@kya-os/contracts 1.5.2-canary.2 → 1.5.2-canary.4

package/dist/proof.d.ts

@@ -1,415 +0,0 @@
-import { z } from "zod";
-/**
- * Proof and signature schemas for MCP-I
- *
- * Note: The type name "DetachedProof" is maintained for backward compatibility,
- * but the JWS format is actually FULL compact JWS (header.payload.signature),
- * not detached format (header..signature).
- *
- * The JWS payload contains JWT standard claims (aud, sub, iss) plus custom
- * proof claims (requestHash, responseHash, nonce, etc.).
- */
-export declare const ProofMetaSchema: z.ZodObject<{
-    did: z.ZodString;
-    kid: z.ZodString;
-    ts: z.ZodNumber;
-    nonce: z.ZodString;
-    audience: z.ZodString;
-    sessionId: z.ZodString;
-    requestHash: z.ZodString;
-    responseHash: z.ZodString;
-    scopeId: z.ZodOptional<z.ZodString>;
-    delegationRef: z.ZodOptional<z.ZodString>;
-    clientDid: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    did: string;
-    kid: string;
-    ts: number;
-    nonce: string;
-    audience: string;
-    sessionId: string;
-    requestHash: string;
-    responseHash: string;
-    scopeId?: string | undefined;
-    delegationRef?: string | undefined;
-    clientDid?: string | undefined;
-}, {
-    did: string;
-    kid: string;
-    ts: number;
-    nonce: string;
-    audience: string;
-    sessionId: string;
-    requestHash: string;
-    responseHash: string;
-    scopeId?: string | undefined;
-    delegationRef?: string | undefined;
-    clientDid?: string | undefined;
-}>;
-export declare const DetachedProofSchema: z.ZodObject<{
-    jws: z.ZodString;
-    meta: z.ZodObject<{
-        did: z.ZodString;
-        kid: z.ZodString;
-        ts: z.ZodNumber;
-        nonce: z.ZodString;
-        audience: z.ZodString;
-        sessionId: z.ZodString;
-        requestHash: z.ZodString;
-        responseHash: z.ZodString;
-        scopeId: z.ZodOptional<z.ZodString>;
-        delegationRef: z.ZodOptional<z.ZodString>;
-        clientDid: z.ZodOptional<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        did: string;
-        kid: string;
-        ts: number;
-        nonce: string;
-        audience: string;
-        sessionId: string;
-        requestHash: string;
-        responseHash: string;
-        scopeId?: string | undefined;
-        delegationRef?: string | undefined;
-        clientDid?: string | undefined;
-    }, {
-        did: string;
-        kid: string;
-        ts: number;
-        nonce: string;
-        audience: string;
-        sessionId: string;
-        requestHash: string;
-        responseHash: string;
-        scopeId?: string | undefined;
-        delegationRef?: string | undefined;
-        clientDid?: string | undefined;
-    }>;
-}, "strip", z.ZodTypeAny, {
-    jws: string;
-    meta: {
-        did: string;
-        kid: string;
-        ts: number;
-        nonce: string;
-        audience: string;
-        sessionId: string;
-        requestHash: string;
-        responseHash: string;
-        scopeId?: string | undefined;
-        delegationRef?: string | undefined;
-        clientDid?: string | undefined;
-    };
-}, {
-    jws: string;
-    meta: {
-        did: string;
-        kid: string;
-        ts: number;
-        nonce: string;
-        audience: string;
-        sessionId: string;
-        requestHash: string;
-        responseHash: string;
-        scopeId?: string | undefined;
-        delegationRef?: string | undefined;
-        clientDid?: string | undefined;
-    };
-}>;
-export declare const CanonicalHashesSchema: z.ZodObject<{
-    requestHash: z.ZodString;
-    responseHash: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    requestHash: string;
-    responseHash: string;
-}, {
-    requestHash: string;
-    responseHash: string;
-}>;
-export declare const AuditRecordSchema: z.ZodObject<{
-    version: z.ZodLiteral<"audit.v1">;
-    ts: z.ZodNumber;
-    session: z.ZodString;
-    audience: z.ZodString;
-    did: z.ZodString;
-    kid: z.ZodString;
-    reqHash: z.ZodString;
-    resHash: z.ZodString;
-    verified: z.ZodEnum<["yes", "no"]>;
-    scope: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    did: string;
-    kid: string;
-    ts: number;
-    audience: string;
-    version: "audit.v1";
-    session: string;
-    reqHash: string;
-    resHash: string;
-    verified: "yes" | "no";
-    scope: string;
-}, {
-    did: string;
-    kid: string;
-    ts: number;
-    audience: string;
-    version: "audit.v1";
-    session: string;
-    reqHash: string;
-    resHash: string;
-    verified: "yes" | "no";
-    scope: string;
-}>;
-export type ProofMeta = z.infer<typeof ProofMetaSchema>;
-export type DetachedProof = z.infer<typeof DetachedProofSchema>;
-export type CanonicalHashes = z.infer<typeof CanonicalHashesSchema>;
-export type AuditRecord = z.infer<typeof AuditRecordSchema>;
-export declare const JWS_ALGORITHM = "EdDSA";
