npm - @the-ai-company/cbio-node-runtime - Versions diffs - 1.63.6 → 1.63.8 - Mend

@the-ai-company/cbio-node-runtime 1.63.6 → 1.63.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (189) hide show

package/README.md +2 -2
package/dist/clients/agent/client.d.ts +2 -2
package/dist/clients/agent/client.js +46 -49
package/dist/clients/agent/client.js.map +1 -1
package/dist/clients/agent/contracts.d.ts +5 -5
package/dist/clients/owner/client.js +169 -176
package/dist/clients/owner/client.js.map +1 -1
package/dist/clients/owner/contracts.d.ts +45 -48
package/dist/protocol/childSecretNaming.d.ts +1 -1
package/dist/protocol/childSecretNaming.js +2 -2
package/dist/protocol/childSecretNaming.js.map +1 -1
package/dist/protocol/crypto.d.ts +4 -4
package/dist/protocol/crypto.js +14 -14
package/dist/protocol/crypto.js.map +1 -1
package/dist/protocol/identity.d.ts +2 -2
package/dist/protocol/identity.js +4 -4
package/dist/protocol/identity.js.map +1 -1
package/dist/public-types.d.ts +1 -1
package/dist/public-types.js +1 -1
package/dist/public-types.js.map +1 -1
package/dist/runtime/bootstrap.d.ts +6 -6
package/dist/runtime/bootstrap.js +26 -26
package/dist/runtime/bootstrap.js.map +1 -1
package/dist/runtime/identity.d.ts +6 -6
package/dist/runtime/identity.js +14 -12
package/dist/runtime/identity.js.map +1 -1
package/dist/runtime/index.d.ts +1 -1
package/dist/runtime/index.js +1 -1
package/dist/runtime/index.js.map +1 -1
package/dist/runtime/owner-session.d.ts +1 -5
package/dist/runtime/owner-session.js +4 -5
package/dist/runtime/owner-session.js.map +1 -1
package/dist/runtime/vault-metadata.d.ts +2 -2
package/dist/runtime/vault-metadata.js +2 -2
package/dist/runtime/vault-metadata.js.map +1 -1
package/dist/vault-core/contracts.d.ts +235 -238
package/dist/vault-core/contracts.js +25 -34
package/dist/vault-core/contracts.js.map +1 -1
package/dist/vault-core/core.d.ts +41 -41
package/dist/vault-core/core.js +257 -255
package/dist/vault-core/core.js.map +1 -1
package/dist/vault-core/defaults.d.ts +25 -25
package/dist/vault-core/defaults.js +95 -95
package/dist/vault-core/defaults.js.map +1 -1
package/dist/vault-core/index.d.ts +2 -2
package/dist/vault-core/index.js +2 -2
package/dist/vault-core/index.js.map +1 -1
package/dist/vault-core/persistence.d.ts +19 -19
package/dist/vault-core/persistence.js +78 -66
package/dist/vault-core/persistence.js.map +1 -1
package/dist/vault-core/ports.d.ts +23 -23
package/dist/vault-core/tool-metadata.js +6 -6
package/dist/vault-core/tool-metadata.js.map +1 -1
package/dist/vault-ingress/defaults.d.ts +2 -2
package/dist/vault-ingress/defaults.js +10 -10
package/dist/vault-ingress/defaults.js.map +1 -1
package/dist/vault-ingress/index.d.ts +46 -46
package/dist/vault-ingress/index.js +34 -34
package/dist/vault-ingress/index.js.map +1 -1
package/dist/vault-ingress/remote-transport.d.ts +2 -2
package/dist/vault-ingress/remote-transport.js +27 -27
package/dist/vault-ingress/remote-transport.js.map +1 -1
package/docs/ARCHITECTURE.md +1 -1
package/docs/CUSTODY_MODEL.md +3 -3
package/docs/IDENTITY_MODEL.md +4 -4
package/docs/REFERENCE.md +1 -1
package/docs/api/README.md +3 -4
package/docs/api/classes/IdentityError.md +1 -1
package/docs/api/classes/OwnerClientError.md +1 -1
package/docs/api/classes/PersistentVaultAgentIdentityRegistry.md +6 -6
package/docs/api/classes/PersistentVaultAgentSecretGrantRegistry.md +12 -12
package/docs/api/classes/PersistentVaultAuditLog.md +1 -1
package/docs/api/classes/PersistentVaultSecretCustody.md +7 -7
package/docs/api/classes/PersistentVaultSecretDestinationGrantRegistry.md +12 -12
package/docs/api/classes/PersistentVaultSecretRepository.md +7 -7
package/docs/api/classes/VaultCore.md +53 -53
