handoff-relay 0.1.0

package/dist/index.js

@@ -0,0 +1,2623 @@
+// src/errors.ts
+var RelayError = class extends Error {
+  code;
+  statusCode;
+  details;
+  constructor(code, message, statusCode = 400, details) {
+    super(message);
+    this.name = "RelayError";
+    this.code = code;
+    this.statusCode = statusCode;
+    this.details = details;
+  }
+};
+function relayError(code, message, statusCode = 400, details) {
+  return new RelayError(code, message, statusCode, details);
+}
+function isRelayError(error) {
+  return error instanceof RelayError;
+}
+
+// src/api/client.ts
+var RelayApiClient = class {
+  serverUrl;
+  constructor(options) {
+    this.serverUrl = options.serverUrl.replace(/\/+$/, "");
+  }
+  async createWorkspace(input) {
+    return this.request("/workspaces", { method: "POST", body: input });
+  }
+  async inviteMember(input) {
+    return this.request(`/workspaces/${input.workspaceId}/invites`, {
+      method: "POST",
+      token: input.adminToken,
+      body: { handle: input.handle }
+    });
+  }
+  async acceptInvite(input) {
+    return this.request(`/invites/${input.inviteToken}/accept`, {
+      method: "POST",
+      body: { displayName: input.displayName }
+    });
+  }
+  async listMembers(input) {
+    return this.request(`/members?workspaceId=${encodeURIComponent(input.workspaceId)}`, {
+      token: input.authToken
+    });
+  }
+  async configureProjectAlias(input) {
+    return this.request(`/workspaces/${input.workspaceId}/project-aliases`, {
+      method: "POST",
+      token: input.authToken,
+      body: { canonicalProject: input.canonicalProject, alias: input.alias }
+    });
+  }
+  async listProjectAliases(input) {
+    return this.request(`/workspaces/${input.workspaceId}/project-aliases`, {
+      token: input.authToken
+    });
+  }
+  async revokeMember(input) {
+    return this.request(`/members/${input.memberId}/revoke`, {
+      method: "POST",
+      token: input.adminToken,
+      body: { workspaceId: input.workspaceId }
+    });
+  }
+  async rotateMemberToken(input) {
+    return this.request("/members/rotate-token", {
+      method: "POST",
+      token: input.authToken
+    });
+  }
+  async rotateApprovalSecret(input) {
+    return this.request("/members/rotate-approval-secret", {
+      method: "POST",
+      token: input.authToken,
+      body: { approvalSecret: input.approvalSecret }
+    });
+  }
+  async createApprovalToken(input) {
+    return this.request(`/packets/${input.packetId}/approval-token`, {
+      method: "POST",
+      token: input.authToken,
+      body: { action: input.action, approvalSecret: input.approvalSecret }
+    });
+  }
+  async createAskDraft(input) {
+    return this.request("/packets/ask", {
+      method: "POST",
+      token: input.authToken,
+      body: withoutAuth(input)
+    });
+  }
+  async createShareDraft(input) {
+    return this.request("/packets/share", {
+      method: "POST",
+      token: input.authToken,
+      body: withoutAuth(input)
+    });
+  }
+  async updateDraft(input) {
+    return this.request(`/packets/${input.packetId}/draft`, {
+      method: "PATCH",
+      token: input.authToken,
+      body: withoutAuthAndPacket(input)
+    });
+  }
+  async approveAndSend(input) {
+    return this.request(`/packets/${input.packetId}/approve`, {
+      method: "POST",
+      token: input.authToken,
+      body: {
+        approvalToken: input.approvalToken,
+        allowSecretOverride: input.allowSecretOverride
+      }
+    });
+  }
+  async listInbox(input) {
+    return this.request(`/inbox?workspaceId=${encodeURIComponent(input.workspaceId)}`, {
+      token: input.authToken
+    });
+  }
+  async viewPacket(input) {
+    return this.request(`/packets/${input.packetId}/view`, { token: input.authToken });
+  }
+  async getPacketForMember(input) {
+    return this.request(`/packets/${input.packetId}/status`, { token: input.authToken });
+  }
+  async acceptPacket(input) {
+    return this.request(`/packets/${input.packetId}/accept`, {
+      method: "POST",
+      token: input.authToken
+    });
+  }
+  async hydratePacket(input) {
+    return this.request(`/packets/${input.packetId}/hydrate`, {
+      method: "POST",
+      token: input.authToken,
+      body: {
+        client: input.client,
+        sessionId: input.sessionId,
+        approvalToken: input.approvalToken
+      }
+    });
+  }
+  async createReplyDraft(input) {
+    return this.request(`/packets/${input.packetId}/reply`, {
+      method: "POST",
+      token: input.authToken,
+      body: withoutAuthAndPacket(input)
+    });
+  }
+  async requestClarification(input) {
+    return this.request(`/packets/${input.packetId}/clarify`, {
+      method: "POST",
+      token: input.authToken,
+      body: {
+        question: input.question,
+        requestedEvidence: input.requestedEvidence
+      }
+    });
+  }
+  async approveReply(input) {
+    return this.approveAndSend({
+      authToken: input.authToken,
+      packetId: input.replyPacketId,
+      approvalToken: input.approvalToken
+    });
+  }
+  async declinePacket(input) {
+    return this.request(`/packets/${input.packetId}/decline`, {
+      method: "POST",
+      token: input.authToken,
+      body: { reason: input.reason }
+    });
+  }
+  async archivePacket(input) {
+    return this.request(`/packets/${input.packetId}/archive`, {
+      method: "POST",
+      token: input.authToken
+    });
+  }
+  async closePacket(input) {
+    return this.request(`/packets/${input.packetId}/close`, {
+      method: "POST",
+      token: input.authToken,
+      body: { resolution: input.resolution }
+    });
+  }
+  async searchPackets(input) {
+    const params = new URLSearchParams({ workspaceId: input.workspaceId });
+    if (input.query) params.set("q", input.query);
+    appendPacketQueryFilters(params, input);
+    return this.request(`/search?${params.toString()}`, { token: input.authToken });
+  }
+  async listHistory(input) {
+    const params = new URLSearchParams({ workspaceId: input.workspaceId });
+    if (input.filter) params.set("filter", input.filter);
+    if (input.query) params.set("q", input.query);
+    appendPacketQueryFilters(params, input);
+    return this.request(`/history?${params.toString()}`, { token: input.authToken });
+  }
+  async listAuditReceipts(input) {
+    const params = new URLSearchParams({ workspaceId: input.workspaceId });
+    if (input.packetId) params.set("packetId", input.packetId);
+    return this.request(`/audit?${params.toString()}`, { token: input.authToken });
+  }
+  async request(path, options = {}) {
+    let response;
+    try {
+      response = await fetch(`${this.serverUrl}${path}`, {
+        method: options.method ?? "GET",
+        headers: {
+          ...options.token ? { authorization: `Bearer ${options.token}` } : {},
+          ...options.body === void 0 ? {} : { "content-type": "application/json" },
+          ...options.headers ?? {}
+        },
+        body: options.body === void 0 ? void 0 : JSON.stringify(options.body)
+      });
+    } catch (error) {
+      throw new RelayError(
+        "SERVER_UNAVAILABLE",
+        `Relay coordination server is unavailable at ${this.serverUrl}.`,
+        503,
+        { cause: error instanceof Error ? error.message : String(error) }
+      );
+    }
+    const text = await response.text();
+    const payload = text ? JSON.parse(text) : void 0;
+    if (!response.ok) {
+      const error = payload?.error;
+      throw new RelayError(
+        error?.code ?? "INVALID_INPUT",
+        error?.message ?? `Relay API request failed with ${response.status}`,
+        response.status,
+        error?.details
+      );
+    }
+    return payload;
+  }
+};
+function withoutAuth(input) {
+  const { authToken: _authToken, ...body } = input;
+  return body;
+}
+function withoutAuthAndPacket(input) {
+  const { authToken: _authToken, packetId: _packetId, ...body } = input;
+  return body;
+}
+function appendPacketQueryFilters(params, input) {
+  if (input.project) params.set("project", input.project);
+  if (input.sender) params.set("sender", input.sender);
+  if (input.recipient) params.set("recipient", input.recipient);
+  if (input.status) params.set("status", input.status);
+  if (input.fileOrSymbol) params.set("fileOrSymbol", input.fileOrSymbol);
+  if (input.ticketOrPr) params.set("ticketOrPr", input.ticketOrPr);
+}
+
+// src/audit.ts
+import { createHash, randomUUID } from "crypto";
+function createAuditReceipt(input) {
+  const createdAt = (/* @__PURE__ */ new Date()).toISOString();
+  const material = JSON.stringify({
+    action: input.action,
+    actor_member_id: input.actorMemberId,
+    packet_id: input.packetId,
+    workspace_id: input.workspaceId,
+    created_at: createdAt,
+    metadata: input.metadata ?? {}
+  });
+  return {
+    receipt_id: `rcp_${randomUUID()}`,
+    action: input.action,
+    actor_member_id: input.actorMemberId,
+    packet_id: input.packetId,
+    workspace_id: input.workspaceId,
+    created_at: createdAt,
+    metadata: input.metadata ?? {},
+    receipt_hash: `sha256:${createHash("sha256").update(material).digest("hex")}`
+  };
+}
+
+// src/approval.ts
+import { createInterface } from "readline/promises";
+import { stdin as defaultInput, stderr as defaultOutput } from "process";
+async function confirmLocalApproval(input) {
+  if (process.env.AGENT_RELAY_ASSUME_HUMAN_APPROVAL === "1" && process.env.NODE_ENV === "test") {
+    return;
+  }
+  if (!defaultInput.isTTY || !defaultOutput.isTTY) {
+    throw new RelayError(
+      "FORBIDDEN",
+      "Approval token creation requires the local approval renderer on an interactive TTY.",
+      403
+    );
+  }
+  const phrase = `approve ${input.action} ${input.packetId}`;
+  defaultOutput.write(
+    `Handoff local approval required.
