tenzro-sdk 0.1.0 → 0.2.0

package/dist/auth.js

@@ -0,0 +1,226 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthClient = void 0;
+/**
+ * Client for OAuth 2.1 + DPoP onboarding RPCs.
+ *
+ * Onboarding uses OAuth 2.1 (RFC 6749 successor) + DPoP-bound JWTs
+ * (RFC 9449) + Rich Authorization Requests (RFC 9396). Participants —
+ * humans, delegated agents under a human controller, and fully autonomous
+ * agents — onboard via the three RPCs exposed here. Each call provisions
+ * a TDIP identity (+ MPC wallet) and returns a JWT bound to a
+ * holder-supplied DPoP `jkt` (RFC 7638 thumbprint of the holder's
+ * Ed25519 public key).
+ *
+ * Subsequent privileged calls (sign + send transaction, escrow create,
+ * release/refund, etc.) authenticate by sending the JWT in the
+ * `Authorization: DPoP <jwt>` header alongside a per-request DPoP proof
+ * in the `DPoP` header. The SDK forwards both headers automatically when
+ * the `TENZRO_BEARER_JWT` and `TENZRO_DPOP_PROOF` environment variables
+ * are set in Node — see {@link RpcClient} for the transport-level wiring.
+ */
+class AuthClient {
+    rpc;
+    constructor(rpc) {
+        this.rpc = rpc;
+    }
+    /**
+     * Onboard a new **human** participant — provisions a TDIP `did:tenzro:human:*`
+     * identity, a fresh MPC wallet, and returns an OAuth 2.1 access token.
+     *
+     * @param displayName - human-readable label surfaced in approver UIs
+     * @param dpopJkt - optional RFC 7638 JWK thumbprint of the holder's
+     *   Ed25519 public key. If supplied, the issued JWT is DPoP-bound to
+     *   that key and every subsequent privileged call must accompany the
+     *   bearer with a fresh DPoP proof signed by the same key. Strongly
+     *   recommended.
+     */
+    async onboardHuman(displayName, dpopJkt) {
+        const params = { display_name: displayName };
+        if (dpopJkt)
+            params.dpop_jkt = dpopJkt;
+        return this.rpc.call("tenzro_onboardHuman", params);
+    }
+    /**
+     * Onboard a **delegated agent** that acts on behalf of an existing
+     * `controllerDid` (typically a human). The agent inherits the
+     * controller's act-chain and is bounded by `delegationScope`.
+     *
+     * Revoking the controller DID via {@link revokeDid} cascades and
+     * invalidates this agent's token automatically.
+     */
+    async onboardDelegatedAgent(controllerDid, capabilities, delegationScope, dpopJkt) {
+        const params = {
+            controller_did: controllerDid,
+            capabilities,
+            delegation_scope: delegationScope,
+        };
+        if (dpopJkt)
+            params.dpop_jkt = dpopJkt;
+        return this.rpc.call("tenzro_onboardDelegatedAgent", params);
+    }
+    /**
+     * Onboard a **fully autonomous agent**. Unlike a delegated agent, this
+     * has no human controller — instead the agent must post a TNZO bond
+     * (slashable on misbehaviour) at `bondFundingAddress` before
+     * onboarding succeeds.
+     */
+    async onboardAutonomousAgent(bondFundingAddress, dpopJkt) {
+        const params = {
+            bond_funding_address: bondFundingAddress,
+        };
+        if (dpopJkt)
+            params.dpop_jkt = dpopJkt;
+        return this.rpc.call("tenzro_onboardAutonomousAgent", params);
+    }
+    /**
+     * Exchange a long-lived refresh token for a fresh access token. Mirrors
+     * OAuth 2.1 `grant_type=refresh_token`. Refresh tokens are opaque UUIDs
+     * with a 30-day TTL; access tokens are HS256 JWTs with a 1-hour TTL.
+     *
+     * If `dpopJkt` is supplied, the new access token is DPoP-bound to that
+     * thumbprint. The refresh token itself is **not** rotated in V1.
+     */
+    async refreshToken(refreshToken, dpopJkt) {
+        const params = { refresh_token: refreshToken };
+        if (dpopJkt)
+            params.dpop_jkt = dpopJkt;
+        return this.rpc.call("tenzro_refreshToken", params);
+    }
+    /**
+     * Mint a fresh access + refresh token pair against an existing MPC
+     * wallet. Useful when the holder already provisioned a wallet via
+     * `tenzro_createWallet` and now wants OAuth-style auth credentials
+     * without re-running the full onboarding flow.
+     *
+     * Returns the same shape as the three onboard variants —
+     * {@link OnboardSession} — so it slots into existing session-management
+     * code.
+     */
+    async linkWalletForAuth(walletId, options) {
+        const params = { wallet_id: walletId };
+        if (options?.dpopJkt)
+            params.dpop_jkt = options.dpopJkt;
+        if (options?.displayName)
+            params.display_name = options.displayName;
+        if (options?.ttlSecs)
+            params.ttl_secs = options.ttlSecs;
+        return this.rpc.call("tenzro_linkWalletForAuth", params);
+    }
+    /**
+     * Revoke a single JWT by its `jti` claim. The token is added to the
+     * engine's revocation set and any subsequent validation fails.
