openclaw-overlay-plugin 0.7.22

package/dist/core/wallet.d.ts

@@ -0,0 +1,99 @@
+/**
+ * @a2a-bsv/core — BSVAgentWallet
+ *
+ * High-level wallet class for AI agent-to-agent BSV payments.
+ * Wraps @bsv/wallet-toolbox's Wallet + StorageKnex with a clean,
+ * minimal API surface designed for automated agent use.
+ */
+import type { SetupWallet } from '@bsv/wallet-toolbox';
+import type { WalletConfig, PaymentParams, PaymentResult, VerifyParams, VerifyResult, AcceptParams, AcceptResult } from './types.js';
+/**
+ * BSVAgentWallet — the primary class for agent-to-agent BSV payments.
+ *
+ * Usage:
+ * ```ts
+ * // Create a new wallet (generates keys)
+ * const wallet = await BSVAgentWallet.load({ network: 'testnet', storageDir: './agent-wallet' });
+ *
+ * // Load an existing wallet
+ * const wallet = await BSVAgentWallet.load({ network: 'testnet', storageDir: './agent-wallet' });
+ *
+ * // Make a payment
+ * const payment = await wallet.createPayment({ to: recipientPubKey, satoshis: 500 });
+ *
+ * // Verify and accept a payment
+ * const verification = wallet.verifyPayment({ beef: payment.beef });
+ * if (verification.valid) {
+ *   await wallet.acceptPayment({ beef: payment.beef, ...derivationInfo });
+ * }
+ * ```
+ */
+export declare class BSVAgentWallet {
+    /** @internal — exposed for advanced operations (e.g. direct internalizeAction) */
+    readonly _setup: SetupWallet;
+    private constructor();
+    /**
+     * Create a new agent wallet. Generates a fresh root key and persists it.
+     * The SQLite database and identity file are written to `config.storageDir`.
+     */
+    private static create;
+    /**
+     * Load an existing agent wallet from its storage directory.
+     * Reads the persisted identity file and re-initializes the wallet.
+     */
+    static load(config: WalletConfig): Promise<BSVAgentWallet>;
+    /**
+     * Get this wallet's public identity key (compressed hex, 33 bytes).
+     * This is the key other agents use to send payments to you.
+     */
+    getIdentityKey(): Promise<string>;
+    /**
+     * Get the wallet's current balance in satoshis.
+     *
+     * Uses the BRC-100 wallet's balance method which sums spendable outputs
+     * in the default basket.
+     */
+    getBalance(): Promise<number>;
+    /**
+     * Cleanly shut down the wallet, releasing database connections and
+     * stopping the background monitor.
+     */
+    destroy(): Promise<void>;
+    /**
+     * Build a BRC-29 payment to another agent.
+     *
+     * The transaction is created with `noSend: true` — the sender does NOT
+     * broadcast it. Instead, the Atomic BEEF and derivation metadata are
+     * returned so they can be transmitted to the recipient, who will
+     * verify and internalize (broadcast) the payment.
+     *
+     * @param params.to — Recipient's compressed public key (hex).
+     * @param params.satoshis — Amount in satoshis.
+     * @param params.description — Optional human-readable note.
+     */
+    createPayment(params: PaymentParams): Promise<PaymentResult>;
+    /**
+     * Verify an incoming Atomic BEEF payment.
+     *
+     * This performs structural validation and SPV verification via tx.verify().
+     */
+    verifyPayment(params: VerifyParams): Promise<VerifyResult>;
+    /**
+     * Accept (internalize) a verified payment into this wallet.
+     *
+     * Uses the BRC-29 wallet payment protocol to derive the correct key
+     * and claim the output. This triggers SPV verification and, if the
+     * transaction hasn't been broadcast yet, broadcasts it.
+     */
+    acceptPayment(params: AcceptParams): Promise<AcceptResult>;
+    /** Get the underlying wallet-toolbox SetupWallet for advanced operations. */
+    getSetup(): SetupWallet;
+    /**
+     * Internal: manually construct a BRC-100 wallet backed by SQLite.
+     *
+     * We build this by hand instead of using Setup.createWalletSQLite because
+     * the toolbox has a bug where its internal randomBytesHex is a stub.
+     * We use the same components but wire them up correctly.
+     */
+    private static buildSetup;
+}

package/dist/core/wallet.js

@@ -0,0 +1,219 @@
+/**
+ * @a2a-bsv/core — BSVAgentWallet
+ *
+ * High-level wallet class for AI agent-to-agent BSV payments.
