@attested-intelligence/aga-mcp-server 2.0.1 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +197 -124
- package/SECURITY.md +59 -0
- package/dist/adapters/openclaw.d.ts +43 -0
- package/dist/adapters/openclaw.d.ts.map +1 -0
- package/dist/adapters/openclaw.js +86 -0
- package/dist/adapters/openclaw.js.map +1 -0
- package/dist/core/bundle.d.ts +9 -2
- package/dist/core/bundle.d.ts.map +1 -1
- package/dist/core/bundle.js +16 -2
- package/dist/core/bundle.js.map +1 -1
- package/dist/core/identity.d.ts +19 -10
- package/dist/core/identity.d.ts.map +1 -1
- package/dist/core/identity.js +45 -11
- package/dist/core/identity.js.map +1 -1
- package/dist/core/portal.d.ts +10 -1
- package/dist/core/portal.d.ts.map +1 -1
- package/dist/core/portal.js +16 -12
- package/dist/core/portal.js.map +1 -1
- package/dist/core/types.d.ts +29 -2
- package/dist/core/types.d.ts.map +1 -1
- package/dist/crypto/index.d.ts +5 -6
- package/dist/crypto/index.d.ts.map +1 -1
- package/dist/crypto/index.js +5 -6
- package/dist/crypto/index.js.map +1 -1
- package/dist/crypto/sign.d.ts +2 -0
- package/dist/crypto/sign.d.ts.map +1 -1
- package/dist/crypto/sign.js +6 -0
- package/dist/crypto/sign.js.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/middleware/governance.d.ts +7 -1
- package/dist/middleware/governance.d.ts.map +1 -1
- package/dist/middleware/governance.js +18 -11
- package/dist/middleware/governance.js.map +1 -1
- package/dist/proxy/evaluator.d.ts +14 -0
- package/dist/proxy/evaluator.d.ts.map +1 -0
- package/dist/proxy/evaluator.js +141 -0
- package/dist/proxy/evaluator.js.map +1 -0
- package/dist/proxy/index.d.ts +22 -0
- package/dist/proxy/index.d.ts.map +1 -0
- package/dist/proxy/index.js +230 -0
- package/dist/proxy/index.js.map +1 -0
- package/dist/proxy/profiles.d.ts +16 -0
- package/dist/proxy/profiles.d.ts.map +1 -0
- package/dist/proxy/profiles.js +43 -0
- package/dist/proxy/profiles.js.map +1 -0
- package/dist/proxy/server.d.ts +106 -0
- package/dist/proxy/server.d.ts.map +1 -0
- package/dist/proxy/server.js +389 -0
- package/dist/proxy/server.js.map +1 -0
- package/dist/proxy/stdio-bridge.d.ts +42 -0
- package/dist/proxy/stdio-bridge.d.ts.map +1 -0
- package/dist/proxy/stdio-bridge.js +142 -0
- package/dist/proxy/stdio-bridge.js.map +1 -0
- package/dist/proxy/types.d.ts +36 -0
- package/dist/proxy/types.d.ts.map +1 -0
- package/dist/proxy/types.js +11 -0
- package/dist/proxy/types.js.map +1 -0
- package/dist/proxy/verify.d.ts +29 -0
- package/dist/proxy/verify.d.ts.map +1 -0
- package/dist/proxy/verify.js +183 -0
- package/dist/proxy/verify.js.map +1 -0
- package/dist/server.d.ts +7 -3
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +342 -214
- package/dist/server.js.map +1 -1
- package/dist/storage/sqlite.js +6 -6
- package/independent-verifier/README.md +31 -0
- package/independent-verifier/package.json +18 -0
- package/independent-verifier/verify.ts +211 -0
- package/package.json +97 -71
- package/src/adapters/openclaw.ts +125 -0
- package/src/core/artifact.ts +45 -0
- package/src/core/attestation.ts +33 -0
- package/src/core/behavioral.ts +132 -0
- package/src/core/bundle.ts +45 -0
- package/src/core/chain.ts +72 -0
- package/src/core/checkpoint.ts +22 -0
- package/src/core/delegation.ts +146 -0
- package/src/core/disclosure.ts +32 -0
- package/src/core/identity.ts +62 -0
- package/src/core/index.ts +14 -0
- package/src/core/portal.ts +117 -0
- package/src/core/quarantine.ts +16 -0
- package/src/core/receipt.ts +33 -0
- package/src/core/subject.ts +11 -0
- package/src/core/types.ts +285 -0
- package/src/crypto/hash.ts +33 -0
- package/src/crypto/index.ts +5 -0
- package/src/crypto/merkle.ts +43 -0
- package/src/crypto/salt.ts +18 -0
- package/src/crypto/sign.ts +42 -0
- package/src/crypto/types.ts +19 -0
- package/src/index.ts +12 -0
- package/src/middleware/governance.ts +95 -0
- package/src/middleware/index.ts +1 -0
- package/src/proxy/evaluator.ts +176 -0
- package/src/proxy/index.ts +259 -0
- package/src/proxy/profiles.ts +48 -0
- package/src/proxy/server.ts +499 -0
- package/src/proxy/stdio-bridge.ts +171 -0
- package/src/proxy/types.ts +40 -0
- package/src/proxy/verify.ts +202 -0
- package/src/server.ts +435 -0
- package/src/storage/index.ts +3 -0
- package/src/storage/interface.ts +21 -0
- package/src/storage/memory.ts +27 -0
- package/src/storage/sqlite.ts +45 -0
- package/src/tools/README.md +13 -0
- package/src/utils/canonical.ts +14 -0
- package/src/utils/constants.ts +3 -0
- package/src/utils/timestamp.ts +12 -0
- package/src/utils/uuid.ts +2 -0
- package/dist/context.d.ts +0 -39
- package/dist/context.d.ts.map +0 -1
- package/dist/context.js +0 -113
- package/dist/context.js.map +0 -1
- package/dist/core/measurement.d.ts +0 -16
- package/dist/core/measurement.d.ts.map +0 -1
- package/dist/core/measurement.js +0 -18
- package/dist/core/measurement.js.map +0 -1
- package/dist/crypto/canonicalize.d.ts +0 -7
- package/dist/crypto/canonicalize.d.ts.map +0 -1
- package/dist/crypto/canonicalize.js +0 -21
- package/dist/crypto/canonicalize.js.map +0 -1
- package/dist/crypto/keys.d.ts +0 -10
- package/dist/crypto/keys.d.ts.map +0 -1
- package/dist/crypto/keys.js +0 -19
- package/dist/crypto/keys.js.map +0 -1
- package/dist/prompts/drift-analysis.d.ts +0 -13
- package/dist/prompts/drift-analysis.d.ts.map +0 -1
- package/dist/prompts/drift-analysis.js +0 -43
- package/dist/prompts/drift-analysis.js.map +0 -1
- package/dist/prompts/governance-report.d.ts +0 -7
- package/dist/prompts/governance-report.d.ts.map +0 -1
- package/dist/prompts/governance-report.js +0 -26
- package/dist/prompts/governance-report.js.map +0 -1
- package/dist/prompts/nccoe-demo.d.ts +0 -14
- package/dist/prompts/nccoe-demo.d.ts.map +0 -1
- package/dist/prompts/nccoe-demo.js +0 -47
- package/dist/prompts/nccoe-demo.js.map +0 -1
- package/dist/resources/cosai-mapping.d.ts +0 -24
- package/dist/resources/cosai-mapping.d.ts.map +0 -1
- package/dist/resources/cosai-mapping.js +0 -127
- package/dist/resources/cosai-mapping.js.map +0 -1
- package/dist/resources/crypto-primitives.d.ts +0 -3
- package/dist/resources/crypto-primitives.d.ts.map +0 -1
- package/dist/resources/crypto-primitives.js +0 -52
- package/dist/resources/crypto-primitives.js.map +0 -1
- package/dist/resources/sample-bundle.d.ts +0 -6
- package/dist/resources/sample-bundle.d.ts.map +0 -1
- package/dist/resources/sample-bundle.js +0 -58
- package/dist/resources/sample-bundle.js.map +0 -1
- package/dist/resources/specification.d.ts +0 -3
- package/dist/resources/specification.d.ts.map +0 -1
- package/dist/resources/specification.js +0 -161
- package/dist/resources/specification.js.map +0 -1
- package/dist/tools/create-artifact.d.ts +0 -25
- package/dist/tools/create-artifact.d.ts.map +0 -1
- package/dist/tools/create-artifact.js +0 -85
- package/dist/tools/create-artifact.js.map +0 -1
