@aithos/sdk 0.1.0-alpha.4 → 0.1.0-alpha.41

package/dist/src/index.d.ts

@@ -1,18 +1,30 @@
-export declare const VERSION = "0.1.0-alpha.4";
+export declare const VERSION = "0.1.0-alpha.41";
 export { AithosSDK } from "./sdk.js";
 export type { AithosSDKConfig } from "./types.js";
 export { AithosSDKError } from "./types.js";
+export { AithosRpcError } from "@aithos/protocol-client";
 export type { AithosSdkEndpoints } from "./endpoints.js";
 export { DEFAULT_SDK_ENDPOINTS } from "./endpoints.js";
-export type { ComputeMessage, InvokeBedrockArgs, InvokeBedrockResult, StopReason, } from "./compute.js";
+export type { ComputeMessage, ImageAspectRatio, ImageModelId, InvokeBedrockArgs, InvokeBedrockResult, InvokeBedrockVisionArgs, InvokeBedrockVisionResult, InvokeImageArgs, InvokeImageImage, InvokeImageResult, InvokeSegmentationArgs, InvokeSegmentationResult, SegmentPolygon, StopReason, } from "./compute.js";
 export { ComputeNamespace } from "./compute.js";
 export type { CreditPackId, CreateTopupSessionArgs, CreateTopupSessionResult, GetBalanceArgs, GetBalanceResult, } from "./wallet.js";
 export { WalletNamespace } from "./wallet.js";
-export { AithosAuth, DEFAULT_AUTH_BASE_URL } from "./auth.js";
-export type { AithosAuthConfig, AithosSession, SignInInput, SignInWithGoogleOptions, SignUpInput, SignUpResult, } from "./auth.js";
+export type { ComponentStyle, ExtractArgs, ExtractContent, ExtractData, ExtractForm, ExtractFormField, ExtractHeading, ExtractIconDeclaration, ExtractImage, ExtractLink, ExtractLogo, ExtractMeta, ExtractResult, ExtractSection, ExtractStructure, ExtractStyles, FetchAssetArgs, FetchAssetResult, PaletteEntry, VisualSignature, WebNamespaceDeps, } from "./web.js";
+export { WebNamespace, WEB_EXTRACT_SCOPE } from "./web.js";
+export { AithosAuth, DEFAULT_API_BASE_URL, DEFAULT_AUTH_BASE_URL, } from "./auth.js";
+export type { AithosAuthConfig, AithosSession, ApplyPasswordResetInput, ApplyPasswordResetResult, CompleteSsoFirstLoginInput, CompleteSsoFirstLoginResult, CustodialSignInInput, CustodialSignInResult, CustodialSignUpInput, CustodialSignUpResult, DelegateInfo, ImportMandateInput, OwnerInfo, RequestPasswordResetInput, ResendVerificationInput, SignInInput, SignInWithGoogleOptions, SignInWithRecoveryInput, SignUpInput, SignUpResult, VerifyEmailInput, VerifyEmailResult, } from "./auth.js";
+export type { SignedEnvelope } from "./internal/envelope.js";
 export { DEFAULT_SESSION_STORAGE_KEY, defaultSessionStore, localStorageStore, noopStore, sessionStorageStore, type AithosSessionStore, } from "./session-store.js";
-export * as ethos from "./ethos.js";
+export { DEFAULT_KEYSTORE_DB_NAME, defaultKeyStore, indexedDbKeyStore, memoryKeyStore, type AithosKeyStore, type StoredDelegateKeys, type StoredOwnerKeys, } from "./key-store.js";
+export { EthosClient, EthosNamespace, EthosZone, ZONE_NAMES, } from "./ethos.js";
+export type { AddSectionInput, PublishResult, StagedChange, UpdateSectionPatch, ZoneName, } from "./ethos.js";
+export { COMPUTE_INVOKE_SCOPE, MandatesNamespace } from "./mandates.js";
+export type { ActorSphere, CreateMandateComputeInput, CreateMandateInput, MintedMandate, OwnedMandate, Scope, } from "./mandates.js";
+export { AppsNamespace } from "./apps.js";
+export type { AudienceSet, AppCreditPackId, CreateAppTopupSessionArgs, CreateAppTopupSessionResult, CreateSponsorshipMandateArgs, SignedSponsorshipMandate, SignedSponsorshipRevocation, SponsorshipAccountingAuthorityInput, SponsorshipAudienceInput, SponsorshipBudgetInput, } from "./apps.js";
 export * as onboarding from "./onboarding.js";
-export * as mandates from "./mandates.js";
 export { createBrowserIdentity, browserIdentityFromStored, type BrowserIdentity, } from "@aithos/protocol-client";
+export type { Section } from "@aithos/protocol-client";
+export { createDataClient, type CreateDataClientArgs, type DataClient, type DataCollection, type ListOpts, type AithosSchemaLite, } from "./data.js";
+export { createAssetsClient, AssetsClient, type CreateAssetsClientArgs, type AttachedContext, type AssetUploadInput, type AssetUploadResult, type AssetFetchResult, type AssetBrief, type ListAssetsOpts, type ThumbnailUploadInput, type ThumbnailUploadResult, type RecipientResolver, type RecipientSet, } from "./assets.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/src/index.js

