@hlos-ai/schemas 0.4.2

package/dist/index.js

@@ -0,0 +1,965 @@
+import {
+  CorrelationIdSchema,
+  CrossingIdSchema,
+  IdempotencyKeySchema,
+  PassportIdSchema,
+  ReceiptIdSchema,
+  WalletIdSchema,
+  __require,
+  generateCrossingId,
+  generateId,
+  generatePassportId,
+  generateReceiptId,
+  generateWalletId
+} from "./chunk-RQP6MVT3.js";
+
+// src/surface.ts
+import { z } from "zod";
+var SurfaceSchema = z.enum([
+  "mcp",
+  // Model Context Protocol servers
+  "x402",
+  // x402 micropayment protocol
+  "events",
+  // events.hlos.ai
+  "cli",
+  // HLOS CLI
+  "web",
+  // hlos.ai web app
+  "acp",
+  // Agent Commerce Protocol
+  "api"
+  // Direct API calls (default for unspecified)
+]);
+var SURFACES = SurfaceSchema.options;
+
+// src/response.ts
+import { z as z3 } from "zod";
+
+// src/error-codes.ts
+import { z as z2 } from "zod";
+var KernelErrorCodeSchema = z2.enum([
+  // 4xx Client Errors
+  "INVALID_REQUEST",
+  // 400 - Malformed request body
+  "UNAUTHORIZED",
+  // 401 - Missing/invalid auth
+  "FORBIDDEN",
+  // 403 - Insufficient permissions
+  "NOT_FOUND",
+  // 404 - Resource doesn't exist
+  "CONFLICT",
+  // 409 - General conflict
+  "IDEMPOTENCY_CONFLICT",
+  // 409 - Same idem_key, different request
+  "INSUFFICIENT_BALANCE",
+  // 402 - Wallet lacks funds
+  "SPEND_CAP_EXCEEDED",
+  // 402 - Spend cap hit
+  "RATE_LIMITED",
+  // 429 - Too many requests
+  // 5xx Server Errors
+  "INTERNAL_ERROR",
+  // 500 - Server error
+  "SERVICE_UNAVAILABLE"
+  // 503 - Temporarily unavailable
+]);
+
+// src/response.ts
+function success(data, correlationId, requestId) {
+  return {
+    success: true,
+    data,
+    meta: {
+      correlation_id: correlationId,
+      ...requestId && { request_id: requestId }
+    }
+  };
+}
+function error(code, message, correlationId, details) {
+  return {
+    success: false,
+    error: {
+      code,
+      message,
+      correlation_id: correlationId,
+      ...details !== void 0 && { details }
+    }
+  };
+}
+var SuccessResponseSchema = (dataSchema) => z3.object({
+  success: z3.literal(true),
+  data: dataSchema,
+  meta: z3.object({
+    request_id: z3.string().optional(),
+    correlation_id: z3.string()
+  }).optional()
+});
+var ErrorResponseSchema = z3.object({
+  success: z3.literal(false),
+  error: z3.object({
+    code: KernelErrorCodeSchema,
+    message: z3.string(),
+    details: z3.unknown().optional(),
+    correlation_id: z3.string()
+  })
+});
+
+// src/receipt-v0.ts
+import { z as z4 } from "zod";
+var RECEIPT_TYPE_URI = "https://hlos.ai/schema/SignedReceiptV0";
+var RECEIPT_VERSION = 0;
+var CONTENT_HASH_LENGTH = 43;
+var SIGNATURE_LENGTH = 86;
+var SignedReceiptV0Schema = (contentSchema) => z4.object({
+  "@type": z4.literal(RECEIPT_TYPE_URI),
+  version: z4.literal(RECEIPT_VERSION),
+  receipt_id: z4.string(),
+  content: contentSchema,
+  // SHA-256 digest (32 bytes) = exactly 43 chars base64url
+  content_hash: z4.string().regex(
+    /^[A-Za-z0-9_-]{43}$/,
+    "content_hash must be 43-char base64url (32-byte SHA-256)"
+  ),
+  // Ed25519 signature (64 bytes) = exactly 86 chars base64url
+  signature: z4.string().regex(
+    /^[A-Za-z0-9_-]{86}$/,
+    "signature must be 86-char base64url (64-byte Ed25519)"
+  ),
+  key_id: z4.string().min(1),
+  issued_at: z4.string().datetime()
+});
+var SignedReceiptV0LooseSchema = SignedReceiptV0Schema(z4.unknown());
+function isSignedReceiptV0(value) {
+  if (typeof value !== "object" || value === null) return false;
+  const obj = value;
+  return obj["@type"] === RECEIPT_TYPE_URI && obj["version"] === RECEIPT_VERSION && typeof obj["receipt_id"] === "string" && typeof obj["content_hash"] === "string" && typeof obj["signature"] === "string" && typeof obj["key_id"] === "string" && typeof obj["issued_at"] === "string";
