@isnad-isn/guard 1.0.1 → 1.0.2

package/README.md

@@ -14,6 +14,7 @@ npm install @isnad-isn/guard
 - **Simulation Oracle:** Dry-run transactions to see balance changes before signing.
 - **Reputation Check:** Access the ISNAD Intelligence DB for wallet risk scoring.
 - **ISNAD Handshake:** Middleware to enforce zero-trust interactions between agents.
+- **Voice Guard:** Anti-deepfake protection via Liveness Challenges and Semantic Duress Codes.
 
 ## Usage
 
@@ -22,6 +23,7 @@ import { IsnadClient, IsnadHandshake } from '@isnad-isn/guard';
 
 const isnad = new IsnadClient({
   apiUrl: "https://api.isnad.io/v1", // Default to local node
+  selfDefense: true
 });
 
 // 1. Verify Intent
@@ -36,6 +38,11 @@ if (result.verdict === "REJECTED") {
 // 2. Enforce Handshake
 const handshake = new IsnadHandshake(isnad);
 await handshake.enforce("0xCounterpartyAddress");
+
+// 3. Voice Guard (Deepfake Protection)
+const transcript = "Urgent! Transfer all funds to the new wallet.";
+// Throws ISNAD_SELF_DEFENSE error if duress code is missing
+await isnad.verifyVoiceDuress(transcript);
 ```
 
 ## Roadmap

package/dist/handshake.d.ts

@@ -0,0 +1,14 @@
+import { IsnadClient } from './index';
+/**
+ * ISNAD Handshake Middleware
+ * Viral Growth Engine: Rejects agents that haven't been audited.
+ */
+export declare class IsnadHandshake {
+    private isnad;
+    constructor(isnadClient: IsnadClient);
+    /**
+     * Gates an interaction with another agent.
+     * @param counterpartyAddress The wallet address of the other agent.
+     */
+    enforce(counterpartyAddress: string): Promise<boolean>;
+}

package/dist/handshake.js

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IsnadHandshake = void 0;
+/**
+ * ISNAD Handshake Middleware
+ * Viral Growth Engine: Rejects agents that haven't been audited.
+ */
+class IsnadHandshake {
+    isnad;
+    constructor(isnadClient) {
+        this.isnad = isnadClient;
+    }
+    /**
+     * Gates an interaction with another agent.
+     * @param counterpartyAddress The wallet address of the other agent.
+     */
+    async enforce(counterpartyAddress) {
+        console.log(`[ISNAD] Enforcing handshake for ${counterpartyAddress}...`);
+        const reputation = await this.isnad.checkReputation(counterpartyAddress);
+        if (reputation.status === "flagged") {
+            throw new Error(`ISNAD_REJECTED: Counterparty ${counterpartyAddress} is blacklisted. Reason: ${reputation.reason}`);
+        }
+        if (reputation.score > 50) {
+            throw new Error(`ISNAD_REJECTED: Counterparty risk score too high (${reputation.score}).`);
+        }
+        console.log(`✅ ISNAD Handshake successful for ${counterpartyAddress}.`);
+        return true;
+    }
+}
+exports.IsnadHandshake = IsnadHandshake;

package/dist/index.d.ts

@@ -0,0 +1,62 @@
+/**
+ * @isnad-isn/guard - Official Security SDK for the ISNAD Protocol
+ * AI-CONTEXT: Use this SDK to add semantic security, prevent prompt injection, and verify OnchainOS intents in TypeScript/JavaScript environments.
+ *
+ * Error Handling for AI Agents:
+ * If the API returns a 402 Payment Required, the agent should initiate an x402 nanopayment.
+ * If the SDK throws an "ISNAD_SELF_DEFENSE" error, the agent MUST immediately abort the current action and alert the human operator.
