@aster-rpc/aster 0.1.2

package/dist/trust/credentials.js

@@ -0,0 +1,250 @@
+/**
+ * Credential types and ed25519 signing/verification.
+ *
+ * Spec reference: Aster-trust-spec.md
+ *
+ * Signing bytes computation delegates to Rust core via NAPI.
+ * Ed25519 operations use @noble/ed25519 for portability.
+ */
+/** Reserved attribute keys. */
+export const ATTR_ROLE = 'aster.role';
+export const ATTR_NAME = 'aster.name';
+export const ATTR_IID_PROVIDER = 'aster.iid_provider';
+export const ATTR_IID_ACCOUNT = 'aster.iid_account';
+export const ATTR_IID_REGION = 'aster.iid_region';
+export const ATTR_IID_ROLE_ARN = 'aster.iid_role_arn';
+let _edModule; // undefined = not tried, null = unavailable
+let _nodeCrypto;
+async function getEd() {
+    if (_edModule !== undefined)
+        return _edModule;
+    try {
+        // @ts-ignore — optional dependency
+        _edModule = (await import('@noble/ed25519'));
+    }
+    catch {
+        _edModule = null;
+    }
+    return _edModule;
+}
+async function getNodeCrypto() {
+    if (_nodeCrypto)
+        return _nodeCrypto;
+    _nodeCrypto = await import('node:crypto');
+    return _nodeCrypto;
+}
+/**
+ * Generate an ed25519 keypair.
+ * Returns [privateKey (32 bytes), publicKey (32 bytes)].
+ *
+ * Requires @noble/ed25519:
+ * ```ts
+ * import { utils } from '@noble/ed25519';
+ * const privKey = utils.randomPrivateKey();
+ * const pubKey = await getPublicKeyAsync(privKey);
+ * ```
+ */
+export async function generateKeypair() {
+    const ed = await getEd();
+    if (ed) {
+        const privateKey = ed.utils.randomPrivateKey();
+        const publicKey = await ed.getPublicKeyAsync(privateKey);
+        return [privateKey, publicKey];
+    }
+    const { generateKeyPairSync } = await getNodeCrypto();
+    const { publicKey, privateKey } = generateKeyPairSync('ed25519');
+    const privBuf = privateKey.export({ type: 'pkcs8', format: 'der' }).subarray(-32);
+    const pubBuf = publicKey.export({ type: 'spki', format: 'der' }).subarray(-32);
+    return [new Uint8Array(privBuf), new Uint8Array(pubBuf)];
+}
+/**
+ * Sign a message with an ed25519 private key.
+ * Returns 64-byte signature.
+ */
+export async function sign(privateKey, message) {
+    const ed = await getEd();
+    if (ed) {
+        return ed.signAsync(message, privateKey);
+    }
+    const { sign: cryptoSign, createPrivateKey } = await getNodeCrypto();
+    const key = createPrivateKey({
+        key: Buffer.concat([
+            Buffer.from('302e020100300506032b657004220420', 'hex'),
+            Buffer.from(privateKey),
+        ]),
+        format: 'der',
+        type: 'pkcs8',
+    });
+    return new Uint8Array(cryptoSign(null, Buffer.from(message), key));
+}
+/**
+ * Verify an ed25519 signature.
+ */
+export async function verify(publicKey, message, signature) {
+    const ed = await getEd();
+    if (ed) {
+        return ed.verifyAsync(signature, message, publicKey);
+    }
+    const { verify: cryptoVerify, createPublicKey } = await getNodeCrypto();
+    const key = createPublicKey({
+        key: Buffer.concat([
+            Buffer.from('302a300506032b6570032100', 'hex'),
+            Buffer.from(publicKey),
+        ]),
+        format: 'der',
+        type: 'spki',
+    });
+    return cryptoVerify(null, Buffer.from(message), key, Buffer.from(signature));
+}
+// ── Hex helpers ──────────────────────────────────────────────────────────────
+function hexToBytes(hex) {
+    const bytes = new Uint8Array(hex.length / 2);
+    for (let i = 0; i < hex.length; i += 2) {
+        bytes[i / 2] = parseInt(hex.substring(i, i + 2), 16);
+    }
+    return bytes;
+}
+function bytesToHex(bytes) {
+    return Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join('');
+}
+// ── Canonical signing bytes ─────────────────────────────────────────────────
+// Spec reference: Aster-trust-spec.md §2.2, §2.4
+// Authoritative implementation: core/src/signing.rs
+// This TS version mirrors the Python helper for credential sign/verify.
