npm - @mcp-i/core - Versions diffs - 0.1.0 - Mend

@mcp-i/core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (226) hide show

package/LICENSE +21 -0
package/README.md +390 -0
package/dist/auth/handshake.d.ts +104 -0
package/dist/auth/handshake.d.ts.map +1 -0
package/dist/auth/handshake.js +230 -0
package/dist/auth/handshake.js.map +1 -0
package/dist/auth/index.d.ts +3 -0
package/dist/auth/index.d.ts.map +1 -0
package/dist/auth/index.js +2 -0
package/dist/auth/index.js.map +1 -0
package/dist/auth/types.d.ts +31 -0
package/dist/auth/types.d.ts.map +1 -0
package/dist/auth/types.js +7 -0
package/dist/auth/types.js.map +1 -0
package/dist/delegation/audience-validator.d.ts +9 -0
package/dist/delegation/audience-validator.d.ts.map +1 -0
package/dist/delegation/audience-validator.js +17 -0
package/dist/delegation/audience-validator.js.map +1 -0
package/dist/delegation/bitstring.d.ts +37 -0
package/dist/delegation/bitstring.d.ts.map +1 -0
package/dist/delegation/bitstring.js +117 -0
package/dist/delegation/bitstring.js.map +1 -0
package/dist/delegation/cascading-revocation.d.ts +45 -0
package/dist/delegation/cascading-revocation.d.ts.map +1 -0
package/dist/delegation/cascading-revocation.js +148 -0
package/dist/delegation/cascading-revocation.js.map +1 -0
package/dist/delegation/delegation-graph.d.ts +49 -0
package/dist/delegation/delegation-graph.d.ts.map +1 -0
package/dist/delegation/delegation-graph.js +99 -0
package/dist/delegation/delegation-graph.js.map +1 -0
package/dist/delegation/did-key-resolver.d.ts +64 -0
package/dist/delegation/did-key-resolver.d.ts.map +1 -0
package/dist/delegation/did-key-resolver.js +154 -0
package/dist/delegation/did-key-resolver.js.map +1 -0
package/dist/delegation/did-web-resolver.d.ts +83 -0
package/dist/delegation/did-web-resolver.d.ts.map +1 -0
package/dist/delegation/did-web-resolver.js +218 -0
package/dist/delegation/did-web-resolver.js.map +1 -0
package/dist/delegation/index.d.ts +21 -0
package/dist/delegation/index.d.ts.map +1 -0
package/dist/delegation/index.js +21 -0
package/dist/delegation/index.js.map +1 -0
package/dist/delegation/outbound-headers.d.ts +81 -0
package/dist/delegation/outbound-headers.d.ts.map +1 -0
package/dist/delegation/outbound-headers.js +139 -0
package/dist/delegation/outbound-headers.js.map +1 -0
package/dist/delegation/outbound-proof.d.ts +43 -0
package/dist/delegation/outbound-proof.d.ts.map +1 -0
package/dist/delegation/outbound-proof.js +52 -0
package/dist/delegation/outbound-proof.js.map +1 -0
package/dist/delegation/statuslist-manager.d.ts +44 -0
package/dist/delegation/statuslist-manager.d.ts.map +1 -0
package/dist/delegation/statuslist-manager.js +126 -0
package/dist/delegation/statuslist-manager.js.map +1 -0
package/dist/delegation/storage/memory-graph-storage.d.ts +70 -0
package/dist/delegation/storage/memory-graph-storage.d.ts.map +1 -0
package/dist/delegation/storage/memory-graph-storage.js +145 -0
package/dist/delegation/storage/memory-graph-storage.js.map +1 -0
package/dist/delegation/storage/memory-statuslist-storage.d.ts +19 -0
package/dist/delegation/storage/memory-statuslist-storage.d.ts.map +1 -0
package/dist/delegation/storage/memory-statuslist-storage.js +33 -0
package/dist/delegation/storage/memory-statuslist-storage.js.map +1 -0
package/dist/delegation/utils.d.ts +49 -0
package/dist/delegation/utils.d.ts.map +1 -0
package/dist/delegation/utils.js +131 -0
package/dist/delegation/utils.js.map +1 -0
package/dist/delegation/vc-issuer.d.ts +56 -0
package/dist/delegation/vc-issuer.d.ts.map +1 -0
package/dist/delegation/vc-issuer.js +80 -0
package/dist/delegation/vc-issuer.js.map +1 -0
package/dist/delegation/vc-verifier.d.ts +112 -0
