@aroha-sdk/core 1.0.0 → 1.2.0

package/dist/messages/idempotency.d.ts

@@ -0,0 +1,61 @@
+/**
+ * Idempotency Store — server-side deduplication for ArohaRequest.
+ *
+ * ArohaCommit is already spec-idempotent. But ArohaRequest (capability
+ * invocations) are not — a retried "book-flight" request could create a
+ * duplicate booking. The idempotency store fixes this.
+ *
+ * Protocol contract:
+ *   Sender includes idempotencyKey: string in ArohaRequestBody.
+ *   Receiver checks the store before processing. If the key exists and
+ *   the cached response is still valid, the cached response is returned
+ *   immediately — no work is done twice.
+ *
+ * Key design: senderDID:idempotencyKey — scoped per sender so different
+ * orchestrators cannot accidentally share idempotency keys.
+ *
+ * Reference: Stripe API idempotency (https://stripe.com/docs/idempotency)
+ */
+import { type ArohaEnvelope } from "./envelope.js";
+export interface IIdempotencyStore {
+    /**
+     * Retrieve a cached response for this key.
+     * Returns null if not found or expired.
+     */
+    get(senderDID: string, idempotencyKey: string): Promise<ArohaEnvelope | null>;
+    /**
+     * Store a response for this key with a TTL.
+     * TTL default: 86_400_000 ms (24 hours) — matches typical saga window.
+     */
+    set(senderDID: string, idempotencyKey: string, response: ArohaEnvelope, ttlMs?: number): Promise<void>;
+}
+export declare class InMemoryIdempotencyStore implements IIdempotencyStore {
+    private readonly defaultTtlMs;
+    private readonly store;
+    private readonly cleanupIntervalMs;
+    private readonly cleanupTimer;
+    constructor(config?: {
+        defaultTtlMs?: number;
+        cleanupIntervalMs?: number;
+    });
+    get(senderDID: string, idempotencyKey: string): Promise<ArohaEnvelope | null>;
+    set(senderDID: string, idempotencyKey: string, response: ArohaEnvelope, ttlMs?: number): Promise<void>;
+    destroy(): void;
+    get size(): number;
+    private evictExpired;
+}
+/**
+ * Check the idempotency store and return a cached response if one exists.
+ * Returns null if the request should proceed normally.
+ *
+ * Usage in an agent's message handler:
+ *   const cached = await checkIdempotency(store, envelope);
+ *   if (cached) { respond(cached); return; }
+ *   // ... process normally ...
+ *   const response = buildResponse(...);
+ *   await storeIdempotency(store, envelope, response);
+ *   respond(response);
+ */
+export declare function checkIdempotency(store: IIdempotencyStore, envelope: ArohaEnvelope): Promise<ArohaEnvelope | null>;
+export declare function storeIdempotency(store: IIdempotencyStore, requestEnvelope: ArohaEnvelope, responseEnvelope: ArohaEnvelope, ttlMs?: number): Promise<void>;
+//# sourceMappingURL=idempotency.d.ts.map

package/dist/messages/idempotency.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"idempotency.d.ts","sourceRoot":"","sources":["../../src/messages/idempotency.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,eAAe,CAAC;AAInD,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;IAE9E;;;OAGG;IACH,GAAG,CACD,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,QAAQ,EAAE,aAAa,EACvB,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAAC;CAClB;AASD,qBAAa,wBAAyB,YAAW,iBAAiB;IAChE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkC;IACxD,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;IAC3C,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAiC;gBAElD,MAAM,GAAE;QAAE,YAAY,CAAC,EAAE,MAAM,CAAC;QAAC,iBAAiB,CAAC,EAAE,MAAM,CAAA;KAAO;IAUxE,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAW7E,GAAG,CACP,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,QAAQ,EAAE,aAAa,EACvB,KAAK,SAAoB,GACxB,OAAO,CAAC,IAAI,CAAC;IAOhB,OAAO,IAAI,IAAI;IAKf,IAAI,IAAI,IAAI,MAAM,CAEjB;IAED,OAAO,CAAC,YAAY;CAMrB;AAQD;;;;;;;;;;;GAWG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,iBAAiB,EACxB,QAAQ,EAAE,aAAa,GACtB,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAI/B;AAED,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,iBAAiB,EACxB,eAAe,EAAE,aAAa,EAC9B,gBAAgB,EAAE,aAAa,EAC/B,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAIf"}

