@aamp/protocol 1.1.6 → 1.1.8

package/dist/express.js

@@ -1,64 +0,0 @@
-/**
- * Layer 3: Framework Adapters
- * Zero-friction integration for Express/Node.js.
- */
-import { AAMPPublisher } from './publisher.js';
-import { ContentOrigin } from './types.js';
-import { generateKeyPair } from './crypto.js';
-export class AAMP {
-    constructor(config) {
-        this.publisher = new AAMPPublisher({ version: '1.1', ...config.policy }, config.strategy || 'PASSIVE', config.cache);
-        this.origin = ContentOrigin[config.meta.origin];
-        this.ready = generateKeyPair().then(keys => {
-            return this.publisher.initialize(keys);
-        });
-    }
-    static init(config) {
-        return new AAMP(config);
-    }
-    /**
-     * Express Middleware
-     */
-    middleware() {
-        return async (req, res, next) => {
-            await this.ready;
-            // Normalize headers to lowercase dictionary
-            const headers = {};
-            Object.keys(req.headers).forEach(key => {
-                headers[key.toLowerCase()] = req.headers[key];
-            });
-            // Retrieve Raw Payload if available (optional but good for crypto)
-            // Note: Express body parsing might interfere, so we usually rely on the header content.
-            const rawPayload = headers['x-aamp-payload'];
-            // Evaluate Visitor
-            const result = await this.publisher.evaluateVisitor(headers, rawPayload);
-            // Enforce Decision
-            if (!result.allowed) {
-                res.status(result.status).json({
-                    error: result.reason,
-                    visitor_type: result.visitorType,
-                    proof_used: result.proofUsed
-                });
-                return;
-            }
-            // Inject Provenance Headers (For the humans/agents that got through)
-            const respHeaders = await this.publisher.generateResponseHeaders(this.origin);
-            Object.entries(respHeaders).forEach(([k, v]) => {
-                res.setHeader(k, v);
-            });
-            // Attach metadata to request for downstream use
-            req.aamp = {
-                verified: result.visitorType === 'VERIFIED_AGENT',
-                type: result.visitorType,
-                ...result.metadata
-            };
-            next();
-        };
-    }
-    discoveryHandler() {
-        return (req, res) => {
-            res.setHeader('Content-Type', 'application/json');
-            res.send(JSON.stringify(this.publisher.getPolicy(), null, 2));
-        };
-    }
-}

package/dist/index.d.ts

@@ -1,12 +0,0 @@
-/**
- * AAMP SDK Public API
- *
- * This is the main entry point for the library.
- */
-export * from './types.js';
-export * from './constants.js';
-export * from './agent.js';
-export * from './publisher.js';
-export * from './crypto.js';
-export * from './express.js';
-export { AAMPNext } from './nextjs.js';

package/dist/index.js

@@ -1,12 +0,0 @@
-/**
- * AAMP SDK Public API
- *
- * This is the main entry point for the library.
- */
-export * from './types.js';
-export * from './constants.js';
-export * from './agent.js';
-export * from './publisher.js';
-export * from './crypto.js';
-export * from './express.js'; // Node.js / Express Adapter
-export { AAMPNext } from './nextjs.js'; // Serverless / Next.js Adapter

package/dist/nextjs.d.ts

@@ -1,25 +0,0 @@
-import { AccessPolicy, ContentOrigin, UnauthenticatedStrategy, IdentityCache } from './types.js';
-type NextRequest = any;
-type NextResponse = any;
-export interface AAMPConfig {
-    policy: Omit<AccessPolicy, 'version'>;
-    meta: {
-        origin: keyof typeof ContentOrigin;
-        paymentPointer?: string;
-    };
-    strategy?: UnauthenticatedStrategy;
-    cache?: IdentityCache;
-}
-export declare class AAMPNext {
-    private publisher;
-    private origin;
-    private ready;
-    private constructor();
-    static init(config: AAMPConfig): AAMPNext;
-    /**
-     * Serverless Route Wrapper
-     */
-    withProtection(handler: (req: NextRequest) => Promise<NextResponse>): (req: NextRequest) => Promise<any>;
-    discoveryHandler(): () => Promise<Response>;
-}
-export {};

