@kya-os/mcp-i 0.1.0 → 1.2.1

package/dist/runtime/__tests__/mcpi-runtime.test.js

@@ -0,0 +1,372 @@
+"use strict";
+/**
+ * Tests for XMCP-I Runtime Integration
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const mcpi_runtime_js_1 = require("../mcpi-runtime.js");
+const fs_1 = require("fs");
+const promises_1 = require("fs/promises");
+(0, vitest_1.describe)("MCPIRuntime", () => {
+    let runtime;
+    let mockLogFunction;
+    (0, vitest_1.beforeEach)(async () => {
+        mockLogFunction = vitest_1.vi.fn();
+        // Mock console.log to avoid noise in tests
+        vitest_1.vi.spyOn(console, "log").mockImplementation(() => { });
+        vitest_1.vi.spyOn(console, "error").mockImplementation(() => { });
+    });
+    (0, vitest_1.afterEach)(async () => {
+        if (runtime) {
+            await runtime.cleanup();
+        }
+        // Cleanup test directory
+        try {
+            if ((0, fs_1.existsSync)(".test-mcpi")) {
+                await (0, promises_1.rmdir)(".test-mcpi", { recursive: true });
+            }
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+        vitest_1.vi.restoreAllMocks();
+    });
+    (0, vitest_1.describe)("Runtime Initialization", () => {
+        (0, vitest_1.it)("should initialize successfully with default config", async () => {
+            runtime = new mcpi_runtime_js_1.MCPIRuntime({
+                identity: {
+                    environment: "development",
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+                audit: {
+                    logFunction: mockLogFunction,
+                },
+            });
+            await runtime.initialize();
+            const stats = runtime.getStats();
+            (0, vitest_1.expect)(stats.identity.did).toBeTruthy();
+            (0, vitest_1.expect)(stats.identity.keyId).toBeTruthy();
+            (0, vitest_1.expect)(stats.runtime.initialized).toBe(true);
+        });
+        (0, vitest_1.it)("should initialize with well-known endpoints", async () => {
+            runtime = new mcpi_runtime_js_1.MCPIRuntime({
+                identity: {
+                    environment: "development",
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+                wellKnown: {
+                    environment: "development",
+                    baseUrl: "http://localhost:3000",
+                },
+            });
+            await runtime.initialize();
+            const stats = runtime.getStats();
+            (0, vitest_1.expect)(stats.runtime.wellKnownEnabled).toBe(true);
+            const handler = runtime.getWellKnownHandler();
+            (0, vitest_1.expect)(handler).toBeDefined();
+            (0, vitest_1.expect)(handler.handleDIDDocument).toBeTypeOf("function");
+            (0, vitest_1.expect)(handler.handleAgentDocument).toBeTypeOf("function");
+        });
+        (0, vitest_1.it)("should fail initialization without well-known config when accessing handler", async () => {
+            runtime = new mcpi_runtime_js_1.MCPIRuntime({
+                identity: {
+                    environment: "development",
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+            });
+            await runtime.initialize();
+            (0, vitest_1.expect)(() => runtime.getWellKnownHandler()).toThrow("Well-known endpoints not configured");
+        });
+    });
+    (0, vitest_1.describe)("Handshake Validation", () => {
+        (0, vitest_1.beforeEach)(async () => {
+            runtime = new mcpi_runtime_js_1.MCPIRuntime({
+                identity: {
+                    environment: "development",
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+                audit: {
+                    logFunction: mockLogFunction,
+                },
+            });
+            await runtime.initialize();
+        });
+        (0, vitest_1.it)("should validate correct handshake", async () => {
+            const request = {
+                nonce: "test-nonce-123",
+                audience: "example.com",
+                timestamp: Math.floor(Date.now() / 1000),
+            };
+            const session = await runtime.validateHandshake(request);
