@astrasyncai/verification-gateway 2.0.1 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (83) hide show
  1. package/dist/adapter-interface/interface.d.mts +2 -2
  2. package/dist/adapter-interface/interface.d.ts +2 -2
  3. package/dist/adapters/express.d.mts +2 -2
  4. package/dist/adapters/express.d.ts +2 -2
  5. package/dist/adapters/express.js +42 -20
  6. package/dist/adapters/express.js.map +1 -1
  7. package/dist/adapters/express.mjs +42 -20
  8. package/dist/adapters/express.mjs.map +1 -1
  9. package/dist/adapters/nextjs.d.mts +2 -2
  10. package/dist/adapters/nextjs.d.ts +2 -2
  11. package/dist/adapters/nextjs.js +43 -20
  12. package/dist/adapters/nextjs.js.map +1 -1
  13. package/dist/adapters/nextjs.mjs +43 -20
  14. package/dist/adapters/nextjs.mjs.map +1 -1
  15. package/dist/adapters/sdk.d.mts +2 -2
  16. package/dist/adapters/sdk.d.ts +2 -2
  17. package/dist/adapters/sdk.js +25 -16
  18. package/dist/adapters/sdk.js.map +1 -1
  19. package/dist/adapters/sdk.mjs +25 -16
  20. package/dist/adapters/sdk.mjs.map +1 -1
  21. package/dist/agent/index.d.mts +2 -2
  22. package/dist/agent/index.d.ts +2 -2
  23. package/dist/agent/index.js +100 -1
  24. package/dist/agent/index.js.map +1 -1
  25. package/dist/agent/index.mjs +101 -1
  26. package/dist/agent/index.mjs.map +1 -1
  27. package/dist/browser/background.js +58 -16
  28. package/dist/browser/background.js.map +1 -1
  29. package/dist/browser/background.mjs +61 -16
  30. package/dist/browser/background.mjs.map +1 -1
  31. package/dist/browser/browser-adapter.d.mts +2 -2
  32. package/dist/browser/browser-adapter.d.ts +2 -2
  33. package/dist/cli/index.d.mts +2 -2
  34. package/dist/cli/index.d.ts +2 -2
  35. package/dist/cursor/cursor-adapter.d.mts +2 -2
  36. package/dist/cursor/cursor-adapter.d.ts +2 -2
  37. package/dist/cursor/extension.d.mts +2 -2
  38. package/dist/cursor/extension.d.ts +2 -2
  39. package/dist/cursor/extension.js +58 -16
  40. package/dist/cursor/extension.js.map +1 -1
  41. package/dist/cursor/extension.mjs +61 -16
  42. package/dist/cursor/extension.mjs.map +1 -1
  43. package/dist/{express-CtwDIZyF.d.mts → express-C9KqJNWV.d.mts} +1 -1
  44. package/dist/{express-Bcl-uBUE.d.ts → express-DpwYW08E.d.ts} +1 -1
  45. package/dist/gateway/gateway.d.mts +2 -2
  46. package/dist/gateway/gateway.d.ts +2 -2
  47. package/dist/gateway/gateway.js +58 -16
  48. package/dist/gateway/gateway.js.map +1 -1
  49. package/dist/gateway/gateway.mjs +61 -16
  50. package/dist/gateway/gateway.mjs.map +1 -1
  51. package/dist/git-trigger/git-hooks.d.mts +2 -2
  52. package/dist/git-trigger/git-hooks.d.ts +2 -2
  53. package/dist/{index-BY8yQ8N8.d.mts → index-BMZdjGT4.d.mts} +46 -3
  54. package/dist/index-DlsYN3Et.d.mts +1397 -0
  55. package/dist/{index-CtYSYwn3.d.ts → index-Dm2xA6j1.d.ts} +46 -3
  56. package/dist/index-gM-lgX_X.d.ts +1397 -0
  57. package/dist/index.d.mts +8 -7
  58. package/dist/index.d.ts +8 -7
  59. package/dist/index.js +2489 -66
  60. package/dist/index.js.map +1 -1
  61. package/dist/index.mjs +2492 -66
  62. package/dist/index.mjs.map +1 -1
  63. package/dist/local-evaluator/evaluator.d.mts +2 -2
  64. package/dist/local-evaluator/evaluator.d.ts +2 -2
  65. package/dist/{nextjs-BQyMCSx_.d.mts → nextjs-BEqidT0U.d.mts} +1 -1
