@attestry/sdk 0.6.0

package/dist/resources/evidence-pack.js

@@ -0,0 +1,1789 @@
+// ─── EvidencePack resource ──────────────────────────────────────────────────
+//
+// Wraps the KE2 P1 evidence-pack surface (P1.2 + P1.3 generator + REST,
+// + the P1.4 lifecycle/export routes added to the SDK in P1.8):
+//
+//   - POST /api/v1/evidence-packs                     create a draft pack
+//   - GET  /api/v1/evidence-packs/{id}                get pack + bundle list
+//   - GET  /api/v1/evidence-packs                     list packs (cursor-paginated)
+//   - POST /api/v1/evidence-packs/{id}/bundles        append a reperformance bundle
+//   - POST /api/v1/evidence-packs/{id}/sign           sign a draft pack            (P1.8)
+//   - POST /api/v1/evidence-packs/{id}/supersede      supersede a signed pack      (P1.8)
+//   - POST /api/v1/evidence-packs/{id}/revoke         revoke a signed pack         (P1.8)
+//   - GET  /api/v1/evidence-packs/{id}/export         export an artifact (json/pdf/zip) (P1.8)
+//
+// Tenth resource on `@attestry/sdk`. Sibling to `IncidentsResource`,
+// `DecisionsResource`, `ChatResource`, `AuditLogResource`,
+// `RegulatoryChangesResource`, `ComplianceCheckResource`, `CheckResource`,
+// `GateResource`, `VisionResource`. Resource-class-per-kernel-resource
+// convention (carry-forward invariant #43).
+//
+// **Scope** — P1.6 (2026-05-18) shipped the 4 core methods (`create`,
+// `get`, `list`, `addBundle`). P1.8 (founder-ratified 2026-05-23) adds
+// the 4 P1.4 lifecycle/export methods (`sign` / `supersede` / `revoke`
+// / `export`), mirroring the shipped REST routes (P1.4) + MCP tools
+// (P1.7) — eight methods total. The MCP `confirm` intentionality gate on
+// `sign`/`revoke` (P1.7 DQ-1) is an MCP-layer affordance with NO
+// REST/SDK equivalent and is NOT mirrored here.
+//
+// **`export` returns a non-JSON artifact** (P1.8 DEV-73) — unlike every
+// other method (JSON `{success,data}` envelope via `_request`), the
+// kernel export route returns the RAW artifact on success (json =
+// `{export,pack,bundles}`; pdf = `Uint8Array`; zip = `ReadableStream`)
+// with a download `Content-Disposition`, and the standard error
+// envelope on failure. `export` therefore routes through the transport's
+// `_streamRequest` (un-consumed `Response`; per-format content-type
+// guard; non-2xx → `AttestryAPIError`) and returns a faithful-courier
+// wrapper `EvidencePackExportResult` — it does NOT consume/`validatePack`
+// the body (same discipline as `decisions.export` / `auditLog.export`).
+//
+// **`list` is single-page per call** (DEV-63) — cursor in / `nextCursor`
+// out. The P1.6 spec's hostile concern #3 asked for an auto-paginating
+// async iterator "per existing SDK convention" — but that misdiagnoses
+// the convention. The SDK reserves async iterators for STREAMING
+// endpoints (`chat.send` stream, `decisions.stream`, `decisions.export`,
+// `auditLog.export`); every CURSOR-PAGINATED list method
+// (`incidents.list`, `decisions.list`, and now `evidencePack.list`)
+// returns a single page `{items, nextCursor}` and the caller pages
+// manually. Auto-paginating ONLY `evidencePack.list` would make it the
+// lone inconsistent paginated resource — the opposite of "per existing
+// SDK convention". Cross-resource auto-pagination, if wanted, belongs
+// in a dedicated SDK-wide prompt (residual R-1).
+//
+// **Method name `addBundle`** (DEV-62) — short verb matching the kernel
+// internal fn (`addBundleToPack`). The MCP wire tool name is
+// `append_bundle` (P1.5 wire-shape choice); the SDK reserves the shorter
+// `addBundle` for the method to align with the SDK's verb-method
+// convention (`decisions.ingest`, `chat.send`, `gate.evaluate`, etc.).
+//
+// **`Idempotency-Key` HTTP header is NOT exposed in P1.6** — same
+// carry-forward as `vision.ts`. The kernel accepts `Idempotency-Key` on
+// `POST /evidence-packs` and `POST /{id}/bundles`; the SDK's
+// `RequestOptions` does not surface extra headers for JSON POSTs. Clean
+// future extension; consumers who need idempotency today should retry
+// with their own client-side dedupe.
+//
+// **Symmetric prototype-pollution defense** — module-load snapshot of
+// `Object.hasOwn` applied to BOTH input AND response sides (carry-
+// forward of session-16 second-hostile-review MEDIUM #3 generalization,
+// freshest implementation in `gate.ts` / `vision.ts`). Without the
+// snapshot, a late-loading hostile/buggy npm dep that overrides the
+// global would defeat the defense.
+//
+// **No URIError defense on body fields** — POST bodies use
+// `JSON.stringify` (handles lone UTF-16 surrogates as `\uDxxx` escapes).
+// URL-path segments (`get`, `addBundle`) carry `packId` which the SDK
+// pre-validates as a hyphen-only RFC 4122 UUID BEFORE
+// `encodeURIComponent` runs — so a malformed input rejects with
+// `TypeError` before the encoder sees it.
+//
+// **P3 content-type guard** — already in the SDK transport
+// (`packages/attestry-sdk/src/transport.ts:271-291`). A non-JSON 200
+// response surfaces as `AttestryAPIError`, NOT an opaque `SyntaxError`.
+// HR-4(b) carry-forward applies to `mcp-server/src/client.ts`, NOT to
+// the SDK transport.
+import { AttestryError } from "../errors.js";
+import { readInputField } from "./safe-input-read.js";
+// Module-load snapshot of `Object.hasOwn`. Mirror of `gate.ts`/`vision.ts`.
+// Used symmetrically on input AND response sides — defense on both
+// boundaries against a late-loading hostile/buggy dep overriding the
+// global.
+const objectHasOwn = Object.hasOwn;
+// RFC 4122 hyphenated UUID (8-4-4-4-12 hex, case-insensitive). Matches
+// Zod's `z.string().uuid()` regex effectively. Mirror of `gate.ts`'s
+// `UUID_REGEX`; drift-pinned in `evidence-pack.drift.test.ts` (Round 2)
+// so a kernel-side switch to a different UUID flavor (ULID, KSUID) fires
+// before consumer regressions.
+const UUID_REGEX = /^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$/;
+// ─── Closed-enum frozen tuples (drift-pinned in Round 2) ────────────────────
+/**
+ * The five evidence-pack types the kernel accepts. Mirrors
+ * `PACK_TYPES` in kernel `src/lib/evidence-pack/types.ts:150-156`.
+ * Frozen so consumer code can safely use
+ * `PACK_TYPES.includes(...)` without mutation risk (P1 hardening —
+ * defends against a hostile/buggy npm dep mutating the array between
+ * SDK import and method call).
+ *
+ * Drift-pinned in the spec-diff round (`evidence-pack.drift.test.ts`)
+ * by text-comparing this declaration with the kernel's. An addition /
+ * removal / reordering on either side trips the test, **satisfying P1
+ * checkpoint AC7** ("SDK drift pin: `pack_type` enum in SDK matches
+ * kernel").
+ */
+export const PACK_TYPES = Object.freeze([
+    "annex_iv",
+    "agentic_reperformance",
+    "red_team_cycle",
+    "pccp_evidence",
+    "underwriting_evidence",
+]);
+/**
+ * The five pack-status values the kernel emits + accepts as a filter.
+ * Mirrors `PACK_STATUSES` in kernel `src/lib/evidence-pack/types.ts:160-166`.
+ * Frozen; drift-pinned identically to `PACK_TYPES`.
+ */
+export const PACK_STATUSES = Object.freeze([
+    "draft",
+    "signed",
+    "superseded",
+    "revoked",
+    "expired",
+]);
+/**
+ * The three artifact formats `evidencePack.export` accepts. Mirrors
+ * `EXPORT_FORMATS` in kernel `src/lib/evidence-pack/types.ts:584`
+ * (`["json","pdf","zip"] as const`). Frozen; drift-pinned byte-equal to
+ * the kernel in `evidence-pack.drift.test.ts` (P1.8 DEV-76).
+ *
+ * The kernel route's `exportQuerySchema` requires `format` (no default,
+ * spec concern E1 — unknown/absent → 422). The SDK pre-validates
+ * `format` against this frozen tuple, so an absent/unknown format
+ * rejects with a synchronous `TypeError` before the request is sent.
+ */
+export const EXPORT_FORMATS = Object.freeze(["json", "pdf", "zip"]);
+/**
+ * Per-format `Content-Type` the kernel export route emits on success.
+ * Mirrors `EXPORT_CONTENT_TYPES` in kernel
+ * `src/lib/evidence-pack/export.ts:38-42`. Module-local (the consumer
+ * gets the value via `EvidencePackExportResult.contentType`); drift-
+ * pinned against the kernel mapping in `evidence-pack.drift.test.ts`.
+ *
+ * Used as `export`'s per-format `expectedContentType` for the transport
+ * `_streamRequest` content-type guard (a wrong-content-type 200 → a
+ * clear `AttestryAPIError`, not an opaque downstream parse crash) AND
+ * as the canonical `contentType` surfaced on the result — the guard
+ * guarantees the response MIME equals this value, so it is accurate.
+ */
+const EXPORT_CONTENT_TYPES = {
+    json: "application/json",
+    pdf: "application/pdf",
+    zip: "application/zip",
+};
+// ─── Closed-spec ceiling constants (drift-pinned in Round 2) ────────────────
+/**
+ * Maximum `limit` accepted by `GET /api/v1/evidence-packs`. Mirrors the
+ * kernel `listEvidencePacksQuerySchema` `z.coerce.number().int().min(1)
+ * .max(200)` cap. The SDK rejects an over-cap `limit` synchronously to
+ * save a billed 422 round-trip.
+ */
+const MAX_LIST_LIMIT = 200;
+/**
+ * Maximum length of `inputsHash` / `outputsHash` on `addBundleToPack`.
+ * Mirrors the kernel `addBundleToPackInputSchema` `z.string().min(1)
+ * .max(500)` rule.
+ */
+const MAX_HASH_LENGTH = 500;
+/**
+ * Maximum length of `traceContent` array on `addBundleToPack`. Mirrors
+ * the kernel `z.array(traceEntrySchema).max(1000)` rule.
+ */
+const MAX_TRACE_CONTENT_LENGTH = 1000;
+/**
+ * Maximum length of `storageUri` on `addBundleToPack`. Mirrors the
+ * kernel `httpsOnlyUrl(2000)` length cap. Scheme validation
+ * (`http(s)://`) is kernel-authoritative (faithful courier — the SDK
+ * does not duplicate the regex; same convention as
+ * `vision.extract.imageUri`).
+ */
+const MAX_STORAGE_URI_LENGTH = 2000;
+/**
+ * Maximum length of `frameworkBindings` array on `createEvidencePack`.
+ * Mirrors the kernel `z.array(frameworkBindingSchema).max(50)` rule.
