@atlasent/sdk 1.5.0

package/LICENSE

@@ -0,0 +1,190 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for describing the origin of the Work and
+      reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2026 AtlaSent Systems Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -0,0 +1,133 @@
+# @atlasent/sdk
+
+Execution-time authorization for AI agents, in TypeScript. Two methods, zero runtime dependencies, one function call per decision.
+
+```bash
+npm i @atlasent/sdk
+```
+
+## Quickstart
+
+```ts
+import { AtlaSentClient } from "@atlasent/sdk";
+
+const client = new AtlaSentClient({ apiKey: process.env.ATLASENT_API_KEY! });
+
+const result = await client.evaluate({
+  agent: "clinical-data-agent",
+  action: "modify_patient_record",
+  context: { user: "dr_smith", environment: "production" },
+});
+
+if (result.decision === "ALLOW") {
+  // execute the action
+} else {
+  console.warn("Blocked:", result.reason);
+}
+```
+
+That's it. `evaluate()` calls the AtlaSent policy engine, generates a hash-chained audit entry (21 CFR Part 11 / GxP-ready), and returns a result you branch on. A clean `DENY` is **not** thrown — network / server / auth failures are.
+
+## Two methods, that's the whole surface
+
+```ts
+client.evaluate({ agent, action, context? })
+  // → { decision: "ALLOW" | "DENY", permitId, reason, auditHash, timestamp }
+
+client.verifyPermit({ permitId, agent?, action?, context? })
+  // → { verified, outcome, permitHash, timestamp }
+```
+
+`verifyPermit()` confirms a previously-issued permit end-to-end — use it as a second-factor gate (e.g., in a CI deploy pipeline before side-effects run).
+
+## CI deploy-gate pattern
+
+```ts
+import { AtlaSentClient } from "@atlasent/sdk";
+
+const client = new AtlaSentClient({ apiKey: process.env.ATLASENT_API_KEY! });
+
+const evaluation = await client.evaluate({
+  agent: "ci-deploy-bot",
+  action: "deploy_to_production",
+  context: { service: "billing-api", commit: process.env.GIT_SHA },
+});
+
+if (evaluation.decision !== "ALLOW") {
+  console.error("Deploy blocked:", evaluation.reason);
+  process.exit(1);
+}
+
+const verification = await client.verifyPermit({
+  permitId: evaluation.permitId,
+});
+
+if (!verification.verified) {
+  console.error("Permit verification failed — aborting");
+  process.exit(1);
+}
+
+// runDeploy();
+```
+
+See [`examples/deploy-gate.ts`](./examples/deploy-gate.ts) for a complete CI-shaped script.
+
+## Constructor options
+
+```ts
+new AtlaSentClient({
+  apiKey: "ask_live_...",           // required
+  baseUrl: "https://api.atlasent.io", // default
+  timeoutMs: 10_000,                  // default — per-request
+  fetch: customFetch,                 // default: globalThis.fetch
+});
+```
+
+## Error handling
+
+The SDK throws exactly one error type — `AtlaSentError` — with a flat shape that mirrors Stripe / Octokit / Supabase conventions:
+
+```ts
+import { AtlaSentError } from "@atlasent/sdk";
+
+try {
+  await client.evaluate({ agent: "a", action: "b" });
+} catch (err) {
+  if (err instanceof AtlaSentError) {
+    console.error(err.code, err.status, err.requestId, err.retryAfterMs);
+  }
+}
+```
+
+| `err.code`         | When it's thrown                                        |
+|--------------------|---------------------------------------------------------|
+| `invalid_api_key`  | HTTP 401                                                |
+| `forbidden`        | HTTP 403                                                |
+| `rate_limited`     | HTTP 429 (check `err.retryAfterMs`)                     |
+| `bad_request`      | HTTP 4xx (other than 401/403/429)                       |
+| `server_error`     | HTTP 5xx                                                |
+| `timeout`          | `timeoutMs` exceeded                                    |
+| `network`          | DNS / connection failure, fetch threw                   |
+| `bad_response`     | non-JSON body or missing required fields                |
+
+Every `AtlaSentError` carries `err.requestId` — the UUID the SDK sent as `X-Request-ID`, correlatable in your server logs.