package/dist/delegation/vc-verifier.d.ts.map +1 -0
package/dist/delegation/vc-verifier.js +280 -0
package/dist/delegation/vc-verifier.js.map +1 -0
package/dist/index.d.ts +45 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +53 -0
package/dist/index.js.map +1 -0
package/dist/logging/index.d.ts +2 -0
package/dist/logging/index.d.ts.map +1 -0
package/dist/logging/index.js +2 -0
package/dist/logging/index.js.map +1 -0
package/dist/logging/logger.d.ts +23 -0
package/dist/logging/logger.d.ts.map +1 -0
package/dist/logging/logger.js +82 -0
package/dist/logging/logger.js.map +1 -0
package/dist/middleware/index.d.ts +7 -0
package/dist/middleware/index.d.ts.map +1 -0
package/dist/middleware/index.js +7 -0
package/dist/middleware/index.js.map +1 -0
package/dist/middleware/with-mcpi.d.ts +152 -0
package/dist/middleware/with-mcpi.d.ts.map +1 -0
package/dist/middleware/with-mcpi.js +472 -0
package/dist/middleware/with-mcpi.js.map +1 -0
package/dist/proof/errors.d.ts +49 -0
package/dist/proof/errors.d.ts.map +1 -0
package/dist/proof/errors.js +61 -0
package/dist/proof/errors.js.map +1 -0
package/dist/proof/generator.d.ts +65 -0
package/dist/proof/generator.d.ts.map +1 -0
package/dist/proof/generator.js +163 -0
package/dist/proof/generator.js.map +1 -0
package/dist/proof/index.d.ts +4 -0
package/dist/proof/index.d.ts.map +1 -0
package/dist/proof/index.js +4 -0
package/dist/proof/index.js.map +1 -0
package/dist/proof/verifier.d.ts +108 -0
package/dist/proof/verifier.d.ts.map +1 -0
package/dist/proof/verifier.js +299 -0
package/dist/proof/verifier.js.map +1 -0
package/dist/providers/base.d.ts +64 -0
package/dist/providers/base.d.ts.map +1 -0
package/dist/providers/base.js +19 -0
package/dist/providers/base.js.map +1 -0
package/dist/providers/index.d.ts +3 -0
package/dist/providers/index.d.ts.map +1 -0
package/dist/providers/index.js +3 -0
package/dist/providers/index.js.map +1 -0
package/dist/providers/memory.d.ts +33 -0
package/dist/providers/memory.d.ts.map +1 -0
package/dist/providers/memory.js +102 -0
package/dist/providers/memory.js.map +1 -0
package/dist/session/index.d.ts +2 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +2 -0
package/dist/session/index.js.map +1 -0
package/dist/session/manager.d.ts +77 -0
package/dist/session/manager.d.ts.map +1 -0
package/dist/session/manager.js +251 -0
package/dist/session/manager.js.map +1 -0
package/dist/types/protocol.d.ts +320 -0
package/dist/types/protocol.d.ts.map +1 -0
package/dist/types/protocol.js +229 -0
package/dist/types/protocol.js.map +1 -0
package/dist/utils/base58.d.ts +31 -0
package/dist/utils/base58.d.ts.map +1 -0
package/dist/utils/base58.js +104 -0
package/dist/utils/base58.js.map +1 -0
package/dist/utils/base64.d.ts +13 -0
package/dist/utils/base64.d.ts.map +1 -0
package/dist/utils/base64.js +99 -0
package/dist/utils/base64.js.map +1 -0
package/dist/utils/crypto-service.d.ts +37 -0
package/dist/utils/crypto-service.d.ts.map +1 -0
package/dist/utils/crypto-service.js +153 -0
package/dist/utils/crypto-service.js.map +1 -0
package/dist/utils/did-helpers.d.ts +156 -0
package/dist/utils/did-helpers.d.ts.map +1 -0
package/dist/utils/did-helpers.js +193 -0
package/dist/utils/did-helpers.js.map +1 -0
package/dist/utils/ed25519-constants.d.ts +18 -0
package/dist/utils/ed25519-constants.d.ts.map +1 -0
package/dist/utils/ed25519-constants.js +21 -0
package/dist/utils/ed25519-constants.js.map +1 -0
package/dist/utils/index.d.ts +5 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +5 -0
package/dist/utils/index.js.map +1 -0
package/package.json +105 -0
package/src/__tests__/integration/full-flow.test.ts +362 -0
package/src/__tests__/providers/base.test.ts +173 -0
