@waiaas/daemon 2.11.0-rc.8 → 2.11.0

package/dist/pipeline/database-policy-engine.d.ts

@@ -1,40 +1,15 @@
 /**
  * DatabasePolicyEngine - v1.2 DB-backed policy engine with network scoping.
  *
- * Evaluates transactions against policies stored in the policies table.
- * Supports SPENDING_LIMIT (4-tier classification), WHITELIST (address filtering),
- * ALLOWED_NETWORKS (network whitelist, permissive default),
- * ALLOWED_TOKENS (token transfer whitelist, default deny),
- * CONTRACT_WHITELIST (contract call whitelist, default deny),
- * METHOD_WHITELIST (optional method-level restriction for contract calls),
- * APPROVED_SPENDERS (approve spender whitelist, default deny),
- * APPROVE_AMOUNT_LIMIT (unlimited approve block + amount cap),
- * and APPROVE_TIER_OVERRIDE (forced tier for APPROVE transactions).
- *
- * Algorithm:
- * 1. Load enabled policies for wallet (wallet-specific + global), ORDER BY priority DESC
- * 2. If no policies found, return INSTANT passthrough (Phase 7 compat)
- * 3. Resolve overrides: 4-level priority (wallet+network > wallet+null > global+network > global+null)
- * 4. Evaluate WHITELIST: deny if toAddress not in allowed_addresses
- * 4a.5. Evaluate ALLOWED_NETWORKS: deny if network not in allowed list (permissive default)
- * 4b. Evaluate ALLOWED_TOKENS: deny TOKEN_TRANSFER if no policy or token not whitelisted
- * 4c. Evaluate CONTRACT_WHITELIST: deny CONTRACT_CALL if no policy or contract not whitelisted
- * 4d. Evaluate METHOD_WHITELIST: deny CONTRACT_CALL if method selector not whitelisted (optional)
- * 4e. Evaluate APPROVED_SPENDERS: deny APPROVE if no policy or spender not approved
- * 4f. Evaluate APPROVE_AMOUNT_LIMIT: deny APPROVE if unlimited or exceeds max amount
- * 4g. Evaluate APPROVE_TIER_OVERRIDE: force tier for APPROVE (defaults to APPROVAL, skips SPENDING_LIMIT)
- * 4h. Evaluate LENDING_ASSET_WHITELIST: deny lending action if asset not whitelisted (default-deny)
- * 4h-b. Evaluate LENDING_LTV_LIMIT: deny borrow if projected LTV exceeds maxLtv
- * 4i. Evaluate PERP_ALLOWED_MARKETS: deny perp action if market not whitelisted (default-deny)
- * 4i-b. Evaluate PERP_MAX_LEVERAGE: deny open/modify if leverage exceeds max
- * 4i-c. Evaluate PERP_MAX_POSITION_USD: deny open/modify if position USD exceeds max
- * 5. Evaluate SPENDING_LIMIT: classify amount into INSTANT/NOTIFY/DELAY/APPROVAL
- *    (skip for non-spending lending actions: supply/repay/withdraw)
+ * This file contains the orchestration class that dispatches to evaluator modules
+ * in the evaluators/ directory. Each policy type has its own evaluator file.
  *
- * TOCTOU Prevention (evaluateAndReserve):
- * Uses BEGIN IMMEDIATE to serialize concurrent policy evaluations.
- * reserved_amount tracks pending amounts to prevent two requests from both passing
- * under the same spending limit.
+ * Evaluates transactions against policies stored in the policies table.
+ * Supports SPENDING_LIMIT, WHITELIST, ALLOWED_NETWORKS, ALLOWED_TOKENS,
+ * CONTRACT_WHITELIST, METHOD_WHITELIST, APPROVED_SPENDERS, APPROVE_AMOUNT_LIMIT,
+ * APPROVE_TIER_OVERRIDE, LENDING_ASSET_WHITELIST, LENDING_LTV_LIMIT,
+ * PERP_ALLOWED_MARKETS, PERP_MAX_LEVERAGE, PERP_MAX_POSITION_USD,
+ * VENUE_WHITELIST, ACTION_CATEGORY_LIMIT, and REPUTATION_THRESHOLD.
