@axtary/ledger 0.1.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.ts CHANGED
@@ -1,16 +1,31 @@
1
- import { type LedgerExecutionOutcome, type LedgerRecord, type NormalizedAction, type PolicyDecision } from "@axtary/actionpass";
1
+ import { type ActionPassRevocation, type LocalActionPassTrustStore, type BudgetLedgerEvent, type LedgerExecutionOutcome, type DelegationLedgerEdge, type LedgerRecord, type NormalizedAction, type PolicyDecision, type SigningAlgorithm, type SigningKey, type VerificationKey, type VerificationKeyResolver, type VerificationKeySet, type StatusListFetch } from "@axtary/actionpass";
2
2
  import { z } from "zod";
3
+ import { merkleConsistencyProof, merkleInclusionProof, merkleLeafHash, merkleNodeHash, merkleTreeRoot, verifyMerkleConsistency, verifyMerkleInclusion } from "./merkle.js";
4
+ export { merkleConsistencyProof, merkleInclusionProof, merkleLeafHash, merkleNodeHash, merkleTreeRoot, verifyMerkleConsistency, verifyMerkleInclusion, };
5
+ export { BEHAVIOR_STORE_VERSION, BehaviorStoreSchema, InMemoryBehaviorStore, FileBehaviorStore, deriveBehaviorSignals, recordBehaviorObservation, type BehaviorStore, type BehaviorStoreData, type BehaviorSignals, type FileBehaviorStoreOptions, } from "./behavior.js";
6
+ export { LEDGER_FORENSICS_VERSION, analyzeForensics, reconstructIncident, type ForensicExecution, type ForensicIncident, type ForensicNode, type ForensicProperty, type ForensicReport, type ForensicTimelineEntry, } from "./forensics.js";
3
7
  export declare const LOCAL_LEDGER_SCHEMA_VERSION = "axtary.local-ledger.v0";
8
+ export declare const LOCAL_LEDGER_HEAD_SCHEMA_VERSION = "axtary.local-ledger-head.v0";
4
9
  export declare const LEDGER_EXPORT_SCHEMA_VERSION = "axtary.ledger_export.v0";
5
10
  export declare const LEDGER_SYNC_SCHEMA_VERSION = "axtary.ledger_sync.v0";
6
11
  export declare const LEDGER_SIEM_EVENT_SCHEMA_VERSION = "axtary.siem_event.v0";
12
+ export declare const LEDGER_OTEL_EXPORT_SCHEMA_VERSION = "axtary.otel_trace_export.v0";
7
13
  export declare const LedgerAppendResultSchema: z.ZodObject<{
8
14
  record: z.ZodObject<{
9
15
  schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
10
16
  id: z.ZodString;
11
17
  occurredAt: z.ZodString;
18
+ auditContext: z.ZodOptional<z.ZodObject<{
19
+ tenant: z.ZodNullable<z.ZodString>;
20
+ agentId: z.ZodString;
21
+ humanOwner: z.ZodString;
22
+ taskId: z.ZodString;
23
+ tool: z.ZodString;
24
+ resource: z.ZodString;
25
+ }, z.core.$strip>>;
12
26
  actionHash: z.ZodString;
13
27
  payloadHash: z.ZodString;
28
+ provenanceHash: z.ZodOptional<z.ZodString>;
14
29
  decision: z.ZodEnum<{
15
30
  allow: "allow";
16
31
  deny: "deny";
@@ -30,10 +45,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
30
45
  slack: "slack";
31
46
  linear: "linear";
32
47
  docs: "docs";
48
+ drive: "drive";
33
49
  mcp: "mcp";
34
50
  aws: "aws";
35
51
  gcp: "gcp";
36
52
  jira: "jira";
53
+ postgres: "postgres";
37
54
  }>;
38
55
  tool: z.ZodString;
39
56
  operation: z.ZodString;
@@ -43,10 +60,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
43
60
  slack: "slack";
44
61
  linear: "linear";
45
62
  docs: "docs";
63
+ drive: "drive";
46
64
  mcp: "mcp";
47
65
  aws: "aws";
48
66
  gcp: "gcp";
49
67
  jira: "jira";
68
+ postgres: "postgres";
50
69
  }>;
51
70
  kind: z.ZodString;
52
71
  id: z.ZodString;
@@ -65,10 +84,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
65
84
  slack: "slack";
66
85
  linear: "linear";
67
86
  docs: "docs";
87
+ drive: "drive";
68
88
  mcp: "mcp";
69
89
  aws: "aws";
70
90
  gcp: "gcp";
71
91
  jira: "jira";
92
+ postgres: "postgres";
72
93
  }>;
73
94
  summary: z.ZodOptional<z.ZodString>;
74
95
  files: z.ZodDefault<z.ZodArray<z.ZodObject<{
@@ -109,10 +130,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
109
130
  slack: "slack";
110
131
  linear: "linear";
111
132
  docs: "docs";
133
+ drive: "drive";
112
134
  mcp: "mcp";
113
135
  aws: "aws";
114
136
  gcp: "gcp";
115
137
  jira: "jira";
138
+ postgres: "postgres";
116
139
  }>>;
117
140
  resultId: z.ZodOptional<z.ZodString>;
118
141
  resultUrl: z.ZodOptional<z.ZodString>;
@@ -120,10 +143,34 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
120
143
  resourceLabel: z.ZodOptional<z.ZodString>;
121
144
  failureReason: z.ZodOptional<z.ZodString>;
122
145
  errorClass: z.ZodOptional<z.ZodString>;
146
+ approvedPayloadHash: z.ZodOptional<z.ZodString>;
147
+ executedPayloadHash: z.ZodOptional<z.ZodString>;