package/src/__tests__/providers/memory.test.ts +332 -0
package/src/__tests__/utils/mock-providers.ts +319 -0
package/src/__tests__/utils/node-crypto-provider.ts +93 -0
package/src/auth/handshake.ts +411 -0
package/src/auth/index.ts +11 -0
package/src/auth/types.ts +40 -0
package/src/delegation/__tests__/audience-validator.test.ts +110 -0
package/src/delegation/__tests__/bitstring.test.ts +346 -0
package/src/delegation/__tests__/cascading-revocation.test.ts +624 -0
package/src/delegation/__tests__/delegation-graph.test.ts +623 -0
package/src/delegation/__tests__/did-key-resolver.test.ts +265 -0
package/src/delegation/__tests__/did-web-resolver.test.ts +467 -0
package/src/delegation/__tests__/outbound-headers.test.ts +230 -0
package/src/delegation/__tests__/outbound-proof.test.ts +179 -0
package/src/delegation/__tests__/statuslist-manager.test.ts +515 -0
package/src/delegation/__tests__/utils.test.ts +185 -0
package/src/delegation/__tests__/vc-issuer.test.ts +487 -0
package/src/delegation/__tests__/vc-verifier.test.ts +1029 -0
package/src/delegation/audience-validator.ts +24 -0
package/src/delegation/bitstring.ts +160 -0
package/src/delegation/cascading-revocation.ts +224 -0
package/src/delegation/delegation-graph.ts +143 -0
package/src/delegation/did-key-resolver.ts +181 -0
package/src/delegation/did-web-resolver.ts +270 -0
package/src/delegation/index.ts +33 -0
package/src/delegation/outbound-headers.ts +193 -0
package/src/delegation/outbound-proof.ts +90 -0
package/src/delegation/statuslist-manager.ts +219 -0
package/src/delegation/storage/__tests__/memory-graph-storage.test.ts +366 -0
package/src/delegation/storage/__tests__/memory-statuslist-storage.test.ts +228 -0
package/src/delegation/storage/memory-graph-storage.ts +178 -0
package/src/delegation/storage/memory-statuslist-storage.ts +42 -0
package/src/delegation/utils.ts +189 -0
package/src/delegation/vc-issuer.ts +137 -0
package/src/delegation/vc-verifier.ts +440 -0
package/src/index.ts +264 -0
package/src/logging/__tests__/logger.test.ts +366 -0
package/src/logging/index.ts +6 -0
package/src/logging/logger.ts +91 -0
package/src/middleware/__tests__/with-mcpi.test.ts +504 -0
package/src/middleware/index.ts +16 -0
package/src/middleware/with-mcpi.ts +766 -0
package/src/proof/__tests__/proof-generator.test.ts +483 -0
package/src/proof/__tests__/verifier.test.ts +488 -0
package/src/proof/errors.ts +75 -0
package/src/proof/generator.ts +255 -0
package/src/proof/index.ts +22 -0
package/src/proof/verifier.ts +449 -0
package/src/providers/base.ts +68 -0
package/src/providers/index.ts +15 -0
package/src/providers/memory.ts +130 -0
package/src/session/__tests__/session-manager.test.ts +342 -0
package/src/session/index.ts +7 -0
package/src/session/manager.ts +332 -0
package/src/types/protocol.ts +596 -0
package/src/utils/__tests__/base58.test.ts +281 -0
package/src/utils/__tests__/base64.test.ts +239 -0
package/src/utils/__tests__/crypto-service.test.ts +530 -0
package/src/utils/__tests__/did-helpers.test.ts +156 -0
package/src/utils/base58.ts +115 -0
package/src/utils/base64.ts +116 -0
package/src/utils/crypto-service.ts +209 -0
package/src/utils/did-helpers.ts +210 -0
package/src/utils/ed25519-constants.ts +23 -0
package/src/utils/index.ts +9 -0

package/src/__tests__/providers/memory.test.ts ADDED Viewed

@@ -0,0 +1,332 @@
+/**
+ * Tests for Memory Provider Implementations
+ */
+import { describe, it, expect, beforeEach, vi, afterEach } from 'vitest';
+import {
+  MemoryStorageProvider,
+  MemoryNonceCacheProvider,
+  MemoryIdentityProvider
+} from '../../providers/memory.js';
+import { MockCryptoProvider } from '../utils/mock-providers.js';
+describe('MemoryStorageProvider', () => {
