@aamp/protocol 1.1.0

package/dist/src/agent.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Layer 2: Agent SDK
+ */
+import { AccessPurpose, SignedAccessRequest, FeedbackSignal, QualityFlag } from './types';
+export interface AccessOptions {
+    adsDisplayed?: boolean;
+}
+export declare class AAMPAgent {
+    private keyPair;
+    agentId: string;
+    /**
+     * Initialize the Agent Identity (Ephemeral or Persisted)
+     * @param customAgentId Optional persistent ID for this agent. If omitted, generates a session ID.
+     */
+    initialize(customAgentId?: string): Promise<void>;
+    createAccessRequest(resource: string, purpose: AccessPurpose, options?: AccessOptions): Promise<SignedAccessRequest>;
+    /**
+     * NEW IN V1.1: Quality Feedback Loop
+     * Allows the Agent to report spam or verify quality of a resource.
+     */
+    generateFeedback(resource: string, score: number, flags: QualityFlag[]): Promise<{
+        signal: FeedbackSignal;
+        signature: string;
+    }>;
+}

package/dist/src/agent.js

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AAMPAgent = void 0;
+const crypto_1 = require("./crypto");
+const constants_1 = require("./constants");
+class AAMPAgent {
+    constructor() {
+        this.keyPair = null;
+        this.agentId = "pending";
+    }
+    /**
+     * Initialize the Agent Identity (Ephemeral or Persisted)
+     * @param customAgentId Optional persistent ID for this agent. If omitted, generates a session ID.
+     */
+    async initialize(customAgentId) {
+        this.keyPair = await (0, crypto_1.generateKeyPair)();
+        // Use the provided ID (authentic) or generate a session ID (ephemeral)
+        this.agentId = customAgentId || "agent_" + Math.random().toString(36).substring(7);
+    }
+    async createAccessRequest(resource, purpose, options = {}) {
+        if (!this.keyPair)
+            throw new Error("Agent not initialized. Call initialize() first.");
+        const header = {
+            v: constants_1.AAMP_VERSION,
+            ts: new Date().toISOString(),
+            agent_id: this.agentId,
+            resource,
+            purpose,
+            context: {
+                ads_displayed: options.adsDisplayed || false
+            }
+        };
+        const signature = await (0, crypto_1.signData)(this.keyPair.privateKey, JSON.stringify(header));
+        const publicKeyExport = await (0, crypto_1.exportPublicKey)(this.keyPair.publicKey);
+        return { header, signature, publicKey: publicKeyExport };
+    }
+    /**
+     * NEW IN V1.1: Quality Feedback Loop
+     * Allows the Agent to report spam or verify quality of a resource.
+     */
+    async generateFeedback(resource, score, flags) {
+        if (!this.keyPair)
+            throw new Error("Agent not initialized.");
+        const signal = {
+            target_resource: resource,
+            agent_id: this.agentId,
+            quality_score: Math.max(0, Math.min(1, score)),
+            flags,
+            timestamp: new Date().toISOString()
+        };
+        const signature = await (0, crypto_1.signData)(this.keyPair.privateKey, JSON.stringify(signal));
+        return { signal, signature };
+    }
+}
+exports.AAMPAgent = AAMPAgent;

package/dist/src/constants.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Layer 1: Protocol Constants
+ * These values are immutable and defined by the AAMP Specification.
+ */
+export declare const AAMP_VERSION = "1.1";
+export declare const HEADERS: {
+    readonly PAYLOAD: "x-aamp-payload";
+    readonly SIGNATURE: "x-aamp-signature";
+    readonly PUBLIC_KEY: "x-aamp-public-key";
+    readonly AGENT_ID: "x-aamp-agent-id";
+    readonly TIMESTAMP: "x-aamp-timestamp";
+    readonly ALGORITHM: "x-aamp-alg";
+    readonly CONTENT_ORIGIN: "x-aamp-content-origin";
+    readonly PROVENANCE_SIG: "x-aamp-provenance-sig";
+};
+export declare const CRYPTO_CONFIG: {
+    readonly ALGORITHM_NAME: "ECDSA";
+    readonly CURVE: "P-256";
+    readonly HASH: "SHA-256";
+};
+export declare const MAX_CLOCK_SKEW_MS: number;

