1id 0.5.0 → 0.8.0

package/dist/credentials.d.ts

@@ -46,10 +46,8 @@ export interface StoredCredentials {
     display_name?: string | null;
     /** Agent Identity URN (e.g., 'urn:aid:1id.com:1id-a7b3c9d2'), or null if not yet assigned. */
     agent_identity_urn?: string | null;
-    /** ISO 8601 timestamp of when the user consented to privacy implications. */
-    privacy_consent_given_at?: string | null;
-    /** The user's chosen default attestation mode: 'sd-jwt' or 'direct'. */
-    default_attestation_mode?: string | null;
+    /** Full PEM-encoded certificate chain (leaf -> intermediate -> root) issued during enrollment. */
+    identity_certificate_chain_pem?: string | null;
 }
 /**
  * Return the platform-appropriate directory for storing credentials.

package/dist/credentials.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAQH,eAAO,MAAM,oBAAoB,oBAAoB,CAAC;AACtD,eAAO,MAAM,sBAAsB,gEAAgE,CAAC;AAKpG;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAChC,4EAA4E;IAC5E,SAAS,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,aAAa,EAAE,MAAM,CAAC;IACtB,+CAA+C;IAC/C,cAAc,EAAE,MAAM,CAAC;IACvB,+CAA+C;IAC/C,YAAY,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,UAAU,EAAE,MAAM,CAAC;IACnB,kDAAkD;IAClD,aAAa,EAAE,MAAM,CAAC;IACtB,mEAAmE;IACnE,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,qFAAqF;IACrF,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,wCAAwC;IACxC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,qEAAqE;IACrE,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,8FAA8F;IAC9F,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,6EAA6E;IAC7E,wBAAwB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzC,wEAAwE;IACxE,wBAAwB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1C;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,IAAI,MAAM,CAelD;AAED;;GAEG;AACH,wBAAgB,yBAAyB,IAAI,MAAM,CAElD;AAgBD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,iBAAiB,GAAG,MAAM,CAwCvE;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,IAAI,iBAAiB,CAsCpD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,OAAO,CAO5C"}
+{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAQH,eAAO,MAAM,oBAAoB,oBAAoB,CAAC;AACtD,eAAO,MAAM,sBAAsB,gEAAgE,CAAC;AAKpG;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAChC,4EAA4E;IAC5E,SAAS,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,aAAa,EAAE,MAAM,CAAC;IACtB,+CAA+C;IAC/C,cAAc,EAAE,MAAM,CAAC;IACvB,+CAA+C;IAC/C,YAAY,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,UAAU,EAAE,MAAM,CAAC;IACnB,kDAAkD;IAClD,aAAa,EAAE,MAAM,CAAC;IACtB,mEAAmE;IACnE,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,qFAAqF;IACrF,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,wCAAwC;IACxC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,qEAAqE;IACrE,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,8FAA8F;IAC9F,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,kGAAkG;IAClG,8BAA8B,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAChD;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,IAAI,MAAM,CAelD;AAED;;GAEG;AACH,wBAAgB,yBAAyB,IAAI,MAAM,CAElD;AAgBD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,iBAAiB,GAAG,MAAM,CAqCvE;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,IAAI,iBAAiB,CAqCpD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,OAAO,CAO5C"}

package/dist/credentials.js

@@ -102,11 +102,8 @@ export function save_credentials(credentials) {
     if (credentials.agent_identity_urn != null) {
         credentials_dict["agent_identity_urn"] = credentials.agent_identity_urn;
     }
-    if (credentials.privacy_consent_given_at != null) {
-        credentials_dict["privacy_consent_given_at"] = credentials.privacy_consent_given_at;
-    }
-    if (credentials.default_attestation_mode != null) {
-        credentials_dict["default_attestation_mode"] = credentials.default_attestation_mode;
+    if (credentials.identity_certificate_chain_pem != null) {
+        credentials_dict["identity_certificate_chain_pem"] = credentials.identity_certificate_chain_pem;
     }
     fs.writeFileSync(credentials_file_path, JSON.stringify(credentials_dict, null, 2) + "\n", "utf-8");
     set_owner_only_permissions(credentials_file_path);
@@ -145,8 +142,7 @@ export function load_credentials() {
         enrolled_at: credentials_dict["enrolled_at"] ?? null,
         display_name: credentials_dict["display_name"] ?? null,
         agent_identity_urn: credentials_dict["agent_identity_urn"] ?? null,
-        privacy_consent_given_at: credentials_dict["privacy_consent_given_at"] ?? null,
-        default_attestation_mode: credentials_dict["default_attestation_mode"] ?? null,
+        identity_certificate_chain_pem: credentials_dict["identity_certificate_chain_pem"] ?? null,
     };
 }
 /**

