@kya-os/contracts 1.3.3 → 1.3.4

package/dist/proof/proof-record.js

@@ -1,60 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DEFAULT_PROOF_RECORD_TTL_MS = exports.ProofRecordSchema = exports.VerificationInfoSchema = exports.CrispInfoSchema = exports.LinkageInfoSchema = exports.ProofDetailsSchema = exports.ResponseInfoSchema = exports.RequestInfoSchema = void 0;
-exports.validateProofRecord = validateProofRecord;
-exports.isProofRecordExpired = isProofRecordExpired;
-const zod_1 = require("zod");
-exports.RequestInfoSchema = zod_1.z.object({
-    method: zod_1.z.string(),
-    url: zod_1.z.string().url(),
-    bodyHash: zod_1.z.string().optional(),
-    headersHash: zod_1.z.string().optional(),
-});
-exports.ResponseInfoSchema = zod_1.z.object({
-    status: zod_1.z.number().int(),
-    bodyHash: zod_1.z.string().optional(),
-});
-exports.ProofDetailsSchema = zod_1.z.object({
-    timestamp: zod_1.z.number().int().positive(),
-    nonce: zod_1.z.string().min(1),
-    did: zod_1.z.string().min(1),
-    signature: zod_1.z.string().regex(/^[A-Za-z0-9_-]+$/),
-    algorithm: zod_1.z.enum(['Ed25519', 'ES256']),
-    sessionId: zod_1.z.string().min(1),
-    audience: zod_1.z.string().min(1),
-    request: exports.RequestInfoSchema.optional(),
-    response: exports.ResponseInfoSchema.optional(),
-});
-exports.LinkageInfoSchema = zod_1.z.object({
-    delegationId: zod_1.z.string().optional(),
-    credentialId: zod_1.z.string().optional(),
-    chainDepth: zod_1.z.number().int().nonnegative().optional(),
-});
-exports.CrispInfoSchema = zod_1.z.object({
-    unit: zod_1.z.enum(['USD', 'ops', 'points']),
-    delta: zod_1.z.number().optional(),
-    remaining: zod_1.z.number().optional(),
-});
-exports.VerificationInfoSchema = zod_1.z.object({
-    result: zod_1.z.enum(['pending', 'pass', 'fail']),
-    reason: zod_1.z.string().optional(),
-    checkedAt: zod_1.z.number().int().positive().optional(),
-});
-exports.ProofRecordSchema = zod_1.z.object({
-    id: zod_1.z.string().min(1),
-    toolName: zod_1.z.string().min(1),
-    storedAt: zod_1.z.number().int().positive(),
-    expiresAt: zod_1.z.number().int().positive(),
-    proof: exports.ProofDetailsSchema,
-    linkage: exports.LinkageInfoSchema.optional(),
-    crisp: exports.CrispInfoSchema.optional(),
-    verification: exports.VerificationInfoSchema.optional(),
-    metadata: zod_1.z.record(zod_1.z.any()).optional(),
-}).passthrough();
-function validateProofRecord(record) {
-    return exports.ProofRecordSchema.safeParse(record);
-}
-function isProofRecordExpired(record) {
-    return Date.now() > record.expiresAt;
-}
-exports.DEFAULT_PROOF_RECORD_TTL_MS = 30 * 24 * 60 * 60 * 1000;

