@the-ai-company/cbio-node-runtime 1.47.0 → 1.48.1

package/README.md

@@ -1,32 +1,19 @@
 # cbio Vault Runtime
 
-Node.js vault runtime with a hard-cut architecture: vault core first, explicit clients second.
+Node.js vault runtime with a **Sovereign Vault** architecture: authority is rooted in a master password, and agent identities are fully managed within the vault's encrypted storage.
 
 **Source:** [https://github.com/TheAICompany/cbio-node-runtime](https://github.com/TheAICompany/cbio-node-runtime)
 
-## Documentation / 文档 / ドキュメント / 문서 / Docs
-
-- [English](README.md)
-- [Custody Model](docs/CUSTODY_MODEL.md)
-- [Identity Model](docs/IDENTITY_MODEL.md)
-- [Process Isolation (A/B Architecture)](docs/PROCESS_ISOLATION.md)
-- [中文](docs/zh/README.md)
-- [日本語](docs/ja/README.md)
-- [한국어](docs/ko/README.md)
-- [Español](docs/es/README.md)
-- [Português](docs/pt/README.md)
-- [Français](docs/fr/README.md)
-
 ---
 
-- No CLI
-- No TUI
+## Key Features
 
-Main export now centers on:
-- identity creation and recovery
-- persistent vault bootstrap and recovery
-- owner and agent clients
-- owner flow-boundary helpers
+- **No CLI / No TUI**: Pure library for integration into Node.js applications.
+- **Authority-centric**: Administrative control is tied to the vault's master password, not an external identity.
+- **Managed Agent Custody**: Generate and store agent private keys securely inside the vault.
+- **Agent Session Tokens**: Issue revocable, short-lived (or long-lived) tokens for agents to avoid handling raw private keys.
+- **Process Isolation**: Hard separation between the Security Process (Master) and Agent Processes (Consumers).
+- **Zero-Leak Discovery**: Vault metadata is fully encrypted and hidden until unlocked.
 
 ## Install
 
@@ -38,267 +25,153 @@ npm install @the-ai-company/cbio-node-runtime
 
 ## Usage
 
-```ts
-import {
-  createChildIdentity,
-  createIdentity,
-  createWorkspaceStorage,
-  ensureIdentityPrivateVault,
-  readIdentityPrivateVaultProfile,
-  readIdentityPrivateVaultChildrenState,
-  restoreIdentity,
-  createVault,
-  recoverVault,
-  createOwnerHttpFlowBoundary,
-  createStandardAcquireBoundary,
-  createVaultClient,
-  createAgentClient,
-  FsStorageProvider,
-} from '@the-ai-company/cbio-node-runtime';
-```
+### 1. Bootstrap a New Vault
 
-Identity restore example:
+The Sovereign Vault requires only a storage provider and a master password.
 
 ```ts
-const identity = restoreIdentity(existingPrivateKey);
-```
+import { 
+  createVault, 
+  FsStorageProvider, 
+  createWorkspaceStorage 
+} from '@the-ai-company/cbio-node-runtime';
 
-Child identity example:
+const storage = new FsStorageProvider('./my-vaults');
 
-```ts
-const rootIdentity = createIdentity({ nickname: 'root' });
-await ensureIdentityPrivateVault(storage, rootIdentity);
-const childIdentity = await createChildIdentity(storage, rootIdentity, {
-  nickname: 'worker-1',
+const myVault = await createVault(storage, {
+  vaultId: 'main-vault',
+  password: 'your-secure-password',
+  nickname: 'Production Vault'
 });
 
-// Enumerate Discovery
-const identities = await listIdentities(storage);
-const vaults = await listVaults(storage);
-
-const profile = await readIdentityMetadata(storage, identities[0].identityId); // Public Discovery
-const fullProfile = await readIdentityMetadata(storage, rootIdentity.identityId, rootIdentity.privateKey); // Full Authorized Profile
-const children = await readIdentityPrivateVaultChildrenState(storage, rootIdentity.privateKey);
+console.log(`Vault created: ${myVault.nickname}`);
 ```
 
-Vaults also support standardized public metadata for discovery:
- 
- ```ts
- import { type VaultPublicMetadata } from '@the-ai-company/cbio-node-runtime';
-
- const publicMetadata: VaultPublicMetadata = {
-   displayName: 'Primary Vault',
-   tags: ['production', 'main'],
- };
-
- const createdVault = await createVault({
-   ownerIdentity: rootIdentity,
-   nickname: 'main-vault',
-   publicMetadata,
- });
- ```
-
-If you want to override the default workspace directory:
+### 2. Recover an Existing Vault
 
 ```ts
-const storage = createWorkspaceStorage('/tmp/cbio');
-const createdVault = await createVault(storage, {
-  ownerIdentity: rootIdentity,
-  nickname: 'main-vault',
+import { recoverVault, FsStorageProvider } from '@the-ai-company/cbio-node-runtime';
+
+const vault = await recoverVault(storage, {
+  vaultId: 'main-vault',
+  password: 'your-secure-password'
 });
 ```
 
