> ## Documentation Index
> Fetch the complete documentation index at: https://docs.glider.fi/llms.txt
> Use this file to discover all available pages before exploring further.

# tRPC Addons API

> Addon registry install lifecycle for Tier-1 manifest-backed addon surfaces.

The `addons.*` namespace is available on the tRPC base endpoint:

* Base endpoint: `POST /v1/trpc`
* Namespace: `addons.*`
* Feature gate: `addon_platform_installs`

## Procedures

* `addons.issueHostTicket`
  * Auth: wallet session
  * Purpose: mint a short-lived signed ticket for browser calls into the
    addon-host Worker
  * Input: none
  * Response:
    * `ticket`: opaque `ah1.<payload>.<signature>` ticket
    * `expiresInSeconds`: current TTL in seconds (`60`)

* `addons.listInstalled`
  * Auth: wallet session
  * Purpose: list the caller's active addon installs whose addon definition is
    still active
  * Input: none
  * Response: active installs with install id, definition id, display metadata,
    pinned version, manifest hash, granted scopes, and the validated manifest

* `addons.install`
  * Auth: wallet session
  * Purpose: create a new addon definition, initial version, active install,
    and install audit row in one transaction
  * Input:
    * `name`, 1-80 chars
    * `description`, 0-400 chars
    * `manifest`, validated against `@repo/addon-contracts`; the pinned
      version is derived from `manifest.version` (must be `x.y.z`)
    * `grantedScopes`, exactly the same set as `manifest.scopes`
  * Response: install id, definition id, version id, and server-computed
    `sha256:<hex>` manifest hash

* Write procedures (`install`, `uninstall`, `setEnabled`) additionally
  send a best-effort cache invalidation to the addon-host supervisor when
  `ADDON_HOST_BASE_URL` is configured, so `/v1/manifests` reflects the
  change immediately (30s TTL is the fallback).

* `addons.uninstall`
  * Auth: wallet session
  * Purpose: soft-disable one owned install and append an uninstall audit row
  * Input: `installId`
  * Response: install id and resulting status
  * Idempotent for already-disabled installs

* `addons.setEnabled`
  * Auth: wallet session
  * Purpose: enable or disable one owned install and append an enable/disable
    audit row
  * Input: `installId`, `enabled`
  * Response: install id and resulting status
  * Idempotent when the install is already in the requested state

## Runtime Notes

* Disabled addon definitions are a registry kill switch and are omitted from
  `listInstalled`.
* Stored manifests are revalidated at read time. Invalid stored manifests are
  skipped from the feed instead of failing the whole response.
* Install rows are never deleted in v1.