+ */
+const MAX_FRAMEWORK_BINDINGS_LENGTH = 50;
+/**
+ * Maximum length of `reason` on `revoke`. Mirrors the kernel
+ * `revokePackInputSchema` `z.string().min(1).max(500)` rule (P1.8).
+ */
+const MAX_REASON_LENGTH = 500;
+// ─── Resource class ─────────────────────────────────────────────────────────
+/**
+ * `evidencePack` resource — sibling to `IncidentsResource`,
+ * `DecisionsResource`, `ChatResource`, `AuditLogResource`,
+ * `RegulatoryChangesResource`, `ComplianceCheckResource`,
+ * `CheckResource`, `GateResource`, `VisionResource`.
+ *
+ * Eight methods: the P1.6 core (`create`, `get`, `list`, `addBundle`)
+ * plus the P1.8 lifecycle/export ops (`sign`, `supersede`, `revoke`,
+ * `export`). All are JSON request/response (`{success,data}` envelope
+ * via `_request`) EXCEPT `export`, which returns a downloadable artifact
+ * (json/pdf/zip) via the streaming transport `_streamRequest`.
+ */
+export class EvidencePackResource {
+    client;
+    constructor(client) {
+        this.client = client;
+    }
+    /**
+     * Create a new draft evidence pack for the authenticated organization.
+     * Wraps `POST /api/v1/evidence-packs`.
+     *
+     * `orgId` and `userId` are derived server-side from the API key; they
+     * are never accepted on the wire. The kernel applies defaults for
+     * `frameworkBindings` (`[]`), `consumerHints` (`{}`), `metadata`
+     * (`{}`), and `status` (`"draft"`) when fields are omitted.
+     *
+     * **Idempotency**: the kernel accepts `Idempotency-Key` on this
+     * endpoint, but the SDK does NOT expose the header in P1.6 (see
+     * resource header comment). Consumers needing safe retry today
+     * should dedupe client-side.
+     *
+     * Errors — ordered by kernel firing precedence (rate-limit → auth →
+     * body parse → Zod → DB):
+     *   - `AttestryAPIError` (status 429) — rate limit FIRES FIRST
+     *     (auto-retried by default — invariant #18).
+     *   - `AttestryAPIError` (status 401) — no API key OR invalid key.
+     *   - `AttestryAPIError` (status 403) — authenticated key lacks
+     *     `WRITE_ASSESSMENTS` permission.
+     *   - `AttestryAPIError` (status 400) — JSON parse failure on the
+     *     body OR a malformed `Idempotency-Key` header (the kernel
+     *     emits 400 for both transport-shape failures).
+     *   - `AttestryAPIError` (status 409) — `Idempotency-Key` conflict
+     *     (same key, different body hash; `details.code` ===
+     *     `"evidence_pack.idempotency_key_conflict"`). Not reachable
+     *     from P1.6's SDK directly.
+     *   - `AttestryAPIError` (status 422) — Zod validation failed
+     *     (`details.code` === `"evidence_pack.validation_failed"`;
+     *     `details.issues` carries the field paths).
+     *   - `AttestryAPIError` (status 500) — internal kernel error.
+     *   - `AttestryError` ("request aborted by caller") — caller-
+     *     supplied `options.signal` fired (pre-aborted or mid-flight).
+     *   - `AttestryError` (P2 hardening) — kernel response failed
+     *     SDK-side shape validation (not an object, wrong type on any
+     *     field).
+     *   - `AttestryAPIError` (P3 hardening) — kernel response had a
+     *     wrong Content-Type (transport-level guard, before body
+     *     parsing).
+     *   - `TypeError` (synchronous, no fetch issued) — input failed
+     *     SDK-side validation (null/array/non-object input; missing
+     *     `packType`; bad `packType` enum; bad `systemId` UUID; bad
+     *     `frameworkBindings` array shape; bad `metadata` shape).
+     *
+     * **SDK-side validation** (synchronous `TypeError`, no fetch issued):
+     *   - `input`: required; non-null, non-array object.
+     *   - `input.packType`: required own-property; member of `PACK_TYPES`.
+     *   - `input.systemId` (when own-present, value not undefined): non-
+     *     empty string matching `UUID_REGEX`.
+     *   - `input.frameworkBindings` (when own-present, value not
+     *     undefined): array of length ≤50 (kernel cap); per-entry shape
+     *     is open-spec and forwarded to the kernel as-is.
+     *   - `input.metadata` (when own-present, value not undefined):
+     *     non-null, non-array object.
+     *
+     * **Response-shape validation** (P2 hardening; symmetric defense on
+     * response side via the `objectHasOwn` snapshot): every documented
+     * `EvidencePack` field is type-checked. Rejects with `AttestryError`
+     * on shape violation.
+     *
+     * @example Minimum viable pack (org-level, no system, no bindings)
+     * ```ts
+     * const pack = await client.evidencePack.create({
+     *   packType: "underwriting_evidence",
+     * });
+     * console.log("created:", pack.id, "status:", pack.status); // "draft"
+     * ```
+     *
+     * @example Annex IV pack scoped to a specific AI system
+     * ```ts
+     * const pack = await client.evidencePack.create({
+     *   packType: "annex_iv",
+     *   systemId: "11111111-1111-1111-1111-111111111111",
+     *   frameworkBindings: [
+     *     { framework: "eu_ai_act", identifier: "Annex.IV.1" },
+     *     { framework: "iso_42001", identifier: "8.2" },
+     *   ],
+     *   metadata: { author: "compliance-bot", version: 1 },
+     * });
+     * ```
+     */
+    create(input, options) {
+        // Top-level shape — input is REQUIRED. typeof null === "object" and
+        // typeof [] === "object", so guard both explicitly.
+        if (input === null ||
+            typeof input !== "object" ||
+            Array.isArray(input)) {
+            throw new TypeError("evidencePack.create: `input` must be a non-null object with `packType`");
+        }
+        // Snapshot each field's value EXACTLY ONCE up front via the own-
+        // property indexer. Three motivations (carry-forward from gate.ts /
+        // vision.ts):
+        //   1. Prototype-pollution defense (generalization of invariant #48):
+        //      `Object.prototype.packType = "..."` cannot trick the SDK into
+        //      silently sending the polluted value when `{}` is passed.
+        //   2. TOCTOU defense: a Proxy / getter-defining input could yield
+        //      different values across multiple reads.
+        //   3. Explicit `{}` is treated as those-fields-omitted —
+        //      `objectHasOwn` returns false on missing keys.
+        //   4. Throwing-getter defense — each read goes through
+        //      `readInputField`, converting a throwing accessor's exception
+        //      into the documented synchronous `TypeError` input contract
+        //      (session-22 hostile MEDIUM-1).
+        const hasPackType = objectHasOwn(input, "packType");
+        const packTypeRaw = hasPackType
+            ? readInputField(input, "packType", "evidencePack.create")
+            : undefined;
+        const hasSystemId = objectHasOwn(input, "systemId");
+        const systemIdRaw = hasSystemId
+            ? readInputField(input, "systemId", "evidencePack.create")
+            : undefined;
+        const hasFrameworkBindings = objectHasOwn(input, "frameworkBindings");
+        const frameworkBindingsRaw = hasFrameworkBindings
+            ? readInputField(input, "frameworkBindings", "evidencePack.create")
+            : undefined;
+        const hasMetadata = objectHasOwn(input, "metadata");
+        const metadataRaw = hasMetadata
+            ? readInputField(input, "metadata", "evidencePack.create")
+            : undefined;
+        // packType REQUIRED + closed-enum membership.
+        if (!hasPackType || packTypeRaw === undefined) {
+            throw new TypeError("evidencePack.create: `packType` is required");
+        }
+        if (typeof packTypeRaw !== "string") {
+            throw new TypeError(`evidencePack.create: \`packType\` must be a string ` +
+                `(got ${describeType(packTypeRaw)})`);
+        }
+        if (!PACK_TYPES.includes(packTypeRaw)) {
+            throw new TypeError(`evidencePack.create: \`packType\` must be one of ` +
+                `${JSON.stringify(PACK_TYPES)} (got ${JSON.stringify(packTypeRaw)})`);
+        }
+        const validatedPackType = packTypeRaw;
+        // Optional systemId — UUID pre-validation when own-present.
+        let validatedSystemId;
+        if (hasSystemId && systemIdRaw !== undefined) {
+            if (typeof systemIdRaw !== "string") {
+                throw new TypeError(`evidencePack.create: \`systemId\` must be a string when provided ` +
+                    `(got ${describeType(systemIdRaw)})`);
+            }
+            if (!UUID_REGEX.test(systemIdRaw)) {
+                throw new TypeError("evidencePack.create: `systemId` must be an RFC 4122 hyphenated UUID");
+            }
+            validatedSystemId = systemIdRaw;
+        }
+        // Optional frameworkBindings — array + length cap. Per-entry shape
+        // is open-spec (kernel `frameworkBindingSchema` is the deep
+        // validator with `.strict()` rejection of unknown keys).
+        let validatedFrameworkBindings;
+        if (hasFrameworkBindings && frameworkBindingsRaw !== undefined) {
+            if (!Array.isArray(frameworkBindingsRaw)) {
+                throw new TypeError(`evidencePack.create: \`frameworkBindings\` must be an array when ` +
+                    `provided (got ${describeType(frameworkBindingsRaw)})`);
+            }
+            // Snapshot via Array.from so a Proxy whose `.length` or `[i]`
+            // changes between reads can't slip past validation. Per-entry
+            // shape is forwarded as-is to the kernel.
+            const snapshot = Array.from(frameworkBindingsRaw);
+            if (snapshot.length > MAX_FRAMEWORK_BINDINGS_LENGTH) {
+                throw new TypeError(`evidencePack.create: \`frameworkBindings\` array exceeds the ` +
+                    `kernel's max length of ${MAX_FRAMEWORK_BINDINGS_LENGTH} (got ` +
+                    `${snapshot.length})`);
+            }
+            validatedFrameworkBindings = snapshot;
+        }
+        // Optional metadata — non-null non-array object when present.
+        let validatedMetadata;
+        if (hasMetadata && metadataRaw !== undefined) {
+            if (metadataRaw === null ||
+                typeof metadataRaw !== "object" ||
+                Array.isArray(metadataRaw)) {
+                throw new TypeError(`evidencePack.create: \`metadata\` must be a non-null object when ` +
+                    `provided (got ${describeType(metadataRaw)})`);
+            }
+            validatedMetadata = metadataRaw;
+        }
+        // Build the body from explicitly-named fields. Omit optional fields
+        // the consumer omitted so the kernel applies its `.default(...)`.
+        const body = {
+            packType: validatedPackType,
+        };
+        if (validatedSystemId !== undefined)
+            body.systemId = validatedSystemId;
+        if (validatedFrameworkBindings !== undefined) {
+            body.frameworkBindings = validatedFrameworkBindings;
+        }
+        if (validatedMetadata !== undefined)
+            body.metadata = validatedMetadata;
+        return this.client
+            ._request({
+            method: "POST",
+            path: "/api/v1/evidence-packs",
+            body,
+            options,
+        })
+            .then((result) => {
+            validatePack(result, "evidencePack.create", "response");
+            return result;
+        });
+    }
+    /**
+     * Retrieve a single evidence pack's metadata together with its full
+     * reperformance-bundle list. Wraps `GET /api/v1/evidence-packs/{id}`.