package/dist/credentials.js.map

@@ -1 +1 @@
-{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE/D,iCAAiC;AACjC,MAAM,CAAC,MAAM,oBAAoB,GAAG,iBAAiB,CAAC;AACtD,MAAM,CAAC,MAAM,sBAAsB,GAAG,6DAA6D,CAAC;AAEpG,6BAA6B;AAC7B,MAAM,oBAAoB,GAAG,kBAAkB,CAAC;AAqChD;;;;;;GAMG;AACH,MAAM,UAAU,yBAAyB;IACvC,MAAM,eAAe,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IACtC,IAAI,eAAe,KAAK,OAAO,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAChE,CAAC;SAAM,CAAC;QACN,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACvD,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IACrD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB;IACvC,OAAO,IAAI,CAAC,IAAI,CAAC,yBAAyB,EAAE,EAAE,oBAAoB,CAAC,CAAC;AACtE,CAAC;AAED;;;GAGG;AACH,SAAS,0BAA0B,CAAC,SAAiB;IACnD,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,OAAO,EAAE,CAAC;QAC9B,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,+CAA+C;QACjD,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAAC,WAA8B;IAC7D,MAAM,qBAAqB,GAAG,yBAAyB,EAAE,CAAC;IAC1D,EAAE,CAAC,SAAS,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEzD,MAAM,qBAAqB,GAAG,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,oBAAoB,CAAC,CAAC;IAErF,gEAAgE;IAChE,MAAM,gBAAgB,GAA4B;QAChD,SAAS,EAAE,WAAW,CAAC,SAAS;QAChC,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,cAAc,EAAE,WAAW,CAAC,cAAc;QAC1C,YAAY,EAAE,WAAW,CAAC,YAAY;QACtC,UAAU,EAAE,WAAW,CAAC,UAAU;QAClC,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,WAAW,EAAE,WAAW,CAAC,WAAW,IAAI,IAAI;KAC7C,CAAC;IAEF,IAAI,WAAW,CAAC,eAAe,IAAI,IAAI,EAAE,CAAC;QACxC,gBAAgB,CAAC,iBAAiB,CAAC,GAAG,WAAW,CAAC,eAAe,CAAC;IACpE,CAAC;IACD,IAAI,WAAW,CAAC,iBAAiB,IAAI,IAAI,EAAE,CAAC;QAC1C,gBAAgB,CAAC,mBAAmB,CAAC,GAAG,WAAW,CAAC,iBAAiB,CAAC;IACxE,CAAC;IACD,IAAI,WAAW,CAAC,YAAY,IAAI,IAAI,EAAE,CAAC;QACrC,gBAAgB,CAAC,cAAc,CAAC,GAAG,WAAW,CAAC,YAAY,CAAC;IAC9D,CAAC;IACD,IAAI,WAAW,CAAC,kBAAkB,IAAI,IAAI,EAAE,CAAC;QAC3C,gBAAgB,CAAC,oBAAoB,CAAC,GAAG,WAAW,CAAC,kBAAkB,CAAC;IAC1E,CAAC;IACD,IAAI,WAAW,CAAC,wBAAwB,IAAI,IAAI,EAAE,CAAC;QACjD,gBAAgB,CAAC,0BAA0B,CAAC,GAAG,WAAW,CAAC,wBAAwB,CAAC;IACtF,CAAC;IACD,IAAI,WAAW,CAAC,wBAAwB,IAAI,IAAI,EAAE,CAAC;QACjD,gBAAgB,CAAC,0BAA0B,CAAC,GAAG,WAAW,CAAC,wBAAwB,CAAC;IACtF,CAAC;IAED,EAAE,CAAC,aAAa,CAAC,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;IACnG,0BAA0B,CAAC,qBAAqB,CAAC,CAAC;IAElD,OAAO,qBAAqB,CAAC;AAC/B,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB;IAC9B,MAAM,qBAAqB,GAAG,yBAAyB,EAAE,CAAC;IAE1D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,gBAAgB,CACxB,gCAAgC,qBAAqB,IAAI;YACzD,kDAAkD,CACnD,CAAC;IACJ,CAAC;IAED,IAAI,aAAqB,CAAC;IAC1B,IAAI,gBAAyC,CAAC;IAE9C,IAAI,CAAC;QACH,aAAa,GAAG,EAAE,CAAC,YAAY,CAAC,qBAAqB,EAAE,OAAO,CAAC,CAAC;QAChE,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IAC/C,CAAC;IAAC,OAAO,UAAU,EAAE,CAAC;QACpB,MAAM,IAAI,UAAU,CAClB,uBAAuB,qBAAqB,gCAAgC,UAAU,EAAE,EACxF,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAED,OAAO;QACL,SAAS,EAAE,gBAAgB,CAAC,WAAW,CAAW;QAClD,aAAa,EAAE,gBAAgB,CAAC,eAAe,CAAW;QAC1D,cAAc,EAAE,gBAAgB,CAAC,gBAAgB,CAAW;QAC5D,YAAY,EAAE,gBAAgB,CAAC,cAAc,CAAW;QACxD,UAAU,EAAG,gBAAgB,CAAC,YAAY,CAAY,IAAI,UAAU;QACpE,aAAa,EAAG,gBAAgB,CAAC,eAAe,CAAY,IAAI,SAAS;QACzE,eAAe,EAAG,gBAAgB,CAAC,iBAAiB,CAAY,IAAI,IAAI;QACxE,iBAAiB,EAAG,gBAAgB,CAAC,mBAAmB,CAAY,IAAI,IAAI;QAC5E,WAAW,EAAG,gBAAgB,CAAC,aAAa,CAAY,IAAI,IAAI;QAChE,YAAY,EAAG,gBAAgB,CAAC,cAAc,CAAY,IAAI,IAAI;QAClE,kBAAkB,EAAG,gBAAgB,CAAC,oBAAoB,CAAY,IAAI,IAAI;QAC9E,wBAAwB,EAAG,gBAAgB,CAAC,0BAA0B,CAAY,IAAI,IAAI;QAC1F,wBAAwB,EAAG,gBAAgB,CAAC,0BAA0B,CAAY,IAAI,IAAI;KAC3F,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,EAAE,CAAC,UAAU,CAAC,yBAAyB,EAAE,CAAC,CAAC;AACpD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB;IAChC,MAAM,qBAAqB,GAAG,yBAAyB,EAAE,CAAC;IAC1D,IAAI,EAAE,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;QACzC,EAAE,CAAC,UAAU,CAAC,qBAAqB,CAAC,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
+{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE/D,iCAAiC;AACjC,MAAM,CAAC,MAAM,oBAAoB,GAAG,iBAAiB,CAAC;AACtD,MAAM,CAAC,MAAM,sBAAsB,GAAG,6DAA6D,CAAC;AAEpG,6BAA6B;AAC7B,MAAM,oBAAoB,GAAG,kBAAkB,CAAC;AAmChD;;;;;;GAMG;AACH,MAAM,UAAU,yBAAyB;IACvC,MAAM,eAAe,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IACtC,IAAI,eAAe,KAAK,OAAO,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAChE,CAAC;SAAM,CAAC;QACN,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACvD,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IACrD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB;IACvC,OAAO,IAAI,CAAC,IAAI,CAAC,yBAAyB,EAAE,EAAE,oBAAoB,CAAC,CAAC;AACtE,CAAC;AAED;;;GAGG;AACH,SAAS,0BAA0B,CAAC,SAAiB;IACnD,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,OAAO,EAAE,CAAC;QAC9B,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,+CAA+C;QACjD,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAAC,WAA8B;IAC7D,MAAM,qBAAqB,GAAG,yBAAyB,EAAE,CAAC;IAC1D,EAAE,CAAC,SAAS,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEzD,MAAM,qBAAqB,GAAG,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,oBAAoB,CAAC,CAAC;IAErF,gEAAgE;IAChE,MAAM,gBAAgB,GAA4B;QAChD,SAAS,EAAE,WAAW,CAAC,SAAS;QAChC,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,cAAc,EAAE,WAAW,CAAC,cAAc;QAC1C,YAAY,EAAE,WAAW,CAAC,YAAY;QACtC,UAAU,EAAE,WAAW,CAAC,UAAU;QAClC,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,WAAW,EAAE,WAAW,CAAC,WAAW,IAAI,IAAI;KAC7C,CAAC;IAEF,IAAI,WAAW,CAAC,eAAe,IAAI,IAAI,EAAE,CAAC;QACxC,gBAAgB,CAAC,iBAAiB,CAAC,GAAG,WAAW,CAAC,eAAe,CAAC;IACpE,CAAC;IACD,IAAI,WAAW,CAAC,iBAAiB,IAAI,IAAI,EAAE,CAAC;QAC1C,gBAAgB,CAAC,mBAAmB,CAAC,GAAG,WAAW,CAAC,iBAAiB,CAAC;IACxE,CAAC;IACD,IAAI,WAAW,CAAC,YAAY,IAAI,IAAI,EAAE,CAAC;QACrC,gBAAgB,CAAC,cAAc,CAAC,GAAG,WAAW,CAAC,YAAY,CAAC;IAC9D,CAAC;IACD,IAAI,WAAW,CAAC,kBAAkB,IAAI,IAAI,EAAE,CAAC;QAC3C,gBAAgB,CAAC,oBAAoB,CAAC,GAAG,WAAW,CAAC,kBAAkB,CAAC;IAC1E,CAAC;IACD,IAAI,WAAW,CAAC,8BAA8B,IAAI,IAAI,EAAE,CAAC;QACvD,gBAAgB,CAAC,gCAAgC,CAAC,GAAG,WAAW,CAAC,8BAA8B,CAAC;IAClG,CAAC;IAED,EAAE,CAAC,aAAa,CAAC,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;IACnG,0BAA0B,CAAC,qBAAqB,CAAC,CAAC;IAElD,OAAO,qBAAqB,CAAC;AAC/B,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB;IAC9B,MAAM,qBAAqB,GAAG,yBAAyB,EAAE,CAAC;IAE1D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,gBAAgB,CACxB,gCAAgC,qBAAqB,IAAI;YACzD,kDAAkD,CACnD,CAAC;IACJ,CAAC;IAED,IAAI,aAAqB,CAAC;IAC1B,IAAI,gBAAyC,CAAC;IAE9C,IAAI,CAAC;QACH,aAAa,GAAG,EAAE,CAAC,YAAY,CAAC,qBAAqB,EAAE,OAAO,CAAC,CAAC;QAChE,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IAC/C,CAAC;IAAC,OAAO,UAAU,EAAE,CAAC;QACpB,MAAM,IAAI,UAAU,CAClB,uBAAuB,qBAAqB,gCAAgC,UAAU,EAAE,EACxF,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAED,OAAO;QACL,SAAS,EAAE,gBAAgB,CAAC,WAAW,CAAW;QAClD,aAAa,EAAE,gBAAgB,CAAC,eAAe,CAAW;QAC1D,cAAc,EAAE,gBAAgB,CAAC,gBAAgB,CAAW;QAC5D,YAAY,EAAE,gBAAgB,CAAC,cAAc,CAAW;QACxD,UAAU,EAAG,gBAAgB,CAAC,YAAY,CAAY,IAAI,UAAU;QACpE,aAAa,EAAG,gBAAgB,CAAC,eAAe,CAAY,IAAI,SAAS;QACzE,eAAe,EAAG,gBAAgB,CAAC,iBAAiB,CAAY,IAAI,IAAI;QACxE,iBAAiB,EAAG,gBAAgB,CAAC,mBAAmB,CAAY,IAAI,IAAI;QAC5E,WAAW,EAAG,gBAAgB,CAAC,aAAa,CAAY,IAAI,IAAI;QAChE,YAAY,EAAG,gBAAgB,CAAC,cAAc,CAAY,IAAI,IAAI;QAClE,kBAAkB,EAAG,gBAAgB,CAAC,oBAAoB,CAAY,IAAI,IAAI;QAC9E,8BAA8B,EAAG,gBAAgB,CAAC,gCAAgC,CAAY,IAAI,IAAI;KACvG,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,EAAE,CAAC,UAAU,CAAC,yBAAyB,EAAE,CAAC,CAAC;AACpD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB;IAChC,MAAM,qBAAqB,GAAG,yBAAyB,EAAE,CAAC;IAC1D,IAAI,EAAE,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;QACzC,EAAE,CAAC,UAAU,CAAC,qBAAqB,CAAC,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/devices.d.ts

