npm - @waiaas/daemon - Versions diffs - 2.0.0-rc.1 - Mend

@waiaas/daemon 2.0.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (480) hide show

package/dist/api/error-hints.d.ts +15 -0
package/dist/api/error-hints.d.ts.map +1 -0
package/dist/api/error-hints.js +71 -0
package/dist/api/error-hints.js.map +1 -0
package/dist/api/index.d.ts +11 -0
package/dist/api/index.d.ts.map +1 -0
package/dist/api/index.js +14 -0
package/dist/api/index.js.map +1 -0
package/dist/api/middleware/address-validation.d.ts +38 -0
package/dist/api/middleware/address-validation.d.ts.map +1 -0
package/dist/api/middleware/address-validation.js +134 -0
package/dist/api/middleware/address-validation.js.map +1 -0
package/dist/api/middleware/csp.d.ts +17 -0
package/dist/api/middleware/csp.d.ts.map +1 -0
package/dist/api/middleware/csp.js +31 -0
package/dist/api/middleware/csp.js.map +1 -0
package/dist/api/middleware/error-handler.d.ts +16 -0
package/dist/api/middleware/error-handler.d.ts.map +1 -0
package/dist/api/middleware/error-handler.js +46 -0
package/dist/api/middleware/error-handler.js.map +1 -0
package/dist/api/middleware/host-guard.d.ts +11 -0
package/dist/api/middleware/host-guard.d.ts.map +1 -0
package/dist/api/middleware/host-guard.js +25 -0
package/dist/api/middleware/host-guard.js.map +1 -0
package/dist/api/middleware/index.d.ts +13 -0
package/dist/api/middleware/index.d.ts.map +1 -0
package/dist/api/middleware/index.js +13 -0
package/dist/api/middleware/index.js.map +1 -0
package/dist/api/middleware/kill-switch-guard.d.ts +19 -0
package/dist/api/middleware/kill-switch-guard.d.ts.map +1 -0
package/dist/api/middleware/kill-switch-guard.js +49 -0
package/dist/api/middleware/kill-switch-guard.js.map +1 -0
package/dist/api/middleware/master-auth.d.ts +15 -0
package/dist/api/middleware/master-auth.d.ts.map +1 -0
package/dist/api/middleware/master-auth.js +35 -0
package/dist/api/middleware/master-auth.js.map +1 -0
package/dist/api/middleware/owner-auth.d.ts +30 -0
package/dist/api/middleware/owner-auth.d.ts.map +1 -0
package/dist/api/middleware/owner-auth.js +133 -0
package/dist/api/middleware/owner-auth.js.map +1 -0
package/dist/api/middleware/request-id.d.ts +10 -0
package/dist/api/middleware/request-id.d.ts.map +1 -0
package/dist/api/middleware/request-id.js +18 -0
package/dist/api/middleware/request-id.js.map +1 -0
package/dist/api/middleware/request-logger.d.ts +9 -0
package/dist/api/middleware/request-logger.d.ts.map +1 -0
package/dist/api/middleware/request-logger.js +18 -0
package/dist/api/middleware/request-logger.js.map +1 -0
package/dist/api/middleware/session-auth.d.ts +21 -0
package/dist/api/middleware/session-auth.d.ts.map +1 -0
package/dist/api/middleware/session-auth.js +51 -0
package/dist/api/middleware/session-auth.js.map +1 -0
package/dist/api/middleware/siwe-verify.d.ts +31 -0
package/dist/api/middleware/siwe-verify.d.ts.map +1 -0
package/dist/api/middleware/siwe-verify.js +55 -0
package/dist/api/middleware/siwe-verify.js.map +1 -0
package/dist/api/routes/actions.d.ts +56 -0
package/dist/api/routes/actions.d.ts.map +1 -0
package/dist/api/routes/actions.js +291 -0
package/dist/api/routes/actions.js.map +1 -0
package/dist/api/routes/admin.d.ts +99 -0
package/dist/api/routes/admin.d.ts.map +1 -0
package/dist/api/routes/admin.js +1304 -0
package/dist/api/routes/admin.js.map +1 -0
package/dist/api/routes/display-currency-helper.d.ts +26 -0
package/dist/api/routes/display-currency-helper.d.ts.map +1 -0
package/dist/api/routes/display-currency-helper.js +47 -0
package/dist/api/routes/display-currency-helper.js.map +1 -0
package/dist/api/routes/health.d.ts +14 -0
package/dist/api/routes/health.d.ts.map +1 -0
package/dist/api/routes/health.js +47 -0
package/dist/api/routes/health.js.map +1 -0
package/dist/api/routes/index.d.ts +15 -0
package/dist/api/routes/index.d.ts.map +1 -0
package/dist/api/routes/index.js +15 -0
package/dist/api/routes/index.js.map +1 -0
package/dist/api/routes/mcp.d.ts +30 -0
package/dist/api/routes/mcp.d.ts.map +1 -0
package/dist/api/routes/mcp.js +156 -0
package/dist/api/routes/mcp.js.map +1 -0
package/dist/api/routes/nonce.d.ts +20 -0
package/dist/api/routes/nonce.d.ts.map +1 -0
package/dist/api/routes/nonce.js +48 -0
package/dist/api/routes/nonce.js.map +1 -0
package/dist/api/routes/openapi-schemas.d.ts +2281 -0
package/dist/api/routes/openapi-schemas.d.ts.map +1 -0
package/dist/api/routes/openapi-schemas.js +770 -0
package/dist/api/routes/openapi-schemas.js.map +1 -0
package/dist/api/routes/policies.d.ts +29 -0
package/dist/api/routes/policies.d.ts.map +1 -0
package/dist/api/routes/policies.js +332 -0
package/dist/api/routes/policies.js.map +1 -0
package/dist/api/routes/sessions.d.ts +35 -0
package/dist/api/routes/sessions.d.ts.map +1 -0
package/dist/api/routes/sessions.js +347 -0
package/dist/api/routes/sessions.js.map +1 -0
package/dist/api/routes/skills.d.ts +9 -0
package/dist/api/routes/skills.d.ts.map +1 -0
package/dist/api/routes/skills.js +59 -0
package/dist/api/routes/skills.js.map +1 -0
package/dist/api/routes/tokens.d.ts +25 -0
package/dist/api/routes/tokens.d.ts.map +1 -0
package/dist/api/routes/tokens.js +161 -0
package/dist/api/routes/tokens.js.map +1 -0
package/dist/api/routes/transactions.d.ts +68 -0
package/dist/api/routes/transactions.d.ts.map +1 -0
package/dist/api/routes/transactions.js +576 -0
package/dist/api/routes/transactions.js.map +1 -0
package/dist/api/routes/utils.d.ts +9 -0
package/dist/api/routes/utils.d.ts.map +1 -0
package/dist/api/routes/utils.js +52 -0
package/dist/api/routes/utils.js.map +1 -0
package/dist/api/routes/wallet.d.ts +36 -0
package/dist/api/routes/wallet.d.ts.map +1 -0
package/dist/api/routes/wallet.js +358 -0
package/dist/api/routes/wallet.js.map +1 -0
package/dist/api/routes/wallets.d.ts +43 -0
package/dist/api/routes/wallets.d.ts.map +1 -0
package/dist/api/routes/wallets.js +630 -0
package/dist/api/routes/wallets.js.map +1 -0
package/dist/api/routes/wc.d.ts +46 -0
package/dist/api/routes/wc.d.ts.map +1 -0
package/dist/api/routes/wc.js +354 -0
package/dist/api/routes/wc.js.map +1 -0
package/dist/api/routes/x402.d.ts +61 -0
package/dist/api/routes/x402.d.ts.map +1 -0
package/dist/api/routes/x402.js +493 -0
package/dist/api/routes/x402.js.map +1 -0
package/dist/api/server.d.ts +81 -0
package/dist/api/server.d.ts.map +1 -0
package/dist/api/server.js +406 -0
package/dist/api/server.js.map +1 -0
package/dist/index.d.ts +35 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +43 -0
package/dist/index.js.map +1 -0
package/dist/infrastructure/action/action-provider-registry.d.ts +77 -0
package/dist/infrastructure/action/action-provider-registry.d.ts.map +1 -0
package/dist/infrastructure/action/action-provider-registry.js +239 -0
package/dist/infrastructure/action/action-provider-registry.js.map +1 -0
package/dist/infrastructure/action/api-key-store.d.ts +60 -0
package/dist/infrastructure/action/api-key-store.d.ts.map +1 -0
package/dist/infrastructure/action/api-key-store.js +130 -0
package/dist/infrastructure/action/api-key-store.js.map +1 -0
package/dist/infrastructure/action/index.d.ts +10 -0
package/dist/infrastructure/action/index.d.ts.map +1 -0
package/dist/infrastructure/action/index.js +9 -0
package/dist/infrastructure/action/index.js.map +1 -0
package/dist/infrastructure/adapter-pool.d.ts +50 -0
package/dist/infrastructure/adapter-pool.d.ts.map +1 -0
package/dist/infrastructure/adapter-pool.js +110 -0
package/dist/infrastructure/adapter-pool.js.map +1 -0
package/dist/infrastructure/backup/backup-service.d.ts +53 -0
package/dist/infrastructure/backup/backup-service.d.ts.map +1 -0
package/dist/infrastructure/backup/backup-service.js +158 -0
package/dist/infrastructure/backup/backup-service.js.map +1 -0
package/dist/infrastructure/backup/index.d.ts +2 -0
package/dist/infrastructure/backup/index.d.ts.map +1 -0
package/dist/infrastructure/backup/index.js +2 -0
package/dist/infrastructure/backup/index.js.map +1 -0
package/dist/infrastructure/config/index.d.ts +8 -0
package/dist/infrastructure/config/index.d.ts.map +1 -0
package/dist/infrastructure/config/index.js +7 -0
package/dist/infrastructure/config/index.js.map +1 -0
package/dist/infrastructure/config/loader.d.ts +555 -0
package/dist/infrastructure/config/loader.d.ts.map +1 -0
package/dist/infrastructure/config/loader.js +311 -0
package/dist/infrastructure/config/loader.js.map +1 -0
package/dist/infrastructure/database/checks.d.ts +19 -0
package/dist/infrastructure/database/checks.d.ts.map +1 -0
package/dist/infrastructure/database/checks.js +27 -0
package/dist/infrastructure/database/checks.js.map +1 -0
package/dist/infrastructure/database/compatibility.d.ts +36 -0
