@blamejs/core 0.8.43 → 0.8.49

package/lib/config-drift.js

@@ -1,49 +1,39 @@
 "use strict";
 /**
- * config-drift — boot-time config-baseline capture + signed sidecar +
- * next-boot drift detection.
+ * @module b.configDrift
+ * @nav    Observability
+ * @title  Config Drift
  *
- * The framework's audit chain captures DATA writes (every row, every
- * key change). It does NOT capture RUNTIME CONFIG (the operator
- * silently changed `allowedOrigins` 3 weeks ago and we have no
- * signal). config-drift fills that gap: at every boot, the operator
- * passes the baseline config snapshot they want tracked. The
- * primitive hashes it with SHA3-512, signs the digest with the audit-
- * signing key, and writes the result to a sidecar at
- * `<dataDir>/config-baseline.sig`. On the next boot, the sidecar is
- * loaded + verified + diffed against the new snapshot. Drift surfaces
- * as an audit event (`config.drift.detected`); no boot block — the
- * operator may have a legitimate reason to change config and the
- * framework's job is to make the change auditable, not to refuse to
- * start.
+ * @intro
+ *   Monitor + alert when runtime config diverges from a declared
+ *   baseline.
  *
- *   var configDrift = b.configDrift.create({
- *     dataDir: "/data",
- *     audit:   b.audit,
- *   });
+ *   The framework's audit chain captures DATA writes (every row, every
+ *   key change). It does NOT capture RUNTIME CONFIG — an operator who
+ *   silently changes `allowedOrigins` three weeks ago leaves no signal.
+ *   `b.configDrift` fills that gap: at every boot the operator passes
+ *   the baseline snapshot they want tracked. The primitive hashes it
+ *   with SHA3-512, signs the digest with the audit-signing key, and
+ *   writes the result to a sidecar at `<dataDir>/config-baseline.sig`.
+ *   On the next boot the sidecar is loaded, verified, and diffed
+ *   against the new snapshot. Drift surfaces as an audit event
+ *   (`config.drift.detected`); no boot block — the operator may have a
+ *   legitimate reason to change config, and the framework's job is to
+ *   make the change auditable, not to refuse to start.
  *
- *   await configDrift.checkpoint({
- *     // operator decides what's tracked. JSON-stringifiable.
- *     allowedOrigins: ["https://app.example.com"],
- *     csp:            "default-src 'self'",
- *     auditMode:      b.audit.getMode(),
- *     vaultMode:      b.vault.getMode(),
- *     dbAtRest:       b.db.getAtRestMode(),
- *   });
- *   // → { signed: true, drifted: false, previousAt: 1730000000000 }
+ *   The signed sidecar uses `b.auditSign` — same SLH-DSA-SHAKE-256f
+ *   keypair the audit chain anchors on. An attacker who flips a config
+ *   value would also need to forge the signing key to update the
+ *   sidecar cleanly; otherwise next-boot verify catches the tamper.
  *
- * The signed sidecar uses b.auditSign — same SLH-DSA-SHAKE-256f keypair
- * the audit chain anchors on. An attacker who flips a config value
- * would also need to forge the signing key to update the sidecar
- * cleanly; otherwise next-boot verify catches the tamper.
+ *   `b.configDrift.verifyVendorIntegrity` is a sibling primitive that
+ *   re-hashes every file under `lib/vendor/` against the manifest's
+ *   sha256 digests at boot — catches a half-applied vendor refresh,
+ *   a corrupted install, or a vendored cjs modified without a manifest
+ *   update.
  *
- * Validation:
- *   - create() opts: throw at boot on bad shape
- *   - checkpoint() snapshot: must be a JSON-serialisable object
- *   - sidecar verify failure (tampered, key rotated, missing pubkey)
- *     surfaces as `config.baseline.tamper` audit event AND the call
- *     returns { tamper: true } so the operator can decide whether
- *     to refuse boot
+ * @card
+ *   Monitor + alert when runtime config diverges from a declared baseline.
  */
 var fs = require("node:fs");
 var path = require("node:path");
@@ -96,6 +86,52 @@ function _diffShallow(prev, next) {
   return { changed: changed, added: added, removed: removed };
 }
 
