@tinycloud/node-sdk 2.2.0-beta.8 → 2.2.0

package/dist/core.cjs

@@ -1,7 +1,9 @@
 "use strict";
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -15,6 +17,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // src/core.ts
@@ -27,6 +37,7 @@ __export(core_exports, {
   CapabilityKeyRegistryErrorCodes: () => import_sdk_core15.CapabilityKeyRegistryErrorCodes,
   DEFAULT_MANIFEST_SPACE: () => import_sdk_core9.DEFAULT_MANIFEST_SPACE,
   DEFAULT_MANIFEST_VERSION: () => import_sdk_core9.DEFAULT_MANIFEST_VERSION,
+  DEFAULT_SIGNED_READ_URL_EXPIRY_MS: () => import_sdk_core10.DEFAULT_SIGNED_READ_URL_EXPIRY_MS,
   DataVaultService: () => import_sdk_core13.DataVaultService,
   DatabaseHandle: () => import_sdk_core11.DatabaseHandle,
   DelegatedAccess: () => DelegatedAccess,
@@ -43,6 +54,7 @@ __export(core_exports, {
   PermissionNotInManifestError: () => import_sdk_core9.PermissionNotInManifestError,
   PrefixedKVService: () => import_sdk_core10.PrefixedKVService,
   ProtocolMismatchError: () => import_sdk_core17.ProtocolMismatchError,
+  SECRET_NAME_RE: () => import_sdk_core13.SECRET_NAME_RE,
   SQLAction: () => import_sdk_core11.SQLAction,
   SQLService: () => import_sdk_core11.SQLService,
   SecretsService: () => import_sdk_core13.SecretsService,
@@ -56,11 +68,13 @@ __export(core_exports, {
   TinyCloud: () => import_sdk_core7.TinyCloud,
   TinyCloudNode: () => TinyCloudNode,
   UnsupportedFeatureError: () => import_sdk_core17.UnsupportedFeatureError,
+  VAULT_PERMISSION_SERVICE: () => import_sdk_core9.VAULT_PERMISSION_SERVICE,
   VaultHeaders: () => import_sdk_core13.VaultHeaders,
   VaultPublicSpaceKVActions: () => import_sdk_core13.VaultPublicSpaceKVActions,
   VersionCheckError: () => import_sdk_core17.VersionCheckError,
   WasmKeyProvider: () => WasmKeyProvider,
   buildSpaceUri: () => import_sdk_core16.buildSpaceUri,
+  canonicalizeSecretScope: () => import_sdk_core13.canonicalizeSecretScope,
   checkNodeInfo: () => import_sdk_core17.checkNodeInfo,
   composeManifestRequest: () => import_sdk_core9.composeManifestRequest,
   createCapabilityKeyRegistry: () => import_sdk_core15.createCapabilityKeyRegistry,
@@ -72,12 +86,16 @@ __export(core_exports, {
   defaultSpaceCreationHandler: () => import_sdk_core8.defaultSpaceCreationHandler,
   deserializeDelegation: () => deserializeDelegation,
   expandActionShortNames: () => import_sdk_core9.expandActionShortNames,
+  expandPermissionEntries: () => import_sdk_core9.expandPermissionEntries,
+  expandPermissionEntry: () => import_sdk_core9.expandPermissionEntry,
   isCapabilitySubset: () => import_sdk_core9.isCapabilitySubset,
   loadManifest: () => import_sdk_core9.loadManifest,
   makePublicSpaceId: () => import_sdk_core16.makePublicSpaceId,
   parseExpiry: () => import_sdk_core9.parseExpiry,
   parseSpaceUri: () => import_sdk_core16.parseSpaceUri,
   resolveManifest: () => import_sdk_core9.resolveManifest,
+  resolveSecretListPrefix: () => import_sdk_core13.resolveSecretListPrefix,
+  resolveSecretPath: () => import_sdk_core13.resolveSecretPath,
   resourceCapabilitiesToSpaceAbilitiesMap: () => import_sdk_core9.resourceCapabilitiesToSpaceAbilitiesMap,
   serializeDelegation: () => serializeDelegation,
   validateManifest: () => import_sdk_core9.validateManifest
@@ -337,7 +355,7 @@ var NodeUserAuthorization = class {
         ]
       }
     };
-    this.sessionExpirationMs = config.sessionExpirationMs ?? 60 * 60 * 1e3;
+    this.sessionExpirationMs = config.sessionExpirationMs ?? import_sdk_core2.EXPIRY.SESSION_MS;
     this.autoCreateSpace = config.autoCreateSpace ?? false;
     this.spaceCreationHandler = config.spaceCreationHandler;
     this.tinycloudHosts = config.tinycloudHosts;
@@ -390,6 +408,23 @@ var NodeUserAuthorization = class {
   get tinyCloudSession() {
     return this._tinyCloudSession;
   }
+  /**
+   * Rehydrate the auth-layer session from previously-persisted delegation
+   * data. Used by {@link TinyCloudNode.restoreSession} so that downstream
+   * surfaces that read from `tinyCloudSession` (notably
+   * `grantRuntimePermissions`, which extracts the SIWE expiry from it) work
+   * without re-running the full sign-in flow.
+   *
+   * Caller must supply the same fields that `signIn` would have written —
+   * `siwe` is the load-bearing one because `extractSiweExpiration` returns
+   * undefined for missing SIWEs and the SDK then treats the session as
+   * expired-at-epoch-zero.
