@kya-os/mcp-i-core 1.0.0

package/README.md

@@ -0,0 +1,302 @@
+# @kya-os/mcp-i-core
+
+Platform-agnostic core for MCP-I (Model Context Protocol with Identity) runtime. This package provides the shared business logic, interfaces, and abstractions that work across all JavaScript environments.
+
+## Overview
+
+`@kya-os/mcp-i-core` is the foundation for building MCP-I runtimes on any platform. It provides:
+
+- **Isomorphic verification logic** that works across Node.js, Cloudflare Workers, Vercel Edge, and browsers
+- **Provider-based architecture** for platform-specific implementations
+- **Multiple proof formats** (JWT-VC, Data Integrity, DetachedJWS)
+- **DID resolution** with pluggable resolvers
+- **Progressive verification** for optimal performance
+- **Credential and delegation** support
+
+## Architecture
+
+```
+┌─────────────────────────────────────────────────────────────┐
+│                      Application Layer                       │
+│         (@kya-os/mcp-i or @kya-os/mcp-i-cloudflare)         │
+└────────────────────┬────────────────────────────────────────┘
+                     │
+┌────────────────────▼────────────────────────────────────────┐
+│                    @kya-os/mcp-i-core                       │
+│                                                              │
+│  ┌─────────────┐  ┌──────────────┐  ┌──────────────────┐  │
+│  │   Runtime   │  │ ProofEngine  │  │  DID Resolver    │  │
+│  │    Base     │  │              │  │                  │  │
+│  └─────────────┘  └──────────────┘  └──────────────────┘  │
+│                                                              │
+│  ┌─────────────┐  ┌──────────────┐  ┌──────────────────┐  │
+│  │ Credential  │  │  Delegation  │  │   Progressive    │  │
+│  │  Verifier   │  │   Registry   │  │    Verifier     │  │
+│  └─────────────┘  └──────────────┘  └──────────────────┘  │
+└────────────────────┬────────────────────────────────────────┘
+                     │
+┌────────────────────▼────────────────────────────────────────┐
+│                    Provider Interfaces                       │
+│                                                              │
+│  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────────┐  │
+│  │  Crypto  │ │ Identity │ │  Clock   │ │    Fetch     │  │
+│  │ Provider │ │ Provider │ │ Provider │ │   Provider   │  │
+│  └──────────┘ └──────────┘ └──────────┘ └──────────────┘  │
+│                                                              │
+│  ┌──────────┐ ┌──────────┐ ┌──────────────────────────┐   │
+│  │ Storage  │ │  Nonce   │ │   Platform-Specific      │   │
+│  │ Provider │ │  Cache   │ │    Implementations       │   │
+│  └──────────┘ └──────────┘ └──────────────────────────┘   │
+└──────────────────────────────────────────────────────────────┘
+```
+
+## Installation
+
+```bash
+npm install @kya-os/mcp-i-core
+```
+
+## Provider Interfaces
+
+### CryptoProvider
+Handles all cryptographic operations (signing, verification, key generation).
+
+```typescript
+abstract class CryptoProvider {
+  abstract sign(data: Uint8Array, privateKey: string): Promise<Uint8Array>;
+  abstract verify(data: Uint8Array, signature: Uint8Array, publicKey: string): Promise<boolean>;
+  abstract generateKeyPair(): Promise<{ privateKey: string; publicKey: string }>;
+  abstract hash(data: Uint8Array): Promise<Uint8Array>;
+}
+```
+
+### IdentityProvider
+Manages agent identity storage and retrieval.
+
+```typescript
+abstract class IdentityProvider {
+  abstract loadIdentity(): Promise<AgentIdentity | null>;
+  abstract storeIdentity(identity: AgentIdentity): Promise<void>;
+  abstract hasIdentity(): Promise<boolean>;
+  abstract deleteIdentity(): Promise<void>;
+}
+```
+
+### ClockProvider
+Provides deterministic time operations for testing and consistency.