-The workspace root can contain many vaults. Each vault is physically divided into `vault/sealed/` (encrypted)### Storage Management
-
-By default, the SDK uses a local directory (e.g., `~/cbio/`) as the **Workspace Root**.
-- `createVault({ ... })`: Automatically creates a sub-directory `vaults/<vault-id>/` and returns a **Prefixed Storage** anchored to that sub-directory.
-- **Important**: When you receive a `storage` object from `createVault`, it is already pointing *inside* the vault's own space. Subsequent calls to `recoverVault` or other high-level APIs using this storage will resolve paths correctly relative to this anchor.
-
-### CRUD & Metadata
-The SDK provides a complete lifecycle for vaults and secrets:
-1. **Creation**: `createVault`
-2. **Discovery/Read**: `listVaults`, `recoverVault`
-3. **Update**: `updateVaultMetadata` (e.g., for nicknames)
-4. **Management**: `listAgents`, `listCapabilities`, `revokeCapability` (via Client)
-5. **Deletion**: `deleteSecret` (via Client) or manual storage cleanup for entire vaults.
-
- and `vault/public/` (signed discovery).
- 
- Every identity also has its own private namespace for encrypted metadata, and a companion discovery area for public information.
-
-## Architecture
-
-Core terms:
-
-- `identity`
-  An external principal represented by a public/private keypair.
-- `owner`
-  The single admin role that a vault binds to one identity.
-- `agent`
-  A delegated role that a vault binds to an identity registered by the owner.
-
-Important role rule:
-
-- outside the vault there are only identities
-- inside a specific vault, those identities may be bound to roles such as `owner` or `agent`
-- root identities are independent
-- child identities may be deterministically derived from a parent identity
-
-The public runtime surface follows four hard rules:
-
-1. Secret plaintext lives only in vault core.
-2. Only owner and vault-trusted acquisition paths may write secrets.
-3. Secrets are dispatched only to owner-approved or issuer-bound targets.
-4. Vault validates and audits everything.
-
-The current HTTP-facing interface distinguishes two supported secret-flow classes:
-
-- `A` / `acquire_secret`
-  No secret leaves the vault. A secret is extracted from the response and stored into the vault. Agent-visible output includes only protocol metadata plus a redacted response shape.
-- `B` / `send_secret`
-  A stored secret is sent to an owner-approved target. The response is treated as normal business output and may be returned to the agent.
+### 3. Managed Agent Identities
 
-This is an intentional boundary choice:
+You can generate and register agents directly within the vault. The vault holds the private keys for full custody.
 
-- acquisition responses are treated as sensitive because they may contain newly issued secret material
-- dispatch responses are treated as ordinary protocol results because the operation itself is a standard secret-backed HTTP call to an owner-approved target
-
-The vault does not attempt to second-guess every remote protocol. If a target returns sensitive data during a normal dispatch flow, that is part of the target contract and the owner's authorization decision.
-
-The runtime does not claim to understand arbitrary remote protocols. The API boundary makes clear what is supported:
-
-- acquisition is explicit and redacted
-- secret-backed dispatch is explicit and capability-gated
-- unsupported `C` / `D` style flows are not part of the current surface
-
-Owner-defined HTTP boundaries share one factory layer:
-
-- `createOwnerHttpFlowBoundary(...)`
-- `createStandardAcquireBoundary(...)`
-- `createStandardDispatchBoundary(...)`
-
-An owner-defined exception path also exists for non-standard but intentional integrations:
-
-- owner may register a `custom_http` flow
-- the flow fixes mode, target, method, and response visibility inside the vault
-- agent may only invoke the registered `customFlowId`
-- this is an explicit escape hatch, not the default path
+```ts
+import { createVaultClient } from '@the-ai-company/cbio-node-runtime';
 
-## Status
+const client = createVaultClient({ vault: vault.vault });
 
-The old identity-centric runtime is no longer the intended public architecture.
-This package now exposes the production local vault runtime surface as the primary API.
+// Generate and register a new agent in one step
+const [agentRecord, agentPrivateKey] = await client.createAgent({
+  agentId: 'worker-1',
+  nickname: 'Background Worker'
+});
 
-## Example Shape
+console.log(`Agent public key: ${agentRecord.publicKey}`);
+// Private key is returned during creation and stored securely in the vault.
 
