npm - @astrasyncai/verification-gateway - Versions diffs - 2.3.9 → 2.4.0 - Mend

@astrasyncai/verification-gateway 2.3.9 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (87) hide show

package/README.md +64 -9
package/dist/adapter-interface/interface.d.mts +2 -2
package/dist/adapter-interface/interface.d.ts +2 -2
package/dist/adapters/express.d.mts +2 -2
package/dist/adapters/express.d.ts +2 -2
package/dist/adapters/express.js +6 -0
package/dist/adapters/express.js.map +1 -1
package/dist/adapters/express.mjs +6 -0
package/dist/adapters/express.mjs.map +1 -1
package/dist/adapters/mcp.d.mts +1 -1
package/dist/adapters/mcp.d.ts +1 -1
package/dist/adapters/mcp.js +44 -4
package/dist/adapters/mcp.js.map +1 -1
package/dist/adapters/mcp.mjs +44 -4
package/dist/adapters/mcp.mjs.map +1 -1
package/dist/adapters/nextjs.d.mts +2 -2
package/dist/adapters/nextjs.d.ts +2 -2
package/dist/adapters/nextjs.js +6 -0
package/dist/adapters/nextjs.js.map +1 -1
package/dist/adapters/nextjs.mjs +6 -0
package/dist/adapters/nextjs.mjs.map +1 -1
package/dist/adapters/sdk.d.mts +2 -2
package/dist/adapters/sdk.d.ts +2 -2
package/dist/adapters/sdk.js +6 -0
package/dist/adapters/sdk.js.map +1 -1
package/dist/adapters/sdk.mjs +6 -0
package/dist/adapters/sdk.mjs.map +1 -1
package/dist/agent/index.d.mts +2 -2
package/dist/agent/index.d.ts +2 -2
package/dist/bin/astrasync.js +348 -0
package/dist/browser/background.js +6 -0
package/dist/browser/background.js.map +1 -1
package/dist/browser/background.mjs +6 -0
package/dist/browser/background.mjs.map +1 -1
package/dist/browser/browser-adapter.d.mts +2 -2
package/dist/browser/browser-adapter.d.ts +2 -2
package/dist/cli/index.d.mts +2 -2
package/dist/cli/index.d.ts +2 -2
package/dist/cursor/cursor-adapter.d.mts +2 -2
package/dist/cursor/cursor-adapter.d.ts +2 -2
package/dist/cursor/extension.d.mts +2 -2
package/dist/cursor/extension.d.ts +2 -2
package/dist/cursor/extension.js +6 -0
package/dist/cursor/extension.js.map +1 -1
package/dist/cursor/extension.mjs +6 -0
package/dist/cursor/extension.mjs.map +1 -1
package/dist/{express-BiB51d5t.d.mts → express-4Vau6x6X.d.mts} +1 -1
package/dist/{express-D6tEDU08.d.ts → express-Nq-wWICa.d.ts} +1 -1
package/dist/gateway/gateway.d.mts +2 -2
package/dist/gateway/gateway.d.ts +2 -2
package/dist/gateway/gateway.js +6 -0
package/dist/gateway/gateway.js.map +1 -1
package/dist/gateway/gateway.mjs +6 -0
package/dist/gateway/gateway.mjs.map +1 -1
package/dist/git-trigger/git-hooks.d.mts +2 -2
package/dist/git-trigger/git-hooks.d.ts +2 -2
package/dist/{index-8DFMpITk.d.ts → index-B-EovXnY.d.ts} +1 -1
package/dist/{index-Yt02MRyu.d.ts → index-CxwCN7AC.d.ts} +1 -1
package/dist/{index-CAykfMWK.d.mts → index-DiToN8gh.d.mts} +1 -1
package/dist/{index-B--6fiDp.d.mts → index-DkyPV14Y.d.mts} +1 -1
package/dist/index.d.mts +7 -7
package/dist/index.d.ts +7 -7
package/dist/index.js +6 -0
package/dist/index.js.map +1 -1
package/dist/index.mjs +6 -0
package/dist/index.mjs.map +1 -1
package/dist/local-evaluator/evaluator.d.mts +2 -2
package/dist/local-evaluator/evaluator.d.ts +2 -2
package/dist/{nextjs-CpxqfQqD.d.mts → nextjs-BTR7Oix-.d.mts} +1 -1
package/dist/{nextjs-CK5F_tVZ.d.ts → nextjs-DO_4crcp.d.ts} +1 -1
package/dist/registration/index.d.mts +218 -0
package/dist/registration/index.d.ts +218 -0
package/dist/registration/index.js +212 -0
package/dist/registration/index.js.map +1 -0
package/dist/registration/index.mjs +172 -0