123
148
  sideEffectProof: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
124
149
  }, z.core.$strict>>;
125
150
  traceId: z.ZodOptional<z.ZodString>;
126
151
  actionPassId: z.ZodNullable<z.ZodString>;
152
+ delegation: z.ZodOptional<z.ZodObject<{
153
+ parentPassId: z.ZodString;
154
+ childPassId: z.ZodString;
155
+ depth: z.ZodNumber;
156
+ rootPassId: z.ZodString;
157
+ }, z.core.$strip>>;
158
+ budget: z.ZodOptional<z.ZodObject<{
159
+ reservationId: z.ZodNullable<z.ZodString>;
160
+ scope: z.ZodString;
161
+ status: z.ZodEnum<{
162
+ pending: "pending";
163
+ committed: "committed";
164
+ rolled_back: "rolled_back";
165
+ denied: "denied";
166
+ }>;
167
+ expiresAt: z.ZodNullable<z.ZodString>;
168
+ cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
169
+ limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
170
+ committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
171
+ committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
172
+ reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
173
+ }, z.core.$strip>>;
127
174
  correlationId: z.ZodOptional<z.ZodString>;
128
175
  previousLedgerHash: z.ZodNullable<z.ZodString>;
129
176
  ledgerHash: z.ZodString;
@@ -135,6 +182,14 @@ export type AppendDecisionInput = {
135
182
  action: NormalizedAction;
136
183
  decision: PolicyDecision;
137
184
  actionPassId?: string | null;
185
+ delegation?: DelegationLedgerEdge;
186
+ budget?: BudgetLedgerEvent;
187
+ occurredAt?: Date;
188
+ };
189
+ export type AppendRevocationInput = {
190
+ revokedRecord: LedgerRecord;
191
+ revokedBy?: string;
192
+ reason?: string;
138
193
  occurredAt?: Date;
139
194
  };
140
195
  export type AppendExecutionOutcomeInput = AppendDecisionInput & {
@@ -183,8 +238,17 @@ export declare const LedgerExportSchema: z.ZodObject<{
183
238
  schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
184
239
  id: z.ZodString;
185
240
  occurredAt: z.ZodString;
241
+ auditContext: z.ZodOptional<z.ZodObject<{
242
+ tenant: z.ZodNullable<z.ZodString>;
243
+ agentId: z.ZodString;
244
+ humanOwner: z.ZodString;
245
+ taskId: z.ZodString;
246
+ tool: z.ZodString;
247
+ resource: z.ZodString;
248
+ }, z.core.$strip>>;
186
249
  actionHash: z.ZodString;
187
250
  payloadHash: z.ZodString;
251
+ provenanceHash: z.ZodOptional<z.ZodString>;
188
252
  decision: z.ZodEnum<{
189
253
  allow: "allow";
190
254
  deny: "deny";
@@ -204,10 +268,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
204
268
  slack: "slack";
205
269
  linear: "linear";
206
270
  docs: "docs";
271
+ drive: "drive";
207
272
  mcp: "mcp";
208
273
  aws: "aws";
209
274
  gcp: "gcp";
210
275
  jira: "jira";
276
+ postgres: "postgres";
211
277
  }>;
212
278
  tool: z.ZodString;
213
279
  operation: z.ZodString;
@@ -217,10 +283,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
217
283
  slack: "slack";
218
284
  linear: "linear";
219
285
  docs: "docs";
286
+ drive: "drive";
220
287
  mcp: "mcp";
221
288
  aws: "aws";
222
289
  gcp: "gcp";
223
290
  jira: "jira";
291
+ postgres: "postgres";
224
292
  }>;
225
293
  kind: z.ZodString;
226
294
  id: z.ZodString;
@@ -239,10 +307,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
239
307
  slack: "slack";
240
308
  linear: "linear";
241
309
  docs: "docs";
310
+ drive: "drive";
242
311
  mcp: "mcp";
243
312
  aws: "aws";
244
313
  gcp: "gcp";
245
314
  jira: "jira";
315
+ postgres: "postgres";
246
316
  }>;
247
317
  summary: z.ZodOptional<z.ZodString>;
248
318
  files: z.ZodDefault<z.ZodArray<z.ZodObject<{
@@ -283,10 +353,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
283
353
  slack: "slack";
284
354
  linear: "linear";
285
355
  docs: "docs";
356
+ drive: "drive";
286
357
  mcp: "mcp";
287
358
  aws: "aws";
288
359
  gcp: "gcp";
289
360
  jira: "jira";
361
+ postgres: "postgres";
290
362
  }>>;
291
363
  resultId: z.ZodOptional<z.ZodString>;
292
364
  resultUrl: z.ZodOptional<z.ZodString>;
@@ -294,10 +366,34 @@ export declare const LedgerExportSchema: z.ZodObject<{
294
366
  resourceLabel: z.ZodOptional<z.ZodString>;
295
367
  failureReason: z.ZodOptional<z.ZodString>;
296
368
  errorClass: z.ZodOptional<z.ZodString>;
369
+ approvedPayloadHash: z.ZodOptional<z.ZodString>;
370
+ executedPayloadHash: z.ZodOptional<z.ZodString>;
297
371
  sideEffectProof: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
298
372
  }, z.core.$strict>>;
299
373
  traceId: z.ZodOptional<z.ZodString>;
300
374
