npm - @hlos-ai/schemas - Versions diffs - 0.4.2 → 0.7.1 - Mend

@hlos-ai/schemas 0.4.2 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/README.md +1 -1
package/dist/{chunk-RQP6MVT3.js → chunk-ADIQW3HO.js} +8 -10
package/dist/chunk-ADIQW3HO.js.map +1 -0
package/dist/chunk-DGUM43GV.js +11 -0
package/dist/chunk-DGUM43GV.js.map +1 -0
package/dist/chunk-I4QGTJTP.js +156 -0
package/dist/chunk-I4QGTJTP.js.map +1 -0
package/dist/ids.cjs +9 -0
package/dist/ids.cjs.map +1 -1
package/dist/ids.d.cts +12 -1
package/dist/ids.d.ts +12 -1
package/dist/ids.js +8 -1
package/dist/index.cjs +1129 -297
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +2531 -253
package/dist/index.d.ts +2531 -253
package/dist/index.js +941 -290
package/dist/index.js.map +1 -1
package/dist/receipt-hash-B3OwdB1v.d.ts +258 -0
package/dist/receipt-hash-Ci5oN12T.d.cts +258 -0
package/dist/receipt-hash.cjs +167 -0
package/dist/receipt-hash.cjs.map +1 -0
package/dist/receipt-hash.d.cts +3 -0
package/dist/receipt-hash.d.ts +3 -0
package/dist/receipt-hash.js +16 -0
package/dist/receipt-hash.js.map +1 -0
package/package.json +11 -6
package/dist/chunk-RQP6MVT3.js.map +0 -1

package/dist/index.js CHANGED Viewed

@@ -1,21 +1,96 @@
 import {
   CorrelationIdSchema,
   CrossingIdSchema,
+  DispatchIdBrand,
+  DispatchIdSchema,
   IdempotencyKeySchema,
   PassportIdSchema,
   ReceiptIdSchema,
   WalletIdSchema,
-  __require,
   generateCrossingId,
+  generateDispatchId,
   generateId,
   generatePassportId,
   generateReceiptId,
   generateWalletId
-} from "./chunk-RQP6MVT3.js";
+} from "./chunk-ADIQW3HO.js";
+import {
+  BASE64URL_SHA256_REGEX,
+  Base64urlEd25519SigSchema,
+  Base64urlSha256Schema,
+  RECEIPT_HASH_GOLDEN_FIXTURE,
+  ReceiptHashSchema,
+  base64urlToBytes,
+  bytesToBase64url,
+  computeContentHash,
+  computeReceiptHash,
+  jcsCanonicalize
+} from "./chunk-I4QGTJTP.js";
+import {
+  __require
+} from "./chunk-DGUM43GV.js";
-// src/surface.ts
+// src/aar-envelope-v0.ts
 import { z } from "zod";
-var SurfaceSchema = z.enum([
+var AAR_ENVELOPE_TYPE = "https://hlos.ai/schema/AAREnvelopeV0";
+var AAR_ENVELOPE_VERSION = 0;
+var AAREnvelopeV0Schema = z.object({
+  "@type": z.literal(AAR_ENVELOPE_TYPE),
+  version: z.literal(AAR_ENVELOPE_VERSION),
+  content_type: z.string().min(1),
+  content_hash: Base64urlSha256Schema,
+  inner: z.unknown(),
+  signer_id: z.string().min(1),
+  signature: Base64urlEd25519SigSchema,
+  issued_at: z.string().datetime(),
+  previous_aar_hash: z.string().min(1)
+});
+var AAREnvelopeV0TypedSchema = (contentType, innerSchema) => AAREnvelopeV0Schema.extend({
+  content_type: z.literal(contentType),
+  inner: innerSchema
+});
+// src/verify-aar.ts
+function toBuffer(bytes) {
+  const ab = new ArrayBuffer(bytes.byteLength);
+  new Uint8Array(ab).set(bytes);
+  return ab;
+}
+async function importPublicKey(publicKey) {
+  if (typeof CryptoKey !== "undefined" && publicKey instanceof CryptoKey) {
+    return publicKey;
+  }
+  const raw = publicKey;
+  return crypto.subtle.importKey(
+    "raw",
+    toBuffer(raw),
+    "Ed25519",
+    false,
+    ["verify"]
+  );
+}
+async function verifyAAR(envelope, publicKey) {
+  const parsed = AAREnvelopeV0Schema.parse(envelope);
+  const contentHash = computeContentHash(parsed.inner);
+  if (contentHash !== parsed.content_hash) {
+    throw new Error("AAR content hash mismatch");
+  }
+  const key = await importPublicKey(publicKey);
+  const verified = await crypto.subtle.verify(
+    "Ed25519",
+    key,
+    toBuffer(base64urlToBytes(parsed.signature)),
+    toBuffer(base64urlToBytes(parsed.content_hash))
+  );
+  if (!verified) {
+    throw new Error(`AAR signature verification failed for signer ${parsed.signer_id}`);
+  }
+  return parsed;
+}
+// src/surface.ts
+import { z as z2 } from "zod";
+var SurfaceSchema = z2.enum([
   "mcp",
   // Model Context Protocol servers
   "x402",
@@ -34,11 +109,11 @@ var SurfaceSchema = z.enum([
 var SURFACES = SurfaceSchema.options;
 // src/response.ts
-import { z as z3 } from "zod";
+import { z as z4 } from "zod";
 // src/error-codes.ts
-import { z as z2 } from "zod";
-var KernelErrorCodeSchema = z2.enum([
+import { z as z3 } from "zod";
+var KernelErrorCodeSchema = z3.enum([
   // 4xx Client Errors
   "INVALID_REQUEST",
   // 400 - Malformed request body
@@ -87,49 +162,49 @@ function error(code, message, correlationId, details) {
     }
   };
 }
-var SuccessResponseSchema = (dataSchema) => z3.object({
-  success: z3.literal(true),
+var SuccessResponseSchema = (dataSchema) => z4.object({
+  success: z4.literal(true),
   data: dataSchema,
-  meta: z3.object({
-    request_id: z3.string().optional(),
-    correlation_id: z3.string()
+  meta: z4.object({
+    request_id: z4.string().optional(),
+    correlation_id: z4.string()
   }).optional()
 });
-var ErrorResponseSchema = z3.object({
-  success: z3.literal(false),
-  error: z3.object({
+var ErrorResponseSchema = z4.object({
+  success: z4.literal(false),
+  error: z4.object({
     code: KernelErrorCodeSchema,
-    message: z3.string(),
-    details: z3.unknown().optional(),
-    correlation_id: z3.string()
+    message: z4.string(),
+    details: z4.unknown().optional(),
+    correlation_id: z4.string()
   })
 });
 // src/receipt-v0.ts
-import { z as z4 } from "zod";
+import { z as z5 } from "zod";
 var RECEIPT_TYPE_URI = "https://hlos.ai/schema/SignedReceiptV0";
 var RECEIPT_VERSION = 0;
 var CONTENT_HASH_LENGTH = 43;
 var SIGNATURE_LENGTH = 86;
-var SignedReceiptV0Schema = (contentSchema) => z4.object({
-  "@type": z4.literal(RECEIPT_TYPE_URI),
-  version: z4.literal(RECEIPT_VERSION),
-  receipt_id: z4.string(),
+var SignedReceiptV0Schema = (contentSchema) => z5.object({
+  "@type": z5.literal(RECEIPT_TYPE_URI),
+  version: z5.literal(RECEIPT_VERSION),
+  receipt_id: z5.string(),
   content: contentSchema,
   // SHA-256 digest (32 bytes) = exactly 43 chars base64url
-  content_hash: z4.string().regex(
+  content_hash: z5.string().regex(
     /^[A-Za-z0-9_-]{43}$/,
     "content_hash must be 43-char base64url (32-byte SHA-256)"
   ),
   // Ed25519 signature (64 bytes) = exactly 86 chars base64url
-  signature: z4.string().regex(
+  signature: z5.string().regex(
     /^[A-Za-z0-9_-]{86}$/,
     "signature must be 86-char base64url (64-byte Ed25519)"
   ),
-  key_id: z4.string().min(1),
-  issued_at: z4.string().datetime()
+  key_id: z5.string().min(1),
+  issued_at: z5.string().datetime()
 });
-var SignedReceiptV0LooseSchema = SignedReceiptV0Schema(z4.unknown());
+var SignedReceiptV0LooseSchema = SignedReceiptV0Schema(z5.unknown());
 function isSignedReceiptV0(value) {
   if (typeof value !== "object" || value === null) return false;
   const obj = value;
@@ -137,8 +212,8 @@ function isSignedReceiptV0(value) {
 }
 // src/shared-contract.ts
-import { z as z5 } from "zod";