package/dist/messages/idempotency.js

@@ -0,0 +1,93 @@
+/**
+ * Idempotency Store — server-side deduplication for ArohaRequest.
+ *
+ * ArohaCommit is already spec-idempotent. But ArohaRequest (capability
+ * invocations) are not — a retried "book-flight" request could create a
+ * duplicate booking. The idempotency store fixes this.
+ *
+ * Protocol contract:
+ *   Sender includes idempotencyKey: string in ArohaRequestBody.
+ *   Receiver checks the store before processing. If the key exists and
+ *   the cached response is still valid, the cached response is returned
+ *   immediately — no work is done twice.
+ *
+ * Key design: senderDID:idempotencyKey — scoped per sender so different
+ * orchestrators cannot accidentally share idempotency keys.
+ *
+ * Reference: Stripe API idempotency (https://stripe.com/docs/idempotency)
+ */
+export class InMemoryIdempotencyStore {
+    defaultTtlMs;
+    store = new Map();
+    cleanupIntervalMs;
+    cleanupTimer;
+    constructor(config = {}) {
+        this.defaultTtlMs = config.defaultTtlMs ?? 86_400_000; // 24h
+        this.cleanupIntervalMs = config.cleanupIntervalMs ?? 300_000; // 5m
+        // Periodically evict expired entries to prevent unbounded memory growth
+        this.cleanupTimer = setInterval(() => this.evictExpired(), this.cleanupIntervalMs);
+        // Don't prevent process exit if only cleanup timer is pending
+        if (this.cleanupTimer.unref)
+            this.cleanupTimer.unref();
+    }
+    async get(senderDID, idempotencyKey) {
+        const key = storeKey(senderDID, idempotencyKey);
+        const entry = this.store.get(key);
+        if (!entry)
+            return null;
+        if (Date.now() > entry.expiresAt) {
+            this.store.delete(key);
+            return null;
+        }
+        return entry.response;
+    }
+    async set(senderDID, idempotencyKey, response, ttlMs = this.defaultTtlMs) {
+        this.store.set(storeKey(senderDID, idempotencyKey), {
+            response,
+            expiresAt: Date.now() + ttlMs,
+        });
+    }
+    destroy() {
+        clearInterval(this.cleanupTimer);
+        this.store.clear();
+    }
+    get size() {
+        return this.store.size;
+    }
+    evictExpired() {
+        const now = Date.now();
+        for (const [key, entry] of this.store) {
+            if (now > entry.expiresAt)
+                this.store.delete(key);
+        }
+    }
+}
+// ─── Utility ──────────────────────────────────────────────────────────────────
+function storeKey(senderDID, idempotencyKey) {
+    return `${senderDID}:${idempotencyKey}`;
+}
+/**
+ * Check the idempotency store and return a cached response if one exists.
+ * Returns null if the request should proceed normally.
+ *
+ * Usage in an agent's message handler:
+ *   const cached = await checkIdempotency(store, envelope);
+ *   if (cached) { respond(cached); return; }
+ *   // ... process normally ...
+ *   const response = buildResponse(...);
+ *   await storeIdempotency(store, envelope, response);
+ *   respond(response);
+ */
+export async function checkIdempotency(store, envelope) {
+    const body = envelope.body;
+    if (!body.idempotencyKey)
+        return null;
+    return store.get(envelope.from, body.idempotencyKey);
+}
+export async function storeIdempotency(store, requestEnvelope, responseEnvelope, ttlMs) {
+    const body = requestEnvelope.body;
+    if (!body.idempotencyKey)
+        return;
+    await store.set(requestEnvelope.from, body.idempotencyKey, responseEnvelope, ttlMs);
+}
+//# sourceMappingURL=idempotency.js.map

package/dist/messages/idempotency.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"idempotency.js","sourceRoot":"","sources":["../../src/messages/idempotency.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAgCH,MAAM,OAAO,wBAAwB;IAClB,YAAY,CAAS;IACrB,KAAK,GAAG,IAAI,GAAG,EAAuB,CAAC;IACvC,iBAAiB,CAAS;IAC1B,YAAY,CAAiC;IAE9D,YAAY,SAAgE,EAAE;QAC5E,IAAI,CAAC,YAAY,GAAS,MAAM,CAAC,YAAY,IAAU,UAAU,CAAC,CAAC,MAAM;QACzE,IAAI,CAAC,iBAAiB,GAAI,MAAM,CAAC,iBAAiB,IAAK,OAAO,CAAC,CAAI,KAAK;QAExE,wEAAwE;QACxE,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACnF,8DAA8D;QAC9D,IAAI,IAAI,CAAC,YAAY,CAAC,KAAK;YAAE,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,SAAiB,EAAE,cAAsB;QACjD,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;QAChD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC,QAAQ,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,GAAG,CACP,SAAiB,EACjB,cAAsB,EACtB,QAAuB,EACvB,KAAK,GAAG,IAAI,CAAC,YAAY;QAEzB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,EAAE,cAAc,CAAC,EAAE;YAClD,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAED,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;IACzB,CAAC;IAEO,YAAY;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACtC,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS;gBAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;CACF;AAED,iFAAiF;AAEjF,SAAS,QAAQ,CAAC,SAAiB,EAAE,cAAsB;IACzD,OAAO,GAAG,SAAS,IAAI,cAAc,EAAE,CAAC;AAC1C,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAwB,EACxB,QAAuB;IAEvB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAmC,CAAC;IAC1D,IAAI,CAAC,IAAI,CAAC,cAAc;QAAE,OAAO,IAAI,CAAC;IACtC,OAAO,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAwB,EACxB,eAA8B,EAC9B,gBAA+B,EAC/B,KAAc;IAEd,MAAM,IAAI,GAAG,eAAe,CAAC,IAAmC,CAAC;IACjE,IAAI,CAAC,IAAI,CAAC,cAAc;QAAE,OAAO;IACjC,MAAM,KAAK,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,cAAc,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC;AACtF,CAAC"}

