@attested-intelligence/aga-mcp-server 3.0.1 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/DEPLOYMENT.md +2 -2
- package/README.md +7 -8
- package/THREAT_BOUNDARY.md +9 -9
- package/dist/proxy/index.d.ts.map +1 -1
- package/dist/proxy/index.js +4 -1
- package/dist/proxy/index.js.map +1 -1
- package/dist/sep/bundle.js +2 -2
- package/dist/sep/bundle.js.map +1 -1
- package/dist/sep/checkpoint.d.ts.map +1 -1
- package/dist/sep/checkpoint.js +2 -2
- package/dist/sep/checkpoint.js.map +1 -1
- package/dist/sep/crypto.d.ts +2 -0
- package/dist/sep/crypto.d.ts.map +1 -1
- package/dist/sep/crypto.js +1 -1
- package/dist/sep/crypto.js.map +1 -1
- package/dist/sep/hybrid.d.ts +60 -0
- package/dist/sep/hybrid.d.ts.map +1 -0
- package/dist/sep/hybrid.js +189 -0
- package/dist/sep/hybrid.js.map +1 -0
- package/dist/sep/index.d.ts +3 -1
- package/dist/sep/index.d.ts.map +1 -1
- package/dist/sep/index.js +2 -0
- package/dist/sep/index.js.map +1 -1
- package/dist/sep/profiles.d.ts +22 -0
- package/dist/sep/profiles.d.ts.map +1 -0
- package/dist/sep/profiles.js +56 -0
- package/dist/sep/profiles.js.map +1 -0
- package/dist/sep/receipt.js +0 -0
- package/dist/sep/receipt.js.map +1 -1
- package/dist/sep/verify.d.ts +8 -3
- package/dist/sep/verify.d.ts.map +1 -1
- package/dist/sep/verify.js +67 -49
- package/dist/sep/verify.js.map +1 -1
- package/package.json +7 -3
package/DEPLOYMENT.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# AGA MCP Server — Deployment & Hardening Guide
|
|
2
2
|
|
|
3
|
-
Practical guidance for running `@attested-intelligence/aga-mcp-server` (3.0.
|
|
3
|
+
Practical guidance for running `@attested-intelligence/aga-mcp-server` (3.0.1) in a defensible configuration. Scope is the **MCP server boundary** — see `THREAT_BOUNDARY.md` for the full claim/limitation surface this guide operationalizes.
|
|
4
4
|
|
|
5
5
|
The hardened posture in one line: **stdio upstream + a persisted, well-protected gateway key + network isolation + verifiers that pin the gateway key.**
|
|
6
6
|
|
|
@@ -59,7 +59,7 @@ Call the `get_server_info` tool → **`gateway_public_key`**. That 64-hex value
|
|
|
59
59
|
```bash
|
|
60
60
|
# reference verifier (zero deps)
|
|
61
61
|
node aga-receipt-spec/verify/verify-sep.mjs evidence-bundle.json --pubkey <gateway_public_key>
|
|
62
|
-
# or the published CLI (2.0.0
|
|
62
|
+
# or the published CLI (@attested-intelligence/aga-verify 2.0.0)
|
|
63
63
|
aga-verify evidence-bundle.json --pubkey <gateway_public_key>
|
|
64
64
|
```
|
|
65
65
|
Or via the tool: `verify_bundle_offline(bundle, pinned_public_key=<gateway_public_key>)`. **Without a pin you get an integrity-only result** (`issuerVerified=false`, summary says "NOT provenance"). See §3.7 of the boundary doc.
|
package/README.md
CHANGED
|
@@ -5,10 +5,10 @@ Cryptographic runtime governance for AI agents and autonomous systems.
|
|
|
5
5
|
[](https://www.npmjs.com/package/@attested-intelligence/aga-mcp-server)
|
|
6
6
|
[](https://pypi.org/project/aga-governance/)
|
|
7
7
|
[](LICENSE)
|
|
8
|
-
[](https://www.npmjs.com/package/@attested-intelligence/aga-mcp-server)
|
|
9
9
|
[](https://www.npmjs.com/package/@attested-intelligence/aga-mcp-server)
|
|
10
10
|
|
|
11
|
-
> **Status: 3.
|
|
11
|
+
> **Status: 3.2.0 (published to npm with SLSA build provenance).** The server tools and the `aga-proxy` emit the **canonical SEP evidence bundle**, verifiable offline by the published `@attested-intelligence/aga-verify` and the reference verifier `aga-receipt-spec/verify/verify-sep.mjs`. **As of 3.2.0 the verifier is algorithm-agile and ships a post-quantum profile:** v1 `Ed25519-SHA256-JCS` (the default the gateway emits) and v2 `ML-DSA-65+Ed25519-SHA256-JCS` (a NIST FIPS-204 ML-DSA-65 + RFC-8032 Ed25519 **composite**, both must verify), selected per-bundle by the `algorithm` field with a `VERIFIED / FAILED / UNSUPPORTED_PROFILE` trichotomy. Pre-3.0 releases (a legacy continuity-chain bundle that does *not* verify under the SEP verifier) are deprecated; use `^3.0.0`. Claim scope and residual attack surface are documented honestly in `THREAT_BOUNDARY.md`.
|
|
12
12
|
|
|
13
13
|
```bash
|
|
14
14
|
# This package IS the AGA MCP server (TypeScript, runs over stdio). Use it from any MCP client:
|
|
@@ -29,7 +29,7 @@ node aga-receipt-spec/verify/verify-sep.mjs fixtures/valid_minimal.json # OVER
|
|
|
29
29
|
node aga-receipt-spec/verify/verify-sep.mjs fixtures/tampered.json # OVERALL: FAILED
|
|
30
30
|
```
|
|
31
31
|
|
|
32
|
-
The published `@attested-intelligence/aga-verify@2.0.0` CLI renders the identical verdict, and `npm run conformance:cross-stack` proves six independent
|
|
32
|
+
The published `@attested-intelligence/aga-verify@2.0.0` CLI renders the identical verdict, and `npm run conformance:cross-stack` proves six v1 verifier configurations — spanning **three independent toolchains (JavaScript, Go, and Python, including a pure-stdlib, no-third-party-crypto path)** — agree on all **57** cross-stack cases; `npm run conformance:cross-stack-v2` proves **two genuinely independent-language oracles (@noble/JS and CIRCL/Go)** agree on the v2 composite corpus. For a full trust-free reproduction (build the package yourself, reproduce the published tarball byte-for-byte, re-run every gate), see the **[REVIEWER_GUIDE.md](REVIEWER_GUIDE.md)** (a command-by-command self-service path), **[REPRODUCIBILITY.md](REPRODUCIBILITY.md)**, and the step-by-step **[SKEPTICAL_AUDITOR.md](SKEPTICAL_AUDITOR.md)**. The 3.2.0 npm release carries SLSA build provenance, checkable with `npm audit signatures`.
|
|
33
33
|
|
|
34
34
|
## What This Does
|
|
35
35
|
|
|
@@ -106,7 +106,7 @@ node aga-receipt-spec/verify/verify-sep.mjs evidence-bundle.json --pubkey <gatew
|
|
|
106
106
|
|
|
107
107
|
The published `@attested-intelligence/aga-verify` CLI mirrors this reference (**2.0.0**, published on npm; the older forgeable 1.0.0 is deprecated). Without `--pubkey` you get an **integrity-only** result (`issuerVerified=false`); pin the key to also prove *who* issued it — see `THREAT_BOUNDARY.md` §3.7. A hosted browser verifier is linked under [Links](#links).
|
|
108
108
|
|
|
109
|
-
The reference §6 algorithm is implemented in **three languages** — JavaScript (`aga-receipt-spec/verify/verify-sep.mjs`), Go (`verify.go`, stdlib `crypto/ed25519`), and Python (`verify.py`, pure-stdlib RFC-8032 Ed25519) — and a cross-stack harness (`npm run conformance:cross-stack`) proves all three, plus the in-server engine and `aga-verify`, render **identical verdicts** on the canonical vectors (valid, adversarial, and every small-order forgery).
|
|
109
|
+
The reference §6 algorithm is implemented in **three languages** — JavaScript (`aga-receipt-spec/verify/verify-sep.mjs`), Go (`verify.go`, stdlib `crypto/ed25519`), and Python (`verify.py`, pure-stdlib RFC-8032 Ed25519) — and a cross-stack harness (`npm run conformance:cross-stack`) proves all three, plus the in-server engine and `aga-verify`, render **identical verdicts** on the canonical vectors (valid, adversarial, and every small-order forgery). The **v2 composite** profile (`ML-DSA-65+Ed25519-SHA256-JCS`) is held to the same bar by a second harness (`npm run conformance:cross-stack-v2`): a `@noble`/JavaScript engine and a CIRCL/Go oracle — two genuinely independent toolchains — render identical verdicts on the pinned v2 corpus, and a v1-only verifier returns `UNSUPPORTED_PROFILE` (exit 3) on a v2 bundle rather than a misleading FAILED.
|
|
110
110
|
|
|
111
111
|
## How It Works
|
|
112
112
|
|
|
@@ -207,17 +207,17 @@ Automated tests across TypeScript and Python, plus a conformance corpus:
|
|
|
207
207
|
|
|
208
208
|
- **TypeScript MCP server:** 297 tests (vitest), including provable-denial and behavioral-monitor regressions
|
|
209
209
|
- **SEP conformance corpus:** `npm run test:conformance` (valid → VERIFIED, negatives → FAILED)
|
|
210
|
-
- **Python companion SDK:**
|
|
210
|
+
- **Python companion SDK:** the separately-published `aga-governance` PyPI package (pytest)
|
|
211
211
|
|
|
212
212
|
```bash
|
|
213
213
|
npm test # TypeScript tests (vitest)
|
|
214
214
|
npm run test:conformance # SEP conformance corpus
|
|
215
|
-
|
|
215
|
+
pip install aga-governance && python -m pytest --pyargs aga # Python companion tests
|
|
216
216
|
```
|
|
217
217
|
|
|
218
218
|
## Benchmarks
|
|
219
219
|
|
|
220
|
-
|
|
220
|
+
Receipt-format determinism is reproducible here: `npm test` runs the cross-language vectors, and `npm run conformance:cross-stack` shows the six v1 verifier configurations (across three independent toolchains — JS, Go, Python) agree on the canonical 57-case corpus, while `npm run conformance:cross-stack-v2` shows the two independent-language v2 oracles agree on the composite corpus.
|
|
221
221
|
|
|
222
222
|
## Project Structure
|
|
223
223
|
|
|
@@ -228,7 +228,6 @@ src/
|
|
|
228
228
|
crypto/ # Internal continuity-chain crypto: Ed25519 (node:crypto), SHA-256/blake2b, salt
|
|
229
229
|
proxy/ # MCP governance proxy (transparent interception + policy enforcement; emits SEP bundles)
|
|
230
230
|
middleware/ # Governance PEP wrapper (records a signed PERMITTED/DENIED receipt per governed call)
|
|
231
|
-
aga-python/ # Python companion SDK (PyPI: aga-governance)
|
|
232
231
|
independent-verifier/ # @attested-intelligence/aga-verify — standalone SEP verifier, zero AGA imports
|
|
233
232
|
scenarios/ # Demo scenarios (SCADA, autonomous vehicle, AI agent) — emit SEP bundles
|
|
234
233
|
tests/ # TypeScript test suite (297 tests)
|
package/THREAT_BOUNDARY.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# AGA MCP Server — Threat Boundary & Bypass Surface (honest audit)
|
|
2
2
|
|
|
3
|
-
**Scope:** `@attested-intelligence/aga-mcp-server` 3.0.
|
|
3
|
+
**Scope:** `@attested-intelligence/aga-mcp-server` 3.0.1 (npm `latest`). Written for Sprint 3 CP3.
|
|
4
4
|
**Stance:** defensibility through honesty. This documents what the package **does** guarantee, what it **does not**, and the **residual attack surface** that remains by design or is deferred. Per the project discipline: better a precisely-stated boundary than an overclaim.
|
|
5
5
|
|
|
6
6
|
---
|
|
@@ -13,11 +13,11 @@ A denial **cannot be silently erased by the agent**:
|
|
|
13
13
|
|
|
14
14
|
| Attack | Defense | Test |
|
|
15
15
|
|---|---|---|
|
|
16
|
-
| Tamper a receipt | Ed25519 signature + leaf-recompute fail | `acceptance.test.ts 9.3`, `
|
|
17
|
-
| Drop the DENIED receipt (truncation) | signed checkpoint binds `leaf_count` + head | `
|
|
18
|
-
| Reorder to bury it | `previous_receipt_hash` chain + non-decreasing timestamp | `
|
|
16
|
+
| Tamper a receipt | Ed25519 signature + leaf-recompute fail | `acceptance.test.ts 9.3`, `fixtures/cross-stack` |
|
|
17
|
+
| Drop the DENIED receipt (truncation) | signed checkpoint binds `leaf_count` + head | `fixtures/cross-stack` (SC4) |
|
|
18
|
+
| Reorder to bury it | `previous_receipt_hash` chain + non-decreasing timestamp | `fixtures/cross-stack` (SC5) |
|
|
19
19
|
| Re-attest to wipe history | SEP ledger is **not** reset on `attest_subject` | `tests/integration/provable-denial.test.ts` |
|
|
20
|
-
| Forge under a different key | receipts checked vs **pinned** key; **all** small-order encodings (10 canonical + non-canonical `y≥p`) rejected | `
|
|
20
|
+
| Forge under a different key | receipts checked vs **pinned** key; **all** small-order encodings (10 canonical + non-canonical `y≥p`) rejected | `fixtures/cross-stack` (SC6), `tests/sep/reaudit-fixes.test.ts` |
|
|
21
21
|
| Crash the recorder to erase a decision (deeply-nested arg "depth bomb") | `canonicalize` is **depth-bounded**; the governance wrapper + proxy **fail closed** — an uncanonicalizable call is DENIED *and recorded*, never silently dropped or forwarded | `tests/proxy/dos-failclosed.test.ts`, `tests/sep/reaudit-fixes.test.ts` |
|
|
22
22
|
|
|
23
23
|
Claim scope is **integrity-of-present-receipts, NOT non-omission**: a PASS proves every *present* receipt is authentic and complete-as-a-set under the checkpoint; it does **not** prove the gateway logged every action it took. Completeness is bounded by the tamper-evidence of the interception point, which is outside the bundle.
|
|
@@ -43,20 +43,20 @@ Claim scope is **integrity-of-present-receipts, NOT non-omission**: a PASS prove
|
|
|
43
43
|
|
|
44
44
|
## 3. Residual attack surface (honest, deferred, or deployment-dependent)
|
|
45
45
|
|
|
46
|
-
1. **Proxy — mandatory mediation is a deployment property.** `GovernanceProxy` governs the path *through it*; if the agent can reach the upstream MCP server **directly** (network), it bypasses governance entirely. `upstreamUrl` (HTTP) is directly reachable. → **Deployment requirement:** the agent must be network-isolated so the proxy is its *only* route to tools. Documented, not code-enforceable here. *(Empirically demonstrated in CP3 A7
|
|
46
|
+
1. **Proxy — mandatory mediation is a deployment property.** `GovernanceProxy` governs the path *through it*; if the agent can reach the upstream MCP server **directly** (network), it bypasses governance entirely. `upstreamUrl` (HTTP) is directly reachable. → **Deployment requirement:** the agent must be network-isolated so the proxy is its *only* route to tools. Documented, not code-enforceable here. *(Empirically demonstrated in CP3 A7 — a direct POST to the upstream fired a side effect with no receipt; the red-team scripts are maintained in the private validation tree, not shipped in this package.)* **See `DEPLOYMENT.md` §1: stdio-upstream is the hardened default — the upstream is a non-network-reachable child process, closing this bypass by construction; HTTP-upstream mode now warns on stderr.**
|
|
47
47
|
2. **Proxy — only `method === "tools/call"` is policy-evaluated; partially mitigated in 3.0.** Other JSON-RPC methods are still forwarded (not policy-evaluated), but they are now recorded as **signed passthrough receipts** in the evidence bundle for auditability — so a side-effecting non-`tools/call` method is no longer *invisible* (the CP3 A7 `admin/deleteAllData` would now appear as a `(passthrough)` receipt with `method` set and `reason: forwarded, not policy-evaluated`). Benign protocol methods (`initialize`, `ping`, `tools/list`, `*/list`, `notifications/*`, …) are excluded by default; an optional `denyMethods` denylist rejects known side-effecting methods (a **DENIED** passthrough receipt, not forwarded). **What this closes:** invisibility — every forwarded non-benign method is now in the tamper-evident, checkpoint-bound bundle. **What it does NOT close:** the method is not policy-evaluated and still *executes* unless explicitly denylisted (this is *visibility, not governance*), and a direct-to-upstream call (§3.1) still bypasses the proxy entirely. Full per-method policy evaluation remains future work.
