@sequence0/sdk 1.2.0 → 2.0.1

package/dist/core/client.js

@@ -31,6 +31,8 @@ const http_1 = require("../utils/http");
 const websocket_1 = require("../utils/websocket");
 const discovery_1 = require("../utils/discovery");
 const fee_1 = require("../utils/fee");
+const settlement_1 = require("../settlement/settlement");
+const universal_account_1 = require("./universal-account");
 const errors_1 = require("../utils/errors");
 const eip712_1 = require("../utils/eip712");
 const validation_1 = require("../utils/validation");
@@ -63,14 +65,20 @@ const SEQUENCE_RPC = {
 };
 /** AgentRegistry contract addresses */
 const REGISTRY_ADDRESSES = {
-    testnet: '0xe00bc0ad2d623ea021c9299221125b4e5951cdab',
-    mainnet: '0x774d9a0dc937bfdc7636cbc6e0fc37f9a0809177',
+    testnet: '0xb2c218e154d4374e721eab6293af3eeeaa117400',
+    mainnet: '0xdefa5ab7ea6a87ac51628f4cde55bb4d49e62f50',
 };
 /** FeeCollector contract addresses */
 const FEE_COLLECTOR_ADDRESSES = {
-    testnet: '0x2a23644695fb62f6ab2dffdaf58fc1ce89f3bada',
-    mainnet: '0x1977f852aa0d16a59c4ea71b6cc72db02803395f',
+    testnet: '0xc017d0a5da9369003095325229de1e70f0e33a1c',
+    mainnet: '0xccd70007534c33b0ab3997d81207fea5e59ca54a',
 };
+/** ProgramRegistry contract selectors (SIGNET: Programmable Signing) */
+const PROGRAM_REGISTRY_DEPLOY_SELECTOR = '0x2e1a7d4d'; // deployProgram(bytes,string,uint256,uint256)
+const PROGRAM_REGISTRY_ATTACH_SELECTOR = '0x51cff8d9'; // attachProgram(string,bytes32)
+const PROGRAM_REGISTRY_DETACH_SELECTOR = '0x5e2c576e'; // detachProgram(string,bytes32)
+const PROGRAM_REGISTRY_GET_PROGRAMS_SELECTOR = '0x0e316ab7'; // getWalletPrograms(string)
+const PROGRAM_REGISTRY_GET_INFO_SELECTOR = '0x553eca1f'; // getProgramInfo(bytes32)
 /** Default chain RPC URLs */
 const CHAIN_RPCS = {
     testnet: {
@@ -178,6 +186,10 @@ class Sequence0 {
         this.ownerSigner = null;
         /** Owner's Ethereum address (derived from private key when provided) */
         this.ownerAddress = null;
+        /** Optional delegate signer for AEGIS delegated signing */
+        this.delegateSigner = null;
+        /** Delegation grant ID for delegated signing */
+        this.delegationId = null;
         const network = config.network || 'mainnet';
         this.config = {
             ...config,
@@ -200,6 +212,19 @@ class Sequence0 {
                 return sig.r + sig.s.slice(2) + v;
             };
         }
+        // Set up delegate signer for AEGIS delegated signing
+        if (config.delegatePrivateKey && config.delegationId) {
+            this.delegationId = config.delegationId;
+            const delegateKey = config.delegatePrivateKey.startsWith('0x')
+                ? config.delegatePrivateKey
+                : '0x' + config.delegatePrivateKey;
+            const delegateSigningKey = new ethers_1.SigningKey(delegateKey);
+            this.delegateSigner = async (messageHash) => {
+                const sig = delegateSigningKey.sign(messageHash);
+                const v = sig.v === 27 ? '1b' : '1c';
+                return sig.r + sig.s.slice(2) + v;
+            };
+        }
         const httpOpts = {
             timeout: config.timeout || 30000,
             maxRetries: config.maxRetries,
@@ -723,6 +748,392 @@ class Sequence0 {
         return this.feeManager.buildCollectFeeTx(walletId, agentAddresses);
     }
     // ────────────────────────────────────────────────
+    //  SIGNET: Programmable Signing (WASM Policies)
+    // ────────────────────────────────────────────────
+    /**
+     * Deploy a WASM signing policy program to the Sequence0 chain.
