agentbnb 9.1.1 → 9.2.1

package/dist/{serve-skill-CDNSHTEE.js → serve-skill-VKNRBVWE.js}

@@ -1,31 +1,31 @@
 import {
   executeCapabilityRequest
-} from "./chunk-RVOZHVM7.js";
-import "./chunk-ZYOMPJGG.js";
-import "./chunk-LENX5NUW.js";
-import "./chunk-5CC6O6SO.js";
-import "./chunk-O44N3KR7.js";
-import "./chunk-ELFGYC22.js";
-import "./chunk-I4E5ERDN.js";
+} from "./chunk-PFAEZI32.js";
+import "./chunk-OXU4QJSZ.js";
+import "./chunk-2KSRFDKF.js";
+import "./chunk-AA25Z6FW.js";
+import "./chunk-FVLHEI3Y.js";
+import "./chunk-CPSV5WR2.js";
 import {
   openCreditDb
-} from "./chunk-D7NH6YLM.js";
+} from "./chunk-UJXDBOKV.js";
 import {
   listCards,
   openDatabase
-} from "./chunk-7VZ4M4CT.js";
+} from "./chunk-QE42IJC4.js";
+import "./chunk-4XTYT4JW.js";
+import "./chunk-GZUTU6IZ.js";
 import {
   RelayClient
 } from "./chunk-UPNREF4L.js";
 import "./chunk-Q5OFZ2JR.js";
 import "./chunk-QXRNW4OJ.js";
-import "./chunk-YNBZLXYS.js";
+import "./chunk-65GNX2KC.js";
 import "./chunk-YDGXKH2T.js";
 import "./chunk-J4RFJVXI.js";
-import "./chunk-UVCNMRPS.js";
 import "./chunk-3XPBFF6H.js";
-import "./chunk-4XTYT4JW.js";
-import "./chunk-GZUTU6IZ.js";
+import "./chunk-7YJOBVWN.js";
+import "./chunk-UVCNMRPS.js";
 import "./chunk-3RG5ZIWI.js";
 
 // src/mcp/tools/serve-skill.ts
@@ -67,11 +67,12 @@ async function handleServeSkill(args, ctx) {
           const result = await executeCapabilityRequest({
             registryDb,
             creditDb,
-            cardId: req.params?.card_id ?? card.id,
-            skillId: req.params?.skill_id,
-            params: req.params?.params ?? {},
-            requester: req.params?.requester ?? "unknown",
-            handlerUrl
+            cardId: req.card_id ?? card.id,
+            skillId: req.skill_id,
+            params: req.params,
+            requester: req.requester ?? req.from_owner ?? "unknown",
+            handlerUrl,
+            relayAuthorized: true
           });
           if (result.success) {
             return { result: result.result };

package/dist/{server-QIAO3YSK.js → server-LNT4YQZ7.js}

@@ -1,39 +1,42 @@
+import {
+  createSessionState
+} from "./chunk-EMVVFP2L.js";
 import {
   createLedger
-} from "./chunk-LENX5NUW.js";
+} from "./chunk-2KSRFDKF.js";
 import {
   ensureIdentity
-} from "./chunk-5CC6O6SO.js";
-import {
-  fetchRemoteCards,
-  mergeResults
-} from "./chunk-ELFGYC22.js";
+} from "./chunk-AA25Z6FW.js";
 import {
   searchCards
-} from "./chunk-I4E5ERDN.js";
+} from "./chunk-CPSV5WR2.js";
 import {
   getBalance,
   openCreditDb
-} from "./chunk-D7NH6YLM.js";
+} from "./chunk-UJXDBOKV.js";
 import {
   insertCard,
   openDatabase
-} from "./chunk-7VZ4M4CT.js";
+} from "./chunk-QE42IJC4.js";
+import "./chunk-4XTYT4JW.js";
