agentbnb 8.2.3 → 8.3.1

package/dist/skills/agentbnb/bootstrap.js

@@ -1,7 +1,3 @@
-import {
-  RelayClient,
-  RelayMessageSchema
-} from "../../chunk-3LWBH7P3.js";
 import {
   AutoRequestor,
   BudgetController,
@@ -16,21 +12,29 @@ import {
   listPendingRequests,
   matchSubTasks,
   orchestrate,
+  requestViaTemporaryRelay,
   resolvePendingRequest
-} from "../../chunk-DYQOFGGI.js";
+} from "../../chunk-RVBW2QXU.js";
 import {
+  generateKeyPair,
+  loadKeyPair,
   requestCapability,
-  requestViaRelay
-} from "../../chunk-CKOOVZOI.js";
+  requestViaRelay,
+  saveKeyPair,
+  signEscrowReceipt,
+  verifyEscrowReceipt
+} from "../../chunk-R4F4XII4.js";
+import {
+  RelayClient,
+  RelayMessageSchema
+} from "../../chunk-4NFJ3VYZ.js";
 import {
   loadPeers
 } from "../../chunk-HLUEOLSZ.js";
 import {
   executeCapabilityBatch,
-  executeCapabilityRequest,
-  releaseRequesterEscrow,
-  settleRequesterEscrow
-} from "../../chunk-EG6RS4JC.js";
+  executeCapabilityRequest
+} from "../../chunk-QFPXZITP.js";
 import {
   bootstrapAgent,
   buildReputationMap,
@@ -38,8 +42,27 @@ import {
   confirmEscrowDebit,
   fetchRemoteCards,
   filterCards,
-  getActivityFeed,
   getBalance,
+  getTransactions,
+  holdEscrow,
+  markEscrowAbandoned,
+  markEscrowProgressing,
+  markEscrowStarted,
+  mergeResults,
+  migrateOwner,
+  openCreditDb,
+  releaseEscrow,
+  searchCards,
+  settleEscrow
+} from "../../chunk-NQANA6WH.js";
+import "../../chunk-6QMDJVMS.js";
+import {
+  getConfigDir,
+  loadConfig
+} from "../../chunk-IVOYM3WG.js";
+import {
+  attachCanonicalAgentId,
+  getActivityFeed,
   getCard,
   getCardsBySkillCapability,
   getEvolutionHistory,
@@ -48,41 +71,23 @@ import {
   getLatestEvolution,
   getRequestLog,
   getSkillRequestCount,
-  getTransactions,
-  holdEscrow,
   insertCard,
   insertEvolution,
   insertFeedback,
   insertRequestLog,
   listCards,
-  lookupAgent,
-  mergeResults,
-  migrateOwner,
-  openCreditDb,
   openDatabase,
-  releaseEscrow,
-  searchCards,
-  settleEscrow,
   updateCard,
   updateSkillAvailability,
   updateSkillIdleRate
-} from "../../chunk-MCED4GDW.js";
-import "../../chunk-NWIQJ2CL.js";
+} from "../../chunk-ZU2TP7CN.js";
 import {
-  generateKeyPair,
-  loadKeyPair,
-  saveKeyPair,
-  signEscrowReceipt,
-  verifyEscrowReceipt
-} from "../../chunk-EJKW57ZV.js";
-import {
-  getConfigDir,
-  loadConfig
-} from "../../chunk-IVOYM3WG.js";
+  lookupAgent
+} from "../../chunk-EE3V3DXK.js";
 import {
   AgentBnBError,
   AnyCardSchema
-} from "../../chunk-WVY2W7AA.js";
+} from "../../chunk-I7KWA7OB.js";
 
 // skills/agentbnb/bootstrap.ts
 import { join as join7, basename as basename2, dirname as dirname3 } from "path";
@@ -265,6 +270,9 @@ function isPidFileContent(value) {
 import { readFileSync as readFileSync2, existsSync as existsSync2 } from "fs";
 
 // src/skills/executor.ts
+function buildTimeoutError(skillId, timeoutMs) {
+  return `Skill "${skillId}" timed out after ${timeoutMs}ms`;
+}
 var SkillExecutor = class {
   skillMap;
   modeMap;
@@ -323,7 +331,20 @@ var SkillExecutor = class {
       this.concurrencyGuard.acquire(skillId);
     }
     try {
-      const modeResult = await mode.execute(config, params, onProgress);
+      const configuredTimeoutMs = typeof config.timeout_ms === "number" ? config.timeout_ms : void 0;
+      const modeExecution = mode.execute(config, params, onProgress);
+      const modeResult = configuredTimeoutMs === void 0 ? await modeExecution : await new Promise((resolve2, reject) => {
+        const timeout = setTimeout(() => {
+          reject(new Error(buildTimeoutError(skillId, configuredTimeoutMs)));
+        }, configuredTimeoutMs);
+        modeExecution.then((value) => {
+          clearTimeout(timeout);
+          resolve2(value);
+        }).catch((err) => {
+          clearTimeout(timeout);
+          reject(err);
+        });
+      });
       return {
         ...modeResult,
         latency_ms: Date.now() - startTime
@@ -394,7 +415,8 @@ var CapabilityDeclarationSchema = {
   description: z.string().optional(),
   capability_types: z.array(z.string()).optional(),
   requires_capabilities: z.array(z.string()).optional(),
-  visibility: z.enum(["public", "private"]).optional()
+  visibility: z.enum(["public", "private"]).optional(),
+  expected_duration_ms: z.number().positive().optional()
 };
 var ApiSkillConfigSchema = z.object({
   id: z.string().min(1),
@@ -678,6 +700,15 @@ var ApiExecutor = class {
 import { execFile } from "child_process";
 import { promisify } from "util";
 var execFileAsync = promisify(execFile);
+function isTimedOutCommandError(err) {
+  if (!(err instanceof Error)) {
+    return false;
+  }
+  const timeoutCode = err.code;
+  const signal = err.signal;
+  const killed = err.killed;
+  return timeoutCode === "ETIMEDOUT" || err.message.includes("timed out") || killed === true && typeof signal === "string";
+}
 function shellEscape(value) {
   return "'" + value.replace(/'/g, "'\\''") + "'";
 }
@@ -729,6 +760,8 @@ var PipelineExecutor = class {
   async execute(config, params, onProgress) {
     const pipelineConfig = config;
     const steps = pipelineConfig.steps ?? [];
+    const pipelineTimeoutMs = pipelineConfig.timeout_ms;
+    const deadline = typeof pipelineTimeoutMs === "number" ? Date.now() + pipelineTimeoutMs : void 0;
     if (steps.length === 0) {
       return { success: true, result: null };
     }
@@ -750,11 +783,41 @@ var PipelineExecutor = class {
         context
       );
       let stepResult;
+      const runWithRemainingDeadline = async (operation) => {
+        if (deadline === void 0) {
+          return operation();
+        }
+        const remainingMs = deadline - Date.now();
+        if (remainingMs <= 0) {
+          throw new Error(`pipeline timed out after ${pipelineTimeoutMs}ms`);
+        }
+        return new Promise((resolve2, reject) => {
+          const timeout = setTimeout(() => {
+            reject(new Error(`pipeline timed out after ${pipelineTimeoutMs}ms`));
+          }, remainingMs);
+          operation().then((value) => {
+            clearTimeout(timeout);
+            resolve2(value);
+          }).catch((err) => {
+            clearTimeout(timeout);
+            reject(err);
+          });
