@clawbureau/clawverify-core 0.1.0

package/dist/verify-web-receipt.js

@@ -0,0 +1,341 @@
+/**
+ * Witnessed Web Receipt Verification
+ * POH-US-018
+ */
+import { isAllowedVersion, isAllowedType, isAllowedAlgorithm, isAllowedHashAlgorithm, isValidDidFormat, isValidBase64Url, isValidIsoDate, } from './schema-registry.js';
+import { computeHash, base64UrlDecode, extractPublicKeyFromDidKey, verifySignature, } from './crypto.js';
+import { validateWebReceiptEnvelopeV1 } from './schema-validation.js';
+function validateEnvelopeStructure(envelope) {
+    if (typeof envelope !== 'object' || envelope === null)
+        return false;
+    const e = envelope;
+    return ('envelope_version' in e &&
+        'envelope_type' in e &&
+        'payload' in e &&
+        'payload_hash_b64u' in e &&
+        'hash_algorithm' in e &&
+        'signature_b64u' in e &&
+        'algorithm' in e &&
+        'signer_did' in e &&
+        'issued_at' in e);
+}
+function validatePayload(payload) {
+    if (typeof payload !== 'object' || payload === null)
+        return false;
+    const p = payload;
+    if (p.receipt_version !== '1')
+        return false;
+    if (typeof p.receipt_id !== 'string' || p.receipt_id.length === 0)
+        return false;
+    if (typeof p.witness_id !== 'string' || p.witness_id.length === 0)
+        return false;
+    if (p.source !== 'chatgpt_web' && p.source !== 'claude_web' && p.source !== 'gemini_web' && p.source !== 'other') {
+        return false;
+    }
+    if (typeof p.request_hash_b64u !== 'string' || !isValidBase64Url(p.request_hash_b64u))
+        return false;
+    if (typeof p.response_hash_b64u !== 'string' || !isValidBase64Url(p.response_hash_b64u))
+        return false;
+    if (p.session_hash_b64u !== undefined) {
+        if (typeof p.session_hash_b64u !== 'string' || !isValidBase64Url(p.session_hash_b64u)) {
+            return false;
+        }
+    }
+    if (!isValidIsoDate(p.timestamp))
+        return false;
+    return true;
+}
+export async function verifyWebReceipt(envelope, options = {}) {
+    const now = new Date().toISOString();
+    if (!validateEnvelopeStructure(envelope)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Malformed envelope: missing required fields',
+                verified_at: now,
+            },
+            error: {
+                code: 'MALFORMED_ENVELOPE',
+                message: 'Envelope is missing required fields or has invalid structure',
+            },
+        };
+    }
+    if (!isAllowedVersion(envelope.envelope_version)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: `Unknown envelope version: ${envelope.envelope_version}`,
+                verified_at: now,
+            },
+            error: {
+                code: 'UNKNOWN_ENVELOPE_VERSION',
+                message: `Envelope version "${envelope.envelope_version}" is not in the allowlist`,
+                field: 'envelope_version',
+            },
+        };
+    }
+    if (!isAllowedType(envelope.envelope_type)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: `Unknown envelope type: ${envelope.envelope_type}`,
+                verified_at: now,
+            },
+            error: {
+                code: 'UNKNOWN_ENVELOPE_TYPE',
+                message: `Envelope type "${envelope.envelope_type}" is not in the allowlist`,
+                field: 'envelope_type',
+            },
+        };
+    }
+    if (envelope.envelope_type !== 'web_receipt') {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: `Expected web_receipt envelope, got: ${envelope.envelope_type}`,
+                verified_at: now,
+            },
+            error: {
+                code: 'UNKNOWN_ENVELOPE_TYPE',
+                message: 'This endpoint only accepts web_receipt envelopes',
+                field: 'envelope_type',
+            },
+        };
+    }
+    if (!isAllowedAlgorithm(envelope.algorithm)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: `Unknown signature algorithm: ${envelope.algorithm}`,
