@kya-os/mcp-i-core 1.1.10 → 1.1.11

package/dist/proof/proof-engine.js

@@ -0,0 +1,249 @@
+"use strict";
+/**
+ * ProofEngine abstraction for multiple proof formats
+ * Supports JWT-VC, Data Integrity (Ed25519Signature2020), and JWS
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DefaultProofEngine = exports.ProofEngine = void 0;
+/**
+ * Abstract proof engine for creating and verifying proofs
+ */
+class ProofEngine {
+    crypto;
+    constructor(crypto) {
+        this.crypto = crypto;
+    }
+}
+exports.ProofEngine = ProofEngine;
+/**
+ * Default proof engine implementation
+ */
+class DefaultProofEngine extends ProofEngine {
+    /**
+     * Create a proof based on format
+     */
+    async createProof(data, privateKey, options) {
+        const canonical = options.canonicalize ? this.canonicalize(data) : JSON.stringify(data);
+        const dataBytes = new TextEncoder().encode(canonical);
+        switch (options.format.type) {
+            case 'DetachedJWS':
+                return this.createDetachedJWS(dataBytes, privateKey, options);
+            case 'DataIntegrity':
+                return this.createDataIntegrityProof(data, privateKey, options);
+            case 'JWT-VC':
+                return this.createJWTVC(data, privateKey, options);
+            default:
+                throw new Error(`Unsupported proof format: ${options.format.type}`);
+        }
+    }
+    /**
+     * Verify a proof based on format
+     */
+    async verifyProof(data, proof, publicKey, options) {
+        try {
+            switch (options.format.type) {
+                case 'DetachedJWS':
+                    return this.verifyDetachedJWS(data, proof, publicKey, options);
+                case 'DataIntegrity':
+                    return this.verifyDataIntegrityProof(data, proof, publicKey, options);
+                case 'JWT-VC':
+                    return this.verifyJWTVC(proof, publicKey, options);
+                default:
+                    return {
+                        valid: false,
+                        format: options.format,
+                        errors: [`Unsupported proof format: ${options.format.type}`]
+                    };
+            }
+        }
+        catch (error) {
+            return {
+                valid: false,
+                format: options.format,
+                errors: [error instanceof Error ? error.message : String(error)]
+            };
+        }
+    }
+    /**
+     * Create detached JWS proof
+     */
+    async createDetachedJWS(data, privateKey, options) {
+        // Create signature
+        const signature = await this.crypto.sign(data, privateKey);
+        // Create hash for reference
+        const hash = await this.crypto.hash(data);
+        return {
+            format: 'DetachedJWS',
+            signature: Buffer.from(signature).toString('base64url'),
+            hash: Buffer.from(hash).toString('base64'),
+            algorithm: options.format.algorithm || 'Ed25519'
+        };
+    }
+    /**
+     * Verify detached JWS proof
+     */
+    async verifyDetachedJWS(data, proof, publicKey, options) {
+        const canonical = options.canonicalize ? this.canonicalize(data) : JSON.stringify(data);
+        const dataBytes = new TextEncoder().encode(canonical);
+        // Verify hash matches
+        const hash = await this.crypto.hash(dataBytes);
+        const hashBase64 = Buffer.from(hash).toString('base64');
+        if (hashBase64 !== proof.hash) {
+            return {
+                valid: false,
+                format: options.format,
+                errors: ['Hash mismatch']
+            };
+        }
+        // Verify signature
+        const signatureBytes = Buffer.from(proof.signature, 'base64url');
+        const valid = await this.crypto.verify(dataBytes, signatureBytes, publicKey);
+        return {
+            valid,
