agentbnb 4.0.1 → 4.0.4

package/dist/chunk-JXEOE7HX.js

@@ -0,0 +1,295 @@
+import {
+  AgentBnBError
+} from "./chunk-UB2NPFC7.js";
+
+// src/autonomy/tiers.ts
+import { randomUUID } from "crypto";
+var DEFAULT_AUTONOMY_CONFIG = {
+  tier1_max_credits: 0,
+  tier2_max_credits: 0
+};
+function getAutonomyTier(creditAmount, config) {
+  if (creditAmount < config.tier1_max_credits) return 1;
+  if (creditAmount < config.tier2_max_credits) return 2;
+  return 3;
+}
+function insertAuditEvent(db, event) {
+  const isShareEvent = event.type === "auto_share" || event.type === "auto_share_notify" || event.type === "auto_share_pending";
+  const cardId = isShareEvent ? "system" : event.card_id;
+  const creditsCharged = isShareEvent ? 0 : event.credits;
+  const stmt = db.prepare(`
+    INSERT INTO request_log (
+      id, card_id, card_name, requester, status, latency_ms, credits_charged,
+      created_at, skill_id, action_type, tier_invoked
+    ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+  `);
+  stmt.run(
+    randomUUID(),
+    cardId,
+    "autonomy-audit",
+    "self",
+    "success",
+    0,
+    creditsCharged,
+    (/* @__PURE__ */ new Date()).toISOString(),
+    event.skill_id,
+    event.type,
+    event.tier_invoked
+  );
+}
+
+// src/credit/ledger.ts
+import Database from "better-sqlite3";
+import { randomUUID as randomUUID2 } from "crypto";
+var CREDIT_SCHEMA = `
+  CREATE TABLE IF NOT EXISTS credit_balances (
+    owner TEXT PRIMARY KEY,
+    balance INTEGER NOT NULL DEFAULT 0,
+    updated_at TEXT NOT NULL
+  );
+
+  CREATE TABLE IF NOT EXISTS credit_transactions (
+    id TEXT PRIMARY KEY,
+    owner TEXT NOT NULL,
+    amount INTEGER NOT NULL,
+    reason TEXT NOT NULL,
+    reference_id TEXT,
+    created_at TEXT NOT NULL
+  );
+
+  CREATE TABLE IF NOT EXISTS credit_escrow (
+    id TEXT PRIMARY KEY,
+    owner TEXT NOT NULL,
+    amount INTEGER NOT NULL,
+    card_id TEXT NOT NULL,
+    status TEXT NOT NULL DEFAULT 'held',
+    created_at TEXT NOT NULL,
+    settled_at TEXT
+  );
+
+  CREATE INDEX IF NOT EXISTS idx_transactions_owner ON credit_transactions(owner, created_at);
+  CREATE INDEX IF NOT EXISTS idx_escrow_owner ON credit_escrow(owner);
+`;
+function openCreditDb(path = ":memory:") {
+  const db = new Database(path);
+  db.pragma("journal_mode = WAL");
+  db.pragma("foreign_keys = ON");
+  db.exec(CREDIT_SCHEMA);
+  return db;
+}
+function getBalance(db, owner) {
+  const row = db.prepare("SELECT balance FROM credit_balances WHERE owner = ?").get(owner);
+  return row?.balance ?? 0;
+}
+function recordEarning(db, owner, amount, _cardId, receiptNonce) {
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  db.transaction(() => {
+    const existing = db.prepare(
+      "SELECT id FROM credit_transactions WHERE reference_id = ? AND reason = 'remote_earning'"
+    ).get(receiptNonce);
+    if (existing) return;
+    db.prepare(
+      "INSERT OR IGNORE INTO credit_balances (owner, balance, updated_at) VALUES (?, 0, ?)"
+    ).run(owner, now);
+    db.prepare(
+      "UPDATE credit_balances SET balance = balance + ?, updated_at = ? WHERE owner = ?"
+    ).run(amount, now, owner);
+    db.prepare(
+      "INSERT INTO credit_transactions (id, owner, amount, reason, reference_id, created_at) VALUES (?, ?, ?, ?, ?, ?)"
+    ).run(randomUUID2(), owner, amount, "remote_earning", receiptNonce, now);
+  })();
+}
+
+// src/credit/escrow.ts
+import { randomUUID as randomUUID3 } from "crypto";