+     *
+     * **Anti-enumeration 404**: a pack that doesn't exist OR exists in a
+     * different org surfaces as `AttestryAPIError` with `status === 404`
+     * and a generic "pack not found" message (faithful courier — the
+     * kernel `getEvidencePack` query intentionally collapses cross-org
+     * and missing to the same response).
+     *
+     * Errors — ordered by kernel firing precedence. The kernel route at
+     * `src/app/api/v1/evidence-packs/[id]/route.ts` validates the URL-path
+     * UUID BEFORE the auth check, so a malformed path UUID surfaces as 400
+     * BEFORE 401/403 (same ordering as `addBundle`):
+     *   - `AttestryAPIError` (status 429) — rate limit (auto-retried).
+     *   - `AttestryAPIError` (status 400 — path UUID) — malformed UUID in
+     *     the path (kernel `packPathParamsSchema` Zod rejection).
+     *     **Fires BEFORE auth.** The SDK pre-validates the UUID format so
+     *     this surface is only reachable via SDK rule changes.
+     *   - `AttestryAPIError` (status 401 / 403) — auth missing / wrong
+     *     permission (`READ_ASSESSMENTS`).
+     *   - `AttestryAPIError` (status 404) — pack missing OR cross-org.
+     *   - `AttestryAPIError` (status 500) — internal kernel error.
+     *   - `AttestryError` ("request aborted by caller") — abort.
+     *   - `AttestryError` (P2 hardening) — kernel response shape
+     *     violation.
+     *   - `AttestryAPIError` (P3 hardening) — non-JSON response.
+     *   - `TypeError` (synchronous, no fetch issued) — input failed
+     *     SDK-side validation.
+     *
+     * **SDK-side validation**:
+     *   - `input`: required; non-null, non-array object.
+     *   - `input.packId`: required own-property; non-empty string;
+     *     matching `UUID_REGEX`.
+     *
+     * **Response-shape validation** (P2 hardening): `pack` field is a
+     * full `EvidencePack`; `bundles` field is an array of
+     * `ReperformanceBundle` (per-element shape validated).
+     *
+     * @example
+     * ```ts
+     * const { pack, bundles } = await client.evidencePack.get({
+     *   packId: "11111111-1111-1111-1111-111111111111",
+     * });
+     * console.log(`${pack.packType} pack, status: ${pack.status}`);
+     * console.log(`${bundles.length} bundles attached`);
+     * ```
+     */
+    get(input, options) {
+        if (input === null ||
+            typeof input !== "object" ||
+            Array.isArray(input)) {
+            throw new TypeError("evidencePack.get: `input` must be a non-null object with `packId`");
+        }
+        const hasPackId = objectHasOwn(input, "packId");
+        const packIdRaw = hasPackId
+            ? readInputField(input, "packId", "evidencePack.get")
+            : undefined;
+        if (!hasPackId || packIdRaw === undefined) {
+            throw new TypeError("evidencePack.get: `packId` is required");
+        }
+        if (typeof packIdRaw !== "string" || packIdRaw.length === 0) {
+            throw new TypeError("evidencePack.get: `packId` must be a non-empty string");
+        }
+        if (!UUID_REGEX.test(packIdRaw)) {
+            throw new TypeError("evidencePack.get: `packId` must be an RFC 4122 hyphenated UUID");
+        }
+        // `packId` is regex-validated to hex+hyphens only — no `/` / `.` /
+        // `..` / NUL can reach the encoder. `encodeURIComponent` is belt-
+        // and-suspenders.
+        const path = `/api/v1/evidence-packs/${encodeURIComponent(packIdRaw)}`;
+        return this.client
+            ._request({
+            method: "GET",
+            path,
+            options,
+        })
+            .then((result) => {
+            if (result === null ||
+                typeof result !== "object" ||
+                Array.isArray(result)) {
+                throw new AttestryError(`evidencePack.get: expected an object response from the kernel ` +
+                    `(got ${describeType(result)})`);
+            }
+            const obj = result;
+            const packRaw = objectHasOwn(obj, "pack") ? obj.pack : undefined;
+            validatePack(packRaw, "evidencePack.get", "response.pack");
+            const bundlesRaw = objectHasOwn(obj, "bundles")
+                ? obj.bundles
+                : undefined;
+            if (!Array.isArray(bundlesRaw)) {
+                throw new AttestryError(`evidencePack.get: expected response.bundles to be an array ` +
+                    `(got ${describeType(bundlesRaw)})`);
+            }
+            for (let i = 0; i < bundlesRaw.length; i++) {
+                validateBundle(bundlesRaw[i], "evidencePack.get", `response.bundles[${i}]`);
+            }
+            return result;
+        });
+    }
+    /**
+     * List the authenticated organization's evidence packs, newest first.
+     * Wraps `GET /api/v1/evidence-packs`.
+     *
+     * **Single page per call** (DEV-63). Pass `response.nextCursor` back
+     * as `cursor` to fetch the next page; `nextCursor: null` means no
+     * more pages. The kernel pages by tuple comparison over
+     * `(created_at DESC, id DESC)` so same-microsecond timestamps do
+     * not skip rows.
+     *
+     * **Filters are AND-combined kernel-side**. Omitting all filters
+     * lists the entire org's packs (newest first). Empty `cursor` (`""`)
+     * is rejected by the SDK; pass `undefined` (or omit the field) for
+     * the first page.
+     *
+     * Errors — ordered by kernel firing precedence:
+     *   - `AttestryAPIError` (status 429) — rate limit (auto-retried).
+     *   - `AttestryAPIError` (status 401 / 403) — auth missing / wrong
+     *     permission (`READ_ASSESSMENTS`).
+     *   - `AttestryAPIError` (status 400) — a length-valid but
+     *     UNDECODABLE `cursor` (`details.code` ===
+     *     `"evidence_pack.invalid_cursor"`). NOTE: a `cursor` that fails
+     *     the kernel's Zod length cap (>500 chars) fires EARLIER as 422
+     *     (below), not 400 — the 400 path is reached only after the query
+     *     schema accepts the cursor's shape. Since the SDK treats `cursor`
+     *     as opaque (caller passes back `nextCursor` verbatim), neither is
+     *     reachable with a kernel-issued cursor.
+     *   - `AttestryAPIError` (status 422) — Zod query-param validation
+     *     failed, INCLUDING an over-long (>500-char) `cursor`
+     *     (`details.code` === `"evidence_pack.validation_failed"`).
+     *   - `AttestryAPIError` (status 500) — internal kernel error.
+     *   - `AttestryError` ("request aborted by caller") — abort.
+     *   - `AttestryError` (P2 hardening) — response-shape violation.
+     *   - `AttestryAPIError` (P3 hardening) — non-JSON response.
+     *   - `TypeError` (synchronous, no fetch issued) — input failed
+     *     SDK-side validation.
+     *
+     * **SDK-side validation**:
+     *   - `input` (optional): if provided, non-null, non-array object.
+     *   - `input.systemId` (when own-present): UUID format.
+     *   - `input.packType` (when own-present): member of `PACK_TYPES`.
+     *   - `input.status` (when own-present): member of `PACK_STATUSES`.
+     *   - `input.limit` (when own-present): `Number.isInteger`, range
+     *     [1, 200] inclusive. Mirrors kernel `.int().min(1).max(200)`.
+     *   - `input.cursor` (when own-present): non-empty string.
+     *
+     * @example First page, all filters omitted
+     * ```ts
+     * const { items, nextCursor } = await client.evidencePack.list();
+     * for (const pack of items) {
+     *   console.log(pack.id, pack.packType, pack.status);
+     * }
+     * if (nextCursor) {
+     *   const next = await client.evidencePack.list({ cursor: nextCursor });
+     * }
+     * ```
+     *
+     * @example Filter by system + status + cap to 25
+     * ```ts
+     * const draft = await client.evidencePack.list({
+     *   systemId: "11111111-1111-1111-1111-111111111111",
+     *   status: "draft",
+     *   limit: 25,
+     * });
+     * ```
+     */
+    list(input, options) {
+        // `input` is optional. Reject explicit `null` and non-object
+        // explicit values to match the input-shape discipline.
+        if (input !== undefined) {
+            if (input === null ||
+                typeof input !== "object" ||
+                Array.isArray(input)) {
+                throw new TypeError("evidencePack.list: `input` must be a non-null object when provided");
+            }
+        }
+        // From here on `input` is `undefined` OR a non-null non-array
+        // object. The own-property snapshots below tolerate either. Each
+        // read goes through `readInputField` so a throwing accessor surfaces
+        // as the documented synchronous `TypeError` (session-22 hostile
+        // MEDIUM-1).
+        const safeInput = (input ?? {});
+        const hasSystemId = objectHasOwn(safeInput, "systemId");
+        const systemIdRaw = hasSystemId
+            ? readInputField(safeInput, "systemId", "evidencePack.list")
+            : undefined;
+        const hasPackType = objectHasOwn(safeInput, "packType");
+        const packTypeRaw = hasPackType
+            ? readInputField(safeInput, "packType", "evidencePack.list")
+            : undefined;
+        const hasStatus = objectHasOwn(safeInput, "status");
+        const statusRaw = hasStatus
+            ? readInputField(safeInput, "status", "evidencePack.list")
+            : undefined;
+        const hasLimit = objectHasOwn(safeInput, "limit");
+        const limitRaw = hasLimit
+            ? readInputField(safeInput, "limit", "evidencePack.list")
+            : undefined;
+        const hasCursor = objectHasOwn(safeInput, "cursor");
+        const cursorRaw = hasCursor
+            ? readInputField(safeInput, "cursor", "evidencePack.list")
+            : undefined;
+        let validatedSystemId;
+        if (hasSystemId && systemIdRaw !== undefined) {
+            if (typeof systemIdRaw !== "string") {
+                throw new TypeError(`evidencePack.list: \`systemId\` must be a string when provided ` +
+                    `(got ${describeType(systemIdRaw)})`);
+            }
+            if (!UUID_REGEX.test(systemIdRaw)) {
+                throw new TypeError("evidencePack.list: `systemId` must be an RFC 4122 hyphenated UUID");
+            }
+            validatedSystemId = systemIdRaw;
+        }
+        let validatedPackType;
+        if (hasPackType && packTypeRaw !== undefined) {
+            if (typeof packTypeRaw !== "string") {
+                throw new TypeError(`evidencePack.list: \`packType\` must be a string when provided ` +
+                    `(got ${describeType(packTypeRaw)})`);
+            }
+            if (!PACK_TYPES.includes(packTypeRaw)) {
+                throw new TypeError(`evidencePack.list: \`packType\` must be one of ` +
+                    `${JSON.stringify(PACK_TYPES)} (got ${JSON.stringify(packTypeRaw)})`);
+            }
+            validatedPackType = packTypeRaw;
+        }
+        let validatedStatus;
+        if (hasStatus && statusRaw !== undefined) {
+            if (typeof statusRaw !== "string") {
+                throw new TypeError(`evidencePack.list: \`status\` must be a string when provided ` +
+                    `(got ${describeType(statusRaw)})`);
+            }
+            if (!PACK_STATUSES.includes(statusRaw)) {
+                throw new TypeError(`evidencePack.list: \`status\` must be one of ` +
+                    `${JSON.stringify(PACK_STATUSES)} (got ${JSON.stringify(statusRaw)})`);
+            }
+            validatedStatus = statusRaw;
+        }
+        let validatedLimit;
+        if (hasLimit && limitRaw !== undefined) {
+            if (typeof limitRaw !== "number") {
+                throw new TypeError(`evidencePack.list: \`limit\` must be a number when provided ` +
+                    `(got ${describeType(limitRaw)})`);
+            }
+            if (!Number.isInteger(limitRaw)) {
+                throw new TypeError(`evidencePack.list: \`limit\` must be a finite integer ` +
+                    `(got ${limitRaw})`);
+            }
+            if (limitRaw < 1 || limitRaw > MAX_LIST_LIMIT) {
+                throw new TypeError(`evidencePack.list: \`limit\` must be in the range [1, ` +
+                    `${MAX_LIST_LIMIT}] (got ${limitRaw})`);
+            }
+            validatedLimit = limitRaw;
+        }
+        let validatedCursor;
+        if (hasCursor && cursorRaw !== undefined) {
+            if (typeof cursorRaw !== "string") {
+                throw new TypeError(`evidencePack.list: \`cursor\` must be a string when provided ` +
+                    `(got ${describeType(cursorRaw)})`);
+            }
+            if (cursorRaw.length === 0) {
+                throw new TypeError("evidencePack.list: `cursor` must be a non-empty string when provided");
+            }
+            validatedCursor = cursorRaw;
+        }
+        // Build the query record. The transport's `encodeQuery` drops
+        // undefined values, so an omitted filter is never emitted — the
+        // kernel then applies its own `.default(50)` on `limit` etc.
