npm - @brightchain/brightchain-lib - Versions diffs - 0.19.0 → 0.20.0 - Mend

@brightchain/brightchain-lib 0.19.0 → 0.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (273) hide show

package/src/lib/interfaces/responses/backupCodesResponseData.d.ts CHANGED Viewed

@@ -1,11 +1,9 @@
 /**
- * Platform-agnostic base data interface for backup code generation/reset responses.
+ * Platform-agnostic base data interface for backup codes responses.
  * Used by both frontend and backend consumers.
+ * Matches express-suite IApiBackupCodesResponse shape (minus IApiMessageResponse).
  */
 export interface IBackupCodesResponseData {
-    /**
-     * Array of newly generated backup codes
-     */
-    backupCodes: string[];
+    backupCodes: Array<string>;
 }
 //# sourceMappingURL=backupCodesResponseData.d.ts.map

package/src/lib/interfaces/responses/backupCodesResponseData.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"backupCodesResponseData.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/backupCodesResponseData.ts"],"names":[],"mappings":"AAAA~~;;;GAGG~~;AACH,MAAM,WAAW,wBAAwB;IACvC~~;;OAEG;IACH~~,WAAW,EAAE,MAAM,~~EAAE~~,CAAC;~~CACvB~~"}
1	+ {"version":3,"file":"backupCodesResponseData.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/backupCodesResponseData.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,wBAAwB;IACvC,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;CAC5B"}

package/src/lib/interfaces/responses/challengeResponseData.d.ts CHANGED Viewed

@@ -1,11 +1,16 @@
 /**
  * Platform-agnostic base data interface for login challenge generation responses.
  * Used by both frontend and backend consumers.
+ * Matches express-suite IApiChallengeResponse shape.
  */
 export interface IChallengeResponseData {
     /**
      * The generated challenge string
      */
     challenge: string;
+    /**
+     * Server's public key for encrypting the response
+     */
+    serverPublicKey: string;
 }
 //# sourceMappingURL=challengeResponseData.d.ts.map

package/src/lib/interfaces/responses/challengeResponseData.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"challengeResponseData.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/challengeResponseData.ts"],"names":[],"mappings":"AAAA~~;;;GAGG~~;AACH,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;~~CACnB~~"}
1	+ {"version":3,"file":"challengeResponseData.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/challengeResponseData.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,eAAe,EAAE,MAAM,CAAC;CACzB"}

package/src/lib/interfaces/responses/codeCountResponseData.d.ts CHANGED Viewed

@@ -1,11 +1,9 @@
 /**
- * Platform-agnostic base data interface for backup code count query responses.
+ * Platform-agnostic base data interface for code count responses.
  * Used by both frontend and backend consumers.
+ * Matches express-suite IApiCodeCountResponse shape (minus IApiMessageResponse).
  */
 export interface ICodeCountResponseData {
-    /**
-     * Number of remaining backup codes
-     */
-    count: number;
+    codeCount: number;
 }
 //# sourceMappingURL=codeCountResponseData.d.ts.map

package/src/lib/interfaces/responses/codeCountResponseData.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"codeCountResponseData.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/codeCountResponseData.ts"],"names":[],"mappings":"AAAA~~;;;GAGG~~;AACH,MAAM,WAAW,sBAAsB;IACrC~~;;OAEG;IACH~~,~~KAAK~~,EAAE,MAAM,CAAC;~~CACf~~"}
1	+ {"version":3,"file":"codeCountResponseData.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/codeCountResponseData.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,MAAM,CAAC;CACnB"}

package/src/lib/interfaces/responses/index.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
-export type * from './communicationResponses';
 export type * from './backupCodesResponseData';
-export type * from './challengeResponseData';
 export type * from './codeCountResponseData';
+export type * from './communicationResponses';
+export type * from './challengeResponseData';
 export type * from './cryptoResponses';
 export type * from './detailedHealthResponse';
 export type * from './deviceResponses';
@@ -19,8 +19,10 @@ export type * from './listNodesResponse';
 export type * from './loginResponseData';
 export type * from './membersResponseData';
 export type * from './mnemonicResponseData';
+export type * from './passwordChangeResponse';
 export type * from './queryMessageResponse';
 export type * from './reconcileResponse';
+export type * from './recoveryResponse';
 export type * from './registerNodeResponse';
 export type * from './registrationResponseData';
 export type * from './replicateBlockResponse';

