@usesigil/kit 0.16.0 → 0.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (629) hide show
  1. package/README.md +56 -0
  2. package/dist/advanced-analytics.d.ts +3 -2
  3. package/dist/advanced-analytics.d.ts.map +1 -1
  4. package/dist/advanced-analytics.js +9 -42
  5. package/dist/advanced-analytics.js.map +1 -1
  6. package/dist/agent-bootstrap.d.ts +1 -2
  7. package/dist/agent-bootstrap.d.ts.map +1 -1
  8. package/dist/agent-bootstrap.js.map +1 -1
  9. package/dist/agent-errors.d.ts +20 -4
  10. package/dist/agent-errors.d.ts.map +1 -1
  11. package/dist/agent-errors.js +854 -369
  12. package/dist/agent-errors.js.map +1 -1
  13. package/dist/audit-log.d.ts +101 -0
  14. package/dist/audit-log.d.ts.map +1 -0
  15. package/dist/audit-log.js +145 -0
  16. package/dist/audit-log.js.map +1 -0
  17. package/dist/caip2-network.d.ts +171 -0
  18. package/dist/caip2-network.d.ts.map +1 -0
  19. package/dist/caip2-network.js +202 -0
  20. package/dist/caip2-network.js.map +1 -0
  21. package/dist/canonical-encode.d.ts +59 -0
  22. package/dist/canonical-encode.d.ts.map +1 -0
  23. package/dist/canonical-encode.js +141 -0
  24. package/dist/canonical-encode.js.map +1 -0
  25. package/dist/cosign-helper.d.ts +264 -0
  26. package/dist/cosign-helper.d.ts.map +1 -0
  27. package/dist/cosign-helper.js +147 -0
  28. package/dist/cosign-helper.js.map +1 -0
  29. package/dist/create-vault.d.ts +92 -0
  30. package/dist/create-vault.d.ts.map +1 -1
  31. package/dist/create-vault.js +98 -7
  32. package/dist/create-vault.js.map +1 -1
  33. package/dist/dashboard/close-vault.d.ts +110 -0
  34. package/dist/dashboard/close-vault.d.ts.map +1 -0
  35. package/dist/dashboard/close-vault.js +165 -0
  36. package/dist/dashboard/close-vault.js.map +1 -0
  37. package/dist/dashboard/errors.d.ts +2 -2
  38. package/dist/dashboard/errors.d.ts.map +1 -1
  39. package/dist/dashboard/errors.js +11 -7
  40. package/dist/dashboard/errors.js.map +1 -1
  41. package/dist/dashboard/index.d.ts +181 -34
  42. package/dist/dashboard/index.d.ts.map +1 -1
  43. package/dist/dashboard/index.js +258 -52
  44. package/dist/dashboard/index.js.map +1 -1
  45. package/dist/dashboard/mutations.d.ts +117 -26
  46. package/dist/dashboard/mutations.d.ts.map +1 -1
  47. package/dist/dashboard/mutations.js +521 -110
  48. package/dist/dashboard/mutations.js.map +1 -1
  49. package/dist/dashboard/post-assertion-validation.d.ts +1 -1
  50. package/dist/dashboard/post-assertion-validation.d.ts.map +1 -1
  51. package/dist/dashboard/post-assertion-validation.js +169 -48
  52. package/dist/dashboard/post-assertion-validation.js.map +1 -1
  53. package/dist/dashboard/reads.d.ts +3 -4
  54. package/dist/dashboard/reads.d.ts.map +1 -1
  55. package/dist/dashboard/reads.js +11 -22
  56. package/dist/dashboard/reads.js.map +1 -1
  57. package/dist/dashboard/types.d.ts +32 -17
  58. package/dist/dashboard/types.d.ts.map +1 -1
  59. package/dist/errors/agent-errors.generated.d.ts +21 -0
  60. package/dist/errors/agent-errors.generated.d.ts.map +1 -0
  61. package/dist/errors/agent-errors.generated.js +133 -0
  62. package/dist/errors/agent-errors.generated.js.map +1 -0
  63. package/dist/errors/codes.d.ts +21 -2
  64. package/dist/errors/codes.d.ts.map +1 -1
  65. package/dist/errors/codes.js +19 -0
  66. package/dist/errors/codes.js.map +1 -1
  67. package/dist/errors/context.d.ts +9 -1
  68. package/dist/errors/context.d.ts.map +1 -1
  69. package/dist/event-analytics.d.ts +1 -3
  70. package/dist/event-analytics.d.ts.map +1 -1
  71. package/dist/event-analytics.js +28 -81
  72. package/dist/event-analytics.js.map +1 -1
  73. package/dist/events.d.ts.map +1 -1
  74. package/dist/events.js +23 -14
  75. package/dist/events.js.map +1 -1
  76. package/dist/generated/accounts/agentSpendOverlay.d.ts +60 -0
  77. package/dist/generated/accounts/agentSpendOverlay.d.ts.map +1 -1
  78. package/dist/generated/accounts/agentSpendOverlay.js +6 -2
  79. package/dist/generated/accounts/agentSpendOverlay.js.map +1 -1
  80. package/dist/generated/accounts/agentVault.d.ts +168 -4
  81. package/dist/generated/accounts/agentVault.d.ts.map +1 -1
  82. package/dist/generated/accounts/agentVault.js +11 -3
  83. package/dist/generated/accounts/agentVault.js.map +1 -1
  84. package/dist/generated/accounts/auditLogRejected.d.ts +66 -0
  85. package/dist/generated/accounts/auditLogRejected.d.ts.map +1 -0
  86. package/dist/generated/accounts/auditLogRejected.js +68 -0
  87. package/dist/generated/accounts/auditLogRejected.js.map +1 -0
  88. package/dist/generated/accounts/auditLogSuccess.d.ts +78 -0
  89. package/dist/generated/accounts/auditLogSuccess.d.ts.map +1 -0
  90. package/dist/generated/accounts/auditLogSuccess.js +68 -0
  91. package/dist/generated/accounts/auditLogSuccess.js.map +1 -0
  92. package/dist/generated/accounts/index.d.ts +4 -4
  93. package/dist/generated/accounts/index.d.ts.map +1 -1
  94. package/dist/generated/accounts/index.js +4 -4
  95. package/dist/generated/accounts/index.js.map +1 -1
  96. package/dist/generated/accounts/pendingAgentGrant.d.ts +199 -0
  97. package/dist/generated/accounts/pendingAgentGrant.d.ts.map +1 -0
  98. package/dist/generated/accounts/pendingAgentGrant.js +75 -0
  99. package/dist/generated/accounts/pendingAgentGrant.js.map +1 -0
  100. package/dist/generated/accounts/pendingAgentPermissionsUpdate.d.ts +64 -0
  101. package/dist/generated/accounts/pendingAgentPermissionsUpdate.d.ts.map +1 -1
  102. package/dist/generated/accounts/pendingAgentPermissionsUpdate.js +7 -1
  103. package/dist/generated/accounts/pendingAgentPermissionsUpdate.js.map +1 -1
  104. package/dist/generated/accounts/pendingOwnershipTransfer.d.ts +131 -0
  105. package/dist/generated/accounts/pendingOwnershipTransfer.d.ts.map +1 -0
  106. package/dist/generated/accounts/pendingOwnershipTransfer.js +76 -0
  107. package/dist/generated/accounts/pendingOwnershipTransfer.js.map +1 -0
  108. package/dist/generated/accounts/pendingPolicyUpdate.d.ts +200 -4
  109. package/dist/generated/accounts/pendingPolicyUpdate.d.ts.map +1 -1
  110. package/dist/generated/accounts/pendingPolicyUpdate.js +19 -1
  111. package/dist/generated/accounts/pendingPolicyUpdate.js.map +1 -1
  112. package/dist/generated/accounts/policyConfig.d.ts +479 -36
  113. package/dist/generated/accounts/policyConfig.d.ts.map +1 -1
  114. package/dist/generated/accounts/policyConfig.js +30 -3
  115. package/dist/generated/accounts/policyConfig.js.map +1 -1
  116. package/dist/generated/accounts/postExecutionAssertions.d.ts +2 -2
  117. package/dist/generated/accounts/postExecutionAssertions.d.ts.map +1 -1
  118. package/dist/generated/accounts/postExecutionAssertions.js +3 -3
  119. package/dist/generated/accounts/sessionAuthority.d.ts +140 -12
  120. package/dist/generated/accounts/sessionAuthority.d.ts.map +1 -1
  121. package/dist/generated/accounts/sessionAuthority.js +9 -7
  122. package/dist/generated/accounts/sessionAuthority.js.map +1 -1
  123. package/dist/generated/accounts/spendTracker.d.ts +83 -3
  124. package/dist/generated/accounts/spendTracker.d.ts.map +1 -1
  125. package/dist/generated/accounts/spendTracker.js +14 -2
  126. package/dist/generated/accounts/spendTracker.js.map +1 -1
  127. package/dist/generated/errors/sigil.d.ts +129 -83
  128. package/dist/generated/errors/sigil.d.ts.map +1 -1
  129. package/dist/generated/errors/sigil.js +175 -106
  130. package/dist/generated/errors/sigil.js.map +1 -1
  131. package/dist/generated/event-discriminators.d.ts.map +1 -1
  132. package/dist/generated/event-discriminators.js +11 -14
  133. package/dist/generated/event-discriminators.js.map +1 -1
  134. package/dist/generated/instructions/acceptOwnershipTransfer.d.ts +142 -0
  135. package/dist/generated/instructions/acceptOwnershipTransfer.d.ts.map +1 -0
  136. package/dist/generated/instructions/acceptOwnershipTransfer.js +171 -0
  137. package/dist/generated/instructions/acceptOwnershipTransfer.js.map +1 -0
  138. package/dist/generated/instructions/acceptOwnershipTransferMultisig.d.ts +142 -0
  139. package/dist/generated/instructions/acceptOwnershipTransferMultisig.d.ts.map +1 -0
  140. package/dist/generated/instructions/acceptOwnershipTransferMultisig.js +171 -0
  141. package/dist/generated/instructions/acceptOwnershipTransferMultisig.js.map +1 -0
  142. package/dist/generated/instructions/applyAgentGrant.d.ts +100 -0
  143. package/dist/generated/instructions/applyAgentGrant.d.ts.map +1 -0
  144. package/dist/generated/instructions/{applyConstraintsUpdate.js → applyAgentGrant.js} +66 -42
  145. package/dist/generated/instructions/applyAgentGrant.js.map +1 -0
  146. package/dist/generated/instructions/applyAgentPermissionsUpdate.d.ts +31 -8
  147. package/dist/generated/instructions/applyAgentPermissionsUpdate.d.ts.map +1 -1
  148. package/dist/generated/instructions/applyAgentPermissionsUpdate.js +38 -2
  149. package/dist/generated/instructions/applyAgentPermissionsUpdate.js.map +1 -1
  150. package/dist/generated/instructions/applyPendingPolicy.d.ts +18 -7
  151. package/dist/generated/instructions/applyPendingPolicy.d.ts.map +1 -1
  152. package/dist/generated/instructions/applyPendingPolicy.js +38 -2
  153. package/dist/generated/instructions/applyPendingPolicy.js.map +1 -1
  154. package/dist/generated/instructions/cancelAgentGrant.d.ts +106 -0
  155. package/dist/generated/instructions/cancelAgentGrant.d.ts.map +1 -0
  156. package/dist/generated/instructions/{allocatePendingConstraintsPda.js → cancelAgentGrant.js} +54 -42
  157. package/dist/generated/instructions/cancelAgentGrant.js.map +1 -0
  158. package/dist/generated/instructions/cancelOwnershipTransfer.d.ts +121 -0
  159. package/dist/generated/instructions/cancelOwnershipTransfer.d.ts.map +1 -0
  160. package/dist/generated/instructions/{queueCloseConstraints.js → cancelOwnershipTransfer.js} +58 -44
  161. package/dist/generated/instructions/cancelOwnershipTransfer.js.map +1 -0
  162. package/dist/generated/instructions/closePostAssertions.d.ts +6 -1
  163. package/dist/generated/instructions/closePostAssertions.d.ts.map +1 -1
  164. package/dist/generated/instructions/closePostAssertions.js +11 -3
  165. package/dist/generated/instructions/closePostAssertions.js.map +1 -1
  166. package/dist/generated/instructions/closeVault.d.ts +40 -8
  167. package/dist/generated/instructions/closeVault.d.ts.map +1 -1
  168. package/dist/generated/instructions/closeVault.js +40 -2
  169. package/dist/generated/instructions/closeVault.js.map +1 -1
  170. package/dist/generated/instructions/createPostAssertions.d.ts +4 -0
  171. package/dist/generated/instructions/createPostAssertions.d.ts.map +1 -1
