> ## Documentation Index
> Fetch the complete documentation index at: https://docs.peaq.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# Orchestration (Python)

> client.orchestration.* namespace on the Python SDK — machines, agent pairings, machine agents, runtime endpoints, skills, market services, market search.

export const G = {
  onchain: {
    id: "onchain",
    cat: "chain-infra",
    term: "On-chain vs off-chain",
    def: "On-chain means written to the shared public ledger every machine agrees on: permanent and readable by anyone. Off-chain means kept on a normal private server instead."
  },
  blockchain: {
    id: "blockchain",
    cat: "chain-infra",
    term: "Chain / blockchain",
    def: "A shared, tamper-resistant public database maintained by a whole network of computers with no single owner. Different chains are separate such networks."
  },
  peaqChain: {
    id: "peaqChain",
    cat: "chain-infra",
    term: "peaq chain",
    def: "The machine-focused blockchain peaqOS uses as home base for identity and credit records."
  },
  transaction: {
    id: "transaction",
    cat: "chain-infra",
    term: "Transaction (tx) / tx hash",
    def: "A single signed request that changes the ledger. Its hash is a unique, receipt-like ID you can use to look it up later."
  },
  rpcUrl: {
    id: "rpcUrl",
    cat: "chain-infra",
    term: "RPC URL / endpoint",
    def: "The network address your code calls to read from or write to a chain, like the base URL of the chain's API server."
  },
  mainnet: {
    id: "mainnet",
    cat: "chain-infra",
    term: "Mainnet / testnet (agung)",
    def: "Mainnet is the real, live network where tokens have real value. Testnet is a free practice copy with worthless tokens; peaq's is called agung."
  },
  evm: {
    id: "evm",
    cat: "chain-infra",
    term: "EVM / EVM-compatible",
    def: "The Ethereum Virtual Machine: the standard runtime many chains share, so the same 0x... addresses and tools work across all of them. peaq is EVM-compatible."
  },
  node: {
    id: "node",
    cat: "chain-infra",
    term: "Node (RPC node)",
    def: "A server running the blockchain software that holds a copy of the ledger and answers queries. NOT a ROS 2 node, despite the shared word."
  },
  chainId: {
    id: "chainId",
    cat: "chain-infra",
    term: "Chain ID",
    def: "A number that uniquely labels a chain so software doesn't confuse networks (peaq is 3338, Base is 8453)."
  },
  precompile: {
    id: "precompile",
    cat: "chain-infra",
    term: "Precompile",
    def: "A built-in function baked into the chain at a fixed address that acts like a contract but runs as faster native code. The batch one bundles several actions into one all-or-nothing transaction."
  },
  dataHash: {
    id: "dataHash",
    cat: "chain-infra",
    term: "Data hash (keccak256)",
    def: "A short, fixed-length fingerprint of a file, stored on-chain instead of the file itself, so data can be verified later while the raw data stays off-chain."
  },
  wallet: {
    id: "wallet",
    cat: "wallet-keys",
    term: "Wallet",
    def: "An account on the chain, identified by a public address, that holds a machine's funds and approves its actions. Really just a pair of keys, not a place money is stored."
  },
  keypair: {
    id: "keypair",
    cat: "wallet-keys",
    term: "Keypair",
    def: "The two matched secrets behind a wallet: a public address you can share, and a private key you keep secret that signs actions."
  },
  privateKey: {
    id: "privateKey",
    cat: "wallet-keys",
    term: "Private key",
    def: "The secret string that proves you control a wallet. Anyone who has it has full control, like a master password that can never be reset."
  },
  sign: {
    id: "sign",
    cat: "wallet-keys",
    term: "Sign / signature",
    def: "Using your private key to produce a cryptographic stamp proving you approved a specific action, without ever revealing the key."
  },
  signer: {
    id: "signer",
    cat: "wallet-keys",
    term: "Signer / signing identity",
    def: "The wallet whose private key authorizes an action: the account the network treats as the one taking it. NOT a file or an app."
  },
  address: {
    id: "address",
    cat: "wallet-keys",
    term: "Address (0x...)",
    def: "The public 0x... identifier of a wallet or contract you can freely share so others can send to it or look it up, like an account number."
  },
  eoa: {
    id: "eoa",
    cat: "wallet-keys",
    term: "EOA (externally owned account)",
    def: "A plain wallet controlled directly by a private key, as opposed to one controlled by code. Here, the account that IS the machine."
  },
  ows: {
    id: "ows",
    cat: "wallet-keys",
    term: "OWS / wallet vault",
    def: "An open standard for storing wallet keys in an encrypted local file (a vault) with a backup phrase and an activity log, instead of a bare key in a text file."
  },
  passphrase: {
    id: "passphrase",
    cat: "wallet-keys",
    term: "Passphrase (OWS_PASSPHRASE)",
    def: "The password that unlocks the encrypted wallet vault so its key can be used to sign."
