@kya-os/contracts 1.8.0 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agentshield-api/index.js +0 -1
- package/dist/agentshield-api/schemas.d.ts +193 -187
- package/dist/agentshield-api/schemas.js +0 -1
- package/dist/agentshield-api/types.js +0 -1
- package/dist/compute.d.ts +47 -17
- package/dist/compute.js +23 -1
- package/dist/consent/index.d.ts +2 -3
- package/dist/consent/index.js +14 -3
- package/dist/handshake.d.ts +4 -3
- package/dist/handshake.js +4 -3
- package/dist/proof/index.d.ts +3 -4
- package/dist/proof/index.js +2 -2
- package/dist/proof.d.ts +98 -67
- package/dist/proof.js +29 -2
- package/dist/runtime/headers.d.ts +16 -12
- package/dist/runtime/headers.js +16 -12
- package/dist/verifier.d.ts +28 -17
- package/dist/verifier.js +20 -9
- package/package.json +2 -1
- package/parity-vectors/delegation-conformance.json +265 -0
- package/parity-vectors/did-key.json +134 -0
- package/parity-vectors/index.ts +253 -0
- package/parity-vectors/scope-matching.json +330 -0
- package/parity-vectors/vc-jwt.json +210 -0
|
@@ -338,4 +338,3 @@ exports.registerSessionResponseSchema = zod_1.z.object({
|
|
|
338
338
|
* Wrapped session registration response schema
|
|
339
339
|
*/
|
|
340
340
|
exports.registerSessionAPIResponseSchema = (0, exports.agentShieldAPIResponseSchema)(exports.registerSessionResponseSchema);
|
|
341
|
-
//# sourceMappingURL=schemas.js.map
|
package/dist/compute.d.ts
CHANGED
|
@@ -29,16 +29,16 @@ export declare const HeartbeatRequestSchema: z.ZodObject<{
|
|
|
29
29
|
/** Current RSS memory in MB */
|
|
30
30
|
memoryMb: z.ZodOptional<z.ZodNumber>;
|
|
31
31
|
}, "strip", z.ZodTypeAny, {
|
|
32
|
-
status: "starting" | "running" | "stopping" | "error";
|
|
33
32
|
agentDid: string;
|
|
33
|
+
status: "starting" | "running" | "error" | "stopping";
|
|
34
34
|
computeVersion: string;
|
|
35
35
|
openclawVersion?: string | undefined;
|
|
36
36
|
machineId?: string | undefined;
|
|
37
37
|
uptimeSeconds?: number | undefined;
|
|
38
38
|
memoryMb?: number | undefined;
|
|
39
39
|
}, {
|
|
40
|
-
status: "starting" | "running" | "stopping" | "error";
|
|
41
40
|
agentDid: string;
|
|
41
|
+
status: "starting" | "running" | "error" | "stopping";
|
|
42
42
|
computeVersion: string;
|
|
43
43
|
openclawVersion?: string | undefined;
|
|
44
44
|
machineId?: string | undefined;
|
|
@@ -335,21 +335,46 @@ export declare const ConfigBundleSchema: z.ZodObject<{
|
|
|
335
335
|
aiProvider: z.ZodObject<{
|
|
336
336
|
type: z.ZodEnum<["anthropic", "openai"]>;
|
|
337
337
|
apiKey: z.ZodString;
|
|
338
|
+
/**
|
|
339
|
+
* Optional base URL override. When set, OpenClaw routes all provider
|
|
340
|
+
* traffic through this URL instead of the provider's default endpoint.
|
|
341
|
+
* Used by managed deployments where AgentShield issues a per-deployment
|
|
342
|
+
* gateway token and proxies to the upstream provider with budget tracking.
