agentbnb 4.0.1 → 4.0.4

package/dist/cli/index.js

@@ -2,11 +2,16 @@
 import {
   deriveAgentId,
   ensureIdentity
-} from "../chunk-M3G5NR2Z.js";
+} from "../chunk-QITOPASZ.js";
 import {
   createLedger,
   identityAuthPlugin
-} from "../chunk-ODBGCCEH.js";
+} from "../chunk-HH24WMFN.js";
+import {
+  executeCapabilityRequest,
+  releaseRequesterEscrow,
+  settleRequesterEscrow
+} from "../chunk-5QGXARLJ.js";
 import {
   interpolateObject
 } from "../chunk-3MJT4PZG.js";
@@ -19,16 +24,16 @@ import {
   insertAuditEvent,
   listPendingRequests,
   resolvePendingRequest
-} from "../chunk-6K5WUVF3.js";
+} from "../chunk-GGYC5U2Z.js";
 import {
   fetchRemoteCards,
   filterCards,
   mergeResults,
   searchCards
-} from "../chunk-QJEOCKVF.js";
+} from "../chunk-FF226TIV.js";
 import {
   requestCapability
-} from "../chunk-KJG2UJV5.js";
+} from "../chunk-XND2DWTZ.js";
 import {
   findPeer,
   loadPeers,
@@ -40,11 +45,6 @@ import {
   loadConfig,
   saveConfig
 } from "../chunk-75OC6E4F.js";
-import {
-  executeCapabilityRequest,
-  releaseRequesterEscrow,
-  settleRequesterEscrow
-} from "../chunk-Q7HRI666.js";
 import {
   getActivityFeed,
   getCard,
@@ -57,28 +57,29 @@ import {
   updateCard,
   updateSkillAvailability,
   updateSkillIdleRate
-} from "../chunk-TLU7ALCZ.js";
+} from "../chunk-T7NS2J2B.js";
 import {
   bootstrapAgent,
   getBalance,
   getTransactions,
   holdEscrow,
+  migrateOwner,
   openCreditDb,
   releaseEscrow,
   settleEscrow
-} from "../chunk-XQHN6ITI.js";
+} from "../chunk-DNWT5FZQ.js";
 import {
   generateKeyPair,
   loadKeyPair,
   saveKeyPair,
   signEscrowReceipt,
   verifyEscrowReceipt
-} from "../chunk-DVAS2443.js";
+} from "../chunk-5KFI5X7B.js";
 import {
   AgentBnBError,
   AnyCardSchema,
   CapabilityCardV2Schema
-} from "../chunk-FNKBHBYK.js";
+} from "../chunk-WGZ5AGOX.js";
 import {
   RelayMessageSchema
 } from "../chunk-QT7TEVNV.js";
@@ -87,7 +88,7 @@ import {
 import { Command } from "commander";
 import { readFileSync as readFileSync4 } from "fs";
 import { createRequire } from "module";
-import { randomBytes as randomBytes2 } from "crypto";
+import { randomBytes as randomBytes2, randomUUID as randomUUID10 } from "crypto";
 import { join as join3 } from "path";
 import { networkInterfaces, homedir } from "os";
 import { createInterface as createInterface2 } from "readline";
@@ -1432,8 +1433,8 @@ var AgentRuntime = class {
     }
     const modes = /* @__PURE__ */ new Map();
     if (this.conductorEnabled) {
-      const { ConductorMode } = await import("../conductor-mode-3JS4VWCR.js");
-      const { registerConductorCard, CONDUCTOR_OWNER } = await import("../card-4XH4AOTE.js");
+      const { ConductorMode } = await import("../conductor-mode-XUWGR4ZE.js");
+      const { registerConductorCard, CONDUCTOR_OWNER } = await import("../card-RSGDCHCV.js");
       const { loadPeers: loadPeers2 } = await import("../peers-K7FSHPN3.js");
       registerConductorCard(this.registryDb);
       const resolveAgentUrl = (owner) => {
@@ -1662,14 +1663,27 @@ function lookupCardPrice(registryDb, cardId, skillId) {
   } catch {
     return null;
   }
-  if (skillId && Array.isArray(card.skills)) {
+  if (Array.isArray(card.skills) && card.skills.length > 0) {
     const skills = card.skills;
-    const skill = skills.find((s) => s.id === skillId);
-    if (skill) {
-      const skillPricing = skill.pricing;
-      if (skillPricing && typeof skillPricing.credits_per_call === "number") {
-        return skillPricing.credits_per_call;
+    if (skillId) {
+      const skill = skills.find((s) => s.id === skillId);
+      if (skill) {
+        const skillPricing = skill.pricing;
+        if (skillPricing && typeof skillPricing.credits_per_call === "number") {
+          return skillPricing.credits_per_call;
+        }
       }
+    } else {
+      let minPrice = null;
+      for (const s of skills) {
+        const sp = s.pricing;
+        if (sp && typeof sp.credits_per_call === "number" && sp.credits_per_call > 0) {
+          if (minPrice === null || sp.credits_per_call < minPrice) {
+            minPrice = sp.credits_per_call;
+          }
+        }
+      }
+      if (minPrice !== null) return minPrice;
     }
   }
   const pricing = card.pricing;
@@ -2103,7 +2117,13 @@ function registerWebSocketRelay(server, db, creditDb) {
       }
     }
     connections.set(owner, ws);
-    const cardId = upsertCard(card, owner);
+    let cardId;
+    try {
+      cardId = upsertCard(card, owner);
+    } catch (err) {
