@axtary/ledger 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +57 -2
- package/dist/behavior.d.ts +81 -0
- package/dist/behavior.d.ts.map +1 -0
- package/dist/behavior.js +0 -0
- package/dist/behavior.js.map +1 -0
- package/dist/forensics.d.ts +52 -0
- package/dist/forensics.d.ts.map +1 -0
- package/dist/forensics.js +249 -0
- package/dist/forensics.js.map +1 -0
- package/dist/index.d.ts +572 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +925 -42
- package/dist/index.js.map +1 -1
- package/dist/merkle.d.ts +42 -0
- package/dist/merkle.d.ts.map +1 -0
- package/dist/merkle.js +213 -0
- package/dist/merkle.js.map +1 -0
- package/package.json +4 -2
package/dist/index.d.ts
CHANGED
|
@@ -1,16 +1,31 @@
|
|
|
1
|
-
import { type LedgerExecutionOutcome, type LedgerRecord, type NormalizedAction, type PolicyDecision } from "@axtary/actionpass";
|
|
1
|
+
import { type ActionPassRevocation, type LocalActionPassTrustStore, type BudgetLedgerEvent, type LedgerExecutionOutcome, type DelegationLedgerEdge, type LedgerRecord, type NormalizedAction, type PolicyDecision, type SigningAlgorithm, type SigningKey, type VerificationKey, type VerificationKeyResolver, type VerificationKeySet } from "@axtary/actionpass";
|
|
2
2
|
import { z } from "zod";
|
|
3
|
+
import { merkleConsistencyProof, merkleInclusionProof, merkleLeafHash, merkleNodeHash, merkleTreeRoot, verifyMerkleConsistency, verifyMerkleInclusion } from "./merkle.js";
|
|
4
|
+
export { merkleConsistencyProof, merkleInclusionProof, merkleLeafHash, merkleNodeHash, merkleTreeRoot, verifyMerkleConsistency, verifyMerkleInclusion, };
|
|
5
|
+
export { BEHAVIOR_STORE_VERSION, BehaviorStoreSchema, InMemoryBehaviorStore, FileBehaviorStore, deriveBehaviorSignals, recordBehaviorObservation, type BehaviorStore, type BehaviorStoreData, type BehaviorSignals, type FileBehaviorStoreOptions, } from "./behavior.js";
|
|
6
|
+
export { LEDGER_FORENSICS_VERSION, analyzeForensics, reconstructIncident, type ForensicExecution, type ForensicIncident, type ForensicNode, type ForensicProperty, type ForensicReport, type ForensicTimelineEntry, } from "./forensics.js";
|
|
3
7
|
export declare const LOCAL_LEDGER_SCHEMA_VERSION = "axtary.local-ledger.v0";
|
|
8
|
+
export declare const LOCAL_LEDGER_HEAD_SCHEMA_VERSION = "axtary.local-ledger-head.v0";
|
|
4
9
|
export declare const LEDGER_EXPORT_SCHEMA_VERSION = "axtary.ledger_export.v0";
|
|
5
10
|
export declare const LEDGER_SYNC_SCHEMA_VERSION = "axtary.ledger_sync.v0";
|
|
6
11
|
export declare const LEDGER_SIEM_EVENT_SCHEMA_VERSION = "axtary.siem_event.v0";
|
|
12
|
+
export declare const LEDGER_OTEL_EXPORT_SCHEMA_VERSION = "axtary.otel_trace_export.v0";
|
|
7
13
|
export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
8
14
|
record: z.ZodObject<{
|
|
9
15
|
schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
|
|
10
16
|
id: z.ZodString;
|
|
11
17
|
occurredAt: z.ZodString;
|
|
18
|
+
auditContext: z.ZodOptional<z.ZodObject<{
|
|
19
|
+
tenant: z.ZodNullable<z.ZodString>;
|
|
20
|
+
agentId: z.ZodString;
|
|
21
|
+
humanOwner: z.ZodString;
|
|
22
|
+
taskId: z.ZodString;
|
|
23
|
+
tool: z.ZodString;
|
|
24
|
+
resource: z.ZodString;
|
|
25
|
+
}, z.core.$strip>>;
|
|
12
26
|
actionHash: z.ZodString;
|
|
13
27
|
payloadHash: z.ZodString;
|
|
28
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
14
29
|
decision: z.ZodEnum<{
|
|
15
30
|
allow: "allow";
|
|
16
31
|
deny: "deny";
|
|
@@ -30,10 +45,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
30
45
|
slack: "slack";
|
|
31
46
|
linear: "linear";
|
|
32
47
|
docs: "docs";
|
|
48
|
+
drive: "drive";
|
|
33
49
|
mcp: "mcp";
|
|
34
50
|
aws: "aws";
|
|
35
51
|
gcp: "gcp";
|
|
36
52
|
jira: "jira";
|
|
53
|
+
postgres: "postgres";
|
|
37
54
|
}>;
|
|
38
55
|
tool: z.ZodString;
|
|
39
56
|
operation: z.ZodString;
|
|
@@ -43,10 +60,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
43
60
|
slack: "slack";
|
|
44
61
|
linear: "linear";
|
|
45
62
|
docs: "docs";
|
|
63
|
+
drive: "drive";
|
|
46
64
|
mcp: "mcp";
|
|
47
65
|
aws: "aws";
|
|
48
66
|
gcp: "gcp";
|
|
49
67
|
jira: "jira";
|
|
68
|
+
postgres: "postgres";
|
|
50
69