-```ts
-const ownerIdentity = createIdentity({ nickname: 'owner-main' });
-const agentIdentity = createIdentity({ nickname: 'agent-worker' });
-const createdVault = await createVault({ ownerIdentity });
-const client = createVaultClient({ ownerIdentity, vault: createdVault.vault });
-const agent = createAgentClient({ agentIdentity, capability, vault: createdVault.vault });
+// 4. Issue a Session Token (Optional but Recommended)
+// Avoid passing the raw private key to agent processes.
+const session = await client.issueSessionToken({ agentId: 'worker-1' });
+console.log(`Session Token: ${session.token}`);
 ```
 
-Owner API example:
+### 5. Secret Management (Owner)
 
 ```ts
-const storedSecret = await client.storeSecret({
+// Write a secret and bind it to a target site
+const record = await client.writeSecret({
   alias: 'api-token',
-  plaintext: 'secret-value',
+  plaintext: 'super-secret-value',
+  targetBindings: [{
+    kind: 'site',
+    targetId: 'my-api',
+    targetUrl: 'https://api.example.com/endpoint',
+    methods: ['POST']
+  }]
 });
 
-await client.defineSecretTargets({
-  alias: storedSecret.alias.value,
-  targetBindings: [
-    {
-      kind: 'site',
-      targetId: 'api.example.com',
-      targetUrl: 'https://api.example.com/endpoint',
-      methods: ['POST'],
-    },
-  ],
+// 4. Grant agent capabilities (Simplified Flattened API)
+await client.grantCapability({
+  agentId: 'worker-1',
+  secretAliases: ['api-token'],
+  allowedTargets: ['https://api.example.com/*'],
+  requiresApproval: true // Enable Human-in-the-Loop
 });
 ```
 
-`writeSecret(...)` is the one-step variant and requires `targetBindings`.
+### 6. Consuming Secrets (Agent)
 
-Capability example:
+Agents run in isolated processes and communicate with the vault via a transport. They can use either a **Session Token** (recommended) or a **Signature** (raw private key).
 
+#### Using a Session Token (Stateless/Token-based)
 ```ts
-const capability = {
-  vaultId: vault.vaultId,
-  capabilityId: 'cap-1',
-  agentId: agentIdentity.identityId,
-  secretAliases: ['api-token'],
-  operation: 'dispatch_http',
-  allowedTargets: ['https://api.example.com/endpoint'],
-  allowedMethods: ['POST'],
-  issuedAt: new Date().toISOString(),
-};
+import { createAgentClient } from '@the-ai-company/cbio-node-runtime';
 
-await client.grantCapability({ capability });
-```
+const agent = createAgentClient({
+  agentIdentity: { agentId: 'worker-1' },
+  capability: myCapability, 
+  token: session.token,     // Issued by the owner
+  vault: vault.vault
+});
 
-Custom flow example:
+const result = await agent.dispatch({ ... });
+```
 
+#### Using a Signature (Stateful/Key-based)
 ```ts
-await client.registerFlow({
-  flowId: 'custom-status-read',
-  ...createOwnerHttpFlowBoundary({
-    mode: 'send_secret',
-    targetUrl: 'https://api.example.com/custom-status',
-    method: 'POST',
-    responseVisibility: 'shape_only',
-  }),
+import { createAgentClient, LocalSigner } from '@the-ai-company/cbio-node-runtime';
+
+const agent = createAgentClient({
+  agentIdentity: { agentId: 'worker-1' },
+  capability: myCapability,
+  signer: new LocalSigner({ privateKey: agentPrivateKey }),
+  vault: vault.vault
 });
 ```
 
-Acquisition example:
+---
 
-```ts
-const acquireBoundary = createStandardAcquireBoundary({
-  targetUrl: 'https://issuer.example.com/token',
-  responseField: 'access_token',
-  storeAlias: 'issuer-token',
-});
+## Documentation
 
-const acquired = await vault.acquireSecret({
-  alias: acquireBoundary.responseSecret.storeAlias,
-  issuerId: 'issuer-1',
-  url: acquireBoundary.targetUrl,
-  flow: 'oauth_token_response.access_token',
-  method: acquireBoundary.method,
-});
+- [Custody Model](docs/CUSTODY_MODEL.md) - Understanding managed agency and key storage.
+- [Process Isolation](docs/PROCESS_ISOLATION.md) - Guidelines for A/B architecture.
 
-console.log(acquired.responseShape);
-// { token_type: 'Bearer', expires_in: 3600, scope: 'read write' }
+## Architecture Rules
 
-const exported = await client.exportSecret({
-  alias: 'issuer-token',
-});
+1. **Secret Isolation**: Plane-text secrets never leave the Security Process.
+2. **Authority Root**: The master password is the only source of administrative authority.
+3. **Auditability**: Every administrative and agent action is recorded in the vault's audit log under the `vault-master` or agent principal.
+4. **Binary Discovery**: Either the vault is unlocked and visible, or it is a silent directory of encrypted shards.
 
