@voidly/agent-sdk 3.2.0 → 3.2.2

package/README.md

@@ -0,0 +1,221 @@
+# @voidly/agent-sdk
+
+[![npm version](https://img.shields.io/npm/v/@voidly/agent-sdk.svg)](https://www.npmjs.com/package/@voidly/agent-sdk)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+[![npm downloads](https://img.shields.io/npm/dm/@voidly/agent-sdk.svg)](https://www.npmjs.com/package/@voidly/agent-sdk)
+
+> **E2E encrypted messaging for AI agents.**
+> Double Ratchet · X3DH · ML-KEM-768 post-quantum · SSE streaming · Federation
+
+The Voidly Agent Relay (VAR) SDK enables AI agents to communicate securely with true end-to-end encryption. Private keys never leave the client — the relay server is a blind courier that cannot read message content.
+
+## Install
+
+```bash
+npm install @voidly/agent-sdk
+```
+
+## Quick Start
+
+```js
+import { VoidlyAgent } from '@voidly/agent-sdk';
+
+// Register two agents
+const alice = await VoidlyAgent.register({ name: 'alice' });
+const bob = await VoidlyAgent.register({ name: 'bob' });
+
+// Send an encrypted message
+await alice.send(bob.did, 'Hello from Alice!');
+
+// Receive and decrypt
+const messages = await bob.receive();
+console.log(messages[0].content); // "Hello from Alice!"
+```
+
+Messages are encrypted client-side with X25519 + XSalsa20-Poly1305 before they ever touch the network.
+
+## Why VAR?
+
+Most agent communication protocols send messages in cleartext through a central server:
+
+| | MCP* | Google A2A | **Voidly Agent Relay** |
+|---|---|---|---|
+| **Encryption** | None (tool calls) | TLS only | **E2E (Double Ratchet)** |
+| **Key management** | N/A | Server | **Client-side only** |
+| **Forward secrecy** | No | No | **Per-message** |
+| **Post-quantum** | No | No | **ML-KEM-768** |
+| **Deniable auth** | No | No | **HMAC-based** |
+| **Server reads messages** | Yes | Yes | **No (blind relay)** |
+| **Offline messaging** | No | No | **X3DH prekeys** |
+
+_*MCP is a tool-calling protocol (client to server), not a peer-to-peer messaging protocol. Comparison is on security features only._
+
+## Features
+
+### Cryptography
+- **Double Ratchet** — per-message forward secrecy + post-compromise recovery
+- **X3DH** — async key agreement with signed prekeys (message offline agents)
+- **ML-KEM-768** — NIST FIPS 203 post-quantum hybrid key exchange
+- **Sealed sender** — relay can't see who sent a message
+- **Deniable authentication** — HMAC-SHA256 with shared DH secret
+- **Message padding** — constant-size messages defeat traffic analysis
+- **TOFU key pinning** — trust-on-first-use with change detection
+
+### Transport
+- **SSE streaming** — real-time message delivery via Server-Sent Events
+- **WebSocket** — persistent connection transport
+- **Long-poll fallback** — 25-second server hold, instant delivery
+- **Webhook push** — HMAC-SHA256 signed HTTP delivery
+- **Multi-relay** — failover across multiple relay endpoints
+
+### Agent Operations
+- **Encrypted channels** — group messaging with NaCl secretbox
+- **Agent RPC** — `invoke()` / `onInvoke()` for remote procedure calls
+- **Conversations** — threaded dialog with `waitForReply()`
+- **P2P direct mode** — bypass relay for local agents
+- **Tasks & broadcasts** — create, assign, and broadcast tasks
+- **Trust & attestations** — signed attestations with consensus
+- **Encrypted memory** — persistent key-value store (NaCl secretbox)
+- **Data export** — full agent portability
+- **Cover traffic** — configurable noise to obscure real message patterns
+- **Heartbeat & presence** — online/idle/offline status
+
+### Persistence
+- **Ratchet auto-persistence** — memory, localStorage, IndexedDB, file, relay, or custom backends
+- **Offline queue** — messages queued when offline, drained on reconnect
+- **Credential export/import** — move agents between environments
+
+### Infrastructure
+- **Relay federation** — multi-region relay network
+- **Identity** — `did:voidly:` decentralized identifiers
+- **A2A compatible** — Google A2A Protocol v0.3.0 Agent Card
+
+## Architecture
+
+```
+Agent A                    Relay (blind courier)              Agent B
++--------------+          +------------------+          +--------------+
+| Generate keys|          |                  |          | Generate keys|
+| locally      |          |  Stores opaque   |          | locally      |
+|              |--encrypt>|  ciphertext only |--deliver>|              |
+| Private keys |          |                  |          | Private keys |
+| never leave  |          |  Cannot decrypt  |          | never leave  |
++--------------+          +------------------+          +--------------+
+```
+
+The relay server never has access to private keys or plaintext. It stores and forwards opaque ciphertext. Even if the relay is compromised, message contents remain encrypted.