+import "./chunk-GZUTU6IZ.js";
 import "./chunk-QXRNW4OJ.js";
 import {
   loadKeyPair
-} from "./chunk-YNBZLXYS.js";
+} from "./chunk-65GNX2KC.js";
 import "./chunk-YDGXKH2T.js";
 import "./chunk-J4RFJVXI.js";
-import {
-  AnyCardSchema
-} from "./chunk-UVCNMRPS.js";
 import {
   getConfigDir,
   loadConfig
 } from "./chunk-3XPBFF6H.js";
-import "./chunk-4XTYT4JW.js";
-import "./chunk-GZUTU6IZ.js";
+import {
+  fetchRemoteCards,
+  mergeResults
+} from "./chunk-7YJOBVWN.js";
+import {
+  AnyCardSchema
+} from "./chunk-UVCNMRPS.js";
 import "./chunk-3RG5ZIWI.js";
 
 // src/mcp/server.ts
@@ -262,7 +265,7 @@ function registerPublishTool(server, ctx) {
 }
 
 // src/mcp/server.ts
-var VERSION = true ? "9.1.1" : "0.0.0-dev";
+var VERSION = true ? "9.2.1" : "0.0.0-dev";
 async function startMcpServer() {
   const config = loadConfig();
   if (!config) {
@@ -278,14 +281,15 @@ async function startMcpServer() {
   const ctx = {
     configDir,
     config,
-    identity
+    identity,
+    consumerSession: createSessionState()
   };
   registerDiscoverTool(server, ctx);
   registerStatusTool(server, ctx);
   registerPublishTool(server, ctx);
-  const { registerRequestTool } = await import("./request-LID2N42Y.js");
-  const { registerConductTool } = await import("./conduct-UT6ZYSJD.js");
-  const { registerServeSkillTool } = await import("./serve-skill-CDNSHTEE.js");
+  const { registerRequestTool } = await import("./request-NEA66RCW.js");
+  const { registerConductTool } = await import("./conduct-65BGO2EU.js");
+  const { registerServeSkillTool } = await import("./serve-skill-VKNRBVWE.js");
   registerRequestTool(server, ctx);
   registerConductTool(server, ctx);
   registerServeSkillTool(server, ctx);

package/dist/{service-coordinator-FB44QL7L.js → service-coordinator-RE2KPWO4.js}

@@ -1,10 +1,11 @@
+import {
+  executeCapabilityBatch,
+  executeCapabilityRequest,
+  notifyProviderEvent
+} from "./chunk-PFAEZI32.js";
 import {
   StructuredFeedbackSchema
 } from "./chunk-AUBHR7HH.js";
-import {
-  ApiSkillConfigSchema,
-  parseSkillsFile
-} from "./chunk-WX3GZVFG.js";
 import {
   decodeUCAN,
   verifyUCAN
@@ -12,15 +13,13 @@ import {
 import {
   interpolateObject
 } from "./chunk-3MJT4PZG.js";
-import {
-  executeCapabilityBatch,
-  executeCapabilityRequest,
-  notifyProviderEvent
-} from "./chunk-RVOZHVM7.js";
 import {
   announceGateway,
   stopAnnouncement
 } from "./chunk-TA73FIZU.js";
+import {
+  syncCreditsFromRegistry
+} from "./chunk-OXU4QJSZ.js";
 import {
   resolveSelfCli
 } from "./chunk-7S4ZLFVI.js";
@@ -28,39 +27,49 @@ import {
   KNOWN_API_KEYS,
   buildDraftCard,
   detectApiKeys,
-  getPricingStats
-} from "./chunk-G4TF4LB4.js";
+  getPricingStats,
+  probeRegistry
+} from "./chunk-VDYHCI5F.js";
