aira-sdk 0.1.3 → 0.3.0

package/dist/client.js

@@ -2,6 +2,8 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Aira = void 0;
 const types_1 = require("./types");
+const offline_1 = require("./offline");
+const session_1 = require("./session");
 const DEFAULT_BASE_URL = "https://api.airaproof.com";
 const DEFAULT_TIMEOUT = 30_000;
 const MAX_DETAILS_LENGTH = 50_000;
@@ -15,6 +17,7 @@ class Aira {
     baseUrl;
     apiKey;
     timeout;
+    queue;
     constructor(options) {
         if (!options.apiKey)
             throw new Error("apiKey is required");
@@ -24,6 +27,7 @@ class Aira {
         this.apiKey = options.apiKey;
         this.baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "") + "/api/v1";
         this.timeout = options.timeout ?? DEFAULT_TIMEOUT;
+        this.queue = options.offline ? new offline_1.OfflineQueue() : null;
     }
     async request(method, path, body, auth = true) {
         const controller = new AbortController();
@@ -51,10 +55,17 @@ class Aira {
         }
     }
     get(path, params, auth = true) {
+        if (this.queue) {
+            throw new types_1.AiraError(0, "OFFLINE", "GET requests not available in offline mode");
+        }
         const qs = params ? "?" + new URLSearchParams(Object.entries(params).filter(([, v]) => v != null).map(([k, v]) => [k, String(v)])).toString() : "";
         return this.request("GET", path + qs, undefined, auth);
     }
     post(path, body) {
+        if (this.queue) {
+            const qid = this.queue.enqueue("POST", path, body);
+            return Promise.resolve({ _offline: true, _queue_id: qid });
+        }
         return this.request("POST", path, body);
     }
     put(path, body) {
@@ -250,5 +261,97 @@ class Aira {
     async ask(message, params) {
         return this.post("/chat", buildBody({ message, history: params?.history, model: params?.model }));
     }
+    // ==================== DID ====================
+    /** Get full DID info for an agent. */
+    async getAgentDid(slug) {
+        return this.get(`/agents/${slug}/did`);
+    }
+    /** Rotate an agent's DID keypair. */
+    async rotateAgentKeys(slug) {
+        return this.post(`/agents/${slug}/did/rotate`, {});
+    }
+    /** Resolve any did:web DID to its DID document. */
+    async resolveDid(did) {
+        return this.post("/dids/resolve", { did });
+    }
+    // ==================== Verifiable Credentials ====================
+    /** Get the current valid VC for an agent. */
+    async getAgentCredential(slug) {
+        return this.get(`/agents/${slug}/credential`);
+    }
+    /** Get full credential history for an agent. */
+    async getAgentCredentials(slug) {
+        return this.get(`/agents/${slug}/credentials`);
+    }
+    /** Revoke the current credential for an agent. */
+    async revokeCredential(slug, reason = "") {
+        return this.post(`/agents/${slug}/credentials/revoke`, { reason });
+    }
+    /** Verify a Verifiable Credential — checks signature, expiry, revocation. */
