config

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 17, 2026 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ValidLogLevels         = map[string]bool{"debug": true, "info": true, "warn": true, "error": true}
	ValidLogFormats        = map[string]bool{"json": true, "console": true}
	ValidSignerProviders   = map[string]bool{"local": true, "rpc": true, "enclave": true, "aws-kms": true, "gcp-kms": true, "azure-kv": true, "pkcs11": true}
	ValidWalletProviders   = map[string]bool{"local": true, "rpc": true, "composite": true}
	ValidZKPSchemes        = map[string]bool{"plonk": true, "groth16": true}
	ValidContainerRuntimes = map[string]bool{"auto": true, "docker": true, "gvisor": true, "native": true}
	ValidMCPTransports     = map[string]bool{"": true, "stdio": true, "http": true, "sse": true}
)

Validation maps for configuration values.

View Source 
var ProviderTypeToEmbeddingType = map[types.ProviderType]string{
	types.ProviderOpenAI:    "openai",
	types.ProviderGemini:    "google",
	types.ProviderGoogle:    "google",
	types.ProviderAnthropic: "",
	types.ProviderOllama:    "local",
}

ProviderTypeToEmbeddingType maps a provider config type to the corresponding embedding backend type.

Functions

func ExpandEnvVars added in v0.4.0 

func ExpandEnvVars(s string) string

ExpandEnvVars replaces ${VAR} patterns in s with environment variable values. Variables that are not set in the environment are left as-is.

func IsValidPreset added in v0.6.0 

func IsValidPreset(name string) bool

IsValidPreset checks if the given name is a valid preset.

func NormalizePaths added in v0.6.0 

func NormalizePaths(cfg *Config)

NormalizePaths resolves relative data paths to be under DataRoot and expands ~ in all path fields. Call after Load/Unmarshal.

func PostLoad added in v0.6.0 

func PostLoad(cfg *Config) error

PostLoad applies post-load processing: legacy migration, env substitution, path normalization, path validation, and full config validation. All operations are idempotent — safe to call multiple times on the same config.

func Validate 

func Validate(cfg *Config) error

Validate checks if the configuration is valid

func ValidateDataPaths added in v0.6.0 

func ValidateDataPaths(cfg *Config) error

ValidateDataPaths checks that all configurable data paths reside under DataRoot. Must be called after NormalizePaths (paths are already cleaned absolute paths).

Types

type A2AConfig 

type A2AConfig struct {
	// Enable A2A protocol support.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// BaseURL is the external URL where this agent is reachable.
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`

	// AgentName is the name advertised in the Agent Card.
	AgentName string `mapstructure:"agentName" json:"agentName"`

	// AgentDescription is the description in the Agent Card.
	AgentDescription string `mapstructure:"agentDescription" json:"agentDescription"`

	// RemoteAgents is a list of external A2A agents to integrate as sub-agents.
	RemoteAgents []RemoteAgentConfig `mapstructure:"remoteAgents" json:"remoteAgents"`
}

A2AConfig defines Agent-to-Agent protocol settings.

type AgentConfig 

type AgentConfig struct {
	// Default model provider (anthropic, openai, google)
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID to use
	Model string `mapstructure:"model" json:"model"`

	// Maximum tokens for context window
	MaxTokens int `mapstructure:"maxTokens" json:"maxTokens"`

	// Temperature for generation
	Temperature float64 `mapstructure:"temperature" json:"temperature"`

	// PromptsDir is the directory containing section .md files (AGENTS.md, SAFETY.md, etc.)
	// If empty, built-in default sections are used.
	PromptsDir string `mapstructure:"promptsDir" json:"promptsDir"`

	// Fallback provider ID
	FallbackProvider string `mapstructure:"fallbackProvider" json:"fallbackProvider"`

	// Fallback model ID
	FallbackModel string `mapstructure:"fallbackModel" json:"fallbackModel"`

	// MultiAgent enables hierarchical sub-agent orchestration.
	// When false (default), a single monolithic agent handles all tasks.
	MultiAgent bool `mapstructure:"multiAgent" json:"multiAgent"`

	// RequestTimeout is the maximum duration for a single agent request (default: 5m).
	RequestTimeout time.Duration `mapstructure:"requestTimeout" json:"requestTimeout"`

	// ToolTimeout is the maximum duration for a single tool call execution (default: 2m).
	ToolTimeout time.Duration `mapstructure:"toolTimeout" json:"toolTimeout"`

	// MaxTurns limits the number of tool-calling iterations per agent run (default: 25).
	// Zero means use the default.
	MaxTurns int `mapstructure:"maxTurns" json:"maxTurns"`

	// ErrorCorrectionEnabled enables learning-based error correction (default: true).
	// When nil, defaults to true if the knowledge system is enabled.
	ErrorCorrectionEnabled *bool `mapstructure:"errorCorrectionEnabled" json:"errorCorrectionEnabled"`

	// MaxDelegationRounds limits orchestrator→sub-agent delegation rounds per turn (default: 10).
	// Zero means use the default.
	MaxDelegationRounds int `mapstructure:"maxDelegationRounds" json:"maxDelegationRounds"`

	// AutoExtendTimeout enables automatic deadline extension when agent activity is detected.
	// When true, the timeout is extended on each agent event (tool call, text chunk) up to MaxRequestTimeout.
	AutoExtendTimeout bool `mapstructure:"autoExtendTimeout" json:"autoExtendTimeout"`

	// MaxRequestTimeout is the absolute maximum duration for a request when auto-extend is enabled.
	// Defaults to 3x RequestTimeout (e.g. 15m if RequestTimeout is 5m).
	MaxRequestTimeout time.Duration `mapstructure:"maxRequestTimeout" json:"maxRequestTimeout"`

	// IdleTimeout is the duration of inactivity (no streaming chunks, tool calls, or model responses)
	// before a request is timed out. When set, RequestTimeout becomes the hard ceiling.
	// Set to -1 to disable idle timeout and use fixed RequestTimeout instead.
	// Default: 0 (disabled for backward compatibility; new installs should set 2m).
	IdleTimeout time.Duration `mapstructure:"idleTimeout" json:"idleTimeout"`

	// AgentsDir is the directory containing user-defined AGENT.md files.
	// Structure: <dir>/<name>/AGENT.md
	// If empty, only built-in agents are used.
	AgentsDir string `mapstructure:"agentsDir" json:"agentsDir"`
}

AgentConfig defines LLM agent settings

type AgentMemoryConfig added in v0.4.0 

type AgentMemoryConfig struct {
	// Enable agent memory system
	Enabled bool `mapstructure:"enabled" json:"enabled"`
}

AgentMemoryConfig defines agent-scoped persistent memory settings.

type ApprovalPolicy 

type ApprovalPolicy string

ApprovalPolicy determines which tools require approval before execution. 

const (
	// ApprovalPolicyDangerous requires approval for Dangerous-level tools (default).
	ApprovalPolicyDangerous ApprovalPolicy = "dangerous"
	// ApprovalPolicyAll requires approval for all tools.
	ApprovalPolicyAll ApprovalPolicy = "all"
	// ApprovalPolicyConfigured requires approval only for explicitly listed SensitiveTools.
	ApprovalPolicyConfigured ApprovalPolicy = "configured"
	// ApprovalPolicyNone disables approval entirely.
	ApprovalPolicyNone ApprovalPolicy = "none"
)

func (ApprovalPolicy) Valid 

func (p ApprovalPolicy) Valid() bool

Valid reports whether p is a known approval policy.

func (ApprovalPolicy) Values 

func (p ApprovalPolicy) Values() []ApprovalPolicy

Values returns all known approval policies.

type AuditConfig added in v0.5.0 

type AuditConfig struct {
	// Enabled activates audit logging.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// RetentionDays controls how long audit records are kept (default: 90).
	RetentionDays int `mapstructure:"retentionDays" json:"retentionDays"`
}

AuditConfig defines audit log settings.

type AuthConfig 

type AuthConfig struct {
	// OIDC Providers
	Providers map[string]OIDCProviderConfig `mapstructure:"providers" json:"providers"`
}

AuthConfig defines authentication settings

type AzureKVConfig 

type AzureKVConfig struct {
	// VaultURL is the Azure Key Vault URL (e.g. "https://myvault.vault.azure.net").
	VaultURL string `mapstructure:"vaultUrl" json:"vaultUrl"`

	// KeyVersion is the specific key version to use (empty = latest).
	KeyVersion string `mapstructure:"keyVersion" json:"keyVersion,omitempty"`
}

AzureKVConfig defines Azure Key Vault specific settings.

