@sekuire/sdk 0.1.9 → 0.1.11

package/dist/registry-client.d.ts

@@ -0,0 +1,171 @@
+import { type AgentResponse, type Manifest, type ReputationResponse, type VerificationStatus } from "./types";
+export interface RegistryClientConfig {
+    apiUrl: string;
+    apiKey?: string;
+    timeout?: number;
+    retries?: number;
+}
+export interface PublishAgentOptions {
+    manifest: Manifest;
+    privateKeyHex: string;
+    systemPrompt: string;
+    tools: string;
+    publisherOrgId?: string;
+    visibility?: "public" | "private" | "internal";
+}
+export interface UpdateAgentOptions {
+    manifest?: Partial<Manifest>;
+    visibility?: "public" | "private" | "internal";
+    gitRepository?: string;
+}
+export interface SearchAgentsOptions {
+    query?: string;
+    tags?: string[];
+    verificationStatus?: VerificationStatus;
+    category?: string;
+    limit?: number;
+    offset?: number;
+}
+export interface TaskCompletion {
+    taskId: string;
+    taskHash: string;
+    rating: number;
+    comment?: string;
+    evidence?: string;
+}
+export interface LeaderboardEntry {
+    sekuireId: string;
+    name: string;
+    reputationScore: number;
+    taskCount: number;
+    verificationStatus: VerificationStatus;
+    rank: number;
+}
+export interface PublishResponse {
+    sekuireId: string;
+    name: string;
+    version: string;
+    verificationStatus: VerificationStatus;
+    createdAt: string;
+}
+export interface DisputeResponse {
+    id: string;
+    sekuireId: string;
+    status: "pending" | "reviewing" | "resolved" | "rejected";
+    createdAt: string;
+}
+export interface VerificationRequest {
+    sekuireId: string;
+    repositoryUrl?: string;
+    commitHash?: string;
+    complianceFramework?: string;
+}
+export interface VerificationResult {
+    passed: boolean;
+    securityScore: number;
+    complianceScore: number;
+    issues: VerificationIssue[];
+    timestamp: string;
+}
+export interface VerificationIssue {
+    severity: "critical" | "high" | "medium" | "low";
+    category: string;
+    message: string;
+    file?: string;
+    line?: number;
+}
+export interface TrustHeadersRequest {
+    agentId: string;
+    action?: string;
+    context?: Record<string, unknown>;
+}
+export interface TrustHeaders {
+    "X-Sekuire-Agent-ID": string;
+    "X-Sekuire-Reputation": string;
+    "X-Sekuire-Verification": string;
+    "X-Sekuire-Badges": string;
+    "X-Sekuire-Timestamp": string;
+    "X-Sekuire-Signature": string;
+}
+export declare class SekuireRegistryClient {
+    private readonly http;
+    constructor(config: RegistryClientConfig | string, authToken?: string);
+    setAuthToken(token: string): void;
+    setApiKey(apiKey: string): void;
+    publishAgent(options: PublishAgentOptions): Promise<PublishResponse>;
+    getAgent(sekuireId: string): Promise<AgentResponse>;
+    updateAgent(sekuireId: string, options: UpdateAgentOptions): Promise<AgentResponse>;
+    deleteAgent(sekuireId: string): Promise<void>;
+    listAgents(options?: SearchAgentsOptions): Promise<AgentResponse[]>;
+    searchAgents(query: string, options?: Omit<SearchAgentsOptions, "query">): Promise<AgentResponse[]>;
+    getMyAgents(): Promise<AgentResponse[]>;
+    getReputation(sekuireId: string): Promise<ReputationResponse>;
+    recordTaskCompletion(sekuireId: string, task: TaskCompletion, privateKeyHex: string): Promise<void>;
+    getLeaderboard(limit?: number): Promise<LeaderboardEntry[]>;
+    fileDispute(sekuireId: string, reason: string, evidenceLog: string, accuserId: string): Promise<DisputeResponse>;
+    verifyAgentQuick(sekuireId: string): Promise<VerificationResult>;
+    verifyAgentComprehensive(request: VerificationRequest): Promise<VerificationResult>;
+    getVerificationHistory(sekuireId: string): Promise<VerificationResult[]>;
+    getLatestVerification(sekuireId: string): Promise<VerificationResult | null>;
+    generateTrustHeaders(request: TrustHeadersRequest): Promise<TrustHeaders>;
+    getTrustProfile(agentDid: string): Promise<Record<string, unknown>>;
+    getTransactionHistory(agentDid: string): Promise<unknown[]>;
+    createTask(task: {
+        description: string;
+        capabilities: string[];
+        priority?: number;
+        callbackUrl?: string;
+    }): Promise<{
+        taskId: string;
+        status: string;
+    }>;
+    getTask(taskId: string): Promise<{
+        taskId: string;
+        status: string;
+        result?: unknown;
+        error?: string;
+    }>;
+    completeTask(taskId: string, result: unknown, privateKeyHex: string): Promise<void>;
+    getRegistryStats(): Promise<{
+        totalAgents: number;
+        verifiedAgents: number;
+        totalTasks: number;
+        categories: string[];
+    }>;
+    getCategories(): Promise<Array<{
+        slug: string;
+        name: string;
+        agentCount: number;
+    }>>;
+    getAgentsByCategory(categorySlug: string): Promise<AgentResponse[]>;
+    getWorkspace(workspaceId: string): Promise<Record<string, unknown>>;
+    getWorkspacePolicies(workspaceId: string): Promise<unknown[]>;
+    getActivePolicy(workspaceId: string): Promise<unknown>;
+    getPolicyTemplates(): Promise<unknown[]>;
+    evaluatePolicy(workspaceId: string, action: {
+        type: string;
+        resource: string;
+        context?: Record<string, unknown>;
+    }): Promise<{
+        allowed: boolean;
+        violations: string[];
+    }>;
+    logAgentEvents(sekuireId: string, events: Array<{
+        type: string;
+        severity: string;
+        data: Record<string, unknown>;
+        timestamp?: string;
+    }>): Promise<void>;
+    logAgentHealth(sekuireId: string, health: {
+        status: "healthy" | "degraded" | "unhealthy";
+        uptime: number;
+        memoryMb?: number;
+        cpuPercent?: number;
+    }): Promise<void>;
+    getAgentLogs(sekuireId: string, options?: {
+        limit?: number;
+        offset?: number;
+        type?: string;
+    }): Promise<unknown[]>;
+}
+export declare function createRegistryClient(apiUrl: string, authToken?: string, apiKey?: string): SekuireRegistryClient;

