@kya-os/checkpoint-wasm-runtime 1.0.0

package/dist/engine.d.ts

@@ -0,0 +1,34 @@
+import { A as AgentRequest, C as ContextSpec, V as VerifyResult } from './types-D0j85fF0.js';
+export { a as A2ARequest, b as A2PRequest, B as BlockReason, c as ChallengeParams, D as Decision, d as DidDocument, E as EnforcementMode, e as EngineInfo, H as HttpSignedRequest, I as InstructPayload, K as KeyType, M as McpIRequest, P as PlainHttpRequest, R as RedirectTarget, S as SuggestedAction, f as VerificationMethod } from './types-D0j85fF0.js';
+export { McpIPayload } from '@kya-os/checkpoint-shared';
+
+/**
+ * `kya-os-engine` WASM bridge — E-1 (#2486 follow-up).
+ *
+ * Loads the Rust `kya-os-engine` WASM artifact and surfaces a typed
+ * `engineVerify(input, ctx)` wrapper around its single `verify` export.
+ *
+ * The engine is **synchronous** by contract. Host wrappers pre-fetch
+ * every async dependency (DID document, status list, reputation,
+ * tenant policy) and ship the results as a plain-data
+ * [`ContextSpec`] (see `./types`). The WASM glue on the Rust side
+ * builds in-memory lookup-table adapters that satisfy the engine's
+ * five sync DI traits — no JS callbacks cross the boundary.
+ *
+ * Subsequent E-2 / E-3 phases consume this module to verify HTTP
+ * requests inside the Next.js + Express middlewares.
+ */
+
+/**
+ * Verify an AgentRequest synchronously against a pre-fetched
+ * [`ContextSpec`].
+ *
+ * @throws {Error} if the WASM glue rejects the input (deserialisation
+ *   failure) or the engine returns a `VerifyError` (resolver /
+ *   status-list / reputation / policy infrastructure failure). Engine
+ *   *verdicts* (Block / Challenge / etc.) DO NOT throw — they surface
+ *   inside the returned [`VerifyResult`].
+ */
+declare function engineVerify(input: AgentRequest, ctx: ContextSpec): VerifyResult;
+
+export { AgentRequest, ContextSpec, VerifyResult, engineVerify };

package/dist/engine.js

@@ -0,0 +1,11 @@
+'use strict';
+
+// src/engine/index.ts
+function engineVerify(input, ctx) {
+  const result = (void 0)(input, ctx);
+  return result;
+}
+
+exports.engineVerify = engineVerify;
+//# sourceMappingURL=engine.js.map
+//# sourceMappingURL=engine.js.map

package/dist/engine.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/engine/index.ts"],"names":[],"mappings":";;;AAoCO,SAAS,YAAA,CAAa,OAAqB,GAAA,EAAgC;AAChF,EAAA,MAAM,MAAA,GAAS,CAAA,MAAA,EAAW,KAAA,EAAO,GAAG,CAAA;AACpC,EAAA,OAAO,MAAA;AACT","file":"engine.js","sourcesContent":["/**\n * `kya-os-engine` WASM bridge — E-1 (#2486 follow-up).\n *\n * Loads the Rust `kya-os-engine` WASM artifact and surfaces a typed\n * `engineVerify(input, ctx)` wrapper around its single `verify` export.\n *\n * The engine is **synchronous** by contract. Host wrappers pre-fetch\n * every async dependency (DID document, status list, reputation,\n * tenant policy) and ship the results as a plain-data\n * [`ContextSpec`] (see `./types`). The WASM glue on the Rust side\n * builds in-memory lookup-table adapters that satisfy the engine's\n * five sync DI traits — no JS callbacks cross the boundary.\n *\n * Subsequent E-2 / E-3 phases consume this module to verify HTTP\n * requests inside the Next.js + Express middlewares.\n */\n\nimport type { AgentRequest, ContextSpec, VerifyResult } from './types';\n\n// wasm-bindgen ships a Node.js entry that calls\n// `fs.readFileSync(__dirname + '/<name>_bg.wasm')` synchronously when\n// the module is imported. The auto-generated `.d.ts` types the export\n// loosely (`any`); we re-type at this wrapper boundary so callers see\n// the contract from `./types`.\nimport { verify as wasmVerify } from '../../wasm/kya-os-engine/kya_os_engine.js';\n\n/**\n * Verify an AgentRequest synchronously against a pre-fetched\n * [`ContextSpec`].\n *\n * @throws {Error} if the WASM glue rejects the input (deserialisation\n *   failure) or the engine returns a `VerifyError` (resolver /\n *   status-list / reputation / policy infrastructure failure). Engine\n *   *verdicts* (Block / Challenge / etc.) DO NOT throw — they surface\n *   inside the returned [`VerifyResult`].\n */\nexport function engineVerify(input: AgentRequest, ctx: ContextSpec): VerifyResult {\n  const result = wasmVerify(input, ctx);\n  return result as VerifyResult;\n}\n\nexport type {\n  AgentRequest,\n  A2ARequest,\n  A2PRequest,\n  BlockReason,\n  ChallengeParams,\n  ContextSpec,\n  Decision,\n  DidDocument,\n  EngineInfo,\n  EnforcementMode,\n  HttpSignedRequest,\n  InstructPayload,\n  KeyType,\n  McpIPayload,\n  McpIRequest,\n  PlainHttpRequest,\n  RedirectTarget,\n  SuggestedAction,\n  VerificationMethod,\n  VerifyResult,\n} from './types';\n"]}