type BackgroundConfig 

type BackgroundConfig struct {
	// Enable the background task system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Time in milliseconds before an agent turn is auto-yielded to background.
	YieldMs int `mapstructure:"yieldMs" json:"yieldMs"`

	// Maximum number of concurrently running background tasks.
	MaxConcurrentTasks int `mapstructure:"maxConcurrentTasks" json:"maxConcurrentTasks"`

	// TaskTimeout is the maximum duration for a single background task (default: 30m).
	TaskTimeout time.Duration `mapstructure:"taskTimeout" json:"taskTimeout"`

	// Default delivery channels when channel is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

BackgroundConfig defines background task execution settings.

type BrowserToolConfig 

type BrowserToolConfig struct {
	// Enable browser tools (requires Chromium)
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Run headless
	Headless bool `mapstructure:"headless" json:"headless"`

	// Path to browser binary (empty = auto-detect via launcher.LookPath)
	BrowserBin string `mapstructure:"browserBin" json:"browserBin"`

	// Session timeout
	SessionTimeout time.Duration `mapstructure:"sessionTimeout" json:"sessionTimeout"`
}

BrowserToolConfig defines browser automation settings

type BudgetConfig added in v0.5.0 

type BudgetConfig struct {
	// DefaultMax is the default maximum budget per task in USDC (e.g. "10.00").
	DefaultMax string `mapstructure:"defaultMax" json:"defaultMax"`

	// AlertThresholds are percentage thresholds that trigger budget alerts (e.g. [0.5, 0.8, 0.95]).
	AlertThresholds []float64 `mapstructure:"alertThresholds" json:"alertThresholds"`

	// HardLimit enforces budget as a hard cap (rejects overspend). Default: true.
	HardLimit *bool `mapstructure:"hardLimit" json:"hardLimit"`
}

BudgetConfig defines per-task spending limits.

type ChannelsConfig 

type ChannelsConfig struct {
	Telegram TelegramConfig `mapstructure:"telegram" json:"telegram"`
	Discord  DiscordConfig  `mapstructure:"discord" json:"discord"`
	Slack    SlackConfig    `mapstructure:"slack" json:"slack"`
}

ChannelsConfig holds all channel configurations

type Config 

type Config struct {
	// DataRoot is the root directory for all lango data files (default: ~/.lango/).
	// All configurable data paths (database, graph, skills, etc.) must reside under this directory.
	// This can be overridden (e.g., for Docker: /data/lango/) but all sub-paths must stay under it.
	DataRoot string `mapstructure:"dataRoot" json:"dataRoot,omitempty"`

	// Server configuration
	Server ServerConfig `mapstructure:"server" json:"server"`

	// Agent configuration
	Agent AgentConfig `mapstructure:"agent" json:"agent"`

	// Channel configurations
	Channels ChannelsConfig `mapstructure:"channels" json:"channels"`

	// Logging configuration
	Logging LoggingConfig `mapstructure:"logging" json:"logging"`

	// Session configuration
	Session SessionConfig `mapstructure:"session" json:"session"`

	// Tools configuration
	Tools ToolsConfig `mapstructure:"tools" json:"tools"`

	// Hooks configuration (tool execution hooks)
	Hooks HooksConfig `mapstructure:"hooks" json:"hooks"`

	// Auth configuration
	Auth AuthConfig `mapstructure:"auth" json:"auth"`

	// Security configuration
	Security SecurityConfig `mapstructure:"security" json:"security"`

	// Knowledge configuration
	Knowledge KnowledgeConfig `mapstructure:"knowledge" json:"knowledge"`

	// Observational Memory configuration
	ObservationalMemory ObservationalMemoryConfig `mapstructure:"observationalMemory" json:"observationalMemory"`

	// Embedding / RAG configuration
	Embedding EmbeddingConfig `mapstructure:"embedding" json:"embedding"`

	// Graph store configuration
	Graph GraphConfig `mapstructure:"graph" json:"graph"`

	// A2A protocol configuration
	A2A A2AConfig `mapstructure:"a2a" json:"a2a"`

	// Payment configuration (blockchain micropayments)
	Payment PaymentConfig `mapstructure:"payment" json:"payment"`

	// Cron scheduling configuration
	Cron CronConfig `mapstructure:"cron" json:"cron"`

	// Background task execution configuration
	Background BackgroundConfig `mapstructure:"background" json:"background"`

	// Workflow engine configuration
	Workflow WorkflowConfig `mapstructure:"workflow" json:"workflow"`

	// Skill configuration (file-based skills)
	Skill SkillConfig `mapstructure:"skill" json:"skill"`

	// Librarian configuration (proactive knowledge agent)
	Librarian LibrarianConfig `mapstructure:"librarian" json:"librarian"`

	// P2P network configuration
	P2P P2PConfig `mapstructure:"p2p" json:"p2p"`

	// Agent Memory configuration (per-agent persistent memory)
	AgentMemory AgentMemoryConfig `mapstructure:"agentMemory" json:"agentMemory"`

	// MCP server integration configuration
	MCP MCPConfig `mapstructure:"mcp" json:"mcp"`

	// Economy layer configuration (budget, risk, escrow, pricing, negotiation)
	Economy EconomyConfig `mapstructure:"economy" json:"economy"`

	// Smart Account configuration (ERC-7579 modular accounts)
	SmartAccount SmartAccountConfig `mapstructure:"smartAccount" json:"smartAccount"`

	// Gatekeeper configuration (response sanitization)
	Gatekeeper GatekeeperConfig `mapstructure:"gatekeeper" json:"gatekeeper"`

	// Observability configuration (token tracking, health, audit, metrics)
	Observability ObservabilityConfig `mapstructure:"observability" json:"observability"`

	// Providers configuration
	Providers map[string]ProviderConfig `mapstructure:"providers" json:"providers"`
}

Config is the root configuration structure for lango

func DefaultConfig 

func DefaultConfig() *Config

DefaultConfig returns a Config with sensible defaults

func Load 

func Load(configPath string) (*Config, error)

Load reads configuration from file and environment

func PresetConfig added in v0.6.0 

func PresetConfig(name string) *Config

PresetConfig returns a Config for the given preset name. Unknown names return DefaultConfig().

func (*Config) MigrateEmbeddingProvider 

func (c *Config) MigrateEmbeddingProvider()

MigrateEmbeddingProvider migrates legacy configs that use separate ProviderID and Provider fields into the unified Provider field, and consolidates the deprecated Local.Model into the canonical Model field.

func (*Config) ResolveEmbeddingProvider 

func (c *Config) ResolveEmbeddingProvider() (backendType, apiKey string)

ResolveEmbeddingProvider returns the embedding backend type and API key for the configured embedding provider. The Provider field can be "local" (Ollama) or a key in the providers map. Legacy configs with ProviderID are handled via MigrateEmbeddingProvider.

type ContainerSandboxConfig 

type ContainerSandboxConfig struct {
	// Enabled activates container-based sandbox instead of subprocess isolation.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Runtime selects the container runtime: "auto", "docker", "gvisor", or "native" (default: "auto").
	Runtime string `mapstructure:"runtime" json:"runtime"`

	// Image is the Docker image for the sandbox container (default: "lango-sandbox:latest").
	Image string `mapstructure:"image" json:"image"`

	// NetworkMode is the Docker network mode for sandbox containers (default: "none").
	NetworkMode string `mapstructure:"networkMode" json:"networkMode"`

	// ReadOnlyRootfs mounts the container root filesystem as read-only (default: true).
	ReadOnlyRootfs *bool `mapstructure:"readOnlyRootfs" json:"readOnlyRootfs"`

	// CPUQuotaUS is the Docker CPU quota in microseconds (0 = unlimited).
	CPUQuotaUS int64 `mapstructure:"cpuQuotaUs" json:"cpuQuotaUs"`

	// PoolSize is the number of pre-warmed containers in the pool (0 = disabled).
	PoolSize int `mapstructure:"poolSize" json:"poolSize"`

	// PoolIdleTimeout is the idle timeout before pool containers are recycled (default: 5m).
	PoolIdleTimeout time.Duration `mapstructure:"poolIdleTimeout" json:"poolIdleTimeout"`
}

ContainerSandboxConfig configures container-based tool execution isolation.

type CronConfig 

type CronConfig struct {
	// Enable the cron scheduling system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Default timezone for cron schedules (e.g. "Asia/Seoul").
	Timezone string `mapstructure:"timezone" json:"timezone"`

	// Maximum number of concurrently executing jobs.
	MaxConcurrentJobs int `mapstructure:"maxConcurrentJobs" json:"maxConcurrentJobs"`

	// Default session mode for jobs: "isolated" or "main".
	DefaultSessionMode string `mapstructure:"defaultSessionMode" json:"defaultSessionMode"`