+
+```typescript
+abstract class ClockProvider {
+  abstract now(): number;
+  abstract isWithinSkew(timestamp: number, skewSeconds: number): boolean;
+  abstract hasExpired(expiresAt: number): boolean;
+  abstract calculateExpiry(ttlSeconds: number): number;
+}
+```
+
+### FetchProvider
+Handles network operations for DID resolution and verification.
+
+```typescript
+abstract class FetchProvider {
+  abstract resolveDID(did: string): Promise<any>;
+  abstract fetchStatusList(url: string): Promise<any>;
+  abstract fetchDelegationChain(id: string): Promise<any[]>;
+  abstract fetch(url: string, options?: any): Promise<Response>;
+}
+```
+
+## Core Components
+
+### MCPIRuntimeBaseV2
+
+The main runtime class that orchestrates all MCP-I operations.
+
+```typescript
+import { MCPIRuntimeBaseV2 } from '@kya-os/mcp-i-core';
+
+class MyPlatformRuntime extends MCPIRuntimeBaseV2 {
+  constructor() {
+    super({
+      cryptoProvider: new MyeCryptoProvider(),
+      identityProvider: new MyIdentityProvider(),
+      storageProvider: new MyStorageProvider(),
+      nonceCacheProvider: new MyNonceCacheProvider(),
+      clockProvider: new MyClockProvider(),
+      fetchProvider: new MyFetchProvider()
+    });
+  }
+
+  // Platform-specific implementations
+  protected async generateSessionId(): Promise<string> {
+    // Use platform's secure random
+  }
+
+  protected async generateNonce(): Promise<string> {
+    // Use platform's secure random
+  }
+}
+```
+
+### ProofEngine
+
+Supports multiple proof formats with a unified interface.
+
+```typescript
+const proofEngine = new DefaultProofEngine(cryptoProvider);
+
+// Create proof in different formats
+const jwtProof = await proofEngine.createProof(data, privateKey, {
+  format: { type: 'JWT-VC', algorithm: 'EdDSA' }
+});
+
+const dataIntegrityProof = await proofEngine.createProof(data, privateKey, {
+  format: { type: 'DataIntegrity', algorithm: 'Ed25519Signature2020' }
+});
+
+// Verify any format
+const result = await proofEngine.verifyProof(data, proof, publicKey, {
+  format: { type: 'DetachedJWS', algorithm: 'Ed25519' }
+});
+```
+
+### DID Resolver
+
+Pluggable DID resolution with built-in support for did:key and did:web.
+
+```typescript
+const resolver = new UniversalDIDResolver(fetchProvider);
+
+// Register custom resolver
+resolver.registerResolver(new MyCustomDIDResolver());
+
+// Resolve any DID
+const document = await resolver.resolve('did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK');
+const publicKey = await resolver.getPublicKey(did, keyId);
+```
+
+### Progressive Verification
+
+Optimized verification with offline and online stages.
+
+```typescript
+const verifier = new ProgressiveVerifier(credentialVerifier, delegationRegistry);
+
+// Stage-1: Quick offline checks
+// Stage-2: Full online verification (parallel)
+const result = await verifier.verifyProgressive(data, {
+  verifyCredential: true,
+  checkRevocation: true,
+  maxChainDepth: 5
+});
+```
+
+## Platform Implementations
+
+### Node.js / Vercel
+```typescript
+// @kya-os/mcp-i
+import { MCPIRuntimeBaseV2 } from '@kya-os/mcp-i-core';
+import { NodeCryptoProvider } from './providers/node-crypto';
+import { FileSystemIdentityProvider } from './providers/fs-identity';
+
+export class MCPIRuntime extends MCPIRuntimeBaseV2 {
+  constructor() {
+    super({
+      cryptoProvider: new NodeCryptoProvider(),
+      identityProvider: new FileSystemIdentityProvider(),
+      // ... other Node.js providers
+    });
+  }
+}
+```
+
+### Cloudflare Workers
+```typescript
+// @kya-os/mcp-i-cloudflare
+import { MCPIRuntimeBaseV2 } from '@kya-os/mcp-i-core';
+import { WebCryptoProvider } from './providers/web-crypto';
