@continuonai/rcan-ts 1.2.2 → 1.3.0

package/dist/index.d.mts

@@ -102,7 +102,7 @@ declare enum MessageType {
 /** §8.5 — Sender Type and Service Identity */
 type SenderType = "robot" | "human" | "cloud_function" | "system";
 /** §12 — Command Delegation and Chain of Custody */
-interface DelegationHop {
+interface DelegationHop$1 {
     issuerRuri: string;
     humanSubject: string;
     timestamp: string;
@@ -139,7 +139,7 @@ interface RCANMessageData {
     /** v1.5: GAP-09 key id */
     keyId?: string;
     /** v1.5: GAP-01 delegation chain */
-    delegationChain?: DelegationHop[];
+    delegationChain?: DelegationHop$1[];
     /** v1.5: GAP-13 fleet group */
     groupId?: string;
     /** v1.5: GAP-11 QoS level */
@@ -161,6 +161,11 @@ interface RCANMessageData {
     attestationRef?: string;
     /** v2.2: ML-DSA-65 post-quantum signature block (field 16, FIPS 204). Hybrid mode alongside Ed25519. */
     pqSig?: PQSignatureBlock | undefined;
+    /** v2.2 snake_case envelope aliases (spec §3.2) */
+    firmware_hash?: string;
+    attestation_ref?: string;
+    pq_sig?: string;
+    pq_alg?: string;
     [key: string]: unknown;
 }
 declare class RCANMessageError extends Error {
@@ -181,7 +186,7 @@ declare class RCANMessage {
     readonly senderType: SenderType | undefined;
     readonly cloudProvider: string | undefined;
     readonly keyId: string | undefined;
-    readonly delegationChain: DelegationHop[] | undefined;
+    readonly delegationChain: DelegationHop$1[] | undefined;
     readonly groupId: string | undefined;
     readonly qos: number | undefined;
     readonly presenceVerified: boolean | undefined;
@@ -220,7 +225,7 @@ declare function makeCloudRelayMessage(base: RCANMessage, provider: string): RCA
 /**
  * §12 — Add a delegation hop to a message.
  */
-declare function addDelegationHop(msg: RCANMessage, hop: DelegationHop): RCANMessage;
+declare function addDelegationHop(msg: RCANMessage, hop: DelegationHop$1): RCANMessage;
 /**
  * §12 — Validate a delegation chain (structure only; signature verification
  * requires crypto module).
@@ -229,7 +234,7 @@ declare function addDelegationHop(msg: RCANMessage, hop: DelegationHop): RCANMes
  *  - Max depth 4 hops
  *  - Each hop must have issuerRuri, humanSubject, timestamp, scope, signature
  */
-declare function validateDelegationChain(chain: DelegationHop[]): {
+declare function validateDelegationChain$1(chain: DelegationHop$1[]): {
     valid: boolean;
     reason: string;
 };
@@ -750,14 +755,14 @@ interface TransparencyMessage {
     timestamp_ms: number;
     message_id: string;
     /** v1.5 GAP-22: third-party control chain */
-    delegation_chain?: DelegationHop[];
+    delegation_chain?: DelegationHop$1[];
 }
 /**
  * Build a TRANSPARENCY message for EU AI Act Article 13 compliance.
  *
  * v1.5 (GAP-22): includes delegation_chain when available.
  */
-declare function makeTransparencyMessage(ruri: string, disclosure: string, delegationChain?: DelegationHop[]): TransparencyMessage;
+declare function makeTransparencyMessage(ruri: string, disclosure: string, delegationChain?: DelegationHop$1[]): TransparencyMessage;
 
 /**
  * RCAN Protocol Version — single source of truth.
@@ -1466,7 +1471,7 @@ declare enum MediaEncoding {
     BASE64 = "base64",
     REF = "ref"
 }
-interface MediaChunk {
+interface MediaChunk$1 {
     chunkId: string;
     mimeType: string;
     encoding: MediaEncoding;
@@ -1479,7 +1484,7 @@ interface StreamChunk {
     streamId: string;
     chunkIndex: number;
     isFinal: boolean;
-    chunk: MediaChunk;
+    chunk: MediaChunk$1;
 }
 /**
  * Attach inline (base64-encoded) media to a message.
@@ -1914,6 +1919,135 @@ declare const addPQSignature: typeof signMessage;
 /** @deprecated Use verifyMessage() — Ed25519 is removed in RCAN v2.2 */
 declare function verifyPQSignature(msg: RCANMessage, trustedKeys: MLDSAKeyPair[], _requirePQ?: boolean): Promise<void>;
 
+/** An ML-DSA-65 key pair (NIST FIPS 204, 192-bit PQ security). */
+interface MlDsaKeyPair {
+    /** ML-DSA-65 secret key (4032 bytes). */
+    privateKey: Uint8Array;
+    /** ML-DSA-65 public key (1952 bytes). */
+    publicKey: Uint8Array;
+}
+/**
+ * Hybrid Ed25519 + ML-DSA-65 signature.
+ * Both algorithms sign the same message; verification requires both to pass.
+ */
+interface HybridSignature {
+    profile: "pqc-hybrid-v1";
+    /** Ed25519 signature (64 bytes, base-64url decoded). */
+    ed25519Sig: Uint8Array;
+    /** ML-DSA-65 signature (3309 bytes, base-64url decoded). */
+    mlDsaSig: Uint8Array;
+}
+/** Generate a fresh ML-DSA-65 key pair. */
+declare function generateMlDsaKeypair(): MlDsaKeyPair;
+/** Sign `message` with an ML-DSA-65 secret key. Returns the raw signature. */
+declare function signMlDsa(privateKey: Uint8Array, message: Uint8Array): Uint8Array;
+/**
+ * Verify an ML-DSA-65 signature.
