npm - @sip-protocol/sdk - Versions diffs - 0.7.2 → 0.7.4 - Mend

@sip-protocol/sdk 0.7.2 → 0.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (262) hide show

package/LICENSE +21 -0
package/README.md +267 -0
package/dist/{TransportWebUSB-TQ7WZ4LE.mjs → TransportWebUSB-YQMAGJAJ.mjs} +12 -9
package/dist/browser.d.mts +10 -4
package/dist/browser.d.ts +10 -4
package/dist/browser.js +48874 -18336
package/dist/browser.mjs +674 -48
package/dist/chunk-4GRJ5MAW.mjs +152 -0
package/dist/chunk-5D7A3L3W.mjs +717 -0
package/dist/chunk-64AYA5F5.mjs +7834 -0
package/dist/chunk-GMDGB22A.mjs +379 -0
package/dist/chunk-I534WKN7.mjs +328 -0
package/dist/chunk-IBZVA5Y7.mjs +1003 -0
package/dist/chunk-PRRZAWJE.mjs +223 -0
package/dist/{chunk-UJCSKKID.mjs → chunk-XGB3TDIC.mjs} +13 -1
package/dist/chunk-YWGJ77A2.mjs +33806 -0
package/dist/{chunk-6WGN57S2.mjs → chunk-Z3K7W5S3.mjs} +48 -0
package/dist/constants-LHAAUC2T.mjs +51 -0
package/dist/dist-2OGQ7FED.mjs +3957 -0
package/dist/dist-IFHPYLDX.mjs +254 -0
package/dist/fulfillment_proof-ANHVPKTB.mjs +21 -0
package/dist/funding_proof-ICFZ5LHY.mjs +21 -0
package/dist/index-DXh2IGkz.d.ts +24681 -0
package/dist/index-DeE1ZzA4.d.mts +24681 -0
package/dist/index.d.mts +9 -3
package/dist/index.d.ts +9 -3
package/dist/index.js +48676 -17318
package/dist/index.mjs +583 -19
package/dist/interface-Bf7w1PLW.d.mts +679 -0
package/dist/interface-Bf7w1PLW.d.ts +679 -0
package/dist/{noir-DKfEzWy9.d.mts → noir-kzbLVTei.d.mts} +31 -21
package/dist/{noir-DKfEzWy9.d.ts → noir-kzbLVTei.d.ts} +31 -21
package/dist/proofs/halo2.d.mts +151 -0
package/dist/proofs/halo2.d.ts +151 -0
package/dist/proofs/halo2.js +350 -0
package/dist/proofs/halo2.mjs +11 -0
package/dist/proofs/kimchi.d.mts +160 -0
package/dist/proofs/kimchi.d.ts +160 -0
package/dist/proofs/kimchi.js +431 -0
package/dist/proofs/kimchi.mjs +13 -0
package/dist/proofs/noir.d.mts +1 -1
package/dist/proofs/noir.d.ts +1 -1
package/dist/proofs/noir.js +74 -18
package/dist/proofs/noir.mjs +84 -24
package/dist/solana-U3MEGU7W.mjs +280 -0
package/dist/validity_proof-3POXLPNY.mjs +21 -0
package/package.json +54 -21
package/src/adapters/index.ts +41 -0
package/src/adapters/jupiter.ts +571 -0
package/src/adapters/near-intents.ts +135 -0
package/src/advisor/advisor.ts +653 -0
package/src/advisor/index.ts +54 -0
package/src/advisor/tools.ts +303 -0
package/src/advisor/types.ts +164 -0
package/src/chains/ethereum/announcement.ts +536 -0
package/src/chains/ethereum/bnb-optimizations.ts +474 -0
package/src/chains/ethereum/commitment.ts +522 -0
package/src/chains/ethereum/constants.ts +462 -0
package/src/chains/ethereum/deployment.ts +596 -0
package/src/chains/ethereum/gas-estimation.ts +538 -0
package/src/chains/ethereum/index.ts +268 -0
package/src/chains/ethereum/optimizations.ts +614 -0
package/src/chains/ethereum/privacy-adapter.ts +855 -0
package/src/chains/ethereum/registry.ts +584 -0
package/src/chains/ethereum/rpc.ts +905 -0
package/src/chains/ethereum/stealth.ts +491 -0
package/src/chains/ethereum/token.ts +790 -0
package/src/chains/ethereum/transfer.ts +637 -0
package/src/chains/ethereum/types.ts +456 -0
package/src/chains/ethereum/viewing-key.ts +455 -0
package/src/chains/near/commitment.ts +608 -0
package/src/chains/near/constants.ts +284 -0
package/src/chains/near/function-call.ts +871 -0
package/src/chains/near/history.ts +654 -0
package/src/chains/near/implicit-account.ts +840 -0
package/src/chains/near/index.ts +393 -0
package/src/chains/near/native-transfer.ts +658 -0
package/src/chains/near/nep141.ts +775 -0
package/src/chains/near/privacy-adapter.ts +889 -0
package/src/chains/near/resolver.ts +971 -0
package/src/chains/near/rpc.ts +1016 -0
package/src/chains/near/stealth.ts +419 -0
package/src/chains/near/types.ts +317 -0
package/src/chains/near/viewing-key.ts +876 -0
package/src/chains/solana/anchor-transfer.ts +386 -0