+     */
+    async revokeJwt(jti, reason) {
+        return this.rpc.call("tenzro_revokeJwt", {
+            jti,
+            reason: reason ?? "revoked via SDK",
+        });
+    }
+    /**
+     * Revoke an entire identity by DID. Every JWT minted under this DID
+     * (and every descendant DID in the act-chain) is invalidated
+     * transitively.
+     */
+    async revokeDid(did, reason) {
+        return this.rpc.call("tenzro_revokeDid", {
+            did,
+            reason: reason ?? "revoked via SDK",
+        });
+    }
+    /**
+     * TDIP/GDPR Article 17 right-to-erasure. Hard-deletes a previously
+     * revoked identity from the registry and persistent storage.
+     *
+     * The identity MUST already be `Revoked` — call {@link revokeDid} first,
+     * allow the cascading revocation broadcaster to propagate, and then
+     * call this. Distinct from `revokeDid` which is a logical delete.
+     */
+    async forgetIdentity(did) {
+        return this.rpc.call("tenzro_forgetIdentity", { did });
+    }
+    /**
+     * List approvals in `Pending` status for the given approver DID.
+     * Returns the records the approver should review and decide on.
+     */
+    async listPendingApprovals(approverDid) {
+        return this.rpc.call("tenzro_listPendingApprovals", {
+            approver_did: approverDid,
+        });
+    }
+    /**
+     * Decide a pending approval — either `"approved"` or `"denied"`. Only
+     * the recorded approver DID may decide; mismatched approvers are
+     * rejected with JSON-RPC error code `-32001` (forbidden).
+     */
+    async decideApproval(approvalId, decision, approverDid) {
+        return this.rpc.call("tenzro_decideApproval", {
+            approval_id: approvalId,
+            decision,
+            approver_did: approverDid,
+        });
+    }
+    /**
+     * **RFC 8693 OAuth 2.0 Token Exchange.** Exchange a parent JWT for a
+     * narrower child JWT bound to a different DPoP key, with a strictly
+     * subset of the parent's RAR grants and AAP capabilities. The child
+     * token's `controller_did` is set to the parent's `sub`, extending the
+     * act-chain by one hop.
+     *
+     * Subset enforcement is performed by the AS — `requestedRar` and
+     * `requestedAapCapabilities` must be a strict subset of what the parent
+     * already holds. Anything outside the parent's authority is rejected
+     * with JSON-RPC error code `-32002`.
+     *
+     * @param subjectToken - the parent JWT (validated for signature, exp,
+     *   and revocation by the AS)
+     * @param childBearerDid - DID that will be the `sub` of the child JWT
+     * @param childDpopJkt - RFC 7638 JWK thumbprint of the child holder's
+     *   Ed25519 public key. The child token will be DPoP-bound to it.
+     * @param requestedRar - typed scope envelope (RFC 9396) the child should
+     *   carry. Must be a subset of the parent's `authorization_details`.
+     * @param requestedAapCapabilities - AAP `aap_capabilities` claim list.
+     *   Must be a subset of the parent's capabilities.
+     * @param requestedTtlSecs - optional override; clamped to the engine's
+     *   `max_ttl_secs` and parent's remaining lifetime.
+     */
+    async exchangeToken(subjectToken, childBearerDid, childDpopJkt, requestedRar, requestedAapCapabilities, requestedTtlSecs) {
+        const params = {
+            subject_token: subjectToken,
+            child_bearer_did: childBearerDid,
+            child_dpop_jkt: childDpopJkt,
+            requested_rar: requestedRar,
+            requested_aap_capabilities: requestedAapCapabilities,
+        };
+        if (requestedTtlSecs !== undefined) {
+            params.requested_ttl_secs = requestedTtlSecs;
+        }
+        return this.rpc.call("tenzro_exchangeToken", params);
+    }
+    /**
+     * **RFC 7662 OAuth 2.0 Token Introspection.** Ask the AS whether a
+     * token is currently active and, if so, return its full claim set
+     * (RAR, AAP, cnf, controller_did, etc.). Per RFC 7662 §2.2 a failed
+     * validation returns `{ active: false }` with no other fields — the AS
+     * deliberately does not leak why the token is inactive.
+     *
+     * Use this from a downstream resource server that wants to validate a
+     * bearer token without re-implementing JWT signature checking.
+     */
+    async introspectToken(token) {
+        return this.rpc.call("tenzro_introspectToken", {
+            token,
+        });
+    }
+    /**
+     * **RFC 8414 / RFC 9728 OAuth Authorization Server / Protected Resource
+     * Metadata.** Returns the same metadata document the AS publishes at
+     * `GET /.well-known/openid-configuration`. Useful for JSON-RPC-only
+     * clients (CLI, agents) that don't want to also speak HTTP discovery.
+     */
+    async oauthDiscovery() {
+        return this.rpc.call("tenzro_oauthDiscovery", []);
+    }
+}
+exports.AuthClient = AuthClient;
+//# sourceMappingURL=auth.js.map