package/src/lib/interfaces/responses/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/index.ts"],"names":[],"mappings":"AAAA,mBAAmB,~~0BAA0B,CAAC;AAI9C,mBAAmB,~~2BAA2B,CAAC;AAC/C,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,sBAAsB,CAAC;AAC1C,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,kBAAkB,CAAC;AACtC,mBAAmB,6BAA6B,CAAC;AACjD,mBAAmB,YAAY,CAAC;AAChC,mBAAmB,UAAU,CAAC;AAC9B,mBAAmB,sBAAsB,CAAC;AAC1C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,kBAAkB,CAAC;AACtC,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,4BAA4B,CAAC;AAChD,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,2BAA2B,CAAC;AAC/C,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,cAAc,CAAC;AAClC,mBAAmB,YAAY,CAAC;AAChC,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,uBAAuB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/index.ts"],"names":[],"mappings":"AAAA,mBAAmB,2BAA2B,CAAC;AAC/C,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,0BAA0B,CAAC;AAI9C,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,sBAAsB,CAAC;AAC1C,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,kBAAkB,CAAC;AACtC,mBAAmB,6BAA6B,CAAC;AACjD,mBAAmB,YAAY,CAAC;AAChC,mBAAmB,UAAU,CAAC;AAC9B,mBAAmB,sBAAsB,CAAC;AAC1C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,kBAAkB,CAAC;AACtC,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,oBAAoB,CAAC;AACxC,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,4BAA4B,CAAC;AAChD,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,2BAA2B,CAAC;AAC/C,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,cAAc,CAAC;AAClC,mBAAmB,YAAY,CAAC;AAChC,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,uBAAuB,CAAC"}

package/src/lib/interfaces/responses/passwordChangeResponse.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export type { IPasswordChangeResponse } from '../userManagement';
2	+ //# sourceMappingURL=passwordChangeResponse.d.ts.map

package/src/lib/interfaces/responses/passwordChangeResponse.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"passwordChangeResponse.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/passwordChangeResponse.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC"}

package/src/lib/interfaces/responses/passwordChangeResponse.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=passwordChangeResponse.js.map

package/src/lib/interfaces/responses/passwordChangeResponse.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"passwordChangeResponse.js","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/passwordChangeResponse.ts"],"names":[],"mappings":""}

package/src/lib/interfaces/responses/recoveryResponse.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export type { IRecoveryResponse } from '../userManagement';
2	+ //# sourceMappingURL=recoveryResponse.d.ts.map

package/src/lib/interfaces/responses/recoveryResponse.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"recoveryResponse.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/recoveryResponse.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC"}

package/src/lib/interfaces/responses/recoveryResponse.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=recoveryResponse.js.map

package/src/lib/interfaces/responses/recoveryResponse.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"recoveryResponse.js","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/recoveryResponse.ts"],"names":[],"mappings":""}

package/src/lib/interfaces/responses/registrationResponseData.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
-import { SecureString } from '@digitaldefiance/ecies-lib';
 /**
  * Platform-agnostic base data interface for successful user registration responses.
  * Used by both frontend and backend consumers.
+ * Matches express-suite IApiRegistrationResponse shape.
  */
 export interface IRegistrationResponseData {
     /**
@@ -11,6 +11,6 @@ export interface IRegistrationResponseData {
     /**
      * Array of backup codes for account recovery
      */
-    backupCodes: SecureString[];
+    backupCodes: Array<string>;
 }
 //# sourceMappingURL=registrationResponseData.d.ts.map

package/src/lib/interfaces/responses/registrationResponseData.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"registrationResponseData.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/registrationResponseData.ts"],"names":[],"mappings":"AAAA~~,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC~~;~~AAE1D;;;GAGG;~~AACH,MAAM,WAAW,yBAAyB;IACxC;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,WAAW,EAAE,~~YAAY~~,~~EAAE~~,CAAC;~~CAC7B~~"}
1	+ {"version":3,"file":"registrationResponseData.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/responses/registrationResponseData.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,yBAAyB;IACxC;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;CAC5B"}