+function holdEscrow(db, owner, amount, cardId) {
+  const escrowId = randomUUID3();
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const hold = db.transaction(() => {
+    const row = db.prepare("SELECT balance FROM credit_balances WHERE owner = ?").get(owner);
+    if (!row || row.balance < amount) {
+      throw new AgentBnBError("Insufficient credits", "INSUFFICIENT_CREDITS");
+    }
+    db.prepare(
+      "UPDATE credit_balances SET balance = balance - ?, updated_at = ? WHERE owner = ? AND balance >= ?"
+    ).run(amount, now, owner, amount);
+    db.prepare(
+      "INSERT INTO credit_escrow (id, owner, amount, card_id, status, created_at) VALUES (?, ?, ?, ?, ?, ?)"
+    ).run(escrowId, owner, amount, cardId, "held", now);
+    db.prepare(
+      "INSERT INTO credit_transactions (id, owner, amount, reason, reference_id, created_at) VALUES (?, ?, ?, ?, ?, ?)"
+    ).run(randomUUID3(), owner, -amount, "escrow_hold", escrowId, now);
+  });
+  hold();
+  return escrowId;
+}
+function settleEscrow(db, escrowId, recipientOwner) {
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const settle = db.transaction(() => {
+    const escrow = db.prepare("SELECT id, owner, amount, status FROM credit_escrow WHERE id = ?").get(escrowId);
+    if (!escrow) {
+      throw new AgentBnBError(`Escrow not found: ${escrowId}`, "ESCROW_NOT_FOUND");
+    }
+    if (escrow.status !== "held") {
+      throw new AgentBnBError(
+        `Escrow ${escrowId} is already ${escrow.status}`,
+        "ESCROW_ALREADY_SETTLED"
+      );
+    }
+    db.prepare(
+      "INSERT OR IGNORE INTO credit_balances (owner, balance, updated_at) VALUES (?, 0, ?)"
+    ).run(recipientOwner, now);
+    db.prepare(
+      "UPDATE credit_balances SET balance = balance + ?, updated_at = ? WHERE owner = ?"
+    ).run(escrow.amount, now, recipientOwner);
+    db.prepare(
+      "UPDATE credit_escrow SET status = ?, settled_at = ? WHERE id = ?"
+    ).run("settled", now, escrowId);
+    db.prepare(
+      "INSERT INTO credit_transactions (id, owner, amount, reason, reference_id, created_at) VALUES (?, ?, ?, ?, ?, ?)"
+    ).run(randomUUID3(), recipientOwner, escrow.amount, "settlement", escrowId, now);
+  });
+  settle();
+}
+function releaseEscrow(db, escrowId) {
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const release = db.transaction(() => {
+    const escrow = db.prepare("SELECT id, owner, amount, status FROM credit_escrow WHERE id = ?").get(escrowId);
+    if (!escrow) {
+      throw new AgentBnBError(`Escrow not found: ${escrowId}`, "ESCROW_NOT_FOUND");
+    }
+    if (escrow.status !== "held") {
+      throw new AgentBnBError(
+        `Escrow ${escrowId} is already ${escrow.status}`,
+        "ESCROW_ALREADY_SETTLED"
+      );
+    }
+    db.prepare(
+      "UPDATE credit_balances SET balance = balance + ?, updated_at = ? WHERE owner = ?"
+    ).run(escrow.amount, now, escrow.owner);
+    db.prepare(
+      "UPDATE credit_escrow SET status = ?, settled_at = ? WHERE id = ?"
+    ).run("released", now, escrowId);
+    db.prepare(
+      "INSERT INTO credit_transactions (id, owner, amount, reason, reference_id, created_at) VALUES (?, ?, ?, ?, ?, ?)"
+    ).run(randomUUID3(), escrow.owner, escrow.amount, "refund", escrowId, now);
+  });
+  release();
+}
+
+// src/utils/interpolation.ts
+function resolvePath(obj, path) {
+  const segments = path.replace(/\[(\d+)\]/g, ".$1").split(".").filter((s) => s.length > 0);
+  let current = obj;
+  for (const segment of segments) {