+            format: options.format,
+            metadata: { hash: hashBase64 }
+        };
+    }
+    /**
+     * Create Data Integrity proof (Ed25519Signature2020)
+     */
+    async createDataIntegrityProof(data, privateKey, options) {
+        const proof = {
+            type: 'Ed25519Signature2020',
+            created: new Date().toISOString(),
+            verificationMethod: '', // Will be set by runtime
+            proofPurpose: 'assertionMethod'
+        };
+        // Canonicalize document + proof
+        const docWithProof = { ...data, proof };
+        const canonical = this.canonicalize(docWithProof);
+        const dataBytes = new TextEncoder().encode(canonical);
+        // Sign
+        const signature = await this.crypto.sign(dataBytes, privateKey);
+        return {
+            ...proof,
+            proofValue: Buffer.from(signature).toString('base64')
+        };
+    }
+    /**
+     * Verify Data Integrity proof
+     */
+    async verifyDataIntegrityProof(data, proof, publicKey, options) {
+        // Remove proofValue for verification
+        const { proofValue, ...proofWithoutValue } = proof;
+        const docWithProof = { ...data, proof: proofWithoutValue };
+        // Canonicalize
+        const canonical = this.canonicalize(docWithProof);
+        const dataBytes = new TextEncoder().encode(canonical);
+        // Verify signature
+        const signatureBytes = Buffer.from(proofValue, 'base64');
+        const valid = await this.crypto.verify(dataBytes, signatureBytes, publicKey);
+        return {
+            valid,
+            format: options.format,
+            metadata: {
+                created: proof.created,
+                type: proof.type
+            }
+        };
+    }
+    /**
+     * Create JWT-VC
+     */
+    async createJWTVC(data, privateKey, options) {
+        // Create JWT header
+        const header = {
+            alg: 'EdDSA',
+            typ: 'JWT'
+        };
+        // Create payload
+        const payload = {
+            vc: data,
+            iat: Math.floor(Date.now() / 1000),
+            exp: Math.floor(Date.now() / 1000) + 3600 // 1 hour
+        };
+        // Encode parts
+        const headerB64 = Buffer.from(JSON.stringify(header)).toString('base64url');
+        const payloadB64 = Buffer.from(JSON.stringify(payload)).toString('base64url');
+        // Sign
+        const message = `${headerB64}.${payloadB64}`;
+        const signature = await this.crypto.sign(new TextEncoder().encode(message), privateKey);
+        return `${message}.${Buffer.from(signature).toString('base64url')}`;
+    }
+    /**
+     * Verify JWT-VC
+     */
+    async verifyJWTVC(jwt, publicKey, options) {
+        const parts = jwt.split('.');
+        if (parts.length !== 3) {
+            return {
+                valid: false,
+                format: options.format,
+                errors: ['Invalid JWT format']
+            };
+        }
+        const [headerB64, payloadB64, signatureB64] = parts;
+        // Verify signature
+        const message = `${headerB64}.${payloadB64}`;
+        const signature = Buffer.from(signatureB64, 'base64url');
+        const valid = await this.crypto.verify(new TextEncoder().encode(message), signature, publicKey);
+        if (!valid) {
+            return {
+                valid: false,
+                format: options.format,
+                errors: ['Invalid signature']
+            };
+        }
+        // Decode and check expiry
+        const payload = JSON.parse(Buffer.from(payloadB64, 'base64url').toString());
+        const now = Math.floor(Date.now() / 1000);
+        if (payload.exp && payload.exp < now) {
+            return {
+                valid: false,
+                format: options.format,
+                errors: ['JWT expired']
+            };
+        }
+        return {
+            valid: true,
