@metalabel/dfos-protocol 0.0.3 → 0.2.0

package/REGISTRY-API.md

@@ -1,242 +0,0 @@
-# DFOS Registry API
-
-Minimal HTTP API for chain storage, retrieval, and resolution. Any server implementing these endpoints with these semantics is a compatible DFOS registry.
-
-The protocol is transport-agnostic — chains can be exchanged through any mechanism. This API defines one standard transport binding: a REST interface for submitting chains, resolving identities and content, and retrieving operations and documents.
-
-[Protocol Specification](https://protocol.dfos.com/spec) · [OpenAPI Spec](https://github.com/metalabel/dfos/blob/main/packages/dfos-protocol/openapi.yaml) · [Reference Implementation](https://github.com/metalabel/dfos/blob/main/packages/dfos-protocol/src/registry/server.ts)
-
----
-
-## Overview
-
-The registry stores verified chains and serves resolved state. It enforces **linear chain integrity** — it accepts chains that are the same length or longer than what's stored, and rejects forks (two different operations at the same chain position).
-
-Six endpoints, two concerns:
-
-| Concern             | Endpoints                                       |
-| ------------------- | ----------------------------------------------- |
-| **Identity chains** | Submit chain, resolve identity, list operations |
-| **Content chains**  | Submit chain, resolve content, list operations  |
-| **Lookup**          | Resolve operation by CID                        |
-
-All request and response bodies are JSON (`application/json`).
-
----
-
-## Identity Endpoints
-
-### `POST /identities` — Submit or extend an identity chain
-
-Submit an ordered array of JWS tokens (genesis-first). The registry verifies the chain, derives the DID from the genesis CID, and stores it.
-
-**Request:**
-
-```json
-{
-  "chain": ["eyJhbGciOiJFZERTQSI...", "eyJhbGciOiJFZERTQSI..."]
-}
-```
-
-| Field   | Type     | Description                                                |
-| ------- | -------- | ---------------------------------------------------------- |
-| `chain` | string[] | Ordered JWS compact tokens, genesis-first. Minimum 1 item. |
-
-**Responses:**
-
-| Status | Meaning                                                    |
-| ------ | ---------------------------------------------------------- |
-| `201`  | Chain accepted (new or extended) — returns `IdentityState` |
-| `200`  | Chain already stored, no change — returns `IdentityState`  |
-| `400`  | Invalid chain (verification failed)                        |
-| `409`  | Fork conflict with stored chain                            |
-
----
-
-### `GET /identities/{did}` — Resolve current identity state
-
-Returns the current key state for a DID.
-
-**Parameters:**
-
-| Name  | In   | Pattern                              | Example                           |
-| ----- | ---- | ------------------------------------ | --------------------------------- |
-| `did` | path | `did:dfos:[2346789acdefhknrtvz]{22}` | `did:dfos:e3vvtck42d4eacdnzvtrn6` |
-
-**Response (`IdentityState`):**
-
-```json
-{
-  "did": "did:dfos:e3vvtck42d4eacdnzvtrn6",
-  "isDeleted": false,
-  "authKeys": [{ "id": "key_...", "type": "Multikey", "publicKeyMultibase": "z6Mk..." }],
-  "assertKeys": [{ "id": "key_...", "type": "Multikey", "publicKeyMultibase": "z6Mk..." }],
-  "controllerKeys": [{ "id": "key_...", "type": "Multikey", "publicKeyMultibase": "z6Mk..." }]
-}
-```
-
----
-
-### `GET /identities/{did}/operations` — List identity chain operations
-
-Returns operations newest-first, paginated.
