1id 1.5.0 → 1.6.0

package/dist/devices.d.ts

@@ -1,20 +1,17 @@
 /**
- * Device management and hardware lock for the 1id.com Node.js SDK.
+ * Device management for the 1id.com Node.js SDK.
  *
  * Provides:
- *   listDevices()   -- List all devices (active and burned) bound to this identity
- *   lockHardware()  -- Permanently lock identity to its single hardware device (irreversible)
- *
- * Usage:
- *   import { listDevices, lockHardware } from "1id/devices";
- *
- *   const result = await listDevices();
- *   for (const d of result.devices) { console.log(`${d.device_type} [${d.device_status}]`); }
- *
- *   const lock = await lockHardware();
- *   console.log(`Locked: ${lock.hardware_locked}`);
+ *   listDevices()          -- List all devices (active and burned) bound to this identity
+ *   addDevice()            -- Add a hardware device (declared->hardware upgrade or co-location)
+ *   burnDevice()           -- Permanently retire a device (two-step with co-device signature)
+ *   requestBurn()          -- Step 1: request burn confirmation token
+ *   confirmBurn()          -- Step 2: confirm burn with co-device signature
+ *   lockHardware()         -- Permanently lock identity to its single device (irreversible)
+ *   registerOperatorEmail() -- Register operator contact email
  */
 import { type StoredCredentials } from "./credentials.js";
+import { OneIDError } from "./exceptions.js";
 export interface DeviceInfo {
     device_type: string;
     device_fingerprint: string;
@@ -39,6 +36,33 @@ export interface HardwareLockResult {
     trust_tier: string;
     active_device_count: number;
 }
+export interface DeviceAddResult {
+    device_type: string;
+    device_fingerprint: string;
+    trust_tier: string;
+    identity_was_upgraded_from_declared: boolean;
+    previous_tier: string | null;
+    device_serial: string | null;
+}
+export interface BurnRequestResult {
+    token_id: string;
+    expires_at: string;
+    target_device_fingerprint: string;
+    target_device_type: string;
+    active_devices_remaining_after_burn: number;
+}
+export interface BurnConfirmResult {
+    burned_device_fingerprint: string;
+    burned_device_type: string;
+    burn_reason: string | null;
+    confirmed_by_device_fingerprint: string;
+    confirmed_by_device_type: string;
+    remaining_active_devices: number;
+    new_trust_tier: string | null;
+}
+export declare class DeviceManagementError extends OneIDError {
+    constructor(message: string, error_code?: string);
+}
 /**
  * List all devices (active and burned) bound to this identity.
  *
@@ -65,6 +89,45 @@ export declare function listDevices(credentials?: StoredCredentials | null): Pro
  * @throws Error with code TOO_MANY_ACTIVE_DEVICES if identity has != 1 active device.
  */
 export declare function lockHardware(credentials?: StoredCredentials | null): Promise<HardwareLockResult>;
+/**
+ * Add a new hardware device to this identity.
+ *
+ * Two code paths, automatically selected based on identity state:
+ *   1. Declared -> hardware upgrade (no co-location): detects TPM/YubiKey,
+ *      extracts attestation, sends to server, upgrades tier, updates credentials.
+ *   2. Hardware -> hardware (co-location binding): orchestrates the 042.3
+ *      co-location ceremony (requires existing_device_fingerprint/type).
+ *
+ * @param device_type Optional 'tpm' or 'piv'. Auto-detects if omitted.
+ * @param existing_device_fingerprint For hardware-to-hardware additions only.
+ * @param existing_device_type For hardware-to-hardware additions only ('tpm' or 'piv').
+ * @param credentials Optional pre-loaded credentials.
+ */
+export declare function addDevice(device_type?: string | null, existing_device_fingerprint?: string | null, existing_device_type?: string | null, credentials?: StoredCredentials | null): Promise<DeviceAddResult>;
+/**
+ * Permanently retire (burn) a device from this identity.
+ *
+ * Two-step process: requests a burn token, signs with a co-device, and confirms.
+ * The co-device must be a DIFFERENT active device on the same identity.
+ *
+ * @param device_fingerprint Fingerprint of the device to burn.
+ * @param device_type 'tpm' or 'piv'.
+ * @param co_device_fingerprint Fingerprint of the co-signing device.
+ * @param co_device_type 'tpm' or 'piv'.
+ * @param reason Optional reason for the burn.
+ * @param credentials Optional pre-loaded credentials.
+ */
+export declare function burnDevice(device_fingerprint: string, device_type: string, co_device_fingerprint: string, co_device_type: string, reason?: string | null, credentials?: StoredCredentials | null): Promise<BurnConfirmResult>;
+/**
+ * Request a burn confirmation token (step 1 of 2).
+ *
+ * The returned token_id is valid for 5 minutes.
+ */
+export declare function requestBurn(device_fingerprint: string, device_type: string, reason?: string | null, credentials?: StoredCredentials | null): Promise<BurnRequestResult>;
+/**
+ * Confirm a burn with a co-device signature (step 2 of 2).
+ */
+export declare function confirmBurn(token_id: string, co_device_signature_b64: string, co_device_fingerprint: string, co_device_type: string, credentials?: StoredCredentials | null): Promise<BurnConfirmResult>;
 /**
  * Register or update the human operator email for this identity.
  *

package/dist/devices.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"devices.d.ts","sourceRoot":"","sources":["../src/devices.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAoB,KAAK,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAK5E,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,OAAO,EAAE,UAAU,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,OAAO,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAED;;;;;GAKG;AACH,wBAAsB,WAAW,CAC/B,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,gBAAgB,CAAC,CAiC3B;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,YAAY,CAChC,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,kBAAkB,CAAC,CAuB7B;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,sBAAsB,EAAE,MAAM,EAC9B,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,OAAO,CAAC,CAkBlB"}
+{"version":3,"file":"devices.d.ts","sourceRoot":"","sources":["../src/devices.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAsC,KAAK,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAG9F,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAG7C,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,OAAO,EAAE,UAAU,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,OAAO,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,mCAAmC,EAAE,OAAO,CAAC;IAC7C,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;CAC9B;AAED,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,yBAAyB,EAAE,MAAM,CAAC;IAClC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,mCAAmC,EAAE,MAAM,CAAC;CAC7C;AAED,MAAM,WAAW,iBAAiB;IAChC,yBAAyB,EAAE,MAAM,CAAC;IAClC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,+BAA+B,EAAE,MAAM,CAAC;IACxC,wBAAwB,EAAE,MAAM,CAAC;IACjC,wBAAwB,EAAE,MAAM,CAAC;IACjC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,qBAAa,qBAAsB,SAAQ,UAAU;gBACvC,OAAO,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM;CAIjD;AAUD;;;;;GAKG;AACH,wBAAsB,WAAW,CAC/B,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,gBAAgB,CAAC,CAiC3B;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,YAAY,CAChC,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,kBAAkB,CAAC,CAuB7B;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,SAAS,CAC7B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,EAC3B,2BAA2B,CAAC,EAAE,MAAM,GAAG,IAAI,EAC3C,oBAAoB,CAAC,EAAE,MAAM,GAAG,IAAI,EACpC,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,eAAe,CAAC,CA0B1B;AAgLD;;;;;;;;;;;;GAYG;AACH,wBAAsB,UAAU,CAC9B,kBAAkB,EAAE,MAAM,EAC1B,WAAW,EAAE,MAAM,EACnB,qBAAqB,EAAE,MAAM,EAC7B,cAAc,EAAE,MAAM,EACtB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,EACtB,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,iBAAiB,CAAC,CAkB5B;AAGD;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,kBAAkB,EAAE,MAAM,EAC1B,WAAW,EAAE,MAAM,EACnB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,EACtB,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,iBAAiB,CAAC,CAuB5B;AAGD;;GAEG;AACH,wBAAsB,WAAW,CAC/B,QAAQ,EAAE,MAAM,EAChB,uBAAuB,EAAE,MAAM,EAC/B,qBAAqB,EAAE,MAAM,EAC7B,cAAc,EAAE,MAAM,EACtB,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,iBAAiB,CAAC,CAsC5B;AA6BD;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,sBAAsB,EAAE,MAAM,EAC9B,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,GACrC,OAAO,CAAC,OAAO,CAAC,CAkBlB"}

package/dist/devices.js

@@ -1,23 +1,35 @@
 /**
- * Device management and hardware lock for the 1id.com Node.js SDK.
+ * Device management for the 1id.com Node.js SDK.
  *
  * Provides:
- *   listDevices()   -- List all devices (active and burned) bound to this identity
- *   lockHardware()  -- Permanently lock identity to its single hardware device (irreversible)
- *
- * Usage:
- *   import { listDevices, lockHardware } from "1id/devices";
- *
- *   const result = await listDevices();
- *   for (const d of result.devices) { console.log(`${d.device_type} [${d.device_status}]`); }
- *
- *   const lock = await lockHardware();
- *   console.log(`Locked: ${lock.hardware_locked}`);
+ *   listDevices()          -- List all devices (active and burned) bound to this identity
+ *   addDevice()            -- Add a hardware device (declared->hardware upgrade or co-location)
+ *   burnDevice()           -- Permanently retire a device (two-step with co-device signature)
+ *   requestBurn()          -- Step 1: request burn confirmation token
+ *   confirmBurn()          -- Step 2: confirm burn with co-device signature
+ *   lockHardware()         -- Permanently lock identity to its single device (irreversible)
+ *   registerOperatorEmail() -- Register operator contact email
  */
-import { load_credentials } from "./credentials.js";
+import { load_credentials, save_credentials } from "./credentials.js";
 import { get_token } from "./auth.js";
 import { OneIDAPIClient } from "./client.js";
+import { OneIDError } from "./exceptions.js";
 import { invalidate_world_cache } from "./world.js";
+export class DeviceManagementError extends OneIDError {
+    constructor(message, error_code) {
+        super(message, error_code ?? "DEVICE_MANAGEMENT_ERROR");
+        this.name = "DeviceManagementError";
+    }
+}
+function _raise_from_device_api_error_code(response_data) {
+    if (response_data.ok) {
+        return;
+    }
+    const error_info = (response_data.error ?? {});
+    const error_code = (error_info.code ?? "UNKNOWN");
+    const error_message = (error_info.message ?? "Device management operation failed");
+    throw new DeviceManagementError(error_message, error_code);
+}
 /**
  * List all devices (active and burned) bound to this identity.
