npm - @kehto/runtime - Versions diffs - 0.12.0 → 0.14.0 - Mend

@kehto/runtime 0.12.0 → 0.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -16,10 +16,10 @@ pnpm add @kehto/runtime
 `@kehto/runtime` is Kehto's NIP-5D protocol engine. It owns every incoming napplet message, gates it through the ACL enforcement layer, routes it to the correct NAP handler, and emits the corresponding reply envelope.
-The runtime is built around the current draft dispatch contract from `@napplet/core` — `createDispatch()` + `registerNub()` — so routing is declarative, not a hand-rolled switch. It covers the NIP-5D domains currently supported by Kehto:
+The runtime is built around the current draft dispatch contract from `@napplet/core` — `createDispatch()` + `registerNap()` — so routing is declarative, not a hand-rolled switch. It covers the NIP-5D domains currently supported by Kehto:
 - **identity** — `identity.getProfile`, `identity.getFollows`, `identity.getPublicKey`, …
-- **ifc** — `ifc.channel.*`, `ifc.emit`, cross-napplet pub/sub
+- **inc** — `inc.channel.*`, `inc.emit`, cross-napplet pub/sub
 - **keys** — `keys.forward`, `keys.action`, `keys.bind`
 - **media** — `media.*` playback & transport control
 - **notify** — `notify.send`, `notify.channel.register`, badge/permission flows
@@ -59,8 +59,8 @@ runtime.handleMessage('window-1', {
 ### Enforcement gate
 - `createEnforceGate` — legacy pubkey-keyed ACL gate
-- `createNubEnforceGate` — NIP-5D windowId-keyed ACL gate
-- `resolveCapabilitiesNub` — map a NIP-5D envelope to required capabilities (re-exported from `@kehto/acl`)
+- `createNapEnforceGate` — NIP-5D windowId-keyed ACL gate
+- `resolveCapabilitiesNap` — map a NIP-5D envelope to required capabilities (re-exported from `@kehto/acl`)
 - `formatDenialReason` — `denied: <capability>` canonical string
 ### Session registry
@@ -82,7 +82,7 @@ runtime.handleMessage('window-1', {
 - `RING_BUFFER_SIZE` — default ring buffer capacity constant
 ### State handler
-- `handleStorageNub` — canonical `storage.*` NIP-5D handler
+- `handleStorageNap` — canonical `storage.*` NIP-5D handler
 - `cleanupNappState` — remove persisted state when a napplet window closes
 ### Service dispatch

package/dist/index.d.ts CHANGED Viewed

@@ -3,8 +3,8 @@ export { NappletMessage } from '@napplet/core';
 import { Capability } from '@kehto/acl/capabilities';
 export { ALL_CAPABILITIES, Capability } from '@kehto/acl/capabilities';
 import { Decision, Action, Observation, EvaluateResult, NappletPolicy, RateLimit, ContentMatcher, FirewallConfig } from '@kehto/firewall';
-import { NubMessage } from '@kehto/acl';
-export { NubMessage, resolveCapabilitiesNub } from '@kehto/acl';
+import { NapMessage } from '@kehto/acl';
+export { NapMessage, resolveCapabilitiesNap } from '@kehto/acl';
 /**
  * Runtime persistence + cache data types.
@@ -143,13 +143,6 @@ interface VerificationCacheEntry {
  * to host napplets. No DOM types, no browser APIs.
  */
-/**
- * A napplet class identifier. `null` is the permissive default (no class).
- * provisional — mirrors packages/shell/src/types/internal-class.ts::NappletClass;
- * converges on @napplet/nap/class@^0.3.0 publish. Runtime MUST NOT import
- * from shell (module-boundary), so this duplicate lives here.
- */
-type NappletClass = string | null;
 /**
  * Event emitted on every ACL enforcement check.
  *
@@ -178,13 +171,12 @@ interface AclCheckEvent {
     /** The triggering message, if available. Accepts NIP-01 arrays or NIP-5D NappletMessage envelopes. */
     message?: unknown[] | NappletMessage;
     /**
-     * Why the decision was reached (v1.7 CLASS-03 / D7). Optional for
-     * backwards compatibility with pre-v1.7 audit consumers.