-
-**Parameters:**
-
-| Name     | In    | Description                                                  |
-| -------- | ----- | ------------------------------------------------------------ |
-| `did`    | path  | The DID to list operations for                               |
-| `cursor` | query | Opaque pagination cursor (CID of last item on previous page) |
-| `limit`  | query | Page size, 1–100, default 25                                 |
-
-**Response (`PaginatedOperations`):**
-
-```json
-{
-  "operations": [
-    { "cid": "bafyrei...", "jwsToken": "eyJ...", "createdAt": "2026-03-07T00:01:00.000Z" },
-    { "cid": "bafyrei...", "jwsToken": "eyJ...", "createdAt": "2026-03-07T00:00:00.000Z" }
-  ],
-  "nextCursor": null
-}
-```
-
----
-
-## Content Endpoints
-
-### `POST /content` — Submit or extend a content chain
-
-Same mechanics as identity submission. The registry verifies the chain (resolving signing keys from stored identity chains), derives the content ID from the genesis CID, and stores it.
-
-**Request:** Same `{ "chain": [...] }` format as identity submission.
-
-**Responses:** Same status code semantics — `201` accepted, `200` noop, `400` invalid, `409` fork.
-
----
-
-### `GET /content/{contentId}` — Resolve current content state
-
-Returns the current state for a content chain.
-
-**Parameters:**
-
-| Name        | In   | Pattern                     | Example                  |
-| ----------- | ---- | --------------------------- | ------------------------ |
-| `contentId` | path | `[2346789acdefhknrtvz]{22}` | `67t27rzc83v7c22n9t6z7c` |
-
-**Response (`ContentState`):**
-
-```json
-{
-  "contentId": "67t27rzc83v7c22n9t6z7c",
-  "isDeleted": false,
-  "currentDocumentCID": "bafyrei...",
-  "genesisCID": "bafyrei...",
-  "headCID": "bafyrei..."
-}
-```
-
-| Field                | Description                                         |
-| -------------------- | --------------------------------------------------- |
-| `currentDocumentCID` | CID of current document, null if cleared or deleted |
-| `genesisCID`         | CID of the genesis operation                        |
-| `headCID`            | CID of the most recent operation                    |
-
----
-
-### `GET /content/{contentId}/operations` — List content chain operations
-
-Same pagination mechanics as identity operations.
-
----
-
-## Lookup Endpoints
-
-### `GET /operations/{cid}` — Resolve a single operation by CID
-
-Returns the JWS token for any operation (identity or content) by its CID.
-
-**Response:**
-
-```json
-{
-  "cid": "bafyrei...",
-  "jwsToken": "eyJ..."
-}
-```
-
----
-
-## Errors
-
-All error responses follow a standard shape:
-
-```json
-{
-  "error": "BAD_REQUEST",
-  "message": "Human-readable description"
-}
-```
-
-| Error Code    | Used By                                                    |
-| ------------- | ---------------------------------------------------------- |
-| `BAD_REQUEST` | Invalid chain, malformed request                           |
-| `NOT_FOUND`   | Identity, content, or operation not found                  |
-| `CONFLICT`    | Fork detected — submitted chain diverges from stored chain |
-
----
-
-## Chain Submission Semantics
-
-The registry enforces **linear chain extension**:
-
-- **New chain** — genesis operation not seen before → store and return `201`
-- **Extension** — submitted chain is longer than stored, shares the same prefix → replace stored chain, return `201`
-- **Noop** — submitted chain is identical to stored → return `200`
-- **Fork** — submitted chain diverges from stored chain at some operation → reject with `409`
-
-This means a registry is **eventually consistent with the longest valid chain** it receives. It does not implement consensus — if two registries receive different valid extensions, they may diverge. Fork detection is the caller's responsibility.
-
----
-
-## Authentication
-
-Registry endpoints that require authentication use **EdDSA JWTs** signed with the same Ed25519 keys from identity chains. The JWT convention is not part of the chain protocol — it's an application-layer auth mechanism for services.
