@the-ai-company/cbio-node-runtime 1.42.0 → 1.45.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (232) hide show
  1. package/README.md +1 -0
  2. package/dist/clients/agent/client.d.ts +35 -0
  3. package/dist/clients/agent/client.js +15 -0
  4. package/dist/clients/agent/client.js.map +1 -1
  5. package/dist/clients/owner/client.d.ts +60 -0
  6. package/dist/clients/owner/client.js +14 -0
  7. package/dist/clients/owner/client.js.map +1 -1
  8. package/dist/clients/owner/index.d.ts +1 -1
  9. package/dist/runtime/bootstrap.d.ts +43 -7
  10. package/dist/runtime/bootstrap.js +12 -1
  11. package/dist/runtime/bootstrap.js.map +1 -1
  12. package/dist/runtime/identity.d.ts +47 -0
  13. package/dist/runtime/identity.js +25 -0
  14. package/dist/runtime/identity.js.map +1 -1
  15. package/dist/runtime/index.d.ts +9 -11
  16. package/dist/runtime/index.js +2 -0
  17. package/dist/runtime/index.js.map +1 -1
  18. package/dist/runtime/private-vault.d.ts +1 -2
  19. package/dist/vault-core/contracts.d.ts +32 -4
  20. package/dist/vault-core/contracts.js +31 -1
  21. package/dist/vault-core/contracts.js.map +1 -1
  22. package/dist/vault-core/core.js +28 -27
  23. package/dist/vault-core/core.js.map +1 -1
  24. package/dist/vault-core/defaults.js +3 -2
  25. package/dist/vault-core/defaults.js.map +1 -1
  26. package/dist/vault-core/index.d.ts +1 -0
  27. package/dist/vault-core/index.js +1 -0
  28. package/dist/vault-core/index.js.map +1 -1
  29. package/dist/vault-ingress/index.d.ts +2 -0
  30. package/dist/vault-ingress/index.js +4 -2
  31. package/dist/vault-ingress/index.js.map +1 -1
  32. package/dist/vault-ingress/remote-transport.d.ts +12 -0
  33. package/dist/vault-ingress/remote-transport.js +45 -0
  34. package/dist/vault-ingress/remote-transport.js.map +1 -0
  35. package/dist/vault-ingress/server-utils.d.ts +10 -0
  36. package/dist/vault-ingress/server-utils.js +18 -0
  37. package/dist/vault-ingress/server-utils.js.map +1 -0
  38. package/docs/ARCHITECTURE.md +8 -0
  39. package/docs/PROCESS_ISOLATION.md +56 -0
  40. package/docs/api/README.md +211 -0
  41. package/docs/api/classes/AgentDispatchHttpTransport.md +52 -0
  42. package/docs/api/classes/DefaultPolicyEngine.md +117 -0
  43. package/docs/api/classes/DefaultVaultCore.md +405 -0
  44. package/docs/api/classes/FsStorageProvider.md +192 -0
  45. package/docs/api/classes/HttpDispatchExecutor.md +63 -0
  46. package/docs/api/classes/IdentityError.md +62 -0
  47. package/docs/api/classes/InMemoryAgentIdentityRegistry.md +83 -0
  48. package/docs/api/classes/InMemoryAuditLog.md +59 -0
  49. package/docs/api/classes/InMemoryCapabilityRegistry.md +91 -0
  50. package/docs/api/classes/InMemoryCapabilityRevocationRegistry.md +75 -0
  51. package/docs/api/classes/InMemoryCustomHttpFlowRegistry.md +63 -0
  52. package/docs/api/classes/InMemoryOwnerIdentityRegistry.md +83 -0
  53. package/docs/api/classes/InMemoryRateLimitStore.md +51 -0
  54. package/docs/api/classes/InMemoryReplayGuard.md +45 -0
  55. package/docs/api/classes/InMemorySecretCustody.md +83 -0
  56. package/docs/api/classes/InMemorySecretRepository.md +99 -0
  57. package/docs/api/classes/LocalSigner.md +59 -0
  58. package/docs/api/classes/LocalVaultTransport.md +45 -0
  59. package/docs/api/classes/MemoryStorageProvider.md +160 -0
  60. package/docs/api/classes/PersistentVaultAgentIdentityRegistry.md +101 -0
  61. package/docs/api/classes/PersistentVaultAuditLog.md +73 -0
  62. package/docs/api/classes/PersistentVaultCapabilityRegistry.md +109 -0
  63. package/docs/api/classes/PersistentVaultCapabilityRevocationRegistry.md +93 -0
  64. package/docs/api/classes/PersistentVaultCustomHttpFlowRegistry.md +81 -0
  65. package/docs/api/classes/PersistentVaultOwnerIdentityRegistry.md +101 -0
  66. package/docs/api/classes/PersistentVaultRateLimitStore.md +69 -0
  67. package/docs/api/classes/PersistentVaultReplayGuard.md +61 -0
  68. package/docs/api/classes/PersistentVaultSecretCustody.md +97 -0
  69. package/docs/api/classes/PersistentVaultSecretRepository.md +117 -0
  70. package/docs/api/classes/RandomIdGenerator.md +65 -0
  71. package/docs/api/classes/SignatureAgentProofVerifier.md +49 -0
  72. package/docs/api/classes/SignatureOwnerProofVerifier.md +249 -0
  73. package/docs/api/classes/SystemClock.md +33 -0
