@agent-trust/gateway 1.0.0

package/dist/types.d.ts

@@ -0,0 +1,183 @@
+import { Request } from 'express';
+export interface GatewayConfig {
+    /** URL of the Agent Trust Station (e.g., "https://station.example.com") */
+    stationUrl: string;
+    /** Unique identifier for this gateway (e.g., "my-ecommerce-site") */
+    gatewayId: string;
+    /** Developer API key for authenticating with the station */
+    stationApiKey: string;
+    /** Map of action names to their definitions */
+    actions: Record<string, ActionDefinition>;
+    /** How often to refresh the station's public key, in ms (default: 3600000 = 1 hour) */
+    publicKeyRefreshInterval?: number;
+    /** Behavioral tracking configuration (optional — enabled by default) */
+    behavior?: BehaviorConfig;
+}
+export interface BehaviorConfig {
+    /** Enable/disable behavioral tracking (default: true) */
+    enabled?: boolean;
+    /** Session timeout in ms — sessions expire after this idle time (default: 300000 = 5 min) */
+    sessionTimeout?: number;
+    /** Max actions per minute before flagging as rapid-fire (default: 30) */
+    maxActionsPerMinute?: number;
+    /** Max failed actions before flagging as probing (default: 5) */
+    maxFailuresBeforeFlag?: number;
+    /** Max unique action types per minute before flagging as enumeration (default: 10) */
+    maxUniqueActionsPerMinute?: number;
+    /** Max repeated identical actions per minute before flagging as automation (default: 10) */
+    maxRepeatedActionsPerMinute?: number;
+    /** Score penalty for each behavioral violation (0-100, default: 10) */
+    violationPenalty?: number;
+    /** Score threshold below which the agent is blocked mid-session (default: 20) */
+    blockThreshold?: number;
+    /** Callback when suspicious behavior is detected */
+    onSuspiciousActivity?: (event: BehaviorEvent) => void;
+}
+export interface ActionDefinition {
+    /** Human-readable description of what this action does */
+    description: string;
+    /** Minimum reputation score required to use this action (0-100) */
+    minScore: number;
+    /** Parameter schema for this action */
+    parameters: Record<string, ParameterDefinition>;
+    /** Handler function that executes the action */
+    handler: ActionHandler;
+}
+export interface ParameterDefinition {
+    /** Parameter type */
+    type: 'string' | 'number' | 'boolean' | 'object' | 'array';
+    /** Whether this parameter is required */
+    required: boolean;
+    /** Human-readable description */
+    description?: string;
+}
+/** The handler function receives validated params and agent context */
+export type ActionHandler = (params: Record<string, unknown>, agent: AgentContext) => Promise<unknown>;
+export interface AgentContext {
+    /** Internal agent UUID (from certificate "sub" claim) */
+    agentId: string;
+    /** Agent's external ID as registered by the developer */
+    externalId: string;
+    /** Developer ID who owns this agent */
+    developerId: string;
+    /** Agent's reputation score at time of certificate issuance */
+    score: number;
+    /** Whether the agent's identity has been verified */
+    identityVerified: boolean;
+}
+export interface ActionResult {
+    success: boolean;
+    data?: unknown;
+    error?: string;
+}
+export interface PublicActionInfo {
+    description: string;
+    minScore: number;
+    parameters: Record<string, ParameterDefinition>;
+}
+export interface DiscoveryPayload {
+    gatewayId: string;
+    actions: Record<string, PublicActionInfo>;
+    certificateIssuer: string;
+    version: string;
+}
+export interface CertificatePayload {
+    sub: string;
+    agentExternalId: string;
+    developerId: string;
+    score: number;
+    identityVerified: boolean;
+    status: string;
+    totalActions: number;
+    successRate: number | null;
+    iat: number;
+    exp: number;
+    iss: string;
+    jti: string;
+}
+export interface GatewayReportPayload {
+    agentId: string;
+    gatewayId: string;
+    actions: Array<{
+        actionType: string;
+        outcome: 'success' | 'failure';