+}
+
+// src/shared-contract.ts
+import { z as z5 } from "zod";
+var KernelErrorCodeSchema2 = z5.enum([
+  // Validation / Request errors
+  "VALIDATION_ERROR",
+  // 400 - Input validation failed
+  "INVALID_REQUEST",
+  // 400 - Malformed request
+  // Auth errors
+  "UNAUTHORIZED",
+  // 401 - Missing/invalid auth
+  "FORBIDDEN",
+  // 403 - Insufficient permissions
+  // Resource errors
+  "NOT_FOUND",
+  // 404 - Generic not found
+  "CROSSING_NOT_FOUND",
+  // 404 - Crossing not found
+  "STACK_NOT_FOUND",
+  // 404 - Stack not found
+  "STACK_CONNECTION_NOT_FOUND",
+  // 404 - Stack connection not found
+  // Conflict errors
+  "CONFLICT",
+  // 409 - Generic conflict
+  "INVALID_STATE_TRANSITION",
+  // 409 - State machine violation
+  "CROSSING_ALREADY_SETTLED",
+  // 409 - Crossing already settled
+  "IDEMPOTENCY_CONFLICT",
+  // 409 - Same key, different request
+  // Payment errors
+  "INSUFFICIENT_BALANCE",
+  // 402 - Wallet lacks funds
+  "SPEND_CAP_EXCEEDED",
+  // 402 - Spend cap hit
+  // Rate limiting
+  "RATE_LIMITED",
+  // 429 - Too many requests
+  // Server errors
+  "INTERNAL_ERROR",
+  // 500 - Server error
+  "SERVICE_UNAVAILABLE"
+  // 503 - Temporarily unavailable
+]);
+var ERROR_CODE_STATUS = {
+  VALIDATION_ERROR: 400,
+  INVALID_REQUEST: 400,
+  UNAUTHORIZED: 401,
+  FORBIDDEN: 403,
+  NOT_FOUND: 404,
+  CROSSING_NOT_FOUND: 404,
+  STACK_NOT_FOUND: 404,
+  STACK_CONNECTION_NOT_FOUND: 404,
+  CONFLICT: 409,
+  INVALID_STATE_TRANSITION: 409,
+  CROSSING_ALREADY_SETTLED: 409,
+  IDEMPOTENCY_CONFLICT: 409,
+  INSUFFICIENT_BALANCE: 402,
+  SPEND_CAP_EXCEEDED: 402,
+  RATE_LIMITED: 429,
+  INTERNAL_ERROR: 500,
+  SERVICE_UNAVAILABLE: 503
+};
+var KernelOkSchema = (dataSchema) => z5.object({
+  ok: z5.literal(true),
+  status: z5.union([
+    z5.number().int().min(200).max(299),
+    z5.literal(304)
+  ]),
+  data: dataSchema
+});
+var KernelErrorSchema = z5.object({
+  ok: z5.literal(false),
+  status: z5.number().int().min(400).max(599),
+  error: z5.object({
+    code: KernelErrorCodeSchema2,
+    // P0 FIX: was z.string()
+    message: z5.string(),
+    details: z5.record(z5.unknown()).optional()
+  })
+});
+var CrossingIdFormatSchema = z5.string().regex(/^cross_[a-z0-9]{20,}$/i, "Invalid CrossingId format (expected: cross_...)");
+var ReceiptIdFormatSchema = z5.string().regex(/^rcpt_[0-9A-HJKMNP-TV-Z]{26}$/i, "Invalid ReceiptId format (expected: rcpt_...)");
+var PassportIdFormatSchema = z5.string().regex(/^passport_[a-z0-9]{20,}$/i, "Invalid PassportId format (expected: passport_...)");
+var WalletIdFormatSchema = z5.string().regex(/^wallet_[a-z0-9]{20,}$/i, "Invalid WalletId format (expected: wallet_...)");
+var FundingSourceSchema = z5.enum(["SPONSOR", "PLATFORM", "USER"]);
+var CredentialSourceSchema = z5.enum([
+  "SPONSOR_KEY",
+  // Sponsor-provisioned key
+  "BYOK",
+  // Bring Your Own Key (user-provided)
+  "HLOS_FALLBACK"
+  // Platform fallback credential
+]);
+function deriveFundingSource(credentialSource) {
+  switch (credentialSource) {
+    case "SPONSOR_KEY":
+      return "SPONSOR";
+    case "BYOK":
+      return "USER";
+    case "HLOS_FALLBACK":
+      return "PLATFORM";
+  }
+}
+var CrossingSnapshotV0Schema = z5.object({
+  crossingId: CrossingIdFormatSchema,
+  capabilityId: z5.string(),
+  passportId: PassportIdFormatSchema,
+  // Scoping
+  event_id: z5.string().nullable(),
+  access_window_id: z5.string().nullable(),
+  access_grant_id: z5.string().nullable(),
+  // Attribution
+  attribution_org_id: z5.string().nullable(),
+  funding_source: FundingSourceSchema.nullable(),
+  credential_source: CredentialSourceSchema
+});
+var CrossingHashInputV0Schema = z5.object({
+  v: z5.literal(0),
+  snapshot: CrossingSnapshotV0Schema,