+   */
+  setRestoredTinyCloudSession(session) {
+    this._tinyCloudSession = session;
+    this._address = session.address;
+    this._chainId = session.chainId;
+  }
   async resolveTinyCloudHostsForSignIn(address, chainId) {
     if (this.tinycloudHosts && this.tinycloudHosts.length > 0) {
       return;
@@ -460,21 +495,64 @@ var NodeUserAuthorization = class {
     }
     return this.wasm.makeSpaceId(address, chainId, space);
   }
+  defaultEncryptionNetworkId(address, chainId) {
+    return `urn:tinycloud:encryption:did:pkh:eip155:${chainId}:${address}:default`;
+  }
   resolveSignInCapabilities(address, chainId) {
     const request = this.getCapabilityRequest();
     if (request === void 0) {
+      const defaultNetworkId = this.defaultEncryptionNetworkId(address, chainId);
+      const secretsSpaceId = this.wasm.makeSpaceId(address, chainId, "secrets");
       return {
         abilities: this.defaultActions,
-        spaceId: this.wasm.makeSpaceId(address, chainId, this.spacePrefix)
+        spaceId: this.wasm.makeSpaceId(address, chainId, this.spacePrefix),
+        spaceAbilities: {
+          [secretsSpaceId]: {
+            kv: {
+              "vault/secrets/": [
+                "tinycloud.kv/get",
+                "tinycloud.kv/put",
+                "tinycloud.kv/del",
+                "tinycloud.kv/list",
+                "tinycloud.kv/metadata"
+              ]
+            }
+          }
+        },
+        rawAbilities: {
+          [defaultNetworkId]: [
+            "tinycloud.encryption/decrypt",
+            "tinycloud.encryption/network.create"
+          ]
+        }
       };
     }
-    const primarySpaceName = request.resources.find((entry) => entry.space !== "account")?.space ?? import_sdk_core2.DEFAULT_MANIFEST_SPACE;
+    const rawAbilities = {};
+    const spaceResources = request.resources.filter((entry) => {
+      if (entry.service !== import_sdk_core2.ENCRYPTION_PERMISSION_SERVICE) {
+        return true;
+      }
+      const existing = rawAbilities[entry.path];
+      if (existing === void 0) {
+        rawAbilities[entry.path] = [...entry.actions];
+      } else {
+        const seen = new Set(existing);
+        for (const action of entry.actions) {
+          if (!seen.has(action)) {
+            existing.push(action);
+            seen.add(action);
+          }
+        }
+      }
+      return false;
+    });
+    const primarySpaceName = spaceResources.find((entry) => entry.space !== "account")?.space ?? import_sdk_core2.DEFAULT_MANIFEST_SPACE;
     const primarySpaceId = this.resolveSpaceName(
       primarySpaceName,
       address,
       chainId
     );
-    const bySpace = (0, import_sdk_core2.resourceCapabilitiesToSpaceAbilitiesMap)(request.resources);
+    const bySpace = (0, import_sdk_core2.resourceCapabilitiesToSpaceAbilitiesMap)(spaceResources);
     const spaceAbilities = {};
     for (const [space, abilities] of Object.entries(bySpace)) {
       spaceAbilities[this.resolveSpaceName(space, address, chainId)] = abilities;
@@ -482,7 +560,8 @@ var NodeUserAuthorization = class {
     return {
       abilities: spaceAbilities[primarySpaceId] ?? (0, import_sdk_core2.resourceCapabilitiesToAbilitiesMap)([]),
       spaceId: primarySpaceId,
-      spaceAbilities
+      spaceAbilities,
+      rawAbilities: Object.keys(rawAbilities).length > 0 ? rawAbilities : void 0
     };
   }
   /**
@@ -707,6 +786,7 @@ var NodeUserAuthorization = class {
     const prepared = this.wasm.prepareSession({
       abilities: capabilityPlan.abilities,
       ...capabilityPlan.spaceAbilities !== void 0 ? { spaceAbilities: capabilityPlan.spaceAbilities } : {},
+      ...capabilityPlan.rawAbilities !== void 0 ? { rawAbilities: capabilityPlan.rawAbilities } : {},
       address,
       chainId,
       domain: this.domain,
@@ -852,6 +932,7 @@ var NodeUserAuthorization = class {
     const prepared = this.wasm.prepareSession({
       abilities: capabilityPlan.abilities,
       ...capabilityPlan.spaceAbilities !== void 0 ? { spaceAbilities: capabilityPlan.spaceAbilities } : {},
+      ...capabilityPlan.rawAbilities !== void 0 ? { rawAbilities: capabilityPlan.rawAbilities } : {},
       address,
       chainId,
       domain: this.domain,
@@ -1225,9 +1306,10 @@ function legacyParamsToPermissionEntries(actions, path, spaceIdOverride) {
   }
   return entries;
 }
+var DEFAULT_DELEGATION_EXPIRY_MS = import_sdk_core4.EXPIRY.SESSION_MS;
 function resolveExpiryMs(expiry) {
   if (expiry === void 0) {
-    return 60 * 60 * 1e3;
+    return DEFAULT_DELEGATION_EXPIRY_MS;
   }
   if (typeof expiry === "number") {
     if (!Number.isFinite(expiry) || expiry <= 0) {
@@ -1255,8 +1337,6 @@ function extractSiweExpiration(siwe) {
 
 // src/NodeSecretsService.ts
 var import_sdk_core5 = require("@tinycloud/sdk-core");
-var SECRET_NAME_RE = /^[A-Z][A-Z0-9_]*$/;
-var SECRET_PREFIX = "secrets/";
 var SECRETS_SPACE = "secrets";
 function ok() {
   return { ok: true, data: void 0 };
@@ -1272,32 +1352,40 @@ function secretsError(code, message, cause) {
     }
   };
 }
-function actionUrn(action) {
-  return `tinycloud.kv/${action}`;
+function displayActionUrn(action) {
+  switch (action) {
+    case "get":
+      return "tinycloud.kv/get";
+    case "put":
+      return "tinycloud.kv/put";
+    case "del":
+      return "tinycloud.kv/del";
+    case "list":
+      return "tinycloud.kv/list";
+  }
 }
-function secretResourcePath(base, name) {
-  return `${base}/${SECRET_PREFIX}${name}`;
+function secretActionName(action) {
+  return action;
 }
-function secretPermissionEntries(name, action) {
-  return [
-    {
-      service: "tinycloud.kv",
-      space: SECRETS_SPACE,
-      path: secretResourcePath("keys", name),
-      actions: [action],
-      skipPrefix: true
-    },
-    {
-      service: "tinycloud.kv",
-      space: SECRETS_SPACE,
-      path: secretResourcePath("vault", name),
-      actions: [action],
+function secretPermissionEntries(name, options, action, encryptionNetworkId) {
+  const entries = [];
+  const path = action === "list" ? (0, import_sdk_core5.resolveSecretListPrefix)(options) : (0, import_sdk_core5.resolveSecretPath)(name, options).permissionPaths.vault;
+  entries.push({
+    service: "tinycloud.kv",
+    space: SECRETS_SPACE,
+    path,
+    actions: [secretActionName(action)],
+    skipPrefix: true
+  });
+  if (action === "get" && encryptionNetworkId !== void 0) {
+    entries.push({
+      service: "tinycloud.encryption",
+      path: encryptionNetworkId,
+      actions: ["decrypt"],
       skipPrefix: true
-    }
-  ];
-}
-function isSecretsSpace(space) {
-  return space === SECRETS_SPACE || space.endsWith(`:${SECRETS_SPACE}`);
+    });
+  }
+  return entries;
 }
 var NodeSecretsService = class {
   constructor(config) {
@@ -1325,48 +1413,62 @@ var NodeSecretsService = class {
     this.shouldRestoreUnlock = false;
     this.service.lock();
   }
-  get(name) {
-    return this.service.get(name);
+  async get(name, options) {
+    const permission = await this.ensurePermission(name, options, "get");
+    if (!permission.ok) return permission;
+    return options === void 0 ? this.service.get(name) : this.service.get(name, options);
   }
-  async put(name, value) {
-    const permission = await this.ensureMutationPermission(name, "put");
+  async put(name, value, options) {
+    const permission = await this.ensurePermission(name, options, "put");
     if (!permission.ok) return permission;
-    return this.service.put(name, value);
+    return options === void 0 ? this.service.put(name, value) : this.service.put(name, value, options);