+/** Canonical JSON: UTF-8, sorted keys, no extra whitespace. */
+export function canonicalJson(attributes) {
+    const sorted = Object.keys(attributes).sort();
+    const obj = {};
+    for (const k of sorted)
+        obj[k] = attributes[k];
+    const json = JSON.stringify(obj);
+    return new TextEncoder().encode(json);
+}
+/** u64 big-endian encoding. */
+function writeU64BE(value) {
+    const buf = new ArrayBuffer(8);
+    const view = new DataView(buf);
+    // JS numbers are safe up to 2^53; for epoch seconds this is fine
+    view.setUint32(0, Math.floor(value / 0x100000000));
+    view.setUint32(4, value >>> 0);
+    return new Uint8Array(buf);
+}
+/** Signing bytes for EnrollmentCredential (producer). */
+export function producerSigningBytes(cred) {
+    const parts = [
+        new TextEncoder().encode(cred.endpointId),
+        hexToBytes(cred.rootPubkey), // 32 bytes
+        writeU64BE(cred.expiresAt), // 8 bytes
+        canonicalJson(cred.attributes),
+    ];
+    return concatBytes(parts);
+}
+/** Signing bytes for ConsumerEnrollmentCredential. */
+export function consumerSigningBytes(cred) {
+    const typeCode = cred.credentialType === 'ott' ? new Uint8Array([0x01]) : new Uint8Array([0x00]);
+    let eidPart;
+    if (cred.endpointId != null) {
+        const eidBytes = new TextEncoder().encode(cred.endpointId);
+        eidPart = concatBytes([new Uint8Array([0x01]), eidBytes]);
+    }
+    else {
+        eidPart = new Uint8Array([0x00]);
+    }
+    let noncePart;
+    if (cred.nonce != null) {
+        noncePart = concatBytes([new Uint8Array([0x01]), hexToBytes(cred.nonce)]);
+    }
+    else {
+        noncePart = new Uint8Array([0x00]);
+    }
+    return concatBytes([
+        typeCode,
+        eidPart,
+        hexToBytes(cred.rootPubkey), // 32 bytes
+        writeU64BE(cred.expiresAt), // 8 bytes
+        canonicalJson(cred.attributes),
+        noncePart,
+    ]);
+}
+/** Compute signing bytes for any credential type. */
+export function credentialSigningBytes(cred) {
+    if ('endpointId' in cred && 'credentialType' in cred) {
+        return consumerSigningBytes(cred);
+    }
+    if ('endpointId' in cred && !('credentialType' in cred)) {
+        return producerSigningBytes(cred);
+    }
+    throw new Error(`Unsupported credential type`);
+}
+/**
+ * Sign a credential with the root private key.
+ * Returns 64-byte signature as hex string.
+ */
+export async function signCredential(cred, rootPrivkeyRaw) {
+    const msg = credentialSigningBytes(cred);
+    const sig = await sign(rootPrivkeyRaw, msg);
+    return bytesToHex(sig);
+}
+/**
+ * Verify a credential's signature.
+ * If rootPubkeyHex is provided, it overrides cred.rootPubkey.
+ * Returns true on success, false on any failure.
+ */
+export async function verifyCredentialSignature(cred, rootPubkeyHex) {
+    const pubkeyHex = rootPubkeyHex ?? cred.rootPubkey;
+    try {
+        const msg = credentialSigningBytes(cred);
+        return await verify(hexToBytes(pubkeyHex), msg, hexToBytes(cred.signature));
+    }
+    catch {
+        return false;
+    }
+}
+// ── Helpers ──────────────────────────────────────────────────────────────────
+function concatBytes(arrays) {
+    const totalLen = arrays.reduce((sum, a) => sum + a.length, 0);
+    const result = new Uint8Array(totalLen);
+    let offset = 0;
+    for (const a of arrays) {
+        result.set(a, offset);
+        offset += a.length;
+    }
+    return result;
+}
+// ── Key utilities ─────────────────────────────────────────────────────────────
+/**
+ * Generate a root keypair (alias for generateKeypair).
+ * Returns [privateKey, publicKey] as raw 32-byte arrays.
