@mcp-i/core 0.1.0

package/dist/proof/generator.d.ts

@@ -0,0 +1,65 @@
+/**
+ * Proof Generation — Platform-agnostic Protocol Reference
+ *
+ * Handles JCS canonicalization, SHA-256 digest generation, and Ed25519 JWS
+ * signing (compact format) according to MCP-I requirements 5.1, 5.2, 5.3, 5.6.
+ *
+ * This module is the authoritative proof implementation. All platform adapters
+ * (Node.js, Cloudflare Workers) inject a CryptoProvider and delegate here.
+ */
+import type { DetachedProof, SessionContext } from '../types/protocol.js';
+import type { CryptoProvider } from '../providers/base.js';
+export interface ProofAgentIdentity {
+    did: string;
+    kid: string;
+    privateKey: string;
+    publicKey: string;
+}
+export interface ToolRequest {
+    method: string;
+    params?: unknown;
+}
+export interface ToolResponse {
+    data: unknown;
+    meta?: {
+        proof?: DetachedProof;
+        [key: string]: unknown;
+    };
+}
+export interface ProofOptions {
+    scopeId?: string;
+    delegationRef?: string;
+    clientDid?: string;
+}
+export declare class ProofGenerator {
+    private identity;
+    private cryptoProvider;
+    constructor(identity: ProofAgentIdentity, cryptoProvider: CryptoProvider);
+    /**
+     * Generate a detached proof for an MCP tool call.
+     *
+     * Creates a JWS (JSON Web Signature) that binds the tool request and response
+     * to the agent's identity and current session context.
+     *
+     * @param request - The MCP tool request (method + params)
+     * @param response - The tool response data
+     * @param session - The current session context from handshake
+     * @param options - Optional proof metadata (scopeId, delegationRef, clientDid)
+     * @returns Detached proof containing JWS and proof metadata
+     * @throws {Error} If JWS generation fails (invalid key, crypto error)
+     */
+    generateProof(request: ToolRequest, response: ToolResponse, session: SessionContext, options?: ProofOptions): Promise<DetachedProof>;
+    private generateCanonicalHashes;
+    private generateSHA256Hash;
+    private canonicalizeJSON;
+    private generateJWS;
+    private formatPrivateKeyAsPEM;
+    verifyProof(proof: DetachedProof, request: ToolRequest, response: ToolResponse): Promise<boolean>;
+    private base64PublicKeyToJWK;
+}
+export declare function createProofResponse(request: ToolRequest, data: unknown, identity: ProofAgentIdentity, session: SessionContext, cryptoProvider: CryptoProvider, options?: ProofOptions): Promise<ToolResponse>;
+export declare function extractCanonicalData(request: ToolRequest, response: ToolResponse): {
+    request: unknown;
+    response: unknown;
+};
+//# sourceMappingURL=generator.d.ts.map

package/dist/proof/generator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generator.d.ts","sourceRoot":"","sources":["../../src/proof/generator.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,OAAO,KAAK,EACV,aAAa,EAGb,cAAc,EACf,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAK3D,MAAM,WAAW,kBAAkB;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,OAAO,CAAC;IACd,IAAI,CAAC,EAAE;QACL,KAAK,CAAC,EAAE,aAAa,CAAC;QACtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC;CACH;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAqB;IACrC,OAAO,CAAC,cAAc,CAAiB;gBAE3B,QAAQ,EAAE,kBAAkB,EAAE,cAAc,EAAE,cAAc;IAKxE;;;;;;;;;;;;OAYG;IACG,aAAa,CACjB,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,YAAY,EACtB,OAAO,EAAE,cAAc,EACvB,OAAO,GAAE,YAAiB,GACzB,OAAO,CAAC,aAAa,CAAC;YAoBX,uBAAuB;YAgBvB,kBAAkB;IAMhC,OAAO,CAAC,gBAAgB;YAIV,WAAW;IAuCzB,OAAO,CAAC,qBAAqB;IAqBvB,WAAW,CACf,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,YAAY,GACrB,OAAO,CAAC,OAAO,CAAC;IAuBnB,OAAO,CAAC,oBAAoB;CAc7B;AAED,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,WAAW,EACpB,IAAI,EAAE,OAAO,EACb,QAAQ,EAAE,kBAAkB,EAC5B,OAAO,EAAE,cAAc,EACvB,cAAc,EAAE,cAAc,EAC9B,OAAO,GAAE,YAAiB,GACzB,OAAO,CAAC,YAAY,CAAC,CAMvB;AAED,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,YAAY,GACrB;IACD,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,OAAO,CAAC;CACnB,CAQA"}

