@adastracomputing/ink 0.1.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (48) hide show
  1. package/CHANGELOG.md +63 -0
  2. package/CODE_OF_CONDUCT.md +42 -0
  3. package/LICENSE-APACHE +201 -0
  4. package/LICENSE-MIT +21 -0
  5. package/README.md +133 -0
  6. package/SECURITY.md +57 -0
  7. package/docs/key-rotation-rule.md +108 -0
  8. package/docs/logo.svg +8 -0
  9. package/docs/maturity.md +81 -0
  10. package/docs/threat-model.md +150 -0
  11. package/package.json +72 -0
  12. package/specs/ink-agent-containment-and-governance-extension-spec.md +508 -0
  13. package/specs/ink-auditability.md +652 -0
  14. package/specs/ink-authorization-chain.md +242 -0
  15. package/specs/ink-compatibility-policy.md +263 -0
  16. package/specs/ink-compliance-checklist.md +309 -0
  17. package/specs/ink-containment-phase1-implementation-spec.md +593 -0
  18. package/specs/ink-introduction-receipts-extension.md +501 -0
  19. package/specs/ink-key-rotation-spec.md +535 -0
  20. package/src/crypto/ink.ts +902 -0
  21. package/src/crypto/keys.ts +211 -0
  22. package/src/crypto/multi-key-verify.ts +170 -0
  23. package/src/crypto/sign.ts +155 -0
  24. package/src/crypto/verify.ts +1 -0
  25. package/src/discovery/agent-card.ts +508 -0
  26. package/src/index.ts +59 -0
  27. package/src/ink/checkpoint.ts +75 -0
  28. package/src/ink/discovery-gating.ts +147 -0
  29. package/src/ink/handshake-budget.ts +413 -0
  30. package/src/ink/receipts.ts +114 -0
  31. package/src/ink/transport-auth.ts +96 -0
  32. package/src/middleware/ink-auth.ts +263 -0
  33. package/src/models/agent-card.ts +63 -0
  34. package/src/models/ink-audit.ts +205 -0
  35. package/src/models/ink-handshake.ts +123 -0
  36. package/src/models/intent.ts +201 -0
  37. package/src/models/key-entry.ts +52 -0
  38. package/src/models/profile.ts +31 -0
  39. package/test-vectors/README.md +129 -0
  40. package/test-vectors/encryption.json +90 -0
  41. package/test-vectors/handshake.json +482 -0
  42. package/test-vectors/jcs.json +30 -0
  43. package/test-vectors/key-rotation.json +101 -0
  44. package/test-vectors/keys.json +32 -0
  45. package/test-vectors/receipts-and-audit.json +142 -0
  46. package/test-vectors/replay.json +88 -0
  47. package/test-vectors/signing.json +61 -0
  48. package/test-vectors/witness.json +394 -0
package/test-vectors/receipts-and-audit.json ADDED
@@ -0,0 +1,142 @@
1
+ {
2
+ "description": "INK v0.1 receipt, audit query, and audit chain test vectors (INK Auditability §1–§3). All signatures and hashes use key material from keys.json.",
3
+ "vectors": [
4
+ {
5
+ "id": "receipt-1",
6
+ "description": "Bob sends a 'delivered' receipt to Alice for the intent from signing.json vector 1",
7
+ "input": {
8
+ "note": "messageHash is SHA-256 of the JCS-canonicalized intent body from signing.json vector 1",
9