+import { KVIdentityProvider } from './providers/kv-identity';
+
+export class MCPICloudflareRuntime extends MCPIRuntimeBaseV2 {
+  constructor(env: CloudflareEnv) {
+    super({
+      cryptoProvider: new WebCryptoProvider(),
+      identityProvider: new KVIdentityProvider(env),
+      // ... other Cloudflare providers
+    });
+  }
+}
+```
+
+## Isomorphic Verification
+
+The verification logic works identically across all platforms:
+
+```typescript
+// Works in Node.js, Cloudflare Workers, Vercel Edge, Browser
+async function verifyMCPIProof(data: any, proof: any): Promise<boolean> {
+  const runtime = createRuntimeForPlatform(); // Platform-specific
+  return runtime.verifyProof(data, proof); // Isomorphic logic
+}
+```
+
+## Security Considerations
+
+1. **Private Keys**: Never stored in core, always handled by IdentityProvider
+2. **Nonce Management**: Automatic replay attack prevention
+3. **Time Skew**: Configurable tolerance for clock differences
+4. **Session Lifecycle**: Absolute lifetime limits
+5. **Audit Logging**: Built-in audit trail support
+
+## Testing
+
+The provider-based architecture makes testing straightforward:
+
+```typescript
+import { MockCryptoProvider, MockIdentityProvider } from '@kya-os/mcp-i-core/test';
+
+const runtime = new MCPIRuntimeBaseV2({
+  cryptoProvider: new MockCryptoProvider(),
+  identityProvider: new MockIdentityProvider(),
+  // ... mock providers
+});
+
+// Test business logic without platform dependencies
+```
+
+## Migration Guide
+
+### From @kya-os/mcp-i v1.x
+
+The existing API remains unchanged. Internal implementation now uses core:
+
+```typescript
+// Before (still works)
+import { MCPIRuntime } from '@kya-os/mcp-i';
+const runtime = new MCPIRuntime();
+
+// After (also works, same API)
+import { MCPIRuntime } from '@kya-os/mcp-i';
+const runtime = new MCPIRuntime();
+```
+
+### For New Projects
+
+Use the platform-specific package:
+
+```typescript
+// Node.js / Vercel
+import { createMCPIServer } from '@kya-os/mcp-i';
+
+// Cloudflare Workers
+import { createMCPIServer } from '@kya-os/mcp-i-cloudflare';
+```
+
+## Contributing
+
+See [CONTRIBUTING.md](../../CONTRIBUTING.md) for development setup and guidelines.
+
+## License
+
+MIT

package/dist/did/resolver.d.ts

@@ -0,0 +1,92 @@
+/**
+ * DID Resolver plugin system
+ * Supports did:key and did:web out of the box, extensible for other methods
+ */
+import { FetchProvider } from "../types/providers";
+/**
+ * DID Document structure
+ */
+export interface DIDDocument {
+    '@context': string[];
+    id: string;
+    verificationMethod?: VerificationMethod[];
+    authentication?: (string | VerificationMethod)[];
+    assertionMethod?: (string | VerificationMethod)[];
+    keyAgreement?: (string | VerificationMethod)[];
+    capabilityInvocation?: (string | VerificationMethod)[];
+    capabilityDelegation?: (string | VerificationMethod)[];
+}
+export interface VerificationMethod {
+    id: string;
+    type: string;
+    controller: string;
+    publicKeyBase58?: string;
+    publicKeyJwk?: any;
+    publicKeyMultibase?: string;
+}
+/**
+ * DID resolver interface
+ */
+export interface DIDResolver {
+    /**
+     * Check if this resolver can handle the given DID method
+     */
+    canResolve(did: string): boolean;
+    /**
+     * Resolve a DID to its document
+     */
+    resolve(did: string): Promise<DIDDocument>;
+}
+/**
+ * did:key resolver (built-in)
+ */
+export declare class DIDKeyResolver implements DIDResolver {
+    canResolve(did: string): boolean;
+    resolve(did: string): Promise<DIDDocument>;
+    private decodeMultibase;
+}
+/**
+ * did:web resolver (built-in)
+ */