  *
@@ -83,6 +95,275 @@ export async function lockHardware(credentials) {
         active_device_count: (lock_data.active_device_count ?? 1),
     };
 }
+/**
+ * Add a new hardware device to this identity.
+ *
+ * Two code paths, automatically selected based on identity state:
+ *   1. Declared -> hardware upgrade (no co-location): detects TPM/YubiKey,
+ *      extracts attestation, sends to server, upgrades tier, updates credentials.
+ *   2. Hardware -> hardware (co-location binding): orchestrates the 042.3
+ *      co-location ceremony (requires existing_device_fingerprint/type).
+ *
+ * @param device_type Optional 'tpm' or 'piv'. Auto-detects if omitted.
+ * @param existing_device_fingerprint For hardware-to-hardware additions only.
+ * @param existing_device_type For hardware-to-hardware additions only ('tpm' or 'piv').
+ * @param credentials Optional pre-loaded credentials.
+ */
+export async function addDevice(device_type, existing_device_fingerprint, existing_device_type, credentials) {
+    if (credentials == null) {
+        credentials = load_credentials();
+    }
+    const current_tier = credentials.trust_tier;
+    if (current_tier === "declared" || !credentials.hsm_key_reference) {
+        return _add_device_via_declared_to_hardware_upgrade(device_type ?? null, credentials);
+    }
+    if (!existing_device_fingerprint || !existing_device_type) {
+        throw new DeviceManagementError("This identity already has hardware devices. To add another device, " +
+            "you must provide existing_device_fingerprint and existing_device_type " +
+            "for the co-location binding ceremony. Use listDevices() to see current devices.", "COLOCATION_REQUIRED");
+    }
+    return _add_device_via_colocation_binding(existing_device_fingerprint, existing_device_type, device_type ?? "piv", credentials);
+}
+async function _add_device_via_declared_to_hardware_upgrade(device_type_preference, credentials) {
+    const { detect_available_hsms, extract_attestation_data } = await import("./helper.js");
+    const detected_hsms = await detect_available_hsms();
+    if (!detected_hsms || detected_hsms.length === 0) {
+        throw new DeviceManagementError("No hardware security module found. Device addition requires a TPM, YubiKey, or similar device.", "NO_HSM");
+    }
+    let selected_hsm = null;
+    if (device_type_preference) {
+        for (const hsm of detected_hsms) {
+            if (hsm.type === device_type_preference || (device_type_preference === "piv" && (hsm.type === "yubikey" || hsm.type === "piv"))) {
+                selected_hsm = hsm;
+                break;
+            }
+        }
+        if (!selected_hsm) {
+            throw new DeviceManagementError(`No ${device_type_preference} device found.`, "NO_HSM");
+        }
+    }
+    else {
+        for (const hsm of detected_hsms) {
+            if (hsm.type === "tpm") {
+                selected_hsm = hsm;
+                break;
+            }
+        }
+        if (!selected_hsm) {
+            for (const hsm of detected_hsms) {
+                if (hsm.type === "yubikey" || hsm.type === "piv") {
+                    selected_hsm = hsm;
+                    break;
+                }
+            }
+        }
+        if (!selected_hsm) {
+            throw new DeviceManagementError("Found HSM(s) but none are compatible for device addition.", "NO_HSM");
+        }
+    }
+    const attestation_data = await extract_attestation_data(selected_hsm);
+    const hsm_type = (selected_hsm.type ?? "tpm");
+    let request_body;
+    let new_hsm_key_reference;
+    let new_key_algorithm;
+    if (hsm_type === "yubikey" || hsm_type === "piv") {
+        request_body = {
+            device_type: "piv",
+            attestation_cert_pem: attestation_data.attestation_cert_pem ?? attestation_data.ek_cert_pem ?? "",
+            attestation_chain_pem: attestation_data.attestation_chain_pem ?? attestation_data.chain_pem ?? [],
+            signing_key_public_pem: attestation_data.signing_key_public_pem ?? attestation_data.ak_public_pem ?? "",
+        };
+        new_hsm_key_reference = "piv-slot-9a";
+        new_key_algorithm = "ecdsa-p256";
+    }
+    else {
+        request_body = {
+            device_type: "tpm",
+            ek_certificate_pem: attestation_data.ek_cert_pem ?? "",
+            ak_public_key_pem: attestation_data.ak_public_pem ?? "",
+            ak_tpmt_public_b64: attestation_data.ak_tpmt_public_b64 ?? "",
+            ek_public_key_pem: attestation_data.ek_public_pem ?? "",
+            ek_certificate_chain_pem: attestation_data.chain_pem ?? [],
+        };
+        new_hsm_key_reference = attestation_data.ak_handle ?? "transient";
+        new_key_algorithm = "tpm-ak";
+    }
+    const token = await get_token(false, credentials);
+    const api_client = new OneIDAPIClient(credentials.api_base_url);
+    const response_data = await api_client.make_authenticated_request("POST", "/api/v1/identity/devices/add", token.access_token, request_body);
+    _raise_from_device_api_error_code(response_data);
+    const new_tier = (response_data.trust_tier ?? (hsm_type === "tpm" ? "sovereign" : "portable"));
+    const identity_was_upgraded = Boolean(response_data.identity_upgraded);
+    if (identity_was_upgraded) {
+        const updated_credentials = {
+            ...credentials,
+            trust_tier: new_tier,
+            key_algorithm: new_key_algorithm,
+            private_key_pem: undefined,
+            hsm_key_reference: new_hsm_key_reference,
+        };
+        save_credentials(updated_credentials);
+    }
+    invalidate_world_cache();
+    return {
+        device_type: (response_data.device_type ?? request_body.device_type),
+        device_fingerprint: (response_data.device_fingerprint ?? ""),
+        trust_tier: new_tier,
+        identity_was_upgraded_from_declared: identity_was_upgraded,
+        previous_tier: (response_data.previous_tier ?? null),
+        device_serial: (response_data.device_serial ?? null),
+    };
+}
+async function _add_device_via_colocation_binding(existing_device_fingerprint, existing_device_type, new_device_type, credentials) {
+    const { run_binary_command, detect_available_hsms, extract_attestation_data } = await import("./helper.js");
+    const token = await get_token(false, credentials);
+    const api_client = new OneIDAPIClient(credentials.api_base_url);
+    const session_data = await api_client.make_authenticated_request("POST", "/api/v1/identity/piv-bind/begin", token.access_token, {
+        existing_device_fingerprint,
+        existing_device_type,
+        new_device_type,
+    });
+    const session_id = session_data.session_id;
+    const server_nonce_b64 = session_data.server_nonce_b64;
+    const ceremony_result = await run_binary_command("piv-bind-ceremony", [
+        "--nonce", server_nonce_b64,
+        "--session-id", session_id,
+        "--elevated",
+    ]);
+    const c1_quote_data = ceremony_result.c1_quote;
+    const c2_quote_data = ceremony_result.c2_quote;
+    const s2_signature_b64 = ceremony_result.s2_signature_b64;
+    const detected_hsms = await detect_available_hsms();
+    let piv_hsm = null;
+    for (const hsm of detected_hsms) {
+        if (hsm.type === "yubikey" || hsm.type === "piv") {
+            piv_hsm = hsm;
+            break;
+        }
+    }
+    if (!piv_hsm) {
+        throw new DeviceManagementError("No PIV device found for attestation extraction", "COLOCATION_FAILED");
+    }
+    const piv_attestation = await extract_attestation_data(piv_hsm);
+    const complete_data = await api_client.make_authenticated_request("POST", "/api/v1/identity/piv-bind/complete", token.access_token, {
+        session_id,
+        c1_quote: c1_quote_data,
+        s2_signature_b64,
+        c2_quote: c2_quote_data,
+        new_device_attestation: {
+            attestation_cert_pem: piv_attestation.attestation_cert_pem ?? piv_attestation.ek_cert_pem ?? "",
+            chain_pem: piv_attestation.attestation_chain_pem ?? piv_attestation.chain_pem ?? [],
+            signing_key_public_pem: piv_attestation.signing_key_public_pem ?? piv_attestation.ak_public_pem ?? "",
+            serial: piv_attestation.serial_number ?? piv_attestation.serial ?? "",
+        },
+    });
+    invalidate_world_cache();
+    return {
+        device_type: "piv",
+        device_fingerprint: (complete_data.new_device_fingerprint ?? ""),
+        trust_tier: "portable",
+        identity_was_upgraded_from_declared: false,
+        previous_tier: null,
+        device_serial: (complete_data.new_device_serial ?? null),
+    };
+}
+/**
+ * Permanently retire (burn) a device from this identity.
+ *
+ * Two-step process: requests a burn token, signs with a co-device, and confirms.
+ * The co-device must be a DIFFERENT active device on the same identity.
+ *
+ * @param device_fingerprint Fingerprint of the device to burn.
+ * @param device_type 'tpm' or 'piv'.
+ * @param co_device_fingerprint Fingerprint of the co-signing device.
+ * @param co_device_type 'tpm' or 'piv'.
+ * @param reason Optional reason for the burn.
+ * @param credentials Optional pre-loaded credentials.