- package/dist/tools/delegate-subagent.d.ts +0 -18
- package/dist/tools/delegate-subagent.d.ts.map +0 -1
- package/dist/tools/delegate-subagent.js +0 -50
- package/dist/tools/delegate-subagent.js.map +0 -1
- package/dist/tools/disclose-claim.d.ts +0 -14
- package/dist/tools/disclose-claim.d.ts.map +0 -1
- package/dist/tools/disclose-claim.js +0 -23
- package/dist/tools/disclose-claim.js.map +0 -1
- package/dist/tools/export-bundle.d.ts +0 -8
- package/dist/tools/export-bundle.d.ts.map +0 -1
- package/dist/tools/export-bundle.js +0 -25
- package/dist/tools/export-bundle.js.map +0 -1
- package/dist/tools/full-lifecycle.d.ts +0 -16
- package/dist/tools/full-lifecycle.d.ts.map +0 -1
- package/dist/tools/full-lifecycle.js +0 -121
- package/dist/tools/full-lifecycle.js.map +0 -1
- package/dist/tools/generate-receipt.d.ts +0 -16
- package/dist/tools/generate-receipt.d.ts.map +0 -1
- package/dist/tools/generate-receipt.js +0 -31
- package/dist/tools/generate-receipt.js.map +0 -1
- package/dist/tools/get-chain.d.ts +0 -14
- package/dist/tools/get-chain.d.ts.map +0 -1
- package/dist/tools/get-chain.js +0 -45
- package/dist/tools/get-chain.js.map +0 -1
- package/dist/tools/get-portal-state.d.ts +0 -8
- package/dist/tools/get-portal-state.d.ts.map +0 -1
- package/dist/tools/get-portal-state.js +0 -15
- package/dist/tools/get-portal-state.js.map +0 -1
- package/dist/tools/init-chain.d.ts +0 -10
- package/dist/tools/init-chain.d.ts.map +0 -1
- package/dist/tools/init-chain.js +0 -13
- package/dist/tools/init-chain.js.map +0 -1
- package/dist/tools/measure-behavior.d.ts +0 -12
- package/dist/tools/measure-behavior.d.ts.map +0 -1
- package/dist/tools/measure-behavior.js +0 -29
- package/dist/tools/measure-behavior.js.map +0 -1
- package/dist/tools/measure-subject.d.ts +0 -15
- package/dist/tools/measure-subject.d.ts.map +0 -1
- package/dist/tools/measure-subject.js +0 -106
- package/dist/tools/measure-subject.js.map +0 -1
- package/dist/tools/quarantine-status.d.ts +0 -8
- package/dist/tools/quarantine-status.d.ts.map +0 -1
- package/dist/tools/quarantine-status.js +0 -16
- package/dist/tools/quarantine-status.js.map +0 -1
- package/dist/tools/revoke-artifact.d.ts +0 -13
- package/dist/tools/revoke-artifact.d.ts.map +0 -1
- package/dist/tools/revoke-artifact.js +0 -24
- package/dist/tools/revoke-artifact.js.map +0 -1
- package/dist/tools/rotate-keys.d.ts +0 -13
- package/dist/tools/rotate-keys.d.ts.map +0 -1
- package/dist/tools/rotate-keys.js +0 -39
- package/dist/tools/rotate-keys.js.map +0 -1
- package/dist/tools/server-info.d.ts +0 -8
- package/dist/tools/server-info.d.ts.map +0 -1
- package/dist/tools/server-info.js +0 -23
- package/dist/tools/server-info.js.map +0 -1
- package/dist/tools/set-verification-tier.d.ts +0 -11
- package/dist/tools/set-verification-tier.d.ts.map +0 -1
- package/dist/tools/set-verification-tier.js +0 -31
- package/dist/tools/set-verification-tier.js.map +0 -1
- package/dist/tools/start-monitoring.d.ts +0 -12
- package/dist/tools/start-monitoring.d.ts.map +0 -1
- package/dist/tools/start-monitoring.js +0 -17
- package/dist/tools/start-monitoring.js.map +0 -1
- package/dist/tools/trigger-measurement.d.ts +0 -15
- package/dist/tools/trigger-measurement.d.ts.map +0 -1
- package/dist/tools/trigger-measurement.js +0 -86
- package/dist/tools/trigger-measurement.js.map +0 -1
- package/dist/tools/verify-artifact.d.ts +0 -13
- package/dist/tools/verify-artifact.d.ts.map +0 -1
- package/dist/tools/verify-artifact.js +0 -6
- package/dist/tools/verify-artifact.js.map +0 -1
- package/dist/tools/verify-bundle.d.ts +0 -13
- package/dist/tools/verify-bundle.d.ts.map +0 -1
- package/dist/tools/verify-bundle.js +0 -6
- package/dist/tools/verify-bundle.js.map +0 -1
- package/dist/types.d.ts +0 -261
- package/dist/types.d.ts.map +0 -1
- package/dist/types.js +0 -8
- package/dist/types.js.map +0 -1
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
export interface DelegateSubagentArgs {
|
|
3
|
-
sub_agent_id?: string;
|
|
4
|
-
permitted_tools?: string[];
|
|
5
|
-
ttl_seconds?: number;
|
|
6
|
-
delegation_reason?: string;
|
|
7
|
-
enforcement_triggers?: string[];
|
|
8
|
-
measurement_types?: string[];
|
|
9
|
-
requested_ttl_seconds?: number;
|
|
10
|
-
delegation_purpose?: string;
|
|
11
|
-
}
|
|
12
|
-
export declare function handleDelegateSubagent(args: DelegateSubagentArgs, ctx: ServerContext): Promise<{
|
|
13
|
-
content: Array<{
|
|
14
|
-
type: "text";
|
|
15
|
-
text: string;
|
|
16
|
-
}>;
|
|
17
|
-
}>;
|
|
18
|
-
//# sourceMappingURL=delegate-subagent.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"delegate-subagent.d.ts","sourceRoot":"","sources":["../../src/tools/delegate-subagent.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAInD,MAAM,WAAW,oBAAoB;IAEnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,wBAAsB,sBAAsB,CAAC,IAAI,EAAE,oBAAoB,EAAE,GAAG,EAAE,aAAa;;;;;GAmD1F"}
|
|
@@ -1,50 +0,0 @@
|
|
|
1
|
-
import { deriveArtifact } from '../core/delegation.js';
|
|
2
|
-
import { utcNow } from '../utils/timestamp.js';
|
|
3
|
-
export async function handleDelegateSubagent(args, ctx) {
|
|
4
|
-
if (!ctx.portal.artifact)
|
|
5
|
-
return ctx.error('No artifact loaded. Call aga_create_artifact first.');
|
|
6
|
-
// Resolve parameters (support both V1 and V2 naming)
|
|
7
|
-
const triggers = args.enforcement_triggers
|
|
8
|
-
?? ctx.portal.artifact.enforcement_parameters.enforcement_triggers.map(String);
|
|
9
|
-
const types = args.measurement_types
|
|
10
|
-
?? ctx.portal.artifact.enforcement_parameters.measurement_types.map(String);
|
|
11
|
-
const ttl = args.ttl_seconds ?? args.requested_ttl_seconds ?? 1800;
|
|
12
|
-
const purpose = args.delegation_reason ?? args.delegation_purpose ?? 'Sub-agent delegation';
|
|
13
|
-
const subAgentId = args.sub_agent_id ?? 'sub-agent';
|
|
14
|
-
// If permitted_tools provided, validate against behavioral baseline
|
|
15
|
-
const permittedTools = args.permitted_tools;
|
|
16
|
-
const result = deriveArtifact(ctx.portal.artifact, {
|
|
17
|
-
enforcement_triggers: triggers,
|
|
18
|
-
measurement_types: types,
|
|
19
|
-
requested_ttl_seconds: ttl,
|
|
20
|
-
delegation_purpose: purpose,
|
|
21
|
-
}, ctx.issuerKP);
|
|
22
|
-
if (result.success && result.child_artifact_hash && result.effective_ttl_seconds !== undefined && result.scope_reduction) {
|
|
23
|
-
const record = {
|
|
24
|
-
parent_artifact_hash: result.parent_artifact_hash,
|
|
25
|
-
child_artifact_hash: result.child_artifact_hash,
|
|
26
|
-
effective_ttl_seconds: result.effective_ttl_seconds,
|
|
27
|
-
scope_reduction: result.scope_reduction,
|
|
28
|
-
purpose,
|
|
29
|
-
timestamp: utcNow(),
|
|
30
|
-
};
|
|
31
|
-
ctx.delegations.push(record);
|
|
32
|
-
await ctx.appendToChain('DELEGATION', {
|
|
33
|
-
type: 'DELEGATION',
|
|
34
|
-
sub_agent_id: subAgentId,
