diff --git a/main.go b/main.go
index 87e3fea..a7fb20b 100644
--- a/main.go
+++ b/main.go
@@ -338,20 +338,29 @@ func executeAction(params *types.FilterParams) (json.RawMessage, error) {
 }
 
 func executeAccountAction(params *types.FilterParams) (json.RawMessage, error) {
+	am, err := keybase.NewActionManager()
+	if err != nil {
+		return nil, fmt.Errorf("action manager: %w", err)
+	}
+
+	ctx := context.Background()
+
 	switch params.Action {
 	case "list":
-		accounts := []types.Account{
-			{
-				Address:      "sonr1abc123...",
-				ChainID:      "sonr-mainnet-1",
-				CoinType:     118,
-				AccountIndex: 0,
-				AddressIndex: 0,
-				Label:        "Primary",
-				IsDefault:    true,
-			},
+		accounts, err := am.ListAccounts(ctx)
+		if err != nil {
+			return nil, fmt.Errorf("list accounts: %w", err)
 		}
 		return json.Marshal(accounts)
+	case "get":
+		if params.Subject == "" {
+			return nil, errors.New("subject (address) required for get action")
+		}
+		account, err := am.GetAccountByAddress(ctx, params.Subject)
+		if err != nil {
+			return nil, fmt.Errorf("get account: %w", err)
+		}
+		return json.Marshal(account)
 	case "balances":
 		return fetchAccountBalances(params.Subject)
 	case "sign":
@@ -396,32 +405,56 @@ func fetchAccountBalances(address string) (json.RawMessage, error) {
 }
 
 func executeCredentialAction(params *types.FilterParams) (json.RawMessage, error) {
+	am, err := keybase.NewActionManager()
+	if err != nil {
+		return nil, fmt.Errorf("action manager: %w", err)
+	}
+
+	ctx := context.Background()
+
 	switch params.Action {
 	case "list":
-		credentials := []types.Credential{
-			{
-				CredentialID:  "cred_abc123",
-				DeviceName:    "MacBook Pro",
-				DeviceType:    "platform",
-				Authenticator: "Touch ID",
-				Transports:    []string{"internal"},
-				CreatedAt:     "2025-01-01T00:00:00Z",
-				LastUsed:      "2025-01-01T00:00:00Z",
-			},
+		credentials, err := am.ListCredentials(ctx)
+		if err != nil {
+			return nil, fmt.Errorf("list credentials: %w", err)
 		}
 		return json.Marshal(credentials)
+	case "get":
+		if params.Subject == "" {
+			return nil, errors.New("subject (credential_id) required for get action")
+		}
+		credential, err := am.GetCredentialByID(ctx, params.Subject)
+		if err != nil {
+			return nil, fmt.Errorf("get credential: %w", err)
+		}
+		return json.Marshal(credential)
 	default:
 		return nil, fmt.Errorf("unknown action for credentials: %s", params.Action)
 	}
 }
 
 func executeSessionAction(params *types.FilterParams) (json.RawMessage, error) {
+	am, err := keybase.NewActionManager()
+	if err != nil {
+		return nil, fmt.Errorf("action manager: %w", err)
+	}
+
+	ctx := context.Background()
+
 	switch params.Action {
 	case "list":
-		return json.Marshal([]map[string]any{})
-	case "create":
-		return json.Marshal(map[string]string{"session_id": "sess_placeholder"})
+		sessions, err := am.ListSessions(ctx)
+		if err != nil {
+			return nil, fmt.Errorf("list sessions: %w", err)
+		}
+		return json.Marshal(sessions)
 	case "revoke":
+		if params.Subject == "" {
+			return nil, errors.New("subject (session_id) required for revoke action")
+		}
+		if err := am.RevokeSession(ctx, params.Subject); err != nil {
+			return nil, fmt.Errorf("revoke session: %w", err)
+		}
 		return json.Marshal(map[string]bool{"revoked": true})
 	default:
 		return nil, fmt.Errorf("unknown action for sessions: %s", params.Action)
@@ -429,12 +462,31 @@ func executeSessionAction(params *types.FilterParams) (json.RawMessage, error) {
 }
 