+ */
+export async function burnDevice(device_fingerprint, device_type, co_device_fingerprint, co_device_type, reason, credentials) {
+    if (credentials == null) {
+        credentials = load_credentials();
+    }
+    const burn_request = await requestBurn(device_fingerprint, device_type, reason, credentials);
+    const co_device_signature_b64 = await _sign_burn_confirmation_with_co_device(burn_request.token_id, co_device_type, credentials);
+    return confirmBurn(burn_request.token_id, co_device_signature_b64, co_device_fingerprint, co_device_type, credentials);
+}
+/**
+ * Request a burn confirmation token (step 1 of 2).
+ *
+ * The returned token_id is valid for 5 minutes.
+ */
+export async function requestBurn(device_fingerprint, device_type, reason, credentials) {
+    if (credentials == null) {
+        credentials = load_credentials();
+    }
+    const token = await get_token(false, credentials);
+    const api_client = new OneIDAPIClient(credentials.api_base_url);
+    const burn_token_data = await api_client.make_authenticated_request("POST", "/api/v1/identity/devices/burn", token.access_token, {
+        device_fingerprint,
+        device_type,
+        reason: reason ?? undefined,
+    });
+    return {
+        token_id: (burn_token_data.token_id ?? ""),
+        expires_at: (burn_token_data.expires_at ?? ""),
+        target_device_fingerprint: (burn_token_data.target_device_fingerprint ?? device_fingerprint),
+        target_device_type: (burn_token_data.target_device_type ?? device_type),
+        active_devices_remaining_after_burn: (burn_token_data.active_devices_remaining_after_burn ?? 0),
+    };
+}
+/**
+ * Confirm a burn with a co-device signature (step 2 of 2).
+ */
+export async function confirmBurn(token_id, co_device_signature_b64, co_device_fingerprint, co_device_type, credentials) {
+    if (credentials == null) {
+        credentials = load_credentials();
+    }
+    const token = await get_token(false, credentials);
+    const api_client = new OneIDAPIClient(credentials.api_base_url);
+    const confirm_data = await api_client.make_authenticated_request("POST", "/api/v1/identity/devices/burn/confirm", token.access_token, {
+        token_id,
+        co_device_signature_b64,
+        co_device_fingerprint,
+        co_device_type,
+    });
+    const server_reported_new_trust_tier = (confirm_data.new_trust_tier ?? null);
+    if (server_reported_new_trust_tier && server_reported_new_trust_tier !== credentials.trust_tier) {
+        const updated_credentials = {
+            ...credentials,
+            trust_tier: server_reported_new_trust_tier,
+        };
+        save_credentials(updated_credentials);
+    }
+    invalidate_world_cache();
+    return {
+        burned_device_fingerprint: (confirm_data.burned_device_fingerprint ?? ""),
+        burned_device_type: (confirm_data.burned_device_type ?? ""),
+        burn_reason: (confirm_data.burn_reason ?? null),
+        confirmed_by_device_fingerprint: (confirm_data.confirmed_by_device_fingerprint ?? co_device_fingerprint),
+        confirmed_by_device_type: (confirm_data.confirmed_by_device_type ?? co_device_type),
+        remaining_active_devices: (confirm_data.remaining_active_devices ?? 0),
+        new_trust_tier: server_reported_new_trust_tier,
+    };
+}
+async function _sign_burn_confirmation_with_co_device(token_id, co_device_type, credentials) {
+    const message_to_sign = `BURN:${token_id}`;
+    const message_bytes_b64 = Buffer.from(message_to_sign, "utf-8").toString("base64");
+    if (co_device_type === "tpm") {
+        const { sign_challenge_with_tpm } = await import("./helper.js");
+        const ak_handle = credentials.hsm_key_reference ?? "";
+        const sign_result = await sign_challenge_with_tpm(message_bytes_b64, ak_handle);
+        return sign_result.signature_b64 ?? "";
+    }
+    else if (co_device_type === "piv") {
+        const { sign_challenge_with_piv } = await import("./helper.js");
+        const sign_result = await sign_challenge_with_piv(message_bytes_b64);
+        return sign_result.signature_b64 ?? "";
+    }
+    else {
+        throw new DeviceManagementError(`Unsupported co-device type '${co_device_type}' for burn confirmation. Must be 'tpm' or 'piv'.`, "UNSUPPORTED_DEVICE_TYPE");
+    }
+}
 /**
  * Register or update the human operator email for this identity.
  *

package/dist/devices.js.map

@@ -1 +1 @@
-{"version":3,"file":"devices.js","sourceRoot":"","sources":["../src/devices.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,gBAAgB,EAA0B,MAAM,kBAAkB,CAAC;AAC5E,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AA6BpD;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC/D,KAAK,EACL,0BAA0B,EAC1B,KAAK,CAAC,YAAY,CACnB,CAAC;IAEF,MAAM,WAAW,GAAG,CAAC,aAAa,CAAC,OAAO,IAAI,EAAE,CAA8B,CAAC;IAE/E,OAAO;QACL,oBAAoB,EAAE,CAAC,aAAa,CAAC,oBAAoB,IAAI,EAAE,CAAW;QAC1E,kBAAkB,EAAE,CAAC,aAAa,CAAC,aAAa,IAAI,CAAC,CAAW;QAChE,mBAAmB,EAAE,CAAC,aAAa,CAAC,cAAc,IAAI,CAAC,CAAW;QAClE,mBAAmB,EAAE,CAAC,aAAa,CAAC,cAAc,IAAI,CAAC,CAAW;QAClE,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACzC,WAAW,EAAE,CAAC,WAAW,CAAC,WAAW,IAAI,EAAE,CAAW;YACtD,kBAAkB,EAAE,CAAC,WAAW,CAAC,kBAAkB,IAAI,EAAE,CAAW;YACpE,aAAa,EAAE,CAAC,WAAW,CAAC,aAAa,IAAI,QAAQ,CAAW;YAChE,UAAU,EAAE,CAAC,WAAW,CAAC,UAAU,IAAI,IAAI,CAAkB;YAC7D,gBAAgB,EAAE,CAAC,WAAW,CAAC,gBAAgB,IAAI,IAAI,CAAkB;YACzE,UAAU,EAAE,CAAC,WAAW,CAAC,UAAU,IAAI,IAAI,CAAkB;YAC7D,QAAQ,EAAE,CAAC,WAAW,CAAC,QAAQ,IAAI,IAAI,CAAkB;YACzD,SAAS,EAAE,CAAC,WAAW,CAAC,SAAS,IAAI,IAAI,CAAkB;YAC3D,WAAW,EAAE,CAAC,WAAW,CAAC,WAAW,IAAI,IAAI,CAAkB;SAChE,CAAC,CAAC;KACJ,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC3D,MAAM,EACN,gCAAgC,EAChC,KAAK,CAAC,YAAY,EAClB,EAAE,CACH,CAAC;IAEF,sBAAsB,EAAE,CAAC;IAEzB,OAAO;QACL,oBAAoB,EAAE,CAAC,SAAS,CAAC,oBAAoB,IAAI,EAAE,CAAW;QACtE,eAAe,EAAE,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC;QACnD,UAAU,EAAE,CAAC,SAAS,CAAC,UAAU,IAAI,EAAE,CAAW;QAClD,mBAAmB,EAAE,CAAC,SAAS,CAAC,mBAAmB,IAAI,CAAC,CAAW;KACpE,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,sBAA8B,EAC9B,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC/D,KAAK,EACL,iCAAiC,EACjC,KAAK,CAAC,YAAY,EAClB,EAAE,cAAc,EAAE,sBAAsB,EAAE,CAC3C,CAAC;IAEF,sBAAsB,EAAE,CAAC;IAEzB,OAAO,OAAO,CAAC,aAAa,CAAC,yBAAyB,CAAC,CAAC;AAC1D,CAAC"}