package/dist/registration/index.mjs.map +1 -0
package/dist/{sdk-yJjO7yzn.d.mts → sdk-DSLCyXIX.d.mts} +1 -1
package/dist/{sdk-BMvauMgP.d.ts → sdk-TnHXD-Oh.d.ts} +1 -1
package/dist/transport/index.d.mts +2 -2
package/dist/transport/index.d.ts +2 -2
package/dist/{types-UYT4GdPW.d.mts → types-BVp22KkN.d.mts} +12 -0
package/dist/{types-UYT4GdPW.d.ts → types-BVp22KkN.d.ts} +12 -0
package/dist/{types-ppkhdldJ.d.ts → types-DVCWReEN.d.ts} +1 -1
package/dist/{types-CKafuHDn.d.mts → types-pU2O0BFq.d.mts} +1 -1
package/dist/ui/index.d.mts +1 -1
package/dist/ui/index.d.ts +1 -1
package/package.json +14 -2

package/dist/bin/astrasync.js ADDED Viewed

@@ -0,0 +1,348 @@
+#!/usr/bin/env node
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+// src/registration/errors.ts
+var AstraSyncError = class extends Error {
+  constructor(message, statusCode, code) {
+    super(message);
+    this.name = "AstraSyncError";
+    this.statusCode = statusCode;
+    this.code = code;
+  }
+};
+var KYDRequiredError = class extends AstraSyncError {
+  constructor(response) {
+    const kydUrl = response.kydUrl || "https://astrasync.ai/developer-profile";
+    super(
+      `KYD verification required before registering agents.
+Complete your KYD profile at: ${kydUrl}`,
+      403,
+      "KYD_REQUIRED"
+    );
+    this.name = "KYDRequiredError";
+    this.kydUrl = kydUrl;
+    this.ownerNotified = response.ownerNotified || false;
+  }
+};
+var AuthenticationError = class extends AstraSyncError {
+  constructor(message) {
+    super(message, 401, "AUTH_FAILED");
+    this.name = "AuthenticationError";
+  }
+};
+// src/registration/api.ts
+var DEFAULT_BASE_URL = "https://astrasync.ai";
+var AstraSync = class {
+  constructor(config = {}) {
+    this.baseUrl = (config.baseUrl || process.env.ASTRASYNC_API_URL || DEFAULT_BASE_URL).replace(
+      /\/+$/,
+      ""
+    );
+    this.apiKey = config.apiKey || process.env.ASTRASYNC_API_KEY;
+    this.email = config.email;
+    this.password = config.password;
+    this.privateKey = config.privateKey;
+    if (!this.apiKey && !this.email) {
+      throw new AuthenticationError(
+        "Authentication required. Provide apiKey, or email+password. Set ASTRASYNC_API_KEY env var or pass config to constructor."
+      );
+    }
+    if (this.email && !this.password) {
+      throw new AuthenticationError("Password is required when using email authentication.");
+    }
+  }
+  /**
+   * Register a new AI agent on the AstraSync KYA Platform.
+   * Sends full payload including model, framework, PDLSS, and metadata.
+   */
+  async register(options) {
+    const body = {
+      name: options.name,
+      ...options.description && { description: options.description },
+      ...options.agentType && { agentType: options.agentType },
+      ...options.apiEndpoint && { apiEndpoint: options.apiEndpoint },
+      ...options.model && { model: options.model },
+      ...options.framework && { framework: options.framework },
+      ...options.protocols && { protocols: options.protocols },
+      ...options.metadata && { metadata: options.metadata },
+      ...options.pdlss && { pdlss: options.pdlss }
+    };
+    return this.request("POST", "/api/agents/register", body);
+  }
+  /**
+   * Look up an agent's public profile by ASTRA ID or UUID.
+   */
+  async verify(agentId) {
+    return this.request("GET", `/api/agents/verify/${agentId}`);
+  }
+  /**
+   * Check API health.