package/dist/nextjs.js

@@ -1,60 +0,0 @@
-/**
- * Layer 3: Framework Adapters
- * Serverless integration for Next.js (App Router & API Routes).
- */
-import { AAMPPublisher } from './publisher.js';
-import { ContentOrigin } from './types.js';
-import { generateKeyPair } from './crypto.js';
-const createJsonResponse = (body, status = 200) => {
-    return new Response(JSON.stringify(body), {
-        status,
-        headers: { 'Content-Type': 'application/json' }
-    });
-};
-export class AAMPNext {
-    constructor(config) {
-        this.publisher = new AAMPPublisher({ version: '1.1', ...config.policy }, config.strategy || 'PASSIVE', config.cache);
-        this.origin = ContentOrigin[config.meta.origin];
-        this.ready = generateKeyPair().then(keys => this.publisher.initialize(keys));
-    }
-    static init(config) {
-        return new AAMPNext(config);
-    }
-    /**
-     * Serverless Route Wrapper
-     */
-    withProtection(handler) {
-        return async (req) => {
-            await this.ready;
-            // Extract Headers map
-            const headers = {};
-            req.headers.forEach((value, key) => {
-                headers[key.toLowerCase()] = value;
-            });
-            // Evaluate
-            const result = await this.publisher.evaluateVisitor(headers, headers['x-aamp-payload']);
-            if (!result.allowed) {
-                return createJsonResponse({
-                    error: result.reason,
-                    visitor_type: result.visitorType,
-                    proof_used: result.proofUsed
-                }, result.status);
-            }
-            // Execute Handler
-            const response = await handler(req);
-            // Inject Provenance
-            const aampHeaders = await this.publisher.generateResponseHeaders(this.origin);
-            if (response && response.headers) {
-                Object.entries(aampHeaders).forEach(([k, v]) => {
-                    response.headers.set(k, v);
-                });
-            }
-            return response;
-        };
-    }
-    discoveryHandler() {
-        return async () => {
-            return createJsonResponse(this.publisher.getPolicy());
-        };
-    }
-}

package/dist/proof.d.ts

@@ -1,9 +0,0 @@
-/**
- * Verifies a JWT (Proof Token or Payment Credential) using JWKS.
- *
- * @param token The JWT string
- * @param jwksUrl The URL to fetch Public Keys
- * @param issuer The expected issuer
- * @param audience The expected audience range
- */
-export declare function verifyJwt(token: string, jwksUrl: string, issuer: string, audience?: string): Promise<boolean>;

package/dist/proof.js

@@ -1,27 +0,0 @@
-import { createRemoteJWKSet, jwtVerify } from 'jose';
-// In-memory cache for JWKS to avoid repeated fetches
-// Jose's createRemoteJWKSet handles caching/cooldowns internally.
-/**
- * Verifies a JWT (Proof Token or Payment Credential) using JWKS.
- *
- * @param token The JWT string
- * @param jwksUrl The URL to fetch Public Keys
- * @param issuer The expected issuer
- * @param audience The expected audience range
- */
-export async function verifyJwt(token, jwksUrl, issuer, audience) {
-    try {
-        const JWKS = createRemoteJWKSet(new URL(jwksUrl));
-        const { payload } = await jwtVerify(token, JWKS, {
-            issuer: issuer,
-            audience: audience // specific audience check if provided
-        });
-        // Check specific AAMP claims if we standardize them
-        // if (payload.type !== 'AD_IMPRESSION') return false;
-        return true;
-    }
-    catch (error) {
-        // console.error("Ad Proof Verification Failed:", error);
-        return false;
-    }
-}