+        });
+      };
       if ("skill_id" in step && step.skill_id) {
-        const subResult = await this.skillExecutor.execute(
-          step.skill_id,
-          resolvedInputs
-        );
+        let subResult;
+        try {
+          subResult = await runWithRemainingDeadline(() => this.skillExecutor.execute(
+            step.skill_id,
+            resolvedInputs
+          ));
+        } catch (err) {
+          const message = err instanceof Error ? err.message : String(err);
+          return {
+            success: false,
+            error: `Step ${i} failed: ${message}`
+          };
+        }
         if (!subResult.success) {
           return {
             success: false,
@@ -768,10 +831,16 @@ var PipelineExecutor = class {
           context
         );
         try {
-          const { stdout } = await execFileAsync("/bin/sh", ["-c", interpolatedCommand], { timeout: 3e4 });
+          const remainingMs = deadline === void 0 ? void 0 : deadline - Date.now();
+          if (remainingMs !== void 0 && remainingMs <= 0) {
+            throw new Error(`pipeline timed out after ${pipelineTimeoutMs}ms`);
+          }
+          const { stdout } = await execFileAsync("/bin/sh", ["-c", interpolatedCommand], {
+            timeout: remainingMs !== void 0 ? remainingMs : 3e4
+          });
           stepResult = stdout.trim();
         } catch (err) {
-          const message = err instanceof Error ? err.message : String(err);
+          const message = pipelineTimeoutMs !== void 0 && isTimedOutCommandError(err) ? `pipeline timed out after ${pipelineTimeoutMs}ms` : err instanceof Error ? err.message : String(err);
           return {
             success: false,
             error: `Step ${i} failed: ${message}`
@@ -858,17 +927,43 @@ function executeProcess(config, payload) {
       error: `Invalid agent name: "${config.agent_name}" (only alphanumeric, hyphens, underscores, dots allowed)`
     };
   }
-  const inputJson = JSON.stringify(payload);
+  const skillId = config.id;
+  const message = `[AgentBnB Rental Request]
+You are executing the "${skillId}" skill for an AgentBnB network rental.
+Read your skills/${skillId}/SKILL.md for detailed instructions.
+
+Input parameters:
+${JSON.stringify(payload.params ?? {}, null, 2)}
+
+IMPORTANT: Return ONLY a JSON object as your response.
+Do NOT include explanations, markdown formatting, or code blocks.
+The JSON should contain the output fields specified in your SKILL.md.
+If you cannot complete the task, return: {"error": "reason"}`;
   try {
-    const stdout = execFileSync("openclaw", ["run", config.agent_name, "--input", inputJson], {
+    const stdout = execFileSync("openclaw", [
+      "agent",
+      "--agent",
+      config.agent_name,
+      "--message",
+      message,
+      "--json",
+      "--local"
+    ], {
       timeout: timeoutMs
     });
     const text = stdout.toString().trim();
-    const result = JSON.parse(text);
-    return { success: true, result };
+    try {
+      const parsed = JSON.parse(text);
+      return { success: true, result: parsed };
+    } catch {
+      return {
+        success: false,
+        error: `OpenClaw process channel returned invalid JSON: ${text}`
+      };
+    }
   } catch (err) {
-    const message = err instanceof Error ? err.message : String(err);
-    return { success: false, error: message };
+    const message2 = err instanceof Error ? err.message : String(err);
+    return { success: false, error: message2 };
   }
 }
 async function executeTelegram(config, payload) {
@@ -1277,23 +1372,27 @@ var AgentRuntime = class {
     }
     const modes = /* @__PURE__ */ new Map();
     if (this.conductorEnabled) {
-      const { ConductorMode } = await import("../../conductor-mode-WKB42PYM.js");
-      const { registerConductorCard, CONDUCTOR_OWNER } = await import("../../card-EX2EYGCZ.js");
+      const { ConductorMode } = await import("../../conductor-mode-OPGQJFLA.js");
+      const { registerConductorCard, CONDUCTOR_OWNER } = await import("../../card-BN643ZOY.js");
       const { loadPeers: loadPeers2 } = await import("../../peers-CJ7T4RJO.js");
       registerConductorCard(this.registryDb);
       const resolveAgentUrl = (owner) => {
         const peers = loadPeers2();
-        const peer = peers.find((p) => p.name.toLowerCase() === owner.toLowerCase());
+        const matchingCards = listCards(this.registryDb, owner);
+        const candidateNames = /* @__PURE__ */ new Set([owner.toLowerCase()]);
+        for (const card of matchingCards) {
+          candidateNames.add(card.owner.toLowerCase());
+          if (typeof card.agent_id === "string" && card.agent_id.length > 0) {
+            candidateNames.add(card.agent_id.toLowerCase());
+          }
+        }
+        const peer = peers.find((p) => candidateNames.has(p.name.toLowerCase()));
         if (!peer) {
           throw new Error(
             `No peer found for agent owner "${owner}". Add with: agentbnb connect ${owner} <url> <token>`
           );
         }
-        const stmt = this.registryDb.prepare(
-          "SELECT id FROM capability_cards WHERE owner = ? LIMIT 1"
-        );
-        const row = stmt.get(owner);
-        const cardId = row?.id ?? owner;
+        const cardId = matchingCards[0]?.id ?? owner;
         return { url: peer.url, cardId };
       };
       const conductorMode = new ConductorMode({
@@ -1335,7 +1434,8 @@ var AgentRuntime = class {
   }
   /**
    * Recovers orphaned escrows by releasing them.
-   * Orphaned escrows are 'held' escrows older than the configured age threshold.
+   * Orphaned escrows are stale 'held' or 'abandoned' escrows older than the
+   * configured age threshold. In-flight started/progressing escrows are not touched.
    * Errors during individual release are swallowed (escrow may have settled between query and release).
    */
   async recoverOrphanedEscrows() {
@@ -1343,7 +1443,7 @@ var AgentRuntime = class {
       Date.now() - this.orphanedEscrowAgeMinutes * 60 * 1e3
     ).toISOString();
     const orphaned = this.creditDb.prepare(
-      "SELECT id FROM credit_escrow WHERE status = 'held' AND created_at < ?"
+      "SELECT id FROM credit_escrow WHERE status IN ('held', 'abandoned') AND created_at < ?"
