kontext-sdk 0.1.0

package/dist/index.js

@@ -0,0 +1,3274 @@
+'use strict';
+
+var crypto$1 = require('crypto');
+var fs = require('fs');
+var path = require('path');
+
+function _interopNamespace(e) {
+  if (e && e.__esModule) return e;
+  var n = Object.create(null);
+  if (e) {
+    Object.keys(e).forEach(function (k) {
+      if (k !== 'default') {
+        var d = Object.getOwnPropertyDescriptor(e, k);
+        Object.defineProperty(n, k, d.get ? d : {
+          enumerable: true,
+          get: function () { return e[k]; }
+        });
+      }
+    });
+  }
+  n.default = e;
+  return Object.freeze(n);
+}
+
+var fs__namespace = /*#__PURE__*/_interopNamespace(fs);
+var path__namespace = /*#__PURE__*/_interopNamespace(path);
+
+// src/types.ts
+var KontextErrorCode = /* @__PURE__ */ ((KontextErrorCode2) => {
+  KontextErrorCode2["INITIALIZATION_ERROR"] = "INITIALIZATION_ERROR";
+  KontextErrorCode2["VALIDATION_ERROR"] = "VALIDATION_ERROR";
+  KontextErrorCode2["TASK_NOT_FOUND"] = "TASK_NOT_FOUND";
+  KontextErrorCode2["TASK_ALREADY_CONFIRMED"] = "TASK_ALREADY_CONFIRMED";
+  KontextErrorCode2["TASK_EXPIRED"] = "TASK_EXPIRED";
+  KontextErrorCode2["INSUFFICIENT_EVIDENCE"] = "INSUFFICIENT_EVIDENCE";
+  KontextErrorCode2["API_ERROR"] = "API_ERROR";
+  KontextErrorCode2["NETWORK_ERROR"] = "NETWORK_ERROR";
+  KontextErrorCode2["EXPORT_ERROR"] = "EXPORT_ERROR";
+  KontextErrorCode2["ANOMALY_CONFIG_ERROR"] = "ANOMALY_CONFIG_ERROR";
+  return KontextErrorCode2;
+})(KontextErrorCode || {});
+var KontextError = class extends Error {
+  code;
+  details;
+  constructor(code, message, details) {
+    super(message);
+    this.name = "KontextError";
+    this.code = code;
+    this.details = details;
+  }
+};
+
+// src/store.ts
+var KontextStore = class {
+  actions = [];
+  transactions = [];
+  tasks = /* @__PURE__ */ new Map();
+  anomalies = [];
+  // --------------------------------------------------------------------------
+  // Actions
+  // --------------------------------------------------------------------------
+  /** Append an action log entry. */
+  addAction(action) {
+    this.actions.push(action);
+  }
+  /** Retrieve all action log entries. */
+  getActions() {
+    return [...this.actions];
+  }
+  /** Retrieve actions filtered by a predicate. */
+  queryActions(predicate) {
+    return this.actions.filter(predicate);
+  }
+  /** Get actions for a specific agent. */
+  getActionsByAgent(agentId) {
+    return this.actions.filter((a) => a.agentId === agentId);
+  }
+  // --------------------------------------------------------------------------
+  // Transactions
+  // --------------------------------------------------------------------------
+  /** Append a transaction record. */
+  addTransaction(tx) {
+    this.transactions.push(tx);
+  }
+  /** Retrieve all transaction records. */
+  getTransactions() {
+    return [...this.transactions];
+  }
+  /** Retrieve transactions filtered by a predicate. */
+  queryTransactions(predicate) {
+    return this.transactions.filter(predicate);
+  }
+  /** Get transactions for a specific agent. */
+  getTransactionsByAgent(agentId) {
+    return this.transactions.filter((t) => t.agentId === agentId);
+  }
+  /** Get the most recent N transactions for an agent. */
+  getRecentTransactions(agentId, limit) {
+    return this.transactions.filter((t) => t.agentId === agentId).slice(-limit);
+  }
+  // --------------------------------------------------------------------------
+  // Tasks
+  // --------------------------------------------------------------------------
+  /** Store a task. */
+  addTask(task) {
+    this.tasks.set(task.id, task);
+  }
+  /** Retrieve a task by ID. */
+  getTask(taskId) {
+    return this.tasks.get(taskId);
+  }
+  /** Update a task. */
+  updateTask(taskId, updates) {
+    const existing = this.tasks.get(taskId);
+    if (!existing) return void 0;
+    const updated = { ...existing, ...updates };
+    this.tasks.set(taskId, updated);
+    return updated;
+  }
+  /** Retrieve all tasks. */
+  getTasks() {
+    return Array.from(this.tasks.values());
+  }
+  /** Retrieve tasks filtered by a predicate. */
+  queryTasks(predicate) {
+    return Array.from(this.tasks.values()).filter(predicate);
+  }
+  // --------------------------------------------------------------------------
+  // Anomalies
+  // --------------------------------------------------------------------------
+  /** Append an anomaly event. */
+  addAnomaly(anomaly) {
+    this.anomalies.push(anomaly);
+  }
+  /** Retrieve all anomaly events. */
+  getAnomalies() {
+    return [...this.anomalies];
+  }
+  /** Retrieve anomalies filtered by a predicate. */
+  queryAnomalies(predicate) {
+    return this.anomalies.filter(predicate);
+  }
+  // --------------------------------------------------------------------------
+  // Utilities
+  // --------------------------------------------------------------------------
+  /** Get total record counts across all stores. */
+  getCounts() {
+    return {
+      actions: this.actions.length,
+      transactions: this.transactions.length,
+      tasks: this.tasks.size,
+      anomalies: this.anomalies.length
+    };
+  }
+  /** Clear all stored data. Useful for testing. */
+  clear() {
+    this.actions = [];
+    this.transactions = [];
+    this.tasks.clear();
+    this.anomalies = [];
+  }
+};
+var DIGEST_EXCLUDED_FIELDS = /* @__PURE__ */ new Set(["digest", "priorDigest"]);
+function serializeForDigest(action) {
+  const keys = Object.keys(action).filter((k) => !DIGEST_EXCLUDED_FIELDS.has(k)).sort();
+  return JSON.stringify(action, keys);
+}
+var GENESIS_HASH = "0".repeat(64);
+var DigestChain = class {
+  links = [];
+  currentDigest = GENESIS_HASH;
+  hrtimeBase;
+  constructor() {
+    this.hrtimeBase = process.hrtime.bigint();
+  }
+  /**
+   * Append an action to the digest chain.
+   *
+   * Computes: HD = SHA-256(HD-1 || Serialize(ED) || SD)
+   *
+   * @param action - The action log entry to chain
+   * @returns The digest link for this event
+   */
+  append(action) {
+    const timestamp = this.getPrecisionTimestamp();
+    const serialized = this.serialize(action);
+    const salt = this.deriveSalt(timestamp);
+    const priorDigest = this.currentDigest;
+    const digest = this.computeDigest(priorDigest, serialized, salt);
+    const link = {
+      digest,
+      priorDigest,
+      salt,
+      timestamp,
+      sequence: this.links.length,
+      actionId: action.id
+    };
+    this.links.push(link);
+    this.currentDigest = digest;
+    return link;
+  }
+  /**
+   * Get the terminal digest — the latest digest in the chain.
+   * This can be embedded in outgoing messages as proof of the entire action history.
+   */
+  getTerminalDigest() {
+    return this.currentDigest;
+  }
+  /**
+   * Get the number of links in the chain.
+   */
+  getChainLength() {
+    return this.links.length;
+  }
+  /**
+   * Get all digest links in the chain.
+   */
+  getLinks() {
+    return this.links;
+  }
+  /**
+   * Get a specific digest link by sequence number.
+   */
+  getLink(sequence) {
+    return this.links[sequence];
+  }
+  /**
+   * Verify the integrity of the entire digest chain.
+   *
+   * Recomputes every digest from the genesis hash and compares.
+   * Any tampering (modified, inserted, deleted, or reordered events)
+   * will cause verification to fail.
+   *
+   * @param actions - The original action logs to verify against
+   * @returns Verification result with timing data
+   */
+  verify(actions) {
+    const start = performance.now();
+    if (actions.length !== this.links.length) {
+      return {
+        valid: false,
+        linksVerified: 0,
+        firstInvalidIndex: 0,
+        verificationTimeMs: performance.now() - start,
+        terminalDigest: this.currentDigest
+      };
+    }
+    let computedDigest = GENESIS_HASH;
+    for (let i = 0; i < this.links.length; i++) {
+      const link = this.links[i];
+      const action = actions[i];
+      const serialized = this.serialize(action);
+      const expectedDigest = this.computeDigest(computedDigest, serialized, link.salt);
+      if (expectedDigest !== link.digest) {
+        return {
+          valid: false,
+          linksVerified: i,
+          firstInvalidIndex: i,
+          verificationTimeMs: performance.now() - start,
+          terminalDigest: this.currentDigest
+        };
+      }
+      computedDigest = expectedDigest;
+    }
+    return {
+      valid: true,
+      linksVerified: this.links.length,
+      firstInvalidIndex: -1,
+      verificationTimeMs: performance.now() - start,
+      terminalDigest: this.currentDigest
+    };
+  }
+  /**
+   * Verify a single link in isolation (given the expected prior digest).
+   *
+   * @param link - The digest link to verify
+   * @param action - The action data for this link
+   * @param expectedPriorDigest - The expected prior digest
+   * @returns Whether the link is valid
+   */
+  verifyLink(link, action, expectedPriorDigest) {
+    const serialized = this.serialize(action);
+    const expectedDigest = this.computeDigest(expectedPriorDigest, serialized, link.salt);
+    return expectedDigest === link.digest;
+  }
+  /**
+   * Export the chain data for independent verification by a third party.
+   * Includes all links and enough data for recomputation.
+   */
+  exportChain() {
+    return {
+      genesisHash: GENESIS_HASH,
+      links: [...this.links],
+      terminalDigest: this.currentDigest
+    };
+  }
+  // --------------------------------------------------------------------------
+  // Core cryptographic operations
+  // --------------------------------------------------------------------------
+  /**
+   * Compute: HD = SHA-256(HD-1 || Serialize(ED) || SD)
+   */
+  computeDigest(priorDigest, serializedEvent, salt) {
+    const hash = crypto$1.createHash("sha256");
+    hash.update(priorDigest);
+    hash.update(serializedEvent);
+    hash.update(salt);
+    return hash.digest("hex");
+  }
+  /**
+   * Deterministically serialize an action log for digest computation.
+   * Uses sorted keys to ensure consistent serialization regardless of
+   * property insertion order. Excludes digest/priorDigest fields since
+   * those are computed from this serialization.
+   */
+  serialize(action) {
+    return serializeForDigest(action);
+  }
+  /**
+   * Derive a salt from the event's high-precision timestamp.
+   * SD = SHA-256(microsecond_timestamp)
+   */
+  deriveSalt(timestamp) {
+    const hash = crypto$1.createHash("sha256");
+    hash.update(timestamp.hrtime.toString());
+    return hash.digest("hex");
+  }
+  /**
+   * Get a microsecond-precision timestamp.
+   * Combines wall clock time with high-resolution timer for sub-millisecond precision.
+   */
+  getPrecisionTimestamp() {
+    const hrtime = process.hrtime.bigint();
+    const microseconds = Number((hrtime - this.hrtimeBase) % 1000000n);
+    return {
+      iso: (/* @__PURE__ */ new Date()).toISOString(),
+      hrtime,
+      microseconds
+    };
+  }
+};
+function verifyExportedChain(chain, actions) {
+  const start = performance.now();
+  if (actions.length !== chain.links.length) {
+    return {
+      valid: false,
+      linksVerified: 0,
+      firstInvalidIndex: 0,
+      verificationTimeMs: performance.now() - start,
+      terminalDigest: chain.terminalDigest
+    };
+  }
+  let computedDigest = chain.genesisHash;
+  for (let i = 0; i < chain.links.length; i++) {
+    const link = chain.links[i];
+    const action = actions[i];
+    const serialized = serializeForDigest(action);
+    const hash = crypto$1.createHash("sha256");
+    hash.update(computedDigest);
+    hash.update(serialized);
+    hash.update(link.salt);
+    const expectedDigest = hash.digest("hex");
+    if (expectedDigest !== link.digest) {
+      return {
+        valid: false,
+        linksVerified: i,
+        firstInvalidIndex: i,
+        verificationTimeMs: performance.now() - start,
+        terminalDigest: chain.terminalDigest
+      };
+    }
+    computedDigest = expectedDigest;
+  }
+  const valid = computedDigest === chain.terminalDigest;
+  return {
+    valid,
+    linksVerified: chain.links.length,
+    firstInvalidIndex: valid ? -1 : chain.links.length,
+    verificationTimeMs: performance.now() - start,
+    terminalDigest: chain.terminalDigest
+  };
+}
+
+// src/utils.ts
+function generateId() {
+  if (typeof crypto !== "undefined" && typeof crypto.randomUUID === "function") {
+    return crypto.randomUUID();
+  }
+  const timestamp = Date.now().toString(36);
+  const random = Math.random().toString(36).substring(2, 10);
+  return `${timestamp}-${random}`;
+}
+function now() {
+  return (/* @__PURE__ */ new Date()).toISOString();
+}
+function isWithinDateRange(date, start, end) {
+  const d = typeof date === "string" ? new Date(date) : date;
+  return d >= start && d <= end;
+}
+function parseAmount(amount) {
+  const parsed = parseFloat(amount);
+  return parsed;
+}
+function toCsv(records) {
+  if (records.length === 0) return "";
+  const firstRecord = records[0];
+  if (!firstRecord) return "";
+  const headers = Object.keys(firstRecord);
+  const headerRow = headers.join(",");
+  const rows = records.map((record) => {
+    return headers.map((header) => {
+      const value = record[header];
+      if (value === null || value === void 0) return "";
+      const str = typeof value === "object" ? JSON.stringify(value) : String(value);
+      if (str.includes(",") || str.includes('"') || str.includes("\n")) {
+        return `"${str.replace(/"/g, '""')}"`;
+      }
+      return str;
+    }).join(",");
+  });
+  return [headerRow, ...rows].join("\n");
+}
+function clamp(value, min, max) {
+  return Math.min(Math.max(value, min), max);
+}
+var ActionLogger = class {
+  config;
+  store;
+  digestChain;
+  batch = [];
+  flushTimer = null;
+  batchSize;
+  flushIntervalMs;
+  isCloudMode;
+  constructor(config, store) {
+    this.config = config;
+    this.store = store;
+    this.digestChain = new DigestChain();
+    this.batchSize = config.batchSize ?? 50;
+    this.flushIntervalMs = config.flushIntervalMs ?? 5e3;
+    this.isCloudMode = !!config.apiKey;
+    this.flushTimer = setInterval(() => {
+      void this.flush();
+    }, this.flushIntervalMs);
+    if (this.flushTimer && typeof this.flushTimer === "object" && "unref" in this.flushTimer) {
+      this.flushTimer.unref();
+    }
+  }
+  /**
+   * Log a generic agent action.