package/dist/publisher.d.ts

@@ -1,35 +0,0 @@
-import { AccessPolicy, ContentOrigin, EvaluationResult, IdentityCache, UnauthenticatedStrategy } from './types.js';
-export declare class AAMPPublisher {
-    private policy;
-    private keyPair;
-    private unauthenticatedStrategy;
-    private cache;
-    private readonly CACHE_TTL_SECONDS;
-    constructor(policy: AccessPolicy, strategy?: UnauthenticatedStrategy, cacheImpl?: IdentityCache);
-    initialize(keyPair: CryptoKeyPair): Promise<void>;
-    getPolicy(): AccessPolicy;
-    /**
-     * Main Entry Point: Evaluate ANY visitor (Human, Bot, or Agent)
-     */
-    evaluateVisitor(reqHeaders: Record<string, string | undefined>, rawPayload?: string): Promise<EvaluationResult>;
-    /**
-     * Browser Heuristics (Hardened)
-     * 1. Checks Known Bot Signatures (Fast Fail)
-     * 2. Checks Trusted Upstream Signals (Cloudflare/Vercel)
-     * 3. Checks Browser Header Consistency
-     */
-    private performBrowserHeuristics;
-    /**
-     * Handle AAMP Protocol Logic
-     */
-    private handleAgent;
-    private verifyRequestLogic;
-    private verifyDnsBinding;
-    private isDomain;
-    generateResponseHeaders(origin: ContentOrigin): Promise<Record<string, string>>;
-    /**
-     * Handling Quality Feedback (The "Dispute" Layer)
-     * This runs when an Agent sends 'x-aamp-feedback'.
-     */
-    private handleFeedback;
-}