package/src/lib/interfaces/services/contentIngestion.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * @fileoverview IContentIngestionService interface.
+ *
+ * Defines the contract for content ingestion middleware that validates
+ * identity and seals identity shards before accepting content into the block store.
+ *
+ * @see Requirements 16
+ * @see Design: Content Ingestion Pipeline Integration (Task 19)
+ */
+import { PlatformID, ShortHexGuid } from '@digitaldefiance/ecies-lib';
+import { IdentityValidationErrorType } from '../../enumerations/identityValidationErrorType';
+import { ContentWithIdentity, IdentityMode } from '../contentWithIdentity';
+/**
+ * Result of content ingestion processing.
+ * @template TID - Platform ID type for frontend/backend DTO compatibility
+ */
+export interface ContentIngestionResult<TID extends PlatformID = Uint8Array> {
+    /** Whether the content was accepted */
+    accepted: boolean;
+    /** The content with identity replaced (after sealing) */
+    processedContent: ContentWithIdentity<TID>;
+    /** The identity recovery record ID (from sealing pipeline) */
+    recoveryRecordId: ShortHexGuid;
+    /** The detected identity mode */
+    identityMode: IdentityMode;
+    /** The resolved real member ID (for real/alias modes) */
+    resolvedMemberId?: ShortHexGuid;
+}
+/**
+ * Rejection result when content ingestion fails.
+ */
+export interface ContentIngestionRejection {
+    /** Whether the content was accepted (always false) */
+    accepted: false;
+    /** The reason for rejection */
+    reason: string;
+    /** The specific error type for programmatic handling */
+    errorType: IdentityValidationErrorType | 'IDENTITY_SEALING_FAILED';
+}
+/**
+ * Interface for content ingestion middleware.
+ *
+ * Orchestrates the identity validation and sealing pipeline:
+ * 1. Validates content identity via IIdentityValidator
+ * 2. Seals identity via IIdentitySealingPipeline (generates shards, replaces identity)
+ * 3. Returns processed content ready for block store acceptance
+ *
+ * @template TID - Platform ID type for frontend/backend DTO compatibility
+ */
+export interface IContentIngestionService<TID extends PlatformID = Uint8Array> {
+    /**
+     * Process content through identity validation and sealing before block store acceptance.
+     *
+     * @param content - The content with identity to validate and seal
+     * @returns Ingestion result with processed content and recovery record ID
+     * @throws IdentityValidationError if identity validation fails
+     * @throws QuorumError if identity sealing fails
+     */
+    processContent(content: ContentWithIdentity<TID>): Promise<ContentIngestionResult<TID>>;
+}
+//# sourceMappingURL=contentIngestion.d.ts.map

package/src/lib/interfaces/services/contentIngestion.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"contentIngestion.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/contentIngestion.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAE,2BAA2B,EAAE,MAAM,gDAAgD,CAAC;AAC7F,OAAO,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAE3E;;;GAGG;AACH,MAAM,WAAW,sBAAsB,CAAC,GAAG,SAAS,UAAU,GAAG,UAAU;IACzE,uCAAuC;IACvC,QAAQ,EAAE,OAAO,CAAC;IAClB,yDAAyD;IACzD,gBAAgB,EAAE,mBAAmB,CAAC,GAAG,CAAC,CAAC;IAC3C,8DAA8D;IAC9D,gBAAgB,EAAE,YAAY,CAAC;IAC/B,iCAAiC;IACjC,YAAY,EAAE,YAAY,CAAC;IAC3B,yDAAyD;IACzD,gBAAgB,CAAC,EAAE,YAAY,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,sDAAsD;IACtD,QAAQ,EAAE,KAAK,CAAC;IAChB,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,wDAAwD;IACxD,SAAS,EAAE,2BAA2B,GAAG,yBAAyB,CAAC;CACpE;AAED;;;;;;;;;GASG;AACH,MAAM,WAAW,wBAAwB,CAAC,GAAG,SAAS,UAAU,GAAG,UAAU;IAC3E;;;;;;;OAOG;IACH,cAAc,CACZ,OAAO,EAAE,mBAAmB,CAAC,GAAG,CAAC,GAChC,OAAO,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC;CACzC"}

package/src/lib/interfaces/services/contentIngestion.js ADDED Viewed

@@ -0,0 +1,12 @@
+"use strict";
+/**
+ * @fileoverview IContentIngestionService interface.
+ *
+ * Defines the contract for content ingestion middleware that validates
+ * identity and seals identity shards before accepting content into the block store.
+ *
+ * @see Requirements 16
+ * @see Design: Content Ingestion Pipeline Integration (Task 19)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=contentIngestion.js.map

