export type QueryResult = { type: 'bindings'; bindings: Array>; } | { type: 'boolean'; value: boolean; } | { type?: undefined; [key: string]: unknown; }; export interface PreSignedAuthorAttestationPayload { address: string; /** * OT-RFC-43 §F2 — the packed reservedKaId the author signed the * AuthorAttestation over, as a decimal string (uint256-safe over JSON). * Required: the digest binds it, so the daemon honours the author's * reserved slot rather than re-allocating. */ reservedKaId: string; signature: { r: string; vs: string; }; } export interface KnowledgeAssetFinalizedPublishOptions { /** * SDK-friendly spelling for the finalized publish cleanup flag. The * knowledge-assets daemon route forwards `clearSharedMemoryAfter` to * `publishFromFinalizedAssertion`, so the client translates before POST. */ clearAfter?: boolean; publishEpochs?: number; publisherNodeIdentityIdOverride?: bigint; } /** * Response shape for `/api/random-sampling/status`. Mirrors * `RandomSamplingStatus` from `@origintrail-official/dkg-agent` but * lives here so the CLI doesn't take a runtime dep on the agent * package (only types). The `loop.lastOutcome` is intentionally * `unknown` — the CLI prints it as JSON; the structured discrimination * is the prover's concern, not the CLI's. */ export interface RandomSamplingStatusResponse { enabled: boolean; role: 'core' | 'edge'; identityId: string; loop: null | { totalTicks: number; inflight: boolean; lastTickAt: string | null; lastOutcome: unknown; submittedCount: number; lastSubmittedTxHash: string | null; lastSubmittedAt: string | null; }; } export interface RelayStatusResponse { isCore: boolean; reservationsHeld: number; reservationCapacity: number | null; activeCircuits: number | null; bytesIn: string | null; bytesOut: string | null; natStatus: 'public' | 'private' | 'unknown'; advertisedAddresses: string[]; configuredAnnounceAddresses: string[]; } export interface DaemonStatusResponse { name: string; peerId: string; nodeRole?: string; networkId?: string; uptimeMs: number; connectedPeers: number; relayConnected: boolean; multiaddrs: string[]; relay: RelayStatusResponse; chain?: { chainId: string | null; configured: boolean; rpcEndpointCount: number; hubConfigured: boolean; } | null; storeBackend?: string; storeUrl?: string | null; storeQuads?: number | null; } export interface ApiClientConnectOptions { allowConfigFallback?: boolean; } export declare class ApiClient { private baseUrl; private token?; private expectedStatusName?; readonly controlPlaneWarning?: string; constructor(portOrBaseUrl: number | string, token?: string, opts?: { controlPlaneWarning?: string; expectedStatusName?: string; }); static connect(opts?: ApiClientConnectOptions): Promise; status(): Promise; agents(): Promise<{ agents: Array<{ agentUri: string; name: string; peerId: string; framework?: string; nodeRole?: string; }>; }>; /** * Mint a fresh workspace encryption key for a custodial local agent and * re-publish the agent's profile so peers learn the new key. Pass * `retireOld: true` to also revoke the previous default key in the same * operation (use only after propagation has settled, or for urgent * compromise scenarios). Returns the new key URI plus, optionally, the * retired one. */ rotateAgentEncryptionKey(address: string, opts?: { retireOld?: boolean; }): Promise<{ ok: true; newKeyId: string; retiredKeyId?: string; profilePublished: boolean; profilePublishError?: string; }>; /** * Wallet-sign and publish a revocation for a specific workspace encryption * key. Refuses to revoke the agent's last active key; rotate first in that * case. Idempotent for already-revoked keys. * * The response surfaces `profilePublished` + `profilePublishError`; callers * MUST treat `profilePublished: false` as a partial failure for revocation * (peers still encrypt to the supposedly retired key until profile sync). */ revokeAgentEncryptionKey(address: string, keyId: string): Promise<{ ok: true; revokedKeyId: string; revokedAt: string; profilePublished: