tenzro-wallet 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (471) hide show
  1. package/LICENSE +201 -0
  2. package/README.md +128 -0
  3. package/dist/balance/aggregator.d.ts +16 -0
  4. package/dist/balance/aggregator.d.ts.map +1 -0
  5. package/dist/balance/aggregator.js +73 -0
  6. package/dist/balance/aggregator.js.map +1 -0
  7. package/dist/balance/index.d.ts +3 -0
  8. package/dist/balance/index.d.ts.map +1 -0
  9. package/dist/balance/index.js +2 -0
  10. package/dist/balance/index.js.map +1 -0
  11. package/dist/consent/index.d.ts +3 -0
  12. package/dist/consent/index.d.ts.map +1 -0
  13. package/dist/consent/index.js +2 -0
  14. package/dist/consent/index.js.map +1 -0
  15. package/dist/consent/policy.d.ts +27 -0
  16. package/dist/consent/policy.d.ts.map +1 -0
  17. package/dist/consent/policy.js +121 -0
  18. package/dist/consent/policy.js.map +1 -0
  19. package/dist/crypto/eip1559.d.ts +53 -0
  20. package/dist/crypto/eip1559.d.ts.map +1 -0
  21. package/dist/crypto/eip1559.js +79 -0
  22. package/dist/crypto/eip1559.js.map +1 -0
  23. package/dist/crypto/keccak256.d.ts +20 -0
  24. package/dist/crypto/keccak256.d.ts.map +1 -0
  25. package/dist/crypto/keccak256.js +167 -0
  26. package/dist/crypto/keccak256.js.map +1 -0
  27. package/dist/crypto/rlp.d.ts +30 -0
  28. package/dist/crypto/rlp.d.ts.map +1 -0
  29. package/dist/crypto/rlp.js +165 -0
  30. package/dist/crypto/rlp.js.map +1 -0
  31. package/dist/crypto/sha256.d.ts +14 -0
  32. package/dist/crypto/sha256.d.ts.map +1 -0
  33. package/dist/crypto/sha256.js +33 -0
  34. package/dist/crypto/sha256.js.map +1 -0
  35. package/dist/crypto/solana.d.ts +86 -0
  36. package/dist/crypto/solana.d.ts.map +1 -0
  37. package/dist/crypto/solana.js +218 -0
  38. package/dist/crypto/solana.js.map +1 -0
  39. package/dist/custody/frost/backend.d.ts +59 -0
  40. package/dist/custody/frost/backend.d.ts.map +1 -0
  41. package/dist/custody/frost/backend.js +83 -0
  42. package/dist/custody/frost/backend.js.map +1 -0
  43. package/dist/custody/frost/coordinator.d.ts +148 -0
  44. package/dist/custody/frost/coordinator.d.ts.map +1 -0
  45. package/dist/custody/frost/coordinator.js +58 -0
  46. package/dist/custody/frost/coordinator.js.map +1 -0
  47. package/dist/custody/frost/ed25519-driver.d.ts +30 -0
  48. package/dist/custody/frost/ed25519-driver.d.ts.map +1 -0
  49. package/dist/custody/frost/ed25519-driver.js +76 -0
  50. package/dist/custody/frost/ed25519-driver.js.map +1 -0
  51. package/dist/custody/frost/http-adapter.d.ts +77 -0
  52. package/dist/custody/frost/http-adapter.d.ts.map +1 -0
  53. package/dist/custody/frost/http-adapter.js +168 -0
  54. package/dist/custody/frost/http-adapter.js.map +1 -0
  55. package/dist/custody/frost/hybrid-driver.d.ts +37 -0
  56. package/dist/custody/frost/hybrid-driver.d.ts.map +1 -0
  57. package/dist/custody/frost/hybrid-driver.js +60 -0
  58. package/dist/custody/frost/hybrid-driver.js.map +1 -0
  59. package/dist/custody/frost/index.d.ts +12 -0
  60. package/dist/custody/frost/index.d.ts.map +1 -0
  61. package/dist/custody/frost/index.js +6 -0
  62. package/dist/custody/frost/index.js.map +1 -0
  63. package/dist/custody/frost/secp256k1-driver.d.ts +26 -0
  64. package/dist/custody/frost/secp256k1-driver.d.ts.map +1 -0
  65. package/dist/custody/frost/secp256k1-driver.js +78 -0
  66. package/dist/custody/frost/secp256k1-driver.js.map +1 -0
  67. package/dist/custody/index.d.ts +9 -0
  68. package/dist/custody/index.d.ts.map +1 -0
  69. package/dist/custody/index.js +11 -0
  70. package/dist/custody/index.js.map +1 -0
  71. package/dist/custody/internal-mpc.d.ts +14 -0
  72. package/dist/custody/internal-mpc.d.ts.map +1 -0
  73. package/dist/custody/internal-mpc.js +40 -0
  74. package/dist/custody/internal-mpc.js.map +1 -0
  75. package/dist/custody/mldsa/coordinator.d.ts +63 -0
  76. package/dist/custody/mldsa/coordinator.d.ts.map +1 -0
  77. package/dist/custody/mldsa/coordinator.js +44 -0
  78. package/dist/custody/mldsa/coordinator.js.map +1 -0
  79. package/dist/custody/mldsa/driver.d.ts +23 -0
  80. package/dist/custody/mldsa/driver.d.ts.map +1 -0
  81. package/dist/custody/mldsa/driver.js +43 -0
  82. package/dist/custody/mldsa/driver.js.map +1 -0
  83. package/dist/custody/mldsa/http-adapter.d.ts +59 -0
  84. package/dist/custody/mldsa/http-adapter.d.ts.map +1 -0
  85. package/dist/custody/mldsa/http-adapter.js +103 -0
  86. package/dist/custody/mldsa/http-adapter.js.map +1 -0
  87. package/dist/custody/mldsa/index.d.ts +7 -0
  88. package/dist/custody/mldsa/index.d.ts.map +1 -0
  89. package/dist/custody/mldsa/index.js +4 -0
  90. package/dist/custody/mldsa/index.js.map +1 -0
  91. package/dist/custody/pairing/http-adapter.d.ts +40 -0
  92. package/dist/custody/pairing/http-adapter.d.ts.map +1 -0
  93. package/dist/custody/pairing/http-adapter.js +113 -0
  94. package/dist/custody/pairing/http-adapter.js.map +1 -0
  95. package/dist/custody/pairing/index.d.ts +10 -0
  96. package/dist/custody/pairing/index.d.ts.map +1 -0
  97. package/dist/custody/pairing/index.js +8 -0
  98. package/dist/custody/pairing/index.js.map +1 -0
  99. package/dist/custody/pairing/port.d.ts +121 -0
  100. package/dist/custody/pairing/port.d.ts.map +1 -0
  101. package/dist/custody/pairing/port.js +40 -0
  102. package/dist/custody/pairing/port.js.map +1 -0
  103. package/dist/custody/passkey-share/http-adapter.d.ts +77 -0
  104. package/dist/custody/passkey-share/http-adapter.d.ts.map +1 -0
  105. package/dist/custody/passkey-share/http-adapter.js +125 -0
  106. package/dist/custody/passkey-share/http-adapter.js.map +1 -0
  107. package/dist/custody/passkey-share/index.d.ts +7 -0
  108. package/dist/custody/passkey-share/index.d.ts.map +1 -0
  109. package/dist/custody/passkey-share/index.js +4 -0
  110. package/dist/custody/passkey-share/index.js.map +1 -0
  111. package/dist/custody/passkey-share/unwrapper.d.ts +174 -0
  112. package/dist/custody/passkey-share/unwrapper.d.ts.map +1 -0
  113. package/dist/custody/passkey-share/unwrapper.js +132 -0
  114. package/dist/custody/passkey-share/unwrapper.js.map +1 -0
  115. package/dist/custody/passkey-share/webauthn-adapter.d.ts +112 -0
  116. package/dist/custody/passkey-share/webauthn-adapter.d.ts.map +1 -0
  117. package/dist/custody/passkey-share/webauthn-adapter.js +150 -0
  118. package/dist/custody/passkey-share/webauthn-adapter.js.map +1 -0
  119. package/dist/custody/surface-key-id.d.ts +15 -0
  120. package/dist/custody/surface-key-id.d.ts.map +1 -0
  121. package/dist/custody/surface-key-id.js +25 -0
  122. package/dist/custody/surface-key-id.js.map +1 -0
  123. package/dist/dapp/eip6963.d.ts +64 -0
  124. package/dist/dapp/eip6963.d.ts.map +1 -0
  125. package/dist/dapp/eip6963.js +55 -0
