@aithos/sdk 0.1.0-alpha.35 → 0.1.0-alpha.37

package/dist/src/auth.js

@@ -1294,6 +1294,24 @@ export class AithosAuth {
                 }
                 const json = (await res.json());
                 if (json.error) {
+                    // Backward-compat shim for backends without the semantic-equality
+                    // fix on publish-identity (alpha.33+ regression): the server may
+                    // reject a republish with -32022 because the client regenerates
+                    // `aithos.created_at` (and `proof.created`) on every
+                    // `signedDidDocument()` call, breaking the strict byte-equal
+                    // idempotence the server enforces. For an honest signer (same
+                    // root key, same DID) the only way to hit this code path is the
+                    // timestamp-drift case — which is semantically a no-op. Treat as
+                    // success.
+                    //
+                    // Server-side fix (publish-identity.ts switched to semantic
+                    // equality on cryptographic fields only) makes this branch dead
+                    // code on upgraded backends. Kept here as defense-in-depth for
+                    // SDK consumers pointing at older deployments.
+                    if (json.error.code === -32022 &&
+                        /different did\.json already published/i.test(json.error.message)) {
+                        return; // already published with same crypto material — no-op
+                    }
                     // JSON-RPC error: don't retry — these are deterministic
                     // (validation, permission, identity-already-tombstoned, …).
                     throw new AithosSDKError("ethos_bootstrap_failed", `publish_identity rejected: ${json.error.message}`, {

package/dist/src/data.d.ts

@@ -24,6 +24,23 @@ export interface CreateDataClientArgs {
     readonly verificationMethod: string;
     /** Optional fetch implementation. Defaults to globalThis.fetch. */
     readonly fetch?: typeof fetch;
+    /**
+     * Optional list of app-defined schema definitions, in addition to
+     * the SDK-bundled core schemas (currently `aithos.contacts.v1`).
+     *
+     * Apps in the vendor namespace (`aithos.x.<vendor>.<name>.v<N>`) or
+     * non-`aithos.*` namespaces MUST supply their schemas here so the
+     * SDK can split records into indexable metadata vs encrypted payload.
+     *
+     * When the same schema id appears in both the bundled core registry
+     * and this list, the app-supplied definition wins (intentional —
+     * allows local overrides for testing, though immutability per spec
+     * §3.5 means a published schema id should never change shape).
+     *
+     * Schemas are scoped to the {@link DataClient} instance — they don't
+     * leak to other clients in the same process.
+     */
+    readonly schemas?: readonly AithosSchemaLite[];
 }
 export interface DataClient {
     /** Get / create a collection handle. */

package/dist/src/data.js

@@ -19,10 +19,17 @@
  * encrypted payload (server-blind), JSON-RPC dispatch.
  *
  * It does not (yet) handle: mandate-delegate authentication on the
- * caller side (the SDK only signs as owner in v0.1), schema
- * publication (only the bundled `aithos.contacts.v1` is recognized),
- * forward-secrecy CMK rotation primitives. Those land in later
- * Sub-jalons.
+ * caller side (the SDK only signs as owner in v0.1), full schema
+ * publication (no `registerSchema` RPC yet — that lands with A2b, cf.
+ * aithos-protocol/PLAN-A2b-schema-self-registration.md), forward-secrecy
+ * CMK rotation primitives. Those land in later Sub-jalons.
+ *
+ * Apps that need to use a vendor schema (`aithos.x.<vendor>.<name>.v<N>`,
+ * or any non-`aithos.*` namespace) pass their schema definitions to
+ * `createDataClient({ schemas: [...] })`. The PDS accepts these at face
+ * value (no server-side metadata validation pending A2b); the SDK uses
+ * the supplied schema definitions to split records into indexable
+ * metadata and encrypted payload.
  *
  * Spec ref: spec/data/01..10 of the aithos-protocol repo.
  */
@@ -59,6 +66,13 @@ class DataClientImpl {
     #seed;
     #vm;
     #fetch;
+    /**
+     * Per-client schema overrides, populated from `args.schemas` at
+     * construction. Looked up BEFORE the bundled SCHEMAS map (so an app
+     * can override a core schema locally if it really wants to, though
+     * the immutability rule of spec §3.5 strongly discourages this).
+     */
+    #localSchemas;
     // Per-collection CMK cache: cleared on reset()
     #cmkCache = new Map();
     #colCache = new Map();
@@ -68,6 +82,15 @@ class DataClientImpl {
         this.#seed = args.sphereSeed;
         this.#vm = args.verificationMethod;
         this.#fetch = args.fetch ?? globalThis.fetch.bind(globalThis);
+        this.#localSchemas = new Map((args.schemas ?? []).map((s) => [s.schema, s]));
+    }
+    /**
+     * Resolve a schema id to its lite definition. App-supplied schemas
+     * (via `createDataClient({ schemas })`) take precedence over the
+     * SDK-bundled core registry.
+     */
+    #resolveSchema(schemaId) {
+        return this.#localSchemas.get(schemaId) ?? SCHEMAS.get(schemaId) ?? null;
     }
     collection(name) {
         return new DataCollectionImpl(this, name);
@@ -168,9 +191,12 @@ class DataClientImpl {
             privateKey: ed25519SeedToX25519PrivateKey(this.#seed),
         });
         this.#cmkCache.set(name, cmk);
-        const schema = SCHEMAS.get(meta.schema);
+        const schema = this.#resolveSchema(meta.schema);
         if (!schema) {
-            throw new Error(`sdk.data: schema "${meta.schema}" not known to the SDK`);
+            throw new Error(`sdk.data: schema "${meta.schema}" not known to the SDK. ` +
+                `Pass it via createDataClient({ schemas: [...] }) if it's an ` +
+                `app-defined (vendor) schema, or upgrade the SDK if it's a core ` +
+                `schema added in a later release.`);
         }
         const state = { name, urn: meta.urn, schema };
         this.#colCache.set(name, state);