+ * @returns `true` if valid, `false` otherwise.
+ */
+declare function verifyMlDsa(publicKey: Uint8Array, message: Uint8Array, sig: Uint8Array): boolean;
+/**
+ * Sign `msg` with both Ed25519 and ML-DSA-65.
+ * The caller supplies both private keys; neither is derived from the other.
+ */
+declare function signHybrid(ed25519Priv: Uint8Array, mlDsaPriv: Uint8Array, msg: Uint8Array): HybridSignature;
+/**
+ * Verify a hybrid signature. Both Ed25519 and ML-DSA-65 must be valid.
+ * @returns `true` only when both signatures pass.
+ */
+declare function verifyHybrid(ed25519Pub: Uint8Array, mlDsaPub: Uint8Array, msg: Uint8Array, sig: HybridSignature): boolean;
+/**
+ * Encode a HybridSignature to a compact string.
+ * Format: `pqc-hybrid-v1.<ed25519-b64url>.<mldsa-b64url>`
+ */
+declare function encodeHybridSig(sig: HybridSignature): string;
+/**
+ * Decode a hybrid signature string produced by `encodeHybridSig`.
+ * @throws if the string is not in the expected format.
+ */
+declare function decodeHybridSig(s: string): HybridSignature;
+/**
+ * Encode an ML-DSA-65 public key as a JWK-like object.
+ * Uses `kty: "OKP"`, `alg: "ML-DSA-65"`, `x: <base64url>`.
+ */
+declare function encodeMlDsaPublicKeyJwk(pub: Uint8Array): object;
+/**
+ * Decode an ML-DSA-65 public key from a JWK-like object.
+ * @throws if `kty` or `alg` fields are wrong.
+ */
+declare function decodeMlDsaPublicKeyJwk(jwk: object): Uint8Array;
+
+/**
+ * rcan/mcp.ts — MCP integration types for RCAN v2.2 §22
+ *
+ * Provider-agnostic: LoA is tied to the token, not the model or AI provider.
+ */
+/** LoA → RCAN command scopes mapping (§22.4) */
+declare const LOA_TO_SCOPES: Record<number, string[]>;
+/** Required LoA for each MCP tool (§22.3) */
+declare const TOOL_LOA_REQUIREMENTS: Record<string, number>;
+/** MCP client entry stored in the RCAN yaml mcp_clients: block */
+interface McpClientConfig {
+    name: string;
+    token_hash: string;
+    loa: number;
+}
+/** Full MCP server configuration extracted from the RCAN yaml */
+interface McpServerConfig {
+    rrn: string;
+    clients: McpClientConfig[];
+}
+/** Check if a client's LoA satisfies a tool's requirement */
+declare function clientAllowsTool(client: McpClientConfig, toolName: string): boolean;
+/** Tool call result shapes */
+interface RobotStatusResult {
+    rrn: string;
+    status: Record<string, unknown>;
+}
+interface FleetListResult {
+    fleet: Record<string, unknown>[];
+}
+interface RrfLookupResult {
+    entity_id: string;
+    record: Record<string, unknown>;
+}
+interface RobotCommandResult {
+    rrn: string;
+    instruction: string;
+    scope: string;
+    result: Record<string, unknown>;
+}
+interface ComplianceReportResult {
+    rrn: string;
+    compliance: Record<string, unknown>;
+}
+
+/**
+ * RCAN v2.2 Delegation and Media envelope types.
+ * Spec: https://robotregistryfoundation.org/docs/mcp/
+ */
+/** A single hop in a v2.2 delegation chain. */
+interface DelegationHop {
+    robot_rrn: string;
+    scope: string;
+    issued_at: string;
+    expires_at: string;
+    sig?: string;
+}
+/** An inline or by-reference media attachment for v2.2 messages. */
+interface MediaChunk {
+    chunk_id: string;
+    mime_type: string;
+    size_bytes: number;
+    hash_sha256: string;
+    data?: string;
+    ref_url?: string;
+}
+declare function validateDelegationChain(chain: DelegationHop[]): void;
+declare function verifyMediaChunkHash(chunk: MediaChunk): void;
+type V22DelegationHop = DelegationHop;
+type V22MediaChunk = MediaChunk;
+
 /**
  * rcan-ts — Official TypeScript SDK for RCAN v1.6
  * Robot Communication and Accountability Network
@@ -1926,4 +2060,4 @@ declare const VERSION = "0.6.0";
 /** @deprecated Use SPEC_VERSION from ./version instead */
 declare const RCAN_VERSION = "1.6";
 
-export { AUTHORITY_ERROR_CODES, type ApprovalStatus, AuditChain, AuditError, type AuditExportRequest, type AuthorityAccessPayload, type AuthorityAccessPayloadWire, type AuthorityDataCategory, type AuthorityResponseData, type AuthorityResponsePayload, COMPETITION_SCOPE_LEVEL, CONTRIBUTE_SCOPE_LEVEL, type CachedKey, type ChainVerifyResult, ClockDriftError, type ClockSyncStatus, CommitmentRecord, type CommitmentRecordData, type CommitmentRecordJSON, type CompetitionBadge, type CompetitionEnter, type CompetitionFormat, type CompetitionScore, type ComputeResource, ConfidenceGate, type ConsentRequestParams, type ConsentResponseParams, type ConsentType, type ContributeCancel, type ContributeRequest, type ContributeResult, DEFAULT_LOA_POLICY, DataCategory, type