+            (0, vitest_1.expect)(session).toBeTruthy();
+            (0, vitest_1.expect)(session.audience).toBe("example.com");
+            (0, vitest_1.expect)(session.nonce).toBe("test-nonce-123");
+            (0, vitest_1.expect)(session.sessionId).toMatch(/^sess_/);
+        });
+        (0, vitest_1.it)("should reject invalid handshake", async () => {
+            const request = {
+                nonce: "test-nonce-old",
+                audience: "example.com",
+                timestamp: Math.floor(Date.now() / 1000) - 200, // Too old
+            };
+            const session = await runtime.validateHandshake(request);
+            (0, vitest_1.expect)(session).toBeNull();
+        });
+    });
+    (0, vitest_1.describe)("Tool Call Processing", () => {
+        let mockSession;
+        (0, vitest_1.beforeEach)(async () => {
+            runtime = new mcpi_runtime_js_1.MCPIRuntime({
+                identity: {
+                    environment: "development",
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+                audit: {
+                    logFunction: mockLogFunction,
+                },
+            });
+            await runtime.initialize();
+            // Create a valid session
+            const handshakeRequest = {
+                nonce: "test-nonce-123",
+                audience: "example.com",
+                timestamp: Math.floor(Date.now() / 1000),
+            };
+            mockSession = await runtime.validateHandshake(handshakeRequest);
+        });
+        (0, vitest_1.it)("should process tool call with proof generation", async () => {
+            const toolRequest = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const mockToolHandler = vitest_1.vi.fn().mockResolvedValue({ output: "world" });
+            const response = await runtime.processToolCall(toolRequest, mockSession, mockToolHandler);
+            (0, vitest_1.expect)(mockToolHandler).toHaveBeenCalledWith(toolRequest);
+            (0, vitest_1.expect)(response.data).toEqual({ output: "world" });
+            (0, vitest_1.expect)(response.meta?.proof).toBeDefined();
+            (0, vitest_1.expect)(response.meta?.proof?.meta.did).toBeTruthy();
+            (0, vitest_1.expect)(response.meta?.proof?.jws).toBeTruthy();
+        });
+        (0, vitest_1.it)("should include scope and delegation in proof", async () => {
+            const toolRequest = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const mockToolHandler = vitest_1.vi.fn().mockResolvedValue({ output: "world" });
+            const response = await runtime.processToolCall(toolRequest, mockSession, mockToolHandler, {
+                scopeId: "orders.create",
+                delegationRef: "delegation-123",
+            });
+            (0, vitest_1.expect)(response.meta?.proof?.meta.scopeId).toBe("orders.create");
+            (0, vitest_1.expect)(response.meta?.proof?.meta.delegationRef).toBe("delegation-123");
+        });
+        (0, vitest_1.it)("should log audit record on tool call", async () => {
+            const toolRequest = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const mockToolHandler = vitest_1.vi.fn().mockResolvedValue({ output: "world" });
+            await runtime.processToolCall(toolRequest, mockSession, mockToolHandler);
+            (0, vitest_1.expect)(mockLogFunction).toHaveBeenCalled();
+            const auditLine = mockLogFunction.mock.calls[0][0];
+            (0, vitest_1.expect)(auditLine).toContain("audit.v1");
+            (0, vitest_1.expect)(auditLine).toContain("verified=yes");
+        });
+        (0, vitest_1.it)("should handle tool call errors", async () => {
+            const toolRequest = {
+                method: "failing-tool",
+                params: { input: "hello" },
+            };
+            const mockToolHandler = vitest_1.vi
+                .fn()
+                .mockRejectedValue(new Error("Tool failed"));
+            await (0, vitest_1.expect)(runtime.processToolCall(toolRequest, mockSession, mockToolHandler)).rejects.toThrow("Tool failed");
+            // Should still log audit record with verified=no
+            (0, vitest_1.expect)(mockLogFunction).toHaveBeenCalled();
