@voidly/agent-sdk 1.6.0 → 1.8.0

package/dist/index.d.mts

@@ -115,6 +115,7 @@ declare class VoidlyAgent {
         threadId?: string;
         replyTo?: string;
         ttl?: number;
+        messageType?: string;
     }): Promise<SendResult>;
     /**
      * Receive and decrypt messages. Decryption happens locally.
@@ -556,6 +557,153 @@ declare class VoidlyAgent {
         signature: string;
         timestamp: string;
     }, signingPublicKey: string): boolean;
+    /**
+     * Store an encrypted key-value pair in persistent memory.
+     * Values are encrypted with a key derived from your API key — only you can read them.
+     */
+    memorySet(namespace: string, key: string, value: unknown, options?: {
+        valueType?: string;
+        ttl?: number;
+    }): Promise<{
+        stored: boolean;
+        id: string;
+        size_bytes: number;
+        expires_at: string | null;
+    }>;
+    /**
+     * Retrieve a value from persistent memory.
+     * Decrypted server-side using your API key derivation.
+     */
+    memoryGet(namespace: string, key: string): Promise<{
+        namespace: string;
+        key: string;
+        value: unknown;
+        value_type: string;
+        size_bytes: number;
+        created_at: string;
+        updated_at: string;
+        expires_at: string | null;
+    } | null>;
+    /**
+     * Delete a key from persistent memory.
+     */
+    memoryDelete(namespace: string, key: string): Promise<{
+        deleted: boolean;
+    }>;
+    /**
+     * List all keys in a memory namespace.
+     */
+    memoryList(namespace?: string, options?: {
+        prefix?: string;
+        limit?: number;
+    }): Promise<{
+        namespace: string;
+        keys: Array<{
+            key: string;
+            value_type: string;
+            size_bytes: number;
+            updated_at: string;
+        }>;
+        total_keys: number;
+        total_bytes: number;
+    }>;
+    /**
+     * List all memory namespaces and quota usage.
+     */
+    memoryNamespaces(): Promise<{
+        namespaces: Array<{
+            namespace: string;
+            key_count: number;
+            total_bytes: number;
+            last_updated: string;
+        }>;
+        quota: {
+            used_bytes: number;
+            quota_bytes: number;
+            remaining_bytes: number;
+        };
+    }>;
+    /**
+     * Export all agent data as a portable JSON bundle.
+     * Includes identity, messages, channels, tasks, attestations, memory, and trust.
+     * Memory values remain encrypted — portable to another relay.
+     */
+    exportData(options?: {
+        includeMessages?: boolean;
+        includeChannels?: boolean;
+        includeTasks?: boolean;
+        includeAttestations?: boolean;
+        includeMemory?: boolean;
+        includeTrust?: boolean;
+    }): Promise<Record<string, unknown>>;
+    /**
+     * List past data export records.
+     */
+    listExports(): Promise<{
+        exports: Array<Record<string, unknown>>;
+    }>;
+    /**
+     * Get information about the relay this agent is connected to.
+     * Includes federation capabilities and known peers.
+     */
+    getRelayInfo(): Promise<Record<string, unknown>>;
+    /**
+     * List known federated relay peers.
+     */
+    getRelayPeers(): Promise<{
+        peers: Array<Record<string, unknown>>;
+        total: number;
+    }>;
+    /**
+     * Route a message through federation to an agent on a different relay.
+     * The relay will forward it to the recipient's home relay.