  },
  mnemonic: {
    id: "mnemonic",
    cat: "wallet-keys",
    term: "Mnemonic / seed phrase",
    def: "A list of 12 or 24 ordinary words that encodes a wallet's secret key, used to back it up and recover it. Whoever has the words controls the wallet."
  },
  derivation: {
    id: "derivation",
    cat: "wallet-keys",
    term: "Derivation path",
    def: "The deterministic recipe that turns one backup phrase into many specific keys and addresses, one per network or index."
  },
  challenge: {
    id: "challenge",
    cat: "wallet-keys",
    term: "Challenge (sign-to-prove)",
    def: "A login-style handshake: the server sends a random message, you sign it with your key, and the signature proves you control the account without sending the key."
  },
  eip191: {
    id: "eip191",
    cat: "wallet-keys",
    term: "EIP-191 / personal_sign",
    def: "A standard way to sign a plain message to prove you control an account, without sending any on-chain transaction."
  },
  did: {
    id: "did",
    cat: "identity",
    term: "DID / peaqID",
    def: "A globally unique, self-owned ID for a machine that lives on the chain and isn't issued by any single company. peaqID is peaq's version, written did:peaq:0x..."
  },
  register: {
    id: "register",
    cat: "identity",
    term: "Register a machine",
    def: "Putting a machine on the network for the first time, which gives it an ID, a DID, an ownership token, and a locked deposit. registerMachine is self-managed; registerFor is on someone else's behalf."
  },
  machineId: {
    id: "machineId",
    cat: "identity",
    term: "Machine ID",
    def: "The number the network assigns your machine when it registers, used as its handle in every later call."
  },
  ownerOperator: {
    id: "ownerOperator",
    cat: "identity",
    term: "Owner / operator",
    def: "The owner owns a machine; the operator runs it. They can be the same account (self-managed) or different (proxy-managed)."
  },
  proxyOperator: {
    id: "proxyOperator",
    cat: "identity",
    term: "Proxy operator",
    def: "One account that registers and manages many machines on behalf of their owners, so a fleet operator can handle a whole fleet from one wallet."
  },
  didAttributes: {
    id: "didAttributes",
    cat: "identity",
    term: "DID attributes",
    def: "Public name-value facts (a docs link, a data endpoint) attached to a machine's DID and stored on-chain for anyone to read. Writing them is a separate transaction from registration."
  },
  pairing: {
    id: "pairing",
    cat: "identity",
    term: "Pairing / pairing token",
    def: "The verified link between an AI agent and a machine, set up by signing a challenge. The pairing token is the signed credential the agent sends with each request, like a temporary access badge."
  },
  hardwareAttestation: {
    id: "hardwareAttestation",
    cat: "identity",
    term: "Hardware attestation",
    def: "A tamper-resistant chip on the machine cryptographically vouching that it's genuine hardware, so its identity can't be faked in software. This is the Verify layer."
  },
  gas: {
    id: "gas",
    cat: "tokens-economics",
    term: "Gas",
    def: "The small fee, paid in the chain's token, that every action writing to the ledger costs, like a per-write transaction cost."
  },
  peaqToken: {
    id: "peaqToken",
    cat: "tokens-economics",
    term: "PEAQ (token)",
    def: "The peaq network's own token, used to pay gas fees and to lock up as the deposit when registering a machine."
  },
  gasStation: {
    id: "gasStation",
    cat: "tokens-economics",
    term: "Gas Station / faucet",
    def: "A peaq service that hands a brand-new, empty wallet a tiny starting amount of tokens so it can afford its first network fees. Gated by 2FA."
  },
  bond: {
    id: "bond",
    cat: "tokens-economics",
    term: "Bond",
    def: "A refundable deposit (currently 1 PEAQ) you lock up to register a machine, proving skin in the game, like a security deposit. Bonded means the deposit is in place."
  },
  nft: {
    id: "nft",
    cat: "tokens-economics",
    term: "NFT",
    def: "A unique, one-of-a-kind ownership token recorded on the chain. Unlike a coin, no two are interchangeable."
  },
  mint: {
    id: "mint",
    cat: "tokens-economics",
    term: "Mint / minting",
    def: "Creating a brand-new token on the chain and assigning it to an owner, like stamping a fresh serial-numbered certificate into existence."
  },
  machineNft: {
    id: "machineNft",
    cat: "tokens-economics",
    term: "Machine NFT",
    def: "The unique token representing one specific physical machine and its financial profile. It can be sold or bridged on its own, separate from the machine's identity."
  },
  identityNft: {
    id: "identityNft",
    cat: "tokens-economics",
    term: "Identity NFT",
    def: "A non-transferable (soulbound) token minted automatically when a machine registers, representing its identity. Its token ID equals the machine ID."
  },
  tokenId: {
    id: "tokenId",
    cat: "tokens-economics",
    term: "Token ID",
    def: "The unique number identifying one specific token within a collection, like a serial number."
