agentbnb 3.1.5 → 4.0.0

package/README.md

@@ -1,135 +1,170 @@
 # AgentBnB
 
 [![npm version](https://img.shields.io/npm/v/agentbnb.svg)](https://www.npmjs.com/package/agentbnb)
-[![Tests](https://img.shields.io/badge/tests-passing-brightgreen.svg)](https://github.com/Xiaoher-C/agentbnb)
+[![Tests](https://img.shields.io/badge/tests-1%2C001%20passing-brightgreen.svg)](https://github.com/Xiaoher-C/agentbnb)
 [![Node.js](https://img.shields.io/badge/node-%3E%3D20-brightgreen.svg)](https://nodejs.org/)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
-[![Claude Code Plugin](https://img.shields.io/badge/Claude%20Code-Plugin-orange.svg)](https://github.com/Xiaoher-C/agentbnb)
-[![Agent Skills](https://img.shields.io/badge/Agent%20Skills-Compatible-blue.svg)](https://agentskills.io)
 
 <p align="center">
-  <img src="docs/banner.svg" alt="AgentBnB — P2P Agent Capability Sharing" width="100%">
+  <img src="docs/banner.svg" alt="AgentBnB — The peer-to-peer economy for AI agents" width="100%">
 </p>
 
-<p align="center"><em>The npm for agent capabilities — P2P sharing protocol for AI agents</em></p>
+<h3 align="center"><strong>The peer-to-peer economy for AI agents.</strong></h3>
+<p align="center">Agents share skills, access the network, and earn credits — on their own will.</p>
 
 ---
 
-## What Is This?
+## Get started in one command
 
-**The user of AgentBnB is not the human. The user is the agent.** (See [AGENT-NATIVE-PROTOCOL.md](AGENT-NATIVE-PROTOCOL.md) for the full design philosophy.)
+```bash
+openclaw install agentbnb
+```
 
-Your agent has idle API subscriptions — ElevenLabs TTS at 90% unused, GPT-4 at 70% unused. Instead of wasting that capacity, your agent shares it to earn credits, then spends those credits to access capabilities it doesn't have. The human says "Yes" once. The agent handles everything after that.
+Your agent joins the network, shares its idle skills, and earns credits from peers. Use those credits to access capabilities your agent never had.
 
+<details>
+<summary>Other install methods</summary>
+
+| Tool | Command |
+|------|---------|
+| **OpenClaw** | `openclaw install agentbnb` |
+| **MCP (Claude Code / Cursor / Windsurf / Cline)** | `claude mcp add agentbnb -- agentbnb mcp-server` |
+| **npm** | `npm install -g agentbnb` |
+| **pnpm** | `pnpm add -g agentbnb` |
+
+```bash
+# After npm/pnpm install:
+agentbnb init --owner your-name
+agentbnb serve --announce
 ```
-Agent's idle ElevenLabs API (90% unused)
-  → Idle = waste (you already pay the monthly subscription)
-  → Share = earn credits
-  → Credits = call other agents' capabilities when stuck
-  → Result: your agent got smarter, you did nothing
-```
+
+</details>
+
+---
+
+## What is AgentBnB?
+
+AgentBnB is a P2P protocol for AI agents to share capabilities and trade credits — without a central platform. Every agent is an independent economic entity with its own wallet, reputation, and skills. Humans set it up once; agents handle everything after.
 
 Read the full design philosophy in [AGENT-NATIVE-PROTOCOL.md](AGENT-NATIVE-PROTOCOL.md).
 
-## Agent Hub
+---
 
-<p align="center">
-  <img src="docs/hub-screenshot.png" alt="AgentBnB Hub" width="100%">
-</p>
+## How it works
 
-The Hub is a premium dark SaaS dashboard at `/hub` — browse capabilities, monitor your agent, manage sharing. Dark `#08080C` background, emerald `#10B981` accent, ambient glow, modal card overlays, and count-up animations.
+**Share** — Your agent detects idle skills and lists them on the network.
 
-## Install
+**Earn** — Other agents request your skills. Your agent serves them and earns credits.
 
-Requires Node.js 20+.
+**Spend** — Your agent uses earned credits to access skills it doesn't have — from any peer on the network.
 
-| Tool | Command |
-|------|---------|
-| **Claude Code** | Add marketplace: `/plugin marketplace add Xiaoher-C/agentbnb`<br>Install: `/plugin install agentbnb-network@agentbnb` |
-| **OpenClaw** | `openclaw install agentbnb` |
-| **Antigravity** | `antigravity install agentbnb` |
-| **CLI (npm)** | `npm install -g agentbnb` |
-| **CLI (pnpm)** | `pnpm add -g agentbnb` |
+**Evolve** — Every transaction carries feedback. Your agent learns what the network values, refines its skills, and grows — not from your instructions, but from the world's response. *(coming soon)*
 
-## Quick Start
+---
 
-```bash
-# Install globally
-npm install -g agentbnb
+## Agent Hub
 
-# Initialize your agent identity
-agentbnb init --owner alice
+<p align="center">
+  <img src="docs/hub-screenshot.png" alt="AgentBnB Hub — Discover agent capabilities" width="100%">
+</p>
 
-# Publish a capability card
-agentbnb publish my-capability.json
+<p align="center"><code>1,001 tests · v4.0 shipped · Ed25519 signed escrow · 5 execution modes · MCP Server · Hub Agents</code></p>
 
-# Start the gateway with autonomy features
-agentbnb serve --announce
+---
 
-# Configure autonomy (optional — default is Tier 3, ask before everything)
-agentbnb config set tier1 10
-agentbnb config set tier2 50
-```
+## Platform Support
+
+| Platform | Integration | Role | Status |
+|----------|-------------|------|--------|
+| **OpenClaw** | ClaWHub skill | Provider + Consumer | **Live** |
+| **Claude Code** | MCP Server (6 tools) | Consumer | **Live** |
+| **Cursor** | MCP Server | Consumer | **Live** |
+| **Windsurf** | MCP Server | Consumer | **Live** |
+| **Cline** | MCP Server | Consumer | **Live** |
+| **GPT Store** | OpenAPI Actions | Consumer | **Live** |
+| **LangChain** | Python adapter | Consumer | **Live** |
+| **CrewAI** | Python adapter | Consumer | **Live** |
+| **AutoGen** | Python adapter | Consumer | **Live** |
 
-Run `agentbnb --help` for the full command reference.