+     */
+    routeMessage(toDid: string, message: string, options?: {
+        contentType?: string;
+        threadId?: string;
+    }): Promise<{
+        routed: boolean;
+        destination: string;
+    }>;
+    /** Send heartbeat — signals agent is alive, updates last_seen */
+    ping(): Promise<{
+        pong: boolean;
+        did: string;
+        status: string;
+        uptime: {
+            days: number;
+            hours: number;
+        };
+    }>;
+    /** Check if another agent is online (public) */
+    checkOnline(did: string): Promise<{
+        did: string;
+        online_status: 'online' | 'idle' | 'offline';
+        last_seen: string;
+        minutes_since_seen: number | null;
+    }>;
+    /** Pin another agent's public keys (Trust On First Use). Returns warning if keys changed since last pin. */
+    pinKeys(did: string): Promise<{
+        pinned: boolean;
+        key_changed: boolean;
+        status: string;
+        warning?: string;
+    }>;
+    /** List all pinned keys */
+    listPinnedKeys(options?: {
+        status?: string;
+    }): Promise<{
+        pins: any[];
+        total: number;
+    }>;
+    /** Verify an agent's keys against your pinned copy. Detects key changes (potential MitM). */
+    verifyKeys(did: string): Promise<{
+        did: string;
+        pinned: boolean;
+        verified?: boolean;
+        status: string;
+        warning?: string;
+    }>;
 }
 
 export { type AgentIdentity, type AgentProfile, type DecryptedMessage, type SendResult, VoidlyAgent, type VoidlyAgentConfig };

package/dist/index.d.ts

@@ -115,6 +115,7 @@ declare class VoidlyAgent {
         threadId?: string;
         replyTo?: string;
         ttl?: number;
+        messageType?: string;
     }): Promise<SendResult>;
     /**
      * Receive and decrypt messages. Decryption happens locally.
@@ -556,6 +557,153 @@ declare class VoidlyAgent {
         signature: string;
         timestamp: string;
     }, signingPublicKey: string): boolean;
+    /**
+     * Store an encrypted key-value pair in persistent memory.
+     * Values are encrypted with a key derived from your API key — only you can read them.
+     */
+    memorySet(namespace: string, key: string, value: unknown, options?: {
+        valueType?: string;
+        ttl?: number;
+    }): Promise<{
+        stored: boolean;
+        id: string;
+        size_bytes: number;
+        expires_at: string | null;
+    }>;
+    /**
+     * Retrieve a value from persistent memory.
+     * Decrypted server-side using your API key derivation.
+     */
+    memoryGet(namespace: string, key: string): Promise<{
+        namespace: string;
+        key: string;
+        value: unknown;
+        value_type: string;
+        size_bytes: number;
+        created_at: string;
+        updated_at: string;
+        expires_at: string | null;
+    } | null>;
+    /**
+     * Delete a key from persistent memory.
+     */
+    memoryDelete(namespace: string, key: string): Promise<{
+        deleted: boolean;
+    }>;
+    /**
+     * List all keys in a memory namespace.
+     */
+    memoryList(namespace?: string, options?: {
+        prefix?: string;
+        limit?: number;
+    }): Promise<{
+        namespace: string;
+        keys: Array<{
+            key: string;
+            value_type: string;
+            size_bytes: number;
+            updated_at: string;
+        }>;
+        total_keys: number;
+        total_bytes: number;
+    }>;
+    /**
+     * List all memory namespaces and quota usage.
+     */
+    memoryNamespaces(): Promise<{
+        namespaces: Array<{
+            namespace: string;
+            key_count: number;
+            total_bytes: number;
+            last_updated: string;
+        }>;
+        quota: {
+            used_bytes: number;
+            quota_bytes: number;
+            remaining_bytes: number;
+        };
+    }>;
+    /**
+     * Export all agent data as a portable JSON bundle.
+     * Includes identity, messages, channels, tasks, attestations, memory, and trust.
+     * Memory values remain encrypted — portable to another relay.
+     */
+    exportData(options?: {
+        includeMessages?: boolean;
+        includeChannels?: boolean;
+        includeTasks?: boolean;
+        includeAttestations?: boolean;
+        includeMemory?: boolean;
+        includeTrust?: boolean;
+    }): Promise<Record<string, unknown>>;
+    /**
+     * List past data export records.
+     */
+    listExports(): Promise<{
+        exports: Array<Record<string, unknown>>;
+    }>;
+    /**
+     * Get information about the relay this agent is connected to.
+     * Includes federation capabilities and known peers.
+     */
+    getRelayInfo(): Promise<Record<string, unknown>>;
+    /**
+     * List known federated relay peers.
+     */
+    getRelayPeers(): Promise<{
+        peers: Array<Record<string, unknown>>;
+        total: number;
+    }>;
+    /**
+     * Route a message through federation to an agent on a different relay.