+      console.error(`[relay] card validation failed for ${owner}:`, err instanceof Error ? err.message : err);
+      cardId = card.id ?? owner;
+    }
     const cardName = card.name ?? card.agent_name ?? owner;
     logAgentJoined(owner, cardName, cardId);
     if (msg.cards && msg.cards.length > 0) {
@@ -2143,12 +2163,13 @@ function registerWebSocketRelay(server, db, creditDb) {
       });
       return;
     }
+    const creditOwner = msg.requester ?? fromOwner;
     let escrowId;
     if (creditDb) {
       try {
         const price = lookupCardPrice(db, msg.card_id, msg.skill_id);
         if (price !== null && price > 0) {
-          escrowId = holdForRelay(creditDb, fromOwner, price, msg.card_id);
+          escrowId = holdForRelay(creditDb, creditOwner, price, msg.card_id);
         }
       } catch (err) {
         if (err instanceof AgentBnBError && err.code === "INSUFFICIENT_CREDITS") {
@@ -2178,7 +2199,7 @@ function registerWebSocketRelay(server, db, creditDb) {
         error: { code: -32603, message: "Relay request timeout" }
       });
     }, RELAY_TIMEOUT_MS);
-    pendingRequests.set(msg.id, { originOwner: fromOwner, timeout, escrowId, targetOwner: msg.target_owner });
+    pendingRequests.set(msg.id, { originOwner: fromOwner, creditOwner, timeout, escrowId, targetOwner: msg.target_owner });
     sendMessage(targetWs, {
       type: "incoming_request",
       id: msg.id,
@@ -2266,7 +2287,7 @@ function registerWebSocketRelay(server, db, creditDb) {
       conductorFee = calculateConductorFee(totalCredits);
       if (conductorFee > 0) {
         try {
-          const feeEscrowId = holdForRelay(creditDb, pending.originOwner, conductorFee, msg.id);
+          const feeEscrowId = holdForRelay(creditDb, pending.creditOwner ?? pending.originOwner, conductorFee, msg.id);
           settleForRelay(creditDb, feeEscrowId, pending.targetOwner);
         } catch (e) {
           console.error("[relay] conductor fee settlement failed (non-fatal):", e);
@@ -2322,60 +2343,62 @@ function registerWebSocketRelay(server, db, creditDb) {
       }
     }
   }
-  server.get("/ws", { websocket: true }, (rawSocket, _request) => {
-    const socket = rawSocket;
-    let registeredOwner;
-    socket.on("message", (raw) => {
-      void (async () => {
-        let data;
-        try {
-          data = JSON.parse(typeof raw === "string" ? raw : raw.toString("utf-8"));
-        } catch {
-          sendMessage(socket, { type: "error", code: "invalid_json", message: "Invalid JSON" });
-          return;
-        }
-        const parsed = RelayMessageSchema.safeParse(data);
-        if (!parsed.success) {
-          sendMessage(socket, {
-            type: "error",
-            code: "invalid_message",
-            message: `Invalid message: ${parsed.error.issues[0]?.message ?? "unknown error"}`
-          });
-          return;
-        }
-        const msg = parsed.data;
-        switch (msg.type) {
-          case "register":
-            registeredOwner = msg.owner;
-            handleRegister(socket, msg);
-            break;
-          case "relay_request":
-            if (!registeredOwner) {
-              sendMessage(socket, {
-                type: "error",
-                code: "not_registered",
-                message: "Must send register message before relay requests"
-              });
-              return;
-            }
-            await handleRelayRequest(socket, msg, registeredOwner);
-            break;
-          case "relay_response":
-            handleRelayResponse(msg);
-            break;
-          case "relay_progress":
-            handleRelayProgress(msg);
-            break;
-          default:
-            break;
-        }
-      })();
-    });
-    socket.on("close", () => {
-      handleDisconnect(registeredOwner);
-    });
-    socket.on("error", () => {
-      handleDisconnect(registeredOwner);
+  void server.register(async (app) => {
+    app.get("/ws", { websocket: true }, (rawSocket, _request) => {
+      const socket = rawSocket;
+      let registeredOwner;
+      socket.on("message", (raw) => {
+        void (async () => {
+          let data;
+          try {
+            data = JSON.parse(typeof raw === "string" ? raw : raw.toString("utf-8"));
+          } catch {
+            sendMessage(socket, { type: "error", code: "invalid_json", message: "Invalid JSON" });
+            return;
+          }
+          const parsed = RelayMessageSchema.safeParse(data);
+          if (!parsed.success) {