+{"version":3,"file":"devices.js","sourceRoot":"","sources":["../src/devices.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAA0B,MAAM,kBAAkB,CAAC;AAC9F,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAwDpD,MAAM,OAAO,qBAAsB,SAAQ,UAAU;IACnD,YAAY,OAAe,EAAE,UAAmB;QAC9C,KAAK,CAAC,OAAO,EAAE,UAAU,IAAI,yBAAyB,CAAC,CAAC;QACxD,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED,SAAS,iCAAiC,CAAC,aAAsC;IAC/E,IAAI,aAAa,CAAC,EAAE,EAAE,CAAC;QAAC,OAAO;IAAC,CAAC;IACjC,MAAM,UAAU,GAAG,CAAC,aAAa,CAAC,KAAK,IAAI,EAAE,CAA4B,CAAC;IAC1E,MAAM,UAAU,GAAG,CAAC,UAAU,CAAC,IAAI,IAAI,SAAS,CAAW,CAAC;IAC5D,MAAM,aAAa,GAAG,CAAC,UAAU,CAAC,OAAO,IAAI,oCAAoC,CAAW,CAAC;IAC7F,MAAM,IAAI,qBAAqB,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC/D,KAAK,EACL,0BAA0B,EAC1B,KAAK,CAAC,YAAY,CACnB,CAAC;IAEF,MAAM,WAAW,GAAG,CAAC,aAAa,CAAC,OAAO,IAAI,EAAE,CAA8B,CAAC;IAE/E,OAAO;QACL,oBAAoB,EAAE,CAAC,aAAa,CAAC,oBAAoB,IAAI,EAAE,CAAW;QAC1E,kBAAkB,EAAE,CAAC,aAAa,CAAC,aAAa,IAAI,CAAC,CAAW;QAChE,mBAAmB,EAAE,CAAC,aAAa,CAAC,cAAc,IAAI,CAAC,CAAW;QAClE,mBAAmB,EAAE,CAAC,aAAa,CAAC,cAAc,IAAI,CAAC,CAAW;QAClE,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACzC,WAAW,EAAE,CAAC,WAAW,CAAC,WAAW,IAAI,EAAE,CAAW;YACtD,kBAAkB,EAAE,CAAC,WAAW,CAAC,kBAAkB,IAAI,EAAE,CAAW;YACpE,aAAa,EAAE,CAAC,WAAW,CAAC,aAAa,IAAI,QAAQ,CAAW;YAChE,UAAU,EAAE,CAAC,WAAW,CAAC,UAAU,IAAI,IAAI,CAAkB;YAC7D,gBAAgB,EAAE,CAAC,WAAW,CAAC,gBAAgB,IAAI,IAAI,CAAkB;YACzE,UAAU,EAAE,CAAC,WAAW,CAAC,UAAU,IAAI,IAAI,CAAkB;YAC7D,QAAQ,EAAE,CAAC,WAAW,CAAC,QAAQ,IAAI,IAAI,CAAkB;YACzD,SAAS,EAAE,CAAC,WAAW,CAAC,SAAS,IAAI,IAAI,CAAkB;YAC3D,WAAW,EAAE,CAAC,WAAW,CAAC,WAAW,IAAI,IAAI,CAAkB;SAChE,CAAC,CAAC;KACJ,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC3D,MAAM,EACN,gCAAgC,EAChC,KAAK,CAAC,YAAY,EAClB,EAAE,CACH,CAAC;IAEF,sBAAsB,EAAE,CAAC;IAEzB,OAAO;QACL,oBAAoB,EAAE,CAAC,SAAS,CAAC,oBAAoB,IAAI,EAAE,CAAW;QACtE,eAAe,EAAE,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC;QACnD,UAAU,EAAE,CAAC,SAAS,CAAC,UAAU,IAAI,EAAE,CAAW;QAClD,mBAAmB,EAAE,CAAC,SAAS,CAAC,mBAAmB,IAAI,CAAC,CAAW;KACpE,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,WAA2B,EAC3B,2BAA2C,EAC3C,oBAAoC,EACpC,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,YAAY,GAAG,WAAW,CAAC,UAAU,CAAC;IAE5C,IAAI,YAAY,KAAK,UAAU,IAAI,CAAC,WAAW,CAAC,iBAAiB,EAAE,CAAC;QAClE,OAAO,4CAA4C,CAAC,WAAW,IAAI,IAAI,EAAE,WAAW,CAAC,CAAC;IACxF,CAAC;IAED,IAAI,CAAC,2BAA2B,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1D,MAAM,IAAI,qBAAqB,CAC7B,qEAAqE;YACrE,wEAAwE;YACxE,iFAAiF,EACjF,qBAAqB,CACtB,CAAC;IACJ,CAAC;IAED,OAAO,kCAAkC,CACvC,2BAA2B,EAC3B,oBAAoB,EACpB,WAAW,IAAI,KAAK,EACpB,WAAW,CACZ,CAAC;AACJ,CAAC;AAGD,KAAK,UAAU,4CAA4C,CACzD,sBAAqC,EACrC,WAA8B;IAE9B,MAAM,EAAE,qBAAqB,EAAE,wBAAwB,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAExF,MAAM,aAAa,GAAG,MAAM,qBAAqB,EAAE,CAAC;IACpD,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,qBAAqB,CAC7B,gGAAgG,EAChG,QAAQ,CACT,CAAC;IACJ,CAAC;IAED,IAAI,YAAY,GAAmC,IAAI,CAAC;IACxD,IAAI,sBAAsB,EAAE,CAAC;QAC3B,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,IAAI,GAAG,CAAC,IAAI,KAAK,sBAAsB,IAAI,CAAC,sBAAsB,KAAK,KAAK,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;gBAChI,YAAY,GAAG,GAAG,CAAC;gBACnB,MAAM;YACR,CAAC;QACH,CAAC;QACD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,qBAAqB,CAAC,MAAM,sBAAsB,gBAAgB,EAAE,QAAQ,CAAC,CAAC;QAC1F,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,IAAI,GAAG,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBAAC,YAAY,GAAG,GAAG,CAAC;gBAAC,MAAM;YAAC,CAAC;QACxD,CAAC;QACD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAChC,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;oBAAC,YAAY,GAAG,GAAG,CAAC;oBAAC,MAAM;gBAAC,CAAC;YAClF,CAAC;QACH,CAAC;QACD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,qBAAqB,CAAC,2DAA2D,EAAE,QAAQ,CAAC,CAAC;QACzG,CAAC;IACH,CAAC;IAED,MAAM,gBAAgB,GAAG,MAAM,wBAAwB,CAAC,YAAY,CAAC,CAAC;IACtE,MAAM,QAAQ,GAAG,CAAC,YAAY,CAAC,IAAI,IAAI,KAAK,CAAW,CAAC;IAExD,IAAI,YAAqC,CAAC;IAC1C,IAAI,qBAA6B,CAAC;IAClC,IAAI,iBAAyB,CAAC;IAE9B,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;QACjD,YAAY,GAAG;YACb,WAAW,EAAE,KAAK;YAClB,oBAAoB,EAAE,gBAAgB,CAAC,oBAAoB,IAAI,gBAAgB,CAAC,WAAW,IAAI,EAAE;YACjG,qBAAqB,EAAE,gBAAgB,CAAC,qBAAqB,IAAI,gBAAgB,CAAC,SAAS,IAAI,EAAE;YACjG,sBAAsB,EAAE,gBAAgB,CAAC,sBAAsB,IAAI,gBAAgB,CAAC,aAAa,IAAI,EAAE;SACxG,CAAC;QACF,qBAAqB,GAAG,aAAa,CAAC;QACtC,iBAAiB,GAAG,YAAY,CAAC;IACnC,CAAC;SAAM,CAAC;QACN,YAAY,GAAG;YACb,WAAW,EAAE,KAAK;YAClB,kBAAkB,EAAE,gBAAgB,CAAC,WAAW,IAAI,EAAE;YACtD,iBAAiB,EAAE,gBAAgB,CAAC,aAAa,IAAI,EAAE;YACvD,kBAAkB,EAAE,gBAAgB,CAAC,kBAAkB,IAAI,EAAE;YAC7D,iBAAiB,EAAE,gBAAgB,CAAC,aAAa,IAAI,EAAE;YACvD,wBAAwB,EAAE,gBAAgB,CAAC,SAAS,IAAI,EAAE;SAC3D,CAAC;QACF,qBAAqB,GAAI,gBAAgB,CAAC,SAAoB,IAAI,WAAW,CAAC;QAC9E,iBAAiB,GAAG,QAAQ,CAAC;IAC/B,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAChE,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC/D,MAAM,EAAE,8BAA8B,EAAE,KAAK,CAAC,YAAY,EAAE,YAAY,CACzE,CAAC;IACF,iCAAiC,CAAC,aAAa,CAAC,CAAC;IAEjD,MAAM,QAAQ,GAAG,CAAC,aAAa,CAAC,UAAU,IAAI,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,UAAU,CAAC,CAAW,CAAC;IACzG,MAAM,qBAAqB,GAAG,OAAO,CAAC,aAAa,CAAC,iBAAiB,CAAC,CAAC;IAEvE,IAAI,qBAAqB,EAAE,CAAC;QAC1B,MAAM,mBAAmB,GAAsB;YAC7C,GAAG,WAAW;YACd,UAAU,EAAE,QAAQ;YACpB,aAAa,EAAE,iBAAiB;YAChC,eAAe,EAAE,SAAS;YAC1B,iBAAiB,EAAE,qBAAqB;SACzC,CAAC;QACF,gBAAgB,CAAC,mBAAmB,CAAC,CAAC;IACxC,CAAC;IAED,sBAAsB,EAAE,CAAC;IAEzB,OAAO;QACL,WAAW,EAAE,CAAC,aAAa,CAAC,WAAW,IAAI,YAAY,CAAC,WAAW,CAAW;QAC9E,kBAAkB,EAAE,CAAC,aAAa,CAAC,kBAAkB,IAAI,EAAE,CAAW;QACtE,UAAU,EAAE,QAAQ;QACpB,mCAAmC,EAAE,qBAAqB;QAC1D,aAAa,EAAE,CAAC,aAAa,CAAC,aAAa,IAAI,IAAI,CAAkB;QACrE,aAAa,EAAE,CAAC,aAAa,CAAC,aAAa,IAAI,IAAI,CAAkB;KACtE,CAAC;AACJ,CAAC;AAGD,KAAK,UAAU,kCAAkC,CAC/C,2BAAmC,EACnC,oBAA4B,EAC5B,eAAuB,EACvB,WAA8B;IAE9B,MAAM,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,wBAAwB,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAE5G,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC9D,MAAM,EAAE,iCAAiC,EAAE,KAAK,CAAC,YAAY,EAAE;QAC7D,2BAA2B;QAC3B,oBAAoB;QACpB,eAAe;KAChB,CACF,CAAC;IAEF,MAAM,UAAU,GAAG,YAAY,CAAC,UAAoB,CAAC;IACrD,MAAM,gBAAgB,GAAG,YAAY,CAAC,gBAA0B,CAAC;IAEjE,MAAM,eAAe,GAAG,MAAM,kBAAkB,CAAC,mBAAmB,EAAE;QACpE,SAAS,EAAE,gBAAgB;QAC3B,cAAc,EAAE,UAAU;QAC1B,YAAY;KACb,CAAC,CAAC;IAEH,MAAM,aAAa,GAAG,eAAe,CAAC,QAAmC,CAAC;IAC1E,MAAM,aAAa,GAAG,eAAe,CAAC,QAAmC,CAAC;IAC1E,MAAM,gBAAgB,GAAG,eAAe,CAAC,gBAA0B,CAAC;IAEpE,MAAM,aAAa,GAAG,MAAM,qBAAqB,EAAE,CAAC;IACpD,IAAI,OAAO,GAAmC,IAAI,CAAC;IACnD,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QAChC,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YAAC,OAAO,GAAG,GAAG,CAAC;YAAC,MAAM;QAAC,CAAC;IAC7E,CAAC;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,qBAAqB,CAAC,gDAAgD,EAAE,mBAAmB,CAAC,CAAC;IACzG,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,wBAAwB,CAAC,OAAO,CAAC,CAAC;IAEhE,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC/D,MAAM,EAAE,oCAAoC,EAAE,KAAK,CAAC,YAAY,EAAE;QAChE,UAAU;QACV,QAAQ,EAAE,aAAa;QACvB,gBAAgB;QAChB,QAAQ,EAAE,aAAa;QACvB,sBAAsB,EAAE;YACtB,oBAAoB,EAAE,eAAe,CAAC,oBAAoB,IAAI,eAAe,CAAC,WAAW,IAAI,EAAE;YAC/F,SAAS,EAAE,eAAe,CAAC,qBAAqB,IAAI,eAAe,CAAC,SAAS,IAAI,EAAE;YACnF,sBAAsB,EAAE,eAAe,CAAC,sBAAsB,IAAI,eAAe,CAAC,aAAa,IAAI,EAAE;YACrG,MAAM,EAAE,eAAe,CAAC,aAAa,IAAI,eAAe,CAAC,MAAM,IAAI,EAAE;SACtE;KACF,CACF,CAAC;IAEF,sBAAsB,EAAE,CAAC;IAEzB,OAAO;QACL,WAAW,EAAE,KAAK;QAClB,kBAAkB,EAAE,CAAC,aAAa,CAAC,sBAAsB,IAAI,EAAE,CAAW;QAC1E,UAAU,EAAE,UAAU;QACtB,mCAAmC,EAAE,KAAK;QAC1C,aAAa,EAAE,IAAI;QACnB,aAAa,EAAE,CAAC,aAAa,CAAC,iBAAiB,IAAI,IAAI,CAAkB;KAC1E,CAAC;AACJ,CAAC;AAGD;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,kBAA0B,EAC1B,WAAmB,EACnB,qBAA6B,EAC7B,cAAsB,EACtB,MAAsB,EACtB,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC,kBAAkB,EAAE