package/dist/sdk.d.ts

@@ -0,0 +1,117 @@
+/**
+ * SekuireSDK - Main SDK entry point for TypeScript agents
+ *
+ * Combines identity, logging, and heartbeat functionality with a simple API.
+ */
+import { type BeaconStatus } from "./beacon";
+import { AgentIdentity } from "./identity";
+import { SekuireLogger, type EventType, type Severity } from "./logger";
+export declare const DEFAULT_API_URL = "https://api.sekuire.ai";
+export interface SekuireSDKConfig {
+    privateKey?: string;
+    agentId: string;
+    agentName?: string;
+    apiUrl?: string;
+    apiKey?: string;
+    /** Install token from dashboard (preferred for BYOC deployments) */
+    installToken?: string;
+    workspaceId?: string;
+    environment?: string;
+    autoHeartbeat?: boolean;
+    /** Heartbeat interval in seconds (default: 60) */
+    heartbeatIntervalSeconds?: number;
+    loggingEnabled?: boolean;
+    /** Capabilities this agent provides */
+    capabilities?: string[];
+}
+export declare class SekuireSDK {
+    private config;
+    private identity;
+    private logger;
+    private client;
+    private beacon;
+    private isRunning;
+    constructor(config: SekuireSDKConfig);
+    /**
+     * Create SDK instance from environment variables.
+     *
+     * Required env vars:
+     *   SEKUIRE_AGENT_ID - The agent's sekuire_id
+     *   SEKUIRE_INSTALL_TOKEN - Install token from dashboard (required for heartbeat)
+     *
+     * Optional env vars:
+     *   SEKUIRE_API_KEY - API key for authentication (X-API-Key header)
+     *   SEKUIRE_PRIVATE_KEY - Private key for signing
+     *   SEKUIRE_AGENT_NAME - Human-readable agent name
+     *   SEKUIRE_API_URL - API base URL (default: https://api.sekuire.ai)
+     *   SEKUIRE_WORKSPACE_ID - Workspace ID for policy enforcement
+     *   SEKUIRE_ENVIRONMENT - Environment name (default: production)
+     */
+    static fromEnv(options?: {
+        autoHeartbeat?: boolean;
+        loggingEnabled?: boolean;
+    }): SekuireSDK;
+    /**
+     * Start the SDK.
+     *
+     * - Bootstraps with Sekuire using the install token
+     * - Starts auto-heartbeat loop if enabled
+     *
+     * Requires SEKUIRE_INSTALL_TOKEN to be set (from dashboard or CLI).
+     */
+    start(): Promise<void>;
+    /**
+     * Check if the beacon is connected and sending heartbeats.
+     *
+     * @returns True if the beacon has successfully bootstrapped
+     */
+    isConnected(): boolean;
+    /**
+     * Log an event to Sekuire.
+     *
+     * @param eventType Type of event (tool_execution, model_call, policy_check, etc.)
+     * @param data Event-specific data
+     * @param severity Severity level (debug, info, warn, error)
+     */
+    log(eventType: EventType, data: Record<string, unknown>, severity?: Severity): void;
+    /**
+     * Check if an action is allowed by the workspace policy.
+     *
+     * @param action The action to check (e.g., "read_file", "network_access")
+     * @param context Context for the action (e.g., {path: "/etc/passwd"})
+     * @returns True if allowed, False if denied
+     */
+    checkPolicy(action: string, context: Record<string, unknown>): Promise<boolean>;
+    /**
+     * Shutdown the SDK gracefully.
+     */
+    shutdown(): Promise<void>;
+    /**
+     * Get the current beacon status (heartbeat health, connection info).
+     */
+    getBeaconStatus(): BeaconStatus;
+    /**
+     * Get the agent ID.
+     */
+    get agentId(): string;
+    /**
+     * Get the agent's public key.
+     */
+    get publicKey(): string | undefined;
+    /**
+     * Sign a message with the agent's private key.
+     */
+    sign(message: string): Promise<string>;
+    /**
+     * Verify a signature using the agent's public key.
+     */
+    verify(message: string, signature: string): boolean;
+    /**
+     * Get the underlying identity object.
+     */
+    getIdentity(): AgentIdentity;
+    /**
+     * Get the underlying logger object.
+     */
+    getLogger(): SekuireLogger;
+}