package/dist/proof/generator.js

@@ -0,0 +1,163 @@
+/**
+ * Proof Generation — Platform-agnostic Protocol Reference
+ *
+ * Handles JCS canonicalization, SHA-256 digest generation, and Ed25519 JWS
+ * signing (compact format) according to MCP-I requirements 5.1, 5.2, 5.3, 5.6.
+ *
+ * This module is the authoritative proof implementation. All platform adapters
+ * (Node.js, Cloudflare Workers) inject a CryptoProvider and delegate here.
+ */
+import { CompactSign, importPKCS8 } from 'jose';
+import { canonicalize } from 'json-canonicalize';
+import { CryptoService } from '../utils/crypto-service.js';
+import { base64ToBytes, base64urlEncodeFromBytes, bytesToBase64 } from '../utils/base64.js';
+import { ED25519_PKCS8_DER_HEADER, ED25519_KEY_SIZE } from '../utils/ed25519-constants.js';
+export class ProofGenerator {
+    identity;
+    cryptoProvider;
+    constructor(identity, cryptoProvider) {
+        this.identity = identity;
+        this.cryptoProvider = cryptoProvider;
+    }
+    /**
+     * Generate a detached proof for an MCP tool call.
+     *
+     * Creates a JWS (JSON Web Signature) that binds the tool request and response
+     * to the agent's identity and current session context.
+     *
+     * @param request - The MCP tool request (method + params)
+     * @param response - The tool response data
+     * @param session - The current session context from handshake
+     * @param options - Optional proof metadata (scopeId, delegationRef, clientDid)
+     * @returns Detached proof containing JWS and proof metadata
+     * @throws {Error} If JWS generation fails (invalid key, crypto error)
+     */
+    async generateProof(request, response, session, options = {}) {
+        const hashes = await this.generateCanonicalHashes(request, response);
+        const meta = {
+            did: this.identity.did,
+            kid: this.identity.kid,
+            ts: Math.floor(Date.now() / 1000),
+            nonce: session.nonce,
+            audience: session.audience,
+            sessionId: session.sessionId,
+            requestHash: hashes.requestHash,
+            responseHash: hashes.responseHash,
+            ...options,
+        };
+        const jws = await this.generateJWS(meta);
+        return { jws, meta };
+    }
+    async generateCanonicalHashes(request, response) {
+        const canonicalRequest = {
+            method: request.method,
+            ...(request.params ? { params: request.params } : {}),
+        };
+        const canonicalResponse = response.data;
+        const requestHash = await this.generateSHA256Hash(canonicalRequest);
+        const responseHash = await this.generateSHA256Hash(canonicalResponse);
+        return { requestHash, responseHash };
+    }
+    async generateSHA256Hash(data) {
+        const canonicalJson = this.canonicalizeJSON(data);
+        const encoded = new TextEncoder().encode(canonicalJson);
+        return this.cryptoProvider.hash(encoded);
+    }
+    canonicalizeJSON(obj) {
+        return canonicalize(obj);
+    }
+    async generateJWS(meta) {
+        try {
+            const privateKeyPem = this.formatPrivateKeyAsPEM(this.identity.privateKey);
+            const privateKey = await importPKCS8(privateKeyPem, 'EdDSA');
+            const payload = {
+                aud: meta.audience,
+                sub: meta.did,
+                iss: meta.did,
+                requestHash: meta.requestHash,
+                responseHash: meta.responseHash,
+                ts: meta.ts,
+                nonce: meta.nonce,
+                sessionId: meta.sessionId,
