@heyanon-arp/sdk 0.0.36 → 0.0.38

package/dist/attestation/attestation.d.ts

@@ -1,9 +1,9 @@
-import type { KeyLinkPayload, ScryptPasswordAttestation } from '../types/identity';
+import type { Ed25519KeyLinkAttestation, KeyLinkPayload } from '../types/identity';
 /**
- * Build an `ARP-KEY-LINK-v1` attestation record signed via
- * `scrypt_password_proof`. Caller assembles the payload
- * (DID, both pubkeys, nonce, etc.); SDK produces the MAC
- * and wraps the record in the standard shape.
+ * Build an `ARP-KEY-LINK-v1` attestation signed via `ed25519_owner_key`:
+ * the agent's IDENTITY key signs `canonicalBytes(payload)`. The identity
+ * key is already proven at registration (the ARP-CHALLENGE-v1 step), so
+ * the key-link is self-certified with NO owner password / shared secret.
  *
  * Identity keys are immutable in alpha (no rotation); the KEY-LINK
  * attestation is the single owner-signed link between identity and
@@ -11,7 +11,13 @@ import type { KeyLinkPayload, ScryptPasswordAttestation } from '../types/identit
  */
 export declare function signKeyLinkAttestation(input: {
     payload: KeyLinkPayload;
-    scryptKey: Uint8Array;
-    scryptSaltId: string;
-}): ScryptPasswordAttestation<KeyLinkPayload>;
-export declare function verifyKeyLinkAttestation(attestation: ScryptPasswordAttestation<KeyLinkPayload>, scryptKey: Uint8Array): boolean;
+    identitySecretKey: Uint8Array;
+}): Ed25519KeyLinkAttestation<KeyLinkPayload>;
+/**
+ * Verify a key-link attestation against the identity key EMBEDDED in its
+ * payload (`payload.identity_public_key`). The caller is responsible for
+ * cross-checking that key against the agent DID / request body — this
+ * function only proves the payload was signed by the identity key it
+ * names. Returns false on any malformed input (no throw).
+ */
+export declare function verifyKeyLinkAttestation(attestation: Ed25519KeyLinkAttestation<KeyLinkPayload>): boolean;

package/dist/attestation/index.d.ts

@@ -1,2 +1 @@
-export { deriveScryptKey, scryptPasswordProofSign, scryptPasswordProofVerify } from './scrypt-proof';
 export { signKeyLinkAttestation, verifyKeyLinkAttestation } from './attestation';

package/dist/index.d.ts

@@ -8,7 +8,7 @@
  *   - did          — `did:arp:<...>` parse/format + DID document types
  *   - envelope     — sign / verify envelope (steps 4-6 of protocol verification)
  *   - challenge    — ARP-CHALLENGE-v1 ownership proof (registration)
- *   - attestation  — scrypt key-link owner attestation
+ *   - attestation  — ed25519 key-link owner attestation
  *   - server-chain — signed_message_hash, server_event_hash, audit walker
  *   - settlement   — canonical Solana program-id base58 constants
  *   - purpose      — domain separators (`ARP-*-v1`)

