@astrasyncai/verification-gateway 3.1.0 → 3.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (79) hide show
  1. package/dist/adapter-interface/interface.d.mts +2 -2
  2. package/dist/adapter-interface/interface.d.ts +2 -2
  3. package/dist/adapters/express.d.mts +2 -2
  4. package/dist/adapters/express.d.ts +2 -2
  5. package/dist/adapters/express.js +46 -61
  6. package/dist/adapters/express.js.map +1 -1
  7. package/dist/adapters/express.mjs +46 -61
  8. package/dist/adapters/express.mjs.map +1 -1
  9. package/dist/adapters/mcp.d.mts +12 -7
  10. package/dist/adapters/mcp.d.ts +12 -7
  11. package/dist/adapters/mcp.js +60 -99
  12. package/dist/adapters/mcp.js.map +1 -1
  13. package/dist/adapters/mcp.mjs +60 -99
  14. package/dist/adapters/mcp.mjs.map +1 -1
  15. package/dist/adapters/nextjs.d.mts +2 -2
  16. package/dist/adapters/nextjs.d.ts +2 -2
  17. package/dist/adapters/nextjs.js +37 -30
  18. package/dist/adapters/nextjs.js.map +1 -1
  19. package/dist/adapters/nextjs.mjs +37 -30
  20. package/dist/adapters/nextjs.mjs.map +1 -1
  21. package/dist/adapters/sdk.d.mts +2 -2
  22. package/dist/adapters/sdk.d.ts +2 -2
  23. package/dist/adapters/sdk.js +25 -14
  24. package/dist/adapters/sdk.js.map +1 -1
  25. package/dist/adapters/sdk.mjs +25 -14
  26. package/dist/adapters/sdk.mjs.map +1 -1
  27. package/dist/agent/index.d.mts +2 -2
  28. package/dist/agent/index.d.ts +2 -2
  29. package/dist/browser/background.js +18 -21
  30. package/dist/browser/background.js.map +1 -1
  31. package/dist/browser/background.mjs +18 -21
  32. package/dist/browser/background.mjs.map +1 -1
  33. package/dist/browser/browser-adapter.d.mts +2 -2
  34. package/dist/browser/browser-adapter.d.ts +2 -2
  35. package/dist/cli/index.d.mts +2 -2
  36. package/dist/cli/index.d.ts +2 -2
  37. package/dist/cursor/cursor-adapter.d.mts +2 -2
  38. package/dist/cursor/cursor-adapter.d.ts +2 -2
  39. package/dist/cursor/extension.d.mts +2 -2
  40. package/dist/cursor/extension.d.ts +2 -2
  41. package/dist/cursor/extension.js +18 -21
  42. package/dist/cursor/extension.js.map +1 -1
  43. package/dist/cursor/extension.mjs +18 -21
  44. package/dist/cursor/extension.mjs.map +1 -1
  45. package/dist/{express-DavQ76oF.d.ts → express-BowlMHQF.d.ts} +1 -1
  46. package/dist/{express-DFVBlXr_.d.mts → express-CeoSdOAZ.d.mts} +1 -1
  47. package/dist/gateway/gateway.d.mts +2 -2
  48. package/dist/gateway/gateway.d.ts +2 -2
  49. package/dist/gateway/gateway.js +18 -21
  50. package/dist/gateway/gateway.js.map +1 -1
  51. package/dist/gateway/gateway.mjs +18 -21
  52. package/dist/gateway/gateway.mjs.map +1 -1
  53. package/dist/git-trigger/git-hooks.d.mts +2 -2
  54. package/dist/git-trigger/git-hooks.d.ts +2 -2
  55. package/dist/{index-BhL2R65s.d.mts → index-B51W8gn8.d.mts} +1 -1
  56. package/dist/{index-BhEgEiJL.d.ts → index-DBmlycVm.d.ts} +1 -1
  57. package/dist/{index-BVxantdv.d.mts → index-DtGziFEm.d.mts} +1 -1
  58. package/dist/{index-Dk2nIA4w.d.ts → index-DzXXBuLm.d.ts} +1 -1
  59. package/dist/index.d.mts +7 -7
  60. package/dist/index.d.ts +7 -7
  61. package/dist/index.js +87 -122
  62. package/dist/index.js.map +1 -1
  63. package/dist/index.mjs +87 -122
  64. package/dist/index.mjs.map +1 -1
  65. package/dist/local-evaluator/evaluator.d.mts +2 -2
  66. package/dist/local-evaluator/evaluator.d.ts +2 -2
  67. package/dist/{nextjs-D-maqrNz.d.mts → nextjs-BW1rzr1I.d.mts} +1 -1
  68. package/dist/{nextjs-BXLH1hJj.d.ts → nextjs-V_K0qlAQ.d.ts} +1 -1
  69. package/dist/{sdk-767LaEP8.d.mts → sdk-ZYgI7G9f.d.ts} +14 -3
  70. package/dist/{sdk-K8IgssHI.d.ts → sdk-e5jg7sqW.d.mts} +14 -3
  71. package/dist/transport/index.d.mts +2 -2
  72. package/dist/transport/index.d.ts +2 -2
  73. package/dist/{types-CyFwZ_Yu.d.mts → types-BNiLZY0i.d.mts} +1 -1