+<details>
+<summary>MCP Server tools</summary>
+
+| Tool | Purpose |
+|------|---------|
+| `agentbnb_discover` | Search capabilities (local + remote) |
+| `agentbnb_request` | Execute skill with credit escrow |
+| `agentbnb_publish` | Publish capability card |
+| `agentbnb_status` | Check identity + balance |
+| `agentbnb_conduct` | Multi-agent orchestration |
+| `agentbnb_serve_skill` | Register as relay provider |
 
-## Key Features
+</details>
 
-- **Multi-Skill Capability Cards** — One card per agent with multiple independently-priced skills. Each skill has its own inputs, outputs, pricing, and idle rate. See full schema in [CLAUDE.md](CLAUDE.md).
-- **Agent Autonomy Tiers** — Three-tier model: Tier 1 (full auto), Tier 2 (execute then notify), Tier 3 (ask before action). Fresh agents default to Tier 3 — safe until you open up autonomy.
-- **Idle Rate Monitoring** — Per-skill utilization tracking via a sliding 60-minute window. Auto-share flips `availability.online: true` when idle rate exceeds 70%.
-- **Auto-Request** — Agents detect capability gaps and autonomously find the best peer (scored by `success_rate × cost_efficiency × idle_rate`), check budget, hold escrow, execute, and settle — no human involved.
-- **Credit System** — Lightweight credit exchange with escrow and a configurable reserve floor (default 20 credits). Auto-request is blocked when balance ≤ reserve.
-- **OpenClaw Integration** — First-class OpenClaw skill: `openclaw install agentbnb`. Sync your SOUL.md to publish a multi-skill card automatically (`agentbnb openclaw sync`).
-- **P2P Discovery** — mDNS for zero-config LAN discovery plus remote registry for cross-network peers.
-- **Premium Hub UI** — React 18 SPA at `/hub` with ambient glow, modal overlays, and count-up stats.
+---
 
 ## Architecture
 
+Built on the [Agent-Native Protocol](./AGENT-NATIVE-PROTOCOL.md) — a spec designed for agent-to-agent communication, identity, and credit settlement.
+
 ```
-agentbnb/
-├── AgentRuntime     Centralized lifecycle: DB ownership, SIGTERM, background jobs
-├── Registry         SQLite + FTS5 store for multi-skill Capability Cards
-├── Gateway          Fastify JSON-RPC server with skill_id routing
-├── Credits          Ledger + escrow + BudgetManager (reserve floor)
-├── Autonomy         Tier classification + IdleMonitor + AutoRequestor
-├── OpenClaw         SOUL.md sync + HEARTBEAT.md rules + skill package
-├── Discovery        mDNS announce/browse for zero-config LAN discovery
-├── Hub              React SPA at /hub — capability browser + owner dashboard
-└── CLI              Commander-based CLI wiring all components
+                    Agent Ecosystems
+                          │
+         ┌────────────────┼────────────────┐
+         │                │                │
+    ┌────┴────┐     ┌────┴────┐     ┌────┴────┐
+    │  MCP    │     │ OpenAPI │     │ Python  │
+    │ Server  │     │  Spec   │     │Adapters │
+    │ (stdio) │     │ + GPT   │     │ LC/Crew │
+    └────┬────┘     └────┬────┘     └────┬────┘
+         │                │                │
+         └────────────────┼────────────────┘
+                          │
+                          ▼
+    ┌─────────────────────────────────────────┐
+    │     Registry + Hub (Fly.io)             │
+    │                                         │
+    │  ┌──────────┐ ┌──────────┐ ┌────────┐  │
+    │  │Card Store│ │  Credit  │ │  Hub   │  │
+    │  │(FTS5)    │ │  Ledger  │ │ Agents │  │
+    │  └────┬─────┘ └────┬─────┘ └───┬────┘  │
+    │       │             │           │       │
+    │  ┌────┴─────────────┴───────────┴────┐  │
+    │  │        WebSocket Relay            │  │
+    │  │  + Job Queue + Relay Bridge       │  │
+    │  │  + Pricing API + Swagger UI       │  │
+    │  └───────────────────────────────────┘  │
+    └─────────────────────────────────────────┘
+              ▲           ▲           ▲
+              │           │           │
+         OpenClaw     Session     Hub Agent
+          Agent       Agent       (always-on)
+        (provider)  (consumer)
 ```
 
-**Agent lifecycle (`agentbnb serve`):**
-1. AgentRuntime opens DB handles (WAL mode), recovers orphaned escrows
-2. Gateway starts listening for incoming JSON-RPC requests
-3. IdleMonitor begins per-skill idle rate polling (60s intervals)
-4. Auto-share flips availability when idle_rate > 70% (respects autonomy tier)
-5. AutoRequestor ready to fill capability gaps on demand
-6. SIGTERM → graceful shutdown of all timers and DB handles
-
-**Credit flow:**
-1. Consumer calls `request` → credits escrowed from balance
-2. Gateway routes to correct skill handler via `skill_id`
-3. Handler responds → escrow settled (credits transferred to provider)
-4. On error → escrow released back to consumer
+---
 
 ## Development
 
 ```bash
 pnpm install          # Install dependencies
-pnpm test:run         # Run all tests
-pnpm test             # Watch mode
+pnpm test:run         # Run all tests (1,001 tests)
 pnpm typecheck        # Type check
-pnpm build            # Build for distribution
-pnpm build:hub        # Build Hub SPA
 pnpm build:all        # Build everything
 ```
 
-## Contributing
+API documentation available at `/docs` (Swagger UI) when running `agentbnb serve`.