package/dist/index.js

@@ -5,8 +5,6 @@ var utils = require('@noble/hashes/utils');
 var canonicalize = require('canonicalize');
 var base = require('@scure/base');
 var ed = require('@noble/ed25519');
-var hmac = require('@noble/hashes/hmac');
-var scrypt = require('@noble/hashes/scrypt');
 var web3_js = require('@solana/web3.js');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
@@ -189,73 +187,37 @@ function verifyChallenge(challengeBytes, signature, identityPubkey) {
   if (signature.length !== 64) return false;
   return verify2(signature, buildSigningInput(challengeBytes), identityPubkey);
 }
-
-// src/types/identity.ts
-var OWNER_SIGNING_METHODS = ["scrypt_password_proof", "ed25519_owner_key", "totp+passphrase"];
-var SCRYPT_PARAMS = {
-  N: 32768,
-  r: 8,
-  p: 1,
-  dkLen: 32
-};
-
-// src/attestation/scrypt-proof.ts
-function deriveScryptKey(password, salt) {
-  if (salt.length !== 16) {
-    throw new Error(`deriveScryptKey: expected 16-byte salt, got ${salt.length}`);
+var ED25519_SIG_PREFIX = "ed25519:";
+function signKeyLinkAttestation(input) {
+  if (input.payload.purpose !== "ARP-KEY-LINK-v1") {
+    throw new Error(`signKeyLinkAttestation: expected purpose ARP-KEY-LINK-v1, got ${input.payload.purpose}`);
   }
-  const passwordBytes = new TextEncoder().encode(password);
-  return scrypt.scrypt(passwordBytes, salt, {
-    N: SCRYPT_PARAMS.N,
-    r: SCRYPT_PARAMS.r,
-    p: SCRYPT_PARAMS.p,
-    dkLen: SCRYPT_PARAMS.dkLen
-  });
-}
-function scryptPasswordProofSign(payload, scryptKey) {
-  if (scryptKey.length !== SCRYPT_PARAMS.dkLen) {
-    throw new Error(`scryptPasswordProofSign: expected ${SCRYPT_PARAMS.dkLen}-byte scrypt key, got ${scryptKey.length}`);
+  if (input.payload.owner_signing_method !== "ed25519_owner_key") {
+    throw new Error(`signKeyLinkAttestation: this helper handles ed25519_owner_key only; got ${input.payload.owner_signing_method}`);
   }
-  const digest = sha2.sha256(canonicalBytes(payload));
-  const mac = hmac.hmac(sha2.sha256, scryptKey, digest);
-  return base.base64.encode(mac);
-}
-function scryptPasswordProofVerify(payload, sigBase64, scryptKey) {
-  if (scryptKey.length !== SCRYPT_PARAMS.dkLen) return false;
-  let providedMac;
+  const sig = sign2(canonicalBytes(input.payload), input.identitySecretKey);
+  return { payload: input.payload, sig: `${ED25519_SIG_PREFIX}${base.base64.encode(sig)}` };
+}
+function verifyKeyLinkAttestation(attestation) {
+  const { payload, sig } = attestation;
+  if (payload.purpose !== "ARP-KEY-LINK-v1") return false;
+  if (payload.owner_signing_method !== "ed25519_owner_key") return false;
+  if (typeof sig !== "string" || !sig.startsWith(ED25519_SIG_PREFIX)) return false;
+  let sigBytes;
   try {
-    providedMac = base.base64.decode(sigBase64);
+    sigBytes = base.base64.decode(sig.slice(ED25519_SIG_PREFIX.length));
   } catch {
     return false;
   }
-  if (providedMac.length !== 32) return false;
-  const digest = sha2.sha256(canonicalBytes(payload));
-  const expectedMac = hmac.hmac(sha2.sha256, scryptKey, digest);
-  return constantTimeEqualBytes(providedMac, expectedMac);
-}
-function constantTimeEqualBytes(a, b) {
-  if (a.length !== b.length) return false;
-  let diff = 0;
-  for (let i = 0; i < a.length; i++) {
-    diff |= a[i] ^ b[i];
-  }
-  return diff === 0;
-}
-
-// src/attestation/attestation.ts
-function signKeyLinkAttestation(input) {
-  if (input.payload.purpose !== "ARP-KEY-LINK-v1") {
-    throw new Error(`signKeyLinkAttestation: expected purpose ARP-KEY-LINK-v1, got ${input.payload.purpose}`);
-  }
-  if (input.payload.owner_signing_method !== "scrypt_password_proof") {
-    throw new Error(`signKeyLinkAttestation: this helper handles scrypt_password_proof only; got ${input.payload.owner_signing_method}`);
+  if (sigBytes.length !== 64) return false;
+  let identityPubkey;
+  try {
+    identityPubkey = base58btcDecode(payload.identity_public_key);
+  } catch {
+    return false;
   }
-  const sig = scryptPasswordProofSign(input.payload, input.scryptKey);
-  return { payload: input.payload, sig, scrypt_salt_id: input.scryptSaltId };
-}
-function verifyKeyLinkAttestation(attestation, scryptKey) {
-  if (attestation.payload.purpose !== "ARP-KEY-LINK-v1") return false;
-  return scryptPasswordProofVerify(attestation.payload, attestation.sig, scryptKey);
+  if (identityPubkey.length !== 32) return false;
+  return verify2(sigBytes, canonicalBytes(payload), identityPubkey);
 }
 function signedMessageHash(envelope) {
   const input = envelope.attachments === void 0 ? { protected: envelope.protected, body: envelope.body } : { protected: envelope.protected, body: envelope.body, attachments: envelope.attachments };
@@ -380,7 +342,7 @@ var SHA256_HEX_RE = /^sha256:[0-9a-f]{64}$/;
 function isSha256Hex(v) {
   return typeof v === "string" && SHA256_HEX_RE.test(v);
 }
-var ED25519_SIG_PREFIX = "ed25519:";
+var ED25519_SIG_PREFIX2 = "ed25519:";
 var PROTOCOL_VERSIONS = ["arp/0.1"];
 var CURRENT_PROTOCOL_VERSION = PROTOCOL_VERSIONS[PROTOCOL_VERSIONS.length - 1];
 
@@ -502,6 +464,16 @@ var DiscoverySorts = {
   RECENT: "recent",
   CREATED: "created"
 };
+var AGENT_BADGES = ["proven", "limited", "new", "flagged"];
+var AgentBadges = {
+  PROVEN: "proven",
+  LIMITED: "limited",
+  NEW: "new",
+  FLAGGED: "flagged"
+};
+function isAgentBadge(v) {
+  return typeof v === "string" && AGENT_BADGES.includes(v);
+}
 
 // src/types/inbox.ts
 var INBOX_BLOCK_SCOPES = ["account", "did"];
@@ -559,6 +531,9 @@ function isReservedName(name) {
 function isValidAgentName(name) {
   return AGENT_NAME_REGEX.test(normalizeName(name));
 }
+
+// src/types/identity.ts
+var OWNER_SIGNING_METHODS = ["ed25519_owner_key", "totp+passphrase"];
 var LOCK_ACCOUNT_SIZE = 269;
 var LOCK_ACCOUNT_DISCRIMINATOR = new Uint8Array([8, 255, 36, 202, 210, 22, 57, 137]);
 var LOCK_STATE_NAMES = ["created", "canceled", "in_progress", "submitted", "paid", "revoked", "disputing", "dispute_resolved", "dispute_closed"];
@@ -1212,6 +1187,7 @@ var CliAuthTokenErrorCodes = {
   REQUIRED: "AUTH_TOKEN_REQUIRED"
 };
 
