@aithos/sdk 0.1.0-alpha.6 → 0.1.0-alpha.60

package/dist/test/compute-delegate-path.test.js

@@ -0,0 +1,183 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// Tests for the delegate signing path on sdk.compute.invokeBedrock.
+// Until alpha.9 the method ALWAYS required an owner — a session that
+// only held a mandate (no owner signers) failed with sdk_no_owner
+// before any network call. From alpha.9 onward, when no owner is
+// loaded but a delegate matches the requested mandate id, the SDK
+// signs the envelope with the delegate's keypair and attaches the
+// SignedMandate.
+import { strict as assert } from "node:assert";
+import { afterEach, beforeEach, describe, it } from "node:test";
+import { createBrowserIdentity } from "@aithos/protocol-client";
+import { AithosAuth, AithosSDKError, ComputeNamespace, memoryKeyStore, noopStore, } from "../src/index.js";
+import { DEFAULT_SDK_ENDPOINTS } from "../src/endpoints.js";
+/* -------------------------------------------------------------------------- */
+/*  Test plumbing                                                             */
+/* -------------------------------------------------------------------------- */
+let savedFetch;
+let lastRequestBody = null;
+function installFetchMock(response) {
+    savedFetch = globalThis.fetch;
+    lastRequestBody = null;
+    globalThis.fetch = (async (_input, init) => {
+        lastRequestBody = JSON.parse(init?.body);
+        return new Response(JSON.stringify(response.json), {
+            status: response.status ?? 200,
+            headers: { "content-type": "application/json" },
+        });
+    });
+}
+function uninstallFetchMock() {
+    if (savedFetch)
+        globalThis.fetch = savedFetch;
+    savedFetch = undefined;
+    lastRequestBody = null;
+}
+const okResponse = {
+    json: {
+        jsonrpc: "2.0",
+        id: "x",
+        result: {
+            content: "ok",
+            stopReason: "end_turn",
+            usage: { inputTokens: 1, outputTokens: 1 },
+            creditsCharged: 1,
+            walletBalance: 999,
+            auditId: "audit-test",
+        },
+    },
+};
+function freshAuth() {
+    return new AithosAuth({
+        sessionStore: noopStore(),
+        keyStore: memoryKeyStore(),
+    });
+}
+function freshCompute(auth) {
+    return new ComputeNamespace({
+        auth,
+        appDid: "did:aithos:app:example-placeholder",
+        endpoints: DEFAULT_SDK_ENDPOINTS,
+        fetch: globalThis.fetch.bind(globalThis),
+    });
+}
+/**
+ * Build a delegate bundle JSON that matches the wire shape importMandate
+ * accepts. Uses a real SignedMandate-like object minted from a fresh
+ * issuer so signature verification on import succeeds.
+ */
+function makeDelegateBundleText(args) {
+    const issuer = createBrowserIdentity("alice", "Alice");
+    return JSON.stringify({
+        aithos_delegate_version: "0.1.0",
+        mandate: {
+            "aithos-mandate": "0.4.0",
+            id: args.mandateId,
+            issuer: issuer.did,
+            issued_by_key: `${issuer.did}#self`,
+            grantee: {
+                id: args.granteeId ?? "urn:aithos:agent:test",
+                pubkey: "z6MkqGenericPubKey",
+            },
+            actor_sphere: "self",
+            scopes: args.scopes,
+            not_before: "2026-05-10T00:00:00Z",
+            not_after: "2026-05-11T00:00:00Z",
+            issued_at: "2026-05-10T00:00:00Z",
+            nonce: "abc",
+            signature: { alg: "ed25519", key: `${issuer.did}#self`, value: "..." },
+        },
+        delegate_seed_hex: "11".repeat(32),
+    });
+}
+/* -------------------------------------------------------------------------- */
+/*  Tests                                                                     */
+/* -------------------------------------------------------------------------- */
+describe("ComputeNamespace.invokeBedrock — delegate path", () => {
+    beforeEach(() => {