  74. package/docs/api/classes/VaultCoreError.md +39 -0
  75. package/docs/api/enumerations/AuditAction.md +95 -0
  76. package/docs/api/enumerations/AuditOutcome.md +29 -0
  77. package/docs/api/enumerations/DispatchStatus.md +23 -0
  78. package/docs/api/enumerations/IdentityErrorCode.md +121 -0
  79. package/docs/api/functions/createAgentClient.md +33 -0
  80. package/docs/api/functions/createChildIdentity.md +25 -0
  81. package/docs/api/functions/createDefaultVaultCoreDependencies.md +77 -0
  82. package/docs/api/functions/createIdentity.md +30 -0
  83. package/docs/api/functions/createOwnerHttpFlowBoundary.md +17 -0
  84. package/docs/api/functions/createPersistentVaultCoreDependencies.md +85 -0
  85. package/docs/api/functions/createStandardAcquireBoundary.md +31 -0
  86. package/docs/api/functions/createStandardDispatchBoundary.md +23 -0
  87. package/docs/api/functions/createVault.md +58 -0
  88. package/docs/api/functions/createVaultClient.md +32 -0
  89. package/docs/api/functions/createVaultCore.md +17 -0
  90. package/docs/api/functions/createVaultService.md +31 -0
  91. package/docs/api/functions/createWorkspaceStorage.md +17 -0
  92. package/docs/api/functions/deriveChildIdentity.md +41 -0
  93. package/docs/api/functions/deriveIdentityId.md +17 -0
  94. package/docs/api/functions/ensureIdentityPrivateVault.md +21 -0
  95. package/docs/api/functions/getDefaultWorkspaceDir.md +11 -0
  96. package/docs/api/functions/handleVaultHttpDispatch.md +30 -0
  97. package/docs/api/functions/identityPrivateVaultChildrenKey.md +17 -0
  98. package/docs/api/functions/identityPrivateVaultPrefix.md +17 -0
  99. package/docs/api/functions/identityPrivateVaultProfileKey.md +17 -0
  100. package/docs/api/functions/identityPrivateVaultPublicSealedKey.md +17 -0
  101. package/docs/api/functions/initializeVaultCustody.md +21 -0
  102. package/docs/api/functions/listIdentities.md +19 -0
  103. package/docs/api/functions/listVaults.md +23 -0
  104. package/docs/api/functions/readIdentityMetadata.md +29 -0
  105. package/docs/api/functions/readIdentityPrivateVaultChildrenState.md +21 -0
  106. package/docs/api/functions/readIdentityPrivateVaultProfile.md +21 -0
  107. package/docs/api/functions/readVaultProfile.md +25 -0
  108. package/docs/api/functions/readVaultPublicMetadata.md +23 -0
  109. package/docs/api/functions/recoverVault.md +58 -0
  110. package/docs/api/functions/recoverVaultWorkingKey.md +25 -0
  111. package/docs/api/functions/restoreIdentity.md +35 -0
  112. package/docs/api/functions/toOwnerHttpFlowBoundary.md +17 -0
  113. package/docs/api/functions/updateVaultMetadata.md +33 -0
  114. package/docs/api/functions/wrapVaultCoreAsVaultService.md +31 -0
  115. package/docs/api/functions/writeVaultProfile.md +29 -0
  116. package/docs/api/interfaces/AgentCapability.md +103 -0
  117. package/docs/api/interfaces/AgentClient.md +41 -0
  118. package/docs/api/interfaces/AgentDispatchIntent.md +41 -0
  119. package/docs/api/interfaces/AgentDispatchTransport.md +21 -0
  120. package/docs/api/interfaces/AgentIdentity.md +11 -0
  121. package/docs/api/interfaces/AgentIdentityRecord.md +23 -0
  122. package/docs/api/interfaces/AgentIdentityRegistry.md +57 -0
  123. package/docs/api/interfaces/AgentProof.md +29 -0
  124. package/docs/api/interfaces/AgentProofVerifier.md +21 -0
  125. package/docs/api/interfaces/AgentSigner.md +21 -0
  126. package/docs/api/interfaces/AuditEntry.md +89 -0
  127. package/docs/api/interfaces/AuditLog.md +37 -0
  128. package/docs/api/interfaces/AuditQuery.md +29 -0
  129. package/docs/api/interfaces/CapabilityRegistry.md +65 -0
  130. package/docs/api/interfaces/CapabilityRevocationRegistry.md +53 -0
  131. package/docs/api/interfaces/CbioRuntime.md +886 -0
  132. package/docs/api/interfaces/ChildIdentity.md +77 -0
  133. package/docs/api/interfaces/Clock.md +15 -0
  134. package/docs/api/interfaces/CreateAgentClientOptions.md +41 -0
  135. package/docs/api/interfaces/CreateChildIdentityOptions.md +19 -0
  136. package/docs/api/interfaces/CreateDefaultVaultCoreDependenciesOptions.md +85 -0
  137. package/docs/api/interfaces/CreateIdentityOptions.md +15 -0
  138. package/docs/api/interfaces/CreatePersistentVaultCoreDependenciesOptions.md +115 -0
  139. package/docs/api/interfaces/CreateVaultClientOptions.md +29 -0