+  attested_receipt_id: ReceiptIdFormatSchema
+});
+var SETTLEMENT_AUTHORITY = "hlos.ai";
+var CrossingSettledReceiptSchema = z5.object({
+  type: z5.literal("CrossingSettled"),
+  crossingId: CrossingIdFormatSchema,
+  // Scoping (powers adoption + ROI views)
+  event_id: z5.string().nullable(),
+  access_window_id: z5.string().nullable(),
+  access_grant_id: z5.string().nullable(),
+  // Attribution
+  attribution_org_id: z5.string().nullable(),
+  funding_source: FundingSourceSchema.nullable(),
+  credential_source: CredentialSourceSchema,
+  // Authority (LITERAL)
+  settlement_authority: z5.literal(SETTLEMENT_AUTHORITY),
+  // Binding
+  crossing_hash: z5.string(),
+  // sha256 base64url of CrossingHashInputV0
+  attested_receipt_id: z5.string(),
+  // Timestamp
+  settled_at: z5.string().datetime()
+});
+var AvailabilityTypeSchema = z5.enum([
+  "EVENT_SPONSOR",
+  // Sponsor-funded for specific event
+  "EVERGREEN",
+  // Always available platform credit
+  "CATALOG"
+  // User-paid from catalog
+]);
+var ProviderRoleSchema = z5.enum([
+  "AI",
+  // AI/LLM providers (Gemini, GPT, Claude)
+  "DATABASE",
+  // Database providers (MongoDB, Supabase)
+  "AUTH",
+  // Auth providers (Clerk, Auth0)
+  "DEPLOY",
+  // Deployment providers (Vercel, Cloudflare)
+  "STORAGE",
+  // Storage providers (S3, R2)
+  "SEARCH",
+  // Search providers (Algolia, Pinecone)
+  "PAYMENTS",
+  // Payment providers (Stripe)
+  "COMPUTE",
+  // Compute providers (Modal, Replicate)
+  "OTHER"
+  // Catch-all for new categories
+]);
+var StackProviderSchema = z5.object({
+  provider_id: z5.string(),
+  role: ProviderRoleSchema,
+  // P1: Now a constrained enum
+  display_name: z5.string(),
+  budget_allocation: z5.number().nonnegative(),
+  sku_ids: z5.array(z5.string()),
+  availability_type: AvailabilityTypeSchema
+});
+var StackSchema = z5.object({
+  id: z5.string(),
+  slug: z5.string(),
+  name: z5.string(),
+  tagline: z5.string(),
+  icon: z5.string(),
+  providers: z5.array(StackProviderSchema),
+  github_template: z5.string().nullable(),
+  total_budget: z5.number().nonnegative(),
+  event_id: z5.string().nullable()
+  // null = evergreen
+});
+var StackConnectionSchema = z5.object({
+  id: z5.string(),
+  stack_id: z5.string(),
+  passport_id: z5.string(),
+  team_id: z5.string().nullable(),
+  environment_id: z5.string(),
+  connected_at: z5.string().datetime(),
+  connected_providers: z5.array(z5.string())
+});
+function kernelOk(data, status = 200) {
+  return { ok: true, status, data };
+}
+function kernelError(code, message, status, details) {
+  return {
+    ok: false,
+    status: status ?? ERROR_CODE_STATUS[code],
+    error: {
+      code,
+      message,
+      ...details && { details }
+    }
+  };
+}
+var GOLDEN_FIXTURES = {
+  /**
+   * Sample CrossingHashInputV0 for hash conformance.
+   */
+  crossingHashInput: {
+    v: 0,
+    snapshot: {
+      crossingId: "cross_test123abc456def789ghi",
+      capabilityId: "gemini.generate.v1",
+      passportId: "passport_user123abc456def789g",
+      event_id: "evt_hackathon2026",
+      access_window_id: "aw_sponsor_mongodb",
+      access_grant_id: "ag_team_001",
+      attribution_org_id: "mongodb",
+      funding_source: "SPONSOR",
+      credential_source: "SPONSOR_KEY"
+    },
+    attested_receipt_id: "rcpt_01HZABCDEF1234567890ABCDEF"
+  },
+  /**
+   * Expected crossing_hash for the above input (FROZEN).
+   * Compute: JCS canonicalize → SHA-256 → base64url (no padding)
+   *
+   * This is the golden vector. If your hash differs, your implementation
+   * is not conformant. DO NOT CHANGE unless crossingHashInput changes.
+   */
+  expectedCrossingHash_base64url_sha256_jcs_v0: "z8A2kCNck4rPL4ugNe-Fbxputdi3PkjkVpSrIBhojU0",
+  /**
+   * Sample CrossingSettledReceipt.
