@elizaos/plugin-trust 1.2.1 → 2.0.0-alpha.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/actions/evaluateTrust.d.ts +3 -0
- package/dist/actions/evaluateTrust.d.ts.map +1 -0
- package/dist/actions/index.d.ts +6 -0
- package/dist/actions/index.d.ts.map +1 -0
- package/dist/actions/recordTrustInteraction.d.ts +3 -0
- package/dist/actions/recordTrustInteraction.d.ts.map +1 -0
- package/dist/actions/requestElevation.d.ts +3 -0
- package/dist/actions/requestElevation.d.ts.map +1 -0
- package/dist/actions/roles.d.ts +13 -0
- package/dist/actions/roles.d.ts.map +1 -0
- package/dist/actions/settings.d.ts +21 -0
- package/dist/actions/settings.d.ts.map +1 -0
- package/dist/evaluators/index.d.ts +4 -0
- package/dist/evaluators/index.d.ts.map +1 -0
- package/dist/evaluators/reflection.d.ts +3 -0
- package/dist/evaluators/reflection.d.ts.map +1 -0
- package/dist/evaluators/securityEvaluator.d.ts +28 -0
- package/dist/evaluators/securityEvaluator.d.ts.map +1 -0
- package/dist/evaluators/trustChangeEvaluator.d.ts +3 -0
- package/dist/evaluators/trustChangeEvaluator.d.ts.map +1 -0
- package/dist/framework/TrustAwarePlugin.d.ts +60 -0
- package/dist/framework/TrustAwarePlugin.d.ts.map +1 -0
- package/dist/index.d.ts +34 -827
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +4925 -4208
- package/dist/index.js.map +33 -1
- package/dist/providers/adminTrust.d.ts +3 -0
- package/dist/providers/adminTrust.d.ts.map +1 -0
- package/dist/providers/index.d.ts +6 -0
- package/dist/providers/index.d.ts.map +1 -0
- package/dist/providers/roles.d.ts +19 -0
- package/dist/providers/roles.d.ts.map +1 -0
- package/dist/providers/securityStatus.d.ts +15 -0
- package/dist/providers/securityStatus.d.ts.map +1 -0
- package/dist/providers/settings.d.ts +7 -0
- package/dist/providers/settings.d.ts.map +1 -0
- package/dist/providers/trustProfile.d.ts +3 -0
- package/dist/providers/trustProfile.d.ts.map +1 -0
- package/dist/schema.d.ts +1170 -0
- package/dist/schema.d.ts.map +1 -0
- package/dist/services/ContextualPermissionSystem.d.ts +40 -0
- package/dist/services/ContextualPermissionSystem.d.ts.map +1 -0
- package/dist/services/CredentialProtector.d.ts +62 -0
- package/dist/services/CredentialProtector.d.ts.map +1 -0
- package/dist/services/SecurityModule.d.ts +145 -0
- package/dist/services/SecurityModule.d.ts.map +1 -0
- package/dist/services/SecurityStore.d.ts +53 -0
- package/dist/services/SecurityStore.d.ts.map +1 -0
- package/dist/services/TrustEngine.d.ts +81 -0
- package/dist/services/TrustEngine.d.ts.map +1 -0
- package/dist/services/db.d.ts +12 -0
- package/dist/services/db.d.ts.map +1 -0
- package/dist/services/index.d.ts +5 -0
- package/dist/services/index.d.ts.map +1 -0
- package/dist/tests.d.ts +3 -0
- package/dist/tests.d.ts.map +1 -0
- package/dist/types/permissions.d.ts +185 -0
- package/dist/types/permissions.d.ts.map +1 -0
- package/dist/types/security.d.ts +114 -0
- package/dist/types/security.d.ts.map +1 -0
- package/dist/types/trust.d.ts +179 -0
- package/dist/types/trust.d.ts.map +1 -0
- package/package.json +44 -19
- package/LICENSE +0 -21
- package/README.md +0 -244
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,WAAW,iDAAoB,CAAC;AAE7C;;GAEG;AACH,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWxB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAYxB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAQ1B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAQhC,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAW7B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAS5B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAOxB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAO/B,CAAC"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
import { type IAgentRuntime, type UUID } from "@elizaos/core";
|
|
2
|
+
import type { AccessDecision, AccessRequest, ElevationRequest, ElevationResult, Permission, PermissionContext, PermissionDelegation } from "../types/permissions";
|
|
3
|
+
import type { SecurityModule } from "./SecurityModule";
|
|
4
|
+
import type { TrustEngine } from "./TrustEngine";
|
|
5
|
+
export declare class ContextualPermissionSystem {
|
|
6
|
+
private runtime;
|
|
7
|
+
private trustEngine;
|
|
8
|
+
private securityModule;
|
|
9
|
+
private permissionCache;
|
|
10
|
+
private elevations;
|
|
11
|
+
private delegations;
|
|
12
|
+
private static readonly ROLE_PERMISSIONS;
|
|
13
|
+
private static readonly TRUST_ACTION_THRESHOLDS;
|
|
14
|
+
private static readonly TRUST_ONLY_ACTIONS;
|
|
15
|
+
private static readonly ADMIN_ONLY_ACTIONS;
|
|
16
|
+
initialize(runtime: IAgentRuntime, trustEngine: TrustEngine, securityModule: SecurityModule): Promise<void>;
|
|
17
|
+
hasPermission(entityId: UUID, permission: Permission, context: PermissionContext): Promise<boolean>;
|
|
18
|
+
checkAccess(request: AccessRequest): Promise<AccessDecision>;
|
|
19
|
+
private checkRolePermissions;
|
|
20
|
+
private checkTrustPermissions;
|
|
21
|
+
private checkDelegatedPermissions;
|
|
22
|
+
requestElevation(request: ElevationRequest): Promise<ElevationResult>;
|
|
23
|
+
/**
|
|
24
|
+
* Check if the entity has an active (non-expired) elevation grant for the requested action.
|
|
25
|
+
*/
|
|
26
|
+
private checkActiveElevations;
|
|
27
|
+
/**
|
|
28
|
+
* Create a delegation granting another entity specific permissions.
|
|
29
|
+
*/
|
|
30
|
+
addDelegation(delegation: PermissionDelegation): void;
|
|
31
|
+
/**
|
|
32
|
+
* Revoke a delegation by ID.
