@blamejs/core 0.8.72 → 0.8.77

package/lib/compliance-ai-act.js

@@ -537,6 +537,162 @@ function deployerChecklist(assessment) {
   return items;
 }
 
+/**
+ * @primitive b.complianceAiAct.fundamentalRightsImpactAssessment
+ * @signature b.complianceAiAct.fundamentalRightsImpactAssessment(opts)
+ * @since     0.8.77
+ *
+ * EU AI Act Article 27 — Fundamental Rights Impact Assessment (FRIA).
+ * Mandatory for deployers of high-risk AI systems listed in Annex III
+ * §5 (creditworthiness scoring, life/health insurance risk), §6
+ * (law enforcement), §7 (migration/asylum), §8 (justice admin), public
+ * authorities, and any private body providing public services. Must
+ * be completed BEFORE the first use of the high-risk system, kept
+ * updated, and notified to the national market-surveillance authority.
+ *
+ * Returns the structured FRIA document scaffold — operator fills in
+ * the per-deployment specifics; the framework auto-populates the
+ * fields it can derive (system identification, GPAI classification
+ * if applicable, Annex IV reference, deployment-context audit hooks).
+ *
+ * @opts
+ *   {
+ *     systemId:               string,           // operator's high-risk system identifier
+ *     systemDescription:      { ... },          // forwarded to classify() for risk-tier verdict
+ *     deploymentContext:      { purpose, sector, geography, scale },
+ *     affectedPersons:        { categories: string[], estimatedCount: number },
+ *     risksToFundamentalRights: string[],       // operator-identified risks
+ *     mitigations:            string[],         // mitigations + monitoring per risk
+ *     humanOversight:         { roles: string[], escalationPath: string },
+ *     residualRisks:          string[],
+ *     reviewCadence:          string,            // e.g. "quarterly"
+ *   }
+ *
+ * @example
+ *   var fria = b.complianceAiAct.fundamentalRightsImpactAssessment({
+ *     systemId: "credit-scoring-v3",
+ *     deploymentContext: { purpose: "loan approval", sector: "financial",
+ *                          geography: "EU", scale: "1M decisions/year" },
+ *     affectedPersons:   { categories: ["EU consumers"], estimatedCount: 1000000 },
+ *     risksToFundamentalRights: ["discriminatory denial", "right to explanation"],
+ *     mitigations:       ["bias audit every 6 months", "human review threshold"],
+ *     humanOversight:    { roles: ["credit officer"], escalationPath: "ombudsman" },
+ *     reviewCadence:     "semi-annual",
+ *   });
+ */
+function fundamentalRightsImpactAssessment(opts) {
+  if (!opts || typeof opts !== "object") {
+    throw new Error("fundamentalRightsImpactAssessment: opts required");
+  }
+  validateOpts.requireNonEmptyString(opts.systemId, "systemId",
+    Error, "compliance-ai-act/no-system-id");
+  return {
+    "$schema":            "https://blamejs.com/schema/ai-act-fria-v1.json",
+    regulation:           "EU Regulation 2024/1689 — AI Act",
+    article:              "Article 27 (Fundamental Rights Impact Assessment)",
+    generatedAt:          new Date().toISOString(),
+    systemId:             opts.systemId,
+    classification:       opts.systemDescription ? classify(opts.systemDescription) : null,
+    deploymentContext:    opts.deploymentContext || {},
+    affectedPersons:      opts.affectedPersons   || { categories: [], estimatedCount: null },
+    risks:                opts.risksToFundamentalRights || [],
+    mitigations:          opts.mitigations              || [],
+    humanOversight:       opts.humanOversight           || { roles: [], escalationPath: null },
+    residualRisks:        opts.residualRisks            || [],
+    reviewCadence:        opts.reviewCadence || "annual",
+    notificationStatus:   "operator-must-notify",
+    note:                 "Notify national market-surveillance authority before first use (Art 27(3))",
+    auditHook:            "b.audit emission action='aiact.fria.completed' recommended",
+    annexIVReference:     "see b.complianceAiAct.annexIVScaffold for technical documentation",
+  };
+}
+
+/**
+ * @primitive b.complianceAiAct.gpai.trainingDataSummary
+ * @signature b.complianceAiAct.gpai.trainingDataSummary(opts)
+ * @since     0.8.77
+ *
+ * EU AI Act Article 53(1)(d) — GPAI training-data summary template
+ * compliant with the AI Office's template format (published in 2024,
+ * mandatory from 2026-08-02). The template requires categories of
+ * data, modalities, source provenance, copyright + licensing status,
+ * dataset sizes, dates of collection, and steps taken to identify +
+ * mitigate biases.