  172. package/dist/generated/instructions/createPostAssertions.js +2 -0
  173. package/dist/generated/instructions/createPostAssertions.js.map +1 -1
  174. package/dist/generated/instructions/depositFunds.d.ts +21 -10
  175. package/dist/generated/instructions/depositFunds.d.ts.map +1 -1
  176. package/dist/generated/instructions/depositFunds.js +37 -2
  177. package/dist/generated/instructions/depositFunds.js.map +1 -1
  178. package/dist/generated/instructions/finalizeSession.d.ts +49 -7
  179. package/dist/generated/instructions/finalizeSession.d.ts.map +1 -1
  180. package/dist/generated/instructions/finalizeSession.js +59 -2
  181. package/dist/generated/instructions/finalizeSession.js.map +1 -1
  182. package/dist/generated/instructions/freezeVault.d.ts +36 -5
  183. package/dist/generated/instructions/freezeVault.d.ts.map +1 -1
  184. package/dist/generated/instructions/freezeVault.js +65 -4
  185. package/dist/generated/instructions/freezeVault.js.map +1 -1
  186. package/dist/generated/instructions/index.d.ts +10 -15
  187. package/dist/generated/instructions/index.d.ts.map +1 -1
  188. package/dist/generated/instructions/index.js +10 -15
  189. package/dist/generated/instructions/index.js.map +1 -1
  190. package/dist/generated/instructions/initializeVault.d.ts +79 -9
  191. package/dist/generated/instructions/initializeVault.d.ts.map +1 -1
  192. package/dist/generated/instructions/initializeVault.js +57 -3
  193. package/dist/generated/instructions/initializeVault.js.map +1 -1
  194. package/dist/generated/instructions/initiateOwnershipTransfer.d.ts +106 -0
  195. package/dist/generated/instructions/initiateOwnershipTransfer.d.ts.map +1 -0
  196. package/dist/generated/instructions/initiateOwnershipTransfer.js +181 -0
  197. package/dist/generated/instructions/initiateOwnershipTransfer.js.map +1 -0
  198. package/dist/generated/instructions/pauseAgent.d.ts +49 -5
  199. package/dist/generated/instructions/pauseAgent.d.ts.map +1 -1
  200. package/dist/generated/instructions/pauseAgent.js +80 -5
  201. package/dist/generated/instructions/pauseAgent.js.map +1 -1
  202. package/dist/generated/instructions/promoteGraylistDestination.d.ts +56 -0
  203. package/dist/generated/instructions/promoteGraylistDestination.d.ts.map +1 -0
  204. package/dist/generated/instructions/{createInstructionConstraints.js → promoteGraylistDestination.js} +23 -40
  205. package/dist/generated/instructions/promoteGraylistDestination.js.map +1 -0
  206. package/dist/generated/instructions/queueAgentGrant.d.ts +113 -0
  207. package/dist/generated/instructions/queueAgentGrant.d.ts.map +1 -0
  208. package/dist/generated/instructions/queueAgentGrant.js +181 -0
  209. package/dist/generated/instructions/queueAgentGrant.js.map +1 -0
  210. package/dist/generated/instructions/queueAgentPermissionsUpdate.d.ts +8 -0
  211. package/dist/generated/instructions/queueAgentPermissionsUpdate.d.ts.map +1 -1
  212. package/dist/generated/instructions/queueAgentPermissionsUpdate.js +4 -0
  213. package/dist/generated/instructions/queueAgentPermissionsUpdate.js.map +1 -1
  214. package/dist/generated/instructions/queuePolicyUpdate.d.ts +32 -0
  215. package/dist/generated/instructions/queuePolicyUpdate.d.ts.map +1 -1
  216. package/dist/generated/instructions/queuePolicyUpdate.js +17 -1
  217. package/dist/generated/instructions/queuePolicyUpdate.js.map +1 -1
  218. package/dist/generated/instructions/reactivateVault.d.ts +71 -5
  219. package/dist/generated/instructions/reactivateVault.d.ts.map +1 -1
  220. package/dist/generated/instructions/reactivateVault.js +80 -5
  221. package/dist/generated/instructions/reactivateVault.js.map +1 -1
  222. package/dist/generated/instructions/recordAgentViolation.d.ts +89 -0
  223. package/dist/generated/instructions/recordAgentViolation.d.ts.map +1 -0
  224. package/dist/generated/instructions/recordAgentViolation.js +152 -0
  225. package/dist/generated/instructions/recordAgentViolation.js.map +1 -0
  226. package/dist/generated/instructions/registerAgent.d.ts +84 -6
  227. package/dist/generated/instructions/registerAgent.d.ts.map +1 -1
  228. package/dist/generated/instructions/registerAgent.js +81 -4
  229. package/dist/generated/instructions/registerAgent.js.map +1 -1
  230. package/dist/generated/instructions/revokeAgent.d.ts +49 -6
  231. package/dist/generated/instructions/revokeAgent.d.ts.map +1 -1
  232. package/dist/generated/instructions/revokeAgent.js +81 -4
  233. package/dist/generated/instructions/revokeAgent.js.map +1 -1
  234. package/dist/generated/instructions/setObserveOnly.d.ts +56 -0
  235. package/dist/generated/instructions/setObserveOnly.d.ts.map +1 -0
  236. package/dist/generated/instructions/setObserveOnly.js +111 -0
  237. package/dist/generated/instructions/setObserveOnly.js.map +1 -0
  238. package/dist/generated/instructions/unpauseAgent.d.ts +46 -5
  239. package/dist/generated/instructions/unpauseAgent.d.ts.map +1 -1
  240. package/dist/generated/instructions/unpauseAgent.js +80 -5
  241. package/dist/generated/instructions/unpauseAgent.js.map +1 -1
  242. package/dist/generated/instructions/validateAndAuthorize.d.ts +29 -0
  243. package/dist/generated/instructions/validateAndAuthorize.d.ts.map +1 -1
  244. package/dist/generated/instructions/validateAndAuthorize.js +4 -0
  245. package/dist/generated/instructions/validateAndAuthorize.js.map +1 -1
  246. package/dist/generated/instructions/withdrawFunds.d.ts +53 -11
  247. package/dist/generated/instructions/withdrawFunds.d.ts.map +1 -1
  248. package/dist/generated/instructions/withdrawFunds.js +51 -2
  249. package/dist/generated/instructions/withdrawFunds.js.map +1 -1
  250. package/dist/generated/programs/sigil.d.ts +79 -99
  251. package/dist/generated/programs/sigil.d.ts.map +1 -1
  252. package/dist/generated/programs/sigil.js +139 -199
  253. package/dist/generated/programs/sigil.js.map +1 -1
  254. package/dist/generated/types/actionAuthorized.d.ts +0 -2
  255. package/dist/generated/types/actionAuthorized.d.ts.map +1 -1
  256. package/dist/generated/types/actionAuthorized.js +0 -2
  257. package/dist/generated/types/actionAuthorized.js.map +1 -1
  258. package/dist/generated/types/agentAutoRevoked.d.ts +31 -0
  259. package/dist/generated/types/agentAutoRevoked.d.ts.map +1 -0
  260. package/dist/generated/types/{orphanConstraintsPdaCleaned.js → agentAutoRevoked.js} +12 -8
  261. package/dist/generated/types/agentAutoRevoked.js.map +1 -0
  262. package/dist/generated/types/agentEntry.d.ts +48 -0
  263. package/dist/generated/types/agentEntry.d.ts.map +1 -1
  264. package/dist/generated/types/agentEntry.js +4 -2
  265. package/dist/generated/types/agentEntry.js.map +1 -1
  266. package/dist/generated/types/agentGrantApplied.d.ts +38 -0
  267. package/dist/generated/types/agentGrantApplied.d.ts.map +1 -0
  268. package/dist/generated/types/agentGrantApplied.js +34 -0
  269. package/dist/generated/types/agentGrantApplied.js.map +1 -0
  270. package/dist/generated/types/agentGrantCancelled.d.ts +33 -0
  271. package/dist/generated/types/agentGrantCancelled.d.ts.map +1 -0
  272. package/dist/generated/types/agentGrantCancelled.js +28 -0
  273. package/dist/generated/types/agentGrantCancelled.js.map +1 -0
  274. package/dist/generated/types/agentGrantQueued.d.ts +38 -0
  275. package/dist/generated/types/agentGrantQueued.d.ts.map +1 -0
  276. package/dist/generated/types/agentGrantQueued.js +32 -0
  277. package/dist/generated/types/agentGrantQueued.js.map +1 -0
  278. package/dist/generated/types/auditEntry.d.ts +120 -0
  279. package/dist/generated/types/auditEntry.d.ts.map +1 -0
  280. package/dist/generated/types/auditEntry.js +34 -0
  281. package/dist/generated/types/auditEntry.js.map +1 -0
  282. package/dist/generated/types/destinationGraylistEntry.d.ts +32 -0
  283. package/dist/generated/types/destinationGraylistEntry.d.ts.map +1 -0
  284. package/dist/generated/types/destinationGraylistEntry.js +24 -0
  285. package/dist/generated/types/destinationGraylistEntry.js.map +1 -0
  286. package/dist/generated/types/graylistEntered.d.ts +31 -0
  287. package/dist/generated/types/graylistEntered.d.ts.map +1 -0
  288. package/dist/generated/types/graylistEntered.js +30 -0
  289. package/dist/generated/types/graylistEntered.js.map +1 -0
  290. package/dist/generated/types/graylistPromoted.d.ts +29 -0
  291. package/dist/generated/types/graylistPromoted.d.ts.map +1 -0
  292. package/dist/generated/types/graylistPromoted.js +28 -0
  293. package/dist/generated/types/graylistPromoted.js.map +1 -0
  294. package/dist/generated/types/index.d.ts +13 -22
  295. package/dist/generated/types/index.d.ts.map +1 -1
  296. package/dist/generated/types/index.js +13 -22
  297. package/dist/generated/types/index.js.map +1 -1
  298. package/dist/generated/types/observeOnlyChanged.d.ts +33 -0
  299. package/dist/generated/types/observeOnlyChanged.d.ts.map +1 -0
  300. package/dist/generated/types/observeOnlyChanged.js +32 -0
  301. package/dist/generated/types/observeOnlyChanged.js.map +1 -0
  302. package/dist/generated/types/ownershipTransferAccepted.d.ts +32 -0
  303. package/dist/generated/types/ownershipTransferAccepted.d.ts.map +1 -0
  304. package/dist/generated/types/ownershipTransferAccepted.js +30 -0
  305. package/dist/generated/types/ownershipTransferAccepted.js.map +1 -0
  306. package/dist/generated/types/ownershipTransferCancelled.d.ts +29 -0
  307. package/dist/generated/types/ownershipTransferCancelled.d.ts.map +1 -0
  308. package/dist/generated/types/ownershipTransferCancelled.js +28 -0
  309. package/dist/generated/types/ownershipTransferCancelled.js.map +1 -0
  310. package/dist/generated/types/ownershipTransferInitiated.d.ts +33 -0
  311. package/dist/generated/types/ownershipTransferInitiated.d.ts.map +1 -0
  312. package/dist/generated/types/ownershipTransferInitiated.js +30 -0
  313. package/dist/generated/types/ownershipTransferInitiated.js.map +1 -0
  314. package/dist/generated/types/perRecipientCounter.d.ts +61 -0
  315. package/dist/generated/types/perRecipientCounter.d.ts.map +1 -0
  316. package/dist/generated/types/perRecipientCounter.js +26 -0
  317. package/dist/generated/types/perRecipientCounter.js.map +1 -0
  318. package/dist/generated/types/postAssertionEntry.d.ts +14 -7
  319. package/dist/generated/types/postAssertionEntry.d.ts.map +1 -1
  320. package/dist/generated/types/postAssertionEntry.js +5 -7
  321. package/dist/generated/types/postAssertionEntry.js.map +1 -1
  322. package/dist/generated/types/postAssertionEntryZC.d.ts +53 -22
  323. package/dist/generated/types/postAssertionEntryZC.d.ts.map +1 -1