+    async verifyCredential(credential) {
+        return this.post("/credentials/verify", { credential });
+    }
+    // ==================== Mutual Notarization ====================
+    /** Initiate a mutual signing request for an action. */
+    async requestMutualSign(actionId, counterpartyDid) {
+        return this.post(`/actions/${actionId}/mutual-sign/request`, { counterparty_did: counterpartyDid });
+    }
+    /** Get the action payload awaiting counterparty signature. */
+    async getPendingMutualSign(actionId) {
+        return this.get(`/actions/${actionId}/mutual-sign/pending`);
+    }
+    /** Submit counterparty signature to complete mutual signing. */
+    async completeMutualSign(actionId, did, signature, signedPayloadHash) {
+        return this.post(`/actions/${actionId}/mutual-sign/complete`, { did, signature, signed_payload_hash: signedPayloadHash });
+    }
+    /** Get the co-signed receipt for a mutually signed action. */
+    async getMutualSignReceipt(actionId) {
+        return this.get(`/actions/${actionId}/mutual-sign/receipt`);
+    }
+    /** Reject a mutual signing request. */
+    async rejectMutualSign(actionId, reason = "") {
+        return this.post(`/actions/${actionId}/mutual-sign/reject`, { reason });
+    }
+    // ==================== Reputation ====================
+    /** Get current reputation score for an agent. */
+    async getReputation(slug) {
+        return this.get(`/agents/${slug}/reputation`);
+    }
+    /** Get full reputation history for an agent. */
+    async getReputationHistory(slug) {
+        return this.get(`/agents/${slug}/reputation/history`);
+    }
+    /** Submit a signed attestation of a successful interaction. */
+    async attestReputation(slug, counterpartyDid, actionId, attestation, signature) {
+        return this.post(`/agents/${slug}/reputation/attest`, {
+            counterparty_did: counterpartyDid, action_id: actionId, attestation, signature,
+        });
+    }
+    /** Verify a reputation score by returning inputs and score_hash. */
+    async verifyReputation(slug) {
+        return this.get(`/agents/${slug}/reputation/verify`);
+    }
+    // ==================== Session ====================
+    /** Create a scoped session with pre-filled defaults. */
+    session(agentId, defaults) {
+        return new session_1.AiraSession(this, agentId, defaults);
+    }
+    // ==================== Offline sync ====================
+    /** Number of queued offline requests. */
+    get pendingCount() {
+        return this.queue?.pendingCount ?? 0;
+    }
+    /** Flush offline queue to API. Returns list of API responses. */
+    async sync() {
+        if (!this.queue)
+            throw new Error("sync() is only available in offline mode");
+        const items = this.queue.drain();
+        const results = [];
+        for (const item of items) {
+            const res = await this.request(item.method, item.path, item.body);
+            results.push(res);
+        }
+        return results;
+    }
 }
 exports.Aira = Aira;