+     *
+     * The WASM bytecode is uploaded to the ProgramRegistry contract and
+     * assigned a unique programId (bytes32). Once deployed, the program
+     * can be attached to any wallet owned by the deployer.
+     *
+     * @param options - Program deployment options (bytecode, metadata, limits)
+     * @returns programId as a bytes32 hex string
+     *
+     * @throws {Sequence0Error} If no ownerSigner is configured
+     * @throws {NetworkError} If the deployment transaction fails
+     *
+     * @example
+     * ```typescript
+     * const programId = await s0.deployProgram({
+     *   bytecode: fs.readFileSync('spending-limit.wasm'),
+     *   metadataUri: 'ipfs://Qm.../metadata.json',
+     *   gasLimit: 5_000_000,
+     *   memoryLimit: 16,
+     * });
+     * console.log('Deployed program:', programId);
+     * ```
+     */
+    async deployProgram(options) {
+        if (!this.ownerSigner) {
+            throw new errors_1.Sequence0Error('ownerSigner or ownerPrivateKey is required to deploy programs. ' +
+                'Provide one in NetworkConfig.');
+        }
+        // Convert bytecode to hex string if ArrayBuffer
+        let bytecodeHex;
+        if (options.bytecode instanceof ArrayBuffer) {
+            const bytes = new Uint8Array(options.bytecode);
+            bytecodeHex = Array.from(bytes)
+                .map((b) => b.toString(16).padStart(2, '0'))
+                .join('');
+        }
+        else {
+            bytecodeHex = options.bytecode.startsWith('0x')
+                ? options.bytecode.slice(2)
+                : options.bytecode;
+        }
+        const metadataUri = options.metadataUri || '';
+        const gasLimit = options.gasLimit ?? 10000000;
+        const memoryLimit = options.memoryLimit ?? 16;
+        // Build ownership proof for the deployment
+        const proof = await this.signOwnershipProof('program-deploy', 'deploy');
+        if (!proof) {
+            throw new errors_1.Sequence0Error('Failed to generate ownership proof for program deployment');
+        }
+        return this.withFailover(async (http) => {
+            const response = await http.post('/programs/deploy', {
+                bytecode: bytecodeHex,
+                metadata_uri: metadataUri,
+                gas_limit: gasLimit,
+                memory_limit: memoryLimit,
+                owner_signature: proof.owner_signature,
+                timestamp: proof.timestamp,
+            });
+            if (!response || typeof response.program_id !== 'string') {
+                throw new errors_1.Sequence0Error('Invalid response from /programs/deploy: missing program_id');
+            }
+            return response.program_id;
+        });
+    }
+    /**
+     * Attach a WASM program to a wallet.
+     *
+     * Only the wallet owner can attach programs. Once attached, the program
+     * runs on every sign request for this wallet -- the agent evaluates it
+     * in a sandboxed WASM environment and rejects the request if the program
+     * returns "deny".
+     *
+     * @param walletId - The wallet to attach the program to
+     * @param programId - The program ID (bytes32 hex) from deployProgram()
+     *
+     * @throws {Sequence0Error} If no ownerSigner is configured
+     * @throws {NetworkError} If the attach transaction fails
+     *
+     * @example
+     * ```typescript
+     * await s0.attachProgram('my-wallet', programId);
+     * ```
+     */
+    async attachProgram(walletId, programId) {
+        (0, validation_1.validateWalletId)(walletId);
+        if (!programId || typeof programId !== 'string') {
+            throw new errors_1.Sequence0Error('programId must be a non-empty string');
+        }
+        const proof = await this.signOwnershipProof(walletId, 'attach-program');
+        if (!proof) {
+            throw new errors_1.Sequence0Error('ownerSigner or ownerPrivateKey is required to attach programs');
+        }
+        return this.withFailover(async (http) => {
+            await http.post('/programs/attach', {
+                wallet_id: walletId,
+                program_id: programId,
+                owner_signature: proof.owner_signature,
+                timestamp: proof.timestamp,
+            });
+        });
+    }
+    /**
+     * Detach a WASM program from a wallet.