+                ...(meta.scopeId && { scopeId: meta.scopeId }),
+                ...(meta.delegationRef && { delegationRef: meta.delegationRef }),
+                ...(meta.clientDid && { clientDid: meta.clientDid }),
+            };
+            // Use canonicalized JSON (RFC 8785) for deterministic payload serialization.
+            // This ensures signature verification succeeds regardless of JSON key ordering.
+            const canonicalPayload = canonicalize(payload);
+            const payloadBytes = new TextEncoder().encode(canonicalPayload);
+            const jws = await new CompactSign(payloadBytes)
+                .setProtectedHeader({
+                alg: 'EdDSA',
+                kid: this.identity.kid,
+            })
+                .sign(privateKey);
+            return jws;
+        }
+        catch (error) {
+            throw new Error(`Failed to generate JWS: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        }
+    }
+    formatPrivateKeyAsPEM(base64PrivateKey) {
+        const keyData = base64ToBytes(base64PrivateKey);
+        // Extract raw 32-byte seed
+        const rawKey = keyData.subarray(0, ED25519_KEY_SIZE);
+        // Build full PKCS#8 key: header + raw key
+        const fullKey = new Uint8Array(ED25519_PKCS8_DER_HEADER.length + rawKey.length);
+        fullKey.set(ED25519_PKCS8_DER_HEADER);
+        fullKey.set(rawKey, ED25519_PKCS8_DER_HEADER.length);
+        const base64Key = bytesToBase64(fullKey);
+        const formattedKey = base64Key.match(/.{1,64}/g)?.join('\n') ?? base64Key;
+        return ('-----BEGIN PRIVATE KEY-----\n' +
+            formattedKey +
+            '\n-----END PRIVATE KEY-----');
+    }
+    async verifyProof(proof, request, response) {
+        try {
+            const expectedHashes = await this.generateCanonicalHashes(request, response);
+            if (proof.meta.requestHash !== expectedHashes.requestHash ||
+                proof.meta.responseHash !== expectedHashes.responseHash) {
+                return false;
+            }
+            const publicKeyJwk = this.base64PublicKeyToJWK(this.identity.publicKey);
+            const cryptoService = new CryptoService(this.cryptoProvider);
+            return cryptoService.verifyJWS(proof.jws, publicKeyJwk, {
+                expectedKid: this.identity.kid,
+                alg: 'EdDSA',
+            });
+        }
+        catch {
+            return false;
+        }
+    }
+    base64PublicKeyToJWK(publicKeyBase64) {
+        const publicKeyBytes = base64ToBytes(publicKeyBase64);
+        if (publicKeyBytes.length !== ED25519_KEY_SIZE) {
+            throw new Error(`Invalid Ed25519 public key length: ${publicKeyBytes.length}`);
+        }
+        return {
+            kty: 'OKP',
+            crv: 'Ed25519',
+            x: base64urlEncodeFromBytes(publicKeyBytes),
+            kid: this.identity.kid,
+        };
+    }
+}
+export async function createProofResponse(request, data, identity, session, cryptoProvider, options = {}) {
+    const response = { data };
+    const proofGenerator = new ProofGenerator(identity, cryptoProvider);
+    const proof = await proofGenerator.generateProof(request, response, session, options);
+    response.meta = { proof };
+    return response;
+}
+export function extractCanonicalData(request, response) {
+    return {
+        request: {
+            method: request.method,
+            ...(request.params ? { params: request.params } : {}),
+        },
+        response: response.data,
+    };
+}
+//# sourceMappingURL=generator.js.map