  66. package/dist/{nextjs-CEldnIJ9.d.ts → nextjs-yNzimC3a.d.ts} +1 -1
  67. package/dist/{sdk-BhvuJSrH.d.mts → sdk-7fa9H0qa.d.mts} +1 -1
  68. package/dist/{sdk-BlyVSC_S.d.ts → sdk-CP9C9Qu0.d.ts} +1 -1
  69. package/dist/transport/index.d.mts +3 -2
  70. package/dist/transport/index.d.ts +3 -2
  71. package/dist/transport/index.js +2384 -2
  72. package/dist/transport/index.js.map +1 -1
  73. package/dist/transport/index.mjs +2327 -1
  74. package/dist/transport/index.mjs.map +1 -1
  75. package/dist/{types-CxQwJKbd.d.mts → types-CrVMq_Td.d.mts} +30 -3
  76. package/dist/{types-CxQwJKbd.d.ts → types-CrVMq_Td.d.ts} +30 -3
  77. package/dist/{types-jJnPXStc.d.mts → types-DE0ooQJ6.d.mts} +1 -1
  78. package/dist/{types-79qS7aON.d.ts → types-rigu2bH3.d.ts} +1 -1
  79. package/dist/ui/index.d.mts +1 -1
  80. package/dist/ui/index.d.ts +1 -1
  81. package/package.json +17 -3
  82. package/dist/index-B1ThcGZl.d.mts +0 -89
  83. package/dist/index-DnoXfdFd.d.ts +0 -89
package/dist/{types-CxQwJKbd.d.ts → types-CrVMq_Td.d.ts} RENAMED
@@ -40,7 +40,7 @@ interface AgentCredentials {
40
40
  interface GatewayConfig {
41
41
  /** AstraSync API base URL */
42
42
  apiBaseUrl: string;
43
- /** API key for authenticating with AstraSync (optional for public endpoints) */
43
+ /** API key for authenticating with AstraSync. */
44
44
  apiKey?: string;
45
45
  /** Default access level for unverified requests */
46
46
  defaultAccessLevel?: AccessLevel;
@@ -173,6 +173,26 @@ interface VerificationResult {
173
173
  /**
174
174
  * Request context for verification
175
175
  */
176
+ /**
177
+ * Caller metadata forwarded from the agent's original HTTP request so the
178
+ * endpoint owner can see the real agent-side fingerprint in activity views.
179
+ * Without this, IP/UA recorded on platform_events would be the counterparty
180
+ * server's (useless for endpoint-side forensics).
181
+ */
182
+ interface CallerMetadata {
183
+ /** Agent-side source IP (honours X-Forwarded-For if set). */
184
+ sourceIp?: string;
185
+ /** Agent's User-Agent header. */
186
+ userAgent?: string;
187
+ /** Referer header (where the agent navigated from, if applicable). */
188
+ referer?: string;
189
+ /** Host the agent called (this counterparty's public hostname). */
190
+ host?: string;
191
+ /** Raw X-Forwarded-For chain for audit. */
192
+ forwardedFor?: string;
193
+ /** Published agent card URL, if the agent advertised one (future: from agent headers). */
194
+ agentCardUrl?: string;
195
+ }
176
196
  interface VerificationRequest {
177
197
  /** Agent credentials */
178
198
  credentials: AgentCredentials;
@@ -196,10 +216,17 @@ interface VerificationRequest {
196
216
  parentAgentId?: string;
197
217
  /** Depth of sub-agent chain */
198
218
  subAgentDepth?: number;
199
- /** Client IP address */
219
+ /** Client IP address (deprecated — use callerMetadata.sourceIp) */
200
220
  clientIp?: string;
201
- /** User agent string */
221
+ /** User agent string (deprecated — use callerMetadata.userAgent) */
202
222
  userAgent?: string;
223
+ /**
224
+ * Forwarded request metadata from the agent's original call.
225
+ * When the SDK is embedded in a counterparty server, these describe
226
+ * the agent-side fingerprint — not the counterparty server itself.
227
+ * The express/nextjs adapters auto-populate these from `req`.