|
}>;
|
|
51
70
|
kind: z.ZodString;
|
|
52
71
|
id: z.ZodString;
|
|
@@ -65,10 +84,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
65
84
|
slack: "slack";
|
|
66
85
|
linear: "linear";
|
|
67
86
|
docs: "docs";
|
|
87
|
+
drive: "drive";
|
|
68
88
|
mcp: "mcp";
|
|
69
89
|
aws: "aws";
|
|
70
90
|
gcp: "gcp";
|
|
71
91
|
jira: "jira";
|
|
92
|
+
postgres: "postgres";
|
|
72
93
|
}>;
|
|
73
94
|
summary: z.ZodOptional<z.ZodString>;
|
|
74
95
|
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
@@ -109,10 +130,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
109
130
|
slack: "slack";
|
|
110
131
|
linear: "linear";
|
|
111
132
|
docs: "docs";
|
|
133
|
+
drive: "drive";
|
|
112
134
|
mcp: "mcp";
|
|
113
135
|
aws: "aws";
|
|
114
136
|
gcp: "gcp";
|
|
115
137
|
jira: "jira";
|
|
138
|
+
postgres: "postgres";
|
|
116
139
|
}>>;
|
|
117
140
|
resultId: z.ZodOptional<z.ZodString>;
|
|
118
141
|
resultUrl: z.ZodOptional<z.ZodString>;
|
|
@@ -124,6 +147,28 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
124
147
|
}, z.core.$strict>>;
|
|
125
148
|
traceId: z.ZodOptional<z.ZodString>;
|
|
126
149
|
actionPassId: z.ZodNullable<z.ZodString>;
|
|
150
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
151
|
+
parentPassId: z.ZodString;
|
|
152
|
+
childPassId: z.ZodString;
|
|
153
|
+
depth: z.ZodNumber;
|
|
154
|
+
rootPassId: z.ZodString;
|
|
155
|
+
}, z.core.$strip>>;
|
|
156
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
157
|
+
reservationId: z.ZodNullable<z.ZodString>;
|
|
158
|
+
scope: z.ZodString;
|
|
159
|
+
status: z.ZodEnum<{
|
|
160
|
+
pending: "pending";
|
|
161
|
+
committed: "committed";
|
|
162
|
+
rolled_back: "rolled_back";
|
|
163
|
+
denied: "denied";
|
|
164
|
+
}>;
|
|
165
|
+
expiresAt: z.ZodNullable<z.ZodString>;
|
|
166
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
167
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
168
|
+
committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
169
|
+
committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
170
|
+
reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
171
|
+
}, z.core.$strip>>;
|
|
127
172
|
correlationId: z.ZodOptional<z.ZodString>;
|
|
128
173
|
previousLedgerHash: z.ZodNullable<z.ZodString>;
|
|
129
174
|
ledgerHash: z.ZodString;
|
|
@@ -135,6 +180,14 @@ export type AppendDecisionInput = {
|
|
|
135
180
|
action: NormalizedAction;
|
|
136
181
|
decision: PolicyDecision;
|
|
137
182
|
actionPassId?: string | null;
|
|
183
|
+
delegation?: DelegationLedgerEdge;
|
|
184
|
+
budget?: BudgetLedgerEvent;
|
|
185
|
+
occurredAt?: Date;
|
|
186
|
+
};
|
|
187
|
+
export type AppendRevocationInput = {
|
|
188
|
+
revokedRecord: LedgerRecord;
|
|
189
|
+
revokedBy?: string;
|
|
190
|
+
reason?: string;
|
|
138
191
|
occurredAt?: Date;
|
|
139
192
|
};
|
|
140
193
|
export type AppendExecutionOutcomeInput = AppendDecisionInput & {
|
|
@@ -183,8 +236,17 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
183
236
|
schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
|
|
184
237
|
id: z.ZodString;
|
|
185
238
|
occurredAt: z.ZodString;
|
|
239
|
+
auditContext: z.ZodOptional<z.ZodObject<{
|
|
240
|
+
tenant: z.ZodNullable<z.ZodString>;
|
|
241
|
+
agentId: z.ZodString;
|
|
242
|
+
humanOwner: z.ZodString;
|
|
243
|
+
taskId: z.ZodString;
|
|
244
|
+
tool: z.ZodString;
|
|
245
|
+
resource: z.ZodString;
|
|
246
|
+
}, z.core.$strip>>;
|
|
186
247
|
actionHash: z.ZodString;
|
|
187
248
|
payloadHash: z.ZodString;
|
|
249
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
188
250
|
decision: z.ZodEnum<{
|
|
189
251
|
allow: "allow";
|
|
190
252
|
deny: "deny";
|
|
@@ -204,10 +266,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
204
266
|
slack: "slack";
|
|
205
267
|
linear: "linear";
|
|
206
268
|
docs: "docs";
|
|
269
|
+
drive: "drive";
|
|
207
270
|
mcp: "mcp";
|
|
208
271
|
aws: "aws";
|
|
209
272
|
gcp: "gcp";
|
|
210
273
|
jira: "jira";
|
|
274
|
+
postgres: "postgres";
|
|
211
275
|
}>;
|
|
212
276
|
tool: z.ZodString;
|
|
213
277
|
operation: z.ZodString;
|
|
@@ -217,10 +281,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
217