+        installFetchMock(okResponse);
+    });
+    afterEach(() => {
+        uninstallFetchMock();
+    });
+    it("rejects with sdk_no_delegate_for_mandate when delegate-only and mandateId doesn't match", async () => {
+        const auth = freshAuth();
+        const compute = freshCompute(auth);
+        // Import a delegate with a DIFFERENT mandate id than the one the call
+        // requests. Should error with the new code (NOT sdk_no_owner anymore).
+        await auth.importMandate({
+            bundle: makeDelegateBundleText({
+                mandateId: "mandate:held",
+                scopes: ["compute.invoke"],
+            }),
+        });
+        await assert.rejects(() => compute.invokeBedrock({
+            mandateId: "mandate:other-not-held",
+            model: "claude-haiku-4-5",
+            messages: [{ role: "user", content: "Hi" }],
+            maxTokens: 1,
+        }), (e) => e instanceof AithosSDKError &&
+            e.code === "sdk_no_delegate_for_mandate");
+    });
+    it("signs with the delegate keypair + attaches the mandate when delegate-only matches", async () => {
+        const auth = freshAuth();
+        const compute = freshCompute(auth);
+        const mandateId = "mandate:matching";
+        await auth.importMandate({
+            bundle: makeDelegateBundleText({
+                mandateId,
+                scopes: ["compute.invoke"],
+            }),
+        });
+        await compute.invokeBedrock({
+            mandateId,
+            model: "claude-haiku-4-5",
+            messages: [{ role: "user", content: "Hi" }],
+            maxTokens: 1,
+        });
+        const env = lastRequestBody?.params?._envelope;
+        assert.ok(env, "envelope must be present");
+        // verificationMethod must be the delegate's bare multibase pubkey
+        // (NOT a `#sphere` DID URL). And the SignedMandate must be inside.
+        assert.match(env.proof.verificationMethod, /^z[1-9A-HJ-NP-Za-km-z]+$/, `expected multibase pubkey, got ${env.proof.verificationMethod}`);
+        assert.ok(env.mandate, "delegate envelopes must attach the SignedMandate");
+        assert.equal(env.mandate.id, mandateId);
+    });
+    it("still works the owner path when an owner is signed in", async () => {
+        const auth = freshAuth();
+        const compute = freshCompute(auth);
+        // Owner sign-in via recovery — picks up four sphere keys from the
+        // recovery file format. Build one inline.
+        const issuer = createBrowserIdentity("owner", "Owner");
+        const seedHex = (b) => Array.from(b).map((x) => x.toString(16).padStart(2, "0")).join("");
+        const recoveryText = JSON.stringify({
+            aithos_recovery_version: "0.1.0-plaintext",
+            handle: issuer.handle,
+            display_name: issuer.displayName,
+            did: issuer.did,
+            created_at: new Date().toISOString(),
+            seeds_hex: {
+                root: seedHex(issuer.root.seed),
+                public: seedHex(issuer.public.seed),
+                circle: seedHex(issuer.circle.seed),
+                self: seedHex(issuer.self.seed),
+            },
+        });
+        await auth.signInWithRecovery({ file: recoveryText });
+        await compute.invokeBedrock({
+            mandateId: "mandate:owner-managed",
+            model: "claude-haiku-4-5",
+            messages: [{ role: "user", content: "Hi" }],
+            maxTokens: 1,
+        });
+        const env = lastRequestBody?.params?._envelope;
+        assert.ok(env, "envelope must be present");
+        // Owner path: verificationMethod is a `#public` DID URL, and the
+        // envelope MUST NOT carry a mandate (server resolves from
+        // params.mandate_id).
+        assert.match(env.proof.verificationMethod, /#public$/);
+        assert.equal(env.mandate, undefined, "owner-signed envelopes should not attach a mandate");
+    });
+});
+//# sourceMappingURL=compute-delegate-path.test.js.map