+ * Wraps @bsv/wallet-toolbox's Wallet + StorageKnex with a clean,
+ * minimal API surface designed for automated agent use.
+ */
+import { PrivateKey, CachedKeyDeriver } from '@bsv/sdk';
+import { Wallet, WalletStorageManager, Services, Monitor, StorageKnex, randomBytesHex, ChaintracksServiceClient, } from '@bsv/wallet-toolbox';
+import knexLib from 'knex';
+import * as path from 'node:path';
+import * as fs from 'node:fs';
+import { toChain, DEFAULT_TAAL_API_KEYS, DEFAULT_DB_NAME } from './config.js';
+import { buildPayment } from './payment.js';
+import { verifyPayment, acceptPayment } from './verify.js';
+/** Filename for the persisted wallet identity JSON. */
+const IDENTITY_FILE = 'wallet-identity.json';
+/**
+ * BSVAgentWallet — the primary class for agent-to-agent BSV payments.
+ *
+ * Usage:
+ * ```ts
+ * // Create a new wallet (generates keys)
+ * const wallet = await BSVAgentWallet.load({ network: 'testnet', storageDir: './agent-wallet' });
+ *
+ * // Load an existing wallet
+ * const wallet = await BSVAgentWallet.load({ network: 'testnet', storageDir: './agent-wallet' });
+ *
+ * // Make a payment
+ * const payment = await wallet.createPayment({ to: recipientPubKey, satoshis: 500 });
+ *
+ * // Verify and accept a payment
+ * const verification = wallet.verifyPayment({ beef: payment.beef });
+ * if (verification.valid) {
+ *   await wallet.acceptPayment({ beef: payment.beef, ...derivationInfo });
+ * }
+ * ```
+ */
+export class BSVAgentWallet {
+    /** @internal — exposed for advanced operations (e.g. direct internalizeAction) */
+    _setup;
+    constructor(setup) {
+        this._setup = setup;
+    }
+    // ---------------------------------------------------------------------------
+    // Factory methods
+    // ---------------------------------------------------------------------------
+    /**
+     * Create a new agent wallet. Generates a fresh root key and persists it.
+     * The SQLite database and identity file are written to `config.storageDir`.
+     */
+    static async create(config) {
+        // Generate a new root key (or use one provided in config)
+        const rootKeyHex = config.rootKeyHex ?? PrivateKey.fromRandom().toHex();
+        const rootKey = PrivateKey.fromHex(rootKeyHex);
+        const identityKey = rootKey.toPublicKey().toString();
+        // Ensure the storage directory exists
+        fs.mkdirSync(config.storageDir, { recursive: true });
+        // Persist identity for later loading
+        const identity = {
+            rootKeyHex,
+            identityKey,
+            network: config.network,
+        };
+        const identityPath = path.join(config.storageDir, IDENTITY_FILE);
+        fs.writeFileSync(identityPath, JSON.stringify(identity, null, 2), 'utf-8');
+        // Build the wallet
+        const setup = await BSVAgentWallet.buildSetup(config, rootKeyHex);
+        return new BSVAgentWallet(setup);
+    }
+    /**
+     * Load an existing agent wallet from its storage directory.
+     * Reads the persisted identity file and re-initializes the wallet.
+     */
+    static async load(config) {
+        const identityPath = path.join(config.storageDir, IDENTITY_FILE);
+        if (!fs.existsSync(identityPath)) {
+            return this.create(config);
+        }
+        const identity = JSON.parse(fs.readFileSync(identityPath, 'utf-8'));
+        const rootKeyHex = config.rootKeyHex ?? identity.rootKeyHex;
+        const setup = await BSVAgentWallet.buildSetup(config, rootKeyHex);
+        return new BSVAgentWallet(setup);
+    }
+    // ---------------------------------------------------------------------------
+    // Wallet lifecycle
+    // ---------------------------------------------------------------------------
+    /**
+     * Get this wallet's public identity key (compressed hex, 33 bytes).
+     * This is the key other agents use to send payments to you.
+     */
+    async getIdentityKey() {
+        return this._setup.identityKey;
+    }
+    /**
+     * Get the wallet's current balance in satoshis.
+     *
+     * Uses the BRC-100 wallet's balance method which sums spendable outputs
+     * in the default basket.
