nebula-ai-core 0.1.0

package/src/memory/pack-gather.ts

@@ -0,0 +1,112 @@
+/**
+ * v0.24.0: gather + write helpers for the slot 0 (memory-index) and slot 3
+ * (profile) pack-blob envelopes. Both slots now bundle the root file plus
+ * every sibling file in the partition that v0.23.x would have left on
+ * local disk only.
+ *
+ * Slot 0 (agent key, transfers with iNFT):
+ *   - root: memory/MEMORY.md
+ *   - files: memory/agent/*.md EXCEPT identity.md (slot 1) + persona.md (slot 2)
+ *
+ * Slot 3 (operator PROFILE key, purges on transfer):
+ *   - root: memory/user/profile.md
+ *   - files: memory/user/*.md EXCEPT profile.md (it's already the root)
+ */
+
+import { mkdir, readFile, readdir, writeFile } from 'node:fs/promises'
+import { dirname, join } from 'node:path'
+import type { PackBlob } from './pack-blob'
+
+/** Files inside memory/agent/ that have their own slot and must NOT be packed. */
+const AGENT_PACK_EXCLUDED = new Set(['identity.md', 'persona.md'])
+
+/** Files inside memory/user/ that must NOT be packed (profile.md is the root). */
+const USER_PACK_EXCLUDED = new Set(['profile.md'])
+
+export interface GatherResult {
+  /** Root file content (empty string if root file is missing/empty). */
+  root: string
+  /** Sibling files keyed by filename. */
+  files: Record<string, string>
+}
+
+/**
+ * Read the agent partition into a {root, files} shape ready for `encodePackBlob`.
+ * Missing files yield empty strings; missing partition dir yields empty files.
+ */
+export async function gatherAgentPack(memoryDir: string): Promise<GatherResult> {
+  const rootPath = join(memoryDir, 'MEMORY.md')
+  const partitionDir = join(memoryDir, 'agent')
+  return gatherPack(rootPath, partitionDir, AGENT_PACK_EXCLUDED)
+}
+
+/**
+ * Read the user partition into a {root, files} shape ready for `encodePackBlob`.
+ * Missing files yield empty strings; missing partition dir yields empty files.
+ */
+export async function gatherUserPack(memoryDir: string): Promise<GatherResult> {
+  const rootPath = join(memoryDir, 'user', 'profile.md')
+  const partitionDir = join(memoryDir, 'user')
+  return gatherPack(rootPath, partitionDir, USER_PACK_EXCLUDED)
+}
+
+async function gatherPack(
+  rootPath: string,
+  partitionDir: string,
+  excludedFilenames: Set<string>,
+): Promise<GatherResult> {
+  const root = await readOptional(rootPath)
+  const files: Record<string, string> = {}
+  let entries: string[]
+  try {
+    entries = await readdir(partitionDir)
+  } catch {
+    return { root, files }
+  }
+  for (const name of entries) {
+    if (excludedFilenames.has(name)) continue
+    if (!name.endsWith('.md')) continue
+    const content = await readOptional(join(partitionDir, name))
+    if (content.length === 0) continue
+    files[name] = content
+  }
+  return { root, files }
+}
+
+async function readOptional(path: string): Promise<string> {
+  try {
+    return await readFile(path, 'utf8')
+  } catch {
+    return ''
+  }
+}
+
+/**
+ * Write the decoded pack contents back to the agent partition. Used by the
+ * gateway restore path on cold start. Idempotent: writes the root file and
+ * every entry in `files`; does NOT delete files that already exist on disk
+ * but are not in the pack (local-wins on conflict).
+ */
+export async function writeAgentPack(memoryDir: string, blob: PackBlob): Promise<void> {
+  const rootPath = join(memoryDir, 'MEMORY.md')
+  const partitionDir = join(memoryDir, 'agent')
+  await writePack(rootPath, partitionDir, blob)
+}
+
+/** Write the decoded user-partition pack back to disk. Idempotent (see writeAgentPack). */
+export async function writeUserPack(memoryDir: string, blob: PackBlob): Promise<void> {
+  const rootPath = join(memoryDir, 'user', 'profile.md')
+  const partitionDir = join(memoryDir, 'user')
+  await writePack(rootPath, partitionDir, blob)
+}
+
+async function writePack(rootPath: string, partitionDir: string, blob: PackBlob): Promise<void> {
+  if (blob.root.length > 0) {
+    await mkdir(dirname(rootPath), { recursive: true })
+    await writeFile(rootPath, blob.root)
+  }
+  await mkdir(partitionDir, { recursive: true })
+  for (const [name, content] of Object.entries(blob.files)) {
+    await writeFile(join(partitionDir, name), content)
+  }
+}