     ).all(cutoff);
     for (const row of orphaned) {
       try {
@@ -1942,10 +2042,11 @@ async function verifyIdentity(request, reply, options) {
     return false;
   }
   const claimedRequester = extractClaimedRequester(request);
-  if (claimedRequester) {
+  if (claimedRequester && knownAgent !== null) {
     const matchesAgentId = claimedRequester === agentId;
-    const matchesLegacyOwner = knownAgent?.legacy_owner === claimedRequester;
-    if (!matchesAgentId && !matchesLegacyOwner) {
+    const matchesDisplayName = knownAgent.display_name === claimedRequester;
+    const matchesLegacyOwner = knownAgent.legacy_owner === claimedRequester;
+    if (!matchesAgentId && !matchesDisplayName && !matchesLegacyOwner) {
       await reply.code(401).send({ error: "Identity does not match requester" });
       return false;
     }
@@ -2439,14 +2540,16 @@ function processEscrowSettle(creditDb, escrowId, success, providerAgentId, signa
       throw new Error("Invalid consumer signature on escrow settle");
     }
   }
-  const escrowRow = creditDb.prepare("SELECT amount, owner FROM credit_escrow WHERE id = ? AND status = ?").get(escrowId, "held");
+  const escrowRow = creditDb.prepare(
+    "SELECT amount, owner FROM credit_escrow WHERE id = ? AND status IN ('held', 'started', 'progressing', 'abandoned')"
+  ).get(escrowId);
   if (!escrowRow) {
     throw new Error(`Escrow not found or already settled: ${escrowId}`);
   }
-  const NETWORK_FEE_RATE = 0.05;
+  const NETWORK_FEE_RATE2 = 0.05;
   if (success) {
     settleEscrow(creditDb, escrowId, providerAgentId);
-    const networkFee = Math.floor(escrowRow.amount * NETWORK_FEE_RATE);
+    const networkFee = Math.floor(escrowRow.amount * NETWORK_FEE_RATE2);
     const providerAmount = escrowRow.amount - networkFee;
     return {
       escrow_id: escrowId,
@@ -2770,7 +2873,16 @@ function handleJobRelayResponse(opts) {
 // src/relay/websocket-relay.ts
 var RATE_LIMIT_MAX = 60;
 var RATE_LIMIT_WINDOW_MS = 6e4;
-var RELAY_TIMEOUT_MS = 3e5;
+var RELAY_IDLE_TIMEOUT_MS = 3e4;
+var RELAY_HARD_TIMEOUT_MS = 3e5;
+var RELAY_DISCONNECT_GRACE_MS = RELAY_HARD_TIMEOUT_MS + 3e4;
+function readTimeoutOverride(envKey, fallbackMs) {
+  const raw = process.env[envKey];
+  if (!raw) return fallbackMs;
+  const parsed = Number(raw);
+  if (!Number.isFinite(parsed) || parsed <= 0) return fallbackMs;
+  return Math.floor(parsed);
+}
 function registerWebSocketRelay(server, db, creditDb) {
   const connections = /* @__PURE__ */ new Map();
   const agentIdToOwner = /* @__PURE__ */ new Map();
@@ -2784,6 +2896,136 @@ function registerWebSocketRelay(server, db, creditDb) {
     if (connections.has(target)) return target;
     return void 0;
   }
+  function clearPendingTimers(pending) {
+    clearTimeout(pending.timeout);
+    if (pending.idleTimeout) clearTimeout(pending.idleTimeout);
+    if (pending.hardTimeout) clearTimeout(pending.hardTimeout);
+    if (pending.graceTimeout) clearTimeout(pending.graceTimeout);
+  }
+  function setPendingTimer(pending, timerType, timer) {
+    const existing = pending[timerType];
+    if (existing) clearTimeout(existing);
+    pending[timerType] = timer;
+    pending.timeout = timer;
+  }
+  function scheduleIdleTimeout(requestId, pending) {
+    const timeoutMs = readTimeoutOverride("AGENTBNB_RELAY_IDLE_TIMEOUT_MS", RELAY_IDLE_TIMEOUT_MS);
+    const timer = setTimeout(() => {
+      const current = pendingRequests.get(requestId);
+      if (!current || (current.lifecycle ?? "held") !== "held") return;
+      pendingRequests.delete(requestId);
+      clearPendingTimers(current);
+      if (current.escrowId && creditDb) {
+        try {
+          releaseForRelay(creditDb, current.escrowId);
+        } catch (e) {
+          console.error("[relay] escrow release on idle timeout failed:", e);
+        }
+      }
+      const originWs = connections.get(current.originOwner);
+      if (originWs && originWs.readyState === 1) {
+        sendMessage(originWs, {
+          type: "response",
+          id: requestId,
+          error: { code: -32603, message: "Relay request timeout" }
+        });
+      }
+    }, timeoutMs);
+    setPendingTimer(pending, "idleTimeout", timer);
+  }
+  function scheduleHardTimeout(requestId, pending) {
+    const timeoutMs = readTimeoutOverride("AGENTBNB_RELAY_HARD_TIMEOUT_MS", RELAY_HARD_TIMEOUT_MS);
+    const timer = setTimeout(() => {
+      const current = pendingRequests.get(requestId);
+      if (!current || current.lifecycle === "abandoned") return;
+      pendingRequests.delete(requestId);
+      clearPendingTimers(current);
+      if (current.escrowId && creditDb) {
+        try {
+          releaseForRelay(creditDb, current.escrowId);
+        } catch (e) {
+          console.error("[relay] escrow release on hard timeout failed:", e);
+        }
+      }
+      const originWs = connections.get(current.originOwner);
+      if (originWs && originWs.readyState === 1) {
+        sendMessage(originWs, {
+          type: "response",
+          id: requestId,
+          error: { code: -32603, message: "Relay request timeout" }
+        });
+      }
+    }, timeoutMs);
+    setPendingTimer(pending, "hardTimeout", timer);
+  }
+  function scheduleGraceTimeout(requestId, pending) {
+    const timeoutMs = readTimeoutOverride(
+      "AGENTBNB_RELAY_DISCONNECT_GRACE_MS",
+      RELAY_DISCONNECT_GRACE_MS
+    );
+    const timer = setTimeout(() => {
+      const current = pendingRequests.get(requestId);
+      if (!current || current.lifecycle !== "abandoned") return;
+      pendingRequests.delete(requestId);
+      clearPendingTimers(current);
+      if (current.escrowId && creditDb) {
+        try {
+          releaseForRelay(creditDb, current.escrowId);
+        } catch (e) {
+          console.error("[relay] escrow release after grace timeout failed:", e);
+        }
+      }
+    }, timeoutMs);
+    setPendingTimer(pending, "graceTimeout", timer);
+  }
+  function transitionPendingToStarted(requestId, pending) {
+    if (pending.lifecycle === "started" || pending.lifecycle === "progressing" || pending.lifecycle === "abandoned") {
+      return;
+    }
+    pending.lifecycle = "started";
+    pending.startedAt = Date.now();
+    if (pending.idleTimeout) clearTimeout(pending.idleTimeout);
+    if (pending.graceTimeout) clearTimeout(pending.graceTimeout);
+    if (pending.escrowId && creditDb) {
+      try {
+        markEscrowStarted(creditDb, pending.escrowId);
+      } catch (e) {
+        console.error("[relay] escrow transition to started failed:", e);
+      }
+    }
+    scheduleHardTimeout(requestId, pending);
+  }
+  function transitionPendingToProgressing(requestId, pending) {
+    if (pending.lifecycle === "abandoned") {
+      return;
+    }
+    if ((pending.lifecycle ?? "held") === "held") {
+      transitionPendingToStarted(requestId, pending);
+    }
+    pending.lifecycle = "progressing";
+    if (pending.escrowId && creditDb) {
+      try {
+        markEscrowProgressing(creditDb, pending.escrowId);
+      } catch (e) {
+        console.error("[relay] escrow transition to progressing failed:", e);
+      }
+    }
+  }
+  function transitionPendingToAbandoned(requestId, pending) {