+
+## Design choices
+
+- **Fail-closed.** A clean `DENY` is returned so your code explicitly handles it; every other failure throws, so no action proceeds silently.
+- **Native `fetch` only.** No axios, no polyfills. Node 20+ has everything we need.
+- **Zero runtime dependencies.** Strongly typed via plain TS interfaces.
+- **Bearer-token auth.** `Authorization: Bearer <apiKey>` so request-body logs never capture the key. (The SDK also includes `api_key` in the body for wire compat with the current policy engine; that will be removed once the server drops body-based auth.)
+
+## Requirements
+
+- Node.js **20** or newer (native `fetch`, `AbortSignal.timeout`, `crypto.randomUUID`).
+- TypeScript **5.0+** for best type-inference ergonomics (older is fine — types are plain interfaces).
+
+## Related
+
+- **Python SDK:** same repo, [`../python/`](../python/README.md). Wire-compatible.
+
+## License
+
+Apache-2.0 — see [LICENSE](./LICENSE).

package/dist/behavior.cjs

@@ -0,0 +1,175 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/behavior.ts
+var behavior_exports = {};
+__export(behavior_exports, {
+  ConsentDeniedError: () => ConsentDeniedError,
+  ConsentManager: () => ConsentManager,
+  DEFAULT_CONSENT: () => DEFAULT_CONSENT,
+  InMemoryBehaviorLedger: () => InMemoryBehaviorLedger,
+  MemoryStorage: () => MemoryStorage,
+  SENSITIVE_CATEGORIES: () => SENSITIVE_CATEGORIES,
+  StateEventCache: () => StateEventCache,
+  redactStateSnapshot: () => redactStateSnapshot
+});
+module.exports = __toCommonJS(behavior_exports);
+var SENSITIVE_CATEGORIES = [
+  "behavior.health.mental",
+  "behavior.health.adherence",
+  "behavior.financial",
+  "behavior.minor"
+];
+var DEFAULT_CONSENT = Object.freeze({
+  share_state_summaries: false,
+  private_only_mode: false
+});
+var MemoryStorage = class {
+  store = /* @__PURE__ */ new Map();
+  get(key) {
+    return this.store.get(key) ?? null;
+  }
+  set(key, value) {
+    this.store.set(key, value);
+  }
+};
+var ConsentManager = class {
+  key;
+  storage;
+  defaults;
+  constructor(opts) {
+    this.key = `atlasent.behavior.consent.${opts.userId}`;
+    this.storage = opts.storage ?? new MemoryStorage();
+    this.defaults = opts.defaults ?? DEFAULT_CONSENT;
+  }
+  get() {
+    const raw = this.storage.get(this.key);
+    if (!raw) return { ...this.defaults };
+    try {
+      const parsed = JSON.parse(raw);
+      return { ...this.defaults, ...parsed };
+    } catch {
+      return { ...this.defaults };
+    }
+  }
+  set(patch) {
+    const next = { ...this.get(), ...patch };
+    this.storage.set(this.key, JSON.stringify(next));
+    return next;
+  }
+  /**
+   * The single decision point: may we emit a `BehaviorEvent` for
+   * this `category` to this `receiver`? Returns `false` whenever
+   * any of the following is true:
+   *
+   * - `private_only_mode` is on.
+   * - `share_state_summaries` is off.
+   * - A `receivers` allowlist exists and the `(receiver, category)`
+   *   pair is not in it.
