@astrasyncai/verification-gateway 1.0.0 → 2.0.0

package/dist/types-BvpGdsv1.d.mts

@@ -0,0 +1,153 @@
+import { a as AccessLevel, d as CounterpartyType, T as TokenGuidance } from './types-Bf8pML07.mjs';
+
+/**
+ * AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
+ */
+type GatewayMode = 'online' | 'local' | 'hybrid';
+/**
+ * Posture controls whether the gateway actively blocks or just monitors.
+ * - active: Evaluate and enforce decisions (block/allow/review)
+ * - passive: Evaluate and log but never block (telemetry-only mode)
+ */
+type GatewayPosture = 'active' | 'passive';
+interface AstraSyncGatewayConfig {
+    mode: GatewayMode;
+    /** Enforcement posture: 'active' blocks actions, 'passive' logs only (default: 'active') */
+    posture?: GatewayPosture;
+    /** AstraSync API base URL (required for online/hybrid modes) */
+    apiBaseUrl?: string;
+    /** API key for authenticating with AstraSync (required for online/hybrid modes) */
+    apiKey?: string;
+    /** Path to local PDLSS policy YAML file (required for local/hybrid modes) */
+    policyFile?: string;
+    /** Inline policy object (alternative to policyFile) */
+    policy?: LocalPolicy;
+    /** Sync interval in seconds for hybrid mode (default: 3600) */
+    syncInterval?: number;
+    /** Cache verification results TTL in seconds (default: 300) */
+    cacheTtl?: number;
+    /** Enable debug logging */
+    debug?: boolean;
+    /** Enable trace logging to .astrasync/traces/ (default: false) */
+    traceEnabled?: boolean;
+    /** Trace log directory (default: .astrasync/traces/) */
+    tracePath?: string;
+    /** Default access level for unverified requests */
+    defaultAccessLevel?: AccessLevel;
+    /** Minimum trust score for standard access (online/hybrid) */
+    minTrustScore?: number;
+    /** Minimum trust score for full access (online/hybrid) */
+    minTrustScoreForFull?: number;
+    /** Custom headers to send with API requests */
+    customHeaders?: Record<string, string>;
+    /** Counterparty URL for analytics */
+    counterpartyUrl?: string;
+    /** Counterparty type for analytics */
+    counterpartyType?: CounterpartyType;
+}
+interface PDLSSContext {
+    /** Purpose category (e.g. email.send, shell.exec, file.read) */
+    purpose: string;
+    /** Specific action within purpose */
+    action: string;
+    /** Target resource, recipient, or counterparty */
+    target: string;
+    /** Types of data access (read, write, delete) */
+    dataAccess?: string[];
+    /** Network domains/IPs being accessed */
+    networkAccess?: string[];
+    /** Resource type (customer, order, file, directory, process) */
+    resourceType?: string;
+    /** Risk factors for this action */
+    riskFactors?: RiskFactor[];
+    /** Transaction value (if financial) */
+    transactionValue?: number;
+    /** Currency for transaction */
+    currency?: string;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+interface RiskFactor {
+    type: 'financial' | 'data_sensitivity' | 'privilege_escalation' | 'network_scope' | 'destructive';
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    detail: string;
+}
+interface VerificationDecision {
+    recommendation: 'ALLOW' | 'DENY' | 'MANUAL_REVIEW';
+    reason: string;
+    trustScore?: number;
+    tokenGuidance?: TokenGuidance;
+    sessionId?: string;
+    /** PDLSS dimensions that were evaluated */
+    evaluatedDimensions?: {
+        purpose: boolean;
+        scope: boolean;
+        limits: boolean;
+        riskThresholds: boolean;
+    };
+}
+interface LocalPolicy {
+    version: string;
+    name: string;
+    description?: string;
+    purposes: LocalPurposeRule[];
+    scope?: LocalScope;
+    limits?: LocalLimits;
+    riskThresholds?: LocalRiskThresholds;
+    selfInstantiation?: LocalSelfInstantiation;
+}
+interface LocalPurposeRule {
+    id: string;
+    allowed: boolean;
+    targets?: string[];
+    blockedPatterns?: string[];
+    requiresApproval?: boolean;
+}
+interface LocalScope {
+    allowedDomains?: string[];
+    blockedDomains?: string[];
+    blockedResources?: string[];
+}
+interface LocalLimits {
+    maxTransactionAmount?: number;
+    maxRequestsPerHour?: number;
+    currency?: string;
+}
+interface LocalRiskThresholds {
+    autoAllow: {
+        min: number;
+        max: number;
+    };
+    requireApproval: {
+        min: number;
+        max: number;
+    };
+    autoBlock: {
+        min: number;
+        max: number;
+    };
+}
+interface LocalSelfInstantiation {
+    /** Whether sub-agent spawning is allowed */
+    allowed: boolean;
+    /** Maximum depth of sub-agent chain */
+    maxDepth?: number;
+}
+interface AgentAction {
+    /** Raw action data from the platform */
+    raw: unknown;
+    /** Platform identifier (e.g. 'openclaw-cli', 'cursor', 'browser') */
+    platform: string;
+    /** Timestamp of the action */
+    timestamp: Date;
+}
+interface InterceptResult {
+    /** Whether the action was intercepted */
+    intercepted: boolean;
+    /** Extracted PDLSS context (if intercepted) */
+    context?: PDLSSContext;
+    /** Reason for not intercepting (if not intercepted) */
+    skipReason?: string;
+}
+
+export type { AgentAction as A, InterceptResult as I, LocalPolicy as L, PDLSSContext as P, VerificationDecision as V, LocalPurposeRule as a, LocalScope as b, LocalRiskThresholds as c, AstraSyncGatewayConfig as d };