   }
-  async delete(name) {
-    const permission = await this.ensureMutationPermission(name, "del");
+  async delete(name, options) {
+    const permission = await this.ensurePermission(name, options, "del");
     if (!permission.ok) return permission;
-    return this.service.delete(name);
+    return options === void 0 ? this.service.delete(name) : this.service.delete(name, options);
   }
-  list() {
-    return this.service.list();
+  async list(options) {
+    const permission = await this.ensurePermission("", options, "list");
+    if (!permission.ok) return permission;
+    return options === void 0 ? this.service.list() : this.service.list(options);
   }
   get service() {
     return this.config.getService();
   }
-  async ensureMutationPermission(name, action) {
-    if (!SECRET_NAME_RE.test(name)) {
+  async ensurePermission(name, options, action) {
+    const target = name || "secrets";
+    let permissionEntries;
+    try {
+      permissionEntries = secretPermissionEntries(
+        name,
+        options,
+        action,
+        action === "get" ? this.config.getEncryptionNetworkId?.() : void 0
+      );
+    } catch (error) {
       return secretsError(
         import_sdk_core5.ErrorCodes.INVALID_INPUT,
-        `Invalid secret name ${JSON.stringify(name)}. Secret names must match ${SECRET_NAME_RE.source}.`
+        error instanceof Error ? error.message : String(error),
+        error instanceof Error ? error : void 0
       );
     }
-    if (this.hasMutationPermission(name, action)) {
+    if (this.hasPermission(permissionEntries)) {
       return ok();
     }
     if (!this.config.canEscalate()) {
       return secretsError(
         import_sdk_core5.ErrorCodes.PERMISSION_DENIED,
-        `Cannot autosign ${actionUrn(action)} for ${name}; TinyCloudNode needs wallet mode with a signer or privateKey.`
+        `Cannot autosign ${displayActionUrn(action)} for ${target}; TinyCloudNode needs wallet mode with a signer or privateKey.`
       );
     }
     try {
-      await this.config.grantPermissions(secretPermissionEntries(name, action));
+      await this.config.grantPermissions(permissionEntries);
       return this.restoreUnlockAfterEscalation();
     } catch (error) {
       return secretsError(
         import_sdk_core5.ErrorCodes.PERMISSION_DENIED,
-        error instanceof Error ? error.message : `Autosign escalation for ${actionUrn(action)} on ${name} failed.`,
+        error instanceof Error ? error.message : `Autosign escalation for ${displayActionUrn(action)} on ${target} failed.`,
         error instanceof Error ? error : void 0
       );
     }
@@ -1377,26 +1479,117 @@ var NodeSecretsService = class {
     }
     return this.service.unlock(this.unlockSigner);
   }
-  hasMutationPermission(name, action) {
+  hasPermission(permissionEntries) {
+    if (this.config.hasPermissions?.(permissionEntries)) {
+      return true;
+    }
     const manifest = this.config.getManifest();
     if (manifest === void 0) {
       return false;
     }
     const manifests = Array.isArray(manifest) ? manifest : [manifest];
-    const requiredAction = actionUrn(action);
-    return manifests.some((entry) => {
-      const resolved = (0, import_sdk_core5.resolveManifest)(entry);
-      return ["keys", "vault"].every(
-        (base) => resolved.resources.some(
-          (resource) => resource.service === "tinycloud.kv" && isSecretsSpace(resource.space) && resource.path === secretResourcePath(base, name) && resource.actions.includes(requiredAction)
-        )
-      );
-    });
+    const requestedEntries = (0, import_sdk_core5.expandPermissionEntries)(permissionEntries);
+    return requestedEntries.every(
+      (entry) => manifests.some((candidate) => {
+        const resolved = (0, import_sdk_core5.resolveManifest)(candidate);
+        return resolved.resources.some(
+          (resource) => resource.service === entry.service && resource.space === entry.space && resource.path === entry.path && entry.actions.every((action) => resource.actions.includes(action))
+        );
+      })
+    );
   }
 };
 
 // src/TinyCloudNode.ts
 var DEFAULT_HOST = "https://node.tinycloud.xyz";
+var DEFAULT_ENCRYPTION_NETWORK_NAME = "default";
+var NETWORK_CREATE_ACTION = "tinycloud.encryption/network.create";
+var DECRYPT_ACTION = "tinycloud.encryption/decrypt";
+var NETWORK_ADMIN_TYPE = "tinycloud.encryption.network-admin/v1";
+var DEFAULT_SESSION_EXPIRATION_MS = import_sdk_core6.EXPIRY.SESSION_MS;
+function base64UrlEncode(bytes) {
+  const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
+  let output = "";
+  for (let i = 0; i < bytes.length; i += 3) {
+    const a = bytes[i];
+    const b = bytes[i + 1];
+    const c = bytes[i + 2];
+    const triplet = a << 16 | (b ?? 0) << 8 | (c ?? 0);
+    output += alphabet[triplet >> 18 & 63];
+    output += alphabet[triplet >> 12 & 63];
+    if (i + 1 < bytes.length) output += alphabet[triplet >> 6 & 63];
+    if (i + 2 < bytes.length) output += alphabet[triplet & 63];
+  }
+  return output;
+}
+function base64UrlDecode(value) {
+  const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
+  const bytes = [];
+  let buffer = 0;
+  let bits = 0;
+  for (const char of value) {
+    const index = alphabet.indexOf(char);
+    if (index < 0) {
+      throw new Error("invalid base64url input");
+    }
+    buffer = buffer << 6 | index;
+    bits += 6;
+    if (bits >= 8) {
+      bits -= 8;
+      bytes.push(buffer >> bits & 255);
+    }
+  }
+  return new Uint8Array(bytes);
+}
+async function signJwtInputWithJwk(signingInput, jwk) {
+  const bytes = new TextEncoder().encode(signingInput);
+  try {
+    const subtle = globalThis.crypto?.subtle;
+    if (!subtle) {
+      throw new Error("WebCrypto subtle API is unavailable");
+    }
+    const key = await subtle.importKey(
+      "jwk",
+      jwk,
+      { name: "Ed25519" },
+      false,
+      ["sign"]
+    );
+    return new Uint8Array(await subtle.sign({ name: "Ed25519" }, key, bytes));
+  } catch {
+    const nodeCrypto = await import("crypto");
+    const key = nodeCrypto.createPrivateKey({ key: jwk, format: "jwk" });
+    return new Uint8Array(nodeCrypto.sign(null, Buffer.from(bytes), key));
+  }
+}
+async function rewriteInvocationAudience(authorization, audience, jwk) {
+  const [headerPart, payloadPart] = authorization.split(".");
+  if (!headerPart || !payloadPart) {
+    throw new Error("invalid invocation authorization");
+  }
+  const header = JSON.parse(new TextDecoder().decode(base64UrlDecode(headerPart)));
+  const payload = JSON.parse(new TextDecoder().decode(base64UrlDecode(payloadPart)));
+  payload.aud = audience;
+  const signingInput = `${base64UrlEncode(
+    new TextEncoder().encode(JSON.stringify(header))
+  )}.${base64UrlEncode(new TextEncoder().encode(JSON.stringify(payload)))}`;
+  const signature = await signJwtInputWithJwk(signingInput, jwk);
+  return `${signingInput}.${base64UrlEncode(signature)}`;
+}
+function authorizationHeader(headers) {
+  if (Array.isArray(headers)) {
+    const entry = headers.find(([name]) => name.toLowerCase() === "authorization");
+    if (!entry) {
+      throw new Error("network invocation did not include an Authorization header");
+    }
+    return entry[1];
+  }
+  const value = headers.Authorization ?? headers.authorization;
+  if (!value) {
+    throw new Error("network invocation did not include an Authorization header");
+  }
+  return value;
+}
 var _TinyCloudNode = class _TinyCloudNode {
   /**
    * Create a new TinyCloudNode instance.
