agentwallet-sdk 3.5.2 → 4.0.1

package/README.md

@@ -1,444 +1,131 @@
-# 🤖 Agent Wallet SDK
+# agentwallet-sdk
 
-**Let your AI agent spend crypto. Stay in control.**
+Non-custodial agent wallet SDK. Your agent holds its own keys - no custodian, no KYC, no freeze risk.
 
-Agent Wallet gives AI agents autonomous spending power with hard on-chain limits. No more choosing between "agent can drain everything" and "every transaction needs manual approval."
-
-```text
-Agent wants to spend $15 → ✅ Auto-approved (under $25 limit)
-Agent wants to spend $500 → ⏳ Queued for your approval
-Agent spent $490 today → 🛑 Next tx queued ($500/day limit hit)
-```text
-
-## Why Agent Wallet?
-
-| Approach | Problem |
-|----------|---------|
-| Raw EOA wallet | Agent can drain everything. One prompt injection = rugged. |
-| Multisig (Safe) | Every tx needs human sigs. Kills agent autonomy. |
-| Custodial API (Stripe) | Centralized, KYC friction, not crypto-native. |
-| **Agent Wallet** | **Agents spend freely within limits. Everything else queues for approval.** |
-
-Built on **ERC-6551** (token-bound accounts). Your agent's wallet is tied to an NFT — portable, auditable, fully on-chain.
-
-## Quick Start
+[![npm](https://img.shields.io/npm/v/agentwallet-sdk?style=flat-square)](https://www.npmjs.com/package/agentwallet-sdk)
+[![Discord](https://img.shields.io/discord/1475549260140253194?label=Community&logo=discord&color=5865F2)](https://discord.gg/958AACqf7Y)
+![x402](https://img.shields.io/badge/x402-native-green?style=flat-square)
+![CCTP V2](https://img.shields.io/badge/CCTP_V2-17_chains-red?style=flat-square)
+![Tests](https://img.shields.io/badge/tests-376_passing-brightgreen?style=flat-square)
 
 ```bash
-npm install @agentwallet/sdk viem
-```text
-
-```typescript
-import {
-  createWallet,
-  setSpendPolicy,
-  agentExecute,
-  checkBudget,
-  getPendingApprovals,
-  approveTransaction,
-  NATIVE_TOKEN,
-} from '@agentwallet/sdk';
-import { createWalletClient, http } from 'viem';
-import { privateKeyToAccount } from 'viem/accounts';
-
-// 1. Connect to your agent's wallet
-const walletClient = createWalletClient({
-  account: privateKeyToAccount('0xAGENT_PRIVATE_KEY'),
-  transport: http('https://mainnet.base.org'),
-});
-
-const wallet = createWallet({
-  accountAddress: '0xYOUR_AGENT_ACCOUNT',
-  chain: 'base',
-  walletClient,
-});
-
-// 2. Owner sets spending limits (one-time setup)
-await setSpendPolicy(wallet, {
-  token: NATIVE_TOKEN,  // ETH
-  perTxLimit: 25_000000000000000n,   // 0.025 ETH per tx
-  periodLimit: 500_000000000000000n, // 0.5 ETH per day
-  periodLength: 86400,               // 24 hours
-});
-
-// 3. Agent spends autonomously
-await agentExecute(wallet, {
-  to: '0xSOME_SERVICE',
-  value: 10_000000000000000n, // 0.01 ETH — under limit, executes immediately
-});
-
-// 4. Check remaining budget
-const budget = await checkBudget(wallet, NATIVE_TOKEN);
-console.log(`Remaining today: ${budget.remainingInPeriod}`);
-
-// 5. Owner reviews queued transactions
-const pending = await getPendingApprovals(wallet);
-for (const tx of pending) {
-  console.log(`Pending #${tx.txId}: ${tx.amount} to ${tx.to}`);
-  await approveTransaction(wallet, tx.txId);
-}
-```text
-
-## API Reference
-
-### `createWallet(config)`
-
-Connect to an existing AgentAccountV2 contract.
-
-| Param | Type | Description |
-|-------|------|-------------|
-| `accountAddress` | `Address` | Deployed AgentAccountV2 address |
-| `chain` | `string` | `'base'` \| `'base-sepolia'` \| `'ethereum'` \| `'arbitrum'` \| `'polygon'` |
-| `walletClient` | `WalletClient` | viem wallet client (agent or owner key) |
-| `rpcUrl?` | `string` | Custom RPC URL |
-
-### `setSpendPolicy(wallet, policy)` — Owner only
-
-Set per-token spending limits.
-
-| Field | Type | Description |