  140. package/docs/api/interfaces/CreateVaultOptions.md +177 -0
  141. package/docs/api/interfaces/CreatedVault.md +39 -0
  142. package/docs/api/interfaces/CustomHttpFlowDefinition.md +71 -0
  143. package/docs/api/interfaces/CustomHttpFlowRegistry.md +41 -0
  144. package/docs/api/interfaces/DefaultPolicyEngineOptions.md +49 -0
  145. package/docs/api/interfaces/DeriveIdentityOptions.md +11 -0
  146. package/docs/api/interfaces/DispatchAuthorization.md +35 -0
  147. package/docs/api/interfaces/DispatchInstruction.md +47 -0
  148. package/docs/api/interfaces/DispatchRequest.md +77 -0
  149. package/docs/api/interfaces/DispatchResult.md +53 -0
  150. package/docs/api/interfaces/IStorageProvider.md +144 -0
  151. package/docs/api/interfaces/IdGenerator.md +39 -0
  152. package/docs/api/interfaces/IdentityPrivateVaultChildRecord.md +35 -0
  153. package/docs/api/interfaces/IdentityPrivateVaultChildrenState.md +17 -0
  154. package/docs/api/interfaces/IdentityPrivateVaultProfile.md +35 -0
  155. package/docs/api/interfaces/InitializeVaultCustodyOptions.md +29 -0
  156. package/docs/api/interfaces/InitializedVaultCustody.md +23 -0
  157. package/docs/api/interfaces/IssuerWriteSecretCommand.md +59 -0
  158. package/docs/api/interfaces/OwnerAuditRequest.md +47 -0
  159. package/docs/api/interfaces/OwnerDefineSecretTargetsCommand.md +53 -0
  160. package/docs/api/interfaces/OwnerDefineSecretTargetsInput.md +23 -0
  161. package/docs/api/interfaces/OwnerDeleteSecretCommand.md +47 -0
  162. package/docs/api/interfaces/OwnerExportSecretRequest.md +47 -0
  163. package/docs/api/interfaces/OwnerHttpFlowBoundary.md +51 -0
  164. package/docs/api/interfaces/OwnerIdentityRecord.md +23 -0
  165. package/docs/api/interfaces/OwnerIdentityRegistry.md +57 -0
  166. package/docs/api/interfaces/OwnerListAgentsRequest.md +41 -0
  167. package/docs/api/interfaces/OwnerListCapabilitiesRequest.md +47 -0
  168. package/docs/api/interfaces/OwnerProof.md +29 -0
  169. package/docs/api/interfaces/OwnerProofVerifier.md +181 -0
  170. package/docs/api/interfaces/OwnerRegisterAgentIdentityCommand.md +47 -0
  171. package/docs/api/interfaces/OwnerRegisterCapabilityCommand.md +47 -0
  172. package/docs/api/interfaces/OwnerRegisterCustomHttpFlowCommand.md +83 -0
  173. package/docs/api/interfaces/OwnerRevokeCapabilityCommand.md +53 -0
  174. package/docs/api/interfaces/OwnerSecretExport.md +35 -0
  175. package/docs/api/interfaces/OwnerSecretTargetBinding.md +35 -0
  176. package/docs/api/interfaces/OwnerStoreSecretInput.md +23 -0
  177. package/docs/api/interfaces/OwnerWriteSecretCommand.md +65 -0
  178. package/docs/api/interfaces/OwnerWriteSecretInput.md +29 -0
  179. package/docs/api/interfaces/PolicyEngine.md +81 -0
  180. package/docs/api/interfaces/RateLimitStore.md +33 -0
  181. package/docs/api/interfaces/RecoverVaultOptions.md +165 -0
  182. package/docs/api/interfaces/RecoveredVault.md +49 -0
  183. package/docs/api/interfaces/ReplayGuard.md +21 -0
  184. package/docs/api/interfaces/RestoreIdentityOptions.md +11 -0
  185. package/docs/api/interfaces/SecretAlias.md +11 -0
  186. package/docs/api/interfaces/SecretCustody.md +57 -0
  187. package/docs/api/interfaces/SecretId.md +11 -0
  188. package/docs/api/interfaces/SecretRecord.md +53 -0
  189. package/docs/api/interfaces/SecretRepository.md +69 -0
  190. package/docs/api/interfaces/SecretVersion.md +11 -0
  191. package/docs/api/interfaces/SignatureAgentProofVerifierOptions.md +21 -0
  192. package/docs/api/interfaces/Signer.md +31 -0
  193. package/docs/api/interfaces/TrustedExecutor.md +31 -0
  194. package/docs/api/interfaces/VaultAcquireSecretInput.md +53 -0
  195. package/docs/api/interfaces/VaultAcquireSecretResult.md +41 -0
  196. package/docs/api/interfaces/VaultAgentDispatchErrorResponse.md +25 -0
  197. package/docs/api/interfaces/VaultAgentDispatchRequest.md +75 -0
  198. package/docs/api/interfaces/VaultAgentDispatchResponse.md +17 -0
  199. package/docs/api/interfaces/VaultAuditQueryInput.md +29 -0
  200. package/docs/api/interfaces/VaultClient.md +234 -0
  201. package/docs/api/interfaces/VaultCore.md +311 -0
  202. package/docs/api/interfaces/VaultCoreDependencies.md +95 -0
  203. package/docs/api/interfaces/VaultCustomFlowResolver.md +25 -0