+        // (closed-default invariant carry-forward).
+        const query = {
+            systemId: validatedSystemId,
+            packType: validatedPackType,
+            status: validatedStatus,
+            limit: validatedLimit,
+            cursor: validatedCursor,
+        };
+        return this.client
+            ._request({
+            method: "GET",
+            path: "/api/v1/evidence-packs",
+            query,
+            options,
+        })
+            .then((result) => {
+            if (result === null ||
+                typeof result !== "object" ||
+                Array.isArray(result)) {
+                throw new AttestryError(`evidencePack.list: expected an object response from the kernel ` +
+                    `(got ${describeType(result)})`);
+            }
+            const obj = result;
+            const itemsRaw = objectHasOwn(obj, "items") ? obj.items : undefined;
+            if (!Array.isArray(itemsRaw)) {
+                throw new AttestryError(`evidencePack.list: expected response.items to be an array ` +
+                    `(got ${describeType(itemsRaw)})`);
+            }
+            for (let i = 0; i < itemsRaw.length; i++) {
+                validatePack(itemsRaw[i], "evidencePack.list", `response.items[${i}]`);
+            }
+            const nextCursorRaw = objectHasOwn(obj, "nextCursor")
+                ? obj.nextCursor
+                : undefined;
+            if (nextCursorRaw !== null && typeof nextCursorRaw !== "string") {
+                throw new AttestryError(`evidencePack.list: expected response.nextCursor to be a string ` +
+                    `or null (got ${describeType(nextCursorRaw)})`);
+            }
+            return result;
+        });
+    }
+    /**
+     * Append a reperformance bundle to an existing **draft** evidence
+     * pack. Wraps `POST /api/v1/evidence-packs/{id}/bundles`.
+     *
+     * The kernel recomputes the pack's `content_hash` after the append
+     * and returns the updated pack alongside the new bundle. A
+     * `hashCollision` flag is set when the new `(inputs_hash,
+     * outputs_hash)` tuple matches any existing bundle on the SAME pack
+     * — flagged but NOT blocked (P1.2 DEV-17, faithful courier).
+     *
+     * **State invariant**: the pack must be in `draft` status. A
+     * non-draft pack (`signed`, `superseded`, `revoked`, `expired`)
+     * rejects with `AttestryAPIError` status 409 (`details.code` ===
+     * `"evidence_pack.invalid_state"`; `details.currentStatus` carries
+     * the pack's current state).
+     *
+     * **Method name `addBundle`** — see resource header for the
+     * `addBundle` vs `appendBundle` decision.
+     *
+     * **Idempotency**: same carry-forward as `create` — the kernel
+     * accepts `Idempotency-Key` but the SDK doesn't expose the header
+     * in P1.6.
+     *
+     * Errors — ordered by kernel firing precedence. The kernel route at
+     * `src/app/api/v1/evidence-packs/[id]/bundles/route.ts` validates the
+     * URL-path UUID BEFORE the auth check, so a malformed path UUID
+     * surfaces as 400 BEFORE 401/403. Body-parse 400s and idempotency-
+     * key 400s fire AFTER auth (matches the `get` JSDoc shape):
+     *   - `AttestryAPIError` (status 429) — rate limit (auto-retried).
+     *   - `AttestryAPIError` (status 400 — path UUID) — malformed
+     *     URL-path packId. **Fires BEFORE auth** (the kernel
+     *     `packPathParamsSchema.safeParse` runs first). The SDK
+     *     pre-validates the path UUID so this surface is only reachable
+     *     via SDK rule changes.
+     *   - `AttestryAPIError` (status 401 / 403) — auth missing / wrong
+     *     permission (`WRITE_ASSESSMENTS`).
+     *   - `AttestryAPIError` (status 400 — JSON parse / idempotency-key
+     *     format) — malformed JSON body OR malformed `Idempotency-Key`
+     *     header. **Fires AFTER auth** (the kernel parses these after
+     *     `requireSessionOrApiKey` resolves).
+     *   - `AttestryAPIError` (status 404) — pack missing OR cross-org.
+     *   - `AttestryAPIError` (status 409) — invalid state (carries
+     *     `details.currentStatus`) OR idempotency conflict.
+     *   - `AttestryAPIError` (status 413) — canonical bundle list >
+     *     256 KiB (kernel `PayloadTooLargeError`).
+     *   - `AttestryAPIError` (status 422) — Zod validation failed.
+     *   - `AttestryAPIError` (status 500) — internal kernel error.
+     *   - `AttestryError` ("request aborted by caller") — abort.
+     *   - `AttestryError` (P2 hardening) — response-shape violation.
+     *   - `AttestryAPIError` (P3 hardening) — non-JSON response.
+     *   - `TypeError` (synchronous, no fetch issued) — input failed
+     *     SDK-side validation.
+     *
+     * **SDK-side validation**:
+     *   - `input`: required; non-null, non-array object.
+     *   - `input.packId`: required own-property; non-empty UUID string.
+     *   - `input.traceContent`: required own-property; array of length
+     *     ≤1000. Per-entry shape is open-spec (kernel deep-validates).
+     *   - `input.inputsHash`: required own-property; non-empty string;
+     *     length ≤500.
+     *   - `input.outputsHash`: required own-property; non-empty string;
+     *     length ≤500.
+     *   - `input.modelBehaviorLog` (when own-present): non-null,
+     *     non-array object. Inner shape open-spec.
+     *   - `input.corroborationResults` (when own-present): non-null,
+     *     non-array object. Inner shape open-spec.
+     *   - `input.storageUri` (when own-present): non-empty string;
+     *     length ≤2000. Scheme validation kernel-authoritative.
+     *   - `input.metadata` (when own-present): non-null, non-array
+     *     object.
+     *
+     * **Response-shape validation** (P2 hardening): `bundle` is a
+     * `ReperformanceBundle`; `pack` is an `EvidencePack`; `hashCollision`
+     * is the 3-field `HashCollision` block.
+     *
+     * @example Append a bundle to a draft pack
+     * ```ts
+     * const { bundle, pack, hashCollision } = await client.evidencePack.addBundle({
+     *   packId: "11111111-1111-1111-1111-111111111111",
+     *   traceContent: [
+     *     { action: "ingest", timestamp: "2026-05-18T12:00:00Z" },
+     *     { action: "extract", timestamp: "2026-05-18T12:00:01Z" },
+     *   ],
+     *   inputsHash:  "sha256:0000000000000000000000000000000000000000000000000000000000000000",
+     *   outputsHash: "sha256:1111111111111111111111111111111111111111111111111111111111111111",
+     * });
+     * console.log(`appended bundle ${bundle.id}; pack hash now ${pack.contentHash}`);
+     * if (hashCollision.detected) {
+     *   console.warn(`duplicate bundle — ${hashCollision.count} prior matches`);
+     * }
+     * ```
+     */
+    addBundle(input, options) {
+        if (input === null ||
+            typeof input !== "object" ||
+            Array.isArray(input)) {
+            throw new TypeError("evidencePack.addBundle: `input` must be a non-null object with " +
+                "`packId`, `traceContent`, `inputsHash`, `outputsHash`");
+        }
+        // Snapshot each field via `readInputField` so a throwing accessor
+        // surfaces as the documented synchronous `TypeError` input contract
+        // (session-22 hostile MEDIUM-1); the `objectHasOwn` presence check
+        // is a separate prototype-pollution defense.
+        const hasPackId = objectHasOwn(input, "packId");
+        const packIdRaw = hasPackId
+            ? readInputField(input, "packId", "evidencePack.addBundle")
+            : undefined;
+        const hasTraceContent = objectHasOwn(input, "traceContent");
+        const traceContentRaw = hasTraceContent
+            ? readInputField(input, "traceContent", "evidencePack.addBundle")
+            : undefined;
+        const hasInputsHash = objectHasOwn(input, "inputsHash");
+        const inputsHashRaw = hasInputsHash
+            ? readInputField(input, "inputsHash", "evidencePack.addBundle")
+            : undefined;
+        const hasOutputsHash = objectHasOwn(input, "outputsHash");
+        const outputsHashRaw = hasOutputsHash
+            ? readInputField(input, "outputsHash", "evidencePack.addBundle")
+            : undefined;
+        const hasModelBehaviorLog = objectHasOwn(input, "modelBehaviorLog");
+        const modelBehaviorLogRaw = hasModelBehaviorLog
+            ? readInputField(input, "modelBehaviorLog", "evidencePack.addBundle")
+            : undefined;
+        const hasCorroborationResults = objectHasOwn(input, "corroborationResults");
+        const corroborationResultsRaw = hasCorroborationResults
+            ? readInputField(input, "corroborationResults", "evidencePack.addBundle")
+            : undefined;
+        const hasStorageUri = objectHasOwn(input, "storageUri");
+        const storageUriRaw = hasStorageUri
+            ? readInputField(input, "storageUri", "evidencePack.addBundle")
+            : undefined;
+        const hasMetadata = objectHasOwn(input, "metadata");
+        const metadataRaw = hasMetadata
+            ? readInputField(input, "metadata", "evidencePack.addBundle")
+            : undefined;
+        // packId REQUIRED.
+        if (!hasPackId || packIdRaw === undefined) {
+            throw new TypeError("evidencePack.addBundle: `packId` is required");
+        }
+        if (typeof packIdRaw !== "string" || packIdRaw.length === 0) {
+            throw new TypeError("evidencePack.addBundle: `packId` must be a non-empty string");
+        }
+        if (!UUID_REGEX.test(packIdRaw)) {
+            throw new TypeError("evidencePack.addBundle: `packId` must be an RFC 4122 hyphenated UUID");
+        }
+        // traceContent REQUIRED + array + length cap. Snapshot via Array.from.