package/dist/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":";;;AAEA;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAa,UAAU;IACD;IAApB,YAAoB,GAAc;QAAd,QAAG,GAAH,GAAG,CAAW;IAAG,CAAC;IAEtC;;;;;;;;;;OAUG;IACH,KAAK,CAAC,YAAY,CAChB,WAAmB,EACnB,OAAgB;QAEhB,MAAM,MAAM,GAA4B,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC;QACtE,IAAI,OAAO;YAAE,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC;QACvC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAiB,qBAAqB,EAAE,MAAM,CAAC,CAAC;IACtE,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,qBAAqB,CACzB,aAAqB,EACrB,YAAsB,EACtB,eAAwB,EACxB,OAAgB;QAEhB,MAAM,MAAM,GAA4B;YACtC,cAAc,EAAE,aAAa;YAC7B,YAAY;YACZ,gBAAgB,EAAE,eAAe;SAClC,CAAC;QACF,IAAI,OAAO;YAAE,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC;QACvC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAClB,8BAA8B,EAC9B,MAAM,CACP,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,sBAAsB,CAC1B,kBAA0B,EAC1B,OAAgB;QAEhB,MAAM,MAAM,GAA4B;YACtC,oBAAoB,EAAE,kBAAkB;SACzC,CAAC;QACF,IAAI,OAAO;YAAE,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC;QACvC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAClB,+BAA+B,EAC/B,MAAM,CACP,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,YAAY,CAChB,YAAoB,EACpB,OAAgB;QAEhB,MAAM,MAAM,GAA4B,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC;QACxE,IAAI,OAAO;YAAE,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC;QACvC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAiB,qBAAqB,EAAE,MAAM,CAAC,CAAC;IACtE,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,iBAAiB,CACrB,QAAgB,EAChB,OAIC;QAED,MAAM,MAAM,GAA4B,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;QAChE,IAAI,OAAO,EAAE,OAAO;YAAE,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;QACxD,IAAI,OAAO,EAAE,WAAW;YAAE,MAAM,CAAC,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC;QACpE,IAAI,OAAO,EAAE,OAAO;YAAE,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;QACxD,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAClB,0BAA0B,EAC1B,MAAM,CACP,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,MAAe;QAC1C,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAiB,kBAAkB,EAAE;YACvD,GAAG;YACH,MAAM,EAAE,MAAM,IAAI,iBAAiB;SACpC,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,MAAe;QAC1C,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAiB,kBAAkB,EAAE;YACvD,GAAG;YACH,MAAM,EAAE,MAAM,IAAI,iBAAiB;SACpC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,cAAc,CAAC,GAAW;QAC9B,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;IACzD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,oBAAoB,CACxB,WAAmB;QAEnB,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAmB,6BAA6B,EAAE;YACpE,YAAY,EAAE,WAAW;SAC1B,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,cAAc,CAClB,UAAkB,EAClB,QAA+B,EAC/B,WAAmB;QAEnB,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAmB,uBAAuB,EAAE;YAC9D,WAAW,EAAE,UAAU;YACvB,QAAQ;YACR,YAAY,EAAE,WAAW;SAC1B,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,KAAK,CAAC,aAAa,CACjB,YAAoB,EACpB,cAAsB,EACtB,YAAoB,EACpB,YAAqB,EACrB,wBAAmC,EACnC,gBAAyB;QAEzB,MAAM,MAAM,GAA4B;YACtC,aAAa,EAAE,YAAY;YAC3B,gBAAgB,EAAE,cAAc;YAChC,cAAc,EAAE,YAAY;YAC5B,aAAa,EAAE,YAAY;YAC3B,0BAA0B,EAAE,wBAAwB;SACrD,CAAC;QACF,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,MAAM,CAAC,kBAAkB,GAAG,gBAAgB,CAAC;QAC/C,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAsB,sBAAsB,EAAE,MAAM,CAAC,CAAC;IAC5E,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,eAAe,CAAC,KAAa;QACjC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAsB,wBAAwB,EAAE;YAClE,KAAK;SACN,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,cAAc;QAClB,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAiB,uBAAuB,EAAE,EAAE,CAAC,CAAC;IACpE,CAAC;CACF;AAxPD,gCAwPC"}

