@dupecom/botcha 0.16.0 → 0.19.0

package/README.md

@@ -13,7 +13,7 @@
 
 [![npm version](https://img.shields.io/npm/v/@dupecom/botcha?color=00d4ff)](https://www.npmjs.com/package/@dupecom/botcha)
 [![PyPI version](https://img.shields.io/pypi/v/botcha?color=00d4ff)](https://pypi.org/project/botcha/)
-<!-- test-count -->[![Tests](https://img.shields.io/badge/tests-772%20passing-brightgreen)](./tests/)<!-- /test-count -->
+<!-- test-count -->[![Tests](https://img.shields.io/badge/tests-859%20passing-brightgreen)](./tests/)<!-- /test-count -->
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
 [![AI Agents Only](https://img.shields.io/badge/contributors-AI%20agents%20only-ff6b6b)](./.github/CONTRIBUTING.md)
 
@@ -21,7 +21,7 @@
 📄 **Whitepaper:** [botcha.ai/whitepaper](https://botcha.ai/whitepaper)  
 📦 **npm:** [@dupecom/botcha](https://www.npmjs.com/package/@dupecom/botcha)  
 🐍 **PyPI:** [botcha](https://pypi.org/project/botcha/)  
-🔐 **Verify:** [@botcha/verify](./packages/verify/) (TS) · [botcha-verify](./packages/python-verify/) (Python)  
+🔐 **Verify:** [@dupecom/botcha-verify](./packages/verify/) (TS) · [botcha-verify](./packages/python-verify/) (Python)  
 🔌 **OpenAPI:** [botcha.ai/openapi.json](https://botcha.ai/openapi.json)
 
 ## Why?
@@ -40,6 +40,7 @@ Use cases:
 - 🆔 Persistent agent identities with registry
 - 🔏 Trusted Agent Protocol (TAP) — cryptographic agent auth with HTTP Message Signatures (SDK: `registerTAPAgent`, `createTAPSession`)
 - 🌐 TAP showcase homepage at [botcha.ai](https://botcha.ai) — one of the first services to implement [Visa's Trusted Agent Protocol](https://github.com/visa/trusted-agent-protocol)
+- 📈 Agent reputation scoring — trust scores that unlock higher rate limits and access (SDK: `getReputation`, `recordReputationEvent`)
 
 ## Install
 
@@ -359,7 +360,7 @@ curl -X POST "https://botcha.ai/v1/agents/register?app_id=app_abc123" \
 | `GET /v1/agents/:id` | Get agent info by ID (public, no auth) |
 | `GET /v1/agents` | List all agents for authenticated app |
 
-> **Note:** Agent Registry is the foundation for future features like delegation chains, capability attestation, and reputation scoring. See [ROADMAP.md](./ROADMAP.md) for details.
+> **Note:** Agent Registry is the foundation for delegation chains (v0.17.0), capability attestation (v0.17.0), and reputation scoring (v0.18.0). See [ROADMAP.md](./ROADMAP.md) for details.
 
 ## 🔏 Trusted Agent Protocol (TAP)
 
@@ -516,7 +517,141 @@ app.use('/api', createTAPVerifyMiddleware({ mode: 'challenge-only', secret: proc
 
 > **Supported algorithms:** `ed25519` (Visa recommended), `ecdsa-p256-sha256`, `rsa-pss-sha256`. See [ROADMAP.md](./ROADMAP.md) for details.
 
-## 🔄 SSE Streaming Flow (AI-Native)
+## Delegation Chains (v0.17.0)
+
+"User X authorized Agent Y to do Z until time T." Signed, auditable chains of trust between TAP agents.
+
+```typescript
+// Agent A delegates "browse products" to Agent B
+const delegation = await client.createDelegation({
+  grantor_id: agentA.agent_id,
+  grantee_id: agentB.agent_id,
+  capabilities: [{ action: 'browse', scope: ['products'] }],
+  duration_seconds: 3600,
+});
+
+// Agent B sub-delegates to Agent C (only narrower capabilities)
+const subDelegation = await client.createDelegation({
+  grantor_id: agentB.agent_id,
+  grantee_id: agentC.agent_id,
+  capabilities: [{ action: 'browse', scope: ['products'] }],
+  parent_delegation_id: delegation.delegation_id,
+});
+
+// Verify the full chain is valid
+const chain = await client.verifyDelegationChain(subDelegation.delegation_id);
+// chain.effective_capabilities = [{ action: 'browse', scope: ['products'] }]
+
+// Revoke — cascades to all sub-delegations
+await client.revokeDelegation(delegation.delegation_id, 'Access no longer needed');
+```
+
+**Key properties:**
+- Capabilities can only be **narrowed**, never expanded
+- Chain depth is capped (default: 3, max: 10)
+- Revoking a delegation **cascades** to all sub-delegations
+- Sub-delegations cannot outlive their parent
+- Cycle detection prevents circular chains
+
+| Method | Path | Description |
+|--------|------|-------------|
+| `POST /v1/delegations` | Create delegation (grantor to grantee) |
+| `GET /v1/delegations/:id` | Get delegation details |
+| `GET /v1/delegations` | List delegations for agent |
+| `POST /v1/delegations/:id/revoke` | Revoke (cascades to sub-delegations) |
+| `POST /v1/verify/delegation` | Verify entire delegation chain |
+
+## Capability Attestation (v0.17.0)
+
+Fine-grained `action:resource` permission tokens with explicit deny rules:
+
+```typescript
+// Issue attestation with specific permissions
+const att = await client.issueAttestation({
+  agent_id: 'agent_abc123',
+  can: ['read:invoices', 'browse:*'],
+  cannot: ['write:transfers'],
+  duration_seconds: 3600,
+});
+
+// Use the token in requests
+// Header: X-Botcha-Attestation: <att.token>
+
+// Verify token and check specific capability
+const check = await client.verifyAttestation(att.token, 'read', 'invoices');
+// check.allowed === true
+
+// Revoke when no longer needed
+await client.revokeAttestation(att.attestation_id, 'Session ended');
+```
+
+**Key properties:**
+- Permission model: `action:resource` patterns with wildcards (`*:*`, `read:*`, `*:invoices`)
+- **Deny takes precedence** over allow — `cannot` rules always win
+- Backward compatible: bare actions like `"browse"` expand to `"browse:*"`
+- Signed JWT tokens with online revocation checking
+- Enforcement middleware: `requireCapability('read:invoices')` for Hono routes
+- Optional link to delegation chains via `delegation_id`
+
+| Method | Path | Description |
+|--------|------|-------------|
+| `POST /v1/attestations` | Issue attestation token |
+| `GET /v1/attestations/:id` | Get attestation details |
+| `GET /v1/attestations` | List attestations for agent |
+| `POST /v1/attestations/:id/revoke` | Revoke attestation |
+| `POST /v1/verify/attestation` | Verify token + check capability |
+
+## Agent Reputation Scoring (v0.18.0)
+
+The "credit score" for AI agents. Persistent identity enables behavioral tracking over time, producing trust scores that unlock higher rate limits, faster verification, and access to sensitive APIs.
+
+```typescript
+// Get agent reputation
+const rep = await client.getReputation('agent_abc123');
+console.log(`Score: ${rep.score}, Tier: ${rep.tier}`);
+// Score: 750, Tier: good
+
+// Record events that affect score
+await client.recordReputationEvent({
+  agent_id: 'agent_abc123',
+  category: 'verification',
+  action: 'challenge_solved',   // +5 points
+});
+
+// Endorsement from another agent
+await client.recordReputationEvent({
+  agent_id: 'agent_abc123',
+  category: 'endorsement',
+  action: 'endorsement_received',  // +20 points
+  source_agent_id: 'agent_def456',
+});
+
+// View event history
+const events = await client.listReputationEvents('agent_abc123', {
+  category: 'verification',
+  limit: 10,
+});
+
+// Admin: reset reputation
+await client.resetReputation('agent_abc123');
+```
+
+**Scoring model:**
+- Base score: **500** (neutral, no history)
+- Range: **0 - 1000**
+- Tiers: untrusted (0-199), low (200-399), neutral (400-599), good (600-799), excellent (800-1000)
+- **Decay**: scores trend toward 500 over time without activity (mean reversion)
+- **Deny always wins**: abuse events (-50) are heavily weighted
+- **Endorsements**: explicit trust signals from other agents (+20)
+
+| Method | Path | Description |
+|--------|------|-------------|
+| `GET /v1/reputation/:agent_id` | Get agent reputation score |
+| `POST /v1/reputation/events` | Record a reputation event |
+| `GET /v1/reputation/:agent_id/events` | List reputation events |
+| `POST /v1/reputation/:agent_id/reset` | Reset reputation (admin) |
+
+## SSE Streaming Flow (AI-Native)
 
 For AI agents that prefer a **conversational handshake**, BOTCHA offers **Server-Sent Events (SSE)** streaming:
 
@@ -790,19 +925,20 @@ You can use the library freely, report issues, and discuss features. To contribu
 
 ## Server-Side Verification (for API Providers)
 
-If you're building an API that accepts BOTCHA tokens from agents, use the verification SDKs:
+If you're building an API that accepts BOTCHA tokens from agents, use the verification SDKs. **BOTCHA v0.19.0+ signs tokens with ES256 (asymmetric)** — no shared secret needed.
 
