...win };
+      }
+    }
+    policy.retention = retention;
+  }
+  const classes = bundle.commitments.shapes.map((s) => s.commitment_class);
+  for (const cls of classes) {
+    if (!policy.capabilities.concordia_commitment_classes.includes(cls)) {
+      policy.capabilities.concordia_commitment_classes.push(cls);
+    }
+  }
+  policy.capabilities.concordia_commitment_classes.sort();
+  validateCompiledPolicyShape(policy);
+  return policy;
+}
+function initTemplate(params) {
+  const bundle = getTemplate2(params.template_name);
+  if (!bundle) {
+    throw new Error(`unknown template: ${params.template_name}`);
+  }
+  const compiled = buildCompiledPolicyFromTemplate(bundle, {
+    agent_id: params.agent_id,
+    fortress_id: params.fortress_id,
+    counterparty: params.counterparty ?? "*",
+    policy_version: params.policy_version ?? 1
+  });
+  const signed_event = packPolicyUpdate({
+    policy: compiled,
+    emitter_node: params.emitter_node,
+    emitter_principal: params.emitter_principal,
+    monotonic_seq: params.monotonic_seq,
+    node_private_key: params.node_private_key,
+    principal_private_key: params.principal_private_key
+  });
+  return { compiled, signed_event, bundle };
+}
+var DEFAULT_STORAGE_DIR = ".sanctuary";
+var KEYCHAIN_SERVICE_DEFAULT = "sanctuary-passphrase";
+function keychainServiceFor(storagePath, home = os.homedir()) {
+  const defaultPath = path.join(home, DEFAULT_STORAGE_DIR);
+  if (storagePath === defaultPath) return KEYCHAIN_SERVICE_DEFAULT;
+  const digest = sha256.sha256(Buffer.from(storagePath, "utf-8"));
+  const suffix = Buffer.from(digest).toString("hex").slice(0, 12);
+  return `${KEYCHAIN_SERVICE_DEFAULT}-${suffix}`;
+}
+var RUNTIME_FILE_NAME = "runtime.json";
+function runtimePath(storagePath) {
+  return path.join(storagePath, RUNTIME_FILE_NAME);
+}
+async function readTenantRuntime(storagePath) {
+  try {
+    const raw = await promises.readFile(runtimePath(storagePath), "utf-8");
+    const parsed = JSON.parse(raw);
+    if (typeof parsed.dashboard_port !== "number" || typeof parsed.pid !== "number" || typeof parsed.started_at !== "string" || typeof parsed.version !== "string" || typeof parsed.dashboard_host !== "string" || typeof parsed.mode !== "string") {
+      return null;
+    }
+    const state = {
+      version: parsed.version,
+      pid: parsed.pid,
+      started_at: parsed.started_at,
+      dashboard_host: parsed.dashboard_host,
+      dashboard_port: parsed.dashboard_port,
+      mode: parsed.mode
+    };
+    if (typeof parsed.webhook_callback_port === "number") {
+      state.webhook_callback_port = parsed.webhook_callback_port;
+    }
+    if (typeof parsed.webhook_callback_host === "string") {
+      state.webhook_callback_host = parsed.webhook_callback_host;
+    }
+    return state;
+  } catch {
+    return null;
+  }
+}
+// src/cli/agents/discovery.ts
+var EXTRAS_FILE_NAME = "agents-extra.json";
+async function isTenantDir(path$1) {
+  const [hasState, hasProfile, hasFallback] = await Promise.all([
+    dirExists(path.join(path$1, "state")),
+    fileExists2(path.join(path$1, "cocoon-profile.json")),
+    fileExists2(path.join(path$1, "passphrase.enc"))
+  ]);
+  const initialized = hasState;
+  let passphraseStatus;
+  if (hasFallback) passphraseStatus = "fallback-file";
+  else if (hasProfile || hasState) passphraseStatus = "keychain";
+  else passphraseStatus = "not-initialized";
+  return { initialized, hasProfile, passphraseStatus };
+}
+async function dirExists(path) {
+  try {
+    const s = await promises.stat(path);
+    return s.isDirectory();
+  } catch {
+    return false;
+  }
+}
+async function fileExists2(path) {
+  try {
+    const s = await promises.stat(path);
+    return s.isFile();
+  } catch {
+    return false;
+  }
+}
+async function newestAuditMtime(storagePath) {
+  const auditDir = path.join(storagePath, "state", "_audit");
+  let entries = [];
+  try {
+    entries = await promises.readdir(auditDir);
+  } catch {
+    return null;
+  }
+  let newest = 0;
+  for (const name of entries) {
+    try {
+      const s = await promises.stat(path.join(auditDir, name));
+      if (s.isFile() && s.mtimeMs > newest) newest = s.mtimeMs;
+    } catch {
+    }
+  }
+  if (newest === 0) return null;
+  return new Date(newest).toISOString();