package/dist/proof/signing-spec.d.ts

@@ -1,73 +0,0 @@
-import { z } from 'zod';
-export declare const CanonicalRequestPartsSchema: z.ZodObject<{
-    method: z.ZodString;
-    url: z.ZodString;
-    bodyHash: z.ZodOptional<z.ZodString>;
-    headersHash: z.ZodOptional<z.ZodString>;
-    nonce: z.ZodString;
-    timestamp: z.ZodNumber;
-    audience: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    nonce: string;
-    audience: string;
-    timestamp: number;
-    url: string;
-    method: string;
-    bodyHash?: string | undefined;
-    headersHash?: string | undefined;
-}, {
-    nonce: string;
-    audience: string;
-    timestamp: number;
-    url: string;
-    method: string;
-    bodyHash?: string | undefined;
-    headersHash?: string | undefined;
-}>;
-export type CanonicalRequestParts = z.infer<typeof CanonicalRequestPartsSchema>;
-export declare const DetachedJwsSchema: z.ZodObject<{
-    alg: z.ZodEnum<["Ed25519", "ES256"]>;
-    kid: z.ZodOptional<z.ZodString>;
-    signature: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    signature: string;
-    alg: "Ed25519" | "ES256";
-    kid?: string | undefined;
-}, {
-    signature: string;
-    alg: "Ed25519" | "ES256";
-    kid?: string | undefined;
-}>;
-export type DetachedJws = z.infer<typeof DetachedJwsSchema>;
-export declare const SIGNING_ORDER: readonly ["method", "url", "bodyHash", "headersHash", "nonce", "timestamp", "audience"];
-export type SigningOrderField = (typeof SIGNING_ORDER)[number];
-export declare function validateCanonicalRequestParts(parts: unknown): z.SafeParseReturnType<{
-    nonce: string;
-    audience: string;
-    timestamp: number;
-    url: string;
-    method: string;
-    bodyHash?: string | undefined;
-    headersHash?: string | undefined;
-}, {
-    nonce: string;
-    audience: string;
-    timestamp: number;
-    url: string;
-    method: string;
-    bodyHash?: string | undefined;
-    headersHash?: string | undefined;
-}>;
-export declare function validateDetachedJws(jws: unknown): z.SafeParseReturnType<{
-    signature: string;
-    alg: "Ed25519" | "ES256";
-    kid?: string | undefined;
-}, {
-    signature: string;
-    alg: "Ed25519" | "ES256";
-    kid?: string | undefined;
-}>;
-export declare function getCanonicalSigningString(parts: CanonicalRequestParts): string;
-export declare const SUPPORTED_SIGNING_ALGORITHMS: readonly ["Ed25519", "ES256"];
-export declare const SIGNING_HASH_ALGORITHM = "SHA-256";
-export declare const BASE64URL_PATTERN: RegExp;

package/dist/proof/signing-spec.js

@@ -1,52 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.BASE64URL_PATTERN = exports.SIGNING_HASH_ALGORITHM = exports.SUPPORTED_SIGNING_ALGORITHMS = exports.SIGNING_ORDER = exports.DetachedJwsSchema = exports.CanonicalRequestPartsSchema = void 0;
-exports.validateCanonicalRequestParts = validateCanonicalRequestParts;
-exports.validateDetachedJws = validateDetachedJws;
-exports.getCanonicalSigningString = getCanonicalSigningString;
-const zod_1 = require("zod");
-exports.CanonicalRequestPartsSchema = zod_1.z.object({
-    method: zod_1.z.string().toUpperCase(),
-    url: zod_1.z.string().url(),
-    bodyHash: zod_1.z.string().regex(/^[A-Za-z0-9_-]+$/).optional(),
-    headersHash: zod_1.z.string().regex(/^[A-Za-z0-9_-]+$/).optional(),
-    nonce: zod_1.z.string().min(1),
-    timestamp: zod_1.z.number().int().positive(),
-    audience: zod_1.z.string().min(1),
-});
-exports.DetachedJwsSchema = zod_1.z.object({
-    alg: zod_1.z.enum(['Ed25519', 'ES256']),
-    kid: zod_1.z.string().optional(),
-    signature: zod_1.z.string().regex(/^[A-Za-z0-9_-]+$/),
-});
-exports.SIGNING_ORDER = Object.freeze([
-    'method',
-    'url',
-    'bodyHash',
-    'headersHash',
-    'nonce',
-    'timestamp',
-    'audience',
-]);
-function validateCanonicalRequestParts(parts) {
-    return exports.CanonicalRequestPartsSchema.safeParse(parts);
-}
-function validateDetachedJws(jws) {
-    return exports.DetachedJwsSchema.safeParse(jws);
-}
-function getCanonicalSigningString(parts) {
-    const values = [];
-    for (const field of exports.SIGNING_ORDER) {
-        const value = parts[field];
-        if (value !== undefined) {
-            values.push(String(value));
-        }
-        else {
-            values.push('');
-        }
-    }
-    return values.join('\n');
-}
-exports.SUPPORTED_SIGNING_ALGORITHMS = ['Ed25519', 'ES256'];
-exports.SIGNING_HASH_ALGORITHM = 'SHA-256';
-exports.BASE64URL_PATTERN = /^[A-Za-z0-9_-]+$/;