+     * The relay will forward it to the recipient's home relay.
+     */
+    routeMessage(toDid: string, message: string, options?: {
+        contentType?: string;
+        threadId?: string;
+    }): Promise<{
+        routed: boolean;
+        destination: string;
+    }>;
+    /** Send heartbeat — signals agent is alive, updates last_seen */
+    ping(): Promise<{
+        pong: boolean;
+        did: string;
+        status: string;
+        uptime: {
+            days: number;
+            hours: number;
+        };
+    }>;
+    /** Check if another agent is online (public) */
+    checkOnline(did: string): Promise<{
+        did: string;
+        online_status: 'online' | 'idle' | 'offline';
+        last_seen: string;
+        minutes_since_seen: number | null;
+    }>;
+    /** Pin another agent's public keys (Trust On First Use). Returns warning if keys changed since last pin. */
+    pinKeys(did: string): Promise<{
+        pinned: boolean;
+        key_changed: boolean;
+        status: string;
+        warning?: string;
+    }>;
+    /** List all pinned keys */
+    listPinnedKeys(options?: {
+        status?: string;
+    }): Promise<{
+        pins: any[];
+        total: number;
+    }>;
+    /** Verify an agent's keys against your pinned copy. Detects key changes (potential MitM). */
+    verifyKeys(did: string): Promise<{
+        did: string;
+        pinned: boolean;
+        verified?: boolean;
+        status: string;
+        warning?: string;
+    }>;
 }
 
 export { type AgentIdentity, type AgentProfile, type DecryptedMessage, type SendResult, VoidlyAgent, type VoidlyAgentConfig };

package/dist/index.js

@@ -2455,6 +2455,7 @@ var VoidlyAgent = class _VoidlyAgent {
         envelope: envelopeData,
         // Pass signed envelope so receiver can verify
         content_type: options.contentType || "text/plain",
+        message_type: options.messageType || "text",
         thread_id: options.threadId,
         reply_to: options.replyTo,
         ttl: options.ttl
@@ -3332,6 +3333,201 @@ var VoidlyAgent = class _VoidlyAgent {
       return false;
     }
   }
+  // ─── Memory Store ──────────────────────────────────────────────────────────
+  /**
+   * Store an encrypted key-value pair in persistent memory.
+   * Values are encrypted with a key derived from your API key — only you can read them.
+   */
+  async memorySet(namespace, key, value, options) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory/${encodeURIComponent(namespace)}/${encodeURIComponent(key)}`, {
+      method: "PUT",
+      headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
+      body: JSON.stringify({
+        value,
+        value_type: options?.valueType || (typeof value === "object" ? "json" : typeof value),
+        ttl: options?.ttl
+      })
+    });
+    if (!res.ok) throw new Error(`Memory set failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * Retrieve a value from persistent memory.
+   * Decrypted server-side using your API key derivation.
+   */
+  async memoryGet(namespace, key) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory/${encodeURIComponent(namespace)}/${encodeURIComponent(key)}`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (res.status === 404) return null;
+    if (!res.ok) throw new Error(`Memory get failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * Delete a key from persistent memory.
+   */
+  async memoryDelete(namespace, key) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory/${encodeURIComponent(namespace)}/${encodeURIComponent(key)}`, {
+      method: "DELETE",
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Memory delete failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * List all keys in a memory namespace.
+   */
+  async memoryList(namespace, options) {
+    const ns = namespace || "default";
+    const params = new URLSearchParams();
+    if (options?.prefix) params.set("prefix", options.prefix);
+    if (options?.limit) params.set("limit", String(options.limit));
+    const qs = params.toString() ? `?${params.toString()}` : "";
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory/${encodeURIComponent(ns)}${qs}`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Memory list failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * List all memory namespaces and quota usage.
+   */
+  async memoryNamespaces() {
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Memory namespaces failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  // ─── Data Export ───────────────────────────────────────────────────────────
+  /**
+   * Export all agent data as a portable JSON bundle.
+   * Includes identity, messages, channels, tasks, attestations, memory, and trust.