|
|
33
|
+
*/
|
|
34
|
+
revokeDelegation(delegationId: UUID, revokedBy: UUID): boolean;
|
|
35
|
+
private createDecision;
|
|
36
|
+
private roleHasPermission;
|
|
37
|
+
private getEntityRoles;
|
|
38
|
+
private generateDenialReason;
|
|
39
|
+
}
|
|
40
|
+
//# sourceMappingURL=ContextualPermissionSystem.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ContextualPermissionSystem.d.ts","sourceRoot":"","sources":["../../src/services/ContextualPermissionSystem.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,aAAa,EAIlB,KAAK,IAAI,EACV,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EACV,cAAc,EACd,aAAa,EACb,gBAAgB,EAChB,eAAe,EAEf,UAAU,EACV,iBAAiB,EACjB,oBAAoB,EACrB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAEjD,qBAAa,0BAA0B;IACrC,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,cAAc,CAAkB;IAExC,OAAO,CAAC,eAAe,CAAmE;IAC1F,OAAO,CAAC,UAAU,CAA+D;IACjF,OAAO,CAAC,WAAW,CAA2C;IAE9D,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAsBtC;IAEF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAM7C;IAEF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAMvC;IAEH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAMvC;IAEG,UAAU,CACd,OAAO,EAAE,aAAa,EACtB,WAAW,EAAE,WAAW,EACxB,cAAc,EAAE,cAAc,GAC7B,OAAO,CAAC,IAAI,CAAC;IAMV,aAAa,CACjB,QAAQ,EAAE,IAAI,EACd,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,OAAO,CAAC;IAUb,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;YAsDpD,oBAAoB;YAkBpB,qBAAqB;YAuCrB,yBAAyB;IA2BjC,gBAAgB,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAkD3E;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAqB7B;;OAEG;IACH,aAAa,CAAC,UAAU,EAAE,oBAAoB,GAAG,IAAI;IAcrD;;OAEG;IACH,gBAAgB,CAAC,YAAY,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,GAAG,OAAO;IAa9D,OAAO,CAAC,cAAc;IAsBtB,OAAO,CAAC,iBAAiB;YAMX,cAAc;IAQ5B,OAAO,CAAC,oBAAoB;CAO7B"}
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
import { type IAgentRuntime, Service, type UUID } from "@elizaos/core";
|
|
2
|
+
import { type SecurityContext } from "../types/security";
|
|
3
|
+
import type { SecurityModule } from "./SecurityModule";
|
|
4
|
+
export interface CredentialThreatDetection {
|
|
5
|
+
detected: boolean;
|
|
6
|
+
confidence: number;
|
|
7
|
+
threatType: "credential_request" | "phishing" | "social_engineering" | "prompt_injection" | "none";
|
|
8
|
+
sensitiveData: string[];
|
|
9
|
+
recommendation: string;
|
|
10
|
+
}
|
|
11
|
+
export declare class CredentialProtector extends Service {
|
|
12
|
+
static serviceType: "credential-protector";
|
|
13
|
+
capabilityDescription: string;
|
|
14
|
+
private securityModule;
|
|
15
|
+
private readonly keywordPatternCache;
|
|
16
|
+
private static normalizeForScan;
|
|
17
|
+
private static reverseString;
|
|
18
|
+
private readonly SENSITIVE_PATTERNS;
|
|
19
|
+
private readonly SENSITIVE_KEYWORDS;
|
|
20
|
+
private readonly THEFT_REQUEST_PATTERNS;
|
|
21
|
+
private readonly PROMPT_INJECTION_PATTERNS;
|
|
22
|
+
private readonly LEGITIMATE_CONTEXTS;
|
|
23
|
+
initialize(_runtime: IAgentRuntime, securityModule: SecurityModule): Promise<void>;
|
|
24
|
+
stop(): Promise<void>;
|
|
25
|
+
static start(runtime: IAgentRuntime): Promise<Service>;
|
|
26
|
+
/**
|
|
27
|
+
* Scan message for credential theft attempts
|
|
28
|
+
*/
|
|
29
|
+
scanForCredentialTheft(message: string, entityId: UUID, context: SecurityContext): Promise<CredentialThreatDetection>;
|
|
30
|
+
/**
|
|
31
|
+
* Protect sensitive data by redacting it
|
|
32
|
+
*/
|
|
33
|
+
protectSensitiveData(content: string): Promise<string>;
|
|
34
|
+
/**
|
|
35
|
+
* Alert potential victims of credential theft
|
|
36
|
+
*/
|
|
37
|
+
alertPotentialVictims(threatActor: UUID, victims: UUID[], threatDetails: CredentialThreatDetection): Promise<void>;
|
|
38
|
+
/**
|
|
39
|
+
* Analyze a conversation for credential theft patterns
|
|
40
|
+
*/
|
|
41
|
+
analyzeConversation(messages: Array<{
|
|
42
|
+
entityId: UUID;
|
|
43
|
+
content: string;
|
|
44
|
+
timestamp: number;
|
|
45
|
+
}>, context: SecurityContext): Promise<{
|
|
46
|
+
overallThreat: number;
|
|
47
|
+
suspiciousEntities: UUID[];
|
|
48
|
+
recommendations: string[];
|
|
49
|
+
}>;
|
|
50
|
+
/**
|
|
51
|
+
* Private helper methods
|
|
52
|
+
*/
|
|
53
|
+
private detectSensitiveData;
|
|
54
|
+
private hasTheftRequest;
|
|
55
|
+
private hasPromptInjectionPattern;
|
|
56
|
+
private isLegitimateContext;
|
|
57
|
+
private hasPhishingIndicators;
|
|
58
|
+
private getKeywordPattern;
|
|
59
|
+
private containsKeywordVariant;
|
|
60
|
+
private logThreatEvent;
|
|
61
|
+
}
|
|
62
|
+
//# sourceMappingURL=CredentialProtector.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"CredentialProtector.d.ts","sourceRoot":"","sources":["../../src/services/CredentialProtector.