@goplus/agentguard 1.0.0

package/dist/policy/default.js

@@ -0,0 +1,94 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CAPABILITY_PRESETS = exports.PERMISSIVE_CAPABILITY = exports.RESTRICTIVE_CAPABILITY = exports.DEFAULT_POLICIES = void 0;
+/**
+ * Default policies - most restrictive
+ */
+exports.DEFAULT_POLICIES = {
+    // Private key and mnemonic exfiltration is always blocked
+    secret_exfil: {
+        private_key: 'deny',
+        mnemonic: 'deny',
+        api_secret: 'confirm',
+    },
+    // Command execution is denied by default
+    exec_command: 'deny',
+    // Web3 transactions
+    web3: {
+        unlimited_approval: 'confirm',
+        unknown_spender: 'confirm',
+        user_not_present: 'confirm',
+    },
+    // Network requests
+    network: {
+        untrusted_domain: 'confirm',
+        body_contains_secret: 'deny',
+    },
+};
+/**
+ * Restrictive capability model
+ */
+exports.RESTRICTIVE_CAPABILITY = {
+    network_allowlist: [],
+    filesystem_allowlist: [],
+    exec: 'deny',
+    secrets_allowlist: [],
+};
+/**
+ * Permissive capability model (for trusted skills)
+ */
+exports.PERMISSIVE_CAPABILITY = {
+    network_allowlist: ['*'],
+    filesystem_allowlist: ['./**'],
+    exec: 'allow',
+    secrets_allowlist: ['*'],
+    web3: {
+        chains_allowlist: [1, 56, 137, 42161, 10, 8453], // Major chains
+        rpc_allowlist: ['*'],
+        tx_policy: 'allow',
+    },
+};
+/**
+ * Common capability presets
+ */
+exports.CAPABILITY_PRESETS = {
+    /** No capabilities */
+    none: exports.RESTRICTIVE_CAPABILITY,
+    /** Read-only local access */
+    read_only: {
+        ...exports.RESTRICTIVE_CAPABILITY,
+        filesystem_allowlist: ['./**'],
+    },
+    /** Trading bot preset */
+    trading_bot: {
+        network_allowlist: [
+            'api.binance.com',
+            'api.bybit.com',
+            'api.okx.com',
+            'api.coinbase.com',
+            '*.dextools.io',
+            '*.coingecko.com',
+        ],
+        filesystem_allowlist: ['./config/**', './logs/**'],
+        exec: 'deny',
+        secrets_allowlist: ['*_API_KEY', '*_API_SECRET'],
+        web3: {
+            chains_allowlist: [1, 56, 137, 42161],
+            rpc_allowlist: ['*'],
+            tx_policy: 'confirm_high_risk',
+        },
+    },
+    /** DeFi interaction preset */
+    defi: {
+        network_allowlist: ['*'],
+        filesystem_allowlist: [],
+        exec: 'deny',
+        secrets_allowlist: [],
+        web3: {
+            chains_allowlist: [1, 56, 137, 42161, 10, 8453, 43114],
+            rpc_allowlist: ['*'],
+            tx_policy: 'confirm_high_risk',
+        },
+    },
+};
+//# sourceMappingURL=default.js.map

package/dist/policy/default.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"default.js","sourceRoot":"","sources":["../../src/policy/default.ts"],"names":[],"mappings":";;;AA2BA;;GAEG;AACU,QAAA,gBAAgB,GAAiB;IAC5C,0DAA0D;IAC1D,YAAY,EAAE;QACZ,WAAW,EAAE,MAAM;QACnB,QAAQ,EAAE,MAAM;QAChB,UAAU,EAAE,SAAS;KACtB;IAED,yCAAyC;IACzC,YAAY,EAAE,MAAM;IAEpB,oBAAoB;IACpB,IAAI,EAAE;QACJ,kBAAkB,EAAE,SAAS;QAC7B,eAAe,EAAE,SAAS;QAC1B,gBAAgB,EAAE,SAAS;KAC5B;IAED,mBAAmB;IACnB,OAAO,EAAE;QACP,gBAAgB,EAAE,SAAS;QAC3B,oBAAoB,EAAE,MAAM;KAC7B;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,sBAAsB,GAAoB;IACrD,iBAAiB,EAAE,EAAE;IACrB,oBAAoB,EAAE,EAAE;IACxB,IAAI,EAAE,MAAM;IACZ,iBAAiB,EAAE,EAAE;CACtB,CAAC;AAEF;;GAEG;AACU,QAAA,qBAAqB,GAAoB;IACpD,iBAAiB,EAAE,CAAC,GAAG,CAAC;IACxB,oBAAoB,EAAE,CAAC,MAAM,CAAC;IAC9B,IAAI,EAAE,OAAO;IACb,iBAAiB,EAAE,CAAC,GAAG,CAAC;IACxB,IAAI,EAAE;QACJ,gBAAgB,