|
|
343
|
+
*/
|
|
344
|
+
baseUrl: z.ZodOptional<z.ZodString>;
|
|
338
345
|
}, "strip", z.ZodTypeAny, {
|
|
339
346
|
type: "anthropic" | "openai";
|
|
340
347
|
apiKey: string;
|
|
348
|
+
baseUrl?: string | undefined;
|
|
341
349
|
}, {
|
|
342
350
|
type: "anthropic" | "openai";
|
|
343
351
|
apiKey: string;
|
|
352
|
+
baseUrl?: string | undefined;
|
|
344
353
|
}>;
|
|
354
|
+
/**
|
|
355
|
+
* Optional OpenClaw heartbeat interval (`agents.defaults.heartbeat.every`).
|
|
356
|
+
* Drives how often OpenClaw wakes the agent for HEARTBEAT.md processing —
|
|
357
|
+
* the primary token-cost lever. Examples: "30m" (active), "6h" (idle),
|
|
358
|
+
* "off" (dormant — heartbeat disabled entirely). When absent, the patcher
|
|
359
|
+
* preserves whatever value already lives in openclaw.json (OpenClaw's
|
|
360
|
+
* built-in default of "30m").
|
|
361
|
+
*/
|
|
362
|
+
heartbeatEvery: z.ZodOptional<z.ZodString>;
|
|
363
|
+
/**
|
|
364
|
+
* Optional override for `agents.defaults.model.primary` (e.g.
|
|
365
|
+
* "anthropic/claude-haiku-4-5" for idle agents). When absent, the patcher
|
|
366
|
+
* derives the model from `aiProvider.type` as before. Format must be
|
|
367
|
+
* "<provider>/<model-id>".
|
|
368
|
+
*/
|
|
369
|
+
modelOverride: z.ZodOptional<z.ZodString>;
|
|
345
370
|
/** ISO timestamp of last config modification */
|
|
346
371
|
updatedAt: z.ZodString;
|
|
347
372
|
}, "strip", z.ZodTypeAny, {
|
|
348
|
-
|
|
349
|
-
type: "anthropic" | "openai";
|
|
350
|
-
apiKey: string;
|
|
351
|
-
};
|
|
373
|
+
openclawVersion: string;
|
|
352
374
|
version: number;
|
|
375
|
+
killed: boolean;
|
|
376
|
+
soulFile: string | null;
|
|
377
|
+
gatewayToken: string;
|
|
353
378
|
channels: {
|
|
354
379
|
telegram?: {
|
|
355
380
|
enabled: boolean;
|
|
@@ -368,17 +393,20 @@ export declare const ConfigBundleSchema: z.ZodObject<{
|
|
|
368
393
|
enabled: boolean;
|
|
369
394
|
} | undefined;
|
|
370
395
|
};
|
|
371
|
-
openclawVersion: string;
|
|
372
|
-
killed: boolean;
|
|
373
|
-
soulFile: string | null;
|
|
374
|
-
gatewayToken: string;
|
|
375
|
-
updatedAt: string;
|
|
376
|
-
}, {
|
|
377
396
|
aiProvider: {
|
|
378
397
|
type: "anthropic" | "openai";
|
|
379
398
|
apiKey: string;
|
|
399
|
+
baseUrl?: string | undefined;
|
|
380
400
|
};
|
|
401
|
+
updatedAt: string;
|
|
402
|
+
heartbeatEvery?: string | undefined;
|
|
403
|
+
modelOverride?: string | undefined;
|
|
404
|
+
}, {
|
|
405
|
+
openclawVersion: string;
|
|
381
406
|
version: number;
|
|
407
|
+
killed: boolean;
|
|
408
|
+
soulFile: string | null;
|
|
409
|
+
gatewayToken: string;
|
|
382
410
|
channels: {
|
|
383
411
|
telegram?: {
|
|
384
412
|
enabled: boolean;
|
|
@@ -397,11 +425,14 @@ export declare const ConfigBundleSchema: z.ZodObject<{
|
|
|
397
425
|
enabled: boolean;
|
|
398
426
|
} | undefined;
|
|
399
427
|
};
|
|
400
|
-
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
428
|
+