+     * Why the decision was reached. Optional for backwards compatibility with
+     * pre-v1.7 audit consumers.
      *   'allowed'             -> decision === 'allow'
      *   'capability-missing'  -> decision === 'deny' (capability lookup failed)
-     *   'class-forbidden'     -> decision === 'deny' (class pre-filter refused)
      */
-    reason?: 'allowed' | 'capability-missing' | 'class-forbidden';
+    reason?: 'allowed' | 'capability-missing';
 }
 /**
  * Abstract message sender — the runtime calls this to send messages
@@ -501,12 +493,6 @@ interface SessionEntry {
      * Renamed from `identitySource: 'auth' | 'source'` in v1.8; see .changeset/v1-8-rename-01-session-provenance.md.
      */
     provenance: 'nip-5d' | 'legacy-auth';
-    /**
-     * Class posture resolved synchronously at iframe creation (CLASS-02).
-     * `null` is the permissive default (D2). Class tokens like 'class-1' /
-     * 'class-2' are NUB-defined. See packages/shell/src/types/internal-class.ts.
-     */
-    class: NappletClass;
 }
 /** @deprecated Use SessionEntry. Will be removed in v0.9.0. */
 type NappKeyEntry = SessionEntry;
@@ -533,16 +519,16 @@ interface AclEntryExternal {
 /**
  * Handler for service-specific messages from napplets.
  * Services receive NIP-5D NappletMessage envelopes and respond via the `send` callback.
- * The same interface is used for all services regardless of what NUB domain they handle.
+ * The same interface is used for all services regardless of what NAP domain they handle.
  *
  * @example
  * ```ts
  * const audioHandler: ServiceHandler = {
  *   descriptor: { name: 'audio', version: '1.0.0' },
  *   handleMessage(windowId, message, send) {
- *     if (message.type === 'ifc.emit') {
- *       // process audio ifc event...
- *       send({ type: 'ifc.emit.result', id: (message as any).id });
+ *     if (message.type === 'inc.emit') {
+ *       // process audio inc event...
+ *       send({ type: 'inc.emit.result', id: (message as any).id });
  *     }
  *   },
  * };
@@ -764,11 +750,10 @@ interface EnforceResult {
     allowed: boolean;
     capability: Capability;
     /**
-     * Why the decision was reached (v1.7 CLASS-03 / D7). Always set on the
-     * return path. Distinct from AclCheckEvent.reason (which is optional for
-     * backwards compat on the audit surface).
+     * Why the decision was reached. Always set on the return path.
+     * Distinct from AclCheckEvent.reason (which is optional for backwards compat).
      */
-    reason: 'allowed' | 'capability-missing' | 'class-forbidden';
+    reason: 'allowed' | 'capability-missing';
 }
 /**
  * Identity lookup function type — resolves a pubkey to its full identity.
@@ -818,36 +803,34 @@ interface EnforceConfig {
  */
 declare function createEnforceGate(config: EnforceConfig): (pubkey: string, capability: Capability, message?: unknown[]) => EnforceResult;
 /**
- * Enforcement gate configuration for NIP-5D NUB handlers.
+ * Enforcement gate configuration for NIP-5D NAP handlers.
  * Uses windowId for identity resolution instead of pubkey (which is '' in NIP-5D sessions).
  *
  * @param checkAcl - The ACL check function
- * @param resolveIdentityByWindowId - Maps windowId to identity (dTag, aggregateHash, class). Returns
- *   class posture inline (v1.7 CLASS-03) so the NUB gate can pre-filter class-forbidden capabilities
- *   before consulting the ACL check. null class = permissive default (D2).
- * @param onAclCheck - Optional audit callback, called on every enforceNub() check
+ * @param resolveIdentityByWindowId - Maps windowId to identity (dTag, aggregateHash).
+ * @param onAclCheck - Optional audit callback, called on every enforceNap() check
  */
-interface NubEnforceConfig {
+interface NapEnforceConfig {
     checkAcl: AclChecker;
     resolveIdentityByWindowId: (windowId: string) => {
         dTag: string;
         aggregateHash: string;
-        class: NappletClass;
     } | undefined;
     onAclCheck?: (event: AclCheckEvent) => void;
 }
 /**
- * Create an enforcement gate for NIP-5D NUB message handlers.