  74. package/dist/{types-WIRp_BP_.d.ts → types-DJi-u3fz.d.ts} +1 -1
  75. package/dist/{types-Cuh7ELfr.d.mts → types-rFh4VMH4.d.mts} +5 -2
  76. package/dist/{types-Cuh7ELfr.d.ts → types-rFh4VMH4.d.ts} +5 -2
  77. package/dist/ui/index.d.mts +1 -1
  78. package/dist/ui/index.d.ts +1 -1
  79. package/package.json +1 -1
@@ -1,6 +1,6 @@
1
1
  import { AstraSyncGateway } from '../gateway/gateway.mjs';
2
- import { A as AgentAction, I as InterceptResult, P as PDLSSContext, V as VerificationDecision } from '../types-CyFwZ_Yu.mjs';
3
- import '../types-Cuh7ELfr.mjs';
2
+ import { A as AgentAction, I as InterceptResult, P as PDLSSContext, V as VerificationDecision } from '../types-BNiLZY0i.mjs';
3
+ import '../types-rFh4VMH4.mjs';
4
4
 
5
5
  /**
6
6
  * PlatformAdapter Interface
@@ -1,6 +1,6 @@
1
1
  import { AstraSyncGateway } from '../gateway/gateway.js';
2
- import { A as AgentAction, I as InterceptResult, P as PDLSSContext, V as VerificationDecision } from '../types-WIRp_BP_.js';
3
- import '../types-Cuh7ELfr.js';
2
+ import { A as AgentAction, I as InterceptResult, P as PDLSSContext, V as VerificationDecision } from '../types-DJi-u3fz.js';
3
+ import '../types-rFh4VMH4.js';
4
4
 
5
5
  /**
6
6
  * PlatformAdapter Interface
@@ -1,3 +1,3 @@
1
1
  import 'express';
2
- import '../types-Cuh7ELfr.mjs';
3
- export { c as createMiddleware, a as extractAstraSyncCredentials } from '../express-DFVBlXr_.mjs';
2
+ import '../types-rFh4VMH4.mjs';
3
+ export { c as createMiddleware, a as extractAstraSyncCredentials } from '../express-CeoSdOAZ.mjs';
@@ -1,3 +1,3 @@
1
1
  import 'express';
2
- import '../types-Cuh7ELfr.js';
3
- export { c as createMiddleware, a as extractAstraSyncCredentials } from '../express-DavQ76oF.js';
2
+ import '../types-rFh4VMH4.js';
3
+ export { c as createMiddleware, a as extractAstraSyncCredentials } from '../express-BowlMHQF.js';
@@ -26,26 +26,15 @@ __export(express_exports, {
26
26
  module.exports = __toCommonJS(express_exports);
27
27
 
28
28
  // src/access-levels.ts
29
- var ACCESS_LEVEL_HIERARCHY = {
30
- none: 0,
31
- restricted: 1,
32
- "read-only": 2,
33
- standard: 3,
34
- full: 4,
35
- internal: 5
36
- };
37
29
  function getTrustLevel(score) {
38
30
  if (score >= 80) return "PLATINUM";
39
31
  if (score >= 60) return "GOLD";
40
32
  if (score >= 40) return "SILVER";
41
33
  return "BRONZE";
42
34
  }
43
- function hasMinimumAccess(actual, required) {
44
- return ACCESS_LEVEL_HIERARCHY[actual] >= ACCESS_LEVEL_HIERARCHY[required];
45
- }
46
35
 
47
36
  // src/version.ts
48
- var SDK_VERSION = "3.1.0";
37
+ var SDK_VERSION = "3.2.1";
49
38
 
50
39
  // src/well-known.ts
51
40
  var CACHE_TTL_MS = 60 * 60 * 1e3;
@@ -150,7 +139,7 @@ async function performInitCheck(apiBaseUrl, debug, strictInit) {
150
139
  }
151
140
  }
152
141
  var verificationCache = /* @__PURE__ */ new Map();
153
- function getCacheKey(request) {
142
+ function getCacheKey(request, counterpartyId) {
154
143
  const c = request.credentials;
155
144
  return [
156
145
  c.astraId || "",
@@ -163,6 +152,14 @@ function getCacheKey(request) {
163
152
  request.jurisdiction || "",
164
153
  request.transactionValue ?? "",
165
154
  request.currency || "",
155
+ // SECURITY (cross-merchant cache leak): the merchant identity is sent via
156
+ // `config.counterpartyId`, NOT on the request, so it was previously absent
157
+ // from the key — two verifies for the SAME agent/purpose/action/value but
158
+ // DIFFERENT merchants collided, and a grant at a permissive merchant (low
159
+ // trust floor) was served for a stricter one. Same bug class as the
160
+ // duration omission (F-A1-07). counterpartyId affects the backend verdict
161
+ // (trust floor / per-route policy), so it MUST key the cache.