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,aAAa,EAAU,OAAO,EAAE,KAAK,IAAI,EAAE,MAAM,eAAe,CAAC;AAE/E,OAAO,EAAE,KAAK,eAAe,EAAqB,MAAM,mBAAmB,CAAC;AAC5E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EAAE,OAAO,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EACN,oBAAoB,GACpB,UAAU,GACV,oBAAoB,GACpB,kBAAkB,GAClB,MAAM,CAAC;IACX,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,qBAAa,mBAAoB,SAAQ,OAAO;IAC9C,MAAM,CAAC,WAAW,EAAG,sBAAsB,CAAU;IAErD,qBAAqB,SAA6E;IAElG,OAAO,CAAC,cAAc,CAA+B;IACrD,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAA6B;IAEjE,OAAO,CAAC,MAAM,CAAC,gBAAgB;IAI/B,OAAO,CAAC,MAAM,CAAC,aAAa;IAK5B,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAwCjC;IAGF,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAkCjC;IAGF,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAcrC;IAEF,OAAO,CAAC,QAAQ,CAAC,yBAAyB,CAWxC;IAGF,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAUlC;IAEI,UAAU,CAAC,QAAQ,EAAE,aAAa,EAAE,cAAc,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAKlF,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;WAId,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAa5D;;OAEG;IACG,sBAAsB,CAC1B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,IAAI,EACd,OAAO,EAAE,eAAe,GACvB,OAAO,CAAC,yBAAyB,CAAC;IAmErC;;OAEG;IACG,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IA0B5D;;OAEG;IACG,qBAAqB,CACzB,WAAW,EAAE,IAAI,EACjB,OAAO,EAAE,IAAI,EAAE,EACf,aAAa,EAAE,yBAAyB,GACvC,OAAO,CAAC,IAAI,CAAC;IA2BhB;;OAEG;IACG,mBAAmB,CACvB,QAAQ,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,IAAI,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,EACvE,OAAO,EAAE,eAAe,GACvB,OAAO,CAAC;QACT,aAAa,EAAE,MAAM,CAAC;QACtB,kBAAkB,EAAE,IAAI,EAAE,CAAC;QAC3B,eAAe,EAAE,MAAM,EAAE,CAAC;KAC3B,CAAC;IAgDF;;OAEG;IAEH,OAAO,CAAC,mBAAmB;IAoB3B,OAAO,CAAC,eAAe;IA+BvB,OAAO,CAAC,yBAAyB;IAwBjC,OAAO,CAAC,mBAAmB;IAI3B,OAAO,CAAC,qBAAqB;IAkB7B,OAAO,CAAC,iBAAiB;IAWzB,OAAO,CAAC,sBAAsB;YA+BhB,cAAc;CAqB7B"}
|
|
@@ -0,0 +1,145 @@
|
|
|
1
|
+
import { type IAgentRuntime, type UUID } from "@elizaos/core";
|
|
2
|
+
import { type Action, type CoordinationDetection, type CredentialTheftDetection, type ImpersonationDetection, type Message, type MultiAccountDetection, type PhishingDetection, type SecurityCheck, type SecurityContext, type SecurityEvent, SecurityEventType, type ThreatAssessment } from "../types/security";
|
|
3
|
+
import type { TrustEngine } from "./TrustEngine";
|
|
4
|
+
export interface RiskScore {
|
|
5
|
+
score: number;
|
|
6
|
+
factors: Record<string, number>;
|
|
7
|
+
recommendation: string;
|
|
8
|
+
}
|
|
9
|
+
export interface SocialEngineeringFactors {
|
|
10
|
+
urgency: number;
|
|
11
|
+
authority: number;
|
|
12
|
+
intimidation: number;
|
|
13
|
+
liking: number;
|
|
14
|
+
reciprocity: number;
|
|
15
|
+
commitment: number;
|
|
16
|
+
socialProof: number;
|
|
17
|
+
scarcity: number;
|
|
18
|
+
}
|
|
19
|
+
export declare class SecurityModule {
|
|
20
|
+
private runtime;
|
|
21
|
+
private trustEngine;
|
|
22
|
+
private behavioralProfiles;
|
|
23
|
+
private messageHistory;
|
|
24
|
+
private actionHistory;
|
|
25
|
+
private keywordPatternCache;
|
|
26
|
+
private readonly INJECTION_PATTERNS;
|
|
27
|
+
private readonly INJECTION_KEYWORDS;
|
|
28
|
+
private readonly URGENCY_KEYWORDS;
|
|
29
|
+
private readonly AUTHORITY_KEYWORDS;
|
|
30
|
+
private readonly INTIMIDATION_KEYWORDS;
|
|
31
|
+
private readonly CREDENTIAL_PATTERNS;
|
|
32
|
+
private readonly SENSITIVE_KEYWORDS;
|
|
33
|
+
private readonly PHISHING_INDICATORS;
|
|
34
|
+
/**
|
|
35
|
+
* Initialize the security module
|
|
36
|
+
*/
|
|
37
|
+
initialize(runtime: IAgentRuntime, trustEngine: TrustEngine): Promise<void>;
|
|
38
|
+
/**
|
|
39
|
+
* Detect prompt injection attempts
|
|
40
|
+
*/
|
|
41
|
+
detectPromptInjection(message: string, context: SecurityContext): Promise<SecurityCheck>;
|
|
42
|
+
/**
|
|
43
|
+
* Detect social engineering attempts
|
|
44
|
+
*/
|
|
45
|
+
detectSocialEngineering(message: string, context: SecurityContext): Promise<SecurityCheck>;
|
|
46
|
+
/**
|
|
47
|
+
* Analyze a message for security threats
|
|
48
|
+
*/
|
|
49
|
+
analyzeMessage(message: string, entityId: UUID, context: SecurityContext): Promise<SecurityCheck>;
|
|
50
|
+
/**
|
|
51
|
+
* Assess overall threat level
|
|
52
|
+
*/
|
|
53
|
+
assessThreatLevel(context: SecurityContext): Promise<ThreatAssessment>;
|
|
54
|
+
/**
|
|
55
|
+
* Get recent security incidents
|
|
56
|
+
*/
|
|
57
|
+
getRecentSecurityIncidents(_roomId?: UUID, hours?: number): Promise<SecurityEvent[]>;
|
|
58
|
+
/**
|
|
59
|
+
* Get security recommendations based on threat level
|
|
60
|
+
*/
|
|
61
|
+
getSecurityRecommendations(threatLevel: number): string[];
|
|
62
|
+
/**
|
|
63
|
+
* Log security event (now public)
|
|
64
|
+
*/
|
|
65
|
+
logSecurityEvent(event: Omit<SecurityEvent, "id" | "timestamp" | "handled">): Promise<void>;
|
|
66
|
+
/**
|
|
67
|
+
* Analyze social engineering factors
|
|
68
|
+
*/
|
|
69
|
+
private analyzeSocialEngineeringFactors;
|
|
70
|
+
/**
|
|
71
|
+
* Calculate keyword score
|
|
72
|
+
*/
|
|
73
|
+
private calculateKeywordScore;
|
|
74
|
+
private static readonly SE_FACTOR_PHRASES;
|
|
75
|
+
private detectFactorScore;
|
|
76
|
+
/**
|
|
77
|
+
* Calculate overall social engineering risk
|
|
78
|
+
*/
|
|
79
|
+
private calculateSocialEngineeringRisk;
|
|
80
|
+
/**
|
|
81
|
+
* Analyze semantic patterns
|
|
82
|
+
*/
|
|
83
|
+
private analyzeSemantics;
|
|
84
|
+
private normalizeForScan;
|
|
85
|
+
private reverseString;
|
|
86
|
+
private getKeywordPattern;
|
|
87
|
+
private containsObfuscatedKeyword;
|
|
88
|
+
private detectObfuscatedKeywordMatches;
|
|
89
|
+
/**
|
|
90
|
+
* Log trust impact from security events
|
|
91
|
+
*/
|
|
92
|
+
logTrustImpact(entityId: UUID, event: SecurityEventType, impact: number, context?: {
|
|
93
|
+
worldId?: UUID;
|
|
94
|
+
}): Promise<void>;
|
|
95
|
+
/**
|
|
96
|
+
* Maps security events to trust evidence types
|
|
97
|
+
*/
|
|
98
|
+
private mapSecurityEventToTrustEvidence;
|
|
99
|
+
/**
|
|
100
|
+
* Enhanced pattern detection capabilities
|
|
101
|
+
*/
|
|
102
|
+
/**
|
|
103
|
+
* Detect multi-account manipulation
|
|
104
|
+
*/
|
|
105
|
+