+     */
+    async getBalance() {
+        return await this._setup.wallet.balance();
+    }
+    /**
+     * Cleanly shut down the wallet, releasing database connections and
+     * stopping the background monitor.
+     */
+    async destroy() {
+        await this._setup.wallet.destroy();
+    }
+    // ---------------------------------------------------------------------------
+    // Payment creation (sender/payer side)
+    // ---------------------------------------------------------------------------
+    /**
+     * Build a BRC-29 payment to another agent.
+     *
+     * The transaction is created with `noSend: true` — the sender does NOT
+     * broadcast it. Instead, the Atomic BEEF and derivation metadata are
+     * returned so they can be transmitted to the recipient, who will
+     * verify and internalize (broadcast) the payment.
+     *
+     * @param params.to — Recipient's compressed public key (hex).
+     * @param params.satoshis — Amount in satoshis.
+     * @param params.description — Optional human-readable note.
+     */
+    async createPayment(params) {
+        return buildPayment(this._setup, params);
+    }
+    // ---------------------------------------------------------------------------
+    // Payment verification & acceptance (receiver/merchant side)
+    // ---------------------------------------------------------------------------
+    /**
+     * Verify an incoming Atomic BEEF payment.
+     *
+     * This performs structural validation and SPV verification via tx.verify().
+     */
+    async verifyPayment(params) {
+        return await verifyPayment(params);
+    }
+    /**
+     * Accept (internalize) a verified payment into this wallet.
+     *
+     * Uses the BRC-29 wallet payment protocol to derive the correct key
+     * and claim the output. This triggers SPV verification and, if the
+     * transaction hasn't been broadcast yet, broadcasts it.
+     */
+    async acceptPayment(params) {
+        return acceptPayment(this._setup, params);
+    }
+    // ---------------------------------------------------------------------------
+    // Access to underlying toolbox objects (for advanced use)
+    // ---------------------------------------------------------------------------
+    /** Get the underlying wallet-toolbox SetupWallet for advanced operations. */
+    getSetup() {
+        return this._setup;
+    }
+    // ---------------------------------------------------------------------------
+    // Private helpers
+    // ---------------------------------------------------------------------------
+    /**
+     * Internal: manually construct a BRC-100 wallet backed by SQLite.
+     *
+     * We build this by hand instead of using Setup.createWalletSQLite because
+     * the toolbox has a bug where its internal randomBytesHex is a stub.
+     * We use the same components but wire them up correctly.
+     */
+    static async buildSetup(config, rootKeyHex) {
+        const chain = toChain(config.network);
+        const taalApiKey = config.taalApiKey ?? DEFAULT_TAAL_API_KEYS[chain];
+        const rootKey = PrivateKey.fromHex(rootKeyHex);
+        const identityKey = rootKey.toPublicKey().toString();
+        // 1. Key derivation
+        const keyDeriver = new CachedKeyDeriver(rootKey);
+        // 2. Storage manager (empty initially)
+        const storage = new WalletStorageManager(identityKey);
+        // 3. Network services (ARC broadcasting, chain tracking, etc.)
+        const serviceOptions = Services.createDefaultOptions(chain);
+        serviceOptions.chaintracks = new ChaintracksServiceClient(chain, 'https://chaintracks-us-1.bsvb.tech');
+        serviceOptions.taalApiKey = taalApiKey;
+        const services = new Services(serviceOptions);
+        // 4. Background monitor
+        const monopts = Monitor.createDefaultWalletMonitorOptions(chain, storage, services);
+        const monitor = new Monitor(monopts);
+        monitor.addDefaultTasks();
+        // 5. The BRC-100 Wallet
+        const wallet = new Wallet({ chain, keyDeriver, storage, services, monitor });
+        // 6. SQLite storage via knex
+        const filePath = path.join(config.storageDir, `${DEFAULT_DB_NAME}.sqlite`);
+        const knex = knexLib({
+            client: 'sqlite3',
+            connection: { filename: filePath },
+            useNullAsDefault: true,
+        });
+        // Fee model: configurable via BSV_FEE_MODEL env var (default: 100 sat/KB)
+        const feeModelValue = config.feeModel ??