  actionPassId: z.ZodNullable<z.ZodString>;
375
+ delegation: z.ZodOptional<z.ZodObject<{
376
+ parentPassId: z.ZodString;
377
+ childPassId: z.ZodString;
378
+ depth: z.ZodNumber;
379
+ rootPassId: z.ZodString;
380
+ }, z.core.$strip>>;
381
+ budget: z.ZodOptional<z.ZodObject<{
382
+ reservationId: z.ZodNullable<z.ZodString>;
383
+ scope: z.ZodString;
384
+ status: z.ZodEnum<{
385
+ pending: "pending";
386
+ committed: "committed";
387
+ rolled_back: "rolled_back";
388
+ denied: "denied";
389
+ }>;
390
+ expiresAt: z.ZodNullable<z.ZodString>;
391
+ cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
392
+ limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
393
+ committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
394
+ committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
395
+ reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
396
+ }, z.core.$strip>>;
301
397
  correlationId: z.ZodOptional<z.ZodString>;
302
398
  previousLedgerHash: z.ZodNullable<z.ZodString>;
303
399
  ledgerHash: z.ZodString;
@@ -355,10 +451,12 @@ export declare const LedgerSiemEventSchema: z.ZodObject<{
355
451
  slack: "slack";
356
452
  linear: "linear";
357
453
  docs: "docs";
454
+ drive: "drive";
358
455
  mcp: "mcp";
359
456
  aws: "aws";
360
457
  gcp: "gcp";
361
458
  jira: "jira";
459
+ postgres: "postgres";
362
460
  }>;
363
461
  tool: z.ZodString;
364
462
  operation: z.ZodString;
@@ -397,19 +495,583 @@ export type SyncLedgerExportInput = {
397
495
  fetch?: typeof fetch;
398
496
  timeoutMs?: number;
399
497
  };
498
+ export type LedgerTelemetryExporter = {
499
+ exportRecord(record: LedgerRecord): Promise<void>;
500
+ };
501
+ export type OtlpHttpTraceExporterOptions = {
502
+ endpoint: string;
503
+ serviceName?: string;
504
+ serviceVersion?: string;
505
+ timeoutMs?: number;
506
+ headers?: Record<string, string>;
507
+ fetch?: typeof fetch;
508
+ };
509
+ export type ExportOtelTracesInput = OtlpHttpTraceExporterOptions & {
510
+ records: LedgerRecord[];
511
+ };
512
+ export type OtelTraceExportResult = {
513
+ schemaVersion: typeof LEDGER_OTEL_EXPORT_SCHEMA_VERSION;
514
+ endpoint: string;
515
+ exportedAt: string;
516
+ records: number;
517
+ spans: number;
518
+ status: number;
519
+ };
520
+ export type LocalJsonlLedgerOptions = {
521
+ lock?: {
522
+ staleMs?: number;
523
+ updateMs?: number;
524
+ retries?: number;
525
+ minTimeoutMs?: number;
526
+ maxTimeoutMs?: number;
527
+ };
528
+ telemetry?: LedgerTelemetryExporter;
529
+ };
400
530
  export declare class LocalJsonlLedger {
401
531
  readonly filePath: string;
402
- constructor(filePath: string);
532
+ readonly headPath: string;
533
+ private readonly options;
534
+ constructor(filePath: string, options?: LocalJsonlLedgerOptions);
403
535
  appendDecision(input: AppendDecisionInput): Promise<LedgerAppendResult>;
404
536
  appendExecutionOutcome(input: AppendExecutionOutcomeInput): Promise<LedgerAppendResult>;
537
+ appendRevocation(input: AppendRevocationInput): Promise<LedgerAppendResult>;
405
538
  appendRecord(recordInput: LedgerRecord): Promise<LedgerAppendResult>;
406
539
  readRecords(): Promise<LedgerRecord[]>;
407
540
  verify(): Promise<VerifyLedgerResult>;
541
+ private withAppendLock;
542
+ private appendLocked;
543
+ private exportTelemetry;
544
+ }
545
+ export declare class OtlpHttpTraceExporter implements LedgerTelemetryExporter {
546
+ private readonly options;
547
+ constructor(options: OtlpHttpTraceExporterOptions);
548
+ exportRecord(record: LedgerRecord): Promise<void>;
408
549
  }
409
550
  export declare function readLedgerRecords(filePath: string): Promise<LedgerRecord[]>;
551
+ export type RevokeActionPassResult = {
552
+ revocation: ActionPassRevocation;
553
+ ledgerEvent: LedgerAppendResult | null;
554
+ revokedRecordId: string | null;
555
+ };
556
+ /**
557
+ * Revoke a pass through the single honest path used by both the CLI and the
558
+ * dashboard: first write the durable trust-store revocation (the enforcement
559
+ * authority the proxy/adapters/MCP check), then append a tamper-evident
560
+ * revocation event to the hash-chained ledger bound to the most recent record
561
+ * naming that pass. Enforcement is written first so a later audit-append
562
+ * failure still leaves the pass actually revoked. When no ledger record names
563
+ * the pass (e.g. it never ran locally), the revocation is still authoritative
564
+ * and `ledgerEvent` is null — never faked.