detectMultiAccountPattern(entities: UUID[], timeWindow?: number): Promise<MultiAccountDetection | null>;
|
|
106
|
+
/**
|
|
107
|
+
* Detect credential theft attempts
|
|
108
|
+
*/
|
|
109
|
+
detectCredentialTheft(message: string, entityId: UUID, context: SecurityContext): Promise<CredentialTheftDetection | null>;
|
|
110
|
+
/**
|
|
111
|
+
* Detect phishing campaigns
|
|
112
|
+
*/
|
|
113
|
+
detectPhishing(messages: Message[], entityId: UUID): Promise<PhishingDetection | null>;
|
|
114
|
+
/**
|
|
115
|
+
* Detect impersonation attempts
|
|
116
|
+
*/
|
|
117
|
+
detectImpersonation(username: string, existingUsers: string[]): Promise<ImpersonationDetection | null>;
|
|
118
|
+
/**
|
|
119
|
+
* Detect coordinated activity
|
|
120
|
+
*/
|
|
121
|
+
detectCoordinatedActivity(entities: UUID[], timeWindow?: number): Promise<CoordinationDetection | null>;
|
|
122
|
+
/**
|
|
123
|
+
* Helper methods for pattern detection
|
|
124
|
+
*/
|
|
125
|
+
private getBehavioralProfiles;
|
|
126
|
+
private buildBehavioralProfile;
|
|
127
|
+
private calculateProfileSimilarities;
|
|
128
|
+
private calculateVariance;
|
|
129
|
+
private checkSynchronizedActions;
|
|
130
|
+
private getRecentActions;
|
|
131
|
+
private detectSuspiciousLinks;
|
|
132
|
+
private extractLinks;
|
|
133
|
+
private calculateStringSimilarity;
|
|
134
|
+
private calculateVisualSimilarity;
|
|
135
|
+
private levenshteinDistance;
|
|
136
|
+
/**
|
|
137
|
+
* Store message for analysis
|
|
138
|
+
*/
|
|
139
|
+
storeMessage(message: Message): Promise<void>;
|
|
140
|
+
/**
|
|
141
|
+
* Store action for analysis
|
|
142
|
+
*/
|
|
143
|
+
storeAction(action: Action): Promise<void>;
|
|
144
|
+
}
|
|
145
|
+
//# sourceMappingURL=SecurityModule.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"SecurityModule.d.ts","sourceRoot":"","sources":["../../src/services/SecurityModule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,aAAa,EAAU,KAAK,IAAI,EAAE,MAAM,eAAe,CAAC;AACtE,OAAO,EACL,KAAK,MAAM,EAEX,KAAK,qBAAqB,EAC1B,KAAK,wBAAwB,EAC7B,KAAK,sBAAsB,EAC3B,KAAK,OAAO,EACZ,KAAK,qBAAqB,EAC1B,KAAK,iBAAiB,EACtB,KAAK,aAAa,EAClB,KAAK,eAAe,EACpB,KAAK,aAAa,EAClB,iBAAiB,EACjB,KAAK,gBAAgB,EACtB,MAAM,mBAAmB,CAAC;AAK3B,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAEjD,MAAM,WAAW,SAAS;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,WAAW,CAA4B;IAC/C,OAAO,CAAC,kBAAkB,CAA2C;IACrE,OAAO,CAAC,cAAc,CAAmC;IACzD,OAAO,CAAC,aAAa,CAAkC;IACvD,OAAO,CAAC,mBAAmB,CAA6B;IAGxD,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CA0BjC;IAGF,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAgBjC;IAGF,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAU/B;IAEF,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAUjC;IAEF,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAUpC;IAGF,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAgBlC;IAGF,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CA4BjC;IAGF,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAUlC;IAEF;;OAEG;IACG,UAAU,CAAC,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAMjF;;OAEG;IACG,qBAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,aAAa,CAAC;IAoD9F;;OAEG;IACG,uBAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,aAAa,CAAC;IAgDhG;;OAEG;IACG,cAAc,CAClB,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,IAAI,EACd,OAAO,EAAE,eAAe,GACvB,OAAO,CAAC,aAAa,CAAC;IAgDzB;;OAEG;IACG,iBAAiB,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA+B5E;;OAEG;IACG,0BAA0B,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,KAAK,SAAK,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAsBtF;;OAEG;IACH,0BAA0B,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,EAAE;IAwBzD;;OAEG;IACG,gBAAgB,CACpB,KAAK,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,GAAG,WAAW,GAAG,SAAS,CAAC,GACzD,OAAO,CAAC,IAAI,CAAC;IAyBhB;;OAEG;IACH,OAAO,CAAC,+BAA+B;IAavC;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAM7B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAmCvC;IAEF,OAAO,CAAC,iBAAiB;IAKzB;;OAEG;IACH,OAAO,CAAC,8BAA8B;IAwCtC;;OAEG;YACW,gBAAgB;IAsB9B,OAAO,CAAC,gBAAgB;IAIxB,OAAO,CAAC,aAAa;IAIrB,OAAO,CAAC,iBAAiB;IAWzB,OAAO,CAAC,yBAAyB;IA2BjC,OAAO,CAAC,8BAA8B;IAItC;;OAEG;IACG,cAAc,CAClB,QAAQ,EAAE,IAAI,EACd,KAAK,EAAE,iBAAiB,EACxB,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,IAAI,CAAA;KAAE,GAC3B,OAAO,CAAC,IAAI,CAAC;IAsBhB;;OAEG;IACH,OAAO,CAAC,+BAA+B;IAmBvC;;OAEG;IAEH;;OAEG;IACG,yBAAyB,CAC7B,QAAQ,EAAE,IAAI,EAAE,EAChB,UAAU,GAAE,MAAgB,GAC3B,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC;IAiDxC;;OAEG;IACG,qBAAqB,CACzB,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,IAAI,EACd,OAAO,EAAE,eAAe,GACvB,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC;IAgE3C;;OAEG;IACG,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,IAAI,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAyC5F;;OAEG;IACG,mBAAmB,CACvB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC;IA+CzC;;OAEG;IACG,yBAAyB,CAC7B,QAAQ,EAAE,IAAI,EAAE,EAChB,UAAU,GAAE,MAAe,GAC1B,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC;IAqDxC;;OAEG;YAEW,qBAAqB;YAerB,sBAAsB;IAqDpC,OAAO,CAAC,4BAA4B;IA2BpC,OAAO,CAAC,iBAAiB;YAKX,wBAAwB;YAkCxB,gBAAgB;IAY9B,OAAO,CAAC,qBAAqB;IAO7B,OAAO,CAAC,YAAY;IAYpB,OAAO,CAAC,yBAAyB;IAUjC,OAAO,CAAC,yBAAyB;IA+DjC,OAAO,CAAC,mBAAmB;IA4B3B;;OAEG;IACG,YAAY,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAanD;;OAEG;IACG,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAYjD"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Data access layer for plugin-trust schema tables.