  *
  * @see docs/33-time-lock-approval-mechanism.md
  * @see docs/71-policy-engine-network-extension-design.md
@@ -45,66 +20,8 @@ import type { Database as SQLiteDatabase } from 'better-sqlite3';
 import type * as schema from '../infrastructure/database/schema.js';
 import type { SettingsService } from '../infrastructure/settings/settings-service.js';
 import type { ReputationCacheService } from '../services/erc8004/reputation-cache-service.js';
-/** Perp max leverage restriction rules (Phase 297). */
-export interface PerpMaxLeverageRules {
-    maxLeverage: number;
-    warningLeverage?: number;
-}
-/** Perp max position USD restriction rules (Phase 297). */
-export interface PerpMaxPositionUsdRules {
-    maxPositionUsd: number;
-    warningPositionUsd?: number;
-}
-/** Perp allowed markets whitelist rules (Phase 297). */
-export interface PerpAllowedMarketsRules {
-    markets: Array<{
-        market: string;
-        name?: string;
-    }>;
-}
-/** Transaction parameter for policy evaluation. */
-interface TransactionParam {
-    type: string;
-    amount: string;
-    toAddress: string;
-    chain: string;
-    /** Resolved network for ALLOWED_NETWORKS evaluation + network scoping. */
-    network?: string;
-    /** Token address for ALLOWED_TOKENS evaluation (TOKEN_TRANSFER only). */
-    tokenAddress?: string;
-    /** CAIP-19 asset identifier for ALLOWED_TOKENS 4-scenario matching (TOKEN_TRANSFER only). */
-    assetId?: string;
-    /** Contract address for CONTRACT_WHITELIST evaluation (CONTRACT_CALL only). */
-    contractAddress?: string;
-    /** Function selector (4-byte hex, e.g. '0x12345678') for METHOD_WHITELIST evaluation (CONTRACT_CALL only). */
-    selector?: string;
-    /** Spender address for APPROVED_SPENDERS evaluation (APPROVE only). */
-    spenderAddress?: string;
-    /** Approve amount in raw units for APPROVE_AMOUNT_LIMIT evaluation (APPROVE only). */
-    approveAmount?: string;
-    /** Token decimals for token_limits human-readable conversion (TOKEN_TRANSFER/APPROVE only). */
-    tokenDecimals?: number;
-    /** Action provider name for provider-trust policy bypass (set by ActionProviderRegistry). */
-    actionProvider?: string;
-    /** Action name for lending policy evaluation (supply/borrow/repay/withdraw). Set by ActionProviderRegistry. */
-    actionName?: string;
-    /** Leverage for perp policy evaluation (open_position/modify_position). Set by ActionProviderRegistry. */
-    perpLeverage?: number;
-    /** Position size in USD for perp policy evaluation. Set by ActionProviderRegistry. */
-    perpSizeUsd?: number;
-    /** Venue identifier for VENUE_WHITELIST evaluation (signedData/signedHttp only). */
-    venue?: string;
-    /** Action category for ACTION_CATEGORY_LIMIT evaluation (e.g., 'trade', 'withdraw'). */
-    actionCategory?: string;
-    /** Notional USD value for ACTION_CATEGORY_LIMIT evaluation. */
-    notionalUsd?: number;
-    /** Leverage for off-chain action (for policy context). */
-    leverage?: number;
-    /** Expiry timestamp (ISO string) for off-chain action. */
-    expiry?: string;
-    /** Whether the off-chain action has withdrawal capability. */
-    hasWithdrawCapability?: boolean;
-}
+import type { PolicyRow, TransactionParam, ParseRulesContext } from './evaluators/types.js';
+export type { PolicyRow, TransactionParam, ParseRulesContext };
 /**
  * DB-backed policy engine with SPENDING_LIMIT 4-tier, WHITELIST, ALLOWED_NETWORKS,
  * ALLOWED_TOKENS, CONTRACT_WHITELIST, METHOD_WHITELIST, APPROVED_SPENDERS,
@@ -112,9 +29,6 @@ interface TransactionParam {
  *
  * Network scoping: policies can target specific networks via the `network` column.
  * 4-level override priority: wallet+network > wallet+null > global+network > global+null.
- *
- * Constructor takes a Drizzle DB instance typed with the full schema,
- * and optionally a raw better-sqlite3 Database instance for BEGIN IMMEDIATE transactions.