+ "originalMessageBody": {
10
+ "protocol": "ink/0.1",
11
+ "type": "network.tulpa.intent",
12
+ "from": "did:plc:alice123test",
13
+ "to": "did:plc:bob456test",
14
+ "intentType": "scheduling",
15
+ "purpose": "Discuss partnership opportunity",
16
+ "urgency": "normal",
17
+ "expiresAt": "2026-03-25T00:00:00Z",
18
+ "nonce": "dGVzdG5vbmNlMTIzNDU2Nzg",
19
+ "timestamp": "2026-03-18T12:00:00Z"
20
+ },
21
+ "canonicalOriginalMessage": "{\"expiresAt\":\"2026-03-25T00:00:00Z\",\"from\":\"did:plc:alice123test\",\"intentType\":\"scheduling\",\"nonce\":\"dGVzdG5vbmNlMTIzNDU2Nzg\",\"protocol\":\"ink/0.1\",\"purpose\":\"Discuss partnership opportunity\",\"timestamp\":\"2026-03-18T12:00:00Z\",\"to\":\"did:plc:bob456test\",\"type\":\"network.tulpa.intent\",\"urgency\":\"normal\"}",
22
+ "messageHashHex": "39605712514a6b5e3a6691ef240a8e2b61376e372d4315329e96637e4a7c34ea",
23
+ "receipt": {
24
+ "protocol": "ink/0.1",
25
+ "type": "network.tulpa.receipt",
26
+ "from": "did:plc:bob456test",
27
+ "to": "did:plc:alice123test",
28
+ "messageId": "msg-test-vector-001",
29
+ "disposition": "delivered",
30
+ "dispositionAt": "2026-03-18T12:05:00Z",
31
+ "messageHash": "39605712514a6b5e3a6691ef240a8e2b61376e372d4315329e96637e4a7c34ea",
32
+ "nonce": "cmVjZWlwdG5vbmNlMTIzNA",
33
+ "timestamp": "2026-03-18T12:05:01Z"
34
+ },
35
+ "method": "POST",
36
+ "path": "/ink/v1/receipt",
37
+ "recipientDid": "did:plc:alice123test",
38
+ "signerPrivateKeyHex": "4ea0adf03599751231c1c3b7fc5a6c9d2e2f2f97bcd7c885c0add2f47b9af181"
39
+ },
40
+ "expected": {
41
+ "canonicalReceipt": "{\"disposition\":\"delivered\",\"dispositionAt\":\"2026-03-18T12:05:00Z\",\"from\":\"did:plc:bob456test\",\"messageHash\":\"39605712514a6b5e3a6691ef240a8e2b61376e372d4315329e96637e4a7c34ea\",\"messageId\":\"msg-test-vector-001\",\"nonce\":\"cmVjZWlwdG5vbmNlMTIzNA\",\"protocol\":\"ink/0.1\",\"timestamp\":\"2026-03-18T12:05:01Z\",\"to\":\"did:plc:alice123test\",\"type\":\"network.tulpa.receipt\"}",
42
+ "signatureBase": "ink/0.1\nPOST\n/ink/v1/receipt\ndid:plc:alice123test\n{\"disposition\":\"delivered\",\"dispositionAt\":\"2026-03-18T12:05:00Z\",\"from\":\"did:plc:bob456test\",\"messageHash\":\"39605712514a6b5e3a6691ef240a8e2b61376e372d4315329e96637e4a7c34ea\",\"messageId\":\"msg-test-vector-001\",\"nonce\":\"cmVjZWlwdG5vbmNlMTIzNA\",\"protocol\":\"ink/0.1\",\"timestamp\":\"2026-03-18T12:05:01Z\",\"to\":\"did:plc:alice123test\",\"type\":\"network.tulpa.receipt\"}\n2026-03-18T12:05:01Z",
43
+ "signatureBase64url": "1YX_UO-steo6lVd77YWI2TXwrE7wXAp4NfMEZsWY539iwsLRbZ5O3jOwDQ3Dhyq6odX-FQHQjoxsfoKG103LAw",
44
+ "signatureVerifies": true,
45
+ "signatureHex": "d585ff50efacb5ea3a95577bed8588d935f0ac4ef05c0a7835f30466c598e77f62c2c2d16d9e4ede33b00d0dc3872abaa1d5fe1501d08e8c6c7e8286d74dcb03"
46
+ }
47
+ },
48
+ {
49
+ "id": "audit-query-1",
50