+/**
+ * @primitive b.configDrift.create
+ * @signature b.configDrift.create(opts)
+ * @since     0.6.0
+ * @status    stable
+ * @related   b.configDrift.verifyVendorIntegrity, b.auditSign.sign, b.audit.safeEmit
+ *
+ * Build a per-baseline drift detector bound to a `dataDir`. Returns a
+ * handle exposing `.checkpoint(snapshot)` (write or compare against the
+ * signed sidecar), `.read()` (load + verify the sidecar without
+ * mutating it), and `.sidecarPath` (absolute path of the sidecar file).
+ *
+ * Drift on a key listed in `opts.criticalKeys` surfaces as
+ * `config.drift.detected` with `severity: "high"` and outcome
+ * `failure`; drift in any other key surfaces as `severity: "low"` and
+ * outcome `success`. When `criticalKeys` is omitted every key is
+ * treated as high severity. Keys listed in `opts.ignoreKeys` are
+ * captured in the snapshot but never raise a drift event.
+ *
+ * @opts
+ *   dataDir:      string,    // directory holding the baseline sidecar (required)
+ *   audit:        object,    // b.audit instance; pass false to disable
+ *   baseline:     string,    // baseline name — sidecar is `config-baseline-<name>.sig`
+ *   criticalKeys: string[],  // keys whose drift raises severity to "high"
+ *   ignoreKeys:   string[],  // keys excluded from drift detection
+ *
+ * @example
+ *   var fakeAudit = { safeEmit: function () {} };
+ *   var detector = b.configDrift.create({
+ *     dataDir:      "/tmp/blamejs-drift-demo",
+ *     audit:        fakeAudit,
+ *     criticalKeys: ["allowedOrigins", "csp"],
+ *     ignoreKeys:   ["bootCount"],
+ *   });
+ *   detector.sidecarPath;
+ *   // → "/tmp/blamejs-drift-demo/config-baseline.sig"
+ *
+ *   var first = await detector.checkpoint({
+ *     allowedOrigins: ["https://app.example.com"],
+ *     csp:            "default-src 'self'",
+ *     bootCount:      1,
+ *   });
+ *   first.signed;     // → true
+ *   first.drifted;    // → false
+ *   first.previousAt; // → null
+ */
 function create(opts) {
   opts = opts || {};
   validateOpts(opts, [
@@ -292,13 +328,42 @@ function create(opts) {
   };
 }
 
-// verifyVendorIntegrity — at-boot integrity check over `lib/vendor/*`.
-// MANIFEST.json carries a sha256 digest per bundled file; we re-hash
-// each one and refuse on mismatch. Catches a half-applied vendor
-// refresh, a corrupted install, or an attacker who modified a
-// vendored cjs without updating the manifest. Returns
-// `{ ok, mismatches: [{ path, expected, actual }] }` and emits
-// `vendor.integrity.{verified,tampered}` audit on each call.
+/**
+ * @primitive b.configDrift.verifyVendorIntegrity
+ * @signature b.configDrift.verifyVendorIntegrity(opts)
+ * @since     0.7.39
+ * @status    stable
+ * @related   b.configDrift.create, b.audit.safeEmit
+ *
+ * At-boot integrity check over `lib/vendor/*`. MANIFEST.json carries a
+ * sha256 digest per bundled file; the call re-hashes each one and
+ * surfaces mismatches without throwing. Returns
+ * `{ ok, checkedCount, mismatches }` and emits
+ * `vendor.integrity.verified` (success) or `vendor.integrity.tampered`
+ * (failure) on every invocation so a corrupted install lands in the
+ * audit chain at boot, not later.
+ *
+ * Throws `ConfigDriftError("VENDOR_MANIFEST_MISSING")` when MANIFEST.json
+ * is absent and `ConfigDriftError("VENDOR_MANIFEST_SHAPE")` when its
+ * top-level `packages` map is missing — operators see a hard fail
+ * instead of a silent zero-files-checked pass.
+ *
+ * @opts
+ *   libVendorDir: string,  // absolute path to lib/vendor (defaults to cwd-relative)
+ *   manifestPath: string,  // absolute path to MANIFEST.json (defaults under libVendorDir)
+ *
+ * @example
+ *   try {
+ *     var result = b.configDrift.verifyVendorIntegrity({
+ *       libVendorDir: "/srv/app/lib/vendor",
+ *     });
+ *     result.ok;            // → true
+ *     result.checkedCount;  // → 42
+ *     result.mismatches;    // → []
+ *   } catch (e) {
+ *     e.code; // → "VENDOR_MANIFEST_MISSING"
+ *   }
+ */
 function verifyVendorIntegrity(opts) {
   opts = opts || {};
   var libVendorDir  = opts.libVendorDir  || path.join(process.cwd(), "lib", "vendor");