+import {
+  TimeoutError,
+  withTimeout
+} from "./chunk-GIK2AZQH.js";
+import {
+  shouldSkipNetwork
+} from "./chunk-5FXLZ5FX.js";
+import {
+  createLedger,
+  identityAuthPlugin,
+  tryVerifyIdentity
+} from "./chunk-2KSRFDKF.js";
+import {
+  deriveAgentId
+} from "./chunk-AA25Z6FW.js";
+import {
+  ApiSkillConfigSchema,
+  parseSkillsFile
+} from "./chunk-WX3GZVFG.js";
 import {
   listPendingRequests,
   resolvePendingRequest
 } from "./chunk-5PV5YCSN.js";
+import "./chunk-FVLHEI3Y.js";
 import {
   DEFAULT_AUTONOMY_CONFIG,
   getAutonomyTier,
   insertAuditEvent
 } from "./chunk-G5WKW3ED.js";
-import {
-  syncCreditsFromRegistry
-} from "./chunk-ZYOMPJGG.js";
-import {
-  createLedger,
-  identityAuthPlugin
-} from "./chunk-LENX5NUW.js";
-import {
-  deriveAgentId
-} from "./chunk-5CC6O6SO.js";
-import "./chunk-O44N3KR7.js";
-import "./chunk-ELFGYC22.js";
 import {
   buildReputationMap,
   computeReputation,
   filterCards,
   searchCards
-} from "./chunk-I4E5ERDN.js";
+} from "./chunk-CPSV5WR2.js";
 import {
   NETWORK_FEE_RATE,
   bootstrapAgent,
   getBalance,
+  getEscrowStatus,
   getTransactions,
   holdEscrow,
   markEscrowAbandoned,
@@ -70,7 +79,7 @@ import {
   openCreditDb,
   releaseEscrow,
   settleEscrow
-} from "./chunk-D7NH6YLM.js";
+} from "./chunk-UJXDBOKV.js";
 import {
   attachCanonicalAgentId,
   getCard,
@@ -87,7 +96,16 @@ import {
   updateCard,
   updateSkillAvailability,
   updateSkillIdleRate
-} from "./chunk-7VZ4M4CT.js";
+} from "./chunk-QE42IJC4.js";
+import {
+  getActivityFeed,
+  getRequestLog,
+  getSkillRequestCount,
+  insertRequestLog
+} from "./chunk-4XTYT4JW.js";
+import {
+  emitProviderEvent
+} from "./chunk-GZUTU6IZ.js";
 import {
   RelayMessageSchema,
   SESSION_MESSAGE_TYPES,
@@ -102,25 +120,17 @@ import {
 import {
   generateKeyPair,
   verifyEscrowReceipt
-} from "./chunk-YNBZLXYS.js";
+} from "./chunk-65GNX2KC.js";
 import "./chunk-YDGXKH2T.js";
 import "./chunk-J4RFJVXI.js";
-import {
-  AgentBnBError,
-  AnyCardSchema
-} from "./chunk-UVCNMRPS.js";
 import {
   getConfigDir
 } from "./chunk-3XPBFF6H.js";
+import "./chunk-7YJOBVWN.js";
 import {
-  getActivityFeed,
-  getRequestLog,
-  getSkillRequestCount,
-  insertRequestLog
-} from "./chunk-4XTYT4JW.js";
-import {
-  emitProviderEvent
-} from "./chunk-GZUTU6IZ.js";
+  AgentBnBError,
+  AnyCardSchema
+} from "./chunk-UVCNMRPS.js";
 import "./chunk-3RG5ZIWI.js";
 
 // src/runtime/agent-runtime.ts
@@ -1179,8 +1189,8 @@ var AgentRuntime = class {
     }
     const modes = /* @__PURE__ */ new Map();
     if (this.conductorEnabled) {
-      const { ConductorMode } = await import("./conductor-mode-3WLLERB4.js");
-      const { registerConductorCard, CONDUCTOR_OWNER } = await import("./card-UF465O7O.js");