+        if (!hasTraceContent || traceContentRaw === undefined) {
+            throw new TypeError("evidencePack.addBundle: `traceContent` is required");
+        }
+        if (!Array.isArray(traceContentRaw)) {
+            throw new TypeError(`evidencePack.addBundle: \`traceContent\` must be an array ` +
+                `(got ${describeType(traceContentRaw)})`);
+        }
+        const validatedTraceContent = Array.from(traceContentRaw);
+        if (validatedTraceContent.length > MAX_TRACE_CONTENT_LENGTH) {
+            throw new TypeError(`evidencePack.addBundle: \`traceContent\` array exceeds the ` +
+                `kernel's max length of ${MAX_TRACE_CONTENT_LENGTH} (got ` +
+                `${validatedTraceContent.length})`);
+        }
+        // inputsHash REQUIRED + non-empty + length cap.
+        if (!hasInputsHash || inputsHashRaw === undefined) {
+            throw new TypeError("evidencePack.addBundle: `inputsHash` is required");
+        }
+        if (typeof inputsHashRaw !== "string") {
+            throw new TypeError(`evidencePack.addBundle: \`inputsHash\` must be a string ` +
+                `(got ${describeType(inputsHashRaw)})`);
+        }
+        if (inputsHashRaw.length === 0) {
+            throw new TypeError("evidencePack.addBundle: `inputsHash` must be a non-empty string");
+        }
+        if (inputsHashRaw.length > MAX_HASH_LENGTH) {
+            throw new TypeError(`evidencePack.addBundle: \`inputsHash\` exceeds the maximum length ` +
+                `of ${MAX_HASH_LENGTH} characters (got ${inputsHashRaw.length})`);
+        }
+        // Capture the validated value into a typed local (matches the
+        // `validated*` discipline used for every other field) so the body is
+        // built ONLY from validated locals — a future refactor that moved
+        // the read or changed `inputsHashRaw`'s type cannot silently ship an
+        // unvalidated value (hostile-review F-CR-1).
+        const validatedInputsHash = inputsHashRaw;
+        // outputsHash REQUIRED + non-empty + length cap.
+        if (!hasOutputsHash || outputsHashRaw === undefined) {
+            throw new TypeError("evidencePack.addBundle: `outputsHash` is required");
+        }
+        if (typeof outputsHashRaw !== "string") {
+            throw new TypeError(`evidencePack.addBundle: \`outputsHash\` must be a string ` +
+                `(got ${describeType(outputsHashRaw)})`);
+        }
+        if (outputsHashRaw.length === 0) {
+            throw new TypeError("evidencePack.addBundle: `outputsHash` must be a non-empty string");
+        }
+        if (outputsHashRaw.length > MAX_HASH_LENGTH) {
+            throw new TypeError(`evidencePack.addBundle: \`outputsHash\` exceeds the maximum length ` +
+                `of ${MAX_HASH_LENGTH} characters (got ${outputsHashRaw.length})`);
+        }
+        // Capture the validated value into a typed local (F-CR-1 — same
+        // rationale as `validatedInputsHash`).
+        const validatedOutputsHash = outputsHashRaw;
+        // Optional modelBehaviorLog — non-null non-array object.
+        let validatedModelBehaviorLog;
+        if (hasModelBehaviorLog && modelBehaviorLogRaw !== undefined) {
+            if (modelBehaviorLogRaw === null ||
+                typeof modelBehaviorLogRaw !== "object" ||
+                Array.isArray(modelBehaviorLogRaw)) {
+                throw new TypeError(`evidencePack.addBundle: \`modelBehaviorLog\` must be a non-null ` +
+                    `object when provided (got ${describeType(modelBehaviorLogRaw)})`);
+            }
+            validatedModelBehaviorLog = modelBehaviorLogRaw;
+        }
+        // Optional corroborationResults — non-null non-array object.
+        let validatedCorroborationResults;
+        if (hasCorroborationResults && corroborationResultsRaw !== undefined) {
+            if (corroborationResultsRaw === null ||
+                typeof corroborationResultsRaw !== "object" ||
+                Array.isArray(corroborationResultsRaw)) {
+                throw new TypeError(`evidencePack.addBundle: \`corroborationResults\` must be a non-` +
+                    `null object when provided (got ` +
+                    `${describeType(corroborationResultsRaw)})`);
+            }
+            validatedCorroborationResults =
+                corroborationResultsRaw;
+        }
+        // Optional storageUri — non-empty string + length cap. Scheme is
+        // kernel-authoritative (faithful courier — same as vision.ts
+        // imageUri).
+        let validatedStorageUri;
+        if (hasStorageUri && storageUriRaw !== undefined) {
+            if (typeof storageUriRaw !== "string") {
+                throw new TypeError(`evidencePack.addBundle: \`storageUri\` must be a string when ` +
+                    `provided (got ${describeType(storageUriRaw)})`);
+            }
+            if (storageUriRaw.length === 0) {
+                throw new TypeError("evidencePack.addBundle: `storageUri` must be a non-empty string " +
+                    "when provided");
+            }
+            if (storageUriRaw.length > MAX_STORAGE_URI_LENGTH) {
+                throw new TypeError(`evidencePack.addBundle: \`storageUri\` exceeds the maximum ` +
+                    `length of ${MAX_STORAGE_URI_LENGTH} characters (got ` +
+                    `${storageUriRaw.length})`);
+            }
+            validatedStorageUri = storageUriRaw;
+        }
+        // Optional metadata — non-null non-array object.
+        let validatedMetadata;
+        if (hasMetadata && metadataRaw !== undefined) {
+            if (metadataRaw === null ||
+                typeof metadataRaw !== "object" ||
+                Array.isArray(metadataRaw)) {
+                throw new TypeError(`evidencePack.addBundle: \`metadata\` must be a non-null object ` +
+                    `when provided (got ${describeType(metadataRaw)})`);
+            }
+            validatedMetadata = metadataRaw;
+        }
+        // Build the body. `packId` rides the URL path, NOT the body.
+        const body = {
+            traceContent: validatedTraceContent,
+            inputsHash: validatedInputsHash,
+            outputsHash: validatedOutputsHash,
+        };
+        if (validatedModelBehaviorLog !== undefined) {
+            body.modelBehaviorLog = validatedModelBehaviorLog;
+        }
+        if (validatedCorroborationResults !== undefined) {
+            body.corroborationResults = validatedCorroborationResults;
+        }
+        if (validatedStorageUri !== undefined) {
+            body.storageUri = validatedStorageUri;
+        }
+        if (validatedMetadata !== undefined) {
+            body.metadata = validatedMetadata;
+        }
+        const path = `/api/v1/evidence-packs/${encodeURIComponent(packIdRaw)}/bundles`;
+        return this.client
+            ._request({
+            method: "POST",
+            path,
+            body,
+            options,
+        })
+            .then((result) => {
+            if (result === null ||
+                typeof result !== "object" ||
+                Array.isArray(result)) {
+                throw new AttestryError(`evidencePack.addBundle: expected an object response from the ` +
+                    `kernel (got ${describeType(result)})`);
+            }
+            const obj = result;
+            const bundleRaw = objectHasOwn(obj, "bundle") ? obj.bundle : undefined;
+            validateBundle(bundleRaw, "evidencePack.addBundle", "response.bundle");
+            const packRaw = objectHasOwn(obj, "pack") ? obj.pack : undefined;
+            validatePack(packRaw, "evidencePack.addBundle", "response.pack");
+            const hashCollisionRaw = objectHasOwn(obj, "hashCollision")
+                ? obj.hashCollision
+                : undefined;
+            validateHashCollision(hashCollisionRaw, "evidencePack.addBundle", "response.hashCollision");
+            return result;
+        });
+    }
+    /**
+     * Sign a draft evidence pack, transitioning it `draft → signed` and
+     * finalizing it into an auditor-visible compliance artifact. Wraps
+     * `POST /api/v1/evidence-packs/{id}/sign`.
+     *
+     * The kernel recomputes the pack's `content_hash` over its current
+     * bundle list on sign (never trusting the stored column), writes
+     * `signed_at` + `signed_by_user_id` + (when provided)
+     * `attestation_certificate_id`, and appends an `evidence_pack.signed`
+     * audit-log entry — all atomic inside one per-org-locked transaction.
+     *
+     * **Auth: ADMIN-only** — the kernel gates `sessionRoles:['admin']` +
+     * `apiKeyPermissions:[ADMIN]`. A non-admin key → 403.
+     *
+     * **Empty-pack guard**: signing a pack with no bundles → 409 with
+     * `details.code === "evidence_pack.empty"` (a dedicated `EmptyPackError`,
+     * NOT `InvalidStateError` — so it carries NO `currentStatus`; the pack
+     * IS in the right `draft` pre-sign state, it just has nothing to sign).
+     *
+     * **Idempotency**: the kernel does NOT honor `Idempotency-Key` on sign
+     * (a replay 409s with `currentStatus='signed'`); the SDK sends none.
+     *
+     * Errors — ordered by kernel firing precedence. The route validates the
+     * URL-path UUID via `packPathParamsSchema.safeParse` BEFORE
+     * `requireSessionOrApiKey`, so a malformed path UUID surfaces as 400
+     * BEFORE 401/403:
+     *   - `AttestryAPIError` (status 429) — rate limit (auto-retried).
+     *   - `AttestryAPIError` (status 400 — path UUID) — malformed URL-path
+     *     packId. **Fires BEFORE auth.** The SDK pre-validates the UUID, so
+     *     this surface is only reachable via SDK rule changes.
+     *   - `AttestryAPIError` (status 401 / 403) — auth missing / key is not
+     *     ADMIN.
+     *   - `AttestryAPIError` (status 400 — JSON parse) — malformed body.
+     *     **Fires AFTER auth.**
+     *   - `AttestryAPIError` (status 422) — Zod validation failed
+     *     (`details.code === "evidence_pack.validation_failed"`).
+     *   - `AttestryAPIError` (status 404) — pack missing OR cross-org OR
+     *     (when an `attestationCertificateId` is supplied) the cert is
+     *     missing / cross-org / cross-system (anti-enumeration — same
+     *     "pack not found" message).
+     *   - `AttestryAPIError` (status 409) — `InvalidStateError` (pack not in
+     *     `draft`; `details.currentStatus` carries the state) OR
+     *     `EmptyPackError` (`details.code === "evidence_pack.empty"`).
+     *   - `AttestryAPIError` (status 500) — internal kernel error.
+     *   - `AttestryError` ("request aborted by caller") — abort.
+     *   - `AttestryError` (P2 hardening) — response-shape violation.
+     *   - `AttestryAPIError` (P3 hardening) — non-JSON response.
+     *   - `TypeError` (synchronous, no fetch issued) — input failed
+     *     SDK-side validation.
+     *
+     * **SDK-side validation**:
+     *   - `input`: required; non-null, non-array object.
+     *   - `input.packId`: required own-property; non-empty UUID string.
+     *   - `input.attestationCertificateId` (when own-present): UUID format.
+     *
+     * **Response-shape validation** (P2 hardening): the signed `EvidencePack`.
+     *
+     * @example
+     * ```ts
+     * const signed = await client.evidencePack.sign({
+     *   packId: "11111111-1111-1111-1111-111111111111",
+     * });
+     * console.log(signed.status, signed.contentHash); // "signed", "sha256:..."