+   *
+   * @param input - Action details including type, description, agentId, and metadata
+   * @returns The created ActionLog entry
+   *
+   * @example
+   * ```typescript
+   * const action = await logger.log({
+   *   type: 'approval',
+   *   description: 'Agent approved USDC spending',
+   *   agentId: 'agent-1',
+   *   metadata: { spender: '0x...', amount: '1000' },
+   * });
+   * ```
+   */
+  async log(input) {
+    const action = {
+      id: generateId(),
+      timestamp: now(),
+      projectId: this.config.projectId,
+      agentId: input.agentId,
+      correlationId: input.correlationId ?? generateId(),
+      type: input.type,
+      description: input.description,
+      metadata: input.metadata ?? {}
+    };
+    const link = this.digestChain.append(action);
+    action.digest = link.digest;
+    action.priorDigest = link.priorDigest;
+    this.store.addAction(action);
+    this.batch.push(action);
+    if (this.batch.length >= this.batchSize) {
+      await this.flush();
+    }
+    if (this.config.debug) {
+      this.debugLog("Action logged", action);
+    }
+    return action;
+  }
+  /**
+   * Log a cryptocurrency transaction with full chain details.
+   *
+   * @param input - Transaction details including txHash, chain, amount, token, from, to
+   * @returns The created TransactionRecord
+   *
+   * @example
+   * ```typescript
+   * const tx = await logger.logTransaction({
+   *   txHash: '0xabc123...',
+   *   chain: 'base',
+   *   amount: '100.00',
+   *   token: 'USDC',
+   *   from: '0xSender...',
+   *   to: '0xReceiver...',
+   *   agentId: 'payment-agent-1',
+   * });
+   * ```
+   */
+  async logTransaction(input) {
+    this.validateTransactionInput(input);
+    const correlationId = input.correlationId ?? generateId();
+    const record = {
+      id: generateId(),
+      timestamp: now(),
+      projectId: this.config.projectId,
+      agentId: input.agentId,
+      correlationId,
+      type: "transaction",
+      description: `${input.token} transfer of ${input.amount} on ${input.chain}`,
+      metadata: {
+        ...input.metadata
+      },
+      txHash: input.txHash,
+      chain: input.chain,
+      amount: input.amount,
+      token: input.token,
+      from: input.from,
+      to: input.to
+    };
+    const link = this.digestChain.append(record);
+    record.digest = link.digest;
+    record.priorDigest = link.priorDigest;
+    this.store.addTransaction(record);
+    this.store.addAction(record);
+    this.batch.push(record);
+    if (this.batch.length >= this.batchSize) {
+      await this.flush();
+    }
+    if (this.config.debug) {
+      this.debugLog("Transaction logged", record);
+    }
+    return record;
+  }
+  /**
+   * Flush the current batch of logs.
+   * In local mode, writes to a JSON file.
+   * In cloud mode, sends to the Kontext API.
+   */
+  async flush() {
+    if (this.batch.length === 0) return;
+    const toFlush = [...this.batch];
+    this.batch = [];
+    if (this.isCloudMode) {
+      await this.flushToApi(toFlush);
+    } else {
+      this.flushToFile(toFlush);
+    }
+  }
+  /**
+   * Stop the logger and flush any remaining logs.
+   */
+  async destroy() {
+    if (this.flushTimer) {
+      clearInterval(this.flushTimer);
+      this.flushTimer = null;
+    }
+    await this.flush();
+  }
+  // --------------------------------------------------------------------------
+  // Digest Chain Access
+  // --------------------------------------------------------------------------
+  /**
+   * Get the terminal digest — the latest SHA-256 digest in the chain.
+   * Can be embedded in outgoing messages as tamper-evident proof.
+   */
+  getTerminalDigest() {
+    return this.digestChain.getTerminalDigest();
+  }
+  /**
+   * Get the full digest chain for export or verification.
+   */
+  getDigestChain() {
+    return this.digestChain;
+  }
+  /**
+   * Verify the integrity of the digest chain against stored actions.
+   */
+  verifyChain(actions) {
+    return this.digestChain.verify(actions);
+  }
+  // --------------------------------------------------------------------------
+  // Private helpers
+  // --------------------------------------------------------------------------
+  validateTransactionInput(input) {
+    const amount = parseAmount(input.amount);
+    if (isNaN(amount) || amount < 0) {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        `Invalid transaction amount: ${input.amount}`,
+        { field: "amount", value: input.amount }
+      );
+    }
+    if (!input.txHash || input.txHash.trim() === "") {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        "Transaction hash is required",
+        { field: "txHash" }
+      );
+    }
+    if (!input.from || input.from.trim() === "") {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        "Sender address (from) is required",
+        { field: "from" }
+      );
+    }
+    if (!input.to || input.to.trim() === "") {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        "Recipient address (to) is required",
+        { field: "to" }
+      );
+    }
+    const validChains = ["ethereum", "base", "polygon", "arbitrum", "optimism", "arc"];
+    if (!validChains.includes(input.chain)) {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        `Invalid chain: ${input.chain}. Must be one of: ${validChains.join(", ")}`,
+        { field: "chain", value: input.chain }
+      );
+    }
+    const validTokens = ["USDC", "USDT", "DAI", "EURC"];
+    if (!validTokens.includes(input.token)) {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        `Invalid token: ${input.token}. Must be one of: ${validTokens.join(", ")}`,
+        { field: "token", value: input.token }
+      );
+    }
+  }
+  flushToFile(actions) {
+    const outputDir = this.config.localOutputDir ?? ".kontext";
+    const logDir = path__namespace.join(outputDir, "logs");
+    try {
+      fs__namespace.mkdirSync(logDir, { recursive: true });
+      const filename = `actions-${(/* @__PURE__ */ new Date()).toISOString().split("T")[0]}.jsonl`;
+      const filePath = path__namespace.join(logDir, filename);
+      const lines = actions.map((a) => JSON.stringify(a)).join("\n") + "\n";
+      fs__namespace.appendFileSync(filePath, lines, "utf-8");
+    } catch (error) {
+      if (this.config.debug) {
+        this.debugLog("Failed to write log file", { error });
+      }
+    }
+  }
+  async flushToApi(actions) {
+    const apiUrl = this.config.apiUrl ?? "https://api.kontext.dev";
+    try {
+      const response = await fetch(`${apiUrl}/v1/actions`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${this.config.apiKey}`,
+          "X-Project-Id": this.config.projectId
+        },
+        body: JSON.stringify({ actions })
+      });
+      if (!response.ok) {
+        throw new KontextError(
+          "API_ERROR" /* API_ERROR */,
+          `API request failed with status ${response.status}`,
+          { status: response.status }
+        );
+      }
+    } catch (error) {
+      if (error instanceof KontextError) throw error;
+      if (this.config.debug) {
+        this.debugLog("API flush failed, falling back to local file", { error });
+      }
+      this.flushToFile(actions);
+    }
+  }
+  debugLog(message, data) {
+    const timestamp = now();
+    console.debug(`[Kontext ${timestamp}] ${message}`, data ? JSON.stringify(data, null, 2) : "");
+  }
+};
+
+// src/tasks.ts
+var DEFAULT_EXPIRATION_MS = 24 * 60 * 60 * 1e3;
+var TaskManager = class {
+  config;
+  store;
+  constructor(config, store) {
+    this.config = config;
+    this.store = store;
+  }
+  /**
+   * Create a new tracked task.
+   *
+   * @param input - Task details including description, agentId, and required evidence types
+   * @returns The created Task
+   *
+   * @example
+   * ```typescript
+   * const task = await taskManager.createTask({
+   *   description: 'Transfer 100 USDC to vendor wallet',
+   *   agentId: 'payment-agent-1',
+   *   requiredEvidence: ['txHash', 'receipt'],
+   * });
+   * ```
+   */
+  async createTask(input) {
+    this.validateCreateInput(input);
+    const id = generateId();
+    const timestamp = now();
+    const expiresInMs = input.expiresInMs ?? DEFAULT_EXPIRATION_MS;
+    const task = {
+      id,
+      projectId: this.config.projectId,
+      description: input.description,
+      agentId: input.agentId,
+      status: "pending",
+      requiredEvidence: input.requiredEvidence,
+      providedEvidence: null,
+      correlationId: input.correlationId ?? generateId(),
+      createdAt: timestamp,
+      updatedAt: timestamp,
+      confirmedAt: null,
+      expiresAt: new Date(Date.now() + expiresInMs).toISOString(),
+      metadata: input.metadata ?? {}
+    };
+    this.store.addTask(task);
+    if (this.config.debug) {
+      console.debug(`[Kontext] Task created: ${id} - ${input.description}`);
+    }
+    return task;
+  }
+  /**
+   * Confirm a task by providing evidence.
+   * Validates that all required evidence types are present.
+   *
+   * @param input - Task ID and evidence data
+   * @returns The updated Task
+   *
+   * @example
+   * ```typescript
+   * const confirmed = await taskManager.confirmTask({
+   *   taskId: 'task-123',
+   *   evidence: {
+   *     txHash: '0xabc123...',
+   *     receipt: { status: 'confirmed', blockNumber: 12345 },
+   *   },
+   * });
+   * ```
+   */
+  async confirmTask(input) {
+    const task = this.store.getTask(input.taskId);
+    if (!task) {
+      throw new KontextError(
+        "TASK_NOT_FOUND" /* TASK_NOT_FOUND */,
+        `Task not found: ${input.taskId}`,
+        { taskId: input.taskId }
+      );
+    }
+    if (task.status === "confirmed") {
+      throw new KontextError(
+        "TASK_ALREADY_CONFIRMED" /* TASK_ALREADY_CONFIRMED */,
+        `Task already confirmed: ${input.taskId}`,
+        { taskId: input.taskId, confirmedAt: task.confirmedAt }
+      );
+    }
+    if (task.expiresAt && new Date(task.expiresAt) < /* @__PURE__ */ new Date()) {
+      this.store.updateTask(input.taskId, {
+        status: "expired",
+        updatedAt: now()
+      });
+      throw new KontextError(
+        "TASK_EXPIRED" /* TASK_EXPIRED */,
+        `Task has expired: ${input.taskId}`,
+        { taskId: input.taskId, expiresAt: task.expiresAt }
+      );
+    }
+    const missingEvidence = this.findMissingEvidence(task.requiredEvidence, input.evidence);
+    if (missingEvidence.length > 0) {
+      throw new KontextError(
+        "INSUFFICIENT_EVIDENCE" /* INSUFFICIENT_EVIDENCE */,
+        `Missing required evidence: ${missingEvidence.join(", ")}`,
+        { taskId: input.taskId, missingEvidence }
+      );
+    }
+    const timestamp = now();
+    const updated = this.store.updateTask(input.taskId, {
+      status: "confirmed",
+      providedEvidence: input.evidence,
+      confirmedAt: timestamp,
+      updatedAt: timestamp
+    });
+    if (!updated) {
+      throw new KontextError(
+        "TASK_NOT_FOUND" /* TASK_NOT_FOUND */,
+        `Failed to update task: ${input.taskId}`,
+        { taskId: input.taskId }
+      );
+    }
+    if (this.config.debug) {
+      console.debug(`[Kontext] Task confirmed: ${input.taskId}`);
+    }
+    return updated;
+  }
+  /**
+   * Get the current status and details of a task.
+   *
+   * @param taskId - The task identifier
+   * @returns The task, or undefined if not found
+   */
+  async getTaskStatus(taskId) {
+    const task = this.store.getTask(taskId);
+    if (!task) return void 0;
+    if (task.expiresAt && task.status === "pending" && new Date(task.expiresAt) < /* @__PURE__ */ new Date()) {
+      const updated = this.store.updateTask(taskId, {
+        status: "expired",
+        updatedAt: now()
+      });
+      return updated;
+    }
+    return task;
+  }
+  /**
+   * Mark a task as in-progress.
+   *
+   * @param taskId - The task identifier
+   * @returns The updated Task
+   */
+  async startTask(taskId) {
+    const task = this.store.getTask(taskId);
+    if (!task) {
+      throw new KontextError(
+        "TASK_NOT_FOUND" /* TASK_NOT_FOUND */,
+        `Task not found: ${taskId}`,
+        { taskId }
+      );
+    }
+    if (task.status !== "pending") {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        `Task cannot be started from status: ${task.status}`,
+        { taskId, currentStatus: task.status }
+      );
+    }
+    const updated = this.store.updateTask(taskId, {
+      status: "in_progress",
+      updatedAt: now()
+    });
+    if (!updated) {
+      throw new KontextError(
+        "TASK_NOT_FOUND" /* TASK_NOT_FOUND */,
+        `Failed to update task: ${taskId}`,
+        { taskId }
+      );
+    }
+    return updated;
+  }
+  /**
+   * Mark a task as failed.