281
|
slack: "slack";
|
|
218
282
|
linear: "linear";
|
|
219
283
|
docs: "docs";
|
|
284
|
+
drive: "drive";
|
|
220
285
|
mcp: "mcp";
|
|
221
286
|
aws: "aws";
|
|
222
287
|
gcp: "gcp";
|
|
223
288
|
jira: "jira";
|
|
289
|
+
postgres: "postgres";
|
|
224
290
|
}>;
|
|
225
291
|
kind: z.ZodString;
|
|
226
292
|
id: z.ZodString;
|
|
@@ -239,10 +305,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
239
305
|
slack: "slack";
|
|
240
306
|
linear: "linear";
|
|
241
307
|
docs: "docs";
|
|
308
|
+
drive: "drive";
|
|
242
309
|
mcp: "mcp";
|
|
243
310
|
aws: "aws";
|
|
244
311
|
gcp: "gcp";
|
|
245
312
|
jira: "jira";
|
|
313
|
+
postgres: "postgres";
|
|
246
314
|
}>;
|
|
247
315
|
summary: z.ZodOptional<z.ZodString>;
|
|
248
316
|
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
@@ -283,10 +351,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
283
351
|
slack: "slack";
|
|
284
352
|
linear: "linear";
|
|
285
353
|
docs: "docs";
|
|
354
|
+
drive: "drive";
|
|
286
355
|
mcp: "mcp";
|
|
287
356
|
aws: "aws";
|
|
288
357
|
gcp: "gcp";
|
|
289
358
|
jira: "jira";
|
|
359
|
+
postgres: "postgres";
|
|
290
360
|
}>>;
|
|
291
361
|
resultId: z.ZodOptional<z.ZodString>;
|
|
292
362
|
resultUrl: z.ZodOptional<z.ZodString>;
|
|
@@ -298,6 +368,28 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
298
368
|
}, z.core.$strict>>;
|
|
299
369
|
traceId: z.ZodOptional<z.ZodString>;
|
|
300
370
|
actionPassId: z.ZodNullable<z.ZodString>;
|
|
371
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
372
|
+
parentPassId: z.ZodString;
|
|
373
|
+
childPassId: z.ZodString;
|
|
374
|
+
depth: z.ZodNumber;
|
|
375
|
+
rootPassId: z.ZodString;
|
|
376
|
+
}, z.core.$strip>>;
|
|
377
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
378
|
+
reservationId: z.ZodNullable<z.ZodString>;
|
|
379
|
+
scope: z.ZodString;
|
|
380
|
+
status: z.ZodEnum<{
|
|
381
|
+
pending: "pending";
|
|
382
|
+
committed: "committed";
|
|
383
|
+
rolled_back: "rolled_back";
|
|
384
|
+
denied: "denied";
|
|
385
|
+
}>;
|
|
386
|
+
expiresAt: z.ZodNullable<z.ZodString>;
|
|
387
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
388
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
389
|
+
committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
390
|
+
committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
391
|
+
reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
392
|
+
}, z.core.$strip>>;
|
|
301
393
|
correlationId: z.ZodOptional<z.ZodString>;
|
|
302
394
|
previousLedgerHash: z.ZodNullable<z.ZodString>;
|
|
303
395
|
ledgerHash: z.ZodString;
|
|
@@ -355,10 +447,12 @@ export declare const LedgerSiemEventSchema: z.ZodObject<{
|
|
|
355
447
|
slack: "slack";
|
|
356
448
|
linear: "linear";
|
|
357
449
|
docs: "docs";
|
|
450
|
+
drive: "drive";
|
|
358
451
|
mcp: "mcp";
|
|
359
452
|
aws: "aws";
|
|
360
453
|
gcp: "gcp";
|
|
361
454
|
jira: "jira";
|
|
455
|
+
postgres: "postgres";
|
|
362
456
|
}>;
|
|
363
457
|
tool: z.ZodString;
|
|
364
458
|
operation: z.ZodString;
|
|
@@ -397,19 +491,495 @@ export type SyncLedgerExportInput = {
|
|
|
397
491
|
fetch?: typeof fetch;
|
|
398
492
|
timeoutMs?: number;
|
|
399
493
|
};
|
|
494
|
+
export type LedgerTelemetryExporter = {
|
|
495
|
+
exportRecord(record: LedgerRecord): Promise<void>;
|
|
496
|
+
};
|
|
497
|
+
export type OtlpHttpTraceExporterOptions = {
|
|
498
|
+
endpoint: string;
|
|
499
|
+
serviceName?: string;
|
|
500
|
+
serviceVersion?: string;
|
|
501
|
+
timeoutMs?: number;
|
|
502
|
+
headers?: Record<string, string>;
|
|
503
|
+
fetch?: typeof fetch;
|
|
504
|
+
};
|
|
505
|
+
export type ExportOtelTracesInput = OtlpHttpTraceExporterOptions & {
|
|
506
|
+
records: LedgerRecord[];
|
|
507
|
+
};
|
|
508
|
+
export type OtelTraceExportResult = {
|
|
509
|
+
schemaVersion: typeof LEDGER_OTEL_EXPORT_SCHEMA_VERSION;
|
|
510
|
+
endpoint: string;
|
|
511
|
+
exportedAt: string;
|
|
512
|
+
records: number;
|
|
513
|
+
spans: number;
|
|
514
|
+
status: number;
|
|
515
|
+
};
|
|
516
|
+
export type LocalJsonlLedgerOptions = {
|
|
517
|
+
lock?: {
|
|
518
|
+
staleMs?: number;
|
|
519
|
+
updateMs?: number;
|
|
520
|