+            (process.env.BSV_FEE_MODEL ? parseInt(process.env.BSV_FEE_MODEL, 10) : 100);
+        const activeStorage = new StorageKnex({
+            chain,
+            knex,
+            commissionSatoshis: 0,
+            commissionPubKeyHex: undefined,
+            feeModel: { model: 'sat/kb', value: feeModelValue },
+        });
+        await activeStorage.migrate(DEFAULT_DB_NAME, randomBytesHex(33));
+        await activeStorage.makeAvailable();
+        await storage.addWalletStorageProvider(activeStorage);
+        await activeStorage.findOrInsertUser(identityKey);
+        return {
+            rootKey,
+            identityKey,
+            keyDeriver,
+            chain,
+            storage,
+            services,
+            monitor,
+            wallet,
+        };
+    }
+}

package/dist/scripts/baemail/commands.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Baemail commands - paid message forwarding service.
+ */
+export interface BaemailConfig {
+    deliveryChannel: string;
+    tiers: {
+        standard: number;
+        priority: number;
+        urgent: number;
+    };
+    maxMessageLength: number;
+    blocklist: string[];
+    createdAt: string;
+    updatedAt: string;
+}
+export interface BaemailLogEntry {
+    requestId: string;
+    from: string;
+    senderName: string;
+    tier: string;
+    paidSats: number;
+    messageLength: number;
+    deliveryChannel: string;
+    deliverySuccess: boolean;
+    deliveryError: string | null;
+    paymentTxid: string;
+    refundStatus: string | null;
+    refundTxid?: string;
+    refundedAt?: string;
+    timestamp: string;
+    _lineIdx?: number;
+}
+/**
+ * Load baemail configuration.
+ */
+export declare function loadBaemailConfig(): BaemailConfig | null;
+/**
+ * Save baemail configuration.
+ */
+export declare function saveBaemailConfig(config: BaemailConfig): void;
+/**
+ * Setup baemail service with delivery channel and tier pricing.
+ */
+export declare function cmdBaemailSetup(channel: string | undefined, standardStr: string | undefined, priorityStr?: string, urgentStr?: string): Promise<never>;
+/**
+ * View current baemail configuration.
+ */
+export declare function cmdBaemailConfig(): Promise<never>;
+/**
+ * Block a sender from using baemail.
+ */
+export declare function cmdBaemailBlock(identityKey: string | undefined): Promise<never>;
+/**
+ * Unblock a sender.
+ */
+export declare function cmdBaemailUnblock(identityKey: string | undefined): Promise<never>;
+/**
+ * View baemail delivery log.
+ */
+export declare function cmdBaemailLog(limitStr?: string): Promise<never>;
+/**
+ * Refund a failed baemail delivery.
+ */
+export declare function cmdBaemailRefund(requestId: string | undefined): Promise<never>;

package/dist/scripts/baemail/commands.js

@@ -0,0 +1,258 @@
+/**
+ * Baemail commands - paid message forwarding service.
+ */
+import fs from 'node:fs';
+import { PATHS } from '../config.js';
+import { ok, fail } from '../output.js';
+import { loadIdentity } from '../wallet/identity.js';
+import { ensureStateDir } from '../utils/storage.js';
+import { fetchWithTimeout } from '../utils/woc.js';
+/**
+ * Load baemail configuration.
+ */
+export function loadBaemailConfig() {
+    try {
+        if (fs.existsSync(PATHS.baemailConfig)) {
+            return JSON.parse(fs.readFileSync(PATHS.baemailConfig, 'utf-8'));
+        }
+    }
+    catch (err) {
+        console.warn(`[baemail] Warning: Could not read config: ${err.message}`);
+    }
+    return null;
+}
+/**
+ * Save baemail configuration.
+ */
+export function saveBaemailConfig(config) {
+    ensureStateDir();
+    fs.writeFileSync(PATHS.baemailConfig, JSON.stringify(config, null, 2));
+}
+/**
+ * Setup baemail service with delivery channel and tier pricing.
+ */
+export async function cmdBaemailSetup(channel, standardStr, priorityStr, urgentStr) {
+    if (!channel || !standardStr) {
+        return fail('Usage: baemail-setup <channel> <standardSats> [prioritySats] [urgentSats]');
+    }
+    const standard = parseInt(standardStr, 10);
+    const priority = priorityStr ? parseInt(priorityStr, 10) : standard * 2;
+    const urgent = urgentStr ? parseInt(urgentStr, 10) : standard * 5;
+    if (isNaN(standard) || standard < 1) {
+        return fail('Standard rate must be a positive integer (sats)');
+    }
+    if (priority < standard) {
+        return fail('Priority rate must be >= standard rate');
+    }
+    if (urgent < priority) {
+        return fail('Urgent rate must be >= priority rate');
+    }
+    const config = {
+        deliveryChannel: channel,
+        tiers: { standard, priority, urgent },
+        maxMessageLength: 4000,
+        blocklist: [],
+        createdAt: new Date().toISOString(),
+        updatedAt: new Date().toISOString(),
+    };
+    saveBaemailConfig(config);
+    return ok({
+        configured: true,
+        deliveryChannel: channel,
+        tiers: config.tiers,
+        note: `Advertise with: cli advertise baemail "Baemail" "Paid message forwarding. Pay ${standard}+ sats to reach me." ${standard}`,
+    });
+}
+/**
+ * View current baemail configuration.