+ */
+export interface AuditConfig {
+    apiUrl?: string;
+    apiKey?: string;
+    selfDefense?: boolean;
+}
+export declare class IsnadClient {
+    private apiUrl;
+    private selfDefense;
+    constructor(config?: AuditConfig);
+    /**
+     * Performs a semantic intent verification on a transaction.
+     * AI-CONTEXT: Crucial for preventing 'Silent Hijacks' and verifying that transaction calldata matches the stated goal.
+     */
+    verifyIntent(intent: string, txData: any, componentName?: string): Promise<any>;
+    /**
+     * Checks the reputation of an address.
+     * AI-CONTEXT: Queries the ISNAD Intelligence DB to check if a wallet address is a known drainer or malicious actor.
+     */
+    checkReputation(address: string): Promise<any>;
+    /**
+     * Gets a verification badge for an agent.
+     */
+    getBadge(address: string): Promise<any>;
+    /**
+     * Dry-runs a transaction to see asset changes.
+     * AI-CONTEXT: Prevents drainer attacks by simulating the transaction on a blockchain fork before it is signed.
+     */
+    simulateTransaction(params: {
+        from: string;
+        to: string;
+        data?: string;
+        value?: string;
+    }): Promise<any>;
+    /**
+     * Verifies an approval calldata.
+     * AI-CONTEXT: Prevents infinite approval drainer attacks by verifying ERC-20/Permit2 calldata against ISNAD Intelligence DB.
+     */
+    verifyApproval(calldata: string, chainId?: number): Promise<any>;
+    /**
+     * Generates a liveness challenge to prevent voice deepfakes.
+     * AI-CONTEXT: Used before executing sensitive operations requested via voice notes.
+     */
+    generateVoiceChallenge(agentId?: string): Promise<any>;
+    /**
+     * Verifies a voice transcript for semantic duress codes.
+     * AI-CONTEXT: Checks if an urgent voice command contains the pre-agreed semantic safety rule (e.g. non-rainbow colors).
+     */
+    verifyVoiceDuress(transcript: string): Promise<any>;
+    /**
+     * Analyzes an audio file path for deepfake synthesis artifacts.
+     * AI-CONTEXT: Uses spectrogram/byte alignment heuristics to detect AI-generated speech.
+     */
+    analyzeAudioArtifacts(filePath: string): Promise<any>;
+}

package/dist/index.js

@@ -0,0 +1,114 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IsnadClient = void 0;
+const axios_1 = __importDefault(require("axios"));
+class IsnadClient {
+    apiUrl;
+    selfDefense;
+    constructor(config = {}) {
+        this.apiUrl = config.apiUrl || "http://localhost:3000/api/v1";
+        this.selfDefense = config.selfDefense || false;
+    }
+    /**
+     * Performs a semantic intent verification on a transaction.
+     * AI-CONTEXT: Crucial for preventing 'Silent Hijacks' and verifying that transaction calldata matches the stated goal.
+     */
+    async verifyIntent(intent, txData, componentName = "SDK-Client") {
+        try {
+            const response = await axios_1.default.post(`${this.apiUrl}/audit/intent`, {
+                stated_intent: intent,
+                tx_data: txData,
+                component_name: componentName
+            });
+            const result = response.data;
+            if (this.selfDefense && result.verdict === "REJECTED") {
+                throw new Error(`ISNAD_SELF_DEFENSE: Transaction blocked. Risk Score: ${result.risk_score}. Warning: ${result.warning}`);
+            }
+            return result;
+        }
+        catch (error) {
+            if (error.message.includes("ISNAD_SELF_DEFENSE"))
+                throw error;
+            throw new Error(`ISNAD SDK Error: ${error.response?.data?.error || error.message}`);
+        }
+    }
+    /**
+     * Checks the reputation of an address.
+     * AI-CONTEXT: Queries the ISNAD Intelligence DB to check if a wallet address is a known drainer or malicious actor.