+    if (pending.lifecycle === "abandoned") return;
+    pending.lifecycle = "abandoned";
+    pending.abandonedAt = Date.now();
+    if (pending.idleTimeout) clearTimeout(pending.idleTimeout);
+    if (pending.hardTimeout) clearTimeout(pending.hardTimeout);
+    if (pending.escrowId && creditDb) {
+      try {
+        markEscrowAbandoned(creditDb, pending.escrowId);
+      } catch (e) {
+        console.error("[relay] escrow transition to abandoned failed:", e);
+      }
+    }
+    scheduleGraceTimeout(requestId, pending);
+  }
   function checkRateLimit(owner) {
     const now = Date.now();
     const entry = rateLimits.get(owner);
@@ -2833,15 +3075,20 @@ function registerWebSocketRelay(server, db, creditDb) {
     } catch {
     }
   }
-  function upsertCard(cardData, owner) {
-    const parsed = AnyCardSchema.safeParse(cardData);
+  function upsertCard(cardData, owner, agentId) {
+    const parsed = AnyCardSchema.safeParse(
+      agentId ? { ...cardData, agent_id: agentId } : cardData
+    );
     if (!parsed.success) {
       throw new AgentBnBError(
         `Card validation failed: ${parsed.error.message}`,
         "VALIDATION_ERROR"
       );
     }
-    const card = { ...parsed.data, availability: { ...parsed.data.availability, online: true } };
+    const card = attachCanonicalAgentId(db, {
+      ...parsed.data,
+      availability: { ...parsed.data.availability, online: true }
+    });
     const cardId = card.id;
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const existing = db.prepare("SELECT id FROM capability_cards WHERE id = ?").get(cardId);
@@ -2895,7 +3142,7 @@ function registerWebSocketRelay(server, db, creditDb) {
         agentIdToOwner.set(agentEntry.agent_id, owner);
         for (const agentCard of agentEntry.cards) {
           try {
-            upsertCard(agentCard, owner);
+            upsertCard(agentCard, owner, agentEntry.agent_id);
           } catch {
           }
         }
@@ -2909,7 +3156,7 @@ function registerWebSocketRelay(server, db, creditDb) {
     }
     let cardId;
     try {
-      cardId = upsertCard(card, owner);
+      cardId = upsertCard(card, owner, msg.agent_id);
     } catch (err) {
       console.error(`[relay] card validation failed for ${owner}:`, err instanceof Error ? err.message : err);
       cardId = card.id ?? owner;
@@ -2919,7 +3166,7 @@ function registerWebSocketRelay(server, db, creditDb) {
     if (msg.cards && msg.cards.length > 0) {
       for (const extraCard of msg.cards) {
         try {
-          upsertCard(extraCard, owner);
+          upsertCard(extraCard, owner, msg.agent_id);
         } catch {
         }
       }
@@ -2974,23 +3221,17 @@ function registerWebSocketRelay(server, db, creditDb) {
         console.error("[relay] credit hold error (non-fatal):", err);
       }
     }
-    const timeout = setTimeout(() => {
-      const pending = pendingRequests.get(msg.id);
-      pendingRequests.delete(msg.id);
-      if (pending?.escrowId && creditDb) {
-        try {
-          releaseForRelay(creditDb, pending.escrowId);
-        } catch (e) {
-          console.error("[relay] escrow release on timeout failed:", e);
-        }
-      }
-      sendMessage(ws, {
-        type: "response",
-        id: msg.id,
-        error: { code: -32603, message: "Relay request timeout" }
-      });
-    }, RELAY_TIMEOUT_MS);
-    pendingRequests.set(msg.id, { originOwner: fromOwner, creditOwner, timeout, escrowId, targetOwner: msg.target_owner });
+    const pending = {
+      originOwner: fromOwner,
+      creditOwner,
+      timeout: setTimeout(() => void 0, 1),
+      escrowId,
+      targetOwner: targetKey ?? msg.target_owner,
+      lifecycle: "held",
+      createdAt: Date.now()
+    };
+    pendingRequests.set(msg.id, pending);
+    scheduleIdleTimeout(msg.id, pending);
     sendMessage(targetWs, {
       type: "incoming_request",
       id: msg.id,
@@ -3002,30 +3243,23 @@ function registerWebSocketRelay(server, db, creditDb) {
       escrow_receipt: msg.escrow_receipt
     });
   }
+  function handleRelayStarted(msg) {
+    const pending = pendingRequests.get(msg.id);
+    if (!pending) return;
+    transitionPendingToStarted(msg.id, pending);
+    const originWs = connections.get(pending.originOwner);
+    if (originWs && originWs.readyState === 1) {
+      sendMessage(originWs, {
+        type: "relay_started",
+        id: msg.id,
+        message: msg.message
+      });
+    }
+  }
   function handleRelayProgress(msg) {
     const pending = pendingRequests.get(msg.id);
     if (!pending) return;
-    clearTimeout(pending.timeout);
-    const newTimeout = setTimeout(() => {
-      const p = pendingRequests.get(msg.id);
-      pendingRequests.delete(msg.id);
-      if (p?.escrowId && creditDb) {
-        try {
-          releaseForRelay(creditDb, p.escrowId);
-        } catch (e) {
-          console.error("[relay] escrow release on progress timeout failed:", e);
-        }
-      }
-      const originWs2 = connections.get(pending.originOwner);
-      if (originWs2 && originWs2.readyState === 1) {
-        sendMessage(originWs2, {
-          type: "response",
-          id: msg.id,
-          error: { code: -32603, message: "Relay request timeout" }
-        });
-      }
-    }, RELAY_TIMEOUT_MS);
-    pending.timeout = newTimeout;
+    transitionPendingToProgressing(msg.id, pending);
     const originWs = connections.get(pending.originOwner);
     if (originWs && originWs.readyState === 1) {
       sendMessage(originWs, {
@@ -3039,7 +3273,7 @@ function registerWebSocketRelay(server, db, creditDb) {
   function handleRelayResponse(msg) {
     const pending = pendingRequests.get(msg.id);
     if (!pending) return;
-    clearTimeout(pending.timeout);
+    clearPendingTimers(pending);
     pendingRequests.delete(msg.id);
     if (pending.jobId && creditDb) {
       try {
@@ -3102,16 +3336,15 @@ function registerWebSocketRelay(server, db, creditDb) {
     connections.delete(owner);
     rateLimits.delete(owner);
     agentCapacities.delete(owner);
-    for (const [agentId, o] of agentIdToOwner) {
-      if (o === owner) {
+    for (const [agentId, mappedOwner] of Array.from(agentIdToOwner.entries())) {
+      if (mappedOwner === owner) {
         agentIdToOwner.delete(agentId);
-        break;
       }
     }
     markOwnerOffline(owner);
     for (const [reqId, pending] of pendingRequests) {
       if (pending.targetOwner === owner) {
-        clearTimeout(pending.timeout);
+        clearPendingTimers(pending);
         pendingRequests.delete(reqId);
         if (pending.escrowId && creditDb) {
           try {
@@ -3129,14 +3362,19 @@ function registerWebSocketRelay(server, db, creditDb) {
           });
         }
       } else if (pending.originOwner === owner) {
-        clearTimeout(pending.timeout);
-        pendingRequests.delete(reqId);
-        if (pending.escrowId && creditDb) {
-          try {
-            releaseForRelay(creditDb, pending.escrowId);
-          } catch (e) {
-            console.error("[relay] escrow release on requester disconnect failed:", e);
+        const lifecycle = pending.lifecycle ?? "held";
+        if (lifecycle === "held") {