+ * Create an enforcement gate for NIP-5D NAP message handlers.
  *
  * Unlike createEnforceGate (which resolves identity by pubkey), this factory
  * resolves identity by windowId — necessary for NIP-5D sessions where pubkey is ''.
  *
- * @param config - NUB enforcement configuration
- * @returns An enforceNub function that resolves identity by windowId
+ * @param config - NAP enforcement configuration
+ * @returns An enforceNap function that resolves identity by windowId and
+ *   delegates to the ACL check.
  *
  * @example
  * ```ts
- * const gate = createNubEnforceGate({
+ * const gate = createNapEnforceGate({
  *   checkAcl: aclStore.check,
  *   resolveIdentityByWindowId: (wid) => sessionRegistry.getEntryByWindowId(wid),
  *   onAclCheck: hooks.onAclCheck,
@@ -856,7 +839,7 @@ interface NubEnforceConfig {
  * // result.allowed === true | false
  * ```
  */
-declare function createNubEnforceGate(config: NubEnforceConfig): (windowId: string, capability: Capability, message?: NubMessage) => EnforceResult;
+declare function createNapEnforceGate(config: NapEnforceConfig): (windowId: string, capability: Capability, message?: NapMessage) => EnforceResult;
 /**
  * Format a denial reason string with the standard 'denied:' prefix.
  *
@@ -1271,7 +1254,7 @@ interface EventBuffer {
 declare function createEventBuffer(sendToNapplet: SendToNapplet, sessionRegistry: SessionRegistry, enforce: (pubkey: string, capability: Capability, message?: unknown[]) => EnforceResult, subscriptions: Map<string, SubscriptionEntry>, getBufferSize?: () => number): EventBuffer;
 /**
- * The napplet protocol engine — handles NIP-5D NUB domain dispatch,
+ * The napplet protocol engine — handles NIP-5D NAP domain dispatch,
  * ACL enforcement, subscription lifecycle.
  *
  * @example
@@ -1349,7 +1332,7 @@ interface Runtime {
 declare function createRuntime(hooks: RuntimeAdapter): Runtime;
 /**
- * state-handler.ts — Storage NUB request handler using persistence hooks.
+ * state-handler.ts — Storage NAP request handler using persistence hooks.
  *
  * Handles napplet storage operations (get, set, remove, keys) via the
  * canonical `@napplet/nap/storage` NIP-5D envelope surface. Delegates
@@ -1367,7 +1350,7 @@ declare function createRuntime(hooks: RuntimeAdapter): Runtime;
  */
 /**
- * Handle a NIP-5D NUB storage message from a napplet.
+ * Handle a NIP-5D NAP storage message from a napplet.
  * Routes to the canonical four `@napplet/nap/storage` actions:
  *   - `storage.get`    → `storage.get.result`    `{ value: string | null }`
  *   - `storage.set`    → `storage.set.result`    `{ ok: boolean }` (canonical only checks `error`)
@@ -1401,13 +1384,13 @@ declare function createRuntime(hooks: RuntimeAdapter): Runtime;
  *
  * @example
  * ```ts
- * import { handleStorageNub } from '@kehto/runtime';
+ * import { handleStorageNap } from '@kehto/runtime';
  *
- * handleStorageNub(windowId, { type: 'storage.get', id: 'q1', key: 'draft' },
+ * handleStorageNap(windowId, { type: 'storage.get', id: 'q1', key: 'draft' },
  *   sendToNapplet, sessionRegistry, aclState, statePersistence);
  * ```
  */
-declare function handleStorageNub(windowId: string, msg: NappletMessage, sendToNapplet: SendToNapplet, sessionRegistry: SessionRegistry, aclState: AclStateContainer, statePersistence: StatePersistence): void;
+declare function handleStorageNap(windowId: string, msg: NappletMessage, sendToNapplet: SendToNapplet, sessionRegistry: SessionRegistry, aclState: AclStateContainer, statePersistence: StatePersistence): void;
 /**
  * Remove all state entries for a napplet identity.
  * Clears both new-format and legacy-format keys for completeness.