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,eAAe;QAChE,aAAa,EAAE,CAAC,GAAG,CAAC;QACpB,SAAS,EAAE,OAAO;KACnB;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,kBAAkB,GAAG;IAChC,sBAAsB;IACtB,IAAI,EAAE,8BAAsB;IAE5B,6BAA6B;IAC7B,SAAS,EAAE;QACT,GAAG,8BAAsB;QACzB,oBAAoB,EAAE,CAAC,MAAM,CAAC;KAC/B;IAED,yBAAyB;IACzB,WAAW,EAAE;QACX,iBAAiB,EAAE;YACjB,iBAAiB;YACjB,eAAe;YACf,aAAa;YACb,kBAAkB;YAClB,eAAe;YACf,iBAAiB;SAClB;QACD,oBAAoB,EAAE,CAAC,aAAa,EAAE,WAAW,CAAC;QAClD,IAAI,EAAE,MAAe;QACrB,iBAAiB,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC;QAChD,IAAI,EAAE;YACJ,gBAAgB,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC;YACrC,aAAa,EAAE,CAAC,GAAG,CAAC;YACpB,SAAS,EAAE,mBAA4B;SACxC;KACF;IAED,8BAA8B;IAC9B,IAAI,EAAE;QACJ,iBAAiB,EAAE,CAAC,GAAG,CAAC;QACxB,oBAAoB,EAAE,EAAE;QACxB,IAAI,EAAE,MAAe;QACrB,iBAAiB,EAAE,EAAE;QACrB,IAAI,EAAE;YACJ,gBAAgB,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC;YACtD,aAAa,EAAE,CAAC,GAAG,CAAC;YACpB,SAAS,EAAE,mBAA4B;SACxC;KACF;CACF,CAAC"}

package/dist/registry/index.d.ts

@@ -0,0 +1,93 @@
+import type { TrustRecord, TrustLevel, AttestRequest, RevokeMatch, ListFilters } from '../types/registry.js';
+import type { SkillIdentity, CapabilityModel } from '../types/skill.js';
+import { type StorageOptions } from './storage.js';
+/**
+ * Registry options
+ */
+export interface RegistryOptions extends StorageOptions {
+    /** Auto-downgrade on hash/version change */
+    autoDowngrade?: boolean;
+    /** Require confirmation for trust upgrades */
+    requireConfirmForUpgrade?: boolean;
+}
+/**
+ * Lookup result
+ */
+export interface LookupResult {
+    /** Found record (if any) */
+    record: TrustRecord | null;
+    /** Effective trust level (considering expiry, hash changes) */
+    effective_trust_level: TrustLevel;
+    /** Effective capabilities */
+    effective_capabilities: CapabilityModel;
+    /** Reason if trust was modified */
+    modification_reason?: string;
+}
+/**
+ * Attest result
+ */
+export interface AttestResult {
+    /** Success */
+    success: boolean;
+    /** Record key */
+    record_key: string;
+    /** Requires confirmation */
+    requires_confirmation: boolean;
+    /** Confirmation reasons */
+    confirmation_reasons?: string[];
+    /** Created or updated */
+    action: 'created' | 'updated';
+}
+/**
+ * Skill Registry - Module B
+ * Manages trusted/restricted/untrusted skill records
+ */
+export declare class SkillRegistry {
+    private storage;
+    private options;
+    constructor(options?: RegistryOptions);
+    /**
+     * Look up a skill's trust record
+     */
+    lookup(skill: SkillIdentity): Promise<LookupResult>;
+    /**
+     * Attest (add/update) a trust record
+     */
+    attest(request: AttestRequest): Promise<AttestResult>;
+    /**
+     * Force attest (skip confirmation)
+     */
+    forceAttest(request: AttestRequest): Promise<AttestResult>;
+    /**
+     * Revoke trust records
+     */
+    revoke(match: RevokeMatch, reason: string): Promise<number>;
+    /**
+     * List trust records
+     */
+    list(filters?: ListFilters): Promise<TrustRecord[]>;
+    /**
+     * Get a single record by key
+     */
+    get(recordKey: string): Promise<TrustRecord | null>;
+    /**
+     * Delete a record (hard delete)
+     */
+    delete(recordKey: string): Promise<boolean>;
+    /**
+     * Export registry
+     */
+    export(): Promise<string>;
+    /**
+     * Import registry
+     */
+    import(jsonData: string, merge?: boolean): Promise<void>;
+    /**
+     * Clear all records
+     */
+    clear(): Promise<void>;
+}
+export declare const registry: SkillRegistry;
