@tangle-network/agent-app 0.1.0 → 0.1.2

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Tangle Network
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -1,59 +1,144 @@
 # @tangle-network/agent-app
 
-Shared **application-shell framework** for Tangle agent products (insurance, tax, legal, creative, gtm, agent-builder). The substrate packages (`@tangle-network/{sandbox, agent-runtime, agent-eval, agent-integrations, agent-knowledge, tcloud}`) are the *engine*; this package is the *shell* — the opinionated, reusable application layer those products currently fork-duplicate.
+[![npm](https://img.shields.io/npm/v/@tangle-network/agent-app.svg)](https://www.npmjs.com/package/@tangle-network/agent-app)
+[![npm provenance](https://img.shields.io/badge/npm-provenance-blue.svg)](https://www.npmjs.com/package/@tangle-network/agent-app#provenance)
+[![license](https://img.shields.io/npm/l/@tangle-network/agent-app.svg)](./LICENSE)
 
-The goal: a product should `pnpm add @tangle-network/agent-app`, supply its domain seams (schema, prompt, taxonomy, persistence), and get the whole shell — instead of copy-forking another agent app and inheriting its bugs (the way insurance forked legal and inherited legal's IRS/FinCEN filing scripts).
+The application-shell layer for building agent products on the Tangle stack.
 
-Everything here is **domain-seamed**: the generic mechanism lives in the package; each product supplies callbacks/config for the domain-specific bits. The package imports no product code.
+The substrate packages — `@tangle-network/agent-runtime`, `agent-eval`, `agent-integrations`, `tcloud`, `sandbox` — are the **engine**. This package is the **shell**: the chat tool-loop, the structured agent→app side channel, the integration-hub client, per-workspace billing, field crypto, and the web boundary utilities that every agent app otherwise rewrites by hand. You supply your domain through typed seams; the package supplies the mechanism and imports none of your code.
 
-## Modules
+## Highlights
+
+- **Structured tool side channel** — `submit_proposal` (approval-gated), `schedule_followup`, `render_ui`, `add_citation`, exposed as validated tool calls over three surfaces (HTTP route, per-turn MCP server, agent-runtime executor). No fenced-text parsing.
+- **Bounded tool loop** — `runAppToolLoop` / `streamAppToolLoop`: stream a turn → collect tool calls → dispatch → fold results back → re-run, capped. Substrate-free behind a `streamTurn` seam, so it drives a sandboxed agent, a Worker, or an in-browser copilot unchanged.
+- **Sandbox-optional** — the same tools, billing, eval, and loop work without a container. A `fetch`-only adapter maps any OpenAI-compatible stream (Tangle Router, tcloud) into the loop. See [`examples/browser-copilot.md`](./examples/browser-copilot.md).
+- **Composes the engine, never forks it** — `/eval` re-exports `@tangle-network/agent-eval`'s verifier; `/integrations` wraps the hub; `/tangle` and `/billing` take the tcloud client as a structural contract. Engines are **peer dependencies** — you pin the version, nothing is bundled.
+- **ESM, typed, zero runtime deps** in the substrate-free modules (`/runtime`, `/web`, `/crypto`, `/redact`, `/stream`). Ships with `.d.ts` and npm [provenance](https://www.npmjs.com/package/@tangle-network/agent-app#provenance).
+
+## Install
+
+```bash
+pnpm add @tangle-network/agent-app
+```
 