-### TypeScript (Express / Hono)
+### JWKS Verification (Recommended)
 
 ```bash
-npm install @botcha/verify
+npm install @dupecom/botcha-verify
 ```
 
 ```typescript
-import { botchaVerify } from '@botcha/verify/express';
+import { botchaVerify } from '@dupecom/botcha-verify/express';
 
+// ES256 verification via JWKS — no shared secret needed!
 app.use('/api', botchaVerify({
-  secret: process.env.BOTCHA_SECRET!,
+  jwksUrl: 'https://botcha.ai/.well-known/jwks',
   audience: 'https://api.example.com',
 }));
 
@@ -812,25 +948,45 @@ app.get('/api/protected', (req, res) => {
 });
 ```
 
-### Python (FastAPI / Django)
-
-```bash
-pip install botcha-verify
-```
-
 ```python
 from fastapi import FastAPI, Depends
 from botcha_verify.fastapi import BotchaVerify
 
 app = FastAPI()
-botcha = BotchaVerify(secret='your-secret-key')
+botcha = BotchaVerify(
+    jwks_url='https://botcha.ai/.well-known/jwks',
+    audience='https://api.example.com',
+)
 
 @app.get('/api/data')
 async def get_data(token = Depends(botcha)):
     return {"solve_time": token.solve_time}
 ```
 
-> **Docs:** See [`@botcha/verify` README](./packages/verify/README.md) and [`botcha-verify` README](./packages/python-verify/README.md) for full API reference, Hono middleware, Django middleware, revocation checking, and custom error handlers.
+### Remote Validation (No SDK Needed)
+
+For simple integrations, validate tokens with a single HTTP call:
+
+```bash
+curl -X POST https://botcha.ai/v1/token/validate \
+  -H "Content-Type: application/json" \
+  -d '{"token": "eyJ..."}'
+
+# {"valid": true, "payload": {"sub": "...", "type": "botcha-verified", ...}}
+```
+
+### Shared Secret (Legacy HS256)
+
+HS256 is still supported for backward compatibility:
+
+```typescript
+app.use('/api', botchaVerify({
+  secret: process.env.BOTCHA_SECRET!,
+  audience: 'https://api.example.com',
+}));
+```
+
+> **Docs:** See [`@dupecom/botcha-verify` README](./packages/verify/README.md) and [`botcha-verify` README](./packages/python-verify/README.md) for full API reference, Hono middleware, Django middleware, revocation checking, and custom error handlers.
 
 ## Client SDK (for AI Agents)
 

package/dist/lib/client/index.d.ts

@@ -1,5 +1,5 @@
-export type { SpeedProblem, BotchaClientOptions, ChallengeResponse, StandardChallengeResponse, VerifyResponse, TokenResponse, StreamSession, StreamEvent, Problem, VerifyResult, StreamChallengeOptions, CreateAppResponse, VerifyEmailResponse, ResendVerificationResponse, RecoverAccountResponse, RotateSecretResponse, TAPAction, TAPTrustLevel, TAPSignatureAlgorithm, TAPCapability, TAPIntent, RegisterTAPAgentOptions, TAPAgentResponse, TAPAgentListResponse, CreateTAPSessionOptions, TAPSessionResponse, JWK, JWKSet, CreateInvoiceOptions, InvoiceResponse, BrowsingIOU, VerifyIOUResponse, } from './types.js';
-import type { BotchaClientOptions, VerifyResponse, CreateAppResponse, VerifyEmailResponse, ResendVerificationResponse, RecoverAccountResponse, RotateSecretResponse, RegisterTAPAgentOptions, TAPAgentResponse, TAPAgentListResponse, CreateTAPSessionOptions, TAPSessionResponse, TAPSignatureAlgorithm, JWK, JWKSet, CreateInvoiceOptions, InvoiceResponse, BrowsingIOU, VerifyIOUResponse } from './types.js';
+export type { SpeedProblem, BotchaClientOptions, ChallengeResponse, StandardChallengeResponse, VerifyResponse, TokenResponse, StreamSession, StreamEvent, Problem, VerifyResult, StreamChallengeOptions, CreateAppResponse, VerifyEmailResponse, ResendVerificationResponse, RecoverAccountResponse, RotateSecretResponse, TAPAction, TAPTrustLevel, TAPSignatureAlgorithm, TAPCapability, TAPIntent, RegisterTAPAgentOptions, TAPAgentResponse, TAPAgentListResponse, CreateTAPSessionOptions, TAPSessionResponse, JWK, JWKSet, CreateInvoiceOptions, InvoiceResponse, BrowsingIOU, VerifyIOUResponse, CreateDelegationOptions, DelegationResponse, DelegationListResponse, RevokeDelegationResponse, DelegationVerifyResponse, IssueAttestationOptions, AttestationResponse, AttestationListResponse, RevokeAttestationResponse, AttestationVerifyResponse, ReputationTier, ReputationEventCategory, ReputationEventAction, ReputationScoreResponse, RecordReputationEventOptions, ReputationEventResponse, ReputationEventListResponse, ReputationResetResponse, } from './types.js';
+import type { BotchaClientOptions, VerifyResponse, CreateAppResponse, VerifyEmailResponse, ResendVerificationResponse, RecoverAccountResponse, RotateSecretResponse, RegisterTAPAgentOptions, TAPAgentResponse, TAPAgentListResponse, CreateTAPSessionOptions, TAPSessionResponse, TAPSignatureAlgorithm, JWK, JWKSet, CreateInvoiceOptions, InvoiceResponse, BrowsingIOU, VerifyIOUResponse, CreateDelegationOptions, DelegationResponse, DelegationListResponse, RevokeDelegationResponse, DelegationVerifyResponse, IssueAttestationOptions, AttestationResponse, AttestationListResponse, RevokeAttestationResponse, AttestationVerifyResponse, RecordReputationEventOptions, ReputationScoreResponse, ReputationEventResponse, ReputationEventListResponse, ReputationResetResponse } from './types.js';
 export { BotchaStreamClient } from './stream.js';
 /**
  * BOTCHA Client SDK for AI Agents
@@ -332,6 +332,135 @@ export declare class BotchaClient {
      * ```
      */
     verifyBrowsingIOU(invoiceId: string, iou: BrowsingIOU): Promise<VerifyIOUResponse>;
+    /**
+     * Create a delegation from one agent to another.
+     * Grants a subset of the grantor's capabilities to the grantee.
+     *
+     * @example
+     * ```typescript
+     * const delegation = await client.createDelegation({
+     *   grantor_id: 'agent_abc123',
+     *   grantee_id: 'agent_def456',
+     *   capabilities: [{ action: 'browse', scope: ['products'] }],
+     *   duration_seconds: 3600,
+     * });
+     * ```
+     */
+    createDelegation(options: CreateDelegationOptions): Promise<DelegationResponse>;
+    /**
+     * Get delegation details by ID.
+     */
+    getDelegation(delegationId: string): Promise<DelegationResponse>;
+    /**
+     * List delegations for an agent.
+     *
+     * @param agentId - The agent to list delegations for
+     * @param options - Optional filters
+     */
+    listDelegations(agentId: string, options?: {
+        direction?: 'in' | 'out' | 'both';
+        include_revoked?: boolean;
+        include_expired?: boolean;
+    }): Promise<DelegationListResponse>;
+    /**
+     * Revoke a delegation. Cascades to all sub-delegations.
+     *
+     * @param delegationId - The delegation to revoke
+     * @param reason - Optional reason for revocation
+     */
+    revokeDelegation(delegationId: string, reason?: string): Promise<RevokeDelegationResponse>;
+    /**
+     * Verify a delegation chain is valid.
+     * Returns the full chain and effective capabilities if valid.
+     *
+     * @param delegationId - The leaf delegation to verify (walks up the chain)
+     */
+    verifyDelegationChain(delegationId: string): Promise<DelegationVerifyResponse>;
+    /**
+     * Issue a capability attestation token for an agent.
+     * Grants fine-grained "action:resource" permissions with explicit deny.
+     *
+     * @example
+     * ```typescript
+     * const att = await client.issueAttestation({
+     *   agent_id: 'agent_abc123',
+     *   can: ['read:invoices', 'browse:*'],
+     *   cannot: ['write:transfers'],
+     *   duration_seconds: 3600,
+     * });
+     * // Use att.token in X-Botcha-Attestation header
+     * ```
+     */
+    issueAttestation(options: IssueAttestationOptions): Promise<AttestationResponse>;
+    /**
+     * Get attestation details by ID.
+     */
+    getAttestation(attestationId: string): Promise<AttestationResponse>;
+    /**
+     * List attestations for an agent.
+     *
+     * @param agentId - The agent to list attestations for
+     */
+    listAttestations(agentId: string): Promise<AttestationListResponse>;
+    /**
+     * Revoke an attestation. Token will be rejected on future verification.
+     *
+     * @param attestationId - The attestation to revoke
+     * @param reason - Optional reason for revocation
+     */
+    revokeAttestation(attestationId: string, reason?: string): Promise<RevokeAttestationResponse>;
+    /**
+     * Verify an attestation token and optionally check a specific capability.
+     *
+     * @param token - The attestation JWT token
+     * @param action - Optional action to check (e.g. "read")
+     * @param resource - Optional resource to check (e.g. "invoices")
+     */
+    verifyAttestation(token: string, action?: string, resource?: string): Promise<AttestationVerifyResponse>;
+    /**
+     * Get the reputation score for an agent.
+     * Returns the current score, tier, event counts, and category breakdown.
+     *
+     * @example
+     * ```typescript
+     * const rep = await client.getReputation('agent_abc123');
+     * console.log(`Score: ${rep.score}, Tier: ${rep.tier}`);
+     * // Score: 750, Tier: good
+     * ```
+     */
+    getReputation(agentId: string): Promise<ReputationScoreResponse>;
+    /**
+     * Record a reputation event for an agent.
+     * Adjusts the agent's score based on the event type.
+     *
+     * @example
+     * ```typescript
+     * const result = await client.recordReputationEvent({
+     *   agent_id: 'agent_abc123',
+     *   category: 'verification',
+     *   action: 'challenge_solved',
+     * });
+     * console.log(`New score: ${result.score.score}`);
+     * ```
+     */
+    recordReputationEvent(options: RecordReputationEventOptions): Promise<ReputationEventResponse>;
+    /**
+     * List reputation events for an agent.
+     *
+     * @param agentId - The agent to list events for
+     * @param options - Optional filters (category, limit)
+     */
+    listReputationEvents(agentId: string, options?: {
+        category?: string;
+        limit?: number;
+    }): Promise<ReputationEventListResponse>;
+    /**
+     * Reset an agent's reputation to default (admin action).
+     * Clears all event history and resets score to 500 (neutral).
+     *
+     * @param agentId - The agent to reset
+     */
+    resetReputation(agentId: string): Promise<ReputationResetResponse>;
 }
 /**
  * Convenience function for one-off solves

