@the-ai-company/cbio-node-runtime 0.39.0 → 1.0.0

package/README.md

@@ -1,8 +1,6 @@
-# cbio Node Runtime
+# cbio Vault Runtime
 
-Node.js runtime for cbio identity and credential vault. Library only.
-
-**⚠️ Actively under development — not a stable release.**
+Node.js vault runtime with a hard-cut architecture: vault core first, explicit clients second.
 
 **Source:** [https://github.com/TheAICompany/cbio-node-runtime](https://github.com/TheAICompany/cbio-node-runtime)
 
@@ -21,9 +19,11 @@ Node.js runtime for cbio identity and credential vault. Library only.
 - No CLI
 - No TUI
 
-Import and use `CbioIdentity`, `CbioAgent` from the main export.
-
-For registration flows that mint a new secret locally, use `startLocalSecretIngress(...)` to let a trusted local process `POST` the newly issued value straight into the vault without printing it to terminal output first.
+Main export now centers on:
+- `vault-core`
+- `vault-ingress`
+- `clients/owner`
+- `clients/agent`
 
 ## Install
 
@@ -36,76 +36,138 @@ npm install @the-ai-company/cbio-node-runtime
 ## Usage
 
 ```ts
-import { CbioIdentity, CbioAgent, generateIdentityKeys } from '@the-ai-company/cbio-node-runtime';
-
-const keys = generateIdentityKeys();
-const identity = await CbioIdentity.load({ privateKey: keys.privateKey });
-const agent: CbioAgent = identity.getAgent(); // minimal permissions: vault:fetch, vault:list
+import {
+  createVaultService,
+  createDefaultVaultCoreDependencies,
+  createOwnerHttpFlowBoundary,
+  createStandardAcquireBoundary,
+  createStandardDispatchBoundary,
+  createOwnerClient,
+  createAgentClient,
+  InMemoryVaultCapabilityResolver,
+  LocalVaultTransport,
+} from '@the-ai-company/cbio-node-runtime';
 ```
 
-## Secret Boundary Model
+## Architecture
 
-After root initialization, runtime-supported secret flows are designed around `no plaintext export`.
+The public runtime surface follows four hard rules:
 
-- Acquire and store from a remote issuer: `fetchJsonAndAddSecret(...)`
-- Ingest a newly issued local secret without `stdout`: `startLocalSecretIngress(...)`
-- Use a stored secret remotely: `fetchWithAuth(...)`, `createFetchWithAuth(...)`, `startLocalAuthProxy(...)`
-- Prove or compare a stored secret locally without exporting it: `proveSecret(...)`, `compareSecret(...)`
-- Validate a stored secret through a controlled validator: `validateSecret(...)`
+1. Secret plaintext lives only in vault core.
+2. Only owner and vault-trusted acquisition paths may write secrets.
+3. Secrets are dispatched only to owner-approved or issuer-bound targets.
+4. Vault validates and audits everything.
 
-The public runtime surface is intended to let applications use, prove, and validate secrets without retrieving them as cleartext.
+The current HTTP-facing interface distinguishes two supported secret-flow classes:
 
-## Recommended Paths
+- `A` / `acquire_secret`
+  No secret leaves the vault. A secret is extracted from the response and stored into the vault. Agent-visible output includes only protocol metadata plus a redacted response shape.
+- `B` / `send_secret`
+  A stored secret is sent to an owner-approved target. The response is treated as normal business output and may be returned to the agent.
 
-### Remote Issuer -> Vault
+This is an intentional boundary choice:
 
-```ts
-const acquired = await identity.fetchJsonAndAddSecret({
-  secretName: 'service-token',
-  url: 'https://issuer.example.com/token',
-  extractKey: (response: { token?: string }) => response.token ?? '',
-});
-```
+- acquisition responses are treated as sensitive because they may contain newly issued secret material
+- dispatch responses are treated as ordinary protocol results because the operation itself is a standard secret-backed HTTP call to an owner-approved target
 
-### Local Process -> Vault
+The vault does not attempt to second-guess every remote protocol. If a target returns sensitive data during a normal dispatch flow, that is part of the target contract and the owner's authorization decision.
 