package/dist/infrastructure/database/compatibility.d.ts.map +1 -0
package/dist/infrastructure/database/compatibility.js +75 -0
package/dist/infrastructure/database/compatibility.js.map +1 -0
package/dist/infrastructure/database/connection.d.ts +36 -0
package/dist/infrastructure/database/connection.d.ts.map +1 -0
package/dist/infrastructure/database/connection.js +47 -0
package/dist/infrastructure/database/connection.js.map +1 -0
package/dist/infrastructure/database/id.d.ts +17 -0
package/dist/infrastructure/database/id.d.ts.map +1 -0
package/dist/infrastructure/database/id.js +20 -0
package/dist/infrastructure/database/id.js.map +1 -0
package/dist/infrastructure/database/index.d.ts +15 -0
package/dist/infrastructure/database/index.d.ts.map +1 -0
package/dist/infrastructure/database/index.js +12 -0
package/dist/infrastructure/database/index.js.map +1 -0
package/dist/infrastructure/database/migrate.d.ts +76 -0
package/dist/infrastructure/database/migrate.d.ts.map +1 -0
package/dist/infrastructure/database/migrate.js +1214 -0
package/dist/infrastructure/database/migrate.js.map +1 -0
package/dist/infrastructure/database/schema.d.ts +2352 -0
package/dist/infrastructure/database/schema.d.ts.map +1 -0
package/dist/infrastructure/database/schema.js +288 -0
package/dist/infrastructure/database/schema.js.map +1 -0
package/dist/infrastructure/jwt/index.d.ts +2 -0
package/dist/infrastructure/jwt/index.d.ts.map +1 -0
package/dist/infrastructure/jwt/index.js +2 -0
package/dist/infrastructure/jwt/index.js.map +1 -0
package/dist/infrastructure/jwt/jwt-secret-manager.d.ts +58 -0
package/dist/infrastructure/jwt/jwt-secret-manager.d.ts.map +1 -0
package/dist/infrastructure/jwt/jwt-secret-manager.js +222 -0
package/dist/infrastructure/jwt/jwt-secret-manager.js.map +1 -0
package/dist/infrastructure/keystore/crypto.d.ts +62 -0
package/dist/infrastructure/keystore/crypto.d.ts.map +1 -0
package/dist/infrastructure/keystore/crypto.js +89 -0
package/dist/infrastructure/keystore/crypto.js.map +1 -0
package/dist/infrastructure/keystore/index.d.ts +4 -0
package/dist/infrastructure/keystore/index.d.ts.map +1 -0
package/dist/infrastructure/keystore/index.js +5 -0
package/dist/infrastructure/keystore/index.js.map +1 -0
package/dist/infrastructure/keystore/keystore.d.ts +115 -0
package/dist/infrastructure/keystore/keystore.d.ts.map +1 -0
package/dist/infrastructure/keystore/keystore.js +327 -0
package/dist/infrastructure/keystore/keystore.js.map +1 -0
package/dist/infrastructure/keystore/memory.d.ts +45 -0
package/dist/infrastructure/keystore/memory.d.ts.map +1 -0
package/dist/infrastructure/keystore/memory.js +105 -0
package/dist/infrastructure/keystore/memory.js.map +1 -0
package/dist/infrastructure/oracle/coingecko-forex.d.ts +35 -0
package/dist/infrastructure/oracle/coingecko-forex.d.ts.map +1 -0
package/dist/infrastructure/oracle/coingecko-forex.js +69 -0
package/dist/infrastructure/oracle/coingecko-forex.js.map +1 -0
package/dist/infrastructure/oracle/coingecko-oracle.d.ts +73 -0
package/dist/infrastructure/oracle/coingecko-oracle.d.ts.map +1 -0
package/dist/infrastructure/oracle/coingecko-oracle.js +199 -0
package/dist/infrastructure/oracle/coingecko-oracle.js.map +1 -0
package/dist/infrastructure/oracle/coingecko-platform-ids.d.ts +32 -0
package/dist/infrastructure/oracle/coingecko-platform-ids.d.ts.map +1 -0
package/dist/infrastructure/oracle/coingecko-platform-ids.js +30 -0
package/dist/infrastructure/oracle/coingecko-platform-ids.js.map +1 -0
package/dist/infrastructure/oracle/forex-currencies.d.ts +36 -0
package/dist/infrastructure/oracle/forex-currencies.d.ts.map +1 -0
package/dist/infrastructure/oracle/forex-currencies.js +71 -0
package/dist/infrastructure/oracle/forex-currencies.js.map +1 -0
package/dist/infrastructure/oracle/forex-rate-service.d.ts +51 -0
package/dist/infrastructure/oracle/forex-rate-service.d.ts.map +1 -0
package/dist/infrastructure/oracle/forex-rate-service.js +149 -0
package/dist/infrastructure/oracle/forex-rate-service.js.map +1 -0
package/dist/infrastructure/oracle/index.d.ts +18 -0
package/dist/infrastructure/oracle/index.d.ts.map +1 -0
package/dist/infrastructure/oracle/index.js +19 -0
package/dist/infrastructure/oracle/index.js.map +1 -0
package/dist/infrastructure/oracle/oracle-chain.d.ts +101 -0
package/dist/infrastructure/oracle/oracle-chain.d.ts.map +1 -0
package/dist/infrastructure/oracle/oracle-chain.js +163 -0
package/dist/infrastructure/oracle/oracle-chain.js.map +1 -0
package/dist/infrastructure/oracle/oracle-errors.d.ts +42 -0
package/dist/infrastructure/oracle/oracle-errors.d.ts.map +1 -0
package/dist/infrastructure/oracle/oracle-errors.js +53 -0
package/dist/infrastructure/oracle/oracle-errors.js.map +1 -0
package/dist/infrastructure/oracle/price-age.d.ts +38 -0
package/dist/infrastructure/oracle/price-age.d.ts.map +1 -0
package/dist/infrastructure/oracle/price-age.js +44 -0
package/dist/infrastructure/oracle/price-age.js.map +1 -0
package/dist/infrastructure/oracle/price-cache.d.ts +99 -0
package/dist/infrastructure/oracle/price-cache.d.ts.map +1 -0
package/dist/infrastructure/oracle/price-cache.js +173 -0
package/dist/infrastructure/oracle/price-cache.js.map +1 -0
package/dist/infrastructure/oracle/pyth-feed-ids.d.ts +31 -0
package/dist/infrastructure/oracle/pyth-feed-ids.d.ts.map +1 -0
package/dist/infrastructure/oracle/pyth-feed-ids.js +44 -0
package/dist/infrastructure/oracle/pyth-feed-ids.js.map +1 -0
package/dist/infrastructure/oracle/pyth-oracle.d.ts +69 -0
package/dist/infrastructure/oracle/pyth-oracle.d.ts.map +1 -0
package/dist/infrastructure/oracle/pyth-oracle.js +149 -0
package/dist/infrastructure/oracle/pyth-oracle.js.map +1 -0
package/dist/infrastructure/settings/hot-reload.d.ts +71 -0
package/dist/infrastructure/settings/hot-reload.d.ts.map +1 -0
package/dist/infrastructure/settings/hot-reload.js +315 -0
package/dist/infrastructure/settings/hot-reload.js.map +1 -0
package/dist/infrastructure/settings/index.d.ts +13 -0
package/dist/infrastructure/settings/index.d.ts.map +1 -0
package/dist/infrastructure/settings/index.js +10 -0
package/dist/infrastructure/settings/index.js.map +1 -0
package/dist/infrastructure/settings/setting-keys.d.ts +28 -0
package/dist/infrastructure/settings/setting-keys.d.ts.map +1 -0
package/dist/infrastructure/settings/setting-keys.js +105 -0
package/dist/infrastructure/settings/setting-keys.js.map +1 -0
package/dist/infrastructure/settings/settings-crypto.d.ts +39 -0
package/dist/infrastructure/settings/settings-crypto.d.ts.map +1 -0
package/dist/infrastructure/settings/settings-crypto.js +73 -0
package/dist/infrastructure/settings/settings-crypto.js.map +1 -0
package/dist/infrastructure/settings/settings-service.d.ts +82 -0
package/dist/infrastructure/settings/settings-service.d.ts.map +1 -0
package/dist/infrastructure/settings/settings-service.js +267 -0
package/dist/infrastructure/settings/settings-service.js.map +1 -0
package/dist/infrastructure/telegram/index.d.ts +6 -0
package/dist/infrastructure/telegram/index.d.ts.map +1 -0
package/dist/infrastructure/telegram/index.js +5 -0
package/dist/infrastructure/telegram/index.js.map +1 -0
package/dist/infrastructure/telegram/telegram-api.d.ts +35 -0
package/dist/infrastructure/telegram/telegram-api.d.ts.map +1 -0
package/dist/infrastructure/telegram/telegram-api.js +82 -0
package/dist/infrastructure/telegram/telegram-api.js.map +1 -0
package/dist/infrastructure/telegram/telegram-auth.d.ts +57 -0
package/dist/infrastructure/telegram/telegram-auth.d.ts.map +1 -0
package/dist/infrastructure/telegram/telegram-auth.js +88 -0
package/dist/infrastructure/telegram/telegram-auth.js.map +1 -0
package/dist/infrastructure/telegram/telegram-bot-service.d.ts +95 -0
package/dist/infrastructure/telegram/telegram-bot-service.d.ts.map +1 -0
package/dist/infrastructure/telegram/telegram-bot-service.js +564 -0
package/dist/infrastructure/telegram/telegram-bot-service.js.map +1 -0
package/dist/infrastructure/telegram/telegram-keyboard.d.ts +27 -0
package/dist/infrastructure/telegram/telegram-keyboard.d.ts.map +1 -0
package/dist/infrastructure/telegram/telegram-keyboard.js +52 -0
package/dist/infrastructure/telegram/telegram-keyboard.js.map +1 -0
package/dist/infrastructure/telegram/telegram-types.d.ts +43 -0
package/dist/infrastructure/telegram/telegram-types.d.ts.map +1 -0
package/dist/infrastructure/telegram/telegram-types.js +8 -0
package/dist/infrastructure/telegram/telegram-types.js.map +1 -0
package/dist/infrastructure/token-registry/builtin-tokens.d.ts +39 -0
package/dist/infrastructure/token-registry/builtin-tokens.d.ts.map +1 -0
package/dist/infrastructure/token-registry/builtin-tokens.js +135 -0
package/dist/infrastructure/token-registry/builtin-tokens.js.map +1 -0