@@ -17,28 +17,61 @@
 // Public types specific to the SDK (`AithosSDKConfig`, `AithosSDKError`)
 // are exported from here. Endpoint config (`AithosSdkEndpoints`,
 // `DEFAULT_SDK_ENDPOINTS`) likewise.
-export const VERSION = "0.1.0-alpha.4";
+export const VERSION = "0.1.0-alpha.41";
 export { AithosSDK } from "./sdk.js";
 export { AithosSDKError } from "./types.js";
+// Re-export protocol-client's JSON-RPC error type so consumers can
+// `instanceof`-check server-side errors and inspect the JSON-RPC code
+// without taking a direct dependency on @aithos/protocol-client.
+export { AithosRpcError } from "@aithos/protocol-client";
 export { DEFAULT_SDK_ENDPOINTS } from "./endpoints.js";
 export { ComputeNamespace } from "./compute.js";
 export { WalletNamespace } from "./wallet.js";
+export { WebNamespace, WEB_EXTRACT_SCOPE } from "./web.js";
 // Sign-up, sign-in, sign-in-with-Google. Lives outside the AithosSDK
 // class because the auth flow runs *before* the user has a
 // BrowserIdentity (sign-up creates one, sign-in restores it from the
 // server). The class also owns the session store — see
 // ./session-store.ts for pluggable persistence.
-export { AithosAuth, DEFAULT_AUTH_BASE_URL } from "./auth.js";
+export { AithosAuth, DEFAULT_API_BASE_URL, DEFAULT_AUTH_BASE_URL, } from "./auth.js";
 // Session storage backends used by AithosAuth. `sessionStorageStore` is
 // the default in browser environments ; pass another store at construction
 // time if you need different persistence.
 export { DEFAULT_SESSION_STORAGE_KEY, defaultSessionStore, localStorageStore, noopStore, sessionStorageStore, } from "./session-store.js";
-// Re-exports under stable namespace modules. Apps may also import these
-// directly via `@aithos/protocol-client`; the SDK simply curates them.
-export * as ethos from "./ethos.js";
+// Key persistence (owner identity material + delegate bundles). Pluggable
+// like {@link AithosSessionStore}: `indexedDbKeyStore` is the browser
+// default, `memoryKeyStore` is a no-persist fallback used in tests / SSR.
+// Stored shapes ({@link StoredOwnerKeys}, {@link StoredDelegateKeys}) are
+// opaque from the consumer's point of view — round-trip them, don't peek
+// inside.
+export { DEFAULT_KEYSTORE_DB_NAME, defaultKeyStore, indexedDbKeyStore, memoryKeyStore, } from "./key-store.js";
+// `sdk.ethos` namespace — high-level ethos editing (load, mutate
+// staged, publish lazy). The class is constructed once by the
+// AithosSDK constructor; `sdk.ethos.me()` / `sdk.ethos.of(did)` are
+// the entry points.
+export { EthosClient, EthosNamespace, EthosZone, ZONE_NAMES, } from "./ethos.js";
+// `sdk.mandates` namespace — owner-side mandate lifecycle.
+export { COMPUTE_INVOKE_SCOPE, MandatesNamespace } from "./mandates.js";
+// `sdk.apps` namespace — sponsorship mandates + app-credit top-ups
+// (draft §13, V0.1). Pre-pay a pool that funds your users' compute
+// calls within explicit caps. Per-user caps + per-day caps + lifetime
+// pool cap enforced server-side. Fallback to user wallet when caps
+// are reached or pool is empty.
+export { AppsNamespace } from "./apps.js";
+// Onboarding re-exports kept for advanced callers — the curated API
+// for first-run flows is `auth.signUp` (already shipped in J3).
 export * as onboarding from "./onboarding.js";
-export * as mandates from "./mandates.js";
 // Convenience direct re-exports of the most-used identity primitives so the
 // quick-start example doesn't need a namespace import.
 export { createBrowserIdentity, browserIdentityFromStored, } from "@aithos/protocol-client";
+// `sdk.data` namespace — Aithos data sub-protocol PDS client. Manages
+// the lifecycle of subject-owned, encrypted, schema-validated records.
+// See spec/data/ in the aithos-protocol repo.
+export { createDataClient, } from "./data.js";
+// `sdk.assets` — Aithos assets sub-protocol PDS client. Upload,
+// fetch, list, ref/unref binary content (images, PDFs, audio, video)
+// owned by a subject. AEAD-encrypted per-asset under AMKs wrapped for
+// the subject's X25519 sphere keys (and, in v0.2, mandate grantees).
+// See spec/assets/ in the aithos-protocol repo.
+export { createAssetsClient, AssetsClient, } from "./assets.js";
 //# sourceMappingURL=index.js.map