package/dist/src/constants.js

@@ -0,0 +1,32 @@
+"use strict";
+/**
+ * Layer 1: Protocol Constants
+ * These values are immutable and defined by the AAMP Specification.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MAX_CLOCK_SKEW_MS = exports.CRYPTO_CONFIG = exports.HEADERS = exports.AAMP_VERSION = void 0;
+exports.AAMP_VERSION = '1.1';
+// HTTP Headers used for the handshake
+exports.HEADERS = {
+    // Transport: The signed payload (Base64 encoded JSON of ProtocolHeader)
+    PAYLOAD: 'x-aamp-payload',
+    // Transport: The cryptographic signature (Hex)
+    SIGNATURE: 'x-aamp-signature',
+    // Transport: The Agent's Public Key (Base64 SPKI)
+    PUBLIC_KEY: 'x-aamp-public-key',
+    // Informational / Legacy (Optional if Payload is present)
+    AGENT_ID: 'x-aamp-agent-id',
+    TIMESTAMP: 'x-aamp-timestamp',
+    ALGORITHM: 'x-aamp-alg',
+    // v1.1 Addition: Provenance (Server to Agent)
+    CONTENT_ORIGIN: 'x-aamp-content-origin',
+    PROVENANCE_SIG: 'x-aamp-provenance-sig'
+};
+// Cryptographic Settings
+exports.CRYPTO_CONFIG = {
+    ALGORITHM_NAME: 'ECDSA',
+    CURVE: 'P-256',
+    HASH: 'SHA-256',
+};
+// Tolerance
+exports.MAX_CLOCK_SKEW_MS = 5 * 60 * 1000; // 5 minutes

package/dist/src/crypto.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Layer 1: Cryptographic Primitives
+ * Implementation of ECDSA P-256 signing/verification.
+ */
+export declare function generateKeyPair(): Promise<CryptoKeyPair>;
+export declare function signData(privateKey: CryptoKey, data: string): Promise<string>;
+export declare function verifySignature(publicKey: CryptoKey, data: string, signatureHex: string): Promise<boolean>;
+export declare function exportPublicKey(key: CryptoKey): Promise<string>;

package/dist/src/crypto.js

@@ -0,0 +1,39 @@
+"use strict";
+/**
+ * Layer 1: Cryptographic Primitives
+ * Implementation of ECDSA P-256 signing/verification.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateKeyPair = generateKeyPair;
+exports.signData = signData;
+exports.verifySignature = verifySignature;
+exports.exportPublicKey = exportPublicKey;
+async function generateKeyPair() {
+    // Uses standard Web Crypto API (Node 19+ compatible)
+    return await crypto.subtle.generateKey({ name: "ECDSA", namedCurve: "P-256" }, true, ["sign", "verify"]);
+}
+async function signData(privateKey, data) {
+    const encoder = new TextEncoder();
+    const encoded = encoder.encode(data);
+    const signature = await crypto.subtle.sign({ name: "ECDSA", hash: { name: "SHA-256" } }, privateKey, encoded);
+    return bufToHex(signature);
+}
+async function verifySignature(publicKey, data, signatureHex) {
+    const encoder = new TextEncoder();
+    const encodedData = encoder.encode(data);
+    const signatureBytes = hexToBuf(signatureHex);
+    return await crypto.subtle.verify({ name: "ECDSA", hash: { name: "SHA-256" } }, publicKey, signatureBytes, encodedData);
+}
+async function exportPublicKey(key) {
+    const exported = await crypto.subtle.exportKey("spki", key);
+    return btoa(String.fromCharCode(...new Uint8Array(exported)));
+}
+// Helpers
+function bufToHex(buffer) {
+    return Array.from(new Uint8Array(buffer))
+        .map(b => b.toString(16).padStart(2, '0'))
+        .join('');
+}
+function hexToBuf(hex) {
+    return new Uint8Array(hex.match(/.{1,2}/g).map(byte => parseInt(byte, 16)));
+}

package/dist/src/express.d.ts

@@ -0,0 +1,20 @@
+import { AccessPolicy, ContentOrigin } from './types';
+export interface AAMPConfig {
+    policy: Omit<AccessPolicy, 'version'>;
+    meta: {
+        origin: keyof typeof ContentOrigin;
+        paymentPointer?: string;
+    };
+}
+export declare class AAMP {
+    private publisher;
+    private origin;
+    private ready;
+    private constructor();
+    static init(config: AAMPConfig): AAMP;
+    /**
+     * Express Middleware
+     */
+    middleware(): (req: any, res: any, next: any) => Promise<void>;
+    discoveryHandler(): (req: any, res: any) => void;
+}