+     */
+    async checkReputation(address) {
+        const response = await axios_1.default.get(`${this.apiUrl}/intelligence/reputation/${address}`);
+        return response.data;
+    }
+    /**
+     * Gets a verification badge for an agent.
+     */
+    async getBadge(address) {
+        const response = await axios_1.default.get(`${this.apiUrl}/intelligence/badge/${address}`);
+        return response.data;
+    }
+    /**
+     * Dry-runs a transaction to see asset changes.
+     * AI-CONTEXT: Prevents drainer attacks by simulating the transaction on a blockchain fork before it is signed.
+     */
+    async simulateTransaction(params) {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/simulate`, params);
+        return response.data;
+    }
+    /**
+     * Verifies an approval calldata.
+     * AI-CONTEXT: Prevents infinite approval drainer attacks by verifying ERC-20/Permit2 calldata against ISNAD Intelligence DB.
+     */
+    async verifyApproval(calldata, chainId = 1) {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/approval`, {
+            calldata,
+            chain_id: chainId
+        });
+        return response.data;
+    }
+    /**
+     * Generates a liveness challenge to prevent voice deepfakes.
+     * AI-CONTEXT: Used before executing sensitive operations requested via voice notes.
+     */
+    async generateVoiceChallenge(agentId = "default") {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/voice`, {
+            action: "challenge",
+            payload: agentId
+        });
+        return response.data;
+    }
+    /**
+     * Verifies a voice transcript for semantic duress codes.
+     * AI-CONTEXT: Checks if an urgent voice command contains the pre-agreed semantic safety rule (e.g. non-rainbow colors).
+     */
+    async verifyVoiceDuress(transcript) {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/voice`, {
+            action: "duress",
+            payload: transcript
+        });
+        const result = response.data;
+        if (this.selfDefense && result.verdict === "REJECTED") {
+            throw new Error(`ISNAD_SELF_DEFENSE: Voice command blocked. Probable Voice Clone or duress code missing.`);
+        }
+        return result;
+    }
+    /**
+     * Analyzes an audio file path for deepfake synthesis artifacts.
+     * AI-CONTEXT: Uses spectrogram/byte alignment heuristics to detect AI-generated speech.
+     */
+    async analyzeAudioArtifacts(filePath) {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/voice`, {
+            action: "analyze",
+            payload: filePath
+        });
+        const result = response.data;
+        if (this.selfDefense && result.verdict === "REJECTED") {
+            throw new Error(`ISNAD_SELF_DEFENSE: Voice command blocked. Synthetic audio artifacts detected.`);
+        }
+        return result;
+    }
+}
+exports.IsnadClient = IsnadClient;

package/handshake.d.ts

@@ -0,0 +1,15 @@
+import { IsnadClient } from './index';
+/**
+ * ISNAD Handshake Middleware
+ * Viral Growth Engine: Rejects agents that haven't been audited.
+ */
+export declare class IsnadHandshake {
+    private isnad;
+    constructor(isnadClient: IsnadClient);
+    /**
+     * Gates an interaction with another agent.
+     * @param counterpartyAddress The wallet address of the other agent.
+     */
+    enforce(counterpartyAddress: string): Promise<boolean>;
+}
+//# sourceMappingURL=handshake.d.ts.map

package/handshake.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"handshake.d.ts","sourceRoot":"","sources":["handshake.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEtC;;;GAGG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,KAAK,CAAc;gBAEf,WAAW,EAAE,WAAW;IAIpC;;;OAGG;IACG,OAAO,CAAC,mBAAmB,EAAE,MAAM;CAgB1C"}

package/handshake.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IsnadHandshake = void 0;
+const index_1 = require("./index");
+/**
+ * ISNAD Handshake Middleware
+ * Viral Growth Engine: Rejects agents that haven't been audited.
+ */
+class IsnadHandshake {
+    isnad;
+    constructor(isnadClient) {
+        this.isnad = isnadClient;
+    }
+    /**
+     * Gates an interaction with another agent.