@@ -0,0 +1,76 @@
+/**
+ * Device management and hardware lock for the 1id.com Node.js SDK.
+ *
+ * Provides:
+ *   listDevices()   -- List all devices (active and burned) bound to this identity
+ *   lockHardware()  -- Permanently lock identity to its single hardware device (irreversible)
+ *
+ * Usage:
+ *   import { listDevices, lockHardware } from "1id/devices";
+ *
+ *   const result = await listDevices();
+ *   for (const d of result.devices) { console.log(`${d.device_type} [${d.device_status}]`); }
+ *
+ *   const lock = await lockHardware();
+ *   console.log(`Locked: ${lock.hardware_locked}`);
+ */
+import { type StoredCredentials } from "./credentials.js";
+export interface DeviceInfo {
+    device_type: string;
+    device_fingerprint: string;
+    device_status: string;
+    trust_tier: string | null;
+    tpm_manufacturer: string | null;
+    piv_serial: string | null;
+    bound_at: string | null;
+    burned_at: string | null;
+    burn_reason: string | null;
+}
+export interface DeviceListResult {
+    identity_internal_id: string;
+    total_device_count: number;
+    active_device_count: number;
+    burned_device_count: number;
+    devices: DeviceInfo[];
+}
+export interface HardwareLockResult {
+    identity_internal_id: string;
+    hardware_locked: boolean;
+    trust_tier: string;
+    active_device_count: number;
+}
+/**
+ * List all devices (active and burned) bound to this identity.
+ *
+ * @param credentials Optional pre-loaded credentials.
+ * @returns DeviceListResult with all device details.
+ */
+export declare function listDevices(credentials?: StoredCredentials | null): Promise<DeviceListResult>;
+/**
+ * Permanently lock this identity to its single active hardware device.
+ *
+ * This is an IRREVERSIBLE operation. Once locked:
+ *   - No new devices can be added
+ *   - The existing device cannot be burned
+ *   - The identity is permanently bound to one physical chip
+ *
+ * Preconditions enforced server-side:
+ *   - Identity must be hardware-tier (sovereign, portable, or virtual)
+ *   - Identity must have exactly 1 active device
+ *
+ * @param credentials Optional pre-loaded credentials.
+ * @returns HardwareLockResult with confirmation details.
+ * @throws Error with code DECLARED_TIER_CANNOT_LOCK if identity is declared-tier.
+ * @throws Error with code ALREADY_LOCKED if already locked (idempotent-safe).
+ * @throws Error with code TOO_MANY_ACTIVE_DEVICES if identity has != 1 active device.
+ */
+export declare function lockHardware(credentials?: StoredCredentials | null): Promise<HardwareLockResult>;
+/**
+ * Register or update the human operator email for this identity.
+ *
+ * @param operator_email_address The email address to register.
+ * @param credentials Optional pre-loaded credentials.
+ * @returns True if the email was registered successfully.
+ */
+export declare function registerOperatorEmail(operator_email_address: string, credentials?: StoredCredentials | null): Promise<boolean>;
+//# sourceMappingURL=devices.d.ts.map

package/dist/devices.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"devices.d.ts","sourceRoot":"","sources":["../src/devices.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAoB,KAAK,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAK5E,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,OAAO,EAAE,UAAU,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,OAAO,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAED;;;;;GAKG;AACH,wBAAsB,WAAW,CAC/B,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,gBAAgB,CAAC,CAiC3B;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,YAAY,CAChC,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,kBAAkB,CAAC,CAuB7B;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,sBAAsB,EAAE,MAAM,EAC9B,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,OAAO,CAAC,CAkBlB"}

