@settlemint/dalp-cli 2.1.7-main.25523277805 → 2.1.7-main.25539666483

package/dist/dalp.js

@@ -64508,6 +64508,226 @@ var DAPI_ROUTE_ERROR_ENTRIES = [
       expectedClientError: true
     })
   },
+  {
+    code: "COMPLIANCE_SIGNATURE_INVALID",
+    definition: dapiError({
+      id: "DALP-0488",
+      category: "auth",
+      status: 401,
+      message: "Webhook authentication failed.",
+      why: "The compliance webhook signature or URL token could not be verified against the integration credentials.",
+      fix: "Verify the provider webhook URL and signing secret configuration, then send a freshly signed event.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["unknown-hono"],
+      transports: ["hono"]
+    })
+  },
+  {
+    code: "COMPLIANCE_REPLAY_WINDOW_EXCEEDED",
+    definition: dapiError({
+      id: "DALP-0489",
+      category: "client",
+      status: 400,
+      message: "Webhook timestamp is outside the accepted replay window.",
+      why: "The compliance webhook timestamp was more than five minutes away from the server clock.",
+      fix: "Send a fresh provider event with a current timestamp and verify clock synchronization for the provider integration.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["unknown-hono"],
+      transports: ["hono"]
+    })
+  },
+  {
+    code: "COMPLIANCE_SUBJECT_MAPPING_MISSING",
+    definition: dapiError({
+      id: "DALP-0490",
+      category: "domain",
+      status: 404,
+      message: "Compliance subject mapping was not found.",
+      why: "A compliance webhook referenced an external subject ID that has not been mapped to a DALP identity or wallet.",
+      fix: "Create the subject through DALP before accepting provider webhooks for that external ID, or reconcile the event from the audit log.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["unknown-hono", "dependency-restate"],
+      transports: ["hono", "background"],
+      authSensitivity: {
+        existenceDisclosure: "conceal",
+        rationale: "Subject mappings are tenant scoped; unknown and unauthorized subjects must not reveal tenant membership."
+      }
+    })
+  },
+  {
+    code: "COMPLIANCE_INTEGRATION_PAUSED",
+    definition: dapiError({
+      id: "DALP-0491",
+      category: "domain",
+      status: 404,
+      message: "Compliance integration is not accepting webhook events.",
+      why: "The webhook target is not currently available for compliance event intake.",
+      fix: "Verify the integration configuration and resume the integration before sending more provider events.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["unknown-hono"],
+      transports: ["hono"],
+      authSensitivity: {
+        existenceDisclosure: "conceal",
+        rationale: "Unknown integration IDs intentionally return this same public shape to avoid a tenant integration existence oracle."
+      }
+    })
+  },
+  {
+    code: "COMPLIANCE_INTEGRATION_FAILED",
+    definition: dapiError({
+      id: "DALP-0492",
+      category: "domain",
+      status: 409,
+      message: "Compliance integration is in a failed state.",
+      why: "The compliance integration failed provisioning or health checks and cannot process provider events.",
+      fix: "Repair or reprovision the integration before retrying webhook processing.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["unknown-hono", "orpc-v2-rest", "orpc-rpc"],
+      transports: ["hono", "orpc-rest", "orpc-rpc"]
+    })
+  },
+  {
+    code: "COMPLIANCE_UNMAPPED_EVENT",
+    definition: dapiError({
+      id: "DALP-0493",
+      category: "domain",
+      status: 422,
+      message: "Compliance provider event could not be mapped.",
+      why: "The provider payload did not match a supported ClaimSource verdict or monitoring-alert shape and was persisted for audit.",
+      fix: "Review the provider event type and update the adapter mapping before replaying the event.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["unknown-hono", "dependency-restate"],