  324. package/dist/generated/types/postAssertionEntryZC.js +4 -6
  325. package/dist/generated/types/postAssertionEntryZC.js.map +1 -1
  326. package/dist/generated/types/sessionFinalized.d.ts +0 -4
  327. package/dist/generated/types/sessionFinalized.d.ts.map +1 -1
  328. package/dist/generated/types/sessionFinalized.js +0 -2
  329. package/dist/generated/types/sessionFinalized.js.map +1 -1
  330. package/dist/generated/types/vaultFrozen.d.ts +14 -0
  331. package/dist/generated/types/vaultFrozen.d.ts.map +1 -1
  332. package/dist/generated/types/vaultFrozen.js +2 -0
  333. package/dist/generated/types/vaultFrozen.js.map +1 -1
  334. package/dist/index.d.ts +28 -9
  335. package/dist/index.d.ts.map +1 -1
  336. package/dist/index.js +64 -11
  337. package/dist/index.js.map +1 -1
  338. package/dist/inspector.d.ts +0 -23
  339. package/dist/inspector.d.ts.map +1 -1
  340. package/dist/inspector.js +0 -52
  341. package/dist/inspector.js.map +1 -1
  342. package/dist/kit-adapter.d.ts +1 -1
  343. package/dist/kit-adapter.d.ts.map +1 -1
  344. package/dist/kit-adapter.js +1 -1
  345. package/dist/kit-adapter.js.map +1 -1
  346. package/dist/multisig-detection.d.ts +83 -0
  347. package/dist/multisig-detection.d.ts.map +1 -0
  348. package/dist/multisig-detection.js +128 -0
  349. package/dist/multisig-detection.js.map +1 -0
  350. package/dist/ownership-transfer.d.ts +79 -0
  351. package/dist/ownership-transfer.d.ts.map +1 -0
  352. package/dist/ownership-transfer.js +66 -0
  353. package/dist/ownership-transfer.js.map +1 -0
  354. package/dist/policy/compute-cosign-digest.d.ts +193 -0
  355. package/dist/policy/compute-cosign-digest.d.ts.map +1 -0
  356. package/dist/policy/compute-cosign-digest.js +318 -0
  357. package/dist/policy/compute-cosign-digest.js.map +1 -0
  358. package/dist/policy/compute-policy-preview-digest.d.ts +258 -0
  359. package/dist/policy/compute-policy-preview-digest.d.ts.map +1 -0
  360. package/dist/policy/compute-policy-preview-digest.js +351 -0
  361. package/dist/policy/compute-policy-preview-digest.js.map +1 -0
  362. package/dist/policy-attestation.d.ts +51 -0
  363. package/dist/policy-attestation.d.ts.map +1 -0
  364. package/dist/policy-attestation.js +43 -0
  365. package/dist/policy-attestation.js.map +1 -0
  366. package/dist/preview-create-vault.d.ts.map +1 -1
  367. package/dist/preview-create-vault.js +37 -16
  368. package/dist/preview-create-vault.js.map +1 -1
  369. package/dist/resolve-accounts.d.ts +75 -10
  370. package/dist/resolve-accounts.d.ts.map +1 -1
  371. package/dist/resolve-accounts.js +68 -32
  372. package/dist/resolve-accounts.js.map +1 -1
  373. package/dist/rpc-helpers.d.ts +29 -3
  374. package/dist/rpc-helpers.d.ts.map +1 -1
  375. package/dist/rpc-helpers.js +51 -12
  376. package/dist/rpc-helpers.js.map +1 -1
  377. package/dist/seal/intent-digest.d.ts +195 -0
  378. package/dist/seal/intent-digest.d.ts.map +1 -0
  379. package/dist/seal/intent-digest.js +372 -0
  380. package/dist/seal/intent-digest.js.map +1 -0
  381. package/dist/seal.d.ts +166 -3
  382. package/dist/seal.d.ts.map +1 -1
  383. package/dist/seal.js +428 -32
  384. package/dist/seal.js.map +1 -1
  385. package/dist/security-analytics.d.ts +3 -3
  386. package/dist/security-analytics.d.ts.map +1 -1
  387. package/dist/security-analytics.js +13 -128
  388. package/dist/security-analytics.js.map +1 -1
  389. package/dist/session-mint.d.ts +72 -0
  390. package/dist/session-mint.d.ts.map +1 -0
  391. package/dist/session-mint.js +59 -0
  392. package/dist/session-mint.js.map +1 -0
  393. package/dist/simulation.d.ts +19 -0
  394. package/dist/simulation.d.ts.map +1 -1
  395. package/dist/simulation.js +187 -95
  396. package/dist/simulation.js.map +1 -1
  397. package/dist/squads-detection.d.ts +135 -0
  398. package/dist/squads-detection.d.ts.map +1 -0
  399. package/dist/squads-detection.js +124 -0
  400. package/dist/squads-detection.js.map +1 -0
  401. package/dist/state-resolver.d.ts +0 -16
  402. package/dist/state-resolver.d.ts.map +1 -1
  403. package/dist/state-resolver.js +162 -97
  404. package/dist/state-resolver.js.map +1 -1
  405. package/dist/testing/devnet.d.ts +40 -1
  406. package/dist/testing/devnet.d.ts.map +1 -1
  407. package/dist/testing/devnet.js +333 -44
  408. package/dist/testing/devnet.js.map +1 -1
  409. package/dist/testing/errors/expect.d.ts +1 -1
  410. package/dist/testing/errors/expect.js +1 -1
  411. package/dist/testing/errors/names.generated.d.ts +81 -58
  412. package/dist/testing/errors/names.generated.d.ts.map +1 -1
  413. package/dist/testing/errors/names.generated.js +82 -59
  414. package/dist/testing/errors/names.generated.js.map +1 -1
  415. package/dist/testing/mock-rpc.d.ts +8 -0
  416. package/dist/testing/mock-rpc.d.ts.map +1 -1
  417. package/dist/testing/mock-rpc.js +13 -0
  418. package/dist/testing/mock-rpc.js.map +1 -1
  419. package/dist/testing/mock-state.d.ts +2 -0
  420. package/dist/testing/mock-state.d.ts.map +1 -1
  421. package/dist/testing/mock-state.js +43 -4
  422. package/dist/testing/mock-state.js.map +1 -1
  423. package/dist/types.d.ts +5 -15
  424. package/dist/types.d.ts.map +1 -1
  425. package/dist/types.js +11 -69
  426. package/dist/types.js.map +1 -1
  427. package/dist/vault-analytics.d.ts +0 -2
  428. package/dist/vault-analytics.d.ts.map +1 -1
  429. package/dist/vault-analytics.js +1 -9
  430. package/dist/vault-analytics.js.map +1 -1
  431. package/package.json +7 -12
  432. package/dist/constraints/index.d.ts +0 -23
  433. package/dist/constraints/index.d.ts.map +0 -1
  434. package/dist/constraints/index.js +0 -24
  435. package/dist/constraints/index.js.map +0 -1
  436. package/dist/dashboard/constraint-builders.d.ts +0 -82
  437. package/dist/dashboard/constraint-builders.d.ts.map +0 -1
  438. package/dist/dashboard/constraint-builders.js +0 -204
  439. package/dist/dashboard/constraint-builders.js.map +0 -1
  440. package/dist/dashboard/constraint-reads.d.ts +0 -50
  441. package/dist/dashboard/constraint-reads.d.ts.map +0 -1
  442. package/dist/dashboard/constraint-reads.js +0 -119
  443. package/dist/dashboard/constraint-reads.js.map +0 -1
  444. package/dist/generated/accounts/escrowDeposit.d.ts +0 -50
  445. package/dist/generated/accounts/escrowDeposit.d.ts.map +0 -1
  446. package/dist/generated/accounts/escrowDeposit.js +0 -76
  447. package/dist/generated/accounts/escrowDeposit.js.map +0 -1
  448. package/dist/generated/accounts/instructionConstraints.d.ts +0 -46
  449. package/dist/generated/accounts/instructionConstraints.d.ts.map +0 -1
  450. package/dist/generated/accounts/instructionConstraints.js +0 -73
  451. package/dist/generated/accounts/instructionConstraints.js.map +0 -1
  452. package/dist/generated/accounts/pendingCloseConstraints.d.ts +0 -49
  453. package/dist/generated/accounts/pendingCloseConstraints.d.ts.map +0 -1
  454. package/dist/generated/accounts/pendingCloseConstraints.js +0 -68
  455. package/dist/generated/accounts/pendingCloseConstraints.js.map +0 -1
  456. package/dist/generated/accounts/pendingConstraintsUpdate.d.ts +0 -76
  457. package/dist/generated/accounts/pendingConstraintsUpdate.d.ts.map +0 -1
  458. package/dist/generated/accounts/pendingConstraintsUpdate.js +0 -77
  459. package/dist/generated/accounts/pendingConstraintsUpdate.js.map +0 -1
  460. package/dist/generated/instructions/allocateConstraintsPda.d.ts +0 -62
  461. package/dist/generated/instructions/allocateConstraintsPda.d.ts.map +0 -1
  462. package/dist/generated/instructions/allocateConstraintsPda.js +0 -134
  463. package/dist/generated/instructions/allocateConstraintsPda.js.map +0 -1
  464. package/dist/generated/instructions/allocatePendingConstraintsPda.d.ts +0 -66
  465. package/dist/generated/instructions/allocatePendingConstraintsPda.d.ts.map +0 -1
  466. package/dist/generated/instructions/allocatePendingConstraintsPda.js.map +0 -1
  467. package/dist/generated/instructions/applyCloseConstraints.d.ts +0 -59
  468. package/dist/generated/instructions/applyCloseConstraints.d.ts.map +0 -1
  469. package/dist/generated/instructions/applyCloseConstraints.js +0 -143
  470. package/dist/generated/instructions/applyCloseConstraints.js.map +0 -1
  471. package/dist/generated/instructions/applyConstraintsUpdate.d.ts +0 -62
  472. package/dist/generated/instructions/applyConstraintsUpdate.d.ts.map +0 -1
  473. package/dist/generated/instructions/applyConstraintsUpdate.js.map +0 -1
  474. package/dist/generated/instructions/cancelCloseConstraints.d.ts +0 -51
  475. package/dist/generated/instructions/cancelCloseConstraints.d.ts.map +0 -1
  476. package/dist/generated/instructions/cancelCloseConstraints.js +0 -115
  477. package/dist/generated/instructions/cancelCloseConstraints.js.map +0 -1
  478. package/dist/generated/instructions/cancelConstraintsUpdate.d.ts +0 -51
  479. package/dist/generated/instructions/cancelConstraintsUpdate.d.ts.map +0 -1
  480. package/dist/generated/instructions/cancelConstraintsUpdate.js +0 -115
  481. package/dist/generated/instructions/cancelConstraintsUpdate.js.map +0 -1
  482. package/dist/generated/instructions/cleanupOrphanConstraintsPda.d.ts +0 -67
  483. package/dist/generated/instructions/cleanupOrphanConstraintsPda.d.ts.map +0 -1
  484. package/dist/generated/instructions/cleanupOrphanConstraintsPda.js +0 -120
  485. package/dist/generated/instructions/cleanupOrphanConstraintsPda.js.map +0 -1
  486. package/dist/generated/instructions/closeSettledEscrow.d.ts +0 -72
  487. package/dist/generated/instructions/closeSettledEscrow.d.ts.map +0 -1
  488. package/dist/generated/instructions/closeSettledEscrow.js +0 -127
  489. package/dist/generated/instructions/closeSettledEscrow.js.map +0 -1
  490. package/dist/generated/instructions/createEscrow.d.ts +0 -131
  491. package/dist/generated/instructions/createEscrow.d.ts.map +0 -1
  492. package/dist/generated/instructions/createEscrow.js +0 -272
  493. package/dist/generated/instructions/createEscrow.js.map +0 -1
  494. package/dist/generated/instructions/createInstructionConstraints.d.ts +0 -68
  495. package/dist/generated/instructions/createInstructionConstraints.d.ts.map +0 -1
  496. package/dist/generated/instructions/createInstructionConstraints.js.map +0 -1
  497. package/dist/generated/instructions/extendPda.d.ts +0 -52
  498. package/dist/generated/instructions/extendPda.d.ts.map +0 -1
  499. package/dist/generated/instructions/extendPda.js +0 -86
  500. package/dist/generated/instructions/extendPda.js.map +0 -1
  501. package/dist/generated/instructions/queueCloseConstraints.d.ts +0 -66
  502. package/dist/generated/instructions/queueCloseConstraints.d.ts.map +0 -1