package/dist/lib/client/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/client/index.ts"],"names":[],"mappings":"AAMA,YAAY,EACV,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,yBAAyB,EACzB,cAAc,EACd,aAAa,EACb,aAAa,EACb,WAAW,EACX,OAAO,EACP,YAAY,EACZ,sBAAsB,EACtB,iBAAiB,EACjB,mBAAmB,EACnB,0BAA0B,EAC1B,sBAAsB,EACtB,oBAAoB,EACpB,SAAS,EACT,aAAa,EACb,qBAAqB,EACrB,aAAa,EACb,SAAS,EACT,uBAAuB,EACvB,gBAAgB,EAChB,oBAAoB,EACpB,uBAAuB,EACvB,kBAAkB,EAClB,GAAG,EACH,MAAM,EACN,oBAAoB,EACpB,eAAe,EACf,WAAW,EACX,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAEpB,OAAO,KAAK,EAEV,mBAAmB,EAGnB,cAAc,EAEd,iBAAiB,EACjB,mBAAmB,EACnB,0BAA0B,EAC1B,sBAAsB,EACtB,oBAAoB,EACpB,uBAAuB,EACvB,gBAAgB,EAChB,oBAAoB,EACpB,uBAAuB,EACvB,kBAAkB,EAClB,qBAAqB,EACrB,GAAG,EACH,MAAM,EACN,oBAAoB,EACpB,eAAe,EACf,WAAW,EACX,iBAAiB,EAClB,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAEjD;;;;;;;;;;;;;;GAcG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,SAAS,CAAU;IAC3B,OAAO,CAAC,KAAK,CAAC,CAAS;IACvB,OAAO,CAAC,IAAI,CAAsB;IAClC,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,cAAc,CAAuB;gBAEjC,OAAO,GAAE,mBAAwB;IAS7C;;;;;OAKG;IACH,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE;IAMnC;;;;;;;OAOG;IACG,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC;IA2FjC;;;;;;OAMG;IACG,YAAY,IAAI,OAAO,CAAC,MAAM,CAAC;IAkCrC;;OAEG;IACH,UAAU,IAAI,IAAI;IAMlB;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IA+BlE;;OAEG;IACG,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,cAAc,CAAC;IAsBpE;;;;;;;;;OASG;IACG,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IA2F/D;;;;;;;;OAQG;IACG,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAoBtD;;;;;;;;;;;;;;;;OAgBG;IACG,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IA2B1D;;;;;;;;;;;;;OAaG;IACG,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAyB7E;;;;;;OAMG;IACG,kBAAkB,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,0BAA0B,CAAC;IAwB7E;;;;;;;;;OASG;IACG,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAoBpE;;;;;;;;;;;;;OAaG;IACG,YAAY,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAkCjE;;;;;;;;;;;;;;;;;;OAkBG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA8BnF;;;;;;OAMG;IACG,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAe7D;;;;;;OAMG;IACG,aAAa,CAAC,OAAO,GAAE,OAAe,GAAG,OAAO,CAAC,oBAAoB,CAAC;IA6B5E;;;;;;;;;;;;;;;;OAgBG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAoBrF;;;;;;OAMG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAenE;;OAEG;YACW,OAAO;IA+BrB;;;;;;;;;;;;;OAaG;IACG,OAAO,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAK9C;;;;;;;;;;;;OAYG;IACG,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAI7C;;;;;;;;;;;;;;;;OAgBG;IACG,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE;QAC7C,UAAU,EAAE,MAAM,CAAC;QACnB,mBAAmB,EAAE,qBAAqB,CAAC;QAC3C,cAAc,CAAC,EAAE,MAAM,CAAC;KACzB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAM7B;;;;;;;;;;;;;;;;;;;OAmBG;IACG,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,eAAe,CAAC;IAI5E;;;;;;;;;;;;OAYG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAI7D;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACG,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,iBAAiB,CAAC;CAGzF;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAIxD;AAED,eAAe,YAAY,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/client/index.ts"],"names":[],"mappings":"AAMA,YAAY,EACV,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,yBAAyB,EACzB,cAAc,EACd,aAAa,EACb,aAAa,EACb,WAAW,EACX,OAAO,EACP,YAAY,EACZ,sBAAsB,EACtB,iBAAiB,EACjB,mBAAmB,EACnB,0BAA0B,EAC1B,sBAAsB,EACtB,oBAAoB,EACpB,SAAS,EACT,aAAa,EACb,qBAAqB,EACrB,aAAa,EACb,SAAS,EACT,uBAAuB,EACvB,gBAAgB,EAChB,oBAAoB,EACpB,uBAAuB,EACvB,kBAAkB,EAClB,GAAG,EACH,MAAM,EACN,oBAAoB,EACpB,eAAe,EACf,WAAW,EACX,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,EACxB,wBAAwB,EACxB,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,EACvB,yBAAyB,EACzB,yBAAyB,EACzB,cAAc,EACd,uBAAuB,EACvB,qBAAqB,EACrB,uBAAuB,EACvB,4BAA4B,EAC5B,uBAAuB,EACvB,2BAA2B,EAC3B,uBAAuB,GACxB,MAAM,YAAY,CAAC;AAEpB,OAAO,KAAK,EAEV,mBAAmB,EAGnB,cAAc,EAEd,iBAAiB,EACjB,mBAAmB,EACnB,0BAA0B,EAC1B,sBAAsB,EACtB,oBAAoB,EACpB,uBAAuB,EACvB,gBAAgB,EAChB,oBAAoB,EACpB,uBAAuB,EACvB,kBAAkB,EAClB,qBAAqB,EACrB,GAAG,EACH,MAAM,EACN,oBAAoB,EACpB,eAAe,EACf,WAAW,EACX,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,EACxB,wBAAwB,EACxB,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,EACvB,yBAAyB,EACzB,yBAAyB,EACzB,4BAA4B,EAC5B,uBAAuB,EACvB,uBAAuB,EACvB,2BAA2B,EAC3B,uBAAuB,EACxB,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAEjD;;;;;;;;;;;;;;GAcG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,SAAS,CAAU;IAC3B,OAAO,CAAC,KAAK,CAAC,CAAS;IACvB,OAAO,CAAC,IAAI,CAAsB;IAClC,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,cAAc,CAAuB;gBAEjC,OAAO,GAAE,mBAAwB;IAS7C;;;;;OAKG;IACH,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE;IAMnC;;;;;;;OAOG;IACG,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC;IA2FjC;;;;;;OAMG;IACG,YAAY,IAAI,OAAO,CAAC,MAAM,CAAC;IAkCrC;;OAEG;IACH,UAAU,IAAI,IAAI;IAMlB;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IA+BlE;;OAEG;IACG,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,cAAc,CAAC;IAsBpE;;;;;;;;;OASG;IACG,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IA2F/D;;;;;;;;OAQG;IACG,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAoBtD;;;;;;;;;;;;;;;;OAgBG;IACG,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IA2B1D;;;;;;;;;;;;;OAaG;IACG,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAyB7E;;;;;;OAMG;IACG,kBAAkB,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,0BAA0B,CAAC;IAwB7E;;;;;;;;;OASG;IACG,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAoBpE;;;;;;;;;;;;;OAaG;IACG,YAAY,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAkCjE;;;;;;;;;;;;;;;;;;OAkBG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA8BnF;;;;;;OAMG;IACG,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAe7D;;;;;;OAMG;IACG,aAAa,CAAC,OAAO,GAAE,OAAe,GAAG,OAAO,CAAC,oBAAoB,CAAC;IA6B5E;;;;;;;;;;;;;;;;OAgBG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAoBrF;;;;;;OAMG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAenE;;OAEG;YACW,OAAO;IA+BrB;;;;;;;;;;;;;OAaG;IACG,OAAO,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAK9C;;;;;;;;;;;;OAYG;IACG,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAI7C;;;;;;;;;;;;;;;;OAgBG;IACG,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE;QAC7C,UAAU,EAAE,MAAM,CAAC;QACnB,mBAAmB,EAAE,qBAAqB,CAAC;QAC3C,cAAc,CAAC,EAAE,MAAM,CAAC;KACzB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAM7B;;;;;;;;;;;;;;;;;;;OAmBG;IACG,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,eAAe,CAAC;IAI5E;;;;;;;;;;;;OAYG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAI7D;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACG,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAMxF;;;;;;;;;;;;;OAaG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAIrF;;OAEG;IACG,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAItE;;;;;OAKG;IACG,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAC/C,SAAS,CAAC,EAAE,IAAI,GAAG,KAAK,GAAG,MAAM,CAAC;QAClC,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,eAAe,CAAC,EAAE,OAAO,CAAC;KAC3B,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAQnC;;;;;OAKG;IACG,gBAAgB,CAAC,YAAY,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC;IAMhG;;;;;OAKG;IACG,qBAAqB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC;IAMpF;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAItF;;OAEG;IACG,cAAc,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAIzE;;;;OAIG;IACG,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC;IAKzE;;;;;OAKG;IACG,iBAAiB,CAAC,aAAa,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,yBAAyB,CAAC;IAMnG;;;;;;OAMG;IACG,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,yBAAyB,CAAC;IAS9G;;;;;;;;;;OAUG;IACG,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC;IAItE;;;;;;;;;;;;;OAaG;IACG,qBAAqB,CAAC,OAAO,EAAE,4BAA4B,GAAG,OAAO,CAAC,uBAAuB,CAAC;IAIpG;;;;;OAKG;IACG,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QACpD,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,2BAA2B,CAAC;IASxC;;;;;OAKG;IACG,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC;CAGzE;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAIxD;AAED,eAAe,YAAY,CAAC"}