+ *
+ * Returns the JSON document operators publish under their `/.well-known/
+ * ai-training-data-summary` endpoint or attach to model cards.
+ *
+ * @opts
+ *   modelId:           string,    // required
+ *   modelVersion:      string,    // optional
+ *   provider:          object,    // { name, address, contact }
+ *   dataCategories:    string[],  // ["web-crawl", "books", "code", "synthetic", ...]
+ *   modalities:        string[],  // ["text", "image", "audio", "video"]
+ *   sources:           object[],  // { identifier, url, type, licenseStatus, size, collectedFrom, collectedTo }
+ *   copyrightStatus:   object,    // { respectsRightReservations, machineReadableSignalsObserved, tdmExceptionUsed }
+ *   biasMitigation:    object,    // { methodsApplied, auditCadence, remediations }
+ *   contentProvenance: object,    // { synthIdEmbed, c2paManifestEmbed, watermarkProvider }
+ *
+ * @example
+ *   var summary = b.complianceAiAct.gpai.trainingDataSummary({
+ *     modelId:        "acme-llm-7b",
+ *     modelVersion:   "1.0",
+ *     provider:       { name: "Acme AI", address: "1 St", contact: "ai@acme.example" },
+ *     dataCategories: ["web-crawl", "books", "code"],
+ *     modalities:     ["text"],
+ *     sources: [
+ *       { identifier: "CommonCrawl-2024", type: "web-crawl", licenseStatus: "permitted" },
+ *     ],
+ *     biasMitigation: { methodsApplied: ["demographic-balance"], auditCadence: "quarterly" },
+ *   });
+ */
+function trainingDataSummary(opts) {
+  if (!opts || typeof opts !== "object") {
+    throw new Error("trainingDataSummary: opts required");
+  }
+  validateOpts.requireNonEmptyString(opts.modelId, "modelId",
+    Error, "compliance-ai-act/no-model-id");
+  return {
+    "$schema":           "https://blamejs.com/schema/ai-act-gpai-training-summary-v1.json",
+    regulation:          "EU Regulation 2024/1689 — AI Act",
+    article:             "Article 53(1)(d) (GPAI training data summary)",
+    template:            "AI Office GPAI Training Data Summary Template",
+    generatedAt:         new Date().toISOString(),
+    modelId:             opts.modelId,
+    modelVersion:        opts.modelVersion || null,
+    provider:            opts.provider     || { name: null, address: null, contact: null },
+    dataCategories:      opts.dataCategories || [],            // ["web-crawl", "books", "code", "synthetic", ...]
+    modalities:          opts.modalities     || [],            // ["text", "image", "audio", "video"]
+    sources: (opts.sources || []).map(function (s) {
+      return {
+        identifier:    s.identifier,
+        url:           s.url || null,
+        type:          s.type || "unknown",
+        licenseStatus: s.licenseStatus || "unknown",
+        size:          s.size || null,
+        collectedFrom: s.collectedFrom || null,
+        collectedTo:   s.collectedTo   || null,
+      };
+    }),
+    copyrightStatus:     opts.copyrightStatus || {
+      respectsRightReservations: null,
+      machineReadableSignalsObserved: null,
+      tdmExceptionUsed: null,
+    },
+    biasMitigation: opts.biasMitigation || {
+      methodsApplied: [],
+      auditCadence:   "annual",
+      remediations:   [],
+    },
+    contentProvenance: opts.contentProvenance || {
+      synthIdEmbed:        false,
+      c2paManifestEmbed:   false,
+      watermarkProvider:   null,
+    },
+    note: "Publish at /.well-known/ai-training-data-summary or model card per AI Office template (mandatory 2026-08-02)",
+  };
+}
+
 module.exports = {
   classify:                  classify,
   deployerChecklist:         deployerChecklist,
@@ -545,9 +701,10 @@ module.exports = {
   transparency:              transparency,
   logging:                   logging,
   gpai: {
-    classify:        gpaiClassify,
-    listObligations: listGpaiObligations,
-    OBLIGATIONS:     GPAI_OBLIGATIONS,
+    classify:             gpaiClassify,
+    listObligations:      listGpaiObligations,
+    trainingDataSummary:  trainingDataSummary,
+    OBLIGATIONS:          GPAI_OBLIGATIONS,
   },
   articleObligations:        articleObligations,
   listArticles:              listArticles,
@@ -555,4 +712,5 @@ module.exports = {
   DEADLINES:                 DEADLINES,
   emitClassificationAudit:   emitClassificationAudit,
   annexIVScaffold:           annexIVScaffold,
+  fundamentalRightsImpactAssessment: fundamentalRightsImpactAssessment,
 };

package/lib/compliance.js

@@ -110,6 +110,32 @@ var KNOWN_POSTURES = Object.freeze([
   "nydfs-500",       // NYDFS 23 NYCRR 500 Amendment 2 — financial cybersecurity (multi-factor + asset inventory + governance)
   "hipaa-2026",      // HHS HIPAA Security Rule 2026-Q4 final — extends hipaa with mandatory MFA + asset inventory + 72h restoration testing
   "quebec-25",       // Quebec Law 25 final phase (effective 2026-09-22) — DPIA + automated-decision opt-out
+  // ---- v0.8.77 expansion — US state consumer-privacy postures ----
+  // Each posture carries per-state cure-period, profiling opt-out
+  // and minor-consent metadata via b.dsr.stateRules(state). The
+  // generic DSR primitive (b.dsr.submit) covers ~80% of the surface;
+  // these postures fill in the per-state drift.
