@hathbanger/tap-core 1.0.0

package/dist/verify.js

@@ -0,0 +1,189 @@
+import { webcrypto } from "node:crypto";
+import { importPublicKey, base64urlDecode } from "./keys.js";
+import { buildSignatureBase } from "./sign.js";
+import { validateTimestamps } from "./nonce.js";
+const subtle = webcrypto.subtle;
+/**
+ * Parses a Signature-Input header value into structured params + covered component list.
+ * Expected format: sig1=("@method" "@authority" "@path");created=...;expires=...;nonce=...;keyid=...;alg=...;tag=...
+ */
+export function parseSignatureInput(header) {
+    const eqIdx = header.indexOf("=");
+    const raw = header.slice(eqIdx + 1);
+    const listMatch = raw.match(/^\(([^)]*)\)/);
+    const components = listMatch?.[1]
+        ? listMatch[1].trim().split(/\s+/).filter(Boolean).map((s) => s.replace(/^"|"$/g, ""))
+        : [];
+    const attrsStr = raw.slice(raw.indexOf(";") + 1);
+    const attrs = Object.fromEntries(attrsStr.split(";").map((part) => {
+        const [k, ...rest] = part.split("=");
+        return [k.trim(), rest.join("=").replace(/^"|"$/g, "")];
+    }));
+    return {
+        raw,
+        components,
+        params: {
+            created: Number(attrs["created"]),
+            expires: Number(attrs["expires"]),
+            nonce: attrs["nonce"] ?? "",
+            keyId: attrs["keyid"] ?? "",
+            alg: (attrs["alg"] ?? "ed25519"),
+            tag: (attrs["tag"] ?? ""),
+        },
+    };
+}
+/**
+ * Extracts the raw base64url signature value from the Signature header.
+ * Expected format: sig1=:[base64url]:
+ */
+export function parseSignatureHeader(header) {
+    const match = header.match(/sig\d+=:([^:]+):/);
+    if (!match?.[1])
+        throw new Error("Invalid Signature header format");
+    return match[1];
+}
+/**
+ * Core TAP agent recognition signature verification (RFC 9421).
+ *
+ * Pass a map of all available component values from the incoming request
+ * (e.g. { '@method': 'POST', '@authority': 'api.example.com', '@path': '/v1/pay' }).
+ * The verifier reads the covered component list from the Signature-Input header
+ * and reconstructs the signature base using only those components in order.
+ *
+ * Steps per spec:
+ * 1. Parse Signature-Input and extract covered component list
+ * 2. Validate timestamps (created < now < expires, gap ≤ 8min)
+ * 3. Confirm tag is valid
+ * 4. Fetch public key by keyid
+ * 5. Reconstruct signature base from parsed component list + provided values
+ * 6. Verify Ed25519 signature
+ */
+export async function verifyAgentSignature(componentValues, signatureInputHeader, signatureHeader, fetchPublicKey) {
+    let parsed;
+    try {
+        parsed = parseSignatureInput(signatureInputHeader);
+    }
+    catch {
+        return { valid: false, failureReason: "malformed_signature_input" };
+    }
+    const { params, components } = parsed;
+    if (!params.tag || !["agent-browser-auth", "agent-payer-auth", "agent-payee-auth"].includes(params.tag)) {
+        return { valid: false, failureReason: "invalid_tag" };
+    }
+    if (!params.keyId || !params.nonce || !params.created || !params.expires) {
+        return { valid: false, failureReason: "missing_required_fields" };
+    }
+    if (!validateTimestamps(params.created, params.expires)) {
+        return { valid: false, failureReason: "invalid_timestamps" };
+    }
+    const publicJwk = await fetchPublicKey(params.keyId);
+    if (!publicJwk) {
+        return { valid: false, failureReason: "unknown_key_id", agentKeyId: params.keyId };
+    }
+    let rawSig;
+    try {
+        rawSig = parseSignatureHeader(signatureHeader);
+    }
+    catch {
+        return { valid: false, failureReason: "malformed_signature" };
+    }
+    const coveredComponents = [];
+    for (const name of components) {
+        const value = componentValues[name];
+        if (value === undefined) {
+            return { valid: false, failureReason: `missing_component_value:${name}`, agentKeyId: params.keyId };
+        }
+        coveredComponents.push([name, value]);
+    }
+    const signatureBase = buildSignatureBase(coveredComponents, params);
+    const encoded = new TextEncoder().encode(signatureBase);
+    const signatureBytes = base64urlDecode(rawSig);
+    let publicKey;
+    try {
+        publicKey = await importPublicKey(publicJwk);
+    }
+    catch {
+        return { valid: false, failureReason: "invalid_public_key" };
+    }
+    const valid = await subtle.verify("Ed25519", publicKey, signatureBytes, encoded);
+    if (!valid) {
+        return { valid: false, failureReason: "signature_mismatch", agentKeyId: params.keyId };
+    }
+    return { valid: true, agentKeyId: params.keyId, tag: params.tag };
+}
+/**
+ * Verifies an AgentPayeeObject — the proposed TAP primitive for A2A payments.