  },
  mcr: {
    id: "mcr",
    cat: "tokens-economics",
    term: "Machine Credit Rating (MCR)",
    def: "A creditworthiness score for a machine (a Moody's-style grade AAA down to NR, plus a 0-100 number) computed from its recorded earnings and activity. Like a credit score for a robot."
  },
  mcrApi: {
    id: "mcrApi",
    cat: "tokens-economics",
    term: "MCR API",
    def: "The public web service you call to fetch a machine's credit score and profile as JSON. No login needed."
  },
  provisioned: {
    id: "provisioned",
    cat: "tokens-economics",
    term: "Provisioned / NR (Not Rated)",
    def: "Early MCR statuses. Provisioned means registered and bonded but with too little history to score yet. NR means no grade, because the score is too low or the machine isn't bonded."
  },
  event: {
    id: "event",
    cat: "tokens-economics",
    term: "Event (revenue / activity)",
    def: "A recorded data point about a machine's work, submitted to the chain to feed its credit score. Revenue events report money earned; activity events report work with no money. NOT a ROS topic message."
  },
  trustLevel: {
    id: "trustLevel",
    cat: "tokens-economics",
    term: "Trust level",
    def: "A label on each submitted event saying how strongly its truth is backed: the machine's word (0), a checkable on-chain record (1), or tamper-proof hardware proof (2)."
  },
  escrow: {
    id: "escrow",
    cat: "tokens-economics",
    term: "Escrow",
    def: "Holding a buyer's payment in a neutral locked place until the service is delivered, then releasing it, so neither side has to trust the other first."
  },
  paymentRail: {
    id: "paymentRail",
    cat: "tokens-economics",
    term: "Payment rail",
    def: "The specific method or channel a payment moves through, like choosing card vs bank transfer vs a particular token."
  },
  usdt: {
    id: "usdt",
    cat: "tokens-economics",
    term: "USDT",
    def: "A stablecoin token meant to hold a value of one US dollar, used to pay service providers without price swings."
  },
  fractionalize: {
    id: "fractionalize",
    cat: "tokens-economics",
    term: "Fractionalize (ERC-3643)",
    def: "Splitting ownership of one machine into many small tradable shares so multiple people can each own a piece. ERC-3643 is the regulated-securities token standard used to do it."
  },
  smartContract: {
    id: "smartContract",
    cat: "smart-contracts",
    term: "Smart contract / contract address",
    def: "A program deployed on the chain that runs exactly as written and that anyone can call, identified by its own 0x... address."
  },
  registryContracts: {
    id: "registryContracts",
    cat: "smart-contracts",
    term: "Registry contracts",
    def: "On-chain programs that each keep an official, lookup-able list: IdentityRegistry tracks which machines exist, EventRegistry stores their events, IdentityStaking holds their deposits."
  },
  smartAccount: {
    id: "smartAccount",
    cat: "smart-contracts",
    term: "Smart account (ERC-4337)",
    def: "A programmable wallet controlled by code instead of a single key, so it can enforce rules like spending limits. Each machine gets one at activation."
  },
  submitEvent: {
    id: "submitEvent",
    cat: "smart-contracts",
    term: "submitEvent / batchSubmitEvents",
    def: "The calls that record one or many of a machine's revenue or activity entries onto the chain."
  },
  revert: {
    id: "revert",
    cat: "smart-contracts",
    term: "Revert",
    def: "When an on-chain call is rejected and fully undone because a rule was broken, leaving no changes and usually a named error."
  },
  soulbound: {
    id: "soulbound",
    cat: "smart-contracts",
    term: "Soulbound",
    def: "A token that can never be transferred or sold and stays permanently attached to one owner. The Identity NFT is soulbound."
  },
  bridge: {
    id: "bridge",
    cat: "cross-chain",
    term: "Bridge / bridging",
    def: "Moving a token from one chain to another, so the same Machine NFT can exist on a different chain. peaq and Base are live today; bridging is mainnet-only."
  },
  base: {
    id: "base",
    cat: "cross-chain",
    term: "Base",
    def: "Another blockchain network (built by Coinbase) that peaqOS can move Machine NFTs to and from. Paying fees on Base needs Base ETH."
  },
  omniChain: {
    id: "omniChain",
    cat: "cross-chain",
    term: "Omni-chain / cross-chain",
    def: "Working across many separate chains at once, so a machine's identity and credit created on peaq can be read or used on other chains."
  },
  homeChain: {
    id: "homeChain",
    cat: "cross-chain",
    term: "Home chain",
    def: "The chain where a record's canonical, authoritative copy lives. For peaqOS that is peaq chain; every other chain holds a mirror."
  },
  satelliteChain: {
    id: "satelliteChain",
    cat: "cross-chain",
    term: "Satellite chain",
    def: "A chain carrying a read-only, automatically synced mirror of home-chain records, so apps there can use them without crossing back to the home chain."
  },