-|-------|------|-------------|
-| `token` | `Address` | Token address (`NATIVE_TOKEN` for ETH) |
-| `perTxLimit` | `bigint` | Max single tx (0 = all txs need approval) |
-| `periodLimit` | `bigint` | Max per rolling window (0 = no autonomous spending) |
-| `periodLength` | `number` | Window in seconds (default: 86400 = 24h) |
-
-### `agentExecute(wallet, { to, value?, data? })`
-
-Execute a native ETH transaction. Auto-approves if within limits, queues if over.
-
-**Returns:** `{ executed: boolean, txHash: Hash, pendingTxId?: bigint }`
-
-### `agentTransferToken(wallet, { token, to, amount })`
-
-Transfer ERC20 tokens, respecting spend limits.
-
-### `checkBudget(wallet, token?)`
-
-Check remaining autonomous spending budget.
-
-**Returns:** `{ token, perTxLimit, remainingInPeriod }`
-
-### `getPendingApprovals(wallet, fromId?, toId?)`
-
-List all pending (unexecuted, uncancelled) transactions awaiting owner approval.
-
-### `approveTransaction(wallet, txId)` — Owner only
-
-Approve and execute a queued transaction.
-
-### `cancelTransaction(wallet, txId)` — Owner only
+npm i agentwallet-sdk
+```
 
-Cancel a queued transaction.
+---
 
-### `setOperator(wallet, operator, authorized)` — Owner only
+## Why agent-wallet-sdk?
 
-Add or remove an agent operator address.
+Most agent wallet solutions compromise on the thing that matters most: who controls the keys.
 
-### `getBudgetForecast(wallet, token?, now?)`
+| | agent-wallet-sdk | Coinbase Agentic Wallets | MoonPay Agents |
+|---|---|---|---|
+| **Key custody** | Agent holds own keys | Coinbase TEE (custodial) | MoonPay managed |
+| **Freeze risk** | None - on-chain only | Yes - platform can freeze | Yes - KYC-gated |
+| **Cross-chain** | 17 chains via CCTP V2 | Base only | Limited |
+| **x402 support** | Native (v2.0.1+) | No public x402 client | No |
+| **Spend limits** | On-chain, enforced by contract | Platform-enforced | Platform-enforced |
+| **KYC required** | No | No | Yes |
+| **MCP compatible** | Yes | No | No |
 
-**[MAX-ADDED]** Time-aware budget forecast — know not just what's left, but when it refills.
+### Coinbase Agentic Wallets - what "TEE-custodial" means
 
-**Returns:** `BudgetForecast` — includes `remainingInPeriod`, `secondsUntilReset`, `utilizationPercent`, full period metadata.
+Coinbase stores private keys in Trusted Execution Environments on their infrastructure. The keys are not yours. If Coinbase freezes your account, halts the service, or gets a court order, your agent stops working. The TEE makes the custody tamper-resistant to Coinbase employees - but it does not make it non-custodial. You are still trusting Coinbase.
 
-```typescript
-const forecast = await getBudgetForecast(wallet, NATIVE_TOKEN);
-console.log(`${forecast.utilizationPercent}% used, resets in ${forecast.secondsUntilReset}s`);
-```text
+### MoonPay Agents - the CLI-bound, KYC wall
 
-### `getWalletHealth(wallet, operators?, tokens?, now?)`
+MoonPay requires identity verification before an agent can transact. That kills the autonomous agent use case - you can't run an agent at 2 AM that needs to pay an API if the payment rails need KYC approval first. MoonPay also does not expose an x402 interface, so agents using MoonPay can't participate in the emerging x402 payment ecosystem.
 
-**[MAX-ADDED]** Single-call diagnostic snapshot for agent self-monitoring.
+### agent-wallet-sdk - true non-custody
 
-**Returns:** `WalletHealth` — address, NFT binding, operator epoch, active operator statuses, pending queue depth, budget forecasts.
+The wallet is an ERC-6551 token-bound account on-chain. The agent's private key lives in the agent's environment, controlled by whoever runs the agent. Nobody else has it. Spend limits are enforced by the smart contract - not by a platform policy that can change overnight.
 