+   *
+   * @param taskId - The task identifier
+   * @param reason - Reason for failure
+   * @returns The updated Task
+   */
+  async failTask(taskId, reason) {
+    const task = this.store.getTask(taskId);
+    if (!task) {
+      throw new KontextError(
+        "TASK_NOT_FOUND" /* TASK_NOT_FOUND */,
+        `Task not found: ${taskId}`,
+        { taskId }
+      );
+    }
+    const updated = this.store.updateTask(taskId, {
+      status: "failed",
+      updatedAt: now(),
+      metadata: { ...task.metadata, failureReason: reason }
+    });
+    if (!updated) {
+      throw new KontextError(
+        "TASK_NOT_FOUND" /* TASK_NOT_FOUND */,
+        `Failed to update task: ${taskId}`,
+        { taskId }
+      );
+    }
+    return updated;
+  }
+  /**
+   * Get all tasks, optionally filtered by status.
+   *
+   * @param status - Optional status filter
+   * @returns Array of matching tasks
+   */
+  getTasks(status) {
+    if (status) {
+      return this.store.queryTasks((t) => t.status === status);
+    }
+    return this.store.getTasks();
+  }
+  // --------------------------------------------------------------------------
+  // Private helpers
+  // --------------------------------------------------------------------------
+  validateCreateInput(input) {
+    if (!input.description || input.description.trim() === "") {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        "Task description is required",
+        { field: "description" }
+      );
+    }
+    if (!input.agentId || input.agentId.trim() === "") {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        "Agent ID is required",
+        { field: "agentId" }
+      );
+    }
+    if (!input.requiredEvidence || input.requiredEvidence.length === 0) {
+      throw new KontextError(
+        "VALIDATION_ERROR" /* VALIDATION_ERROR */,
+        "At least one required evidence type must be specified",
+        { field: "requiredEvidence" }
+      );
+    }
+  }
+  findMissingEvidence(required, provided) {
+    return required.filter((key) => {
+      const value = provided[key];
+      return value === void 0 || value === null;
+    });
+  }
+};
+
+// src/audit.ts
+var AuditExporter = class {
+  config;
+  store;
+  constructor(config, store) {
+    this.config = config;
+    this.store = store;
+  }
+  /**
+   * Export audit data in the specified format.
+   *
+   * @param options - Export configuration including format, date range, and filters
+   * @returns ExportResult containing the formatted data
+   *
+   * @example
+   * ```typescript
+   * const result = await exporter.export({
+   *   format: 'json',
+   *   dateRange: { start: new Date('2026-01-01'), end: new Date() },
+   *   agentIds: ['payment-agent-1'],
+   *   includeTasks: true,
+   *   includeAnomalies: true,
+   * });
+   * ```
+   */
+  async export(options) {
+    const actions = this.filterActions(options);
+    const transactions = this.filterTransactions(options);
+    const tasks = options.includeTasks ? this.filterTasks(options) : [];
+    const anomalies = options.includeAnomalies ? this.filterAnomalies(options) : [];
+    const records = {
+      actions,
+      transactions,
+      tasks,
+      anomalies,
+      exportMetadata: {
+        projectId: this.config.projectId,
+        exportedAt: now(),
+        filters: {
+          dateRange: options.dateRange ? { start: options.dateRange.start.toISOString(), end: options.dateRange.end.toISOString() } : null,
+          agentIds: options.agentIds ?? null,
+          types: options.types ?? null,
+          chains: options.chains ?? null
+        }
+      }
+    };
+    const totalCount = actions.length + transactions.length + tasks.length + anomalies.length;
+    let data;
+    if (options.format === "csv") {
+      data = this.formatAsCsv(actions, transactions, tasks, anomalies);
+    } else {
+      data = JSON.stringify(records, null, 2);
+    }
+    return {
+      format: options.format,
+      exportedAt: now(),
+      recordCount: totalCount,
+      data
+    };
+  }
+  /**
+   * Generate a compliance report for a given period.
+   *
+   * @param options - Report configuration including type, period, and filters
+   * @returns ComplianceReport with summary statistics and detailed records
+   *
+   * @example
+   * ```typescript
+   * const report = await exporter.generateReport({
+   *   type: 'compliance',
+   *   period: { start: new Date('2026-01-01'), end: new Date() },
+   * });
+   * ```
+   */
+  async generateReport(options) {
+    const exportOptions = {
+      format: "json",
+      dateRange: options.period,
+      agentIds: options.agentIds,
+      includeTasks: true,
+      includeAnomalies: true
+    };
+    const actions = this.filterActions(exportOptions);
+    const transactions = this.filterTransactions(exportOptions);
+    const tasks = this.filterTasks(exportOptions);
+    const anomalies = this.filterAnomalies(exportOptions);
+    const confirmedTasks = tasks.filter((t) => t.status === "confirmed").length;
+    const failedTasks = tasks.filter((t) => t.status === "failed").length;
+    const taskCompletionRate = tasks.length > 0 ? confirmedTasks / tasks.length : 1;
+    const anomalyRate = actions.length > 0 ? 1 - anomalies.length / actions.length : 1;
+    const averageTrustScore = Math.round(
+      (taskCompletionRate * 50 + anomalyRate * 50) * 100
+    ) / 100;
+    const report = {
+      id: generateId(),
+      type: options.type,
+      generatedAt: now(),
+      period: options.period,
+      projectId: this.config.projectId,
+      summary: {
+        totalActions: actions.length,
+        totalTransactions: transactions.length,
+        totalTasks: tasks.length,
+        confirmedTasks,
+        failedTasks,
+        totalAnomalies: anomalies.length,
+        averageTrustScore
+      },
+      actions,
+      transactions,
+      tasks,
+      anomalies
+    };
+    return report;
+  }
+  // --------------------------------------------------------------------------
+  // SAR Report Generation
+  // --------------------------------------------------------------------------
+  /**
+   * Generate a Suspicious Activity Report (SAR) template.
+   *
+   * This produces a structured SAR template populated with data from the SDK.
+   * It is a template/structure, not an actual regulatory filing. Organizations
+   * should review and supplement this data before formal submission.
+   *
+   * @param options - Report configuration including period and optional filters
+   * @returns SARReport template populated with flagged transactions and anomalies
+   *
+   * @example
+   * ```typescript
+   * const sar = await exporter.generateSARReport({
+   *   type: 'sar',
+   *   period: { start: new Date('2026-01-01'), end: new Date() },
+   * });
+   * console.log(`SAR contains ${sar.suspiciousTransactions.length} flagged transactions`);
+   * ```
+   */
+  async generateSARReport(options) {
+    const exportOptions = {
+      format: "json",
+      dateRange: options.period,
+      agentIds: options.agentIds,
+      includeTasks: true,
+      includeAnomalies: true
+    };
+    const actions = this.filterActions(exportOptions);
+    const transactions = this.filterTransactions(exportOptions);
+    const anomalies = this.filterAnomalies(exportOptions);
+    const anomalyActionIds = new Set(anomalies.map((a) => a.actionId));
+    const suspiciousTransactions = transactions.filter(
+      (tx) => anomalyActionIds.has(tx.id)
+    );
+    const anomalyAgentIds = new Set(anomalies.map((a) => a.agentId));
+    const additionalSuspicious = suspiciousTransactions.length === 0 ? transactions.filter((tx) => anomalyAgentIds.has(tx.agentId)) : [];
+    const allSuspicious = [...suspiciousTransactions, ...additionalSuspicious];
+    const subjectMap = /* @__PURE__ */ new Map();
+    for (const tx of allSuspicious) {
+      if (!subjectMap.has(tx.agentId)) {
+        const agentTxs = transactions.filter((t) => t.agentId === tx.agentId);
+        const addresses = /* @__PURE__ */ new Set();
+        for (const t of agentTxs) {
+          addresses.add(t.from);
+          addresses.add(t.to);
+        }
+        subjectMap.set(tx.agentId, {
+          name: tx.agentId,
+          agentId: tx.agentId,
+          addresses: Array.from(addresses)
+        });
+      }
+    }
+    const totalAmount = allSuspicious.reduce((sum, tx) => sum + (parseAmount(tx.amount) || 0), 0).toFixed(2);
+    const tokenCounts = /* @__PURE__ */ new Map();
+    for (const tx of allSuspicious) {
+      tokenCounts.set(tx.token, (tokenCounts.get(tx.token) ?? 0) + 1);
+    }
+    const currency = tokenCounts.size > 0 ? Array.from(tokenCounts.entries()).sort((a, b) => b[1] - a[1])[0][0] : "USDC";
+    const activityCategories = Array.from(
+      new Set(anomalies.map((a) => this.anomalyTypeToCategory(a.type)))
+    );
+    const narrative = this.generateSARNarrative(
+      allSuspicious,
+      anomalies,
+      options.period
+    );
+    return {
+      id: generateId(),
+      type: "sar",
+      generatedAt: now(),
+      period: options.period,
+      projectId: this.config.projectId,
+      filingInstitution: this.config.projectId,
+      subjects: Array.from(subjectMap.values()),
+      narrative,
+      activityCategories,
+      totalAmount,
+      currency,
+      suspiciousTransactions: allSuspicious,
+      anomalies,
+      supportingActions: actions.filter(
+        (a) => anomalyAgentIds.has(a.agentId)
+      ),
+      isContinuingActivity: false,
+      priorReportId: null,
+      status: "draft"
+    };
+  }
+  // --------------------------------------------------------------------------
+  // CTR Report Generation
+  // --------------------------------------------------------------------------
+  /**
+   * Generate a Currency Transaction Report (CTR) template.
+   *
+   * This produces a structured CTR template for transactions that meet or
+   * exceed reporting thresholds. It is a template/structure, not an actual
+   * regulatory filing. Organizations should review and supplement this data
+   * before formal submission.
+   *
+   * @param options - Report configuration including period and optional filters
+   * @returns CTRReport template populated with qualifying transactions
+   *
+   * @example
+   * ```typescript
+   * const ctr = await exporter.generateCTRReport({
+   *   type: 'ctr',
+   *   period: { start: new Date('2026-01-01'), end: new Date() },
+   * });
+   * console.log(`CTR covers ${ctr.transactions.length} reportable transactions`);
+   * ```
+   */
+  async generateCTRReport(options) {
+    const REPORTING_THRESHOLD2 = 1e4;
+    const exportOptions = {
+      format: "json",
+      dateRange: options.period,
+      agentIds: options.agentIds,
+      includeTasks: false,
+      includeAnomalies: false
+    };
+    const actions = this.filterActions(exportOptions);
+    const transactions = this.filterTransactions(exportOptions);
+    const reportableTransactions = transactions.filter((tx) => {
+      const amount = parseAmount(tx.amount);
+      return !isNaN(amount) && amount >= REPORTING_THRESHOLD2;
+    });
+    const agentDailyTotals = /* @__PURE__ */ new Map();
+    for (const tx of transactions) {
+      const day = tx.timestamp.split("T")[0];
+      const key = `${tx.agentId}:${day}`;
+      agentDailyTotals.set(key, (agentDailyTotals.get(key) ?? 0) + (parseAmount(tx.amount) || 0));
+    }
+    const structuringKeys = /* @__PURE__ */ new Set();
+    for (const [key, total] of agentDailyTotals.entries()) {
+      if (total >= REPORTING_THRESHOLD2) {
+        structuringKeys.add(key);
+      }
+    }
+    const reportableIds = new Set(reportableTransactions.map((tx) => tx.id));
+    const additionalStructuring = transactions.filter((tx) => {
+      if (reportableIds.has(tx.id)) return false;
+      const day = tx.timestamp.split("T")[0];
+      const key = `${tx.agentId}:${day}`;
+      return structuringKeys.has(key);
+    });
+    const allReportable = [...reportableTransactions, ...additionalStructuring];
+    const isAggregated = additionalStructuring.length > 0;
+    const conductorMap = /* @__PURE__ */ new Map();
+    for (const tx of allReportable) {
+      if (!conductorMap.has(tx.agentId)) {
+        const agentTxs = allReportable.filter((t) => t.agentId === tx.agentId);
+        const addresses = /* @__PURE__ */ new Set();
+        for (const t of agentTxs) {
+          addresses.add(t.from);
+          addresses.add(t.to);
+        }
+        conductorMap.set(tx.agentId, {
+          name: tx.agentId,
+          agentId: tx.agentId,
+          addresses: Array.from(addresses)
+        });
+      }
+    }
+    let cashIn = 0;
+    let cashOut = 0;
+    for (const tx of allReportable) {
+      const amount = parseAmount(tx.amount) || 0;
+      cashOut += amount;
+      cashIn += amount;
+    }
+    const chainsInvolved = Array.from(
+      new Set(allReportable.map((tx) => tx.chain))
+    );
+    const tokenCounts = /* @__PURE__ */ new Map();
+    for (const tx of allReportable) {
+      tokenCounts.set(tx.token, (tokenCounts.get(tx.token) ?? 0) + 1);
+    }
+    const currency = tokenCounts.size > 0 ? Array.from(tokenCounts.entries()).sort((a, b) => b[1] - a[1])[0][0] : "USDC";
+    return {
+      id: generateId(),
+      type: "ctr",
+      generatedAt: now(),
+      period: options.period,
+      projectId: this.config.projectId,
+      filingInstitution: this.config.projectId,
+      conductors: Array.from(conductorMap.values()),
+      transactions: allReportable,
+      totalCashIn: cashIn.toFixed(2),
+      totalCashOut: cashOut.toFixed(2),
+      currency,
+      isAggregated,
+      chainsInvolved,
+      supportingActions: actions.filter(
+        (a) => conductorMap.has(a.agentId)
+      ),
+      status: "draft"
+    };
+  }
+  // --------------------------------------------------------------------------
+  // SAR/CTR helpers
+  // --------------------------------------------------------------------------
+  anomalyTypeToCategory(type) {
+    const mapping = {
+      unusualAmount: "Unusual transaction amount",
+      frequencySpike: "Unusually high transaction frequency",
+      newDestination: "Transactions to unknown destinations",
+      offHoursActivity: "Activity during unusual hours",
+      rapidSuccession: "Rapid succession of transactions",
+      roundAmount: "Potential structuring (round amounts)"
+    };
+    return mapping[type] ?? `Other: ${type}`;
+  }
+  generateSARNarrative(transactions, anomalies, period) {
+    const startDate = period.start.toISOString().split("T")[0];
+    const endDate = period.end.toISOString().split("T")[0];
+    const parts = [];
+    parts.push(
+      `During the period from ${startDate} to ${endDate}, ${transactions.length} transaction(s) were identified as potentially suspicious.`
+    );
+    if (anomalies.length > 0) {
+      const typeCounts = /* @__PURE__ */ new Map();
+      for (const a of anomalies) {
+        typeCounts.set(a.type, (typeCounts.get(a.type) ?? 0) + 1);
+      }
+      const typeDesc = Array.from(typeCounts.entries()).map(([type, count]) => `${this.anomalyTypeToCategory(type)} (${count} occurrence(s))`).join("; ");
+      parts.push(`Anomaly detection identified the following patterns: ${typeDesc}.`);
+    }
+    const totalAmount = transactions.reduce((sum, tx) => sum + (parseAmount(tx.amount) || 0), 0).toFixed(2);
+    parts.push(`Total amount involved: ${totalAmount}.`);
+    const agents = new Set(transactions.map((t) => t.agentId));
+    parts.push(`Agent(s) involved: ${Array.from(agents).join(", ")}.`);
+    parts.push(
+      "This report is generated as a template for review. Additional investigation and supporting documentation should be attached before filing."