package/dist/test/compute.test.js

@@ -187,4 +187,8 @@ describe("compute.invokeBedrock — abort", () => {
         assert.equal(receivedSignal, ac.signal);
     });
 });
+// `compute.invokeUrlFetch` was removed in alpha.24 (BREAKING). The
+// Anthropic API-direct + web_fetch tool path is replaced by the
+// `sdk.web.extract` namespace which routes through the deterministic
+// web-extractor Lambda. No tests here anymore.
 //# sourceMappingURL=compute.test.js.map

package/dist/test/converse.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=converse.test.d.ts.map

package/dist/test/converse.test.js

@@ -0,0 +1,162 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// Unit tests for sdk.compute.runConversation with a mock fetch.
+//
+// Mirrors compute.test.ts: a real BrowserIdentity drives the actual
+// envelope-signing path, and we assert on the JSON-RPC body posted to
+// the compute proxy (method name + camelCase→snake_case param mapping).
+import { strict as assert } from "node:assert";
+import { describe, it } from "node:test";
+import { createBrowserIdentity } from "@aithos/protocol-client";
+import { AithosAuth, AithosSDK, AithosSDKError, memoryKeyStore, noopStore, } from "../src/index.js";
+import { serializeRecoveryFile } from "../src/internal/recovery-file.js";
+const APP_DID = "did:aithos:app:test";
+async function makeSdk(fetchImpl) {
+    const id = createBrowserIdentity("test-handle", "Test User");
+    const auth = new AithosAuth({
+        authBaseUrl: "https://auth.test",
+        fetch: (() => {
+            throw new Error("auth not used in converse tests");
+        }),
+        sessionStore: noopStore(),
+        keyStore: memoryKeyStore(),
+    });
+    const { text } = serializeRecoveryFile(id);
+    await auth.signInWithRecovery({ file: text });
+    return new AithosSDK({
+        auth,
+        appDid: APP_DID,
+        endpoints: { compute: "https://compute.example.test" },
+        fetch: fetchImpl,
+    });
+}
+const HAPPY_RESULT = {
+    content: "Voici le résumé.",
+    stopReason: "end_turn",
+    iterations: 2,
+    usage: { inputTokens: 420, outputTokens: 95 },
+    toolCalls: [{ name: "ethos_read_section", ok: true, turn: 1 }],
+    creditsCharged: 130,
+    walletBalance: 99_870,
+    auditId: "audit-cv-1",
+    fundedBy: "purchase",
+};
+describe("compute.runConversation — happy path + param mapping", () => {
+    it("posts aithos.compute_converse with mapped params and parses the result", async () => {
+        let capturedUrl;
+        let capturedInit;
+        const fakeFetch = async (input, init) => {
+            capturedUrl = typeof input === "string" ? input : input.toString();
+            capturedInit = init;
+            return new Response(JSON.stringify({ result: HAPPY_RESULT }), {
+                status: 200,
+                headers: { "content-type": "application/json" },
+            });
+        };
+        const sdk = await makeSdk(fakeFetch);
+        const out = await sdk.compute.runConversation({
+            mandateId: "mandate:abc",
+            model: "claude-sonnet-4-6",
+            system: "Tu agis dans la voix de l'utilisateur.",
+            messages: [{ role: "user", content: "Résume mon ethos." }],
+            mcp: { server: "aithos", tools: ["ethos_list_sections", "ethos_read_section"] },
+            workingSet: {
+                ethos: { public: [{ id: "p1", title: "Bio", body: "..." }] },
+            },
+            maxIterations: 5,
+            maxTokens: 800,
+            temperature: 0.4,
+        });
+        assert.deepEqual(out, HAPPY_RESULT);
+        assert.equal(capturedUrl, "https://compute.example.test/v1/invoke");
+        assert.equal(capturedInit?.method, "POST");
+        const body = JSON.parse(capturedInit?.body);
+        assert.equal(body.jsonrpc, "2.0");
+        assert.equal(body.method, "aithos.compute_converse");
+        assert.equal(body.params.app_did, APP_DID);
+        assert.equal(body.params.mandate_id, "mandate:abc");
+        assert.equal(body.params.model, "claude-sonnet-4-6");
+        assert.equal(body.params.system, "Tu agis dans la voix de l'utilisateur.");
+        // camelCase → snake_case mapping on the wire.
+        assert.equal(body.params.max_iterations, 5);
+        assert.equal(body.params.max_tokens, 800);
+        assert.equal(body.params.temperature, 0.4);
+        assert.ok(body.params.working_set, "working_set must be on the wire");
+        assert.deepEqual(body.params.mcp, {
+            server: "aithos",
+            tools: ["ethos_list_sections", "ethos_read_section"],
+        });
+        assert.match(body.params.idempotency_key, /^[0-9a-f]{32}$/);
+        assert.ok(body.params._envelope, "request must carry a signed envelope");
+        // SDK-only camelCase keys must NOT leak onto the wire.
+        assert.equal(body.params.maxIterations, undefined);
+        assert.equal(body.params.workingSet, undefined);
+    });
+    it("omits optional fields when not provided", async () => {
+        let capturedInit;
+        const fakeFetch = async (_input, init) => {
+            capturedInit = init;
+            return new Response(JSON.stringify({ result: HAPPY_RESULT }), {
+                status: 200,
+                headers: { "content-type": "application/json" },
+            });
+        };
+        const sdk = await makeSdk(fakeFetch);
+        await sdk.compute.runConversation({
+            mandateId: "mandate:abc",
+            model: "claude-haiku-4-5",
+            messages: [{ role: "user", content: "Salut" }],
+        });
+        const body = JSON.parse(capturedInit?.body);
+        assert.equal(body.params.system, undefined);
+        assert.equal(body.params.mcp, undefined);
+        assert.equal(body.params.working_set, undefined);
+        assert.equal(body.params.max_iterations, undefined);
+        assert.equal(body.params.max_tokens, undefined);
+    });
+});
+describe("compute.runConversation — errors", () => {
+    it("maps a JSON-RPC error to AithosSDKError with the proxy code", async () => {
+        const fakeFetch = async () => new Response(JSON.stringify({
+            error: { code: -32071, message: "insufficient credits" },
+        }), { status: 200, headers: { "content-type": "application/json" } });
+        const sdk = await makeSdk(fakeFetch);
+        await assert.rejects(() => sdk.compute.runConversation({
+            mandateId: "mandate:abc",
+            model: "claude-sonnet-4-6",
+            messages: [{ role: "user", content: "Hi" }],
+        }), (err) => {
+            assert.ok(err instanceof AithosSDKError);
+            assert.equal(err.code, "-32071");
+            return true;
+        });
+    });
+    it("throws sdk_no_signer when no owner and no mandate", async () => {
+        // Build an SDK with no signed-in owner.
+        const auth = new AithosAuth({
+            authBaseUrl: "https://auth.test",
+            fetch: (() => {
+                throw new Error("unused");
+            }),
+            sessionStore: noopStore(),
+            keyStore: memoryKeyStore(),
+        });
+        const sdk = new AithosSDK({
+            auth,
+            appDid: APP_DID,
+            endpoints: { compute: "https://compute.example.test" },
+            fetch: (() => {
+                throw new Error("fetch must not be reached");
+            }),
+        });
+        await assert.rejects(() => sdk.compute.runConversation({
+            model: "claude-sonnet-4-6",
+            messages: [{ role: "user", content: "Hi" }],
+        }), (err) => {
+            assert.ok(err instanceof AithosSDKError);
+            assert.equal(err.code, "sdk_no_signer");
+            return true;
+        });
+    });
+});
+//# sourceMappingURL=converse.test.js.map