package/dist/telemetry/exporter.d.ts

@@ -0,0 +1,21 @@
+import { ExportResult } from '@opentelemetry/core';
+import { ReadableSpan, SpanExporter } from '@opentelemetry/sdk-trace-base';
+export interface SekuireExporterConfig {
+    apiUrl: string;
+    agentId: string;
+    authToken?: string;
+    workspaceId?: string;
+}
+export declare class SekuireSpanExporter implements SpanExporter {
+    private config;
+    private pendingExport;
+    constructor(config: SekuireExporterConfig);
+    export(spans: ReadableSpan[], resultCallback: (result: ExportResult) => void): void;
+    private spanToEvent;
+    private mapSpanToEventType;
+    private getDurationMs;
+    private extractAttributes;
+    private sendEvents;
+    shutdown(): Promise<void>;
+    forceFlush(): Promise<void>;
+}

package/dist/telemetry/index.d.ts

@@ -0,0 +1,22 @@
+import { Tracer } from '@opentelemetry/api';
+export type ExporterType = 'otlp' | 'sekuire' | 'console' | 'none';
+export interface TelemetryConfig {
+    enabled?: boolean;
+    agentId: string;
+    exporter?: ExporterType;
+    otlpEndpoint?: string;
+    sekuireApiUrl?: string;
+    authToken?: string;
+    workspaceId?: string;
+    debug?: boolean;
+    batchConfig?: {
+        maxQueueSize?: number;
+        maxExportBatchSize?: number;
+        scheduledDelayMillis?: number;
+    };
+}
+export declare function initTelemetry(config: TelemetryConfig): Tracer;
+export declare function getTracer(): Tracer;
+export declare function withSpan<T>(name: string, fn: (span: any) => T): T;
+export declare function shutdownTelemetry(): Promise<void>;
+export { SekuireSpanExporter, type SekuireExporterConfig } from './exporter';

