@the-ai-company/cbio-node-runtime 1.63.3 → 1.63.6

package/dist/vault-core/core.d.ts

@@ -1,91 +1,148 @@
-import type { AgentListCapabilitiesRequest, AgentListSecretsRequest, AgentListRequestsRequest, AgentGetRequestRequest, AgentRequestResult, AgentGetRuntimeManifestRequest, AgentRuntimeManifest, AgentSubmitCapabilityRequestCommand, AgentVisibleRequestRecord, OwnerVisibleRequestRecord, OwnerRequestRecord, AgentVisibleSecretRecord, AuditEntry, AuditQuery, CustomHttpFlowDefinition, DispatchAuthorization, DispatchRequest, DispatchResult, OwnerAllowAlwaysCommand, OwnerAllowOnceCommand, OwnerIssueSessionTokenRequest, OwnerDenyCommand, OwnerCreateSecretCommand, OwnerDeleteSecretCommand, OwnerExportSecretRequest, OwnerRegisterAgentIdentityCommand, OwnerUpdateAgentIdentityCommand, OwnerRegisterCapabilityCommand, OwnerRegisterCustomHttpFlowCommand, OwnerRevokeCapabilityCommand, OwnerListAgentsRequest, OwnerListCapabilitiesRequest, OwnerListRequestsRequest, OwnerGetRequestRequest, OwnerListCapabilityStatesRequest, OwnerSecretExport, OwnerSessionToken, SecretRecord, SubmitCapabilityRequestCommand, VaultId, VaultPrincipal, VaultWriteSecretCommand, AgentIdentityRecord, AgentCapability, CapabilityStateRecord } from "./contracts.js";
+import { type AgentIdentityRecord, type AgentRuntimeManifest, type AgentVisibleRequestRecord, type AgentVisibleSecretRecord, type AuditEntry, type AuditQuery, type DispatchAuthorization, type DispatchRequest, type DispatchResult, type OwnerRequestRecord, type OwnerVisibleRequestRecord, type RequestRecord, type SecretRecord, type VaultId, type VaultPrincipal, type AgentSecretGrant, type SecretDestinationGrant, type DispatchApprovalDecision, type OwnerCreateSecretCommand, type OwnerUpdateSecretCommand, type OwnerSecretExport } from "./contracts.js";
 import type { VaultCoreDependencies } from "./ports.js";
-/**
- * The Sovereign Vault Core.
- * This is the primary implementation of the Vault logic.
- */
 export declare class VaultCore {
     private readonly _deps;
-    private readonly _capabilityStateObservers;
-    constructor(_deps: VaultCoreDependencies);
-    private _assertOwnerPrincipal;
-    private _stateToGrantedCapability;
-    private _buildAgentCapabilityStates;
-    private _isExecutablePendingState;
-    private _resolveRequestState;
-    private _executePendingCapabilityState;
+    constructor(deps: VaultCoreDependencies);
     get vaultId(): VaultId;
+    private _assertOwnerPrincipal;
     private _appendAudit;
-    private _appendDecisionAudit;
     private _verifyAgentControlProof;
-    private _listVisibleSecretsForAgent;
-    private _recordRequestExecution;
-    private toVisibleRequestRecord;
-    private toOwnerVisibleRequestRecord;
-    private toOwnerRequestRecord;
-    ownerOnCapabilityState(callback: (record: CapabilityStateRecord) => void): () => void;
-    ownerRegisterAgentIdentity(command: OwnerRegisterAgentIdentityCommand): Promise<void>;
-    ownerUpdateAgentIdentity(command: OwnerUpdateAgentIdentityCommand): Promise<AgentIdentityRecord>;
-    ownerRegisterCapability(command: OwnerRegisterCapabilityCommand): Promise<void>;
-    ownerSubmitCapabilityRequest(command: SubmitCapabilityRequestCommand): Promise<CapabilityStateRecord>;
-    _getCapability(vaultId: import("./contracts.js").VaultId, agentId: string, capabilityId: string): Promise<AgentCapability | null>;
-    ownerRegisterCustomFlow(command: OwnerRegisterCustomHttpFlowCommand): Promise<void>;
-    _storeCustomFlowSecret(flow: CustomHttpFlowDefinition, alias: string, plaintext: string): Promise<SecretRecord>;
-    private _getActiveSecretByAlias;
-    private _persistNewSecretRecord;
-    ownerCreateSecret(command: OwnerCreateSecretCommand): Promise<SecretRecord>;
-    ownerUpdateSecret(command: import("./contracts.js").OwnerUpdateSecretCommand): Promise<SecretRecord>;
