# @ng-eventually/client Two entry points — the data-plane is SDK-identical, the polyfill bootstrap is separate: | Import | Surface | |---|---| | `@ng-eventually/client` | The same signature as the SDK — `ng`, `useShape`, `inbox` (+ types). A drop-in for `@ng-org/web` / `@ng-org/orm`; as NextGraph matures it resolves to the real SDK (build alias removed) with no code change. | | `@ng-eventually/client/polyfill` | The only non-SDK surface — `configure`, `setCurrentUser`, and capability helpers (`getCaps`, `grantRead`, `canRead`/`canWrite`). It falls away as NextGraph matures. | ```ts // bootstrap (the only non-SDK call) — inject the real SDK import { configure } from "@ng-eventually/client/polyfill"; configure({ ng: realNg, useShape: realUseShape, sharedWallet, currentUser }); // from here on, a pure SDK surface: import { ng, useShape, inbox } from "@ng-eventually/client"; await ng.doc_create(/* … */); const set = useShape(MyShape, scope); // filtered to what the identity may read await inbox.post(targetInbox, ref); // deposit (anticipated SDK API) ``` What the polyfill adds on top of the real SDK (each emulated for now, native as NextGraph matures): - Shared-wallet identity (one wallet for everyone; the current identity id is relayed to the SDK). - Capability enforcement — a read filter + write guard over emulated grants attached to documents; the app declares a document's read policy and issues directed read grants. - Anticipated methods (inbox `post`, capability ops) with their future-SDK shapes, emulated for now. Generic: no application domain. The consumer application injects its shapes and performs the acts of granting access. The relationship concept ("who is connected to whom") is the consumer application's own — the client exposes only directed per-document read grants.