DelegationHop, FIRMWARE_MANIFEST_PATH, FaultCode, type FaultReportParams, type FaultSeverity, type FederationSyncPayload, FederationSyncType, type FirmwareComponent, FirmwareIntegrityError, type FirmwareManifest, type FirmwareManifestWire, GateError, HiTLGate, type IdentityRecord, type JWKEntry, type JWKSDocument, KeyStore, LevelOfAssurance, type ListResult, type LoaPolicy, M2MAuthError, type M2MPeerClaims, type M2MTrustedClaims, M2M_TRUSTED_ISSUER, MLDSAKeyPair, type MLDSAKeyPairData, type MediaChunk, MediaEncoding, MessageType, NodeClient, type OfflineCommandResult, OfflineModeManager, type OfflineState, PRODUCTION_LOA_POLICY, type PendingApproval, type PersonalResearchResult, QoSAckTimeoutError, QoSLevel, QoSManager, type QoSResult, type QoSSendOptions, RCANAddressError, type RCANAgentConfig, type RCANConfig, RCANConfigAuthorizationError, RCANDelegationChainError, RCANError, RCANGateError, RCANMessage, type RCANMessageData, type RCANMessageEnvelope, RCANMessageError, type RCANMetadata, RCANNodeError, RCANNodeNotFoundError, RCANNodeSyncError, RCANNodeTrustError, RCANRegistryError, type RCANRegistryNode, RCANReplayAttackError, type RCANResolveResult, RCANSignatureError, RCANValidationError, RCANVersionIncompatibleError, RCAN_VERSION, ROLE_JWT_LEVEL, RRF_REVOCATION_CACHE_TTL_MS, RRF_REVOCATION_URL, type RegistrationResult, RegistryClient, type RegistryIdentity, RegistryTier, ReplayCache, type ReplayCheckResult, type ReplayableMessage, type ResearchMetrics, RevocationCache$1 as RevocationCache, type RevocationStatus, type RevocationStatusValue, type Robot, type RobotRegistration, RobotURI, RobotURIError, type RobotURIOptions, Role, type RunType, SAFETY_MESSAGE_TYPE, SCOPE_MIN_ROLE, SDK_VERSION, SPEC_VERSION, type SafetyEvent, type SafetyMessage, type ScopeValidationResult, type SeasonStanding, type SenderType, type SignatureBlock, type StandingEntry, type StreamChunk, type TrainingConsentRequestParams, type TransparencyMessage, TransportEncoding, TransportError, TrustAnchorCache, VERSION, type ValidationResult, type WorkUnitStatus, addDelegationHop, addMediaInline, addMediaRef, addPQSignature, assertClockSynced, authorityAccessFromWire, authorityAccessToWire, canonicalManifestJson, checkClockSync, checkRevocation, decodeBleFrames, decodeCompact, decodeMinimal, encodeBleFrames, encodeCompact, encodeMinimal, extractIdentityFromJwt, extractLoaFromJwt, extractRoleFromJwt, fetchCanonicalSchema, fetchRRFRevocations, isAuthorityRequestValid, isM2mTrustedRevoked, isPreemptedBy, isSafetyMessage, makeCloudRelayMessage, makeCompetitionEnter, makeCompetitionScore, makeConfigUpdate, makeConsentDeny, makeConsentGrant, makeConsentRequest, makeContributeCancel, makeContributeRequest, makeContributeResult, makeEstopMessage, makeEstopWithQoS, makeFaultReport, makeFederationSync, makeKeyRotationMessage, makePersonalResearchResult, makeResumeMessage, makeRevocationBroadcast, makeSeasonStanding, makeStopMessage, makeStreamChunk, makeTrainingConsentDeny, makeTrainingConsentGrant, makeTrainingConsentRequest, makeTrainingDataMessage, makeTransparencyMessage, manifestFromWire, manifestToWire, parseM2mPeerToken, parseM2mTrustedToken, roleFromJwtLevel, selectTransport, signMessage, validateAuthorityAccess, validateCompetitionScope, validateConfig, validateConfigAgainstSchema, validateConfigUpdate, validateConsentMessage, validateContributeScope, validateCrossRegistryCommand, validateDelegationChain, validateLoaForScope, validateManifest, validateMediaChunks, validateMessage, validateNodeAgainstSchema, validateReplay, validateRoleForScope, validateSafetyMessage, validateTrainingDataMessage, validateURI, validateVersionCompat, verifyM2mTrustedToken, verifyM2mTrustedTokenClaims, verifyMessage, verifyPQSignature };
+export { AUTHORITY_ERROR_CODES, type ApprovalStatus, AuditChain, AuditError, type AuditExportRequest, type AuthorityAccessPayload, type AuthorityAccessPayloadWire, type AuthorityDataCategory, type AuthorityResponseData, type AuthorityResponsePayload, COMPETITION_SCOPE_LEVEL, CONTRIBUTE_SCOPE_LEVEL, type CachedKey, type ChainVerifyResult, ClockDriftError, type ClockSyncStatus, CommitmentRecord, type CommitmentRecordData, type CommitmentRecordJSON, type CompetitionBadge, type CompetitionEnter, type CompetitionFormat, type CompetitionScore, type ComplianceReportResult, type ComputeResource, ConfidenceGate, type ConsentRequestParams, type ConsentResponseParams, type ConsentType, type ContributeCancel, type ContributeRequest, type ContributeResult, DEFAULT_LOA_POLICY, DataCategory, type DelegationHop$1 as