package/dist/infrastructure/token-registry/index.d.ts +8 -0
package/dist/infrastructure/token-registry/index.d.ts.map +1 -0
package/dist/infrastructure/token-registry/index.js +8 -0
package/dist/infrastructure/token-registry/index.js.map +1 -0
package/dist/infrastructure/token-registry/token-registry-service.d.ts +49 -0
package/dist/infrastructure/token-registry/token-registry-service.d.ts.map +1 -0
package/dist/infrastructure/token-registry/token-registry-service.js +93 -0
package/dist/infrastructure/token-registry/token-registry-service.js.map +1 -0
package/dist/infrastructure/version/index.d.ts +5 -0
package/dist/infrastructure/version/index.d.ts.map +1 -0
package/dist/infrastructure/version/index.js +5 -0
package/dist/infrastructure/version/index.js.map +1 -0
package/dist/infrastructure/version/version-check-service.d.ts +35 -0
package/dist/infrastructure/version/version-check-service.d.ts.map +1 -0
package/dist/infrastructure/version/version-check-service.js +92 -0
package/dist/infrastructure/version/version-check-service.js.map +1 -0
package/dist/lifecycle/daemon.d.ts +103 -0
package/dist/lifecycle/daemon.d.ts.map +1 -0
package/dist/lifecycle/daemon.js +934 -0
package/dist/lifecycle/daemon.js.map +1 -0
package/dist/lifecycle/index.d.ts +9 -0
package/dist/lifecycle/index.d.ts.map +1 -0
package/dist/lifecycle/index.js +9 -0
package/dist/lifecycle/index.js.map +1 -0
package/dist/lifecycle/signal-handler.d.ts +18 -0
package/dist/lifecycle/signal-handler.d.ts.map +1 -0
package/dist/lifecycle/signal-handler.js +37 -0
package/dist/lifecycle/signal-handler.js.map +1 -0
package/dist/lifecycle/workers.d.ts +46 -0
package/dist/lifecycle/workers.d.ts.map +1 -0
package/dist/lifecycle/workers.js +101 -0
package/dist/lifecycle/workers.js.map +1 -0
package/dist/notifications/channels/discord.d.ts +10 -0
package/dist/notifications/channels/discord.d.ts.map +1 -0
package/dist/notifications/channels/discord.js +54 -0
package/dist/notifications/channels/discord.js.map +1 -0
package/dist/notifications/channels/ntfy.d.ts +13 -0
package/dist/notifications/channels/ntfy.d.ts.map +1 -0
package/dist/notifications/channels/ntfy.js +58 -0
package/dist/notifications/channels/ntfy.js.map +1 -0
package/dist/notifications/channels/slack.d.ts +10 -0
package/dist/notifications/channels/slack.d.ts.map +1 -0
package/dist/notifications/channels/slack.js +55 -0
package/dist/notifications/channels/slack.js.map +1 -0
package/dist/notifications/channels/telegram.d.ts +10 -0
package/dist/notifications/channels/telegram.d.ts.map +1 -0
package/dist/notifications/channels/telegram.js +40 -0
package/dist/notifications/channels/telegram.js.map +1 -0
package/dist/notifications/index.d.ts +9 -0
package/dist/notifications/index.d.ts.map +1 -0
package/dist/notifications/index.js +7 -0
package/dist/notifications/index.js.map +1 -0
package/dist/notifications/notification-service.d.ts +75 -0
package/dist/notifications/notification-service.d.ts.map +1 -0
package/dist/notifications/notification-service.js +213 -0
package/dist/notifications/notification-service.js.map +1 -0
package/dist/notifications/templates/message-templates.d.ts +12 -0
package/dist/notifications/templates/message-templates.d.ts.map +1 -0
package/dist/notifications/templates/message-templates.js +22 -0
package/dist/notifications/templates/message-templates.js.map +1 -0
package/dist/pipeline/database-policy-engine.d.ts +286 -0
package/dist/pipeline/database-policy-engine.d.ts.map +1 -0
package/dist/pipeline/database-policy-engine.js +992 -0
package/dist/pipeline/database-policy-engine.js.map +1 -0
package/dist/pipeline/default-policy-engine.d.ts +26 -0
package/dist/pipeline/default-policy-engine.d.ts.map +1 -0
package/dist/pipeline/default-policy-engine.js +25 -0
package/dist/pipeline/default-policy-engine.js.map +1 -0
package/dist/pipeline/index.d.ts +9 -0
package/dist/pipeline/index.d.ts.map +1 -0
package/dist/pipeline/index.js +9 -0
package/dist/pipeline/index.js.map +1 -0
package/dist/pipeline/network-resolver.d.ts +22 -0
package/dist/pipeline/network-resolver.d.ts.map +1 -0
package/dist/pipeline/network-resolver.js +32 -0
package/dist/pipeline/network-resolver.js.map +1 -0
package/dist/pipeline/pipeline.d.ts +72 -0
package/dist/pipeline/pipeline.d.ts.map +1 -0
package/dist/pipeline/pipeline.js +87 -0
package/dist/pipeline/pipeline.js.map +1 -0
package/dist/pipeline/resolve-effective-amount-usd.d.ts +41 -0
package/dist/pipeline/resolve-effective-amount-usd.d.ts.map +1 -0
package/dist/pipeline/resolve-effective-amount-usd.js +208 -0
package/dist/pipeline/resolve-effective-amount-usd.js.map +1 -0
package/dist/pipeline/sign-only.d.ts +99 -0
package/dist/pipeline/sign-only.d.ts.map +1 -0
package/dist/pipeline/sign-only.js +267 -0
package/dist/pipeline/sign-only.js.map +1 -0
package/dist/pipeline/sleep.d.ts +6 -0
package/dist/pipeline/sleep.d.ts.map +1 -0
package/dist/pipeline/sleep.js +8 -0
package/dist/pipeline/sleep.js.map +1 -0
package/dist/pipeline/stages.d.ts +82 -0
package/dist/pipeline/stages.d.ts.map +1 -0
package/dist/pipeline/stages.js +784 -0
package/dist/pipeline/stages.js.map +1 -0
package/dist/services/autostop-rules.d.ts +79 -0
package/dist/services/autostop-rules.d.ts.map +1 -0
package/dist/services/autostop-rules.js +174 -0
package/dist/services/autostop-rules.js.map +1 -0
package/dist/services/autostop-service.d.ts +82 -0
package/dist/services/autostop-service.d.ts.map +1 -0
package/dist/services/autostop-service.js +223 -0
package/dist/services/autostop-service.js.map +1 -0
package/dist/services/kill-switch-service.d.ts +118 -0
package/dist/services/kill-switch-service.d.ts.map +1 -0
package/dist/services/kill-switch-service.js +291 -0
package/dist/services/kill-switch-service.js.map +1 -0
package/dist/services/monitoring/balance-monitor-service.d.ts +65 -0
package/dist/services/monitoring/balance-monitor-service.d.ts.map +1 -0
package/dist/services/monitoring/balance-monitor-service.js +207 -0
package/dist/services/monitoring/balance-monitor-service.js.map +1 -0
package/dist/services/wc-session-service.d.ts +123 -0
package/dist/services/wc-session-service.d.ts.map +1 -0
package/dist/services/wc-session-service.js +363 -0
package/dist/services/wc-session-service.js.map +1 -0
package/dist/services/wc-signing-bridge.d.ts +60 -0
package/dist/services/wc-signing-bridge.d.ts.map +1 -0
package/dist/services/wc-signing-bridge.js +334 -0
package/dist/services/wc-signing-bridge.js.map +1 -0
package/dist/services/wc-storage.d.ts +32 -0
package/dist/services/wc-storage.d.ts.map +1 -0
package/dist/services/wc-storage.js +64 -0
package/dist/services/wc-storage.js.map +1 -0
package/dist/services/x402/payment-signer.d.ts +88 -0
package/dist/services/x402/payment-signer.d.ts.map +1 -0
package/dist/services/x402/payment-signer.js +311 -0
package/dist/services/x402/payment-signer.js.map +1 -0
package/dist/services/x402/ssrf-guard.d.ts +27 -0
package/dist/services/x402/ssrf-guard.d.ts.map +1 -0
package/dist/services/x402/ssrf-guard.js +236 -0
package/dist/services/x402/ssrf-guard.js.map +1 -0
package/dist/services/x402/x402-domain-policy.d.ts +50 -0
package/dist/services/x402/x402-domain-policy.d.ts.map +1 -0
package/dist/services/x402/x402-domain-policy.js +78 -0
package/dist/services/x402/x402-domain-policy.js.map +1 -0
package/dist/services/x402/x402-handler.d.ts +71 -0
package/dist/services/x402/x402-handler.d.ts.map +1 -0
package/dist/services/x402/x402-handler.js +195 -0
package/dist/services/x402/x402-handler.js.map +1 -0
package/dist/services/x402/x402-usd-resolver.d.ts +26 -0
package/dist/services/x402/x402-usd-resolver.d.ts.map +1 -0
package/dist/services/x402/x402-usd-resolver.js +79 -0
package/dist/services/x402/x402-usd-resolver.js.map +1 -0
package/dist/workflow/approval-workflow.d.ts +103 -0
package/dist/workflow/approval-workflow.d.ts.map +1 -0
package/dist/workflow/approval-workflow.js +202 -0
package/dist/workflow/approval-workflow.js.map +1 -0
package/dist/workflow/delay-queue.d.ts +78 -0
package/dist/workflow/delay-queue.d.ts.map +1 -0
package/dist/workflow/delay-queue.js +174 -0
package/dist/workflow/delay-queue.js.map +1 -0
package/dist/workflow/index.d.ts +11 -0
package/dist/workflow/index.d.ts.map +1 -0
package/dist/workflow/index.js +9 -0
package/dist/workflow/index.js.map +1 -0
package/dist/workflow/owner-state.d.ts +97 -0
package/dist/workflow/owner-state.d.ts.map +1 -0
package/dist/workflow/owner-state.js +168 -0
package/dist/workflow/owner-state.js.map +1 -0
package/package.json +71 -0
package/public/admin/assets/index-BPoUSH8W.css +1 -0
package/public/admin/assets/index-CDi1qoXB.js +1 -0
package/public/admin/index.html +13 -0