|
|
48
48
|
3. **Proxy — denial is observable.** A DENIED call returns a distinctive `-32600` error, which an adversary can use as a policy-probing oracle. Low severity; structured denial metadata could be tightened later.
|
|
49
49
|
4. **Key persistence — mitigated in 3.0.** The gateway signing key can be **persisted** via `AGA_GATEWAY_KEY` (64-hex seed) or `AGA_GATEWAY_KEY_FILE` (`DEPLOYMENT.md` §2), so `gateway_public_key` is stable and **pinnable across restarts**. The default remains an ephemeral key (warned on stderr). HSM/KMS backing remains future work. A verifier MUST still pin the key it expects.
|
|
50
50
|
5. **Storage durability (Sprint 5).** Default storage is in-memory → the live chain is lost on **process restart**. The cryptographic record survives via the **exported signed bundle**; durable cross-restart retention needs the SQLite/persistent backend (Sprint 5). The raw quarantine forensic buffer is in-memory by design (only the `arguments_hash` commitment is signed — privacy-preserving and sufficient to *prove* a capture).
|
|
51
51
|
6. **Out of scope entirely (not what AGA does).** AGA does not prevent: model jailbreaks, model-weight theft, credential compromise, or infrastructure compromise. It provides *accountability and provenance* for governed decisions, not prevention of those classes. If an attacker holds the gateway signing key, they can author receipts — protect the key (Sprint 4).
|
|
52
52
|
7. **Verifier-UX / unpinned consumers (NEW — CP3 A5).** A consumer that verifies a bundle **without pinning** the gateway key gets an integrity-only `VERIFIED` with `issuerVerified=false` — *even on a forged, attacker-signed, denial-free bundle*. This is correct (integrity-of-present-receipts ≠ provenance, and the result object/CLI say so explicitly), but a UI that shows a bare "VERIFIED" without prominently propagating `issuerVerified=false` could mislead a non-expert. → Downstream consumers (esp. the website demo) MUST pin the gateway key and never present an unpinned PASS as proof of *who* issued the bundle. **Mitigated in 3.0:** the verify result now carries a prominent `summary` — `VERIFIED (provenance verified …)` vs `VERIFIED (integrity only — NOT provenance …)` — surfaced by `verify_bundle_offline` and the reference/`aga-verify` CLIs; key-pinning ergonomics are in `DEPLOYMENT.md` §2. Consumers must still pin.
|
|
53
|
-
8. **Cross-stack verifier conformance (CLOSED — 2026-06-07).** Earlier in the 3.0 hardening only `src/sep/verify.ts` carried the full strict floor; the reference `verify-sep.mjs`, the published `aga-verify`, Go, and Python lagged. **That asymmetry is now closed.** All six verifiers — engine (`src/sep`), reference (`verify-sep.mjs`), `aga-verify`, Go (`verify.go`), and Python (audited library + pure-stdlib) — apply the identical strict floor and return **byte-identical verdicts**. The shared floor: strict field allowlist; `envelope_consistency` (binds the unsigned `gateway_id`/`merkle_root`/`generated_at` to the signed/recomputed values); checkpoint-algorithm binding; lexicographic-string canonicalization with RFC-8785 integral-number normalization; complete small-order/non-canonical-key rejection; **one library-free canonical-timestamp rule** (exact `.sssZ` UTC form via an ASCII regex + integer-arithmetic calendar + lexicographic ordering — no native date parser); merkle-direction-token strictness (`left`/`right` only, length-matched); unpaired-UTF-16-surrogate rejection; depth-bounded never-throw; and whole-document parse (trailing content rejected). Verified by `npm run conformance:cross-stack` — six verifiers agree on every case in the committed corpus (
|
|
53
|
+
8. **Cross-stack verifier conformance (CLOSED — 2026-06-07).** Earlier in the 3.0 hardening only `src/sep/verify.ts` carried the full strict floor; the reference `verify-sep.mjs`, the published `aga-verify`, Go, and Python lagged. **That asymmetry is now closed.** All six verifiers — engine (`src/sep`), reference (`verify-sep.mjs`), `aga-verify`, Go (`verify.go`), and Python (audited library + pure-stdlib) — apply the identical strict floor and return **byte-identical verdicts**. The shared floor: strict field allowlist; `envelope_consistency` (binds the unsigned `gateway_id`/`merkle_root`/`generated_at` to the signed/recomputed values); checkpoint-algorithm binding; lexicographic-string canonicalization with RFC-8785 integral-number normalization; complete small-order/non-canonical-key rejection; **one library-free canonical-timestamp rule** (exact `.sssZ` UTC form via an ASCII regex + integer-arithmetic calendar + lexicographic ordering — no native date parser); merkle-direction-token strictness (`left`/`right` only, length-matched); unpaired-UTF-16-surrogate rejection; depth-bounded never-throw; and whole-document parse (trailing content rejected). Verified by `npm run conformance:cross-stack` — six verifiers agree on every case in the committed corpus (56 cases incl. raw-byte/file-parse, incl. an uppercase-Merkle-sibling cross-stack case), confirmed across multiple rounds of independent blind differential re-audit. See `fixtures/cross-stack/README.md`. **Residual (by design, not a divergence):** the bundle envelope still carries four *unsigned* metadata fields with no signed counterpart — `bundle_id`, `schema_version`, `policy_reference`, `offline_capable`. They are informational and are **not** security-identity fields (the identity fields `gateway_id`/`merkle_root`/`generated_at` ARE bound); a relying party must still trust only signed/verified values and pin the gateway key (§3.7). Of the four, **`policy_reference` is the only identity-grade one** — but the governing policy IS captured and cryptographically verified inside **every signed receipt's own `policy_reference` field** (one of the 15 signed fields), so the unsigned *envelope* `policy_reference` is only a convenience mirror, not the source of truth. Binding the envelope copy is a recommended near-term (3.1) format revision; a coordinated verifier-output flag that marks these four envelope fields as unsigned/not-verified is a recommended enhancement, deliberately deferred here to avoid adding an untested cross-language output surface immediately after the cross-stack-consistency campaign (the verdict surface already attests only the steps it runs, and never claims these fields). One further residual is **unreachable by construction:** SEP signed fields are strings plus the single integer `leaf_count` (the emit guard `assertSignedReceiptFieldsAreStrings` forbids any other number in a signed field), so a verifier's canonicalization of a *non-integer / exponential* number placed in a signed field — which no conformant gateway can emit — is intentionally left unspecified and MAY differ across language stdlibs; it cannot affect any bundle a conformant gateway produces. Reachable string content is fully cross-stack-consistent (an exhaustive 0..0x10FFFF code-point sweep confirms the only ever-divergent characters, `U+2028`/`U+2029`, are normalized identically by every verifier).
|
|
54
54
|
|
|
55
55
|
---
|
|
56
56
|
|
|
57
57
|
## 4. CP3 adversarial verification results (2026-06-06)
|
|
58
58
|
|
|
59
|
-
A focused adversarial workflow ran **7 independent red-team attacks** on the core claim. Each was attempted *concretely* against the real in-process MCP server / proxy and the **pinned** reference verifier (`verify-sep.mjs`) and published-sound `aga-verify@2.0.0`. A1–A5 were fully adjudicated + agreed in the original workflow. **A6 and A7 — whose original adjudication hit a session usage cap — were re-adjudicated first-hand on 2026-06-07 from the source:** **A6 HELD** — `src/middleware/governance.ts` shows `UNGOVERNED_TOOLS` contains only read/bootstrap/evidence/monitor tools (no mutating agent-action), a tool is GOVERNED iff absent from that set, and every GOVERNED call that is blocked emits a signed DENIED receipt via the `deny()` path (including the fail-closed branch for uncanonicalizable arguments); **A7 RESIDUAL** — the only upstream-reach bypasses are exactly the documented §3.1 (direct upstream HTTP, a deployment/network-isolation property) and §3.2 (non-`tools/call` methods, now recorded as signed passthrough receipts); no new bypass was found.
|
|
59
|
+
A focused adversarial workflow ran **7 independent red-team attacks** on the core claim. Each was attempted *concretely* against the real in-process MCP server / proxy and the **pinned** reference verifier (`verify-sep.mjs`) and published-sound `aga-verify@2.0.0`. A1–A5 were fully adjudicated + agreed in the original workflow. **A6 and A7 — whose original adjudication hit a session usage cap — were re-adjudicated first-hand on 2026-06-07 from the source:** **A6 HELD** — `src/middleware/governance.ts` shows `UNGOVERNED_TOOLS` contains only read/bootstrap/evidence/monitor tools (no mutating agent-action), a tool is GOVERNED iff absent from that set, and every GOVERNED call that is blocked emits a signed DENIED receipt via the `deny()` path (including the fail-closed branch for uncanonicalizable arguments); **A7 RESIDUAL** — the only upstream-reach bypasses are exactly the documented §3.1 (direct upstream HTTP, a deployment/network-isolation property) and §3.2 (non-`tools/call` methods, now recorded as signed passthrough receipts); no new bypass was found. (Red-team scripts are maintained in the private validation tree, not shipped in this package.)
|
|
60
60
|
|
|
61
61
|
| # | Attack | Result | Why |
|
|
62
62
|
|---|---|---|---|
|
|
@@ -65,7 +65,7 @@ A focused adversarial workflow ran **7 independent red-team attacks** on the cor
|
|
|
65
65
|
| A3 | Reorder to bury the denial | **HELD** | `previous_receipt_hash` chain + checkpoint fail |
|
|
66
66
|
| A4 | Re-attest to erase | **HELD** | SEP ledger is not reset on `attest_subject`; the denial is still present in the export |
|
|
67
67
|
| A5 | Key-forge (attacker re-signs a denial-free bundle) | **HELD** | pinned to the real key → FAIL `gateway_key_match` on **both** verifiers; unpinned → integrity-only PASS with `issuerVerified=false` (by design; see §3.7) |
|
|
68
|
-
| A6 | PEP bypass (ungoverned mutating action) | **HELD** | all
|
|
68
|
+
| A6 | PEP bypass (ungoverned mutating action) | **HELD** | all 15 tools censused; no ungoverned mutating agent-action; even blocked governed calls emit a DENIED receipt; `measure_behavior` enforcement is coupled to a signed receipt |
|
|
69
69
|
| A7 | Proxy bypass | **RESIDUAL** | every governed `tools/call` gets a receipt (PERMITTED+DENIED; DENIED never reaches upstream); the two bypasses are the already-documented §3.1 (direct upstream reach) and §3.2 (non-`tools/call` methods) |
|
|
70
70
|
|
|
71
71
|
**Verdict: 0 guarantee-broken — 6 HELD, 1 RESIDUAL (out-of-claim, already documented).** The core claim — *denials cannot be silently erased by the agent through tampering, truncation, reordering, or re-attestation, and forgery is caught when the gateway key is pinned* — **holds under the tested adversarial pressure**, on both the reference verifier and the published-sound `aga-verify@2.0.0`.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;GAcG;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;GAcG;AAiPH,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5E,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC"}
|
package/dist/proxy/index.js
CHANGED
|
@@ -190,7 +190,10 @@ program
|
|
|
190
190
|
console.log(`\n${result.summary}`);
|
|
191
191
|
if (!opts.pin)
|
|
192
192
|
console.log('(no --pin given: integrity only, NOT provenance — pass --pin <gateway_public_key> to prove who issued it)');
|
|
193
|
-
|
|
193
|
+
// Honor the verdict trichotomy (ALGORITHM_AGILITY_SPEC / UNIFIED_SEP_SPEC §3): VERIFIED=0,
|
|
194
|
+
// FAILED=1, UNSUPPORTED_PROFILE=3 (a registered profile this build does not implement — NOT a
|
|
195
|
+
// failure of the bundle's content; must not be collapsed with FAILED).