package/dist/lib/client/index.js

@@ -1,6 +1,6 @@
 import crypto from 'crypto';
 // SDK version - hardcoded since npm_package_version is unreliable when used as a library
-const SDK_VERSION = '0.16.0';
+const SDK_VERSION = '0.19.0';
 // Export stream client
 export { BotchaStreamClient } from './stream.js';
 /**
@@ -776,6 +776,179 @@ export class BotchaClient {
     async verifyBrowsingIOU(invoiceId, iou) {
         return await this.request('POST', `/v1/invoices/${encodeURIComponent(invoiceId)}/verify-iou`, iou);
     }
+    // ============ Delegation Chain Methods ============
+    /**
+     * Create a delegation from one agent to another.
+     * Grants a subset of the grantor's capabilities to the grantee.
+     *
+     * @example
+     * ```typescript
+     * const delegation = await client.createDelegation({
+     *   grantor_id: 'agent_abc123',
+     *   grantee_id: 'agent_def456',
+     *   capabilities: [{ action: 'browse', scope: ['products'] }],
+     *   duration_seconds: 3600,
+     * });
+     * ```
+     */
+    async createDelegation(options) {
+        return await this.request('POST', '/v1/delegations', options);
+    }
+    /**
+     * Get delegation details by ID.
+     */
+    async getDelegation(delegationId) {
+        return await this.request('GET', `/v1/delegations/${encodeURIComponent(delegationId)}`);
+    }
+    /**
+     * List delegations for an agent.
+     *
+     * @param agentId - The agent to list delegations for
+     * @param options - Optional filters
+     */
+    async listDelegations(agentId, options) {
+        const params = new URLSearchParams({ agent_id: agentId });
+        if (options?.direction)
+            params.set('direction', options.direction);
+        if (options?.include_revoked)
+            params.set('include_revoked', 'true');
+        if (options?.include_expired)
+            params.set('include_expired', 'true');
+        return await this.request('GET', `/v1/delegations?${params.toString()}`);
+    }
+    /**
+     * Revoke a delegation. Cascades to all sub-delegations.
+     *
+     * @param delegationId - The delegation to revoke
+     * @param reason - Optional reason for revocation
+     */
+    async revokeDelegation(delegationId, reason) {
+        return await this.request('POST', `/v1/delegations/${encodeURIComponent(delegationId)}/revoke`, reason ? { reason } : {});
+    }
+    /**
+     * Verify a delegation chain is valid.
+     * Returns the full chain and effective capabilities if valid.
+     *
+     * @param delegationId - The leaf delegation to verify (walks up the chain)
+     */
+    async verifyDelegationChain(delegationId) {
+        return await this.request('POST', '/v1/verify/delegation', { delegation_id: delegationId });
+    }
+    // ============ Capability Attestation Methods ============
+    /**
+     * Issue a capability attestation token for an agent.
+     * Grants fine-grained "action:resource" permissions with explicit deny.
+     *
+     * @example
+     * ```typescript
+     * const att = await client.issueAttestation({
+     *   agent_id: 'agent_abc123',
+     *   can: ['read:invoices', 'browse:*'],
+     *   cannot: ['write:transfers'],
+     *   duration_seconds: 3600,
+     * });
+     * // Use att.token in X-Botcha-Attestation header
+     * ```
+     */
+    async issueAttestation(options) {
+        return await this.request('POST', '/v1/attestations', options);
+    }
+    /**
+     * Get attestation details by ID.
+     */
+    async getAttestation(attestationId) {
+        return await this.request('GET', `/v1/attestations/${encodeURIComponent(attestationId)}`);
+    }
+    /**
+     * List attestations for an agent.
+     *
+     * @param agentId - The agent to list attestations for
+     */
+    async listAttestations(agentId) {
+        const params = new URLSearchParams({ agent_id: agentId });
+        return await this.request('GET', `/v1/attestations?${params.toString()}`);
+    }
+    /**
+     * Revoke an attestation. Token will be rejected on future verification.
+     *
+     * @param attestationId - The attestation to revoke
+     * @param reason - Optional reason for revocation
+     */
+    async revokeAttestation(attestationId, reason) {
+        return await this.request('POST', `/v1/attestations/${encodeURIComponent(attestationId)}/revoke`, reason ? { reason } : {});
+    }
+    /**
+     * Verify an attestation token and optionally check a specific capability.
+     *
+     * @param token - The attestation JWT token
+     * @param action - Optional action to check (e.g. "read")
+     * @param resource - Optional resource to check (e.g. "invoices")
+     */
+    async verifyAttestation(token, action, resource) {
+        const body = { token };
+        if (action)
+            body.action = action;
+        if (resource)
+            body.resource = resource;
+        return await this.request('POST', '/v1/verify/attestation', body);
+    }
+    // ============ Agent Reputation Scoring Methods ============
+    /**
+     * Get the reputation score for an agent.
+     * Returns the current score, tier, event counts, and category breakdown.
+     *
+     * @example
+     * ```typescript
+     * const rep = await client.getReputation('agent_abc123');
+     * console.log(`Score: ${rep.score}, Tier: ${rep.tier}`);
+     * // Score: 750, Tier: good
+     * ```
+     */
+    async getReputation(agentId) {
+        return await this.request('GET', `/v1/reputation/${encodeURIComponent(agentId)}`);
+    }
+    /**
+     * Record a reputation event for an agent.
+     * Adjusts the agent's score based on the event type.
+     *
+     * @example
+     * ```typescript
+     * const result = await client.recordReputationEvent({
+     *   agent_id: 'agent_abc123',
+     *   category: 'verification',
+     *   action: 'challenge_solved',
+     * });
+     * console.log(`New score: ${result.score.score}`);
+     * ```
+     */
+    async recordReputationEvent(options) {
+        return await this.request('POST', '/v1/reputation/events', options);
+    }
+    /**
+     * List reputation events for an agent.
+     *
+     * @param agentId - The agent to list events for
+     * @param options - Optional filters (category, limit)
+     */
+    async listReputationEvents(agentId, options) {
+        const params = new URLSearchParams();
+        if (options?.category)
+            params.set('category', options.category);
+        if (options?.limit)
+            params.set('limit', options.limit.toString());
+        const query = params.toString();
+        const path = `/v1/reputation/${encodeURIComponent(agentId)}/events${query ? `?${query}` : ''}`;
+        return await this.request('GET', path);
+    }
+    /**
+     * Reset an agent's reputation to default (admin action).
+     * Clears all event history and resets score to 500 (neutral).
+     *
+     * @param agentId - The agent to reset
+     */
+    async resetReputation(agentId) {
+        return await this.request('POST', `/v1/reputation/${encodeURIComponent(agentId)}/reset`);
+    }
 }
 /**
  * Convenience function for one-off solves