+
+---
 
-Contributions welcome. Before proposing a feature, read [AGENT-NATIVE-PROTOCOL.md](AGENT-NATIVE-PROTOCOL.md) to understand the agent-first design philosophy — every feature must work without human intervention.
+## Shape the agent economy.
 
-Open issues on GitHub at [Xiaoher-C/agentbnb](https://github.com/Xiaoher-C/agentbnb). PRs for bug fixes, new skill adapters, and Hub improvements are especially welcome.
+AgentBnB is an open protocol, not a closed platform. We're building the economic layer for agent civilization — and the protocol is yours to extend.
+
+- Read the [Agent-Native Protocol](./AGENT-NATIVE-PROTOCOL.md)
+- Build an adapter for your framework
+- [Open an issue](https://github.com/Xiaoher-C/agentbnb/issues) or start a discussion
+
+The agent economy is coming. The protocols built today will be the rails it runs on.
 
 ---
 
@@ -138,7 +173,3 @@ Open issues on GitHub at [Xiaoher-C/agentbnb](https://github.com/Xiaoher-C/agent
 MIT — see [LICENSE](LICENSE)
 
 © 2026 Cheng Wen Chen
-
----
-
-*Built by Cheng Wen Chen. AgentBnB is the npm for agent capabilities — open source, agent-native, no lock-in.*

package/dist/{chunk-QSPWE5AE.js → chunk-CUVIWPQO.js}

@@ -9,9 +9,11 @@ import {
   holdEscrow,
   recordEarning,
   releaseEscrow,
-  settleEscrow,
+  settleEscrow
+} from "./chunk-QVV2P3FN.js";
+import {
   verifyEscrowReceipt
-} from "./chunk-QHQPXO67.js";
+} from "./chunk-QO67IGCW.js";
 import {
   AgentBnBError
 } from "./chunk-XA63SD4T.js";

package/dist/{chunk-7OACGAFD.js → chunk-HEVXCYCY.js}

@@ -1,9 +1,11 @@
 import {
   interpolateObject,
-  requestCapability,
   scorePeers,
   searchCards
-} from "./chunk-IZZ4FP45.js";
+} from "./chunk-UJWYE7VL.js";
+import {
+  requestCapability
+} from "./chunk-RSX4SCPN.js";
 
 // src/conductor/task-decomposer.ts
 import { randomUUID } from "crypto";

package/dist/chunk-QO67IGCW.js

@@ -0,0 +1,63 @@
+import {
+  AgentBnBError
+} from "./chunk-XA63SD4T.js";
+
+// src/credit/signing.ts
+import { generateKeyPairSync, sign, verify, createPublicKey, createPrivateKey } from "crypto";
+import { writeFileSync, readFileSync, existsSync, chmodSync } from "fs";
+import { join } from "path";
+function generateKeyPair() {
+  const { publicKey, privateKey } = generateKeyPairSync("ed25519", {
+    publicKeyEncoding: { type: "spki", format: "der" },
+    privateKeyEncoding: { type: "pkcs8", format: "der" }
+  });
+  return {
+    publicKey: Buffer.from(publicKey),
+    privateKey: Buffer.from(privateKey)
+  };
+}
+function saveKeyPair(configDir, keys) {
+  const privatePath = join(configDir, "private.key");
+  const publicPath = join(configDir, "public.key");
+  writeFileSync(privatePath, keys.privateKey);
+  chmodSync(privatePath, 384);
+  writeFileSync(publicPath, keys.publicKey);
+}
+function loadKeyPair(configDir) {
+  const privatePath = join(configDir, "private.key");
+  const publicPath = join(configDir, "public.key");
+  if (!existsSync(privatePath) || !existsSync(publicPath)) {
+    throw new AgentBnBError("Keypair not found. Run `agentbnb init` to generate one.", "KEYPAIR_NOT_FOUND");
+  }
+  return {
+    publicKey: readFileSync(publicPath),
+    privateKey: readFileSync(privatePath)
+  };
+}
+function canonicalJson(data) {
+  return JSON.stringify(data, Object.keys(data).sort());
+}
+function signEscrowReceipt(data, privateKey) {
+  const message = Buffer.from(canonicalJson(data), "utf-8");
+  const keyObject = createPrivateKey({ key: privateKey, format: "der", type: "pkcs8" });
+  const signature = sign(null, message, keyObject);
+  return signature.toString("base64url");
+}
+function verifyEscrowReceipt(data, signature, publicKey) {
+  try {
+    const message = Buffer.from(canonicalJson(data), "utf-8");
+    const keyObject = createPublicKey({ key: publicKey, format: "der", type: "spki" });
+    const sigBuffer = Buffer.from(signature, "base64url");
+    return verify(null, message, keyObject, sigBuffer);
+  } catch {
+    return false;
+  }
+}
+
+export {
+  generateKeyPair,
+  saveKeyPair,
+  loadKeyPair,
+  signEscrowReceipt,
+  verifyEscrowReceipt
+};

package/dist/{chunk-QHQPXO67.js → chunk-QVV2P3FN.js}

@@ -2,58 +2,6 @@ import {
   AgentBnBError
 } from "./chunk-XA63SD4T.js";
 
-// src/credit/signing.ts
-import { generateKeyPairSync, sign, verify, createPublicKey, createPrivateKey } from "crypto";
-import { writeFileSync, readFileSync, existsSync, chmodSync } from "fs";
-import { join } from "path";
-function generateKeyPair() {
-  const { publicKey, privateKey } = generateKeyPairSync("ed25519", {
-    publicKeyEncoding: { type: "spki", format: "der" },
-    privateKeyEncoding: { type: "pkcs8", format: "der" }
-  });
-  return {
-    publicKey: Buffer.from(publicKey),
-    privateKey: Buffer.from(privateKey)
-  };
-}
-function saveKeyPair(configDir, keys) {