package/docs/api/classes/VaultCoreError.md +1 -1
package/docs/api/enumerations/AuditOperation.md +137 -0
package/docs/api/enumerations/DispatchStatus.md +1 -1
package/docs/api/enumerations/IdentityErrorCode.md +1 -1
package/docs/api/enumerations/OwnerClientErrorCode.md +1 -1
package/docs/api/functions/createAgentClient.md +1 -1
package/docs/api/functions/createIdentity.md +2 -2
package/docs/api/functions/createOwnerClient.md +1 -1
package/docs/api/functions/createOwnerSession.md +1 -1
package/docs/api/functions/createPersistentVaultCoreDependencies.md +3 -3
package/docs/api/functions/createVault.md +1 -1
package/docs/api/functions/createVaultCore.md +1 -1
package/docs/api/functions/createVaultCoreDependencies.md +1 -1
package/docs/api/functions/createVaultService.md +1 -1
package/docs/api/functions/createWorkspaceStorage.md +1 -1
package/docs/api/functions/deriveRootAgentId.md +3 -3
package/docs/api/functions/deriveVaultWorkingKeyFromPassword.md +4 -4
package/docs/api/functions/getDefaultWorkspaceDir.md +1 -1
package/docs/api/functions/handleVaultAgentControlHttp.md +1 -1
package/docs/api/functions/handleVaultHttpDispatch.md +1 -1
package/docs/api/functions/initializeVaultCustody.md +1 -1
package/docs/api/functions/listVaults.md +1 -1
package/docs/api/functions/readVaultProfile.md +3 -3
package/docs/api/functions/recoverVault.md +4 -4
package/docs/api/functions/recoverVaultWorkingKey.md +1 -1
package/docs/api/functions/restoreIdentity.md +3 -3
package/docs/api/functions/updateVaultMetadata.md +1 -1
package/docs/api/functions/writeVaultProfile.md +3 -3
package/docs/api/interfaces/AgentClient.md +3 -3
package/docs/api/interfaces/AgentDispatchIntent.md +7 -7
package/docs/api/interfaces/AgentDispatchTransport.md +1 -1
package/docs/api/interfaces/AgentIdentity.md +3 -3
package/docs/api/interfaces/AgentIdentityRecord.md +11 -11
package/docs/api/interfaces/AgentRequestResult.md +9 -9
package/docs/api/interfaces/AgentRuntimeManifest.md +13 -13
package/docs/api/interfaces/AgentSecretGrant.md +11 -11
package/docs/api/interfaces/AgentSigner.md +1 -1
package/docs/api/interfaces/AgentVisibleRequestRecord.md +13 -13
package/docs/api/interfaces/AgentVisibleSecretRecord.md +13 -13
package/docs/api/interfaces/AuditEntry.md +45 -25
package/docs/api/interfaces/CbioRuntime.md +10 -10
package/docs/api/interfaces/CreateAgentClientOptions.md +1 -1
package/docs/api/interfaces/CreateIdentityOptions.md +1 -1
package/docs/api/interfaces/CreateOwnerClientOptions.md +3 -13
package/docs/api/interfaces/CreateOwnerSessionOptions.md +4 -10
package/docs/api/interfaces/CreatePersistentVaultCoreDependenciesOptions.md +3 -3
package/docs/api/interfaces/CreateVaultOptions.md +2 -2
package/docs/api/interfaces/CreatedVault.md +1 -1
package/docs/api/interfaces/DefaultPolicyEngineOptions.md +9 -9
package/docs/api/interfaces/DispatchAuthorization.md +11 -11
package/docs/api/interfaces/DispatchInstruction.md +9 -9
package/docs/api/interfaces/DispatchRequest.md +11 -11
package/docs/api/interfaces/DispatchResult.md +11 -11
package/docs/api/interfaces/IStorageProvider.md +1 -1
package/docs/api/interfaces/InitializeVaultCustodyOptions.md +1 -1
package/docs/api/interfaces/InitializedVaultCustody.md +1 -1
package/docs/api/interfaces/OwnerAgentProvisionResult.md +3 -3
package/docs/api/interfaces/OwnerClient.md +5 -5
package/docs/api/interfaces/OwnerCreateSecretInput.md +3 -3
package/docs/api/interfaces/OwnerRemoveSecretInput.md +3 -3
package/docs/api/interfaces/OwnerRequestRecord.md +19 -19
package/docs/api/interfaces/OwnerSensitiveActionConfirmation.md +1 -1
package/docs/api/interfaces/OwnerSensitiveActionContext.md +1 -1
package/docs/api/interfaces/OwnerSession.md +3 -3
package/docs/api/interfaces/OwnerUpdateSecretInput.md +3 -3