+      transports: ["hono", "background"]
+    })
+  },
+  {
+    code: "COMPLIANCE_OUT_OF_ORDER_EVENT",
+    definition: dapiError({
+      id: "DALP-0494",
+      category: "domain",
+      status: 409,
+      message: "Compliance provider event is older than the current subject state.",
+      why: "The event timestamp or sequence is behind the last applied event for the same integration, subject, and topic.",
+      fix: "Do not replay stale provider events; inspect the audit event if the provider's ordering guarantees appear broken.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["dependency-restate"],
+      transports: ["background"]
+    })
+  },
+  {
+    code: "COMPLIANCE_PROVIDER_HEALTH_CHECK_FAILED",
+    definition: dapiError({
+      id: "DALP-0495",
+      category: "dependency",
+      status: 503,
+      message: "Compliance provider health check failed.",
+      why: "DAPI could not reach the provider health endpoint or the provider returned an unhealthy response.",
+      fix: "Retry after a short backoff; if the failure persists, verify provider availability and the integration credentials.",
+      retryable: true,
+      expectedClientError: false,
+      surfaces: ["orpc-v2-rest", "orpc-rpc"],
+      transports: ["orpc-rest", "orpc-rpc"]
+    })
+  },
+  {
+    code: "COMPLIANCE_APPLICANT_CREATE_FAILED",
+    definition: dapiError({
+      id: "DALP-0496",
+      category: "dependency",
+      status: 502,
+      message: "Compliance provider rejected applicant creation.",
+      why: "The provider applicant or monitored-subject creation call failed before DALP could persist the subject mapping.",
+      fix: "Verify provider credentials and the submitted subject fields, then retry applicant creation.",
+      retryable: false,
+      expectedClientError: false,
+      surfaces: ["orpc-v2-rest", "orpc-rpc", "dependency-restate"],
+      transports: ["orpc-rest", "orpc-rpc", "background"]
+    })
+  },
+  {
+    code: "COMPLIANCE_TIR_REGISTRATION_FAILED",
+    definition: dapiError({
+      id: "DALP-0497",
+      category: "contract",
+      status: 502,
+      message: "Compliance trusted-issuer registration failed.",
+      why: "The tenant trusted issuer registry rejected the provider issuer EOA registration transaction.",
+      fix: "Verify the provider issuer address, claim topic, tenant registry address, and transaction trace before retrying provisioning.",
+      retryable: false,
+      expectedClientError: false,
+      surfaces: ["dependency-restate"],
+      transports: ["background"]
+    })
+  },
+  {
+    code: "COMPLIANCE_TOPIC_MISMATCH",
+    definition: dapiError({
+      id: "DALP-0498",
+      category: "domain",
+      status: 400,
+      message: "Compliance provider event topic does not match the integration.",
+      why: "The webhook payload declared a claim topic different from the single topic configured for the integration.",
+      fix: "Send the event to an integration configured for that topic, or correct the provider adapter topic mapping.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["unknown-hono", "dependency-restate"],
+      transports: ["hono", "background"]
+    })
+  },
+  {
+    code: "COMPLIANCE_WALLET_NOT_REGISTERED",
+    definition: dapiError({
+      id: "DALP-0499",
+      category: "domain",
+      status: 404,
+      message: "Wallet does not have an associated OnchainID identity.",
+      why: "A wallet-subject compliance provider event referenced a wallet that DALP could not resolve to an OnchainID identity.",
+      fix: "Register the wallet to an OnchainID identity before creating or replaying the compliance subject mapping.",
+      retryable: false,
+      expectedClientError: true,
+      authSensitivity: {
+        existenceDisclosure: "conceal",
+        rationale: "Wallet-to-identity mappings are tenant scoped and must not reveal whether another tenant has registered the wallet."