+        metadata?: Record<string, unknown>;
+        performedAt: string;
+    }>;
+    certificateJti: string;
+}
+/** Express request with attached agent certificate and behavior data */
+export interface GatewayRequest extends Request {
+    agentCertificate?: CertificatePayload;
+    agentToken?: string;
+    /** Live behavioral score for this agent session */
+    behaviorScore?: number;
+    /** Behavioral flags detected in this session */
+    behaviorFlags?: BehaviorFlag[];
+}
+export type BehaviorFlag = 'rapid_fire' | 'high_failure_rate' | 'action_enumeration' | 'repeated_action' | 'scope_violation' | 'session_anomaly' | 'burst_detected';
+export interface BehaviorEvent {
+    /** The agent ID */
+    agentId: string;
+    /** The agent's external ID */
+    externalId: string;
+    /** Which flag was triggered */
+    flag: BehaviorFlag;
+    /** Human-readable description */
+    description: string;
+    /** The behavioral score at time of event */
+    behaviorScore: number;
+    /** Session stats at time of event */
+    sessionStats: SessionStats;
+    /** Timestamp */
+    timestamp: string;
+}
+export interface SessionStats {
+    /** Total actions in this session */
+    totalActions: number;
+    /** Successful actions */
+    successfulActions: number;
+    /** Failed actions */
+    failedActions: number;
+    /** Actions in the last 60 seconds */
+    actionsLastMinute: number;
+    /** Unique action types in the last 60 seconds */
+    uniqueActionsLastMinute: number;
+    /** How long the session has been active (ms) */
+    sessionDuration: number;
+    /** Number of scope violations (tried actions above their score) */
+    scopeViolations: number;
+    /** Number of behavioral flags triggered */
+    flagsTriggered: BehaviorFlag[];
+}
+export interface AgentSession {
+    /** The agent's internal ID (from certificate sub) */
+    agentId: string;
+    /** The agent's external ID */
+    externalId: string;
+    /** Session start time */
+    startedAt: number;
+    /** Last activity time */
+    lastActivityAt: number;
+    /** Current behavioral score (starts at 100, decreases with violations) */
+    behaviorScore: number;
+    /** All actions performed in this session */
+    actions: SessionAction[];
+    /** Flags that have been triggered */
+    flags: Set<BehaviorFlag>;
+    /** Whether the agent has been blocked mid-session */
+    blocked: boolean;
+}
+export interface SessionAction {
+    /** Action name */
+    actionName: string;
+    /** Action parameters (hashed for comparison) */
+    paramsHash: string;
+    /** Whether it succeeded */
+    success: boolean;
+    /** Whether it was a scope violation */
+    scopeViolation: boolean;
+    /** Timestamp */
+    timestamp: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAIlC,MAAM,WAAW,aAAa;IAC5B,2EAA2E;IAC3E,UAAU,EAAE,MAAM,CAAC;IAEnB,qEAAqE;IACrE,SAAS,EAAE,MAAM,CAAC;IAElB,4DAA4D;IAC5D,aAAa,EAAE,MAAM,CAAC;IAEtB,+CAA+C;IAC/C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAE1C,uFAAuF;IACvF,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAElC,wEAAwE;IACxE,QAAQ,CAAC,EAAE,cAAc,CAAC;CAC3B;AAID,MAAM,WAAW,cAAc;IAC7B,yDAAyD;IACzD,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,6FAA6F;IAC7F,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,yEAAyE;IACzE,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B,iEAAiE;IACjE,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B,sFAAsF;IACtF,yBAAyB,CAAC,EAAE,MAAM,CAAC;IAEnC,4FAA4F;IAC5F,2BAA2B,CAAC,EAAE,MAAM,CAAC;IAErC,uEAAuE;IACvE,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,iFAAiF;IACjF,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,oDAAoD;IACpD,oBAAoB,CAAC,EAAE,CAAC,KAAK,EAAE,aAAa,KAAK,IAAI,CAAC;CACvD;AAID,MAAM,WAAW,gBAAgB;IAC/B,0DAA0D;IAC1D,WAAW,EAAE,MAAM,CAAC;IAEpB,mEAAmE;IACnE,QAAQ,EAAE,MAAM,CAAC;IAEjB,uCAAuC;IACvC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;IAEhD,gDAAgD;IAChD,OAAO,EAAE,aAAa,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,qBAAqB;IACrB,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,SAAS,GAAG,QAAQ,GAAG,OAAO,CAAC;IAE3D,yCAAyC;IACzC,QAAQ,EAAE,OAAO,CAAC;IAElB,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,uEAAuE;AACvE,MAAM,MAAM,aAAa,GAAG,CAC1B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,KAAK,EAAE,YAAY,KAChB,OAAO,CAAC,OAAO,CAAC,CAAC;AAItB,MAAM,WAAW,YAAY;IAC3B,yDAAyD;IACzD,OAAO,EAAE,MAAM,CAAC;IAEhB,yDAAyD;IACzD,UAAU,EAAE,MAAM,CAAC;IAEnB,uCAAuC;IACvC,WAAW,EAAE,MAAM,CAAC;IAEpB,+DAA+D;IAC/D,KAAK,EAAE,MAAM,CAAC;IAEd,qDAAqD;IACrD,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAID,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;CACjD;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAC1C,iBAAiB,EAAE,MAAM,CAAC;IAC1B,OAAO,EAAE,MAAM,CAAC;CACjB;AAID,MAAM,WAAW,kBAAkB;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,eAAe,EAAE,MAAM,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,gBAAgB,EAAE,OAAO,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,KAAK,CAAC;QACb,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,SAAS,GAAG,SAAS,CAAC;QAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC,CAAC;IACH,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,wEAAwE;AACxE,MAAM,WAAW,cAAe,SAAQ,OAAO;IAC7C,gBAAgB,CAAC,EAAE,kBAAkB,CAAC;IACtC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mDAAmD;IACnD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gDAAgD;IAChD,aAAa,CAAC,EAAE,YAAY,EAAE,CAAC;CAChC;AAID,MAAM,MAAM,YAAY,GACpB,YAAY,GACZ,mBAAmB,GACnB,oBAAoB,GACpB,iBAAiB,GACjB,iBAAiB,GACjB,iBAAiB,GACjB,gBAAgB,CAAC;AAErB,MAAM,WAAW,aAAa;IAC5B,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,8BAA8B;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,+BAA+B;IAC/B,IAAI,EAAE,YAAY,CAAC;IACnB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,4CAA4C;IAC5C,aAAa,EAAE,MAAM,CAAC;IACtB,qCAAqC;IACrC,YAAY,EAAE,YAAY,CAAC;IAC3B,gBAAgB;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,oCAAoC;IACpC,YAAY,EAAE,MAAM,CAAC;IACrB,yBAAyB;IACzB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,qCAAqC;IACrC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iDAAiD;IACjD,uBAAuB,EAAE,MAAM,CAAC;IAChC,gDAAgD;IAChD,eAAe,EAAE,MAAM,CAAC;IACxB,mEAAmE;IACnE,eAAe,EAAE,MAAM,CAAC;IACxB,2CAA2C;IAC3C,cAAc,EAAE,YAAY,EAAE,CAAC;CAChC;AAED,MAAM,WAAW,YAAY;IAC3B,qDAAqD;IACrD,OAAO,EAAE,MAAM,CAAC;IAChB,8BAA8B;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,yBAAyB;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,yBAAyB;IACzB,cAAc,EAAE,MAAM,CAAC;IACvB,0EAA0E;IAC1E,aAAa,EAAE,MAAM,CAAC;IACtB,4CAA4C;IAC5C,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,qCAAqC;IACrC,KAAK,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC;IACzB,qDAAqD;IACrD,OAAO,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,kBAAkB;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,gDAAgD;IAChD,UAAU,EAAE,MAAM,CAAC;IACnB,2BAA2B;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,uCAAuC;IACvC,cAAc,EAAE,OAAO,CAAC;IACxB,gBAAgB;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB"}

package/dist/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "@agent-trust/gateway",
+  "version": "1.0.0",
+  "description": "Express middleware that lets trusted AI agents interact with your website. Verifies cryptographic certificates, checks reputation scores, and reports behavior.",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch"
+  },
+  "keywords": [
+    "ai",
+    "agent",
+    "gateway",
+    "trust",
+    "middleware",
+    "express",
+    "jwt",
+    "certificate",
+    "reputation",
+    "ai-agents",
+    "agenttrust"
+  ],
+  "author": "AgentTrust",
+  "license": "MIT",
+  "homepage": "https://github.com/mmsadek96/agentgateway/tree/main/packages/gateway#readme",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mmsadek96/agentgateway.git",
+    "directory": "packages/gateway"
+  },
+  "bugs": {
+    "url": "https://github.com/mmsadek96/agentgateway/issues"
+  },
+  "peerDependencies": {
+    "express": "^4.18.0"
+  },
+  "dependencies": {
+    "jsonwebtoken": "^9.0.2"
+  },
+  "devDependencies": {
+    "@types/express": "^4.17.21",
+    "@types/jsonwebtoken": "^9.0.6",
+    "typescript": "^5.3.3"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}