package/docs/api/interfaces/OwnerVisibleRequestRecord.md +21 -21
package/docs/api/interfaces/RecoverVaultOptions.md +4 -4
package/docs/api/interfaces/RecoveredVault.md +1 -1
package/docs/api/interfaces/RequestRecord.md +19 -19
package/docs/api/interfaces/RestoreIdentityOptions.md +1 -1
package/docs/api/interfaces/SecretAlias.md +1 -1
package/docs/api/interfaces/SecretDestinationGrant.md +11 -11
package/docs/api/interfaces/SecretId.md +1 -1
package/docs/api/interfaces/SecretRecord.md +13 -13
package/docs/api/interfaces/Signer.md +1 -1
package/docs/api/interfaces/VaultApproveDispatchInput.md +5 -5
package/docs/api/interfaces/VaultAuditQueryInput.md +7 -7
package/docs/api/interfaces/VaultCoreDependenciesOptions.md +5 -5
package/docs/api/interfaces/VaultCreateAgentInput.md +3 -3
package/docs/api/interfaces/VaultExportSecretInput.md +3 -3
package/docs/api/interfaces/VaultGetRequestInput.md +5 -5
package/docs/api/interfaces/VaultGrantAgentSecretInput.md +7 -7
package/docs/api/interfaces/VaultGrantSecretDestinationInput.md +7 -7
package/docs/api/interfaces/VaultId.md +1 -1
package/docs/api/interfaces/VaultImportAgentInput.md +5 -5
package/docs/api/interfaces/VaultIssueSessionTokenInput.md +5 -5
package/docs/api/interfaces/VaultListAgentsInput.md +3 -3
package/docs/api/interfaces/VaultListGrantsInput.md +7 -7
package/docs/api/interfaces/VaultListRequestsInput.md +5 -5
package/docs/api/interfaces/VaultListSecretsInput.md +3 -3
package/docs/api/interfaces/VaultMetadata.md +1 -1
package/docs/api/interfaces/VaultObject.md +1 -1
package/docs/api/interfaces/VaultPrincipal.md +1 -1
package/docs/api/interfaces/VaultProfile.md +1 -1
package/docs/api/interfaces/VaultReadAgentPrivateKeyInput.md +5 -5
package/docs/api/interfaces/VaultReadSecretPlaintextInput.md +3 -3
package/docs/api/interfaces/VaultRevokeAgentSecretInput.md +7 -7
package/docs/api/interfaces/VaultRevokeSecretDestinationInput.md +7 -7
package/docs/api/interfaces/VaultRevokeSessionTokenInput.md +1 -1
package/docs/api/interfaces/VaultService.md +8 -8
package/docs/api/interfaces/VaultUpdateAgentInput.md +5 -5
package/docs/api/type-aliases/AgentId.md +1 -1
package/docs/api/type-aliases/CbioRuntimeModule.md +1 -1
package/docs/api/type-aliases/DispatchApprovalDecision.md +1 -1
package/docs/api/type-aliases/GrantStatus.md +1 -1
package/docs/api/type-aliases/SecretLifecycleStatus.md +1 -1
package/docs/api/type-aliases/VaultPrincipalKind.md +1 -1
package/docs/api/variables/DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY.md +1 -1
package/docs/zh/README.md +1 -1
package/examples/process-isolation.ts +21 -21
package/package.json +2 -2
package/docs/api/enumerations/AuditAction.md +0 -143
package/docs/api/enumerations/AuditOutcome.md +0 -35

package/dist/vault-core/contracts.d.ts CHANGED Viewed

@@ -18,17 +18,17 @@ export interface SecretVersion {
 }
 export type SecretLifecycleStatus = "ACTIVE" | "SUPERSEDED" | "REMOVED";
 export interface SecretRecord {
-    vaultId: VaultId;
-    secretId: SecretId;
+    vault_id: VaultId;
+    secret_id: SecretId;
     alias: SecretAlias;
     version: SecretVersion;
-    lifecycleStatus: SecretLifecycleStatus;
+    lifecycle_status: SecretLifecycleStatus;
     previousSecretId?: SecretId;
     supersededBySecretId?: SecretId;
-    issuerId: string | null;
+    issuer_id: string | null;
     source: SecretSource;
-    createdAt: string;
-    updatedAt: string;
+    created_at: string;
+    updated_at: string;
     supersededAt?: string;
     removedAt?: string;
     retiredAt?: string;
@@ -37,57 +37,57 @@ export type SecretSource = {
     kind: "manual";
 } | {
     kind: "request";
-    requestId: string;
+    request_id: string;
 };
 export interface SecretSourceInput {