 func executeGrantAction(params *types.FilterParams) (json.RawMessage, error) {
+	am, err := keybase.NewActionManager()
+	if err != nil {
+		return nil, fmt.Errorf("action manager: %w", err)
+	}
+
+	ctx := context.Background()
+
 	switch params.Action {
 	case "list":
-		return json.Marshal([]map[string]any{})
-	case "create":
-		return json.Marshal(map[string]string{"grant_id": "grant_placeholder"})
+		grants, err := am.ListGrants(ctx)
+		if err != nil {
+			return nil, fmt.Errorf("list grants: %w", err)
+		}
+		return json.Marshal(grants)
 	case "revoke":
+		if params.Subject == "" {
+			return nil, errors.New("subject (grant_id) required for revoke action")
+		}
+		var grantID int64
+		if _, err := fmt.Sscanf(params.Subject, "%d", &grantID); err != nil {
+			return nil, fmt.Errorf("invalid grant_id: %w", err)
+		}
+		if err := am.RevokeGrant(ctx, grantID); err != nil {
+			return nil, fmt.Errorf("revoke grant: %w", err)
+		}
 		return json.Marshal(map[string]bool{"revoked": true})
 	default:
 		return nil, fmt.Errorf("unknown action for grants: %s", params.Action)
@@ -442,41 +494,59 @@ func executeGrantAction(params *types.FilterParams) (json.RawMessage, error) {
 }
 
 func resolveDID(did string) (*types.QueryOutput, error) {
-	output := &types.QueryOutput{
-		DID:        did,
-		Controller: did,
-		VerificationMethods: []types.VerificationMethod{
-			{
-				ID:         did + "#key-1",
-				Type:       "Ed25519VerificationKey2020",
-				Controller: did,
-				PublicKey:  "placeholder_public_key",
-				Purpose:    "authentication",
-			},
-		},
-		Accounts: []types.Account{
-			{
-				Address:      "sonr1abc123...",
-				ChainID:      "sonr-mainnet-1",
-				CoinType:     118,
-				AccountIndex: 0,
-				AddressIndex: 0,
-				Label:        "Primary",
-				IsDefault:    true,
-			},
-		},
-		Credentials: []types.Credential{
-			{
-				CredentialID:  "cred_abc123",
-				DeviceName:    "MacBook Pro",
-				DeviceType:    "platform",
-				Authenticator: "Touch ID",
-				Transports:    []string{"internal"},
-				CreatedAt:     "2025-01-01T00:00:00Z",
-				LastUsed:      "2025-01-01T00:00:00Z",
-			},
-		},
+	am, err := keybase.NewActionManager()
+	if err != nil {
+		return nil, fmt.Errorf("action manager: %w", err)
 	}
 
-	return output, nil
+	ctx := context.Background()
+	doc, err := am.ResolveDID(ctx, did)
+	if err != nil {
+		return nil, fmt.Errorf("resolve DID: %w", err)
+	}
+
+	vms := make([]types.VerificationMethod, len(doc.VerificationMethods))
+	for i, vm := range doc.VerificationMethods {
+		vms[i] = types.VerificationMethod{
+			ID:         vm.ID,
+			Type:       vm.Type,
+			Controller: vm.Controller,
+			PublicKey:  vm.PublicKey,
+			Purpose:    vm.Purpose,
+		}
+	}
+
+	accounts := make([]types.Account, len(doc.Accounts))
+	for i, acc := range doc.Accounts {
+		accounts[i] = types.Account{
+			Address:      acc.Address,
+			ChainID:      acc.ChainID,
+			CoinType:     int(acc.CoinType),
+			AccountIndex: int(acc.AccountIndex),
+			AddressIndex: int(acc.AddressIndex),
+			Label:        acc.Label,
+			IsDefault:    acc.IsDefault,
+		}
+	}
+
+	credentials := make([]types.Credential, len(doc.Credentials))
+	for i, cred := range doc.Credentials {
+		credentials[i] = types.Credential{
+			CredentialID:  cred.CredentialID,
+			DeviceName:    cred.DeviceName,
+			DeviceType:    cred.DeviceType,
+			Authenticator: cred.Authenticator,
+			Transports:    cred.Transports,
+			CreatedAt:     cred.CreatedAt,
+			LastUsed:      cred.LastUsed,
+		}
+	}
+
+	return &types.QueryOutput{
+		DID:                 doc.DID,
+		Controller:          doc.Controller,
+		VerificationMethods: vms,
+		Accounts:            accounts,
+		Credentials:         credentials,
+	}, nil
 }