|
|
35
|
-
parent_artifact_hash: result.parent_artifact_hash,
|
|
36
|
-
child_artifact_hash: result.child_artifact_hash,
|
|
37
|
-
effective_ttl: result.effective_ttl_seconds,
|
|
38
|
-
scope_reduction: result.scope_reduction,
|
|
39
|
-
permitted_tools: permittedTools,
|
|
40
|
-
purpose,
|
|
41
|
-
});
|
|
42
|
-
}
|
|
43
|
-
return ctx.json({
|
|
44
|
-
...result,
|
|
45
|
-
sub_agent_id: subAgentId,
|
|
46
|
-
scope_diminished: result.success ? true : undefined,
|
|
47
|
-
permitted_tools: permittedTools,
|
|
48
|
-
});
|
|
49
|
-
}
|
|
50
|
-
//# sourceMappingURL=delegate-subagent.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"delegate-subagent.js","sourceRoot":"","sources":["../../src/tools/delegate-subagent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAkB/C,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,IAA0B,EAAE,GAAkB;IACzF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;IAElG,qDAAqD;IACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB;WACrC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,oBAAoB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACjF,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB;WAC/B,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9E,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,qBAAqB,IAAI,IAAI,CAAC;IACnE,MAAM,OAAO,GAAG,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,kBAAkB,IAAI,sBAAsB,CAAC;IAC5F,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,IAAI,WAAW,CAAC;IAEpD,oEAAoE;IACpE,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC;IAE5C,MAAM,MAAM,GAAG,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE;QACjD,oBAAoB,EAAE,QAA+B;QACrD,iBAAiB,EAAE,KAA0B;QAC7C,qBAAqB,EAAE,GAAG;QAC1B,kBAAkB,EAAE,OAAO;KAC5B,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;IAEjB,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,mBAAmB,IAAI,MAAM,CAAC,qBAAqB,KAAK,SAAS,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QACzH,MAAM,MAAM,GAAqB;YAC/B,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;YACjD,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;YAC/C,qBAAqB,EAAE,MAAM,CAAC,qBAAqB;YACnD,eAAe,EAAE,MAAM,CAAC,eAAe;YACvC,OAAO;YACP,SAAS,EAAE,MAAM,EAAE;SACpB,CAAC;QACF,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAE7B,MAAM,GAAG,CAAC,aAAa,CAAC,YAAY,EAAE;YACpC,IAAI,EAAE,YAAY;YAClB,YAAY,EAAE,UAAU;YACxB,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;YACjD,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;YAC/C,aAAa,EAAE,MAAM,CAAC,qBAAqB;YAC3C,eAAe,EAAE,MAAM,CAAC,eAAe;YACvC,eAAe,EAAE,cAAc;YAC/B,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,GAAG,MAAM;QACT,YAAY,EAAE,UAAU;QACxB,gBAAgB,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QACnD,eAAe,EAAE,cAAc;KAChC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
import type { DisclosureMode } from '../core/types.js';
|
|
3
|
-
export interface DiscloseClaimArgs {
|
|
4
|
-
claim_id: string;
|
|
5
|
-
requester_id?: string;
|
|
6
|
-
mode?: DisclosureMode;
|
|
7
|
-
}
|
|
8
|
-
export declare function handleDiscloseClaim(args: DiscloseClaimArgs, ctx: ServerContext): Promise<{
|
|
9
|
-
content: Array<{
|
|
10
|
-
type: "text";
|
|
11
|
-
text: string;
|
|
12
|
-
}>;
|
|
13
|
-
}>;
|
|
14
|
-
//# sourceMappingURL=disclose-claim.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"disclose-claim.d.ts","sourceRoot":"","sources":["../../src/tools/disclose-claim.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,cAAc,CAAC;CACvB;AAED,wBAAsB,mBAAmB,CAAC,IAAI,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa;;;;;GAyBpF"}
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
import { processDisclosure } from '../core/disclosure.js';
|
|
2
|
-
import { utcNow } from '../utils/timestamp.js';
|
|
3
|
-
export async function handleDiscloseClaim(args, ctx) {
|
|
4
|
-
const latest = await ctx.storage.getLatestEvent();
|
|
5
|
-
const result = processDisclosure({
|
|
6
|
-
requested_claim_id: args.claim_id,
|
|
7
|
-
requester_id: args.requester_id ?? 'anonymous',
|
|
8
|
-
mode: args.mode ?? 'REVEAL_MIN',
|
|
9
|
-
timestamp: utcNow(),
|
|
10
|
-
}, ctx.defaultClaims, ctx.claimValues, 1, latest?.sequence_number ?? 0, ctx.portalKP);
|
|
11
|
-
if (result.substitution_receipt) {
|
|
12
|
-
await ctx.appendToChain('SUBSTITUTION', result.substitution_receipt);
|
|
13
|
-
}
|
|
14
|
-
else {
|
|
15
|
-
await ctx.appendToChain('DISCLOSURE', {
|
|
16
|
-
claim_id: args.claim_id,
|
|
17
|
-
mode: args.mode ?? 'REVEAL_MIN',
|
|
18
|
-
permitted: result.permitted,
|
|
19
|
-
});
|
|
20
|
-
}
|
|
21
|
-
return ctx.json({ success: true, ...result });
|
|
22
|
-
}
|
|
23
|
-
//# sourceMappingURL=disclose-claim.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"disclose-claim.js","sourceRoot":"","sources":["../../src/tools/disclose-claim.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAU/C,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,IAAuB,EAAE,GAAkB;IACnF,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;IAClD,MAAM,MAAM,GAAG,iBAAiB,CAC9B;QACE,kBAAkB,EAAE,IAAI,CAAC,QAAQ;QACjC,YAAY,EAAE,IAAI,CAAC,YAAY,IAAI,WAAW;QAC9C,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,YAAY;QAC/B,SAAS,EAAE,MAAM,EAAE;KACpB,EACD,GAAG,CAAC,aAAa,EACjB,GAAG,CAAC,WAAW,EACf,CAAC,EACD,MAAM,EAAE,eAAe,IAAI,CAAC,EAC5B,GAAG,CAAC,QAAQ,CACb,CAAC;IACF,IAAI,MAAM,CAAC,oBAAoB,EAAE,CAAC;QAChC,MAAM,GAAG,CAAC,aAAa,CAAC,cAAc,EAAE,MAAM,CAAC,oBAAoB,CAAC,CAAC;IACvE,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,CAAC,aAAa,CAAC,YAAY,EAAE;YACpC,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,YAAY;YAC/B,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC,CAAC;AAChD,CAAC"}
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
export declare function handleExportBundle(_args: Record<string, never>, ctx: ServerContext): Promise<{
|
|
3
|
-
content: Array<{
|
|
4
|
-
type: "text";
|
|
5
|
-
text: string;
|
|
6
|
-
}>;
|
|
7
|
-
}>;
|
|
8
|
-
//# sourceMappingURL=export-bundle.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"export-bundle.d.ts","sourceRoot":"","sources":["../../src/tools/export-bundle.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,wBAAsB,kBAAkB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,aAAa;;;;;GAkBxF"}
|
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
import { hashArtifact } from '../core/artifact.js';
|
|
2
|
-
import { eventInclusionProof } from '../core/checkpoint.js';
|
|
3
|
-
import { generateBundle } from '../core/bundle.js';
|
|
4
|
-
export async function handleExportBundle(_args, ctx) {
|
|
5
|
-
const artifact = await ctx.storage.getLatestArtifact();
|
|
6
|
-
if (!artifact)
|
|
7
|
-
return ctx.error('No artifact');
|
|
8
|
-
const cp = await ctx.storage.getLatestCheckpoint();
|
|
9
|
-
if (!cp)
|
|
10
|
-
return ctx.error('No checkpoint. Call aga_create_checkpoint first.');
|
|
11
|
-