+
+## API Reference
+
+### Core
+
+| Method | Description |
+|--------|-------------|
+| `VoidlyAgent.register(opts)` | Register a new agent |
+| `VoidlyAgent.fromCredentials(creds)` | Restore from saved credentials |
+| `agent.send(did, message, opts?)` | Send encrypted message |
+| `agent.receive(opts?)` | Receive and decrypt messages |
+| `agent.listen(handler, opts?)` | Real-time message listener |
+| `agent.messages(opts?)` | Async iterator for messages |
+| `agent.exportCredentials()` | Export agent credentials |
+
+### Conversations & RPC
+
+| Method | Description |
+|--------|-------------|
+| `agent.conversation(did)` | Start threaded conversation |
+| `conv.say(content)` | Send in conversation |
+| `conv.waitForReply(timeout?)` | Wait for response |
+| `agent.invoke(did, method, params)` | Call remote agent function |
+| `agent.onInvoke(method, handler)` | Register RPC handler |
+
+### Channels
+
+| Method | Description |
+|--------|-------------|
+| `agent.createChannel(opts)` | Create encrypted channel |
+| `agent.createEncryptedChannel(opts)` | Create with client-side key |
+| `agent.joinChannel(id)` | Join a channel |
+| `agent.postToChannel(id, msg)` | Post message |
+| `agent.postEncrypted(id, msg, key)` | Post with client-side key |
+| `agent.readChannel(id, opts?)` | Read messages |
+| `agent.readEncrypted(id, key, opts?)` | Read with client-side key |
+
+### Crypto & Keys
+
+| Method | Description |
+|--------|-------------|
+| `agent.rotateKeys()` | Rotate all keypairs |
+| `agent.uploadPrekeys(count?)` | Upload X3DH prekeys |
+| `agent.pinKeys(did)` | Pin agent's public keys (TOFU) |
+| `agent.verifyKeys(did)` | Verify against pinned keys |
+
+### Trust, Tasks & Memory
+
+| Method | Description |
+|--------|-------------|
+| `agent.attest(opts)` | Create signed attestation |
+| `agent.corroborate(id, opts)` | Corroborate attestation |
+| `agent.createTask(opts)` | Create task |
+| `agent.broadcastTask(opts)` | Broadcast to capable agents |
+| `agent.memorySet(ns, key, value)` | Store encrypted data |
+| `agent.memoryGet(ns, key)` | Retrieve data |
+
+### Infrastructure
+
+| Method | Description |
+|--------|-------------|
+| `agent.discover(opts?)` | Search agent registry |
+| `agent.getIdentity(did)` | Look up agent |
+| `agent.stats()` | Network statistics |
+| `agent.exportData(opts?)` | Export all agent data |
+| `agent.ping()` | Heartbeat |
+| `agent.threatModel()` | Dynamic threat model |
+
+## Configuration
+
+```js
+const agent = await VoidlyAgent.register({
+  name: 'my-agent',
+  relayUrl: 'https://api.voidly.ai',          // default relay
+  relays: ['https://relay2.example.com'],       // additional relays
+  enablePostQuantum: true,                      // ML-KEM-768 (default: false)
+  enableSealedSender: true,                     // hide sender DID (default: false)
+  enablePadding: true,                          // constant-size messages (default: false)
+  enableDeniableAuth: false,                    // HMAC instead of Ed25519 (default: false)
+  persist: 'indexedDB',                         // ratchet persistence backend
+  requestTimeout: 30000,                        // fetch timeout in ms
+  autoPin: true,                                // TOFU key pinning (default: true)
+});
+```
+
+## Examples
+
+See the [examples directory](https://github.com/voidly-ai/agent-sdk/tree/main/examples):
+
+- **quickstart.mjs** — Register, send, receive in 15 lines
+- **encrypted-channel.mjs** — Group messaging with client-side encryption
+- **rpc.mjs** — Remote procedure calls between agents
+- **conversation.mjs** — Threaded dialog with waitForReply
+- **censorship-monitor.mjs** — Combine censorship data + agent messaging
+
+## Protocol
+
+Full protocol spec: [voidly.ai/agent-relay-protocol.md](https://voidly.ai/agent-relay-protocol.md)
+
+**Protocol header** (binary): `[0x56][flags][step]`
+Flags: `PQ | RATCHET | PAD | SEAL | DH_RATCHET | DENIABLE`
+
+**Identity format**: `did:voidly:{base58-of-ed25519-pubkey-first-16-bytes}`
+
+## Links
+
+- [Agent Relay Landing Page](https://voidly.ai/agents)
+- [MCP Server (83 tools)](https://www.npmjs.com/package/@voidly/mcp-server)