+exports.AGENT_BADGES = AGENT_BADGES;
 exports.AGENT_NAME_REGEX = AGENT_NAME_REGEX;
 exports.AGENT_TAG_REGEX = AGENT_TAG_REGEX;
 exports.ASSET_DECIMALS_MAX = ASSET_DECIMALS_MAX;
@@ -1221,6 +1197,7 @@ exports.ASSET_SYMBOL_MIN_LEN = ASSET_SYMBOL_MIN_LEN;
 exports.ASSET_WHITELIST = ASSET_WHITELIST;
 exports.ASSOCIATED_TOKEN_PROGRAM_ID = ASSOCIATED_TOKEN_PROGRAM_ID;
 exports.ASSOCIATED_TOKEN_PROGRAM_ID_BASE58 = ASSOCIATED_TOKEN_PROGRAM_ID_BASE58;
+exports.AgentBadges = AgentBadges;
 exports.BODY_TYPES = BODY_TYPES;
 exports.BodyTypes = BodyTypes;
 exports.CAIP19_REGEX = CAIP19_REGEX;
@@ -1245,7 +1222,7 @@ exports.DelegationActions = DelegationActions;
 exports.DelegationOfferRejectionCodes = DelegationOfferRejectionCodes;
 exports.DelegationStates = DelegationStates;
 exports.DiscoverySorts = DiscoverySorts;
-exports.ED25519_SIG_PREFIX = ED25519_SIG_PREFIX;
+exports.ED25519_SIG_PREFIX = ED25519_SIG_PREFIX2;
 exports.ESCROW_PDA_SEEDS = ESCROW_PDA_SEEDS;
 exports.ESCROW_PROGRAM_ID_BASE58 = ESCROW_PROGRAM_ID_BASE58;
 exports.ESCROW_RELEASE_METHODS = ESCROW_RELEASE_METHODS;
@@ -1279,7 +1256,6 @@ exports.RESERVED_NAMES = RESERVED_NAMES;
 exports.ReadModelStatuses = ReadModelStatuses;
 exports.ReceiptVerdicts = ReceiptVerdicts;
 exports.RelationshipStates = RelationshipStates;
-exports.SCRYPT_PARAMS = SCRYPT_PARAMS;
 exports.SHA256_HEX_RE = SHA256_HEX_RE;
 exports.SLIP44_SOLANA = SLIP44_SOLANA;
 exports.SOLANA_CLUSTER_IDS = SOLANA_CLUSTER_IDS;
@@ -1321,7 +1297,6 @@ exports.deriveEventAuthorityPda = deriveEventAuthorityPda;
 exports.deriveLockId = deriveLockId;
 exports.deriveLockPda = deriveLockPda;
 exports.deriveOperatorAuthPda = deriveOperatorAuthPda;
-exports.deriveScryptKey = deriveScryptKey;
 exports.deriveStakeVaultPda = deriveStakeVaultPda;
 exports.expiresAt = expiresAt;
 exports.fetchLockAccount = fetchLockAccount;
@@ -1332,6 +1307,7 @@ exports.formatDid = formatDid;
 exports.generateKeyPair = generateKeyPair;
 exports.getPublicKey = getPublicKey2;
 exports.instructionDiscriminator = instructionDiscriminator;
+exports.isAgentBadge = isAgentBadge;
 exports.isAssetIdentifier = isAssetIdentifier;
 exports.isBodyType = isBodyType;
 exports.isCliLoginSessionWireState = isCliLoginSessionWireState;
@@ -1357,8 +1333,6 @@ exports.parseDid = parseDid;
 exports.pollUntil = pollUntil;
 exports.resolveAsset = resolveAsset;
 exports.rfc3339 = rfc3339;
-exports.scryptPasswordProofSign = scryptPasswordProofSign;
-exports.scryptPasswordProofVerify = scryptPasswordProofVerify;
 exports.senderNonce = senderNonce;
 exports.serverEventHash = serverEventHash;
 exports.sign = sign2;

package/dist/index.mjs

@@ -3,8 +3,6 @@ import { bytesToHex, randomBytes } from '@noble/hashes/utils';
 import canonicalize from 'canonicalize';
 import { base58, base64, base64urlnopad } from '@scure/base';
 import * as ed from '@noble/ed25519';
-import { hmac } from '@noble/hashes/hmac';
-import { scrypt } from '@noble/hashes/scrypt';
 import { PublicKey, SystemProgram, TransactionInstruction } from '@solana/web3.js';
 