+  let provider: MemoryStorageProvider;
+  beforeEach(() => {
+    provider = new MemoryStorageProvider();
+  });
+  describe('get', () => {
+    it('should return null for non-existent keys', async () => {
+      const value = await provider.get('nonexistent');
+      expect(value).toBeNull();
+    });
+    it('should return stored values', async () => {
+      await provider.set('key1', 'value1');
+      const value = await provider.get('key1');
+      expect(value).toBe('value1');
+    });
+  });
+  describe('set', () => {
+    it('should store values', async () => {
+      await provider.set('key1', 'value1');
+      const value = await provider.get('key1');
+      expect(value).toBe('value1');
+    });
+    it('should overwrite existing values', async () => {
+      await provider.set('key1', 'value1');
+      await provider.set('key1', 'value2');
+      const value = await provider.get('key1');
+      expect(value).toBe('value2');
+    });
+    it('should handle empty string values', async () => {
+      await provider.set('key1', '');
+      const value = await provider.get('key1');
+      expect(value).toBe('');
+    });
+  });
+  describe('delete', () => {
+    it('should delete existing keys', async () => {
+      await provider.set('key1', 'value1');
+      await provider.delete('key1');
+      const value = await provider.get('key1');
+      expect(value).toBeNull();
+    });
+    it('should handle deleting non-existent keys', async () => {
+      await expect(provider.delete('nonexistent')).resolves.toBeUndefined();
+    });
+  });
+  describe('exists', () => {
+    it('should return false for non-existent keys', async () => {
+      const exists = await provider.exists('nonexistent');
+      expect(exists).toBe(false);
+    });
+    it('should return true for existing keys', async () => {
+      await provider.set('key1', 'value1');
+      const exists = await provider.exists('key1');
+      expect(exists).toBe(true);
+    });
+    it('should return true for empty string values', async () => {
+      await provider.set('key1', '');
+      const exists = await provider.exists('key1');
+      expect(exists).toBe(true);
+    });
+  });
+  describe('list', () => {
+    beforeEach(async () => {
+      await provider.set('prefix/key1', 'value1');
+      await provider.set('prefix/key2', 'value2');
+      await provider.set('other/key3', 'value3');
+      await provider.set('key4', 'value4');
+    });
+    it('should list all keys when no prefix provided', async () => {
+      const keys = await provider.list();
+      expect(keys).toHaveLength(4);
+      expect(keys).toContain('prefix/key1');
+      expect(keys).toContain('prefix/key2');
+      expect(keys).toContain('other/key3');
+      expect(keys).toContain('key4');
+    });
+    it('should filter by prefix', async () => {
+      const keys = await provider.list('prefix/');
+      expect(keys).toHaveLength(2);
+      expect(keys).toContain('prefix/key1');
+      expect(keys).toContain('prefix/key2');
+    });
+    it('should return empty array for non-matching prefix', async () => {
+      const keys = await provider.list('nonexistent/');
+      expect(keys).toHaveLength(0);
+    });
+    it('should handle empty prefix', async () => {
+      const keys = await provider.list('');
+      expect(keys).toHaveLength(4);
+    });
+  });
+});
+describe('MemoryNonceCacheProvider', () => {
+  let provider: MemoryNonceCacheProvider;
+  beforeEach(() => {
+    provider = new MemoryNonceCacheProvider();
+    vi.useFakeTimers();
+  });
+  afterEach(() => {
+    vi.useRealTimers();
+  });
+  describe('has', () => {
+    it('should return false for non-existent nonces', async () => {