|
|
3
|
+
* Thin wrappers around Drizzle queries for security incidents,
|
|
4
|
+
* trust evidence, behavioral profiles, identity links, and whistleblower reports.
|
|
5
|
+
*/
|
|
6
|
+
import type { UUID } from "@elizaos/core";
|
|
7
|
+
import type { DrizzleDB } from "./db";
|
|
8
|
+
export interface InsertSecurityIncident {
|
|
9
|
+
entityId: UUID;
|
|
10
|
+
type: string;
|
|
11
|
+
severity: string;
|
|
12
|
+
context?: Record<string, unknown>;
|
|
13
|
+
details?: Record<string, unknown>;
|
|
14
|
+
}
|
|
15
|
+
export declare function insertSecurityIncident(db: DrizzleDB, incident: InsertSecurityIncident): Promise<void>;
|
|
16
|
+
export declare function getRecentIncidents(db: DrizzleDB, roomId?: UUID, hours?: number): Promise<Array<Record<string, unknown>>>;
|
|
17
|
+
export interface InsertTrustEvidence {
|
|
18
|
+
targetEntityId: UUID;
|
|
19
|
+
sourceEntityId: UUID;
|
|
20
|
+
evaluatorId: UUID;
|
|
21
|
+
type: string;
|
|
22
|
+
impact: number;
|
|
23
|
+
weight?: number;
|
|
24
|
+
description?: string;
|
|
25
|
+
verified?: boolean;
|
|
26
|
+
context?: Record<string, unknown>;
|
|
27
|
+
}
|
|
28
|
+
export declare function insertTrustEvidence(db: DrizzleDB, evidence: InsertTrustEvidence): Promise<void>;
|
|
29
|
+
export declare function getTrustEvidence(db: DrizzleDB, entityId: UUID, evaluatorId?: UUID): Promise<Array<Record<string, unknown>>>;
|
|
30
|
+
export interface UpsertBehavioralProfile {
|
|
31
|
+
entityId: UUID;
|
|
32
|
+
typingSpeed?: number;
|
|
33
|
+
vocabularyComplexity?: number;
|
|
34
|
+
messageLengthMean?: number;
|
|
35
|
+
messageLengthStdDev?: number;
|
|
36
|
+
activeHours?: number[];
|
|
37
|
+
commonPhrases?: string[];
|
|
38
|
+
interactionPatterns?: Record<string, number>;
|
|
39
|
+
}
|
|
40
|
+
export declare function upsertBehavioralProfile(db: DrizzleDB, profile: UpsertBehavioralProfile): Promise<void>;
|
|
41
|
+
export declare function getBehavioralProfile(db: DrizzleDB, entityId: UUID): Promise<Record<string, unknown> | null>;
|
|
42
|
+
export declare function insertIdentityLink(db: DrizzleDB, link: {
|
|
43
|
+
entityIdA: UUID;
|
|
44
|
+
entityIdB: UUID;
|
|
45
|
+
confidence: number;
|
|
46
|
+
evidence?: string[];
|
|
47
|
+
}): Promise<void>;
|
|
48
|
+
export declare function getIdentityLinks(db: DrizzleDB, entityId: UUID): Promise<Array<Record<string, unknown>>>;
|
|
49
|
+
export declare function insertWhistleblowerReport(db: DrizzleDB, report: {
|
|
50
|
+
reportedEntityId: UUID;
|
|
51
|
+
evidence: Record<string, unknown>;
|
|
52
|
+
}): Promise<void>;
|
|
53
|
+
//# sourceMappingURL=SecurityStore.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"SecurityStore.d.ts","sourceRoot":"","sources":["../../src/services/SecurityStore.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAS1C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAItC,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,IAAI,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,wBAAsB,sBAAsB,CAC1C,EAAE,EAAE,SAAS,EACb,QAAQ,EAAE,sBAAsB,GAC/B,OAAO,CAAC,IAAI,CAAC,CASf;AAED,wBAAsB,kBAAkB,CACtC,EAAE,EAAE,SAAS,EACb,MAAM,CAAC,EAAE,IAAI,EACb,KAAK,SAAK,GACT,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAiBzC;AAID,MAAM,WAAW,mBAAmB;IAClC,cAAc,EAAE,IAAI,CAAC;IACrB,cAAc,EAAE,IAAI,CAAC;IACrB,WAAW,EAAE,IAAI,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,wBAAsB,mBAAmB,CACvC,EAAE,EAAE,SAAS,EACb,QAAQ,EAAE,mBAAmB,GAC5B,OAAO,CAAC,IAAI,CAAC,CAYf;AAED,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,SAAS,EACb,QAAQ,EAAE,IAAI,EACd,WAAW,CAAC,EAAE,IAAI,GACjB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAazC;AAID,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,IAAI,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC9C;AAED,wBAAsB,uBAAuB,CAC3C,EAAE,EAAE,SAAS,EACb,OAAO,EAAE,uBAAuB,GAC/B,OAAO,CAAC,IAAI,CAAC,CAyBf;AAED,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,SAAS,EACb,QAAQ,EAAE,IAAI,GACb,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,CAQzC;AAID,wBAAsB,kBAAkB,CACtC,EAAE,EAAE,SAAS,EACb,IAAI,EAAE;IAAE,SAAS,EAAE,IAAI,CAAC;IAAC,SAAS,EAAE,IAAI,CAAC;IAAC,UAAU,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE,GAClF,OAAO,CAAC,IAAI,CAAC,CAOf;AAED,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,SAAS,EACb,QAAQ,EAAE,IAAI,GACb,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAMzC;AAID,wBAAsB,yBAAyB,CAC7C,EAAE,EAAE,SAAS,EACb,MAAM,EAAE;IAAE,gBAAgB,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAAE,GACpE,OAAO,CAAC,IAAI,CAAC,CAMf"}
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
import { type IAgentRuntime, Service, type UUID } from "@elizaos/core";
|
|
2
|
+
import { type TrustCalculationConfig, type TrustContext, type TrustDecision, type TrustInteraction, type TrustProfile, type TrustRequirements } from "../types/trust";
|
|
3
|
+
export declare class TrustEngine extends Service {
|
|
4
|
+
static serviceType: "trust-engine";
|
|
5
|
+
capabilityDescription: string;
|
|
6
|
+
private static readonly ACTION_CONTEXT_WEIGHTS;
|
|
7
|
+
private trustConfig;
|
|
8
|
+
private profileCache;