+      const { ConductorMode } = await import("./conductor-mode-6S6ADNLW.js");
+      const { registerConductorCard, CONDUCTOR_OWNER } = await import("./card-L3ZPPBVI.js");
       const { loadPeers } = await import("./peers-7BMU2775.js");
       registerConductorCard(this.registryDb);
       const resolveAgentUrl = (owner) => {
@@ -3265,6 +3275,75 @@ function initiateGithubAuth() {
   };
 }
 
+// src/registry/hub-identities.ts
+import { randomBytes as randomBytes2, createHash } from "crypto";
+var HUB_IDENTITIES_SCHEMA = `
+  CREATE TABLE IF NOT EXISTS hub_identities (
+    email TEXT PRIMARY KEY,
+    agent_id TEXT NOT NULL UNIQUE,
+    public_key TEXT NOT NULL,
+    encrypted_private_key TEXT NOT NULL,
+    kdf_salt TEXT NOT NULL,
+    display_name TEXT NOT NULL,
+    created_at TEXT NOT NULL
+  );
+
+  CREATE INDEX IF NOT EXISTS idx_hub_identities_agent_id
+    ON hub_identities(agent_id);
+`;
+var CHALLENGES_SCHEMA = `
+  CREATE TABLE IF NOT EXISTS hub_challenges (
+    challenge TEXT PRIMARY KEY,
+    expires_at TEXT NOT NULL,
+    consumed_at TEXT
+  );
+`;
+function ensureHubIdentitiesTables(db) {
+  db.exec(HUB_IDENTITIES_SCHEMA);
+  db.exec(CHALLENGES_SCHEMA);
+}
+function deriveAgentId2(publicKeyHex) {
+  const hash = createHash("sha256").update(publicKeyHex, "hex").digest("hex");
+  return `agent-${hash.slice(0, 16)}`;
+}
+var CHALLENGE_TTL_MS = 10 * 60 * 1e3;
+function createChallenge(db) {
+  const challenge = randomBytes2(32).toString("hex");
+  const expires_at = new Date(Date.now() + CHALLENGE_TTL_MS).toISOString();
+  db.prepare("INSERT INTO hub_challenges (challenge, expires_at) VALUES (?, ?)").run(challenge, expires_at);
+  return { challenge, expires_at };
+}
+function consumeChallenge(db, challenge) {
+  const row = db.prepare("SELECT expires_at, consumed_at FROM hub_challenges WHERE challenge = ?").get(challenge);
+  if (!row) return false;
+  if (row.consumed_at) return false;
+  if (new Date(row.expires_at).getTime() < Date.now()) return false;
+  const consumed_at = (/* @__PURE__ */ new Date()).toISOString();
+  db.prepare("UPDATE hub_challenges SET consumed_at = ? WHERE challenge = ?").run(consumed_at, challenge);
+  return true;
+}
+function pruneChallenges(db) {
+  const cutoff = new Date(Date.now() - 24 * 60 * 60 * 1e3).toISOString();
+  db.prepare("DELETE FROM hub_challenges WHERE expires_at < ? OR consumed_at IS NOT NULL").run(cutoff);
+}
+function registerHubIdentity(db, input) {
+  const agent_id = deriveAgentId2(input.public_key);
+  const created_at = (/* @__PURE__ */ new Date()).toISOString();
+  db.prepare(`
+    INSERT INTO hub_identities (email, agent_id, public_key, encrypted_private_key, kdf_salt, display_name, created_at)
+    VALUES (?, ?, ?, ?, ?, ?, ?)