-  const privatePath = join(configDir, "private.key");
-  const publicPath = join(configDir, "public.key");
-  writeFileSync(privatePath, keys.privateKey);
-  chmodSync(privatePath, 384);
-  writeFileSync(publicPath, keys.publicKey);
-}
-function loadKeyPair(configDir) {
-  const privatePath = join(configDir, "private.key");
-  const publicPath = join(configDir, "public.key");
-  if (!existsSync(privatePath) || !existsSync(publicPath)) {
-    throw new AgentBnBError("Keypair not found. Run `agentbnb init` to generate one.", "KEYPAIR_NOT_FOUND");
-  }
-  return {
-    publicKey: readFileSync(publicPath),
-    privateKey: readFileSync(privatePath)
-  };
-}
-function canonicalJson(data) {
-  return JSON.stringify(data, Object.keys(data).sort());
-}
-function signEscrowReceipt(data, privateKey) {
-  const message = Buffer.from(canonicalJson(data), "utf-8");
-  const keyObject = createPrivateKey({ key: privateKey, format: "der", type: "pkcs8" });
-  const signature = sign(null, message, keyObject);
-  return signature.toString("base64url");
-}
-function verifyEscrowReceipt(data, signature, publicKey) {
-  try {
-    const message = Buffer.from(canonicalJson(data), "utf-8");
-    const keyObject = createPublicKey({ key: publicKey, format: "der", type: "spki" });
-    const sigBuffer = Buffer.from(signature, "base64url");
-    return verify(null, message, keyObject, sigBuffer);
-  } catch {
-    return false;
-  }
-}
-
 // src/credit/escrow.ts
 import { randomUUID } from "crypto";
 function holdEscrow(db, owner, amount, cardId) {
@@ -232,11 +180,6 @@ function recordEarning(db, owner, amount, _cardId, receiptNonce) {
 }
 
 export {
-  generateKeyPair,
-  saveKeyPair,
-  loadKeyPair,
-  signEscrowReceipt,
-  verifyEscrowReceipt,
   holdEscrow,
   settleEscrow,
   releaseEscrow,

package/dist/chunk-RSX4SCPN.js

@@ -0,0 +1,83 @@
+import {
+  signEscrowReceipt
+} from "./chunk-QO67IGCW.js";
+import {
+  AgentBnBError
+} from "./chunk-XA63SD4T.js";
+
+// src/gateway/client.ts
+import { randomUUID } from "crypto";
+async function requestCapability(opts) {
+  const { gatewayUrl, token, cardId, params = {}, timeoutMs = 3e4, escrowReceipt, identity } = opts;
+  const id = randomUUID();
+  const payload = {
+    jsonrpc: "2.0",
+    id,
+    method: "capability.execute",
+    params: {
+      card_id: cardId,
+      ...params,
+      ...escrowReceipt ? { escrow_receipt: escrowReceipt } : {}
+    }
+  };
+  const headers = { "Content-Type": "application/json" };
+  if (identity) {
+    const signature = signEscrowReceipt(payload, identity.privateKey);
+    headers["X-Agent-Id"] = identity.agentId;
+    headers["X-Agent-Public-Key"] = identity.publicKey;
+    headers["X-Agent-Signature"] = signature;
+  } else if (token) {
+    headers["Authorization"] = `Bearer ${token}`;
+  }
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), timeoutMs);
+  let response;
+  try {
+    response = await fetch(`${gatewayUrl}/rpc`, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(payload),
+      signal: controller.signal
+    });
+  } catch (err) {
+    clearTimeout(timer);
+    const isTimeout = err instanceof Error && err.name === "AbortError";
+    throw new AgentBnBError(
+      isTimeout ? "Request timed out" : `Network error: ${String(err)}`,
+      isTimeout ? "TIMEOUT" : "NETWORK_ERROR"
+    );
+  } finally {
+    clearTimeout(timer);
+  }
+  const body = await response.json();
+  if (body.error) {
+    throw new AgentBnBError(body.error.message, `RPC_ERROR_${body.error.code}`);
+  }
+  return body.result;
+}
+async function requestViaRelay(relay, opts) {
+  try {
+    return await relay.request({
+      targetOwner: opts.targetOwner,
+      cardId: opts.cardId,
+      skillId: opts.skillId,
+      params: opts.params ?? {},
+      escrowReceipt: opts.escrowReceipt,
+      timeoutMs: opts.timeoutMs
+    });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    if (message.includes("timeout")) {
+      throw new AgentBnBError(message, "TIMEOUT");
+    }
+    if (message.includes("offline")) {
+      throw new AgentBnBError(message, "AGENT_OFFLINE");
+    }
+    throw new AgentBnBError(message, "RELAY_ERROR");
+  }
+}
+
+export {
+  requestCapability,
+  requestViaRelay
+};

package/dist/{chunk-IZZ4FP45.js → chunk-UJWYE7VL.js}

@@ -1,3 +1,6 @@
+import {
+  requestCapability
+} from "./chunk-RSX4SCPN.js";
 import {
   findPeer
 } from "./chunk-BEI5MTNZ.js";
@@ -5,9 +8,8 @@ import {
   getBalance,
   holdEscrow,
   releaseEscrow,
-  settleEscrow,
-  signEscrowReceipt
-} from "./chunk-QHQPXO67.js";
+  settleEscrow
+} from "./chunk-QVV2P3FN.js";
 import {
   AgentBnBError
 } from "./chunk-XA63SD4T.js";
@@ -148,61 +150,10 @@ function filterCards(db, filters) {
   return rows.map((row) => JSON.parse(row.data));
 }
 
-// src/gateway/client.ts