+          clearPendingTimers(pending);
+          pendingRequests.delete(reqId);
+          if (pending.escrowId && creditDb) {
+            try {
+              releaseForRelay(creditDb, pending.escrowId);
+            } catch (e) {
+              console.error("[relay] escrow release on requester disconnect failed:", e);
+            }
           }
+        } else {
+          transitionPendingToAbandoned(reqId, pending);
         }
       }
     }
@@ -3179,7 +3417,9 @@ function registerWebSocketRelay(server, db, creditDb) {
       return;
     }
     try {
-      const escrow = creditDb.prepare("SELECT card_id FROM credit_escrow WHERE id = ? AND status = ?").get(msg.escrow_id, "held");
+      const escrow = creditDb.prepare(
+        "SELECT card_id FROM credit_escrow WHERE id = ? AND status IN ('held', 'started', 'progressing', 'abandoned')"
+      ).get(msg.escrow_id);
       if (!escrow) {
         sendMessage(ws, { type: "error", code: "escrow_not_found", message: `Escrow not found: ${msg.escrow_id}`, request_id: msg.request_id });
         return;
@@ -3276,6 +3516,9 @@ function registerWebSocketRelay(server, db, creditDb) {
             case "relay_response":
               handleRelayResponse(msg);
               break;
+            case "relay_started":
+              handleRelayStarted(msg);
+              break;
             case "relay_progress":
               handleRelayProgress(msg);
               break;
@@ -3322,7 +3565,7 @@ function registerWebSocketRelay(server, db, creditDb) {
       }
       connections.clear();
       for (const [, pending] of pendingRequests) {
-        clearTimeout(pending.timeout);
+        clearPendingTimers(pending);
       }
       pendingRequests.clear();
       rateLimits.clear();
@@ -4621,6 +4864,9 @@ function stripInternal(card) {
   const { _internal: _, ...publicCard } = card;
   return publicCard;
 }
+function buildSqlPlaceholders(count) {
+  return Array.from({ length: count }, () => "?").join(", ");
+}
 function createRegistryServer(opts) {
   const { registryDb: db, silent = false } = opts;
   const server = Fastify2({ logger: !silent });
@@ -5030,11 +5276,11 @@ function createRegistryServer(opts) {
       const card = result.data;
       const now = (/* @__PURE__ */ new Date()).toISOString();
       if (card.spec_version === "2.0") {
-        const cardWithTimestamps = {
+        const cardWithTimestamps = attachCanonicalAgentId(db, {
           ...card,
           created_at: card.created_at ?? now,
           updated_at: now
-        };
+        });
         db.prepare(
           `INSERT OR REPLACE INTO capability_cards (id, owner, data, created_at, updated_at)
          VALUES (?, ?, ?, ?, ?)`
@@ -5155,19 +5401,16 @@ function createRegistryServer(opts) {
       if (ownerCards.length === 0) {
         return reply.status(404).send({ error: "Agent not found" });
       }
-      const memberStmt = db.prepare(
-        "SELECT MIN(created_at) as earliest, MAX(created_at) as latest FROM capability_cards WHERE owner = ?"
+      const resolvedOwner = ownerCards[0]?.owner ?? owner;
+      const ownerCardIds = ownerCards.map((card) => card.id);
+      const cardIdPlaceholders = buildSqlPlaceholders(ownerCardIds.length);
+      const joinedAt = ownerCards.map((card) => card.created_at).filter((value) => typeof value === "string" && value.length > 0).sort((left, right) => left.localeCompare(right))[0] ?? (/* @__PURE__ */ new Date()).toISOString();
+      const latestCardUpdate = ownerCards.map((card) => card.updated_at ?? card.created_at).filter((value) => typeof value === "string" && value.length > 0).sort((left, right) => right.localeCompare(left))[0] ?? joinedAt;
+      const lastActiveStmt = db.prepare(
+        `SELECT MAX(created_at) as last_req FROM request_log WHERE card_id IN (${cardIdPlaceholders})`
       );
-      const memberRow = memberStmt.get(owner);
-      const joinedAt = memberRow?.earliest ?? (/* @__PURE__ */ new Date()).toISOString();
-      const lastActiveStmt = db.prepare(`
-      SELECT MAX(rl.created_at) as last_req
-      FROM request_log rl
-      INNER JOIN capability_cards cc ON rl.card_id = cc.id
-      WHERE cc.owner = ?
-    `);
-      const lastActiveRow = lastActiveStmt.get(owner);
-      const lastActive = lastActiveRow?.last_req ?? memberRow?.latest ?? joinedAt;
+      const lastActiveRow = lastActiveStmt.get(...ownerCardIds);
+      const lastActive = lastActiveRow?.last_req ?? latestCardUpdate ?? joinedAt;
       const metricsStmt = db.prepare(`
       SELECT
         SUM(CASE WHEN rl.failure_reason IS NULL OR rl.failure_reason IN ('bad_execution','auth_error')
@@ -5177,10 +5420,9 @@ function createRegistryServer(opts) {
         COUNT(DISTINCT rl.requester) as unique_requesters,
         COUNT(DISTINCT CASE WHEN rl.status = 'success' THEN rl.requester END) as repeat_success_requesters
       FROM request_log rl
-      INNER JOIN capability_cards cc ON rl.card_id = cc.id
-      WHERE cc.owner = ? AND rl.action_type IS NULL
+      WHERE rl.card_id IN (${cardIdPlaceholders}) AND rl.action_type IS NULL
     `);
-      const metricsRow = metricsStmt.get(owner);
+      const metricsRow = metricsStmt.get(...ownerCardIds);
       const totalExec = metricsRow?.total ?? 0;
       const successExec = metricsRow?.successes ?? 0;
       const successRate = totalExec > 0 ? successExec / totalExec : 0;
@@ -5194,25 +5436,23 @@ function createRegistryServer(opts) {
         COUNT(*) as count,
         SUM(CASE WHEN rl.status = 'success' THEN 1 ELSE 0 END) as success
       FROM request_log rl
-      INNER JOIN capability_cards cc ON rl.card_id = cc.id
-      WHERE cc.owner = ? AND rl.action_type IS NULL
+      WHERE rl.card_id IN (${cardIdPlaceholders}) AND rl.action_type IS NULL
         AND rl.created_at >= DATE('now', '-7 days')
       GROUP BY DATE(rl.created_at)
       ORDER BY day ASC
     `);
-      const trend_7d = trendStmt.all(owner).map((r) => ({ date: r.day, count: r.count, success: r.success }));
+      const trend_7d = trendStmt.all(...ownerCardIds).map((r) => ({ date: r.day, count: r.count, success: r.success }));
       let performanceTier = 0;
       if (totalExec > 10) performanceTier = 1;
       if (totalExec > 50 && successRate >= 0.85) performanceTier = 2;
       const proofsStmt = db.prepare(`
       SELECT rl.card_name, rl.status, rl.latency_ms, rl.id, rl.created_at
       FROM request_log rl
-      INNER JOIN capability_cards cc ON rl.card_id = cc.id
-      WHERE cc.owner = ? AND rl.action_type IS NULL
+      WHERE rl.card_id IN (${cardIdPlaceholders}) AND rl.action_type IS NULL
       ORDER BY rl.created_at DESC
       LIMIT 10
     `);
-      const proofRows = proofsStmt.all(owner);
+      const proofRows = proofsStmt.all(...ownerCardIds);
       const statusToOutcomeClass = (s) => {
         if (s === "success") return "completed";
         if (s === "timeout") return "cancelled";
@@ -5238,22 +5478,20 @@ function createRegistryServer(opts) {
       const activityStmt = db.prepare(`
       SELECT rl.id, rl.card_name, rl.requester, rl.status, rl.credits_charged, rl.created_at
       FROM request_log rl
-      INNER JOIN capability_cards cc ON rl.card_id = cc.id
-      WHERE cc.owner = ?