+   */
+  canEmit(receiver, category) {
+    const c = this.get();
+    if (c.private_only_mode) return false;
+    if (!c.share_state_summaries) return false;
+    if (c.receivers) {
+      const allowed = c.receivers[receiver] ?? [];
+      if (!allowed.includes(category)) return false;
+    }
+    return true;
+  }
+};
+function redactStateSnapshot(s) {
+  return {
+    emotional_state: s.emotional_state,
+    intensity: s.intensity,
+    stress_level: s.stress_level,
+    pressure_level: s.pressure_level,
+    body_state: s.body_state,
+    cognitive_load: s.cognitive_load,
+    readiness_level: s.readiness_level
+  };
+}
+var ConsentDeniedError = class extends Error {
+  constructor(receiver, category) {
+    super(
+      `Consent denies emit to receiver=${receiver} category=${category}`
+    );
+    this.receiver = receiver;
+    this.category = category;
+    this.name = "ConsentDeniedError";
+  }
+  receiver;
+  category;
+  code = "consent_denied";
+};
+var InMemoryBehaviorLedger = class {
+  constructor(opts) {
+    this.opts = opts;
+  }
+  opts;
+  events = [];
+  async emit(event) {
+    const receiver = this.opts.receiver ?? "in-memory";
+    if (!this.opts.consent.canEmit(receiver, event.category)) {
+      throw new ConsentDeniedError(receiver, event.category);
+    }
+    this.events.push(event);
+  }
+  /** Read all events accepted so far. Test/demo helper. */
+  list() {
+    return [...this.events];
+  }
+  /** Clear the in-memory store. Test helper. */
+  clear() {
+    this.events.length = 0;
+  }
+};
+var StateEventCache = class {
+  constructor(capacity = 10) {
+    this.capacity = capacity;
+    if (capacity <= 0) {
+      throw new RangeError("capacity must be > 0");
+    }
+  }
+  capacity;
+  buf = [];
+  add(summary) {
+    this.buf.push(summary);
+    if (this.buf.length > this.capacity) this.buf.shift();
+  }
+  recent(n) {
+    const k = n ?? this.buf.length;
+    return this.buf.slice(-k);
+  }
+  clear() {
+    this.buf.length = 0;
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ConsentDeniedError,
+  ConsentManager,
+  DEFAULT_CONSENT,
+  InMemoryBehaviorLedger,
+  MemoryStorage,
+  SENSITIVE_CATEGORIES,
+  StateEventCache,
+  redactStateSnapshot
+});
+//# sourceMappingURL=behavior.cjs.map

package/dist/behavior.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/behavior.ts"],"sourcesContent":["/**\n * @atlasent/sdk/behavior — consent + redaction helpers for the v2\n * Behavior Conditioning Layer.\n *\n * See `atlasent-docs/docs/V2_BEHAVIOR_CONDITIONING_LAYER.md` for the\n * architecture this module implements.\n *\n * Quick start:\n *\n * ```ts\n * import {\n *   ConsentManager,\n *   InMemoryBehaviorLedger,\n *   redactStateSnapshot,\n *   type StateSnapshot,\n * } from \"@atlasent/sdk/behavior\";\n *\n * const consent = new ConsentManager({ userId: \"u_123\" });\n * const ledger = new InMemoryBehaviorLedger();\n *\n * const snapshot: StateSnapshot = { ... };\n * const summary = redactStateSnapshot(snapshot);\n *\n * if (consent.canEmit(\"ledgers-me\", \"behavior.health.mental\")) {\n *   await ledger.emit({\n *     user_id: snapshot.user_id,\n *     source: \"hicoach\",\n *     category: \"behavior.health.mental\",\n *     entry_state_summary: summary,\n *     exit_state_summary: null,\n *     relief_delta: null,\n *     confidence_score: 1,\n *     timestamp: new Date().toISOString(),\n *   });\n * }\n * ```\n *\n * The MVP is pure and on-device — no HTTP calls. A future\n * `RemoteBehaviorLedger` will POST to `/v1/behavior/events` once\n * the atlasent-api endpoint ships.