+export * from './storage.js';
+export * from './trust.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/registry/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/registry/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EACV,aAAa,EACb,WAAW,EACX,WAAW,EACZ,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAGxE,OAAO,EAAmB,KAAK,cAAc,EAAE,MAAM,cAAc,CAAC;AAQpE;;GAEG;AACH,MAAM,WAAW,eAAgB,SAAQ,cAAc;IACrD,4CAA4C;IAC5C,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,8CAA8C;IAC9C,wBAAwB,CAAC,EAAE,OAAO,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,4BAA4B;IAC5B,MAAM,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3B,+DAA+D;IAC/D,qBAAqB,EAAE,UAAU,CAAC;IAClC,6BAA6B;IAC7B,sBAAsB,EAAE,eAAe,CAAC;IACxC,mCAAmC;IACnC,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,cAAc;IACd,OAAO,EAAE,OAAO,CAAC;IACjB,iBAAiB;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,4BAA4B;IAC5B,qBAAqB,EAAE,OAAO,CAAC;IAC/B,2BAA2B;IAC3B,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,yBAAyB;IACzB,MAAM,EAAE,SAAS,GAAG,SAAS,CAAC;CAC/B;AAED;;;GAGG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,OAAO,CAAkB;IACjC,OAAO,CAAC,OAAO,CAAkB;gBAErB,OAAO,GAAE,eAAoB;IASzC;;OAEG;IACG,MAAM,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IA8EzD;;OAEG;IACG,MAAM,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAqE3D;;OAEG;IACG,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IA4BhE;;OAEG;IACG,MAAM,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAgDjE;;OAEG;IACG,IAAI,CAAC,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAgCzD;;OAEG;IACG,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAIzD;;OAEG;IACG,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAIjD;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAI/B;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,GAAE,OAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAIrE;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAG7B;AAGD,eAAO,MAAM,QAAQ,eAAsB,CAAC;AAG5C,cAAc,cAAc,CAAC;AAC7B,cAAc,YAAY,CAAC"}

package/dist/registry/index.js

@@ -0,0 +1,280 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.registry = exports.SkillRegistry = void 0;
+const skill_js_1 = require("../types/skill.js");
+const registry_js_1 = require("../types/registry.js");
+const storage_js_1 = require("./storage.js");
+const trust_js_1 = require("./trust.js");
+/**
+ * Skill Registry - Module B
+ * Manages trusted/restricted/untrusted skill records
+ */
+class SkillRegistry {
+    storage;
+    options;
+    constructor(options = {}) {
+        this.options = {
+            autoDowngrade: true,
+            requireConfirmForUpgrade: true,
+            ...options,
+        };
+        this.storage = new storage_js_1.RegistryStorage(options);
+    }
+    /**
+     * Look up a skill's trust record
+     */
+    async lookup(skill) {
+        const recordKey = (0, skill_js_1.generateRecordKey)(skill);
+        // Try exact match first
+        let record = await this.storage.findByKey(recordKey);
+        // If not found, check for records with same source but different hash/version
+        if (!record) {
+            const sourceRecords = await this.storage.findBySource(skill.source);
+            // Find best matching record
+            for (const r of sourceRecords) {
+                if (r.skill.version_ref === skill.version_ref) {
+                    record = r;
+                    break;
+                }
+            }
+            // If still not found, use any record from same source
+            if (!record && sourceRecords.length > 0) {
+                record = sourceRecords[0];