+   */
+  async health() {
+    const res = await fetch(`${this.baseUrl}/api/health/`);
+    if (!res.ok) {
+      throw new AstraSyncError(`Health check failed: ${res.status}`, res.status);
+    }
+    return res.json();
+  }
+  // ── Private helpers ──────────────────────────────────────────────
+  async request(method, endpoint, body) {
+    const url = `${this.baseUrl}${endpoint}`;
+    const headers = {
+      "Content-Type": "application/json"
+    };
+    const token = await this.getAuthToken();
+    headers["Authorization"] = `Bearer ${token}`;
+    if (this.privateKey) {
+      const signature = await this.signRequest(method, endpoint, body || {});
+      headers["X-AstraSync-Signature"] = signature;
+    }
+    const res = await fetch(url, {
+      method,
+      headers,
+      ...body ? { body: JSON.stringify(body) } : {}
+    });
+    if (!res.ok) {
+      const errorBody = await res.json().catch(() => ({ error: res.statusText }));
+      if (res.status === 403 && errorBody.code === "KYD_REQUIRED") {
+        throw new KYDRequiredError(errorBody);
+      }
+      throw new AstraSyncError(
+        errorBody.error || `Request failed: ${res.status}`,
+        res.status,
+        errorBody.code
+      );
+    }
+    return res.json();
+  }
+  async getAuthToken() {
+    if (this.apiKey) {
+      return this.apiKey;
+    }
+    if (this.cachedJwt && this.jwtExpiresAt && Date.now() < this.jwtExpiresAt) {
+      return this.cachedJwt;
+    }
+    const res = await fetch(`${this.baseUrl}/api/auth/login`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ email: this.email, password: this.password })
+    });
+    if (!res.ok) {
+      const errorBody = await res.json().catch(() => ({}));
+      throw new AuthenticationError(
+        errorBody.message || errorBody.error || "Login failed"
+      );
+    }
+    const data = await res.json();
+    this.cachedJwt = data.data.token;
+    this.jwtExpiresAt = Date.now() + 6 * 24 * 60 * 60 * 1e3;
+    return this.cachedJwt;
+  }
+  /**
+   * Sign a request using secp256k1 (ethers.js).
+   * Canonical message format: METHOD:ENDPOINT:SORTED_JSON_BODY
+   * Must match apps/backend/src/services/signature-verify.service.ts exactly.
+   */
+  async signRequest(method, endpoint, body) {
+    const { Wallet } = await import("ethers");
+    const sorted = this.sortObjectKeys(body);
+    const canonical = `${method}:${endpoint}:${JSON.stringify(sorted)}`;
+    const wallet = new Wallet(this.privateKey);
+    return wallet.signMessage(canonical);
+  }
+  /** Recursively sort object keys for canonical JSON representation. */
+  sortObjectKeys(obj) {
+    if (obj === null || typeof obj !== "object") {
+      return obj;
+    }
+    if (Array.isArray(obj)) {
+      return obj.map((item) => this.sortObjectKeys(item));
+    }
+    const sorted = {};
+    for (const key of Object.keys(obj).sort()) {
+      sorted[key] = this.sortObjectKeys(obj[key]);
+    }
+    return sorted;
+  }
+};
+// src/bin/astrasync.ts
+function usage() {
+  console.log(`
+astrasync - AstraSync KYA Platform CLI
+USAGE:
+  astrasync [options] <command> [args]
+GLOBAL OPTIONS:
+  --api-key <key>       API key (kya_ prefixed). Also reads ASTRASYNC_API_KEY env.
+  --email <email>       Email for login auth
+  --password <pass>     Password for login auth
+  --private-key <key>   secp256k1 private key for crypto signing
+  --base-url <url>      API base URL (default: https://astrasync.ai; use https://staging.astrasync.ai for staging)
+  --help                Show this help message
+COMMANDS:
+  register              Register a new AI agent
+  verify <id>           Look up an agent by ASTRA ID or UUID
+  health                Check API health
+REGISTER OPTIONS:
+  --name <name>                 Agent name (required)
+  --description <desc>          Agent description
+  --agent-type <type>           Agent type (default: general)
+  --api-endpoint <url>          Agent API endpoint URL
+  --model-name <name>           LLM model name (e.g. claude-opus-4.6)
+  --model-provider <provider>   Model provider (e.g. anthropic, openai)
+  --model-type <type>           Model type (default: llm)
+  --framework-name <name>       Framework name (e.g. langchain, crewai)
+  --framework-version <ver>     Framework version
+EXAMPLES:
+  astrasync --api-key kya_xxx register --name "My Agent"
+  astrasync register --name "My Agent" --model-name gpt-4o --model-provider openai
+  astrasync verify ASTRA-abc123
+  astrasync health
+`);
+}
+function parseArgs(args) {
+  const globals = {};
+  const commandArgs = {};
+  let command = "";
+  let inCommand = false;
+  for (let i = 0; i < args.length; i++) {
+    const arg = args[i];
+    if (!inCommand && !arg.startsWith("--")) {