  126. package/dist/dapp/eip6963.js.map +1 -0
  127. package/dist/dapp/index.d.ts +21 -0
  128. package/dist/dapp/index.d.ts.map +1 -0
  129. package/dist/dapp/index.js +24 -0
  130. package/dist/dapp/index.js.map +1 -0
  131. package/dist/identity/delegate-set.d.ts +57 -0
  132. package/dist/identity/delegate-set.d.ts.map +1 -0
  133. package/dist/identity/delegate-set.js +85 -0
  134. package/dist/identity/delegate-set.js.map +1 -0
  135. package/dist/identity/did.d.ts +17 -0
  136. package/dist/identity/did.d.ts.map +1 -0
  137. package/dist/identity/did.js +60 -0
  138. package/dist/identity/did.js.map +1 -0
  139. package/dist/identity/index.d.ts +14 -0
  140. package/dist/identity/index.d.ts.map +1 -0
  141. package/dist/identity/index.js +8 -0
  142. package/dist/identity/index.js.map +1 -0
  143. package/dist/identity/provision.d.ts +13 -0
  144. package/dist/identity/provision.d.ts.map +1 -0
  145. package/dist/identity/provision.js +151 -0
  146. package/dist/identity/provision.js.map +1 -0
  147. package/dist/identity/provisioning-http-adapter.d.ts +81 -0
  148. package/dist/identity/provisioning-http-adapter.d.ts.map +1 -0
  149. package/dist/identity/provisioning-http-adapter.js +114 -0
  150. package/dist/identity/provisioning-http-adapter.js.map +1 -0
  151. package/dist/identity/recovery-http-adapter.d.ts +83 -0
  152. package/dist/identity/recovery-http-adapter.d.ts.map +1 -0
  153. package/dist/identity/recovery-http-adapter.js +139 -0
  154. package/dist/identity/recovery-http-adapter.js.map +1 -0
  155. package/dist/identity/wallet-new.d.ts +132 -0
  156. package/dist/identity/wallet-new.d.ts.map +1 -0
  157. package/dist/identity/wallet-new.js +94 -0
  158. package/dist/identity/wallet-new.js.map +1 -0
  159. package/dist/identity/wallet-recover.d.ts +116 -0
  160. package/dist/identity/wallet-recover.d.ts.map +1 -0
  161. package/dist/identity/wallet-recover.js +95 -0
  162. package/dist/identity/wallet-recover.js.map +1 -0
  163. package/dist/index.d.ts +12 -0
  164. package/dist/index.d.ts.map +1 -0
  165. package/dist/index.js +11 -0
  166. package/dist/index.js.map +1 -0
  167. package/dist/kernel.d.ts +119 -0
  168. package/dist/kernel.d.ts.map +1 -0
  169. package/dist/kernel.js +144 -0
  170. package/dist/kernel.js.map +1 -0
  171. package/dist/ports/adapters/tenzro-identity-adapter.d.ts +44 -0
  172. package/dist/ports/adapters/tenzro-identity-adapter.d.ts.map +1 -0
  173. package/dist/ports/adapters/tenzro-identity-adapter.js +60 -0
  174. package/dist/ports/adapters/tenzro-identity-adapter.js.map +1 -0
  175. package/dist/ports/adapters/tenzro-sdk-adapter.d.ts +86 -0
  176. package/dist/ports/adapters/tenzro-sdk-adapter.d.ts.map +1 -0
  177. package/dist/ports/adapters/tenzro-sdk-adapter.js +100 -0
  178. package/dist/ports/adapters/tenzro-sdk-adapter.js.map +1 -0
  179. package/dist/ports/agent/acp.d.ts +66 -0
  180. package/dist/ports/agent/acp.d.ts.map +1 -0
  181. package/dist/ports/agent/acp.js +27 -0
  182. package/dist/ports/agent/acp.js.map +1 -0
  183. package/dist/ports/agent/adapters/acp-adapter.d.ts +67 -0
  184. package/dist/ports/agent/adapters/acp-adapter.d.ts.map +1 -0
  185. package/dist/ports/agent/adapters/acp-adapter.js +70 -0
  186. package/dist/ports/agent/adapters/acp-adapter.js.map +1 -0
  187. package/dist/ports/agent/adapters/agent-bond-adapter.d.ts +31 -0
  188. package/dist/ports/agent/adapters/agent-bond-adapter.d.ts.map +1 -0
  189. package/dist/ports/agent/adapters/agent-bond-adapter.js +82 -0
  190. package/dist/ports/agent/adapters/agent-bond-adapter.js.map +1 -0
  191. package/dist/ports/agent/adapters/agent-payment-adapter.d.ts +66 -0
  192. package/dist/ports/agent/adapters/agent-payment-adapter.d.ts.map +1 -0
  193. package/dist/ports/agent/adapters/agent-payment-adapter.js +75 -0
  194. package/dist/ports/agent/adapters/agent-payment-adapter.js.map +1 -0
  195. package/dist/ports/agent/adapters/ap2-adapter.d.ts +28 -0
  196. package/dist/ports/agent/adapters/ap2-adapter.d.ts.map +1 -0
  197. package/dist/ports/agent/adapters/ap2-adapter.js +97 -0
  198. package/dist/ports/agent/adapters/ap2-adapter.js.map +1 -0
  199. package/dist/ports/agent/adapters/auth-approval-adapter.d.ts +26 -0
  200. package/dist/ports/agent/adapters/auth-approval-adapter.d.ts.map +1 -0
  201. package/dist/ports/agent/adapters/auth-approval-adapter.js +37 -0
  202. package/dist/ports/agent/adapters/auth-approval-adapter.js.map +1 -0
  203. package/dist/ports/agent/adapters/erc7802-adapter.d.ts +30 -0
  204. package/dist/ports/agent/adapters/erc7802-adapter.d.ts.map +1 -0
  205. package/dist/ports/agent/adapters/erc7802-adapter.js +60 -0
  206. package/dist/ports/agent/adapters/erc7802-adapter.js.map +1 -0
  207. package/dist/ports/agent/adapters/erc8004-adapter.d.ts +54 -0
  208. package/dist/ports/agent/adapters/erc8004-adapter.d.ts.map +1 -0
  209. package/dist/ports/agent/adapters/erc8004-adapter.js +53 -0
  210. package/dist/ports/agent/adapters/erc8004-adapter.js.map +1 -0
  211. package/dist/ports/agent/adapters/escrow-adapter.d.ts +33 -0
  212. package/dist/ports/agent/adapters/escrow-adapter.d.ts.map +1 -0
  213. package/dist/ports/agent/adapters/escrow-adapter.js +109 -0
  214. package/dist/ports/agent/adapters/escrow-adapter.js.map +1 -0
  215. package/dist/ports/agent/adapters/fee-estimator-adapter.d.ts +31 -0
  216. package/dist/ports/agent/adapters/fee-estimator-adapter.d.ts.map +1 -0
  217. package/dist/ports/agent/adapters/fee-estimator-adapter.js +103 -0
  218. package/dist/ports/agent/adapters/fee-estimator-adapter.js.map +1 -0
  219. package/dist/ports/agent/adapters/htlc-escrow-adapter.d.ts +68 -0
  220. package/dist/ports/agent/adapters/htlc-escrow-adapter.d.ts.map +1 -0
  221. package/dist/ports/agent/adapters/htlc-escrow-adapter.js +131 -0
  222. package/dist/ports/agent/adapters/htlc-escrow-adapter.js.map +1 -0
  223. package/dist/ports/agent/adapters/insurance-adapter.d.ts +32 -0
  224. package/dist/ports/agent/adapters/insurance-adapter.d.ts.map +1 -0
  225. package/dist/ports/agent/adapters/insurance-adapter.js +103 -0
  226. package/dist/ports/agent/adapters/insurance-adapter.js.map +1 -0
  227. package/dist/ports/agent/adapters/lifecycle-adapter.d.ts +26 -0
  228. package/dist/ports/agent/adapters/lifecycle-adapter.d.ts.map +1 -0
  229. package/dist/ports/agent/adapters/lifecycle-adapter.js +136 -0
  230. package/dist/ports/agent/adapters/lifecycle-adapter.js.map +1 -0
  231. package/dist/ports/agent/adapters/nanopayment-adapter.d.ts +62 -0
  232. package/dist/ports/agent/adapters/nanopayment-adapter.d.ts.map +1 -0
  233. package/dist/ports/agent/adapters/nanopayment-adapter.js +76 -0
  234. package/dist/ports/agent/adapters/nanopayment-adapter.js.map +1 -0
  235. package/dist/ports/agent/adapters/payment-rails-adapter.d.ts +67 -0