package/dist/src/internal/delegate-bundle.d.ts

@@ -0,0 +1,18 @@
+export interface ParsedDelegateBundle {
+    readonly mandate: Record<string, unknown>;
+    readonly mandateId: string;
+    readonly subjectDid: string;
+    readonly granteeId: string;
+    readonly granteePubkeyMultibase: string;
+    readonly delegateSeedHex: string;
+}
+/**
+ * Read the bundle (Blob or already-decoded string) into UTF-8 text.
+ */
+export declare function readDelegateBundleText(file: Blob | string): Promise<string>;
+/**
+ * Parse a delegate-bundle JSON string. Throws {@link AithosSDKError}
+ * with `code === "auth_invalid_delegate_bundle"` if malformed.
+ */
+export declare function parseDelegateBundle(text: string): ParsedDelegateBundle;
+//# sourceMappingURL=delegate-bundle.d.ts.map

package/dist/src/internal/delegate-bundle.js

@@ -0,0 +1,94 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// Delegate-bundle format — parser for `.aithos-delegate.json` files
+// shipped by `mandate-mint`. The file is the only material a delegate
+// receives from an owner: the full SignedMandate + a fresh Ed25519
+// seed bound to that mandate via `mandate.grantee.pubkey`.
+//
+// Wire shape:
+//
+//     {
+//       aithos_delegate_version: "0.1.0",
+//       mandate: { id, scopes, grantee: { id, pubkey }, ... },
+//       delegate_seed_hex: "<64 lowercase hex chars>"
+//     }
+//
+// Anything else is rejected with `auth_invalid_delegate_bundle`.
+import { AithosSDKError } from "../types.js";
+const HEX_64 = /^[0-9a-f]{64}$/;
+/**
+ * Read the bundle (Blob or already-decoded string) into UTF-8 text.
+ */
+export async function readDelegateBundleText(file) {
+    if (typeof file === "string")
+        return file;
+    return file.text();
+}
+/**
+ * Parse a delegate-bundle JSON string. Throws {@link AithosSDKError}
+ * with `code === "auth_invalid_delegate_bundle"` if malformed.
+ */
+export function parseDelegateBundle(text) {
+    let obj;
+    try {
+        obj = JSON.parse(text);
+    }
+    catch {
+        throw bad("not valid JSON");
+    }
+    if (typeof obj !== "object" || obj === null) {
+        throw bad("not a JSON object");
+    }
+    const o = obj;
+    const ver = o["aithos_delegate_version"];
+    if (typeof ver !== "string" || !ver.startsWith("0.1.0")) {
+        throw bad(`unsupported aithos_delegate_version: ${String(ver)}`);
+    }
+    const mandate = o["mandate"];
+    if (typeof mandate !== "object" || mandate === null) {
+        throw bad("missing mandate");
+    }
+    const m = mandate;
+    const mandateId = m["id"];
+    // The mandate subject's DID is carried by `issuer` in the wire format
+    // emitted by `mintDelegateBundle()` (cf. SignedMandate.issuer in
+    // protocol-client). We accept the legacy `subject_did` / camelCase
+    // variants too so older test fixtures and any externally-minted
+    // bundles using the older shape keep working.
+    const subjectDid = m["issuer"] ?? m["subject_did"] ?? m["subjectDid"];
+    const grantee = m["grantee"];
+    if (typeof mandateId !== "string" || !mandateId) {
+        throw bad("mandate.id missing");
+    }
+    if (typeof subjectDid !== "string" || !subjectDid.startsWith("did:")) {
+        throw bad("mandate.issuer missing or malformed (expected a `did:` URL)");
+    }
+    if (typeof grantee !== "object" || grantee === null) {
+        throw bad("mandate.grantee missing");
+    }
+    const g = grantee;
+    const granteeId = g["id"];
+    const pubkey = g["pubkey"];
+    if (typeof granteeId !== "string" || !granteeId) {
+        throw bad("mandate.grantee.id missing");
+    }
+    if (typeof pubkey !== "string" || !pubkey.startsWith("z")) {
+        throw bad("mandate.grantee.pubkey missing or not multibase");
+    }
+    const seed = o["delegate_seed_hex"];
+    if (typeof seed !== "string" || !HEX_64.test(seed)) {
+        throw bad("delegate_seed_hex: expected 64-char lowercase hex");
+    }
+    return {
+        mandate: mandate,
+        mandateId,
+        subjectDid,
+        granteeId,
+        granteePubkeyMultibase: pubkey,
+        delegateSeedHex: seed,
+    };
+}
+function bad(detail) {
+    return new AithosSDKError("auth_invalid_delegate_bundle", `delegate bundle is invalid: ${detail}`);
+}
+//# sourceMappingURL=delegate-bundle.js.map