-var KernelErrorCodeSchema2 = z5.enum([
+import { z as z6 } from "zod";
+var KernelErrorCodeSchema2 = z6.enum([
   // Validation / Request errors
   "VALIDATION_ERROR",
   // 400 - Input validation failed
@@ -200,30 +275,30 @@ var ERROR_CODE_STATUS = {
   INTERNAL_ERROR: 500,
   SERVICE_UNAVAILABLE: 503
 };
-var KernelOkSchema = (dataSchema) => z5.object({
-  ok: z5.literal(true),
-  status: z5.union([
-    z5.number().int().min(200).max(299),
-    z5.literal(304)
+var KernelOkSchema = (dataSchema) => z6.object({
+  ok: z6.literal(true),
+  status: z6.union([
+    z6.number().int().min(200).max(299),
+    z6.literal(304)
   ]),
   data: dataSchema
 });
-var KernelErrorSchema = z5.object({
-  ok: z5.literal(false),
-  status: z5.number().int().min(400).max(599),
-  error: z5.object({
+var KernelErrorSchema = z6.object({
+  ok: z6.literal(false),
+  status: z6.number().int().min(400).max(599),
+  error: z6.object({
     code: KernelErrorCodeSchema2,
     // P0 FIX: was z.string()
-    message: z5.string(),
-    details: z5.record(z5.unknown()).optional()
+    message: z6.string(),
+    details: z6.record(z6.unknown()).optional()
   })
 });
-var CrossingIdFormatSchema = z5.string().regex(/^cross_[a-z0-9]{20,}$/i, "Invalid CrossingId format (expected: cross_...)");
-var ReceiptIdFormatSchema = z5.string().regex(/^rcpt_[0-9A-HJKMNP-TV-Z]{26}$/i, "Invalid ReceiptId format (expected: rcpt_...)");
-var PassportIdFormatSchema = z5.string().regex(/^passport_[a-z0-9]{20,}$/i, "Invalid PassportId format (expected: passport_...)");
-var WalletIdFormatSchema = z5.string().regex(/^wallet_[a-z0-9]{20,}$/i, "Invalid WalletId format (expected: wallet_...)");
-var FundingSourceSchema = z5.enum(["SPONSOR", "PLATFORM", "USER"]);
-var CredentialSourceSchema = z5.enum([
+var CrossingIdFormatSchema = z6.string().regex(/^cross_[a-z0-9]{20,}$/i, "Invalid CrossingId format (expected: cross_...)");
+var ReceiptIdFormatSchema = z6.string().regex(/^rcpt_[0-9A-HJKMNP-TV-Z]{26}$/i, "Invalid ReceiptId format (expected: rcpt_...)");
+var PassportIdFormatSchema = z6.string().regex(/^passport_[a-z0-9]{20,}$/i, "Invalid PassportId format (expected: passport_...)");
+var WalletIdFormatSchema = z6.string().regex(/^wallet_[a-z0-9]{20,}$/i, "Invalid WalletId format (expected: wallet_...)");
+var FundingSourceSchema = z6.enum(["SPONSOR", "PLATFORM", "USER"]);
+var CredentialSourceSchema = z6.enum([
   "SPONSOR_KEY",
   // Sponsor-provisioned key
   "BYOK",
@@ -241,46 +316,46 @@ function deriveFundingSource(credentialSource) {
       return "PLATFORM";
   }
 }
-var CrossingSnapshotV0Schema = z5.object({
+var CrossingSnapshotV0Schema = z6.object({
   crossingId: CrossingIdFormatSchema,
-  capabilityId: z5.string(),
+  capabilityId: z6.string(),
   passportId: PassportIdFormatSchema,
   // Scoping
-  event_id: z5.string().nullable(),
-  access_window_id: z5.string().nullable(),
-  access_grant_id: z5.string().nullable(),
+  event_id: z6.string().nullable(),
+  access_window_id: z6.string().nullable(),
+  access_grant_id: z6.string().nullable(),
   // Attribution
-  attribution_org_id: z5.string().nullable(),
+  attribution_org_id: z6.string().nullable(),
   funding_source: FundingSourceSchema.nullable(),
   credential_source: CredentialSourceSchema
 });
-var CrossingHashInputV0Schema = z5.object({
-  v: z5.literal(0),
+var CrossingHashInputV0Schema = z6.object({
+  v: z6.literal(0),
   snapshot: CrossingSnapshotV0Schema,
   attested_receipt_id: ReceiptIdFormatSchema
 });
 var SETTLEMENT_AUTHORITY = "hlos.ai";
-var CrossingSettledReceiptSchema = z5.object({
-  type: z5.literal("CrossingSettled"),
+var CrossingSettledReceiptSchema = z6.object({
+  type: z6.literal("CrossingSettled"),
   crossingId: CrossingIdFormatSchema,
   // Scoping (powers adoption + ROI views)
-  event_id: z5.string().nullable(),
-  access_window_id: z5.string().nullable(),
-  access_grant_id: z5.string().nullable(),
+  event_id: z6.string().nullable(),
+  access_window_id: z6.string().nullable(),
+  access_grant_id: z6.string().nullable(),
   // Attribution
-  attribution_org_id: z5.string().nullable(),
+  attribution_org_id: z6.string().nullable(),
   funding_source: FundingSourceSchema.nullable(),
   credential_source: CredentialSourceSchema,
   // Authority (LITERAL)
-  settlement_authority: z5.literal(SETTLEMENT_AUTHORITY),
+  settlement_authority: z6.literal(SETTLEMENT_AUTHORITY),
   // Binding
-  crossing_hash: z5.string(),
+  crossing_hash: z6.string(),
   // sha256 base64url of CrossingHashInputV0
-  attested_receipt_id: z5.string(),
+  attested_receipt_id: z6.string(),
   // Timestamp
-  settled_at: z5.string().datetime()
+  settled_at: z6.string().datetime()
 });
-var AvailabilityTypeSchema = z5.enum([
+var AvailabilityTypeSchema = z6.enum([
   "EVENT_SPONSOR",
   // Sponsor-funded for specific event
   "EVERGREEN",
@@ -288,7 +363,7 @@ var AvailabilityTypeSchema = z5.enum([
   "CATALOG"
   // User-paid from catalog
 ]);
-var ProviderRoleSchema = z5.enum([
+var ProviderRoleSchema = z6.enum([
   "AI",
   // AI/LLM providers (Gemini, GPT, Claude)
   "DATABASE",
@@ -308,35 +383,35 @@ var ProviderRoleSchema = z5.enum([
   "OTHER"
   // Catch-all for new categories
 ]);
-var StackProviderSchema = z5.object({
-  provider_id: z5.string(),
+var StackProviderSchema = z6.object({
+  provider_id: z6.string(),
   role: ProviderRoleSchema,
   // P1: Now a constrained enum
-  display_name: z5.string(),
-  budget_allocation: z5.number().nonnegative(),
-  sku_ids: z5.array(z5.string()),
+  display_name: z6.string(),
+  budget_allocation: z6.number().nonnegative(),
+  sku_ids: z6.array(z6.string()),
   availability_type: AvailabilityTypeSchema
 });
-var StackSchema = z5.object({
-  id: z5.string(),
-  slug: z5.string(),
-  name: z5.string(),
-  tagline: z5.string(),
-  icon: z5.string(),
-  providers: z5.array(StackProviderSchema),
-  github_template: z5.string().nullable(),
-  total_budget: z5.number().nonnegative(),
-  event_id: z5.string().nullable()
+var StackSchema = z6.object({
+  id: z6.string(),
+  slug: z6.string(),
+  name: z6.string(),
+  tagline: z6.string(),
+  icon: z6.string(),
+  providers: z6.array(StackProviderSchema),
+  github_template: z6.string().nullable(),
+  total_budget: z6.number().nonnegative(),
+  event_id: z6.string().nullable()
   // null = evergreen
 });
-var StackConnectionSchema = z5.object({
-  id: z5.string(),
-  stack_id: z5.string(),
-  passport_id: z5.string(),
-  team_id: z5.string().nullable(),
-  environment_id: z5.string(),
-  connected_at: z5.string().datetime(),
-  connected_providers: z5.array(z5.string())
+var StackConnectionSchema = z6.object({
+  id: z6.string(),
+  stack_id: z6.string(),
+  passport_id: z6.string(),
+  team_id: z6.string().nullable(),
+  environment_id: z6.string(),
+  connected_at: z6.string().datetime(),
+  connected_providers: z6.array(z6.string())