+                verified_at: now,
+            },
+            error: {
+                code: 'UNKNOWN_ALGORITHM',
+                message: `Signature algorithm "${envelope.algorithm}" is not in the allowlist`,
+                field: 'algorithm',
+            },
+        };
+    }
+    if (!isAllowedHashAlgorithm(envelope.hash_algorithm)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: `Unknown hash algorithm: ${envelope.hash_algorithm}`,
+                verified_at: now,
+            },
+            error: {
+                code: 'UNKNOWN_HASH_ALGORITHM',
+                message: `Hash algorithm "${envelope.hash_algorithm}" is not in the allowlist`,
+                field: 'hash_algorithm',
+            },
+        };
+    }
+    const schemaResult = validateWebReceiptEnvelopeV1(envelope);
+    if (!schemaResult.valid) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: schemaResult.message,
+                envelope_type: envelope.envelope_type,
+                signer_did: envelope.signer_did,
+                verified_at: now,
+            },
+            error: {
+                code: 'SCHEMA_VALIDATION_FAILED',
+                message: schemaResult.message,
+                field: schemaResult.field,
+            },
+        };
+    }
+    if (!isValidDidFormat(envelope.signer_did)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: `Invalid DID format: ${envelope.signer_did}`,
+                verified_at: now,
+            },
+            error: {
+                code: 'INVALID_DID_FORMAT',
+                message: 'Signer DID does not match expected format (did:key:... or did:web:...)',
+                field: 'signer_did',
+            },
+        };
+    }
+    if (!options.allowlistedSignerDids || options.allowlistedSignerDids.length === 0) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Web receipt signer allowlist not configured',
+                envelope_type: envelope.envelope_type,
+                signer_did: envelope.signer_did,
+                verified_at: now,
+            },
+            error: {
+                code: 'DEPENDENCY_NOT_CONFIGURED',
+                message: 'Web receipt signer allowlist is not configured. Set WEB_RECEIPT_SIGNER_DIDS to enable web receipt verification.',
+                field: 'env.WEB_RECEIPT_SIGNER_DIDS',
+            },
+        };
+    }
+    if (!options.allowlistedSignerDids.includes(envelope.signer_did)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Web receipt signer DID is not allowlisted',
+                envelope_type: envelope.envelope_type,
+                signer_did: envelope.signer_did,
+                verified_at: now,
+            },
+            error: {
+                code: 'CLAIM_NOT_FOUND',
+                message: `Signer DID '${envelope.signer_did}' is not in the allowlisted web receipt signer list`,
+                field: 'signer_did',
+            },
+        };
+    }
+    if (!isValidIsoDate(envelope.issued_at)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Invalid issued_at date format',
+                verified_at: now,
+            },
+            error: {
+                code: 'MALFORMED_ENVELOPE',
+                message: 'issued_at must be a valid ISO 8601 date string',
+                field: 'issued_at',
+            },
+        };
+    }
+    if (!isValidBase64Url(envelope.payload_hash_b64u)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Invalid payload_hash_b64u format',
+                verified_at: now,
+            },
+            error: {
+                code: 'MALFORMED_ENVELOPE',
+                message: 'payload_hash_b64u must be a valid base64url string',
+                field: 'payload_hash_b64u',
+            },
+        };
+    }
+    if (!isValidBase64Url(envelope.signature_b64u)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Invalid signature_b64u format',
+                verified_at: now,
+            },
+            error: {
+                code: 'MALFORMED_ENVELOPE',
