@imagxp/protocol 1.0.0 → 1.0.2

package/dist/agent.js

@@ -1,4 +1,4 @@
-import { generateKeyPair, signData, exportPublicKey } from './crypto.js';
+import { generateKeyPair, signData, exportPublicKey, importPrivateKey, importPublicKey } from './crypto.js';
 import { IMAGXP_VERSION } from './constants.js';
 export class IMAGXPAgent {
     constructor() {
@@ -10,9 +10,24 @@ export class IMAGXPAgent {
      * @param customAgentId For PRODUCTION, this should be your domain (e.g., "bot.openai.com")
      */
     async initialize(customAgentId) {
-        this.keyPair = await generateKeyPair();
+        if (process.env.IMAGXP_PRIVATE_KEY && process.env.IMAGXP_PUBLIC_KEY) {
+            // 1. Load Persistent Identity from Environment
+            console.log(`[IMAGXP] Loading Agent Identity from Environment...`);
+            try {
+                const privateKey = await importPrivateKey(process.env.IMAGXP_PRIVATE_KEY);
+                const publicKey = await importPublicKey(process.env.IMAGXP_PUBLIC_KEY);
+                this.keyPair = { privateKey, publicKey };
+            }
+            catch (e) {
+                console.error("Failed to load keys from env:", e);
+            }
+        }
+        // Fallback or Normal Init
+        if (!this.keyPair) {
+            this.keyPair = await generateKeyPair();
+        }
         // Use the provided ID (authentic) or generate a session ID (ephemeral)
-        this.agentId = customAgentId || "agent_" + Math.random().toString(36).substring(7);
+        this.agentId = process.env.IMAGXP_AGENT_ID || customAgentId || "agent_" + Math.random().toString(36).substring(7);
     }
     async createAccessRequest(resource, purpose, options = {}) {
         if (!this.keyPair)

package/dist/crypto.d.ts

@@ -7,3 +7,5 @@ export declare function signData(privateKey: CryptoKey, data: string): Promise<s
 export declare function verifySignature(publicKey: CryptoKey, data: string, signatureHex: string): Promise<boolean>;
 export declare function exportPublicKey(key: CryptoKey): Promise<string>;
 export declare function importPublicKey(keyData: string): Promise<CryptoKey>;
+export declare function exportPrivateKey(key: CryptoKey): Promise<string>;
+export declare function importPrivateKey(keyData: string): Promise<CryptoKey>;

package/dist/crypto.js

@@ -33,6 +33,18 @@ export async function importPublicKey(keyData) {
     }
     return await crypto.subtle.importKey("spki", bytes, { name: "ECDSA", namedCurve: "P-256" }, true, ["verify"]);
 }
+export async function exportPrivateKey(key) {
+    const exported = await crypto.subtle.exportKey("pkcs8", key);
+    return btoa(String.fromCharCode(...new Uint8Array(exported)));
+}
+export async function importPrivateKey(keyData) {
+    const binaryString = atob(keyData);
+    const bytes = new Uint8Array(binaryString.length);
+    for (let i = 0; i < binaryString.length; i++) {
+        bytes[i] = binaryString.charCodeAt(i);
+    }
+    return await crypto.subtle.importKey("pkcs8", bytes, { name: "ECDSA", namedCurve: "P-256" }, true, ["sign"]);
+}
 // Helpers
 function bufToHex(buffer) {
     return Array.from(new Uint8Array(buffer))

package/dist/express.js

@@ -4,14 +4,28 @@
  */
 import { IMAGXPPublisher } from './publisher.js';
 import { ContentOrigin } from './types.js';
-import { generateKeyPair } from './crypto.js';
+import { generateKeyPair, importPrivateKey, importPublicKey } from './crypto.js';
 export class IMAGXP {
     constructor(config) {
         this.publisher = new IMAGXPPublisher({ version: '1.1', ...config.policy }, config.strategy || 'PASSIVE', config.cache);
         this.origin = ContentOrigin[config.meta.origin];
-        this.ready = generateKeyPair().then(keys => {
-            return this.publisher.initialize(keys);
-        });
+        const publisher = this.publisher;
+        this.ready = (async () => {
+            let keys = null;
+            if (process.env.IMAGXP_PRIVATE_KEY && process.env.IMAGXP_PUBLIC_KEY) {
+                try {
+                    const privateKey = await importPrivateKey(process.env.IMAGXP_PRIVATE_KEY);
+                    const publicKey = await importPublicKey(process.env.IMAGXP_PUBLIC_KEY);
+                    keys = { privateKey, publicKey };
+                }
+                catch (e) {
+                    console.error("IMAGXP: Failed to load keys from env", e);
+                }
+            }
+            if (!keys)
+                keys = await generateKeyPair();
+            await publisher.initialize(keys);
+        })();
     }
     static init(config) {
         return new IMAGXP(config);