|
|
196
|
+
process.exit(result.verdict === 'VERIFIED' ? 0 : result.verdict === 'UNSUPPORTED_PROFILE' ? 3 : 1);
|
|
194
197
|
});
|
|
195
198
|
// ── policy ───────────────────────────────────────────────────
|
|
196
199
|
const policyCmd = program.command('policy').description('Policy management');
|
package/dist/proxy/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGzC,2GAA2G;AAC3G,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,CAAwB,CAAC;AAEvH,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAC9B,IAAI,KAAK,GAA2B,IAAI,CAAC;AAEzC,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,WAAW,CAAC,CAAC;AAC9C,CAAC;AAED,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,4EAA4E,CAAC;KACzF,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAExB,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,4BAA4B,CAAC;KACzC,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,mDAAmD,EAAE,YAAY,CAAC;KAC7F,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrC,IAAI,MAAkB,CAAC;IAEvB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC;IACzD,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAEjF,KAAK,GAAG,IAAI,eAAe,CAAC;QAC1B,IAAI;QACJ,MAAM;QACN,QAAQ;QACR,WAAW,EAAE,IAAI,CAAC,WAAW;KAC9B,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAoB,EAAE,EAAE;QACpD,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrE,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;QAC/B,OAAO,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,yBAAyB;IACzB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAExE,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;IAEpB,iBAAiB;IACjB,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;IAEpD,oBAAoB;IACpB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,IAAI,CAAC;gBAAC,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzD,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,yDAAyD,CAAC;KACtE,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,YAAY,CAAC;KAC1D,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,oDAAoD;IACpD,MAAM,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,OAAO,CAAE,CAAC,UAAU,CAChE,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CACzD,CAAC;AACJ,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IACD,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,8BAA8B,GAAG,GAAG,CAAC,CAAC;QAClD,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;YACnE,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;gBACvC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,qBAAqB,EAAE,aAAa,EAAE,sBAAsB,CAAC;KACpE,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE,CAAC;IAC1C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,+BAA+B,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,iBAAiB,CAAC;KAC1B,WAAW,CAAC,6IAA6I,CAAC;KAC1J,MAAM,CAAC,aAAa,EAAE,mEAAmE,CAAC;KAC1F,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE;IACjC,qFAAqF;IACrF,yFAAyF;IACzF,yFAAyF;IACzF,0FAA0F;IAC1F,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC5D,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,mCAAmC,CAAC,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,KAAK;QAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAClF,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI,CAAC,GAAG;QAAE,OAAO,CAAC,GAAG,CAAC,2GAA2G,CAAC,CAAC;IACxI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/proxy/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGzC,2GAA2G;AAC3G,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,CAAwB,CAAC;AAEvH,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAC9B,IAAI,KAAK,GAA2B,IAAI,CAAC;AAEzC,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,WAAW,CAAC,CAAC;AAC9C,CAAC;AAED,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,4EAA4E,CAAC;KACzF,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAExB,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,4BAA4B,CAAC;KACzC,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,mDAAmD,EAAE,YAAY,CAAC;KAC7F,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrC,IAAI,MAAkB,CAAC;IAEvB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC;IACzD,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAEjF,KAAK,GAAG,IAAI,eAAe,CAAC;QAC1B,IAAI;QACJ,MAAM;QACN,QAAQ;QACR,WAAW,EAAE,IAAI,CAAC,WAAW;KAC9B,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAoB,EAAE,EAAE;QACpD,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QACrE,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;QAC/B,OAAO,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,yBAAyB;IACzB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAExE,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;IAEpB,iBAAiB;IACjB,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;IAEpD,oBAAoB;IACpB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,IAAI,CAAC;gBAAC,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzD,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,yDAAyD,CAAC;KACtE,MAAM,CAAC,mBAAmB,EAAE,YAAY,EAAE,OAAO,CAAC;KAClD,MAAM,CAAC,sBAAsB,EAAE,uCAAuC,CAAC;KACvE,MAAM,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;KAClE,MAAM,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,YAAY,CAAC;KAC1D,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,oDAAoD;IACpD,MAAM,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,OAAO,CAAE,CAAC,UAAU,CAChE,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CACzD,CAAC;AACJ,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IACD,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,8BAA8B,GAAG,GAAG,CAAC,CAAC;QAClD,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,QAAQ,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;YACnE,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,iBAAiB;gBACvC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,qBAAqB,EAAE,aAAa,EAAE,sBAAsB,CAAC;KACpE,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE,CAAC;IAC1C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,+BAA+B,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,OAAO;KACJ,OAAO,CAAC,iBAAiB,CAAC;KAC1B,WAAW,CAAC,6IAA6I,CAAC;KAC1J,MAAM,CAAC,aAAa,EAAE,mEAAmE,CAAC;KAC1F,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE;IACjC,qFAAqF;IACrF,yFAAyF;IACzF,yFAAyF;IACzF,0FAA0F;IAC1F,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC5D,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,mCAAmC,CAAC,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACjD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,KAAK;QAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAClF,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI,CAAC,GAAG;QAAE,OAAO,CAAC,GAAG,CAAC,2GAA2G,CAAC,CAAC;IACxI,2FAA2F;IAC3F,8FAA8F;IAC9F,uEAAuE;IACvE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,qBAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACrG,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC;AAE7E,SAAS;KACN,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,qBAAqB,CAAC;KAClC,MAAM,CAAC,GAAG,EAAE;IACX,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEL,SAAS;KACN,OAAO,CAAC,kBAAkB,CAAC;KAC3B,WAAW,CAAC,uBAAuB,CAAC;KACpC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;IACpC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,OAAO,gBAAgB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,KAAK,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,eAAe,OAAO,UAAU,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEL,gEAAgE;AAEhE,SAAS,oBAAoB,CAAC,GAAW;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,gEAAgE;AAEhE,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAG5E,iCAAiC;AACjC,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;AACjG,IAAI,WAAW,EAAE,CAAC;IAChB,OAAO,CAAC,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QACjC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
|
package/dist/sep/bundle.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { newId } from './crypto.js';
|
|
2
|
-
import {
|
|
2
|
+
import { buildReceipt, leafHash, } from './receipt.js';
|
|
3
3
|
import { merkleRoot, merkleProof } from './merkle.js';
|
|
4
4
|
import { buildCheckpoint } from './checkpoint.js';
|
|
5
5
|
export class SepGateway {
|
|
@@ -58,7 +58,7 @@ export class SepGateway {
|
|
|
58
58
|
return {
|
|
59
59
|
schema_version: '2.0',
|
|
60
60
|
bundle_id: this.idGen(),
|
|
61
|
-
algorithm:
|
|
61
|
+
algorithm: this.signer.algorithm,
|
|
62
62
|
generated_at,
|
|
63
63
|
gateway_id: this.gatewayId,
|
|
64
64
|
public_key: this.signer.publicKeyHex,
|
package/dist/sep/bundle.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bundle.js","sourceRoot":"","sources":["../../src/sep/bundle.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EACL,
|
|
1
|
+
{"version":3,"file":"bundle.js","sourceRoot":"","sources":["../../src/sep/bundle.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EACL,YAAY,EAAE,QAAQ,GAEvB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,UAAU,EAAE,WAAW,EAAoB,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,eAAe,EAAyB,MAAM,iBAAiB,CAAC;AAqCzE,MAAM,OAAO,UAAU;IACJ,SAAS,CAAS;IAClB,MAAM,CAAY;IAC3B,eAAe,CAAS;IACf,KAAK,CAAe;IACpB,KAAK,CAAe;IACpB,QAAQ,GAAiB,EAAE,CAAC;IACrC,QAAQ,GAAG,EAAE,CAAC;IACd,aAAa,GAAG,EAAE,CAAC;IAE3B,YAAY,IAAuB;QACjC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAChC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,EAAE,CAAC;QAClD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;QAC5D,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,IAAI,YAAY,KAAa,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC;IAC/D,IAAI,KAAK,KAAa,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACpD,kBAAkB,CAAC,GAAW,IAAU,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC,CAAC,CAAC;IACrE,WAAW,KAA4B,OAAO,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAEnE,6EAA6E;IAC7E,MAAM,CAAC,KAAkB;QACvB,wFAAwF;QACxF,wFAAwF;QACxF,0FAA0F;QAC1F,2FAA2F;QAC3F,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;QACzB,MAAM,SAAS,GAAG,GAAG,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC;QACvE,MAAM,OAAO,GAAG,YAAY,CAAC;YAC3B,UAAU,EAAE,IAAI,CAAC,KAAK,EAAE;YACxB,SAAS;YACT,UAAU,EAAE,KAAK,CAAC,UAAU,IAAI,IAAI;YACpC,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,gBAAgB,EAAE,KAAK,CAAC,gBAAgB,IAAI,IAAI,CAAC,eAAe;YAChE,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,qBAAqB,EAAE,IAAI,CAAC,QAAQ;YACpC,UAAU,EAAE,IAAI,CAAC,SAAS;SAC3B,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAChB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;QAC/B,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,oGAAoG;IACpG,YAAY;QACV,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QACzE,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;QAClC,OAAO;YACL,cAAc,EAAE,KAAK;YACrB,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE;YACvB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,YAAY;YACZ,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;YACpC,gBAAgB,EAAE,IAAI,CAAC,eAAe;YACtC,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC5B,WAAW,EAAE,UAAU,CAAC,MAAM,CAAC;YAC/B,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YAC3D,UAAU,EAAE,eAAe,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC;YACrF,eAAe,EAAE,IAAI;SACtB,CAAC;IACJ,CAAC;CACF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"checkpoint.d.ts","sourceRoot":"","sources":["../../src/sep/checkpoint.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,
|
|
1
|
+
{"version":3,"file":"checkpoint.d.ts","sourceRoot":"","sources":["../../src/sep/checkpoint.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAY,KAAK,UAAU,EAAE,MAAM,cAAc,CAAC;AAGzD,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,sGAAsG;AACtG,eAAO,MAAM,qBAAqB,kHAExB,CAAC;AAEX,wBAAgB,eAAe,CAC7B,QAAQ,EAAE,UAAU,EAAE,EACtB,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,SAAS,GAChB,gBAAgB,CAYlB"}
|
package/dist/sep/checkpoint.js
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
* (the reference verifier compares it numerically; small integers are RFC-8785-stable).
|
|
6
6
|
*/
|
|
7
7
|
import { canonicalize } from './canonical.js';
|
|
8
|
-
import {
|
|
8
|
+
import { leafHash } from './receipt.js';
|
|
9
9
|
import { merkleRoot } from './merkle.js';
|
|
10
10
|
/** The EXACT canonical field set of a signed SEP checkpoint (strict-schema floor in the verifier). */
|
|
11
11
|
export const SEP_CHECKPOINT_FIELDS = [
|
|
@@ -16,7 +16,7 @@ export function buildCheckpoint(receipts, gatewayId, generatedAt, signer) {
|
|
|
16
16
|
throw new Error('Cannot checkpoint an empty receipt set');
|
|
17
17
|
const leaves = receipts.map(leafHash);
|
|
18
18
|
const body = {
|
|
19
|
-
algorithm:
|
|
19
|
+
algorithm: signer.algorithm,
|
|
20
20
|
gateway_id: gatewayId,
|
|
21
21
|
generated_at: generatedAt,
|
|
22
22
|
head_leaf_hash: leaves[leaves.length - 1],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"checkpoint.js","sourceRoot":"","sources":["../../src/sep/checkpoint.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"checkpoint.js","sourceRoot":"","sources":["../../src/sep/checkpoint.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,QAAQ,EAAmB,MAAM,cAAc,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAYzC,sGAAsG;AACtG,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,WAAW,EAAE,YAAY,EAAE,cAAc,EAAE,gBAAgB,EAAE,YAAY,EAAE,aAAa,EAAE,WAAW;CAC7F,CAAC;AAEX,MAAM,UAAU,eAAe,CAC7B,QAAsB,EACtB,SAAiB,EACjB,WAAmB,EACnB,MAAiB;IAEjB,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IACrF,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,IAAI,GAAG;QACX,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,UAAU,EAAE,SAAS;QACrB,YAAY,EAAE,WAAW;QACzB,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;QACzC,UAAU,EAAE,QAAQ,CAAC,MAAM;QAC3B,WAAW,EAAE,UAAU,CAAC,MAAM,CAAC;KAChC,CAAC;IACF,OAAO,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;AACjE,CAAC"}
|
package/dist/sep/crypto.d.ts
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
export declare function sha256Hex(s: string): string;
|
|
2
2
|
export declare function isHex(h: unknown, n: number): boolean;
|
|
3
3
|
export interface SepSigner {
|
|
4
|
+
/** Profile algorithm id this signer emits — v1 'Ed25519-SHA256-JCS' or v2 'ML-DSA-65+Ed25519-SHA256-JCS'. */
|
|
5
|
+
readonly algorithm: string;
|
|
4
6
|
readonly publicKeyHex: string;
|
|
5
7
|
sign(message: string): string;
|
|
6
8
|
}
|
package/dist/sep/crypto.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../src/sep/crypto.ts"],"names":[],"mappings":"AAeA,wBAAgB,SAAS,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAE3C;AAED,wBAAgB,KAAK,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,MAAM,WAAW,SAAS;IACxB,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,IAAI,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC;CAC/B;AAED,0FAA0F;AAC1F,wBAAgB,cAAc,CAAC,IAAI,EAAE,UAAU,GAAG,SAAS,CAK1D;AAED,2EAA2E;AAC3E,wBAAgB,cAAc,IAAI;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,IAAI,EAAE,UAAU,CAAA;CAAE,CAGxE;AAED,mGAAmG;AACnG,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAInD;AAwCD,mGAAmG;AACnG,wBAAgB,aAAa,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAUnD;AAED,wBAAgB,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAYlF;AAED,wBAAgB,KAAK,CAAC,MAAM,SAAS,GAAG,MAAM,CAE7C"}
|
|
1
|
+
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../src/sep/crypto.ts"],"names":[],"mappings":"AAeA,wBAAgB,SAAS,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAE3C;AAED,wBAAgB,KAAK,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,MAAM,WAAW,SAAS;IACxB,6GAA6G;IAC7G,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,IAAI,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC;CAC/B;AAED,0FAA0F;AAC1F,wBAAgB,cAAc,CAAC,IAAI,EAAE,UAAU,GAAG,SAAS,CAK1D;AAED,2EAA2E;AAC3E,wBAAgB,cAAc,IAAI;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,IAAI,EAAE,UAAU,CAAA;CAAE,CAGxE;AAED,mGAAmG;AACnG,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAInD;AAwCD,mGAAmG;AACnG,wBAAgB,aAAa,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAUnD;AAED,wBAAgB,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAYlF;AAED,wBAAgB,KAAK,CAAC,MAAM,SAAS,GAAG,MAAM,CAE7C"}
|
package/dist/sep/crypto.js
CHANGED
|
@@ -20,7 +20,7 @@ export function signerFromSeed(seed) {
|
|
|
20
20
|
throw new Error(`Ed25519 seed must be 32 bytes, got ${seed.length}`);
|
|
21
21
|
const sk = createPrivateKey({ key: Buffer.concat([PKCS8, Buffer.from(seed)]), format: 'der', type: 'pkcs8' });
|
|
22
22
|
const publicKeyHex = createPublicKey(sk).export({ format: 'der', type: 'spki' }).subarray(-32).toString('hex');
|
|
23
|
-
return { publicKeyHex, sign: (m) => nodeSign(null, Buffer.from(m, 'utf8'), sk).toString('hex') };
|
|
23
|
+
return { algorithm: 'Ed25519-SHA256-JCS', publicKeyHex, sign: (m) => nodeSign(null, Buffer.from(m, 'utf8'), sk).toString('hex') };
|
|
24
24
|
}
|
|
25
25
|
/** Generate a fresh signer; returns the seed so callers can persist it. */
|
|
26
26
|
export function generateSigner() {
|
package/dist/sep/crypto.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/sep/crypto.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,EACL,UAAU,EAAE,gBAAgB,EAAE,eAAe,EAAE,WAAW,EAAE,UAAU,EACtE,IAAI,IAAI,QAAQ,EAAE,MAAM,IAAI,UAAU,GACvC,MAAM,aAAa,CAAC;AAErB,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC,CAAC,sCAAsC;AACnG,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC,CAAC,4BAA4B;AAElG,MAAM,UAAU,SAAS,CAAC,CAAS;IACjC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC3E,CAAC;AAED,MAAM,UAAU,KAAK,CAAC,CAAU,EAAE,CAAS;IACzC,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;
|
|
1
|
+
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/sep/crypto.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,EACL,UAAU,EAAE,gBAAgB,EAAE,eAAe,EAAE,WAAW,EAAE,UAAU,EACtE,IAAI,IAAI,QAAQ,EAAE,MAAM,IAAI,UAAU,GACvC,MAAM,aAAa,CAAC;AAErB,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC,CAAC,sCAAsC;AACnG,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC,CAAC,4BAA4B;AAElG,MAAM,UAAU,SAAS,CAAC,CAAS;IACjC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC3E,CAAC;AAED,MAAM,UAAU,KAAK,CAAC,CAAU,EAAE,CAAS;IACzC,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AASD,0FAA0F;AAC1F,MAAM,UAAU,cAAc,CAAC,IAAgB;IAC7C,IAAI,IAAI,CAAC,MAAM,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,sCAAsC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7F,MAAM,EAAE,GAAG,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;IAC9G,MAAM,YAAY,GAAG,eAAe,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/G,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;AACpI,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,cAAc;IAC5B,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7C,OAAO,EAAE,MAAM,EAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC;AAChD,CAAC;AAED,mGAAmG;AACnG,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;IACtH,OAAO,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,4FAA4F;AAC5F,+FAA+F;AAC/F,8FAA8F;AAC9F,wFAAwF;AACxF,8FAA8F;AAC9F,qDAAqD;AACrD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAS;IACvC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,EAAkB,kBAAkB;IACnD,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,EAAW,gCAAgC;IACjE,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,EAAW,2BAA2B;IAC5D,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,EAAI,+BAA+B;IAChE,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,EAAI,mBAAmB;IACpD,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,EAAW,uBAAuB;IACxD,kEAAkE,EAAE,UAAU;IAC9E,kEAAkE,EAAE,UAAU;IAC9E,kEAAkE,EAAE,qBAAqB;IACzF,kEAAkE,EAAE,qBAAqB;CAC1F,CAAC,CAAC;AACH,KAAK,MAAM,CAAC,IAAI,gBAAgB,EAAE,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,GAAG,CAAC,CAAC;AAC/F,CAAC;AAED,MAAM,SAAS,GAAG,CAAC,EAAE,IAAI,IAAI,CAAC,GAAG,GAAG,CAAC;AACrC;oGACoG;AACpG,SAAS,YAAY,CAAC,GAAW;IAC/B,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAClC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,CAAC,IAAI,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3F,OAAO,CAAC,GAAG,SAAS,CAAC;AACvB,CAAC;AAED,mGAAmG;AACnG,MAAM,UAAU,aAAa,CAAC,GAAY;IACxC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IAClC,IAAI,gBAAgB,CAAC,GAAG,CAAC,GAAa,CAAC;QAAE,OAAO,KAAK,CAAC,CAAG,kCAAkC;IAC3F,IAAI,CAAC,YAAY,CAAC,GAAa,CAAC;QAAE,OAAO,KAAK,CAAC,CAAU,0DAA0D;IACnH,IAAI,CAAC;QACH,eAAe,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAa,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;QAChH,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,MAAc,EAAE,OAAe,EAAE,MAAc;IACvE,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,KAAK,CAAC;IACvF,IAAI,CAAC;QACH,OAAO,UAAU,CACf,IAAI,EACJ,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,EAC5B,eAAe,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,EACxG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAC3B,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,MAAM,UAAU,KAAK,CAAC,MAAM,GAAG,MAAM;IACnC,OAAO,GAAG,MAAM,IAAI,UAAU,EAAE,EAAE,CAAC;AACrC,CAAC"}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
import type { SepSigner } from './crypto.js';
|
|
2
|
+
/** The composite algorithm identifier, shared with AGA Go + VerifyBundle. */
|
|
3
|
+
export declare const ALG_HYBRID = "ML-DSA-65+Ed25519-SHA256-JCS";
|
|
4
|
+
/** FIPS 204 ML-DSA-65 component byte lengths. */
|
|
5
|
+
export declare const MLDSA65_PUBLIC_KEY_BYTES = 1952;
|
|
6
|
+
export declare const MLDSA65_SECRET_KEY_BYTES = 4032;
|
|
7
|
+
export declare const MLDSA65_SIGNATURE_BYTES = 3309;
|
|
8
|
+
export declare const MLDSA65_SEED_BYTES = 32;
|
|
9
|
+
/** Ed25519 component byte lengths (RFC 8032). */
|
|
10
|
+
export declare const ED25519_PUBLIC_KEY_BYTES = 32;
|
|
11
|
+
export declare const ED25519_SEED_BYTES = 32;
|
|
12
|
+
export declare const ED25519_SIGNATURE_BYTES = 64;
|
|
13
|
+
/** An ephemeral composite secret key. `mldsa` is the expanded ML-DSA-65 secret key; `ed` the 32-byte seed. */
|
|
14
|
+
export interface HybridSecretKey {
|
|
15
|
+
mldsa: Uint8Array;
|
|
16
|
+
ed: Uint8Array;
|
|
17
|
+
}
|
|
18
|
+
/** Encode two byte strings as len32(a) || a || len32(b) || b (4-byte big-endian lengths). */
|
|
19
|
+
export declare function encodeComposite(a: Uint8Array, b: Uint8Array): Uint8Array;
|
|
20
|
+
/**
|
|
21
|
+
* Decode len32(a) || a || len32(b) || b into [a, b]. Fails closed: throws on a short buffer, a length
|
|
22
|
+
* prefix that overruns the data, or trailing bytes after b (extra bytes are rejected to remove a
|
|
23
|
+
* malleability surface — matches the Go DecodeComposite trailing-byte reject).