+
retries?: number;
|
|
521
|
+
minTimeoutMs?: number;
|
|
522
|
+
maxTimeoutMs?: number;
|
|
523
|
+
};
|
|
524
|
+
telemetry?: LedgerTelemetryExporter;
|
|
525
|
+
};
|
|
400
526
|
export declare class LocalJsonlLedger {
|
|
401
527
|
readonly filePath: string;
|
|
402
|
-
|
|
528
|
+
readonly headPath: string;
|
|
529
|
+
private readonly options;
|
|
530
|
+
constructor(filePath: string, options?: LocalJsonlLedgerOptions);
|
|
403
531
|
appendDecision(input: AppendDecisionInput): Promise<LedgerAppendResult>;
|
|
404
532
|
appendExecutionOutcome(input: AppendExecutionOutcomeInput): Promise<LedgerAppendResult>;
|
|
533
|
+
appendRevocation(input: AppendRevocationInput): Promise<LedgerAppendResult>;
|
|
405
534
|
appendRecord(recordInput: LedgerRecord): Promise<LedgerAppendResult>;
|
|
406
535
|
readRecords(): Promise<LedgerRecord[]>;
|
|
407
536
|
verify(): Promise<VerifyLedgerResult>;
|
|
537
|
+
private withAppendLock;
|
|
538
|
+
private appendLocked;
|
|
539
|
+
private exportTelemetry;
|
|
540
|
+
}
|
|
541
|
+
export declare class OtlpHttpTraceExporter implements LedgerTelemetryExporter {
|
|
542
|
+
private readonly options;
|
|
543
|
+
constructor(options: OtlpHttpTraceExporterOptions);
|
|
544
|
+
exportRecord(record: LedgerRecord): Promise<void>;
|
|
408
545
|
}
|
|
409
546
|
export declare function readLedgerRecords(filePath: string): Promise<LedgerRecord[]>;
|
|
547
|
+
export type RevokeActionPassResult = {
|
|
548
|
+
revocation: ActionPassRevocation;
|
|
549
|
+
ledgerEvent: LedgerAppendResult | null;
|
|
550
|
+
revokedRecordId: string | null;
|
|
551
|
+
};
|
|
552
|
+
/**
|
|
553
|
+
* Revoke a pass through the single honest path used by both the CLI and the
|
|
554
|
+
* dashboard: first write the durable trust-store revocation (the enforcement
|
|
555
|
+
* authority the proxy/adapters/MCP check), then append a tamper-evident
|
|
556
|
+
* revocation event to the hash-chained ledger bound to the most recent record
|
|
557
|
+
* naming that pass. Enforcement is written first so a later audit-append
|
|
558
|
+
* failure still leaves the pass actually revoked. When no ledger record names
|
|
559
|
+
* the pass (e.g. it never ran locally), the revocation is still authoritative
|
|
560
|
+
* and `ledgerEvent` is null — never faked.
|
|
561
|
+
*/
|
|
562
|
+
export declare function revokeActionPassWithLedgerEvent(input: {
|
|
563
|
+
trustStore: LocalActionPassTrustStore;
|
|
564
|
+
ledger: LocalJsonlLedger;
|
|
565
|
+
passId: string;
|
|
566
|
+
revokedBy?: string;
|
|
567
|
+
reason?: string;
|
|
568
|
+
occurredAt?: Date;
|
|
569
|
+
}): Promise<RevokeActionPassResult>;
|
|
410
570
|
export declare function verifyLedgerFile(filePath: string): Promise<VerifyLedgerResult>;
|
|
411
571
|
export declare function exportLedgerRecords(input: ExportLedgerRecordsInput): Promise<LedgerExport>;
|
|
572
|
+
export declare function exportLedgerRecordsToOtlp(input: ExportOtelTracesInput): Promise<OtelTraceExportResult>;
|
|
412
573
|
export declare function syncLedgerExport(input: SyncLedgerExportInput): Promise<LedgerSyncResult>;
|
|
413
574
|
export declare function formatLedgerExport(input: FormatLedgerExportInput): string;
|
|
414
575
|
export declare function computeLedgerHash(record: Omit<LedgerRecord, "ledgerHash">): string;
|
|
576
|
+
export declare const LEDGER_ATTESTATION_VERSION = "axtary.ledger_attestation.v0";
|
|
577
|
+
export declare const LedgerAttestationClaimsSchema: z.ZodObject<{
|
|
578
|
+
lav: z.ZodLiteral<"axtary.ledger_attestation.v0">;
|
|
579
|
+
iss: z.ZodString;
|
|
580
|
+
iat: z.ZodNumber;
|
|
581
|
+
tenant: z.ZodOptional<z.ZodString>;
|
|
582
|
+
exportDigest: z.ZodString;
|
|
583
|
+
recordCount: z.ZodNumber;
|
|
584
|
+
firstLedgerHash: z.ZodNullable<z.ZodString>;
|
|
585
|
+
segmentHead: z.ZodNullable<z.ZodString>;
|
|
586
|
+
sourceLastLedgerHash: z.ZodNullable<z.ZodString>;
|
|
587
|
+
range: z.ZodObject<{
|
|
588
|
+
from: z.ZodNullable<z.ZodString>;
|
|
589
|
+
to: z.ZodNullable<z.ZodString>;
|
|
590
|
+
decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
|
|
591
|
+
allow: "allow";
|
|
592
|
+
deny: "deny";
|