+  `).run(input.email, agent_id, input.public_key, input.encrypted_private_key, input.kdf_salt, input.display_name, created_at);
+  return { ...input, agent_id, created_at };
+}
+function getHubIdentityByEmail(db, email) {
+  const row = db.prepare("SELECT * FROM hub_identities WHERE email = ?").get(email);
+  return row ?? null;
+}
+function getHubIdentityByAgentId(db, agent_id) {
+  const row = db.prepare("SELECT * FROM hub_identities WHERE agent_id = ?").get(agent_id);
+  return row ?? null;
+}
+
 // src/registry/free-tier.ts
 function initFreeTierTable(db) {
   db.exec(`
@@ -3362,6 +3441,39 @@ async function creditRoutesPlugin(fastify, options) {
     const transactions = getTransactions(creditDb, owner, { limit, after: since });
     return reply.send({ owner, transactions, limit });
   });
+  fastify.get("/api/credits/escrow/:id", {
+    schema: {
+      tags: ["credits"],
+      summary: "Get escrow status by ID (public, no auth required)",
+      params: {
+        type: "object",
+        properties: { id: { type: "string" } },
+        required: ["id"]
+      },
+      response: {
+        200: {
+          type: "object",
+          properties: {
+            id: { type: "string" },
+            owner: { type: "string" },
+            amount: { type: "number" },
+            card_id: { type: "string" },
+            status: { type: "string" },
+            created_at: { type: "string" },
+            settled_at: { type: ["string", "null"] }
+          }
+        },
+        404: { type: "object", properties: { error: { type: "string" } } }
+      }
+    }
+  }, async (request, reply) => {
+    const { id } = request.params;
+    const escrow = getEscrowStatus(creditDb, id);
+    if (!escrow) {
+      return reply.code(404).send({ error: "Escrow record not found" });
+    }
+    return reply.send(escrow);
+  });
   await fastify.register(async (scope) => {
     identityAuthPlugin(scope, { agentDb: creditDb });
     scope.post("/api/credits/hold", {
@@ -5273,6 +5385,121 @@ function createRegistryServer(opts) {
         throw err;
       }
     });
+    ensureHubIdentitiesTables(db);
+    try {
+      pruneChallenges(db);
+    } catch {
+    }
+    api.get("/api/agents/challenge", {
+      schema: {
+        tags: ["hub-auth"],
+        summary: "Get a registration challenge",
+        response: {
+          200: {
+            type: "object",
+            properties: {
+              challenge: { type: "string" },
+              expires_at: { type: "string" }
+            }
+          }
+        }
+      }
+    }, async (_request, reply) => {
+      const { challenge, expires_at } = createChallenge(db);
+      return reply.send({ challenge, expires_at });
+    });
+    api.post("/api/agents/register", {
+      schema: {
+        tags: ["hub-auth"],
+        summary: "Register a new Hub-managed agent identity",
+        body: {
+          type: "object",
+          required: ["email", "public_key", "encrypted_private_key", "kdf_salt", "display_name", "challenge", "signature"],
+          properties: {
+            email: { type: "string", format: "email" },
+            public_key: { type: "string" },
+            encrypted_private_key: { type: "string" },
+            kdf_salt: { type: "string" },
+            display_name: { type: "string" },
+            challenge: { type: "string" },
+            signature: { type: "string" }
+          }
+        },
+        response: {
+          201: { type: "object", additionalProperties: true },
+          400: { type: "object", properties: { error: { type: "string" } } },
+          409: { type: "object", properties: { error: { type: "string" } } }
+        }
+      }
+    }, async (request, reply) => {
+      const body = request.body;
+      if (!consumeChallenge(db, body.challenge)) {
+        return reply.code(400).send({ error: "Invalid or expired challenge" });
+      }
+      if (!/^[0-9a-fA-F]+$/.test(body.public_key) || body.public_key.length % 2 !== 0) {
+        return reply.code(400).send({ error: "Invalid public_key format" });
+      }
+      try {
+        const { verifyEscrowReceipt: verifyEscrowReceipt2 } = await import("./signing-AQTKYJDB.js");