package/dist/nextjs.js

@@ -4,7 +4,7 @@
  */
 import { IMAGXPPublisher } from './publisher.js';
 import { ContentOrigin } from './types.js';
-import { generateKeyPair } from './crypto.js';
+import { generateKeyPair, importPrivateKey, importPublicKey } from './crypto.js';
 const createJsonResponse = (body, status = 200) => {
     return new Response(JSON.stringify(body), {
         status,
@@ -15,7 +15,23 @@ export class IMAGXPNext {
     constructor(config) {
         this.publisher = new IMAGXPPublisher({ version: '1.1', ...config.policy }, config.strategy || 'PASSIVE', config.cache);
         this.origin = ContentOrigin[config.meta.origin];
-        this.ready = generateKeyPair().then(keys => this.publisher.initialize(keys));
+        const publisher = this.publisher;
+        this.ready = (async () => {
+            let keys = null;
+            if (process.env.IMAGXP_PRIVATE_KEY && process.env.IMAGXP_PUBLIC_KEY) {
+                try {
+                    const privateKey = await importPrivateKey(process.env.IMAGXP_PRIVATE_KEY);
+                    const publicKey = await importPublicKey(process.env.IMAGXP_PUBLIC_KEY);
+                    keys = { privateKey, publicKey };
+                }
+                catch (e) {
+                    console.error("IMAGXP: Failed to load keys from env", e);
+                }
+            }
+            if (!keys)
+                keys = await generateKeyPair();
+            await publisher.initialize(keys);
+        })();
     }
     static init(config) {
         return new IMAGXPNext(config);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@imagxp/protocol",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "TypeScript reference implementation of IMAGXP v1.1",
   "keywords": [
     "imagxp",
@@ -37,6 +37,10 @@
     "type": "git",
     "url": "https://github.com/imagxp-protocol/imagxp.git"
   },
+  "homepage": "https://imagxp.com",
+  "bugs": {
+    "url": "https://github.com/imagxp-protocol/imagxp/issues"
+  },
   "publishConfig": {
     "access": "public"
   },
@@ -50,4 +54,4 @@
     "jose": "^6.1.3",
     "node-fetch": "^2.7.0"
   }
-}
+}

package/src/agent.ts

@@ -2,9 +2,11 @@
  * Layer 2: Agent SDK
  */
 import { AccessPurpose, ProtocolHeader, SignedAccessRequest, FeedbackSignal, QualityFlag, AgentIdentityManifest } from './types.js';
-import { generateKeyPair, signData, exportPublicKey } from './crypto.js';
+import { generateKeyPair, signData, exportPublicKey, importPrivateKey, importPublicKey } from './crypto.js';
 import { IMAGXP_VERSION } from './constants.js';
 
+declare const process: any;
+
 export interface AccessOptions {
   adsDisplayed?: boolean;
 }
@@ -18,9 +20,25 @@ export class IMAGXPAgent {
    * @param customAgentId For PRODUCTION, this should be your domain (e.g., "bot.openai.com")
    */
   async initialize(customAgentId?: string) {
-    this.keyPair = await generateKeyPair();
+    if (process.env.IMAGXP_PRIVATE_KEY && process.env.IMAGXP_PUBLIC_KEY) {
+      // 1. Load Persistent Identity from Environment
+      console.log(`[IMAGXP] Loading Agent Identity from Environment...`);
+      try {
+        const privateKey = await importPrivateKey(process.env.IMAGXP_PRIVATE_KEY);
+        const publicKey = await importPublicKey(process.env.IMAGXP_PUBLIC_KEY);
+        this.keyPair = { privateKey, publicKey };
+      } catch (e) {
+        console.error("Failed to load keys from env:", e);
+      }
+    }
+
+    // Fallback or Normal Init
+    if (!this.keyPair) {
+      this.keyPair = await generateKeyPair();
+    }
+
     // Use the provided ID (authentic) or generate a session ID (ephemeral)
-    this.agentId = customAgentId || "agent_" + Math.random().toString(36).substring(7);
+    this.agentId = process.env.IMAGXP_AGENT_ID || customAgentId || "agent_" + Math.random().toString(36).substring(7);
   }
 
   async createAccessRequest(

package/src/crypto.ts

@@ -62,6 +62,27 @@ export async function importPublicKey(keyData: string): Promise<CryptoKey> {
   );
 }
 