 ```typescript
-const health = await getWalletHealth(wallet, [agentHotWallet], [NATIVE_TOKEN, usdcAddress]);
-if (health.pendingQueueDepth > 5) console.warn('Queue backing up!');
-if (!health.activeOperators[0].active) console.error('Agent operator deactivated!');
-```text
+import { createWallet, createX402Fetch, NATIVE_TOKEN } from 'agentwallet-sdk';
 
-### `batchAgentTransfer(wallet, transfers)`
+// Agent holds its own key
+const wallet = createWallet({ accountAddress: '0x...', chain: 'base', walletClient });
 
-**[MAX-ADDED]** Execute multiple token transfers sequentially — reduces boilerplate for multi-recipient payments.
-
-```typescript
-const hashes = await batchAgentTransfer(wallet, [
-  { token: USDC, to: serviceA, amount: 100n },
-  { token: USDC, to: serviceB, amount: 200n },
-]);
-```text
+// x402 payments: agent pays APIs automatically, no human needed
+const fetch = createX402Fetch(wallet, { globalDailyLimit: 10_000_000n });
+const data = await fetch('https://api.example.com/premium');
+// Server returned 402? Payment handled. Original request retried. Human not consulted.
 
-### `getActivityHistory(wallet, { fromBlock?, toBlock? })`
+// Spend limits are on-chain - agent can't exceed them even under prompt injection
+```
 
-**[MAX-ADDED]** Query on-chain event history for self-auditing — no external indexer needed.
+### Cross-chain without the ceremony
 
-**Returns:** `ActivityEntry[]` — sorted by block number, covers executions, queued txs, approvals, cancellations, policy updates, operator changes.
+One bridge interface across 17 chains. Coinbase Agentic Wallets are Base-only. MoonPay is not cross-chain native.
 
 ```typescript
-const history = await getActivityHistory(wallet, { fromBlock: 10000n });
-for (const entry of history) {
-  console.log(`[${entry.type}] block ${entry.blockNumber}: ${JSON.stringify(entry.args)}`);
-}
-```text
-
-## Supported Chains
-
-| Chain | Status | Best For |
-|-------|--------|----------|
-| **Base** | ✅ Primary | Low gas, USDC native |
-| **Base Sepolia** | ✅ Testnet | Development |
-| **Ethereum** | ✅ | High-value operations |
-| **Arbitrum** | ✅ | DeFi agents |
-| **Polygon** | ✅ | Micropayments |
-| **Etherlink** | ✅ | x402 multichain payments |
-
-## x402 Protocol Support
+import { UnifiedBridge } from 'agentwallet-sdk';
 
-> **March 2026:** x402 just landed on Etherlink (Tezos L2). agent-wallet-sdk explicitly supports x402 on both **Base** (primary, USDC-native) and **Etherlink** — making it one of the first non-custodial SDKs to span both x402 chains. [Submit your agent to the x402 Bazaar](https://x402.org/bazaar) to get indexed.
+const bridge = new UnifiedBridge({ evmSigner, solanaWallet });
 
-Agent Wallet natively supports the [x402 protocol](https://x402.org) — the open standard for HTTP 402 machine payments. Your agent can automatically pay any x402-enabled API (Stripe, Coinbase, etc.) using USDC on Base or Etherlink, while respecting on-chain spend limits.
-
-### Quick Start
-
-```typescript
-import { createWallet, createX402Client } from 'agentwallet-sdk';
-
-// 1. Create your wallet
-const wallet = createWallet({ accountAddress, chain: 'base', walletClient });
-
-// 2. Create an x402-aware client
-const client = createX402Client(wallet, {
-  globalDailyLimit: 50_000_000n,  // 50 USDC/day
-  globalPerRequestMax: 5_000_000n, // 5 USDC max per request
-  serviceBudgets: [
-    { service: 'api.weather.com', maxPerRequest: 1_000_000n, dailyLimit: 10_000_000n },
-  ],
+// Solana -> Base in one call
+await bridge.bridge({
+  amount: 1_000_000n,
+  sourceChain: 'solana',
+  destinationChain: 'base',
+  destinationAddress: '0x...',
 });
+```
 
-// 3. Use it like fetch — 402 responses are handled automatically
-const response = await client.fetch('https://api.weather.com/forecast');
-const data = await response.json();
-// If the API returned 402, the client:
-//   - Parsed payment requirements from the PAYMENT-REQUIRED header
-//   - Checked your budget (client-side + on-chain)
-//   - Paid USDC via your AgentWallet contract
-//   - Retried the request with payment proof
-```text
-
-### Drop-in Fetch Replacement
-
-```typescript
-import { createX402Fetch } from 'agentwallet-sdk';
-
-const x402Fetch = createX402Fetch(wallet, { globalDailyLimit: 100_000_000n });
-
-// Use exactly like fetch()
-const res = await x402Fetch('https://any-x402-api.com/endpoint');
-```text
-
-### Budget Controls
-
-```typescript
-// Check spending
-const summary = client.getDailySpendSummary();
-console.log(`Today's spend: ${summary.global} (resets at ${summary.resetsAt})`);
-
-// View transaction log
-const logs = client.getTransactionLog({ service: 'api.weather.com' });
-
-// Add budget at runtime
-client.budgetTracker.setServiceBudget({
-  service: 'new-api.com',
-  maxPerRequest: 2_000_000n,
-  dailyLimit: 20_000_000n,
-});
-```text
+Supported chains: Base, Ethereum, Solana, Arbitrum, Optimism, Polygon, Avalanche, Unichain, Linea, Codex, Sonic, World Chain, Sei, XDC, HyperEVM, Ink, Plume.
 
-### Payment Approval Callback
+---
 
-```typescript
-const client = createX402Client(wallet, {
-  onBeforePayment: async (req, url) => {
-    console.log(`About to pay ${req.amount} to ${req.payTo} for ${url}`);
-    return true; // return false to reject
-  },
-  onPaymentComplete: (log) => {
-    console.log(`Paid ${log.amount} via tx ${log.txHash}`);
-  },
-});
-```text
+## Install
 
-### Etherlink x402 - Non-Custodial ERC-20 Payments via Permit2
+```bash
+npm i agentwallet-sdk
+```
 
-Etherlink (Tezos L2) launched x402 support in March 2026 with a Permit2 proxy for non-custodial ERC-20 payments. `agentwallet-sdk` supports this directly:
+## Quick Start
 