package/dist/notifications/index.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export { NotificationService } from './notification-service.js';
+export type { NotificationServiceConfig } from './notification-service.js';
+export { TelegramChannel } from './channels/telegram.js';
+export { DiscordChannel } from './channels/discord.js';
+export { NtfyChannel } from './channels/ntfy.js';
+export { SlackChannel } from './channels/slack.js';
+export { getNotificationMessage } from './templates/message-templates.js';
+export type { NotificationMessage } from './templates/message-templates.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/notifications/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/notifications/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAChE,YAAY,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,sBAAsB,EAAE,MAAM,kCAAkC,CAAC;AAC1E,YAAY,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC"}

package/dist/notifications/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+export { NotificationService } from './notification-service.js';
+export { TelegramChannel } from './channels/telegram.js';
+export { DiscordChannel } from './channels/discord.js';
+export { NtfyChannel } from './channels/ntfy.js';
+export { SlackChannel } from './channels/slack.js';
+export { getNotificationMessage } from './templates/message-templates.js';
+//# sourceMappingURL=index.js.map

package/dist/notifications/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/notifications/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAEhE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,sBAAsB,EAAE,MAAM,kCAAkC,CAAC"}

package/dist/notifications/notification-service.d.ts ADDED Viewed

@@ -0,0 +1,75 @@
+/**
+ * NotificationService orchestrator: priority-based delivery with fallback,
+ * broadcast mode for critical events, per-channel rate limiting, and
+ * CRITICAL audit_log on total failure.
+ *
+ * @see docs/35-notification-architecture.md
+ */
+import type { INotificationChannel } from '@waiaas/core';
+import type { NotificationEventType, SupportedLocale } from '@waiaas/core';
+import type { BetterSQLite3Database } from 'drizzle-orm/better-sqlite3';
+import * as schema from '../infrastructure/database/schema.js';
+export interface NotificationServiceConfig {
+    locale: SupportedLocale;
+    rateLimitRpm: number;
+}
+export declare class NotificationService {
+    private channels;
+    private db;
+    private config;
+    private rateLimitMap;
+    constructor(opts?: {
+        db?: BetterSQLite3Database<typeof schema>;
+        config?: Partial<NotificationServiceConfig>;
+    });
+    /** Add initialized channel to the service. */
+    addChannel(channel: INotificationChannel): void;
+    /** Get list of configured channel names. */
+    getChannelNames(): string[];
+    /** Get list of configured channels (for admin test send). */
+    getChannels(): INotificationChannel[];
+    /**
+     * Replace all notification channels with new instances.
+     * Used by hot-reload when notification credentials change.
+     * Old channels are discarded (no cleanup needed -- they're stateless HTTP clients).
+     */
+    replaceChannels(newChannels: INotificationChannel[]): void;
+    /**
+     * Update config (locale, rateLimitRpm) without replacing channels.
+     */
+    updateConfig(config: Partial<NotificationServiceConfig>): void;
+    /**
+     * Send notification via priority-based delivery with fallback.
+     * Tries channels in order; on failure, falls back to next channel.
+     * For broadcast events, sends to ALL channels.
+     */
+    notify(eventType: NotificationEventType, walletId: string, vars?: Record<string, string>, details?: Record<string, unknown>): Promise<void>;
+    /**
+     * Send to ALL channels simultaneously (for critical events).
+     * If ALL channels fail, logs CRITICAL to audit_log.
+     */
+    private broadcast;
+    /**
+     * Priority-based fallback: try channels in order, stop on first success.
+     * If all fail, log CRITICAL to audit_log.
+     */
+    private sendWithFallback;
+    /**
+     * Send to a single channel with rate limit check.
+     */
+    private sendToChannel;
+    /** Check if channel is rate limited (sliding window). */
+    private isRateLimited;
+    /** Record a successful send for rate limiting. */
+    private recordSend;
+    /**
+     * Record notification delivery result to notification_logs table.
+     * Fire-and-forget: errors are swallowed to never block the pipeline.
+     */
+    private logDelivery;
+    /**
+     * Log CRITICAL failure to audit_log when all channels fail.
+     */
+    private logCriticalFailure;
+}
+//# sourceMappingURL=notification-service.d.ts.map

package/dist/notifications/notification-service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"notification-service.d.ts","sourceRoot":"","sources":["../../src/notifications/notification-service.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAuB,MAAM,cAAc,CAAC;AAC9E,OAAO,KAAK,EAAE,qBAAqB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC3E,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAExE,OAAO,KAAK,MAAM,MAAM,sCAAsC,CAAC;AAU/D,MAAM,WAAW,yBAAyB;IACxC,MAAM,EAAE,eAAe,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,QAAQ,CAA8B;IAC9C,OAAO,CAAC,EAAE,CAAqD;IAC/D,OAAO,CAAC,MAAM,CAAiE;IAG/E,OAAO,CAAC,YAAY,CAA+B;gBAEvC,IAAI,CAAC,EAAE;QACjB,EAAE,CAAC,EAAE,qBAAqB,CAAC,OAAO,MAAM,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,OAAO,CAAC,yBAAyB,CAAC,CAAC;KAC7C;IAKD,8CAA8C;IAC9C,UAAU,CAAC,OAAO,EAAE,oBAAoB,GAAG,IAAI;IAI/C,4CAA4C;IAC5C,eAAe,IAAI,MAAM,EAAE;IAI3B,6DAA6D;IAC7D,WAAW,IAAI,oBAAoB,EAAE;IAIrC;;;;OAIG;IACH,eAAe,CAAC,WAAW,EAAE,oBAAoB,EAAE,GAAG,IAAI;IAM1D;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,yBAAyB,CAAC,GAAG,IAAI;IAI9D;;;;OAIG;IACG,MAAM,CACV,SAAS,EAAE,qBAAqB,EAChC,QAAQ,EAAE,MAAM,EAChB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC7B,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAChC,OAAO,CAAC,IAAI,CAAC;IAmBhB;;;OAGG;YACW,SAAS;IAmBvB;;;OAGG;YACW,gBAAgB;IAgB9B;;OAEG;YACW,aAAa;IAa3B,yDAAyD;IACzD,OAAO,CAAC,aAAa;IAUrB,kDAAkD;IAClD,OAAO,CAAC,UAAU;IAMlB;;;OAGG;IACH,OAAO,CAAC,WAAW;IA2BnB;;OAEG;YACW,kBAAkB;CAuCjC"}

package/dist/notifications/notification-service.js ADDED Viewed

@@ -0,0 +1,213 @@
+/**
+ * NotificationService orchestrator: priority-based delivery with fallback,
+ * broadcast mode for critical events, per-channel rate limiting, and
+ * CRITICAL audit_log on total failure.
+ *
+ * @see docs/35-notification-architecture.md
+ */
+import { getNotificationMessage } from './templates/message-templates.js';
+import * as schema from '../infrastructure/database/schema.js';
+import { generateId } from '../infrastructure/database/id.js';
+// Broadcast event types -- sent to ALL channels simultaneously
+const BROADCAST_EVENTS = new Set([
+    'KILL_SWITCH_ACTIVATED',
+    'KILL_SWITCH_RECOVERED',
+    'AUTO_STOP_TRIGGERED',
+]);
+export class NotificationService {
+    channels = [];
+    db = null;
+    config = { locale: 'en', rateLimitRpm: 20 };
+    // Rate limiter: Map<channelName, timestamps[]>
+    rateLimitMap = new Map();
+    constructor(opts) {
+        if (opts?.db)
+            this.db = opts.db;
+        if (opts?.config)
+            this.config = { ...this.config, ...opts.config };
+    }
+    /** Add initialized channel to the service. */
+    addChannel(channel) {
+        this.channels.push(channel);
+    }
+    /** Get list of configured channel names. */
+    getChannelNames() {
+        return this.channels.map((c) => c.name);
+    }
+    /** Get list of configured channels (for admin test send). */
+    getChannels() {
+        return [...this.channels];
+    }
+    /**
+     * Replace all notification channels with new instances.
+     * Used by hot-reload when notification credentials change.
+     * Old channels are discarded (no cleanup needed -- they're stateless HTTP clients).
+     */
+    replaceChannels(newChannels) {
+        this.channels = [...newChannels];
+        // Reset rate limiter for all channels (fresh start with new credentials)
+        this.rateLimitMap.clear();
+    }
+    /**
+     * Update config (locale, rateLimitRpm) without replacing channels.
+     */
+    updateConfig(config) {
+        this.config = { ...this.config, ...config };
+    }
+    /**
+     * Send notification via priority-based delivery with fallback.
+     * Tries channels in order; on failure, falls back to next channel.
+     * For broadcast events, sends to ALL channels.
+     */
+    async notify(eventType, walletId, vars, details) {
+        if (this.channels.length === 0)
+            return; // No channels configured
+        const { title, body } = getNotificationMessage(eventType, this.config.locale, vars);
+        const payload = {
+            eventType,
+            walletId,
+            message: `${title}\n${body}`,
+            details,
+            timestamp: Math.floor(Date.now() / 1000),
+        };
+        if (BROADCAST_EVENTS.has(eventType)) {
+            await this.broadcast(payload);
+        }
+        else {
+            await this.sendWithFallback(payload);
+        }
+    }
+    /**
+     * Send to ALL channels simultaneously (for critical events).
+     * If ALL channels fail, logs CRITICAL to audit_log.
+     */
+    async broadcast(payload) {
+        const results = await Promise.allSettled(this.channels.map(async (ch) => {
+            try {
+                await this.sendToChannel(ch, payload);
+            }
+            catch (err) {
+                const errorMsg = err instanceof Error ? err.message : String(err);
+                this.logDelivery(ch.name, payload, 'failed', errorMsg);
+                throw err; // re-throw so allSettled records rejection
+            }
+        }));
+        const allFailed = results.every((r) => r.status === 'rejected');
+        if (allFailed) {
+            await this.logCriticalFailure(payload, results);
+        }
+    }
+    /**
+     * Priority-based fallback: try channels in order, stop on first success.
+     * If all fail, log CRITICAL to audit_log.
+     */
+    async sendWithFallback(payload) {
+        for (const channel of this.channels) {
+            try {
+                await this.sendToChannel(channel, payload);
+                return; // Success -- stop trying
+            }
+            catch (err) {
+                // Log failed delivery attempt
+                const errorMsg = err instanceof Error ? err.message : String(err);
+                this.logDelivery(channel.name, payload, 'failed', errorMsg);
+                continue;
+            }
+        }
+        // All channels failed
+        await this.logCriticalFailure(payload);
+    }
+    /**
+     * Send to a single channel with rate limit check.
+     */
+    async sendToChannel(channel, payload) {
+        if (this.isRateLimited(channel.name)) {
+            throw new Error(`Rate limited: ${channel.name}`);
+        }
+        await channel.send(payload);
+        this.recordSend(channel.name);
+        // Log successful delivery
+        this.logDelivery(channel.name, payload, 'sent');
+    }
+    /** Check if channel is rate limited (sliding window). */
+    isRateLimited(channelName) {
+        const now = Date.now();
+        const windowMs = 60_000; // 1 minute
+        const timestamps = this.rateLimitMap.get(channelName) ?? [];
+        // Remove entries older than window
+        const recent = timestamps.filter((t) => now - t < windowMs);
+        this.rateLimitMap.set(channelName, recent);
+        return recent.length >= this.config.rateLimitRpm;
+    }
+    /** Record a successful send for rate limiting. */
+    recordSend(channelName) {
+        const timestamps = this.rateLimitMap.get(channelName) ?? [];
+        timestamps.push(Date.now());
+        this.rateLimitMap.set(channelName, timestamps);
+    }
+    /**
+     * Record notification delivery result to notification_logs table.
+     * Fire-and-forget: errors are swallowed to never block the pipeline.
+     */
+    logDelivery(channelName, payload, status, error) {
+        if (!this.db)
+            return;
+        try {
+            this.db
+                .insert(schema.notificationLogs)
+                .values({
+                id: generateId(),
+                eventType: payload.eventType,
+                walletId: payload.walletId,
+                channel: channelName,
+                status,
+                error: error ?? null,
+                message: payload.message ?? null,
+                createdAt: new Date(payload.timestamp * 1000),
+            })
+                .run();
+        }
+        catch {
+            // Fire-and-forget: swallow DB errors to never block notification flow
+        }
+    }
+    /**
+     * Log CRITICAL failure to audit_log when all channels fail.
+     */
+    async logCriticalFailure(payload, results) {
+        if (!this.db) {
+            console.error('CRITICAL: All notification channels failed, no DB for audit log', {
+                eventType: payload.eventType,
+                walletId: payload.walletId,
+            });
+            return;
+        }
+        try {
+            const errorDetails = results
+                ? results
+                    .filter((r) => r.status === 'rejected')
+                    .map((r) => String(r.reason))
+                    .join('; ')
+                : 'All channels failed';
+            this.db
+                .insert(schema.auditLog)
+                .values({
+                timestamp: new Date(payload.timestamp * 1000),
+                eventType: 'NOTIFICATION_TOTAL_FAILURE',
+                actor: 'system',
+                walletId: payload.walletId,
+                details: JSON.stringify({
+                    originalEvent: payload.eventType,
+                    message: payload.message,
+                    errors: errorDetails,
+                }),
+                severity: 'critical',
+            })
+                .run();
+        }
+        catch (err) {
+            console.error('CRITICAL: Failed to write audit log for notification failure', err);
+        }
+    }
+}
+//# sourceMappingURL=notification-service.js.map

