@aithos/sdk 0.1.0-alpha.4 → 0.1.0-alpha.6

package/dist/test/ethos.test.js

@@ -0,0 +1,219 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// Tests for J4 — sdk.ethos namespace: actor resolution, staging
+// semantics, anonymous-mode guard rails. Tests requiring real
+// protocol-client network calls (sections() / publish()) are not
+// covered here — they ride on an integration suite against a real
+// backend.
+import { strict as assert } from "node:assert";
+import { describe, it } from "node:test";
+import { createBrowserIdentity } from "@aithos/protocol-client";
+import { AithosAuth, AithosSDKError, EthosNamespace, ZONE_NAMES, memoryKeyStore, noopStore, } from "../src/index.js";
+import { serializeRecoveryFile } from "../src/internal/recovery-file.js";
+import { DEFAULT_SDK_ENDPOINTS } from "../src/endpoints.js";
+/* -------------------------------------------------------------------------- */
+/*  Fixtures                                                                  */
+/* -------------------------------------------------------------------------- */
+function makeAuth(opts = {}) {
+    return new AithosAuth({
+        authBaseUrl: "https://auth.test",
+        fetch: (() => {
+            throw new Error("network not expected in unit tests");
+        }),
+        sessionStore: opts.sessionStore ?? noopStore(),
+        keyStore: opts.keyStore ?? memoryKeyStore(),
+    });
+}
+function makeNamespace(auth) {
+    return new EthosNamespace({
+        auth,
+        endpoints: DEFAULT_SDK_ENDPOINTS,
+        fetch: globalThis.fetch.bind(globalThis),
+    });
+}
+async function signInAsAlice(auth) {
+    const id = createBrowserIdentity("alice", "Alice");
+    const { text } = serializeRecoveryFile(id);
+    const info = await auth.signInWithRecovery({ file: text });
+    return { did: info.did, handle: info.handle };
+}
+function delegateBundleText(args) {
+    return JSON.stringify({
+        aithos_delegate_version: "0.1.0",
+        mandate: {
+            id: args.mandateId,
+            subject_did: args.subjectDid,
+            grantee: {
+                id: args.granteeId,
+                pubkey: "z6MkqGenericPubKey",
+            },
+            scopes: args.scopes ?? ["ethos.read.public", "ethos.write.public"],
+        },
+        delegate_seed_hex: "11".repeat(32),
+    });
+}
+/* -------------------------------------------------------------------------- */
+/*  EthosNamespace — actor resolution                                         */
+/* -------------------------------------------------------------------------- */
+describe("EthosNamespace.me()", () => {
+    it("returns an owner-mode EthosClient when signed in", async () => {
+        const auth = makeAuth();
+        const alice = await signInAsAlice(auth);
+        const ns = makeNamespace(auth);
+        const me = ns.me();
+        assert.equal(me.mode, "owner");
+        assert.equal(me.subjectDid, alice.did);
+        // Three zones, all return Zone proxies.