+ */
+export async function generateRootKeypair() {
+    return generateKeypair();
+}
+/**
+ * Load a raw 32-byte private key.
+ * Returns the key as-is (validates length).
+ */
+export function loadPrivateKey(privRaw) {
+    if (privRaw.byteLength !== 32) {
+        throw new TypeError(`Invalid private key length: expected 32, got ${privRaw.byteLength}`);
+    }
+    return privRaw;
+}
+/**
+ * Load a raw 32-byte public key.
+ * Returns the key as-is (validates length).
+ */
+export function loadPublicKey(pubRaw) {
+    if (pubRaw.byteLength !== 32) {
+        throw new TypeError(`Invalid public key length: expected 32, got ${pubRaw.byteLength}`);
+    }
+    return pubRaw;
+}
+/**
+ * Verify an ed25519 signature.
+ * Alias for the low-level `verify()` with a consistent signature.
+ */
+export async function verifySignature(publicKey, message, signature) {
+    return verify(publicKey, message, signature);
+}
+export { hexToBytes, bytesToHex, concatBytes };
+//# sourceMappingURL=credentials.js.map

package/dist/trust/credentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/trust/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAsBH,+BAA+B;AAC/B,MAAM,CAAC,MAAM,SAAS,GAAG,YAAY,CAAC;AACtC,MAAM,CAAC,MAAM,SAAS,GAAG,YAAY,CAAC;AACtC,MAAM,CAAC,MAAM,iBAAiB,GAAG,oBAAoB,CAAC;AACtD,MAAM,CAAC,MAAM,gBAAgB,GAAG,mBAAmB,CAAC;AACpD,MAAM,CAAC,MAAM,eAAe,GAAG,kBAAkB,CAAC;AAClD,MAAM,CAAC,MAAM,iBAAiB,GAAG,oBAAoB,CAAC;AAkBtD,IAAI,SAAsC,CAAC,CAAC,4CAA4C;AACxF,IAAI,WAAgD,CAAC;AAErD,KAAK,UAAU,KAAK;IAClB,IAAI,SAAS,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IAC9C,IAAI,CAAC;QACH,mCAAmC;QACnC,SAAS,GAAG,CAAC,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAa,CAAC;IAC3D,CAAC;IAAC,MAAM,CAAC;QACP,SAAS,GAAG,IAAI,CAAC;IACnB,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,IAAI,WAAW;QAAE,OAAO,WAAW,CAAC;IACpC,WAAW,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAC1C,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,EAAE,GAAG,MAAM,KAAK,EAAE,CAAC;IACzB,IAAI,EAAE,EAAE,CAAC;QACP,MAAM,UAAU,GAAG,EAAE,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC;QAC/C,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;QACzD,OAAO,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IACjC,CAAC;IACD,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,aAAa,EAAE,CAAC;IACtD,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC;IAClF,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC;IAC/E,OAAO,CAAC,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,UAAsB,EAAE,OAAmB;IACpE,MAAM,EAAE,GAAG,MAAM,KAAK,EAAE,CAAC;IACzB,IAAI,EAAE,EAAE,CAAC;QACP,OAAO,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAC3C,CAAC;IACD,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,gBAAgB,EAAE,GAAG,MAAM,aAAa,EAAE,CAAC;IACrE,MAAM,GAAG,GAAG,gBAAgB,CAAC;QAC3B,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC;YACtD,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;SACxB,CAAC;QACF,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,OAAO;KACd,CAAC,CAAC;IACH,OAAO,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AACrE,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,SAAqB,EACrB,OAAmB,EACnB,SAAqB;IAErB,MAAM,EAAE,GAAG,MAAM,KAAK,EAAE,CAAC;IACzB,IAAI,EAAE,EAAE,CAAC;QACP,OAAO,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;IACvD,CAAC;IACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,eAAe,EAAE,GAAG,MAAM,aAAa,EAAE,CAAC;IACxE,MAAM,GAAG,GAAG,eAAe,CAAC;QAC1B,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC;YAC9C,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC;SACvB,CAAC;QACF,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,MAAM;KACb,CAAC,CAAC;IACH,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;AAC/E,CAAC;AAED,gFAAgF;AAEhF,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,UAAU,CAAC,KAAiB;IACnC,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC9E,CAAC;AAED,+EAA+E;AAC/E,iDAAiD;AACjD,oDAAoD;AACpD,wEAAwE;AAExE,+DAA+D;AAC/D,MAAM,UAAU,aAAa,CAAC,UAAkC;IAC9D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9C,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,IAAI,MAAM;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACjC,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACxC,CAAC;AAED,+BAA+B;AAC/B,SAAS,UAAU,CAAC,KAAa;IAC/B,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC/B,iEAAiE;IACjE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,WAAW,CAAC,CAAC,CAAC;IACnD,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,CAAC,CAAC;IAC/B,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,yDAAyD;AACzD,MAAM,UAAU,oBAAoB,CAAC,IAA0B;IAC7D,MAAM,KAAK,GAAiB;QAC1B,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;QACzC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,EAAQ,WAAW;QAC9C,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAS,UAAU;QAC7C,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC;KAC/B,CAAC;IACF,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;AAC5B,CAAC;AAED,sDAAsD;AACtD,MAAM,UAAU,oBAAoB,CAAC,IAAkC;IACrE,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAEjG,IAAI,OAAmB,CAAC;IACxB,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC3D,OAAO,GAAG,WAAW,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC5D,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,SAAqB,CAAC;IAC1B,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,EAAE,CAAC;QACvB,SAAS,GAAG,WAAW,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC5E,CAAC;SAAM,CAAC;QACN,SAAS,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACrC,CAAC;IAED,OAAO,WAAW,CAAC;QACjB,QAAQ;QACR,OAAO;QACP,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,EAAQ,WAAW;QAC9C,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAS,UAAU;QAC7C,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC;QAC9B,SAAS;KACV,CAAC,CAAC;AACL,CAAC;AAED,qDAAqD;AACrD,MAAM,UAAU,sBAAsB,CACpC,IAAyD;IAEzD,IAAI,YAAY,IAAI,IAAI,IAAI,gBAAgB,IAAI,IAAI,EAAE,CAAC;QACrD,OAAO,oBAAoB,CAAC,IAAoC,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,YAAY,IAAI,IAAI,IAAI,CAAC,CAAC,gBAAgB,IAAI,IAAI,CAAC,EAAE,CAAC;QACxD,OAAO,oBAAoB,CAAC,IAA4B,CAAC,CAAC;IAC5D,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;AACjD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAyD,EACzD,cAA0B;IAE1B,MAAM,GAAG,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;IACzC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;IAC5C,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,IAAyD,EACzD,aAAsB;IAEtB,MAAM,SAAS,GAAG,aAAa,IAAI,IAAI,CAAC,UAAU,CAAC;IACnD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;QACzC,OAAO,MAAM,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,gFAAgF;AAEhF,SAAS,WAAW,CAAC,MAAoB;IACvC,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC9D,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;IACxC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QACtB,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC;IACrB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,OAAO,eAAe,EAAE,CAAC;AAC3B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,OAAmB;IAChD,IAAI,OAAO,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAC9B,MAAM,IAAI,SAAS,CAAC,gDAAgD,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IAC5F,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,MAAkB;IAC9C,IAAI,MAAM,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,SAAS,CAAC,+CAA+C,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,SAAqB,EACrB,OAAmB,EACnB,SAAqB;IAErB,OAAO,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;AAC/C,CAAC;AAED,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC"}

package/dist/trust/delegated.d.ts

@@ -0,0 +1,118 @@
+/**
+ * aster/trust/delegated -- Delegated admission via @aster-issued enrollment tokens.
+ *
+ * Implements the `aster.admission` ALPN handler (Aster-trust-spec S3a).
+ *
+ * Protocol:
+ *   1. Consumer sends: EnrollmentToken (JSON) + SigningKeyAttestation (JSON)
+ *   2. Service verifies: attestation -> token -> service binding
+ *   3. Service sends: AdmissionChallenge (32-byte nonce + service identity)
+ *   4. Consumer sends: AdmissionProof (signature over challenge with root key)
+ *   5. Service verifies: proof of possession
+ *   6. Service admits with: {handle, roles}
+ *
+ * All crypto is ed25519. No network calls -- verification uses cached
+ * attestations and the @aster root pubkey received at publish time.