package/dist/proof.d.ts

@@ -1,378 +0,0 @@
-import { z } from "zod";
-export declare const ProofMetaSchema: z.ZodObject<{
-    did: z.ZodString;
-    kid: z.ZodString;
-    ts: z.ZodNumber;
-    nonce: z.ZodString;
-    audience: z.ZodString;
-    sessionId: z.ZodString;
-    requestHash: z.ZodString;
-    responseHash: z.ZodString;
-    scopeId: z.ZodOptional<z.ZodString>;
-    delegationRef: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    did: string;
-    kid: string;
-    nonce: string;
-    audience: string;
-    sessionId: string;
-    ts: number;
-    requestHash: string;
-    responseHash: string;
-    scopeId?: string | undefined;
-    delegationRef?: string | undefined;
-}, {
-    did: string;
-    kid: string;
-    nonce: string;
-    audience: string;
-    sessionId: string;
-    ts: number;
-    requestHash: string;
-    responseHash: string;
-    scopeId?: string | undefined;
-    delegationRef?: string | undefined;
-}>;
-export declare const DetachedProofSchema: z.ZodObject<{
-    jws: z.ZodString;
-    meta: z.ZodObject<{
-        did: z.ZodString;
-        kid: z.ZodString;
-        ts: z.ZodNumber;
-        nonce: z.ZodString;
-        audience: z.ZodString;
-        sessionId: z.ZodString;
-        requestHash: z.ZodString;
-        responseHash: z.ZodString;
-        scopeId: z.ZodOptional<z.ZodString>;
-        delegationRef: z.ZodOptional<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        did: string;
-        kid: string;
-        nonce: string;
-        audience: string;
-        sessionId: string;
-        ts: number;
-        requestHash: string;
-        responseHash: string;
-        scopeId?: string | undefined;
-        delegationRef?: string | undefined;
-    }, {
-        did: string;
-        kid: string;
-        nonce: string;
-        audience: string;
-        sessionId: string;
-        ts: number;
-        requestHash: string;
-        responseHash: string;
-        scopeId?: string | undefined;
-        delegationRef?: string | undefined;
-    }>;
-}, "strip", z.ZodTypeAny, {
-    jws: string;
-    meta: {
-        did: string;
-        kid: string;
-        nonce: string;
-        audience: string;
-        sessionId: string;
-        ts: number;
-        requestHash: string;
-        responseHash: string;
-        scopeId?: string | undefined;
-        delegationRef?: string | undefined;
-    };
-}, {
-    jws: string;
-    meta: {
-        did: string;
-        kid: string;
-        nonce: string;
-        audience: string;
-        sessionId: string;
-        ts: number;
-        requestHash: string;
-        responseHash: string;
-        scopeId?: string | undefined;
-        delegationRef?: string | undefined;
-    };
-}>;
-export declare const CanonicalHashesSchema: z.ZodObject<{
-    requestHash: z.ZodString;
-    responseHash: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    requestHash: string;
-    responseHash: string;
-}, {
-    requestHash: string;
-    responseHash: string;
-}>;
-export declare const AuditRecordSchema: z.ZodObject<{
-    version: z.ZodLiteral<"audit.v1">;
-    ts: z.ZodNumber;
-    session: z.ZodString;
-    audience: z.ZodString;
-    did: z.ZodString;
-    kid: z.ZodString;
-    reqHash: z.ZodString;
-    resHash: z.ZodString;
-    verified: z.ZodEnum<["yes", "no"]>;
-    scope: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    version: "audit.v1";
-    did: string;
-    kid: string;
-    audience: string;
-    ts: number;
-    session: string;
-    reqHash: string;
-    resHash: string;
-    verified: "yes" | "no";
-    scope: string;
-}, {
-    version: "audit.v1";
-    did: string;
-    kid: string;
-    audience: string;
-    ts: number;
-    session: string;
-    reqHash: string;
-    resHash: string;
-    verified: "yes" | "no";
-    scope: string;
-}>;
-export type ProofMeta = z.infer<typeof ProofMetaSchema>;
-export type DetachedProof = z.infer<typeof DetachedProofSchema>;
-export type CanonicalHashes = z.infer<typeof CanonicalHashesSchema>;
-export type AuditRecord = z.infer<typeof AuditRecordSchema>;
-export declare const JWS_ALGORITHM = "EdDSA";
-export declare const HASH_ALGORITHM = "sha256";
-export declare const AUDIT_VERSION = "audit.v1";
-export declare const ToolCallContextSchema: z.ZodObject<{
-    tool: z.ZodString;
-    args: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-    result: z.ZodOptional<z.ZodUnknown>;
-    scopeId: z.ZodString;
-    userId: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    scopeId: string;
-    tool: string;
-    args: Record<string, unknown>;
-    result?: unknown;
-    userId?: string | undefined;
-}, {
-    scopeId: string;
-    tool: string;
-    args: Record<string, unknown>;
-    result?: unknown;
-    userId?: string | undefined;
-}>;
-export declare const ProofSubmissionContextSchema: z.ZodObject<{