DelegationHop, FIRMWARE_MANIFEST_PATH, FaultCode, type FaultReportParams, type FaultSeverity, type FederationSyncPayload, FederationSyncType, type FirmwareComponent, FirmwareIntegrityError, type FirmwareManifest, type FirmwareManifestWire, type FleetListResult, GateError, HiTLGate, type HybridSignature, type IdentityRecord, type JWKEntry, type JWKSDocument, KeyStore, LOA_TO_SCOPES, LevelOfAssurance, type ListResult, type LoaPolicy, M2MAuthError, type M2MPeerClaims, type M2MTrustedClaims, M2M_TRUSTED_ISSUER, MLDSAKeyPair, type MLDSAKeyPairData, type McpClientConfig, type McpServerConfig, type MediaChunk$1 as MediaChunk, MediaEncoding, MessageType, type MlDsaKeyPair, NodeClient, type OfflineCommandResult, OfflineModeManager, type OfflineState, PRODUCTION_LOA_POLICY, type PendingApproval, type PersonalResearchResult, QoSAckTimeoutError, QoSLevel, QoSManager, type QoSResult, type QoSSendOptions, RCANAddressError, type RCANAgentConfig, type RCANConfig, RCANConfigAuthorizationError, RCANDelegationChainError, RCANError, RCANGateError, RCANMessage, type RCANMessageData, type RCANMessageEnvelope, RCANMessageError, type RCANMetadata, RCANNodeError, RCANNodeNotFoundError, RCANNodeSyncError, RCANNodeTrustError, RCANRegistryError, type RCANRegistryNode, RCANReplayAttackError, type RCANResolveResult, RCANSignatureError, RCANValidationError, RCANVersionIncompatibleError, RCAN_VERSION, ROLE_JWT_LEVEL, RRF_REVOCATION_CACHE_TTL_MS, RRF_REVOCATION_URL, type RegistrationResult, RegistryClient, type RegistryIdentity, RegistryTier, ReplayCache, type ReplayCheckResult, type ReplayableMessage, type ResearchMetrics, RevocationCache$1 as RevocationCache, type RevocationStatus, type RevocationStatusValue, type Robot, type RobotCommandResult, type RobotRegistration, type RobotStatusResult, RobotURI, RobotURIError, type RobotURIOptions, Role, type RrfLookupResult, type RunType, SAFETY_MESSAGE_TYPE, SCOPE_MIN_ROLE, SDK_VERSION, SPEC_VERSION, type SafetyEvent, type SafetyMessage, type ScopeValidationResult, type SeasonStanding, type SenderType, type SignatureBlock, type StandingEntry, type StreamChunk, TOOL_LOA_REQUIREMENTS, type TrainingConsentRequestParams, type TransparencyMessage, TransportEncoding, TransportError, TrustAnchorCache, type V22DelegationHop, type V22MediaChunk, VERSION, type ValidationResult, type WorkUnitStatus, addDelegationHop, addMediaInline, addMediaRef, addPQSignature, assertClockSynced, authorityAccessFromWire, authorityAccessToWire, canonicalManifestJson, checkClockSync, checkRevocation, clientAllowsTool, decodeBleFrames, decodeCompact, decodeHybridSig, decodeMinimal, decodeMlDsaPublicKeyJwk, encodeBleFrames, encodeCompact, encodeHybridSig, encodeMinimal, encodeMlDsaPublicKeyJwk, extractIdentityFromJwt, extractLoaFromJwt, extractRoleFromJwt, fetchCanonicalSchema, fetchRRFRevocations, generateMlDsaKeypair, isAuthorityRequestValid, isM2mTrustedRevoked, isPreemptedBy, isSafetyMessage, makeCloudRelayMessage, makeCompetitionEnter, makeCompetitionScore, makeConfigUpdate, makeConsentDeny, makeConsentGrant, makeConsentRequest, makeContributeCancel, makeContributeRequest, makeContributeResult, makeEstopMessage, makeEstopWithQoS, makeFaultReport, makeFederationSync, makeKeyRotationMessage, makePersonalResearchResult, makeResumeMessage, makeRevocationBroadcast, makeSeasonStanding, makeStopMessage, makeStreamChunk, makeTrainingConsentDeny, makeTrainingConsentGrant, makeTrainingConsentRequest, makeTrainingDataMessage, makeTransparencyMessage, manifestFromWire, manifestToWire, parseM2mPeerToken, parseM2mTrustedToken, roleFromJwtLevel, selectTransport, signHybrid, signMessage, signMlDsa, validateAuthorityAccess, validateCompetitionScope, validateConfig, validateConfigAgainstSchema, validateConfigUpdate, validateConsentMessage, validateContributeScope, validateCrossRegistryCommand, validateDelegationChain$1 as validateDelegationChain, validateLoaForScope, validateManifest, validateMediaChunks, validateMessage, validateNodeAgainstSchema, validateReplay, validateRoleForScope, validateSafetyMessage, validateTrainingDataMessage, validateURI, validateDelegationChain as validateV22DelegationChain, validateVersionCompat, verifyHybrid, verifyM2mTrustedToken, verifyM2mTrustedTokenClaims, verifyMessage, verifyMlDsa, verifyPQSignature, verifyMediaChunkHash as verifyV22MediaChunkHash };

package/dist/index.d.ts

@@ -102,7 +102,7 @@ declare enum MessageType {
 /** §8.5 — Sender Type and Service Identity */
 type SenderType = "robot" | "human" | "cloud_function" | "system";
 /** §12 — Command Delegation and Chain of Custody */