  503. package/dist/generated/instructions/queueCloseConstraints.js.map +0 -1
  504. package/dist/generated/instructions/queueConstraintsUpdate.d.ts +0 -75
  505. package/dist/generated/instructions/queueConstraintsUpdate.d.ts.map +0 -1
  506. package/dist/generated/instructions/queueConstraintsUpdate.js +0 -154
  507. package/dist/generated/instructions/queueConstraintsUpdate.js.map +0 -1
  508. package/dist/generated/instructions/refundEscrow.d.ts +0 -74
  509. package/dist/generated/instructions/refundEscrow.d.ts.map +0 -1
  510. package/dist/generated/instructions/refundEscrow.js +0 -142
  511. package/dist/generated/instructions/refundEscrow.js.map +0 -1
  512. package/dist/generated/instructions/settleEscrow.d.ts +0 -80
  513. package/dist/generated/instructions/settleEscrow.d.ts.map +0 -1
  514. package/dist/generated/instructions/settleEscrow.js +0 -173
  515. package/dist/generated/instructions/settleEscrow.js.map +0 -1
  516. package/dist/generated/types/accountConstraint.d.ts +0 -33
  517. package/dist/generated/types/accountConstraint.d.ts.map +0 -1
  518. package/dist/generated/types/accountConstraint.js +0 -26
  519. package/dist/generated/types/accountConstraint.js.map +0 -1
  520. package/dist/generated/types/accountConstraintZC.d.ts +0 -25
  521. package/dist/generated/types/accountConstraintZC.d.ts.map +0 -1
  522. package/dist/generated/types/accountConstraintZC.js +0 -28
  523. package/dist/generated/types/accountConstraintZC.js.map +0 -1
  524. package/dist/generated/types/closeConstraintsApplied.d.ts +0 -20
  525. package/dist/generated/types/closeConstraintsApplied.d.ts.map +0 -1
  526. package/dist/generated/types/closeConstraintsApplied.js +0 -24
  527. package/dist/generated/types/closeConstraintsApplied.js.map +0 -1
  528. package/dist/generated/types/closeConstraintsCancelled.d.ts +0 -16
  529. package/dist/generated/types/closeConstraintsCancelled.d.ts.map +0 -1
  530. package/dist/generated/types/closeConstraintsCancelled.js +0 -18
  531. package/dist/generated/types/closeConstraintsCancelled.js.map +0 -1
  532. package/dist/generated/types/closeConstraintsQueued.d.ts +0 -20
  533. package/dist/generated/types/closeConstraintsQueued.d.ts.map +0 -1
  534. package/dist/generated/types/closeConstraintsQueued.js +0 -24
  535. package/dist/generated/types/closeConstraintsQueued.js.map +0 -1
  536. package/dist/generated/types/constraintEntry.d.ts +0 -35
  537. package/dist/generated/types/constraintEntry.d.ts.map +0 -1
  538. package/dist/generated/types/constraintEntry.js +0 -29
  539. package/dist/generated/types/constraintEntry.js.map +0 -1
  540. package/dist/generated/types/constraintEntryZC.d.ts +0 -73
  541. package/dist/generated/types/constraintEntryZC.d.ts.map +0 -1
  542. package/dist/generated/types/constraintEntryZC.js +0 -49
  543. package/dist/generated/types/constraintEntryZC.js.map +0 -1
  544. package/dist/generated/types/constraintOperator.d.ts +0 -22
  545. package/dist/generated/types/constraintOperator.d.ts.map +0 -1
  546. package/dist/generated/types/constraintOperator.js +0 -28
  547. package/dist/generated/types/constraintOperator.js.map +0 -1
  548. package/dist/generated/types/constraintsChangeApplied.d.ts +0 -30
  549. package/dist/generated/types/constraintsChangeApplied.d.ts.map +0 -1
  550. package/dist/generated/types/constraintsChangeApplied.js +0 -32
  551. package/dist/generated/types/constraintsChangeApplied.js.map +0 -1
  552. package/dist/generated/types/constraintsChangeCancelled.d.ts +0 -16
  553. package/dist/generated/types/constraintsChangeCancelled.d.ts.map +0 -1
  554. package/dist/generated/types/constraintsChangeCancelled.js +0 -18
  555. package/dist/generated/types/constraintsChangeCancelled.js.map +0 -1
  556. package/dist/generated/types/constraintsChangeQueued.d.ts +0 -30
  557. package/dist/generated/types/constraintsChangeQueued.d.ts.map +0 -1
  558. package/dist/generated/types/constraintsChangeQueued.js +0 -32
  559. package/dist/generated/types/constraintsChangeQueued.js.map +0 -1
  560. package/dist/generated/types/dataConstraint.d.ts +0 -23
  561. package/dist/generated/types/dataConstraint.d.ts.map +0 -1
  562. package/dist/generated/types/dataConstraint.js +0 -27
  563. package/dist/generated/types/dataConstraint.js.map +0 -1
  564. package/dist/generated/types/dataConstraintZC.d.ts +0 -20
  565. package/dist/generated/types/dataConstraintZC.d.ts.map +0 -1
  566. package/dist/generated/types/dataConstraintZC.js +0 -30
  567. package/dist/generated/types/dataConstraintZC.js.map +0 -1
  568. package/dist/generated/types/discriminatorFormat.d.ts +0 -25
  569. package/dist/generated/types/discriminatorFormat.d.ts.map +0 -1
  570. package/dist/generated/types/discriminatorFormat.js +0 -31
  571. package/dist/generated/types/discriminatorFormat.js.map +0 -1
  572. package/dist/generated/types/escrowCreated.d.ts +0 -30
  573. package/dist/generated/types/escrowCreated.d.ts.map +0 -1
  574. package/dist/generated/types/escrowCreated.js +0 -34
  575. package/dist/generated/types/escrowCreated.js.map +0 -1
  576. package/dist/generated/types/escrowRefunded.d.ts +0 -26
  577. package/dist/generated/types/escrowRefunded.d.ts.map +0 -1
  578. package/dist/generated/types/escrowRefunded.js +0 -30
  579. package/dist/generated/types/escrowRefunded.js.map +0 -1
  580. package/dist/generated/types/escrowSettled.d.ts +0 -26
  581. package/dist/generated/types/escrowSettled.d.ts.map +0 -1
  582. package/dist/generated/types/escrowSettled.js +0 -30
  583. package/dist/generated/types/escrowSettled.js.map +0 -1
  584. package/dist/generated/types/escrowStatus.d.ts +0 -18
  585. package/dist/generated/types/escrowStatus.d.ts.map +0 -1
  586. package/dist/generated/types/escrowStatus.js +0 -24
  587. package/dist/generated/types/escrowStatus.js.map +0 -1
  588. package/dist/generated/types/instructionConstraintsCreated.d.ts +0 -34
  589. package/dist/generated/types/instructionConstraintsCreated.d.ts.map +0 -1
  590. package/dist/generated/types/instructionConstraintsCreated.js +0 -36
  591. package/dist/generated/types/instructionConstraintsCreated.js.map +0 -1
  592. package/dist/generated/types/orphanConstraintsPdaCleaned.d.ts +0 -22
  593. package/dist/generated/types/orphanConstraintsPdaCleaned.d.ts.map +0 -1
  594. package/dist/generated/types/orphanConstraintsPdaCleaned.js.map +0 -1
  595. package/dist/generated/types/pdaAllocated.d.ts +0 -24
  596. package/dist/generated/types/pdaAllocated.d.ts.map +0 -1
  597. package/dist/generated/types/pdaAllocated.js +0 -28
  598. package/dist/generated/types/pdaAllocated.js.map +0 -1
  599. package/dist/generated/types/pdaExtended.d.ts +0 -24
  600. package/dist/generated/types/pdaExtended.d.ts.map +0 -1
  601. package/dist/generated/types/pdaExtended.js +0 -28
  602. package/dist/generated/types/pdaExtended.js.map +0 -1
  603. package/dist/post-assertions/cross-field-lte.d.ts +0 -134
  604. package/dist/post-assertions/cross-field-lte.d.ts.map +0 -1
  605. package/dist/post-assertions/cross-field-lte.js +0 -129
  606. package/dist/post-assertions/cross-field-lte.js.map +0 -1
  607. package/dist/post-assertions/index.d.ts +0 -28
  608. package/dist/post-assertions/index.d.ts.map +0 -1
  609. package/dist/post-assertions/index.js +0 -28
  610. package/dist/post-assertions/index.js.map +0 -1
  611. package/dist/post-assertions/presets/flash-trade.d.ts +0 -139
  612. package/dist/post-assertions/presets/flash-trade.d.ts.map +0 -1
  613. package/dist/post-assertions/presets/flash-trade.js +0 -154
  614. package/dist/post-assertions/presets/flash-trade.js.map +0 -1
  615. package/dist/protocol-registry/annotations/drift.json +0 -7
  616. package/dist/protocol-registry/annotations/flash-trade.json +0 -7
  617. package/dist/protocol-registry/annotations/jupiter-borrow.json +0 -7
  618. package/dist/protocol-registry/annotations/jupiter-earn.json +0 -7
  619. package/dist/protocol-registry/annotations/jupiter-lend.json +0 -7
  620. package/dist/protocol-registry/annotations/jupiter.json +0 -7
  621. package/dist/protocol-registry/annotations/kamino.json +0 -7
  622. package/dist/protocol-registry/index.d.ts +0 -45
  623. package/dist/protocol-registry/index.d.ts.map +0 -1
  624. package/dist/protocol-registry/index.js +0 -76
  625. package/dist/protocol-registry/index.js.map +0 -1
  626. package/dist/protocol-tier.d.ts +0 -157
  627. package/dist/protocol-tier.d.ts.map +0 -1
  628. package/dist/protocol-tier.js +0 -104
  629. package/dist/protocol-tier.js.map +0 -1
package/dist/generated/accounts/policyConfig.d.ts CHANGED
@@ -6,6 +6,7 @@
6
6
  * @see https://github.com/codama-idl/codama
7
7
  */
8
8
  import { fetchEncodedAccount, fetchEncodedAccounts, type Account, type Address, type Codec, type Decoder, type EncodedAccount, type Encoder, type FetchAccountConfig, type FetchAccountsConfig, type MaybeAccount, type MaybeEncodedAccount, type ReadonlyUint8Array } from "@solana/kit";
9
+ import { type DestinationGraylistEntry, type DestinationGraylistEntryArgs } from "../types/index.js";
9
10
  export declare const POLICY_CONFIG_DISCRIMINATOR: Uint8Array<ArrayBuffer>;
10
11
  export declare function getPolicyConfigDiscriminatorBytes(): ReadonlyUint8Array<ArrayBuffer>;
11
12
  export type PolicyConfig = {
@@ -20,10 +21,9 @@ export type PolicyConfig = {
20
21
  /** Maximum single transaction size in USD (6 decimals). */
21
22
  maxTransactionSizeUsd: bigint;
22
23
  /**
23
- * Protocol access control mode:
24
- * 0 = all allowed (protocols list ignored)
25
- * 1 = allowlist (only protocols in list)
26
- * 2 = denylist (all except protocols in list)
24
+ * Protocol allowlist mode. Phase 2 Option A: ONLY value 1 (ALLOWLIST)
25
+ * permitted. Modes 0 (ALL) and 2 (DENYLIST) deleted under L-1. Handler
26
+ * rejects any other value with `ErrInvalidProtocolMode`.
27
27
  */
28
28
  protocolMode: number;
29
29
  /**
@@ -37,9 +37,13 @@ export type PolicyConfig = {
37
37
  */
38
38
  developerFeeRate: number;
39
39
  /**
40
- * Maximum slippage tolerance for Jupiter swaps in basis points.
41
- * 0 = reject all swaps (vault owner must explicitly configure).
42
- * Enforced on-chain via instruction introspection of Jupiter data.
40
+ * Maximum slippage tolerance (basis points) generic config primitive
41
+ * preserved per D-5 across Phase 1 Option A demolition. Per L-1 there is
42
+ * no on-chain Jupiter slippage verifier in V1; this field is consumed by
43
+ * off-chain SDK simulators and (Phase 6) generic post-execution assertions
44
+ * (R-1 mint-delta cap). Validated at config time via
45
+ * `max_slippage_bps <= MAX_SLIPPAGE_BPS` (= 5000 BPS = 50% ceiling).