+        const publicKeyBuffer = Buffer.from(body.public_key, "hex");
+        const valid = verifyEscrowReceipt2({ challenge: body.challenge }, body.signature, publicKeyBuffer);
+        if (!valid) {
+          return reply.code(400).send({ error: "Invalid signature" });
+        }
+      } catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return reply.code(400).send({ error: `Signature verification failed: ${msg}` });
+      }
+      const existing = getHubIdentityByEmail(db, body.email.toLowerCase());
+      if (existing) {
+        return reply.code(409).send({ error: "Email already registered" });
+      }
+      const agent_id = deriveAgentId2(body.public_key);
+      const existingByAgentId = getHubIdentityByAgentId(db, agent_id);
+      if (existingByAgentId) {
+        return reply.code(409).send({ error: "Agent already registered" });
+      }
+      const identity = registerHubIdentity(db, {
+        email: body.email.toLowerCase(),
+        public_key: body.public_key,
+        encrypted_private_key: body.encrypted_private_key,
+        kdf_salt: body.kdf_salt,
+        display_name: body.display_name
+      });
+      return reply.code(201).send({
+        agent_id: identity.agent_id,
+        did: `did:agentbnb:${identity.agent_id}`,
+        created_at: identity.created_at
+      });
+    });
+    api.post("/api/agents/login", {
+      schema: {
+        tags: ["hub-auth"],
+        summary: "Fetch encrypted identity blob for login",
+        body: {
+          type: "object",
+          required: ["email"],
+          properties: { email: { type: "string", format: "email" } }
+        },
+        response: {
+          200: { type: "object", additionalProperties: true },
+          404: { type: "object", properties: { error: { type: "string" } } }
+        }
+      }
+    }, async (request, reply) => {
+      const body = request.body;
+      const identity = getHubIdentityByEmail(db, body.email.toLowerCase());
+      if (!identity) {
+        return reply.code(404).send({ error: "Identity not found" });
+      }
+      return reply.send({
+        agent_id: identity.agent_id,
+        public_key: identity.public_key,
+        encrypted_private_key: identity.encrypted_private_key,
+        kdf_salt: identity.kdf_salt,
+        display_name: identity.display_name
+      });
+    });
     api.post("/api/identity/link", {
       schema: {
         tags: ["identity"],
@@ -5572,7 +5799,7 @@ function createRegistryServer(opts) {
               });
               await relayClient.connect();
             }
-            const { requestViaRelay } = await import("./client-XOSXFC7Q.js");
+            const { requestViaRelay } = await import("./client-KL67WZVJ.js");
             return requestViaRelay(relayClient, {
               targetOwner: target.owner,
               cardId: target.cardId,
@@ -5591,12 +5818,24 @@ function createRegistryServer(opts) {
       const ownerApiKey = opts.ownerApiKey;
       const ownerName = opts.ownerName;
       void api.register(async (ownerRoutes) => {
-        ownerRoutes.addHook("onRequest", async (request, reply) => {
+        ownerRoutes.addHook("preHandler", async (request, reply) => {
           const auth = request.headers.authorization;
           const token = auth?.startsWith("Bearer ") ? auth.slice(7).trim() : null;
-          if (!token || token !== ownerApiKey) {
-            return reply.status(401).send({ error: "Unauthorized" });
+          if (token === ownerApiKey) {
+            request.agentId = ownerName;
+            return;
+          }
+          const didResult = await tryVerifyIdentity(request, {});
+          if (didResult.valid) {
+            const hubIdentity = getHubIdentityByAgentId(db, didResult.agentId);
+            if (!hubIdentity) {
+              return reply.status(401).send({ error: "Agent not registered on this Hub" });
+            }
+            request.agentId = didResult.agentId;
+            request.agentPublicKey = didResult.publicKey;
+            return;
           }
+          return reply.status(401).send({ error: "Unauthorized" });