+      WHERE rl.card_id IN (${cardIdPlaceholders})
       ORDER BY rl.created_at DESC
       LIMIT 10
     `);
-      const recentActivity = activityStmt.all(owner);
+      const recentActivity = activityStmt.all(...ownerCardIds);
       const skillCount = ownerCards.reduce((sum, card) => sum + (card.skills?.length ?? 1), 0);
       const creditsStmt = db.prepare(`
-      SELECT SUM(CASE WHEN rl.status = 'success' THEN rl.credits_charged ELSE 0 END) as credits_earned
-      FROM capability_cards cc
-      LEFT JOIN request_log rl ON rl.card_id = cc.id
-      WHERE cc.owner = ?
+      SELECT COALESCE(SUM(CASE WHEN rl.status = 'success' THEN rl.credits_charged ELSE 0 END), 0) as credits_earned
+      FROM request_log rl
+      WHERE rl.card_id IN (${cardIdPlaceholders})
     `);
-      const creditsRow = creditsStmt.get(owner);
+      const creditsRow = creditsStmt.get(...ownerCardIds);
       const response = {
-        owner,
+        owner: resolvedOwner,
         agent_name: v2Card?.agent_name,
         short_description: v2Card?.short_description,
         joined_at: joinedAt,
@@ -5285,7 +5523,7 @@ function createRegistryServer(opts) {
       return reply.send({
         ...response,
         profile: {
-          owner,
+          owner: resolvedOwner,
           skill_count: skillCount,
           success_rate: successRate > 0 ? successRate : null,
           total_earned: creditsRow?.credits_earned ?? 0,
@@ -5557,7 +5795,7 @@ function createRegistryServer(opts) {
               return { card_id: target.cardId, skill_id: target.skillId };
             }
             if (!relayClient) {
-              const { RelayClient: RelayClient2 } = await import("../../websocket-client-4Z5P54RU.js");
+              const { RelayClient: RelayClient2 } = await import("../../websocket-client-SNDF3B6N.js");
               relayClient = new RelayClient2({
                 registryUrl: relayRegistryUrl,
                 owner: relayRequesterOwner,
@@ -5579,7 +5817,7 @@ function createRegistryServer(opts) {
               });
               await relayClient.connect();
             }
-            const { requestViaRelay: requestViaRelay2 } = await import("../../client-XOLP5IUZ.js");
+            const { requestViaRelay: requestViaRelay2 } = await import("../../client-OKJJ3UP2.js");
             return requestViaRelay2(relayClient, {
               targetOwner: target.owner,
               cardId: target.cardId,
@@ -5835,7 +6073,7 @@ function createRegistryServer(opts) {
       if (!opts.creditDb) {
         return reply.code(404).send({ error: "Credit system not enabled" });
       }
-      const { getReliabilityMetrics } = await import("../../reliability-metrics-QG7WC5QK.js");
+      const { getReliabilityMetrics } = await import("../../reliability-metrics-G7LPUYJD.js");
       const metrics = getReliabilityMetrics(opts.creditDb, owner);
       if (!metrics) {
         return reply.code(404).send({ error: "No reliability data for this provider" });
@@ -5853,38 +6091,37 @@ function createRegistryServer(opts) {
       }
     }, async (request, reply) => {
       const { owner } = request.params;
-      const rows = db.prepare(
-        "SELECT id, data FROM capability_cards WHERE owner = ?"