+            format: options.format,
+            metadata: payload
+        };
+    }
+    /**
+     * Canonicalize JSON (JCS - RFC 8785)
+     */
+    canonicalize(obj) {
+        if (obj === null)
+            return 'null';
+        if (typeof obj === 'boolean')
+            return obj.toString();
+        if (typeof obj === 'number')
+            return JSON.stringify(obj);
+        if (typeof obj === 'string')
+            return JSON.stringify(obj);
+        if (Array.isArray(obj)) {
+            return '[' + obj.map(item => this.canonicalize(item)).join(',') + ']';
+        }
+        if (typeof obj === 'object') {
+            const keys = Object.keys(obj).sort();
+            const pairs = keys.map(key => {
+                return JSON.stringify(key) + ':' + this.canonicalize(obj[key]);
+            });
+            return '{' + pairs.join(',') + '}';
+        }
+        throw new Error('Unsupported type for canonicalization');
+    }
+    /**
+     * Get supported formats
+     */
+    getSupportedFormats() {
+        return [
+            { type: 'DetachedJWS', algorithm: 'Ed25519' },
+            { type: 'DataIntegrity', algorithm: 'Ed25519Signature2020' },
+            { type: 'JWT-VC', algorithm: 'EdDSA' }
+        ];
+    }
+}
+exports.DefaultProofEngine = DefaultProofEngine;
+//# sourceMappingURL=proof-engine.js.map

package/dist/proof/proof-engine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"proof-engine.js","sourceRoot":"","sources":["../../src/proof/proof-engine.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAsBH;;GAEG;AACH,MAAsB,WAAW;IACT;IAAtB,YAAsB,MAAsB;QAAtB,WAAM,GAAN,MAAM,CAAgB;IAAG,CAAC;CA8BjD;AA/BD,kCA+BC;AAED;;GAEG;AACH,MAAa,kBAAmB,SAAQ,WAAW;IACjD;;OAEG;IACH,KAAK,CAAC,WAAW,CACf,IAAS,EACT,UAAkB,EAClB,OAAqB;QAErB,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACxF,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEtD,QAAQ,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YAC5B,KAAK,aAAa;gBAChB,OAAO,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;YAChE,KAAK,eAAe;gBAClB,OAAO,IAAI,CAAC,wBAAwB,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;YAClE,KAAK,QAAQ;gBACX,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;YACrD;gBACE,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CACf,IAAS,EACT,KAAU,EACV,SAAiB,EACjB,OAAqB;QAErB,IAAI,CAAC;YACH,QAAQ,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBAC5B,KAAK,aAAa;oBAChB,OAAO,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;gBACjE,KAAK,eAAe;oBAClB,OAAO,IAAI,CAAC,wBAAwB,CAAC,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;gBACxE,KAAK,QAAQ;oBACX,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;gBACrD;oBACE,OAAO;wBACL,KAAK,EAAE,KAAK;wBACZ,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,MAAM,EAAE,CAAC,6BAA6B,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;qBAC7D,CAAC;YACN,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;aACjE,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iBAAiB,CAC7B,IAAgB,EAChB,UAAkB,EAClB,OAAqB;QAErB,mBAAmB;QACnB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAE3D,4BAA4B;QAC5B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE1C,OAAO;YACL,MAAM,EAAE,aAAa;YACrB,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;YACvD,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC1C,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS;SACjD,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iBAAiB,CAC7B,IAAS,EACT,KAAU,EACV,SAAiB,EACjB,OAAqB;QAErB,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACxF,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEtD,sBAAsB;QACtB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC/C,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAExD,IAAI,UAAU,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC;YAC9B,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,CAAC,eAAe,CAAC;aAC1B,CAAC;QACJ,CAAC;QAED,mBAAmB;QACnB,