-    ownerWriteSecret(command: VaultWriteSecretCommand): Promise<SecretRecord>;
-    ownerRemoveSecret(command: OwnerDeleteSecretCommand): Promise<void>;
-    ownerDeleteSecret(command: OwnerDeleteSecretCommand): Promise<void>;
+    ownerGrantAgentSecret(actor: VaultPrincipal & {
+        kind: "owner";
+    }, rootAgentId: string, secretAlias: string, request?: {
+        requestId?: string;
+    }): Promise<AgentSecretGrant>;
+    ownerGrantSecretDestination(actor: VaultPrincipal & {
+        kind: "owner";
+    }, secretAlias: string, siteId: string, request?: {
+        requestId?: string;
+    }): Promise<SecretDestinationGrant>;
+    ownerRevokeAgentSecret(actor: VaultPrincipal & {
+        kind: "owner";
+    }, rootAgentId: string, secretAlias: string, request?: {
+        requestId?: string;
+    }): Promise<void>;
+    ownerRevokeSecretDestination(actor: VaultPrincipal & {
+        kind: "owner";
+    }, secretAlias: string, siteId: string, request?: {
+        requestId?: string;
+    }): Promise<void>;
+    ownerListGrants(actor: VaultPrincipal & {
+        kind: "owner";
+    }, rootAgentId?: string, secretAlias?: string): Promise<{
+        agentSecrets: readonly AgentSecretGrant[];
+        secretDestinations: readonly SecretDestinationGrant[];
+    }>;
     agentAuthorizeDispatch(request: DispatchRequest): Promise<DispatchAuthorization>;
     agentDispatchSecret(request: DispatchRequest): Promise<DispatchResult>;
+    ownerApproveDispatch(actor: VaultPrincipal & {
+        kind: "owner";
+    }, requestId: string, decision: DispatchApprovalDecision): Promise<DispatchResult | null>;
+    agentGetRuntimeManifest(command: {
+        agent: VaultPrincipal & {
+            kind: "agent";
+        };
+        proof: any;
+        requestId: string;
+        requestedAt: string;
+    }): Promise<AgentRuntimeManifest>;
+    agentListSecrets(command: {
+        agent: VaultPrincipal & {
+            kind: "agent";
+        };
+        proof: any;
+        requestId: string;
+        requestedAt: string;
+    }): Promise<readonly AgentVisibleSecretRecord[]>;
+    agentListRequests(command: {
+        agent: VaultPrincipal & {
+            kind: "agent";
+        };
+        proof: any;
+        requestId: string;
+        requestedAt: string;
+    }): Promise<readonly AgentVisibleRequestRecord[]>;
+    agentGetRequest(command: {
+        agent: VaultPrincipal & {
+            kind: "agent";
+        };
+        proof: any;
+        requestId: string;
+        requestedAt: string;
+        targetRequestId: string;
+    }): Promise<any>;
+    ownerRegisterAgentIdentity(command: {
+        vaultId: VaultId;
+        requestId: string;
+        owner: VaultPrincipal;
+        agentRecord: AgentIdentityRecord;
+        requestedAt: string;
+    }): Promise<void>;
+    ownerUpdateAgentIdentity(command: {
+        vaultId: VaultId;
+        requestId: string;
+        owner: VaultPrincipal;
+        rootAgentId: string;
+        nickname?: string;
+        metadata?: Record<string, any>;
+        requestedAt: string;
+    }): Promise<AgentIdentityRecord>;
+    ownerCreateSecret(command: OwnerCreateSecretCommand): Promise<SecretRecord>;
+    ownerUpdateSecret(command: OwnerUpdateSecretCommand): Promise<SecretRecord>;
+    ownerRemoveSecret(command: {
+        kind: "owner.remove_secret";
+        vaultId: VaultId;
+        requestId: string;
+        owner: VaultPrincipal;
+        alias: string;
+        requestedAt: string;
+    }): Promise<void>;
+    ownerWriteSecret(command: any): Promise<SecretRecord>;
     ownerReadAudit(actor: VaultPrincipal & {
         kind: "owner";
-    }, query: AuditQuery, request?: Omit<import("./contracts.js").OwnerAuditRequest, "actor" | "query" | "vaultId">): Promise<readonly AuditEntry[]>;
+    }, query: AuditQuery): Promise<readonly AuditEntry[]>;
     ownerExportSecret(actor: VaultPrincipal & {