565
+ */
566
+ export declare function revokeActionPassWithLedgerEvent(input: {
567
+ trustStore: LocalActionPassTrustStore;
568
+ ledger: LocalJsonlLedger;
569
+ passId: string;
570
+ revokedBy?: string;
571
+ reason?: string;
572
+ occurredAt?: Date;
573
+ }): Promise<RevokeActionPassResult>;
410
574
  export declare function verifyLedgerFile(filePath: string): Promise<VerifyLedgerResult>;
411
575
  export declare function exportLedgerRecords(input: ExportLedgerRecordsInput): Promise<LedgerExport>;
576
+ export declare function exportLedgerRecordsToOtlp(input: ExportOtelTracesInput): Promise<OtelTraceExportResult>;
412
577
  export declare function syncLedgerExport(input: SyncLedgerExportInput): Promise<LedgerSyncResult>;
413
578
  export declare function formatLedgerExport(input: FormatLedgerExportInput): string;
414
579
  export declare function computeLedgerHash(record: Omit<LedgerRecord, "ledgerHash">): string;
580
+ export declare const LEDGER_ATTESTATION_VERSION = "axtary.ledger_attestation.v0";
581
+ export declare const LedgerAttestationClaimsSchema: z.ZodObject<{
582
+ lav: z.ZodLiteral<"axtary.ledger_attestation.v0">;
583
+ iss: z.ZodString;
584
+ iat: z.ZodNumber;
585
+ tenant: z.ZodOptional<z.ZodString>;
586
+ exportDigest: z.ZodString;
587
+ recordCount: z.ZodNumber;
588
+ firstLedgerHash: z.ZodNullable<z.ZodString>;
589
+ segmentHead: z.ZodNullable<z.ZodString>;
590
+ sourceLastLedgerHash: z.ZodNullable<z.ZodString>;
591
+ range: z.ZodObject<{
592
+ from: z.ZodNullable<z.ZodString>;
593
+ to: z.ZodNullable<z.ZodString>;
594
+ decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
595
+ allow: "allow";
596
+ deny: "deny";
597
+ step_up: "step_up";
598
+ }>>>;
599
+ }, z.core.$strip>;
600
+ merkleRoot: z.ZodOptional<z.ZodString>;
601
+ treeSize: z.ZodOptional<z.ZodNumber>;
602
+ }, z.core.$strip>;
603
+ export type LedgerAttestationClaims = z.infer<typeof LedgerAttestationClaimsSchema>;
604
+ export type LedgerAttestation = {
605
+ schemaVersion: typeof LEDGER_ATTESTATION_VERSION;
606
+ token: string;
607
+ claims: LedgerAttestationClaims;
608
+ };
609
+ export type AttestLedgerExportInput = {
610
+ export: LedgerExport;
611
+ issuer: string;
612
+ signingKey: SigningKey;
613
+ keyId?: string;
614
+ algorithm?: SigningAlgorithm;
615
+ tenant?: string;
616
+ now?: Date;
617
+ };
618
+ export type VerifyLedgerAttestationInput = {
619
+ export: LedgerExport;
620
+ attestation: string | LedgerAttestation;
621
+ verificationKey?: VerificationKey;
622
+ verificationKeys?: VerificationKeySet | VerificationKeyResolver;
623
+ issuer?: string;
624
+ algorithms?: SigningAlgorithm[];
625
+ currentDate?: Date;
626
+ };
627
+ export type VerifyLedgerAttestationResult = {
628
+ valid: true;
629
+ claims: LedgerAttestationClaims;
630
+ recomputedDigest: string;
631
+ } | {
632
+ valid: false;
633
+ reason: string;
634
+ };
635
+ /** SHA-256 digest of the canonical (JCS) ledger export — the content binding. */
636
+ export declare function computeLedgerExportDigest(exportInput: LedgerExport): string;
637
+ /**
638
+ * RFC 6962 leaves for an export: one leaf per record, committing to that
639
+ * record's `ledgerHash`. Because a verifier recomputes each `ledgerHash` from
640
+ * record content (spec §9.1), binding leaves to `ledgerHash` transitively binds
641
+ * the full record content — a one-byte rewrite changes the leaf and the root.
642
+ */
643
+ export declare function ledgerExportLeafHashes(exportInput: LedgerExport): Buffer[];
644
+ /** Merkle Tree Hash (RFC 6962) over the export's record leaves, as `sha256:hex`. */
645
+ export declare function computeLedgerExportMerkleRoot(exportInput: LedgerExport): string;
646
+ export declare function attestLedgerExport(input: AttestLedgerExportInput): Promise<LedgerAttestation>;
647
+ /**
648
+ * Standalone verifier: confirm a ledger export carries a valid issuer signature
649
+ * and has not been altered. Needs only the export, the attestation token, and
650
+ * the issuer public key — re-derivable from the spec alone.