package/dist/messages/index.d.ts

@@ -0,0 +1,5 @@
+export * from "./types.js";
+export * from "./envelope.js";
+export * from "./nonce.js";
+export * from "./idempotency.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/messages/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/messages/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,YAAY,CAAC;AAC3B,cAAc,kBAAkB,CAAC"}

package/dist/messages/index.js

@@ -0,0 +1,5 @@
+export * from "./types.js";
+export * from "./envelope.js";
+export * from "./nonce.js";
+export * from "./idempotency.js";
+//# sourceMappingURL=index.js.map

package/dist/messages/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/messages/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,YAAY,CAAC;AAC3B,cAAc,kBAAkB,CAAC"}

package/dist/messages/nonce.d.ts

@@ -0,0 +1,60 @@
+/**
+ * Aroha Protocol — Nonce Registry
+ *
+ * Implements the spec rule:
+ *   "A receiving agent MUST reject any message where nonce has been seen before
+ *    (replay attack)"
+ *
+ * Nonces are stored with a TTL equal to the message's expires window.
+ * After a nonce expires it is automatically evicted to bound memory usage.
+ *
+ * This is protocol infrastructure. It has no knowledge of message contents.
+ */
+/**
+ * Pluggable nonce deduplication backend.
+ * Default: MapNonceStore (in-process). Production: inject a Redis adapter.
+ */
+export interface NonceStore {
+    /**
+     * Record a nonce and return true if it is fresh (first seen).
+     * Returns false if the nonce was already recorded (replay).
+     * expiryMs is the absolute expiry timestamp in milliseconds.
+     */
+    setIfAbsent(nonce: string, expiryMs: number): Promise<boolean>;
+    evictExpired(): Promise<void>;
+}
+export declare class MapNonceStore implements NonceStore {
+    private readonly seen;
+    setIfAbsent(nonce: string, expiryMs: number): Promise<boolean>;
+    evictExpired(): Promise<void>;
+    get size(): number;
+}
+export declare class NonceRegistry {
+    private readonly store;
+    private readonly cleanupTimer;
+    private readonly syncSeen;
+    constructor(cleanupIntervalMs?: number, store?: NonceStore);
+    /**
+     * Synchronous check — uses a dedicated in-process map.
+     * Use checkAsync when injecting a custom store.
+     *
+     * @param nonce     The nonce string from the message envelope
+     * @param expiresAt ISO8601 expiry time from the message's "expires" field
+     * @returns         true if the nonce is fresh (first time seen), false if replay
+     */
+    check(nonce: string, expiresAt: string): boolean;
+    /**
+     * Async check — works with any NonceStore, including custom backends.
+     *
+     * @param nonce     The nonce string from the message envelope
+     * @param expiresAt ISO8601 expiry time from the message's "expires" field
+     * @returns         true if the nonce is fresh (first time seen), false if replay
+     */
+    checkAsync(nonce: string, expiresAt: string): Promise<boolean>;
+    /** Number of nonces currently tracked (sync store). */
+    get size(): number;
+    /** Stop the background cleanup timer. Call when the owning server shuts down. */
+    destroy(): void;
+    private evictSyncSeen;
+}
+//# sourceMappingURL=nonce.d.ts.map

package/dist/messages/nonce.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nonce.d.ts","sourceRoot":"","sources":["../../src/messages/nonce.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB;;;;OAIG;IACH,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC/D,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CAC/B;AAID,qBAAa,aAAc,YAAW,UAAU;IAC9C,OAAO,CAAC,QAAQ,CAAC,IAAI,CAA6B;IAE5C,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAM9D,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAOnC,IAAI,IAAI,IAAI,MAAM,CAA2B;CAC9C;AAID,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAa;IACnC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAiC;IAE9D,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAA6B;gBAE1C,iBAAiB,SAAS,EAAE,KAAK,CAAC,EAAE,UAAU;IAU1D;;;;;;;OAOG;IACH,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO;IAWhD;;;;;;OAMG;IACG,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKpE,uDAAuD;IACvD,IAAI,IAAI,IAAI,MAAM,CAEjB;IAED,iFAAiF;IACjF,OAAO,IAAI,IAAI;IAIf,OAAO,CAAC,aAAa;CAMtB"}