package/src/chains/solana/commitment.ts +577 -0
package/src/chains/solana/constants.ts +126 -12
package/src/chains/solana/ephemeral-keys.ts +543 -0
package/src/chains/solana/index.ts +276 -1
package/src/chains/solana/key-derivation.ts +418 -0
package/src/chains/solana/kit-compat.ts +334 -0
package/src/chains/solana/optimizations.ts +560 -0
package/src/chains/solana/privacy-adapter.ts +605 -0
package/src/chains/solana/providers/generic.ts +201 -0
package/src/chains/solana/providers/helius-enhanced-types.ts +336 -0
package/src/chains/solana/providers/helius-enhanced.ts +623 -0
package/src/chains/solana/providers/helius.ts +402 -0
package/src/chains/solana/providers/index.ts +85 -0
package/src/chains/solana/providers/interface.ts +221 -0
package/src/chains/solana/providers/quicknode.ts +409 -0
package/src/chains/solana/providers/triton.ts +426 -0
package/src/chains/solana/providers/webhook.ts +790 -0
package/src/chains/solana/rpc-client.ts +1150 -0
package/src/chains/solana/scan.ts +170 -73
package/src/chains/solana/sol-transfer.ts +732 -0
package/src/chains/solana/spl-transfer.ts +886 -0
package/src/chains/solana/stealth-scanner.ts +703 -0
package/src/chains/solana/sunspot-verifier.ts +453 -0
package/src/chains/solana/transaction-builder.ts +755 -0
package/src/chains/solana/transfer.ts +74 -5
package/src/chains/solana/types.ts +77 -7
package/src/chains/solana/utils.ts +110 -0
package/src/chains/solana/viewing-key.ts +807 -0
package/src/compliance/fireblocks.ts +921 -0
package/src/compliance/index.ts +37 -0
package/src/compliance/range-sas.ts +956 -0
package/src/config/endpoints.ts +100 -0
package/src/crypto.ts +11 -8
package/src/errors.ts +82 -0
package/src/evm/erc4337-relayer.ts +830 -0
package/src/evm/index.ts +47 -0
package/src/fees/calculator.ts +396 -0
package/src/fees/index.ts +87 -0
package/src/fees/near-contract.ts +429 -0
package/src/fees/types.ts +268 -0
package/src/index.ts +785 -1
package/src/intent.ts +6 -3
package/src/logger.ts +324 -0
package/src/network/index.ts +80 -0
package/src/network/proxy.ts +691 -0
package/src/optimizations/index.ts +541 -0
package/src/oracle/types.ts +1 -0
package/src/privacy-backends/arcium-types.ts +727 -0
package/src/privacy-backends/arcium.ts +719 -0
package/src/privacy-backends/combined-privacy.ts +866 -0
package/src/privacy-backends/cspl-token.ts +595 -0
package/src/privacy-backends/cspl-types.ts +512 -0
package/src/privacy-backends/cspl.ts +907 -0
package/src/privacy-backends/health.ts +488 -0
package/src/privacy-backends/inco-types.ts +323 -0
package/src/privacy-backends/inco.ts +616 -0
package/src/privacy-backends/index.ts +336 -0
package/src/privacy-backends/interface.ts +906 -0
package/src/privacy-backends/lru-cache.ts +343 -0
package/src/privacy-backends/magicblock.ts +458 -0
package/src/privacy-backends/mock.ts +258 -0
package/src/privacy-backends/privacycash-types.ts +278 -0
package/src/privacy-backends/privacycash.ts +456 -0
package/src/privacy-backends/private-swap.ts +570 -0
package/src/privacy-backends/rate-limiter.ts +683 -0
package/src/privacy-backends/registry.ts +690 -0
package/src/privacy-backends/router.ts +626 -0
package/src/privacy-backends/shadowwire.ts +449 -0
package/src/privacy-backends/sip-native.ts +256 -0
package/src/privacy-logger.ts +191 -0
package/src/production-safety.ts +373 -0
package/src/proofs/aggregator.ts +1029 -0
package/src/proofs/browser-composer.ts +1150 -0
package/src/proofs/browser.ts +113 -25
package/src/proofs/cache/index.ts +127 -0
package/src/proofs/cache/interface.ts +545 -0
package/src/proofs/cache/key-generator.ts +188 -0
package/src/proofs/cache/lru-cache.ts +481 -0
package/src/proofs/cache/multi-tier-cache.ts +575 -0
package/src/proofs/cache/persistent-cache.ts +788 -0
package/src/proofs/compliance-proof.ts +872 -0
package/src/proofs/composer/base.ts +923 -0