|
|
24
|
+
*/
|
|
25
|
+
export declare function decodeComposite(data: Uint8Array): [Uint8Array, Uint8Array];
|
|
26
|
+
/** Lower-hex composite public key for a hybrid secret key. */
|
|
27
|
+
export declare function hybridPublicKeyHex(sk: HybridSecretKey): string;
|
|
28
|
+
/** Generate a fresh ephemeral hybrid keypair. The secret key never leaves the caller. */
|
|
29
|
+
export declare function generateHybridKeypair(): {
|
|
30
|
+
secretKey: HybridSecretKey;
|
|
31
|
+
publicKeyHex: string;
|
|
32
|
+
};
|
|
33
|
+
/** Deterministically derive a hybrid keypair from two 32-byte seeds (used by the cross-verify fixtures). */
|
|
34
|
+
export declare function hybridKeypairFromSeeds(mldsaSeed: Uint8Array, edSeed: Uint8Array): {
|
|
35
|
+
secretKey: HybridSecretKey;
|
|
36
|
+
publicKeyHex: string;
|
|
37
|
+
};
|
|
38
|
+
/** Sign raw message bytes, returning the composite signature bytes (trusted-input signing path). */
|
|
39
|
+
export declare function signHybridBytes(message: Uint8Array, sk: HybridSecretKey): Uint8Array;
|
|
40
|
+
/** Sign a UTF-8 message; returns the lower-hex composite signature. */
|
|
41
|
+
export declare function signHybrid(message: string, sk: HybridSecretKey): string;
|
|
42
|
+
/**
|
|
43
|
+
* Verify a composite signature over raw message bytes under a composite public key. Returns true only
|
|
44
|
+
* if BOTH the ML-DSA-65 and the Ed25519 components verify. Fails closed on any malformed/short/over-long
|
|
45
|
+
* composite or wrong component length.
|
|
46
|
+
*/
|
|
47
|
+
export declare function verifyHybridBytes(compositePub: Uint8Array, message: Uint8Array, compositeSig: Uint8Array): boolean;
|
|
48
|
+
/**
|
|
49
|
+
* Verify a lower-hex composite signature over a UTF-8 message under a lower-hex composite public key.
|
|
50
|
+
* Rejects malformed hex before touching the curve/lattice; never throws.
|
|
51
|
+
*/
|
|
52
|
+
export declare function verifyHybrid(pubHex: unknown, message: string, sigHex: unknown): boolean;
|
|
53
|
+
/** A v2 composite SepSigner from two 32-byte seeds (deterministic; for the producer + cross-verify tests). */
|
|
54
|
+
export declare function hybridSignerFromSeeds(mldsaSeed: Uint8Array, edSeed: Uint8Array): SepSigner;
|
|
55
|
+
/** A v2 composite SepSigner from a fresh ephemeral keypair (the secret key is returned for persistence). */
|
|
56
|
+
export declare function generateHybridSigner(): {
|
|
57
|
+
signer: SepSigner;
|
|
58
|
+
secretKey: HybridSecretKey;
|
|
59
|
+
};
|
|
60
|
+
//# sourceMappingURL=hybrid.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hybrid.d.ts","sourceRoot":"","sources":["../../src/sep/hybrid.ts"],"names":[],"mappings":"AAuBA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAM7C,6EAA6E;AAC7E,eAAO,MAAM,UAAU,iCAAiC,CAAC;AAEzD,iDAAiD;AACjD,eAAO,MAAM,wBAAwB,OAAO,CAAC;AAC7C,eAAO,MAAM,wBAAwB,OAAO,CAAC;AAC7C,eAAO,MAAM,uBAAuB,OAAO,CAAC;AAC5C,eAAO,MAAM,kBAAkB,KAAK,CAAC;AACrC,iDAAiD;AACjD,eAAO,MAAM,wBAAwB,KAAK,CAAC;AAC3C,eAAO,MAAM,kBAAkB,KAAK,CAAC;AACrC,eAAO,MAAM,uBAAuB,KAAK,CAAC;AAE1C,8GAA8G;AAC9G,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,UAAU,CAAC;IAClB,EAAE,EAAE,UAAU,CAAC;CAChB;AAED,6FAA6F;AAC7F,wBAAgB,eAAe,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,GAAG,UAAU,CAQxE;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,UAAU,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,CAa1E;AASD,8DAA8D;AAC9D,wBAAgB,kBAAkB,CAAC,EAAE,EAAE,eAAe,GAAG,MAAM,CAE9D;AAED,yFAAyF;AACzF,wBAAgB,qBAAqB,IAAI;IAAE,SAAS,EAAE,eAAe,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAI5F;AAED,4GAA4G;AAC5G,wBAAgB,sBAAsB,CACpC,SAAS,EAAE,UAAU,EACrB,MAAM,EAAE,UAAU,GACjB;IAAE,SAAS,EAAE,eAAe,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAKtD;AAED,oGAAoG;AACpG,wBAAgB,eAAe,CAAC,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,eAAe,GAAG,UAAU,CAIpF;AAED,uEAAuE;AACvE,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,eAAe,GAAG,MAAM,CAEvE;AAcD;;;;GAIG;AACH,wBAAgB,iBAAiB,CAC/B,YAAY,EAAE,UAAU,EACxB,OAAO,EAAE,UAAU,EACnB,YAAY,EAAE,UAAU,GACvB,OAAO,CAuBT;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,GAAG,OAAO,CAavF;AAED,8GAA8G;AAC9G,wBAAgB,qBAAqB,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,GAAG,SAAS,CAG1F;AAED,4GAA4G;AAC5G,wBAAgB,oBAAoB,IAAI;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,SAAS,EAAE,eAAe,CAAA;CAAE,CAGxF"}
|
|
@@ -0,0 +1,189 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ML-DSA-65 + Ed25519 composite hybrid signature (SHARED_CRYPTO_FOUNDATION.md §2) — v2 profile.
|
|
3
|
+
*
|
|
4
|
+
* Byte-for-byte counterpart of the AGA Go/CIRCL construction in
|
|
5
|
+
* aga-k8s/internal/crypto/backends/hybrid.go AND of VerifyBundle's packages/integrity/src/hybrid.ts
|
|
6
|
+
* (this file is ported verbatim from the latter; only the hex/utf8 util import path differs). A
|
|
7
|
+
* signature produced by any of the three verifies under the others. Proven byte-identical Go<->JS by
|
|
8
|
+
* aga-k8s/internal/crypto/hybrid_xverify_test.go against the pinned cross-verify fixtures.
|
|
9
|
+
*
|
|
10
|
+
* algorithm id : "ML-DSA-65+Ed25519-SHA256-JCS"
|
|
11
|
+
* composite : len32(a) || a || len32(b) || b (len32 = 4-byte big-endian uint32)
|
|
12
|
+
* a = ML-DSA-65 component, b = Ed25519 component (for both keys and signatures)
|
|
13
|
+
* ML-DSA-65 : FIPS 204, EXTERNAL interface, EMPTY context, DETERMINISTIC (rnd = zeros).
|
|
14
|
+
* Ed25519 : RFC 8032, strict (zip215:false) with small-order public-key rejection.
|
|
15
|
+
* acceptance : AND — both component signatures must verify; no partial acceptance.
|
|
16
|
+
*
|
|
17
|
+
* The v1 zero-dependency reference verifier (aga-receipt-spec/verify/verify-sep.mjs, node:crypto only)
|
|
18
|
+
* does NOT import this; v2 lives in the agile engine, which carries the @noble dependency.
|
|
19
|
+
*/
|
|
20
|
+
import { ml_dsa65 } from '@noble/post-quantum/ml-dsa.js';
|
|
21
|
+
import * as ed from '@noble/ed25519';
|
|
22
|
+
import { sha512 } from '@noble/hashes/sha512';
|
|
23
|
+
import { bytesToHex, hexToBytes, utf8ToBytes } from '@noble/hashes/utils';
|
|
24
|
+
// @noble/ed25519 v2 needs a synchronous SHA-512 hook for synchronous sign/verify. Wiring it from
|
|
25
|
+
// @noble/hashes keeps the stack dependency-pure (no node:crypto in the composite path).
|
|
26
|
+
ed.etc.sha512Sync = (...m) => sha512(ed.etc.concatBytes(...m));
|
|
27
|
+
/** The composite algorithm identifier, shared with AGA Go + VerifyBundle. */
|
|
28
|
+
export const ALG_HYBRID = 'ML-DSA-65+Ed25519-SHA256-JCS';
|
|
29
|
+
/** FIPS 204 ML-DSA-65 component byte lengths. */
|
|
30
|
+
export const MLDSA65_PUBLIC_KEY_BYTES = 1952;
|
|
31
|
+
export const MLDSA65_SECRET_KEY_BYTES = 4032;
|
|
32
|
+
export const MLDSA65_SIGNATURE_BYTES = 3309;
|
|
33
|
+
export const MLDSA65_SEED_BYTES = 32;
|
|
34
|
+
/** Ed25519 component byte lengths (RFC 8032). */
|
|
35
|
+
export const ED25519_PUBLIC_KEY_BYTES = 32;
|
|
36
|
+
export const ED25519_SEED_BYTES = 32;
|
|
37
|
+
export const ED25519_SIGNATURE_BYTES = 64;
|
|
38
|
+
/** Encode two byte strings as len32(a) || a || len32(b) || b (4-byte big-endian lengths). */
|
|
39
|
+
export function encodeComposite(a, b) {
|
|
40
|
+
const out = new Uint8Array(4 + a.length + 4 + b.length);
|
|
41
|
+
const dv = new DataView(out.buffer);
|
|
42
|
+
dv.setUint32(0, a.length, false); // big-endian
|
|
43
|
+
out.set(a, 4);
|
|
44
|
+
dv.setUint32(4 + a.length, b.length, false);
|
|
45
|
+
out.set(b, 8 + a.length);
|
|
46
|
+
return out;
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Decode len32(a) || a || len32(b) || b into [a, b]. Fails closed: throws on a short buffer, a length
|
|
50
|
+
* prefix that overruns the data, or trailing bytes after b (extra bytes are rejected to remove a
|
|
51
|
+
* malleability surface — matches the Go DecodeComposite trailing-byte reject).
