@the-ai-company/cbio-node-runtime 1.50.0 → 1.51.0

package/README.md

@@ -65,7 +65,10 @@ You can generate and register agents directly within the vault. The vault holds
 ```ts
 import { createVaultClient } from '@the-ai-company/cbio-node-runtime';
 
-const client = createVaultClient({ vault: vault.vault });
+const client = createVaultClient({
+  vault: vault.vault,
+  passwordVerifier: vault.verifyPassword
+});
 
 // Generate and register a new agent in one step
 const createdAgent = await client.ownerCreateAgent({
@@ -150,8 +153,7 @@ const request = await client.ownerSubmitCapabilityRequest({
 const pendingRequests = await client.ownerListPendingCapabilityRequests();
 
 const capability = await client.ownerApproveCapabilityRequest({
-  requestId: pendingRequests[0].requestId,
-  capabilityId: 'cap-users-read'
+  requestId: pendingRequests[0].requestId
 });
 ```
 
@@ -208,3 +210,8 @@ if (pending.length > 0) {
 npm run build
 npm test
 ```
+// Sensitive plaintext reads require the vault password again
+const plaintext = await client.ownerReadSecretPlaintext({
+  alias: 'api-token',
+  password: 'your-secure-password'
+});

package/dist/clients/owner/client.d.ts

@@ -1,7 +1,7 @@
 import { type CreatedIdentity } from "../../runtime/identity.js";
 import { type Clock } from "../../vault-core/index.js";
 import type { VaultService } from "../../vault-ingress/index.js";
-import type { VaultAuditQueryInput, OwnerDefineSecretTargetsInput, VaultExportSecretInput, VaultGrantCapabilityInput, VaultRegisterFlowInput, VaultImportAgentInput, VaultCreateAgentInput, OwnerAgentProvisionResult, OwnerStoreSecretInput, OwnerWriteSecretInput, VaultDeleteSecretInput, VaultListAgentsInput, VaultListCapabilitiesInput, VaultListSecretsInput, VaultRevokeCapabilityInput, VaultSubmitCapabilityRequestInput, VaultApproveCapabilityRequestInput } from "./contracts.js";
+import type { VaultAuditQueryInput, OwnerDefineSecretTargetsInput, VaultExportSecretInput, VaultReadSecretPlaintextInput, VaultGrantCapabilityInput, VaultRegisterFlowInput, VaultImportAgentInput, VaultCreateAgentInput, OwnerAgentProvisionResult, OwnerStoreSecretInput, OwnerWriteSecretInput, VaultDeleteSecretInput, VaultListAgentsInput, VaultListCapabilitiesInput, VaultListSecretsInput, VaultRevokeCapabilityInput, VaultSubmitCapabilityRequestInput, VaultApproveCapabilityRequestInput, OwnerSensitiveActionConfirmation, OwnerSensitiveActionContext } from "./contracts.js";
 export interface VaultIdentity {
     identityId: string;
 }
@@ -29,10 +29,11 @@ export interface VaultClient {
      * Exports a secret's plaintext.
      */
     ownerExportSecret(input: VaultExportSecretInput): Promise<import("../../vault-core/index.js").OwnerSecretExport>;
+    ownerReadSecretPlaintext(input: VaultReadSecretPlaintextInput): Promise<string>;
     /**
      * Grants a specific capability to an agent.
      */
-    ownerGrantCapability(input: VaultGrantCapabilityInput): Promise<void>;
+    ownerGrantCapability(input: VaultGrantCapabilityInput): Promise<import("../../vault-core/index.js").AgentCapability>;
     /**
      * Reads the tamper-evident audit log for the vault.
      */
@@ -46,7 +47,7 @@ export interface VaultClient {
     /**
      * Registers a custom HTTP flow for complex secret usage.
      */
-    ownerRegisterFlow(input: VaultRegisterFlowInput): Promise<void>;
+    ownerRegisterFlow(input: VaultRegisterFlowInput): Promise<import("../../vault-core/index.js").CustomHttpFlowDefinition>;
     /**
      * Permanently deletes a secret from the vault.
      */
@@ -76,6 +77,8 @@ export interface CreateVaultClientOptions {
     signer?: VaultSigner;
     clock?: Clock;
     skipWarmup?: boolean;
+    passwordVerifier?: (password: string) => Promise<boolean> | boolean;
+    sensitiveActionVerifier?: (confirmation: OwnerSensitiveActionConfirmation, context: OwnerSensitiveActionContext) => Promise<boolean> | boolean;
 }
 /**
  * Creates a {@link VaultClient} instance for a specific vault owner.

package/dist/clients/owner/client.js

@@ -9,15 +9,42 @@ class DefaultVaultClient {
     _signer;
     _clock;
     _skipWarmup;
+    _passwordVerifier;
+    _sensitiveActionVerifier;
     _identityId;
-    constructor(_vault, _identity, _signer, _clock = new SystemClock(), _skipWarmup = false) {
+    constructor(_vault, _identity, _signer, _clock = new SystemClock(), _skipWarmup = false, _passwordVerifier, _sensitiveActionVerifier) {
         this._vault = _vault;
         this._identity = _identity;
         this._signer = _signer;
         this._clock = _clock;
         this._skipWarmup = _skipWarmup;
+        this._passwordVerifier = _passwordVerifier;
+        this._sensitiveActionVerifier = _sensitiveActionVerifier;
         this._identityId = _identity?.identityId ?? VAULT_MASTER_ID;
     }
+    async _confirmSensitiveAction(confirmation, context) {
+        const normalizedPassword = confirmation.password.trim();
+        if (!normalizedPassword) {
+            throw new Error("owner password is required");
+        }
+        if (this._sensitiveActionVerifier) {
+            const valid = await this._sensitiveActionVerifier({
+                password: normalizedPassword,
+                verificationCode: confirmation.verificationCode,
+            }, context);
+            if (!valid) {
+                throw new Error("sensitive action confirmation rejected");
+            }
+            return;
+        }
+        if (!this._passwordVerifier) {
+            throw new Error("VaultClient: sensitiveActionVerifier or passwordVerifier is required for sensitive reads");
+        }
+        const valid = await this._passwordVerifier(normalizedPassword);
+        if (!valid) {
+            throw new Error("invalid vault password");
+        }
+    }
     _newVaultAgentId() {
         return `${VAULT_AGENT_ID_PREFIX}${crypto.randomUUID()}`;
     }
@@ -87,6 +114,13 @@ class DefaultVaultClient {
         });
     }
     async ownerExportSecret(input) {
+        await this._confirmSensitiveAction({
+            password: input.password,
+            verificationCode: input.verificationCode,
+        }, {
+            action: "export_secret",
+            subject: input.alias,
+        });
         const requestedAt = input.requestedAt ?? this._clock.nowIso();
         const requestId = `${this._identityId}:${requestedAt}:${input.alias}:export_secret`;
         return this._vault.ownerExportSecret({
@@ -100,6 +134,49 @@ class DefaultVaultClient {
             requestedAt,
         });
     }
+    async ownerReadSecretPlaintext(input) {
+        await this._confirmSensitiveAction({
+            password: input.password,
+            verificationCode: input.verificationCode,
+        }, {
+            action: "read_secret_plaintext",
+            subject: input.alias,
+        });
+        const exported = await this._vault.ownerExportSecret({
+            vaultId: this._vault.vaultId,
+            actor: {
+                kind: "owner",
+                id: this._identityId,
+            },
+            alias: input.alias,
+            requestId: `${this._identityId}:${input.requestedAt ?? this._clock.nowIso()}:${input.alias}:read_secret_plaintext`,
+            requestedAt: input.requestedAt ?? this._clock.nowIso(),
+        });
+        return exported.plaintext;
+    }
+    async ownerReadAgentPrivateKey(input) {
+        await this._confirmSensitiveAction({
+            password: input.password,
+            verificationCode: input.verificationCode,
+        }, {
+            action: "read_agent_private_key",
+            subject: input.agentId,
+        });
+        const agents = await this._vault.ownerListAgents({
+            vaultId: this._vault.vaultId,
+            requestId: `${this._identityId}:${input.requestedAt ?? this._clock.nowIso()}:${input.agentId}:read_agent_private_key`,
+            requestedAt: input.requestedAt ?? this._clock.nowIso(),
+            actor: {
+                kind: "owner",
+                id: this._identityId,
+            },
+        });
+        const agent = agents.find((record) => record.agentId === input.agentId);
+        if (!agent?.privateKey) {
+            throw new Error("agent private key not found");
+        }
+        return agent.privateKey;
+    }
     async _ownerRegisterManagedAgentIdentity(input) {
         const requestedAt = input.requestedAt ?? this._clock.nowIso();
         const requestId = `${this._identityId}:${requestedAt}:${input.agentId}:register_agent_identity`;
@@ -172,7 +249,7 @@ class DefaultVaultClient {
     }