+export async function exportPrivateKey(key: CryptoKey): Promise<string> {
+  const exported = await crypto.subtle.exportKey("pkcs8", key);
+  return btoa(String.fromCharCode(...new Uint8Array(exported)));
+}
+
+export async function importPrivateKey(keyData: string): Promise<CryptoKey> {
+  const binaryString = atob(keyData);
+  const bytes = new Uint8Array(binaryString.length);
+  for (let i = 0; i < binaryString.length; i++) {
+    bytes[i] = binaryString.charCodeAt(i);
+  }
+
+  return await crypto.subtle.importKey(
+    "pkcs8",
+    bytes,
+    { name: "ECDSA", namedCurve: "P-256" },
+    true,
+    ["sign"]
+  );
+}
+
 // Helpers
 function bufToHex(buffer: ArrayBuffer): string {
   return Array.from(new Uint8Array(buffer))

package/src/express.ts

@@ -4,7 +4,9 @@
  */
 import { IMAGXPPublisher } from './publisher.js';
 import { AccessPolicy, ContentOrigin, UnauthenticatedStrategy, IdentityCache } from './types.js';
-import { generateKeyPair } from './crypto.js';
+import { generateKeyPair, importPrivateKey, importPublicKey } from './crypto.js';
+
+declare const process: any;
 
 export interface IMAGXPConfig {
   policy: Omit<AccessPolicy, 'version'>;
@@ -31,9 +33,19 @@ export class IMAGXP {
 
     this.origin = ContentOrigin[config.meta.origin];
 
-    this.ready = generateKeyPair().then(keys => {
-      return this.publisher.initialize(keys);
-    });
+    const publisher = this.publisher;
+    this.ready = (async () => {
+      let keys: CryptoKeyPair | null = null;
+      if (process.env.IMAGXP_PRIVATE_KEY && process.env.IMAGXP_PUBLIC_KEY) {
+        try {
+          const privateKey = await importPrivateKey(process.env.IMAGXP_PRIVATE_KEY);
+          const publicKey = await importPublicKey(process.env.IMAGXP_PUBLIC_KEY);
+          keys = { privateKey, publicKey };
+        } catch (e) { console.error("IMAGXP: Failed to load keys from env", e); }
+      }
+      if (!keys) keys = await generateKeyPair();
+      await publisher.initialize(keys);
+    })();
   }
 
   static init(config: IMAGXPConfig): IMAGXP {

package/src/nextjs.ts

@@ -4,7 +4,9 @@
  */
 import { IMAGXPPublisher } from './publisher.js';
 import { AccessPolicy, ContentOrigin, UnauthenticatedStrategy, IdentityCache } from './types.js';
-import { generateKeyPair } from './crypto.js';
+import { generateKeyPair, importPrivateKey, importPublicKey } from './crypto.js';
+
+declare const process: any;
 
 type NextRequest = any;
 type NextResponse = any;
@@ -39,7 +41,20 @@ export class IMAGXPNext {
       config.cache
     );
     this.origin = ContentOrigin[config.meta.origin];
-    this.ready = generateKeyPair().then(keys => this.publisher.initialize(keys));
+
+    const publisher = this.publisher;
+    this.ready = (async () => {
+      let keys: CryptoKeyPair | null = null;
+      if (process.env.IMAGXP_PRIVATE_KEY && process.env.IMAGXP_PUBLIC_KEY) {
+        try {
+          const privateKey = await importPrivateKey(process.env.IMAGXP_PRIVATE_KEY);
+          const publicKey = await importPublicKey(process.env.IMAGXP_PUBLIC_KEY);
+          keys = { privateKey, publicKey };
+        } catch (e) { console.error("IMAGXP: Failed to load keys from env", e); }
+      }
+      if (!keys) keys = await generateKeyPair();
+      await publisher.initialize(keys);
+    })();
   }
 
   static init(config: IMAGXPConfig): IMAGXPNext {