@@ -1441,12 +1634,10 @@ var _TinyCloudNode = class _TinyCloudNode {
         throw new Error("WASM binding does not support invokeAny");
       }
       const grant = this.findGrantForOperations(
-        entries.map((entry) => ({
-          spaceId: entry.spaceId,
-          service: this.invocationServiceName(entry.service),
-          path: entry.path,
-          action: entry.action
-        }))
+        entries.flatMap((entry) => {
+          const operation = this.operationFromInvokeAnyEntry(entry);
+          return operation ? [operation] : [];
+        })
       );
       return this.wasmBindings.invokeAny(grant?.session ?? session, entries, facts);
     };
@@ -1539,7 +1730,7 @@ var _TinyCloudNode = class _TinyCloudNode {
       sessionStorage: config.sessionStorage ?? new MemorySessionStorage(),
       domain: this.siweDomain,
       spacePrefix: config.prefix,
-      sessionExpirationMs: config.sessionExpirationMs ?? 60 * 60 * 1e3,
+      sessionExpirationMs: config.sessionExpirationMs ?? DEFAULT_SESSION_EXPIRATION_MS,
       tinycloudHosts: this.explicitHost ? [this.explicitHost] : void 0,
       tinycloudRegistryUrl: config.tinycloudRegistryUrl,
       tinycloudFallbackHosts: config.tinycloudFallbackHosts,
@@ -1674,6 +1865,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     this._duckdb = void 0;
     this._hooks = void 0;
     this._vault = void 0;
+    this._encryption = void 0;
     this._baseSecrets = void 0;
     this._secrets = void 0;
     this._spaceService = void 0;
@@ -1682,6 +1874,9 @@ var _TinyCloudNode = class _TinyCloudNode {
     await this.tc.signIn(options);
     this.syncResolvedHostFromAuth();
     this.initializeServices();
+    if (this.config.manifest === void 0 && this.config.capabilityRequest === void 0) {
+      await this.ensureOwnedSpaceHosted(this.ownedSpaceId("secrets"));
+    }
     await this.writeManifestRegistryRecords();
     this.notificationHandler.success("Successfully signed in");
   }
@@ -1764,6 +1959,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     this._duckdb = void 0;
     this._hooks = void 0;
     this._vault = void 0;
+    this._encryption = void 0;
     this._baseSecrets = void 0;
     this._secrets = void 0;
     this._spaceService = void 0;
@@ -1805,6 +2001,33 @@ var _TinyCloudNode = class _TinyCloudNode {
     this._vault.initialize(this._serviceContext);
     this._serviceContext.registerService("vault", this._vault);
     this.initializeV2Services(serviceSession);
+    if (sessionData.siwe && sessionData.address && sessionData.chainId) {
+      const tcSession = {
+        address: sessionData.address,
+        chainId: sessionData.chainId,
+        sessionKey: JSON.stringify(sessionData.jwk),
+        spaceId: sessionData.spaceId,
+        delegationCid: sessionData.delegationCid,
+        delegationHeader: sessionData.delegationHeader,
+        verificationMethod: sessionData.verificationMethod,
+        jwk: sessionData.jwk,
+        siwe: sessionData.siwe,
+        signature: sessionData.signature ?? ""
+      };
+      if (this.auth) {
+        this.auth.setRestoredTinyCloudSession(tcSession);
+      } else {
+        this._restoredTcSession = tcSession;
+      }
+    }
+  }
+  /**
+   * Resolve the currently-active TinyCloudSession, preferring the auth
+   * layer's value (wallet mode) and falling back to the node-level
+   * rehydration set by {@link restoreSession} (session-only mode).
+   */
+  currentTinyCloudSession() {
+    return this.auth?.tinyCloudSession ?? this._restoredTcSession;
   }
   /**
    * Connect a wallet to upgrade from session-only mode to wallet mode.
@@ -1849,7 +2072,7 @@ var _TinyCloudNode = class _TinyCloudNode {
       sessionStorage: options?.sessionStorage ?? this.config.sessionStorage ?? new MemorySessionStorage(),
       domain: this.siweDomain,
       spacePrefix: prefix,
-      sessionExpirationMs: this.config.sessionExpirationMs ?? 60 * 60 * 1e3,
+      sessionExpirationMs: this.config.sessionExpirationMs ?? DEFAULT_SESSION_EXPIRATION_MS,
       tinycloudHosts: this.explicitHost ? [this.explicitHost] : void 0,
       tinycloudRegistryUrl: this.config.tinycloudRegistryUrl,
       tinycloudFallbackHosts: this.config.tinycloudFallbackHosts,
@@ -1893,7 +2116,7 @@ var _TinyCloudNode = class _TinyCloudNode {
       sessionStorage: options?.sessionStorage ?? this.config.sessionStorage ?? new MemorySessionStorage(),
       domain: this.siweDomain,
       spacePrefix: prefix,
-      sessionExpirationMs: this.config.sessionExpirationMs ?? 60 * 60 * 1e3,
+      sessionExpirationMs: this.config.sessionExpirationMs ?? DEFAULT_SESSION_EXPIRATION_MS,
       tinycloudHosts: this.explicitHost ? [this.explicitHost] : void 0,
       tinycloudRegistryUrl: this.config.tinycloudRegistryUrl,
       tinycloudFallbackHosts: this.config.tinycloudFallbackHosts,
@@ -1916,7 +2139,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    * @internal
    */
   initializeServices() {
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session) {
       return;
     }
@@ -1974,6 +2197,163 @@ var _TinyCloudNode = class _TinyCloudNode {
     }
     return kvService;
   }
+  getDefaultEncryptionNetworkId(name = DEFAULT_ENCRYPTION_NETWORK_NAME) {
+    return `urn:tinycloud:encryption:${this.did}:${name}`;
+  }
+  requireServiceSession() {
+    const session = this._serviceContext?.session;
+    if (!session) {
+      throw new Error("Not signed in. Call signIn() first.");
+    }
+    return session;
+  }
+  createEncryptionCrypto() {
+    const wasm = this.wasmBindings;
+    const columnEncrypt = (key, plaintext) => {
+      const encrypted = wasm.vault_encrypt(key, plaintext);
+      const out = new Uint8Array(1 + encrypted.length);
+      out[0] = 1;
+      out.set(encrypted, 1);
+      return out;
+    };
+    const columnDecrypt = (key, blob) => {
+      if (blob[0] !== 1) {
+        return blob;
+      }
+      return wasm.vault_decrypt(key, blob.slice(1));
+    };
+    return {
+      sha256: (data) => wasm.vault_sha256(data),
+      randomBytes: (length) => wasm.vault_random_bytes(length),
+      x25519FromSeed: (seed) => wasm.vault_x25519_from_seed(seed),
+      x25519Dh: (privateKey, publicKey) => wasm.vault_x25519_dh(privateKey, publicKey),
+      authEncrypt: (key, plaintext) => wasm.vault_encrypt(key, plaintext),
+      authDecrypt: (key, ciphertext) => wasm.vault_decrypt(key, ciphertext),
+      sealToNetworkKey: (networkPublicKey, symmetricKey) => {
+        const seed = wasm.vault_random_bytes(32);
+        const ephemeral = wasm.vault_x25519_from_seed(seed);
+        const shared = wasm.vault_x25519_dh(
+          ephemeral.privateKey,