     async ownerGrantCapability(input) {
         const requestedAt = input.requestedAt ?? this._clock.nowIso();
-        const capabilityId = input.capabilityId ?? `cap_${crypto.randomUUID()}`;
+        const capabilityId = `vcap_${crypto.randomUUID()}`;
         const requestId = `${this._identityId}:${requestedAt}:${capabilityId}:register_capability`;
         const capability = {
             vaultId: this._vault.vaultId,
@@ -196,12 +273,14 @@ class DefaultVaultClient {
             capability,
             requestedAt,
         });
+        return capability;
     }
     async ownerRegisterFlow(input) {
         const requestedAt = input.requestedAt ?? this._clock.nowIso();
-        const requestId = `${this._identityId}:${requestedAt}:${input.flowId}:register_custom_flow`;
+        const flowId = `vflow_${crypto.randomUUID()}`;
+        const requestId = `${this._identityId}:${requestedAt}:${flowId}:register_custom_flow`;
         const flow = {
-            flowId: input.flowId,
+            flowId,
             mode: input.mode,
             targetUrl: input.targetUrl,
             method: input.method,
@@ -218,6 +297,17 @@ class DefaultVaultClient {
             flow,
             requestedAt,
         });
+        return {
+            vaultId: this._vault.vaultId,
+            flowId,
+            ownerId: this._identityId,
+            mode: input.mode,
+            targetUrl: input.targetUrl,
+            method: input.method,
+            responseVisibility: input.responseVisibility,
+            responseSecret: input.responseSecret,
+            createdAt: requestedAt,
+        };
     }
     async ownerDeleteSecret(input) {
         const requestedAt = input.requestedAt ?? this._clock.nowIso();
@@ -236,7 +326,7 @@ class DefaultVaultClient {
     async ownerListAgents(input = {}) {
         const requestedAt = input.requestedAt ?? this._clock.nowIso();
         const requestId = `${this._identityId}:${requestedAt}:list_agents`;
-        return this._vault.ownerListAgents({
+        const agents = await this._vault.ownerListAgents({
             vaultId: this._vault.vaultId,
             requestId,
             requestedAt,
@@ -245,6 +335,10 @@ class DefaultVaultClient {
                 id: this._identityId,
             },
         });
+        return agents.map((agent) => ({
+            ...agent,
+            privateKey: undefined,
+        }));
     }
     async ownerListCapabilities(input = {}) {
         const requestedAt = input.requestedAt ?? this._clock.nowIso();
@@ -363,7 +457,6 @@ class DefaultVaultClient {
         return this._vault.ownerApproveCapabilityRequest({
             vaultId: this._vault.vaultId,
             requestId: input.requestId,
-            capabilityId: input.capabilityId,
             owner: { kind: "owner", id: this._identityId },
         });
     }
@@ -429,7 +522,7 @@ export function createVaultClient(options) {
     if (!isCreateVaultClientOptions(options)) {
         throw new Error("createVaultClient() requires a single options object with 'vault'");
     }
-    const client = new DefaultVaultClient(options.vault, resolveVaultIdentity(options), resolveVaultSigner(options.ownerIdentity, options.signer), options.clock ?? new SystemClock(), options.skipWarmup);
+    const client = new DefaultVaultClient(options.vault, resolveVaultIdentity(options), resolveVaultSigner(options.ownerIdentity, options.signer), options.clock ?? new SystemClock(), options.skipWarmup, options.passwordVerifier, options.sensitiveActionVerifier);
     if (!options.skipWarmup) {
         // Warmup session tokens by default unless explicitly skipped
         client.ownerIssueAllSessionTokens().catch((err) => {

package/dist/clients/owner/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/clients/owner/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,eAAe,EAAwB,MAAM,2BAA2B,CAAC;AAElG,OAAO,EAAE,WAAW,EAAc,MAAM,2BAA2B,CAAC;AAqHpE,MAAM,eAAe,GAAG,cAAc,CAAC;AACvC,MAAM,qBAAqB,GAAG,OAAO,CAAC;AAEtC,MAAM,kBAAkB;IAIH;IACA;IACA;IACA;IACA;IAPF,WAAW,CAAS;IAErC,YACmB,MAAoB,EACpB,SAAyB,EACzB,OAAqB,EACrB,SAAgB,IAAI,WAAW,EAAE,EACjC,cAAuB,KAAK;QAJ5B,WAAM,GAAN,MAAM,CAAc;QACpB,cAAS,GAAT,SAAS,CAAgB;QACzB,YAAO,GAAP,OAAO,CAAc;QACrB,WAAM,GAAN,MAAM,CAA2B;QACjC,gBAAW,GAAX,WAAW,CAAiB;QAE7C,IAAI,CAAC,WAAW,GAAG,SAAS,EAAE,UAAU,IAAI,eAAe,CAAC;IAC9D,CAAC;IAEO,gBAAgB;QACtB,OAAO,GAAG,qBAAqB,GAAG,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAA4B;QACjD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QAEnF,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc,EAAE,EAAE;YAClB,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,KAAoC;QACjE,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,wBAAwB,CAAC;QAC5F,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC;YAC1C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,cAAc;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAA4B;QACjD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QACnF,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,QAA8B,EAAE;QACnD,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,aAAa,CAAC;QAElE,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;YAChC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK;YACL,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAA6B;QACnD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,gBAAgB,CAAC;QAEpF,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;YACnC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,kCAAkC,CAAC,KAQhD;QACC,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,0BAA0B,CAAC;QAChG,MAAM,aAAa,GAAG;YACpB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;SACzB,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC;YAC3C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,aAAa;YACb,WAAW;SACZ,CAAC,CAAC;QACH,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAA4B;QACjD,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QACjF,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kCAAkC,CAAC;YAC1D,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE;YAChC,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;YAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC;YACrD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QACH,OAAO;YACL,KAAK,EAAE;gBACL,GAAG,KAAK;gBACR,UAAU,EAAE,SAAS;aACtB;YACD,YAAY;SACb,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAA4B;QACjD,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;QAClC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kCAAkC,CAAC;YAC1D,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE;YAChC,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;YAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC;YACrD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QACH,OAAO;YACL,KAAK,EAAE;gBACL,GAAG,KAAK;gBACR,UAAU,EAAE,SAAS;aACtB;YACD,YAAY;SACb,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,KAAgC;QACzD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,OAAO,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QACxE,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,YAAY,sBAAsB,CAAC;QAE3F,MAAM,UAAU,GAAwD;YACtE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,YAAY;YACZ,SAAS,EAAG,KAAK,CAAC,SAAiB,IAAI,eAAe;YACtD,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE;YAClE,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,OAAO,EAAE,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;YAC3B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,QAAQ,EAAE,WAAW;SACtB,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC;YACxC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,UAAU;YACV,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAA6B;QACnD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,MAAM,uBAAuB,CAAC;QAC5F,MAAM,IAAI,GAAG;YACX,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;YAC5C,cAAc,EAAE,KAAK,CAAC,cAAc;SACrC,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC;YACxC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,IAAI;YACJ,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAA6B;QACnD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,gBAAgB,CAAC;QAEpF,MAAM,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,QAA8B,EAAE;QACpD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,cAAc,CAAC;QAEnE,OAAO,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;YACjC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,QAAoC,EAAE;QAChE,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,oBAAoB,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACvC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,QAA+B,EAAE;QACtD