46
+ * 0 = no slippage protection configured.
43
47
  */
44
48
  maxSlippageBps: number;
45
49
  /** Timelock duration in seconds for policy changes. 0 = no timelock. */
@@ -49,11 +53,6 @@ export type PolicyConfig = {
49
53
  * Empty = any destination allowed. Bounded to MAX_ALLOWED_DESTINATIONS.
50
54
  */
51
55
  allowedDestinations: Array<Address>;
52
- /**
53
- * Whether instruction constraints PDA exists for this vault.
54
- * Set true by create_instruction_constraints, false by apply_close_constraints.
55
- */
56
- hasConstraints: boolean;
57
56
  /**
58
57
  * Whether a pending policy update PDA exists for this vault.
59
58
  * Set true by queue_policy_update, false by apply/cancel_pending_policy.
@@ -93,14 +92,237 @@ export type PolicyConfig = {
93
92
  */
94
93
  hasPostAssertions: number;
95
94
  /**
96
- * Destination access control mode for `agent_transfer`:
97
- * 0 = Restricted (DEFAULT) — destination MUST be in `allowed_destinations`.
98
- * 1 = OpenWithCap destination unrestricted; only `daily_spending_cap_usd` throttles drain.
99
- * Closes F-4 (third-pass audit): empty `allowed_destinations` no longer
100
- * implies default-allow. Owners must explicitly opt into OpenWithCap via
101
- * queue_policy_update / apply_pending_policy.
95
+ * Destination access control mode for `agent_transfer` and spending paths.
96
+ *
97
+ * Phase 2 Option A: only value 0 (RESTRICTED) is accepted. Permissive
98
+ * OPEN_WITH_CAP (1) was deleted. Closes F-4 (third-pass audit) and the
99
+ * subsequent owner-opt-in window definitively.
102
100
  */
103
101
  destinationMode: number;
102
+ /**
103
+ * TA-19 (Phase 2): SHA-256 digest of the canonical Borsh encoding of the
104
+ * policy fields the owner approved at queue/init time. Bound at the same
105
+ * instruction where the owner signs the change, re-asserted at apply, so
106
+ * a compromised owner-signer or pending-PDA tampering cannot mutate the
107
+ * applied policy without producing a digest mismatch.
108
+ *
109
+ * CANONICAL ENCODING (FIXED — DO NOT REORDER):
110
+ * 1. `daily_spending_cap_usd: u64`
111
+ * 2. `max_transaction_size_usd: u64`
112
+ * 3. `max_slippage_bps: u16`
113
+ * 4. `developer_fee_rate: u16` — PEN-CROSS-6 (Phase 2 close-up)
114
+ * 5. `protocol_mode: u8`
115
+ * 6. `protocols: Vec<Pubkey>`
116
+ * 7. `destination_mode: u8`
117
+ * 8. `allowed_destinations: Vec<Pubkey>`
118
+ * 9. `timelock_duration: u64`
119
+ * 10. `session_expiry_seconds: u64`
120
+ * 11. `observe_only: bool`
121
+ * 12. `has_constraints: bool`
122
+ * 13. `has_post_assertions: u8`
123
+ * 14. `created_at_slot: u64` — PEN-CROSS-2 (Phase 2 close-up)
124
+ *
125
+ * All fields encoded as Borsh: u8/u16/u64 little-endian, `bool` as `[u8; 1]`
126
+ * (0 or 1), `Vec<Pubkey>` as `u32_le_len ++ pubkey_bytes_concatenated`.
127
+ * The SDK helper `computePolicyPreviewDigest` mirrors this encoding exactly.
128
+ *
129
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule for Borsh stability.
130
+ */
131
+ policyPreviewDigest: ReadonlyUint8Array;
132
+ /**
133
+ * PEN-CROSS-2 (Phase 2 close-up): the slot at which `initialize_vault`
134
+ * minted this PolicyConfig. Bound by TA-19 at position 14 of the
135
+ * canonical digest encoding.
136
+ *
137
+ * Closes the close+reinit replay window: an owner who closes a vault
138
+ * (via `close_vault`) and later re-inits a fresh PDA at the same
139
+ * (owner, vault_id) gets a new `created_at_slot`. The signed
140
+ * `initialize_vault` ix from the old vault encodes the OLD slot in its
141
+ * preview digest, so replaying that signed tx against the fresh PDA
142
+ * produces a digest mismatch and `PolicyPreviewMismatch` rejects it.
143
+ *
144
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule.
145
+ */
146
+ createdAtSlot: bigint;
147
+ /**
148
+ * TA-05 (Phase 3 pre-execution guard #2): 24-bit UTC operating-hours
149
+ * bitmask. Bit `n` (0 ≤ n ≤ 23) set → spending allowed when
150
+ * `clock.unix_timestamp / 3600 % 24 == n`. Upper 8 bits (24..=31)
151
+ * MUST be zero; rejected at write-time.
152
+ *
153
+ * Default for owners who don't narrow: 0xFFFFFF (all 24 hours enabled
154
+ * — equivalent to "no operating-hours constraint"). New vaults set
155
+ * this explicitly via the digest the owner signs; back-compat
156
+ * consideration removed per L-3 (Phase 2 TA-19 bound the field anyway).
157
+ *
158
+ * Bound by TA-19 at position 15 of the canonical digest encoding.
159
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule for Borsh stability.
160
+ */
161
+ operatingHours: number;
162
+ /**
163
+ * TA-07 (Phase 3 pre-execution guard #4): first-time-destination
164
+ * 24-hour graylist friction. When a NEW destination is added to
165
+ * `allowed_destinations` (via queue_policy_update), it enters this
166
+ * graylist with `unlock_unix = now + 86400` (24h). Until either
167
+ * (a) the unlock time elapses OR (b) the owner calls
168
+ * `promote_graylist_destination` to fast-track, spending paths
169
+ * reject any tx routing value to that destination with
170
+ * `ErrGraylistFriction` (6077).
171
+ *
172
+ * Tuple is `(destination_pubkey, unlock_unix)`. Bounded ≤10 entries
173
+ * (max_destinations). When full, additional allowlist adds reject
174
+ * with `ErrGraylistFull` (6087) until an existing entry unlocks or
175
+ * is promoted.
176
+ *
177
+ * DESIGN: graylist entries are derived/ephemeral state — the owner's
178
+ * signed digest already binds the allowlist (canonical position 8),
179
+ * and graylist friction only delays an already-authorised destination.
180
+ * Therefore the graylist itself is NOT in the canonical digest
181
+ * encoding. Promoting accelerates the unlock but cannot widen the
182
+ * allowlist beyond what the owner signed.
183
+ *
184
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule for Borsh stability.
185
+ */
186
+ destinationGraylist: Array<DestinationGraylistEntry>;
187
+ /**
188
+ * TA-07 (Phase 3): if true, new destinations added to the allowlist
189
+ * skip the 24h graylist entirely (audit trail still recorded via
190
+ * emitted events). Bound by TA-19 at canonical digest position 16
191
+ * so the owner's choice to bypass friction is part of the signed
192
+ * configuration — not silently flipped.
193
+ *
194
+ * Default false. APPENDED at end per F-14 APPEND-ONLY rule.
195
+ */
196
+ autoPromoteGrays: boolean;
197
+ /**
198
+ * TA-17 (Phase 3 pre-execution guard #7): consecutive-failure
199
+ * threshold after which an agent's capability is auto-revoked.
200
+ * Owner-configurable in range 3..=20; out-of-range values rejected
201
+ * at policy-write time with `InvalidPermissions`. Default 5.
202
+ *
203
+ * Only on-chain policy-violation codes (6074-6091) count — see
204
+ * `POLICY_VIOLATION_RANGE` in finalize_session. External codes
205
+ * (CU exhaustion, nonce desync, auth) do NOT increment.
206
+ *
207
+ * Bound by TA-19 at canonical digest position 17. APPENDED per
208
+ * F-14 APPEND-ONLY rule.
209
+ */
210
+ autoRevokeThreshold: number;
211
+ /**
212
+ * TA-12 (Phase 5 post-execution invariant #1): hard floor on the
213
+ * combined USDC + USDT balance held by the vault. After every
214
+ * `finalize_session` spending path completes (CPI balance audit +
215
+ * rolling-cap + per-agent + per-protocol bookkeeping), the handler
216
+ * re-reads the vault's USDC + USDT token-account balances and
217
+ * asserts their sum is ≥ this value. If not, it rejects with
218
+ * `ErrStableFloorViolation` (6085).
219
+ *
220
+ * This is the LAST defensive line — no combination of attacks (CPI
221
+ * drain, per-protocol cap bypass via async fulfillment, fee
222
+ * inflation, slippage manipulation) may drain the vault below this
223
+ * line. Default 0 (no reserve — preserves all existing vault
224
+ * behavior). Owner-configurable via `initialize_vault` and
225
+ * `queue_policy_update`.
226
+ *
227
+ * Bound by TA-19 at canonical digest position 18. APPENDED per
228
+ * F-14 APPEND-ONLY rule for Borsh stability.
229
+ */
230
+ stableBalanceFloor: bigint;
231
+ /**
232
+ * TA-14 (Phase 5 post-execution invariant #2): rolling 24h
233
+ * per-recipient outflow cap, in 6-decimal USDC face value. When
234
+ * non-zero, every `finalize_session` spending path validates that
235
+ * the recipient's rolling 24h spend (tracked on
236
+ * `SpendTracker.per_recipient`) PLUS this transaction's outflow
237
+ * to that recipient stays ≤ this value. Otherwise rejects with
238
+ * `ErrRecipientCapExceeded` (6096).
239
+ *
240
+ * Default 0 (no per-recipient cap) preserves existing vault
241
+ * behavior. Owner-configurable via `initialize_vault` and
242
+ * `queue_policy_update`.
243
+ *
244
+ * Bound by TA-19 at canonical digest position 19. APPENDED per
245
+ * F-14 APPEND-ONLY rule for Borsh stability.
246
+ */
247
+ perRecipientDailyCapUsd: bigint;
248
+ /**
249
+ * G6 (audit 2026-05-18): owner-controlled opt-in flag for TA-09
250
+ * cosign enforcement on elevated policy mutations.
251
+ *
252
+ * When `false` (default): elevated mutations (raising caps,
253
+ * expanding allowlists, weakening floors / per-recipient caps /
254
+ * protocol caps) require only the owner's signature — no cosign
255
+ * session is required. Low-friction default, suitable for solo
256
+ * founders, AI-agent automation, dev/test vaults, and any vault
257
+ * whose owner is a Squads V4 multisig PDA (multisig at the Solana
258
+ * layer already enforces multi-signer authorization).
259
+ *
260
+ * When `true`: TA-09 elevation checks fire. The seven elevation
261
+ * triggers in `queue_policy_update` (raises_daily_cap,
262
+ * raises_max_tx, expands_destinations, expands_protocols,
263
+ * lowers_floor, weakens_per_recipient_cap, weakens_protocol_caps)
264
+ * require a non-default `cosign_session` pubkey + a corresponding
265
+ * signer in `remaining_accounts` with `is_signer == true`.
266
+ *
267
+ * Toggle semantics:
268
+ * - **Enabling (false → true)** is NON-ELEVATED. It is a safety
269
+ * improvement — owner is voluntarily tightening the policy.
270
+ * Cosign is not required to enable cosign.
271
+ * - **Disabling (true → false)** IS ELEVATED. One-way-ratchet
272
+ * semantics: if cosign is currently ON, the owner cannot turn
273
+ * it OFF without producing a valid cosign signature — exactly
274
+ * the protection cosign was meant to provide. A phishing-
275
+ * compromised owner key cannot silently disable cosign and
276
+ * then drain via subsequent non-elevated mutations.
277
+ *
278
+ * Bound by TA-19 at canonical digest position 20. APPENDED at end
279
+ * of struct per F-14 APPEND-ONLY rule for Borsh stability.
280
+ */
281
+ cosignRequired: boolean;
282
+ /**
283
+ * D-5 close (audit 2026-05-19, F-RP3-1): the cosign-session pubkey
284
+ * gating elevated capability grants on the `reactivate_vault` path.