-```ts
-const ingress = await identity.startLocalSecretIngress({
-  secretName: 'service-token',
-});
+The runtime does not claim to understand arbitrary remote protocols. The API boundary makes clear what is supported:
 
-await fetch(ingress.url, {
-  method: 'POST',
-  headers: {
-    Authorization: `Bearer ${ingress.authToken}`,
-    'Content-Type': 'text/plain',
-  },
-  body: 'newly-issued-secret',
-});
+- acquisition is explicit and redacted
+- secret-backed dispatch is explicit and capability-gated
+- unsupported `C` / `D` style flows are not part of the current surface
+
+Owner-defined HTTP boundaries share one factory layer:
+
+- `createOwnerHttpFlowBoundary(...)`
+- `createStandardAcquireBoundary(...)`
+- `createStandardDispatchBoundary(...)`
+
+An owner-defined exception path also exists for non-standard but intentional integrations:
+
+- owner may register a `custom_http` flow
+- the flow fixes mode, target, method, and response visibility inside the vault
+- agent may only invoke the registered `customFlowId`
+- this is an explicit escape hatch, not the default path
+
+## Modules
+
+- `vault-core`
+  The vault kernel. Stores plaintext, authorizes writes, authorizes dispatch, executes dispatch, appends audit.
+
+- `vault-ingress`
+  Vault boundary/facade. Accepts request-shaped calls, handles trusted acquisition paths, and keeps capability resolution plus dispatch ingress inside the vault trust boundary.
+
+- `clients/owner`
+  Owner-facing client. Writes secrets and reads audit.
+
+- `clients/agent`
+  Agent-facing client. Creates signed dispatch requests. Never handles plaintext secret.
+
+## Status
+
+The old identity-centric runtime is no longer the intended public architecture.
+This package now exposes the production local vault runtime surface as the primary API.
+
+## Example Shape
+
+```ts
+const capabilities = new InMemoryVaultCapabilityResolver();
+const vault = createVaultService(createDefaultVaultCoreDependencies(), { capabilities });
+const owner = createOwnerClient(ownerIdentity, vault, ownerSigner, clock);
+const transport = new LocalVaultTransport(vault, capability.capabilityId);
+const agent = createAgentClient(agentIdentity, capability, signer, transport, clock);
 ```
 
-### Vault -> Remote Service
+Capability example:
 
 ```ts
-const response = await identity.fetchWithAuth('service-token', 'https://api.example.com/me');
+const capability = {
+  vaultId: vault.vaultId,
+  capabilityId: 'cap-1',
+  agentId: 'agent-1',
+  secretAliases: ['api-token'],
+  operation: 'dispatch_http',
+  allowedTargets: ['https://api.example.com/endpoint'],
+  allowedMethods: ['POST'],
+  issuedAt: new Date().toISOString(),
+};
 ```
 
-### Vault -> Local Proof / Validation
+Custom flow example:
 
 ```ts
-const same = await identity.compareSecret('service-token', 'candidate-value');
-const proof = await identity.proveSecret('service-token', 'challenge-123');
+await owner.registerCustomFlow({
+  flowId: 'custom-status-read',
+  ...createOwnerHttpFlowBoundary({
+    mode: 'send_secret',
+    targetUrl: 'https://api.example.com/custom-status',
+    method: 'POST',
+    responseVisibility: 'shape_only',
+  }),
+});
 ```
 
+Acquisition example:
+
 ```ts
-import { genericHttpValidator } from '@the-ai-company/cbio-node-runtime';
+const acquireBoundary = createStandardAcquireBoundary({
+  targetUrl: 'https://issuer.example.com/token',
+  responseField: 'access_token',
+  storeAlias: 'issuer-token',
+});
 