  */
 export declare class DatabasePolicyEngine implements IPolicyEngine {
     private readonly db;
@@ -122,364 +36,30 @@ export declare class DatabasePolicyEngine implements IPolicyEngine {
     private readonly settingsService;
     private readonly reputationCacheService;
     constructor(db: BetterSQLite3Database<typeof schema>, sqlite?: SQLiteDatabase, settingsService?: SettingsService, reputationCacheService?: ReputationCacheService);
+    /** Evaluator context with parseRules + settingsService access. */
+    private get ctx();
     /**
-     * Evaluate a transaction against DB-stored policies.
+     * Parse policy rules JSON with Zod validation.
+     * Throws POLICY_RULES_CORRUPT on invalid JSON or schema mismatch.
      */
-    evaluate(walletId: string, transaction: TransactionParam): Promise<PolicyEvaluation>;
+    private parseRules;
     /**
-     * Evaluate a batch of instructions using 2-stage policy evaluation.
-     *
-     * Phase A: Evaluate each instruction individually against its applicable policies.
-     *          All-or-Nothing: if any instruction is denied, entire batch is denied.
-     *
-     * Phase B: Sum native amounts (TRANSFER.amount) and evaluate
-     *          aggregate against SPENDING_LIMIT. If batch contains APPROVE, apply
-     *          APPROVE_TIER_OVERRIDE and take max(amount tier, approve tier).
-     *
-     * @param walletId - Wallet whose policies to evaluate
-     * @param instructions - Array of instruction parameters (same shape as TransactionParam)
-     * @returns PolicyEvaluation with final tier or denial with violation details
+     * Evaluate a transaction against DB-stored policies.
      */
+    evaluate(walletId: string, transaction: TransactionParam): Promise<PolicyEvaluation>;
     evaluateBatch(walletId: string, instructions: TransactionParam[], batchUsdAmount?: number): Promise<PolicyEvaluation>;
-    /**
-     * Evaluate applicable policies for a single instruction in a batch.
-     *
-     * Only evaluates type-specific policies:
-     * - TRANSFER: WHITELIST
-     * - TOKEN_TRANSFER: WHITELIST + ALLOWED_TOKENS
-     * - CONTRACT_CALL: CONTRACT_WHITELIST + METHOD_WHITELIST
-     * - APPROVE: APPROVED_SPENDERS + APPROVE_AMOUNT_LIMIT
-     *
-     * Does NOT evaluate SPENDING_LIMIT (that's Phase B aggregate) or
-     * APPROVE_TIER_OVERRIDE (that's Phase B).
-     *
-     * Returns null if all policies pass, PolicyEvaluation with allowed=false if denied.
-     */
     private evaluateInstructionPolicies;
-    /**
-     * Evaluate transaction and reserve amount atomically using BEGIN IMMEDIATE.
-     *
-     * This method:
-     * 1. Begins an IMMEDIATE transaction (exclusive write lock)
-     * 2. Loads policies (same as evaluate)
-     * 3. For SPENDING_LIMIT: computes current reserved total from PENDING/QUEUED txs
-     * 4. Adds current request amount to reserved total
-     * 5. Evaluates against limits with reserved total considered
-     * 6. If allowed: sets reserved_amount on the transaction row
-     * 7. Commits
-     *
-     * @param walletId - The wallet whose policies to evaluate
-     * @param transaction - Transaction details for evaluation
-     * @param txId - The transaction ID to update with reserved_amount
-     * @returns PolicyEvaluation result
-     * @throws Error if sqlite instance not provided in constructor
-     */
     evaluateAndReserve(walletId: string, transaction: TransactionParam, txId: string, usdAmount?: number, reputationFloorTier?: PolicyTier): PolicyEvaluation;
-    /**
-     * Release a reserved amount on a transaction.
-     * Called when transaction reaches FAILED/CANCELLED/EXPIRED state.
-     *
-     * @param txId - The transaction ID to clear reservation for
-     */
     releaseReservation(txId: string): void;
-    /**
-     * Get cumulative USD spent by wallet within a time window.
-     * Includes both confirmed amounts (amount_usd) and pending reservations (reserved_amount_usd).
-     *
-     * CONFIRMED/SIGNED: counted via amount_usd (confirmed or about to be broadcasted).
-     * PENDING/QUEUED: counted via reserved_amount_usd (awaiting processing, not yet confirmed).
-     * Deduplication: SIGNED is in the first query only (amount_usd). PENDING/QUEUED in second only.