package/src/proofs/composer/index.ts +25 -0
package/src/proofs/composer/interface.ts +518 -0
package/src/proofs/composer/types.ts +383 -0
package/src/proofs/converters/halo2.ts +452 -0
package/src/proofs/converters/index.ts +208 -0
package/src/proofs/converters/interface.ts +363 -0
package/src/proofs/converters/kimchi.ts +462 -0
package/src/proofs/converters/noir.ts +451 -0
package/src/proofs/fallback.ts +888 -0
package/src/proofs/halo2.ts +42 -0
package/src/proofs/index.ts +471 -0
package/src/proofs/interface.ts +13 -0
package/src/proofs/kimchi.ts +42 -0
package/src/proofs/lazy.ts +1004 -0
package/src/proofs/mock.ts +25 -1
package/src/proofs/noir.ts +111 -30
package/src/proofs/orchestrator.ts +960 -0
package/src/proofs/parallel/concurrency.ts +297 -0
package/src/proofs/parallel/dependency-graph.ts +602 -0
package/src/proofs/parallel/executor.ts +420 -0
package/src/proofs/parallel/index.ts +131 -0
package/src/proofs/parallel/interface.ts +685 -0
package/src/proofs/parallel/worker-pool.ts +644 -0
package/src/proofs/providers/halo2.ts +560 -0
package/src/proofs/providers/index.ts +34 -0
package/src/proofs/providers/kimchi.ts +641 -0
package/src/proofs/validator.ts +881 -0
package/src/proofs/verifier.ts +867 -0
package/src/quantum/index.ts +112 -0
package/src/quantum/winternitz-vault.ts +639 -0
package/src/quantum/wots.ts +611 -0
package/src/settlement/backends/direct-chain.ts +1 -0
package/src/settlement/index.ts +9 -0
package/src/settlement/router.ts +732 -46
package/src/solana/index.ts +72 -0
package/src/solana/jito-relayer.ts +687 -0
package/src/solana/noir-verifier-types.ts +430 -0
package/src/solana/noir-verifier.ts +816 -0
package/src/stealth/address-derivation.ts +193 -0
package/src/stealth/ed25519.ts +431 -0
package/src/stealth/index.ts +233 -0
package/src/stealth/meta-address.ts +221 -0
package/src/stealth/secp256k1.ts +368 -0
package/src/stealth/utils.ts +194 -0
package/src/stealth.ts +50 -1504
package/src/surveillance/algorithms/address-reuse.ts +143 -0
package/src/surveillance/algorithms/cluster.ts +247 -0
package/src/surveillance/algorithms/exchange.ts +295 -0
package/src/surveillance/algorithms/temporal.ts +337 -0
package/src/surveillance/analyzer.ts +442 -0
package/src/surveillance/index.ts +64 -0
package/src/surveillance/scoring.ts +372 -0
package/src/surveillance/types.ts +264 -0
package/src/sync/index.ts +106 -0
package/src/sync/manager.ts +504 -0
package/src/sync/mock-provider.ts +318 -0
package/src/sync/oblivious.ts +625 -0
package/src/tokens/index.ts +15 -0
package/src/tokens/registry.ts +301 -0
package/src/utils/deprecation.ts +94 -0
package/src/utils/index.ts +9 -0
package/src/wallet/ethereum/index.ts +68 -0
package/src/wallet/ethereum/metamask-privacy.ts +420 -0
package/src/wallet/ethereum/multi-wallet.ts +646 -0
package/src/wallet/ethereum/privacy-adapter.ts +700 -0
package/src/wallet/ethereum/types.ts +3 -1
package/src/wallet/ethereum/walletconnect-adapter.ts +675 -0
package/src/wallet/hardware/index.ts +10 -0
package/src/wallet/hardware/ledger-privacy.ts +414 -0
package/src/wallet/index.ts +71 -0
package/src/wallet/near/adapter.ts +626 -0
package/src/wallet/near/index.ts +86 -0
package/src/wallet/near/meteor-wallet.ts +1153 -0
package/src/wallet/near/my-near-wallet.ts +790 -0
package/src/wallet/near/wallet-selector.ts +702 -0
package/src/wallet/solana/adapter.ts +6 -4
package/src/wallet/solana/index.ts +13 -0
package/src/wallet/solana/privacy-adapter.ts +567 -0
package/src/wallet/sui/types.ts +6 -4
package/src/zcash/rpc-client.ts +13 -6
package/dist/chunk-3INS3PR5.mjs +0 -884
package/dist/chunk-3OVABDRH.mjs +0 -17096
package/dist/chunk-DLDWZFYC.mjs +0 -1495
package/dist/chunk-E6SZWREQ.mjs +0 -57
package/dist/chunk-G33LB27A.mjs +0 -16166
package/dist/chunk-HGU6HZRC.mjs +0 -231
package/dist/chunk-L2K34JCU.mjs +0 -1496
package/dist/chunk-SN4ZDTVW.mjs +0 -16166