	// How long to retain job execution history (e.g. "30d", "720h").
	HistoryRetention string `mapstructure:"historyRetention" json:"historyRetention"`

	// DefaultJobTimeout is the maximum duration for a single job execution (default: 30m).
	DefaultJobTimeout time.Duration `mapstructure:"defaultJobTimeout" json:"defaultJobTimeout"`

	// Default delivery channels when deliver_to is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

CronConfig defines cron scheduling settings.

type DBEncryptionConfig 

type DBEncryptionConfig struct {
	// Enabled activates SQLCipher encryption for the application database.
	Enabled bool `mapstructure:"enabled" json:"enabled"`
	// CipherPageSize is the SQLCipher cipher_page_size PRAGMA (default: 4096).
	CipherPageSize int `mapstructure:"cipherPageSize" json:"cipherPageSize"`
}

DBEncryptionConfig defines SQLCipher transparent database encryption settings.

type DiscordConfig 

type DiscordConfig struct {
	// Enable Discord channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot token from Discord Developer Portal
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// Application ID for slash commands
	ApplicationID string `mapstructure:"applicationId" json:"applicationId"`

	// Allowed guild IDs (empty = allow all)
	AllowedGuilds []string `mapstructure:"allowedGuilds" json:"allowedGuilds"`
}

DiscordConfig defines Discord bot settings

type DynamicPricingConfig added in v0.5.0 

type DynamicPricingConfig struct {
	// Enabled activates dynamic pricing.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// TrustDiscount is the max discount for high-trust peers (0-1, default: 0.1).
	TrustDiscount float64 `mapstructure:"trustDiscount" json:"trustDiscount"`

	// VolumeDiscount is the max discount for high-volume peers (0-1, default: 0.05).
	VolumeDiscount float64 `mapstructure:"volumeDiscount" json:"volumeDiscount"`

	// MinPrice is the minimum price floor in USDC (e.g. "0.01").
	MinPrice string `mapstructure:"minPrice" json:"minPrice"`
}

DynamicPricingConfig defines dynamic pricing adjustment settings.

type EconomyConfig added in v0.5.0 

type EconomyConfig struct {
	// Enabled activates the economy layer.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Budget controls per-task spending limits.
	Budget BudgetConfig `mapstructure:"budget" json:"budget"`

	// Risk configures trust-based payment strategy routing.
	Risk RiskConfig `mapstructure:"risk" json:"risk"`

	// Negotiate configures the P2P negotiation protocol.
	Negotiate NegotiationConfig `mapstructure:"negotiate" json:"negotiate"`

	// Escrow configures the milestone-based escrow service.
	Escrow EscrowConfig `mapstructure:"escrow" json:"escrow"`

	// Pricing configures dynamic pricing adjustments.
	Pricing DynamicPricingConfig `mapstructure:"pricing" json:"pricing"`
}

EconomyConfig defines P2P economy layer settings (budget, risk, escrow, pricing, negotiation).

type EmbeddingConfig 

type EmbeddingConfig struct {
	// Provider selects the embedding provider. Set to "local" for Ollama-based
	// local embeddings, or use a key from the providers map (e.g., "my-openai",
	// "gemini-1") to resolve the backend type and API key automatically.
	Provider string `mapstructure:"provider" json:"provider"`

	// Deprecated: ProviderID is kept only for backwards-compatible config loading.
	// New configs should use Provider for both local and remote providers.
	ProviderID string `mapstructure:"providerID" json:"providerID,omitempty"`

	// Model is the embedding model identifier.
	Model string `mapstructure:"model" json:"model"`

	// Dimensions is the embedding vector dimensionality.
	Dimensions int `mapstructure:"dimensions" json:"dimensions"`

	// Local holds settings for the local (Ollama) provider.
	Local LocalEmbeddingConfig `mapstructure:"local" json:"local"`

	// RAG holds retrieval-augmented generation settings.
	RAG RAGConfig `mapstructure:"rag" json:"rag"`
}

EmbeddingConfig defines embedding and RAG settings.

type EscrowConfig added in v0.5.0 

type EscrowConfig struct {
	// Enabled activates the escrow service.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// DefaultTimeout is the escrow expiration timeout (default: 24h).
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// MaxMilestones is the maximum milestones per escrow (default: 10).
	MaxMilestones int `mapstructure:"maxMilestones" json:"maxMilestones"`

	// AutoRelease releases funds automatically when all milestones are met.
	AutoRelease bool `mapstructure:"autoRelease" json:"autoRelease"`

	// DisputeWindow is the time window for raising disputes after completion (default: 1h).
	DisputeWindow time.Duration `mapstructure:"disputeWindow" json:"disputeWindow"`

	// Settlement configures on-chain settlement for escrow.
	Settlement EscrowSettlementConfig `mapstructure:"settlement" json:"settlement"`

	// OnChain configures the on-chain escrow hub/vault system.
	OnChain EscrowOnChainConfig `mapstructure:"onChain" json:"onChain"`
}

EscrowConfig defines milestone-based escrow settings.

type EscrowOnChainConfig added in v0.5.0 

type EscrowOnChainConfig struct {
	// Enabled activates on-chain escrow mode.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Mode selects the on-chain escrow pattern: "hub" or "vault".
	Mode string `mapstructure:"mode" json:"mode"`

	// ContractVersion selects the contract version: "v1" or "v2" (default: auto-detect).
	ContractVersion string `mapstructure:"contractVersion" json:"contractVersion"`

	// HubAddress is the deployed LangoEscrowHub contract address.
	HubAddress string `mapstructure:"hubAddress" json:"hubAddress"`

	// HubV2Address is the deployed LangoEscrowHubV2 proxy address (UUPS).
	HubV2Address string `mapstructure:"hubV2Address" json:"hubV2Address"`

	// VaultFactoryAddress is the deployed LangoVaultFactory contract address.
	VaultFactoryAddress string `mapstructure:"vaultFactoryAddress" json:"vaultFactoryAddress"`

	// VaultImplementation is the LangoVault implementation address for cloning.
	VaultImplementation string `mapstructure:"vaultImplementation" json:"vaultImplementation"`

	// BeaconAddress is the UpgradeableBeacon address for V2 vaults.
	BeaconAddress string `mapstructure:"beaconAddress" json:"beaconAddress"`

	// BeaconFactoryAddress is the LangoBeaconVaultFactory address for V2 vaults.
	BeaconFactoryAddress string `mapstructure:"beaconFactoryAddress" json:"beaconFactoryAddress"`

	// DirectSettlerAddress is the deployed DirectSettler contract address (V2).
	DirectSettlerAddress string `mapstructure:"directSettlerAddress" json:"directSettlerAddress"`

	// MilestoneSettlerAddress is the deployed MilestoneSettler contract address (V2).
	MilestoneSettlerAddress string `mapstructure:"milestoneSettlerAddress" json:"milestoneSettlerAddress"`

	// ArbitratorAddress is the dispute arbitrator address.
	ArbitratorAddress string `mapstructure:"arbitratorAddress" json:"arbitratorAddress"`

	// PollInterval is the event monitor polling interval (default: 15s).
	PollInterval time.Duration `mapstructure:"pollInterval" json:"pollInterval"`

	// ConfirmationDepth is the number of blocks to wait before processing events
	// to protect against L2 reorgs (default: 2 for Base L2).
	ConfirmationDepth uint64 `mapstructure:"confirmationDepth" json:"confirmationDepth"`

	// TokenAddress is the ERC-20 token (USDC) contract address.
	TokenAddress string `mapstructure:"tokenAddress" json:"tokenAddress"`
}

EscrowOnChainConfig configures on-chain escrow contract integration.

func (EscrowOnChainConfig) IsV2 added in v0.6.0 

func (c EscrowOnChainConfig) IsV2() bool

IsV2 returns true if the on-chain config uses V2 contracts. Auto-detects based on HubV2Address presence when ContractVersion is empty.

type EscrowSettlementConfig added in v0.5.0 

type EscrowSettlementConfig struct {
	// ReceiptTimeout is the maximum wait for on-chain confirmation (default: 2m).
	ReceiptTimeout time.Duration `mapstructure:"receiptTimeout" json:"receiptTimeout"`

	// MaxRetries is the maximum transaction submission attempts (default: 3).
	MaxRetries int `mapstructure:"maxRetries" json:"maxRetries"`
}

EscrowSettlementConfig configures on-chain settlement parameters for escrow.

type ExecToolConfig 

type ExecToolConfig struct {
	// Default timeout for commands
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// Allow background processes
	AllowBackground bool `mapstructure:"allowBackground" json:"allowBackground"`

	// Working directory (empty = current)
	WorkDir string `mapstructure:"workDir" json:"workDir"`