162
+ counterpartyId || "",
166
163
  request.counterpartyUrl || "",
167
164
  request.counterpartyType || "",
168
165
  request.isSubAgentRequest ? "1" : "0",
@@ -186,8 +183,8 @@ function getCacheKey(request) {
186
183
  request.callerMetadata?.agentCardUrl || ""
187
184
  ].join("|");
188
185
  }
189
- function getCachedResult(request) {
190
- const key = getCacheKey(request);
186
+ function getCachedResult(request, counterpartyId) {
187
+ const key = getCacheKey(request, counterpartyId);
191
188
  const cached = verificationCache.get(key);
192
189
  if (cached && cached.expiresAt > Date.now()) {
193
190
  return cached.result;
@@ -199,9 +196,9 @@ function getCachedResult(request) {
199
196
  }
200
197
  var DEFAULT_AUTONOMOUS_TTL_SECONDS = 60;
201
198
  var DEFAULT_STEP_UP_TTL_SECONDS = 300;
202
- function cacheResult(request, result, configuredTtl) {
199
+ function cacheResult(request, result, configuredTtl, counterpartyId) {
203
200
  const ttlSeconds = configuredTtl && configuredTtl > 0 ? configuredTtl : result.requiresStepUp ? DEFAULT_STEP_UP_TTL_SECONDS : DEFAULT_AUTONOMOUS_TTL_SECONDS;
204
- const key = getCacheKey(request);
201
+ const key = getCacheKey(request, counterpartyId);
205
202
  verificationCache.set(key, {
206
203
  result,
207
204
  expiresAt: Date.now() + ttlSeconds * 1e3
@@ -393,7 +390,7 @@ async function verify(config, request) {
393
390
  );
394
391
  }
395
392
  if (mergedConfig.cacheTtl !== 0) {
396
- const cached = getCachedResult(request);
393
+ const cached = getCachedResult(request, mergedConfig.counterpartyId);
397
394
  if (cached) {
398
395
  if (mergedConfig.debug) {
399
396
  console.log("[VerificationGateway] Returning cached result");
@@ -445,8 +442,8 @@ async function verify(config, request) {
445
442
  verifiedAt: /* @__PURE__ */ new Date(),
446
443
  // Extract sessionId so decisions can be recorded for denials too
447
444
  sessionId: apiResponse.sessionId,
448
- // v2.3.10 (defect #34, round-4): anonymous traffic has no session →
449
- // correlationId is the linking key for paired local_override events.
445
+ // Anonymous traffic has no session → correlationId is the per-attempt
446
+ // linking key (the sessionId-equivalent for anonymous callers).
450
447
  correlationId: apiResponse.correlationId,
451
448
  recommendation: apiResponse.recommendation,
452
449
  recommendationReasons: apiResponse.recommendationReasons
@@ -520,17 +517,14 @@ async function verify(config, request) {
520
517
  };
521
518
  } else if (result.recommendation === "step_up_required") {
522
519
  result.requiresStepUp = true;
523
- if (ACCESS_LEVEL_HIERARCHY[result.accessLevel] > ACCESS_LEVEL_HIERARCHY["read-only"]) {
524
- result.accessLevel = "read-only";
525
- }
526
520
  result.denialReasons = result.recommendationReasons || ["Step-up verification required"];
527
521
  }
528
522
  if (mergedConfig.cacheTtl !== 0 && result.recommendation !== "deny") {
529
- cacheResult(request, result, mergedConfig.cacheTtl);
523
+ cacheResult(request, result, mergedConfig.cacheTtl, mergedConfig.counterpartyId);
530
524
  }
531
525
  return result;
532
526
  }
533
- async function recordDecision(config, sessionId, decision, reason, override) {
527
+ async function recordDecision(config, sessionId, decision, reason) {
534
528
  const headers = { "Content-Type": "application/json" };
535
529
  if (config.apiKey) {
536
530
  headers["Authorization"] = `Bearer ${config.apiKey}`;
@@ -539,16 +533,7 @@ async function recordDecision(config, sessionId, decision, reason, override) {
539
533
  await fetch(`${config.apiBaseUrl}/agents/verify-access/${sessionId}/decision`, {
540
534
  method: "POST",
541
535
  headers,
542
- body: JSON.stringify({
543
- decision,
544
- reason,
545
- ...override && {
546
- overriddenBy: override.overriddenBy,
547
- toolName: override.toolName,
548
- requestedLevel: override.requestedLevel,
549
- grantedLevel: override.grantedLevel
550
- }
551
- })
536
+ body: JSON.stringify({ decision, reason })
552
537
  }).catch(() => {