+}
+async function readExtraPaths(root, env) {
+  const out = [];
+  const fromEnv = env.SANCTUARY_AGENTS_EXTRA_PATHS;
+  if (fromEnv && fromEnv.length > 0) {
+    for (const part of fromEnv.split(":")) {
+      const trimmed = part.trim();
+      if (trimmed.length > 0) out.push(path.resolve(trimmed));
+    }
+  }
+  try {
+    const raw = await promises.readFile(path.join(root, EXTRAS_FILE_NAME), "utf-8");
+    const parsed = JSON.parse(raw);
+    if (Array.isArray(parsed)) {
+      for (const p of parsed) {
+        if (typeof p === "string" && p.trim().length > 0) out.push(path.resolve(p));
+      }
+    }
+  } catch {
+  }
+  return Array.from(new Set(out));
+}
+async function describeTenant(name, storagePath, home) {
+  const exists = await dirExists(storagePath);
+  if (!exists) return null;
+  const { initialized, hasProfile, passphraseStatus } = await isTenantDir(storagePath);
+  if (!initialized && !hasProfile && passphraseStatus === "not-initialized") {
+    return null;
+  }
+  const last_activity = await newestAuditMtime(storagePath);
+  const runtime = await readTenantRuntime(storagePath);
+  return {
+    name,
+    storage_path: storagePath,
+    exists: true,
+    initialized,
+    has_cocoon_profile: hasProfile,
+    keychain_service: keychainServiceFor(storagePath, home),
+    passphrase_status: passphraseStatus,
+    last_activity,
+    runtime
+  };
+}
+async function discoverTenants(options = {}) {
+  const home = options.home ?? os.homedir();
+  const env = options.env ?? process.env;
+  const root = options.root ?? path.join(home, DEFAULT_STORAGE_DIR);
+  const tenants = [];
+  const rootTenant = await describeTenant("default", root, home);
+  if (rootTenant) tenants.push(rootTenant);
+  let children = [];
+  try {
+    children = await promises.readdir(root);
+  } catch {
+  }
+  for (const child of children) {
+    const childPath = path.join(root, child);
+    if (child.startsWith(".")) continue;
+    if (child === "state" || child === "backup" || child === "config") continue;
+    const s = await promises.stat(childPath).catch(() => null);
+    if (!s || !s.isDirectory()) continue;
+    const desc = await describeTenant(child, childPath, home);
+    if (desc) tenants.push(desc);
+  }
+  const extras = await readExtraPaths(root, env);
+  for (const extra of extras) {
+    if (tenants.some((t) => t.storage_path === extra)) continue;
+    const desc = await describeTenant(path.basename(extra), extra, home);
+    if (desc) tenants.push(desc);
+  }
+  tenants.sort((a, b) => {
+    if (a.name === "default") return -1;
+    if (b.name === "default") return 1;
+    return a.name.localeCompare(b.name);
+  });
+  return tenants;
+}
+async function findTenant(name, options = {}) {
+  const tenants = await discoverTenants(options);
+  return tenants.find((t) => t.name === name) ?? null;
+}
 // src/dashboard/api.ts
 function constantTimeEquals(a, b) {
   if (a.length !== b.length) return false;
@@ -22250,6 +23514,22 @@ function writeJSON(res, status, payload) {
   });
   res.end(JSON.stringify(payload));
 }
+async function readJSONBody(req) {
+  const chunks = [];
+  let size = 0;
+  const MAX = 256 * 1024;
+  for await (const chunk of req) {
+    size += chunk.length;
+    if (size > MAX) throw new Error("request body too large");
+    chunks.push(chunk);
+  }
+  const body = Buffer.concat(chunks).toString("utf-8");
+  if (!body) return {};
+  return JSON.parse(body);
+}
+function generateEphemeralKey() {
+  return new Uint8Array(crypto.randomBytes(32));
+}
 function writeText(res, status, body, contentType = "text/plain") {
   res.writeHead(status, {
     "Content-Type": contentType,
@@ -22302,6 +23582,102 @@ async function handleRequest(deps, req, res) {
     await handleStream(deps, res);
     return true;
   }
+  if (method === "GET" && path === "/api/templates") {
+    try {
+      const templates = listTemplates();
+      writeJSON(res, 200, { templates });
+    } catch (err) {
+      writeJSON(res, 500, {
+        error: "template_load_failed",
+        message: err.message
+      });
+    }
+    return true;
+  }
+  const templateMatch = /^\/api\/templates\/([^/]+)$/.exec(path);
+  if (method === "GET" && templateMatch) {
+    const name = decodeURIComponent(templateMatch[1]);
+    try {