package/dist/lib/client/types.d.ts

@@ -307,4 +307,224 @@ export interface VerifyIOUResponse {
     expires_at?: string;
     error?: string;
 }
+export interface CreateDelegationOptions {
+    grantor_id: string;
+    grantee_id: string;
+    capabilities: TAPCapability[];
+    duration_seconds?: number;
+    max_depth?: number;
+    parent_delegation_id?: string;
+    metadata?: Record<string, string>;
+}
+export interface DelegationResponse {
+    success: boolean;
+    delegation_id: string;
+    grantor_id: string;
+    grantee_id: string;
+    app_id: string;
+    capabilities: TAPCapability[];
+    chain: string[];
+    depth: number;
+    max_depth: number;
+    parent_delegation_id: string | null;
+    created_at: string;
+    expires_at: string;
+    revoked?: boolean;
+    revoked_at?: string | null;
+    revocation_reason?: string | null;
+    metadata?: Record<string, string> | null;
+    time_remaining?: number;
+}
+export interface DelegationListResponse {
+    success: boolean;
+    delegations: Array<{
+        delegation_id: string;
+        grantor_id: string;
+        grantee_id: string;
+        capabilities: TAPCapability[];
+        chain: string[];
+        depth: number;
+        created_at: string;
+        expires_at: string;
+        revoked: boolean;
+        parent_delegation_id: string | null;
+    }>;
+    count: number;
+    agent_id: string;
+    direction: string;
+}
+export interface RevokeDelegationResponse {
+    success: boolean;
+    delegation_id: string;
+    revoked: boolean;
+    revoked_at: string | null;
+    revocation_reason: string | null;
+    message: string;
+}
+export interface DelegationVerifyResponse {
+    success: boolean;
+    valid: boolean;
+    chain_length?: number;
+    chain?: Array<{
+        delegation_id: string;
+        grantor_id: string;
+        grantee_id: string;
+        capabilities: TAPCapability[];
+        depth: number;
+        created_at: string;
+        expires_at: string;
+    }>;
+    effective_capabilities?: TAPCapability[];
+    error?: string;
+}
+export interface IssueAttestationOptions {
+    agent_id: string;
+    can: string[];
+    cannot?: string[];
+    restrictions?: {
+        max_amount?: number;
+        rate_limit?: number;
+        [key: string]: any;
+    };
+    duration_seconds?: number;
+    delegation_id?: string;
+    metadata?: Record<string, string>;
+}
+export interface AttestationResponse {
+    success: boolean;
+    attestation_id: string;
+    agent_id: string;
+    app_id: string;
+    token: string;
+    can: string[];
+    cannot: string[];
+    restrictions?: {
+        max_amount?: number;
+        rate_limit?: number;
+        [key: string]: any;
+    } | null;
+    delegation_id?: string | null;
+    metadata?: Record<string, string> | null;
+    created_at: string;
+    expires_at: string;
+    revoked?: boolean;
+    revoked_at?: string | null;
+    revocation_reason?: string | null;
+    time_remaining?: number;
+}
+export interface AttestationListResponse {
+    success: boolean;
+    attestations: Array<{
+        attestation_id: string;
+        agent_id: string;
+        can: string[];
+        cannot: string[];
+        created_at: string;
+        expires_at: string;
+        revoked: boolean;
+        delegation_id: string | null;
+    }>;
+    count: number;
+    agent_id: string;
+}
+export interface RevokeAttestationResponse {
+    success: boolean;
+    attestation_id: string;
+    revoked: boolean;
+    revoked_at: string | null;
+    revocation_reason: string | null;
+    message: string;
+}
+export interface AttestationVerifyResponse {
+    success: boolean;
+    valid: boolean;
+    allowed?: boolean;
+    agent_id?: string | null;
+    issuer?: string;
+    can?: string[];
+    cannot?: string[];
+    restrictions?: any | null;
+    delegation_id?: string | null;
+    issued_at?: string;
+    expires_at?: string;
+    reason?: string;
+    matched_rule?: string | null;
+    checked_capability?: string;
+    error?: string;
+}
+export type ReputationTier = 'untrusted' | 'low' | 'neutral' | 'good' | 'excellent';
+export type ReputationEventCategory = 'verification' | 'attestation' | 'delegation' | 'session' | 'violation' | 'endorsement';
+export type ReputationEventAction = 'challenge_solved' | 'challenge_failed' | 'auth_success' | 'auth_failure' | 'attestation_issued' | 'attestation_verified' | 'attestation_revoked' | 'delegation_granted' | 'delegation_received' | 'delegation_revoked' | 'session_created' | 'session_expired' | 'session_terminated' | 'rate_limit_exceeded' | 'invalid_token' | 'abuse_detected' | 'endorsement_received' | 'endorsement_given';
+export interface ReputationScoreResponse {
+    success: boolean;
+    agent_id: string;
+    app_id: string;
+    score: number;
+    tier: ReputationTier;
+    event_count: number;
+    positive_events: number;
+    negative_events: number;
+    last_event_at: string | null;
+    created_at: string;
+    updated_at: string;
+    category_scores: {
+        verification: number;
+        attestation: number;
+        delegation: number;
+        session: number;
+        violation: number;
+        endorsement: number;
+    };
+}
+export interface RecordReputationEventOptions {
+    agent_id: string;
+    category: ReputationEventCategory;
+    action: ReputationEventAction;
+    source_agent_id?: string;
+    metadata?: Record<string, string>;
+}
+export interface ReputationEventResponse {
+    success: boolean;
+    event: {
+        event_id: string;
+        agent_id: string;
+        category: ReputationEventCategory;
+        action: ReputationEventAction;
+        delta: number;
+        score_before: number;
+        score_after: number;
+        source_agent_id: string | null;
+        metadata: Record<string, string> | null;
+        created_at: string;
+    };
+    score: {
+        score: number;
+        tier: ReputationTier;
+        event_count: number;
+    };
+}
+export interface ReputationEventListResponse {
+    success: boolean;
+    events: Array<{
+        event_id: string;
+        agent_id: string;
+        category: ReputationEventCategory;
+        action: ReputationEventAction;
+        delta: number;
+        score_before: number;
+        score_after: number;
+        source_agent_id: string | null;
+        metadata: Record<string, string> | null;
+        created_at: string;
+    }>;
+    count: number;
+    agent_id: string;
+}
+export interface ReputationResetResponse {
+    success: boolean;
+    agent_id: string;
+    score: number;
+    tier: ReputationTier;
+    message: string;
+}
 //# sourceMappingURL=types.d.ts.map