-interface DelegationHop {
+interface DelegationHop$1 {
     issuerRuri: string;
     humanSubject: string;
     timestamp: string;
@@ -139,7 +139,7 @@ interface RCANMessageData {
     /** v1.5: GAP-09 key id */
     keyId?: string;
     /** v1.5: GAP-01 delegation chain */
-    delegationChain?: DelegationHop[];
+    delegationChain?: DelegationHop$1[];
     /** v1.5: GAP-13 fleet group */
     groupId?: string;
     /** v1.5: GAP-11 QoS level */
@@ -161,6 +161,11 @@ interface RCANMessageData {
     attestationRef?: string;
     /** v2.2: ML-DSA-65 post-quantum signature block (field 16, FIPS 204). Hybrid mode alongside Ed25519. */
     pqSig?: PQSignatureBlock | undefined;
+    /** v2.2 snake_case envelope aliases (spec §3.2) */
+    firmware_hash?: string;
+    attestation_ref?: string;
+    pq_sig?: string;
+    pq_alg?: string;
     [key: string]: unknown;
 }
 declare class RCANMessageError extends Error {
@@ -181,7 +186,7 @@ declare class RCANMessage {
     readonly senderType: SenderType | undefined;
     readonly cloudProvider: string | undefined;
     readonly keyId: string | undefined;
-    readonly delegationChain: DelegationHop[] | undefined;
+    readonly delegationChain: DelegationHop$1[] | undefined;
     readonly groupId: string | undefined;
     readonly qos: number | undefined;
     readonly presenceVerified: boolean | undefined;
@@ -220,7 +225,7 @@ declare function makeCloudRelayMessage(base: RCANMessage, provider: string): RCA
 /**
  * §12 — Add a delegation hop to a message.
  */
-declare function addDelegationHop(msg: RCANMessage, hop: DelegationHop): RCANMessage;
+declare function addDelegationHop(msg: RCANMessage, hop: DelegationHop$1): RCANMessage;
 /**
  * §12 — Validate a delegation chain (structure only; signature verification
  * requires crypto module).
@@ -229,7 +234,7 @@ declare function addDelegationHop(msg: RCANMessage, hop: DelegationHop): RCANMes
  *  - Max depth 4 hops
  *  - Each hop must have issuerRuri, humanSubject, timestamp, scope, signature
  */
-declare function validateDelegationChain(chain: DelegationHop[]): {
+declare function validateDelegationChain$1(chain: DelegationHop$1[]): {
     valid: boolean;
     reason: string;
 };
@@ -750,14 +755,14 @@ interface TransparencyMessage {
     timestamp_ms: number;
     message_id: string;
     /** v1.5 GAP-22: third-party control chain */
-    delegation_chain?: DelegationHop[];
+    delegation_chain?: DelegationHop$1[];
 }
 /**
  * Build a TRANSPARENCY message for EU AI Act Article 13 compliance.
  *
  * v1.5 (GAP-22): includes delegation_chain when available.
  */
-declare function makeTransparencyMessage(ruri: string, disclosure: string, delegationChain?: DelegationHop[]): TransparencyMessage;
+declare function makeTransparencyMessage(ruri: string, disclosure: string, delegationChain?: DelegationHop$1[]): TransparencyMessage;
 
 /**
  * RCAN Protocol Version — single source of truth.
@@ -1466,7 +1471,7 @@ declare enum MediaEncoding {
     BASE64 = "base64",
     REF = "ref"
 }
-interface MediaChunk {
+interface MediaChunk$1 {
     chunkId: string;
     mimeType: string;
     encoding: MediaEncoding;
@@ -1479,7 +1484,7 @@ interface StreamChunk {
     streamId: string;
     chunkIndex: number;
     isFinal: boolean;
-    chunk: MediaChunk;
+    chunk: MediaChunk$1;
 }
 /**
  * Attach inline (base64-encoded) media to a message.
@@ -1914,6 +1919,135 @@ declare const addPQSignature: typeof signMessage;
 /** @deprecated Use verifyMessage() — Ed25519 is removed in RCAN v2.2 */
 declare function verifyPQSignature(msg: RCANMessage, trustedKeys: MLDSAKeyPair[], _requirePQ?: boolean): Promise<void>;
 
+/** An ML-DSA-65 key pair (NIST FIPS 204, 192-bit PQ security). */
+interface MlDsaKeyPair {
+    /** ML-DSA-65 secret key (4032 bytes). */
+    privateKey: Uint8Array;
+    /** ML-DSA-65 public key (1952 bytes). */
+    publicKey: Uint8Array;
+}
+/**
+ * Hybrid Ed25519 + ML-DSA-65 signature.
+ * Both algorithms sign the same message; verification requires both to pass.
+ */
+interface HybridSignature {
+    profile: "pqc-hybrid-v1";
+    /** Ed25519 signature (64 bytes, base-64url decoded). */
+    ed25519Sig: Uint8Array;
+    /** ML-DSA-65 signature (3309 bytes, base-64url decoded). */
+    mlDsaSig: Uint8Array;
+}
+/** Generate a fresh ML-DSA-65 key pair. */
+declare function generateMlDsaKeypair(): MlDsaKeyPair;
+/** Sign `message` with an ML-DSA-65 secret key. Returns the raw signature. */
+declare function signMlDsa(privateKey: Uint8Array, message: Uint8Array): Uint8Array;
+/**
+ * Verify an ML-DSA-65 signature.