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,eAAe,CAAC;QACpE,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,KAAiC;QAC3D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,oBAAoB,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACvC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,YAAY,EAAE,KAAK,CAAC,YAAY;SACjC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,KAAkC;QAC7D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,sBAAsB,CAAC;QAE3E,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;YACxC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,KAAmC;QAC/D,OAAO,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC;YACzC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,4BAA4B,CAAC,KAAwC;QACzE,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,KAAK,CAAC,SAAS,CAAC,EAAE,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,4BAA4B,CAAC;QAEpG,OAAO,IAAI,CAAC,MAAM,CAAC,4BAA4B,CAAC;YAC9C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,KAAK,EAAE;gBACL,SAAS,EAAG,KAAK,CAAC,SAAiB,IAAI,eAAe;gBACtD,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE;gBAClE,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,OAAO,EAAE,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;gBAC3B,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;aAC3B;YACD,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,kCAAkC;QACtC,OAAO,IAAI,CAAC,MAAM,CAAC,kCAAkC,CAAC;YACpD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,0BAA0B;QAC9B,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC;YAC5C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,0BAA0B;QAC9B,OAAO,IAAI,CAAC,MAAM,CAAC,+BAA+B,CAAC;YACjD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,KAAgC;QACzD,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC;YACtC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,6BAA6B,CAAC,KAAyC;QAC3E,OAAO,IAAI,CAAC,MAAM,CAAC,6BAA6B,CAAC;YAC/C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACzC,OAAO,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC;YACrC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,4BAA4B,CAAC,SAAiB;QAClD,OAAO,IAAI,CAAC,MAAM,CAAC,4BAA4B,CAAC;YAC9C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,sBAAsB,CAAC,QAAqF;QAC1G,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;IACtD,CAAC;IAED,+BAA+B,CAAC,QAA8F;QAC5H,OAAO,IAAI,CAAC,MAAM,CAAC,+BAA+B,CAAC,QAAQ,CAAC,CAAC;IAC/D,CAAC;CACF;AAED,SAAS,0BAA0B,CAAC,KAAc;IAChD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,CAAC;AACzE,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAsC;IAC/D,OAAO,YAAY,IAAI,KAAK,IAAI,WAAW,IAAI,KAAK,CAAC;AACvD,CAAC;AAED,SAAS,kBAAkB,CAAC,QAA0C,EAAE,MAAoB;IAC1F,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAiC;IAC7D,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QAC3B,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO;QACL,UAAU,EAAE,OAAO,CAAC,aAAa,CAAC,UAAU;KAC7C,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAiC;IACjE,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;IACvF,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,kBAAkB,CACnC,OAAO,CAAC,KAAK,EACb,oBAAoB,CAAC,OAAO,CAAC,EAC7B,kBAAkB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,MAAM,CAAC,EACzD,OAAO,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,EAClC,OAAO,CAAC,UAAU,CACnB,CAAC;IAEF,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QACxB,6DAA6D;QAC7D,MAAM,CAAC,0BAA0B,EAAE,CAAC,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;YACzD,OAAO,CAAC,KAAK,CAAC,+CAA+C,EAAE,GAAG,CAAC,CAAC;QACtE,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/clients/owner/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,eAAe,EAAwB,MAAM,2BAA2B,CAAC;AAClG,OAAO,EAAE,WAAW,EAAc,MAAM,2BAA2B,CAAC;AA+HpE,MAAM,eAAe,GAAG,cAAc,CAAC;AACvC,MAAM,qBAAqB,GAAG,OAAO,CAAC;AAEtC,MAAM,kBAAkB;IAIH;IACA;IACA;IACA;IACA;IACA;IACA;IATF,WAAW,CAAS;IAErC,YACmB,MAAoB,EACpB,SAAyB,EACzB,OAAqB,EACrB,SAAgB,IAAI,WAAW,EAAE,EACjC,cAAuB,KAAK,EAC5B,iBAAoE,EACpE,wBAGc;QATd,WAAM,GAAN,MAAM,CAAc;QACpB,cAAS,GAAT,SAAS,CAAgB;QACzB,YAAO,GAAP,OAAO,CAAc;QACrB,WAAM,GAAN,MAAM,CAA2B;QACjC,gBAAW,GAAX,WAAW,CAAiB;QAC5B,sBAAiB,GAAjB,iBAAiB,CAAmD;QACpE,6BAAwB,GAAxB,wBAAwB,CAGV;QAE/B,IAAI,CAAC,WAAW,GAAG,SAAS,EAAE,UAAU,IAAI,eAAe,CAAC;IAC9D,CAAC;IAEO,KAAK,CAAC,uBAAuB,CACnC,YAA8C,EAC9C,OAAoC;QAEpC,MAAM,kBAAkB,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACxD,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QACD,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC;gBAChD,QAAQ,EAAE,kBAAkB;gBAC5B,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;aAChD,EAAE,OAAO,CAAC,CAAC;YACZ,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;YAC5D,CAAC;YACD,OAAO;QACT,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAC;QAC9G,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,CAAC;QAC/D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAEO,gBAAgB;QACtB,OAAO,GAAG,qBAAqB,GAAG,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAA4B;QACjD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QAEnF,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc,EAAE,EAAE;YAClB,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,KAAoC;QACjE,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,wBAAwB,CAAC;QAC5F,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC;YAC1C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,cAAc;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAA4B;QACjD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,eAAe,CAAC;QACnF,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,cAAc;YACd,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,QAA8B,EAAE;QACnD,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,aAAa,CAAC;QAElE,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;YAChC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK;YACL,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAA6B;QACnD,MAAM,IAAI,CAAC,uBAAuB,CAAC;YACjC,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;SACzC,EAAE;YACD,MAAM,EAAE,eAAe;YACvB,OAAO,EAAE,KAAK,CAAC,KAAK;SACrB,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,gBAAgB,CAAC;QAEpF,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;YACnC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,KAAoC;QACjE,MAAM,IAAI,CAAC,uBAAuB,CAAC;YACjC,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;SACzC,EAAE;YACD,MAAM,EAAE,uBAAuB;YAC/B,OAAO,EAAE,KAAK,CAAC,KAAK;SACrB,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;YACnD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,GAAG,IAAI,CAAC,WAAW,IAAI,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,KAAK,CAAC,KAAK,wBAAwB;YAClH,WAAW,EAAE,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;SACvD,CAAC,CAAC;QACH,OAAO,QAAQ,CAAC,SAAS,CAAC;IAC5B,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,KAAoC;QACjE,MAAM,IAAI,CAAC,uBAAuB,CAAC;YACjC,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;SACzC,EAAE;YACD,MAAM,EAAE,wBAAwB;YAChC,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;YAC/C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS,EAAE,GAAG,IAAI,CAAC,WAAW,IAAI,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,KAAK,CAAC,OAAO,yBAAyB;YACrH,WAAW,EAAE,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;YACtD,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;SACF,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,KAAK,KAAK,CAAC,OAAO,CAAC,CAAC;QACxE,IAAI,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QACD,OAAO,KAAK,CAAC,UAAU,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,kCAAkC,CAAC,KAQhD;QACC,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,0BAA0B,CAAC;QAChG,MAAM,aAAa,GAAG;YACpB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;SACzB,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC;YAC3C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,aAAa;YACb,WAAW;SACZ,CAAC,CAAC;QACH,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAA4B;QACjD,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QACjF,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kCAAkC,CAAC;YAC1D,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE;YAChC,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;YAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC;YACrD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QACH,OAAO;YACL,KAAK,EAAE;gBACL,GAAG,KAAK;gBACR,UAAU,EAAE,SAAS;aACtB;YACD,YAAY;SACb,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAA4B;QACjD,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;QAClC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kCAAkC,CAAC;YAC1D,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE;YAChC,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;YAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC;YACrD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAC;QACH,OAAO;YACL,KAAK,EAAE;gBACL,GAAG,KAAK;gBACR,UAAU,EAAE,SAAS;aACtB;YACD,YAAY;SACb,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,KAAgC;QACzD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,YAAY,GAAG,QAAQ,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QACnD,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,YAAY,sBAAsB,CAAC;QAE3F,MAAM,UAAU,GAAwD;YACtE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,YAAY;YACZ,SAAS,EAAG,KAAK,CAAC,SAAiB,IAAI,eAAe;YACtD,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE;YAClE,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,OAAO,EAAE,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;YAC3B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,QAAQ,EAAE,WAAW;SACtB,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC;YACxC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,UAAU;YACV,WAAW;SACZ,CAAC,CAAC;QACH,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAA6B;QACnD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,MAAM,GAAG,SAAS,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QAC9C,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,MAAM,uBAAuB,CAAC;QACtF,MAAM,IAAI,GAAG;YACX,MAAM;YACN,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;YAC5C,cAAc,EAAE,KAAK,CAAC,cAAc;SACrC,CAAC;QAEF,MAAM,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC;YACxC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,IAAI;YACJ,WAAW;SACZ,CAAC,CAAC;QACH,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,MAAM;YACN,OAAO,EAAE,IAAI,CAAC,WAAW;YACzB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;YAC5C,cAAc,EAAE,KAAK,CAAC,cAAc;YACpC,SAAS,EAAE,WAAW;SACvB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAA6B;QACnD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,IAAI,KAAK,CAAC,KAAK,gBAAgB,CAAC;QAEpF,MAAM,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,QAA8B,EAAE;QACpD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,cAAc,CAAC;QAEnE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;YAC/C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;SACF,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YAC5B,GAAG,KAAK;YACR,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC,CAAC;IACN,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,QAAoC,EAAE;QAChE,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,oBAAoB,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACvC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,QAA+B,EAAE;QACtD,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,eAAe,CAAC;QACpE,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,KAAiC;QAC3D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,oBAAoB,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC;YACvC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,WAAW;YACX,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,YAAY,EAAE,KAAK,CAAC,YAAY;SACjC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,KAAkC;QAC7D,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,sBAAsB,CAAC;QAE3E,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;YACxC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS;YACT,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,KAAmC;QAC/D,OAAO,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC;YACzC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE;gBACL,IAAI,EAAE,OAAO;gBACb,EAAE,EAAE,IAAI,CAAC,WAAW;aACrB;YACD,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,4BAA4B,CAAC,KAAwC;QACzE,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9D,MAAM,SAAS,GAAG,GAAG,KAAK,CAAC,SAAS,CAAC,EAAE,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,4BAA4B,CAAC;QAEpG,OAAO,IAAI,CAAC,MAAM,CAAC,4BAA4B,CAAC;YAC9C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,KAAK,EAAE;gBACL,SAAS,EAAG,KAAK,CAAC,SAAiB,IAAI,eAAe;gBACtD,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE;gBAClE,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,OAAO,EAAE,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;gBAC3B,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;aAC3B;YACD,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,kCAAkC;QACtC,OAAO,IAAI,CAAC,MAAM,CAAC,kCAAkC,CAAC;YACpD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,0BAA0B;QAC9B,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC;YAC5C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,0BAA0B;QAC9B,OAAO,IAAI,CAAC,MAAM,CAAC,+BAA+B,CAAC;YACjD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,KAAgC;QACzD,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC;YACtC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,6BAA6B,CAAC,KAAyC;QAC3E,OAAO,IAAI,CAAC,MAAM,CAAC,6BAA6B,CAAC;YAC/C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACzC,OAAO,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC;YACrC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,4BAA4B,CAAC,SAAiB;QAClD,OAAO,IAAI,CAAC,MAAM,CAAC,4BAA4B,CAAC;YAC9C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,SAAS;YACT,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,sBAAsB,CAAC,QAAqF;QAC1G,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;IACtD,CAAC;IAED,+BAA+B,CAAC,QAA8F;QAC5H,OAAO,IAAI,CAAC,MAAM,CAAC,+BAA+B,CAAC,QAAQ,CAAC,CAAC;IAC/D,CAAC;CACF;AAED,SAAS,0BAA0B,CAAC,KAAc;IAChD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,CAAC;AACzE,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAsC;IAC/D,OAAO,YAAY,IAAI,KAAK,IAAI,WAAW,IAAI,KAAK,CAAC;AACvD,CAAC;AAED,SAAS,kBAAkB,CAAC,QAA0C,EAAE,MAAoB;IAC1F,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAiC;IAC7D,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QAC3B,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO;QACL,UAAU,EAAE,OAAO,CAAC,aAAa,CAAC,UAAU;KAC7C,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAiC;IACjE,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;IACvF,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,kBAAkB,CACnC,OAAO,CAAC,KAAK,EACb,oBAAoB,CAAC,OAAO,CAAC,EAC7B,kBAAkB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,MAAM,CAAC,EACzD,OAAO,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,EAClC,OAAO,CAAC,UAAU,EAClB,OAAO,CAAC,gBAAgB,EACxB,OAAO,CAAC,uBAAuB,CAChC,CAAC;IAEF,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QACxB,6DAA6D;QAC7D,MAAM,CAAC,0BAA0B,EAAE,CAAC,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;YACzD,OAAO,CAAC,KAAK,CAAC,+CAA+C,EAAE,GAAG,CAAC,CAAC;QACtE,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/clients/owner/contracts.d.ts

@@ -30,8 +30,30 @@ export interface VaultAuditQueryInput {
 }
 export interface VaultExportSecretInput {
     alias: string;
+    password: string;
+    verificationCode?: string;
     requestedAt?: string;
 }
+export interface VaultReadSecretPlaintextInput {
+    alias: string;
+    password: string;
+    verificationCode?: string;
+    requestedAt?: string;
+}
+export interface VaultReadAgentPrivateKeyInput {
+    agentId: string;
+    password: string;
+    verificationCode?: string;
+    requestedAt?: string;
+}
+export interface OwnerSensitiveActionConfirmation {
+    password: string;
+    verificationCode?: string;
+}
+export interface OwnerSensitiveActionContext {
+    action: "read_secret_plaintext" | "export_secret" | "read_agent_private_key";
+    subject: string;
+}
 export interface VaultImportAgentInput {
     privateKey: string;
     metadata?: Record<string, any>;
@@ -48,12 +70,10 @@ export interface OwnerAgentProvisionResult {
     sessionToken: import("../../vault-core/index.js").OwnerSessionToken;
 }
 export interface VaultRegisterFlowInput extends OwnerHttpFlowBoundary {
-    flowId: string;
     requestedAt?: string;
 }
 export interface VaultGrantCapabilityInput {
     agentId: string;
-    capabilityId?: string;
     operation?: string;
     secretAliases?: readonly string[];
     scope: string;
@@ -90,7 +110,6 @@ export interface VaultSubmitCapabilityRequestInput {
 }
 export interface VaultApproveCapabilityRequestInput {
     requestId: string;
-    capabilityId?: string;
     requestedAt?: string;
 }
 export interface VaultDeleteSecretInput {
@@ -126,6 +145,8 @@ export interface CreateVaultClientOptions {
     };
     clock?: import("../../vault-core/index.js").Clock;
     skipWarmup?: boolean;
+    passwordVerifier?: (password: string) => Promise<boolean> | boolean;
+    sensitiveActionVerifier?: (confirmation: OwnerSensitiveActionConfirmation, context: OwnerSensitiveActionContext) => Promise<boolean> | boolean;
 }
 /**
  * A client for vault owners to manage secrets, agents, and capabilities.