+        for (const z of ZONE_NAMES) {
+            const zone = me.zone(z);
+            assert.equal(zone.name, z);
+        }
+    });
+    it("throws ethos_no_owner when no owner is signed in", () => {
+        const auth = makeAuth();
+        const ns = makeNamespace(auth);
+        assert.throws(() => ns.me(), (e) => e instanceof AithosSDKError && e.code === "ethos_no_owner");
+    });
+});
+describe("EthosNamespace.of(did)", () => {
+    it("returns owner-mode for the user's own DID", async () => {
+        const auth = makeAuth();
+        const alice = await signInAsAlice(auth);
+        const ns = makeNamespace(auth);
+        const me = await ns.of(alice.did);
+        assert.equal(me.mode, "owner");
+    });
+    it("returns delegate-mode when a mandate covers the subject", async () => {
+        const auth = makeAuth();
+        await auth.importMandate({
+            bundle: delegateBundleText({
+                mandateId: "mandate:A",
+                subjectDid: "did:aithos:zCarol",
+                granteeId: "urn:aithos:agent:bob1",
+            }),
+        });
+        const ns = makeNamespace(auth);
+        const carol = await ns.of("did:aithos:zCarol");
+        assert.equal(carol.mode, "delegate");
+        assert.equal(carol.subjectDid, "did:aithos:zCarol");
+    });
+    it("returns anonymous-mode when no actor matches", async () => {
+        const auth = makeAuth();
+        const ns = makeNamespace(auth);
+        const stranger = await ns.of("did:aithos:zStranger");
+        assert.equal(stranger.mode, "anonymous");
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Mutation staging (no network)                                             */
+/* -------------------------------------------------------------------------- */
+describe("EthosClient mutation staging", () => {
+    it("addSection / updateSection / deleteSection accumulate", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const ns = makeNamespace(auth);
+        const me = ns.me();
+        assert.equal(me.hasPendingChanges(), false);
+        me.zone("public").addSection({ title: "Hello", body: "world" });
+        me.zone("public").addSection({ title: "Two", body: "sections" });
+        me.zone("circle").deleteSection("sec_old");
+        me.zone("self").updateSection("sec_x", { body: "new" });
+        assert.equal(me.hasPendingChanges(), true);
+        const pending = me.pendingChanges();
+        assert.equal(pending.length, 4);
+        const kinds = pending.map((c) => `${c.zone}:${c.kind}`);
+        assert.deepEqual(kinds, [
+            "public:add",
+            "public:add",
+            "circle:delete",
+            "self:update",
+        ]);
+    });
+    it("each addSection generates a fresh sec_-prefixed id", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const ns = makeNamespace(auth);
+        const me = ns.me();
+        me.zone("public").addSection({ title: "a", body: "1" });
+        me.zone("public").addSection({ title: "b", body: "2" });
+        const ids = me
+            .pendingChanges()
+            .filter((c) => c.kind === "add")
+            .map((c) => c.section.id);
+        assert.equal(ids.length, 2);
+        for (const id of ids) {
+            assert.match(id, /^sec_[0-9a-f]{12}$/);
+        }
+        assert.notEqual(ids[0], ids[1]);
+    });
+    it("discard() clears pending changes", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const ns = makeNamespace(auth);
+        const me = ns.me();
+        me.zone("public").addSection({ title: "h", body: "w" });
+        assert.equal(me.hasPendingChanges(), true);
+        me.discard();
+        assert.equal(me.hasPendingChanges(), false);
+        assert.equal(me.pendingChanges().length, 0);
+    });
+    it("publish() rejects when nothing is staged", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const ns = makeNamespace(auth);
+        const me = ns.me();
+        await assert.rejects(() => me.publish(), (e) => e instanceof AithosSDKError && e.code === "ethos_nothing_to_publish");
+    });
+    it("zone(invalid) throws", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const ns = makeNamespace(auth);
+        const me = ns.me();
+        assert.throws(() => me.zone("nope"), AithosSDKError);
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Anonymous mode guard rails                                                */
+/* -------------------------------------------------------------------------- */
+describe("EthosClient anonymous mode", () => {
+    it("rejects every write op", async () => {
+        const auth = makeAuth();
+        const ns = makeNamespace(auth);
+        const stranger = await ns.of("did:aithos:zStranger");
+        assert.equal(stranger.mode, "anonymous");
+        assert.throws(() => stranger
+            .zone("public")
+            .addSection({ title: "x", body: "y" }), AithosSDKError);
+        assert.throws(() => stranger.zone("public").updateSection("sec_x", { body: "y" }), AithosSDKError);
+        assert.throws(() => stranger.zone("public").deleteSection("sec_x"), AithosSDKError);
+    });
+    it("rejects publish()", async () => {
+        const auth = makeAuth();
+        const ns = makeNamespace(auth);
+        const stranger = await ns.of("did:aithos:zStranger");
+        await assert.rejects(() => stranger.publish(), (e) => e instanceof AithosSDKError && e.code === "ethos_anonymous_cannot_publish");
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Delegate mode scope checks                                                */
+/* -------------------------------------------------------------------------- */
+describe("EthosClient delegate mode", () => {
+    it("publish rejects writes outside the mandate scopes", async () => {
+        const auth = makeAuth();
+        // Mandate only grants ethos.read.public — no write scope at all.