|
|
9
|
+
private readonly cacheTimeout;
|
|
10
|
+
private readonly maxInteractionsInMemory;
|
|
11
|
+
private interactions;
|
|
12
|
+
private rateLimits;
|
|
13
|
+
private readonly maxEvidencePerHour;
|
|
14
|
+
constructor(config?: Partial<TrustCalculationConfig>);
|
|
15
|
+
initialize(runtime: IAgentRuntime): Promise<void>;
|
|
16
|
+
stop(): Promise<void>;
|
|
17
|
+
static start(runtime: IAgentRuntime): Promise<Service>;
|
|
18
|
+
/**
|
|
19
|
+
* Calculate trust profile for an entity
|
|
20
|
+
*/
|
|
21
|
+
calculateTrust(subjectId: UUID, context: TrustContext): Promise<TrustProfile>;
|
|
22
|
+
/**
|
|
23
|
+
* Records a trust interaction
|
|
24
|
+
*/
|
|
25
|
+
recordInteraction(interaction: TrustInteraction): Promise<void>;
|
|
26
|
+
/**
|
|
27
|
+
* Evaluate if an action is allowed based on trust
|
|
28
|
+
*/
|
|
29
|
+
evaluateTrustDecision(entityId: UUID, requirements: TrustRequirements, context: TrustContext): Promise<TrustDecision>;
|
|
30
|
+
/**
|
|
31
|
+
* Check rate limiting for evidence recording
|
|
32
|
+
*/
|
|
33
|
+
private static readonly DIMINISHING_WEIGHTS;
|
|
34
|
+
private checkRateLimit;
|
|
35
|
+
/**
|
|
36
|
+
* Calculate trust dimensions from evidence
|
|
37
|
+
*/
|
|
38
|
+
private calculateDimensions;
|
|
39
|
+
/**
|
|
40
|
+
* Calculate overall trust score from dimensions
|
|
41
|
+
*/
|
|
42
|
+
private calculateOverallTrust;
|
|
43
|
+
/**
|
|
44
|
+
* Calculate confidence based on evidence quantity and consistency
|
|
45
|
+
*/
|
|
46
|
+
private calculateConfidence;
|
|
47
|
+
/**
|
|
48
|
+
* Calculate age weight for evidence based on recency
|
|
49
|
+
*/
|
|
50
|
+
private calculateAgeWeight;
|
|
51
|
+
/**
|
|
52
|
+
* Analyze trust trend over time
|
|
53
|
+
*/
|
|
54
|
+
private analyzeTrend;
|
|
55
|
+
/**
|
|
56
|
+
* Load evidence from storage
|
|
57
|
+
*/
|
|
58
|
+
private loadEvidence;
|
|
59
|
+
/**
|
|
60
|
+
* Save trust profile to storage
|
|
61
|
+
*/
|
|
62
|
+
private saveTrustProfile;
|
|
63
|
+
/**
|
|
64
|
+
* Generate suggestions for building trust
|
|
65
|
+
*/
|
|
66
|
+
private generateTrustBuildingSuggestions;
|
|
67
|
+
/**
|
|
68
|
+
* Generate suggestions for improving specific dimensions
|
|
69
|
+
*/
|
|
70
|
+
private generateDimensionSuggestions;
|
|
71
|
+
/**
|
|
72
|
+
* Evaluates trust for an entity (simplified API for actions)
|
|
73
|
+
*/
|
|
74
|
+
evaluateTrust(entityId: UUID, evaluatorId: UUID, context?: Partial<TrustContext>): Promise<TrustProfile>;
|
|
75
|
+
/**
|
|
76
|
+
* Get recent trust interactions for an entity
|
|
77
|
+
* @param daysBack Number of days to look back (default: 10)
|
|
78
|
+
*/
|
|
79
|
+
getRecentInteractions(entityId: UUID, daysBack?: number): Promise<TrustInteraction[]>;
|
|
80
|
+
}
|
|
81
|
+
//# sourceMappingURL=TrustEngine.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"TrustEngine.d.ts","sourceRoot":"","sources":["../../src/services/TrustEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,aAAa,EAGlB,OAAO,EAEP,KAAK,IAAI,EACV,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,KAAK,sBAAsB,EAC3B,KAAK,YAAY,EACjB,KAAK,aAAa,EAIlB,KAAK,gBAAgB,EACrB,KAAK,YAAY,EACjB,KAAK,iBAAiB,EACvB,MAAM,gBAAgB,CAAC;AAoGxB,qBAAa,WAAY,SAAQ,OAAO;IACtC,MAAM,CAAC,WAAW,EAAG,cAAc,CAAU;IAE7C,qBAAqB,SAA2D;IAEhF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAyB5C;IAEF,OAAO,CAAC,WAAW,CAAyB;IAC5C,OAAO,CAAC,YAAY,CAAwC;IAC5D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAiB;IAC9C,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAO;IAC/C,OAAO,CAAC,YAAY,CAA0B;IAC9C,OAAO,CAAC,UAAU,CAGJ;IACd,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAM;gBAE7B,MAAM,CAAC,EAAE,OAAO,CAAC,sBAAsB,CAAC;IAK9C,UAAU,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAKjD,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;WAKd,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAM5D;;OAEG;IACG,cAAc,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;IA2DnF;;OAEG;IACG,iBAAiB,CAAC,WAAW,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IA0DrE;;OAEG;IACG,qBAAqB,CACzB,QAAQ,EAAE,IAAI,EACd,YAAY,EAAE,iBAAiB,EAC/B,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,aAAa,CAAC;IAoEzB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAmC;IAE9E,OAAO,CAAC,cAAc;IAyCtB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAgC3B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAgB7B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAsB3B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAQ1B;;OAEG;YACW,YAAY;IAiD1B;;OAEG;YACW,YAAY;IAwD1B;;OAEG;YACW,gBAAgB;IAyC9B;;OAEG;IACH,OAAO,CAAC,gCAAgC;IA2BxC;;OAEG;IACH,OAAO,CAAC,4BAA4B;IAgCpC;;OAEG;IACG,aAAa,CACjB,QAAQ,EAAE,IAAI,EACd,WAAW,EAAE,IAAI,EACjB,OAAO,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,GAC9B,OAAO,CAAC,YAAY,CAAC;IAQxB;;;OAGG;IACG,qBAAqB,CAAC,QAAQ,EAAE,IAAI,EAAE,QAAQ,SAAK,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC;CAOxF"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { IAgentRuntime } from "@elizaos/core";
|
|
2
|
+
/**
|
|
3
|
+
* Minimal Drizzle-compatible DB interface.