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;QACjE,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC;QAE7E,OAAO;YACL,KAAK;YACL,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,QAAQ,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;SAC/B,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,wBAAwB,CACpC,IAAS,EACT,UAAkB,EAClB,OAAqB;QAErB,MAAM,KAAK,GAAG;YACZ,IAAI,EAAE,sBAAsB;YAC5B,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACjC,kBAAkB,EAAE,EAAE,EAAE,yBAAyB;YACjD,YAAY,EAAE,iBAAiB;SAChC,CAAC;QAEF,gCAAgC;QAChC,MAAM,YAAY,GAAG,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,CAAC;QACxC,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAClD,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEtD,OAAO;QACP,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;QAEhE,OAAO;YACL,GAAG,KAAK;YACR,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;SACtD,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,wBAAwB,CACpC,IAAS,EACT,KAAU,EACV,SAAiB,EACjB,OAAqB;QAErB,qCAAqC;QACrC,MAAM,EAAE,UAAU,EAAE,GAAG,iBAAiB,EAAE,GAAG,KAAK,CAAC;QACnD,MAAM,YAAY,GAAG,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAC;QAE3D,eAAe;QACf,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAClD,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEtD,mBAAmB;QACnB,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACzD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC;QAE7E,OAAO;YACL,KAAK;YACL,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,QAAQ,EAAE;gBACR,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,IAAI,EAAE,KAAK,CAAC,IAAI;aACjB;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,WAAW,CACvB,IAAS,EACT,UAAkB,EAClB,OAAqB;QAErB,oBAAoB;QACpB,MAAM,MAAM,GAAG;YACb,GAAG,EAAE,OAAO;YACZ,GAAG,EAAE,KAAK;SACX,CAAC;QAEF,iBAAiB;QACjB,MAAM,OAAO,GAAG;YACd,EAAE,EAAE,IAAI;YACR,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,SAAS;SACpD,CAAC;QAEF,eAAe;QACf,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAC5E,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAE9E,OAAO;QACP,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAC;QAC7C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACtC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EACjC,UAAU,CACX,CAAC;QAEF,OAAO,GAAG,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;IACtE,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,WAAW,CACvB,GAAW,EACX,SAAiB,EACjB,OAAqB;QAErB,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,CAAC,oBAAoB,CAAC;aAC/B,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,YAAY,CAAC,GAAG,KAAK,CAAC;QAEpD,mBAAmB;QACnB,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAC;QAC7C,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;QACzD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACpC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EACjC,SAAS,EACT,SAAS,CACV,CAAC;QAEF,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,CAAC,mBAAmB,CAAC;aAC9B,CAAC;QACJ,CAAC;QAED,0BAA0B;QAC1B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC5E,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;YACrC,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,CAAC,aAAa,CAAC;aACxB,CAAC;QACJ,CAAC;QAED,OAAO;YACL,KAAK,EAAE,IAAI;YACX,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,QAAQ,EAAE,OAAO;SAClB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,GAAQ;QACnB,IAAI,GAAG,KAAK,IAAI;YAAE,OAAO,MAAM,CAAC;QAChC,IAAI,OAAO,GAAG,KAAK,SAAS;YAAE,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;QACpD,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACxD,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAExD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,OAAO,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;QACxE,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;gBAC3B,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACjE,CAAC,CAAC,CAAC;YACH,OAAO,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;QACrC,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO;YACL,EAAE,IAAI,EAAE,aAAa,EAAE,SAAS,EAAE,SAAS,EAAE;YAC7C,EAAE,IAAI,EAAE,eAAe,EAAE,SAAS,EAAE,sBAAsB,EAAE;YAC5D,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE;SACvC,CAAC;IACJ,CAAC;CACF;AA1SD,gDA0SC"}