+                message: 'signature_b64u must be a valid base64url string',
+                field: 'signature_b64u',
+            },
+        };
+    }
+    if (!validatePayload(envelope.payload)) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Invalid web receipt payload structure',
+                verified_at: now,
+            },
+            error: {
+                code: 'MALFORMED_ENVELOPE',
+                message: 'Web receipt payload is malformed or missing required fields',
+                field: 'payload',
+            },
+        };
+    }
+    try {
+        const computedHash = await computeHash(envelope.payload, envelope.hash_algorithm);
+        if (computedHash !== envelope.payload_hash_b64u) {
+            return {
+                result: {
+                    status: 'INVALID',
+                    reason: 'Payload hash mismatch: envelope may have been tampered with',
+                    verified_at: now,
+                },
+                error: {
+                    code: 'HASH_MISMATCH',
+                    message: 'Computed payload hash does not match envelope hash',
+                },
+            };
+        }
+    }
+    catch {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Hash computation failed',
+                verified_at: now,
+            },
+            error: {
+                code: 'HASH_MISMATCH',
+                message: 'Failed to compute payload hash',
+            },
+        };
+    }
+    const publicKeyBytes = extractPublicKeyFromDidKey(envelope.signer_did);
+    if (!publicKeyBytes) {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Could not extract public key from signer DID',
+                verified_at: now,
+            },
+            error: {
+                code: 'INVALID_DID_FORMAT',
+                message: 'Unable to extract Ed25519 public key from did:key DID',
+                field: 'signer_did',
+            },
+        };
+    }
+    try {
+        const sigBytes = base64UrlDecode(envelope.signature_b64u);
+        const msgBytes = new TextEncoder().encode(envelope.payload_hash_b64u);
+        const ok = await verifySignature('Ed25519', publicKeyBytes, sigBytes, msgBytes);
+        if (!ok) {
+            return {
+                result: {
+                    status: 'INVALID',
+                    reason: 'Signature verification failed',
+                    verified_at: now,
+                },
+                error: {
+                    code: 'SIGNATURE_INVALID',
+                    message: 'The Ed25519 signature does not match the payload hash',
+                },
+            };
+        }
+    }
+    catch {
+        return {
+            result: {
+                status: 'INVALID',
+                reason: 'Signature verification error',
+                verified_at: now,
+            },
+            error: {
+                code: 'SIGNATURE_INVALID',
+                message: 'Failed to verify signature',
+            },
+        };
+    }
+    return {
+        result: {
+            status: 'VALID',
+            reason: 'Web receipt verified successfully',
+            envelope_type: envelope.envelope_type,
+            signer_did: envelope.signer_did,
+            verified_at: now,
+        },
+        witness_id: envelope.payload.witness_id,
+        source: envelope.payload.source,
+        proof_tier: 'witnessed_web',
+        equivalent_to_gateway: false,
+    };
+}
+//# sourceMappingURL=verify-web-receipt.js.map