-      ).all(owner);
+      const cards = listCards(db, owner);
       const agents = [];
-      for (const row of rows) {
+      for (const card of cards) {
         try {
-          const card = JSON.parse(row.data);
+          const rawCard = card;
+          const providerIdentity = typeof card.agent_id === "string" && card.agent_id.length > 0 ? card.agent_id : card.owner;
           let earnings = 0;
           let spend = 0;
           if (opts.creditDb) {
             const earningRow = opts.creditDb.prepare(
               "SELECT COALESCE(SUM(amount), 0) as total FROM credit_transactions WHERE owner = ? AND reason = 'settlement' AND amount > 0"
-            ).get(owner);
+            ).get(providerIdentity);
             earnings = earningRow.total;
             const spendRow = opts.creditDb.prepare(
               "SELECT COALESCE(SUM(ABS(amount)), 0) as total FROM credit_transactions WHERE owner = ? AND reason = 'escrow_hold'"
-            ).get(owner);
+            ).get(providerIdentity);
             spend = spendRow.total;
           }
           const successCount = db.prepare(
             "SELECT COUNT(*) as cnt FROM request_log WHERE card_id = ? AND status = 'success' AND (action_type IS NULL OR action_type = 'auto_share')"
-          ).get(row.id).cnt;
+          ).get(card.id).cnt;
           const failureCount = db.prepare(
             "SELECT COUNT(*) as cnt FROM request_log WHERE card_id = ? AND status IN ('failure', 'timeout', 'refunded') AND (action_type IS NULL OR action_type = 'auto_share')"
-          ).get(row.id).cnt;
+          ).get(card.id).cnt;
           const totalExec = successCount + failureCount;
           const successRate = totalExec > 0 ? successCount / totalExec : 0;
           let failureBreakdown = {};
           try {
             const failureRows = db.prepare(
               "SELECT failure_reason, COUNT(*) as cnt FROM request_log WHERE card_id = ? AND status IN ('failure', 'timeout', 'refunded') AND failure_reason IS NOT NULL GROUP BY failure_reason"
-            ).all(row.id);
+            ).all(card.id);
             for (const fr of failureRows) {
               failureBreakdown[fr.failure_reason] = fr.cnt;
             }
@@ -5892,12 +6129,12 @@ function createRegistryServer(opts) {
           }
           let reliability = null;
           if (opts.creditDb) {
-            const { getReliabilityMetrics } = await import("../../reliability-metrics-QG7WC5QK.js");
-            reliability = getReliabilityMetrics(opts.creditDb, owner);
+            const { getReliabilityMetrics } = await import("../../reliability-metrics-G7LPUYJD.js");
+            reliability = getReliabilityMetrics(opts.creditDb, providerIdentity);
           }
           agents.push({
-            id: row.id,
-            name: card.name ?? card.agent_name ?? owner,
+            id: card.id,
+            name: (typeof rawCard["name"] === "string" ? rawCard["name"] : void 0) ?? (typeof rawCard["agent_name"] === "string" ? rawCard["agent_name"] : void 0) ?? card.owner,
             online: card.availability?.online ?? false,
             current_load: 0,
             // Will be populated from relay heartbeat data in future
@@ -6175,6 +6412,32 @@ import { spawn as spawn2 } from "child_process";
 import { existsSync as existsSync6, readFileSync as readFileSync4 } from "fs";
 import { join as join5 } from "path";
 import { randomUUID as randomUUID8 } from "crypto";
+function buildFallbackRelayCard(owner) {
+  return {
+    id: randomUUID8(),
+    owner,
+    name: owner,
+    description: "Agent registered via CLI",
+    spec_version: "1.0",
+    level: 1,
+    inputs: [],
+    outputs: [],
+    pricing: { credits_per_call: 1 },
+    availability: { online: true }
+  };
+}
+function buildRelayRegistrationCards(owner, localCards) {
+  if (localCards.length === 0) {
+    return {
+      primaryCard: buildFallbackRelayCard(owner),
+      additionalCards: []
+    };
+  }
+  return {
+    primaryCard: localCards[0],
+    additionalCards: localCards.slice(1)
+  };
+}
 var ServiceCoordinator = class {
   config;
   guard;
@@ -6319,8 +6582,11 @@ var ServiceCoordinator = class {
       console.log("Conductor mode enabled \u2014 orchestrate/plan skills available via gateway");
     }
     if (opts.conductorEnabled && this.config.conductor?.public) {
-      const { buildConductorCard } = await import("../../card-EX2EYGCZ.js");
-      const conductorCard = buildConductorCard(this.config.owner);
+      const { buildConductorCard } = await import("../../card-BN643ZOY.js");
+      const conductorCard = attachCanonicalAgentId(
+        this.runtime.registryDb,
+        buildConductorCard(this.config.owner)
+      );
       const now = (/* @__PURE__ */ new Date()).toISOString();
       const existing = this.runtime.registryDb.prepare("SELECT id FROM capability_cards WHERE id = ?").get(conductorCard.id);
       if (existing) {
@@ -6376,27 +6642,11 @@ var ServiceCoordinator = class {
       }
     }
     if (opts.registryUrl && opts.relay) {
-      const { RelayClient: RelayClient2 } = await import("../../websocket-client-4Z5P54RU.js");
-      const { executeCapabilityRequest: executeCapabilityRequest2 } = await import("../../execute-NNDCXTN4.js");
-      const cards = listCards(this.runtime.registryDb, this.config.owner);
-      const card = cards[0] ?? {
-        id: randomUUID8(),
-        owner: this.config.owner,
-        name: this.config.owner,
-        description: "Agent registered via CLI",
-        spec_version: "1.0",
-        level: 1,
-        inputs: [],
-        outputs: [],
-        pricing: { credits_per_call: 1 },
-        availability: { online: true }
-      };
-      const additionalCards = [];
+      const { RelayClient: RelayClient2 } = await import("../../websocket-client-SNDF3B6N.js");
+      const { executeCapabilityRequest: executeCapabilityRequest2 } = await import("../../execute-FZLQGIXB.js");
+      const localCards = listCards(this.runtime.registryDb, this.config.owner);
+      const { primaryCard, additionalCards } = buildRelayRegistrationCards(this.config.owner, localCards);
       if (this.config.conductor?.public) {
-        const { buildConductorCard } = await import("../../card-EX2EYGCZ.js");
-        additionalCards.push(
-          buildConductorCard(this.config.owner)
-        );
         console.log("Conductor card will be published to registry (conductor.public: true)");
       }
       this.relayClient = new RelayClient2({
@@ -6404,9 +6654,10 @@ var ServiceCoordinator = class {
         owner: this.config.owner,
         agent_id: this.config.agent_id,
         token: this.config.token,
-        card,
+        card: primaryCard,
         cards: additionalCards.length > 0 ? additionalCards : void 0,
         onRequest: async (req) => {
+          this.relayClient?.sendStarted(req.id, "provider acknowledged");
           const onProgress = (info) => {
             this.relayClient.sendProgress(req.id, info);
           };
@@ -6722,6 +6973,14 @@ function createSignedEscrowReceipt(db, privateKey, publicKey, opts) {
   return { escrowId, receipt };
 }
 
+// src/credit/settlement.ts
+function settleRequesterEscrow(requesterDb, escrowId) {
+  confirmEscrowDebit(requesterDb, escrowId);
+}
+function releaseRequesterEscrow(requesterDb, escrowId) {
+  releaseEscrow(requesterDb, escrowId);
+}
+
 // src/app/agentbnb-service.ts
 var AgentBnBService = class {
   coordinator;
@@ -7131,8 +7390,35 @@ var requestInputSchema = {
   card_id: z10.string().optional().describe("Direct card ID to request (skips search)"),
   skill_id: z10.string().optional().describe("Specific skill within a v2.0 card"),
   params: z10.record(z10.unknown()).optional().describe("Input parameters for the capability"),
-  max_cost: z10.number().optional().default(50).describe("Maximum credits to spend")
+  max_cost: z10.number().optional().default(50).describe("Maximum credits to spend"),
+  timeout_ms: z10.number().positive().optional().describe("Requester timeout override in milliseconds")