package/dist/notifications/notification-service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"notification-service.js","sourceRoot":"","sources":["../../src/notifications/notification-service.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,EAAE,sBAAsB,EAAE,MAAM,kCAAkC,CAAC;AAC1E,OAAO,KAAK,MAAM,MAAM,sCAAsC,CAAC;AAC/D,OAAO,EAAE,UAAU,EAAE,MAAM,kCAAkC,CAAC;AAE9D,+DAA+D;AAC/D,MAAM,gBAAgB,GAAgB,IAAI,GAAG,CAAC;IAC5C,uBAAuB;IACvB,uBAAuB;IACvB,qBAAqB;CACtB,CAAC,CAAC;AAOH,MAAM,OAAO,mBAAmB;IACtB,QAAQ,GAA2B,EAAE,CAAC;IACtC,EAAE,GAAgD,IAAI,CAAC;IACvD,MAAM,GAA8B,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC;IAE/E,+CAA+C;IACvC,YAAY,GAAG,IAAI,GAAG,EAAoB,CAAC;IAEnD,YAAY,IAGX;QACC,IAAI,IAAI,EAAE,EAAE;YAAE,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAChC,IAAI,IAAI,EAAE,MAAM;YAAE,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;IACrE,CAAC;IAED,8CAA8C;IAC9C,UAAU,CAAC,OAA6B;QACtC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC9B,CAAC;IAED,4CAA4C;IAC5C,eAAe;QACb,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAC1C,CAAC;IAED,6DAA6D;IAC7D,WAAW;QACT,OAAO,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,WAAmC;QACjD,IAAI,CAAC,QAAQ,GAAG,CAAC,GAAG,WAAW,CAAC,CAAC;QACjC,yEAAyE;QACzE,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAA0C;QACrD,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IAC9C,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM,CACV,SAAgC,EAChC,QAAgB,EAChB,IAA6B,EAC7B,OAAiC;QAEjC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,CAAC,yBAAyB;QAEjE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,sBAAsB,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACpF,MAAM,OAAO,GAAwB;YACnC,SAAS;YACT,QAAQ;YACR,OAAO,EAAE,GAAG,KAAK,KAAK,IAAI,EAAE;YAC5B,OAAO;YACP,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;SACzC,CAAC;QAEF,IAAI,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,SAAS,CAAC,OAA4B;QAClD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,CACtC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE;YAC7B,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;YACxC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,QAAQ,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAClE,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;gBACvD,MAAM,GAAG,CAAC,CAAC,2CAA2C;YACxD,CAAC;QACH,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC;QAChE,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,gBAAgB,CAAC,OAA4B;QACzD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACpC,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBAC3C,OAAO,CAAC,yBAAyB;YACnC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,8BAA8B;gBAC9B,MAAM,QAAQ,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAClE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;gBAC5D,SAAS;YACX,CAAC;QACH,CAAC;QACD,sBAAsB;QACtB,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa,CACzB,OAA6B,EAC7B,OAA4B;QAE5B,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,iBAAiB,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5B,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC9B,0BAA0B;QAC1B,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;IAClD,CAAC;IAED,yDAAyD;IACjD,aAAa,CAAC,WAAmB;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,WAAW;QACpC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QAC5D,mCAAmC;QACnC,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,QAAQ,CAAC,CAAC;QAC5D,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAC3C,OAAO,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;IACnD,CAAC;IAED,kDAAkD;IAC1C,UAAU,CAAC,WAAmB;QACpC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QAC5D,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QAC5B,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;IACjD,CAAC;IAED;;;OAGG;IACK,WAAW,CACjB,WAAmB,EACnB,OAA4B,EAC5B,MAAyB,EACzB,KAAc;QAEd,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,OAAO;QAErB,IAAI,CAAC;YACH,IAAI,CAAC,EAAE;iBACJ,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC;iBAC/B,MAAM,CAAC;gBACN,EAAE,EAAE,UAAU,EAAE;gBAChB,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,OAAO,EAAE,WAAW;gBACpB,MAAM;gBACN,KAAK,EAAE,KAAK,IAAI,IAAI;gBACpB,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,IAAI;gBAChC,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;aAC9C,CAAC;iBACD,GAAG,EAAE,CAAC;QACX,CAAC;QAAC,MAAM,CAAC;YACP,sEAAsE;QACxE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,kBAAkB,CAC9B,OAA4B,EAC5B,OAAsC;QAEtC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,iEAAiE,EAAE;gBAC/E,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;aAC3B,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,OAAO;gBAC1B,CAAC,CAAC,OAAO;qBACJ,MAAM,CAAC,CAAC,CAAC,EAA8B,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC;qBAClE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;qBAC5B,IAAI,CAAC,IAAI,CAAC;gBACf,CAAC,CAAC,qBAAqB,CAAC;YAE1B,IAAI,CAAC,EAAE;iBACJ,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC;iBACvB,MAAM,CAAC;gBACN,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;gBAC7C,SAAS,EAAE,4BAA4B;gBACvC,KAAK,EAAE,QAAQ;gBACf,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC;oBACtB,aAAa,EAAE,OAAO,CAAC,SAAS;oBAChC,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,MAAM,EAAE,YAAY;iBACrB,CAAC;gBACF,QAAQ,EAAE,UAAU;aACrB,CAAC;iBACD,GAAG,EAAE,CAAC;QACX,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,8DAA8D,EAAE,GAAG,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;CACF"}

package/dist/notifications/templates/message-templates.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { NotificationEventType } from '@waiaas/core';
+import { type SupportedLocale } from '@waiaas/core';
+export interface NotificationMessage {
+    title: string;
+    body: string;
+}
+/**
+ * Get a notification message for a given event type and locale,
+ * with template variables interpolated.
+ */
+export declare function getNotificationMessage(eventType: NotificationEventType, locale: SupportedLocale, vars?: Record<string, string>): NotificationMessage;
+//# sourceMappingURL=message-templates.d.ts.map