  236. package/dist/ports/agent/adapters/payment-rails-adapter.d.ts.map +1 -0
  237. package/dist/ports/agent/adapters/payment-rails-adapter.js +108 -0
  238. package/dist/ports/agent/adapters/payment-rails-adapter.js.map +1 -0
  239. package/dist/ports/agent/adapters/principal-chain-adapter.d.ts +23 -0
  240. package/dist/ports/agent/adapters/principal-chain-adapter.d.ts.map +1 -0
  241. package/dist/ports/agent/adapters/principal-chain-adapter.js +156 -0
  242. package/dist/ports/agent/adapters/principal-chain-adapter.js.map +1 -0
  243. package/dist/ports/agent/adapters/session-key-adapter.d.ts +45 -0
  244. package/dist/ports/agent/adapters/session-key-adapter.d.ts.map +1 -0
  245. package/dist/ports/agent/adapters/session-key-adapter.js +80 -0
  246. package/dist/ports/agent/adapters/session-key-adapter.js.map +1 -0
  247. package/dist/ports/agent/adapters/tee-attestation-adapter.d.ts +32 -0
  248. package/dist/ports/agent/adapters/tee-attestation-adapter.d.ts.map +1 -0
  249. package/dist/ports/agent/adapters/tee-attestation-adapter.js +38 -0
  250. package/dist/ports/agent/adapters/tee-attestation-adapter.js.map +1 -0
  251. package/dist/ports/agent/agent-bond.d.ts +80 -0
  252. package/dist/ports/agent/agent-bond.d.ts.map +1 -0
  253. package/dist/ports/agent/agent-bond.js +23 -0
  254. package/dist/ports/agent/agent-bond.js.map +1 -0
  255. package/dist/ports/agent/agent-payment.d.ts +72 -0
  256. package/dist/ports/agent/agent-payment.d.ts.map +1 -0
  257. package/dist/ports/agent/agent-payment.js +17 -0
  258. package/dist/ports/agent/agent-payment.js.map +1 -0
  259. package/dist/ports/agent/ap2.d.ts +104 -0
  260. package/dist/ports/agent/ap2.d.ts.map +1 -0
  261. package/dist/ports/agent/ap2.js +22 -0
  262. package/dist/ports/agent/ap2.js.map +1 -0
  263. package/dist/ports/agent/auth-approval.d.ts +40 -0
  264. package/dist/ports/agent/auth-approval.d.ts.map +1 -0
  265. package/dist/ports/agent/auth-approval.js +23 -0
  266. package/dist/ports/agent/auth-approval.js.map +1 -0
  267. package/dist/ports/agent/erc7802.d.ts +94 -0
  268. package/dist/ports/agent/erc7802.d.ts.map +1 -0
  269. package/dist/ports/agent/erc7802.js +30 -0
  270. package/dist/ports/agent/erc7802.js.map +1 -0
  271. package/dist/ports/agent/erc8004.d.ts +57 -0
  272. package/dist/ports/agent/erc8004.d.ts.map +1 -0
  273. package/dist/ports/agent/erc8004.js +20 -0
  274. package/dist/ports/agent/erc8004.js.map +1 -0
  275. package/dist/ports/agent/escrow.d.ts +74 -0
  276. package/dist/ports/agent/escrow.d.ts.map +1 -0
  277. package/dist/ports/agent/escrow.js +18 -0
  278. package/dist/ports/agent/escrow.js.map +1 -0
  279. package/dist/ports/agent/fee-estimator.d.ts +71 -0
  280. package/dist/ports/agent/fee-estimator.d.ts.map +1 -0
  281. package/dist/ports/agent/fee-estimator.js +21 -0
  282. package/dist/ports/agent/fee-estimator.js.map +1 -0
  283. package/dist/ports/agent/htlc-escrow.d.ts +94 -0
  284. package/dist/ports/agent/htlc-escrow.d.ts.map +1 -0
  285. package/dist/ports/agent/htlc-escrow.js +25 -0
  286. package/dist/ports/agent/htlc-escrow.js.map +1 -0
  287. package/dist/ports/agent/index.d.ts +58 -0
  288. package/dist/ports/agent/index.d.ts.map +1 -0
  289. package/dist/ports/agent/index.js +24 -0
  290. package/dist/ports/agent/index.js.map +1 -0
  291. package/dist/ports/agent/insurance.d.ts +65 -0
  292. package/dist/ports/agent/insurance.d.ts.map +1 -0
  293. package/dist/ports/agent/insurance.js +18 -0
  294. package/dist/ports/agent/insurance.js.map +1 -0
  295. package/dist/ports/agent/lifecycle.d.ts +69 -0
  296. package/dist/ports/agent/lifecycle.d.ts.map +1 -0
  297. package/dist/ports/agent/lifecycle.js +17 -0
  298. package/dist/ports/agent/lifecycle.js.map +1 -0
  299. package/dist/ports/agent/nanopayment.d.ts +72 -0
  300. package/dist/ports/agent/nanopayment.d.ts.map +1 -0
  301. package/dist/ports/agent/nanopayment.js +16 -0
  302. package/dist/ports/agent/nanopayment.js.map +1 -0
  303. package/dist/ports/agent/payment-rails.d.ts +140 -0
  304. package/dist/ports/agent/payment-rails.d.ts.map +1 -0
  305. package/dist/ports/agent/payment-rails.js +25 -0
  306. package/dist/ports/agent/payment-rails.js.map +1 -0
  307. package/dist/ports/agent/principal-chain.d.ts +95 -0
  308. package/dist/ports/agent/principal-chain.d.ts.map +1 -0
  309. package/dist/ports/agent/principal-chain.js +16 -0
  310. package/dist/ports/agent/principal-chain.js.map +1 -0
  311. package/dist/ports/agent/session-key.d.ts +94 -0
  312. package/dist/ports/agent/session-key.d.ts.map +1 -0
  313. package/dist/ports/agent/session-key.js +31 -0
  314. package/dist/ports/agent/session-key.js.map +1 -0
  315. package/dist/ports/agent/tee-attestation.d.ts +51 -0
  316. package/dist/ports/agent/tee-attestation.d.ts.map +1 -0
  317. package/dist/ports/agent/tee-attestation.js +28 -0
  318. package/dist/ports/agent/tee-attestation.js.map +1 -0
  319. package/dist/ports/bridge/adapters/bridge-adapter-base.d.ts +47 -0
  320. package/dist/ports/bridge/adapters/bridge-adapter-base.d.ts.map +1 -0
  321. package/dist/ports/bridge/adapters/bridge-adapter-base.js +144 -0
  322. package/dist/ports/bridge/adapters/bridge-adapter-base.js.map +1 -0
  323. package/dist/ports/bridge/adapters/canton-bridge-adapter.d.ts +30 -0
  324. package/dist/ports/bridge/adapters/canton-bridge-adapter.d.ts.map +1 -0
  325. package/dist/ports/bridge/adapters/canton-bridge-adapter.js +31 -0
  326. package/dist/ports/bridge/adapters/canton-bridge-adapter.js.map +1 -0
  327. package/dist/ports/bridge/adapters/ccip-adapter.d.ts +30 -0
  328. package/dist/ports/bridge/adapters/ccip-adapter.d.ts.map +1 -0
  329. package/dist/ports/bridge/adapters/ccip-adapter.js +31 -0
  330. package/dist/ports/bridge/adapters/ccip-adapter.js.map +1 -0
  331. package/dist/ports/bridge/adapters/debridge-adapter.d.ts +27 -0
  332. package/dist/ports/bridge/adapters/debridge-adapter.d.ts.map +1 -0
  333. package/dist/ports/bridge/adapters/debridge-adapter.js +28 -0
  334. package/dist/ports/bridge/adapters/debridge-adapter.js.map +1 -0
  335. package/dist/ports/bridge/adapters/layerzero-adapter.d.ts +30 -0
  336. package/dist/ports/bridge/adapters/layerzero-adapter.d.ts.map +1 -0
  337. package/dist/ports/bridge/adapters/layerzero-adapter.js +31 -0
  338. package/dist/ports/bridge/adapters/layerzero-adapter.js.map +1 -0
  339. package/dist/ports/bridge/adapters/lifi-adapter.d.ts +48 -0
  340. package/dist/ports/bridge/adapters/lifi-adapter.d.ts.map +1 -0
  341. package/dist/ports/bridge/adapters/lifi-adapter.js +49 -0
  342. package/dist/ports/bridge/adapters/lifi-adapter.js.map +1 -0
  343. package/dist/ports/bridge/adapters/wormhole-adapter.d.ts +26 -0
  344. package/dist/ports/bridge/adapters/wormhole-adapter.d.ts.map +1 -0