+export declare class DIDWebResolver implements DIDResolver {
+    private fetchProvider;
+    constructor(fetchProvider: FetchProvider);
+    canResolve(did: string): boolean;
+    resolve(did: string): Promise<DIDDocument>;
+}
+/**
+ * Universal DID resolver with plugin support
+ */
+export declare class UniversalDIDResolver {
+    private resolvers;
+    constructor(fetchProvider?: FetchProvider);
+    /**
+     * Register a DID resolver
+     */
+    registerResolver(resolver: DIDResolver): void;
+    /**
+     * Resolve a DID using the appropriate resolver
+     */
+    resolve(did: string): Promise<DIDDocument>;
+    /**
+     * Extract public key from DID document
+     */
+    getPublicKey(did: string, keyId?: string): Promise<string>;
+    private decodePublicKey;
+}
+/**
+ * Lean DID resolver for edge environments
+ */
+export declare class EdgeDIDResolver extends UniversalDIDResolver {
+    private cache;
+    constructor(cache?: Map<string, DIDDocument>);
+    /**
+     * Resolve with caching
+     */
+    resolve(did: string): Promise<DIDDocument>;
+    /**
+     * Pre-populate cache for known DIDs
+     */
+    preloadCache(documents: DIDDocument[]): void;
+}
+//# sourceMappingURL=resolver.d.ts.map

package/dist/did/resolver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolver.d.ts","sourceRoot":"","sources":["../../src/did/resolver.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,EAAE,EAAE,MAAM,CAAC;IACX,kBAAkB,CAAC,EAAE,kBAAkB,EAAE,CAAC;IAC1C,cAAc,CAAC,EAAE,CAAC,MAAM,GAAG,kBAAkB,CAAC,EAAE,CAAC;IACjD,eAAe,CAAC,EAAE,CAAC,MAAM,GAAG,kBAAkB,CAAC,EAAE,CAAC;IAClD,YAAY,CAAC,EAAE,CAAC,MAAM,GAAG,kBAAkB,CAAC,EAAE,CAAC;IAC/C,oBAAoB,CAAC,EAAE,CAAC,MAAM,GAAG,kBAAkB,CAAC,EAAE,CAAC;IACvD,oBAAoB,CAAC,EAAE,CAAC,MAAM,GAAG,kBAAkB,CAAC,EAAE,CAAC;CACxD;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,YAAY,CAAC,EAAE,GAAG,CAAC;IACnB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IAEjC;;OAEG;IACH,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;CAC5C;AAED;;GAEG;AACH,qBAAa,cAAe,YAAW,WAAW;IAChD,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAI1B,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAoChD,OAAO,CAAC,eAAe;CAYxB;AAED;;GAEG;AACH,qBAAa,cAAe,YAAW,WAAW;IACpC,OAAO,CAAC,aAAa;gBAAb,aAAa,EAAE,aAAa;IAEhD,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAI1B,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;CA2BjD;AAED;;GAEG;AACH,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,SAAS,CAAqB;gBAE1B,aAAa,CAAC,EAAE,aAAa;IASzC;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,WAAW,GAAG,IAAI;IAI7C;;OAEG;IACG,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAWhD;;OAEG;IACG,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAgChE,OAAO,CAAC,eAAe;CAUxB;AAED;;GAEG;AACH,qBAAa,eAAgB,SAAQ,oBAAoB;IAC3C,OAAO,CAAC,KAAK;gBAAL,KAAK,GAAE,GAAG,CAAC,MAAM,EAAE,WAAW,CAAa;IAI/D;;OAEG;IACG,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAmBhD;;OAEG;IACH,YAAY,CAAC,SAAS,EAAE,WAAW,EAAE,GAAG,IAAI;CAK7C"}

package/dist/did/resolver.js

@@ -0,0 +1,203 @@
+"use strict";
+/**
+ * DID Resolver plugin system
+ * Supports did:key and did:web out of the box, extensible for other methods
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EdgeDIDResolver = exports.UniversalDIDResolver = exports.DIDWebResolver = exports.DIDKeyResolver = void 0;
+/**
+ * did:key resolver (built-in)
+ */
+class DIDKeyResolver {
+    canResolve(did) {
+        return did.startsWith('did:key:');
+    }
+    async resolve(did) {
+        // Extract the multibase key
+        const multibaseKey = did.substring('did:key:'.length);
+        // Decode multibase (z-base58)
+        const keyBytes = this.decodeMultibase(multibaseKey);
+        // Extract codec and key material