package/dist/src/express.js

@@ -0,0 +1,75 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AAMP = void 0;
+/**
+ * Layer 3: Framework Adapters
+ * Zero-friction integration for Express/Node.js.
+ */
+const publisher_1 = require("./publisher");
+const types_1 = require("./types");
+const crypto_1 = require("./crypto");
+const constants_1 = require("./constants");
+class AAMP {
+    constructor(config) {
+        this.publisher = new publisher_1.AAMPPublisher({
+            version: '1.1',
+            ...config.policy
+        });
+        this.origin = types_1.ContentOrigin[config.meta.origin];
+        this.ready = (0, crypto_1.generateKeyPair)().then(keys => {
+            return this.publisher.initialize(keys);
+        });
+    }
+    static init(config) {
+        return new AAMP(config);
+    }
+    /**
+     * Express Middleware
+     */
+    middleware() {
+        return async (req, res, next) => {
+            await this.ready;
+            // 1. Inject Provenance Headers (Passive Protection)
+            const headers = await this.publisher.generateResponseHeaders(this.origin);
+            Object.entries(headers).forEach(([k, v]) => {
+                res.setHeader(k, v);
+            });
+            // 2. Active Verification (If Agent sends signed headers)
+            const payloadHeader = req.headers[constants_1.HEADERS.PAYLOAD];
+            const sigHeader = req.headers[constants_1.HEADERS.SIGNATURE];
+            const keyHeader = req.headers[constants_1.HEADERS.PUBLIC_KEY];
+            if (payloadHeader && sigHeader && keyHeader) {
+                try {
+                    const headerJson = atob(payloadHeader); // RAW STRING
+                    const requestHeader = JSON.parse(headerJson);
+                    const signedRequest = {
+                        header: requestHeader,
+                        signature: sigHeader,
+                        publicKey: keyHeader
+                    };
+                    const agentKey = await crypto.subtle.importKey("spki", new Uint8Array(atob(keyHeader).split('').map(c => c.charCodeAt(0))), { name: "ECDSA", namedCurve: "P-256" }, true, ["verify"]);
+                    // Pass raw headerJson to ensure signature matches exactly what was signed
+                    const result = await this.publisher.verifyRequest(signedRequest, agentKey, headerJson);
+                    if (!result.allowed) {
+                        res.status(403).json({ error: result.reason });
+                        return;
+                    }
+                    // Verified!
+                    req.aamp = { verified: true, ...requestHeader };
+                }
+                catch (e) {
+                    res.status(400).json({ error: "Invalid AAMP Signature" });
+                    return;
+                }
+            }
+            next();
+        };
+    }
+    discoveryHandler() {
+        return (req, res) => {
+            res.setHeader('Content-Type', 'application/json');
+            res.send(JSON.stringify(this.publisher.getPolicy(), null, 2));
+        };
+    }
+}
+exports.AAMP = AAMP;

package/dist/src/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * AAMP SDK Public API
+ *
+ * This is the main entry point for the library.
+ */
+export * from './types';
+export * from './constants';
+export * from './agent';
+export * from './publisher';
+export * from './crypto';
+export * from './express';
+export { AAMPNext } from './nextjs';

package/dist/src/index.js

@@ -0,0 +1,30 @@
+"use strict";
+/**
+ * AAMP SDK Public API
+ *
+ * This is the main entry point for the library.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AAMPNext = void 0;
+__exportStar(require("./types"), exports);
+__exportStar(require("./constants"), exports);
+__exportStar(require("./agent"), exports);
+__exportStar(require("./publisher"), exports);
+__exportStar(require("./crypto"), exports);
+__exportStar(require("./express"), exports); // Node.js / Express Adapter
+var nextjs_1 = require("./nextjs"); // Serverless / Next.js Adapter
+Object.defineProperty(exports, "AAMPNext", { enumerable: true, get: function () { return nextjs_1.AAMPNext; } });

package/dist/src/nextjs.d.ts

@@ -0,0 +1,23 @@
+import { AccessPolicy, ContentOrigin } from './types';
+type NextRequest = any;
+type NextResponse = any;
+export interface AAMPConfig {
+    policy: Omit<AccessPolicy, 'version'>;
+    meta: {
+        origin: keyof typeof ContentOrigin;
+        paymentPointer?: string;
+    };
+}
+export declare class AAMPNext {
+    private publisher;
+    private origin;
+    private ready;
+    private constructor();
+    static init(config: AAMPConfig): AAMPNext;
+    /**
+     * Serverless Route Wrapper
+     */
+    withProtection(handler: (req: NextRequest) => Promise<NextResponse>): (req: NextRequest) => Promise<any>;
+    discoveryHandler(): () => Promise<Response>;
+}
+export {};