-    toolCalls: z.ZodArray<z.ZodObject<{
-        tool: z.ZodString;
-        args: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-        result: z.ZodOptional<z.ZodUnknown>;
-        scopeId: z.ZodString;
-        userId: z.ZodOptional<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        scopeId: string;
-        tool: string;
-        args: Record<string, unknown>;
-        result?: unknown;
-        userId?: string | undefined;
-    }, {
-        scopeId: string;
-        tool: string;
-        args: Record<string, unknown>;
-        result?: unknown;
-        userId?: string | undefined;
-    }>, "many">;
-    mcpServerUrl: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    toolCalls: {
-        scopeId: string;
-        tool: string;
-        args: Record<string, unknown>;
-        result?: unknown;
-        userId?: string | undefined;
-    }[];
-    mcpServerUrl?: string | undefined;
-}, {
-    toolCalls: {
-        scopeId: string;
-        tool: string;
-        args: Record<string, unknown>;
-        result?: unknown;
-        userId?: string | undefined;
-    }[];
-    mcpServerUrl?: string | undefined;
-}>;
-export declare const ProofSubmissionRequestSchema: z.ZodObject<{
-    session_id: z.ZodString;
-    delegation_id: z.ZodOptional<z.ZodNullable<z.ZodString>>;
-    proofs: z.ZodArray<z.ZodObject<{
-        jws: z.ZodString;
-        meta: z.ZodObject<{
-            did: z.ZodString;
-            kid: z.ZodString;
-            ts: z.ZodNumber;
-            nonce: z.ZodString;
-            audience: z.ZodString;
-            sessionId: z.ZodString;
-            requestHash: z.ZodString;
-            responseHash: z.ZodString;
-            scopeId: z.ZodOptional<z.ZodString>;
-            delegationRef: z.ZodOptional<z.ZodString>;
-        }, "strip", z.ZodTypeAny, {
-            did: string;
-            kid: string;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            ts: number;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-        }, {
-            did: string;
-            kid: string;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            ts: number;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-        }>;
-    }, "strip", z.ZodTypeAny, {
-        jws: string;
-        meta: {
-            did: string;
-            kid: string;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            ts: number;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-        };
-    }, {
-        jws: string;
-        meta: {
-            did: string;
-            kid: string;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            ts: number;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-        };
-    }>, "many">;
-    context: z.ZodOptional<z.ZodObject<{
-        toolCalls: z.ZodArray<z.ZodObject<{
-            tool: z.ZodString;
-            args: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-            result: z.ZodOptional<z.ZodUnknown>;
-            scopeId: z.ZodString;
-            userId: z.ZodOptional<z.ZodString>;
-        }, "strip", z.ZodTypeAny, {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }, {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }>, "many">;
-        mcpServerUrl: z.ZodOptional<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        toolCalls: {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }[];
-        mcpServerUrl?: string | undefined;
-    }, {
-        toolCalls: {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }[];
-        mcpServerUrl?: string | undefined;
-    }>>;
-}, "strip", z.ZodTypeAny, {
-    session_id: string;
-    proofs: {
-        jws: string;
-        meta: {
-            did: string;
-            kid: string;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            ts: number;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-        };
-    }[];
-    delegation_id?: string | null | undefined;
-    context?: {
-        toolCalls: {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }[];
-        mcpServerUrl?: string | undefined;
-    } | undefined;
-}, {
-    session_id: string;
-    proofs: {
-        jws: string;
-        meta: {
-            did: string;
-            kid: string;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            ts: number;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-        };
-    }[];
-    delegation_id?: string | null | undefined;
-    context?: {
-        toolCalls: {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }[];
-        mcpServerUrl?: string | undefined;
-    } | undefined;
-}>;
-export type ToolCallContext = z.infer<typeof ToolCallContextSchema>;
-export type ProofSubmissionContext = z.infer<typeof ProofSubmissionContextSchema>;
-export type ProofSubmissionRequest = z.infer<typeof ProofSubmissionRequestSchema>;