aiProvider: {
|
|
429
|
+
type: "anthropic" | "openai";
|
|
430
|
+
apiKey: string;
|
|
431
|
+
baseUrl?: string | undefined;
|
|
432
|
+
};
|
|
404
433
|
updatedAt: string;
|
|
434
|
+
heartbeatEvery?: string | undefined;
|
|
435
|
+
modelOverride?: string | undefined;
|
|
405
436
|
}>;
|
|
406
437
|
export type ConfigBundle = z.infer<typeof ConfigBundleSchema>;
|
|
407
438
|
/**
|
|
@@ -441,4 +472,3 @@ export declare const ControlStatusSchema: z.ZodObject<{
|
|
|
441
472
|
cpuPercent: number;
|
|
442
473
|
}>;
|
|
443
474
|
export type ControlStatus = z.infer<typeof ControlStatusSchema>;
|
|
444
|
-
//# sourceMappingURL=compute.d.ts.map
|
package/dist/compute.js
CHANGED
|
@@ -161,7 +161,30 @@ exports.ConfigBundleSchema = zod_1.z.object({
|
|
|
161
161
|
aiProvider: zod_1.z.object({
|
|
162
162
|
type: zod_1.z.enum(["anthropic", "openai"]),
|
|
163
163
|
apiKey: zod_1.z.string().min(1).max(500),
|
|
164
|
+
/**
|
|
165
|
+
* Optional base URL override. When set, OpenClaw routes all provider
|
|
166
|
+
* traffic through this URL instead of the provider's default endpoint.
|
|
167
|
+
* Used by managed deployments where AgentShield issues a per-deployment
|
|
168
|
+
* gateway token and proxies to the upstream provider with budget tracking.
|
|
169
|
+
*/
|
|
170
|
+
baseUrl: zod_1.z.string().url().optional(),
|
|
164
171
|
}),
|
|
172
|
+
/**
|
|
173
|
+
* Optional OpenClaw heartbeat interval (`agents.defaults.heartbeat.every`).
|
|
174
|
+
* Drives how often OpenClaw wakes the agent for HEARTBEAT.md processing —
|
|
175
|
+
* the primary token-cost lever. Examples: "30m" (active), "6h" (idle),
|
|
176
|
+
* "off" (dormant — heartbeat disabled entirely). When absent, the patcher
|
|
177
|
+
* preserves whatever value already lives in openclaw.json (OpenClaw's
|
|
178
|
+
* built-in default of "30m").
|
|
179
|
+
*/
|
|
180
|
+
heartbeatEvery: zod_1.z.string().min(1).max(20).optional(),
|
|
181
|
+
/**
|
|
182
|
+
* Optional override for `agents.defaults.model.primary` (e.g.
|
|
183
|
+
* "anthropic/claude-haiku-4-5" for idle agents). When absent, the patcher
|
|
184
|
+
* derives the model from `aiProvider.type` as before. Format must be
|
|
185
|
+
* "<provider>/<model-id>".
|
|
186
|
+
*/
|
|
187
|
+
modelOverride: zod_1.z.string().min(1).max(100).optional(),
|
|
165
188
|
/** ISO timestamp of last config modification */
|
|
166
189
|
updatedAt: zod_1.z.string().datetime(),
|
|
167
190
|
});
|
|
@@ -188,4 +211,3 @@ exports.ControlStatusSchema = zod_1.z.object({
|
|
|
188
211
|
/** CPU usage percentage (0-100) */
|
|
189
212
|
cpuPercent: zod_1.z.number().nonnegative().max(100),
|
|
190
213
|
});
|
|
191
|
-
//# sourceMappingURL=compute.js.map
|
package/dist/consent/index.d.ts
CHANGED
|
@@ -6,8 +6,7 @@
|
|
|
6
6
|
* This module re-exports from @kya-os/consent (the single source of truth)
|
|
7
7
|
* while maintaining backward compatibility with existing contracts consumers.
