@hlos-ai/schemas 0.4.2 → 0.6.0

package/dist/index.js

@@ -1,21 +1,96 @@
 import {
   CorrelationIdSchema,
   CrossingIdSchema,
+  DispatchIdBrand,
+  DispatchIdSchema,
   IdempotencyKeySchema,
   PassportIdSchema,
   ReceiptIdSchema,
   WalletIdSchema,
-  __require,
   generateCrossingId,
+  generateDispatchId,
   generateId,
   generatePassportId,
   generateReceiptId,
   generateWalletId
-} from "./chunk-RQP6MVT3.js";
+} from "./chunk-ADIQW3HO.js";
+import {
+  BASE64URL_SHA256_REGEX,
+  Base64urlEd25519SigSchema,
+  Base64urlSha256Schema,
+  RECEIPT_HASH_GOLDEN_FIXTURE,
+  ReceiptHashSchema,
+  base64urlToBytes,
+  bytesToBase64url,
+  computeContentHash,
+  computeReceiptHash,
+  jcsCanonicalize
+} from "./chunk-I4QGTJTP.js";
+import {
+  __require
+} from "./chunk-DGUM43GV.js";
 
-// src/surface.ts
+// src/aar-envelope-v0.ts
 import { z } from "zod";
-var SurfaceSchema = z.enum([
+var AAR_ENVELOPE_TYPE = "https://hlos.ai/schema/AAREnvelopeV0";
+var AAR_ENVELOPE_VERSION = 0;
+var AAREnvelopeV0Schema = z.object({
+  "@type": z.literal(AAR_ENVELOPE_TYPE),
+  version: z.literal(AAR_ENVELOPE_VERSION),
+  content_type: z.string().min(1),
+  content_hash: Base64urlSha256Schema,
+  inner: z.unknown(),
+  signer_id: z.string().min(1),
+  signature: Base64urlEd25519SigSchema,
+  issued_at: z.string().datetime(),
+  previous_aar_hash: z.string().min(1)
+});
+var AAREnvelopeV0TypedSchema = (contentType, innerSchema) => AAREnvelopeV0Schema.extend({
+  content_type: z.literal(contentType),
+  inner: innerSchema
+});
+
+// src/verify-aar.ts
+function toBuffer(bytes) {
+  const ab = new ArrayBuffer(bytes.byteLength);
+  new Uint8Array(ab).set(bytes);
+  return ab;
+}
+async function importPublicKey(publicKey) {
+  if (typeof CryptoKey !== "undefined" && publicKey instanceof CryptoKey) {
+    return publicKey;
+  }
+  const raw = publicKey;
+  return crypto.subtle.importKey(
+    "raw",
+    toBuffer(raw),
+    "Ed25519",
+    false,
+    ["verify"]
+  );
+}
+async function verifyAAR(envelope, publicKey) {
+  const parsed = AAREnvelopeV0Schema.parse(envelope);
+  const contentHash = computeContentHash(parsed.inner);
+  if (contentHash !== parsed.content_hash) {
+    throw new Error("AAR content hash mismatch");
+  }
+  const key = await importPublicKey(publicKey);
+  const verified = await crypto.subtle.verify(
+    "Ed25519",
+    key,
+    toBuffer(base64urlToBytes(parsed.signature)),
+    toBuffer(base64urlToBytes(parsed.content_hash))
+  );
+  if (!verified) {
+    throw new Error(`AAR signature verification failed for signer ${parsed.signer_id}`);
+  }
+  return parsed;
+}
+
+// src/surface.ts
+import { z as z2 } from "zod";
+var SurfaceSchema = z2.enum([
   "mcp",
   // Model Context Protocol servers
   "x402",
@@ -34,11 +109,11 @@ var SurfaceSchema = z.enum([
 var SURFACES = SurfaceSchema.options;
 
 // src/response.ts
-import { z as z3 } from "zod";
+import { z as z4 } from "zod";
 
 // src/error-codes.ts
-import { z as z2 } from "zod";
-var KernelErrorCodeSchema = z2.enum([
+import { z as z3 } from "zod";
+var KernelErrorCodeSchema = z3.enum([
   // 4xx Client Errors
   "INVALID_REQUEST",
   // 400 - Malformed request body
@@ -87,49 +162,49 @@ function error(code, message, correlationId, details) {
     }
   };
 }
-var SuccessResponseSchema = (dataSchema) => z3.object({
-  success: z3.literal(true),
+var SuccessResponseSchema = (dataSchema) => z4.object({
+  success: z4.literal(true),
   data: dataSchema,
-  meta: z3.object({
-    request_id: z3.string().optional(),
-    correlation_id: z3.string()
+  meta: z4.object({
+    request_id: z4.string().optional(),
+    correlation_id: z4.string()
   }).optional()
 });
-var ErrorResponseSchema = z3.object({
-  success: z3.literal(false),
-  error: z3.object({
+var ErrorResponseSchema = z4.object({
+  success: z4.literal(false),
+  error: z4.object({
     code: KernelErrorCodeSchema,
-    message: z3.string(),
-    details: z3.unknown().optional(),
-    correlation_id: z3.string()
+    message: z4.string(),
+    details: z4.unknown().optional(),
+    correlation_id: z4.string()
   })
 });
 
 // src/receipt-v0.ts
-import { z as z4 } from "zod";
+import { z as z5 } from "zod";
 var RECEIPT_TYPE_URI = "https://hlos.ai/schema/SignedReceiptV0";
 var RECEIPT_VERSION = 0;
 var CONTENT_HASH_LENGTH = 43;
 var SIGNATURE_LENGTH = 86;
-var SignedReceiptV0Schema = (contentSchema) => z4.object({
-  "@type": z4.literal(RECEIPT_TYPE_URI),
-  version: z4.literal(RECEIPT_VERSION),
-  receipt_id: z4.string(),
+var SignedReceiptV0Schema = (contentSchema) => z5.object({
+  "@type": z5.literal(RECEIPT_TYPE_URI),
+  version: z5.literal(RECEIPT_VERSION),
+  receipt_id: z5.string(),
   content: contentSchema,
   // SHA-256 digest (32 bytes) = exactly 43 chars base64url
-  content_hash: z4.string().regex(
+  content_hash: z5.string().regex(
     /^[A-Za-z0-9_-]{43}$/,
     "content_hash must be 43-char base64url (32-byte SHA-256)"
   ),
   // Ed25519 signature (64 bytes) = exactly 86 chars base64url
-  signature: z4.string().regex(
+  signature: z5.string().regex(
     /^[A-Za-z0-9_-]{86}$/,
     "signature must be 86-char base64url (64-byte Ed25519)"
   ),
-  key_id: z4.string().min(1),
-  issued_at: z4.string().datetime()
+  key_id: z5.string().min(1),
+  issued_at: z5.string().datetime()
 });
-var SignedReceiptV0LooseSchema = SignedReceiptV0Schema(z4.unknown());
+var SignedReceiptV0LooseSchema = SignedReceiptV0Schema(z5.unknown());
 function isSignedReceiptV0(value) {
   if (typeof value !== "object" || value === null) return false;
   const obj = value;
@@ -137,8 +212,8 @@ function isSignedReceiptV0(value) {
 }
 
 // src/shared-contract.ts
-import { z as z5 } from "zod";
-var KernelErrorCodeSchema2 = z5.enum([
+import { z as z6 } from "zod";
+var KernelErrorCodeSchema2 = z6.enum([
   // Validation / Request errors
   "VALIDATION_ERROR",
   // 400 - Input validation failed
@@ -200,30 +275,30 @@ var ERROR_CODE_STATUS = {
   INTERNAL_ERROR: 500,
   SERVICE_UNAVAILABLE: 503
 };
-var KernelOkSchema = (dataSchema) => z5.object({
-  ok: z5.literal(true),
-  status: z5.union([
-    z5.number().int().min(200).max(299),
-    z5.literal(304)
+var KernelOkSchema = (dataSchema) => z6.object({
+  ok: z6.literal(true),
+  status: z6.union([
+    z6.number().int().min(200).max(299),
+    z6.literal(304)
   ]),
   data: dataSchema
 });
-var KernelErrorSchema = z5.object({