-const result = await identity.validateSecret(
-  'service-token',
-  genericHttpValidator({
-    url: 'https://api.example.com/me',
-  }),
-);
+const acquired = await vault.acquireSecret({
+  alias: acquireBoundary.responseSecret.storeAlias,
+  issuerId: 'issuer-1',
+  url: acquireBoundary.targetUrl,
+  flow: 'oauth_token_response.access_token',
+  method: acquireBoundary.method,
+});
+
+console.log(acquired.responseShape);
+// { token_type: 'Bearer', expires_in: 3600, scope: 'read write' }
 ```
 
 ## Build

package/dist/clients/agent/client.d.ts

@@ -0,0 +1,9 @@
+import type { Clock } from "../../vault-core/index.js";
+import type { AgentCapabilityEnvelope, AgentDispatchIntent, AgentDispatchTransport, AgentSigner } from "./contracts.js";
+export interface AgentIdentity {
+    agentId: string;
+}
+export interface AgentClient {
+    dispatch(intent: AgentDispatchIntent): Promise<import("../../vault-core/index.js").DispatchResult>;
+}
+export declare function createAgentClient(identity: AgentIdentity, capability: AgentCapabilityEnvelope, signer: AgentSigner, transport: AgentDispatchTransport, clock: Clock): AgentClient;

package/dist/clients/agent/client.js

@@ -0,0 +1,72 @@
+function createDispatchBinding(requestId, requestedAt, agentId, capabilityId, secretAlias, targetUrl, method, body) {
+    return JSON.stringify({
+        requestId,
+        requestedAt,
+        agentId,
+        capabilityId,
+        secretAlias: secretAlias ?? null,
+        targetUrl,
+        method,
+        body: body ?? null,
+    });
+}
+class DefaultAgentClient {
+    _identity;
+    _capability;
+    _signer;
+    _transport;
+    _clock;
+    constructor(_identity, _capability, _signer, _transport, _clock) {
+        this._identity = _identity;
+        this._capability = _capability;
+        this._signer = _signer;
+        this._transport = _transport;
+        this._clock = _clock;
+    }
+    async dispatch(intent) {
+        const requestedAt = intent.requestedAt ?? this._clock.nowIso();
+        const requestId = `${this._identity.agentId}:${requestedAt}:${intent.secretAlias ?? "no-secret"}:${intent.method}`;
+        const publicKey = await this._signer.getPublicKey();
+        const signature = await this._signer.sign(createDispatchBinding(requestId, requestedAt, this._identity.agentId, this._capability.capabilityId, intent.secretAlias, intent.targetUrl, intent.method, intent.body));
+        return this._transport.dispatch({
+            vaultId: this._capability.vaultId,
+            requestId,
+            requestedAt,
+            agent: {
+                kind: "agent",
+                id: this._identity.agentId,
+            },
+            capability: {
+                vaultId: this._capability.vaultId,
+                capabilityId: this._capability.capabilityId,
+                agentId: this._capability.agentId,
+                secretIds: this._capability.secretIds,
+                secretAliases: this._capability.secretAliases,
+                operation: this._capability.operation,
+                allowedTargets: this._capability.allowedTargets,
+                allowedMethods: this._capability.allowedMethods,
+                allowedPaths: this._capability.allowedPaths,
+                issuedAt: this._capability.issuedAt,
+                expiresAt: this._capability.expiresAt,
+                revocationVersion: this._capability.revocationVersion,
+                rateLimit: this._capability.rateLimit,
+                auditRequired: this._capability.auditRequired,
+            },
+            proof: {
+                agentId: this._identity.agentId,
+                signature,
+                requestId,
+                requestedAt,
+            },
+            secretAlias: intent.secretAlias,
+            targetUrl: intent.targetUrl,
+            method: intent.method,
+            headers: intent.headers,
+            body: intent.body,
+        });
+    }
+}
+export function createAgentClient(identity, capability, signer, transport, clock) {
+    return new DefaultAgentClient(identity, capability, signer, transport, clock);
+}
+//# sourceMappingURL=client.js.map