651
+ */
652
+ export declare function verifyLedgerAttestation(input: VerifyLedgerAttestationInput): Promise<VerifyLedgerAttestationResult>;
653
+ type OtlpAnyValue = {
654
+ stringValue: string;
655
+ } | {
656
+ boolValue: boolean;
657
+ } | {
658
+ intValue: string;
659
+ } | {
660
+ arrayValue: {
661
+ values: OtlpAnyValue[];
662
+ };
663
+ };
664
+ type OtlpAttribute = {
665
+ key: string;
666
+ value: OtlpAnyValue;
667
+ };
668
+ type BuildOtlpTraceRequestInput = {
669
+ records: LedgerRecord[];
670
+ serviceName?: string;
671
+ serviceVersion?: string;
672
+ };
673
+ export declare function buildOtlpTraceRequest(input: BuildOtlpTraceRequestInput): {
674
+ resourceSpans: {
675
+ resource: {
676
+ attributes: OtlpAttribute[];
677
+ };
678
+ scopeSpans: {
679
+ scope: {
680
+ name: string;
681
+ version: string;
682
+ };
683
+ spans: {
684
+ status?: {
685
+ code: string;
686
+ message: string;
687
+ } | {
688
+ code: string;
689
+ message?: undefined;
690
+ } | undefined;
691
+ traceId: string;
692
+ spanId: string;
693
+ name: string;
694
+ kind: string;
695
+ startTimeUnixNano: string;
696
+ endTimeUnixNano: string;
697
+ attributes: OtlpAttribute[];
698
+ }[];
699
+ }[];
700
+ }[];
701
+ };
702
+ /**
703
+ * Re-verify the exported records from the records alone: every record's own hash
704
+ * must recompute, and — for a full (unfiltered) export — `previousLedgerHash` must
705
+ * chain. Filtered exports are not contiguous, so only the per-record hash is
706
+ * asserted; reorder/truncation is still caught by the signed export digest.
707
+ */
708
+ export declare const LEDGER_EQUIVALENCE_REPORT_VERSION = "axtary.ledger_equivalence_report.v0";
709
+ export type LedgerEquivalenceEntry = {
710
+ /** 1-based position among the evaluated records. */
711
+ line: number;
712
+ recordId: string;
713
+ occurredAt: string;
714
+ tool: string | null;
715
+ decision: LedgerRecord["decision"];
716
+ approvedPayloadHash: string | null;
717
+ executedPayloadHash: string | null;
718
+ /** The hash-chained record's own payload hash — the executed truth. */
719
+ recordPayloadHash: string;
720
+ status: "proved" | "failed" | "unproven";
721
+ failure: "equivalence_pair_incomplete" | "equivalence_executed_hash_mismatch" | "approval_execution_equivalence_failed" | null;
722
+ };
723
+ export type LedgerEquivalenceReport = {
724
+ schemaVersion: typeof LEDGER_EQUIVALENCE_REPORT_VERSION;
725
+ executions: number;
726
+ proved: number;
727
+ failed: number;
728
+ unproven: number;
729
+ entries: LedgerEquivalenceEntry[];
730
+ };
731
+ /**
732
+ * The approval↔execution equivalence proof over execution-outcome records.
733
+ *
734
+ * `proved` means the record carries both hashes, the executed hash agrees
735
+ * with the record's own hash-chained `payloadHash`, and approved == executed.
736
+ * `unproven` means the execution carries no pair (no approval evidence, or a
737
+ * record written before the pair existed) — truthfully absent, never
738
+ * fake-proved. Any inconsistency is `failed`: an incomplete pair, an executed
739
+ * hash that disagrees with the record itself (a forged outcome block), or
740
+ * approved != executed (an execution that escaped enforcement).