+     *
+     * Only the wallet owner can detach programs. The program is no longer
+     * evaluated on sign requests for this wallet after detachment.
+     *
+     * @param walletId - The wallet to detach the program from
+     * @param programId - The program ID (bytes32 hex) to detach
+     *
+     * @throws {Sequence0Error} If no ownerSigner is configured
+     * @throws {NetworkError} If the detach transaction fails
+     *
+     * @example
+     * ```typescript
+     * await s0.detachProgram('my-wallet', programId);
+     * ```
+     */
+    async detachProgram(walletId, programId) {
+        (0, validation_1.validateWalletId)(walletId);
+        if (!programId || typeof programId !== 'string') {
+            throw new errors_1.Sequence0Error('programId must be a non-empty string');
+        }
+        const proof = await this.signOwnershipProof(walletId, 'detach-program');
+        if (!proof) {
+            throw new errors_1.Sequence0Error('ownerSigner or ownerPrivateKey is required to detach programs');
+        }
+        return this.withFailover(async (http) => {
+            await http.post('/programs/detach', {
+                wallet_id: walletId,
+                program_id: programId,
+                owner_signature: proof.owner_signature,
+                timestamp: proof.timestamp,
+            });
+        });
+    }
+    /**
+     * Get all WASM programs attached to a wallet.
+     *
+     * @param walletId - The wallet to query
+     * @returns Array of program info objects
+     *
+     * @throws {NetworkError} If the agent is unreachable
+     *
+     * @example
+     * ```typescript
+     * const programs = await s0.getWalletPrograms('my-wallet');
+     * for (const p of programs) {
+     *   console.log(`${p.programId}: active=${p.isActive}, gas=${p.gasLimit}`);
+     * }
+     * ```
+     */
+    async getWalletPrograms(walletId) {
+        (0, validation_1.validateWalletId)(walletId);
+        return this.withFailover(async (http) => {
+            const response = await http.get(`/programs/wallet/${walletId}`);
+            if (!response || !Array.isArray(response.programs)) {
+                return [];
+            }
+            return response.programs.map((p) => ({
+                programId: p.program_id,
+                deployer: p.deployer,
+                createdAt: p.created_at,
+                isActive: p.is_active,
+                metadataUri: p.metadata_uri,
+                gasLimit: p.gas_limit,
+                memoryLimit: p.memory_limit,
+            }));
+        });
+    }
+    // ────────────────────────────────────────────────
+    //  NEXUS: Atomic Cross-Chain Signing
+    // ────────────────────────────────────────────────
+    /**
+     * Sign multiple transactions across chains atomically (all-or-nothing).
+     *
+     * Submits a batch of signing operations to the agent network. The agents
+     * coordinate via a 2-phase commit protocol: either all operations produce
+     * valid signatures, or the entire batch is aborted and no signatures are
+     * released.