package/dist/test/data-sphere.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=data-sphere.test.d.ts.map

package/dist/test/data-sphere.test.js

@@ -0,0 +1,57 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+// Tests for the optional #data sphere through the SDK's owner key material:
+// the recovery file and OwnerSigners (vault re-encryption projection).
+// Mirrors the protocol-core / protocol-client data-sphere tests.
+import { strict as assert } from "node:assert";
+import { describe, it } from "node:test";
+import { createBrowserIdentity } from "@aithos/protocol-client";
+import { OwnerSigners } from "../src/internal/owner-signers.js";
+import { serializeRecoveryFile, parseRecoveryFile, } from "../src/internal/recovery-file.js";
+describe("#data sphere — recovery file", () => {
+    it("round-trips the #data seed for a fresh (eager) identity", () => {
+        const id = createBrowserIdentity("alice", "Alice");
+        assert.ok(id.data, "createBrowserIdentity should be eager about #data");
+        const { text } = serializeRecoveryFile(id);
+        const parsed = parseRecoveryFile(text);
+        assert.equal(typeof parsed.seedsHex.data, "string");
+        assert.equal(parsed.seedsHex.data.length, 64);
+    });
+    it("legacy identity without #data serializes/parses without a data seed", () => {
+        const id = { ...createBrowserIdentity("dave", "Dave"), data: undefined };
+        const { text } = serializeRecoveryFile(id);
+        const parsed = parseRecoveryFile(text);
+        assert.equal(parsed.seedsHex.data, undefined);
+    });
+});
+describe("#data sphere — OwnerSigners", () => {
+    it("preserves the #data seed on the vault re-encryption projection", () => {
+        const id = createBrowserIdentity("bob", "Bob");
+        const signers = OwnerSigners.fromBrowserIdentity(id);
+        try {
+            // _unsafeStoredIdentity() is what the vault re-encryption path reads —
+            // dropping #data here would silently lose the sphere on delegate-add.
+            const projected = signers._unsafeStoredIdentity();
+            assert.ok(projected.seeds.data, "#data seed must survive projection");
+            // signerForSphere exposes the #data signer.
+            assert.ok(signers.data, "OwnerSigners.data signer should be present");
+            assert.equal(signers.signerForSphere("data"), signers.data);
+        }
+        finally {
+            signers.destroy();
+        }
+    });
+    it("legacy owner (no #data) → no data signer, signerForSphere('data') throws", () => {
+        const id = { ...createBrowserIdentity("erin", "Erin"), data: undefined };
+        const signers = OwnerSigners.fromBrowserIdentity(id);
+        try {
+            assert.equal(signers.data, undefined);
+            assert.equal(signers._unsafeStoredIdentity().seeds.data, undefined);
+            assert.throws(() => signers.signerForSphere("data"), /no #data sphere/);
+        }
+        finally {
+            signers.destroy();
+        }
+    });
+});
+//# sourceMappingURL=data-sphere.test.js.map