package/dist/constants-VOI7BSLK.mjs +0 -27
package/dist/index-BYZbDjal.d.ts +0 -11390
package/dist/index-CHB3KuOB.d.mts +0 -11859
package/dist/index-CzWPI6Le.d.ts +0 -11859
package/dist/index-xbWjohNq.d.mts +0 -11390
package/dist/solana-5EMCTPTS.mjs +0 -46
package/dist/solana-Q4NAVBTS.mjs +0 -46

package/src/network/proxy.ts ADDED Viewed

@@ -0,0 +1,691 @@
+/**
+ * Network Privacy Layer - Proxy Support
+ *
+ * Provides Tor and SOCKS5/HTTP proxy support for routing RPC calls
+ * through privacy-preserving networks. Prevents IP address correlation
+ * with wallet activity.
+ *
+ * ## Features
+ *
+ * - Auto-detect Tor service (ports 9050, 9150)
+ * - SOCKS5 proxy support
+ * - HTTP/HTTPS proxy support
+ * - Environment variable configuration
+ * - Circuit rotation for unlinkability
+ *
+ * @example Using Tor
+ * ```typescript
+ * import { createProxyAgent, TOR_PORTS } from '@sip-protocol/sdk'
+ *
+ * // Auto-detect Tor
+ * const agent = await createProxyAgent('tor')
+ *
+ * // Or specify port
+ * const agent = await createProxyAgent('socks5://127.0.0.1:9050')
+ * ```
+ *
+ * @example Using custom SOCKS5 proxy
+ * ```typescript
+ * const agent = await createProxyAgent('socks5://myproxy.example.com:1080')
+ * ```
+ *
+ * @module network/proxy
+ * @see https://github.com/sip-protocol/sip-protocol/issues/489
+ */
+import type { Agent } from 'http'
+// ─── Types ───────────────────────────────────────────────────────────────────
+/**
+ * Proxy configuration type
+ *
+ * - `'tor'`: Auto-detect local Tor service
+ * - `'socks5://...'`: SOCKS5 proxy URL
+ * - `'http://...'` or `'https://...'`: HTTP proxy URL
+ * - `undefined`: No proxy (direct connection)
+ */
+export type ProxyConfig =
+  | 'tor'
+  | `socks5://${string}`
+  | `socks4://${string}`
+  | `http://${string}`
+  | `https://${string}`
+  | undefined
+/**
+ * Proxy type classification
+ */
+export type ProxyType = 'tor' | 'socks5' | 'socks4' | 'http' | 'https' | 'none'
+/**
+ * Parsed proxy configuration
+ */
+export interface ParsedProxyConfig {
+  /** Proxy type */
+  type: ProxyType
+  /** Proxy host */
+  host?: string
+  /** Proxy port */
+  port?: number
+  /** Full proxy URL */
+  url?: string
+  /** Authentication username (if any) */
+  username?: string
+  /** Authentication password (if any) */
+  password?: string
+}
+/**
+ * Proxy agent options
+ */
+export interface ProxyAgentOptions {
+  /** Connection timeout in milliseconds */
+  timeout?: number
+  /** Whether to rotate circuits (Tor only) */
+  rotateCircuit?: boolean
+  /** Custom Tor control port for circuit rotation */
+  torControlPort?: number
+  /** Tor control password (for NEWNYM) */
+  torControlPassword?: string
+}
+/**
+ * Result of proxy availability check
+ */
+export interface ProxyCheckResult {
+  /** Whether proxy is available */
+  available: boolean
+  /** Proxy type detected */
+  type: ProxyType
+  /** Proxy URL if available */
+  url?: string
+  /** Error message if not available */
+  error?: string
+  /** Response time in milliseconds */
+  responseTimeMs?: number
+}
+// ─── Constants ───────────────────────────────────────────────────────────────
+/**
+ * Common Tor ports
+ *
+ * - 9050: Standalone Tor daemon
+ * - 9150: Tor Browser Bundle
+ */
+export const TOR_PORTS = [9050, 9150] as const
+/**
+ * Default Tor host
+ */
+export const TOR_HOST = '127.0.0.1'
+/**
+ * Default Tor control port (for NEWNYM signal)
+ */
+export const TOR_CONTROL_PORT = 9051
+/**
+ * Default connection timeout in milliseconds
+ */
+export const DEFAULT_PROXY_TIMEOUT = 30000
+/**
+ * Environment variable for proxy configuration
+ */
+export const PROXY_ENV_VAR = 'SIP_PROXY'
+/**
+ * Alternative environment variables to check
+ */
+export const PROXY_ENV_VARS = [
+  'SIP_PROXY',
+  'ALL_PROXY',
+  'HTTPS_PROXY',
+  'HTTP_PROXY',
+  'SOCKS_PROXY',