+      const has = await provider.has('nonexistent');
+      expect(has).toBe(false);
+    });
+    it('should return true for valid nonces', async () => {
+      await provider.add('nonce1', 5); // 5 seconds TTL
+      const has = await provider.has('nonce1');
+      expect(has).toBe(true);
+    });
+    it('should return false for expired nonces', async () => {
+      await provider.add('nonce1', -1); // Negative TTL = expired
+      const has = await provider.has('nonce1');
+      expect(has).toBe(false);
+    });
+    it('should remove expired nonces when checking', async () => {
+      await provider.add('nonce1', -1); // Negative TTL = expired
+      await provider.has('nonce1'); // This should remove it
+      // Check internal state
+      const has = await provider.has('nonce1');
+      expect(has).toBe(false);
+    });
+  });
+  describe('add', () => {
+    it('should add nonces with expiry', async () => {
+      await provider.add('nonce1', 5); // 5 seconds TTL
+      const has = await provider.has('nonce1');
+      expect(has).toBe(true);
+    });
+    it('should overwrite existing nonces', async () => {
+      await provider.add('nonce1', 5); // 5 seconds TTL
+      await provider.add('nonce1', 10); // 10 seconds TTL
+      // Advance time by 7 seconds (between 5 and 10)
+      vi.advanceTimersByTime(7000);
+      const has = await provider.has('nonce1');
+      expect(has).toBe(true); // Should still be valid with new expiry
+    });
+  });
+  describe('cleanup', () => {
+    it('should remove expired nonces', async () => {
+      await provider.add('expired', -1); // Negative TTL = expired
+      await provider.add('valid', 5); // 5 seconds TTL
+      await provider.cleanup();
+      expect(await provider.has('expired')).toBe(false);
+      expect(await provider.has('valid')).toBe(true);
+    });
+    it('should handle empty cache', async () => {
+      await expect(provider.cleanup()).resolves.toBeUndefined();
+    });
+  });
+  describe('destroy', () => {
+    it('should clear all nonces', async () => {
+      await provider.add('nonce1', 5); // 5 seconds TTL
+      await provider.add('nonce2', 5); // 5 seconds TTL
+      await provider.destroy();
+      expect(await provider.has('nonce1')).toBe(false);
+      expect(await provider.has('nonce2')).toBe(false);
+    });
+  });
+});
+describe('MemoryIdentityProvider', () => {
+  let provider: MemoryIdentityProvider;
+  let cryptoProvider: MockCryptoProvider;
+  beforeEach(() => {
+    cryptoProvider = new MockCryptoProvider();
+    provider = new MemoryIdentityProvider(cryptoProvider);
+  });
+  describe('getIdentity', () => {
+    it('should generate identity on first call', async () => {
+      const identity = await provider.getIdentity();
+      expect(identity).toBeDefined();
+      expect(identity.did).toMatch(/^did:key:z/);
+      expect(identity.kid).toBe(`${identity.did}#keys-1`);
+      expect(identity.privateKey).toMatch(/^[A-Za-z0-9+/=]+$/); // Valid base64 string
+      expect(identity.publicKey).toMatch(/^[A-Za-z0-9+/=]+$/); // Valid base64 string
+      expect(identity.type).toBe('development');
+      expect(identity.createdAt).toBeDefined();
+    });
+    it('should return same identity on subsequent calls', async () => {
+      const identity1 = await provider.getIdentity();
+      const identity2 = await provider.getIdentity();
+      expect(identity1).toEqual(identity2);
+    });
+    it('should throw without crypto provider', async () => {
+      const providerNoCrypto = new MemoryIdentityProvider();
+      await expect(providerNoCrypto.getIdentity()).rejects.toThrow('Crypto provider required');
+    });
+  });
+  describe('saveIdentity', () => {