-
-```json
-{
-  "alg": "EdDSA",
-  "typ": "JWT",
-  "kid": "key_ez9a874tckr3dv933d3ckd"
-}
-```
-
-```json
-{
-  "iss": "dfos",
-  "sub": "did:dfos:e3vvtck42d4eacdnzvtrn6",
-  "aud": "dfos-api",
-  "exp": 1772902800,
-  "iat": 1772899200,
-  "jti": "session_ref_example_01"
-}
-```
-
-| Field | Description                                                   |
-| ----- | ------------------------------------------------------------- |
-| `kid` | Bare key ID (not a DID URL — the `sub` claim carries the DID) |
-| `sub` | The DID of the authenticating identity                        |
-| `aud` | Target audience (e.g., `"dfos-api"`)                          |
-
-The signing mechanics are identical to operation JWS — `ed25519.sign(UTF8(base64url(header) + "." + base64url(payload)), privateKey)`. The key is resolved from the identity chain via `kid` + `sub`.
-
----
-
-## Reference Implementation
-
-A complete reference server is available in the protocol package:
-
-- [`registry/server.ts`](https://github.com/metalabel/dfos/blob/main/packages/dfos-protocol/src/registry/server.ts) — Hono-based HTTP server implementing all endpoints
-- [`registry/store.ts`](https://github.com/metalabel/dfos/blob/main/packages/dfos-protocol/src/registry/store.ts) — In-memory chain store with linear enforcement
-- [`openapi.yaml`](https://github.com/metalabel/dfos/blob/main/packages/dfos-protocol/openapi.yaml) — OpenAPI 3.1 machine-readable specification

package/dist/chunk-U6DANYPT.js

@@ -1,311 +0,0 @@
-import {
-  MultikeyPublicKey,
-  decodeMultikey,
-  verifyContentChain,
-  verifyIdentityChain
-} from "./chunk-VEBMLR37.js";
-import {
-  dagCborCanonicalEncode,
-  decodeJwsUnsafe
-} from "./chunk-ZXXP5W5N.js";
-
-// src/registry/schemas.ts
-import { z } from "zod";
-var OperationEntry = z.strictObject({
-  cid: z.string(),
-  jwsToken: z.string(),
-  createdAt: z.string()
-});
-var PaginatedOperations = z.strictObject({
-  operations: z.array(OperationEntry),
-  nextCursor: z.string().nullable()
-});
-var PaginationParams = z.object({
-  cursor: z.string().optional(),
-  limit: z.coerce.number().int().min(1).max(100).default(25)
-});
-var SubmitIdentityChainRequest = z.strictObject({
-  chain: z.array(z.string()).min(1)
-});
-var SubmitIdentityChainResponse = z.strictObject({
-  did: z.string(),
-  isDeleted: z.boolean(),
-  authKeys: z.array(MultikeyPublicKey),
-  assertKeys: z.array(MultikeyPublicKey),
-  controllerKeys: z.array(MultikeyPublicKey)
-});
-var ResolveIdentityResponse = SubmitIdentityChainResponse;
-var IdentityOperationsParams = PaginationParams;
-var IdentityOperationsResponse = PaginatedOperations;
-var SubmitContentChainRequest = z.strictObject({
-  chain: z.array(z.string()).min(1)
-});
-var SubmitContentChainResponse = z.strictObject({
-  contentId: z.string(),
-  isDeleted: z.boolean(),
-  currentDocumentCID: z.string().nullable(),
-  genesisCID: z.string(),
-  headCID: z.string()
-});
-var ResolveContentResponse = SubmitContentChainResponse;
-var ContentOperationsParams = PaginationParams;
-var ContentOperationsResponse = PaginatedOperations;
-var ResolveOperationResponse = z.strictObject({
-  cid: z.string(),
-  jwsToken: z.string()
-});
-var RegistryError = z.strictObject({
-  error: z.string(),
-  message: z.string()
-});
-
-// src/registry/server.ts
-import { Hono } from "hono";
-
-// src/registry/store.ts
-var ChainStore = class {
-  identityChains = /* @__PURE__ */ new Map();
-  contentChains = /* @__PURE__ */ new Map();
-  // --- identityChains ---
-  getIdentityChain(did) {
-    return this.identityChains.get(did);
-  }
-  /**
-   * Submit an identity chain. Returns 'accepted' | 'noop' | 'conflict'.