package/dist/types-Ce2mFJkO.d.ts

@@ -0,0 +1,153 @@
+import { a as AccessLevel, d as CounterpartyType, T as TokenGuidance } from './types-Bf8pML07.js';
+
+/**
+ * AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
+ */
+type GatewayMode = 'online' | 'local' | 'hybrid';
+/**
+ * Posture controls whether the gateway actively blocks or just monitors.
+ * - active: Evaluate and enforce decisions (block/allow/review)
+ * - passive: Evaluate and log but never block (telemetry-only mode)
+ */
+type GatewayPosture = 'active' | 'passive';
+interface AstraSyncGatewayConfig {
+    mode: GatewayMode;
+    /** Enforcement posture: 'active' blocks actions, 'passive' logs only (default: 'active') */
+    posture?: GatewayPosture;
+    /** AstraSync API base URL (required for online/hybrid modes) */
+    apiBaseUrl?: string;
+    /** API key for authenticating with AstraSync (required for online/hybrid modes) */
+    apiKey?: string;
+    /** Path to local PDLSS policy YAML file (required for local/hybrid modes) */
+    policyFile?: string;
+    /** Inline policy object (alternative to policyFile) */
+    policy?: LocalPolicy;
+    /** Sync interval in seconds for hybrid mode (default: 3600) */
+    syncInterval?: number;
+    /** Cache verification results TTL in seconds (default: 300) */
+    cacheTtl?: number;
+    /** Enable debug logging */
+    debug?: boolean;
+    /** Enable trace logging to .astrasync/traces/ (default: false) */
+    traceEnabled?: boolean;
+    /** Trace log directory (default: .astrasync/traces/) */
+    tracePath?: string;
+    /** Default access level for unverified requests */
+    defaultAccessLevel?: AccessLevel;
+    /** Minimum trust score for standard access (online/hybrid) */
+    minTrustScore?: number;
+    /** Minimum trust score for full access (online/hybrid) */
+    minTrustScoreForFull?: number;
+    /** Custom headers to send with API requests */
+    customHeaders?: Record<string, string>;
+    /** Counterparty URL for analytics */
+    counterpartyUrl?: string;
+    /** Counterparty type for analytics */
+    counterpartyType?: CounterpartyType;
+}
+interface PDLSSContext {
+    /** Purpose category (e.g. email.send, shell.exec, file.read) */
+    purpose: string;
+    /** Specific action within purpose */
+    action: string;
+    /** Target resource, recipient, or counterparty */
+    target: string;
+    /** Types of data access (read, write, delete) */
+    dataAccess?: string[];
+    /** Network domains/IPs being accessed */
+    networkAccess?: string[];
+    /** Resource type (customer, order, file, directory, process) */
+    resourceType?: string;
+    /** Risk factors for this action */
+    riskFactors?: RiskFactor[];
+    /** Transaction value (if financial) */
+    transactionValue?: number;
+    /** Currency for transaction */
+    currency?: string;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+interface RiskFactor {
+    type: 'financial' | 'data_sensitivity' | 'privilege_escalation' | 'network_scope' | 'destructive';
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    detail: string;
+}
+interface VerificationDecision {
+    recommendation: 'ALLOW' | 'DENY' | 'MANUAL_REVIEW';
+    reason: string;
+    trustScore?: number;
+    tokenGuidance?: TokenGuidance;
+    sessionId?: string;
+    /** PDLSS dimensions that were evaluated */
+    evaluatedDimensions?: {
+        purpose: boolean;
+        scope: boolean;
+        limits: boolean;
+        riskThresholds: boolean;
+    };
+}
+interface LocalPolicy {
+    version: string;
+    name: string;
+    description?: string;
+    purposes: LocalPurposeRule[];
+    scope?: LocalScope;
+    limits?: LocalLimits;
+    riskThresholds?: LocalRiskThresholds;
+    selfInstantiation?: LocalSelfInstantiation;
+}
+interface LocalPurposeRule {
+    id: string;
+    allowed: boolean;
+    targets?: string[];
+    blockedPatterns?: string[];
+    requiresApproval?: boolean;
+}
+interface LocalScope {
+    allowedDomains?: string[];
+    blockedDomains?: string[];
+    blockedResources?: string[];
+}
+interface LocalLimits {
+    maxTransactionAmount?: number;
+    maxRequestsPerHour?: number;
+    currency?: string;
+}
+interface LocalRiskThresholds {
+    autoAllow: {
+        min: number;
+        max: number;
+    };
+    requireApproval: {
+        min: number;
+        max: number;
+    };
+    autoBlock: {
+        min: number;
+        max: number;
+    };
+}
+interface LocalSelfInstantiation {
+    /** Whether sub-agent spawning is allowed */
+    allowed: boolean;
+    /** Maximum depth of sub-agent chain */
+    maxDepth?: number;
+}
+interface AgentAction {
+    /** Raw action data from the platform */
+    raw: unknown;
+    /** Platform identifier (e.g. 'openclaw-cli', 'cursor', 'browser') */
+    platform: string;
+    /** Timestamp of the action */
+    timestamp: Date;
+}
+interface InterceptResult {
+    /** Whether the action was intercepted */
+    intercepted: boolean;
+    /** Extracted PDLSS context (if intercepted) */
+    context?: PDLSSContext;
+    /** Reason for not intercepting (if not intercepted) */
+    skipReason?: string;
+}
+
+export type { AgentAction as A, InterceptResult as I, LocalPolicy as L, PDLSSContext as P, VerificationDecision as V, LocalPurposeRule as a, LocalScope as b, LocalRiskThresholds as c, AstraSyncGatewayConfig as d };

