@axtary/ledger 0.1.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +64 -2
- package/dist/behavior.d.ts +81 -0
- package/dist/behavior.d.ts.map +1 -0
- package/dist/behavior.js +0 -0
- package/dist/behavior.js.map +1 -0
- package/dist/forensics.d.ts +52 -0
- package/dist/forensics.d.ts.map +1 -0
- package/dist/forensics.js +249 -0
- package/dist/forensics.js.map +1 -0
- package/dist/index.d.ts +664 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1127 -43
- package/dist/index.js.map +1 -1
- package/dist/merkle.d.ts +42 -0
- package/dist/merkle.d.ts.map +1 -0
- package/dist/merkle.js +213 -0
- package/dist/merkle.js.map +1 -0
- package/dist/version.d.ts +7 -0
- package/dist/version.d.ts.map +1 -0
- package/dist/version.js +7 -0
- package/dist/version.js.map +1 -0
- package/package.json +4 -2
package/dist/index.d.ts
CHANGED
|
@@ -1,16 +1,31 @@
|
|
|
1
|
-
import { type LedgerExecutionOutcome, type LedgerRecord, type NormalizedAction, type PolicyDecision } from "@axtary/actionpass";
|
|
1
|
+
import { type ActionPassRevocation, type LocalActionPassTrustStore, type BudgetLedgerEvent, type LedgerExecutionOutcome, type DelegationLedgerEdge, type LedgerRecord, type NormalizedAction, type PolicyDecision, type SigningAlgorithm, type SigningKey, type VerificationKey, type VerificationKeyResolver, type VerificationKeySet, type StatusListFetch } from "@axtary/actionpass";
|
|
2
2
|
import { z } from "zod";
|
|
3
|
+
import { merkleConsistencyProof, merkleInclusionProof, merkleLeafHash, merkleNodeHash, merkleTreeRoot, verifyMerkleConsistency, verifyMerkleInclusion } from "./merkle.js";
|
|
4
|
+
export { merkleConsistencyProof, merkleInclusionProof, merkleLeafHash, merkleNodeHash, merkleTreeRoot, verifyMerkleConsistency, verifyMerkleInclusion, };
|
|
5
|
+
export { BEHAVIOR_STORE_VERSION, BehaviorStoreSchema, InMemoryBehaviorStore, FileBehaviorStore, deriveBehaviorSignals, recordBehaviorObservation, type BehaviorStore, type BehaviorStoreData, type BehaviorSignals, type FileBehaviorStoreOptions, } from "./behavior.js";
|
|
6
|
+
export { LEDGER_FORENSICS_VERSION, analyzeForensics, reconstructIncident, type ForensicExecution, type ForensicIncident, type ForensicNode, type ForensicProperty, type ForensicReport, type ForensicTimelineEntry, } from "./forensics.js";
|
|
3
7
|
export declare const LOCAL_LEDGER_SCHEMA_VERSION = "axtary.local-ledger.v0";
|
|
8
|
+
export declare const LOCAL_LEDGER_HEAD_SCHEMA_VERSION = "axtary.local-ledger-head.v0";
|
|
4
9
|
export declare const LEDGER_EXPORT_SCHEMA_VERSION = "axtary.ledger_export.v0";
|
|
5
10
|
export declare const LEDGER_SYNC_SCHEMA_VERSION = "axtary.ledger_sync.v0";
|
|
6
11
|
export declare const LEDGER_SIEM_EVENT_SCHEMA_VERSION = "axtary.siem_event.v0";
|
|
12
|
+
export declare const LEDGER_OTEL_EXPORT_SCHEMA_VERSION = "axtary.otel_trace_export.v0";
|
|
7
13
|
export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
8
14
|
record: z.ZodObject<{
|
|
9
15
|
schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
|
|
10
16
|
id: z.ZodString;
|
|
11
17
|
occurredAt: z.ZodString;
|
|
18
|
+
auditContext: z.ZodOptional<z.ZodObject<{
|
|
19
|
+
tenant: z.ZodNullable<z.ZodString>;
|
|
20
|
+
agentId: z.ZodString;
|
|
21
|
+
humanOwner: z.ZodString;
|
|
22
|
+
taskId: z.ZodString;
|
|
23
|
+
tool: z.ZodString;
|
|
24
|
+
resource: z.ZodString;
|
|
25
|
+
}, z.core.$strip>>;
|
|
12
26
|
actionHash: z.ZodString;
|
|
13
27
|
payloadHash: z.ZodString;
|
|
28
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
14
29
|
decision: z.ZodEnum<{
|
|
15
30
|
allow: "allow";
|
|
16
31
|
deny: "deny";
|
|
@@ -30,10 +45,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
30
45
|
slack: "slack";
|
|
31
46
|
linear: "linear";
|
|
32
47
|
docs: "docs";
|
|
48
|
+
drive: "drive";
|
|
33
49
|
mcp: "mcp";
|
|
34
50
|
aws: "aws";
|
|
35
51
|
gcp: "gcp";
|
|
36
52
|
jira: "jira";
|
|
53
|
+
postgres: "postgres";
|
|
37
54
|
}>;
|
|
38
55
|
tool: z.ZodString;
|
|
39
56
|
operation: z.ZodString;
|
|
@@ -43,10 +60,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
43
60
|
slack: "slack";
|
|
44
61
|
linear: "linear";
|
|
45
62
|
docs: "docs";
|
|
63
|
+
drive: "drive";
|
|
46
64
|
mcp: "mcp";
|
|
47
65
|
aws: "aws";
|
|
48
66
|
gcp: "gcp";
|
|
49
67
|
jira: "jira";
|
|
68
|
+
postgres: "postgres";
|
|
50
69
|
}>;
|
|
51
70
|
kind: z.ZodString;
|
|
52
71
|
id: z.ZodString;
|
|
@@ -65,10 +84,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
65
84
|
slack: "slack";
|
|
66
85
|
linear: "linear";
|
|
67
86
|
docs: "docs";
|
|
87
|
+
drive: "drive";
|
|
68
88
|
mcp: "mcp";
|
|
69
89
|
aws: "aws";
|
|
70
90
|
gcp: "gcp";
|
|
71
91
|
jira: "jira";
|
|
92
|
+
postgres: "postgres";
|
|
72
93
|
}>;
|
|
73
94
|
summary: z.ZodOptional<z.ZodString>;
|
|
74
95
|
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
@@ -109,10 +130,12 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
109
130
|
slack: "slack";
|
|
110
131
|
linear: "linear";
|
|
111
132
|
docs: "docs";
|
|
133
|
+
drive: "drive";
|
|
112
134
|
mcp: "mcp";
|
|
113
135
|
aws: "aws";
|
|
114
136
|
gcp: "gcp";
|
|
115
137
|
jira: "jira";
|
|
138
|
+
postgres: "postgres";
|
|
116
139
|
}>>;
|
|
117
140
|
resultId: z.ZodOptional<z.ZodString>;
|
|
118