  345. package/dist/ports/bridge/adapters/wormhole-adapter.js +27 -0
  346. package/dist/ports/bridge/adapters/wormhole-adapter.js.map +1 -0
  347. package/dist/ports/bridge/bridge.d.ts +123 -0
  348. package/dist/ports/bridge/bridge.d.ts.map +1 -0
  349. package/dist/ports/bridge/bridge.js +20 -0
  350. package/dist/ports/bridge/bridge.js.map +1 -0
  351. package/dist/ports/bridge/index.d.ts +13 -0
  352. package/dist/ports/bridge/index.d.ts.map +1 -0
  353. package/dist/ports/bridge/index.js +11 -0
  354. package/dist/ports/bridge/index.js.map +1 -0
  355. package/dist/ports/canton/adapters/ledger-api-adapter.d.ts +52 -0
  356. package/dist/ports/canton/adapters/ledger-api-adapter.d.ts.map +1 -0
  357. package/dist/ports/canton/adapters/ledger-api-adapter.js +232 -0
  358. package/dist/ports/canton/adapters/ledger-api-adapter.js.map +1 -0
  359. package/dist/ports/canton/canton-identity.d.ts +60 -0
  360. package/dist/ports/canton/canton-identity.d.ts.map +1 -0
  361. package/dist/ports/canton/canton-identity.js +28 -0
  362. package/dist/ports/canton/canton-identity.js.map +1 -0
  363. package/dist/ports/canton/canton-validator.d.ts +182 -0
  364. package/dist/ports/canton/canton-validator.d.ts.map +1 -0
  365. package/dist/ports/canton/canton-validator.js +39 -0
  366. package/dist/ports/canton/canton-validator.js.map +1 -0
  367. package/dist/ports/canton/fingerprint.d.ts +24 -0
  368. package/dist/ports/canton/fingerprint.d.ts.map +1 -0
  369. package/dist/ports/canton/fingerprint.js +31 -0
  370. package/dist/ports/canton/fingerprint.js.map +1 -0
  371. package/dist/ports/canton/hash.d.ts +37 -0
  372. package/dist/ports/canton/hash.d.ts.map +1 -0
  373. package/dist/ports/canton/hash.js +68 -0
  374. package/dist/ports/canton/hash.js.map +1 -0
  375. package/dist/ports/canton/http.d.ts +64 -0
  376. package/dist/ports/canton/http.d.ts.map +1 -0
  377. package/dist/ports/canton/http.js +177 -0
  378. package/dist/ports/canton/http.js.map +1 -0
  379. package/dist/ports/cross-vm.d.ts +79 -0
  380. package/dist/ports/cross-vm.d.ts.map +1 -0
  381. package/dist/ports/cross-vm.js +81 -0
  382. package/dist/ports/cross-vm.js.map +1 -0
  383. package/dist/ports/index.d.ts +18 -0
  384. package/dist/ports/index.d.ts.map +1 -0
  385. package/dist/ports/index.js +11 -0
  386. package/dist/ports/index.js.map +1 -0
  387. package/dist/ports/tenzro-identity.d.ts +29 -0
  388. package/dist/ports/tenzro-identity.d.ts.map +1 -0
  389. package/dist/ports/tenzro-identity.js +19 -0
  390. package/dist/ports/tenzro-identity.js.map +1 -0
  391. package/dist/ports/tenzro-rpc.d.ts +79 -0
  392. package/dist/ports/tenzro-rpc.d.ts.map +1 -0
  393. package/dist/ports/tenzro-rpc.js +21 -0
  394. package/dist/ports/tenzro-rpc.js.map +1 -0
  395. package/dist/router/index.d.ts +3 -0
  396. package/dist/router/index.d.ts.map +1 -0
  397. package/dist/router/index.js +2 -0
  398. package/dist/router/index.js.map +1 -0
  399. package/dist/router/route.d.ts +17 -0
  400. package/dist/router/route.d.ts.map +1 -0
  401. package/dist/router/route.js +78 -0
  402. package/dist/router/route.js.map +1 -0
  403. package/dist/settlement/nanopayment-flow.d.ts +48 -0
  404. package/dist/settlement/nanopayment-flow.d.ts.map +1 -0
  405. package/dist/settlement/nanopayment-flow.js +111 -0
  406. package/dist/settlement/nanopayment-flow.js.map +1 -0
  407. package/dist/surfaces/canton-external.d.ts +43 -0
  408. package/dist/surfaces/canton-external.d.ts.map +1 -0
  409. package/dist/surfaces/canton-external.js +252 -0
  410. package/dist/surfaces/canton-external.js.map +1 -0
  411. package/dist/surfaces/canton-internal.d.ts +34 -0
  412. package/dist/surfaces/canton-internal.d.ts.map +1 -0
  413. package/dist/surfaces/canton-internal.js +163 -0
  414. package/dist/surfaces/canton-internal.js.map +1 -0
  415. package/dist/surfaces/canton-onboarding.d.ts +64 -0
  416. package/dist/surfaces/canton-onboarding.d.ts.map +1 -0
  417. package/dist/surfaces/canton-onboarding.js +113 -0
  418. package/dist/surfaces/canton-onboarding.js.map +1 -0
  419. package/dist/surfaces/evm-on-tenzro.d.ts +29 -0
  420. package/dist/surfaces/evm-on-tenzro.d.ts.map +1 -0
  421. package/dist/surfaces/evm-on-tenzro.js +226 -0
  422. package/dist/surfaces/evm-on-tenzro.js.map +1 -0
  423. package/dist/surfaces/index.d.ts +13 -0
  424. package/dist/surfaces/index.d.ts.map +1 -0
  425. package/dist/surfaces/index.js +7 -0
  426. package/dist/surfaces/index.js.map +1 -0
  427. package/dist/surfaces/svm-on-tenzro.d.ts +24 -0
  428. package/dist/surfaces/svm-on-tenzro.d.ts.map +1 -0
  429. package/dist/surfaces/svm-on-tenzro.js +238 -0
  430. package/dist/surfaces/svm-on-tenzro.js.map +1 -0
  431. package/dist/surfaces/tenzro-native.d.ts +45 -0
  432. package/dist/surfaces/tenzro-native.d.ts.map +1 -0
  433. package/dist/surfaces/tenzro-native.js +299 -0
  434. package/dist/surfaces/tenzro-native.js.map +1 -0
  435. package/dist/surfaces/util.d.ts +18 -0
  436. package/dist/surfaces/util.d.ts.map +1 -0
  437. package/dist/surfaces/util.js +36 -0
  438. package/dist/surfaces/util.js.map +1 -0
  439. package/dist/types/asset.d.ts +43 -0
  440. package/dist/types/asset.d.ts.map +1 -0
  441. package/dist/types/asset.js +13 -0
  442. package/dist/types/asset.js.map +1 -0
  443. package/dist/types/consent.d.ts +46 -0
  444. package/dist/types/consent.d.ts.map +1 -0
  445. package/dist/types/consent.js +18 -0
  446. package/dist/types/consent.js.map +1 -0
  447. package/dist/types/identity.d.ts +115 -0
  448. package/dist/types/identity.d.ts.map +1 -0
  449. package/dist/types/identity.js +12 -0
  450. package/dist/types/identity.js.map +1 -0
  451. package/dist/types/index.d.ts +10 -0
  452. package/dist/types/index.d.ts.map +1 -0
  453. package/dist/types/index.js +3 -0
  454. package/dist/types/index.js.map +1 -0
  455. package/dist/types/intent.d.ts +132 -0
  456. package/dist/types/intent.d.ts.map +1 -0
  457. package/dist/types/intent.js +8 -0
  458. package/dist/types/intent.js.map +1 -0
  459. package/dist/types/signing-driver.d.ts +48 -0
  460. package/dist/types/signing-driver.d.ts.map +1 -0
  461. package/dist/types/signing-driver.js +9 -0
  462. package/dist/types/signing-driver.js.map +1 -0
  463. package/dist/types/surface-module.d.ts +38 -0
  464. package/dist/types/surface-module.d.ts.map +1 -0
  465. package/dist/types/surface-module.js +19 -0
  466. package/dist/types/surface-module.js.map +1 -0
  467. package/dist/types/surface.d.ts +17 -0
  468. package/dist/types/surface.d.ts.map +1 -0
  469. package/dist/types/surface.js +28 -0
  470. package/dist/types/surface.js.map +1 -0
  471. package/package.json +84 -0
@@ -0,0 +1,140 @@
1
+ /**
2
+ * PaymentRailsPort — agent-payment rail dispatcher.