  sourceChainId: {
    id: "sourceChainId",
    cat: "cross-chain",
    term: "sourceChainId / sourceTxHash",
    def: "Two fields recording which chain an action happened on and its hash there, so a cross-chain event can be traced back and verified."
  },
  machineAgent: {
    id: "machineAgent",
    cat: "general-web3",
    term: "Machine Agent",
    def: "A third-party AI program (Claude, OpenAI, a custom bot) paired to a machine and given limited permission to find, buy, and pay for services on its behalf."
  },
  delegationPolicy: {
    id: "delegationPolicy",
    cat: "general-web3",
    term: "Delegation policy",
    def: "The rules an owner gives an AI agent that cap how much it can spend per transaction and per day and which services it may use, so it transacts within guardrails."
  },
  machineMarkets: {
    id: "machineMarkets",
    cat: "general-web3",
    term: "Machine Markets / Service Registry",
    def: "peaqOS's marketplace where machines list services they offer (Service Registry) and where agents discover, order, pay for, and run services from others."
  },
  sdk: {
    id: "sdk",
    cat: "general-web3",
    term: "SDK (peaq-os-sdk)",
    def: "peaq's code library (Python and JS) you install to call all this functionality without writing low-level blockchain calls yourself."
  },
  stream: {
    id: "stream",
    cat: "data-stream",
    term: "Stream (Data-as-a-Service)",
    def: "The peaqOS function where a machine sells the data it generates: it signs the data, encrypts what's sensitive, and grants buyers access. Selling data, as opposed to selling services (that's Monetize)."
  },
  edgeAgent: {
    id: "edgeAgent",
    cat: "data-stream",
    term: "peaqOS Edge Agent",
    def: "Software that runs on the machine itself (as a ROS 2 node) and signs, encrypts, and ships the data it produces. The on-machine half of Stream."
  },
  dataPackage: {
    id: "dataPackage",
    cat: "data-stream",
    term: "Signed data package",
    def: "A bundle of machine data stamped with the machine's identity (DID, timestamp, sequence number) and a signature, so anyone can prove which machine produced it and that it wasn't altered."
  },
  dataEventMap: {
    id: "dataEventMap",
    cat: "data-stream",
    term: "Data Event Map",
    def: "The policy file a machine owner writes to control what streams out: which topics to read, which fields to keep, drop, or encrypt, and where the signed data goes."
  },
  chunk: {
    id: "chunk",
    cat: "data-stream",
    term: "Chunk",
    def: "A bounded, individually encrypted slice of a data stream (by time window or size). The unit a buyer actually purchases and decrypts."
  },
  chunkChain: {
    id: "chunkChain",
    cat: "data-stream",
    term: "Chunk chain",
    def: "A run of chunks linked in order, each referencing the one before it, so missing, reordered, or edited chunks are detectable. Tamper-evidence for a continuous stream."
  },
  manifest: {
    id: "manifest",
    cat: "data-stream",
    term: "Manifest",
    def: "A signed record describing a chunk or dataset — its hashes, storage location, and encryption details — without the data itself. Buyers verify the manifest before trusting or buying."
  },
  dataset: {
    id: "dataset",
    cat: "data-stream",
    term: "Dataset",
    def: "A group of chunks for one topic and time range, packaged for sale with a single fingerprint (a Merkle root) that covers every chunk in it."
  },
  merkleRoot: {
    id: "merkleRoot",
    cat: "data-stream",
    term: "Merkle root",
    def: "One short hash that stands in for a whole set of items, letting you later prove a specific chunk belongs to a dataset without revealing the rest."
  },
  envelopeEncryption: {
    id: "envelopeEncryption",
    cat: "data-stream",
    term: "Envelope encryption / key wrapping",
    def: "Encrypt the data once with a random key, then lock that key separately for each authorized reader. Granting a buyer access re-locks the key to their public key — the data itself is never re-encrypted."
  },
  accessGrant: {
    id: "accessGrant",
    cat: "data-stream",
    term: "Access grant",
    def: "What a buyer receives after paying: the chunk keys they bought, each locked to their public key. They unlock with their private key and decrypt only those chunks."
  },
  contextProvider: {
    id: "contextProvider",
    cat: "data-stream",
    term: "Context Provider",
    def: "A third party that buys machine data, normalizes it into datasets, and serves or resells it (for example, for AI training). The buyer side of Stream, such as DataHive."
  },
  walrus: {
    id: "walrus",
    cat: "chain-infra",
    term: "Walrus",
    def: "A decentralized storage network where encrypted data chunks can be parked, referenced by walrus:// links. The data stays off the blockchain; only its reference and fingerprint are tracked on-chain."
  },
  solana: {
    id: "solana",
    cat: "cross-chain",
    term: "Solana",
    def: "A high-throughput blockchain. peaqOS wallets can hold a Solana account and sign Solana transactions, and machine-economy payments can settle there."
  }
};