	// AdditionalProtectedPaths specifies extra paths that the exec tool
	// should block access to (in addition to the DataRoot).
	AdditionalProtectedPaths []string `mapstructure:"additionalProtectedPaths" json:"additionalProtectedPaths,omitempty"`
}

ExecToolConfig defines shell execution settings

type FilesystemToolConfig 

type FilesystemToolConfig struct {
	// Maximum file size to read
	MaxReadSize int64 `mapstructure:"maxReadSize" json:"maxReadSize"`

	// Allowed paths (empty = allow all)
	AllowedPaths []string `mapstructure:"allowedPaths" json:"allowedPaths"`
}

FilesystemToolConfig defines file access settings

type FirewallRule 

type FirewallRule struct {
	// PeerDID is the DID of the peer this rule applies to ("*" for all).
	PeerDID string `mapstructure:"peerDid" json:"peerDid"`

	// Action is "allow" or "deny".
	Action string `mapstructure:"action" json:"action"`

	// Tools lists tool name patterns this rule applies to.
	Tools []string `mapstructure:"tools" json:"tools"`

	// RateLimit is the maximum requests per minute (0 = unlimited).
	RateLimit int `mapstructure:"rateLimit" json:"rateLimit"`
}

FirewallRule defines an ACL rule for the knowledge firewall.

type GatekeeperConfig added in v0.6.0 

type GatekeeperConfig struct {
	// Master switch (nil defaults to true — enabled by default)
	Enabled *bool `mapstructure:"enabled" json:"enabled"`

	// Strip <thought>/<thinking> tags from responses
	StripThoughtTags *bool `mapstructure:"stripThoughtTags" json:"stripThoughtTags"`

	// Strip lines starting with [INTERNAL], [DEBUG], [SYSTEM], [OBSERVATION]
	StripInternalMarkers *bool `mapstructure:"stripInternalMarkers" json:"stripInternalMarkers"`

	// Replace large raw JSON code blocks with a placeholder
	StripRawJSON *bool `mapstructure:"stripRawJSON" json:"stripRawJSON"`

	// Character threshold for raw JSON replacement (default: 500)
	RawJSONThreshold int `mapstructure:"rawJsonThreshold" json:"rawJsonThreshold"`

	// Additional regex patterns to strip from responses
	CustomPatterns []string `mapstructure:"customPatterns" json:"customPatterns"`
}

GatekeeperConfig defines response sanitization (output gatekeeper) settings.

type GraphConfig 

type GraphConfig struct {
	// Enable the graph store.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Backend type: "bolt" (default, embedded BoltDB) or "rocksdb".
	Backend string `mapstructure:"backend" json:"backend"`

	// DatabasePath is the file path for the graph database.
	// Defaults to a "graph.db" file next to the session database.
	DatabasePath string `mapstructure:"databasePath" json:"databasePath"`

	// MaxTraversalDepth limits graph expansion depth (default: 2).
	MaxTraversalDepth int `mapstructure:"maxTraversalDepth" json:"maxTraversalDepth"`

	// MaxExpansionResults limits how many graph-expanded results to return (default: 10).
	MaxExpansionResults int `mapstructure:"maxExpansionResults" json:"maxExpansionResults"`
}

GraphConfig defines graph store settings for relationship-aware retrieval.

type HealthConfig added in v0.5.0 

type HealthConfig struct {
	// Enabled activates health checks (default: true when observability is enabled).
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Interval is the health check interval (default: 30s).
	Interval time.Duration `mapstructure:"interval" json:"interval"`
}

HealthConfig defines health check settings.

type HooksConfig added in v0.4.0 

type HooksConfig struct {
	// Enabled activates the hook system (default: true when multi-agent is enabled).
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// SecurityFilter enables the security filter hook that blocks dangerous commands.
	SecurityFilter bool `mapstructure:"securityFilter" json:"securityFilter"`

	// AccessControl enables per-agent tool access control.
	AccessControl bool `mapstructure:"accessControl" json:"accessControl"`

	// EventPublishing enables publishing tool execution events to the event bus.
	EventPublishing bool `mapstructure:"eventPublishing" json:"eventPublishing"`

	// KnowledgeSave enables automatic knowledge saving from tool results.
	KnowledgeSave bool `mapstructure:"knowledgeSave" json:"knowledgeSave"`

	// BlockedCommands is a list of command patterns to block (security filter).
	BlockedCommands []string `mapstructure:"blockedCommands" json:"blockedCommands"`
}

HooksConfig defines tool execution hook settings.

type InterceptorConfig 

type InterceptorConfig struct {
	Enabled             bool              `mapstructure:"enabled" json:"enabled"`
	RedactPII           bool              `mapstructure:"redactPii" json:"redactPii"`
	ApprovalPolicy      ApprovalPolicy    `mapstructure:"approvalPolicy" json:"approvalPolicy"` // default: "dangerous"
	HeadlessAutoApprove bool              `mapstructure:"headlessAutoApprove" json:"headlessAutoApprove"`
	NotifyChannel       string            `mapstructure:"notifyChannel" json:"notifyChannel"` // e.g. "discord", "telegram"
	SensitiveTools      []string          `mapstructure:"sensitiveTools" json:"sensitiveTools"`
	ExemptTools         []string          `mapstructure:"exemptTools" json:"exemptTools"` // Tools exempt from approval regardless of policy
	PIIRegexPatterns    []string          `mapstructure:"piiRegexPatterns" json:"piiRegexPatterns"`
	ApprovalTimeoutSec  int               `mapstructure:"approvalTimeoutSec" json:"approvalTimeoutSec"` // default 30
	PIIDisabledPatterns []string          `mapstructure:"piiDisabledPatterns" json:"piiDisabledPatterns"`
	PIICustomPatterns   map[string]string `mapstructure:"piiCustomPatterns" json:"piiCustomPatterns"`
	Presidio            PresidioConfig    `mapstructure:"presidio" json:"presidio"`
}

InterceptorConfig defines AI Privacy Interceptor settings

type KMSConfig 

type KMSConfig struct {
	// Region is the cloud region for KMS API calls (e.g. "us-east-1", "us-central1").
	Region string `mapstructure:"region" json:"region"`

	// KeyID is the KMS key identifier (ARN, resource name, or alias).
	KeyID string `mapstructure:"keyId" json:"keyId"`

	// Endpoint is an optional custom endpoint for KMS API calls (useful for testing).
	Endpoint string `mapstructure:"endpoint" json:"endpoint,omitempty"`

	// FallbackToLocal enables automatic fallback to the local CryptoProvider when KMS is unavailable.
	FallbackToLocal bool `mapstructure:"fallbackToLocal" json:"fallbackToLocal"`

	// TimeoutPerOperation is the maximum duration for a single KMS API call (default: 5s).
	TimeoutPerOperation time.Duration `mapstructure:"timeoutPerOperation" json:"timeoutPerOperation"`

	// MaxRetries is the number of retry attempts for transient KMS errors (default: 3).
	MaxRetries int `mapstructure:"maxRetries" json:"maxRetries"`

	// Azure holds Azure Key Vault specific settings.
	Azure AzureKVConfig `mapstructure:"azure" json:"azure"`

	// PKCS11 holds PKCS#11 HSM specific settings.
	PKCS11 PKCS11Config `mapstructure:"pkcs11" json:"pkcs11"`
}

KMSConfig defines Cloud KMS and HSM backend settings.

type KnowledgeConfig 

type KnowledgeConfig struct {
	// Enable the knowledge/learning system
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Maximum context items per layer in retrieval
	MaxContextPerLayer int `mapstructure:"maxContextPerLayer" json:"maxContextPerLayer"`

	// AnalysisTurnThreshold is the number of new turns before triggering conversation analysis (default: 10).
	AnalysisTurnThreshold int `mapstructure:"analysisTurnThreshold" json:"analysisTurnThreshold"`

	// AnalysisTokenThreshold is the token count before triggering conversation analysis (default: 2000).
	AnalysisTokenThreshold int `mapstructure:"analysisTokenThreshold" json:"analysisTokenThreshold"`
}

KnowledgeConfig defines self-learning knowledge system settings

type LibrarianConfig 

type LibrarianConfig struct {
	// Enable the proactive librarian system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Minimum observation count to trigger analysis (default: 2).
	ObservationThreshold int `mapstructure:"observationThreshold" json:"observationThreshold"`

	// Turns between inquiries per session (default: 3).
	InquiryCooldownTurns int `mapstructure:"inquiryCooldownTurns" json:"inquiryCooldownTurns"`

	// Maximum pending inquiries per session (default: 2).
	MaxPendingInquiries int `mapstructure:"maxPendingInquiries" json:"maxPendingInquiries"`