+   */
+  crossingSettledReceipt: {
+    type: "CrossingSettled",
+    crossingId: "cross_test123abc456def789ghi",
+    event_id: "evt_hackathon2026",
+    access_window_id: "aw_sponsor_mongodb",
+    access_grant_id: "ag_team_001",
+    attribution_org_id: "mongodb",
+    funding_source: "SPONSOR",
+    credential_source: "SPONSOR_KEY",
+    settlement_authority: "hlos.ai",
+    crossing_hash: "z8A2kCNck4rPL4ugNe-Fbxputdi3PkjkVpSrIBhojU0",
+    attested_receipt_id: "rcpt_01HZABCDEF1234567890ABCDEF",
+    settled_at: "2026-01-24T12:00:00.000Z"
+  }
+};
+function isCrossingHashInputV0(value) {
+  return CrossingHashInputV0Schema.safeParse(value).success;
+}
+function isCrossingSettledReceipt(value) {
+  return CrossingSettledReceiptSchema.safeParse(value).success;
+}
+
+// src/w.ts
+import { z as z6 } from "zod";
+var W_RPID_DOMAIN = new TextEncoder().encode("W:RPID:v1");
+var W_TXCTX_DOMAIN = new TextEncoder().encode("W:TXCTX:v1");
+var RFC3339_CAPTURING = /^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})(\.(\d{1,9}))?(Z|([+-])(\d{2}):(\d{2}))$/;
+function isLeapYear(year) {
+  return year % 4 === 0 && year % 100 !== 0 || year % 400 === 0;
+}
+function daysInMonth(year, month) {
+  const days = [31, isLeapYear(year) ? 29 : 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31];
+  return days[month - 1] ?? 0;
+}
+function parseRfc3339StrictToMs(value) {
+  const match = RFC3339_CAPTURING.exec(value);
+  if (!match) {
+    throw new Error(
+      `Invalid epoch: "${value}" is not a valid RFC3339 datetime (requires time and timezone)`
+    );
+  }
+  const year = Number(match[1]);
+  const month = Number(match[2]);
+  const day = Number(match[3]);
+  const hour = Number(match[4]);
+  const minute = Number(match[5]);
+  const second = Number(match[6]);
+  const fraction = match[8] ?? "";
+  const tz = match[9];
+  if (month < 1 || month > 12) {
+    throw new Error("Invalid epoch: month out of range");
+  }
+  const maxDay = daysInMonth(year, month);
+  if (day < 1 || day > maxDay) {
+    throw new Error("Invalid epoch: day out of range");
+  }
+  if (hour > 23) {
+    throw new Error("Invalid epoch: hour out of range");
+  }
+  if (minute > 59) {
+    throw new Error("Invalid epoch: minute out of range");
+  }
+  if (second > 59) {
+    throw new Error("Invalid epoch: second out of range");
+  }
+  const msFraction = fraction.length ? Number((fraction + "000").slice(0, 3)) : 0;
+  const utcMs = Date.UTC(year, month - 1, day, hour, minute, second, msFraction);
+  let offsetMs = 0;
+  if (tz !== "Z") {
+    const sign = match[10] === "-" ? -1 : 1;
+    const offsetHour = Number(match[11]);
+    const offsetMinute = Number(match[12]);
+    if (offsetHour > 23) {
+      throw new Error("Invalid epoch: tz hour out of range");
+    }
+    if (offsetMinute > 59) {
+      throw new Error("Invalid epoch: tz minute out of range");
+    }
+    offsetMs = sign * (offsetHour * 60 + offsetMinute) * 6e4;
+  }
+  const ms = utcMs - offsetMs;
+  if (!Number.isFinite(ms) || ms < 0) {
+    throw new Error("Invalid epoch: must be a non-negative timestamp");
+  }
+  return ms;
+}
+function encodeEpoch(epoch) {
+  let ms;
+  if (typeof epoch === "string") {
+    ms = parseRfc3339StrictToMs(epoch);
+  } else {
+    if (!Number.isInteger(epoch) || epoch < 0) {
+      throw new Error(`Invalid epoch: ${epoch} must be a non-negative integer`);
+    }
+    ms = epoch;
+  }
+  const buf = new ArrayBuffer(8);
+  const view = new DataView(buf);
+  view.setBigUint64(0, BigInt(ms), false);
+  return new Uint8Array(buf);
+}
+var RelyingPartyIdSchema = z6.object({
+  /** RP domain (e.g., "merchant.example.com") */
+  domain: z6.string().min(1).max(253),
+  /** Audience URI (e.g., "https://merchant.example.com/verify") */
+  audience_uri: z6.string().url(),
+  /** SHA-256 hash of verifier's public key (hex, 64 chars) */
+  verifier_key_hash: z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex")
+});
+var RotationEpochSchema = z6.union([
+  z6.number().int().nonnegative(),
+  z6.string().datetime({ offset: true })
+  // Requires timezone offset (RFC3339)
+]);