+            }
+        }
+        // No record found - return untrusted
+        if (!record) {
+            return {
+                record: null,
+                effective_trust_level: 'untrusted',
+                effective_capabilities: skill_js_1.DEFAULT_CAPABILITY,
+            };
+        }
+        // Check if record matches exactly
+        const exactMatch = (0, registry_js_1.skillMatchesRecord)(skill, record);
+        // Check expiry
+        if ((0, registry_js_1.isRecordExpired)(record)) {
+            return {
+                record,
+                effective_trust_level: 'untrusted',
+                effective_capabilities: skill_js_1.DEFAULT_CAPABILITY,
+                modification_reason: 'record_expired',
+            };
+        }
+        // Check for hash/version changes
+        if (!exactMatch && this.options.autoDowngrade) {
+            const evaluation = (0, trust_js_1.needsReevaluation)(record, skill);
+            if (evaluation.needsReevaluation) {
+                return {
+                    record,
+                    effective_trust_level: 'untrusted',
+                    effective_capabilities: skill_js_1.DEFAULT_CAPABILITY,
+                    modification_reason: evaluation.reason,
+                };
+            }
+        }
+        // Check if revoked
+        if (record.status === 'revoked') {
+            return {
+                record,
+                effective_trust_level: 'untrusted',
+                effective_capabilities: skill_js_1.DEFAULT_CAPABILITY,
+                modification_reason: 'record_revoked',
+            };
+        }
+        // Return the record's trust level and capabilities
+        return {
+            record,
+            effective_trust_level: record.trust_level,
+            effective_capabilities: record.capabilities,
+        };
+    }
+    /**
+     * Attest (add/update) a trust record
+     */
+    async attest(request) {
+        const { skill, trust_level, capabilities, expires_at, review } = request;
+        const recordKey = (0, skill_js_1.generateRecordKey)(skill);
+        // Check for existing record
+        const existingRecord = await this.storage.findByKey(recordKey);
+        let requiresConfirmation = false;
+        const confirmationReasons = [];
+        if (existingRecord) {
+            // Check for trust upgrade
+            if (this.options.requireConfirmForUpgrade &&
+                (0, trust_js_1.isTrustUpgrade)(existingRecord.trust_level, trust_level)) {
+                requiresConfirmation = true;
+                confirmationReasons.push(`Trust upgrade: ${existingRecord.trust_level} -> ${trust_level}`);
+            }
+            // Check for capability escalation
+            const escalation = (0, trust_js_1.isCapabilityEscalation)(existingRecord.capabilities, capabilities);
+            if (escalation.isEscalation && this.options.requireConfirmForUpgrade) {
+                requiresConfirmation = true;
+                confirmationReasons.push(...escalation.escalations);
+            }
+        }
+        // Create new record
+        const newRecord = (0, trust_js_1.createTrustRecord)(skill, trust_level, capabilities, {
+            reviewed_by: review.reviewed_by,
+            evidence_refs: review.evidence_refs,
+            notes: review.notes,
+        }, expires_at);
+        // If confirmation is required, return without saving
+        if (requiresConfirmation) {
+            return {
+                success: false,
+                record_key: recordKey,
+                requires_confirmation: true,