-| Subpath | Status | What it is |
+The engine packages you actually use are **peer dependencies** — install the ones your modules touch:
+
+```bash
+# /eval composes the eval engine; /integrations composes the hub client
+pnpm add @tangle-network/agent-eval @tangle-network/agent-integrations
+```
+
+| Peer | Required by | Range |
 |---|---|---|
-| `@tangle-network/agent-app/tools` | ✅ **shipped + tested** | The structured agent→app tool side channel — `submit_proposal` (approval-gated), `schedule_followup`, `render_ui`, `add_citation`. OpenAI tool defs, MCP-server builder, HTTP route handler, agent-runtime executor, capability auth. Replaces brittle fenced `:::` blocks with validated tool calls. Seam: `AppToolHandlers` + `AppToolTaxonomy`. |
-| `@tangle-network/agent-app/delegation` | ✅ **shipped + tested** | The agent-runtime "driven loop" MCP (`delegate_research` / `delegate_code` / `delegation_status` …) for multi-step work that runs to completion in its own agent-driver sandbox. Optional; opt in by spreading into the profile `mcp` map. |
-| `@tangle-network/agent-app/tangle` | ✅ **shipped + tested** | Tangle login (SSO) + the developer self-service **app-registration → broker-token** flow: `buildConsentUrl` (one-time user consent) + `createBrokerTokenProvider` (caches/auto-refreshes the `sk-tan-broker-` token per durable grant, shares in-flight mints). Structural (depends on the minter contract; pass the concrete `TangleAppsClient` from `@tangle-network/agent-integrations`). |
-| `@tangle-network/agent-app/runtime` | ✅ **shipped + tested** | `runAppToolLoop` — the bounded multi-turn tool loop every app's chat runtime hand-rolls: stream a turn → collect tool calls → dispatch → fold results back → re-run, capped. Substrate-free via a `streamTurn` seam (wrap any backend / `runAgentTaskStream`) + an `executeToolCall` seam (route to integration + app-tool executors). |
-| `@tangle-network/agent-app/eval` | ✅ **shipped + tested** | The inline completion gate: `producedFromToolEvents` (bridge `/tools` produced events), `verifyCompletion` (per-requirement `satisfiedBy` gate), `tokenRecallChecker` (deterministic content check), `weightedScore`. For full campaigns/traces/LLM-judge use `@tangle-network/agent-eval`; this composes with it. |
+| `@tangle-network/agent-eval` | `/eval` | `>=0.50.0` |
+| `@tangle-network/agent-integrations` | `/integrations`, `/tangle` | `>=0.32.0` |
 
-✅ = built, typechecked, unit-tested, builds. All five modules done — 39 tests.
+The substrate-free modules (`/runtime`, `/tools`, `/web`, `/crypto`, `/redact`, `/stream`, `/billing`) need no peers.
 
-## `/tools` usage (the shipped module)
+## Quick start
 
-A product supplies its taxonomy + handlers (its real DB/vault ops), then wires the three surfaces:
+A product supplies its **taxonomy** (which proposal types exist, which are approval-gated) and its **handlers** (the real DB/vault writes), then wires the tool side channel to whichever surface it runs on.
 
 ```ts
 import {
-  buildAppToolOpenAITools, createAppToolRuntimeExecutor, handleAppToolRequest,
-  buildAppToolMcpServer, type AppToolHandlers, type AppToolTaxonomy,
+  buildAppToolOpenAITools,
+  createAppToolRuntimeExecutor,
+  type AppToolHandlers,
+  type AppToolTaxonomy,
 } from '@tangle-network/agent-app/tools'
+import { runAppToolLoop } from '@tangle-network/agent-app/runtime'
+
+// 1. Declare the domain (the package bakes in no proposal types or rules).
+const taxonomy: AppToolTaxonomy = {
+  proposalTypes: ['recommend', 'contact', 'other'],
+  regulatedTypes: ['recommend', 'contact'], // these require a certified approver
+}
+
+// 2. Provide the side effects — your store, your validation.
+const handlers: AppToolHandlers = {
+  submitProposal,
+  scheduleFollowup,
+  renderUi,
+  addCitation,
+}
+
+// 3. Advertise the tools to the model and route their execution.
+const tools = buildAppToolOpenAITools(taxonomy)
+const executeToolCall = createAppToolRuntimeExecutor({
+  handlers,
+  taxonomy,
+  ctx: { userId, workspaceId, threadId },
+})
+
+// 4. Run a bounded, tool-driven turn loop over any backend.
+const result = await runAppToolLoop({
+  systemPrompt,
+  userMessage,
+  streamTurn,                                       // wrap your model / runAgentTaskStream
+  executeToolCall,
+  isExecutableTool: (name) => tools.some((t) => t.function.name === name),
+})
+
+console.log(result.finalText, result.toolResults)
+```
 
-const taxonomy: AppToolTaxonomy = { proposalTypes: [...], regulatedTypes: [...] }
-const handlers: AppToolHandlers = { submitProposal, scheduleFollowup, renderUi, addCitation } // your DB ops
-
-// 1. Sandbox MCP path — one route file per tool:
-export const action = ({ request }) =>
-  handleAppToolRequest(request, { tool: 'submit_proposal', handlers, taxonomy, verifyToken })
+`streamTurn` is the one seam that varies by backend. For an in-browser or edge copilot talking to an OpenAI-compatible endpoint, you don't write it by hand:
 
-// 2. Per-turn MCP servers (spread into the agent profile's mcp map):
-const mcp = { submit_proposal: buildAppToolMcpServer({ tool: 'submit_proposal', baseUrl, token, ctx, description }) /* … */ }
+```ts
+import { createOpenAICompatStreamTurn, resolveTangleModelConfig } from '@tangle-network/agent-app/runtime'
 
-// 3. agent-runtime chat path (eval / non-sandbox) — advertise tools + execute:
-runChatThroughRuntime({ /* … */ backend: makeBackend({ tools: buildAppToolOpenAITools(taxonomy) }),
-  appToolExecutor: createAppToolRuntimeExecutor({ handlers, taxonomy, ctx, onProduced }) })
+const cfg = resolveTangleModelConfig() // reads provider/model/key/baseUrl from env, or pass literals
+const streamTurn = createOpenAICompatStreamTurn({ ...cfg, tools })
 ```
 