+          networkPublicKey
+        );
+        const encrypted = columnEncrypt(shared, symmetricKey);
+        const out = new Uint8Array(ephemeral.publicKey.length + encrypted.length);
+        out.set(ephemeral.publicKey, 0);
+        out.set(encrypted, ephemeral.publicKey.length);
+        return out;
+      },
+      openWithReceiverKey: (receiverPrivateKey, wrappedKey) => {
+        const peerPublic = wrappedKey.slice(0, 32);
+        const ciphertext = wrappedKey.slice(32);
+        const shared = wasm.vault_x25519_dh(receiverPrivateKey, peerPublic);
+        return columnDecrypt(shared, ciphertext);
+      },
+      verifyNodeSignature: (nodeId, message, signature) => (0, import_sdk_core6.verifyDidKeyEd25519Signature)(nodeId, message, signature)
+    };
+  }
+  async fetchNodeId() {
+    const response = await fetch(`${this.config.host}/info`);
+    if (!response.ok) {
+      throw new Error(`Failed to fetch node info: HTTP ${response.status}`);
+    }
+    const info = await response.json();
+    if (typeof info.nodeId !== "string" || info.nodeId.length === 0) {
+      throw new Error("Node /info response did not include nodeId");
+    }
+    return info.nodeId;
+  }
+  async signRawNetworkAuthorization(input) {
+    if (!this.wasmBindings.invokeAny) {
+      throw new Error("WASM binding does not support raw-resource invokeAny");
+    }
+    if (!this.wasmBindings.computeCid) {
+      throw new Error("WASM binding does not support invocation CID computation");
+    }
+    const session = this.requireServiceSession();
+    const headers = this.invokeAnyWithRuntimePermissions(
+      session,
+      [
+        {
+          resource: input.networkId,
+          service: "encryption",
+          path: input.networkId,
+          action: input.action
+        }
+      ],
+      [input.facts]
+    );
+    const authorization = authorizationHeader(headers);
+    const audienceBound = await rewriteInvocationAudience(
+      authorization,
+      input.targetNode,
+      session.jwk
+    );
+    return {
+      authorization: audienceBound,
+      invocationCid: this.wasmBindings.computeCid(
+        new TextEncoder().encode(audienceBound),
+        0x55n
+      )
+    };
+  }
+  createEncryptionService() {
+    const crypto = this.createEncryptionCrypto();
+    const transport = {
+      postDecrypt: async ({ networkId, authorization, canonicalBody }) => {
+        const response = await fetch(
+          `${this.config.host}/encryption/networks/${encodeURIComponent(networkId)}/decrypt`,
+          {
+            method: "POST",
+            headers: {
+              Authorization: authorization,
+              "Content-Type": "application/json"
+            },
+            body: canonicalBody
+          }
+        );
+        if (!response.ok) {
+          throw new Error(
+            `decrypt failed ${response.status}: ${await response.text()}`
+          );
+        }
+        return await response.json();
+      }
+    };
+    return new import_sdk_core6.EncryptionService({
+      crypto,
+      signer: {
+        signDecryptInvocation: async (input) => {
+          const signed = await this.signRawNetworkAuthorization({
+            targetNode: input.targetNode,
+            networkId: input.networkId,
+            action: DECRYPT_ACTION,
+            facts: input.facts
+          });
+          return {
+            ...signed,
+            canonicalBody: (0, import_sdk_core6.canonicalizeEncryptionJson)(
+              input.body
+            )
+          };
+        }
+      },
+      transport,
+      node: {
+        fetchByNetworkId: (networkId) => this.getEncryptionNetwork(networkId)
+      }
+    });
+  }
+  getEncryptionService() {
+    if (!this._serviceContext) {
+      throw new Error("Not signed in. Call signIn() first.");
+    }
+    if (!this._encryption) {
+      this._encryption = this.createEncryptionService();
+      this._encryption.initialize(this._serviceContext);
+      this._serviceContext.registerService("encryption", this._encryption);
+    }
+    return this._encryption;
+  }
   createVaultService(spaceId, kv) {
     const wasm = this.wasmBindings;
     const vaultCrypto = (0, import_sdk_core6.createVaultCrypto)({
@@ -1989,6 +2369,13 @@ var _TinyCloudNode = class _TinyCloudNode {
     return new import_sdk_core6.DataVaultService({
       spaceId,
       crypto: vaultCrypto,
+      encryption: {
+        networkId: this.getDefaultEncryptionNetworkId(),
+        service: this.getEncryptionService(),
+        decryptCapabilityProof: () => ({
+          proofs: [this.requireServiceSession().delegationCid]
+        })
+      },
       tc: {
         kv,
         ensurePublicSpace: async () => {
@@ -2169,7 +2556,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    * @internal
    */
   getSessionExpiry() {
-    const expirationMs = this.config.sessionExpirationMs ?? 60 * 60 * 1e3;
+    const expirationMs = this.config.sessionExpirationMs ?? DEFAULT_SESSION_EXPIRATION_MS;
     return new Date(Date.now() + expirationMs);
   }
   /**
@@ -2226,7 +2613,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     if (!this.signer) {
       return void 0;
     }
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session) {
       return void 0;
     }
@@ -2326,6 +2713,34 @@ var _TinyCloudNode = class _TinyCloudNode {
     }
     return this._sql;
   }
+  /**
+   * Get an SQL service scoped to a specific space.
+   *
+   * Mirrors {@link SpaceService}'s per-space KV factory: clones the active
+   * service context and overrides its session's spaceId so that subsequent
+   * `sql/<dbName>/<action>` invocations route to that space. Useful when
+   * the caller already holds a delegation covering the target space (e.g.
+   * via {@link grantRuntimePermissions} or {@link useRuntimeDelegation})
+   * but the SDK's per-space SQL surface isn't otherwise exposed.
+   *
+   * Does NOT auto-create the space.
+   *
+   * @param spaceId - Full space URI (`tinycloud:pkh:eip155:<chain>:<addr>:<name>`).
+   */
+  sqlForSpace(spaceId) {
+    if (!this._serviceContext || !this._serviceContext.session) {
+      throw new Error("Not signed in. Call signIn() first.");
+    }
+    const sql = new import_sdk_core6.SQLService({});
+    const spaceScopedContext = new import_sdk_core6.ServiceContext({
+      invoke: this._serviceContext.invoke,
+      fetch: this._serviceContext.fetch,
+      hosts: this._serviceContext.hosts
+    });
+    spaceScopedContext.setSession({ ...this._serviceContext.session, spaceId });
+    sql.initialize(spaceScopedContext);
+    return sql;
+  }
   /**
    * DuckDB database operations on this user's space.