package/dist/extras/index.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Aira SDK extras — framework integrations.
+ *
+ * Each integration is in its own file to avoid importing unnecessary dependencies.
+ * Import directly from the subpath:
+ *
+ *   import { AiraCallbackHandler } from "aira-sdk/extras/langchain";
+ *   import { AiraVercelMiddleware } from "aira-sdk/extras/vercel-ai";
+ *   import { AiraGuardrail } from "aira-sdk/extras/openai-agents";
+ *   import { createServer } from "aira-sdk/extras/mcp";
+ *   import { verifySignature, parseEvent } from "aira-sdk/extras/webhooks";
+ */
+export { AiraCallbackHandler } from "./langchain";
+export { AiraVercelMiddleware } from "./vercel-ai";
+export { AiraGuardrail } from "./openai-agents";
+export { createServer, getTools, handleToolCall } from "./mcp";
+export type { MCPTool, MCPTextContent } from "./mcp";
+export { verifySignature, parseEvent, WebhookEventType } from "./webhooks";
+export type { WebhookEvent, WebhookEventTypeName } from "./webhooks";
+export { checkTrust } from "./trust";
+export type { TrustPolicy, TrustContext } from "./trust";

package/dist/extras/index.js

@@ -0,0 +1,31 @@
+"use strict";
+/**
+ * Aira SDK extras — framework integrations.
+ *
+ * Each integration is in its own file to avoid importing unnecessary dependencies.
+ * Import directly from the subpath:
+ *
+ *   import { AiraCallbackHandler } from "aira-sdk/extras/langchain";
+ *   import { AiraVercelMiddleware } from "aira-sdk/extras/vercel-ai";
+ *   import { AiraGuardrail } from "aira-sdk/extras/openai-agents";
+ *   import { createServer } from "aira-sdk/extras/mcp";
+ *   import { verifySignature, parseEvent } from "aira-sdk/extras/webhooks";
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkTrust = exports.WebhookEventType = exports.parseEvent = exports.verifySignature = exports.handleToolCall = exports.getTools = exports.createServer = exports.AiraGuardrail = exports.AiraVercelMiddleware = exports.AiraCallbackHandler = void 0;
+var langchain_1 = require("./langchain");
+Object.defineProperty(exports, "AiraCallbackHandler", { enumerable: true, get: function () { return langchain_1.AiraCallbackHandler; } });
+var vercel_ai_1 = require("./vercel-ai");
+Object.defineProperty(exports, "AiraVercelMiddleware", { enumerable: true, get: function () { return vercel_ai_1.AiraVercelMiddleware; } });
+var openai_agents_1 = require("./openai-agents");
+Object.defineProperty(exports, "AiraGuardrail", { enumerable: true, get: function () { return openai_agents_1.AiraGuardrail; } });
+var mcp_1 = require("./mcp");
+Object.defineProperty(exports, "createServer", { enumerable: true, get: function () { return mcp_1.createServer; } });
+Object.defineProperty(exports, "getTools", { enumerable: true, get: function () { return mcp_1.getTools; } });
+Object.defineProperty(exports, "handleToolCall", { enumerable: true, get: function () { return mcp_1.handleToolCall; } });
+var webhooks_1 = require("./webhooks");
+Object.defineProperty(exports, "verifySignature", { enumerable: true, get: function () { return webhooks_1.verifySignature; } });
+Object.defineProperty(exports, "parseEvent", { enumerable: true, get: function () { return webhooks_1.parseEvent; } });
+Object.defineProperty(exports, "WebhookEventType", { enumerable: true, get: function () { return webhooks_1.WebhookEventType; } });
+var trust_1 = require("./trust");
+Object.defineProperty(exports, "checkTrust", { enumerable: true, get: function () { return trust_1.checkTrust; } });

package/dist/extras/langchain.d.ts

@@ -0,0 +1,42 @@
+/**
+ * LangChain.js integration — auto-notarize tool and chain completions.
+ *
+ * Requires: @langchain/core (peer dependency)
+ *
+ * Usage:
+ *   import { AiraCallbackHandler } from "aira-sdk/extras/langchain";
+ *   const handler = new AiraCallbackHandler(aira, "my-agent");
+ *   const chain = someChain.withConfig({ callbacks: [handler] });
+ */
+import type { Aira } from "../client";
+import type { TrustPolicy, TrustContext } from "./trust";
+export type { TrustPolicy, TrustContext } from "./trust";
+export declare class AiraCallbackHandler {
+    private client;
+    private agentId;
+    private modelId?;
+    private actionTypes;
+    private trustPolicy?;
+    constructor(client: Aira, agentId: string, options?: {
+        modelId?: string;
+        actionTypes?: Record<string, string>;
+        trustPolicy?: TrustPolicy;
+    });
+    /**
+     * Check trust for a counterparty agent before interacting.
+     * Advisory by default — only blocks on revoked VC or unregistered agent if configured.
+     */
+    checkTrust(counterpartyId: string): Promise<TrustContext>;
+    private notarize;
+    /** Called when a tool finishes. */
+    handleToolEnd(output: string, name?: string): void;
+    /** Called when a chain finishes. */
+    handleChainEnd(outputs: Record<string, unknown>): void;
+    /** Called when an LLM finishes. */
+    handleLLMEnd(generationCount: number): void;
+    /**
+     * Returns a LangChain-compatible callbacks object.
+     * Use with: chain.invoke(input, { callbacks: [handler.asCallbacks()] })
+     */
+    asCallbacks(): Record<string, (...args: unknown[]) => void>;
+}