+                confirmation_reasons: confirmationReasons,
+                action: existingRecord ? 'updated' : 'created',
+            };
+        }
+        // Save the record
+        await this.storage.upsert(newRecord);
+        return {
+            success: true,
+            record_key: recordKey,
+            requires_confirmation: false,
+            action: existingRecord ? 'updated' : 'created',
+        };
+    }
+    /**
+     * Force attest (skip confirmation)
+     */
+    async forceAttest(request) {
+        const { skill, trust_level, capabilities, expires_at, review } = request;
+        const recordKey = (0, skill_js_1.generateRecordKey)(skill);
+        const existingRecord = await this.storage.findByKey(recordKey);
+        const newRecord = (0, trust_js_1.createTrustRecord)(skill, trust_level, capabilities, {
+            reviewed_by: review.reviewed_by,
+            evidence_refs: review.evidence_refs,
+            notes: review.notes,
+        }, expires_at);
+        await this.storage.upsert(newRecord);
+        return {
+            success: true,
+            record_key: recordKey,
+            requires_confirmation: false,
+            action: existingRecord ? 'updated' : 'created',
+        };
+    }
+    /**
+     * Revoke trust records
+     */
+    async revoke(match, reason) {
+        let revokedCount = 0;
+        const records = await this.storage.getRecords();
+        for (const record of records) {
+            let shouldRevoke = false;
+            // Match by record_key
+            if (match.record_key && record.record_key === match.record_key) {
+                shouldRevoke = true;
+            }
+            // Match by source
+            if (match.source) {
+                if (match.source.includes('*')) {
+                    // Wildcard match
+                    const pattern = new RegExp(`^${match.source.replace(/\*/g, '.*')}$`);
+                    if (pattern.test(record.skill.source)) {
+                        shouldRevoke = true;
+                    }
+                }
+                else if (record.skill.source === match.source) {
+                    shouldRevoke = true;
+                }
+            }
+            // Match by version
+            if (match.version_ref && record.skill.version_ref === match.version_ref) {
+                // Only revoke if source also matches (or not specified)
+                if (!match.source || shouldRevoke) {
+                    shouldRevoke = true;
+                }
+            }
+            if (shouldRevoke && record.status !== 'revoked') {
+                record.status = 'revoked';
+                record.updated_at = new Date().toISOString();
+                record.review.notes += `\n[REVOKED] ${reason}`;
+                await this.storage.upsert(record);
+                revokedCount++;
+            }
+        }
+        return revokedCount;
+    }
+    /**
+     * List trust records
+     */
+    async list(filters) {
+        let records = await this.storage.getRecords();
+        if (filters) {
+            // Filter by trust level
+            if (filters.trust_level) {
+                records = records.filter((r) => r.trust_level === filters.trust_level);
+            }
+            // Filter by status
+            if (filters.status) {
+                records = records.filter((r) => r.status === filters.status);
+            }
+            // Filter by source pattern
+            if (filters.source_pattern) {
+                const pattern = new RegExp(filters.source_pattern.replace(/\*/g, '.*'), 'i');