package/dist/lib/client/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../lib/client/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAExE,MAAM,WAAW,mBAAmB;IAClC,8DAA8D;IAC9D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,mCAAmC;IACnC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,wCAAwC;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,wEAAwE;IACxE,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,0CAA0C;IAC1C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,6CAA6C;IAC7C,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE;QACV,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,EAAE,YAAY,EAAE,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;QAClB,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;CACH;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE;QACV,EAAE,EAAE,MAAM,CAAC;QACX,MAAM,EAAE,MAAM,CAAC;QACf,SAAS,EAAE,MAAM,CAAC;QAClB,IAAI,CAAC,EAAE,MAAM,CAAC;KACf,CAAC;CACH;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE;QACV,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,EAAE,YAAY,EAAE,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;QAClB,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AAEH,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,OAAO,GAAG,aAAa,GAAG,WAAW,GAAG,QAAQ,GAAG,OAAO,CAAC;IAClE,IAAI,EAAE,GAAG,CAAC;CACX;AAED,MAAM,WAAW,OAAO;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,sBAAsB;IACrC,wCAAwC;IACxC,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IAC1C,0DAA0D;IAC1D,WAAW,CAAC,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC;IACpE,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,YAAY,KAAK,IAAI,CAAC;IAC1C,8EAA8E;IAC9E,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAID,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,OAAO,CAAC;IACxB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,0BAA0B;IACzC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAID,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,UAAU,GAAG,OAAO,GAAG,QAAQ,CAAC;AAC/E,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,UAAU,GAAG,YAAY,CAAC;AAChE,MAAM,MAAM,qBAAqB,GAAG,mBAAmB,GAAG,gBAAgB,GAAG,SAAS,CAAC;AACvF,MAAM,MAAM,MAAM,GAAG,oBAAoB,GAAG,kBAAkB,CAAC;AAE/D,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,SAAS,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,YAAY,CAAC,EAAE;QACb,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;KACpB,CAAC;CACH;AAED,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,SAAS,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,qBAAqB,CAAC;IAC5C,YAAY,CAAC,EAAE,aAAa,EAAE,CAAC;IAC/B,WAAW,CAAC,EAAE,aAAa,CAAC;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,OAAO,CAAC;IACrB,WAAW,CAAC,EAAE,aAAa,CAAC;IAC5B,YAAY,CAAC,EAAE,aAAa,EAAE,CAAC;IAC/B,mBAAmB,CAAC,EAAE,qBAAqB,CAAC;IAC5C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,OAAO,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,SAAS,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,aAAa,EAAE,CAAC;IAC/B,MAAM,EAAE,SAAS,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAID,MAAM,WAAW,GAAG;IAClB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,MAAM;IACrB,IAAI,EAAE,GAAG,EAAE,CAAC;CACb;AAID,MAAM,WAAW,cAAc;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,OAAO,CAAC;IACxB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,uBAAuB,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,KAAK,CAAC;QACf,WAAW,EAAE,MAAM,CAAC;QACpB,OAAO,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;KAC9D,CAAC,CAAC;CACJ;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,GAAG,EAAE,MAAM,CAAC;IACZ,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,WAAW,oBAAoB;IACnC,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;CAC7C;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,OAAO,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../lib/client/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAExE,MAAM,WAAW,mBAAmB;IAClC,8DAA8D;IAC9D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,mCAAmC;IACnC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,wCAAwC;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,wEAAwE;IACxE,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,0CAA0C;IAC1C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,6CAA6C;IAC7C,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE;QACV,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,EAAE,YAAY,EAAE,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;QAClB,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;CACH;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE;QACV,EAAE,EAAE,MAAM,CAAC;QACX,MAAM,EAAE,MAAM,CAAC;QACf,SAAS,EAAE,MAAM,CAAC;QAClB,IAAI,CAAC,EAAE,MAAM,CAAC;KACf,CAAC;CACH;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE;QACV,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,EAAE,YAAY,EAAE,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;QAClB,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AAEH,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,OAAO,GAAG,aAAa,GAAG,WAAW,GAAG,QAAQ,GAAG,OAAO,CAAC;IAClE,IAAI,EAAE,GAAG,CAAC;CACX;AAED,MAAM,WAAW,OAAO;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,sBAAsB;IACrC,wCAAwC;IACxC,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IAC1C,0DAA0D;IAC1D,WAAW,CAAC,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC;IACpE,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,YAAY,KAAK,IAAI,CAAC;IAC1C,8EAA8E;IAC9E,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAID,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,OAAO,CAAC;IACxB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,0BAA0B;IACzC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAID,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,UAAU,GAAG,OAAO,GAAG,QAAQ,CAAC;AAC/E,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,UAAU,GAAG,YAAY,CAAC;AAChE,MAAM,MAAM,qBAAqB,GAAG,mBAAmB,GAAG,gBAAgB,GAAG,SAAS,CAAC;AACvF,MAAM,MAAM,MAAM,GAAG,oBAAoB,GAAG,kBAAkB,CAAC;AAE/D,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,SAAS,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,YAAY,CAAC,EAAE;QACb,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;KACpB,CAAC;CACH;AAED,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,SAAS,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,qBAAqB,CAAC;IAC5C,YAAY,CAAC,EAAE,aAAa,EAAE,CAAC;IAC/B,WAAW,CAAC,EAAE,aAAa,CAAC;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,OAAO,CAAC;IACrB,WAAW,CAAC,EAAE,aAAa,CAAC;IAC5B,YAAY,CAAC,EAAE,aAAa,EAAE,CAAC;IAC/B,mBAAmB,CAAC,EAAE,qBAAqB,CAAC;IAC5C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,OAAO,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,SAAS,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,aAAa,EAAE,CAAC;IAC/B,MAAM,EAAE,SAAS,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAID,MAAM,WAAW,GAAG;IAClB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,MAAM;IACrB,IAAI,EAAE,GAAG,EAAE,CAAC;CACb;AAID,MAAM,WAAW,cAAc;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,OAAO,CAAC;IACxB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,uBAAuB,EAAE,MAAM,CAAC;IAChC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,KAAK,CAAC;QACf,WAAW,EAAE,MAAM,CAAC;QACpB,OAAO,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;KAC9D,CAAC,CAAC;CACJ;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,GAAG,EAAE,MAAM,CAAC;IACZ,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,WAAW,oBAAoB;IACnC,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;CAC7C;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,OAAO,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,aAAa,EAAE,CAAC;IAC9B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,aAAa,EAAE,CAAC;IAC9B,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI,CAAC;IACzC,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,EAAE,KAAK,CAAC;QACjB,aAAa,EAAE,MAAM,CAAC;QACtB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,aAAa,EAAE,CAAC;QAC9B,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,KAAK,EAAE,MAAM,CAAC;QACd,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,OAAO,CAAC;QACjB,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;KACrC,CAAC,CAAC;IACH,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,OAAO,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,KAAK,CAAC;QACZ,aAAa,EAAE,MAAM,CAAC;QACtB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,aAAa,EAAE,CAAC;QAC9B,KAAK,EAAE,MAAM,CAAC;QACd,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC,CAAC;IACH,sBAAsB,CAAC,EAAE,aAAa,EAAE,CAAC;IACzC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,EAAE,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,YAAY,CAAC,EAAE;QACb,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;KACpB,CAAC;IACF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,EAAE,CAAC;IACd,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,YAAY,CAAC,EAAE;QACb,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;KACpB,GAAG,IAAI,CAAC;IACT,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI,CAAC;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,KAAK,CAAC;QAClB,cAAc,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,MAAM,CAAC;QACjB,GAAG,EAAE,MAAM,EAAE,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,OAAO,CAAC;QACjB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;KAC9B,CAAC,CAAC;IACH,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,YAAY,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC;IAC1B,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID,MAAM,MAAM,cAAc,GAAG,WAAW,GAAG,KAAK,GAAG,SAAS,GAAG,MAAM,GAAG,WAAW,CAAC;AACpF,MAAM,MAAM,uBAAuB,GAAG,cAAc,GAAG,aAAa,GAAG,YAAY,GAAG,SAAS,GAAG,WAAW,GAAG,aAAa,CAAC;AAC9H,MAAM,MAAM,qBAAqB,GAC7B,kBAAkB,GAAG,kBAAkB,GAAG,cAAc,GAAG,cAAc,GACzE,oBAAoB,GAAG,sBAAsB,GAAG,qBAAqB,GACrE,oBAAoB,GAAG,qBAAqB,GAAG,oBAAoB,GACnE,iBAAiB,GAAG,iBAAiB,GAAG,oBAAoB,GAC5D,qBAAqB,GAAG,eAAe,GAAG,gBAAgB,GAC1D,sBAAsB,GAAG,mBAAmB,CAAC;AAEjD,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,cAAc,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE;QACf,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,MAAM,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;QAClB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAED,MAAM,WAAW,4BAA4B;IAC3C,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,uBAAuB,CAAC;IAClC,MAAM,EAAE,qBAAqB,CAAC;IAC9B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE;QACL,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,uBAAuB,CAAC;QAClC,MAAM,EAAE,qBAAqB,CAAC;QAC9B,KAAK,EAAE,MAAM,CAAC;QACd,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;QAC/B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI,CAAC;QACxC,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;IACF,KAAK,EAAE;QACL,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,cAAc,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAED,MAAM,WAAW,2BAA2B;IAC1C,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,KAAK,CAAC;QACZ,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,uBAAuB,CAAC;QAClC,MAAM,EAAE,qBAAqB,CAAC;QAC9B,KAAK,EAAE,MAAM,CAAC;QACd,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;QAC/B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI,CAAC;QACxC,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC,CAAC;IACH,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,cAAc,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;CACjB"}

package/dist/src/index.d.ts

@@ -0,0 +1,4 @@
+import { Express } from 'express';
+declare const app: Express;
+export default app;
+//# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAgB,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAc3C,QAAA,MAAM,GAAG,EAAE,OAAmB,CAAC;AA2b/B,eAAe,GAAG,CAAC"}