package/dist/engine.mjs

@@ -0,0 +1,9 @@
+// src/engine/index.ts
+function engineVerify(input, ctx) {
+  const result = (void 0)(input, ctx);
+  return result;
+}
+
+export { engineVerify };
+//# sourceMappingURL=engine.mjs.map
+//# sourceMappingURL=engine.mjs.map

package/dist/engine.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/engine/index.ts"],"names":[],"mappings":";AAoCO,SAAS,YAAA,CAAa,OAAqB,GAAA,EAAgC;AAChF,EAAA,MAAM,MAAA,GAAS,CAAA,MAAA,EAAW,KAAA,EAAO,GAAG,CAAA;AACpC,EAAA,OAAO,MAAA;AACT","file":"engine.mjs","sourcesContent":["/**\n * `kya-os-engine` WASM bridge — E-1 (#2486 follow-up).\n *\n * Loads the Rust `kya-os-engine` WASM artifact and surfaces a typed\n * `engineVerify(input, ctx)` wrapper around its single `verify` export.\n *\n * The engine is **synchronous** by contract. Host wrappers pre-fetch\n * every async dependency (DID document, status list, reputation,\n * tenant policy) and ship the results as a plain-data\n * [`ContextSpec`] (see `./types`). The WASM glue on the Rust side\n * builds in-memory lookup-table adapters that satisfy the engine's\n * five sync DI traits — no JS callbacks cross the boundary.\n *\n * Subsequent E-2 / E-3 phases consume this module to verify HTTP\n * requests inside the Next.js + Express middlewares.\n */\n\nimport type { AgentRequest, ContextSpec, VerifyResult } from './types';\n\n// wasm-bindgen ships a Node.js entry that calls\n// `fs.readFileSync(__dirname + '/<name>_bg.wasm')` synchronously when\n// the module is imported. The auto-generated `.d.ts` types the export\n// loosely (`any`); we re-type at this wrapper boundary so callers see\n// the contract from `./types`.\nimport { verify as wasmVerify } from '../../wasm/kya-os-engine/kya_os_engine.js';\n\n/**\n * Verify an AgentRequest synchronously against a pre-fetched\n * [`ContextSpec`].\n *\n * @throws {Error} if the WASM glue rejects the input (deserialisation\n *   failure) or the engine returns a `VerifyError` (resolver /\n *   status-list / reputation / policy infrastructure failure). Engine\n *   *verdicts* (Block / Challenge / etc.) DO NOT throw — they surface\n *   inside the returned [`VerifyResult`].\n */\nexport function engineVerify(input: AgentRequest, ctx: ContextSpec): VerifyResult {\n  const result = wasmVerify(input, ctx);\n  return result as VerifyResult;\n}\n\nexport type {\n  AgentRequest,\n  A2ARequest,\n  A2PRequest,\n  BlockReason,\n  ChallengeParams,\n  ContextSpec,\n  Decision,\n  DidDocument,\n  EngineInfo,\n  EnforcementMode,\n  HttpSignedRequest,\n  InstructPayload,\n  KeyType,\n  McpIPayload,\n  McpIRequest,\n  PlainHttpRequest,\n  RedirectTarget,\n  SuggestedAction,\n  VerificationMethod,\n  VerifyResult,\n} from './types';\n"]}