\n */\n\n// ---------------------------------------------------------------------------\n// Sensitive-category vocabulary\n// ---------------------------------------------------------------------------\n\n/**\n * Sensitive-category slugs used by behavior policies. Keep in sync\n * with `gxp-starter/packs/hipaa/` rules and\n * `atlasent-api`'s `target.category` field.\n */\nexport type SensitiveCategory =\n  | \"behavior.health.mental\"\n  | \"behavior.health.adherence\"\n  | \"behavior.financial\"\n  | \"behavior.minor\";\n\nexport const SENSITIVE_CATEGORIES: readonly SensitiveCategory[] = [\n  \"behavior.health.mental\",\n  \"behavior.health.adherence\",\n  \"behavior.financial\",\n  \"behavior.minor\",\n] as const;\n\n// ---------------------------------------------------------------------------\n// Domain types — mirror the model in `bettyc925/hicoach/lib/hicoach/types.ts`.\n// ---------------------------------------------------------------------------\n\nexport type EmotionalState =\n  | \"tense\"\n  | \"anxious\"\n  | \"overwhelmed\"\n  | \"flat\"\n  | \"frustrated\"\n  | \"uncertain\"\n  | \"tired\"\n  | \"okay\";\n\nexport type BodyState =\n  | \"tight\"\n  | \"heavy\"\n  | \"restless\"\n  | \"numb\"\n  | \"buzzing\"\n  | \"settled\";\n\nexport type ReadinessLevel = \"low\" | \"medium\" | \"high\";\n\n/**\n * A single moment captured before/after a regulation session.\n *\n * This is the **on-device** shape with all raw fields. It is never\n * emitted to a ledger; only the {@link StateEventSummary} projection\n * crosses an app boundary.\n */\nexport interface StateSnapshot {\n  id: string;\n  user_id: string;\n  emotional_state: EmotionalState;\n  /** 0..10 */\n  intensity: number;\n  /** 0..10 */\n  stress_level: number;\n  /** 0..10 */\n  pressure_level: number;\n  body_state: BodyState;\n  /** 0..10 */\n  cognitive_load: number;\n  readiness_level: ReadinessLevel;\n  /** 0..1 — how sure the user feels about the rating */\n  confidence_score: number;\n  /** ISO 8601 */\n  created_at: string;\n  /** Optional free-form note. NEVER part of the redacted summary. */\n  note?: string;\n}\n\n/**\n * Redacted summary projection — the only shape that crosses an app\n * boundary. Contains no raw text, no IDs, no timestamps.\n */\nexport interface StateEventSummary {\n  emotional_state: EmotionalState;\n  intensity: number;\n  stress_level: number;\n  pressure_level: number;\n  body_state: BodyState;\n  cognitive_load: number;\n  readiness_level: ReadinessLevel;\n}\n\n/**\n * A behavior event written to the cross-app ledger (LedgersMe).\n * The atlasent-api `/v1/behavior/events` endpoint accepts this shape.\n */\nexport interface BehaviorEvent {\n  user_id: string;\n  source: \"hicoach\" | \"echobloom\" | \"ledgers-me\" | string;\n  category: SensitiveCategory;\n  entry_state_summary: StateEventSummary;\n  exit_state_summary: StateEventSummary | null;\n  relief_delta: number | null;\n  /** 0..1 */\n  confidence_score: number;\n  /** ISO 8601 */\n  timestamp: string;\n  /** Optional list of safety signals that fired during the event. Never raw text. */\n  safety_signals?: string[];\n}\n\n// ---------------------------------------------------------------------------\n// Consent\n// ---------------------------------------------------------------------------\n\n/**\n * Per-user consent settings. Privacy-first defaults: nothing leaves\n * the device unless the user explicitly opts in.