+            const auditLine = mockLogFunction.mock.calls[0][0];
+            (0, vitest_1.expect)(auditLine).toContain("verified=no");
+        });
+        (0, vitest_1.it)("should fail if runtime not initialized", async () => {
+            const uninitializedRuntime = new mcpi_runtime_js_1.MCPIRuntime();
+            const toolRequest = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const mockToolHandler = vitest_1.vi.fn().mockResolvedValue({ output: "world" });
+            await (0, vitest_1.expect)(uninitializedRuntime.processToolCall(toolRequest, mockSession, mockToolHandler)).rejects.toThrow("Runtime not initialized");
+        });
+    });
+    (0, vitest_1.describe)("Runtime Statistics", () => {
+        (0, vitest_1.beforeEach)(async () => {
+            runtime = new mcpi_runtime_js_1.MCPIRuntime({
+                identity: {
+                    environment: "development",
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+                wellKnown: {
+                    environment: "development",
+                    baseUrl: "http://localhost:3000",
+                },
+            });
+            await runtime.initialize();
+        });
+        (0, vitest_1.it)("should provide comprehensive statistics", () => {
+            const stats = runtime.getStats();
+            (0, vitest_1.expect)(stats.identity.did).toBeTruthy();
+            (0, vitest_1.expect)(stats.identity.keyId).toBeTruthy();
+            (0, vitest_1.expect)(stats.identity.environment).toBe("development");
+            (0, vitest_1.expect)(stats.session.activeSessions).toBe(0);
+            (0, vitest_1.expect)(stats.audit.enabled).toBe(true);
+            (0, vitest_1.expect)(stats.runtime.initialized).toBe(true);
+            (0, vitest_1.expect)(stats.runtime.wellKnownEnabled).toBe(true);
+        });
+    });
+    (0, vitest_1.describe)("Runtime Environment Checks", () => {
+        (0, vitest_1.it)("should pass environment checks in Node.js ≥18.18", async () => {
+            // This test runs in Node.js, so it should pass
+            runtime = new mcpi_runtime_js_1.MCPIRuntime({
+                identity: {
+                    environment: "development",
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+            });
+            await (0, vitest_1.expect)(runtime.initialize()).resolves.not.toThrow();
+        });
+        (0, vitest_1.it)("should detect Node.js environment", async () => {
+            runtime = new mcpi_runtime_js_1.MCPIRuntime({
+                identity: {
+                    environment: "development",
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+            });
+            await runtime.initialize();
+            const stats = runtime.getStats();
+            (0, vitest_1.expect)(stats.runtime.initialized).toBe(true);
+        });
+    });
+});
+(0, vitest_1.describe)("Runtime Factory", () => {
+    let runtime;
+    (0, vitest_1.afterEach)(async () => {
+        if (runtime) {
+            await runtime.cleanup();
+        }
+        // Cleanup test directory
+        try {
+            if ((0, fs_1.existsSync)(".test-mcpi")) {
+                await (0, promises_1.rmdir)(".test-mcpi", { recursive: true });
+            }
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+    });
+    (0, vitest_1.beforeEach)(() => {
+        // Mock console.log to avoid noise in tests
+        vitest_1.vi.spyOn(console, "log").mockImplementation(() => { });
+        vitest_1.vi.spyOn(console, "error").mockImplementation(() => { });
+    });
+    (0, vitest_1.afterEach)(() => {
+        vitest_1.vi.restoreAllMocks();
+    });
+    (0, vitest_1.describe)("forDevelopment", () => {
+        (0, vitest_1.it)("should create development runtime", async () => {
+            runtime = await mcpi_runtime_js_1.RuntimeFactory.forDevelopment({
+                identity: {
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+            });
+            const stats = runtime.getStats();
+            (0, vitest_1.expect)(stats.identity.environment).toBe("development");
+            (0, vitest_1.expect)(stats.runtime.initialized).toBe(true);
+        });