package/dist/publisher.js

@@ -1,338 +0,0 @@
-/**
- * Layer 2: Publisher Middleware
- * Used by content owners to enforce policy, log access, and filter bots.
- */
-import { HEADERS, MAX_CLOCK_SKEW_MS, WELL_KNOWN_AGENT_PATH } from './constants.js';
-import { exportPublicKey, signData, verifySignature } from './crypto.js';
-import { AccessPurpose } from './types.js';
-import { verifyJwt } from './proof.js';
-/**
- * Default In-Memory Cache (Fallback only)
- * NOT recommended for high-traffic Serverless production.
- */
-class MemoryCache {
-    constructor() {
-        this.store = new Map();
-    }
-    async get(key) {
-        const item = this.store.get(key);
-        if (!item)
-            return null;
-        if (Date.now() > item.exp) {
-            this.store.delete(key);
-            return null;
-        }
-        return item.val;
-    }
-    async set(key, value, ttlSeconds) {
-        this.store.set(key, {
-            val: value,
-            exp: Date.now() + (ttlSeconds * 1000)
-        });
-    }
-}
-export class AAMPPublisher {
-    constructor(policy, strategy = 'PASSIVE', cacheImpl) {
-        this.keyPair = null;
-        // Default TTL: 1 Hour
-        this.CACHE_TTL_SECONDS = 3600;
-        this.policy = policy;
-        this.unauthenticatedStrategy = strategy;
-        this.cache = cacheImpl || new MemoryCache();
-    }
-    async initialize(keyPair) {
-        this.keyPair = keyPair;
-    }
-    getPolicy() {
-        return this.policy;
-    }
-    /**
-     * Main Entry Point: Evaluate ANY visitor (Human, Bot, or Agent)
-     */
-    async evaluateVisitor(reqHeaders, rawPayload) {
-        // 1. Check for AAMP Headers
-        const hasAamp = reqHeaders[HEADERS.PAYLOAD] && reqHeaders[HEADERS.SIGNATURE] && reqHeaders[HEADERS.PUBLIC_KEY];
-        const feedbackToken = reqHeaders[HEADERS.FEEDBACK];
-        if (feedbackToken) {
-            await this.handleFeedback(feedbackToken, reqHeaders);
-        }
-        if (hasAamp) {
-            console.log("\n🔎 [AAMP Middleware] Detected Agent Headers. Starting Verification...");
-            // It claims to be an Agent. Verify it.
-            return await this.handleAgent(reqHeaders, rawPayload);
-        }
-        // 2. It's not an AAMP Agent. Apply Strategy.
-        if (this.unauthenticatedStrategy === 'STRICT') {
-            return {
-                allowed: false,
-                status: 401,
-                reason: "STRICT_MODE: Only AAMP verified agents allowed.",
-                visitorType: 'UNIDENTIFIED_BOT'
-            };
-        }
-        if (this.unauthenticatedStrategy === 'PASSIVE') {
-            return {
-                allowed: true,
-                status: 200,
-                reason: "PASSIVE_MODE: Allowed without verification.",
-                visitorType: 'LIKELY_HUMAN'
-            };
-        }
-        // 3. HYBRID MODE: Heuristic Analysis (The "Lazy Bot" Filter)
-        const isHuman = this.performBrowserHeuristics(reqHeaders);
-        if (isHuman) {
-            return {
-                allowed: true,
-                status: 200,
-                reason: "BROWSER_VERIFIED: Heuristics passed.",
-                visitorType: 'LIKELY_HUMAN'
-            };
-        }
-        else {
-            return {
-                allowed: false,
-                status: 403,
-                reason: "BOT_DETECTED: Request lacks browser signatures and AAMP headers.",
-                visitorType: 'UNIDENTIFIED_BOT'
-            };
-        }
-    }
-    /**
-     * Browser Heuristics (Hardened)
-     * 1. Checks Known Bot Signatures (Fast Fail)
-     * 2. Checks Trusted Upstream Signals (Cloudflare/Vercel)
-     * 3. Checks Browser Header Consistency
-     */
-    performBrowserHeuristics(headers) {
-        const userAgent = headers['user-agent'] || '';
-        // A. The "Obvious Bot" Blocklist (Fast Fail)
-        const botSignatures = ['python-requests', 'curl', 'wget', 'scrapy', 'bot', 'crawler', 'spider'];
-        if (botSignatures.some(sig => userAgent.toLowerCase().includes(sig))) {
-            return false;
-        }
-        // B. Trusted Infrastructure Signals (The Real World Solution)
-        if (headers['cf-visitor'] || headers['cf-ray'])
-            return true;
-        if (headers['x-vercel-id'])
-            return true;
-        if (headers['cloudfront-viewer-address'])
-            return true;
-        // C. The "Browser Fingerprint" (Fallback for direct connections)
-        const hasAcceptLanguage = !!headers['accept-language'];
-        const hasSecFetchDest = !!headers['sec-fetch-dest'];
-        const hasUpgradeInsecure = !!headers['upgrade-insecure-requests'];
-        if (hasAcceptLanguage && (hasSecFetchDest || hasUpgradeInsecure)) {
-            return true;
-        }
-        return false;
-    }
-    /**
-     * Handle AAMP Protocol Logic
-     */
-    async handleAgent(reqHeaders, rawPayload) {
-        try {
-            const payloadHeader = reqHeaders[HEADERS.PAYLOAD];
-            const sigHeader = reqHeaders[HEADERS.SIGNATURE];
-            const keyHeader = reqHeaders[HEADERS.PUBLIC_KEY];
-            const headerJson = atob(payloadHeader);
-            const requestHeader = JSON.parse(headerJson);