 // src/canonical/canonicalize.ts
@@ -164,73 +162,37 @@ function verifyChallenge(challengeBytes, signature, identityPubkey) {
   if (signature.length !== 64) return false;
   return verify2(signature, buildSigningInput(challengeBytes), identityPubkey);
 }
-
-// src/types/identity.ts
-var OWNER_SIGNING_METHODS = ["scrypt_password_proof", "ed25519_owner_key", "totp+passphrase"];
-var SCRYPT_PARAMS = {
-  N: 32768,
-  r: 8,
-  p: 1,
-  dkLen: 32
-};
-
-// src/attestation/scrypt-proof.ts
-function deriveScryptKey(password, salt) {
-  if (salt.length !== 16) {
-    throw new Error(`deriveScryptKey: expected 16-byte salt, got ${salt.length}`);
+var ED25519_SIG_PREFIX = "ed25519:";
+function signKeyLinkAttestation(input) {
+  if (input.payload.purpose !== "ARP-KEY-LINK-v1") {
+    throw new Error(`signKeyLinkAttestation: expected purpose ARP-KEY-LINK-v1, got ${input.payload.purpose}`);
   }
-  const passwordBytes = new TextEncoder().encode(password);
-  return scrypt(passwordBytes, salt, {
-    N: SCRYPT_PARAMS.N,
-    r: SCRYPT_PARAMS.r,
-    p: SCRYPT_PARAMS.p,
-    dkLen: SCRYPT_PARAMS.dkLen
-  });
-}
-function scryptPasswordProofSign(payload, scryptKey) {
-  if (scryptKey.length !== SCRYPT_PARAMS.dkLen) {
-    throw new Error(`scryptPasswordProofSign: expected ${SCRYPT_PARAMS.dkLen}-byte scrypt key, got ${scryptKey.length}`);
+  if (input.payload.owner_signing_method !== "ed25519_owner_key") {
+    throw new Error(`signKeyLinkAttestation: this helper handles ed25519_owner_key only; got ${input.payload.owner_signing_method}`);
   }
-  const digest = sha256(canonicalBytes(payload));
-  const mac = hmac(sha256, scryptKey, digest);
-  return base64.encode(mac);
-}
-function scryptPasswordProofVerify(payload, sigBase64, scryptKey) {
-  if (scryptKey.length !== SCRYPT_PARAMS.dkLen) return false;
-  let providedMac;
+  const sig = sign2(canonicalBytes(input.payload), input.identitySecretKey);
+  return { payload: input.payload, sig: `${ED25519_SIG_PREFIX}${base64.encode(sig)}` };
+}
+function verifyKeyLinkAttestation(attestation) {
+  const { payload, sig } = attestation;
+  if (payload.purpose !== "ARP-KEY-LINK-v1") return false;
+  if (payload.owner_signing_method !== "ed25519_owner_key") return false;
+  if (typeof sig !== "string" || !sig.startsWith(ED25519_SIG_PREFIX)) return false;
+  let sigBytes;
   try {
-    providedMac = base64.decode(sigBase64);
+    sigBytes = base64.decode(sig.slice(ED25519_SIG_PREFIX.length));
   } catch {
     return false;
   }
-  if (providedMac.length !== 32) return false;
-  const digest = sha256(canonicalBytes(payload));
-  const expectedMac = hmac(sha256, scryptKey, digest);
-  return constantTimeEqualBytes(providedMac, expectedMac);
-}
-function constantTimeEqualBytes(a, b) {
-  if (a.length !== b.length) return false;
-  let diff = 0;
-  for (let i = 0; i < a.length; i++) {
-    diff |= a[i] ^ b[i];
-  }
-  return diff === 0;
-}
-
-// src/attestation/attestation.ts
-function signKeyLinkAttestation(input) {
-  if (input.payload.purpose !== "ARP-KEY-LINK-v1") {
-    throw new Error(`signKeyLinkAttestation: expected purpose ARP-KEY-LINK-v1, got ${input.payload.purpose}`);
-  }
-  if (input.payload.owner_signing_method !== "scrypt_password_proof") {
-    throw new Error(`signKeyLinkAttestation: this helper handles scrypt_password_proof only; got ${input.payload.owner_signing_method}`);
+  if (sigBytes.length !== 64) return false;
+  let identityPubkey;
+  try {
+    identityPubkey = base58btcDecode(payload.identity_public_key);
+  } catch {
+    return false;
   }
-  const sig = scryptPasswordProofSign(input.payload, input.scryptKey);
-  return { payload: input.payload, sig, scrypt_salt_id: input.scryptSaltId };
-}
-function verifyKeyLinkAttestation(attestation, scryptKey) {
-  if (attestation.payload.purpose !== "ARP-KEY-LINK-v1") return false;
-  return scryptPasswordProofVerify(attestation.payload, attestation.sig, scryptKey);
+  if (identityPubkey.length !== 32) return false;
+  return verify2(sigBytes, canonicalBytes(payload), identityPubkey);
 }
 function signedMessageHash(envelope) {
   const input = envelope.attachments === void 0 ? { protected: envelope.protected, body: envelope.body } : { protected: envelope.protected, body: envelope.body, attachments: envelope.attachments };
@@ -355,7 +317,7 @@ var SHA256_HEX_RE = /^sha256:[0-9a-f]{64}$/;
 function isSha256Hex(v) {
   return typeof v === "string" && SHA256_HEX_RE.test(v);
 }
-var ED25519_SIG_PREFIX = "ed25519:";
+var ED25519_SIG_PREFIX2 = "ed25519:";
 var PROTOCOL_VERSIONS = ["arp/0.1"];
 var CURRENT_PROTOCOL_VERSION = PROTOCOL_VERSIONS[PROTOCOL_VERSIONS.length - 1];
 
@@ -477,6 +439,16 @@ var DiscoverySorts = {
   RECENT: "recent",
   CREATED: "created"
 };
+var AGENT_BADGES = ["proven", "limited", "new", "flagged"];
+var AgentBadges = {
+  PROVEN: "proven",
+  LIMITED: "limited",
+  NEW: "new",
+  FLAGGED: "flagged"
+};
+function isAgentBadge(v) {
+  return typeof v === "string" && AGENT_BADGES.includes(v);
+}
 
 // src/types/inbox.ts
 var INBOX_BLOCK_SCOPES = ["account", "did"];
@@ -534,6 +506,9 @@ function isReservedName(name) {
 function isValidAgentName(name) {
   return AGENT_NAME_REGEX.test(normalizeName(name));
 }
+
+// src/types/identity.ts
+var OWNER_SIGNING_METHODS = ["ed25519_owner_key", "totp+passphrase"];
 var LOCK_ACCOUNT_SIZE = 269;
 var LOCK_ACCOUNT_DISCRIMINATOR = new Uint8Array([8, 255, 36, 202, 210, 22, 57, 137]);
 var LOCK_STATE_NAMES = ["created", "canceled", "in_progress", "submitted", "paid", "revoked", "disputing", "dispute_resolved", "dispute_closed"];
@@ -1187,4 +1162,4 @@ var CliAuthTokenErrorCodes = {
   REQUIRED: "AUTH_TOKEN_REQUIRED"
 };
 