package/lib/config.js

@@ -1,35 +1,27 @@
 "use strict";
 /**
- * config — schema-validated environment configuration.
+ * @module b.config
+ * @nav    Tools
+ * @title  Config
  *
- * Operators read process.env throughout their app code. A typo in the
- * key name OR a value in the wrong shape (port="abc", flag="yas")
- * surfaces three days later as a mysterious 500. This primitive validates
- * env at boot via b.safeSchema so the app refuses to start with broken
- * config.
+ * @intro
+ *   Schema-validated environment configuration. Operators read
+ *   `process.env` throughout their app; a typo in the key name OR a
+ *   value in the wrong shape (`port="abc"`, `flag="yas"`) surfaces
+ *   three days later as a mysterious 500. `b.config.create` validates
+ *   env at boot through `b.safeSchema` so the app refuses to start
+ *   with broken config — the throw happens at `create()` time, not
+ *   at the first request that touches the broken value.
  *
- *   var config = b.config.create({
- *     schema: b.safeSchema.object({
- *       NODE_ENV:        b.safeSchema.enum_(["development", "test", "production"]),
- *       PORT:            b.config.coerce.number().default(3000),
- *       LOG_LEVEL:       b.safeSchema.enum_(["debug", "info", "warn", "error"]).default("info"),
- *       SESSION_SECRET:  b.safeSchema.string().min(32),
- *       DATABASE_URL:    b.safeSchema.string().url(),
- *       REDIS_URL:       b.safeSchema.string().url().optional(),
- *       FEATURE_X:       b.config.coerce.boolean().default(false),
- *     }),
- *     // env: process.env (default) — operators in tests pass a fake object
- *     // redactKeys: ["SESSION_SECRET", "DATABASE_URL"] — never log these
- *   });
- *
- *   config.value          → the validated, typed value object
- *   config.value.PORT     → 3000 (Number, not "3000")
- *   config.boot()         → throws ConfigError on validation failure;
- *                           returns the validated value otherwise
+ *   `b.config.coerce.number()` and `b.config.coerce.boolean()` wrap
+ *   schema leaves with the env-friendly preprocessors most operators
+ *   want (env values are always strings at the source). `loadDbBacked`
+ *   composes `create` with periodic DB-row polling so a row update in
+ *   `_blamejs_config_overrides` surfaces without restart, and falls
+ *   back to the last-good value on validation failure.
  *
- * The factory immediately runs validation — the throw at create() time
- * is intentional. Operators want config errors at app boot, not at
- * the first request that touches the broken value.
+ * @card
+ *   Schema-validated environment configuration.
  */
 var safeSchema = require("./safe-schema");
 var validateOpts = require("./validate-opts");
@@ -64,6 +56,41 @@ var coerce = {
   },
 };
 
+/**
+ * @primitive b.config.create
+ * @signature b.config.create(opts)
+ * @since     0.8.0
+ * @status    stable
+ * @related   b.config.loadDbBacked, b.safeSchema.object
+ *
+ * Validate env against a `b.safeSchema` shape and return a frozen
+ * config handle (`value` / `get` / `has` / `redacted` / `subscribe` /
+ * `reload`). Throws `ConfigError` synchronously when validation fails
+ * — the operator sees broken config at boot rather than at the first
+ * request that touches the value. The handle's `reload(overlay)`
+ * applies a new env-shaped overlay on top of the validated baseline,
+ * notifies subscribers on success, and falls back to the prior value
+ * on failure.
+ *
+ * @opts
+ *   schema:      b.safeSchema instance (required; built via b.safeSchema.object({...})),
+ *   env:         object  (env bag; default process.env),
+ *   redactKeys:  Array<string>  (keys masked by `.redacted()` for log output),
+ *
+ * @example
+ *   var s = b.safeSchema;
+ *   var cfg = b.config.create({
+ *     schema: s.object({
+ *       NODE_ENV: s.enum_(["development", "test", "production"]),
+ *       PORT:     b.config.coerce.number().default(3000),
+ *     }),
+ *     env: { NODE_ENV: "production", PORT: "8080" },
+ *     redactKeys: [],
+ *   });
+ *   cfg.value.NODE_ENV;     // → "production"
+ *   cfg.value.PORT;         // → 8080  (Number, not "8080")
+ *   cfg.has("PORT");        // → true
+ */
 function create(opts) {
   if (!opts || typeof opts !== "object") {
     throw new ConfigError("config/bad-opts",
@@ -168,19 +195,46 @@ function create(opts) {
   };
 }
 