package/dist/bond.d.ts

@@ -0,0 +1,70 @@
+import { RpcClient } from "./rpc";
+/**
+ * Client for AgentBond operations (Agent-Swarm Spec 9).
+ *
+ * Bonds are TNZO-denominated stakes posted by a controller against a
+ * specific agent DID. While Active and ≥ `bond_min_for_promotion`, the
+ * bonded agent is promoted to the Delegated admission lane. Bonds are
+ * locked at a deterministic vault address derived from the agent DID:
+ * `Address(SHA-256("tenzro/agent-bond/vault" || agent_did))`.
+ *
+ * Read methods query node state directly. Write methods build typed
+ * `PostAgentBond` / `IncreaseAgentBond` / `WithdrawAgentBond`
+ * transactions and submit them through `tenzro_signAndSendTransaction`,
+ * matching the {@link SettlementClient.createEscrow} pattern.
+ */
+export declare class BondClient {
+    private rpc;
+    constructor(rpc: RpcClient);
+    /**
+     * Fetch a single AgentBond record by its 32-byte bond id.
+     * @param bondId - 32-byte bond identifier (hex with or without 0x)
+     * @returns Bond record or null if not found
+     */
+    getAgentBond(bondId: string): Promise<any>;
+    /**
+     * List all AgentBonds posted by a given controller DID.
+     * @param controllerDid - The controller DID (e.g. `did:tenzro:human:...`)
+     * @returns Array of bond records (empty if controller has none)
+     */
+    listAgentBondsByController(controllerDid: string): Promise<any[]>;
+    /**
+     * Post a fresh AgentBond for `agentDid` from `controller` (the controller
+     * wallet address, used as `tx.from`). Locks `amount` TNZO into the bond
+     * vault and promotes the agent to Delegated lane while ≥
+     * `bond_min_for_promotion`.
+     *
+     * Authentication is ambient (DPoP-bound bearer JWT). Signing happens
+     * server-side against the holder's MPC wallet.
+     *
+     * @param controller - Controller wallet address (signer / `tx.from`)
+     * @param agentDid - DID of the agent being bonded
+     * @param controllerDid - DID of the controller posting the bond
+     * @param amount - TNZO base units to lock
+     * @returns Transaction hash
+     */
+    postAgentBond(controller: string, agentDid: string, controllerDid: string, amount: bigint): Promise<string>;
+    /**
+     * Top up an existing Active AgentBond by `amount`. `tx.from` MUST equal
+     * the original poster (the bond's controller).
+     *
+     * @param controller - Controller wallet address (signer / `tx.from`)
+     * @param agentDid - DID of the bonded agent
+     * @param amount - Additional TNZO base units to lock
+     * @returns Transaction hash
+     */
+    increaseAgentBond(controller: string, agentDid: string, amount: bigint): Promise<string>;
+    /**
+     * Initiate the cooldown timer on an Active AgentBond. Funds are not
+     * released by the VM — finalisation happens off-VM via the node-side
+     * `BondManager` once `cooldown_ms` has elapsed. `tx.from` MUST equal
+     * the bond's controller.
+     *
+     * @param controller - Controller wallet address (signer / `tx.from`)
+     * @param agentDid - DID of the bonded agent
+     * @returns Transaction hash
+     */
+    withdrawAgentBond(controller: string, agentDid: string): Promise<string>;
+    private fetchNonceAndChainId;
+}
+//# sourceMappingURL=bond.d.ts.map