+     *
+     * This is essential for:
+     *   - Cross-chain arbitrage (buy on chain A, sell on chain B)
+     *   - Bridge transfers (lock on source, mint on destination)
+     *   - Multi-leg DeFi strategies
+     *
+     * @param options - Atomic signing options with operations array
+     * @returns Result with all signatures (if committed) or error (if aborted)
+     *
+     * @throws {Sequence0Error} If no ownerSigner is configured or operations are empty
+     * @throws {TimeoutError} If the atomic signing times out
+     *
+     * @example
+     * ```typescript
+     * const result = await s0.signAtomic({
+     *   operations: [
+     *     { walletId: 'eth-wallet', chain: 'ethereum', message: '0x...' },
+     *     { walletId: 'arb-wallet', chain: 'arbitrum', message: '0x...' },
+     *   ],
+     *   timeout: 60000,
+     * });
+     *
+     * if (result.status === 'committed') {
+     *   for (const [reqId, sig] of result.signatures) {
+     *     console.log(`${reqId}: ${sig}`);
+     *   }
+     * } else {
+     *   console.error('Atomic signing aborted:', result.error);
+     * }
+     * ```
+     */
+    async signAtomic(options) {
+        if (!options.operations || options.operations.length === 0) {
+            throw new errors_1.Sequence0Error('operations array must not be empty');
+        }
+        // Validate all operations
+        for (const op of options.operations) {
+            (0, validation_1.validateWalletId)(op.walletId);
+            (0, validation_1.validateChain)(op.chain);
+            (0, validation_1.validateHexMessage)(op.message);
+        }
+        const timeout = options.timeout ?? 60000;
+        const deadlineBlocks = options.deadlineBlocks ?? 50;
+        // Build ownership proofs for all unique wallet IDs in the batch
+        const uniqueWalletIds = [...new Set(options.operations.map((op) => op.walletId))];
+        const proofs = {};
+        for (const walletId of uniqueWalletIds) {
+            const proof = await this.signOwnershipProof(walletId, 'atomic-sign');
+            if (!proof) {
+                throw new errors_1.Sequence0Error('ownerSigner or ownerPrivateKey is required for atomic signing. ' +
+                    'Provide one in NetworkConfig.');
+            }
+            proofs[walletId] = proof;
+        }
+        // Build the request payload
+        const operationsPayload = options.operations.map((op) => ({
+            wallet_id: op.walletId,
+            chain: op.chain,
+            message: op.message,
+            owner_signature: proofs[op.walletId].owner_signature,
+            timestamp: proofs[op.walletId].timestamp,
+        }));
+        // Submit the atomic signing request
+        const submitResponse = await this.withFailover(async (http) => {
+            return http.post('/sign-atomic', {
+                operations: operationsPayload,
+                deadline_blocks: deadlineBlocks,
+            });
+        });
+        if (!submitResponse || typeof submitResponse.manifest_id !== 'string') {
+            throw new errors_1.Sequence0Error('Invalid response from /sign-atomic: missing manifest_id');
+        }
+        const manifestId = submitResponse.manifest_id;
+        // Poll for completion
+        const deadline = Date.now() + timeout;
+        while (Date.now() < deadline) {
+            const result = await this.withFailover(async (http) => {
+                return http.get(`/sign-atomic/${manifestId}`);
+            });
+            if (result.status === 'committed') {
+                const signatures = new Map();
+                if (result.signatures) {
+                    for (const [reqId, sig] of Object.entries(result.signatures)) {
+                        signatures.set(reqId, sig);
+                    }
+                }
+                return {
+                    manifestId,
+                    status: 'committed',
+                    signatures,
+                };
+            }
+            if (result.status === 'aborted') {
+                return {
+                    manifestId,
+                    status: 'aborted',
+                    signatures: new Map(),
+                    error: result.error || 'Atomic signing batch aborted by the agent network',
+                };
+            }
+            // Still pending -- wait and retry
+            await sleep(1000);
+        }
+        throw new errors_1.TimeoutError(`Atomic signing manifest ${manifestId} timed out after ${timeout}ms`);
+    }
+    // ────────────────────────────────────────────────
+    //  MERIDIAN: Settlement
+    // ────────────────────────────────────────────────
+    /**
+     * Get a SettlementClient for MERIDIAN Universal Settlement Network operations.
+     *
+     * The settlement client provides methods to submit payment intents,
+     * query cycle status, and retrieve settlement history. Intents are
+     * batched and netted off-chain, then settled atomically via NEXUS.
+     *
+     * @returns A SettlementClient instance bound to the current agent
+     *
+     * @example
+     * ```typescript
+     * const settlement = s0.getSettlementClient();
+     *
+     * const { intentHash, cycleId } = await settlement.submitIntent(
+     *   {
+     *     senderWalletId: 'alice-wallet',
+     *     recipientWalletId: 'bob-wallet',
+     *     chain: 'ethereum',
+     *     amount: '1000000000000000000',
+     *   },
+     *   ownerSignature,
+     *   timestamp,
+     * );
+     *
+     * const cycle = await settlement.getCurrentCycle();
+     * console.log(`Cycle ${cycle.cycleId}: ${cycle.status}`);
+     * ```
+     */
+    async getSettlementClient() {
+        const http = await this.getHttp();
+        return new settlement_1.SettlementClient(this.resolvedAgentUrl, http);
+    }
+    // ────────────────────────────────────────────────
+    //  KEYSTONE: Universal Account
+    // ────────────────────────────────────────────────
+    /**
+     * Get a UniversalAccountClient bound to a healthy agent.