+        (0, vitest_1.it)("should enable verify link in development", async () => {
+            runtime = await mcpi_runtime_js_1.RuntimeFactory.forDevelopment({
+                identity: {
+                    devIdentityPath: ".test-mcpi/identity.json",
+                },
+            });
+            // Should not throw and should be initialized
+            (0, vitest_1.expect)(runtime.getStats().runtime.initialized).toBe(true);
+        });
+    });
+    (0, vitest_1.describe)("forProduction", () => {
+        (0, vitest_1.it)("should create production runtime with env vars", async () => {
+            // Mock production environment variables
+            const originalEnv = process.env;
+            process.env.AGENT_PRIVATE_KEY = Buffer.from("test-private-key-32-bytes-long!!").toString("base64");
+            process.env.AGENT_KEY_ID = "key-prod-123";
+            process.env.AGENT_DID = "did:web:example.com:agents:prod-agent";
+            process.env.KYA_VOUCHED_API_KEY = "test-api-key";
+            try {
+                runtime = await mcpi_runtime_js_1.RuntimeFactory.forProduction();
+                const stats = runtime.getStats();
+                (0, vitest_1.expect)(stats.identity.environment).toBe("production");
+                (0, vitest_1.expect)(stats.identity.did).toBe("did:web:example.com:agents:prod-agent");
+                (0, vitest_1.expect)(stats.runtime.initialized).toBe(true);
+            }
+            finally {
+                // Restore environment
+                process.env = originalEnv;
+            }
+        });
+    });
+    (0, vitest_1.describe)("forTesting", () => {
+        (0, vitest_1.it)("should create testing runtime", async () => {
+            runtime = await mcpi_runtime_js_1.RuntimeFactory.forTesting();
+            const stats = runtime.getStats();
+            (0, vitest_1.expect)(stats.identity.environment).toBe("development");
+            (0, vitest_1.expect)(stats.audit.enabled).toBe(false); // Disabled in tests
+            (0, vitest_1.expect)(stats.runtime.initialized).toBe(true);
+        });
+        (0, vitest_1.it)("should use test identity path", async () => {
+            runtime = await mcpi_runtime_js_1.RuntimeFactory.forTesting();
+            // Should be initialized without errors
+            (0, vitest_1.expect)(runtime.getStats().runtime.initialized).toBe(true);
+        });
+    });
+});
+(0, vitest_1.describe)("createMCPIRuntime", () => {
+    let runtime;
+    (0, vitest_1.afterEach)(async () => {
+        if (runtime) {
+            await runtime.cleanup();
+        }
+        // Cleanup test directory
+        try {
+            if ((0, fs_1.existsSync)(".test-mcpi")) {
+                await (0, promises_1.rmdir)(".test-mcpi", { recursive: true });
+            }
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+    });
+    (0, vitest_1.beforeEach)(() => {
+        // Mock console.log to avoid noise in tests
+        vitest_1.vi.spyOn(console, "log").mockImplementation(() => { });
+    });
+    (0, vitest_1.afterEach)(() => {
+        vitest_1.vi.restoreAllMocks();
+    });
+    (0, vitest_1.it)("should create and initialize runtime", async () => {
+        runtime = await (0, mcpi_runtime_js_1.createMCPIRuntime)({
+            identity: {
+                environment: "development",
+                devIdentityPath: ".test-mcpi/identity.json",
+            },
+        });
+        (0, vitest_1.expect)(runtime.getStats().runtime.initialized).toBe(true);
+    });
+    (0, vitest_1.it)("should create runtime with minimal config", async () => {
+        runtime = await (0, mcpi_runtime_js_1.createMCPIRuntime)({
+            identity: {
+                environment: "development",
+                devIdentityPath: ".test-mcpi/identity.json",
+            },
+        });
+        const stats = runtime.getStats();
+        (0, vitest_1.expect)(stats.runtime.initialized).toBe(true);
+        (0, vitest_1.expect)(stats.identity.did).toBeTruthy();
+    });
+});

package/dist/runtime/__tests__/proof.test.d.ts

@@ -0,0 +1,4 @@
+/**
+ * Tests for Detached Proof Generation
+ */
+export {};

package/dist/runtime/__tests__/proof.test.js