|
|
8
8
|
*/
|
|
9
|
-
export type { ConsentConfig, ConsentConfigWithMeta, ConsentCustomField, ConsentCustomFieldOption, ConsentMetadata, ResolvedConsentConfig, ResolvedUI, ResolvedTerms, ResolvedSuccess, ConsentBranding, ResolvedConsentBranding, ConsentUI, ConsentTerms, ConsentSuccess, ResolvedConsentCopy, AuthMode, CredentialsConfig, OAuthConfig, MagicLinkConfig, OTPConfig, QRCodeConfig, PasskeyConfig, IDVConfig, ConsentPageConfig, ExtendedConsentPageConfig, OAuthIdentity, ConsentApprovalRequest, ConsentApprovalResponse, ConsentConfigAPIResponse, CredentialAuthRequest, CredentialAuthResponse, } from "@kya-os/consent";
|
|
10
|
-
export { ConsentConfigSchema, ConsentConfigWithMetaSchema, ConsentCustomFieldSchema, ConsentCustomFieldOptionSchema, ConsentTermsSchema, ConsentUISchema, ConsentSuccessSchema, ConsentMetadataSchema, ConsentBrandingSchema, AuthModeSchema, CredentialsConfigSchema, OAuthConfigSchema, MagicLinkConfigSchema, OTPConfigSchema, QRCodeConfigSchema, PasskeyConfigSchema, IDVConfigSchema, OAuthIdentitySchema, ConsentApprovalRequestSchema, ConsentApprovalResponseSchema, ConsentPageConfigSchema, CredentialAuthRequestSchema, CredentialAuthResponseSchema, validateConsentApprovalRequest, validateConsentApprovalResponse, validateOAuthIdentity, validateConsentPageConfig, validateConsentConfig, validateConsentBranding, validateCustomField, } from "@kya-os/consent";
|
|
9
|
+
export type { ConsentConfig, ConsentConfigWithMeta, ConsentCustomField, ConsentCustomFieldOption, ConsentMetadata, ResolvedConsentConfig, ResolvedUI, ResolvedTerms, ResolvedSuccess, ConsentBranding, ResolvedConsentBranding, ConsentUI, ConsentTerms, ConsentSuccess, ResolvedConsentCopy, AuthMode, CredentialsConfig, OAuthConfig, MagicLinkConfig, OTPConfig, QRCodeConfig, PasskeyConfig, IDVConfig, ConsentPageConfig, ExtendedConsentPageConfig, OAuthIdentity, ConsentApprovalRequest, ConsentApprovalResponse, ConsentConfigAPIResponse, CredentialAuthRequest, CredentialAuthResponse, Capability, CapabilityGroup, CapabilityIcon, AgentMetadata, ConsentTheme, RiskLevel, CedarTemplateContext, CedarExplanation, } from "@kya-os/consent";
|
|
10
|
+
export { ConsentConfigSchema, ConsentConfigWithMetaSchema, ConsentCustomFieldSchema, ConsentCustomFieldOptionSchema, ConsentTermsSchema, ConsentUISchema, ConsentSuccessSchema, ConsentMetadataSchema, ConsentBrandingSchema, AuthModeSchema, CredentialsConfigSchema, OAuthConfigSchema, MagicLinkConfigSchema, OTPConfigSchema, QRCodeConfigSchema, PasskeyConfigSchema, IDVConfigSchema, OAuthIdentitySchema, ConsentApprovalRequestSchema, ConsentApprovalResponseSchema, ConsentPageConfigSchema, CredentialAuthRequestSchema, CredentialAuthResponseSchema, validateConsentApprovalRequest, validateConsentApprovalResponse, validateOAuthIdentity, validateConsentPageConfig, validateConsentConfig, validateConsentBranding, validateCustomField, CapabilitySchema, CapabilityGroupSchema, CapabilityIconSchema, AgentMetadataSchema, ConsentThemeSchema, RiskLevelSchema, CedarPolicySchema, CedarTemplateContextSchema, validateCapability, validateCapabilityGroup, validateAgentMetadata, } from "@kya-os/consent";
|
|
11
11
|