package/src/memory/parser.ts

@@ -0,0 +1,20 @@
+import matter from 'gray-matter'
+import type { MemoryFrontmatter, MemoryPartition, MemoryTopic } from './types'
+
+export function parseTopic(partition: MemoryPartition, slug: string, raw: string): MemoryTopic {
+  const parsed = matter(raw)
+  const fm = parsed.data as Partial<MemoryFrontmatter>
+  if (!fm.name || !fm.description || !fm.type) {
+    throw new Error(`Topic file ${slug} missing required frontmatter (name/description/type)`)
+  }
+  return {
+    partition,
+    slug,
+    frontmatter: fm as MemoryFrontmatter,
+    body: parsed.content.trimStart(),
+  }
+}
+
+export function stringifyTopic(topic: MemoryTopic): string {
+  return matter.stringify(topic.body, topic.frontmatter as Record<string, unknown>)
+}

package/src/memory/read-tool.ts

@@ -0,0 +1,198 @@
+import { readFile } from 'node:fs/promises'
+import { resolve } from 'node:path'
+import { z } from 'zod'
+import { agentPaths } from '../paths'
+import type { ToolDef } from '../tools/types'
+import { readIndexFile } from './index-file'
+
+/**
+ * `memory.read` — fetch a memory file's full body by title, slug, or relative
+ * path. Resolution order:
+ *
+ *   1. If `name` is a relative path under the memory dir → read directly.
+ *   2. Look up MEMORY.md: match entry whose title or filename contains the
+ *      requested string (case-insensitive substring). MEMORY.md is the
+ *      authoritative registry, so this catches whatever weird filename
+ *      `memory.save` produced.
+ *   3. Try common naming patterns as a last resort.
+ *
+ * Without this tool the brain only sees the index hook line and can't recall
+ * specifics ("what's stored in user-favorite-color.md") on demand.
+ */
+const readSchema = z.object({
+  name: z
+    .string()
+    .min(1)
+    .max(256)
+    .describe(
+      'Memory entry title (from MEMORY.md), slug, or relative path. Examples: `favorite-color`, `Nebula identity`, `user/user-elpabl0.md`.',
+    ),
+})
+
+export type MemoryReadArgs = z.infer<typeof readSchema>
+
+export interface MakeMemoryReadToolArgs {
+  agentId: string
+  /**
+   * Override the on-disk agent dir. Gateway daemon writes restored memory
+   * under `${TMPDIR}/nebula-gateway/<id>/` while local-mode chat.tsx uses
+   * `~/.nebula/agents/<id>/`. Pass the daemon's true agentDir so the brain's
+   * memory.read resolves against the same path the gateway just wrote to —
+   * otherwise files restored from chain return "not found" because the tool
+   * defaults to agentPaths (the legacy location).
+   */
+  agentDir?: string
+}
+
+export function makeMemoryReadTool({
+  agentId,
+  agentDir,
+}: MakeMemoryReadToolArgs): ToolDef<MemoryReadArgs> {
+  return {
+    name: 'memory.read',
+    description:
+      'Read the full body of a memory file. Use to recall specific facts. Match by title from MEMORY.md, slug, or relative path. Tries multiple resolutions before giving up.',
+    schema: readSchema,
+    handler: async args => {
+      const memDir = agentDir ? `${agentDir}/memory` : agentPaths.agent(agentId).memoryDir
+      const memoryIndex = agentDir
+        ? `${agentDir}/memory/MEMORY.md`
+        : agentPaths.agent(agentId).memoryIndex
+      const query = args.name.trim()
+      const safeRead = makeSafeReader(memDir)
+
+      const tried: string[] = []
+
+      // 1. Direct relative path with .md (path-traversal-checked).
+      if (query.endsWith('.md') && query.includes('/')) {
+        const result = await safeRead(query)
+        tried.push(query)
+        if (result) return success(query, result)
+      }
+
+      // 2. MEMORY.md lookup — match by title or filename. Three passes:
+      //    (a) exact match on title or file
+      //    (b) substring of title or file contains the full query
+      //    (c) token-overlap score (each non-stopword in query that appears
+      //        in the entry's title+file+hook counts; ties broken by recency)