+] as const
+// ─── Parsing ─────────────────────────────────────────────────────────────────
+/**
+ * Parse a proxy configuration string into structured data
+ *
+ * @param config - Proxy configuration string
+ * @returns Parsed configuration
+ *
+ * @example
+ * ```typescript
+ * parseProxyConfig('tor')
+ * // { type: 'tor', host: '127.0.0.1', port: 9050 }
+ *
+ * parseProxyConfig('socks5://proxy.example.com:1080')
+ * // { type: 'socks5', host: 'proxy.example.com', port: 1080, url: '...' }
+ *
+ * parseProxyConfig('http://user:pass@proxy.com:8080')
+ * // { type: 'http', host: 'proxy.com', port: 8080, username: 'user', password: 'pass' }
+ * ```
+ */
+export function parseProxyConfig(config: ProxyConfig): ParsedProxyConfig {
+  if (!config) {
+    return { type: 'none' }
+  }
+  if (config === 'tor') {
+    return {
+      type: 'tor',
+      host: TOR_HOST,
+      port: TOR_PORTS[0],
+      url: `socks5://${TOR_HOST}:${TOR_PORTS[0]}`,
+    }
+  }
+  // Parse URL
+  try {
+    const url = new URL(config)
+    const protocol = url.protocol.replace(':', '') as ProxyType
+    if (!['socks5', 'socks4', 'http', 'https'].includes(protocol)) {
+      throw new Error(`Unsupported proxy protocol: ${protocol}`)
+    }
+    return {
+      type: protocol,
+      host: url.hostname,
+      port: url.port ? parseInt(url.port, 10) : undefined,
+      url: config,
+      username: url.username || undefined,
+      password: url.password || undefined,
+    }
+  } catch {
+    throw new Error(
+      `Invalid proxy configuration: ${config}. ` +
+      `Expected 'tor', 'socks5://...', 'http://...', or 'https://...'`
+    )
+  }
+}
+/**
+ * Get proxy configuration from environment variables
+ *
+ * Checks SIP_PROXY, ALL_PROXY, HTTPS_PROXY, HTTP_PROXY, SOCKS_PROXY
+ *
+ * @returns Proxy configuration or undefined
+ */
+export function getProxyFromEnv(): ProxyConfig {
+  for (const envVar of PROXY_ENV_VARS) {
+    const value = process.env[envVar]
+    if (value) {
+      // Handle 'tor' shorthand
+      if (value.toLowerCase() === 'tor') {
+        return 'tor'
+      }
+      // Validate URL format
+      if (value.startsWith('socks') || value.startsWith('http')) {
+        return value as ProxyConfig
+      }
+    }
+  }
+  return undefined
+}
+// ─── Proxy Detection ─────────────────────────────────────────────────────────
+/**
+ * Check if Tor is available on a specific port
+ *
+ * @param port - Port to check
+ * @param host - Host to check (default: 127.0.0.1)
+ * @param timeout - Connection timeout in ms
+ * @returns True if Tor is responding
+ */
+export async function isTorAvailable(
+  port: number = TOR_PORTS[0],
+  host: string = TOR_HOST,
+  timeout: number = 5000
+): Promise<boolean> {
+  // In Node.js, we'd use net.connect to check
+  // For now, return a simple check
+  return new Promise((resolve) => {
+    if (typeof globalThis.process === 'undefined') {
+      // Browser environment - Tor not directly available
+      resolve(false)
+      return
+    }
+    try {
+      // Dynamic import to avoid bundling in browser
+      import('net').then(({ connect }) => {
+        const socket = connect({ host, port })
+        const timer = setTimeout(() => {
+          socket.destroy()
+          resolve(false)
+        }, timeout)
+        socket.on('connect', () => {
+          clearTimeout(timer)
+          socket.destroy()
+          resolve(true)
+        })
+        socket.on('error', () => {
+          clearTimeout(timer)
+          resolve(false)
+        })
+      }).catch(() => {
+        resolve(false)
+      })
+    } catch {
+      resolve(false)
+    }
+  })
+}
+/**
+ * Auto-detect Tor service on common ports
+ *
+ * @param timeout - Connection timeout per port
+ * @returns Port number if found, undefined otherwise
+ */