package/dist/extras/langchain.js

@@ -0,0 +1,95 @@
+"use strict";
+/**
+ * LangChain.js integration — auto-notarize tool and chain completions.
+ *
+ * Requires: @langchain/core (peer dependency)
+ *
+ * Usage:
+ *   import { AiraCallbackHandler } from "aira-sdk/extras/langchain";
+ *   const handler = new AiraCallbackHandler(aira, "my-agent");
+ *   const chain = someChain.withConfig({ callbacks: [handler] });
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AiraCallbackHandler = void 0;
+const trust_1 = require("./trust");
+const MAX_DETAILS = 5000;
+class AiraCallbackHandler {
+    client;
+    agentId;
+    modelId;
+    actionTypes;
+    trustPolicy;
+    constructor(client, agentId, options) {
+        this.client = client;
+        this.agentId = agentId;
+        this.modelId = options?.modelId;
+        this.trustPolicy = options?.trustPolicy;
+        this.actionTypes = {
+            tool_end: "tool_call",
+            chain_end: "chain_completed",
+            llm_end: "llm_completion",
+            ...(options?.actionTypes ?? {}),
+        };
+    }
+    /**
+     * Check trust for a counterparty agent before interacting.
+     * Advisory by default — only blocks on revoked VC or unregistered agent if configured.
+     */
+    async checkTrust(counterpartyId) {
+        if (!this.trustPolicy) {
+            return { counterpartyId, blocked: false, recommendation: "No trust policy configured" };
+        }
+        return (0, trust_1.checkTrust)(this.client, this.trustPolicy, counterpartyId);
+    }
+    notarize(actionType, details) {
+        try {
+            const params = {
+                actionType,
+                details: details.slice(0, MAX_DETAILS),
+                agentId: this.agentId,
+            };
+            if (this.modelId)
+                params.modelId = this.modelId;
+            this.client.notarize(params).catch((e) => {
+                console.warn("Aira notarize failed (non-blocking):", e);
+            });
+        }
+        catch (e) {
+            console.warn("Aira notarize failed (non-blocking):", e);
+        }
+    }
+    /** Called when a tool finishes. */
+    handleToolEnd(output, name = "unknown") {
+        this.notarize(this.actionTypes.tool_end, `Tool '${name}' completed. Output length: ${String(output).length} chars`);
+    }
+    /** Called when a chain finishes. */
+    handleChainEnd(outputs) {
+        const keys = typeof outputs === "object" && outputs ? Object.keys(outputs) : [];
+        this.notarize(this.actionTypes.chain_end, `Chain completed. Output keys: [${keys.join(", ")}]`);
+    }
+    /** Called when an LLM finishes. */
+    handleLLMEnd(generationCount) {
+        this.notarize(this.actionTypes.llm_end, `LLM completed. Generations: ${generationCount}`);
+    }
+    /**
+     * Returns a LangChain-compatible callbacks object.
+     * Use with: chain.invoke(input, { callbacks: [handler.asCallbacks()] })
+     */
+    asCallbacks() {
+        return {
+            handleToolEnd: (output, ...args) => {
+                const runId = args[1];
+                const name = args[2]?.name ?? "unknown";
+                this.handleToolEnd(String(output), name);
+            },
+            handleChainEnd: (outputs) => {
+                this.handleChainEnd((outputs ?? {}));
+            },
+            handleLLMEnd: (response) => {
+                const resp = response;
+                this.handleLLMEnd(resp?.generations?.length ?? 0);
+            },
+        };
+    }
+}
+exports.AiraCallbackHandler = AiraCallbackHandler;