+  "vcdpa",           // Virginia Consumer Data Protection Act
+  "co-cpa",          // Colorado Privacy Act
+  "ctdpa",           // Connecticut Data Privacy Act
+  "ucpa",            // Utah Consumer Privacy Act
+  "tdpsa",           // Texas Data Privacy and Security Act
+  "or-cpa",          // Oregon Consumer Privacy Act
+  "mt-cdpa",         // Montana Consumer Data Privacy Act
+  "ia-icdpa",        // Iowa Consumer Data Protection Act
+  "in-indpa",        // Indiana Consumer Data Protection Act
+  "de-dpdpa",        // Delaware Personal Data Privacy Act
+  "nh-nhpa",         // New Hampshire SB 255 Consumer Privacy Act
+  "nj-njdpa",        // New Jersey Data Privacy Act
+  "ky-kcdpa",        // Kentucky Consumer Data Protection Act
+  "tn-tipa",         // Tennessee Information Protection Act
+  "mn-mncdpa",       // Minnesota Consumer Data Privacy Act
+  "ri-ricpa",        // Rhode Island Consumer Privacy Act
+  "ne-dpa",          // Nebraska Data Privacy Act
+  "nv-sb370",        // Nevada SB 370 Consumer Health Data Privacy
+  "ca-aadc",         // California Age-Appropriate Design Code (partial preliminary injunction; track for re-enforcement)
+  "ct-sb3",          // Connecticut SB 3 Consumer Health Data
+  "tx-cubi",         // Texas Capture or Use of Biometric Identifier
 ]);
 
 var STATE = { posture: null, setAt: null };
@@ -493,6 +519,28 @@ var REGIME_MAP = Object.freeze({
     jurisdiction: "CA-QC",
     domain:      "privacy",
   },
+  // v0.8.77 — US state consumer-privacy postures
+  "vcdpa":     { name: "Virginia Consumer Data Protection Act",       citation: "Va. Code §59.1-575 et seq. (effective 2023-01-01)", jurisdiction: "US-VA", domain: "privacy" },
+  "co-cpa":    { name: "Colorado Privacy Act",                         citation: "C.R.S. §6-1-1301 et seq. (effective 2023-07-01)", jurisdiction: "US-CO", domain: "privacy" },
+  "ctdpa":     { name: "Connecticut Data Privacy Act",                 citation: "Conn. Gen. Stat. §42-515 et seq. (effective 2023-07-01)", jurisdiction: "US-CT", domain: "privacy" },
+  "ucpa":      { name: "Utah Consumer Privacy Act",                    citation: "Utah Code §13-61-101 et seq. (effective 2023-12-31)", jurisdiction: "US-UT", domain: "privacy" },
+  "tdpsa":     { name: "Texas Data Privacy and Security Act",          citation: "Tex. Bus. & Com. Code §541.001 et seq. (effective 2024-07-01)", jurisdiction: "US-TX", domain: "privacy" },
+  "or-cpa":    { name: "Oregon Consumer Privacy Act",                  citation: "Or. Rev. Stat. §646A.570 et seq. (effective 2024-07-01)", jurisdiction: "US-OR", domain: "privacy" },
+  "mt-cdpa":   { name: "Montana Consumer Data Privacy Act",            citation: "Mont. Code §30-14-2801 et seq. (effective 2024-10-01)", jurisdiction: "US-MT", domain: "privacy" },
+  "ia-icdpa":  { name: "Iowa Consumer Data Protection Act",            citation: "Iowa Code §715D (effective 2025-01-01)", jurisdiction: "US-IA", domain: "privacy" },
+  "in-indpa":  { name: "Indiana Consumer Data Protection Act",         citation: "Ind. Code §24-15 (effective 2026-01-01)", jurisdiction: "US-IN", domain: "privacy" },
+  "de-dpdpa":  { name: "Delaware Personal Data Privacy Act",           citation: "6 Del. Code Ch. 12D (effective 2026-01-01)", jurisdiction: "US-DE", domain: "privacy" },
+  "nh-nhpa":   { name: "New Hampshire SB 255 Consumer Privacy Act",    citation: "NH RSA Chapter 507-H (effective 2026-01-01)", jurisdiction: "US-NH", domain: "privacy" },
+  "nj-njdpa":  { name: "New Jersey Data Privacy Act",                  citation: "N.J. Rev. Stat. §56:8-166.4 et seq. (effective 2026-01-15)", jurisdiction: "US-NJ", domain: "privacy" },