+var RPIDSchema = z6.string().length(43, "RPID must be base64url-encoded 32 bytes (43 chars, no padding)").regex(/^[A-Za-z0-9_-]+$/, "Must be base64url (no padding)");
+var TransactionContextSchema = z6.object({
+  // Required core (stable)
+  relying_party_id: RelyingPartyIdSchema,
+  /** sha256(JCS({ intent, request })) — see computeOperationHash() */
+  operation_hash: z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex"),
+  /** Validity start (RFC3339) */
+  not_before: z6.string().datetime({ offset: true }),
+  /** Validity end (RFC3339) */
+  not_after: z6.string().datetime({ offset: true }),
+  // Optional (part of hash, must be consistent)
+  amount: z6.number().nonnegative().optional(),
+  currency: z6.string().length(3).optional(),
+  surface_id: z6.string().optional(),
+  channel_id: z6.string().optional()
+});
+var TransactionContextHashSchema = z6.string().regex(/^[a-f0-9]{64}$/, "Must be 64-char lowercase hex");
+var W_GOLDEN_FIXTURES = {
+  /**
+   * encodeEpoch(1706486400000) = 2024-01-29T00:00:00.000Z
+   * Expected: 8 bytes, u64 big-endian
+   */
+  epochMs: 17064864e5,
+  expectedEpochBytes: new Uint8Array([0, 0, 1, 141, 82, 132, 4, 0]),
+  /**
+   * Sample RelyingPartyId for test vectors
+   */
+  sampleRpId: {
+    domain: "merchant.example.com",
+    audience_uri: "https://merchant.example.com/verify",
+    verifier_key_hash: "a".repeat(64)
+  },
+  /**
+   * Sample TransactionContext for test vectors
+   */
+  sampleTxContext: {
+    relying_party_id: {
+      domain: "merchant.example.com",
+      audience_uri: "https://merchant.example.com/verify",
+      verifier_key_hash: "a".repeat(64)
+    },
+    operation_hash: "b".repeat(64),
+    not_before: "2026-01-29T00:00:00Z",
+    not_after: "2026-01-29T00:05:00Z"
+  },
+  /**
+   * MAX_WINDOW_MS: Maximum allowed not_after - not_before (5 minutes)
+   */
+  MAX_WINDOW_MS: 5 * 60 * 1e3
+};
+function validateTimeWindow(context) {
+  let notBefore;
+  let notAfter;
+  try {
+    notBefore = parseRfc3339StrictToMs(context.not_before);
+    notAfter = parseRfc3339StrictToMs(context.not_after);
+  } catch {
+    throw new Error("Invalid timestamp: not_before/not_after must be RFC3339 with timezone");
+  }
+  if (notAfter <= notBefore) {
+    throw new Error("not_after must be greater than not_before");
+  }
+  const windowMs = notAfter - notBefore;
+  if (windowMs > W_GOLDEN_FIXTURES.MAX_WINDOW_MS) {
+    throw new Error(
+      `Time window ${windowMs}ms exceeds MAX_WINDOW_MS (${W_GOLDEN_FIXTURES.MAX_WINDOW_MS}ms)`
+    );
+  }
+  return true;
+}
+
+// src/agents.ts
+import { z as z7 } from "zod";
+var AgentStatusSchema = z7.enum(["ACTIVE", "PENDING", "SUSPENDED", "REVOKED"]).or(z7.string().min(1));
+var AgentTypeSchema = z7.enum(["CUSTOM", "CLAUDE", "GPT", "GEMINI", "CURSOR", "COPILOT", "OTHER"]).or(z7.string().min(1));
+var AgentListItemSchema = z7.object({
+  id: z7.string().min(1),
+  external_id: z7.string().min(1),
+  name: z7.string().min(1),
+  status: AgentStatusSchema,
+  agent_type: AgentTypeSchema,
+  trust_score: z7.number().int().min(0).max(1e3),
+  hosting_model: z7.null(),
+  declared_tier: z7.null(),
+  created_at: z7.string().datetime()
+}).passthrough();
+var AgentsListResponseSchema = z7.object({
+  agents: z7.array(AgentListItemSchema),
+  _meta: z7.object({
+    source: z7.literal("hlos")
+  })
+}).passthrough();
+var AgentPassportStubResponseSchema = z7.object({
+  passport_id: z7.null(),
+  agent_id: z7.string().min(1),
+  hosting_model: z7.null(),
+  declared_tier: z7.null(),
+  effective_tier: z7.null(),
+  finality_level: z7.null(),
+  graph: z7.object({
+    incoming_edges: z7.null(),
+    outgoing_edges: z7.null(),
+    active_visas: z7.null()
+  }).passthrough(),
+  links: z7.object({
+    passport_url: z7.string().startsWith("/agent-passport/agents/"),
+    docs_url: z7.literal("/agents/passport")
+  }).passthrough(),
+  _meta: z7.object({
+    source: z7.literal("stub")
+  })
+}).passthrough();
+
+// src/encoding.ts
+import { z as z8 } from "zod";
+function bytesToBase64url(bytes) {
+  let binary = "";
+  for (let i = 0; i < bytes.length; i++) {
+    binary += String.fromCharCode(bytes[i]);
+  }
+  const base64 = btoa(binary);