228
+ */
229
+ callerMetadata?: CallerMetadata;
203
230
  /** Enable runtime challenge for this request */
204
231
  enableRuntimeChallenge?: boolean;
205
232
  /** Create a verification session (returns sessionId) */
package/dist/{types-jJnPXStc.d.mts → types-DE0ooQJ6.d.mts} RENAMED
@@ -1,4 +1,4 @@
1
- import { a as AccessLevel, C as CounterpartyType, T as TokenGuidance } from './types-CxQwJKbd.mjs';
1
+ import { a as AccessLevel, C as CounterpartyType, T as TokenGuidance } from './types-CrVMq_Td.mjs';
2
2
 
3
3
  /**
4
4
  * AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
package/dist/{types-79qS7aON.d.ts → types-rigu2bH3.d.ts} RENAMED
@@ -1,4 +1,4 @@
1
- import { a as AccessLevel, C as CounterpartyType, T as TokenGuidance } from './types-CxQwJKbd.js';
1
+ import { a as AccessLevel, C as CounterpartyType, T as TokenGuidance } from './types-CrVMq_Td.js';
2
2
 
3
3
  /**
4
4
  * AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
package/dist/ui/index.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { d as CommerceShieldProps, V as VerificationResult, b as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CxQwJKbd.mjs';
1
+ import { d as CommerceShieldProps, V as VerificationResult, b as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CrVMq_Td.mjs';
2
2
 
3
3
  /**
4
4
  * AstraSync Commerce Shield Component
package/dist/ui/index.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { d as CommerceShieldProps, V as VerificationResult, b as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CxQwJKbd.js';
1
+ import { d as CommerceShieldProps, V as VerificationResult, b as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CrVMq_Td.js';
2
2
 
3
3
  /**
4
4
  * AstraSync Commerce Shield Component
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@astrasyncai/verification-gateway",
3
- "version": "2.0.1",
3
+ "version": "2.2.0",
4
4
  "description": "Universal Verification Gateway for AstraSync KYA Platform - verify AI agents across any counterparty type",
5
5
  "main": "./dist/index.js",
6
6
  "module": "./dist/index.mjs",
@@ -82,14 +82,15 @@
82
82
  "README.md"
83
83
  ],
84
84
  "scripts": {
85
- "build": "tsup",
85
+ "build": "cross-env NODE_OPTIONS=--max-old-space-size=4096 tsup",
86
86
  "dev": "tsup --watch",
87
87
  "lint": "eslint src --ext .ts,.tsx",
88
88
  "typecheck": "tsc --noEmit",
89
89
  "test": "vitest run",
90
90
  "test:watch": "vitest watch",
91
91
  "clean": "rm -rf dist extensions",
92
- "package:extensions": "bash scripts/package-extensions.sh"
92
+ "package:extensions": "bash scripts/package-extensions.sh",
93
+ "prepublishOnly": "npm run clean && npm run typecheck && npm run build"
93
94
  },
94
95
  "keywords": [
95
96
  "astrasync",
@@ -107,6 +108,18 @@
107
108
  "url": "https://github.com/AstraSync-KYA/KYA-Platform.git",
108
109
  "directory": "packages/verification-gateway"
109
110
  },
111
+ "dependencies": {
112
+ "@sd-jwt/core": "^0.19.0",
113
+ "@sd-jwt/decode": "^0.19.0",
114
+ "@sd-jwt/utils": "^0.19.0",
115
+ "@x402/core": "^2.10.0",
116
+ "ajv": "^8.17.1",
117
+ "http-message-signatures": "^1.0.5",
118
+ "jose": "^5.9.6",
119
+ "mppx": "0.5.13",
120
+ "structured-headers": "^2.0.1",
121
+ "web-bot-auth": "^0.1.3"
122
+ },
110
123
  "peerDependencies": {
111
124
  "express": ">=4.0.0",
112
125
  "next": ">=13.0.0",
@@ -125,6 +138,7 @@
125
138
  },
126
139
  "devDependencies": {
127
140
  "@types/express": "^4.17.21",
141
+ "@types/js-yaml": "^4.0.9",
128
142
  "@types/node": "^20.10.0",
129
143
  "@types/react": "^18.2.45",
130
144
  "eslint": "^8.56.0",
package/dist/index-B1ThcGZl.d.mts DELETED
@@ -1,89 +0,0 @@
1
- import { A as AstraSyncCredentials, g as ProtocolTransport } from './types-CxQwJKbd.mjs';
2
-
3
- /**
4
- * HTTP Transport Adapter
5
- *
6
- * Maps AstraSync credentials to/from HTTP headers (X-Astra-* convention).
7
- */
8
-
9
- /**
10
- * Inject AstraSync credentials into HTTP headers.