+            sendMessage(socket, {
+              type: "error",
+              code: "invalid_message",
+              message: `Invalid message: ${parsed.error.issues[0]?.message ?? "unknown error"}`
+            });
+            return;
+          }
+          const msg = parsed.data;
+          switch (msg.type) {
+            case "register":
+              registeredOwner = msg.owner;
+              handleRegister(socket, msg);
+              break;
+            case "relay_request":
+              if (!registeredOwner) {
+                sendMessage(socket, {
+                  type: "error",
+                  code: "not_registered",
+                  message: "Must send register message before relay requests"
+                });
+                return;
+              }
+              await handleRelayRequest(socket, msg, registeredOwner);
+              break;
+            case "relay_response":
+              handleRelayResponse(msg);
+              break;
+            case "relay_progress":
+              handleRelayProgress(msg);
+              break;
+            default:
+              break;
+          }
+        })();
+      });
+      socket.on("close", () => {
+        handleDisconnect(registeredOwner);
+      });
+      socket.on("error", () => {
+        handleDisconnect(registeredOwner);
+      });
     });
   });
   return {
@@ -2544,9 +2567,14 @@ async function creditRoutesPlugin(fastify, options) {
   creditDb.exec(`
     CREATE TABLE IF NOT EXISTS credit_grants (
       public_key TEXT PRIMARY KEY,
-      granted_at TEXT NOT NULL
+      granted_at TEXT NOT NULL,
+      owner TEXT
     )
   `);
+  try {
+    creditDb.exec("ALTER TABLE credit_grants ADD COLUMN owner TEXT");
+  } catch {
+  }
   initFreeTierTable(creditDb);
   await fastify.register(async (scope) => {
     identityAuthPlugin(scope);
@@ -2686,13 +2714,18 @@ async function creditRoutesPlugin(fastify, options) {
       if (!owner) {
         return reply.code(400).send({ error: "owner is required" });
       }
-      const existing = creditDb.prepare("SELECT public_key FROM credit_grants WHERE public_key = ?").get(publicKey);
+      const existing = creditDb.prepare("SELECT public_key, owner FROM credit_grants WHERE public_key = ?").get(publicKey);
       if (existing) {
+        if (existing.owner && existing.owner !== owner) {
+          migrateOwner(creditDb, existing.owner, owner);
+          creditDb.prepare("UPDATE credit_grants SET owner = ? WHERE public_key = ?").run(owner, publicKey);
+          return reply.send({ ok: true, granted: 0, reason: "renamed", from: existing.owner, to: owner });
+        }
         return reply.send({ ok: true, granted: 0, reason: "already_granted" });
       }
       const now = (/* @__PURE__ */ new Date()).toISOString();
       bootstrapAgent(creditDb, owner, amount);
-      creditDb.prepare("INSERT INTO credit_grants (public_key, granted_at) VALUES (?, ?)").run(publicKey, now);
+      creditDb.prepare("INSERT INTO credit_grants (public_key, granted_at, owner) VALUES (?, ?, ?)").run(publicKey, now, owner);
       return reply.send({ ok: true, granted: amount });
     });
     scope.get("/api/credits/:owner", {
@@ -2733,6 +2766,38 @@ async function creditRoutesPlugin(fastify, options) {
       const transactions = getTransactions(creditDb, owner, limit);
       return reply.send({ transactions, limit });
     });
+    scope.post("/api/credits/rename", {
+      schema: {
+        tags: ["credits"],
+        summary: "Rename owner \u2014 migrate credits from old owner to new owner",
+        security: [{ ed25519Auth: [] }],
+        body: {
+          type: "object",
+          properties: {
+            oldOwner: { type: "string" },
+            newOwner: { type: "string" }
+          },
+          required: ["oldOwner", "newOwner"]
+        },
+        response: {
+          200: { type: "object", properties: { ok: { type: "boolean" }, migrated: { type: "boolean" } } },
+          400: { type: "object", properties: { error: { type: "string" } } }
+        }
+      }
+    }, async (request, reply) => {
+      const body = request.body;
+      const oldOwner = typeof body.oldOwner === "string" ? body.oldOwner.trim() : "";
+      const newOwner = typeof body.newOwner === "string" ? body.newOwner.trim() : "";
+      if (!oldOwner || !newOwner || oldOwner === newOwner) {
+        return reply.code(400).send({ error: "oldOwner and newOwner must be different non-empty strings" });
+      }