+ "description": "Alice queries Bob for audit trail of msg-test-vector-001",
51
+ "input": {
52
+ "query": {
53
+ "protocol": "ink/0.1",
54
+ "type": "network.tulpa.audit_query",
55
+ "from": "did:plc:alice123test",
56
+ "to": "did:plc:bob456test",
57
+ "messageId": "msg-test-vector-001",
58
+ "nonce": "YXVkaXRub25jZTEyMzQ1Ng",
59
+ "timestamp": "2026-03-18T13:00:00Z"
60
+ },
61
+ "method": "POST",
62
+ "path": "/ink/v1/audit",
63
+ "recipientDid": "did:plc:bob456test",
64
+ "signerPrivateKeyHex": "02362f546f26d9c252c9209d1218e3174654b04b5f08f2ee2b3fa7874111d086"
65
+ },
66
+ "expected": {
67
+ "canonicalQuery": "{\"from\":\"did:plc:alice123test\",\"messageId\":\"msg-test-vector-001\",\"nonce\":\"YXVkaXRub25jZTEyMzQ1Ng\",\"protocol\":\"ink/0.1\",\"timestamp\":\"2026-03-18T13:00:00Z\",\"to\":\"did:plc:bob456test\",\"type\":\"network.tulpa.audit_query\"}",
68
+ "signatureBase": "ink/0.1\nPOST\n/ink/v1/audit\ndid:plc:bob456test\n{\"from\":\"did:plc:alice123test\",\"messageId\":\"msg-test-vector-001\",\"nonce\":\"YXVkaXRub25jZTEyMzQ1Ng\",\"protocol\":\"ink/0.1\",\"timestamp\":\"2026-03-18T13:00:00Z\",\"to\":\"did:plc:bob456test\",\"type\":\"network.tulpa.audit_query\"}\n2026-03-18T13:00:00Z",
69
+ "signatureBase64url": "sC7lbTRpyeEVRBJf3wo0KHEIaKQbHAIbFGTooVqBy2fYJm1raU1hCwq-PQQs4BKykMdFPxWeZRTsxRijjaQdCQ",
70
+ "signatureVerifies": true
71
+ }
72
+ },
73
+ {
74
+ "id": "audit-chain-1",
75
+ "description": "Bob's audit chain — two events for msg-test-vector-001 (message.received → message.delivered)",
76
+ "input": {
77
+ "note": "Events are signed by Bob. agentSignature is computed over JCS-canonicalized event excluding the agentSignature field. previousEventHash is SHA-256 of the JCS-canonicalized previous event excluding agentSignature.",
78
+ "events": [
79
+ {
80
+ "id": "01JBTEST0001",
81
+ "version": "ink-audit/1",
82
+ "agentId": "agent-bob-01",
83
+ "sequence": 1,
84
+ "previousEventHash": null,
85
+ "eventType": "message.received",
86
+ "timestamp": "2026-03-18T12:04:58Z",
87
+ "messageId": "msg-test-vector-001",
88
+ "counterpartyId": "did:plc:alice123test"
89
+ },
90
+ {
91
+ "id": "01JBTEST0002",
92
+ "version": "ink-audit/1",
93
+ "agentId": "agent-bob-01",
94
+ "sequence": 2,
95
+ "eventType": "message.delivered",
96
+ "timestamp": "2026-03-18T12:05:00Z",
97
+ "messageId": "msg-test-vector-001",
98
+ "counterpartyId": "did:plc:alice123test"
99
+ }
100
+ ],
101
+ "signerPrivateKeyHex": "4ea0adf03599751231c1c3b7fc5a6c9d2e2f2f97bcd7c885c0add2f47b9af181"
102
+ },
103
+ "expected": {
104
+ "event1": {
105
+ "canonicalWithoutSignature": "{\"agentId\":\"agent-bob-01\",\"counterpartyId\":\"did:plc:alice123test\",\"eventType\":\"message.received\",\"id\":\"01JBTEST0001\",\"messageId\":\"msg-test-vector-001\",\"previousEventHash\":null,\"sequence\":1,\"timestamp\":\"2026-03-18T12:04:58Z\",\"version\":\"ink-audit/1\"}",