-console.log(exported.plaintext);
-```
+### Human-in-the-Loop (HITL) Workflow
 
-Persistent custody bootstrap example:
+If a capability is granted with `requiresApproval: true`, the agent's dispatch will be paused until an owner approves it:
 
 ```ts
-const ownerIdentity = createIdentity({ nickname: 'owner-main' });
-const storage = new FsStorageProvider('/tmp/cbio-vault');
-const createdVault = await createVault(storage, {
-  vaultId: 'vault-persistent',
-  ownerIdentity,
-});
-
-const recoveredVault = await recoverVault(storage, {
-  vaultId: 'vault-persistent',
-  ownerIdentity,
-});
+// In Agent process
+const result = await agent.dispatch({ ... });
+if (result.status === 'PENDING') {
+  console.log("Waiting for owner approval...");
+}
+
+// In Owner process (GUI or Script)
+const pending = await client.listPendingDispatches();
+if (pending.length > 0) {
+  // Inspect and approve the request
+  await client.approveDispatch(pending[0].requestId);
+}
 ```
 
-## Build
+## Build & Test
 
 ```bash
 npm run build
-npm run test
+npm test
 ```

package/dist/clients/agent/client.d.ts

@@ -34,6 +34,7 @@ export interface CreateAgentClientOptions {
     vault?: VaultService;
     transport?: AgentDispatchTransport;
     signer?: AgentSigner;
+    token?: string;
     clock?: Clock;
 }
 /**

package/dist/clients/agent/client.js

@@ -19,17 +19,29 @@ class DefaultAgentClient {
     _signer;
     _transport;
     _clock;
-    constructor(_identity, _capability, _signer, _transport, _clock) {
+    _token;
+    constructor(_identity, _capability, _signer, _transport, _clock, _token) {
         this._identity = _identity;
         this._capability = _capability;
         this._signer = _signer;
         this._transport = _transport;
         this._clock = _clock;
+        this._token = _token;
     }
     async dispatch(intent) {
         const requestedAt = intent.requestedAt ?? this._clock.nowIso();
         const requestId = `${this._identity.agentId}:${requestedAt}:${intent.secretAlias ?? "no-secret"}:${intent.method}`;
-        const signature = await this._signer.sign(createDispatchBinding(requestId, requestedAt, this._identity.agentId, this._capability.capabilityId, intent.secretAlias, intent.targetUrl, intent.method, intent.body));
+        let signature;
+        if (this._token) {
+            // Use token-based authentication
+        }
+        else {
+            // Use signature-based authentication
+            if (!this._signer) {
+                throw new Error("AgentClient: signer required for signature-based authentication when no token is provided");
+            }
+            signature = await this._signer.sign(createDispatchBinding(requestId, requestedAt, this._identity.agentId, this._capability.capabilityId, intent.secretAlias, intent.targetUrl, intent.method, intent.body));
+        }
         return this._transport.dispatch({
             vaultId: this._capability.vaultId,
             requestId,
@@ -53,10 +65,12 @@ class DefaultAgentClient {
                 revocationVersion: this._capability.revocationVersion,
                 rateLimit: this._capability.rateLimit,
                 auditRequired: this._capability.auditRequired,
+                requiresApproval: this._capability.requiresApproval,
             },
             proof: {
                 agentId: this._identity.agentId,
                 signature,
+                token: this._token,
                 requestId,
                 requestedAt,
             },
@@ -74,14 +88,17 @@ function isCreateAgentClientOptions(value) {
 function isCreatedIdentity(value) {
     return "privateKey" in value && "publicKey" in value;
 }
-function resolveAgentSigner(identity, signer) {
-    if (signer) {
-        return signer;
+function resolveAgentSigner(options) {
+    if (options.signer) {
+        return options.signer;
     }
-    if (isCreatedIdentity(identity)) {
-        return new LocalSigner(identity);
+    if (isCreatedIdentity(options.agentIdentity)) {
+        return new LocalSigner(options.agentIdentity);
     }
-    throw new Error("createAgentClient() requires signer when agentIdentity does not include keys");
+    if (options.token) {
+        return undefined; // No signer needed if token is present
+    }
+    throw new Error("createAgentClient() requires signer or private key when no session token is provided");
 }
 function resolveAgentIdentity(options) {
     return "agentId" in options.agentIdentity
@@ -116,6 +133,6 @@ export function createAgentClient(options) {
     if (!isCreateAgentClientOptions(options)) {
         throw new Error("createAgentClient() requires a single options object");
     }
-    return new DefaultAgentClient(resolveAgentIdentity(options), options.capability, resolveAgentSigner(options.agentIdentity, options.signer), resolveAgentTransport(options), options.clock ?? new SystemClock());
+    return new DefaultAgentClient(resolveAgentIdentity(options), options.capability, resolveAgentSigner(options), resolveAgentTransport(options), options.clock ?? new SystemClock(), options.token);
 }
 //# sourceMappingURL=client.js.map