+  "ky-kcdpa":  { name: "Kentucky Consumer Data Protection Act",        citation: "Ky. Rev. Stat. §367.3611 et seq. (effective 2026-01-01)", jurisdiction: "US-KY", domain: "privacy" },
+  "tn-tipa":   { name: "Tennessee Information Protection Act",         citation: "Tenn. Code §47-18-3201 et seq. (effective 2025-07-01)", jurisdiction: "US-TN", domain: "privacy" },
+  "mn-mncdpa": { name: "Minnesota Consumer Data Privacy Act",          citation: "Minn. Stat. §325O (effective 2026-07-31)", jurisdiction: "US-MN", domain: "privacy" },
+  "ri-ricpa":  { name: "Rhode Island Consumer Privacy Act",            citation: "R.I. Gen. Laws §6-48.1 (effective 2026-01-01)", jurisdiction: "US-RI", domain: "privacy" },
+  "ne-dpa":    { name: "Nebraska Data Privacy Act",                    citation: "Neb. Rev. Stat. §87-1101 et seq. (effective 2025-01-01)", jurisdiction: "US-NE", domain: "privacy" },
+  "nv-sb370":  { name: "Nevada SB 370 Consumer Health Data Privacy",   citation: "Nev. Rev. Stat. §603A (consumer-health amendments, effective 2024-03-31)", jurisdiction: "US-NV", domain: "health" },
+  "ca-aadc":   { name: "California Age-Appropriate Design Code Act",   citation: "Cal. Civ. Code §1798.99.28 et seq. (partial preliminary injunction NetChoice v. Bonta)", jurisdiction: "US-CA", domain: "privacy" },
+  "ct-sb3":    { name: "Connecticut SB 3 Consumer Health Data",        citation: "Conn. P.A. 23-56 (effective 2023-07-01)", jurisdiction: "US-CT", domain: "health" },
+  "tx-cubi":   { name: "Texas Capture or Use of Biometric Identifier", citation: "Tex. Bus. & Com. Code §503.001 (effective 2009-09-01)", jurisdiction: "US-TX", domain: "biometric" },
 });
 
 /**

package/lib/config.js

@@ -185,14 +185,25 @@ function create(opts) {
     return value;
   }
 
-  return {
-    value:     value,
+  // `.value` is a getter, not a captured property. Without this,
+  // `cfg.value.X` reads from the object that was current at create()
+  // and never reflects subsequent reload() updates — operators looking
+  // at `cfg.value.FEATURE_X` would see stale values forever, while
+  // `cfg.get("FEATURE_X")` saw fresh ones. The @primitive docs
+  // (loadDbBacked example) promise `cfg.value.X` always works, so the
+  // getter is the contract.
+  var handle = {
     get:       function (key) { return value[key]; },
     has:       function (key) { return Object.prototype.hasOwnProperty.call(value, key); },
     redacted:  redactedView,
     subscribe: subscribe,
     reload:    reload,
   };
+  Object.defineProperty(handle, "value", {
+    get: function () { return value; },
+    enumerable: true,
+  });
+  return handle;
 }
 
 /**
@@ -209,16 +220,35 @@ function create(opts) {
  * via the underlying handle's `reload`, and re-validates. Reload
  * failures emit a `config.reload.failed` audit row but DO NOT
  * clobber the previous value — the running app stays on the
- * last-good config. The returned handle is the same shape as
- * `create()` plus a `.stop()` method that halts the poller.
+ * last-good config.
+ *
+ * Returns immediately with a synchronous handle, but kicks off one
+ * immediate hydration tick on construction so the first DB read
+ * happens at t=0 rather than t=intervalMs. Callers that need to wait
+ * for first-data-applied can `await handle.hydrated` before the app
+ * starts serving traffic; the Promise resolves after the first tick
+ * settles (success OR audit-on-failure path) and never rejects, so
+ * the boot path never deadlocks on a temporarily-unreachable DB.