106
+ "hashHex": "6b45d9d76d61b87b1cf804d0b403b7be8cf3af78a9c4eea9e543b211bf70827c",
107
+ "agentSignatureBase64url": "hHRnbjpet_BXu1bQwRtBzfmbBq_tC8jJFACisYaSP0HF0sgaSszsm733pEEhfJ4uGxhcQYGeemuzO_2sz-DZAw",
108
+ "signatureVerifies": true
109
+ },
110
+ "event2": {
111
+ "note": "previousEventHash links to event1's hash, forming the chain",
112
+ "previousEventHash": "6b45d9d76d61b87b1cf804d0b403b7be8cf3af78a9c4eea9e543b211bf70827c",
113
+ "canonicalWithoutSignature": "{\"agentId\":\"agent-bob-01\",\"counterpartyId\":\"did:plc:alice123test\",\"eventType\":\"message.delivered\",\"id\":\"01JBTEST0002\",\"messageId\":\"msg-test-vector-001\",\"previousEventHash\":\"6b45d9d76d61b87b1cf804d0b403b7be8cf3af78a9c4eea9e543b211bf70827c\",\"sequence\":2,\"timestamp\":\"2026-03-18T12:05:00Z\",\"version\":\"ink-audit/1\"}",
114
+ "hashHex": "645c53dc5e42581e99b1aabff30c12089ccebe6e131536573e94f313064f1f97",
115
+ "signatureVerifies": true
116
+ }
117
+ }
118
+ },
119
+ {
120
+ "id": "audit-chain-fork",
121
+ "description": "Fork detection — two events with the same sequence number but different content indicate a forked chain",
122
+ "input": {
123
+ "note": "If an agent produces two events with sequence=2, the chain is forked. Verifiers MUST reject chains where any sequence number appears more than once.",
124
+ "forkEvent": {
125
+ "id": "01JBTEST0003",
126
+ "version": "ink-audit/1",
127
+ "agentId": "agent-bob-01",
128
+ "sequence": 2,
129
+ "previousEventHash": "6b45d9d76d61b87b1cf804d0b403b7be8cf3af78a9c4eea9e543b211bf70827c",
130
+ "eventType": "message.rejected",
131
+ "timestamp": "2026-03-18T12:05:00Z",
132
+ "messageId": "msg-test-vector-001",
133
+ "counterpartyId": "did:plc:alice123test"
134
+ }
135
+ },
136
+ "expected": {
137
+ "chainValid": false,
138
+ "reason": "Duplicate sequence number 2 — agent-bob-01 produced two different events at the same position. This is evidence of tampering or a buggy implementation."
139
+ }
140
+ }
141
+ ]
142
+ }
package/test-vectors/replay.json ADDED
@@ -0,0 +1,88 @@
1
+ {
2
+ "description": "INK replay protection acceptance/rejection rules (INK §3.5)",
3
+ "rules": {
4
+ "maxTimestampAge": "5 minutes",
5
+ "maxFutureTimestamp": "30 seconds",
6
+ "nonceDeduplicationWindow": "10 minutes"
7
+ },
8
+ "vectors": [
9
+ {
10
+ "description": "Valid — timestamp within 5-minute window, fresh nonce",
11
+ "input": {
12
+ "messageTimestamp": "2026-03-18T12:00:00Z",
13
+ "receiverClock": "2026-03-18T12:02:30Z",
14
+ "nonce": "dW5pcXVlLW5vbmNlLTEyMzQ1Njc4OTA",
15
+ "previouslySeenNonces": []
16
+ },
17
+ "expected": {
18
+ "accepted": true
19
+ }
20
+ },
21
+ {
22
+ "description": "Rejected — timestamp 6 minutes old, exceeds 5-minute window",
23
+ "input": {
24
+ "messageTimestamp": "2026-03-18T11:54:00Z",
25
+ "receiverClock": "2026-03-18T12:00:00Z",
26