export { DEFAULT_BRANDING, DEFAULT_UI, DEFAULT_TERMS, DEFAULT_SUCCESS, DEFAULT_METADATA, DEFAULT_EXPIRATION_DAYS, DEFAULT_COLORS, AUTH_MODES, AUTH_MODE_REGISTRY, getAuthModeMetadata, getImplementedAuthModes, isAuthModeImplemented, requiresExternalAuth, collectsCredentials, } from "@kya-os/consent";
|
|
12
12
|
export { ConsentBrandingSchema as consentBrandingSchema, ConsentTermsSchema as consentTermsSchema, ConsentConfigSchema as consentConfigSchema, ConsentCustomFieldSchema as consentCustomFieldSchema, ConsentCustomFieldOptionSchema as consentCustomFieldOptionSchema, ConsentPageConfigSchema as consentPageConfigSchema, ConsentApprovalRequestSchema as consentApprovalRequestSchema, ConsentApprovalResponseSchema as consentApprovalResponseSchema, OAuthIdentitySchema as oauthIdentitySchema, } from "@kya-os/consent";
|
|
13
|
-
//# sourceMappingURL=index.d.ts.map
|
package/dist/consent/index.js
CHANGED
|
@@ -8,8 +8,8 @@
|
|
|
8
8
|
* while maintaining backward compatibility with existing contracts consumers.
|
|
9
9
|
*/
|
|
10
10
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
11
|
-
exports.
|
|
12
|
-
exports.oauthIdentitySchema = exports.consentApprovalResponseSchema = exports.consentApprovalRequestSchema = void 0;
|
|
11
|
+
exports.AUTH_MODE_REGISTRY = exports.AUTH_MODES = exports.DEFAULT_COLORS = exports.DEFAULT_EXPIRATION_DAYS = exports.DEFAULT_METADATA = exports.DEFAULT_SUCCESS = exports.DEFAULT_TERMS = exports.DEFAULT_UI = exports.DEFAULT_BRANDING = exports.validateAgentMetadata = exports.validateCapabilityGroup = exports.validateCapability = exports.CedarTemplateContextSchema = exports.CedarPolicySchema = exports.RiskLevelSchema = exports.ConsentThemeSchema = exports.AgentMetadataSchema = exports.CapabilityIconSchema = exports.CapabilityGroupSchema = exports.CapabilitySchema = exports.validateCustomField = exports.validateConsentBranding = exports.validateConsentConfig = exports.validateConsentPageConfig = exports.validateOAuthIdentity = exports.validateConsentApprovalResponse = exports.validateConsentApprovalRequest = exports.CredentialAuthResponseSchema = exports.CredentialAuthRequestSchema = exports.ConsentPageConfigSchema = exports.ConsentApprovalResponseSchema = exports.ConsentApprovalRequestSchema = exports.OAuthIdentitySchema = exports.IDVConfigSchema = exports.PasskeyConfigSchema = exports.QRCodeConfigSchema = exports.OTPConfigSchema = exports.MagicLinkConfigSchema = exports.OAuthConfigSchema = exports.CredentialsConfigSchema = exports.AuthModeSchema = exports.ConsentBrandingSchema = exports.ConsentMetadataSchema = exports.ConsentSuccessSchema = exports.ConsentUISchema = exports.ConsentTermsSchema = exports.ConsentCustomFieldOptionSchema = exports.ConsentCustomFieldSchema = exports.ConsentConfigWithMetaSchema = exports.ConsentConfigSchema = void 0;
|
|
12
|
+
exports.oauthIdentitySchema = exports.consentApprovalResponseSchema = exports.consentApprovalRequestSchema = exports.consentPageConfigSchema = exports.consentCustomFieldOptionSchema = exports.consentCustomFieldSchema = exports.consentConfigSchema = exports.consentTermsSchema = exports.consentBrandingSchema = exports.collectsCredentials = exports.requiresExternalAuth = exports.isAuthModeImplemented = exports.getImplementedAuthModes = exports.getAuthModeMetadata = void 0;
|
|
13
13
|
// Re-export schemas from @kya-os/consent
|
|
14
14
|
var consent_1 = require("@kya-os/consent");