-  ok: z5.literal(false),
-  status: z5.number().int().min(400).max(599),
-  error: z5.object({
+var KernelErrorSchema = z6.object({
+  ok: z6.literal(false),
+  status: z6.number().int().min(400).max(599),
+  error: z6.object({
     code: KernelErrorCodeSchema2,
     // P0 FIX: was z.string()
-    message: z5.string(),
-    details: z5.record(z5.unknown()).optional()
+    message: z6.string(),
+    details: z6.record(z6.unknown()).optional()
   })
 });
-var CrossingIdFormatSchema = z5.string().regex(/^cross_[a-z0-9]{20,}$/i, "Invalid CrossingId format (expected: cross_...)");
-var ReceiptIdFormatSchema = z5.string().regex(/^rcpt_[0-9A-HJKMNP-TV-Z]{26}$/i, "Invalid ReceiptId format (expected: rcpt_...)");
-var PassportIdFormatSchema = z5.string().regex(/^passport_[a-z0-9]{20,}$/i, "Invalid PassportId format (expected: passport_...)");
-var WalletIdFormatSchema = z5.string().regex(/^wallet_[a-z0-9]{20,}$/i, "Invalid WalletId format (expected: wallet_...)");
-var FundingSourceSchema = z5.enum(["SPONSOR", "PLATFORM", "USER"]);
-var CredentialSourceSchema = z5.enum([
+var CrossingIdFormatSchema = z6.string().regex(/^cross_[a-z0-9]{20,}$/i, "Invalid CrossingId format (expected: cross_...)");
+var ReceiptIdFormatSchema = z6.string().regex(/^rcpt_[0-9A-HJKMNP-TV-Z]{26}$/i, "Invalid ReceiptId format (expected: rcpt_...)");
+var PassportIdFormatSchema = z6.string().regex(/^passport_[a-z0-9]{20,}$/i, "Invalid PassportId format (expected: passport_...)");
+var WalletIdFormatSchema = z6.string().regex(/^wallet_[a-z0-9]{20,}$/i, "Invalid WalletId format (expected: wallet_...)");
+var FundingSourceSchema = z6.enum(["SPONSOR", "PLATFORM", "USER"]);
+var CredentialSourceSchema = z6.enum([
   "SPONSOR_KEY",
   // Sponsor-provisioned key
   "BYOK",
@@ -241,46 +316,46 @@ function deriveFundingSource(credentialSource) {
       return "PLATFORM";
   }
 }
-var CrossingSnapshotV0Schema = z5.object({
+var CrossingSnapshotV0Schema = z6.object({
   crossingId: CrossingIdFormatSchema,
-  capabilityId: z5.string(),
+  capabilityId: z6.string(),
   passportId: PassportIdFormatSchema,
   // Scoping
-  event_id: z5.string().nullable(),
-  access_window_id: z5.string().nullable(),
-  access_grant_id: z5.string().nullable(),
+  event_id: z6.string().nullable(),
+  access_window_id: z6.string().nullable(),
+  access_grant_id: z6.string().nullable(),
   // Attribution
-  attribution_org_id: z5.string().nullable(),
+  attribution_org_id: z6.string().nullable(),
   funding_source: FundingSourceSchema.nullable(),
   credential_source: CredentialSourceSchema
 });
-var CrossingHashInputV0Schema = z5.object({
-  v: z5.literal(0),
+var CrossingHashInputV0Schema = z6.object({
+  v: z6.literal(0),
   snapshot: CrossingSnapshotV0Schema,
   attested_receipt_id: ReceiptIdFormatSchema
 });
 var SETTLEMENT_AUTHORITY = "hlos.ai";
-var CrossingSettledReceiptSchema = z5.object({
-  type: z5.literal("CrossingSettled"),
+var CrossingSettledReceiptSchema = z6.object({
+  type: z6.literal("CrossingSettled"),
   crossingId: CrossingIdFormatSchema,
   // Scoping (powers adoption + ROI views)
-  event_id: z5.string().nullable(),
-  access_window_id: z5.string().nullable(),
-  access_grant_id: z5.string().nullable(),
+  event_id: z6.string().nullable(),
+  access_window_id: z6.string().nullable(),
+  access_grant_id: z6.string().nullable(),
   // Attribution
-  attribution_org_id: z5.string().nullable(),
+  attribution_org_id: z6.string().nullable(),
   funding_source: FundingSourceSchema.nullable(),
   credential_source: CredentialSourceSchema,
   // Authority (LITERAL)
-  settlement_authority: z5.literal(SETTLEMENT_AUTHORITY),
+  settlement_authority: z6.literal(SETTLEMENT_AUTHORITY),
   // Binding
-  crossing_hash: z5.string(),
+  crossing_hash: z6.string(),
   // sha256 base64url of CrossingHashInputV0
-  attested_receipt_id: z5.string(),
+  attested_receipt_id: z6.string(),
   // Timestamp
-  settled_at: z5.string().datetime()
+  settled_at: z6.string().datetime()
 });
-var AvailabilityTypeSchema = z5.enum([
+var AvailabilityTypeSchema = z6.enum([
   "EVENT_SPONSOR",
   // Sponsor-funded for specific event
   "EVERGREEN",
@@ -288,7 +363,7 @@ var AvailabilityTypeSchema = z5.enum([
   "CATALOG"
   // User-paid from catalog
 ]);
-var ProviderRoleSchema = z5.enum([
+var ProviderRoleSchema = z6.enum([
   "AI",
   // AI/LLM providers (Gemini, GPT, Claude)
   "DATABASE",
@@ -308,35 +383,35 @@ var ProviderRoleSchema = z5.enum([
   "OTHER"
   // Catch-all for new categories
 ]);
-var StackProviderSchema = z5.object({
-  provider_id: z5.string(),
+var StackProviderSchema = z6.object({
+  provider_id: z6.string(),
   role: ProviderRoleSchema,
   // P1: Now a constrained enum
-  display_name: z5.string(),
-  budget_allocation: z5.number().nonnegative(),
-  sku_ids: z5.array(z5.string()),
+  display_name: z6.string(),
+  budget_allocation: z6.number().nonnegative(),
+  sku_ids: z6.array(z6.string()),
   availability_type: AvailabilityTypeSchema
 });
-var StackSchema = z5.object({
-  id: z5.string(),
-  slug: z5.string(),
-  name: z5.string(),
-  tagline: z5.string(),
-  icon: z5.string(),
-  providers: z5.array(StackProviderSchema),
-  github_template: z5.string().nullable(),
-  total_budget: z5.number().nonnegative(),
-  event_id: z5.string().nullable()
+var StackSchema = z6.object({
+  id: z6.string(),
+  slug: z6.string(),
+  name: z6.string(),
+  tagline: z6.string(),
+  icon: z6.string(),
+  providers: z6.array(StackProviderSchema),
+  github_template: z6.string().nullable(),
+  total_budget: z6.number().nonnegative(),
+  event_id: z6.string().nullable()
   // null = evergreen
 });
-var StackConnectionSchema = z5.object({
-  id: z5.string(),
-  stack_id: z5.string(),
-  passport_id: z5.string(),
-  team_id: z5.string().nullable(),
-  environment_id: z5.string(),
-  connected_at: z5.string().datetime(),
-  connected_providers: z5.array(z5.string())
+var StackConnectionSchema = z6.object({
+  id: z6.string(),
+  stack_id: z6.string(),
+  passport_id: z6.string(),
+  team_id: z6.string().nullable(),
+  environment_id: z6.string(),
+  connected_at: z6.string().datetime(),
+  connected_providers: z6.array(z6.string())
 });
 function kernelOk(data, status = 200) {
   return { ok: true, status, data };
@@ -405,7 +480,7 @@ function isCrossingSettledReceipt(value) {
 }
 
 // src/w.ts
-import { z as z6 } from "zod";