@@ -135,11 +156,13 @@ export interface VaultClient {
     ownerDefineSecretTargets(input: OwnerDefineSecretTargetsInput): Promise<import("../../vault-core/index.js").SecretRecord>;
     ownerWriteSecret(input: OwnerWriteSecretInput): Promise<import("../../vault-core/index.js").SecretRecord>;
     ownerExportSecret(input: VaultExportSecretInput): Promise<import("../../vault-core/index.js").OwnerSecretExport>;
-    ownerGrantCapability(input: VaultGrantCapabilityInput): Promise<void>;
+    ownerReadSecretPlaintext(input: VaultReadSecretPlaintextInput): Promise<string>;
+    ownerReadAgentPrivateKey(input: VaultReadAgentPrivateKeyInput): Promise<string>;
+    ownerGrantCapability(input: VaultGrantCapabilityInput): Promise<import("../../vault-core/index.js").AgentCapability>;
     ownerReadAudit(query?: VaultAuditQueryInput): Promise<readonly import("../../vault-core/index.js").AuditEntry[]>;
     ownerImportAgent(input: VaultImportAgentInput): Promise<OwnerAgentProvisionResult>;
     ownerCreateAgent(input: VaultCreateAgentInput): Promise<OwnerAgentProvisionResult>;
-    ownerRegisterFlow(input: VaultRegisterFlowInput): Promise<void>;
+    ownerRegisterFlow(input: VaultRegisterFlowInput): Promise<import("../../vault-core/index.js").CustomHttpFlowDefinition>;
     ownerDeleteSecret(input: VaultDeleteSecretInput): Promise<void>;
     ownerListAgents(input?: VaultListAgentsInput): Promise<readonly import("../../vault-core/index.js").AgentIdentityRecord[]>;
     ownerListCapabilities(input?: VaultListCapabilitiesInput): Promise<readonly import("../../vault-core/index.js").AgentCapability[]>;

package/dist/clients/owner/index.d.ts

@@ -1,3 +1,3 @@
 export { createVaultClient } from "./client.js";
 export type { VaultClient, CreateVaultClientOptions, VaultIdentity, VaultSigner, } from "./client.js";
-export type { VaultAuditQueryInput, OwnerDefineSecretTargetsInput, VaultExportSecretInput, VaultGrantCapabilityInput, VaultRegisterFlowInput, VaultImportAgentInput, VaultCreateAgentInput, OwnerAgentProvisionResult, OwnerSecretTargetBinding, OwnerStoreSecretInput, OwnerWriteSecretInput, VaultDeleteSecretInput, VaultListAgentsInput, VaultListCapabilitiesInput, VaultListSecretsInput, VaultRevokeCapabilityInput, VaultIssueSessionTokenInput, VaultRevokeSessionTokenInput, VaultSubmitCapabilityRequestInput, VaultApproveCapabilityRequestInput, } from "./contracts.js";
+export type { VaultAuditQueryInput, OwnerDefineSecretTargetsInput, VaultExportSecretInput, VaultReadSecretPlaintextInput, VaultReadAgentPrivateKeyInput, OwnerSensitiveActionConfirmation, OwnerSensitiveActionContext, VaultGrantCapabilityInput, VaultRegisterFlowInput, VaultImportAgentInput, VaultCreateAgentInput, OwnerAgentProvisionResult, OwnerSecretTargetBinding, OwnerStoreSecretInput, OwnerWriteSecretInput, VaultDeleteSecretInput, VaultListAgentsInput, VaultListCapabilitiesInput, VaultListSecretsInput, VaultRevokeCapabilityInput, VaultIssueSessionTokenInput, VaultRevokeSessionTokenInput, VaultSubmitCapabilityRequestInput, VaultApproveCapabilityRequestInput, } from "./contracts.js";

package/dist/protocol/identity.d.ts

@@ -2,7 +2,10 @@
  * Claw-biometric Core Identity. Runtime utilities over protocol primitives.
  * getVaultPath (runtime). Re-exports protocol for consumers.
  */
+import { createIdentity as protocolCreateIdentity, type RootAgentIdentity } from '@the-ai-company/cbio-protocol';
 import { getChildIdentitySecretName, CHILD_KEY_PREFIX } from './childSecretNaming.js';
 export { getChildIdentitySecretName, CHILD_KEY_PREFIX };
+export type { RootAgentIdentity };
+export declare const createIdentity: typeof protocolCreateIdentity;
 export declare function deriveIdentityId(publicKey: string): string;
 export declare function getVaultPath(publicKey: string): string;

package/dist/protocol/identity.js

@@ -5,9 +5,10 @@
 import * as os from 'node:os';
 import * as path from 'node:path';
 import * as crypto from 'node:crypto';
-import { deriveRootAgentId as protocolDeriveIdentityId } from '@the-ai-company/cbio-protocol';
+import { createIdentity as protocolCreateIdentity, deriveRootAgentId as protocolDeriveIdentityId, } from '@the-ai-company/cbio-protocol';
 import { getChildIdentitySecretName, CHILD_KEY_PREFIX } from './childSecretNaming.js';
 export { getChildIdentitySecretName, CHILD_KEY_PREFIX };
+export const createIdentity = protocolCreateIdentity;
 export function deriveIdentityId(publicKey) {
     return protocolDeriveIdentityId(publicKey);
 }

package/dist/protocol/identity.js.map

@@ -1 +1 @@
-{"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/protocol/identity.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,iBAAiB,IAAI,wBAAwB,EAAE,MAAM,+BAA+B,CAAC;AAC9F,OAAO,EAAE,0BAA0B,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAEtF,OAAO,EAAE,0BAA0B,EAAE,gBAAgB,EAAE,CAAC;AAExD,MAAM,UAAU,gBAAgB,CAAC,SAAiB;IAC9C,OAAO,wBAAwB,CAAC,SAAS,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,SAAiB;IAC1C,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC1F,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC;IAC/E,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,IAAI,MAAM,CAAC,CAAC;AACnD,CAAC"}
+{"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/protocol/identity.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,EACH,cAAc,IAAI,sBAAsB,EACxC,iBAAiB,IAAI,wBAAwB,GAEhD,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,0BAA0B,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAEtF,OAAO,EAAE,0BAA0B,EAAE,gBAAgB,EAAE,CAAC;AAExD,MAAM,CAAC,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAErD,MAAM,UAAU,gBAAgB,CAAC,SAAiB;IAC9C,OAAO,wBAAwB,CAAC,SAAS,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,SAAiB;IAC1C,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC1F,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC;IAC/E,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,IAAI,MAAM,CAAC,CAAC;AACnD,CAAC"}

package/dist/runtime/bootstrap.d.ts

@@ -27,12 +27,15 @@ export interface CreatedVault {
     nickname?: string;
     /** The anchored storage provider for this vault. */
     storage: IStorageProvider;
+    /** Verifies whether a supplied password can unlock this vault. */
+    verifyPassword(password: string): Promise<boolean>;
 }
 export interface VaultObject {
     core: VaultCore;
     vault: VaultService;
     nickname?: string;
     storage: IStorageProvider;
+    verifyPassword(password: string): Promise<boolean>;
 }
 export interface RecoverVaultOptions extends Omit<CreatePersistentVaultCoreDependenciesOptions, "vaultWorkingKey" | "vaultId"> {
     vaultId: string;

package/dist/runtime/bootstrap.js

@@ -26,6 +26,15 @@ function resolveStorage(storageOrOptions, maybeOptions) {
         options: storageOrOptions,
     };
 }
+async function verifyVaultPassword(storage, vaultId, password) {
+    const normalizedPassword = password.trim();
+    if (!normalizedPassword) {
+        return false;
+    }
+    const vaultWorkingKey = deriveVaultWorkingKeyFromPassword(normalizedPassword, vaultId);
+    const profile = await readVaultProfile(storage, vaultWorkingKey, vaultId);
+    return profile !== null;
+}
 export async function createVault(storageOrOptions, maybeOptions) {
     const { storage: workspaceStorage, options } = resolveStorage(storageOrOptions, maybeOptions);
     const vaultId = options.vaultId ?? `vault_${crypto.randomUUID()}`;
@@ -49,6 +58,7 @@ export async function createVault(storageOrOptions, maybeOptions) {
         vault: wrapVaultCoreAsVaultService(core, options.vault),
         nickname,
         storage,