-`insurance-agent` is the reference consumer; its `src/lib/.server/tools/*` is being refactored to delegate here.
+The full three-transport walkthrough (Tangle Router, tcloud, Vercel AI SDK) is in [`examples/browser-copilot.md`](./examples/browser-copilot.md).
+
+## How it's organised
+
+One rule decides where anything lives:
+
+> Does the capability make sense **without** a specific app's tool side channel, approval queue, or chat route?
+> **Yes** → it belongs in an engine package (contribute it down).
+> **No** → it's app-shell, and it belongs here.
+
+Everything here is reached through a typed seam — `AppToolHandlers`, `AppToolTaxonomy`, `streamTurn`, `executeToolCall`, `verifyToken`, `KeyProvisioner` / `WorkspaceKeyStore` / `KeyCrypto`. The package never imports product code and never hard-codes a domain value (a proposal type, a premium, a disclaimer); each is a parameter. New capability arrives as a new subpath, never a breaking change to an existing one.
+
+## Modules
+
+Each is an independent entry point — import only what you use.
+
+| Subpath | What it gives you |
+|---|---|
+| [`/tools`](src/tools) | The structured agent→app side channel: `buildAppToolOpenAITools`, `createAppToolRuntimeExecutor`, `handleAppToolRequest` (HTTP), `buildAppToolMcpServer` / `buildHttpMcpServer` (MCP), `createCapabilityToken` + `authenticateToolRequest` (capability auth), `ToolInputError`. |
+| [`/runtime`](src/runtime) | `runAppToolLoop` / `streamAppToolLoop` (bounded tool loop), `resolveTangleModelConfig` (Tangle Router / Anthropic BYOK), and `toLoopEvents` / `createOpenAICompatStreamTurn` (OpenAI-compat stream → loop events, with fragmented tool-call args reassembled). |
+| [`/integrations`](src/integrations) | Integration-hub client: `HubExecClient`, `resolveIntegrationAction`, `invokeIntegrationHub`. Composes `@tangle-network/agent-integrations`. |
+| [`/eval`](src/eval) | `producedFromToolEvents` (bridge tool events into the eval verifier) and `createTokenRecallChecker` (deterministic content check). Re-exports `@tangle-network/agent-eval`'s `verifyCompletion`, `extractProducedState`, `weightedComposite`, `createLlmCorrectnessChecker`. |
+| [`/tangle`](src/tangle) | App-registration consent URL (`buildConsentUrl`) and a cached, auto-refreshing broker-token provider (`createBrokerTokenProvider`). Structural over the tcloud client. |
+| [`/billing`](src/billing) | `createWorkspaceKeyManager` — mint / rotate / roll over / report usage on per-workspace, budget-capped model keys. Seams for provisioner, store, and crypto. |
+| [`/delegation`](src/delegation) | `buildDelegationMcpServer` — the agent-runtime driven-loop MCP (`delegate_research`, `delegate_code`, `delegation_status`) for multi-step work that runs to completion in its own sandbox. Opt-in. |
+| [`/crypto`](src/crypto) | AES-GCM field encryption: `encryptAesGcm`, `decryptAesGcm`, `createFieldCrypto`. Key supplied by the caller. |
+| [`/web`](src/web) | Request-boundary utilities: `parseJsonObjectBody`, `requireString`, `extractRequestContext`, `checkRateLimit`, `addSecurityHeaders`. |
+| [`/stream`](src/stream) | SSE normalization and turn identity: `normalizeToolEvent`, `resolveChatTurn`, `encodeEvent`, message-part merging. |
+| [`/redact`](src/redact) | `redactForIngestion` — PII redaction before content leaves the boundary. |
 