package/src/lib/interfaces/services/contentIngestion.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"contentIngestion.js","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/contentIngestion.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG"}

package/src/lib/interfaces/services/expirationScheduler.d.ts ADDED Viewed

@@ -0,0 +1,55 @@
+/**
+ * @fileoverview IExpirationScheduler interface with ExpirationSchedulerConfig and ExpirationResult.
+ *
+ * Periodic background task that purges expired IdentityRecoveryRecord entries,
+ * implementing the digital statute of limitations.
+ *
+ * @see Requirements 17
+ */
+import { ShortHexGuid } from '@digitaldefiance/ecies-lib';
+/**
+ * Configuration for the expiration scheduler.
+ */
+export interface ExpirationSchedulerConfig {
+    /** Interval between expiration checks in milliseconds. Default: 86400000 (24 hours) */
+    intervalMs: number;
+    /** Number of expired records to process per batch. Default: 100 */
+    batchSize: number;
+}
+/**
+ * Result of a single expiration check run.
+ */
+export interface ExpirationResult {
+    /** Number of identity recovery records successfully deleted */
+    deletedCount: number;
+    /** IDs of records that failed to delete */
+    failedIds: ShortHexGuid[];
+    /** True if the batch was full, indicating more expired records may exist */
+    nextBatchAvailable: boolean;
+}
+/**
+ * Interface for the expiration scheduler.
+ *
+ * Runs periodically to purge expired IdentityRecoveryRecord entries,
+ * permanently deleting identity recovery shards after the statute of
+ * limitations expires. Each deletion is recorded in the chained audit log.
+ */
+export interface IExpirationScheduler {
+    /**
+     * Start the periodic expiration check.
+     * Uses the configured interval from ExpirationSchedulerConfig.
+     */
+    start(): void;
+    /**
+     * Stop the periodic expiration check.
+     */
+    stop(): void;
+    /**
+     * Run a single expiration check immediately.
+     * Queries expired records, deletes shards, appends audit entries.
+     * If the batch was full, sets nextBatchAvailable to true.
+     * @returns The result of the expiration check
+     */
+    runOnce(): Promise<ExpirationResult>;
+}
+//# sourceMappingURL=expirationScheduler.d.ts.map

package/src/lib/interfaces/services/expirationScheduler.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"expirationScheduler.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/expirationScheduler.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAE1D;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,uFAAuF;IACvF,UAAU,EAAE,MAAM,CAAC;IACnB,mEAAmE;IACnE,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,+DAA+D;IAC/D,YAAY,EAAE,MAAM,CAAC;IACrB,2CAA2C;IAC3C,SAAS,EAAE,YAAY,EAAE,CAAC;IAC1B,4EAA4E;IAC5E,kBAAkB,EAAE,OAAO,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,KAAK,IAAI,IAAI,CAAC;IAEd;;OAEG;IACH,IAAI,IAAI,IAAI,CAAC;IAEb;;;;;OAKG;IACH,OAAO,IAAI,OAAO,CAAC,gBAAgB,CAAC,CAAC;CACtC"}

package/src/lib/interfaces/services/expirationScheduler.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+/**
+ * @fileoverview IExpirationScheduler interface with ExpirationSchedulerConfig and ExpirationResult.
+ *
+ * Periodic background task that purges expired IdentityRecoveryRecord entries,
+ * implementing the digital statute of limitations.
+ *
+ * @see Requirements 17
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=expirationScheduler.js.map

package/src/lib/interfaces/services/expirationScheduler.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"expirationScheduler.js","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/expirationScheduler.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG"}