285
+ *
286
+ * THREAT: a phished/leaked owner key can chain
287
+ * `freeze_vault → reactivate_vault(new_agent=ATTACKER, FULL_CAPABILITY)`
288
+ * in a single transaction. The vault's `cosign_required` flag gates
289
+ * elevated MUTATIONS via `queue_policy_update`, but the reactivate
290
+ * path grafts a new agent at FULL_CAPABILITY directly — no timelock,
291
+ * no cosign — yielding an instant operator-class grant.
292
+ *
293
+ * DEFENSE: when `cosign_session_pubkey != Pubkey::default()` AND the
294
+ * reactivate ix passes `capability == FULL_CAPABILITY` for the new
295
+ * agent, the handler REQUIRES a matching signer in
296
+ * `ctx.remaining_accounts` whose key equals this pubkey AND
297
+ * `is_signer == true`. Otherwise rejects with
298
+ * `ErrReactivateCosignRequiredForFullCapability` (6114).
299
+ *
300
+ * Default `Pubkey::default()` at `initialize_vault` time means
301
+ * existing vaults retain today's behavior (no cosign gate on
302
+ * reactivate). Owners opt in by setting a non-default value via
303
+ * `queue_policy_update`. Setting a non-default value here is
304
+ * orthogonal to `cosign_required` — the two gate different ix paths
305
+ * (queue/apply vs reactivate) and use different pubkey sources
306
+ * (`pending.cosign_session` vs this field).
307
+ *
308
+ * Bound by TA-19 at canonical digest position 22. APPENDED at end
309
+ * of struct per F-14 APPEND-ONLY rule for Borsh stability.
310
+ */
311
+ cosignSessionPubkey: Address;
312
+ /**
313
+ * F-Q6 (2026-06-02): owner-configured delay (in seconds) before an
314
+ * OPERATOR capability grant takes effect. Default 0. An owner-set
315
+ * security control gating OPERATOR seating — bound by TA-19 at canonical
316
+ * digest position 22 so a tampered SDK or pending-PDA mutation cannot
317
+ * silently lower it between owner approval and on-chain landing.
318
+ * Changeable only via the timelocked `queue_policy_update` path (so
319
+ * lowering it is itself delayed). The single-key forced floor
320
+ * (`max(field, 600)`) and per-tier grant logic live in `register_agent`
321
+ * / `queue_agent_grant`.
322
+ *
323
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule for Borsh stability.
324
+ */
325
+ operatorGrantDelaySeconds: bigint;
104
326
  };
105
327
  export type PolicyConfigArgs = {
106
328
  /** Associated vault pubkey */
@@ -113,10 +335,9 @@ export type PolicyConfigArgs = {
113
335
  /** Maximum single transaction size in USD (6 decimals). */
114
336
  maxTransactionSizeUsd: number | bigint;
115
337
  /**
116
- * Protocol access control mode:
117
- * 0 = all allowed (protocols list ignored)
118
- * 1 = allowlist (only protocols in list)
119
- * 2 = denylist (all except protocols in list)
338
+ * Protocol allowlist mode. Phase 2 Option A: ONLY value 1 (ALLOWLIST)
339
+ * permitted. Modes 0 (ALL) and 2 (DENYLIST) deleted under L-1. Handler
340
+ * rejects any other value with `ErrInvalidProtocolMode`.
120
341
  */
121
342
  protocolMode: number;
122
343
  /**
@@ -130,9 +351,13 @@ export type PolicyConfigArgs = {
130
351
  */
131
352
  developerFeeRate: number;
132
353
  /**
133
- * Maximum slippage tolerance for Jupiter swaps in basis points.
134
- * 0 = reject all swaps (vault owner must explicitly configure).
135
- * Enforced on-chain via instruction introspection of Jupiter data.
354
+ * Maximum slippage tolerance (basis points) generic config primitive
355
+ * preserved per D-5 across Phase 1 Option A demolition. Per L-1 there is
356
+ * no on-chain Jupiter slippage verifier in V1; this field is consumed by
357
+ * off-chain SDK simulators and (Phase 6) generic post-execution assertions
358
+ * (R-1 mint-delta cap). Validated at config time via
359
+ * `max_slippage_bps <= MAX_SLIPPAGE_BPS` (= 5000 BPS = 50% ceiling).
360
+ * 0 = no slippage protection configured.
136
361
  */
137
362
  maxSlippageBps: number;
138
363
  /** Timelock duration in seconds for policy changes. 0 = no timelock. */
@@ -142,11 +367,6 @@ export type PolicyConfigArgs = {
142
367
  * Empty = any destination allowed. Bounded to MAX_ALLOWED_DESTINATIONS.
143
368
  */
144
369
  allowedDestinations: Array<Address>;
145
- /**
146
- * Whether instruction constraints PDA exists for this vault.
147
- * Set true by create_instruction_constraints, false by apply_close_constraints.
148
- */
149
- hasConstraints: boolean;
150
370
  /**
151
371
  * Whether a pending policy update PDA exists for this vault.
152
372
  * Set true by queue_policy_update, false by apply/cancel_pending_policy.
@@ -186,14 +406,237 @@ export type PolicyConfigArgs = {
186
406
  */
187
407
  hasPostAssertions: number;
188
408
  /**
189
- * Destination access control mode for `agent_transfer`:
190
- * 0 = Restricted (DEFAULT) — destination MUST be in `allowed_destinations`.
191
- * 1 = OpenWithCap destination unrestricted; only `daily_spending_cap_usd` throttles drain.
192
- * Closes F-4 (third-pass audit): empty `allowed_destinations` no longer
193
- * implies default-allow. Owners must explicitly opt into OpenWithCap via
194
- * queue_policy_update / apply_pending_policy.
409
+ * Destination access control mode for `agent_transfer` and spending paths.
410
+ *
411
+ * Phase 2 Option A: only value 0 (RESTRICTED) is accepted. Permissive
412
+ * OPEN_WITH_CAP (1) was deleted. Closes F-4 (third-pass audit) and the
413
+ * subsequent owner-opt-in window definitively.
195
414
  */
196
415
  destinationMode: number;
416
+ /**
417
+ * TA-19 (Phase 2): SHA-256 digest of the canonical Borsh encoding of the
418
+ * policy fields the owner approved at queue/init time. Bound at the same
419
+ * instruction where the owner signs the change, re-asserted at apply, so
420
+ * a compromised owner-signer or pending-PDA tampering cannot mutate the
421
+ * applied policy without producing a digest mismatch.
422
+ *
423
+ * CANONICAL ENCODING (FIXED — DO NOT REORDER):
424
+ * 1. `daily_spending_cap_usd: u64`
425
+ * 2. `max_transaction_size_usd: u64`
426
+ * 3. `max_slippage_bps: u16`
427
+ * 4. `developer_fee_rate: u16` — PEN-CROSS-6 (Phase 2 close-up)
428
+ * 5. `protocol_mode: u8`
429
+ * 6. `protocols: Vec<Pubkey>`
430
+ * 7. `destination_mode: u8`
431
+ * 8. `allowed_destinations: Vec<Pubkey>`
432
+ * 9. `timelock_duration: u64`
433
+ * 10. `session_expiry_seconds: u64`
434
+ * 11. `observe_only: bool`
435
+ * 12. `has_constraints: bool`
436
+ * 13. `has_post_assertions: u8`
437
+ * 14. `created_at_slot: u64` — PEN-CROSS-2 (Phase 2 close-up)
438
+ *
439
+ * All fields encoded as Borsh: u8/u16/u64 little-endian, `bool` as `[u8; 1]`
440
+ * (0 or 1), `Vec<Pubkey>` as `u32_le_len ++ pubkey_bytes_concatenated`.
441
+ * The SDK helper `computePolicyPreviewDigest` mirrors this encoding exactly.
442
+ *
443
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule for Borsh stability.
444
+ */
445
+ policyPreviewDigest: ReadonlyUint8Array;
446
+ /**
447
+ * PEN-CROSS-2 (Phase 2 close-up): the slot at which `initialize_vault`
448
+ * minted this PolicyConfig. Bound by TA-19 at position 14 of the
449
+ * canonical digest encoding.
450
+ *
451
+ * Closes the close+reinit replay window: an owner who closes a vault
452
+ * (via `close_vault`) and later re-inits a fresh PDA at the same
453
+ * (owner, vault_id) gets a new `created_at_slot`. The signed
454
+ * `initialize_vault` ix from the old vault encodes the OLD slot in its
455
+ * preview digest, so replaying that signed tx against the fresh PDA
456
+ * produces a digest mismatch and `PolicyPreviewMismatch` rejects it.
457
+ *
458
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule.
459
+ */
460
+ createdAtSlot: number | bigint;
461
+ /**
462
+ * TA-05 (Phase 3 pre-execution guard #2): 24-bit UTC operating-hours
463
+ * bitmask. Bit `n` (0 ≤ n ≤ 23) set → spending allowed when
464
+ * `clock.unix_timestamp / 3600 % 24 == n`. Upper 8 bits (24..=31)
465
+ * MUST be zero; rejected at write-time.
466
+ *
467
+ * Default for owners who don't narrow: 0xFFFFFF (all 24 hours enabled
468
+ * — equivalent to "no operating-hours constraint"). New vaults set
469
+ * this explicitly via the digest the owner signs; back-compat
470
+ * consideration removed per L-3 (Phase 2 TA-19 bound the field anyway).
471
+ *
472
+ * Bound by TA-19 at position 15 of the canonical digest encoding.
473
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule for Borsh stability.
474
+ */
475
+ operatingHours: number;
476
+ /**
477
+ * TA-07 (Phase 3 pre-execution guard #4): first-time-destination
478
+ * 24-hour graylist friction. When a NEW destination is added to
479
+ * `allowed_destinations` (via queue_policy_update), it enters this
480
+ * graylist with `unlock_unix = now + 86400` (24h). Until either
481
+ * (a) the unlock time elapses OR (b) the owner calls
482
+ * `promote_graylist_destination` to fast-track, spending paths
483
+ * reject any tx routing value to that destination with
484
+ * `ErrGraylistFriction` (6077).
485
+ *
486
+ * Tuple is `(destination_pubkey, unlock_unix)`. Bounded ≤10 entries
487
+ * (max_destinations). When full, additional allowlist adds reject
488
+ * with `ErrGraylistFull` (6087) until an existing entry unlocks or
489
+ * is promoted.
490
+ *
491
+ * DESIGN: graylist entries are derived/ephemeral state — the owner's
492
+ * signed digest already binds the allowlist (canonical position 8),
493
+ * and graylist friction only delays an already-authorised destination.
494
+ * Therefore the graylist itself is NOT in the canonical digest
495
+ * encoding. Promoting accelerates the unlock but cannot widen the
496
+ * allowlist beyond what the owner signed.
497
+ *
498
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule for Borsh stability.
499
+ */
500
+ destinationGraylist: Array<DestinationGraylistEntryArgs>;
501
+ /**
502
+ * TA-07 (Phase 3): if true, new destinations added to the allowlist
503
+ * skip the 24h graylist entirely (audit trail still recorded via
504
+ * emitted events). Bound by TA-19 at canonical digest position 16
505
+ * so the owner's choice to bypass friction is part of the signed
506
+ * configuration — not silently flipped.
507
+ *
508
+ * Default false. APPENDED at end per F-14 APPEND-ONLY rule.
509
+ */
510
+ autoPromoteGrays: boolean;
511
+ /**
512
+ * TA-17 (Phase 3 pre-execution guard #7): consecutive-failure
513
+ * threshold after which an agent's capability is auto-revoked.
514
+ * Owner-configurable in range 3..=20; out-of-range values rejected
515
+ * at policy-write time with `InvalidPermissions`. Default 5.
516
+ *
517
+ * Only on-chain policy-violation codes (6074-6091) count — see
518
+ * `POLICY_VIOLATION_RANGE` in finalize_session. External codes
519
+ * (CU exhaustion, nonce desync, auth) do NOT increment.
520
+ *
521
+ * Bound by TA-19 at canonical digest position 17. APPENDED per
522
+ * F-14 APPEND-ONLY rule.
523
+ */
524
+ autoRevokeThreshold: number;
525
+ /**
526
+ * TA-12 (Phase 5 post-execution invariant #1): hard floor on the
527
+ * combined USDC + USDT balance held by the vault. After every
528
+ * `finalize_session` spending path completes (CPI balance audit +
529
+ * rolling-cap + per-agent + per-protocol bookkeeping), the handler
530
+ * re-reads the vault's USDC + USDT token-account balances and
531
+ * asserts their sum is ≥ this value. If not, it rejects with
532
+ * `ErrStableFloorViolation` (6085).