\n */\nexport interface ConsentSettings {\n  /** Default false. Opt-in to emit summaries to the ledger. */\n  share_state_summaries: boolean;\n  /**\n   * Default false. When true, suppresses ALL outbound emissions\n   * regardless of any other setting. Acts as a global circuit\n   * breaker.\n   */\n  private_only_mode: boolean;\n  /**\n   * Optional per-receiver allowlist. When non-empty, an event is\n   * only emitted to a receiver whose name appears here AND for a\n   * category whose slug appears in the receiver's allowed set.\n   *\n   * Example:\n   * ```ts\n   * { \"ledgers-me\": [\"behavior.health.mental\"] }\n   * ```\n   */\n  receivers?: Record<string, SensitiveCategory[]>;\n}\n\nexport const DEFAULT_CONSENT: ConsentSettings = Object.freeze({\n  share_state_summaries: false,\n  private_only_mode: false,\n});\n\n/**\n * Storage abstraction so the helper works in browser\n * (`window.localStorage`), Node, and tests.\n */\nexport interface ConsentStorage {\n  get(key: string): string | null;\n  set(key: string, value: string): void;\n}\n\n/**\n * Default in-memory storage (for Node + tests). In a browser, pass\n * `window.localStorage`.\n */\nexport class MemoryStorage implements ConsentStorage {\n  private store = new Map<string, string>();\n  get(key: string): string | null {\n    return this.store.get(key) ?? null;\n  }\n  set(key: string, value: string): void {\n    this.store.set(key, value);\n  }\n}\n\nexport interface ConsentManagerOpts {\n  userId: string;\n  /** Defaults to {@link MemoryStorage}. Pass `localStorage` in browsers. */\n  storage?: ConsentStorage;\n  /** Defaults to {@link DEFAULT_CONSENT}. */\n  defaults?: ConsentSettings;\n}\n\n/**\n * Read/write consent settings; gate emissions through `canEmit`.\n *\n * Apps NEVER hand-roll consent checks. This is the only correct way\n * to decide whether a `BehaviorEvent` may leave the device.\n */\nexport class ConsentManager {\n  private readonly key: string;\n  private readonly storage: ConsentStorage;\n  private readonly defaults: ConsentSettings;\n\n  constructor(opts: ConsentManagerOpts) {\n    this.key = `atlasent.behavior.consent.${opts.userId}`;\n    this.storage = opts.storage ?? new MemoryStorage();\n    this.defaults = opts.defaults ?? DEFAULT_CONSENT;\n  }\n\n  get(): ConsentSettings {\n    const raw = this.storage.get(this.key);\n    if (!raw) return { ...this.defaults };\n    try {\n      const parsed = JSON.parse(raw) as Partial<ConsentSettings>;\n      return { ...this.defaults, ...parsed };\n    } catch {\n      return { ...this.defaults };\n    }\n  }\n\n  set(patch: Partial<ConsentSettings>): ConsentSettings {\n    const next = { ...this.get(), ...patch };\n    this.storage.set(this.key, JSON.stringify(next));\n    return next;\n  }\n\n  /**\n   * The single decision point: may we emit a `BehaviorEvent` for\n   * this `category` to this `receiver`? Returns `false` whenever\n   * any of the following is true:\n   *\n   * - `private_only_mode` is on.