  204. package/docs/api/interfaces/VaultDeleteSecretInput.md +17 -0
  205. package/docs/api/interfaces/VaultExportSecretInput.md +17 -0
  206. package/docs/api/interfaces/VaultGrantCapabilityInput.md +17 -0
  207. package/docs/api/interfaces/VaultId.md +11 -0
  208. package/docs/api/interfaces/VaultIdentity.md +11 -0
  209. package/docs/api/interfaces/VaultListAgentsInput.md +11 -0
  210. package/docs/api/interfaces/VaultListCapabilitiesInput.md +17 -0
  211. package/docs/api/interfaces/VaultObject.md +33 -0
  212. package/docs/api/interfaces/VaultPrincipal.md +17 -0
  213. package/docs/api/interfaces/VaultProfile.md +23 -0
  214. package/docs/api/interfaces/VaultPublicMetadata.md +25 -0
  215. package/docs/api/interfaces/VaultRegisterAgentInput.md +23 -0
  216. package/docs/api/interfaces/VaultRegisterFlowInput.md +83 -0
  217. package/docs/api/interfaces/VaultRevokeCapabilityInput.md +23 -0
  218. package/docs/api/interfaces/VaultService.md +251 -0
  219. package/docs/api/interfaces/VaultSigner.md +21 -0
  220. package/docs/api/interfaces/VaultTargetBinding.md +35 -0
  221. package/docs/api/type-aliases/AgentCapabilityEnvelope.md +7 -0
  222. package/docs/api/type-aliases/CbioRuntimeModule.md +9 -0
  223. package/docs/api/type-aliases/IdentityPrivateVaultAccess.md +7 -0
  224. package/docs/api/type-aliases/RedactedResponseShape.md +7 -0
  225. package/docs/api/type-aliases/VaultAcquireSecretFlow.md +7 -0
  226. package/docs/api/type-aliases/VaultPrincipalKind.md +7 -0
  227. package/docs/api/type-aliases/VaultWriteSecretCommand.md +7 -0
  228. package/docs/api/variables/DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY.md +7 -0
  229. package/docs/zh/PROCESS_ISOLATION.md +58 -0
  230. package/docs/zh/README.md +5 -0
  231. package/examples/process-isolation.ts +155 -0
  232. package/package.json +10 -2
package/docs/api/functions/createDefaultVaultCoreDependencies.md ADDED
@@ -0,0 +1,77 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createDefaultVaultCoreDependencies()
6
+
7
+ > **createDefaultVaultCoreDependencies**(`options?`): `object`
8
+
9
+ ## Parameters
10
+
11
+ ### options?
12
+
13
+ [`CreateDefaultVaultCoreDependenciesOptions`](../interfaces/CreateDefaultVaultCoreDependenciesOptions.md) = `{}`
14
+
15
+ ## Returns
16
+
17
+ `object`
18
+
19
+ ### agentIdentities
20
+
21
+ > **agentIdentities**: [`InMemoryAgentIdentityRegistry`](../classes/InMemoryAgentIdentityRegistry.md)
22
+
23
+ ### audit
24
+
25
+ > **audit**: [`InMemoryAuditLog`](../classes/InMemoryAuditLog.md)
26
+
27
+ ### capabilities
28
+
29
+ > **capabilities**: [`InMemoryCapabilityRegistry`](../classes/InMemoryCapabilityRegistry.md)
30
+
31
+ ### clock
32
+
33
+ > **clock**: [`SystemClock`](../classes/SystemClock.md)
34
+
35
+ ### custody
36
+
37
+ > **custody**: [`InMemorySecretCustody`](../classes/InMemorySecretCustody.md)
38
+
39
+ ### customFlows
40
+
41
+ > **customFlows**: [`InMemoryCustomHttpFlowRegistry`](../classes/InMemoryCustomHttpFlowRegistry.md)
42
+
43
+ ### executor
44
+
45
+ > **executor**: [`HttpDispatchExecutor`](../classes/HttpDispatchExecutor.md)
46
+
47
+ ### ids
48
+
49
+ > **ids**: [`RandomIdGenerator`](../classes/RandomIdGenerator.md)
50
+
51
+ ### ownerIdentities
52
+
53
+ > **ownerIdentities**: [`InMemoryOwnerIdentityRegistry`](../classes/InMemoryOwnerIdentityRegistry.md)
54
+
55
+ ### ownerProofVerifier
56
+
57
+ > **ownerProofVerifier**: [`SignatureOwnerProofVerifier`](../classes/SignatureOwnerProofVerifier.md)
58
+
59
+ ### policy
60
+
61
+ > **policy**: [`DefaultPolicyEngine`](../classes/DefaultPolicyEngine.md)
62
+
63
+ ### proofVerifier
64
+
65
+ > **proofVerifier**: [`SignatureAgentProofVerifier`](../classes/SignatureAgentProofVerifier.md)
66
+
67
+ ### replayGuard
68
+
69
+ > **replayGuard**: [`InMemoryReplayGuard`](../classes/InMemoryReplayGuard.md)
70
+
71
+ ### secrets
72
+
73
+ > **secrets**: [`InMemorySecretRepository`](../classes/InMemorySecretRepository.md)
74
+
75
+ ### vaultId
76
+
77
+ > **vaultId**: [`VaultId`](../interfaces/VaultId.md)
package/docs/api/functions/createIdentity.md ADDED
@@ -0,0 +1,30 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createIdentity()
6
+
7
+ > **createIdentity**(`options?`): `CreatedIdentity`
8
+
9
+ Creates a new root identity with a fresh Ed25519 keypair.
