Paybond Kit support matrix
This document defines the Paybond Kit surfaces currently supported. Anything not listed here is best-effort or unsupported unless your contract says otherwise.
Language SDKs
| Surface | Version policy | Notes |
|---|
Python paybond-kit on PyPI | Supported: current 0.1.x stable line | Published wheels bundle the native extension; source checkouts use maturin develop. |
TypeScript @paybond/kit | Supported: current 0.1.x stable line | ESM, node >= 22 required. |
Agent framework integrations
| Integration | Install / surface | Notes |
|---|
| OpenAI Agents SDK (Python) | pip install "paybond-kit[agents]" | First-party tool input guardrail calling Harbor POST /verify before tool execution. |
| OpenAI Agents SDK (TypeScript) | @paybond/kit + app-side wrapper | Manual tool-wrapper pattern using PaybondCapabilityBinding and harbor.verifyCapability(...). |
| LangGraph | pip install "paybond-kit[langgraph]" | ToolNode awrap_tool_call interceptor pattern (paybond_awrap_tool_call_capability). |
Gateway contracts (service accounts)
| Endpoint | Purpose |
|---|
POST /v1/auth/harbor-access | Exchange paybond_sk_… API key (Bearer) for a short-lived Harbor JWT and tenant realm (tenant_id in JSON). |
GET /v1/auth/principal | Resolve the service-account tenant realm for read-only Signal sessions (ServiceAccountSignalSession.open). |
Supported gateway releases include tenant_id in the harbor-access response (V1-008) and accept service-account credentials on GET /v1/auth/principal for Signal session discovery. Older gateways require an explicit tenant binding in your configuration.
Harbor HTTP API (Kit-facing)
| Route | Used by Kit |
|---|
POST /verify | Capability checks (Biscuit token and operation). |
POST /intents/{intent_id}/evidence | Signed evidence submission (often after sign_payee_evidence_binding). |
GET /ledger/v1/* | Tenant-scoped provenance reads (tip, authority, events, merkle/latest). |
Signal HTTP API (Kit-facing)
| Route / session | Used by Kit |
|---|
ServiceAccountSignalSession.open | Resolves tenant_id from GET /v1/auth/principal using the service-account credential. |
GET /reputation/{operator_did} | Tenant-bound signed receipt lookup. |
GET /signal/v1/portfolio/summary | Tenant-bound portfolio summary lookup. |
GET /signal/v1/operators/{operator_did}/explanation | Tenant-bound explanation delta lookup. |
GET /signal/v1/operators/{operator_did}/review-status | Tenant-bound review-state and trust-policy lookup. |
Not currently exposed in the Kit
| Surface | Status |
|---|
| Signal review queue mutation / queue listing workflows | Use the Gateway / console directly today. |
| Operator settlement confirmation flows | Not wrapped; call Harbor directly or use the Operator Console. |
Compatibility testing
Each supported integration has automated tests in this repository:
- Python:
kit/python/tests/ (test_agents_guardrail.py, test_langgraph_hooks.py, test_credentials.py, test_harbor_client.py, test_signal_client.py).
- TypeScript:
kit/ts/src/index.test.ts (Vitest, including GatewaySignalClient and ServiceAccountSignalSession coverage).
Run these suites in CI for the Python and Node versions you ship to partners.
Local contract dry run (WireMock / Testcontainers)
For a fully local HTTP-level rehearsal (mock gateway and mock Harbor), use
examples/partner-dry-run-wiremock/README.md
(Docker Compose or Testcontainers Python driver).