|
|
15
15
|
// Config schemas
|
|
@@ -47,6 +47,18 @@ Object.defineProperty(exports, "validateConsentPageConfig", { enumerable: true,
|
|
|
47
47
|
Object.defineProperty(exports, "validateConsentConfig", { enumerable: true, get: function () { return consent_1.validateConsentConfig; } });
|
|
48
48
|
Object.defineProperty(exports, "validateConsentBranding", { enumerable: true, get: function () { return consent_1.validateConsentBranding; } });
|
|
49
49
|
Object.defineProperty(exports, "validateCustomField", { enumerable: true, get: function () { return consent_1.validateCustomField; } });
|
|
50
|
+
// Capability + agent metadata + cedar schemas
|
|
51
|
+
Object.defineProperty(exports, "CapabilitySchema", { enumerable: true, get: function () { return consent_1.CapabilitySchema; } });
|
|
52
|
+
Object.defineProperty(exports, "CapabilityGroupSchema", { enumerable: true, get: function () { return consent_1.CapabilityGroupSchema; } });
|
|
53
|
+
Object.defineProperty(exports, "CapabilityIconSchema", { enumerable: true, get: function () { return consent_1.CapabilityIconSchema; } });
|
|
54
|
+
Object.defineProperty(exports, "AgentMetadataSchema", { enumerable: true, get: function () { return consent_1.AgentMetadataSchema; } });
|
|
55
|
+
Object.defineProperty(exports, "ConsentThemeSchema", { enumerable: true, get: function () { return consent_1.ConsentThemeSchema; } });
|
|
56
|
+
Object.defineProperty(exports, "RiskLevelSchema", { enumerable: true, get: function () { return consent_1.RiskLevelSchema; } });
|
|
57
|
+
Object.defineProperty(exports, "CedarPolicySchema", { enumerable: true, get: function () { return consent_1.CedarPolicySchema; } });
|
|
58
|
+
Object.defineProperty(exports, "CedarTemplateContextSchema", { enumerable: true, get: function () { return consent_1.CedarTemplateContextSchema; } });
|
|
59
|
+
Object.defineProperty(exports, "validateCapability", { enumerable: true, get: function () { return consent_1.validateCapability; } });
|
|
60
|
+
Object.defineProperty(exports, "validateCapabilityGroup", { enumerable: true, get: function () { return consent_1.validateCapabilityGroup; } });
|
|
61
|
+
Object.defineProperty(exports, "validateAgentMetadata", { enumerable: true, get: function () { return consent_1.validateAgentMetadata; } });
|
|
50
62
|
// Re-export constants and defaults
|
|
51
63
|
var consent_2 = require("@kya-os/consent");
|
|
52
64
|
// Defaults
|
|
@@ -77,4 +89,3 @@ Object.defineProperty(exports, "consentPageConfigSchema", { enumerable: true, ge
|
|
|
77
89
|
Object.defineProperty(exports, "consentApprovalRequestSchema", { enumerable: true, get: function () { return consent_3.ConsentApprovalRequestSchema; } });
|
|
78
90
|
Object.defineProperty(exports, "consentApprovalResponseSchema", { enumerable: true, get: function () { return consent_3.ConsentApprovalResponseSchema; } });
|
|
79
91
|
Object.defineProperty(exports, "oauthIdentitySchema", { enumerable: true, get: function () { return consent_3.OAuthIdentitySchema; } });
|
|
80
|
-
//# sourceMappingURL=index.js.map
|
package/dist/handshake.d.ts
CHANGED
|
@@ -206,18 +206,19 @@ export declare const SessionContextSchema: z.ZodObject<{
|
|
|
206
206
|
/**
|
|
207
207
|
* Delegation VC credential ID for the active delegation.