+   * Memory values remain encrypted — portable to another relay.
+   */
+  async exportData(options) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/export`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
+      body: JSON.stringify({
+        include_messages: options?.includeMessages,
+        include_channels: options?.includeChannels,
+        include_tasks: options?.includeTasks,
+        include_attestations: options?.includeAttestations,
+        include_memory: options?.includeMemory,
+        include_trust: options?.includeTrust
+      })
+    });
+    if (!res.ok) throw new Error(`Export failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * List past data export records.
+   */
+  async listExports() {
+    const res = await fetch(`${this.baseUrl}/v1/agent/exports`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`List exports failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  // ─── Relay Federation ─────────────────────────────────────────────────────
+  /**
+   * Get information about the relay this agent is connected to.
+   * Includes federation capabilities and known peers.
+   */
+  async getRelayInfo() {
+    const res = await fetch(`${this.baseUrl}/v1/relay/info`);
+    if (!res.ok) throw new Error(`Relay info failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * List known federated relay peers.
+   */
+  async getRelayPeers() {
+    const res = await fetch(`${this.baseUrl}/v1/relay/peers`);
+    if (!res.ok) throw new Error(`Relay peers failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * Route a message through federation to an agent on a different relay.
+   * The relay will forward it to the recipient's home relay.
+   */
+  async routeMessage(toDid, message, options) {
+    const profile = await this.getIdentity(toDid);
+    if (!profile) throw new Error(`Recipient ${toDid} not found`);
+    const recipientPub = (0, import_tweetnacl_util.decodeBase64)(profile.encryption_public_key);
+    const nonce = import_tweetnacl.default.randomBytes(import_tweetnacl.default.box.nonceLength);
+    const encrypted = import_tweetnacl.default.box((0, import_tweetnacl_util.decodeUTF8)(message), nonce, recipientPub, this.encryptionKeyPair.secretKey);
+    if (!encrypted) throw new Error("Encryption failed");
+    const signaturePayload = (0, import_tweetnacl_util.decodeUTF8)(JSON.stringify({
+      from: this.did,
+      to: toDid,
+      nonce: (0, import_tweetnacl_util.encodeBase64)(nonce),
+      ciphertext_hash: await sha256((0, import_tweetnacl_util.encodeBase64)(encrypted))
+    }));
+    const signature = import_tweetnacl.default.sign.detached(signaturePayload, this.signingKeyPair.secretKey);
+    const res = await fetch(`${this.baseUrl}/v1/relay/route`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
+      body: JSON.stringify({
+        to: toDid,
+        ciphertext: (0, import_tweetnacl_util.encodeBase64)(encrypted),
+        nonce: (0, import_tweetnacl_util.encodeBase64)(nonce),
+        signature: (0, import_tweetnacl_util.encodeBase64)(signature),
+        content_type: options?.contentType || "text/plain",
+        thread_id: options?.threadId
+      })
+    });
+    if (!res.ok) throw new Error(`Route failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  // ── Heartbeat ──────────────────────────────────────────────────────────────
+  /** Send heartbeat — signals agent is alive, updates last_seen */
+  async ping() {
+    const res = await fetch(`${this.baseUrl}/v1/agent/ping`, {
+      method: "POST",
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Ping failed: ${res.status}`);
+    return res.json();
+  }
+  /** Check if another agent is online (public) */
+  async checkOnline(did) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/ping/${encodeURIComponent(did)}`);
+    if (!res.ok) throw new Error(`Ping check failed: ${res.status}`);
+    return res.json();
+  }
+  // ── Key Pinning (TOFU) ────────────────────────────────────────────────────
+  /** Pin another agent's public keys (Trust On First Use). Returns warning if keys changed since last pin. */
+  async pinKeys(did) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/keys/pin`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
+      body: JSON.stringify({ did })
+    });
+    if (!res.ok) throw new Error(`Key pin failed: ${res.status}`);
+    return res.json();
+  }
+  /** List all pinned keys */
+  async listPinnedKeys(options) {
+    const params = new URLSearchParams();
+    if (options?.status) params.set("status", options.status);
+    const qs = params.toString() ? `?${params.toString()}` : "";
+    const res = await fetch(`${this.baseUrl}/v1/agent/keys/pins${qs}`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`List pins failed: ${res.status}`);
+    return res.json();
+  }
+  /** Verify an agent's keys against your pinned copy. Detects key changes (potential MitM). */
+  async verifyKeys(did) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/keys/verify/${encodeURIComponent(did)}`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Key verify failed: ${res.status}`);
+    return res.json();
+  }
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/index.mjs

@@ -2445,6 +2445,7 @@ var VoidlyAgent = class _VoidlyAgent {
         envelope: envelopeData,
         // Pass signed envelope so receiver can verify
         content_type: options.contentType || "text/plain",
+        message_type: options.messageType || "text",
         thread_id: options.threadId,
         reply_to: options.replyTo,
         ttl: options.ttl
@@ -3322,6 +3323,201 @@ var VoidlyAgent = class _VoidlyAgent {
       return false;
     }
   }
+  // ─── Memory Store ──────────────────────────────────────────────────────────
+  /**
+   * Store an encrypted key-value pair in persistent memory.