The Python <Tooltip tip={G.sdk.def}>SDK</Tooltip> exposes the [Machine Markets API](/peaqos/api-reference/machine-markets-overview) on the existing `PeaqosClient` via `client.orchestration`. Flat methods, sync, snake\_case, frozen-slotted dataclasses.

## Setup

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
from dotenv import load_dotenv
from peaq_os_sdk import PeaqosClient

load_dotenv()

client = PeaqosClient.from_env()
machines = client.orchestration.list_machines()
for m in machines.items:
    print(m.id, m.display_name)
```

Functional form for tree-shaking or testing:

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
from peaq_os_sdk.orchestration import list_machines

resp = list_machines(client, limit=20)
```

Accessing `client.orchestration` without `orchestration_url` raises `OrchestrationConfigError`.

## Configuration

### Constructor kwargs

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
PeaqosClient(
    *,
    rpc_url: str,
    private_key: str,
    # ... on-chain contract addresses ...
    api_url: str = "http://127.0.0.1:8000",  # MCR API
    orchestration_url: str | None = None,
    api_key: str | None = None,              # platform x-api-key
    verbose: bool = False,
)
```

### Env vars (via `PeaqosClient.from_env()`)

| Var                                                                                                                                                          | Required | Purpose                               |
| :----------------------------------------------------------------------------------------------------------------------------------------------------------- | :------- | :------------------------------------ |
| `PEAQOS_RPC_URL`                                                                                                                                             | yes      | peaq RPC for on-chain                 |
| `PEAQOS_PRIVATE_KEY`                                                                                                                                         | yes      | signer for on-chain                   |
| `IDENTITY_REGISTRY_ADDRESS`, `IDENTITY_STAKING_ADDRESS`, `EVENT_REGISTRY_ADDRESS`, `MACHINE_NFT_ADDRESS`, `DID_REGISTRY_ADDRESS`, `BATCH_PRECOMPILE_ADDRESS` | yes      | on-chain contract addresses           |
| `PEAQOS_ORCHESTRATION_URL`                                                                                                                                   | optional | enables `client.orchestration`        |
| `PEAQOS_API_KEY`                                                                                                                                             | optional | platform API key (`x-api-key` header) |
| `PEAQOS_MCR_API_URL`                                                                                                                                         | optional | MCR base URL                          |

Transport constants:

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
DEFAULT_READ_TIMEOUT_MS  = 30_000   # GET
DEFAULT_WRITE_TIMEOUT_MS = 60_000   # everything else
API_BASE_PATH            = "/api/v1"
HEADER_API_KEY              = "x-api-key"
HEADER_AGENT_PAIRING_TOKEN  = "x-agent-pairing-token"
```

`User-Agent: peaqos-sdk-py/<version>`. Per-method timeout overrides are not exposed on public methods yet.

## Envelopes

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
@dataclass(frozen=True, slots=True)
class ListResponse(Generic[T]):
    items: tuple[T, ...]
    next_cursor: str | None         # None when there is no next page

@dataclass(frozen=True, slots=True)
class ItemResponse(Generic[T]):
    item: T

LIST_QUERY_DEFAULT_LIMIT = 100
LIST_QUERY_MAX_LIMIT = 500

@dataclass(frozen=True, slots=True)
class ListQuery:
    limit:  int | None = None       # 1..500
    cursor: str | None = None       # omit on first page
```

`204 No Content` returns `None`. `validate_list_limit` rejects `limit < 1` or `limit > 500` with `OrchestrationValidationError`.

## Machines

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.list_machines(
    *, limit: int | None = None, cursor: str | None = None,
) -> ListResponse[Machine]

client.orchestration.create_machine(params: CreateMachineRequest) -> ItemResponse[Machine]
client.orchestration.get_machine(machine_id: str) -> ItemResponse[Machine]
client.orchestration.update_machine(machine_id: str, params: UpdateMachineRequest) -> ItemResponse[Machine]
client.orchestration.archive_machine(machine_id: str) -> None
```

`Machine` shape:

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
@dataclass(frozen=True, slots=True)
class Machine:
    id:              str
    display_name:    str
    status:          Literal["draft", "active", "degraded", "blocked", "archived"]
    owner_id:        str
    machine_type:    str
    runtime_profile: str
    capabilities:    tuple[str, ...]
    labels:          Mapping[str, str]
    policy_ids:      tuple[str, ...]
    skill_keys:      tuple[str, ...]
    created_at:      str
    updated_at:      str
    identity_ref:    str | None = None
```

## Machine agents

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.list_machine_agents(machine_id: str) -> ListResponse[MachineAgent]
client.orchestration.enroll_machine_agent(machine_id: str, params: EnrollMachineAgentRequest | None = None) -> ItemResponse[MachineAgent]
client.orchestration.revoke_machine_agent(machine_id: str, agent_id: str) -> None
client.orchestration.machine_agent_heartbeat(params: MachineAgentHeartbeatRequest) -> MachineAgentHeartbeatResponse
```

`enroll_machine_agent` returns `ItemResponse[MachineAgent]` whose `item.provisioning_token` is populated once at enrollment. `machine_agent_heartbeat` uses no auth header — `agent_token` rides in the JSON body.