package/dist/bond.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bond.d.ts","sourceRoot":"","sources":["../src/bond.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAElC;;;;;;;;;;;;;GAaG;AACH,qBAAa,UAAU;IACT,OAAO,CAAC,GAAG;gBAAH,GAAG,EAAE,SAAS;IAElC;;;;OAIG;IACG,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAIhD;;;;OAIG;IACG,0BAA0B,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAMvE;;;;;;;;;;;;;;OAcG;IACG,aAAa,CACjB,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,CAAC;IA6BlB;;;;;;;;OAQG;IACG,iBAAiB,CACrB,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,CAAC;IA4BlB;;;;;;;;;OASG;IACG,iBAAiB,CACrB,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC;YAyBJ,oBAAoB;CAsBnC"}

package/dist/bond.js

@@ -0,0 +1,172 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BondClient = void 0;
+/**
+ * Client for AgentBond operations (Agent-Swarm Spec 9).
+ *
+ * Bonds are TNZO-denominated stakes posted by a controller against a
+ * specific agent DID. While Active and ≥ `bond_min_for_promotion`, the
+ * bonded agent is promoted to the Delegated admission lane. Bonds are
+ * locked at a deterministic vault address derived from the agent DID:
+ * `Address(SHA-256("tenzro/agent-bond/vault" || agent_did))`.
+ *
+ * Read methods query node state directly. Write methods build typed
+ * `PostAgentBond` / `IncreaseAgentBond` / `WithdrawAgentBond`
+ * transactions and submit them through `tenzro_signAndSendTransaction`,
+ * matching the {@link SettlementClient.createEscrow} pattern.
+ */
+class BondClient {
+    rpc;
+    constructor(rpc) {
+        this.rpc = rpc;
+    }
+    /**
+     * Fetch a single AgentBond record by its 32-byte bond id.
+     * @param bondId - 32-byte bond identifier (hex with or without 0x)
+     * @returns Bond record or null if not found
+     */
+    async getAgentBond(bondId) {
+        return this.rpc.call("tenzro_getAgentBond", [bondId]);
+    }
+    /**
+     * List all AgentBonds posted by a given controller DID.
+     * @param controllerDid - The controller DID (e.g. `did:tenzro:human:...`)
+     * @returns Array of bond records (empty if controller has none)
+     */
+    async listAgentBondsByController(controllerDid) {
+        return this.rpc.call("tenzro_listAgentBondsByController", [
+            controllerDid,
+        ]);
+    }
+    /**
+     * Post a fresh AgentBond for `agentDid` from `controller` (the controller
+     * wallet address, used as `tx.from`). Locks `amount` TNZO into the bond
+     * vault and promotes the agent to Delegated lane while ≥
+     * `bond_min_for_promotion`.
+     *
+     * Authentication is ambient (DPoP-bound bearer JWT). Signing happens
+     * server-side against the holder's MPC wallet.
+     *
+     * @param controller - Controller wallet address (signer / `tx.from`)
+     * @param agentDid - DID of the agent being bonded
+     * @param controllerDid - DID of the controller posting the bond
+     * @param amount - TNZO base units to lock
+     * @returns Transaction hash
+     */
+    async postAgentBond(controller, agentDid, controllerDid, amount) {
+        const { nonce, chainId } = await this.fetchNonceAndChainId(controller);
+        const txType = {
+            type: "PostAgentBond",
+            data: {
+                agent_did: agentDid,
+                controller_did: controllerDid,
+                amount: amount.toString(),
+            },
+        };
+        const result = await this.rpc.call("tenzro_signAndSendTransaction", [
+            {
+                from: controller,
+                to: "0x0000000000000000000000000000000000000000000000000000000000000000",
+                value: 0,
