@settlemint/dalp-cli 2.1.7-main.25573399350 → 2.1.7-main.25578066369

package/dist/dalp.js

@@ -64728,6 +64728,21 @@ var DAPI_ROUTE_ERROR_ENTRIES = [
       transports: ["orpc-rest", "orpc-rpc"]
     })
   },
+  {
+    code: "COMPLIANCE_TRANSACTION_REGISTER_FAILED",
+    definition: dapiError({
+      id: "DALP-0502",
+      category: "dependency",
+      status: 502,
+      message: "Compliance provider rejected transaction registration.",
+      why: "The provider transaction-registration call (Sumsub KYT) failed before DALP could persist the transaction-id mapping.",
+      fix: "Verify provider credentials and the submitted transaction fields, then retry transaction registration.",
+      retryable: false,
+      expectedClientError: false,
+      surfaces: ["orpc-v2-rest", "orpc-rpc"],
+      transports: ["orpc-rest", "orpc-rpc"]
+    })
+  },
   {
     code: "CONTACT_NOT_FOUND",
     definition: dapiError({
@@ -82482,8 +82497,21 @@ var contactsV2Contract = {
   upsert: upsert3,
   delete: del5
 };
-var ComplianceProviderKindSchema = exports_external2.enum(["sumsub", "elliptic"]);
+var ComplianceProviderKindSchema = exports_external2.enum([
+  "sumsub",
+  "sumsub-aml",
+  "sumsub-kyt",
+  "complyadvantage",
+  "elliptic",
+  "jumio",
+  "middesk",
+  "onfido",
+  "persona",
+  "trulioo",
+  "veriff"
+]);
 var ComplianceProviderStatusSchema = exports_external2.enum(["pending", "active", "paused", "revoked", "failed"]);
+var ComplianceProviderWebhookAuthModeSchema = exports_external2.enum(["hmac", "basic_auth_ip_allowlist"]);
 var ComplianceProviderLastActivitySchema = exports_external2.discriminatedUnion("kind", [
   exports_external2.object({
     kind: exports_external2.literal("verdict"),
@@ -82512,6 +82540,8 @@ var ComplianceProviderIntegrationSchema = exports_external2.object({
   statusExplanation: exports_external2.string(),
   issuerEoaAddress: ethereumAddress,
   webhookUrlToken: exports_external2.uuid(),
+  webhookAuthMode: ComplianceProviderWebhookAuthModeSchema,
+  webhookIpAllowlist: exports_external2.array(exports_external2.string()).nullable(),
   revocationSeverityThreshold: exports_external2.number().int().min(0).max(100),
   pendingSecretExpiresAt: exports_external2.date().nullable(),
   lastActivity: ComplianceProviderLastActivitySchema.nullable(),
@@ -82540,18 +82570,104 @@ var SumsubCredentialsSchema = exports_external2.object({
   appToken: exports_external2.string().min(1),
   secretKey: exports_external2.string().min(1)
 });
+var SumsubAmlCredentialsSchema = exports_external2.object({
+  apiToken: exports_external2.string().min(1),
+  secretKey: exports_external2.string().min(1),
+  webhookSigningSecret: exports_external2.string().min(1),
+  levelName: exports_external2.string().min(1)
+});
+var SumsubKytCredentialsSchema = exports_external2.object({
+  apiToken: exports_external2.string().min(1),
+  secretKey: exports_external2.string().min(1),
+  webhookSigningSecret: exports_external2.string().min(1),
+  levelName: exports_external2.string().min(1)
+});
 var EllipticCredentialsSchema = exports_external2.object({
   apiKey: exports_external2.string().min(1),
   apiSecret: exports_external2.string().min(1)
 });
+var ComplyAdvantageCredentialsSchema = exports_external2.object({
+  apiToken: exports_external2.string().min(1),
+  webhookSigningSecret: exports_external2.string().min(1),
+  meshClientId: exports_external2.string().min(1).optional(),
+  meshClientSecret: exports_external2.string().min(1).optional()
+});
+var JumioRegionSchema = exports_external2.enum(["amer-1", "eu-1", "sg-1"]);
+var JumioCredentialsSchema = exports_external2.object({
+  apiToken: exports_external2.string().min(1),
+  apiSecret: exports_external2.string().min(1),
+  region: JumioRegionSchema,
+  basicAuthCredentials: exports_external2.string().min(1)
+});
+var MiddeskCredentialsSchema = exports_external2.object({
+  apiKey: exports_external2.string().min(1),
+  webhookSigningSecret: exports_external2.string().min(1)
+});
+var OnfidoRegionSchema = exports_external2.enum(["us", "eu", "ca"]);
+var OnfidoCredentialsSchema = exports_external2.object({
+  apiToken: exports_external2.string().min(1),
+  webhookSigningSecret: exports_external2.string().min(1),
+  region: OnfidoRegionSchema.default("eu")
+});
+var PersonaCredentialsSchema = exports_external2.object({
+  apiToken: exports_external2.string().min(1),
+  webhookSigningSecret: exports_external2.string().min(1),
+  inquiryTemplateId: exports_external2.string().min(1).optional()