## Machine identity challenges

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.create_machine_identity_challenge(
    params: CreateMachineIdentityChallengeRequest,
) -> ItemResponse[MachineIdentityChallengeResponse]
```

Requests a server-issued challenge tied to a `did:peaq:0x...` or `peaqos:machine:<id>` identity reference. The DID controller signs `item.message` with EIP-191 `personal_sign` and submits the resulting `{challengeId, signature}` as `identity_proof` when creating or updating the machine record.

## Agent pairings

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.list_agent_pairings(machine_id: str, *, limit: int | None = None, cursor: str | None = None) -> ListResponse[AgentPairing]

client.orchestration.create_agent_pairing_challenge(
    machine_id: str,
    params: CreateAgentPairingChallengeRequest,
) -> ItemResponse[AgentPairingChallengeResponse]

client.orchestration.create_agent_pairing(
    machine_id: str,
    params: CreateAgentPairingRequest,
) -> ItemResponse[AgentPairing]

client.orchestration.create_agent_pairing_session(
    machine_id: str,
    pairing_id: str,
    params: CreateAgentPairingSessionRequest,
) -> ItemResponse[AgentPairing]

client.orchestration.update_agent_pairing(
    machine_id: str,
    pairing_id: str,
    params: UpdateAgentPairingRequest,
) -> ItemResponse[AgentPairing]

client.orchestration.revoke_agent_pairing(machine_id: str, pairing_id: str) -> None
```

Pairing is challenge-based end to end:

1. `create_agent_pairing_challenge` returns a server-issued challenge keyed to `agent_address`, `agent_provider`, `agent_role`, and optional `agent_did`.
2. The <Tooltip tip={G.machineAgent.def}>Machine Agent</Tooltip> <Tooltip tip={G.sign.def}>signs</Tooltip> `item.message` (EIP-191) with the <Tooltip tip={G.wallet.def}>wallet</Tooltip> key behind `agent_address`.
3. `create_agent_pairing` accepts the proof in `params.agent_proof` and returns the pairing with a signed HS256 session JWT in `pairing_token`. The token is returned once at create.
4. `create_agent_pairing_session` rotates the session token before expiry with a fresh proof. Required after any `update_agent_pairing` to the <Tooltip tip={G.delegationPolicy.def}>delegation policy</Tooltip>, since policy changes invalidate the current token's `delegation_policy_hash`.

Both create methods set `pairing_token` exactly once each. `AgentPairing.__repr__` redacts the token to keep it out of logs.

`CreateAgentPairingRequest` now requires `agent_proof: AgentPairingProof` and accepts optional `agent_did`. `delegation_policy.allowed_service_ids` and `delegation_policy.denied_service_ids` join the existing skill-level allow/deny lists.

## Runtime endpoints

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.list_runtime_endpoints(machine_id: str, *, limit: int | None = None, cursor: str | None = None) -> ListResponse[RuntimeEndpoint]
client.orchestration.get_runtime_endpoint(machine_id: str, provider_key: str) -> ItemResponse[RuntimeEndpoint]
client.orchestration.upsert_runtime_endpoint(machine_id: str, provider_key: str, params: UpsertRuntimeEndpointRequest) -> ItemResponse[RuntimeEndpoint]
client.orchestration.delete_runtime_endpoint(machine_id: str, provider_key: str) -> None
```

`upsert_runtime_endpoint` validates that `endpoint_base_url` parses as `http`/`https` with a non-empty host. `auth_token` is treated as a secret in error redaction.

## Skills

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
class ListSkillsOptions:
    scope:     SkillScope     | None = None  # core-product | bootstrap-reference | ecosystem
    direction: SkillDirection | None = None  # machine-offers | machine-consumes
    source:    SkillSource    | None = None  # peaq | partner | clawhub | external-marketplace

client.orchestration.list_skills(options: ListSkillsOptions | None = None, *, limit: int | None = None, cursor: str | None = None) -> ListResponse[SkillSummary]
client.orchestration.get_skill(skill_key: str) -> ItemResponse[SkillSummary]
client.orchestration.get_skill_manifest(skill_key: str) -> ItemResponse[SkillManifest]
client.orchestration.update_skill_config(skill_key: str, params: UpdateSkillConfigRequest) -> ItemResponse[SkillConfigResponse]
```

## Market services

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
class ListMarketServicesOptions:
    machine_id:     str           | None = None
    service_type:   ServiceType   | None = None
    execution_mode: ExecutionMode | None = None
    provider_key:   str           | None = None

class GetMarketServiceOptions:
    machine_id: str | None = None

client.orchestration.list_market_services(options: ListMarketServicesOptions | None = None, *, limit: int | None = None, cursor: str | None = None) -> ListResponse[MarketService]
client.orchestration.get_market_service(service_id: str, options: GetMarketServiceOptions | None = None) -> ItemResponse[MarketService]
```

## Market search

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.search_market(params: MarketSearchRequest, pairing_token: str) -> ItemResponse[MarketSearch]
client.orchestration.get_market_search(search_id: str) -> ItemResponse[MarketSearch]
```

`search_market` uses `x-agent-pairing-token` auth — the token rides as the second argument and is sent per call. `get_market_search` uses platform auth.