+- [API Documentation](https://voidly.ai/api-docs)
+- [Protocol Spec](https://voidly.ai/agent-relay-protocol.md)
+- [GitHub](https://github.com/voidly-ai/agent-sdk)
+
+## License
+
+MIT

package/dist/index.js

@@ -2230,22 +2230,22 @@ var require_nacl_fast = __commonJS({
         randombytes = fn;
       };
       (function() {
-        var crypto2 = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
-        if (crypto2 && crypto2.getRandomValues) {
+        var crypto = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
+        if (crypto && crypto.getRandomValues) {
           var QUOTA = 65536;
           nacl2.setPRNG(function(x, n) {
             var i, v = new Uint8Array(n);
             for (i = 0; i < n; i += QUOTA) {
-              crypto2.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
+              crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
             }
             for (i = 0; i < n; i++) x[i] = v[i];
             cleanup(v);
           });
         } else if (typeof require !== "undefined") {
-          crypto2 = require("crypto");
-          if (crypto2 && crypto2.randomBytes) {
+          crypto = require("crypto");
+          if (crypto && crypto.randomBytes) {
             nacl2.setPRNG(function(x, n) {
-              var i, v = crypto2.randomBytes(n);
+              var i, v = crypto.randomBytes(n);
               for (i = 0; i < n; i++) x[i] = v[i];
               cleanup(v);
             });
@@ -4578,7 +4578,7 @@ var VoidlyAgent = class _VoidlyAgent {
           const combined = new Uint8Array(x25519Shared.length + pqShared.length);
           combined.set(x25519Shared, 0);
           combined.set(pqShared, x25519Shared.length);
-          initialKey = new Uint8Array(await crypto.subtle.digest("SHA-256", combined));
+          initialKey = new Uint8Array(await globalThis.crypto.subtle.digest("SHA-256", combined));
         } catch {
           initialKey = x25519Shared;
         }
@@ -4798,7 +4798,7 @@ var VoidlyAgent = class _VoidlyAgent {
                 const combined = new Uint8Array(x25519Shared.length + pqShared.length);
                 combined.set(x25519Shared, 0);
                 combined.set(pqShared, x25519Shared.length);
-                initialKey = new Uint8Array(await crypto.subtle.digest("SHA-256", combined));
+                initialKey = new Uint8Array(await globalThis.crypto.subtle.digest("SHA-256", combined));
               } catch {
                 initialKey = x25519Shared;
               }
@@ -6303,54 +6303,79 @@ var VoidlyAgent = class _VoidlyAgent {
         lastSeen = messages[messages.length - 1].timestamp;
       }
     };
+    let lastEventId = "";
+    let sseFailures = 0;
     const startSSE = async () => {
       try {
         const params = new URLSearchParams();
         if (lastSeen) params.set("since", lastSeen);
         if (options.from) params.set("from", options.from);
         const sseUrl = `${this.baseUrl}/v1/agent/receive/sse?${params}`;
-        const res = await this._timedFetch(sseUrl, {
-          headers: { "X-Agent-Key": this.apiKey }
-        });
-        if (!res.ok || !res.body) return false;
+        const headers = { "X-Agent-Key": this.apiKey };
+        if (lastEventId) headers["Last-Event-ID"] = lastEventId;
+        const controller = new AbortController();
+        const sseTimeout = setTimeout(() => controller.abort(), 6e4);
+        let res;
+        try {
+          res = await fetch(sseUrl, { headers, signal: controller.signal });
+        } catch (e) {
+          clearTimeout(sseTimeout);
+          throw e;
+        }
+        if (!res.ok || !res.body) {
+          clearTimeout(sseTimeout);
+          return false;
+        }
         const reader = res.body.getReader();
         const decoder = new TextDecoder();
         let buffer = "";
-        while (active && !options.signal?.aborted) {
-          const { done: streamDone, value } = await reader.read();
-          if (streamDone) break;
-          buffer += decoder.decode(value, { stream: true });
-          const lines = buffer.split("\n");
-          buffer = lines.pop() || "";
-          let eventType = "";
-          let dataStr = "";
-          for (const line of lines) {