+ *
+ * The returned handle is the same shape as `create()` plus:
+ *   - `.hydrated` — Promise<void> for the first tick
+ *   - `.stop()`   — halts the poller
  *
  * @opts
- *   schema:      b.safeSchema instance (required),
- *   env:         object  (env baseline; default process.env),
- *   redactKeys:  Array<string>,
- *   fetchRows:   async () => Array<{ key: string, value: string }>  (required),
- *   intervalMs:  number   (positive finite poll interval),
- *   audit:       boolean  (default true; reserved for future per-poll audit),
+ *   schema:         b.safeSchema instance (required),
+ *   env:            object  (env baseline; default process.env),
+ *   redactKeys:     Array<string>,
+ *   fetchRows:      async () => Array<{ key: string, value: string }>  (required),
+ *   intervalMs:     number   (positive finite poll interval),
+ *   transformValue: (row) => string | Promise<string>   (optional per-row
+ *                   transform — receives `{ key, value, ...rest }` so the
+ *                   row can carry envelope metadata; returns the value
+ *                   that flows into the schema. Common shape: unseal a
+ *                   `b.vault`-sealed ciphertext column before validation.
+ *                   Rows whose transform throws or returns a non-string
+ *                   are skipped with a `config.reload.failed` audit so a
+ *                   single bad row never crashes the poller),
+ *   audit:          boolean  (default true; reserved for future per-poll audit),
  *
  * @example
  *   var s = b.safeSchema;
@@ -234,10 +264,23 @@ function create(opts) {
  *   });
  *   cfg.value.FEATURE_X;    // → false  (until first poll tick lands)
  *   cfg.stop();             // halt the poller on shutdown
+ *
+ * @example
+ *   // Sealed values — column stores `b.vault.seal(plain)` ciphertext.
+ *   var cfg = b.config.loadDbBacked({
+ *     schema:     s.object({ STRIPE_SECRET: s.string() }),
+ *     fetchRows:  async function () {
+ *       return await db.all("SELECT key, sealed FROM _config WHERE sealed IS NOT NULL");
+ *     },
+ *     transformValue: function (row) {
+ *       return b.vault.unseal(row.sealed).toString("utf8");
+ *     },
+ *     intervalMs: 30 * 1000,
+ *   });
  */
 function loadDbBacked(opts) {
   opts = opts || {};
-  validateOpts(opts, ["schema", "env", "redactKeys", "fetchRows", "intervalMs", "audit"],
+  validateOpts(opts, ["schema", "env", "redactKeys", "fetchRows", "intervalMs", "transformValue", "audit"],
     "config.loadDbBacked");
   if (typeof opts.fetchRows !== "function") {
     throw new ConfigError("config/bad-fetch-rows",
@@ -247,6 +290,9 @@ function loadDbBacked(opts) {
     throw new ConfigError("config/bad-interval",
       "loadDbBacked: opts.intervalMs must be a positive finite number");
   }
+  var transformValue = validateOpts.optionalFunction(
+    opts.transformValue, "loadDbBacked: opts.transformValue",
+    ConfigError, "config/bad-transform-value") || null;
   var cfg = create({ schema: opts.schema, env: opts.env, redactKeys: opts.redactKeys });
   var stopped = false;
   async function _tick() {
@@ -265,9 +311,32 @@ function loadDbBacked(opts) {
     if (!Array.isArray(rows)) return;
     var overlay = {};
     for (var i = 0; i < rows.length; i++) {
-      if (rows[i] && typeof rows[i].key === "string") {
-        overlay[rows[i].key] = rows[i].value;
+      var row = rows[i];
+      if (!row || typeof row.key !== "string") continue;
+      var value = row.value;
+      if (transformValue) {
+        try {
+          value = await transformValue(row);
+        } catch (e) {
+          try {
+            lazyAudit().safeEmit({
+              action: "config.reload.failed", outcome: "failure",
+              metadata: { phase: "transform", key: row.key, reason: e && e.message },
+            });
+          } catch (_e) { /* audit best-effort */ }
+          continue;
+        }
+        if (typeof value !== "string") {
+          try {
+            lazyAudit().safeEmit({
+              action: "config.reload.failed", outcome: "failure",
+              metadata: { phase: "transform", key: row.key, reason: "transformValue did not return a string" },
+            });
+          } catch (_e) { /* audit best-effort */ }
+          continue;
+        }
       }
+      overlay[row.key] = value;
     }
     try { cfg.reload(overlay); }
     catch (e) {
@@ -279,6 +348,14 @@ function loadDbBacked(opts) {
       } catch (_e) { /* audit best-effort */ }
     }
   }
+  // Fire one immediate hydration before the interval kicks in so
+  // callers can `await cfg.hydrated` and not get an empty config window
+  // (env defaults only) for the first intervalMs of process lifetime.