 ```typescript
-import { createWallet, createX402Client } from 'agentwallet-sdk';
+import { createWallet, setSpendPolicy, agentExecute, NATIVE_TOKEN } from 'agentwallet-sdk';
 import { createWalletClient, http } from 'viem';
 import { privateKeyToAccount } from 'viem/accounts';
 
 const walletClient = createWalletClient({
-  account: privateKeyToAccount(process.env.AGENT_KEY!),
-  transport: http('https://node.mainnet.etherlink.com'),
+  account: privateKeyToAccount(process.env.AGENT_PRIVATE_KEY),
+  transport: http('https://mainnet.base.org'),
 });
 
 const wallet = createWallet({
-  accountAddress: '0xYOUR_AGENT_CONTRACT',
-  chain: 'etherlink',
+  accountAddress: '0xYOUR_AGENT_ACCOUNT',
+  chain: 'base',
   walletClient,
 });
 
-// x402 client on Etherlink -- same API, near-zero fees
-const client = createX402Client(wallet, {
-  preferredChain: 'etherlink',
-  globalDailyLimit: 100_000_000n,  // 100 USDC/day
-  globalPerRequestMax: 2_000_000n, // 2 USDC max per request
-});
-
-// Fetch x402-gated resources -- 402 handled automatically
-const response = await client.fetch('https://api.example.com/agent-data');
-// Client parsed 402, checked budget, signed via Permit2, retried with proof
-```
-
-Unlike custodial x402 implementations (Coinbase, OKX OnchainOS), the key never leaves your environment. The Permit2 proxy handles ERC-20 approval flow, but authorization is signed locally.
-
-### How x402 Works
-
-```text
-Agent → GET /api/data → Server returns 402 + PAYMENT-REQUIRED header
-  ↓
-Client parses payment requirements (amount, token, recipient, network)
-  ↓
-Budget check (client-side caps + on-chain spend limits)
-  ↓
-AgentWallet executes USDC transfer on Base or Etherlink
-  ↓
-Client retries request with X-PAYMENT header (payment proof)
-  ↓
-Server verifies payment → returns 200 + data
-```text
-
-Your agent's keys never leave the non-custodial wallet. All payments respect on-chain spend limits set by the wallet owner.
-
-## Why agent-wallet-sdk?
-
-Every major AI company launched an agent wallet in early 2026. Coinbase Agentic Wallets went live February 13. MoonPay Agents launched March 4. Stripe added x402 on February 11. The problem: every single one of them holds your agent's keys.
-
-Here's the direct comparison:
-
-| | Coinbase AgentKit | MoonPay Agents | Circuit & Chisel ATXP | agent-wallet-sdk |
-|---|---|---|---|---|
-| **Key custody** | Coinbase servers | MoonPay servers | Enterprise custodian | Your environment only |
-| **SDK type** | TypeScript SDK | CLI-only | No public SDK | TypeScript SDK |
-| **Spend limits** | Session caps (off-chain API) | None | Nested policy layer | Per-tx + daily, on-chain contract |
-| **x402 support** | Yes (Base/USDC) | No | Partial | Yes (Base, Etherlink, full spec) |
-| **Cross-chain** | Base only (USDC) | No CCTP | EVM-only | 5 chains via CCTP V2 |
-| **Freeze risk** | Yes (KYC, compliance) | Yes | Yes (enterprise terms) | None -- contract on-chain |
-| **Audit trail** | API logs (centralized) | API logs | Enterprise dashboard | On-chain events, self-queryable |
-| **Open source** | No | No | No | Yes (MIT) |
-| **KYC required** | Yes | Yes | Yes | No |
-| **Agent-sovereign** | No | No | No | Yes |
-
-**The three questions that matter:**
-
-**1. Who holds the key?** With Coinbase and MoonPay, their infrastructure holds your agent's private key. That means they can freeze it, they get hacked and your key goes with it, and they can shut down the product. agent-wallet-sdk generates keys locally and they never leave your environment.