+        verifyPassword: async (password) => verifyVaultPassword(storage, vaultId, password),
     };
 }
 export async function recoverVault(storageOrOptions, maybeOptions) {
@@ -70,6 +80,7 @@ export async function recoverVault(storageOrOptions, maybeOptions) {
         vault: wrapVaultCoreAsVaultService(core, options.vault),
         nickname: profile.nickname,
         storage,
+        verifyPassword: async (password) => verifyVaultPassword(storage, options.vaultId, password),
     };
 }
 /**

package/dist/runtime/bootstrap.js.map

@@ -1 +1 @@
-{"version":3,"file":"bootstrap.js","sourceRoot":"","sources":["../../src/runtime/bootstrap.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EACL,qCAAqC,GAGtC,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,iCAAiC,EAAE,MAAM,uBAAuB,CAAC;AAC1E,OAAO,EACL,2BAA2B,GAG5B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAGrD,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAC1E,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAIhE,SAAS,kBAAkB,CAAC,OAAe;IACzC,OAAO,UAAU,OAAO,EAAE,CAAC;AAC7B,CAAC;AAkDD,SAAS,cAAc,CACrB,gBAAsF,EACtF,YAAuD;IAEvD,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,OAAO,GAAG,OAAO,gBAAgB,KAAK,QAAQ;YAClD,CAAC,CAAC,IAAI,iBAAiB,CAAC,gBAAgB,CAAC;YACzC,CAAC,CAAC,gBAAoC,CAAC;QACzC,OAAO;YACL,OAAO;YACP,OAAO,EAAE,YAAY;SACtB,CAAC;IACJ,CAAC;IACD,gEAAgE;IAChE,OAAO;QACL,OAAO,EAAE,sBAAsB,EAAE;QACjC,OAAO,EAAE,gBAA4D;KACtE,CAAC;AACJ,CAAC;AAwBD,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,gBAAgE,EAChE,YAAiC;IAEjC,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAAG,cAAc,CAAC,gBAAgB,EAAE,YAAY,CAG3F,CAAC;IACF,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,SAAS,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;IAClE,MAAM,OAAO,GAAG,qBAAqB,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC;IACrF,MAAM,eAAe,GAAG,iCAAiC,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAErF,MAAM,IAAI,GAAG,qCAAqC,CAAC,OAAO,EAAE;QAC1D,GAAG,OAAO;QACV,OAAO;QACP,eAAe;KAChB,CAAC,CAAC;IACH,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IAEnC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAEhF,uEAAuE;IACvE,MAAM,iBAAiB,CAAC,OAAO,EAAE;QAC/B,OAAO;QACP,QAAQ;QACR,GAAG,OAAO,CAAC,QAAQ;KACpB,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;IAG7B,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,2BAA2B,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC;QACvD,QAAQ;QACR,OAAO;KACR,CAAC;AACJ,CAAC;AAwBD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,gBAAiE,EACjE,YAAkC;IAElC,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAAG,cAAc,CAAC,gBAAgB,EAAE,YAAY,CAG3F,CAAC;IACF,MAAM,OAAO,GAAG,qBAAqB,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAC7F,MAAM,eAAe,GAAG,iCAAiC,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7F,MAAM,IAAI,GAAG,qCAAqC,CAAC,OAAO,EAAE;QAC1D,GAAG,OAAO;QACV,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,eAAe;KAChB,CAAC,CAAC;IACH,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,eAAe,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAClF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,2BAA2B,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC;QACvD,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,OAAO;KACR,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAyB;IACxD,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,KAAoC,EACpC,OAAgF;IAEhF,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;IACzC,MAAM,eAAe,GAAG,iCAAiC,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAErF,gDAAgD;IAChD,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,OAAO,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;IAEhF,MAAM,iBAAiB,CAAC,KAAK,CAAC,OAAO,EAAE;QACrC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,OAAO,EAAE,QAAQ;QAC/C,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC;KAC5B,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;AAC/B,CAAC"}
+{"version":3,"file":"bootstrap.js","sourceRoot":"","sources":["../../src/runtime/bootstrap.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EACL,qCAAqC,GAGtC,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,iCAAiC,EAAE,MAAM,uBAAuB,CAAC;AAC1E,OAAO,EACL,2BAA2B,GAG5B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAGrD,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAC1E,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAIhE,SAAS,kBAAkB,CAAC,OAAe;IACzC,OAAO,UAAU,OAAO,EAAE,CAAC;AAC7B,CAAC;AAqDD,SAAS,cAAc,CACrB,gBAAsF,EACtF,YAAuD;IAEvD,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,OAAO,GAAG,OAAO,gBAAgB,KAAK,QAAQ;YAClD,CAAC,CAAC,IAAI,iBAAiB,CAAC,gBAAgB,CAAC;YACzC,CAAC,CAAC,gBAAoC,CAAC;QACzC,OAAO;YACL,OAAO;YACP,OAAO,EAAE,YAAY;SACtB,CAAC;IACJ,CAAC;IACD,gEAAgE;IAChE,OAAO;QACL,OAAO,EAAE,sBAAsB,EAAE;QACjC,OAAO,EAAE,gBAA4D;KACtE,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,mBAAmB,CAAC,OAAyB,EAAE,OAAe,EAAE,QAAgB;IAC7F,MAAM,kBAAkB,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC3C,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,eAAe,GAAG,iCAAiC,CAAC,kBAAkB,EAAE,OAAO,CAAC,CAAC;IACvF,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;IAC1E,OAAO,OAAO,KAAK,IAAI,CAAC;AAC1B,CAAC;AAwBD,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,gBAAgE,EAChE,YAAiC;IAEjC,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAAG,cAAc,CAAC,gBAAgB,EAAE,YAAY,CAG3F,CAAC;IACF,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,SAAS,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;IAClE,MAAM,OAAO,GAAG,qBAAqB,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC;IACrF,MAAM,eAAe,GAAG,iCAAiC,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAErF,MAAM,IAAI,GAAG,qCAAqC,CAAC,OAAO,EAAE;QAC1D,GAAG,OAAO;QACV,OAAO;QACP,eAAe;KAChB,CAAC,CAAC;IACH,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IAEnC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAEhF,uEAAuE;IACvE,MAAM,iBAAiB,CAAC,OAAO,EAAE;QAC/B,OAAO;QACP,QAAQ;QACR,GAAG,OAAO,CAAC,QAAQ;KACpB,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;IAG7B,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,2BAA2B,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC;QACvD,QAAQ;QACR,OAAO;QACP,cAAc,EAAE,KAAK,EAAE,QAAgB,EAAE,EAAE,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC;KAC5F,CAAC;AACJ,CAAC;AAwBD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,gBAAiE,EACjE,YAAkC;IAElC,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAAG,cAAc,CAAC,gBAAgB,EAAE,YAAY,CAG3F,CAAC;IACF,MAAM,OAAO,GAAG,qBAAqB,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAC7F,MAAM,eAAe,GAAG,iCAAiC,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7F,MAAM,IAAI,GAAG,qCAAqC,CAAC,OAAO,EAAE;QAC1D,GAAG,OAAO;QACV,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,eAAe;KAChB,CAAC,CAAC;IACH,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,eAAe,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAClF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,2BAA2B,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC;QACvD,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,OAAO;QACP,cAAc,EAAE,KAAK,EAAE,QAAgB,EAAE,EAAE,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC;KACpG,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAyB;IACxD,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,KAAoC,EACpC,OAAgF;IAEhF,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;IACzC,MAAM,eAAe,GAAG,iCAAiC,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAErF,gDAAgD;IAChD,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,OAAO,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;IAEhF,MAAM,iBAAiB,CAAC,KAAK,CAAC,OAAO,EAAE;QACrC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,OAAO,EAAE,QAAQ;QAC/C,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC;KAC5B,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;AAC/B,CAAC"}