+});
+var TruliooCredentialsSchema = exports_external2.object({
+  apiKey: exports_external2.string().min(1),
+  apiSecret: exports_external2.string().min(1),
+  webhookSigningSecret: exports_external2.string().min(1)
+});
+var VeriffCredentialsSchema = exports_external2.object({
+  apiKey: exports_external2.string().min(1),
+  apiSecret: exports_external2.string().min(1),
+  webhookSigningSecret: exports_external2.string().min(1)
+});
 var ComplianceProviderCredentialsSchema = exports_external2.discriminatedUnion("providerKind", [
   exports_external2.object({
     providerKind: exports_external2.literal("sumsub"),
     credentials: SumsubCredentialsSchema
   }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("sumsub-aml"),
+    credentials: SumsubAmlCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("sumsub-kyt"),
+    credentials: SumsubKytCredentialsSchema
+  }),
   exports_external2.object({
     providerKind: exports_external2.literal("elliptic"),
     credentials: EllipticCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("complyadvantage"),
+    credentials: ComplyAdvantageCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("jumio"),
+    credentials: JumioCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("middesk"),
+    credentials: MiddeskCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("onfido"),
+    credentials: OnfidoCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("persona"),
+    credentials: PersonaCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("trulioo"),
+    credentials: TruliooCredentialsSchema
+  }),
+  exports_external2.object({
+    providerKind: exports_external2.literal("veriff"),
+    credentials: VeriffCredentialsSchema
   })
 ]);
 var ComplianceProviderValidateCredentialsInputSchema = ComplianceProviderCredentialsSchema;
@@ -82562,6 +82678,8 @@ var ComplianceProviderValidateCredentialsOutputSchema = createSingleResponse(exp
 var ComplianceProviderIntegrationCreateInputSchema = ComplianceProviderCredentialsSchema.and(exports_external2.object({
   topicName: claimTopicSchema(),
   webhookSigningSecret: exports_external2.string().min(1),
+  webhookAuthMode: ComplianceProviderWebhookAuthModeSchema.default("hmac"),
+  webhookIpAllowlist: exports_external2.array(exports_external2.string()).optional(),
   revocationSeverityThreshold: exports_external2.number().int().min(0).max(100).default(80)
 }));
 var ComplianceProviderIntegrationCreateOutputSchema = ComplianceProviderIntegrationReadOutputSchema;
@@ -82576,7 +82694,9 @@ var ComplianceProviderIntegrationRevokeOutputSchema = createSingleResponse(expor
 }));
 var ComplianceProviderIntegrationUpdatePolicyInputSchema = exports_external2.object({
   integrationId: exports_external2.uuid(),
-  revocationSeverityThreshold: exports_external2.number().int().min(0).max(100).optional()
+  revocationSeverityThreshold: exports_external2.number().int().min(0).max(100).optional(),
+  webhookAuthMode: ComplianceProviderWebhookAuthModeSchema.optional(),
+  webhookIpAllowlist: exports_external2.array(exports_external2.string()).nullable().optional()
 });
 var ComplianceProviderIntegrationRotateSecretInputSchema = exports_external2.object({
   integrationId: exports_external2.uuid(),
@@ -82619,15 +82739,49 @@ var ComplianceSubjectCreateApplicantResultSchema = exports_external2.object({
   redirectUrl: exports_external2.string().url().optional()
 });
 var ComplianceSubjectCreateApplicantOutputSchema = createSingleResponse(ComplianceSubjectCreateApplicantResultSchema);
+var ComplyAdvantageSubjectHintsSchema = exports_external2.object({
+  searchTerm: exports_external2.string().min(1),
+  clientRef: exports_external2.string().min(1).optional(),
+  entityType: exports_external2.enum(["person", "company"]).default("person"),
+  types: exports_external2.array(exports_external2.string().min(1)).default(["sanction", "warning"])
+});
 var ComplianceSubjectRegisterWalletInputSchema = exports_external2.object({
   integrationId: exports_external2.uuid(),
-  walletAddress: ethereumAddress
+  walletAddress: ethereumAddress.optional(),
+  identityAddress: ethereumAddress.optional(),
+  subjectHints: ComplyAdvantageSubjectHintsSchema.optional()
+}).superRefine((value22, ctx) => {
+  if (!value22.walletAddress && !(value22.identityAddress && value22.subjectHints)) {
+    ctx.addIssue({
+      code: exports_external2.ZodIssueCode.custom,
+      message: "Provide either walletAddress or identityAddress with subjectHints."