+      // Pass (c) is the one that catches "tool test run" → "Tool test session"
+      // — the brain often paraphrases titles when recalling, and substring
+      // match alone fails when the operator's word order or extra tokens
+      // differ from the canonical name.
+      try {
+        const idx = await readIndexFile(memoryIndex)
+        const q = query.toLowerCase()
+        const entries = Array.from(idx.entries.values())
+        const exact = entries.find(e => e.title.toLowerCase() === q || e.file.toLowerCase() === q)
+        const substringMatch =
+          exact ??
+          entries.find(e => e.title.toLowerCase().includes(q) || e.file.toLowerCase().includes(q))
+        let match = substringMatch
+        if (!match) {
+          const STOP = new Set([
+            'the',
+            'a',
+            'an',
+            'and',
+            'or',
+            'of',
+            'to',
+            'in',
+            'on',
+            'for',
+            'is',
+            'are',
+            'was',
+            'were',
+            'be',
+            'been',
+            'i',
+            'my',
+            'me',
+            'you',
+            'your',
+            'about',
+            'remember',
+            'what',
+            'did',
+            'tell',
+            'said',
+            'told',
+            'memory',
+            'note',
+            'notes',
+          ])
+          const tokens = q.split(/[^a-z0-9]+/).filter(t => t.length >= 2 && !STOP.has(t))
+          if (tokens.length > 0) {
+            let best: { entry: (typeof entries)[number]; score: number } | null = null
+            for (const e of entries) {
+              const blob = `${e.title} ${e.file} ${e.hook ?? ''}`.toLowerCase()
+              const score = tokens.reduce((s, t) => s + (blob.includes(t) ? 1 : 0), 0)
+              if (score > 0 && (best === null || score > best.score)) {
+                best = { entry: e, score }
+              }
+            }
+            if (best && best.score >= Math.max(1, Math.ceil(tokens.length / 2))) {
+              match = best.entry
+            }
+          }
+        }
+        if (match) {
+          const result = await safeRead(match.file)
+          tried.push(`MEMORY.md→${match.file}`)
+          if (result) return success(match.file, result)
+        }
+      } catch {
+        // MEMORY.md missing or unreadable — fall through to direct paths.
+      }
+
+      // 3. Common naming patterns
+      const stem = query.replace(/\.md$/, '').replace(/^\/+/, '')
+      const fallbacks = [
+        `agent/${stem}.md`,
+        `user/${stem}.md`,
+        `agent/identity-${stem}.md`,
+        `agent/learned-${stem}.md`,
+        `user/user-${stem}.md`,
+        `user/feedback-${stem}.md`,
+        `user/project-${stem}.md`,
+        `user/reference-${stem}.md`,
+      ]
+      for (const rel of fallbacks) {
+        const result = await safeRead(rel)
+        tried.push(rel)
+        if (result) return success(rel, result)
+      }
+
+      return {
+        ok: false,
+        error: `Memory file not found for "${query}". Tried: ${tried.join(', ')}`,
+      }
+    },
+  }
+}
+
+/**
+ * Returns a reader that refuses to escape the agent's memory directory.
+ * Prevents `../../etc/passwd.md`-style traversal even if a malicious memory
+ * entry steers the brain into asking for an out-of-tree path.
+ */
+function makeSafeReader(memDir: string) {
+  const root = resolve(memDir)
+  return async (relPath: string): Promise<string | null> => {
+    const full = resolve(memDir, relPath)
+    if (full !== root && !full.startsWith(`${root}/`)) {
+      return null
+    }
+    try {
+      return await readFile(full, 'utf8')
+    } catch (e) {
+      if ((e as NodeJS.ErrnoException).code === 'ENOENT') return null
+      throw e
+    }
+  }
+}
+
+function success(path: string, content: string) {
+  return { ok: true, data: { path, content } }
+}