package/src/lib/interfaces/services/identitySealingPipeline.d.ts ADDED Viewed

@@ -0,0 +1,56 @@
+/**
+ * @fileoverview IIdentitySealingPipeline interface.
+ *
+ * Orchestrates the brokered anonymity flow: captures real identity,
+ * generates Shamir shards, replaces identity field, distributes
+ * encrypted shards, and discards plaintext.
+ *
+ * @see Requirements 14
+ */
+import { PlatformID, ShortHexGuid } from '@digitaldefiance/ecies-lib';
+import { ContentWithIdentity, IdentityMode } from '../contentWithIdentity';
+/**
+ * Result of the identity sealing pipeline.
+ * @template TID - Platform ID type for frontend/backend DTO compatibility
+ */
+export interface IdentitySealingResult<TID extends PlatformID = Uint8Array> {
+    /** Content with identity field replaced according to the selected mode */
+    modifiedContent: ContentWithIdentity<TID>;
+    /** ID of the stored identity recovery record */
+    recoveryRecordId: ShortHexGuid;
+}
+/**
+ * Interface for the identity sealing pipeline.
+ *
+ * Processes content through the brokered anonymity flow:
+ * 1. Captures the real creator identity
+ * 2. Generates Shamir shards from the identity
+ * 3. Replaces the identity field (real/alias/anonymous)
+ * 4. Encrypts shards per quorum member via ECIES
+ * 5. Stores the IdentityRecoveryRecord
+ * 6. Discards the original plaintext identity from memory
+ *
+ * @template TID - Platform ID type for frontend/backend DTO compatibility
+ */
+export interface IIdentitySealingPipeline<TID extends PlatformID = Uint8Array> {
+    /**
+     * Process content through the identity sealing pipeline.
+     * Returns the content with identity replaced and the identity recovery record ID.
+     * @param content - The content with real identity to seal
+     * @param mode - The identity mode (real, alias, or anonymous)
+     * @param aliasName - Required when mode is Alias
+     * @returns The modified content and recovery record ID
+     * @throws QuorumError with IdentitySealingFailed if shard generation or distribution fails
+     * @throws QuorumError with ShardVerificationFailed if shard verification fails
+     */
+    sealIdentity(content: ContentWithIdentity<TID>, mode: IdentityMode, aliasName?: string): Promise<IdentitySealingResult<TID>>;
+    /**
+     * Recover a sealed identity given sufficient decrypted shares.
+     * @param recoveryRecordId - The ID of the identity recovery record
+     * @param decryptedShares - Map of member ID to decrypted share string
+     * @returns The recovered real identity
+     * @throws QuorumError with InsufficientSharesForReconstruction if not enough shares
+     */
+    recoverIdentity(recoveryRecordId: ShortHexGuid, decryptedShares: Map<ShortHexGuid, string>): Promise<TID>;
+}
+//# sourceMappingURL=identitySealingPipeline.d.ts.map

package/src/lib/interfaces/services/identitySealingPipeline.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"identitySealingPipeline.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/identitySealingPipeline.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAE3E;;;GAGG;AACH,MAAM,WAAW,qBAAqB,CAAC,GAAG,SAAS,UAAU,GAAG,UAAU;IACxE,0EAA0E;IAC1E,eAAe,EAAE,mBAAmB,CAAC,GAAG,CAAC,CAAC;IAC1C,gDAAgD;IAChD,gBAAgB,EAAE,YAAY,CAAC;CAChC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,wBAAwB,CAAC,GAAG,SAAS,UAAU,GAAG,UAAU;IAC3E;;;;;;;;;OASG;IACH,YAAY,CACV,OAAO,EAAE,mBAAmB,CAAC,GAAG,CAAC,EACjC,IAAI,EAAE,YAAY,EAClB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC;IAEvC;;;;;;OAMG;IACH,eAAe,CACb,gBAAgB,EAAE,YAAY,EAC9B,eAAe,EAAE,GAAG,CAAC,YAAY,EAAE,MAAM,CAAC,GACzC,OAAO,CAAC,GAAG,CAAC,CAAC;CACjB"}

package/src/lib/interfaces/services/identitySealingPipeline.js ADDED Viewed

@@ -0,0 +1,12 @@
+"use strict";
+/**
+ * @fileoverview IIdentitySealingPipeline interface.
+ *
+ * Orchestrates the brokered anonymity flow: captures real identity,
+ * generates Shamir shards, replaces identity field, distributes
+ * encrypted shards, and discards plaintext.
+ *
+ * @see Requirements 14
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=identitySealingPipeline.js.map

package/src/lib/interfaces/services/identitySealingPipeline.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"identitySealingPipeline.js","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/identitySealingPipeline.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG"}