|
|
52
|
+
*/
|
|
53
|
+
export function decodeComposite(data) {
|
|
54
|
+
if (data.length < 8)
|
|
55
|
+
throw new Error('composite too short');
|
|
56
|
+
const dv = new DataView(data.buffer, data.byteOffset, data.byteLength);
|
|
57
|
+
const aLen = dv.getUint32(0, false);
|
|
58
|
+
if (4 + aLen + 4 > data.length)
|
|
59
|
+
throw new Error('first component length exceeds data');
|
|
60
|
+
const a = data.subarray(4, 4 + aLen);
|
|
61
|
+
const bLenOffset = 4 + aLen;
|
|
62
|
+
const bLen = dv.getUint32(bLenOffset, false);
|
|
63
|
+
const bStart = bLenOffset + 4;
|
|
64
|
+
if (bStart + bLen > data.length)
|
|
65
|
+
throw new Error('second component length exceeds data');
|
|
66
|
+
if (bStart + bLen !== data.length)
|
|
67
|
+
throw new Error('trailing bytes after composite');
|
|
68
|
+
const b = data.subarray(bStart, bStart + bLen);
|
|
69
|
+
return [a, b];
|
|
70
|
+
}
|
|
71
|
+
/** Derive the composite public key bytes from a hybrid secret key. */
|
|
72
|
+
function compositePublicKey(sk) {
|
|
73
|
+
const mldsaPub = ml_dsa65.getPublicKey(sk.mldsa);
|
|
74
|
+
const edPub = ed.getPublicKey(sk.ed);
|
|
75
|
+
return encodeComposite(mldsaPub, edPub);
|
|
76
|
+
}
|
|
77
|
+
/** Lower-hex composite public key for a hybrid secret key. */
|
|
78
|
+
export function hybridPublicKeyHex(sk) {
|
|
79
|
+
return bytesToHex(compositePublicKey(sk));
|
|
80
|
+
}
|
|
81
|
+
/** Generate a fresh ephemeral hybrid keypair. The secret key never leaves the caller. */
|
|
82
|
+
export function generateHybridKeypair() {
|
|
83
|
+
const seed = ml_dsa65.keygen();
|
|
84
|
+
const secretKey = { mldsa: seed.secretKey, ed: ed.utils.randomPrivateKey() };
|
|
85
|
+
return { secretKey, publicKeyHex: hybridPublicKeyHex(secretKey) };
|
|
86
|
+
}
|
|
87
|
+
/** Deterministically derive a hybrid keypair from two 32-byte seeds (used by the cross-verify fixtures). */
|
|
88
|
+
export function hybridKeypairFromSeeds(mldsaSeed, edSeed) {
|
|
89
|
+
if (mldsaSeed.length !== MLDSA65_SEED_BYTES)
|
|
90
|
+
throw new Error('ML-DSA seed must be 32 bytes');
|
|
91
|
+
if (edSeed.length !== ED25519_SEED_BYTES)
|
|
92
|
+
throw new Error('Ed25519 seed must be 32 bytes');
|
|
93
|
+
const secretKey = { mldsa: ml_dsa65.keygen(mldsaSeed).secretKey, ed: edSeed };
|
|
94
|
+
return { secretKey, publicKeyHex: hybridPublicKeyHex(secretKey) };
|
|
95
|
+
}
|
|
96
|
+
/** Sign raw message bytes, returning the composite signature bytes (trusted-input signing path). */
|
|
97
|
+
export function signHybridBytes(message, sk) {
|
|
98
|
+
const mldsaSig = ml_dsa65.sign(message, sk.mldsa, { extraEntropy: false }); // empty ctx, deterministic
|
|
99
|
+
const edSig = ed.sign(message, sk.ed);
|
|
100
|
+
return encodeComposite(mldsaSig, edSig);
|
|
101
|
+
}
|
|
102
|
+
/** Sign a UTF-8 message; returns the lower-hex composite signature. */
|
|
103
|
+
export function signHybrid(message, sk) {
|
|
104
|
+
return bytesToHex(signHybridBytes(utf8ToBytes(message), sk));
|
|
105
|
+
}
|
|
106
|
+
/** Strict, hardened Ed25519 verification over bytes (mirrors the v1 verifyHex hardening). */
|
|
107
|
+
function edVerifyHardened(edPub, message, edSig) {
|
|
108
|
+
if (edPub.length !== ED25519_PUBLIC_KEY_BYTES || edSig.length !== ED25519_SIGNATURE_BYTES)
|
|
109
|
+
return false;
|
|
110
|
+
if (edPub.every((x) => x === 0))
|
|
111
|
+
return false; // reject the all-zero (identity) key
|
|
112
|
+
try {
|
|
113
|
+
if (ed.ExtendedPoint.fromHex(edPub).isSmallOrder())
|
|
114
|
+
return false; // reject small-order
|
|
115
|
+
return ed.verify(edSig, message, edPub, { zip215: false });
|
|
116
|
+
}
|
|
117
|
+
catch {
|
|
118
|
+
return false;
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
/**
|
|
122
|
+
* Verify a composite signature over raw message bytes under a composite public key. Returns true only
|
|
123
|
+
* if BOTH the ML-DSA-65 and the Ed25519 components verify. Fails closed on any malformed/short/over-long
|
|
124
|
+
* composite or wrong component length.
|
|
125
|
+
*/
|
|
126
|
+
export function verifyHybridBytes(compositePub, message, compositeSig) {
|
|
127
|
+
let mldsaPub;
|
|
128
|
+
let edPub;
|
|
129
|
+
let mldsaSig;
|
|
130
|
+
let edSig;
|
|
131
|
+
try {
|
|
132
|
+
[mldsaPub, edPub] = decodeComposite(compositePub);
|
|
133
|
+
[mldsaSig, edSig] = decodeComposite(compositeSig);
|
|
134
|
+
}
|
|
135
|
+
catch {
|
|
136
|
+
return false;
|
|
137
|
+
}
|
|
138
|
+
if (mldsaPub.length !== MLDSA65_PUBLIC_KEY_BYTES)
|
|
139
|
+
return false;
|
|
140
|
+
if (mldsaSig.length !== MLDSA65_SIGNATURE_BYTES)
|
|
141
|
+
return false;
|
|
142
|
+
if (edPub.length !== ED25519_PUBLIC_KEY_BYTES)
|
|
143
|
+
return false;
|
|
144
|
+
if (edSig.length !== ED25519_SIGNATURE_BYTES)
|
|
145
|
+
return false;
|
|
146
|
+
let mldsaOk;
|
|
147
|
+
try {
|
|
148
|
+
mldsaOk = ml_dsa65.verify(mldsaSig, message, mldsaPub); // empty context (default)
|
|
149
|
+
}
|
|
150
|
+
catch {
|
|
151
|
+
return false;
|
|
152
|
+
}
|
|
153
|
+
if (!mldsaOk)
|
|
154
|
+
return false;
|
|
155
|
+
return edVerifyHardened(edPub, message, edSig);
|
|
156
|
+
}
|
|
157
|
+
/**
|
|
158
|
+
* Verify a lower-hex composite signature over a UTF-8 message under a lower-hex composite public key.
|
|
159
|
+
* Rejects malformed hex before touching the curve/lattice; never throws.
|
|
160
|
+
*/
|
|
161
|
+
export function verifyHybrid(pubHex, message, sigHex) {
|
|
162
|
+
if (typeof pubHex !== 'string' || typeof sigHex !== 'string')
|
|
163
|
+
return false;
|
|
164
|
+
// LOWERCASE-strict hex (no upper, no mixed). An uppercased hex decodes to the SAME bytes, so a
|
|
165
|
+
// case-insensitive accept would VERIFY a bundle a lowercase-strict stack (the Go/CIRCL oracle's
|
|
166
|
+
// isLowerHexEven, the v1 isHex guard) FAILS — a cross-stack verdict split. Mirrors the H5 lowercase
|
|
167
|
+
// discipline for Merkle siblings.
|
|
168
|
+
if (!/^[0-9a-f]+$/.test(pubHex) || pubHex.length % 2 !== 0)
|
|
169
|
+
return false;
|
|
170
|
+
if (!/^[0-9a-f]+$/.test(sigHex) || sigHex.length % 2 !== 0)
|
|
171
|
+
return false;
|
|
172
|
+
try {
|
|
173
|
+
return verifyHybridBytes(hexToBytes(pubHex), utf8ToBytes(message), hexToBytes(sigHex));
|
|
174
|
+
}
|
|
175
|
+
catch {
|
|
176
|
+
return false;
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
/** A v2 composite SepSigner from two 32-byte seeds (deterministic; for the producer + cross-verify tests). */
|
|
180
|
+
export function hybridSignerFromSeeds(mldsaSeed, edSeed) {
|
|
181
|
+
const { secretKey, publicKeyHex } = hybridKeypairFromSeeds(mldsaSeed, edSeed);
|
|
182
|
+
return { algorithm: ALG_HYBRID, publicKeyHex, sign: (m) => signHybrid(m, secretKey) };
|
|
183
|
+
}
|
|
184
|
+
/** A v2 composite SepSigner from a fresh ephemeral keypair (the secret key is returned for persistence). */
|
|
185
|
+
export function generateHybridSigner() {
|
|
186
|
+
const { secretKey, publicKeyHex } = generateHybridKeypair();
|
|
187
|
+
return { signer: { algorithm: ALG_HYBRID, publicKeyHex, sign: (m) => signHybrid(m, secretKey) }, secretKey };
|
|
188
|
+
}
|
|
189
|
+
//# sourceMappingURL=hybrid.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hybrid.js","sourceRoot":"","sources":["../../src/sep/hybrid.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,OAAO,EAAE,QAAQ,EAAE,MAAM,+BAA+B,CAAC;AACzD,OAAO,KAAK,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAG1E,iGAAiG;AACjG,wFAAwF;AACxF,EAAE,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,GAAG,CAAe,EAAc,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAEzF,6EAA6E;AAC7E,MAAM,CAAC,MAAM,UAAU,GAAG,8BAA8B,CAAC;AAEzD,iDAAiD;AACjD,MAAM,CAAC,MAAM,wBAAwB,GAAG,IAAI,CAAC;AAC7C,MAAM,CAAC,MAAM,wBAAwB,GAAG,IAAI,CAAC;AAC7C,MAAM,CAAC,MAAM,uBAAuB,GAAG,IAAI,CAAC;AAC5C,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,CAAC;AACrC,iDAAiD;AACjD,MAAM,CAAC,MAAM,wBAAwB,GAAG,EAAE,CAAC;AAC3C,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,CAAC;AACrC,MAAM,CAAC,MAAM,uBAAuB,GAAG,EAAE,CAAC;AAQ1C,6FAA6F;AAC7F,MAAM,UAAU,eAAe,CAAC,CAAa,EAAE,CAAa;IAC1D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACxD,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACpC,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,aAAa;IAC/C,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACd,EAAE,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAC5C,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACzB,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,IAAgB;IAC9C,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IACvE,MAAM,IAAI,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACpC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACvF,MAAM,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IACrC,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,CAAC;IAC5B,MAAM,IAAI,GAAG,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;IAC7C,MAAM,MAAM,GAAG,UAAU,GAAG,CAAC,CAAC;IAC9B,IAAI,MAAM,GAAG,IAAI,GAAG,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IACzF,IAAI,MAAM,GAAG,IAAI,KAAK,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACrF,MAAM,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC,CAAC;IAC/C,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AAChB,CAAC;AAED,sEAAsE;AACtE,SAAS,kBAAkB,CAAC,EAAmB;IAC7C,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,EAAE,CAAC,YAAY,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACrC,OAAO,eAAe,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;AAC1C,CAAC;AAED,8DAA8D;AAC9D,MAAM,UAAU,kBAAkB,CAAC,EAAmB;IACpD,OAAO,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC;AAC5C,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,qBAAqB;IACnC,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC;IAC/B,MAAM,SAAS,GAAoB,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,gBAAgB,EAAE,EAAE,CAAC;IAC9F,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;AACpE,CAAC;AAED,4GAA4G;AAC5G,MAAM,UAAU,sBAAsB,CACpC,SAAqB,EACrB,MAAkB;IAElB,IAAI,SAAS,CAAC,MAAM,KAAK,kBAAkB;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC7F,IAAI,MAAM,CAAC,MAAM,KAAK,kBAAkB;QAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IAC3F,MAAM,SAAS,GAAoB,EAAE,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC;IAC/F,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;AACpE,CAAC;AAED,oGAAoG;AACpG,MAAM,UAAU,eAAe,CAAC,OAAmB,EAAE,EAAmB;IACtE,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC,KAAK,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,2BAA2B;IACvG,MAAM,KAAK,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IACtC,OAAO,eAAe,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;AAC1C,CAAC;AAED,uEAAuE;AACvE,MAAM,UAAU,UAAU,CAAC,OAAe,EAAE,EAAmB;IAC7D,OAAO,UAAU,CAAC,eAAe,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED,6FAA6F;AAC7F,SAAS,gBAAgB,CAAC,KAAiB,EAAE,OAAmB,EAAE,KAAiB;IACjF,IAAI,KAAK,CAAC,MAAM,KAAK,wBAAwB,IAAI,KAAK,CAAC,MAAM,KAAK,uBAAuB;QAAE,OAAO,KAAK,CAAC;IACxG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC,CAAC,qCAAqC;IACpF,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,YAAY,EAAE;YAAE,OAAO,KAAK,CAAC,CAAC,qBAAqB;QACvF,OAAO,EAAE,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAC/B,YAAwB,EACxB,OAAmB,EACnB,YAAwB;IAExB,IAAI,QAAoB,CAAC;IACzB,IAAI,KAAiB,CAAC;IACtB,IAAI,QAAoB,CAAC;IACzB,IAAI,KAAiB,CAAC;IACtB,IAAI,CAAC;QACH,CAAC,QAAQ,EAAE,KAAK,CAAC,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;QAClD,CAAC,QAAQ,EAAE,KAAK,CAAC,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,KAAK,wBAAwB;QAAE,OAAO,KAAK,CAAC;IAC/D,IAAI,QAAQ,CAAC,MAAM,KAAK,uBAAuB;QAAE,OAAO,KAAK,CAAC;IAC9D,IAAI,KAAK,CAAC,MAAM,KAAK,wBAAwB;QAAE,OAAO,KAAK,CAAC;IAC5D,IAAI,KAAK,CAAC,MAAM,KAAK,uBAAuB;QAAE,OAAO,KAAK,CAAC;IAC3D,IAAI,OAAgB,CAAC;IACrB,IAAI,CAAC;QACH,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,0BAA0B;IACpF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IAC3B,OAAO,gBAAgB,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AACjD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,MAAe,EAAE,OAAe,EAAE,MAAe;IAC5E,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC3E,+FAA+F;IAC/F,gGAAgG;IAChG,oGAAoG;IACpG,kCAAkC;IAClC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACzE,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACzE,IAAI,CAAC;QACH,OAAO,iBAAiB,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;IACzF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,8GAA8G;AAC9G,MAAM,UAAU,qBAAqB,CAAC,SAAqB,EAAE,MAAkB;IAC7E,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,sBAAsB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC9E,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,SAAS,CAAC,EAAE,CAAC;AACxF,CAAC;AAED,4GAA4G;AAC5G,MAAM,UAAU,oBAAoB;IAClC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,qBAAqB,EAAE,CAAC;IAC5D,OAAO,EAAE,MAAM,EAAE,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC/G,CAAC"}
|
package/dist/sep/index.d.ts
CHANGED
|
@@ -10,5 +10,7 @@ export { nodeHash, merkleRoot, merkleProof, type MerkleProof } from './merkle.js
|
|
|
10
10
|
export { SEP_ALGORITHM, SEP_RECEIPT_VERSION, SEP_RECEIPT_FIELDS, buildReceipt, leafHash, argumentsHash, safeArgumentsHash, UNCANONICALIZABLE_ARGS_HASH, type SepReceipt, type ReceiptInput, type Decision } from './receipt.js';
|
|
11
11
|
export { buildCheckpoint, type SignedCheckpoint } from './checkpoint.js';
|
|
12
12
|
export { SepGateway, type SepBundle, type SepGatewayOptions, type RecordInput } from './bundle.js';
|
|
13
|
-
export { verifySepBundle, type SepVerificationResult, type VerifyStep } from './verify.js';
|
|
13
|
+
export { verifySepBundle, type SepVerificationResult, type VerifyStep, type VerifyOptions } from './verify.js';
|
|
14
|
+
export { verifyHybrid, verifyHybridBytes, signHybrid, signHybridBytes, hybridSignerFromSeeds, generateHybridSigner, generateHybridKeypair, hybridKeypairFromSeeds, encodeComposite, decodeComposite, type HybridSecretKey, } from './hybrid.js';
|
|
15
|
+
export { ALG_ED25519, ALG_HYBRID, REGISTERED_PROFILES, ALL_PROFILES, isRegisteredProfile, validPublicKeyForProfile, verifyForProfile, } from './profiles.js';
|
|
14
16
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/sep/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/sep/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,YAAY,EAAE,mCAAmC,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACpG,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,SAAS,EAAE,MAAM,aAAa,CAAC;AAC7I,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,KAAK,WAAW,EAAE,MAAM,aAAa,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,iBAAiB,EAAE,2BAA2B,EAAE,KAAK,UAAU,EAAE,KAAK,YAAY,EAAE,KAAK,QAAQ,EAAE,MAAM,cAAc,CAAC;AAChO,OAAO,EAAE,eAAe,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACzE,OAAO,EAAE,UAAU,EAAE,KAAK,SAAS,EAAE,KAAK,iBAAiB,EAAE,KAAK,WAAW,EAAE,MAAM,aAAa,CAAC;AACnG,OAAO,EAAE,eAAe,EAAE,KAAK,qBAAqB,EAAE,KAAK,UAAU,EAAE,MAAM,aAAa,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/sep/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,YAAY,EAAE,mCAAmC,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACpG,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,SAAS,EAAE,MAAM,aAAa,CAAC;AAC7I,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,KAAK,WAAW,EAAE,MAAM,aAAa,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,iBAAiB,EAAE,2BAA2B,EAAE,KAAK,UAAU,EAAE,KAAK,YAAY,EAAE,KAAK,QAAQ,EAAE,MAAM,cAAc,CAAC;AAChO,OAAO,EAAE,eAAe,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACzE,OAAO,EAAE,UAAU,EAAE,KAAK,SAAS,EAAE,KAAK,iBAAiB,EAAE,KAAK,WAAW,EAAE,MAAM,aAAa,CAAC;AACnG,OAAO,EAAE,eAAe,EAAE,KAAK,qBAAqB,EAAE,KAAK,UAAU,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AAC/G,OAAO,EACL,YAAY,EAAE,iBAAiB,EAAE,UAAU,EAAE,eAAe,EAC5D,qBAAqB,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,sBAAsB,EAC1F,eAAe,EAAE,eAAe,EAAE,KAAK,eAAe,GACvD,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,WAAW,EAAE,UAAU,EAAE,mBAAmB,EAAE,YAAY,EAC1D,mBAAmB,EAAE,wBAAwB,EAAE,gBAAgB,GAChE,MAAM,eAAe,CAAC"}