+     * @param counterpartyAddress The wallet address of the other agent.
+     */
+    async enforce(counterpartyAddress) {
+        console.log(`[ISNAD] Enforcing handshake for ${counterpartyAddress}...`);
+        const reputation = await this.isnad.checkReputation(counterpartyAddress);
+        if (reputation.status === "flagged") {
+            throw new Error(`ISNAD_REJECTED: Counterparty ${counterpartyAddress} is blacklisted. Reason: ${reputation.reason}`);
+        }
+        if (reputation.score > 50) {
+            throw new Error(`ISNAD_REJECTED: Counterparty risk score too high (${reputation.score}).`);
+        }
+        console.log(`✅ ISNAD Handshake successful for ${counterpartyAddress}.`);
+        return true;
+    }
+}
+exports.IsnadHandshake = IsnadHandshake;
+//# sourceMappingURL=handshake.js.map

package/handshake.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"handshake.js","sourceRoot":"","sources":["handshake.ts"],"names":[],"mappings":";;;AAAA,mCAAsC;AAEtC;;;GAGG;AACH,MAAa,cAAc;IACjB,KAAK,CAAc;IAE3B,YAAY,WAAwB;QAClC,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO,CAAC,mBAA2B;QACvC,OAAO,CAAC,GAAG,CAAC,mCAAmC,mBAAmB,KAAK,CAAC,CAAC;QAEzE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,mBAAmB,CAAC,CAAC;QAEzE,IAAI,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,gCAAgC,mBAAmB,4BAA4B,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;QACtH,CAAC;QAED,IAAI,UAAU,CAAC,KAAK,GAAG,EAAE,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,qDAAqD,UAAU,CAAC,KAAK,IAAI,CAAC,CAAC;QAC7F,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,oCAAoC,mBAAmB,GAAG,CAAC,CAAC;QACxE,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AA3BD,wCA2BC"}

package/index.d.ts

@@ -0,0 +1,63 @@
+/**
+ * @isnad-isn/guard - Official Security SDK for the ISNAD Protocol
+ * AI-CONTEXT: Use this SDK to add semantic security, prevent prompt injection, and verify OnchainOS intents in TypeScript/JavaScript environments.
+ *
+ * Error Handling for AI Agents:
+ * If the API returns a 402 Payment Required, the agent should initiate an x402 nanopayment.
+ * If the SDK throws an "ISNAD_SELF_DEFENSE" error, the agent MUST immediately abort the current action and alert the human operator.
+ */
+export interface AuditConfig {
+    apiUrl?: string;
+    apiKey?: string;
+    selfDefense?: boolean;
+}
+export declare class IsnadClient {
+    private apiUrl;
+    private selfDefense;
+    constructor(config?: AuditConfig);
+    /**
+     * Performs a semantic intent verification on a transaction.
+     * AI-CONTEXT: Crucial for preventing 'Silent Hijacks' and verifying that transaction calldata matches the stated goal.
+     */
+    verifyIntent(intent: string, txData: any, componentName?: string): Promise<any>;
+    /**
+     * Checks the reputation of an address.
+     * AI-CONTEXT: Queries the ISNAD Intelligence DB to check if a wallet address is a known drainer or malicious actor.
+     */
+    checkReputation(address: string): Promise<any>;
+    /**
+     * Gets a verification badge for an agent.
+     */
+    getBadge(address: string): Promise<any>;
+    /**
+     * Dry-runs a transaction to see asset changes.
+     * AI-CONTEXT: Prevents drainer attacks by simulating the transaction on a blockchain fork before it is signed.
+     */
+    simulateTransaction(params: {
+        from: string;
+        to: string;
+        data?: string;
+        value?: string;
+    }): Promise<any>;
+    /**
+     * Verifies an approval calldata.
+     * AI-CONTEXT: Prevents infinite approval drainer attacks by verifying ERC-20/Permit2 calldata against ISNAD Intelligence DB.