package/dist/src/nextjs.js

@@ -0,0 +1,78 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AAMPNext = void 0;
+/**
+ * Layer 3: Framework Adapters
+ * Serverless integration for Next.js (App Router & API Routes).
+ */
+const publisher_1 = require("./publisher");
+const types_1 = require("./types");
+const crypto_1 = require("./crypto");
+const constants_1 = require("./constants");
+const createJsonResponse = (body, status = 200) => {
+    return new Response(JSON.stringify(body), {
+        status,
+        headers: { 'Content-Type': 'application/json' }
+    });
+};
+class AAMPNext {
+    constructor(config) {
+        this.publisher = new publisher_1.AAMPPublisher({
+            version: '1.1',
+            ...config.policy
+        });
+        this.origin = types_1.ContentOrigin[config.meta.origin];
+        this.ready = (0, crypto_1.generateKeyPair)().then(keys => this.publisher.initialize(keys));
+    }
+    static init(config) {
+        return new AAMPNext(config);
+    }
+    /**
+     * Serverless Route Wrapper
+     */
+    withProtection(handler) {
+        return async (req) => {
+            await this.ready;
+            // 1. Active Verification
+            const payloadHeader = req.headers.get(constants_1.HEADERS.PAYLOAD);
+            const sigHeader = req.headers.get(constants_1.HEADERS.SIGNATURE);
+            const keyHeader = req.headers.get(constants_1.HEADERS.PUBLIC_KEY);
+            if (payloadHeader && sigHeader && keyHeader) {
+                try {
+                    const headerJson = atob(payloadHeader); // RAW STRING
+                    const requestHeader = JSON.parse(headerJson);
+                    const signedRequest = {
+                        header: requestHeader,
+                        signature: sigHeader,
+                        publicKey: keyHeader
+                    };
+                    const agentKey = await crypto.subtle.importKey("spki", new Uint8Array(atob(keyHeader).split('').map(c => c.charCodeAt(0))), { name: "ECDSA", namedCurve: "P-256" }, true, ["verify"]);
+                    // Pass raw headerJson to ensure signature matches exactly what was signed
+                    const result = await this.publisher.verifyRequest(signedRequest, agentKey, headerJson);
+                    if (!result.allowed) {
+                        return createJsonResponse({ error: result.reason }, 403);
+                    }
+                }
+                catch (e) {
+                    return createJsonResponse({ error: "Invalid AAMP Signature" }, 400);
+                }
+            }
+            // 2. Execute Handler
+            const response = await handler(req);
+            // 3. Inject Provenance Headers (Passive)
+            const aampHeaders = await this.publisher.generateResponseHeaders(this.origin);
+            if (response && response.headers) {
+                Object.entries(aampHeaders).forEach(([k, v]) => {
+                    response.headers.set(k, v);
+                });
+            }
+            return response;
+        };
+    }
+    discoveryHandler() {
+        return async () => {
+            return createJsonResponse(this.publisher.getPolicy());
+        };
+    }
+}
+exports.AAMPNext = AAMPNext;

package/dist/src/publisher.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Layer 2: Publisher Middleware
+ * Used by content owners to enforce policy and log access.
+ */
+import { AccessPolicy, SignedAccessRequest, ContentOrigin, FeedbackSignal } from './types';
+export interface VerificationResult {
+    allowed: boolean;
+    reason: string;
+    responseHeaders?: Record<string, string>;
+}
+export declare class AAMPPublisher {
+    private policy;
+    private keyPair;
+    constructor(policy: AccessPolicy);
+    initialize(keyPair: CryptoKeyPair): Promise<void>;
+    getPolicy(): AccessPolicy;
+    /**
+     * Verifies an incoming AI access request.
+     *
+     * @param request The parsed request object
+     * @param requestPublicKey The agent's public key
+     * @param rawPayload (Optional) The raw string received over the wire. REQUIRED for robust verification.
+     */
+    verifyRequest(request: SignedAccessRequest, requestPublicKey: CryptoKey, rawPayload?: string): Promise<VerificationResult>;
+    /**
+     * Verifies a Feedback Signal (Spam Report) from an Agent.
+     * Part of the AAMP Immune System.
+     */
+    verifyFeedback(signal: FeedbackSignal, signature: string, agentPublicKey: CryptoKey): Promise<boolean>;
+    generateResponseHeaders(origin: ContentOrigin): Promise<Record<string, string>>;
+}