+import { z as z7 } from "zod";
 var W_RPID_DOMAIN = new TextEncoder().encode("W:RPID:v1");
 var W_TXCTX_DOMAIN = new TextEncoder().encode("W:TXCTX:v1");
 var RFC3339_CAPTURING = /^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})(\.(\d{1,9}))?(Z|([+-])(\d{2}):(\d{2}))$/;
@@ -483,36 +558,36 @@ function encodeEpoch(epoch) {
   view.setBigUint64(0, BigInt(ms), false);
   return new Uint8Array(buf);
 }
-var RelyingPartyIdSchema = z6.object({
+var RelyingPartyIdSchema = z7.object({
   /** RP domain (e.g., "merchant.example.com") */
-  domain: z6.string().min(1).max(253),
+  domain: z7.string().min(1).max(253),
   /** Audience URI (e.g., "https://merchant.example.com/verify") */
-  audience_uri: z6.string().url(),
+  audience_uri: z7.string().url(),
   /** SHA-256 hash of verifier's public key (hex, 64 chars) */
-  verifier_key_hash: z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex")
+  verifier_key_hash: z7.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex")
 });
-var RotationEpochSchema = z6.union([
-  z6.number().int().nonnegative(),
-  z6.string().datetime({ offset: true })
+var RotationEpochSchema = z7.union([
+  z7.number().int().nonnegative(),
+  z7.string().datetime({ offset: true })
   // Requires timezone offset (RFC3339)
 ]);
-var RPIDSchema = z6.string().length(43, "RPID must be base64url-encoded 32 bytes (43 chars, no padding)").regex(/^[A-Za-z0-9_-]+$/, "Must be base64url (no padding)");
-var TransactionContextSchema = z6.object({
+var RPIDSchema = z7.string().length(43, "RPID must be base64url-encoded 32 bytes (43 chars, no padding)").regex(/^[A-Za-z0-9_-]+$/, "Must be base64url (no padding)");
+var TransactionContextSchema = z7.object({
   // Required core (stable)
   relying_party_id: RelyingPartyIdSchema,
   /** sha256(JCS({ intent, request })) — see computeOperationHash() */
-  operation_hash: z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex"),
+  operation_hash: z7.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex"),
   /** Validity start (RFC3339) */
-  not_before: z6.string().datetime({ offset: true }),
+  not_before: z7.string().datetime({ offset: true }),
   /** Validity end (RFC3339) */
-  not_after: z6.string().datetime({ offset: true }),
+  not_after: z7.string().datetime({ offset: true }),
   // Optional (part of hash, must be consistent)
-  amount: z6.number().nonnegative().optional(),
-  currency: z6.string().length(3).optional(),
-  surface_id: z6.string().optional(),
-  channel_id: z6.string().optional()
+  amount: z7.number().nonnegative().optional(),
+  currency: z7.string().length(3).optional(),
+  surface_id: z7.string().optional(),
+  channel_id: z7.string().optional()
 });
-var TransactionContextHashSchema = z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex");
+var TransactionContextHashSchema = z7.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex");
 var W_GOLDEN_FIXTURES = {
   /**
    * encodeEpoch(1706486400000) = 2024-01-29T00:00:00.000Z
@@ -568,235 +643,199 @@ function validateTimeWindow(context) {
 }
 
 // src/agents.ts
-import { z as z7 } from "zod";
-var AgentStatusSchema = z7.enum(["ACTIVE", "PENDING", "SUSPENDED", "REVOKED"]).or(z7.string().min(1));
-var AgentTypeSchema = z7.enum(["CUSTOM", "CLAUDE", "GPT", "GEMINI", "CURSOR", "COPILOT", "OTHER"]).or(z7.string().min(1));
-var AgentListItemSchema = z7.object({
-  id: z7.string().min(1),
-  external_id: z7.string().min(1),
-  name: z7.string().min(1),
+import { z as z8 } from "zod";
+var AgentStatusSchema = z8.enum(["ACTIVE", "PENDING", "SUSPENDED", "REVOKED"]).or(z8.string().min(1));
+var AgentTypeSchema = z8.enum(["CUSTOM", "CLAUDE", "GPT", "GEMINI", "CURSOR", "COPILOT", "OTHER"]).or(z8.string().min(1));
+var AgentListItemSchema = z8.object({
+  id: z8.string().min(1),
+  external_id: z8.string().min(1),
+  name: z8.string().min(1),
   status: AgentStatusSchema,
   agent_type: AgentTypeSchema,
-  trust_score: z7.number().int().min(0).max(1e3),
-  hosting_model: z7.null(),
-  declared_tier: z7.null(),
-  created_at: z7.string().datetime()
+  trust_score: z8.number().int().min(0).max(1e3),
+  hosting_model: z8.null(),
+  declared_tier: z8.null(),
+  created_at: z8.string().datetime()
 }).passthrough();
-var AgentsListResponseSchema = z7.object({
-  agents: z7.array(AgentListItemSchema),
-  _meta: z7.object({
-    source: z7.literal("hlos")
+var AgentsListResponseSchema = z8.object({
+  agents: z8.array(AgentListItemSchema),
+  _meta: z8.object({
+    source: z8.literal("hlos")
   })
 }).passthrough();
-var AgentPassportStubResponseSchema = z7.object({
-  passport_id: z7.null(),
-  agent_id: z7.string().min(1),
-  hosting_model: z7.null(),
-  declared_tier: z7.null(),
-  effective_tier: z7.null(),
-  finality_level: z7.null(),
-  graph: z7.object({
-    incoming_edges: z7.null(),
-    outgoing_edges: z7.null(),
-    active_visas: z7.null()
+var AgentPassportStubResponseSchema = z8.object({
+  passport_id: z8.null(),
+  agent_id: z8.string().min(1),
+  hosting_model: z8.null(),
+  declared_tier: z8.null(),
+  effective_tier: z8.null(),
+  finality_level: z8.null(),
+  graph: z8.object({
+    incoming_edges: z8.null(),
+    outgoing_edges: z8.null(),
+    active_visas: z8.null()
   }).passthrough(),
-  links: z7.object({
-    passport_url: z7.string().startsWith("/agent-passport/agents/"),
-    docs_url: z7.literal("/agents/passport")
+  links: z8.object({
+    passport_url: z8.string().startsWith("/agent-passport/agents/"),
+    docs_url: z8.literal("/agents/passport")
   }).passthrough(),
-  _meta: z7.object({
-    source: z7.literal("stub")
+  _meta: z8.object({
+    source: z8.literal("stub")
   })
 }).passthrough();
 
-// src/encoding.ts
-import { z as z8 } from "zod";
-function bytesToBase64url(bytes) {
-  let binary = "";
-  for (let i = 0; i < bytes.length; i++) {
-    binary += String.fromCharCode(bytes[i]);
-  }
-  const base64 = btoa(binary);
-  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}
-function base64urlToBytes(str) {
-  const base64 = str.replace(/-/g, "+").replace(/_/g, "/");
-  const padded = base64 + "=".repeat((4 - base64.length % 4) % 4);
-  const binary = atob(padded);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
-  }
-  return bytes;
-}
-var BASE64URL_SHA256_REGEX = /^[A-Za-z0-9_-]{43}$/;
-var Base64urlSha256Schema = z8.string().regex(
-  BASE64URL_SHA256_REGEX,