3
+ *
4
+ * Tenzro's `PaymentClient` exposes five rails through one client class:
5
+ *
6
+ * • MPP — Tempo's Machine Payments Protocol
7
+ * • x402 — Coinbase HTTP-402, x402 Foundation governance,
8
+ * absorbed as a payment method inside AP2
9
+ * • AP2 — FIDO Alliance Agentic-Payments TWG (v0.2, Apr 2026)
10
+ * • Visa TAP — Visa Trusted Agent Protocol (RFC 9421 sigs)
11
+ * • Mastercard — Mastercard Agent Pay (SingleUse / SessionBound /
12
+ * Recurring tokens, KYA tier checks)
13
+ *
14
+ * The wallet doesn't pick the rail — the merchant or resource declares it
15
+ * (HTTP 402 header, AP2 mandate type, etc.). The wallet's job is to
16
+ * surface them through one port so a single agent-spending UI can drive
17
+ * them all under the same SessionKey scope.
18
+ *
19
+ * Per `reference_agentic_payments_2026.md`: x402 is now subsumed inside
20
+ * AP2 schema-wise, but stays a distinct *rail* on the wire (HTTP 402 vs.
21
+ * AP2 mandate). We keep the methods separate so callers can opt into the
22
+ * rail their counterparty actually speaks.
23
+ */
24
+ export interface PaymentReceipt {
25
+ readonly receiptId: string;
26
+ /** Underlying tx hash on the settlement chain, when applicable. */
27
+ readonly txHash?: string;
28
+ /** Engine-reported status (Approved / Settled / Pending / Failed / …). */
29
+ readonly status: string;
30
+ /** Free-form metadata the engine attached. */
31
+ readonly meta?: Readonly<Record<string, unknown>>;
32
+ }
33
+ export interface PayMppRequest {
34
+ readonly url: string;
35
+ readonly payerDid?: string;
36
+ }
37
+ export interface PayX402Request {
38
+ readonly url: string;
39
+ readonly payerDid?: string;
40
+ }
41
+ export interface PayAp2Request {
42
+ /** Agent DID that authorises the payment under its delegation scope. */
43
+ readonly agentDid: string;
44
+ readonly url: string;
45
+ /** Decimal-string amount (preserves precision; matches AP2 wire shape). */
46
+ readonly amount: string;
47
+ }
48
+ export interface PayVisaTapRequest {
49
+ /** Visa-issued credential. Opaque; forwarded verbatim. */
50
+ readonly credential: Readonly<Record<string, unknown>>;
51
+ }
52
+ export interface PayMastercardRequest {
53
+ /**
54
+ * Mastercard-issued payment credential — typically one of the three
55
+ * token kinds: SingleUse, SessionBound, Recurring.
56
+ */
57
+ readonly credential: Readonly<Record<string, unknown>>;
58
+ }
59
+ export interface SignVisaTapRequest {
60
+ /**
61
+ * RFC 9421 HTTP message-signature inputs the SDK turns into the
62
+ * `Signature-Input` / `Signature` header pair. The wallet only declares
63
+ * what it carries on the wire — composition happens in the SDK.
64
+ */
65
+ readonly request: {
66
+ readonly method: string;
67
+ readonly url: string;
68
+ readonly headers: Readonly<Record<string, string>>;
69
+ readonly body?: string;
70
+ };
71
+ /** Agent DID whose key signs the message. */
72
+ readonly agentDid: string;
73
+ }
74
+ export interface VisaTapSignedRequest {
75
+ /** Original headers plus `Signature-Input` and `Signature`. */
76
+ readonly headers: Readonly<Record<string, string>>;
77
+ /** Echoed back so callers don't have to thread the URL separately. */
78
+ readonly url: string;
79
+ readonly method: string;
80
+ }
81
+ /** Mastercard token kinds per Mastercard Agent Pay spec. */
82
+ export type MastercardTokenKind = 'SingleUse' | 'SessionBound' | 'Recurring';
83
+ export interface IssueMastercardTokenRequest {
84
+ readonly agentDid: string;
85
+ readonly kind: MastercardTokenKind;
86
+ /**
87
+ * Per-token-kind binding params — opaque to the kernel (recurring schedule,
88
+ * session id, single-use cap, etc.). The SDK validates against KYA tier.
89
+ */
90
+ readonly params: Readonly<Record<string, unknown>>;
91
+ }
92
+ export interface MastercardToken {
93
+ readonly tokenId: string;
94
+ readonly kind: MastercardTokenKind;
95
+ /** Decimal-string cap; "0" means uncapped at this layer (KYA tier still applies). */
96
+ readonly cap: string;
97
+ readonly expiresAt: number;
98
+ readonly raw: Readonly<Record<string, unknown>>;
99
+ }
100
+ export interface PaymentChallenge {
101
+ /** Opaque challenge id the gateway echoes back. */
102
+ readonly challengeId: string;
103
+ /** Resource the challenge gates. */
104
+ readonly resource: string;
105
+ readonly amount: number;
106
+ readonly asset: string;
107
+ readonly protocol: string;
108
+ /** Engine fields the wallet should not interpret. */
109
+ readonly raw: Readonly<Record<string, unknown>>;
110
+ }
111
+ export interface CreateChallengeRequest {
112
+ readonly resource: string;
113
+ readonly amount: number;
114
+ /** Defaults to 'USDC' on the SDK side. */
115
+ readonly asset?: string;
116
+ /** Defaults to 'mpp' on the SDK side. */
117
+ readonly protocol?: 'mpp' | 'x402' | 'ap2';
118
+ }
119
+ export interface PaymentRailsPort {
120
+ createChallenge(req: CreateChallengeRequest): Promise<PaymentChallenge>;
121
+ payMpp(req: PayMppRequest): Promise<PaymentReceipt>;
122
+ payX402(req: PayX402Request): Promise<PaymentReceipt>;
123
+ payAp2(req: PayAp2Request): Promise<PaymentReceipt>;
124
+ payVisaTap(req: PayVisaTapRequest): Promise<PaymentReceipt>;
125
+ payMastercard(req: PayMastercardRequest): Promise<PaymentReceipt>;
126
+ getReceipt(receiptId: string): Promise<PaymentReceipt | null>;
127
+ /**
128
+ * Produce RFC 9421 message-signature headers for a Visa TAP request.
129
+ * Throws "SDK pending" until `tenzro-sdk`'s PaymentClient exposes
130
+ * `signVisaTap` (DESIGN.md §11.1).
131
+ */
132
+ signVisaTap(req: SignVisaTapRequest): Promise<VisaTapSignedRequest>;
133
+ /**
134
+ * Issue a Mastercard Agent Pay token for the given agent + kind. Throws
135
+ * "SDK pending" until `tenzro-sdk`'s PaymentClient exposes
136
+ * `issueMastercardToken` (DESIGN.md §11.1).
137
+ */
138
+ issueMastercardToken(req: IssueMastercardTokenRequest): Promise<MastercardToken>;
139
+ }
140
+ //# sourceMappingURL=payment-rails.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"payment-rails.d.ts","sourceRoot":"","sources":["../../../src/ports/agent/payment-rails.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,mEAAmE;IACnE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,0EAA0E;IAC1E,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,8CAA8C;IAC9C,QAAQ,CAAC,IAAI,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACnD;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,wEAAwE;IACxE,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,2EAA2E;IAC3E,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,iBAAiB;IAChC,0DAA0D;IAC1D,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACxD;AAED,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACxD;AAUD,MAAM,WAAW,kBAAkB;IACjC;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE;QAChB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;QACnD,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;KACxB,CAAC;IACF,6CAA6C;IAC7C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,oBAAoB;IACnC,+DAA+D;IAC/D,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACnD,sEAAsE;IACtE,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB;AAED,4DAA4D;AAC5D,MAAM,MAAM,mBAAmB,GAAG,WAAW,GAAG,cAAc,GAAG,WAAW,CAAC;AAE7E,MAAM,WAAW,2BAA2B;IAC1C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,mBAAmB,CAAC;IACnC;;;OAGG;IACH,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACpD;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,IAAI,EAAE,mBAAmB,CAAC;IACnC,qFAAqF;IACrF,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACjD;AAED,MAAM,WAAW,gBAAgB;IAC/B,mDAAmD;IACnD,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,oCAAoC;IACpC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,qDAAqD;IACrD,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACjD;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,0CAA0C;IAC1C,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,yCAAyC;IACzC,QAAQ,CAAC,QAAQ,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,CAAC;CAC5C;AAED,MAAM,WAAW,gBAAgB;IAC/B,eAAe,CAAC,GAAG,EAAE,sBAAsB,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACxE,MAAM,CAAC,GAAG,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,EAAE,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACtD,MAAM,CAAC,GAAG,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACpD,UAAU,CAAC,GAAG,EAAE,iBAAiB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAC5D,aAAa,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAClE,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAAC;IAI9D;;;;OAIG;IACH,WAAW,CAAC,GAAG,EAAE,kBAAkB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAEpE;;;;OAIG;IACH,oBAAoB,CAAC,GAAG,EAAE,2BAA2B,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;CAClF"}
@@ -0,0 +1,25 @@
1
+ /**
2
+ * PaymentRailsPort — agent-payment rail dispatcher.