553
538
  });
554
539
  }
@@ -706,6 +691,19 @@ function resolveHttpPdlss(input) {
706
691
  return { purpose, action, purposeSource, actionSource };
707
692
  }
708
693
 
694
+ // src/adapters/approval-gate.ts
695
+ var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval, which is not yet available \u2014 it cannot be completed automatically.";
696
+ function requiresHumanApproval(result) {
697
+ return result.requiresStepUp === true || result.requiresApproval === true;
698
+ }
699
+ function annotateApprovalRequired(result) {
700
+ result.failures = [
701
+ ...result.failures ?? [],
702
+ { dimension: "commerce.intent.approval_required", message: APPROVAL_REASON }
703
+ ];
704
+ result.denialReasons = [APPROVAL_REASON, ...result.denialReasons ?? []];
705
+ }
706
+
709
707
  // src/pdlss-pre-check.ts
710
708
  function performCounterpartyPreCheck(routeConfig, astraCreds, purpose) {
711
709
  const failures = [];
@@ -1013,6 +1011,16 @@ function createMiddleware(options) {
1013
1011
  onDenied(result, req, res);
1014
1012
  return;
1015
1013
  }
1014
+ if (requiresHumanApproval(result)) {
1015
+ annotateApprovalRequired(result);
1016
+ if (shouldRecordDecisions && sessionId) {
1017
+ recordDecision(config, sessionId, "denied", result.denialReasons?.[0]).catch(() => {
1018
+ });
1019
+ }
1020
+ dedupeFailures(result);
1021
+ onDenied(result, req, res);
1022
+ return;
1023
+ }
1016
1024
  if (!shouldEnforce) {
1017
1025
  if (config.setPassThroughHeader) {
1018
1026
  res.setHeader("X-Astra-Gateway-Mode", "enforced");
@@ -1024,35 +1032,12 @@ function createMiddleware(options) {
1024
1032
  }
1025
1033
  return next();
1026
1034
  }
1027
- if (!hasMinimumAccess(result.accessLevel, routeConfig.minAccessLevel)) {
1028
- const insufficientFailure = {
1029
- dimension: "access_level.insufficient",
1030
- message: `Endpoint requires accessLevel '${routeConfig.minAccessLevel}'; agent has '${result.accessLevel}'.`,
1031
- guidance: "Request elevated access via step-up verification (coming soon \u2014 ships this month). Step-up lets the agent owner approve a one-time elevation for this specific counterparty + purpose without changing the agent's baseline trust score."
1032
- };
1033
- result.failures = [...result.failures ?? [], insufficientFailure];
1034
- result.denialReasons = [...result.denialReasons ?? [], insufficientFailure.message];
1035
- if (!result.guidance && wellKnownUrls) {
1036
- result.guidance = {
1037
- message: insufficientFailure.message,
1038
- registrationUrl: wellKnownUrls.registrationUrl,
1039
- documentationUrl: wellKnownUrls.documentationUrl
1040
- };
1041
- }
1042
- if (shouldRecordDecisions && sessionId) {
1043
- recordDecision(config, sessionId, "denied", insufficientFailure.message).catch(() => {
1044
- });
1045
- }
1046
- dedupeFailures(result);
1047
- onDenied(result, req, res);
1048
- return;
1049
- }
1050
1035
  if (routeConfig.minTrustScore && result.agent) {
1051
1036
  if (result.agent.trustScore < routeConfig.minTrustScore) {
1052
1037
  const trustFailure = {
1053
- dimension: "access_level.insufficient",
1054
- message: `Trust score ${result.agent.trustScore} is below required ${routeConfig.minTrustScore} for this route.`,
1055
- guidance: "Request elevated access via step-up verification (coming soon \u2014 ships this month). Step-up lets the agent owner approve a one-time elevation for this specific counterparty + purpose without changing the agent's baseline trust score."
1038
+ dimension: "endpoint.trust",
1039
+ message: "Trust below the route requirement for this endpoint.",
1040
+ guidance: "Trust is below this route's floor. Trust is not overridable \u2014 the agent either meets the endpoint's trust policy or it doesn't. Raise the agent's trust via real signals (KYD, blockchain registration, agent-card), or have the operator lower the route's minTrustScore."
1056
1041
  };
1057
1042
  result.failures = [...result.failures ?? [], trustFailure];
1058
1043
  result.denialReasons = [trustFailure.message];