741
+ */
742
+ export declare function evaluateLedgerEquivalence(records: LedgerRecord[]): LedgerEquivalenceReport;
743
+ export declare const LEDGER_ATTESTATION_BUNDLE_VERSION = "axtary.ledger_attestation_bundle.v0";
744
+ export declare const LedgerAttestationBundleSchema: z.ZodObject<{
745
+ schemaVersion: z.ZodLiteral<"axtary.ledger_attestation_bundle.v0">;
746
+ export: z.ZodObject<{
747
+ schemaVersion: z.ZodLiteral<"axtary.ledger_export.v0">;
748
+ exportedAt: z.ZodString;
749
+ source: z.ZodObject<{
750
+ filePath: z.ZodString;
751
+ totalRecords: z.ZodNumber;
752
+ lastLedgerHash: z.ZodNullable<z.ZodString>;
753
+ }, z.core.$strip>;
754
+ filters: z.ZodObject<{
755
+ from: z.ZodNullable<z.ZodString>;
756
+ to: z.ZodNullable<z.ZodString>;
757
+ decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
758
+ allow: "allow";
759
+ deny: "deny";
760
+ step_up: "step_up";
761
+ }>>>;
762
+ }, z.core.$strip>;
763
+ records: z.ZodArray<z.ZodObject<{
764
+ schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
765
+ id: z.ZodString;
766
+ occurredAt: z.ZodString;
767
+ auditContext: z.ZodOptional<z.ZodObject<{
768
+ tenant: z.ZodNullable<z.ZodString>;
769
+ agentId: z.ZodString;
770
+ humanOwner: z.ZodString;
771
+ taskId: z.ZodString;
772
+ tool: z.ZodString;
773
+ resource: z.ZodString;
774
+ }, z.core.$strip>>;
775
+ actionHash: z.ZodString;
776
+ payloadHash: z.ZodString;
777
+ provenanceHash: z.ZodOptional<z.ZodString>;
778
+ decision: z.ZodEnum<{
779
+ allow: "allow";
780
+ deny: "deny";
781
+ step_up: "step_up";
782
+ }>;
783
+ reasons: z.ZodArray<z.ZodString>;
784
+ policy: z.ZodObject<{
785
+ nativeRule: z.ZodString;
786
+ version: z.ZodString;
787
+ cedarCompatible: z.ZodBoolean;
788
+ opaCompatible: z.ZodBoolean;
789
+ }, z.core.$strip>;
790
+ providerEvidence: z.ZodOptional<z.ZodObject<{
791
+ schemaVersion: z.ZodLiteral<"axtary.ledger_provider_evidence.v0">;
792
+ provider: z.ZodEnum<{
793
+ github: "github";
794
+ slack: "slack";
795
+ linear: "linear";
796
+ docs: "docs";
797
+ drive: "drive";
798
+ mcp: "mcp";
799
+ aws: "aws";
800
+ gcp: "gcp";
801
+ jira: "jira";
802
+ postgres: "postgres";
803
+ }>;
804
+ tool: z.ZodString;
805
+ operation: z.ZodString;
806
+ resource: z.ZodObject<{
807
+ provider: z.ZodEnum<{
808
+ github: "github";
809
+ slack: "slack";
810
+ linear: "linear";
811
+ docs: "docs";
812
+ drive: "drive";
813
+ mcp: "mcp";
814
+ aws: "aws";
815
+ gcp: "gcp";
816
+ jira: "jira";
817
+ postgres: "postgres";
818
+ }>;
819
+ kind: z.ZodString;
820
+ id: z.ZodString;
821
+ label: z.ZodOptional<z.ZodString>;
822
+ url: z.ZodOptional<z.ZodString>;
823
+ }, z.core.$strict>;
824
+ normalized: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
825
+ fieldChanges: z.ZodDefault<z.ZodArray<z.ZodObject<{
826
+ field: z.ZodString;
827
+ before: z.ZodOptional<z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>;
828
+ after: z.ZodOptional<z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>;
829
+ }, z.core.$strip>>>;
830
+ diff: z.ZodOptional<z.ZodObject<{
831
+ provider: z.ZodEnum<{
832
+ github: "github";
833
+ slack: "slack";
834
+ linear: "linear";
835
+ docs: "docs";
836
+ drive: "drive";
837
+ mcp: "mcp";
838
+ aws: "aws";
839
+ gcp: "gcp";
840
+ jira: "jira";
841
+ postgres: "postgres";
842
+ }>;
843
+ summary: z.ZodOptional<z.ZodString>;
844
+ files: z.ZodDefault<z.ZodArray<z.ZodObject<{
845
+ path: z.ZodString;
846
+ oldPath: z.ZodOptional<z.ZodString>;
847
+ status: z.ZodEnum<{
848
+ added: "added";
849
+ modified: "modified";
850
+ deleted: "deleted";
851
+ renamed: "renamed";
852
+ }>;
853
+ additions: z.ZodDefault<z.ZodNumber>;
854
+ deletions: z.ZodDefault<z.ZodNumber>;
855
+ hunks: z.ZodDefault<z.ZodArray<z.ZodObject<{
856
+ header: z.ZodString;
857
+ lines: z.ZodArray<z.ZodObject<{
858
+ type: z.ZodEnum<{
859
+ context: "context";
860
+ addition: "addition";
861
+ deletion: "deletion";
862
+ }>;
863
+ content: z.ZodString;
864
+ oldLine: z.ZodOptional<z.ZodNumber>;
865
+ newLine: z.ZodOptional<z.ZodNumber>;
866
+ }, z.core.$strip>>;
867
+ }, z.core.$strip>>>;
868
+ }, z.core.$strip>>>;
869
+ }, z.core.$strip>>;
870
+ }, z.core.$strip>>;
871
+ executionOutcome: z.ZodOptional<z.ZodObject<{
872
+ schemaVersion: z.ZodLiteral<"axtary.ledger_execution_outcome.v0">;
873
+ status: z.ZodEnum<{
874
+ succeeded: "succeeded";
875
+ failed: "failed";
876
+ }>;
877
+ provider: z.ZodOptional<z.ZodEnum<{
878
+ github: "github";
879
+ slack: "slack";
880
+ linear: "linear";
881
+ docs: "docs";
882
+ drive: "drive";
883
+ mcp: "mcp";
884
+ aws: "aws";
885
+ gcp: "gcp";
886
+ jira: "jira";
887
+ postgres: "postgres";
888
+ }>>;
889
+ resultId: z.ZodOptional<z.ZodString>;
890
+ resultUrl: z.ZodOptional<z.ZodString>;
891
+ resourceId: z.ZodOptional<z.ZodString>;
892
+ resourceLabel: z.ZodOptional<z.ZodString>;