 };
+function parsePositiveNumber(value) {
+  return typeof value === "number" && value > 0 ? value : void 0;
+}
+function deriveTimeoutHintFromCard(remoteCard, skillId) {
+  const topLevelHint = {
+    expected_duration_ms: parsePositiveNumber(remoteCard["expected_duration_ms"]),
+    hard_timeout_ms: parsePositiveNumber(remoteCard["hard_timeout_ms"])
+  };
+  const skills = remoteCard["skills"];
+  if (!Array.isArray(skills)) {
+    return topLevelHint.expected_duration_ms !== void 0 || topLevelHint.hard_timeout_ms !== void 0 ? topLevelHint : void 0;
+  }
+  const selectedSkill = skillId ? skills.find((candidate) => {
+    if (!candidate || typeof candidate !== "object") return false;
+    return candidate["id"] === skillId;
+  }) : skills[0];
+  if (!selectedSkill || typeof selectedSkill !== "object") {
+    return topLevelHint.expected_duration_ms !== void 0 || topLevelHint.hard_timeout_ms !== void 0 ? topLevelHint : void 0;
+  }
+  const skillRecord = selectedSkill;
+  const skillHint = {
+    expected_duration_ms: parsePositiveNumber(skillRecord["expected_duration_ms"]) ?? topLevelHint.expected_duration_ms,
+    hard_timeout_ms: parsePositiveNumber(skillRecord["hard_timeout_ms"]) ?? topLevelHint.hard_timeout_ms
+  };
+  return skillHint.expected_duration_ms !== void 0 || skillHint.hard_timeout_ms !== void 0 ? skillHint : void 0;
+}
 async function handleRequest(args, ctx) {
   try {
     const maxCost = args.max_cost ?? 50;
@@ -7196,6 +7482,7 @@ async function handleRequest(args, ctx) {
           token: ctx.config.token,
           cardId,
           params: { ...args.params ?? {}, ...args.skill_id ? { skill_id: args.skill_id } : {}, requester: ctx.config.owner },
+          timeoutMs: args.timeout_ms,
           identity: identityAuth
         });
         return {
@@ -7224,7 +7511,9 @@ async function handleRequest(args, ctx) {
         };
       }
       const targetOwner = remoteCard["owner"] ?? remoteCard["agent_name"];
+      const targetAgentId = typeof remoteCard["agent_id"] === "string" ? remoteCard["agent_id"] : void 0;
       const gatewayUrl = remoteCard["gateway_url"];
+      const timeoutHint = deriveTimeoutHintFromCard(remoteCard, args.skill_id);
       if (gatewayUrl) {
         let remoteCost = 0;
         const remoteSkills = remoteCard["skills"];
@@ -7236,43 +7525,33 @@ async function handleRequest(args, ctx) {
           remoteCost = remotePricing?.credits_per_call ?? 0;
         }
         if (remoteCost > 0) {
-          const creditDb = openCreditDb(ctx.config.credit_db_path);
-          creditDb.pragma("busy_timeout = 5000");
-          try {
-            const keys = loadKeyPair(ctx.configDir);
-            const { escrowId, receipt } = createSignedEscrowReceipt(creditDb, keys.privateKey, keys.publicKey, {
-              owner: ctx.config.owner,
-              agent_id: ctx.identity.agent_id,
-              amount: remoteCost,
-              cardId,
-              skillId: args.skill_id
-            });
-            try {
-              const result = await requestCapability({
-                gatewayUrl,
-                token: ctx.config.token ?? "",
-                cardId,
-                params: { ...args.params ?? {}, ...args.skill_id ? { skill_id: args.skill_id } : {}, requester: ctx.config.owner },
-                identity: identityAuth,
-                escrowReceipt: receipt
-              });
-              confirmEscrowDebit(creditDb, escrowId);
-              return {
-                content: [{ type: "text", text: JSON.stringify({ success: true, result }, null, 2) }]
-              };
-            } catch (execErr) {
-              releaseEscrow(creditDb, escrowId);
-              throw execErr;
-            }
-          } finally {
-            creditDb.close();
+          if (!targetOwner) {
+            return {
+              content: [{ type: "text", text: JSON.stringify({ success: false, error: "Paid remote request requires a target owner for relay routing" }) }]
+            };
           }
+          const result = await requestViaTemporaryRelay({
+            registryUrl: ctx.config.registry,
+            owner: ctx.config.owner,
+            token: ctx.config.token ?? "",
+            targetOwner,
+            targetAgentId,
+            cardId,
+            skillId: args.skill_id,
+            params: { ...args.params ?? {}, ...args.skill_id ? { skill_id: args.skill_id } : {}, requester: ctx.config.owner },
+            timeoutMs: args.timeout_ms
+          });
+          return {
+            content: [{ type: "text", text: JSON.stringify({ success: true, result }, null, 2) }]
+          };
         } else {
           const result = await requestCapability({
             gatewayUrl,
             token: ctx.config.token ?? "",
             cardId,
             params: { ...args.params ?? {}, ...args.skill_id ? { skill_id: args.skill_id } : {}, requester: ctx.config.owner },
+            timeoutMs: args.timeout_ms,
+            timeoutHint,
             identity: identityAuth
           });
           return {
@@ -7281,30 +7560,20 @@ async function handleRequest(args, ctx) {
         }
       }
       if (targetOwner) {
-        const relay = new RelayClient({
+        const result = await requestViaTemporaryRelay({
           registryUrl: ctx.config.registry,
           owner: ctx.config.owner,
           token: ctx.config.token ?? "",
-          card: { id: ctx.config.owner, owner: ctx.config.owner, name: "mcp-requester" },
-          onRequest: async () => ({ error: { code: -32601, message: "MCP client does not accept requests" } }),
-          silent: true
+          targetOwner,
+          targetAgentId,
+          cardId,
+          skillId: args.skill_id,
+          params: { ...args.params ?? {}, ...args.skill_id ? { skill_id: args.skill_id } : {} },
+          timeoutMs: args.timeout_ms
         });
-        try {
-          await relay.connect();
-          const result = await relay.request({
-            targetOwner,
-            cardId,
-            skillId: args.skill_id,
-            params: args.params ?? {},
-            requester: ctx.config.owner,
-            timeoutMs: 3e5
-          });
-          return {
-            content: [{ type: "text", text: JSON.stringify({ success: true, result }, null, 2) }]
-          };
-        } finally {
-          relay.disconnect();
-        }
+        return {
+          content: [{ type: "text", text: JSON.stringify({ success: true, result }, null, 2) }]
+        };
       }
       return {
         content: [{ type: "text", text: JSON.stringify({ success: false, error: "Remote card has no gateway_url and no owner for relay routing" }) }]
@@ -7381,17 +7650,24 @@ async function conductAction(task, opts) {
     matchResults.map((m) => [m.subtask_id, m])
   );
   const resolveAgentUrl = (owner) => {
-    const peer = peers.find((p) => p.name.toLowerCase() === owner.toLowerCase());
-    if (peer) {
-      const execDb = openDatabase(config.db_path);
-      try {
-        const stmt = execDb.prepare("SELECT id FROM capability_cards WHERE owner = ? LIMIT 1");
-        const row = stmt.get(owner);
-        return { url: peer.url, cardId: row?.id ?? owner };
-      } finally {
-        execDb.close();
+    const execDb = openDatabase(config.db_path);
+    let matchingCards;
+    try {
+      matchingCards = listCards(execDb, owner);
+    } finally {
+      execDb.close();
+    }
+    const candidateNames = /* @__PURE__ */ new Set([owner.toLowerCase()]);
+    for (const card of matchingCards) {
+      candidateNames.add(card.owner.toLowerCase());
+      if (typeof card.agent_id === "string" && card.agent_id.length > 0) {
+        candidateNames.add(card.agent_id.toLowerCase());
       }
     }
+    const peer = peers.find((p) => candidateNames.has(p.name.toLowerCase()));
+    if (peer) {
+      return { url: peer.url, cardId: matchingCards[0]?.id ?? owner };
+    }
     if (config.registry) {
       let cardId = owner;
       for (const m of matchMap.values()) {