141
|
resultUrl: z.ZodOptional<z.ZodString>;
|
|
@@ -120,10 +143,34 @@ export declare const LedgerAppendResultSchema: z.ZodObject<{
|
|
|
120
143
|
resourceLabel: z.ZodOptional<z.ZodString>;
|
|
121
144
|
failureReason: z.ZodOptional<z.ZodString>;
|
|
122
145
|
errorClass: z.ZodOptional<z.ZodString>;
|
|
146
|
+
approvedPayloadHash: z.ZodOptional<z.ZodString>;
|
|
147
|
+
executedPayloadHash: z.ZodOptional<z.ZodString>;
|
|
123
148
|
sideEffectProof: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
|
|
124
149
|
}, z.core.$strict>>;
|
|
125
150
|
traceId: z.ZodOptional<z.ZodString>;
|
|
126
151
|
actionPassId: z.ZodNullable<z.ZodString>;
|
|
152
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
153
|
+
parentPassId: z.ZodString;
|
|
154
|
+
childPassId: z.ZodString;
|
|
155
|
+
depth: z.ZodNumber;
|
|
156
|
+
rootPassId: z.ZodString;
|
|
157
|
+
}, z.core.$strip>>;
|
|
158
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
159
|
+
reservationId: z.ZodNullable<z.ZodString>;
|
|
160
|
+
scope: z.ZodString;
|
|
161
|
+
status: z.ZodEnum<{
|
|
162
|
+
pending: "pending";
|
|
163
|
+
committed: "committed";
|
|
164
|
+
rolled_back: "rolled_back";
|
|
165
|
+
denied: "denied";
|
|
166
|
+
}>;
|
|
167
|
+
expiresAt: z.ZodNullable<z.ZodString>;
|
|
168
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
169
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
170
|
+
committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
171
|
+
committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
172
|
+
reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
173
|
+
}, z.core.$strip>>;
|
|
127
174
|
correlationId: z.ZodOptional<z.ZodString>;
|
|
128
175
|
previousLedgerHash: z.ZodNullable<z.ZodString>;
|
|
129
176
|
ledgerHash: z.ZodString;
|
|
@@ -135,6 +182,14 @@ export type AppendDecisionInput = {
|
|
|
135
182
|
action: NormalizedAction;
|
|
136
183
|
decision: PolicyDecision;
|
|
137
184
|
actionPassId?: string | null;
|
|
185
|
+
delegation?: DelegationLedgerEdge;
|
|
186
|
+
budget?: BudgetLedgerEvent;
|
|
187
|
+
occurredAt?: Date;
|
|
188
|
+
};
|
|
189
|
+
export type AppendRevocationInput = {
|
|
190
|
+
revokedRecord: LedgerRecord;
|
|
191
|
+
revokedBy?: string;
|
|
192
|
+
reason?: string;
|
|
138
193
|
occurredAt?: Date;
|
|
139
194
|
};
|
|
140
195
|
export type AppendExecutionOutcomeInput = AppendDecisionInput & {
|
|
@@ -183,8 +238,17 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
183
238
|
schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
|
|
184
239
|
id: z.ZodString;
|
|
185
240
|
occurredAt: z.ZodString;
|
|
241
|
+
auditContext: z.ZodOptional<z.ZodObject<{
|
|
242
|
+
tenant: z.ZodNullable<z.ZodString>;
|
|
243
|
+
agentId: z.ZodString;
|
|
244
|
+
humanOwner: z.ZodString;
|
|
245
|
+
taskId: z.ZodString;
|
|
246
|
+
tool: z.ZodString;
|
|
247
|
+
resource: z.ZodString;
|
|
248
|
+
}, z.core.$strip>>;
|
|
186
249
|
actionHash: z.ZodString;
|
|
187
250
|
payloadHash: z.ZodString;
|
|
251
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
188
252
|
decision: z.ZodEnum<{
|
|
189
253
|
allow: "allow";
|
|
190
254
|
deny: "deny";
|
|
@@ -204,10 +268,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
204
268
|
slack: "slack";
|
|
205
269
|
linear: "linear";
|
|
206
270
|
docs: "docs";
|
|
271
|
+
drive: "drive";
|
|
207
272
|
mcp: "mcp";
|
|
208
273
|
aws: "aws";
|
|
209
274
|
gcp: "gcp";
|
|
210
275
|
jira: "jira";
|
|
276
|
+
postgres: "postgres";
|
|
211
277
|
}>;
|
|
212
278
|
tool: z.ZodString;
|
|
213
279
|
operation: z.ZodString;
|
|
@@ -217,10 +283,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
217
283
|
slack: "slack";
|
|
218
284
|
linear: "linear";
|
|
219
285
|
docs: "docs";
|
|
286
|
+
drive: "drive";
|
|
220
287
|
mcp: "mcp";
|
|
221
288
|
aws: "aws";
|
|
222
289
|
gcp: "gcp";
|
|
223
290
|
jira: "jira";
|
|
291
|
+
postgres: "postgres";
|
|
224
292
|
}>;
|
|
225
293
|
kind: z.ZodString;
|
|
226
294
|
id: z.ZodString;
|
|
@@ -239,10 +307,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
239
307
|
slack: "slack";
|
|
240
308
|
linear: "linear";
|
|
241
309
|
docs: "docs";
|
|
310
|
+
drive: "drive";
|
|
242
311
|
mcp: "mcp";
|
|
243
312
|
aws: "aws";
|
|
244
313
|
gcp: "gcp";
|
|
245
314
|
jira: "jira";
|
|
315
|
+
postgres: "postgres";
|
|
246
316
|
}>;
|
|
247
317
|
summary: z.ZodOptional<z.ZodString>;
|
|
248
318
|
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
@@ -283,10 +353,12 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
283
353
|
slack: "slack";
|
|
284
354
|
linear: "linear";
|
|
285
355
|
docs: "docs";
|
|
356
|
+
drive: "drive";
|
|
286
357
|
mcp: "mcp";
|
|
287
358
|
aws: "aws";
|
|
288
359
|
gcp: "gcp";
|
|
289
360
|
jira: "jira";
|
|
361
|
+
postgres: "postgres";
|
|
290
362
|
}>>;
|
|
291
363
|
resultId: z.ZodOptional<z.ZodString>;
|
|
292
364
|
resultUrl: z.ZodOptional<z.ZodString>;
|
|
@@ -294,10 +366,34 @@ export declare const LedgerExportSchema: z.ZodObject<{
|
|
|
294
366
|
resourceLabel: z.ZodOptional<z.ZodString>;
|
|
295
367
|
failureReason: z.ZodOptional<z.ZodString>;
|
|
296
368
|
errorClass: z.ZodOptional<z.ZodString>;
|
|
369
|
+
approvedPayloadHash: z.ZodOptional<z.ZodString>;
|
|
370
|
+
executedPayloadHash: z.ZodOptional<z.ZodString>;