533
+ *
534
+ * This is the LAST defensive line — no combination of attacks (CPI
535
+ * drain, per-protocol cap bypass via async fulfillment, fee
536
+ * inflation, slippage manipulation) may drain the vault below this
537
+ * line. Default 0 (no reserve — preserves all existing vault
538
+ * behavior). Owner-configurable via `initialize_vault` and
539
+ * `queue_policy_update`.
540
+ *
541
+ * Bound by TA-19 at canonical digest position 18. APPENDED per
542
+ * F-14 APPEND-ONLY rule for Borsh stability.
543
+ */
544
+ stableBalanceFloor: number | bigint;
545
+ /**
546
+ * TA-14 (Phase 5 post-execution invariant #2): rolling 24h
547
+ * per-recipient outflow cap, in 6-decimal USDC face value. When
548
+ * non-zero, every `finalize_session` spending path validates that
549
+ * the recipient's rolling 24h spend (tracked on
550
+ * `SpendTracker.per_recipient`) PLUS this transaction's outflow
551
+ * to that recipient stays ≤ this value. Otherwise rejects with
552
+ * `ErrRecipientCapExceeded` (6096).
553
+ *
554
+ * Default 0 (no per-recipient cap) preserves existing vault
555
+ * behavior. Owner-configurable via `initialize_vault` and
556
+ * `queue_policy_update`.
557
+ *
558
+ * Bound by TA-19 at canonical digest position 19. APPENDED per
559
+ * F-14 APPEND-ONLY rule for Borsh stability.
560
+ */
561
+ perRecipientDailyCapUsd: number | bigint;
562
+ /**
563
+ * G6 (audit 2026-05-18): owner-controlled opt-in flag for TA-09
564
+ * cosign enforcement on elevated policy mutations.
565
+ *
566
+ * When `false` (default): elevated mutations (raising caps,
567
+ * expanding allowlists, weakening floors / per-recipient caps /
568
+ * protocol caps) require only the owner's signature — no cosign
569
+ * session is required. Low-friction default, suitable for solo
570
+ * founders, AI-agent automation, dev/test vaults, and any vault
571
+ * whose owner is a Squads V4 multisig PDA (multisig at the Solana
572
+ * layer already enforces multi-signer authorization).
573
+ *
574
+ * When `true`: TA-09 elevation checks fire. The seven elevation
575
+ * triggers in `queue_policy_update` (raises_daily_cap,
576
+ * raises_max_tx, expands_destinations, expands_protocols,
577
+ * lowers_floor, weakens_per_recipient_cap, weakens_protocol_caps)
578
+ * require a non-default `cosign_session` pubkey + a corresponding
579
+ * signer in `remaining_accounts` with `is_signer == true`.
580
+ *
581
+ * Toggle semantics:
582
+ * - **Enabling (false → true)** is NON-ELEVATED. It is a safety
583
+ * improvement — owner is voluntarily tightening the policy.
584
+ * Cosign is not required to enable cosign.
585
+ * - **Disabling (true → false)** IS ELEVATED. One-way-ratchet
586
+ * semantics: if cosign is currently ON, the owner cannot turn
587
+ * it OFF without producing a valid cosign signature — exactly
588
+ * the protection cosign was meant to provide. A phishing-
589
+ * compromised owner key cannot silently disable cosign and
590
+ * then drain via subsequent non-elevated mutations.
591
+ *
592
+ * Bound by TA-19 at canonical digest position 20. APPENDED at end
593
+ * of struct per F-14 APPEND-ONLY rule for Borsh stability.
594
+ */
595
+ cosignRequired: boolean;
596
+ /**
597
+ * D-5 close (audit 2026-05-19, F-RP3-1): the cosign-session pubkey
598
+ * gating elevated capability grants on the `reactivate_vault` path.
599
+ *
600
+ * THREAT: a phished/leaked owner key can chain
601
+ * `freeze_vault → reactivate_vault(new_agent=ATTACKER, FULL_CAPABILITY)`
602
+ * in a single transaction. The vault's `cosign_required` flag gates
603
+ * elevated MUTATIONS via `queue_policy_update`, but the reactivate
604
+ * path grafts a new agent at FULL_CAPABILITY directly — no timelock,
605
+ * no cosign — yielding an instant operator-class grant.
606
+ *
607
+ * DEFENSE: when `cosign_session_pubkey != Pubkey::default()` AND the
608
+ * reactivate ix passes `capability == FULL_CAPABILITY` for the new
609
+ * agent, the handler REQUIRES a matching signer in
610
+ * `ctx.remaining_accounts` whose key equals this pubkey AND
611
+ * `is_signer == true`. Otherwise rejects with
612
+ * `ErrReactivateCosignRequiredForFullCapability` (6114).
613
+ *
614
+ * Default `Pubkey::default()` at `initialize_vault` time means
615
+ * existing vaults retain today's behavior (no cosign gate on
616
+ * reactivate). Owners opt in by setting a non-default value via
617
+ * `queue_policy_update`. Setting a non-default value here is
618
+ * orthogonal to `cosign_required` — the two gate different ix paths
619
+ * (queue/apply vs reactivate) and use different pubkey sources
620
+ * (`pending.cosign_session` vs this field).
621
+ *
622
+ * Bound by TA-19 at canonical digest position 22. APPENDED at end
623
+ * of struct per F-14 APPEND-ONLY rule for Borsh stability.
624
+ */
625
+ cosignSessionPubkey: Address;
626
+ /**
627
+ * F-Q6 (2026-06-02): owner-configured delay (in seconds) before an
628
+ * OPERATOR capability grant takes effect. Default 0. An owner-set
629
+ * security control gating OPERATOR seating — bound by TA-19 at canonical
630
+ * digest position 22 so a tampered SDK or pending-PDA mutation cannot
631
+ * silently lower it between owner approval and on-chain landing.
632
+ * Changeable only via the timelocked `queue_policy_update` path (so
633
+ * lowering it is itself delayed). The single-key forced floor
634
+ * (`max(field, 600)`) and per-tier grant logic live in `register_agent`
635
+ * / `queue_agent_grant`.
636
+ *
637
+ * APPENDED at end of struct per F-14 APPEND-ONLY rule for Borsh stability.
638
+ */
639
+ operatorGrantDelaySeconds: number | bigint;
197
640
  };
198
641
  /** Gets the encoder for {@link PolicyConfigArgs} account data. */
199
642
  export declare function getPolicyConfigEncoder(): Encoder<PolicyConfigArgs>;
package/dist/generated/accounts/policyConfig.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"policyConfig.d.ts","sourceRoot":"","sources":["../../../src/generated/accounts/policyConfig.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAKL,mBAAmB,EACnB,oBAAoB,EAoBpB,KAAK,OAAO,EACZ,KAAK,OAAO,EACZ,KAAK,KAAK,EACV,KAAK,OAAO,EACZ,KAAK,cAAc,EACnB,KAAK,OAAO,EACZ,KAAK,kBAAkB,EACvB,KAAK,mBAAmB,EACxB,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,KAAK,kBAAkB,EACxB,MAAM,aAAa,CAAC;AAErB,eAAO,MAAM,2BAA2B,yBAEtC,CAAC;AAEH,wBAAgB,iCAAiC,oCAIhD;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,aAAa,EAAE,kBAAkB,CAAC;IAClC,8BAA8B;IAC9B,KAAK,EAAE,OAAO,CAAC;IACf;;;OAGG;IACH,mBAAmB,EAAE,MAAM,CAAC;IAC5B,2DAA2D;IAC3D,qBAAqB,EAAE,MAAM,CAAC;IAC9B;;;;;OAKG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IAC1B;;;OAGG;IACH,gBAAgB,EAAE,MAAM,CAAC;IACzB;;;;OAIG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB,wEAAwE;IACxE,gBAAgB,EAAE,MAAM,CAAC;IACzB;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IACpC;;;OAGG;IACH,cAAc,EAAE,OAAO,CAAC;IACxB;;;OAGG;IACH,gBAAgB,EAAE,OAAO,CAAC;IAC1B;;;OAGG;IACH,eAAe,EAAE,OAAO,CAAC;IACzB;;;;OAIG;IACH,YAAY,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B;;;;;OAKG;IACH,oBAAoB,EAAE,MAAM,CAAC;IAC7B,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAC;IACb;;;;;OAKG;IACH,aAAa,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;;;;;;OAOG;IACH,eAAe,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,8BAA8B;IAC9B,KAAK,EAAE,OAAO,CAAC;IACf;;;OAGG;IACH,mBAAmB,EAAE,MAAM,GAAG,MAAM,CAAC;IACrC,2DAA2D;IAC3D,qBAAqB,EAAE,MAAM,GAAG,MAAM,CAAC;IACvC;;;;;OAKG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IAC1B;;;OAGG;IACH,gBAAgB,EAAE,MAAM,CAAC;IACzB;;;;OAIG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB,wEAAwE;IACxE,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAAC;IAClC;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IACpC;;;OAGG;IACH,cAAc,EAAE,OAAO,CAAC;IACxB;;;OAGG;IACH,gBAAgB,EAAE,OAAO,CAAC;IAC1B;;;OAGG;IACH,eAAe,EAAE,OAAO,CAAC;IACzB;;;;OAIG;IACH,YAAY,EAAE,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;IACrC;;;;;OAKG;IACH,oBAAoB,EAAE,MAAM,GAAG,MAAM,CAAC;IACtC,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAC;IACb;;;;;OAKG;IACH,aAAa,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B;;;;OAIG;IACH,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;;;;;;OAOG;IACH,eAAe,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,kEAAkE;AAClE,wBAAgB,sBAAsB,IAAI,OAAO,CAAC,gBAAgB,CAAC,CAyBlE;AAED,8DAA8D;AAC9D,wBAAgB,sBAAsB,IAAI,OAAO,CAAC,YAAY,CAAC,CAsB9D;AAED,4DAA4D;AAC5D,wBAAgB,oBAAoB,IAAI,KAAK,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAE5E;AAED,wBAAgB,kBAAkB,CAAC,QAAQ,SAAS,MAAM,GAAG,MAAM,EACjE,cAAc,EAAE,cAAc,CAAC,QAAQ,CAAC,GACvC,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;AACnC,wBAAgB,kBAAkB,CAAC,QAAQ,SAAS,MAAM,GAAG,MAAM,EACjE,cAAc,EAAE,mBAAmB,CAAC,QAAQ,CAAC,GAC5C,YAAY,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;AAUxC,wBAAsB,iBAAiB,CAAC,QAAQ,SAAS,MAAM,GAAG,MAAM,EACtE,GAAG,EAAE,UAAU,CAAC,OAAO,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAC9C,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,EAC1B,MAAM,CAAC,EAAE,kBAAkB,GAC1B,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,CAI1C;AAED,wBAAsB,sBAAsB,CAAC,QAAQ,SAAS,MAAM,GAAG,MAAM,EAC3E,GAAG,EAAE,UAAU,CAAC,OAAO,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAC9C,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,EAC1B,MAAM,CAAC,EAAE,kBAAkB,GAC1B,OAAO,CAAC,YAAY,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,CAG/C;AAED,wBAAsB,oBAAoB,CACxC,GAAG,EAAE,UAAU,CAAC,OAAO,oBAAoB,CAAC,CAAC,CAAC,CAAC,EAC/C,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,EACzB,MAAM,CAAC,EAAE,mBAAmB,GAC3B,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC,CAIlC;AAED,wBAAsB,yBAAyB,CAC7C,GAAG,EAAE,UAAU,CAAC,OAAO,oBAAoB,CAAC,CAAC,CAAC,CAAC,EAC/C,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,EACzB,MAAM,CAAC,EAAE,mBAAmB,GAC3B,OAAO,CAAC,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC,CAGvC"}