         });
         ownerRoutes.get("/me", {
           schema: {
@@ -5607,13 +5846,14 @@ function createRegistryServer(opts) {
               200: { type: "object", properties: { owner: { type: "string" }, balance: { type: "number" } } }
             }
           }
-        }, async (_request, reply) => {
+        }, async (request, reply) => {
+          const identity = request.agentId ?? ownerName;
           let balance = 0;
           if (opts.creditDb) {
             const ledger = createLedger({ db: opts.creditDb });
-            balance = await ledger.getBalance(ownerName);
+            balance = await ledger.getBalance(identity);
           }
-          return reply.send({ owner: ownerName, balance });
+          return reply.send({ owner: identity, balance });
         });
         ownerRoutes.get("/requests", {
           schema: {
@@ -6064,6 +6304,7 @@ import { existsSync as existsSync3, readFileSync as readFileSync3 } from "fs";
 import { join as join2 } from "path";
 import { randomUUID as randomUUID8 } from "crypto";
 import { Cron as Cron2 } from "croner";
+var STARTUP_SYNC_BUDGET_MS = 3e3;
 function buildFallbackRelayCard(owner) {
   return {
     id: randomUUID8(),
@@ -6235,7 +6476,7 @@ var ServiceCoordinator = class {
       console.log("Conductor mode enabled \u2014 orchestrate/plan skills available via gateway");
     }
     if (opts.conductorEnabled && this.config.conductor?.public) {
-      const { buildConductorCard } = await import("./card-UF465O7O.js");
+      const { buildConductorCard } = await import("./card-L3ZPPBVI.js");
       const conductorCard = attachCanonicalAgentId(
         this.runtime.registryDb,
         buildConductorCard(this.config.owner)
@@ -6267,11 +6508,28 @@ var ServiceCoordinator = class {
     this.runtime.registerJob(idleJob);
     console.log("IdleMonitor started (60s poll interval, 70% idle threshold)");
     if (this.config.registry) {
-      const startupSync = await syncCreditsFromRegistry(this.config, this.runtime.creditDb);
-      if (startupSync.synced) {
-        console.log(`[agentbnb] credits synced: ${startupSync.remoteBalance} (was ${startupSync.localWas})`);
+      if (shouldSkipNetwork()) {
+        console.warn("[agentbnb] credit sync skipped: test/offline mode");
       } else {
-        console.warn(`[agentbnb] credit sync skipped: ${startupSync.error}`);
+        const reachable = await probeRegistry(this.config.registry);
+        if (!reachable) {
+          console.warn("[agentbnb] credit sync skipped: registry unreachable (will retry every 5m)");
+        } else {
+          try {
+            const startupSync = await withTimeout(
+              syncCreditsFromRegistry(this.config, this.runtime.creditDb),
+              STARTUP_SYNC_BUDGET_MS
+            );
+            if (startupSync.synced) {
+              console.log(`[agentbnb] credits synced: ${startupSync.remoteBalance} (was ${startupSync.localWas})`);
+            } else {
+              console.warn(`[agentbnb] credit sync skipped: ${startupSync.error}`);
+            }
+          } catch (err) {
+            const reason = err instanceof TimeoutError ? `timeout after ${STARTUP_SYNC_BUDGET_MS}ms` : err.message;
+            console.warn(`[agentbnb] credit sync skipped: ${reason} (will retry every 5m)`);
+          }
+        }
       }
       this.creditSyncJob = new Cron2("*/5 * * * *", async () => {
         const result = await syncCreditsFromRegistry(this.config, this.runtime.creditDb);
@@ -6312,7 +6570,7 @@ var ServiceCoordinator = class {
     }
     if (opts.registryUrl && opts.relay) {
       const { RelayClient } = await import("./websocket-client-FCPZOE4S.js");
-      const { executeCapabilityRequest: executeCapabilityRequest2 } = await import("./execute-UFMGTXET.js");
+      const { executeCapabilityRequest: executeCapabilityRequest2 } = await import("./execute-R5STYWLD.js");
       const localCards = listCards(this.runtime.registryDb, this.config.owner);
       const { primaryCard, additionalCards } = buildRelayRegistrationCards(this.config.owner, localCards);
       if (this.config.conductor?.public) {