+Type exactly "${phrase}" to create a short-lived approval token: `
+  );
+  const readline = createInterface({ input: defaultInput, output: defaultOutput });
+  try {
+    const answer = await readline.question("");
+    if (answer.trim() !== phrase) {
+      throw new RelayError("FORBIDDEN", "Local approval confirmation did not match.", 403);
+    }
+  } finally {
+    readline.close();
+  }
+}
+
+// src/hydration.ts
+function isStale(packet) {
+  const now = Date.now();
+  return Boolean(
+    packet.expires_at && Date.parse(packet.expires_at) < now || packet.recheck_by && Date.parse(packet.recheck_by) < now || packet.claims.some((claim) => claim.needs_recheck)
+  );
+}
+function mainText(packet) {
+  if (packet.packet_type === "ask") return packet.question ?? "";
+  if (packet.packet_type === "share") return packet.finding ?? "";
+  if (packet.packet_type === "reply") return packet.answer ?? "";
+  return packet.question ?? "";
+}
+function formatHydrationContext(packet, input) {
+  const maxCharacters = input.maxCharacters ?? packet.hydration_policy.max_characters;
+  const claims = packet.claims.map(
+    (claim) => `- [${claim.confidence}/${claim.status}] ${claim.text}${claim.needs_recheck ? " (needs recheck)" : ""}`
+  ).join("\n");
+  const evidence = packet.evidence.map(
+    (item) => `- ${item.label} (${item.kind}, ${item.sensitivity}, ${item.source}, ${item.hash})
+  ${item.excerpt}`
+  ).join("\n");
+  const staleWarning = isStale(packet) ? "\nSTALE OR RECHECK REQUIRED: verify dates, claims, and evidence before relying on this packet.\n" : "";
+  const context = `
+Handoff Hydration Packet
+============================
+${staleWarning}
+Title: ${packet.title}
+Type: ${packet.packet_type}
+Status at hydration: ${packet.status}
+
+Main content:
+${mainText(packet)}
+
+Summary:
+${packet.summary}
+
+Claims:
+${claims || "- No explicit claims supplied."}
+
+Evidence:
+${evidence || "- No evidence supplied."}
+
+What was tried:
+${packet.what_was_tried.map((item) => `- ${item}`).join("\n") || "- Not supplied."}
+
+Known failures:
+${packet.known_failures.map((item) => `- ${item}`).join("\n") || "- Not supplied."}
+
+Current hypothesis:
+${packet.current_hypothesis || "Not supplied."}
+
+Suggested next steps:
+${packet.suggested_next_steps.map((item) => `- ${item}`).join("\n") || "- Not supplied."}
+
+Provenance:
+- packet_id: ${packet.packet_id}
+- workspace_id: ${packet.workspace_id}
+- sender_member_id: ${packet.sender_member_id}
+- recipient_member_ids: ${packet.recipient_member_ids.join(", ")}
+- source_client: ${packet.source_client}
+- project: ${packet.project.repo_name}${packet.project.branch ? ` on ${packet.project.branch}` : ""}
+- created_at: ${packet.created_at}
+- recheck_by: ${packet.recheck_by ?? "not set"}
+- expires_at: ${packet.expires_at ?? "not set"}
+`.trim();
+  const bounded = context.length > maxCharacters ? `${context.slice(0, Math.max(0, maxCharacters - 120))}
+[truncated by Handoff hydration budget]` : context;
+  return {
+    context: bounded,
+    receipt: createAuditReceipt({
+      action: "hydrate",
+      actorMemberId: input.hydratedBy,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: {
+        client: input.client,
+        session_id: input.sessionId,
+        packet_type: packet.packet_type
+      }
+    })
+  };
+}
+
+// src/identity.ts
+import { createHash as createHash2, randomBytes, randomUUID as randomUUID2 } from "crypto";
+function createId(prefix) {
+  return `${prefix}_${randomUUID2()}`;
+}
+function createToken(prefix = "relay") {
+  return `${prefix}_${randomBytes(24).toString("base64url")}`;
+}
+function hashToken(token) {
+  return createHash2("sha256").update(token).digest("hex");
+}
+function normalizeHandle(handle) {
+  const trimmed = handle.trim().replace(/^@/, "").toLowerCase();
+  if (!/^[a-z][a-z0-9_-]{1,31}$/.test(trimmed)) {
+    throw new Error("Handle must start with a letter and contain only letters, numbers, _, or -");
+  }
+  return trimmed;
+}
+
+// src/notifications.ts
+import { spawn } from "child_process";
+import { platform as currentPlatform } from "os";
+function formatNotification(summary) {
+  const sender = summary.sender_handle.startsWith("@") ? summary.sender_handle : `@${summary.sender_handle}`;
+  const action = summary.packet_type === "ask" ? "is asking for help" : summary.packet_type === "share" ? "shared context" : summary.packet_type === "reply" ? "replied" : "requested clarification";
+  return `${sender} ${action} on ${summary.title} in ${summary.project}. Review packet?`;
+}
+function createNotificationDispatcher(input = {}) {
+  return async (message, summary) => {
+    input.writeTerminal?.(message, summary);
+    const deliveries = [];
+    if (input.desktop) {
+      deliveries.push(
+        sendDesktopNotification(summary, input).catch((error) => {
+          input.onError?.(toError(error), "desktop");
+        })
+      );
+    }
+    if (input.webhookUrl) {
+      deliveries.push(
+        sendWebhookNotification(summary, input).catch((error) => {
+          input.onError?.(toError(error), "webhook");
+        })
+      );
+    }
+    await Promise.all(deliveries);
+  };
+}
+async function sendDesktopNotification(summary, input = {}) {
+  const platform = input.platform ?? currentPlatform();
+  const run = input.runNativeNotification ?? defaultRunNativeNotification;
+  const title = `Handoff: ${summary.packet_type}`;
+  const subtitle = `${senderLabel(summary)} in ${sanitizeNotificationText(summary.project)}`;
+  const body = `${sanitizeNotificationText(summary.title)}. ${sanitizeNotificationText(summary.summary)} Open/review in Relay.`;
+  if (platform === "darwin") {
+    await run("osascript", [
+      "-e",
+      `display notification ${appleScriptString(body)} with title ${appleScriptString(title)} subtitle ${appleScriptString(subtitle)}`
+    ]);
+    return;
+  }
+  if (platform === "linux") {
+    await run("notify-send", [title, `${subtitle}
+${body}`]);
+    return;
+  }
+  if (platform === "win32") {
+    await run("powershell.exe", [
+      "-NoProfile",
+      "-ExecutionPolicy",
+      "Bypass",
+      "-Command",
+      windowsBalloonScript(title, body)
+    ]);
+    return;
+  }
+  throw new Error(`Desktop notifications are not supported on ${platform}.`);
+}
+async function sendWebhookNotification(summary, input) {
+  if (!input.webhookUrl) return;
+  const fetcher = input.fetchImpl ?? fetch;
+  const response = await fetcher(input.webhookUrl, {
+    method: "POST",
+    headers: {
+      "content-type": "application/json",
+      ...input.webhookHeaders ?? {}
+    },
+    body: JSON.stringify(toWebhookPayload(summary))
+  });
+  if (!response.ok) {
+    throw new Error(`Webhook notification failed with HTTP ${response.status}.`);
+  }
+}
+function createPollingWatcher(input) {
+  const seen = /* @__PURE__ */ new Set();
+  let timer;
+  const tick = async () => {
+    const summaries = await input.poll();
+    for (const summary of summaries) {
+      if (seen.has(summary.packet_id)) continue;
+      seen.add(summary.packet_id);
+      await input.notify(formatNotification(summary), summary);
+    }
+  };
+  return {
+    start() {
+      if (timer) return;
+      timer = setInterval(() => {
+        void tick();
+      }, input.intervalMs ?? 5e3);
+    },
+    stop() {
+      if (timer) {
+        clearInterval(timer);
+        timer = void 0;
+      }
+    },
+    tick
+  };
+}
+function toWebhookPayload(summary) {
+  return {
+    event: "relay.notification",
+    packet_id: summary.packet_id,
+    packet_type: summary.packet_type,
+    sender: senderLabel(summary),
+    sender_handle: summary.sender_handle,
+    title: sanitizeNotificationText(summary.title),
+    project: sanitizeNotificationText(summary.project),
+    summary: sanitizeNotificationText(summary.summary),
+    action: "open/review"
+  };
+}
+function senderLabel(summary) {
+  return summary.sender_handle.startsWith("@") ? summary.sender_handle : `@${summary.sender_handle}`;
+}
+function sanitizeNotificationText(value) {
+  return value.replace(
+    /\b(?:sk-[A-Za-z0-9_-]{10,}|ghp_[A-Za-z0-9_]{20,}|xox[baprs]-[A-Za-z0-9-]{10,})\b/g,
+    "[redacted]"
+  ).replace(/\b(?:api[_-]?key|access[_-]?token|secret|password)\s*=\s*[^\s"'`]+/gi, "[redacted]").replace(/([a-z][a-z0-9+.-]*:\/\/)[^/\s:@]+:[^@\s/]+@/gi, "$1[redacted]@").slice(0, 500);
+}
+function appleScriptString(value) {
+  return `"${value.replace(/\\/g, "\\\\").replace(/"/g, '\\"')}"`;
+}
+function windowsBalloonScript(title, body) {
+  const encodedTitle = Buffer.from(title, "utf8").toString("base64");
+  const encodedBody = Buffer.from(body, "utf8").toString("base64");
+  return `
+    Add-Type -AssemblyName System.Windows.Forms;
+    Add-Type -AssemblyName System.Drawing;
+    $title = [System.Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('${encodedTitle}'));
+    $body = [System.Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('${encodedBody}'));
+    $notify = New-Object System.Windows.Forms.NotifyIcon;
+    $notify.Icon = [System.Drawing.SystemIcons]::Information;
+    $notify.BalloonTipTitle = $title;
+    $notify.BalloonTipText = $body;
+    $notify.Visible = $true;
+    $notify.ShowBalloonTip(5000);
+    Start-Sleep -Seconds 6;
+    $notify.Dispose();
+  `;
+}
+function defaultRunNativeNotification(command, args) {
+  return new Promise((resolve, reject) => {
+    const child = spawn(command, args, { stdio: "ignore", windowsHide: true });
+    child.on("error", reject);
+    child.on("exit", (code) => {
+      if (code === 0) {
+        resolve();
+        return;
+      }
+      reject(new Error(`${command} exited with ${code ?? "unknown status"}.`));
+    });
+  });
+}
+function toError(error) {
+  return error instanceof Error ? error : new Error(String(error));
+}
+
+// src/protocol/schema.ts
+import { createHash as createHash3, randomUUID as randomUUID3 } from "crypto";
+import { z } from "zod";
+var packetStatuses = [
+  "draft",
+  "pending_sender_approval",
+  "sent",
+  "delivered",
+  "viewed",
+  "accepted",
+  "clarification_requested",
+  "response_drafting",
+  "pending_recipient_approval",
+  "replied",
+  "hydrated",
+  "archived",
+  "declined",
+  "expired",
+  "superseded",
+  "closed_resolved",
+  "closed_unresolved"
+];
+var packetTypes = ["ask", "share", "reply", "clarification"];
+var confidenceLevels = ["low", "medium", "high"];
+var auditReceiptSchema = z.object({
+  receipt_id: z.string().min(1),
+  action: z.string().min(1),
+  actor_member_id: z.string().min(1),
+  packet_id: z.string().min(1).optional(),
+  workspace_id: z.string().min(1),
+  created_at: z.string().datetime(),
+  metadata: z.record(z.string(), z.unknown()).default({}),
+  receipt_hash: z.string().min(1).optional()
+});
+var projectIdentitySchema = z.object({
+  repo_name: z.string().min(1),
+  git_remote_fingerprint: z.string().min(1).optional(),
+  branch: z.string().min(1).optional(),
+  commit_hash: z.string().min(1).optional()
+}).strict();
+var claimSchema = z.object({
+  claim_id: z.string().min(1),
+  text: z.string().min(1),
+  confidence: z.enum(confidenceLevels),
+  status: z.enum(["observed", "inferred", "suspected", "disproven", "superseded"]),
+  evidence_ids: z.array(z.string()).default([]),
+  needs_recheck: z.boolean().default(false)
+}).strict();
+var evidenceSchema = z.object({
+  evidence_id: z.string().min(1),
+  kind: z.enum([
+    "file_excerpt",
+    "command_output",
+    "test_failure",
+    "error_message",
+    "log_excerpt",
+    "diff_summary",
+    "ticket_link",
+    "pr_link",
+    "human_note"
+  ]),
+  label: z.string().min(1),
+  source: z.string().min(1),
+  excerpt: z.string().default(""),
+  hash: z.string().min(1),
+  captured_at: z.string().datetime(),
+  sensitivity: z.enum(["normal", "private", "secret_detected", "restricted"]).default("normal")
+}).strict();
+var redactionFindingSchema = z.object({
+  kind: z.enum([
+    "api_key",
+    "private_key",
+    "credential_url",
+    "env_secret",
+    "local_path",
+    "oversized_excerpt",
+    "user_pattern"
+  ]),
+  field: z.string().min(1),
+  evidence_id: z.string().optional(),
+  severity: z.enum(["warning", "block"]),
+  message: z.string().min(1),
+  preview: z.string().optional()
+}).strict();
+var redactionReportSchema = z.object({
+  blocked: z.boolean(),
+  findings: z.array(redactionFindingSchema).default([]),
+  warnings: z.array(redactionFindingSchema).default([])
+}).strict();
+var hydrationPolicySchema = z.object({
+  requires_recipient_approval: z.boolean().default(true),
+  requires_sender_approval_for_replies: z.boolean().default(true),
+  allow_raw_transcript: z.boolean().default(false),
+  max_characters: z.number().int().positive().default(8e3)
+}).strict();
+var packetSchema = z.object({
+  packet_id: z.string().min(1),
+  packet_type: z.enum(packetTypes),
+  workspace_id: z.string().min(1),
+  sender_member_id: z.string().min(1),
+  recipient_member_ids: z.array(z.string().min(1)).min(1),
+  parent_packet_id: z.string().min(1).optional(),
+  created_at: z.string().datetime(),
+  updated_at: z.string().datetime(),
+  expires_at: z.string().datetime().optional(),
+  recheck_by: z.string().datetime().optional(),
+  status: z.enum(packetStatuses),
+  project: projectIdentitySchema,
+  source_client: z.enum(["claude-code", "codex", "cursor", "generic", "other"]),
+  title: z.string().min(1).max(200),
+  summary: z.string().min(1).max(5e3),
+  question: z.string().optional(),
+  finding: z.string().optional(),
+  answer: z.string().optional(),
+  claims: z.array(claimSchema).default([]),
+  evidence: z.array(evidenceSchema).default([]),
+  files_or_symbols: z.array(z.string()).default([]),
+  commands_or_tests_run: z.array(z.string()).default([]),
+  what_was_tried: z.array(z.string()).default([]),
+  known_failures: z.array(z.string()).default([]),
+  current_hypothesis: z.string().default(""),
+  confidence: z.enum(confidenceLevels).default("medium"),
+  suggested_next_steps: z.array(z.string()).default([]),
+  redaction_report: redactionReportSchema,
+  hydration_policy: hydrationPolicySchema,
+  audit_receipt: auditReceiptSchema
+}).strict().superRefine((packet, ctx) => {
+  if (packet.packet_type === "ask" && !packet.question?.trim()) {
+    ctx.addIssue({
+      code: "custom",
+      path: ["question"],
+      message: "Ask packets require a main question."