-// loadDbBacked — composes b.config.create with a periodic DB-row
-// fetch. Operators put canonical config values in
-// `_blamejs_config_overrides(key TEXT PRIMARY KEY, value TEXT)`;
-// this helper polls every `intervalMs`, applies the rows as an
-// overlay via cfg.reload(), and re-validates. Reload failures emit
-// a `config.reload.failed` audit row but do NOT clobber the
-// previous value (the running app stays on the last-good config).
-//
-//   var cfg = await b.config.loadDbBacked({
-//     schema:     mySchema,
-//     fetchRows:  async () => await db.query("SELECT key, value FROM _blamejs_config_overrides"),
-//     intervalMs: C.TIME.minutes(1),
-//   });
+/**
+ * @primitive b.config.loadDbBacked
+ * @signature b.config.loadDbBacked(opts)
+ * @since     0.8.0
+ * @status    stable
+ * @related   b.config.create, b.safeAsync.repeating
+ *
+ * Compose `b.config.create` with a periodic DB-row fetch. Operators
+ * keep canonical config values in
+ * `_blamejs_config_overrides(key TEXT PRIMARY KEY, value TEXT)`; this
+ * helper polls every `intervalMs`, applies the rows as an overlay
+ * via the underlying handle's `reload`, and re-validates. Reload
+ * failures emit a `config.reload.failed` audit row but DO NOT
+ * clobber the previous value — the running app stays on the
+ * last-good config. The returned handle is the same shape as
+ * `create()` plus a `.stop()` method that halts the poller.
+ *
+ * @opts
+ *   schema:      b.safeSchema instance (required),
+ *   env:         object  (env baseline; default process.env),
+ *   redactKeys:  Array<string>,
+ *   fetchRows:   async () => Array<{ key: string, value: string }>  (required),
+ *   intervalMs:  number   (positive finite poll interval),
+ *   audit:       boolean  (default true; reserved for future per-poll audit),
+ *
+ * @example
+ *   var s = b.safeSchema;
+ *   var cfg = b.config.loadDbBacked({
+ *     schema: s.object({
+ *       FEATURE_X: b.config.coerce.boolean().default(false),
+ *     }),
+ *     env:        { FEATURE_X: "false" },
+ *     fetchRows:  async function () {
+ *       return [{ key: "FEATURE_X", value: "true" }];
+ *     },
+ *     intervalMs: 60 * 1000,
+ *   });
+ *   cfg.value.FEATURE_X;    // → false  (until first poll tick lands)
+ *   cfg.stop();             // halt the poller on shutdown
+ */
 function loadDbBacked(opts) {
   opts = opts || {};
   validateOpts(opts, ["schema", "env", "redactKeys", "fetchRows", "intervalMs", "audit"],