893
+ failureReason: z.ZodOptional<z.ZodString>;
894
+ errorClass: z.ZodOptional<z.ZodString>;
895
+ approvedPayloadHash: z.ZodOptional<z.ZodString>;
896
+ executedPayloadHash: z.ZodOptional<z.ZodString>;
897
+ sideEffectProof: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
898
+ }, z.core.$strict>>;
899
+ traceId: z.ZodOptional<z.ZodString>;
900
+ actionPassId: z.ZodNullable<z.ZodString>;
901
+ delegation: z.ZodOptional<z.ZodObject<{
902
+ parentPassId: z.ZodString;
903
+ childPassId: z.ZodString;
904
+ depth: z.ZodNumber;
905
+ rootPassId: z.ZodString;
906
+ }, z.core.$strip>>;
907
+ budget: z.ZodOptional<z.ZodObject<{
908
+ reservationId: z.ZodNullable<z.ZodString>;
909
+ scope: z.ZodString;
910
+ status: z.ZodEnum<{
911
+ pending: "pending";
912
+ committed: "committed";
913
+ rolled_back: "rolled_back";
914
+ denied: "denied";
915
+ }>;
916
+ expiresAt: z.ZodNullable<z.ZodString>;
917
+ cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
918
+ limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
919
+ committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
920
+ committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
921
+ reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
922
+ }, z.core.$strip>>;
923
+ correlationId: z.ZodOptional<z.ZodString>;
924
+ previousLedgerHash: z.ZodNullable<z.ZodString>;
925
+ ledgerHash: z.ZodString;
926
+ }, z.core.$strip>>;
927
+ }, z.core.$strip>;
928
+ attestation: z.ZodObject<{
929
+ token: z.ZodString;
930
+ claims: z.ZodObject<{
931
+ lav: z.ZodLiteral<"axtary.ledger_attestation.v0">;
932
+ iss: z.ZodString;
933
+ iat: z.ZodNumber;
934
+ tenant: z.ZodOptional<z.ZodString>;
935
+ exportDigest: z.ZodString;
936
+ recordCount: z.ZodNumber;
937
+ firstLedgerHash: z.ZodNullable<z.ZodString>;
938
+ segmentHead: z.ZodNullable<z.ZodString>;
939
+ sourceLastLedgerHash: z.ZodNullable<z.ZodString>;
940
+ range: z.ZodObject<{
941
+ from: z.ZodNullable<z.ZodString>;
942
+ to: z.ZodNullable<z.ZodString>;
943
+ decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
944
+ allow: "allow";
945
+ deny: "deny";
946
+ step_up: "step_up";
947
+ }>>>;
948
+ }, z.core.$strip>;
949
+ merkleRoot: z.ZodOptional<z.ZodString>;
950
+ treeSize: z.ZodOptional<z.ZodNumber>;
951
+ }, z.core.$strip>;
952
+ }, z.core.$strip>;
953
+ publicJwk: z.ZodRecord<z.ZodString, z.ZodUnknown>;
954
+ keyId: z.ZodNullable<z.ZodString>;
955
+ }, z.core.$strip>;
956
+ export type LedgerAttestationBundle = z.infer<typeof LedgerAttestationBundleSchema>;
957
+ /** Bundle an export, its attestation, and the public key into one artifact. */
958
+ export declare function buildLedgerAttestationBundle(input: {
959
+ export: LedgerExport;
960
+ attestation: LedgerAttestation;
961
+ publicJwk: Record<string, unknown>;
962
+ keyId?: string | null;
963
+ }): LedgerAttestationBundle;
964
+ /** Verify a self-contained attestation bundle (export + token + embedded public key). */
965
+ export declare function verifyLedgerAttestationBundle(bundleInput: unknown, options?: {
966
+ issuer?: string;
967
+ algorithms?: SigningAlgorithm[];
968
+ currentDate?: Date;
969
+ }): Promise<VerifyLedgerAttestationResult>;
970
+ export declare const LEDGER_INCLUSION_PROOF_VERSION = "axtary.ledger_inclusion_proof.v0";
971
+ export declare const LedgerInclusionProofSchema: z.ZodObject<{
972
+ schemaVersion: z.ZodLiteral<"axtary.ledger_inclusion_proof.v0">;
973
+ recordId: z.ZodString;
974
+ ledgerHash: z.ZodString;
975
+ leafIndex: z.ZodNumber;
976
+ treeSize: z.ZodNumber;
977
+ merkleRoot: z.ZodString;
978
+ auditPath: z.ZodArray<z.ZodString>;
979
+ }, z.core.$strip>;
980
+ export type LedgerInclusionProof = z.infer<typeof LedgerInclusionProofSchema>;
981
+ export declare const LEDGER_CONSISTENCY_PROOF_VERSION = "axtary.ledger_consistency_proof.v0";
982
+ export declare const LedgerConsistencyProofSchema: z.ZodObject<{
983
+ schemaVersion: z.ZodLiteral<"axtary.ledger_consistency_proof.v0">;
984
+ firstSize: z.ZodNumber;
985
+ secondSize: z.ZodNumber;
986
+ firstRoot: z.ZodString;
987
+ secondRoot: z.ZodString;
988
+ proof: z.ZodArray<z.ZodString>;
989
+ }, z.core.$strip>;
990
+ export type LedgerConsistencyProof = z.infer<typeof LedgerConsistencyProofSchema>;
991
+ export type ProofVerificationResult = {
992
+ valid: true;
993
+ } | {
994
+ valid: false;
995
+ reason: string;
996
+ };
997
+ /** Build an inclusion proof for one record (by id or 0-based index). */
998
+ export declare function proveLedgerInclusion(input: {
999
+ export: LedgerExport;
1000
+ recordId?: string;
1001
+ index?: number;
1002
+ }): LedgerInclusionProof;
1003
+ /**
1004
+ * Verify an inclusion proof against a Merkle root. Pass `expectedRoot` (e.g. a
1005
+ * signed attestation's `merkleRoot`) to bind the proof to a signed tree head.