+        const codec = keyBytes[0] << 8 | keyBytes[1];
+        const publicKey = keyBytes.slice(2);
+        // Ed25519 codec is 0xed01
+        if (codec !== 0xed01) {
+            throw new Error(`Unsupported key type: ${codec.toString(16)}`);
+        }
+        // Create DID document
+        return {
+            '@context': [
+                'https://www.w3.org/ns/did/v1',
+                'https://w3id.org/security/suites/ed25519-2020/v1'
+            ],
+            id: did,
+            verificationMethod: [{
+                    id: `${did}#${multibaseKey}`,
+                    type: 'Ed25519VerificationKey2020',
+                    controller: did,
+                    publicKeyMultibase: multibaseKey
+                }],
+            authentication: [`${did}#${multibaseKey}`],
+            assertionMethod: [`${did}#${multibaseKey}`],
+            capabilityInvocation: [`${did}#${multibaseKey}`],
+            capabilityDelegation: [`${did}#${multibaseKey}`]
+        };
+    }
+    decodeMultibase(multibase) {
+        // Remove 'z' prefix (z-base58)
+        if (!multibase.startsWith('z')) {
+            throw new Error('Invalid multibase encoding');
+        }
+        // Base58 decode (simplified - in production use a proper library)
+        const base58 = multibase.substring(1);
+        // This is a simplified implementation
+        // In production, use a proper base58 decoding library
+        return Buffer.from(base58, 'base64'); // Placeholder
+    }
+}
+exports.DIDKeyResolver = DIDKeyResolver;
+/**
+ * did:web resolver (built-in)
+ */
+class DIDWebResolver {
+    fetchProvider;
+    constructor(fetchProvider) {
+        this.fetchProvider = fetchProvider;
+    }
+    canResolve(did) {
+        return did.startsWith('did:web:');
+    }
+    async resolve(did) {
+        // Extract domain and path from DID
+        const parts = did.substring('did:web:'.length).split(':');
+        const domain = parts[0];
+        const path = parts.slice(1).join('/');
+        // Construct URL
+        const url = path
+            ? `https://${domain}/${path}/did.json`
+            : `https://${domain}/.well-known/did.json`;
+        // Fetch DID document
+        const response = await this.fetchProvider.fetch(url);
+        if (!response.ok) {
+            throw new Error(`Failed to resolve ${did}: ${response.statusText}`);
+        }
+        const document = await response.json();
+        // Validate document
+        if (!document['@context'] || document.id !== did) {
+            throw new Error('Invalid DID document');
+        }
+        return document;
+    }
+}
+exports.DIDWebResolver = DIDWebResolver;
+/**
+ * Universal DID resolver with plugin support
+ */
+class UniversalDIDResolver {
+    resolvers = [];
+    constructor(fetchProvider) {
+        // Register built-in resolvers
+        this.registerResolver(new DIDKeyResolver());
+        if (fetchProvider) {
+            this.registerResolver(new DIDWebResolver(fetchProvider));
+        }
+    }
+    /**
+     * Register a DID resolver
+     */
+    registerResolver(resolver) {
+        this.resolvers.push(resolver);
+    }
+    /**
+     * Resolve a DID using the appropriate resolver
+     */
+    async resolve(did) {
+        // Find appropriate resolver
+        const resolver = this.resolvers.find(r => r.canResolve(did));
+        if (!resolver) {
+            throw new Error(`No resolver available for DID method: ${did.split(':')[1]}`);
+        }
+        return resolver.resolve(did);
+    }
+    /**
+     * Extract public key from DID document
+     */
+    async getPublicKey(did, keyId) {
+        const document = await this.resolve(did);