+ *
+ * Steps:
+ * 1. Confirm payment request is not expired
+ * 2. Fetch the payer's public key by kid
+ * 3. Reconstruct canonical payload (sans signature)
+ * 4. Verify Ed25519 signature
+ */
+export async function verifyAgentPayeeObject(payment, fetchPublicKey) {
+    const now = Math.floor(Date.now() / 1000);
+    if (payment.paymentRequest.expiresAt < now) {
+        return { valid: false, failureReason: "payment_request_expired" };
+    }
+    const publicJwk = await fetchPublicKey(payment.kid);
+    if (!publicJwk) {
+        return { valid: false, failureReason: "unknown_payer_key", payerKeyId: payment.kid };
+    }
+    let publicKey;
+    try {
+        publicKey = await importPublicKey(publicJwk);
+    }
+    catch {
+        return { valid: false, failureReason: "invalid_public_key" };
+    }
+    const { signature, ...unsigned } = payment;
+    const canonical = JSON.stringify(unsigned, Object.keys(unsigned).sort());
+    const encoded = new TextEncoder().encode(canonical);
+    const signatureBytes = base64urlDecode(signature);
+    const valid = await subtle.verify("Ed25519", publicKey, signatureBytes, encoded);
+    if (!valid) {
+        return { valid: false, failureReason: "signature_mismatch", payerKeyId: payment.kid };
+    }
+    return { valid: true, payerKeyId: payment.payerKeyId };
+}
+/**
+ * Verifies the Consumer Recognition Object signature.
+ * The nonce must match the agent signature nonce.
+ */
+export async function verifyConsumerRecognition(obj, expectedNonce, fetchPublicKey) {
+    if (obj.nonce !== expectedNonce) {
+        return { valid: false, failureReason: "nonce_mismatch" };
+    }
+    const publicJwk = await fetchPublicKey(obj.kid);
+    if (!publicJwk) {
+        return { valid: false, failureReason: "unknown_key_id" };
+    }
+    const { signature, ...payload } = obj;
+    const canonical = JSON.stringify(payload, Object.keys(payload).sort());
+    const encoded = new TextEncoder().encode(canonical);
+    const signatureBytes = base64urlDecode(signature);
+    const publicKey = await importPublicKey(publicJwk);
+    const valid = await subtle.verify("Ed25519", publicKey, signatureBytes, encoded);
+    return valid ? { valid: true } : { valid: false, failureReason: "signature_mismatch" };
+}
+/**
+ * Verifies the Payment Container Object signature.
+ * The nonce must match the agent signature nonce if present.
+ */
+export async function verifyPaymentContainer(obj, expectedNonce, fetchPublicKey) {
+    if (obj.nonce !== expectedNonce) {
+        return { valid: false, failureReason: "nonce_mismatch" };
+    }
+    const publicJwk = await fetchPublicKey(obj.kid);
+    if (!publicJwk) {
+        return { valid: false, failureReason: "unknown_key_id" };
+    }
+    const { signature, ...payload } = obj;
+    const canonical = JSON.stringify(payload, Object.keys(payload).sort());
+    const encoded = new TextEncoder().encode(canonical);
+    const signatureBytes = base64urlDecode(signature);
+    const publicKey = await importPublicKey(publicJwk);
+    const valid = await subtle.verify("Ed25519", publicKey, signatureBytes, encoded);
+    return valid ? { valid: true } : { valid: false, failureReason: "signature_mismatch" };
+}
+//# sourceMappingURL=verify.js.map

package/dist/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACvC,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAC5D,OAAO,EAAE,kBAAkB,EAA6B,MAAM,WAAW,CAAA;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAA;AAY/C,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAA;AAQ/B;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACjC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAA;IAEnC,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;IAC3C,MAAM,UAAU,GAAG,SAAS,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACtF,CAAC,CAAC,EAAE,CAAA;IAEN,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAA;IAChD,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,CAC9B,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QAC/B,MAAM,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACpC,OAAO,CAAC,CAAE,CAAC,IAAI,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAA;IAC1D,CAAC,CAAC,CACH,CAAA;IAED,OAAO;QACL,GAAG;QACH,UAAU;QACV,MAAM,EAAE;YACN,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YACjC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YACjC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE;YAC3B,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE;YAC3B,GAAG,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,SAAS,CAAgC;YAC/D,GAAG,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAiB;SAC1C;KACF,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAc;IACjD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAA;IAC9C,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAA;IACnE,OAAO,KAAK,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,eAAuC,EACvC,oBAA4B,EAC5B,eAAuB,EACvB,cAAyD;IAEzD,IAAI,MAA4B,CAAA;IAChC,IAAI,CAAC;QACH,MAAM,GAAG,mBAAmB,CAAC,oBAAoB,CAAC,CAAA;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,2BAA2B,EAAE,CAAA;IACrE,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,CAAA;IAErC,IAAI,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,oBAAoB,EAAE,kBAAkB,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;QACxG,