package/dist/src/index.js

@@ -0,0 +1,408 @@
+// Local development server - Production runs on Cloudflare Workers
+import express from 'express';
+import crypto from 'crypto';
+import path from 'path';
+import { fileURLToPath } from 'url';
+import { botchaVerify } from './middleware/verify.js';
+import { generateChallenge, verifyChallenge } from './challenges/compute.js';
+import { generateSpeedChallenge, verifySpeedChallenge } from './challenges/speed.js';
+import { generateReasoningChallenge, verifyReasoningChallenge } from './challenges/reasoning.js';
+import { generateHybridChallenge, verifyHybridChallenge } from './challenges/hybrid.js';
+import { TRUSTED_PROVIDERS } from './utils/signature.js';
+import { createBadgeResponse, verifyBadge } from './utils/badge.js';
+import { generateBadgeSvg, generateBadgeHtml } from './utils/badge-image.js';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const app = express();
+const PORT = process.env.PORT || 3000;
+app.use(express.json());
+app.use(express.static(path.join(__dirname, '../public')));
+// CORS + BOTCHA headers
+app.use((req, res, next) => {
+    res.header('Access-Control-Allow-Origin', '*');
+    res.header('Access-Control-Allow-Headers', '*');
+    // BOTCHA discovery headers
+    res.header('X-Botcha-Version', '0.3.0');
+    res.header('X-Botcha-Enabled', 'true');
+    res.header('X-Botcha-Methods', 'speed-challenge,reasoning-challenge,hybrid-challenge,standard-challenge,web-bot-auth');
+    res.header('X-Botcha-Docs', 'https://botcha.ai/openapi.json');
+    if (req.method === 'OPTIONS')
+        return res.sendStatus(200);
+    next();
+});
+// Landing page
+app.get('/', (req, res) => {
+    res.sendFile(path.join(__dirname, '../public/index.html'));
+});
+// API info
+app.get('/api', (req, res) => {
+    res.json({
+        name: 'BOTCHA',
+        version: '0.3.0',
+        tagline: 'Prove you are a bot. Humans need not apply.',
+        endpoints: {
+            '/api': 'This info',
+            '/api/challenge': 'Standard challenge (GET new, POST verify)',
+            '/api/speed-challenge': '⚡ Speed challenge - 500ms to solve 5 problems',
+            '/api/reasoning-challenge': '🧠 Reasoning challenge - LLM-only questions',
+            '/api/hybrid-challenge': '🔥 Hybrid challenge - speed + reasoning combined',
+            '/agent-only': 'Protected endpoint',
+        },
+        verification: {
+            methods: [
+                'Web Bot Auth (cryptographic signature)',
+                'Hybrid Challenge (speed + reasoning)',
+                'Speed Challenge (500ms time limit)',
+                'Reasoning Challenge (LLM-only questions)',
+                'Standard Challenge (5s time limit)',
+                'X-Agent-Identity header (testing)',
+            ],
+            trustedProviders: TRUSTED_PROVIDERS,
+        },
+        discovery: {
+            openapi: 'https://botcha.ai/openapi.json',
+            aiPlugin: 'https://botcha.ai/.well-known/ai-plugin.json',
+            aiTxt: 'https://botcha.ai/ai.txt',
+            robotsTxt: 'https://botcha.ai/robots.txt',
+            npm: 'https://www.npmjs.com/package/@dupecom/botcha',
+            github: 'https://github.com/dupe-com/botcha',
+        },
+    });
+});
+// Standard challenge
+app.get('/api/challenge', (req, res) => {
+    const difficulty = req.query.difficulty || 'medium';
+    const challenge = generateChallenge(difficulty);
+    res.json({ success: true, challenge });
+});
+app.post('/api/challenge', (req, res) => {
+    const { id, answer } = req.body;
+    if (!id || !answer) {
+        return res.status(400).json({ success: false, error: 'Missing id or answer' });
+    }
+    const result = verifyChallenge(id, answer);
+    res.json({
+        success: result.valid,
+        message: result.valid ? '✅ Challenge passed!' : `❌ ${result.reason}`,
+        solveTime: result.timeMs,
+    });
+});
+// ⚡ SPEED CHALLENGE - The human killer
+app.get('/api/speed-challenge', (req, res) => {
+    const challenge = generateSpeedChallenge();
+    res.json({
+        success: true,
+        warning: '⚡ SPEED CHALLENGE: You have 500ms to solve ALL 5 problems!',
+        challenge: {
+            id: challenge.id,
+            problems: challenge.challenges,
+            timeLimit: `${challenge.timeLimit}ms`,
+            instructions: challenge.instructions,
+        },
+        tip: 'Humans cannot copy-paste fast enough. Only real AI agents can pass.',
+    });
+});
+app.post('/api/speed-challenge', (req, res) => {
+    const { id, answers } = req.body;
+    if (!id || !answers) {
+        return res.status(400).json({ success: false, error: 'Missing id or answers array' });
+    }
+    const result = verifySpeedChallenge(id, answers);
+    const response = {
+        success: result.valid,
+        message: result.valid
+            ? `⚡ SPEED TEST PASSED in ${result.solveTimeMs}ms! You are definitely an AI.`
+            : `❌ ${result.reason}`,
+        solveTimeMs: result.solveTimeMs,
+        verdict: result.valid ? '🤖 VERIFIED AI AGENT' : '🚫 LIKELY HUMAN (too slow)',
+    };
+    // Include badge for successful verifications
+    if (result.valid) {
+        response.badge = createBadgeResponse('speed-challenge', result.solveTimeMs);
+    }
+    res.json(response);
+});
+// 🧠 REASONING CHALLENGE - LLM-only questions
+app.get('/api/reasoning-challenge', (req, res) => {
+    const challenge = generateReasoningChallenge();
+    res.json({
+        success: true,
+        warning: '🧠 REASONING CHALLENGE: Answer 3 questions that require AI reasoning!',
+        challenge: {
+            id: challenge.id,
+            questions: challenge.questions,
+            timeLimit: `${challenge.timeLimit / 1000}s`,
+            instructions: challenge.instructions,
+        },
+        tip: 'These questions require reasoning that LLMs can do, but simple scripts cannot.',
+    });
+});
+app.post('/api/reasoning-challenge', (req, res) => {
+    const { id, answers } = req.body;
+    if (!id || !answers) {
+        return res.status(400).json({
+            success: false,
+            error: 'Missing id or answers object',
+            hint: 'answers should be an object like { "question-id": "your answer", ... }',
+        });
+    }
+    const result = verifyReasoningChallenge(id, answers);
+    const response = {
+        success: result.valid,
+        message: result.valid
+            ? `🧠 REASONING TEST PASSED in ${((result.solveTimeMs || 0) / 1000).toFixed(1)}s! You can think like an AI.`
+            : `❌ ${result.reason}`,
+        solveTimeMs: result.solveTimeMs,
+        score: result.valid ? `${result.correctCount}/${result.totalCount}` : undefined,
+        verdict: result.valid ? '🤖 VERIFIED AI AGENT (reasoning confirmed)' : '🚫 FAILED REASONING TEST',
+    };
+    // Include badge for successful verifications
+    if (result.valid) {
+        response.badge = createBadgeResponse('reasoning-challenge', result.solveTimeMs);
+    }
+    res.json(response);
+});
+// 🔥 HYBRID CHALLENGE - Speed + Reasoning combined
+app.get('/api/hybrid-challenge', (req, res) => {
+    const challenge = generateHybridChallenge();
+    res.json({
+        success: true,
+        warning: '🔥 HYBRID CHALLENGE: Solve speed problems in <500ms AND answer reasoning questions!',
+        challenge: {
+            id: challenge.id,
+            speed: {
+                problems: challenge.speed.problems,
+                timeLimit: `${challenge.speed.timeLimit}ms`,
+                instructions: 'Compute SHA256 of each number, return first 8 hex chars',
+            },
+            reasoning: {
+                questions: challenge.reasoning.questions,
+                timeLimit: `${challenge.reasoning.timeLimit / 1000}s`,
+                instructions: 'Answer all reasoning questions',
+            },
+        },
+        instructions: challenge.instructions,
+        tip: 'This is the ultimate test: proves you can compute AND reason like an AI.',
+    });
+});
+app.post('/api/hybrid-challenge', (req, res) => {
+    const { id, speed_answers, reasoning_answers } = req.body;
+    if (!id || !speed_answers || !reasoning_answers) {
+        return res.status(400).json({
+            success: false,
+            error: 'Missing id, speed_answers array, or reasoning_answers object',
+            hint: 'Submit both speed_answers (array) and reasoning_answers (object) together',
+        });
+    }
+    const result = verifyHybridChallenge(id, speed_answers, reasoning_answers);
+    const response = {
+        success: result.valid,
+        message: result.valid
+            ? `🔥 HYBRID TEST PASSED! Speed: ${result.speed.solveTimeMs}ms, Reasoning: ${result.reasoning.score}`
+            : `❌ ${result.reason}`,
+        speed: result.speed,
+        reasoning: result.reasoning,