+    it('should save and return the saved identity', async () => {
+      const customIdentity = {
+        did: 'did:key:zcustom',
+        kid: 'did:key:zcustom#keys-1',
+        privateKey: 'custom-private',
+        publicKey: 'custom-public',
+        createdAt: new Date().toISOString(),
+        type: 'production' as const,
+        metadata: { custom: true }
+      };
+      await provider.saveIdentity(customIdentity);
+      const retrieved = await provider.getIdentity();
+      expect(retrieved).toEqual(customIdentity);
+    });
+  });
+  describe('rotateKeys', () => {
+    it('should generate new identity', async () => {
+      const oldIdentity = await provider.getIdentity();
+      // Change the mock to return different keys for rotation
+      cryptoProvider.keyPairResult = {
+        privateKey: 'cm90YXRlZC1wcml2YXRlLWtleQ==', // base64 of "rotated-private-key"
+        publicKey: 'cm90YXRlZC1wdWJsaWMta2V5', // base64 of "rotated-public-key"
+      };
+      const newIdentity = await provider.rotateKeys();
+      expect(newIdentity.did).not.toBe(oldIdentity.did);
+      expect(newIdentity.privateKey).toMatch(/^[A-Za-z0-9+/=]+$/); // Valid base64 string
+      expect(newIdentity.publicKey).toMatch(/^[A-Za-z0-9+/=]+$/); // Valid base64 string
+    });
+    it('should return new identity on subsequent calls', async () => {
+      const oldIdentity = await provider.getIdentity();
+      // Change the mock to return different keys for rotation
+      cryptoProvider.keyPairResult = {
+        privateKey: 'cm90YXRlZC1wcml2YXRlLWtleQ==',
+        publicKey: 'cm90YXRlZC1wdWJsaWMta2V5',
+      };
+      await provider.rotateKeys();
+      const currentIdentity = await provider.getIdentity();
+      expect(currentIdentity.did).not.toBe(oldIdentity.did);
+    });
+    it('should throw without crypto provider', async () => {
+      const providerNoCrypto = new MemoryIdentityProvider();
+      await expect(providerNoCrypto.rotateKeys()).rejects.toThrow('Crypto provider required');
+    });
+  });
+  describe('deleteIdentity', () => {
+    it('should delete existing identity', async () => {
+      const identity = await provider.getIdentity();
+      // Change mock keys so regenerated identity differs
+      cryptoProvider.keyPairResult = {
+        privateKey: 'ZGVsZXRlZC1wcml2YXRlLWtleQ==', // base64 of "deleted-private-key"
+        publicKey: 'ZGVsZXRlZC1wdWJsaWMta2V5', // base64 of "deleted-public-key"
+      };
+      await provider.deleteIdentity();
+      // Should generate new identity after deletion
+      const newIdentity = await provider.getIdentity();
+      expect(newIdentity.did).not.toBe(identity.did);
+    });
+    it('should handle deleting when no identity exists', async () => {
+      await expect(provider.deleteIdentity()).resolves.toBeUndefined();
+    });
+  });
+  describe('DID generation', () => {
+    it('should generate consistent DID format', async () => {
+      const identity = await provider.getIdentity();
+      expect(identity.did).toMatch(/^did:key:z[A-Za-z0-9]+$/);
+    });
+    it('should generate proper did:key DID from public key', async () => {
+      const identity = await provider.getIdentity();
+      // The DID should start with did:key:z (multibase base58btc prefix)
+      expect(identity.did).toMatch(/^did:key:z/);
+      // DID should be longer than just the prefix (base58btc encoded Ed25519 multicodec + key)
+      expect(identity.did.length).toBeGreaterThan(10);
+    });
+  });
+});

package/src/__tests__/utils/mock-providers.ts ADDED Viewed

@@ -0,0 +1,319 @@
+/**
+ * Mock Provider Implementations for Testing
+ *
+ * Provides controllable mock versions of all provider abstract classes.