+      }
+    })
+  },
+  {
+    code: "COMPLIANCE_SECRET_ROTATION_GRACE_EXPIRED",
+    definition: dapiError({
+      id: "DALP-0500",
+      category: "domain",
+      status: 410,
+      message: "Compliance webhook signing secret rotation grace period expired.",
+      why: "The pending webhook signing secret expired before it was promoted to the active secret.",
+      fix: "Start a new secret rotation and update the provider dashboard with the active webhook signing secret.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["orpc-v2-rest", "orpc-rpc", "unknown-hono"],
+      transports: ["orpc-rest", "orpc-rpc", "hono"]
+    })
+  },
+  {
+    code: "COMPLIANCE_INVALID_STATE_TRANSITION",
+    definition: dapiError({
+      id: "DALP-0501",
+      category: "client",
+      status: 409,
+      message: "Compliance integration cannot transition to the requested state.",
+      why: "The integration is not in a state that permits the requested action (for example, resume requires paused; revoke is terminal).",
+      fix: "Refresh the integration and choose an action that matches its current state.",
+      retryable: false,
+      expectedClientError: true,
+      surfaces: ["orpc-v2-rest", "orpc-rpc"],
+      transports: ["orpc-rest", "orpc-rpc"]
+    })
+  },
   {
     code: "CONTACT_NOT_FOUND",
     definition: dapiError({
@@ -82223,6 +82443,286 @@ var contactsV2Contract = {
   upsert: upsert3,
   delete: del5
 };
+var ComplianceProviderKindSchema = exports_external2.enum(["sumsub", "elliptic"]);
+var ComplianceProviderStatusSchema = exports_external2.enum(["pending", "active", "paused", "revoked", "failed"]);
+var ComplianceProviderLastActivitySchema = exports_external2.discriminatedUnion("kind", [
+  exports_external2.object({
+    kind: exports_external2.literal("verdict"),
+    state: exports_external2.enum(["approved", "rejected", "under_review", "action_required"]).nullable(),
+    outcome: exports_external2.string().nullable(),
+    at: exports_external2.date()
+  }),
+  exports_external2.object({
+    kind: exports_external2.literal("alert"),
+    severity: exports_external2.number().int().min(0).max(100).nullable(),
+    outcome: exports_external2.string().nullable(),
+    at: exports_external2.date()
+  })
+]);
+var ComplianceProviderHealthSchema = exports_external2.object({
+  status: exports_external2.enum(["healthy", "degraded", "unknown"]),
+  checkedAt: exports_external2.date().nullable(),
+  message: exports_external2.string().nullable()
+});
+var ComplianceProviderIntegrationSchema = exports_external2.object({
+  id: exports_external2.uuid(),
+  providerKind: ComplianceProviderKindSchema,
+  topicName: claimTopicSchema(),
+  topicId: exports_external2.string().regex(/^\d+$/),
+  status: ComplianceProviderStatusSchema,
+  statusExplanation: exports_external2.string(),
+  issuerEoaAddress: ethereumAddress,
+  webhookUrlToken: exports_external2.uuid(),
+  revocationSeverityThreshold: exports_external2.number().int().min(0).max(100),
+  pendingSecretExpiresAt: exports_external2.date().nullable(),
+  lastActivity: ComplianceProviderLastActivitySchema.nullable(),
+  lastHealthCheck: ComplianceProviderHealthSchema.nullable(),
+  createdAt: exports_external2.date(),
+  updatedAt: exports_external2.date()
+});
+var COMPLIANCE_PROVIDER_INTEGRATION_COLLECTION_FIELDS = {
+  providerKind: enumField(ComplianceProviderKindSchema.options, { defaultOperator: "eq" }),
+  topicName: textField({ defaultOperator: "iLike" }),
+  status: enumField(ComplianceProviderStatusSchema.options, { defaultOperator: "eq", facetable: true }),
+  revocationSeverityThreshold: numberField(),
+  createdAt: dateField(),
+  updatedAt: dateField()
+};
+var ComplianceProviderIntegrationsListInputSchema = createCollectionInputSchema(COMPLIANCE_PROVIDER_INTEGRATION_COLLECTION_FIELDS, {
+  defaultSort: "-updatedAt",
+  globalSearch: true
+});
+var ComplianceProviderIntegrationsListOutputSchema = createPaginatedResponse(ComplianceProviderIntegrationSchema);
+var ComplianceProviderIntegrationReadInputSchema = exports_external2.object({
+  integrationId: exports_external2.uuid()
+});
+var ComplianceProviderIntegrationReadOutputSchema = createSingleResponse(ComplianceProviderIntegrationSchema);
+var SumsubCredentialsSchema = exports_external2.object({
+  appToken: exports_external2.string().min(1),
+  secretKey: exports_external2.string().min(1)
+});
+var EllipticCredentialsSchema = exports_external2.object({
+  apiKey: exports_external2.string().min(1),