+        await auth.importMandate({
+            bundle: delegateBundleText({
+                mandateId: "mandate:RO",
+                subjectDid: "did:aithos:zCarol",
+                granteeId: "urn:x",
+                scopes: ["ethos.read.public"],
+            }),
+        });
+        const ns = makeNamespace(auth);
+        const carol = await ns.of("did:aithos:zCarol");
+        carol.zone("public").addSection({ title: "x", body: "y" });
+        await assert.rejects(() => carol.publish(), (e) => e instanceof AithosSDKError &&
+            e.code === "ethos_delegate_scope_missing");
+    });
+});
+//# sourceMappingURL=ethos.test.js.map

package/dist/test/key-store.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=key-store.test.d.ts.map

package/dist/test/key-store.test.js

@@ -0,0 +1,161 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// Unit tests for AithosKeyStore — both built-in implementations.
+//
+// memoryKeyStore is exercised directly. indexedDbKeyStore is driven by
+// `fake-indexeddb` (a W3C-compatible in-memory IDBFactory), with a
+// fresh factory + DB name per test so cases don't bleed into each
+// other.
+import { strict as assert } from "node:assert";
+import { describe, it } from "node:test";
+import { IDBFactory } from "fake-indexeddb";
+import { indexedDbKeyStore, memoryKeyStore, } from "../src/key-store.js";
+/* -------------------------------------------------------------------------- */
+/*  Fixtures                                                                  */
+/* -------------------------------------------------------------------------- */
+const SEED_HEX = "00".repeat(32);
+function ownerFixture(overrides = {}) {
+    return {
+        version: "0.1.0-hex",
+        did: "did:aithos:zAlice",
+        handle: "alice",
+        displayName: "Alice",
+        seedsHex: {
+            root: SEED_HEX,
+            public: SEED_HEX,
+            circle: SEED_HEX,
+            self: SEED_HEX,
+        },
+        savedAt: "2026-05-08T00:00:00.000Z",
+        ...overrides,
+    };
+}
+function delegateFixture(overrides = {}) {
+    return {
+        version: "0.1.0-hex",
+        subjectDid: "did:aithos:zCarol",
+        mandateId: "mandate:01H8XYZ",
+        mandate: { id: "mandate:01H8XYZ", scopes: ["ethos.read.public"] },
+        granteeId: "urn:aithos:agent:bob1",
+        granteePubkeyMultibase: "z6MkqBobPubKey",
+        delegateSeedHex: "11".repeat(32),
+        importedAt: "2026-05-08T01:00:00.000Z",
+        ...overrides,
+    };
+}
+/* -------------------------------------------------------------------------- */
+/*  Behaviour suite — runs against both implementations                       */
+/* -------------------------------------------------------------------------- */
+const implementations = [
+    { name: "memoryKeyStore", make: () => memoryKeyStore() },
+    {
+        name: "indexedDbKeyStore",
+        make: () => {
+            // Fresh in-memory IDBFactory + unique db name per call so cases stay
+            // isolated even across test runs.
+            const factory = new IDBFactory();
+            return indexedDbKeyStore({
+                dbName: `test-${Math.random().toString(36).slice(2)}`,
+                factory,
+            });
+        },
+    },
+];
+for (const impl of implementations) {
+    describe(`AithosKeyStore: ${impl.name}`, () => {
+        it("loadOwner returns null on a fresh store", async () => {
+            const store = impl.make();
+            assert.equal(await store.loadOwner(), null);
+        });
+        it("save/load/clear owner round-trips", async () => {
+            const store = impl.make();
+            const o = ownerFixture();
+            await store.saveOwner(o);
+            const loaded = await store.loadOwner();
+            assert.deepEqual(loaded, o);
+            await store.clearOwner();
+            assert.equal(await store.loadOwner(), null);
+        });
+        it("saveOwner overwrites the prior owner", async () => {
+            const store = impl.make();
+            await store.saveOwner(ownerFixture({ handle: "alice" }));
+            await store.saveOwner(ownerFixture({ handle: "alice2" }));
+            const loaded = await store.loadOwner();
+            assert.equal(loaded?.handle, "alice2");
+        });
+        it("listDelegates is empty on a fresh store", async () => {
+            const store = impl.make();
+            assert.deepEqual(await store.listDelegates(), []);
+        });