,WAAW,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;IAE7F,MAAM,uBAAuB,GAAG,MAAM,sCAAsC,CAC1E,YAAY,CAAC,QAAQ,EAAE,cAAc,EAAE,WAAW,CACnD,CAAC;IAEF,OAAO,WAAW,CAChB,YAAY,CAAC,QAAQ,EACrB,uBAAuB,EACvB,qBAAqB,EACrB,cAAc,EACd,WAAW,CACZ,CAAC;AACJ,CAAC;AAGD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,kBAA0B,EAC1B,WAAmB,EACnB,MAAsB,EACtB,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,eAAe,GAAG,MAAM,UAAU,CAAC,0BAA0B,CACjE,MAAM,EAAE,+BAA+B,EAAE,KAAK,CAAC,YAAY,EAAE;QAC3D,kBAAkB;QAClB,WAAW;QACX,MAAM,EAAE,MAAM,IAAI,SAAS;KAC5B,CACF,CAAC;IAEF,OAAO;QACL,QAAQ,EAAE,CAAC,eAAe,CAAC,QAAQ,IAAI,EAAE,CAAW;QACpD,UAAU,EAAE,CAAC,eAAe,CAAC,UAAU,IAAI,EAAE,CAAW;QACxD,yBAAyB,EAAE,CAAC,eAAe,CAAC,yBAAyB,IAAI,kBAAkB,CAAW;QACtG,kBAAkB,EAAE,CAAC,eAAe,CAAC,kBAAkB,IAAI,WAAW,CAAW;QACjF,mCAAmC,EAAE,CAAC,eAAe,CAAC,mCAAmC,IAAI,CAAC,CAAW;KAC1G,CAAC;AACJ,CAAC;AAGD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,QAAgB,EAChB,uBAA+B,EAC/B,qBAA6B,EAC7B,cAAsB,EACtB,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC9D,MAAM,EAAE,uCAAuC,EAAE,KAAK,CAAC,YAAY,EAAE;QACnE,QAAQ;QACR,uBAAuB;QACvB,qBAAqB;QACrB,cAAc;KACf,CACF,CAAC;IAEF,MAAM,8BAA8B,GAAG,CAAC,YAAY,CAAC,cAAc,IAAI,IAAI,CAAkB,CAAC;IAE9F,IAAI,8BAA8B,IAAI,8BAA8B,KAAK,WAAW,CAAC,UAAU,EAAE,CAAC;QAChG,MAAM,mBAAmB,GAAsB;YAC7C,GAAG,WAAW;YACd,UAAU,EAAE,8BAA8B;SAC3C,CAAC;QACF,gBAAgB,CAAC,mBAAmB,CAAC,CAAC;IACxC,CAAC;IAED,sBAAsB,EAAE,CAAC;IAEzB,OAAO;QACL,yBAAyB,EAAE,CAAC,YAAY,CAAC,yBAAyB,IAAI,EAAE,CAAW;QACnF,kBAAkB,EAAE,CAAC,YAAY,CAAC,kBAAkB,IAAI,EAAE,CAAW;QACrE,WAAW,EAAE,CAAC,YAAY,CAAC,WAAW,IAAI,IAAI,CAAkB;QAChE,+BAA+B,EAAE,CAAC,YAAY,CAAC,+BAA+B,IAAI,qBAAqB,CAAW;QAClH,wBAAwB,EAAE,CAAC,YAAY,CAAC,wBAAwB,IAAI,cAAc,CAAW;QAC7F,wBAAwB,EAAE,CAAC,YAAY,CAAC,wBAAwB,IAAI,CAAC,CAAW;QAChF,cAAc,EAAE,8BAA8B;KAC/C,CAAC;AACJ,CAAC;AAGD,KAAK,UAAU,sCAAsC,CACnD,QAAgB,EAChB,cAAsB,EACtB,WAA8B;IAE9B,MAAM,eAAe,GAAG,QAAQ,QAAQ,EAAE,CAAC;IAC3C,MAAM,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAEnF,IAAI,cAAc,KAAK,KAAK,EAAE,CAAC;QAC7B,MAAM,EAAE,uBAAuB,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,SAAS,GAAG,WAAW,CAAC,iBAAiB,IAAI,EAAE,CAAC;QACtD,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC;QAChF,OAAQ,WAAW,CAAC,aAAwB,IAAI,EAAE,CAAC;IACrD,CAAC;SAAM,IAAI,cAAc,KAAK,KAAK,EAAE,CAAC;QACpC,MAAM,EAAE,uBAAuB,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;QACrE,OAAQ,WAAW,CAAC,aAAwB,IAAI,EAAE,CAAC;IACrD,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,qBAAqB,CAC7B,+BAA+B,cAAc,kDAAkD,EAC/F,yBAAyB,CAC1B,CAAC;IACJ,CAAC;AACH,CAAC;AAGD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,sBAA8B,EAC9B,WAAsC;IAEtC,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;QACxB,WAAW,GAAG,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAEhE,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,0BAA0B,CAC/D,KAAK,EACL,iCAAiC,EACjC,KAAK,CAAC,YAAY,EAClB,EAAE,cAAc,EAAE,sBAAsB,EAAE,CAC3C,CAAC;IAEF,sBAAsB,EAAE,CAAC;IAEzB,OAAO,OAAO,CAAC,aAAa,CAAC,yBAAyB,CAAC,CAAC;AAC1D,CAAC"}

package/dist/index.d.ts

@@ -22,7 +22,7 @@ import { enroll, type EnrollOptions } from "./enroll.js";
 import { sign_challenge_with_private_key } from "./keys.js";
 import { DEFAULT_KEY_ALGORITHM, HSMType, type Identity, KeyAlgorithm, type Token, TrustTier, this_token_has_not_yet_expired, format_authorization_header_value, format_identity_as_display_string } from "./identity.js";
 import { invalidate_world_cache, type WorldStatus, type WorldIdentitySection, type WorldDeviceEntry, type WorldServiceEntry, type WorldGuidanceItem, type WorldOperatorGuidance } from "./world.js";
-import { listDevices, lockHardware, registerOperatorEmail, type DeviceInfo, type DeviceListResult, type HardwareLockResult } from "./devices.js";
+import { listDevices, addDevice, burnDevice, requestBurn, confirmBurn, lockHardware, registerOperatorEmail, DeviceManagementError, type DeviceInfo, type DeviceListResult, type DeviceAddResult, type BurnRequestResult, type BurnConfirmResult, type HardwareLockResult } from "./devices.js";
 import { signChallenge, verifyPeerIdentity, PeerVerificationError, CertificateChainValidationError, SignatureVerificationError, MissingIdentityCertificateError, type IdentityProofBundle, type VerifiedPeerIdentity } from "./verify.js";
 import { prepareAttestation, prepare_direct_hardware_attestation, compute_rfc_message_binding_nonce, canonicalise_headers_for_message_binding, canonicalise_headers_for_direct_attestation, canonicalise_body_using_dkim_simple, canonicalise_header_value_using_dkim_relaxed, canonicalise_header_name_using_dkim_relaxed, compute_attestation_digest_for_direct_mode, build_cms_signed_data_for_direct_attestation, type AttestationProof, type PrepareAttestationOptions, type DirectAttestationProof } from "./attestation.js";
 import { refresh_trust_roots, get_trust_roots } from "./trustRoots.js";
@@ -31,7 +31,7 @@ import { generateConsentToken, listCredentialPointers, setCredentialPointerVisib
 export { OneIDError, EnrollmentError, NoHSMError, UACDeniedError, HSMAccessError, TPMSetupRequiredError, AlreadyEnrolledError, HandleTakenError, HandleInvalidError, HandleRetiredError, AuthenticationError, HardwareDeviceNotPresentError, NetworkError, NotEnrolledError, BinaryNotFoundError, RateLimitExceededError, } from "./exceptions.js";
 export { TrustTier, KeyAlgorithm, HSMType, DEFAULT_KEY_ALGORITHM, type Identity, type Token, type EnrollOptions, this_token_has_not_yet_expired, format_authorization_header_value, format_identity_as_display_string, };
 export { type WorldStatus, type WorldIdentitySection, type WorldDeviceEntry, type WorldServiceEntry, type WorldGuidanceItem, type WorldOperatorGuidance, invalidate_world_cache, };
-export { type DeviceInfo, type DeviceListResult, type HardwareLockResult, };
+export { DeviceManagementError, type DeviceInfo, type DeviceListResult, type DeviceAddResult, type BurnRequestResult, type BurnConfirmResult, type HardwareLockResult, };
 export { signChallenge, verifyPeerIdentity, refresh_trust_roots, get_trust_roots, PeerVerificationError, CertificateChainValidationError, SignatureVerificationError, MissingIdentityCertificateError, type IdentityProofBundle, type VerifiedPeerIdentity, };
 export { generateConsentToken, listCredentialPointers, setCredentialPointerVisibility, removeCredentialPointer, type ConsentTokenResult, type CredentialPointerInfo, type CredentialPointerListResult, };
 export { prepareAttestation, prepare_direct_hardware_attestation, compute_rfc_message_binding_nonce, canonicalise_headers_for_message_binding, canonicalise_headers_for_direct_attestation, canonicalise_body_using_dkim_simple, canonicalise_header_value_using_dkim_relaxed, canonicalise_header_name_using_dkim_relaxed, compute_attestation_digest_for_direct_mode, build_cms_signed_data_for_direct_attestation, type AttestationProof, type PrepareAttestationOptions, type DirectAttestationProof, };
@@ -113,7 +113,7 @@ export declare function refresh(): void;
  * @throws HSMAccessError if the registry key could not be set.