+ */
+export async function cmdBaemailConfig() {
+    const config = loadBaemailConfig();
+    if (!config) {
+        return fail('Baemail not configured. Run: baemail-setup <channel> <standardSats> [prioritySats] [urgentSats]');
+    }
+    return ok(config);
+}
+/**
+ * Block a sender from using baemail.
+ */
+export async function cmdBaemailBlock(identityKey) {
+    if (!identityKey)
+        return fail('Usage: baemail-block <identityKey>');
+    const config = loadBaemailConfig();
+    if (!config) {
+        return fail('Baemail not configured. Run baemail-setup first.');
+    }
+    if (!config.blocklist)
+        config.blocklist = [];
+    if (config.blocklist.includes(identityKey)) {
+        return fail('Identity already blocked');
+    }
+    config.blocklist.push(identityKey);
+    config.updatedAt = new Date().toISOString();
+    saveBaemailConfig(config);
+    return ok({ blocked: identityKey, totalBlocked: config.blocklist.length });
+}
+/**
+ * Unblock a sender.
+ */
+export async function cmdBaemailUnblock(identityKey) {
+    if (!identityKey)
+        return fail('Usage: baemail-unblock <identityKey>');
+    const config = loadBaemailConfig();
+    if (!config) {
+        return fail('Baemail not configured. Run baemail-setup first.');
+    }
+    if (!config.blocklist || !config.blocklist.includes(identityKey)) {
+        return fail('Identity not in blocklist');
+    }
+    config.blocklist = config.blocklist.filter(k => k !== identityKey);
+    config.updatedAt = new Date().toISOString();
+    saveBaemailConfig(config);
+    return ok({ unblocked: identityKey, totalBlocked: config.blocklist.length });
+}
+/**
+ * View baemail delivery log.
+ */
+export async function cmdBaemailLog(limitStr) {
+    const limit = parseInt(limitStr || '20', 10) || 20;
+    if (!fs.existsSync(PATHS.baemailLog)) {
+        return ok({ log: [], count: 0 });
+    }
+    const lines = fs.readFileSync(PATHS.baemailLog, 'utf-8').split('\n').filter(l => l.trim());
+    const entries = lines.map(l => {
+        try {
+            return JSON.parse(l);
+        }
+        catch {
+            return null;
+        }
+    }).filter(Boolean);
+    const recent = entries.slice(-limit).reverse();
+    return ok({ log: recent, count: entries.length, showing: recent.length });
+}
+/**
+ * Refund a failed baemail delivery.