	// Minimum confidence level for auto-save: "high", "medium", "low" (default: "high").
	AutoSaveConfidence types.Confidence `mapstructure:"autoSaveConfidence" json:"autoSaveConfidence"`

	// LLM provider for analysis (empty = use agent default).
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID for analysis (empty = use agent default).
	Model string `mapstructure:"model" json:"model"`
}

LibrarianConfig defines proactive knowledge librarian settings.

type LocalEmbeddingConfig 

type LocalEmbeddingConfig struct {
	// BaseURL is the Ollama endpoint (default: http://localhost:11434/v1).
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`
	// Deprecated: Model is now unified in EmbeddingConfig.Model for all providers.
	// Retained only for backward-compatible config loading and migration.
	Model string `mapstructure:"model" json:"model,omitempty"`
}

LocalEmbeddingConfig defines settings for a local embedding provider.

type LoggingConfig 

type LoggingConfig struct {
	// Log level (debug, info, warn, error)
	Level string `mapstructure:"level" json:"level"`

	// Output format (json, console)
	Format string `mapstructure:"format" json:"format"`

	// Output file path (empty = stdout)
	OutputPath string `mapstructure:"outputPath" json:"outputPath"`
}

LoggingConfig defines logging settings

type MCPConfig added in v0.4.0 

type MCPConfig struct {
	// Enable MCP server integration
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Servers is a map of named MCP server configurations.
	Servers map[string]MCPServerConfig `mapstructure:"servers" json:"servers"`

	// DefaultTimeout for MCP operations (default: 30s)
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// MaxOutputTokens limits the output size from MCP tool calls (default: 25000)
	MaxOutputTokens int `mapstructure:"maxOutputTokens" json:"maxOutputTokens"`

	// HealthCheckInterval for periodic server health probes (default: 30s)
	HealthCheckInterval time.Duration `mapstructure:"healthCheckInterval" json:"healthCheckInterval"`

	// AutoReconnect enables automatic reconnection on connection loss (default: true)
	AutoReconnect bool `mapstructure:"autoReconnect" json:"autoReconnect"`

	// MaxReconnectAttempts limits reconnection attempts (default: 5)
	MaxReconnectAttempts int `mapstructure:"maxReconnectAttempts" json:"maxReconnectAttempts"`
}

MCPConfig defines MCP (Model Context Protocol) server integration settings.

type MCPServerConfig added in v0.4.0 

type MCPServerConfig struct {
	// Transport type: "stdio" (default), "http", "sse"
	Transport string `mapstructure:"transport" json:"transport"`

	// Command is the executable for stdio transport.
	Command string `mapstructure:"command" json:"command"`

	// Args are command-line arguments for stdio transport.
	Args []string `mapstructure:"args" json:"args"`

	// Env are environment variables for stdio transport (supports ${VAR} expansion).
	Env map[string]string `mapstructure:"env" json:"env"`

	// URL is the endpoint for http/sse transport.
	URL string `mapstructure:"url" json:"url"`

	// Headers are HTTP headers for http/sse transport (supports ${VAR} expansion).
	Headers map[string]string `mapstructure:"headers" json:"headers"`

	// Enabled controls whether this server is active (default: true when nil).
	Enabled *bool `mapstructure:"enabled" json:"enabled"`

	// Timeout overrides the global default timeout for this server.
	Timeout time.Duration `mapstructure:"timeout" json:"timeout"`

	// SafetyLevel for tools from this server: "safe", "moderate", "dangerous" (default: "dangerous")
	SafetyLevel string `mapstructure:"safetyLevel" json:"safetyLevel"`
}

MCPServerConfig defines a single MCP server connection.

func (MCPServerConfig) IsEnabled added in v0.4.0 

func (s MCPServerConfig) IsEnabled() bool

IsEnabled returns whether the server is enabled (defaults to true when nil).

type MetricsExportConfig added in v0.5.0 

type MetricsExportConfig struct {
	// Enabled activates metrics export endpoint.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Format is the metrics export format (default: "json").
	Format string `mapstructure:"format" json:"format"`
}

MetricsExportConfig defines metrics export settings.

type NegotiationConfig added in v0.5.0 

type NegotiationConfig struct {
	// Enabled activates the P2P negotiation protocol.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// MaxRounds is the maximum number of counter-offers (default: 5).
	MaxRounds int `mapstructure:"maxRounds" json:"maxRounds"`

	// Timeout is the negotiation session timeout (default: 5m).
	Timeout time.Duration `mapstructure:"timeout" json:"timeout"`

	// AutoNegotiate enables automatic counter-offer generation.
	AutoNegotiate bool `mapstructure:"autoNegotiate" json:"autoNegotiate"`

	// MaxDiscount is the maximum discount percentage for auto-negotiation (0-1, default: 0.2).
	MaxDiscount float64 `mapstructure:"maxDiscount" json:"maxDiscount"`
}

NegotiationConfig defines P2P price negotiation settings.

type OIDCProviderConfig 

type OIDCProviderConfig struct {
	IssuerURL    string   `mapstructure:"issuerUrl" json:"issuerUrl"`
	ClientID     string   `mapstructure:"clientId" json:"clientId"`
	ClientSecret string   `mapstructure:"clientSecret" json:"clientSecret"`
	RedirectURL  string   `mapstructure:"redirectUrl" json:"redirectUrl"`
	Scopes       []string `mapstructure:"scopes" json:"scopes"`
}

OIDCProviderConfig defines a single OIDC provider

type ObservabilityConfig added in v0.5.0 

type ObservabilityConfig struct {
	// Enabled activates the observability subsystem.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Tokens configures token usage tracking.
	Tokens TokenTrackingConfig `mapstructure:"tokens" json:"tokens"`

	// Health configures health check monitoring.
	Health HealthConfig `mapstructure:"health" json:"health"`

	// Audit configures audit log recording.
	Audit AuditConfig `mapstructure:"audit" json:"audit"`

	// Metrics configures metrics export format.
	Metrics MetricsExportConfig `mapstructure:"metrics" json:"metrics"`
}

ObservabilityConfig defines observability and monitoring settings.

type ObservationalMemoryConfig 

type ObservationalMemoryConfig struct {
	// Enable the observational memory system
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// LLM provider for observer/reflector (empty = use agent default)
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID for observer/reflector (empty = use agent default)
	Model string `mapstructure:"model" json:"model"`

	// Token threshold to trigger observation (default: 1000)
	MessageTokenThreshold int `mapstructure:"messageTokenThreshold" json:"messageTokenThreshold"`

	// Token threshold to trigger reflection (default: 2000)
	ObservationTokenThreshold int `mapstructure:"observationTokenThreshold" json:"observationTokenThreshold"`

	// Max token budget for recent messages in context (default: 8000)
	MaxMessageTokenBudget int `mapstructure:"maxMessageTokenBudget" json:"maxMessageTokenBudget"`

	// MaxReflectionsInContext limits reflections injected into LLM context (default: 5, 0 = unlimited).
	MaxReflectionsInContext int `mapstructure:"maxReflectionsInContext" json:"maxReflectionsInContext"`

	// MaxObservationsInContext limits observations injected into LLM context (default: 20, 0 = unlimited).
	MaxObservationsInContext int `mapstructure:"maxObservationsInContext" json:"maxObservationsInContext"`

	// MemoryTokenBudget sets the max token budget for the memory section in system prompt (default: 4000).
	// Zero means use the default.
	MemoryTokenBudget int `mapstructure:"memoryTokenBudget" json:"memoryTokenBudget"`

	// ReflectionConsolidationThreshold is the min reflections before meta-reflection triggers (default: 5).
	// Zero means use the default.
	ReflectionConsolidationThreshold int `mapstructure:"reflectionConsolidationThreshold" json:"reflectionConsolidationThreshold"`
}

ObservationalMemoryConfig defines Observational Memory settings

type OutputManagerConfig added in v0.6.0 

type OutputManagerConfig struct {
	// Master switch (nil defaults to true — enabled by default)
	Enabled *bool `mapstructure:"enabled" json:"enabled"`

	// Maximum token budget for tool output (default: 2000)
	TokenBudget int `mapstructure:"tokenBudget" json:"tokenBudget"`

	// Ratio of head content to preserve during compression (default: 0.7)
	HeadRatio float64 `mapstructure:"headRatio" json:"headRatio"`

	// Ratio of tail content to preserve during compression (default: 0.3)
	TailRatio float64 `mapstructure:"tailRatio" json:"tailRatio"`
}

OutputManagerConfig defines token-based output management settings.