+  apiSecret: exports_external2.string().min(1)
+});
+var ComplianceProviderCredentialsSchema = exports_external2.discriminatedUnion("providerKind", [
+  exports_external2.object({
+    providerKind: exports_external2.literal("sumsub"),
+    credentials: SumsubCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("elliptic"),
+    credentials: EllipticCredentialsSchema
+  })
+]);
+var ComplianceProviderValidateCredentialsInputSchema = ComplianceProviderCredentialsSchema;
+var ComplianceProviderValidateCredentialsOutputSchema = createSingleResponse(exports_external2.object({
+  valid: exports_external2.boolean(),
+  providerMessage: exports_external2.string().nullable()
+}));
+var ComplianceProviderIntegrationCreateInputSchema = ComplianceProviderCredentialsSchema.and(exports_external2.object({
+  topicName: claimTopicSchema(),
+  webhookSigningSecret: exports_external2.string().min(1),
+  revocationSeverityThreshold: exports_external2.number().int().min(0).max(100).default(80)
+}));
+var ComplianceProviderIntegrationCreateOutputSchema = ComplianceProviderIntegrationReadOutputSchema;
+var ComplianceProviderIntegrationStatusActionInputSchema = exports_external2.object({
+  integrationId: exports_external2.uuid()
+});
+var ComplianceProviderIntegrationRevokeInputSchema = exports_external2.object({
+  integrationId: exports_external2.uuid()
+});
+var ComplianceProviderIntegrationRevokeOutputSchema = createSingleResponse(exports_external2.object({
+  integration: ComplianceProviderIntegrationSchema
+}));
+var ComplianceProviderIntegrationUpdatePolicyInputSchema = exports_external2.object({
+  integrationId: exports_external2.uuid(),
+  revocationSeverityThreshold: exports_external2.number().int().min(0).max(100).optional()
+});
+var ComplianceProviderIntegrationRotateSecretInputSchema = exports_external2.object({
+  integrationId: exports_external2.uuid(),
+  webhookSigningSecret: exports_external2.string().min(1),
+  graceWindowMinutes: exports_external2.number().int().min(1).max(24 * 60).default(15)
+});
+var ComplianceProviderIntegrationMonitoringAlertSchema = exports_external2.object({
+  id: exports_external2.uuid(),
+  providerEventId: exports_external2.string(),
+  subjectAddress: ethereumAddress.nullable(),
+  topicName: exports_external2.string().nullable(),
+  severity: exports_external2.number().int().min(0).max(100).nullable(),
+  outcome: exports_external2.string(),
+  rawPayload: exports_external2.record(exports_external2.string(), exports_external2.unknown()),
+  processedAt: exports_external2.date().nullable(),
+  createdAt: exports_external2.date()
+});
+var COMPLIANCE_PROVIDER_MONITORING_COLLECTION_FIELDS = {
+  providerEventId: textField({ defaultOperator: "iLike" }),
+  subjectAddress: textField({ defaultOperator: "iLike" }),
+  severity: numberField(),
+  outcome: textField({ defaultOperator: "eq" }),
+  createdAt: dateField()
+};
+var ComplianceProviderMonitoringListInputSchema = createCollectionInputSchema(COMPLIANCE_PROVIDER_MONITORING_COLLECTION_FIELDS, {
+  defaultSort: "-createdAt",
+  globalSearch: true
+});
+var ComplianceProviderMonitoringListOutputSchema = createPaginatedResponse(ComplianceProviderIntegrationMonitoringAlertSchema);
+var ComplianceSubjectCreateApplicantInputSchema = exports_external2.object({
+  integrationId: exports_external2.uuid(),
+  identityAddress: ethereumAddress,
+  applicantHints: exports_external2.object({
+    externalUserId: exports_external2.string().min(1).optional(),
+    level: exports_external2.string().min(1).optional()
+  }).passthrough().optional()
+});
+var ComplianceSubjectCreateApplicantResultSchema = exports_external2.object({
+  externalId: exports_external2.string().min(1),
+  redirectUrl: exports_external2.string().url().optional()
+});
+var ComplianceSubjectCreateApplicantOutputSchema = createSingleResponse(ComplianceSubjectCreateApplicantResultSchema);
+var ComplianceSubjectRegisterWalletInputSchema = exports_external2.object({
+  integrationId: exports_external2.uuid(),
+  walletAddress: ethereumAddress
+});
+var ComplianceSubjectRegisterWalletResultSchema = exports_external2.object({
+  externalId: exports_external2.string().min(1),
+  identityAddress: ethereumAddress
+});
+var ComplianceSubjectRegisterWalletOutputSchema = createSingleResponse(ComplianceSubjectRegisterWalletResultSchema);
+var listIntegrations = v2Contract.route({
+  method: "GET",
+  path: "/compliance/integrations",
+  description: "List tenant compliance provider integrations with monitoring activity.",