-  "Must be 43-char base64url (32-byte SHA-256 digest)"
+// src/dispatch-chain.ts
+import { z as z9 } from "zod";
+var CHAIN_STAGE_ORDER = ["CR", "LAT", "EGP", "SA"];
+var ChainStageTypeSchema = z9.enum(CHAIN_STAGE_ORDER);
+var ReceiptHashRefSchema = Base64urlSha256Schema.describe(
+  "receipt_hash: base64url(SHA-256(JCS(entire_receipt_envelope)))"
 );
-var Base64urlEd25519SigSchema = z8.string().regex(
-  /^[A-Za-z0-9_-]{86}$/,
-  "Must be 86-char base64url (64-byte Ed25519 signature)"
+var ContentHashRefSchema = Base64urlSha256Schema.describe(
+  "content_hash reference: base64url(SHA-256(JCS(content_field_only)))"
 );
-
-// src/receipt-hash.ts
-var cachedSha256 = null;
-function sortKeysDeep(value) {
-  if (Array.isArray(value)) return value.map(sortKeysDeep);
-  if (value !== null && typeof value === "object") {
-    const obj = value;
-    const out = {};
-    for (const key of Object.keys(obj).sort()) {
-      out[key] = sortKeysDeep(obj[key]);
-    }
-    return out;
+var CustodyReceiptContentSchema = z9.object({
+  type: z9.literal("CustodyReceipt"),
+  stage_type: z9.literal("CR"),
+  stage_version: z9.literal(0),
+  stage_index: z9.literal(0),
+  dispatch_id: DispatchIdSchema,
+  previous_receipt_hash: z9.null(),
+  // CR-specific
+  actor_passport_id: z9.string().min(1),
+  surface: z9.string().min(1),
+  task_scope: z9.string().min(1),
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY)
+}).strict();
+var LiabilityAttestationContentSchema = z9.object({
+  type: z9.literal("LiabilityAttestation"),
+  stage_type: z9.literal("LAT"),
+  stage_version: z9.literal(0),
+  stage_index: z9.literal(1),
+  dispatch_id: DispatchIdSchema,
+  previous_receipt_hash: ReceiptHashRefSchema,
+  chain_root_content_hash: ContentHashRefSchema,
+  // LAT-specific
+  policy_snapshot_hash: Base64urlSha256Schema,
+  capabilities_granted: z9.array(z9.string().min(1)).min(1),
+  authorization_scope: z9.string().min(1),
+  /** Receipt issuer authority (HLOS issues all chain artifacts). */
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY)
+}).strict();
+var EconomicGateProofContentSchema = z9.object({
+  type: z9.literal("EconomicGateProof"),
+  stage_type: z9.literal("EGP"),
+  stage_version: z9.literal(0),
+  stage_index: z9.literal(2),
+  dispatch_id: DispatchIdSchema,
+  previous_receipt_hash: ReceiptHashRefSchema,
+  chain_root_content_hash: ContentHashRefSchema,
+  // EGP-specific
+  wallet_id: z9.string().min(1),
+  hold_id: z9.string().min(1).optional(),
+  amount_mills: z9.number().int().nonnegative(),
+  currency: z9.literal("USD"),
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY)
+}).strict();
+var SettlementAnchorContentSchema = z9.object({
+  type: z9.literal("SettlementAnchor"),
+  stage_type: z9.literal("SA"),
+  stage_version: z9.literal(0),
+  stage_index: z9.literal(3),
+  dispatch_id: DispatchIdSchema,
+  previous_receipt_hash: ReceiptHashRefSchema,
+  chain_root_content_hash: ContentHashRefSchema,
+  // SA-specific
+  settlement_receipt_hash: ReceiptHashRefSchema,
+  crossing_id: z9.string().optional(),
+  final_amount_mills: z9.number().int().nonnegative(),
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY)
+}).strict();
+var DispatchChainContentSchema = z9.discriminatedUnion("type", [
+  CustodyReceiptContentSchema,
+  LiabilityAttestationContentSchema,
+  EconomicGateProofContentSchema,
+  SettlementAnchorContentSchema
+]);
+function assertValidChainLink(expectedPreviousHash, actualPreviousHash, stageType) {
+  if (expectedPreviousHash !== actualPreviousHash) {
+    throw new Error(
+      `Chain link broken at ${stageType}: expected previous_receipt_hash=${expectedPreviousHash}, got=${actualPreviousHash}`
+    );
   }
-  return value;
-}
-function jcsCanonicalize(value) {
-  return JSON.stringify(sortKeysDeep(value), (_key, v) => {
-    if (v === void 0) throw new Error("JCS: undefined is not allowed");
-    if (typeof v === "function") throw new Error("JCS: function is not allowed");
-    if (typeof v === "symbol") throw new Error("JCS: symbol is not allowed");
-    if (typeof v === "bigint") throw new Error("JCS: bigint is not allowed");
-    if (typeof v === "number" && !Number.isFinite(v))
-      throw new Error("JCS: non-finite number is not allowed");
-    return v;
-  });
 }
-function computeReceiptHash(receipt) {
-  const sha256 = loadSha256();
-  const canonical = jcsCanonicalize(receipt);
-  const digest = sha256(new TextEncoder().encode(canonical));
-  return bytesToBase64url(digest);
-}
-function computeContentHash(content) {
-  const sha256 = loadSha256();
-  const canonical = jcsCanonicalize(content);
-  const digest = sha256(new TextEncoder().encode(canonical));
-  return bytesToBase64url(digest);
-}
-function loadSha256() {
-  if (cachedSha256) return cachedSha256;
-  let _require;
-  try {
-    const { createRequire } = __require("module");
-    _require = createRequire(import.meta.url);
-  } catch {
-    _require = __require;
-  }
-  let sha256;
-  try {
-    sha256 = _require("@noble/hashes/sha2.js").sha256;
-  } catch {
-    try {
-      sha256 = _require("@noble/hashes/sha2").sha256;
-    } catch {
-      throw new Error(
-        "computeReceiptHash/computeContentHash requires @noble/hashes as a peer dependency. Install it: npm install @noble/hashes"
-      );
-    }
+function assertRootHash(actualRootHash, expectedRootHash, stageType) {
+  if (actualRootHash !== expectedRootHash) {
+    throw new Error(
+      `Chain root mismatch at ${stageType}: expected chain_root_content_hash=${expectedRootHash}, got=${actualRootHash}`
+    );
   }
-  cachedSha256 = sha256;
-  return sha256;
 }
-var ReceiptHashSchema = Base64urlSha256Schema.describe(
-  "receipt_hash: base64url(SHA-256(JCS(receipt)))"
-);
-var RECEIPT_HASH_GOLDEN_FIXTURE = {
-  receipt: {
-    "@type": "https://hlos.ai/schema/SignedReceiptV0",
-    version: 0,
-    receipt_id: "rcpt_01HZGOLDENTEST000000000000",
-    content: {
-      type: "CrossingSettled",
-      crossingId: "cross_test123abc456def789ghi",
-      settlement_authority: "hlos.ai"
-    },
-    // Placeholder bytes (NOT a valid cryptographic signature)
-    content_hash: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
-    signature: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
-    key_id: "hlos-v2-1",
-    issued_at: "2026-01-27T00:00:00.000Z"
-  },
-  /**
-   * Expected JCS canonical form of the receipt.