package/dist/src/internal/delegate-state.d.ts

@@ -0,0 +1,45 @@
+import type { StoredDelegateKeys } from "../key-store.js";
+import { type Signer } from "./signer.js";
+/**
+ * One active delegate session. Lives in {@link DelegateRegistry}'s
+ * map keyed by `mandateId`.
+ */
+export declare class DelegateActor {
+    #private;
+    readonly subjectDid: string;
+    readonly mandateId: string;
+    readonly granteeId: string;
+    readonly granteePubkeyMultibase: string;
+    /** Full §4.2 SignedMandate, opaque JSON object. */
+    readonly mandate: Record<string, unknown>;
+    readonly signer: Signer;
+    constructor(args: {
+        subjectDid: string;
+        mandateId: string;
+        granteeId: string;
+        granteePubkeyMultibase: string;
+        mandate: Record<string, unknown>;
+        signer: Signer;
+    });
+    /** Build from the persisted KeyStore shape. */
+    static fromStored(stored: StoredDelegateKeys): DelegateActor;
+    destroy(): void;
+    get destroyed(): boolean;
+}
+/**
+ * Map of active delegate sessions, keyed by `mandateId`. Provides
+ * lookup helpers used by the auth namespace and (later) by `sdk.ethos`.
+ */
+export declare class DelegateRegistry {
+    #private;
+    add(actor: DelegateActor): void;
+    remove(mandateId: string): void;
+    get(mandateId: string): DelegateActor | undefined;
+    /** Find any active actor whose subject matches `did`. */
+    findForSubject(did: string): DelegateActor | undefined;
+    list(): readonly DelegateActor[];
+    size(): number;
+    /** Zeroize every actor's signer and clear the registry. */
+    destroy(): void;
+}
+//# sourceMappingURL=delegate-state.d.ts.map