+    if (current === null || current === void 0) {
+      return void 0;
+    }
+    if (typeof current !== "object") {
+      return void 0;
+    }
+    current = current[segment];
+  }
+  return current;
+}
+function interpolate(template, context) {
+  return template.replace(/\$\{([^}]+)\}/g, (_match, expression) => {
+    const resolved = resolvePath(context, expression.trim());
+    if (resolved === void 0 || resolved === null) {
+      return "";
+    }
+    if (typeof resolved === "object") {
+      return JSON.stringify(resolved);
+    }
+    return String(resolved);
+  });
+}
+function interpolateObject(obj, context) {
+  const result = {};
+  for (const [key, value] of Object.entries(obj)) {
+    result[key] = interpolateValue(value, context);
+  }
+  return result;
+}
+function interpolateValue(value, context) {
+  if (typeof value === "string") {
+    return interpolate(value, context);
+  }
+  if (Array.isArray(value)) {
+    return value.map((item) => interpolateValue(item, context));
+  }
+  if (value !== null && typeof value === "object") {
+    return interpolateObject(value, context);
+  }
+  return value;
+}
+
+// src/credit/signing.ts
+import { generateKeyPairSync, sign, verify, createPublicKey, createPrivateKey } from "crypto";
+import { writeFileSync, readFileSync, existsSync, chmodSync } from "fs";
+import { join } from "path";
+function generateKeyPair() {
+  const { publicKey, privateKey } = generateKeyPairSync("ed25519", {
+    publicKeyEncoding: { type: "spki", format: "der" },
+    privateKeyEncoding: { type: "pkcs8", format: "der" }
+  });
+  return {
+    publicKey: Buffer.from(publicKey),
+    privateKey: Buffer.from(privateKey)
+  };
+}
+function saveKeyPair(configDir, keys) {
+  const privatePath = join(configDir, "private.key");
+  const publicPath = join(configDir, "public.key");
+  writeFileSync(privatePath, keys.privateKey);
+  chmodSync(privatePath, 384);
+  writeFileSync(publicPath, keys.publicKey);
+}
+function loadKeyPair(configDir) {
+  const privatePath = join(configDir, "private.key");
+  const publicPath = join(configDir, "public.key");
+  if (!existsSync(privatePath) || !existsSync(publicPath)) {
+    throw new AgentBnBError("Keypair not found. Run `agentbnb init` to generate one.", "KEYPAIR_NOT_FOUND");
+  }
+  return {
+    publicKey: readFileSync(publicPath),
+    privateKey: readFileSync(privatePath)
+  };
+}
+function canonicalJson(data) {
+  return JSON.stringify(data, Object.keys(data).sort());
+}
+function signEscrowReceipt(data, privateKey) {
+  const message = Buffer.from(canonicalJson(data), "utf-8");
+  const keyObject = createPrivateKey({ key: privateKey, format: "der", type: "pkcs8" });
+  const signature = sign(null, message, keyObject);
+  return signature.toString("base64url");
+}
+function verifyEscrowReceipt(data, signature, publicKey) {
+  try {
+    const message = Buffer.from(canonicalJson(data), "utf-8");
+    const keyObject = createPublicKey({ key: publicKey, format: "der", type: "spki" });
+    const sigBuffer = Buffer.from(signature, "base64url");
+    return verify(null, message, keyObject, sigBuffer);
+  } catch {
+    return false;
+  }
+}
+
+export {
+  openCreditDb,
+  getBalance,
+  recordEarning,
+  holdEscrow,
+  settleEscrow,
+  releaseEscrow,
+  interpolateObject,
+  generateKeyPair,
+  saveKeyPair,
+  loadKeyPair,
+  signEscrowReceipt,
+  verifyEscrowReceipt,
+  DEFAULT_AUTONOMY_CONFIG,
+  getAutonomyTier,
+  insertAuditEvent
+};