 });
 function kernelOk(data, status = 200) {
   return { ok: true, status, data };
@@ -405,7 +480,7 @@ function isCrossingSettledReceipt(value) {
 }
 // src/w.ts
-import { z as z6 } from "zod";
+import { z as z7 } from "zod";
 var W_RPID_DOMAIN = new TextEncoder().encode("W:RPID:v1");
 var W_TXCTX_DOMAIN = new TextEncoder().encode("W:TXCTX:v1");
 var RFC3339_CAPTURING = /^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})(\.(\d{1,9}))?(Z|([+-])(\d{2}):(\d{2}))$/;
@@ -483,36 +558,36 @@ function encodeEpoch(epoch) {
   view.setBigUint64(0, BigInt(ms), false);
   return new Uint8Array(buf);
 }
-var RelyingPartyIdSchema = z6.object({
+var RelyingPartyIdSchema = z7.object({
   /** RP domain (e.g., "merchant.example.com") */
-  domain: z6.string().min(1).max(253),
+  domain: z7.string().min(1).max(253),
   /** Audience URI (e.g., "https://merchant.example.com/verify") */
-  audience_uri: z6.string().url(),
+  audience_uri: z7.string().url(),
   /** SHA-256 hash of verifier's public key (hex, 64 chars) */
-  verifier_key_hash: z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex")
+  verifier_key_hash: z7.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex")
 });
-var RotationEpochSchema = z6.union([
-  z6.number().int().nonnegative(),
-  z6.string().datetime({ offset: true })
+var RotationEpochSchema = z7.union([
+  z7.number().int().nonnegative(),
+  z7.string().datetime({ offset: true })
   // Requires timezone offset (RFC3339)
 ]);
-var RPIDSchema = z6.string().length(43, "RPID must be base64url-encoded 32 bytes (43 chars, no padding)").regex(/^[A-Za-z0-9_-]+$/, "Must be base64url (no padding)");
-var TransactionContextSchema = z6.object({
+var RPIDSchema = z7.string().length(43, "RPID must be base64url-encoded 32 bytes (43 chars, no padding)").regex(/^[A-Za-z0-9_-]+$/, "Must be base64url (no padding)");
+var TransactionContextSchema = z7.object({
   // Required core (stable)
   relying_party_id: RelyingPartyIdSchema,
   /** sha256(JCS({ intent, request })) — see computeOperationHash() */
-  operation_hash: z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex"),
+  operation_hash: z7.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex"),
   /** Validity start (RFC3339) */
-  not_before: z6.string().datetime({ offset: true }),
+  not_before: z7.string().datetime({ offset: true }),
   /** Validity end (RFC3339) */
-  not_after: z6.string().datetime({ offset: true }),
+  not_after: z7.string().datetime({ offset: true }),
   // Optional (part of hash, must be consistent)
-  amount: z6.number().nonnegative().optional(),
-  currency: z6.string().length(3).optional(),
-  surface_id: z6.string().optional(),
-  channel_id: z6.string().optional()
+  amount: z7.number().nonnegative().optional(),
+  currency: z7.string().length(3).optional(),
+  surface_id: z7.string().optional(),
+  channel_id: z7.string().optional()
 });
-var TransactionContextHashSchema = z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex");
+var TransactionContextHashSchema = z7.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex");
 var W_GOLDEN_FIXTURES = {
   /**
    * encodeEpoch(1706486400000) = 2024-01-29T00:00:00.000Z
@@ -568,235 +643,199 @@ function validateTimeWindow(context) {
 }
 // src/agents.ts
-import { z as z7 } from "zod";
-var AgentStatusSchema = z7.enum(["ACTIVE", "PENDING", "SUSPENDED", "REVOKED"]).or(z7.string().min(1));
-var AgentTypeSchema = z7.enum(["CUSTOM", "CLAUDE", "GPT", "GEMINI", "CURSOR", "COPILOT", "OTHER"]).or(z7.string().min(1));
-var AgentListItemSchema = z7.object({
-  id: z7.string().min(1),
-  external_id: z7.string().min(1),
-  name: z7.string().min(1),
+import { z as z8 } from "zod";
+var AgentStatusSchema = z8.enum(["ACTIVE", "PENDING", "SUSPENDED", "REVOKED"]).or(z8.string().min(1));
+var AgentTypeSchema = z8.enum(["CUSTOM", "CLAUDE", "GPT", "GEMINI", "CURSOR", "COPILOT", "OTHER"]).or(z8.string().min(1));
+var AgentListItemSchema = z8.object({
+  id: z8.string().min(1),
+  external_id: z8.string().min(1),
+  name: z8.string().min(1),
   status: AgentStatusSchema,
   agent_type: AgentTypeSchema,
-  trust_score: z7.number().int().min(0).max(1e3),
-  hosting_model: z7.null(),
-  declared_tier: z7.null(),
-  created_at: z7.string().datetime()
+  trust_score: z8.number().int().min(0).max(1e3),
+  hosting_model: z8.null(),
+  declared_tier: z8.null(),
+  created_at: z8.string().datetime()
 }).passthrough();
-var AgentsListResponseSchema = z7.object({
-  agents: z7.array(AgentListItemSchema),
-  _meta: z7.object({
-    source: z7.literal("hlos")
+var AgentsListResponseSchema = z8.object({
+  agents: z8.array(AgentListItemSchema),
+  _meta: z8.object({
+    source: z8.literal("hlos")
   })
 }).passthrough();
-var AgentPassportStubResponseSchema = z7.object({
-  passport_id: z7.null(),
-  agent_id: z7.string().min(1),
-  hosting_model: z7.null(),
-  declared_tier: z7.null(),
-  effective_tier: z7.null(),
-  finality_level: z7.null(),
-  graph: z7.object({
-    incoming_edges: z7.null(),
-    outgoing_edges: z7.null(),
-    active_visas: z7.null()
+var AgentPassportStubResponseSchema = z8.object({
+  passport_id: z8.null(),
+  agent_id: z8.string().min(1),
+  hosting_model: z8.null(),
+  declared_tier: z8.null(),
+  effective_tier: z8.null(),
+  finality_level: z8.null(),
+  graph: z8.object({
+    incoming_edges: z8.null(),
+    outgoing_edges: z8.null(),
+    active_visas: z8.null()
   }).passthrough(),
-  links: z7.object({
-    passport_url: z7.string().startsWith("/agent-passport/agents/"),
-    docs_url: z7.literal("/agents/passport")
+  links: z8.object({
+    passport_url: z8.string().startsWith("/agent-passport/agents/"),
+    docs_url: z8.literal("/agents/passport")
   }).passthrough(),
-  _meta: z7.object({
-    source: z7.literal("stub")
+  _meta: z8.object({
+    source: z8.literal("stub")
   })
 }).passthrough();
-// src/encoding.ts
-import { z as z8 } from "zod";
-function bytesToBase64url(bytes) {
-  let binary = "";
-  for (let i = 0; i < bytes.length; i++) {
-    binary += String.fromCharCode(bytes[i]);
-  }
-  const base64 = btoa(binary);
-  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}
-function base64urlToBytes(str) {
-  const base64 = str.replace(/-/g, "+").replace(/_/g, "/");
-  const padded = base64 + "=".repeat((4 - base64.length % 4) % 4);
-  const binary = atob(padded);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
-  }
-  return bytes;
-}
-var BASE64URL_SHA256_REGEX = /^[A-Za-z0-9_-]{43}$/;
-var Base64urlSha256Schema = z8.string().regex(
-  BASE64URL_SHA256_REGEX,
-  "Must be 43-char base64url (32-byte SHA-256 digest)"
+// src/dispatch-chain.ts
+import { z as z9 } from "zod";
+var CHAIN_STAGE_ORDER = ["CR", "LAT", "EGP", "SA"];
+var ChainStageTypeSchema = z9.enum(CHAIN_STAGE_ORDER);
+var ReceiptHashRefSchema = Base64urlSha256Schema.describe(