+  // The interval still fires every intervalMs afterwards for ongoing
+  // drift detection. The hydration Promise NEVER rejects — _tick
+  // swallows fetch / transform / validate failures via audit, matching
+  // the established "last-good config stays in place" contract.
+  cfg.hydrated = _tick();
   var handle = safeAsync.repeating(_tick, opts.intervalMs, { name: "config-db-reload" });
   cfg.stop = function () { stopped = true; if (handle) { handle.stop(); handle = null; } };
   return cfg;

package/lib/content-credentials.js

@@ -327,11 +327,238 @@ function verify(envelope, publicKeyPem, opts) {
   return { valid: true, claims: envelope.manifest, reason: null };
 }
 
+// ---- C2PA 2.x COSE_Sign1 interop wrapper -------------------------
+//
+// Framework's `sign()` produces a JCS-canonicalized + ML-DSA-87/SLH-DSA
+// signature shape — fine for blamejs-internal verifiers but does NOT
+// interop with the c2patool / JPEG Trust / Adobe verifiers, which
+// expect COSE_Sign1 (RFC 9052) per C2PA spec §11.
+//
+// `signCose` wraps the same manifest payload in a minimal COSE_Sign1
+// CBOR structure with:
+//   - protected header { 1: alg }  (RFC 9052 §3.1)
+//   - unprotected header { 33: x5chain } if certChain supplied
+//   - payload: the JCS-canonicalized manifest bytes
+//   - signature: the ML-DSA-87 / Ed25519 signature
+//
+// The CBOR is hand-encoded — keeps the framework's "zero npm runtime
+// deps" rule intact. Verifiers consume the bytes via standard COSE
+// libraries (jose-py / c2pa-rs / etc.).
+
+// COSE algorithm registry codepoints (RFC 9053 §2.1 + draft-ietf-cose-* for PQ).
+// allow:raw-byte-literal — IANA registry IDs, not byte counts.
+var COSE_ALGS = {
+  "ed25519":    -8,    // allow:raw-byte-literal — COSE alg id
+  "es256":      -7,    // allow:raw-byte-literal — COSE alg id
+  "es384":      -35,   // allow:raw-byte-literal — COSE alg id
+  "es512":      -36,   // allow:raw-byte-literal — COSE alg id
+  "ml-dsa-44":  -48,   // allow:raw-byte-literal — COSE alg id (draft)
+  "ml-dsa-65":  -49,   // allow:raw-byte-literal — COSE alg id (draft)
+  "ml-dsa-87":  -50,   // allow:raw-byte-literal — COSE alg id (draft)
+  "slh-dsa-sha2-128s":   -51,   // allow:raw-byte-literal — COSE alg id (draft)
+  "slh-dsa-shake-256f":  -56,   // allow:raw-byte-literal — COSE alg id (draft)
+};
+
+// CBOR encoder (RFC 8949 §3). The integer thresholds 24/256/65536/4294967296
+// are CBOR-spec length-encoding boundaries — not byte counts.
+// allow:raw-byte-literal — CBOR encoding thresholds, not byte counts.
+function _cborUint(n) {
+  if (n < 24)         return Buffer.from([n]);                                                                                                // allow:raw-byte-literal — CBOR threshold
+  if (n < 256)        return Buffer.from([0x18, n]);                                                                                          // allow:raw-byte-literal — CBOR threshold
+  if (n < 65536)      return Buffer.from([0x19, (n >> 8) & 0xFF, n & 0xFF]);                                                                  // allow:raw-byte-literal — CBOR threshold
+  if (n < 4294967296) return Buffer.from([0x1A, (n >> 24) & 0xFF, (n >> 16) & 0xFF, (n >> 8) & 0xFF, n & 0xFF]);                              // allow:raw-byte-literal — CBOR threshold
+  throw ContentCredentialsError.factory("CBOR_OVERFLOW", "cbor uint too large: " + n);
+}
+
+function _cborNint(n) {
+  var v = -1 - n;
+  if (v < 24)    return Buffer.from([0x20 | v]);                                                                                              // allow:raw-byte-literal — CBOR threshold
+  if (v < 256)   return Buffer.from([0x38, v]);                                                                                               // allow:raw-byte-literal — CBOR threshold
+  if (v < 65536) return Buffer.from([0x39, (v >> 8) & 0xFF, v & 0xFF]);                                                                       // allow:raw-byte-literal — CBOR threshold
+  return Buffer.from([0x3A, (v >> 24) & 0xFF, (v >> 16) & 0xFF, (v >> 8) & 0xFF, v & 0xFF]);
+}
+
+function _cborInt(n) {
+  return n >= 0 ? _cborUint(n) : _cborNint(n);
+}
+