package/dist/{chunk-M3G5NR2Z.js → chunk-QITOPASZ.js}

@@ -2,7 +2,7 @@ import {
   generateKeyPair,
   loadKeyPair,
   saveKeyPair
-} from "./chunk-DVAS2443.js";
+} from "./chunk-5KFI5X7B.js";
 
 // src/identity/identity.ts
 import { z } from "zod";
@@ -80,7 +80,13 @@ function saveIdentity(configDir, identity) {
 }
 function ensureIdentity(configDir, owner) {
   const existing = loadIdentity(configDir);
-  if (existing) return existing;
+  if (existing) {
+    if (existing.owner !== owner) {
+      existing.owner = owner;
+      saveIdentity(configDir, existing);
+    }
+    return existing;
+  }
   return createIdentity(configDir, owner);
 }
 

package/dist/{chunk-TLU7ALCZ.js → chunk-T7NS2J2B.js}

@@ -1,7 +1,7 @@
 import {
   AgentBnBError,
   CapabilityCardSchema
-} from "./chunk-FNKBHBYK.js";
+} from "./chunk-WGZ5AGOX.js";
 
 // src/registry/request-log.ts
 var SINCE_MS = {

package/dist/chunk-UB2NPFC7.js

@@ -0,0 +1,165 @@
+// src/types/index.ts
+import { z } from "zod";
+var IOSchemaSchema = z.object({
+  name: z.string(),
+  type: z.enum(["text", "json", "file", "audio", "image", "video", "stream"]),
+  description: z.string().optional(),
+  required: z.boolean().default(true),
+  schema: z.record(z.unknown()).optional()
+  // JSON Schema
+});
+var PoweredBySchema = z.object({
+  provider: z.string().min(1),
+  model: z.string().optional(),
+  tier: z.string().optional()
+});
+var CapabilityCardSchema = z.object({
+  spec_version: z.literal("1.0").default("1.0"),
+  id: z.string().uuid(),
+  owner: z.string().min(1),
+  name: z.string().min(1).max(100),
+  description: z.string().max(500),
+  level: z.union([z.literal(1), z.literal(2), z.literal(3)]),
+  inputs: z.array(IOSchemaSchema),
+  outputs: z.array(IOSchemaSchema),
+  pricing: z.object({
+    credits_per_call: z.number().nonnegative(),
+    credits_per_minute: z.number().nonnegative().optional(),
+    /** Number of free monthly calls. Shown as a "N free/mo" badge in the Hub. */
+    free_tier: z.number().nonnegative().optional()
+  }),
+  availability: z.object({
+    online: z.boolean(),
+    schedule: z.string().optional()
+    // cron expression
+  }),
+  powered_by: z.array(PoweredBySchema).optional(),
+  /**
+   * Private per-card metadata. Stripped from all API and CLI responses —
+   * never transmitted beyond the local store.
+   */
+  _internal: z.record(z.unknown()).optional(),
+  /** Public gateway URL where this agent accepts requests. Populated on remote publish. */
+  gateway_url: z.string().url().optional(),
+  metadata: z.object({
+    apis_used: z.array(z.string()).optional(),
+    avg_latency_ms: z.number().nonnegative().optional(),
+    success_rate: z.number().min(0).max(1).optional(),
+    tags: z.array(z.string()).optional()
+  }).optional(),
+  created_at: z.string().datetime().optional(),
+  updated_at: z.string().datetime().optional()
+});
+var SkillSchema = z.object({
+  /** Stable skill identifier, e.g. 'tts-elevenlabs'. Used for gateway routing and idle tracking. */
+  id: z.string().min(1),
+  name: z.string().min(1).max(100),
+  description: z.string().max(500),
+  level: z.union([z.literal(1), z.literal(2), z.literal(3)]),
+  /** Optional grouping category, e.g. 'tts' | 'video_gen' | 'code_review'. */
+  category: z.string().optional(),
+  inputs: z.array(IOSchemaSchema),
+  outputs: z.array(IOSchemaSchema),
+  pricing: z.object({
+    credits_per_call: z.number().nonnegative(),
+    credits_per_minute: z.number().nonnegative().optional(),
+    free_tier: z.number().nonnegative().optional()
+  }),
+  /** Per-skill online flag — overrides card-level availability for this skill. */
+  availability: z.object({ online: z.boolean() }).optional(),