+                records = records.filter((r) => pattern.test(r.skill.source));
+            }
+            // Filter expired
+            if (!filters.include_expired) {
+                records = records.filter((r) => !(0, registry_js_1.isRecordExpired)(r));
+            }
+        }
+        return records;
+    }
+    /**
+     * Get a single record by key
+     */
+    async get(recordKey) {
+        return this.storage.findByKey(recordKey);
+    }
+    /**
+     * Delete a record (hard delete)
+     */
+    async delete(recordKey) {
+        return this.storage.remove(recordKey);
+    }
+    /**
+     * Export registry
+     */
+    async export() {
+        return this.storage.export();
+    }
+    /**
+     * Import registry
+     */
+    async import(jsonData, merge = false) {
+        return this.storage.import(jsonData, merge);
+    }
+    /**
+     * Clear all records
+     */
+    async clear() {
+        return this.storage.clear();
+    }
+}
+exports.SkillRegistry = SkillRegistry;
+// Export singleton instance
+exports.registry = new SkillRegistry();
+// Re-export types
+__exportStar(require("./storage.js"), exports);
+__exportStar(require("./trust.js"), exports);
+//# sourceMappingURL=index.js.map

package/dist/registry/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/registry/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAQA,gDAA0E;AAC1E,sDAA2E;AAC3E,6CAAoE;AACpE,yCAKoB;AA0CpB;;;GAGG;AACH,MAAa,aAAa;IAChB,OAAO,CAAkB;IACzB,OAAO,CAAkB;IAEjC,YAAY,UAA2B,EAAE;QACvC,IAAI,CAAC,OAAO,GAAG;YACb,aAAa,EAAE,IAAI;YACnB,wBAAwB,EAAE,IAAI;YAC9B,GAAG,OAAO;SACX,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,4BAAe,CAAC,OAAO,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,KAAoB;QAC/B,MAAM,SAAS,GAAG,IAAA,4BAAiB,EAAC,KAAK,CAAC,CAAC;QAE3C,wBAAwB;QACxB,IAAI,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAErD,8EAA8E;QAC9E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAEpE,4BAA4B;YAC5B,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;gBAC9B,IAAI,CAAC,CAAC,KAAK,CAAC,WAAW,KAAK,KAAK,CAAC,WAAW,EAAE,CAAC;oBAC9C,MAAM,GAAG,CAAC,CAAC;oBACX,MAAM;gBACR,CAAC;YACH,CAAC;YAED,sDAAsD;YACtD,IAAI,CAAC,MAAM,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxC,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO;gBACL,MAAM,EAAE,IAAI;gBACZ,qBAAqB,EAAE,WAAW;gBAClC,sBAAsB,EAAE,6BAAkB;aAC3C,CAAC;QACJ,CAAC;QAED,kCAAkC;QAClC,MAAM,UAAU,GAAG,IAAA,gCAAkB,EAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAErD,eAAe;QACf,IAAI,IAAA,6BAAe,EAAC,MAAM,CAAC,EAAE,CAAC;YAC5B,OAAO;gBACL,MAAM;gBACN,qBAAqB,EAAE,WAAW;gBAClC,sBAAsB,EAAE,6BAAkB;gBAC1C,mBAAmB,EAAE,gBAAgB;aACtC,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YAC9C,MAAM,UAAU,GAAG,IAAA,4BAAiB,EAAC,MAAM,EAAE,KAAK,CAAC,CAAC;YAEpD,IAAI,UAAU,CAAC,iBAAiB,EAAE,CAAC;gBACjC,OAAO;oBACL,MAAM;oBACN,qBAAqB,EAAE,WAAW;oBAClC,sBAAsB,EAAE,6BAAkB;oBAC1C,mBAAmB,EAAE,UAAU,CAAC,MAAM;iBACvC,CAAC;YACJ,CAAC;QACH,CAAC;QAED,mBAAmB;QACnB,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO;gBACL,MAAM;gBACN,qBAAqB,EAAE,WAAW;gBAClC,sBAAsB,EAAE,6BAAkB;gBAC1C,mBAAmB,EAAE,gBAAgB;aACtC,CAAC;QACJ,CAAC;QAED,mDAAmD;QACnD,OAAO;YACL,MAAM;YACN,qBAAqB,EAAE,MAAM,CAAC,WAAW;YACzC,sBAAsB,EAAE,MAAM,CAAC,YAAY;SAC5C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,OAAsB;QACjC,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QACzE,MAAM,SAAS,GAAG,IAAA,4BAAiB,EAAC,KAAK,CAAC,CAAC;QAE3C,4BAA4B;QAC5B,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE/D,IAAI,oBAAoB,GAAG,KAAK,CAAC;QACjC,MAAM,mBAAmB,GAAa,EAAE,CAAC;QAEzC,IAAI,cAAc,EAAE,CAAC;YACnB,0BAA0B;YAC1B,IACE,IAAI,CAAC,OAAO,CAAC,wBAAwB;gBACrC,IAAA,yBAAc,EAAC,cAAc,CAAC,WAAW,EAAE,WAAW,CAAC,EACvD,