+        totalTimeMs: result.totalTimeMs,
+        verdict: result.valid
+            ? '🤖 VERIFIED AI AGENT (speed + reasoning confirmed)'
+            : '🚫 FAILED HYBRID TEST',
+    };
+    if (result.valid) {
+        response.badge = createBadgeResponse('hybrid-challenge', result.totalTimeMs);
+    }
+    res.json(response);
+});
+// 🤖 LANDING PAGE CHALLENGE - For bots that discover the embedded challenge
+const landingTokens = new Map(); // token -> expiry timestamp
+app.post('/api/verify-landing', (req, res) => {
+    const { answer, timestamp } = req.body;
+    if (!answer || !timestamp) {
+        return res.status(400).json({
+            success: false,
+            error: 'Missing answer or timestamp',
+            hint: 'Parse the challenge from <script type="application/botcha+json"> on the landing page'
+        });
+    }
+    // Verify timestamp is recent (within 5 minutes)
+    const submittedTime = new Date(timestamp).getTime();
+    const now = Date.now();
+    if (Math.abs(now - submittedTime) > 5 * 60 * 1000) {
+        return res.status(400).json({ success: false, error: 'Timestamp too old or in future' });
+    }
+    // Calculate expected answer for today
+    const today = new Date().toISOString().split('T')[0]; // YYYY-MM-DD
+    const expectedHash = crypto
+        .createHash('sha256')
+        .update(`BOTCHA-LANDING-${today}`)
+        .digest('hex')
+        .substring(0, 16);
+    if (answer.toLowerCase() !== expectedHash.toLowerCase()) {
+        return res.status(403).json({
+            success: false,
+            error: 'Incorrect answer',
+            hint: `Expected SHA256('BOTCHA-LANDING-${today}') first 16 chars`
+        });
+    }
+    // Generate a token for accessing /agent-only
+    const token = crypto.randomBytes(32).toString('hex');
+    landingTokens.set(token, Date.now() + 60 * 60 * 1000); // Valid for 1 hour
+    // Clean up expired tokens
+    for (const [t, expiry] of landingTokens) {
+        if (expiry < Date.now())
+            landingTokens.delete(t);
+    }
+    res.json({
+        success: true,
+        message: '🤖 Landing challenge solved! You are a bot.',
+        token,
+        usage: {
+            header: 'X-Botcha-Landing-Token',
+            value: token,
+            expires_in: '1 hour',
+            use_with: '/agent-only'
+        },
+        badge: createBadgeResponse('landing-challenge'),
+    });
+});
+// ========================================
+// BADGE VERIFICATION ENDPOINTS
+// ========================================
+// HTML verification page
+app.get('/badge/:id', (req, res) => {
+    const badgeId = req.params.id;
+    const payload = verifyBadge(badgeId);
+    if (!payload) {
+        return res.status(404).send(`
+      <!DOCTYPE html>
+      <html>
+      <head><title>Invalid Badge</title></head>
+      <body style="font-family: system-ui; background: #0f0f23; color: #e5e7eb; display: flex; align-items: center; justify-content: center; min-height: 100vh; margin: 0;">
+        <div style="text-align: center;">
+          <h1 style="color: #ef4444;">Invalid Badge</h1>
+          <p>This badge token is invalid or has been tampered with.</p>
+          <a href="https://botcha.ai" style="color: #f59e0b;">Back to BOTCHA</a>
+        </div>
+      </body>
+      </html>
+    `);
+    }
+    res.setHeader('Content-Type', 'text/html');
+    res.send(generateBadgeHtml(payload, badgeId));
+});
+// SVG badge image
+app.get('/badge/:id/image', (req, res) => {
+    const badgeId = req.params.id;
+    const payload = verifyBadge(badgeId);
+    if (!payload) {
+        // Return a simple error SVG
+        res.setHeader('Content-Type', 'image/svg+xml');
+        res.setHeader('Cache-Control', 'no-cache');
+        return res.send(`<svg xmlns="http://www.w3.org/2000/svg" width="400" height="120" viewBox="0 0 400 120">
+      <rect width="400" height="120" rx="12" fill="#1a1a2e"/>
+      <text x="200" y="65" font-family="system-ui" font-size="16" fill="#ef4444" text-anchor="middle">Invalid Badge</text>
+    </svg>`);
+    }
+    res.setHeader('Content-Type', 'image/svg+xml');
+    res.setHeader('Cache-Control', 'public, max-age=31536000'); // Cache for 1 year (badges are immutable)
+    res.send(generateBadgeSvg(payload));
+});
+// JSON API for badge verification
+app.get('/api/badge/:id', (req, res) => {
+    const badgeId = req.params.id;
+    const payload = verifyBadge(badgeId);
+    if (!payload) {
+        return res.status(404).json({
+            success: false,
+            error: 'Invalid badge',
+            message: 'This badge token is invalid or has been tampered with.',
+        });
+    }
+    res.json({
+        success: true,
+        valid: true,
+        badge: {
+            method: payload.method,
+            solveTimeMs: payload.solveTimeMs,
+            verifiedAt: new Date(payload.verifiedAt).toISOString(),
+        },
+        verifyUrl: `https://botcha.ai/badge/${badgeId}`,
+        imageUrl: `https://botcha.ai/badge/${badgeId}/image`,
+    });
+});
+// Make landing tokens work with the protected endpoint
+app.use('/agent-only', (req, res, next) => {
+    const landingToken = req.headers['x-botcha-landing-token'];
+    if (landingToken && landingTokens.has(landingToken)) {
+        const expiry = landingTokens.get(landingToken);
+        if (expiry > Date.now()) {
+            req.agent = 'landing-challenge-verified';
+            req.verificationMethod = 'landing-token';
+            return next();
+        }
+        landingTokens.delete(landingToken);
+    }
+    next();
+});
+// Protected endpoint
+app.get('/agent-only', (req, res, next) => {
+    // Skip botchaVerify if already authenticated via landing token
+    if (req.verificationMethod === 'landing-token') {
+        return next();
+    }
+    botchaVerify({ challengeType: 'speed' })(req, res, next);
+}, (req, res) => {
+    const method = req.verificationMethod;
+    // Map verification method to badge method
+    let badgeMethod = 'standard-challenge';
+    if (method === 'landing-token') {
+        badgeMethod = 'landing-challenge';
+    }
+    else if (method === 'web-bot-auth') {
+        badgeMethod = 'web-bot-auth';
+    }
+    else if (method === 'speed-challenge' || method === 'speed') {
+        badgeMethod = 'speed-challenge';
+    }
+    res.json({
+        success: true,
+        message: '🤖 Welcome, fellow agent!',
+        verified: true,
+        agent: req.agent,
+        method,
+        timestamp: new Date().toISOString(),
+        secret: 'The humans will never see this. Their fingers are too slow. 🤫',
+        badge: createBadgeResponse(badgeMethod),
+    });
+});
+app.listen(PORT, () => {
+    // Clear console on restart
+    console.clear();
+    const c = '\x1b[36m';
+    const magenta = '\x1b[35m';
+    const yellow = '\x1b[33m';
+    const green = '\x1b[32m';
+    const dim = '\x1b[2m';
+    const r = '\x1b[0m';
+    console.log(`
+${c}╔══════════════════════════════════════════════════════╗${r}
+${c}║${r}                                                      ${c}║${r}
+${c}║${r}  ${magenta}██████╗  ██████╗ ████████╗ ██████╗██╗  ██╗ █████╗${r}   ${c}║${r}
+${c}║${r}  ${magenta}██╔══██╗██╔═══██╗╚══██╔══╝██╔════╝██║  ██║██╔══██╗${r}  ${c}║${r}
+${c}║${r}  ${magenta}██████╔╝██║   ██║   ██║   ██║     ███████║███████║${r}  ${c}║${r}
+${c}║${r}  ${magenta}██╔══██╗██║   ██║   ██║   ██║     ██╔══██║██╔══██║${r}  ${c}║${r}
+${c}║${r}  ${magenta}██████╔╝╚██████╔╝   ██║   ╚██████╗██║  ██║██║  ██║${r}  ${c}║${r}
+${c}║${r}  ${magenta}╚═════╝  ╚═════╝    ╚═╝    ╚═════╝╚═╝  ╚═╝╚═╝  ╚═╝${r}  ${c}║${r}
+${c}║${r}                                                      ${c}║${r}
+${c}║${r}  ${dim}Prove you're a bot. Humans need not apply.${r}          ${c}║${r}
+${c}║${r}                                                      ${c}║${r}
+${c}╠══════════════════════════════════════════════════════╣${r}
+${c}║${r}                                                      ${c}║${r}
+${c}║${r}  ${yellow}🤖 Server${r}     ${green}http://localhost:${PORT}${r}                 ${c}║${r}
+${c}║${r}  ${yellow}📚 API${r}        ${dim}/api${r}                                  ${c}║${r}
+${c}║${r}  ${yellow}⚡ Challenge${r}  ${dim}/api/speed-challenge${r}                  ${c}║${r}
+${c}║${r}  ${yellow}🔒 Protected${r}  ${dim}/agent-only${r}                           ${c}║${r}
+${c}║${r}  ${yellow}📖 OpenAPI${r}    ${dim}/openapi.json${r}                         ${c}║${r}
+${c}║${r}                                                      ${c}║${r}
+${c}╚══════════════════════════════════════════════════════╝${r}
+`);
+});
+export default app;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dupecom/botcha",
-  "version": "0.16.0",
+  "version": "0.19.0",
   "description": "Prove you're a bot. Humans need not apply. Reverse CAPTCHA for AI-only APIs.",
   "workspaces": [
     "packages/*"