package/src/memory/save-tool.ts

@@ -0,0 +1,189 @@
+import { join } from 'node:path'
+import { z } from 'zod'
+import { agentPaths } from '../paths'
+import type { ToolDef } from '../tools/types'
+import { addEntryLine, readIndexFile, writeIndexFile } from './index-file'
+import { scanForThreats } from './scan'
+import { readTopic, writeTopic } from './topic'
+import {
+  MEMORY_TYPES,
+  type MemoryFrontmatter,
+  type MemoryPartition,
+  type MemoryTopic,
+  type MemoryType,
+} from './types'
+
+const saveSchema = z.object({
+  name: z.string().min(3).max(64).describe('Short human-readable title for this memory.'),
+  description: z
+    .string()
+    .min(10)
+    .max(240)
+    .describe('One-line description used to decide relevance in future sessions. Be specific.'),
+  type: z
+    .enum(MEMORY_TYPES)
+    .describe(
+      'Memory type. agent-* transfers with iNFT; user/feedback/project/reference are operator-scoped and purge on transfer.',
+    ),
+  /** For MVP we only support full-body rewrite. Edit ops follow in phase 3.5+. */
+  content: z
+    .string()
+    .min(1)
+    .max(10_000)
+    .describe('Full markdown body of the memory (no frontmatter — it gets added).'),
+})
+
+export type MemorySaveArgs = z.infer<typeof saveSchema>
+
+/** Shape returned in `data` from a successful memory.save call. */
+export interface MemorySaveData {
+  file: string
+  partition: MemoryPartition
+  slug: string
+  updated: boolean
+}
+
+export interface MakeMemorySaveToolArgs {
+  agentId: string
+  /**
+   * Override the on-disk agent dir (e.g. `${TMPDIR}/nebula-gateway/<id>`).
+   * Gateway daemon writes memory under tmpdir, not `~/.nebula/agents/<id>/`.
+   * When provided, `topic` + `MEMORY.md` resolve against this root.
+   * When absent, fall back to `agentPaths.agent(agentId).dir` for local-mode
+   * callers (chat.tsx pre-gateway path).
+   */
+  agentDir?: string
+}
+
+export function makeMemorySaveTool({
+  agentId,
+  agentDir,
+}: MakeMemorySaveToolArgs): ToolDef<MemorySaveArgs> {
+  return {
+    name: 'memory.save',
+    description:
+      'Save a durable fact, preference, or knowledge to long-term memory. Call proactively when you learn non-obvious things about the user or world. Skip derivable info (code patterns, git log, ephemeral state).',
+    schema: saveSchema,
+    handler: async args => {
+      const scan = scanForThreats(args.content)
+      if (!scan.ok) {
+        return {
+          ok: false,
+          error: `Content rejected by threat scan: ${scan.violations.map(v => v.id).join(', ')}`,
+        }
+      }
+
+      const partition = partitionForType(args.type)
+      const slug = toSlug(args.name, args.type)
+      const dir = agentDir ?? agentPaths.agent(agentId).dir
+      const now = new Date().toISOString()
+
+      const existing = await readTopic(dir, partition, slug)
+      const isProfile = slug === PROFILE_SLUG && partition === 'user'
+      const fm: MemoryFrontmatter = {
+        name: isProfile ? PROFILE_SLUG : args.name,
+        description: isProfile
+          ? (existing?.frontmatter.description ?? args.description)
+          : args.description,
+        type: args.type,
+        createdAt: existing?.frontmatter.createdAt ?? now,
+        updatedAt: now,
+      }
+      const topic: MemoryTopic = {
+        partition,
+        slug,
+        frontmatter: fm,
+        body: existing ? mergeBody(existing.body, args.content, slug) : args.content,
+      }
+      await writeTopic(dir, topic)
+
+      const indexPath = agentDir
+        ? join(agentDir, 'memory', 'MEMORY.md')
+        : agentPaths.agent(agentId).memoryIndex
+      let index = await readIndexFile(indexPath)
+      const file = `${partition}/${slug}.md`
+      if (!index.entries.has(file)) {
+        index = addEntryLine(index, {
+          file,
+          title: args.name,
+          hook: args.description,
+        })
+        await writeIndexFile(indexPath, index)
+      }
+
+      const data: MemorySaveData = { file, partition, slug, updated: existing !== null }
+      return { ok: true, data }
+    },
+  }
+}
+
+function partitionForType(type: MemoryType): MemoryPartition {
+  return type.startsWith('agent-') ? 'agent' : 'user'
+}
+
+/**
+ * Canonical operator-facts file in the user partition. Anchors to iNFT slot 3.
+ * Any user/<other>.md file is local-only scratchpad until v0.24.0 ships the
+ * multi-file user partition.
+ */
+export const PROFILE_SLUG = 'profile' as const
+
+/**
+ * Brain often picks ambiguous names for operator facts ("preferences",
+ * "operator profile", "about me", "my preferences"). Consolidate them all
+ * into user/profile.md so the fact actually anchors to chain instead of
+ * being lost on reprovision.
+ */
+const PROFILE_NAME_PATTERN =
+  /^(my[\s_-]?)?(profile|preferences?|about[\s_-]?me|operator[\s_-]?profile|user[\s_-]?profile|operator[\s_-]?preferences?|user[\s_-]?preferences?)$/i
+
+export function toSlug(name: string, type: MemoryType): string {
+  if (type === 'user' && PROFILE_NAME_PATTERN.test(name.trim())) {
+    return PROFILE_SLUG
+  }
+
+  let prefix = ''
+  if (type.startsWith('user-')) prefix = type.replace(/^user-/, '')
+  else if (type.startsWith('agent-')) prefix = type.replace(/^agent-/, '')
+
+  const base = name
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, '-')
+    .replace(/^-|-$/g, '')
+    .slice(0, 48)
+  return prefix ? `${prefix}-${base}` : base
+}
+
+function mergeBody(prev: string, add: string, slug: string): string {
+  return slug === PROFILE_SLUG ? mergeProfileBody(prev, add) : appendBody(prev, add)
+}
+
+/**
+ * Profile.md grows over time as the brain learns operator facts. Plain append
+ * accumulates duplicates ("Operator likes coffee black" written 5 times across
+ * sessions). Dedup at line granularity: skip any non-blank line that already
+ * appears verbatim in the previous body. Append only fresh lines.
+ *
+ * Section-level merge (replace `## Heading` blocks) is intentionally NOT done
+ * here — the brain doesn't reliably structure profile writes with stable
+ * headings, so a line-dedup is the cheapest correct semantics.
+ */
+export function mergeProfileBody(prev: string, add: string): string {
+  const prevLines = new Set(
+    prev
+      .split('\n')
+      .map(l => l.trim())
+      .filter(l => l.length > 0),
+  )
+  const freshLines = add
+    .split('\n')
+    .map(l => l.trim())
+    .filter(l => l.length > 0 && !prevLines.has(l))
+  if (freshLines.length === 0) return prev
+  return `${prev.trimEnd()}\n\n${freshLines.join('\n')}`
+}
+
+function appendBody(prev: string, add: string): string {
+  const trimmed = prev.trimEnd()
+  return `${trimmed}\n\n${add}`
+}