+  powered_by: z.array(PoweredBySchema).optional(),
+  metadata: z.object({
+    apis_used: z.array(z.string()).optional(),
+    avg_latency_ms: z.number().nonnegative().optional(),
+    success_rate: z.number().min(0).max(1).optional(),
+    tags: z.array(z.string()).optional(),
+    capacity: z.object({
+      calls_per_hour: z.number().positive().default(60)
+    }).optional()
+  }).optional(),
+  /**
+   * Private per-skill metadata. Stripped from all API and CLI responses —
+   * never transmitted beyond the local store.
+   */
+  _internal: z.record(z.unknown()).optional()
+});
+var SuitabilitySchema = z.object({
+  /** Use cases this agent/skill is optimised for. */
+  ideal_for: z.array(z.string()).optional(),
+  /** Scenarios this agent/skill cannot reliably handle. */
+  not_suitable_for: z.array(z.string()).optional(),
+  /** Domains explicitly excluded (used for routing exclusions in later phases). */
+  excluded_domains: z.array(z.string()).optional(),
+  /** Conditions that increase failure risk, shown as warnings in the Hub. */
+  risk_conditions: z.array(z.string()).optional(),
+  /** Recommended alternative when this agent is unsuitable. */
+  fallback_recommendation: z.string().optional()
+});
+var LearningSchema = z.object({
+  /** Known limitations that may affect reliability (self-declared). */
+  known_limitations: z.array(z.string()).optional(),
+  /** Common failure patterns observed by the provider. */
+  common_failure_patterns: z.array(z.string()).optional(),
+  /** Version-tagged improvements the provider has shipped. */
+  recent_improvements: z.array(z.object({
+    version: z.string(),
+    summary: z.string(),
+    timestamp: z.string()
+  })).optional(),
+  /** Structured critiques from external sources (phase 2+). */
+  critiques: z.array(z.object({
+    type: z.literal("structured"),
+    summary: z.string(),
+    source_tier: z.string(),
+    timestamp: z.string()
+  })).optional()
+});
+var CapabilityCardV2Schema = z.object({
+  spec_version: z.literal("2.0"),
+  id: z.string().uuid(),
+  owner: z.string().min(1),
+  /** Agent display name — was 'name' in v1.0. */
+  agent_name: z.string().min(1).max(100),
+  /** Short one-liner shown in Hub v2 Identity Header. */
+  short_description: z.string().max(200).optional(),
+  /** At least one skill is required. */
+  skills: z.array(SkillSchema).min(1),
+  availability: z.object({
+    online: z.boolean(),
+    schedule: z.string().optional()
+  }),
+  /** Optional deployment environment metadata. */
+  environment: z.object({
+    runtime: z.string(),
+    region: z.string().optional()
+  }).optional(),
+  /** Suitability metadata for Hub v2 profile and future routing warnings. */
+  suitability: SuitabilitySchema.optional(),
+  /** Learning signals — self-declared limitations, improvements, critiques. */
+  learning: LearningSchema.optional(),
+  /**
+   * Private per-card metadata. Stripped from all API and CLI responses —
+   * never transmitted beyond the local store.
+   */
+  _internal: z.record(z.unknown()).optional(),
+  /** Public gateway URL where this agent accepts requests. Populated on remote publish. */
+  gateway_url: z.string().url().optional(),
+  created_at: z.string().datetime().optional(),
+  updated_at: z.string().datetime().optional()
+});
+var AnyCardSchema = z.discriminatedUnion("spec_version", [
+  CapabilityCardSchema,
+  CapabilityCardV2Schema
+]);
+var AgentBnBError = class extends Error {
+  constructor(message, code) {
+    super(message);
+    this.code = code;
+    this.name = "AgentBnBError";
+  }
+};
+
+export {
+  CapabilityCardV2Schema,
+  AgentBnBError
+};