+    });
+  }
+  if (packet.packet_type === "share" && !packet.finding?.trim()) {
+    ctx.addIssue({
+      code: "custom",
+      path: ["finding"],
+      message: "Share packets require a finding."
+    });
+  }
+  if (packet.packet_type === "reply" && !packet.answer?.trim()) {
+    ctx.addIssue({
+      code: "custom",
+      path: ["answer"],
+      message: "Reply packets require an answer."
+    });
+  }
+  if (packet.packet_type === "clarification" && !packet.question?.trim()) {
+    ctx.addIssue({
+      code: "custom",
+      path: ["question"],
+      message: "Clarification packets require a question."
+    });
+  }
+  if (packet.packet_type !== "clarification" && !packet.expires_at && !packet.recheck_by) {
+    ctx.addIssue({
+      code: "custom",
+      path: ["expires_at"],
+      message: "Packets require expires_at or recheck_by."
+    });
+  }
+});
+var defaultContextBudget = {
+  summaryCharacters: 1200,
+  mainTextCharacters: 1200,
+  maxClaims: 10,
+  maxEvidence: 8,
+  maxExcerptCharacters: 2e3,
+  maxHydrationCharacters: 32e3
+};
+function hashExcerpt(excerpt) {
+  return `sha256:${createHash3("sha256").update(excerpt).digest("hex")}`;
+}
+function defaultExpiry() {
+  return new Date(Date.now() + 24 * 60 * 60 * 1e3).toISOString();
+}
+function normalizeEvidence(evidence, index) {
+  const excerpt = evidence.excerpt ?? "";
+  return evidenceSchema.parse({
+    evidence_id: evidence.evidence_id ?? `ev_${randomUUID3()}`,
+    kind: evidence.kind ?? "human_note",
+    label: evidence.label ?? `Evidence ${index + 1}`,
+    source: evidence.source ?? "handoff",
+    excerpt,
+    hash: evidence.hash ?? hashExcerpt(excerpt),
+    captured_at: evidence.captured_at ?? (/* @__PURE__ */ new Date()).toISOString(),
+    sensitivity: evidence.sensitivity ?? "normal"
+  });
+}
+function normalizeClaim(claim, index) {
+  return claimSchema.parse({
+    claim_id: claim.claim_id ?? `clm_${randomUUID3()}`,
+    text: claim.text ?? `Claim ${index + 1}`,
+    confidence: claim.confidence ?? "medium",
+    status: claim.status ?? "inferred",
+    evidence_ids: claim.evidence_ids ?? [],
+    needs_recheck: claim.needs_recheck ?? false
+  });
+}
+function buildPacketDraft(input) {
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const packetId = `pkt_${randomUUID3()}`;
+  const receipt = createAuditReceipt({
+    action: "draft",
+    actorMemberId: input.sender_member_id,
+    packetId,
+    workspaceId: input.workspace_id,
+    metadata: {
+      source_client: input.source_client,
+      packet_type: input.packet_type
+    }
+  });
+  const packet = {
+    packet_id: packetId,
+    packet_type: input.packet_type,
+    workspace_id: input.workspace_id,
+    sender_member_id: input.sender_member_id,
+    recipient_member_ids: input.recipient_member_ids,
+    parent_packet_id: input.parent_packet_id,
+    created_at: now,
+    updated_at: now,
+    expires_at: input.expires_at ?? defaultExpiry(),
+    recheck_by: input.recheck_by,
+    status: input.status ?? "pending_sender_approval",
+    project: {
+      repo_name: input.project?.repo_name ?? "unknown-project",
+      git_remote_fingerprint: input.project?.git_remote_fingerprint,
+      branch: input.project?.branch,
+      commit_hash: input.project?.commit_hash
+    },
+    source_client: input.source_client,
+    title: input.title,
+    summary: input.summary,
+    question: input.question,
+    finding: input.finding,
+    answer: input.answer,
+    claims: input.claims?.map(normalizeClaim) ?? [],
+    evidence: input.evidence?.map(normalizeEvidence) ?? [],
+    files_or_symbols: input.files_or_symbols ?? [],
+    commands_or_tests_run: input.commands_or_tests_run ?? [],
+    what_was_tried: input.what_was_tried ?? [],
+    known_failures: input.known_failures ?? [],
+    current_hypothesis: input.current_hypothesis ?? "",
+    confidence: input.confidence ?? "medium",
+    suggested_next_steps: input.suggested_next_steps ?? [],
+    redaction_report: input.redaction_report ?? {
+      blocked: false,
+      findings: [],
+      warnings: []
+    },
+    hydration_policy: {
+      requires_recipient_approval: input.hydration_policy?.requires_recipient_approval ?? true,
+      requires_sender_approval_for_replies: input.hydration_policy?.requires_sender_approval_for_replies ?? true,
+      allow_raw_transcript: input.hydration_policy?.allow_raw_transcript ?? false,
+      max_characters: input.hydration_policy?.max_characters ?? 8e3
+    },
+    audit_receipt: receipt
+  };
+  return packetSchema.parse(packet);
+}
+function validateContextBudget(packet, limits = {}) {
+  const budget = { ...defaultContextBudget, ...limits };
+  const violations = [];
+  const mainText2 = packet.question ?? packet.finding ?? packet.answer ?? "";
+  const hydrationCharacters = packet.summary.length + mainText2.length + packet.claims.reduce((total, claim) => total + claim.text.length, 0) + packet.evidence.reduce((total, evidence) => total + evidence.excerpt.length, 0);
+  if (packet.summary.length > budget.summaryCharacters) {
+    violations.push(`summary exceeds ${budget.summaryCharacters} characters`);
+  }
+  if (mainText2.length > budget.mainTextCharacters) {
+    violations.push(`main packet text exceeds ${budget.mainTextCharacters} characters`);
+  }
+  if (packet.claims.length > budget.maxClaims) {
+    violations.push(`claims exceed ${budget.maxClaims} max`);
+  }
+  if (packet.evidence.length > budget.maxEvidence) {
+    violations.push(`evidence exceeds ${budget.maxEvidence} max`);
+  }
+  for (const evidence of packet.evidence) {
+    if (evidence.excerpt.length > budget.maxExcerptCharacters) {
+      violations.push(
+        `evidence excerpt ${evidence.evidence_id} exceeds ${budget.maxExcerptCharacters} characters`
+      );
+    }
+  }
+  if (hydrationCharacters > budget.maxHydrationCharacters) {
+    violations.push(`hydration payload exceeds ${budget.maxHydrationCharacters} characters`);
+  }
+  return { ok: violations.length === 0, violations };
+}
+function compressPacketToBudget(packet, limits = {}) {
+  const budget = { ...defaultContextBudget, ...limits };
+  const clippedEvidence = packet.evidence.slice(0, budget.maxEvidence).map((evidence) => {
+    if (evidence.excerpt.length <= budget.maxExcerptCharacters) {
+      return evidence;
+    }
+    return {
+      ...evidence,
+      excerpt: `${evidence.excerpt.slice(0, budget.maxExcerptCharacters - 80)}
+[truncated by Handoff; hash preserved: ${evidence.hash}]`
+    };
+  });
+  return packetSchema.parse({
+    ...packet,
+    summary: packet.summary.slice(0, budget.summaryCharacters),
+    question: packet.question?.slice(0, budget.mainTextCharacters),
+    finding: packet.finding?.slice(0, budget.mainTextCharacters),
+    answer: packet.answer?.slice(0, budget.mainTextCharacters),
+    claims: packet.claims.slice(0, budget.maxClaims),
+    evidence: clippedEvidence,
+    updated_at: (/* @__PURE__ */ new Date()).toISOString()
+  });
+}
+
+// src/protocol/state-machine.ts
+var transitionRules = {
+  draft: [
+    { to: "pending_sender_approval", roles: ["sender"] },
+    { to: "archived", roles: ["sender", "admin"] }
+  ],
+  pending_sender_approval: [
+    { to: "sent", roles: ["sender"] },
+    { to: "replied", roles: ["recipient"], packetTypes: ["reply"] },
+    { to: "archived", roles: ["sender", "admin", "recipient"] }
+  ],
+  sent: [
+    { to: "delivered", roles: ["system"] },
+    { to: "expired", roles: ["system"] },
+    { to: "superseded", roles: ["sender", "admin"] }
+  ],
+  delivered: [
+    { to: "viewed", roles: ["recipient"] },
+    { to: "declined", roles: ["recipient"] },
+    { to: "archived", roles: ["recipient"] },
+    { to: "expired", roles: ["system"] }
+  ],
+  viewed: [
+    { to: "accepted", roles: ["recipient"] },
+    { to: "clarification_requested", roles: ["recipient"] },
+    { to: "declined", roles: ["recipient"] },
+    { to: "archived", roles: ["recipient"] },
+    { to: "hydrated", roles: ["recipient"], packetTypes: ["reply"] }
+  ],
+  accepted: [
+    { to: "hydrated", roles: ["recipient"] },
+    { to: "response_drafting", roles: ["recipient"], packetTypes: ["ask"] },
+    { to: "archived", roles: ["recipient", "sender"] }
+  ],
+  clarification_requested: [
+    { to: "pending_sender_approval", roles: ["sender"] },
+    { to: "declined", roles: ["recipient"] },
+    { to: "archived", roles: ["recipient", "sender"] }
+  ],
+  response_drafting: [
+    { to: "pending_recipient_approval", roles: ["recipient"] },
+    { to: "archived", roles: ["recipient"] }
+  ],
+  pending_recipient_approval: [
+    { to: "replied", roles: ["recipient"] },
+    { to: "archived", roles: ["recipient"] }
+  ],
+  replied: [
+    { to: "viewed", roles: ["recipient"], packetTypes: ["reply"] },
+    { to: "closed_resolved", roles: ["sender"] },
+    { to: "closed_unresolved", roles: ["sender"] },
+    { to: "archived", roles: ["recipient", "sender"] }
+  ],
+  hydrated: [
+    { to: "response_drafting", roles: ["recipient"], packetTypes: ["ask"] },
+    { to: "archived", roles: ["recipient", "sender"] },
+    { to: "closed_resolved", roles: ["sender"] },
+    { to: "closed_unresolved", roles: ["sender"] }
+  ],
+  archived: [],
+  declined: [{ to: "archived", roles: ["recipient", "sender"] }],
+  expired: [{ to: "archived", roles: ["recipient", "sender", "admin"] }],
+  superseded: [{ to: "archived", roles: ["recipient", "sender", "admin"] }],
+  closed_resolved: [{ to: "archived", roles: ["sender", "recipient"] }],
+  closed_unresolved: [{ to: "archived", roles: ["sender", "recipient"] }]
+};
+function assertTransition(input) {
+  const rules = transitionRules[input.from] ?? [];
+  const rule = rules.find(
+    (candidate) => candidate.to === input.to && candidate.roles.includes(input.actorRole) && (!candidate.packetTypes || !input.packetType || candidate.packetTypes.includes(input.packetType))
+  );
+  if (!rule) {
+    const allowed = rules.map((candidate) => `${candidate.to} by ${candidate.roles.join("/")}`).join(", ");
+    throw relayError(
+      "INVALID_STATE_TRANSITION",
+      `Invalid state transition from ${input.from} to ${input.to} by ${input.actorRole}. Allowed: ${allowed || "none"}`,
+      409
+    );
+  }
+}