type OwnerProtectionConfig 

type OwnerProtectionConfig struct {
	// OwnerName is the owner's name to block from P2P responses.
	OwnerName string `mapstructure:"ownerName" json:"ownerName"`

	// OwnerEmail is the owner's email to block from P2P responses.
	OwnerEmail string `mapstructure:"ownerEmail" json:"ownerEmail"`

	// OwnerPhone is the owner's phone number to block from P2P responses.
	OwnerPhone string `mapstructure:"ownerPhone" json:"ownerPhone"`

	// ExtraTerms are additional terms to block from P2P responses.
	ExtraTerms []string `mapstructure:"extraTerms" json:"extraTerms,omitempty"`

	// BlockConversations blocks all conversation-related fields from P2P responses (default: true).
	BlockConversations *bool `mapstructure:"blockConversations" json:"blockConversations"`
}

OwnerProtectionConfig configures owner data protection for P2P responses.

type P2PConfig 

type P2PConfig struct {
	// Enable P2P networking.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// ListenAddrs are the multiaddrs to listen on (e.g. /ip4/0.0.0.0/tcp/9000).
	ListenAddrs []string `mapstructure:"listenAddrs" json:"listenAddrs"`

	// BootstrapPeers are initial peers to connect to for DHT bootstrapping.
	BootstrapPeers []string `mapstructure:"bootstrapPeers" json:"bootstrapPeers"`

	// Deprecated: KeyDir is the legacy directory for persisting node keys.
	// Node keys are now stored in SecretsStore (encrypted) when available.
	// This field is retained for backward compatibility and migration.
	KeyDir string `mapstructure:"keyDir" json:"keyDir,omitempty"`

	// EnableRelay allows this node to act as a relay for NAT traversal.
	EnableRelay bool `mapstructure:"enableRelay" json:"enableRelay"`

	// EnableMDNS enables multicast DNS for local peer discovery.
	EnableMDNS bool `mapstructure:"enableMdns" json:"enableMdns"`

	// MaxPeers is the maximum number of connected peers.
	MaxPeers int `mapstructure:"maxPeers" json:"maxPeers"`

	// HandshakeTimeout is the maximum duration for peer handshake.
	HandshakeTimeout time.Duration `mapstructure:"handshakeTimeout" json:"handshakeTimeout"`

	// SessionTokenTTL is the lifetime of session tokens after handshake.
	SessionTokenTTL time.Duration `mapstructure:"sessionTokenTtl" json:"sessionTokenTtl"`

	// AutoApproveKnownPeers skips HITL approval for previously authenticated peers.
	AutoApproveKnownPeers bool `mapstructure:"autoApproveKnownPeers" json:"autoApproveKnownPeers"`

	// FirewallRules defines static ACL rules for the knowledge firewall.
	FirewallRules []FirewallRule `mapstructure:"firewallRules" json:"firewallRules"`

	// GossipInterval is the interval for gossip-based agent card propagation.
	GossipInterval time.Duration `mapstructure:"gossipInterval" json:"gossipInterval"`

	// ZKHandshake enables ZK-enhanced handshake instead of plain signature mode.
	ZKHandshake bool `mapstructure:"zkHandshake" json:"zkHandshake"`

	// ZKAttestation enables ZK attestation proofs on responses to peers.
	ZKAttestation bool `mapstructure:"zkAttestation" json:"zkAttestation"`

	// ZKP holds zero-knowledge proof settings.
	ZKP ZKPConfig `mapstructure:"zkp" json:"zkp"`

	// Pricing for paid P2P tool invocations.
	Pricing P2PPricingConfig `mapstructure:"pricing" json:"pricing"`

	// OwnerProtection prevents owner PII from leaking via P2P.
	OwnerProtection OwnerProtectionConfig `mapstructure:"ownerProtection" json:"ownerProtection"`

	// MinTrustScore is the minimum reputation to accept requests (0.0 to 1.0, default 0.3).
	MinTrustScore float64 `mapstructure:"minTrustScore" json:"minTrustScore"`

	// ToolIsolation configures process isolation for remote tool invocations.
	ToolIsolation ToolIsolationConfig `mapstructure:"toolIsolation" json:"toolIsolation"`

	// RequireSignedChallenge rejects unsigned challenges from peers when true.
	// When false (default), unsigned legacy challenges are accepted for backward compatibility.
	RequireSignedChallenge bool `mapstructure:"requireSignedChallenge" json:"requireSignedChallenge"`

	// Workspace configures collaborative workspace settings for P2P agent co-work.
	Workspace WorkspaceConfig `mapstructure:"workspace" json:"workspace"`

	// Team configures team health monitoring and membership policies.
	Team TeamConfig `mapstructure:"team" json:"team"`
}

P2PConfig defines peer-to-peer network settings for the Sovereign Agent Network.

type P2PPricingConfig 

type P2PPricingConfig struct {
	// Enable paid tool invocations.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// PerQuery is the default price per query in USDC (e.g. "0.50").
	PerQuery string `mapstructure:"perQuery" json:"perQuery"`

	// ToolPrices maps tool names to their specific prices in USDC.
	ToolPrices map[string]string `mapstructure:"toolPrices" json:"toolPrices,omitempty"`

	// TrustThresholds configures trust-based payment tier thresholds.
	TrustThresholds TrustThresholds `mapstructure:"trustThresholds" json:"trustThresholds"`

	// Settlement configures on-chain settlement behavior.
	Settlement SettlementConfig `mapstructure:"settlement" json:"settlement"`
}

P2PPricingConfig defines pricing for P2P tool invocations.

type PKCS11Config 

type PKCS11Config struct {
	// ModulePath is the path to the PKCS#11 shared library (.so/.dylib/.dll).
	ModulePath string `mapstructure:"modulePath" json:"modulePath"`

	// SlotID is the PKCS#11 slot number to use.
	SlotID int `mapstructure:"slotId" json:"slotId"`

	// Pin is the PKCS#11 user PIN (prefer LANGO_PKCS11_PIN env var).
	Pin string `mapstructure:"pin" json:"pin,omitempty"`

	// KeyLabel is the label of the key object in the HSM.
	KeyLabel string `mapstructure:"keyLabel" json:"keyLabel"`
}

PKCS11Config defines PKCS#11 HSM specific settings.

type PaymentConfig 

type PaymentConfig struct {
	// Enable blockchain payment features.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// WalletProvider selects the wallet backend: "local", "rpc", or "composite".
	WalletProvider string `mapstructure:"walletProvider" json:"walletProvider"`

	// Network defines blockchain network parameters.
	Network PaymentNetworkConfig `mapstructure:"network" json:"network"`

	// Limits defines spending restrictions.
	Limits SpendingLimitsConfig `mapstructure:"limits" json:"limits"`

	// X402 defines X402 protocol interception settings.
	X402 X402Config `mapstructure:"x402" json:"x402"`
}

PaymentConfig defines blockchain payment settings.

type PaymentNetworkConfig 

type PaymentNetworkConfig struct {
	// ChainID is the EVM chain ID (default: 84532 = Base Sepolia).
	ChainID int64 `mapstructure:"chainId" json:"chainId"`

	// RPCURL is the JSON-RPC endpoint for the blockchain network.
	RPCURL string `mapstructure:"rpcUrl" json:"rpcUrl"`

	// USDCContract is the USDC token contract address on the target chain.
	USDCContract string `mapstructure:"usdcContract" json:"usdcContract"`
}

PaymentNetworkConfig defines blockchain network parameters.

type PresetInfo added in v0.6.0 

type PresetInfo struct {
	Name PresetName
	Desc string
}

PresetInfo describes a preset for display.

func AllPresets added in v0.6.0 

func AllPresets() []PresetInfo

AllPresets returns all available presets with descriptions.

type PresetName added in v0.6.0 

type PresetName string

PresetName represents a named configuration preset. 

const (
	PresetMinimal      PresetName = "minimal"
	PresetResearcher   PresetName = "researcher"
	PresetCollaborator PresetName = "collaborator"
	PresetFull         PresetName = "full"
)

type PresidioConfig 

type PresidioConfig struct {
	Enabled        bool    `mapstructure:"enabled" json:"enabled"`
	URL            string  `mapstructure:"url" json:"url"`                       // default: http://localhost:5002
	ScoreThreshold float64 `mapstructure:"scoreThreshold" json:"scoreThreshold"` // default: 0.7
	Language       string  `mapstructure:"language" json:"language"`             // default: "en"
}

PresidioConfig defines Microsoft Presidio integration settings.

type ProviderConfig 

type ProviderConfig struct {
	// Provider type (openai, anthropic, gemini)
	Type types.ProviderType `mapstructure:"type" json:"type"`