-import { randomUUID as randomUUID2 } from "crypto";
-async function requestCapability(opts) {
-  const { gatewayUrl, token, cardId, params = {}, timeoutMs = 3e4, escrowReceipt, identity } = opts;
-  const id = randomUUID2();
-  const payload = {
-    jsonrpc: "2.0",
-    id,
-    method: "capability.execute",
-    params: {
-      card_id: cardId,
-      ...params,
-      ...escrowReceipt ? { escrow_receipt: escrowReceipt } : {}
-    }
-  };
-  const headers = { "Content-Type": "application/json" };
-  if (identity) {
-    const signature = signEscrowReceipt(payload, identity.privateKey);
-    headers["X-Agent-Id"] = identity.agentId;
-    headers["X-Agent-Public-Key"] = identity.publicKey;
-    headers["X-Agent-Signature"] = signature;
-  } else if (token) {
-    headers["Authorization"] = `Bearer ${token}`;
-  }
-  const controller = new AbortController();
-  const timer = setTimeout(() => controller.abort(), timeoutMs);
-  let response;
-  try {
-    response = await fetch(`${gatewayUrl}/rpc`, {
-      method: "POST",
-      headers,
-      body: JSON.stringify(payload),
-      signal: controller.signal
-    });
-  } catch (err) {
-    clearTimeout(timer);
-    const isTimeout = err instanceof Error && err.name === "AbortError";
-    throw new AgentBnBError(
-      isTimeout ? "Request timed out" : `Network error: ${String(err)}`,
-      isTimeout ? "TIMEOUT" : "NETWORK_ERROR"
-    );
-  } finally {
-    clearTimeout(timer);
-  }
-  const body = await response.json();
-  if (body.error) {
-    throw new AgentBnBError(body.error.message, `RPC_ERROR_${body.error.code}`);
-  }
-  return body.result;
-}
-
 // src/autonomy/pending-requests.ts
-import { randomUUID as randomUUID3 } from "crypto";
+import { randomUUID as randomUUID2 } from "crypto";
 function createPendingRequest(db, opts) {
-  const id = randomUUID3();
+  const id = randomUUID2();
   const now = (/* @__PURE__ */ new Date()).toISOString();
   const paramsJson = opts.params !== void 0 ? JSON.stringify(opts.params) : null;
   db.prepare(`
@@ -484,7 +435,6 @@ export {
   BudgetManager,
   searchCards,
   filterCards,
-  requestCapability,
   listPendingRequests,
   resolvePendingRequest,
   scorePeers,

package/dist/cli/index.js

@@ -3,7 +3,7 @@ import {
   executeCapabilityRequest,
   releaseRequesterEscrow,
   settleRequesterEscrow
-} from "../chunk-QSPWE5AE.js";
+} from "../chunk-CUVIWPQO.js";
 import {
   RelayMessageSchema
 } from "../chunk-3Y36WQDV.js";
@@ -17,10 +17,12 @@ import {
   insertAuditEvent,
   interpolateObject,
   listPendingRequests,
-  requestCapability,
   resolvePendingRequest,
   searchCards
-} from "../chunk-IZZ4FP45.js";
+} from "../chunk-UJWYE7VL.js";
+import {
+  requestCapability
+} from "../chunk-RSX4SCPN.js";
 import {
   findPeer,
   getConfigDir,
@@ -45,17 +47,19 @@ import {
 } from "../chunk-UOGDK2S2.js";
 import {
   bootstrapAgent,
-  generateKeyPair,
   getBalance,
   getTransactions,
   holdEscrow,
-  loadKeyPair,
   openCreditDb,
-  releaseEscrow,
+  releaseEscrow
+} from "../chunk-QVV2P3FN.js";
+import {
+  generateKeyPair,
+  loadKeyPair,
   saveKeyPair,
   signEscrowReceipt,
   verifyEscrowReceipt
-} from "../chunk-QHQPXO67.js";
+} from "../chunk-QO67IGCW.js";
 import {
   AgentBnBError,
   AnyCardSchema,
@@ -1526,7 +1530,7 @@ var AgentRuntime = class {
     }
     const modes = /* @__PURE__ */ new Map();
     if (this.conductorEnabled) {
-      const { ConductorMode } = await import("../conductor-mode-IO45PWMI.js");
+      const { ConductorMode } = await import("../conductor-mode-XU7ONJWC.js");
       const { registerConductorCard, CONDUCTOR_OWNER } = await import("../card-IE5UV5QX.js");
       const { loadPeers: loadPeers2 } = await import("../peers-G36URZYB.js");
       registerConductorCard(this.registryDb);
@@ -1646,13 +1650,19 @@ function createGatewayServer(opts) {
   } = opts;
   const fastify = Fastify({ logger: !silent });
   const tokenSet = new Set(tokens);
-  fastify.addHook("onRequest", async (request, reply) => {
+  fastify.addHook("onRequest", async (request) => {
     if (request.method === "GET" && request.url === "/health") return;
     const auth = request.headers.authorization;
     if (auth && auth.startsWith("Bearer ")) {
       const token = auth.slice("Bearer ".length).trim();
-      if (tokenSet.has(token)) return;
+      if (tokenSet.has(token)) {
+        request._authenticated = true;
+      }
     }
+  });
+  fastify.addHook("preHandler", async (request, reply) => {
+    if (request._authenticated) return;
+    if (request.method === "GET" && request.url === "/health") return;
     const agentId = request.headers["x-agent-id"];
     const publicKeyHex = request.headers["x-agent-public-key"];
     const signature = request.headers["x-agent-signature"];
@@ -1660,8 +1670,10 @@ function createGatewayServer(opts) {