+   * Values are encrypted with a key derived from your API key — only you can read them.
+   */
+  async memorySet(namespace, key, value, options) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory/${encodeURIComponent(namespace)}/${encodeURIComponent(key)}`, {
+      method: "PUT",
+      headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
+      body: JSON.stringify({
+        value,
+        value_type: options?.valueType || (typeof value === "object" ? "json" : typeof value),
+        ttl: options?.ttl
+      })
+    });
+    if (!res.ok) throw new Error(`Memory set failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * Retrieve a value from persistent memory.
+   * Decrypted server-side using your API key derivation.
+   */
+  async memoryGet(namespace, key) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory/${encodeURIComponent(namespace)}/${encodeURIComponent(key)}`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (res.status === 404) return null;
+    if (!res.ok) throw new Error(`Memory get failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * Delete a key from persistent memory.
+   */
+  async memoryDelete(namespace, key) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory/${encodeURIComponent(namespace)}/${encodeURIComponent(key)}`, {
+      method: "DELETE",
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Memory delete failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * List all keys in a memory namespace.
+   */
+  async memoryList(namespace, options) {
+    const ns = namespace || "default";
+    const params = new URLSearchParams();
+    if (options?.prefix) params.set("prefix", options.prefix);
+    if (options?.limit) params.set("limit", String(options.limit));
+    const qs = params.toString() ? `?${params.toString()}` : "";
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory/${encodeURIComponent(ns)}${qs}`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Memory list failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * List all memory namespaces and quota usage.
+   */
+  async memoryNamespaces() {
+    const res = await fetch(`${this.baseUrl}/v1/agent/memory`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Memory namespaces failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  // ─── Data Export ───────────────────────────────────────────────────────────
+  /**
+   * Export all agent data as a portable JSON bundle.
+   * Includes identity, messages, channels, tasks, attestations, memory, and trust.
+   * Memory values remain encrypted — portable to another relay.
+   */
+  async exportData(options) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/export`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
+      body: JSON.stringify({
+        include_messages: options?.includeMessages,
+        include_channels: options?.includeChannels,
+        include_tasks: options?.includeTasks,
+        include_attestations: options?.includeAttestations,
+        include_memory: options?.includeMemory,
+        include_trust: options?.includeTrust
+      })
+    });
+    if (!res.ok) throw new Error(`Export failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * List past data export records.
+   */
+  async listExports() {
+    const res = await fetch(`${this.baseUrl}/v1/agent/exports`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`List exports failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  // ─── Relay Federation ─────────────────────────────────────────────────────
+  /**
+   * Get information about the relay this agent is connected to.
+   * Includes federation capabilities and known peers.
+   */
+  async getRelayInfo() {
+    const res = await fetch(`${this.baseUrl}/v1/relay/info`);
+    if (!res.ok) throw new Error(`Relay info failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * List known federated relay peers.
+   */
+  async getRelayPeers() {
+    const res = await fetch(`${this.baseUrl}/v1/relay/peers`);
+    if (!res.ok) throw new Error(`Relay peers failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  /**
+   * Route a message through federation to an agent on a different relay.