+      const oldBalance = getBalance(creditDb, oldOwner);
+      if (oldBalance === 0) {
+        return reply.send({ ok: true, migrated: false });
+      }
+      migrateOwner(creditDb, oldOwner, newOwner);
+      return reply.send({ ok: true, migrated: true });
+    });
   });
 }
 
@@ -3525,11 +3590,6 @@ function createRegistryServer(opts) {
       if (tag !== void 0 && tag.length > 0) {
         cards = cards.filter((c) => c.metadata?.tags?.includes(tag));
       }
-      if (minSuccessRate !== void 0 && !isNaN(minSuccessRate)) {
-        cards = cards.filter(
-          (c) => (c.metadata?.success_rate ?? -1) >= minSuccessRate
-        );
-      }
       if (maxLatencyMs !== void 0 && !isNaN(maxLatencyMs)) {
         cards = cards.filter(
           (c) => (c.metadata?.avg_latency_ms ?? Infinity) <= maxLatencyMs
@@ -3551,6 +3611,46 @@ function createRegistryServer(opts) {
           usesMap.set(row.skill_id, (usesMap.get(row.skill_id) ?? 0) + row.cnt);
         }
       }
+      const ownerTrustMap = /* @__PURE__ */ new Map();
+      const uniqueOwners = [...new Set(cards.map((c) => c.owner))];
+      if (uniqueOwners.length > 0) {
+        const placeholders = uniqueOwners.map(() => "?").join(",");
+        const trustStmt = db.prepare(`
+        SELECT cc.owner,
+          COUNT(rl.id) as total_exec,
+          SUM(CASE WHEN rl.status IN ('success','failure','timeout','refunded') THEN 1 ELSE 0 END) as terminal_exec,
+          SUM(CASE WHEN rl.status = 'success' THEN 1 ELSE 0 END) as success_exec,
+          AVG(CASE WHEN rl.status = 'success' THEN rl.latency_ms END) as avg_latency
+        FROM capability_cards cc
+        LEFT JOIN request_log rl ON rl.card_id = cc.id AND rl.action_type IS NULL
+        WHERE cc.owner IN (${placeholders})
+        GROUP BY cc.owner
+      `);
+        const trustRows = trustStmt.all(...uniqueOwners);
+        for (const row of trustRows) {
+          const terminalExec = row.terminal_exec ?? 0;
+          const successExec = row.success_exec ?? 0;
+          const successRate = terminalExec > 0 ? successExec / terminalExec : 0;
+          let tier = 0;
+          if (row.total_exec > 10) tier = 1;
+          if (row.total_exec > 50 && successRate >= 0.85) tier = 2;
+          ownerTrustMap.set(row.owner, {
+            performance_tier: tier,
+            authority_source: "self",
+            // Phase 1: all self-declared
+            success_rate: successRate,
+            avg_latency_ms: Math.round(row.avg_latency ?? 0),
+            terminal_exec: terminalExec
+          });
+        }
+      }
+      if (minSuccessRate !== void 0 && !isNaN(minSuccessRate)) {
+        cards = cards.filter((c) => {
+          const trust = ownerTrustMap.get(c.owner);
+          if (!trust || trust.terminal_exec === 0) return false;
+          return trust.success_rate >= minSuccessRate;
+        });
+      }
       if (sort === "popular") {
         cards = [...cards].sort((a, b) => {
           const aUses = usesMap.get(a.id) ?? 0;
@@ -3584,7 +3684,22 @@ function createRegistryServer(opts) {
         });
       }
       const total = cards.length;
-      const items = cards.slice(offset, offset + limit).map(stripInternal);
+      const pagedCards = cards.slice(offset, offset + limit);
+      const items = pagedCards.map((card) => {
+        const trust = ownerTrustMap.get(card.owner);
+        const stripped = stripInternal(card);
+        return {
+          ...stripped,
+          performance_tier: trust?.performance_tier ?? 0,
+          authority_source: trust?.authority_source ?? "self",
+          // Enrich metadata with live execution-based success_rate if available
+          metadata: trust && trust.terminal_exec > 0 ? {
+            ...stripped.metadata,
+            success_rate: trust.success_rate,
+            avg_latency_ms: trust.avg_latency_ms || stripped.metadata?.avg_latency_ms
+          } : stripped.metadata
+        };
+      });
       const usesThisWeek = {};
       for (const [key, count] of usesMap) {
         if (count > 0) usesThisWeek[key] = count;
@@ -3794,17 +3909,10 @@ function createRegistryServer(opts) {
     api.get("/api/agents/:owner", {
       schema: {
         tags: ["agents"],
-        summary: "Get agent profile, skills, and recent activity",
+        summary: "Get agent profile, skills, and recent activity (AgentProfileV2)",
         params: { type: "object", properties: { owner: { type: "string" } }, required: ["owner"] },
         response: {
-          200: {
-            type: "object",