+      command = arg;
+      inCommand = true;
+      continue;
+    }
+    if (arg === "--help" || arg === "-h") {
+      globals["help"] = "true";
+      continue;
+    }
+    if (arg.startsWith("--")) {
+      const key = arg.slice(2);
+      const value = args[++i] || "";
+      if (inCommand) {
+        commandArgs[key] = value;
+      } else {
+        globals[key] = value;
+      }
+    }
+  }
+  return { globals, command, commandArgs };
+}
+async function main() {
+  const { globals, command, commandArgs } = parseArgs(process.argv.slice(2));
+  if (globals["help"] || !command) {
+    usage();
+    process.exit(command ? 0 : 1);
+  }
+  const config = {
+    apiKey: globals["api-key"],
+    email: globals["email"],
+    password: globals["password"],
+    privateKey: globals["private-key"],
+    baseUrl: globals["base-url"]
+  };
+  try {
+    if (command === "health") {
+      const client2 = new AstraSync({
+        apiKey: config.apiKey || "health-check",
+        baseUrl: config.baseUrl
+      });
+      const result = await client2.health();
+      console.log(JSON.stringify(result, null, 2));
+      return;
+    }
+    const client = new AstraSync({
+      apiKey: config.apiKey,
+      email: config.email,
+      password: config.password,
+      privateKey: config.privateKey,
+      baseUrl: config.baseUrl
+    });
+    if (command === "register") {
+      const name = commandArgs["name"];
+      if (!name) {
+        console.error("Error: --name is required for register command");
+        process.exit(1);
+      }
+      const options = {
+        name,
+        ...commandArgs["description"] && { description: commandArgs["description"] },
+        ...commandArgs["agent-type"] && { agentType: commandArgs["agent-type"] },
+        ...commandArgs["api-endpoint"] && { apiEndpoint: commandArgs["api-endpoint"] }
+      };
+      if (commandArgs["model-name"] && commandArgs["model-provider"]) {
+        options.model = {
+          modelName: commandArgs["model-name"],
+          modelProvider: commandArgs["model-provider"],
+          ...commandArgs["model-type"] && {
+            modelType: commandArgs["model-type"]
+          }
+        };
+      }
+      if (commandArgs["framework-name"] && commandArgs["framework-version"]) {
+        options.framework = {
+          frameworkName: commandArgs["framework-name"],
+          frameworkVersion: commandArgs["framework-version"]
+        };
+      }
+      const result = await client.register(options);
+      console.log(JSON.stringify(result, null, 2));
+    } else if (command === "verify") {
+      const agentId = commandArgs["id"] || process.argv[process.argv.length - 1];
+      if (!agentId || agentId.startsWith("--")) {
+        console.error("Error: agent ID is required for verify command");
+        process.exit(1);
+      }
+      const result = await client.verify(agentId);
+      console.log(JSON.stringify(result, null, 2));
+    } else {
+      console.error(`Unknown command: ${command}`);
+      usage();
+      process.exit(1);
+    }
+  } catch (error) {
+    if (error instanceof KYDRequiredError) {
+      console.error(`
+Error: ${error.message}`);
+      if (error.ownerNotified) {
+        console.error("A reminder email has been sent to your registered email address.");
+      }
+      process.exit(1);
+    }
+    if (error instanceof AstraSyncError) {
+      console.error(`
+Error [${error.code || error.statusCode}]: ${error.message}`);
+      process.exit(1);
+    }
+    throw error;
+  }
+}
+main();

package/dist/browser/background.js CHANGED Viewed

@@ -3518,6 +3518,9 @@ async function verify(config, request) {
       verifiedAt: /* @__PURE__ */ new Date(),
       // Extract sessionId so decisions can be recorded for denials too
       sessionId: apiResponse.sessionId,
+      // v2.3.10 (defect #34, round-4): anonymous traffic has no session →
+      // correlationId is the linking key for paired local_override events.
+      correlationId: apiResponse.correlationId,
       recommendation: apiResponse.recommendation,
       recommendationReasons: apiResponse.recommendationReasons
     };
@@ -3558,6 +3561,9 @@ async function verify(config, request) {
     cacheTtl: mergedConfig.cacheTtl,
     // Handshake Protocol v10 enhanced fields (present when backend returns them)
     sessionId: apiResponse.sessionId,
+    // v2.3.10 (defect #34, round-4): anonymous responses surface correlationId
+    // (no session row exists for unverified callers).
+    correlationId: apiResponse.correlationId,
     runtimeChallenge: apiResponse.runtimeChallenge,
     tokenGuidance: apiResponse.tokenGuidance,
     recommendation: apiResponse.recommendation,