\n   * - `share_state_summaries` is off.\n   * - A `receivers` allowlist exists and the `(receiver, category)`\n   *   pair is not in it.\n   */\n  canEmit(receiver: string, category: SensitiveCategory): boolean {\n    const c = this.get();\n    if (c.private_only_mode) return false;\n    if (!c.share_state_summaries) return false;\n    if (c.receivers) {\n      const allowed = c.receivers[receiver] ?? [];\n      if (!allowed.includes(category)) return false;\n    }\n    return true;\n  }\n}\n\n// ---------------------------------------------------------------------------\n// Redaction\n// ---------------------------------------------------------------------------\n\n/**\n * Project a {@link StateSnapshot} down to the redacted\n * {@link StateEventSummary} shape. Drops `id`, `user_id`,\n * `created_at`, `confidence_score`, and any `note` field. The\n * remaining fields are bounded numeric ranges or closed enums and\n * carry no free-form text.\n */\nexport function redactStateSnapshot(s: StateSnapshot): StateEventSummary {\n  return {\n    emotional_state: s.emotional_state,\n    intensity: s.intensity,\n    stress_level: s.stress_level,\n    pressure_level: s.pressure_level,\n    body_state: s.body_state,\n    cognitive_load: s.cognitive_load,\n    readiness_level: s.readiness_level,\n  };\n}\n\n// ---------------------------------------------------------------------------\n// Ledger\n// ---------------------------------------------------------------------------\n\nexport interface BehaviorLedger {\n  /**\n   * Emit a behavior event. Implementations MUST validate `consent`\n   * before persisting and throw `ConsentDeniedError` when an event\n   * would be persisted in violation of the user's settings.\n   */\n  emit(event: BehaviorEvent): Promise<void>;\n}\n\nexport class ConsentDeniedError extends Error {\n  readonly code = \"consent_denied\" as const;\n  constructor(\n    public readonly receiver: string,\n    public readonly category: SensitiveCategory,\n  ) {\n    super(\n      `Consent denies emit to receiver=${receiver} category=${category}`,\n    );\n    this.name = \"ConsentDeniedError\";\n  }\n}\n\n/**\n * On-device ledger for development and demos. A future\n * `RemoteBehaviorLedger` will POST to atlasent-api's\n * `/v1/behavior/events` once that endpoint ships.\n */\nexport class InMemoryBehaviorLedger implements BehaviorLedger {\n  private readonly events: BehaviorEvent[] = [];\n  constructor(\n    private readonly opts: {\n      consent: ConsentManager;\n      receiver?: string;\n    },\n  ) {}\n\n  async emit(event: BehaviorEvent): Promise<void> {\n    const receiver = this.opts.receiver ?? \"in-memory\";\n    if (!this.opts.consent.canEmit(receiver, event.category)) {\n      throw new ConsentDeniedError(receiver, event.category);\n    }\n    this.events.push(event);\n  }\n\n  /** Read all events accepted so far. Test/demo helper. */\n  list(): readonly BehaviorEvent[] {\n    return [...this.events];\n  }\n\n  /** Clear the in-memory store. Test helper. */\n  clear(): void {\n    this.events.length = 0;\n  }\n}\n\n// ---------------------------------------------------------------------------\n// State-event cache (for biasing AI suggestions with recent context)\n// ---------------------------------------------------------------------------\n\n/**\n * Bounded in-memory ring buffer of recent {@link StateEventSummary}\n * values. The LangChain/LlamaIndex middleware (and similar wrappers)\n * read this to attach `context.session_history` to evaluate calls\n * without ever touching raw snapshots.