+function _cborBytes(buf) {
+  var n = buf.length;
+  var head;
+  if (n < 24)         head = Buffer.from([0x40 | n]);                                                                                          // allow:raw-byte-literal — CBOR threshold
+  else if (n < 256)   head = Buffer.from([0x58, n]);                                                                                           // allow:raw-byte-literal — CBOR threshold
+  else if (n < 65536) head = Buffer.from([0x59, (n >> 8) & 0xFF, n & 0xFF]);                                                                   // allow:raw-byte-literal — CBOR threshold
+  else                head = Buffer.from([0x5A, (n >>> 24) & 0xFF, (n >> 16) & 0xFF, (n >> 8) & 0xFF, n & 0xFF]);
+  return Buffer.concat([head, buf]);
+}
+
+function _cborArrayHeader(n) {
+  if (n < 24)    return Buffer.from([0x80 | n]);                                                                                               // allow:raw-byte-literal — CBOR threshold
+  if (n < 256)   return Buffer.from([0x98, n]);                                                                                                // allow:raw-byte-literal — CBOR threshold
+  if (n < 65536) return Buffer.from([0x99, (n >> 8) & 0xFF, n & 0xFF]);                                                                        // allow:raw-byte-literal — CBOR threshold
+  throw ContentCredentialsError.factory("CBOR_OVERFLOW", "cbor array too large: " + n);
+}
+
+function _cborMapHeader(n) {
+  if (n < 24)    return Buffer.from([0xA0 | n]);                                                                                               // allow:raw-byte-literal — CBOR threshold
+  if (n < 256)   return Buffer.from([0xB8, n]);                                                                                                // allow:raw-byte-literal — CBOR threshold
+  throw ContentCredentialsError.factory("CBOR_OVERFLOW", "cbor map too large: " + n);
+}
+
+function _cborTag(tag) {
+  if (tag < 24)         return Buffer.from([0xC0 | tag]);                                                                                      // allow:raw-byte-literal — CBOR threshold
+  if (tag < 256)        return Buffer.from([0xD8, tag]);                                                                                       // allow:raw-byte-literal — CBOR threshold
+  if (tag < 65536)      return Buffer.from([0xD9, (tag >> 8) & 0xFF, tag & 0xFF]);                                                             // allow:raw-byte-literal — CBOR threshold
+  return Buffer.from([0xDA, (tag >> 24) & 0xFF, (tag >> 16) & 0xFF, (tag >> 8) & 0xFF, tag & 0xFF]);
+}
+
+/**
+ * @primitive b.contentCredentials.signCose
+ * @signature b.contentCredentials.signCose(manifest, opts)
+ * @since     0.8.77
+ * @related   b.contentCredentials.sign
+ *
+ * C2PA 2.x interop sign — wraps the manifest in a COSE_Sign1 CBOR
+ * envelope (RFC 9052) so the result interops with c2patool / JPEG
+ * Trust / Adobe / external C2PA verifiers. The simpler `sign()`
+ * primitive ships a blamejs-internal envelope shape; this one ships
+ * COSE bytes.
+ *
+ * Returns `{ manifest, coseSign1: Buffer, alg }`. Operators embed
+ * the `coseSign1` Buffer in the image's C2PA box (JPEG XT marker,
+ * PNG iTXt chunk, MP4 'jumb' box per C2PA §13).
+ *
+ * @opts
+ *   {
+ *     privateKeyPem: string,            // required
+ *     alg?:          "ed25519" | "es256" | "es384" | "es512" |
+ *                    "ml-dsa-44" | "ml-dsa-65" | "ml-dsa-87" |
+ *                    "slh-dsa-shake-256f",   // default "ml-dsa-87"
+ *     certChain?:    Buffer[],          // X.509 DER buffers; emitted as x5chain (header label 33)
+ *     audit?:        boolean,           // default true
+ *   }
+ *
+ * @example
+ *   var pair = b.crypto.generateSigningKeyPair("ml-dsa-87");
+ *   var manifest = b.contentCredentials.build({
+ *     provider: "Acme AI", system: "acme-v3",
+ *     systemVersion: "3.2.1", contentId: "img-001",
+ *   });
+ *   var cose = b.contentCredentials.signCose(manifest, {
+ *     privateKeyPem: pair.privateKey,
+ *     alg:           "ml-dsa-87",
+ *   });
+ *   // cose.coseSign1 is the CBOR bytes to embed in the image's C2PA box.