10
+
11
+ ## Parameters
12
+
13
+ ### options?
14
+
15
+ [`CreateIdentityOptions`](../interfaces/CreateIdentityOptions.md)
16
+
17
+ Configuration for the new identity.
18
+
19
+ ## Returns
20
+
21
+ `CreatedIdentity`
22
+
23
+ A CreatedIdentity containing the ID and keys.
24
+
25
+ ## Example
26
+
27
+ ```ts
28
+ const identity = createIdentity({ nickname: 'my-agent' });
29
+ console.log(identity.identityId);
30
+ ```
package/docs/api/functions/createOwnerHttpFlowBoundary.md ADDED
@@ -0,0 +1,17 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createOwnerHttpFlowBoundary()
6
+
7
+ > **createOwnerHttpFlowBoundary**(`boundary`): [`OwnerHttpFlowBoundary`](../interfaces/OwnerHttpFlowBoundary.md)
8
+
9
+ ## Parameters
10
+
11
+ ### boundary
12
+
13
+ [`OwnerHttpFlowBoundary`](../interfaces/OwnerHttpFlowBoundary.md)
14
+
15
+ ## Returns
16
+
17
+ [`OwnerHttpFlowBoundary`](../interfaces/OwnerHttpFlowBoundary.md)
package/docs/api/functions/createPersistentVaultCoreDependencies.md ADDED
@@ -0,0 +1,85 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createPersistentVaultCoreDependencies()
6
+
7
+ > **createPersistentVaultCoreDependencies**(`storage`, `options`): `object`
8
+
9
+ ## Parameters
10
+
11
+ ### storage
12
+
13
+ [`IStorageProvider`](../interfaces/IStorageProvider.md)
14
+
15
+ ### options
16
+
17
+ [`CreatePersistentVaultCoreDependenciesOptions`](../interfaces/CreatePersistentVaultCoreDependenciesOptions.md)
18
+
19
+ ## Returns
20
+
21
+ `object`
22
+
23
+ ### agentIdentities
24
+
25
+ > **agentIdentities**: [`PersistentVaultAgentIdentityRegistry`](../classes/PersistentVaultAgentIdentityRegistry.md)
26
+
27
+ ### audit
28
+
29
+ > **audit**: [`PersistentVaultAuditLog`](../classes/PersistentVaultAuditLog.md)
30
+
31
+ ### capabilities
32
+
33
+ > **capabilities**: [`PersistentVaultCapabilityRegistry`](../classes/PersistentVaultCapabilityRegistry.md)
34
+
35
+ ### capabilityRevocations
36
+
37
+ > **capabilityRevocations**: [`CapabilityRevocationRegistry`](../interfaces/CapabilityRevocationRegistry.md)
38
+
39
+ ### clock
40
+
41
+ > **clock**: [`SystemClock`](../classes/SystemClock.md)
42
+
43
+ ### custody
44
+
45
+ > **custody**: [`PersistentVaultSecretCustody`](../classes/PersistentVaultSecretCustody.md)
46
+
47
+ ### customFlows
48
+
49
+ > **customFlows**: [`CustomHttpFlowRegistry`](../interfaces/CustomHttpFlowRegistry.md)
50
+
51
+ ### executor
52
+
53
+ > **executor**: [`HttpDispatchExecutor`](../classes/HttpDispatchExecutor.md)
54
+
55
+ ### ids
56
+
57
+ > **ids**: [`RandomIdGenerator`](../classes/RandomIdGenerator.md)
58
+
59
+ ### ownerIdentities
60
+
61
+ > **ownerIdentities**: [`PersistentVaultOwnerIdentityRegistry`](../classes/PersistentVaultOwnerIdentityRegistry.md)
62
+
63
+ ### ownerProofVerifier
64
+
65
+ > **ownerProofVerifier**: [`SignatureOwnerProofVerifier`](../classes/SignatureOwnerProofVerifier.md)
66
+
67
+ ### policy
68
+
69
+ > **policy**: [`DefaultPolicyEngine`](../classes/DefaultPolicyEngine.md)
70
+
71
+ ### proofVerifier
72
+
73
+ > **proofVerifier**: [`SignatureAgentProofVerifier`](../classes/SignatureAgentProofVerifier.md)
74
+
75
+ ### replayGuard
76
+
77
+ > **replayGuard**: [`ReplayGuard`](../interfaces/ReplayGuard.md)
78
+
79
+ ### secrets
80
+
81
+ > **secrets**: [`PersistentVaultSecretRepository`](../classes/PersistentVaultSecretRepository.md)
82
+
83
+ ### vaultId
84
+
85
+ > **vaultId**: [`VaultId`](../interfaces/VaultId.md)
package/docs/api/functions/createStandardAcquireBoundary.md ADDED
@@ -0,0 +1,31 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createStandardAcquireBoundary()
6
+
7
+ > **createStandardAcquireBoundary**(`input`): [`OwnerHttpFlowBoundary`](../interfaces/OwnerHttpFlowBoundary.md)
8
+
9
+ ## Parameters
10
+
11
+ ### input
12
+
13
+ #### method?