package/dist/clients/agent/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/clients/agent/client.ts"],"names":[],"mappings":"AAgBA,SAAS,qBAAqB,CAC5B,SAAiB,EACjB,WAAmB,EACnB,OAAe,EACf,YAAoB,EACpB,WAA+B,EAC/B,SAAiB,EACjB,MAAc,EACd,IAAa;IAEb,OAAO,IAAI,CAAC,SAAS,CAAC;QACpB,SAAS;QACT,WAAW;QACX,OAAO;QACP,YAAY;QACZ,WAAW,EAAE,WAAW,IAAI,IAAI;QAChC,SAAS;QACT,MAAM;QACN,IAAI,EAAE,IAAI,IAAI,IAAI;KACnB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,kBAAkB;IAEH;IACA;IACA;IACA;IACA;IALnB,YACmB,SAAwB,EACxB,WAAoC,EACpC,OAAoB,EACpB,UAAkC,EAClC,MAAa;QAJb,cAAS,GAAT,SAAS,CAAe;QACxB,gBAAW,GAAX,WAAW,CAAyB;QACpC,YAAO,GAAP,OAAO,CAAa;QACpB,eAAU,GAAV,UAAU,CAAwB;QAClC,WAAM,GAAN,MAAM,CAAO;IAC7B,CAAC;IAEJ,KAAK,CAAC,QAAQ,CAAC,MAA2B;QACxC,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC/D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,IAAI,MAAM,CAAC,WAAW,IAAI,WAAW,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QACnH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QACpD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CACvC,qBAAqB,CACnB,SAAS,EACT,WAAW,EACX,IAAI,CAAC,SAAS,CAAC,OAAO,EACtB,IAAI,CAAC,WAAW,CAAC,YAAY,EAC7B,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,IAAI,CACZ,CACF,CAAC;QAEF,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;YAC9B,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;YACjC,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;aAC3B;YACD,UAAU,EAAE;gBACV,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;gBACjC,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,YAAY;gBAC3C,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;gBACjC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC,aAAa;gBAC7C,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,cAAc;gBAC/C,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,cAAc;gBAC/C,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,YAAY;gBAC3C,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,QAAQ;gBACnC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,iBAAiB,EAAE,IAAI,CAAC,WAAW,CAAC,iBAAiB;gBACrD,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC,aAAa;aAC9C;YACD,KAAK,EAAE;gBACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;gBAC/B,SAAS;gBACT,SAAS;gBACT,WAAW;aACZ;YACD,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,IAAI,EAAE,MAAM,CAAC,IAAI;SAClB,CAAC,CAAC;IACL,CAAC;CACF;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAuB,EACvB,UAAmC,EACnC,MAAmB,EACnB,SAAiC,EACjC,KAAY;IAEZ,OAAO,IAAI,kBAAkB,CAAC,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;AAChF,CAAC"}

package/dist/clients/agent/contracts.d.ts

@@ -0,0 +1,34 @@
+export interface AgentDispatchIntent {
+    secretAlias?: string;
+    targetUrl: string;
+    method: string;
+    headers?: Record<string, string>;
+    body?: string;
+    requestedAt?: string;
+}
+export interface AgentCapabilityEnvelope {
+    vaultId: import("../../vault-core/index.js").VaultId;
+    capabilityId: string;
+    agentId: string;
+    secretIds?: readonly string[];
+    secretAliases?: readonly string[];
+    operation: "dispatch_http";
+    allowedTargets: readonly string[];
+    allowedMethods: readonly string[];
+    allowedPaths?: readonly string[];
+    issuedAt: string;
+    expiresAt?: string;
+    revocationVersion?: number;
+    rateLimit?: {
+        maxRequests: number;
+        windowMs: number;
+    };
+    auditRequired?: boolean;
+}
+export interface AgentSigner {
+    getPublicKey(): Promise<string>;
+    sign(input: string): Promise<string>;
+}
+export interface AgentDispatchTransport {
+    dispatch(request: import("../../vault-core/index.js").DispatchRequest): Promise<import("../../vault-core/index.js").DispatchResult>;
+}

package/dist/clients/agent/contracts.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=contracts.js.map

package/dist/clients/agent/contracts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"contracts.js","sourceRoot":"","sources":["../../../src/clients/agent/contracts.ts"],"names":[],"mappings":""}

package/dist/clients/agent/index.d.ts

@@ -0,0 +1,3 @@
+export { createAgentClient } from "./client.js";
+export type { AgentClient, AgentIdentity, } from "./client.js";
+export type { AgentCapabilityEnvelope, AgentDispatchIntent, AgentDispatchTransport, AgentSigner, } from "./contracts.js";

package/dist/clients/agent/index.js

@@ -0,0 +1,2 @@
+export { createAgentClient } from "./client.js";
+//# sourceMappingURL=index.js.map

package/dist/clients/agent/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/clients/agent/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC"}

package/dist/clients/owner/client.d.ts

@@ -0,0 +1,18 @@
+import type { Clock } from "../../vault-core/index.js";