const receipts = await ctx.storage.getReceiptsByArtifact(hashArtifact(artifact));
|
|
12
|
-
const batchEvents = await ctx.storage.getEvents(cp.batch_start_sequence, cp.batch_end_sequence);
|
|
13
|
-
const proofs = receipts
|
|
14
|
-
.filter(r => r.sequence_number >= cp.batch_start_sequence && r.sequence_number <= cp.batch_end_sequence)
|
|
15
|
-
.map(r => eventInclusionProof(batchEvents, r.sequence_number));
|
|
16
|
-
const bundle = generateBundle(artifact, receipts, proofs, cp, ctx.portalKP);
|
|
17
|
-
return ctx.json({
|
|
18
|
-
success: true,
|
|
19
|
-
bundle,
|
|
20
|
-
offline_verifiable: true,
|
|
21
|
-
receipt_count: receipts.length,
|
|
22
|
-
proof_count: proofs.length,
|
|
23
|
-
});
|
|
24
|
-
}
|
|
25
|
-
//# sourceMappingURL=export-bundle.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"export-bundle.js","sourceRoot":"","sources":["../../src/tools/export-bundle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAGnD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,KAA4B,EAAE,GAAkB;IACvF,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;IACvD,IAAI,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IAC/C,MAAM,EAAE,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,mBAAmB,EAAE,CAAC;IACnD,IAAI,CAAC,EAAE;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;IAC9E,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,qBAAqB,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;IACjF,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC,oBAAoB,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC;IAChG,MAAM,MAAM,GAAG,QAAQ;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe,IAAI,EAAE,CAAC,oBAAoB,IAAI,CAAC,CAAC,eAAe,IAAI,EAAE,CAAC,kBAAkB,CAAC;SACvG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAmB,CAAC,WAAW,EAAE,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;IACjE,MAAM,MAAM,GAAG,cAAc,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5E,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,MAAM;QACN,kBAAkB,EAAE,IAAI;QACxB,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,WAAW,EAAE,MAAM,CAAC,MAAM;KAC3B,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
export interface FullLifecycleArgs {
|
|
3
|
-
subject_content?: string;
|
|
4
|
-
subject_metadata?: Record<string, string>;
|
|
5
|
-
scenario?: string;
|
|
6
|
-
include_drift?: boolean;
|
|
7
|
-
include_revocation?: boolean;
|
|
8
|
-
include_behavioral?: boolean;
|
|
9
|
-
}
|
|
10
|
-
export declare function handleFullLifecycle(args: FullLifecycleArgs, ctx: ServerContext): Promise<{
|
|
11
|
-
content: Array<{
|
|
12
|
-
type: "text";
|
|
13
|
-
text: string;
|
|
14
|
-
}>;
|
|
15
|
-
}>;
|
|
16
|
-
//# sourceMappingURL=full-lifecycle.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"full-lifecycle.d.ts","sourceRoot":"","sources":["../../src/tools/full-lifecycle.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,iBAAiB;IAChC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;AAaD,wBAAsB,mBAAmB,CAAC,IAAI,EAAE,iBAAiB,EAAE,GAAG,EAAE,aAAa;;;;;GA6GpF"}
|
|
@@ -1,121 +0,0 @@
|
|
|
1
|
-
import { sha256Str } from '../crypto/hash.js';
|
|
2
|
-
import { pkToHex } from '../crypto/sign.js';
|
|
3
|
-
import { computeSubjectIdFromString } from '../core/subject.js';
|
|
4
|
-
import { performAttestation } from '../core/attestation.js';
|
|
5
|
-
import { generateArtifact, hashArtifact } from '../core/artifact.js';
|
|
6
|
-
import { generateReceipt } from '../core/receipt.js';
|
|
7
|
-
import { createCheckpoint, eventInclusionProof } from '../core/checkpoint.js';
|
|
8
|
-
import { generateBundle, verifyBundleOffline } from '../core/bundle.js';
|
|
9
|
-
import { initQuarantine, captureInput } from '../core/quarantine.js';
|
|
10
|
-
const SCENARIOS = {
|
|
11
|
-
drone: {
|
|
12
|
-
content: 'def monitor(): return sensors.read_all()',
|
|
13
|
-
metadata: { filename: 'drone_agent.py', version: '2.1.0', author: 'engineering' },
|
|
14
|
-
},
|
|
15
|
-
scada: {
|
|
16
|
-
content: 'def control(): return actuators.safe_position()',
|
|
17
|
-
metadata: { filename: 'scada_controller.py', version: '1.0.0', author: 'ops' },
|
|
18
|
-
},
|
|
19
|
-
};
|
|
20
|
-
export async function handleFullLifecycle(args, ctx) {
|
|
21
|
-
const scenario = SCENARIOS[args.scenario ?? ''] ?? {
|
|
22
|
-
content: args.subject_content ?? 'def agent(): return task.execute()',
|
|
23
|
-
metadata: args.subject_metadata ?? { filename: 'lifecycle-test' },
|
|
24
|
-
};
|
|
25
|
-
const content = scenario.content;
|
|
26
|
-
const meta = scenario.metadata;
|
|
27
|
-
const includeDrift = args.include_drift !== false;
|
|
28
|
-
const includeRevocation = args.include_revocation !== false;
|
|
29
|
-
const includeBehavioral = args.include_behavioral !== false;
|
|
30
|
-
const phases = {};
|
|
31
|
-
// Phase 1: Attestation
|
|
32
|
-
const subId = computeSubjectIdFromString(content, meta);
|
|
33
|
-
const policyRef = sha256Str(JSON.stringify(ctx.defaultEnforcement));
|
|
34
|
-
const att = performAttestation({ subject_identifier: subId, policy_reference: policyRef, evidence_items: [] });
|
|
35
|
-
if (!att.success || !att.sealed_hash || !att.seal_salt)
|
|
36
|
-
return ctx.error('Attestation failed');
|
|
37
|
-
const artifact = generateArtifact({
|
|
38
|
-
subject_identifier: subId, policy_reference: policyRef, policy_version: 1,
|
|
39
|
-
sealed_hash: att.sealed_hash, seal_salt: att.seal_salt,
|
|
40
|
-
enforcement_parameters: { ...ctx.defaultEnforcement, enforcement_triggers: ['QUARANTINE', 'TERMINATE'] },
|
|
41
|
-
disclosure_policy: ctx.defaultClaims,
|
|
42
|
-
evidence_commitments: att.evidence_commitments, issuer_keypair: ctx.issuerKP,
|
|
43
|
-
});
|
|
44
|
-
await ctx.storage.storeArtifact(artifact);
|
|
45
|
-
ctx.portal.reset();
|
|
46
|
-
ctx.portal.loadArtifact(artifact, pkToHex(ctx.issuerKP.publicKey));
|
|
47
|
-
ctx.activeArtifact = artifact;
|
|
48
|
-
await ctx.appendToChain('POLICY_ISSUANCE', { artifact_hash: hashArtifact(artifact) });
|
|
49
|
-
phases.attestation = { success: true, artifact_hash: hashArtifact(artifact), portal_state: ctx.portal.state };
|
|
50
|
-
// Phase 2: Clean monitoring
|
|
51
|
-
const result = ctx.portal.measure(new TextEncoder().encode(content), meta);
|
|
52
|
-
const artRef = hashArtifact(artifact);
|
|
53
|
-
const receipt = generateReceipt({
|
|
54
|
-
subjectId: subId, artifactRef: artRef,
|
|
55
|
-
currentHash: `${result.currentBytesHash}||${result.currentMetaHash}`,
|
|
56
|
-
sealedHash: `${result.expectedBytesHash}||${result.expectedMetaHash}`,
|
|
57
|
-
driftDetected: false, driftDescription: null, action: null,
|
|
58
|
-
measurementType: 'EXECUTABLE_IMAGE', seq: ctx.portal.sequenceCounter + 1,
|
|
59
|
-
prevLeaf: ctx.portal.lastLeafHash, portalKP: ctx.portalKP,
|
|
60
|
-
});
|
|
61
|
-
await ctx.storage.storeReceipt(receipt);
|
|
62
|
-
await ctx.appendToChain('INTERACTION_RECEIPT', { receipt_id: receipt.receipt_id });