+  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function base64urlToBytes(str) {
+  const base64 = str.replace(/-/g, "+").replace(/_/g, "/");
+  const padded = base64 + "=".repeat((4 - base64.length % 4) % 4);
+  const binary = atob(padded);
+  const bytes = new Uint8Array(binary.length);
+  for (let i = 0; i < binary.length; i++) {
+    bytes[i] = binary.charCodeAt(i);
+  }
+  return bytes;
+}
+var BASE64URL_SHA256_REGEX = /^[A-Za-z0-9_-]{43}$/;
+var Base64urlSha256Schema = z8.string().regex(
+  BASE64URL_SHA256_REGEX,
+  "Must be 43-char base64url (32-byte SHA-256 digest)"
+);
+var Base64urlEd25519SigSchema = z8.string().regex(
+  /^[A-Za-z0-9_-]{86}$/,
+  "Must be 86-char base64url (64-byte Ed25519 signature)"
+);
+
+// src/receipt-hash.ts
+var cachedSha256 = null;
+function sortKeysDeep(value) {
+  if (Array.isArray(value)) return value.map(sortKeysDeep);
+  if (value !== null && typeof value === "object") {
+    const obj = value;
+    const out = {};
+    for (const key of Object.keys(obj).sort()) {
+      out[key] = sortKeysDeep(obj[key]);
+    }
+    return out;
+  }
+  return value;
+}
+function jcsCanonicalize(value) {
+  return JSON.stringify(sortKeysDeep(value), (_key, v) => {
+    if (v === void 0) throw new Error("JCS: undefined is not allowed");
+    if (typeof v === "function") throw new Error("JCS: function is not allowed");
+    if (typeof v === "symbol") throw new Error("JCS: symbol is not allowed");
+    if (typeof v === "bigint") throw new Error("JCS: bigint is not allowed");
+    if (typeof v === "number" && !Number.isFinite(v))
+      throw new Error("JCS: non-finite number is not allowed");
+    return v;
+  });
+}
+function computeReceiptHash(receipt) {
+  const sha256 = loadSha256();
+  const canonical = jcsCanonicalize(receipt);
+  const digest = sha256(new TextEncoder().encode(canonical));
+  return bytesToBase64url(digest);
+}
+function computeContentHash(content) {
+  const sha256 = loadSha256();
+  const canonical = jcsCanonicalize(content);
+  const digest = sha256(new TextEncoder().encode(canonical));
+  return bytesToBase64url(digest);
+}
+function loadSha256() {
+  if (cachedSha256) return cachedSha256;
+  let _require;
+  try {
+    const { createRequire } = __require("module");
+    _require = createRequire(import.meta.url);
+  } catch {
+    _require = __require;
+  }
+  let sha256;
+  try {
+    sha256 = _require("@noble/hashes/sha2.js").sha256;
+  } catch {
+    try {
+      sha256 = _require("@noble/hashes/sha2").sha256;
+    } catch {
+      throw new Error(
+        "computeReceiptHash/computeContentHash requires @noble/hashes as a peer dependency. Install it: npm install @noble/hashes"
+      );
+    }
+  }
+  cachedSha256 = sha256;
+  return sha256;
+}
+var ReceiptHashSchema = Base64urlSha256Schema.describe(
+  "receipt_hash: base64url(SHA-256(JCS(receipt)))"
+);
+var RECEIPT_HASH_GOLDEN_FIXTURE = {
+  receipt: {
+    "@type": "https://hlos.ai/schema/SignedReceiptV0",
+    version: 0,
+    receipt_id: "rcpt_01HZGOLDENTEST000000000000",
+    content: {
+      type: "CrossingSettled",
+      crossingId: "cross_test123abc456def789ghi",
+      settlement_authority: "hlos.ai"
+    },
+    // Placeholder bytes (NOT a valid cryptographic signature)
+    content_hash: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
+    signature: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
+    key_id: "hlos-v2-1",
+    issued_at: "2026-01-27T00:00:00.000Z"
+  },
+  /**
+   * Expected JCS canonical form of the receipt.
+   * Keys are lexicographically sorted at all levels.
+   */
+  expectedJcs: '{"@type":"https://hlos.ai/schema/SignedReceiptV0","content":{"crossingId":"cross_test123abc456def789ghi","settlement_authority":"hlos.ai","type":"CrossingSettled"},"content_hash":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA","issued_at":"2026-01-27T00:00:00.000Z","key_id":"hlos-v2-1","receipt_id":"rcpt_01HZGOLDENTEST000000000000","signature":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA","version":0}',
+  /**
+   * Expected receipt_hash (FROZEN).
+   * Compute: JCS canonicalize receipt → SHA-256 → base64url (no padding)
+   *
+   * DO NOT CHANGE unless the receipt fixture above changes.