package/dist/index.d.mts

@@ -0,0 +1,58 @@
+import { I as IDetectorOptions, a as IDetector } from './rules-detector-DjbTJ1-Q.mjs';
+export { C as CONFIDENCE, D as DetectionClass, F as ForgeabilityRisk, b as ICustomerPolicy, c as IDetectedAgent, d as IDetectionInput, e as IDetectionResult, f as IPathRule, g as IPolicyLoader, h as IWasmBindings, i as IWasmLoader, P as PolicyLoadError, j as PolicyLoader, k as PolicyLoaderConfig, R as RulesDetector, V as VerificationMethod, W as WasmDetector, l as createPolicyLoader, m as createRulesDetector } from './rules-detector-DjbTJ1-Q.mjs';
+export { S as StaticWasmLoader, c as createStaticLoader } from './static-loader-Ds4iNw7c.mjs';
+export { D as DynamicWasmLoader, c as createDynamicLoader } from './dynamic-loader-qGJacfEC.mjs';
+
+/**
+ * Create a detector with automatic runtime selection
+ *
+ * @param options - Detector configuration
+ * @returns A configured detector instance
+ *
+ * @example
+ * ```typescript
+ * // Basic usage
+ * const detector = createDetector();
+ *
+ * // With API key for policy loading
+ * const detector = createDetector({
+ *   apiKey: 'your-api-key',
+ * });
+ *
+ * // With custom WASM loader (for Edge Runtime)
+ * import wasmModule from './wasm.wasm?module';
+ * const detector = createDetector({
+ *   wasmLoader: new StaticWasmLoader(wasmModule),
+ * });
+ * ```
+ */
+declare function createDetector(options?: IDetectorOptions): IDetector;
+/**
+ * Create a detector for Edge Runtime with static WASM import
+ *
+ * @param wasmModule - Pre-compiled WebAssembly.Module from static import
+ * @param options - Detector configuration
+ *
+ * @example
+ * ```typescript
+ * // In your middleware.ts:
+ * import wasmModule from '@kya-os/checkpoint-wasm-runtime/wasm?module';
+ * import { createEdgeDetector } from '@kya-os/checkpoint-wasm-runtime';
+ *
+ * const detector = createEdgeDetector(wasmModule, {
+ *   apiKey: process.env.AGENTSHIELD_API_KEY,
+ * });
+ * ```
+ */
+declare function createEdgeDetector(wasmModule: WebAssembly.Module, options?: IDetectorOptions): IDetector;
+/**
+ * Create a fallback detector using JavaScript rules
+ *
+ * @example
+ * ```typescript
+ * const detector = createFallbackDetector();
+ * ```
+ */
+declare function createFallbackDetector(): IDetector;
+
+export { IDetector, IDetectorOptions, createDetector, createEdgeDetector, createFallbackDetector };

package/dist/index.d.ts

@@ -0,0 +1,58 @@
+import { I as IDetectorOptions, a as IDetector } from './rules-detector-DjbTJ1-Q.js';
+export { C as CONFIDENCE, D as DetectionClass, F as ForgeabilityRisk, b as ICustomerPolicy, c as IDetectedAgent, d as IDetectionInput, e as IDetectionResult, f as IPathRule, g as IPolicyLoader, h as IWasmBindings, i as IWasmLoader, P as PolicyLoadError, j as PolicyLoader, k as PolicyLoaderConfig, R as RulesDetector, V as VerificationMethod, W as WasmDetector, l as createPolicyLoader, m as createRulesDetector } from './rules-detector-DjbTJ1-Q.js';
+export { S as StaticWasmLoader, c as createStaticLoader } from './static-loader-C1hUlksK.js';
+export { D as DynamicWasmLoader, c as createDynamicLoader } from './dynamic-loader-cS-pUisw.js';
+
+/**
+ * Create a detector with automatic runtime selection
+ *
+ * @param options - Detector configuration
+ * @returns A configured detector instance
+ *
+ * @example
+ * ```typescript
+ * // Basic usage
+ * const detector = createDetector();
+ *
+ * // With API key for policy loading
+ * const detector = createDetector({
+ *   apiKey: 'your-api-key',
+ * });
+ *
+ * // With custom WASM loader (for Edge Runtime)
+ * import wasmModule from './wasm.wasm?module';
+ * const detector = createDetector({
+ *   wasmLoader: new StaticWasmLoader(wasmModule),
+ * });
+ * ```
+ */
+declare function createDetector(options?: IDetectorOptions): IDetector;
+/**
+ * Create a detector for Edge Runtime with static WASM import
+ *
+ * @param wasmModule - Pre-compiled WebAssembly.Module from static import
+ * @param options - Detector configuration
+ *
+ * @example
+ * ```typescript
+ * // In your middleware.ts:
+ * import wasmModule from '@kya-os/checkpoint-wasm-runtime/wasm?module';
+ * import { createEdgeDetector } from '@kya-os/checkpoint-wasm-runtime';
+ *
+ * const detector = createEdgeDetector(wasmModule, {
+ *   apiKey: process.env.AGENTSHIELD_API_KEY,
+ * });
+ * ```
+ */
+declare function createEdgeDetector(wasmModule: WebAssembly.Module, options?: IDetectorOptions): IDetector;
+/**
+ * Create a fallback detector using JavaScript rules
+ *
+ * @example
+ * ```typescript
+ * const detector = createFallbackDetector();
+ * ```
+ */
+declare function createFallbackDetector(): IDetector;
+
+export { IDetector, IDetectorOptions, createDetector, createEdgeDetector, createFallbackDetector };