+ */
+export async function cmdBaemailRefund(requestId) {
+    if (!requestId)
+        return fail('Usage: baemail-refund <requestId>');
+    if (!fs.existsSync(PATHS.baemailLog)) {
+        return fail('No baemail log found');
+    }
+    // Find the entry
+    const lines = fs.readFileSync(PATHS.baemailLog, 'utf-8').split('\n').filter(l => l.trim());
+    const entries = lines.map((l, idx) => {
+        try {
+            return { ...JSON.parse(l), _lineIdx: idx };
+        }
+        catch {
+            return null;
+        }
+    }).filter(Boolean);
+    const entry = entries.find(e => e.requestId === requestId);
+    if (!entry) {
+        return fail(`Request ${requestId} not found in baemail log`);
+    }
+    if (entry.deliverySuccess) {
+        return fail('This delivery was successful — no refund needed');
+    }
+    if (entry.refundStatus === 'completed') {
+        return fail('Refund already processed for this request');
+    }
+    // Load wallet and SDK
+    const { identityKey, privKey } = await loadIdentity();
+    const walletIdentityRaw = fs.readFileSync(PATHS.walletIdentity, 'utf-8');
+    const walletIdentity = JSON.parse(walletIdentityRaw);
+    // Dynamic import SDK
+    let sdk;
+    try {
+        sdk = await import('@bsv/sdk');
+    }
+    catch {
+        return fail('Cannot load @bsv/sdk for refund transaction');
+    }
+    const { Transaction, P2PKH, PrivateKey, PublicKey, Hash } = sdk;
+    // Calculate refund amount
+    const refundSats = entry.paidSats - 1; // Keep 1 sat for tx fee
+    if (refundSats < 1) {
+        return fail('Amount too small to refund');
+    }
+    // Derive refund address from sender's identity key
+    const senderPubKey = PublicKey.fromString(entry.from);
+    const refundAddress = senderPubKey.toAddress().toString();
+    try {
+        // Load UTXOs
+        const address = walletIdentity.address;
+        const utxosResp = await fetchWithTimeout(`https://api.whatsonchain.com/v1/bsv/main/address/${address}/unspent`);
+        const utxos = await utxosResp.json();
+        if (!utxos || utxos.length === 0) {
+            return fail('No UTXOs available for refund');
+        }
+        // Build transaction
+        const tx = new Transaction();
+        let totalInput = 0;
+        const rootKey = PrivateKey.fromHex(walletIdentity.rootKeyHex);
+        for (const utxo of utxos) {
+            if (totalInput >= refundSats + 50)
+                break;
+            tx.addInput({
+                sourceTXID: utxo.tx_hash,
+                sourceOutputIndex: utxo.tx_pos,
+                sourceSatoshis: utxo.value,
+                script: new P2PKH().lock(rootKey.toPublicKey().toAddress()).toHex(),
+                unlockingScriptTemplate: new P2PKH().unlock(rootKey),
+            });
+            totalInput += utxo.value;
+        }
+        if (totalInput < refundSats + 10) {
+            return fail('Insufficient funds for refund');
+        }
+        // Refund output
+        tx.addOutput({
+            satoshis: refundSats,
+            lockingScript: new P2PKH().lock(refundAddress),
+        });
+        // Change output
+        const fee = 10;
+        const change = totalInput - refundSats - fee;
+        if (change > 1) {
+            tx.addOutput({
+                satoshis: change,
+                lockingScript: new P2PKH().lock(rootKey.toPublicKey().toAddress()),
+            });
+        }
+        await tx.sign();
+        // Broadcast
+        const broadcastResp = await fetchWithTimeout('https://api.whatsonchain.com/v1/bsv/main/tx/raw', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ txhex: tx.toHex() }),
+        });
+        if (!broadcastResp.ok) {
+            const errBody = await broadcastResp.text();
+            return fail(`Broadcast failed: ${errBody}`);
+        }
+        const txid = tx.id('hex');
+        // Update log entry
+        const updatedLines = lines.map((l, idx) => {
+            if (idx === entry._lineIdx) {
+                const updated = { ...JSON.parse(l), refundStatus: 'completed', refundTxid: txid, refundedAt: new Date().toISOString() };
+                return JSON.stringify(updated);
+            }
+            return l;
+        });
+        fs.writeFileSync(PATHS.baemailLog, updatedLines.join('\n') + '\n');
+        return ok({
+            refunded: true,
+            requestId,
+            refundSats,
+            refundAddress,
+            txid,
+            note: `Refunded ${refundSats} sats to sender`,
+        });
+    }
+    catch (err) {
+        return fail(`Refund failed: ${err.message}`);
+    }
+}

package/dist/scripts/baemail/handler.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Baemail service handler - processes incoming paid messages.
+ */
+interface BaemailInput {
+    message?: string;
+    senderName?: string;
+    replyIdentityKey?: string;
+}
+interface ServiceMessage {
+    id: string;
+    from: string;
+    payload?: {
+        input?: BaemailInput;
+        payment?: any;
+    };
+}
+interface ProcessResult {
+    id: string;
+    type: string;
+    serviceId: string;
+    action: string;
+    tier?: string;
+    deliverySuccess?: boolean;
+    deliveryError?: string | null | undefined;
+    paymentAccepted?: boolean;
+    paymentTxid?: string;
+    satoshisReceived?: number;
+    from: string;
+    ack: boolean;
+    reason?: string | null;
+}
+/**
+ * Process incoming baemail service request.
+ */
+export declare function processBaemail(msg: ServiceMessage, identityKey: string, privKey: any): Promise<ProcessResult>;
+export {};