+ * @returns `true` if valid, `false` otherwise.
+ */
+declare function verifyMlDsa(publicKey: Uint8Array, message: Uint8Array, sig: Uint8Array): boolean;
+/**
+ * Sign `msg` with both Ed25519 and ML-DSA-65.
+ * The caller supplies both private keys; neither is derived from the other.
+ */
+declare function signHybrid(ed25519Priv: Uint8Array, mlDsaPriv: Uint8Array, msg: Uint8Array): HybridSignature;
+/**
+ * Verify a hybrid signature. Both Ed25519 and ML-DSA-65 must be valid.
+ * @returns `true` only when both signatures pass.
+ */
+declare function verifyHybrid(ed25519Pub: Uint8Array, mlDsaPub: Uint8Array, msg: Uint8Array, sig: HybridSignature): boolean;
+/**
+ * Encode a HybridSignature to a compact string.
+ * Format: `pqc-hybrid-v1.<ed25519-b64url>.<mldsa-b64url>`
+ */
+declare function encodeHybridSig(sig: HybridSignature): string;
+/**
+ * Decode a hybrid signature string produced by `encodeHybridSig`.
+ * @throws if the string is not in the expected format.
+ */
+declare function decodeHybridSig(s: string): HybridSignature;
+/**
+ * Encode an ML-DSA-65 public key as a JWK-like object.
+ * Uses `kty: "OKP"`, `alg: "ML-DSA-65"`, `x: <base64url>`.
+ */
+declare function encodeMlDsaPublicKeyJwk(pub: Uint8Array): object;
+/**
+ * Decode an ML-DSA-65 public key from a JWK-like object.
+ * @throws if `kty` or `alg` fields are wrong.
+ */
+declare function decodeMlDsaPublicKeyJwk(jwk: object): Uint8Array;
+
+/**
+ * rcan/mcp.ts — MCP integration types for RCAN v2.2 §22
+ *
+ * Provider-agnostic: LoA is tied to the token, not the model or AI provider.
+ */
+/** LoA → RCAN command scopes mapping (§22.4) */
+declare const LOA_TO_SCOPES: Record<number, string[]>;
+/** Required LoA for each MCP tool (§22.3) */
+declare const TOOL_LOA_REQUIREMENTS: Record<string, number>;
+/** MCP client entry stored in the RCAN yaml mcp_clients: block */
+interface McpClientConfig {
+    name: string;
+    token_hash: string;
+    loa: number;
+}
+/** Full MCP server configuration extracted from the RCAN yaml */
+interface McpServerConfig {
+    rrn: string;
+    clients: McpClientConfig[];
+}
+/** Check if a client's LoA satisfies a tool's requirement */
+declare function clientAllowsTool(client: McpClientConfig, toolName: string): boolean;
+/** Tool call result shapes */
+interface RobotStatusResult {
+    rrn: string;
+    status: Record<string, unknown>;
+}
+interface FleetListResult {
+    fleet: Record<string, unknown>[];
+}
+interface RrfLookupResult {
+    entity_id: string;
+    record: Record<string, unknown>;
+}
+interface RobotCommandResult {
+    rrn: string;
+    instruction: string;
+    scope: string;
+    result: Record<string, unknown>;
+}
+interface ComplianceReportResult {
+    rrn: string;
+    compliance: Record<string, unknown>;
+}
+
+/**
+ * RCAN v2.2 Delegation and Media envelope types.
+ * Spec: https://robotregistryfoundation.org/docs/mcp/
+ */
+/** A single hop in a v2.2 delegation chain. */
+interface DelegationHop {
+    robot_rrn: string;
+    scope: string;
+    issued_at: string;
+    expires_at: string;
+    sig?: string;
+}
+/** An inline or by-reference media attachment for v2.2 messages. */
+interface MediaChunk {
+    chunk_id: string;
+    mime_type: string;
+    size_bytes: number;
+    hash_sha256: string;
+    data?: string;
+    ref_url?: string;
+}
+declare function validateDelegationChain(chain: DelegationHop[]): void;
+declare function verifyMediaChunkHash(chunk: MediaChunk): void;
+type V22DelegationHop = DelegationHop;
+type V22MediaChunk = MediaChunk;
+
 /**
  * rcan-ts — Official TypeScript SDK for RCAN v1.6
  * Robot Communication and Accountability Network
@@ -1926,4 +2060,4 @@ declare const VERSION = "0.6.0";
 /** @deprecated Use SPEC_VERSION from ./version instead */
 declare const RCAN_VERSION = "1.6";
 
-export { AUTHORITY_ERROR_CODES, type ApprovalStatus, AuditChain, AuditError, type AuditExportRequest, type AuthorityAccessPayload, type AuthorityAccessPayloadWire, type AuthorityDataCategory, type AuthorityResponseData, type AuthorityResponsePayload, COMPETITION_SCOPE_LEVEL, CONTRIBUTE_SCOPE_LEVEL, type CachedKey, type ChainVerifyResult, ClockDriftError, type ClockSyncStatus, CommitmentRecord, type CommitmentRecordData, type CommitmentRecordJSON, type CompetitionBadge, type CompetitionEnter, type CompetitionFormat, type CompetitionScore, type ComputeResource, ConfidenceGate, type ConsentRequestParams, type ConsentResponseParams, type ConsentType, type ContributeCancel, type