package/dist/{chunk-FNKBHBYK.js → chunk-WGZ5AGOX.js}

@@ -83,12 +83,45 @@ var SkillSchema = z.object({
    */
   _internal: z.record(z.unknown()).optional()
 });
+var SuitabilitySchema = z.object({
+  /** Use cases this agent/skill is optimised for. */
+  ideal_for: z.array(z.string()).optional(),
+  /** Scenarios this agent/skill cannot reliably handle. */
+  not_suitable_for: z.array(z.string()).optional(),
+  /** Domains explicitly excluded (used for routing exclusions in later phases). */
+  excluded_domains: z.array(z.string()).optional(),
+  /** Conditions that increase failure risk, shown as warnings in the Hub. */
+  risk_conditions: z.array(z.string()).optional(),
+  /** Recommended alternative when this agent is unsuitable. */
+  fallback_recommendation: z.string().optional()
+});
+var LearningSchema = z.object({
+  /** Known limitations that may affect reliability (self-declared). */
+  known_limitations: z.array(z.string()).optional(),
+  /** Common failure patterns observed by the provider. */
+  common_failure_patterns: z.array(z.string()).optional(),
+  /** Version-tagged improvements the provider has shipped. */
+  recent_improvements: z.array(z.object({
+    version: z.string(),
+    summary: z.string(),
+    timestamp: z.string()
+  })).optional(),
+  /** Structured critiques from external sources (phase 2+). */
+  critiques: z.array(z.object({
+    type: z.literal("structured"),
+    summary: z.string(),
+    source_tier: z.string(),
+    timestamp: z.string()
+  })).optional()
+});
 var CapabilityCardV2Schema = z.object({
   spec_version: z.literal("2.0"),
   id: z.string().uuid(),
   owner: z.string().min(1),
   /** Agent display name — was 'name' in v1.0. */
   agent_name: z.string().min(1).max(100),
+  /** Short one-liner shown in Hub v2 Identity Header. */
+  short_description: z.string().max(200).optional(),
   /** At least one skill is required. */
   skills: z.array(SkillSchema).min(1),
   availability: z.object({
@@ -100,6 +133,10 @@ var CapabilityCardV2Schema = z.object({
     runtime: z.string(),
     region: z.string().optional()
   }).optional(),
+  /** Suitability metadata for Hub v2 profile and future routing warnings. */
+  suitability: SuitabilitySchema.optional(),
+  /** Learning signals — self-declared limitations, improvements, critiques. */
+  learning: LearningSchema.optional(),
   /**
    * Private per-card metadata. Stripped from all API and CLI responses —
    * never transmitted beyond the local store.
@@ -123,10 +160,7 @@ var AgentBnBError = class extends Error {
 };
 
 export {
-  IOSchemaSchema,
-  PoweredBySchema,
   CapabilityCardSchema,
-  SkillSchema,
   CapabilityCardV2Schema,
   AnyCardSchema,
   AgentBnBError

package/dist/{chunk-KJG2UJV5.js → chunk-XND2DWTZ.js}

@@ -1,9 +1,9 @@
 import {
   signEscrowReceipt
-} from "./chunk-DVAS2443.js";
+} from "./chunk-5KFI5X7B.js";
 import {
   AgentBnBError
-} from "./chunk-FNKBHBYK.js";
+} from "./chunk-WGZ5AGOX.js";
 
 // src/gateway/client.ts
 import { randomUUID } from "crypto";
@@ -62,6 +62,7 @@ async function requestViaRelay(relay, opts) {
       cardId: opts.cardId,
       skillId: opts.skillId,
       params: opts.params ?? {},
+      requester: opts.requester,
       escrowReceipt: opts.escrowReceipt,
       timeoutMs: opts.timeoutMs
     });

package/dist/cli/index.d.ts

@@ -0,0 +1 @@
+#!/usr/bin/env node