package/dist/devices.js

@@ -0,0 +1,103 @@
+/**
+ * Device management and hardware lock for the 1id.com Node.js SDK.
+ *
+ * Provides:
+ *   listDevices()   -- List all devices (active and burned) bound to this identity
+ *   lockHardware()  -- Permanently lock identity to its single hardware device (irreversible)
+ *
+ * Usage:
+ *   import { listDevices, lockHardware } from "1id/devices";
+ *
+ *   const result = await listDevices();
+ *   for (const d of result.devices) { console.log(`${d.device_type} [${d.device_status}]`); }
+ *
+ *   const lock = await lockHardware();
+ *   console.log(`Locked: ${lock.hardware_locked}`);
+ */
+import { load_credentials } from "./credentials.js";
+import { get_token } from "./auth.js";
+import { OneIDAPIClient } from "./client.js";
+import { invalidate_world_cache } from "./world.js";
+/**
+ * List all devices (active and burned) bound to this identity.
+ *
+ * @param credentials Optional pre-loaded credentials.
+ * @returns DeviceListResult with all device details.
+ */
+export async function listDevices(credentials) {
+    if (credentials == null) {
+        credentials = load_credentials();
+    }
+    const token = await get_token(false, credentials);
+    const api_client = new OneIDAPIClient(credentials.api_base_url);
+    const response_data = await api_client.make_authenticated_request("GET", "/api/v1/identity/devices", token.access_token);
+    const raw_devices = (response_data.devices ?? []);
+    return {
+        identity_internal_id: (response_data.identity_internal_id ?? ""),
+        total_device_count: (response_data.total_devices ?? 0),
+        active_device_count: (response_data.active_devices ?? 0),
+        burned_device_count: (response_data.burned_devices ?? 0),
+        devices: raw_devices.map((device_data) => ({
+            device_type: (device_data.device_type ?? ""),
+            device_fingerprint: (device_data.device_fingerprint ?? ""),
+            device_status: (device_data.device_status ?? "active"),
+            trust_tier: (device_data.trust_tier ?? null),
+            tpm_manufacturer: (device_data.tpm_manufacturer ?? null),
+            piv_serial: (device_data.piv_serial ?? null),
+            bound_at: (device_data.bound_at ?? null),
+            burned_at: (device_data.burned_at ?? null),
+            burn_reason: (device_data.burn_reason ?? null),
+        })),
+    };
+}
+/**
+ * Permanently lock this identity to its single active hardware device.
+ *
+ * This is an IRREVERSIBLE operation. Once locked:
+ *   - No new devices can be added
+ *   - The existing device cannot be burned
+ *   - The identity is permanently bound to one physical chip
+ *
+ * Preconditions enforced server-side:
+ *   - Identity must be hardware-tier (sovereign, portable, or virtual)
+ *   - Identity must have exactly 1 active device
+ *
+ * @param credentials Optional pre-loaded credentials.
+ * @returns HardwareLockResult with confirmation details.
+ * @throws Error with code DECLARED_TIER_CANNOT_LOCK if identity is declared-tier.
+ * @throws Error with code ALREADY_LOCKED if already locked (idempotent-safe).
+ * @throws Error with code TOO_MANY_ACTIVE_DEVICES if identity has != 1 active device.
+ */
+export async function lockHardware(credentials) {
+    if (credentials == null) {
+        credentials = load_credentials();
+    }
+    const token = await get_token(false, credentials);
+    const api_client = new OneIDAPIClient(credentials.api_base_url);
+    const lock_data = await api_client.make_authenticated_request("POST", "/api/v1/identity/lock-hardware", token.access_token, {});
+    invalidate_world_cache();
+    return {
+        identity_internal_id: (lock_data.identity_internal_id ?? ""),
+        hardware_locked: Boolean(lock_data.hardware_locked),
+        trust_tier: (lock_data.trust_tier ?? ""),
+        active_device_count: (lock_data.active_device_count ?? 1),
+    };
+}
+/**
+ * Register or update the human operator email for this identity.
+ *
+ * @param operator_email_address The email address to register.
+ * @param credentials Optional pre-loaded credentials.
+ * @returns True if the email was registered successfully.
+ */
+export async function registerOperatorEmail(operator_email_address, credentials) {
+    if (credentials == null) {
+        credentials = load_credentials();
+    }
+    const token = await get_token(false, credentials);
+    const api_client = new OneIDAPIClient(credentials.api_base_url);
+    const response_data = await api_client.make_authenticated_request("PUT", "/api/v1/identity/operator-email", token.access_token, { operator_email: operator_email_address });
+    invalidate_world_cache();
+    return Boolean(response_data.operator_email_registered);
+}
+//# sourceMappingURL=devices.js.map

package/dist/devices.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"devices.js","sourceRoot":"","sources":["../src/devices.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,gBAAgB,EAA0B,MAAM,kBAAkB,CAAC;AAC5E,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AA6BpD;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC/D,KAAK,EACL,0BAA0B,EAC1B,KAAK,CAAC,YAAY,CACnB,CAAC;IAEF,MAAM,WAAW,GAAG,CAAC,aAAa,CAAC,OAAO,IAAI,EAAE,CAA8B,CAAC;IAE/E,OAAO;QACL,oBAAoB,EAAE,CAAC,aAAa,CAAC,oBAAoB,IAAI,EAAE,CAAW;QAC1E,kBAAkB,EAAE,CAAC,aAAa,CAAC,aAAa,IAAI,CAAC,CAAW;QAChE,mBAAmB,EAAE,CAAC,aAAa,CAAC,cAAc,IAAI,CAAC,CAAW;QAClE,mBAAmB,EAAE,CAAC,aAAa,CAAC,cAAc,IAAI,CAAC,CAAW;QAClE,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACzC,WAAW,EAAE,CAAC,WAAW,CAAC,WAAW,IAAI,EAAE,CAAW;YACtD,kBAAkB,EAAE,CAAC,WAAW,CAAC,kBAAkB,IAAI,EAAE,CAAW;YACpE,aAAa,EAAE,CAAC,WAAW,CAAC,aAAa,IAAI,QAAQ,CAAW;YAChE,UAAU,EAAE,CAAC,WAAW,CAAC,UAAU,IAAI,IAAI,CAAkB;YAC7D,gBAAgB,EAAE,CAAC,WAAW,CAAC,gBAAgB,IAAI,IAAI,CAAkB;YACzE,UAAU,EAAE,CAAC,WAAW,CAAC,UAAU,IAAI,IAAI,CAAkB;YAC7D,QAAQ,EAAE,CAAC,WAAW,CAAC,QAAQ,IAAI,IAAI,CAAkB;YACzD,SAAS,EAAE,CAAC,WAAW,CAAC,SAAS,IAAI,IAAI,CAAkB;YAC3D,WAAW,EAAE,CAAC,WAAW,CAAC,WAAW,IAAI,IAAI,CAAkB;SAChE,CAAC,CAAC;KACJ,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC3D,MAAM,EACN,gCAAgC,EAChC,KAAK,CAAC,YAAY,EAClB,EAAE,CACH,CAAC;IAEF,sBAAsB,EAAE,CAAC;IAEzB,OAAO;QACL,oBAAoB,EAAE,CAAC,SAAS,CAAC,oBAAoB,IAAI,EAAE,CAAW;QACtE,eAAe,EAAE,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC;QACnD,UAAU,EAAE,CAAC,SAAS,CAAC,UAAU,IAAI,EAAE,CAAW;QAClD,mBAAmB,EAAE,CAAC,SAAS,CAAC,mBAAmB,IAAI,CAAC,CAAW;KACpE,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,sBAA8B,EAC9B,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC/D,KAAK,EACL,iCAAiC,EACjC,KAAK,CAAC,YAAY,EAClB,EAAE,cAAc,EAAE,sBAAsB,EAAE,CAC3C,CAAC;IAEF,sBAAsB,EAAE,CAAC;IAEzB,OAAO,OAAO,CAAC,aAAa,CAAC,yBAAyB,CAAC,CAAC;AAC1D,CAAC"}