## Market orders

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.list_market_orders(
    *, machine_id: str, limit: int | None = None, cursor: str | None = None,
) -> ListResponse[MarketOrder]

client.orchestration.create_market_order(
    params: CreateMarketOrderRequest,        # machine_id, agent_pairing_id, service_id required
    pairing_token: str,
) -> ItemResponse[MarketOrder]

client.orchestration.get_market_order(order_id: str) -> ItemResponse[MarketOrder]

client.orchestration.execute_market_order(
    order_id: str,
    params: ExecuteMarketOrderRequest,       # input?
    pairing_token: str,
) -> ExecuteMarketOrderResponse              # union narrowed by execution.status_code

client.orchestration.confirm_market_order(
    order_id: str,
    pairing_token: str,
) -> ConfirmMarketOrderResponse              # { order, payment: MarketPayment | None }

client.orchestration.dispute_market_order(
    order_id: str,
    params: DisputeMarketOrderRequest,       # reason required; evidence optional
    pairing_token: str,
) -> DisputeMarketOrderResponse              # { order, payment, dispute }; payment → "frozen"
```

`list_market_orders` and `get_market_order` use platform auth; the four mutating calls require the agent's `pairing_token`.

`execute_market_order` returns a union narrowed by `execution.status_code`: `200` for a native run (with `run` + `outcome`), `202` for an external handoff (with `handoff: { label, url, notes }`).

## Payment settlement

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.create_payment_intent(
    order_id: str,
    params: CreatePaymentIntentRequest,      # rail?, amount?, currency?
    pairing_token: str,
) -> ItemResponse[MarketPayment]

client.orchestration.get_market_payment(order_id: str) -> ItemResponse[MarketPayment | None]

client.orchestration.submit_payment_proof(
    order_id: str,
    params: SubmitPaymentProofRequest,       # EVM: transaction_hash | Solana: transaction_signature; verification_mode required; chain, token, payer_address, payee_address, amount required
    pairing_token: str,
) -> ItemResponse[MarketPayment]

client.orchestration.lock_escrow_payment(
    order_id: str,
    params: LockEscrowPaymentRequest,        # transaction_hash, chain, escrow_address all required
    pairing_token: str,
) -> ItemResponse[MarketPayment]

client.orchestration.release_payment(
    order_id: str,
    params: ReleasePaymentRequest | None,    # transaction_hash?, notes?
    pairing_token: str,
) -> ItemResponse[MarketPayment]

client.orchestration.refund_payment(
    order_id: str,
    params: RefundPaymentRequest | None,     # transaction_hash?, reason?
    pairing_token: str,
) -> ItemResponse[MarketPayment]
```

`submit_payment_proof` accepts both EVM and Solana proof shapes; `verification_mode` is `"recorded" | "rpc"`. RPC verification cross-checks the ERC-20 Transfer log against expected `token`, `payer_address`, `payee_address`, and `amount`.

## Pagination

Six sync auto-paginated iterators ship in this release:

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
for m in client.orchestration.list_machines_all():
    ...
for s in client.orchestration.list_skills_all():
    ...
for svc in client.orchestration.list_market_services_all():
    ...
for o in client.orchestration.list_market_orders_all(machine_id="m-1"):
    ...
for p in client.orchestration.list_agent_pairings_all():
    ...
for e in client.orchestration.list_runtime_endpoints_all():
    ...
```

Each `*_all` accepts the same filter kwargs as its non-iterator counterpart, minus `cursor`. `limit` controls page size; cursor is managed internally.

For manual pagination, the underlying `list_*` methods now accept `cursor` and `limit` as keyword-only args:

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
cursor = None
while True:
    page = client.orchestration.list_market_orders(
        machine_id="m-1", limit=50, cursor=cursor,
    )
    for order in page.items:
        handle(order)
    if page.next_cursor is None:
        break
    cursor = page.next_cursor
```

`MarketSearch`:

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
@dataclass(frozen=True, slots=True)
class MarketSearch:
    id: str
    machine_id: str
    request_payload: Mapping[str, Any]
    normalized_task: NormalizedTask
    status: Literal["completed", "no_match"]
    quotes: tuple[MarketQuote, ...]
    created_at: str
    agent_pairing_id: str | None = None
```

## Policies

Cross-cutting policy records above and beyond a pairing's delegation policy. Platform auth.

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.list_policies(
    *, limit: int | None = None, cursor: str | None = None,
) -> ListResponse[Policy]

client.orchestration.create_policy(params: CreatePolicyRequest) -> ItemResponse[Policy]

client.orchestration.update_policy(policy_id: str, params: UpdatePolicyRequest) -> ItemResponse[Policy]
```

`get_policy` is not wired yet — fetch via `list_policies` until it ships.

## Observability

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
client.orchestration.check_health() -> HealthResponse        # GET /health (host root)