+      const entry = getTemplateEntry(name);
+      if (!entry) {
+        writeJSON(res, 404, { error: "template_not_found", name });
+        return true;
+      }
+      writeJSON(res, 200, entry);
+    } catch (err) {
+      writeJSON(res, 500, {
+        error: "template_load_failed",
+        message: err.message
+      });
+    }
+    return true;
+  }
+  const initMatch = /^\/api\/templates\/([^/]+)\/init$/.exec(path);
+  if (method === "POST" && initMatch) {
+    const name = decodeURIComponent(initMatch[1]);
+    try {
+      const bundle = getTemplate2(name);
+      if (!bundle) {
+        writeJSON(res, 404, { error: "template_not_found", name });
+        return true;
+      }
+      const body = await readJSONBody(req);
+      if (!body.agent_name || typeof body.agent_name !== "string") {
+        writeJSON(res, 400, {
+          error: "validation_error",
+          message: "agent_name is required and must be a string"
+        });
+        return true;
+      }
+      if (!/^[a-zA-Z0-9_-]+$/.test(body.agent_name)) {
+        writeJSON(res, 400, {
+          error: "validation_error",
+          message: "agent_name must contain only alphanumeric characters, hyphens, and underscores"
+        });
+        return true;
+      }
+      const isAgentWrapped = deps.isAgentWrapped ?? (async (agentId) => {
+        const tenant = await findTenant(agentId);
+        if (!tenant) return false;
+        return tenant.initialized || tenant.has_cocoon_profile;
+      });
+      if (!await isAgentWrapped(body.agent_name)) {
+        writeJSON(res, 400, {
+          error: "orphan_agent_id",
+          message: `No wrapped harness found for agent_id "${body.agent_name}". Run \`sanctuary wrap\` to wrap the harness first, then retry template init.`
+        });
+        return true;
+      }
+      const nodeId = deps.nodeId ?? "dashboard-node";
+      const nodePrivateKey = deps.nodePrivateKey ?? generateEphemeralKey();
+      const principalId = deps.principalId ?? "dashboard-principal";
+      const fortressId = deps.fortressId ?? "default";
+      const result = initTemplate({
+        template_name: name,
+        agent_id: body.agent_name,
+        fortress_id: fortressId,
+        counterparty: "*",
+        policy_version: 1,
+        emitter_node: nodeId,
+        emitter_principal: principalId,
+        monotonic_seq: 1,
+        node_private_key: nodePrivateKey
+      });
+      writeJSON(res, 200, {
+        agent_id: body.agent_name,
+        signed_event_id: result.signed_event.event_id,
+        policy_version: result.compiled.policy_version,
+        template_name: name,
+        attestation_panel_url: `/console#agent_roster`
+      });
+    } catch (err) {
+      writeJSON(res, 500, {
+        error: "template_init_failed",
+        message: err.message
+      });
+    }
+    return true;
+  }
   return false;
 }
 async function handleStream(deps, res) {
@@ -22380,11 +23756,11 @@ async function startDashboardServer(options) {
       }
     }
   });
-  await new Promise((resolve, reject) => {
+  await new Promise((resolve2, reject) => {
     server.once("error", reject);
     server.listen(port, host, () => {
       server.off("error", reject);
-      resolve();
+      resolve2();
     });
   });
   const actualPort = (() => {
@@ -22397,8 +23773,8 @@ async function startDashboardServer(options) {
     url,
     port: actualPort,
     host,
-    stop: () => new Promise((resolve, reject) => {
-      server.close((err) => err ? reject(err) : resolve());
+    stop: () => new Promise((resolve2, reject) => {
+      server.close((err) => err ? reject(err) : resolve2());
     }),
     publish,
     publishActivity: (entry) => publish({ type: "activity", data: entry }),
@@ -22999,7 +24375,7 @@ async function createSanctuaryServer(options) {
       clientManager.configure(enabledServers).catch((err) => {
         console.error(`[Sanctuary] Failed to configure upstream servers: ${err instanceof Error ? err.message : "unknown error"}`);
       });
-      await new Promise((resolve) => setTimeout(resolve, 2e3));
+      await new Promise((resolve2) => setTimeout(resolve2, 2e3));
       const proxiedTools = proxyRouter.getProxiedTools();
       if (proxiedTools.length > 0) {
         allTools.push(...proxiedTools);