package/dist/exceptions.d.ts

@@ -54,7 +54,7 @@ export declare class HSMAccessError extends EnrollmentError {
  * On Windows, non-admin users cannot access the TPM unless a one-time
  * registry key is set. This exception signals that the calling application
  * should display a privacy warning, call oneid.setup_tbs() if the user
- * consents, call oneid.record_privacy_consent(), and retry enrollment.
+ * consents, and retry enrollment.
  *
  * Distinct from NoHSMError (no TPM) and HSMAccessError (TPM broken/locked).
  */
@@ -91,6 +91,20 @@ export declare class HandleRetiredError extends EnrollmentError {
 export declare class AuthenticationError extends OneIDError {
     constructor(message?: string);
 }
+/**
+ * Hardware device required for authentication but not detected or not responding.
+ *
+ * Raised by get_token() when the identity's trust_tier is hardware-backed
+ * (sovereign, portable, virtual) but the physical TPM or PIV device is
+ * absent, inaccessible, or the challenge-response signing failed.
+ *
+ * This is an intentional security property: credentials.json for a
+ * hardware-tier identity is useless without the physical device.
+ * get_token() never falls back to bare client_credentials for hardware tiers.
+ */
+export declare class HardwareDeviceNotPresentError extends AuthenticationError {
+    constructor(message?: string);
+}
 /**
  * Could not reach the 1id.com API server.
  */

package/dist/exceptions.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"exceptions.d.ts","sourceRoot":"","sources":["../src/exceptions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH;;GAEG;AACH,qBAAa,UAAW,SAAQ,KAAK;IACnC,SAAgB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;gBAE9B,OAAO,GAAE,MAA2C,EAAE,UAAU,GAAE,MAAM,GAAG,IAAW;CAOnG;AAED;;GAEG;AACH,qBAAa,eAAgB,SAAQ,UAAU;gBACjC,OAAO,GAAE,MAA4B,EAAE,UAAU,GAAE,MAAM,GAAG,IAAW;CAIpF;AAED;;GAEG;AACH,qBAAa,UAAW,SAAQ,eAAe;gBACjC,OAAO,GAAE,MAA4C;CAIlE;AAED;;GAEG;AACH,qBAAa,cAAe,SAAQ,eAAe;gBACrC,OAAO,GAAE,MAAuC;CAI7D;AAED;;GAEG;AACH,qBAAa,cAAe,SAAQ,eAAe;gBACrC,OAAO,GAAE,MAAsC;CAI5D;AAED;;;;;;;;;GASG;AACH,qBAAa,qBAAsB,SAAQ,eAAe;gBAC5C,OAAO,GAAE,MAA2D;CAIjF;AAED;;GAEG;AACH,qBAAa,oBAAqB,SAAQ,eAAe;gBAC3C,OAAO,GAAE,MAAiE;CAIvF;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,eAAe;gBACvC,OAAO,GAAE,MAA6C;CAInE;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,eAAe;gBACzC,OAAO,GAAE,MAAiD;CAIvE;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,eAAe;gBACzC,OAAO,GAAE,MAAgE;CAItF;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,UAAU;gBACrC,OAAO,GAAE,MAAgC;CAItD;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,UAAU;gBAC9B,OAAO,GAAE,MAAkC;CAIxD;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,UAAU;gBAClC,OAAO,GAAE,MAAoD;CAI1E;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,UAAU;gBACrC,OAAO,GAAE,MAAoE;CAI1F;AAED;;GAEG;AACH,qBAAa,sBAAuB,SAAQ,eAAe;gBAC7C,OAAO,GAAE,MAA8D;CAIpF;AAcD;;GAEG;AACH,wBAAgB,gCAAgC,CAAC,UAAU,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,KAAK,CAGjG"}
+{"version":3,"file":"exceptions.d.ts","sourceRoot":"","sources":["../src/exceptions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH;;GAEG;AACH,qBAAa,UAAW,SAAQ,KAAK;IACnC,SAAgB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;gBAE9B,OAAO,GAAE,MAA2C,EAAE,UAAU,GAAE,MAAM,GAAG,IAAW;CAOnG;AAED;;GAEG;AACH,qBAAa,eAAgB,SAAQ,UAAU;gBACjC,OAAO,GAAE,MAA4B,EAAE,UAAU,GAAE,MAAM,GAAG,IAAW;CAIpF;AAED;;GAEG;AACH,qBAAa,UAAW,SAAQ,eAAe;gBACjC,OAAO,GAAE,MAA4C;CAIlE;AAED;;GAEG;AACH,qBAAa,cAAe,SAAQ,eAAe;gBACrC,OAAO,GAAE,MAAuC;CAI7D;AAED;;GAEG;AACH,qBAAa,cAAe,SAAQ,eAAe;gBACrC,OAAO,GAAE,MAAsC;CAI5D;AAED;;;;;;;;;GASG;AACH,qBAAa,qBAAsB,SAAQ,eAAe;gBAC5C,OAAO,GAAE,MAA2D;CAIjF;AAED;;GAEG;AACH,qBAAa,oBAAqB,SAAQ,eAAe;gBAC3C,OAAO,GAAE,MAAiE;CAIvF;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,eAAe;gBACvC,OAAO,GAAE,MAA6C;CAInE;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,eAAe;gBACzC,OAAO,GAAE,MAAiD;CAIvE;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,eAAe;gBACzC,OAAO,GAAE,MAAgE;CAItF;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,UAAU;gBACrC,OAAO,GAAE,MAAgC;CAItD;AAED;;;;;;;;;;GAUG;AACH,qBAAa,6BAA8B,SAAQ,mBAAmB;gBACxD,OAAO,GAAE,MAAqE;CAK3F;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,UAAU;gBAC9B,OAAO,GAAE,MAAkC;CAIxD;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,UAAU;gBAClC,OAAO,GAAE,MAAoD;CAI1E;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,UAAU;gBACrC,OAAO,GAAE,MAAoE;CAI1F;AAED;;GAEG;AACH,qBAAa,sBAAuB,SAAQ,eAAe;gBAC7C,OAAO,GAAE,MAA8D;CAIpF;AAeD;;GAEG;AACH,wBAAgB,gCAAgC,CAAC,UAAU,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,KAAK,CAGjG"}