package/dist/notifications/templates/message-templates.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"message-templates.d.ts","sourceRoot":"","sources":["../../../src/notifications/templates/message-templates.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAe,KAAK,eAAe,EAAE,MAAM,cAAc,CAAC;AAEjE,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,SAAS,EAAE,qBAAqB,EAChC,MAAM,EAAE,eAAe,EACvB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAC5B,mBAAmB,CAkBrB"}

package/dist/notifications/templates/message-templates.js ADDED Viewed

@@ -0,0 +1,22 @@
+import { getMessages } from '@waiaas/core';
+/**
+ * Get a notification message for a given event type and locale,
+ * with template variables interpolated.
+ */
+export function getNotificationMessage(eventType, locale, vars) {
+    const messages = getMessages(locale);
+    const template = messages.notifications[eventType];
+    let { title, body } = template;
+    // Interpolate {variable} placeholders
+    if (vars) {
+        for (const [key, value] of Object.entries(vars)) {
+            title = title.replaceAll(`{${key}}`, value);
+            body = body.replaceAll(`{${key}}`, value);
+        }
+    }
+    // Remove un-substituted {display_amount} placeholder (optional variable)
+    title = title.replaceAll('{display_amount}', '');
+    body = body.replaceAll('{display_amount}', '');
+    return { title: title.trim(), body: body.trim() };
+}
+//# sourceMappingURL=message-templates.js.map

package/dist/notifications/templates/message-templates.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"message-templates.js","sourceRoot":"","sources":["../../../src/notifications/templates/message-templates.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAwB,MAAM,cAAc,CAAC;AAOjE;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CACpC,SAAgC,EAChC,MAAuB,EACvB,IAA6B;IAE7B,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;IACnD,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,QAAQ,CAAC;IAE/B,sCAAsC;IACtC,IAAI,IAAI,EAAE,CAAC;QACT,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;YAC5C,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IACjD,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAE/C,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;AACpD,CAAC"}