-## Why this exists
+The root entry (`@tangle-network/agent-app`) re-exports every module, but importing the subpath keeps your bundle to what you use.
 
-Each agent app re-implements the same plumbing (chat pipeline, approval queue, the structured side channel, vault, auth/RBAC, eval scaffold). That fork-duplication is why a single change — e.g. migrating the human-in-the-loop gate from fenced `:::proposal` blocks to validated tool calls — has to be redone in five apps. Lifting the shell here makes it a one-place change, propagated by a version bump.
+## Compatibility
 
-## Develop
+- **ESM only.** Ships `import` + `types` conditions per subpath.
+- **Runtimes:** Node ≥ 20, Cloudflare Workers / edge, and the browser (the substrate-free modules use only Web-standard APIs — `fetch`, Web Crypto, `TextEncoder`).
+- **TypeScript:** strict; full `.d.ts` for every entry point.
+
+## Contributing
 
 ```bash
 pnpm install
 pnpm typecheck && pnpm test && pnpm build
 ```
 
-Build: tsup (ESM + d.ts). Tests: vitest. No upward deps on any product.
+Build is [tsup](https://tsup.egoist.dev) (ESM + `.d.ts`), tests are [vitest](https://vitest.dev). A change keeps the suite green and follows the layering rule above — anything engine-general is contributed down to the substrate, not duplicated here. See [AGENTS.md](./AGENTS.md) for the full contributor contract.
+
+## License
+
+[MIT](./LICENSE)

package/package.json

@@ -1,7 +1,20 @@
 {
   "name": "@tangle-network/agent-app",
-  "version": "0.1.0",
-  "description": "Shared application-shell framework for Tangle agent products: the structured agent→app tool side channel (proposals, follow-ups, generated UI, citations), domain-seamed so each product supplies its own persistence and types.",
+  "version": "0.1.2",
+  "packageManager": "pnpm@10.33.4",
+  "description": "Application-shell framework for Tangle agent products: a bounded tool loop, the structured agent→app tool side channel, integration-hub client, per-workspace billing, and crypto — composed over the Tangle agent substrate through typed seams.",
+  "keywords": [
+    "tangle",
+    "ai-agent",
+    "agent-framework",
+    "llm",
+    "tool-calling",
+    "mcp",
+    "openai",
+    "approval-workflow",
+    "cloudflare-workers",
+    "eval"
+  ],
   "homepage": "https://github.com/tangle-network/agent-app#readme",
   "repository": {
     "type": "git",
@@ -79,6 +92,14 @@
       "default": "./dist/redact/index.js"
     }
   },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "prepare": "tsup",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "typecheck": "tsc --noEmit"
+  },
   "devDependencies": {
     "@types/node": "^25.6.0",
     "tsup": "^8.0.0",
@@ -90,12 +111,5 @@
   "peerDependencies": {
     "@tangle-network/agent-integrations": ">=0.32.0",
     "@tangle-network/agent-eval": ">=0.50.0"
-  },
-  "scripts": {
-    "build": "tsup",
-    "dev": "tsup --watch",
-    "test": "vitest run",
-    "test:watch": "vitest",
-    "typecheck": "tsc --noEmit"
   }
-}
+}