package/dist/exceptions.js

@@ -72,7 +72,7 @@ export class HSMAccessError extends EnrollmentError {
  * On Windows, non-admin users cannot access the TPM unless a one-time
  * registry key is set. This exception signals that the calling application
  * should display a privacy warning, call oneid.setup_tbs() if the user
- * consents, call oneid.record_privacy_consent(), and retry enrollment.
+ * consents, and retry enrollment.
  *
  * Distinct from NoHSMError (no TPM) and HSMAccessError (TPM broken/locked).
  */
@@ -127,6 +127,24 @@ export class AuthenticationError extends OneIDError {
         this.name = "AuthenticationError";
     }
 }
+/**
+ * Hardware device required for authentication but not detected or not responding.
+ *
+ * Raised by get_token() when the identity's trust_tier is hardware-backed
+ * (sovereign, portable, virtual) but the physical TPM or PIV device is
+ * absent, inaccessible, or the challenge-response signing failed.
+ *
+ * This is an intentional security property: credentials.json for a
+ * hardware-tier identity is useless without the physical device.
+ * get_token() never falls back to bare client_credentials for hardware tiers.
+ */
+export class HardwareDeviceNotPresentError extends AuthenticationError {
+    constructor(message = "Hardware device required but not present or not responding") {
+        super(message);
+        this.name = "HardwareDeviceNotPresentError";
+        this.error_code = "HARDWARE_DEVICE_NOT_PRESENT";
+    }
+}
 /**
  * Could not reach the 1id.com API server.
  */
@@ -173,6 +191,7 @@ const SERVER_ERROR_CODE_TO_EXCEPTION_CLASS = {
     "HANDLE_RETIRED": HandleRetiredError,
     "RATE_LIMIT_EXCEEDED": RateLimitExceededError,
     "RATE_LIMITED": RateLimitExceededError,
+    "HARDWARE_PROOF_REQUIRED": HardwareDeviceNotPresentError,
 };
 /**
  * Raise the appropriate exception for a server error response.

package/dist/exceptions.js.map

@@ -1 +1 @@
-{"version":3,"file":"exceptions.js","sourceRoot":"","sources":["../src/exceptions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,KAAK;IACnB,UAAU,CAAgB;IAE1C,YAAY,UAAkB,kCAAkC,EAAE,aAA4B,IAAI;QAChG,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,YAAY,CAAC;QACzB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,sFAAsF;QACtF,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,eAAgB,SAAQ,UAAU;IAC7C,YAAY,UAAkB,mBAAmB,EAAE,aAA4B,IAAI;QACjF,KAAK,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC3B,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,eAAe;IAC7C,YAAY,UAAkB,mCAAmC;QAC/D,KAAK,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,GAAG,YAAY,CAAC;IAC3B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,cAAe,SAAQ,eAAe;IACjD,YAAY,UAAkB,8BAA8B;QAC1D,KAAK,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAC7B,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,cAAe,SAAQ,eAAe;IACjD,YAAY,UAAkB,6BAA6B;QACzD,KAAK,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAED;;;;;;;;;GASG;AACH,MAAM,OAAO,qBAAsB,SAAQ,eAAe;IACxD,YAAY,UAAkB,kDAAkD;QAC9E,KAAK,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;QACpC,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,oBAAqB,SAAQ,eAAe;IACvD,YAAY,UAAkB,wDAAwD;QACpF,KAAK,CAAC,OAAO,EAAE,uBAAuB,CAAC,CAAC;QACxC,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;IACrC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,eAAe;IACnD,YAAY,UAAkB,oCAAoC;QAChE,KAAK,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,eAAe;IACrD,YAAY,UAAkB,wCAAwC;QACpE,KAAK,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;QACjC,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,eAAe;IACrD,YAAY,UAAkB,uDAAuD;QACnF,KAAK,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;QACjC,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,mBAAoB,SAAQ,UAAU;IACjD,YAAY,UAAkB,uBAAuB;QACnD,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC9B,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,YAAa,SAAQ,UAAU;IAC1C,YAAY,UAAkB,yBAAyB;QACrD,KAAK,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAChC,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;IAC7B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,UAAU;IAC9C,YAAY,UAAkB,2CAA2C;QACvE,KAAK,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,mBAAoB,SAAQ,UAAU;IACjD,YAAY,UAAkB,2DAA2D;QACvF,KAAK,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,sBAAuB,SAAQ,eAAe;IACzD,YAAY,UAAkB,qDAAqD;QACjF,KAAK,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC;QACtC,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;IACvC,CAAC;CACF;AAED,iEAAiE;AACjE,MAAM,oCAAoC,GAAwD;IAChG,uBAAuB,EAAE,oBAAoB;IAC7C,iBAAiB,EAAE,eAAe;IAClC,yBAAyB,EAAE,eAAe;IAC1C,cAAc,EAAE,gBAAgB;IAChC,gBAAgB,EAAE,kBAAkB;IACpC,gBAAgB,EAAE,kBAAkB;IACpC,qBAAqB,EAAE,sBAAsB;IAC7C,cAAc,EAAE,sBAAsB;CACvC,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,gCAAgC,CAAC,UAAkB,EAAE,aAAqB;IACxF,MAAM,cAAc,GAAG,oCAAoC,CAAC,UAAU,CAAC,IAAI,eAAe,CAAC;IAC3F,MAAM,IAAI,cAAc,CAAC,aAAa,CAAC,CAAC;AAC1C,CAAC"}
+{"version":3,"file":"exceptions.js","sourceRoot":"","sources":["../src/exceptions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,KAAK;IACnB,UAAU,CAAgB;IAE1C,YAAY,UAAkB,kCAAkC,EAAE,aAA4B,IAAI;QAChG,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,YAAY,CAAC;QACzB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,sFAAsF;QACtF,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,eAAgB,SAAQ,UAAU;IAC7C,YAAY,UAAkB,mBAAmB,EAAE,aAA4B,IAAI;QACjF,KAAK,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC3B,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,eAAe;IAC7C,YAAY,UAAkB,mCAAmC;QAC/D,KAAK,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,GAAG,YAAY,CAAC;IAC3B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,cAAe,SAAQ,eAAe;IACjD,YAAY,UAAkB,8BAA8B;QAC1D,KAAK,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAC7B,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,cAAe,SAAQ,eAAe;IACjD,YAAY,UAAkB,6BAA6B;QACzD,KAAK,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAED;;;;;;;;;GASG;AACH,MAAM,OAAO,qBAAsB,SAAQ,eAAe;IACxD,YAAY,UAAkB,kDAAkD;QAC9E,KAAK,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;QACpC,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,oBAAqB,SAAQ,eAAe;IACvD,YAAY,UAAkB,wDAAwD;QACpF,KAAK,CAAC,OAAO,EAAE,uBAAuB,CAAC,CAAC;QACxC,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;IACrC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,eAAe;IACnD,YAAY,UAAkB,oCAAoC;QAChE,KAAK,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,eAAe;IACrD,YAAY,UAAkB,wCAAwC;QACpE,KAAK,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;QACjC,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,eAAe;IACrD,YAAY,UAAkB,uDAAuD;QACnF,KAAK,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;QACjC,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,mBAAoB,SAAQ,UAAU;IACjD,YAAY,UAAkB,uBAAuB;QACnD,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC9B,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED;;;;;;;;;;GAUG;AACH,MAAM,OAAO,6BAA8B,SAAQ,mBAAmB;IACpE,YAAY,UAAkB,4DAA4D;QACxF,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,+BAA+B,CAAC;QAC3C,IAAsC,CAAC,UAAU,GAAG,6BAA6B,CAAC;IACrF,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,YAAa,SAAQ,UAAU;IAC1C,YAAY,UAAkB,yBAAyB;QACrD,KAAK,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAChC,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;IAC7B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,UAAU;IAC9C,YAAY,UAAkB,2CAA2C;QACvE,KAAK,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,mBAAoB,SAAQ,UAAU;IACjD,YAAY,UAAkB,2DAA2D;QACvF,KAAK,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,sBAAuB,SAAQ,eAAe;IACzD,YAAY,UAAkB,qDAAqD;QACjF,KAAK,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC;QACtC,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;IACvC,CAAC;CACF;AAED,iEAAiE;AACjE,MAAM,oCAAoC,GAAwD;IAChG,uBAAuB,EAAE,oBAAoB;IAC7C,iBAAiB,EAAE,eAAe;IAClC,yBAAyB,EAAE,eAAe;IAC1C,cAAc,EAAE,gBAAgB;IAChC,gBAAgB,EAAE,kBAAkB;IACpC,gBAAgB,EAAE,kBAAkB;IACpC,qBAAqB,EAAE,sBAAsB;IAC7C,cAAc,EAAE,sBAAsB;IACtC,yBAAyB,EAAE,6BAA6B;CACzD,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,gCAAgC,CAAC,UAAkB,EAAE,aAAqB;IACxF,MAAM,cAAc,GAAG,oCAAoC,CAAC,UAAU,CAAC,IAAI,eAAe,CAAC;IAC3F,MAAM,IAAI,cAAc,CAAC,aAAa,CAAC,CAAC;AAC1C,CAAC"}