package/dist/pipeline/database-policy-engine.d.ts ADDED Viewed

@@ -0,0 +1,286 @@
+/**
+ * DatabasePolicyEngine - v1.2 DB-backed policy engine with network scoping.
+ *
+ * Evaluates transactions against policies stored in the policies table.
+ * Supports SPENDING_LIMIT (4-tier classification), WHITELIST (address filtering),
+ * ALLOWED_NETWORKS (network whitelist, permissive default),
+ * ALLOWED_TOKENS (token transfer whitelist, default deny),
+ * CONTRACT_WHITELIST (contract call whitelist, default deny),
+ * METHOD_WHITELIST (optional method-level restriction for contract calls),
+ * APPROVED_SPENDERS (approve spender whitelist, default deny),
+ * APPROVE_AMOUNT_LIMIT (unlimited approve block + amount cap),
+ * and APPROVE_TIER_OVERRIDE (forced tier for APPROVE transactions).
+ *
+ * Algorithm:
+ * 1. Load enabled policies for wallet (wallet-specific + global), ORDER BY priority DESC
+ * 2. If no policies found, return INSTANT passthrough (Phase 7 compat)
+ * 3. Resolve overrides: 4-level priority (wallet+network > wallet+null > global+network > global+null)
+ * 4. Evaluate WHITELIST: deny if toAddress not in allowed_addresses
+ * 4a.5. Evaluate ALLOWED_NETWORKS: deny if network not in allowed list (permissive default)
+ * 4b. Evaluate ALLOWED_TOKENS: deny TOKEN_TRANSFER if no policy or token not whitelisted
+ * 4c. Evaluate CONTRACT_WHITELIST: deny CONTRACT_CALL if no policy or contract not whitelisted
+ * 4d. Evaluate METHOD_WHITELIST: deny CONTRACT_CALL if method selector not whitelisted (optional)
+ * 4e. Evaluate APPROVED_SPENDERS: deny APPROVE if no policy or spender not approved
+ * 4f. Evaluate APPROVE_AMOUNT_LIMIT: deny APPROVE if unlimited or exceeds max amount
+ * 4g. Evaluate APPROVE_TIER_OVERRIDE: force tier for APPROVE (defaults to APPROVAL, skips SPENDING_LIMIT)
+ * 5. Evaluate SPENDING_LIMIT: classify amount into INSTANT/NOTIFY/DELAY/APPROVAL
+ *
+ * TOCTOU Prevention (evaluateAndReserve):
+ * Uses BEGIN IMMEDIATE to serialize concurrent policy evaluations.
+ * reserved_amount tracks pending amounts to prevent two requests from both passing
+ * under the same spending limit.
+ *
+ * @see docs/33-time-lock-approval-mechanism.md
+ * @see docs/71-policy-engine-network-extension-design.md
+ */
+import type { IPolicyEngine, PolicyEvaluation } from '@waiaas/core';
+import type { BetterSQLite3Database } from 'drizzle-orm/better-sqlite3';
+import type { Database as SQLiteDatabase } from 'better-sqlite3';
+import type * as schema from '../infrastructure/database/schema.js';
+import type { SettingsService } from '../infrastructure/settings/settings-service.js';
+/** Transaction parameter for policy evaluation. */
+interface TransactionParam {
+    type: string;
+    amount: string;
+    toAddress: string;
+    chain: string;
+    /** Resolved network for ALLOWED_NETWORKS evaluation + network scoping. */
+    network?: string;
+    /** Token address for ALLOWED_TOKENS evaluation (TOKEN_TRANSFER only). */
+    tokenAddress?: string;
+    /** Contract address for CONTRACT_WHITELIST evaluation (CONTRACT_CALL only). */
+    contractAddress?: string;
+    /** Function selector (4-byte hex, e.g. '0x12345678') for METHOD_WHITELIST evaluation (CONTRACT_CALL only). */
+    selector?: string;
+    /** Spender address for APPROVED_SPENDERS evaluation (APPROVE only). */
+    spenderAddress?: string;
+    /** Approve amount in raw units for APPROVE_AMOUNT_LIMIT evaluation (APPROVE only). */
+    approveAmount?: string;
+}
+/**
+ * DB-backed policy engine with SPENDING_LIMIT 4-tier, WHITELIST, ALLOWED_NETWORKS,
+ * ALLOWED_TOKENS, CONTRACT_WHITELIST, METHOD_WHITELIST, APPROVED_SPENDERS,
+ * APPROVE_AMOUNT_LIMIT, and APPROVE_TIER_OVERRIDE evaluation.
+ *
+ * Network scoping: policies can target specific networks via the `network` column.
+ * 4-level override priority: wallet+network > wallet+null > global+network > global+null.
+ *
+ * Constructor takes a Drizzle DB instance typed with the full schema,
+ * and optionally a raw better-sqlite3 Database instance for BEGIN IMMEDIATE transactions.
+ */
+export declare class DatabasePolicyEngine implements IPolicyEngine {
+    private readonly db;
+    private readonly sqlite;
+    private readonly settingsService;
+    constructor(db: BetterSQLite3Database<typeof schema>, sqlite?: SQLiteDatabase, settingsService?: SettingsService);
+    /**
+     * Evaluate a transaction against DB-stored policies.
+     */
+    evaluate(walletId: string, transaction: TransactionParam): Promise<PolicyEvaluation>;
+    /**
+     * Evaluate a batch of instructions using 2-stage policy evaluation.
+     *
+     * Phase A: Evaluate each instruction individually against its applicable policies.
+     *          All-or-Nothing: if any instruction is denied, entire batch is denied.
+     *
+     * Phase B: Sum native amounts (TRANSFER.amount) and evaluate
+     *          aggregate against SPENDING_LIMIT. If batch contains APPROVE, apply
+     *          APPROVE_TIER_OVERRIDE and take max(amount tier, approve tier).
+     *
+     * @param walletId - Wallet whose policies to evaluate
+     * @param instructions - Array of instruction parameters (same shape as TransactionParam)
+     * @returns PolicyEvaluation with final tier or denial with violation details
+     */
+    evaluateBatch(walletId: string, instructions: TransactionParam[], batchUsdAmount?: number): Promise<PolicyEvaluation>;
+    /**
+     * Evaluate applicable policies for a single instruction in a batch.
+     *
+     * Only evaluates type-specific policies:
+     * - TRANSFER: WHITELIST
+     * - TOKEN_TRANSFER: WHITELIST + ALLOWED_TOKENS
+     * - CONTRACT_CALL: CONTRACT_WHITELIST + METHOD_WHITELIST
+     * - APPROVE: APPROVED_SPENDERS + APPROVE_AMOUNT_LIMIT
+     *
+     * Does NOT evaluate SPENDING_LIMIT (that's Phase B aggregate) or
+     * APPROVE_TIER_OVERRIDE (that's Phase B).
+     *
+     * Returns null if all policies pass, PolicyEvaluation with allowed=false if denied.
+     */
+    private evaluateInstructionPolicies;
+    /**
+     * Evaluate transaction and reserve amount atomically using BEGIN IMMEDIATE.
+     *
+     * This method:
+     * 1. Begins an IMMEDIATE transaction (exclusive write lock)
+     * 2. Loads policies (same as evaluate)
+     * 3. For SPENDING_LIMIT: computes current reserved total from PENDING/QUEUED txs
+     * 4. Adds current request amount to reserved total
+     * 5. Evaluates against limits with reserved total considered
+     * 6. If allowed: sets reserved_amount on the transaction row
+     * 7. Commits
+     *
+     * @param walletId - The wallet whose policies to evaluate
+     * @param transaction - Transaction details for evaluation
+     * @param txId - The transaction ID to update with reserved_amount
+     * @returns PolicyEvaluation result
+     * @throws Error if sqlite instance not provided in constructor
+     */
+    evaluateAndReserve(walletId: string, transaction: TransactionParam, txId: string, usdAmount?: number): PolicyEvaluation;
+    /**