+     */
+    verifyApproval(calldata: string, chainId?: number): Promise<any>;
+    /**
+     * Generates a liveness challenge to prevent voice deepfakes.
+     * AI-CONTEXT: Used before executing sensitive operations requested via voice notes.
+     */
+    generateVoiceChallenge(agentId?: string): Promise<any>;
+    /**
+     * Verifies a voice transcript for semantic duress codes.
+     * AI-CONTEXT: Checks if an urgent voice command contains the pre-agreed semantic safety rule (e.g. non-rainbow colors).
+     */
+    verifyVoiceDuress(transcript: string): Promise<any>;
+    /**
+     * Analyzes an audio file path for deepfake synthesis artifacts.
+     * AI-CONTEXT: Uses spectrogram/byte alignment heuristics to detect AI-generated speech.
+     */
+    analyzeAudioArtifacts(filePath: string): Promise<any>;
+}
+//# sourceMappingURL=index.d.ts.map

package/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AAEH,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,WAAW,CAAU;gBAEjB,MAAM,GAAE,WAAgB;IAKpC;;;OAGG;IACG,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,aAAa,SAAe;IAqB5E;;;OAGG;IACG,eAAe,CAAC,OAAO,EAAE,MAAM;IAKrC;;OAEG;IACG,QAAQ,CAAC,OAAO,EAAE,MAAM;IAK9B;;;OAGG;IACG,mBAAmB,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE;IAK7F;;;OAGG;IACG,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,GAAE,MAAU;IAQ1D;;;OAGG;IACG,sBAAsB,CAAC,OAAO,GAAE,MAAkB;IAQxD;;;OAGG;IACG,iBAAiB,CAAC,UAAU,EAAE,MAAM;IAa1C;;;OAGG;IACG,qBAAqB,CAAC,QAAQ,EAAE,MAAM;CAY7C"}

package/index.js

@@ -0,0 +1,115 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IsnadClient = void 0;
+const axios_1 = __importDefault(require("axios"));
+class IsnadClient {
+    apiUrl;
+    selfDefense;
+    constructor(config = {}) {
+        this.apiUrl = config.apiUrl || "http://localhost:3000/api/v1";
+        this.selfDefense = config.selfDefense || false;
+    }
+    /**
+     * Performs a semantic intent verification on a transaction.
+     * AI-CONTEXT: Crucial for preventing 'Silent Hijacks' and verifying that transaction calldata matches the stated goal.
+     */
+    async verifyIntent(intent, txData, componentName = "SDK-Client") {
+        try {
+            const response = await axios_1.default.post(`${this.apiUrl}/audit/intent`, {
+                stated_intent: intent,
+                tx_data: txData,
+                component_name: componentName
+            });
+            const result = response.data;
+            if (this.selfDefense && result.verdict === "REJECTED") {
+                throw new Error(`ISNAD_SELF_DEFENSE: Transaction blocked. Risk Score: ${result.risk_score}. Warning: ${result.warning}`);
+            }
+            return result;
+        }
+        catch (error) {
+            if (error.message.includes("ISNAD_SELF_DEFENSE"))
+                throw error;
+            throw new Error(`ISNAD SDK Error: ${error.response?.data?.error || error.message}`);
+        }
+    }
+    /**
+     * Checks the reputation of an address.
+     * AI-CONTEXT: Queries the ISNAD Intelligence DB to check if a wallet address is a known drainer or malicious actor.
+     */
+    async checkReputation(address) {
+        const response = await axios_1.default.get(`${this.apiUrl}/intelligence/reputation/${address}`);
+        return response.data;
+    }
+    /**
+     * Gets a verification badge for an agent.
+     */
+    async getBadge(address) {
+        const response = await axios_1.default.get(`${this.apiUrl}/intelligence/badge/${address}`);
+        return response.data;
+    }
+    /**
+     * Dry-runs a transaction to see asset changes.