package/dist/messages/nonce.js

@@ -0,0 +1,94 @@
+/**
+ * Aroha Protocol — Nonce Registry
+ *
+ * Implements the spec rule:
+ *   "A receiving agent MUST reject any message where nonce has been seen before
+ *    (replay attack)"
+ *
+ * Nonces are stored with a TTL equal to the message's expires window.
+ * After a nonce expires it is automatically evicted to bound memory usage.
+ *
+ * This is protocol infrastructure. It has no knowledge of message contents.
+ */
+// ─── Default in-process store ─────────────────────────────────────────────────
+export class MapNonceStore {
+    seen = new Map();
+    async setIfAbsent(nonce, expiryMs) {
+        if (this.seen.has(nonce))
+            return false;
+        this.seen.set(nonce, expiryMs);
+        return true;
+    }
+    async evictExpired() {
+        const now = Date.now();
+        for (const [nonce, expiryMs] of this.seen) {
+            if (expiryMs < now)
+                this.seen.delete(nonce);
+        }
+    }
+    get size() { return this.seen.size; }
+}
+// ─── Registry ─────────────────────────────────────────────────────────────────
+export class NonceRegistry {
+    store;
+    cleanupTimer;
+    // Synchronous seen map for backward-compat check()
+    syncSeen = new Map();
+    constructor(cleanupIntervalMs = 60_000, store) {
+        this.store = store ?? new MapNonceStore();
+        this.cleanupTimer = setInterval(() => {
+            this.store.evictExpired().catch(() => { });
+            this.evictSyncSeen();
+        }, cleanupIntervalMs);
+        // Allow the process to exit even if this registry is still alive.
+        if (typeof this.cleanupTimer.unref === "function")
+            this.cleanupTimer.unref();
+    }
+    /**
+     * Synchronous check — uses a dedicated in-process map.
+     * Use checkAsync when injecting a custom store.
+     *
+     * @param nonce     The nonce string from the message envelope
+     * @param expiresAt ISO8601 expiry time from the message's "expires" field
+     * @returns         true if the nonce is fresh (first time seen), false if replay
+     */
+    check(nonce, expiresAt) {
+        const now = Date.now();
+        // Evict expired entries
+        for (const [n, exp] of this.syncSeen) {
+            if (exp < now)
+                this.syncSeen.delete(n);
+        }
+        if (this.syncSeen.has(nonce))
+            return false;
+        this.syncSeen.set(nonce, new Date(expiresAt).getTime());
+        return true;
+    }
+    /**
+     * Async check — works with any NonceStore, including custom backends.
+     *
+     * @param nonce     The nonce string from the message envelope
+     * @param expiresAt ISO8601 expiry time from the message's "expires" field
+     * @returns         true if the nonce is fresh (first time seen), false if replay
+     */
+    async checkAsync(nonce, expiresAt) {
+        const expiryMs = new Date(expiresAt).getTime();
+        return this.store.setIfAbsent(nonce, expiryMs);
+    }
+    /** Number of nonces currently tracked (sync store). */
+    get size() {
+        return this.syncSeen.size;
+    }
+    /** Stop the background cleanup timer. Call when the owning server shuts down. */
+    destroy() {
+        clearInterval(this.cleanupTimer);
+    }
+    evictSyncSeen() {
+        const now = Date.now();
+        for (const [n, exp] of this.syncSeen) {
+            if (exp < now)
+                this.syncSeen.delete(n);
+        }
+    }
+}
+//# sourceMappingURL=nonce.js.map

package/dist/messages/nonce.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nonce.js","sourceRoot":"","sources":["../../src/messages/nonce.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAkBH,iFAAiF;AAEjF,MAAM,OAAO,aAAa;IACP,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IAElD,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,QAAgB;QAC/C,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YAC1C,IAAI,QAAQ,GAAG,GAAG;gBAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAED,IAAI,IAAI,KAAa,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;CAC9C;AAED,iFAAiF;AAEjF,MAAM,OAAO,aAAa;IACP,KAAK,CAAa;IAClB,YAAY,CAAiC;IAC9D,mDAAmD;IAClC,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAEtD,YAAY,iBAAiB,GAAG,MAAM,EAAE,KAAkB;QACxD,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,IAAI,aAAa,EAAE,CAAC;QAC1C,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,GAAG,EAAE;YACnC,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YAC1C,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,CAAC,EAAE,iBAAiB,CAAC,CAAC;QACtB,kEAAkE;QAClE,IAAI,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,KAAK,UAAU;YAAE,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IAC/E,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,KAAa,EAAE,SAAiB;QACpC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,wBAAwB;QACxB,KAAK,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrC,IAAI,GAAG,GAAG,GAAG;gBAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACzC,CAAC;QACD,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QAC3C,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,UAAU,CAAC,KAAa,EAAE,SAAiB;QAC/C,MAAM,QAAQ,GAAG,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;QAC/C,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IACjD,CAAC;IAED,uDAAuD;IACvD,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC5B,CAAC;IAED,iFAAiF;IACjF,OAAO;QACL,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACnC,CAAC;IAEO,aAAa;QACnB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrC,IAAI,GAAG,GAAG,GAAG;gBAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;CACF"}