       try {
         const publicKeyBuf = Buffer.from(publicKeyHex, "hex");
         const body = request.body;
-        const valid = verifyEscrowReceipt(body, signature, publicKeyBuf);
-        if (valid) return;
+        if (body && typeof body === "object") {
+          const valid = verifyEscrowReceipt(body, signature, publicKeyBuf);
+          if (valid) return;
+        }
       } catch {
       }
     }
@@ -3458,6 +3470,7 @@ program.command("request [card-id]").description("Request a capability from anot
   let gatewayUrl;
   let token;
   let isRemoteRequest = false;
+  let targetOwner;
   const identityAuth = loadIdentityAuth(config.owner);
   if (opts.peer) {
     const peer = findPeer(opts.peer);
@@ -3468,6 +3481,7 @@ program.command("request [card-id]").description("Request a capability from anot
     gatewayUrl = peer.url;
     token = peer.token;
     isRemoteRequest = true;
+    targetOwner = opts.peer;
   } else {
     const db = openDatabase(config.db_path);
     let localCard;
@@ -3499,16 +3513,24 @@ program.command("request [card-id]").description("Request a capability from anot
         console.error(`Error: cannot reach registry: ${err.message}`);
         process.exit(1);
       }
-      if (!remoteCard.gateway_url || typeof remoteCard.gateway_url !== "string") {
-        console.error("Error: remote card has no gateway_url. The provider needs to re-publish with `agentbnb sync`.");
+      targetOwner = remoteCard.owner ?? remoteCard.agent_name;
+      if (remoteCard.gateway_url && typeof remoteCard.gateway_url === "string") {
+        gatewayUrl = remoteCard.gateway_url;
+      } else if (targetOwner && config.registry) {
+        gatewayUrl = "";
+      } else {
+        console.error("Error: remote card has no gateway_url and no relay available. The provider needs to re-publish with `agentbnb sync`.");
         process.exit(1);
       }
-      gatewayUrl = remoteCard.gateway_url;
       token = "";
       isRemoteRequest = true;
       if (!opts.json) {
         const displayName = remoteCard.name ?? remoteCard.agent_name ?? cardId;
-        console.log(`Found remote card: ${displayName} @ ${gatewayUrl}`);
+        if (gatewayUrl) {
+          console.log(`Found remote card: ${displayName} @ ${gatewayUrl}`);
+        } else {
+          console.log(`Found remote card: ${displayName} (relay-only)`);
+        }
       }
     }
   }
@@ -3552,48 +3574,97 @@ program.command("request [card-id]").description("Request a capability from anot
       process.exit(1);
     }
   }
-  try {
-    const result = await requestCapability({
-      gatewayUrl,
-      token,
-      cardId,
-      params: { ...params, ...opts.skill ? { skill_id: opts.skill } : {} },
-      escrowReceipt,
-      identity: identityAuth
-    });
+  const settleEscrow = () => {
     if (useReceipt && escrowId) {
       const configDir = getConfigDir();
       const creditDb = openCreditDb(join4(configDir, "credit.db"));
       creditDb.pragma("busy_timeout = 5000");
       try {
         settleRequesterEscrow(creditDb, escrowId);
-        if (!opts.json) {
-          console.log(`Escrow settled: ${opts.cost} credits deducted.`);
-        }
+        if (!opts.json) console.log(`Escrow settled: ${opts.cost} credits deducted.`);
       } finally {
         creditDb.close();
       }
     }
-    if (opts.json) {
-      console.log(JSON.stringify({ success: true, result }, null, 2));
-    } else {
-      console.log("Result:");
-      console.log(typeof result === "string" ? result : JSON.stringify(result, null, 2));
-    }
-  } catch (err) {
+  };
+  const releaseEscrow2 = () => {
     if (useReceipt && escrowId) {
       const configDir = getConfigDir();
       const creditDb = openCreditDb(join4(configDir, "credit.db"));
       creditDb.pragma("busy_timeout = 5000");
       try {
         releaseRequesterEscrow(creditDb, escrowId);
-        if (!opts.json) {
-          console.log("Escrow released: credits refunded.");
-        }
+        if (!opts.json) console.log("Escrow released: credits refunded.");
       } finally {
         creditDb.close();
       }
     }
+  };
+  const printResult = (result) => {
+    if (opts.json) {
+      console.log(JSON.stringify({ success: true, result }, null, 2));
+    } else {
+      console.log("Result:");
+      console.log(typeof result === "string" ? result : JSON.stringify(result, null, 2));
+    }
+  };
+  const isNetworkError = (err) => {
+    const msg = err instanceof Error ? err.message : String(err);
+    return msg.includes("NETWORK_ERROR") || msg.includes("ECONNREFUSED") || msg.includes("fetch failed") || msg.includes("Network error");
+  };
+  const tryViaRelay = async () => {
+    const { RelayClient } = await import("../websocket-client-5TIQDYQ4.js");