|
593
|
+
step_up: "step_up";
|
|
594
|
+
}>>>;
|
|
595
|
+
}, z.core.$strip>;
|
|
596
|
+
merkleRoot: z.ZodOptional<z.ZodString>;
|
|
597
|
+
treeSize: z.ZodOptional<z.ZodNumber>;
|
|
598
|
+
}, z.core.$strip>;
|
|
599
|
+
export type LedgerAttestationClaims = z.infer<typeof LedgerAttestationClaimsSchema>;
|
|
600
|
+
export type LedgerAttestation = {
|
|
601
|
+
schemaVersion: typeof LEDGER_ATTESTATION_VERSION;
|
|
602
|
+
token: string;
|
|
603
|
+
claims: LedgerAttestationClaims;
|
|
604
|
+
};
|
|
605
|
+
export type AttestLedgerExportInput = {
|
|
606
|
+
export: LedgerExport;
|
|
607
|
+
issuer: string;
|
|
608
|
+
signingKey: SigningKey;
|
|
609
|
+
keyId?: string;
|
|
610
|
+
algorithm?: SigningAlgorithm;
|
|
611
|
+
tenant?: string;
|
|
612
|
+
now?: Date;
|
|
613
|
+
};
|
|
614
|
+
export type VerifyLedgerAttestationInput = {
|
|
615
|
+
export: LedgerExport;
|
|
616
|
+
attestation: string | LedgerAttestation;
|
|
617
|
+
verificationKey?: VerificationKey;
|
|
618
|
+
verificationKeys?: VerificationKeySet | VerificationKeyResolver;
|
|
619
|
+
issuer?: string;
|
|
620
|
+
algorithms?: SigningAlgorithm[];
|
|
621
|
+
currentDate?: Date;
|
|
622
|
+
};
|
|
623
|
+
export type VerifyLedgerAttestationResult = {
|
|
624
|
+
valid: true;
|
|
625
|
+
claims: LedgerAttestationClaims;
|
|
626
|
+
recomputedDigest: string;
|
|
627
|
+
} | {
|
|
628
|
+
valid: false;
|
|
629
|
+
reason: string;
|
|
630
|
+
};
|
|
631
|
+
/** SHA-256 digest of the canonical (JCS) ledger export — the content binding. */
|
|
632
|
+
export declare function computeLedgerExportDigest(exportInput: LedgerExport): string;
|
|
633
|
+
/**
|
|
634
|
+
* RFC 6962 leaves for an export: one leaf per record, committing to that
|
|
635
|
+
* record's `ledgerHash`. Because a verifier recomputes each `ledgerHash` from
|
|
636
|
+
* record content (spec §9.1), binding leaves to `ledgerHash` transitively binds
|
|
637
|
+
* the full record content — a one-byte rewrite changes the leaf and the root.
|
|
638
|
+
*/
|
|
639
|
+
export declare function ledgerExportLeafHashes(exportInput: LedgerExport): Buffer[];
|
|
640
|
+
/** Merkle Tree Hash (RFC 6962) over the export's record leaves, as `sha256:hex`. */
|
|
641
|
+
export declare function computeLedgerExportMerkleRoot(exportInput: LedgerExport): string;
|
|
642
|
+
export declare function attestLedgerExport(input: AttestLedgerExportInput): Promise<LedgerAttestation>;
|
|
643
|
+
/**
|
|
644
|
+
* Standalone verifier: confirm a ledger export carries a valid issuer signature
|
|
645
|
+
* and has not been altered. Needs only the export, the attestation token, and
|
|
646
|
+
* the issuer public key — re-derivable from the spec alone.
|
|
647
|
+
*/
|
|
648
|
+
export declare function verifyLedgerAttestation(input: VerifyLedgerAttestationInput): Promise<VerifyLedgerAttestationResult>;
|
|
649
|
+
type OtlpAnyValue = {
|
|
650
|
+
stringValue: string;
|
|
651
|
+
} | {
|
|
652
|
+
boolValue: boolean;
|
|
653
|
+
} | {
|
|
654
|
+
intValue: string;
|
|
655
|
+
} | {
|
|
656
|
+
arrayValue: {
|
|
657
|
+
values: OtlpAnyValue[];
|
|
658
|
+
};
|
|
659
|
+
};
|
|
660
|
+
type OtlpAttribute = {
|
|
661
|
+
key: string;
|
|
662
|
+
value: OtlpAnyValue;
|
|
663
|
+
};
|
|
664
|
+
type BuildOtlpTraceRequestInput = {
|
|
665
|
+
records: LedgerRecord[];
|
|
666
|
+
serviceName?: string;
|
|
667
|
+
serviceVersion?: string;
|
|
668
|
+
};
|
|
669
|
+
export declare function buildOtlpTraceRequest(input: BuildOtlpTraceRequestInput): {
|
|
670
|
+
resourceSpans: {
|
|
671
|
+
resource: {
|
|
672
|
+
attributes: OtlpAttribute[];
|
|
673
|
+
};
|
|
674
|
+
scopeSpans: {
|
|
675
|
+
scope: {
|
|
676
|
+
name: string;
|
|
677
|
+
version: string;
|
|
678
|
+
};
|
|
679
|
+
spans: {
|
|
680
|
+
status?: {
|
|
681
|
+
code: string;
|
|
682
|
+
message: string;
|
|
683
|
+
} | {
|
|
684
|
+
code: string;
|
|
685
|
+
message?: undefined;
|
|
686
|
+
} | undefined;
|
|
687
|
+
traceId: string;
|
|
688
|
+
spanId: string;
|
|
689
|
+
name: string;
|
|
690
|
+
kind: string;
|
|
691
|
+
startTimeUnixNano: string;
|
|
692
|
+
endTimeUnixNano: string;
|
|
693
|
+
attributes: OtlpAttribute[];