+        it("save/load/list/remove delegates", async () => {
+            const store = impl.make();
+            const a = delegateFixture({ mandateId: "mandate:A" });
+            const b = delegateFixture({ mandateId: "mandate:B", subjectDid: "did:aithos:zDave" });
+            await store.saveDelegate(a);
+            await store.saveDelegate(b);
+            assert.deepEqual(await store.loadDelegate("mandate:A"), a);
+            assert.deepEqual(await store.loadDelegate("mandate:B"), b);
+            assert.equal(await store.loadDelegate("mandate:missing"), null);
+            const list = await store.listDelegates();
+            assert.equal(list.length, 2);
+            const ids = list.map((d) => d.mandateId).sort();
+            assert.deepEqual(ids, ["mandate:A", "mandate:B"]);
+            await store.removeDelegate("mandate:A");
+            const after = await store.listDelegates();
+            assert.equal(after.length, 1);
+            assert.equal(after[0]?.mandateId, "mandate:B");
+        });
+        it("clearAllDelegates wipes them all but leaves the owner intact", async () => {
+            const store = impl.make();
+            await store.saveOwner(ownerFixture());
+            await store.saveDelegate(delegateFixture({ mandateId: "mandate:A" }));
+            await store.saveDelegate(delegateFixture({ mandateId: "mandate:B" }));
+            await store.clearAllDelegates();
+            assert.deepEqual(await store.listDelegates(), []);
+            assert.notEqual(await store.loadOwner(), null);
+        });
+    });
+}
+/* -------------------------------------------------------------------------- */
+/*  Defensive validators — only relevant for IndexedDB which can hold         */
+/*  arbitrary tampered records                                                */
+/* -------------------------------------------------------------------------- */
+describe("AithosKeyStore: validators (indexedDbKeyStore)", () => {
+    it("treats a corrupted owner record as null", async () => {
+        const factory = new IDBFactory();
+        const dbName = `test-corrupt-${Math.random().toString(36).slice(2)}`;
+        const store = indexedDbKeyStore({ dbName, factory });
+        // Bypass the typed API to inject garbage at the OWNER_KEY slot.
+        const db = await new Promise((resolve, reject) => {
+            const req = factory.open(dbName, 1);
+            req.onupgradeneeded = () => {
+                const d = req.result;
+                if (!d.objectStoreNames.contains("owner"))
+                    d.createObjectStore("owner");
+                if (!d.objectStoreNames.contains("delegates"))
+                    d.createObjectStore("delegates", { keyPath: "mandateId" });
+            };
+            req.onsuccess = () => resolve(req.result);
+            req.onerror = () => reject(req.error);
+        });
+        await new Promise((resolve, reject) => {
+            const t = db.transaction(["owner"], "readwrite");
+            t.objectStore("owner").put({ not: "an owner" }, "self");
+            t.oncomplete = () => resolve();
+            t.onerror = () => reject(t.error);
+        });
+        db.close();
+        assert.equal(await store.loadOwner(), null);
+    });
+    it("treats a wrong-version owner record as null", async () => {
+        const factory = new IDBFactory();
+        const dbName = `test-version-${Math.random().toString(36).slice(2)}`;
+        const store = indexedDbKeyStore({ dbName, factory });
+        // Owner record with a future schema version → must not be returned.
+        const futureRecord = ownerFixture();
+        futureRecord.version = "0.2.0-cryptokey";
+        await store.saveOwner(futureRecord);
+        assert.equal(await store.loadOwner(), null);
+    });
+});
+//# sourceMappingURL=key-store.test.js.map

package/dist/test/mandates-compute.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=mandates-compute.test.d.ts.map

package/dist/test/mandates-compute.test.js

@@ -0,0 +1,256 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+/**
+ * Tests for the `compute` namespace on `MandatesNamespace.create`.
+ *
+ * Invariants under test (mirror of the protocol-core v0.4.0 invariants,
+ * enforced at the SDK boundary so callers fail fast with a precise
+ * error rather than only blowing up server-side):
+ *
+ *   1. Passing `compute.invoke` directly in `scopes[]` is rejected.
+ *      The opt-in must go through the typed `compute` namespace, which
+ *      is what a consent UI can review.