package/dist/src/publisher.js

@@ -0,0 +1,84 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AAMPPublisher = void 0;
+/**
+ * Layer 2: Publisher Middleware
+ * Used by content owners to enforce policy and log access.
+ */
+const types_1 = require("./types");
+const crypto_1 = require("./crypto");
+const constants_1 = require("./constants");
+class AAMPPublisher {
+    constructor(policy) {
+        this.keyPair = null;
+        this.policy = policy;
+    }
+    // Publishers now need keys too, to sign their Content Origin declarations
+    async initialize(keyPair) {
+        this.keyPair = keyPair;
+    }
+    getPolicy() {
+        return this.policy;
+    }
+    /**
+     * Verifies an incoming AI access request.
+     *
+     * @param request The parsed request object
+     * @param requestPublicKey The agent's public key
+     * @param rawPayload (Optional) The raw string received over the wire. REQUIRED for robust verification.
+     */
+    async verifyRequest(request, requestPublicKey, rawPayload) {
+        // 1. Replay Attack Prevention (Timestamp Check)
+        const requestTime = new Date(request.header.ts).getTime();
+        const now = Date.now();
+        if (Math.abs(now - requestTime) > constants_1.MAX_CLOCK_SKEW_MS) {
+            return { allowed: false, reason: 'TIMESTAMP_INVALID: Clock skew exceeded.' };
+        }
+        // 2. Policy Enforcement (Usage Type)
+        // STRICT CHECK: Training
+        if (request.header.purpose === types_1.AccessPurpose.CRAWL_TRAINING && !this.policy.allowTraining) {
+            return { allowed: false, reason: 'POLICY_DENIED: Training not allowed by site owner.' };
+        }
+        // STRICT CHECK: RAG / Retrieval
+        if (request.header.purpose === types_1.AccessPurpose.RAG_RETRIEVAL && !this.policy.allowRAG) {
+            return { allowed: false, reason: 'POLICY_DENIED: RAG Retrieval not allowed.' };
+        }
+        // 3. Economic Policy Enforcement
+        if (this.policy.requiresPayment) {
+            const isExemptViaAds = this.policy.allowAdSupportedAccess && request.header.context.ads_displayed;
+            if (!isExemptViaAds) {
+                return {
+                    allowed: false,
+                    reason: 'PAYMENT_REQUIRED: Site requires payment or ad-supported access.'
+                };
+            }
+        }
+        // 4. Cryptographic Verification (The "Proof")
+        // CRITICAL: We prefer the rawPayload if available to avoid JSON parsing/stringify mismatches.
+        const signableString = rawPayload || JSON.stringify(request.header);
+        const isValid = await (0, crypto_1.verifySignature)(requestPublicKey, signableString, request.signature);
+        if (!isValid) {
+            return { allowed: false, reason: 'CRYPTO_FAIL: Signature verification failed.' };
+        }
+        return { allowed: true, reason: 'OK' };
+    }
+    /**
+     * Verifies a Feedback Signal (Spam Report) from an Agent.
+     * Part of the AAMP Immune System.
+     */
+    async verifyFeedback(signal, signature, agentPublicKey) {
+        const signableString = JSON.stringify(signal);
+        return await (0, crypto_1.verifySignature)(agentPublicKey, signableString, signature);
+    }
+    async generateResponseHeaders(origin) {
+        if (!this.keyPair)
+            throw new Error("Publisher keys not initialized");
+        const payload = JSON.stringify({ origin, ts: Date.now() });
+        const signature = await (0, crypto_1.signData)(this.keyPair.privateKey, payload);
+        return {
+            [constants_1.HEADERS.CONTENT_ORIGIN]: origin,
+            [constants_1.HEADERS.PROVENANCE_SIG]: signature
+        };
+    }
+}
+exports.AAMPPublisher = AAMPPublisher;