package/dist/index.d.ts

@@ -16,15 +16,24 @@
  * The SDK auto-detects your hardware (TPM, YubiKey, Secure Enclave)
  * and enrolls at the highest available trust tier.
  */
-import { clear_cached_token, get_token, authenticate_with_tpm } from "./auth.js";
+import { clear_cached_token, get_token, authenticate_with_tpm, authenticate_with_piv } from "./auth.js";
 import { credentials_exist } from "./credentials.js";
 import { enroll, type EnrollOptions } from "./enroll.js";
 import { sign_challenge_with_private_key } from "./keys.js";
 import { DEFAULT_KEY_ALGORITHM, HSMType, type Identity, KeyAlgorithm, type Token, TrustTier, this_token_has_not_yet_expired, format_authorization_header_value, format_identity_as_display_string } from "./identity.js";
-export { OneIDError, EnrollmentError, NoHSMError, UACDeniedError, HSMAccessError, TPMSetupRequiredError, AlreadyEnrolledError, HandleTakenError, HandleInvalidError, HandleRetiredError, AuthenticationError, NetworkError, NotEnrolledError, BinaryNotFoundError, RateLimitExceededError, } from "./exceptions.js";
+import { invalidate_world_cache, type WorldStatus, type WorldIdentitySection, type WorldDeviceEntry, type WorldServiceEntry, type WorldGuidanceItem, type WorldOperatorGuidance } from "./world.js";
+import { listDevices, lockHardware, registerOperatorEmail, type DeviceInfo, type DeviceListResult, type HardwareLockResult } from "./devices.js";
+import { signChallenge, verifyPeerIdentity, PeerVerificationError, CertificateChainValidationError, SignatureVerificationError, MissingIdentityCertificateError, type IdentityProofBundle, type VerifiedPeerIdentity } from "./verify.js";
+import { refresh_trust_roots, get_trust_roots } from "./trustRoots.js";
+import { generateConsentToken, listCredentialPointers, setCredentialPointerVisibility, removeCredentialPointer, type ConsentTokenResult, type CredentialPointerInfo, type CredentialPointerListResult } from "./credentialPointers.js";
+export { OneIDError, EnrollmentError, NoHSMError, UACDeniedError, HSMAccessError, TPMSetupRequiredError, AlreadyEnrolledError, HandleTakenError, HandleInvalidError, HandleRetiredError, AuthenticationError, HardwareDeviceNotPresentError, NetworkError, NotEnrolledError, BinaryNotFoundError, RateLimitExceededError, } from "./exceptions.js";
 export { TrustTier, KeyAlgorithm, HSMType, DEFAULT_KEY_ALGORITHM, type Identity, type Token, type EnrollOptions, this_token_has_not_yet_expired, format_authorization_header_value, format_identity_as_display_string, };
+export { type WorldStatus, type WorldIdentitySection, type WorldDeviceEntry, type WorldServiceEntry, type WorldGuidanceItem, type WorldOperatorGuidance, invalidate_world_cache, };
+export { type DeviceInfo, type DeviceListResult, type HardwareLockResult, };
+export { signChallenge, verifyPeerIdentity, refresh_trust_roots, get_trust_roots, PeerVerificationError, CertificateChainValidationError, SignatureVerificationError, MissingIdentityCertificateError, type IdentityProofBundle, type VerifiedPeerIdentity, };
+export { generateConsentToken, listCredentialPointers, setCredentialPointerVisibility, removeCredentialPointer, type ConsentTokenResult, type CredentialPointerInfo, type CredentialPointerListResult, };
 /** SDK version string. */
-export declare const VERSION = "0.5.0";
+export declare const VERSION = "0.8.0";
 /**
  * Check the current enrolled identity.
  *
@@ -39,6 +48,7 @@ export interface GetOrCreateIdentityOptions {
     operator_email?: string | null;
     requested_handle?: string | null;
     api_base_url?: string;
+    get_only?: boolean;
 }
 /**
  * Get your existing 1ID identity, or create one if you don't have one yet.
@@ -48,8 +58,29 @@ export interface GetOrCreateIdentityOptions {
  *
  * If you've already enrolled, returns your existing identity instantly
  * (no network call). If not, enrolls at the best available trust tier.
+ *
+ * Pass get_only: true when you want to recover context without risking
+ * a new enrollment. This is useful for agents resuming after a restart:
+ *   const id = await oneid.getOrCreateIdentity({ get_only: true });
+ *
+ * @throws NotEnrolledError if get_only is true and no credentials exist.
  */
 export declare function getOrCreateIdentity(options?: GetOrCreateIdentityOptions): Promise<Identity>;
+/**
+ * Get the full picture of your 1ID identity and connected services.
+ *
+ * Calls the server's world endpoint with your Bearer token and returns
+ * everything: identity, devices, connected services, available services,
+ * and operator guidance.
+ *
+ * Results are cached for 5 minutes. Call invalidate_world_cache() to force a fresh fetch.
+ *
+ * @returns WorldStatus with complete identity state.
+ * @throws NotEnrolledError if no credentials exist.
+ * @throws NetworkError if the server cannot be reached.
+ * @throws AuthenticationError if the token is invalid or expired.
+ */
+export declare function status(): Promise<WorldStatus>;
 /**
  * Force-refresh the cached OAuth2 token.
  *
@@ -71,32 +102,34 @@ export declare function refresh(): void;
  * @throws HSMAccessError if the registry key could not be set.
  */
 export declare function setup_tbs(): Promise<boolean>;
-/**
- * Record the user's privacy consent choice in the credentials file.
- *
- * After the calling application shows a privacy warning and the user
- * consents, call this to persist their preferred attestation mode.
- *
- * @param mode The user's chosen attestation mode: 'sd-jwt' or 'direct'.
- * @throws NotEnrolledError if no credentials file exists yet.
- * @throws Error if mode is not 'sd-jwt' or 'direct'.
- */
-export declare function record_privacy_consent(mode?: string): void;
-export { enroll, get_token as getToken, get_token, clear_cached_token, authenticate_with_tpm, credentials_exist, sign_challenge_with_private_key, };
+export { enroll, get_token as getToken, get_token, clear_cached_token, authenticate_with_tpm, authenticate_with_piv, credentials_exist, sign_challenge_with_private_key, listDevices, lockHardware, registerOperatorEmail, };
 declare const oneid: {
     enroll: typeof enroll;
     getOrCreateIdentity: typeof getOrCreateIdentity;
+    status: typeof status;
     getToken: typeof get_token;
     get_token: typeof get_token;
     whoami: typeof whoami;
     refresh: typeof refresh;
     setup_tbs: typeof setup_tbs;
-    record_privacy_consent: typeof record_privacy_consent;
     credentials_exist: typeof credentials_exist;
     authenticate_with_tpm: typeof authenticate_with_tpm;
+    authenticate_with_piv: typeof authenticate_with_piv;
     sign_challenge_with_private_key: typeof sign_challenge_with_private_key;
     clear_cached_token: typeof clear_cached_token;
     format_identity_as_display_string: typeof format_identity_as_display_string;
+    invalidate_world_cache: typeof invalidate_world_cache;
+    listDevices: typeof listDevices;
+    lockHardware: typeof lockHardware;
+    registerOperatorEmail: typeof registerOperatorEmail;
+    signChallenge: typeof signChallenge;
+    verifyPeerIdentity: typeof verifyPeerIdentity;
+    refresh_trust_roots: typeof refresh_trust_roots;
+    get_trust_roots: typeof get_trust_roots;
+    generateConsentToken: typeof generateConsentToken;
+    listCredentialPointers: typeof listCredentialPointers;
+    setCredentialPointerVisibility: typeof setCredentialPointerVisibility;
+    removeCredentialPointer: typeof removeCredentialPointer;
     VERSION: string;
     TrustTier: typeof TrustTier;
     KeyAlgorithm: typeof KeyAlgorithm;