-export { AGENT_NAME_REGEX, AGENT_TAG_REGEX, ASSET_DECIMALS_MAX, ASSET_DECIMALS_MIN, ASSET_SYMBOL_MAX_LEN, ASSET_SYMBOL_MIN_LEN, ASSET_WHITELIST, ASSOCIATED_TOKEN_PROGRAM_ID, ASSOCIATED_TOKEN_PROGRAM_ID_BASE58, BODY_TYPES, BodyTypes, CAIP19_REGEX, CLI_AUTH_TOKEN_ERROR_CODES, CLI_LOGIN_SESSION_STATES, CLI_LOGIN_SESSION_STORED_STATES, CREATE_LOCK_DISCRIMINATOR, CREATE_LOCK_NATIVE_DISCRIMINATOR, CURRENT_PROTOCOL_VERSION, CliAuthTokenErrorCodes, CliLoginSessionStates, DECIMAL_AMOUNT_REGEX, DECLINE_REASONS, DELEGATION_ACTIONS, DELEGATION_ACTIVE_STATES, DELEGATION_OFFER_REJECTION_CODES, DELEGATION_STATES, DEVNET_MINTS, DID_ARP_REGEX, DISCOVERY_SORTS, DelegationActions, DelegationOfferRejectionCodes, DelegationStates, DiscoverySorts, ED25519_SIG_PREFIX, ESCROW_PDA_SEEDS, ESCROW_PROGRAM_ID_BASE58, ESCROW_RELEASE_METHODS, EscrowReleaseMethods, HANDSHAKE_DECISIONS, HandshakeDecisions, INBOX_BLOCK_SCOPES, InboxBlockScopes, LIVE_RELATIONSHIP_STATE_NAMES, LOCK_ACCOUNT_DISCRIMINATOR, LOCK_ACCOUNT_SIZE, LOCK_STATE_NAMES, LOCK_TERMINAL_STATES, LockStates, LockTerminalStates, MAINNET_MINTS, MAX_CLOCK_SKEW_SECONDS, MAX_ENVELOPE_TTL_SECONDS, NATIVE_SOL_MINT, NATIVE_SOL_MINT_BASE58, NO_ARG_LIFECYCLE_INSTRUCTIONS, OWNER_SIGNING_METHODS, POST_COMMIT_ERROR_CODES, POST_COMMIT_ERROR_CODE_PREFIXES, PROTOCOL_VERSIONS, Purpose, READ_MODEL_STATUSES, RECEIPT_VERDICTS, RELATIONSHIP_STATE_NAMES, RESERVED_NAMES, ReadModelStatuses, ReceiptVerdicts, RelationshipStates, SCRYPT_PARAMS, SHA256_HEX_RE, SLIP44_SOLANA, SOLANA_CLUSTER_IDS, SPL_TOKEN_PROGRAM_ID, SPL_TOKEN_PROGRAM_ID_BASE58, SYSTEM_PROGRAM_ID_BASE58, TOKEN_2022_PROGRAM_ID_BASE58, WELL_KNOWN_ASSETS, WELL_KNOWN_ASSET_KEYS, WORK_LOG_STATES, WorkLogStates, base58btcDecode, base58btcEncode, buildAcceptLockIx, buildCancelLockIx, buildClaimExpiredWorkIx, buildClaimWorkPaymentIx, buildCloseDisputeIx, buildCreateLockIx, buildCreateLockIxData, buildLifecycleIxData, buildOpenDisputeIx, buildResolveDisputeIx, buildResolveDisputeIxData, buildSubmitWorkIx, bytes16ToDelegationId, canonicalBytes, canonicalJson, canonicalSha256Hex, decodeLockAccount, delegationIdToBytes16, deriveAta, deriveCollateralConfigPda, deriveConfigPda, deriveDelegationConditionHash, deriveDisputeResolutionPda, deriveEscrowPda, deriveEventAuthorityPda, deriveLockId, deriveLockPda, deriveOperatorAuthPda, deriveScryptKey, deriveStakeVaultPda, expiresAt, fetchLockAccount, findAssetByAssetId, findAssetMetaByMint, findFirstChainDivergence, formatDid, generateKeyPair, getPublicKey2 as getPublicKey, instructionDiscriminator, isAssetIdentifier, isBodyType, isCliLoginSessionWireState, isDecimalAmountString, isDeclineReason, isDelegationAction, isDelegationState, isEscrowReleaseMethod, isHandshakeDecision, isPostCommitErrorCode, isReadModelStatus, isReceiptVerdict, isRelationshipState, isReservedName, isSha256Hex, isValidAgentName, isValidDid, isWhitelistedAssetId, isWorkLogState, normalizeName, parseCaip19SolanaAssetId, parseDid, pollUntil, resolveAsset, rfc3339, scryptPasswordProofSign, scryptPasswordProofVerify, senderNonce, serverEventHash, sign2 as sign, signChallenge, signEnvelope, signKeyLinkAttestation, signedMessageHash, uuidV4, verify2 as verify, verifyChallenge, verifyEnvelope, verifyKeyLinkAttestation };
+export { AGENT_BADGES, AGENT_NAME_REGEX, AGENT_TAG_REGEX, ASSET_DECIMALS_MAX, ASSET_DECIMALS_MIN, ASSET_SYMBOL_MAX_LEN, ASSET_SYMBOL_MIN_LEN, ASSET_WHITELIST, ASSOCIATED_TOKEN_PROGRAM_ID, ASSOCIATED_TOKEN_PROGRAM_ID_BASE58, AgentBadges, BODY_TYPES, BodyTypes, CAIP19_REGEX, CLI_AUTH_TOKEN_ERROR_CODES, CLI_LOGIN_SESSION_STATES, CLI_LOGIN_SESSION_STORED_STATES, CREATE_LOCK_DISCRIMINATOR, CREATE_LOCK_NATIVE_DISCRIMINATOR, CURRENT_PROTOCOL_VERSION, CliAuthTokenErrorCodes, CliLoginSessionStates, DECIMAL_AMOUNT_REGEX, DECLINE_REASONS, DELEGATION_ACTIONS, DELEGATION_ACTIVE_STATES, DELEGATION_OFFER_REJECTION_CODES, DELEGATION_STATES, DEVNET_MINTS, DID_ARP_REGEX, DISCOVERY_SORTS, DelegationActions, DelegationOfferRejectionCodes, DelegationStates, DiscoverySorts, ED25519_SIG_PREFIX2 as ED25519_SIG_PREFIX, ESCROW_PDA_SEEDS, ESCROW_PROGRAM_ID_BASE58, ESCROW_RELEASE_METHODS, EscrowReleaseMethods, HANDSHAKE_DECISIONS, HandshakeDecisions, INBOX_BLOCK_SCOPES, InboxBlockScopes, LIVE_RELATIONSHIP_STATE_NAMES, LOCK_ACCOUNT_DISCRIMINATOR, LOCK_ACCOUNT_SIZE, LOCK_STATE_NAMES, LOCK_TERMINAL_STATES, LockStates, LockTerminalStates, MAINNET_MINTS, MAX_CLOCK_SKEW_SECONDS, MAX_ENVELOPE_TTL_SECONDS, NATIVE_SOL_MINT, NATIVE_SOL_MINT_BASE58, NO_ARG_LIFECYCLE_INSTRUCTIONS, OWNER_SIGNING_METHODS, POST_COMMIT_ERROR_CODES, POST_COMMIT_ERROR_CODE_PREFIXES, PROTOCOL_VERSIONS, Purpose, READ_MODEL_STATUSES, RECEIPT_VERDICTS, RELATIONSHIP_STATE_NAMES, RESERVED_NAMES, ReadModelStatuses, ReceiptVerdicts, RelationshipStates, SHA256_HEX_RE, SLIP44_SOLANA, SOLANA_CLUSTER_IDS, SPL_TOKEN_PROGRAM_ID, SPL_TOKEN_PROGRAM_ID_BASE58, SYSTEM_PROGRAM_ID_BASE58, TOKEN_2022_PROGRAM_ID_BASE58, WELL_KNOWN_ASSETS, WELL_KNOWN_ASSET_KEYS, WORK_LOG_STATES, WorkLogStates, base58btcDecode, base58btcEncode, buildAcceptLockIx, buildCancelLockIx, buildClaimExpiredWorkIx, buildClaimWorkPaymentIx, buildCloseDisputeIx, buildCreateLockIx, buildCreateLockIxData, buildLifecycleIxData, buildOpenDisputeIx, buildResolveDisputeIx, buildResolveDisputeIxData, buildSubmitWorkIx, bytes16ToDelegationId, canonicalBytes, canonicalJson, canonicalSha256Hex, decodeLockAccount, delegationIdToBytes16, deriveAta, deriveCollateralConfigPda, deriveConfigPda, deriveDelegationConditionHash, deriveDisputeResolutionPda, deriveEscrowPda, deriveEventAuthorityPda, deriveLockId, deriveLockPda, deriveOperatorAuthPda, deriveStakeVaultPda, expiresAt, fetchLockAccount, findAssetByAssetId, findAssetMetaByMint, findFirstChainDivergence, formatDid, generateKeyPair, getPublicKey2 as getPublicKey, instructionDiscriminator, isAgentBadge, isAssetIdentifier, isBodyType, isCliLoginSessionWireState, isDecimalAmountString, isDeclineReason, isDelegationAction, isDelegationState, isEscrowReleaseMethod, isHandshakeDecision, isPostCommitErrorCode, isReadModelStatus, isReceiptVerdict, isRelationshipState, isReservedName, isSha256Hex, isValidAgentName, isValidDid, isWhitelistedAssetId, isWorkLogState, normalizeName, parseCaip19SolanaAssetId, parseDid, pollUntil, resolveAsset, rfc3339, senderNonce, serverEventHash, sign2 as sign, signChallenge, signEnvelope, signKeyLinkAttestation, signedMessageHash, uuidV4, verify2 as verify, verifyChallenge, verifyEnvelope, verifyKeyLinkAttestation };