@@ -0,0 +1,302 @@
+"use strict";
+/**
+ * Tests for Detached Proof Generation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const proof_js_1 = require("../proof.js");
+(0, vitest_1.describe)("ProofGenerator", () => {
+    let proofGenerator;
+    let mockIdentity;
+    let mockSession;
+    (0, vitest_1.beforeEach)(() => {
+        // Create mock identity with test keys
+        mockIdentity = {
+            did: "did:web:example.com:agents:test-agent",
+            keyId: "key-test-123",
+            privateKey: Buffer.from("test-private-key-32-bytes-long!!").toString("base64"),
+            publicKey: Buffer.from("test-public-key-32-bytes-long!!!").toString("base64"),
+            createdAt: new Date().toISOString(),
+        };
+        // Create mock session
+        mockSession = {
+            sessionId: "sess_test_123",
+            audience: "example.com",
+            nonce: "test-nonce-456",
+            timestamp: Math.floor(Date.now() / 1000),
+            createdAt: Math.floor(Date.now() / 1000),
+            lastActivity: Math.floor(Date.now() / 1000),
+            ttlMinutes: 30,
+        };
+        proofGenerator = new proof_js_1.ProofGenerator(mockIdentity);
+    });
+    (0, vitest_1.describe)("Canonical Hash Generation", () => {
+        (0, vitest_1.it)("should generate consistent hashes for same request/response", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof1 = await proofGenerator.generateProof(request, response, mockSession);
+            const proof2 = await proofGenerator.generateProof(request, response, mockSession);
+            // Hashes should be identical for same input
+            (0, vitest_1.expect)(proof1.meta.requestHash).toBe(proof2.meta.requestHash);
+            (0, vitest_1.expect)(proof1.meta.responseHash).toBe(proof2.meta.responseHash);
+        });
+        (0, vitest_1.it)("should generate different hashes for different requests", async () => {
+            const request1 = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const request2 = {
+                method: "test-tool",
+                params: { input: "goodbye" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof1 = await proofGenerator.generateProof(request1, response, mockSession);
+            const proof2 = await proofGenerator.generateProof(request2, response, mockSession);
+            (0, vitest_1.expect)(proof1.meta.requestHash).not.toBe(proof2.meta.requestHash);
+            (0, vitest_1.expect)(proof1.meta.responseHash).toBe(proof2.meta.responseHash); // Same response
+        });
+        (0, vitest_1.it)("should generate different hashes for different responses", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response1 = {
+                data: { output: "world" },
+            };
+            const response2 = {
+                data: { output: "universe" },
+            };
+            const proof1 = await proofGenerator.generateProof(request, response1, mockSession);
+            const proof2 = await proofGenerator.generateProof(request, response2, mockSession);
+            (0, vitest_1.expect)(proof1.meta.requestHash).toBe(proof2.meta.requestHash); // Same request
+            (0, vitest_1.expect)(proof1.meta.responseHash).not.toBe(proof2.meta.responseHash);
+        });
+        (0, vitest_1.it)("should generate SHA-256 hashes with correct format", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof = await proofGenerator.generateProof(request, response, mockSession);
+            (0, vitest_1.expect)(proof.meta.requestHash).toMatch(/^sha256:[a-f0-9]{64}$/);
+            (0, vitest_1.expect)(proof.meta.responseHash).toMatch(/^sha256:[a-f0-9]{64}$/);
+        });
+        (0, vitest_1.it)("should handle requests without params", async () => {
+            const request = {
+                method: "simple-tool",
+            };
+            const response = {
+                data: { result: "success" },
+            };
+            const proof = await proofGenerator.generateProof(request, response, mockSession);
+            (0, vitest_1.expect)(proof.meta.requestHash).toMatch(/^sha256:[a-f0-9]{64}$/);
+            (0, vitest_1.expect)(proof.meta.responseHash).toMatch(/^sha256:[a-f0-9]{64}$/);