package/dist/extras/mcp.d.ts

@@ -0,0 +1,49 @@
+/**
+ * MCP server exposing Aira actions as tools for AI agents.
+ *
+ * Requires: @modelcontextprotocol/sdk (peer dependency)
+ *
+ * Usage:
+ *   import { createServer } from "aira-sdk/extras/mcp";
+ *   const server = createServer({ apiKey: "aira_live_xxx" });
+ */
+import type { Aira } from "../client";
+/** Tool definition for MCP list_tools response. */
+export interface MCPTool {
+    name: string;
+    description: string;
+    inputSchema: Record<string, unknown>;
+}
+/** Text content for MCP call_tool response. */
+export interface MCPTextContent {
+    type: "text";
+    text: string;
+}
+/** MCP tool definitions exposed by the Aira server. */
+export declare function getTools(): MCPTool[];
+/** Handle an MCP tool call and return text content. */
+export declare function handleToolCall(client: Aira, name: string, args: Record<string, unknown>): Promise<MCPTextContent[]>;
+/**
+ * Create an MCP-compatible server handler object.
+ *
+ * This returns plain objects; wire it into @modelcontextprotocol/sdk's Server:
+ *
+ *   import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+ *   import { createServer } from "aira-sdk/extras/mcp";
+ *   const { listTools, callTool } = createServer(airaClient);
+ *   server.setRequestHandler(ListToolsRequestSchema, listTools);
+ *   server.setRequestHandler(CallToolRequestSchema, callTool);
+ */
+export declare function createServer(client: Aira): {
+    listTools: () => Promise<{
+        tools: MCPTool[];
+    }>;
+    callTool: (request: {
+        params: {
+            name: string;
+            arguments?: Record<string, unknown>;
+        };
+    }) => Promise<{
+        content: MCPTextContent[];
+    }>;
+};