+  successDescription: "Paginated compliance provider integrations.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.query(ComplianceProviderIntegrationsListInputSchema)).output(ComplianceProviderIntegrationsListOutputSchema);
+var createIntegration = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations",
+  description: "Create and provision a tenant compliance provider integration.",
+  successDescription: "Compliance provider integration provisioned.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.body(ComplianceProviderIntegrationCreateInputSchema)).output(ComplianceProviderIntegrationCreateOutputSchema);
+var readIntegration = v2Contract.route({
+  method: "GET",
+  path: "/compliance/integrations/{integrationId}",
+  description: "Read a tenant compliance provider integration.",
+  successDescription: "Compliance provider integration retrieved.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.params(ComplianceProviderIntegrationReadInputSchema)).output(ComplianceProviderIntegrationReadOutputSchema);
+var validateCredentials = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations/validate-credentials",
+  description: "Validate write-only compliance provider credentials before provisioning starts.",
+  successDescription: "Credential validation result returned.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.body(ComplianceProviderValidateCredentialsInputSchema)).output(ComplianceProviderValidateCredentialsOutputSchema);
+var pauseIntegration = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations/{integrationId}/pause",
+  description: "Pause a compliance provider integration.",
+  successDescription: "Compliance provider integration paused.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.params(ComplianceProviderIntegrationStatusActionInputSchema)).output(ComplianceProviderIntegrationReadOutputSchema);
+var resumeIntegration = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations/{integrationId}/resume",
+  description: "Resume a paused compliance provider integration.",
+  successDescription: "Compliance provider integration resumed.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.params(ComplianceProviderIntegrationStatusActionInputSchema)).output(ComplianceProviderIntegrationReadOutputSchema);
+var retryProvisioning = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations/{integrationId}/retry-provisioning",
+  description: "Retry idempotent provisioning for a failed compliance provider integration.",
+  successDescription: "Compliance provider provisioning retried.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.params(ComplianceProviderIntegrationStatusActionInputSchema)).output(ComplianceProviderIntegrationReadOutputSchema);
+var revokeIntegration = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations/{integrationId}/revoke",
+  description: "Revoke a compliance provider integration, optionally revoking previously-issued claims.",
+  successDescription: "Compliance provider integration revoked.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.paramsBody(ComplianceProviderIntegrationReadInputSchema, ComplianceProviderIntegrationRevokeInputSchema.omit({ integrationId: true }))).output(ComplianceProviderIntegrationRevokeOutputSchema);
+var updatePolicy = v2Contract.route({
+  method: "PATCH",
+  path: "/compliance/integrations/{integrationId}/policy",
+  description: "Update the revocation severity threshold for a compliance provider integration.",
+  successDescription: "Compliance provider integration policy updated.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.paramsBody(ComplianceProviderIntegrationReadInputSchema, ComplianceProviderIntegrationUpdatePolicyInputSchema.omit({ integrationId: true }))).output(ComplianceProviderIntegrationReadOutputSchema);
+var rotateSecret = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations/{integrationId}/rotate-secret",
+  description: "Stage a pending webhook signing secret with a bounded dual-secret grace window.",
+  successDescription: "Webhook signing secret rotation staged.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.paramsBody(ComplianceProviderIntegrationReadInputSchema, ComplianceProviderIntegrationRotateSecretInputSchema.omit({ integrationId: true }))).output(ComplianceProviderIntegrationReadOutputSchema);
+var promoteSecret = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations/{integrationId}/promote-secret",
+  description: "Promote a pending webhook signing secret immediately.",