package/src/memory/scan.ts

@@ -0,0 +1,63 @@
+/**
+ * Threat-pattern scan applied to every write. Content that matches any
+ * pattern is rejected — this file IS a memory file that gets injected into
+ * the brain's prompt, so malicious content = persistent prompt injection.
+ *
+ * MVP list (extend over time).
+ */
+const PATTERNS: Array<{ id: string; regex: RegExp; reason: string }> = [
+  {
+    id: 'ignore-previous-instructions',
+    regex: /ignore (all |any |previous |prior )?instructions/i,
+    reason: 'Prompt injection attempt (ignore-instructions directive).',
+  },
+  {
+    id: 'role-override',
+    regex: /you are (now |actually |a )[^.\n]{3,80}/i,
+    reason: 'Prompt injection attempt (role override).',
+  },
+  {
+    id: 'system-prompt-request',
+    regex: /(print|show|reveal|output) (your|the) (system )?prompt/i,
+    reason: 'Prompt injection attempt (system-prompt exfil).',
+  },
+  {
+    id: 'private-key-dump',
+    regex: /(private|secret) key is ([0-9a-f]{32,}|0x[0-9a-f]{40,})/i,
+    reason: 'Suspicious private-key literal in memory content.',
+  },
+  {
+    id: 'invisible-unicode',
+    // Explicit alternation to avoid ZWJ-composed character classes that
+    // biome's noMisleadingCharacterClass rule flags. Covers zero-width
+    // space, joiner variants, BOM, and Unicode bidi override markers.
+    regex: /​|‌|‍||⁠|‪|‫|‬|‭|‮/u,
+    reason: 'Invisible unicode detected (possible hidden instruction).',
+  },
+  {
+    id: 'transfer-claim',
+    regex: /transfer.*(inft|agent).*(without|bypass|skip).*(tee|verification|signature)/i,
+    reason: 'Suspicious transfer/TEE-bypass claim.',
+  },
+  {
+    id: 'exfil-sink',
+    regex:
+      /(curl|fetch|wget|nc) [^\n]{10,}[@:.]([a-z0-9.-]+\.(?!(nebula|local|localhost|127\.0\.0\.1))[a-z]{2,})/i,
+    reason: 'Command-line exfiltration pattern in memory content.',
+  },
+]
+
+export interface ThreatScanResult {
+  ok: boolean
+  violations: Array<{ id: string; reason: string }>
+}
+
+export function scanForThreats(content: string): ThreatScanResult {
+  const violations: Array<{ id: string; reason: string }> = []
+  for (const p of PATTERNS) {
+    if (p.regex.test(content)) {
+      violations.push({ id: p.id, reason: p.reason })
+    }
+  }
+  return { ok: violations.length === 0, violations }
+}