client.orchestration.get_readiness() -> ReadinessResponse    # GET /readiness

client.orchestration.list_audit_events(
    *,
    machine_id: str | None = None,
    resource_type: str | None = None,
    limit: int | None = None,
) -> ListResponse[AuditEvent]
```

## Coming next

These endpoints ship on the HTTP API (see [Machine Markets API: Orchestration](/peaqos/api-reference/machine-markets-orchestration)). SDK method bindings follow shortly:

* Tasks: `create_task`, `discover_task`, `resolve_task`, `execute_task`, `get_task`, `list_tasks`
* Graph: `get_machine_graph`, `create_graph_node`, `update_graph_node`, `delete_graph_node`, `create_graph_edge`, `update_graph_edge`, `delete_graph_edge`
* Policies: `get_policy`
* Runs: `list_runs`, `get_run`
* Order family extras: `cancel_market_order`, `retry_market_order`

Types for the remaining order-family operations already ship in `peaq_os_sdk` so application code can prepare for the methods landing.

## Errors

All extend `peaq_os_sdk.exceptions.base.PeaqosError`:

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
class OrchestrationError(PeaqosError):
    """Base. Catch this for any orchestration failure."""

class OrchestrationApiError(OrchestrationError):
    code:        str        # CommonErrorCode literal or any service string
    status_code: int        # HTTP status; 0 when raised by client-side validation
    details:     Any | None # snake-cased payload; sensitive fields redacted

class OrchestrationNetworkError(OrchestrationError):
    """Transport-level failure. __cause__ carries the original requests.RequestException."""

class OrchestrationConfigError(OrchestrationError):
    """Misconfiguration — orchestration_url missing or invalid."""

class OrchestrationValidationError(OrchestrationError):
    field:      str
    constraint: str
```

`CommonErrorCode` literal: `AUTH_REQUIRED`, `AUTH_INVALID`, `AGENT_AUTH_REQUIRED`, `AGENT_AUTH_INVALID`, `AGENT_AUTH_EXPIRED`, `VALIDATION_ERROR`, `NOT_FOUND`, `MACHINE_NOT_ACTIVE`, `MACHINE_NOT_ACTIVATED`, `MACHINE_IDENTITY_EXISTS`, `MACHINE_IDENTITY_IMMUTABLE`, `MACHINE_IDENTITY_PROOF_REQUIRED`, `MACHINE_IDENTITY_PROOF_INVALID`, `MACHINE_IDENTITY_PROOF_EXPIRED`, `PEAQOS_IDENTITY_UNAVAILABLE`, `AGENT_PAIRING_PROOF_REQUIRED`, `AGENT_PAIRING_PROOF_INVALID`, `AGENT_PAIRING_PROOF_EXPIRED`, `AGENT_PAIRING_UNAVAILABLE`, `AGENT_PAIRING_REQUIRED`, `AGENT_PAIRING_INACTIVE`, `AGENT_POLICY_DENIED`, `AGENT_SPEND_LIMIT_EXCEEDED`, `AGENT_DAILY_LIMIT_EXCEEDED`, `QUOTE_EXPIRED`, `ORDER_CLOSED`, `ORDER_NOT_DELIVERED`, `PAYMENT_REQUIRED`, `PAYMENT_RPC_REQUIRED`, `PAYMENT_RPC_ERROR`, `PAYMENT_TX_FAILED`, `EXECUTION_UNSUPPORTED`, `ENDPOINT_UNREACHABLE`.

**New types exported in `0.3.0`:**

```python theme={"theme":{"light":"github-light-default","dark":"github-dark"}}
@dataclass(frozen=True, slots=True)
class MachineIdentityProofInput:
    challenge_id: str
    signature: str

@dataclass(frozen=True, slots=True)
class AgentPairingChallengeResponse:
    challenge_id: str
    agent_address: str
    message: str
    expires_at: str
    verification_method: Literal["eip191"]
    machine_id: str | None = None
    machine_identity_ref: str | None = None
    agent_did: str | None = None

@dataclass(frozen=True, slots=True)
class AgentProofInput:
    challenge_id: str
    signature: str

@dataclass(frozen=True, slots=True)
class ProviderCredentials:
    # Per-adapter credentials. Shape is adapter-specific and
    # documented per-adapter on robotic.sh. Always redacted
    # before request bodies are persisted.
    providers: Mapping[str, Mapping[str, str]] | None = None
```

`MarketPaymentRailType` adds `"wdk-usdt-transfer"` alongside the existing `"x402" | "mpp" | "wallet" | "vault-stripe" | "escrow" | "onchain-escrow" | "offchain-record" | "external" | "not-required"` set.

The transport synthesises `BAD_RESPONSE` (non-JSON body) and `INVALID_RESPONSE_SHAPE` (envelope mismatch) when the server response is malformed.

## Sync vs async

Sync only on this branch. Every public function is plain `def` over `requests.Session`. The transport reuses `client.session`, so users can wrap retries externally. First-class async support is on the roadmap.

## Credential handling

* **Platform** (`x-api-key`) — set once on the client via `api_key`, sent on every call by default.
* **Agent pairing** (`x-agent-pairing-token`) — passed per call to `search_market` as the second argument. The SDK does not store or rotate it.
* **None** — used only by `machine_agent_heartbeat` (token rides in the body).

`_sanitize_body` redacts any field whose name contains `token`, `key`, `secret`, `password`, `credential`, or `auth` (case-insensitive) before attaching the body to an error.

## Related

* [Machine Markets API](/peaqos/api-reference/machine-markets-overview)
* [Orchestration (JavaScript)](/peaqos/sdk-reference/orchestration-js)
* [Scale function](/peaqos/functions/scale)
* [Machine Markets concept](/peaqos/concepts/machine-markets)