@@ -1430,10 +1413,10 @@ declare function cleanupNappState(pubkey: string, dTag: string, aggregateHash: s
 /**
  * Route a NappletMessage envelope to the matching service handler.
  *
- * NUB-domain services are routed by the domain prefix of message.type
+ * NAP-domain services are routed by the domain prefix of message.type
  * (e.g., 'signer.signEvent' -> 'signer' service).
  *
- * IFC-routed services receive ifc.emit messages and are routed by the
+ * INC-routed services receive inc.emit messages and are routed by the
  * topic prefix before ':' (e.g., topic 'audio:play' -> 'audio' service).
  *
  * Returns true if a service handled the message, false otherwise.
@@ -1467,4 +1450,4 @@ declare function routeServiceMessage(windowId: string, message: NappletMessage,
  */
 declare function notifyServiceWindowDestroyed(windowId: string, services: ServiceRegistry): void;
-export { type AclCheckEvent, type AclChecker, type AclEntryExternal, type AclPersistence, type AclStateContainer, type AuthAdapter, type CacheAdapter, type CompatibilityReport, type ConfigAdapter, type ConsentHandler, type ConsentRequest, type CryptoAdapter, type DmAdapter, type EnforceConfig, type EnforceResult, type EventBuffer, type FirewallEvent, type FirewallPersistence, type FirewallStateContainer, type GuidPersistence, type HashVerifierAdapter, type HotkeyAdapter, type IdentityResolver, type ManifestCache, type ManifestCacheEntry, type ManifestPersistence, type NappKeyEntry, type NappKeyRegistry, type NappletClass, type NubEnforceConfig, type PendingUpdate, type PendingUpdateNotifier, RING_BUFFER_SIZE, type RelayConfigAdapter, type RelayPoolAdapter, type RelaySubscriptionHandle, type ReplayDetector, type Runtime, type RuntimeAdapter, type RuntimeConfigOverrides, type SendToNapplet, type ServiceDescriptor, type ServiceHandler, type ServiceInfo, type ServiceRegistry, type SessionEntry, type SessionRegistry, type ShellSecretPersistence, type Signer, type StatePersistence, type SubscriptionEntry, type VerificationCacheEntry, type WindowManagerAdapter, cleanupNappState, createAclState, createEnforceGate, createEventBuffer, createFirewallState, createManifestCache, createNappKeyRegistry, createNubEnforceGate, createReplayDetector, createRuntime, createSessionRegistry, formatDenialReason, handleStorageNub, matchesAnyFilter, matchesFilter, notifyServiceWindowDestroyed, routeServiceMessage };
+export { type AclCheckEvent, type AclChecker, type AclEntryExternal, type AclPersistence, type AclStateContainer, type AuthAdapter, type CacheAdapter, type CompatibilityReport, type ConfigAdapter, type ConsentHandler, type ConsentRequest, type CryptoAdapter, type DmAdapter, type EnforceConfig, type EnforceResult, type EventBuffer, type FirewallEvent, type FirewallPersistence, type FirewallStateContainer, type GuidPersistence, type HashVerifierAdapter, type HotkeyAdapter, type IdentityResolver, type ManifestCache, type ManifestCacheEntry, type ManifestPersistence, type NapEnforceConfig, type NappKeyEntry, type NappKeyRegistry, type PendingUpdate, type PendingUpdateNotifier, RING_BUFFER_SIZE, type RelayConfigAdapter, type RelayPoolAdapter, type RelaySubscriptionHandle, type ReplayDetector, type Runtime, type RuntimeAdapter, type RuntimeConfigOverrides, type SendToNapplet, type ServiceDescriptor, type ServiceHandler, type ServiceInfo, type ServiceRegistry, type SessionEntry, type SessionRegistry, type ShellSecretPersistence, type Signer, type StatePersistence, type SubscriptionEntry, type VerificationCacheEntry, type WindowManagerAdapter, cleanupNappState, createAclState, createEnforceGate, createEventBuffer, createFirewallState, createManifestCache, createNapEnforceGate, createNappKeyRegistry, createReplayDetector, createRuntime, createSessionRegistry, formatDenialReason, handleStorageNap, matchesAnyFilter, matchesFilter, notifyServiceWindowDestroyed, routeServiceMessage };