+ *   2. The `compute` namespace requires at least one of
+ *      `dailyCapMicrocredits` or `totalCapMicrocredits` — an unbounded
+ *      compute mandate is the bearer-token footgun this whole namespace
+ *      exists to prevent.
+ *   3. Numeric caps must be positive integers.
+ *   4. `allowedModels`, when present, must be an array of non-empty
+ *      strings.
+ *   5. A compute-only mandate (`scopes: []` + `compute: {…}`) is
+ *      legitimate and accepted — the grantee gets no ethos data
+ *      access, only bounded compute spending. Empty scopes WITHOUT
+ *      compute is still rejected.
+ *
+ * Network-dependent paths (real mint, list, revoke) ride on the same
+ * integration suite as the rest of the namespace — see the note in
+ * `mandates.test.ts`. We intentionally don't go through `mintDelegateBundle`
+ * here; failures fire BEFORE that boundary.
+ */
+import { strict as assert } from "node:assert";
+import { describe, it } from "node:test";
+import { createBrowserIdentity } from "@aithos/protocol-client";
+import { AithosAuth, AithosSDKError, COMPUTE_INVOKE_SCOPE, MandatesNamespace, memoryKeyStore, noopStore, } from "../src/index.js";
+import { DEFAULT_SDK_ENDPOINTS } from "../src/endpoints.js";
+import { serializeRecoveryFile } from "../src/internal/recovery-file.js";
+function makeAuth() {
+    return new AithosAuth({
+        authBaseUrl: "https://auth.test",
+        fetch: (() => {
+            throw new Error("network not expected");
+        }),
+        sessionStore: noopStore(),
+        keyStore: memoryKeyStore(),
+    });
+}
+function makeMandates(auth) {
+    return new MandatesNamespace({
+        auth,
+        endpoints: DEFAULT_SDK_ENDPOINTS,
+        fetch: globalThis.fetch.bind(globalThis),
+    });
+}
+async function signInAsAlice(auth) {
+    const id = createBrowserIdentity("alice", "Alice");
+    const { text } = serializeRecoveryFile(id);
+    const info = await auth.signInWithRecovery({ file: text });
+    return info.did;
+}
+/* -------------------------------------------------------------------------- */
+/*  Constant export sanity                                                    */
+/* -------------------------------------------------------------------------- */
+describe("COMPUTE_INVOKE_SCOPE constant", () => {
+    it("is the canonical 'compute.invoke' string", () => {
+        assert.equal(COMPUTE_INVOKE_SCOPE, "compute.invoke");
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Smuggling guard: compute.invoke in scopes[] is rejected                   */
+/* -------------------------------------------------------------------------- */
+describe("MandatesNamespace.create — compute.invoke smuggling guard", () => {
+    it("rejects a mandate that smuggles compute.invoke into scopes[]", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            // Up-cast through string[] — this is exactly the path the
+            // runtime check has to catch. Type-checking can't (the union
+            // doesn't include "compute.invoke", but cast slips through).