|
|
694
|
+
}[];
|
|
695
|
+
}[];
|
|
696
|
+
}[];
|
|
697
|
+
};
|
|
698
|
+
export declare const LEDGER_ATTESTATION_BUNDLE_VERSION = "axtary.ledger_attestation_bundle.v0";
|
|
699
|
+
export declare const LedgerAttestationBundleSchema: z.ZodObject<{
|
|
700
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_attestation_bundle.v0">;
|
|
701
|
+
export: z.ZodObject<{
|
|
702
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_export.v0">;
|
|
703
|
+
exportedAt: z.ZodString;
|
|
704
|
+
source: z.ZodObject<{
|
|
705
|
+
filePath: z.ZodString;
|
|
706
|
+
totalRecords: z.ZodNumber;
|
|
707
|
+
lastLedgerHash: z.ZodNullable<z.ZodString>;
|
|
708
|
+
}, z.core.$strip>;
|
|
709
|
+
filters: z.ZodObject<{
|
|
710
|
+
from: z.ZodNullable<z.ZodString>;
|
|
711
|
+
to: z.ZodNullable<z.ZodString>;
|
|
712
|
+
decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
|
|
713
|
+
allow: "allow";
|
|
714
|
+
deny: "deny";
|
|
715
|
+
step_up: "step_up";
|
|
716
|
+
}>>>;
|
|
717
|
+
}, z.core.$strip>;
|
|
718
|
+
records: z.ZodArray<z.ZodObject<{
|
|
719
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
|
|
720
|
+
id: z.ZodString;
|
|
721
|
+
occurredAt: z.ZodString;
|
|
722
|
+
auditContext: z.ZodOptional<z.ZodObject<{
|
|
723
|
+
tenant: z.ZodNullable<z.ZodString>;
|
|
724
|
+
agentId: z.ZodString;
|
|
725
|
+
humanOwner: z.ZodString;
|
|
726
|
+
taskId: z.ZodString;
|
|
727
|
+
tool: z.ZodString;
|
|
728
|
+
resource: z.ZodString;
|
|
729
|
+
}, z.core.$strip>>;
|
|
730
|
+
actionHash: z.ZodString;
|
|
731
|
+
payloadHash: z.ZodString;
|
|
732
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
733
|
+
decision: z.ZodEnum<{
|
|
734
|
+
allow: "allow";
|
|
735
|
+
deny: "deny";
|
|
736
|
+
step_up: "step_up";
|
|
737
|
+
}>;
|
|
738
|
+
reasons: z.ZodArray<z.ZodString>;
|
|
739
|
+
policy: z.ZodObject<{
|
|
740
|
+
nativeRule: z.ZodString;
|
|
741
|
+
version: z.ZodString;
|
|
742
|
+
cedarCompatible: z.ZodBoolean;
|
|
743
|
+
opaCompatible: z.ZodBoolean;
|
|
744
|
+
}, z.core.$strip>;
|
|
745
|
+
providerEvidence: z.ZodOptional<z.ZodObject<{
|
|
746
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_provider_evidence.v0">;
|
|
747
|
+
provider: z.ZodEnum<{
|
|
748
|
+
github: "github";
|
|
749
|
+
slack: "slack";
|
|
750
|
+
linear: "linear";
|
|
751
|
+
docs: "docs";
|
|
752
|
+
drive: "drive";
|
|
753
|
+
mcp: "mcp";
|
|
754
|
+
aws: "aws";
|
|
755
|
+
gcp: "gcp";
|
|
756
|
+
jira: "jira";
|
|
757
|
+
postgres: "postgres";
|
|
758
|
+
}>;
|
|
759
|
+
tool: z.ZodString;
|
|
760
|
+
operation: z.ZodString;
|
|
761
|
+
resource: z.ZodObject<{
|
|
762
|
+
provider: z.ZodEnum<{
|
|
763
|
+
github: "github";
|
|
764
|
+
slack: "slack";
|
|
765
|
+
linear: "linear";
|
|
766
|
+
docs: "docs";
|
|
767
|
+
drive: "drive";
|
|
768
|
+
mcp: "mcp";
|
|
769
|
+
aws: "aws";
|
|
770
|
+
gcp: "gcp";
|
|
771
|
+
jira: "jira";
|
|
772
|
+
postgres: "postgres";
|
|
773
|
+
}>;
|
|
774
|
+
kind: z.ZodString;
|
|
775
|
+
id: z.ZodString;
|
|
776
|
+
label: z.ZodOptional<z.ZodString>;
|
|
777
|
+
url: z.ZodOptional<z.ZodString>;
|
|
778
|
+
}, z.core.$strict>;
|
|
779
|
+
normalized: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
|
|
780
|
+
fieldChanges: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
781
|
+
field: z.ZodString;
|
|
782
|
+
before: z.ZodOptional<z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>;
|
|
783
|
+
after: z.ZodOptional<z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>;
|
|
784
|
+
}, z.core.$strip>>>;
|
|
785
|
+
diff: z.ZodOptional<z.ZodObject<{
|
|
786
|
+
provider: z.ZodEnum<{
|
|
787
|
+
github: "github";
|
|
788
|
+
slack: "slack";
|
|
789
|
+
linear: "linear";
|
|
790
|
+
docs: "docs";
|
|
791
|
+
drive: "drive";
|
|
792
|
+
mcp: "mcp";
|
|
793
|
+
aws: "aws";
|
|
794
|
+
gcp: "gcp";
|
|
795
|
+
jira: "jira";
|
|
796
|
+
postgres: "postgres";
|
|
797
|
+
}>;
|
|
798
|
+
summary: z.ZodOptional<z.ZodString>;
|
|
799
|
+
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
800
|
+
path: z.ZodString;
|
|
801
|
+
oldPath: z.ZodOptional<z.ZodString>;
|
|
802
|
+
status: z.ZodEnum<{
|
|
803
|
+
added: "added";
|
|
804
|