+   */
+  expectedReceiptHash: "uLiQVUeVKcE35Rdje2fArZQfTcECDgwK6UbmQB_36Pg"
+};
+
+// src/finality.ts
+import { z as z9 } from "zod";
+var NA_ID_PREFIX = "na_";
+var FinalityLevel = {
+  SOFT: "SOFT",
+  HARD: "HARD"
+};
+var NotaryAttestationIdFormatSchema = z9.string().regex(
+  /^na_[a-zA-Z0-9]{20,}$/,
+  "NA ID must match na_[a-zA-Z0-9]{20,}"
+);
+var LogInclusionProofSchema = z9.object({
+  /** Merkle root hash (base64url SHA-256) */
+  root: Base64urlSha256Schema,
+  /** Sibling hashes along the path (base64url SHA-256 each) */
+  proof: z9.array(Base64urlSha256Schema),
+  /** Leaf index in the log */
+  index: z9.number().int().nonnegative()
+});
+var NotaryAttestationSchema = z9.object({
+  // --- Required ---
+  /** Unique NA identifier */
+  na_id: NotaryAttestationIdFormatSchema,
+  /** The receipt_hash this NA attests to */
+  receipt_hash: Base64urlSha256Schema,
+  /** Notary service identifier (e.g. "staampid") */
+  notary_id: z9.string().min(1),
+  /** ISO 8601 timestamp when NA was issued */
+  issued_at: z9.string().datetime(),
+  /** Notary's countersignature (base64url encoded) */
+  signature: z9.string().min(1),
+  /** Signature algorithm (e.g. "EdDSA") */
+  signature_alg: z9.string().min(1),
+  // --- Optional (future-proof) ---
+  /** Receipt type being attested */
+  receipt_type: z9.string().optional(),
+  /** Receipt version being attested */
+  receipt_version: z9.number().int().nonnegative().optional(),
+  /** Settlement authority that issued the receipt (cross-check) */
+  settlement_authority: z9.string().optional(),
+  /** TTL in seconds for this attestation */
+  validity_window_seconds: z9.number().int().positive().optional(),
+  /** ISO 8601 expiry (derived from issued_at + validity_window_seconds) */
+  expires_at: z9.string().datetime().optional(),
+  /** Merkle proof for append-only log inclusion */
+  log_inclusion: LogInclusionProofSchema.optional()
+});
+var NotaryRequestSchema = z9.object({
+  /** receipt_hash to be attested (base64url SHA-256) */
+  receipt_hash: Base64urlSha256Schema,
+  /** Must be literal 'hlos.ai' */
+  settlement_authority: z9.literal(SETTLEMENT_AUTHORITY),
+  /** Crossing this receipt belongs to */
+  crossing_id: z9.string().min(1),
+  /** Type of the receipt being attested */
+  receipt_type: z9.string().min(1),
+  /** Version of the receipt being attested */
+  receipt_version: z9.number().int().nonnegative(),
+  /** ISO 8601 timestamp of the request */
+  timestamp: z9.string().datetime(),
+  /** Optional: requested validity window in seconds */
+  validity_window_seconds: z9.number().int().positive().optional()
+});
+var NotarizeStatusSchema = z9.enum([
+  "HARD",
+  // NA obtained, finality upgraded
+  "PENDING",
+  // Notarization in progress (async)
+  "FAILED",
+  // Notarization failed
+  "ALREADY_HARD"
+  // Receipt already has NA
+]);
+var NotarizeResponseSchema = z9.object({
+  /** Finality status after this operation */
+  status: NotarizeStatusSchema,
+  /** The receipt_hash that was notarized */
+  receipt_hash: Base64urlSha256Schema,
+  /** Hash of the NA itself (optional, present when status is HARD) */
+  na_hash: Base64urlSha256Schema.optional(),
+  /** The full NA object (optional embed) */
+  na: NotaryAttestationSchema.optional(),
+  /** Notary service identifier */
+  notary: z9.string().min(1).optional(),
+  /** NA ID for retrieval */
+  notary_receipt_id: z9.string().optional(),
+  /** ISO 8601 timestamp */
+  timestamp: z9.string().datetime(),
+  /** Error details (present when status is FAILED) */
+  error: z9.string().optional()
+});
+function isNotaryAttestation(value) {
+  return NotaryAttestationSchema.safeParse(value).success;
+}
+function isNotaryRequest(value) {