+function transitionStatus(from, to, actorRole, packetType) {
+  assertTransition({ from, to, actorRole, packetType });
+  return to;
+}
+function allowedTransitions(from, actorRole, packetType) {
+  return (transitionRules[from] ?? []).filter(
+    (rule) => rule.roles.includes(actorRole) && (!rule.packetTypes || !packetType || rule.packetTypes.includes(packetType))
+  ).map((rule) => rule.to);
+}
+
+// src/redaction.ts
+var apiKeyPattern = /\b(?:sk-[A-Za-z0-9_-]{10,}|ghp_[A-Za-z0-9_]{20,}|xox[baprs]-[A-Za-z0-9-]{10,}|(?:api[_-]?key|access[_-]?token|secret|password)\s*=\s*[^\s"'`]+)\b/i;
+var privateKeyPattern = /-----BEGIN (?:[A-Z]+ )?PRIVATE KEY-----/;
+var credentialUrlPattern = /\b[a-z][a-z0-9+.-]*:\/\/[^/\s:@]+:[^@\s]+@/i;
+var envSecretPattern = /(^|\n)\s*(?:[A-Z0-9_]*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)[A-Z0-9_]*)\s*=\s*[^\s]+/i;
+var localPathPattern = /(?:^|\s)(\/Users\/[^\s"'`]+|\/home\/[^\s"'`]+|[A-Za-z]:\\Users\\[^\s"'`]+)/;
+function preview(value) {
+  return value.replace(/\s+/g, " ").slice(0, 80);
+}
+function scanText(text, field, evidenceId, options) {
+  const findings = [];
+  const warnings = [];
+  const addBlock = (kind, message) => {
+    findings.push({
+      kind,
+      field,
+      evidence_id: evidenceId,
+      severity: "block",
+      message,
+      preview: preview(text)
+    });
+  };
+  const addWarning = (kind, message) => {
+    warnings.push({
+      kind,
+      field,
+      evidence_id: evidenceId,
+      severity: "warning",
+      message,
+      preview: preview(text)
+    });
+  };
+  if (apiKeyPattern.test(text)) {
+    addBlock("api_key", "Secret-looking API key or token detected.");
+  }
+  if (privateKeyPattern.test(text)) {
+    addBlock("private_key", "Private key material detected.");
+  }
+  if (credentialUrlPattern.test(text)) {
+    addBlock("credential_url", "Credential-bearing URL detected.");
+  }
+  if (envSecretPattern.test(text)) {
+    addBlock("env_secret", ".env-like secret content detected.");
+  }
+  if (localPathPattern.test(text)) {
+    addWarning("local_path", "Local absolute path detected; review before sending.");
+  }
+  if (text.length > options.maxExcerptCharacters) {
+    addWarning(
+      "oversized_excerpt",
+      `Evidence excerpt exceeds ${options.maxExcerptCharacters} characters and should be compressed.`
+    );
+  }
+  for (const pattern of options.userPatterns ?? []) {
+    if (pattern.test(text)) {
+      addBlock("user_pattern", "User-defined restricted pattern detected.");
+    }
+  }
+  return { findings, warnings };
+}
+function scanPacketForRedactions(packet, options = {}) {
+  const mergedOptions = {
+    maxExcerptCharacters: options.maxExcerptCharacters ?? 2e3,
+    userPatterns: options.userPatterns
+  };
+  const findings = [];
+  const warnings = [];
+  const textFields = collectRedactionTextFields(packet);
+  for (const [field, value] of textFields) {
+    if (!value) continue;
+    const result = scanText(value, field, void 0, mergedOptions);
+    findings.push(...result.findings);
+    warnings.push(...result.warnings);
+  }
+  for (const [index, evidence] of packet.evidence.entries()) {
+    if (evidence.sensitivity === "secret_detected" || evidence.sensitivity === "restricted") {
+      findings.push({
+        kind: "user_pattern",
+        field: `evidence.${index}.sensitivity`,
+        evidence_id: evidence.evidence_id,
+        severity: "block",
+        message: `Evidence sensitivity ${evidence.sensitivity} cannot be sent without override.`
+      });
+    }
+  }
+  return {
+    blocked: findings.some((finding) => finding.severity === "block"),
+    findings,
+    warnings
+  };
+}
+function collectRedactionTextFields(packet) {
+  const fields = [
+    ["title", packet.title],
+    ["summary", packet.summary],
+    ["current_hypothesis", packet.current_hypothesis],
+    ...optionalField("question", packet.question),
+    ...optionalField("finding", packet.finding),
+    ...optionalField("answer", packet.answer)
+  ];
+  for (const [index, claim] of packet.claims.entries()) {
+    fields.push([`claims.${index}.text`, claim.text]);
+  }
+  pushArrayFields(fields, "files_or_symbols", packet.files_or_symbols);
+  pushArrayFields(fields, "commands_or_tests_run", packet.commands_or_tests_run);
+  pushArrayFields(fields, "what_was_tried", packet.what_was_tried);
+  pushArrayFields(fields, "known_failures", packet.known_failures);
+  pushArrayFields(fields, "suggested_next_steps", packet.suggested_next_steps);
+  for (const [index, evidence] of packet.evidence.entries()) {
+    fields.push([`evidence.${index}.label`, evidence.label]);
+    fields.push([`evidence.${index}.source`, evidence.source]);
+    fields.push([`evidence.${index}.excerpt`, evidence.excerpt]);
+  }
+  return fields;
+}
+function optionalField(field, value) {
+  return value ? [[field, value]] : [];
+}
+function pushArrayFields(fields, prefix, values) {
+  for (const [index, value] of values.entries()) {
+    fields.push([`${prefix}.${index}`, value]);
+  }
+}
+
+// src/service/relay-service.ts
+function rowToMember(row, token, approvalSecret) {
+  return {
+    id: row.id,
+    workspace_id: row.workspace_id,
+    handle: row.handle,
+    display_name: row.display_name,
+    role: row.role,
+    status: row.status,
+    token,
+    approval_secret: approvalSecret,
+    created_at: row.created_at,
+    revoked_at: row.revoked_at ?? void 0
+  };
+}
+function rowToWorkspace(row) {
+  return {
+    id: row.id,
+    name: row.name,
+    admin_body_access: Boolean(row.admin_body_access),
+    created_at: row.created_at
+  };
+}
+function rowToInvite(row) {
+  return {
+    id: row.id,
+    workspace_id: row.workspace_id,
+    handle: row.handle,
+    token: row.token,
+    created_by_member_id: row.created_by_member_id,
+    expires_at: row.expires_at,
+    accepted_at: row.accepted_at ?? void 0,
+    created_at: row.created_at
+  };
+}
+function rowToProjectAlias(row) {
+  return {
+    id: row.id,
+    workspace_id: row.workspace_id,
+    canonical_project: row.canonical_project,
+    alias: row.alias,
+    created_by_member_id: row.created_by_member_id,
+    created_at: row.created_at
+  };
+}
+function normalizeProjectName(value) {
+  const normalized = value.trim().toLowerCase();
+  if (!normalized) {
+    throw relayError("INVALID_INPUT", "Project alias values cannot be empty.", 400);
+  }
+  return normalized;
+}
+function parseJson(value) {
+  return JSON.parse(value);
+}
+function rowToPacket(row) {
+  return packetSchema.parse({
+    packet_id: row.id,
+    packet_type: row.packet_type,
+    workspace_id: row.workspace_id,
+    sender_member_id: row.sender_member_id,
+    recipient_member_ids: parseJson(row.recipient_member_ids),
+    parent_packet_id: row.parent_packet_id ?? void 0,
+    created_at: row.created_at,
+    updated_at: row.updated_at,
+    expires_at: row.expires_at ?? void 0,
+    recheck_by: row.recheck_by ?? void 0,
+    status: row.status,
+    project: parseJson(row.project),
+    source_client: row.source_client,
+    title: row.title,
+    summary: row.summary,
+    question: row.question ?? void 0,
+    finding: row.finding ?? void 0,
+    answer: row.answer ?? void 0,
+    claims: parseJson(row.claims),
+    evidence: parseJson(row.evidence),
+    files_or_symbols: parseJson(row.files_or_symbols),
+    commands_or_tests_run: parseJson(row.commands_or_tests_run),
+    what_was_tried: parseJson(row.what_was_tried),
+    known_failures: parseJson(row.known_failures),
+    current_hypothesis: row.current_hypothesis,
+    confidence: row.confidence,
+    suggested_next_steps: parseJson(row.suggested_next_steps),
+    redaction_report: parseJson(row.redaction_report),
+    hydration_policy: parseJson(row.hydration_policy),
+    audit_receipt: parseJson(row.audit_receipt)
+  });
+}
+function packetParams(packet) {
+  return {
+    id: packet.packet_id,
+    workspace_id: packet.workspace_id,
+    packet_type: packet.packet_type,
+    sender_member_id: packet.sender_member_id,
+    recipient_member_ids: JSON.stringify(packet.recipient_member_ids),
+    parent_packet_id: packet.parent_packet_id ?? null,
+    status: packet.status,
+    title: packet.title,
+    summary: packet.summary,
+    question: packet.question ?? null,
+    finding: packet.finding ?? null,
+    answer: packet.answer ?? null,
+    project: JSON.stringify(packet.project),
+    source_client: packet.source_client,
+    claims: JSON.stringify(packet.claims),
+    evidence: JSON.stringify(packet.evidence),
+    files_or_symbols: JSON.stringify(packet.files_or_symbols),
+    commands_or_tests_run: JSON.stringify(packet.commands_or_tests_run),
+    what_was_tried: JSON.stringify(packet.what_was_tried),
+    known_failures: JSON.stringify(packet.known_failures),
+    current_hypothesis: packet.current_hypothesis,
+    confidence: packet.confidence,
+    suggested_next_steps: JSON.stringify(packet.suggested_next_steps),
+    redaction_report: JSON.stringify(packet.redaction_report),
+    hydration_policy: JSON.stringify(packet.hydration_policy),
+    audit_receipt: JSON.stringify(packet.audit_receipt),
+    expires_at: packet.expires_at ?? null,
+    recheck_by: packet.recheck_by ?? null,
+    created_at: packet.created_at,
+    updated_at: packet.updated_at
+  };
+}
+var RelayService = class {
+  constructor(db) {
+    this.db = db;
+  }
+  db;
+  close() {
+    this.db.close();
+  }
+  createWorkspace(input) {
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const workspace = {
+      id: createId("wrk"),
+      name: input.name,
+      admin_body_access: input.adminBodyAccess ?? false,
+      created_at: now
+    };
+    const token = createToken("relay_member");
+    const approvalSecret = createToken("relay_approval_secret");
+    const admin = {
+      id: createId("mem"),
+      workspace_id: workspace.id,
+      handle: normalizeHandle(input.adminHandle),
+      display_name: input.adminName,
+      role: "admin",
+      status: "active",
+      token,
+      approval_secret: approvalSecret,
+      created_at: now
+    };
+    const transaction = this.db.transaction(() => {
+      this.db.prepare(
+        "INSERT INTO workspaces (id, name, admin_body_access, created_at) VALUES (?, ?, ?, ?)"