+import type { VaultService } from "../../vault-ingress/index.js";
+import type { OwnerAuditQueryInput, OwnerRegisterCustomHttpFlowInput, OwnerRegisterAgentIdentityInput, OwnerRegisterOwnerIdentityInput, OwnerWriteSecretInput } from "./contracts.js";
+export interface OwnerIdentity {
+    ownerId: string;
+}
+export interface OwnerSigner {
+    getPublicKey(): Promise<string>;
+    sign(input: string): Promise<string>;
+}
+export interface OwnerClient {
+    writeSecret(input: OwnerWriteSecretInput): Promise<import("../../vault-core/index.js").SecretRecord>;
+    getAudit(query?: OwnerAuditQueryInput): Promise<readonly import("../../vault-core/index.js").AuditEntry[]>;
+    registerAgentIdentity(input: OwnerRegisterAgentIdentityInput): Promise<void>;
+    registerOwnerIdentity(input: OwnerRegisterOwnerIdentityInput): Promise<void>;
+    registerCustomFlow(input: OwnerRegisterCustomHttpFlowInput): Promise<void>;
+}
+export declare function createOwnerClient(identity: OwnerIdentity, vault: VaultService, signer: OwnerSigner, clock: Clock): OwnerClient;

package/dist/clients/owner/client.js

@@ -0,0 +1,169 @@
+class DefaultOwnerClient {
+    _identity;
+    _vault;
+    _signer;
+    _clock;
+    constructor(_identity, _vault, _signer, _clock) {
+        this._identity = _identity;
+        this._vault = _vault;
+        this._signer = _signer;
+        this._clock = _clock;
+    }
+    async writeSecret(input) {
+        const requestedAt = input.requestedAt ?? this._clock.nowIso();
+        const requestId = `${this._identity.ownerId}:${requestedAt}:${input.alias}:write_secret`;
+        const signature = await this._signer.sign(JSON.stringify({
+            requestId,
+            requestedAt,
+            ownerId: this._identity.ownerId,
+            alias: input.alias,
+            plaintext: input.plaintext,
+            targetBindings: input.targetBindings,
+        }));
+        return this._vault.writeSecret({
+            kind: "owner.write_secret",
+            vaultId: this._vault.vaultId,
+            requestId,
+            owner: {
+                kind: "owner",
+                id: this._identity.ownerId,
+            },
+            alias: input.alias,
+            plaintext: input.plaintext,
+            targetBindings: input.targetBindings,
+            requestedAt,
+            proof: {
+                ownerId: this._identity.ownerId,
+                signature,
+                requestId,
+                requestedAt,
+            },
+        });
+    }
+    async getAudit(query = {}) {
+        const requestedAt = this._clock.nowIso();
+        const requestId = `${this._identity.ownerId}:${requestedAt}:read_audit`;
+        const signature = await this._signer.sign(JSON.stringify({
+            requestId,
+            requestedAt,
+            ownerId: this._identity.ownerId,
+            query,
+        }));
+        return this._vault.readAudit({
+            vaultId: this._vault.vaultId,
+            actor: {
+                kind: "owner",
+                id: this._identity.ownerId,
+            },
+            query,
+            requestId,
+            requestedAt,
+            proof: {
+                ownerId: this._identity.ownerId,
+                signature,
+                requestId,
+                requestedAt,
+            },
+        });
+    }
+    async registerAgentIdentity(input) {
+        const requestedAt = input.requestedAt ?? this._clock.nowIso();
+        const requestId = `${this._identity.ownerId}:${requestedAt}:${input.agentId}:register_agent_identity`;
+        const agentIdentity = {
+            vaultId: this._vault.vaultId,
+            agentId: input.agentId,
+            publicKey: input.publicKey,
+        };
+        const signature = await this._signer.sign(JSON.stringify({
+            requestId,
+            requestedAt,
+            ownerId: this._identity.ownerId,
+            agentIdentity,
+        }));
+        await this._vault.registerAgentIdentity({
+            vaultId: this._vault.vaultId,
+            requestId,
+            owner: {
+                kind: "owner",
+                id: this._identity.ownerId,
+            },
+            agentIdentity,
+            requestedAt,
+            proof: {
+                ownerId: this._identity.ownerId,
+                signature,
+                requestId,
+                requestedAt,
+            },
+        });