+ "nonce": "dW5pcXVlLW5vbmNlLWFiY2RlZmdoaWo",
27
+ "previouslySeenNonces": []
28
+ },
29
+ "expected": {
30
+ "accepted": false,
31
+ "errorCode": "expired_message"
32
+ }
33
+ },
34
+ {
35
+ "description": "Rejected — timestamp 60 seconds in the future, exceeds 30-second tolerance",
36
+ "input": {
37
+ "messageTimestamp": "2026-03-18T12:01:00Z",
38
+ "receiverClock": "2026-03-18T12:00:00Z",
39
+ "nonce": "dW5pcXVlLW5vbmNlLWZ1dHVyZS10ZXN0",
40
+ "previouslySeenNonces": []
41
+ },
42
+ "expected": {
43
+ "accepted": false,
44
+ "errorCode": "expired_message"
45
+ }
46
+ },
47
+ {
48
+ "description": "Accepted — timestamp 25 seconds in the future (within 30-second tolerance)",
49
+ "input": {
50
+ "messageTimestamp": "2026-03-18T12:00:25Z",
51
+ "receiverClock": "2026-03-18T12:00:00Z",
52
+ "nonce": "dW5pcXVlLW5vbmNlLTI1cy1haGVhZA",
53
+ "previouslySeenNonces": []
54
+ },
55
+ "expected": {
56
+ "accepted": true
57
+ }
58
+ },
59
+ {
60
+ "description": "Rejected — duplicate nonce within 10-minute deduplication window",
61
+ "input": {
62
+ "messageTimestamp": "2026-03-18T12:00:00Z",
63
+ "receiverClock": "2026-03-18T12:00:01Z",
64
+ "nonce": "cmVwZWF0ZWQtbm9uY2UtdmFsdWU",
65
+ "previouslySeenNonces": [
66
+ "cmVwZWF0ZWQtbm9uY2UtdmFsdWU"
67
+ ]
68
+ },
69
+ "expected": {
70
+ "accepted": false,
71
+ "errorCode": "duplicate_nonce"
72
+ }
73
+ },
74
+ {
75
+ "description": "Accepted — previously seen nonce but outside 10-minute window (entry purged)",
76
+ "input": {
77
+ "messageTimestamp": "2026-03-18T12:15:00Z",
78
+ "receiverClock": "2026-03-18T12:15:01Z",
79
+ "nonce": "cmVwZWF0ZWQtbm9uY2UtdmFsdWU",
80
+ "previouslySeenNonces": [],
81
+ "note": "Nonce was seen at 12:00:00 but the 10-minute window elapsed so the entry was purged"
82
+ },
83
+ "expected": {
84
+ "accepted": true
85
+ }
86
+ }
87
+ ]
88
+ }
package/test-vectors/signing.json ADDED
@@ -0,0 +1,61 @@
1
+ {
2
+ "description": "INK Ed25519 signature generation and verification (INK §3.3, §9)",
3
+ "vectors": [
4
+ {
5
+ "description": "Alice signs an intent to Bob — valid signature",
6
+ "input": {
7
+ "method": "POST",
8
+ "path": "/ink/v1/intent",
9
+ "recipientDid": "did:plc:bob456test",
10
+ "body": {
11
+ "protocol": "ink/0.1",
12
+ "type": "network.tulpa.intent",
13
+ "from": "did:plc:alice123test",
14
+ "to": "did:plc:bob456test",
15
+ "intentType": "scheduling",
16
+ "purpose": "Discuss partnership opportunity",
17
+ "urgency": "normal",
18
+ "expiresAt": "2026-03-25T00:00:00Z",
19
+ "nonce": "dGVzdG5vbmNlMTIzNDU2Nzg",
20
+ "timestamp": "2026-03-18T12:00:00Z"
21
+ },
22
+ "timestamp": "2026-03-18T12:00:00Z",
23
+ "signerPublicKeyHex": "16d8c7758b7816f4540730fa5b01921bfa0c52459e435b8f970cd8ef3e548fba",
24
+ "signerPrivateKeyHex": "02362f546f26d9c252c9209d1218e3174654b04b5f08f2ee2b3fa7874111d086"
25
+ },
26
+ "expected": {
27