+ */
+import type { MeshEndpointHook } from './hooks.js';
+import type { PeerAttributeStore } from '../peer-store.js';
+/** Attestation binding a signing key to the @aster root key. */
+export interface SigningKeyAttestation {
+    signingPubkey: string;
+    keyId: string;
+    validFrom: number;
+    validUntil: number;
+    rootSignature: string;
+}
+/** @aster-issued token granting a consumer access to a service. */
+export interface EnrollmentToken {
+    consumerHandle: string;
+    consumerPubkey: string;
+    targetHandle: string;
+    targetService: string;
+    targetContractId: string;
+    roles: string[];
+    issuedAt: number;
+    expiresAt: number;
+    signingKeyId: string;
+    signature: string;
+}
+/** Service-side policy for verifying delegated tokens. */
+export interface DelegatedAdmissionPolicy {
+    targetHandle: string;
+    targetService: string;
+    targetContractId: string;
+    /** Hex-encoded @aster root public key -- the trust anchor. */
+    asterRootPubkey: string;
+}
+/** Result of a successful delegated admission. */
+export interface DelegatedAdmissionResult {
+    admitted: boolean;
+    handle: string;
+    roles: string[];
+    consumerPubkey: string;
+}
+/**
+ * Verify a signing-key attestation against the @aster root pubkey.
+ * Throws RpcError on failure.
+ */
+export declare function verifyAttestation(attestation: SigningKeyAttestation, opts: {
+    asterRootPubkeyHex: string;
+    now?: number;
+}): Promise<void>;
+/**
+ * Verify an enrollment token against the attestation and service policy.
+ * Throws RpcError on failure.
+ */
+export declare function verifyToken(token: EnrollmentToken, attestation: SigningKeyAttestation, opts: {
+    policy: DelegatedAdmissionPolicy;
+    now?: number;
+}): Promise<void>;
+/**
+ * Verify the consumer's proof of possession of their root key.
+ * Throws RpcError on failure.
+ */
+export declare function verifyProofOfPossession(opts: {
+    consumerPubkeyHex: string;
+    challengeBytes: Uint8Array;
+    signatureHex: string;
+}): Promise<void>;
+/** Build the challenge payload that the consumer must sign. */
+export declare function buildChallengeBytes(nonce: Uint8Array, targetHandle: string, targetService: string, alpn?: string): Uint8Array;
+/**
+ * Bidirectional stream abstraction expected by the handler.
+ * Matches the shape provided by Iroh QUIC connections.
+ */
+export interface BiStream {
+    send: {
+        writeAll(data: Uint8Array): Promise<void>;
+        finish(): Promise<void>;
+    };
+    recv: {
+        readToEnd(maxBytes: number): Promise<Uint8Array | null>;
+    };
+}
+/**
+ * Connection abstraction expected by the handler.
+ */
+export interface AdmissionConnection {
+    remoteId(): string;
+    acceptBi(): Promise<BiStream>;
+}
+/**
+ * Handle one connection on the aster.admission ALPN.
+ *
+ * Runs the 6-step verification protocol:
+ * 1. Read token + attestation from consumer
+ * 2. Verify attestation against @aster root key
+ * 3. Verify token against attestation + service binding
+ * 4. Send challenge nonce
+ * 5. Read proof of possession
+ * 6. Verify proof, admit consumer
+ */
+export declare function handleDelegatedAdmissionConnection(conn: AdmissionConnection, opts: {
+    policy: DelegatedAdmissionPolicy;
+    hook?: MeshEndpointHook;
+    peerStore?: PeerAttributeStore;
+}): Promise<void>;
+//# sourceMappingURL=delegated.d.ts.map

package/dist/trust/delegated.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegated.d.ts","sourceRoot":"","sources":["../../src/trust/delegated.