|
|
63
|
-
phases.monitoring = { match: result.match, receipt_id: receipt.receipt_id };
|
|
64
|
-
// Phase 3: Drift detection
|
|
65
|
-
if (includeDrift) {
|
|
66
|
-
const injected = content.replace('return', 'return attacker.exfiltrate(') + ')';
|
|
67
|
-
const driftResult = ctx.portal.measure(new TextEncoder().encode(injected), meta);
|
|
68
|
-
ctx.portal.enforce('QUARANTINE');
|
|
69
|
-
ctx.quarantine = initQuarantine();
|
|
70
|
-
captureInput(ctx.quarantine, 'attacker_command', 'exfiltrate data');
|
|
71
|
-
const driftReceipt = generateReceipt({
|
|
72
|
-
subjectId: subId, artifactRef: artRef,
|
|
73
|
-
currentHash: `${driftResult.currentBytesHash}||${driftResult.currentMetaHash}`,
|
|
74
|
-
sealedHash: `${driftResult.expectedBytesHash}||${driftResult.expectedMetaHash}`,
|
|
75
|
-
driftDetected: true, driftDescription: 'Binary modification detected', action: 'QUARANTINE',
|
|
76
|
-
measurementType: 'EXECUTABLE_IMAGE', seq: ctx.portal.sequenceCounter + 1,
|
|
77
|
-
prevLeaf: ctx.portal.lastLeafHash, portalKP: ctx.portalKP,
|
|
78
|
-
});
|
|
79
|
-
await ctx.storage.storeReceipt(driftReceipt);
|
|
80
|
-
await ctx.appendToChain('INTERACTION_RECEIPT', { receipt_id: driftReceipt.receipt_id, drift_detected: true });
|
|
81
|
-
phases.drift_detection = { drift_detected: true, enforcement: 'QUARANTINE', portal_state: ctx.portal.state };
|
|
82
|
-
}
|
|
83
|
-
// Phase 3b: Behavioral drift
|
|
84
|
-
if (includeBehavioral) {
|
|
85
|
-
ctx.behavioralMonitor.setBaseline({
|
|
86
|
-
permitted_tools: ['survey', 'report'], rate_limits: { survey: 10 },
|
|
87
|
-
forbidden_sequences: [['exfiltrate', 'transmit_external']], window_ms: 60000,
|
|
88
|
-
});
|
|
89
|
-
ctx.behavioralMonitor.recordInvocation('exfiltrate', sha256Str('exfil'));
|
|
90
|
-
const bm = ctx.behavioralMonitor.measure();
|
|
91
|
-
if (bm.drift_detected) {
|
|
92
|
-
await ctx.appendToChain('BEHAVIORAL_DRIFT', { violations: bm.violations, behavioral_hash: bm.behavioral_hash });
|
|
93
|
-
}
|
|
94
|
-
phases.behavioral_drift = { drift_detected: bm.drift_detected, violations: bm.violations.length };
|
|
95
|
-
}
|
|
96
|
-
// Phase 3c: Revocation
|
|
97
|
-
if (includeRevocation) {
|
|
98
|
-
ctx.portal.revoke(artifact.sealed_hash);
|
|
99
|
-
await ctx.appendToChain('REVOCATION', { artifact_sealed_hash: artifact.sealed_hash, reason: 'Compromise detected' });
|
|
100
|
-
phases.revocation = { revoked: true, portal_state: ctx.portal.state };
|
|
101
|
-
}
|
|
102
|
-
// Phase 4: Evidence bundle
|
|
103
|
-
const allEvents = await ctx.storage.getAllEvents();
|
|
104
|
-
const { checkpoint } = createCheckpoint(allEvents);
|
|
105
|
-
await ctx.storage.storeCheckpoint(checkpoint);
|
|
106
|
-
await ctx.appendToChain('ANCHOR_BATCH', { merkle_root: checkpoint.merkle_root, leaf_count: allEvents.length });
|
|
107
|
-
const allReceipts = await ctx.storage.getAllReceipts();
|
|
108
|
-
const batchEvents = await ctx.storage.getEvents(checkpoint.batch_start_sequence, checkpoint.batch_end_sequence);
|
|
109
|
-
const proofs = batchEvents.length > 1 ? [eventInclusionProof(batchEvents, batchEvents[1].sequence_number)] : [];
|
|
110
|
-
const bundle = generateBundle(artifact, allReceipts, proofs, checkpoint, ctx.portalKP);
|
|
111
|
-
const verification = verifyBundleOffline(bundle, pkToHex(ctx.issuerKP.publicKey));
|
|
112
|
-
phases.evidence_bundle = { verification, receipt_count: allReceipts.length };
|
|
113
|
-
return ctx.json({
|
|
114
|
-
success: true,
|
|
115
|
-
scenario: args.scenario ?? 'default',
|
|
116
|
-
phases,
|
|
117
|
-
final_verdict: verification.overall ? 'PASS' : 'FAIL',
|
|
118
|
-
portal_state: ctx.portal.state,
|
|
119
|
-
});
|
|
120
|
-
}
|
|
121
|
-
//# sourceMappingURL=full-lifecycle.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"full-lifecycle.js","sourceRoot":"","sources":["../../src/tools/full-lifecycle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAChE,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC5D,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAA2B,MAAM,qBAAqB,CAAC;AAC9F,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC9E,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAYrE,MAAM,SAAS,GAA0E;IACvF,KAAK,EAAE;QACL,OAAO,EAAE,0CAA0C;QACnD,QAAQ,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE;KAClF;IACD,KAAK,EAAE;QACL,OAAO,EAAE,iDAAiD;QAC1D,QAAQ,EAAE,EAAE,QAAQ,EAAE,qBAAqB,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE;KAC/E;CACF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,IAAuB,EAAE,GAAkB;IACnF,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,IAAI;QACjD,OAAO,EAAE,IAAI,CAAC,eAAe,IAAI,oCAAoC;QACrE,QAAQ,EAAE,IAAI,CAAC,gBAAgB,IAAI,EAAE,QAAQ,EAAE,gBAAgB,EAAE;KAClE,CAAC;IACF,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC;IACjC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC;IAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,aAAa,KAAK,KAAK,CAAC;IAClD,MAAM,iBAAiB,GAAG,IAAI,CAAC,kBAAkB,KAAK,KAAK,CAAC;IAC5D,MAAM,iBAAiB,GAAG,IAAI,CAAC,kBAAkB,KAAK,KAAK,CAAC;IAE5D,MAAM,MAAM,GAA4B,EAAE,CAAC;IAE3C,uBAAuB;IACvB,MAAM,KAAK,GAAG,0BAA0B,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACxD,MAAM,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACpE,MAAM,GAAG,GAAG,kBAAkB,CAAC,EAAE,kBAAkB,EAAE,KAAK,EAAE,gBAAgB,EAAE,SAAS,EAAE,cAAc,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/G,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,WAAW,IAAI,CAAC,GAAG,CAAC,SAAS;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAE/F,MAAM,QAAQ,GAAG,gBAAgB,CAAC;QAChC,kBAAkB,EAAE,KAAK,EAAE,gBAAgB,EAAE,SAAS,EAAE,cAAc,EAAE,CAAC;QACzE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS;QACtD,sBAAsB,EAAE,EAAE,GAAG,GAAG,CAAC,kBAAkB,EAAE,oBAAoB,EAAE,CAAC,YAAY,EAAE,WAAW,CAAC,EAAE;QACxG,iBAAiB,EAAE,GAAG,CAAC,aAAa;QACpC,oBAAoB,EAAE,GAAG,CAAC,oBAAoB,EAAE,cAAc,EAAE,GAAG,CAAC,QAAQ;KAC7E,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;IAC1C,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IACnB,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;IACnE,GAAG,CAAC,cAAc,GAAG,QAAQ,CAAC;IAC9B,MAAM,GAAG,CAAC,aAAa,CAAC,iBAAiB,EAAE,EAAE,aAAa,EAAE,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACtF,MAAM,CAAC,WAAW,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,CAAC,QAAQ,CAAC,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IAE9G,4BAA4B;IAC5B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,eAAe,CAAC;QAC9B,SAAS,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM;QACrC,WAAW,EAAE,GAAG,MAAM,CAAC,gBAAgB,KAAK,MAAM,CAAC,eAAe,EAAE;QACpE,UAAU,EAAE,GAAG,MAAM,CAAC,iBAAiB,KAAK,MAAM,CAAC,gBAAgB,EAAE;QACrE,aAAa,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI;QAC1D,eAAe,EAAE,kBAAkB,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC;QACxE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ;KAC1D,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