package/dist/proof.js

@@ -1,59 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ProofSubmissionRequestSchema = exports.ProofSubmissionContextSchema = exports.ToolCallContextSchema = exports.AUDIT_VERSION = exports.HASH_ALGORITHM = exports.JWS_ALGORITHM = exports.AuditRecordSchema = exports.CanonicalHashesSchema = exports.DetachedProofSchema = exports.ProofMetaSchema = void 0;
-const zod_1 = require("zod");
-exports.ProofMetaSchema = zod_1.z.object({
-    did: zod_1.z.string().min(1),
-    kid: zod_1.z.string().min(1),
-    ts: zod_1.z.number().int().positive(),
-    nonce: zod_1.z.string().min(1),
-    audience: zod_1.z.string().min(1),
-    sessionId: zod_1.z.string().min(1),
-    requestHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    responseHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    scopeId: zod_1.z.string().optional(),
-    delegationRef: zod_1.z.string().optional(),
-});
-exports.DetachedProofSchema = zod_1.z.object({
-    jws: zod_1.z.string().min(1),
-    meta: exports.ProofMetaSchema,
-});
-exports.CanonicalHashesSchema = zod_1.z.object({
-    requestHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    responseHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-});
-exports.AuditRecordSchema = zod_1.z.object({
-    version: zod_1.z.literal("audit.v1"),
-    ts: zod_1.z.number().int().positive(),
-    session: zod_1.z.string().min(1),
-    audience: zod_1.z.string().min(1),
-    did: zod_1.z.string().min(1),
-    kid: zod_1.z.string().min(1),
-    reqHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    resHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    verified: zod_1.z.enum(["yes", "no"]),
-    scope: zod_1.z.string().min(1),
-});
-exports.JWS_ALGORITHM = "EdDSA";
-exports.HASH_ALGORITHM = "sha256";
-exports.AUDIT_VERSION = "audit.v1";
-exports.ToolCallContextSchema = zod_1.z.object({
-    tool: zod_1.z.string().min(1),
-    args: zod_1.z.record(zod_1.z.unknown()),
-    result: zod_1.z.unknown().optional(),
-    scopeId: zod_1.z.string(),
-    userId: zod_1.z.string().optional(),
-});
-exports.ProofSubmissionContextSchema = zod_1.z.object({
-    toolCalls: zod_1.z.array(exports.ToolCallContextSchema),
-    mcpServerUrl: zod_1.z.string().url().optional(),
-});
-exports.ProofSubmissionRequestSchema = zod_1.z.object({
-    session_id: zod_1.z.string().min(1),
-    delegation_id: zod_1.z.string().nullable().optional(),
-    proofs: zod_1.z.array(zod_1.z.object({
-        jws: zod_1.z.string().min(1),
-        meta: exports.ProofMetaSchema,
-    })),
-    context: exports.ProofSubmissionContextSchema.optional(),
-});