package/dist/src/types.d.ts

@@ -0,0 +1,81 @@
+/**
+ * Layer 1: Protocol Definitions
+ * Shared types used by both Agent and Publisher.
+ */
+export declare enum AccessPurpose {
+    CRAWL_TRAINING = "CRAWL_TRAINING",
+    RAG_RETRIEVAL = "RAG_RETRIEVAL",
+    SUMMARY = "SUMMARY",
+    QUOTATION = "QUOTATION",
+    EMBEDDING = "EMBEDDING"
+}
+export declare enum ContentOrigin {
+    HUMAN = "HUMAN",// Created by humans. High training value.
+    SYNTHETIC = "SYNTHETIC",// Created by AI. Risk of model collapse.
+    HYBRID = "HYBRID"
+}
+export declare enum QualityFlag {
+    SEO_SPAM = "SEO_SPAM",
+    INACCURATE = "INACCURATE",
+    HATE_SPEECH = "HATE_SPEECH",
+    HIGH_QUALITY = "HIGH_QUALITY"
+}
+/**
+ * Optional Rate Limiting (The Speed Limit)
+ * Defines technical boundaries for the handshake.
+ */
+export interface RateLimitConfig {
+    requestsPerMinute: number;
+    tokensPerMinute?: number;
+}
+/**
+ * Optional Monetization (The Settlement Layer)
+ *
+ * AAMP is neutral. Settlement can happen via:
+ * 1. BROKER: A 3rd party clearing house (e.g., "AI-AdSense").
+ * 2. CRYPTO: Direct on-chain settlement.
+ * 3. TREATY: A private legal contract signed offline (Enterprise).
+ */
+export interface MonetizationConfig {
+    method: 'BROKER' | 'CRYPTO' | 'PRIVATE_TREATY';
+    /**
+     * The destination for settlement.
+     * - If BROKER: The API URL of the clearing house.
+     * - If CRYPTO: The wallet address.
+     * - If TREATY: The Contract ID or "Contact Sales".
+     */
+    location: string;
+}
+export interface AccessPolicy {
+    version: '1.1';
+    allowTraining: boolean;
+    allowRAG: boolean;
+    attributionRequired: boolean;
+    allowAdSupportedAccess: boolean;
+    requiresPayment: boolean;
+    paymentPointer?: string;
+    rateLimit?: RateLimitConfig;
+    monetization?: MonetizationConfig;
+}
+export interface ProtocolHeader {
+    v: '1.1';
+    ts: string;
+    agent_id: string;
+    resource: string;
+    purpose: AccessPurpose;
+    context: {
+        ads_displayed: boolean;
+    };
+}
+export interface SignedAccessRequest {
+    header: ProtocolHeader;
+    signature: string;
+    publicKey?: string;
+}
+export interface FeedbackSignal {
+    target_resource: string;
+    agent_id: string;
+    quality_score: number;
+    flags: QualityFlag[];
+    timestamp: string;
+}

package/dist/src/types.js

@@ -0,0 +1,28 @@
+"use strict";
+/**
+ * Layer 1: Protocol Definitions
+ * Shared types used by both Agent and Publisher.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.QualityFlag = exports.ContentOrigin = exports.AccessPurpose = void 0;
+var AccessPurpose;
+(function (AccessPurpose) {
+    AccessPurpose["CRAWL_TRAINING"] = "CRAWL_TRAINING";
+    AccessPurpose["RAG_RETRIEVAL"] = "RAG_RETRIEVAL";
+    AccessPurpose["SUMMARY"] = "SUMMARY";
+    AccessPurpose["QUOTATION"] = "QUOTATION";
+    AccessPurpose["EMBEDDING"] = "EMBEDDING";
+})(AccessPurpose || (exports.AccessPurpose = AccessPurpose = {}));
+var ContentOrigin;
+(function (ContentOrigin) {
+    ContentOrigin["HUMAN"] = "HUMAN";
+    ContentOrigin["SYNTHETIC"] = "SYNTHETIC";
+    ContentOrigin["HYBRID"] = "HYBRID"; // Edited by humans, drafted by AI.
+})(ContentOrigin || (exports.ContentOrigin = ContentOrigin = {}));
+var QualityFlag;
+(function (QualityFlag) {
+    QualityFlag["SEO_SPAM"] = "SEO_SPAM";
+    QualityFlag["INACCURATE"] = "INACCURATE";
+    QualityFlag["HATE_SPEECH"] = "HATE_SPEECH";
+    QualityFlag["HIGH_QUALITY"] = "HIGH_QUALITY";
+})(QualityFlag || (exports.QualityFlag = QualityFlag = {}));

package/dist/test/handshake.spec.d.ts

@@ -0,0 +1 @@
+export {};