+export async function detectTorPort(timeout: number = 5000): Promise<number | undefined> {
+  for (const port of TOR_PORTS) {
+    if (await isTorAvailable(port, TOR_HOST, timeout)) {
+      return port
+    }
+  }
+  return undefined
+}
+/**
+ * Check proxy availability and get connection info
+ *
+ * @param config - Proxy configuration
+ * @param timeout - Connection timeout
+ * @returns Availability result
+ */
+export async function checkProxyAvailability(
+  config: ProxyConfig,
+  timeout: number = DEFAULT_PROXY_TIMEOUT
+): Promise<ProxyCheckResult> {
+  if (!config) {
+    return { available: true, type: 'none' }
+  }
+  const start = Date.now()
+  if (config === 'tor') {
+    const port = await detectTorPort(timeout)
+    if (port) {
+      return {
+        available: true,
+        type: 'tor',
+        url: `socks5://${TOR_HOST}:${port}`,
+        responseTimeMs: Date.now() - start,
+      }
+    }
+    return {
+      available: false,
+      type: 'tor',
+      error: `Tor not found on ports ${TOR_PORTS.join(', ')}. ` +
+        `Please start Tor or Tor Browser.`,
+    }
+  }
+  // For SOCKS5/HTTP proxies, parse and validate
+  try {
+    const parsed = parseProxyConfig(config)
+    // In production, we'd do a test connection here
+    return {
+      available: true,
+      type: parsed.type,
+      url: parsed.url,
+      responseTimeMs: Date.now() - start,
+    }
+  } catch (error) {
+    return {
+      available: false,
+      type: 'none',
+      error: error instanceof Error ? error.message : 'Unknown error',
+    }
+  }
+}
+// ─── Agent Creation ──────────────────────────────────────────────────────────
+/**
+ * Create a proxy agent for HTTP requests
+ *
+ * **Note:** This requires optional dependencies:
+ * - `socks-proxy-agent` for SOCKS4/5 proxies
+ * - `https-proxy-agent` for HTTP/HTTPS proxies
+ *
+ * Install with: `npm install socks-proxy-agent https-proxy-agent`
+ *
+ * @param config - Proxy configuration
+ * @param options - Agent options
+ * @returns HTTP Agent configured for proxy, or undefined for direct connection
+ * @throws Error if proxy dependencies not installed
+ *
+ * @example
+ * ```typescript
+ * // Using Tor
+ * const agent = await createProxyAgent('tor')
+ *
+ * // Using custom SOCKS5
+ * const agent = await createProxyAgent('socks5://127.0.0.1:1080')
+ *
+ * // Use with fetch
+ * fetch(url, { agent })
+ * ```
+ */
+export async function createProxyAgent(
+  config: ProxyConfig,
+  options: ProxyAgentOptions = {}
+): Promise<Agent | undefined> {
+  if (!config) {
+    return undefined
+  }
+  const { timeout = DEFAULT_PROXY_TIMEOUT } = options
+  // Handle Tor auto-detection
+  let proxyUrl: string
+  if (config === 'tor') {
+    const port = await detectTorPort(timeout)
+    if (!port) {
+      throw new Error(
+        `Tor not available on ports ${TOR_PORTS.join(', ')}. ` +
+        `Please start Tor (brew install tor && tor) or Tor Browser.`
+      )
+    }
+    proxyUrl = `socks5://${TOR_HOST}:${port}`
+  } else {
+    proxyUrl = config
+  }
+  // Parse to determine agent type
+  const parsed = parseProxyConfig(config === 'tor' ? `socks5://${TOR_HOST}:${TOR_PORTS[0]}` : config)
+  // Dynamic import of proxy agent libraries
+  try {
+    if (parsed.type === 'socks5' || parsed.type === 'socks4' || config === 'tor') {
+      // SOCKS proxy
+      const { SocksProxyAgent } = await import('socks-proxy-agent')
+      return new SocksProxyAgent(proxyUrl, { timeout })
+    }
+    if (parsed.type === 'http' || parsed.type === 'https') {
+      // HTTP proxy
+      const { HttpsProxyAgent } = await import('https-proxy-agent')
+      return new HttpsProxyAgent(proxyUrl, { timeout })
+    }
+  } catch (error) {
+    if ((error as NodeJS.ErrnoException).code === 'MODULE_NOT_FOUND') {
+      throw new Error(
+        `Proxy agent dependencies not installed. ` +