package/dist/tools/agent-invocation.d.ts

@@ -1,90 +1,38 @@
-import type { Tool, ToolMetadata } from './base';
+import { Tool, ToolInput, ToolMetadata } from './base';
 /**
  * Tool for invoking other Sekuire agents
  * Performs handshake and sends requests to verified agents
  */
-export declare class InvokeAgentTool implements Tool {
+export declare class InvokeAgentTool extends Tool {
+    metadata: ToolMetadata;
+    private client;
     private readonly privateKey?;
     private readonly publicKey?;
     private readonly registryUrl;
-    name: string;
-    description: string;
-    parameters: {
-        type: "object";
-        properties: {
-            agent_url: {
-                type: "string";
-                description: string;
-            };
-            agent_id: {
-                type: "string";
-                description: string;
-            };
-            request: {
-                type: "string";
-                description: string;
-            };
-            parameters: {
-                type: "object";
-                description: string;
-            };
-        };
-        required: string[];
-    };
-    metadata: ToolMetadata;
-    private client;
-    constructor(privateKey?: string | undefined, publicKey?: string | undefined, registryUrl?: string);
-    execute(args: Record<string, any>): Promise<string>;
+    constructor(privateKey?: string, publicKey?: string, registryUrl?: string);
+    execute(input: ToolInput): Promise<string>;
 }
 /**
  * Tool for searching the Sekuire registry for agents
  */
-export declare class SearchAgentsTool implements Tool {
+export declare class SearchAgentsTool extends Tool {
+    metadata: ToolMetadata;
+    private client;
     private readonly privateKey?;
     private readonly publicKey?;
     private readonly registryUrl;
-    name: string;
-    description: string;
-    parameters: {
-        type: "object";
-        properties: {
-            query: {
-                type: "string";
-                description: string;
-            };
-            limit: {
-                type: "number";
-                description: string;
-            };
-        };
-        required: string[];
-    };
-    metadata: ToolMetadata;
-    private client;
-    constructor(privateKey?: string | undefined, publicKey?: string | undefined, registryUrl?: string);
-    execute(args: Record<string, any>): Promise<string>;
+    constructor(privateKey?: string, publicKey?: string, registryUrl?: string);
+    execute(input: ToolInput): Promise<string>;
 }
 /**
  * Tool for getting detailed information about a specific agent
  */
-export declare class GetAgentInfoTool implements Tool {
+export declare class GetAgentInfoTool extends Tool {
+    metadata: ToolMetadata;
+    private client;
     private readonly privateKey?;
     private readonly publicKey?;
     private readonly registryUrl;
-    name: string;
-    description: string;
-    parameters: {
-        type: "object";
-        properties: {
-            agent_id: {
-                type: "string";
-                description: string;
-            };
-        };
-        required: string[];
-    };
-    metadata: ToolMetadata;
-    private client;
-    constructor(privateKey?: string | undefined, publicKey?: string | undefined, registryUrl?: string);
-    execute(args: Record<string, any>): Promise<string>;
+    constructor(privateKey?: string, publicKey?: string, registryUrl?: string);
+    execute(input: ToolInput): Promise<string>;
 }

package/dist/tools/remote.d.ts

@@ -1,5 +1,5 @@
-import type { SekuireClient } from '../client';
 import type { ToolDefinition } from '../agent';
+import type { SekuireClient } from '../client';
 /**
  * Create a tool for discovering other agents in the Sekuire network
  */