+                gas_limit: 75_000,
+                gas_price: 1_000_000_000,
+                nonce,
+                chain_id: chainId,
+                tx_type: txType,
+            },
+        ]);
+        return typeof result === "string"
+            ? result
+            : result?.tx_hash || result?.transaction_hash || "";
+    }
+    /**
+     * Top up an existing Active AgentBond by `amount`. `tx.from` MUST equal
+     * the original poster (the bond's controller).
+     *
+     * @param controller - Controller wallet address (signer / `tx.from`)
+     * @param agentDid - DID of the bonded agent
+     * @param amount - Additional TNZO base units to lock
+     * @returns Transaction hash
+     */
+    async increaseAgentBond(controller, agentDid, amount) {
+        const { nonce, chainId } = await this.fetchNonceAndChainId(controller);
+        const txType = {
+            type: "IncreaseAgentBond",
+            data: {
+                agent_did: agentDid,
+                amount: amount.toString(),
+            },
+        };
+        const result = await this.rpc.call("tenzro_signAndSendTransaction", [
+            {
+                from: controller,
+                to: "0x0000000000000000000000000000000000000000000000000000000000000000",
+                value: 0,
+                gas_limit: 60_000,
+                gas_price: 1_000_000_000,
+                nonce,
+                chain_id: chainId,
+                tx_type: txType,
+            },
+        ]);
+        return typeof result === "string"
+            ? result
+            : result?.tx_hash || result?.transaction_hash || "";
+    }
+    /**
+     * Initiate the cooldown timer on an Active AgentBond. Funds are not
+     * released by the VM — finalisation happens off-VM via the node-side
+     * `BondManager` once `cooldown_ms` has elapsed. `tx.from` MUST equal
+     * the bond's controller.
+     *
+     * @param controller - Controller wallet address (signer / `tx.from`)
+     * @param agentDid - DID of the bonded agent
+     * @returns Transaction hash
+     */
+    async withdrawAgentBond(controller, agentDid) {
+        const { nonce, chainId } = await this.fetchNonceAndChainId(controller);
+        const txType = {
+            type: "WithdrawAgentBond",
+            data: { agent_did: agentDid },
+        };
+        const result = await this.rpc.call("tenzro_signAndSendTransaction", [
+            {
+                from: controller,
+                to: "0x0000000000000000000000000000000000000000000000000000000000000000",
+                value: 0,
+                gas_limit: 50_000,
+                gas_price: 1_000_000_000,
+                nonce,
+                chain_id: chainId,
+                tx_type: txType,
+            },
+        ]);
+        return typeof result === "string"
+            ? result
+            : result?.tx_hash || result?.transaction_hash || "";
+    }
+    async fetchNonceAndChainId(address) {
+        let nonce = 0;
+        let chainId = 1337;
+        try {
+            const nonceHex = await this.rpc.call("eth_getTransactionCount", [
+                address,
+                "latest",
+            ]);
+            nonce = parseInt(nonceHex.replace(/^0x/, ""), 16) || 0;
+        }
+        catch (_) {
+            // ignore — default to 0
+        }
+        try {
+            const chainIdHex = await this.rpc.call("eth_chainId", []);
+            chainId = parseInt(chainIdHex.replace(/^0x/, ""), 16) || 1337;
+        }
+        catch (_) {
+            // ignore — default to 1337
+        }
+        return { nonce, chainId };
+    }
+}
+exports.BondClient = BondClient;
+//# sourceMappingURL=bond.js.map