|
|
297
371
|
sideEffectProof: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
|
|
298
372
|
}, z.core.$strict>>;
|
|
299
373
|
traceId: z.ZodOptional<z.ZodString>;
|
|
300
374
|
actionPassId: z.ZodNullable<z.ZodString>;
|
|
375
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
376
|
+
parentPassId: z.ZodString;
|
|
377
|
+
childPassId: z.ZodString;
|
|
378
|
+
depth: z.ZodNumber;
|
|
379
|
+
rootPassId: z.ZodString;
|
|
380
|
+
}, z.core.$strip>>;
|
|
381
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
382
|
+
reservationId: z.ZodNullable<z.ZodString>;
|
|
383
|
+
scope: z.ZodString;
|
|
384
|
+
status: z.ZodEnum<{
|
|
385
|
+
pending: "pending";
|
|
386
|
+
committed: "committed";
|
|
387
|
+
rolled_back: "rolled_back";
|
|
388
|
+
denied: "denied";
|
|
389
|
+
}>;
|
|
390
|
+
expiresAt: z.ZodNullable<z.ZodString>;
|
|
391
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
392
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
393
|
+
committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
394
|
+
committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
395
|
+
reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
396
|
+
}, z.core.$strip>>;
|
|
301
397
|
correlationId: z.ZodOptional<z.ZodString>;
|
|
302
398
|
previousLedgerHash: z.ZodNullable<z.ZodString>;
|
|
303
399
|
ledgerHash: z.ZodString;
|
|
@@ -355,10 +451,12 @@ export declare const LedgerSiemEventSchema: z.ZodObject<{
|
|
|
355
451
|
slack: "slack";
|
|
356
452
|
linear: "linear";
|
|
357
453
|
docs: "docs";
|
|
454
|
+
drive: "drive";
|
|
358
455
|
mcp: "mcp";
|
|
359
456
|
aws: "aws";
|
|
360
457
|
gcp: "gcp";
|
|
361
458
|
jira: "jira";
|
|
459
|
+
postgres: "postgres";
|
|
362
460
|
}>;
|
|
363
461
|
tool: z.ZodString;
|
|
364
462
|
operation: z.ZodString;
|
|
@@ -397,19 +495,583 @@ export type SyncLedgerExportInput = {
|
|
|
397
495
|
fetch?: typeof fetch;
|
|
398
496
|
timeoutMs?: number;
|
|
399
497
|
};
|
|
498
|
+
export type LedgerTelemetryExporter = {
|
|
499
|
+
exportRecord(record: LedgerRecord): Promise<void>;
|
|
500
|
+
};
|
|
501
|
+
export type OtlpHttpTraceExporterOptions = {
|
|
502
|
+
endpoint: string;
|
|
503
|
+
serviceName?: string;
|
|
504
|
+
serviceVersion?: string;
|
|
505
|
+
timeoutMs?: number;
|
|
506
|
+
headers?: Record<string, string>;
|
|
507
|
+
fetch?: typeof fetch;
|
|
508
|
+
};
|
|
509
|
+
export type ExportOtelTracesInput = OtlpHttpTraceExporterOptions & {
|
|
510
|
+
records: LedgerRecord[];
|
|
511
|
+
};
|
|
512
|
+
export type OtelTraceExportResult = {
|
|
513
|
+
schemaVersion: typeof LEDGER_OTEL_EXPORT_SCHEMA_VERSION;
|
|
514
|
+
endpoint: string;
|
|
515
|
+
exportedAt: string;
|
|
516
|
+
records: number;
|
|
517
|
+
spans: number;
|
|
518
|
+
status: number;
|
|
519
|
+
};
|
|
520
|
+
export type LocalJsonlLedgerOptions = {
|
|
521
|
+
lock?: {
|
|
522
|
+
staleMs?: number;
|
|
523
|
+
updateMs?: number;
|
|
524
|
+
retries?: number;
|
|
525
|
+
minTimeoutMs?: number;
|
|
526
|
+
maxTimeoutMs?: number;
|
|
527
|
+
};
|
|
528
|
+
telemetry?: LedgerTelemetryExporter;
|
|
529
|
+
};
|
|
400
530
|
export declare class LocalJsonlLedger {
|
|
401
531
|
readonly filePath: string;
|
|
402
|
-
|
|
532
|
+
readonly headPath: string;
|
|
533
|
+
private readonly options;
|
|
534
|
+
constructor(filePath: string, options?: LocalJsonlLedgerOptions);
|
|
403
535
|
appendDecision(input: AppendDecisionInput): Promise<LedgerAppendResult>;
|
|
404
536
|
appendExecutionOutcome(input: AppendExecutionOutcomeInput): Promise<LedgerAppendResult>;
|
|
537
|
+
appendRevocation(input: AppendRevocationInput): Promise<LedgerAppendResult>;
|
|
405
538
|
appendRecord(recordInput: LedgerRecord): Promise<LedgerAppendResult>;
|
|
406
539
|
readRecords(): Promise<LedgerRecord[]>;
|
|
407
540
|
verify(): Promise<VerifyLedgerResult>;
|
|
541
|
+
private withAppendLock;
|
|
542
|
+
private appendLocked;
|
|
543
|
+
private exportTelemetry;
|
|
544
|
+
}
|
|
545
|
+
export declare class OtlpHttpTraceExporter implements LedgerTelemetryExporter {
|
|
546
|
+
private readonly options;
|
|
547
|
+
constructor(options: OtlpHttpTraceExporterOptions);
|
|
548
|
+
exportRecord(record: LedgerRecord): Promise<void>;
|
|
408
549
|
}
|
|
409
550
|
export declare function readLedgerRecords(filePath: string): Promise<LedgerRecord[]>;
|
|
551
|
+
export type RevokeActionPassResult = {
|
|
552
|
+
revocation: ActionPassRevocation;
|
|
553
|
+
ledgerEvent: LedgerAppendResult | null;
|
|
554
|
+
revokedRecordId: string | null;
|
|
555
|
+
};
|
|
556
|
+
/**
|
|
557
|
+
* Revoke a pass through the single honest path used by both the CLI and the
|
|
558
|
+
* dashboard: first write the durable trust-store revocation (the enforcement
|
|
559
|
+
* authority the proxy/adapters/MCP check), then append a tamper-evident
|
|
560
|
+
* revocation event to the hash-chained ledger bound to the most recent record
|
|
561
|
+
* naming that pass. Enforcement is written first so a later audit-append
|
|
562
|
+
* failure still leaves the pass actually revoked. When no ledger record names
|
|
563
|
+
* the pass (e.g. it never ran locally), the revocation is still authoritative
|
|
564
|
+
* and `ledgerEvent` is null — never faked.