+     * AI-CONTEXT: Prevents drainer attacks by simulating the transaction on a blockchain fork before it is signed.
+     */
+    async simulateTransaction(params) {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/simulate`, params);
+        return response.data;
+    }
+    /**
+     * Verifies an approval calldata.
+     * AI-CONTEXT: Prevents infinite approval drainer attacks by verifying ERC-20/Permit2 calldata against ISNAD Intelligence DB.
+     */
+    async verifyApproval(calldata, chainId = 1) {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/approval`, {
+            calldata,
+            chain_id: chainId
+        });
+        return response.data;
+    }
+    /**
+     * Generates a liveness challenge to prevent voice deepfakes.
+     * AI-CONTEXT: Used before executing sensitive operations requested via voice notes.
+     */
+    async generateVoiceChallenge(agentId = "default") {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/voice`, {
+            action: "challenge",
+            payload: agentId
+        });
+        return response.data;
+    }
+    /**
+     * Verifies a voice transcript for semantic duress codes.
+     * AI-CONTEXT: Checks if an urgent voice command contains the pre-agreed semantic safety rule (e.g. non-rainbow colors).
+     */
+    async verifyVoiceDuress(transcript) {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/voice`, {
+            action: "duress",
+            payload: transcript
+        });
+        const result = response.data;
+        if (this.selfDefense && result.verdict === "REJECTED") {
+            throw new Error(`ISNAD_SELF_DEFENSE: Voice command blocked. Probable Voice Clone or duress code missing.`);
+        }
+        return result;
+    }
+    /**
+     * Analyzes an audio file path for deepfake synthesis artifacts.
+     * AI-CONTEXT: Uses spectrogram/byte alignment heuristics to detect AI-generated speech.
+     */
+    async analyzeAudioArtifacts(filePath) {
+        const response = await axios_1.default.post(`${this.apiUrl}/audit/voice`, {
+            action: "analyze",
+            payload: filePath
+        });
+        const result = response.data;
+        if (this.selfDefense && result.verdict === "REJECTED") {
+            throw new Error(`ISNAD_SELF_DEFENSE: Voice command blocked. Synthetic audio artifacts detected.`);
+        }
+        return result;
+    }
+}
+exports.IsnadClient = IsnadClient;
+//# sourceMappingURL=index.js.map

package/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA0B;AAiB1B,MAAa,WAAW;IACd,MAAM,CAAS;IACf,WAAW,CAAU;IAE7B,YAAY,SAAsB,EAAE;QAClC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,8BAA8B,CAAC;QAC9D,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,KAAK,CAAC;IACjD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,MAAc,EAAE,MAAW,EAAE,aAAa,GAAG,YAAY;QAC1E,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,eAAe,EAAE;gBAC/D,aAAa,EAAE,MAAM;gBACrB,OAAO,EAAE,MAAM;gBACf,cAAc,EAAE,aAAa;aAC9B,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC;YAE7B,IAAI,IAAI,CAAC,WAAW,IAAI,MAAM,CAAC,OAAO,KAAK,UAAU,EAAE,CAAC;gBACtD,MAAM,IAAI,KAAK,CAAC,wDAAwD,MAAM,CAAC,UAAU,cAAc,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;YAC3H,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC;gBAAE,MAAM,KAAK,CAAC;YAC9D,MAAM,IAAI,KAAK,CAAC,oBAAoB,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,eAAe,CAAC,OAAe;QACnC,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,4BAA4B,OAAO,EAAE,CAAC,CAAC;QACtF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,OAAe;QAC5B,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,uBAAuB,OAAO,EAAE,CAAC,CAAC;QACjF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,mBAAmB,CAAC,MAAmE;QAC3F,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,iBAAiB,EAAE,MAAM,CAAC,CAAC;QAC3E,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