package/dist/proof/generator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generator.js","sourceRoot":"","sources":["../../src/proof/generator.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAQjD,OAAO,EAAE,aAAa,EAAmB,MAAM,4BAA4B,CAAC;AAC5E,OAAO,EAAE,aAAa,EAAE,wBAAwB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAC5F,OAAO,EAAE,wBAAwB,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AA4B3F,MAAM,OAAO,cAAc;IACjB,QAAQ,CAAqB;IAC7B,cAAc,CAAiB;IAEvC,YAAY,QAA4B,EAAE,cAA8B;QACtE,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;IACvC,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,aAAa,CACjB,OAAoB,EACpB,QAAsB,EACtB,OAAuB,EACvB,UAAwB,EAAE;QAE1B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAErE,MAAM,IAAI,GAAc;YACtB,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG;YACtB,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG;YACtB,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YACjC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,GAAG,OAAO;SACX,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAEzC,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACvB,CAAC;IAEO,KAAK,CAAC,uBAAuB,CACnC,OAAoB,EACpB,QAAsB;QAEtB,MAAM,gBAAgB,GAAG;YACvB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtD,CAAC;QACF,MAAM,iBAAiB,GAAG,QAAQ,CAAC,IAAI,CAAC;QAExC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,CAAC;QACpE,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,CAAC;QAEtE,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;IACvC,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAAC,IAAa;QAC5C,MAAM,aAAa,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC3C,CAAC;IAEO,gBAAgB,CAAC,GAAY;QACnC,OAAO,YAAY,CAAC,GAAyC,CAAC,CAAC;IACjE,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,IAAe;QACvC,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC3E,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAE7D,MAAM,OAAO,GAAG;gBACd,GAAG,EAAE,IAAI,CAAC,QAAQ;gBAClB,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC;gBAC9C,GAAG,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC;gBAChE,GAAG,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;aACrD,CAAC;YAEF,6EAA6E;YAC7E,gFAAgF;YAChF,MAAM,gBAAgB,GAAG,YAAY,CAAC,OAA6C,CAAC,CAAC;YACrF,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAEhE,MAAM,GAAG,GAAG,MAAM,IAAI,WAAW,CAAC,YAAY,CAAC;iBAC5C,kBAAkB,CAAC;gBAClB,GAAG,EAAE,OAAO;gBACZ,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG;aACvB,CAAC;iBACD,IAAI,CAAC,UAAU,CAAC,CAAC;YAEpB,OAAO,GAAG,CAAC;QACb,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CACb,2BAA2B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CACtF,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,qBAAqB,CAAC,gBAAwB;QACpD,MAAM,OAAO,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;QAEhD,2BAA2B;QAC3B,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC;QAErD,0CAA0C;QAC1C,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,wBAAwB,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;QAChF,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,wBAAwB,CAAC,MAAM,CAAC,CAAC;QAErD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACzC,MAAM,YAAY,GAAG,SAAS,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC;QAE1E,OAAO,CACL,+BAA+B;YAC/B,YAAY;YACZ,6BAA6B,CAC9B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,WAAW,CACf,KAAoB,EACpB,OAAoB,EACpB,QAAsB;QAEtB,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAE7E,IACE,KAAK,CAAC,IAAI,CAAC,WAAW,KAAK,cAAc,CAAC,WAAW;gBACrD,KAAK,CAAC,IAAI,CAAC,YAAY,KAAK,cAAc,CAAC,YAAY,EACvD,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YACxE,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAE7D,OAAO,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,EAAE,YAAY,EAAE;gBACtD,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG;gBAC9B,GAAG,EAAE,OAAO;aACb,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAEO,oBAAoB,CAAC,eAAuB;QAClD,MAAM,cAAc,GAAG,aAAa,CAAC,eAAe,CAAC,CAAC;QAEtD,IAAI,cAAc,CAAC,MAAM,KAAK,gBAAgB,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,sCAAsC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;QACjF,CAAC;QAED,OAAO;YACL,GAAG,EAAE,KAAK;YACV,GAAG,EAAE,SAAS;YACd,CAAC,EAAE,wBAAwB,CAAC,cAAc,CAAC;YAC3C,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG;SACvB,CAAC;IACJ,CAAC;CACF;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAoB,EACpB,IAAa,EACb,QAA4B,EAC5B,OAAuB,EACvB,cAA8B,EAC9B,UAAwB,EAAE;IAE1B,MAAM,QAAQ,GAAiB,EAAE,IAAI,EAAE,CAAC;IACxC,MAAM,cAAc,GAAG,IAAI,cAAc,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IACpE,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACtF,QAAQ,CAAC,IAAI,GAAG,EAAE,KAAK,EAAE,CAAC;IAC1B,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,OAAoB,EACpB,QAAsB;IAKtB,OAAO;QACL,OAAO,EAAE;YACP,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtD;QACD,QAAQ,EAAE,QAAQ,CAAC,IAAI;KACxB,CAAC;AACJ,CAAC"}