package/lib/consent.js

@@ -1,23 +1,39 @@
 "use strict";
 /**
- * Consent log — GDPR Art. 6/7 lawful-basis tracking with hash chain.
- *
- * consent_log is baked into db.js's schema runner alongside audit_log.
- * Same tamper-evidence design: per-row SHA3-512 hash chain, append-only,
- * verified at boot.
- *
- * Lawful-basis consistency: any audit-recorded operation declared under
- * `lawfulBasis: 'consent'` should reference a current consent_log entry.
- * The framework records consent grants/withdrawals here; enforcement of
- * consent before processing is the app's responsibility — query
- * `consent.isActive(subjectId, purpose)` at the trust boundary.
- *
- * Public API:
- *   consent.grant({ subjectId, purpose, lawfulBasis, scope?, channel, evidenceRef? })
- *   consent.withdraw({ subjectId, purpose, reason? })
- *   consent.isGranted({ subjectId, purpose }) → boolean
- *   consent.history(subjectId) → array of consent_log rows (decrypted)
- *   consent.verify() → { ok, rowsVerified, breakAt? }
+ * @module b.consent
+ * @nav    Identity
+ * @title  Consent
+ *
+ * @intro
+ *   Consent-record chain — every grant / withdrawal / expiry / supersede
+ *   for a (subjectId, purpose) pair lands in `consent_log` as one
+ *   append-only, hash-chained row. Same tamper-evidence design as
+ *   `audit_log`: per-row SHA3-512 hash chain over the sealed payload,
+ *   verified at boot, refuse-to-boot on a break.
+ *
+ *   GDPR Art. 7 demands controllers be able to demonstrate the data
+ *   subject consented; CCPA / CPRA Title 1.81.5 requires evidence the
+ *   consumer exercised opt-out. consent_log carries `subjectId` (sealed)
+ *   + `purpose` + `lawfulBasis` + `channel` + operator-supplied
+ *   `evidenceRef` so a regulator request resolves to a specific row,
+ *   tied to the audit chain via shared chain-writer primitives.
+ *
+ *   Lawful-basis vocabulary tracks the GDPR Art. 6(1) enumeration:
+ *   `consent`, `contract`, `legal_obligation`, `vital_interests`,
+ *   `public_task`, `legitimate_interests`. Any audit event declaring
+ *   `lawfulBasis: 'consent'` should reference a current consent_log
+ *   entry — the framework records the grants and withdrawals here;
+ *   enforcement at the trust boundary is the app's call (typical shape:
+ *   `if (!b.consent.isGranted({ subjectId, purpose })) return 403`).
+ *
+ *   Cluster mode keeps `_blamejs_consent_tip` current with a fenced
+ *   `INSERT … ON CONFLICT DO UPDATE … WHERE fencingToken <= EXCLUDED`
+ *   so a partitioned old leader cannot rewrite the tip even if its
+ *   application-layer leader gate let the call through. Followers
+ *   refuse `grant` / `withdraw` with `NotLeaderError`.
+ *
+ * @card
+ *   Consent-record chain — every grant / withdrawal / expiry / supersede for a (subjectId, purpose) pair lands in `consent_log` as one append-only, hash-chained row.
  */
 var auditChain = require("./audit-chain");
 var cluster = require("./cluster");
@@ -64,6 +80,40 @@ var _chainWriter = chainWriter.create({
 
 // ---- Public API ----
 
+/**
+ * @primitive  b.consent.grant
+ * @signature  b.consent.grant(opts)
+ * @since      0.1.0
+ * @status     stable
+ * @compliance gdpr, ccpa, hipaa
+ * @related    b.consent.withdraw, b.consent.isGranted, b.consent.history
+ *
+ * Append a "granted" row to consent_log for a (subjectId, purpose) pair.
+ * Refuses on a follower (cluster mode). Lawful-basis must come from the
+ * GDPR Art. 6(1) enumeration; an unknown value throws synchronously
+ * before touching the chain.
+ *
+ * @opts
+ *   subjectId:   string,                          // sealed at rest
+ *   purpose:     string,                          // e.g. "marketing"
+ *   lawfulBasis: "consent" | "contract" | "legal_obligation"
+ *              | "vital_interests" | "public_task"
+ *              | "legitimate_interests",
+ *   scope:       object,                          // optional, JSON-serialized
+ *   channel:     string,                          // "web-banner" / "api" / ...
+ *   evidenceRef: string,                          // optional pointer to UI snapshot
+ *
+ * @example
+ *   await b.consent.grant({
+ *     subjectId:   "u-42",
+ *     purpose:     "marketing",
+ *     lawfulBasis: "consent",
+ *     scope:       { channels: ["email", "sms"] },
+ *     channel:     "web-banner-v3",
+ *     evidenceRef: "snapshot-2026-05-09T14:00:00Z",
+ *   });
+ *   // → { _id, monotonicCounter, rowHash, prevHash, ... }
+ */
 function grant(opts) {
   cluster.requireLeader();
   if (!opts || !opts.subjectId || !opts.purpose || !opts.lawfulBasis || !opts.channel) {
@@ -83,6 +133,34 @@ function grant(opts) {
   });
 }
 
+/**
+ * @primitive  b.consent.withdraw
+ * @signature  b.consent.withdraw(opts)
+ * @since      0.1.0
+ * @status     stable
+ * @compliance gdpr, ccpa
+ * @related    b.consent.grant, b.consent.isGranted
+ *
+ * Append a "withdrawn" row to consent_log. After this lands,
+ * `isGranted` returns `false` for the same (subjectId, purpose). Pair
+ * with a downstream sweep over data-classes that depended on the
+ * lawful basis (typical pattern: cascade into `b.retention` or
+ * `b.subject.erase`).
+ *
+ * @opts
+ *   subjectId: string,
+ *   purpose:   string,
+ *   reason:    string,                            // optional, recorded as evidenceRef
+ *   channel:   string,                            // optional, defaults to "api"
+ *
+ * @example
+ *   await b.consent.withdraw({
+ *     subjectId: "u-42",
+ *     purpose:   "marketing",
+ *     reason:    "user-self-service-portal",
+ *   });
+ *   // → { _id, monotonicCounter, rowHash, ... }
+ */
 function withdraw(opts) {
   cluster.requireLeader();
   if (!opts || !opts.subjectId || !opts.purpose) {
@@ -99,6 +177,30 @@ function withdraw(opts) {
   });
 }
 