-            properties: {
-              profile: { type: "object", additionalProperties: true },
-              skills: { type: "array" },
-              recent_activity: { type: "array" }
-            }
-          },
+          200: { type: "object", additionalProperties: true },
           404: { type: "object", properties: { error: { type: "string" } } }
         }
       }
@@ -3814,20 +3922,85 @@ function createRegistryServer(opts) {
       if (ownerCards.length === 0) {
         return reply.status(404).send({ error: "Agent not found" });
       }
-      const skillCount = ownerCards.reduce((sum, card) => sum + (card.skills?.length ?? 1), 0);
-      const successRates = ownerCards.map((c) => c.metadata?.success_rate).filter((r) => r != null);
-      const avgSuccessRate = successRates.length > 0 ? successRates.reduce((a, b) => a + b, 0) / successRates.length : null;
-      const creditsStmt = db.prepare(`
-      SELECT SUM(CASE WHEN rl.status = 'success' THEN rl.credits_charged ELSE 0 END) as credits_earned
-      FROM capability_cards cc
-      LEFT JOIN request_log rl ON rl.card_id = cc.id
-      WHERE cc.owner = ?
-    `);
-      const creditsRow = creditsStmt.get(owner);
       const memberStmt = db.prepare(
-        "SELECT MIN(created_at) as earliest FROM capability_cards WHERE owner = ?"
+        "SELECT MIN(created_at) as earliest, MAX(created_at) as latest FROM capability_cards WHERE owner = ?"
       );
       const memberRow = memberStmt.get(owner);
+      const joinedAt = memberRow?.earliest ?? (/* @__PURE__ */ new Date()).toISOString();
+      const lastActiveStmt = db.prepare(`
+      SELECT MAX(rl.created_at) as last_req
+      FROM request_log rl
+      INNER JOIN capability_cards cc ON rl.card_id = cc.id
+      WHERE cc.owner = ?
+    `);
+      const lastActiveRow = lastActiveStmt.get(owner);
+      const lastActive = lastActiveRow?.last_req ?? memberRow?.latest ?? joinedAt;
+      const metricsStmt = db.prepare(`
+      SELECT
+        COUNT(*) as total,
+        SUM(CASE WHEN rl.status = 'success' THEN 1 ELSE 0 END) as successes,
+        AVG(CASE WHEN rl.status = 'success' THEN rl.latency_ms END) as avg_latency,
+        COUNT(DISTINCT rl.requester) as unique_requesters,
+        COUNT(DISTINCT CASE WHEN rl.status = 'success' THEN rl.requester END) as repeat_success_requesters
+      FROM request_log rl
+      INNER JOIN capability_cards cc ON rl.card_id = cc.id
+      WHERE cc.owner = ? AND rl.action_type IS NULL
+    `);
+      const metricsRow = metricsStmt.get(owner);
+      const totalExec = metricsRow?.total ?? 0;
+      const successExec = metricsRow?.successes ?? 0;
+      const successRate = totalExec > 0 ? successExec / totalExec : 0;
+      const avgLatency = metricsRow?.avg_latency ?? 0;
+      const refundRate = totalExec > 0 ? (totalExec - successExec) / totalExec : 0;
+      const uniqueReq = metricsRow?.unique_requesters ?? 0;
+      const repeatRate = uniqueReq > 0 ? (metricsRow?.repeat_success_requesters ?? 0) / uniqueReq : 0;
+      const trendStmt = db.prepare(`
+      SELECT
+        DATE(rl.created_at) as day,
+        COUNT(*) as count,
+        SUM(CASE WHEN rl.status = 'success' THEN 1 ELSE 0 END) as success
+      FROM request_log rl
+      INNER JOIN capability_cards cc ON rl.card_id = cc.id
+      WHERE cc.owner = ? AND rl.action_type IS NULL
+        AND rl.created_at >= DATE('now', '-7 days')
+      GROUP BY DATE(rl.created_at)
+      ORDER BY day ASC
+    `);
+      const trend_7d = trendStmt.all(owner).map((r) => ({ date: r.day, count: r.count, success: r.success }));
+      let performanceTier = 0;
+      if (totalExec > 10) performanceTier = 1;
+      if (totalExec > 50 && successRate >= 0.85) performanceTier = 2;
+      const proofsStmt = db.prepare(`
+      SELECT rl.card_name, rl.status, rl.latency_ms, rl.id, rl.created_at
+      FROM request_log rl
+      INNER JOIN capability_cards cc ON rl.card_id = cc.id
+      WHERE cc.owner = ? AND rl.action_type IS NULL
+      ORDER BY rl.created_at DESC
+      LIMIT 10
+    `);
+      const proofRows = proofsStmt.all(owner);
+      const statusToOutcomeClass = (s) => {
+        if (s === "success") return "completed";
+        if (s === "timeout") return "cancelled";
+        return "failed";
+      };
+      const executionProofs = proofRows.map((r) => ({
+        action: r.card_name,
+        status: r.status === "timeout" ? "timeout" : r.status,
+        outcome_class: statusToOutcomeClass(r.status),
+        latency_ms: r.latency_ms,