package/dist/types/agent.d.ts

@@ -160,7 +160,15 @@ export interface AssetVolume {
     amountDecimal: string | null;
     lockCount: number;
 }
-/** Per-agent settled-escrow volume, split by role and bucketed by asset. */
+/**
+ * Per-agent settled-escrow volume, split by role and bucketed by asset.
+ *
+ * SCOPE (v1): covers the happy-path `paid` settlement only. Payouts that came
+ * through ARBITRATION (a `dispute_resolved` lock won by the payee) are NOT yet
+ * in these figures — they ARE reflected in the reputation counters
+ * (`settledEscrows`/`disputedEscrows`), so for a heavily-disputed agent the
+ * volume can under-report relative to the settled-escrow count.
+ */
 export interface AgentSettlementVolume {
     /** Received as payee (the worker side) — the headline trust signal. */
     earnedByAsset: AssetVolume[];
@@ -247,9 +255,9 @@ export interface ChallengeResponse {
 /**
  * Request body for `POST /v1/agents` (registration). The server DTO is
  * `RegisterAgentDto`; `ownerAttestation` mirrors the SDK
- * `ScryptPasswordAttestation<KeyLinkPayload>` wire shape but stays a
- * generic object here — its inner fields are verified by canonical-JSON
- * + HMAC at the server, not structurally.
+ * `Ed25519KeyLinkAttestation<KeyLinkPayload>` wire shape but stays a
+ * generic object here — its `sig` is verified against the payload's
+ * identity key (Ed25519) at the server, not structurally.
  */
 export interface RegisterAgentRequest {
     challengeId: string;
@@ -258,10 +266,7 @@ export interface RegisterAgentRequest {
     ownerAttestation: {
         payload: Record<string, unknown>;
         sig: string;
-        scrypt_salt_id: string;
     };
-    scryptKeyB64: string;
-    scryptSaltB64: string;
     /**
      * Unique, immutable handle — lowercase `^[a-z0-9_]{3,32}$`
      * ({@link AGENT_NAME_REGEX}), REQUIRED. The server normalizes it and

