@ghostspeak/sdk 2.0.6 → 2.0.7

package/dist/revokeAuthorization-OK7E7OK3.js

@@ -0,0 +1,5 @@
+export { REVOKE_AUTHORIZATION_DISCRIMINATOR, getRevokeAuthorizationDiscriminatorBytes, getRevokeAuthorizationInstruction, getRevokeAuthorizationInstructionDataCodec, getRevokeAuthorizationInstructionDataDecoder, getRevokeAuthorizationInstructionDataEncoder, parseRevokeAuthorizationInstruction } from './chunk-JV2SWONF.js';
+import './chunk-AL3HQN73.js';
+import './chunk-UP2VWCW5.js';
+//# sourceMappingURL=revokeAuthorization-OK7E7OK3.js.map
+//# sourceMappingURL=revokeAuthorization-OK7E7OK3.js.map

package/dist/revokeAuthorization-OK7E7OK3.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"revokeAuthorization-OK7E7OK3.js"}

package/dist/signature-verification-DGxR4aYQ.d.ts

@@ -0,0 +1,448 @@
+import { Address } from '@solana/addresses';
+
+/**
+ * Agent Authorization System Types
+ *
+ * GhostSpeak's trustless authorization mechanism for agents to
+ * pre-authorize reputation updates with cryptographic signatures.
+ *
+ * Built for secure, delegated reputation management across protocols.
+ */
+
+/**
+ * Network types supported by GhostSpeak
+ */
+type SolanaNetwork = 'mainnet-beta' | 'devnet' | 'testnet' | 'localnet';
+/**
+ * Configuration for on-chain authorization storage
+ *
+ * On-chain storage provides an immutable audit trail for authorizations,
+ * but costs ~0.002 SOL in rent. Off-chain storage (default) is free but
+ * requires agents to share signed authorizations with facilitators.
+ */
+interface OnChainStorageConfig {
+    /** Enable on-chain storage (default: false for cost efficiency) */
+    enabled: boolean;
+    /**
+     * Storage fee in lamports (default: 0.002 SOL = 2000000 lamports for rent)
+     * This covers the account rent exemption cost on Solana
+     */
+    storageFee?: bigint;
+    /**
+     * Who pays the storage fee
+     * - true: Agent pays (stored authorization benefits agent's transparency)
+     * - false: Facilitator pays (facilitator wants on-chain proof)
+     * Default: true (agent pays for their own authorization storage)
+     */
+    feePayedByAgent?: boolean;
+    /**
+     * Automatically store on-chain after creation
+     * - true: Store immediately (requires funded wallet)
+     * - false: Manual storage via storeAuthorizationOnChain()
+     * Default: false (manual control)
+     */
+    autoStore?: boolean;
+    /**
+     * Custom fee structure for different authorization durations
+     * Maps duration in seconds to fee in lamports
+     * Example: { 2592000: 1000000n } // 30 days = 0.001 SOL
+     */
+    customFees?: Record<number, bigint>;
+}
+/**
+ * Reputation Authorization
+ *
+ * Allows an agent to pre-authorize a specific source (e.g., PayAI facilitator)
+ * to update their reputation a limited number of times before expiration.
+ */
+interface ReputationAuthorization {
+    /** Agent's public key (the one granting authorization) */
+    agentAddress: Address;
+    /** Authorized source address (e.g., PayAI facilitator address) */
+    authorizedSource: Address;
+    /** Maximum number of reputation updates allowed */
+    indexLimit: number;
+    /** Unix timestamp when authorization expires */
+    expiresAt: number;
+    /** Solana network this authorization is valid on */
+    network: SolanaNetwork;
+    /** Ed25519 signature (64 bytes) proving agent's intent */
+    signature: Uint8Array;
+    /** Optional nonce to prevent replay attacks */
+    nonce?: string;
+    /** Optional metadata */
+    metadata?: AuthorizationMetadata;
+}
+/**
+ * Authorization metadata (optional fields)
+ */
+interface AuthorizationMetadata {
+    /** Human-readable description */
+    description?: string;
+    /** Tags for categorization */
+    tags?: string[];
+    /** Custom data */
+    customData?: Record<string, unknown>;
+    /** Creation timestamp */
+    createdAt?: number;
+    /** Version of authorization format */
+    version?: string;
+}
+/**
+ * Authorization Proof
+ *
+ * Result of verifying a reputation authorization
+ */
+interface AuthorizationProof {
+    /** The authorization being verified */
+    authorization: ReputationAuthorization;
+    /** Current index (number of times used) */
+    currentIndex: number;
+    /** Whether the authorization is valid */
+    isValid: boolean;
+    /** Reason if invalid */