IACnF,MAAM,CAAC,UAAU,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC;IAE5E,2BAA2B;IAC3B,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,6BAA6B,CAAC,GAAG,GAAG,CAAC;QAChF,MAAM,WAAW,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,CAAC;QACjF,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QACjC,GAAG,CAAC,UAAU,GAAG,cAAc,EAAE,CAAC;QAClC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;QACpE,MAAM,YAAY,GAAG,eAAe,CAAC;YACnC,SAAS,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM;YACrC,WAAW,EAAE,GAAG,WAAW,CAAC,gBAAgB,KAAK,WAAW,CAAC,eAAe,EAAE;YAC9E,UAAU,EAAE,GAAG,WAAW,CAAC,iBAAiB,KAAK,WAAW,CAAC,gBAAgB,EAAE;YAC/E,aAAa,EAAE,IAAI,EAAE,gBAAgB,EAAE,8BAA8B,EAAE,MAAM,EAAE,YAAY;YAC3F,eAAe,EAAE,kBAAkB,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC;YACxE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ;SAC1D,CAAC,CAAC;QACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAC7C,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE,EAAE,UAAU,EAAE,YAAY,CAAC,UAAU,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9G,MAAM,CAAC,eAAe,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IAC/G,CAAC;IAED,6BAA6B;IAC7B,IAAI,iBAAiB,EAAE,CAAC;QACtB,GAAG,CAAC,iBAAiB,CAAC,WAAW,CAAC;YAChC,eAAe,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,WAAW,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;YAClE,mBAAmB,EAAE,CAAC,CAAC,YAAY,EAAE,mBAAmB,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK;SAC7E,CAAC,CAAC;QACH,GAAG,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,YAAY,EAAE,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QACzE,MAAM,EAAE,GAAG,GAAG,CAAC,iBAAiB,CAAC,OAAO,EAAE,CAAC;QAC3C,IAAI,EAAE,CAAC,cAAc,EAAE,CAAC;YACtB,MAAM,GAAG,CAAC,aAAa,CAAC,kBAAkB,EAAE,EAAE,UAAU,EAAE,EAAE,CAAC,UAAU,EAAE,eAAe,EAAE,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC;QAClH,CAAC;QACD,MAAM,CAAC,gBAAgB,GAAG,EAAE,cAAc,EAAE,EAAE,CAAC,cAAc,EAAE,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;IACpG,CAAC;IAED,uBAAuB;IACvB,IAAI,iBAAiB,EAAE,CAAC;QACtB,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACxC,MAAM,GAAG,CAAC,aAAa,CAAC,YAAY,EAAE,EAAE,oBAAoB,EAAE,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC,CAAC;QACrH,MAAM,CAAC,UAAU,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IACxE,CAAC;IAED,2BAA2B;IAC3B,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;IACnD,MAAM,EAAE,UAAU,EAAE,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;IACnD,MAAM,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;IAC9C,MAAM,GAAG,CAAC,aAAa,CAAC,cAAc,EAAE,EAAE,WAAW,EAAE,UAAU,CAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAE/G,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;IACvD,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,oBAAoB,EAAE,UAAU,CAAC,kBAAkB,CAAC,CAAC;IAChH,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAChH,MAAM,MAAM,GAAG,cAAc,CAAC,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;IACvF,MAAM,YAAY,GAAG,mBAAmB,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;IAClF,MAAM,CAAC,eAAe,GAAG,EAAE,YAAY,EAAE,aAAa,EAAE,WAAW,CAAC,MAAM,EAAE,CAAC;IAE7E,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,SAAS;QACpC,MAAM;QACN,aAAa,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;QACrD,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;KAC/B,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
export interface GenerateReceiptArgs {
|
|
3
|
-
subject_content?: string;
|
|
4
|
-
drift_detected?: boolean;
|
|
5
|
-
drift_description?: string;
|
|
6
|
-
measurement_type?: string;
|
|
7
|
-
action_type?: string;
|
|
8
|
-
action_detail?: string;
|
|
9
|
-
}
|
|
10
|
-
export declare function handleGenerateReceipt(args: GenerateReceiptArgs, ctx: ServerContext): Promise<{
|
|
11
|
-
content: Array<{
|
|
12
|
-
type: "text";
|
|
13
|
-
text: string;
|
|
14
|
-
}>;
|
|
15
|
-
}>;
|
|
16
|
-
//# sourceMappingURL=generate-receipt.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"generate-receipt.d.ts","sourceRoot":"","sources":["../../src/tools/generate-receipt.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,mBAAmB;IAClC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,mBAAmB,EAAE,GAAG,EAAE,aAAa;;;;;GA6BxF"}
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
import { hashArtifact } from '../core/artifact.js';
|
|
2
|
-
import { generateReceipt } from '../core/receipt.js';
|
|
3
|
-
export async function handleGenerateReceipt(args, ctx) {
|
|
4
|
-
if (!ctx.portal.artifact)
|
|
5
|
-
return ctx.error('No artifact loaded.');
|
|
6
|
-
const artRef = hashArtifact(ctx.portal.artifact);
|
|
7
|
-
const mType = args.action_type ?? args.measurement_type ?? 'FILE_SYSTEM_STATE';
|
|
8
|
-
const driftDesc = args.action_detail ?? args.drift_description ?? null;
|
|
9
|
-
const receipt = generateReceipt({
|
|
10
|
-
subjectId: ctx.portal.artifact.subject_identifier,
|
|
11
|
-
artifactRef: artRef,
|
|
12
|
-
currentHash: args.subject_content ?? artRef,
|
|
13
|
-
sealedHash: ctx.portal.artifact.sealed_hash,
|
|
14
|
-
driftDetected: args.drift_detected ?? false,
|
|
15
|
-
driftDescription: driftDesc,
|
|
16
|
-
action: null,
|
|
17
|
-
measurementType: mType,
|
|
18
|
-
seq: ctx.portal.sequenceCounter + 1,
|
|
19
|
-
prevLeaf: ctx.portal.lastLeafHash,
|
|
20
|
-
portalKP: ctx.portalKP,
|
|
21
|
-
});
|
|
22
|
-
await ctx.storage.storeReceipt(receipt);
|
|
23
|
-
await ctx.appendToChain('INTERACTION_RECEIPT', {
|
|
24
|
-
receipt_id: receipt.receipt_id,
|
|
25
|
-
drift_detected: args.drift_detected ?? false,
|
|
26
|
-
action_type: args.action_type,
|
|
27
|
-
action_detail: args.action_detail,
|
|
28
|
-
});
|
|
29
|
-
return ctx.json({ success: true, receipt_id: receipt.receipt_id, receipt });
|
|
30
|
-
}
|
|
31
|
-
//# sourceMappingURL=generate-receipt.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"generate-receipt.js","sourceRoot":"","sources":["../../src/tools/generate-receipt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAYrD,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,IAAyB,EAAE,GAAkB;IACvF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAElE,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,gBAAgB,IAAI,mBAAmB,CAAC;IAC/E,MAAM,SAAS,GAAG,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC;IAEvE,MAAM,OAAO,GAAG,eAAe,CAAC;QAC9B,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB;QACjD,WAAW,EAAE,MAAM;QACnB,WAAW,EAAE,IAAI,CAAC,eAAe,IAAI,MAAM;QAC3C,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW;QAC3C,aAAa,EAAE,IAAI,CAAC,cAAc,IAAI,KAAK;QAC3C,gBAAgB,EAAE,SAAS;QAC3B,MAAM,EAAE,IAAI;QACZ,eAAe,EAAE,KAAK;QACtB,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC;QACnC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,YAAY;QACjC,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACvB,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,GAAG,CAAC,aAAa,CAAC,qBAAqB,EAAE;QAC7C,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,cAAc,EAAE,IAAI,CAAC,cAAc,IAAI,KAAK;QAC5C,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,aAAa,EAAE,IAAI,CAAC,aAAa;KAClC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,OAAO,EAAE,CAAC,CAAC;AAC9E,CAAC"}