+    }
+    async registerOwnerIdentity(input) {
+        const requestedAt = input.requestedAt ?? this._clock.nowIso();
+        const requestId = `${this._identity.ownerId}:${requestedAt}:${input.ownerId}:register_owner_identity`;
+        const ownerIdentity = {
+            vaultId: this._vault.vaultId,
+            ownerId: input.ownerId,
+            publicKey: input.publicKey,
+        };
+        const signature = await this._signer.sign(JSON.stringify({
+            requestId,
+            requestedAt,
+            ownerId: this._identity.ownerId,
+            ownerIdentity,
+        }));
+        await this._vault.registerOwnerIdentity({
+            vaultId: this._vault.vaultId,
+            requestId,
+            owner: {
+                kind: "owner",
+                id: this._identity.ownerId,
+            },
+            ownerIdentity,
+            requestedAt,
+            proof: {
+                ownerId: this._identity.ownerId,
+                signature,
+                requestId,
+                requestedAt,
+            },
+        });
+    }
+    async registerCustomFlow(input) {
+        const requestedAt = input.requestedAt ?? this._clock.nowIso();
+        const requestId = `${this._identity.ownerId}:${requestedAt}:${input.flowId}:register_custom_flow`;
+        const flow = {
+            flowId: input.flowId,
+            mode: input.mode,
+            targetUrl: input.targetUrl,
+            method: input.method,
+            responseVisibility: input.responseVisibility,
+            responseSecret: input.responseSecret,
+        };
+        const signature = await this._signer.sign(JSON.stringify({
+            requestId,
+            requestedAt,
+            ownerId: this._identity.ownerId,
+            flow,
+        }));
+        await this._vault.registerCustomFlow({
+            vaultId: this._vault.vaultId,
+            requestId,
+            owner: {
+                kind: "owner",
+                id: this._identity.ownerId,
+            },
+            flow,
+            requestedAt,
+            proof: {
+                ownerId: this._identity.ownerId,
+                signature,
+                requestId,
+                requestedAt,
+            },
+        });
+    }
+}
+export function createOwnerClient(identity, vault, signer, clock) {
+    return new DefaultOwnerClient(identity, vault, signer, clock);
+}
+//# sourceMappingURL=client.js.map

package/dist/clients/owner/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/clients/owner/client.ts"],"names":[],"mappings":"AA2BA,MAAM,kBAAkB;IAEH;IACA;IACA;IACA;IAJnB,YACmB,SAAwB,EACxB,MAAoB,EACpB,OAAoB,EACpB,MAAa;QAHb,cAAS,GAAT,SAAS,CAAe;QACxB,WAAM,GAAN,MAAM,CAAc;QACpB,YAAO,GAAP,OAAO,CAAa;QACpB,WAAM,GAAN,MAAM,CAAO;IAC7B,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,KAA4B;QAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QACzF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;YACvD,SAAS;YACT,WAAW;YACX,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc,EAAE,KAAK,CAAC,cAAc;SACrC,CAAC,CAAC,CAAC;QACJ,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;YAC7B,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;aAC3B;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc,EAAE,KAAK,CAAC,cAAc;YACpC,WAAW;YACX,KAAK,EAAE;gBACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;gBAC/B,SAAS;gBACT,SAAS;gBACT,WAAW;aACZ;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,QAA8B,EAAE;QAC7C,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,aAAa,CAAC;QACxE,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;YACvD,SAAS;YACT,WAAW;YACX,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,KAAK;SACN,CAAC,CAAC,CAAC;QACJ,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;YAC3B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;aAC3B;YACD,KAAK;YACL,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;gBAC/B,SAAS;gBACT,SAAS;gBACT,WAAW;aACZ;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,KAAsC;QAChE,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,0BAA0B,CAAC;QACtG,MAAM,aAAa,GAAG;YACpB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS,EAAE,KAAK,CAAC,SAAS;SAC3B,CAAC;QACF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;YACvD,SAAS;YACT,WAAW;YACX,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,aAAa;SACd,CAAC,CAAC,CAAC;QACJ,MAAM,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACtC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;aAC3B;YACD,aAAa;YACb,WAAW;YACX,KAAK,EAAE;gBACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;gBAC/B,SAAS;gBACT,SAAS;gBACT,WAAW;aACZ;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,KAAsC;QAChE,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,0BAA0B,CAAC;QACtG,MAAM,aAAa,GAAG;YACpB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS,EAAE,KAAK,CAAC,SAAS;SAC3B,CAAC;QACF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;YACvD,SAAS;YACT,WAAW;YACX,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,aAAa;SACd,CAAC,CAAC,CAAC;QACJ,MAAM,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACtC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;aAC3B;YACD,aAAa;YACb,WAAW;YACX,KAAK,EAAE;gBACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;gBAC/B,SAAS;gBACT,SAAS;gBACT,WAAW;aACZ;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,KAAuC;QAC9D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,IAAI,KAAK,CAAC,MAAM,uBAAuB,CAAC;QAClG,MAAM,IAAI,GAAG;YACX,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;YAC5C,cAAc,EAAE,KAAK,CAAC,cAAc;SACrC,CAAC;QACF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;YACvD,SAAS;YACT,WAAW;YACX,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,IAAI;SACL,CAAC,CAAC,CAAC;QACJ,MAAM,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;YACnC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;aAC3B;YACD,IAAI;YACJ,WAAW;YACX,KAAK,EAAE;gBACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;gBAC/B,SAAS;gBACT,SAAS;gBACT,WAAW;aACZ;SACF,CAAC,CAAC;IACL,CAAC;CACF;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAuB,EACvB,KAAmB,EACnB,MAAmB,EACnB,KAAY;IAEZ,OAAO,IAAI,kBAAkB,CAAC,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;AAChE,CAAC"}

package/dist/clients/owner/contracts.d.ts

@@ -0,0 +1,34 @@
+import type { OwnerHttpFlowBoundary } from "../../vault-ingress/flow-factories.js";
+export interface OwnerSecretTargetBinding {
+    kind: "owner" | "site";
+    targetId: string;
+    targetUrl?: string;
+    methods?: readonly string[];
+    paths?: readonly string[];
+}
+export interface OwnerWriteSecretInput {
+    alias: string;
+    plaintext: string;
+    targetBindings: readonly OwnerSecretTargetBinding[];
+    requestedAt?: string;
+}
+export interface OwnerAuditQueryInput {
+    actorId?: string;
+    secretAlias?: string;
+    requestId?: string;
+    since?: string;
+}
+export interface OwnerRegisterAgentIdentityInput {
+    agentId: string;
+    publicKey: string;
+    requestedAt?: string;
+}
+export interface OwnerRegisterOwnerIdentityInput {
+    ownerId: string;
+    publicKey: string;
+    requestedAt?: string;
+}
+export interface OwnerRegisterCustomHttpFlowInput extends OwnerHttpFlowBoundary {
+    flowId: string;
+    requestedAt?: string;
+}

package/dist/clients/owner/contracts.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=contracts.js.map

package/dist/clients/owner/contracts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"contracts.js","sourceRoot":"","sources":["../../../src/clients/owner/contracts.ts"],"names":[],"mappings":""}

package/dist/clients/owner/index.d.ts

@@ -0,0 +1,3 @@
+export { createOwnerClient } from "./client.js";
+export type { OwnerClient, OwnerIdentity, OwnerSigner, } from "./client.js";
+export type { OwnerAuditQueryInput, OwnerRegisterCustomHttpFlowInput, OwnerRegisterAgentIdentityInput, OwnerRegisterOwnerIdentityInput, OwnerSecretTargetBinding, OwnerWriteSecretInput, } from "./contracts.js";

package/dist/clients/owner/index.js

@@ -0,0 +1,2 @@
+export { createOwnerClient } from "./client.js";
+//# sourceMappingURL=index.js.map

package/dist/clients/owner/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/clients/owner/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC"}

package/dist/runtime/index.d.ts

@@ -1,16 +1,14 @@
 /**
- * Runtime export. For agent developers.
- * Owner, Agent, storage, errors. Consumer surface only.
+ * Runtime export.
+ * Hard-cut public surface: vault core plus explicit clients only.
  */
-export { CbioIdentity, CbioAgent } from "../agent/agent.js";
-export type { ActivityLogConfig, GetAgentOptions, IssuedCapabilityName, ManagedAgentHandleConfig, ManagedAgentCapabilityInfo, ManagedAgentCapabilityStatus, ManagedAgentContext, ManagedAgentIssueConfig, ManagedAgentIssueOptions, ManagedAgentLoadOptions, ManagedAgentStorageConfig, RegisterChildIdentityOptions, RegisterChildIdentityResult, IdentityLoadKeys, IdentityLoadOptions, RuntimePermissionName, RuntimePermissions, SecretValidationResult, SecretValidationStatus, SecretValidator, SecretValidatorHandle, SecretProofAlgorithm, StartLocalSecretIngressOptions, } from "../agent/agent.js";