3
+ *
4
+ * Tenzro's `PaymentClient` exposes five rails through one client class:
5
+ *
6
+ * • MPP — Tempo's Machine Payments Protocol
7
+ * • x402 — Coinbase HTTP-402, x402 Foundation governance,
8
+ * absorbed as a payment method inside AP2
9
+ * • AP2 — FIDO Alliance Agentic-Payments TWG (v0.2, Apr 2026)
10
+ * • Visa TAP — Visa Trusted Agent Protocol (RFC 9421 sigs)
11
+ * • Mastercard — Mastercard Agent Pay (SingleUse / SessionBound /
12
+ * Recurring tokens, KYA tier checks)
13
+ *
14
+ * The wallet doesn't pick the rail — the merchant or resource declares it
15
+ * (HTTP 402 header, AP2 mandate type, etc.). The wallet's job is to
16
+ * surface them through one port so a single agent-spending UI can drive
17
+ * them all under the same SessionKey scope.
18
+ *
19
+ * Per `reference_agentic_payments_2026.md`: x402 is now subsumed inside
20
+ * AP2 schema-wise, but stays a distinct *rail* on the wire (HTTP 402 vs.
21
+ * AP2 mandate). We keep the methods separate so callers can opt into the
22
+ * rail their counterparty actually speaks.
23
+ */
24
+ export {};
25
+ //# sourceMappingURL=payment-rails.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"payment-rails.js","sourceRoot":"","sources":["../../../src/ports/agent/payment-rails.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG"}
@@ -0,0 +1,95 @@
1
+ /**
2
+ * PrincipalChainPort — read-only access to the receipt principal-chain
3
+ * (Agent-Swarm Spec 5).
4
+ *
5
+ * Every settlement / payment / lifecycle receipt produced by the network
6
+ * grows a typed `principal_chain` field captured at receipt write time:
7
+ * a delegation path from the acting identity (`actor`) up to the
8
+ * controller, plus the controller's KYC tier and bond figures. The
9
+ * chain is frozen — later revocations don't invalidate it.
10
+ *
11
+ * Auditors, dashboards, and seed-agent governance walk these chains via
12
+ * the SDK's `PrincipalChainClient`; the wallet exposes the same surface
13
+ * so it can render "who paid for this" trails alongside transactions.
14
+ */
15
+ export type PrincipalRole = 'controller' | 'delegated_agent' | 'autonomous_agent';
16
+ export type IdentityType = 'human' | 'machine';
17
+ export interface PrincipalLink {
18
+ /** DID string of the link. */
19
+ readonly did: string;
20
+ readonly identityType: IdentityType;
21
+ /** Hex-encoded SHA-256 of the DelegationScope under which this link acted. */
22
+ readonly delegationScopeId?: string;
23
+ readonly role: PrincipalRole;
24
+ /**
25
+ * `true` when the link's identity could not be resolved at receipt
26
+ * write time (revoked, not-found). Receipts are still written — the
27
+ * regulator sees a partially-resolvable chain with an explicit gap.
28
+ */
29
+ readonly tombstone: boolean;
30
+ }
31
+ export interface PrincipalChainRecord {
32
+ /** DID of the acting identity (signer of the underlying tx). */
33
+ readonly actor: string;
34
+ /**
35
+ * Top-down list of intermediate links. Empty when the controller acted
36
+ * directly (`delegationDepth === 0`).
37
+ */
38
+ readonly chain: readonly PrincipalLink[];
39
+ /** The controller link itself — the legally responsible principal. */
40
+ readonly controller: PrincipalLink;
41
+ /** 0 = Unverified, 1 = Basic, 2 = Enhanced, 3 = Full. */
42
+ readonly controllerKycTier: number;
43
+ /** Bond posted by the controller, in TNZO base units. */
44
+ readonly controllerBond?: bigint;
45
+ /** Bond posted directly against the actor's DID (Spec 9). */
46
+ readonly actorBond?: bigint;
47
+ /**
48
+ * Sum of all promotion-eligible Active bonds the controller has posted
49
+ * across every agent they own (Spec 9) — total skin-in-the-game.
50
+ */
51
+ readonly controllerBondAggregate?: bigint;
52
+ /** Number of delegation levels between actor and controller. */
53
+ readonly delegationDepth: number;
54
+ /** Block height at which the chain was resolved and frozen. */
55
+ readonly frozenAtBlock: bigint;
56
+ }
57
+ export interface PrincipalChainSummaryRecord {
58
+ readonly actor: string;
59
+ readonly controller: string;
60
+ readonly controllerKycTier: number;
61
+ readonly controllerBond?: bigint;
62
+ readonly actorBond?: bigint;
63
+ readonly controllerBondAggregate?: bigint;
64
+ readonly delegationDepth: number;
65
+ readonly hasTombstone: boolean;
66
+ readonly frozenAtBlock: bigint;
67
+ }
68
+ export interface ControllerActivitySummaryRecord {
69
+ readonly controllerDid: string;
70
+ readonly receiptCount: bigint;
71
+ /** Total settled value in the window, in TNZO base units. */
72
+ readonly totalValueTnzo: bigint;
73
+ /** Distinct DIDs that acted under the controller in the window. */
74
+ readonly agentsActedUnder: readonly string[];
75
+ readonly killSwitchEvents: number;
76
+ readonly kycTierAtOldest: number;
77
+ readonly kycTierAtNewest: number;
78
+ readonly bondMin: bigint;
79
+ readonly bondMax: bigint;
80
+ /** Inclusive lower bound, unix seconds; undefined if open-ended. */
81
+ readonly since?: number;
82
+ /** Inclusive upper bound, unix seconds; undefined if open-ended. */
83
+ readonly until?: number;
84
+ }
85
+ export interface PrincipalChainPort {
86
+ /** Full chain for a single receipt. Returns null if unknown. */
87
+ getReceiptPrincipalChain(receiptId: string): Promise<PrincipalChainRecord | null>;
88
+ /** Compact summaries for every receipt with the given actor DID. */
89
+ listReceiptsByActor(actorDid: string): Promise<PrincipalChainSummaryRecord[]>;
90
+ /** Compact summaries for every receipt terminating at controllerDid. */
91
+ listReceiptsByController(controllerDid: string): Promise<PrincipalChainSummaryRecord[]>;
92
+ /** Aggregate activity metrics for a controller. Returns null if unknown. */
93
+ summarizeController(controllerDid: string): Promise<ControllerActivitySummaryRecord | null>;
94
+ }
95
+ //# sourceMappingURL=principal-chain.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"principal-chain.d.ts","sourceRoot":"","sources":["../../../src/ports/agent/principal-chain.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,MAAM,MAAM,aAAa,GAAG,YAAY,GAAG,iBAAiB,GAAG,kBAAkB,CAAC;AAElF,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,SAAS,CAAC;AAE/C,MAAM,WAAW,aAAa;IAC5B,8BAA8B;IAC9B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,8EAA8E;IAC9E,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,IAAI,EAAE,aAAa,CAAC;IAC7B;;;;OAIG;IACH,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC;CAC7B;AAED,MAAM,WAAW,oBAAoB;IACnC,gEAAgE;IAChE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB;;;OAGG;IACH,QAAQ,CAAC,KAAK,EAAE,SAAS,aAAa,EAAE,CAAC;IACzC,sEAAsE;IACtE,QAAQ,CAAC,UAAU,EAAE,aAAa,CAAC;IACnC,yDAAyD;IACzD,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,yDAAyD;IACzD,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,6DAA6D;IAC7D,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B;;;OAGG;IACH,QAAQ,CAAC,uBAAuB,CAAC,EAAE,MAAM,CAAC;IAC1C,gEAAgE;IAChE,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,+DAA+D;IAC/D,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;CAChC;AAED,MAAM,WAAW,2BAA2B;IAC1C,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,uBAAuB,CAAC,EAAE,MAAM,CAAC;IAC1C,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;IAC/B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;CAChC;AAED,MAAM,WAAW,+BAA+B;IAC9C,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,6DAA6D;IAC7D,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,mEAAmE;IACnE,QAAQ,CAAC,gBAAgB,EAAE,SAAS,MAAM,EAAE,CAAC;IAC7C,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,oEAAoE;IACpE,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,oEAAoE;IACpE,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,kBAAkB;IACjC,gEAAgE;IAChE,wBAAwB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IAElF,oEAAoE;IACpE,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,EAAE,CAAC,CAAC;IAE9E,wEAAwE;IACxE,wBAAwB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,2BAA2B,EAAE,CAAC,CAAC;IAExF,4EAA4E;IAC5E,mBAAmB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,+BAA+B,GAAG,IAAI,CAAC,CAAC;CAC7F"}
@@ -0,0 +1,16 @@
1
+ /**
2
+ * PrincipalChainPort — read-only access to the receipt principal-chain
3
+ * (Agent-Swarm Spec 5).