|
|
208
208
|
* Set after delegation verification succeeds for a protected tool call.
|
|
209
|
-
* Used by outbound fetch interceptors
|
|
209
|
+
* Used by outbound fetch interceptors as the delegation reference embedded
|
|
210
|
+
* in the KYA-OS-Delegation-Chain / KYA-OS-Delegation-Proof headers.
|
|
210
211
|
*/
|
|
211
212
|
delegationRef: z.ZodOptional<z.ZodString>;
|
|
212
213
|
/**
|
|
213
214
|
* Reference chain string for the delegation hierarchy.
|
|
214
215
|
* Format: "vc_id_1>del_id_1>vc_id_2>del_id_2"
|
|
215
|
-
* Used by outbound fetch interceptors to inject KYA-Delegation-Chain header.
|
|
216
|
+
* Used by outbound fetch interceptors to inject KYA-OS-Delegation-Chain header.
|
|
216
217
|
*/
|
|
217
218
|
delegationChain: z.ZodOptional<z.ZodString>;
|
|
218
219
|
/**
|
|
219
220
|
* Scopes granted by the active delegation.
|
|
220
|
-
* Used by outbound fetch interceptors to inject KYA-Granted-Scopes header.
|
|
221
|
+
* Used by outbound fetch interceptors to inject KYA-OS-Granted-Scopes header.
|
|
221
222
|
*/
|
|
222
223
|
delegationScopes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
223
224
|
}, "strip", z.ZodTypeAny, {
|
package/dist/handshake.js
CHANGED
|
@@ -78,18 +78,19 @@ exports.SessionContextSchema = zod_1.z.object({
|
|
|
78
78
|
/**
|
|
79
79
|
* Delegation VC credential ID for the active delegation.
|
|
80
80
|
* Set after delegation verification succeeds for a protected tool call.
|
|
81
|
-
* Used by outbound fetch interceptors
|
|
81
|
+
* Used by outbound fetch interceptors as the delegation reference embedded
|
|
82
|
+
* in the KYA-OS-Delegation-Chain / KYA-OS-Delegation-Proof headers.
|
|
82
83
|
*/
|
|
83
84
|
delegationRef: zod_1.z.string().optional(),
|
|
84
85
|
/**
|
|
85
86
|
* Reference chain string for the delegation hierarchy.
|
|
86
87
|
* Format: "vc_id_1>del_id_1>vc_id_2>del_id_2"
|
|
87
|
-
* Used by outbound fetch interceptors to inject KYA-Delegation-Chain header.
|
|
88
|
+
* Used by outbound fetch interceptors to inject KYA-OS-Delegation-Chain header.
|
|
88
89
|
*/
|
|
89
90
|
delegationChain: zod_1.z.string().optional(),
|
|
90
91
|
/**
|
|
91
92
|
* Scopes granted by the active delegation.
|
|
92
|
-
* Used by outbound fetch interceptors to inject KYA-Granted-Scopes header.
|
|
93
|
+
* Used by outbound fetch interceptors to inject KYA-OS-Granted-Scopes header.
|
|
93
94
|
*/
|
|
94
95
|
delegationScopes: zod_1.z.array(zod_1.z.string()).optional(),
|
|
95
96
|
});
|
package/dist/proof/index.d.ts
CHANGED
|
@@ -4,7 +4,6 @@
|
|
|
4
4
|
* This module exports all proof-related types including DetachedProof,
|
|
5
5
|
* proof records, and signing specs.