+     * Release a reserved amount on a transaction.
+     * Called when transaction reaches FAILED/CANCELLED/EXPIRED state.
+     *
+     * @param txId - The transaction ID to clear reservation for
+     */
+    releaseReservation(txId: string): void;
+    /**
+     * Get cumulative USD spent by wallet within a time window.
+     * Includes both confirmed amounts (amount_usd) and pending reservations (reserved_amount_usd).
+     *
+     * CONFIRMED/SIGNED: counted via amount_usd (confirmed or about to be broadcasted).
+     * PENDING/QUEUED: counted via reserved_amount_usd (awaiting processing, not yet confirmed).
+     * Deduplication: SIGNED is in the first query only (amount_usd). PENDING/QUEUED in second only.
+     */
+    private getCumulativeUsdSpent;
+    /**
+     * Resolve policy overrides with 4-level priority:
+     *   1. wallet-specific + network-specific (highest)
+     *   2. wallet-specific + all-networks
+     *   3. global + network-specific
+     *   4. global + all-networks (lowest)
+     *
+     * For each policy type, one policy is selected.
+     * Lower priority entries are inserted first, higher priority entries overwrite.
+     * Key: typeMap[row.type] (same as current -- no composite key needed, PLCY-D03).
+     *
+     * Backward compat: when all policies have network=NULL,
+     * phases 2+4 collapse into current 2-level (wallet > global) behavior.
+     */
+    private resolveOverrides;
+    /**
+     * Evaluate ALLOWED_NETWORKS policy.
+     *
+     * Logic:
+     * - Applies to ALL 5 transaction types (TRANSFER, TOKEN_TRANSFER, CONTRACT_CALL, APPROVE, BATCH)
+     * - If no ALLOWED_NETWORKS policy exists: return null (permissive default -- all networks allowed)
+     * - If policy exists: check if resolvedNetwork is in rules.networks[].network
+     *   -> If found: return null (continue to next evaluation)
+     *   -> If not found: deny with reason 'Network not in allowed list'
+     * - Comparison: case-insensitive (toLowerCase)
+     * - Tier: INSTANT (immediate denial)
+     *
+     * Returns PolicyEvaluation if denied, null if allowed (or no policy).
+     */
+    private evaluateAllowedNetworks;
+    /**
+     * Evaluate WHITELIST policy.
+     * Returns PolicyEvaluation if denied, null if allowed (or no whitelist).
+     */
+    private evaluateWhitelist;
+    /**
+     * Evaluate ALLOWED_TOKENS policy.
+     *
+     * Logic:
+     * - Only applies to TOKEN_TRANSFER transaction type
+     * - If transaction type is TOKEN_TRANSFER and no ALLOWED_TOKENS policy exists:
+     *   -> deny with reason 'Token transfer not allowed: no ALLOWED_TOKENS policy configured'
+     * - If ALLOWED_TOKENS policy exists, check if transaction's token address is in rules.tokens[].address:
+     *   -> If found: return null (continue to next evaluation)
+     *   -> If not found: deny with reason 'Token not in allowed list: {tokenAddress}'
+     * - For non-TOKEN_TRANSFER types: return null (not applicable)
+     *
+     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
+     */
+    private evaluateAllowedTokens;
+    /**
+     * Evaluate CONTRACT_WHITELIST policy.
+     *
+     * Logic:
+     * - Only applies to CONTRACT_CALL transaction type
+     * - If transaction type is CONTRACT_CALL and no CONTRACT_WHITELIST policy exists:
+     *   -> deny with reason 'Contract calls disabled: no CONTRACT_WHITELIST policy configured'
+     * - If CONTRACT_WHITELIST policy exists, check if contract address is in rules.contracts[].address:
+     *   -> If found: return null (continue to next evaluation)
+     *   -> If not found: deny with reason 'Contract not whitelisted: {address}'
+     * - For non-CONTRACT_CALL types: return null (not applicable)
+     *
+     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
+     */
+    private evaluateContractWhitelist;
+    /**
+     * Evaluate METHOD_WHITELIST policy.
+     *
+     * Logic:
+     * - Only applies to CONTRACT_CALL transaction type
+     * - If no METHOD_WHITELIST policy exists: return null (method restriction is optional)
+     * - If METHOD_WHITELIST policy exists, find matching entry for transaction's contract address:
+     *   -> If no entry for this contract: return null (no method restriction for this contract)
+     *   -> If entry found, check if transaction's selector is in entry.selectors:
+     *     -> If found: return null (method allowed)
+     *     -> If not found: deny with reason 'Method not whitelisted: {selector} on contract {address}'
+     *
+     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
+     */
+    private evaluateMethodWhitelist;
+    /**
+     * Evaluate APPROVED_SPENDERS policy.
+     *
+     * Logic:
+     * - Only applies to APPROVE transaction type
+     * - If transaction type is APPROVE and no APPROVED_SPENDERS policy exists:
+     *   -> deny with reason 'Token approvals disabled: no APPROVED_SPENDERS policy configured'
+     * - If APPROVED_SPENDERS policy exists, check if transaction's spenderAddress is in rules.spenders[]:
+     *   -> If found: return null (continue evaluation)
+     *   -> If not found: deny with reason 'Spender not in approved list: {address}'
+     * - Case-insensitive comparison (EVM addresses)
+     *
+     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
+     */
+    private evaluateApprovedSpenders;
+    /**
+     * Evaluate APPROVE_AMOUNT_LIMIT policy.
+     *
+     * Logic:
+     * - Only applies to APPROVE transaction type
+     * - Checks for unlimited approve amounts (>= UNLIMITED_THRESHOLD)
+     * - Checks for amount cap (maxAmount)
+     * - If no policy exists: default block_unlimited=true (block unlimited approvals)
+     *
+     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
+     */
+    private evaluateApproveAmountLimit;
+    /**
+     * Evaluate APPROVE_TIER_OVERRIDE policy.
+     *
+     * Logic:
+     * - Only applies to APPROVE transaction type
+     * - If no APPROVE_TIER_OVERRIDE policy exists: return APPROVAL tier (default: Owner approval required)
+     * - If policy exists: return configured tier
+     * - This is a FINAL result -- skips SPENDING_LIMIT entirely for APPROVE transactions
+     *
+     * Returns PolicyEvaluation (always returns result for APPROVE type, null for others).
+     */
+    private evaluateApproveTierOverride;
+    /**
+     * Evaluate SPENDING_LIMIT policy.
+     * Returns PolicyEvaluation with tier classification, or null if no spending limit.
+     *
+     * Phase 127: usdAmount가 전달되고 rules에 USD 임계값이 설정되어 있으면,
+     * 네이티브 티어와 USD 티어 중 더 보수적인(높은) 티어를 채택한다.
+     */
+    private evaluateSpendingLimit;
+    /**
+     * Evaluate native amount tier (extracted from evaluateSpendingLimit).
+     */
+    private evaluateNativeTier;
+    /**
+     * Check if rules have any USD thresholds configured.
+     */
+    private hasUsdThresholds;
+    /**
+     * Evaluate USD amount tier.
+     */
+    private evaluateUsdTier;
+}
+export {};
+//# sourceMappingURL=database-policy-engine.d.ts.map