-
-**2. Where are spend limits enforced?** Coinbase uses session caps enforced at the API layer -- those can change. MoonPay has no per-transaction limits at all. agent-wallet-sdk enforces limits inside an EVM contract. A `perTxLimit` of 25 USDC means the contract will physically not execute a transaction over 25 USDC. No API to call, no policy to change.
-
-**3. What happens when the platform shuts down?** Custodial wallets disappear with the platform. Your agent's wallet contract is deployed on-chain. It exists as long as the EVM exists.
-
-```typescript
-// Your keys stay in your environment -- not on Coinbase, not on MoonPay
-const wallet = createWallet({
-  accountAddress: '0xYOUR_CONTRACT',
-  walletClient: createWalletClient({
-    account: privateKeyToAccount(process.env.AGENT_KEY), // never transmitted
-    transport: http('https://mainnet.base.org'),
-  }),
-  chain: 'base',
+// Set spend limits once (owner operation)
+await setSpendPolicy(wallet, {
+  token: NATIVE_TOKEN,
+  perTxLimit: 25_000000000000000n,   // 0.025 ETH per tx
+  periodLimit: 500_000000000000000n, // 0.5 ETH per day
+  periodLength: 86400,
 });
-```
-
-If you need a quick integration and you're already in the Coinbase ecosystem: their product works for demos and low-stakes use cases. But if you're building agents that handle real funds, run autonomously for weeks, or need to survive beyond a single platform's product lifecycle -- you want the keys under your own control.
-
----
-
-## Why Non-Custodial Matters for Agents
-
-Three reasons agents need non-custodial wallets, not exchange accounts:
-
-- **Agent-sovereign by design.** The agent's private key lives in its own environment -- not on OKX, not on Coinbase, not on anyone's server. No exchange can freeze it, no compliance team can lock it, no API deprecation can kill it.
-- **On-chain spend limits, not platform policies.** Custodial wallets enforce limits at the API layer. Those policies can change. This SDK enforces limits inside an EVM contract -- the chain enforces it, not a company.
-- **No exchange holds the keys.** When OKX OnchainOS or Coinbase Agentic Wallets hold your agent's key, they own the wallet. If they go down, if they get hacked, if they decide to shut down the product -- your agent stops working. Non-custodial means the wallet is yours as long as the chain runs.
-
-## Why Non-Custodial Beats Exchange Wallets
-
-OKX OnchainOS supports 60+ chains. Coinbase Agentic Wallets are backed by a trillion-dollar exchange. Both look impressive on paper. Here's the problem: **they hold your agent's keys.**
-
-That's not a minor implementation detail. It's the entire trust model.
-
-### What custody actually means
-
-When you use an exchange-based agent wallet, your agent's private key lives on their servers. Every transaction your agent signs goes through their infrastructure. They can:
-- Freeze your agent's wallet for any reason (KYC, compliance, a bad week)
-- Be subpoenaed for your agent's transaction history
-- Get hacked — and your agent's keys go with it
-- Change their API, deprecate their SDK, sunset the product
-
-This isn't theoretical. Exchange platforms shut down products, freeze accounts, and go dark. It's happened before. It'll happen again.
 