package/dist/clients/agent/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/clients/agent/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD,OAAO,EAAE,WAAW,EAAc,MAAM,2BAA2B,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AA8CtE,SAAS,qBAAqB,CAC5B,SAAiB,EACjB,WAAmB,EACnB,OAAe,EACf,YAAoB,EACpB,WAA+B,EAC/B,SAAiB,EACjB,MAAc,EACd,IAAa;IAEb,OAAO,IAAI,CAAC,SAAS,CAAC;QACpB,SAAS;QACT,WAAW;QACX,OAAO;QACP,YAAY;QACZ,WAAW,EAAE,WAAW,IAAI,IAAI;QAChC,SAAS;QACT,MAAM;QACN,IAAI,EAAE,IAAI,IAAI,IAAI;KACnB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,kBAAkB;IAEH;IACA;IACA;IACA;IACA;IALnB,YACmB,SAAwB,EACxB,WAAoC,EACpC,OAAoB,EACpB,UAAkC,EAClC,MAAa;QAJb,cAAS,GAAT,SAAS,CAAe;QACxB,gBAAW,GAAX,WAAW,CAAyB;QACpC,YAAO,GAAP,OAAO,CAAa;QACpB,eAAU,GAAV,UAAU,CAAwB;QAClC,WAAM,GAAN,MAAM,CAAO;IAC7B,CAAC;IAEJ,KAAK,CAAC,QAAQ,CAAC,MAA2B;QACxC,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC/D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,IAAI,MAAM,CAAC,WAAW,IAAI,WAAW,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QACnH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CACvC,qBAAqB,CACnB,SAAS,EACT,WAAW,EACX,IAAI,CAAC,SAAS,CAAC,OAAO,EACtB,IAAI,CAAC,WAAW,CAAC,YAAY,EAC7B,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,IAAI,CACZ,CACF,CAAC;QAEF,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;YAC9B,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;YACjC,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;aAC3B;YACD,UAAU,EAAE;gBACV,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;gBACjC,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,YAAY;gBAC3C,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;gBACjC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC,aAAa;gBAC7C,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,cAAc;gBAC/C,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,cAAc;gBAC/C,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,YAAY;gBAC3C,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,QAAQ;gBACnC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,iBAAiB,EAAE,IAAI,CAAC,WAAW,CAAC,iBAAiB;gBACrD,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC,aAAa;aAC9C;YACD,KAAK,EAAE;gBACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;gBAC/B,SAAS;gBACT,SAAS;gBACT,WAAW;aACZ;YACD,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,IAAI,EAAE,MAAM,CAAC,IAAI;SAClB,CAAC,CAAC;IACL,CAAC;CACF;AAED,SAAS,0BAA0B,CAAC,KAAc;IAChD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,eAAe,IAAI,KAAK,IAAI,YAAY,IAAI,KAAK,CAAC;AAC1G,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAsC;IAC/D,OAAO,YAAY,IAAI,KAAK,IAAI,WAAW,IAAI,KAAK,CAAC;AACvD,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAyC,EAAE,MAAoB;IACzF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChC,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAC;AAClG,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAiC;IAC7D,OAAO,SAAS,IAAI,OAAO,CAAC,aAAa;QACvC,CAAC,CAAC,OAAO,CAAC,aAAa;QACvB,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,aAAa,CAAC,UAAU,EAAE,CAAC;AACpD,CAAC;AAED,SAAS,qBAAqB,CAC5B,OAAiC;IAEjC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;QACtB,OAAO,OAAO,CAAC,SAAS,CAAC;IAC3B,CAAC;IACD,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,OAAO,IAAI,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACrE,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAiC;IACjE,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,IAAI,kBAAkB,CAC3B,oBAAoB,CAAC,OAAO,CAAC,EAC7B,OAAO,CAAC,UAAU,EAClB,kBAAkB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,MAAM,CAAC,EACzD,qBAAqB,CAAC,OAAO,CAAC,EAC9B,OAAO,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,CACnC,CAAC;AACJ,CAAC"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/clients/agent/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD,OAAO,EAAE,WAAW,EAAc,MAAM,2BAA2B,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AA+CtE,SAAS,qBAAqB,CAC5B,SAAiB,EACjB,WAAmB,EACnB,OAAe,EACf,YAAoB,EACpB,WAA+B,EAC/B,SAAiB,EACjB,MAAc,EACd