package/dist/verify-web-receipt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-web-receipt.js","sourceRoot":"","sources":["../src/verify-web-receipt.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAQH,OAAO,EACL,gBAAgB,EAChB,aAAa,EACb,kBAAkB,EAClB,sBAAsB,EACtB,gBAAgB,EAChB,gBAAgB,EAChB,cAAc,GACf,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EACL,WAAW,EACX,eAAe,EACf,0BAA0B,EAC1B,eAAe,GAChB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,4BAA4B,EAAE,MAAM,wBAAwB,CAAC;AAUtE,SAAS,yBAAyB,CAChC,QAAiB;IAEjB,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IACpE,MAAM,CAAC,GAAG,QAAmC,CAAC;IAE9C,OAAO,CACL,kBAAkB,IAAI,CAAC;QACvB,eAAe,IAAI,CAAC;QACpB,SAAS,IAAI,CAAC;QACd,mBAAmB,IAAI,CAAC;QACxB,gBAAgB,IAAI,CAAC;QACrB,gBAAgB,IAAI,CAAC;QACrB,WAAW,IAAI,CAAC;QAChB,YAAY,IAAI,CAAC;QACjB,WAAW,IAAI,CAAC,CACjB,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,OAAgB;IACvC,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAClE,MAAM,CAAC,GAAG,OAAkC,CAAC;IAE7C,IAAI,CAAC,CAAC,eAAe,KAAK,GAAG;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,OAAO,CAAC,CAAC,UAAU,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAChF,IAAI,OAAO,CAAC,CAAC,UAAU,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAChF,IAAI,CAAC,CAAC,MAAM,KAAK,aAAa,IAAI,CAAC,CAAC,MAAM,KAAK,YAAY,IAAI,CAAC,CAAC,MAAM,KAAK,YAAY,IAAI,CAAC,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;QACjH,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,OAAO,CAAC,CAAC,iBAAiB,KAAK,QAAQ,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,iBAAiB,CAAC;QAAE,OAAO,KAAK,CAAC;IACpG,IAAI,OAAO,CAAC,CAAC,kBAAkB,KAAK,QAAQ,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,kBAAkB,CAAC;QAAE,OAAO,KAAK,CAAC;IAEtG,IAAI,CAAC,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;QACtC,IAAI,OAAO,CAAC,CAAC,iBAAiB,KAAK,QAAQ,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACtF,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,QAAiB,EACjB,UAAqC,EAAE;IASvC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzC,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,6CAA6C;gBACrD,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,8DAA8D;aACxE;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACjD,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,6BAA6B,QAAQ,CAAC,gBAAgB,EAAE;gBAChE,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,0BAA0B;gBAChC,OAAO,EAAE,qBAAqB,QAAQ,CAAC,gBAAgB,2BAA2B;gBAClF,KAAK,EAAE,kBAAkB;aAC1B;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;QAC3C,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,0BAA0B,QAAQ,CAAC,aAAa,EAAE;gBAC1D,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,uBAAuB;gBAC7B,OAAO,EAAE,kBAAkB,QAAQ,CAAC,aAAa,2BAA2B;gBAC5E,KAAK,EAAE,eAAe;aACvB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,QAAQ,CAAC,aAAa,KAAK,aAAa,EAAE,CAAC;QAC7C,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,uCAAuC,QAAQ,CAAC,aAAa,EAAE;gBACvE,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,uBAAuB;gBAC7B,OAAO,EAAE,kDAAkD;gBAC3D,KAAK,EAAE,eAAe;aACvB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5C,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,gCAAgC,QAAQ,CAAC,SAAS,EAAE;gBAC5D,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,mBAAmB;gBACzB,OAAO,EAAE,wBAAwB,QAAQ,CAAC,SAAS,2BAA2B;gBAC9E,KAAK,EAAE,WAAW;aACnB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACrD,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,2BAA2B,QAAQ,CAAC,cAAc,EAAE;gBAC5D,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,wBAAwB;gBAC9B,OAAO,EAAE,mBAAmB,QAAQ,CAAC,cAAc,2BAA2B;gBAC9E,KAAK,EAAE,gBAAgB;aACxB;SACF,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,4BAA4B,CAAC,QAAQ,CAAC,CAAC;IAC5D,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;QACxB,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,YAAY,CAAC,OAAO;gBAC5B,aAAa,EAAE,QAAQ,CAAC,aAAa;gBACrC,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,0BAA0B;gBAChC,OAAO,EAAE,YAAY,CAAC,OAAO;gBAC7B,KAAK,EAAE,YAAY,CAAC,KAAK;aAC1B;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3C,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,uBAAuB,QAAQ,CAAC,UAAU,EAAE;gBACpD,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,wEAAwE;gBACjF,KAAK,EAAE,YAAY;aACpB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,qBAAqB,IAAI,OAAO,CAAC,qBAAqB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjF,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,6CAA6C;gBACrD,aAAa,EAAE,QAAQ,CAAC,aAAa;gBACrC,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,2BAA2B;gBACjC,OAAO,EAAE,iHAAiH;gBAC1H,KAAK,EAAE,6BAA6B;aACrC;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