-   * Keys are lexicographically sorted at all levels.
-   */
-  expectedJcs: '{"@type":"https://hlos.ai/schema/SignedReceiptV0","content":{"crossingId":"cross_test123abc456def789ghi","settlement_authority":"hlos.ai","type":"CrossingSettled"},"content_hash":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA","issued_at":"2026-01-27T00:00:00.000Z","key_id":"hlos-v2-1","receipt_id":"rcpt_01HZGOLDENTEST000000000000","signature":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA","version":0}',
-  /**
-   * Expected receipt_hash (FROZEN).
-   * Compute: JCS canonicalize receipt → SHA-256 → base64url (no padding)
-   *
-   * DO NOT CHANGE unless the receipt fixture above changes.
-   */
-  expectedReceiptHash: "uLiQVUeVKcE35Rdje2fArZQfTcECDgwK6UbmQB_36Pg"
-};
 
 // src/finality.ts
-import { z as z9 } from "zod";
+import { z as z10 } from "zod";
 var NA_ID_PREFIX = "na_";
 var FinalityLevel = {
   SOFT: "SOFT",
   HARD: "HARD"
 };
-var NotaryAttestationIdFormatSchema = z9.string().regex(
+var NotaryAttestationIdFormatSchema = z10.string().regex(
   /^na_[a-zA-Z0-9]{20,}$/,
   "NA ID must match na_[a-zA-Z0-9]{20,}"
 );
-var LogInclusionProofSchema = z9.object({
+var LogInclusionProofSchema = z10.object({
   /** Merkle root hash (base64url SHA-256) */
   root: Base64urlSha256Schema,
   /** Sibling hashes along the path (base64url SHA-256 each) */
-  proof: z9.array(Base64urlSha256Schema),
+  proof: z10.array(Base64urlSha256Schema),
   /** Leaf index in the log */
-  index: z9.number().int().nonnegative()
+  index: z10.number().int().nonnegative()
 });
-var NotaryAttestationSchema = z9.object({
+var NotaryAttestationSchema = z10.object({
   // --- Required ---
   /** Unique NA identifier */
   na_id: NotaryAttestationIdFormatSchema,
   /** The receipt_hash this NA attests to */
   receipt_hash: Base64urlSha256Schema,
   /** Notary service identifier (e.g. "staampid") */
-  notary_id: z9.string().min(1),
+  notary_id: z10.string().min(1),
   /** ISO 8601 timestamp when NA was issued */
-  issued_at: z9.string().datetime(),
+  issued_at: z10.string().datetime(),
   /** Notary's countersignature (base64url encoded) */
-  signature: z9.string().min(1),
+  signature: z10.string().min(1),
   /** Signature algorithm (e.g. "EdDSA") */
-  signature_alg: z9.string().min(1),
+  signature_alg: z10.string().min(1),
   // --- Optional (future-proof) ---
   /** Receipt type being attested */
-  receipt_type: z9.string().optional(),
+  receipt_type: z10.string().optional(),
   /** Receipt version being attested */
-  receipt_version: z9.number().int().nonnegative().optional(),
+  receipt_version: z10.number().int().nonnegative().optional(),
   /** Settlement authority that issued the receipt (cross-check) */
-  settlement_authority: z9.string().optional(),
+  settlement_authority: z10.string().optional(),
   /** TTL in seconds for this attestation */
-  validity_window_seconds: z9.number().int().positive().optional(),
+  validity_window_seconds: z10.number().int().positive().optional(),
   /** ISO 8601 expiry (derived from issued_at + validity_window_seconds) */
-  expires_at: z9.string().datetime().optional(),
+  expires_at: z10.string().datetime().optional(),
   /** Merkle proof for append-only log inclusion */
   log_inclusion: LogInclusionProofSchema.optional()
 });
-var NotaryRequestSchema = z9.object({
+var NotaryRequestSchema = z10.object({
   /** receipt_hash to be attested (base64url SHA-256) */
   receipt_hash: Base64urlSha256Schema,
   /** Must be literal 'hlos.ai' */
-  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY),
+  settlement_authority: z10.literal(SETTLEMENT_AUTHORITY),
   /** Crossing this receipt belongs to */
-  crossing_id: z9.string().min(1),
+  crossing_id: z10.string().min(1),
   /** Type of the receipt being attested */
-  receipt_type: z9.string().min(1),
+  receipt_type: z10.string().min(1),
   /** Version of the receipt being attested */
-  receipt_version: z9.number().int().nonnegative(),
+  receipt_version: z10.number().int().nonnegative(),
   /** ISO 8601 timestamp of the request */
-  timestamp: z9.string().datetime(),
+  timestamp: z10.string().datetime(),
   /** Optional: requested validity window in seconds */
-  validity_window_seconds: z9.number().int().positive().optional()
+  validity_window_seconds: z10.number().int().positive().optional()
 });
-var NotarizeStatusSchema = z9.enum([
+var NotarizeStatusSchema = z10.enum([
   "HARD",
   // NA obtained, finality upgraded
   "PENDING",
@@ -806,7 +845,7 @@ var NotarizeStatusSchema = z9.enum([
   "ALREADY_HARD"
   // Receipt already has NA
 ]);
-var NotarizeResponseSchema = z9.object({
+var NotarizeResponseSchema = z10.object({
   /** Finality status after this operation */
   status: NotarizeStatusSchema,
   /** The receipt_hash that was notarized */
@@ -816,13 +855,13 @@ var NotarizeResponseSchema = z9.object({
   /** The full NA object (optional embed) */
   na: NotaryAttestationSchema.optional(),
   /** Notary service identifier */
-  notary: z9.string().min(1).optional(),
+  notary: z10.string().min(1).optional(),
   /** NA ID for retrieval */
-  notary_receipt_id: z9.string().optional(),
+  notary_receipt_id: z10.string().optional(),
   /** ISO 8601 timestamp */
-  timestamp: z9.string().datetime(),
+  timestamp: z10.string().datetime(),
   /** Error details (present when status is FAILED) */
-  error: z9.string().optional()
+  error: z10.string().optional()
 });
 function isNotaryAttestation(value) {
   return NotaryAttestationSchema.safeParse(value).success;
@@ -830,17 +869,17 @@ function isNotaryAttestation(value) {
 function isNotaryRequest(value) {