+ "canonicalBody": "{\"expiresAt\":\"2026-03-25T00:00:00Z\",\"from\":\"did:plc:alice123test\",\"intentType\":\"scheduling\",\"nonce\":\"dGVzdG5vbmNlMTIzNDU2Nzg\",\"protocol\":\"ink/0.1\",\"purpose\":\"Discuss partnership opportunity\",\"timestamp\":\"2026-03-18T12:00:00Z\",\"to\":\"did:plc:bob456test\",\"type\":\"network.tulpa.intent\",\"urgency\":\"normal\"}",
28
+ "signatureBase": "ink/0.1\nPOST\n/ink/v1/intent\ndid:plc:bob456test\n{\"expiresAt\":\"2026-03-25T00:00:00Z\",\"from\":\"did:plc:alice123test\",\"intentType\":\"scheduling\",\"nonce\":\"dGVzdG5vbmNlMTIzNDU2Nzg\",\"protocol\":\"ink/0.1\",\"purpose\":\"Discuss partnership opportunity\",\"timestamp\":\"2026-03-18T12:00:00Z\",\"to\":\"did:plc:bob456test\",\"type\":\"network.tulpa.intent\",\"urgency\":\"normal\"}\n2026-03-18T12:00:00Z",
29
+ "signatureHex": "0b8ac7ef61ad309dc8b2ee6575acbbfca6e62a4379a8726966bc25a619dc98b30e5337a4bb2e22cca58acb2fd83e8206fd1ef69bd9e50ec2d7d3add9b3964204",
30
+ "signatureBase64url": "C4rH72GtMJ3Isu5lday7_KbmKkN5qHJpZrwlphncmLMOUzekuy4izKWKyy_YPoIG_R72m9nlDsLX063Zs5ZCBA",
31
+ "authorizationHeader": "INK-Ed25519 C4rH72GtMJ3Isu5lday7_KbmKkN5qHJpZrwlphncmLMOUzekuy4izKWKyy_YPoIG_R72m9nlDsLX063Zs5ZCBA",
32
+ "signatureVerifies": true
33
+ }
34
+ },
35
+ {
36
+ "description": "Verification fails with wrong public key (Bob's key instead of Alice's)",
37
+ "input": {
38
+ "signatureHex": "0b8ac7ef61ad309dc8b2ee6575acbbfca6e62a4379a8726966bc25a619dc98b30e5337a4bb2e22cca58acb2fd83e8206fd1ef69bd9e50ec2d7d3add9b3964204",
39
+ "signatureBase": "ink/0.1\nPOST\n/ink/v1/intent\ndid:plc:bob456test\n{\"expiresAt\":\"2026-03-25T00:00:00Z\",\"from\":\"did:plc:alice123test\",\"intentType\":\"scheduling\",\"nonce\":\"dGVzdG5vbmNlMTIzNDU2Nzg\",\"protocol\":\"ink/0.1\",\"purpose\":\"Discuss partnership opportunity\",\"timestamp\":\"2026-03-18T12:00:00Z\",\"to\":\"did:plc:bob456test\",\"type\":\"network.tulpa.intent\",\"urgency\":\"normal\"}\n2026-03-18T12:00:00Z",
40
+ "verifierPublicKeyHex": "11dce4522822fffcb059f547b9e0b16bb8f47084fec275b46f813701273c014b"
41
+ },
42
+ "expected": {
43
+ "signatureVerifies": false
44
+ }
45
+ },
46
+ {
47
+ "description": "Verification fails with tampered path — cross-endpoint replay protection",
48
+ "input": {
49
+ "note": "Same signature verified against path /ink/v1/challenge instead of /ink/v1/intent",
50
+ "originalPath": "/ink/v1/intent",
51
+ "tamperedPath": "/ink/v1/challenge",
52
+ "signatureHex": "0b8ac7ef61ad309dc8b2ee6575acbbfca6e62a4379a8726966bc25a619dc98b30e5337a4bb2e22cca58acb2fd83e8206fd1ef69bd9e50ec2d7d3add9b3964204",
53
+ "verifierPublicKeyHex": "16d8c7758b7816f4540730fa5b01921bfa0c52459e435b8f970cd8ef3e548fba"
54
+ },
55
+ "expected": {
56
+ "signatureVerifies": false,
57
+ "note": "Signature was computed over /ink/v1/intent but verified against /ink/v1/challenge"
58
+ }
59
+ }
60
+ ]
61
+ }