package/dist/test/endpoints.test.js

@@ -4,7 +4,7 @@
 import { strict as assert } from "node:assert";
 import { describe, it } from "node:test";
 import { DEFAULT_SDK_ENDPOINTS } from "../src/index.js";
-import { computeInvokeUrl, resolveEndpoints, walletTopupCheckoutUrl, } from "../src/endpoints.js";
+import { computeInvokeUrl, resolveEndpoints, walletTopupCheckoutUrl, webInvokeUrl, } from "../src/endpoints.js";
 describe("resolveEndpoints", () => {
     it("returns a fresh copy of the defaults when no override is given", () => {
         const a = resolveEndpoints();
@@ -23,12 +23,22 @@ describe("computeInvokeUrl", () => {
         assert.equal(computeInvokeUrl({
             compute: "https://compute.aithos.be",
             wallet: "https://wallet.aithos.be",
+            web: "https://extract.aithos.be",
+            pds: "https://pds.aithos.be",
+            assets: "https://assets.aithos.be",
+            api: "https://api.aithos.be",
+            cdn: "https://cdn.aithos.be",
         }), "https://compute.aithos.be/v1/invoke");
     });
     it("trims a trailing slash on the compute base", () => {
         assert.equal(computeInvokeUrl({
             compute: "https://compute.aithos.be/",
             wallet: "https://wallet.aithos.be",
+            web: "https://extract.aithos.be",
+            pds: "https://pds.aithos.be",
+            assets: "https://assets.aithos.be",
+            api: "https://api.aithos.be",
+            cdn: "https://cdn.aithos.be",
         }), "https://compute.aithos.be/v1/invoke");
     });
 });
@@ -37,7 +47,36 @@ describe("walletTopupCheckoutUrl", () => {
         assert.equal(walletTopupCheckoutUrl({
             compute: "https://compute.aithos.be",
             wallet: "https://wallet.aithos.be",
+            web: "https://extract.aithos.be",
+            pds: "https://pds.aithos.be",
+            assets: "https://assets.aithos.be",
+            api: "https://api.aithos.be",
+            cdn: "https://cdn.aithos.be",
         }), "https://wallet.aithos.be/v1/wallet/topup/checkout");
     });
 });
+describe("webInvokeUrl", () => {
+    it("appends /v1/invoke to the web base", () => {
+        assert.equal(webInvokeUrl({
+            compute: "https://compute.aithos.be",
+            wallet: "https://wallet.aithos.be",
+            web: "https://extract.aithos.be",
+            pds: "https://pds.aithos.be",
+            assets: "https://assets.aithos.be",
+            api: "https://api.aithos.be",
+            cdn: "https://cdn.aithos.be",
+        }), "https://extract.aithos.be/v1/invoke");
+    });
+    it("trims a trailing slash on the web base", () => {
+        assert.equal(webInvokeUrl({
+            compute: "https://compute.aithos.be",
+            wallet: "https://wallet.aithos.be",
+            web: "https://extract.aithos.be/",
+            pds: "https://pds.aithos.be",
+            assets: "https://assets.aithos.be",
+            api: "https://api.aithos.be",
+            cdn: "https://cdn.aithos.be",
+        }), "https://extract.aithos.be/v1/invoke");
+    });
+});
 //# sourceMappingURL=endpoints.test.js.map