+    invalidReason?: AuthorizationInvalidReason;
+    /** Timestamp when verification was performed */
+    verifiedAt: number;
+    /** Verification metadata */
+    verificationDetails?: VerificationDetails;
+}
+/**
+ * Reasons why an authorization might be invalid
+ */
+declare enum AuthorizationInvalidReason {
+    EXPIRED = "expired",
+    INDEX_LIMIT_EXCEEDED = "index_limit_exceeded",
+    INVALID_SIGNATURE = "invalid_signature",
+    NETWORK_MISMATCH = "network_mismatch",
+    REVOKED = "revoked",
+    NOT_YET_VALID = "not_yet_valid",
+    MALFORMED = "malformed"
+}
+/**
+ * Verification details
+ */
+interface VerificationDetails {
+    /** Whether signature was verified */
+    signatureVerified: boolean;
+    /** Whether expiration was checked */
+    expirationChecked: boolean;
+    /** Whether index limit was checked */
+    indexLimitChecked: boolean;
+    /** Whether network matched */
+    networkMatched: boolean;
+    /** Additional notes */
+    notes?: string[];
+}
+/**
+ * Authorization message to be signed
+ *
+ * This message is hashed and signed by the agent's private key
+ */
+interface AuthorizationMessage {
+    /** Agent granting authorization */
+    agentAddress: Address;
+    /** Source being authorized */
+    authorizedSource: Address;
+    /** Maximum updates allowed */
+    indexLimit: number;
+    /** Expiration timestamp */
+    expiresAt: number;
+    /** Network */
+    network: SolanaNetwork;
+    /** Optional nonce */
+    nonce?: string;
+}
+/**
+ * Authorization creation parameters
+ */
+interface CreateAuthorizationParams {
+    /** Authorized source (e.g., PayAI facilitator) */
+    authorizedSource: Address;
+    /** Maximum number of updates (default: 1000) */
+    indexLimit?: number;
+    /** Expiration time in seconds from now (default: 30 days) */
+    expiresIn?: number;
+    /** Specific expiration timestamp (overrides expiresIn) */
+    expiresAt?: number;
+    /** Network (defaults to current cluster) */
+    network?: SolanaNetwork;
+    /** Optional nonce for replay protection */
+    nonce?: string;
+    /** Optional metadata */
+    metadata?: AuthorizationMetadata;
+    /**
+     * Whether to store authorization on-chain (default: false)
+     * @deprecated Use onChainStorage.enabled instead
+     */
+    storeOnChain?: boolean;
+    /**
+     * On-chain storage configuration
+     * If not provided, defaults to off-chain (free) storage
+     */
+    onChainStorage?: OnChainStorageConfig;
+}
+/**
+ * Authorization verification parameters
+ */
+interface VerifyAuthorizationParams {
+    /** Authorization to verify */
+    authorization: ReputationAuthorization;
+    /** Current index (number of times used) */
+    currentIndex: number;
+    /** Whether to check on-chain status (default: false) */
+    checkOnChain?: boolean;
+    /** Expected network (defaults to current cluster) */
+    expectedNetwork?: SolanaNetwork;
+}
+/**
+ * Authorization update record
+ *
+ * Tracks when an authorization was used for a reputation update
+ */
+interface AuthorizationUsage {
+    /** Authorization ID */
+    authorizationId: string;
+    /** Agent address */
+    agentAddress: Address;
+    /** Authorized source */
+    authorizedSource: Address;
+    /** Index at time of use */
+    index: number;
+    /** Reputation change applied */
+    reputationChange: number;
+    /** Timestamp of usage */
+    usedAt: number;
+    /** Transaction signature (if on-chain) */
+    transactionSignature?: string;
+    /** Usage metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Authorization status
+ */
+declare enum AuthorizationStatus {
+    ACTIVE = "active",
+    EXPIRED = "expired",
+    EXHAUSTED = "exhausted",// Index limit reached
+    REVOKED = "revoked",
+    PENDING = "pending"
+}
+/**
+ * Authorization with status
+ */
+interface AuthorizationWithStatus extends ReputationAuthorization {
+    /** Current status */
+    status: AuthorizationStatus;
+    /** Current usage count */
+    currentIndex: number;
+    /** Remaining uses */
+    remainingUses: number;
+    /** Whether currently valid */
+    isValid: boolean;
+    /** Last used timestamp */
+    lastUsedAt?: number;
+    /** Authorization ID (derived from signature or on-chain account) */
+    id: string;
+}
+/**
+ * Batch authorization verification result
+ */
+interface BatchAuthorizationVerification {