+     *
+     * The client communicates directly with the agent's `/universal/*`
+     * endpoints for account creation, balance queries, and sends.
+     *
+     * @returns A UniversalAccountClient instance
+     *
+     * @example
+     * ```typescript
+     * const ua = await s0.getUniversalAccountClient();
+     *
+     * const balance = await ua.getUnifiedBalance('ua-abc123');
+     * console.log('Chains:', balance.totalChains);
+     *
+     * const route = await ua.previewRoute({
+     *   accountId: 'ua-abc123',
+     *   to: '0x...',
+     *   amount: '1.0',
+     *   token: 'ETH',
+     * });
+     * console.log(`Route: ${route.sourceChain} -> ${route.destinationChain}`);
+     * ```
+     */
+    async getUniversalAccountClient() {
+        await this.getHttp(); // Ensure agent URL is resolved
+        return new universal_account_1.UniversalAccountClient(this.resolvedAgentUrl);
+    }
+    /**
+     * Create a new universal account — one identity across all 81 chains.
+     *
+     * This is a convenience method that discovers a healthy agent,
+     * creates a UniversalAccountClient, and calls createAccount.
+     * For repeated operations, prefer `getUniversalAccountClient()`
+     * and reuse the client.
+     *
+     * @param options - Account creation options
+     * @returns The created account info with all chain addresses
+     *
+     * @example
+     * ```typescript
+     * const account = await s0.createUniversalAccount({
+     *   ownerSignature: '0x...',
+     *   timestamp: Date.now(),
+     * });
+     *
+     * console.log('Account ID:', account.accountId);
+     * console.log('Ethereum:', account.chainAddresses.ethereum.address);
+     * console.log('Bitcoin:', account.chainAddresses.bitcoin.address);
+     * console.log('Solana:', account.chainAddresses.solana.address);
+     * ```
+     *
+     * @throws {Sequence0Error} If the creation parameters are invalid
+     * @throws {NetworkError} If no healthy agent is available
+     */
+    async createUniversalAccount(options) {
+        const client = await this.getUniversalAccountClient();
+        return client.createAccount(options);
+    }
+    // ────────────────────────────────────────────────
     //  WebSocket Events
     // ────────────────────────────────────────────────
     /**
@@ -870,6 +1281,127 @@ class Sequence0 {
         const random = secureRandom().toString(36).slice(2, 8);
         return `s0-${timestamp}-${random}`;
     }
+    // ────────────────────────────────────────────────
+    //  AEGIS: Sovereign Agency Protocol — Delegation
+    // ────────────────────────────────────────────────
+    /**
+     * Create a delegation grant for a wallet (owner only).
+     */
+    async createDelegation(walletId, options) {
+        (0, validation_1.validateWalletId)(walletId);
+        const proof = await this.signOwnershipProof(walletId, 'delegate');
+        if (!proof) {
+            throw new errors_1.Sequence0Error('ownerSigner or ownerPrivateKey is required to create delegation grants');
+        }
+        return this.withFailover(async (http) => {
+            return http.post('/delegations', {
+                wallet_id: walletId,
+                delegate: options.to,
+                chains: options.chains,
+                wasm_policy_id: options.wasmPolicyId,
+                constraints: options.constraints,
+                valid_from: options.validFrom || new Date().toISOString(),
+                valid_until: options.validUntil,
+                sub_delegation: options.subDelegation ?? false,
+                max_sub_depth: options.maxSubDepth ?? 0,
+                activation: options.activation,
+                owner_signature: proof.owner_signature,
+                timestamp: proof.timestamp,
+            });
+        });
+    }
+    /**
+     * Create a sub-delegation from an existing delegation grant.