package/src/lib/interfaces/services/identityValidator.d.ts ADDED Viewed

@@ -0,0 +1,44 @@
+/**
+ * @fileoverview IIdentityValidator interface with IdentityValidationResult.
+ *
+ * Validates content identity before ingestion into the block store.
+ * Dispatches to real identity, alias, or anonymous validation based on creatorId.
+ *
+ * @see Requirements 16
+ */
+import { PlatformID, ShortHexGuid } from '@digitaldefiance/ecies-lib';
+import { IdentityValidationErrorType } from '../../enumerations/identityValidationErrorType';
+import { ContentWithIdentity, IdentityMode } from '../contentWithIdentity';
+/**
+ * Result of content identity validation.
+ */
+export interface IdentityValidationResult {
+    /** Whether the content identity is valid */
+    valid: boolean;
+    /** The detected identity mode */
+    identityMode: IdentityMode;
+    /** The resolved real member ID (for real/alias modes) */
+    resolvedMemberId?: ShortHexGuid;
+    /** Validation error type if valid is false */
+    errorType?: IdentityValidationErrorType;
+}
+/**
+ * Interface for node-side identity validation on content ingestion.
+ *
+ * Validates content identity before acceptance into the block store:
+ * - Real identity: verifies signature matches public key, checks not banned/suspended
+ * - Alias identity: verifies alias is registered and active, signature matches alias key
+ * - Anonymous identity: verifies Membership_Proof is present and valid, content-bound
+ *
+ * @template TID - Platform ID type for frontend/backend DTO compatibility
+ */
+export interface IIdentityValidator<TID extends PlatformID = Uint8Array> {
+    /**
+     * Validate content identity before ingestion.
+     * @param content - The content with identity to validate
+     * @returns Validation result with identity mode and resolved member ID
+     * @throws IdentityValidationError with a specific reason on failure
+     */
+    validateContent(content: ContentWithIdentity<TID>): Promise<IdentityValidationResult>;
+}
+//# sourceMappingURL=identityValidator.d.ts.map

package/src/lib/interfaces/services/identityValidator.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"identityValidator.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/identityValidator.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAE,2BAA2B,EAAE,MAAM,gDAAgD,CAAC;AAC7F,OAAO,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAE3E;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,4CAA4C;IAC5C,KAAK,EAAE,OAAO,CAAC;IACf,iCAAiC;IACjC,YAAY,EAAE,YAAY,CAAC;IAC3B,yDAAyD;IACzD,gBAAgB,CAAC,EAAE,YAAY,CAAC;IAChC,8CAA8C;IAC9C,SAAS,CAAC,EAAE,2BAA2B,CAAC;CACzC;AAED;;;;;;;;;GASG;AACH,MAAM,WAAW,kBAAkB,CAAC,GAAG,SAAS,UAAU,GAAG,UAAU;IACrE;;;;;OAKG;IACH,eAAe,CACb,OAAO,EAAE,mBAAmB,CAAC,GAAG,CAAC,GAChC,OAAO,CAAC,wBAAwB,CAAC,CAAC;CACtC"}

package/src/lib/interfaces/services/identityValidator.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+/**
+ * @fileoverview IIdentityValidator interface with IdentityValidationResult.
+ *
+ * Validates content identity before ingestion into the block store.
+ * Dispatches to real identity, alias, or anonymous validation based on creatorId.
+ *
+ * @see Requirements 16
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=identityValidator.js.map

package/src/lib/interfaces/services/identityValidator.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"identityValidator.js","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/identityValidator.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG"}

package/src/lib/interfaces/services/index.d.ts CHANGED Viewed

@@ -1,4 +1,13 @@
 export type * from './cblServices';
 export type * from './fecService';
 export type * from './quorumService';
+export type * from './contentIngestion';
+export type * from './expirationScheduler';
+export type * from './identitySealingPipeline';
+export type * from './identityValidator';
+export type * from './membershipProof';
+export type * from './operatorPrompt';
+export type * from './quorumDatabase';
+export type * from './quorumStateMachine';
+export type * from './redistributionConfig';
 //# sourceMappingURL=index.d.ts.map