package/dist/test/signup-bootstrap.test.js

@@ -218,5 +218,94 @@ describe("AithosAuth.signUp — Ethos bootstrap", () => {
         assert.equal(publishCalls, 3);
         assert.equal(auth.canSignAsOwner(), false);
     });
+    /* ------------------------------------------------------------------------ */
+    /*  alpha.36 — defense-in-depth for legacy backends without semantic-equal  */
+    /* ------------------------------------------------------------------------ */
+    it("treats -32022 'different did.json already published' as a no-op success", async () => {
+        // This is the regression introduced in alpha.33: republishing the same
+        // identity returns -32022 because `signedDidDocument()` regenerates
+        // `aithos.created_at` on every call. For an honest signer, this is
+        // semantically a no-op — the Ethos is published, crypto material matches.
+        // The SDK swallows this specific case so chatty publish_identity callers
+        // (signInCustodial, verifyEmail) don't break on every subsequent sign-in.
+        const { fetch: f, calls } = makeMockFetch([
+            { url: "/auth/register", method: "POST", respond: fakeRegisterOk },
+            {
+                url: "/mcp/primitives/write",
+                method: "POST",
+                respond: () => ({
+                    json: {
+                        jsonrpc: "2.0",
+                        id: "publish_identity",
+                        error: {
+                            code: -32022,
+                            message: "different did.json already published for this DID",
+                            data: { existing_doc_url: "https://cdn.aithos.be/did.json" },
+                        },
+                    },
+                }),
+            },
+        ]);
+        const auth = makeAuth(f);
+        // Must succeed, not throw — the republish-conflict is masked.
+        await auth.signUp(validInput);
+        // Hydrate worked: owner is loaded.
+        assert.equal(auth.canSignAsOwner(), true);
+        // No retry on -32022 (deterministic) — exactly 1 publish call.
+        assert.equal(calls.filter((c) => c.url.includes("/mcp/primitives/write")).length, 1, "publish_identity must not retry on -32022");
+    });
+    it("still throws ethos_bootstrap_failed on -32022 with a DIFFERENT message", async () => {
+        // The shim is narrow: it ONLY swallows the specific
+        // "different did.json already published" message. Other -32022 cases
+        // (server might use the same code for different semantics) must still
+        // bubble up as ethos_bootstrap_failed.
+        const { fetch: f } = makeMockFetch([
+            { url: "/auth/register", method: "POST", respond: fakeRegisterOk },
+            {
+                url: "/mcp/primitives/write",
+                method: "POST",
+                respond: () => ({
+                    json: {
+                        jsonrpc: "2.0",
+                        id: "publish_identity",
+                        error: {
+                            code: -32022,
+                            message: "subject identity is tombstoned",
+                        },
+                    },
+                }),
+            },
+        ]);
+        const auth = makeAuth(f);
+        await assert.rejects(() => auth.signUp(validInput), (e) => e instanceof AithosSDKError &&
+            e.code === "ethos_bootstrap_failed" &&
+            /tombstoned/i.test(e.message));
+        assert.equal(auth.canSignAsOwner(), false);
+    });
+    it("still throws ethos_bootstrap_failed on the conflict message under a different code", async () => {
+        // Conversely, an error matching the message but with a code OTHER than
+        // -32022 is not swallowed — we anchor on both (code, message) to keep
+        // the shim narrow.
+        const { fetch: f } = makeMockFetch([
+            { url: "/auth/register", method: "POST", respond: fakeRegisterOk },
+            {
+                url: "/mcp/primitives/write",
+                method: "POST",
+                respond: () => ({
+                    json: {
+                        jsonrpc: "2.0",
+                        id: "publish_identity",
+                        error: {
+                            code: -32000,
+                            message: "different did.json already published for this DID",
+                        },
+                    },
+                }),
+            },
+        ]);
+        const auth = makeAuth(f);
+        await assert.rejects(() => auth.signUp(validInput), (e) => e instanceof AithosSDKError && e.code === "ethos_bootstrap_failed");
+        assert.equal(auth.canSignAsOwner(), false);
+    });
 });
 //# sourceMappingURL=signup-bootstrap.test.js.map

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aithos/sdk",
-  "version": "0.1.0-alpha.35",
-  "description": "Aithos SDK \u2014 high-level TypeScript developer kit for building agentic apps on the Aithos protocol. Wraps @aithos/protocol-client and exposes the Aithos compute proxy and wallet (Stripe top-up) endpoints.",
+  "version": "0.1.0-alpha.37",
+  "description": "Aithos SDK — high-level TypeScript developer kit for building agentic apps on the Aithos protocol. Wraps @aithos/protocol-client and exposes the Aithos compute proxy and wallet (Stripe top-up) endpoints.",
   "keywords": [
     "aithos",
     "sdk",