package/dist/messages/types.d.ts

@@ -0,0 +1,302 @@
+/**
+ * Aroha Protocol — Layer 3 Message Type Definitions
+ *
+ * All message types defined by the Aroha spec (aroha/1.0).
+ * These are the ONLY valid values for the "type" field in a Aroha envelope.
+ *
+ * Applications may not invent new top-level message types — they extend
+ * behavior through the "body" field only.
+ */
+export interface WithCredential {
+    /**
+     * Registry-based auth: the credential ID returned on registration.
+     * The receiving agent resolves the full credential from the registry.
+     * Preferred over credentialToken for repeated calls — shorter and revocable.
+     */
+    credentialId?: string;
+    /**
+     * Inline auth: base64url-encoded signed HumanCredential.
+     * Used when no shared registry is available (e.g. first call or direct peer).
+     * If credentialId is also present, credentialId takes precedence.
+     */
+    credentialToken?: string;
+}
+export interface PreferenceContext {
+    budget?: {
+        max: number;
+        currency: string;
+    };
+    quality?: {
+        minRating?: number;
+    };
+    accessibility?: Record<string, boolean | string>;
+    constraints?: string[];
+    /** Signed VC granting the recipient access to read this context */
+    consentToken?: string;
+}
+export interface ArohaRequestBody extends WithCredential {
+    capability: string;
+    params: Record<string, unknown>;
+    preferenceContext?: PreferenceContext;
+    /**
+     * Idempotency key — if set, the receiving agent deduplicates requests with
+     * the same key from the same sender within a 24-hour window.
+     * Prevents duplicate side effects on retried requests (e.g. double-booking).
+     * Use a UUID generated once per logical operation, not per retry attempt.
+     */
+    idempotencyKey?: string;
+}
+export interface ArohaResponseBody {
+    capability: string;
+    result: Record<string, unknown>;
+}
+export interface ArohaStreamBody {
+    capability: string;
+    progressPct: number;
+    event: string;
+    data?: Record<string, unknown>;
+}
+export interface CapabilitySchemaShape {
+    /** JSON Schema for the capability's input body (params field). */
+    input: Record<string, unknown>;
+    /** JSON Schema for the capability's expected output (result field). */
+    output?: Record<string, unknown>;
+}
+export interface CSNNegotiateExtension {
+    /**
+     * Natural-language description of what the requestor needs.
+     * The provider uses this as a hint when structural schema matching is
+     * ambiguous. Absent means "use schema-only matching".
+     */
+    capabilityIntent?: string;
+    /**
+     * JSON Schema of the requestor's expected interface.
+     * The provider runs structural compatibility matching against its registry.
+     * If a high-confidence match is found, no LLM call is needed.
+     */
+    desiredSchema?: CapabilitySchemaShape;
+    /**
+     * SHA-256 hex of the canonical desiredSchema JSON.
+     * The provider checks its cache first — if a mapping exists for this hash
+     * and this sender DID, the negotiation resolves in < 1ms without LLM.
+     */
+    schemaHash?: string;
+    /**
+     * If true, the provider returns its full signed capability manifest
+     * in the ArohaAccept body. The requestor caches it for future calls.
+     */
+    requestCapabilityManifest?: boolean;
+    /**
+     * When true, the provider MUST NOT use LLM-based fuzzy matching.
+     * If structural/cache match fails, return ArohaError with code CSN_NO_STRUCTURAL_MATCH.
+     */
+    disallowLLMFallback?: boolean;
+}
+export interface CapabilityManifestEntry {
+    name: string;
+    description: string;
+    inputSchema: Record<string, unknown>;
+    outputSchema?: Record<string, unknown>;