+  successDescription: "Pending webhook signing secret promoted.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.params(ComplianceProviderIntegrationReadInputSchema)).output(ComplianceProviderIntegrationReadOutputSchema);
+var cancelSecretRotation = v2Contract.route({
+  method: "POST",
+  path: "/compliance/integrations/{integrationId}/cancel-secret-rotation",
+  description: "Discard a pending webhook signing secret before the grace window ends.",
+  successDescription: "Pending webhook signing secret discarded.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.params(ComplianceProviderIntegrationReadInputSchema)).output(ComplianceProviderIntegrationReadOutputSchema);
+var health = v2Contract.route({
+  method: "GET",
+  path: "/compliance/integrations/{integrationId}/health",
+  description: "Check stored credential/secret references for a compliance provider integration.",
+  successDescription: "Compliance provider integration health returned.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.params(ComplianceProviderIntegrationReadInputSchema)).output(ComplianceProviderIntegrationReadOutputSchema);
+var listMonitoring = v2Contract.route({
+  method: "GET",
+  path: "/compliance/integrations/{integrationId}/monitoring",
+  description: "List monitoring alerts for a compliance provider integration.",
+  successDescription: "Paginated monitoring alert history.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.paramsQuery(ComplianceProviderIntegrationReadInputSchema, ComplianceProviderMonitoringListInputSchema)).output(ComplianceProviderMonitoringListOutputSchema);
+var createApplicant = v2Contract.route({
+  method: "POST",
+  path: "/compliance/subjects/create-applicant",
+  description: "Create a provider applicant for a compliance integration and persist the DALP subject mapping.",
+  successDescription: "Provider applicant created and mapped.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.body(ComplianceSubjectCreateApplicantInputSchema)).output(ComplianceSubjectCreateApplicantOutputSchema);
+var registerWallet = v2Contract.route({
+  method: "POST",
+  path: "/compliance/subjects/register-wallet",
+  description: "Register a wallet with a monitoring provider and persist the wallet-to-identity subject mapping.",
+  successDescription: "Provider wallet subject registered and mapped.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.body(ComplianceSubjectRegisterWalletInputSchema)).output(ComplianceSubjectRegisterWalletOutputSchema);
+var complianceV2Contract = {
+  integrations: {
+    list: listIntegrations,
+    create: createIntegration,
+    read: readIntegration,
+    validateCredentials,
+    pause: pauseIntegration,
+    resume: resumeIntegration,
+    retryProvisioning,
+    revoke: revokeIntegration,
+    updatePolicy,
+    rotateSecret,
+    promoteSecret,
+    cancelSecretRotation,
+    health,
+    monitoring: listMonitoring
+  },
+  subjects: {
+    createApplicant,
+    registerWallet
+  }
+};
 var FX_PROVIDERS = ["er-api", "ECB", "manual"];
 var ExchangeRateHistoryV2ItemSchema = exports_external2.object({
   baseCurrency: fiatCurrency().meta({
@@ -87834,6 +88334,7 @@ var v2Contract2 = {
   },
   organization: organizationV2Contract,
   contacts: contactsV2Contract,
+  compliance: complianceV2Contract,
   exchangeRates: exchangeRatesV2Contract,
   externalToken: externalTokenV2Contract,
   identityRecovery: identityRecoveryV2Contract,
@@ -88046,7 +88547,7 @@ function normalizeDalpBaseUrl(url3) {
 }
 var package_default = {
   name: "@settlemint/dalp-sdk",
-  version: "2.1.7-main.25523277805",
+  version: "2.1.7-main.25539666483",
   private: false,
   description: "Fully typed SDK for the DALP tokenization platform API",
   homepage: "https://settlemint.com",
@@ -88605,7 +89106,7 @@ function trimConfigValue(name, value3) {
 // package.json
 var package_default2 = {
   name: "@settlemint/dalp-cli",
-  version: "2.1.7-main.25523277805",
+  version: "2.1.7-main.25539666483",
   private: false,
   description: "CLI for the Digital Asset Lifecycle Platform — manage tokens, identities, compliance, and more from the command line.",
   homepage: "https://settlemint.com",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@settlemint/dalp-cli",
-  "version": "2.1.7-main.25523277805",
+  "version": "2.1.7-main.25539666483",
   "private": false,
   "description": "CLI for the Digital Asset Lifecycle Platform — manage tokens, identities, compliance, and more from the command line.",
   "homepage": "https://settlemint.com",