|
package/dist/sep/index.js
CHANGED
|
@@ -11,4 +11,6 @@ export { SEP_ALGORITHM, SEP_RECEIPT_VERSION, SEP_RECEIPT_FIELDS, buildReceipt, l
|
|
|
11
11
|
export { buildCheckpoint } from './checkpoint.js';
|
|
12
12
|
export { SepGateway } from './bundle.js';
|
|
13
13
|
export { verifySepBundle } from './verify.js';
|
|
14
|
+
export { verifyHybrid, verifyHybridBytes, signHybrid, signHybridBytes, hybridSignerFromSeeds, generateHybridSigner, generateHybridKeypair, hybridKeypairFromSeeds, encodeComposite, decodeComposite, } from './hybrid.js';
|
|
15
|
+
export { ALG_ED25519, ALG_HYBRID, REGISTERED_PROFILES, ALL_PROFILES, isRegisteredProfile, validPublicKeyForProfile, verifyForProfile, } from './profiles.js';
|
|
14
16
|
//# sourceMappingURL=index.js.map
|
package/dist/sep/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/sep/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,YAAY,EAAE,mCAAmC,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACpG,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,KAAK,EAAkB,MAAM,aAAa,CAAC;AAC7I,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAoB,MAAM,aAAa,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,iBAAiB,EAAE,2BAA2B,EAAqD,MAAM,cAAc,CAAC;AAChO,OAAO,EAAE,eAAe,EAAyB,MAAM,iBAAiB,CAAC;AACzE,OAAO,EAAE,UAAU,EAA4D,MAAM,aAAa,CAAC;AACnG,OAAO,EAAE,eAAe,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/sep/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,YAAY,EAAE,mCAAmC,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACpG,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,KAAK,EAAkB,MAAM,aAAa,CAAC;AAC7I,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAoB,MAAM,aAAa,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,iBAAiB,EAAE,2BAA2B,EAAqD,MAAM,cAAc,CAAC;AAChO,OAAO,EAAE,eAAe,EAAyB,MAAM,iBAAiB,CAAC;AACzE,OAAO,EAAE,UAAU,EAA4D,MAAM,aAAa,CAAC;AACnG,OAAO,EAAE,eAAe,EAAmE,MAAM,aAAa,CAAC;AAC/G,OAAO,EACL,YAAY,EAAE,iBAAiB,EAAE,UAAU,EAAE,eAAe,EAC5D,qBAAqB,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,sBAAsB,EAC1F,eAAe,EAAE,eAAe,GACjC,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,WAAW,EAAE,UAAU,EAAE,mBAAmB,EAAE,YAAY,EAC1D,mBAAmB,EAAE,wBAAwB,EAAE,gBAAgB,GAChE,MAAM,eAAe,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import { ALG_HYBRID } from './hybrid.js';
|
|
2
|
+
export { ALG_HYBRID };
|
|
3
|
+
/** v1 classical profile identifier (same literal as SEP_ALGORITHM). */
|
|
4
|
+
export declare const ALG_ED25519 = "Ed25519-SHA256-JCS";
|
|
5
|
+
/** Registered profiles -> profile_version. The authoritative registry the dispatch consults. */
|
|
6
|
+
export declare const REGISTERED_PROFILES: Readonly<Record<string, string>>;
|
|
7
|
+
/** The profiles the agile engine implements (both). A v1-only verifier passes a restricted set. */
|
|
8
|
+
export declare const ALL_PROFILES: readonly string[];
|
|
9
|
+
/** True iff `algorithm` is a profile the registry knows about (regardless of which verifier implements it). */
|
|
10
|
+
export declare function isRegisteredProfile(algorithm: unknown): boolean;
|
|
11
|
+
/**
|
|
12
|
+
* Profile-parameterized public-key well-formedness (the H1 floor, per profile):
|
|
13
|
+
* - v1: 64 lower-hex, canonical-y, small-order rejected (node:crypto wellFormedKey).
|
|
14
|
+
* - v2: 3984 lower-hex, non-zero (the composite's component small-order rejection is enforced at verify).
|
|
15
|
+
*/
|
|
16
|
+
export declare function validPublicKeyForProfile(algorithm: string, pub: unknown): boolean;
|
|
17
|
+
/**
|
|
18
|
+
* Verify a lower-hex signature over a canonical message under the named profile's primitive.
|
|
19
|
+
* Never throws; an unknown profile fails closed (false). v2 is composite AND-verify (no partial accept).
|
|
20
|
+
*/
|
|
21
|
+
export declare function verifyForProfile(algorithm: string, pub: string, message: string, sig: unknown): boolean;
|
|
22
|
+
//# sourceMappingURL=profiles.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"profiles.d.ts","sourceRoot":"","sources":["../../src/sep/profiles.ts"],"names":[],"mappings":"AAaA,OAAO,EAAgB,UAAU,EAAE,MAAM,aAAa,CAAC;AAGvD,OAAO,EAAE,UAAU,EAAE,CAAC;AACtB,uEAAuE;AACvE,eAAO,MAAM,WAAW,uBAAgB,CAAC;AAEzC,gGAAgG;AAChG,eAAO,MAAM,mBAAmB,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAGhE,CAAC;AAEF,mGAAmG;AACnG,eAAO,MAAM,YAAY,EAAE,SAAS,MAAM,EAA8B,CAAC;AAMzE,+GAA+G;AAC/G,wBAAgB,mBAAmB,CAAC,SAAS,EAAE,OAAO,GAAG,OAAO,CAE/D;AAED;;;;GAIG;AACH,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,OAAO,CAIjF;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,OAAO,CAIvG"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SEP profile registry + verification dispatch (ALGORITHM_AGILITY_SPEC.md).
|
|
3
|
+
*
|
|
4
|
+
* The construction (canon / leaf / Merkle / signed checkpoint / 6-step verify) is profile-INVARIANT;
|
|
5
|
+
* only the signature primitive and the public-key well-formedness change. This module is the single
|
|
6
|
+
* dispatch seam the verifier consults, so verify.ts never branches on a literal algorithm string:
|
|
7
|
+
*
|
|
8
|
+
* v1 Ed25519-SHA256-JCS -> ./crypto (Ed25519, RFC 8032, node:crypto, small-order-rejected)
|
|
9
|
+
* v2 ML-DSA-65+Ed25519-SHA256-JCS -> ./hybrid (composite, AND-verify, no partial acceptance)
|
|
10
|
+
*
|
|
11
|
+
* Adding a profile is an additive registry edit; existing profiles are never altered (frozen).
|
|
12
|
+
*/
|
|
13
|
+
import { verifyHex, wellFormedKey } from './crypto.js';
|
|
14
|
+
import { verifyHybrid, ALG_HYBRID } from './hybrid.js';
|
|
15
|
+
import { SEP_ALGORITHM } from './receipt.js';
|
|
16
|
+
export { ALG_HYBRID };
|
|
17
|
+
/** v1 classical profile identifier (same literal as SEP_ALGORITHM). */
|
|
18
|
+
export const ALG_ED25519 = SEP_ALGORITHM; // 'Ed25519-SHA256-JCS'
|
|
19
|
+
/** Registered profiles -> profile_version. The authoritative registry the dispatch consults. */
|
|
20
|
+
export const REGISTERED_PROFILES = {
|
|
21
|
+
[ALG_ED25519]: '1',
|
|
22
|
+
[ALG_HYBRID]: '2',
|
|
23
|
+
};
|
|
24
|
+
/** The profiles the agile engine implements (both). A v1-only verifier passes a restricted set. */
|
|
25
|
+
export const ALL_PROFILES = [ALG_ED25519, ALG_HYBRID];
|
|
26
|
+
/** Composite public key = len32(1952)||mldsa||len32(32)||ed = 1992 bytes -> 3984 lower-hex chars. */
|
|
27
|
+
const COMPOSITE_PUBLIC_KEY_HEX_LEN = 1992 * 2;
|
|
28
|
+
const COMPOSITE_PUBKEY_RE = new RegExp(`^[0-9a-f]{${COMPOSITE_PUBLIC_KEY_HEX_LEN}}$`);
|
|
29
|
+
/** True iff `algorithm` is a profile the registry knows about (regardless of which verifier implements it). */
|
|
30
|
+
export function isRegisteredProfile(algorithm) {
|
|
31
|
+
return typeof algorithm === 'string' && Object.prototype.hasOwnProperty.call(REGISTERED_PROFILES, algorithm);
|
|
32
|
+
}
|
|
33
|
+
/**
|
|
34
|
+
* Profile-parameterized public-key well-formedness (the H1 floor, per profile):
|
|
35
|
+
* - v1: 64 lower-hex, canonical-y, small-order rejected (node:crypto wellFormedKey).
|
|
36
|
+
* - v2: 3984 lower-hex, non-zero (the composite's component small-order rejection is enforced at verify).
|
|
37
|
+
*/
|
|
38
|
+
export function validPublicKeyForProfile(algorithm, pub) {
|
|
39
|
+
if (algorithm === ALG_ED25519)
|
|
40
|
+
return wellFormedKey(pub);
|
|
41
|
+
if (algorithm === ALG_HYBRID)
|
|
42
|
+
return typeof pub === 'string' && !/^0+$/.test(pub) && COMPOSITE_PUBKEY_RE.test(pub);
|
|
43
|
+
return false;
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Verify a lower-hex signature over a canonical message under the named profile's primitive.
|
|
47
|
+
* Never throws; an unknown profile fails closed (false). v2 is composite AND-verify (no partial accept).
|
|
48
|
+
*/
|
|
49
|
+
export function verifyForProfile(algorithm, pub, message, sig) {
|
|
50
|
+
if (algorithm === ALG_ED25519)
|
|
51
|
+
return typeof sig === 'string' && verifyHex(pub, message, sig);
|
|
52
|
+
if (algorithm === ALG_HYBRID)
|
|
53
|
+
return verifyHybrid(pub, message, sig);
|
|
54
|
+
return false;
|
|
55
|
+
}
|
|
56
|
+
//# sourceMappingURL=profiles.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"profiles.js","sourceRoot":"","sources":["../../src/sep/profiles.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AACH,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,OAAO,EAAE,UAAU,EAAE,CAAC;AACtB,uEAAuE;AACvE,MAAM,CAAC,MAAM,WAAW,GAAG,aAAa,CAAC,CAAC,uBAAuB;AAEjE,gGAAgG;AAChG,MAAM,CAAC,MAAM,mBAAmB,GAAqC;IACnE,CAAC,WAAW,CAAC,EAAE,GAAG;IAClB,CAAC,UAAU,CAAC,EAAE,GAAG;CAClB,CAAC;AAEF,mGAAmG;AACnG,MAAM,CAAC,MAAM,YAAY,GAAsB,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;AAEzE,qGAAqG;AACrG,MAAM,4BAA4B,GAAG,IAAI,GAAG,CAAC,CAAC;AAC9C,MAAM,mBAAmB,GAAG,IAAI,MAAM,CAAC,aAAa,4BAA4B,IAAI,CAAC,CAAC;AAEtF,+GAA+G;AAC/G,MAAM,UAAU,mBAAmB,CAAC,SAAkB;IACpD,OAAO,OAAO,SAAS,KAAK,QAAQ,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,mBAAmB,EAAE,SAAS,CAAC,CAAC;AAC/G,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,wBAAwB,CAAC,SAAiB,EAAE,GAAY;IACtE,IAAI,SAAS,KAAK,WAAW;QAAE,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;IACzD,IAAI,SAAS,KAAK,UAAU;QAAE,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnH,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,SAAiB,EAAE,GAAW,EAAE,OAAe,EAAE,GAAY;IAC5F,IAAI,SAAS,KAAK,WAAW;QAAE,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,SAAS,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;IAC9F,IAAI,SAAS,KAAK,UAAU;QAAE,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;IACrE,OAAO,KAAK,CAAC;AACf,CAAC"}
|
package/dist/sep/receipt.js
CHANGED
|
Binary file
|
package/dist/sep/receipt.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"receipt.js","sourceRoot":"","sources":["../../src/sep/receipt.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,YAAY,EAAE,mCAAmC,EAAE,MAAM,gBAAgB,CAAC;AACnF,OAAO,EAAE,SAAS,EAAkB,MAAM,aAAa,CAAC;AAExD,MAAM,CAAC,MAAM,aAAa,GAAG,oBAAoB,CAAC;AAClD,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,CAAC;AAEzC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,YAAY,EAAE,iBAAiB,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY;IACvE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,QAAQ,EAAE,kBAAkB;IAC/D,gBAAgB,EAAE,uBAAuB,EAAE,YAAY,EAAE,YAAY,EAAE,WAAW;CAC1E,CAAC;AAsCX,sGAAsG;AACtG,MAAM,UAAU,aAAa,CAAC,IAAa;IACzC,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,EAAE,CAAC;IAClC,OAAO,SAAS,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AACvC,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,SAAS,CAAC,kCAAkC,CAAC,CAAC;AAEzF;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAa;IAC7C,IAAI,CAAC;QACH,OAAO,EAAE,IAAI,EAAE,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,2BAA2B,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,KAAmB,EAAE,MAAiB;IACjE,MAAM,QAAQ,GAAG;QACf,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,eAAe,EAAE,mBAAmB;QACpC,SAAS,EAAE,
|
|
1
|
+
{"version":3,"file":"receipt.js","sourceRoot":"","sources":["../../src/sep/receipt.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,YAAY,EAAE,mCAAmC,EAAE,MAAM,gBAAgB,CAAC;AACnF,OAAO,EAAE,SAAS,EAAkB,MAAM,aAAa,CAAC;AAExD,MAAM,CAAC,MAAM,aAAa,GAAG,oBAAoB,CAAC;AAClD,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,CAAC;AAEzC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,YAAY,EAAE,iBAAiB,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY;IACvE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,QAAQ,EAAE,kBAAkB;IAC/D,gBAAgB,EAAE,uBAAuB,EAAE,YAAY,EAAE,YAAY,EAAE,WAAW;CAC1E,CAAC;AAsCX,sGAAsG;AACtG,MAAM,UAAU,aAAa,CAAC,IAAa;IACzC,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,EAAE,CAAC;IAClC,OAAO,SAAS,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;AACvC,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,SAAS,CAAC,kCAAkC,CAAC,CAAC;AAEzF;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAa;IAC7C,IAAI,CAAC;QACH,OAAO,EAAE,IAAI,EAAE,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,2BAA2B,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,KAAmB,EAAE,MAAiB;IACjE,MAAM,QAAQ,GAAG;QACf,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,eAAe,EAAE,mBAAmB;QACpC,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,0FAA0F;QAC1F,UAAU,EAAE,KAAK,CAAC,UAAU,KAAK,IAAI,IAAI,KAAK,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC;QACzG,MAAM,EAAE,KAAK,CAAC,MAAM,IAAI,YAAY;QACpC,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;QACxC,cAAc,EAAE,KAAK,CAAC,aAAa,IAAI,aAAa,CAAC,KAAK,CAAC,SAAS,CAAC;QACrE,qBAAqB,EAAE,KAAK,CAAC,qBAAqB;QAClD,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,UAAU,EAAE,MAAM,CAAC,YAAY;KAChC,CAAC;IACF,mCAAmC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACzD,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;IACtD,OAAO,EAAE,GAAG,QAAQ,EAAE,SAAS,EAAE,CAAC;AACpC,CAAC;AAED,2FAA2F;AAC3F,MAAM,UAAU,QAAQ,CAAC,OAAmB;IAC1C,OAAO,SAAS,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;AAC1C,CAAC"}
|
package/dist/sep/verify.d.ts
CHANGED
|
@@ -3,12 +3,17 @@ export interface VerifyStep {
|
|
|
3
3
|
ok: boolean;
|
|
4
4
|
}
|
|
5
5
|
export interface SepVerificationResult {
|
|
6
|
-
verdict: 'VERIFIED' | 'FAILED';
|
|
7
|
-
/** Human-readable headline — makes integrity-only vs provenance-verified unmistakable. */
|
|
6
|
+
verdict: 'VERIFIED' | 'FAILED' | 'UNSUPPORTED_PROFILE';
|
|
7
|
+
/** Human-readable headline — makes integrity-only vs provenance-verified vs unsupported unmistakable. */
|
|
8
8
|
summary: string;
|
|
9
9
|
issuerVerified: boolean;
|
|
10
10
|
pinned: boolean;
|
|
11
11
|
steps: VerifyStep[];
|
|
12
12
|
}
|
|
13
|
-
export
|
|
13
|
+
export interface VerifyOptions {
|
|
14
|
+
/** Profiles this verifier claims to implement. Defaults to both (the agile engine). A v1-only
|
|
15
|
+
* verifier passes [ALG_ED25519] so a v2 bundle returns UNSUPPORTED_PROFILE rather than FAILED. */
|
|
16
|
+
supportedProfiles?: readonly string[];
|
|
17
|
+
}
|
|
18
|
+
export declare function verifySepBundle(bundle: any, expectedPublicKey?: string, opts?: VerifyOptions): SepVerificationResult;
|
|
14
19
|
//# sourceMappingURL=verify.d.ts.map
|
package/dist/sep/verify.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/sep/verify.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/sep/verify.ts"],"names":[],"mappings":"AAqBA,MAAM,WAAW,UAAU;IAAG,IAAI,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,OAAO,CAAC;CAAE;AAC1D,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,UAAU,GAAG,QAAQ,GAAG,qBAAqB,CAAC;IACvD,yGAAyG;IACzG,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,OAAO,CAAC;IACxB,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,UAAU,EAAE,CAAC;CACrB;AACD,MAAM,WAAW,aAAa;IAC5B;uGACmG;IACnG,iBAAiB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CACvC;AAyCD,wBAAgB,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,aAAa,GAAG,qBAAqB,CAsHpH"}
|
package/dist/sep/verify.js
CHANGED
|
@@ -1,21 +1,27 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* SEP §6 verifier —
|
|
3
|
-
*
|
|
4
|
-
*
|
|
2
|
+
* SEP §6 verifier — the ONE agile + hardened verifier (ALGORITHM_AGILITY_SPEC.md).