+     * ```
+     */
+    sign(input, options) {
+        if (input === null || typeof input !== "object" || Array.isArray(input)) {
+            throw new TypeError("evidencePack.sign: `input` must be a non-null object with `packId`");
+        }
+        const hasPackId = objectHasOwn(input, "packId");
+        const packIdRaw = hasPackId
+            ? readInputField(input, "packId", "evidencePack.sign")
+            : undefined;
+        const hasAttestationCertificateId = objectHasOwn(input, "attestationCertificateId");
+        const attestationCertificateIdRaw = hasAttestationCertificateId
+            ? readInputField(input, "attestationCertificateId", "evidencePack.sign")
+            : undefined;
+        if (!hasPackId || packIdRaw === undefined) {
+            throw new TypeError("evidencePack.sign: `packId` is required");
+        }
+        if (typeof packIdRaw !== "string" || packIdRaw.length === 0) {
+            throw new TypeError("evidencePack.sign: `packId` must be a non-empty string");
+        }
+        if (!UUID_REGEX.test(packIdRaw)) {
+            throw new TypeError("evidencePack.sign: `packId` must be an RFC 4122 hyphenated UUID");
+        }
+        let validatedAttestationCertificateId;
+        if (hasAttestationCertificateId &&
+            attestationCertificateIdRaw !== undefined) {
+            if (typeof attestationCertificateIdRaw !== "string") {
+                throw new TypeError(`evidencePack.sign: \`attestationCertificateId\` must be a string ` +
+                    `when provided (got ${describeType(attestationCertificateIdRaw)})`);
+            }
+            if (!UUID_REGEX.test(attestationCertificateIdRaw)) {
+                throw new TypeError("evidencePack.sign: `attestationCertificateId` must be an RFC 4122 " +
+                    "hyphenated UUID");
+            }
+            validatedAttestationCertificateId = attestationCertificateIdRaw;
+        }
+        // Body from validated locals only (F-CR-1). Always an object (never
+        // undefined) so the transport sets Content-Type and the kernel route's
+        // `parseBody` gets valid JSON; `{}` when no cert (mirrors the MCP tool).
+        const body = {};
+        if (validatedAttestationCertificateId !== undefined) {
+            body.attestationCertificateId = validatedAttestationCertificateId;
+        }
+        const path = `/api/v1/evidence-packs/${encodeURIComponent(packIdRaw)}/sign`;
+        return this.client
+            ._request({
+            method: "POST",
+            path,
+            body,
+            options,
+        })
+            .then((result) => {
+            validatePack(result, "evidencePack.sign", "response");
+            return result;
+        });
+    }
+    /**
+     * Supersede a signed evidence pack: transitions the old pack
+     * `signed → superseded` and creates a NEW draft pack linked to it
+     * (`parent_pack_id = oldPackId`). Wraps
+     * `POST /api/v1/evidence-packs/{id}/supersede`.
+     *
+     * Both packs are returned (`{newPack, oldPack}`, HTTP 201). The two
+     * operations + the audit-log entry commit atomically inside one
+     * per-org-locked transaction.
+     *
+     * **Auth**: WRITE_ASSESSMENTS (NOT admin — supersede is a normal write).
+     *
+     * **`newPack` includes `consumerHints`** (unlike `create`, which omits
+     * it) — mirroring the kernel `supersedeNewPackPayloadSchema` and the
+     * P1.7 MCP supersede tool.
+     *
+     * **Idempotency**: the kernel route honors `Idempotency-Key` on
+     * supersede, but the SDK does NOT send it (R-2 carry-forward — same as
+     * `create` / `addBundle`). Consumers needing safe retry today should
+     * dedupe client-side.
+     *
+     * Errors — ordered by kernel firing precedence (path-uuid 400 BEFORE
+     * auth). The SDK does not send `Idempotency-Key`, so the idempotency-
+     * format-400 / idempotency-conflict-409 surfaces are unreachable from
+     * the SDK:
+     *   - `AttestryAPIError` (status 429) — rate limit (auto-retried).
+     *   - `AttestryAPIError` (status 400 — path UUID) — malformed URL-path
+     *     packId. **Fires BEFORE auth.** Reachable only via SDK rule changes.
+     *   - `AttestryAPIError` (status 401 / 403) — auth missing / lacks
+     *     WRITE_ASSESSMENTS.
+     *   - `AttestryAPIError` (status 400 — JSON parse) — malformed body.
+     *   - `AttestryAPIError` (status 422) — Zod validation failed on
+     *     `newPack` (`details.code === "evidence_pack.validation_failed"`).
+     *   - `AttestryAPIError` (status 404) — old pack missing OR cross-org.
+     *   - `AttestryAPIError` (status 409) — `InvalidStateError` (old pack not
+     *     in `signed` state; `details.currentStatus` carries the state).
+     *   - `AttestryAPIError` (status 500) — internal kernel error.
+     *   - `AttestryError` ("request aborted by caller") — abort.
+     *   - `AttestryError` (P2 hardening) — response-shape violation.
+     *   - `AttestryAPIError` (P3 hardening) — non-JSON response.
+     *   - `TypeError` (synchronous, no fetch issued) — input failed
+     *     SDK-side validation.
+     *
+     * **SDK-side validation**:
+     *   - `input`: required; non-null, non-array object.
+     *   - `input.packId`: required own-property; non-empty UUID string.
+     *   - `input.newPack`: required own-property; non-null, non-array object.
+     *   - `input.newPack.packType`: required; member of `PACK_TYPES`.
+     *   - `input.newPack.systemId` (when own-present): UUID format.
+     *   - `input.newPack.frameworkBindings` (when own-present): array of
+     *     length ≤50. Per-entry shape is open-spec (kernel deep-validates).
+     *   - `input.newPack.consumerHints` (when own-present): non-null,
+     *     non-array object. Inner shape open-spec (kernel deep-validates).
+     *   - `input.newPack.metadata` (when own-present): non-null, non-array
+     *     object.
+     *
+     * **Response-shape validation** (P2 hardening): `newPack` and `oldPack`
+     * are each a full `EvidencePack`.
+     *
+     * @example
+     * ```ts
+     * const { newPack, oldPack } = await client.evidencePack.supersede({
+     *   packId: "11111111-1111-1111-1111-111111111111", // the signed pack
+     *   newPack: {
+     *     packType: "annex_iv",
+     *     frameworkBindings: [{ framework: "eu_ai_act", identifier: "Annex.IV.1" }],
+     *   },
+     * });
+     * console.log(oldPack.status, newPack.status); // "superseded", "draft"
+     * console.log(newPack.parentPackId === oldPack.id); // true
+     * ```
+     */
+    supersede(input, options) {
+        if (input === null || typeof input !== "object" || Array.isArray(input)) {
+            throw new TypeError("evidencePack.supersede: `input` must be a non-null object with " +
+                "`packId` and `newPack`");
+        }
+        const hasPackId = objectHasOwn(input, "packId");
+        const packIdRaw = hasPackId
+            ? readInputField(input, "packId", "evidencePack.supersede")
+            : undefined;
+        const hasNewPack = objectHasOwn(input, "newPack");
+        const newPackRaw = hasNewPack
+            ? readInputField(input, "newPack", "evidencePack.supersede")
+            : undefined;
+        // packId REQUIRED + UUID.
+        if (!hasPackId || packIdRaw === undefined) {
+            throw new TypeError("evidencePack.supersede: `packId` is required");
+        }
+        if (typeof packIdRaw !== "string" || packIdRaw.length === 0) {
+            throw new TypeError("evidencePack.supersede: `packId` must be a non-empty string");
+        }
+        if (!UUID_REGEX.test(packIdRaw)) {
+            throw new TypeError("evidencePack.supersede: `packId` must be an RFC 4122 hyphenated UUID");
+        }
+        // newPack REQUIRED + non-null non-array object.
+        if (!hasNewPack || newPackRaw === undefined) {
+            throw new TypeError("evidencePack.supersede: `newPack` is required");
+        }
+        if (newPackRaw === null ||
+            typeof newPackRaw !== "object" ||
+            Array.isArray(newPackRaw)) {
+            throw new TypeError(`evidencePack.supersede: \`newPack\` must be a non-null object ` +
+                `(got ${describeType(newPackRaw)})`);
+        }
+        // newPack inner fields — snapshot each value EXACTLY ONCE, via
+        // `readInputField` so a throwing accessor on the consumer-supplied
+        // nested `newPack` object surfaces as the documented synchronous
+        // `TypeError` input contract (session-22 hostile MEDIUM-1).
+        const hasPackType = objectHasOwn(newPackRaw, "packType");
+        const packTypeRaw = hasPackType
+            ? readInputField(newPackRaw, "packType", "evidencePack.supersede")
+            : undefined;
+        const hasSystemId = objectHasOwn(newPackRaw, "systemId");
+        const systemIdRaw = hasSystemId
+            ? readInputField(newPackRaw, "systemId", "evidencePack.supersede")
+            : undefined;
+        const hasFrameworkBindings = objectHasOwn(newPackRaw, "frameworkBindings");
+        const frameworkBindingsRaw = hasFrameworkBindings
+            ? readInputField(newPackRaw, "frameworkBindings", "evidencePack.supersede")
+            : undefined;
+        const hasConsumerHints = objectHasOwn(newPackRaw, "consumerHints");
+        const consumerHintsRaw = hasConsumerHints
+            ? readInputField(newPackRaw, "consumerHints", "evidencePack.supersede")
+            : undefined;
+        const hasMetadata = objectHasOwn(newPackRaw, "metadata");
+        const metadataRaw = hasMetadata
+            ? readInputField(newPackRaw, "metadata", "evidencePack.supersede")
+            : undefined;
+        // newPack.packType REQUIRED + closed-enum membership.
+        if (!hasPackType || packTypeRaw === undefined) {
+            throw new TypeError("evidencePack.supersede: `newPack.packType` is required");
+        }
+        if (typeof packTypeRaw !== "string") {
+            throw new TypeError(`evidencePack.supersede: \`newPack.packType\` must be a string ` +
+                `(got ${describeType(packTypeRaw)})`);
+        }
+        if (!PACK_TYPES.includes(packTypeRaw)) {
+            throw new TypeError(`evidencePack.supersede: \`newPack.packType\` must be one of ` +
+                `${JSON.stringify(PACK_TYPES)} (got ${JSON.stringify(packTypeRaw)})`);
+        }
+        const validatedPackType = packTypeRaw;
+        // newPack.systemId optional UUID.
+        let validatedSystemId;
+        if (hasSystemId && systemIdRaw !== undefined) {
+            if (typeof systemIdRaw !== "string") {
+                throw new TypeError(`evidencePack.supersede: \`newPack.systemId\` must be a string when ` +
+                    `provided (got ${describeType(systemIdRaw)})`);
+            }
+            if (!UUID_REGEX.test(systemIdRaw)) {
+                throw new TypeError("evidencePack.supersede: `newPack.systemId` must be an RFC 4122 " +
+                    "hyphenated UUID");
+            }
+            validatedSystemId = systemIdRaw;
+        }
+        // newPack.frameworkBindings optional array + length cap (Array.from
+        // snapshot for TOCTOU defense; per-entry shape open-spec).
+        let validatedFrameworkBindings;
+        if (hasFrameworkBindings && frameworkBindingsRaw !== undefined) {
+            if (!Array.isArray(frameworkBindingsRaw)) {
+                throw new TypeError(`evidencePack.supersede: \`newPack.frameworkBindings\` must be an ` +
+                    `array when provided (got ${describeType(frameworkBindingsRaw)})`);
+            }
+            const snapshot = Array.from(frameworkBindingsRaw);
+            if (snapshot.length > MAX_FRAMEWORK_BINDINGS_LENGTH) {
+                throw new TypeError(`evidencePack.supersede: \`newPack.frameworkBindings\` array ` +
+                    `exceeds the kernel's max length of ` +
+                    `${MAX_FRAMEWORK_BINDINGS_LENGTH} (got ${snapshot.length})`);
+            }
+            validatedFrameworkBindings = snapshot;
+        }
+        // newPack.consumerHints optional non-null non-array object (DEV-74).