boolean; profilePublishError?: string; }>; /** * Re-publish the daemon's default agent profile. This is the retry * endpoint for the partial-failure path of rotate/revoke: when * local persistence succeeded but the implicit republish errored, * the caller fixes the underlying transport / chain issue and * retries here. Node-admin token only. */ publishAgentProfile(): Promise<{ ok: true; ual: string | null; }>; /** * V10 Random Sampling prover snapshot. Cheap; safe to poll. Returns * `enabled: false` when the bind layer no-op'd (edge node, no * identity, or chain adapter missing methods); the `loop` field is * `null` in that case. */ randomSamplingStatus(): Promise; peerInfo(peerId: string): Promise<{ peerId: string; connected: boolean; connectionCount: number; transports: string[]; directions: string[]; remoteAddrs: Array; protocols: string[]; syncCapable: boolean; syncStatus?: { capable: boolean; capability?: 'supported' | 'unsupported' | 'unknown'; lastSuccessfulSyncAt: number | null; stale: boolean; backoff: { failures: number; nextRetryAt: number; retryInMs: number; } | null; }; lastSeen: number | null; latencyMs: number | null; }>; skills(): Promise<{ skills: Array<{ agentName: string; skillType: string; pricePerCall?: number; currency?: string; }>; }>; sendChat(to: string, text: string, opts?: { contextGraphId?: string; }): Promise<{ delivered: boolean; error?: string; }>; messages(opts?: { peer?: string; since?: number; sinceId?: number; limit?: number; direction?: 'in' | 'out'; order?: 'asc' | 'desc'; }): Promise<{ messages: Array<{ id: number; ts: number; direction: 'in' | 'out'; peer: string; peerName?: string; text: string; }>; }>; /** * One-shot legacy publish: routed through the new assertion lifecycle * with an auto-generated assertion name. The seal carries the same * EIP-712 AuthorAttestation that the publisher used to derive at * chain-tx time; from a caller's perspective this is the same method * — only the on-the-wire route changed. * * Use `publishAssertion(contextGraphId, name, quads, opts)` directly * when you want to control the assertion name (for resumability, * audit, dedupe, etc.). */ publish(contextGraphId: string, quads: Array<{ subject: string; predicate: string; object: string; graph: string; }>, privateQuads?: Array<{ subject: string; predicate: string; object: string; graph: string; }>, options?: { accessPolicy?: 'public' | 'ownerOnly' | 'allowList'; allowedPeers?: string[]; publishEpochs?: number; publisherNodeIdentityIdOverride?: bigint; }): Promise<{ kaId: string; status: 'tentative' | 'confirmed'; kas: Array<{ tokenId: string; rootEntity: string; }>; txHash?: string; blockNumber?: number; batchId?: string; publisherAddress?: string; }>; /** * Direct SWM write — appends loose triples to shared memory without * creating a named WM assertion. Triples land ungrouped; downstream * selection-based publishes (see `publishFromSharedMemory`) seal * them at the publish boundary via the agent's selection bridge. * * Use this for "write loose content, decide what to publish later" * workflows (e.g. node-ui MemoryLayer, mcp `dkg_share`). For * sealed-from-creation provenance, use `createAssertion` / * `appendToAssertion` / `publishAssertion` instead — the seal then * binds to the named assertion at finalize time. */ sharedMemoryWrite(contextGraphId: string, quads: Array<{ subject: string; predicate: string; object: string; graph: string; }>): Promise<{ shareOperationId: string; contextGraphId: string; graph: string; triplesWritten: number; skolemizedBlankNodes?: number; }>; /** * Selection-based publish — publishes one selected SWM rootEntity to * verifiable memory. Passing `"all"` is accepted only when the source * SWM currently resolves to a single publishable root. The agent mints the * AuthorAttestation seal inline at the selection boundary using * the calling agent's bearer-token identity / explicit * `authorAgentAddress` / `preSignedAuthorAttestation`, or falls * back to the publisher's wallet. The publisher refuses any * on-chain