package/src/lib/interfaces/services/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/index.ts"],"names":[],"mappings":"AAAA,mBAAmB,eAAe,CAAC;AACnC,mBAAmB,cAAc,CAAC;AAClC,mBAAmB,iBAAiB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/index.ts"],"names":[],"mappings":"AAAA,mBAAmB,eAAe,CAAC;AACnC,mBAAmB,cAAc,CAAC;AAClC,mBAAmB,iBAAiB,CAAC;AAGrC,mBAAmB,oBAAoB,CAAC;AACxC,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,2BAA2B,CAAC;AAC/C,mBAAmB,qBAAqB,CAAC;AACzC,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,kBAAkB,CAAC;AACtC,mBAAmB,kBAAkB,CAAC;AACtC,mBAAmB,sBAAsB,CAAC;AAC1C,mBAAmB,wBAAwB,CAAC"}

package/src/lib/interfaces/services/membershipProof.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+/**
+ * @fileoverview IMembershipProofService interface.
+ *
+ * Generates and verifies ring signatures proving quorum membership
+ * without revealing which specific member created the content.
+ *
+ * @see Requirements 18
+ */
+import { PlatformID } from '@digitaldefiance/ecies-lib';
+/**
+ * Interface for ring signature membership proof generation and verification.
+ *
+ * Anonymous content carries a ring signature proving the creator is one
+ * of the current quorum members without revealing which one. The proof
+ * is bound to the specific content hash, preventing reuse across content.
+ *
+ * @template TID - Platform ID type for frontend/backend DTO compatibility
+ */
+export interface IMembershipProofService<TID extends PlatformID = Uint8Array> {
+    /**
+     * Generate a ring signature proving the signer is one of the current quorum members.
+     * The proof is bound to the specific content hash.
+     * @param signerPrivateKey - The signer's private key
+     * @param memberPublicKeys - Public keys of all current quorum members
+     * @param contentHash - Hash of the content being signed
+     * @returns The ring signature proof bytes
+     */
+    generateProof(signerPrivateKey: Uint8Array, memberPublicKeys: Uint8Array[], contentHash: Uint8Array): Promise<Uint8Array>;
+    /**
+     * Verify a membership proof against the current member set and content hash.
+     * @param proof - The ring signature proof to verify
+     * @param memberPublicKeys - Public keys of all current quorum members
+     * @param contentHash - Hash of the content the proof should be bound to
+     * @returns True if the proof is valid
+     */
+    verifyProof(proof: Uint8Array, memberPublicKeys: Uint8Array[], contentHash: Uint8Array): Promise<boolean>;
+    /** Generic marker for DTO compatibility */
+    _platformId?: TID;
+}
+//# sourceMappingURL=membershipProof.d.ts.map

package/src/lib/interfaces/services/membershipProof.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"membershipProof.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/membershipProof.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAExD;;;;;;;;GAQG;AACH,MAAM,WAAW,uBAAuB,CAAC,GAAG,SAAS,UAAU,GAAG,UAAU;IAC1E;;;;;;;OAOG;IACH,aAAa,CACX,gBAAgB,EAAE,UAAU,EAC5B,gBAAgB,EAAE,UAAU,EAAE,EAC9B,WAAW,EAAE,UAAU,GACtB,OAAO,CAAC,UAAU,CAAC,CAAC;IAEvB;;;;;;OAMG;IACH,WAAW,CACT,KAAK,EAAE,UAAU,EACjB,gBAAgB,EAAE,UAAU,EAAE,EAC9B,WAAW,EAAE,UAAU,GACtB,OAAO,CAAC,OAAO,CAAC,CAAC;IAEpB,2CAA2C;IAC3C,WAAW,CAAC,EAAE,GAAG,CAAC;CACnB"}

package/src/lib/interfaces/services/membershipProof.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+/**
+ * @fileoverview IMembershipProofService interface.
+ *
+ * Generates and verifies ring signatures proving quorum membership
+ * without revealing which specific member created the content.
+ *
+ * @see Requirements 18
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=membershipProof.js.map

package/src/lib/interfaces/services/membershipProof.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"membershipProof.js","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/membershipProof.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG"}