+        `Run: npm install socks-proxy-agent https-proxy-agent`
+      )
+    }
+    throw error
+  }
+  return undefined
+}
+// ─── Proxied Fetch ───────────────────────────────────────────────────────────
+/**
+ * Fetch function type with optional agent
+ */
+export type ProxiedFetch = (
+  url: string | URL,
+  options?: RequestInit & { agent?: Agent }
+) => Promise<Response>
+/**
+ * Create a fetch function that uses a proxy agent
+ *
+ * @param agent - Proxy agent (from createProxyAgent)
+ * @returns Fetch function with proxy support
+ *
+ * @example
+ * ```typescript
+ * const agent = await createProxyAgent('tor')
+ * const proxiedFetch = createProxiedFetch(agent)
+ *
+ * // All requests go through Tor
+ * const response = await proxiedFetch('https://api.example.com/data')
+ * ```
+ */
+export function createProxiedFetch(agent: Agent | undefined): ProxiedFetch {
+  return async (url: string | URL, options: RequestInit & { agent?: Agent } = {}) => {
+    // In Node.js, we can pass agent directly
+    // The global fetch in Node 18+ supports agent option
+    return fetch(url, {
+      ...options,
+      // @ts-expect-error - agent is valid for Node.js fetch
+      agent: agent ?? options.agent,
+    })
+  }
+}
+// ─── Tor Circuit Rotation ────────────────────────────────────────────────────
+/**
+ * Request a new Tor circuit (NEWNYM)
+ *
+ * Requires Tor control port to be enabled with authentication.
+ * Configure in torrc:
+ * ```
+ * ControlPort 9051
+ * HashedControlPassword <your-hashed-password>
+ * ```
+ *
+ * @param controlPort - Tor control port (default: 9051)
+ * @param password - Control port password
+ * @returns True if circuit rotation succeeded
+ *
+ * @example
+ * ```typescript
+ * // Enable in torrc and set password
+ * const success = await rotateCircuit(9051, 'my-tor-password')
+ * if (success) {
+ *   console.log('New Tor circuit established')
+ * }
+ * ```
+ */
+export async function rotateCircuit(
+  controlPort: number = TOR_CONTROL_PORT,
+  password?: string
+): Promise<boolean> {
+  if (typeof globalThis.process === 'undefined') {
+    // Browser environment
+    console.warn('Circuit rotation not available in browser')
+    return false
+  }
+  try {
+    const { connect } = await import('net')
+    return new Promise((resolve) => {
+      const socket = connect({ host: TOR_HOST, port: controlPort })
+      let authenticated = false
+      socket.on('connect', () => {
+        if (password) {
+          socket.write(`AUTHENTICATE "${password}"\r\n`)
+        } else {
+          socket.write('AUTHENTICATE\r\n')
+        }
+      })
+      socket.on('data', (data) => {
+        const response = data.toString()
+        if (!authenticated && response.includes('250')) {
+          authenticated = true
+          socket.write('SIGNAL NEWNYM\r\n')
+        } else if (authenticated && response.includes('250')) {
+          socket.destroy()
+          resolve(true)
+        } else if (response.includes('515') || response.includes('5')) {
+          socket.destroy()
+          resolve(false)
+        }
+      })
+      socket.on('error', () => {
+        resolve(false)
+      })
+      // Timeout after 5 seconds
+      setTimeout(() => {
+        socket.destroy()
+        resolve(false)
+      }, 5000)
+    })
+  } catch {
+    return false
+  }
+}
+// ─── Network Privacy Config ──────────────────────────────────────────────────
+/**
+ * Network privacy configuration for SDK clients
+ */
+export interface NetworkPrivacyConfig {
+  /**
+   * Proxy configuration
+   *
+   * - `'tor'`: Auto-detect local Tor
+   * - `'socks5://...'`: SOCKS5 proxy
+   * - `'http://...'`: HTTP proxy
+   * - `undefined`: Direct connection
+   */
+  proxy?: ProxyConfig
+  /**
+   * Rotate Tor circuit per request
+   *
+   * Requires Tor control port. Provides unlinkability between requests.