+      ).run(
+        workspace.id,
+        workspace.name,
+        workspace.admin_body_access ? 1 : 0,
+        workspace.created_at
+      );
+      this.db.prepare(
+        `INSERT INTO members
+          (id, workspace_id, handle, display_name, role, status, token_hash, approval_secret_hash, created_at)
+          VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`
+      ).run(
+        admin.id,
+        admin.workspace_id,
+        admin.handle,
+        admin.display_name,
+        admin.role,
+        admin.status,
+        hashToken(token),
+        hashToken(approvalSecret),
+        admin.created_at
+      );
+    });
+    transaction();
+    return { workspace, admin };
+  }
+  inviteMember(input) {
+    const admin = this.requireAdmin(input.adminToken, input.workspaceId);
+    const handle = normalizeHandle(input.handle);
+    const existing = this.findMemberByHandle(input.workspaceId, handle, true);
+    if (existing?.status === "revoked") {
+      throw relayError("INVALID_RECIPIENT", `Recipient @${handle} is revoked.`, 403);
+    }
+    if (existing) {
+      throw relayError("INVALID_INPUT", `Member @${handle} already exists in this workspace.`, 409);
+    }
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const invite = {
+      id: createId("inv"),
+      workspace_id: input.workspaceId,
+      handle,
+      token: createToken("relay_invite"),
+      created_by_member_id: admin.id,
+      expires_at: new Date(Date.now() + 7 * 24 * 60 * 60 * 1e3).toISOString(),
+      created_at: now
+    };
+    this.db.prepare(
+      `INSERT INTO invites
+        (id, workspace_id, handle, token, created_by_member_id, expires_at, created_at)
+        VALUES (?, ?, ?, ?, ?, ?, ?)`
+    ).run(
+      invite.id,
+      invite.workspace_id,
+      invite.handle,
+      invite.token,
+      invite.created_by_member_id,
+      invite.expires_at,
+      invite.created_at
+    );
+    return { invite };
+  }
+  acceptInvite(input) {
+    const inviteRow = this.db.prepare("SELECT * FROM invites WHERE token = ?").get(input.inviteToken);
+    if (!inviteRow) {
+      throw relayError("NOT_FOUND", "Invite not found.", 404);
+    }
+    if (inviteRow.accepted_at) {
+      throw relayError("INVALID_INPUT", "Invite has already been accepted.", 409);
+    }
+    if (Date.parse(inviteRow.expires_at) < Date.now()) {
+      throw relayError("INVALID_INPUT", "Invite has expired.", 410);
+    }
+    const workspace = this.getWorkspace(inviteRow.workspace_id);
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const token = createToken("relay_member");
+    const approvalSecret = createToken("relay_approval_secret");
+    const member = {
+      id: createId("mem"),
+      workspace_id: inviteRow.workspace_id,
+      handle: inviteRow.handle,
+      display_name: input.displayName,
+      role: "member",
+      status: "active",
+      token,
+      approval_secret: approvalSecret,
+      created_at: now
+    };
+    const transaction = this.db.transaction(() => {
+      this.db.prepare(
+        `INSERT INTO members
+          (id, workspace_id, handle, display_name, role, status, token_hash, approval_secret_hash, created_at)
+          VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`
+      ).run(
+        member.id,
+        member.workspace_id,
+        member.handle,
+        member.display_name,
+        member.role,
+        member.status,
+        hashToken(token),
+        hashToken(approvalSecret),
+        member.created_at
+      );
+      this.db.prepare("UPDATE invites SET accepted_at = ? WHERE id = ?").run(now, inviteRow.id);
+    });
+    transaction();
+    return { member, workspace };
+  }
+  getInvite(input) {
+    const inviteRow = this.db.prepare("SELECT * FROM invites WHERE token = ?").get(input.inviteToken);
+    if (!inviteRow) {
+      throw relayError("NOT_FOUND", "Invite not found.", 404);
+    }
+    return {
+      invite: rowToInvite(inviteRow),
+      workspace: this.getWorkspace(inviteRow.workspace_id)
+    };
+  }
+  listMembers(input) {
+    this.requireMember(input.authToken, input.workspaceId);
+    return this.db.prepare("SELECT * FROM members WHERE workspace_id = ? ORDER BY handle").all(input.workspaceId).map((row) => rowToMember(row));
+  }
+  configureProjectAlias(input) {
+    const admin = this.requireAdmin(input.authToken, input.workspaceId);
+    const canonicalProject = normalizeProjectName(input.canonicalProject);
+    const alias = normalizeProjectName(input.alias);
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const id = createId("pal");
+    this.db.prepare(
+      `INSERT INTO project_aliases
+        (id, workspace_id, canonical_project, alias, created_by_member_id, created_at)
+        VALUES (?, ?, ?, ?, ?, ?)
+        ON CONFLICT(workspace_id, alias) DO UPDATE SET
+          id = excluded.id,
+          canonical_project = excluded.canonical_project,
+          created_by_member_id = excluded.created_by_member_id,
+          created_at = excluded.created_at`
+    ).run(id, input.workspaceId, canonicalProject, alias, admin.id, now);
+    this.recordAudit({
+      action: "configure_project_alias",
+      actorMemberId: admin.id,
+      workspaceId: input.workspaceId,
+      metadata: { canonical_project: canonicalProject, alias }
+    });
+    return {
+      alias: {
+        id,
+        workspace_id: input.workspaceId,
+        canonical_project: canonicalProject,
+        alias,
+        created_by_member_id: admin.id,
+        created_at: now
+      }
+    };
+  }
+  listProjectAliases(input) {
+    this.requireMember(input.authToken, input.workspaceId);
+    return this.db.prepare(
+      `SELECT * FROM project_aliases
+          WHERE workspace_id = ?
+          ORDER BY canonical_project, alias`
+    ).all(input.workspaceId).map((row) => rowToProjectAlias(row));
+  }
+  revokeMember(input) {
+    const admin = this.requireAdmin(input.adminToken, input.workspaceId);
+    if (admin.id === input.memberId) {
+      throw relayError("INVALID_INPUT", "Admins cannot revoke themselves.", 400);
+    }
+    const member = this.getMember(input.memberId);
+    if (member.workspace_id !== input.workspaceId) {
+      throw relayError("FORBIDDEN", "Member belongs to a different workspace.", 403);
+    }
+    const revokedAt = (/* @__PURE__ */ new Date()).toISOString();
+    this.db.prepare("UPDATE members SET status = ?, revoked_at = ? WHERE id = ?").run("revoked", revokedAt, input.memberId);
+    this.recordAudit({
+      action: "revoke",
+      actorMemberId: admin.id,
+      workspaceId: input.workspaceId,
+      metadata: { revoked_member_id: input.memberId }
+    });
+    return { member: { ...member, status: "revoked", revoked_at: revokedAt } };
+  }
+  rotateMemberToken(input) {
+    const member = this.authenticate(input.authToken);
+    const token = createToken("relay_member");
+    this.db.prepare("UPDATE members SET token_hash = ? WHERE id = ?").run(hashToken(token), member.id);
+    this.recordAudit({
+      action: "rotate_token",
+      actorMemberId: member.id,
+      workspaceId: member.workspace_id,
+      metadata: {}
+    });
+    return { member, token };
+  }
+  rotateApprovalSecret(input) {
+    const member = this.authenticate(input.authToken);
+    this.requireApprovalSecret(member, input.approvalSecret);
+    const approvalSecret = createToken("relay_approval_secret");
+    const rotatedAt = (/* @__PURE__ */ new Date()).toISOString();
+    const rotate = this.db.transaction(() => {
+      this.db.prepare("UPDATE members SET approval_secret_hash = ? WHERE id = ?").run(hashToken(approvalSecret), member.id);
+      const invalidated = this.db.prepare(
+        `UPDATE approval_tokens
+          SET consumed_at = ?
+          WHERE actor_member_id = ?
+            AND consumed_at IS NULL`
+      ).run(rotatedAt, member.id);
+      this.recordAudit({
+        action: "rotate_approval_secret",
+        actorMemberId: member.id,
+        workspaceId: member.workspace_id,
+        metadata: { invalidated_approval_tokens: invalidated.changes }
+      });
+    });
+    rotate();
+    return { member, approval_secret: approvalSecret };
+  }
+  createApprovalToken(input) {
+    const actor = this.authenticate(input.authToken);
+    this.requireApprovalSecret(actor, input.approvalSecret);
+    const packet = this.getPacket(input.packetId);
+    this.assertApprovalTokenAllowed(actor, packet, input.action);
+    const token = createToken("relay_approval");
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const expiresAt = new Date(Date.now() + 10 * 60 * 1e3).toISOString();
+    this.db.prepare(
+      `INSERT INTO approval_tokens
+        (id, packet_id, workspace_id, actor_member_id, action, token_hash, expires_at, created_at)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?)`
+    ).run(
+      createId("apr"),
+      packet.packet_id,
+      packet.workspace_id,
+      actor.id,
+      input.action,
+      hashToken(token),
+      expiresAt,
+      now
+    );
+    this.recordAudit({
+      action: "approve",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: { approval_action: input.action, token_created: true }
+    });
+    return {
+      approval_token: token,
+      action: input.action,
+      packet_id: packet.packet_id,
+      expires_at: expiresAt
+    };
+  }
+  createAskDraft(input) {
+    return this.createPacketDraft("ask", input, { question: input.question });
+  }
+  createShareDraft(input) {
+    return this.createPacketDraft("share", input, { finding: input.finding });
+  }
+  updateDraft(input) {
+    const actor = this.authenticate(input.authToken);
+    const packet = this.getPacket(input.packetId);
+    this.requireSender(actor, packet);
+    if (!["ask", "share"].includes(packet.packet_type)) {
+      throw relayError("INVALID_INPUT", "Only ask/share drafts can be edited before send.", 400);
+    }
+    if (packet.status !== "pending_sender_approval") {
+      throw relayError(
+        "INVALID_STATE_TRANSITION",
+        "Only drafts pending sender approval can be edited.",
+        409
+      );
+    }
+    const changedFields = Object.entries(input).filter(([key, value]) => !["authToken", "packetId"].includes(key) && value !== void 0).map(([key]) => key);
+    const updated = this.preparePacket(
+      packetSchema.parse({
+        ...packet,
+        title: input.title ?? packet.title,
+        summary: input.summary ?? packet.summary,
+        question: input.question ?? packet.question,
+        finding: input.finding ?? packet.finding,
+        claims: input.claims?.map(normalizeClaim) ?? packet.claims,
+        evidence: input.evidence?.map(normalizeEvidence) ?? packet.evidence,
+        files_or_symbols: input.filesOrSymbols ?? packet.files_or_symbols,
+        commands_or_tests_run: input.commandsOrTestsRun ?? packet.commands_or_tests_run,
+        what_was_tried: input.whatWasTried ?? packet.what_was_tried,
+        known_failures: input.knownFailures ?? packet.known_failures,
+        current_hypothesis: input.currentHypothesis ?? packet.current_hypothesis,
+        confidence: input.confidence ?? packet.confidence,
+        suggested_next_steps: input.suggestedNextSteps ?? packet.suggested_next_steps
+      })
+    );
+    this.updatePacket(updated);
+    this.recordAudit({
+      action: "edit",
+      actorMemberId: actor.id,
+      packetId: updated.packet_id,
+      workspaceId: updated.workspace_id,
+      metadata: { changed_fields: changedFields }
+    });
+    return { id: updated.packet_id, packet: this.getPacket(updated.packet_id) };
+  }
+  approveAndSend(input) {
+    const actor = this.authenticate(input.authToken);
+    let packet = this.getPacket(input.packetId);
+    this.requireSender(actor, packet);
+    if (packet.packet_type === "reply") {
+      return this.approveReply({
+        authToken: input.authToken,
+        replyPacketId: input.packetId,
+        approvalToken: input.approvalToken
+      });
+    }
+    this.consumeApprovalToken({
+      actor,
+      packet,
+      action: "send",
+      approvalToken: input.approvalToken
+    });
+    if (packet.redaction_report.blocked && !input.allowSecretOverride) {
+      throw relayError(
+        "REDACTION_BLOCKED",
+        "Redaction blocked this packet. Remove secret-looking evidence or explicitly override.",
+        422,
+        packet.redaction_report