1006
+ * Pass `record` to additionally recompute the leaf from record content so a
1007
+ * proof cannot smuggle a `ledgerHash` that does not match the record.
1008
+ */
1009
+ export declare function verifyLedgerInclusionProof(input: {
1010
+ proof: unknown;
1011
+ expectedRoot?: string;
1012
+ record?: LedgerRecord;
1013
+ }): ProofVerificationResult;
1014
+ /**
1015
+ * Build a consistency proof showing the `second` export append-only-extends the
1016
+ * `first`. Roots are computed from each export independently; if `first` is not
1017
+ * a genuine prefix, verification fails (the honest, fail-closed outcome).
1018
+ */
1019
+ export declare function proveLedgerConsistency(input: {
1020
+ first: LedgerExport;
1021
+ second: LedgerExport;
1022
+ }): LedgerConsistencyProof;
1023
+ /**
1024
+ * Verify a consistency proof. Pass `firstExpectedRoot`/`secondExpectedRoot`
1025
+ * (the two signed heads' `merkleRoot`s) to bind the proof to signed tree heads.
1026
+ */
1027
+ export declare function verifyLedgerConsistencyProof(input: {
1028
+ proof: unknown;
1029
+ firstExpectedRoot?: string;
1030
+ secondExpectedRoot?: string;
1031
+ }): ProofVerificationResult;
1032
+ export declare const CROSS_ISSUER_TRUST_ROOT_VERSION = "axtary.cross_issuer_trust_root.v0";
1033
+ export declare const CROSS_ISSUER_VERIFICATION_REPORT_VERSION = "axtary.cross_issuer_verification_report.v0";
1034
+ export declare const CrossIssuerTrustRootSchema: z.ZodObject<{
1035
+ schemaVersion: z.ZodLiteral<"axtary.cross_issuer_trust_root.v0">;
1036
+ issuer: z.ZodString;
1037
+ jwks: z.ZodObject<{
1038
+ keys: z.ZodArray<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
1039
+ }, z.core.$strip>;
1040
+ statusListUri: z.ZodString;
1041
+ federationProfile: z.ZodOptional<z.ZodObject<{
1042
+ profile: z.ZodLiteral<"axtary.openid-federation-anchor.v0">;
1043
+ entityStatementTyp: z.ZodLiteral<"entity-statement+jwt">;
1044
+ source: z.ZodOptional<z.ZodString>;
1045
+ }, z.core.$strip>>;
1046
+ }, z.core.$strip>;
1047
+ export type CrossIssuerTrustRoot = z.infer<typeof CrossIssuerTrustRootSchema>;
1048
+ export type VerifyCrossIssuerInput = {
1049
+ trustRoot: unknown;
1050
+ action: unknown;
1051
+ actionPassToken: string;
1052
+ ledgerAttestationBundle: unknown;
1053
+ inclusionProof: unknown;
1054
+ statusFetch: StatusListFetch;
1055
+ currentDate?: Date;
1056
+ };
1057
+ export type CrossIssuerVerificationReport = {
1058
+ schemaVersion: typeof CROSS_ISSUER_VERIFICATION_REPORT_VERSION;
1059
+ issuer: string;
1060
+ passId: string;
1061
+ recordId: string;
1062
+ payloadHash: string;
1063
+ actionHash: string;
1064
+ ledgerHash: string;
1065
+ merkleRoot: string;
1066
+ statusListUri: string;
1067
+ verifiedAt: string;
1068
+ };
1069
+ export type VerifyCrossIssuerResult = {
1070
+ valid: true;
1071
+ report: CrossIssuerVerificationReport;
1072
+ } | {
1073
+ valid: false;
1074
+ reason: string;
1075
+ };
1076
+ export declare function verifyCrossIssuerActionPass(input: VerifyCrossIssuerInput): Promise<VerifyCrossIssuerResult>;
415
1077
  //# sourceMappingURL=index.d.ts.map