\n */\nexport class StateEventCache {\n  private readonly buf: StateEventSummary[] = [];\n  constructor(private readonly capacity: number = 10) {\n    if (capacity <= 0) {\n      throw new RangeError(\"capacity must be > 0\");\n    }\n  }\n\n  add(summary: StateEventSummary): void {\n    this.buf.push(summary);\n    if (this.buf.length > this.capacity) this.buf.shift();\n  }\n\n  recent(n?: number): readonly StateEventSummary[] {\n    const k = n ?? this.buf.length;\n    return this.buf.slice(-k);\n  }\n\n  clear(): void {\n    this.buf.length = 0;\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAyDO,IAAM,uBAAqD;AAAA,EAChE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAsHO,IAAM,kBAAmC,OAAO,OAAO;AAAA,EAC5D,uBAAuB;AAAA,EACvB,mBAAmB;AACrB,CAAC;AAeM,IAAM,gBAAN,MAA8C;AAAA,EAC3C,QAAQ,oBAAI,IAAoB;AAAA,EACxC,IAAI,KAA4B;AAC9B,WAAO,KAAK,MAAM,IAAI,GAAG,KAAK;AAAA,EAChC;AAAA,EACA,IAAI,KAAa,OAAqB;AACpC,SAAK,MAAM,IAAI,KAAK,KAAK;AAAA,EAC3B;AACF;AAgBO,IAAM,iBAAN,MAAqB;AAAA,EACT;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,MAA0B;AACpC,SAAK,MAAM,6BAA6B,KAAK,MAAM;AACnD,SAAK,UAAU,KAAK,WAAW,IAAI,cAAc;AACjD,SAAK,WAAW,KAAK,YAAY;AAAA,EACnC;AAAA,EAEA,MAAuB;AACrB,UAAM,MAAM,KAAK,QAAQ,IAAI,KAAK,GAAG;AACrC,QAAI,CAAC,IAAK,QAAO,EAAE,GAAG,KAAK,SAAS;AACpC,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,aAAO,EAAE,GAAG,KAAK,UAAU,GAAG,OAAO;AAAA,IACvC,QAAQ;AACN,aAAO,EAAE,GAAG,KAAK,SAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,IAAI,OAAkD;AACpD,UAAM,OAAO,EAAE,GAAG,KAAK,IAAI,GAAG,GAAG,MAAM;AACvC,SAAK,QAAQ,IAAI,KAAK,KAAK,KAAK,UAAU,IAAI,CAAC;AAC/C,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,QAAQ,UAAkB,UAAsC;AAC9D,UAAM,IAAI,KAAK,IAAI;AACnB,QAAI,EAAE,kBAAmB,QAAO;AAChC,QAAI,CAAC,EAAE,sBAAuB,QAAO;AACrC,QAAI,EAAE,WAAW;AACf,YAAM,UAAU,EAAE,UAAU,QAAQ,KAAK,CAAC;AAC1C,UAAI,CAAC,QAAQ,SAAS,QAAQ,EAAG,QAAO;AAAA,IAC1C;AACA,WAAO;AAAA,EACT;AACF;AAaO,SAAS,oBAAoB,GAAqC;AACvE,SAAO;AAAA,IACL,iBAAiB,EAAE;AAAA,IACnB,WAAW,EAAE;AAAA,IACb,cAAc,EAAE;AAAA,IAChB,gBAAgB,EAAE;AAAA,IAClB,YAAY,EAAE;AAAA,IACd,gBAAgB,EAAE;AAAA,IAClB,iBAAiB,EAAE;AAAA,EACrB;AACF;AAeO,IAAM,qBAAN,cAAiC,MAAM;AAAA,EAE5C,YACkB,UACA,UAChB;AACA;AAAA,MACE,mCAAmC,QAAQ,aAAa,QAAQ;AAAA,IAClE;AALgB;AACA;AAKhB,SAAK,OAAO;AAAA,EACd;AAAA,EAPkB;AAAA,EACA;AAAA,EAHT,OAAO;AAUlB;AAOO,IAAM,yBAAN,MAAuD;AAAA,EAE5D,YACmB,MAIjB;AAJiB;AAAA,EAIhB;AAAA,EAJgB;AAAA,EAFF,SAA0B,CAAC;AAAA,EAQ5C,MAAM,KAAK,OAAqC;AAC9C,UAAM,WAAW,KAAK,KAAK,YAAY;AACvC,QAAI,CAAC,KAAK,KAAK,QAAQ,QAAQ,UAAU,MAAM,QAAQ,GAAG;AACxD,YAAM,IAAI,mBAAmB,UAAU,MAAM,QAAQ;AAAA,IACvD;AACA,SAAK,OAAO,KAAK,KAAK;AAAA,EACxB;AAAA;AAAA,EAGA,OAAiC;AAC/B,WAAO,CAAC,GAAG,KAAK,MAAM;AAAA,EACxB;AAAA;AAAA,EAGA,QAAc;AACZ,SAAK,OAAO,SAAS;AAAA,EACvB;AACF;AAYO,IAAM,kBAAN,MAAsB;AAAA,EAE3B,YAA6B,WAAmB,IAAI;AAAvB;AAC3B,QAAI,YAAY,GAAG;AACjB,YAAM,IAAI,WAAW,sBAAsB;AAAA,IAC7C;AAAA,EACF;AAAA,EAJ6B;AAAA,EADZ,MAA2B,CAAC;AAAA,EAO7C,IAAI,SAAkC;AACpC,SAAK,IAAI,KAAK,OAAO;AACrB,QAAI,KAAK,IAAI,SAAS,KAAK,SAAU,MAAK,IAAI,MAAM;AAAA,EACtD;AAAA,EAEA,OAAO,GAA0C;AAC/C,UAAM,IAAI,KAAK,KAAK,IAAI;AACxB,WAAO,KAAK,IAAI,MAAM,CAAC,CAAC;AAAA,EAC1B;AAAA,EAEA,QAAc;AACZ,SAAK,IAAI,SAAS;AAAA,EACpB;AACF;","names":[]}