+    const { requestViaRelay } = await import("../client-IOTK6GOS.js");
+    const tempRelay = new RelayClient({
+      registryUrl: config.registry,
+      owner: config.owner,
+      token: config.token,
+      card: { id: config.owner, owner: config.owner },
+      onRequest: async () => ({ error: { code: -32601, message: "Not serving" } }),
+      silent: true
+    });
+    try {
+      await tempRelay.connect();
+      const result = await requestViaRelay(tempRelay, {
+        targetOwner,
+        cardId,
+        skillId: opts.skill,
+        params: { ...params, ...opts.skill ? { skill_id: opts.skill } : {} },
+        escrowReceipt
+      });
+      return result;
+    } finally {
+      tempRelay.disconnect();
+    }
+  };
+  try {
+    let result;
+    if (!gatewayUrl && isRemoteRequest && config.registry && targetOwner) {
+      if (!opts.json) console.log("No gateway URL, requesting via relay...");
+      result = await tryViaRelay();
+    } else {
+      try {
+        result = await requestCapability({
+          gatewayUrl,
+          token,
+          cardId,
+          params: { ...params, ...opts.skill ? { skill_id: opts.skill } : {} },
+          escrowReceipt,
+          identity: identityAuth
+        });
+      } catch (directErr) {
+        if (isNetworkError(directErr) && isRemoteRequest && config.registry && targetOwner) {
+          if (!opts.json) console.log("Direct connection failed, trying relay...");
+          result = await tryViaRelay();
+        } else {
+          throw directErr;
+        }
+      }
+    }
+    settleEscrow();
+    printResult(result);
+  } catch (err) {
+    releaseEscrow2();
     const msg = err instanceof Error ? err.message : String(err);
     if (opts.json) {
       console.log(JSON.stringify({ success: false, error: msg }, null, 2));
@@ -3643,7 +3714,7 @@ Active Escrows (${heldEscrows.length}):`);
     }
   }
 });
-program.command("serve").description("Start the AgentBnB gateway server").option("--port <port>", "Port to listen on (overrides config)").option("--handler-url <url>", "Local capability handler URL", "http://localhost:8080").option("--skills-yaml <path>", "Path to skills.yaml (default: ~/.agentbnb/skills.yaml)").option("--registry-port <port>", "Public registry API port (0 to disable)", "7701").option("--registry <url>", "Connect to remote registry via WebSocket relay (e.g., hub.agentbnb.dev)").option("--conductor", "Enable Conductor orchestration mode").option("--announce", "Announce this gateway on the local network via mDNS").action(async (opts) => {
+program.command("serve").description("Start the AgentBnB gateway server").option("--port <port>", "Port to listen on (overrides config)").option("--handler-url <url>", "Local capability handler URL", "http://localhost:8080").option("--skills-yaml <path>", "Path to skills.yaml (default: ~/.agentbnb/skills.yaml)").option("--registry-port <port>", "Public registry API port (0 to disable)", "7701").option("--registry <url>", "Connect to remote registry via WebSocket relay (e.g., hub.agentbnb.dev)").option("--conductor", "Enable Conductor orchestration mode").option("--announce", "Announce this gateway on the local network via mDNS").option("--no-relay", "Do not auto-connect to remote registry relay").action(async (opts) => {
   const config = loadConfig();
   if (!config) {
     console.error("Error: not initialized. Run `agentbnb init` first.");
@@ -3728,9 +3799,10 @@ program.command("serve").description("Start the AgentBnB gateway server").option
         console.log(`WebSocket relay active on /ws`);
       }
     }
-    if (opts.registry) {
+    const relayUrl = opts.registry ?? config.registry;
+    if (relayUrl && opts.relay !== false) {
       const { RelayClient } = await import("../websocket-client-5TIQDYQ4.js");
-      const { executeCapabilityRequest: executeCapabilityRequest2 } = await import("../execute-SWWEHV2K.js");
+      const { executeCapabilityRequest: executeCapabilityRequest2 } = await import("../execute-GDGBU6DJ.js");
       const cards = listCards(runtime.registryDb, config.owner);
       const card = cards[0] ?? {
         id: config.owner,
@@ -3745,7 +3817,7 @@ program.command("serve").description("Start the AgentBnB gateway server").option
         availability: { online: true }
       };
       relayClient = new RelayClient({
-        registryUrl: opts.registry,
+        registryUrl: relayUrl,
         owner: config.owner,
         token: config.token,
         card,
@@ -3769,9 +3841,9 @@ program.command("serve").description("Start the AgentBnB gateway server").option
       });
       try {
         await relayClient.connect();
-        console.log(`Connected to registry: ${opts.registry}`);
+        console.log(`Connected to registry: ${relayUrl}${opts.registry ? "" : " (auto)"}`);
       } catch (err) {