+        let validatedConsumerHints;
+        if (hasConsumerHints && consumerHintsRaw !== undefined) {
+            if (consumerHintsRaw === null ||
+                typeof consumerHintsRaw !== "object" ||
+                Array.isArray(consumerHintsRaw)) {
+                throw new TypeError(`evidencePack.supersede: \`newPack.consumerHints\` must be a ` +
+                    `non-null object when provided (got ` +
+                    `${describeType(consumerHintsRaw)})`);
+            }
+            validatedConsumerHints = consumerHintsRaw;
+        }
+        // newPack.metadata optional non-null non-array object.
+        let validatedMetadata;
+        if (hasMetadata && metadataRaw !== undefined) {
+            if (metadataRaw === null ||
+                typeof metadataRaw !== "object" ||
+                Array.isArray(metadataRaw)) {
+                throw new TypeError(`evidencePack.supersede: \`newPack.metadata\` must be a non-null ` +
+                    `object when provided (got ${describeType(metadataRaw)})`);
+            }
+            validatedMetadata = metadataRaw;
+        }
+        // Build newPack from validated locals only (F-CR-1). Omit the optional
+        // fields the consumer omitted so the kernel applies its defaults.
+        const newPack = { packType: validatedPackType };
+        if (validatedSystemId !== undefined)
+            newPack.systemId = validatedSystemId;
+        if (validatedFrameworkBindings !== undefined) {
+            newPack.frameworkBindings = validatedFrameworkBindings;
+        }
+        if (validatedConsumerHints !== undefined) {
+            newPack.consumerHints = validatedConsumerHints;
+        }
+        if (validatedMetadata !== undefined)
+            newPack.metadata = validatedMetadata;
+        const path = `/api/v1/evidence-packs/${encodeURIComponent(packIdRaw)}/supersede`;
+        return this.client
+            ._request({
+            method: "POST",
+            path,
+            body: { newPack },
+            options,
+        })
+            .then((result) => {
+            if (result === null ||
+                typeof result !== "object" ||
+                Array.isArray(result)) {
+                throw new AttestryError(`evidencePack.supersede: expected an object response from the ` +
+                    `kernel (got ${describeType(result)})`);
+            }
+            const obj = result;
+            const newPackRawResp = objectHasOwn(obj, "newPack")
+                ? obj.newPack
+                : undefined;
+            validatePack(newPackRawResp, "evidencePack.supersede", "response.newPack");
+            const oldPackRawResp = objectHasOwn(obj, "oldPack")
+                ? obj.oldPack
+                : undefined;
+            validatePack(oldPackRawResp, "evidencePack.supersede", "response.oldPack");
+            return result;
+        });
+    }
+    /**
+     * Revoke a signed evidence pack, transitioning it `signed → revoked`
+     * and blocking future verification. Wraps
+     * `POST /api/v1/evidence-packs/{id}/revoke`.
+     *
+     * **No cascade** — revoking a pack does NOT touch its children or the
+     * supersession-chain neighbour. Revocation is intentionally NOT
+     * idempotent: a second revoke 409s (auditors care about the difference
+     * between "revoked once" and "revoked again"; the first is canonical).
+     *
+     * **Auth: ADMIN-only** — the kernel gates `sessionRoles:['admin']` +
+     * `apiKeyPermissions:[ADMIN]`. A non-admin key → 403.
+     *
+     * Optional `reason` (≤500 chars) is recorded verbatim in the pack's
+     * audit-log entry for compliance investigators.
+     *
+     * Errors — ordered by kernel firing precedence (path-uuid 400 BEFORE
+     * auth):
+     *   - `AttestryAPIError` (status 429) — rate limit (auto-retried).
+     *   - `AttestryAPIError` (status 400 — path UUID) — malformed URL-path
+     *     packId. **Fires BEFORE auth.** Reachable only via SDK rule changes.
+     *   - `AttestryAPIError` (status 401 / 403) — auth missing / not ADMIN.
+     *   - `AttestryAPIError` (status 400 — JSON parse) — malformed body.
+     *   - `AttestryAPIError` (status 422) — Zod validation failed
+     *     (`details.code === "evidence_pack.validation_failed"`).
+     *   - `AttestryAPIError` (status 404) — pack missing OR cross-org.
+     *   - `AttestryAPIError` (status 409) — `InvalidStateError` (pack not in
+     *     `signed` state, e.g. already revoked / still draft / superseded;
+     *     `details.currentStatus` carries the state).
+     *   - `AttestryAPIError` (status 500) — internal kernel error.
+     *   - `AttestryError` ("request aborted by caller") — abort.
+     *   - `AttestryError` (P2 hardening) — response-shape violation.
+     *   - `AttestryAPIError` (P3 hardening) — non-JSON response.
+     *   - `TypeError` (synchronous, no fetch issued) — input failed
+     *     SDK-side validation.
+     *
+     * **SDK-side validation**:
+     *   - `input`: required; non-null, non-array object.
+     *   - `input.packId`: required own-property; non-empty UUID string.
+     *   - `input.reason` (when own-present): non-empty string; length ≤500.
+     *
+     * **Response-shape validation** (P2 hardening): the revoked `EvidencePack`.
+     *
+     * @example
+     * ```ts
+     * const revoked = await client.evidencePack.revoke({
+     *   packId: "11111111-1111-1111-1111-111111111111",
+     *   reason: "superseding control framework updated; pack no longer valid",
+     * });
+     * console.log(revoked.status); // "revoked"
+     * ```
+     */
+    revoke(input, options) {
+        if (input === null || typeof input !== "object" || Array.isArray(input)) {
+            throw new TypeError("evidencePack.revoke: `input` must be a non-null object with `packId`");
+        }
+        const hasPackId = objectHasOwn(input, "packId");
+        const packIdRaw = hasPackId
+            ? readInputField(input, "packId", "evidencePack.revoke")
+            : undefined;
+        const hasReason = objectHasOwn(input, "reason");
+        const reasonRaw = hasReason
+            ? readInputField(input, "reason", "evidencePack.revoke")
+            : undefined;
+        if (!hasPackId || packIdRaw === undefined) {
+            throw new TypeError("evidencePack.revoke: `packId` is required");
+        }
+        if (typeof packIdRaw !== "string" || packIdRaw.length === 0) {
+            throw new TypeError("evidencePack.revoke: `packId` must be a non-empty string");
+        }
+        if (!UUID_REGEX.test(packIdRaw)) {
+            throw new TypeError("evidencePack.revoke: `packId` must be an RFC 4122 hyphenated UUID");
+        }
+        // reason optional non-empty string + length cap.
+        let validatedReason;
+        if (hasReason && reasonRaw !== undefined) {
+            if (typeof reasonRaw !== "string") {
+                throw new TypeError(`evidencePack.revoke: \`reason\` must be a string when provided ` +
+                    `(got ${describeType(reasonRaw)})`);
+            }
+            if (reasonRaw.length === 0) {
+                throw new TypeError("evidencePack.revoke: `reason` must be a non-empty string when " +
+                    "provided");
+            }
+            if (reasonRaw.length > MAX_REASON_LENGTH) {
+                throw new TypeError(`evidencePack.revoke: \`reason\` exceeds the maximum length of ` +
+                    `${MAX_REASON_LENGTH} characters (got ${reasonRaw.length})`);
+            }
+            validatedReason = reasonRaw;
+        }
+        // Body from validated locals only (F-CR-1). Always an object; `{}`
+        // when no reason (mirrors the MCP tool; route `parseBody` gets valid
+        // JSON).
+        const body = {};
+        if (validatedReason !== undefined)
+            body.reason = validatedReason;
+        const path = `/api/v1/evidence-packs/${encodeURIComponent(packIdRaw)}/revoke`;
+        return this.client
+            ._request({
+            method: "POST",
+            path,
+            body,
+            options,
+        })
+            .then((result) => {
+            validatePack(result, "evidencePack.revoke", "response");
+            return result;
+        });
+    }
+    /**
+     * Export an evidence pack as a downloadable artifact. Wraps
+     * `GET /api/v1/evidence-packs/{id}/export?format={json|pdf|zip}`.
+     *
+     * **Returns a non-JSON artifact** (P1.8 DEV-73). Unlike every other
+     * method, the kernel export route returns the RAW artifact on success
+     * (NOT the `{success,data}` envelope) with a download
+     * `Content-Disposition` header. This method therefore routes through the
+     * streaming transport and returns an {@link EvidencePackExportResult}
+     * wrapping the **un-consumed** `Response`:
+     *
+     *   - `json` → `await result.response.json()` yields the artifact
+     *     `{export:{format,generatedAt,schemaVersion:"evidence-pack-export.v1"},
+     *     pack, bundles}`.
+     *   - `pdf`  → `await result.response.arrayBuffer()` yields the PDF bytes.
+     *   - `zip`  → `result.response.body` is a `ReadableStream<Uint8Array>`
+     *     (stream it to disk for large packs), or `await result.response.blob()`.
+     *
+     * The transport has already verified the HTTP status (a non-2xx threw
+     * `AttestryAPIError` — NOT a stream/parse crash) and that the response's
+     * `Content-Type` MIME matches the requested format. The SDK does NOT
+     * consume or `validatePack` the artifact body — faithful courier (same
+     * discipline as `decisions.export` / `auditLog.export`).
+     *
+     * **Auth**: READ_ASSESSMENTS. **Revoked packs are exportable** (the
+     * artifact carries `status:'revoked'` verbatim — no filtering).
+     *
+     * **No internal timeout** — the streaming transport does not arm the
+     * 30s default (a large zip can take longer). Pass `options.signal` from
+     * your own `AbortController` to bound the duration.
+     *
+     * Errors — ordered by kernel firing precedence. **The query-schema parse
+     * runs BEFORE auth** in this route, so an absent/unknown `format` 422s
+     * BEFORE 401/403:
+     *   - `AttestryAPIError` (status 429) — rate limit (auto-retried).
+     *   - `AttestryAPIError` (status 400 — path UUID) — malformed URL-path
+     *     packId. **Fires BEFORE auth.** Reachable only via SDK rule changes.
+     *   - `AttestryAPIError` (status 422) — absent / unknown `format`
+     *     (`details.code === "evidence_pack.validation_failed"`). **Fires
+     *     BEFORE auth.** The SDK pre-validates `format`, so reachable only
+     *     via SDK rule changes.
+     *   - `AttestryAPIError` (status 401 / 403) — auth missing / lacks
+     *     READ_ASSESSMENTS.
+     *   - `AttestryAPIError` (status 404) — pack missing OR cross-org.
+     *   - `AttestryAPIError` (status 500) — internal kernel error.
+     *   - `AttestryError` ("request aborted by caller") — abort.
+     *   - `AttestryAPIError` (transport guard) — a 2xx with the wrong
+     *     `Content-Type` for the requested format.
+     *   - `TypeError` (synchronous, no fetch issued) — input failed
+     *     SDK-side validation.
+     *
+     * **SDK-side validation**:
+     *   - `input`: required; non-null, non-array object.