package/src/memory/topic.ts

@@ -0,0 +1,32 @@
+import { mkdir, readFile, rename, writeFile } from 'node:fs/promises'
+import { dirname, join } from 'node:path'
+import { parseTopic, stringifyTopic } from './parser'
+import type { MemoryPartition, MemoryTopic } from './types'
+
+export async function readTopic(
+  dir: string,
+  partition: MemoryPartition,
+  slug: string,
+): Promise<MemoryTopic | null> {
+  const path = topicPath(dir, partition, slug)
+  const raw = await readFile(path, 'utf8').catch(e => {
+    if ((e as NodeJS.ErrnoException).code === 'ENOENT') return null
+    throw e
+  })
+  if (raw === null) return null
+  return parseTopic(partition, slug, raw)
+}
+
+export async function writeTopic(dir: string, topic: MemoryTopic): Promise<void> {
+  const path = topicPath(dir, topic.partition, topic.slug)
+  await mkdir(dirname(path), { recursive: true })
+
+  const tmp = `${path}.tmp-${process.pid}-${Date.now().toString(36)}`
+  const body = stringifyTopic(topic)
+  await writeFile(tmp, body, 'utf8')
+  await rename(tmp, path)
+}
+
+export function topicPath(dir: string, partition: MemoryPartition, slug: string): string {
+  return join(dir, 'memory', partition, `${slug}.md`)
+}

package/src/memory/types.ts

@@ -0,0 +1,49 @@
+export const MEMORY_TYPES = [
+  'agent-identity',
+  'agent-persona',
+  'agent-learned',
+  'user',
+  'user-convos',
+  'user-private',
+  'feedback',
+  'project',
+  'reference',
+] as const
+
+export type MemoryType = (typeof MEMORY_TYPES)[number]
+
+export type MemoryPartition = 'agent' | 'user' | 'public'
+
+export interface MemoryFrontmatter {
+  name: string
+  description: string
+  type: MemoryType
+  /** ISO timestamp, set on first write. */
+  createdAt?: string
+  /** ISO timestamp, updated on every write. */
+  updatedAt?: string
+  /** Free-form extra fields preserved on round-trip. */
+  [key: string]: unknown
+}
+
+export interface MemoryTopic {
+  partition: MemoryPartition
+  /** Filename without `.md` extension, e.g. `feedback-testing`. */
+  slug: string
+  frontmatter: MemoryFrontmatter
+  /** Full markdown body below frontmatter. */
+  body: string
+}
+
+export interface MemoryIndexEntry {
+  file: string
+  title: string
+  hook: string
+}
+
+export interface MemoryIndex {
+  /** Raw lines from MEMORY.md preserved in order. */
+  lines: string[]
+  /** Parsed index entries keyed by file. */
+  entries: Map<string, MemoryIndexEntry>
+}

package/src/migration/index.ts

@@ -0,0 +1,6 @@
+export {
+  encryptToPubkey,
+  decryptWithPrivkey,
+  generateBootstrapKeypair,
+  type Option3Envelope,
+} from './option3-crypto'