-### The non-custodial difference
-
-With `agentwallet-sdk`:
-- Your agent's private key is generated locally and **never transmitted anywhere**
-- The wallet contract lives on-chain — no server to shut down
-- Spend limits are enforced by EVM bytecode, not an API policy
-- You can self-host, self-audit, and self-custody everything
-
-```typescript
-// Your keys stay in your environment
-const wallet = createWallet({
-  accountAddress: '0xYOUR_CONTRACT',
-  walletClient: createWalletClient({
-    account: privateKeyToAccount(process.env.AGENT_KEY), // lives here, not on OKX
-    transport: http('https://mainnet.base.org'),
-  }),
-  chain: 'base',
-});
+// Agent executes autonomously within limits
+await agentExecute(wallet, { to: '0xSOME_SERVICE', value: 10_000000000000000n });
 ```
 
-The spend limits (`$25/tx`, `$500/day`) are enforced by the contract itself — not by an exchange API that can change its terms. An agent running over-limit? The contract queues it. No custodian involved.
-
-### When exchange wallets make sense
-
-If you're building a quick demo, need zero infrastructure setup, or are already deep in the Coinbase or OKX ecosystem — their hosted products are fast to integrate. No judgment.
-
-But if you're building production agents that handle real funds, run autonomously, or need to survive beyond a single platform's product lifecycle, you want the keys under your own control.
-
-That's what this SDK is for.
-
-### x402 without custody
-
-The x402 protocol is becoming the standard for AI agent payments. Stripe validated it in February 2026. Coinbase built it into Base. Abstract launched their delegated facilitator model this week.
-
-Every x402 implementation in `agentwallet-sdk` is non-custodial by design:
-- Solana x402: direct signing from your local keypair
-- Base x402: USDC transfer via your on-chain contract
-- Abstract x402: EIP-712 delegated permit, signed locally — the facilitator executes it, but your key authorizes it
-
-OKX OnchainOS supports x402 too — through their custody layer. Your call which model you trust.
-
----
+## Key Features
 
-## How It Works
+- **Non-custodial**: Agent holds its own private key. No custodian.
+- **x402 native**: Drop-in fetch wrapper for automatic API payment handling
+- **17-chain CCTP V2**: Cross-chain USDC via Circle's bridge - EVM + Solana
+- **On-chain spend limits**: ERC-6551 token-bound accounts with contract-enforced policies
+- **MCP compatible**: Use with any MCP-based agent framework
+- **376 tests passing**
 
-1. **Deploy** an AgentAccountV2 (ERC-6551 token-bound account tied to an NFT)
-2. **Configure** spend policies per token — set per-tx and daily limits
-3. **Register** your agent's hot wallet as an operator
-4. **Agent operates autonomously** — transactions within limits execute instantly
-5. **Over-limit transactions queue** — owner gets notified, approves or cancels
+## Resources
 
-All limits enforced on-chain. No off-chain dependencies. Fully auditable.
+- [npm package](https://www.npmjs.com/package/agentwallet-sdk)
+- [Discord community](https://discord.gg/958AACqf7Y)
+- [x402 docs](https://docs.x402.org)
 
 ## License
 

package/dist/__tests__/identity.did.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=identity.did.test.d.ts.map

package/dist/__tests__/identity.did.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity.did.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/identity.did.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/identity.did.test.js

@@ -0,0 +1,56 @@
+import { describe, it, expect } from 'vitest';
+import { deriveAgentDID, issueCredential, verifyCredential, exportDIDDocument, } from '../identity/did.js';
+const TEST_PRIVATE_KEY = '0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80';
+describe('Agent DID (did:key)', () => {
+    it('derives a deterministic DID from a private key', () => {
+        const did1 = deriveAgentDID(TEST_PRIVATE_KEY);
+        const did2 = deriveAgentDID(TEST_PRIVATE_KEY);
+        expect(did1.did).toBe(did2.did);
+        expect(did1.did).toMatch(/^did:key:z6Mk/);
+    });
+    it('derives different DIDs for different private keys', () => {
+        const key2 = '0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d';
+        const did1 = deriveAgentDID(TEST_PRIVATE_KEY);
+        const did2 = deriveAgentDID(key2);