+      );
+    }
+    for (const recipientId of packet.recipient_member_ids) {
+      const recipient = this.getMember(recipientId);
+      if (recipient.status === "revoked") {
+        throw relayError("INVALID_RECIPIENT", `Recipient @${recipient.handle} is revoked.`, 403);
+      }
+    }
+    packet = this.transitionPacket(packet, "sent", actor, "sender");
+    this.recordAudit({
+      action: "approve",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: { status: "sent" }
+    });
+    this.recordAudit({
+      action: "send",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: { recipient_member_ids: packet.recipient_member_ids }
+    });
+    packet = this.transitionPacket(packet, "delivered", actor, "system");
+    for (const recipientId of packet.recipient_member_ids) {
+      this.createNotification(packet, recipientId);
+    }
+    this.recordAudit({
+      action: "deliver",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: { recipient_member_ids: packet.recipient_member_ids }
+    });
+    return { id: packet.packet_id, packet: this.getPacket(packet.packet_id) };
+  }
+  listInbox(input) {
+    const member = this.requireMember(input.authToken, input.workspaceId);
+    return this.listWorkspacePackets(input.workspaceId).filter((packet) => packet.recipient_member_ids.includes(member.id)).filter(
+      (packet) => ![
+        "archived",
+        "closed_resolved",
+        "closed_unresolved",
+        "declined",
+        "expired",
+        "superseded"
+      ].includes(packet.status)
+    );
+  }
+  viewPacket(input) {
+    const actor = this.authenticate(input.authToken);
+    let packet = this.getPacket(input.packetId);
+    this.requireReadable(actor, packet);
+    const role = this.actorRole(actor, packet);
+    if (role === "recipient" && (packet.status === "delivered" || packet.status === "replied")) {
+      packet = this.transitionPacket(packet, "viewed", actor, "recipient");
+    }
+    this.recordAudit({
+      action: "view",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: { status: packet.status }
+    });
+    return { id: packet.packet_id, packet };
+  }
+  getPacketForMember(input) {
+    const actor = this.authenticate(input.authToken);
+    const packet = this.getPacket(input.packetId);
+    this.requireReadable(actor, packet);
+    return { id: packet.packet_id, packet };
+  }
+  acceptPacket(input) {
+    const actor = this.authenticate(input.authToken);
+    const packet = this.getPacket(input.packetId);
+    this.requireRecipient(actor, packet);
+    const accepted = this.transitionPacket(packet, "accepted", actor, "recipient");
+    this.recordAudit({
+      action: "accept",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: {}
+    });
+    return { id: accepted.packet_id, packet: accepted };
+  }
+  hydratePacket(input) {
+    const actor = this.authenticate(input.authToken);
+    let packet = this.getPacket(input.packetId);
+    this.requireRecipient(actor, packet);
+    this.consumeApprovalToken({
+      actor,
+      packet,
+      action: "hydrate",
+      approvalToken: input.approvalToken
+    });
+    const targetStatus = "hydrated";
+    packet = this.transitionPacket(packet, targetStatus, actor, "recipient");
+    const hydration = formatHydrationContext(packet, {
+      hydratedBy: actor.id,
+      client: input.client,
+      sessionId: input.sessionId
+    });
+    this.insertAuditReceipt(hydration.receipt);
+    this.db.prepare(
+      `INSERT INTO hydration_receipts
+        (receipt_id, packet_id, workspace_id, actor_member_id, client, session_id, context, created_at)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?)`
+    ).run(
+      hydration.receipt.receipt_id,
+      packet.packet_id,
+      packet.workspace_id,
+      actor.id,
+      input.client,
+      input.sessionId ?? null,
+      hydration.context,
+      hydration.receipt.created_at
+    );
+    packet = this.updatePacket({ ...packet, audit_receipt: hydration.receipt });
+    return { ...hydration, packet };
+  }
+  createReplyDraft(input) {
+    const actor = this.authenticate(input.authToken);
+    let original = this.getPacket(input.packetId);
+    this.requireRecipient(actor, original);
+    if (!["accepted", "hydrated"].includes(original.status)) {
+      throw relayError(
+        "INVALID_STATE_TRANSITION",
+        "A recipient must accept or hydrate an ask before replying.",
+        409
+      );
+    }
+    if (original.packet_type !== "ask") {
+      throw relayError("INVALID_INPUT", "Replies can only be created for ask packets.", 400);
+    }
+    if (original.status === "accepted" || original.status === "hydrated") {
+      original = this.transitionPacket(original, "response_drafting", actor, "recipient");
+    }
+    const packet = this.preparePacket(
+      buildPacketDraft({
+        packet_type: "reply",
+        workspace_id: original.workspace_id,
+        sender_member_id: actor.id,
+        recipient_member_ids: [original.sender_member_id],
+        parent_packet_id: original.packet_id,
+        status: "pending_recipient_approval",
+        title: input.title ?? `Reply: ${original.title}`,
+        summary: input.summary,
+        answer: input.answer,
+        source_client: input.sourceClient,
+        project: original.project,
+        evidence: input.evidence,
+        confidence: input.confidence
+      })
+    );
+    this.insertPacket(packet);
+    this.insertAuditReceipt(packet.audit_receipt);
+    this.recordAudit({
+      action: "reply",
+      actorMemberId: actor.id,
+      packetId: original.packet_id,
+      workspaceId: original.workspace_id,
+      metadata: { reply_packet_id: packet.packet_id, status: "pending_recipient_approval" }
+    });
+    return { id: packet.packet_id, packet };
+  }
+  approveReply(input) {
+    const actor = this.authenticate(input.authToken);
+    let reply = this.getPacket(input.replyPacketId);
+    this.requireSender(actor, reply);
+    if (reply.packet_type !== "reply") {
+      throw relayError("INVALID_INPUT", "Packet is not a reply.", 400);
+    }
+    this.consumeApprovalToken({
+      actor,
+      packet: reply,
+      action: "reply",
+      approvalToken: input.approvalToken
+    });
+    reply = this.transitionPacket(reply, "replied", actor, "recipient");
+    for (const recipientId of reply.recipient_member_ids) {
+      this.createNotification(reply, recipientId);
+    }
+    this.recordAudit({
+      action: "approve",
+      actorMemberId: actor.id,
+      packetId: reply.packet_id,
+      workspaceId: reply.workspace_id,
+      metadata: { reply_packet_id: reply.packet_id }
+    });
+    if (reply.parent_packet_id) {
+      let parent = this.getPacket(reply.parent_packet_id);
+      if (parent.status === "response_drafting") {
+        parent = this.transitionPacket(parent, "pending_recipient_approval", actor, "recipient");
+      }
+      parent = this.transitionPacket(parent, "replied", actor, "recipient");
+      this.recordAudit({
+        action: "reply",
+        actorMemberId: actor.id,
+        packetId: parent.packet_id,
+        workspaceId: parent.workspace_id,
+        metadata: { reply_packet_id: reply.packet_id, status: "replied" }
+      });
+    }
+    return { id: reply.packet_id, packet: this.getPacket(reply.packet_id) };
+  }
+  declinePacket(input) {
+    const actor = this.authenticate(input.authToken);
+    const packet = this.getPacket(input.packetId);
+    this.requireRecipient(actor, packet);
+    const declined = this.transitionPacket(packet, "declined", actor, "recipient");
+    this.recordAudit({
+      action: "decline",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: { reason: input.reason }
+    });
+    return { id: declined.packet_id, packet: declined };
+  }
+  archivePacket(input) {
+    const actor = this.authenticate(input.authToken);
+    const packet = this.getPacket(input.packetId);
+    this.requireReadable(actor, packet);
+    const role = this.actorRole(actor, packet);
+    const archived = this.transitionPacket(
+      packet,
+      "archived",
+      actor,
+      role === "admin" ? "admin" : role
+    );
+    this.recordAudit({
+      action: "archive",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: {}
+    });
+    return { id: archived.packet_id, packet: archived };
+  }
+  requestClarification(input) {
+    const actor = this.authenticate(input.authToken);
+    let original = this.getPacket(input.packetId);
+    this.requireRecipient(actor, original);
+    original = this.transitionPacket(original, "clarification_requested", actor, "recipient");
+    this.recordAudit({
+      action: "clarify",
+      actorMemberId: actor.id,
+      packetId: original.packet_id,
+      workspaceId: original.workspace_id,
+      metadata: { question: input.question, requested_evidence: input.requestedEvidence ?? [] }
+    });
+    const packet = this.preparePacket(
+      buildPacketDraft({
+        packet_type: "clarification",
+        workspace_id: original.workspace_id,
+        sender_member_id: actor.id,
+        recipient_member_ids: [original.sender_member_id],
+        parent_packet_id: original.packet_id,
+        status: "delivered",
+        title: `Clarification: ${original.title}`,
+        summary: input.question,
+        question: input.question,
+        source_client: original.source_client,
+        project: original.project,
+        suggested_next_steps: input.requestedEvidence
+      })
+    );
+    this.insertPacket(packet);
+    this.insertAuditReceipt(packet.audit_receipt);
+    this.createNotification(packet, original.sender_member_id);
+    return { id: packet.packet_id, packet };
+  }
+  closePacket(input) {
+    const actor = this.authenticate(input.authToken);
+    const packet = this.getPacket(input.packetId);
+    this.requireSender(actor, packet);
+    const status = input.resolution === "resolved" ? "closed_resolved" : "closed_unresolved";
+    const closed = this.transitionPacket(packet, status, actor, "sender");
+    this.recordAudit({
+      action: "close",
+      actorMemberId: actor.id,
+      packetId: packet.packet_id,
+      workspaceId: packet.workspace_id,
+      metadata: { resolution: input.resolution }
+    });
+    return { id: closed.packet_id, packet: closed };
+  }
+  searchPackets(input) {
+    const actor = this.requireMember(input.authToken, input.workspaceId);
+    const query = input.query?.toLowerCase() ?? "";
+    const results = this.listWorkspacePackets(input.workspaceId).filter((packet) => {
+      if (!this.canReadMetadata(actor, packet)) return false;
+      if (!this.matchesPacketQueryFilters(actor, packet, input)) return false;
+      if (!query) return true;
+      const haystack = this.searchHaystackFor(actor, packet);
+      return haystack.includes(query);
+    });
+    this.recordAudit({
+      action: "search",
+      actorMemberId: actor.id,
+      workspaceId: input.workspaceId,
+      metadata: { query, filters: this.auditFilterMetadata(input) }
+    });
+    return results.map((packet) => this.toSearchResult(actor, packet));
+  }
+  listHistory(input) {
+    const actor = this.requireMember(input.authToken, input.workspaceId);
+    const filter = input.filter ?? "all";
+    const query = input.query?.toLowerCase() ?? "";
+    const results = this.listWorkspacePackets(input.workspaceId).filter((packet) => {
+      if (!this.canReadMetadata(actor, packet)) return false;
+      if (!this.matchesHistoryFilter(actor, packet, filter)) return false;
+      if (!this.matchesPacketQueryFilters(actor, packet, input)) return false;
+      if (!query) return true;
+      return this.searchHaystackFor(actor, packet).includes(query);
+    });
+    this.recordAudit({
+      action: "search",
+      actorMemberId: actor.id,
+      workspaceId: input.workspaceId,
+      metadata: { query, history_filter: filter, filters: this.auditFilterMetadata(input) }
+    });
+    return results.map((packet) => this.toSearchResult(actor, packet));
+  }
+  listAuditReceipts(input) {
+    const actor = this.requireMember(input.authToken, input.workspaceId);
+    if (input.packetId) {
+      const packet = this.getPacket(input.packetId);
+      if (!this.canReadMetadata(actor, packet)) {
+        throw relayError("FORBIDDEN", "Packet audit metadata is not visible to this member.", 403);
+      }