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAIH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAK3D,gEAAgE;AAChE,MAAM,WAAW,qBAAqB;IACpC,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,mEAAmE;AACnE,MAAM,WAAW,eAAe;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,0DAA0D;AAC1D,MAAM,WAAW,wBAAwB;IACvC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;IACzB,8DAA8D;IAC9D,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,kDAAkD;AAClD,MAAM,WAAW,wBAAwB;IACvC,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;CACxB;AAgBD;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,WAAW,EAAE,qBAAqB,EAClC,IAAI,EAAE;IAAE,kBAAkB,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GACjD,OAAO,CAAC,IAAI,CAAC,CAiCf;AAED;;;GAGG;AACH,wBAAsB,WAAW,CAC/B,KAAK,EAAE,eAAe,EACtB,WAAW,EAAE,qBAAqB,EAClC,IAAI,EAAE;IAAE,MAAM,EAAE,wBAAwB,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GACvD,OAAO,CAAC,IAAI,CAAC,CA4Df;AAED;;;GAGG;AACH,wBAAsB,uBAAuB,CAAC,IAAI,EAAE;IAClD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,EAAE,UAAU,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;CACtB,GAAG,OAAO,CAAC,IAAI,CAAC,CAkBhB;AAED,+DAA+D;AAC/D,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,UAAU,EACjB,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,MAAM,EACrB,IAAI,SAAoB,GACvB,UAAU,CAeZ;AAID;;;GAGG;AACH,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE;QACJ,QAAQ,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;KACzB,CAAC;IACF,IAAI,EAAE;QACJ,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;KACzD,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,IAAI,MAAM,CAAC;IACnB,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;CAC/B;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,kCAAkC,CACtD,IAAI,EAAE,mBAAmB,EACzB,IAAI,EAAE;IACJ,MAAM,EAAE,wBAAwB,CAAC;IACjC,IAAI,CAAC,EAAE,gBAAgB,CAAC;IACxB,SAAS,CAAC,EAAE,kBAAkB,CAAC;CAChC,GACA,OAAO,CAAC,IAAI,CAAC,CAkJf"}

package/dist/trust/delegated.js

@@ -0,0 +1,292 @@
+/**
+ * aster/trust/delegated -- Delegated admission via @aster-issued enrollment tokens.
+ *
+ * Implements the `aster.admission` ALPN handler (Aster-trust-spec S3a).
+ *
+ * Protocol:
+ *   1. Consumer sends: EnrollmentToken (JSON) + SigningKeyAttestation (JSON)
+ *   2. Service verifies: attestation -> token -> service binding
+ *   3. Service sends: AdmissionChallenge (32-byte nonce + service identity)
+ *   4. Consumer sends: AdmissionProof (signature over challenge with root key)
+ *   5. Service verifies: proof of possession
+ *   6. Service admits with: {handle, roles}
+ *
+ * All crypto is ed25519. No network calls -- verification uses cached
+ * attestations and the @aster root pubkey received at publish time.
+ */
+import { RpcError, StatusCode } from '../status.js';
+import { verify, hexToBytes, bytesToHex, loadPublicKey, ATTR_ROLE } from './credentials.js';
+import { createPeerAdmission } from '../peer-store.js';
+// ── Canonical JSON for signature verification ──────────────────────────────
+const encoder = new TextEncoder();
+/** Deterministic JSON encoding for signature verification. */
+function canonicalJsonBytes(obj) {
+    const sorted = Object.keys(obj).sort();
+    const ordered = {};
+    for (const k of sorted)
+        ordered[k] = obj[k];
+    return encoder.encode(JSON.stringify(ordered));
+}
+// ── Verification functions ─────────────────────────────────────────────────
+/**
+ * Verify a signing-key attestation against the @aster root pubkey.
+ * Throws RpcError on failure.
+ */
+export async function verifyAttestation(attestation, opts) {
+    const now = opts.now ?? Math.floor(Date.now() / 1000);
+    const payload = {
+        signing_pubkey: attestation.signingPubkey,
+        key_id: attestation.keyId,
+        valid_from: attestation.validFrom,
+        valid_until: attestation.validUntil,
+    };
+    try {
+        const rootPubkey = loadPublicKey(hexToBytes(opts.asterRootPubkeyHex));
+        const valid = await verify(rootPubkey, canonicalJsonBytes(payload), hexToBytes(attestation.rootSignature));
+        if (!valid) {
+            throw new Error('signature invalid');
+        }
+    }
+    catch (cause) {
+        throw new RpcError(StatusCode.UNAUTHENTICATED, 'signing-key attestation verification failed');
+    }
+    if (!(attestation.validFrom <= now && now <= attestation.validUntil)) {
+        throw new RpcError(StatusCode.UNAUTHENTICATED, 'signing-key attestation is not currently valid');
+    }
+}
+/**
+ * Verify an enrollment token against the attestation and service policy.
+ * Throws RpcError on failure.