     kind: "manual" | "request";
-    requestId?: string;
+    request_id?: string;
 }
 export type GrantStatus = "pending" | "approved";
 export interface AgentSecretGrant {
-    vaultId: VaultId;
-    rootAgentId: string;
-    secretAlias: string;
+    vault_id: VaultId;
+    root_agent_id: string;
+    secret_alias: string;
     status: GrantStatus;
-    requestedAt: string;
-    grantedAt?: string;
+    requested_at: string;
+    granted_at?: string;
 }
 export interface SecretDestinationGrant {
-    vaultId: VaultId;
-    secretAlias: string;
-    siteId: string;
+    vault_id: VaultId;
+    secret_alias: string;
+    site_id: string;
     status: GrantStatus;
-    requestedAt: string;
-    grantedAt?: string;
+    requested_at: string;
+    granted_at?: string;
 }
 export type DispatchApprovalDecision = "allow_once" | "allow_and_grant" | "deny";
 export interface OwnerCreateSecretCommand {
     kind: "owner.create_secret";
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     owner: VaultPrincipal & {
         kind: "owner";
     };
     alias: string;
     plaintext: string;
     source?: SecretSourceInput;
-    requestedAt: string;
+    requested_at: string;
 }
 export interface OwnerUpdateSecretCommand {
     kind: "owner.update_secret";
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     owner: VaultPrincipal & {
         kind: "owner";
     };
     alias: string;
     plaintext: string;
     source?: SecretSourceInput;
-    requestedAt: string;
+    requested_at: string;
 }
 export interface IssuerWriteSecretCommand {
     kind: "issuer.write_secret";
-    vaultId: VaultId;
+    vault_id: VaultId;
     issuer: VaultPrincipal & {
         kind: "trusted_issuer";
     };
@@ -95,145 +95,145 @@ export interface IssuerWriteSecretCommand {
     plaintext: string;
     issuerSiteId: string;
     source?: SecretSourceInput;
-    requestedAt: string;
+    requested_at: string;
 }
 export interface OwnerDeleteSecretCommand {
     kind: "owner.remove_secret";
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     owner: VaultPrincipal & {
         kind: "owner";
     };
     alias: string;
-    requestedAt: string;
+    requested_at: string;
 }
 export type VaultWriteSecretCommand = OwnerCreateSecretCommand | OwnerUpdateSecretCommand | IssuerWriteSecretCommand;
 export interface OwnerRegisterAgentIdentityCommand {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     owner: VaultPrincipal & {
         kind: "owner";
     };
     agentRecord: AgentIdentityRecord;
-    requestedAt: string;
+    requested_at: string;
 }
 export interface OwnerUpdateAgentIdentityCommand {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     owner: VaultPrincipal & {
         kind: "owner";
     };
-    rootAgentId: string;
+    root_agent_id: string;
     nickname?: string;
     metadata?: Record<string, any>;
-    requestedAt: string;
+    requested_at: string;
 }
 export interface OwnerGrantAgentSecretCommand {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    rootAgentId: string;
-    secretAlias: string;
-    requestedAt: string;
+    root_agent_id: string;
+    secret_alias: string;
+    requested_at: string;
 }
 export interface OwnerGrantSecretDestinationCommand {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    secretAlias: string;
-    siteId: string;
-    requestedAt: string;
+    secret_alias: string;
+    site_id: string;
+    requested_at: string;
 }
 export interface OwnerRevokeAgentSecretCommand {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    rootAgentId: string;
-    secretAlias: string;
-    requestedAt: string;
+    root_agent_id: string;
+    secret_alias: string;
+    requested_at: string;
 }