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAsC,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,+BAA+B,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EACL,qBAAqB,EACrB,OAAO,EACP,KAAK,QAAQ,EACb,YAAY,EACZ,KAAK,KAAK,EACV,SAAS,EACT,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,EAClC,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,UAAU,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EACL,SAAS,EACT,YAAY,EACZ,OAAO,EACP,qBAAqB,EACrB,KAAK,QAAQ,EACb,KAAK,KAAK,EACV,KAAK,aAAa,EAClB,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,CAAC;AAEF,0BAA0B;AAC1B,eAAO,MAAM,OAAO,UAAU,CAAC;AAE/B;;;;;;;GAOG;AACH,wBAAgB,MAAM,IAAI,QAAQ,CAoDjC;AAED,MAAM,WAAW,0BAA0B;IACzC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;;;;;;;GAQG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,CAAC,EAAE,0BAA0B,GACnC,OAAO,CAAC,QAAQ,CAAC,CAUnB;AAED;;;;;GAKG;AACH,wBAAgB,OAAO,IAAI,IAAI,CAE9B;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,SAAS,IAAI,OAAO,CAAC,OAAO,CAAC,CAIlD;AAED;;;;;;;;;GASG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,GAAE,MAAiB,GAAG,IAAI,CASpE;AAGD,OAAO,EACL,MAAM,EACN,SAAS,IAAI,QAAQ,EACrB,SAAS,EACT,kBAAkB,EAClB,qBAAqB,EACrB,iBAAiB,EACjB,+BAA+B,GAChC,CAAC;AAEF,QAAA,MAAM,KAAK;;;;;;;;;;;;;;;;;;;CAmBV,CAAC;AAEF,eAAe,KAAK,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AACxG,OAAO,EAAE,iBAAiB,EAAsC,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,+BAA+B,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EACL,qBAAqB,EACrB,OAAO,EACP,KAAK,QAAQ,EACb,YAAY,EACZ,KAAK,KAAK,EACV,SAAS,EACT,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,EAClC,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,sBAAsB,EACtB,KAAK,WAAW,EAChB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC3B,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,WAAW,EACX,YAAY,EACZ,qBAAqB,EACrB,KAAK,UAAU,EACf,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACxB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EAC1B,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,EACvB,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,EACjC,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,UAAU,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,6BAA6B,EAC7B,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EACL,SAAS,EACT,YAAY,EACZ,OAAO,EACP,qBAAqB,EACrB,KAAK,QAAQ,EACb,KAAK,KAAK,EACV,KAAK,aAAa,EAClB,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,CAAC;AAGF,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,sBAAsB,GACvB,CAAC;AAGF,OAAO,EACL,KAAK,UAAU,EACf,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,GACxB,CAAC;AAGF,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,GAC1B,CAAC;AAGF,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,EACvB,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,GACjC,CAAC;AAEF,0BAA0B;AAC1B,eAAO,MAAM,OAAO,UAAU,CAAC;AAE/B;;;;;;;GAOG;AACH,wBAAgB,MAAM,IAAI,QAAQ,CAoDjC;AAED,MAAM,WAAW,0BAA0B;IACzC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,CAAC,EAAE,0BAA0B,GACnC,OAAO,CAAC,QAAQ,CAAC,CAqBnB;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,MAAM,IAAI,OAAO,CAAC,WAAW,CAAC,CAEnD;AAED;;;;;GAKG;AACH,wBAAgB,OAAO,IAAI,IAAI,CAE9B;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,SAAS,IAAI,OAAO,CAAC,OAAO,CAAC,CAIlD;AAGD,OAAO,EACL,MAAM,EACN,SAAS,IAAI,QAAQ,EACrB,SAAS,EACT,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EACjB,+BAA+B,EAC/B,WAAW,EACX,YAAY,EACZ,qBAAqB,GACtB,CAAC;AAEF,QAAA,MAAM,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAgCV,CAAC;AAEF,eAAe,KAAK,CAAC"}