+   *
+   * @default false
+   */
+  rotateCircuit?: boolean
+  /**
+   * Tor control port for circuit rotation
+   *
+   * @default 9051
+   */
+  torControlPort?: number
+  /**
+   * Tor control password
+   *
+   * Required for rotateCircuit if Tor is configured with password authentication.
+   */
+  torControlPassword?: string
+  /**
+   * Connection timeout in milliseconds
+   *
+   * @default 30000
+   */
+  timeout?: number
+  /**
+   * Fallback to direct connection if proxy unavailable
+   *
+   * If true, will use direct connection when proxy fails.
+   * If false, will throw error when proxy fails.
+   *
+   * @default false
+   */
+  fallbackToDirect?: boolean
+}
+/**
+ * Default network privacy configuration
+ */
+export const DEFAULT_NETWORK_CONFIG: Required<Omit<NetworkPrivacyConfig, 'proxy' | 'torControlPassword'>> = {
+  rotateCircuit: false,
+  torControlPort: TOR_CONTROL_PORT,
+  timeout: DEFAULT_PROXY_TIMEOUT,
+  fallbackToDirect: false,
+}
+/**
+ * Create a network privacy client
+ *
+ * @param config - Network privacy configuration
+ * @returns Proxied fetch function and utilities
+ *
+ * @example
+ * ```typescript
+ * const network = await createNetworkPrivacyClient({
+ *   proxy: 'tor',
+ *   rotateCircuit: true,
+ *   torControlPassword: 'my-password',
+ * })
+ *
+ * // Use proxied fetch
+ * const response = await network.fetch('https://api.example.com')
+ *
+ * // Rotate circuit manually
+ * await network.rotateCircuit()
+ *
+ * // Check status
+ * console.log(network.status) // { type: 'tor', connected: true, ... }
+ * ```
+ */
+export async function createNetworkPrivacyClient(
+  config: NetworkPrivacyConfig = {}
+): Promise<{
+  fetch: ProxiedFetch
+  rotateCircuit: () => Promise<boolean>
+  status: ProxyCheckResult
+  agent: Agent | undefined
+}> {
+  const {
+    proxy,
+    rotateCircuit: shouldRotate = DEFAULT_NETWORK_CONFIG.rotateCircuit,
+    torControlPort = DEFAULT_NETWORK_CONFIG.torControlPort,
+    torControlPassword,
+    timeout = DEFAULT_NETWORK_CONFIG.timeout,
+    fallbackToDirect = DEFAULT_NETWORK_CONFIG.fallbackToDirect,
+  } = config
+  // Check proxy availability
+  const status = await checkProxyAvailability(proxy, timeout)
+  let agent: Agent | undefined
+  if (!status.available) {
+    if (fallbackToDirect) {
+      console.warn(
+        `[SIP-SDK] Proxy unavailable: ${status.error}. Falling back to direct connection.`
+      )
+    } else {
+      throw new Error(`Proxy unavailable: ${status.error}`)
+    }
+  } else {
+    agent = await createProxyAgent(proxy, { timeout })
+  }
+  return {
+    fetch: createProxiedFetch(agent),
+    rotateCircuit: async () => {
+      if (shouldRotate && (status.type === 'tor' || proxy === 'tor')) {
+        return rotateCircuit(torControlPort, torControlPassword)
+      }
+      return false
+    },
+    status,
+    agent,
+  }
+}