14
+
15
+ `string`
16
+
17
+ #### responseField
18
+
19
+ `"access_token"` \| `"refresh_token"` \| `"id_token"`
20
+
21
+ #### storeAlias
22
+
23
+ `string`
24
+
25
+ #### targetUrl
26
+
27
+ `string`
28
+
29
+ ## Returns
30
+
31
+ [`OwnerHttpFlowBoundary`](../interfaces/OwnerHttpFlowBoundary.md)
package/docs/api/functions/createStandardDispatchBoundary.md ADDED
@@ -0,0 +1,23 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createStandardDispatchBoundary()
6
+
7
+ > **createStandardDispatchBoundary**(`input`): [`OwnerHttpFlowBoundary`](../interfaces/OwnerHttpFlowBoundary.md)
8
+
9
+ ## Parameters
10
+
11
+ ### input
12
+
13
+ #### method
14
+
15
+ `string`
16
+
17
+ #### targetUrl
18
+
19
+ `string`
20
+
21
+ ## Returns
22
+
23
+ [`OwnerHttpFlowBoundary`](../interfaces/OwnerHttpFlowBoundary.md)
package/docs/api/functions/createVault.md ADDED
@@ -0,0 +1,58 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createVault()
6
+
7
+ ## Call Signature
8
+
9
+ > **createVault**(`storage`, `options`): `Promise`\<[`CreatedVault`](../interfaces/CreatedVault.md)\>
10
+
11
+ Creates and bootstraps a new persistent vault.
12
+
13
+ ### Parameters
14
+
15
+ #### storage
16
+
17
+ `string` \| [`IStorageProvider`](../interfaces/IStorageProvider.md)
18
+
19
+ Workspace storage (or path string) where vaults are stored.
20
+
21
+ #### options
22
+
23
+ [`CreateVaultOptions`](../interfaces/CreateVaultOptions.md)
24
+
25
+ Configuration including owner identity and metadata.
26
+
27
+ ### Returns
28
+
29
+ `Promise`\<[`CreatedVault`](../interfaces/CreatedVault.md)\>
30
+
31
+ A [CreatedVault](../interfaces/CreatedVault.md) instance.
32
+
33
+ ### Example
34
+
35
+ ```ts
36
+ const vault = await createVault({
37
+ ownerIdentity,
38
+ nickname: 'production-secrets'
39
+ });
40
+ ```
41
+
42
+ ## Call Signature
43
+
44
+ > **createVault**(`options`): `Promise`\<[`CreatedVault`](../interfaces/CreatedVault.md)\>
45
+
46
+ Creates a new vault using the default workspace storage.
47
+
48
+ ### Parameters
49
+
50
+ #### options
51
+
52
+ [`CreateVaultOptions`](../interfaces/CreateVaultOptions.md)
53
+
54
+ Configuration for the new vault.
55
+
56
+ ### Returns
57
+
58
+ `Promise`\<[`CreatedVault`](../interfaces/CreatedVault.md)\>
package/docs/api/functions/createVaultClient.md ADDED
@@ -0,0 +1,32 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createVaultClient()
6
+
7
+ > **createVaultClient**(`options`): [`VaultClient`](../interfaces/VaultClient.md)
8
+
9
+ Creates a [VaultClient](../interfaces/VaultClient.md) instance for a specific vault owner.
10
+
11
+ ## Parameters
12
+
13
+ ### options
14
+
15
+ [`CreateVaultClientOptions`](../interfaces/CreateVaultClientOptions.md)
16
+
17
+ Configuration including owner identity and the vault service.