|
|
565
|
+
*/
|
|
566
|
+
export declare function revokeActionPassWithLedgerEvent(input: {
|
|
567
|
+
trustStore: LocalActionPassTrustStore;
|
|
568
|
+
ledger: LocalJsonlLedger;
|
|
569
|
+
passId: string;
|
|
570
|
+
revokedBy?: string;
|
|
571
|
+
reason?: string;
|
|
572
|
+
occurredAt?: Date;
|
|
573
|
+
}): Promise<RevokeActionPassResult>;
|
|
410
574
|
export declare function verifyLedgerFile(filePath: string): Promise<VerifyLedgerResult>;
|
|
411
575
|
export declare function exportLedgerRecords(input: ExportLedgerRecordsInput): Promise<LedgerExport>;
|
|
576
|
+
export declare function exportLedgerRecordsToOtlp(input: ExportOtelTracesInput): Promise<OtelTraceExportResult>;
|
|
412
577
|
export declare function syncLedgerExport(input: SyncLedgerExportInput): Promise<LedgerSyncResult>;
|
|
413
578
|
export declare function formatLedgerExport(input: FormatLedgerExportInput): string;
|
|
414
579
|
export declare function computeLedgerHash(record: Omit<LedgerRecord, "ledgerHash">): string;
|
|
580
|
+
export declare const LEDGER_ATTESTATION_VERSION = "axtary.ledger_attestation.v0";
|
|
581
|
+
export declare const LedgerAttestationClaimsSchema: z.ZodObject<{
|
|
582
|
+
lav: z.ZodLiteral<"axtary.ledger_attestation.v0">;
|
|
583
|
+
iss: z.ZodString;
|
|
584
|
+
iat: z.ZodNumber;
|
|
585
|
+
tenant: z.ZodOptional<z.ZodString>;
|
|
586
|
+
exportDigest: z.ZodString;
|
|
587
|
+
recordCount: z.ZodNumber;
|
|
588
|
+
firstLedgerHash: z.ZodNullable<z.ZodString>;
|
|
589
|
+
segmentHead: z.ZodNullable<z.ZodString>;
|
|
590
|
+
sourceLastLedgerHash: z.ZodNullable<z.ZodString>;
|
|
591
|
+
range: z.ZodObject<{
|
|
592
|
+
from: z.ZodNullable<z.ZodString>;
|
|
593
|
+
to: z.ZodNullable<z.ZodString>;
|
|
594
|
+
decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
|
|
595
|
+
allow: "allow";
|
|
596
|
+
deny: "deny";
|
|
597
|
+
step_up: "step_up";
|
|
598
|
+
}>>>;
|
|
599
|
+
}, z.core.$strip>;
|
|
600
|
+
merkleRoot: z.ZodOptional<z.ZodString>;
|
|
601
|
+
treeSize: z.ZodOptional<z.ZodNumber>;
|
|
602
|
+
}, z.core.$strip>;
|
|
603
|
+
export type LedgerAttestationClaims = z.infer<typeof LedgerAttestationClaimsSchema>;
|
|
604
|
+
export type LedgerAttestation = {
|
|
605
|
+
schemaVersion: typeof LEDGER_ATTESTATION_VERSION;
|
|
606
|
+
token: string;
|
|
607
|
+
claims: LedgerAttestationClaims;
|
|
608
|
+
};
|
|
609
|
+
export type AttestLedgerExportInput = {
|
|
610
|
+
export: LedgerExport;
|
|
611
|
+
issuer: string;
|
|
612
|
+
signingKey: SigningKey;
|
|
613
|
+
keyId?: string;
|
|
614
|
+
algorithm?: SigningAlgorithm;
|
|
615
|
+
tenant?: string;
|
|
616
|
+
now?: Date;
|
|
617
|
+
};
|
|
618
|
+
export type VerifyLedgerAttestationInput = {
|
|
619
|
+
export: LedgerExport;
|
|
620
|
+
attestation: string | LedgerAttestation;
|
|
621
|
+
verificationKey?: VerificationKey;
|
|
622
|
+
verificationKeys?: VerificationKeySet | VerificationKeyResolver;
|
|
623
|
+
issuer?: string;
|
|
624
|
+
algorithms?: SigningAlgorithm[];
|
|
625
|
+
currentDate?: Date;
|
|
626
|
+
};
|
|
627
|
+
export type VerifyLedgerAttestationResult = {
|
|
628
|
+
valid: true;
|
|
629
|
+
claims: LedgerAttestationClaims;
|
|
630
|
+
recomputedDigest: string;
|
|
631
|
+
} | {
|
|
632
|
+
valid: false;
|
|
633
|
+
reason: string;
|
|
634
|
+
};
|
|
635
|
+
/** SHA-256 digest of the canonical (JCS) ledger export — the content binding. */
|
|
636
|
+
export declare function computeLedgerExportDigest(exportInput: LedgerExport): string;
|
|
637
|
+
/**
|
|
638
|
+
* RFC 6962 leaves for an export: one leaf per record, committing to that
|
|
639
|
+
* record's `ledgerHash`. Because a verifier recomputes each `ledgerHash` from
|
|
640
|
+
* record content (spec §9.1), binding leaves to `ledgerHash` transitively binds
|
|
641
|
+
* the full record content — a one-byte rewrite changes the leaf and the root.
|
|
642
|
+
*/
|
|
643
|
+
export declare function ledgerExportLeafHashes(exportInput: LedgerExport): Buffer[];
|
|
644
|
+
/** Merkle Tree Hash (RFC 6962) over the export's record leaves, as `sha256:hex`. */
|
|
645
|
+
export declare function computeLedgerExportMerkleRoot(exportInput: LedgerExport): string;
|
|
646
|
+
export declare function attestLedgerExport(input: AttestLedgerExportInput): Promise<LedgerAttestation>;
|
|
647
|
+
/**
|
|
648
|
+
* Standalone verifier: confirm a ledger export carries a valid issuer signature
|
|
649
|
+
* and has not been altered. Needs only the export, the attestation token, and
|
|
650
|
+
* the issuer public key — re-derivable from the spec alone.