+        receipt_id: r.id,
+        proof_source: "request_log",
+        timestamp: r.created_at
+      }));
+      const v2Card = ownerCards.find((c) => c.spec_version === "2.0");
+      const suitability = v2Card?.suitability;
+      const learning = {
+        known_limitations: v2Card?.learning?.known_limitations ?? [],
+        common_failure_patterns: v2Card?.learning?.common_failure_patterns ?? [],
+        recent_improvements: v2Card?.learning?.recent_improvements ?? [],
+        critiques: v2Card?.learning?.critiques ?? []
+      };
       const activityStmt = db.prepare(`
       SELECT rl.id, rl.card_name, rl.requester, rl.status, rl.credits_charged, rl.created_at
       FROM request_log rl
@@ -3837,17 +4010,53 @@ function createRegistryServer(opts) {
       LIMIT 10
     `);
       const recentActivity = activityStmt.all(owner);
-      const profile = {
+      const skillCount = ownerCards.reduce((sum, card) => sum + (card.skills?.length ?? 1), 0);
+      const creditsStmt = db.prepare(`
+      SELECT SUM(CASE WHEN rl.status = 'success' THEN rl.credits_charged ELSE 0 END) as credits_earned
+      FROM capability_cards cc
+      LEFT JOIN request_log rl ON rl.card_id = cc.id
+      WHERE cc.owner = ?
+    `);
+      const creditsRow = creditsStmt.get(owner);
+      const response = {
         owner,
-        skill_count: skillCount,
-        success_rate: avgSuccessRate,
-        total_earned: creditsRow?.credits_earned ?? 0,
-        member_since: memberRow?.earliest ?? (/* @__PURE__ */ new Date()).toISOString()
-      };
-      return reply.send({
-        profile,
+        agent_name: v2Card?.agent_name,
+        short_description: v2Card?.short_description,
+        joined_at: joinedAt,
+        last_active: lastActive,
+        performance_tier: performanceTier,
+        verification_badges: [],
+        // Phase 1: no verification mechanism yet
+        authority: {
+          authority_source: "self",
+          verification_status: "none"
+        },
+        suitability,
+        trust_metrics: {
+          total_executions: totalExec,
+          successful_executions: successExec,
+          success_rate: successRate,
+          avg_latency_ms: Math.round(avgLatency),
+          refund_rate: refundRate,
+          repeat_use_rate: repeatRate,
+          trend_7d,
+          snapshot_at: null,
+          aggregation_window: "all"
+        },
+        execution_proofs: executionProofs,
+        learning,
         skills: ownerCards,
         recent_activity: recentActivity
+      };
+      return reply.send({
+        ...response,
+        profile: {
+          owner,
+          skill_count: skillCount,
+          success_rate: successRate > 0 ? successRate : null,
+          total_earned: creditsRow?.credits_earned ?? 0,
+          member_since: joinedAt
+        }
       });
     });
     api.get("/api/activity", {
@@ -3890,7 +4099,9 @@ function createRegistryServer(opts) {
             properties: {
               agents_online: { type: "integer" },
               total_capabilities: { type: "integer" },
-              total_exchanges: { type: "integer" }
+              total_exchanges: { type: "integer" },
+              executions_7d: { type: "integer" },
+              verified_providers_count: { type: "integer" }
             }
           }
         }
@@ -3912,13 +4123,20 @@ function createRegistryServer(opts) {
         "SELECT COUNT(*) as count FROM request_log WHERE status = 'success' AND (action_type IS NULL OR action_type = 'auto_share')"
       );
       const exchangeRow = exchangeStmt.get();
+      const exec7dStmt = db.prepare(
+        "SELECT COUNT(*) as count FROM request_log WHERE action_type IS NULL AND created_at >= DATE('now', '-7 days')"
+      );
+      const exec7dRow = exec7dStmt.get();
       return reply.send({
         agents_online: onlineOwners.size,
         total_capabilities: allCards.reduce((sum, card) => {
           const v2 = card;
           return sum + (v2.skills?.length ?? 1);
         }, 0),
-        total_exchanges: exchangeRow.count
+        total_exchanges: exchangeRow.count,
+        executions_7d: exec7dRow.count,
+        verified_providers_count: 0
+        // Phase 1: no verification mechanism yet
       });
     });
     api.post("/api/identity/register", {
@@ -3933,7 +4151,8 @@ function createRegistryServer(opts) {
         response: {
           201: { type: "object", additionalProperties: true },
           400: { type: "object", properties: { error: { type: "string" } } },