-export declare const HASH_ALGORITHM = "sha256";
-export declare const AUDIT_VERSION = "audit.v1";
-/**
- * Tool call context for AgentShield dashboard integration
- * Provides plaintext tool execution data alongside cryptographic proofs
- */
-export declare const ToolCallContextSchema: z.ZodObject<{
-    tool: z.ZodString;
-    args: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-    result: z.ZodOptional<z.ZodUnknown>;
-    scopeId: z.ZodString;
-    userId: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    scopeId: string;
-    tool: string;
-    args: Record<string, unknown>;
-    result?: unknown;
-    userId?: string | undefined;
-}, {
-    scopeId: string;
-    tool: string;
-    args: Record<string, unknown>;
-    result?: unknown;
-    userId?: string | undefined;
-}>;
-/**
- * Proof submission context for AgentShield API
- * Includes tool calls and optional MCP server URL for tool discovery
- */
-export declare const ProofSubmissionContextSchema: z.ZodObject<{
-    toolCalls: z.ZodArray<z.ZodObject<{
-        tool: z.ZodString;
-        args: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-        result: z.ZodOptional<z.ZodUnknown>;
-        scopeId: z.ZodString;
-        userId: z.ZodOptional<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        scopeId: string;
-        tool: string;
-        args: Record<string, unknown>;
-        result?: unknown;
-        userId?: string | undefined;
-    }, {
-        scopeId: string;
-        tool: string;
-        args: Record<string, unknown>;
-        result?: unknown;
-        userId?: string | undefined;
-    }>, "many">;
-    mcpServerUrl: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    toolCalls: {
-        scopeId: string;
-        tool: string;
-        args: Record<string, unknown>;
-        result?: unknown;
-        userId?: string | undefined;
-    }[];
-    mcpServerUrl?: string | undefined;
-}, {
-    toolCalls: {
-        scopeId: string;
-        tool: string;
-        args: Record<string, unknown>;
-        result?: unknown;
-        userId?: string | undefined;
-    }[];
-    mcpServerUrl?: string | undefined;
-}>;
-/**
- * Complete proof submission request to AgentShield
- */
-export declare const ProofSubmissionRequestSchema: z.ZodObject<{
-    session_id: z.ZodString;
-    delegation_id: z.ZodOptional<z.ZodNullable<z.ZodString>>;
-    proofs: z.ZodArray<z.ZodObject<{
-        jws: z.ZodString;
-        meta: z.ZodObject<{
-            did: z.ZodString;
-            kid: z.ZodString;
-            ts: z.ZodNumber;
-            nonce: z.ZodString;
-            audience: z.ZodString;
-            sessionId: z.ZodString;
-            requestHash: z.ZodString;
-            responseHash: z.ZodString;
-            scopeId: z.ZodOptional<z.ZodString>;
-            delegationRef: z.ZodOptional<z.ZodString>;
-            clientDid: z.ZodOptional<z.ZodString>;
-        }, "strip", z.ZodTypeAny, {
-            did: string;
-            kid: string;
-            ts: number;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-            clientDid?: string | undefined;
-        }, {
-            did: string;
-            kid: string;
-            ts: number;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-            clientDid?: string | undefined;
-        }>;
-    }, "strip", z.ZodTypeAny, {
-        jws: string;
-        meta: {
-            did: string;
-            kid: string;
-            ts: number;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-            clientDid?: string | undefined;
-        };
-    }, {
-        jws: string;
-        meta: {
-            did: string;
-            kid: string;
-            ts: number;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-            clientDid?: string | undefined;
-        };
-    }>, "many">;
-    context: z.ZodOptional<z.ZodObject<{
-        toolCalls: z.ZodArray<z.ZodObject<{
-            tool: z.ZodString;
-            args: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-            result: z.ZodOptional<z.ZodUnknown>;
-            scopeId: z.ZodString;
-            userId: z.ZodOptional<z.ZodString>;
-        }, "strip", z.ZodTypeAny, {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }, {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }>, "many">;
-        mcpServerUrl: z.ZodOptional<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        toolCalls: {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }[];
-        mcpServerUrl?: string | undefined;
-    }, {
-        toolCalls: {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }[];
-        mcpServerUrl?: string | undefined;
-    }>>;
-}, "strip", z.ZodTypeAny, {
-    session_id: string;
-    proofs: {
-        jws: string;
-        meta: {
-            did: string;
-            kid: string;
-            ts: number;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-            clientDid?: string | undefined;
-        };
