JS/WASM/Browser Client Release Surface

[flyingrobots]

Migrated from Method backlog

This issue was created from a legacy filesystem backlog card. GitHub Issues are now the live work tracker; repository docs remain Method evidence.

Source backlog: docs/method/backlog/v0.1.0/PLATFORM_js-wasm-browser-client-release-surface.md
Original lane: v0.1.0
Original legend: PLATFORM

Original backlog card

JS/WASM/Browser Client Release Surface

Status: v0.1.0 release blocker if JS, WASM, Node, or browser packages ship.

Depends on:

• App-safe client surface
• Product-facing intent outcome API
• Package publish and versioning

Why now

The release bar now includes serious application use. If Echo publishes
JavaScript, WASM, Node, or browser artifacts, those artifacts must carry only
the app-safe client surface. They must not accidentally expose trusted runtime
control, tick authority, WAL append authority, recovery authority, or package
install authority to application code.

Required behavior

Published client artifacts may expose:

• generated intent/query request helpers;
• canonical intent submission;
• intent outcome observation;
• bounded query reading requests;
• retained evidence posture;
• package/version compatibility checks.

Published client artifacts may not expose:

• scheduler step or tick;
• trusted runtime start/stop/drain control unless the artifact is explicitly a
  trusted-host package;
• WAL append or recovery mutation;
• package installation authority;
• raw kernel object mutation.

Acceptance criteria

• Release documentation names which JS/WASM/browser artifacts ship.
• Shipped application-facing packages expose only app-safe APIs.
• Trusted-host APIs, if shipped, are packaged and documented separately from
  application client APIs.
• Browser and Node smoke tests prove generated requests can be submitted
  and observed without tick authority.
• Package metadata binds Echo ABI version, WASM ABI version, generated
  helper compatibility, and contract package version.
• Examples do not call trusted runtime control from application code.

Test plan

• Add package export tests proving app-facing entry points do not re-export
  trusted runtime controls.
• Add Node smoke test for submit/observe/query through app-safe API.
• Add browser or WASM-bindgen smoke test if browser artifacts ship.
• Add docs/quickstart check for the published artifact set.

Non-goals

• Do not require browser artifacts if the release explicitly ships Rust/local
  host APIs only.
• Do not build a UI framework.
• Do not implement streaming subscriptions.
• Do not expose raw privileged WASM exports to app code.

[coderabbitai]

🔗 Related PRs

#330 - test(wasm): own package export smoke boundary [merged]
#353 - Fix WASM application intent authority boundary [merged]
#369 - docs: add Echo v0.1.0 release plan [merged]
#373 - chore: remove legacy ttd-browser surface [merged]
#380 - feat(core): expose retained evidence posture on readings [merged]

---

📝 Issue Planner

_{Check the box below or use the @coderabbitai plan command to generate an implementation plan and prompts that you can use with your favorite coding assistant.}

• Create Plan

---

🧪 Issue enrichment is currently in open beta.

You can configure auto-planning by selecting labels in the issue_enrichment configuration.

To disable automatic issue enrichment, add the following to your .coderabbit.yaml:

issue_enrichment:
  auto_enrich:
    enabled: false

💬 Have feedback or questions? Drop into our discord!