package/dist/src/internal/delegate-state.js

@@ -0,0 +1,120 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// In-memory delegate registry — the runtime sibling of
+// {@link AithosKeyStore}'s delegate slot.
+//
+// A delegate session is a mandate + a single Ed25519 seed bound to
+// that mandate via `mandate.grantee.pubkey`. The SDK keeps these
+// active sessions hot in memory so signing operations don't need
+// IndexedDB on every call.
+//
+// {@link DelegateActor} bundles the in-memory signer with the public
+// metadata needed to drive an envelope (subject DID, grantee URN,
+// grantee pubkey multibase, mandate id). The full mandate JSON is
+// kept too because envelope signing for delegate writes must attach
+// the §4.2 mandate.
+import { getPublicKey } from "@noble/ed25519";
+import { RawSeedSigner } from "./signer.js";
+/**
+ * One active delegate session. Lives in {@link DelegateRegistry}'s
+ * map keyed by `mandateId`.
+ */
+export class DelegateActor {
+    subjectDid;
+    mandateId;
+    granteeId;
+    granteePubkeyMultibase;
+    /** Full §4.2 SignedMandate, opaque JSON object. */
+    mandate;
+    signer;
+    #destroyed = false;
+    constructor(args) {
+        this.subjectDid = args.subjectDid;
+        this.mandateId = args.mandateId;
+        this.granteeId = args.granteeId;
+        this.granteePubkeyMultibase = args.granteePubkeyMultibase;
+        this.mandate = args.mandate;
+        this.signer = args.signer;
+    }
+    /** Build from the persisted KeyStore shape. */
+    static fromStored(stored) {
+        const seed = hexToBytes(stored.delegateSeedHex);
+        try {
+            const pubkey = getPublicKey(seed);
+            const signer = new RawSeedSigner(seed, pubkey);
+            return new DelegateActor({
+                subjectDid: stored.subjectDid,
+                mandateId: stored.mandateId,
+                granteeId: stored.granteeId,
+                granteePubkeyMultibase: stored.granteePubkeyMultibase,
+                mandate: stored.mandate,
+                signer,
+            });
+        }
+        finally {
+            seed.fill(0);
+        }
+    }
+    destroy() {
+        if (this.#destroyed)
+            return;
+        this.signer.destroy();
+        this.#destroyed = true;
+    }
+    get destroyed() {
+        return this.#destroyed;
+    }
+}
+/**
+ * Map of active delegate sessions, keyed by `mandateId`. Provides
+ * lookup helpers used by the auth namespace and (later) by `sdk.ethos`.
+ */
+export class DelegateRegistry {
+    #actors = new Map();
+    add(actor) {
+        // Replace any existing entry for the same mandate (re-import).
+        const existing = this.#actors.get(actor.mandateId);
+        if (existing)
+            existing.destroy();
+        this.#actors.set(actor.mandateId, actor);
+    }
+    remove(mandateId) {
+        const a = this.#actors.get(mandateId);
+        if (a)
+            a.destroy();
+        this.#actors.delete(mandateId);
+    }
+    get(mandateId) {
+        return this.#actors.get(mandateId);
+    }
+    /** Find any active actor whose subject matches `did`. */
+    findForSubject(did) {
+        for (const a of this.#actors.values()) {
+            if (a.subjectDid === did)
+                return a;
+        }
+        return undefined;
+    }
+    list() {
+        return [...this.#actors.values()];
+    }
+    size() {
+        return this.#actors.size;
+    }
+    /** Zeroize every actor's signer and clear the registry. */
+    destroy() {
+        for (const a of this.#actors.values())
+            a.destroy();
+        this.#actors.clear();
+    }
+}
+function hexToBytes(hex) {
+    if (hex.length % 2 !== 0)
+        throw new Error("hex must be even-length");
+    const out = new Uint8Array(hex.length / 2);
+    for (let i = 0; i < out.length; i++) {
+        out[i] = parseInt(hex.slice(i * 2, i * 2 + 2), 16);
+    }
+    return out;
+}
+//# sourceMappingURL=delegate-state.js.map