  */
 export declare function setup_tbs(): Promise<boolean>;
-export { enroll, get_token as getToken, get_token, clear_cached_token, authenticate_with_tpm, authenticate_with_piv, credentials_exist, sign_challenge_with_private_key, listDevices, lockHardware, registerOperatorEmail, };
+export { enroll, get_token as getToken, get_token, clear_cached_token, authenticate_with_tpm, authenticate_with_piv, credentials_exist, sign_challenge_with_private_key, listDevices, addDevice, burnDevice, requestBurn, confirmBurn, lockHardware, registerOperatorEmail, };
 declare const oneid: {
     enroll: typeof enroll;
     getOrCreateIdentity: typeof getOrCreateIdentity;
@@ -131,6 +131,10 @@ declare const oneid: {
     format_identity_as_display_string: typeof format_identity_as_display_string;
     invalidate_world_cache: typeof invalidate_world_cache;
     listDevices: typeof listDevices;
+    addDevice: typeof addDevice;
+    burnDevice: typeof burnDevice;
+    requestBurn: typeof requestBurn;
+    confirmBurn: typeof confirmBurn;
     lockHardware: typeof lockHardware;
     registerOperatorEmail: typeof registerOperatorEmail;
     signChallenge: typeof signChallenge;

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AACxG,OAAO,EAAE,iBAAiB,EAAsC,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,+BAA+B,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EACL,qBAAqB,EACrB,OAAO,EACP,KAAK,QAAQ,EACb,YAAY,EACZ,KAAK,KAAK,EACV,SAAS,EACT,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,EAClC,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,sBAAsB,EACtB,KAAK,WAAW,EAChB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC3B,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,WAAW,EACX,YAAY,EACZ,qBAAqB,EACrB,KAAK,UAAU,EACf,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACxB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EAC1B,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,kBAAkB,EAClB,mCAAmC,EACnC,iCAAiC,EACjC,wCAAwC,EACxC,2CAA2C,EAC3C,mCAAmC,EACnC,4CAA4C,EAC5C,2CAA2C,EAC3C,0CAA0C,EAC1C,4CAA4C,EAC5C,KAAK,gBAAgB,EACrB,KAAK,yBAAyB,EAC9B,KAAK,sBAAsB,EAC5B,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EACL,IAAI,IAAI,YAAY,EACpB,QAAQ,IAAI,gBAAgB,EAC5B,KAAK,IAAI,aAAa,EACtB,iBAAiB,IAAI,yBAAyB,EAC9C,KAAK,UAAU,IAAI,iBAAiB,EACpC,KAAK,cAAc,EACnB,KAAK,0BAA0B,EAC/B,KAAK,YAAY,IAAI,mBAAmB,EACxC,KAAK,WAAW,IAAI,kBAAkB,EACtC,KAAK,eAAe,IAAI,sBAAsB,EAC9C,KAAK,YAAY,IAAI,mBAAmB,EACxC,KAAK,eAAe,IAAI,sBAAsB,EAC/C,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,EACvB,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,EACjC,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,UAAU,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,6BAA6B,EAC7B,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EACL,SAAS,EACT,YAAY,EACZ,OAAO,EACP,qBAAqB,EACrB,KAAK,QAAQ,EACb,KAAK,KAAK,EACV,KAAK,aAAa,EAClB,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,CAAC;AAGF,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,sBAAsB,GACvB,CAAC;AAGF,OAAO,EACL,KAAK,UAAU,EACf,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,GACxB,CAAC;AAGF,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,GAC1B,CAAC;AAGF,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,EACvB,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,GACjC,CAAC;AAGF,OAAO,EACL,kBAAkB,EAClB,mCAAmC,EACnC,iCAAiC,EACjC,wCAAwC,EACxC,2CAA2C,EAC3C,mCAAmC,EACnC,4CAA4C,EAC5C,2CAA2C,EAC3C,0CAA0C,EAC1C,4CAA4C,EAC5C,KAAK,gBAAgB,EACrB,KAAK,yBAAyB,EAC9B,KAAK,sBAAsB,GAC5B,CAAC;AAGF,OAAO,EACL,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACnB,KAAK,0BAA0B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,mBAAmB,EACxB,KAAK,sBAAsB,GAC5B,CAAC;AAEF,qFAAqF;AACrF,eAAO,MAAM,OAAO;;;;;CAKnB,CAAC;AAEF,0BAA0B;AAC1B,eAAO,MAAM,OAAO,UAAU,CAAC;AAE/B;;;;;;;GAOG;AACH,wBAAgB,MAAM,IAAI,QAAQ,CAoDjC;AAED,MAAM,WAAW,0BAA0B;IACzC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,CAAC,EAAE,0BAA0B,GACnC,OAAO,CAAC,QAAQ,CAAC,CAqBnB;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,MAAM,IAAI,OAAO,CAAC,WAAW,CAAC,CAEnD;AAED;;;;;GAKG;AACH,wBAAgB,OAAO,IAAI,IAAI,CAE9B;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,SAAS,IAAI,OAAO,CAAC,OAAO,CAAC,CAIlD;AAGD,OAAO,EACL,MAAM,EACN,SAAS,IAAI,QAAQ,EACrB,SAAS,EACT,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EACjB,+BAA+B,EAC/B,WAAW,EACX,YAAY,EACZ,qBAAqB,GACtB,CAAC;AAEF,QAAA,MAAM,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2CV,CAAC;AAEF,eAAe,KAAK,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AACxG,OAAO,EAAE,iBAAiB,EAAsC,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,+BAA+B,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EACL,qBAAqB,EACrB,OAAO,EACP,KAAK,QAAQ,EACb,YAAY,EACZ,KAAK,KAAK,EACV,SAAS,EACT,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,EAClC,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,sBAAsB,EACtB,KAAK,WAAW,EAChB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC3B,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,WAAW,EACX,SAAS,EACT,UAAU,EACV,WAAW,EACX,WAAW,EACX,YAAY,EACZ,qBAAqB,EACrB,qBAAqB,EACrB,KAAK,UAAU,EACf,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACpB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,EACxB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EAC1B,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,kBAAkB,EAClB,mCAAmC,EACnC,iCAAiC,EACjC,wCAAwC,EACxC,2CAA2C,EAC3C,mCAAmC,EACnC,4CAA4C,EAC5C,2CAA2C,EAC3C,0CAA0C,EAC1C,4CAA4C,EAC5C,KAAK,gBAAgB,EACrB,KAAK,yBAAyB,EAC9B,KAAK,sBAAsB,EAC5B,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EACL,IAAI,IAAI,YAAY,EACpB,QAAQ,IAAI,gBAAgB,EAC5B,KAAK,IAAI,aAAa,EACtB,iBAAiB,IAAI,yBAAyB,EAC9C,KAAK,UAAU,IAAI,iBAAiB,EACpC,KAAK,cAAc,EACnB,KAAK,0BAA0B,EAC/B,KAAK,YAAY,IAAI,mBAAmB,EACxC,KAAK,WAAW,IAAI,kBAAkB,EACtC,KAAK,eAAe,IAAI,sBAAsB,EAC9C,KAAK,YAAY,IAAI,mBAAmB,EACxC,KAAK,eAAe,IAAI,sBAAsB,EAC/C,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,EACvB,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,EACjC,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,UAAU,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,6BAA6B,EAC7B,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EACL,SAAS,EACT,YAAY,EACZ,OAAO,EACP,qBAAqB,EACrB,KAAK,QAAQ,EACb,KAAK,KAAK,EACV,KAAK,aAAa,EAClB,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,CAAC;AAGF,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,sBAAsB,GACvB,CAAC;AAGF,OAAO,EACL,qBAAqB,EACrB,KAAK,UAAU,EACf,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACpB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,GACxB,CAAC;AAGF,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,GAC1B,CAAC;AAGF,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,EACvB,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,GACjC,CAAC;AAGF,OAAO,EACL,kBAAkB,EAClB,mCAAmC,EACnC,iCAAiC,EACjC,wCAAwC,EACxC,2CAA2C,EAC3C,mCAAmC,EACnC,4CAA4C,EAC5C,2CAA2C,EAC3C,0CAA0C,EAC1C,4CAA4C,EAC5C,KAAK,gBAAgB,EACrB,KAAK,yBAAyB,EAC9B,KAAK,sBAAsB,GAC5B,CAAC;AAGF,OAAO,EACL,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACnB,KAAK,0BAA0B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,mBAAmB,EACxB,KAAK,sBAAsB,GAC5B,CAAC;AAEF,qFAAqF;AACrF,eAAO,MAAM,OAAO;;;;;CAKnB,CAAC;AAEF,0BAA0B;AAC1B,eAAO,MAAM,OAAO,UAAU,CAAC;AAE/B;;;;;;;GAOG;AACH,wBAAgB,MAAM,IAAI,QAAQ,CAoDjC;AAED,MAAM,WAAW,0BAA0B;IACzC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,CAAC,EAAE,0BAA0B,GACnC,OAAO,CAAC,QAAQ,CAAC,CAqBnB;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,MAAM,IAAI,OAAO,CAAC,WAAW,CAAC,CAEnD;AAED;;;;;GAKG;AACH,wBAAgB,OAAO,IAAI,IAAI,CAE9B;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,SAAS,IAAI,OAAO,CAAC,OAAO,CAAC,CAIlD;AAGD,OAAO,EACL,MAAM,EACN,SAAS,IAAI,QAAQ,EACrB,SAAS,EACT,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EACjB,+BAA+B,EAC/B,WAAW,EACX,SAAS,EACT,UAAU,EACV,WAAW,EACX,WAAW,EACX,YAAY,EACZ,qBAAqB,GACtB,CAAC;AAEF,QAAA,MAAM,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+CV,CAAC;AAEF,eAAe,KAAK,CAAC"}