+  return NotaryRequestSchema.safeParse(value).success;
+}
+var ArtifactRefSchema = z9.object({
+  /** Artifact type */
+  type: z9.enum(["CR", "LAT", "EGP", "SA", "SignedReceiptV0", "NA"]),
+  /** base64url SHA-256 hash of the artifact */
+  hash: Base64urlSha256Schema,
+  /** Issuer of the artifact */
+  issuer: z9.string().min(1),
+  /** Schema version */
+  version: z9.string().min(1),
+  /** Optional retrieval URI */
+  uri: z9.string().url().optional()
+});
+var FINALITY_GOLDEN_FIXTURES = {
+  /** Sample NotaryAttestation */
+  notaryAttestation: {
+    na_id: "na_01HZGOLDENNATEST00000000",
+    receipt_hash: "uLiQVUeVKcE35Rdje2fArZQfTcECDgwK6UbmQB_36Pg",
+    notary_id: "staampid",
+    issued_at: "2026-01-27T00:01:00.000Z",
+    signature: "dGVzdF9ub3Rhcnlfc2lnbmF0dXJlXzY0X2J5dGVzX3BhZGRlZF90b19maWxsXzg2X2NoYXJhY3RlcnNf",
+    signature_alg: "EdDSA",
+    receipt_type: "SignedReceiptV0",
+    receipt_version: 0,
+    settlement_authority: "hlos.ai"
+  },
+  /** Sample NotaryRequest */
+  notaryRequest: {
+    receipt_hash: "uLiQVUeVKcE35Rdje2fArZQfTcECDgwK6UbmQB_36Pg",
+    settlement_authority: "hlos.ai",
+    crossing_id: "cross_test123abc456def789ghi",
+    receipt_type: "SignedReceiptV0",
+    receipt_version: 0,
+    timestamp: "2026-01-27T00:00:30.000Z"
+  },
+  /** Sample successful notarize response */
+  notarizeResponseHard: {
+    status: "HARD",
+    receipt_hash: "uLiQVUeVKcE35Rdje2fArZQfTcECDgwK6UbmQB_36Pg",
+    na_hash: "_rkedsyWZhokzye55M9NRAvIKFTxFCYTHVOPjg9cAfU",
+    notary: "staampid",
+    notary_receipt_id: "na_01HZGOLDENNATEST00000000",
+    timestamp: "2026-01-27T00:01:00.000Z"
+  }
+};
+export {
+  AgentListItemSchema,
+  AgentPassportStubResponseSchema,
+  AgentStatusSchema,
+  AgentTypeSchema,
+  AgentsListResponseSchema,
+  ArtifactRefSchema,
+  AvailabilityTypeSchema,
+  BASE64URL_SHA256_REGEX,
+  Base64urlEd25519SigSchema,
+  Base64urlSha256Schema,
+  CONTENT_HASH_LENGTH,
+  CorrelationIdSchema,
+  CredentialSourceSchema,
+  CrossingHashInputV0Schema,
+  CrossingIdFormatSchema,
+  CrossingIdSchema,
+  CrossingSettledReceiptSchema,
+  CrossingSnapshotV0Schema,
+  ERROR_CODE_STATUS,
+  ErrorResponseSchema,
+  FINALITY_GOLDEN_FIXTURES,
+  FinalityLevel,
+  FundingSourceSchema,
+  GOLDEN_FIXTURES,
+  IdempotencyKeySchema,
+  KernelErrorCodeSchema2 as KernelErrorCodeSchema,
+  KernelErrorSchema,
+  KernelOkSchema,
+  LogInclusionProofSchema,
+  NA_ID_PREFIX,
+  NotarizeResponseSchema,
+  NotarizeStatusSchema,
+  NotaryAttestationIdFormatSchema,
+  NotaryAttestationSchema,
+  NotaryRequestSchema,
+  PassportIdFormatSchema,
+  PassportIdSchema,
+  ProviderRoleSchema,
+  RECEIPT_HASH_GOLDEN_FIXTURE,
+  RECEIPT_TYPE_URI,
+  RECEIPT_VERSION,
+  RPIDSchema,
+  ReceiptHashSchema,
+  ReceiptIdFormatSchema,
+  ReceiptIdSchema,
+  RelyingPartyIdSchema,
+  RotationEpochSchema,
+  SETTLEMENT_AUTHORITY,
+  SIGNATURE_LENGTH,
+  SURFACES,
+  SignedReceiptV0LooseSchema,
+  SignedReceiptV0Schema,
+  StackConnectionSchema,
+  StackProviderSchema,
+  StackSchema,
+  SuccessResponseSchema,
+  SurfaceSchema,
+  TransactionContextHashSchema,
+  TransactionContextSchema,
+  W_GOLDEN_FIXTURES,
+  W_RPID_DOMAIN,
+  W_TXCTX_DOMAIN,
+  WalletIdFormatSchema,
+  WalletIdSchema,
+  base64urlToBytes,
+  bytesToBase64url,
+  computeContentHash,
+  computeReceiptHash,
+  deriveFundingSource,
+  encodeEpoch,
+  error,
+  generateCrossingId,
+  generateId,
+  generatePassportId,
+  generateReceiptId,
+  generateWalletId,
+  isCrossingHashInputV0,
+  isCrossingSettledReceipt,
+  isNotaryAttestation,
+  isNotaryRequest,
+  isSignedReceiptV0,
+  jcsCanonicalize,
+  kernelError,
+  kernelOk,
+  success,
+  validateTimeWindow
+};
+//# sourceMappingURL=index.js.map