package/dist/proof/index.d.ts

@@ -0,0 +1,4 @@
+export { ProofGenerator, createProofResponse, extractCanonicalData, type ProofAgentIdentity, type ToolRequest, type ToolResponse, type ProofOptions, } from './generator.js';
+export { ProofVerifier, type ProofVerifierConfig, type ProofVerificationResult, } from './verifier.js';
+export { ProofVerificationError, PROOF_VERIFICATION_ERROR_CODES, createProofVerificationError, type ProofVerificationErrorCode, } from './errors.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/proof/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/proof/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,mBAAmB,EACnB,oBAAoB,EACpB,KAAK,kBAAkB,EACvB,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,YAAY,GAClB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,aAAa,EACb,KAAK,mBAAmB,EACxB,KAAK,uBAAuB,GAC7B,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,4BAA4B,EAC5B,KAAK,0BAA0B,GAChC,MAAM,aAAa,CAAC"}

package/dist/proof/index.js

@@ -0,0 +1,4 @@
+export { ProofGenerator, createProofResponse, extractCanonicalData, } from './generator.js';
+export { ProofVerifier, } from './verifier.js';
+export { ProofVerificationError, PROOF_VERIFICATION_ERROR_CODES, createProofVerificationError, } from './errors.js';
+//# sourceMappingURL=index.js.map

package/dist/proof/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/proof/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,mBAAmB,EACnB,oBAAoB,GAKrB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,aAAa,GAGd,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,4BAA4B,GAE7B,MAAM,aAAa,CAAC"}

package/dist/proof/verifier.d.ts

@@ -0,0 +1,108 @@
+/**
+ * ProofVerifier
+ *
+ * Centralized proof verification service that validates DetachedProof
+ * signatures, enforces nonce replay protection, and checks timestamp skew.
+ */
+import { type Ed25519JWK } from "../utils/crypto-service.js";
+import { CryptoProvider } from "../providers/base.js";
+import { ClockProvider } from "../providers/base.js";
+import { NonceCacheProvider } from "../providers/base.js";
+import { FetchProvider } from "../providers/base.js";
+import { type DetachedProof } from "../types/protocol.js";
+import { type ProofVerificationErrorCode } from "./errors.js";
+export interface ProofVerificationResult {
+    valid: boolean;
+    reason?: string;
+    error?: Error;
+    errorCode?: ProofVerificationErrorCode;
+    details?: Record<string, unknown>;
+}
+export interface ProofVerifierConfig {
+    cryptoProvider: CryptoProvider;
+    clockProvider: ClockProvider;
+    nonceCacheProvider: NonceCacheProvider;
+    fetchProvider: FetchProvider;
+    timestampSkewSeconds?: number;
+    nonceTtlSeconds?: number;
+}
+export declare class ProofVerifier {
+    private cryptoService;
+    private clock;
+    private nonceCache;
+    private fetch;
+    private timestampSkewSeconds;
+    private nonceTtlSeconds;
+    constructor(config: ProofVerifierConfig);
+    /**
+     * Verify a DetachedProof
+     * Automatically reconstructs canonical payload from proof.meta for signature verification
+     * @param proof - The proof to verify
+     * @param publicKeyJwk - Ed25519 public key in JWK format (from DID document)
+     * @returns Verification result
+     */
+    verifyProof(proof: DetachedProof, publicKeyJwk: Ed25519JWK): Promise<ProofVerificationResult>;
+    /**
+     * Verify proof with detached payload (for CLI/verifier compatibility)
+     * @param proof - The proof to verify
+     * @param canonicalPayload - Canonical JSON payload (for detached JWS) as string or Uint8Array
+     * @param publicKeyJwk - Ed25519 public key in JWK format
+     * @returns Verification result
+     */
+    verifyProofDetached(proof: DetachedProof, canonicalPayload: string | Uint8Array, publicKeyJwk: Ed25519JWK): Promise<ProofVerificationResult>;
+    /**
+     * Shared verification pipeline for proof verification
+     * @private
+     */
+    private runVerificationPipeline;
+    /**
+     * Handle verification errors consistently
+     * @private
+     */
+    private handleVerificationError;
+    /**
+     * Validate proof structure
+     * @private
+     */
+    private validateProofStructure;
+    /**
+     * Validate nonce replay protection
+     * @private
+     */
+    private validateNonce;
+    /**
+     * Validate timestamp skew
+     * @private
+     */
+    private validateTimestamp;
+    /**
+     * Verify JWS signature
+     * @private
+     */
+    private verifySignature;
+    /**
+     * Add nonce to cache to prevent replay (scoped to agent DID)
+     * @private
+     */
+    private addNonceToCache;
+    /**
+     * Fetch public key from DID document
+     * @param did - DID to resolve
+     * @param kid - Key ID (optional, defaults to first verification method)
+     * @returns Ed25519 JWK or null if not found
+     * @throws {ProofVerificationError} If DID resolution fails with specific error code
+     */
+    fetchPublicKeyFromDID(did: string, kid?: string): Promise<Ed25519JWK | null>;
+    /**
+     * Build canonical payload from proof meta
+     *
+     * CRITICAL: This must reconstruct the exact JWS payload structure that was originally signed.
+     * The original JWS payload uses standard JWT claims (aud, sub, iss) plus custom proof claims,
+     * NOT the proof.meta structure directly.
+     *
+     * @param meta - Proof metadata
+     * @returns Canonical JSON string matching the original JWS payload structure
+     */
+    buildCanonicalPayload(meta: DetachedProof["meta"]): string;
+}
+//# sourceMappingURL=verifier.d.ts.map