+    supportsSaga: boolean;
+    defaultPricing?: {
+        model: "per-call" | "subscription" | "negotiated";
+        amount?: number;
+        currency?: string;
+    };
+    defaultSLA?: {
+        maxResponseMs: number;
+        p99Ms?: number;
+    };
+}
+export interface SignedCapabilityManifest {
+    agentDID: string;
+    capabilities: CapabilityManifestEntry[];
+    generatedAt: string;
+    /** Ed25519 signature over the canonical manifest JSON. */
+    signature: string;
+}
+export interface ArohaNegotiateBody {
+    capability: string;
+    proposedTerms: {
+        price?: {
+            amount: number;
+            currency: string;
+        };
+        sla?: {
+            maxResponseMs: number;
+            uptime: number;
+        };
+        validForMs?: number;
+        [key: string]: unknown;
+    };
+    /** CSN extension — omit for traditional price/SLA-only negotiation. */
+    csn?: CSNNegotiateExtension;
+}
+export interface CSNAcceptExtension {
+    /**
+     * The actual registered capability name that matched the intent/schema.
+     * May differ from the `capability` field when CSN resolves an alias.
+     */
+    resolvedCapability?: string;
+    /** The schema the provider agreed to serve. Stored by requestor for caching. */
+    agreedSchema?: CapabilitySchemaShape;
+    /** Echo of the requestor's schemaHash — allows cache population. */
+    schemaHash?: string;
+    /** Returned when requestCapabilityManifest was true. */
+    capabilityManifest?: SignedCapabilityManifest;
+    /**
+     * How the capability was matched:
+     * "schema" — deterministic structural match (preferred, no LLM)
+     * "intent" — LLM-assisted match (less certain, human approval recommended)
+     * "cache"  — recovered from SHA-256 negotiation cache (zero-latency)
+     */
+    matchMethod?: "schema" | "intent" | "cache";
+    /** Structural compatibility score (0–1) when matchMethod is "schema". */
+    compatibilityScore?: number;
+    /**
+     * Audit trail of how the match was resolved.
+     * Consumers can use this to tune caching or flag unexpected LLM usage.
+     */
+    matchAudit?: {
+        structuralScore?: number;
+        cacheHit?: boolean;
+        llmUsed: boolean;
+        llmModel?: string;
+        fallbackReason?: string;
+    };
+}
+export interface ArohaCounterOfferBody {
+    capability: string;
+    revisedTerms: ArohaNegotiateBody["proposedTerms"];
+    csn?: Pick<CSNAcceptExtension, "resolvedCapability" | "agreedSchema" | "capabilityManifest">;
+}
+export interface ArohaAcceptBody {
+    capability: string;
+    acceptedTerms: ArohaNegotiateBody["proposedTerms"];
+    /** CSN extension — present when the accept resolves a capability schema match. */
+    csn?: CSNAcceptExtension;
+}
+export interface ArohaReserveBody extends WithCredential {
+    capability: string;
+    params: Record<string, unknown>;
+    holdDurationMs: number;
+    preferenceContext?: PreferenceContext;
+}
+export interface ArohaReserveAckBody {
+    reservationToken: string;
+    expiresAt: string;
+}
+export interface ArohaCommitBody {
+    reservationToken: string;
+}
+export interface ArohaCommitAckBody {
+    reservationToken: string;
+    result: Record<string, unknown>;
+}
+export interface ArohaCancelBody {
+    reservationToken: string;
+    reason: string;
+}
+export interface ArohaCancelAckBody {
+    reservationToken: string;
+}
+export interface ArohaDelegateBody extends WithCredential {
+    targetDID: string;
+    capability: string;
+    params: Record<string, unknown>;
+    preferenceContext?: PreferenceContext;
+}
+export interface ArohaErrorBody {
+    code: ArohaErrorCode;
+    message: string;
+    retryable: boolean;
+    details?: Record<string, unknown>;
+}