+    } else if (actor.role !== "admin") {
+      throw relayError("FORBIDDEN", "Only admins can view workspace audit logs.", 403);
+    }
+    const rows = input.packetId ? this.db.prepare(
+      "SELECT * FROM audit_receipts WHERE workspace_id = ? AND packet_id = ? ORDER BY created_at"
+    ).all(input.workspaceId, input.packetId) : this.db.prepare("SELECT * FROM audit_receipts WHERE workspace_id = ? ORDER BY created_at").all(input.workspaceId);
+    return rows.map((row) => ({
+      receipt_id: row.receipt_id,
+      workspace_id: row.workspace_id,
+      packet_id: row.packet_id ?? void 0,
+      actor_member_id: row.actor_member_id,
+      action: row.action,
+      created_at: row.created_at,
+      metadata: parseJson(row.metadata),
+      receipt_hash: row.receipt_hash
+    }));
+  }
+  getPacket(packetId) {
+    const row = this.db.prepare("SELECT * FROM packets WHERE id = ?").get(packetId);
+    if (!row) {
+      throw relayError("NOT_FOUND", "Packet not found.", 404);
+    }
+    return rowToPacket(row);
+  }
+  createPacketDraft(packetType, input, main) {
+    const actor = this.requireMember(input.authToken, input.workspaceId);
+    const recipient = this.resolveRecipient(input.workspaceId, input.to);
+    const project = input.project ? {
+      ...input.project,
+      repo_name: this.resolveCanonicalProjectName(
+        input.workspaceId,
+        input.project.repo_name ?? "unknown-project"
+      )
+    } : input.project;
+    const base = buildPacketDraft({
+      packet_type: packetType,
+      workspace_id: input.workspaceId,
+      sender_member_id: actor.id,
+      recipient_member_ids: [recipient.id],
+      title: input.title,
+      summary: input.summary,
+      source_client: input.sourceClient,
+      project,
+      evidence: input.evidence,
+      claims: input.claims,
+      files_or_symbols: input.filesOrSymbols,
+      commands_or_tests_run: input.commandsOrTestsRun,
+      what_was_tried: input.whatWasTried,
+      known_failures: input.knownFailures,
+      current_hypothesis: input.currentHypothesis,
+      confidence: input.confidence,
+      suggested_next_steps: input.suggestedNextSteps,
+      ...main
+    });
+    const packet = this.preparePacket(base);
+    this.insertPacket(packet);
+    this.insertAuditReceipt(packet.audit_receipt);
+    return { id: packet.packet_id, packet };
+  }
+  preparePacket(packet) {
+    const redactionReport = scanPacketForRedactions(packet);
+    let prepared = packetSchema.parse({
+      ...packet,
+      redaction_report: redactionReport,
+      updated_at: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    const budget = validateContextBudget(prepared);
+    if (!budget.ok) {
+      prepared = compressPacketToBudget(prepared);
+      prepared = packetSchema.parse({
+        ...prepared,
+        redaction_report: {
+          ...prepared.redaction_report,
+          warnings: [
+            ...prepared.redaction_report.warnings,
+            ...budget.violations.map((violation) => ({
+              kind: "oversized_excerpt",
+              field: "packet",
+              severity: "warning",
+              message: violation
+            }))
+          ]
+        }
+      });
+    }
+    return prepared;
+  }
+  authenticate(token) {
+    if (!token) {
+      throw relayError("AUTH_REQUIRED", "Missing Relay auth token.", 401);
+    }
+    const row = this.db.prepare("SELECT * FROM members WHERE token_hash = ?").get(hashToken(token));
+    if (!row) {
+      throw relayError("AUTH_REQUIRED", "Invalid Relay auth token.", 401);
+    }
+    const member = rowToMember(row);
+    if (member.status === "revoked") {
+      throw relayError("TOKEN_REVOKED", "This member token has been revoked.", 403);
+    }
+    return member;
+  }
+  requireMember(token, workspaceId) {
+    const member = this.authenticate(token);
+    if (member.workspace_id !== workspaceId) {
+      throw relayError("FORBIDDEN", "Token belongs to a different workspace.", 403);
+    }
+    return member;
+  }
+  requireAdmin(token, workspaceId) {
+    const member = this.requireMember(token, workspaceId);
+    if (member.role !== "admin") {
+      throw relayError("FORBIDDEN", "Workspace admin permission required.", 403);
+    }
+    return member;
+  }
+  requireApprovalSecret(member, approvalSecret) {
+    if (!approvalSecret) {
+      throw relayError(
+        "FORBIDDEN",
+        "A local approval secret is required to mint approval tokens.",
+        403
+      );
+    }
+    const row = this.db.prepare("SELECT approval_secret_hash FROM members WHERE id = ?").get(member.id);
+    if (!row?.approval_secret_hash || row.approval_secret_hash !== hashToken(approvalSecret)) {
+      throw relayError("FORBIDDEN", "Invalid local approval secret.", 403);
+    }
+  }
+  getWorkspace(workspaceId) {
+    const row = this.db.prepare("SELECT * FROM workspaces WHERE id = ?").get(workspaceId);
+    if (!row) {
+      throw relayError("NOT_FOUND", "Workspace not found.", 404);
+    }
+    return rowToWorkspace(row);
+  }
+  getMember(memberId) {
+    const row = this.db.prepare("SELECT * FROM members WHERE id = ?").get(memberId);
+    if (!row) {
+      throw relayError("NOT_FOUND", "Member not found.", 404);
+    }
+    return rowToMember(row);
+  }
+  findMemberByHandle(workspaceId, handle, includeRevoked = false) {
+    const row = this.db.prepare("SELECT * FROM members WHERE workspace_id = ? AND handle = ?").get(workspaceId, normalizeHandle(handle));
+    if (!row) return void 0;
+    const member = rowToMember(row);
+    if (!includeRevoked && member.status === "revoked") {
+      return void 0;
+    }
+    return member;
+  }
+  resolveRecipient(workspaceId, handle) {
+    const normalized = normalizeHandle(handle);
+    const member = this.findMemberByHandle(workspaceId, normalized, true);
+    if (!member) {
+      throw relayError("INVALID_RECIPIENT", `Invalid recipient @${normalized}.`, 404);
+    }
+    if (member.status === "revoked") {
+      throw relayError("INVALID_RECIPIENT", `Recipient @${normalized} is revoked.`, 403);
+    }
+    return member;
+  }
+  actorRole(actor, packet) {
+    if (packet.sender_member_id === actor.id) return "sender";
+    if (packet.recipient_member_ids.includes(actor.id)) return "recipient";
+    if (actor.role === "admin" && actor.workspace_id === packet.workspace_id) return "admin";
+    return "system";
+  }
+  canReadMetadata(actor, packet) {
+    return actor.workspace_id === packet.workspace_id && actor.status === "active" && (packet.sender_member_id === actor.id || packet.recipient_member_ids.includes(actor.id) || actor.role === "admin");
+  }
+  canReadBody(actor, packet) {
+    if (actor.workspace_id !== packet.workspace_id || actor.status !== "active") {
+      return false;
+    }
+    if (packet.sender_member_id === actor.id || packet.recipient_member_ids.includes(actor.id)) {
+      return true;
+    }
+    if (actor.role === "admin") {
+      return this.getWorkspace(packet.workspace_id).admin_body_access;
+    }
+    return false;
+  }
+  requireReadable(actor, packet) {
+    if (!this.canReadBody(actor, packet)) {
+      if (this.canReadMetadata(actor, packet)) {
+        throw relayError(
+          "FORBIDDEN",
+          "Workspace admin metadata access does not include packet body access by default.",
+          403
+        );
+      }
+      throw relayError("FORBIDDEN", "Packet is not addressed to this member.", 403);
+    }
+  }
+  searchHaystackFor(actor, packet) {
+    const metadataFields = [
+      packet.packet_id,
+      packet.packet_type,
+      packet.workspace_id,
+      packet.sender_member_id,
+      ...packet.recipient_member_ids,
+      packet.status,
+      packet.title,
+      packet.summary,
+      packet.project.repo_name,
+      packet.project.branch,
+      packet.project.commit_hash,
+      packet.project.git_remote_fingerprint,
+      packet.source_client,
+      packet.created_at,
+      packet.updated_at,
+      packet.expires_at,
+      packet.recheck_by
+    ];
+    const bodyFields = this.canReadBody(actor, packet) ? [
+      packet.question,
+      packet.finding,
+      packet.answer,
+      packet.current_hypothesis,
+      ...packet.files_or_symbols,
+      ...packet.commands_or_tests_run,
+      ...packet.what_was_tried,
+      ...packet.known_failures,
+      ...packet.suggested_next_steps,
+      ...packet.claims.map((claim) => claim.text),
+      ...packet.evidence.map((item) => `${item.label} ${item.source} ${item.excerpt}`)
+    ] : [];
+    return [...metadataFields, ...bodyFields].filter(Boolean).join(" ").toLowerCase();
+  }
+  toSearchResult(actor, packet) {
+    return {
+      packet_id: packet.packet_id,
+      packet_type: packet.packet_type,
+      workspace_id: packet.workspace_id,
+      sender_member_id: packet.sender_member_id,
+      recipient_member_ids: packet.recipient_member_ids,
+      status: packet.status,
+      title: packet.title,
+      summary: packet.summary,
+      project: packet.project,
+      source_client: packet.source_client,
+      created_at: packet.created_at,
+      updated_at: packet.updated_at,
+      expires_at: packet.expires_at,
+      recheck_by: packet.recheck_by,
+      body_access: this.canReadBody(actor, packet)
+    };
+  }
+  auditFilterMetadata(input) {
+    return Object.fromEntries(
+      Object.entries({
+        project: input.project,
+        sender: input.sender,
+        recipient: input.recipient,
+        status: input.status,
+        file_or_symbol: input.fileOrSymbol,
+        ticket_or_pr: input.ticketOrPr
+      }).filter((entry) => typeof entry[1] === "string" && !!entry[1])
+    );
+  }
+  matchesPacketQueryFilters(actor, packet, filters) {
+    if (filters.project && this.resolveCanonicalProjectName(packet.workspace_id, packet.project.repo_name) !== this.resolveCanonicalProjectName(packet.workspace_id, filters.project)) {
+      return false;
+    }
+    if (filters.sender && !this.memberSelectorMatches(packet.workspace_id, packet.sender_member_id, filters.sender)) {
+      return false;
+    }
+    if (filters.recipient && !packet.recipient_member_ids.some(
+      (memberId) => this.memberSelectorMatches(packet.workspace_id, memberId, filters.recipient)
+    )) {
+      return false;
+    }
+    if (filters.status && packet.status !== filters.status) {
+      return false;
+    }
+    if (filters.fileOrSymbol) {
+      if (!this.canReadBody(actor, packet)) return false;
+      const needle = filters.fileOrSymbol.trim().toLowerCase();
+      if (needle && !packet.files_or_symbols.some((entry) => entry.toLowerCase().includes(needle))) {
+        return false;
+      }
+    }
+    if (filters.ticketOrPr) {
+      if (!this.canReadBody(actor, packet)) return false;
+      const needle = filters.ticketOrPr.trim().toLowerCase();
+      if (needle && !packet.evidence.filter((item) => item.kind === "ticket_link" || item.kind === "pr_link").some(
+        (item) => [item.label, item.source, item.excerpt].join(" ").toLowerCase().includes(needle)
+      )) {
+        return false;
+      }
+    }
+    return true;
+  }
+  resolveCanonicalProjectName(workspaceId, projectName) {
+    const name = normalizeProjectName(projectName);
+    const row = this.db.prepare(
+      `SELECT canonical_project FROM project_aliases
+        WHERE workspace_id = ? AND alias = ?`
+    ).get(workspaceId, name);
+    return row?.canonical_project ?? name;
+  }
+  memberSelectorMatches(workspaceId, memberId, selector) {
+    const trimmed = selector.trim();
+    if (!trimmed) return true;
+    if (memberId === trimmed) return true;
+    try {
+      return this.findMemberByHandle(workspaceId, trimmed, true)?.id === memberId;
+    } catch {
+      return false;
+    }
+  }
+  matchesHistoryFilter(actor, packet, filter) {
+    if (filter === "all") return true;
+    const terminalStatuses = [
+      "archived",
+      "closed_resolved",
+      "closed_unresolved",
+      "declined",
+      "expired",
+      "superseded"
+    ];
+    if (filter === "closed") {
+      return terminalStatuses.includes(packet.status);
+    }
+    if (filter === "drafts") {
+      return packet.sender_member_id === actor.id && ["pending_sender_approval", "pending_recipient_approval", "draft"].includes(packet.status);
+    }
+    if (filter === "sent") {
+      return packet.sender_member_id === actor.id && packet.status !== "pending_sender_approval";