   return NotaryRequestSchema.safeParse(value).success;
 }
-var ArtifactRefSchema = z9.object({
+var ArtifactRefSchema = z10.object({
   /** Artifact type */
-  type: z9.enum(["CR", "LAT", "EGP", "SA", "SignedReceiptV0", "NA"]),
+  type: z10.enum(["CR", "LAT", "EGP", "SA", "SignedReceiptV0", "NA"]),
   /** base64url SHA-256 hash of the artifact */
   hash: Base64urlSha256Schema,
   /** Issuer of the artifact */
-  issuer: z9.string().min(1),
+  issuer: z10.string().min(1),
   /** Schema version */
-  version: z9.string().min(1),
+  version: z10.string().min(1),
   /** Optional retrieval URI */
-  uri: z9.string().url().optional()
+  uri: z10.string().url().optional()
 });
 var FINALITY_GOLDEN_FIXTURES = {
   /** Sample NotaryAttestation */
@@ -874,7 +913,435 @@ var FINALITY_GOLDEN_FIXTURES = {
     timestamp: "2026-01-27T00:01:00.000Z"
   }
 };
+
+// src/eval-artifact.ts
+import { z as z11 } from "zod";
+var ULID_REGEX = /^[0-9A-HJKMNP-TV-Z]{26}$/;
+var EvalTranscriptStageSchema = z11.union([
+  ChainStageTypeSchema,
+  z11.literal("HTTP")
+]);
+var EvalTranscriptStepSchema = z11.object({
+  step_index: z11.number().int().nonnegative(),
+  stage: EvalTranscriptStageSchema,
+  input_hash: Base64urlSha256Schema,
+  output_hash: Base64urlSha256Schema.nullable(),
+  verdict: z11.enum(["pass", "fail", "skip"]),
+  error: z11.string().nullable(),
+  elapsed_ms: z11.number().int().nonnegative()
+}).strict();
+var EvalGraderResultSchema = z11.object({
+  grader_id: z11.string().min(1),
+  verdict: z11.enum(["pass", "fail"]),
+  confidence: z11.number().min(0).max(1),
+  details: z11.string().nullable()
+}).strict();
+var EvalFailureSchema = z11.object({
+  step_index: z11.number().int().nonnegative(),
+  grader_id: z11.string().min(1),
+  code: z11.string().min(1),
+  message: z11.string().nullable()
+}).strict();
+var EvalArtifactSchema = z11.object({
+  schema_version: z11.literal(1),
+  // Trial metadata
+  trial_id: z11.string().regex(ULID_REGEX, "Expected ULID format"),
+  seed: z11.string().nullable(),
+  suite: z11.string().min(1),
+  environment: z11.enum(["local", "ci", "staging", "production"]),
+  started_at: z11.string().datetime(),
+  completed_at: z11.string().datetime().nullable(),
+  duration_ms: z11.number().int().nonnegative().nullable(),
+  // Transcript — ordered steps
+  transcript: z11.array(EvalTranscriptStepSchema),
+  // Grader results
+  grader_results: z11.array(EvalGraderResultSchema),
+  // Compact failure records
+  failures: z11.array(EvalFailureSchema),
+  // Aggregate metrics
+  pass_rate: z11.number().min(0).max(1),
+  consecutive_pass_rate: z11.number().min(0).max(1),
+  k: z11.number().int().positive()
+}).strict();
+var DUMMY_HASH = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
+var EVAL_GOLDEN_FIXTURES = {
+  /**
+   * Valid 4-step transcript (CR→LAT→EGP→SA, all pass).
+   */
+  valid_full_pass: {
+    schema_version: 1,
+    trial_id: "01HZABCDEF1234567890ABCDEF",
+    seed: "test-seed-001",
+    suite: "kernel-invariant",
+    environment: "ci",
+    started_at: "2026-02-22T10:00:00.000Z",
+    completed_at: "2026-02-22T10:00:01.234Z",
+    duration_ms: 1234,
+    transcript: [
+      { step_index: 0, stage: "CR", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 5 },
+      { step_index: 1, stage: "LAT", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 8 },
+      { step_index: 2, stage: "EGP", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 3 },
+      { step_index: 3, stage: "SA", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 12 }
+    ],
+    grader_results: [
+      { grader_id: "cr_grader", verdict: "pass", confidence: 1, details: null },
+      { grader_id: "lat_grader", verdict: "pass", confidence: 1, details: null },
+      { grader_id: "egp_grader", verdict: "pass", confidence: 1, details: null },
+      { grader_id: "sa_grader", verdict: "pass", confidence: 1, details: null }
+    ],
+    failures: [],
+    pass_rate: 1,
+    consecutive_pass_rate: 1,
+    k: 10
+  },
+  /**
+   * Single failure: LAT grader fails (broken CR→LAT binding).
+   */
+  lat_failure: {
+    schema_version: 1,
+    trial_id: "01HZABCDEF1234567890ABCDEG",
+    seed: "test-seed-002",
+    suite: "kernel-invariant",
+    environment: "ci",
+    started_at: "2026-02-22T10:01:00.000Z",
+    completed_at: "2026-02-22T10:01:00.456Z",
+    duration_ms: 456,
+    transcript: [
+      { step_index: 0, stage: "CR", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 5 },
+      { step_index: 1, stage: "LAT", input_hash: DUMMY_HASH, output_hash: null, verdict: "fail", error: "CR hash mismatch", elapsed_ms: 3 },
+      { step_index: 2, stage: "EGP", input_hash: DUMMY_HASH, output_hash: null, verdict: "skip", error: null, elapsed_ms: 0 },
+      { step_index: 3, stage: "SA", input_hash: DUMMY_HASH, output_hash: null, verdict: "skip", error: null, elapsed_ms: 0 }
+    ],
+    grader_results: [
+      { grader_id: "cr_grader", verdict: "pass", confidence: 1, details: null },
+      { grader_id: "lat_grader", verdict: "fail", confidence: 1, details: "LAT.cr_hash does not match computed CR hash" },
+      { grader_id: "egp_grader", verdict: "pass", confidence: 0, details: "Skipped: LAT failed" },
+      { grader_id: "sa_grader", verdict: "pass", confidence: 0, details: "Skipped: upstream failure" }
+    ],
+    failures: [
+      { step_index: 1, grader_id: "lat_grader", code: "BINDING_MISMATCH", message: "LAT.cr_hash does not match computed CR hash" }
+    ],
+    pass_rate: 0.9,
+    consecutive_pass_rate: 0.9,
+    k: 10
+  },
+  /**
+   * Partial artifact: run crashed mid-flight.