+ */
+import { vi } from 'vitest';
+import {
+  CryptoProvider,
+  ClockProvider,
+  FetchProvider,
+  StorageProvider,
+  NonceCacheProvider,
+  IdentityProvider,
+  type AgentIdentity,
+} from '../../providers/base.js';
+import type { DIDDocument } from '../../delegation/vc-verifier.js';
+import type { StatusList2021Credential, DelegationRecord } from '../../types/protocol.js';
+/**
+ * Mock Crypto Provider
+ */
+export class MockCryptoProvider extends CryptoProvider {
+  public signResult = new Uint8Array([1, 2, 3, 4]);
+  public verifyResult = true;
+  public hashResult = 'sha256:mock-hash';
+  public keyPairResult = {
+    privateKey: 'bW9jay1wcml2YXRlLWtleQ==', // base64 of "mock-private-key"
+    publicKey: 'bW9jay1wdWJsaWMta2V5', // base64 of "mock-public-key"
+  };
+  async sign(_data: Uint8Array, _privateKey: string): Promise<Uint8Array> {
+    return this.signResult;
+  }
+  async verify(
+    _data: Uint8Array,
+    _signature: Uint8Array,
+    _publicKey: string
+  ): Promise<boolean> {
+    return this.verifyResult;
+  }
+  async generateKeyPair(): Promise<{ privateKey: string; publicKey: string }> {
+    return this.keyPairResult;
+  }
+  async hash(_data: Uint8Array): Promise<string> {
+    return this.hashResult;
+  }
+  async randomBytes(length: number): Promise<Uint8Array> {
+    return new Uint8Array(length).fill(42);
+  }
+}
+/**
+ * Mock Clock Provider
+ */
+export class MockClockProvider extends ClockProvider {
+  private currentTime: number = Date.now();
+  setTime(time: number): void {
+    this.currentTime = time;
+  }
+  advance(ms: number): void {
+    this.currentTime += ms;
+  }
+  now(): number {
+    return this.currentTime;
+  }
+  isWithinSkew(timestamp: number, skewSeconds: number): boolean {
+    const skewMs = skewSeconds * 1000;
+    return Math.abs(this.currentTime - timestamp) <= skewMs;
+  }
+  hasExpired(expiresAt: number): boolean {
+    return this.currentTime > expiresAt;
+  }
+  calculateExpiry(ttlSeconds: number): number {
+    return this.currentTime + ttlSeconds * 1000;
+  }
+  format(timestamp: number): string {
+    return new Date(timestamp).toISOString();
+  }
+}
+/**
+ * Mock Fetch Provider
+ */
+export class MockFetchProvider extends FetchProvider {
+  private didDocuments = new Map<string, DIDDocument>();
+  private statusLists = new Map<string, StatusList2021Credential>();
+  private delegationChains = new Map<string, DelegationRecord[]>();
+  public fetch: (url: string, options?: unknown) => Promise<Response>;
+  constructor() {
+    super();
+    this.fetch = vi.fn(
+      async (url: string, _options?: unknown): Promise<Response> => {
+        return new Response(JSON.stringify({ url }), {
+          status: 200,
+          headers: { 'Content-Type': 'application/json' },
+        });
+      }
+    ) as (url: string, options?: unknown) => Promise<Response>;
+  }
+  setDIDDocument(did: string, doc: DIDDocument): void {
+    this.didDocuments.set(did, doc);
+  }
+  setStatusList(url: string, list: StatusList2021Credential): void {
+    this.statusLists.set(url, list);
+  }
+  setDelegationChain(id: string, chain: DelegationRecord[]): void {
+    this.delegationChains.set(id, chain);
+  }
+  async resolveDID(did: string): Promise<DIDDocument | null> {
+    return this.didDocuments.get(did) ?? null;
+  }
+  async fetchStatusList(url: string): Promise<StatusList2021Credential | null> {
+    return this.statusLists.get(url) ?? null;
+  }
+  async fetchDelegationChain(id: string): Promise<DelegationRecord[]> {
+    return this.delegationChains.get(id) ?? [];
+  }
+}
+/**
+ * Mock Storage Provider
+ */
+export class MockStorageProvider extends StorageProvider {
+  private store: Map<string, string> = new Map();
+  async get(key: string): Promise<string | null> {
+    return this.store.get(key) || null;
+  }
+  async set(key: string, value: string): Promise<void> {
+    this.store.set(key, value);
+  }
+  async delete(key: string): Promise<void> {
+    this.store.delete(key);
+  }
+  async exists(key: string): Promise<boolean> {
+    return this.store.has(key);