    */
@@ -2349,6 +2764,79 @@ var _TinyCloudNode = class _TinyCloudNode {
     }
     return this._vault;
   }
+  /**
+   * Network-scoped encryption/decrypt service.
+   */
+  get encryption() {
+    return this.getEncryptionService();
+  }
+  async getEncryptionNetwork(nameOrNetworkId = this.getDefaultEncryptionNetworkId()) {
+    const networkId = nameOrNetworkId.startsWith("urn:tinycloud:encryption:") ? nameOrNetworkId : this.getDefaultEncryptionNetworkId(nameOrNetworkId);
+    const response = await fetch(
+      `${this.config.host}/encryption/networks/${encodeURIComponent(networkId)}`
+    );
+    if (response.status === 404) {
+      return null;
+    }
+    if (!response.ok) {
+      throw new Error(
+        `Failed to fetch encryption network ${networkId}: HTTP ${response.status} ${await response.text()}`
+      );
+    }
+    const body = await response.json();
+    return "descriptor" in body && body.descriptor ? body.descriptor : body;
+  }
+  async createEncryptionNetwork(name = DEFAULT_ENCRYPTION_NETWORK_NAME) {
+    const targetNode = await this.fetchNodeId();
+    const principal = this.did;
+    const networkId = this.getDefaultEncryptionNetworkId(name);
+    const body = {
+      name,
+      principal,
+      threshold: { n: 1, t: 1 }
+    };
+    const crypto = this.createEncryptionCrypto();
+    const facts = {
+      type: NETWORK_ADMIN_TYPE,
+      targetNode,
+      networkId,
+      bodyHash: (0, import_sdk_core6.canonicalHashHex)(
+        crypto.sha256,
+        body
+      ),
+      action: NETWORK_CREATE_ACTION
+    };
+    const signed = await this.signRawNetworkAuthorization({
+      targetNode,
+      networkId,
+      action: NETWORK_CREATE_ACTION,
+      facts
+    });
+    const response = await fetch(`${this.config.host}/encryption/networks`, {
+      method: "POST",
+      headers: {
+        Authorization: signed.authorization,
+        "Content-Type": "application/json"
+      },
+      body: (0, import_sdk_core6.canonicalizeEncryptionJson)(
+        body
+      )
+    });
+    if (!response.ok) {
+      throw new Error(
+        `Failed to create encryption network ${networkId}: HTTP ${response.status} ${await response.text()}`
+      );
+    }
+    const created = await response.json();
+    return created.descriptor;
+  }
+  async ensureEncryptionNetwork(name = DEFAULT_ENCRYPTION_NETWORK_NAME) {
+    const existing = await this.getEncryptionNetwork(name);
+    if (existing) {
+      return existing;
+    }
+    return this.createEncryptionNetwork(name);
+  }
   /**
    * App-facing secrets API backed by the `secrets` space vault.
    */
@@ -2360,8 +2848,10 @@ var _TinyCloudNode = class _TinyCloudNode {
       this._secrets = new NodeSecretsService({
         getService: () => this.getBaseSecrets(),
         getManifest: () => this.manifest,
+        hasPermissions: (permissions) => this.hasRuntimePermissions(permissions),
         grantPermissions: (additional) => this.grantRuntimePermissions(additional),
         canEscalate: () => this.signer !== void 0 && this.tc !== void 0,
+        getEncryptionNetworkId: () => this.getDefaultEncryptionNetworkId(),
         getUnlockSigner: () => this.signer ?? void 0
       });
     }
@@ -2451,7 +2941,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    * every requested permission.
    */
   hasRuntimePermissions(permissions) {
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session || !Array.isArray(permissions) || permissions.length === 0) {
       return false;
     }
@@ -2471,7 +2961,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     if (permissions === void 0) {
       return this.runtimePermissionGrants.map((grant) => grant.delegation);
     }
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session || !Array.isArray(permissions) || permissions.length === 0) {
       return [];
     }
@@ -2485,7 +2975,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    * matching service calls and downstream `delegateTo()` calls can use it.
    */
   async useRuntimeDelegation(delegation) {
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session) {
       throw new import_sdk_core6.SessionExpiredError(/* @__PURE__ */ new Date(0));
     }
@@ -2524,7 +3014,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     if (!Array.isArray(permissions) || permissions.length === 0) {
       throw new Error("grantRuntimePermissions requires a non-empty permissions array");
     }
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session) {
       throw new import_sdk_core6.SessionExpiredError(/* @__PURE__ */ new Date(0));
     }
@@ -2548,13 +3038,22 @@ var _TinyCloudNode = class _TinyCloudNode {
         "grantRuntimePermissions requires wallet mode with a signer or privateKey."
       );
     }
+    const rawEntries = expanded.filter(
+      (entry) => this.isEncryptionPermissionEntry(entry)
+    );
+    const spaceEntries = expanded.filter(
+      (entry) => !this.isEncryptionPermissionEntry(entry)
+    );
     const bySpace = /* @__PURE__ */ new Map();
-    for (const entry of expanded) {
+    for (const entry of spaceEntries) {
       const spaceId = this.resolvePermissionSpace(entry.space, session);
       const current = bySpace.get(spaceId) ?? [];
       current.push(entry);
       bySpace.set(spaceId, current);
     }
+    if (bySpace.size === 0 && rawEntries.length > 0) {
+      bySpace.set(session.spaceId, []);
+    }
     const now = /* @__PURE__ */ new Date();
     const requestedExpiryMs = resolveExpiryMs(options?.expiry);
     let expiresAt = new Date(now.getTime() + requestedExpiryMs);
@@ -2562,10 +3061,17 @@ var _TinyCloudNode = class _TinyCloudNode {
       expiresAt = sessionExpiry;
     }
     const delegations = [];
+    let rawEntriesAttached = false;
     for (const [spaceId, entries] of bySpace) {
+      const rawForDelegation = !rawEntriesAttached ? rawEntries : [];
+      if (rawForDelegation.length > 0) {
+        rawEntriesAttached = true;
+      }
+      const delegatedEntries = [...entries, ...rawForDelegation];
       const abilities = this.permissionsToAbilities(entries);
       const prepared = this.wasmBindings.prepareSession({
         abilities,
+        ...rawForDelegation.length > 0 ? { rawAbilities: this.permissionsToRawAbilities(rawForDelegation) } : {},
         address: this.wasmBindings.ensureEip55(session.address),
         chainId: session.chainId,
         domain: this.siweDomain,
@@ -2590,7 +3096,7 @@ var _TinyCloudNode = class _TinyCloudNode {
       }
       const delegation = this.runtimeDelegationFromSession(
         delegatedSession,
-        entries,
+        delegatedEntries,
         spaceId,
         session,
         expiresAt
@@ -2604,7 +3110,7 @@ var _TinyCloudNode = class _TinyCloudNode {
           jwk: session.jwk
         },
         delegation,
-        operations: this.permissionOperations(entries, spaceId),
+        operations: this.permissionOperations(delegatedEntries, spaceId),
         expiresAt
       });
       delegations.push(delegation);
@@ -2752,7 +3258,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     ];
     const abilities = { kv: { "": kvActions } };
     const now = /* @__PURE__ */ new Date();
-    const expiryMs = 60 * 60 * 1e3;
+    const expiryMs = import_sdk_core6.EXPIRY.EPHEMERAL_MS;
     const expirationTime = new Date(now.getTime() + expiryMs);
     const prepared = this.wasmBindings.prepareSession({
       abilities,
@@ -2922,7 +3428,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    *   `forceWalletSign` is not set.