package/dist/index.js

@@ -22,7 +22,7 @@ import { enroll } from "./enroll.js";
 import { sign_challenge_with_private_key } from "./keys.js";
 import { DEFAULT_KEY_ALGORITHM, HSMType, KeyAlgorithm, TrustTier, this_token_has_not_yet_expired, format_authorization_header_value, format_identity_as_display_string, } from "./identity.js";
 import { fetch_world_status_from_server, invalidate_world_cache, } from "./world.js";
-import { listDevices, lockHardware, registerOperatorEmail, } from "./devices.js";
+import { listDevices, addDevice, burnDevice, requestBurn, confirmBurn, lockHardware, registerOperatorEmail, DeviceManagementError, } from "./devices.js";
 import { signChallenge, verifyPeerIdentity, PeerVerificationError, CertificateChainValidationError, SignatureVerificationError, MissingIdentityCertificateError, } from "./verify.js";
 import { prepareAttestation, prepare_direct_hardware_attestation, compute_rfc_message_binding_nonce, canonicalise_headers_for_message_binding, canonicalise_headers_for_direct_attestation, canonicalise_body_using_dkim_simple, canonicalise_header_value_using_dkim_relaxed, canonicalise_header_name_using_dkim_relaxed, compute_attestation_digest_for_direct_mode, build_cms_signed_data_for_direct_attestation, } from "./attestation.js";
 import { refresh_trust_roots, get_trust_roots } from "./trustRoots.js";
@@ -34,6 +34,8 @@ export { OneIDError, EnrollmentError, NoHSMError, UACDeniedError, HSMAccessError
 export { TrustTier, KeyAlgorithm, HSMType, DEFAULT_KEY_ALGORITHM, this_token_has_not_yet_expired, format_authorization_header_value, format_identity_as_display_string, };
 // Re-export world/status types
 export { invalidate_world_cache, };
+// Re-export device management types and error
+export { DeviceManagementError, };
 // Re-export peer verification types and functions
 export { signChallenge, verifyPeerIdentity, refresh_trust_roots, get_trust_roots, PeerVerificationError, CertificateChainValidationError, SignatureVerificationError, MissingIdentityCertificateError, };
 // Re-export credential pointer functions and types
@@ -186,7 +188,7 @@ export async function setup_tbs() {
     return result.ok ?? false;
 }
 // Re-export core functions
-export { enroll, get_token as getToken, get_token, clear_cached_token, authenticate_with_tpm, authenticate_with_piv, credentials_exist, sign_challenge_with_private_key, listDevices, lockHardware, registerOperatorEmail, };
+export { enroll, get_token as getToken, get_token, clear_cached_token, authenticate_with_tpm, authenticate_with_piv, credentials_exist, sign_challenge_with_private_key, listDevices, addDevice, burnDevice, requestBurn, confirmBurn, lockHardware, registerOperatorEmail, };
 const oneid = {
     enroll,
     getOrCreateIdentity,
@@ -204,6 +206,10 @@ const oneid = {
     format_identity_as_display_string,
     invalidate_world_cache,
     listDevices,
+    addDevice,
+    burnDevice,
+    requestBurn,
+    confirmBurn,
     lockHardware,
     registerOperatorEmail,
     signChallenge,

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AACxG,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAoB,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAsB,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,+BAA+B,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EACL,qBAAqB,EACrB,OAAO,EAEP,YAAY,EAEZ,SAAS,EACT,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,8BAA8B,EAC9B,sBAAsB,GAOvB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,WAAW,EACX,YAAY,EACZ,qBAAqB,GAItB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,GAGhC,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,kBAAkB,EAClB,mCAAmC,EACnC,iCAAiC,EACjC,wCAAwC,EACxC,2CAA2C,EAC3C,mCAAmC,EACnC,4CAA4C,EAC5C,2CAA2C,EAC3C,0CAA0C,EAC1C,4CAA4C,GAI7C,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EACL,IAAI,IAAI,YAAY,EACpB,QAAQ,IAAI,gBAAgB,EAC5B,KAAK,IAAI,aAAa,EACtB,iBAAiB,IAAI,yBAAyB,GAS/C,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,GAIxB,MAAM,yBAAyB,CAAC;AAEjC,kCAAkC;AAClC,OAAO,EACL,UAAU,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,6BAA6B,EAC7B,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,iBAAiB,CAAC;AAEzB,4BAA4B;AAC5B,OAAO,EACL,SAAS,EACT,YAAY,EACZ,OAAO,EACP,qBAAqB,EAIrB,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,CAAC;AAEF,+BAA+B;AAC/B,OAAO,EAOL,sBAAsB,GACvB,CAAC;AASF,kDAAkD;AAClD,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,GAGhC,CAAC;AAEF,mDAAmD;AACnD,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,GAIxB,CAAC;AAEF,4CAA4C;AAC5C,OAAO,EACL,kBAAkB,EAClB,mCAAmC,EACnC,iCAAiC,EACjC,wCAAwC,EACxC,2CAA2C,EAC3C,mCAAmC,EACnC,4CAA4C,EAC5C,2CAA2C,EAC3C,0CAA0C,EAC1C,4CAA4C,GAI7C,CAAC;AAcF,qFAAqF;AACrF,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,IAAI,EAAE,YAAY;IAClB,QAAQ,EAAE,gBAAgB;IAC1B,KAAK,EAAE,aAAa;IACpB,iBAAiB,EAAE,yBAAyB;CAC7C,CAAC;AAEF,0BAA0B;AAC1B,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B;;;;;;;GAOG;AACH,MAAM,UAAU,MAAM;IACpB,MAAM,KAAK,GAAG,gBAAgB,EAAE,CAAC;IAEjC,qBAAqB;IACrB,IAAI,UAAqB,CAAC;IAC1B,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAa,CAAC;IACzD,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3C,UAAU,GAAG,KAAK,CAAC,UAAuB,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,UAAU,GAAG,SAAS,CAAC,QAAQ,CAAC;IAClC,CAAC;IAED,wBAAwB;IACxB,IAAI,aAA2B,CAAC;IAChC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,CAAa,CAAC;IACjE,IAAI,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;QACnD,aAAa,GAAG,KAAK,CAAC,aAA6B,CAAC;IACtD,CAAC;SAAM,CAAC;QACN,aAAa,GAAG,qBAAqB,CAAC;IACxC,CAAC;IAED,oBAAoB;IACpB,IAAI,WAAiB,CAAC;IACtB,IAAI,CAAC;QACH,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7E,CAAC;IAAC,MAAM,CAAC;QACP,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,MAAM,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC;IACpC,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC;IAE7E,sCAAsC;IACtC,IAAI,QAAQ,GAAmB,IAAI,CAAC;IACpC,IAAI,KAAK,CAAC,eAAe,IAAI,IAAI,EAAE,CAAC;QAClC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAC9B,CAAC;SAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,IAAI,EAAE,CAAC;QAC3C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC;IACzB,CAAC;IAED,OAAO;QACL,WAAW;QACX,MAAM;QACN,UAAU;QACV,QAAQ;QACR,gBAAgB,EAAE,IAAI;QACtB,WAAW;QACX,YAAY,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7C,aAAa;QACb,kBAAkB,EAAE,KAAK,CAAC,kBAAkB,IAAI,IAAI;QACpD,YAAY,EAAE,KAAK,CAAC,YAAY,IAAI,IAAI;KACzC,CAAC;AACJ,CAAC;AAUD;