+ */
+function signCose(manifest, opts) {
+  opts = opts || {};
+  if (!manifest || typeof manifest !== "object") {
+    throw ContentCredentialsError.factory("BAD_MANIFEST",
+      "contentCredentials.signCose: manifest required");
+  }
+  validateOpts.requireNonEmptyString(opts.privateKeyPem,
+    "contentCredentials.signCose: privateKeyPem", ContentCredentialsError, "BAD_KEY");
+  var algName = (opts.alg || "ml-dsa-87").toLowerCase();
+  if (!(algName in COSE_ALGS)) {
+    throw ContentCredentialsError.factory("BAD_ALG",
+      "contentCredentials.signCose: alg '" + algName +
+      "' not in COSE alg registry. Known: " + Object.keys(COSE_ALGS).join(", "));
+  }
+  var algId = COSE_ALGS[algName];
+
+  // Protected header: map { 1: alg }
+  var protBytes = Buffer.concat([
+    _cborMapHeader(1),
+    _cborInt(1),               // key: 1 (alg)
+    _cborInt(algId),           // value: COSE alg id
+  ]);
+  var protectedBstr = _cborBytes(protBytes);
+
+  // Unprotected header: map { 33: x5chain } when cert chain supplied;
+  // else empty map {}.
+  var unprotectedHdr;
+  if (Array.isArray(opts.certChain) && opts.certChain.length > 0) {
+    var chainArray;
+    if (opts.certChain.length === 1) {
+      // Single-cert form: header value is the DER bytes directly.
+      chainArray = _cborBytes(opts.certChain[0]);
+    } else {
+      var chainBufs = [_cborArrayHeader(opts.certChain.length)];
+      opts.certChain.forEach(function (der) {
+        chainBufs.push(_cborBytes(der));
+      });
+      chainArray = Buffer.concat(chainBufs);
+    }
+    unprotectedHdr = Buffer.concat([
+      _cborMapHeader(1),
+      _cborInt(33),             // allow:raw-byte-literal allow:raw-time-literal — RFC 9360 x5chain header label, not a duration
+      chainArray,
+    ]);
+  } else {
+    unprotectedHdr = _cborMapHeader(0);                // empty {}
+  }
+
+  // Payload — canonicalized manifest bytes.
+  var canonicalPayload = Buffer.from(canonicalJson.stringify(manifest), "utf8");
+  var payloadBstr      = _cborBytes(canonicalPayload);
+
+  // Sig_structure per RFC 9052 §4.4: ["Signature1", protected, external_aad="", payload]
+  var sigStructureBufs = [
+    _cborArrayHeader(4),
+    Buffer.concat([_cborBytes(Buffer.from("Signature1", "utf8"))]),
+    protectedBstr,
+    _cborBytes(Buffer.alloc(0)),                       // external_aad (empty)
+    payloadBstr,
+  ];
+  // First entry is the text string "Signature1" — major-type 3
+  var sigText = Buffer.from("Signature1", "utf8");
+  var sigTextBstr;
+  if (sigText.length < 24)      sigTextBstr = Buffer.concat([Buffer.from([0x60 | sigText.length]), sigText]);                                 // allow:raw-byte-literal — CBOR text-string threshold
+  else                          sigTextBstr = Buffer.concat([Buffer.from([0x78, sigText.length]), sigText]);
+  sigStructureBufs[1] = sigTextBstr;
+  var toBeSigned = Buffer.concat(sigStructureBufs);
+
+  // Sign with framework's b.crypto.sign — algorithm picked from the PEM.
+  var signature = crypto.sign(toBeSigned, opts.privateKeyPem);
+
+  // COSE_Sign1 = tagged-18 array [protected, unprotected, payload, signature]
+  var coseSign1 = Buffer.concat([
+    _cborTag(18),                                      // CBOR tag 18 = COSE_Sign1
+    _cborArrayHeader(4),
+    protectedBstr,
+    unprotectedHdr,
+    payloadBstr,
+    _cborBytes(signature),
+  ]);
+
+  if (opts.audit !== false) {
+    audit.safeEmit({
+      action:   "contentcredentials.signed_cose",
+      outcome:  "success",
+      metadata: {
+        provider:   manifest.provider && manifest.provider.name,
+        system:     manifest.system   && manifest.system.id,
+        contentId:  manifest.content  && manifest.content.id,
+        alg:        algName,
+        bytes:      coseSign1.length,
+      },
+    });
+  }
+
+  return {
+    manifest:  manifest,
+    coseSign1: coseSign1,
+    alg:       algName,
+  };
+}
+
 module.exports = {
   build:      build,
   sign:       sign,
+  signCose:   signCose,
   verify:     verify,
   required:   required,
   REQUIRED_FIELDS: REQUIRED_FIELDS.slice(),
+  COSE_ALGS:  Object.assign({}, COSE_ALGS),
   ContentCredentialsError: ContentCredentialsError,
 };