 export interface OwnerRevokeSecretDestinationCommand {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    secretAlias: string;
-    siteId: string;
-    requestedAt: string;
+    secret_alias: string;
+    site_id: string;
+    requested_at: string;
 }
 export interface AgentProof {
-    rootAgentId: string;
-    requestId: string;
-    requestedAt: string;
+    root_agent_id: string;
+    request_id: string;
+    requested_at: string;
     signature?: string;
     token?: string;
 }
 export interface AgentVisibleSecretRecord {
-    vaultId: VaultId;
-    secretId: SecretId;
+    vault_id: VaultId;
+    secret_id: SecretId;
     alias: SecretAlias;
     version: SecretVersion;
-    lifecycleStatus: SecretLifecycleStatus;
-    issuerId: string | null;
+    lifecycle_status: SecretLifecycleStatus;
+    issuer_id: string | null;
     source: SecretSource;
-    createdAt: string;
-    updatedAt: string;
+    created_at: string;
+    updated_at: string;
     granted: boolean;
 }
 export interface AgentGetRuntimeManifestRequest {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     agent: VaultPrincipal & {
         kind: "agent";
     };
     proof: AgentProof;
-    requestedAt: string;
+    requested_at: string;
 }
 export interface AgentGetRuntimeManifestCommand {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     agent: VaultPrincipal & {
         kind: "agent";
     };
-    requestedAt: string;
+    requested_at: string;
 }
 export interface AgentSelfContext {
-    rootAgentId: string;
-    publicKey: string;
+    root_agent_id: string;
+    public_key: string;
     nickname?: string;
     metadata?: Record<string, any>;
 }
 export interface AgentRuntimeManifest {
-    rootAgentId: string;
-    vaultId: string;
-    vaultNickname?: string;
-    issuedAt: string;
+    root_agent_id: string;
+    vault_id: string;
+    vault_nickname?: string;
+    issued_at: string;
     agent: AgentSelfContext;
     grants: {
-        agentSecrets: readonly AgentSecretGrant[];
-        secretDestinations: readonly SecretDestinationGrant[];
+        agent_secrets: readonly AgentSecretGrant[];
+        secret_destinations: readonly SecretDestinationGrant[];
     };
     tools: readonly VaultToolDefinition[];
 }
 export interface RequestRecord {
-    vaultId: VaultId;
-    requestId: string;
-    rootAgentId: string;
+    vault_id: VaultId;
+    request_id: string;
+    root_agent_id: string;
     reason: string;
-    createdAt: string;
+    created_at: string;
     request: {
-        targetUrl: string;
+        target_url: string;
         method: string;
         headers?: Record<string, string>;
         body?: string;
-        secretAlias?: string;
+        secret_alias?: string;
     };
     response?: {
         status?: number;
@@ -244,47 +244,47 @@ export interface RequestRecord {
     execution: {
         status: DispatchStatus;
     };
-    missingGrants?: {
-        agentSecret?: boolean;
-        secretDestination?: boolean;
+    missing_grants?: {
+        agent_secret?: boolean;
+        secret_destination?: boolean;
     };
 }
 export interface AgentVisibleRequestRecord {
-    requestId: string;
-    createdAt: string;
+    request_id: string;
+    created_at: string;
     reason: string;
-    targetUrl: string;
-    executionStatus: DispatchStatus;
-    responseStatus?: number;
+    target_url: string;
+    execution_status: DispatchStatus;
+    response_status?: number;
     error?: string;
-    hasResponseBody: boolean;
+    has_response_body: boolean;
 }
 export interface OwnerVisibleRequestRecord {
-    requestId: string;
-    createdAt: string;
-    rootAgentId: string;
+    request_id: string;
+    created_at: string;
+    root_agent_id: string;