11
- */
12
- declare function setHttpHeaders(headers: Record<string, string>, credentials: AstraSyncCredentials): Record<string, string>;
13
- /**
14
- * Extract AstraSync credentials from HTTP headers.
15
- */
16
- declare function extractHttpCredentials(headers: Record<string, string | string[] | undefined>): AstraSyncCredentials | null;
17
-
18
- /**
19
- * A2A (Agent-to-Agent) Transport Adapter
20
- *
21
- * Maps AstraSync credentials to/from A2A task metadata.astrasync block.
22
- */
23
-
24
- interface A2ATask {
25
- metadata?: Record<string, unknown>;
26
- [key: string]: unknown;
27
- }
28
- /**
29
- * Add AstraSync credentials to an A2A task's metadata block.
30
- */
31
- declare function setA2AMetadata(task: A2ATask, credentials: AstraSyncCredentials): A2ATask;
32
- /**
33
- * Extract AstraSync credentials from an A2A task's metadata block.
34
- */
35
- declare function extractA2ACredentials(task: A2ATask): AstraSyncCredentials | null;
36
-
37
- /**
38
- * MCP (Model Context Protocol) Transport Adapter
39
- *
40
- * Maps AstraSync credentials to/from MCP params._meta.astrasync block.
41
- */
42
-
43
- interface McpParams {
44
- _meta?: Record<string, unknown>;
45
- [key: string]: unknown;
46
- }
47
- /**
48
- * Add AstraSync credentials to MCP params' _meta block.
49
- */
50
- declare function setMcpMeta(params: McpParams, credentials: AstraSyncCredentials): McpParams;
51
- /**
52
- * Extract AstraSync credentials from MCP params' _meta block.
53
- */
54
- declare function extractMcpCredentials(params: McpParams): AstraSyncCredentials | null;
55
-
56
- /**
57
- * Cross-Protocol Transport Module
58
- *
59
- * Provides adapters for injecting/extracting AstraSync credentials
60
- * across HTTP, A2A, and MCP protocols.
61
- */
62
-
63
- /**
64
- * Auto-detect protocol from request/context shape.
65
- */
66
- declare function detectProtocol(context: Record<string, unknown>): ProtocolTransport;
67
- /**
68
- * Apply credentials to any protocol target.
69
- */
70
- declare function applyCredentials(protocol: ProtocolTransport, target: Record<string, unknown>, credentials: AstraSyncCredentials): Record<string, unknown>;
71
- /**
72
- * Extract credentials from any protocol context.
73
- */
74
- declare function extractCredentialsFromProtocol(protocol: ProtocolTransport, context: Record<string, unknown>): AstraSyncCredentials | null;
75
-
76
- declare const index_applyCredentials: typeof applyCredentials;
77
- declare const index_detectProtocol: typeof detectProtocol;
78
- declare const index_extractA2ACredentials: typeof extractA2ACredentials;
79
- declare const index_extractCredentialsFromProtocol: typeof extractCredentialsFromProtocol;
80
- declare const index_extractHttpCredentials: typeof extractHttpCredentials;
81
- declare const index_extractMcpCredentials: typeof extractMcpCredentials;
82
- declare const index_setA2AMetadata: typeof setA2AMetadata;
83
- declare const index_setHttpHeaders: typeof setHttpHeaders;
84
- declare const index_setMcpMeta: typeof setMcpMeta;
85
- declare namespace index {
86
- export { index_applyCredentials as applyCredentials, index_detectProtocol as detectProtocol, index_extractA2ACredentials as extractA2ACredentials, index_extractCredentialsFromProtocol as extractCredentialsFromProtocol, index_extractHttpCredentials as extractHttpCredentials, index_extractMcpCredentials as extractMcpCredentials, index_setA2AMetadata as setA2AMetadata, index_setHttpHeaders as setHttpHeaders, index_setMcpMeta as setMcpMeta };
87
- }
88
-
89
- export { applyCredentials as a, extractCredentialsFromProtocol as b, extractHttpCredentials as c, detectProtocol as d, extractA2ACredentials as e, extractMcpCredentials as f, setHttpHeaders as g, setMcpMeta as h, index as i, setA2AMetadata as s };
package/dist/index-DnoXfdFd.d.ts DELETED
@@ -1,89 +0,0 @@
1
- import { A as AstraSyncCredentials, g as ProtocolTransport } from './types-CxQwJKbd.js';
2
-
3
- /**
4
- * HTTP Transport Adapter
5
- *
6
- * Maps AstraSync credentials to/from HTTP headers (X-Astra-* convention).