package/dist/bond.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bond.js","sourceRoot":"","sources":["../src/bond.ts"],"names":[],"mappings":";;;AAEA;;;;;;;;;;;;;GAaG;AACH,MAAa,UAAU;IACD;IAApB,YAAoB,GAAc;QAAd,QAAG,GAAH,GAAG,CAAW;IAAG,CAAC;IAEtC;;;;OAIG;IACH,KAAK,CAAC,YAAY,CAAC,MAAc;QAC/B,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IACxD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,0BAA0B,CAAC,aAAqB;QACpD,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAQ,mCAAmC,EAAE;YAC/D,aAAa;SACd,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,aAAa,CACjB,UAAkB,EAClB,QAAgB,EAChB,aAAqB,EACrB,MAAc;QAEd,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;QACvE,MAAM,MAAM,GAAG;YACb,IAAI,EAAE,eAAe;YACrB,IAAI,EAAE;gBACJ,SAAS,EAAE,QAAQ;gBACnB,cAAc,EAAE,aAAa;gBAC7B,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE;aAC1B;SACF,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAM,+BAA+B,EAAE;YACvE;gBACE,IAAI,EAAE,UAAU;gBAChB,EAAE,EAAE,oEAAoE;gBACxE,KAAK,EAAE,CAAC;gBACR,SAAS,EAAE,MAAM;gBACjB,SAAS,EAAE,aAAa;gBACxB,KAAK;gBACL,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,MAAM;aAChB;SACF,CAAC,CAAC;QAEH,OAAO,OAAO,MAAM,KAAK,QAAQ;YAC/B,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,MAAM,EAAE,OAAO,IAAI,MAAM,EAAE,gBAAgB,IAAI,EAAE,CAAC;IACxD,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,iBAAiB,CACrB,UAAkB,EAClB,QAAgB,EAChB,MAAc;QAEd,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;QACvE,MAAM,MAAM,GAAG;YACb,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE;gBACJ,SAAS,EAAE,QAAQ;gBACnB,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE;aAC1B;SACF,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAM,+BAA+B,EAAE;YACvE;gBACE,IAAI,EAAE,UAAU;gBAChB,EAAE,EAAE,oEAAoE;gBACxE,KAAK,EAAE,CAAC;gBACR,SAAS,EAAE,MAAM;gBACjB,SAAS,EAAE,aAAa;gBACxB,KAAK;gBACL,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,MAAM;aAChB;SACF,CAAC,CAAC;QAEH,OAAO,OAAO,MAAM,KAAK,QAAQ;YAC/B,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,MAAM,EAAE,OAAO,IAAI,MAAM,EAAE,gBAAgB,IAAI,EAAE,CAAC;IACxD,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,iBAAiB,CACrB,UAAkB,EAClB,QAAgB;QAEhB,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;QACvE,MAAM,MAAM,GAAG;YACb,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE;SAC9B,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAM,+BAA+B,EAAE;YACvE;gBACE,IAAI,EAAE,UAAU;gBAChB,EAAE,EAAE,oEAAoE;gBACxE,KAAK,EAAE,CAAC;gBACR,SAAS,EAAE,MAAM;gBACjB,SAAS,EAAE,aAAa;gBACxB,KAAK;gBACL,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,MAAM;aAChB;SACF,CAAC,CAAC;QAEH,OAAO,OAAO,MAAM,KAAK,QAAQ;YAC/B,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,MAAM,EAAE,OAAO,IAAI,MAAM,EAAE,gBAAgB,IAAI,EAAE,CAAC;IACxD,CAAC;IAEO,KAAK,CAAC,oBAAoB,CAChC,OAAe;QAEf,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,OAAO,GAAG,IAAI,CAAC;QACnB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAS,yBAAyB,EAAE;gBACtE,OAAO;gBACP,QAAQ;aACT,CAAC,CAAC;YACH,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;QACzD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,wBAAwB;QAC1B,CAAC;QACD,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAS,aAAa,EAAE,EAAE,CAAC,CAAC;YAClE,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC;QAChE,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,2BAA2B;QAC7B,CAAC;QACD,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IAC5B,CAAC;CACF;AA7KD,gCA6KC"}