+  "receipt_hash: base64url(SHA-256(JCS(entire_receipt_envelope)))"
 );
-var Base64urlEd25519SigSchema = z8.string().regex(
-  /^[A-Za-z0-9_-]{86}$/,
-  "Must be 86-char base64url (64-byte Ed25519 signature)"
+var ContentHashRefSchema = Base64urlSha256Schema.describe(
+  "content_hash reference: base64url(SHA-256(JCS(content_field_only)))"
 );
-// src/receipt-hash.ts
-var cachedSha256 = null;
-function sortKeysDeep(value) {
-  if (Array.isArray(value)) return value.map(sortKeysDeep);
-  if (value !== null && typeof value === "object") {
-    const obj = value;
-    const out = {};
-    for (const key of Object.keys(obj).sort()) {
-      out[key] = sortKeysDeep(obj[key]);
-    }
-    return out;
+var CustodyReceiptContentSchema = z9.object({
+  type: z9.literal("CustodyReceipt"),
+  stage_type: z9.literal("CR"),
+  stage_version: z9.literal(0),
+  stage_index: z9.literal(0),
+  dispatch_id: DispatchIdSchema,
+  previous_receipt_hash: z9.null(),
+  // CR-specific
+  actor_passport_id: z9.string().min(1),
+  surface: z9.string().min(1),
+  task_scope: z9.string().min(1),
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY)
+}).strict();
+var LiabilityAttestationContentSchema = z9.object({
+  type: z9.literal("LiabilityAttestation"),
+  stage_type: z9.literal("LAT"),
+  stage_version: z9.literal(0),
+  stage_index: z9.literal(1),
+  dispatch_id: DispatchIdSchema,
+  previous_receipt_hash: ReceiptHashRefSchema,
+  chain_root_content_hash: ContentHashRefSchema,
+  // LAT-specific
+  policy_snapshot_hash: Base64urlSha256Schema,
+  capabilities_granted: z9.array(z9.string().min(1)).min(1),
+  authorization_scope: z9.string().min(1),
+  /** Receipt issuer authority (HLOS issues all chain artifacts). */
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY)
+}).strict();
+var EconomicGateProofContentSchema = z9.object({
+  type: z9.literal("EconomicGateProof"),
+  stage_type: z9.literal("EGP"),
+  stage_version: z9.literal(0),
+  stage_index: z9.literal(2),
+  dispatch_id: DispatchIdSchema,
+  previous_receipt_hash: ReceiptHashRefSchema,
+  chain_root_content_hash: ContentHashRefSchema,
+  // EGP-specific
+  wallet_id: z9.string().min(1),
+  hold_id: z9.string().min(1).optional(),
+  amount_mills: z9.number().int().nonnegative(),
+  currency: z9.literal("USD"),
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY)
+}).strict();
+var SettlementAnchorContentSchema = z9.object({
+  type: z9.literal("SettlementAnchor"),
+  stage_type: z9.literal("SA"),
+  stage_version: z9.literal(0),
+  stage_index: z9.literal(3),
+  dispatch_id: DispatchIdSchema,
+  previous_receipt_hash: ReceiptHashRefSchema,
+  chain_root_content_hash: ContentHashRefSchema,
+  // SA-specific
+  settlement_receipt_hash: ReceiptHashRefSchema,
+  crossing_id: z9.string().optional(),
+  final_amount_mills: z9.number().int().nonnegative(),
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY)
+}).strict();
+var DispatchChainContentSchema = z9.discriminatedUnion("type", [
+  CustodyReceiptContentSchema,
+  LiabilityAttestationContentSchema,
+  EconomicGateProofContentSchema,
+  SettlementAnchorContentSchema
+]);
+function assertValidChainLink(expectedPreviousHash, actualPreviousHash, stageType) {
+  if (expectedPreviousHash !== actualPreviousHash) {
+    throw new Error(
+      `Chain link broken at ${stageType}: expected previous_receipt_hash=${expectedPreviousHash}, got=${actualPreviousHash}`
+    );
   }
-  return value;
 }
-function jcsCanonicalize(value) {
-  return JSON.stringify(sortKeysDeep(value), (_key, v) => {
-    if (v === void 0) throw new Error("JCS: undefined is not allowed");
-    if (typeof v === "function") throw new Error("JCS: function is not allowed");
-    if (typeof v === "symbol") throw new Error("JCS: symbol is not allowed");
-    if (typeof v === "bigint") throw new Error("JCS: bigint is not allowed");
-    if (typeof v === "number" && !Number.isFinite(v))
-      throw new Error("JCS: non-finite number is not allowed");
-    return v;
-  });
-}
-function computeReceiptHash(receipt) {
-  const sha256 = loadSha256();
-  const canonical = jcsCanonicalize(receipt);
-  const digest = sha256(new TextEncoder().encode(canonical));
-  return bytesToBase64url(digest);
-}
-function computeContentHash(content) {
-  const sha256 = loadSha256();
-  const canonical = jcsCanonicalize(content);
-  const digest = sha256(new TextEncoder().encode(canonical));
-  return bytesToBase64url(digest);
-}
-function loadSha256() {
-  if (cachedSha256) return cachedSha256;
-  let _require;
-  try {
-    const { createRequire } = __require("module");
-    _require = createRequire(import.meta.url);
-  } catch {
-    _require = __require;
-  }
-  let sha256;
-  try {
-    sha256 = _require("@noble/hashes/sha2.js").sha256;
-  } catch {
-    try {
-      sha256 = _require("@noble/hashes/sha2").sha256;
-    } catch {
-      throw new Error(
-        "computeReceiptHash/computeContentHash requires @noble/hashes as a peer dependency. Install it: npm install @noble/hashes"
-      );
-    }
+function assertRootHash(actualRootHash, expectedRootHash, stageType) {
+  if (actualRootHash !== expectedRootHash) {
+    throw new Error(
+      `Chain root mismatch at ${stageType}: expected chain_root_content_hash=${expectedRootHash}, got=${actualRootHash}`
+    );
   }
-  cachedSha256 = sha256;
-  return sha256;
 }
-var ReceiptHashSchema = Base64urlSha256Schema.describe(
-  "receipt_hash: base64url(SHA-256(JCS(receipt)))"
-);
-var RECEIPT_HASH_GOLDEN_FIXTURE = {
-  receipt: {
-    "@type": "https://hlos.ai/schema/SignedReceiptV0",
-    version: 0,
-    receipt_id: "rcpt_01HZGOLDENTEST000000000000",
-    content: {
-      type: "CrossingSettled",
-      crossingId: "cross_test123abc456def789ghi",
-      settlement_authority: "hlos.ai"
-    },
-    // Placeholder bytes (NOT a valid cryptographic signature)
-    content_hash: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
-    signature: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
-    key_id: "hlos-v2-1",
-    issued_at: "2026-01-27T00:00:00.000Z"
-  },
-  /**
-   * Expected JCS canonical form of the receipt.
-   * Keys are lexicographically sorted at all levels.
-   */
-  expectedJcs: '{"@type":"https://hlos.ai/schema/SignedReceiptV0","content":{"crossingId":"cross_test123abc456def789ghi","settlement_authority":"hlos.ai","type":"CrossingSettled"},"content_hash":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA","issued_at":"2026-01-27T00:00:00.000Z","key_id":"hlos-v2-1","receipt_id":"rcpt_01HZGOLDENTEST000000000000","signature":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA","version":0}',
-  /**
-   * Expected receipt_hash (FROZEN).
-   * Compute: JCS canonicalize receipt → SHA-256 → base64url (no padding)
-   *
-   * DO NOT CHANGE unless the receipt fixture above changes.