+    });
+  }
 });
 var ComplianceSubjectRegisterWalletResultSchema = exports_external2.object({
   externalId: exports_external2.string().min(1),
   identityAddress: ethereumAddress
 });
 var ComplianceSubjectRegisterWalletOutputSchema = createSingleResponse(ComplianceSubjectRegisterWalletResultSchema);
+var SumsubKytTransactionPartySchema = exports_external2.object({
+  address: ethereumAddress.optional()
+}).passthrough();
+var SumsubKytTransactionSchema = exports_external2.object({
+  applicantId: exports_external2.string().min(1).optional(),
+  info: SumsubKytTransactionPartySchema.optional(),
+  counterparty: SumsubKytTransactionPartySchema.optional()
+}).passthrough();
+var ComplianceSubjectRegisterTransactionInputSchema = exports_external2.object({
+  integrationId: exports_external2.uuid(),
+  kytDataTxnId: exports_external2.string().min(1),
+  txn: SumsubKytTransactionSchema
+});
+var ComplianceSubjectRegisterTransactionResultSchema = exports_external2.object({
+  kytDataTxnId: exports_external2.string().min(1),
+  kytTxnId: exports_external2.string().min(1),
+  identityAddress: ethereumAddress.optional()
+});
+var ComplianceSubjectRegisterTransactionOutputSchema = createSingleResponse(ComplianceSubjectRegisterTransactionResultSchema);
 var listIntegrations = v2Contract.route({
   method: "GET",
   path: "/compliance/integrations",
@@ -82740,6 +82894,13 @@ var registerWallet = v2Contract.route({
   successDescription: "Provider wallet subject registered and mapped.",
   tags: [V2_TAG.compliance]
 }).input(v2Input.body(ComplianceSubjectRegisterWalletInputSchema)).output(ComplianceSubjectRegisterWalletOutputSchema);
+var registerTransaction = v2Contract.route({
+  method: "POST",
+  path: "/compliance/subjects/transactions/register",
+  description: "Register a Sumsub KYT transaction and persist the transaction-level subject mapping.",
+  successDescription: "Sumsub KYT transaction registered and mapped.",
+  tags: [V2_TAG.compliance]
+}).input(v2Input.body(ComplianceSubjectRegisterTransactionInputSchema)).output(ComplianceSubjectRegisterTransactionOutputSchema);
 var complianceV2Contract = {
   integrations: {
     list: listIntegrations,
@@ -82759,7 +82920,10 @@ var complianceV2Contract = {
   },
   subjects: {
     createApplicant,
-    registerWallet
+    registerWallet,
+    transactions: {
+      register: registerTransaction
+    }
   }
 };
 var FX_PROVIDERS = ["er-api", "ECB", "manual"];
@@ -88586,7 +88750,7 @@ function normalizeDalpBaseUrl(url3) {
 }
 var package_default = {
   name: "@settlemint/dalp-sdk",
-  version: "2.1.7-main.25573399350",
+  version: "2.1.7-main.25578066369",
   private: false,
   description: "Fully typed SDK for the DALP tokenization platform API",
   homepage: "https://settlemint.com",
@@ -89145,7 +89309,7 @@ function trimConfigValue(name, value3) {
 // package.json
 var package_default2 = {
   name: "@settlemint/dalp-cli",
-  version: "2.1.7-main.25573399350",
+  version: "2.1.7-main.25578066369",
   private: false,
   description: "CLI for the Digital Asset Lifecycle Platform — manage tokens, identities, compliance, and more from the command line.",
   homepage: "https://settlemint.com",
@@ -89543,6 +89707,167 @@ assetTypeTemplatesCommand.command("delete", {
   }
 });
 
+// src/commands/compliance-providers.ts
+var integrationIdArg = exports_external.object({ integrationId: exports_external.string().describe("Compliance integration UUID") });
+function parseCliPayload(payload) {
+  return JSON.parse(payload);
+}
+var complianceProvidersCommand = exports_Cli.create("compliance-providers", {
+  description: "Compliance provider integration management",
+  vars: cliVars
+});
+complianceProvidersCommand.command("list", {
+  description: "List compliance provider integrations",
+  run(c) {
+    return c.var.orpc.compliance.integrations.list({ query: {} });
+  }
+});