4
+ *
5
+ * Every settlement / payment / lifecycle receipt produced by the network
6
+ * grows a typed `principal_chain` field captured at receipt write time:
7
+ * a delegation path from the acting identity (`actor`) up to the
8
+ * controller, plus the controller's KYC tier and bond figures. The
9
+ * chain is frozen — later revocations don't invalidate it.
10
+ *
11
+ * Auditors, dashboards, and seed-agent governance walk these chains via
12
+ * the SDK's `PrincipalChainClient`; the wallet exposes the same surface
13
+ * so it can render "who paid for this" trails alongside transactions.
14
+ */
15
+ export {};
16
+ //# sourceMappingURL=principal-chain.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"principal-chain.js","sourceRoot":"","sources":["../../../src/ports/agent/principal-chain.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG"}
@@ -0,0 +1,94 @@
1
+ /**
2
+ * SessionKeyPort — scoped delegations under TDIP.
3
+ *
4
+ * This is the primitive every agent-payment rail rests on. AP2 mandates,
5
+ * Mastercard Agent Pay tokens, x402 micropayment caps, Visa TAP scopes —
6
+ * all of them are *expressions* of a session key with a bounded
7
+ * delegation scope. The wallet's job is to:
8
+ *
9
+ * 1. Create scoped session keys ("this agent may spend up to 10 USDC/day
10
+ * on inference services for the next hour").
11
+ * 2. Inspect / list active scopes for the user UI.
12
+ * 3. Revoke a scope when the user wants to cut off an agent.
13
+ *
14
+ * Server-side, the auth engine enforces. The wallet does NOT decide
15
+ * whether a tx is in-policy — it asks. A compromised wallet client cannot
16
+ * widen a scope; the engine rejects.
17
+ *
18
+ * Wire mapping: `tenzro_onboardDelegatedAgent`, `tenzro_revokeDid`,
19
+ * `tenzro_revokeJwt` — i.e. delegation scopes are JWT-bound under the
20
+ * controller's act-chain. Creating a scope is "onboard a delegated
21
+ * agent under controllerDid with this scope"; revoking is revoking the
22
+ * JWT (single scope) or the DID (cascades all scopes).
23
+ *
24
+ * The opaque `scope` shape is whatever the engine accepts — currently a
25
+ * `Record<string, unknown>` matching `SpendingPolicy::is_allowed()`'s
26
+ * input. The port doesn't validate; it forwards. AP2/Mastercard/Visa
27
+ * adapters build scope objects that match their respective schemas and
28
+ * pass them through.
29
+ */
30
+ export interface SessionScope {
31
+ /** Human-readable label shown in approver UI. */
32
+ readonly label: string;
33
+ /** Capability strings — "inference", "rpc-call", "storage", custom tags. */
34
+ readonly capabilities: readonly string[];
35
+ /** Engine-specific scope object. Forwarded as-is to the auth engine. */
36
+ readonly delegationScope: Readonly<Record<string, unknown>>;
37
+ /** Optional DPoP thumbprint to bind the resulting JWT to a specific key. */
38
+ readonly dpopJkt?: string;
39
+ }
40
+ export interface CreateSessionRequest {
41
+ /** Controller DID (the human or upstream agent granting authority). */
42
+ readonly controllerDid: string;
43
+ readonly scope: SessionScope;
44
+ }
45
+ export interface CreatedSession {
46
+ /** DID of the newly-onboarded delegated agent. */
47
+ readonly agentDid: string;
48
+ /** Bearer JWT for the new agent. The wallet hands this to the agent. */
49
+ readonly accessToken: string;
50
+ /** Refresh token for renewal. */
51
+ readonly refreshToken?: string;
52
+ /** Unix-ms when the access token expires. */
53
+ readonly expiresAt: number;
54
+ }
55
+ export interface ActiveSession {
56
+ readonly agentDid: string;
57
+ readonly controllerDid: string;
58
+ readonly capabilities: readonly string[];
59
+ readonly delegationScope: Readonly<Record<string, unknown>>;
60
+ readonly issuedAt: number;
61
+ readonly expiresAt: number;
62
+ readonly status: 'active' | 'revoked' | 'expired';
63
+ }
64
+ export interface RevokeSessionRequest {
65
+ /**
66
+ * Either a JWT `jti` (revokes a single session) or a DID (cascades
67
+ * — invalidates every JWT minted under that DID and every descendant
68
+ * DID in the act-chain).
69
+ */
70
+ readonly target: {
71
+ kind: 'jti';
72
+ jti: string;
73
+ } | {
74
+ kind: 'did';
75
+ did: string;
76
+ };
77
+ readonly reason?: string;
78
+ }
79
+ export interface RevokeSessionResult {
80
+ readonly target: string;
81
+ readonly status: string;
82
+ }
83
+ export interface SessionKeyPort {
84
+ /** Create a scoped session key under `controllerDid`. */
85
+ create(req: CreateSessionRequest): Promise<CreatedSession>;
86
+ /**
87
+ * List active sessions for the controller. Used by the wallet UI to
88
+ * render "agents acting on your behalf" + a revoke button.
89
+ */
90
+ list(controllerDid: string): Promise<readonly ActiveSession[]>;
91
+ /** Revoke a single session (jti) or every session under a DID. */
92
+ revoke(req: RevokeSessionRequest): Promise<RevokeSessionResult>;
93
+ }
94
+ //# sourceMappingURL=session-key.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"session-key.d.ts","sourceRoot":"","sources":["../../../src/ports/agent/session-key.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,MAAM,WAAW,YAAY;IAC3B,iDAAiD;IACjD,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,4EAA4E;IAC5E,QAAQ,CAAC,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;IACzC,wEAAwE;IACxE,QAAQ,CAAC,eAAe,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,4EAA4E;IAC5E,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,oBAAoB;IACnC,uEAAuE;IACvE,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;CAC9B;AAED,MAAM,WAAW,cAAc;IAC7B,kDAAkD;IAClD,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,wEAAwE;IACxE,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,iCAAiC;IACjC,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,6CAA6C;IAC7C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;IACzC,QAAQ,CAAC,eAAe,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,MAAM,EAAE,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;CACnD;AAED,MAAM,WAAW,oBAAoB;IACnC;;;;OAIG;IACH,QAAQ,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,KAAK,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,GAAG;QAAE,IAAI,EAAE,KAAK,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7E,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,cAAc;IAC7B,yDAAyD;IACzD,MAAM,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAE3D;;;OAGG;IACH,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,aAAa,EAAE,CAAC,CAAC;IAE/D,kEAAkE;IAClE,MAAM,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;CACjE"}
@@ -0,0 +1,31 @@
1
+ /**
2
+ * SessionKeyPort — scoped delegations under TDIP.
3
+ *
4
+ * This is the primitive every agent-payment rail rests on. AP2 mandates,
5
+ * Mastercard Agent Pay tokens, x402 micropayment caps, Visa TAP scopes —
6
+ * all of them are *expressions* of a session key with a bounded
7
+ * delegation scope. The wallet's job is to:
8
+ *
9
+ * 1. Create scoped session keys ("this agent may spend up to 10 USDC/day
10
+ * on inference services for the next hour").
11
+ * 2. Inspect / list active scopes for the user UI.
12
+ * 3. Revoke a scope when the user wants to cut off an agent.
13
+ *
14
+ * Server-side, the auth engine enforces. The wallet does NOT decide
15
+ * whether a tx is in-policy — it asks. A compromised wallet client cannot
16
+ * widen a scope; the engine rejects.
17
+ *
18
+ * Wire mapping: `tenzro_onboardDelegatedAgent`, `tenzro_revokeDid`,
19
+ * `tenzro_revokeJwt` — i.e. delegation scopes are JWT-bound under the
20
+ * controller's act-chain. Creating a scope is "onboard a delegated
21
+ * agent under controllerDid with this scope"; revoking is revoking the
22
+ * JWT (single scope) or the DID (cascades all scopes).
23
+ *
24
+ * The opaque `scope` shape is whatever the engine accepts — currently a
25
+ * `Record<string, unknown>` matching `SpendingPolicy::is_allowed()`'s
26
+ * input. The port doesn't validate; it forwards. AP2/Mastercard/Visa
27
+ * adapters build scope objects that match their respective schemas and
28
+ * pass them through.
29
+ */
30
+ export {};
31
+ //# sourceMappingURL=session-key.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"session-key.js","sourceRoot":"","sources":["../../../src/ports/agent/session-key.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG"}
@@ -0,0 +1,51 @@
1
+ /**
2
+ * TeeAttestationPort — verify the node's TEE attestation.