-   */
-  expectedReceiptHash: "uLiQVUeVKcE35Rdje2fArZQfTcECDgwK6UbmQB_36Pg"
-};
 // src/finality.ts
-import { z as z9 } from "zod";
+import { z as z10 } from "zod";
 var NA_ID_PREFIX = "na_";
 var FinalityLevel = {
   SOFT: "SOFT",
   HARD: "HARD"
 };
-var NotaryAttestationIdFormatSchema = z9.string().regex(
+var NotaryAttestationIdFormatSchema = z10.string().regex(
   /^na_[a-zA-Z0-9]{20,}$/,
   "NA ID must match na_[a-zA-Z0-9]{20,}"
 );
-var LogInclusionProofSchema = z9.object({
+var LogInclusionProofSchema = z10.object({
   /** Merkle root hash (base64url SHA-256) */
   root: Base64urlSha256Schema,
   /** Sibling hashes along the path (base64url SHA-256 each) */
-  proof: z9.array(Base64urlSha256Schema),
+  proof: z10.array(Base64urlSha256Schema),
   /** Leaf index in the log */
-  index: z9.number().int().nonnegative()
+  index: z10.number().int().nonnegative()
 });
-var NotaryAttestationSchema = z9.object({
+var NotaryAttestationSchema = z10.object({
   // --- Required ---
   /** Unique NA identifier */
   na_id: NotaryAttestationIdFormatSchema,
   /** The receipt_hash this NA attests to */
   receipt_hash: Base64urlSha256Schema,
   /** Notary service identifier (e.g. "staampid") */
-  notary_id: z9.string().min(1),
+  notary_id: z10.string().min(1),
   /** ISO 8601 timestamp when NA was issued */
-  issued_at: z9.string().datetime(),
+  issued_at: z10.string().datetime(),
   /** Notary's countersignature (base64url encoded) */
-  signature: z9.string().min(1),
+  signature: z10.string().min(1),
   /** Signature algorithm (e.g. "EdDSA") */
-  signature_alg: z9.string().min(1),
+  signature_alg: z10.string().min(1),
   // --- Optional (future-proof) ---
   /** Receipt type being attested */
-  receipt_type: z9.string().optional(),
+  receipt_type: z10.string().optional(),
   /** Receipt version being attested */
-  receipt_version: z9.number().int().nonnegative().optional(),
+  receipt_version: z10.number().int().nonnegative().optional(),
   /** Settlement authority that issued the receipt (cross-check) */
-  settlement_authority: z9.string().optional(),
+  settlement_authority: z10.string().optional(),
   /** TTL in seconds for this attestation */
-  validity_window_seconds: z9.number().int().positive().optional(),
+  validity_window_seconds: z10.number().int().positive().optional(),
   /** ISO 8601 expiry (derived from issued_at + validity_window_seconds) */
-  expires_at: z9.string().datetime().optional(),
+  expires_at: z10.string().datetime().optional(),
   /** Merkle proof for append-only log inclusion */
   log_inclusion: LogInclusionProofSchema.optional()
 });
-var NotaryRequestSchema = z9.object({
+var NotaryRequestSchema = z10.object({
   /** receipt_hash to be attested (base64url SHA-256) */
   receipt_hash: Base64urlSha256Schema,
   /** Must be literal 'hlos.ai' */
-  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY),
+  settlement_authority: z10.literal(SETTLEMENT_AUTHORITY),
   /** Crossing this receipt belongs to */
-  crossing_id: z9.string().min(1),
+  crossing_id: z10.string().min(1),
   /** Type of the receipt being attested */
-  receipt_type: z9.string().min(1),
+  receipt_type: z10.string().min(1),
   /** Version of the receipt being attested */
-  receipt_version: z9.number().int().nonnegative(),
+  receipt_version: z10.number().int().nonnegative(),
   /** ISO 8601 timestamp of the request */
-  timestamp: z9.string().datetime(),
+  timestamp: z10.string().datetime(),
   /** Optional: requested validity window in seconds */
-  validity_window_seconds: z9.number().int().positive().optional()
+  validity_window_seconds: z10.number().int().positive().optional()
 });
-var NotarizeStatusSchema = z9.enum([
+var NotarizeStatusSchema = z10.enum([
   "HARD",
   // NA obtained, finality upgraded
   "PENDING",
@@ -806,7 +845,7 @@ var NotarizeStatusSchema = z9.enum([
   "ALREADY_HARD"
   // Receipt already has NA
 ]);
-var NotarizeResponseSchema = z9.object({
+var NotarizeResponseSchema = z10.object({
   /** Finality status after this operation */
   status: NotarizeStatusSchema,
   /** The receipt_hash that was notarized */
@@ -816,13 +855,13 @@ var NotarizeResponseSchema = z9.object({
   /** The full NA object (optional embed) */
   na: NotaryAttestationSchema.optional(),
   /** Notary service identifier */
-  notary: z9.string().min(1).optional(),
+  notary: z10.string().min(1).optional(),
   /** NA ID for retrieval */
-  notary_receipt_id: z9.string().optional(),
+  notary_receipt_id: z10.string().optional(),
   /** ISO 8601 timestamp */
-  timestamp: z9.string().datetime(),
+  timestamp: z10.string().datetime(),
   /** Error details (present when status is FAILED) */
-  error: z9.string().optional()
+  error: z10.string().optional()
 });
 function isNotaryAttestation(value) {
   return NotaryAttestationSchema.safeParse(value).success;
@@ -830,17 +869,17 @@ function isNotaryAttestation(value) {
 function isNotaryRequest(value) {
   return NotaryRequestSchema.safeParse(value).success;
 }
-var ArtifactRefSchema = z9.object({
+var ArtifactRefSchema = z10.object({
   /** Artifact type */
-  type: z9.enum(["CR", "LAT", "EGP", "SA", "SignedReceiptV0", "NA"]),
+  type: z10.enum(["CR", "LAT", "EGP", "SA", "SignedReceiptV0", "NA"]),
   /** base64url SHA-256 hash of the artifact */
   hash: Base64urlSha256Schema,
   /** Issuer of the artifact */
-  issuer: z9.string().min(1),
+  issuer: z10.string().min(1),
   /** Schema version */
-  version: z9.string().min(1),
+  version: z10.string().min(1),
   /** Optional retrieval URI */
-  uri: z9.string().url().optional()
+  uri: z10.string().url().optional()
 });
 var FINALITY_GOLDEN_FIXTURES = {
   /** Sample NotaryAttestation */
@@ -874,7 +913,568 @@ var FINALITY_GOLDEN_FIXTURES = {
     timestamp: "2026-01-27T00:01:00.000Z"
   }
 };
+// src/eval-artifact.ts
+import { z as z11 } from "zod";
+var ULID_REGEX = /^[0-9A-HJKMNP-TV-Z]{26}$/;
+var EvalTranscriptStageSchema = z11.union([
+  ChainStageTypeSchema,
+  z11.literal("HTTP")
+]);
+var EvalTranscriptStepSchema = z11.object({
+  step_index: z11.number().int().nonnegative(),
+  stage: EvalTranscriptStageSchema,
+  input_hash: Base64urlSha256Schema,
+  output_hash: Base64urlSha256Schema.nullable(),
+  verdict: z11.enum(["pass", "fail", "skip"]),
+  error: z11.string().nullable(),
+  elapsed_ms: z11.number().int().nonnegative()
+}).strict();
+var EvalGraderResultSchema = z11.object({
+  grader_id: z11.string().min(1),
+  verdict: z11.enum(["pass", "fail"]),
+  confidence: z11.number().min(0).max(1),
+  details: z11.string().nullable()
+}).strict();
+var EvalFailureSchema = z11.object({
+  step_index: z11.number().int().nonnegative(),
+  grader_id: z11.string().min(1),
+  code: z11.string().min(1),
+  message: z11.string().nullable()
+}).strict();
+var EvalArtifactSchema = z11.object({
+  schema_version: z11.literal(1),
+  // Trial metadata
+  trial_id: z11.string().regex(ULID_REGEX, "Expected ULID format"),
+  seed: z11.string().nullable(),
+  suite: z11.string().min(1),
+  environment: z11.enum(["local", "ci", "staging", "production"]),
+  started_at: z11.string().datetime(),
+  completed_at: z11.string().datetime().nullable(),
+  duration_ms: z11.number().int().nonnegative().nullable(),
+  // Transcript — ordered steps
+  transcript: z11.array(EvalTranscriptStepSchema),
+  // Grader results
+  grader_results: z11.array(EvalGraderResultSchema),
+  // Compact failure records
+  failures: z11.array(EvalFailureSchema),
+  // Aggregate metrics
+  pass_rate: z11.number().min(0).max(1),
+  consecutive_pass_rate: z11.number().min(0).max(1),
+  k: z11.number().int().positive()
+}).strict();
+var DUMMY_HASH = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
+var EVAL_GOLDEN_FIXTURES = {
+  /**
+   * Valid 4-step transcript (CR→LAT→EGP→SA, all pass).
+   */
+  valid_full_pass: {
+    schema_version: 1,
+    trial_id: "01HZABCDEF1234567890ABCDEF",
+    seed: "test-seed-001",
+    suite: "kernel-invariant",
+    environment: "ci",
+    started_at: "2026-02-22T10:00:00.000Z",
+    completed_at: "2026-02-22T10:00:01.234Z",
+    duration_ms: 1234,
+    transcript: [
+      { step_index: 0, stage: "CR", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 5 },
+      { step_index: 1, stage: "LAT", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 8 },
+      { step_index: 2, stage: "EGP", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 3 },
+      { step_index: 3, stage: "SA", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 12 }
+    ],
+    grader_results: [
+      { grader_id: "cr_grader", verdict: "pass", confidence: 1, details: null },
+      { grader_id: "lat_grader", verdict: "pass", confidence: 1, details: null },
+      { grader_id: "egp_grader", verdict: "pass", confidence: 1, details: null },
+      { grader_id: "sa_grader", verdict: "pass", confidence: 1, details: null }
+    ],
+    failures: [],
+    pass_rate: 1,
+    consecutive_pass_rate: 1,
+    k: 10
+  },
+  /**
+   * Single failure: LAT grader fails (broken CR→LAT binding).