+        // Find verification method
+        let method;
+        if (keyId) {
+            method = document.verificationMethod?.find(m => m.id === keyId);
+        }
+        else {
+            // Use first verification method
+            method = document.verificationMethod?.[0];
+        }
+        if (!method) {
+            throw new Error(`No verification method found for ${did}`);
+        }
+        // Extract public key
+        if (method.publicKeyMultibase) {
+            // Decode multibase key
+            return this.decodePublicKey(method.publicKeyMultibase);
+        }
+        else if (method.publicKeyBase58) {
+            // Decode base58 key
+            return Buffer.from(method.publicKeyBase58, 'base64').toString('base64');
+        }
+        else if (method.publicKeyJwk) {
+            // Extract from JWK
+            return Buffer.from(method.publicKeyJwk.x, 'base64url').toString('base64');
+        }
+        throw new Error('No supported public key format found');
+    }
+    decodePublicKey(multibase) {
+        // Simplified - extract Ed25519 public key from multibase
+        // In production, use proper multibase/multicodec decoding
+        if (multibase.startsWith('z')) {
+            // z-base58 encoded
+            // This is a placeholder - use proper decoding
+            return Buffer.from(multibase.substring(1), 'base64').toString('base64');
+        }
+        throw new Error('Unsupported multibase encoding');
+    }
+}
+exports.UniversalDIDResolver = UniversalDIDResolver;
+/**
+ * Lean DID resolver for edge environments
+ */
+class EdgeDIDResolver extends UniversalDIDResolver {
+    cache;
+    constructor(cache = new Map()) {
+        super(); // Only register did:key (no network needed)
+        this.cache = cache;
+    }
+    /**
+     * Resolve with caching
+     */
+    async resolve(did) {
+        // Check cache first
+        if (this.cache.has(did)) {
+            return this.cache.get(did);
+        }
+        // Resolve and cache
+        const document = await super.resolve(did);
+        this.cache.set(did, document);
+        // Limit cache size
+        if (this.cache.size > 100) {
+            const firstKey = this.cache.keys().next().value;
+            this.cache.delete(firstKey);
+        }
+        return document;
+    }
+    /**
+     * Pre-populate cache for known DIDs
+     */
+    preloadCache(documents) {
+        for (const doc of documents) {
+            this.cache.set(doc.id, doc);
+        }
+    }
+}
+exports.EdgeDIDResolver = EdgeDIDResolver;
+//# sourceMappingURL=resolver.js.map

package/dist/did/resolver.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolver.js","sourceRoot":"","sources":["../../src/did/resolver.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AA0CH;;GAEG;AACH,MAAa,cAAc;IACzB,UAAU,CAAC,GAAW;QACpB,OAAO,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAW;QACvB,4BAA4B;QAC5B,MAAM,YAAY,GAAG,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAEtD,8BAA8B;QAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC;QAEpD,iCAAiC;QACjC,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAEpC,0BAA0B;QAC1B,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,sBAAsB;QACtB,OAAO;YACL,UAAU,EAAE;gBACV,8BAA8B;gBAC9B,kDAAkD;aACnD;YACD,EAAE,EAAE,GAAG;YACP,kBAAkB,EAAE,CAAC;oBACnB,EAAE,EAAE,GAAG,GAAG,IAAI,YAAY,EAAE;oBAC5B,IAAI,EAAE,4BAA4B;oBAClC,UAAU,EAAE,GAAG;oBACf,kBAAkB,EAAE,YAAY;iBACjC,CAAC;YACF,cAAc,EAAE,CAAC,GAAG,GAAG,IAAI,YAAY,EAAE,CAAC;YAC1C,eAAe,EAAE,CAAC,GAAG,GAAG,IAAI,YAAY,EAAE,CAAC;YAC3C,oBAAoB,EAAE,CAAC,GAAG,GAAG,IAAI,YAAY,EAAE,CAAC;YAChD,oBAAoB,EAAE,CAAC,GAAG,GAAG,IAAI,YAAY,EAAE,CAAC;SACjD,CAAC;IACJ,CAAC;IAEO,eAAe,CAAC,SAAiB;QACvC,+BAA+B;QAC/B,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,kEAAkE;QAClE,MAAM,MAAM,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QACtC,sCAAsC;QACtC,sDAAsD;QACtD,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,cAAc;IACtD,CAAC;CACF;AArDD,wCAqDC;AAED;;GAEG;AACH,MAAa,cAAc;IACL;IAApB,YAAoB,aAA4B;QAA5B,kBAAa,GAAb,aAAa,CAAe;IAAG,CAAC;IAEpD,UAAU,CAAC,GAAW;QACpB,OAAO,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAW;QACvB,mCAAmC;QACnC,MAAM,KAAK,GAAG,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC1D,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEtC,gBAAgB;QAChB,MAAM,GAAG,GAAG,IAAI;YACd,CAAC,CAAC,WAAW,MAAM,IAAI,IAAI,WAAW;YACtC,CAAC,CAAC,WAAW,MAAM,uBAAuB,CAAC;QAE7C,qBAAqB;QACrB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAErD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,qBAAqB,GAAG,KAAK,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEvC,oBAAoB;QACpB,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,QAAQ,CAAC,EAAE,KAAK,GAAG,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QAED,OAAO,QAAuB,CAAC;IACjC,CAAC;CACF;AAlCD,wCAkCC;AAED;;GAEG;AACH,MAAa,oBAAoB;IACvB,SAAS,GAAkB,EAAE,CAAC;IAEtC,YAAY,aAA6B;QACvC,8BAA8B;QAC9B,IAAI,CAAC,gBAAgB,CAAC,IAAI,cAAc,EAAE,CAAC,CAAC;QAE5C,IAAI,aAAa,EAAE,CAAC;YAClB,IAAI,CAAC,gBAAgB,CAAC,IAAI,cAAc,CAAC,aAAa,CAAC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,QAAqB;QACpC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,GAAW;QACvB,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;QAE7D,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,yCAAyC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,OAAO,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,GAAW,EAAE,KAAc;QAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAEzC,2BAA2B;QAC3B,IAAI,MAAsC,CAAC;QAE3C,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,GAAG,QAAQ,CAAC,kBAAkB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,gCAAgC;YAChC,MAAM,GAAG,QAAQ,CAAC,kBAAkB,EAAE,CAAC,CAAC,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,GAAG,EAAE,CAAC,CAAC;QAC7D,CAAC;QAED,qBAAqB;QACrB,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;YAC9B,uBAAuB;YACvB,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACzD,CAAC;aAAM,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;YAClC,oBAAoB;YACpB,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC1E,CAAC;aAAM,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YAC/B,mBAAmB;YACnB,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAEO,eAAe,CAAC,SAAiB;QACvC,yDAAyD;QACzD,0DAA0D;QAC1D,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,mBAAmB;YACnB,8CAA8C;YAC9C,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC1E,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACpD,CAAC;CACF;AA9ED,oDA8EC;AAED;;GAEG;AACH,MAAa,eAAgB,SAAQ,oBAAoB;IACnC;IAApB,YAAoB,QAAkC,IAAI,GAAG,EAAE;QAC7D,KAAK,EAAE,CAAC,CAAC,4CAA4C;QADnC,UAAK,GAAL,KAAK,CAAsC;IAE/D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,GAAW;QACvB,oBAAoB;QACpB,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;QAC9B,CAAC;QAED,oBAAoB;QACpB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC1C,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAE9B,mBAAmB;QACnB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,GAAG,EAAE,CAAC;YAC1B,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;YAChD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,SAAwB;QACnC,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;CACF;AAnCD,0CAmCC"}

package/dist/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * @kya-os/mcp-i-core
+ *
+ * Core provider-based architecture for MCP-I framework.
+ * Platform-agnostic runtime that can be extended for any environment.