+export interface ArohaSatisfactionSignalBody {
+    sagaId: string;
+    agentDID: string;
+    /** The capability this signal applies to (e.g. "search-flights"). */
+    capability: string;
+    outcome: "satisfied" | "neutral" | "dissatisfied";
+    dimensions: {
+        price: "satisfied" | "neutral" | "dissatisfied";
+        quality: "satisfied" | "neutral" | "dissatisfied";
+        speed: "satisfied" | "neutral" | "dissatisfied";
+    };
+    /** Whether the saga completed within the provider's stated SLA. */
+    withinSLA: boolean;
+    /** Whether a compensation (ArohaCancel) was required to recover. */
+    requiredCompensation: boolean;
+}
+/**
+ * ArohaSpendingMandate — Layer 1 authorization token for agent payments.
+ *
+ * Enables agents to spend funds on behalf of a user without ever seeing
+ * raw payment credentials. Each hop in the delegation chain can only
+ * narrow constraints — never widen them.
+ *
+ * Mandate chain: User (intent) → Personal Agent (cart) → Provider (payment).
+ *
+ * References:
+ *   AP2 Protocol (Google) — Intent/Cart/Payment Mandate pattern.
+ *   IETF draft-niyikiza-oauth-attenuating-agent-tokens — monotonic scope narrowing.
+ */
+export interface ArohaSpendingMandateBody {
+    mandateTier: "intent" | "cart" | "payment";
+    constraints: SpendingConstraints;
+    grantee: string;
+    grantor: string;
+    expiresAt: string;
+    parentMandateId: string | null;
+    mandateId: string;
+}
+export interface SpendingConstraints {
+    spendLimitUsd: number;
+    sessionLimitUsd?: number;
+    currency?: string;
+    merchantCategory?: string | null;
+    requireHumanApprovalAboveUsd?: number;
+    allowedMerchants?: string[] | null;
+    validFrom?: string;
+    validUntil?: string;
+}
+export declare enum ArohaErrorCode {
+    Unauthorized = "Aroha_UNAUTHORIZED",// missing or invalid credential
+    Forbidden = "Aroha_FORBIDDEN",// credential valid but role denied
+    InvalidSignature = "Aroha_INVALID_SIGNATURE",
+    ExpiredMessage = "Aroha_EXPIRED_MESSAGE",
+    ReplayDetected = "Aroha_REPLAY_DETECTED",
+    UnknownCapability = "Aroha_UNKNOWN_CAPABILITY",
+    TrustLevelInsufficient = "Aroha_TRUST_LEVEL_INSUFFICIENT",
+    ReservationFailed = "Aroha_RESERVATION_FAILED",
+    ReservationExpired = "Aroha_RESERVATION_EXPIRED",
+    CommitFailed = "Aroha_COMMIT_FAILED",
+    CancelFailed = "Aroha_CANCEL_FAILED",
+    InvalidToken = "Aroha_INVALID_TOKEN",
+    NoInventory = "Aroha_NO_INVENTORY",
+    CapacityExceeded = "Aroha_CAPACITY_EXCEEDED",
+    ServiceUnavailable = "Aroha_SERVICE_UNAVAILABLE",
+    InternalError = "Aroha_INTERNAL_ERROR",
+    InvalidParams = "Aroha_INVALID_PARAMS",
+    CSN_NO_STRUCTURAL_MATCH = "CSN_NO_STRUCTURAL_MATCH"
+}
+export type ArohaMessageType = "ArohaRequest" | "ArohaResponse" | "ArohaStream" | "ArohaNegotiate" | "ArohaCounterOffer" | "ArohaAccept" | "ArohaReserve" | "ArohaReserveAck" | "ArohaCommit" | "ArohaCommitAck" | "ArohaCancel" | "ArohaCancelAck" | "ArohaDelegate" | "ArohaError" | "ArohaSatisfactionSignal" | "ArohaSpendingMandate";
+export type ArohaBodyByType = {
+    ArohaRequest: ArohaRequestBody;
+    ArohaResponse: ArohaResponseBody;
+    ArohaStream: ArohaStreamBody;
+    ArohaNegotiate: ArohaNegotiateBody;
+    ArohaCounterOffer: ArohaCounterOfferBody;
+    ArohaAccept: ArohaAcceptBody;
+    ArohaReserve: ArohaReserveBody;
+    ArohaReserveAck: ArohaReserveAckBody;
+    ArohaCommit: ArohaCommitBody;
+    ArohaCommitAck: ArohaCommitAckBody;
+    ArohaCancel: ArohaCancelBody;
+    ArohaCancelAck: ArohaCancelAckBody;
+    ArohaDelegate: ArohaDelegateBody;
+    ArohaError: ArohaErrorBody;
+    ArohaSatisfactionSignal: ArohaSatisfactionSignalBody;
+    ArohaSpendingMandate: ArohaSpendingMandateBody;
+};
+//# sourceMappingURL=types.d.ts.map