+   */
+  lat_failure: {
+    schema_version: 1,
+    trial_id: "01HZABCDEF1234567890ABCDEG",
+    seed: "test-seed-002",
+    suite: "kernel-invariant",
+    environment: "ci",
+    started_at: "2026-02-22T10:01:00.000Z",
+    completed_at: "2026-02-22T10:01:00.456Z",
+    duration_ms: 456,
+    transcript: [
+      { step_index: 0, stage: "CR", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 5 },
+      { step_index: 1, stage: "LAT", input_hash: DUMMY_HASH, output_hash: null, verdict: "fail", error: "CR hash mismatch", elapsed_ms: 3 },
+      { step_index: 2, stage: "EGP", input_hash: DUMMY_HASH, output_hash: null, verdict: "skip", error: null, elapsed_ms: 0 },
+      { step_index: 3, stage: "SA", input_hash: DUMMY_HASH, output_hash: null, verdict: "skip", error: null, elapsed_ms: 0 }
+    ],
+    grader_results: [
+      { grader_id: "cr_grader", verdict: "pass", confidence: 1, details: null },
+      { grader_id: "lat_grader", verdict: "fail", confidence: 1, details: "LAT.cr_hash does not match computed CR hash" },
+      { grader_id: "egp_grader", verdict: "pass", confidence: 0, details: "Skipped: LAT failed" },
+      { grader_id: "sa_grader", verdict: "pass", confidence: 0, details: "Skipped: upstream failure" }
+    ],
+    failures: [
+      { step_index: 1, grader_id: "lat_grader", code: "BINDING_MISMATCH", message: "LAT.cr_hash does not match computed CR hash" }
+    ],
+    pass_rate: 0.9,
+    consecutive_pass_rate: 0.9,
+    k: 10
+  },
+  /**
+   * Partial artifact: run crashed mid-flight.
+   */
+  partial_crash: {
+    schema_version: 1,
+    trial_id: "01HZABCDEF1234567890ABCDEH",
+    seed: null,
+    suite: "kernel-invariant",
+    environment: "local",
+    started_at: "2026-02-22T10:02:00.000Z",
+    completed_at: null,
+    duration_ms: null,
+    transcript: [
+      { step_index: 0, stage: "CR", input_hash: DUMMY_HASH, output_hash: DUMMY_HASH, verdict: "pass", error: null, elapsed_ms: 5 }
+    ],
+    grader_results: [
+      { grader_id: "cr_grader", verdict: "pass", confidence: 1, details: null }
+    ],
+    failures: [],
+    pass_rate: 0,
+    consecutive_pass_rate: 0,
+    k: 10
+  }
+};
+// src/settlement-execute.ts
+import { z as z12 } from "zod";
+var ULID_REGEX2 = /^[0-9A-HJKMNP-TV-Z]{26}$/;
+var UlidSchema = z12.string().regex(ULID_REGEX2, "Expected ULID format");
+var UlidOrUuidSchema = z12.string().min(1);
+var HashVersionSchema = z12.enum(["v1", "v2"]);
+var SettlementModeSchema = z12.enum(["execute", "dry_run"]);
+var NotaryStatusSchema = z12.enum(["skipped", "verified", "failed"]);
+var SettlementExecuteRequestSchema = z12.object({
+  idempotency_key: UlidOrUuidSchema,
+  seed: z12.string().nullable().optional(),
+  hash_version: HashVersionSchema.default("v2"),
+  mode: SettlementModeSchema.default("execute"),
+  flow: z12.object({
+    wallet_id: z12.string().min(1),
+    sku: z12.string().min(1),
+    amount: z12.string().min(1),
+    currency: z12.literal("USD"),
+    metadata: z12.record(z12.unknown()).optional()
+  })
+}).strict();
+var ArtifactsBlockSchema = z12.object({
+  cr: z12.record(z12.unknown()).nullable(),
+  lat: z12.record(z12.unknown()).nullable(),
+  egp: z12.record(z12.unknown()).nullable(),
+  sa: z12.record(z12.unknown()).nullable()
+});
+var HashesBlockSchema = z12.object({
+  cr_hash: Base64urlSha256Schema.nullable(),
+  lat_hash: Base64urlSha256Schema.nullable(),
+  egp_hash: Base64urlSha256Schema.nullable(),
+  sa_hash: Base64urlSha256Schema.nullable()
+});
+var SignatureEnvelopeSchema = z12.object({
+  alg: z12.literal("ed25519"),
+  sig: z12.string().min(1),
+  pub: z12.string().min(1)
+});
+var NotaryBlockSchema = z12.object({
+  status: NotaryStatusSchema,
+  run_notary: z12.object({
+    subject_hash: Base64urlSha256Schema,
+    sig: z12.string().min(1),
+    pub: z12.string().min(1)
+  }).nullable(),
+  graph_notary: z12.object({
+    subject_hash: Base64urlSha256Schema,
+    sig: z12.string().min(1),
+    pub: z12.string().min(1)
+  }).nullable()
+});
+var TimingBlockSchema = z12.object({
+  started_at: z12.string().datetime(),
+  completed_at: z12.string().datetime().nullable(),
+  duration_ms: z12.number().int().nonnegative().nullable()
+});
+var SettlementExecuteSuccessSchema = z12.object({
+  schema_version: z12.literal(1),
+  flow_id: UlidSchema,
+  suite_id: z12.string().min(1),
+  seed: z12.string().nullable(),
+  hash_version: HashVersionSchema,
+  artifacts: ArtifactsBlockSchema.extend({
+    cr: z12.record(z12.unknown()),
+    lat: z12.record(z12.unknown()),
+    egp: z12.record(z12.unknown()),
+    sa: z12.record(z12.unknown())
+  }),
+  hashes: HashesBlockSchema.extend({
+    cr_hash: Base64urlSha256Schema,
+    lat_hash: Base64urlSha256Schema,
+    egp_hash: Base64urlSha256Schema,
+    sa_hash: Base64urlSha256Schema
+  }),
+  signatures: z12.object({
+    settlement: z12.object({
+      cr_sig: SignatureEnvelopeSchema,
+      lat_sig: SignatureEnvelopeSchema,
+      sa_sig: SignatureEnvelopeSchema
+    }),
+    notary: NotaryBlockSchema
+  }),
+  receipt: z12.object({
+    // Kernel receipt IDs currently follow rcpt_ + variable base36/random suffix.
+    receipt_id: z12.string().regex(/^rcpt_/, "Expected kernel receipt ID (rcpt_... format)"),
+    status: z12.enum(["stored", "pending"]),
+    receipt_hash: Base64urlSha256Schema
+  }),
+  run: z12.object({
+    run_id: UlidSchema,
+    final_state_hash: Base64urlSha256Schema,
+    terminal_event_hash: Base64urlSha256Schema,
+    sealed_at: z12.string().datetime()
+  }),
+  timing: TimingBlockSchema.extend({
+    completed_at: z12.string().datetime(),
+    duration_ms: z12.number().int().nonnegative()
+  })
+});
+var SettlementErrorCodeSchema = z12.enum([
+  "INSUFFICIENT_FUNDS",
+  "POLICY_DENIED",
+  "INVARIANT_FAILED",
+  "INVALID_AMOUNT_FORMAT",
+  "INVALID_AMOUNT_NEGATIVE",
+  "INVALID_JSON",
+  "INTERNAL"
+]);
+var SettlementExecuteErrorSchema = z12.object({
+  schema_version: z12.literal(1),
+  flow_id: UlidSchema,
+  suite_id: z12.string().min(1),
+  seed: z12.string().nullable(),
+  hash_version: HashVersionSchema,
+  error: z12.object({
+    code: SettlementErrorCodeSchema,
+    message: z12.string(),
+    details: z12.record(z12.unknown()).optional()
+  }),
+  partial: z12.object({
+    artifacts: ArtifactsBlockSchema,
+    hashes: HashesBlockSchema
+  }),
+  timing: TimingBlockSchema
+});
+var SettlementExecuteResponseSchema = z12.union([
+  SettlementExecuteSuccessSchema,
+  SettlementExecuteErrorSchema
+]);
+function isSettlementExecuteSuccess(response) {
+  return "artifacts" in response && !("error" in response);
+}
+function isSettlementExecuteError(response) {
+  return "error" in response;
+}
+// src/srr-v0.ts
+import { z as z13 } from "zod";
+var SRR_TYPE_URI = "https://hlos.ai/schema/SignedRejectionReceiptV0";
+var SRR_VERSION = 0;
+var SRR_REJECTION_DOMAIN = "kernel:k:rejection:v1";
+var SRR_SIGNATURE_ALGORITHM = "Ed25519";
+var SRR_INITIAL_REASON_CODES = [
+  "BUDGET_EXCEEDED",
+  "POLICY_VIOLATION",
+  "SAFETY_GATE_FAILED",
+  "DELEGATION_REVOKED",