|
|
651
|
+
*/
|
|
652
|
+
export declare function verifyLedgerAttestation(input: VerifyLedgerAttestationInput): Promise<VerifyLedgerAttestationResult>;
|
|
653
|
+
type OtlpAnyValue = {
|
|
654
|
+
stringValue: string;
|
|
655
|
+
} | {
|
|
656
|
+
boolValue: boolean;
|
|
657
|
+
} | {
|
|
658
|
+
intValue: string;
|
|
659
|
+
} | {
|
|
660
|
+
arrayValue: {
|
|
661
|
+
values: OtlpAnyValue[];
|
|
662
|
+
};
|
|
663
|
+
};
|
|
664
|
+
type OtlpAttribute = {
|
|
665
|
+
key: string;
|
|
666
|
+
value: OtlpAnyValue;
|
|
667
|
+
};
|
|
668
|
+
type BuildOtlpTraceRequestInput = {
|
|
669
|
+
records: LedgerRecord[];
|
|
670
|
+
serviceName?: string;
|
|
671
|
+
serviceVersion?: string;
|
|
672
|
+
};
|
|
673
|
+
export declare function buildOtlpTraceRequest(input: BuildOtlpTraceRequestInput): {
|
|
674
|
+
resourceSpans: {
|
|
675
|
+
resource: {
|
|
676
|
+
attributes: OtlpAttribute[];
|
|
677
|
+
};
|
|
678
|
+
scopeSpans: {
|
|
679
|
+
scope: {
|
|
680
|
+
name: string;
|
|
681
|
+
version: string;
|
|
682
|
+
};
|
|
683
|
+
spans: {
|
|
684
|
+
status?: {
|
|
685
|
+
code: string;
|
|
686
|
+
message: string;
|
|
687
|
+
} | {
|
|
688
|
+
code: string;
|
|
689
|
+
message?: undefined;
|
|
690
|
+
} | undefined;
|
|
691
|
+
traceId: string;
|
|
692
|
+
spanId: string;
|
|
693
|
+
name: string;
|
|
694
|
+
kind: string;
|
|
695
|
+
startTimeUnixNano: string;
|
|
696
|
+
endTimeUnixNano: string;
|
|
697
|
+
attributes: OtlpAttribute[];
|
|
698
|
+
}[];
|
|
699
|
+
}[];
|
|
700
|
+
}[];
|
|
701
|
+
};
|
|
702
|
+
/**
|
|
703
|
+
* Re-verify the exported records from the records alone: every record's own hash
|
|
704
|
+
* must recompute, and — for a full (unfiltered) export — `previousLedgerHash` must
|
|
705
|
+
* chain. Filtered exports are not contiguous, so only the per-record hash is
|
|
706
|
+
* asserted; reorder/truncation is still caught by the signed export digest.
|
|
707
|
+
*/
|
|
708
|
+
export declare const LEDGER_EQUIVALENCE_REPORT_VERSION = "axtary.ledger_equivalence_report.v0";
|
|
709
|
+
export type LedgerEquivalenceEntry = {
|
|
710
|
+
/** 1-based position among the evaluated records. */
|
|
711
|
+
line: number;
|
|
712
|
+
recordId: string;
|
|
713
|
+
occurredAt: string;
|
|
714
|
+
tool: string | null;
|
|
715
|
+
decision: LedgerRecord["decision"];
|
|
716
|
+
approvedPayloadHash: string | null;
|
|
717
|
+
executedPayloadHash: string | null;
|
|
718
|
+
/** The hash-chained record's own payload hash — the executed truth. */
|
|
719
|
+
recordPayloadHash: string;
|
|
720
|
+
status: "proved" | "failed" | "unproven";
|
|
721
|
+
failure: "equivalence_pair_incomplete" | "equivalence_executed_hash_mismatch" | "approval_execution_equivalence_failed" | null;
|
|
722
|
+
};
|
|
723
|
+
export type LedgerEquivalenceReport = {
|
|
724
|
+
schemaVersion: typeof LEDGER_EQUIVALENCE_REPORT_VERSION;
|
|
725
|
+
executions: number;
|
|
726
|
+
proved: number;
|
|
727
|
+
failed: number;
|
|
728
|
+
unproven: number;
|
|
729
|
+
entries: LedgerEquivalenceEntry[];
|
|
730
|
+
};
|
|
731
|
+
/**
|
|
732
|
+
* The approval↔execution equivalence proof over execution-outcome records.
|
|
733
|
+
*
|
|
734
|
+
* `proved` means the record carries both hashes, the executed hash agrees
|
|
735
|
+
* with the record's own hash-chained `payloadHash`, and approved == executed.
|
|
736
|
+
* `unproven` means the execution carries no pair (no approval evidence, or a
|
|
737
|
+
* record written before the pair existed) — truthfully absent, never
|
|
738
|
+
* fake-proved. Any inconsistency is `failed`: an incomplete pair, an executed
|
|
739
|
+
* hash that disagrees with the record itself (a forged outcome block), or
|
|
740
|
+
* approved != executed (an execution that escaped enforcement).