package/dist/src/internal/envelope.d.ts

@@ -0,0 +1,77 @@
+/**
+ * Minimal signing surface required to produce an envelope's
+ * `proof.proofValue`. Intentionally narrower than {@link Signer} so
+ * callers that don't want to construct a full `RawSeedSigner` can pass
+ * a one-shot inline adapter. Every {@link Signer} satisfies this
+ * interface structurally.
+ */
+export interface EnvelopeSigner {
+    sign(message: Uint8Array): Promise<Uint8Array>;
+}
+/**
+ * The wire-format envelope per spec §11.2. Apps that POST this to a
+ * backend serialize the whole object as JSON (alongside the rest of
+ * `params`) under `params._envelope`.
+ */
+export interface SignedEnvelope {
+    readonly "aithos-envelope": "0.1.0";
+    readonly iss: string;
+    readonly aud: string;
+    readonly method: string;
+    readonly iat: number;
+    readonly exp: number;
+    readonly nonce: string;
+    readonly params_hash: string;
+    readonly proof: {
+        readonly type: "Ed25519Signature2020";
+        readonly verificationMethod: string;
+        readonly created: string;
+        readonly proofValue: string;
+    };
+}
+export interface SignOwnerEnvelopeArgs {
+    /** Subject DID — issuer of the envelope (`iss` field). */
+    readonly iss: string;
+    /**
+     * Absolute URL of the target endpoint (scheme + host + path, no query,
+     * no fragment). The server verifier rejects envelopes where `aud`
+     * does not match the actual endpoint being called.
+     */
+    readonly aud: string;
+    /** Fully-qualified JSON-RPC method name. */
+    readonly method: string;
+    /** Tool payload — what `params_hash` commits to. */
+    readonly params: unknown;
+    /**
+     * Anything that can produce an Ed25519 signature over a byte
+     * sequence. In practice: one of the four owner sphere signers
+     * loaded post sign-in, or an inline adapter wrapping a raw seed.
+     */
+    readonly signer: EnvelopeSigner;
+    /**
+     * Verification method URL — typically `${did}#${sphere}`. The server
+     * resolves this against the issuer's DID document to find the
+     * matching public key.
+     */
+    readonly verificationMethod: string;
+    /** Envelope lifetime in seconds. Default 60. Server caps at 300. */
+    readonly ttlSeconds?: number;
+    /** Clock override for deterministic tests. Defaults to `new Date()`. */
+    readonly now?: Date;
+    /** Nonce override for deterministic tests. Defaults to a fresh ULID. */
+    readonly nonce?: string;
+}
+/**
+ * Build, canonicalize and sign an owner-path envelope per spec §11.2.
+ *
+ * The unsigned envelope is JCS-canonicalized (RFC 8785 subset), the
+ * bytes signed with Ed25519, and the resulting signature attached as
+ * `proof.proofValue` (base64url).
+ *
+ * Async return type — even though `Signer.sign` may resolve
+ * synchronously today (via `RawSeedSigner`), the interface is shaped
+ * async so that future implementations backed by `crypto.subtle.sign`
+ * (non-extractable keys) drop in without breaking callers.
+ */
+export declare function signOwnerEnvelope(args: SignOwnerEnvelopeArgs): Promise<SignedEnvelope>;
+//# sourceMappingURL=envelope.d.ts.map