-     */
     private getCumulativeUsdSpent;
-    /**
-     * Resolve policy overrides with 4-level priority:
-     *   1. wallet-specific + network-specific (highest)
-     *   2. wallet-specific + all-networks
-     *   3. global + network-specific
-     *   4. global + all-networks (lowest)
-     *
-     * For each policy type, one policy is selected.
-     * Lower priority entries are inserted first, higher priority entries overwrite.
-     * Key: typeMap[row.type] (same as current -- no composite key needed, PLCY-D03).
-     *
-     * Backward compat: when all policies have network=NULL,
-     * phases 2+4 collapse into current 2-level (wallet > global) behavior.
-     */
     private resolveOverrides;
-    /**
-     * Evaluate ALLOWED_NETWORKS policy.
-     *
-     * Logic:
-     * - Applies to ALL 5 transaction types (TRANSFER, TOKEN_TRANSFER, CONTRACT_CALL, APPROVE, BATCH)
-     * - If no ALLOWED_NETWORKS policy exists: return null (permissive default -- all networks allowed)
-     * - If policy exists: check if resolvedNetwork is in rules.networks[].network
-     *   -> If found: return null (continue to next evaluation)
-     *   -> If not found: deny with reason 'Network not in allowed list'
-     * - Comparison: case-insensitive (toLowerCase)
-     * - Tier: INSTANT (immediate denial)
-     *
-     * Returns PolicyEvaluation if denied, null if allowed (or no policy).
-     */
-    private evaluateAllowedNetworks;
-    /**
-     * Evaluate WHITELIST policy.
-     * Returns PolicyEvaluation if denied, null if allowed (or no whitelist).
-     */
-    private evaluateWhitelist;
-    /**
-     * Evaluate ALLOWED_TOKENS policy with 4-scenario matching matrix (PLCY-03).
-     *
-     * Logic:
-     * - Only applies to TOKEN_TRANSFER transaction type
-     * - If transaction type is TOKEN_TRANSFER and no ALLOWED_TOKENS policy exists:
-     *   -> deny with reason 'Token transfer not allowed: no ALLOWED_TOKENS policy configured'
-     * - If ALLOWED_TOKENS policy exists, match using 4-scenario matrix:
-     *   Scenario 1: Policy assetId + TX assetId -> exact CAIP-19 string match
-     *   Scenario 2: Policy assetId + TX address only -> extract address from policy assetId, compare lowercase
-     *   Scenario 3: Policy address only + TX assetId -> extract address from TX assetId, compare lowercase
-     *   Scenario 4: Policy address only + TX address only -> current behavior (case-insensitive)
-     * - EVM addresses normalized to lowercase for comparison (PLCY-04)
-     *
-     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
-     */
-    private evaluateAllowedTokens;
-    /**
-     * Evaluate CONTRACT_WHITELIST policy.
-     *
-     * Logic:
-     * - Only applies to CONTRACT_CALL transaction type
-     * - Provider-trust: if transaction has actionProvider and the provider is enabled
-     *   in SettingsService, skip CONTRACT_WHITELIST entirely (trusted provider bypass)
-     * - If transaction type is CONTRACT_CALL and no CONTRACT_WHITELIST policy exists:
-     *   -> deny with reason 'Contract calls disabled: no CONTRACT_WHITELIST policy configured'
-     * - If CONTRACT_WHITELIST policy exists, check if contract address is in rules.contracts[].address:
-     *   -> If found: return null (continue to next evaluation)
-     *   -> If not found: deny with reason 'Contract not whitelisted: {address}'
-     * - For non-CONTRACT_CALL types: return null (not applicable)
-     *
-     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
-     */
-    private evaluateContractWhitelist;
-    /**
-     * Evaluate METHOD_WHITELIST policy.
-     *
-     * Logic:
-     * - Only applies to CONTRACT_CALL transaction type
-     * - If no METHOD_WHITELIST policy exists: return null (method restriction is optional)
-     * - If METHOD_WHITELIST policy exists, find matching entry for transaction's contract address:
-     *   -> If no entry for this contract: return null (no method restriction for this contract)
-     *   -> If entry found, check if transaction's selector is in entry.selectors:
-     *     -> If found: return null (method allowed)
-     *     -> If not found: deny with reason 'Method not whitelisted: {selector} on contract {address}'
-     *
-     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
-     */
-    private evaluateMethodWhitelist;
-    /**
-     * Evaluate APPROVED_SPENDERS policy.