+complianceProvidersCommand.command("read", {
+  description: "Read a compliance provider integration",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.read({ params: { integrationId: c.args.integrationId } });
+  }
+});
+complianceProvidersCommand.command("validate-credentials", {
+  description: "Validate provider credentials before creating an integration",
+  options: exports_external.object({
+    payload: exports_external.string().describe("JSON body matching ComplianceProviderCredentialsSchema")
+  }),
+  run(c) {
+    const body = parseCliPayload(c.options.payload);
+    return c.var.orpc.compliance.integrations.validateCredentials({ body });
+  }
+});
+complianceProvidersCommand.command("create", {
+  description: "Create a compliance provider integration",
+  options: exports_external.object({
+    payload: exports_external.string().describe("JSON body matching ComplianceProviderIntegrationCreateInputSchema")
+  }),
+  run(c) {
+    const body = parseCliPayload(c.options.payload);
+    return c.var.orpc.compliance.integrations.create({ body });
+  }
+});
+complianceProvidersCommand.command("update-policy", {
+  description: "Update revocation severity threshold for an integration",
+  options: exports_external.object({
+    integrationId: exports_external.string().describe("Compliance integration UUID"),
+    revocationSeverityThreshold: exports_external.coerce.number().describe("New threshold (0-100)")
+  }),
+  run(c) {
+    return c.var.orpc.compliance.integrations.updatePolicy({
+      params: { integrationId: c.options.integrationId },
+      body: { revocationSeverityThreshold: c.options.revocationSeverityThreshold }
+    });
+  }
+});
+complianceProvidersCommand.command("rotate-secret", {
+  description: "Begin webhook signing secret rotation",
+  args: integrationIdArg,
+  options: exports_external.object({ secret: exports_external.string().describe("New webhook signing secret") }),
+  run(c) {
+    return c.var.orpc.compliance.integrations.rotateSecret({
+      params: { integrationId: c.args.integrationId },
+      body: { webhookSigningSecret: c.options.secret }
+    });
+  }
+});
+complianceProvidersCommand.command("promote-secret", {
+  description: "Promote the pending webhook signing secret to active",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.promoteSecret({ params: { integrationId: c.args.integrationId } });
+  }
+});
+complianceProvidersCommand.command("cancel-secret-rotation", {
+  description: "Cancel pending webhook signing secret rotation",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.cancelSecretRotation({
+      params: { integrationId: c.args.integrationId }
+    });
+  }
+});
+complianceProvidersCommand.command("revoke", {
+  description: "Revoke a compliance provider integration",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.revoke({
+      params: { integrationId: c.args.integrationId },
+      body: {}
+    });
+  }
+});
+complianceProvidersCommand.command("retry-provisioning", {
+  description: "Retry a failed compliance integration provisioning",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.retryProvisioning({ params: { integrationId: c.args.integrationId } });
+  }
+});
+complianceProvidersCommand.command("pause", {
+  description: "Pause an active compliance provider integration",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.pause({ params: { integrationId: c.args.integrationId } });
+  }
+});
+complianceProvidersCommand.command("resume", {
+  description: "Resume a paused compliance provider integration",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.resume({ params: { integrationId: c.args.integrationId } });
+  }
+});
+complianceProvidersCommand.command("health", {
+  description: "Health-check stored credentials for an integration",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.health({ params: { integrationId: c.args.integrationId } });