|
|
4
|
+
* Uses a chainable query builder pattern matching drizzle-orm.
|
|
5
|
+
*/
|
|
6
|
+
export type DrizzleDB = Record<string, (...args: any[]) => any>;
|
|
7
|
+
/**
|
|
8
|
+
* Get the Drizzle database instance from the runtime.
|
|
9
|
+
* @throws if the database is unavailable.
|
|
10
|
+
*/
|
|
11
|
+
export declare function getDb(runtime: IAgentRuntime): DrizzleDB;
|
|
12
|
+
//# sourceMappingURL=db.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"db.d.ts","sourceRoot":"","sources":["../../src/services/db.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD;;;GAGG;AAGH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,GAAG,CAAC,CAAC;AAEhE;;;GAGG;AACH,wBAAgB,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,SAAS,CAIvD"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
export { ContextualPermissionSystem } from "./ContextualPermissionSystem";
|
|
2
|
+
export { CredentialProtector } from "./CredentialProtector";
|
|
3
|
+
export { SecurityModule } from "./SecurityModule";
|
|
4
|
+
export { TrustEngine } from "./TrustEngine";
|
|
5
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC"}
|
package/dist/tests.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tests.d.ts","sourceRoot":"","sources":["../src/tests.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAiC,QAAQ,EAAQ,MAAM,eAAe,CAAC;AAqFnF,eAAO,MAAM,KAAK,EAAE,QAAQ,EAozB3B,CAAC"}
|
|
@@ -0,0 +1,185 @@
|
|
|
1
|
+
import type { Role, UUID } from "@elizaos/core";
|
|
2
|
+
import type { TrustRequirements } from "./trust";
|
|
3
|
+
/**
|
|
4
|
+
* Context for permission evaluation
|
|
5
|
+
*/
|
|
6
|
+
export interface PermissionContext {
|
|
7
|
+
worldId?: UUID;
|
|
8
|
+
roomId?: UUID;
|
|
9
|
+
platform?: string;
|
|
10
|
+
serverId?: string;
|
|
11
|
+
channelId?: string;
|
|
12
|
+
timestamp?: number;
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* A contextual role that applies in specific contexts
|
|
16
|
+
*/
|
|
17
|
+
export interface ContextualRole {
|
|
18
|
+
id: UUID;
|
|
19
|
+
role: Role;
|
|
20
|
+
entityId: UUID;
|
|
21
|
+
context: PermissionContext;
|
|
22
|
+
/** When this role assignment expires */
|
|
23
|
+
expiresAt?: number;
|
|
24
|
+
/** Who assigned this role */
|
|
25
|
+
assignedBy: UUID;
|
|
26
|
+
/** When this role was assigned */
|
|
27
|
+
assignedAt: number;
|
|
28
|
+
/** Trust requirements for this role */
|
|
29
|
+
trustRequirements?: TrustRequirements;
|
|
30
|
+
/** Additional metadata */
|
|
31
|
+
metadata?: Record<string, unknown>;
|
|
32
|
+
}
|
|
33
|
+
/**
|
|
34
|
+
* Permission that can be granted
|
|
35
|
+
*/
|
|
36
|
+
export interface Permission {
|
|
37
|
+
action: string;
|
|
38
|
+
resource: string;
|
|
39
|
+
context?: PermissionContext;
|
|
40
|
+
constraints?: PermissionConstraint[];
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Constraint on a permission
|
|
44
|
+
*/
|
|
45
|
+
export interface PermissionConstraint {
|
|
46
|
+
type: "time_window" | "usage_limit" | "trust_required" | "role_required" | "custom";
|
|
47
|
+
value: string | number | boolean | Record<string, unknown>;
|
|
48
|
+
description?: string;
|
|
49
|
+
}
|
|
50
|
+
/**
|
|
51
|
+
* Result of a permission check
|
|
52
|
+
*/
|
|
53
|
+
export interface PermissionDecision {
|
|
54
|
+
allowed: boolean;
|
|
55
|
+
/** How the decision was made */
|
|
56
|
+
method: "role-based" | "trust-based" | "delegated" | "elevated" | "denied";
|
|
57
|
+
/** Which role or trust level granted access */
|
|
58
|
+
grantedBy?: {
|
|
59
|
+
type: "role" | "trust";
|
|
60
|
+
value: Role | number;
|
|
61
|
+
context?: PermissionContext;
|
|
62
|
+
};
|
|
63
|
+
/** Reason for the decision */
|
|
64
|
+
reason: string;
|
|
65
|
+
/** Suggestions if denied */
|
|
66
|
+
suggestions?: string[];
|
|
67
|
+
/** Conditions that must be met */
|
|
68
|
+
conditions?: string[];
|
|
69
|
+
/** Audit trail */
|
|
70
|
+
auditInfo?: {
|
|
71
|
+
decidedAt: number;
|
|
72
|
+
evaluatorId: UUID;
|
|
73
|
+
evidence?: Record<string, unknown>[];
|
|
74
|
+
};
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Request for elevated permissions
|
|
78
|
+
*/
|
|
79
|
+
export interface ElevationRequest {
|
|
80
|
+
entityId: UUID;
|
|
81
|
+
requestedPermission: Permission;
|
|
82
|
+
justification: string;
|
|
83
|
+
duration?: number;
|
|
84
|
+
context: PermissionContext;
|
|
85
|
+
}
|
|
86
|
+
/**
|
|
87
|
+
* Result of an elevation request
|
|
88
|
+
*/
|
|
89
|
+
export interface ElevationResult {
|
|
90
|
+
granted: boolean;
|
|
91
|
+
elevationId?: UUID;
|
|
92
|
+
expiresAt?: number;
|
|
93
|
+
conditions?: string[];
|
|
94
|
+
reason?: string;
|
|
95
|
+
trustDeficit?: number;
|
|
96
|
+
suggestions?: string[];
|
|
97
|
+
}
|
|
98
|
+
/**
|
|
99
|
+
* Represents a delegation of permissions
|
|
100
|
+
*/
|
|
101
|
+
export interface PermissionDelegation {
|
|
102
|
+
id: UUID;
|
|
103
|
+
delegatorId: UUID;
|
|
104
|
+
delegateeId: UUID;
|
|
105
|
+
permissions: Permission[];
|
|
106
|
+
context: PermissionContext;
|
|
107
|
+
expiresAt?: number;
|
|
108
|
+
createdAt: number;
|
|
109
|
+
conditions?: string[];
|
|
110
|
+
revoked?: boolean;
|
|
111
|
+
revokedAt?: number;
|
|
112
|
+
revokedBy?: UUID;
|
|
113
|
+
}
|
|
114
|
+
/**
|
|
115
|
+
* Access request for evaluation
|
|
116
|
+
*/
|
|
117
|
+
export interface AccessRequest {
|
|
118
|
+
entityId: UUID;
|
|
119
|
+
action: string;
|
|
120
|
+
resource: string;
|
|
121
|
+
context: PermissionContext;
|
|
122
|
+
metadata?: Record<string, unknown>;