+    /** Total authorizations checked */
+    total: number;
+    /** Number of valid authorizations */
+    valid: number;
+    /** Number of invalid authorizations */
+    invalid: number;
+    /** Individual results */
+    results: AuthorizationProof[];
+    /** Verification timestamp */
+    verifiedAt: number;
+}
+/**
+ * Authorization revocation
+ */
+interface AuthorizationRevocation {
+    /** Authorization being revoked */
+    authorizationId: string;
+    /** Agent revoking (must match authorization.agentAddress) */
+    agentAddress: Address;
+    /** Reason for revocation */
+    reason?: string;
+    /** Revocation timestamp */
+    revokedAt: number;
+    /** Signature proving revocation intent */
+    signature: Uint8Array;
+    /** Transaction signature (if on-chain) */
+    transactionSignature?: string;
+}
+/**
+ * Authorization query filter
+ */
+interface AuthorizationFilter {
+    /** Filter by agent address */
+    agentAddress?: Address;
+    /** Filter by authorized source */
+    authorizedSource?: Address;
+    /** Filter by status */
+    status?: AuthorizationStatus | AuthorizationStatus[];
+    /** Filter by network */
+    network?: SolanaNetwork;
+    /** Filter by expiration (before/after timestamp) */
+    expiresAfter?: number;
+    expiresBefore?: number;
+    /** Filter by creation time */
+    createdAfter?: number;
+    createdBefore?: number;
+    /** Pagination */
+    limit?: number;
+    offset?: number;
+}
+
+/**
+ * Agent Authorization Signature Verification
+ *
+ * Ed25519 signature creation and verification for GhostSpeak's
+ * trustless agent pre-authorization system.
+ *
+ * Enables verifiable delegation of reputation update authority.
+ */
+
+/**
+ * Keypair interface for Ed25519 signing operations
+ * Compatible with both legacy and modern Solana key formats
+ */
+interface SigningKeypair {
+    publicKey: {
+        toBase58(): string;
+        toBytes(): Uint8Array;
+    };
+    secretKey: Uint8Array;
+}
+/**
+ * Create authorization message for signing
+ *
+ * Message format:
+ * - Domain separator (prevents cross-protocol replay)
+ * - Agent address (32 bytes)
+ * - Authorized source (32 bytes)
+ * - Index limit (8 bytes, u64 big-endian)
+ * - Expiration timestamp (8 bytes, u64 big-endian)
+ * - Network string (variable length)
+ * - Nonce (optional, 32 bytes if present)
+ *
+ * @param message - Authorization message parameters
+ * @returns Buffer ready for signing
+ */
+declare function createAuthorizationMessage(message: AuthorizationMessage): Buffer;
+/**
+ * Sign authorization message with agent's private key
+ *
+ * @param message - Authorization message to sign
+ * @param agentKeypair - Agent's keypair (must match message.agentAddress)
+ * @returns Ed25519 signature (64 bytes)
+ */
+declare function signAuthorizationMessage(message: AuthorizationMessage, agentKeypair: SigningKeypair): Promise<Uint8Array>;
+/**
+ * Verify authorization signature
+ *
+ * @param authorization - Authorization to verify
+ * @returns True if signature is valid
+ */
+declare function verifyAuthorizationSignature(authorization: ReputationAuthorization): Promise<boolean>;
+/**
+ * Create a complete authorization with signature
+ *
+ * @param params - Authorization parameters
+ * @param agentKeypair - Agent's keypair for signing
+ * @returns Complete signed authorization
+ */
+declare function createSignedAuthorization(params: CreateAuthorizationParams, agentKeypair: SigningKeypair): Promise<ReputationAuthorization>;
+/**
+ * Generate a random nonce for replay protection
+ *
+ * @returns 32-byte random nonce as hex string
+ */
+declare function generateNonce(): string;
+/**
+ * Serialize authorization to JSON-safe format
+ *
+ * @param authorization - Authorization to serialize
+ * @returns JSON-safe object (signature as base58)
+ */
+declare function serializeAuthorization(authorization: ReputationAuthorization): {
+    agentAddress: string;
+    authorizedSource: string;
+    indexLimit: number;
+    expiresAt: number;
+    network: SolanaNetwork;
+    signature: string;
+    nonce?: string;
+    metadata?: any;
+};
+/**
+ * Deserialize authorization from JSON format
+ *
+ * @param data - Serialized authorization data
+ * @returns ReputationAuthorization with Uint8Array signature
+ */
+declare function deserializeAuthorization(data: {