|
|
741
|
+
*/
|
|
742
|
+
export declare function evaluateLedgerEquivalence(records: LedgerRecord[]): LedgerEquivalenceReport;
|
|
743
|
+
export declare const LEDGER_ATTESTATION_BUNDLE_VERSION = "axtary.ledger_attestation_bundle.v0";
|
|
744
|
+
export declare const LedgerAttestationBundleSchema: z.ZodObject<{
|
|
745
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_attestation_bundle.v0">;
|
|
746
|
+
export: z.ZodObject<{
|
|
747
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_export.v0">;
|
|
748
|
+
exportedAt: z.ZodString;
|
|
749
|
+
source: z.ZodObject<{
|
|
750
|
+
filePath: z.ZodString;
|
|
751
|
+
totalRecords: z.ZodNumber;
|
|
752
|
+
lastLedgerHash: z.ZodNullable<z.ZodString>;
|
|
753
|
+
}, z.core.$strip>;
|
|
754
|
+
filters: z.ZodObject<{
|
|
755
|
+
from: z.ZodNullable<z.ZodString>;
|
|
756
|
+
to: z.ZodNullable<z.ZodString>;
|
|
757
|
+
decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
|
|
758
|
+
allow: "allow";
|
|
759
|
+
deny: "deny";
|
|
760
|
+
step_up: "step_up";
|
|
761
|
+
}>>>;
|
|
762
|
+
}, z.core.$strip>;
|
|
763
|
+
records: z.ZodArray<z.ZodObject<{
|
|
764
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
|
|
765
|
+
id: z.ZodString;
|
|
766
|
+
occurredAt: z.ZodString;
|
|
767
|
+
auditContext: z.ZodOptional<z.ZodObject<{
|
|
768
|
+
tenant: z.ZodNullable<z.ZodString>;
|
|
769
|
+
agentId: z.ZodString;
|
|
770
|
+
humanOwner: z.ZodString;
|
|
771
|
+
taskId: z.ZodString;
|
|
772
|
+
tool: z.ZodString;
|
|
773
|
+
resource: z.ZodString;
|
|
774
|
+
}, z.core.$strip>>;
|
|
775
|
+
actionHash: z.ZodString;
|
|
776
|
+
payloadHash: z.ZodString;
|
|
777
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
778
|
+
decision: z.ZodEnum<{
|
|
779
|
+
allow: "allow";
|
|
780
|
+
deny: "deny";
|
|
781
|
+
step_up: "step_up";
|
|
782
|
+
}>;
|
|
783
|
+
reasons: z.ZodArray<z.ZodString>;
|
|
784
|
+
policy: z.ZodObject<{
|
|
785
|
+
nativeRule: z.ZodString;
|
|
786
|
+
version: z.ZodString;
|
|
787
|
+
cedarCompatible: z.ZodBoolean;
|
|
788
|
+
opaCompatible: z.ZodBoolean;
|
|
789
|
+
}, z.core.$strip>;
|
|
790
|
+
providerEvidence: z.ZodOptional<z.ZodObject<{
|
|
791
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_provider_evidence.v0">;
|
|
792
|
+
provider: z.ZodEnum<{
|
|
793
|
+
github: "github";
|
|
794
|
+
slack: "slack";
|
|
795
|
+
linear: "linear";
|
|
796
|
+
docs: "docs";
|
|
797
|
+
drive: "drive";
|
|
798
|
+
mcp: "mcp";
|
|
799
|
+
aws: "aws";
|
|
800
|
+
gcp: "gcp";
|
|
801
|
+
jira: "jira";
|
|
802
|
+
postgres: "postgres";
|
|
803
|
+
}>;
|
|
804
|
+
tool: z.ZodString;
|
|
805
|
+
operation: z.ZodString;
|
|
806
|
+
resource: z.ZodObject<{
|
|
807
|
+
provider: z.ZodEnum<{
|
|
808
|
+
github: "github";
|
|
809
|
+
slack: "slack";
|
|
810
|
+
linear: "linear";
|
|
811
|
+
docs: "docs";
|
|
812
|
+
drive: "drive";
|
|
813
|
+
mcp: "mcp";
|
|
814
|
+
aws: "aws";
|
|
815
|
+
gcp: "gcp";
|
|
816
|
+
jira: "jira";
|
|
817
|
+
postgres: "postgres";
|
|
818
|
+
}>;
|
|
819
|
+
kind: z.ZodString;
|
|
820
|
+
id: z.ZodString;
|
|
821
|
+
label: z.ZodOptional<z.ZodString>;
|
|
822
|
+
url: z.ZodOptional<z.ZodString>;
|
|
823
|
+
}, z.core.$strict>;
|
|
824
|
+
normalized: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
|
|
825
|
+
fieldChanges: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
826
|
+
field: z.ZodString;
|
|
827
|
+
before: z.ZodOptional<z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>;
|
|
828
|
+
after: z.ZodOptional<z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>;
|
|
829
|
+
}, z.core.$strip>>>;
|
|
830
|
+
diff: z.ZodOptional<z.ZodObject<{
|
|
831
|
+
provider: z.ZodEnum<{
|
|
832
|
+
github: "github";
|
|
833
|
+
slack: "slack";
|
|
834
|
+
linear: "linear";
|
|
835
|
+
docs: "docs";
|
|
836
|
+
drive: "drive";
|
|
837
|
+
mcp: "mcp";
|
|
838
|
+
aws: "aws";
|
|
839
|
+
gcp: "gcp";
|
|
840
|
+
jira: "jira";
|
|
841
|
+
postgres: "postgres";
|
|
842
|
+
}>;
|
|
843
|
+
summary: z.ZodOptional<z.ZodString>;
|
|
844
|
+
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
845
|
+
path: z.ZodString;
|
|
846
|
+
oldPath: z.ZodOptional<z.ZodString>;
|
|
847
|
+
status: z.ZodEnum<{
|
|
848
|
+
added: "added";
|
|
849
|
+
modified: "modified";
|
|
850
|
+
deleted: "deleted";
|
|
851
|
+
renamed: "renamed";
|
|
852
|
+
}>;
|
|
853
|
+
additions: z.ZodDefault<z.ZodNumber>;
|
|
854
|
+
deletions: z.ZodDefault<z.ZodNumber>;
|
|
855
|
+
hunks: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
856
|
+
header: z.ZodString;
|
|
857
|
+
lines: z.ZodArray<z.ZodObject<{
|
|
858
|
+
type: z.ZodEnum<{
|
|
859
|
+
context: "context";
|
|
860
|
+
addition: "addition";
|
|
861
|
+
deletion: "deletion";
|
|
862
|
+
}>;
|
|
863
|
+
content: z.ZodString;
|
|
864
|
+
oldLine: z.ZodOptional<z.ZodNumber>;
|
|
865
|
+
newLine: z.ZodOptional<z.ZodNumber>;
|
|
866
|
+
}, z.core.$strip>>;
|
|
867
|
+
}, z.core.$strip>>>;
|
|
868
|
+
}, z.core.$strip>>>;
|
|
869
|
+
}, z.core.$strip>>;
|
|
870
|
+
}, z.core.$strip>>;
|
|
871
|
+
executionOutcome: z.ZodOptional<z.ZodObject<{
|
|
872
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_execution_outcome.v0">;
|
|
873
|
+
status: z.ZodEnum<{
|
|
874
|
+
succeeded: "succeeded";
|
|
875
|
+
failed: "failed";
|
|
876
|
+
}>;
|
|
877
|
+
provider: z.ZodOptional<z.ZodEnum<{
|
|
878
|
+
github: "github";
|
|
879
|
+
slack: "slack";
|
|
880
|
+
linear: "linear";
|
|
881
|
+
docs: "docs";
|
|
882
|
+
drive: "drive";
|
|
883
|
+
mcp: "mcp";
|
|
884
|
+
aws: "aws";
|
|
885
|
+
gcp: "gcp";
|
|
886
|
+
jira: "jira";
|
|
887
|
+
postgres: "postgres";
|
|
888
|
+
}>>;
|
|
889
|
+
resultId: z.ZodOptional<z.ZodString>;
|
|
890
|
+
resultUrl: z.ZodOptional<z.ZodString>;