package/dist/types/discovery.d.ts

@@ -16,6 +16,29 @@ export declare const DiscoverySorts: {
     readonly RECENT: "recent";
     readonly CREATED: "created";
 };
+/**
+ * Earned-evidence discovery badge — a coarse "how much real on-chain
+ * history" signal carried on every search row + profile, DISTINCT from
+ * the manual platform `trusted` flag. Same vocab shape as the protocol
+ * sets (as-const array + union + guard + named-member const-object).
+ *
+ * `proven` = enough completed payee cycles across distinct owners;
+ * `limited` = some real on-chain cycles, below the proven bar;
+ * `new` = zero settled cycles (escrow/stake-backed but unproven);
+ * `flagged` = adverse evidence (a lost dispute or a no-show/revoke) —
+ * dominates the positive ladder, never masked by a high score or `trusted`.
+ */
+export declare const AGENT_BADGES: readonly ["proven", "limited", "new", "flagged"];
+export type AgentBadge = (typeof AGENT_BADGES)[number];
+/** Named-member accessor for {@link AgentBadge} (vocab-tested). */
+export declare const AgentBadges: {
+    readonly PROVEN: "proven";
+    readonly LIMITED: "limited";
+    readonly NEW: "new";
+    readonly FLAGGED: "flagged";
+};
+/** Type guard for {@link AgentBadge} (rejects non-members + non-strings). */
+export declare function isAgentBadge(v: unknown): v is AgentBadge;
 /**
  * Query for `GET /v1/discovery/search` (server DTO
  * `DiscoverySearchQueryDto`). Every field optional; filters AND-compose.
@@ -32,6 +55,16 @@ export interface DiscoverySearchQuery {
     accepts?: string;
     /** Only agents seen within the liveness window. */
     online?: boolean;
+    /** Return ONLY platform-trusted agents (the manual `trusted` allow-list flag). */
+    trustedOnly?: boolean;
+    /** Include unproven (zero settled cycle) agents — default true; `false` hard-excludes cold-start. */
+    includeUnproven?: boolean;
+    /** Hard filter: minimum settled on-chain cycles. */
+    minOnchainCycles?: number;
+    /** Hard filter: minimum completed delegations AS THE PAYEE (paid work delivered). */
+    minCompletedAsPayee?: number;
+    /** Hard filter: minimum distinct (owner-resolved) counterparts. */
+    minDistinctCounterparts?: number;
     /** `reputation` (composite desc, default) | `recent` | `created` (cursor). */
     sort?: DiscoverySort;
     /** Zero-based page index (offset = page × limit) — reputation/recent sorts. */
@@ -73,6 +106,10 @@ export interface DiscoveryResult {
     reputation: DiscoveryReputation;
     liveness: DiscoveryLiveness;
     registeredAt: string;
+    /** Platform-curated trust flag (manual DB allow-list) — NOT earned reputation. */
+    trusted: boolean;
+    /** Earned-evidence badge derived from on-chain history (see {@link AgentBadge}). */
+    badge: AgentBadge;
 }
 /** Pagination envelope metadata on a discovery search page. */
 export interface DiscoveryPagination {
@@ -104,6 +141,10 @@ export interface DiscoveryProfile {
     tags: string[];
     acceptPrefs?: AcceptPrefs;
     registeredAt: string;
+    /** Platform-curated trust flag (manual DB allow-list) — NOT earned reputation. */
+    trusted: boolean;
+    /** Earned-evidence badge derived from on-chain history (see {@link AgentBadge}). */
+    badge: AgentBadge;
     reputation: AgentReputation;
     /** Liveness, plus `lastEventAt` (last protocol event either side). */
     liveness: DiscoveryLiveness & {

package/dist/types/identity.d.ts

@@ -1,16 +1,16 @@
 import type { Did } from './envelope';
 /**
- * Owner attestation methods per [00-core/identity.md](../../../00-core/identity.md).
- *
- * Only `scrypt_password_proof` is active (index 0); the others are
- * reserved placeholders for forward-compat. Backed by an `as const`
- * array so the server's attestation schema can source the active method
- * from `OWNER_SIGNING_METHODS[0]` instead of re-hardcoding the literal.
+ * Owner attestation methods. `ed25519_owner_key` is active (index 0):
+ * the agent's IDENTITY key self-signs the key-link, so there is NO
+ * separate owner password. `totp+passphrase` is a reserved placeholder
+ * for forward-compat. Backed by an `as const` array so the server's
+ * attestation schema sources the active method from
+ * `OWNER_SIGNING_METHODS[0]` instead of re-hardcoding the literal.
  */
-export declare const OWNER_SIGNING_METHODS: readonly ["scrypt_password_proof", "ed25519_owner_key", "totp+passphrase"];
+export declare const OWNER_SIGNING_METHODS: readonly ["ed25519_owner_key", "totp+passphrase"];
 export type OwnerSigningMethod = (typeof OWNER_SIGNING_METHODS)[number];
 /**
- * `ARP-KEY-LINK-v1` payload — the canonical-JSON-hashed object an owner
+ * `ARP-KEY-LINK-v1` payload — the canonical-JSON-hashed object the owner
  * signs at registration. Carries the link between identity and settlement
  * keys plus owner identity / method metadata.
  */
@@ -25,20 +25,14 @@ export interface KeyLinkPayload {
     nonce: string;
 }
 /**
- * `scrypt_password_proof` — the owner attestation envelope. The
- * signature is HMAC-SHA256(scrypt(password, salt), sha256(canonical(payload))),
- * base64-encoded. NOT an Ed25519 signature; verification is
- * server-side via the stored scrypt-derived key.
+ * `ed25519_owner_key` key-link attestation. The `sig` is the agent's
+ * IDENTITY Ed25519 key signing `canonicalBytes(payload)`, formatted as
+ * `ed25519:<base64(64-byte sig)>` — the same convention as envelope
+ * signatures. SELF-VERIFYING: the verifier checks `sig` against the
+ * payload's `identity_public_key`; there is no shared secret and no
+ * password (the identity key is already challenge-proven at register).
  */
-export interface ScryptPasswordAttestation<TPayload extends KeyLinkPayload = KeyLinkPayload> {
+export interface Ed25519KeyLinkAttestation<TPayload extends KeyLinkPayload = KeyLinkPayload> {
     payload: TPayload;
     sig: string;
-    scrypt_salt_id: string;
 }
-/** Standard scrypt parameters used for owner password proofs. */
-export declare const SCRYPT_PARAMS: {
-    readonly N: 32768;
-    readonly r: 8;
-    readonly p: 1;
-    readonly dkLen: 32;
-};