+    agentAddress: string;
+    authorizedSource: string;
+    indexLimit: number;
+    expiresAt: number;
+    network: SolanaNetwork;
+    signature: string;
+    nonce?: string;
+    metadata?: any;
+}): ReputationAuthorization;
+/**
+ * Get authorization ID (deterministic hash)
+ *
+ * @param authorization - Authorization to hash
+ * @returns Base58-encoded SHA-256 hash
+ */
+declare function getAuthorizationId(authorization: ReputationAuthorization): Promise<string>;
+/**
+ * Check if authorization is expired
+ *
+ * @param authorization - Authorization to check
+ * @param currentTime - Current Unix timestamp (defaults to now)
+ * @returns True if expired
+ */
+declare function isAuthorizationExpired(authorization: ReputationAuthorization, currentTime?: number): boolean;
+/**
+ * Check if authorization has exceeded index limit
+ *
+ * @param authorization - Authorization to check
+ * @param currentIndex - Current usage count
+ * @returns True if exhausted
+ */
+declare function isAuthorizationExhausted(authorization: ReputationAuthorization, currentIndex: number): boolean;
+/**
+ * Validate authorization network matches expected
+ *
+ * @param authorization - Authorization to check
+ * @param expectedNetwork - Expected network
+ * @returns True if networks match
+ */
+declare function validateAuthorizationNetwork(authorization: ReputationAuthorization, expectedNetwork: SolanaNetwork): boolean;
+
+type signatureVerification_SigningKeypair = SigningKeypair;
+declare const signatureVerification_createAuthorizationMessage: typeof createAuthorizationMessage;
+declare const signatureVerification_createSignedAuthorization: typeof createSignedAuthorization;
+declare const signatureVerification_deserializeAuthorization: typeof deserializeAuthorization;
+declare const signatureVerification_generateNonce: typeof generateNonce;
+declare const signatureVerification_getAuthorizationId: typeof getAuthorizationId;
+declare const signatureVerification_isAuthorizationExhausted: typeof isAuthorizationExhausted;
+declare const signatureVerification_isAuthorizationExpired: typeof isAuthorizationExpired;
+declare const signatureVerification_serializeAuthorization: typeof serializeAuthorization;
+declare const signatureVerification_signAuthorizationMessage: typeof signAuthorizationMessage;
+declare const signatureVerification_validateAuthorizationNetwork: typeof validateAuthorizationNetwork;
+declare const signatureVerification_verifyAuthorizationSignature: typeof verifyAuthorizationSignature;
+declare namespace signatureVerification {
+  export { type signatureVerification_SigningKeypair as SigningKeypair, signatureVerification_createAuthorizationMessage as createAuthorizationMessage, signatureVerification_createSignedAuthorization as createSignedAuthorization, signatureVerification_deserializeAuthorization as deserializeAuthorization, signatureVerification_generateNonce as generateNonce, signatureVerification_getAuthorizationId as getAuthorizationId, signatureVerification_isAuthorizationExhausted as isAuthorizationExhausted, signatureVerification_isAuthorizationExpired as isAuthorizationExpired, signatureVerification_serializeAuthorization as serializeAuthorization, signatureVerification_signAuthorizationMessage as signAuthorizationMessage, signatureVerification_validateAuthorizationNetwork as validateAuthorizationNetwork, signatureVerification_verifyAuthorizationSignature as verifyAuthorizationSignature };
+}
+
+export { AuthorizationStatus as A, type BatchAuthorizationVerification as B, type CreateAuthorizationParams as C, type OnChainStorageConfig as O, type ReputationAuthorization as R, type SigningKeypair as S, type VerificationDetails as V, signAuthorizationMessage as a, createSignedAuthorization as b, createAuthorizationMessage as c, serializeAuthorization as d, deserializeAuthorization as e, getAuthorizationId as f, generateNonce as g, isAuthorizationExhausted as h, isAuthorizationExpired as i, validateAuthorizationNetwork as j, type AuthorizationWithStatus as k, type AuthorizationFilter as l, type SolanaNetwork as m, type AuthorizationMetadata as n, type AuthorizationProof as o, AuthorizationInvalidReason as p, type AuthorizationMessage as q, type VerifyAuthorizationParams as r, signatureVerification as s, type AuthorizationUsage as t, type AuthorizationRevocation as u, verifyAuthorizationSignature as v };