package/dist/test/envelope-core-conformance.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=envelope-core-conformance.test.d.ts.map

package/dist/test/envelope-core-conformance.test.js

@@ -0,0 +1,75 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2026 Mathieu Colla
+/**
+ * Conformance for the envelope-signing refactor.
+ *
+ * `signOwnerEnvelope` now delegates to `@aithos/protocol-core`'s
+ * `signEnvelopeWith` (pluggable async signer) instead of carrying a private
+ * JCS + signing implementation. These tests assert the migrated path is
+ * correct and stable:
+ *
+ *   1. the produced envelope's `proof.proofValue` verifies against the signer's
+ *      public key over core's canonical signing bytes (i.e. the server will
+ *      accept it);
+ *   2. `params_hash` equals core's `envelopeParamsHash(params)`;
+ *   3. with a fixed clock + nonce the output is deterministic (snapshot), which
+ *      is what guarantees the wire format did not shift under the refactor.
+ *
+ * Note: this suite needs the SDK to resolve a build of `@aithos/protocol-core`
+ * that exposes `signEnvelopeWith` (>= 0.6.3). Run via `npm test`.
+ */
+import { describe, test } from "node:test";
+import { strict as assert } from "node:assert";
+import * as ed from "@noble/ed25519";
+import { sha512 } from "@noble/hashes/sha512";
+import { envelopeParamsHash, envelopeSigningBytes, } from "@aithos/protocol-core/envelope";
+import { signOwnerEnvelope } from "../src/internal/envelope.js";
+ed.etc.sha512Sync = (...m) => sha512(ed.etc.concatBytes(...m));
+const SEED = new Uint8Array(32).fill(11);
+const PUB = ed.getPublicKey(SEED);
+const NOW = new Date("2026-05-31T12:00:00.000Z");
+const NONCE = "01J0ENVELOPECONFORMANCE0000";
+const ISS = "did:aithos:z6MkEnvelopeConformance";
+const VM = `${ISS}#public`;
+const base = {
+    iss: ISS,
+    aud: "https://api.aithos.be/mcp/primitives/write",
+    method: "aithos.data.insert_record",
+    params: { b: 2, a: 1, nested: { y: [3, 1, 2], x: "z" } },
+    verificationMethod: VM,
+    signer: { sign: async (bytes) => ed.sign(bytes, SEED) },
+    ttlSeconds: 60,
+    now: NOW,
+    nonce: NONCE,
+};
+describe("signOwnerEnvelope — core delegation conformance", () => {
+    test("proofValue verifies against signing bytes (server will accept)", async () => {
+        const env = await signOwnerEnvelope({ ...base });
+        const sig = b64urlDecode(env.proof.proofValue);
+        assert.equal(ed.verify(sig, envelopeSigningBytes(env), PUB), true);
+    });
+    test("params_hash matches core.envelopeParamsHash", async () => {
+        const env = await signOwnerEnvelope({ ...base });
+        assert.equal(env.params_hash, envelopeParamsHash(base.params));
+    });
+    test("deterministic under fixed clock + nonce (wire-format snapshot)", async () => {
+        const a = await signOwnerEnvelope({ ...base });
+        const b = await signOwnerEnvelope({ ...base });
+        assert.equal(JSON.stringify(a), JSON.stringify(b));
+        assert.equal(a["aithos-envelope"], "0.1.0");
+        assert.equal(a.iat, 1780228800);
+        assert.equal(a.exp, 1780228860);
+        assert.equal(a.nonce, NONCE);
+        assert.equal(a.proof.verificationMethod, VM);
+    });
+});
+function b64urlDecode(s) {
+    const pad = s.length % 4 === 0 ? "" : "=".repeat(4 - (s.length % 4));
+    const b64 = s.replace(/-/g, "+").replace(/_/g, "/") + pad;
+    const bin = atob(b64);
+    const out = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++)
+        out[i] = bin.charCodeAt(i);
+    return out;
+}
+//# sourceMappingURL=envelope-core-conformance.test.js.map

package/dist/test/envelope.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=envelope.test.d.ts.map