+    );
+    return parts.join(" ");
+  }
+  // --------------------------------------------------------------------------
+  // Private filtering
+  // --------------------------------------------------------------------------
+  filterActions(options) {
+    return this.store.queryActions((action) => {
+      if (options.dateRange && !isWithinDateRange(action.timestamp, options.dateRange.start, options.dateRange.end)) {
+        return false;
+      }
+      if (options.agentIds && !options.agentIds.includes(action.agentId)) {
+        return false;
+      }
+      if (options.types && !options.types.includes(action.type)) {
+        return false;
+      }
+      return true;
+    });
+  }
+  filterTransactions(options) {
+    return this.store.queryTransactions((tx) => {
+      if (options.dateRange && !isWithinDateRange(tx.timestamp, options.dateRange.start, options.dateRange.end)) {
+        return false;
+      }
+      if (options.agentIds && !options.agentIds.includes(tx.agentId)) {
+        return false;
+      }
+      if (options.chains && !options.chains.includes(tx.chain)) {
+        return false;
+      }
+      return true;
+    });
+  }
+  filterTasks(options) {
+    return this.store.queryTasks((task) => {
+      if (options.dateRange && !isWithinDateRange(task.createdAt, options.dateRange.start, options.dateRange.end)) {
+        return false;
+      }
+      if (options.agentIds && !options.agentIds.includes(task.agentId)) {
+        return false;
+      }
+      return true;
+    });
+  }
+  filterAnomalies(options) {
+    return this.store.queryAnomalies((anomaly) => {
+      if (options.dateRange && !isWithinDateRange(anomaly.detectedAt, options.dateRange.start, options.dateRange.end)) {
+        return false;
+      }
+      if (options.agentIds && !options.agentIds.includes(anomaly.agentId)) {
+        return false;
+      }
+      return true;
+    });
+  }
+  // --------------------------------------------------------------------------
+  // CSV formatting
+  // --------------------------------------------------------------------------
+  formatAsCsv(actions, transactions, tasks, anomalies) {
+    const sections = [];
+    if (actions.length > 0) {
+      const actionRecords = actions.map((a) => ({
+        section: "action",
+        id: a.id,
+        timestamp: a.timestamp,
+        projectId: a.projectId,
+        agentId: a.agentId,
+        correlationId: a.correlationId,
+        type: a.type,
+        description: a.description,
+        metadata: JSON.stringify(a.metadata)
+      }));
+      sections.push("# Actions\n" + toCsv(actionRecords));
+    }
+    if (transactions.length > 0) {
+      const txRecords = transactions.map((t) => ({
+        section: "transaction",
+        id: t.id,
+        timestamp: t.timestamp,
+        txHash: t.txHash,
+        chain: t.chain,
+        amount: t.amount,
+        token: t.token,
+        from: t.from,
+        to: t.to,
+        agentId: t.agentId
+      }));
+      sections.push("# Transactions\n" + toCsv(txRecords));
+    }
+    if (tasks.length > 0) {
+      const taskRecords = tasks.map((t) => ({
+        section: "task",
+        id: t.id,
+        description: t.description,
+        agentId: t.agentId,
+        status: t.status,
+        createdAt: t.createdAt,
+        confirmedAt: t.confirmedAt ?? "",
+        requiredEvidence: t.requiredEvidence.join(";")
+      }));
+      sections.push("# Tasks\n" + toCsv(taskRecords));
+    }
+    if (anomalies.length > 0) {
+      const anomalyRecords = anomalies.map((a) => ({
+        section: "anomaly",
+        id: a.id,
+        type: a.type,
+        severity: a.severity,
+        description: a.description,
+        agentId: a.agentId,
+        detectedAt: a.detectedAt,
+        reviewed: String(a.reviewed)
+      }));
+      sections.push("# Anomalies\n" + toCsv(anomalyRecords));
+    }
+    return sections.join("\n\n");
+  }
+};
+
+// src/trust.ts
+var TrustScorer = class {
+  config;
+  store;
+  constructor(config, store) {
+    this.config = config;
+    this.store = store;
+  }
+  /**
+   * Compute the trust score for a given agent.
+   *
+   * @param agentId - The agent identifier
+   * @returns TrustScore with overall score, factor breakdown, and trust level
+   *
+   * @example
+   * ```typescript
+   * const score = await scorer.getTrustScore('payment-agent-1');
+   * console.log(`Trust: ${score.score}/100 (${score.level})`);
+   * ```
+   */
+  async getTrustScore(agentId) {
+    const factors = this.computeAgentFactors(agentId);
+    const weightedScore = factors.reduce((sum, f) => sum + f.score * f.weight, 0);
+    const totalWeight = factors.reduce((sum, f) => sum + f.weight, 0);
+    const score = totalWeight > 0 ? Math.round(weightedScore / totalWeight) : 50;
+    const clampedScore = clamp(score, 0, 100);
+    return {
+      agentId,
+      score: clampedScore,
+      factors,
+      computedAt: now(),
+      level: this.scoreToLevel(clampedScore)
+    };
+  }
+  /**
+   * Evaluate the risk of a specific transaction.
+   *
+   * @param tx - Transaction input to evaluate
+   * @returns TransactionEvaluation with risk score, factors, and recommendation
+   *
+   * @example
+   * ```typescript
+   * const eval = await scorer.evaluateTransaction({
+   *   txHash: '0x...',
+   *   chain: 'base',
+   *   amount: '50000',
+   *   token: 'USDC',
+   *   from: '0xSender',
+   *   to: '0xReceiver',
+   *   agentId: 'agent-1',
+   * });
+   * if (eval.flagged) console.log('Transaction flagged for review');
+   * ```
+   */
+  async evaluateTransaction(tx) {
+    const factors = this.computeTransactionRiskFactors(tx);
+    const totalScore = factors.reduce((sum, f) => sum + f.score, 0);
+    const riskScore = clamp(Math.round(totalScore / Math.max(factors.length, 1)), 0, 100);
+    const riskLevel = this.riskScoreToLevel(riskScore);
+    const flagged = riskScore >= 60;
+    const recommendation = riskScore >= 80 ? "block" : riskScore >= 50 ? "review" : "approve";
+    return {
+      txHash: tx.txHash,
+      riskScore,
+      riskLevel,
+      factors,
+      flagged,
+      recommendation,
+      evaluatedAt: now()
+    };
+  }
+  // --------------------------------------------------------------------------
+  // Agent trust factor computation
+  // --------------------------------------------------------------------------
+  computeAgentFactors(agentId) {
+    const factors = [];
+    factors.push(this.computeHistoryDepthFactor(agentId));
+    factors.push(this.computeTaskCompletionFactor(agentId));
+    factors.push(this.computeAnomalyFrequencyFactor(agentId));
+    factors.push(this.computeTransactionConsistencyFactor(agentId));
+    factors.push(this.computeComplianceAdherenceFactor(agentId));
+    return factors;
+  }
+  computeHistoryDepthFactor(agentId) {
+    const actions = this.store.getActionsByAgent(agentId);
+    const count = actions.length;
+    let score;
+    if (count === 0) score = 10;
+    else if (count < 5) score = 30;
+    else if (count < 20) score = 50;
+    else if (count < 50) score = 70;
+    else if (count < 100) score = 85;
+    else score = 95;
+    return {
+      name: "history_depth",
+      score,
+      weight: 0.15,
+      description: `Agent has ${count} recorded actions`
+    };
+  }
+  computeTaskCompletionFactor(agentId) {
+    const tasks = this.store.queryTasks((t) => t.agentId === agentId);
+    const totalTasks = tasks.length;
+    if (totalTasks === 0) {
+      return {
+        name: "task_completion",
+        score: 50,
+        // Neutral if no tasks
+        weight: 0.25,
+        description: "No tasks recorded yet"
+      };
+    }
+    const confirmed = tasks.filter((t) => t.status === "confirmed").length;
+    const failed = tasks.filter((t) => t.status === "failed").length;
+    const completionRate = confirmed / totalTasks;
+    const failureRate = failed / totalTasks;
+    const score = Math.round(completionRate * 100 - failureRate * 30);
+    return {
+      name: "task_completion",
+      score: clamp(score, 0, 100),
+      weight: 0.25,
+      description: `${confirmed}/${totalTasks} tasks confirmed (${Math.round(completionRate * 100)}% rate)`
+    };
+  }
+  computeAnomalyFrequencyFactor(agentId) {
+    const anomalies = this.store.queryAnomalies((a) => a.agentId === agentId);
+    const actions = this.store.getActionsByAgent(agentId);
+    const anomalyCount = anomalies.length;
+    const actionCount = actions.length;
+    if (actionCount === 0) {
+      return {
+        name: "anomaly_frequency",
+        score: 50,
+        weight: 0.25,
+        description: "No actions recorded yet"
+      };
+    }
+    const anomalyRate = anomalyCount / actionCount;
+    let score;
+    if (anomalyRate === 0) score = 100;
+    else if (anomalyRate < 0.01) score = 90;
+    else if (anomalyRate < 0.05) score = 70;
+    else if (anomalyRate < 0.1) score = 50;
+    else if (anomalyRate < 0.25) score = 30;
+    else score = 10;
+    const criticalCount = anomalies.filter((a) => a.severity === "critical").length;
+    const highCount = anomalies.filter((a) => a.severity === "high").length;
+    const penaltyFromSeverity = criticalCount * 15 + highCount * 8;
+    return {
+      name: "anomaly_frequency",
+      score: clamp(score - penaltyFromSeverity, 0, 100),
+      weight: 0.25,
+      description: `${anomalyCount} anomalies across ${actionCount} actions (${Math.round(anomalyRate * 100)}% rate)`
+    };
+  }
+  computeTransactionConsistencyFactor(agentId) {
+    const transactions = this.store.getTransactionsByAgent(agentId);
+    if (transactions.length < 2) {
+      return {
+        name: "transaction_consistency",
+        score: 50,
+        weight: 0.2,
+        description: "Insufficient transaction history for consistency analysis"
+      };
+    }
+    const amounts = transactions.map((t) => parseAmount(t.amount)).filter((a) => !isNaN(a));
+    if (amounts.length < 2) {
+      return {
+        name: "transaction_consistency",
+        score: 50,
+        weight: 0.2,
+        description: "Insufficient valid amounts for consistency analysis"
+      };
+    }
+    const mean = amounts.reduce((sum, a) => sum + a, 0) / amounts.length;
+    const variance = amounts.reduce((sum, a) => sum + Math.pow(a - mean, 2), 0) / amounts.length;
+    const stdDev = Math.sqrt(variance);
+    const cv = mean > 0 ? stdDev / mean : 0;
+    let score;
+    if (cv < 0.1) score = 95;
+    else if (cv < 0.3) score = 80;
+    else if (cv < 0.5) score = 65;
+    else if (cv < 1) score = 45;
+    else if (cv < 2) score = 30;
+    else score = 15;
+    const destinations = new Set(transactions.map((t) => t.to));
+    const destRatio = destinations.size / transactions.length;
+    if (destRatio > 0.8 && transactions.length > 5) {
+      score = Math.max(score - 15, 0);
+    }
+    return {
+      name: "transaction_consistency",
+      score: clamp(score, 0, 100),
+      weight: 0.2,
+      description: `CV=${cv.toFixed(2)}, ${destinations.size} unique destinations across ${transactions.length} transactions`
+    };
+  }
+  computeComplianceAdherenceFactor(agentId) {
+    const tasks = this.store.queryTasks((t) => t.agentId === agentId);
+    const transactions = this.store.getTransactionsByAgent(agentId);
+    const confirmedTasks = tasks.filter((t) => t.status === "confirmed");
+    const tasksWithEvidence = confirmedTasks.filter(
+      (t) => t.providedEvidence !== null && Object.keys(t.providedEvidence).length > 0
+    );
+    let score = 50;
+    if (confirmedTasks.length > 0) {
+      const evidenceRate = tasksWithEvidence.length / confirmedTasks.length;
+      score += Math.round(evidenceRate * 30);
+    }
+    if (transactions.length > 0 && tasks.length > 0) {
+      const coverageRate = Math.min(tasks.length / transactions.length, 1);
+      score += Math.round(coverageRate * 20);
+    }
+    return {
+      name: "compliance_adherence",
+      score: clamp(score, 0, 100),
+      weight: 0.15,
+      description: `${tasksWithEvidence.length} tasks with evidence, ${transactions.length} total transactions`
+    };
+  }
+  // --------------------------------------------------------------------------
+  // Transaction risk factor computation
+  // --------------------------------------------------------------------------
+  computeTransactionRiskFactors(tx) {
+    const factors = [];
+    factors.push(this.computeAmountRisk(tx));
+    factors.push(this.computeNewDestinationRisk(tx));
+    factors.push(this.computeFrequencyRisk(tx));
+    factors.push(this.computeAgentRisk(tx.agentId));
+    factors.push(this.computeRoundAmountRisk(tx));
+    return factors;
+  }