package/dist/messages/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/messages/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAQH,MAAM,WAAW,cAAc;IAC7B;;;;OAIG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAID,MAAM,WAAW,iBAAiB;IAChC,MAAM,CAAC,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IAC3C,OAAO,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACjC,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,CAAC,CAAC;IACjD,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,mEAAmE;IACnE,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAID,MAAM,WAAW,gBAAiB,SAAQ,cAAc;IACtD,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;;;;OAKG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAChC;AAQD,MAAM,WAAW,qBAAqB;IACpC,kEAAkE;IAClE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC/B,uEAAuE;IACvE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,qBAAqB;IACpC;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;;;OAIG;IACH,aAAa,CAAC,EAAE,qBAAqB,CAAC;IACtC;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,yBAAyB,CAAC,EAAE,OAAO,CAAC;IACpC;;;OAGG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B;AAED,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,YAAY,EAAE,OAAO,CAAC;IACtB,cAAc,CAAC,EAAE;QAAE,KAAK,EAAE,UAAU,GAAG,cAAc,GAAG,YAAY,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC3G,UAAU,CAAC,EAAE;QAAE,aAAa,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CACxD;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,uBAAuB,EAAE,CAAC;IACxC,WAAW,EAAE,MAAM,CAAC;IACpB,0DAA0D;IAC1D,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE;QACb,KAAK,CAAC,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE,MAAM,CAAA;SAAE,CAAC;QAC7C,GAAG,CAAC,EAAE;YAAE,aAAa,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;QAChD,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC;IACF,uEAAuE;IACvE,GAAG,CAAC,EAAE,qBAAqB,CAAC;CAC7B;AAED,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,gFAAgF;IAChF,YAAY,CAAC,EAAE,qBAAqB,CAAC;IACrC,oEAAoE;IACpE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,wDAAwD;IACxD,kBAAkB,CAAC,EAAE,wBAAwB,CAAC;IAC9C;;;;;OAKG;IACH,WAAW,CAAC,EAAE,QAAQ,GAAG,QAAQ,GAAG,OAAO,CAAC;IAC5C,yEAAyE;IACzE,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;;OAGG;IACH,UAAU,CAAC,EAAE;QACX,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,QAAQ,CAAC,EAAE,OAAO,CAAC;QACnB,OAAO,EAAE,OAAO,CAAC;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,cAAc,CAAC,EAAE,MAAM,CAAC;KACzB,CAAC;CACH;AAED,MAAM,WAAW,qBAAqB;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,kBAAkB,CAAC,eAAe,CAAC,CAAC;IAClD,GAAG,CAAC,EAAE,IAAI,CAAC,kBAAkB,EAAE,oBAAoB,GAAG,cAAc,GAAG,oBAAoB,CAAC,CAAC;CAC9F;AAED,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,kBAAkB,CAAC,eAAe,CAAC,CAAC;IACnD,kFAAkF;IAClF,GAAG,CAAC,EAAE,kBAAkB,CAAC;CAC1B;AAED,MAAM,WAAW,gBAAiB,SAAQ,cAAc;IACtD,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,mBAAmB;IAClC,gBAAgB,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,kBAAkB;IACjC,gBAAgB,EAAE,MAAM,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED,MAAM,WAAW,eAAe;IAC9B,gBAAgB,EAAE,MAAM,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,kBAAkB;IACjC,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,iBAAkB,SAAQ,cAAc;IACvD,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,cAAc,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,OAAO,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,2BAA2B;IAC1C,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,qEAAqE;IACrE,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,WAAW,GAAG,SAAS,GAAG,cAAc,CAAC;IAClD,UAAU,EAAE;QACV,KAAK,EAAE,WAAW,GAAG,SAAS,GAAG,cAAc,CAAC;QAChD,OAAO,EAAE,WAAW,GAAG,SAAS,GAAG,cAAc,CAAC;QAClD,KAAK,EAAE,WAAW,GAAG,SAAS,GAAG,cAAc,CAAC;KACjD,CAAC;IACF,mEAAmE;IACnE,SAAS,EAAE,OAAO,CAAC;IACnB,oEAAoE;IACpE,oBAAoB,EAAE,OAAO,CAAC;CAC/B;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,wBAAwB;IACvC,WAAW,EAAE,QAAQ,GAAG,MAAM,GAAG,SAAS,CAAC;IAC3C,WAAW,EAAE,mBAAmB,CAAC;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,mBAAmB;IAClC,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC,gBAAgB,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAID,oBAAY,cAAc;IAExB,YAAY,uBAAgC,CAAI,gCAAgC;IAChF,SAAS,oBAAgC,CAAQ,mCAAmC;IAGpF,gBAAgB,4BAAiC;IACjD,cAAc,0BAAiC;IAC/C,cAAc,0BAAiC;IAC/C,iBAAiB,6BAAiC;IAClD,sBAAsB,mCAAmC;IAGzD,iBAAiB,6BAAiC;IAClD,kBAAkB,8BAAiC;IACnD,YAAY,wBAAiC;IAC7C,YAAY,wBAAiC;IAC7C,YAAY,wBAAiC;IAG7C,WAAW,uBAAiC;IAC5C,gBAAgB,4BAAiC;IACjD,kBAAkB,8BAAiC;IAGnD,aAAa,yBAAiC;IAC9C,aAAa,yBAAiC;IAG9C,uBAAuB,4BAA4B;CACpD;AAID,MAAM,MAAM,gBAAgB,GACxB,cAAc,GACd,eAAe,GACf,aAAa,GACb,gBAAgB,GAChB,mBAAmB,GACnB,aAAa,GACb,cAAc,GACd,iBAAiB,GACjB,aAAa,GACb,gBAAgB,GAChB,aAAa,GACb,gBAAgB,GAChB,eAAe,GACf,YAAY,GACZ,yBAAyB,GACzB,sBAAsB,CAAC;AAE3B,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,EAAY,gBAAgB,CAAC;IACzC,aAAa,EAAW,iBAAiB,CAAC;IAC1C,WAAW,EAAa,eAAe,CAAC;IACxC,cAAc,EAAU,kBAAkB,CAAC;IAC3C,iBAAiB,EAAO,qBAAqB,CAAC;IAC9C,WAAW,EAAa,eAAe,CAAC;IACxC,YAAY,EAAY,gBAAgB,CAAC;IACzC,eAAe,EAAS,mBAAmB,CAAC;IAC5C,WAAW,EAAa,eAAe,CAAC;IACxC,cAAc,EAAU,kBAAkB,CAAC;IAC3C,WAAW,EAAa,eAAe,CAAC;IACxC,cAAc,EAAU,kBAAkB,CAAC;IAC3C,aAAa,EAAW,iBAAiB,CAAC;IAC1C,UAAU,EAAc,cAAc,CAAC;IACvC,uBAAuB,EAAE,2BAA2B,CAAC;IACrD,oBAAoB,EAAI,wBAAwB,CAAC;CAClD,CAAC"}