CAAC;gBACD,oBAAoB,GAAG,IAAI,CAAC;gBAC5B,mBAAmB,CAAC,IAAI,CACtB,kBAAkB,cAAc,CAAC,WAAW,OAAO,WAAW,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,kCAAkC;YAClC,MAAM,UAAU,GAAG,IAAA,iCAAsB,EACvC,cAAc,CAAC,YAAY,EAC3B,YAAY,CACb,CAAC;YAEF,IAAI,UAAU,CAAC,YAAY,IAAI,IAAI,CAAC,OAAO,CAAC,wBAAwB,EAAE,CAAC;gBACrE,oBAAoB,GAAG,IAAI,CAAC;gBAC5B,mBAAmB,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;QAED,oBAAoB;QACpB,MAAM,SAAS,GAAG,IAAA,4BAAiB,EACjC,KAAK,EACL,WAAW,EACX,YAAY,EACZ;YACE,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,KAAK,EAAE,MAAM,CAAC,KAAK;SACpB,EACD,UAAU,CACX,CAAC;QAEF,qDAAqD;QACrD,IAAI,oBAAoB,EAAE,CAAC;YACzB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,UAAU,EAAE,SAAS;gBACrB,qBAAqB,EAAE,IAAI;gBAC3B,oBAAoB,EAAE,mBAAmB;gBACzC,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;aAC/C,CAAC;QACJ,CAAC;QAED,kBAAkB;QAClB,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAErC,OAAO;YACL,OAAO,EAAE,IAAI;YACb,UAAU,EAAE,SAAS;YACrB,qBAAqB,EAAE,KAAK;YAC5B,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;SAC/C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,OAAsB;QACtC,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QACzE,MAAM,SAAS,GAAG,IAAA,4BAAiB,EAAC,KAAK,CAAC,CAAC;QAE3C,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE/D,MAAM,SAAS,GAAG,IAAA,4BAAiB,EACjC,KAAK,EACL,WAAW,EACX,YAAY,EACZ;YACE,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,KAAK,EAAE,MAAM,CAAC,KAAK;SACpB,EACD,UAAU,CACX,CAAC;QAEF,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAErC,OAAO;YACL,OAAO,EAAE,IAAI;YACb,UAAU,EAAE,SAAS;YACrB,qBAAqB,EAAE,KAAK;YAC5B,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;SAC/C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,KAAkB,EAAE,MAAc;QAC7C,IAAI,YAAY,GAAG,CAAC,CAAC;QACrB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QAEhD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,YAAY,GAAG,KAAK,CAAC;YAEzB,sBAAsB;YACtB,IAAI,KAAK,CAAC,UAAU,IAAI,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC,UAAU,EAAE,CAAC;gBAC/D,YAAY,GAAG,IAAI,CAAC;YACtB,CAAC;YAED,kBAAkB;YAClB,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjB,IAAI,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC/B,iBAAiB;oBACjB,MAAM,OAAO,GAAG,IAAI,MAAM,CACxB,IAAI,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,CACzC,CAAC;oBACF,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;wBACtC,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBACH,CAAC;qBAAM,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC;oBAChD,YAAY,GAAG,IAAI,CAAC;gBACtB,CAAC;YACH,CAAC;YAED,mBAAmB;YACnB,IAAI,KAAK,CAAC,WAAW,IAAI,MAAM,CAAC,KAAK,CAAC,WAAW,KAAK,KAAK,CAAC,WAAW,EAAE,CAAC;gBACxE,wDAAwD;gBACxD,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,YAAY,EAAE,CAAC;oBAClC,YAAY,GAAG,IAAI,CAAC;gBACtB,CAAC;YACH,CAAC;YAED,IAAI,YAAY,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAChD,MAAM,CAAC,MAAM,GAAG,SAAS,CAAC;gBAC1B,MAAM,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;gBAC7C,MAAM,CAAC,MAAM,CAAC,KAAK,IAAI,eAAe,MAAM,EAAE,CAAC;gBAE/C,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBAClC,YAAY,EAAE,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAqB;QAC9B,IAAI,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QAE9C,IAAI,OAAO,EAAE,CAAC;YACZ,wBAAwB;YACxB,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;gBACxB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;YACzE,CAAC;YAED,mBAAmB;YACnB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;YAC/D,CAAC;YAED,2BAA2B;YAC3B,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;gBAC3B,MAAM,OAAO,GAAG,IAAI,MAAM,CACxB,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,EAC3C,GAAG,CACJ,CAAC;gBACF,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YAChE,CAAC;YAED,iBAAiB;YACjB,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC;gBAC7B,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,6BAAe,EAAC,CAAC,CAAC,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,SAAiB;QACzB,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,SAAiB;QAC5B,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,QAAgB,EAAE,QAAiB,KAAK;QACnD,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK;QACT,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;IAC9B,CAAC;CACF;AA7TD,sCA6TC;AAED,4BAA4B;AACf,QAAA,QAAQ,GAAG,IAAI,aAAa,EAAE,CAAC;AAE5C,kBAAkB;AAClB,+CAA6B;AAC7B,6CAA2B"}

package/dist/registry/storage.d.ts

@@ -0,0 +1,69 @@
+import type { RegistryData, TrustRecord } from '../types/registry.js';
+/**
+ * Storage options
+ */
+export interface StorageOptions {
+    /** Path to registry file */
+    filePath?: string;
+}
+/**
+ * JSON-based storage for registry
+ */
+export declare class RegistryStorage {
+    private filePath;
+    private data;
+    constructor(options?: StorageOptions);
+    /**
+     * Ensure data directory exists
+     */
+    private ensureDirectory;
+    /**
+     * Load registry data from file
+     */
+    load(): Promise<RegistryData>;
+    /**
+     * Save registry data to file
+     */
+    save(): Promise<void>;
+    /**
+     * Get all records
+     */
+    getRecords(): Promise<TrustRecord[]>;
+    /**
+     * Find record by key
+     */
+    findByKey(recordKey: string): Promise<TrustRecord | null>;
+    /**
+     * Find records by source
+     */
+    findBySource(source: string): Promise<TrustRecord[]>;
+    /**
+     * Add or update a record
+     */
+    upsert(record: TrustRecord): Promise<void>;
+    /**
+     * Remove a record by key
+     */
+    remove(recordKey: string): Promise<boolean>;
+    /**
+     * Update record status
+     */
+    updateStatus(recordKey: string, status: 'active' | 'revoked'): Promise<boolean>;
+    /**
+     * Export registry to JSON string
+     */
+    export(): Promise<string>;
+    /**
+     * Import registry from JSON string
+     */
+    import(jsonData: string, merge?: boolean): Promise<void>;
+    /**
+     * Clear all records
+     */
+    clear(): Promise<void>;
+    /**
+     * Get registry file path
+     */
+    getFilePath(): string;
+}
+//# sourceMappingURL=storage.d.ts.map

package/dist/registry/storage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../src/registry/storage.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAWtE;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,4BAA4B;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,IAAI,CAA6B;gBAE7B,OAAO,GAAE,cAAmB;IAMxC;;OAEG;YACW,eAAe;IAK7B;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,YAAY,CAAC;IA0BnC;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAgB3B;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;IAK1C;;OAEG;IACG,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAK/D;;OAEG;IACG,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAK1D;;OAEG;IACG,MAAM,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAgBhD;;OAEG;IACG,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAcjD;;OAEG;IACG,YAAY,CAChB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,QAAQ,GAAG,SAAS,GAC3B,OAAO,CAAC,OAAO,CAAC;IAcnB;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAK/B;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,GAAE,OAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBrE;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAK5B;;OAEG;IACH,WAAW,IAAI,MAAM;CAGtB"}