18
+
19
+ ## Returns
20
+
21
+ [`VaultClient`](../interfaces/VaultClient.md)
22
+
23
+ An initialized [VaultClient](../interfaces/VaultClient.md).
24
+
25
+ ## Example
26
+
27
+ ```ts
28
+ const client = createVaultClient({
29
+ ownerIdentity,
30
+ vault
31
+ });
32
+ ```
package/docs/api/functions/createVaultCore.md ADDED
@@ -0,0 +1,17 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createVaultCore()
6
+
7
+ > **createVaultCore**(`deps`): [`VaultCore`](../interfaces/VaultCore.md)
8
+
9
+ ## Parameters
10
+
11
+ ### deps
12
+
13
+ [`VaultCoreDependencies`](../interfaces/VaultCoreDependencies.md)
14
+
15
+ ## Returns
16
+
17
+ [`VaultCore`](../interfaces/VaultCore.md)
package/docs/api/functions/createVaultService.md ADDED
@@ -0,0 +1,31 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createVaultService()
6
+
7
+ > **createVaultService**(`deps`, `options?`): [`VaultService`](../interfaces/VaultService.md)
8
+
9
+ ## Parameters
10
+
11
+ ### deps
12
+
13
+ [`VaultCoreDependencies`](../interfaces/VaultCoreDependencies.md)
14
+
15
+ ### options?
16
+
17
+ #### clock?
18
+
19
+ [`Clock`](../interfaces/Clock.md)
20
+
21
+ #### customFlows?
22
+
23
+ [`VaultCustomFlowResolver`](../interfaces/VaultCustomFlowResolver.md)
24
+
25
+ #### fetchImpl?
26
+
27
+ \{(`input`, `init?`): `Promise`\<`Response`\>; (`input`, `init?`): `Promise`\<`Response`\>; \}
28
+
29
+ ## Returns
30
+
31
+ [`VaultService`](../interfaces/VaultService.md)
package/docs/api/functions/createWorkspaceStorage.md ADDED
@@ -0,0 +1,17 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: createWorkspaceStorage()
6
+
7
+ > **createWorkspaceStorage**(`baseDir?`): [`FsStorageProvider`](../classes/FsStorageProvider.md)
8
+
9
+ ## Parameters
10
+
11
+ ### baseDir?
12
+
13
+ `string` = `...`
14
+
15
+ ## Returns
16
+
17
+ [`FsStorageProvider`](../classes/FsStorageProvider.md)
package/docs/api/functions/deriveChildIdentity.md ADDED
@@ -0,0 +1,41 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: deriveChildIdentity()
6
+
7
+ > **deriveChildIdentity**(`parent`, `childIndex`, `options?`): [`ChildIdentity`](../interfaces/ChildIdentity.md)
8
+
9
+ Deterministically derives a child identity from a parent's private key and an index.
10
+
11
+ ## Parameters
12
+
13
+ ### parent
14
+
15
+ `string` \| `CreatedIdentity`
16
+
17
+ The parent identity object or its private key string.
18
+
19
+ ### childIndex
20
+
21
+ `number`
22
+
23
+ A non-negative integer for derivation.
24
+
25
+ ### options?
26
+
27
+ [`DeriveIdentityOptions`](../interfaces/DeriveIdentityOptions.md) = `{}`
28
+
29
+ Optional nickname for the child.
30
+
31
+ ## Returns
32
+
33
+ [`ChildIdentity`](../interfaces/ChildIdentity.md)
34
+
35
+ A [ChildIdentity](../interfaces/ChildIdentity.md) with derivation metadata.
36
+
37
+ ## Example
38
+
39
+ ```ts
40
+ const child = deriveChildIdentity(parentIdentity, 0, { nickname: 'sub-agent-0' });
41
+ ```
package/docs/api/functions/deriveIdentityId.md ADDED
@@ -0,0 +1,17 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: deriveIdentityId()
6
+
7
+ > **deriveIdentityId**(`publicKey`): `string`
8
+
9
+ ## Parameters
10
+
11
+ ### publicKey
12
+
13
+ `string`
14
+
15
+ ## Returns
16
+
17
+ `string`
package/docs/api/functions/ensureIdentityPrivateVault.md ADDED
@@ -0,0 +1,21 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: ensureIdentityPrivateVault()
6
+
7
+ > **ensureIdentityPrivateVault**(`storage`, `identity`): `Promise`\<`void`\>
8
+
9
+ ## Parameters
10
+
11
+ ### storage
12
+
13
+ [`IStorageProvider`](../interfaces/IStorageProvider.md)
14
+
15
+ ### identity
16
+
17
+ `CreatedIdentity`
18
+
19
+ ## Returns
20
+
21
+ `Promise`\<`void`\>
package/docs/api/functions/getDefaultWorkspaceDir.md ADDED
@@ -0,0 +1,11 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: getDefaultWorkspaceDir()
6
+
7
+ > **getDefaultWorkspaceDir**(): `string`
8
+
9
+ ## Returns
10
+
11
+ `string`
package/docs/api/functions/handleVaultHttpDispatch.md ADDED
@@ -0,0 +1,30 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: handleVaultHttpDispatch()
6
+
7
+ > **handleVaultHttpDispatch**(`service`, `body`): `Promise`\<[`VaultAgentDispatchResponse`](../interfaces/VaultAgentDispatchResponse.md) \| [`VaultAgentDispatchErrorResponse`](../interfaces/VaultAgentDispatchErrorResponse.md)\>
8
+
9
+ Standard server-side helper to handle a vault agent dispatch request from an HTTP body.