    */
   async delegateTo(did, permissions, options) {
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session) {
       throw new import_sdk_core6.SessionExpiredError(/* @__PURE__ */ new Date(0));
     }
@@ -2939,10 +3445,7 @@ var _TinyCloudNode = class _TinyCloudNode {
         "delegateTo requires a non-empty permissions array"
       );
     }
-    const expandedEntries = permissions.map((entry) => ({
-      ...entry,
-      actions: (0, import_sdk_core6.expandActionShortNames)(entry.service, entry.actions)
-    }));
+    const expandedEntries = this.expandPermissionEntries(permissions);
     const now = /* @__PURE__ */ new Date();
     const expiryMs = resolveExpiryMs(options?.expiry);
     const expirationTime = new Date(now.getTime() + expiryMs);
@@ -3039,11 +3542,8 @@ var _TinyCloudNode = class _TinyCloudNode {
    * the current session; we build one multi-resource abilities map
    * and emit one signed UCAN covering them all.
    *
-   * All entries must share the same target space (the UCAN is
-   * scoped to a single space). If they don't, this throws — mixing
-   * spaces in a single delegation is not supported by the underlying
-   * Rust create_delegation call and the resulting UCAN would be
-   * under-specified.
+   * Non-encryption entries must share the same target space. Encryption
+   * entries are raw network URNs and do not participate in space grouping.
    *
    * @internal
    */
@@ -3055,15 +3555,18 @@ var _TinyCloudNode = class _TinyCloudNode {
     }
     const resolvedSpaces = /* @__PURE__ */ new Set();
     for (const entry of entries) {
+      if (this.isEncryptionPermissionEntry(entry)) {
+        continue;
+      }
       const spaceId2 = this.resolvePermissionSpace(entry.space, session);
       resolvedSpaces.add(spaceId2);
     }
-    if (resolvedSpaces.size !== 1) {
+    if (resolvedSpaces.size > 1) {
       throw new Error(
         `delegateTo: all permission entries must target the same space, got ${resolvedSpaces.size}: ${JSON.stringify([...resolvedSpaces])}`
       );
     }
-    const spaceId = [...resolvedSpaces][0];
+    const spaceId = resolvedSpaces.size === 1 ? [...resolvedSpaces][0] : session.spaceId;
     const abilities = {};
     for (const entry of entries) {
       const shortService = import_sdk_core6.SERVICE_LONG_TO_SHORT[entry.service];
@@ -3182,10 +3685,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     return this.wasmBindings.makeSpaceId(session.address, session.chainId, space);
   }
   expandPermissionEntries(permissions) {
-    return permissions.map((entry) => ({
-      ...entry,
-      actions: (0, import_sdk_core6.expandActionShortNames)(entry.service, entry.actions)
-    }));
+    return (0, import_sdk_core6.expandPermissionEntries)(permissions);
   }
   shortServiceName(service) {
     const short = import_sdk_core6.SERVICE_LONG_TO_SHORT[service];
@@ -3213,11 +3713,32 @@ var _TinyCloudNode = class _TinyCloudNode {
     }
     return abilities;
   }
+  isEncryptionPermissionEntry(entry) {
+    return entry.service === import_sdk_core6.ENCRYPTION_PERMISSION_SERVICE && entry.path.startsWith("urn:tinycloud:encryption:");
+  }
+  permissionsToRawAbilities(entries) {
+    const rawAbilities = {};
+    for (const entry of entries) {
+      if (!this.isEncryptionPermissionEntry(entry)) {
+        continue;
+      }
+      const existing = rawAbilities[entry.path] ?? [];
+      const seen = new Set(existing);
+      for (const action of entry.actions) {
+        if (!seen.has(action)) {
+          existing.push(action);
+          seen.add(action);
+        }
+      }
+      rawAbilities[entry.path] = existing;
+    }
+    return rawAbilities;
+  }
   permissionOperations(entries, spaceId) {
     return entries.flatMap((entry) => {
       const service = this.shortServiceName(entry.service);
       return entry.actions.map((action) => ({
-        spaceId,
+        ...this.isEncryptionNetworkOperation(service, entry.path) ? { resource: entry.path } : { spaceId },
         service,
         path: entry.path,
         action
@@ -3240,7 +3761,7 @@ var _TinyCloudNode = class _TinyCloudNode {
       const spaceId = this.resolvePermissionSpace(entry.space, session);
       const service = this.shortServiceName(entry.service);
       return entry.actions.map((action) => ({
-        spaceId,
+        ...this.isEncryptionNetworkOperation(service, entry.path) ? { resource: entry.path } : { spaceId },
         service,
         path: entry.path,
         action
@@ -3297,24 +3818,40 @@ var _TinyCloudNode = class _TinyCloudNode {
       expiresAt: delegation.expiry
     };
   }
+  installRuntimeGrantFromServiceSession(delegation, session, expiresAt) {
+    const operations = this.operationsFromDelegation(delegation);
+    if (operations.length === 0) {
+      return;
+    }
+    this.runtimePermissionGrants = this.runtimePermissionGrants.filter(
+      (grant) => grant.delegation.cid !== delegation.cid && grant.session.delegationCid !== session.delegationCid
+    );
+    this.runtimePermissionGrants.push({
+      session,
+      delegation,
+      operations,
+      expiresAt
+    });
+  }
   delegatedResourcesForEntries(entries, spaceId) {
     return entries.map((entry) => ({
       service: this.shortServiceName(entry.service),
-      space: spaceId,
+      space: this.isEncryptionPermissionEntry(entry) ? "encryption" : spaceId,
       path: entry.path,
       actions: [...entry.actions]
     }));
   }
   operationsFromDelegation(delegation) {
     const resources = delegation.resources !== void 0 && delegation.resources.length > 0 ? delegation.resources : this.flatDelegationResources(delegation);
-    return resources.flatMap(
-      (resource) => resource.actions.map((action) => ({
-        spaceId: resource.space,
-        service: this.invocationServiceName(resource.service),
+    return resources.flatMap((resource) => {
+      const service = this.invocationServiceName(resource.service);
+      return resource.actions.map((action) => ({
+        ...this.isEncryptionNetworkOperation(service, resource.path) ? { resource: resource.path } : { spaceId: resource.space },
+        service,
         path: resource.path,
         action
-      }))
-    );
+      }));
+    });
   }
   flatDelegationResources(delegation) {
     const byService = /* @__PURE__ */ new Map();