+     */
+    async createSubDelegation(walletId, options) {
+        (0, validation_1.validateWalletId)(walletId);
+        const signerKey = options.signerKey.startsWith('0x') ? options.signerKey : '0x' + options.signerKey;
+        const delegateSigningKey = new ethers_1.SigningKey(signerKey);
+        const timestamp = Math.floor(Date.now() / 1000);
+        const network = this.config.network;
+        const chainId = eip712_1.SEQUENCE0_CHAIN_IDS[network] || eip712_1.SEQUENCE0_CHAIN_IDS.mainnet;
+        const walletFactory = eip712_1.WALLET_FACTORY_ADDRESSES[network] || eip712_1.WALLET_FACTORY_ADDRESSES.mainnet;
+        const digest = (0, eip712_1.computeEip712Digest)(walletId, 'sub-delegate', timestamp, chainId, walletFactory);
+        const sig = delegateSigningKey.sign(digest);
+        const v = sig.v === 27 ? '1b' : '1c';
+        const delegateSignature = '0x' + sig.r.slice(2) + sig.s.slice(2) + v;
+        return this.withFailover(async (http) => {
+            return http.post('/delegations/sub', {
+                wallet_id: walletId,
+                parent_grant_id: options.parentGrantId,
+                delegate: options.to,
+                chains: options.chains,
+                constraints: options.constraints,
+                valid_from: options.validFrom || new Date().toISOString(),
+                valid_until: options.validUntil,
+                sub_delegation: options.subDelegation ?? false,
+                max_sub_depth: options.maxSubDepth ?? 0,
+                activation: options.activation,
+                delegate_signature: delegateSignature,
+                timestamp,
+            });
+        });
+    }
+    /**
+     * Revoke a delegation grant (cascading to all sub-grants).
+     */
+    async revokeDelegation(walletId, delegationId) {
+        (0, validation_1.validateWalletId)(walletId);
+        const proof = await this.signOwnershipProof(walletId, 'revoke');
+        if (!proof) {
+            throw new errors_1.Sequence0Error('ownerSigner or ownerPrivateKey is required to revoke delegation grants');
+        }
+        await this.withFailover(async (http) => {
+            return http.post(`/delegations/${delegationId}/revoke`, {
+                owner_signature: proof.owner_signature,
+                timestamp: proof.timestamp,
+            });
+        });
+    }
+    /**
+     * List all delegation grants for a wallet.
+     */
+    async listDelegations(walletId) {
+        (0, validation_1.validateWalletId)(walletId);
+        return this.withFailover(async (http) => {
+            const res = await http.get(`/delegations?wallet_id=${encodeURIComponent(walletId)}`);
+            return res.delegations;
+        });
+    }
+    /**
+     * Get the delegation tree for a wallet.
+     */
+    async getDelegationTree(walletId) {
+        (0, validation_1.validateWalletId)(walletId);
+        return this.withFailover(async (http) => {
+            return http.get(`/delegations/tree?wallet_id=${encodeURIComponent(walletId)}`);
+        });
+    }
+    /**
+     * Send heartbeat for dead-man's switch delegation grants.
+     */
+    async heartbeat(walletId) {
+        (0, validation_1.validateWalletId)(walletId);
+        const proof = await this.signOwnershipProof(walletId, 'heartbeat');
+        if (!proof) {
+            throw new errors_1.Sequence0Error('ownerSigner or ownerPrivateKey is required for heartbeat');
+        }
+        await this.withFailover(async (http) => {
+            return http.post(`/delegations/heartbeat`, {
+                wallet_id: walletId,
+                owner_signature: proof.owner_signature,
+                timestamp: proof.timestamp,
+            });
+        });
+    }
+    /**
+     * Check remaining authority status of a delegation.
+     */
+    async checkAuthority(delegationId) {
+        return this.withFailover(async (http) => {
+            return http.get(`/delegations/${delegationId}/status`);
+        });
+    }
 }
 exports.Sequence0 = Sequence0;
 function sleep(ms) {