ContributeRequest, type ContributeResult, DEFAULT_LOA_POLICY, DataCategory, type DelegationHop, FIRMWARE_MANIFEST_PATH, FaultCode, type FaultReportParams, type FaultSeverity, type FederationSyncPayload, FederationSyncType, type FirmwareComponent, FirmwareIntegrityError, type FirmwareManifest, type FirmwareManifestWire, GateError, HiTLGate, type IdentityRecord, type JWKEntry, type JWKSDocument, KeyStore, LevelOfAssurance, type ListResult, type LoaPolicy, M2MAuthError, type M2MPeerClaims, type M2MTrustedClaims, M2M_TRUSTED_ISSUER, MLDSAKeyPair, type MLDSAKeyPairData, type MediaChunk, MediaEncoding, MessageType, NodeClient, type OfflineCommandResult, OfflineModeManager, type OfflineState, PRODUCTION_LOA_POLICY, type PendingApproval, type PersonalResearchResult, QoSAckTimeoutError, QoSLevel, QoSManager, type QoSResult, type QoSSendOptions, RCANAddressError, type RCANAgentConfig, type RCANConfig, RCANConfigAuthorizationError, RCANDelegationChainError, RCANError, RCANGateError, RCANMessage, type RCANMessageData, type RCANMessageEnvelope, RCANMessageError, type RCANMetadata, RCANNodeError, RCANNodeNotFoundError, RCANNodeSyncError, RCANNodeTrustError, RCANRegistryError, type RCANRegistryNode, RCANReplayAttackError, type RCANResolveResult, RCANSignatureError, RCANValidationError, RCANVersionIncompatibleError, RCAN_VERSION, ROLE_JWT_LEVEL, RRF_REVOCATION_CACHE_TTL_MS, RRF_REVOCATION_URL, type RegistrationResult, RegistryClient, type RegistryIdentity, RegistryTier, ReplayCache, type ReplayCheckResult, type ReplayableMessage, type ResearchMetrics, RevocationCache$1 as RevocationCache, type RevocationStatus, type RevocationStatusValue, type Robot, type RobotRegistration, RobotURI, RobotURIError, type RobotURIOptions, Role, type RunType, SAFETY_MESSAGE_TYPE, SCOPE_MIN_ROLE, SDK_VERSION, SPEC_VERSION, type SafetyEvent, type SafetyMessage, type ScopeValidationResult, type SeasonStanding, type SenderType, type SignatureBlock, type StandingEntry, type StreamChunk, type TrainingConsentRequestParams, type TransparencyMessage, TransportEncoding, TransportError, TrustAnchorCache, VERSION, type ValidationResult, type WorkUnitStatus, addDelegationHop, addMediaInline, addMediaRef, addPQSignature, assertClockSynced, authorityAccessFromWire, authorityAccessToWire, canonicalManifestJson, checkClockSync, checkRevocation, decodeBleFrames, decodeCompact, decodeMinimal, encodeBleFrames, encodeCompact, encodeMinimal, extractIdentityFromJwt, extractLoaFromJwt, extractRoleFromJwt, fetchCanonicalSchema, fetchRRFRevocations, isAuthorityRequestValid, isM2mTrustedRevoked, isPreemptedBy, isSafetyMessage, makeCloudRelayMessage, makeCompetitionEnter, makeCompetitionScore, makeConfigUpdate, makeConsentDeny, makeConsentGrant, makeConsentRequest, makeContributeCancel, makeContributeRequest, makeContributeResult, makeEstopMessage, makeEstopWithQoS, makeFaultReport, makeFederationSync, makeKeyRotationMessage, makePersonalResearchResult, makeResumeMessage, makeRevocationBroadcast, makeSeasonStanding, makeStopMessage, makeStreamChunk, makeTrainingConsentDeny, makeTrainingConsentGrant, makeTrainingConsentRequest, makeTrainingDataMessage, makeTransparencyMessage, manifestFromWire, manifestToWire, parseM2mPeerToken, parseM2mTrustedToken, roleFromJwtLevel, selectTransport, signMessage, validateAuthorityAccess, validateCompetitionScope, validateConfig, validateConfigAgainstSchema, validateConfigUpdate, validateConsentMessage, validateContributeScope, validateCrossRegistryCommand, validateDelegationChain, validateLoaForScope, validateManifest, validateMediaChunks, validateMessage, validateNodeAgainstSchema, validateReplay, validateRoleForScope, validateSafetyMessage, validateTrainingDataMessage, validateURI, validateVersionCompat, verifyM2mTrustedToken, verifyM2mTrustedTokenClaims, verifyMessage, verifyPQSignature };