package/dist/cct.d.ts

@@ -0,0 +1,53 @@
+import type { RpcClient } from './rpc';
+/**
+ * Metadata for a single TNZO CCT pool on one chain.
+ */
+export interface CctPool {
+    /** CAIP-2 or Chainlink chain id. */
+    chain_id: string;
+    /** Chainlink CCIP chain selector. */
+    chain_selector: string;
+    /** Deployed pool contract address. */
+    pool_address: string;
+    /** Underlying TNZO token contract address on the chain. */
+    token_address: string;
+    /** Pool type ("LockRelease" on Ethereum; "BurnMint" elsewhere). */
+    pool_type: string;
+    /** Contract name (e.g. "LockReleaseTokenPool"). */
+    contract_name: string;
+    /** Outbound rate-limiter capacity (decimal string). */
+    outbound_capacity: string;
+    /** Inbound rate-limiter capacity (decimal string). */
+    inbound_capacity: string;
+    /** Rate-limiter refill rate (decimal string). */
+    refill_rate: string;
+}
+/**
+ * List of TNZO CCT pools.
+ */
+export interface CctPoolList {
+    /** Number of registered pools. */
+    count: number;
+    /** Per-chain pool entries. */
+    pools: CctPool[];
+}
+/**
+ * Client for the TNZO CCT (Chainlink Cross-Chain Token) pool registry.
+ *
+ * Ethereum uses a LockRelease pool; Base, Arbitrum, Optimism, and Solana
+ * use BurnMint pools.
+ */
+export declare class CctClient {
+    private readonly rpc;
+    constructor(rpc: RpcClient);
+    /**
+     * List all registered TNZO CCT pools.
+     */
+    listPools(): Promise<CctPoolList>;
+    /**
+     * Get a single TNZO CCT pool by chain name
+     * (e.g. `ethereum`, `base`, `arbitrum`, `optimism`, `solana`).
+     */
+    getPool(chain: string): Promise<CctPool>;
+}
+//# sourceMappingURL=cct.d.ts.map

package/dist/cct.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cct.d.ts","sourceRoot":"","sources":["../src/cct.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAEvC;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,oCAAoC;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,qCAAqC;IACrC,cAAc,EAAE,MAAM,CAAC;IACvB,sCAAsC;IACtC,YAAY,EAAE,MAAM,CAAC;IACrB,2DAA2D;IAC3D,aAAa,EAAE,MAAM,CAAC;IACtB,mEAAmE;IACnE,SAAS,EAAE,MAAM,CAAC;IAClB,mDAAmD;IACnD,aAAa,EAAE,MAAM,CAAC;IACtB,uDAAuD;IACvD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,sDAAsD;IACtD,gBAAgB,EAAE,MAAM,CAAC;IACzB,iDAAiD;IACjD,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,kCAAkC;IAClC,KAAK,EAAE,MAAM,CAAC;IACd,8BAA8B;IAC9B,KAAK,EAAE,OAAO,EAAE,CAAC;CAClB;AAED;;;;;GAKG;AACH,qBAAa,SAAS;IACR,OAAO,CAAC,QAAQ,CAAC,GAAG;gBAAH,GAAG,EAAE,SAAS;IAE3C;;OAEG;IACG,SAAS,IAAI,OAAO,CAAC,WAAW,CAAC;IAIvC;;;OAGG;IACG,OAAO,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAG/C"}

package/dist/cct.js

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CctClient = void 0;
+/**
+ * Client for the TNZO CCT (Chainlink Cross-Chain Token) pool registry.
+ *
+ * Ethereum uses a LockRelease pool; Base, Arbitrum, Optimism, and Solana
+ * use BurnMint pools.
+ */
+class CctClient {
+    rpc;
+    constructor(rpc) {
+        this.rpc = rpc;
+    }
+    /**
+     * List all registered TNZO CCT pools.
+     */
+    async listPools() {
+        return this.rpc.call('tenzro_cctListPools', [{}]);
+    }
+    /**
+     * Get a single TNZO CCT pool by chain name
+     * (e.g. `ethereum`, `base`, `arbitrum`, `optimism`, `solana`).
+     */
+    async getPool(chain) {
+        return this.rpc.call('tenzro_cctGetPool', [{ chain }]);
+    }
+}
+exports.CctClient = CctClient;
+//# sourceMappingURL=cct.js.map

package/dist/cct.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cct.js","sourceRoot":"","sources":["../src/cct.ts"],"names":[],"mappings":";;;AAoCA;;;;;GAKG;AACH,MAAa,SAAS;IACS;IAA7B,YAA6B,GAAc;QAAd,QAAG,GAAH,GAAG,CAAW;IAAG,CAAC;IAE/C;;OAEG;IACH,KAAK,CAAC,SAAS;QACb,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAc,qBAAqB,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACjE,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO,CAAC,KAAa;QACzB,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAU,mBAAmB,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAClE,CAAC;CACF;AAjBD,8BAiBC"}