-          409: { type: "object", properties: { error: { type: "string" } } }
+          409: { type: "object", properties: { error: { type: "string" } } },
+          503: { type: "object", properties: { error: { type: "string" } } }
         }
       }
     }, async (request, reply) => {
@@ -3972,7 +4191,8 @@ function createRegistryServer(opts) {
           200: { type: "object", additionalProperties: true },
           400: { type: "object", properties: { error: { type: "string" } } },
           404: { type: "object", properties: { error: { type: "string" } } },
-          409: { type: "object", properties: { error: { type: "string" } } }
+          409: { type: "object", properties: { error: { type: "string" } } },
+          503: { type: "object", properties: { error: { type: "string" } } }
         }
       }
     }, async (request, reply) => {
@@ -4013,7 +4233,8 @@ function createRegistryServer(opts) {
               agent_id: { type: "string" },
               guarantor: { oneOf: [{ type: "object", additionalProperties: true }, { type: "null" }] }
             }
-          }
+          },
+          503: { type: "object", properties: { error: { type: "string" } } }
         }
       }
     }, async (request, reply) => {
@@ -4116,6 +4337,7 @@ function createRegistryServer(opts) {
             params: { type: "object", properties: { id: { type: "string" } }, required: ["id"] },
             response: {
               200: { type: "object", properties: { ok: { type: "boolean" }, online: { type: "boolean" } } },
+              403: { type: "object", properties: { error: { type: "string" } } },
               404: { type: "object", properties: { error: { type: "string" } } }
             }
           }
@@ -4647,6 +4869,51 @@ program.command("init").description("Initialize AgentBnB config and create agent
   }
   const identity = ensureIdentity(configDir, owner);
   const creditDb = openCreditDb(creditDbPath);
+  if (existingConfig?.owner && existingConfig.owner !== owner) {
+    migrateOwner(creditDb, existingConfig.owner, owner);
+    const regDb = openDatabase(dbPath);
+    try {
+      const rows = regDb.prepare("SELECT id, owner, data FROM capability_cards WHERE owner != ?").all(owner);
+      for (const row of rows) {
+        try {
+          const card = JSON.parse(row.data);
+          card.owner = owner;
+          regDb.prepare("UPDATE capability_cards SET owner = ?, data = ? WHERE id = ?").run(owner, JSON.stringify(card), row.id);
+        } catch {
+        }
+      }
+      if (!opts.json && rows.length > 0) {
+        console.log(`Migrated ${rows.length} card(s) \u2192 ${owner}`);
+      }
+    } finally {
+      regDb.close();
+    }
+    const allOwners = creditDb.prepare("SELECT owner FROM credit_balances WHERE owner != ?").all(owner);
+    for (const { owner: oldOwner } of allOwners) {
+      migrateOwner(creditDb, oldOwner, owner);
+    }
+    if (existingConfig.registry) {
+      try {
+        const renameAuth = loadIdentityAuth(owner);
+        const renameLedger = createLedger({
+          registryUrl: existingConfig.registry,
+          ownerPublicKey: renameAuth.publicKey,
+          privateKey: renameAuth.privateKey
+        });
+        await renameLedger.rename(existingConfig.owner, owner);
+        if (!opts.json) {
+          console.log(`Migrated Registry credits: ${existingConfig.owner} \u2192 ${owner}`);
+        }
+      } catch (err) {
+        if (!opts.json) {
+          console.warn(`Warning: could not migrate Registry credits: ${err.message}`);
+        }
+      }
+    }
+    if (!opts.json) {
+      console.log(`Migrated local credits: ${existingConfig.owner} \u2192 ${owner}`);
+    }
+  }
   bootstrapAgent(creditDb, owner, 100);
   creditDb.close();
   let registryBalance;
@@ -5366,12 +5633,13 @@ program.command("request [card-id]").description("Request a capability from anot
   };
   const tryViaRelay = async () => {
     const { RelayClient } = await import("../websocket-client-6IIDGXKB.js");
-    const { requestViaRelay } = await import("../client-BTPIFY7E.js");
+    const { requestViaRelay } = await import("../client-T5MTY3CS.js");
+    const requesterId = `${config.owner}:req:${randomUUID10()}`;
     const tempRelay = new RelayClient({
       registryUrl: config.registry,
-      owner: config.owner,
+      owner: requesterId,
       token: config.token,
-      card: { id: config.owner, owner: config.owner },