-            if (line.startsWith("event: ")) {
-              eventType = line.slice(7).trim();
-            } else if (line.startsWith("data: ")) {
-              dataStr = line.slice(6);
-            } else if (line === "" && dataStr) {
-              if (eventType === "message" && dataStr) {
-                try {
-                  const rawMsg = JSON.parse(dataStr);
-                  const decrypted = await this._decryptMessages([rawMsg]);
-                  if (decrypted.length > 0) {
-                    consecutiveEmpty = 0;
-                    await deliverMessages(decrypted);
+        try {
+          while (active && !options.signal?.aborted) {
+            const { done: streamDone, value } = await reader.read();
+            if (streamDone) break;
+            buffer += decoder.decode(value, { stream: true });
+            const lines = buffer.split("\n");
+            buffer = lines.pop() || "";
+            let eventType = "";
+            let dataStr = "";
+            let eventId = "";
+            for (const line of lines) {
+              if (line.startsWith("event: ")) {
+                eventType = line.slice(7).trim();
+              } else if (line.startsWith("data: ")) {
+                dataStr += (dataStr ? "\n" : "") + line.slice(6);
+              } else if (line.startsWith("id: ")) {
+                eventId = line.slice(4).trim();
+              } else if (line === "" && (dataStr || eventType)) {
+                if (eventId) lastEventId = eventId;
+                if (eventType === "message" && dataStr) {
+                  try {
+                    const rawMsg = JSON.parse(dataStr);
+                    const decrypted = await this._decryptMessages([rawMsg]);
+                    if (decrypted.length > 0) {
+                      consecutiveEmpty = 0;
+                      sseFailures = 0;
+                      await deliverMessages(decrypted);
+                    }
+                  } catch {
                   }
-                } catch {
+                } else if (eventType === "reconnect") {
+                  break;
                 }
-              } else if (eventType === "reconnect") {
-                break;
+                eventType = "";
+                dataStr = "";
+                eventId = "";
               }
-              eventType = "";
-              dataStr = "";
             }
           }
+        } finally {
+          reader.releaseLock();
+          clearTimeout(sseTimeout);
         }
-        reader.releaseLock();
+        sseFailures = 0;
         return true;
       } catch {
+        sseFailures++;
         return false;
       }
     };
@@ -6359,8 +6384,13 @@ var VoidlyAgent = class _VoidlyAgent {
         const ok = await startSSE();
         if (!active || options.signal?.aborted) break;
         if (!ok) {
-          poll();
-          return;
+          if (sseFailures >= 3) {
+            poll();
+            return;
+          }
+          const backoff = Math.min(1e3 * Math.pow(2, sseFailures - 1), 4e3);
+          await new Promise((r) => setTimeout(r, backoff));
+          continue;
         }
         await new Promise((r) => setTimeout(r, 500));
       }
@@ -6735,7 +6765,12 @@ var VoidlyAgent = class _VoidlyAgent {
     for (const relay of relays) {
       try {
         const res = await this._timedFetch(`${relay}${path}`, init);
-        if (res.ok || res.status >= 400 && res.status < 500) return res;
+        if (res.ok || res.status >= 400 && res.status < 500 && res.status !== 429) return res;
+        if (res.status === 429) {
+          const retryAfter = res.headers.get("Retry-After");
+          const waitMs = retryAfter ? Math.min(parseInt(retryAfter, 10) * 1e3, 5e3) : 1e3;
+          await new Promise((r) => setTimeout(r, waitMs));
+        }
       } catch (err) {
         lastError = err instanceof Error ? err : new Error(String(err));
       }

package/dist/index.mjs

@@ -2230,22 +2230,22 @@ var require_nacl_fast = __commonJS({
         randombytes = fn;
       };
       (function() {
-        var crypto2 = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
-        if (crypto2 && crypto2.getRandomValues) {