+   */
+  partial_crash: {
+    schema_version: 1,
+    trial_id: "01HZABCDEF1234567890ABCDEH",
+    seed: null,
+    suite: "kernel-invariant",
+    environment: "local",
+    started_at: "2026-02-22T10:02:00.000Z",
+    completed_at: null,
+    duration_ms: null,
+    transcript: [
+      { step_index: 0, stage: "CR", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 5 }
+    ],
+    grader_results: [
+      { grader_id: "cr_grader", verdict: "pass", confidence: 1, details: null }
+    ],
+    failures: [],
+    pass_rate: 0,
+    consecutive_pass_rate: 0,
+    k: 10
+  }
+};
+
+// src/settlement-execute.ts
+import { z as z12 } from "zod";
+var ULID_REGEX2 = /^[0-9A-HJKMNP-TV-Z]{26}$/;
+var UlidSchema = z12.string().regex(ULID_REGEX2, "Expected ULID format");
+var UlidOrUuidSchema = z12.string().min(1);
+var HashVersionSchema = z12.enum(["v1", "v2"]);
+var SettlementModeSchema = z12.enum(["execute", "dry_run"]);
+var NotaryStatusSchema = z12.enum(["skipped", "verified", "failed"]);
+var SettlementExecuteRequestSchema = z12.object({
+  idempotency_key: UlidOrUuidSchema,
+  seed: z12.string().nullable().optional(),
+  hash_version: HashVersionSchema.default("v2"),
+  mode: SettlementModeSchema.default("execute"),
+  flow: z12.object({
+    wallet_id: z12.string().min(1),
+    sku: z12.string().min(1),
+    amount: z12.string().min(1),
+    currency: z12.literal("USD"),
+    metadata: z12.record(z12.unknown()).optional()
+  })
+}).strict();
+var ArtifactsBlockSchema = z12.object({
+  cr: z12.record(z12.unknown()).nullable(),
+  lat: z12.record(z12.unknown()).nullable(),
+  egp: z12.record(z12.unknown()).nullable(),
+  sa: z12.record(z12.unknown()).nullable()
+});
+var HashesBlockSchema = z12.object({
+  cr_hash: Base64urlSha256Schema.nullable(),
+  lat_hash: Base64urlSha256Schema.nullable(),
+  egp_hash: Base64urlSha256Schema.nullable(),
+  sa_hash: Base64urlSha256Schema.nullable()
+});
+var SignatureEnvelopeSchema = z12.object({
+  alg: z12.literal("ed25519"),
+  sig: z12.string().min(1),
+  pub: z12.string().min(1)
+});
+var NotaryBlockSchema = z12.object({
+  status: NotaryStatusSchema,
+  run_notary: z12.object({
+    subject_hash: Base64urlSha256Schema,
+    sig: z12.string().min(1),
+    pub: z12.string().min(1)
+  }).nullable(),
+  graph_notary: z12.object({
+    subject_hash: Base64urlSha256Schema,
+    sig: z12.string().min(1),
+    pub: z12.string().min(1)
+  }).nullable()
+});
+var TimingBlockSchema = z12.object({
+  started_at: z12.string().datetime(),
+  completed_at: z12.string().datetime().nullable(),
+  duration_ms: z12.number().int().nonnegative().nullable()
+});
+var SettlementExecuteSuccessSchema = z12.object({
+  schema_version: z12.literal(1),
+  flow_id: UlidSchema,
+  suite_id: z12.string().min(1),
+  seed: z12.string().nullable(),
+  hash_version: HashVersionSchema,
+  artifacts: ArtifactsBlockSchema.extend({
+    cr: z12.record(z12.unknown()),
+    lat: z12.record(z12.unknown()),
+    egp: z12.record(z12.unknown()),
+    sa: z12.record(z12.unknown())
+  }),
+  hashes: HashesBlockSchema.extend({
+    cr_hash: Base64urlSha256Schema,
+    lat_hash: Base64urlSha256Schema,
+    egp_hash: Base64urlSha256Schema,
+    sa_hash: Base64urlSha256Schema
+  }),
+  signatures: z12.object({
+    settlement: z12.object({
+      cr_sig: SignatureEnvelopeSchema,
+      lat_sig: SignatureEnvelopeSchema,
+      sa_sig: SignatureEnvelopeSchema
+    }),
+    notary: NotaryBlockSchema
+  }),
+  receipt: z12.object({
+    // Kernel receipt IDs currently follow rcpt_ + variable base36/random suffix.
+    receipt_id: z12.string().regex(/^rcpt_/, "Expected kernel receipt ID (rcpt_... format)"),
+    status: z12.enum(["stored", "pending"]),
+    receipt_hash: Base64urlSha256Schema
+  }),
+  run: z12.object({
+    run_id: UlidSchema,
+    final_state_hash: Base64urlSha256Schema,
+    terminal_event_hash: Base64urlSha256Schema,
+    sealed_at: z12.string().datetime()
+  }),
+  timing: TimingBlockSchema.extend({
+    completed_at: z12.string().datetime(),
+    duration_ms: z12.number().int().nonnegative()
+  })
+});
+var SettlementErrorCodeSchema = z12.enum([
+  "INSUFFICIENT_FUNDS",
+  "POLICY_DENIED",
+  "INVARIANT_FAILED",
+  "INVALID_AMOUNT_FORMAT",
+  "INVALID_AMOUNT_NEGATIVE",
+  "INVALID_JSON",
+  "INTERNAL"
+]);
+var SettlementExecuteErrorSchema = z12.object({
+  schema_version: z12.literal(1),
+  flow_id: UlidSchema,
+  suite_id: z12.string().min(1),
+  seed: z12.string().nullable(),
+  hash_version: HashVersionSchema,
+  error: z12.object({
+    code: SettlementErrorCodeSchema,
+    message: z12.string(),
+    details: z12.record(z12.unknown()).optional()
+  }),
+  partial: z12.object({
+    artifacts: ArtifactsBlockSchema,
+    hashes: HashesBlockSchema
+  }),
+  timing: TimingBlockSchema
+});
+var SettlementExecuteResponseSchema = z12.union([
+  SettlementExecuteSuccessSchema,
+  SettlementExecuteErrorSchema
+]);
+function isSettlementExecuteSuccess(response) {
+  return "artifacts" in response && !("error" in response);
+}
+function isSettlementExecuteError(response) {
+  return "error" in response;
+}
+
+// src/srr-v0.ts
+import { z as z13 } from "zod";
+var SRR_TYPE_URI = "https://hlos.ai/schema/SignedRejectionReceiptV0";
+var SRR_VERSION = 0;
+var SRR_REJECTION_DOMAIN = "kernel:k:rejection:v1";
+var SRR_SIGNATURE_ALGORITHM = "Ed25519";
+var SRR_INITIAL_REASON_CODES = [
+  "BUDGET_EXCEEDED",
+  "POLICY_VIOLATION",
+  "SAFETY_GATE_FAILED",
+  "DELEGATION_REVOKED",
+  "SETTLEMENT_TIMEOUT"
+];
+var REASON_CODE_PATTERN = /^[A-Z][A-Z0-9_]{2,63}$/;
+var SignedRejectionReceiptV0Schema = z13.object({
+  "@type": z13.literal(SRR_TYPE_URI),
+  version: z13.literal(SRR_VERSION),
+  receipt_id: z13.string().regex(
+    /^srr_[0-9A-HJKMNP-TV-Z]{26}$/i,
+    "receipt_id must be srr_ + 26-char ULID"
+  ),
+  crossing_id: z13.string().min(1),
+  reason_code: z13.string().regex(REASON_CODE_PATTERN, "reason_code must be UPPER_SNAKE_CASE, 3-64 chars"),
+  reason_message: z13.string().min(1),
+  details: z13.record(z13.unknown()).optional(),
+  commitment_hash: Base64urlSha256Schema.optional(),
+  issuer_id: z13.string().min(1),
+  rejected_at: z13.string().datetime(),
+  issuer_public_key_ref: z13.string().min(1),
+  signature_algorithm: z13.literal(SRR_SIGNATURE_ALGORITHM),
+  signature: Base64urlEd25519SigSchema
+}).strict();
+
+// src/srr-signing.ts
+var textEncoder = new TextEncoder();
+var DOMAIN_BYTES = textEncoder.encode(SRR_REJECTION_DOMAIN);
+var cachedSha256 = null;
+function loadSha256() {
+  if (cachedSha256) return cachedSha256;
+  const moduleApi = typeof process.getBuiltinModule === "function" ? process.getBuiltinModule("module") : __require("module");