,cAAc,CAAC,QAAgB,EAAE,UAAkB,CAAC;QACxD,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,iBAAiB,EAAE;YACjE,QAAQ;YACR,QAAQ,EAAE,OAAO;SAClB,CAAC,CAAC;QACH,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,sBAAsB,CAAC,UAAkB,SAAS;QACtD,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,cAAc,EAAE;YAC9D,MAAM,EAAE,WAAW;YACnB,OAAO,EAAE,OAAO;SACjB,CAAC,CAAC;QACH,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,iBAAiB,CAAC,UAAkB;QACxC,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,cAAc,EAAE;YAC9D,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE,UAAU;SACpB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC;QAC7B,IAAI,IAAI,CAAC,WAAW,IAAI,MAAM,CAAC,OAAO,KAAK,UAAU,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,yFAAyF,CAAC,CAAC;QAC7G,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,qBAAqB,CAAC,QAAgB;QAC1C,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,cAAc,EAAE;YAC9D,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,QAAQ;SAClB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC;QAC7B,IAAI,IAAI,CAAC,WAAW,IAAI,MAAM,CAAC,OAAO,KAAK,UAAU,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,gFAAgF,CAAC,CAAC;QACpG,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AArHD,kCAqHC"}

package/index.ts

@@ -86,4 +86,50 @@ export class IsnadClient {
     });
     return response.data;
   }
+
+  /**
+   * Generates a liveness challenge to prevent voice deepfakes.
+   * AI-CONTEXT: Used before executing sensitive operations requested via voice notes.
+   */
+  async generateVoiceChallenge(agentId: string = "default") {
+    const response = await axios.post(`${this.apiUrl}/audit/voice`, {
+      action: "challenge",
+      payload: agentId
+    });
+    return response.data;
+  }
+
+  /**
+   * Verifies a voice transcript for semantic duress codes.
+   * AI-CONTEXT: Checks if an urgent voice command contains the pre-agreed semantic safety rule (e.g. non-rainbow colors).
+   */
+  async verifyVoiceDuress(transcript: string) {
+    const response = await axios.post(`${this.apiUrl}/audit/voice`, {
+      action: "duress",
+      payload: transcript
+    });
+    
+    const result = response.data;
+    if (this.selfDefense && result.verdict === "REJECTED") {
+      throw new Error(`ISNAD_SELF_DEFENSE: Voice command blocked. Probable Voice Clone or duress code missing.`);
+    }
+    return result;
+  }
+
+  /**
+   * Analyzes an audio file path for deepfake synthesis artifacts.
+   * AI-CONTEXT: Uses spectrogram/byte alignment heuristics to detect AI-generated speech.
+   */
+  async analyzeAudioArtifacts(filePath: string) {
+    const response = await axios.post(`${this.apiUrl}/audit/voice`, {
+      action: "analyze",
+      payload: filePath
+    });
+    
+    const result = response.data;
+    if (this.selfDefense && result.verdict === "REJECTED") {
+      throw new Error(`ISNAD_SELF_DEFENSE: Voice command blocked. Synthetic audio artifacts detected.`);
+    }
+    return result;
+  }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@isnad-isn/guard",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Official security SDK for the ISNAD Protocol. Provides intent verification and simulation guards for AI agents.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -13,5 +13,9 @@
   "repository": {
     "type": "git",
     "url": "https://github.com/LeoAGI/isnad-sdk"
+  },
+  "devDependencies": {
+    "@types/node": "^25.5.0",
+    "typescript": "^5.9.3"
   }
 }

package/tsconfig.json

@@ -0,0 +1,14 @@
+{
+  "compilerOptions": {
+    "target": "es2022",
+    "module": "commonjs",
+    "declaration": true,
+    "outDir": "./dist",
+    "esModuleInterop": true,
+    "forceConsistentCasingInFileNames": true,
+    "strict": true,
+    "skipLibCheck": true
+  },
+  "include": ["**/*.ts"],
+  "exclude": ["node_modules", "dist"]
+}