package/dist/extras/mcp.js

@@ -0,0 +1,163 @@
+"use strict";
+/**
+ * MCP server exposing Aira actions as tools for AI agents.
+ *
+ * Requires: @modelcontextprotocol/sdk (peer dependency)
+ *
+ * Usage:
+ *   import { createServer } from "aira-sdk/extras/mcp";
+ *   const server = createServer({ apiKey: "aira_live_xxx" });
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getTools = getTools;
+exports.handleToolCall = handleToolCall;
+exports.createServer = createServer;
+/** MCP tool definitions exposed by the Aira server. */
+function getTools() {
+    return [
+        {
+            name: "notarize_action",
+            description: "Notarize an AI agent action with a cryptographic receipt",
+            inputSchema: {
+                type: "object",
+                properties: {
+                    action_type: { type: "string", description: "e.g. email_sent, loan_approved, claim_processed" },
+                    details: { type: "string", description: "What happened" },
+                    agent_id: { type: "string", description: "Agent slug" },
+                    model_id: { type: "string", description: "Model used (optional)" },
+                },
+                required: ["action_type", "details"],
+            },
+        },
+        {
+            name: "verify_action",
+            description: "Verify a notarized action's cryptographic receipt",
+            inputSchema: {
+                type: "object",
+                properties: {
+                    action_id: { type: "string", description: "Action UUID" },
+                },
+                required: ["action_id"],
+            },
+        },
+        {
+            name: "get_receipt",
+            description: "Get the cryptographic receipt for a notarized action",
+            inputSchema: {
+                type: "object",
+                properties: {
+                    receipt_id: { type: "string", description: "Receipt UUID" },
+                },
+                required: ["receipt_id"],
+            },
+        },
+        {
+            name: "resolve_did",
+            description: "Resolve a did:web DID to its DID document",
+            inputSchema: {
+                type: "object",
+                properties: {
+                    did: { type: "string", description: "The DID to resolve (e.g. did:web:airaproof.com:agents:my-agent)" },
+                },
+                required: ["did"],
+            },
+        },
+        {
+            name: "verify_credential",
+            description: "Verify a Verifiable Credential — checks signature, expiry, and revocation status",
+            inputSchema: {
+                type: "object",
+                properties: {
+                    agent_id: { type: "string", description: "Agent slug whose credential to verify" },
+                },
+                required: ["agent_id"],
+            },
+        },
+        {
+            name: "get_reputation",
+            description: "Get the current reputation score and tier for an agent",
+            inputSchema: {
+                type: "object",
+                properties: {
+                    agent_id: { type: "string", description: "Agent slug" },
+                },
+                required: ["agent_id"],
+            },
+        },
+        {
+            name: "request_mutual_sign",
+            description: "Initiate a mutual signing request for an action with a counterparty",
+            inputSchema: {
+                type: "object",
+                properties: {
+                    action_id: { type: "string", description: "Action UUID to co-sign" },
+                    counterparty_did: { type: "string", description: "DID of the counterparty agent" },
+                },
+                required: ["action_id", "counterparty_did"],
+            },
+        },
+    ];
+}
+/** Handle an MCP tool call and return text content. */
+async function handleToolCall(client, name, args) {
+    try {
+        if (name === "notarize_action") {
+            const result = await client.notarize({
+                actionType: args.action_type,
+                details: args.details,
+                agentId: args.agent_id,
+                modelId: args.model_id,
+            });
+            return [{ type: "text", text: JSON.stringify(result) }];
+        }
+        if (name === "verify_action") {
+            const result = await client.verifyAction(args.action_id);
+            return [{ type: "text", text: JSON.stringify(result) }];
+        }
+        if (name === "get_receipt") {
+            const result = await client.getReceipt(args.receipt_id);
+            return [{ type: "text", text: JSON.stringify(result) }];
+        }
+        if (name === "resolve_did") {
+            const result = await client.resolveDid(args.did);
+            return [{ type: "text", text: JSON.stringify(result) }];
+        }
+        if (name === "verify_credential") {
+            const cred = await client.getAgentCredential(args.agent_id);
+            const result = await client.verifyCredential(cred);
+            return [{ type: "text", text: JSON.stringify(result) }];
+        }
+        if (name === "get_reputation") {
+            const result = await client.getReputation(args.agent_id);
+            return [{ type: "text", text: JSON.stringify(result) }];
+        }
+        if (name === "request_mutual_sign") {
+            const result = await client.requestMutualSign(args.action_id, args.counterparty_did);
+            return [{ type: "text", text: JSON.stringify(result) }];
+        }
+        return [{ type: "text", text: JSON.stringify({ error: `Unknown tool: ${name}` }) }];
+    }
+    catch (e) {
+        return [{ type: "text", text: JSON.stringify({ error: String(e) }) }];
+    }
+}
+/**
+ * Create an MCP-compatible server handler object.
+ *
+ * This returns plain objects; wire it into @modelcontextprotocol/sdk's Server:
+ *
+ *   import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+ *   import { createServer } from "aira-sdk/extras/mcp";
+ *   const { listTools, callTool } = createServer(airaClient);
+ *   server.setRequestHandler(ListToolsRequestSchema, listTools);
+ *   server.setRequestHandler(CallToolRequestSchema, callTool);
+ */
+function createServer(client) {
+    return {
+        listTools: async () => ({ tools: getTools() }),
+        callTool: async (request) => {
+            const content = await handleToolCall(client, request.params.name, request.params.arguments ?? {});
+            return { content };
+        },
+    };
+}