|
|
6
6
|
*/
|
|
7
|
-
export { DetachedProofSchema, ProofMetaSchema, CanonicalHashesSchema, AuditRecordSchema, ToolCallContextSchema, ProofSubmissionContextSchema, ProofSubmissionRequestSchema, JWS_ALGORITHM, HASH_ALGORITHM, AUDIT_VERSION, type DetachedProof, type ProofMeta, type CanonicalHashes, type AuditRecord, type ToolCallContext, type ProofSubmissionContext, type ProofSubmissionRequest, } from
|
|
8
|
-
export * from
|
|
9
|
-
export * from
|
|
10
|
-
//# sourceMappingURL=index.d.ts.map
|
|
7
|
+
export { DetachedProofSchema, ProofMetaSchema, ProofOutcomeSchema, CanonicalHashesSchema, AuditRecordSchema, ToolCallContextSchema, ProofSubmissionContextSchema, ProofSubmissionRequestSchema, JWS_ALGORITHM, HASH_ALGORITHM, AUDIT_VERSION, type DetachedProof, type ProofMeta, type ProofOutcome, type CanonicalHashes, type AuditRecord, type ToolCallContext, type ProofSubmissionContext, type ProofSubmissionRequest, } from "../proof.js";
|
|
8
|
+
export * from "./signing-spec.js";
|
|
9
|
+
export * from "./proof-record.js";
|
package/dist/proof/index.js
CHANGED
|
@@ -20,11 +20,12 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
20
20
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
21
21
|
};
|
|
22
22
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
23
|
-
exports.AUDIT_VERSION = exports.HASH_ALGORITHM = exports.JWS_ALGORITHM = exports.ProofSubmissionRequestSchema = exports.ProofSubmissionContextSchema = exports.ToolCallContextSchema = exports.AuditRecordSchema = exports.CanonicalHashesSchema = exports.ProofMetaSchema = exports.DetachedProofSchema = void 0;
|
|
23
|
+
exports.AUDIT_VERSION = exports.HASH_ALGORITHM = exports.JWS_ALGORITHM = exports.ProofSubmissionRequestSchema = exports.ProofSubmissionContextSchema = exports.ToolCallContextSchema = exports.AuditRecordSchema = exports.CanonicalHashesSchema = exports.ProofOutcomeSchema = exports.ProofMetaSchema = exports.DetachedProofSchema = void 0;
|
|
24
24
|
// Export DetachedProof and related schemas from root proof.ts
|
|
25
25
|
var proof_js_1 = require("../proof.js");
|
|
26
26
|
Object.defineProperty(exports, "DetachedProofSchema", { enumerable: true, get: function () { return proof_js_1.DetachedProofSchema; } });
|
|
27
27
|
Object.defineProperty(exports, "ProofMetaSchema", { enumerable: true, get: function () { return proof_js_1.ProofMetaSchema; } });
|
|
28
|
+
Object.defineProperty(exports, "ProofOutcomeSchema", { enumerable: true, get: function () { return proof_js_1.ProofOutcomeSchema; } });
|
|
28
29
|
Object.defineProperty(exports, "CanonicalHashesSchema", { enumerable: true, get: function () { return proof_js_1.CanonicalHashesSchema; } });
|
|
29
30
|
Object.defineProperty(exports, "AuditRecordSchema", { enumerable: true, get: function () { return proof_js_1.AuditRecordSchema; } });
|
|
30
31
|
Object.defineProperty(exports, "ToolCallContextSchema", { enumerable: true, get: function () { return proof_js_1.ToolCallContextSchema; } });
|
|
@@ -36,4 +37,3 @@ Object.defineProperty(exports, "AUDIT_VERSION", { enumerable: true, get: functio
|
|
|
36
37
|
// Export proof record and signing spec types
|
|
37
38
|
__exportStar(require("./signing-spec.js"), exports);
|
|
38
39
|
__exportStar(require("./proof-record.js"), exports);
|
|
39
|
-
//# sourceMappingURL=index.js.map
|