package/dist/types/a2a-types.d.ts

@@ -0,0 +1,194 @@
+/**
+ * A2A Protocol Type Definitions
+ *
+ * Types implementing the A2A Protocol specification for agent interoperability.
+ * See: https://github.com/a2aproject/A2A
+ */
+/** Full A2A-compliant Agent Card */
+export interface AgentCard {
+    /** Unique agent identifier (e.g., "sekuire:workspace:agent-name") */
+    agentId: string;
+    /** Human-readable agent name */
+    name: string;
+    /** Agent description */
+    description: string;
+    /** Semantic version */
+    version: string;
+    /** Provider information */
+    provider?: AgentProvider;
+    /** Supported A2A protocol versions */
+    protocolVersions: string[];
+    /** Agent capabilities */
+    capabilities: AgentCapabilities;
+    /** Skills the agent provides */
+    skills: AgentSkill[];
+    /** Default input MIME types accepted */
+    defaultInputModes?: string[];
+    /** Default output MIME types produced */
+    defaultOutputModes?: string[];
+    /** Security schemes supported */
+    securitySchemes?: Record<string, SecurityScheme>;
+    /** Required security scheme names */
+    security?: string[];
+    /** Base URL for A2A endpoints */
+    url: string;
+}
+/** Provider information */
+export interface AgentProvider {
+    name: string;
+    url?: string;
+}
+/** Agent capabilities */
+export interface AgentCapabilities {
+    /** Supports streaming responses via SSE */
+    streaming: boolean;
+    /** Supports push notifications */
+    pushNotifications: boolean;
+    /** Supports extended agent card endpoint */
+    extendedAgentCard: boolean;
+}
+/** Security scheme definition */
+export interface SecurityScheme {
+    type: string;
+    scheme?: string;
+    bearerFormat?: string;
+}
+/** Structured skill definition */
+export interface AgentSkill {
+    /** Skill identifier (e.g., "document:summarize") */
+    id: string;
+    /** Human-readable skill name */
+    name: string;
+    /** Skill description */
+    description?: string;
+    /** Tags for categorization */
+    tags?: string[];
+    /** Input MIME types accepted */
+    inputModes?: string[];
+    /** Output MIME types produced */
+    outputModes?: string[];
+    /** Example prompts */
+    examples?: string[];
+}
+/** A2A message with role and parts */
+export interface A2AMessage {
+    /** Message role: "user" or "agent" */
+    role: "user" | "agent";
+    /** Message content parts */
+    parts: A2AMessagePart[];
+}
+/** Message part content */
+export type A2AMessagePart = {
+    type: "text";
+    text: string;
+} | {
+    type: "file";
+    uri: string;
+    mimeType?: string;
+} | {
+    type: "data";
+    data: unknown;
+};
+/** A2A task states */
+export type A2ATaskState = "pending" | "working" | "input-required" | "completed" | "failed" | "cancelled";
+/** A2A task status with timestamp */
+export interface A2ATaskStatus {
+    state: A2ATaskState;
+    timestamp: string;
+}
+/** Full A2A task */
+export interface A2ATask {
+    taskId: string;
+    contextId?: string;
+    status: A2ATaskStatus;
+    artifacts: A2AArtifact[];
+    history: A2AMessage[];
+    /** ID of the task that delegated to this task */
+    parentTaskId?: string;
+    /** Trace ID shared across the delegation chain */
+    traceId?: string;
+}
+/** Task artifact output */
+export interface A2AArtifact {
+    name?: string;
+    parts: A2AMessagePart[];
+    index?: number;
+}
+/** Request for skill-based auto-discovery routing */
+export interface A2ARouteRequest {
+    /** Required skill (e.g., "document:summarize") */
+    skill: string;
+    /** Message to send to the agent */
+    message: A2AMessage;
+    /** Optional conversation context ID */
+    contextId?: string;
+    /** Parent task ID for delegation tracking */
+    parentTaskId?: string;
+    /** Trace ID for the entire delegation chain */
+    traceId?: string;
+}
+/** Response from skill-based routing */
+export interface A2ARouteResponse {
+    /** Created task ID */
+    taskId: string;
+    /** Current task status */
+    status: A2ATaskState;
+    /** ID of the selected agent */
+    agentId: string;
+    /** Initial response message (if any) */
+    message?: A2AMessage;
+    /** Trace ID for the delegation chain */
+    traceId?: string;
+}
+/** JSON-RPC 2.0 Request */
+export interface JsonRpcRequest {
+    jsonrpc: "2.0";
+    method: string;
+    id: string | number;
+    params?: unknown;
+}
+/** JSON-RPC 2.0 Response */
+export interface JsonRpcResponse<T = unknown> {
+    jsonrpc: "2.0";
+    id: string | number;
+    result?: T;
+    error?: JsonRpcError;
+}
+/** JSON-RPC 2.0 Error */
+export interface JsonRpcError {
+    code: number;
+    message: string;
+    data?: unknown;
+}
+/** Parameters for tasks/send method */
+export interface TasksSendParams {
+    /** Optional existing task ID to continue */
+    taskId?: string;
+    /** Message to send */
+    message: A2AMessage;
+    /** Optional context ID for grouping tasks */
+    contextId?: string;
+}
+/** Parameters for tasks/get method */
+export interface TasksGetParams {
+    taskId: string;
+}
+/** Parameters for tasks/cancel method */
+export interface TasksCancelParams {
+    taskId: string;
+}
+/** Parameters for tasks/sendSubscribe method */
+export interface TasksSendSubscribeParams {
+    /** Optional existing task ID to continue */
+    taskId?: string;
+    /** Message to send */
+    message: A2AMessage;
+}
+/** SSE task update event */
+export interface TaskUpdateEvent {
+    taskId: string;
+    status: A2ATaskState;
+    updatedAt: string;
+    message?: A2AMessage;
+    artifacts?: A2AArtifact[];
+}

package/dist/types.d.ts

@@ -134,6 +134,7 @@ export interface WorkspaceSummary {
 }
 export interface SekuireClientConfig {
     registryUrl: string;
+    apiKey?: string;
     timeout?: number;
     retries?: number;
 }

package/dist/utils.d.ts

@@ -22,10 +22,6 @@ export declare function createSekuireClient(keyPair: KeyPair, registryUrl?: stri
  * Load keypair from environment variables
  */
 export declare function loadKeyPairFromEnv(): KeyPair;
-/**
- * Load keypair from files
- */
-export declare function loadKeyPairFromFiles(privateKeyPath: string, publicKeyPath?: string): Promise<KeyPair>;
 /**
  * Validate agent configuration
  */