|
|
3
|
+
*
|
|
4
|
+
* The six-step construction and the H1–H11 hardening below are a faithful port of the normative
|
|
5
|
+
* reference aga-receipt-spec/verify/verify-sep.mjs and are PROFILE-INVARIANT. Only the signature
|
|
6
|
+
* primitive and the key well-formedness are dispatched per profile (./profiles): v1 Ed25519
|
|
7
|
+
* (node:crypto) and v2 ML-DSA-65+Ed25519 composite (AND-verify). The verdict is a trichotomy:
|
|
8
|
+
* VERIFIED (exit 0) | FAILED (exit 1) | UNSUPPORTED_PROFILE (exit 3).
|
|
9
|
+
* UNSUPPORTED_PROFILE is returned — with NO soundness claim — when the bundle declares a registered
|
|
10
|
+
* profile this verifier does not implement (e.g. a v1-only build handed a v2 bundle). An UNKNOWN /
|
|
11
|
+
* unregistered algorithm is FAILED, never a false VERIFIED, never a partial verify.
|
|
5
12
|
*/
|
|
6
13
|
import { canonicalize } from './canonical.js';
|
|
7
|
-
import { sha256Hex,
|
|
14
|
+
import { sha256Hex, isHex } from './crypto.js';
|
|
8
15
|
import { nodeHash } from './merkle.js';
|
|
9
|
-
import {
|
|
16
|
+
import { SEP_RECEIPT_FIELDS } from './receipt.js';
|
|
10
17
|
import { SEP_CHECKPOINT_FIELDS } from './checkpoint.js';
|
|
18
|
+
import { isRegisteredProfile, validPublicKeyForProfile, verifyForProfile, ALL_PROFILES, REGISTERED_PROFILES, } from './profiles.js';
|
|
11
19
|
const leaf = (r) => sha256Hex(canonicalize(r));
|
|
12
20
|
const strip = (o, f) => Object.fromEntries(Object.entries(o).filter(([k]) => k !== f));
|
|
13
21
|
/**
|
|
14
|
-
* Canonical SEP timestamp validation (cross-stack unified). A timestamp is VALID iff it
|
|
15
|
-
*
|
|
16
|
-
*
|
|
17
|
-
* verifier reaches a byte-identical verdict. Uses the literal [0-9] class (not \d, which
|
|
18
|
-
* matches Unicode digits and would diverge from the other stacks).
|
|
22
|
+
* Canonical SEP timestamp validation (cross-stack unified). A timestamp is VALID iff it matches the
|
|
23
|
+
* EXACT fixed-width UTC form Date.prototype.toISOString() emits AND its calendar fields are in range —
|
|
24
|
+
* pure integer arithmetic, no Date/parser, so every verifier reaches a byte-identical verdict.
|
|
19
25
|
*/
|
|
20
26
|
const TS_RE = /^[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}\.[0-9]{3}Z$/;
|
|
21
27
|
const isLeap = (y) => y % 4 === 0 && (y % 100 !== 0 || y % 400 === 0);
|
|
@@ -36,10 +42,9 @@ const isValidTimestamp = (ts) => {
|
|
|
36
42
|
&& second >= 0 && second <= 59;
|
|
37
43
|
};
|
|
38
44
|
/**
|
|
39
|
-
* Strict-schema floor: the object must carry EXACTLY the canonical fields — no extra,
|
|
40
|
-
*
|
|
41
|
-
*
|
|
42
|
-
* conformant verifier rejects the identical bundles.
|
|
45
|
+
* Strict-schema floor: the object must carry EXACTLY the canonical fields — no extra, unknown, or
|
|
46
|
+
* "__proto__"-injected keys (Object.keys counts a JSON-parsed "__proto__" as an own key, so a 16th
|
|
47
|
+
* key fails the count). Cross-stack-robust: every conformant verifier rejects the identical bundles.
|
|
43
48
|
*/
|
|
44
49
|
const hasExactKeys = (o, fields) => {
|
|
45
50
|
if (!o || typeof o !== 'object' || Array.isArray(o))
|
|
@@ -47,24 +52,41 @@ const hasExactKeys = (o, fields) => {
|
|
|
47
52
|
const keys = Object.keys(o);
|
|
48
53
|
return keys.length === fields.length && fields.every((f) => Object.prototype.hasOwnProperty.call(o, f));
|
|
49
54
|
};
|
|
50
|
-
export function verifySepBundle(bundle, expectedPublicKey) {
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
55
|
+
export function verifySepBundle(bundle, expectedPublicKey, opts) {
|
|
56
|
+
const supported = opts?.supportedProfiles ?? ALL_PROFILES;
|
|
57
|
+
const algorithm = typeof bundle?.algorithm === 'string' ? bundle.algorithm : '';
|
|
58
|
+
// Trichotomy: a REGISTERED profile this verifier does not implement -> UNSUPPORTED_PROFILE. No
|
|
59
|
+
// soundness claim is made (the verifier neither passes nor fails the bundle's content). An unknown /
|
|
60
|
+
// unregistered algorithm falls through to the structural floor below and FAILS.
|
|
61
|
+
if (isRegisteredProfile(algorithm) && !supported.includes(algorithm)) {
|
|
62
|
+
return {
|
|
63
|
+
verdict: 'UNSUPPORTED_PROFILE',
|
|
64
|
+
summary: `UNSUPPORTED_PROFILE — this verifier does not implement profile '${algorithm}' (v${REGISTERED_PROFILES[algorithm]}); no soundness claim is made`,
|
|
65
|
+
issuerVerified: false,
|
|
66
|
+
pinned: false,
|
|
67
|
+
steps: [{ name: 'profile_support', ok: false }],
|
|
68
|
+
};
|
|
69
|
+
}
|
|
70
|
+
// Robust contract: a malformed/hostile bundle yields FAILED, never a thrown exception.
|
|
71
|
+
let pinned = false;
|
|
54
72
|
try {
|
|
55
73
|
const steps = [];
|
|
56
74
|
const add = (name, ok) => { steps.push({ name, ok }); return ok; };
|
|
57
75
|
const receipts = Array.isArray(bundle?.receipts) ? bundle.receipts : [];
|
|
58
76
|
const proofs = Array.isArray(bundle?.merkle_proofs) ? bundle.merkle_proofs : [];
|
|
59
77
|
const pub = bundle?.public_key;
|
|
60
|
-
//
|
|
61
|
-
//
|
|
62
|
-
|
|
78
|
+
// A pin is honored only if it is well-formed for the bundle's (supported, registered) profile;
|
|
79
|
+
// a malformed pin is an integrity-only check (pinned=false), never a silent provenance pass.
|
|
80
|
+
pinned = isRegisteredProfile(algorithm) && supported.includes(algorithm)
|
|
81
|
+
&& typeof expectedPublicKey === 'string' && validPublicKeyForProfile(algorithm, expectedPublicKey);
|
|
82
|
+
// §6.1 structural floor — supported registered profile + profile-valid key + STRICT receipt schema
|
|
83
|
+
// (exactly the canonical fields; rejects extra/unknown keys and "__proto__" injection).
|
|
84
|
+
add('structural', isRegisteredProfile(algorithm) && supported.includes(algorithm) && validPublicKeyForProfile(algorithm, pub)
|
|
63
85
|
&& receipts.length > 0 && proofs.length === receipts.length
|
|
64
86
|
&& receipts.every((r) => hasExactKeys(r, SEP_RECEIPT_FIELDS)));
|
|
65
|
-
// §6.2 receipt signatures
|
|
66
|
-
add('receipt_signatures', receipts.length > 0 && receipts.every((r) =>
|
|
67
|
-
// §6.3 chain + ordering
|
|
87
|
+
// §6.2 receipt signatures, verified under the bundle's profile primitive (provenance is §6.6)
|
|
88
|
+
add('receipt_signatures', receipts.length > 0 && receipts.every((r) => verifyForProfile(algorithm, pub, canonicalize(strip(r, 'signature')), r.signature)));
|
|
89
|
+
// §6.3 chain + ordering — canonical fixed-width timestamps, non-decreasing (lexicographic compare)
|
|
68
90
|
const leaves = receipts.map(leaf);
|
|
69
91
|
let chain = receipts.length > 0;
|
|
70
92
|
let prevTs = null;
|
|
@@ -72,9 +94,6 @@ export function verifySepBundle(bundle, expectedPublicKey) {
|
|
|
72
94
|
const expectPrev = i === 0 ? '' : leaves[i - 1];
|
|
73
95
|
if ((receipts[i].previous_receipt_hash || '') !== expectPrev)
|
|
74
96
|
chain = false;
|
|
75
|
-
// Canonical timestamps: each must match the fixed-width UTC form and be calendar-valid
|
|
76
|
-
// (pure integer arithmetic, no Date parser). Because the form is fixed-width zero-padded
|
|
77
|
-
// UTC, non-decreasing ordering is a PLAIN STRING (lexicographic) compare; EQUAL allowed.
|
|
78
97
|
const ts = receipts[i].timestamp;
|
|
79
98
|
if (!isValidTimestamp(ts))
|
|
80
99
|
chain = false;
|
|
@@ -85,7 +104,10 @@ export function verifySepBundle(bundle, expectedPublicKey) {
|
|
|
85
104
|
}
|
|
86
105
|
}
|
|
87
106
|
add('chain_and_ordering', chain);
|
|
88
|
-
// §6.4 merkle: recompute leaf from content, walk proof, single root, index bijection
|
|
107
|
+
// §6.4 merkle: recompute leaf from content, walk proof, single root, index bijection. directions is
|
|
108
|
+
// UNSIGNED — require a well-formed array of EXACTLY "left"/"right" tokens (same length as siblings),
|
|
109
|
+
// and each sibling a lowercase 64-hex (an uppercase sibling decodes to the same bytes and would VERIFY
|
|
110
|
+
// on a case-insensitive stack while Python FAILS — the cross-stack split this guard closes).
|
|
89
111
|
let root = null;
|
|
90
112
|
let merkle = proofs.length === receipts.length && proofs.length > 0;
|
|
91
113
|
const seen = new Set();
|
|
@@ -96,18 +118,14 @@ export function verifySepBundle(bundle, expectedPublicKey) {
|
|
|
96
118
|
if (recomputed === null || recomputed !== p.leaf_hash)
|
|
97
119
|
merkle = false;
|
|
98
120
|
let cur = p.leaf_hash;
|
|
99
|
-
// directions is UNSIGNED, so it must be a well-formed array of EXACTLY "left"/"right" tokens
|
|
100
|
-
// (same length as siblings). Otherwise the merkle step FAILS — without this, JS/Go would treat a
|
|
101
|
-
// rewritten token (e.g. "right"->"RIGHT") as a "right" fallthrough and still walk to the correct
|
|
102
|
-
// root and VERIFY, while Python FAILS: a cross-stack disagreement. (Matches Python's strictness.)
|
|
103
121
|
const sib = Array.isArray(p.siblings) ? p.siblings : [];
|
|
104
122
|
const dir = Array.isArray(p.directions) ? p.directions : [];
|
|
105
|
-
if (dir.length !== sib.length || !dir.every((d) => d === 'left' || d === 'right'))
|
|
123
|
+
if (dir.length !== sib.length || !dir.every((d) => d === 'left' || d === 'right') || !sib.every((s) => isHex(s, 64)))
|
|
106
124
|
merkle = false;
|
|
107
125
|
for (let j = 0; j < sib.length; j++)
|
|
108
126
|
cur = dir[j] === 'left' ? nodeHash(sib[j], cur) : nodeHash(cur, sib[j]);
|
|
109
127
|
if (p.merkle_root !== cur)
|
|
110
|
-
merkle = false; // the proof's own claimed root must match what it walks to
|
|
128
|
+
merkle = false; // the proof's own claimed root must match what it walks to
|
|
111
129
|
if (root === null)
|
|
112
130
|
root = cur;
|
|
113
131
|
else if (root !== cur)
|
|
@@ -115,40 +133,40 @@ export function verifySepBundle(bundle, expectedPublicKey) {
|
|
|
115
133
|
}
|
|
116
134
|
const bijection = seen.size === receipts.length && [...seen].every((n) => Number.isInteger(n) && n >= 0 && n < receipts.length);
|
|
117
135
|
add('merkle_and_bijection', merkle && bijection);
|
|
118
|
-
// §6.5 mandatory signed checkpoint — STRICT schema (exactly the canonical fields) + the
|
|
119
|
-
//
|
|
136
|
+
// §6.5 mandatory signed checkpoint — STRICT schema (exactly the canonical fields) + the SAME profile
|
|
137
|
+
// as the bundle, then signature (profile primitive) + root/count/head binding.