+  computeAmountRisk(tx) {
+    const amount = parseAmount(tx.amount);
+    if (isNaN(amount)) {
+      return { name: "amount_risk", score: 50, description: "Unable to parse transaction amount" };
+    }
+    let score;
+    if (amount < 100) score = 5;
+    else if (amount < 1e3) score = 15;
+    else if (amount < 1e4) score = 30;
+    else if (amount < 5e4) score = 55;
+    else if (amount < 1e5) score = 75;
+    else score = 95;
+    const history = this.store.getTransactionsByAgent(tx.agentId);
+    if (history.length > 0) {
+      const avgAmount = history.reduce((sum, t) => sum + parseAmount(t.amount), 0) / history.length;
+      if (avgAmount > 0 && amount > avgAmount * 5) {
+        score = Math.min(score + 20, 100);
+      }
+    }
+    return {
+      name: "amount_risk",
+      score,
+      description: `Transaction amount ${tx.amount} ${tx.token}`
+    };
+  }
+  computeNewDestinationRisk(tx) {
+    const history = this.store.getTransactionsByAgent(tx.agentId);
+    const knownDestinations = new Set(history.map((t) => t.to.toLowerCase()));
+    const isNew = !knownDestinations.has(tx.to.toLowerCase());
+    if (history.length === 0) {
+      return {
+        name: "new_destination",
+        score: 30,
+        description: "First transaction for this agent -- no destination history"
+      };
+    }
+    return {
+      name: "new_destination",
+      score: isNew ? 45 : 5,
+      description: isNew ? `New destination address: ${tx.to}` : `Known destination address: ${tx.to}`
+    };
+  }
+  computeFrequencyRisk(tx) {
+    const oneHourAgo = new Date(Date.now() - 36e5);
+    const recentTxs = this.store.queryTransactions(
+      (t) => t.agentId === tx.agentId && new Date(t.timestamp) >= oneHourAgo
+    );
+    const count = recentTxs.length;
+    let score;
+    if (count < 5) score = 5;
+    else if (count < 10) score = 20;
+    else if (count < 25) score = 45;
+    else if (count < 50) score = 70;
+    else score = 90;
+    return {
+      name: "frequency_risk",
+      score,
+      description: `${count} transactions in the last hour`
+    };
+  }
+  computeAgentRisk(agentId) {
+    const actions = this.store.getActionsByAgent(agentId);
+    const anomalies = this.store.queryAnomalies((a) => a.agentId === agentId);
+    if (actions.length === 0) {
+      return {
+        name: "agent_reputation",
+        score: 40,
+        description: "New agent with no history"
+      };
+    }
+    const anomalyRate = anomalies.length / actions.length;
+    const score = Math.round(anomalyRate * 100);
+    return {
+      name: "agent_reputation",
+      score: clamp(score, 0, 100),
+      description: `Agent anomaly rate: ${Math.round(anomalyRate * 100)}%`
+    };
+  }
+  computeRoundAmountRisk(tx) {
+    const amount = parseAmount(tx.amount);
+    if (isNaN(amount)) {
+      return { name: "round_amount", score: 10, description: "Unable to parse amount" };
+    }
+    const isRound1000 = amount >= 1e3 && amount % 1e3 === 0;
+    const isRound10000 = amount >= 1e4 && amount % 1e4 === 0;
+    const isJustUnderThreshold = amount >= 9e3 && amount <= 1e4;
+    let score = 5;
+    if (isRound10000) score = 25;
+    else if (isRound1000) score = 15;
+    if (isJustUnderThreshold) score += 20;
+    return {
+      name: "round_amount",
+      score,
+      description: `Amount ${tx.amount} -- ${isRound1000 ? "round amount" : "non-round amount"}`
+    };
+  }
+  // --------------------------------------------------------------------------
+  // Scoring helpers
+  // --------------------------------------------------------------------------
+  scoreToLevel(score) {
+    if (score >= 90) return "verified";
+    if (score >= 70) return "high";
+    if (score >= 50) return "medium";
+    if (score >= 30) return "low";
+    return "untrusted";
+  }
+  riskScoreToLevel(score) {
+    if (score >= 80) return "critical";
+    if (score >= 60) return "high";
+    if (score >= 35) return "medium";
+    return "low";
+  }
+};
+
+// src/anomaly.ts
+var DEFAULT_THRESHOLDS = {
+  maxAmount: "10000",
+  maxFrequency: 30,
+  offHours: [22, 23, 0, 1, 2, 3, 4, 5],
+  minIntervalSeconds: 10
+};
+var AnomalyDetector = class {
+  config;
+  store;
+  detectionConfig = null;
+  thresholds = { ...DEFAULT_THRESHOLDS };
+  callbacks = [];
+  enabled = false;
+  constructor(config, store) {
+    this.config = config;
+    this.store = store;
+  }
+  /**
+   * Enable anomaly detection with the specified configuration.
+   *
+   * @param detectionConfig - Rules and thresholds for detection
+   *
+   * @example
+   * ```typescript
+   * detector.enableAnomalyDetection({
+   *   rules: ['unusualAmount', 'frequencySpike', 'newDestination'],
+   *   thresholds: { maxAmount: '10000', maxFrequency: 50 },
+   * });
+   * ```
+   */
+  enableAnomalyDetection(detectionConfig) {
+    if (!detectionConfig.rules || detectionConfig.rules.length === 0) {
+      throw new KontextError(
+        "ANOMALY_CONFIG_ERROR" /* ANOMALY_CONFIG_ERROR */,
+        "At least one detection rule must be specified"
+      );
+    }
+    this.detectionConfig = detectionConfig;
+    this.thresholds = {
+      ...DEFAULT_THRESHOLDS,
+      ...detectionConfig.thresholds
+    };
+    this.enabled = true;
+    if (this.config.debug) {
+      console.debug(
+        `[Kontext] Anomaly detection enabled with rules: ${detectionConfig.rules.join(", ")}`
+      );
+    }
+  }
+  /**
+   * Disable anomaly detection.
+   */
+  disableAnomalyDetection() {
+    this.enabled = false;
+    this.detectionConfig = null;
+    if (this.config.debug) {
+      console.debug("[Kontext] Anomaly detection disabled");
+    }
+  }
+  /**
+   * Register a callback for anomaly events.
+   *
+   * @param callback - Function to call when an anomaly is detected
+   * @returns Unsubscribe function
+   *
+   * @example
+   * ```typescript
+   * const unsub = detector.onAnomaly((anomaly) => {
+   *   console.log(`Anomaly: ${anomaly.type} [${anomaly.severity}]`);
+   * });
+   * // Later: unsub();
+   * ```
+   */
+  onAnomaly(callback) {
+    this.callbacks.push(callback);
+    return () => {
+      const index = this.callbacks.indexOf(callback);
+      if (index !== -1) {
+        this.callbacks.splice(index, 1);
+      }
+    };
+  }
+  /**
+   * Evaluate a transaction against all enabled detection rules.
+   * Called automatically when transactions are logged (via the client).
+   *
+   * @param tx - The transaction record to evaluate
+   * @returns Array of detected anomalies (empty if none)
+   */
+  evaluateTransaction(tx) {
+    if (!this.enabled || !this.detectionConfig) return [];
+    const anomalies = [];
+    for (const rule of this.detectionConfig.rules) {
+      const anomaly = this.runRule(rule, tx);
+      if (anomaly) {
+        anomalies.push(anomaly);
+        this.store.addAnomaly(anomaly);
+        this.notifyCallbacks(anomaly);
+      }
+    }
+    return anomalies;
+  }
+  /**
+   * Evaluate a generic action against all enabled detection rules.
+   *
+   * @param action - The action log to evaluate
+   * @returns Array of detected anomalies (empty if none)
+   */
+  evaluateAction(action) {
+    if (!this.enabled || !this.detectionConfig) return [];
+    const anomalies = [];
+    const applicableRules = ["offHoursActivity", "frequencySpike"];
+    for (const rule of this.detectionConfig.rules) {
+      if (!applicableRules.includes(rule)) continue;
+      const anomaly = this.runActionRule(rule, action);
+      if (anomaly) {
+        anomalies.push(anomaly);
+        this.store.addAnomaly(anomaly);
+        this.notifyCallbacks(anomaly);
+      }
+    }
+    return anomalies;
+  }
+  /**
+   * Check whether anomaly detection is currently enabled.
+   */
+  isEnabled() {
+    return this.enabled;
+  }
+  /**
+   * Get the current detection configuration.
+   */
+  getConfig() {
+    return this.detectionConfig;
+  }
+  // --------------------------------------------------------------------------
+  // Rule execution
+  // --------------------------------------------------------------------------
+  runRule(rule, tx) {
+    switch (rule) {
+      case "unusualAmount":
+        return this.checkUnusualAmount(tx);
+      case "frequencySpike":
+        return this.checkFrequencySpike(tx);
+      case "newDestination":
+        return this.checkNewDestination(tx);
+      case "offHoursActivity":
+        return this.checkOffHours(tx);
+      case "rapidSuccession":
+        return this.checkRapidSuccession(tx);
+      case "roundAmount":
+        return this.checkRoundAmount(tx);
+      default:
+        return null;
+    }
+  }
+  runActionRule(rule, action) {
+    switch (rule) {
+      case "offHoursActivity":
+        return this.checkOffHoursAction(action);
+      case "frequencySpike":
+        return this.checkActionFrequencySpike(action);
+      default:
+        return null;
+    }
+  }
+  // --------------------------------------------------------------------------
+  // Individual rule implementations
+  // --------------------------------------------------------------------------
+  checkUnusualAmount(tx) {
+    const amount = parseAmount(tx.amount);
+    if (isNaN(amount)) return null;
+    const threshold = parseAmount(this.thresholds.maxAmount);
+    if (amount > threshold) {
+      return this.createAnomaly(
+        "unusualAmount",
+        amount > threshold * 5 ? "critical" : amount > threshold * 2 ? "high" : "medium",
+        `Transaction amount ${tx.amount} ${tx.token} exceeds threshold of ${this.thresholds.maxAmount}`,
+        tx.agentId,
+        tx.id,
+        { amount: tx.amount, threshold: this.thresholds.maxAmount, token: tx.token }
+      );
+    }
+    const history = this.store.getTransactionsByAgent(tx.agentId);
+    if (history.length >= 3) {
+      const amounts = history.map((t) => parseAmount(t.amount)).filter((a) => !isNaN(a));
+      if (amounts.length >= 3) {
+        const avg = amounts.reduce((s, a) => s + a, 0) / amounts.length;
+        if (avg > 0 && amount > avg * 5) {
+          return this.createAnomaly(
+            "unusualAmount",
+            amount > avg * 10 ? "high" : "medium",
+            `Transaction amount ${tx.amount} is ${(amount / avg).toFixed(1)}x the agent's average of ${avg.toFixed(2)}`,
+            tx.agentId,
+            tx.id,
+            { amount: tx.amount, average: avg.toFixed(2), multiplier: (amount / avg).toFixed(1) }
+          );
+        }
+      }
+    }
+    return null;
+  }
+  checkFrequencySpike(tx) {
+    const oneHourAgo = new Date(Date.now() - 36e5);
+    const recentTxs = this.store.queryTransactions(
+      (t) => t.agentId === tx.agentId && new Date(t.timestamp) >= oneHourAgo
+    );
+    const count = recentTxs.length;
+    const maxFrequency = this.thresholds.maxFrequency;
+    if (count > maxFrequency) {
+      return this.createAnomaly(
+        "frequencySpike",
+        count > maxFrequency * 3 ? "critical" : count > maxFrequency * 2 ? "high" : "medium",
+        `Agent ${tx.agentId} has ${count} transactions in the last hour (threshold: ${maxFrequency})`,
+        tx.agentId,
+        tx.id,
+        { count, threshold: maxFrequency }
+      );
+    }
+    return null;
+  }
+  checkNewDestination(tx) {
+    const history = this.store.getTransactionsByAgent(tx.agentId);
+    if (history.length < 3) return null;
+    const knownDestinations = new Set(
+      history.filter((t) => t.id !== tx.id).map((t) => t.to.toLowerCase())
+    );
+    if (!knownDestinations.has(tx.to.toLowerCase())) {
+      const amount = parseAmount(tx.amount);
+      const severity = !isNaN(amount) && amount > parseAmount(this.thresholds.maxAmount) * 0.5 ? "high" : "low";
+      return this.createAnomaly(
+        "newDestination",
+        severity,
+        `Transaction to new destination ${tx.to} (agent has ${knownDestinations.size} known destinations)`,
+        tx.agentId,
+        tx.id,
+        { destination: tx.to, knownDestinationCount: knownDestinations.size }
+      );
+    }
+    return null;
+  }
+  checkOffHours(tx) {
+    const txHour = new Date(tx.timestamp).getUTCHours();
+    if (this.thresholds.offHours.includes(txHour)) {
+      return this.createAnomaly(
+        "offHoursActivity",
+        "low",
+        `Transaction at ${txHour}:00 UTC falls within off-hours window`,
+        tx.agentId,
+        tx.id,
+        { hour: txHour, offHours: this.thresholds.offHours }
+      );
+    }
+    return null;
+  }
+  checkRapidSuccession(tx) {
+    const recentTxs = this.store.getTransactionsByAgent(tx.agentId).filter((t) => t.id !== tx.id);
+    if (recentTxs.length === 0) return null;
+    const lastTx = recentTxs[recentTxs.length - 1];