+    }
+    return !terminalStatuses.includes(packet.status) && !["draft", "pending_sender_approval", "pending_recipient_approval"].includes(packet.status);
+  }
+  requireSender(actor, packet) {
+    if (packet.sender_member_id !== actor.id) {
+      throw relayError("FORBIDDEN", "Only the packet sender can perform this action.", 403);
+    }
+  }
+  requireRecipient(actor, packet) {
+    if (!packet.recipient_member_ids.includes(actor.id)) {
+      throw relayError("FORBIDDEN", "Packet is not addressed to this member.", 403);
+    }
+  }
+  assertApprovalTokenAllowed(actor, packet, action) {
+    if (action === "send") {
+      this.requireSender(actor, packet);
+      if (packet.packet_type === "reply") {
+        throw relayError("INVALID_INPUT", "Use reply approval for reply packets.", 400);
+      }
+      if (packet.status !== "pending_sender_approval") {
+        throw relayError(
+          "INVALID_STATE_TRANSITION",
+          "Only pending drafts can be approved for send.",
+          409
+        );
+      }
+      return;
+    }
+    if (action === "reply") {
+      this.requireSender(actor, packet);
+      if (packet.packet_type !== "reply" || packet.status !== "pending_recipient_approval") {
+        throw relayError(
+          "INVALID_STATE_TRANSITION",
+          "Only pending reply drafts can be approved.",
+          409
+        );
+      }
+      return;
+    }
+    this.requireRecipient(actor, packet);
+    if (packet.packet_type === "reply") {
+      if (packet.status !== "viewed") {
+        throw relayError(
+          "INVALID_STATE_TRANSITION",
+          "Replies must be viewed before hydration approval.",
+          409
+        );
+      }
+      return;
+    }
+    if (packet.status !== "accepted") {
+      throw relayError(
+        "INVALID_STATE_TRANSITION",
+        "Packets must be accepted before hydration approval.",
+        409
+      );
+    }
+  }
+  consumeApprovalToken(input) {
+    if (!input.approvalToken) {
+      throw relayError(
+        "FORBIDDEN",
+        `A human approval token is required to ${input.action} this packet.`,
+        403
+      );
+    }
+    const row = this.db.prepare(
+      `SELECT * FROM approval_tokens
+        WHERE packet_id = ? AND actor_member_id = ? AND action = ? AND token_hash = ?`
+    ).get(input.packet.packet_id, input.actor.id, input.action, hashToken(input.approvalToken));
+    if (!row || row.consumed_at || Date.parse(row.expires_at) < Date.now()) {
+      throw relayError("FORBIDDEN", "Invalid, expired, or consumed approval token.", 403);
+    }
+    this.assertApprovalTokenAllowed(input.actor, input.packet, input.action);
+    this.db.prepare("UPDATE approval_tokens SET consumed_at = ? WHERE id = ?").run((/* @__PURE__ */ new Date()).toISOString(), row.id);
+  }
+  transitionPacket(packet, status, actor, role) {
+    assertTransition({
+      from: packet.status,
+      to: status,
+      actorRole: role,
+      packetType: packet.packet_type
+    });
+    return this.updatePacket({
+      ...packet,
+      status,
+      updated_at: (/* @__PURE__ */ new Date()).toISOString()
+    });
+  }
+  insertPacket(packet) {
+    this.db.prepare(
+      `INSERT INTO packets
+        (id, workspace_id, packet_type, sender_member_id, recipient_member_ids, parent_packet_id,
+         status, title, summary, question, finding, answer, project, source_client, claims, evidence,
+         files_or_symbols, commands_or_tests_run, what_was_tried, known_failures, current_hypothesis,
+         confidence, suggested_next_steps, redaction_report, hydration_policy, audit_receipt,
+         expires_at, recheck_by, created_at, updated_at)
+        VALUES
+        (@id, @workspace_id, @packet_type, @sender_member_id, @recipient_member_ids, @parent_packet_id,
+         @status, @title, @summary, @question, @finding, @answer, @project, @source_client, @claims,
+         @evidence, @files_or_symbols, @commands_or_tests_run, @what_was_tried, @known_failures,
+         @current_hypothesis, @confidence, @suggested_next_steps, @redaction_report, @hydration_policy,
+         @audit_receipt, @expires_at, @recheck_by, @created_at, @updated_at)`
+    ).run(packetParams(packet));
+    return packet;
+  }
+  updatePacket(packet) {
+    this.db.prepare(
+      `UPDATE packets SET
+          recipient_member_ids = @recipient_member_ids,
+          parent_packet_id = @parent_packet_id,
+          status = @status,
+          title = @title,
+          summary = @summary,
+          question = @question,
+          finding = @finding,
+          answer = @answer,
+          project = @project,
+          source_client = @source_client,
+          claims = @claims,
+          evidence = @evidence,
+          files_or_symbols = @files_or_symbols,
+          commands_or_tests_run = @commands_or_tests_run,
+          what_was_tried = @what_was_tried,
+          known_failures = @known_failures,
+          current_hypothesis = @current_hypothesis,
+          confidence = @confidence,
+          suggested_next_steps = @suggested_next_steps,
+          redaction_report = @redaction_report,
+          hydration_policy = @hydration_policy,
+          audit_receipt = @audit_receipt,
+          expires_at = @expires_at,
+          recheck_by = @recheck_by,
+          updated_at = @updated_at
+        WHERE id = @id`
+    ).run(packetParams(packet));
+    return packet;
+  }
+  listWorkspacePackets(workspaceId) {
+    return this.db.prepare("SELECT * FROM packets WHERE workspace_id = ? ORDER BY created_at DESC").all(workspaceId).map(rowToPacket);
+  }
+  createNotification(packet, memberId) {
+    this.db.prepare(
+      `INSERT INTO notifications (id, packet_id, workspace_id, member_id, status, created_at)
+        VALUES (?, ?, ?, ?, ?, ?)`
+    ).run(
+      createId("ntf"),
+      packet.packet_id,
+      packet.workspace_id,
+      memberId,
+      "unread",
+      (/* @__PURE__ */ new Date()).toISOString()
+    );
+  }
+  recordAudit(input) {
+    const receipt = createAuditReceipt(input);
+    this.insertAuditReceipt(receipt);
+    if (input.packetId) {
+      const packet = this.getPacket(input.packetId);
+      this.updatePacket({ ...packet, audit_receipt: receipt });
+    }
+    return receipt;
+  }
+  insertAuditReceipt(receipt) {
+    this.db.prepare(
+      `INSERT OR REPLACE INTO audit_receipts
+        (receipt_id, workspace_id, packet_id, actor_member_id, action, created_at, metadata, receipt_hash)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?)`
+    ).run(
+      receipt.receipt_id,
+      receipt.workspace_id,
+      receipt.packet_id ?? null,
+      receipt.actor_member_id,
+      receipt.action,
+      receipt.created_at,
+      JSON.stringify(receipt.metadata),
+      receipt.receipt_hash
+    );
+  }
+};
+
+// src/storage/database.ts
+import { mkdirSync } from "fs";
+import { dirname } from "path";
+import Database from "better-sqlite3";
+var schema = `
+CREATE TABLE IF NOT EXISTS workspaces (
+  id TEXT PRIMARY KEY,
+  name TEXT NOT NULL,
+  admin_body_access INTEGER NOT NULL DEFAULT 0,
+  created_at TEXT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS members (
+  id TEXT PRIMARY KEY,
+  workspace_id TEXT NOT NULL,
+  handle TEXT NOT NULL,
+  display_name TEXT NOT NULL,
+  role TEXT NOT NULL,
+  status TEXT NOT NULL,
+  token_hash TEXT NOT NULL,
+  approval_secret_hash TEXT NOT NULL DEFAULT '',
+  created_at TEXT NOT NULL,
+  revoked_at TEXT,
+  UNIQUE(workspace_id, handle),
+  FOREIGN KEY(workspace_id) REFERENCES workspaces(id)
+);
+
+CREATE TABLE IF NOT EXISTS project_aliases (
+  id TEXT PRIMARY KEY,
+  workspace_id TEXT NOT NULL,
+  canonical_project TEXT NOT NULL,
+  alias TEXT NOT NULL,
+  created_by_member_id TEXT NOT NULL,
+  created_at TEXT NOT NULL,
+  UNIQUE(workspace_id, alias),
+  FOREIGN KEY(workspace_id) REFERENCES workspaces(id),
+  FOREIGN KEY(created_by_member_id) REFERENCES members(id)
+);
+
+CREATE INDEX IF NOT EXISTS project_alias_workspace_idx ON project_aliases(workspace_id);
+
+CREATE TABLE IF NOT EXISTS invites (
+  id TEXT PRIMARY KEY,
+  workspace_id TEXT NOT NULL,
+  handle TEXT NOT NULL,
+  token TEXT NOT NULL UNIQUE,
+  created_by_member_id TEXT NOT NULL,
+  expires_at TEXT NOT NULL,
+  accepted_at TEXT,
+  created_at TEXT NOT NULL,
+  FOREIGN KEY(workspace_id) REFERENCES workspaces(id)
+);
+
+CREATE TABLE IF NOT EXISTS packets (
+  id TEXT PRIMARY KEY,
+  workspace_id TEXT NOT NULL,
+  packet_type TEXT NOT NULL,
+  sender_member_id TEXT NOT NULL,
+  recipient_member_ids TEXT NOT NULL,
+  parent_packet_id TEXT,
+  status TEXT NOT NULL,
+  title TEXT NOT NULL,
+  summary TEXT NOT NULL,
+  question TEXT,
+  finding TEXT,
+  answer TEXT,
+  project TEXT NOT NULL,
+  source_client TEXT NOT NULL,
+  claims TEXT NOT NULL,
+  evidence TEXT NOT NULL,
+  files_or_symbols TEXT NOT NULL,
+  commands_or_tests_run TEXT NOT NULL,
+  what_was_tried TEXT NOT NULL,
+  known_failures TEXT NOT NULL,
+  current_hypothesis TEXT NOT NULL,
+  confidence TEXT NOT NULL,
+  suggested_next_steps TEXT NOT NULL,
+  redaction_report TEXT NOT NULL,
+  hydration_policy TEXT NOT NULL,
+  audit_receipt TEXT NOT NULL,
+  expires_at TEXT,
+  recheck_by TEXT,
+  created_at TEXT NOT NULL,
+  updated_at TEXT NOT NULL,
+  FOREIGN KEY(workspace_id) REFERENCES workspaces(id)
+);
+
+CREATE INDEX IF NOT EXISTS packets_workspace_idx ON packets(workspace_id);
+CREATE INDEX IF NOT EXISTS packets_sender_idx ON packets(sender_member_id);
+CREATE INDEX IF NOT EXISTS packets_status_idx ON packets(status);
+
+CREATE TABLE IF NOT EXISTS audit_receipts (
+  receipt_id TEXT PRIMARY KEY,
+  workspace_id TEXT NOT NULL,
+  packet_id TEXT,
+  actor_member_id TEXT NOT NULL,
+  action TEXT NOT NULL,
+  created_at TEXT NOT NULL,
+  metadata TEXT NOT NULL,
+  receipt_hash TEXT NOT NULL
+);
+
+CREATE INDEX IF NOT EXISTS audit_packet_idx ON audit_receipts(packet_id);
+
+CREATE TABLE IF NOT EXISTS hydration_receipts (
+  receipt_id TEXT PRIMARY KEY,
+  packet_id TEXT NOT NULL,
+  workspace_id TEXT NOT NULL,
+  actor_member_id TEXT NOT NULL,
+  client TEXT NOT NULL,
+  session_id TEXT,
+  context TEXT NOT NULL,
+  created_at TEXT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS notifications (
+  id TEXT PRIMARY KEY,
+  packet_id TEXT NOT NULL,
+  workspace_id TEXT NOT NULL,
+  member_id TEXT NOT NULL,
+  status TEXT NOT NULL,
+  created_at TEXT NOT NULL,
+  read_at TEXT
+);
+
+CREATE TABLE IF NOT EXISTS approval_tokens (
+  id TEXT PRIMARY KEY,
+  packet_id TEXT NOT NULL,
+  workspace_id TEXT NOT NULL,
+  actor_member_id TEXT NOT NULL,
+  action TEXT NOT NULL,
+  token_hash TEXT NOT NULL UNIQUE,
+  expires_at TEXT NOT NULL,
+  consumed_at TEXT,
+  created_at TEXT NOT NULL
+);
+
+CREATE INDEX IF NOT EXISTS approval_packet_idx ON approval_tokens(packet_id, actor_member_id, action);
+`;
+function createRelayDatabase(path = ":memory:") {
+  if (path !== ":memory:") {
+    mkdirSync(dirname(path), { recursive: true });
+  }
+  const db = new Database(path);
+  db.pragma("journal_mode = WAL");
+  db.pragma("foreign_keys = ON");
+  db.exec(schema);
+  ensureColumn(db, "members", "approval_secret_hash", "TEXT NOT NULL DEFAULT ''");
+  return db;
+}
+function ensureColumn(db, table, column, definition) {
+  const columns = db.prepare(`PRAGMA table_info(${table})`).all();
+  if (!columns.some((entry) => entry.name === column)) {
+    db.prepare(`ALTER TABLE ${table} ADD COLUMN ${column} ${definition}`).run();
+  }
+}
+export {
+  RelayApiClient,
+  RelayError,
+  RelayService,
+  allowedTransitions,
+  assertTransition,
+  auditReceiptSchema,
+  buildPacketDraft,
+  claimSchema,
+  compressPacketToBudget,
+  confidenceLevels,
+  confirmLocalApproval,
+  createAuditReceipt,
+  createId,
+  createNotificationDispatcher,
+  createPollingWatcher,
+  createRelayDatabase,
+  createToken,
+  defaultContextBudget,
+  evidenceSchema,
+  formatHydrationContext,
+  formatNotification,
+  hashToken,
+  hydrationPolicySchema,
+  isRelayError,
+  normalizeClaim,
+  normalizeEvidence,
+  normalizeHandle,
+  packetSchema,
+  packetStatuses,
+  packetTypes,
+  projectIdentitySchema,
+  redactionFindingSchema,
+  redactionReportSchema,
+  relayError,
+  scanPacketForRedactions,
+  sendDesktopNotification,
+  sendWebhookNotification,
+  transitionStatus,
+  validateContextBudget
+};