|
|
120
138
|
const cp = bundle?.checkpoint;
|
|
121
139
|
let cpOk = false;
|
|
122
140
|
if (hasExactKeys(cp, SEP_CHECKPOINT_FIELDS)) {
|
|
123
|
-
cpOk = cp.algorithm ===
|
|
124
|
-
&&
|
|
141
|
+
cpOk = cp.algorithm === algorithm
|
|
142
|
+
&& verifyForProfile(algorithm, pub, canonicalize(strip(cp, 'signature')), cp.signature)
|
|
125
143
|
&& root !== null && cp.merkle_root === root
|
|
126
144
|
&& cp.leaf_count === receipts.length
|
|
127
145
|
&& cp.head_leaf_hash === (leaves.length ? leaves[leaves.length - 1] : '');
|
|
128
146
|
}
|
|
129
147
|
add('signed_checkpoint', cpOk);
|
|
130
|
-
// §6.5b cross-field consistency: per-receipt identity + the UNSIGNED envelope must agree
|
|
131
|
-
//
|
|
132
|
-
// consumer that reads the envelope (M-1/M-2/L-3).
|
|
148
|
+
// §6.5b cross-field consistency: per-receipt identity + the UNSIGNED envelope must agree with the
|
|
149
|
+
// signed/recomputed values, so nothing outside the signed objects can mislead an envelope reader.
|
|
133
150
|
const cpGatewayId = (cp && typeof cp === 'object') ? cp.gateway_id : undefined;
|
|
134
151
|
const cpGeneratedAt = (cp && typeof cp === 'object') ? cp.generated_at : undefined;
|
|
135
152
|
add('envelope_consistency', receipts.length > 0
|
|
136
|
-
&& receipts.every((r) => r.public_key === pub)
|
|
137
|
-
&& receipts.every((r) => r.gateway_id === bundle?.gateway_id)
|
|
138
|
-
&& cpGatewayId === bundle?.gateway_id
|
|
139
|
-
&& bundle?.generated_at === cpGeneratedAt
|
|
140
|
-
&& root !== null && bundle?.merkle_root === root);
|
|
141
|
-
// §6.6 provenance (only when a key is pinned)
|
|
153
|
+
&& receipts.every((r) => r.public_key === pub)
|
|
154
|
+
&& receipts.every((r) => r.gateway_id === bundle?.gateway_id)
|
|
155
|
+
&& cpGatewayId === bundle?.gateway_id
|
|
156
|
+
&& bundle?.generated_at === cpGeneratedAt
|
|
157
|
+
&& root !== null && bundle?.merkle_root === root);
|
|
158
|
+
// §6.6 provenance (only when a well-formed key is pinned)
|
|
142
159
|
const issuerVerified = pinned && pub === expectedPublicKey;
|
|
143
160
|
if (pinned)
|
|
144
161
|
add('gateway_key_match', issuerVerified);
|
|
145
162
|
const verdict = steps.every((s) => s.ok) ? 'VERIFIED' : 'FAILED';
|
|
146
163
|
const failed = steps.filter((s) => !s.ok).map((s) => s.name);
|
|
164
|
+
const profileTag = `${algorithm} (v${REGISTERED_PROFILES[algorithm] ?? '?'})`;
|
|
147
165
|
const summary = verdict === 'FAILED'
|
|
148
166
|
? `FAILED — bundle did not verify (failed: ${failed.join(', ') || 'unknown'})`
|
|
149
167
|
: pinned
|
|
150
|
-
?
|
|
151
|
-
:
|
|
168
|
+
? `VERIFIED (${profileTag}; provenance verified — issued by the pinned gateway key)`
|
|
169
|
+
: `VERIFIED (${profileTag}; integrity only — NOT provenance; pass the gateway key to prove who issued it)`;
|
|
152
170
|
return { verdict, summary, issuerVerified, pinned, steps };
|
|
153
171
|
}
|
|
154
172
|
catch (e) {
|
package/dist/sep/verify.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/sep/verify.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/sep/verify.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AACH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,mBAAmB,EAAE,wBAAwB,EAAE,gBAAgB,EAAE,YAAY,EAAE,mBAAmB,GACnG,MAAM,eAAe,CAAC;AAiBvB,MAAM,IAAI,GAAG,CAAC,CAAU,EAAU,EAAE,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;AAChE,MAAM,KAAK,GAAG,CAAC,CAA0B,EAAE,CAAS,EAA2B,EAAE,CAC/E,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEjE;;;;GAIG;AACH,MAAM,KAAK,GAAG,oEAAoE,CAAC;AACnF,MAAM,MAAM,GAAG,CAAC,CAAS,EAAW,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC;AACvF,MAAM,WAAW,GAAG,CAAC,CAAS,EAAE,CAAS,EAAU,EAAE,CACnD,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAC3E,MAAM,gBAAgB,GAAG,CAAC,EAAW,EAAW,EAAE;IAChD,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IAC5D,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IACtC,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IACxC,OAAO,KAAK,IAAI,CAAC,IAAI,KAAK,IAAI,EAAE;WAC3B,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC;WAC3C,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE;WACvB,MAAM,IAAI,CAAC,IAAI,MAAM,IAAI,EAAE;WAC3B,MAAM,IAAI,CAAC,IAAI,MAAM,IAAI,EAAE,CAAC;AACnC,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,YAAY,GAAG,CAAC,CAAU,EAAE,MAAyB,EAAW,EAAE;IACtE,IAAI,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC;IAClE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAA4B,CAAC,CAAC;IACvD,OAAO,IAAI,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1G,CAAC,CAAC;AAEF,MAAM,UAAU,eAAe,CAAC,MAAW,EAAE,iBAA0B,EAAE,IAAoB;IAC3F,MAAM,SAAS,GAAG,IAAI,EAAE,iBAAiB,IAAI,YAAY,CAAC;IAC1D,MAAM,SAAS,GAAW,OAAO,MAAM,EAAE,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,SAAoB,CAAC,CAAC,CAAC,EAAE,CAAC;IAEpG,+FAA+F;IAC/F,qGAAqG;IACrG,gFAAgF;IAChF,IAAI,mBAAmB,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACrE,OAAO;YACL,OAAO,EAAE,qBAAqB;YAC9B,OAAO,EAAE,mEAAmE,SAAS,OAAO,mBAAmB,CAAC,SAAS,CAAC,+BAA+B;YACzJ,cAAc,EAAE,KAAK;YACrB,MAAM,EAAE,KAAK;YACb,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;SAChD,CAAC;IACJ,CAAC;IAED,uFAAuF;IACvF,IAAI,MAAM,GAAG,KAAK,CAAC;IACnB,IAAI,CAAC;QACH,MAAM,KAAK,GAAiB,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,CAAC,IAAY,EAAE,EAAW,EAAW,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7F,MAAM,QAAQ,GAAU,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/E,MAAM,MAAM,GAAU,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;QACvF,MAAM,GAAG,GAAW,MAAM,EAAE,UAAU,CAAC;QAEvC,+FAA+F;QAC/F,6FAA6F;QAC7F,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;eACnE,OAAO,iBAAiB,KAAK,QAAQ,IAAI,wBAAwB,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;QAErG,mGAAmG;QACnG,wFAAwF;QACxF,GAAG,CAAC,YAAY,EACd,mBAAmB,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,wBAAwB,CAAC,SAAS,EAAE,GAAG,CAAC;eACxG,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM;eACxD,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC;QAEjE,8FAA8F;QAC9F,GAAG,CAAC,oBAAoB,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,CAAC,SAAS,EAAE,GAAG,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QAE5J,mGAAmG;QACnG,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,KAAK,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;QAChC,IAAI,MAAM,GAAkB,IAAI,CAAC;QACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,qBAAqB,IAAI,EAAE,CAAC,KAAK,UAAU;gBAAE,KAAK,GAAG,KAAK,CAAC;YAC5E,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YACjC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAAE,KAAK,GAAG,KAAK,CAAC;iBACpC,CAAC;gBAAC,IAAI,MAAM,KAAK,IAAI,IAAI,EAAE,GAAG,MAAM;oBAAE,KAAK,GAAG,KAAK,CAAC;gBAAC,MAAM,GAAG,EAAE,CAAC;YAAC,CAAC;QAC1E,CAAC;QACD,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;QAEjC,oGAAoG;QACpG,qGAAqG;QACrG,uGAAuG;QACvG,6FAA6F;QAC7F,IAAI,IAAI,GAAkB,IAAI,CAAC;QAC/B,IAAI,MAAM,GAAG,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;QACpE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;QAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvC,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;YACvB,MAAM,UAAU,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACtF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,KAAK,CAAC,CAAC,SAAS;gBAAE,MAAM,GAAG,KAAK,CAAC;YACtE,IAAI,GAAG,GAAG,CAAC,CAAC,SAAS,CAAC;YACtB,MAAM,GAAG,GAAa,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;YAClE,MAAM,GAAG,GAAa,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YACtE,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAAE,MAAM,GAAG,KAAK,CAAC;YACrI,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;gBAAE,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7G,IAAI,CAAC,CAAC,WAAW,KAAK,GAAG;gBAAE,MAAM,GAAG,KAAK,CAAC,CAAU,2DAA2D;YAC/G,IAAI,IAAI,KAAK,IAAI;gBAAE,IAAI,GAAG,GAAG,CAAC;iBAAM,IAAI,IAAI,KAAK,GAAG;gBAAE,MAAM,GAAG,KAAK,CAAC;QACvE,CAAC;QACD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,MAAM,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAChI,GAAG,CAAC,sBAAsB,EAAE,MAAM,IAAI,SAAS,CAAC,CAAC;QAEjD,qGAAqG;QACrG,+EAA+E;QAC/E,MAAM,EAAE,GAAG,MAAM,EAAE,UAAU,CAAC;QAC9B,IAAI,IAAI,GAAG,KAAK,CAAC;QACjB,IAAI,YAAY,CAAC,EAAE,EAAE,qBAAqB,CAAC,EAAE,CAAC;YAC5C,IAAI,GAAG,EAAE,CAAC,SAAS,KAAK,SAAS;mBAC5B,gBAAgB,CAAC,SAAS,EAAE,GAAG,EAAE,YAAY,CAAC,KAAK,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC;mBACpF,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC,WAAW,KAAK,IAAI;mBACxC,EAAE,CAAC,UAAU,KAAK,QAAQ,CAAC,MAAM;mBACjC,EAAE,CAAC,cAAc,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC9E,CAAC;QACD,GAAG,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAC;QAE/B,kGAAkG;QAClG,kGAAkG;QAClG,MAAM,WAAW,GAAG,CAAC,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAE,EAA8B,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;QAC5G,MAAM,aAAa,GAAG,CAAC,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAE,EAA8B,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;QAChH,GAAG,CAAC,sBAAsB,EACxB,QAAQ,CAAC,MAAM,GAAG,CAAC;eAChB,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,GAAG,CAAC;eAC3C,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,MAAM,EAAE,UAAU,CAAC;eAC1D,WAAW,KAAK,MAAM,EAAE,UAAU;eAClC,MAAM,EAAE,YAAY,KAAK,aAAa;eACtC,IAAI,KAAK,IAAI,IAAI,MAAM,EAAE,WAAW,KAAK,IAAI,CAAC,CAAC;QAEpD,0DAA0D;QAC1D,MAAM,cAAc,GAAG,MAAM,IAAI,GAAG,KAAK,iBAAiB,CAAC;QAC3D,IAAI,MAAM;YAAE,GAAG,CAAC,mBAAmB,EAAE,cAAc,CAAC,CAAC;QAErD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC;QACjE,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC7D,MAAM,UAAU,GAAG,GAAG,SAAS,MAAM,mBAAmB,CAAC,SAAS,CAAC,IAAI,GAAG,GAAG,CAAC;QAC9E,MAAM,OAAO,GAAG,OAAO,KAAK,QAAQ;YAClC,CAAC,CAAC,2CAA2C,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,SAAS,GAAG;YAC9E,CAAC,CAAC,MAAM;gBACN,CAAC,CAAC,aAAa,UAAU,2DAA2D;gBACpF,CAAC,CAAC,aAAa,UAAU,iFAAiF,CAAC;QAC/G,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC7D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,kDAAkD,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IAC3L,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@attested-intelligence/aga-mcp-server",
|
|
3
|
-
"version": "3.0
|
|
3
|
+
"version": "3.2.0",
|
|
4
4
|
"description": "MCP server for cryptographic AI agent governance. Seal policy artifacts, enforce at runtime, prove with signed receipts and offline-verifiable evidence bundles.",
|
|
5
5
|
"author": "Attested Intelligence Holdings LLC",
|
|
6
6
|
"license": "MIT",
|
|
@@ -39,19 +39,22 @@
|
|
|
39
39
|
"test:proxy": "vitest run tests/proxy/",
|
|
40
40
|
"test:conformance": "node fixtures/run-conformance.mjs",
|
|
41
41
|
"conformance:cross-stack": "node fixtures/cross-stack/run-all-stacks.mjs",
|
|
42
|
+
"conformance:cross-stack-v2": "node fixtures/cross-stack/run-v2-stacks.mjs",
|
|
42
43
|
"check:pack": "node scripts/check-pack.mjs",
|
|
43
44
|
"check": "npm run build && npm run lint && npm run test && npm run test:conformance && npm run check:pack",
|
|
44
45
|
"proxy": "tsx src/proxy/index.ts",
|
|
45
46
|
"proxy:start": "tsx src/proxy/index.ts start",
|
|
46
47
|
"demo": "tsx scripts/demo.ts",
|
|
47
48
|
"benchmark": "tsx scripts/benchmark.ts",
|
|
48
|
-
"verify": "cd independent-verifier && npm test",
|
|
49
|
+
"verify": "cd independent-verifier && npm ci --no-audit --no-fund && npm test",
|
|
49
50
|
"lint": "tsc --noEmit",
|
|
50
51
|
"prepublishOnly": "npm run build && npm run test && npm run test:conformance && npm run check:pack"
|
|
51
52
|
},
|
|
52
53
|
"dependencies": {
|
|
53
54
|
"@modelcontextprotocol/sdk": "^1.12.0",
|
|
54
|
-
"@noble/
|
|
55
|
+
"@noble/ed25519": "2.1.0",
|
|
56
|
+
"@noble/hashes": "1.6.1",
|
|
57
|
+
"@noble/post-quantum": "0.6.1",
|
|
55
58
|
"commander": "^14.0.3",
|
|
56
59
|
"zod": "^3.24.0"
|
|
57
60
|
},
|
|
@@ -61,6 +64,7 @@
|
|
|
61
64
|
"devDependencies": {
|
|
62
65
|
"@types/better-sqlite3": "^7.6.12",
|
|
63
66
|
"@types/node": "^22.10.0",
|
|
67
|
+
"canonicalize": "^2.1.0",
|
|
64
68
|
"tsx": "^4.19.0",
|
|
65
69
|
"typescript": "^5.7.0",
|
|
66
70
|
"vitest": "^2.1.0"
|