3
+ *
4
+ * The wallet's hybrid-signing path leans on a TEE-resident co-signer at
5
+ * the Tenzro node. Before trusting that co-signer (in particular before
6
+ * sending a passkey-derived share to it), the wallet should verify the
7
+ * node's attestation report against the TEE vendor's certificate chain.
8
+ *
9
+ * The wallet does NOT itself decode TDX/SEV/Nitro reports — that's a
10
+ * mountain of vendor-specific code, with cert chains that need keeping
11
+ * up to date. Instead the node exposes verification as an RPC
12
+ * (`tenzro_verifyTeeAttestation`); the wallet calls in. Trust model:
13
+ * the same engine that issues the attestation also verifies it, which
14
+ * isn't useful in isolation. The protection comes from the wallet
15
+ * pinning the node's expected vendor + measurement off-band (e.g. via a
16
+ * release manifest) and then checking the attestation result *and* the
17
+ * report's measurement field against that pin.
18
+ *
19
+ * This port surfaces:
20
+ * - `detect` — what TEE the node says it has
21
+ * - `getAttestation` — fetch a fresh attestation report
22
+ * - `verify` — verify an attestation (typically the one just fetched)
23
+ *
24
+ * The wallet UI uses these to render a "verified" badge and to gate
25
+ * sensitive flows on a green attestation.
26
+ */
27
+ export interface TeeInfo {
28
+ readonly available: boolean;
29
+ /** "intel-tdx", "amd-sev-snp", "aws-nitro", "nvidia-gpu". */
30
+ readonly vendor: string;
31
+ readonly capabilities: readonly string[];
32
+ }
33
+ export interface AttestationReport {
34
+ /** Hex-encoded report bytes. The wallet treats these as opaque except
35
+ * for pinning-time measurement comparisons. */
36
+ readonly report: string;
37
+ /** Hex-encoded vendor signature over `report`. */
38
+ readonly signature: string;
39
+ /** X.509 certificate chain (PEM strings). */
40
+ readonly certificateChain: readonly string[];
41
+ }
42
+ export interface AttestationVerifyResult {
43
+ readonly valid: boolean;
44
+ readonly message?: string;
45
+ }
46
+ export interface TeeAttestationPort {
47
+ detect(): Promise<TeeInfo>;
48
+ getAttestation(teeType: string): Promise<AttestationReport>;
49
+ verify(attestationHex: string, teeType: string): Promise<AttestationVerifyResult>;
50
+ }
51
+ //# sourceMappingURL=tee-attestation.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"tee-attestation.d.ts","sourceRoot":"","sources":["../../../src/ports/agent/tee-attestation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,MAAM,WAAW,OAAO;IACtB,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC;IAC5B,6DAA6D;IAC7D,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;CAC1C;AAED,MAAM,WAAW,iBAAiB;IAChC;oDACgD;IAChD,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,kDAAkD;IAClD,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,6CAA6C;IAC7C,QAAQ,CAAC,gBAAgB,EAAE,SAAS,MAAM,EAAE,CAAC;CAC9C;AAED,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;IAC3B,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAC5D,MAAM,CAAC,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;CACnF"}
@@ -0,0 +1,28 @@
1
+ /**
2
+ * TeeAttestationPort — verify the node's TEE attestation.
3
+ *
4
+ * The wallet's hybrid-signing path leans on a TEE-resident co-signer at
5
+ * the Tenzro node. Before trusting that co-signer (in particular before
6
+ * sending a passkey-derived share to it), the wallet should verify the
7
+ * node's attestation report against the TEE vendor's certificate chain.
8
+ *
9
+ * The wallet does NOT itself decode TDX/SEV/Nitro reports — that's a
10
+ * mountain of vendor-specific code, with cert chains that need keeping
11
+ * up to date. Instead the node exposes verification as an RPC
12
+ * (`tenzro_verifyTeeAttestation`); the wallet calls in. Trust model:
13
+ * the same engine that issues the attestation also verifies it, which
14
+ * isn't useful in isolation. The protection comes from the wallet
15
+ * pinning the node's expected vendor + measurement off-band (e.g. via a
16
+ * release manifest) and then checking the attestation result *and* the
17
+ * report's measurement field against that pin.
18
+ *
19
+ * This port surfaces:
20
+ * - `detect` — what TEE the node says it has
21
+ * - `getAttestation` — fetch a fresh attestation report
22
+ * - `verify` — verify an attestation (typically the one just fetched)
23
+ *
24
+ * The wallet UI uses these to render a "verified" badge and to gate
25
+ * sensitive flows on a green attestation.
26
+ */
27
+ export {};
28
+ //# sourceMappingURL=tee-attestation.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"tee-attestation.js","sourceRoot":"","sources":["../../../src/ports/agent/tee-attestation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG"}
@@ -0,0 +1,47 @@
1
+ /**
2
+ * Shared body for the wallet's per-vendor bridge adapters. Each adapter
3
+ * (LI.FI, CCIP, LayerZero, Wormhole, deBridge, Canton) is the wallet's
4
+ * UX-side abstraction — one row in the route picker per vendor. Under
5
+ * the hood they all forward to the same `tenzro-sdk` `BridgeClient`,
6
+ * filtering by `adapter` (the SDK's name for `vendor`).
7
+ *
8
+ * SDK shape this targets (verified against `tenzro-sdk@0.1.0`
9
+ * `src/bridge.ts`):
10
+ *
11
+ * - `client.bridge().getRoutes(fromChain, toChain, token?)`
12
+ * → `BridgeRoute[]` (one entry per available vendor; the wallet
13
+ * filters to its own `adapterId` and synthesises the `BridgeQuote`).
14
+ * - `client.bridge().bridgeTokens(fromChain, toChain, token, amount,
15
+ * recipient, adapter?)`
16
+ * → `BridgeTransfer { id, sourceChain, targetChain, assetId, amount,
17
+ * sender, recipient, status, txHash, bridgeFee, completedAt? }`.
18
+ * The wallet maps this to a `BridgeBuildResult` whose single
19
+ * transaction wraps the SDK-returned tx hash for surface display.
20
+ * - `client.bridge().getTransferStatus(transferId)`
21
+ * → `TransferStatus { transfer_id, status, source_tx_hash?,
22
+ * destination_tx_hash?, updated_at }`.
23
+ * The wallet wraps this in an async-iterable that polls until a
24
+ * terminal phase (`delivered` / `failed`).
25
+ *
26
+ * The wallet's `BridgeRoutePort` surface (quote → build → track) is
27
+ * UX-shaped; it doesn't perfectly match the SDK's flatter API. The
28
+ * adapter does the mapping:
29
+ *
30
+ * - `quote()` calls `getRoutes()` and finds the entry matching
31
+ * `adapterId`. The route's `opaque` payload carries the original
32
+ * request fields the wallet needs to call `bridgeTokens` later.
33
+ * - `build()` reads the `opaque` payload, calls `bridgeTokens`,
34
+ * and returns the SDK transfer's `id` as `trackerId`.
35
+ * - `track()` polls `getTransferStatus(trackerId)` on a 2 s tick
36
+ * until the transfer is `delivered` or `failed`.
37
+ */
38
+ import type { BridgeClient } from 'tenzro-sdk';
39
+ import type { BridgeAdapterId, BridgeRoutePort } from '../bridge.js';
40
+ /**
41
+ * Type alias for the SDK's `BridgeClient`. We take a structural
42
+ * super-type for testability (the test suite injects a fake), but the
43
+ * real adapter accepts the SDK class instance as-is.
44
+ */
45
+ export type BridgeClientLike = Partial<Pick<BridgeClient, 'getRoutes' | 'bridgeTokens' | 'getTransferStatus' | 'listAdapters'>>;
46
+ export declare function bridgeAdapterFromClient(vendor: BridgeAdapterId, client: BridgeClientLike | undefined): BridgeRoutePort;
47
+ //# sourceMappingURL=bridge-adapter-base.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"bridge-adapter-base.d.ts","sourceRoot":"","sources":["../../../../src/ports/bridge/adapters/bridge-adapter-base.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAC/C,OAAO,KAAK,EACV,eAAe,EAKf,eAAe,EAGhB,MAAM,cAAc,CAAC;AAEtB;;;;GAIG;AACH,MAAM,MAAM,gBAAgB,GAAG,OAAO,CACpC,IAAI,CAAC,YAAY,EAAE,WAAW,GAAG,cAAc,GAAG,mBAAmB,GAAG,cAAc,CAAC,CACxF,CAAC;AAkBF,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,eAAe,EACvB,MAAM,EAAE,gBAAgB,GAAG,SAAS,GACnC,eAAe,CAmFjB"}