+        var crypto = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
+        if (crypto && crypto.getRandomValues) {
           var QUOTA = 65536;
           nacl2.setPRNG(function(x, n) {
             var i, v = new Uint8Array(n);
             for (i = 0; i < n; i += QUOTA) {
-              crypto2.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
+              crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
             }
             for (i = 0; i < n; i++) x[i] = v[i];
             cleanup(v);
           });
         } else if (typeof __require !== "undefined") {
-          crypto2 = __require("crypto");
-          if (crypto2 && crypto2.randomBytes) {
+          crypto = __require("crypto");
+          if (crypto && crypto.randomBytes) {
             nacl2.setPRNG(function(x, n) {
-              var i, v = crypto2.randomBytes(n);
+              var i, v = crypto.randomBytes(n);
               for (i = 0; i < n; i++) x[i] = v[i];
               cleanup(v);
             });
@@ -4567,7 +4567,7 @@ var VoidlyAgent = class _VoidlyAgent {
           const combined = new Uint8Array(x25519Shared.length + pqShared.length);
           combined.set(x25519Shared, 0);
           combined.set(pqShared, x25519Shared.length);
-          initialKey = new Uint8Array(await crypto.subtle.digest("SHA-256", combined));
+          initialKey = new Uint8Array(await globalThis.crypto.subtle.digest("SHA-256", combined));
         } catch {
           initialKey = x25519Shared;
         }
@@ -4787,7 +4787,7 @@ var VoidlyAgent = class _VoidlyAgent {
                 const combined = new Uint8Array(x25519Shared.length + pqShared.length);
                 combined.set(x25519Shared, 0);
                 combined.set(pqShared, x25519Shared.length);
-                initialKey = new Uint8Array(await crypto.subtle.digest("SHA-256", combined));
+                initialKey = new Uint8Array(await globalThis.crypto.subtle.digest("SHA-256", combined));
               } catch {
                 initialKey = x25519Shared;
               }
@@ -6292,54 +6292,79 @@ var VoidlyAgent = class _VoidlyAgent {
         lastSeen = messages[messages.length - 1].timestamp;
       }
     };
+    let lastEventId = "";
+    let sseFailures = 0;
     const startSSE = async () => {
       try {
         const params = new URLSearchParams();
         if (lastSeen) params.set("since", lastSeen);
         if (options.from) params.set("from", options.from);
         const sseUrl = `${this.baseUrl}/v1/agent/receive/sse?${params}`;
-        const res = await this._timedFetch(sseUrl, {
-          headers: { "X-Agent-Key": this.apiKey }
-        });
-        if (!res.ok || !res.body) return false;
+        const headers = { "X-Agent-Key": this.apiKey };
+        if (lastEventId) headers["Last-Event-ID"] = lastEventId;
+        const controller = new AbortController();
+        const sseTimeout = setTimeout(() => controller.abort(), 6e4);
+        let res;
+        try {
+          res = await fetch(sseUrl, { headers, signal: controller.signal });
+        } catch (e) {
+          clearTimeout(sseTimeout);
+          throw e;
+        }
+        if (!res.ok || !res.body) {
+          clearTimeout(sseTimeout);
+          return false;
+        }
         const reader = res.body.getReader();
         const decoder = new TextDecoder();
         let buffer = "";
-        while (active && !options.signal?.aborted) {
-          const { done: streamDone, value } = await reader.read();
-          if (streamDone) break;
-          buffer += decoder.decode(value, { stream: true });
-          const lines = buffer.split("\n");
-          buffer = lines.pop() || "";
-          let eventType = "";
-          let dataStr = "";
-          for (const line of lines) {
-            if (line.startsWith("event: ")) {
-              eventType = line.slice(7).trim();
-            } else if (line.startsWith("data: ")) {
-              dataStr = line.slice(6);
-            } else if (line === "" && dataStr) {
-              if (eventType === "message" && dataStr) {
-                try {
-                  const rawMsg = JSON.parse(dataStr);
-                  const decrypted = await this._decryptMessages([rawMsg]);