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAoC;IAEpC,IAAI,iBAAiB,EAAE,EAAE,CAAC;QACxB,OAAO,MAAM,EAAE,CAAC;IAClB,CAAC;IAED,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;QACtB,MAAM,EAAE,gBAAgB,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC1E,MAAM,IAAI,WAAW,CACnB,yCAAyC;YACzC,iEAAiE;YACjE,yDAAyD;YACzD,4BAA4B,CAC7B,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;QACZ,YAAY,EAAE,OAAO,EAAE,YAAY,IAAI,IAAI;QAC3C,cAAc,EAAE,OAAO,EAAE,cAAc,IAAI,IAAI;QAC/C,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,IAAI,IAAI;QACnD,YAAY,EAAE,OAAO,EAAE,YAAY;KACpC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM;IAC1B,OAAO,8BAA8B,EAAE,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,OAAO;IACrB,kBAAkB,EAAE,CAAC;AACvB,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS;IAC7B,MAAM,EAAE,kCAAkC,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,MAAM,kCAAkC,EAAE,CAAC;IAC1D,OAAQ,MAAM,CAAC,EAAc,IAAI,KAAK,CAAC;AACzC,CAAC;AAED,2BAA2B;AAC3B,OAAO,EACL,MAAM,EACN,SAAS,IAAI,QAAQ,EACrB,SAAS,EACT,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EACjB,+BAA+B,EAC/B,WAAW,EACX,YAAY,EACZ,qBAAqB,GACtB,CAAC;AAEF,MAAM,KAAK,GAAG;IACZ,MAAM;IACN,mBAAmB;IACnB,MAAM;IACN,QAAQ,EAAE,SAAS;IACnB,SAAS;IACT,MAAM;IACN,OAAO;IACP,SAAS;IACT,iBAAiB;IACjB,qBAAqB;IACrB,qBAAqB;IACrB,+BAA+B;IAC/B,kBAAkB;IAClB,iCAAiC;IACjC,sBAAsB;IACtB,WAAW;IACX,YAAY;IACZ,qBAAqB;IACrB,aAAa;IACb,kBAAkB;IAClB,mBAAmB;IACnB,eAAe;IACf,oBAAoB;IACpB,sBAAsB;IACtB,8BAA8B;IAC9B,uBAAuB;IACvB,kBAAkB;IAClB,mCAAmC;IACnC,iCAAiC;IACjC,wCAAwC;IACxC,2CAA2C;IAC3C,mCAAmC;IACnC,4CAA4C;IAC5C,2CAA2C;IAC3C,0CAA0C;IAC1C,4CAA4C;IAC5C,OAAO;IACP,OAAO;IACP,SAAS;IACT,YAAY;IACZ,OAAO;IACP,qBAAqB;CACtB,CAAC;AAEF,eAAe,KAAK,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AACxG,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAoB,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAsB,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,+BAA+B,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EACL,qBAAqB,EACrB,OAAO,EAEP,YAAY,EAEZ,SAAS,EACT,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,8BAA8B,EAC9B,sBAAsB,GAOvB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,WAAW,EACX,SAAS,EACT,UAAU,EACV,WAAW,EACX,WAAW,EACX,YAAY,EACZ,qBAAqB,EACrB,qBAAqB,GAOtB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,GAGhC,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,kBAAkB,EAClB,mCAAmC,EACnC,iCAAiC,EACjC,wCAAwC,EACxC,2CAA2C,EAC3C,mCAAmC,EACnC,4CAA4C,EAC5C,2CAA2C,EAC3C,0CAA0C,EAC1C,4CAA4C,GAI7C,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EACL,IAAI,IAAI,YAAY,EACpB,QAAQ,IAAI,gBAAgB,EAC5B,KAAK,IAAI,aAAa,EACtB,iBAAiB,IAAI,yBAAyB,GAS/C,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,GAIxB,MAAM,yBAAyB,CAAC;AAEjC,kCAAkC;AAClC,OAAO,EACL,UAAU,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,6BAA6B,EAC7B,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,iBAAiB,CAAC;AAEzB,4BAA4B;AAC5B,OAAO,EACL,SAAS,EACT,YAAY,EACZ,OAAO,EACP,qBAAqB,EAIrB,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,CAAC;AAEF,+BAA+B;AAC/B,OAAO,EAOL,sBAAsB,GACvB,CAAC;AAEF,8CAA8C;AAC9C,OAAO,EACL,qBAAqB,GAOtB,CAAC;AAEF,kDAAkD;AAClD,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,GAGhC,CAAC;AAEF,mDAAmD;AACnD,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,GAIxB,CAAC;AAEF,4CAA4C;AAC5C,OAAO,EACL,kBAAkB,EAClB,mCAAmC,EACnC,iCAAiC,EACjC,wCAAwC,EACxC,2CAA2C,EAC3C,mCAAmC,EACnC,4CAA4C,EAC5C,2CAA2C,EAC3C,0CAA0C,EAC1C,4CAA4C,GAI7C,CAAC;AAcF,qFAAqF;AACrF,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,IAAI,EAAE,YAAY;IAClB,QAAQ,EAAE,gBAAgB;IAC1B,KAAK,EAAE,aAAa;IACpB,iBAAiB,EAAE,yBAAyB;CAC7C,CAAC;AAEF,0BAA0B;AAC1B,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B;;;;;;;GAOG;AACH,MAAM,UAAU,MAAM;IACpB,MAAM,KAAK,GAAG,gBAAgB,EAAE,CAAC;IAEjC,qBAAqB;IACrB,IAAI,UAAqB,CAAC;IAC1B,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAa,CAAC;IACzD,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3C,UAAU,GAAG,KAAK,CAAC,UAAuB,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,UAAU,GAAG,SAAS,CAAC,QAAQ,CAAC;IAClC,CAAC;IAED,wBAAwB;IACxB,IAAI,aAA2B,CAAC;IAChC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,CAAa,CAAC;IACjE,IAAI,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;QACnD,aAAa,GAAG,KAAK,CAAC,aAA6B,CAAC;IACtD,CAAC;SAAM,CAAC;QACN,aAAa,GAAG,qBAAqB,CAAC;IACxC,CAAC;IAED,oBAAoB;IACpB,IAAI,WAAiB,CAAC;IACtB,IAAI,CAAC;QACH,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7E,CAAC;IAAC,MAAM,CAAC;QACP,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,MAAM,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC;IACpC,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC;IAE7E,sCAAsC;IACtC,IAAI,QAAQ,GAAmB,IAAI,CAAC;IACpC,IAAI,KAAK,CAAC,eAAe,IAAI,IAAI,EAAE,CAAC;QAClC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAC9B,CAAC;SAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,IAAI,EAAE,CAAC;QAC3C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC;IACzB,CAAC;IAED,OAAO;QACL,WAAW;QACX,MAAM;QACN,UAAU;QACV,QAAQ;QACR,gBAAgB,EAAE,IAAI;QACtB,WAAW;QACX,YAAY,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7C,aAAa;QACb,kBAAkB,EAAE,KAAK,CAAC,kBAAkB,IAAI,IAAI;QACpD,YAAY,EAAE,KAAK,CAAC,YAAY,IAAI,IAAI;KACzC,CAAC;AACJ,CAAC;AAUD;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAoC;IAEpC,IAAI,iBAAiB,EAAE,EAAE,CAAC;QACxB,OAAO,MAAM,EAAE,CAAC;IAClB,CAAC;IAED,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;QACtB,MAAM,EAAE,gBAAgB,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC1E,MAAM,IAAI,WAAW,CACnB,yCAAyC;YACzC,iEAAiE;YACjE,yDAAyD;YACzD,4BAA4B,CAC7B,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;QACZ,YAAY,EAAE,OAAO,EAAE,YAAY,IAAI,IAAI;QAC3C,cAAc,EAAE,OAAO,EAAE,cAAc,IAAI,IAAI;QAC/C,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,IAAI,IAAI;QACnD,YAAY,EAAE,OAAO,EAAE,YAAY;KACpC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM;IAC1B,OAAO,8BAA8B,EAAE,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,OAAO;IACrB,kBAAkB,EAAE,CAAC;AACvB,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS;IAC7B,MAAM,EAAE,kCAAkC,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,MAAM,kCAAkC,EAAE,CAAC;IAC1D,OAAQ,MAAM,CAAC,EAAc,IAAI,KAAK,CAAC;AACzC,CAAC;AAED,2BAA2B;AAC3B,OAAO,EACL,MAAM,EACN,SAAS,IAAI,QAAQ,EACrB,SAAS,EACT,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EACjB,+BAA+B,EAC/B,WAAW,EACX,SAAS,EACT,UAAU,EACV,WAAW,EACX,WAAW,EACX,YAAY,EACZ,qBAAqB,GACtB,CAAC;AAEF,MAAM,KAAK,GAAG;IACZ,MAAM;IACN,mBAAmB;IACnB,MAAM;IACN,QAAQ,EAAE,SAAS;IACnB,SAAS;IACT,MAAM;IACN,OAAO;IACP,SAAS;IACT,iBAAiB;IACjB,qBAAqB;IACrB,qBAAqB;IACrB,+BAA+B;IAC/B,kBAAkB;IAClB,iCAAiC;IACjC,sBAAsB;IACtB,WAAW;IACX,SAAS;IACT,UAAU;IACV,WAAW;IACX,WAAW;IACX,YAAY;IACZ,qBAAqB;IACrB,aAAa;IACb,kBAAkB;IAClB,mBAAmB;IACnB,eAAe;IACf,oBAAoB;IACpB,sBAAsB;IACtB,8BAA8B;IAC9B,uBAAuB;IACvB,kBAAkB;IAClB,mCAAmC;IACnC,iCAAiC;IACjC,wCAAwC;IACxC,2CAA2C;IAC3C,mCAAmC;IACnC,4CAA4C;IAC5C,2CAA2C;IAC3C,0CAA0C;IAC1C,4CAA4C;IAC5C,OAAO;IACP,OAAO;IACP,SAAS;IACT,YAAY;IACZ,OAAO;IACP,qBAAqB;CACtB,CAAC;AAEF,eAAe,KAAK,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "1id",
-  "version": "1.5.0",
+  "version": "1.6.0",
   "description": "Hardware-anchored identity SDK for AI agents -- 1id.com",
   "keywords": [
     "identity",