     reason: string;
-    targetUrl: string;
-    executionStatus: DispatchStatus;
-    responseStatus?: number;
+    target_url: string;
+    execution_status: DispatchStatus;
+    response_status?: number;
     error?: string;
-    hasResponseBody: boolean;
-    missingGrants?: {
-        agentSecret?: boolean;
-        secretDestination?: boolean;
+    has_response_body: boolean;
+    missing_grants?: {
+        agent_secret?: boolean;
+        secret_destination?: boolean;
     };
 }
 export interface OwnerRequestRecord {
-    requestId: string;
-    createdAt: string;
-    rootAgentId: string;
+    request_id: string;
+    created_at: string;
+    root_agent_id: string;
     reason: string;
     request: {
-        targetUrl: string;
+        target_url: string;
         method: string;
         headers?: Record<string, string>;
         body?: string;
-        secretAlias?: string;
+        secret_alias?: string;
     };
     response?: {
         status?: number;
@@ -292,10 +292,10 @@ export interface OwnerRequestRecord {
         body?: string;
         error?: string;
     };
-    executionStatus: DispatchStatus;
-    missingGrants?: {
-        agentSecret?: boolean;
-        secretDestination?: boolean;
+    execution_status: DispatchStatus;
+    missing_grants?: {
+        agent_secret?: boolean;
+        secret_destination?: boolean;
     };
 }
 export interface VaultToolDefinition {
@@ -304,80 +304,80 @@ export interface VaultToolDefinition {
     parameters: Record<string, any>;
 }
 export interface AgentListGrantsRequest {
-    vaultId: VaultId;
-    requestId: string;
-    requestedAt: string;
+    vault_id: VaultId;
+    request_id: string;
+    requested_at: string;
     agent: VaultPrincipal & {
         kind: "agent";
     };
     proof: AgentProof;
 }
 export interface AgentListSecretsRequest {
-    vaultId: VaultId;
-    requestId: string;
-    requestedAt: string;
+    vault_id: VaultId;
+    request_id: string;
+    requested_at: string;
     agent: VaultPrincipal & {
         kind: "agent";
     };
     proof: AgentProof;
 }
 export interface AgentListRequestsRequest {
-    vaultId: VaultId;
-    requestId: string;
-    requestedAt: string;
+    vault_id: VaultId;
+    request_id: string;
+    requested_at: string;
     agent: VaultPrincipal & {
         kind: "agent";
     };
     proof: AgentProof;
 }
 export interface AgentGetRequestRequest {
-    vaultId: VaultId;
-    requestId: string;
-    requestedAt: string;
+    vault_id: VaultId;
+    request_id: string;
+    requested_at: string;
     agent: VaultPrincipal & {
         kind: "agent";
     };
     proof: AgentProof;
-    targetRequestId: string;
+    target_request_id: string;
 }
 export interface OwnerListRequestsRequest {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    rootAgentId?: string;
-    requestedAt: string;
+    root_agent_id?: string;
+    requested_at: string;
 }
 export interface OwnerGetRequestRequest {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    targetRequestId: string;
-    requestedAt: string;
+    target_request_id: string;
+    requested_at: string;
 }
 export interface OwnerApproveDispatchCommand {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
     decision: DispatchApprovalDecision;
-    requestedAt: string;
+    requested_at: string;
 }
 export interface DispatchRequest {
-    vaultId: VaultId;
-    requestId: string;
-    requestedAt: string;
+    vault_id: VaultId;
+    request_id: string;
+    requested_at: string;
     agent: VaultPrincipal & {
         kind: "agent";
     };
     proof: AgentProof;
-    secretAlias?: string;
+    secret_alias?: string;
     reason: string;
-    targetUrl: string;