+
modified: "modified";
|
|
805
|
+
deleted: "deleted";
|
|
806
|
+
renamed: "renamed";
|
|
807
|
+
}>;
|
|
808
|
+
additions: z.ZodDefault<z.ZodNumber>;
|
|
809
|
+
deletions: z.ZodDefault<z.ZodNumber>;
|
|
810
|
+
hunks: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
811
|
+
header: z.ZodString;
|
|
812
|
+
lines: z.ZodArray<z.ZodObject<{
|
|
813
|
+
type: z.ZodEnum<{
|
|
814
|
+
context: "context";
|
|
815
|
+
addition: "addition";
|
|
816
|
+
deletion: "deletion";
|
|
817
|
+
}>;
|
|
818
|
+
content: z.ZodString;
|
|
819
|
+
oldLine: z.ZodOptional<z.ZodNumber>;
|
|
820
|
+
newLine: z.ZodOptional<z.ZodNumber>;
|
|
821
|
+
}, z.core.$strip>>;
|
|
822
|
+
}, z.core.$strip>>>;
|
|
823
|
+
}, z.core.$strip>>>;
|
|
824
|
+
}, z.core.$strip>>;
|
|
825
|
+
}, z.core.$strip>>;
|
|
826
|
+
executionOutcome: z.ZodOptional<z.ZodObject<{
|
|
827
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_execution_outcome.v0">;
|
|
828
|
+
status: z.ZodEnum<{
|
|
829
|
+
succeeded: "succeeded";
|
|
830
|
+
failed: "failed";
|
|
831
|
+
}>;
|
|
832
|
+
provider: z.ZodOptional<z.ZodEnum<{
|
|
833
|
+
github: "github";
|
|
834
|
+
slack: "slack";
|
|
835
|
+
linear: "linear";
|
|
836
|
+
docs: "docs";
|
|
837
|
+
drive: "drive";
|
|
838
|
+
mcp: "mcp";
|
|
839
|
+
aws: "aws";
|
|
840
|
+
gcp: "gcp";
|
|
841
|
+
jira: "jira";
|
|
842
|
+
postgres: "postgres";
|
|
843
|
+
}>>;
|
|
844
|
+
resultId: z.ZodOptional<z.ZodString>;
|
|
845
|
+
resultUrl: z.ZodOptional<z.ZodString>;
|
|
846
|
+
resourceId: z.ZodOptional<z.ZodString>;
|
|
847
|
+
resourceLabel: z.ZodOptional<z.ZodString>;
|
|
848
|
+
failureReason: z.ZodOptional<z.ZodString>;
|
|
849
|
+
errorClass: z.ZodOptional<z.ZodString>;
|
|
850
|
+
sideEffectProof: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
|
|
851
|
+
}, z.core.$strict>>;
|
|
852
|
+
traceId: z.ZodOptional<z.ZodString>;
|
|
853
|
+
actionPassId: z.ZodNullable<z.ZodString>;
|
|
854
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
855
|
+
parentPassId: z.ZodString;
|
|
856
|
+
childPassId: z.ZodString;
|
|
857
|
+
depth: z.ZodNumber;
|
|
858
|
+
rootPassId: z.ZodString;
|
|
859
|
+
}, z.core.$strip>>;
|
|
860
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
861
|
+
reservationId: z.ZodNullable<z.ZodString>;
|
|
862
|
+
scope: z.ZodString;
|
|
863
|
+
status: z.ZodEnum<{
|
|
864
|
+
pending: "pending";
|
|
865
|
+
committed: "committed";
|
|
866
|
+
rolled_back: "rolled_back";
|
|
867
|
+
denied: "denied";
|
|
868
|
+
}>;
|
|
869
|
+
expiresAt: z.ZodNullable<z.ZodString>;
|
|
870
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
871
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
872
|
+
committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
873
|
+
committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
874
|
+
reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
875
|
+
}, z.core.$strip>>;
|
|
876
|
+
correlationId: z.ZodOptional<z.ZodString>;
|
|
877
|
+
previousLedgerHash: z.ZodNullable<z.ZodString>;
|
|
878
|
+
ledgerHash: z.ZodString;
|
|
879
|
+
}, z.core.$strip>>;
|
|
880
|
+
}, z.core.$strip>;
|
|
881
|
+
attestation: z.ZodObject<{
|
|
882
|
+
token: z.ZodString;
|
|
883
|
+
claims: z.ZodObject<{
|
|
884
|
+
lav: z.ZodLiteral<"axtary.ledger_attestation.v0">;
|
|
885
|
+
iss: z.ZodString;
|
|
886
|
+
iat: z.ZodNumber;
|
|
887
|
+
tenant: z.ZodOptional<z.ZodString>;
|
|
888
|
+
exportDigest: z.ZodString;
|
|
889
|
+
recordCount: z.ZodNumber;
|
|
890
|
+
firstLedgerHash: z.ZodNullable<z.ZodString>;
|
|
891
|
+
segmentHead: z.ZodNullable<z.ZodString>;
|
|
892
|
+
sourceLastLedgerHash: z.ZodNullable<z.ZodString>;
|
|
893
|
+
range: z.ZodObject<{
|
|
894
|
+
from: z.ZodNullable<z.ZodString>;
|
|
895
|
+
to: z.ZodNullable<z.ZodString>;
|
|
896
|
+
decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
|
|
897
|
+
allow: "allow";
|
|
898
|
+
deny: "deny";
|
|
899
|
+
step_up: "step_up";
|
|
900
|
+
}>>>;
|
|
901
|
+
}, z.core.$strip>;
|
|
902
|
+
merkleRoot: z.ZodOptional<z.ZodString>;
|
|
903
|
+
treeSize: z.ZodOptional<z.ZodNumber>;
|
|
904
|
+
}, z.core.$strip>;
|
|
905
|
+
}, z.core.$strip>;
|
|
906
|
+