package/dist/runtime/identity.js

@@ -1,4 +1,5 @@
-import { derivePublicKey, generateIdentityKeys } from "../protocol/crypto.js";
+import { derivePublicKey } from "../protocol/crypto.js";
+import { createIdentity as createProtocolIdentity } from "../protocol/identity.js";
 import { deriveIdentityId } from "../protocol/identity.js";
 const ED25519_PKCS8_PREFIX = Buffer.from("302e020100300506032b657004220420", "hex");
 const ED25519_SEED_LENGTH = 32;
@@ -17,13 +18,10 @@ function encodeEd25519PrivateKey(seed) {
     return Buffer.concat([ED25519_PKCS8_PREFIX, seed]).toString("base64url");
 }
 function createRootIdentity(options = {}) {
-    const keyPair = generateIdentityKeys();
-    if (!keyPair.publicKey || !keyPair.privateKey) {
-        throw new Error("identity generation failed");
-    }
+    const keyPair = createProtocolIdentity();
     const nickname = normalizeNickname(options.nickname);
     return {
-        identityId: deriveIdentityId(keyPair.publicKey),
+        identityId: keyPair.identityId,
         nickname,
         publicKey: keyPair.publicKey,
         privateKey: keyPair.privateKey,

package/dist/runtime/identity.js.map

@@ -1 +1 @@
-{"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/runtime/identity.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AA6B3D,MAAM,oBAAoB,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;AACpF,MAAM,mBAAmB,GAAG,EAAE,CAAC;AAE/B,SAAS,iBAAiB,CAAC,QAAiB;IAC1C,OAAO,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED,SAAS,iBAAiB,CAAC,UAAkB;IAC3C,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IACjD,IACE,GAAG,CAAC,MAAM,KAAK,oBAAoB,CAAC,MAAM,GAAG,mBAAmB;QAChE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAC1E,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACpD,CAAC;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,uBAAuB,CAAC,IAAY;IAC3C,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC3E,CAAC;AAED,SAAS,kBAAkB,CAAC,UAAiC,EAAE;IAC7D,MAAM,OAAO,GAAG,oBAAoB,EAAE,CAAC;IACvC,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAChD,CAAC;IACD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACrD,OAAO;QACL,UAAU,EAAE,gBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC;QAC/C,QAAQ;QACR,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;KAC/B,CAAC;AACJ,CAAC;AAeD,MAAM,UAAU,cAAc,CAC5B,eAAuC;IAEvC,OAAO,kBAAkB,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC;AACnD,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,eAAe,CAAC,UAAkB,EAAE,UAAkC,EAAE;IACtF,MAAM,oBAAoB,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC;IAC/C,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,MAAM,SAAS,GAAG,eAAe,CAAC,oBAAoB,CAAC,CAAC;IACxD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACrD,OAAO;QACL,UAAU,EAAE,gBAAgB,CAAC,SAAS,CAAC;QACvC,QAAQ;QACR,SAAS;QACT,UAAU,EAAE,oBAAoB;KACjC,CAAC;AACJ,CAAC"}
+{"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/runtime/identity.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,cAAc,IAAI,sBAAsB,EAA0B,MAAM,yBAAyB,CAAC;AAC3G,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AA6B3D,MAAM,oBAAoB,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;AACpF,MAAM,mBAAmB,GAAG,EAAE,CAAC;AAE/B,SAAS,iBAAiB,CAAC,QAAiB;IAC1C,OAAO,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED,SAAS,iBAAiB,CAAC,UAAkB;IAC3C,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IACjD,IACE,GAAG,CAAC,MAAM,KAAK,oBAAoB,CAAC,MAAM,GAAG,mBAAmB;QAChE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAC1E,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACpD,CAAC;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,uBAAuB,CAAC,IAAY;IAC3C,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC3E,CAAC;AAED,SAAS,kBAAkB,CAAC,UAAiC,EAAE;IAC7D,MAAM,OAAO,GAAsB,sBAAsB,EAAE,CAAC;IAC5D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACrD,OAAO;QACL,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,QAAQ;QACR,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;KAC/B,CAAC;AACJ,CAAC;AAeD,MAAM,UAAU,cAAc,CAC5B,eAAuC;IAEvC,OAAO,kBAAkB,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC;AACnD,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,eAAe,CAAC,UAAkB,EAAE,UAAkC,EAAE;IACtF,MAAM,oBAAoB,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC;IAC/C,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,MAAM,SAAS,GAAG,eAAe,CAAC,oBAAoB,CAAC,CAAC;IACxD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACrD,OAAO;QACL,UAAU,EAAE,gBAAgB,CAAC,SAAS,CAAC;QACvC,QAAQ;QACR,SAAS;QACT,UAAU,EAAE,oBAAoB;KACjC,CAAC;AACJ,CAAC"}

package/dist/runtime/index.d.ts

@@ -13,7 +13,7 @@ export { readVaultProfile, writeVaultProfile, type VaultProfile, } from "./vault
 export { createWorkspaceStorage, getDefaultWorkspaceDir, } from "./workspace-storage.js";
 export { createVault, recoverVault, listVaults, updateVaultMetadata, type CreateVaultOptions, type CreatedVault, type RecoverVaultOptions, type RecoveredVault, type VaultObject, type VaultMetadata, } from "./bootstrap.js";
 export { createVaultCore, VaultCore, VaultCoreError, createVaultCoreDependencies, type VaultCoreDependenciesOptions, type DefaultPolicyEngineOptions, DefaultPolicyEngine, createPersistentVaultCoreDependencies, initializeVaultCustody, recoverVaultWorkingKey, DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY, type InitializeVaultCustodyOptions, type InitializedVaultCustody, type CreatePersistentVaultCoreDependenciesOptions, PersistentVaultAgentIdentityRegistry, PersistentVaultAuditLog, PersistentVaultCapabilityRegistry, PersistentVaultCapabilityRevocationRegistry, PersistentVaultCustomHttpFlowRegistry, PersistentVaultRateLimitStore, PersistentVaultReplayGuard, PersistentVaultSecretCustody, PersistentVaultSecretRepository, } from "../vault-core/index.js";
-export { createVaultClient, type VaultClient, type CreateVaultClientOptions, type VaultIdentity, type VaultSigner, type VaultAuditQueryInput, type OwnerDefineSecretTargetsInput, type VaultExportSecretInput, type VaultGrantCapabilityInput, type VaultRegisterFlowInput, type VaultImportAgentInput, type VaultCreateAgentInput, type OwnerAgentProvisionResult, type OwnerSecretTargetBinding, type OwnerStoreSecretInput, type OwnerWriteSecretInput, type VaultDeleteSecretInput, type VaultListAgentsInput, type VaultListCapabilitiesInput, type VaultListSecretsInput, type VaultRevokeCapabilityInput, type VaultSubmitCapabilityRequestInput, type VaultApproveCapabilityRequestInput, } from "../clients/owner/index.js";
+export { createVaultClient, type VaultClient, type CreateVaultClientOptions, type VaultIdentity, type VaultSigner, type VaultAuditQueryInput, type OwnerDefineSecretTargetsInput, type VaultExportSecretInput, type VaultReadSecretPlaintextInput, type VaultReadAgentPrivateKeyInput, type OwnerSensitiveActionConfirmation, type OwnerSensitiveActionContext, type VaultGrantCapabilityInput, type VaultRegisterFlowInput, type VaultImportAgentInput, type VaultCreateAgentInput, type OwnerAgentProvisionResult, type OwnerSecretTargetBinding, type OwnerStoreSecretInput, type OwnerWriteSecretInput, type VaultDeleteSecretInput, type VaultListAgentsInput, type VaultListCapabilitiesInput, type VaultListSecretsInput, type VaultRevokeCapabilityInput, type VaultSubmitCapabilityRequestInput, type VaultApproveCapabilityRequestInput, } from "../clients/owner/index.js";
 export { createAgentClient, type AgentClient, type CreateAgentClientOptions, type AgentIdentity, type AgentCapabilityEnvelope, type AgentDispatchIntent, type AgentDispatchTransport, type AgentSigner, type AgentSubmitCapabilityRequestInput, type AgentVisibleSecretRecord, } from "../clients/agent/index.js";