-   * - accepted: chain was stored or extended
-   * - noop: submitted chain is same as or prefix of stored chain
-   * - conflict: submitted chain diverges from stored chain (fork)
-   */
-  submitIdentityChain(did, operations) {
-    return this.submitChain(this.identityChains, did, operations);
-  }
-  // --- contentChains ---
-  getContentChain(contentId) {
-    return this.contentChains.get(contentId);
-  }
-  submitContentChain(contentId, operations) {
-    return this.submitChain(this.contentChains, contentId, operations);
-  }
-  // --- operations (lookup across all chains) ---
-  getOperation(cid) {
-    for (const chain of this.identityChains.values()) {
-      const op = chain.operations.find((o) => o.cid === cid);
-      if (op) return op;
-    }
-    for (const chain of this.contentChains.values()) {
-      const op = chain.operations.find((o) => o.cid === cid);
-      if (op) return op;
-    }
-    return void 0;
-  }
-  // --- shared chain submission logic ---
-  submitChain(store, id, operations) {
-    const existing = store.get(id);
-    if (!existing) {
-      store.set(id, { operations });
-      return "accepted";
-    }
-    if (operations.length <= existing.operations.length) {
-      for (let i = 0; i < operations.length; i++) {
-        if (operations[i].cid !== existing.operations[i].cid) {
-          return "conflict";
-        }
-      }
-      return "noop";
-    }
-    for (let i = 0; i < existing.operations.length; i++) {
-      if (operations[i].cid !== existing.operations[i].cid) {
-        return "conflict";
-      }
-    }
-    store.set(id, { operations });
-    return "accepted";
-  }
-};
-
-// src/registry/server.ts
-var err = (code, message) => ({
-  error: code,
-  message
-});
-var extractOperationEntries = async (chain) => {
-  const entries = [];
-  for (const jwsToken of chain) {
-    const decoded = decodeJwsUnsafe(jwsToken);
-    if (!decoded) throw new Error("invalid JWS token");
-    const payload = decoded.payload;
-    const encoded = await dagCborCanonicalEncode(payload);
-    entries.push({
-      cid: encoded.cid.toString(),
-      jwsToken,
-      createdAt: payload.createdAt ?? ""
-    });
-  }
-  return entries;
-};
-var paginate = (operations, cursor, limit) => {
-  const reversed = [...operations].reverse();
-  let startIdx = 0;
-  if (cursor) {
-    const cursorIdx = reversed.findIndex((op) => op.cid === cursor);
-    if (cursorIdx >= 0) startIdx = cursorIdx + 1;
-  }
-  const page = reversed.slice(startIdx, startIdx + limit);
-  const hasMore = startIdx + limit < reversed.length;
-  return {
-    operations: page,
-    nextCursor: hasMore ? page[page.length - 1].cid : null
-  };
-};
-var paginationParams = (c) => ({
-  cursor: c.query("cursor"),
-  limit: Math.min(Math.max(parseInt(c.query("limit") ?? "25"), 1), 100)
-});
-var createKeyResolver = (store) => async (kid) => {
-  const hashIdx = kid.indexOf("#");
-  if (hashIdx < 0) throw new Error(`invalid kid format: ${kid}`);
-  const did = kid.substring(0, hashIdx);
-  const keyId = kid.substring(hashIdx + 1);
-  const identityChain = store.getIdentityChain(did);
-  if (!identityChain) throw new Error(`identity not found: ${did}`);
-  const identity = await verifyIdentityChain({
-    didPrefix: "did:dfos",
-    log: identityChain.operations.map((o) => o.jwsToken)
-  });
-  const allKeys = [...identity.authKeys, ...identity.assertKeys, ...identity.controllerKeys];
-  const key = allKeys.find((k) => k.id === keyId);