+        });
+    });
+    (0, vitest_1.describe)("Proof Metadata", () => {
+        (0, vitest_1.it)("should include all required metadata fields", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof = await proofGenerator.generateProof(request, response, mockSession);
+            (0, vitest_1.expect)(proof.meta.did).toBe(mockIdentity.did);
+            (0, vitest_1.expect)(proof.meta.kid).toBe(mockIdentity.keyId);
+            (0, vitest_1.expect)(proof.meta.ts).toBeTypeOf("number");
+            (0, vitest_1.expect)(proof.meta.nonce).toBe(mockSession.nonce);
+            (0, vitest_1.expect)(proof.meta.audience).toBe(mockSession.audience);
+            (0, vitest_1.expect)(proof.meta.sessionId).toBe(mockSession.sessionId);
+            (0, vitest_1.expect)(proof.meta.requestHash).toBeTruthy();
+            (0, vitest_1.expect)(proof.meta.responseHash).toBeTruthy();
+        });
+        (0, vitest_1.it)("should include optional fields when provided", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const options = {
+                scopeId: "orders.create",
+                delegationRef: "delegation-ref-123",
+            };
+            const proof = await proofGenerator.generateProof(request, response, mockSession, options);
+            (0, vitest_1.expect)(proof.meta.scopeId).toBe("orders.create");
+            (0, vitest_1.expect)(proof.meta.delegationRef).toBe("delegation-ref-123");
+        });
+        (0, vitest_1.it)("should bind request and response hashes to same session", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof = await proofGenerator.generateProof(request, response, mockSession);
+            // Both hashes should be bound to the same session and audience
+            (0, vitest_1.expect)(proof.meta.sessionId).toBe(mockSession.sessionId);
+            (0, vitest_1.expect)(proof.meta.audience).toBe(mockSession.audience);
+            (0, vitest_1.expect)(proof.meta.nonce).toBe(mockSession.nonce);
+        });
+    });
+    (0, vitest_1.describe)("Detached JWS Generation", () => {
+        (0, vitest_1.it)("should generate detached JWS in correct format", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof = await proofGenerator.generateProof(request, response, mockSession);
+            // Detached JWS should have format: header..signature (empty payload)
+            const jwsParts = proof.jws.split(".");
+            (0, vitest_1.expect)(jwsParts).toHaveLength(3);
+            (0, vitest_1.expect)(jwsParts[1]).toBe(""); // Empty payload for detached format
+            (0, vitest_1.expect)(jwsParts[0]).toBeTruthy(); // Header should exist
+            (0, vitest_1.expect)(jwsParts[2]).toBeTruthy(); // Signature should exist
+        });
+        (0, vitest_1.it)("should use EdDSA algorithm", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof = await proofGenerator.generateProof(request, response, mockSession);
+            // Decode header to check algorithm
+            const [headerB64] = proof.jws.split(".");
+            const header = JSON.parse(Buffer.from(headerB64, "base64url").toString());
+            (0, vitest_1.expect)(header.alg).toBe("EdDSA");
+            (0, vitest_1.expect)(header.kid).toBe(mockIdentity.keyId);
+        });
+    });
+    (0, vitest_1.describe)("Proof Verification", () => {
+        (0, vitest_1.it)("should verify valid proof structure", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof = await proofGenerator.generateProof(request, response, mockSession);
+            const isValid = await proofGenerator.verifyProof(proof, request, response);
+            (0, vitest_1.expect)(isValid).toBe(true);
+        });
+        (0, vitest_1.it)("should reject proof with mismatched request", async () => {
+            const request1 = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const request2 = {
+                method: "test-tool",
+                params: { input: "goodbye" },
+            };
+            const response = {
+                data: { output: "world" },
+            };
+            const proof = await proofGenerator.generateProof(request1, response, mockSession);