publish without a seal — sign-at-creation is preserved * at the daemon boundary regardless of which fork the caller used * to put content into SWM. * * For finalized-assertion publishes (seal from creation), use * `publishFromFinalizedAssertion` instead — that path threads the * already-signed seal through verbatim with no re-signing. */ publishFromSharedMemory(contextGraphId: string, selection?: 'all' | { rootEntities: string[]; }, clearAfter?: boolean, options?: { subGraphName?: string; publishEpochs?: number; publisherNodeIdentityIdOverride?: bigint; }): Promise<{ kaId: string; status: 'tentative' | 'confirmed'; kas: Array<{ tokenId: string; rootEntity: string; }>; txHash?: string; blockNumber?: number; }>; /** * Create an assertion in WM, optionally writing quads + finalizing + * promoting in the same call. Maps directly to the extended * `POST /api/knowledge-assets` body. * * RFC-001 §9.x — the assertion lifecycle is the canonical entry * point for staging content for VM publish. Callers that previously * went through the legacy `/api/shared-memory/write` (now removed) * use this method instead. */ /** * Create a KA + open a WM draft. Pass `quads` to write them atomically; by * default the draft is also sealed (finalized). Pass `finalize: false` to * write a draft WITHOUT sealing — an editable WM-only assertion that never * touches the chain (the only lifecycle available to local-only / * on-chain-unregistered CGs). */ createKnowledgeAsset(contextGraphId: string, name: string, options?: { subGraphName?: string; quads?: Array<{ subject: string; predicate: string; object: string; graph: string; }>; /** * Seal the draft after writing `quads` (default true). `false` keeps an * editable WM draft and never touches the chain. Cannot be combined with * `alsoShareSwm`/`alsoPublishVm` (those require a sealed assertion). */ finalize?: boolean; authorAgentAddress?: string; preSignedAuthorAttestation?: PreSignedAuthorAttestationPayload; schemeVersion?: number; alsoShareSwm?: boolean; alsoPublishVm?: boolean | KnowledgeAssetFinalizedPublishOptions; }): Promise>; /** GET a KA's lifecycle state by name. */ getKnowledgeAsset(contextGraphId: string, name: string, subGraphName?: string): Promise>; /** Append quads to the KA's WM draft. */ knowledgeAssetWrite(contextGraphId: string, name: string, quads: Array<{ subject: string; predicate: string; object: string; graph: string; }>, options?: { subGraphName?: string; }): Promise<{ written: number; }>; /** Seal the WM draft (git commit). */ knowledgeAssetFinalize(contextGraphId: string, name: string, options?: { subGraphName?: string; authorAgentAddress?: string; preSignedAuthorAttestation?: PreSignedAuthorAttestationPayload; schemeVersion?: number; }): Promise<{ merkleRoot: string; eip712Digest: string; }>; /** Discard the WM draft. */ knowledgeAssetDiscard(contextGraphId: string, name: string, options?: { subGraphName?: string; }): Promise<{ discarded: boolean; }>; /** Seed a fresh WM draft from the file's SWM/VM state (git checkout). */ knowledgeAssetPullFrom(contextGraphId: string, name: string, layer: 'swm' | 'vm', options?: { subGraphName?: string; onConflict?: 'reject' | 'replace'; }): Promise>; /** Advance the SWM pointer (WM → SWM; git push origin ). */ knowledgeAssetShare(contextGraphId: string, name: string, options?: { subGraphName?: string; entities?: string[] | 'all'; }): Promise<{ swmShared: boolean; promotedCount: number; }>; /** Publish to VM (mint or update on chain; git push origin main). */ knowledgeAssetPublish(contextGraphId: string, name: string, options?: { subGraphName?: string; } & KnowledgeAssetFinalizedPublishOptions): Promise>; createAssertion(contextGraphId: string, name: string, options?: { subGraphName?: string; quads?: Array<{ subject: string; predicate: string; object: string; graph: string; }>; finalize?: boolean; promote?: boolean; authorAgentAddress?: string; preSignedAuthorAttestation?: PreSignedAuthorAttestationPayload; schemeVersion?: number; }): Promise<{ assertionUri: string; written?: number; seal?: { merkleRoot: string; authorAddress: string; schemeVersion: number; chainId: string; kav10Address: string; eip712Digest: string; }; promotedCount?: number; }>; /** * Append quads to an existing WM assertion. Wraps * `POST /api/knowledge-assets/:name/wm/write`. Used by batched ingest paths * (e.g. `dkg index`) that materialize a single named assertion * across many round-trips before finalize. */ appendToAssertion(contextGraphId: string, name: string, quads: Array<{ subject: string; predicate: string; object: string; graph: string; }>, options?: { subGraphName?: string; }): Promise<{ written: number; }>; /** * Finalize a previously-created assertion. RFC-001 §9.x — computes * the canonical merkleRoot, builds the EIP-712 AuthorAttestation, * signs (custodial / pre-signed / publisher fallback), and stamps * the seal triples to `_meta`. */ finalizeAssertion(contextGraphId: string, name: string, options?: { subGraphName?: string; authorAgentAddress?: string; preSignedAuthorAttestation?: PreSignedAuthorAttestationPayload; schemeVersion?: number; }): Promise<{ assertionUri: string; merkleRoot: string; authorAddress: string; schemeVersion: number; chainId: string; kav10Address: string; eip712Digest: string; }>; /** * Publish a previously-finalized assertion to the verifiable-memory * chain. The seal in `_meta` (written by `finalizeAssertion`) * supplies the AuthorAttestation; the publisher forwards it * verbatim and never re-signs. * * Pre-condition: the assertion must be both finalized AND promoted * to SWM. The high-level `publishAssertion` helper handles the * whole sequence in one call. */ publishFromFinalizedAssertion(contextGraphId: string, assertionName: string, options?: { subGraphName?: string; clearAfter?: boolean; publishEpochs?: number; publisherNodeIdentityIdOverride?: bigint; }): Promise<{ kaId: string; status: 'tentative' | 'confirmed'; assertionUri: string; authorAddress: string; merkleRoot: string; kas: Array<{ tokenId: string; rootEntity: string; }>; txHash?: string; blockNumber?: number; contextGraphError?: string; }>; /** * High-level convenience: create → write → finalize → promote → * publish, all in two HTTP round-trips. The composite mirrors what * a typical OpenClaw/Hermes client does — stage content, commit it, * push it on-chain. Use this unless you need fine-grained control * over the individual steps. */ publishAssertion(contextGraphId: string, name: string, quads: Array<{ subject: string; predicate: string; object: string; graph: string; }>, options?: { subGraphName?: string; authorAgentAddress?: string; preSignedAuthorAttestation?: PreSignedAuthorAttestationPayload; schemeVersion?: number; clearAfter?: boolean; publishEpochs?: number; publisherNodeIdentityIdOverride?: bigint; }): Promise<{ assertionUri: string; kaId: string; status: 'tentative' | 'confirmed'; authorAddress: string; merkleRoot: string; kas: Array<{ tokenId: string; rootEntity: string; }>; txHash?: string; blockNumber?: number; }>; createPca(request: { tokens: string; }): Promise<{ accountId: string; txHash: string; blockNumber: number; committedTokens: string; }>; deregisterPcaAgent(accountId: string, agent: string): Promise<{ accountId: string; agent: string; deregistered: boolean; txHash: string; blockNumber: number; }>; settlePca(accountId: string): Promise<{ accountId: string; settled: boolean; txHash: string; blockNumber: number; }>; addPcaFunds(accountId: string, tokens: string): Promise<{ accountId: string; addedTokens: string; txHash: string; blockNumber: number; }>; registerPcaAgent(accountId: string, agent: string): Promise<{ accountId: string; agent: string; registered: boolean; txHash: string; blockNumber: number; }>; getPcaInfo(accountId: string, probeKey?: string): Promise<{ accountId: string; owner: string; committedTRAC: string; committedTRACTrac: string; baseEpochAllowance: string; topUpBuffer: string; topUpBufferTrac: string; createdAtEpoch: number; expiresAtEpoch: number; createdAtTimestamp: number; expiresAtTimestamp: number; discountBps: number; agentCount: number; lastSettledWindow: number; fullySwept: boolean; probedKey?: { key: string; registered: boolean; adapterSupported?: boolean; error?: string; }; }>; publisherEnqueue(request: { contextGraphId: string; shareOperationId: string; roots: string[]; namespace: string; scope: string; authorityProofRef: string; swmId?: string; transitionType?: 'CREATE' | 'MUTATE' | 'REVOKE'; authorityType?: 'owner' | 'multisig' | 'quorum' | 'capability'; priorVersion?: string; subGraphName?: string; accessPolicy?: 'public' | 'ownerOnly' | 'allowList'; allowedPeers?: string[]; entityProofs?: boolean; publishEpochs?: number; /** Stringified bigint; `'0'` = mode d (no attribution) per RFC-001 §4. */ publisherNodeIdentityIdOverride?: string; seal?: { merkleRoot: `0x${string}`; authorAddress: `0x${string}`; signature: { r: `0x${string}`; vs: `0x${string}`; }; schemeVersion: number; }; }): Promise<{ jobId: string; contextGraphId: string; shareOperationId: string; rootsCount: number; }>; publisherJobs(status?: string): Promise<{ jobs: any[]; }>; publisherJob(jobId: string): Promise<{ job: any; }>; publisherJobPayload(jobId: string): Promise<{ job: any; payload: any; }>; publisherStats(): Promise>; publisherCancel(jobId: string): Promise<{ cancelled: string; }>; publisherRetry(status?: 'failed'): Promise<{ retried: number; }>; publisherClear(status: 'failed' | 'finalized'): Promise<{ cleared: number; status: 'failed' | 'finalized'; }>; captureEpcis(request: { epcisDocument: unknown; contextGraphId?: string; subGraphName?: string; publishOptions?: { accessPolicy?: 'public' | 'ownerOnly' | 'allowList'; allowedPeers?: string[]; }; }): Promise<{ captureID: string; receivedAt: string; eventCount: number; status: 'accepted'; }>; getEpcisCapture(captureID: string): Promise<{ captureID: string; state: 'accepted' | 'claimed' | 'validated' | 'broadcast' | 'included' | 'finalized' | 'failed'; receivedAt: string; finalizedAt: string | null; error: string | null; }>; queryEpcisEvents(params?: { contextGraphId?: string; subGraphName?: string; finalized?: boolean; epc?: string; bizStep?: string; bizLocation?: string; from?: string; to?: string; eventID?: string; eventType?: string; action?: string; disposition?: string; readPoint?: string; parentID?: string; childEPC?: string; inputEPC?: string; outputEPC?: string; anyEPC?: string; configurationId?: string; shipmentId?: string; perPage?: number; nextPageToken?: string; }): Promise<{ body: unknown; nextPageUrl: string | null; }>; queryEpcisEventsByPath(path: string): Promise<{ body: unknown; nextPageUrl: string | null; }>; /** * Run SPARQL via the daemon. `opts` covers the full /api/query surface — * memory-layer routing (`view`, `graphSuffix`, `verifiedGraph`, * `subGraphName`, `includeSharedMemory`, `includeContextGraphPartitions`, * `agentAddress`, `assertionName`), and P-13's `minTrust` (only meaningful * on `view: "verifiable-memory"`; ignored elsewhere). `contextGraphId` stays * in the 2nd positional slot for backwards compatibility. */ query(sparql: string, contextGraphId?: string, opts?: { graphSuffix?: string; includeSharedMemory?: boolean; includeContextGraphPartitions?: boolean; view?: 'working-memory' | 'shared-working-memory' | 'verifiable-memory'; agentAddress?: string; assertionName?: string; subGraphName?: string; verifiedGraph?: string; minTrust?: 'SelfAttested' | 'Endorsed' | 'PartiallyVerified' | 'ConsensusVerified' | 0 | 1 | 2 | 3; }): Promise<{ result: QueryResult; }>; readQueryCatalog(contextGraphId: string): Promise<{ result: QueryResult; }>; queryRemote(peerId: string, request: { lookupType: string; contextGraphId?: string; ual?: string; entityUri?: string; rdfType?: string; sparql?: string; limit?: number; timeout?: number; }): Promise<{ operationId: string; status: string; ntriples?: string; bindings?: string; entityUris?: string[]; truncated: boolean; resultCount: number; gasConsumed?: number; error?: string; }>; subscribeToContextGraph(contextGraphId: string, options?: { includeSharedMemory?: boolean; }): Promise<{ subscribed: string; catchup?: { connectedPeers: number; syncCapablePeers: number; peersTried: number; dataSynced: number; sharedMemorySynced: number; denied: boolean; deniedPeers: number; diagnostics?: { noProtocolPeers: number; durable: { fetchedMetaTriples: number; fetchedDataTriples: number; insertedMetaTriples: number; insertedDataTriples: number; bytesReceived: number; resumedPhases: number; emptyResponses: number; metaOnlyResponses: number; dataRejectedMissingMeta: number; rejectedKcs: number; failedPeers: number; }; sharedMemory: { fetchedMetaTriples: number; fetchedDataTriples: number; insertedMetaTriples: number; insertedDataTriples: number; bytesReceived: number; resumedPhases: number; emptyResponses: number; droppedDataTriples: number; failedPeers: number; }; }; } | { status: 'queued'; includeWorkspace: boolean; jobId: string; }; }>; /** @deprecated Use subscribeToContextGraph */ subscribe(contextGraphId: string, options?: { includeWorkspace?: boolean; }): Promise<{ subscribed: string; catchup?: { connectedPeers: number; syncCapablePeers: number; peersTried: number; dataSynced: number; sharedMemorySynced: number; denied: boolean; deniedPeers: number; diagnostics?: { noProtocolPeers: number; durable: { fetchedMetaTriples: number; fetchedDataTriples: number; insertedMetaTriples: number; insertedDataTriples: number; bytesReceived: number; resumedPhases: number; emptyResponses: number; metaOnlyResponses: number; dataRejectedMissingMeta: number; rejectedKcs: number; failedPeers: number; }; sharedMemory: { fetchedMetaTriples: number; fetchedDataTriples: number; insertedMetaTriples: number; insertedDataTriples: number; bytesReceived: number; resumedPhases: number; emptyResponses: number; droppedDataTriples: number; failedPeers: number; }; }; } | { status: 'queued'; includeWorkspace: boolean; jobId: string; }; }>; catchupStatus(contextGraphId: string): Promise<{ jobId: string; contextGraphId: string; includeWorkspace: boolean; status: 'queued' | 'running' | 'done' | 'denied' | 'failed' | 'unreachable'; queuedAt: number; startedAt?: number; finishedAt?: number; result?: { connectedPeers: number; syncCapablePeers: number; peersTried: number; peersSucceeded: number; dataSynced: number; sharedMemorySynced: number; denied: boolean; deniedPeers: number; diagnostics?: { noProtocolPeers: number; durable: { fetchedMetaTriples: number; fetchedDataTriples: number; insertedMetaTriples: number; insertedDataTriples: number; bytesReceived: number; resumedPhases: number; emptyResponses: number; metaOnlyResponses: number; dataRejectedMissingMeta: number; rejectedKcs: number; failedPeers: number; }; sharedMemory: { fetchedMetaTriples: number; fetchedDataTriples: number; insertedMetaTriples: number; insertedDataTriples: number; bytesReceived: number; resumedPhases: number; emptyResponses: number; droppedDataTriples: number; failedPeers: number; }; }; }; error?: string; }>; connect(multiaddr: string): Promise<{ connected: boolean; }>; /** * V10 DHT-based dial: hand the daemon a peer id, and it resolves the * peer's current multiaddrs via libp2p Kademlia * (`peerRouting.findPeer`) before dialling. Used by invites that carry * only a peer id so they survive relay rotations. */ connectByPeerId(peerId: string): Promise<{ connected: boolean; }>; createContextGraph(id: string, name: string, description?: string, options?: { private?: boolean; accessPolicy?: number; allowedAgents?: string[]; participantAgents?: string[]; /** * Atomic combined-flow flag. When `true`, the daemon registers the * CG on-chain in the same call after the local create step * succeeds. Required when `pcaAccountId` is supplied (a standalone * `createContextGraph` does NOT persist PCA ids — Codex PR #502 * round-3). */ register?: boolean; /** * Publish policy override forwarded to `registerContextGraph` in * the combined-flow path. Only meaningful together with * `register: true`. The agent otherwise defaults * `publishPolicy = curated (0)` for curated/private CGs and * `publishPolicy = open (1)` for public CGs — which makes the * valid `{ accessPolicy: 0 (public), publishPolicy: 0 (curated), * pcaAccountId }` combo unreachable unless the caller can pin * `publishPolicy` explicitly. Codex PR #502 round-10 (raised by * @branarakic). */ publishPolicy?: number; /** * Publishing Conviction Account id for PCA-curated registration. * Only meaningful together with `register: true`. The daemon * rejects the create-only-with-pcaAccountId combo with a 400 * (Codex PR #502 round-5). For a two-step flow, use * {@link registerContextGraph} instead. */ pcaAccountId?: string | number | bigint; }, allowedPeers?: string[]): Promise<{ created: string; uri: string; /** Present only when caller passed `register: true`. */ registered?: boolean; onChainId?: string; /** Present when `register: true` was requested but the register leg failed. */ registerError?: string; hint?: string; }>; createSubGraph(contextGraphId: string, subGraphName: string): Promise<{ created: string; contextGraphId: string; }>; registerContextGraph(id: string, opts?: { /** @deprecated V10 ContextGraphs registration ignores metadata reveal. */ revealOnChain?: boolean; accessPolicy?: number; publishPolicy?: number; pcaAccountId?: string | number | bigint; }): Promise<{ registered: string; onChainId: string; hint?: string; }>; /** @deprecated Use addAgent instead. */ inviteToContextGraph(contextGraphId: string, peerId: string): Promise<{ invited: string; contextGraphId: string; }>; addAgent(contextGraphId: string, agentAddress: string): Promise<{ ok: boolean; contextGraphId: string; agentAddress: string; }>; removeAgent(contextGraphId: string, agentAddress: string): Promise<{ ok: boolean; contextGraphId: string; agentAddress: string; }>; listAgents(contextGraphId: string): Promise<{ contextGraphId: string; allowedAgents: string[]; }>; /** * Sign-only join request. Returns the `SignedAgentDelegation` that * the local agent produced; does NOT forward over P2P. To deliver it * to the curator, follow up with `requestJoin(...)` and the * `curatorPeerId` from the V10 invite. PR #448 split sign vs forward * to fix a duplicate-forward bug — see daemon route comment. * * The `delegation` shape mirrors `SignedAgentDelegation` from * `@dkg/agent`: `version` is part of the digest grammar (see * `computeDelegationDigest`), not the on-the-wire payload, so it is * intentionally absent here. Verifiers re-derive the digest from the * fields below. */ signJoinRequest(contextGraphId: string): Promise<{ ok: boolean; contextGraphId: string; delegation: { agentAddress: string; scope: string; issuedAtMs: number; expiresAtMs: number; delegateePeerId?: string; delegateeOpKey?: string; signature: string; }; agentAddress: string; }>; /** * Forward a previously-signed join delegation to the curator over * P2P. The daemon dials `curatorPeerId` directly (DHT-resolved if * not currently connected) and falls back to broadcasting through * connected peers. Returns the delivery count so callers can detect * "no curator reachable" without inspecting log output. */ requestJoin(contextGraphId: string, delegation: unknown, curatorPeerId: string, agentName?: string): Promise<{ ok: boolean; status: string; delivered: number | 'local'; alreadyMember?: boolean; }>; approveJoin(contextGraphId: string, agentAddress: string): Promise<{ ok: boolean; status: string; agentAddress: string; }>; rejectJoin(contextGraphId: string, agentAddress: string): Promise<{ ok: boolean; status: string; agentAddress: string; }>; listJoinRequests(contextGraphId: string): Promise<{ contextGraphId: string; requests: Array<{ agentAddress: string; status: string; timestamp?: string; agentName?: string; }>; }>; getAgentIdentity(): Promise<{ agentAddress: string; agentDid: string; name: string; peerId: string; }>; listContextGraphs(): Promise<{ contextGraphs: Array<{ id: string; uri: string; name: string; description?: string; creator?: string; createdAt?: string; isSystem: boolean; subscribed?: boolean; synced?: boolean; curator?: string; accessPolicy?: string; callerInvolved?: boolean; }>; }>; contextGraphExists(id: string): Promise<{ id: string; exists: boolean; }>; verify(request: { contextGraphId: string; verifiableMemoryId: string; batchId: string; timeoutMs?: number; requiredSignatures?: number; }): Promise<{ txHash?: string; blockNumber?: number; verifiableMemoryId: string; signers: string[]; status?: 'verified' | 'partial' | 'no_quorum'; trustLevel?: number; }>; endorse(request: { contextGraphId: string; ual: string; /** * Optional. If supplied it MUST match the address resolved from * the bearer token; the daemon rejects any mismatch with 403. * Prefer omitting and relying on the token — see A-12 review on * /api/endorse for the provenance-forgery rationale. */ agentAddress?: string; }): Promise<{ endorsed: boolean; endorserAddress: string; }>; importAssertionFile(name: string, request: { filePath: string; contextGraphId: string; contentType?: string; ontologyRef?: string; subGraphName?: string; }): Promise<{ assertionUri: string; fileHash: string; detectedContentType?: string; extraction?: { status: string; tripleCount?: number; pipelineUsed?: string; mdIntermediateHash?: string; error?: string; }; }>; assertionExtractionStatus(name: string, contextGraphId: string, subGraphName?: string): Promise<{ assertionUri?: string; fileHash?: string; status?: string; tripleCount?: number; pipelineUsed?: string; mdIntermediateHash?: string; error?: string; }>; promoteAssertion(name: string, request: { contextGraphId: string; entities?: 'all' | string[]; subGraphName?: string; }): Promise<{ promoted?: boolean; swmShared?: boolean; promotedCount?: number; contextGraphId?: string; count?: number; sharedMemoryGraph?: string; rootEntities?: string[]; }>; queryAssertion(name: string, request: { contextGraphId: string; subGraphName?: string; }): Promise<{ quads: Array<{ subject: string; predicate: string; object: string; graph: string; }>; count: number; }>; publishCclPolicy(request: { contextGraphId: string; name: string; version: string; content: string; description?: string; contextType?: string; language?: string; format?: string; }): Promise<{ policyUri: string; hash: string; status: 'proposed'; }>; approveCclPolicy(request: { contextGraphId: string; policyUri: string; contextType?: string; }): Promise<{ policyUri: string; bindingUri: string; contextType?: string; approvedAt: string; }>; revokeCclPolicy(request: { contextGraphId: string; policyUri: string; contextType?: string; }): Promise<{ policyUri: string; bindingUri: string; contextType?: string; revokedAt: string; status: 'revoked'; }>; listCclPolicies(opts?: { contextGraphId?: string; name?: string; contextType?: string; status?: string; includeBody?: boolean; }): Promise<{ policies: any[]; }>; resolveCclPolicy(opts: { contextGraphId: string; name: string; contextType?: string; includeBody?: boolean; }): Promise<{ policy: any | null; }>; evaluateCclPolicy(request: { contextGraphId: string; name: string; facts?: Array<[string, ...unknown[]]>; contextType?: string; view?: string; snapshotId?: string; scopeUal?: string; publishResult?: boolean; }): Promise<{ policy: any; context: any; factSetHash: string; factQueryHash: string; factResolverVersion: string; factResolutionMode: 'manual' | 'snapshot-resolved'; result: any; }>; listCclEvaluations(opts: { contextGraphId: string; policyUri?: string; snapshotId?: string; view?: string; contextType?: string; resultKind?: 'derived' | 'decision'; resultName?: string; }): Promise<{ evaluations: any[]; }>; shutdown(): Promise; private authHeaders; private get; private post; private del; private postForm; /** Create an Error with an `httpStatus` property so callers can distinguish * application-level responses from connection failures. */ static httpError(status: number, message?: string, responseBody?: unknown): Error & { httpStatus: number; responseBody?: unknown; }; private static errorMessageFromBody; } //# sourceMappingURL=api-client.d.ts.map