publicJwk: z.ZodRecord<z.ZodString, z.ZodUnknown>;
|
|
907
|
+
keyId: z.ZodNullable<z.ZodString>;
|
|
908
|
+
}, z.core.$strip>;
|
|
909
|
+
export type LedgerAttestationBundle = z.infer<typeof LedgerAttestationBundleSchema>;
|
|
910
|
+
/** Bundle an export, its attestation, and the public key into one artifact. */
|
|
911
|
+
export declare function buildLedgerAttestationBundle(input: {
|
|
912
|
+
export: LedgerExport;
|
|
913
|
+
attestation: LedgerAttestation;
|
|
914
|
+
publicJwk: Record<string, unknown>;
|
|
915
|
+
keyId?: string | null;
|
|
916
|
+
}): LedgerAttestationBundle;
|
|
917
|
+
/** Verify a self-contained attestation bundle (export + token + embedded public key). */
|
|
918
|
+
export declare function verifyLedgerAttestationBundle(bundleInput: unknown, options?: {
|
|
919
|
+
issuer?: string;
|
|
920
|
+
algorithms?: SigningAlgorithm[];
|
|
921
|
+
currentDate?: Date;
|
|
922
|
+
}): Promise<VerifyLedgerAttestationResult>;
|
|
923
|
+
export declare const LEDGER_INCLUSION_PROOF_VERSION = "axtary.ledger_inclusion_proof.v0";
|
|
924
|
+
export declare const LedgerInclusionProofSchema: z.ZodObject<{
|
|
925
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_inclusion_proof.v0">;
|
|
926
|
+
recordId: z.ZodString;
|
|
927
|
+
ledgerHash: z.ZodString;
|
|
928
|
+
leafIndex: z.ZodNumber;
|
|
929
|
+
treeSize: z.ZodNumber;
|
|
930
|
+
merkleRoot: z.ZodString;
|
|
931
|
+
auditPath: z.ZodArray<z.ZodString>;
|
|
932
|
+
}, z.core.$strip>;
|
|
933
|
+
export type LedgerInclusionProof = z.infer<typeof LedgerInclusionProofSchema>;
|
|
934
|
+
export declare const LEDGER_CONSISTENCY_PROOF_VERSION = "axtary.ledger_consistency_proof.v0";
|
|
935
|
+
export declare const LedgerConsistencyProofSchema: z.ZodObject<{
|
|
936
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_consistency_proof.v0">;
|
|
937
|
+
firstSize: z.ZodNumber;
|
|
938
|
+
secondSize: z.ZodNumber;
|
|
939
|
+
firstRoot: z.ZodString;
|
|
940
|
+
secondRoot: z.ZodString;
|
|
941
|
+
proof: z.ZodArray<z.ZodString>;
|
|
942
|
+
}, z.core.$strip>;
|
|
943
|
+
export type LedgerConsistencyProof = z.infer<typeof LedgerConsistencyProofSchema>;
|
|
944
|
+
export type ProofVerificationResult = {
|
|
945
|
+
valid: true;
|
|
946
|
+
} | {
|
|
947
|
+
valid: false;
|
|
948
|
+
reason: string;
|
|
949
|
+
};
|
|
950
|
+
/** Build an inclusion proof for one record (by id or 0-based index). */
|
|
951
|
+
export declare function proveLedgerInclusion(input: {
|
|
952
|
+
export: LedgerExport;
|
|
953
|
+
recordId?: string;
|
|
954
|
+
index?: number;
|
|
955
|
+
}): LedgerInclusionProof;
|
|
956
|
+
/**
|
|
957
|
+
* Verify an inclusion proof against a Merkle root. Pass `expectedRoot` (e.g. a
|
|
958
|
+
* signed attestation's `merkleRoot`) to bind the proof to a signed tree head.
|
|
959
|
+
* Pass `record` to additionally recompute the leaf from record content so a
|
|
960
|
+
* proof cannot smuggle a `ledgerHash` that does not match the record.
|
|
961
|
+
*/
|
|
962
|
+
export declare function verifyLedgerInclusionProof(input: {
|
|
963
|
+
proof: unknown;
|
|
964
|
+
expectedRoot?: string;
|
|
965
|
+
record?: LedgerRecord;
|
|
966
|
+
}): ProofVerificationResult;
|
|
967
|
+
/**
|
|
968
|
+
* Build a consistency proof showing the `second` export append-only-extends the
|
|
969
|
+
* `first`. Roots are computed from each export independently; if `first` is not
|
|
970
|
+
* a genuine prefix, verification fails (the honest, fail-closed outcome).
|
|
971
|
+
*/
|
|
972
|
+
export declare function proveLedgerConsistency(input: {
|
|
973
|
+
first: LedgerExport;
|
|
974
|
+
second: LedgerExport;
|
|
975
|
+
}): LedgerConsistencyProof;
|
|
976
|
+
/**
|
|
977
|
+
* Verify a consistency proof. Pass `firstExpectedRoot`/`secondExpectedRoot`
|
|
978
|
+
* (the two signed heads' `merkleRoot`s) to bind the proof to signed tree heads.
|
|
979
|
+
*/
|
|
980
|
+
export declare function verifyLedgerConsistencyProof(input: {
|
|
981
|
+
proof: unknown;
|
|
982
|
+
firstExpectedRoot?: string;
|
|
983
|
+
secondExpectedRoot?: string;
|
|
984
|
+
}): ProofVerificationResult;
|
|
415
985
|
//# sourceMappingURL=index.d.ts.map
|