7
- */
8
-
9
- /**
10
- * Inject AstraSync credentials into HTTP headers.
11
- */
12
- declare function setHttpHeaders(headers: Record<string, string>, credentials: AstraSyncCredentials): Record<string, string>;
13
- /**
14
- * Extract AstraSync credentials from HTTP headers.
15
- */
16
- declare function extractHttpCredentials(headers: Record<string, string | string[] | undefined>): AstraSyncCredentials | null;
17
-
18
- /**
19
- * A2A (Agent-to-Agent) Transport Adapter
20
- *
21
- * Maps AstraSync credentials to/from A2A task metadata.astrasync block.
22
- */
23
-
24
- interface A2ATask {
25
- metadata?: Record<string, unknown>;
26
- [key: string]: unknown;
27
- }
28
- /**
29
- * Add AstraSync credentials to an A2A task's metadata block.
30
- */
31
- declare function setA2AMetadata(task: A2ATask, credentials: AstraSyncCredentials): A2ATask;
32
- /**
33
- * Extract AstraSync credentials from an A2A task's metadata block.
34
- */
35
- declare function extractA2ACredentials(task: A2ATask): AstraSyncCredentials | null;
36
-
37
- /**
38
- * MCP (Model Context Protocol) Transport Adapter
39
- *
40
- * Maps AstraSync credentials to/from MCP params._meta.astrasync block.
41
- */
42
-
43
- interface McpParams {
44
- _meta?: Record<string, unknown>;
45
- [key: string]: unknown;
46
- }
47
- /**
48
- * Add AstraSync credentials to MCP params' _meta block.
49
- */
50
- declare function setMcpMeta(params: McpParams, credentials: AstraSyncCredentials): McpParams;
51
- /**
52
- * Extract AstraSync credentials from MCP params' _meta block.
53
- */
54
- declare function extractMcpCredentials(params: McpParams): AstraSyncCredentials | null;
55
-
56
- /**
57
- * Cross-Protocol Transport Module
58
- *
59
- * Provides adapters for injecting/extracting AstraSync credentials
60
- * across HTTP, A2A, and MCP protocols.
61
- */
62
-
63
- /**
64
- * Auto-detect protocol from request/context shape.
65
- */
66
- declare function detectProtocol(context: Record<string, unknown>): ProtocolTransport;
67
- /**
68
- * Apply credentials to any protocol target.
69
- */
70
- declare function applyCredentials(protocol: ProtocolTransport, target: Record<string, unknown>, credentials: AstraSyncCredentials): Record<string, unknown>;
71
- /**
72
- * Extract credentials from any protocol context.
73
- */
74
- declare function extractCredentialsFromProtocol(protocol: ProtocolTransport, context: Record<string, unknown>): AstraSyncCredentials | null;
75
-
76
- declare const index_applyCredentials: typeof applyCredentials;
77
- declare const index_detectProtocol: typeof detectProtocol;
78
- declare const index_extractA2ACredentials: typeof extractA2ACredentials;
79
- declare const index_extractCredentialsFromProtocol: typeof extractCredentialsFromProtocol;
80
- declare const index_extractHttpCredentials: typeof extractHttpCredentials;
81
- declare const index_extractMcpCredentials: typeof extractMcpCredentials;
82
- declare const index_setA2AMetadata: typeof setA2AMetadata;
83
- declare const index_setHttpHeaders: typeof setHttpHeaders;
84
- declare const index_setMcpMeta: typeof setMcpMeta;
85
- declare namespace index {
86
- export { index_applyCredentials as applyCredentials, index_detectProtocol as detectProtocol, index_extractA2ACredentials as extractA2ACredentials, index_extractCredentialsFromProtocol as extractCredentialsFromProtocol, index_extractHttpCredentials as extractHttpCredentials, index_extractMcpCredentials as extractMcpCredentials, index_setA2AMetadata as setA2AMetadata, index_setHttpHeaders as setHttpHeaders, index_setMcpMeta as setMcpMeta };
87
- }
88
-
89
- export { applyCredentials as a, extractCredentialsFromProtocol as b, extractHttpCredentials as c, detectProtocol as d, extractA2ACredentials as e, extractMcpCredentials as f, setHttpHeaders as g, setMcpMeta as h, index as i, setA2AMetadata as s };