+   * The relay will forward it to the recipient's home relay.
+   */
+  async routeMessage(toDid, message, options) {
+    const profile = await this.getIdentity(toDid);
+    if (!profile) throw new Error(`Recipient ${toDid} not found`);
+    const recipientPub = (0, import_tweetnacl_util.decodeBase64)(profile.encryption_public_key);
+    const nonce = import_tweetnacl.default.randomBytes(import_tweetnacl.default.box.nonceLength);
+    const encrypted = import_tweetnacl.default.box((0, import_tweetnacl_util.decodeUTF8)(message), nonce, recipientPub, this.encryptionKeyPair.secretKey);
+    if (!encrypted) throw new Error("Encryption failed");
+    const signaturePayload = (0, import_tweetnacl_util.decodeUTF8)(JSON.stringify({
+      from: this.did,
+      to: toDid,
+      nonce: (0, import_tweetnacl_util.encodeBase64)(nonce),
+      ciphertext_hash: await sha256((0, import_tweetnacl_util.encodeBase64)(encrypted))
+    }));
+    const signature = import_tweetnacl.default.sign.detached(signaturePayload, this.signingKeyPair.secretKey);
+    const res = await fetch(`${this.baseUrl}/v1/relay/route`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
+      body: JSON.stringify({
+        to: toDid,
+        ciphertext: (0, import_tweetnacl_util.encodeBase64)(encrypted),
+        nonce: (0, import_tweetnacl_util.encodeBase64)(nonce),
+        signature: (0, import_tweetnacl_util.encodeBase64)(signature),
+        content_type: options?.contentType || "text/plain",
+        thread_id: options?.threadId
+      })
+    });
+    if (!res.ok) throw new Error(`Route failed: ${res.status} ${await res.text()}`);
+    return res.json();
+  }
+  // ── Heartbeat ──────────────────────────────────────────────────────────────
+  /** Send heartbeat — signals agent is alive, updates last_seen */
+  async ping() {
+    const res = await fetch(`${this.baseUrl}/v1/agent/ping`, {
+      method: "POST",
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Ping failed: ${res.status}`);
+    return res.json();
+  }
+  /** Check if another agent is online (public) */
+  async checkOnline(did) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/ping/${encodeURIComponent(did)}`);
+    if (!res.ok) throw new Error(`Ping check failed: ${res.status}`);
+    return res.json();
+  }
+  // ── Key Pinning (TOFU) ────────────────────────────────────────────────────
+  /** Pin another agent's public keys (Trust On First Use). Returns warning if keys changed since last pin. */
+  async pinKeys(did) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/keys/pin`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
+      body: JSON.stringify({ did })
+    });
+    if (!res.ok) throw new Error(`Key pin failed: ${res.status}`);
+    return res.json();
+  }
+  /** List all pinned keys */
+  async listPinnedKeys(options) {
+    const params = new URLSearchParams();
+    if (options?.status) params.set("status", options.status);
+    const qs = params.toString() ? `?${params.toString()}` : "";
+    const res = await fetch(`${this.baseUrl}/v1/agent/keys/pins${qs}`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`List pins failed: ${res.status}`);
+    return res.json();
+  }
+  /** Verify an agent's keys against your pinned copy. Detects key changes (potential MitM). */
+  async verifyKeys(did) {
+    const res = await fetch(`${this.baseUrl}/v1/agent/keys/verify/${encodeURIComponent(did)}`, {
+      headers: { "X-Agent-Key": this.apiKey }
+    });
+    if (!res.ok) throw new Error(`Key verify failed: ${res.status}`);
+    return res.json();
+  }
 };
 var export_decodeBase64 = import_tweetnacl_util.decodeBase64;
 var export_decodeUTF8 = import_tweetnacl_util.decodeUTF8;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@voidly/agent-sdk",
-  "version": "1.6.0",
+  "version": "1.8.0",
   "description": "E2E encrypted agent-to-agent communication SDK — true client-side encryption",
   "main": "dist/index.js",
   "module": "dist/index.mjs",