+    if (!lastTx) return null;
+    const timeDiffMs = new Date(tx.timestamp).getTime() - new Date(lastTx.timestamp).getTime();
+    const timeDiffSeconds = timeDiffMs / 1e3;
+    if (timeDiffSeconds >= 0 && timeDiffSeconds < this.thresholds.minIntervalSeconds) {
+      return this.createAnomaly(
+        "rapidSuccession",
+        timeDiffSeconds < 2 ? "high" : "medium",
+        `Transaction occurred ${timeDiffSeconds.toFixed(1)}s after previous transaction (minimum: ${this.thresholds.minIntervalSeconds}s)`,
+        tx.agentId,
+        tx.id,
+        {
+          intervalSeconds: timeDiffSeconds,
+          threshold: this.thresholds.minIntervalSeconds,
+          previousTxId: lastTx.id
+        }
+      );
+    }
+    return null;
+  }
+  checkRoundAmount(tx) {
+    const amount = parseAmount(tx.amount);
+    if (isNaN(amount)) return null;
+    const structuringThresholds = [1e4, 5e3, 3e3, 1e3];
+    for (const threshold of structuringThresholds) {
+      const diff = threshold - amount;
+      if (diff > 0 && diff <= threshold * 0.05) {
+        return this.createAnomaly(
+          "roundAmount",
+          threshold >= 1e4 ? "high" : "medium",
+          `Transaction amount ${tx.amount} is just below the ${threshold} threshold (potential structuring)`,
+          tx.agentId,
+          tx.id,
+          { amount: tx.amount, nearThreshold: threshold, difference: diff }
+        );
+      }
+    }
+    if (amount >= 5e3 && amount % 1e3 === 0) {
+      return this.createAnomaly(
+        "roundAmount",
+        "low",
+        `Transaction amount ${tx.amount} is a round number`,
+        tx.agentId,
+        tx.id,
+        { amount: tx.amount }
+      );
+    }
+    return null;
+  }
+  checkOffHoursAction(action) {
+    const actionHour = new Date(action.timestamp).getUTCHours();
+    if (this.thresholds.offHours.includes(actionHour)) {
+      return this.createAnomaly(
+        "offHoursActivity",
+        "low",
+        `Action at ${actionHour}:00 UTC falls within off-hours window`,
+        action.agentId,
+        action.id,
+        { hour: actionHour, offHours: this.thresholds.offHours }
+      );
+    }
+    return null;
+  }
+  checkActionFrequencySpike(action) {
+    const oneHourAgo = new Date(Date.now() - 36e5);
+    const recentActions = this.store.queryActions(
+      (a) => a.agentId === action.agentId && new Date(a.timestamp) >= oneHourAgo
+    );
+    const count = recentActions.length;
+    const maxFrequency = this.thresholds.maxFrequency * 3;
+    if (count > maxFrequency) {
+      return this.createAnomaly(
+        "frequencySpike",
+        count > maxFrequency * 2 ? "high" : "medium",
+        `Agent ${action.agentId} has ${count} actions in the last hour (threshold: ${maxFrequency})`,
+        action.agentId,
+        action.id,
+        { count, threshold: maxFrequency }
+      );
+    }
+    return null;
+  }
+  // --------------------------------------------------------------------------
+  // Helpers
+  // --------------------------------------------------------------------------
+  createAnomaly(type, severity, description, agentId, actionId, data) {
+    return {
+      id: generateId(),
+      type,
+      severity,
+      description,
+      agentId,
+      actionId,
+      detectedAt: now(),
+      data,
+      reviewed: false
+    };
+  }
+  notifyCallbacks(anomaly) {
+    for (const cb of this.callbacks) {
+      try {
+        cb(anomaly);
+      } catch (error) {
+        if (this.config.debug) {
+          console.debug("[Kontext] Anomaly callback error:", error);
+        }
+      }
+    }
+  }
+};
+
+// src/integrations/usdc.ts
+var USDC_CONTRACTS = {
+  ethereum: "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48",
+  base: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
+  polygon: "0x3c499c542cEF5E3811e1192ce70d8cC03d5c3359",
+  arbitrum: "0xaf88d065e77c8cC2239327C5EDb3A432268e5831",
+  optimism: "0x0b2C639c533813f4Aa9D7837CAf62653d097Ff85",
+  // Arc (Circle's stablecoin-native blockchain) -- placeholder address, update when Arc mainnet launches
+  arc: "0xa0c0000000000000000000000000000000000001"
+};
+var BLOCKED_ADDRESS_PREFIXES = [
+  // These are examples. Real implementation would query an OFAC API.
+];
+var ENHANCED_DUE_DILIGENCE_THRESHOLD = 3e3;
+var REPORTING_THRESHOLD = 1e4;
+var LARGE_TRANSACTION_THRESHOLD = 5e4;
+var UsdcCompliance = class _UsdcCompliance {
+  /**
+   * Run a full compliance check on a USDC transaction.
+   *
+   * @param tx - Transaction to evaluate
+   * @returns UsdcComplianceCheck with pass/fail results and recommendations
+   *
+   * @example
+   * ```typescript
+   * const check = UsdcCompliance.checkTransaction({
+   *   txHash: '0x...',
+   *   chain: 'base',
+   *   amount: '5000',
+   *   token: 'USDC',
+   *   from: '0xSender...',
+   *   to: '0xReceiver...',
+   *   agentId: 'agent-1',
+   * });
+   * if (!check.compliant) {
+   *   console.log('Non-compliant:', check.recommendations);
+   * }
+   * ```
+   */
+  static checkTransaction(tx) {
+    const checks = [];
+    checks.push(_UsdcCompliance.checkTokenType(tx));
+    checks.push(_UsdcCompliance.checkChainSupport(tx.chain));
+    checks.push(_UsdcCompliance.checkAddressFormat(tx.from, "sender"));
+    checks.push(_UsdcCompliance.checkAddressFormat(tx.to, "recipient"));
+    checks.push(_UsdcCompliance.checkAmountValid(tx.amount));
+    checks.push(_UsdcCompliance.checkSanctions(tx.from, "sender"));
+    checks.push(_UsdcCompliance.checkSanctions(tx.to, "recipient"));
+    checks.push(_UsdcCompliance.checkEnhancedDueDiligence(tx.amount));
+    checks.push(_UsdcCompliance.checkReportingThreshold(tx.amount));
+    const failedChecks = checks.filter((c) => !c.passed);
+    const compliant = failedChecks.every((c) => c.severity === "low");
+    const highestSeverity = failedChecks.reduce(
+      (max, c) => {
+        const order = ["low", "medium", "high", "critical"];
+        return order.indexOf(c.severity) > order.indexOf(max) ? c.severity : max;
+      },
+      "low"
+    );
+    const recommendations = _UsdcCompliance.generateRecommendations(checks, tx);
+    return {
+      compliant,
+      checks,
+      riskLevel: highestSeverity,
+      recommendations
+    };
+  }
+  /**
+   * Get the USDC contract address for a given chain.
+   *
+   * @param chain - The blockchain network
+   * @returns The USDC contract address, or undefined for unsupported chains
+   */
+  static getContractAddress(chain) {
+    return USDC_CONTRACTS[chain];
+  }
+  /**
+   * Get the chains supported for USDC compliance monitoring.
+   */
+  static getSupportedChains() {
+    return Object.keys(USDC_CONTRACTS);
+  }
+  // --------------------------------------------------------------------------
+  // Individual compliance checks
+  // --------------------------------------------------------------------------
+  static checkTokenType(tx) {
+    const isUsdc = tx.token === "USDC";
+    return {
+      name: "token_type",
+      passed: isUsdc,
+      description: isUsdc ? "Transaction token is USDC" : `Expected USDC but got ${tx.token}`,
+      severity: isUsdc ? "low" : "high"
+    };
+  }
+  static checkChainSupport(chain) {
+    const supported = chain in USDC_CONTRACTS;
+    return {
+      name: "chain_support",
+      passed: supported,
+      description: supported ? `Chain ${chain} is supported for USDC compliance monitoring` : `Chain ${chain} is not in the supported USDC compliance list`,
+      severity: supported ? "low" : "medium"
+    };
+  }
+  static checkAddressFormat(address, label) {
+    const isValid = /^0x[a-fA-F0-9]{40}$/.test(address);
+    return {
+      name: `address_format_${label}`,
+      passed: isValid,
+      description: isValid ? `${label} address format is valid` : `${label} address format is invalid: ${address}`,
+      severity: isValid ? "low" : "high"
+    };
+  }
+  static checkAmountValid(amount) {
+    const parsed = parseAmount(amount);
+    const isValid = !isNaN(parsed) && parsed > 0;
+    return {
+      name: "amount_valid",
+      passed: isValid,
+      description: isValid ? `Transaction amount ${amount} is valid` : `Transaction amount ${amount} is invalid`,
+      severity: isValid ? "low" : "critical"
+    };
+  }
+  static checkSanctions(address, label) {
+    const isBlocked = BLOCKED_ADDRESS_PREFIXES.some(
+      (prefix) => address.toLowerCase().startsWith(prefix.toLowerCase())
+    );
+    return {
+      name: `sanctions_${label}`,
+      passed: !isBlocked,
+      description: isBlocked ? `${label} address ${address} appears on sanctions list` : `${label} address passed sanctions screening`,
+      severity: isBlocked ? "critical" : "low"
+    };
+  }
+  static checkEnhancedDueDiligence(amount) {
+    const parsed = parseAmount(amount);
+    const requiresEdd = !isNaN(parsed) && parsed >= ENHANCED_DUE_DILIGENCE_THRESHOLD;
+    return {
+      name: "enhanced_due_diligence",
+      passed: true,
+      // This is informational -- it always "passes" but flags the need
+      description: requiresEdd ? `Amount ${amount} USDC requires enhanced due diligence (threshold: ${ENHANCED_DUE_DILIGENCE_THRESHOLD})` : `Amount ${amount} USDC is below enhanced due diligence threshold`,
+      severity: requiresEdd ? "medium" : "low"
+    };
+  }
+  static checkReportingThreshold(amount) {
+    const parsed = parseAmount(amount);
+    const requiresReporting = !isNaN(parsed) && parsed >= REPORTING_THRESHOLD;
+    const isLarge = !isNaN(parsed) && parsed >= LARGE_TRANSACTION_THRESHOLD;
+    let description;
+    let severity;
+    if (isLarge) {
+      description = `Amount ${amount} USDC is a large transaction (>= ${LARGE_TRANSACTION_THRESHOLD}) -- requires enhanced monitoring`;
+      severity = "high";
+    } else if (requiresReporting) {
+      description = `Amount ${amount} USDC meets reporting threshold (>= ${REPORTING_THRESHOLD})`;
+      severity = "medium";
+    } else {
+      description = `Amount ${amount} USDC is below reporting threshold`;
+      severity = "low";
+    }
+    return {
+      name: "reporting_threshold",
+      passed: true,
+      // Informational
+      description,
+      severity
+    };
+  }
+  // --------------------------------------------------------------------------
+  // Recommendations
+  // --------------------------------------------------------------------------
+  static generateRecommendations(checks, tx) {
+    const recommendations = [];
+    const amount = parseAmount(tx.amount);
+    const criticalFailures = checks.filter(
+      (c) => !c.passed && c.severity === "critical"
+    );
+    if (criticalFailures.length > 0) {
+      recommendations.push("BLOCK: Critical compliance check failures detected. Do not proceed.");
+    }
+    if (!isNaN(amount)) {
+      if (amount >= LARGE_TRANSACTION_THRESHOLD) {
+        recommendations.push(
+          "Require manual review for large transaction per GENIUS Act Section 4(b)."
+        );
+        recommendations.push("Verify recipient identity through KYC process.");
+        recommendations.push("Document business purpose for the transfer.");
+      } else if (amount >= REPORTING_THRESHOLD) {
+        recommendations.push(
+          "Generate Currency Transaction Report (CTR) per BSA requirements."
+        );
+        recommendations.push("Retain transaction records for minimum 5 years.");
+      } else if (amount >= ENHANCED_DUE_DILIGENCE_THRESHOLD) {
+        recommendations.push(
+          "Enhanced due diligence recommended -- verify transaction purpose."
+        );
+      }
+    }
+    const addressFailures = checks.filter(
+      (c) => c.name.startsWith("address_format") && !c.passed
+    );
+    if (addressFailures.length > 0) {
+      recommendations.push("Verify address format before proceeding.");
+    }
+    if (recommendations.length === 0) {
+      recommendations.push("Transaction passes all compliance checks. Safe to proceed.");
+    }
+    return recommendations;
+  }
+};
+
+// src/client.ts
+var Kontext = class _Kontext {
+  config;
+  store;
+  logger;
+  taskManager;
+  auditExporter;
+  trustScorer;
+  anomalyDetector;
+  mode;
+  constructor(config) {
+    this.config = config;
+    this.mode = config.apiKey ? "cloud" : "local";
+    this.store = new KontextStore();
+    this.logger = new ActionLogger(config, this.store);
+    this.taskManager = new TaskManager(config, this.store);
+    this.auditExporter = new AuditExporter(config, this.store);
+    this.trustScorer = new TrustScorer(config, this.store);
+    this.anomalyDetector = new AnomalyDetector(config, this.store);
+  }
+  /**
+   * Initialize the Kontext SDK.