package/src/lib/interfaces/services/operatorPrompt.d.ts ADDED Viewed

@@ -0,0 +1,68 @@
+/**
+ * @fileoverview IOperatorPrompt interface with ProposalDisplay and OperatorVoteResult.
+ *
+ * Interface for physical operator interaction during quorum voting.
+ * Implementations live in brightchain-api-lib (CLI) or brightchain-react (web UI).
+ *
+ * @see Requirements 6
+ */
+import { ShortHexGuid } from '@digitaldefiance/ecies-lib';
+import { ProposalActionType } from '../../enumerations/proposalActionType';
+/**
+ * Display format for presenting a proposal to the operator for voting.
+ */
+export interface ProposalDisplay {
+    /** Unique proposal identifier */
+    proposalId: ShortHexGuid;
+    /** Human-readable proposal description */
+    description: string;
+    /** The type of action this proposal triggers */
+    actionType: ProposalActionType;
+    /** Machine-readable action payload */
+    actionPayload: Record<string, unknown>;
+    /** ID of the member who submitted the proposal */
+    proposerMemberId: ShortHexGuid;
+    /** Timestamp after which the proposal expires */
+    expiresAt: Date;
+    /** Optional CBL reference for attached documentation */
+    attachmentCblId?: string;
+    /** Pre-fetched CBL content for operator review */
+    attachmentContent?: Uint8Array;
+}
+/**
+ * Result of an operator's vote on a proposal.
+ */
+export interface OperatorVoteResult {
+    /** The operator's vote decision */
+    decision: 'approve' | 'reject';
+    /** Optional comment from the operator */
+    comment?: string;
+    /** Password for private key decryption, present only on approve */
+    password?: string;
+}
+/**
+ * Interface for physical operator interaction during quorum voting.
+ *
+ * No code path may release share material without going through this interface.
+ * Implementations must present the full proposal description and any attachment
+ * info, and require authentication on approve votes.
+ */
+export interface IOperatorPrompt {
+    /**
+     * Present a proposal to the operator and collect their vote.
+     * Must display the full proposal description and any attachment info.
+     * Returns the vote decision and, if approved, the authenticated password.
+     * @param proposal - The proposal display information
+     * @returns The operator's vote result
+     */
+    promptForVote(proposal: ProposalDisplay): Promise<OperatorVoteResult>;
+    /**
+     * Check if the voting interface is locked for a given proposal.
+     * Voting is locked after 3 consecutive failed authentication attempts
+     * for a configurable cooldown period (default 300 seconds).
+     * @param proposalId - The proposal ID to check
+     * @returns True if voting is locked for this proposal
+     */
+    isLocked(proposalId: ShortHexGuid): boolean;
+}
+//# sourceMappingURL=operatorPrompt.d.ts.map

package/src/lib/interfaces/services/operatorPrompt.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"operatorPrompt.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/operatorPrompt.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAE3E;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,iCAAiC;IACjC,UAAU,EAAE,YAAY,CAAC;IACzB,0CAA0C;IAC1C,WAAW,EAAE,MAAM,CAAC;IACpB,gDAAgD;IAChD,UAAU,EAAE,kBAAkB,CAAC;IAC/B,sCAAsC;IACtC,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,kDAAkD;IAClD,gBAAgB,EAAE,YAAY,CAAC;IAC/B,iDAAiD;IACjD,SAAS,EAAE,IAAI,CAAC;IAChB,wDAAwD;IACxD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kDAAkD;IAClD,iBAAiB,CAAC,EAAE,UAAU,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,mCAAmC;IACnC,QAAQ,EAAE,SAAS,GAAG,QAAQ,CAAC;IAC/B,yCAAyC;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,mEAAmE;IACnE,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;GAMG;AACH,MAAM,WAAW,eAAe;IAC9B;;;;;;OAMG;IACH,aAAa,CAAC,QAAQ,EAAE,eAAe,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAEtE;;;;;;OAMG;IACH,QAAQ,CAAC,UAAU,EAAE,YAAY,GAAG,OAAO,CAAC;CAC7C"}

package/src/lib/interfaces/services/operatorPrompt.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+/**
+ * @fileoverview IOperatorPrompt interface with ProposalDisplay and OperatorVoteResult.
+ *
+ * Interface for physical operator interaction during quorum voting.
+ * Implementations live in brightchain-api-lib (CLI) or brightchain-react (web UI).
+ *
+ * @see Requirements 6
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=operatorPrompt.js.map

package/src/lib/interfaces/services/operatorPrompt.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"operatorPrompt.js","sourceRoot":"","sources":["../../../../../../brightchain-lib/src/lib/interfaces/services/operatorPrompt.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG"}