+/**
+ * @primitive  b.consent.isGranted
+ * @signature  b.consent.isGranted(opts)
+ * @since      0.1.0
+ * @status     stable
+ * @compliance gdpr, ccpa
+ * @related    b.consent.grant, b.consent.withdraw, b.consent.history
+ *
+ * Returns `true` when the most recent consent_log row for the
+ * (subjectId, purpose) pair has action `granted`. Lookups go through
+ * the derived `subjectIdHash` so the sealed `subjectId` column never
+ * needs to be unsealed for the query. Safe on followers (read-only).
+ *
+ * @opts
+ *   subjectId: string,
+ *   purpose:   string,
+ *
+ * @example
+ *   if (!b.consent.isGranted({ subjectId: "u-42", purpose: "marketing" })) {
+ *     res.statusCode = 403;
+ *     return res.end("consent required");
+ *   }
+ *   // → true / false
+ */
 function isGranted(opts) {
   if (!opts || !opts.subjectId || !opts.purpose) {
     throw new Error("consent.isGranted requires { subjectId, purpose }");
@@ -117,6 +219,26 @@ function isGranted(opts) {
   return row.action === "granted";
 }
 
+/**
+ * @primitive  b.consent.history
+ * @signature  b.consent.history(subjectId)
+ * @since      0.1.0
+ * @status     stable
+ * @compliance gdpr, ccpa
+ * @related    b.consent.grant, b.consent.withdraw, b.subject.export
+ *
+ * Returns every consent_log row for `subjectId`, oldest first, decrypted
+ * by the framework's row reader. Composes into `b.subject.export` for
+ * GDPR Art. 15 / CCPA §1798.110 right-of-access responses without the
+ * caller having to walk the chain manually.
+ *
+ * @example
+ *   var rows = b.consent.history("u-42");
+ *   rows.forEach(function (r) {
+ *     console.log(r.recordedAt, r.purpose, r.action, r.lawfulBasis);
+ *   });
+ *   // → [{ recordedAt, purpose, action, lawfulBasis, channel, ... }]
+ */
 function history(subjectId) {
   if (!subjectId) throw new Error("consent.history requires a subjectId");
   var hash = db().hashFor("consent_log", "subjectId", subjectId);
@@ -130,6 +252,31 @@ function history(subjectId) {
   return rows;
 }
 
+/**
+ * @primitive  b.consent.verify
+ * @signature  b.consent.verify(opts)
+ * @since      0.1.0
+ * @status     stable
+ * @compliance gdpr, soc2
+ * @related    b.audit.verify, b.consent.grant
+ *
+ * Verify the consent_log hash chain end-to-end. Recomputes each row's
+ * `rowHash` from the sealed-form columns + nonce + `prevHash`, walking
+ * from genesis to tip. Returns `{ ok, rowsVerified, breakAt? }` — a
+ * regulator-ready integrity check that auditors can run without
+ * holding the vault key.
+ *
+ * @opts
+ *   from: number,                                 // optional monotonicCounter floor
+ *   to:   number,                                 // optional monotonicCounter ceiling
+ *
+ * @example
+ *   var report = await b.consent.verify();
+ *   if (!report.ok) {
+ *     console.error("consent chain break at row", report.breakAt);
+ *   }
+ *   // → { ok: true, rowsVerified: 1024 }
+ */
 async function verify(opts) {
   return await auditChain.verifyChain(
     function (sql, params) { return clusterStorage.executeAll(sql, params || []); },

package/lib/constants.js

@@ -171,6 +171,7 @@ var PQC_GROUPS = Object.freeze({
 var TLS_GROUP_PREFERENCE = Object.freeze([
   "SecP384r1MLKEM1024",
   "X25519MLKEM768",
+  "SecP256r1MLKEM768",
 ]);
 
 var TLS_GROUP_CURVE_STR = TLS_GROUP_PREFERENCE.join(":");