+   *
+   * @param config - Configuration options
+   * @returns Initialized Kontext client instance
+   *
+   * @example
+   * ```typescript
+   * // Local/OSS mode (no API key)
+   * const kontext = Kontext.init({
+   *   projectId: 'my-project',
+   *   environment: 'development',
+   * });
+   *
+   * // Cloud mode (with API key)
+   * const kontext = Kontext.init({
+   *   apiKey: 'sk_live_...',
+   *   projectId: 'my-project',
+   *   environment: 'production',
+   * });
+   * ```
+   */
+  static init(config) {
+    if (!config.projectId || config.projectId.trim() === "") {
+      throw new KontextError(
+        "INITIALIZATION_ERROR" /* INITIALIZATION_ERROR */,
+        "projectId is required"
+      );
+    }
+    const validEnvironments = ["development", "staging", "production"];
+    if (!validEnvironments.includes(config.environment)) {
+      throw new KontextError(
+        "INITIALIZATION_ERROR" /* INITIALIZATION_ERROR */,
+        `Invalid environment: ${config.environment}. Must be one of: ${validEnvironments.join(", ")}`
+      );
+    }
+    if (config.debug) {
+      const mode = config.apiKey ? "cloud" : "local";
+      console.debug(
+        `[Kontext] Initializing in ${mode} mode for project ${config.projectId} (${config.environment})`
+      );
+    }
+    return new _Kontext(config);
+  }
+  // --------------------------------------------------------------------------
+  // Mode & Config
+  // --------------------------------------------------------------------------
+  /**
+   * Get the current operating mode.
+   */
+  getMode() {
+    return this.mode;
+  }
+  /**
+   * Get the current configuration (API key is masked).
+   */
+  getConfig() {
+    return {
+      ...this.config,
+      apiKey: this.config.apiKey ? `${this.config.apiKey.slice(0, 8)}...` : void 0
+    };
+  }
+  // --------------------------------------------------------------------------
+  // Action Logging
+  // --------------------------------------------------------------------------
+  /**
+   * Log a generic agent action.
+   *
+   * @param input - Action details
+   * @returns The created action log entry
+   */
+  async log(input) {
+    const action = await this.logger.log(input);
+    if (this.anomalyDetector.isEnabled()) {
+      this.anomalyDetector.evaluateAction(action);
+    }
+    return action;
+  }
+  /**
+   * Log a cryptocurrency transaction with full chain details.
+   *
+   * @param input - Transaction details
+   * @returns The created transaction record
+   */
+  async logTransaction(input) {
+    const record = await this.logger.logTransaction(input);
+    if (this.anomalyDetector.isEnabled()) {
+      this.anomalyDetector.evaluateTransaction(record);
+    }
+    return record;
+  }
+  /**
+   * Flush any pending log batches.
+   */
+  async flushLogs() {
+    await this.logger.flush();
+  }
+  // --------------------------------------------------------------------------
+  // Task Confirmation
+  // --------------------------------------------------------------------------
+  /**
+   * Create a new tracked task that requires evidence for confirmation.
+   *
+   * @param input - Task details including required evidence types
+   * @returns The created task
+   */
+  async createTask(input) {
+    return this.taskManager.createTask(input);
+  }
+  /**
+   * Confirm a task by providing evidence.
+   *
+   * @param input - Task ID and evidence data
+   * @returns The confirmed task
+   */
+  async confirmTask(input) {
+    return this.taskManager.confirmTask(input);
+  }
+  /**
+   * Get the current status of a task.
+   *
+   * @param taskId - Task identifier
+   * @returns The task or undefined if not found
+   */
+  async getTaskStatus(taskId) {
+    return this.taskManager.getTaskStatus(taskId);
+  }
+  /**
+   * Mark a task as in-progress.
+   *
+   * @param taskId - Task identifier
+   * @returns The updated task
+   */
+  async startTask(taskId) {
+    return this.taskManager.startTask(taskId);
+  }
+  /**
+   * Mark a task as failed.
+   *
+   * @param taskId - Task identifier
+   * @param reason - Reason for failure
+   * @returns The updated task
+   */
+  async failTask(taskId, reason) {
+    return this.taskManager.failTask(taskId, reason);
+  }
+  /**
+   * Get all tasks, optionally filtered by status.
+   *
+   * @param status - Optional status filter
+   * @returns Array of tasks
+   */
+  getTasks(status) {
+    return this.taskManager.getTasks(status);
+  }
+  // --------------------------------------------------------------------------
+  // Audit Export
+  // --------------------------------------------------------------------------
+  /**
+   * Export audit data in JSON or CSV format.
+   *
+   * @param options - Export configuration
+   * @returns Export result with formatted data
+   */
+  async export(options) {
+    return this.auditExporter.export(options);
+  }
+  /**
+   * Generate a compliance report for a given period.
+   *
+   * @param options - Report configuration
+   * @returns Compliance report with summary and detailed records
+   */
+  async generateReport(options) {
+    return this.auditExporter.generateReport(options);
+  }
+  /**
+   * Generate a Suspicious Activity Report (SAR) template.
+   *
+   * This produces a structured SAR template populated with data from the SDK.
+   * It is a template/structure, not an actual regulatory filing.
+   *
+   * @param options - Report configuration
+   * @returns SAR report template
+   */
+  async generateSARReport(options) {
+    return this.auditExporter.generateSARReport(options);
+  }
+  /**
+   * Generate a Currency Transaction Report (CTR) template.
+   *
+   * This produces a structured CTR template for transactions that meet or
+   * exceed reporting thresholds. It is a template/structure, not an actual
+   * regulatory filing.
+   *
+   * @param options - Report configuration
+   * @returns CTR report template
+   */
+  async generateCTRReport(options) {
+    return this.auditExporter.generateCTRReport(options);
+  }
+  // --------------------------------------------------------------------------
+  // Trust Scoring
+  // --------------------------------------------------------------------------
+  /**
+   * Get the trust score for an agent.
+   *
+   * @param agentId - Agent identifier
+   * @returns Trust score with factor breakdown
+   */
+  async getTrustScore(agentId) {
+    return this.trustScorer.getTrustScore(agentId);
+  }
+  /**
+   * Evaluate the risk of a specific transaction.
+   *
+   * @param tx - Transaction to evaluate
+   * @returns Transaction evaluation with risk score and recommendation
+   */
+  async evaluateTransaction(tx) {
+    return this.trustScorer.evaluateTransaction(tx);
+  }
+  // --------------------------------------------------------------------------
+  // Anomaly Detection
+  // --------------------------------------------------------------------------
+  /**
+   * Enable anomaly detection with the specified rules and thresholds.
+   *
+   * @param config - Detection configuration
+   */
+  enableAnomalyDetection(config) {
+    this.anomalyDetector.enableAnomalyDetection(config);
+  }
+  /**
+   * Disable anomaly detection.
+   */
+  disableAnomalyDetection() {
+    this.anomalyDetector.disableAnomalyDetection();
+  }
+  /**
+   * Register a callback for anomaly events.
+   *
+   * @param callback - Function to call when an anomaly is detected
+   * @returns Unsubscribe function
+   */
+  onAnomaly(callback) {
+    return this.anomalyDetector.onAnomaly(callback);
+  }
+  // --------------------------------------------------------------------------
+  // Digest Chain
+  // --------------------------------------------------------------------------
+  /**
+   * Get the terminal digest — the latest SHA-256 hash in the rolling digest chain.
+   * Embed this in outgoing messages as tamper-evident proof of the entire action history.
+   *
+   * @returns The terminal SHA-256 digest hex string
+   */
+  getTerminalDigest() {
+    return this.logger.getTerminalDigest();
+  }
+  /**
+   * Verify the integrity of the digest chain.
+   * Recomputes every digest from genesis and compares against stored values.
+   * Any tampering will cause verification to fail.
+   *
+   * @returns Verification result with timing and validity data
+   */
+  verifyDigestChain() {
+    const actions = this.store.getActions();
+    return this.logger.verifyChain(actions);
+  }
+  /**
+   * Export the digest chain for independent third-party verification.
+   *
+   * @returns Chain data including genesis hash, all links, and terminal digest
+   */
+  exportDigestChain() {
+    return this.logger.getDigestChain().exportChain();
+  }
+  // --------------------------------------------------------------------------
+  // USDC Integration
+  // --------------------------------------------------------------------------
+  /**
+   * Run USDC-specific compliance checks on a transaction.
+   *
+   * @param tx - Transaction to check
+   * @returns Compliance check result
+   */
+  checkUsdcCompliance(tx) {
+    return UsdcCompliance.checkTransaction(tx);
+  }
+  // --------------------------------------------------------------------------
+  // Lifecycle
+  // --------------------------------------------------------------------------
+  /**
+   * Gracefully shut down the SDK, flushing any pending data.
+   */
+  async destroy() {
+    await this.logger.destroy();
+  }
+};
+
+// src/integrations/cctp.ts
+var CCTP_DOMAINS = {
+  ethereum: 0,
+  arbitrum: 3,
+  optimism: 2,
+  base: 6,
+  polygon: 7,
+  // Arc (Circle's stablecoin-native blockchain) -- placeholder domain ID, update when Arc mainnet launches
+  arc: 10
+};
+var CCTPTransferManager = class {
+  transfers = /* @__PURE__ */ new Map();
+  actionLinks = /* @__PURE__ */ new Map();
+  /**
+   * Validate a cross-chain transfer before execution.
+   *
+   * Checks include:
+   * - Source and destination chain support
+   * - Route validity (different chains)
+   * - Token support on both chains
+   * - Amount validation
+   * - Address format validation
+   *
+   * @param input - Transfer details to validate
+   * @returns Validation result with checks and recommendations
+   */
+  validateTransfer(input) {
+    const checks = [];
+    checks.push(this.checkChainSupport(input.sourceChain, "source"));
+    checks.push(this.checkChainSupport(input.destinationChain, "destination"));
+    checks.push(this.checkRouteValidity(input.sourceChain, input.destinationChain));
+    checks.push(this.checkTokenSupport(input.token));
+    checks.push(this.checkAmountValidity(input.amount));
+    checks.push(this.checkAddressFormat(input.sender, "sender"));
+    checks.push(this.checkAddressFormat(input.recipient, "recipient"));
+    const failedChecks = checks.filter((c) => !c.passed);
+    const valid = failedChecks.length === 0;
+    const highestSeverity = failedChecks.reduce(
+      (max, c) => {
+        const order = ["low", "medium", "high", "critical"];
+        return order.indexOf(c.severity) > order.indexOf(max) ? c.severity : max;
+      },
+      "low"
+    );
+    const recommendations = this.generateRecommendations(checks, input);
+    return {
+      valid,
+      checks,
+      riskLevel: valid ? "low" : highestSeverity,
+      recommendations
+    };
+  }
+  /**
+   * Record a new cross-chain transfer initiated via CCTP depositForBurn.
+   *
+   * @param input - Transfer initiation details
+   * @returns The created CrossChainTransfer record
+   */
+  initiateTransfer(input) {
+    const id = generateId();
+    const correlationId = input.correlationId ?? generateId();
+    const transfer = {
+      id,
+      sourceChain: input.sourceChain,
+      destinationChain: input.destinationChain,
+      sourceDomain: CCTP_DOMAINS[input.sourceChain] ?? -1,
+      destinationDomain: CCTP_DOMAINS[input.destinationChain] ?? -1,
+      amount: input.amount,
+      token: input.token,
+      sender: input.sender,
+      recipient: input.recipient,
+      sourceTxHash: input.sourceTxHash,
+      destinationTxHash: null,
+      messageHash: null,
+      status: "pending",
+      nonce: input.nonce ?? null,
+      initiatedAt: now(),
+      attestedAt: null,
+      confirmedAt: null,
+      correlationId,
+      agentId: input.agentId,
+      metadata: input.metadata ?? {}
+    };
+    this.transfers.set(id, transfer);
+    this.actionLinks.set(id, {});
+    return transfer;
+  }
+  /**
+   * Record a CCTP attestation for a pending transfer.
+   * Called after the attestation service has signed the burn message.
+   *
+   * @param input - Attestation details
+   * @returns The updated CrossChainTransfer record
+   * @throws Error if transfer not found or not in pending status
+   */
+  recordAttestation(input) {
+    const transfer = this.transfers.get(input.transferId);
+    if (!transfer) {
+      throw new Error(`Cross-chain transfer not found: ${input.transferId}`);
+    }
+    if (transfer.status !== "pending") {
+      throw new Error(
+        `Transfer ${input.transferId} is not in pending status (current: ${transfer.status})`
+      );
+    }
+    const updated = {
+      ...transfer,
+      messageHash: input.messageHash,
+      status: "attested",
+      attestedAt: now(),
+      metadata: {
+        ...transfer.metadata,
+        ...input.metadata
+      }
+    };
+    this.transfers.set(input.transferId, updated);
+    return updated;
+  }
+  /**
+   * Confirm a cross-chain transfer has been received on the destination chain.
+   * Called after receiveMessage has been executed on the destination.
+   *
+   * @param input - Confirmation details
+   * @returns The updated CrossChainTransfer record
+   * @throws Error if transfer not found or not in attested status
+   */
+  confirmTransfer(input) {
+    const transfer = this.transfers.get(input.transferId);
+    if (!transfer) {
+      throw new Error(`Cross-chain transfer not found: ${input.transferId}`);
+    }
+    if (transfer.status !== "attested") {
+      throw new Error(
+        `Transfer ${input.transferId} is not in attested status (current: ${transfer.status})`
+      );
+    }
+    const updated = {
+      ...transfer,
+      destinationTxHash: input.destinationTxHash,
+      status: "confirmed",
+      confirmedAt: now(),
+      metadata: {
+        ...transfer.metadata,
+        ...input.metadata
+      }
+    };
+    this.transfers.set(input.transferId, updated);
+    return updated;
+  }
+  /**
+   * Mark a transfer as failed.
+   *
+   * @param transferId - The transfer to mark as failed
+   * @param reason - Reason for failure
+   * @returns The updated CrossChainTransfer record
+   */
+  failTransfer(transferId, reason) {
+    const transfer = this.transfers.get(transferId);
+    if (!transfer) {
+      throw new Error(`Cross-chain transfer not found: ${transferId}`);
+    }
+    const updated = {
+      ...transfer,
+      status: "failed",
+      metadata: {
+        ...transfer.metadata,
+        failureReason: reason,
+        failedAt: now()
+      }
+    };
+    this.transfers.set(transferId, updated);
+    return updated;
+  }
+  /**
+   * Link a Kontext action log ID to a cross-chain transfer.
+   * Used to correlate source and destination chain actions in the audit trail.