+            scopes: ["ethos.read.public", "compute.invoke"],
+            ttlSeconds: 3600,
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_scopes" &&
+            /compute' namespace/.test(e.message));
+    });
+    it("rejects even when 'compute.invoke' is the ONLY scope passed", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["compute.invoke"],
+            ttlSeconds: 3600,
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_scopes");
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Compute namespace — input validation                                      */
+/* -------------------------------------------------------------------------- */
+describe("MandatesNamespace.create — compute namespace validation", () => {
+    it("rejects compute namespace with no caps at all", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+            compute: {}, // empty — neither daily nor total cap
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_compute" &&
+            /at least one of dailyCapMicrocredits or totalCapMicrocredits/.test(e.message));
+    });
+    it("rejects compute namespace with only allowedModels (no cap)", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+            compute: { allowedModels: ["claude-haiku-4-5"] },
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_compute");
+    });
+    it("rejects non-positive caps", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        for (const bad of [0, -1, 3.14]) {
+            await assert.rejects(() => m.create({
+                granteeId: "urn:agent:bob",
+                scopes: ["ethos.read.public"],
+                ttlSeconds: 3600,
+                compute: { dailyCapMicrocredits: bad },
+            }), (e) => e instanceof AithosSDKError &&
+                e.code === "mandates_invalid_compute" &&
+                /must be a positive integer/.test(e.message), `expected rejection for dailyCapMicrocredits=${bad}`);
+        }
+    });
+    it("rejects malformed allowedModels (empty string entry)", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+            compute: {
+                dailyCapMicrocredits: 5_000,
+                allowedModels: ["claude-haiku-4-5", ""],
+            },
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_compute" &&
+            /allowedModels entries must be non-empty strings/.test(e.message));
+    });
+    it("rejects allowedModels that is not an array", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+            compute: {
+                dailyCapMicrocredits: 5_000,
+                // @ts-expect-error — runtime check guards against bad casts
+                allowedModels: "claude-haiku-4-5",
+            },
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_compute");
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Read-only mandate is unaffected                                           */
+/* -------------------------------------------------------------------------- */
+describe("MandatesNamespace.create — read-only mandates unaffected", () => {
+    it("does NOT reject a clean read-only mandate (no compute, no smuggling)", async () => {
+        // We can't run the full mint here because the installed
+        // @aithos/protocol-core (0.5.1, pre-0.4.0-mandate) doesn't yet
+        // accept compute.invoke on the public sphere whitelist — the real
+        // mint would still succeed for a read-only mandate, but it goes
+        // out to S3 etc. Instead we check the synchronous validation
+        // surface: passing a clean read-only input must not throw before
+        // the mint call.
+        //
+        // (The async `m.create(...)` would still error later on the
+        // network path — that's the integration suite's job.)
+        //
+        // What we ARE asserting here: no SDK-side validation rejection.
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        // The mint will fail with a network error (fetch throws), but
+        // crucially NOT with a validation error — that proves our compute
+        // guard is precisely scoped to compute-related inputs.
+        await assert.rejects(() => m.create({
+            granteeId: "urn:viewer:bob",
+            scopes: ["ethos.read.public"],
+            ttlSeconds: 3600,
+        }), (e) => {
+            if (!(e instanceof AithosSDKError))
+                return true; // any non-validation error fine
+            const code = e.code;
+            // Anything except a validation rejection is fine — the network
+            // is not wired up in this fake auth.
+            return (code !== "mandates_invalid_scopes" &&
+                code !== "mandates_invalid_compute");
+        });
+    });
+});
+/* -------------------------------------------------------------------------- */
+/*  Compute-only mandate (scopes: [] + compute namespace)                     */
+/* -------------------------------------------------------------------------- */
+describe("MandatesNamespace.create — compute-only mandate", () => {
+    it("accepts an empty scopes[] when compute is provided (no ethos data access, just bounded spending)", async () => {
+        // Same caveat as the "read-only unaffected" suite: the installed
+        // @aithos/protocol-core does not yet whitelist compute.invoke on
+        // the public sphere, so the real `mintDelegateBundle` call would
+        // still reject downstream. What this test proves is that the
+        // SDK validation layer (a) does NOT throw `mandates_invalid_scopes`
+        // for the empty list when compute is set, and (b) does NOT throw
+        // `mandates_invalid_compute` for a properly-capped budget. The
+        // request is allowed to proceed past validation.
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:creative",
+            scopes: [], // no ethos data access
+            ttlSeconds: 3600,
+            compute: { dailyCapMicrocredits: 1_000 },
+        }), (e) => {
+            if (!(e instanceof AithosSDKError))
+                return true;
+            const code = e.code;
+            // Validation must NOT have rejected this input.
+            return (code !== "mandates_invalid_scopes" &&
+                code !== "mandates_invalid_compute");
+        });
+    });
+    it("STILL rejects empty scopes[] when compute is NOT provided", async () => {
+        const auth = makeAuth();
+        await signInAsAlice(auth);
+        const m = makeMandates(auth);
+        await assert.rejects(() => m.create({
+            granteeId: "urn:agent:bob",
+            scopes: [],
+            ttlSeconds: 3600,
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "mandates_invalid_scopes" &&
+            /compute-only mandate/.test(e.message));
+    });
+});
+//# sourceMappingURL=mandates-compute.test.js.map

package/dist/test/mandates.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=mandates.test.d.ts.map