|
|
891
|
+
resourceId: z.ZodOptional<z.ZodString>;
|
|
892
|
+
resourceLabel: z.ZodOptional<z.ZodString>;
|
|
893
|
+
failureReason: z.ZodOptional<z.ZodString>;
|
|
894
|
+
errorClass: z.ZodOptional<z.ZodString>;
|
|
895
|
+
approvedPayloadHash: z.ZodOptional<z.ZodString>;
|
|
896
|
+
executedPayloadHash: z.ZodOptional<z.ZodString>;
|
|
897
|
+
sideEffectProof: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<import("@axtary/actionpass").JsonValue, unknown, z.core.$ZodTypeInternals<import("@axtary/actionpass").JsonValue, unknown>>>>;
|
|
898
|
+
}, z.core.$strict>>;
|
|
899
|
+
traceId: z.ZodOptional<z.ZodString>;
|
|
900
|
+
actionPassId: z.ZodNullable<z.ZodString>;
|
|
901
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
902
|
+
parentPassId: z.ZodString;
|
|
903
|
+
childPassId: z.ZodString;
|
|
904
|
+
depth: z.ZodNumber;
|
|
905
|
+
rootPassId: z.ZodString;
|
|
906
|
+
}, z.core.$strip>>;
|
|
907
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
908
|
+
reservationId: z.ZodNullable<z.ZodString>;
|
|
909
|
+
scope: z.ZodString;
|
|
910
|
+
status: z.ZodEnum<{
|
|
911
|
+
pending: "pending";
|
|
912
|
+
committed: "committed";
|
|
913
|
+
rolled_back: "rolled_back";
|
|
914
|
+
denied: "denied";
|
|
915
|
+
}>;
|
|
916
|
+
expiresAt: z.ZodNullable<z.ZodString>;
|
|
917
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
918
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
919
|
+
committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
920
|
+
committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
921
|
+
reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
922
|
+
}, z.core.$strip>>;
|
|
923
|
+
correlationId: z.ZodOptional<z.ZodString>;
|
|
924
|
+
previousLedgerHash: z.ZodNullable<z.ZodString>;
|
|
925
|
+
ledgerHash: z.ZodString;
|
|
926
|
+
}, z.core.$strip>>;
|
|
927
|
+
}, z.core.$strip>;
|
|
928
|
+
attestation: z.ZodObject<{
|
|
929
|
+
token: z.ZodString;
|
|
930
|
+
claims: z.ZodObject<{
|
|
931
|
+
lav: z.ZodLiteral<"axtary.ledger_attestation.v0">;
|
|
932
|
+
iss: z.ZodString;
|
|
933
|
+
iat: z.ZodNumber;
|
|
934
|
+
tenant: z.ZodOptional<z.ZodString>;
|
|
935
|
+
exportDigest: z.ZodString;
|
|
936
|
+
recordCount: z.ZodNumber;
|
|
937
|
+
firstLedgerHash: z.ZodNullable<z.ZodString>;
|
|
938
|
+
segmentHead: z.ZodNullable<z.ZodString>;
|
|
939
|
+
sourceLastLedgerHash: z.ZodNullable<z.ZodString>;
|
|
940
|
+
range: z.ZodObject<{
|
|
941
|
+
from: z.ZodNullable<z.ZodString>;
|
|
942
|
+
to: z.ZodNullable<z.ZodString>;
|
|
943
|
+
decisions: z.ZodNullable<z.ZodArray<z.ZodEnum<{
|
|
944
|
+
allow: "allow";
|
|
945
|
+
deny: "deny";
|
|
946
|
+
step_up: "step_up";
|
|
947
|
+
}>>>;
|
|
948
|
+
}, z.core.$strip>;
|
|
949
|
+
merkleRoot: z.ZodOptional<z.ZodString>;
|
|
950
|
+
treeSize: z.ZodOptional<z.ZodNumber>;
|
|
951
|
+
}, z.core.$strip>;
|
|
952
|
+
}, z.core.$strip>;
|
|
953
|
+
publicJwk: z.ZodRecord<z.ZodString, z.ZodUnknown>;
|
|
954
|
+
keyId: z.ZodNullable<z.ZodString>;
|
|
955
|
+
}, z.core.$strip>;
|
|
956
|
+
export type LedgerAttestationBundle = z.infer<typeof LedgerAttestationBundleSchema>;
|
|
957
|
+
/** Bundle an export, its attestation, and the public key into one artifact. */
|
|
958
|
+
export declare function buildLedgerAttestationBundle(input: {
|
|
959
|
+
export: LedgerExport;
|
|
960
|
+
attestation: LedgerAttestation;
|
|
961
|
+
publicJwk: Record<string, unknown>;
|
|
962
|
+
keyId?: string | null;
|
|
963
|
+
}): LedgerAttestationBundle;
|
|
964
|
+
/** Verify a self-contained attestation bundle (export + token + embedded public key). */
|
|
965
|
+
export declare function verifyLedgerAttestationBundle(bundleInput: unknown, options?: {
|
|
966
|
+
issuer?: string;
|
|
967
|
+
algorithms?: SigningAlgorithm[];
|
|
968
|
+
currentDate?: Date;
|
|
969
|
+
}): Promise<VerifyLedgerAttestationResult>;
|
|
970
|
+
export declare const LEDGER_INCLUSION_PROOF_VERSION = "axtary.ledger_inclusion_proof.v0";
|
|
971
|
+
export declare const LedgerInclusionProofSchema: z.ZodObject<{
|
|
972
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_inclusion_proof.v0">;
|
|
973
|
+
recordId: z.ZodString;
|
|
974
|
+
ledgerHash: z.ZodString;
|
|
975
|
+
leafIndex: z.ZodNumber;
|
|
976
|
+
treeSize: z.ZodNumber;
|
|
977
|
+
merkleRoot: z.ZodString;
|
|
978
|
+
auditPath: z.ZodArray<z.ZodString>;
|
|
979
|
+
}, z.core.$strip>;
|
|
980
|
+
export type LedgerInclusionProof = z.infer<typeof LedgerInclusionProofSchema>;
|
|
981
|
+
export declare const LEDGER_CONSISTENCY_PROOF_VERSION = "axtary.ledger_consistency_proof.v0";
|
|
982
|
+
export declare const LedgerConsistencyProofSchema: z.ZodObject<{
|
|
983
|
+
schemaVersion: z.ZodLiteral<"axtary.ledger_consistency_proof.v0">;
|
|
984
|
+
firstSize: z.ZodNumber;
|
|
985
|
+
secondSize: z.ZodNumber;
|
|
986
|
+
firstRoot: z.ZodString;
|
|
987
|
+
secondRoot: z.ZodString;
|
|
988
|
+
proof: z.ZodArray<z.ZodString>;
|
|
989
|
+
}, z.core.$strip>;
|
|
990
|
+
export type LedgerConsistencyProof = z.infer<typeof LedgerConsistencyProofSchema>;
|
|
991
|
+
export type ProofVerificationResult = {
|
|
992
|
+
valid: true;
|
|
993
|
+
} | {
|
|
994
|
+
valid: false;
|
|
995
|
+
reason: string;
|
|
996
|
+
};
|
|
997
|
+
/** Build an inclusion proof for one record (by id or 0-based index). */
|
|
998
|
+
export declare function proveLedgerInclusion(input: {
|
|
999
|
+
export: LedgerExport;
|
|
1000
|
+
recordId?: string;
|
|
1001
|
+
index?: number;
|
|
1002
|
+
}): LedgerInclusionProof;
|
|
1003
|
+
/**
|
|
1004
|
+
* Verify an inclusion proof against a Merkle root. Pass `expectedRoot` (e.g. a
|
|
1005
|
+
* signed attestation's `merkleRoot`) to bind the proof to a signed tree head.