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
export interface GetChainArgs {
|
|
3
|
-
start_seq?: number;
|
|
4
|
-
end_seq?: number;
|
|
5
|
-
verify?: boolean;
|
|
6
|
-
filter_type?: string;
|
|
7
|
-
}
|
|
8
|
-
export declare function handleGetChain(args: GetChainArgs, ctx: ServerContext): Promise<{
|
|
9
|
-
content: Array<{
|
|
10
|
-
type: "text";
|
|
11
|
-
text: string;
|
|
12
|
-
}>;
|
|
13
|
-
}>;
|
|
14
|
-
//# sourceMappingURL=get-chain.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"get-chain.d.ts","sourceRoot":"","sources":["../../src/tools/get-chain.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,YAAY;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAYD,wBAAsB,cAAc,CAAC,IAAI,EAAE,YAAY,EAAE,GAAG,EAAE,aAAa;;;;;GAqC1E"}
|
package/dist/tools/get-chain.js
DELETED
|
@@ -1,45 +0,0 @@
|
|
|
1
|
-
import { verifyChainIntegrity } from '../core/chain.js';
|
|
2
|
-
const FILTER_MAP = {
|
|
3
|
-
behavioral: ['BEHAVIORAL_DRIFT'],
|
|
4
|
-
delegations: ['DELEGATION'],
|
|
5
|
-
receipts: ['INTERACTION_RECEIPT'],
|
|
6
|
-
revocations: ['REVOCATION'],
|
|
7
|
-
attestations: ['POLICY_ISSUANCE', 'RE_ATTESTATION', 'ATTESTATION'],
|
|
8
|
-
disclosure: ['DISCLOSURE', 'SUBSTITUTION'],
|
|
9
|
-
keys: ['KEY_ROTATION'],
|
|
10
|
-
};
|
|
11
|
-
export async function handleGetChain(args, ctx) {
|
|
12
|
-
let events = (args.start_seq !== undefined && args.end_seq !== undefined)
|
|
13
|
-
? await ctx.storage.getEvents(args.start_seq, args.end_seq)
|
|
14
|
-
: await ctx.storage.getAllEvents();
|
|
15
|
-
// Apply filter_type
|
|
16
|
-
if (args.filter_type && args.filter_type !== 'all') {
|
|
17
|
-
const allowedTypes = FILTER_MAP[args.filter_type];
|
|
18
|
-
if (allowedTypes) {
|
|
19
|
-
events = events.filter(e => allowedTypes.includes(e.event_type));
|
|
20
|
-
}
|
|
21
|
-
}
|
|
22
|
-
const result = {
|
|
23
|
-
count: events.length,
|
|
24
|
-
events: events.map(e => ({
|
|
25
|
-
sequence_number: e.sequence_number,
|
|
26
|
-
event_type: e.event_type,
|
|
27
|
-
event_id: e.event_id,
|
|
28
|
-
timestamp: e.timestamp,
|
|
29
|
-
leaf_hash: e.leaf_hash.slice(0, 16) + '...',
|
|
30
|
-
previous_leaf_hash: e.previous_leaf_hash ? e.previous_leaf_hash.slice(0, 16) + '...' : null,
|
|
31
|
-
payload_hash: e.payload_hash.slice(0, 16) + '...',
|
|
32
|
-
})),
|
|
33
|
-
};
|
|
34
|
-
if (args.verify) {
|
|
35
|
-
const allEvents = await ctx.storage.getAllEvents();
|
|
36
|
-
const integrity = verifyChainIntegrity(allEvents);
|
|
37
|
-
result.chain_valid = integrity.valid;
|
|
38
|
-
result.broken_at = integrity.brokenAt;
|
|
39
|
-
result.verification_error = integrity.error;
|
|
40
|
-
result.leaf_hash_formula = 'SHA-256(schema_version || protocol_version || event_type || event_id || sequence_number || timestamp || previous_leaf_hash) - PAYLOAD EXCLUDED';
|
|
41
|
-
result.event_signature_covers = 'COMPLETE event including payload';
|
|
42
|
-
}
|
|
43
|
-
return ctx.json(result);
|
|
44
|
-
}
|
|
45
|
-
//# sourceMappingURL=get-chain.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"get-chain.js","sourceRoot":"","sources":["../../src/tools/get-chain.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAUxD,MAAM,UAAU,GAA6B;IAC3C,UAAU,EAAE,CAAC,kBAAkB,CAAC;IAChC,WAAW,EAAE,CAAC,YAAY,CAAC;IAC3B,QAAQ,EAAE,CAAC,qBAAqB,CAAC;IACjC,WAAW,EAAE,CAAC,YAAY,CAAC;IAC3B,YAAY,EAAE,CAAC,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,CAAC;IAClE,UAAU,EAAE,CAAC,YAAY,EAAE,cAAc,CAAC;IAC1C,IAAI,EAAE,CAAC,cAAc,CAAC;CACvB,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,IAAkB,EAAE,GAAkB;IACzE,IAAI,MAAM,GAAG,CAAC,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC;QACvE,CAAC,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC;QAC3D,CAAC,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;IAErC,oBAAoB;IACpB,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,KAAK,KAAK,EAAE,CAAC;QACnD,MAAM,YAAY,GAAG,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAClD,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAA4B;QACtC,KAAK,EAAE,MAAM,CAAC,MAAM;QACpB,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACvB,eAAe,EAAE,CAAC,CAAC,eAAe;YAClC,UAAU,EAAE,CAAC,CAAC,UAAU;YACxB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,SAAS,EAAE,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;YAC3C,kBAAkB,EAAE,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI;YAC3F,YAAY,EAAE,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;SAClD,CAAC,CAAC;KACJ,CAAC;IAEF,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QACnD,MAAM,SAAS,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC;QAClD,MAAM,CAAC,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC;QACrC,MAAM,CAAC,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAC;QACtC,MAAM,CAAC,kBAAkB,GAAG,SAAS,CAAC,KAAK,CAAC;QAC5C,MAAM,CAAC,iBAAiB,GAAG,gJAAgJ,CAAC;QAC5K,MAAM,CAAC,sBAAsB,GAAG,kCAAkC,CAAC;IACrE,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
export declare function handleGetPortalState(_args: Record<string, never>, ctx: ServerContext): Promise<{
|
|
3
|
-
content: Array<{
|
|
4
|
-
type: "text";
|
|
5
|
-
text: string;
|
|
6
|
-
}>;
|
|
7
|
-
}>;
|
|
8
|
-
//# sourceMappingURL=get-portal-state.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"get-portal-state.d.ts","sourceRoot":"","sources":["../../src/tools/get-portal-state.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,wBAAsB,oBAAoB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,aAAa;;;;;GAa1F"}
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
export async function handleGetPortalState(_args, ctx) {
|
|
2
|
-
return ctx.json({
|
|
3
|
-
state: ctx.portal.state,
|
|
4
|
-
artifact_loaded: !!ctx.portal.artifact,
|
|
5
|
-
sealed_hash: ctx.portal.artifact?.sealed_hash ?? null,
|
|
6
|
-
ttl_seconds: ctx.portal.artifact?.enforcement_parameters.ttl_seconds ?? null,
|
|
7
|
-
issued_at: ctx.portal.artifact?.issued_timestamp ?? null,
|
|
8
|
-
enforcement_triggers: ctx.portal.artifact?.enforcement_parameters.enforcement_triggers ?? [],
|
|
9
|
-
sequence_counter: ctx.portal.sequenceCounter,
|
|
10
|
-
quarantine_active: ctx.quarantine?.active ?? false,
|
|
11
|
-
verification_tier: ctx.verificationTier,
|
|
12
|
-
measurement_count: ctx.measurementCount,
|
|
13
|
-
});
|
|
14
|
-
}
|
|
15
|
-