package/dist/extras/openai-agents.d.ts

@@ -0,0 +1,38 @@
+/**
+ * OpenAI Node SDK integration — guardrail that notarizes tool calls.
+ *
+ * Requires: openai (peer dependency)
+ *
+ * Usage:
+ *   import { AiraGuardrail } from "aira-sdk/extras/openai-agents";
+ *   const guardrail = new AiraGuardrail(aira, "my-agent");
+ *   guardrail.onToolCall("search", { query: "test" });
+ */
+import type { Aira } from "../client";
+import type { TrustPolicy, TrustContext } from "./trust";
+export type { TrustPolicy, TrustContext } from "./trust";
+export declare class AiraGuardrail {
+    private client;
+    private agentId;
+    private modelId?;
+    private trustPolicy?;
+    constructor(client: Aira, agentId: string, options?: {
+        modelId?: string;
+        trustPolicy?: TrustPolicy;
+    });
+    /**
+     * Check trust for a counterparty agent before interacting.
+     * Advisory by default — only blocks on revoked VC or unregistered agent if configured.
+     */
+    checkTrust(counterpartyId: string): Promise<TrustContext>;
+    private notarize;
+    /** Call after a tool execution to notarize it. */
+    onToolCall(toolName: string, args?: Record<string, unknown>): void;
+    /** Call after a tool returns to notarize the result. */
+    onToolResult(toolName: string, result?: unknown): void;
+    /**
+     * Wraps a tool function to auto-notarize calls and results.
+     * No raw user data is sent — only tool name, arg keys, and output length.
+     */
+    wrapTool<T extends (...args: unknown[]) => unknown>(toolFn: T, toolName?: string): T;
+}

package/dist/extras/openai-agents.js

@@ -0,0 +1,82 @@
+"use strict";
+/**
+ * OpenAI Node SDK integration — guardrail that notarizes tool calls.
+ *
+ * Requires: openai (peer dependency)
+ *
+ * Usage:
+ *   import { AiraGuardrail } from "aira-sdk/extras/openai-agents";
+ *   const guardrail = new AiraGuardrail(aira, "my-agent");
+ *   guardrail.onToolCall("search", { query: "test" });
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AiraGuardrail = void 0;
+const trust_1 = require("./trust");
+const MAX_DETAILS = 5000;
+class AiraGuardrail {
+    client;
+    agentId;
+    modelId;
+    trustPolicy;
+    constructor(client, agentId, options) {
+        this.client = client;
+        this.agentId = agentId;
+        this.modelId = options?.modelId;
+        this.trustPolicy = options?.trustPolicy;
+    }
+    /**
+     * Check trust for a counterparty agent before interacting.
+     * Advisory by default — only blocks on revoked VC or unregistered agent if configured.
+     */
+    async checkTrust(counterpartyId) {
+        if (!this.trustPolicy) {
+            return { counterpartyId, blocked: false, recommendation: "No trust policy configured" };
+        }
+        return (0, trust_1.checkTrust)(this.client, this.trustPolicy, counterpartyId);
+    }
+    notarize(actionType, details) {
+        try {
+            const params = {
+                actionType,
+                details: details.slice(0, MAX_DETAILS),
+                agentId: this.agentId,
+            };
+            if (this.modelId)
+                params.modelId = this.modelId;
+            this.client.notarize(params).catch((e) => {
+                console.warn("Aira notarize failed (non-blocking):", e);
+            });
+        }
+        catch (e) {
+            console.warn("Aira notarize failed (non-blocking):", e);
+        }
+    }
+    /** Call after a tool execution to notarize it. */
+    onToolCall(toolName, args) {
+        const argKeys = Object.keys(args ?? {});
+        this.notarize("tool_call", `Tool '${toolName}' called. Arg keys: [${argKeys.join(", ")}]`);
+    }
+    /** Call after a tool returns to notarize the result. */
+    onToolResult(toolName, result) {
+        this.notarize("tool_completed", `Tool '${toolName}' completed. Result length: ${String(result).length} chars`);
+    }
+    /**
+     * Wraps a tool function to auto-notarize calls and results.
+     * No raw user data is sent — only tool name, arg keys, and output length.
+     */
+    wrapTool(toolFn, toolName) {
+        const name = toolName ?? toolFn.name ?? "unknown";
+        const self = this;
+        const wrapped = async function (...args) {
+            const kwargs = args.length > 0 && typeof args[0] === "object" && args[0]
+                ? args[0]
+                : undefined;
+            self.onToolCall(name, kwargs);
+            const result = await toolFn.apply(this, args);
+            self.onToolResult(name, result);
+            return result;
+        };
+        return wrapped;
+    }
+}
+exports.AiraGuardrail = AiraGuardrail;