-            const signedRequest = {
-                header: requestHeader,
-                signature: sigHeader,
-                publicKey: keyHeader
-            };
-            const agentKey = await crypto.subtle.importKey("spki", new Uint8Array(atob(keyHeader).split('').map(c => c.charCodeAt(0))), { name: "ECDSA", namedCurve: "P-256" }, true, ["verify"]);
-            const proofToken = reqHeaders[HEADERS.PROOF_TOKEN];
-            const paymentCredential = reqHeaders[HEADERS.PAYMENT_CREDENTIAL];
-            // Verify Core Logic
-            const result = await this.verifyRequestLogic(signedRequest, agentKey, proofToken, paymentCredential, headerJson);
-            if (!result.allowed) {
-                console.log(`⛔ [AAMP BLOCK] 
-        Agent: ${requestHeader.agent_id}
-        Reason: ${result.reason}
-        VisitorType: ${result.visitorType}
-        Proof: ${result.proofUsed || 'None'}
-        Identity Verified: ${result.identityVerified}`);
-                return {
-                    allowed: false,
-                    status: 403,
-                    reason: result.reason,
-                    visitorType: 'VERIFIED_AGENT'
-                };
-            }
-            console.log(`✅ [AAMP ALLOW] 
-      Agent: ${requestHeader.agent_id}
-      Reason: AAMP_VERIFIED
-      Payment Method: ${result.proofUsed}
-      Identity Verified: ${result.identityVerified}`);
-            return {
-                allowed: true,
-                status: 200,
-                reason: "AAMP_VERIFIED",
-                visitorType: 'VERIFIED_AGENT',
-                metadata: requestHeader
-            };
-        }
-        catch (e) {
-            console.error(e);
-            return { allowed: false, status: 400, reason: "INVALID_SIGNATURE", visitorType: 'UNIDENTIFIED_BOT' };
-        }
-    }
-    async verifyRequestLogic(request, requestPublicKey, proofToken, paymentCredential, rawPayload) {
-        // 1. Replay Attack Prevention
-        const requestTime = new Date(request.header.ts).getTime();
-        if (Math.abs(Date.now() - requestTime) > MAX_CLOCK_SKEW_MS) {
-            return { allowed: false, reason: 'TIMESTAMP_INVALID', identityVerified: false };
-        }
-        // 2. Crypto Verification
-        const signableString = rawPayload || JSON.stringify(request.header);
-        const isCryptoValid = await verifySignature(requestPublicKey, signableString, request.signature);
-        if (!isCryptoValid)
-            return { allowed: false, reason: 'CRYPTO_FAIL', identityVerified: false };
-        // 3. Identity Verification (DNS Binding) with Cache
-        let identityVerified = false;
-        const claimedDomain = request.header.agent_id;
-        const pubKeyString = await exportPublicKey(requestPublicKey);
-        console.log(`   🆔 [AAMP Identity] Verifying DNS Binding for: ${claimedDomain}`);
-        // Check Cache First
-        const cachedKey = await this.cache.get(claimedDomain);
-        if (cachedKey === pubKeyString) {
-            console.log("   ⚡ [AAMP Cache] Identity found in cache.");
-            identityVerified = true;
-        }
-        else if (this.isDomain(claimedDomain)) {
-            // Cache Miss: Perform DNS Fetch
-            identityVerified = await this.verifyDnsBinding(claimedDomain, pubKeyString);
-            if (identityVerified) {
-                await this.cache.set(claimedDomain, pubKeyString, this.CACHE_TTL_SECONDS);
-            }
-        }
-        if (this.policy.requireIdentityBinding && !identityVerified) {
-            return { allowed: false, reason: 'IDENTITY_FAIL: DNS Binding could not be verified.', identityVerified: false };
-        }
-        // 4. Policy Check: Purpose
-        if (request.header.purpose === AccessPurpose.CRAWL_TRAINING && !this.policy.allowTraining) {
-            return { allowed: false, reason: 'POLICY_DENIED: Training not allowed.', identityVerified };
-        }
-        if (request.header.purpose === AccessPurpose.RAG_RETRIEVAL && !this.policy.allowRAG) {
-            return { allowed: false, reason: 'POLICY_DENIED: RAG not allowed.', identityVerified };
-        }
-        // 5. Policy Check: Economics (v1.2)
-        if (this.policy.requiresPayment) {
-            let paymentSatisfied = false;
-            // Method A: Flexible Payment Callback (DB / Custom Logic)
-            if (this.policy.monetization?.checkPayment) {
-                const isPaid = await this.policy.monetization.checkPayment(request.header.agent_id, request.header.purpose);
-                if (isPaid) {
-                    console.log(`   💰 [AAMP Audit] Whitelist Check Passed via Callback.`);
-                    return { allowed: true, reason: 'OK', identityVerified, proofUsed: 'WHITELIST_CALLBACK' };
-                }
-            }
-            // Method B: Payment Credentials (Unified JWT)
-            if (!paymentSatisfied && this.policy.monetization?.paymentConfig && paymentCredential) {
-                const { jwksUrl, issuer } = this.policy.monetization.paymentConfig;
-                console.log(`   🔐 [AAMP Audit] Verifying Payment Credential (Issuer: ${issuer})...`);
-                const isValidCredential = await verifyJwt(paymentCredential, jwksUrl, issuer);