package/dist/runtime/base-v2.d.ts

@@ -0,0 +1,117 @@
+/**
+ * Base MCP-I Runtime V2 - Refactored with better separation of concerns
+ */
+import { CryptoProvider, IdentityProvider, StorageProvider, NonceCacheProvider, ClockProvider, FetchProvider } from "../types/providers";
+import { AgentIdentity, SessionContext, HandshakeRequest, HandshakeResponse } from "@kya-os/contracts/handshake";
+import { ProofEngine, ProofFormat, ProofOptions } from "../proof/proof-engine";
+import { CredentialVerifier, DelegationRegistry, ProgressiveVerifier } from "../verification/interfaces";
+import { UniversalDIDResolver } from "../did/resolver";
+export interface MCPIRuntimeConfigV2 {
+    cryptoProvider: CryptoProvider;
+    identityProvider: IdentityProvider;
+    storageProvider: StorageProvider;
+    nonceCacheProvider: NonceCacheProvider;
+    clockProvider: ClockProvider;
+    fetchProvider: FetchProvider;
+    proofEngine?: ProofEngine;
+    didResolver?: UniversalDIDResolver;
+    credentialVerifier?: CredentialVerifier;
+    delegationRegistry?: DelegationRegistry;
+    session?: {
+        timestampSkewSeconds?: number;
+        sessionTtlMinutes?: number;
+        absoluteSessionLifetime?: number;
+    };
+    audit?: {
+        enabled?: boolean;
+        includePayloads?: boolean;
+        logFunction?: (record: string) => void;
+    };
+    proof?: {
+        defaultFormat?: ProofFormat;
+        canonicalize?: boolean;
+    };
+    security?: {
+        requireCredentialVerification?: boolean;
+        maxDelegationDepth?: number;
+        allowExpiredCredentials?: boolean;
+    };
+}
+/**
+ * Refactored MCP-I Runtime Base
+ * Accepts providers instead of implementing crypto directly
+ */
+export declare class MCPIRuntimeBaseV2 {
+    protected crypto: CryptoProvider;
+    protected identity: IdentityProvider;
+    protected storage: StorageProvider;
+    protected nonceCache: NonceCacheProvider;
+    protected clock: ClockProvider;
+    protected fetch: FetchProvider;
+    protected proofEngine: ProofEngine;
+    protected didResolver: UniversalDIDResolver;
+    protected credentialVerifier?: CredentialVerifier;
+    protected delegationRegistry?: DelegationRegistry;
+    protected progressiveVerifier?: ProgressiveVerifier;
+    protected config: MCPIRuntimeConfigV2;
+    private cachedIdentity?;
+    private sessions;
+    constructor(config: MCPIRuntimeConfigV2);
+    /**
+     * Initialize runtime (load or generate identity)
+     */
+    initialize(): Promise<void>;
+    /**
+     * Get current agent identity
+     */
+    getIdentity(): Promise<AgentIdentity>;
+    /**
+     * Generate new identity using crypto provider
+     */
+    protected generateIdentity(): Promise<void>;
+    /**
+     * Create DID from public key
+     */
+    protected createDID(publicKey: string): Promise<string>;
+    /**
+     * Handle handshake request with improved validation
+     */
+    handleHandshake(request: HandshakeRequest): Promise<HandshakeResponse>;
+    /**
+     * Create proof using ProofEngine
+     */
+    createProof(response: any, session: SessionContext, options?: Partial<ProofOptions>): Promise<any>;
+    /**
+     * Verify proof with optional credential/delegation verification
+     */
+    verifyProof(data: any, proof: any, options?: {
+        verifyCredential?: boolean;
+        checkDelegation?: boolean;
+        publicKey?: string;
+    }): Promise<boolean>;
+    /**
+     * Process tool call with automatic proof generation
+     */
+    processToolCall(toolName: string, args: any, handler: (args: any) => Promise<any>, session: SessionContext): Promise<any>;