+  }
+  async list(prefix?: string): Promise<string[]> {
+    const keys = Array.from(this.store.keys());
+    if (prefix) {
+      return keys.filter((k) => k.startsWith(prefix));
+    }
+    return keys;
+  }
+  clear(): void {
+    this.store.clear();
+  }
+}
+/**
+ * Mock Nonce Cache Provider
+ */
+export class MockNonceCacheProvider extends NonceCacheProvider {
+  private nonces: Map<string, number> = new Map();
+  public cleanupCalled = false;
+  public destroyCalled = false;
+  private clock?: ClockProvider;
+  setClock(clock: ClockProvider): void {
+    this.clock = clock;
+  }
+  async has(nonce: string, agentDid?: string): Promise<boolean> {
+    const key = agentDid ? `nonce:${agentDid}:${nonce}` : `nonce:${nonce}`;
+    const expiry = this.nonces.get(key);
+    if (!expiry) return false;
+    const now = this.clock ? this.clock.now() : Date.now();
+    if (now > expiry) {
+      this.nonces.delete(key);
+      return false;
+    }
+    return true;
+  }
+  async add(
+    nonce: string,
+    ttlSeconds: number,
+    agentDid?: string
+  ): Promise<void> {
+    const key = agentDid ? `nonce:${agentDid}:${nonce}` : `nonce:${nonce}`;
+    const now = this.clock ? this.clock.now() : Date.now();
+    const expiresAt = now + ttlSeconds * 1000;
+    this.nonces.set(key, expiresAt);
+  }
+  async cleanup(): Promise<void> {
+    this.cleanupCalled = true;
+    const now = this.clock ? this.clock.now() : Date.now();
+    for (const [nonce, expiry] of this.nonces) {
+      if (now > expiry) {
+        this.nonces.delete(nonce);
+      }
+    }
+  }
+  async destroy(): Promise<void> {
+    this.destroyCalled = true;
+    this.nonces.clear();
+  }
+  clear(): void {
+    this.nonces.clear();
+  }
+  size(): number {
+    return this.nonces.size;
+  }
+}
+/**
+ * Mock Identity Provider
+ */
+export class MockIdentityProvider extends IdentityProvider {
+  private identity?: AgentIdentity;
+  public rotateKeysCalled = false;
+  public deleteIdentityCalled = false;
+  private rotateCount = 0;
+  constructor(identity?: AgentIdentity) {
+    super();
+    this.identity = identity;
+  }
+  async getIdentity(): Promise<AgentIdentity> {
+    if (!this.identity) {
+      this.identity = {
+        did: 'did:key:zmock123',
+        kid: 'did:key:zmock123#keys-1',
+        privateKey: 'mock-private-key',
+        publicKey: 'mock-public-key',
+        createdAt: new Date().toISOString(),
+        type: 'development',
+        metadata: { mock: true },
+      };
+    }
+    return this.identity;
+  }
+  async saveIdentity(identity: AgentIdentity): Promise<void> {
+    this.identity = identity;
+  }
+  async rotateKeys(): Promise<AgentIdentity> {
+    this.rotateKeysCalled = true;
+    this.rotateCount++;
+    this.identity = {
+      did: `did:key:zmock456-${this.rotateCount}`,
+      kid: `did:key:zmock456-${this.rotateCount}#keys-1`,
+      privateKey: `mock-private-key-rotated-${this.rotateCount}`,
+      publicKey: `mock-public-key-rotated-${this.rotateCount}`,
+      createdAt: new Date().toISOString(),
+      type: 'development',
+      metadata: {
+        mock: true,
+        rotated: true,
+        rotateCount: this.rotateCount,
+      },
+    };
+    return this.identity;
+  }
+  async deleteIdentity(): Promise<void> {
+    this.deleteIdentityCalled = true;
+    this.identity = undefined;
+  }
+  setIdentity(identity: AgentIdentity): void {
+    this.identity = identity;
+  }
+}
+/**
+ * Create a full set of mock providers for testing
+ */
+export function createMockProviders() {
+  const cryptoProvider = new MockCryptoProvider();
+  const clockProvider = new MockClockProvider();
+  const fetchProvider = new MockFetchProvider();
+  const storageProvider = new MockStorageProvider();
+  const nonceCacheProvider = new MockNonceCacheProvider();
+  const identityProvider = new MockIdentityProvider();
+  nonceCacheProvider.setClock(clockProvider);
+  return {
+    cryptoProvider,
+    clockProvider,
+    fetchProvider,
+    storageProvider,
+    nonceCacheProvider,
+    identityProvider,
+  };
+}