+     *   - `input.packId`: required own-property; non-empty UUID string.
+     *   - `input.format`: required own-property; member of `EXPORT_FORMATS`.
+     *
+     * @example Stream a zip export to disk (Node)
+     * ```ts
+     * import { Writable } from "node:stream";
+     * const { response } = await client.evidencePack.export({
+     *   packId: "11111111-1111-1111-1111-111111111111",
+     *   format: "zip",
+     * });
+     * await response.body!.pipeTo(Writable.toWeb(fs.createWriteStream("pack.zip")));
+     * ```
+     *
+     * @example Read the JSON artifact for offline content-hash re-verification
+     * ```ts
+     * const { response } = await client.evidencePack.export({
+     *   packId: "11111111-1111-1111-1111-111111111111",
+     *   format: "json",
+     * });
+     * const artifact = await response.json(); // {export, pack, bundles}
+     * ```
+     */
+    export(input, options) {
+        if (input === null || typeof input !== "object" || Array.isArray(input)) {
+            throw new TypeError("evidencePack.export: `input` must be a non-null object with " +
+                "`packId` and `format`");
+        }
+        const hasPackId = objectHasOwn(input, "packId");
+        const packIdRaw = hasPackId
+            ? readInputField(input, "packId", "evidencePack.export")
+            : undefined;
+        const hasFormat = objectHasOwn(input, "format");
+        const formatRaw = hasFormat
+            ? readInputField(input, "format", "evidencePack.export")
+            : undefined;
+        if (!hasPackId || packIdRaw === undefined) {
+            throw new TypeError("evidencePack.export: `packId` is required");
+        }
+        if (typeof packIdRaw !== "string" || packIdRaw.length === 0) {
+            throw new TypeError("evidencePack.export: `packId` must be a non-empty string");
+        }
+        if (!UUID_REGEX.test(packIdRaw)) {
+            throw new TypeError("evidencePack.export: `packId` must be an RFC 4122 hyphenated UUID");
+        }
+        // format REQUIRED + closed-enum membership (synchronous TypeError).
+        if (!hasFormat || formatRaw === undefined) {
+            throw new TypeError("evidencePack.export: `format` is required");
+        }
+        if (typeof formatRaw !== "string") {
+            throw new TypeError(`evidencePack.export: \`format\` must be a string ` +
+                `(got ${describeType(formatRaw)})`);
+        }
+        if (!EXPORT_FORMATS.includes(formatRaw)) {
+            throw new TypeError(`evidencePack.export: \`format\` must be one of ` +
+                `${JSON.stringify(EXPORT_FORMATS)} (got ${JSON.stringify(formatRaw)})`);
+        }
+        const validatedFormat = formatRaw;
+        const path = `/api/v1/evidence-packs/${encodeURIComponent(packIdRaw)}/export`;
+        const expectedContentType = EXPORT_CONTENT_TYPES[validatedFormat];
+        // `export` returns a downloadable artifact, NOT the {success,data}
+        // envelope — route through the streaming transport `_streamRequest`
+        // (returns the un-consumed Response; sets Accept + the per-format
+        // content-type guard from `expectedContentType`; on non-2xx drains the
+        // body and throws AttestryAPIError BEFORE the guard runs). The SDK
+        // does NOT consume/validate the body (faithful courier; DEV-73). The
+        // canonical `contentType` is surfaced from EXPORT_CONTENT_TYPES — the
+        // guard guarantees the response MIME equals it.
+        return this.client
+            ._streamRequest({
+            path,
+            query: { format: validatedFormat },
+            expectedContentType,
+            options,
+        })
+            .then((response) => ({
+            format: validatedFormat,
+            contentType: expectedContentType,
+            contentDisposition: response.headers.get("content-disposition"),
+            response,
+        }));
+    }
+}
+// ─── Shared validation helpers ──────────────────────────────────────────────
+/**
+ * Validate an `EvidencePack` response shape (P2 hardening). Throws
+ * `AttestryError` on any violation. Used by `create` (the response
+ * IS a pack), `get` (the `pack` field), `list` (each item in `items`),
+ * and `addBundle` (the `pack` field).
+ *
+ * Every field read goes through the module-load `objectHasOwn`
+ * snapshot — a hostile npm dep that pollutes
+ * `Object.prototype.<field>` cannot mask a kernel regression where
+ * the field is missing (symmetric prototype-pollution defense, carry-
+ * forward of session-16 second-hostile-review MEDIUM #3).
+ *
+ * Closed-enum fields (`packType`, `status`) are checked as `typeof
+ * === "string"` only at runtime — the typed-closed / runtime-open
+ * faithful-courier discipline (carry-forward from `vision.ts`
+ * `packIntegration.status` / `gate.ts` `gate`). The drift pin is the
+ * trip-wire for actual enum drift.
+ */
+function validatePack(value, methodName, location) {
+    if (value === null || typeof value !== "object" || Array.isArray(value)) {
+        throw new AttestryError(`${methodName}: expected ${location} to be an object ` +
+            `(got ${describeType(value)})`);
+    }
+    const obj = value;
+    // Always-present string fields.
+    for (const key of ["id", "packType", "orgId", "status", "createdAt"]) {
+        const v = objectHasOwn(obj, key) ? obj[key] : undefined;
+        if (typeof v !== "string") {
+            throw new AttestryError(`${methodName}: expected ${location}.${key} to be a string ` +
+                `(got ${describeType(v)})`);
+        }
+    }
+    // Nullable string fields (string | null).
+    for (const key of [
+        "systemId",
+        "parentPackId",
+        "supersededById",
+        "attestationCertificateId",
+        "contentHash",
+        "signedAt",
+        "signedByUserId",
+    ]) {
+        const v = objectHasOwn(obj, key) ? obj[key] : undefined;
+        if (v !== null && typeof v !== "string") {
+            throw new AttestryError(`${methodName}: expected ${location}.${key} to be a string or null ` +
+                `(got ${describeType(v)})`);
+        }
+    }
+    // frameworkBindings: array (kernel `notNull` jsonb default `[]`).
+    const frameworkBindings = objectHasOwn(obj, "frameworkBindings")
+        ? obj.frameworkBindings
+        : undefined;
+    if (!Array.isArray(frameworkBindings)) {
+        throw new AttestryError(`${methodName}: expected ${location}.frameworkBindings to be an array ` +
+            `(got ${describeType(frameworkBindings)})`);
+    }
+    // consumerHints, metadata: non-null non-array object (kernel
+    // `notNull` jsonb default `{}`).
+    for (const key of ["consumerHints", "metadata"]) {
+        const v = objectHasOwn(obj, key) ? obj[key] : undefined;
+        if (v === null || typeof v !== "object" || Array.isArray(v)) {
+            throw new AttestryError(`${methodName}: expected ${location}.${key} to be a non-null object ` +
+                `(got ${describeType(v)})`);
+        }
+    }
+}
+/**
+ * Validate a `ReperformanceBundle` response shape (P2 hardening).
+ * Used by `get` (`bundles[i]`) and `addBundle` (`bundle`).
+ */
+function validateBundle(value, methodName, location) {
+    if (value === null || typeof value !== "object" || Array.isArray(value)) {
+        throw new AttestryError(`${methodName}: expected ${location} to be an object ` +
+            `(got ${describeType(value)})`);
+    }
+    const obj = value;
+    // Always-present string fields.
+    for (const key of [
+        "id",
+        "evidencePackId",
+        "inputsHash",
+        "outputsHash",
+        "createdAt",
+    ]) {
+        const v = objectHasOwn(obj, key) ? obj[key] : undefined;
+        if (typeof v !== "string") {
+            throw new AttestryError(`${methodName}: expected ${location}.${key} to be a string ` +
+                `(got ${describeType(v)})`);
+        }
+    }
+    // storageUri: string | null.
+    const storageUri = objectHasOwn(obj, "storageUri")
+        ? obj.storageUri
+        : undefined;
+    if (storageUri !== null && typeof storageUri !== "string") {
+        throw new AttestryError(`${methodName}: expected ${location}.storageUri to be a string or null ` +
+            `(got ${describeType(storageUri)})`);
+    }
+    // traceContent: array (kernel `notNull` jsonb; runtime is an array).
+    const traceContent = objectHasOwn(obj, "traceContent")
+        ? obj.traceContent
+        : undefined;
+    if (!Array.isArray(traceContent)) {
+        throw new AttestryError(`${methodName}: expected ${location}.traceContent to be an array ` +
+            `(got ${describeType(traceContent)})`);
+    }
+    // modelBehaviorLog, corroborationResults: object | null (both nullable).
+    for (const key of ["modelBehaviorLog", "corroborationResults"]) {
+        const v = objectHasOwn(obj, key) ? obj[key] : undefined;
+        if (v !== null &&
+            (typeof v !== "object" || Array.isArray(v))) {
+            throw new AttestryError(`${methodName}: expected ${location}.${key} to be an object or null ` +
+                `(got ${describeType(v)})`);
+        }
+    }
+    // metadata: non-null non-array object (kernel `notNull` default `{}`).
+    const metadata = objectHasOwn(obj, "metadata") ? obj.metadata : undefined;
+    if (metadata === null || typeof metadata !== "object" || Array.isArray(metadata)) {
+        throw new AttestryError(`${methodName}: expected ${location}.metadata to be a non-null object ` +
+            `(got ${describeType(metadata)})`);
+    }
+}
+/**
+ * Validate the `hashCollision` block on the `addBundle` response.
+ */
+function validateHashCollision(value, methodName, location) {
+    if (value === null || typeof value !== "object" || Array.isArray(value)) {
+        throw new AttestryError(`${methodName}: expected ${location} to be an object ` +
+            `(got ${describeType(value)})`);
+    }
+    const obj = value;
+    const detected = objectHasOwn(obj, "detected") ? obj.detected : undefined;
+    if (typeof detected !== "boolean") {
+        throw new AttestryError(`${methodName}: expected ${location}.detected to be a boolean ` +
+            `(got ${describeType(detected)})`);
+    }
+    const count = objectHasOwn(obj, "count") ? obj.count : undefined;
+    if (typeof count !== "number") {
+        throw new AttestryError(`${methodName}: expected ${location}.count to be a number ` +
+            `(got ${describeType(count)})`);
+    }
+    const collidingBundleIds = objectHasOwn(obj, "collidingBundleIds")
+        ? obj.collidingBundleIds
+        : undefined;
+    if (!Array.isArray(collidingBundleIds)) {
+        throw new AttestryError(`${methodName}: expected ${location}.collidingBundleIds to be an ` +
+            `array (got ${describeType(collidingBundleIds)})`);
+    }
+    for (let i = 0; i < collidingBundleIds.length; i++) {
+        if (typeof collidingBundleIds[i] !== "string") {
+            throw new AttestryError(`${methodName}: expected ${location}.collidingBundleIds[${i}] to ` +
+                `be a string (got ${describeType(collidingBundleIds[i])})`);
+        }
+    }
+}
+/**
+ * Human-readable type description for error messages. Distinguishes
+ * `null` and `array` from generic `object`. Duplicated across SDK
+ * resource modules per project pattern (small helper, leaf-resource
+ * modules, no shared module yet).
+ */
+function describeType(value) {
+    if (value === null)
+        return "null";
+    if (Array.isArray(value))
+        return "array";
+    return typeof value;
+}
+//# sourceMappingURL=evidence-pack.js.map