+    /**
+     * Get edge verification data for offline verification
+     */
+    getEdgeVerificationData(id: string): Promise<any>;
+    /**
+     * Generate cryptographically secure session ID
+     */
+    protected generateSessionId(): Promise<string>;
+    /**
+     * Generate cryptographically secure nonce
+     */
+    protected generateNonce(): Promise<string>;
+    /**
+     * Get runtime capabilities
+     */
+    protected getCapabilities(): Promise<string[]>;
+    /**
+     * Audit logging
+     */
+    protected auditLog(event: string, data?: any): void;
+}
+//# sourceMappingURL=base-v2.d.ts.map

package/dist/runtime/base-v2.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base-v2.d.ts","sourceRoot":"","sources":["../../src/runtime/base-v2.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EACL,cAAc,EACd,gBAAgB,EAChB,eAAe,EACf,kBAAkB,EAClB,aAAa,EACb,aAAa,EACd,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAC/E,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACzG,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAEvD,MAAM,WAAW,mBAAmB;IAElC,cAAc,EAAE,cAAc,CAAC;IAC/B,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,eAAe,EAAE,eAAe,CAAC;IACjC,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,aAAa,EAAE,aAAa,CAAC;IAC7B,aAAa,EAAE,aAAa,CAAC;IAG7B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,WAAW,CAAC,EAAE,oBAAoB,CAAC;IACnC,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IAGxC,OAAO,CAAC,EAAE;QACR,oBAAoB,CAAC,EAAE,MAAM,CAAC;QAC9B,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,uBAAuB,CAAC,EAAE,MAAM,CAAC;KAClC,CAAC;IAEF,KAAK,CAAC,EAAE;QACN,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;KACxC,CAAC;IAEF,KAAK,CAAC,EAAE;QACN,aAAa,CAAC,EAAE,WAAW,CAAC;QAC5B,YAAY,CAAC,EAAE,OAAO,CAAC;KACxB,CAAC;IAEF,QAAQ,CAAC,EAAE;QACT,6BAA6B,CAAC,EAAE,OAAO,CAAC;QACxC,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,uBAAuB,CAAC,EAAE,OAAO,CAAC;KACnC,CAAC;CACH;AAED;;;GAGG;AACH,qBAAa,iBAAiB;IAE5B,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC;IACjC,SAAS,CAAC,QAAQ,EAAE,gBAAgB,CAAC;IACrC,SAAS,CAAC,OAAO,EAAE,eAAe,CAAC;IACnC,SAAS,CAAC,UAAU,EAAE,kBAAkB,CAAC;IACzC,SAAS,CAAC,KAAK,EAAE,aAAa,CAAC;IAC/B,SAAS,CAAC,KAAK,EAAE,aAAa,CAAC;IAG/B,SAAS,CAAC,WAAW,EAAE,WAAW,CAAC;IACnC,SAAS,CAAC,WAAW,EAAE,oBAAoB,CAAC;IAC5C,SAAS,CAAC,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IAClD,SAAS,CAAC,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IAClD,SAAS,CAAC,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;IAGpD,SAAS,CAAC,MAAM,EAAE,mBAAmB,CAAC;IAGtC,OAAO,CAAC,cAAc,CAAC,CAAgB;IACvC,OAAO,CAAC,QAAQ,CAA0C;gBAE9C,MAAM,EAAE,mBAAmB;IA4BvC;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAkBjC;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,aAAa,CAAC;IAU3C;;OAEG;cACa,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC;IAsBjD;;OAEG;cACa,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAW7D;;OAEG;IACG,eAAe,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAoD5E;;OAEG;IACG,WAAW,CACf,QAAQ,EAAE,GAAG,EACb,OAAO,EAAE,cAAc,EACvB,OAAO,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,GAC9B,OAAO,CAAC,GAAG,CAAC;IAyCf;;OAEG;IACG,WAAW,CACf,IAAI,EAAE,GAAG,EACT,KAAK,EAAE,GAAG,EACV,OAAO,CAAC,EAAE;QACR,gBAAgB,CAAC,EAAE,OAAO,CAAC;QAC3B,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GACA,OAAO,CAAC,OAAO,CAAC;IA2DnB;;OAEG;IACG,eAAe,CACnB,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,GAAG,EACT,OAAO,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,EACpC,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,GAAG,CAAC;IA+Bf;;OAEG;IACG,uBAAuB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAQvD;;OAEG;cACa,iBAAiB,IAAI,OAAO,CAAC,MAAM,CAAC;IAKpD;;OAEG;cACa,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC;IAKhD;;OAEG;cACa,eAAe,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAwBpD;;OAEG;IACH,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,IAAI;CAoBpD"}