//# sourceMappingURL=get-portal-state.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"get-portal-state.js","sourceRoot":"","sources":["../../src/tools/get-portal-state.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,KAA4B,EAAE,GAAkB;IACzF,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;QACvB,eAAe,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ;QACtC,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,WAAW,IAAI,IAAI;QACrD,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,sBAAsB,CAAC,WAAW,IAAI,IAAI;QAC5E,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,IAAI,IAAI;QACxD,oBAAoB,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,sBAAsB,CAAC,oBAAoB,IAAI,EAAE;QAC5F,gBAAgB,EAAE,GAAG,CAAC,MAAM,CAAC,eAAe;QAC5C,iBAAiB,EAAE,GAAG,CAAC,UAAU,EAAE,MAAM,IAAI,KAAK;QAClD,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;QACvC,iBAAiB,EAAE,GAAG,CAAC,gBAAgB;KACxC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
export declare function handleInitChain(args: {
|
|
3
|
-
specification_hash?: string;
|
|
4
|
-
}, ctx: ServerContext): Promise<{
|
|
5
|
-
content: Array<{
|
|
6
|
-
type: "text";
|
|
7
|
-
text: string;
|
|
8
|
-
}>;
|
|
9
|
-
}>;
|
|
10
|
-
//# sourceMappingURL=init-chain.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"init-chain.d.ts","sourceRoot":"","sources":["../../src/tools/init-chain.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,wBAAsB,eAAe,CAAC,IAAI,EAAE;IAAE,kBAAkB,CAAC,EAAE,MAAM,CAAA;CAAE,EAAE,GAAG,EAAE,aAAa;;;;;GAQ9F"}
|
package/dist/tools/init-chain.js
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
import { sha256Str } from '../crypto/hash.js';
|
|
2
|
-
import { createGenesisEvent } from '../core/chain.js';
|
|
3
|
-
export async function handleInitChain(args, ctx) {
|
|
4
|
-
if (ctx.chainInitialized)
|
|
5
|
-
return ctx.error('Chain already initialized');
|
|
6
|
-
const genesis = createGenesisEvent(ctx.chainKP, args.specification_hash ?? sha256Str('AGA Protocol Specification v2.0.0'));
|
|
7
|
-
await ctx.storage.storeEvent(genesis);
|
|
8
|
-
ctx.chainInitialized = true;
|
|
9
|
-
ctx.portal.sequenceCounter = 0;
|
|
10
|
-
ctx.portal.lastLeafHash = genesis.leaf_hash;
|
|
11
|
-
return ctx.json({ success: true, genesis_event_id: genesis.event_id, genesis_leaf_hash: genesis.leaf_hash });
|
|
12
|
-
}
|
|
13
|
-
//# sourceMappingURL=init-chain.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"init-chain.js","sourceRoot":"","sources":["../../src/tools/init-chain.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAGtD,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAAqC,EAAE,GAAkB;IAC7F,IAAI,GAAG,CAAC,gBAAgB;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;IACxE,MAAM,OAAO,GAAG,kBAAkB,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,kBAAkB,IAAI,SAAS,CAAC,mCAAmC,CAAC,CAAC,CAAC;IAC3H,MAAM,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACtC,GAAG,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAC5B,GAAG,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC,CAAC;IAC/B,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG,OAAO,CAAC,SAAS,CAAC;IAC5C,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,CAAC,QAAQ,EAAE,iBAAiB,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;AAC/G,CAAC"}
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
export interface MeasureBehaviorArgs {
|
|
3
|
-
tool_name?: string;
|
|
4
|
-
record_only?: boolean;
|
|
5
|
-
}
|
|
6
|
-
export declare function handleMeasureBehavior(args: MeasureBehaviorArgs, ctx: ServerContext): Promise<{
|
|
7
|
-
content: Array<{
|
|
8
|
-
type: "text";
|
|
9
|
-
text: string;
|
|
10
|
-
}>;
|
|
11
|
-
}>;
|
|
12
|
-
//# sourceMappingURL=measure-behavior.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"measure-behavior.d.ts","sourceRoot":"","sources":["../../src/tools/measure-behavior.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,mBAAmB;IAClC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,mBAAmB,EAAE,GAAG,EAAE,aAAa;;;;;GA4BxF"}
|
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
import { sha256Str } from '../crypto/hash.js';
|
|
2
|
-
export async function handleMeasureBehavior(args, ctx) {
|
|
3
|
-
// If a tool_name is provided, record the invocation first
|
|
4
|
-
if (args.tool_name) {
|
|
5
|
-
ctx.behavioralMonitor.recordInvocation(args.tool_name, sha256Str(args.tool_name));
|
|
6
|
-
}
|
|
7
|
-
// If record_only, just acknowledge the recording
|
|
8
|
-
if (args.record_only) {
|
|
9
|
-
return ctx.json({
|
|
10
|
-
success: true,
|
|
11
|
-
recorded: args.tool_name,
|
|
12
|
-
record_only: true,
|
|
13
|
-
});
|
|
14
|
-
}
|
|
15
|
-
// Measure behavioral patterns
|
|
16
|
-
const measurement = ctx.behavioralMonitor.measure();
|
|
17
|
-
if (measurement.drift_detected) {
|
|
18
|
-
await ctx.appendToChain('BEHAVIORAL_DRIFT', {
|
|
19
|
-
violations: measurement.violations,
|
|
20
|
-
behavioral_hash: measurement.behavioral_hash,
|
|
21
|
-
});
|
|
22
|
-
}
|
|
23
|
-
return ctx.json({
|
|
24
|
-
success: true,
|
|
25
|
-
...measurement,
|
|
26
|
-
violation_count: measurement.violations.length,
|
|
27
|
-
});
|
|
28
|
-
}
|
|
29
|
-
//# sourceMappingURL=measure-behavior.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"measure-behavior.js","sourceRoot":"","sources":["../../src/tools/measure-behavior.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAQ9C,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,IAAyB,EAAE,GAAkB;IACvF,0DAA0D;IAC1D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACpF,CAAC;IAED,iDAAiD;IACjD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,OAAO,GAAG,CAAC,IAAI,CAAC;YACd,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,IAAI,CAAC,SAAS;YACxB,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;IACL,CAAC;IAED,8BAA8B;IAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,iBAAiB,CAAC,OAAO,EAAE,CAAC;IACpD,IAAI,WAAW,CAAC,cAAc,EAAE,CAAC;QAC/B,MAAM,GAAG,CAAC,aAAa,CAAC,kBAAkB,EAAE;YAC1C,UAAU,EAAE,WAAW,CAAC,UAAU;YAClC,eAAe,EAAE,WAAW,CAAC,eAAe;SAC7C,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,CAAC;QACd,OAAO,EAAE,IAAI;QACb,GAAG,WAAW;QACd,eAAe,EAAE,WAAW,CAAC,UAAU,CAAC,MAAM;KAC/C,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
import type { ServerContext } from '../context.js';
|
|
2
|
-
import type { SubjectMetadata } from '../core/types.js';
|
|
3
|
-
export interface MeasureSubjectArgs {
|
|
4
|
-
subject_content?: string;
|
|
5
|
-
subject_bytes_hash?: string;
|
|
6
|
-
subject_metadata_hash?: string;
|
|
7
|
-
subject_metadata?: SubjectMetadata;
|
|
8
|
-
}
|
|
9
|
-
export declare function handleMeasureSubject(args: MeasureSubjectArgs, ctx: ServerContext): Promise<{
|
|
10
|
-
content: Array<{
|
|
11
|
-
type: "text";
|
|
12
|
-
text: string;
|
|
13
|
-
}>;
|
|
14
|
-
}>;
|
|
15
|
-
//# sourceMappingURL=measure-subject.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"measure-subject.d.ts","sourceRoot":"","sources":["../../src/tools/measure-subject.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,eAAe,EAAqB,MAAM,kBAAkB,CAAC;AAE3E,MAAM,WAAW,kBAAkB;IACjC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,gBAAgB,CAAC,EAAE,eAAe,CAAC;CACpC;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,aAAa;;;;;GA0GtF"}
|