-                if (isValidCredential) {
-                    console.log(`   ✅ [AAMP Audit] Credential Signature VALID.`);
-                    return { allowed: true, reason: 'OK', identityVerified, proofUsed: 'PAYMENT_CREDENTIAL_JWT' };
-                }
-                else {
-                    console.log(`   ❌ [AAMP Audit] Credential Signature INVALID.`);
-                }
-            }
-            // Method C: Ad-Supported (Proof Verification)
-            if (!paymentSatisfied && this.policy.allowAdSupportedAccess && request.header.context.ads_displayed) {
-                if (proofToken && this.policy.monetization?.adNetwork) {
-                    const { jwksUrl, issuer } = this.policy.monetization.adNetwork;
-                    console.log(`   📺 [AAMP Audit] Verifying Ad Proof (Issuer: ${issuer})...`);
-                    const isValidProof = await verifyJwt(proofToken, jwksUrl, issuer);
-                    if (isValidProof) {
-                        console.log(`   ✅ [AAMP Audit] Ad Proof Signature VALID.`);
-                        return { allowed: true, reason: 'OK', identityVerified, proofUsed: 'AD_PROOF_JWT' };
-                    }
-                    else {
-                        console.log(`   ❌ [AAMP Audit] Ad Proof Signature INVALID.`);
-                    }
-                }
-                else {
-                    console.log(`   ⚠️ [AAMP Audit] Ad Proof MISSING.`);
-                }
-            }
-            if (!paymentSatisfied) {
-                return { allowed: false, reason: 'PAYMENT_REQUIRED: Whitelist, Credential, and Ad Proof checks ALL failed.', identityVerified, proofUsed: 'NONE', visitorType: 'VERIFIED_AGENT' };
-            }
-        }
-        return { allowed: true, reason: 'OK', identityVerified };
-    }
-    async verifyDnsBinding(domain, requestKeySpki) {
-        try {
-            // Allow HTTP for localhost testing
-            const protocol = (domain.includes('localhost') || domain.match(/:\d+$/)) ? 'http' : 'https';
-            const url = `${protocol}://${domain}${WELL_KNOWN_AGENT_PATH}`;
-            console.log(`   🌍 [AAMP DNS] Fetching Manifest: ${url} ...`);
-            // In production, we need a short timeout to prevent hanging
-            const controller = new AbortController();
-            const timeoutId = setTimeout(() => controller.abort(), 1500); // 1.5s max for DNS check
-            const response = await fetch(url, { signal: controller.signal });
-            clearTimeout(timeoutId);
-            if (!response.ok) {
-                console.log(`   ❌ [AAMP DNS] Fetch Failed: ${response.status}`);
-                return false;
-            }
-            const manifest = await response.json();
-            console.log(`   📄 [AAMP DNS] Manifest received. Agent ID: ${manifest.agent_id}`);
-            // CHECK 1: Does the manifest actually belong to the domain?
-            if (manifest.agent_id !== domain) {
-                console.log(`   ❌ [AAMP DNS] Mismatch: Manifest ID ${manifest.agent_id} != Claimed ${domain}`);
-                return false;
-            }
-            // CHECK 2: Does the key match?
-            if (manifest.public_key !== requestKeySpki) {
-                console.log(`   ❌ [AAMP DNS] Key Mismatch: DNS Key != Request Key`);
-                return false;
-            }
-            console.log(`   ✅ [AAMP DNS] Identity Confirmed.`);
-            return true;
-        }
-        catch (e) {
-            console.log(`   ❌ [AAMP DNS] Error: ${e.message}`);
-            return false;
-        }
-    }
-    isDomain(s) {
-        // Basic regex, allows localhost with ports
-        return /^[a-zA-Z0-9.-]+(:\d+)?$/.test(s) || /^[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/.test(s);
-    }
-    async generateResponseHeaders(origin) {
-        if (!this.keyPair)
-            throw new Error("Publisher keys not initialized");
-        const payload = JSON.stringify({ origin, ts: Date.now() });
-        const signature = await signData(this.keyPair.privateKey, payload);
-        return {
-            [HEADERS.CONTENT_ORIGIN]: origin,
-            [HEADERS.PROVENANCE_SIG]: signature
-        };
-    }
-    /**
-     * Handling Quality Feedback (The "Dispute" Layer)
-     * This runs when an Agent sends 'x-aamp-feedback'.
-     */
-    async handleFeedback(token, headers) {
-        // NOTE: In production, you would fetch the Agent's specific key. 
-        // For now, we assume standard Discovery or a centralized Key Set (like adNetwork).
-        // Ideally, the SDK config should have a 'qualityOracle' key set.
-        // 1. We just Decode it to Log it (Verification is optional but recommended)
-        try {
-            const parts = token.split('.');
-            const payload = JSON.parse(atob(parts[1]));
-            console.log(`\n📢 [AAMP QUALITY ALERT] Feedback Received from ${payload.agent_id}`);
-            console.log(`   Reason: ${payload.reason} | Score: ${payload.quality_score}`);
-            console.log(`   Resource: ${payload.url}`);
-            console.log(`   (Signature available for dispute evidence)`);
-        }
-        catch (e) {
-            console.log(`   ⚠️ [AAMP Warning] Malformed Feedback Token.`);
-        }
-    }
-}