,IAAa;IAEb,OAAO,IAAI,CAAC,SAAS,CAAC;QACpB,SAAS;QACT,WAAW;QACX,OAAO;QACP,YAAY;QACZ,WAAW,EAAE,WAAW,IAAI,IAAI;QAChC,SAAS;QACT,MAAM;QACN,IAAI,EAAE,IAAI,IAAI,IAAI;KACnB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,kBAAkB;IAEH;IACA;IACA;IACA;IACA;IACA;IANnB,YACmB,SAAwB,EACxB,WAAoC,EACpC,OAAgC,EAChC,UAAkC,EAClC,MAAa,EACb,MAAe;QALf,cAAS,GAAT,SAAS,CAAe;QACxB,gBAAW,GAAX,WAAW,CAAyB;QACpC,YAAO,GAAP,OAAO,CAAyB;QAChC,eAAU,GAAV,UAAU,CAAwB;QAClC,WAAM,GAAN,MAAM,CAAO;QACb,WAAM,GAAN,MAAM,CAAS;IAC/B,CAAC;IAEJ,KAAK,CAAC,QAAQ,CAAC,MAA2B;QACxC,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC/D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,WAAW,IAAI,MAAM,CAAC,WAAW,IAAI,WAAW,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAEnH,IAAI,SAA6B,CAAC;QAClC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,iCAAiC;QACnC,CAAC;aAAM,CAAC;YACN,qCAAqC;YACrC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CAAC,2FAA2F,CAAC,CAAC;YAC/G,CAAC;YACD,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CACjC,qBAAqB,CACnB,SAAS,EACT,WAAW,EACX,IAAI,CAAC,SAAS,CAAC,OAAO,EACtB,IAAI,CAAC,WAAW,CAAC,YAAY,EAC7B,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,IAAI,CACZ,CACF,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;YAC9B,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;YACjC,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;aAC3B;YACD,UAAU,EAAE;gBACV,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;gBACjC,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,YAAY;gBAC3C,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO;gBACjC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC,aAAa;gBAC7C,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,cAAc;gBAC/C,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,cAAc;gBAC/C,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,YAAY;gBAC3C,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,QAAQ;gBACnC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,iBAAiB,EAAE,IAAI,CAAC,WAAW,CAAC,iBAAiB;gBACrD,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS;gBACrC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC,aAAa;gBAC7C,gBAAgB,EAAE,IAAI,CAAC,WAAW,CAAC,gBAAgB;aACpD;YACD,KAAK,EAAE;gBACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;gBAC/B,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,MAAM;gBAClB,SAAS;gBACT,WAAW;aACZ;YACD,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,IAAI,EAAE,MAAM,CAAC,IAAI;SAClB,CAAC,CAAC;IACL,CAAC;CACF;AAED,SAAS,0BAA0B,CAAC,KAAc;IAChD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,eAAe,IAAI,KAAK,IAAI,YAAY,IAAI,KAAK,CAAC;AAC1G,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAsC;IAC/D,OAAO,YAAY,IAAI,KAAK,IAAI,WAAW,IAAI,KAAK,CAAC;AACvD,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAiC;IAC3D,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO,OAAO,CAAC,MAAM,CAAC;IACxB,CAAC;IACD,IAAI,iBAAiB,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;QAC7C,OAAO,IAAI,WAAW,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAChD,CAAC;IACD,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,OAAO,SAAS,CAAC,CAAC,uCAAuC;IAC3D,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAC;AAC1G,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAiC;IAC7D,OAAO,SAAS,IAAI,OAAO,CAAC,aAAa;QACvC,CAAC,CAAC,OAAO,CAAC,aAAa;QACvB,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,aAAa,CAAC,UAAU,EAAE,CAAC;AACpD,CAAC;AAED,SAAS,qBAAqB,CAC5B,OAAiC;IAEjC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;QACtB,OAAO,OAAO,CAAC,SAAS,CAAC;IAC3B,CAAC;IACD,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,OAAO,IAAI,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACrE,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAiC;IACjE,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,IAAI,kBAAkB,CAC3B,oBAAoB,CAAC,OAAO,CAAC,EAC7B,OAAO,CAAC,UAAU,EAClB,kBAAkB,CAAC,OAAO,CAAC,EAC3B,qBAAqB,CAAC,OAAO,CAAC,EAC9B,OAAO,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,EAClC,OAAO,CAAC,KAAK,CACd,CAAC;AACJ,CAAC"}