+  "SETTLEMENT_TIMEOUT"
+];
+var REASON_CODE_PATTERN = /^[A-Z][A-Z0-9_]{2,63}$/;
+var SignedRejectionReceiptV0Schema = z13.object({
+  "@type": z13.literal(SRR_TYPE_URI),
+  version: z13.literal(SRR_VERSION),
+  receipt_id: z13.string().regex(
+    /^srr_[0-9A-HJKMNP-TV-Z]{26}$/i,
+    "receipt_id must be srr_ + 26-char ULID"
+  ),
+  crossing_id: z13.string().min(1),
+  reason_code: z13.string().regex(REASON_CODE_PATTERN, "reason_code must be UPPER_SNAKE_CASE, 3-64 chars"),
+  reason_message: z13.string().min(1),
+  details: z13.record(z13.unknown()).optional(),
+  commitment_hash: Base64urlSha256Schema.optional(),
+  issuer_id: z13.string().min(1),
+  rejected_at: z13.string().datetime(),
+  issuer_public_key_ref: z13.string().min(1),
+  signature_algorithm: z13.literal(SRR_SIGNATURE_ALGORITHM),
+  signature: Base64urlEd25519SigSchema
+}).strict();
+// src/liability-waiver-terms-v0.ts
+import { z as z14 } from "zod";
+var LIABILITY_WAIVER_TERMS_TYPE_URI = "https://hlos.ai/schema/LiabilityWaiverTermsV0";
+var LIABILITY_WAIVER_TERMS_VERSION = 0;
+var LiabilityDispositionSchema = z14.enum([
+  "ABSORB",
+  "RELEASE",
+  "TRANSFER",
+  "DISPUTE"
+]);
+var LiabilityWaiverTermsPartiesSchema = z14.object({
+  offered_by: z14.string().min(1).optional(),
+  offered_to: z14.string().min(1).optional(),
+  beneficiary: z14.string().min(1).optional(),
+  burdened_party: z14.string().min(1).optional()
+}).strict();
+var LiabilityWaiverTermsScopeSchema = z14.object({
+  crossing_id: z14.string().min(1).optional(),
+  commitment_hash: Base64urlSha256Schema.optional(),
+  claim_scope: z14.string().min(1).optional()
+}).strict();
+var LiabilityWaiverTermsConditionsSchema = z14.object({
+  effective_if: z14.record(z14.unknown()).optional(),
+  expires_at: z14.string().datetime().optional(),
+  jurisdiction: z14.string().min(1).optional()
+}).strict();
+var LiabilityWaiverTermsHashInputSchema = z14.object({
+  parties: LiabilityWaiverTermsPartiesSchema,
+  liability_effect: LiabilityDispositionSchema,
+  scope: LiabilityWaiverTermsScopeSchema,
+  conditions: LiabilityWaiverTermsConditionsSchema.optional(),
+  canonical_terms: z14.record(z14.unknown()).optional()
+}).strict();
+var LiabilityWaiverTermsRefV0Schema = z14.object({
+  waiver_id: z14.string().min(1).optional(),
+  terms_hash: Base64urlSha256Schema,
+  type: z14.literal(LIABILITY_WAIVER_TERMS_TYPE_URI),
+  version: z14.literal(LIABILITY_WAIVER_TERMS_VERSION)
+}).strict();
+var LiabilityWaiverTermsV0Schema = z14.object({
+  "@type": z14.literal(LIABILITY_WAIVER_TERMS_TYPE_URI),
+  version: z14.literal(LIABILITY_WAIVER_TERMS_VERSION),
+  waiver_id: z14.string().min(1),
+  terms_hash: Base64urlSha256Schema,
+  parties: LiabilityWaiverTermsPartiesSchema,
+  liability_effect: LiabilityDispositionSchema,
+  scope: LiabilityWaiverTermsScopeSchema,
+  conditions: LiabilityWaiverTermsConditionsSchema.optional(),
+  human_readable_summary: z14.string().min(1).optional(),
+  canonical_terms: z14.record(z14.unknown()).optional()
+}).strict();
+var cachedSha256 = null;
+function loadSha256() {
+  if (cachedSha256) return cachedSha256;
+  const moduleApi = typeof process.getBuiltinModule === "function" ? process.getBuiltinModule("module") : __require("module");
+  const createRequire = moduleApi.createRequire;
+  const requireBase = typeof __filename === "string" ? __filename : `${process.cwd()}/package.json`;
+  const _require = createRequire(requireBase);
+  let sha256;
+  try {
+    sha256 = _require("@noble/hashes/sha2.js").sha256;
+  } catch {
+    try {
+      sha256 = _require("@noble/hashes/sha2").sha256;
+    } catch {
+      throw new Error(
+        "Liability waiver hashing requires @noble/hashes as a peer dependency. Install it: npm install @noble/hashes"
+      );
+    }
+  }
+  cachedSha256 = sha256;
+  return sha256;
+}
+function toLiabilityWaiverTermsHashInput(terms) {
+  return {
+    parties: terms.parties,
+    liability_effect: terms.liability_effect,
+    scope: terms.scope,
+    ...terms.conditions !== void 0 ? { conditions: terms.conditions } : {},
+    ...terms.canonical_terms !== void 0 ? { canonical_terms: terms.canonical_terms } : {}
+  };
+}
+function computeLiabilityWaiverTermsHash(input) {
+  const sha256 = loadSha256();
+  const canonical = jcsCanonicalize(input);
+  const digest = sha256(new TextEncoder().encode(canonical));
+  return bytesToBase64url(digest);
+}
+// src/srr-v1.ts
+import { z as z15 } from "zod";
+var SRR_V1_TYPE_URI = "https://hlos.ai/schema/SignedRejectionReceiptV1";
+var SRR_V1_VERSION = 1;
+var SRR_V1_REJECTION_DOMAIN = "kernel:u:rejection:v1";
+var SRR_V1_SIGNATURE_ALGORITHM = SRR_SIGNATURE_ALGORITHM;
+var SignedRejectionReceiptV1Schema = z15.object({
+  "@type": z15.literal(SRR_V1_TYPE_URI),
+  version: z15.literal(SRR_V1_VERSION),
+  receipt_id: z15.string().regex(
+    /^srr_[0-9A-HJKMNP-TV-Z]{26}$/i,
+    "receipt_id must be srr_ + 26-char ULID"
+  ),
+  crossing_id: z15.string().min(1),
+  reason_code: z15.string().regex(REASON_CODE_PATTERN, "reason_code must be UPPER_SNAKE_CASE, 3-64 chars"),
+  reason_message: z15.string().min(1),
+  details: z15.record(z15.unknown()).optional(),
+  commitment_hash: Base64urlSha256Schema.optional(),
+  issuer_id: z15.string().min(1),
+  rejected_at: z15.string().datetime(),
+  issuer_public_key_ref: z15.string().min(1),
+  signature_algorithm: z15.literal(SRR_V1_SIGNATURE_ALGORITHM),
+  liability_disposition: LiabilityDispositionSchema,
+  waiver_terms_ref: LiabilityWaiverTermsRefV0Schema.optional(),
+  signature: Base64urlEd25519SigSchema
+}).strict().superRefine((value, ctx) => {
+  if ((value.liability_disposition === "RELEASE" || value.liability_disposition === "TRANSFER") && value.waiver_terms_ref === void 0) {
+    ctx.addIssue({
+      code: z15.ZodIssueCode.custom,
+      path: ["waiver_terms_ref"],
+      message: "waiver_terms_ref is required for RELEASE and TRANSFER"
+    });
+  }
+});
+// src/srr-signing.ts
+var textEncoder = new TextEncoder();
+var DOMAIN_BYTES_V0 = textEncoder.encode(SRR_REJECTION_DOMAIN);
+var DOMAIN_BYTES_V1 = textEncoder.encode(SRR_V1_REJECTION_DOMAIN);
+var cachedSha2562 = null;
+function loadSha2562() {
+  if (cachedSha2562) return cachedSha2562;
+  const moduleApi = typeof process.getBuiltinModule === "function" ? process.getBuiltinModule("module") : __require("module");
+  const createRequire = moduleApi.createRequire;
+  const requireBase = typeof __filename === "string" ? __filename : `${process.cwd()}/package.json`;
+  const _require = createRequire(requireBase);
+  let sha256;
+  try {
+    sha256 = _require("@noble/hashes/sha2.js").sha256;
+  } catch {
+    try {
+      sha256 = _require("@noble/hashes/sha2").sha256;
+    } catch {
+      throw new Error(
+        "SRR signing requires @noble/hashes as a peer dependency. Install it: npm install @noble/hashes"
+      );
+    }
+  }
+  cachedSha2562 = sha256;
+  return sha256;
+}
+function computeSrrSigningPayload(unsignedSrr) {
+  const sha256 = loadSha2562();
+  const canonical = jcsCanonicalize(unsignedSrr);