-    }[];
-    delegation_id?: string | null | undefined;
-    context?: {
-        toolCalls: {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }[];
-        mcpServerUrl?: string | undefined;
-    } | undefined;
-}, {
-    session_id: string;
-    proofs: {
-        jws: string;
-        meta: {
-            did: string;
-            kid: string;
-            ts: number;
-            nonce: string;
-            audience: string;
-            sessionId: string;
-            requestHash: string;
-            responseHash: string;
-            scopeId?: string | undefined;
-            delegationRef?: string | undefined;
-            clientDid?: string | undefined;
-        };
-    }[];
-    delegation_id?: string | null | undefined;
-    context?: {
-        toolCalls: {
-            scopeId: string;
-            tool: string;
-            args: Record<string, unknown>;
-            result?: unknown;
-            userId?: string | undefined;
-        }[];
-        mcpServerUrl?: string | undefined;
-    } | undefined;
-}>;
-export type ToolCallContext = z.infer<typeof ToolCallContextSchema>;
-export type ProofSubmissionContext = z.infer<typeof ProofSubmissionContextSchema>;
-export type ProofSubmissionRequest = z.infer<typeof ProofSubmissionRequestSchema>;
-//# sourceMappingURL=proof.d.ts.map

package/dist/proof.js

@@ -1,83 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ProofSubmissionRequestSchema = exports.ProofSubmissionContextSchema = exports.ToolCallContextSchema = exports.AUDIT_VERSION = exports.HASH_ALGORITHM = exports.JWS_ALGORITHM = exports.AuditRecordSchema = exports.CanonicalHashesSchema = exports.DetachedProofSchema = exports.ProofMetaSchema = void 0;
-const zod_1 = require("zod");
-/**
- * Proof and signature schemas for MCP-I
- *
- * Note: The type name "DetachedProof" is maintained for backward compatibility,
- * but the JWS format is actually FULL compact JWS (header.payload.signature),
- * not detached format (header..signature).
- *
- * The JWS payload contains JWT standard claims (aud, sub, iss) plus custom
- * proof claims (requestHash, responseHash, nonce, etc.).
- */
-exports.ProofMetaSchema = zod_1.z.object({
-    did: zod_1.z.string().min(1),
-    kid: zod_1.z.string().min(1),
-    ts: zod_1.z.number().int().positive(),
-    nonce: zod_1.z.string().min(1),
-    audience: zod_1.z.string().min(1),
-    sessionId: zod_1.z.string().min(1),
-    requestHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    responseHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    scopeId: zod_1.z.string().optional(),
-    delegationRef: zod_1.z.string().optional(),
-    clientDid: zod_1.z.string().optional(), // Optional for backward compatibility
-});
-exports.DetachedProofSchema = zod_1.z.object({
-    jws: zod_1.z.string().min(1), // Full compact JWS format (header.payload.signature)
-    meta: exports.ProofMetaSchema, // Convenience metadata (duplicates signed payload data)
-});
-exports.CanonicalHashesSchema = zod_1.z.object({
-    requestHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    responseHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-});
-exports.AuditRecordSchema = zod_1.z.object({
-    version: zod_1.z.literal("audit.v1"),
-    ts: zod_1.z.number().int().positive(),
-    session: zod_1.z.string().min(1),
-    audience: zod_1.z.string().min(1),
-    did: zod_1.z.string().min(1),
-    kid: zod_1.z.string().min(1),
-    reqHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    resHash: zod_1.z.string().regex(/^sha256:[a-f0-9]{64}$/),
-    verified: zod_1.z.enum(["yes", "no"]),
-    scope: zod_1.z.string().min(1), // "-" for no scope
-});
-// Constants
-exports.JWS_ALGORITHM = "EdDSA";
-exports.HASH_ALGORITHM = "sha256";
-exports.AUDIT_VERSION = "audit.v1";
-/**
- * Tool call context for AgentShield dashboard integration
- * Provides plaintext tool execution data alongside cryptographic proofs
- */
-exports.ToolCallContextSchema = zod_1.z.object({
-    tool: zod_1.z.string().min(1),
-    args: zod_1.z.record(zod_1.z.unknown()),
-    result: zod_1.z.unknown().optional(),
-    scopeId: zod_1.z.string(),
-    userId: zod_1.z.string().optional(),
-});
-/**
- * Proof submission context for AgentShield API
- * Includes tool calls and optional MCP server URL for tool discovery
- */
-exports.ProofSubmissionContextSchema = zod_1.z.object({
-    toolCalls: zod_1.z.array(exports.ToolCallContextSchema),
-    mcpServerUrl: zod_1.z.string().url().optional(),
-});
-/**
- * Complete proof submission request to AgentShield
- */
-exports.ProofSubmissionRequestSchema = zod_1.z.object({
-    session_id: zod_1.z.string().min(1),
-    delegation_id: zod_1.z.string().nullable().optional(),
-    proofs: zod_1.z.array(zod_1.z.object({
-        jws: zod_1.z.string().min(1),
-        meta: exports.ProofMetaSchema,
-    })),
-    context: exports.ProofSubmissionContextSchema.optional(),
-});
-//# sourceMappingURL=proof.js.map