package/dist/clients/owner/client.js

@@ -131,10 +131,21 @@ class DefaultVaultClient {
     }
     async grantCapability(input) {
         const requestedAt = input.requestedAt ?? this._clock.nowIso();
-        const requestId = `${this._identityId}:${requestedAt}:${input.capability.capabilityId}:register_capability`;
+        const capabilityId = input.capabilityId ?? `cap_${crypto.randomUUID()}`;
+        const requestId = `${this._identityId}:${requestedAt}:${capabilityId}:register_capability`;
         const capability = {
-            ...input.capability,
             vaultId: this._vault.vaultId,
+            agentId: input.agentId,
+            capabilityId,
+            operation: input.operation ?? "dispatch_http",
+            secretAliases: input.secretAliases ? [...input.secretAliases] : [],
+            allowedTargets: input.allowedTargets ? [...input.allowedTargets] : [],
+            allowedMethods: input.allowedMethods ? [...input.allowedMethods] : [],
+            allowedPaths: input.allowedPaths ? [...input.allowedPaths] : [],
+            rateLimit: input.rateLimit,
+            auditRequired: input.auditRequired,
+            requiresApproval: input.requiresApproval,
+            issuedAt: requestedAt,
         };
         await this._vault.registerCapability({
             vaultId: this._vault.vaultId,
@@ -225,6 +236,50 @@ class DefaultVaultClient {
             capabilityId: input.capabilityId,
         });
     }
+    async issueSessionToken(input) {
+        const requestedAt = input.requestedAt ?? this._clock.nowIso();
+        const requestId = `${this._identityId}:${requestedAt}:issue_session_token`;
+        return this._vault.issueSessionToken({
+            vaultId: this._vault.vaultId,
+            actor: {
+                kind: "owner",
+                id: this._identityId,
+            },
+            agentId: input.agentId,
+            requestId,
+            requestedAt,
+        });
+    }
+    async revokeSessionToken(input) {
+        return this._vault.revokeSessionToken({
+            vaultId: this._vault.vaultId,
+            actor: {
+                kind: "owner",
+                id: this._identityId,
+            },
+            token: input.token,
+        });
+    }
+    async listPendingDispatches() {
+        return this._vault.listPendingDispatches({
+            vaultId: this._vault.vaultId,
+            owner: { kind: "owner", id: this._identityId },
+        });
+    }
+    async approveDispatch(requestId) {
+        return this._vault.approveDispatch({
+            vaultId: this._vault.vaultId,
+            requestId,
+            owner: { kind: "owner", id: this._identityId },
+        });
+    }
+    async rejectDispatch(requestId) {
+        return this._vault.rejectDispatch({
+            vaultId: this._vault.vaultId,
+            requestId,
+            owner: { kind: "owner", id: this._identityId },
+        });
+    }
 }
 function isCreateVaultClientOptions(value) {
     return typeof value === "object" && value !== null && "vault" in value;