10
+ This can be used in any HTTP server framework (Express, Fastify, etc.).
11
+
12
+ ## Parameters
13
+
14
+ ### service
15
+
16
+ [`VaultService`](../interfaces/VaultService.md)
17
+
18
+ The VaultService instance to handle the request.
19
+
20
+ ### body
21
+
22
+ `unknown`
23
+
24
+ The parsed JSON body of the incoming HTTP request.
25
+
26
+ ## Returns
27
+
28
+ `Promise`\<[`VaultAgentDispatchResponse`](../interfaces/VaultAgentDispatchResponse.md) \| [`VaultAgentDispatchErrorResponse`](../interfaces/VaultAgentDispatchErrorResponse.md)\>
29
+
30
+ A JSON-serializable response object.
package/docs/api/functions/identityPrivateVaultChildrenKey.md ADDED
@@ -0,0 +1,17 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: identityPrivateVaultChildrenKey()
6
+
7
+ > **identityPrivateVaultChildrenKey**(`identityId`): `string`
8
+
9
+ ## Parameters
10
+
11
+ ### identityId
12
+
13
+ `string`
14
+
15
+ ## Returns
16
+
17
+ `string`
package/docs/api/functions/identityPrivateVaultPrefix.md ADDED
@@ -0,0 +1,17 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: identityPrivateVaultPrefix()
6
+
7
+ > **identityPrivateVaultPrefix**(`identityId`): `string`
8
+
9
+ ## Parameters
10
+
11
+ ### identityId
12
+
13
+ `string`
14
+
15
+ ## Returns
16
+
17
+ `string`
package/docs/api/functions/identityPrivateVaultProfileKey.md ADDED
@@ -0,0 +1,17 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: identityPrivateVaultProfileKey()
6
+
7
+ > **identityPrivateVaultProfileKey**(`identityId`): `string`
8
+
9
+ ## Parameters
10
+
11
+ ### identityId
12
+
13
+ `string`
14
+
15
+ ## Returns
16
+
17
+ `string`
package/docs/api/functions/identityPrivateVaultPublicSealedKey.md ADDED
@@ -0,0 +1,17 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: identityPrivateVaultPublicSealedKey()
6
+
7
+ > **identityPrivateVaultPublicSealedKey**(`identityId`): `string`
8
+
9
+ ## Parameters
10
+
11
+ ### identityId
12
+
13
+ `string`
14
+
15
+ ## Returns
16
+
17
+ `string`
package/docs/api/functions/initializeVaultCustody.md ADDED
@@ -0,0 +1,21 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: initializeVaultCustody()
6
+
7
+ > **initializeVaultCustody**(`storage`, `options?`): `Promise`\<[`InitializedVaultCustody`](../interfaces/InitializedVaultCustody.md)\>
8
+
9
+ ## Parameters
10
+
11
+ ### storage
12
+
13
+ [`IStorageProvider`](../interfaces/IStorageProvider.md)
14
+
15
+ ### options?
16
+
17
+ [`InitializeVaultCustodyOptions`](../interfaces/InitializeVaultCustodyOptions.md) = `{}`
18
+
19
+ ## Returns
20
+
21
+ `Promise`\<[`InitializedVaultCustody`](../interfaces/InitializedVaultCustody.md)\>
package/docs/api/functions/listIdentities.md ADDED
@@ -0,0 +1,19 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: listIdentities()
6
+
7
+ > **listIdentities**(`storage`): `Promise`\<`any`[]\>
8
+
9
+ Lists all identities in the workspace with their discovery metadata.
10
+
11
+ ## Parameters
12
+
13
+ ### storage
14
+
15
+ [`IStorageProvider`](../interfaces/IStorageProvider.md)
16
+
17
+ ## Returns
18
+
19
+ `Promise`\<`any`[]\>
package/docs/api/functions/listVaults.md ADDED
@@ -0,0 +1,23 @@
1
+ [**CBIO Node Runtime Agent API v1.45.2**](../README.md)
2
+
3
+ ***
4
+
5
+ # Function: listVaults()
6
+
7
+ > **listVaults**(`storage`): `Promise`\<`object`[]\>
8
+
9
+ Lists all available vaults in the workspace by scanning for signed profiles.
10
+
11
+ ## Parameters
12
+
13
+ ### storage
14
+
15
+ [`IStorageProvider`](../interfaces/IStorageProvider.md)
16
+
17
+ The root workspace storage provider.
18
+
19
+ ## Returns
20
+
21
+ `Promise`\<`object`[]\>
22
+
23
+ A list of vault IDs and their public discovery metadata.