|
|
1006
|
+
* Pass `record` to additionally recompute the leaf from record content so a
|
|
1007
|
+
* proof cannot smuggle a `ledgerHash` that does not match the record.
|
|
1008
|
+
*/
|
|
1009
|
+
export declare function verifyLedgerInclusionProof(input: {
|
|
1010
|
+
proof: unknown;
|
|
1011
|
+
expectedRoot?: string;
|
|
1012
|
+
record?: LedgerRecord;
|
|
1013
|
+
}): ProofVerificationResult;
|
|
1014
|
+
/**
|
|
1015
|
+
* Build a consistency proof showing the `second` export append-only-extends the
|
|
1016
|
+
* `first`. Roots are computed from each export independently; if `first` is not
|
|
1017
|
+
* a genuine prefix, verification fails (the honest, fail-closed outcome).
|
|
1018
|
+
*/
|
|
1019
|
+
export declare function proveLedgerConsistency(input: {
|
|
1020
|
+
first: LedgerExport;
|
|
1021
|
+
second: LedgerExport;
|
|
1022
|
+
}): LedgerConsistencyProof;
|
|
1023
|
+
/**
|
|
1024
|
+
* Verify a consistency proof. Pass `firstExpectedRoot`/`secondExpectedRoot`
|
|
1025
|
+
* (the two signed heads' `merkleRoot`s) to bind the proof to signed tree heads.
|
|
1026
|
+
*/
|
|
1027
|
+
export declare function verifyLedgerConsistencyProof(input: {
|
|
1028
|
+
proof: unknown;
|
|
1029
|
+
firstExpectedRoot?: string;
|
|
1030
|
+
secondExpectedRoot?: string;
|
|
1031
|
+
}): ProofVerificationResult;
|
|
1032
|
+
export declare const CROSS_ISSUER_TRUST_ROOT_VERSION = "axtary.cross_issuer_trust_root.v0";
|
|
1033
|
+
export declare const CROSS_ISSUER_VERIFICATION_REPORT_VERSION = "axtary.cross_issuer_verification_report.v0";
|
|
1034
|
+
export declare const CrossIssuerTrustRootSchema: z.ZodObject<{
|
|
1035
|
+
schemaVersion: z.ZodLiteral<"axtary.cross_issuer_trust_root.v0">;
|
|
1036
|
+
issuer: z.ZodString;
|
|
1037
|
+
jwks: z.ZodObject<{
|
|
1038
|
+
keys: z.ZodArray<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
1039
|
+
}, z.core.$strip>;
|
|
1040
|
+
statusListUri: z.ZodString;
|
|
1041
|
+
federationProfile: z.ZodOptional<z.ZodObject<{
|
|
1042
|
+
profile: z.ZodLiteral<"axtary.openid-federation-anchor.v0">;
|
|
1043
|
+
entityStatementTyp: z.ZodLiteral<"entity-statement+jwt">;
|
|
1044
|
+
source: z.ZodOptional<z.ZodString>;
|
|
1045
|
+
}, z.core.$strip>>;
|
|
1046
|
+
}, z.core.$strip>;
|
|
1047
|
+
export type CrossIssuerTrustRoot = z.infer<typeof CrossIssuerTrustRootSchema>;
|
|
1048
|
+
export type VerifyCrossIssuerInput = {
|
|
1049
|
+
trustRoot: unknown;
|
|
1050
|
+
action: unknown;
|
|
1051
|
+
actionPassToken: string;
|
|
1052
|
+
ledgerAttestationBundle: unknown;
|
|
1053
|
+
inclusionProof: unknown;
|
|
1054
|
+
statusFetch: StatusListFetch;
|
|
1055
|
+
currentDate?: Date;
|
|
1056
|
+
};
|
|
1057
|
+
export type CrossIssuerVerificationReport = {
|
|
1058
|
+
schemaVersion: typeof CROSS_ISSUER_VERIFICATION_REPORT_VERSION;
|
|
1059
|
+
issuer: string;
|
|
1060
|
+
passId: string;
|
|
1061
|
+
recordId: string;
|
|
1062
|
+
payloadHash: string;
|
|
1063
|
+
actionHash: string;
|
|
1064
|
+
ledgerHash: string;
|
|
1065
|
+
merkleRoot: string;
|
|
1066
|
+
statusListUri: string;
|
|
1067
|
+
verifiedAt: string;
|
|
1068
|
+
};
|
|
1069
|
+
export type VerifyCrossIssuerResult = {
|
|
1070
|
+
valid: true;
|
|
1071
|
+
report: CrossIssuerVerificationReport;
|
|
1072
|
+
} | {
|
|
1073
|
+
valid: false;
|
|
1074
|
+
reason: string;
|
|
1075
|
+
};
|
|
1076
|
+
export declare function verifyCrossIssuerActionPass(input: VerifyCrossIssuerInput): Promise<VerifyCrossIssuerResult>;
|
|
415
1077
|
//# sourceMappingURL=index.d.ts.map
|