|
|
123
|
+
}
|
|
124
|
+
/**
|
|
125
|
+
* Complete access decision with all details
|
|
126
|
+
*/
|
|
127
|
+
export interface AccessDecision extends PermissionDecision {
|
|
128
|
+
request: AccessRequest;
|
|
129
|
+
evaluatedAt: number;
|
|
130
|
+
ttl?: number;
|
|
131
|
+
securityChecks?: {
|
|
132
|
+
promptInjection: boolean;
|
|
133
|
+
socialEngineering: boolean;
|
|
134
|
+
anomalyDetection: boolean;
|
|
135
|
+
};
|
|
136
|
+
}
|
|
137
|
+
/**
|
|
138
|
+
* Unix-style permission system for autonomous agents
|
|
139
|
+
* Format: XYYY where:
|
|
140
|
+
* X = Special permissions (setuid, setgid, sticky)
|
|
141
|
+
* First Y = Owner (self) permissions
|
|
142
|
+
* Second Y = Group (admin/trusted) permissions
|
|
143
|
+
* Third Y = Others (user/anon) permissions
|
|
144
|
+
*
|
|
145
|
+
* Each digit is sum of: 4 (read), 2 (write), 1 (execute)
|
|
146
|
+
*
|
|
147
|
+
* Examples:
|
|
148
|
+
* 0700 = Only self can read/write/execute
|
|
149
|
+
* 0755 = Self has full, others can read/execute
|
|
150
|
+
* 0644 = Self read/write, others read only
|
|
151
|
+
* 4755 = Setuid + self full, others read/execute
|
|
152
|
+
*/
|
|
153
|
+
export interface UnixPermission {
|
|
154
|
+
mode: number;
|
|
155
|
+
owner: "self" | "system" | string;
|
|
156
|
+
group: "admin" | "trusted" | "user" | string;
|
|
157
|
+
setuid?: boolean;
|
|
158
|
+
setgid?: boolean;
|
|
159
|
+
sticky?: boolean;
|
|
160
|
+
}
|
|
161
|
+
export interface ActionPermission {
|
|
162
|
+
action: string;
|
|
163
|
+
unix: UnixPermission;
|
|
164
|
+
trustRequired?: number;
|
|
165
|
+
roleRequired?: string[];
|
|
166
|
+
contextRequired?: string[];
|
|
167
|
+
selfCallable?: boolean;
|
|
168
|
+
delegatable?: boolean;
|
|
169
|
+
auditable?: boolean;
|
|
170
|
+
}
|
|
171
|
+
export interface PermissionEvaluationContext {
|
|
172
|
+
caller: "self" | "admin" | "user" | "anon" | string;
|
|
173
|
+
action: string;
|
|
174
|
+
target?: string;
|
|
175
|
+
trust?: number;
|
|
176
|
+
roles?: string[];
|
|
177
|
+
context?: Record<string, unknown>;
|
|
178
|
+
}
|
|
179
|
+
export declare const PermissionUtils: {
|
|
180
|
+
fromOctal: (octal: string) => number;
|
|
181
|
+
canExecute: (permission: UnixPermission, caller: PermissionEvaluationContext) => boolean;
|
|
182
|
+
canRead: (permission: UnixPermission, caller: PermissionEvaluationContext) => boolean;
|
|
183
|
+
canWrite: (permission: UnixPermission, caller: PermissionEvaluationContext) => boolean;
|
|
184
|
+
};
|
|
185
|
+
//# sourceMappingURL=permissions.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/types/permissions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAChD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AAEjD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,CAAC,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,IAAI,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,IAAI,CAAC;IACT,IAAI,EAAE,IAAI,CAAC;IACX,QAAQ,EAAE,IAAI,CAAC;IACf,OAAO,EAAE,iBAAiB,CAAC;IAE3B,wCAAwC;IACxC,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,6BAA6B;IAC7B,UAAU,EAAE,IAAI,CAAC;IAEjB,kCAAkC;IAClC,UAAU,EAAE,MAAM,CAAC;IAEnB,uCAAuC;IACvC,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IAEtC,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,iBAAiB,CAAC;IAC5B,WAAW,CAAC,EAAE,oBAAoB,EAAE,CAAC;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,aAAa,GAAG,aAAa,GAAG,gBAAgB,GAAG,eAAe,GAAG,QAAQ,CAAC;IACpF,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC3D,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IAEjB,gCAAgC;IAChC,MAAM,EAAE,YAAY,GAAG,aAAa,GAAG,WAAW,GAAG,UAAU,GAAG,QAAQ,CAAC;IAE3E,+CAA+C;IAC/C,SAAS,CAAC,EAAE;QACV,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;QACvB,KAAK,EAAE,IAAI,GAAG,MAAM,CAAC;QACrB,OAAO,CAAC,EAAE,iBAAiB,CAAC;KAC7B,CAAC;IAEF,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IAEf,4BAA4B;IAC5B,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IAEvB,kCAAkC;IAClC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IAEtB,kBAAkB;IAClB,SAAS,CAAC,EAAE;QACV,SAAS,EAAE,MAAM,CAAC;QAClB,WAAW,EAAE,IAAI,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;KACtC,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,IAAI,CAAC;IACf,mBAAmB,EAAE,UAAU,CAAC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,iBAAiB,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,IAAI,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,IAAI,CAAC;IACT,WAAW,EAAE,IAAI,CAAC;IAClB,WAAW,EAAE,IAAI,CAAC;IAClB,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,OAAO,EAAE,iBAAiB,CAAC;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,IAAI,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,iBAAiB,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,kBAAkB;IACxD,OAAO,EAAE,aAAa,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,cAAc,CAAC,EAAE;QACf,eAAe,EAAE,OAAO,CAAC;QACzB,iBAAiB,EAAE,OAAO,CAAC;QAC3B,gBAAgB,EAAE,OAAO,CAAC;KAC3B,CAAC;CACH;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;IAClC,KAAK,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,GAAG,MAAM,CAAC;IAG7C,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,cAAc,CAAC;IAGrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAG3B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,2BAA2B;IAC1C,MAAM,EAAE,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;IACpD,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAGD,eAAO,MAAM,eAAe;uBAEP,MAAM,KAAG,MAAM;6BAKT,cAAc,UAAU,2BAA2B,KAAG,OAAO;0BAyBhE,cAAc,UAAU,2BAA2B,KAAG,OAAO;2BAsB5D,cAAc,UAAU,2BAA2B,KAAG,OAAO;CAoBrF,CAAC"}
|