         kind: "owner";
-    }, alias: string, request?: Omit<OwnerExportSecretRequest, "actor" | "alias" | "vaultId">): Promise<OwnerSecretExport>;
-    private isCapabilityMatch;
+    }, alias: string): Promise<OwnerSecretExport>;
     ownerListAgents(actor: VaultPrincipal & {
         kind: "owner";
-    }, request?: Omit<OwnerListAgentsRequest, "actor" | "vaultId">): Promise<readonly AgentIdentityRecord[]>;
-    ownerListCapabilities(actor: VaultPrincipal & {
-        kind: "owner";
-    }, agentId?: string, request?: Omit<OwnerListCapabilitiesRequest, "actor" | "agentId" | "vaultId">): Promise<readonly AgentCapability[]>;
+    }): Promise<readonly AgentIdentityRecord[]>;
     ownerListRequests(actor: VaultPrincipal & {
         kind: "owner";
-    }, agentId?: string, request?: Omit<OwnerListRequestsRequest, "actor" | "agentId" | "vaultId">): Promise<readonly OwnerVisibleRequestRecord[]>;
+    }, rootAgentId?: string): Promise<readonly OwnerVisibleRequestRecord[]>;
     ownerGetRequest(actor: VaultPrincipal & {
         kind: "owner";
-    }, targetRequestId: string, request?: Omit<OwnerGetRequestRequest, "actor" | "targetRequestId" | "vaultId">): Promise<OwnerRequestRecord>;
+    }, requestId: string): Promise<OwnerRequestRecord>;
     ownerListSecrets(actor: VaultPrincipal & {
         kind: "owner";
-    }, request?: {
-        requestId?: string;
     }): Promise<readonly AgentVisibleSecretRecord[]>;
-    agentListCapabilities(request: AgentListCapabilitiesRequest): Promise<readonly import("./contracts.js").AgentCapabilityState[]>;
-    agentListSecrets(request: AgentListSecretsRequest): Promise<readonly AgentVisibleSecretRecord[]>;
-    agentListRequests(request: AgentListRequestsRequest): Promise<readonly AgentVisibleRequestRecord[]>;
-    agentGetRequest(request: AgentGetRequestRequest): Promise<AgentRequestResult>;
-    agentGetRuntimeManifest(command: AgentGetRuntimeManifestRequest): Promise<AgentRuntimeManifest>;
-    agentSubmitCapabilityRequest(command: AgentSubmitCapabilityRequestCommand): Promise<CapabilityStateRecord>;
-    ownerRevokeCapability(command: OwnerRevokeCapabilityCommand): Promise<void>;
-    ownerIssueSessionToken(request: OwnerIssueSessionTokenRequest): Promise<OwnerSessionToken>;
+    ownerIssueSessionToken(request: {
+        vaultId: VaultId;
+        actor: VaultPrincipal;
+        rootAgentId: string;
+    }): Promise<{
+        token: string;
+        rootAgentId: string;
+        issuedAt: string;
+    }>;
     ownerIssueAllAgentSessionTokens(actor: VaultPrincipal & {
         kind: "owner";
-    }): Promise<OwnerSessionToken[]>;
+    }): Promise<{
+        token: string;
+        rootAgentId: string;
+        issuedAt: string;
+    }[]>;
     ownerRevokeSessionToken(request: {
         vaultId: VaultId;
-        actor: VaultPrincipal & {
-            kind: "owner";
-        };
+        actor: VaultPrincipal;
         token: string;
     }): Promise<void>;
-    ownerListCapabilityStates(command: OwnerListCapabilityStatesRequest): Promise<readonly CapabilityStateRecord[]>;
-    ownerApproveCapabilityRead(command: import("./contracts.js").OwnerApproveCapabilityReadCommand): Promise<CapabilityStateRecord>;
-    ownerAllowOnce(command: OwnerAllowOnceCommand): Promise<DispatchResult>;
-    ownerAllowAlways(command: OwnerAllowAlwaysCommand): Promise<DispatchResult>;
-    ownerDeny(command: OwnerDenyCommand): Promise<CapabilityStateRecord>;
+    private readonly _requestObservers;
+    ownerOnPendingDispatch(callback: (record: RequestRecord) => void): () => void;
+    ownerOnGrantState(callback: (record: any) => void): () => void;
+    private _recordRequestInternal;
+    private toAgentVisibleRequestRecord;
+    private toOwnerVisibleRequestRecord;
+    private toOwnerRequestRecord;
 }
 export declare function createVaultCore(deps: VaultCoreDependencies): VaultCore;