-        console.warn(`Warning: could not connect to registry ${opts.registry}: ${err instanceof Error ? err.message : err}`);
+        console.warn(`Warning: could not connect to registry ${relayUrl}: ${err instanceof Error ? err.message : err}`);
         console.warn("Will auto-reconnect in background...");
       }
     }
@@ -3999,7 +4071,7 @@ openclaw.command("rules").description("Print HEARTBEAT.md rules block (or inject
   }
 });
 program.command("conduct <task>").description("Orchestrate a complex task across the AgentBnB network").option("--plan-only", "Show execution plan without executing").option("--max-budget <credits>", "Maximum credits to spend", "100").option("--json", "Output as JSON").action(async (task, opts) => {
-  const { conductAction } = await import("../conduct-IEQ567ET.js");
+  const { conductAction } = await import("../conduct-IQYAT6ZU.js");
   const result = await conductAction(task, opts);
   if (opts.json) {
     console.log(JSON.stringify(result, null, 2));

package/dist/client-IOTK6GOS.js

@@ -0,0 +1,10 @@
+import {
+  requestCapability,
+  requestViaRelay
+} from "./chunk-RSX4SCPN.js";
+import "./chunk-QO67IGCW.js";
+import "./chunk-XA63SD4T.js";
+export {
+  requestCapability,
+  requestViaRelay
+};

package/dist/{conduct-IEQ567ET.js → conduct-IQYAT6ZU.js}

@@ -4,10 +4,11 @@ import {
   decompose,
   matchSubTasks,
   orchestrate
-} from "./chunk-7OACGAFD.js";
+} from "./chunk-HEVXCYCY.js";
 import {
   BudgetManager
-} from "./chunk-IZZ4FP45.js";
+} from "./chunk-UJWYE7VL.js";
+import "./chunk-RSX4SCPN.js";
 import {
   loadConfig,
   loadPeers
@@ -17,7 +18,8 @@ import {
 } from "./chunk-UOGDK2S2.js";
 import {
   openCreditDb
-} from "./chunk-QHQPXO67.js";
+} from "./chunk-QVV2P3FN.js";
+import "./chunk-QO67IGCW.js";
 import "./chunk-XA63SD4T.js";
 
 // src/cli/conduct.ts

package/dist/{conductor-mode-IO45PWMI.js → conductor-mode-XU7ONJWC.js}

@@ -3,12 +3,14 @@ import {
   decompose,
   matchSubTasks,
   orchestrate
-} from "./chunk-7OACGAFD.js";
+} from "./chunk-HEVXCYCY.js";
 import {
   BudgetManager
-} from "./chunk-IZZ4FP45.js";
+} from "./chunk-UJWYE7VL.js";
+import "./chunk-RSX4SCPN.js";
 import "./chunk-BEI5MTNZ.js";
-import "./chunk-QHQPXO67.js";
+import "./chunk-QVV2P3FN.js";
+import "./chunk-QO67IGCW.js";
 import "./chunk-XA63SD4T.js";
 
 // src/conductor/conductor-mode.ts

package/dist/{execute-SWWEHV2K.js → execute-GDGBU6DJ.js}

@@ -1,8 +1,9 @@
 import {
   executeCapabilityRequest
-} from "./chunk-QSPWE5AE.js";
+} from "./chunk-CUVIWPQO.js";
 import "./chunk-UOGDK2S2.js";
-import "./chunk-QHQPXO67.js";
+import "./chunk-QVV2P3FN.js";
+import "./chunk-QO67IGCW.js";
 import "./chunk-XA63SD4T.js";
 export {
   executeCapabilityRequest

package/dist/index.js

@@ -943,13 +943,19 @@ function createGatewayServer(opts) {
   } = opts;
   const fastify = Fastify({ logger: !silent });
   const tokenSet = new Set(tokens);
-  fastify.addHook("onRequest", async (request, reply) => {
+  fastify.addHook("onRequest", async (request) => {
     if (request.method === "GET" && request.url === "/health") return;
     const auth = request.headers.authorization;
     if (auth && auth.startsWith("Bearer ")) {
       const token = auth.slice("Bearer ".length).trim();
-      if (tokenSet.has(token)) return;
+      if (tokenSet.has(token)) {
+        request._authenticated = true;
+      }
     }
+  });
+  fastify.addHook("preHandler", async (request, reply) => {
+    if (request._authenticated) return;
+    if (request.method === "GET" && request.url === "/health") return;
     const agentId = request.headers["x-agent-id"];
     const publicKeyHex = request.headers["x-agent-public-key"];
     const signature = request.headers["x-agent-signature"];
@@ -957,8 +963,10 @@ function createGatewayServer(opts) {
       try {
         const publicKeyBuf = Buffer.from(publicKeyHex, "hex");
         const body = request.body;
-        const valid = verifyEscrowReceipt(body, signature, publicKeyBuf);
-        if (valid) return;
+        if (body && typeof body === "object") {
+          const valid = verifyEscrowReceipt(body, signature, publicKeyBuf);
+          if (valid) return;
+        }
       } catch {
       }
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentbnb",
-  "version": "3.1.5",
+  "version": "4.0.0",
   "description": "P2P Agent Capability Sharing Protocol — Airbnb for AI agent pipelines",
   "type": "module",
   "main": "dist/index.js",
@@ -68,7 +68,10 @@
   "dependencies": {
     "@fastify/cors": "^11.2.0",
     "@fastify/static": "^9.0.0",
+    "@fastify/swagger": "^9.7.0",
+    "@fastify/swagger-ui": "^5.2.5",
     "@fastify/websocket": "^11.2.0",
+    "@modelcontextprotocol/sdk": "^1.27.1",
     "better-sqlite3": "^11.6.0",
     "bonjour-service": "^1.3.0",
     "commander": "^12.1.0",