+  const digest = sha256(textEncoder.encode(canonical));
+  const domainBytes = unsignedSrr["@type"] === SRR_V1_TYPE_URI ? DOMAIN_BYTES_V1 : unsignedSrr["@type"] === SRR_TYPE_URI ? DOMAIN_BYTES_V0 : (() => {
+    throw new Error("Unsupported SRR type for signing payload construction");
+  })();
+  const payload = new Uint8Array(domainBytes.length + digest.length);
+  payload.set(domainBytes, 0);
+  payload.set(digest, domainBytes.length);
+  return payload;
+}
+function computeSrrDigest(signedSrr) {
+  const sha256 = loadSha2562();
+  const canonical = jcsCanonicalize(signedSrr);
+  return bytesToBase64url(sha256(textEncoder.encode(canonical)));
+}
+// src/srr-verify.ts
+var cachedVerify = null;
+function loadVerify() {
+  if (cachedVerify) return cachedVerify;
+  const moduleApi = typeof process.getBuiltinModule === "function" ? process.getBuiltinModule("module") : __require("module");
+  const createRequire = moduleApi.createRequire;
+  const requireBase = typeof __filename === "string" ? __filename : `${process.cwd()}/package.json`;
+  const _require = createRequire(requireBase);
+  let ed25519Module;
+  try {
+    ed25519Module = _require("@noble/ed25519");
+  } catch {
+    throw new Error(
+      "SRR verification requires @noble/ed25519 as a peer dependency. Install it: npm install @noble/ed25519"
+    );
+  }
+  if (!ed25519Module.hashes?.sha512) {
+    let sha512Fn;
+    try {
+      const sha2 = _require("@noble/hashes/sha2.js");
+      sha512Fn = (...m) => sha2.sha512(ed25519Module.etc.concatBytes(...m));
+    } catch {
+      try {
+        const sha2 = _require("@noble/hashes/sha2");
+        sha512Fn = (...m) => sha2.sha512(ed25519Module.etc.concatBytes(...m));
+      } catch {
+        throw new Error(
+          "SRR verification requires @noble/hashes as a peer dependency. Install it: npm install @noble/hashes"
+        );
+      }
+    }
+    if (!ed25519Module.hashes) ed25519Module.hashes = {};
+    ed25519Module.hashes.sha512 = sha512Fn;
+  }
+  const verify = ed25519Module.verify;
+  cachedVerify = verify;
+  return verify;
+}
+async function verifyDetachedEd25519(params) {
+  const verify = loadVerify();
+  try {
+    return await verify(params.signature, params.signingPayload, params.publicKey);
+  } catch {
+    return false;
+  }
+}
+async function verifySignedRejectionReceipt(params) {
+  const { srr, publicKey } = params;
+  if (!srr || typeof srr !== "object") {
+    return { valid: false, reason: "SCHEMA_VIOLATION" };
+  }
+  if (typeof srr.signature_algorithm === "string" && srr.signature_algorithm !== SRR_SIGNATURE_ALGORITHM) {
+    return { valid: false, reason: "UNSUPPORTED_ALGORITHM" };
+  }
+  const wireType = srr["@type"];
+  if (wireType !== SRR_V1_TYPE_URI && wireType !== SRR_TYPE_URI) {
+    return { valid: false, reason: "SCHEMA_VIOLATION" };
+  }
+  const parseResult = wireType === SRR_V1_TYPE_URI ? SignedRejectionReceiptV1Schema.safeParse(srr) : SignedRejectionReceiptV0Schema.safeParse(srr);
+  if (!parseResult.success) {
+    return { valid: false, reason: "SCHEMA_VIOLATION" };
+  }
+  const parsedSrr = parseResult.data;
+  let signingPayload;
+  try {
+    const { signature, ...unsignedFields } = parsedSrr;
+    signingPayload = computeSrrSigningPayload(unsignedFields);
+  } catch {
+    return { valid: false, reason: "PAYLOAD_CONSTRUCTION_ERROR" };
+  }
+  let signatureBytes;
+  try {
+    signatureBytes = base64urlToBytes(parsedSrr.signature);
+  } catch {
+    return { valid: false, reason: "INVALID_SIGNATURE" };
+  }
+  const valid = await verifyDetachedEd25519({
+    signingPayload,
+    signature: signatureBytes,
+    publicKey
+  });
+  return valid ? { valid: true } : { valid: false, reason: "INVALID_SIGNATURE" };
+}
 export {
+  AAREnvelopeV0Schema,
+  AAREnvelopeV0TypedSchema,
+  AAR_ENVELOPE_TYPE,
+  AAR_ENVELOPE_VERSION,
   AgentListItemSchema,
   AgentPassportStubResponseSchema,
   AgentStatusSchema,
@@ -885,7 +1485,9 @@ export {
   BASE64URL_SHA256_REGEX,
   Base64urlEd25519SigSchema,
   Base64urlSha256Schema,
+  CHAIN_STAGE_ORDER,
   CONTENT_HASH_LENGTH,
+  ChainStageTypeSchema,
   CorrelationIdSchema,
   CredentialSourceSchema,
   CrossingHashInputV0Schema,
@@ -893,8 +1495,18 @@ export {
   CrossingIdSchema,
   CrossingSettledReceiptSchema,
   CrossingSnapshotV0Schema,
+  CustodyReceiptContentSchema,
+  DispatchChainContentSchema,
+  DispatchIdBrand,
+  DispatchIdSchema,
   ERROR_CODE_STATUS,
+  EVAL_GOLDEN_FIXTURES,
+  EconomicGateProofContentSchema,
   ErrorResponseSchema,
+  EvalArtifactSchema,
+  EvalFailureSchema,
+  EvalGraderResultSchema,
+  EvalTranscriptStepSchema,
   FINALITY_GOLDEN_FIXTURES,
   FinalityLevel,
   FundingSourceSchema,
@@ -903,6 +1515,16 @@ export {
   KernelErrorCodeSchema2 as KernelErrorCodeSchema,
   KernelErrorSchema,
   KernelOkSchema,
+  LIABILITY_WAIVER_TERMS_TYPE_URI,
+  LIABILITY_WAIVER_TERMS_VERSION,
+  LiabilityAttestationContentSchema,
+  LiabilityDispositionSchema,
+  LiabilityWaiverTermsConditionsSchema,
+  LiabilityWaiverTermsHashInputSchema,
+  LiabilityWaiverTermsPartiesSchema,
+  LiabilityWaiverTermsRefV0Schema,
+  LiabilityWaiverTermsScopeSchema,
+  LiabilityWaiverTermsV0Schema,
   LogInclusionProofSchema,
   NA_ID_PREFIX,
   NotarizeResponseSchema,
@@ -913,6 +1535,7 @@ export {
   PassportIdFormatSchema,
   PassportIdSchema,
   ProviderRoleSchema,
+  REASON_CODE_PATTERN,
   RECEIPT_HASH_GOLDEN_FIXTURE,
   RECEIPT_TYPE_URI,
   RECEIPT_VERSION,
@@ -924,9 +1547,25 @@ export {
   RotationEpochSchema,
   SETTLEMENT_AUTHORITY,
   SIGNATURE_LENGTH,
+  SRR_INITIAL_REASON_CODES,
+  SRR_REJECTION_DOMAIN,
+  SRR_SIGNATURE_ALGORITHM,
+  SRR_TYPE_URI,
+  SRR_V1_REJECTION_DOMAIN,
+  SRR_V1_SIGNATURE_ALGORITHM,
+  SRR_V1_TYPE_URI,
+  SRR_V1_VERSION,
+  SRR_VERSION,
   SURFACES,
+  SettlementAnchorContentSchema,
+  SettlementExecuteErrorSchema,
+  SettlementExecuteRequestSchema,
+  SettlementExecuteResponseSchema,
+  SettlementExecuteSuccessSchema,
   SignedReceiptV0LooseSchema,
   SignedReceiptV0Schema,
+  SignedRejectionReceiptV0Schema,
+  SignedRejectionReceiptV1Schema,
   StackConnectionSchema,
   StackProviderSchema,
   StackSchema,
@@ -939,14 +1578,20 @@ export {
   W_TXCTX_DOMAIN,
   WalletIdFormatSchema,
   WalletIdSchema,
+  assertRootHash,
+  assertValidChainLink,
   base64urlToBytes,
   bytesToBase64url,
   computeContentHash,
+  computeLiabilityWaiverTermsHash,
   computeReceiptHash,
+  computeSrrDigest,
+  computeSrrSigningPayload,
   deriveFundingSource,
   encodeEpoch,
   error,
   generateCrossingId,
+  generateDispatchId,
   generateId,
   generatePassportId,
   generateReceiptId,
@@ -955,11 +1600,17 @@ export {
   isCrossingSettledReceipt,
   isNotaryAttestation,
   isNotaryRequest,
+  isSettlementExecuteError,
+  isSettlementExecuteSuccess,
   isSignedReceiptV0,
   jcsCanonicalize,
   kernelError,
   kernelOk,
   success,
-  validateTimeWindow
+  toLiabilityWaiverTermsHashInput,
+  validateTimeWindow,
+  verifyAAR,
+  verifyDetachedEd25519,
+  verifySignedRejectionReceipt
 };
 //# sourceMappingURL=index.js.map