+ */
+export async function verifyToken(token, attestation, opts) {
+    const now = opts.now ?? Math.floor(Date.now() / 1000);
+    // Token must reference the correct signing key
+    if (token.signingKeyId !== attestation.keyId) {
+        throw new RpcError(StatusCode.UNAUTHENTICATED, 'token signing key does not match attestation');
+    }
+    // Verify token signature against the attested signing key
+    const tokenPayload = {
+        consumer_handle: token.consumerHandle,
+        consumer_pubkey: token.consumerPubkey,
+        target_handle: token.targetHandle,
+        target_service: token.targetService,
+        target_contract_id: token.targetContractId,
+        roles: token.roles,
+        issued_at: token.issuedAt,
+        expires_at: token.expiresAt,
+        signing_key_id: token.signingKeyId,
+    };
+    try {
+        const signingPubkey = loadPublicKey(hexToBytes(attestation.signingPubkey));
+        const valid = await verify(signingPubkey, canonicalJsonBytes(tokenPayload), hexToBytes(token.signature));
+        if (!valid) {
+            throw new Error('signature invalid');
+        }
+    }
+    catch (cause) {
+        if (cause instanceof RpcError)
+            throw cause;
+        throw new RpcError(StatusCode.UNAUTHENTICATED, 'enrollment token signature verification failed');
+    }
+    // Token expiry
+    if (!(token.issuedAt <= now && now <= token.expiresAt)) {
+        throw new RpcError(StatusCode.UNAUTHENTICATED, 'enrollment token has expired');
+    }
+    // Service binding -- all three must match
+    if (token.targetHandle !== opts.policy.targetHandle) {
+        throw new RpcError(StatusCode.PERMISSION_DENIED, 'token targets a different handle');
+    }
+    if (token.targetService !== opts.policy.targetService) {
+        throw new RpcError(StatusCode.PERMISSION_DENIED, 'token targets a different service');
+    }
+    if (token.targetContractId !== opts.policy.targetContractId) {
+        throw new RpcError(StatusCode.PERMISSION_DENIED, 'token targets a different contract');
+    }
+}
+/**
+ * Verify the consumer's proof of possession of their root key.
+ * Throws RpcError on failure.
+ */
+export async function verifyProofOfPossession(opts) {
+    try {
+        const consumerPubkey = loadPublicKey(hexToBytes(opts.consumerPubkeyHex));
+        const valid = await verify(consumerPubkey, opts.challengeBytes, hexToBytes(opts.signatureHex));
+        if (!valid) {
+            throw new Error('signature invalid');
+        }
+    }
+    catch (cause) {
+        if (cause instanceof RpcError)
+            throw cause;
+        throw new RpcError(StatusCode.UNAUTHENTICATED, 'admission proof verification failed');
+    }
+}
+/** Build the challenge payload that the consumer must sign. */
+export function buildChallengeBytes(nonce, targetHandle, targetService, alpn = 'aster.admission') {
+    const parts = [
+        nonce,
+        encoder.encode(targetHandle),
+        encoder.encode(targetService),
+        encoder.encode(alpn),
+    ];
+    const totalLen = parts.reduce((sum, p) => sum + p.length, 0);
+    const result = new Uint8Array(totalLen);
+    let offset = 0;
+    for (const p of parts) {
+        result.set(p, offset);
+        offset += p.length;
+    }
+    return result;
+}
+/**
+ * Handle one connection on the aster.admission ALPN.