+export { AUTHORITY_ERROR_CODES, type ApprovalStatus, AuditChain, AuditError, type AuditExportRequest, type AuthorityAccessPayload, type AuthorityAccessPayloadWire, type AuthorityDataCategory, type AuthorityResponseData, type AuthorityResponsePayload, COMPETITION_SCOPE_LEVEL, CONTRIBUTE_SCOPE_LEVEL, type CachedKey, type ChainVerifyResult, ClockDriftError, type ClockSyncStatus, CommitmentRecord, type CommitmentRecordData, type CommitmentRecordJSON, type CompetitionBadge, type CompetitionEnter, type CompetitionFormat, type CompetitionScore, type ComplianceReportResult, type ComputeResource, ConfidenceGate, type ConsentRequestParams, type ConsentResponseParams, type ConsentType, type ContributeCancel, type ContributeRequest, type ContributeResult, DEFAULT_LOA_POLICY, DataCategory, type DelegationHop$1 as DelegationHop, FIRMWARE_MANIFEST_PATH, FaultCode, type FaultReportParams, type FaultSeverity, type FederationSyncPayload, FederationSyncType, type FirmwareComponent, FirmwareIntegrityError, type FirmwareManifest, type FirmwareManifestWire, type FleetListResult, GateError, HiTLGate, type HybridSignature, type IdentityRecord, type JWKEntry, type JWKSDocument, KeyStore, LOA_TO_SCOPES, LevelOfAssurance, type ListResult, type LoaPolicy, M2MAuthError, type M2MPeerClaims, type M2MTrustedClaims, M2M_TRUSTED_ISSUER, MLDSAKeyPair, type MLDSAKeyPairData, type McpClientConfig, type McpServerConfig, type MediaChunk$1 as MediaChunk, MediaEncoding, MessageType, type MlDsaKeyPair, NodeClient, type OfflineCommandResult, OfflineModeManager, type OfflineState, PRODUCTION_LOA_POLICY, type PendingApproval, type PersonalResearchResult, QoSAckTimeoutError, QoSLevel, QoSManager, type QoSResult, type QoSSendOptions, RCANAddressError, type RCANAgentConfig, type RCANConfig, RCANConfigAuthorizationError, RCANDelegationChainError, RCANError, RCANGateError, RCANMessage, type RCANMessageData, type RCANMessageEnvelope, RCANMessageError, type RCANMetadata, RCANNodeError, RCANNodeNotFoundError, RCANNodeSyncError, RCANNodeTrustError, RCANRegistryError, type RCANRegistryNode, RCANReplayAttackError, type RCANResolveResult, RCANSignatureError, RCANValidationError, RCANVersionIncompatibleError, RCAN_VERSION, ROLE_JWT_LEVEL, RRF_REVOCATION_CACHE_TTL_MS, RRF_REVOCATION_URL, type RegistrationResult, RegistryClient, type RegistryIdentity, RegistryTier, ReplayCache, type ReplayCheckResult, type ReplayableMessage, type ResearchMetrics, RevocationCache$1 as RevocationCache, type RevocationStatus, type RevocationStatusValue, type Robot, type RobotCommandResult, type RobotRegistration, type RobotStatusResult, RobotURI, RobotURIError, type RobotURIOptions, Role, type RrfLookupResult, type RunType, SAFETY_MESSAGE_TYPE, SCOPE_MIN_ROLE, SDK_VERSION, SPEC_VERSION, type SafetyEvent, type SafetyMessage, type ScopeValidationResult, type SeasonStanding, type SenderType, type SignatureBlock, type StandingEntry, type StreamChunk, TOOL_LOA_REQUIREMENTS, type TrainingConsentRequestParams, type TransparencyMessage, TransportEncoding, TransportError, TrustAnchorCache, type V22DelegationHop, type V22MediaChunk, VERSION, type ValidationResult, type WorkUnitStatus, addDelegationHop, addMediaInline, addMediaRef, addPQSignature, assertClockSynced, authorityAccessFromWire, authorityAccessToWire, canonicalManifestJson, checkClockSync, checkRevocation, clientAllowsTool, decodeBleFrames, decodeCompact, decodeHybridSig, decodeMinimal, decodeMlDsaPublicKeyJwk, encodeBleFrames, encodeCompact, encodeHybridSig, encodeMinimal, encodeMlDsaPublicKeyJwk, extractIdentityFromJwt, extractLoaFromJwt, extractRoleFromJwt, fetchCanonicalSchema, fetchRRFRevocations, generateMlDsaKeypair, isAuthorityRequestValid, isM2mTrustedRevoked, isPreemptedBy, isSafetyMessage, makeCloudRelayMessage, makeCompetitionEnter, makeCompetitionScore, makeConfigUpdate, makeConsentDeny, makeConsentGrant, makeConsentRequest, makeContributeCancel, makeContributeRequest, makeContributeResult, makeEstopMessage, makeEstopWithQoS, makeFaultReport, makeFederationSync, makeKeyRotationMessage, makePersonalResearchResult, makeResumeMessage, makeRevocationBroadcast, makeSeasonStanding, makeStopMessage, makeStreamChunk, makeTrainingConsentDeny, makeTrainingConsentGrant, makeTrainingConsentRequest, makeTrainingDataMessage, makeTransparencyMessage, manifestFromWire, manifestToWire, parseM2mPeerToken, parseM2mTrustedToken, roleFromJwtLevel, selectTransport, signHybrid, signMessage, signMlDsa, validateAuthorityAccess, validateCompetitionScope, validateConfig, validateConfigAgainstSchema, validateConfigUpdate, validateConsentMessage, validateContributeScope, validateCrossRegistryCommand, validateDelegationChain$1 as validateDelegationChain, validateLoaForScope, validateManifest, validateMediaChunks, validateMessage, validateNodeAgainstSchema, validateReplay, validateRoleForScope, validateSafetyMessage, validateTrainingDataMessage, validateURI, validateDelegationChain as validateV22DelegationChain, validateVersionCompat, verifyHybrid, verifyM2mTrustedToken, verifyM2mTrustedTokenClaims, verifyMessage, verifyMlDsa, verifyPQSignature, verifyMediaChunkHash as verifyV22MediaChunkHash };