-     *
-     * Logic:
-     * - Only applies to APPROVE transaction type
-     * - If transaction type is APPROVE and no APPROVED_SPENDERS policy exists:
-     *   -> deny with reason 'Token approvals disabled: no APPROVED_SPENDERS policy configured'
-     * - If APPROVED_SPENDERS policy exists, check if transaction's spenderAddress is in rules.spenders[]:
-     *   -> If found: return null (continue evaluation)
-     *   -> If not found: deny with reason 'Spender not in approved list: {address}'
-     * - Case-insensitive comparison (EVM addresses)
-     *
-     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
-     */
-    private evaluateApprovedSpenders;
-    /**
-     * Evaluate APPROVE_AMOUNT_LIMIT policy.
-     *
-     * Logic:
-     * - Only applies to APPROVE transaction type
-     * - Checks for unlimited approve amounts (>= UNLIMITED_THRESHOLD)
-     * - Checks for amount cap (maxAmount)
-     * - If no policy exists: default block_unlimited=true (block unlimited approvals)
-     *
-     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
-     */
-    private evaluateApproveAmountLimit;
-    /**
-     * Evaluate APPROVE_TIER_OVERRIDE policy.
-     *
-     * Logic:
-     * - Only applies to APPROVE transaction type
-     * - If APPROVE_TIER_OVERRIDE policy exists: return configured tier (FINAL, skips SPENDING_LIMIT)
-     * - If no APPROVE_TIER_OVERRIDE policy exists: return null (Phase 236: fall through to SPENDING_LIMIT
-     *   for token_limits evaluation; if no SPENDING_LIMIT either, INSTANT passthrough)
-     *
-     * Phase 236 change: Previously defaulted to APPROVAL when no override policy existed.
-     * Now falls through to SPENDING_LIMIT to allow token_limits evaluation for APPROVE transactions.
-     *
-     * Returns PolicyEvaluation if override policy exists, null otherwise.
-     */
-    private evaluateApproveTierOverride;
-    /**
-     * Evaluate SPENDING_LIMIT policy.
-     * Returns PolicyEvaluation with tier classification, or null if no spending limit.
-     *
-     * Phase 127: usdAmount가 전달되고 rules에 USD 임계값이 설정되어 있으면,
-     * 네이티브 티어와 USD 티어 중 더 보수적인(높은) 티어를 채택한다.
-     *
-     * Phase 236: tokenContext가 전달되고 rules에 token_limits가 설정되어 있으면,
-     * evaluateTokenTier()를 사용하여 토큰별 human-readable 한도를 평가한다.
-     */
-    private evaluateSpendingLimit;
-    /**
-     * Evaluate token-specific tier using token_limits with CAIP-19 key matching.
-     * Returns PolicyTier if a matching token limit is found, null otherwise (-> raw fallback).
-     *
-     * Matching priority:
-     * 1. Exact CAIP-19 asset ID match (TOKEN_TRANSFER, APPROVE)
-     * 2. "native:{chain}" match (TRANSFER)
-     * 3. "native" shorthand match (TRANSFER, only when policy has network set)
-     * 4. No match -> return null (caller falls back to raw fields)
-     */
-    private evaluateTokenTier;
-    /**
-     * Evaluate native amount tier (extracted from evaluateSpendingLimit).
-     * Phase 236: proper undefined guards for optional raw fields.
-     */
-    private evaluateNativeTier;
-    /**
-     * Check if rules have any USD thresholds configured.
-     */
-    private hasUsdThresholds;
-    /**
-     * Evaluate USD amount tier.
-     */
-    private evaluateUsdTier;
-    /**
-     * Build tokenContext from TransactionParam for evaluateTokenTier().
-     * Phase 236: Extracts relevant fields and attaches the policy's network.
-     */
-    private buildTokenContext;
-    /**
-     * Evaluate LENDING_ASSET_WHITELIST policy.
-     *
-     * Logic:
-     * - Only applies to lending actions (supply/borrow/repay/withdraw)
-     * - If no LENDING_ASSET_WHITELIST policy exists: deny (default-deny per CLAUDE.md)
-     * - If policy exists: check if target contract address is in rules.assets[].address
-     *
-     * Returns PolicyEvaluation if denied, null if allowed (or not applicable).