package/dist/ui/index.d.mts

@@ -1,4 +1,4 @@
-import { C as CommerceShieldProps, b as VerificationResult, A as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CS6v75-d.mjs';
+import { C as CommerceShieldProps, b as VerificationResult, A as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-Bf8pML07.mjs';
 
 /**
  * AstraSync Commerce Shield Component

package/dist/ui/index.d.ts

@@ -1,4 +1,4 @@
-import { C as CommerceShieldProps, b as VerificationResult, A as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CS6v75-d.js';
+import { C as CommerceShieldProps, b as VerificationResult, A as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-Bf8pML07.js';
 
 /**
  * AstraSync Commerce Shield Component

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@astrasyncai/verification-gateway",
-  "version": "1.0.0",
+  "version": "2.0.0",
   "description": "Universal Verification Gateway for AstraSync KYA Platform - verify AI agents across any counterparty type",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -30,6 +30,51 @@
       "types": "./dist/ui/index.d.ts",
       "import": "./dist/ui/index.mjs",
       "require": "./dist/ui/index.js"
+    },
+    "./agent": {
+      "types": "./dist/agent/index.d.ts",
+      "import": "./dist/agent/index.mjs",
+      "require": "./dist/agent/index.js"
+    },
+    "./transport": {
+      "types": "./dist/transport/index.d.ts",
+      "import": "./dist/transport/index.mjs",
+      "require": "./dist/transport/index.js"
+    },
+    "./gateway": {
+      "types": "./dist/gateway/gateway.d.ts",
+      "import": "./dist/gateway/gateway.mjs",
+      "require": "./dist/gateway/gateway.js"
+    },
+    "./local-evaluator": {
+      "types": "./dist/local-evaluator/evaluator.d.ts",
+      "import": "./dist/local-evaluator/evaluator.mjs",
+      "require": "./dist/local-evaluator/evaluator.js"
+    },
+    "./adapter-interface": {
+      "types": "./dist/adapter-interface/interface.d.ts",
+      "import": "./dist/adapter-interface/interface.mjs",
+      "require": "./dist/adapter-interface/interface.js"
+    },
+    "./cli": {
+      "types": "./dist/cli/index.d.ts",
+      "import": "./dist/cli/index.mjs",
+      "require": "./dist/cli/index.js"
+    },
+    "./cursor": {
+      "types": "./dist/cursor/cursor-adapter.d.ts",
+      "import": "./dist/cursor/cursor-adapter.mjs",
+      "require": "./dist/cursor/cursor-adapter.js"
+    },
+    "./browser": {
+      "types": "./dist/browser/browser-adapter.d.ts",
+      "import": "./dist/browser/browser-adapter.mjs",
+      "require": "./dist/browser/browser-adapter.js"
+    },
+    "./git-trigger": {
+      "types": "./dist/git-trigger/git-hooks.d.ts",
+      "import": "./dist/git-trigger/git-hooks.mjs",
+      "require": "./dist/git-trigger/git-hooks.js"
     }
   },
   "files": [