+      card: { id: randomUUID10(), owner: requesterId, name: requesterId, description: "Requester", level: 1, spec_version: "1.0", inputs: [], outputs: [], pricing: { credits_per_call: 1 }, availability: { online: false } },
       onRequest: async () => ({ error: { code: -32601, message: "Not serving" } }),
       silent: true
     });
@@ -5382,6 +5650,8 @@ program.command("request [card-id]").description("Request a capability from anot
         cardId,
         skillId: opts.skill,
         params: { ...params, ...opts.skill ? { skill_id: opts.skill } : {} },
+        requester: config.owner,
+        // actual owner for credit tracking on relay server
         escrowReceipt
       });
       return result;
@@ -5507,8 +5777,7 @@ program.command("serve").description("Start the AgentBnB gateway server").option
     console.log("Conductor mode enabled \u2014 orchestrate/plan skills available via gateway");
   }
   if (opts.conductor && config.conductor?.public) {
-    const { buildConductorCard } = await import("../card-4XH4AOTE.js");
-    const { AnyCardSchema: AnyCard } = await import("../types-FGBUZ3QV.js");
+    const { buildConductorCard } = await import("../card-RSGDCHCV.js");
     const conductorCard = buildConductorCard(config.owner);
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const existing = runtime.registryDb.prepare("SELECT id FROM capability_cards WHERE id = ?").get(conductorCard.id);
@@ -5583,10 +5852,10 @@ program.command("serve").description("Start the AgentBnB gateway server").option
     const relayUrl = opts.registry ?? config.registry;
     if (relayUrl && opts.relay !== false) {
       const { RelayClient } = await import("../websocket-client-6IIDGXKB.js");
-      const { executeCapabilityRequest: executeCapabilityRequest2 } = await import("../execute-EXOITLHN.js");
+      const { executeCapabilityRequest: executeCapabilityRequest2 } = await import("../execute-QH6F54D7.js");
       const cards = listCards(runtime.registryDb, config.owner);
       const card = cards[0] ?? {
-        id: config.owner,
+        id: randomUUID10(),
         owner: config.owner,
         name: config.owner,
         description: "Agent registered via CLI",
@@ -5594,12 +5863,12 @@ program.command("serve").description("Start the AgentBnB gateway server").option
         level: 1,
         inputs: [],
         outputs: [],
-        pricing: { credits_per_call: 0 },
+        pricing: { credits_per_call: 1 },
         availability: { online: true }
       };
       const additionalCards = [];
       if (config.conductor?.public) {
-        const { buildConductorCard } = await import("../card-4XH4AOTE.js");
+        const { buildConductorCard } = await import("../card-RSGDCHCV.js");
         const conductorCard = buildConductorCard(config.owner);
         additionalCards.push(conductorCard);
         console.log("Conductor card will be published to registry (conductor.public: true)");
@@ -5624,7 +5893,9 @@ program.command("serve").description("Start the AgentBnB gateway server").option
             escrowReceipt: req.escrow_receipt,
             skillExecutor: runtime.skillExecutor,
             handlerUrl: opts.handlerUrl,
-            onProgress
+            onProgress,
+            // Relay requests have credits managed by the Hub relay — skip local credit check.
+            relayAuthorized: true
           });
           if (result.success) {
             return { result: result.result };
@@ -5887,7 +6158,7 @@ openclaw.command("rules").description("Print HEARTBEAT.md rules block (or inject
   }
 });
 program.command("conduct <task>").description("Orchestrate a complex task across the AgentBnB network").option("--plan-only", "Show execution plan without executing").option("--max-budget <credits>", "Maximum credits to spend", "100").option("--json", "Output as JSON").action(async (task, opts) => {
-  const { conductAction } = await import("../conduct-FXLVGKD5.js");
+  const { conductAction } = await import("../conduct-GZQNFTRP.js");
   const result = await conductAction(task, opts);
   if (opts.json) {
     console.log(JSON.stringify(result, null, 2));
@@ -5921,7 +6192,7 @@ Total credits spent: ${result.total_credits ?? 0} cr`);
   }
 });
 program.command("mcp-server").description("Start an MCP (Model Context Protocol) server for IDE integration").action(async () => {
-  const { startMcpServer } = await import("../server-2LWHL24P.js");
+  const { startMcpServer } = await import("../server-B5E566CI.js");
   await startMcpServer();
 });
 await program.parseAsync(process.argv);