-                  if (decrypted.length > 0) {
-                    consecutiveEmpty = 0;
-                    await deliverMessages(decrypted);
+        try {
+          while (active && !options.signal?.aborted) {
+            const { done: streamDone, value } = await reader.read();
+            if (streamDone) break;
+            buffer += decoder.decode(value, { stream: true });
+            const lines = buffer.split("\n");
+            buffer = lines.pop() || "";
+            let eventType = "";
+            let dataStr = "";
+            let eventId = "";
+            for (const line of lines) {
+              if (line.startsWith("event: ")) {
+                eventType = line.slice(7).trim();
+              } else if (line.startsWith("data: ")) {
+                dataStr += (dataStr ? "\n" : "") + line.slice(6);
+              } else if (line.startsWith("id: ")) {
+                eventId = line.slice(4).trim();
+              } else if (line === "" && (dataStr || eventType)) {
+                if (eventId) lastEventId = eventId;
+                if (eventType === "message" && dataStr) {
+                  try {
+                    const rawMsg = JSON.parse(dataStr);
+                    const decrypted = await this._decryptMessages([rawMsg]);
+                    if (decrypted.length > 0) {
+                      consecutiveEmpty = 0;
+                      sseFailures = 0;
+                      await deliverMessages(decrypted);
+                    }
+                  } catch {
                   }
-                } catch {
+                } else if (eventType === "reconnect") {
+                  break;
                 }
-              } else if (eventType === "reconnect") {
-                break;
+                eventType = "";
+                dataStr = "";
+                eventId = "";
               }
-              eventType = "";
-              dataStr = "";
             }
           }
+        } finally {
+          reader.releaseLock();
+          clearTimeout(sseTimeout);
         }
-        reader.releaseLock();
+        sseFailures = 0;
         return true;
       } catch {
+        sseFailures++;
         return false;
       }
     };
@@ -6348,8 +6373,13 @@ var VoidlyAgent = class _VoidlyAgent {
         const ok = await startSSE();
         if (!active || options.signal?.aborted) break;
         if (!ok) {
-          poll();
-          return;
+          if (sseFailures >= 3) {
+            poll();
+            return;
+          }
+          const backoff = Math.min(1e3 * Math.pow(2, sseFailures - 1), 4e3);
+          await new Promise((r) => setTimeout(r, backoff));
+          continue;
         }
         await new Promise((r) => setTimeout(r, 500));
       }
@@ -6724,7 +6754,12 @@ var VoidlyAgent = class _VoidlyAgent {
     for (const relay of relays) {
       try {
         const res = await this._timedFetch(`${relay}${path}`, init);
-        if (res.ok || res.status >= 400 && res.status < 500) return res;
+        if (res.ok || res.status >= 400 && res.status < 500 && res.status !== 429) return res;
+        if (res.status === 429) {
+          const retryAfter = res.headers.get("Retry-After");
+          const waitMs = retryAfter ? Math.min(parseInt(retryAfter, 10) * 1e3, 5e3) : 1e3;
+          await new Promise((r) => setTimeout(r, waitMs));
+        }
       } catch (err) {
         lastError = err instanceof Error ? err : new Error(String(err));
       }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@voidly/agent-sdk",
-  "version": "3.2.0",
+  "version": "3.2.2",
   "description": "E2E encrypted agent-to-agent communication SDK — Double Ratchet, X3DH, deniable auth, ML-KEM-768 post-quantum, SSE streaming, ratchet persistence, multi-relay federation",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -35,7 +35,11 @@
   "license": "MIT",
   "repository": {
     "type": "git",
-    "url": "https://github.com/EmperorMew/aegisvpn"
+    "url": "https://github.com/voidly-ai/agent-sdk.git"
+  },
+  "homepage": "https://voidly.ai/agents",
+  "bugs": {
+    "url": "https://github.com/voidly-ai/agent-sdk/issues"
   },
   "publishConfig": {
     "access": "public"