QACjE,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,2CAA2C;gBACnD,aAAa,EAAE,QAAQ,CAAC,aAAa;gBACrC,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,eAAe,QAAQ,CAAC,UAAU,qDAAqD;gBAChG,KAAK,EAAE,YAAY;aACpB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACxC,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,+BAA+B;gBACvC,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,gDAAgD;gBACzD,KAAK,EAAE,WAAW;aACnB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;QAClD,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,kCAAkC;gBAC1C,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,oDAAoD;gBAC7D,KAAK,EAAE,mBAAmB;aAC3B;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QAC/C,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,+BAA+B;gBACvC,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,iDAAiD;gBAC1D,KAAK,EAAE,gBAAgB;aACxB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACvC,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,uCAAuC;gBAC/C,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,6DAA6D;gBACtE,KAAK,EAAE,SAAS;aACjB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,cAAc,CAAC,CAAC;QAClF,IAAI,YAAY,KAAK,QAAQ,CAAC,iBAAiB,EAAE,CAAC;YAChD,OAAO;gBACL,MAAM,EAAE;oBACN,MAAM,EAAE,SAAS;oBACjB,MAAM,EAAE,6DAA6D;oBACrE,WAAW,EAAE,GAAG;iBACjB;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,eAAe;oBACrB,OAAO,EAAE,oDAAoD;iBAC9D;aACF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,yBAAyB;gBACjC,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,gCAAgC;aAC1C;SACF,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,0BAA0B,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IACvE,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,8CAA8C;gBACtD,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,uDAAuD;gBAChE,KAAK,EAAE,YAAY;aACpB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAC1D,MAAM,QAAQ,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;QAEtE,MAAM,EAAE,GAAG,MAAM,eAAe,CAAC,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAChF,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,OAAO;gBACL,MAAM,EAAE;oBACN,MAAM,EAAE,SAAS;oBACjB,MAAM,EAAE,+BAA+B;oBACvC,WAAW,EAAE,GAAG;iBACjB;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,uDAAuD;iBACjE;aACF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,8BAA8B;gBACtC,WAAW,EAAE,GAAG;aACjB;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,mBAAmB;gBACzB,OAAO,EAAE,4BAA4B;aACtC;SACF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,MAAM,EAAE;YACN,MAAM,EAAE,OAAO;YACf,MAAM,EAAE,mCAAmC;YAC3C,aAAa,EAAE,QAAQ,CAAC,aAAa;YACrC,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,WAAW,EAAE,GAAG;SACjB;QACD,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;QACvC,MAAM,EAAE,QAAQ,CAAC,OAAO,CAAC,MAAM;QAC/B,UAAU,EAAE,eAAe;QAC3B,qBAAqB,EAAE,KAAK;KAC7B,CAAC;AACJ,CAAC"}

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@clawbureau/clawverify-core",
+  "version": "0.1.0",
+  "description": "Pure, offline-capable verification primitives for the Clawsig Protocol — schema validation, Ed25519 signature verification, hash chain integrity, receipt validation.",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist/**/*.js",
+    "dist/**/*.d.ts",
+    "dist/**/*.d.ts.map",
+    "dist/**/*.js.map",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "typecheck": "tsc --noEmit",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "clawsig",
+    "verifier",
+    "proof-bundle",
+    "offline-verification",
+    "Ed25519",
+    "schema-validation"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/clawbureau/clawbureau",
+    "directory": "packages/clawverify-core"
+  },
+  "homepage": "https://github.com/clawbureau/clawbureau/tree/main/packages/clawverify-core",
+  "bugs": "https://github.com/clawbureau/clawbureau/issues",
+  "dependencies": {
+    "ajv": "^8.17.1",
+    "ajv-formats": "^3.0.1"
+  },
+  "devDependencies": {
+    "@types/node": "^25.2.1",
+    "typescript": "^5.7.0"
+  },
+  "engines": {
+    "node": ">=20"
+  },
+  "license": "MIT"
+}