 export { createVaultService, wrapVaultCoreAsVaultService, createOwnerHttpFlowBoundary, createStandardAcquireBoundary, createStandardDispatchBoundary, AgentDispatchHttpTransport, handleVaultHttpDispatch, handleVaultAgentControlHttp, } from "../vault-ingress/index.js";
 export { LocalVaultTransport } from "../vault-ingress/defaults.js";

package/dist/runtime/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/runtime/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,WAAW,EAAe,iCAAiC,EAAE,MAAM,uBAAuB,CAAC;AACrH,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAE3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EACL,cAAc,EACd,eAAe,GAIhB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,gBAAgB,EAChB,iBAAiB,GAElB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,sBAAsB,EACtB,sBAAsB,GACvB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,WAAW,EACX,YAAY,EACZ,UAAU,EACV,mBAAmB,GAOpB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,eAAe,EACf,SAAS,EACT,cAAc,EACd,2BAA2B,EAG3B,mBAAmB,EACnB,qCAAqC,EACrC,sBAAsB,EACtB,sBAAsB,EACtB,kCAAkC,EAIlC,oCAAoC,EACpC,uBAAuB,EACvB,iCAAiC,EACjC,2CAA2C,EAC3C,qCAAqC,EACrC,6BAA6B,EAC7B,0BAA0B,EAC1B,4BAA4B,EAC5B,+BAA+B,GAChC,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,iBAAiB,GAuBlB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EACL,iBAAiB,GAUlB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EACL,kBAAkB,EAClB,2BAA2B,EAC3B,2BAA2B,EAC3B,6BAA6B,EAC7B,8BAA8B,EAC9B,0BAA0B,EAC1B,uBAAuB,EACvB,2BAA2B,GAC5B,MAAM,2BAA2B,CAAC;AACnC;;;GAGG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/runtime/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,WAAW,EAAe,iCAAiC,EAAE,MAAM,uBAAuB,CAAC;AACrH,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAE3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EACL,cAAc,EACd,eAAe,GAIhB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,gBAAgB,EAChB,iBAAiB,GAElB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,sBAAsB,EACtB,sBAAsB,GACvB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,WAAW,EACX,YAAY,EACZ,UAAU,EACV,mBAAmB,GAOpB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,eAAe,EACf,SAAS,EACT,cAAc,EACd,2BAA2B,EAG3B,mBAAmB,EACnB,qCAAqC,EACrC,sBAAsB,EACtB,sBAAsB,EACtB,kCAAkC,EAIlC,oCAAoC,EACpC,uBAAuB,EACvB,iCAAiC,EACjC,2CAA2C,EAC3C,qCAAqC,EACrC,6BAA6B,EAC7B,0BAA0B,EAC1B,4BAA4B,EAC5B,+BAA+B,GAChC,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,iBAAiB,GA2BlB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EACL,iBAAiB,GAUlB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EACL,kBAAkB,EAClB,2BAA2B,EAC3B,2BAA2B,EAC3B,6BAA6B,EAC7B,8BAA8B,EAC9B,0BAA0B,EAC1B,uBAAuB,EACvB,2BAA2B,GAC5B,MAAM,2BAA2B,CAAC;AACnC;;;GAGG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC"}

package/docs/REFERENCE.md

@@ -12,7 +12,7 @@ The v1.48.4 runtime centers on a simplified, authority-centric model with manage
 - `recoverVault(...)` - Reopen an existing vault using its master password.
 - `listVaults(...)` - Scan the workspace for available vault IDs.
 - `updateVaultMetadata(...)` - Update the nickname or other metadata of an unlocked vault.
-- `createVaultClient(...)` - Create an administrative client for an unlocked vault.
+- `createVaultClient(...)` - Create an administrative client for an unlocked vault. For plaintext secret reads, configure `passwordVerifier`.
 - `createAgentClient(...)` - Create a delegated client for an agent.
 - `createIdentity(...)` - Generate a standalone cryptographic identity keypair.
 - `restoreIdentity(...)` - Restore an identity from a private key.
@@ -50,11 +50,11 @@ The `VaultClient` provides the administrative interface for the vault.
 - `ownerWriteSecret(...)`: Store a secret and bind it to specific targets in one step.
 - `ownerCreateAgent(...)`: Generate and host a new agent identity, then return its public record plus a session token.
 - `ownerImportAgent(...)`: Import an existing private key into vault custody, then return its public record plus a session token.
-- `ownerListAgents()`: Enumerate authorized agents and retrieve managed private keys.
-- `ownerGrantCapability(...)`: Assign specific secret-use permissions to an agent. 
+- `ownerListAgents()`: Enumerate authorized agents. Private keys are redacted from the default list response.
+- `ownerGrantCapability(...)`: Assign specific secret-use permissions to an agent. Capability IDs are generated internally.
 - `ownerSubmitCapabilityRequest(...)`: Submit a broader pending capability request for later owner review.
 - `ownerListPendingCapabilityRequests()`: List proactive capability requests that are waiting for approval.
-- `ownerApproveCapabilityRequest({ requestId, capabilityId })`: Turn a pending capability request into a real stored capability.
+- `ownerApproveCapabilityRequest({ requestId })`: Turn a pending capability request into a real stored capability. Capability IDs are generated internally.
 - `ownerRejectCapabilityRequest(requestId)`: Deny a pending capability request.
 - `ownerOnPendingCapabilityRequest(callback)`: Register a real-time observer to receive proactive capability requests.
 - `ownerListPendingDispatches()`: List agent requests awaiting manual approval (HITL).
@@ -64,7 +64,9 @@ The `VaultClient` provides the administrative interface for the vault.
 - `ownerIssueSessionToken(input)`: Issue a session token for a specific agent.
 - `ownerIssueAllSessionTokens()`: Batch-issue session tokens for ALL registered agents (Automatic during `createVaultClient` warmup).
 - `ownerRevokeSessionToken({ token })`: Invalidate a specific session token.
-- `ownerExportSecret(...)`: Reveal a secret's plaintext (requires active authority).
+- `ownerReadSecretPlaintext({ alias, password })`: Read one secret's plaintext after re-entering the vault password.
+- `ownerExportSecret({ alias, password })`: Export a secret's full plaintext record after re-entering the vault password.
+- `ownerReadAgentPrivateKey({ agentId, password })`: Read one managed agent private key after re-entering the vault password.
 - `ownerReadAudit(...)`: Access the append-only record of all vault actions.
 
 ## Agent Client (Consumer)

package/docs/api/README.md

@@ -1,8 +1,8 @@
-**CBIO Node Runtime Agent API v1.50.0**
+**CBIO Node Runtime Agent API v1.51.0**
 
 ***
 
-# CBIO Node Runtime Agent API v1.50.0
+# CBIO Node Runtime Agent API v1.51.0
 
 ## Enumerations
 
@@ -36,6 +36,8 @@
 - [OwnerAgentProvisionResult](interfaces/OwnerAgentProvisionResult.md)
 - [OwnerDefineSecretTargetsInput](interfaces/OwnerDefineSecretTargetsInput.md)
 - [OwnerSecretTargetBinding](interfaces/OwnerSecretTargetBinding.md)
+- [OwnerSensitiveActionConfirmation](interfaces/OwnerSensitiveActionConfirmation.md)
+- [OwnerSensitiveActionContext](interfaces/OwnerSensitiveActionContext.md)
 - [OwnerStoreSecretInput](interfaces/OwnerStoreSecretInput.md)
 - [OwnerWriteSecretInput](interfaces/OwnerWriteSecretInput.md)
 - [RecoveredVault](interfaces/RecoveredVault.md)
@@ -58,6 +60,8 @@
 - [VaultMetadata](interfaces/VaultMetadata.md)
 - [VaultObject](interfaces/VaultObject.md)
 - [VaultProfile](interfaces/VaultProfile.md)
+- [VaultReadAgentPrivateKeyInput](interfaces/VaultReadAgentPrivateKeyInput.md)
+- [VaultReadSecretPlaintextInput](interfaces/VaultReadSecretPlaintextInput.md)
 - [VaultRegisterFlowInput](interfaces/VaultRegisterFlowInput.md)
 - [VaultRevokeCapabilityInput](interfaces/VaultRevokeCapabilityInput.md)
 - [VaultSigner](interfaces/VaultSigner.md)