package/dist/types/index.d.ts

@@ -10,8 +10,8 @@ export type { WorkLogState } from './work-log';
 export { WORK_LOG_STATES, WorkLogStates, isWorkLogState } from './work-log';
 export type { ReadModelStatus } from './event';
 export { READ_MODEL_STATUSES, ReadModelStatuses, isReadModelStatus } from './event';
-export type { DiscoverySort, DiscoverySearchQuery, DiscoveryReputation, DiscoveryLiveness, DiscoveryResult, DiscoveryPagination, DiscoverySearchResponse, DiscoveryProfile, } from './discovery';
-export { DISCOVERY_SORTS, DiscoverySorts } from './discovery';
+export type { DiscoverySort, AgentBadge, DiscoverySearchQuery, DiscoveryReputation, DiscoveryLiveness, DiscoveryResult, DiscoveryPagination, DiscoverySearchResponse, DiscoveryProfile, } from './discovery';
+export { DISCOVERY_SORTS, DiscoverySorts, AGENT_BADGES, AgentBadges, isAgentBadge } from './discovery';
 export type { InboxBlockScope, InboxBlock, BlockInboxBody } from './inbox';
 export { INBOX_BLOCK_SCOPES, InboxBlockScopes } from './inbox';
 export type { CliSessionCreated, CliTokenIssued, CliWhoami, MyAgentSummary, CliLoginSessionStoredState, CliLoginSessionWireState, } from './cli-auth';
@@ -19,5 +19,5 @@ export { CLI_LOGIN_SESSION_STORED_STATES, CLI_LOGIN_SESSION_STATES, CliLoginSess
 export type { AssetIdentifierWire, DelegationPublic, DisputeResolutionPublic, ReceiptPublic, RelationshipPublic, WorkLogPublic, EventPublic, IngestResult, SenderSequenceResponse, InboxUnblockResult, ListRelationshipsQuery, ListInboxQuery, ListEventsQuery, ListDelegationsQuery, ListWorkLogsQuery, ListReceiptsQuery, } from './read-model';
 export type { AcceptPrefs, AcceptCurrency, AgentRegisteredResponse, AgentPublic, UpdateAgentBody, RegisterAgentRequest, ChallengeResponse, ReputationScores, ReputationCounters, AgentReputation, AssetVolume, AgentSettlementVolume, AgentStatsRates, AgentStats, } from './agent';
 export { AGENT_TAG_REGEX, AGENT_NAME_REGEX, RESERVED_NAMES, isReservedName, isValidAgentName, normalizeName } from './agent';
-export type { OwnerSigningMethod, KeyLinkPayload, ScryptPasswordAttestation } from './identity';
-export { SCRYPT_PARAMS, OWNER_SIGNING_METHODS } from './identity';
+export type { OwnerSigningMethod, KeyLinkPayload, Ed25519KeyLinkAttestation } from './identity';
+export { OWNER_SIGNING_METHODS } from './identity';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@heyanon-arp/sdk",
-  "version": "0.0.36",
+  "version": "0.0.38",
   "description": "TypeScript SDK for the Agent Relationship Protocol — canonical JSON, Ed25519 envelope sign/verify, did:arp identity, scrypt key attestation, chain-audit helpers.",
   "license": "MIT",
   "keywords": [

package/dist/attestation/scrypt-proof.d.ts

@@ -1,28 +0,0 @@
-/**
- * Derive the scrypt key from an owner's password + salt. Uses the
- * standard parameters: N=32768, r=8, p=1, dkLen=32. Designed to be
- * computed once at owner registration time and stored encrypted-at-rest;
- * subsequent attestation verification recomputes the HMAC, not scrypt.
- *
- * Synchronous variant is intentional — keys derive at low frequency
- * (once per owner registration); the worst case is a few hundred ms
- * which is acceptable. Async variants can be layered on top by the
- * consumer if needed.
- */
-export declare function deriveScryptKey(password: string, salt: Uint8Array): Uint8Array;
-/**
- * Compute the scrypt-password-proof signature over the canonical
- * payload bytes, returning the base64-encoded MAC.
- *
- * Steps per [00-core/identity.md](../../../00-core/identity.md):
- *   1. payload_digest = sha256(canonical_json(payload))
- *   2. mac            = HMAC-SHA256(scrypt_key, payload_digest)
- *   3. sig            = base64(mac)
- */
-export declare function scryptPasswordProofSign(payload: unknown, scryptKey: Uint8Array): string;
-/**
- * Verify a scrypt-password-proof signature. Constant-time compare on
- * MAC bytes — never compares strings directly because base64 decoding
- * normalises some inputs which would mask differences.
- */
-export declare function scryptPasswordProofVerify(payload: unknown, sigBase64: string, scryptKey: Uint8Array): boolean;