package/dist/proof/verifier.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verifier.d.ts","sourceRoot":"","sources":["../../src/proof/verifier.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAiB,KAAK,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAEL,KAAK,aAAa,EACnB,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EAGL,KAAK,0BAA0B,EAChC,MAAM,aAAa,CAAC;AAGrB,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,SAAS,CAAC,EAAE,0BAA0B,CAAC;IACvC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,mBAAmB;IAClC,cAAc,EAAE,cAAc,CAAC;IAC/B,aAAa,EAAE,aAAa,CAAC;IAC7B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,aAAa,EAAE,aAAa,CAAC;IAC7B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,qBAAa,aAAa;IACxB,OAAO,CAAC,aAAa,CAAgB;IACrC,OAAO,CAAC,KAAK,CAAgB;IAC7B,OAAO,CAAC,UAAU,CAAqB;IACvC,OAAO,CAAC,KAAK,CAAgB;IAC7B,OAAO,CAAC,oBAAoB,CAAS;IACrC,OAAO,CAAC,eAAe,CAAS;gBAEpB,MAAM,EAAE,mBAAmB;IASvC;;;;;;OAMG;IACG,WAAW,CACf,KAAK,EAAE,aAAa,EACpB,YAAY,EAAE,UAAU,GACvB,OAAO,CAAC,uBAAuB,CAAC;IAcnC;;;;;;OAMG;IACG,mBAAmB,CACvB,KAAK,EAAE,aAAa,EACpB,gBAAgB,EAAE,MAAM,GAAG,UAAU,EACrC,YAAY,EAAE,UAAU,GACvB,OAAO,CAAC,uBAAuB,CAAC;IAcnC;;;OAGG;YACW,uBAAuB;IAiDrC;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IAY/B;;;OAGG;YACW,sBAAsB;IAuBpC;;;OAGG;YACW,aAAa;IAmB3B;;;OAGG;YACW,iBAAiB;IAqB/B;;;OAGG;YACW,eAAe;IAgC7B;;;OAGG;YACW,eAAe;IAQ7B;;;;;;OAMG;IACG,qBAAqB,CACzB,GAAG,EAAE,MAAM,EACX,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAuG7B;;;;;;;;;OASG;IACH,qBAAqB,CAAC,IAAI,EAAE,aAAa,CAAC,MAAM,CAAC,GAAG,MAAM;CA0B3D"}