+ */
+export { CryptoProvider, ClockProvider, FetchProvider, StorageProvider, NonceCacheProvider, IdentityProvider, type AgentIdentity } from './providers/base';
+export { MemoryStorageProvider, MemoryNonceCacheProvider, MemoryIdentityProvider } from './providers/memory';
+export { MCPIRuntimeBase, type MCPIRuntimeConfig } from './runtime/base';
+import type { HandshakeRequest, SessionContext, NonceCache, NonceCacheEntry, NonceCacheConfig, ProofMeta, DetachedProof, CanonicalHashes, AuditRecord } from '@kya-os/contracts';
+export type { HandshakeRequest, SessionContext, NonceCache, NonceCacheEntry, NonceCacheConfig, ProofMeta, DetachedProof, CanonicalHashes, AuditRecord };
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACL,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,KAAK,aAAa,EACnB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,qBAAqB,EACrB,wBAAwB,EACxB,sBAAsB,EACvB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,eAAe,EACf,KAAK,iBAAiB,EACvB,MAAM,gBAAgB,CAAC;AAIxB,OAAO,KAAK,EACV,gBAAgB,EAChB,cAAc,EACd,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,WAAW,EACZ,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EACV,gBAAgB,EAChB,cAAc,EACd,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,WAAW,EACZ,CAAC"}

package/dist/index.js

@@ -0,0 +1,26 @@
+"use strict";
+/**
+ * @kya-os/mcp-i-core
+ *
+ * Core provider-based architecture for MCP-I framework.
+ * Platform-agnostic runtime that can be extended for any environment.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MCPIRuntimeBase = exports.MemoryIdentityProvider = exports.MemoryNonceCacheProvider = exports.MemoryStorageProvider = exports.IdentityProvider = exports.NonceCacheProvider = exports.StorageProvider = exports.FetchProvider = exports.ClockProvider = exports.CryptoProvider = void 0;
+// Base providers
+var base_1 = require("./providers/base");
+Object.defineProperty(exports, "CryptoProvider", { enumerable: true, get: function () { return base_1.CryptoProvider; } });
+Object.defineProperty(exports, "ClockProvider", { enumerable: true, get: function () { return base_1.ClockProvider; } });
+Object.defineProperty(exports, "FetchProvider", { enumerable: true, get: function () { return base_1.FetchProvider; } });
+Object.defineProperty(exports, "StorageProvider", { enumerable: true, get: function () { return base_1.StorageProvider; } });
+Object.defineProperty(exports, "NonceCacheProvider", { enumerable: true, get: function () { return base_1.NonceCacheProvider; } });
+Object.defineProperty(exports, "IdentityProvider", { enumerable: true, get: function () { return base_1.IdentityProvider; } });
+// Memory providers
+var memory_1 = require("./providers/memory");
+Object.defineProperty(exports, "MemoryStorageProvider", { enumerable: true, get: function () { return memory_1.MemoryStorageProvider; } });
+Object.defineProperty(exports, "MemoryNonceCacheProvider", { enumerable: true, get: function () { return memory_1.MemoryNonceCacheProvider; } });
+Object.defineProperty(exports, "MemoryIdentityProvider", { enumerable: true, get: function () { return memory_1.MemoryIdentityProvider; } });
+// Runtime
+var base_2 = require("./runtime/base");
+Object.defineProperty(exports, "MCPIRuntimeBase", { enumerable: true, get: function () { return base_2.MCPIRuntimeBase; } });
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAEH,iBAAiB;AACjB,yCAQ0B;AAPxB,sGAAA,cAAc,OAAA;AACd,qGAAA,aAAa,OAAA;AACb,qGAAA,aAAa,OAAA;AACb,uGAAA,eAAe,OAAA;AACf,0GAAA,kBAAkB,OAAA;AAClB,wGAAA,gBAAgB,OAAA;AAIlB,mBAAmB;AACnB,6CAI4B;AAH1B,+GAAA,qBAAqB,OAAA;AACrB,kHAAA,wBAAwB,OAAA;AACxB,gHAAA,sBAAsB,OAAA;AAGxB,UAAU;AACV,uCAGwB;AAFtB,uGAAA,eAAe,OAAA"}