1
+ {"version":3,"file":"policyConfig.d.ts","sourceRoot":"","sources":["../../../src/generated/accounts/policyConfig.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAKL,mBAAmB,EACnB,oBAAoB,EAsBpB,KAAK,OAAO,EACZ,KAAK,OAAO,EACZ,KAAK,KAAK,EACV,KAAK,OAAO,EACZ,KAAK,cAAc,EACnB,KAAK,OAAO,EACZ,KAAK,kBAAkB,EACvB,KAAK,mBAAmB,EACxB,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,KAAK,kBAAkB,EACxB,MAAM,aAAa,CAAC;AACrB,OAAO,EAGL,KAAK,wBAAwB,EAC7B,KAAK,4BAA4B,EAClC,MAAM,mBAAmB,CAAC;AAE3B,eAAO,MAAM,2BAA2B,yBAEtC,CAAC;AAEH,wBAAgB,iCAAiC,oCAIhD;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,aAAa,EAAE,kBAAkB,CAAC;IAClC,8BAA8B;IAC9B,KAAK,EAAE,OAAO,CAAC;IACf;;;OAGG;IACH,mBAAmB,EAAE,MAAM,CAAC;IAC5B,2DAA2D;IAC3D,qBAAqB,EAAE,MAAM,CAAC;IAC9B;;;;OAIG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IAC1B;;;OAGG;IACH,gBAAgB,EAAE,MAAM,CAAC;IACzB;;;;;;;;OAQG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB,wEAAwE;IACxE,gBAAgB,EAAE,MAAM,CAAC;IACzB;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IACpC;;;OAGG;IACH,gBAAgB,EAAE,OAAO,CAAC;IAC1B;;;OAGG;IACH,eAAe,EAAE,OAAO,CAAC;IACzB;;;;OAIG;IACH,YAAY,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B;;;;;OAKG;IACH,oBAAoB,EAAE,MAAM,CAAC;IAC7B,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAC;IACb;;;;;OAKG;IACH,aAAa,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;;;;;OAMG;IACH,eAAe,EAAE,MAAM,CAAC;IACxB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,mBAAmB,EAAE,kBAAkB,CAAC;IACxC;;;;;;;;;;;;;OAaG;IACH,aAAa,EAAE,MAAM,CAAC;IACtB;;;;;;;;;;;;;OAaG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,mBAAmB,EAAE,KAAK,CAAC,wBAAwB,CAAC,CAAC;IACrD;;;;;;;;OAQG;IACH,gBAAgB,EAAE,OAAO,CAAC;IAC1B;;;;;;;;;;;;OAYG;IACH,mBAAmB,EAAE,MAAM,CAAC;IAC5B;;;;;;;;;;;;;;;;;;OAkBG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAC3B;;;;;;;;;;;;;;;OAeG;IACH,uBAAuB,EAAE,MAAM,CAAC;IAChC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACH,cAAc,EAAE,OAAO,CAAC;IACxB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,mBAAmB,EAAE,OAAO,CAAC;IAC7B;;;;;;;;;;;;OAYG;IACH,yBAAyB,EAAE,MAAM,CAAC;CACnC,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,8BAA8B;IAC9B,KAAK,EAAE,OAAO,CAAC;IACf;;;OAGG;IACH,mBAAmB,EAAE,MAAM,GAAG,MAAM,CAAC;IACrC,2DAA2D;IAC3D,qBAAqB,EAAE,MAAM,GAAG,MAAM,CAAC;IACvC;;;;OAIG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IAC1B;;;OAGG;IACH,gBAAgB,EAAE,MAAM,CAAC;IACzB;;;;;;;;OAQG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB,wEAAwE;IACxE,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAAC;IAClC;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IACpC;;;OAGG;IACH,gBAAgB,EAAE,OAAO,CAAC;IAC1B;;;OAGG;IACH,eAAe,EAAE,OAAO,CAAC;IACzB;;;;OAIG;IACH,YAAY,EAAE,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;IACrC;;;;;OAKG;IACH,oBAAoB,EAAE,MAAM,GAAG,MAAM,CAAC;IACtC,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAC;IACb;;;;;OAKG;IACH,aAAa,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B;;;;OAIG;IACH,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;;;;;OAMG;IACH,eAAe,EAAE,MAAM,CAAC;IACxB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,mBAAmB,EAAE,kBAAkB,CAAC;IACxC;;;;;;;;;;;;;OAaG;IACH,aAAa,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B;;;;;;;;;;;;;OAaG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,mBAAmB,EAAE,KAAK,CAAC,4BAA4B,CAAC,CAAC;IACzD;;;;;;;;OAQG;IACH,gBAAgB,EAAE,OAAO,CAAC;IAC1B;;;;;;;;;;;;OAYG;IACH,mBAAmB,EAAE,MAAM,CAAC;IAC5B;;;;;;;;;;;;;;;;;;OAkBG;IACH,kBAAkB,EAAE,MAAM,GAAG,MAAM,CAAC;IACpC;;;;;;;;;;;;;;;OAeG;IACH,uBAAuB,EAAE,MAAM,GAAG,MAAM,CAAC;IACzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACH,cAAc,EAAE,OAAO,CAAC;IACxB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,mBAAmB,EAAE,OAAO,CAAC;IAC7B;;;;;;;;;;;;OAYG;IACH,yBAAyB,EAAE,MAAM,GAAG,MAAM,CAAC;CAC5C,CAAC;AAEF,kEAAkE;AAClE,wBAAgB,sBAAsB,IAAI,OAAO,CAAC,gBAAgB,CAAC,CAsClE;AAED,8DAA8D;AAC9D,wBAAgB,sBAAsB,IAAI,OAAO,CAAC,YAAY,CAAC,CAmC9D;AAED,4DAA4D;AAC5D,wBAAgB,oBAAoB,IAAI,KAAK,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAE5E;AAED,wBAAgB,kBAAkB,CAAC,QAAQ,SAAS,MAAM,GAAG,MAAM,EACjE,cAAc,EAAE,cAAc,CAAC,QAAQ,CAAC,GACvC,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;AACnC,wBAAgB,kBAAkB,CAAC,QAAQ,SAAS,MAAM,GAAG,MAAM,EACjE,cAAc,EAAE,mBAAmB,CAAC,QAAQ,CAAC,GAC5C,YAAY,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;AAUxC,wBAAsB,iBAAiB,CAAC,QAAQ,SAAS,MAAM,GAAG,MAAM,EACtE,GAAG,EAAE,UAAU,CAAC,OAAO,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAC9C,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,EAC1B,MAAM,CAAC,EAAE,kBAAkB,GAC1B,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,CAI1C;AAED,wBAAsB,sBAAsB,CAAC,QAAQ,SAAS,MAAM,GAAG,MAAM,EAC3E,GAAG,EAAE,UAAU,CAAC,OAAO,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAC9C,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,EAC1B,MAAM,CAAC,EAAE,kBAAkB,GAC1B,OAAO,CAAC,YAAY,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,CAG/C;AAED,wBAAsB,oBAAoB,CACxC,GAAG,EAAE,UAAU,CAAC,OAAO,oBAAoB,CAAC,CAAC,CAAC,CAAC,EAC/C,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,EACzB,MAAM,CAAC,EAAE,mBAAmB,GAC3B,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC,CAIlC;AAED,wBAAsB,yBAAyB,CAC7C,GAAG,EAAE,UAAU,CAAC,OAAO,oBAAoB,CAAC,CAAC,CAAC,CAAC,EAC/C,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,EACzB,MAAM,CAAC,EAAE,mBAAmB,GAC3B,OAAO,CAAC,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC,CAGvC"}
package/dist/generated/accounts/policyConfig.js CHANGED
@@ -5,7 +5,8 @@
5
5
  *
6
6
  * @see https://github.com/codama-idl/codama
7
7
  */
8
- import { assertAccountExists, assertAccountsExist, combineCodec, decodeAccount, fetchEncodedAccount, fetchEncodedAccounts, fixDecoderSize, fixEncoderSize, getAddressDecoder, getAddressEncoder, getArrayDecoder, getArrayEncoder, getBooleanDecoder, getBooleanEncoder, getBytesDecoder, getBytesEncoder, getStructDecoder, getStructEncoder, getU16Decoder, getU16Encoder, getU64Decoder, getU64Encoder, getU8Decoder, getU8Encoder, transformEncoder, } from "@solana/kit";
8
+ import { assertAccountExists, assertAccountsExist, combineCodec, decodeAccount, fetchEncodedAccount, fetchEncodedAccounts, fixDecoderSize, fixEncoderSize, getAddressDecoder, getAddressEncoder, getArrayDecoder, getArrayEncoder, getBooleanDecoder, getBooleanEncoder, getBytesDecoder, getBytesEncoder, getStructDecoder, getStructEncoder, getU16Decoder, getU16Encoder, getU32Decoder, getU32Encoder, getU64Decoder, getU64Encoder, getU8Decoder, getU8Encoder, transformEncoder, } from "@solana/kit";
9
+ import { getDestinationGraylistEntryDecoder, getDestinationGraylistEntryEncoder, } from "../types/index.js";
9
10
  export const POLICY_CONFIG_DISCRIMINATOR = new Uint8Array([
10
11
  219, 7, 79, 84, 175, 51, 148, 146,
11
12
  ]);
@@ -25,7 +26,6 @@ export function getPolicyConfigEncoder() {
25
26
  ["maxSlippageBps", getU16Encoder()],
26
27
  ["timelockDuration", getU64Encoder()],
27
28
  ["allowedDestinations", getArrayEncoder(getAddressEncoder())],
28
- ["hasConstraints", getBooleanEncoder()],
29
29
  ["hasPendingPolicy", getBooleanEncoder()],
30
30
  ["hasProtocolCaps", getBooleanEncoder()],
31
31
  ["protocolCaps", getArrayEncoder(getU64Encoder())],
@@ -34,6 +34,20 @@ export function getPolicyConfigEncoder() {
34
34
  ["policyVersion", getU64Encoder()],
35
35
  ["hasPostAssertions", getU8Encoder()],
36
36
  ["destinationMode", getU8Encoder()],
37
+ ["policyPreviewDigest", fixEncoderSize(getBytesEncoder(), 32)],
38
+ ["createdAtSlot", getU64Encoder()],
39
+ ["operatingHours", getU32Encoder()],
40
+ [
41
+ "destinationGraylist",
42
+ getArrayEncoder(getDestinationGraylistEntryEncoder()),
43
+ ],
44
+ ["autoPromoteGrays", getBooleanEncoder()],
45
+ ["autoRevokeThreshold", getU8Encoder()],
46
+ ["stableBalanceFloor", getU64Encoder()],
47
+ ["perRecipientDailyCapUsd", getU64Encoder()],
48
+ ["cosignRequired", getBooleanEncoder()],
49
+ ["cosignSessionPubkey", getAddressEncoder()],
50
+ ["operatorGrantDelaySeconds", getU64Encoder()],
37
51
  ]), (value) => ({ ...value, discriminator: POLICY_CONFIG_DISCRIMINATOR }));
38
52
  }
39
53
  /** Gets the decoder for {@link PolicyConfig} account data. */
@@ -49,7 +63,6 @@ export function getPolicyConfigDecoder() {
49
63
  ["maxSlippageBps", getU16Decoder()],
50
64
  ["timelockDuration", getU64Decoder()],
51
65
  ["allowedDestinations", getArrayDecoder(getAddressDecoder())],
52
- ["hasConstraints", getBooleanDecoder()],
53
66
  ["hasPendingPolicy", getBooleanDecoder()],
54
67
  ["hasProtocolCaps", getBooleanDecoder()],
55
68
  ["protocolCaps", getArrayDecoder(getU64Decoder())],
@@ -58,6 +71,20 @@ export function getPolicyConfigDecoder() {
58
71
  ["policyVersion", getU64Decoder()],
59
72
  ["hasPostAssertions", getU8Decoder()],
60
73
  ["destinationMode", getU8Decoder()],
74
+ ["policyPreviewDigest", fixDecoderSize(getBytesDecoder(), 32)],
75
+ ["createdAtSlot", getU64Decoder()],
76
+ ["operatingHours", getU32Decoder()],
77
+ [
78
+ "destinationGraylist",
79
+ getArrayDecoder(getDestinationGraylistEntryDecoder()),
80
+ ],
81
+ ["autoPromoteGrays", getBooleanDecoder()],
82
+ ["autoRevokeThreshold", getU8Decoder()],
83
+ ["stableBalanceFloor", getU64Decoder()],
84
+ ["perRecipientDailyCapUsd", getU64Decoder()],
85
+ ["cosignRequired", getBooleanDecoder()],
86
+ ["cosignSessionPubkey", getAddressDecoder()],
87
+ ["operatorGrantDelaySeconds", getU64Decoder()],
61
88
  ]);
62
89
  }
63
90
  /** Gets the codec for {@link PolicyConfig} account data. */