package/dist/src/internal/envelope.js

@@ -0,0 +1,154 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+/**
+ * Aithos signed-envelope helper — SDK-internal.
+ *
+ * Implements the `aithos-envelope` v0.1.0 wire format from spec §11.2.
+ * Used by SDK namespaces (sdk.data, sdk.ethos, sdk.mandates, ...) to
+ * sign their writes to api.aithos.be, AND by the public method
+ * {@link AithosAuth.signEnvelope} so apps can sign envelopes for
+ * arbitrary third-party Aithos-aware backends with the same primitive.
+ *
+ * NOT exported from the package barrel. The corresponding `SignedEnvelope`
+ * type IS re-exported from `src/index.ts` for consumer typing.
+ *
+ * Reference algorithm: `@aithos/protocol-core/envelope.ts:signEnvelope`.
+ * This file duplicates a self-contained subset of the helpers (JCS,
+ * SHA-256, base64url, ULID, CSPRNG) to keep the SDK's signing path
+ * decoupled from internal changes elsewhere in the SDK. The duplication
+ * with `src/data.ts` is intentional and tracked; consolidation into a
+ * shared `src/internal/canonical.ts` is planned for a follow-up release.
+ */
+import { sha256 } from "@noble/hashes/sha2.js";
+/**
+ * Build, canonicalize and sign an owner-path envelope per spec §11.2.
+ *
+ * The unsigned envelope is JCS-canonicalized (RFC 8785 subset), the
+ * bytes signed with Ed25519, and the resulting signature attached as
+ * `proof.proofValue` (base64url).
+ *
+ * Async return type — even though `Signer.sign` may resolve
+ * synchronously today (via `RawSeedSigner`), the interface is shaped
+ * async so that future implementations backed by `crypto.subtle.sign`
+ * (non-extractable keys) drop in without breaking callers.
+ */
+export async function signOwnerEnvelope(args) {
+    const nowMs = (args.now ?? new Date()).getTime();
+    const iat = Math.floor(nowMs / 1000);
+    const exp = iat + (args.ttlSeconds ?? 60);
+    const nonce = args.nonce ?? makeUlid();
+    const paramsHash = "sha256-" + sha256Hex(jcsCanonicalize(args.params));
+    const unsigned = {
+        "aithos-envelope": "0.1.0",
+        iss: args.iss,
+        aud: args.aud,
+        method: args.method,
+        iat,
+        exp,
+        nonce,
+        params_hash: paramsHash,
+        proof: {
+            type: "Ed25519Signature2020",
+            verificationMethod: args.verificationMethod,
+            created: new Date(iat * 1000).toISOString(),
+            proofValue: "",
+        },
+    };
+    const bytes = new TextEncoder().encode(jcsCanonicalize(unsigned));
+    const sig = await args.signer.sign(bytes);
+    return {
+        ...unsigned,
+        proof: { ...unsigned.proof, proofValue: base64url(sig) },
+    };
+}
+/* -------------------------------------------------------------------------- */
+/*  Self-contained helpers (duplicated with src/data.ts for isolation)        */
+/* -------------------------------------------------------------------------- */
+/** Cross-platform CSPRNG: Web Crypto in browser, Node WebCrypto in Node 19+. */
+function cryptoRandom(n) {
+    const buf = new Uint8Array(n);
+    globalThis.crypto?.getRandomValues(buf);
+    return buf;
+}
+function makeUlid() {
+    // Lightweight ULID — millisecond timestamp + 80 bits of randomness.
+    // Crockford base32. For tests this is sufficient; production uses
+    // the canonical ulid package.
+    const tsBuf = new Uint8Array(6);
+    let ts = Date.now();
+    for (let i = 5; i >= 0; i--) {
+        tsBuf[i] = ts & 0xff;
+        ts = Math.floor(ts / 256);
+    }
+    const rndBuf = cryptoRandom(10);
+    const all = new Uint8Array(16);
+    all.set(tsBuf, 0);
+    all.set(rndBuf, 6);
+    const alphabet = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
+    let bits = 0;
+    let value = 0;
+    let out = "";
+    for (const b of all) {
+        value = (value << 8) | b;
+        bits += 8;
+        while (bits >= 5) {
+            out += alphabet[(value >> (bits - 5)) & 0x1f];
+            bits -= 5;
+        }
+    }
+    if (bits > 0)
+        out += alphabet[(value << (5 - bits)) & 0x1f];
+    return out.slice(0, 26);
+}
+/** Standard base64 (with `=` padding). Browser + Node compatible. */
+function base64Std(bytes) {
+    let bin = "";
+    for (let i = 0; i < bytes.length; i++)
+        bin += String.fromCharCode(bytes[i]);
+    return btoa(bin);
+}
+/** base64url (URL-safe, no padding). */
+function base64url(bytes) {
+    return base64Std(bytes).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function sha256Hex(s) {
+    const d = sha256(new TextEncoder().encode(s));
+    let hex = "";
+    for (const b of d)
+        hex += b.toString(16).padStart(2, "0");
+    return hex;
+}
+/**
+ * JCS-style canonicalization (RFC 8785 subset).
+ *
+ * Sorted object keys, no whitespace, finite numbers via `toString()`,
+ * strings via `JSON.stringify` (escapes), arrays preserve order.
+ * `undefined` is rejected (RFC 8785 §3.2.2).
+ */
+function jcsCanonicalize(value) {
+    if (value === null)
+        return "null";
+    if (value === undefined)
+        throw new Error("Cannot canonicalize undefined");
+    if (typeof value === "boolean")
+        return value ? "true" : "false";
+    if (typeof value === "number") {
+        if (!Number.isFinite(value))
+            throw new Error("non-finite number");
+        return value.toString();
+    }
+    if (typeof value === "string")
+        return JSON.stringify(value);
+    if (Array.isArray(value)) {
+        return "[" + value.map(jcsCanonicalize).join(",") + "]";
+    }
+    if (typeof value === "object") {
+        const obj = value;
+        const keys = Object.keys(obj).sort();
+        return ("{" +
+            keys.map((k) => JSON.stringify(k) + ":" + jcsCanonicalize(obj[k])).join(",") +
+            "}");
+    }
+    throw new Error(`Cannot canonicalize ${typeof value}`);
+}
+//# sourceMappingURL=envelope.js.map