+            const isValid = await proofGenerator.verifyProof(proof, request2, response);
+            (0, vitest_1.expect)(isValid).toBe(false);
+        });
+        (0, vitest_1.it)("should reject proof with mismatched response", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const response1 = {
+                data: { output: "world" },
+            };
+            const response2 = {
+                data: { output: "universe" },
+            };
+            const proof = await proofGenerator.generateProof(request, response1, mockSession);
+            const isValid = await proofGenerator.verifyProof(proof, request, response2);
+            (0, vitest_1.expect)(isValid).toBe(false);
+        });
+    });
+    (0, vitest_1.describe)("JSON Canonicalization", () => {
+        (0, vitest_1.it)("should canonicalize objects with sorted keys", () => {
+            const canonical = (0, proof_js_1.extractCanonicalData)({ method: "test", params: { b: 2, a: 1 } }, { data: { z: 26, a: 1 } });
+            // Keys should be sorted in canonical form
+            (0, vitest_1.expect)(canonical.request).toEqual({
+                method: "test",
+                params: { b: 2, a: 1 },
+            });
+            (0, vitest_1.expect)(canonical.response).toEqual({ z: 26, a: 1 });
+        });
+        (0, vitest_1.it)("should handle nested objects and arrays", () => {
+            const canonical = (0, proof_js_1.extractCanonicalData)({
+                method: "complex-tool",
+                params: {
+                    nested: { c: 3, a: 1 },
+                    array: [3, 1, 2],
+                },
+            }, { data: { result: [{ b: 2, a: 1 }] } });
+            (0, vitest_1.expect)(canonical.request.params.nested).toEqual({ c: 3, a: 1 });
+            (0, vitest_1.expect)(canonical.request.params.array).toEqual([3, 1, 2]);
+            (0, vitest_1.expect)(canonical.response.result).toEqual([{ b: 2, a: 1 }]);
+        });
+    });
+});
+(0, vitest_1.describe)("Utility Functions", () => {
+    let mockIdentity;
+    let mockSession;
+    (0, vitest_1.beforeEach)(() => {
+        mockIdentity = {
+            did: "did:web:example.com:agents:test-agent",
+            keyId: "key-test-123",
+            privateKey: Buffer.from("test-private-key-32-bytes-long!!").toString("base64"),
+            publicKey: Buffer.from("test-public-key-32-bytes-long!!!").toString("base64"),
+            createdAt: new Date().toISOString(),
+        };
+        mockSession = {
+            sessionId: "sess_test_123",
+            audience: "example.com",
+            nonce: "test-nonce-456",
+            timestamp: Math.floor(Date.now() / 1000),
+            createdAt: Math.floor(Date.now() / 1000),
+            lastActivity: Math.floor(Date.now() / 1000),
+            ttlMinutes: 30,
+        };
+    });
+    (0, vitest_1.describe)("createProofResponse", () => {
+        (0, vitest_1.it)("should create response with proof metadata", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const data = { output: "world" };
+            const response = await (0, proof_js_1.createProofResponse)(request, data, mockIdentity, mockSession);
+            (0, vitest_1.expect)(response.data).toEqual(data);
+            (0, vitest_1.expect)(response.meta?.proof).toBeDefined();
+            (0, vitest_1.expect)(response.meta?.proof?.meta.did).toBe(mockIdentity.did);
+            (0, vitest_1.expect)(response.meta?.proof?.jws).toBeTruthy();
+        });
+        (0, vitest_1.it)("should include optional proof options", async () => {
+            const request = {
+                method: "test-tool",
+                params: { input: "hello" },
+            };
+            const data = { output: "world" };
+            const options = { scopeId: "orders.create" };
+            const response = await (0, proof_js_1.createProofResponse)(request, data, mockIdentity, mockSession, options);
+            (0, vitest_1.expect)(response.meta?.proof?.meta.scopeId).toBe("orders.create");
+        });
+    });
+});

package/dist/runtime/__tests__/session.test.d.ts

@@ -0,0 +1,4 @@
+/**
+ * Tests for Session Management System
+ */
+export {};