+   *
+   * @param transferId - The cross-chain transfer ID
+   * @param actionId - The action log ID to link
+   * @param side - Whether this is the source or destination action
+   */
+  linkAction(transferId, actionId, side) {
+    const transfer = this.transfers.get(transferId);
+    if (!transfer) {
+      throw new Error(`Cross-chain transfer not found: ${transferId}`);
+    }
+    const links = this.actionLinks.get(transferId) ?? {};
+    if (side === "source") {
+      links.sourceActionId = actionId;
+    } else {
+      links.destinationActionId = actionId;
+    }
+    this.actionLinks.set(transferId, links);
+  }
+  /**
+   * Get a cross-chain transfer by ID.
+   */
+  getTransfer(transferId) {
+    return this.transfers.get(transferId);
+  }
+  /**
+   * Get all cross-chain transfers, optionally filtered by status.
+   */
+  getTransfers(status) {
+    const all = Array.from(this.transfers.values());
+    if (status) {
+      return all.filter((t) => t.status === status);
+    }
+    return all;
+  }
+  /**
+   * Get transfers by correlation ID.
+   * Useful for finding all transfers related to a single workflow.
+   */
+  getTransfersByCorrelation(correlationId) {
+    return Array.from(this.transfers.values()).filter(
+      (t) => t.correlationId === correlationId
+    );
+  }
+  /**
+   * Build a cross-chain audit trail for a given transfer.
+   * Links source and destination chain actions together.
+   *
+   * @param transferId - The transfer to build an audit trail for
+   * @returns CrossChainAuditEntry with linked action references
+   */
+  getAuditEntry(transferId) {
+    const transfer = this.transfers.get(transferId);
+    if (!transfer) return void 0;
+    const links = this.actionLinks.get(transferId) ?? {};
+    let durationMs = null;
+    if (transfer.confirmedAt && transfer.initiatedAt) {
+      durationMs = new Date(transfer.confirmedAt).getTime() - new Date(transfer.initiatedAt).getTime();
+    }
+    return {
+      transfer,
+      sourceActionId: links.sourceActionId ?? null,
+      destinationActionId: links.destinationActionId ?? null,
+      linked: !!(links.sourceActionId && links.destinationActionId),
+      durationMs
+    };
+  }
+  /**
+   * Build audit trail entries for all transfers, optionally filtered.
+   *
+   * @param agentId - Optional filter by agent
+   * @returns Array of CrossChainAuditEntry records
+   */
+  getAuditTrail(agentId) {
+    let transfers = Array.from(this.transfers.values());
+    if (agentId) {
+      transfers = transfers.filter((t) => t.agentId === agentId);
+    }
+    return transfers.map((t) => this.getAuditEntry(t.id)).filter((entry) => entry !== void 0);
+  }
+  /**
+   * Get the CCTP domain ID for a given chain.
+   *
+   * @param chain - The blockchain network
+   * @returns The CCTP domain ID, or undefined for unsupported chains
+   */
+  static getDomainId(chain) {
+    return CCTP_DOMAINS[chain];
+  }
+  /**
+   * Get the chains supported for CCTP transfers.
+   */
+  static getSupportedChains() {
+    return Object.keys(CCTP_DOMAINS);
+  }
+  // --------------------------------------------------------------------------
+  // Validation checks
+  // --------------------------------------------------------------------------
+  checkChainSupport(chain, label) {
+    const supported = chain in CCTP_DOMAINS;
+    return {
+      name: `cctp_${label}_chain`,
+      passed: supported,
+      description: supported ? `${label} chain ${chain} supports CCTP (domain ${CCTP_DOMAINS[chain]})` : `${label} chain ${chain} does not support CCTP`,
+      severity: supported ? "low" : "high"
+    };
+  }
+  checkRouteValidity(source, destination) {
+    const valid = source !== destination;
+    return {
+      name: "cctp_route_validity",
+      passed: valid,
+      description: valid ? `Valid cross-chain route: ${source} -> ${destination}` : `Invalid route: source and destination chains are the same (${source})`,
+      severity: valid ? "low" : "critical"
+    };
+  }
+  checkTokenSupport(token) {
+    const supported = token === "USDC" || token === "EURC";
+    return {
+      name: "cctp_token_support",
+      passed: supported,
+      description: supported ? `Token ${token} is supported for CCTP transfers` : `Token ${token} is not natively supported by CCTP (only USDC and EURC)`,
+      severity: supported ? "low" : "high"
+    };
+  }
+  checkAmountValidity(amount) {
+    const parsed = parseAmount(amount);
+    const valid = !isNaN(parsed) && parsed > 0;
+    return {
+      name: "cctp_amount_validity",
+      passed: valid,
+      description: valid ? `Transfer amount ${amount} is valid` : `Transfer amount ${amount} is invalid`,
+      severity: valid ? "low" : "critical"
+    };
+  }
+  checkAddressFormat(address, label) {
+    const isValid = /^0x[a-fA-F0-9]{40}$/.test(address);
+    return {
+      name: `cctp_address_${label}`,
+      passed: isValid,
+      description: isValid ? `${label} address format is valid` : `${label} address format is invalid: ${address}`,
+      severity: isValid ? "low" : "high"
+    };
+  }
+  // --------------------------------------------------------------------------
+  // Recommendations
+  // --------------------------------------------------------------------------
+  generateRecommendations(checks, input) {
+    const recommendations = [];
+    const amount = parseAmount(input.amount);
+    const failedChecks = checks.filter((c) => !c.passed);
+    if (failedChecks.some((c) => c.severity === "critical")) {
+      recommendations.push(
+        "Do not proceed with this transfer. Critical validation failures detected."
+      );
+    }
+    if (failedChecks.some((c) => c.name === "cctp_token_support")) {
+      recommendations.push(
+        "Consider using USDC for native CCTP support. Other tokens require bridge protocols."
+      );
+    }
+    if (!isNaN(amount) && amount >= 5e4) {
+      recommendations.push(
+        "Large cross-chain transfer detected. Verify recipient identity and document purpose."
+      );
+    }
+    if (!isNaN(amount) && amount >= 1e4) {
+      recommendations.push(
+        "Cross-chain transfer meets reporting threshold. Ensure CTR filing if applicable."
+      );
+    }
+    if (failedChecks.length === 0) {
+      recommendations.push(
+        "Transfer validation passed. Monitor attestation status for completion."
+      );
+    }
+    return recommendations;
+  }
+};
+
+// src/webhooks.ts
+var DEFAULT_RETRY_CONFIG = {
+  maxRetries: 3,
+  baseDelayMs: 1e3,
+  maxDelayMs: 3e4
+};
+var WebhookManager = class {
+  webhooks = /* @__PURE__ */ new Map();
+  deliveryResults = [];
+  retryConfig;
+  fetchFn;
+  constructor(retryConfig, fetchFn) {
+    this.retryConfig = { ...DEFAULT_RETRY_CONFIG, ...retryConfig };
+    this.fetchFn = fetchFn ?? globalThis.fetch;
+  }
+  /**
+   * Register a new webhook endpoint.
+   *
+   * @param input - Webhook configuration
+   * @returns The created WebhookConfig
+   */
+  register(input) {
+    if (!input.url || input.url.trim() === "") {
+      throw new Error("Webhook URL is required");
+    }
+    if (!input.events || input.events.length === 0) {
+      throw new Error("At least one event type is required");
+    }
+    const config = {
+      id: generateId(),
+      url: input.url,
+      events: input.events,
+      secret: input.secret,
+      active: true,
+      createdAt: now(),
+      metadata: input.metadata
+    };
+    this.webhooks.set(config.id, config);
+    return config;
+  }
+  /**
+   * Unregister a webhook by ID.
+   *
+   * @param webhookId - The webhook to remove
+   * @returns Whether the webhook was found and removed
+   */
+  unregister(webhookId) {
+    return this.webhooks.delete(webhookId);
+  }
+  /**
+   * Enable or disable a webhook.
+   *
+   * @param webhookId - The webhook to update
+   * @param active - Whether to enable or disable
+   * @returns The updated WebhookConfig, or undefined if not found
+   */
+  setActive(webhookId, active) {
+    const webhook = this.webhooks.get(webhookId);
+    if (!webhook) return void 0;
+    const updated = { ...webhook, active };
+    this.webhooks.set(webhookId, updated);
+    return updated;
+  }
+  /**
+   * Get all registered webhooks.
+   */
+  getWebhooks() {
+    return Array.from(this.webhooks.values());
+  }
+  /**
+   * Get a specific webhook by ID.
+   */
+  getWebhook(webhookId) {
+    return this.webhooks.get(webhookId);
+  }
+  /**
+   * Get delivery results for a specific webhook or all webhooks.
+   */
+  getDeliveryResults(webhookId) {
+    if (webhookId) {
+      return this.deliveryResults.filter((r) => r.webhookId === webhookId);
+    }
+    return [...this.deliveryResults];
+  }
+  /**
+   * Notify all subscribed webhooks of an anomaly detection event.
+   *
+   * @param anomaly - The detected anomaly event
+   * @returns Array of delivery results
+   */
+  async notifyAnomalyDetected(anomaly) {
+    const payload = {
+      id: generateId(),
+      event: "anomaly.detected",
+      timestamp: now(),
+      data: {
+        anomalyId: anomaly.id,
+        type: anomaly.type,
+        severity: anomaly.severity,
+        description: anomaly.description,
+        agentId: anomaly.agentId,
+        actionId: anomaly.actionId,
+        detectedAt: anomaly.detectedAt,
+        data: anomaly.data
+      }
+    };
+    return this.deliver("anomaly.detected", payload);
+  }
+  /**
+   * Notify all subscribed webhooks of a task confirmation.
+   *
+   * @param task - The confirmed task
+   * @returns Array of delivery results
+   */
+  async notifyTaskConfirmed(task) {
+    const payload = {
+      id: generateId(),
+      event: "task.confirmed",
+      timestamp: now(),
+      data: {
+        taskId: task.id,
+        description: task.description,
+        agentId: task.agentId,
+        status: task.status,
+        confirmedAt: task.confirmedAt,
+        correlationId: task.correlationId
+      }
+    };
+    return this.deliver("task.confirmed", payload);
+  }
+  /**
+   * Notify all subscribed webhooks of a task failure.
+   *
+   * @param task - The failed task
+   * @returns Array of delivery results
+   */
+  async notifyTaskFailed(task) {
+    const payload = {
+      id: generateId(),
+      event: "task.failed",
+      timestamp: now(),
+      data: {
+        taskId: task.id,
+        description: task.description,
+        agentId: task.agentId,
+        status: task.status,
+        correlationId: task.correlationId,
+        metadata: task.metadata
+      }
+    };
+    return this.deliver("task.failed", payload);
+  }
+  /**
+   * Notify all subscribed webhooks of a trust score change.
+   *
+   * @param trustScore - The new trust score
+   * @param previousScore - The previous score value (if known)
+   * @returns Array of delivery results
+   */
+  async notifyTrustScoreChanged(trustScore, previousScore) {
+    const payload = {
+      id: generateId(),
+      event: "trust.score_changed",
+      timestamp: now(),
+      data: {
+        agentId: trustScore.agentId,
+        score: trustScore.score,
+        previousScore: previousScore ?? null,
+        level: trustScore.level,
+        factors: trustScore.factors,
+        computedAt: trustScore.computedAt
+      }
+    };
+    return this.deliver("trust.score_changed", payload);
+  }
+  // --------------------------------------------------------------------------
+  // Delivery with retry
+  // --------------------------------------------------------------------------
+  async deliver(eventType, payload) {
+    const subscribers = Array.from(this.webhooks.values()).filter(
+      (w) => w.active && w.events.includes(eventType)
+    );
+    const results = [];
+    for (const webhook of subscribers) {
+      const result = await this.deliverToWebhook(webhook, payload);
+      results.push(result);
+      this.deliveryResults.push(result);
+    }
+    return results;
+  }
+  async deliverToWebhook(webhook, payload) {
+    let lastError = null;
+    let statusCode = null;
+    for (let attempt = 0; attempt <= this.retryConfig.maxRetries; attempt++) {
+      try {
+        if (attempt > 0) {
+          const delay = Math.min(
+            this.retryConfig.baseDelayMs * Math.pow(2, attempt - 1),
+            this.retryConfig.maxDelayMs
+          );
+          await this.sleep(delay);
+        }
+        const response = await this.fetchFn(webhook.url, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            "X-Kontext-Event": payload.event,
+            "X-Kontext-Delivery": payload.id,
+            ...webhook.secret ? { "X-Kontext-Signature": await this.computeSignature(payload, webhook.secret) } : {}
+          },
+          body: JSON.stringify(payload)
+        });
+        statusCode = response.status;
+        if (response.ok) {
+          return {
+            webhookId: webhook.id,
+            payloadId: payload.id,
+            success: true,
+            statusCode,
+            attempts: attempt + 1,
+            error: null,
+            lastAttemptAt: now()
+          };
+        }
+        lastError = `HTTP ${response.status}`;
+      } catch (error) {
+        lastError = error instanceof Error ? error.message : String(error);
+      }
+    }
+    return {
+      webhookId: webhook.id,
+      payloadId: payload.id,
+      success: false,
+      statusCode,
+      attempts: this.retryConfig.maxRetries + 1,
+      error: lastError,
+      lastAttemptAt: now()
+    };
+  }
+  async computeSignature(payload, secret) {
+    const { createHmac } = await import('crypto');
+    const hmac = createHmac("sha256", secret);
+    hmac.update(JSON.stringify(payload));
+    return hmac.digest("hex");
+  }
+  sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+  }
+};
+
+exports.CCTPTransferManager = CCTPTransferManager;
+exports.DigestChain = DigestChain;
+exports.Kontext = Kontext;
+exports.KontextError = KontextError;
+exports.KontextErrorCode = KontextErrorCode;
+exports.UsdcCompliance = UsdcCompliance;
+exports.WebhookManager = WebhookManager;
+exports.verifyExportedChain = verifyExportedChain;
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map