-export type { MergeResult } from "../vault/vault.js";
-export type { FetchFailure, FetchJsonAndAddSecretOptions, FetchJsonAndUpdateSecretOptions, FetchResult, FetchSuccess, } from "../http/secretAcquisition.js";
-export { generateIdentityKeys, derivePublicKey } from "../protocol/crypto.js";
 export { IdentityError, IdentityErrorCode } from "../errors.js";
+export { generateIdentityKeys, derivePublicKey, LocalSigner } from "../protocol/crypto.js";
 export type { IStorageProvider } from "../storage/provider.js";
 export { FsStorageProvider } from "../storage/fs.js";
 export { MemoryStorageProvider } from "../storage/memory.js";
-export { startLocalAuthProxy, type FetchWithAuthLike, type LocalAuthProxyOptions, type LocalAuthProxyHandle, } from "../http/localAuthProxy.js";
-export { genericHttpValidator, type GenericHttpSecretValidatorConfig, } from "../http/genericSecretValidator.js";
-export { startLocalSecretIngress, type LocalSecretIngressHandle, type LocalSecretIngressOptions, type LocalSecretIngressResult, type LocalSecretIngressWriter, } from "../http/localSecretIngress.js";
+export { createVaultCore, DefaultVaultCore, VaultCoreError, createDefaultVaultCoreDependencies, type CreateDefaultVaultCoreDependenciesOptions, type DefaultPolicyEngineOptions, DefaultPolicyEngine, createPersistentVaultCoreDependencies, PersistentVaultAuditLog, PersistentVaultCapabilityRevocationRegistry, PersistentVaultCustomHttpFlowRegistry, PersistentVaultRateLimitStore, PersistentVaultReplayGuard, PersistentVaultSecretCustody, PersistentVaultSecretRepository, HttpDispatchExecutor, InMemoryAgentIdentityRegistry, InMemoryCapabilityRevocationRegistry, InMemoryCustomHttpFlowRegistry, InMemoryRateLimitStore, InMemoryReplayGuard, InMemoryAuditLog, InMemoryOwnerIdentityRegistry, InMemorySecretCustody, InMemorySecretRepository, RandomIdGenerator, SignatureOwnerProofVerifier, type SignatureAgentProofVerifierOptions, SignatureAgentProofVerifier, SystemClock, type AgentCapability, type AgentIdentityRecord, type AgentProof, type OwnerAuditRequest, type OwnerRegisterAgentIdentityCommand, type OwnerRegisterCustomHttpFlowCommand, type OwnerRegisterOwnerIdentityCommand, type OwnerIdentityRecord, type CustomHttpFlowDefinition, type OwnerProof, type AuditEntry, type AuditLog, type AuditQuery, type Clock, type DispatchAuthorization, type DispatchInstruction, type DispatchRequest, type DispatchResult, type IdGenerator, type OwnerIdentityRegistry, type OwnerProofVerifier, type PolicyEngine, type RateLimitStore, type ReplayGuard, type CustomHttpFlowRegistry, type SecretAlias, type SecretCustody, type SecretId, type SecretRecord, type SecretRepository, type SecretVersion, type TrustedExecutor, type VaultCore, type VaultCoreDependencies, type VaultPrincipal, type VaultPrincipalKind, type VaultTargetBinding, type VaultWriteSecretCommand, type VaultId, type AgentIdentityRegistry, type AgentProofVerifier, type CapabilityRevocationRegistry, } from "../vault-core/index.js";
+export { createOwnerClient, type OwnerClient, type OwnerIdentity, type OwnerSigner, type OwnerAuditQueryInput, type OwnerRegisterCustomHttpFlowInput, type OwnerRegisterAgentIdentityInput, type OwnerRegisterOwnerIdentityInput, type OwnerSecretTargetBinding, type OwnerWriteSecretInput, } from "../clients/owner/index.js";
+export { createAgentClient, type AgentClient, type AgentIdentity, type AgentCapabilityEnvelope, type AgentDispatchIntent, type AgentDispatchTransport, type AgentSigner, } from "../clients/agent/index.js";
+export { createVaultService, wrapVaultCoreAsVaultService, createOwnerHttpFlowBoundary, createStandardAcquireBoundary, createStandardDispatchBoundary, toOwnerHttpFlowBoundary, type VaultService, type VaultAcquireSecretInput, type VaultAcquireSecretResult, type VaultAcquireSecretFlow, type VaultCustomFlowResolver, type VaultCapabilityResolver, type VaultAgentDispatchRequest, type VaultAgentDispatchResponse, type VaultAgentDispatchErrorResponse, type RedactedResponseShape, type OwnerHttpFlowBoundary, } from "../vault-ingress/index.js";
+export { InMemoryVaultCapabilityResolver, LocalVaultTransport, } from "../vault-ingress/defaults.js";