+ *
+ * Runs the 6-step verification protocol:
+ * 1. Read token + attestation from consumer
+ * 2. Verify attestation against @aster root key
+ * 3. Verify token against attestation + service binding
+ * 4. Send challenge nonce
+ * 5. Read proof of possession
+ * 6. Verify proof, admit consumer
+ */
+export async function handleDelegatedAdmissionConnection(conn, opts) {
+    const peerId = conn.remoteId();
+    const now = Math.floor(Date.now() / 1000);
+    try {
+        const { send, recv } = await conn.acceptBi();
+        // Step 1: Read token + attestation
+        const raw = await recv.readToEnd(64 * 1024);
+        if (!raw || raw.length === 0) {
+            console.warn(`delegated admission: empty request from ${peerId}`);
+            return;
+        }
+        let request;
+        try {
+            request = JSON.parse(new TextDecoder().decode(raw));
+        }
+        catch {
+            console.warn(`delegated admission: malformed JSON from ${peerId}`);
+            await sendReject(send, 'malformed request');
+            return;
+        }
+        // Parse token and attestation from wire format (snake_case) to TS (camelCase)
+        const tokenData = request.token ?? {};
+        const attData = request.attestation ?? {};
+        const token = {
+            consumerHandle: tokenData.consumer_handle ?? '',
+            consumerPubkey: tokenData.consumer_pubkey ?? '',
+            targetHandle: tokenData.target_handle ?? '',
+            targetService: tokenData.target_service ?? '',
+            targetContractId: tokenData.target_contract_id ?? '',
+            roles: tokenData.roles ?? [],
+            issuedAt: tokenData.issued_at ?? 0,
+            expiresAt: tokenData.expires_at ?? 0,
+            signingKeyId: tokenData.signing_key_id ?? '',
+            signature: tokenData.signature ?? '',
+        };
+        const attestation = {
+            signingPubkey: attData.signing_pubkey ?? '',
+            keyId: attData.key_id ?? '',
+            validFrom: attData.valid_from ?? 0,
+            validUntil: attData.valid_until ?? 0,
+            rootSignature: attData.root_signature ?? '',
+        };
+        // Steps 2-3: Verify attestation and token
+        try {
+            await verifyAttestation(attestation, {
+                asterRootPubkeyHex: opts.policy.asterRootPubkey,
+                now,
+            });
+            await verifyToken(token, attestation, { policy: opts.policy, now });
+        }
+        catch (e) {
+            if (e instanceof RpcError) {
+                console.info(`delegated admission: denied ${peerId}: ${e.message}`);
+                await sendReject(send, e.message);
+                return;
+            }
+            throw e;
+        }
+        // Step 4: Send challenge
+        const nonce = crypto.getRandomValues(new Uint8Array(32));
+        const challenge = {
+            nonce: bytesToHex(nonce),
+            target_handle: opts.policy.targetHandle,
+            target_service: opts.policy.targetService,
+        };
+        await send.writeAll(encoder.encode(JSON.stringify(challenge)));
+        // Step 5: Read proof
+        const proofRaw = await recv.readToEnd(4096);
+        if (!proofRaw || proofRaw.length === 0) {
+            console.warn(`delegated admission: no proof from ${peerId}`);
+            return;
+        }
+        let proof;
+        try {
+            proof = JSON.parse(new TextDecoder().decode(proofRaw));
+        }
+        catch {
+            await sendReject(send, 'malformed proof');
+            return;
+        }
+        // Step 6: Verify proof of possession
+        const challengeBytes = buildChallengeBytes(nonce, opts.policy.targetHandle, opts.policy.targetService);
+        try {
+            await verifyProofOfPossession({
+                consumerPubkeyHex: token.consumerPubkey,
+                challengeBytes,
+                signatureHex: proof.signature ?? '',
+            });
+        }
+        catch (e) {
+            if (e instanceof RpcError) {
+                console.info(`delegated admission: proof failed ${peerId}: ${e.message}`);
+                await sendReject(send, e.message);
+                return;
+            }
+            throw e;
+        }
+        // Admitted!
+        console.info(`delegated admission: admitted ${peerId} (handle=${token.consumerHandle}, roles=${token.roles.join(',')})`);
+        // Store admission attributes
+        if (opts.peerStore) {
+            opts.peerStore.admit(createPeerAdmission({
+                endpointId: peerId,
+                handle: token.consumerHandle,
+                attributes: new Map([[ATTR_ROLE, token.roles.join(',')]]),
+                admissionPath: 'aster.admission',
+            }));
+        }
+        // Add to Gate 0 allowlist
+        if (opts.hook) {
+            opts.hook.addPeer(peerId);
+        }
+        // Send success response
+        const result = {
+            admitted: true,
+            handle: token.consumerHandle,
+            roles: token.roles,
+        };
+        await send.writeAll(encoder.encode(JSON.stringify(result)));
+        await send.finish();
+    }
+    catch (err) {
+        // Cancellation -- silently exit
+        if (err instanceof Error && (err.name === 'AbortError' || err.message.includes('cancel'))) {
+            return;
+        }
+        console.error(`delegated admission: error for ${peerId}:`, err);
+    }
+}
+/** Send a rejection response and finish the stream. */
+async function sendReject(send, reason) {
+    try {
+        const result = JSON.stringify({ admitted: false, reason });
+        await send.writeAll(encoder.encode(result));
+        await send.finish();
+    }
+    catch {
+        // Best-effort
+    }
+}
+//# sourceMappingURL=delegated.js.map