+  const createRequire = moduleApi.createRequire;
+  const requireBase = typeof __filename === "string" ? __filename : `${process.cwd()}/package.json`;
+  const _require = createRequire(requireBase);
+  let sha256;
+  try {
+    sha256 = _require("@noble/hashes/sha2.js").sha256;
+  } catch {
+    try {
+      sha256 = _require("@noble/hashes/sha2").sha256;
+    } catch {
+      throw new Error(
+        "SRR signing requires @noble/hashes as a peer dependency. Install it: npm install @noble/hashes"
+      );
+    }
+  }
+  cachedSha256 = sha256;
+  return sha256;
+}
+function computeSrrSigningPayload(unsignedSrr) {
+  const sha256 = loadSha256();
+  const canonical = jcsCanonicalize(unsignedSrr);
+  const digest = sha256(textEncoder.encode(canonical));
+  const payload = new Uint8Array(DOMAIN_BYTES.length + digest.length);
+  payload.set(DOMAIN_BYTES, 0);
+  payload.set(digest, DOMAIN_BYTES.length);
+  return payload;
+}
+function computeSrrDigest(signedSrr) {
+  const sha256 = loadSha256();
+  const canonical = jcsCanonicalize(signedSrr);
+  return bytesToBase64url(sha256(textEncoder.encode(canonical)));
+}
+
+// src/srr-verify.ts
+var cachedVerify = null;
+function loadVerify() {
+  if (cachedVerify) return cachedVerify;
+  const moduleApi = typeof process.getBuiltinModule === "function" ? process.getBuiltinModule("module") : __require("module");
+  const createRequire = moduleApi.createRequire;
+  const requireBase = typeof __filename === "string" ? __filename : `${process.cwd()}/package.json`;
+  const _require = createRequire(requireBase);
+  let ed25519Module;
+  try {
+    ed25519Module = _require("@noble/ed25519");
+  } catch {
+    throw new Error(
+      "SRR verification requires @noble/ed25519 as a peer dependency. Install it: npm install @noble/ed25519"
+    );
+  }
+  if (!ed25519Module.hashes?.sha512) {
+    let sha512Fn;
+    try {
+      const sha2 = _require("@noble/hashes/sha2.js");
+      sha512Fn = (...m) => sha2.sha512(ed25519Module.etc.concatBytes(...m));
+    } catch {
+      try {
+        const sha2 = _require("@noble/hashes/sha2");
+        sha512Fn = (...m) => sha2.sha512(ed25519Module.etc.concatBytes(...m));
+      } catch {
+        throw new Error(
+          "SRR verification requires @noble/hashes as a peer dependency. Install it: npm install @noble/hashes"
+        );
+      }
+    }
+    if (!ed25519Module.hashes) ed25519Module.hashes = {};
+    ed25519Module.hashes.sha512 = sha512Fn;
+  }
+  const verify = ed25519Module.verify;
+  cachedVerify = verify;
+  return verify;
+}
+async function verifyDetachedEd25519(params) {
+  const verify = loadVerify();
+  try {
+    return await verify(params.signature, params.signingPayload, params.publicKey);
+  } catch {
+    return false;
+  }
+}
+async function verifySignedRejectionReceipt(params) {
+  const { srr, publicKey } = params;
+  if (!srr || typeof srr !== "object") {
+    return { valid: false, reason: "SCHEMA_VIOLATION" };
+  }
+  if (srr.signature_algorithm !== SRR_SIGNATURE_ALGORITHM) {
+    return { valid: false, reason: "UNSUPPORTED_ALGORITHM" };
+  }
+  const parseResult = SignedRejectionReceiptV0Schema.safeParse(srr);
+  if (!parseResult.success) {
+    return { valid: false, reason: "SCHEMA_VIOLATION" };
+  }
+  let signingPayload;
+  try {
+    const { signature, ...unsignedFields } = srr;
+    signingPayload = computeSrrSigningPayload(unsignedFields);
+  } catch {
+    return { valid: false, reason: "PAYLOAD_CONSTRUCTION_ERROR" };
+  }
+  let signatureBytes;
+  try {
+    signatureBytes = base64urlToBytes(srr.signature);
+  } catch {
+    return { valid: false, reason: "INVALID_SIGNATURE" };
+  }
+  const valid = await verifyDetachedEd25519({
+    signingPayload,
+    signature: signatureBytes,
+    publicKey
+  });
+  return valid ? { valid: true } : { valid: false, reason: "INVALID_SIGNATURE" };
+}
 export {
+  AAREnvelopeV0Schema,
+  AAREnvelopeV0TypedSchema,
+  AAR_ENVELOPE_TYPE,
+  AAR_ENVELOPE_VERSION,
   AgentListItemSchema,
   AgentPassportStubResponseSchema,
   AgentStatusSchema,
@@ -885,7 +1352,9 @@ export {
   BASE64URL_SHA256_REGEX,
   Base64urlEd25519SigSchema,
   Base64urlSha256Schema,
+  CHAIN_STAGE_ORDER,
   CONTENT_HASH_LENGTH,
+  ChainStageTypeSchema,
   CorrelationIdSchema,
   CredentialSourceSchema,
   CrossingHashInputV0Schema,
@@ -893,8 +1362,18 @@ export {
   CrossingIdSchema,
   CrossingSettledReceiptSchema,
   CrossingSnapshotV0Schema,
+  CustodyReceiptContentSchema,
+  DispatchChainContentSchema,
+  DispatchIdBrand,
+  DispatchIdSchema,
   ERROR_CODE_STATUS,
+  EVAL_GOLDEN_FIXTURES,
+  EconomicGateProofContentSchema,
   ErrorResponseSchema,
+  EvalArtifactSchema,
+  EvalFailureSchema,
+  EvalGraderResultSchema,
+  EvalTranscriptStepSchema,
   FINALITY_GOLDEN_FIXTURES,
   FinalityLevel,
   FundingSourceSchema,
@@ -903,6 +1382,7 @@ export {
   KernelErrorCodeSchema2 as KernelErrorCodeSchema,
   KernelErrorSchema,
   KernelOkSchema,
+  LiabilityAttestationContentSchema,
   LogInclusionProofSchema,
   NA_ID_PREFIX,
   NotarizeResponseSchema,
@@ -913,6 +1393,7 @@ export {
   PassportIdFormatSchema,
   PassportIdSchema,
   ProviderRoleSchema,
+  REASON_CODE_PATTERN,
   RECEIPT_HASH_GOLDEN_FIXTURE,
   RECEIPT_TYPE_URI,
   RECEIPT_VERSION,
@@ -924,9 +1405,20 @@ export {
   RotationEpochSchema,
   SETTLEMENT_AUTHORITY,
   SIGNATURE_LENGTH,
+  SRR_INITIAL_REASON_CODES,
+  SRR_REJECTION_DOMAIN,
+  SRR_SIGNATURE_ALGORITHM,
+  SRR_TYPE_URI,
+  SRR_VERSION,
   SURFACES,
+  SettlementAnchorContentSchema,
+  SettlementExecuteErrorSchema,
+  SettlementExecuteRequestSchema,
+  SettlementExecuteResponseSchema,
+  SettlementExecuteSuccessSchema,
   SignedReceiptV0LooseSchema,
   SignedReceiptV0Schema,
+  SignedRejectionReceiptV0Schema,
   StackConnectionSchema,
   StackProviderSchema,
   StackSchema,
@@ -939,14 +1431,19 @@ export {
   W_TXCTX_DOMAIN,
   WalletIdFormatSchema,
   WalletIdSchema,
+  assertRootHash,
+  assertValidChainLink,
   base64urlToBytes,
   bytesToBase64url,
   computeContentHash,
   computeReceiptHash,
+  computeSrrDigest,
+  computeSrrSigningPayload,
   deriveFundingSource,
   encodeEpoch,
   error,
   generateCrossingId,
+  generateDispatchId,
   generateId,
   generatePassportId,
   generateReceiptId,
@@ -955,11 +1452,16 @@ export {
   isCrossingSettledReceipt,
   isNotaryAttestation,
   isNotaryRequest,
+  isSettlementExecuteError,
+  isSettlementExecuteSuccess,
   isSignedReceiptV0,
   jcsCanonicalize,
   kernelError,
   kernelOk,
   success,
-  validateTimeWindow
+  validateTimeWindow,
+  verifyAAR,
+  verifyDetachedEd25519,
+  verifySignedRejectionReceipt
 };
 //# sourceMappingURL=index.js.map