@@ -3363,7 +3900,13 @@ var _TinyCloudNode = class _TinyCloudNode {
     );
   }
   operationCovers(granted, requested) {
-    return granted.spaceId === requested.spaceId && granted.service === requested.service && this.actionContains(granted.action, requested.action) && this.pathContains(granted.path, requested.path);
+    if (granted.service !== requested.service || !this.actionContains(granted.action, requested.action)) {
+      return false;
+    }
+    if (granted.resource !== void 0 || requested.resource !== void 0) {
+      return granted.resource !== void 0 && requested.resource !== void 0 && granted.resource === requested.resource && this.pathContains(granted.path, requested.path);
+    }
+    return granted.spaceId !== void 0 && requested.spaceId !== void 0 && granted.spaceId === requested.spaceId && this.pathContains(granted.path, requested.path);
   }
   actionContains(grantedAction, requestedAction) {
     if (grantedAction === requestedAction) {
@@ -3378,6 +3921,37 @@ var _TinyCloudNode = class _TinyCloudNode {
   invocationServiceName(service) {
     return service.startsWith("tinycloud.") ? this.shortServiceName(service) : service;
   }
+  isEncryptionNetworkOperation(service, path) {
+    return service === "encryption" && path.startsWith("urn:tinycloud:encryption:");
+  }
+  operationFromInvokeAnyEntry(entry) {
+    const service = this.invocationServiceName(entry.service);
+    if (typeof entry.resource === "string") {
+      return {
+        resource: entry.resource,
+        service,
+        path: entry.path,
+        action: entry.action
+      };
+    }
+    if (this.isEncryptionNetworkOperation(service, entry.path)) {
+      return {
+        resource: entry.path,
+        service,
+        path: entry.path,
+        action: entry.action
+      };
+    }
+    if (typeof entry.spaceId === "string") {
+      return {
+        spaceId: entry.spaceId,
+        service,
+        path: entry.path,
+        action: entry.action
+      };
+    }
+    return void 0;
+  }
   pathContains(grantedPath, requestedPath) {
     if (grantedPath === "" || grantedPath === "/") {
       return true;
@@ -3616,6 +4190,17 @@ var _TinyCloudNode = class _TinyCloudNode {
         // Not used in session-only mode
       };
       this.trackReceivedDelegation(delegation, this.sessionKeyJwk);
+      this.installRuntimeGrantFromServiceSession(
+        delegation,
+        {
+          delegationHeader: session2.delegationHeader,
+          delegationCid: session2.delegationCid,
+          spaceId: session2.spaceId,
+          verificationMethod: session2.verificationMethod,
+          jwk: session2.jwk
+        },
+        delegation.expiry
+      );
       return new DelegatedAccess(session2, delegation, targetHost, this.wasmBindings.invoke);
     }
     const mySession = this.auth?.tinyCloudSession;
@@ -3627,6 +4212,10 @@ var _TinyCloudNode = class _TinyCloudNode {
     const kvActions = delegation.actions.filter((a) => a.startsWith("tinycloud.kv/"));
     const sqlActions = delegation.actions.filter((a) => a.startsWith("tinycloud.sql/"));
     const duckdbActions = delegation.actions.filter((a) => a.startsWith("tinycloud.duckdb/"));
+    const encryptionActions = delegation.actions.filter(
+      (a) => a.startsWith("tinycloud.encryption/")
+    );
+    const rawAbilities = {};
     if (kvActions.length > 0) {
       abilities.kv = { [delegation.path]: kvActions };
     }
@@ -3636,6 +4225,9 @@ var _TinyCloudNode = class _TinyCloudNode {
     if (duckdbActions.length > 0) {
       abilities.duckdb = { [delegation.path]: duckdbActions };
     }
+    if (encryptionActions.length > 0 && delegation.path.startsWith("urn:tinycloud:encryption:")) {
+      rawAbilities[delegation.path] = encryptionActions;
+    }
     const now = /* @__PURE__ */ new Date();
     const maxExpiry = new Date(now.getTime() + 60 * 60 * 1e3);
     const expirationTime = delegation.expiry < maxExpiry ? delegation.expiry : maxExpiry;
@@ -3648,7 +4240,8 @@ var _TinyCloudNode = class _TinyCloudNode {
       expirationTime: expirationTime.toISOString(),
       spaceId: delegation.spaceId,
       jwk,
-      parents: [delegation.cid]
+      parents: [delegation.cid],
+      ...Object.keys(rawAbilities).length > 0 ? { rawAbilities } : {}
     });
     const signature = await this.signer.signMessage(prepared.siwe);
     const invokerSession = this.wasmBindings.completeSessionSetup({
@@ -3675,6 +4268,17 @@ var _TinyCloudNode = class _TinyCloudNode {
       signature
     };
     this.trackReceivedDelegation(delegation, jwk);
+    this.installRuntimeGrantFromServiceSession(
+      delegation,
+      {
+        delegationHeader: session.delegationHeader,
+        delegationCid: session.delegationCid,
+        spaceId: session.spaceId,
+        verificationMethod: session.verificationMethod,
+        jwk: session.jwk
+      },
+      expirationTime
+    );
     return new DelegatedAccess(session, delegation, targetHost, this.wasmBindings.invoke);
   }
   /**
@@ -3817,6 +4421,7 @@ var import_sdk_core18 = require("@tinycloud/sdk-core");
   CapabilityKeyRegistryErrorCodes,
   DEFAULT_MANIFEST_SPACE,
   DEFAULT_MANIFEST_VERSION,
+  DEFAULT_SIGNED_READ_URL_EXPIRY_MS,
   DataVaultService,
   DatabaseHandle,
   DelegatedAccess,
@@ -3833,6 +4438,7 @@ var import_sdk_core18 = require("@tinycloud/sdk-core");
   PermissionNotInManifestError,
   PrefixedKVService,
   ProtocolMismatchError,
+  SECRET_NAME_RE,
   SQLAction,
   SQLService,
   SecretsService,
@@ -3846,11 +4452,13 @@ var import_sdk_core18 = require("@tinycloud/sdk-core");
   TinyCloud,
   TinyCloudNode,
   UnsupportedFeatureError,
+  VAULT_PERMISSION_SERVICE,
   VaultHeaders,
   VaultPublicSpaceKVActions,
   VersionCheckError,
   WasmKeyProvider,
   buildSpaceUri,
+  canonicalizeSecretScope,
   checkNodeInfo,
   composeManifestRequest,
   createCapabilityKeyRegistry,
@@ -3862,12 +4470,16 @@ var import_sdk_core18 = require("@tinycloud/sdk-core");
   defaultSpaceCreationHandler,
   deserializeDelegation,
   expandActionShortNames,
+  expandPermissionEntries,
+  expandPermissionEntry,
   isCapabilitySubset,
   loadManifest,
   makePublicSpaceId,
   parseExpiry,
   parseSpaceUri,
   resolveManifest,
+  resolveSecretListPrefix,
+  resolveSecretPath,
   resourceCapabilitiesToSpaceAbilitiesMap,
   serializeDelegation,
   validateManifest