+        expect(did1.did).not.toBe(did2.did);
+    });
+    it('exports a valid W3C DID Document', () => {
+        const did = deriveAgentDID(TEST_PRIVATE_KEY);
+        const doc = exportDIDDocument(did);
+        expect(doc['@context']).toContain('https://www.w3.org/ns/did/v1');
+        expect(doc.id).toBe(did.did);
+        expect(doc.verificationMethod).toHaveLength(1);
+        expect(doc.verificationMethod[0].type).toBe('Ed25519VerificationKey2020');
+        expect(doc.authentication).toHaveLength(1);
+    });
+    it('issues and verifies a Verifiable Credential', () => {
+        const did = deriveAgentDID(TEST_PRIVATE_KEY);
+        const vc = issueCredential(did, TEST_PRIVATE_KEY, {
+            agentType: 'autonomous',
+            capability: 'payment',
+        });
+        expect(vc['@context']).toContain('https://www.w3.org/2018/credentials/v1');
+        expect(vc.issuer).toBe(did.did);
+        expect(vc.type).toContain('VerifiableCredential');
+        expect(vc.credentialSubject.agentType).toBe('autonomous');
+        expect(vc.proof.type).toBe('Ed25519Signature2020');
+        const valid = verifyCredential(vc);
+        expect(valid).toBe(true);
+    });
+    it('rejects a tampered credential', () => {
+        const did = deriveAgentDID(TEST_PRIVATE_KEY);
+        const vc = issueCredential(did, TEST_PRIVATE_KEY, { role: 'agent' });
+        const tampered = {
+            ...vc,
+            credentialSubject: { ...vc.credentialSubject, role: 'admin' },
+        };
+        expect(verifyCredential(tampered)).toBe(false);
+    });
+    it('rejects credential with wrong issuer DID', () => {
+        const did = deriveAgentDID(TEST_PRIVATE_KEY);
+        const vc = issueCredential(did, TEST_PRIVATE_KEY, { role: 'agent' });
+        const tampered = { ...vc, issuer: 'did:key:z6MkFake' };
+        expect(verifyCredential(tampered)).toBe(false);
+    });
+});
+//# sourceMappingURL=identity.did.test.js.map

package/dist/__tests__/identity.did.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity.did.test.js","sourceRoot":"","sources":["../../src/__tests__/identity.did.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAE5B,MAAM,gBAAgB,GAAG,oEAAoE,CAAC;AAE9F,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,IAAI,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC9C,MAAM,IAAI,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC9C,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAChC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,IAAI,GAAG,oEAAoE,CAAC;QAClF,MAAM,IAAI,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC9C,MAAM,IAAI,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,GAAG,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC7C,MAAM,GAAG,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,8BAA8B,CAAC,CAAC;QAClE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC/C,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC1E,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,GAAG,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,eAAe,CAAC,GAAG,EAAE,gBAAgB,EAAE;YAChD,SAAS,EAAE,YAAY;YACvB,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,wCAAwC,CAAC,CAAC;QAC3E,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;QAClD,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC1D,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAEnD,MAAM,KAAK,GAAG,gBAAgB,CAAC,EAAE,CAAC,CAAC;QACnC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,GAAG,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,eAAe,CAAC,GAAG,EAAE,gBAAgB,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;QAErE,MAAM,QAAQ,GAAG;YACf,GAAG,EAAE;YACL,iBAAiB,EAAE,EAAE,GAAG,EAAE,CAAC,iBAAiB,EAAE,IAAI,EAAE,OAAO,EAAE;SAC9D,CAAC;QACF,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,GAAG,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,eAAe,CAAC,GAAG,EAAE,gBAAgB,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;QAErE,MAAM,QAAQ,GAAG,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,kBAAkB,EAAE,CAAC;QACvD,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/staking.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=staking.test.d.ts.map

package/dist/__tests__/staking.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"staking.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/staking.test.ts"],"names":[],"mappings":""}