+    target_url: string;
     method: string;
     headers?: Record<string, string>;
     body?: string;
@@ -385,20 +385,20 @@ export interface DispatchRequest {
 }
 export type DispatchDecision = "allow" | "deny" | "pending";
 export interface DispatchAuthorization {
-    vaultId: VaultId;
+    vault_id: VaultId;
     decision: DispatchDecision;
     reason: string | null;
-    secretId: SecretId | null;
-    missingGrants?: {
-        agentSecret?: boolean;
-        secretDestination?: boolean;
+    secret_id: SecretId | null;
+    missing_grants?: {
+        agent_secret?: boolean;
+        secret_destination?: boolean;
     };
 }
 export interface DispatchInstruction {
-    vaultId: VaultId;
-    requestId: string;
-    secretId: SecretId;
-    targetUrl: string;
+    vault_id: VaultId;
+    request_id: string;
+    secret_id: SecretId;
+    target_url: string;
     method: string;
     headers?: Record<string, string>;
     body?: string;
@@ -411,146 +411,143 @@ export declare enum DispatchStatus {
     STALLED = "STALLED"
 }
 export interface DispatchResult {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     status: DispatchStatus;
-    targetUrl: string;
+    target_url: string;
     method: string;
-    responseStatus?: number;
-    responseBody?: string;
+    response_status?: number;
+    response_body?: string;
     error?: string;
 }
 export interface AgentRequestResult {
-    requestId: string;
-    executionStatus: DispatchStatus;
-    responseStatus?: number;
-    responseBody?: string;
+    request_id: string;
+    execution_status: DispatchStatus;
+    response_status?: number;
+    response_body?: string;
     error?: string;
 }
 export interface AuditQuery {
-    vaultId: VaultId;
-    actorId?: string;
-    secretAlias?: string;
-    requestId?: string;
+    vault_id: string;
+    actor_id?: string;
+    secret_alias?: string;
+    request_id?: string;
     since?: string;
 }
-export declare enum AuditAction {
-    REGISTER_AGENT_IDENTITY = "REGISTER_AGENT_IDENTITY",
-    UPDATE_AGENT_IDENTITY = "UPDATE_AGENT_IDENTITY",
-    GRANT_AGENT_SECRET = "GRANT_AGENT_SECRET",
-    GRANT_SECRET_DESTINATION = "GRANT_SECRET_DESTINATION",
-    REVOKE_AGENT_SECRET = "REVOKE_AGENT_SECRET",
-    REVOKE_SECRET_DESTINATION = "REVOKE_SECRET_DESTINATION",
-    WRITE_SECRET = "WRITE_SECRET",
-    EXPORT_SECRET = "EXPORT_SECRET",
-    REASSIGN_ALIAS = "REASSIGN_ALIAS",
-    DELETE_SECRET = "DELETE_SECRET",
-    EVALUATE_DISPATCH_POLICY = "EVALUATE_DISPATCH_POLICY",
-    DISPATCH_SECRET = "DISPATCH_SECRET",
-    LIST_AGENTS = "LIST_AGENTS",
-    LIST_GRANTS = "LIST_GRANTS",
-    LIST_REQUESTS = "LIST_REQUESTS",
-    READ_REQUEST = "READ_REQUEST",
-    READ_AUDIT = "READ_AUDIT",
-    LIST_SECRETS = "LIST_SECRETS",
-    ISSUE_SESSION_TOKEN = "ISSUE_SESSION_TOKEN",
-    REVOKE_SESSION_TOKEN = "REVOKE_SESSION_TOKEN",
-    APPROVE_DISPATCH = "APPROVE_DISPATCH",
-    REJECT_DISPATCH = "REJECT_DISPATCH",
-    PENDING_DISPATCH_APPROVAL = "PENDING_DISPATCH_APPROVAL"
-}
-export declare enum AuditOutcome {
-    ALLOWED = "ALLOWED",
-    DENIED = "DENIED",
-    SUCCEEDED = "SUCCEEDED",
-    FAILED = "FAILED",
-    PENDING = "PENDING"
+export declare enum AuditOperation {
+    IDENTITY_REGISTER = "identity.register",
+    IDENTITY_UPDATE = "identity.update",
+    IDENTITY_ISSUE_TOKEN = "identity.issue_token",
+    IDENTITY_REVOKE_TOKEN = "identity.revoke_token",
+    GRANT_SECRET = "grant.grant_secret",
+    GRANT_DESTINATION = "grant.grant_destination",
+    REVOKE_SECRET = "grant.revoke_secret",
+    REVOKE_DESTINATION = "grant.revoke_destination",
+    SECRET_WRITE = "secret.write",
+    SECRET_EXPORT = "secret.export",
+    SECRET_DELETE = "secret.delete",