+  }
+});
+complianceProvidersCommand.command("monitoring", {
+  description: "List monitoring alerts for an integration",
+  args: integrationIdArg,
+  run(c) {
+    return c.var.orpc.compliance.integrations.monitoring({
+      params: { integrationId: c.args.integrationId },
+      query: {}
+    });
+  }
+});
+complianceProvidersCommand.command("create-applicant", {
+  description: "Create a Surface-A provider applicant + persist the DALP subject mapping",
+  options: exports_external.object({
+    payload: exports_external.string().describe("JSON body matching ComplianceSubjectCreateApplicantInputSchema")
+  }),
+  run(c) {
+    const body = parseCliPayload(c.options.payload);
+    return c.var.orpc.compliance.subjects.createApplicant({ body });
+  }
+});
+complianceProvidersCommand.command("register-wallet", {
+  description: "Register a Surface-B wallet subject with a continuous-monitoring provider",
+  options: exports_external.object({
+    payload: exports_external.string().describe("JSON body matching ComplianceSubjectRegisterWalletInputSchema")
+  }),
+  run(c) {
+    const body = parseCliPayload(c.options.payload);
+    return c.var.orpc.compliance.subjects.registerWallet({ body });
+  }
+});
+complianceProvidersCommand.command("register-transaction", {
+  description: "Register a Sumsub-KYT transaction for monitoring",
+  options: exports_external.object({
+    payload: exports_external.string().describe("JSON body matching ComplianceSubjectRegisterTransactionInputSchema")
+  }),
+  run(c) {
+    const body = parseCliPayload(c.options.payload);
+    return c.var.orpc.compliance.subjects.transactions.register({ body });
+  }
+});
+
 // src/commands/compliance-templates.ts
 var complianceTemplatesCommand = exports_Cli.create("compliance-templates", {
   description: "Compliance template management",
@@ -93638,5 +93963,5 @@ Fix: Run 'dalp login' against the DALP instance you want to manage, then retry t
   c.set("orpc", createOrpcClient(credentials.apiUrl, credentials));
   return next();
 });
-cli.command(loginCommand).command(logoutCommand).command(configCommand).command(whoamiCommand).command(accountCommand).command(actionsCommand).command(adminCommand).command(tokensCommand).command(tokenSalesCommand).command(fixedYieldSchedulesCommand).command(xvpSettlementsCommand).command(contactsCommand).command(exchangeRatesCommand).command(externalTokensCommand).command(identitiesCommand).command(identityRecoveriesCommand).command(kycCommand).command(usersCommand).command(settingsCommand).command(assetTypeTemplatesCommand).command(complianceTemplatesCommand).command(monitoringCommand).command(systemCommand).command(blockchainTransactionsCommand).command(searchResultsCommand).command(authCommand);
+cli.command(loginCommand).command(logoutCommand).command(configCommand).command(whoamiCommand).command(accountCommand).command(actionsCommand).command(adminCommand).command(tokensCommand).command(tokenSalesCommand).command(fixedYieldSchedulesCommand).command(xvpSettlementsCommand).command(contactsCommand).command(exchangeRatesCommand).command(externalTokensCommand).command(identitiesCommand).command(identityRecoveriesCommand).command(kycCommand).command(usersCommand).command(settingsCommand).command(assetTypeTemplatesCommand).command(complianceTemplatesCommand).command(complianceProvidersCommand).command(monitoringCommand).command(systemCommand).command(blockchainTransactionsCommand).command(searchResultsCommand).command(authCommand);
 cli.serve();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@settlemint/dalp-cli",
-  "version": "2.1.7-main.25573399350",
+  "version": "2.1.7-main.25578066369",
   "private": false,
   "description": "CLI for the Digital Asset Lifecycle Platform — manage tokens, identities, compliance, and more from the command line.",
   "homepage": "https://settlemint.com",