	// API key for the provider (supports ${ENV_VAR} substitution)
	APIKey string `mapstructure:"apiKey" json:"apiKey"`

	// Base URL for OpenAI-compatible providers
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`
}

ProviderConfig defines AI provider settings

type RAGConfig 

type RAGConfig struct {
	// Enabled activates RAG context injection.
	Enabled bool `mapstructure:"enabled" json:"enabled"`
	// MaxResults is the maximum number of results to inject.
	MaxResults int `mapstructure:"maxResults" json:"maxResults"`
	// Collections to search (empty means all).
	Collections []string `mapstructure:"collections" json:"collections"`
	// MaxDistance is the maximum cosine distance for RAG results (0.0 = disabled).
	MaxDistance float32 `mapstructure:"maxDistance" json:"maxDistance"`
}

RAGConfig defines retrieval-augmented generation settings.

type RemoteAgentConfig 

type RemoteAgentConfig struct {
	// Name is the local name for this remote agent.
	Name string `mapstructure:"name" json:"name"`

	// AgentCardURL is the URL to fetch the agent card from.
	// Typically: https://host/.well-known/agent.json
	AgentCardURL string `mapstructure:"agentCardUrl" json:"agentCardUrl"`
}

RemoteAgentConfig defines an external A2A agent to connect to.

type RiskConfig added in v0.5.0 

type RiskConfig struct {
	// EscrowThreshold is the USDC amount above which escrow is forced (e.g. "5.00").
	EscrowThreshold string `mapstructure:"escrowThreshold" json:"escrowThreshold"`

	// HighTrustScore is the minimum trust score for DirectPay strategy (default: 0.8).
	HighTrustScore float64 `mapstructure:"highTrustScore" json:"highTrustScore"`

	// MediumTrustScore is the minimum trust score for non-ZK strategies (default: 0.5).
	MediumTrustScore float64 `mapstructure:"mediumTrustScore" json:"mediumTrustScore"`
}

RiskConfig defines trust-based payment strategy routing thresholds.

type SecurityConfig 

type SecurityConfig struct {
	// Interceptor configuration
	Interceptor InterceptorConfig `mapstructure:"interceptor" json:"interceptor"`
	// Signer configuration
	Signer SignerConfig `mapstructure:"signer" json:"signer"`
	// DBEncryption configuration (SQLCipher transparent encryption)
	DBEncryption DBEncryptionConfig `mapstructure:"dbEncryption" json:"dbEncryption"`
	// KMS configuration (Cloud KMS / HSM backends)
	KMS KMSConfig `mapstructure:"kms" json:"kms"`
}

SecurityConfig defines security settings

type ServerConfig 

type ServerConfig struct {
	// Host to bind to (default: "localhost")
	Host string `mapstructure:"host" json:"host"`

	// Port to listen on (default: 18789)
	Port int `mapstructure:"port" json:"port"`

	// Enable HTTP API endpoints
	HTTPEnabled bool `mapstructure:"httpEnabled" json:"httpEnabled"`

	// Enable WebSocket server
	WebSocketEnabled bool `mapstructure:"wsEnabled" json:"wsEnabled"`

	// Allowed origins for WebSocket CORS (empty = same-origin, ["*"] = allow all)
	AllowedOrigins []string `mapstructure:"allowedOrigins" json:"allowedOrigins"`
}

ServerConfig defines gateway server settings

type SessionConfig 

type SessionConfig struct {
	// Database path for standalone CLI access (defaults to ~/.lango/lango.db).
	// In normal operation the bootstrap Ent client is reused instead.
	DatabasePath string `mapstructure:"databasePath" json:"databasePath"`

	// Session TTL before expiration
	TTL time.Duration `mapstructure:"ttl" json:"ttl"`

	// Maximum history turns per session
	MaxHistoryTurns int `mapstructure:"maxHistoryTurns" json:"maxHistoryTurns"`
}

SessionConfig defines session storage settings. The primary database is always ~/.lango/lango.db (opened during bootstrap). DatabasePath is used as a fallback for standalone CLI commands.

type SettlementConfig added in v0.4.0 

type SettlementConfig struct {
	// ReceiptTimeout is the maximum wait time for on-chain receipt confirmation (default: 2m).
	ReceiptTimeout time.Duration `mapstructure:"receiptTimeout" json:"receiptTimeout"`

	// MaxRetries is the maximum number of submission retries (default: 3).
	MaxRetries int `mapstructure:"maxRetries" json:"maxRetries"`
}

SettlementConfig configures on-chain settlement parameters.

type SignerConfig 

type SignerConfig struct {
	Provider string `mapstructure:"provider" json:"provider"` // "local", "rpc", "enclave"
	RPCUrl   string `mapstructure:"rpcUrl" json:"rpcUrl"`     // for RPC provider
	KeyID    string `mapstructure:"keyId" json:"keyId"`       // Key identifier
}

SignerConfig defines Secure Signer settings

type SkillConfig 

type SkillConfig struct {
	// Enable the skill system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// SkillsDir is the directory containing skill files (default: ~/.lango/skills).
	SkillsDir string `mapstructure:"skillsDir" json:"skillsDir"`

	// AllowImport enables importing skills from external URLs and GitHub repositories.
	AllowImport bool `mapstructure:"allowImport" json:"allowImport"`

	// MaxBulkImport limits the number of skills in a single bulk import operation (default: 50).
	MaxBulkImport int `mapstructure:"maxBulkImport" json:"maxBulkImport"`

	// ImportConcurrency sets the number of concurrent HTTP requests during bulk import (default: 5).
	ImportConcurrency int `mapstructure:"importConcurrency" json:"importConcurrency"`

	// ImportTimeout is the overall timeout for skill import operations (default: 2m).
	ImportTimeout time.Duration `mapstructure:"importTimeout" json:"importTimeout"`
}

SkillConfig defines file-based skill settings.

type SlackConfig 

type SlackConfig struct {
	// Enable Slack channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot OAuth token
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// App-level token for Socket Mode
	AppToken string `mapstructure:"appToken" json:"appToken"`

	// Signing secret for request verification
	SigningSecret string `mapstructure:"signingSecret" json:"signingSecret"`
}

SlackConfig defines Slack app settings

type SmartAccountConfig added in v0.5.0 

type SmartAccountConfig struct {
	Enabled              bool   `mapstructure:"enabled" json:"enabled"`
	FactoryAddress       string `mapstructure:"factoryAddress" json:"factoryAddress"`
	EntryPointAddress    string `mapstructure:"entryPointAddress" json:"entryPointAddress"`
	SafeSingletonAddress string `mapstructure:"safeSingletonAddress" json:"safeSingletonAddress"` // Safe L2 singleton implementation
	Safe7579Address      string `mapstructure:"safe7579Address" json:"safe7579Address"`
	FallbackHandler      string `mapstructure:"fallbackHandler" json:"fallbackHandler"`
	BundlerURL           string `mapstructure:"bundlerURL" json:"bundlerURL"`

	Session   SmartAccountSessionConfig   `mapstructure:"session" json:"session"`
	Modules   SmartAccountModulesConfig   `mapstructure:"modules" json:"modules"`
	Paymaster SmartAccountPaymasterConfig `mapstructure:"paymaster" json:"paymaster"`
}

SmartAccountConfig defines ERC-7579 smart account settings.

func (SmartAccountConfig) Validate added in v0.6.0 

func (c SmartAccountConfig) Validate() error

Validate checks that required fields are set when smart account is enabled.

type SmartAccountModulesConfig added in v0.5.0 

type SmartAccountModulesConfig struct {
	SessionValidatorAddress string `mapstructure:"sessionValidatorAddress" json:"sessionValidatorAddress"`
	SpendingHookAddress     string `mapstructure:"spendingHookAddress" json:"spendingHookAddress"`
	EscrowExecutorAddress   string `mapstructure:"escrowExecutorAddress" json:"escrowExecutorAddress"`
}

SmartAccountModulesConfig defines module contract addresses.

type SmartAccountPaymasterConfig added in v0.5.0 

type SmartAccountPaymasterConfig struct {
	Enabled          bool   `mapstructure:"enabled" json:"enabled"`
	Provider         string `mapstructure:"provider" json:"provider"`   // "circle"|"pimlico"|"alchemy"
	Mode             string `mapstructure:"mode" json:"mode,omitempty"` // "rpc" (default) | "permit"
	RPCURL           string `mapstructure:"rpcURL" json:"rpcURL"`
	TokenAddress     string `mapstructure:"tokenAddress" json:"tokenAddress"` // USDC address
	PaymasterAddress string `mapstructure:"paymasterAddress" json:"paymasterAddress"`
	PolicyID         string `mapstructure:"policyId" json:"policyId,omitempty"`
	FallbackMode     string `mapstructure:"fallbackMode" json:"fallbackMode,omitempty"` // "abort"|"direct"
}