+    POLICY_EVALUATE = "policy.evaluate_dispatch",
+    SECRET_DISPATCH = "secret.dispatch",
+    DISPATCH_APPROVE = "dispatch.approve",
+    DISPATCH_REJECT = "dispatch.reject",
+    DISPATCH_HOLD = "dispatch.pending_approval",
+    MANAGEMENT_LIST_AGENTS = "management.list_agents",
+    MANAGEMENT_LIST_GRANTS = "management.list_grants",
+    MANAGEMENT_LIST_REQUESTS = "management.list_requests",
+    MANAGEMENT_READ_REQUEST = "management.read_request",
+    MANAGEMENT_READ_AUDIT = "management.read_audit",
+    MANAGEMENT_LIST_SECRETS = "management.list_secrets"
 }
 export interface AuditEntry {
-    entryId: string;
-    occurredAt: string;
-    vaultId: VaultId;
+    event_id: string;
+    ts: string;
+    vault_id: string;
     actor: VaultPrincipal;
-    action: AuditAction;
-    requestId?: string;
-    targetUrl?: string;
-    secretAlias?: string;
-    secretId?: string;
-    rootAgentId?: string;
-    siteId?: string;
-    outcome: AuditOutcome;
+    operation: AuditOperation;
+    decision: "allowed" | "denied";
+    execution_status: "not_executed" | "succeeded" | "failed";
+    request_id?: string;
+    secret_alias?: string;
+    secret_id?: string;
+    root_agent_id?: string;
+    site_id?: string;
+    target?: {
+        kind: "http" | "other";
+        url: string;
+    };
     detail: string;
+    error_code?: string | null;
 }
 export interface AgentIdentityRecord {
-    vaultId: VaultId;
-    rootAgentId: string;
-    publicKey: string;
-    privateKey?: string;
+    vault_id: VaultId;
+    root_agent_id: string;
+    public_key: string;
+    private_key?: string;
     metadata?: Record<string, any>;
     nickname?: string;
-    sessionTokens?: readonly StoredSessionToken[];
+    session_tokens?: readonly StoredSessionToken[];
 }
 export interface StoredSessionToken {
     token: string;
-    rootAgentId: string;
-    issuedAt: string;
-    expiresAt?: string;
+    root_agent_id: string;
+    issued_at: string;
+    expires_at?: string;
 }
 export interface OwnerAuditRequest {
-    vaultId: VaultId;
+    vault_id: VaultId;
     actor: VaultPrincipal & {
         kind: "owner";
     };
     query: AuditQuery;
-    requestId: string;
-    requestedAt: string;
+    request_id: string;
+    requested_at: string;
 }
 export interface OwnerExportSecretRequest {
-    vaultId: VaultId;
+    vault_id: VaultId;
     actor: VaultPrincipal & {
         kind: "owner";
     };
     alias: string;
-    requestId: string;
-    requestedAt: string;
+    request_id: string;
+    requested_at: string;
 }
 export interface OwnerSecretExport {
-    vaultId: VaultId;
-    secretId: SecretId;
+    vault_id: VaultId;
+    secret_id: SecretId;
     alias: SecretAlias;
     plaintext: string;
-    exportedAt: string;
+    exported_at: string;
 }
 export interface OwnerListAgentsRequest {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    requestedAt: string;
+    requested_at: string;
 }
 export interface OwnerListGrantsRequest {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    rootAgentId?: string;
-    secretAlias?: string;
-    siteId?: string;
-    requestedAt: string;
+    root_agent_id?: string;
+    secret_alias?: string;
+    site_id?: string;
+    requested_at: string;
 }
 export interface OwnerIssueSessionTokenRequest {
-    vaultId: VaultId;
-    requestId: string;
+    vault_id: VaultId;
+    request_id: string;
     actor: VaultPrincipal & {
         kind: "owner";
     };
-    rootAgentId: string;
-    requestedAt: string;
+    root_agent_id: string;
+    requested_at: string;
 }
 export interface OwnerSessionToken {
     token: string;
-    rootAgentId: string;
-    issuedAt: string;
+    root_agent_id: string;
+    issued_at: string;
 }