package/dist/clients/owner/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/clients/owner/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,cAAc,EAAwB,MAAM,2BAA2B,CAAC;AACjF,OAAO,EAAE,WAAW,EAAc,MAAM,2BAA2B,CAAC;AAsGpE,MAAM,eAAe,GAAG,cAAc,CAAC;AAEvC,MAAM,kBAAkB;IAIH;IACA;IACA;IACA;IANF,WAAW,CAAS;IAErC,YACmB,MAAoB,EACpB,SAAyB,EACzB,OAAqB,EACrB,SAAgB,IAAI,WAAW,EAAE;QAHjC,WAAM,GAAN,MAAM,CAAc;QACpB,cAAS,GAAT,SAAS,CAAgB;QACzB,YAAO,GAAP,OAAO,CAAc;QACrB,WAAM,GAAN,MAAM,CAA2B;QAElD,IAAI,CAAC,WAAW,GAAG,SAAS,EAAE,UAAU,IAAI,eAAe,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAA4B;QAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QAEnF,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;YAC7B,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc,EAAE,EAAE;YAClB,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,KAAoC;QAC5D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,wBAAwB,CAAC;QAC5F,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC;YACrC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,cAAc;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAA4B;QAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QACnF,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;YAC7B,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,QAA8B,EAAE;QAC9C,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,aAAa,CAAC;QAElE,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;YAC3B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK;YACL,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAA6B;QAC9C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,gBAAgB,CAAC;QAEpF,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YAC9B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,KAA8B;QAChD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,0BAA0B,CAAC;QAChG,MAAM,aAAa,GAAG;YACpB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;SACzB,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACtC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,aAAa;YACb,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAA4B;QAC5C,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG;YACb,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS,EAAE,QAAQ,CAAC,SAAS;YAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;SACzB,CAAC;QAEF,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACjC,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,UAAU,CAAU,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,KAAgC;QACpD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,UAAU,CAAC,YAAY,sBAAsB,CAAC;QAC5G,MAAM,UAAU,GAAG;YACjB,GAAG,KAAK,CAAC,UAAU;YACnB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;SAC7B,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;YACnC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,UAAU;YACV,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAA6B;QAC9C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,MAAM,uBAAuB,CAAC;QAC5F,MAAM,IAAI,GAAG;YACX,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;YAC5C,cAAc,EAAE,KAAK,CAAC,cAAc;SACrC,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;YACnC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,IAAI;YACJ,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAA6B;QAC9C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,gBAAgB,CAAC;QAEpF,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YAC7B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,QAA8B,EAAE;QAC/C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,cAAc,CAAC;QAEnE,OAAO,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC;YAC5B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,QAAoC,EAAE;QAC3D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,oBAAoB,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAAiC;QACtD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,oBAAoB,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,YAAY,EAAE,KAAK,CAAC,YAAY;SACjC,CAAC,CAAC;IACL,CAAC;CACF;AAED,SAAS,0BAA0B,CAAC,KAAc;IAChD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,CAAC;AACzE,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAsC;IAC/D,OAAO,YAAY,IAAI,KAAK,IAAI,WAAW,IAAI,KAAK,CAAC;AACvD,CAAC;AAED,SAAS,kBAAkB,CAAC,QAA0C,EAAE,MAAoB;IAC1F,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAiC;IAC7D,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QAC3B,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO;QACL,UAAU,EAAE,OAAO,CAAC,aAAa,CAAC,UAAU;KAC7C,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAiC;IACjE,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;IACvF,CAAC;IACD,OAAO,IAAI,kBAAkB,CAC3B,OAAO,CAAC,KAAK,EACb,oBAAoB,CAAC,OAAO,CAAC,EAC7B,kBAAkB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,MAAM,CAAC,EACzD,OAAO,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,CACnC,CAAC;AACJ,CAAC"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/clients/owner/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,cAAc,EAAwB,MAAM,2BAA2B,CAAC;AACjF,OAAO,EAAE,WAAW,EAAc,MAAM,2BAA2B,CAAC;AAwGpE,MAAM,eAAe,GAAG,cAAc,CAAC;AAEvC,MAAM,kBAAkB;IAIH;IACA;IACA;IACA;IANF,WAAW,CAAS;IAErC,YACmB,MAAoB,EACpB,SAAyB,EACzB,OAAqB,EACrB,SAAgB,IAAI,WAAW,EAAE;QAHjC,WAAM,GAAN,MAAM,CAAc;QACpB,cAAS,GAAT,SAAS,CAAgB;QACzB,YAAO,GAAP,OAAO,CAAc;QACrB,WAAM,GAAN,MAAM,CAA2B;QAElD,IAAI,CAAC,WAAW,GAAG,SAAS,EAAE,UAAU,IAAI,eAAe,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAA4B;QAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QAEnF,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;YAC7B,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc,EAAE,EAAE;YAClB,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,KAAoC;QAC5D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,wBAAwB,CAAC;QAC5F,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC;YACrC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,cAAc;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAA4B;QAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QACnF,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;YAC7B,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,QAA8B,EAAE;QAC9C,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,aAAa,CAAC;QAElE,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;YAC3B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK;YACL,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAA6B;QAC9C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,gBAAgB,CAAC;QAEpF,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YAC9B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,KAA8B;QAChD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,0BAA0B,CAAC;QAChG,MAAM,aAAa,GAAG;YACpB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;SACzB,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACtC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,aAAa;YACb,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAA4B;QAC5C,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG;YACb,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS,EAAE,QAAQ,CAAC,SAAS;YAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;SACzB,CAAC;QAEF,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACjC,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,UAAU,CAAU,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,KAAgC;QACpD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,OAAO,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QACxE,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,YAAY,sBAAsB,CAAC;QAE3F,MAAM,UAAU,GAAwD;YACtE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,YAAY;YACZ,SAAS,EAAG,KAAK,CAAC,SAAiB,IAAI,eAAe;YACtD,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE;YAClE,cAAc,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE;YACrE,cAAc,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE;YACrE,YAAY,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE;YAC/D,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;YACxC,QAAQ,EAAE,WAAW;SACtB,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;YACnC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,UAAU;YACV,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAA6B;QAC9C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,MAAM,uBAAuB,CAAC;QAC5F,MAAM,IAAI,GAAG;YACX,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;YAC5C,cAAc,EAAE,KAAK,CAAC,cAAc;SACrC,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;YACnC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,IAAI;YACJ,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAA6B;QAC9C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,gBAAgB,CAAC;QAEpF,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YAC7B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,QAA8B,EAAE;QAC/C,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,cAAc,CAAC;QAEnE,OAAO,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC;YAC5B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,QAAoC,EAAE;QAC3D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,oBAAoB,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAAiC;QACtD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,oBAAoB,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,YAAY,EAAE,KAAK,CAAC,YAAY;SACjC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAkC;QACxD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,sBAAsB,CAAC;QAE3E,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;YACnC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,KAAmC;QAC1D,OAAO,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;YACpC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,OAAO,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACvC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,SAAiB;QACrC,OAAO,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;YACjC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,SAAiB;QACpC,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;YAChC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;CACF;AAED,SAAS,0BAA0B,CAAC,KAAc;IAChD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,CAAC;AACzE,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAsC;IAC/D,OAAO,YAAY,IAAI,KAAK,IAAI,WAAW,IAAI,KAAK,CAAC;AACvD,CAAC;AAED,SAAS,kBAAkB,CAAC,QAA0C,EAAE,MAAoB;IAC1F,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAiC;IAC7D,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QAC3B,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO;QACL,UAAU,EAAE,OAAO,CAAC,aAAa,CAAC,UAAU;KAC7C,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAiC;IACjE,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;IACvF,CAAC;IACD,OAAO,IAAI,kBAAkB,CAC3B,OAAO,CAAC,KAAK,EACb,oBAAoB,CAAC,OAAO,CAAC,EAC7B,kBAAkB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,MAAM,CAAC,EACzD,OAAO,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,CACnC,CAAC;AACJ,CAAC"}