SmartAccountPaymasterConfig defines paymaster settings for gasless transactions.

type SmartAccountSessionConfig added in v0.5.0 

type SmartAccountSessionConfig struct {
	MaxDuration     time.Duration `mapstructure:"maxDuration" json:"maxDuration"`
	DefaultGasLimit uint64        `mapstructure:"defaultGasLimit" json:"defaultGasLimit"`
	MaxActiveKeys   int           `mapstructure:"maxActiveKeys" json:"maxActiveKeys"`
}

SmartAccountSessionConfig defines session key settings.

type SpendingLimitsConfig 

type SpendingLimitsConfig struct {
	// MaxPerTx is the maximum amount per transaction in USDC (e.g. "1.00").
	MaxPerTx string `mapstructure:"maxPerTx" json:"maxPerTx"`

	// MaxDaily is the maximum daily spending in USDC (e.g. "10.00").
	MaxDaily string `mapstructure:"maxDaily" json:"maxDaily"`

	// AutoApproveBelow is the amount below which transactions are auto-approved.
	AutoApproveBelow string `mapstructure:"autoApproveBelow" json:"autoApproveBelow"`
}

SpendingLimitsConfig defines spending restrictions for payment transactions.

type TeamConfig added in v0.6.0 

type TeamConfig struct {
	// HealthCheckInterval is the interval between team health pings (default: 30s).
	HealthCheckInterval time.Duration `mapstructure:"healthCheckInterval" json:"healthCheckInterval"`

	// MaxMissedHeartbeats is the maximum consecutive missed pings before a member is unhealthy (default: 3).
	MaxMissedHeartbeats int `mapstructure:"maxMissedHeartbeats" json:"maxMissedHeartbeats"`

	// MinReputationScore is the minimum reputation to remain on a team (default: 0.3).
	MinReputationScore float64 `mapstructure:"minReputationScore" json:"minReputationScore"`

	// GitStateTracking enables tracking git HEAD hashes from health ping responses.
	GitStateTracking bool `mapstructure:"gitStateTracking" json:"gitStateTracking"`

	// AutoSyncOnDivergence automatically triggers sync when git state divergence is detected.
	AutoSyncOnDivergence bool `mapstructure:"autoSyncOnDivergence" json:"autoSyncOnDivergence"`
}

TeamConfig configures team health monitoring and membership policies.

type TelegramConfig 

type TelegramConfig struct {
	// Enable Telegram channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot token from BotFather
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// Allowed user/group IDs (empty = allow all)
	Allowlist []int64 `mapstructure:"allowlist" json:"allowlist"`
}

TelegramConfig defines Telegram bot settings

type TokenTrackingConfig added in v0.5.0 

type TokenTrackingConfig struct {
	// Enabled activates token tracking (default: true when observability is enabled).
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// PersistHistory enables DB-backed persistent storage.
	PersistHistory bool `mapstructure:"persistHistory" json:"persistHistory"`

	// RetentionDays controls how long token usage records are kept (default: 30).
	RetentionDays int `mapstructure:"retentionDays" json:"retentionDays"`
}

TokenTrackingConfig defines token usage tracking settings.

type ToolIsolationConfig 

type ToolIsolationConfig struct {
	// Enabled turns on subprocess isolation for remote peer tool invocations.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// TimeoutPerTool is the maximum duration for a single tool execution (default: 30s).
	TimeoutPerTool time.Duration `mapstructure:"timeoutPerTool" json:"timeoutPerTool"`

	// MaxMemoryMB is a soft memory limit per subprocess in megabytes (Phase 2).
	MaxMemoryMB int `mapstructure:"maxMemoryMB" json:"maxMemoryMB"`

	// Container configures container-based tool execution sandbox (Phase 2).
	Container ContainerSandboxConfig `mapstructure:"container" json:"container"`
}

ToolIsolationConfig configures subprocess isolation for P2P tool execution.

type ToolsConfig 

type ToolsConfig struct {
	Exec           ExecToolConfig       `mapstructure:"exec" json:"exec"`
	Filesystem     FilesystemToolConfig `mapstructure:"filesystem" json:"filesystem"`
	Browser        BrowserToolConfig    `mapstructure:"browser" json:"browser"`
	OutputManager  OutputManagerConfig  `mapstructure:"outputManager" json:"outputManager"`
	MaxOutputChars int                  `mapstructure:"maxOutputChars" json:"maxOutputChars"`
}

ToolsConfig defines tool-specific settings

type TrustThresholds added in v0.4.0 

type TrustThresholds struct {
	// PostPayMinScore is the minimum reputation score for post-pay eligibility (default: 0.8).
	PostPayMinScore float64 `mapstructure:"postPayMinScore" json:"postPayMinScore"`
}

TrustThresholds defines score thresholds for payment tier routing.

type WorkflowConfig 

type WorkflowConfig struct {
	// Enable the workflow engine.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Maximum number of concurrently executing workflow steps.
	MaxConcurrentSteps int `mapstructure:"maxConcurrentSteps" json:"maxConcurrentSteps"`

	// Default timeout for a single workflow step (e.g. "10m").
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// Directory to store workflow state for resume capability.
	StateDir string `mapstructure:"stateDir" json:"stateDir"`

	// Default delivery channels when deliver_to is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

WorkflowConfig defines workflow engine settings.

type WorkspaceConfig added in v0.6.0 

type WorkspaceConfig struct {
	// Enabled turns on collaborative workspaces.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// DataDir is the directory for storing workspace data.
	DataDir string `mapstructure:"dataDir" json:"dataDir"`

	// MaxWorkspaces is the maximum number of concurrent workspaces.
	MaxWorkspaces int `mapstructure:"maxWorkspaces" json:"maxWorkspaces"`

	// MaxBundleSizeBytes is the maximum size of a workspace bundle in bytes.
	MaxBundleSizeBytes int64 `mapstructure:"maxBundleSizeBytes" json:"maxBundleSizeBytes"`

	// ChroniclerEnabled turns on workspace activity chronicling.
	ChroniclerEnabled bool `mapstructure:"chroniclerEnabled" json:"chroniclerEnabled"`

	// AutoSandbox automatically sandboxes workspace operations.
	AutoSandbox bool `mapstructure:"autoSandbox" json:"autoSandbox"`

	// ContributionTracking enables tracking of per-agent contributions.
	ContributionTracking bool `mapstructure:"contributionTracking" json:"contributionTracking"`

	// EnableIncrementalBundle enables incremental bundle creation (base..HEAD) instead of full repo bundles.
	EnableIncrementalBundle bool `mapstructure:"enableIncrementalBundle" json:"enableIncrementalBundle"`

	// BranchPerTask creates isolated task/{id} branches for each agent task to avoid conflicts.
	BranchPerTask bool `mapstructure:"branchPerTask" json:"branchPerTask"`

	// MaxIncrementalBundleSizeBytes is the maximum size of an incremental bundle in bytes.
	MaxIncrementalBundleSizeBytes int64 `mapstructure:"maxIncrementalBundleSizeBytes" json:"maxIncrementalBundleSizeBytes"`
}

WorkspaceConfig configures collaborative workspace settings for P2P agent co-work.

type X402Config 

type X402Config struct {
	// AutoIntercept enables automatic interception of HTTP 402 responses.
	AutoIntercept bool `mapstructure:"autoIntercept" json:"autoIntercept"`

	// MaxAutoPayAmount is the maximum amount to auto-pay for X402 challenges.
	MaxAutoPayAmount string `mapstructure:"maxAutoPayAmount" json:"maxAutoPayAmount"`
}

X402Config defines X402 protocol interception settings.

type ZKPConfig 

type ZKPConfig struct {
	// ProofCacheDir is the directory for caching compiled circuits and proving keys.
	ProofCacheDir string `mapstructure:"proofCacheDir" json:"proofCacheDir"`

	// ProvingScheme selects the ZKP proving scheme: "plonk" or "groth16".
	ProvingScheme string `mapstructure:"provingScheme" json:"provingScheme"`

	// SRSMode selects the SRS generation mode: "unsafe" (default) or "file".
	SRSMode string `mapstructure:"srsMode" json:"srsMode"`

	// SRSPath is the path to the SRS file (used when SRSMode == "file").
	SRSPath string `mapstructure:"srsPath" json:"srsPath"`

	// MaxCredentialAge is the maximum age for ZK credentials (e.g. "24h").
	MaxCredentialAge string `mapstructure:"maxCredentialAge" json:"maxCredentialAge"`
}

ZKPConfig defines zero-knowledge proof settings.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.