-     */
-    private evaluateLendingAssetWhitelist;
-    /**
-     * Evaluate LENDING_LTV_LIMIT policy for borrow actions.
-     *
-     * Logic:
-     * - Only applies to borrow actions
-     * - Reads cached LENDING positions from defi_positions table
-     * - Calculates projected LTV = (currentDebtUsd + newBorrowUsd) / totalCollateralUsd
-     * - Denies if projected LTV > maxLtv
-     * - Returns DELAY tier if projected LTV > warningLtv
-     *
-     * @param usdAmount - USD value of the new borrow (from pipeline IPriceOracle, LEND-09)
-     * Returns PolicyEvaluation if denied/escalated, null if allowed (or not applicable).
-     */
-    private evaluateLendingLtvLimit;
-    /**
-     * Evaluate PERP_ALLOWED_MARKETS policy.
-     *
-     * Logic:
-     * - Only applies to perp actions (suffix matching: open_position, close_position,
-     *   modify_position, add_margin, withdraw_margin)
-     * - If no PERP_ALLOWED_MARKETS policy exists: deny (default-deny per CLAUDE.md)
-     * - If policy exists: check if transaction's market (from actionName prefix or params)
-     *   is in rules.markets[].market (case-insensitive)
-     *
-     * Market identification: TransactionParam.contractAddress is used as the market
-     * identifier for perp actions (the protocol program/contract address).
-     */
-    private evaluatePerpAllowedMarkets;
-    /**
-     * Evaluate PERP_MAX_LEVERAGE policy.
-     *
-     * Logic:
-     * - Only applies to open_position and modify_position (suffix matching)
-     * - Reads perpLeverage from TransactionParam
-     * - Denies if perpLeverage > rules.maxLeverage
-     * - Returns DELAY tier if perpLeverage > rules.warningLeverage (optional)
-     */
-    private evaluatePerpMaxLeverage;
-    /**
-     * Evaluate PERP_MAX_POSITION_USD policy.
-     *
-     * Logic:
-     * - Only applies to open_position and modify_position (suffix matching)
-     * - Reads perpSizeUsd from TransactionParam
-     * - Denies if perpSizeUsd > rules.maxPositionUsd
-     * - Returns DELAY tier if perpSizeUsd > rules.warningPositionUsd (optional)
-     */
-    private evaluatePerpMaxPositionUsd;
-    /**
-     * Evaluate REPUTATION_THRESHOLD policy.
-     *
-     * Logic:
-     * - Find REPUTATION_THRESHOLD policy in resolved list
-     * - If not found or check_counterparty=false, return null (skip)
-     * - Resolve counterparty agentId from toAddress via agent_identities table
-     * - If no agentId found, treat as unrated
-     * - If no reputationCacheService, treat as unrated
-     * - Lookup reputation score via cache
-     * - If null (unrated/RPC failure), return unrated_tier
-     * - If score < min_score, return below_threshold_tier
-     * - If score >= min_score, return null (pass, continue evaluation)
-     *
-     * Returns the reputation floor tier (PolicyTier) or null if no escalation needed.
-     * The caller applies maxTier to the final result.
-     */
     private evaluateReputationThreshold;
-    /**
-     * Resolve ERC-8004 agentId from a counterparty address.
-     *
-     * Looks up agent_identities table via wallet publicKey join to find
-     * the chain_agent_id for the counterparty. Case-insensitive for EVM addresses.
-     *
-     * @returns chain_agent_id string if found, null otherwise
-     */
     private resolveAgentIdFromAddress;
-    /**
-     * Pre-fetch reputation floor tier for use in evaluateAndReserve (synchronous context).
-     *
-     * Called from stage3Policy before entering the IMMEDIATE transaction, since
-     * evaluateReputationThreshold is async (RPC call) but evaluateAndReserve is sync.
-     *
-     * @returns Object with tier and notification context if escalation needed, undefined otherwise
-     */
     prefetchReputationTier(walletId: string, transaction: TransactionParam, reputationCache: ReputationCacheService): Promise<{
         tier: PolicyTier;
         score?: string;
         threshold?: string;
     } | undefined>;
-    /**
-     * Evaluate VENUE_WHITELIST policy (default-deny when enabled).