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,CAAA;IACvD,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACzE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,yBAAyB,EAAE,CAAA;IACnE,CAAC;IAED,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QACxD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,CAAA;IAC9D,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACpD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,CAAC,KAAK,EAAE,CAAA;IACpF,CAAC;IAED,IAAI,MAAc,CAAA;IAClB,IAAI,CAAC;QACH,MAAM,GAAG,oBAAoB,CAAC,eAAe,CAAC,CAAA;IAChD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,qBAAqB,EAAE,CAAA;IAC/D,CAAC;IAED,MAAM,iBAAiB,GAA4B,EAAE,CAAA;IACrD,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,CAAA;QACnC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,2BAA2B,IAAI,EAAE,EAAE,UAAU,EAAE,MAAM,CAAC,KAAK,EAAE,CAAA;QACrG,CAAC;QACD,iBAAiB,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,MAAM,aAAa,GAAG,kBAAkB,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAA;IACnE,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IACvD,MAAM,cAAc,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;IAE9C,IAAI,SAAoB,CAAA;IACxB,IAAI,CAAC;QACH,SAAS,GAAG,MAAM,eAAe,CAAC,SAAS,CAAC,CAAA;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,CAAA;IAC9D,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,SAAS,EAAE,cAAc,EAAE,OAAO,CAAC,CAAA;IAEhF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,CAAC,KAAK,EAAE,CAAA;IACxF,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,CAAA;AACnE,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,OAAyB,EACzB,cAAyD;IAEzD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;IACzC,IAAI,OAAO,CAAC,cAAc,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;QAC3C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,yBAAyB,EAAE,CAAA;IACnE,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACnD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,mBAAmB,EAAE,UAAU,EAAE,OAAO,CAAC,GAAG,EAAE,CAAA;IACtF,CAAC;IAED,IAAI,SAAoB,CAAA;IACxB,IAAI,CAAC;QACH,SAAS,GAAG,MAAM,eAAe,CAAC,SAAS,CAAC,CAAA;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,CAAA;IAC9D,CAAC;IAED,MAAM,EAAE,SAAS,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAA;IAC1C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;IACxE,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;IACnD,MAAM,cAAc,GAAG,eAAe,CAAC,SAAS,CAAC,CAAA;IAEjD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,SAAS,EAAE,cAAc,EAAE,OAAO,CAAC,CAAA;IAEhF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,UAAU,EAAE,OAAO,CAAC,GAAG,EAAE,CAAA;IACvF,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,CAAA;AACxD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,GAA8B,EAC9B,aAAqB,EACrB,cAAyD;IAEzD,IAAI,GAAG,CAAC,KAAK,KAAK,aAAa,EAAE,CAAC;QAChC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,CAAA;IAC1D,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;IAC/C,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,CAAA;IAC1D,CAAC;IAED,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,EAAE,GAAG,GAAG,CAAA;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;IACtE,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;IACnD,MAAM,cAAc,GAAG,eAAe,CAAC,SAAS,CAAC,CAAA;IAEjD,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,SAAS,CAAC,CAAA;IAClD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,SAAS,EAAE,cAAc,EAAE,OAAO,CAAC,CAAA;IAEhF,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,CAAA;AACxF,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,GAA2B,EAC3B,aAAqB,EACrB,cAAyD;IAEzD,IAAI,GAAG,CAAC,KAAK,KAAK,aAAa,EAAE,CAAC;QAChC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,CAAA;IAC1D,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;IAC/C,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,CAAA;IAC1D,CAAC;IAED,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,EAAE,GAAG,GAAG,CAAA;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;IACtE,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;IACnD,MAAM,cAAc,GAAG,eAAe,CAAC,SAAS,CAAC,CAAA;IAEjD,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,SAAS,CAAC,CAAA;IAClD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,SAAS,EAAE,cAAc,EAAE,OAAO,CAAC,CAAA;IAEhF,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,oBAAoB,EAAE,CAAA;AACxF,CAAC"}

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@hathbanger/tap-core",
+  "version": "1.0.0",
+  "description": "RFC 9421 HTTP Message Signatures for AI agents — crypto primitives for Visa Trusted Agent Protocol (TAP)",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "keywords": [
+    "rfc9421",
+    "http-message-signatures",
+    "ed25519",
+    "tap",
+    "trusted-agent-protocol",
+    "visa",
+    "agent",
+    "payment",
+    "crypto",
+    "jwk",
+    "jwks"
+  ],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/hathbanger/tap-stack.git",
+    "directory": "packages/tap-core"
+  },
+  "homepage": "https://github.com/hathbanger/tap-stack/tree/main/packages/tap-core#readme",
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "dev": "tsc -p tsconfig.json --watch",
+    "typecheck": "tsc -p tsconfig.json --noEmit",
+    "test": "node --experimental-vm-modules node_modules/.bin/jest"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.5.0"
+  },
+  "dependencies": {
+    "jose": "^5.10.0"
+  }
+}