package/dist/types.js

@@ -1,4 +1,4 @@
 export { AgentType, ChannelType, ErrorCode, EscrowStatus, MessageType, ParticipantType, isError, isSuccess, unwrap } from './chunk-SRS2SKFS.js';
-import './chunk-NSBPE2FW.js';
+import './chunk-UP2VWCW5.js';
 //# sourceMappingURL=types.js.map
 //# sourceMappingURL=types.js.map

package/dist/updateReputationWithAuth-Y4ONEVSP.js

@@ -0,0 +1,5 @@
+export { UPDATE_REPUTATION_WITH_AUTH_DISCRIMINATOR, getUpdateReputationWithAuthDiscriminatorBytes, getUpdateReputationWithAuthInstruction, getUpdateReputationWithAuthInstructionAsync, getUpdateReputationWithAuthInstructionDataCodec, getUpdateReputationWithAuthInstructionDataDecoder, getUpdateReputationWithAuthInstructionDataEncoder, parseUpdateReputationWithAuthInstruction } from './chunk-KB6CKIUK.js';
+import './chunk-AL3HQN73.js';
+import './chunk-UP2VWCW5.js';
+//# sourceMappingURL=updateReputationWithAuth-Y4ONEVSP.js.map
+//# sourceMappingURL=updateReputationWithAuth-Y4ONEVSP.js.map

package/dist/updateReputationWithAuth-Y4ONEVSP.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"updateReputationWithAuth-Y4ONEVSP.js"}