-     *
-     * Logic:
-     * - If transaction has no venue (contractCall) -> return null (skip)
-     * - If venue_whitelist_enabled setting is not 'true' -> return null (disabled)
-     * - Find VENUE_WHITELIST policy in resolved list
-     * - If no policy found + venue present -> DENY (default-deny)
-     * - If policy found + venue in whitelist -> return null (allowed)
-     * - If policy found + venue not in whitelist -> DENY
-     */
-    private evaluateVenueWhitelist;
-    /**
-     * Evaluate ACTION_CATEGORY_LIMIT policy (per-action, daily, monthly USD limits).
-     *
-     * Logic:
-     * - If transaction has no actionCategory or notionalUsd -> return null (skip)
-     * - Find ACTION_CATEGORY_LIMIT policies matching transaction.actionCategory
-     * - Check per_action_limit_usd: deny if notionalUsd exceeds
-     * - Check daily_limit_usd: query cumulative notionalUsd for category today
-     * - Check monthly_limit_usd: query cumulative notionalUsd for category this month
-     * - On exceed: return tier_on_exceed (default 'DELAY')
-     */
-    private evaluateActionCategoryLimit;
+    private buildTokenContext;
 }
-export {};
 //# sourceMappingURL=database-policy-engine.d.ts.map

package/dist/pipeline/database-policy-engine.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"database-policy-engine.d.ts","sourceRoot":"","sources":["../../src/pipeline/database-policy-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAEhF,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAGjE,OAAO,KAAK,KAAK,MAAM,MAAM,sCAAsC,CAAC;AACpE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gDAAgD,CAAC;AACtF,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,iDAAiD,CAAC;AA8D9F,uDAAuD;AACvD,MAAM,WAAW,oBAAoB;IACnC,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,2DAA2D;AAC3D,MAAM,WAAW,uBAAuB;IACtC,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,wDAAwD;AACxD,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,KAAK,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACnD;AAyED,mDAAmD;AACnD,UAAU,gBAAgB;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,0EAA0E;IAC1E,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,yEAAyE;IACzE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,6FAA6F;IAC7F,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,+EAA+E;IAC/E,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,8GAA8G;IAC9G,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,uEAAuE;IACvE,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,sFAAsF;IACtF,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,+FAA+F;IAC/F,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,6FAA6F;IAC7F,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+GAA+G;IAC/G,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,0GAA0G;IAC1G,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,sFAAsF;IACtF,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,oFAAoF;IACpF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,wFAAwF;IACxF,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+DAA+D;IAC/D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,0DAA0D;IAC1D,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,0DAA0D;IAC1D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,8DAA8D;IAC9D,qBAAqB,CAAC,EAAE,OAAO,CAAC;CACjC;AAkBD;;;;;;;;;;GAUG;AACH,qBAAa,oBAAqB,YAAW,aAAa;IAMtD,OAAO,CAAC,QAAQ,CAAC,EAAE;IALrB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAwB;IAC/C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAyB;IACzD,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAgC;gBAGpD,EAAE,EAAE,qBAAqB,CAAC,OAAO,MAAM,CAAC,EACzD,MAAM,CAAC,EAAE,cAAc,EACvB,eAAe,CAAC,EAAE,eAAe,EACjC,sBAAsB,CAAC,EAAE,sBAAsB;IAOjD;;OAEG;IACG,QAAQ,CACZ,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,gBAAgB,GAC5B,OAAO,CAAC,gBAAgB,CAAC;IAmL5B;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,gBAAgB,EAAE,EAChC,cAAc,CAAC,EAAE,MAAM,GACtB,OAAO,CAAC,gBAAgB,CAAC;IA0G5B;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,2BAA2B;IAqDnC;;;;;;;;;;;;;;;;;OAiBG;IACH,kBAAkB,CAChB,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,gBAAgB,EAC7B,IAAI,EAAE,MAAM,EACZ,SAAS,CAAC,EAAE,MAAM,EAClB,mBAAmB,CAAC,EAAE,UAAU,GAC/B,gBAAgB;IA+QnB;;;;;OAKG;IACH,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IActC;;;;;;;OAOG;IACH,OAAO,CAAC,qBAAqB;IA4B7B;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,gBAAgB;IA8CxB;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,uBAAuB;IAgC/B;;;OAGG;IACH,OAAO,CAAC,iBAAiB;IAmCzB;;;;;;;;;;;;;;;OAeG;IACH,OAAO,CAAC,qBAAqB;IAiF7B;;;;;;;;;;;;;;;OAeG;IACH,OAAO,CAAC,yBAAyB;IA0DjC;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,uBAAuB;IAqD/B;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,wBAAwB;IAqDhC;;;;;;;;;;OAUG;IACH,OAAO,CAAC,0BAA0B;IAsDlC;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,2BAA2B;IAuBnC;;;;;;;;;OASG;IACH,OAAO,CAAC,qBAAqB;IAmD7B;;;;;;;;;OASG;IACH,OAAO,CAAC,iBAAiB;IAyDzB;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAgB1B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAMxB;;OAEG;IACH,OAAO,CAAC,eAAe;IAavB;;;OAGG;IACH,OAAO,CAAC,iBAAiB;IAyBzB;;;;;;;;;OASG;IACH,OAAO,CAAC,6BAA6B;IAwCrC;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,uBAAuB;IA+D/B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,0BAA0B;IA2ClC;;;;;;;;OAQG;IACH,OAAO,CAAC,uBAAuB;IAwC/B;;;;;;;;OAQG;IACH,OAAO,CAAC,0BAA0B;IAwClC;;;;;;;;;;;;;;;;OAgBG;YACW,2BAA2B;IA8CzC;;;;;;;OAOG;IACH,OAAO,CAAC,yBAAyB;IA2BjC;;;;;;;OAOG;IACG,sBAAsB,CAC1B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,gBAAgB,EAC7B,eAAe,EAAE,sBAAsB,GACtC,OAAO,CAAC;QAAE,IAAI,EAAE,UAAU,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,SAAS,CAAC;IA2DhF;;;;;;;;;;OAUG;IACH,OAAO,CAAC,sBAAsB;IA8C9B;;;;;;;;;;OAUG;IACH,OAAO,CAAC,2BAA2B;CAwGpC"}
+{"version":3,"file":"database-policy-engine.d.ts","sourceRoot":"","sources":["../../src/pipeline/database-policy-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAShF,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAGjE,OAAO,KAAK,KAAK,MAAM,MAAM,sCAAsC,CAAC;AACpE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gDAAgD,CAAC;AACtF,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,iDAAiD,CAAC;AAU9F,OAAO,KAAK,EAAE,SAAS,EAAE,gBAAgB,EAAE,iBAAiB,EAAmB,MAAM,uBAAuB,CAAC;AAG7G,YAAY,EAAE,SAAS,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,CAAC;AAM/D;;;;;;;GAOG;AACH,qBAAa,oBAAqB,YAAW,aAAa;IAMtD,OAAO,CAAC,QAAQ,CAAC,EAAE;IALrB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAwB;IAC/C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAyB;IACzD,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAgC;gBAGpD,EAAE,EAAE,qBAAqB,CAAC,OAAO,MAAM,CAAC,EACzD,MAAM,CAAC,EAAE,cAAc,EACvB,eAAe,CAAC,EAAE,eAAe,EACjC,sBAAsB,CAAC,EAAE,sBAAsB;IAOjD,kEAAkE;IAClE,OAAO,KAAK,GAAG,GAKd;IAED;;;OAGG;IACH,OAAO,CAAC,UAAU;IAQlB;;OAEG;IACG,QAAQ,CACZ,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,gBAAgB,GAC5B,OAAO,CAAC,gBAAgB,CAAC;IAoJtB,aAAa,CACjB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,gBAAgB,EAAE,EAChC,cAAc,CAAC,EAAE,MAAM,GACtB,OAAO,CAAC,gBAAgB,CAAC;IA4F5B,OAAO,CAAC,2BAA2B;IAuDnC,kBAAkB,CAChB,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,gBAAgB,EAC7B,IAAI,EAAE,MAAM,EACZ,SAAS,CAAC,EAAE,MAAM,EAClB,mBAAmB,CAAC,EAAE,UAAU,GAC/B,gBAAgB;IAyNnB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IActC,OAAO,CAAC,qBAAqB;IA0B7B,OAAO,CAAC,gBAAgB;YA8CV,2BAA2B;IAsCzC,OAAO,CAAC,yBAAyB;IAwB3B,sBAAsB,CAC1B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,gBAAgB,EAC7B,eAAe,EAAE,sBAAsB,GACtC,OAAO,CAAC;QAAE,IAAI,EAAE,UAAU,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,SAAS,CAAC;IAwDhF,OAAO,CAAC,iBAAiB;CAoB1B"}