-  if (!key) throw new Error(`key not found: ${keyId}`);
-  return decodeMultikey(key.publicKeyMultibase).keyBytes;
-};
-var createRegistryServer = (store = new ChainStore()) => {
-  const app = new Hono();
-  const resolveKey = createKeyResolver(store);
-  app.post("/identities", async (c) => {
-    const body = await c.req.json();
-    if (!body.chain || !Array.isArray(body.chain) || body.chain.length === 0) {
-      return c.json(err("BAD_REQUEST", "chain must be a non-empty array of JWS tokens"), 400);
-    }
-    let verified;
-    try {
-      verified = await verifyIdentityChain({
-        didPrefix: "did:dfos",
-        log: body.chain
-      });
-    } catch (e) {
-      return c.json(err("BAD_REQUEST", `chain verification failed: ${e.message}`), 400);
-    }
-    const operations = await extractOperationEntries(body.chain);
-    const result = store.submitIdentityChain(verified.did, operations);
-    if (result === "conflict") {
-      return c.json(err("CONFLICT", "submitted chain conflicts with stored chain"), 409);
-    }
-    return c.json(
-      {
-        did: verified.did,
-        isDeleted: verified.isDeleted,
-        authKeys: verified.authKeys,
-        assertKeys: verified.assertKeys,
-        controllerKeys: verified.controllerKeys
-      },
-      result === "accepted" ? 201 : 200
-    );
-  });
-  app.get("/identities/:did", async (c) => {
-    const did = c.req.param("did");
-    const chain = store.getIdentityChain(did);
-    if (!chain) return c.json(err("NOT_FOUND", "identity not found"), 404);
-    const verified = await verifyIdentityChain({
-      didPrefix: "did:dfos",
-      log: chain.operations.map((o) => o.jwsToken)
-    });
-    return c.json({
-      did: verified.did,
-      isDeleted: verified.isDeleted,
-      authKeys: verified.authKeys,
-      assertKeys: verified.assertKeys,
-      controllerKeys: verified.controllerKeys
-    });
-  });
-  app.get("/identities/:did/operations", (c) => {
-    const did = c.req.param("did");
-    const chain = store.getIdentityChain(did);
-    if (!chain) return c.json(err("NOT_FOUND", "identity not found"), 404);
-    const { cursor, limit } = paginationParams(c.req);
-    return c.json(paginate(chain.operations, cursor, limit));
-  });
-  app.post("/content", async (c) => {
-    const body = await c.req.json();
-    if (!body.chain || !Array.isArray(body.chain) || body.chain.length === 0) {
-      return c.json(err("BAD_REQUEST", "chain must be a non-empty array of JWS tokens"), 400);
-    }
-    const operations = await extractOperationEntries(body.chain);
-    let verified;
-    try {
-      verified = await verifyContentChain({ log: body.chain, resolveKey });
-    } catch (e) {
-      return c.json(err("BAD_REQUEST", `chain verification failed: ${e.message}`), 400);
-    }
-    const result = store.submitContentChain(verified.contentId, operations);
-    if (result === "conflict") {
-      return c.json(err("CONFLICT", "submitted chain conflicts with stored chain"), 409);
-    }
-    return c.json(
-      {
-        contentId: verified.contentId,
-        isDeleted: verified.isDeleted,
-        currentDocumentCID: verified.currentDocumentCID,
-        genesisCID: verified.genesisCID,
-        headCID: verified.headCID
-      },
-      result === "accepted" ? 201 : 200
-    );
-  });
-  app.get("/content/:contentId", (c) => {
-    const contentId = c.req.param("contentId");
-    const chain = store.getContentChain(contentId);
-    if (!chain) return c.json(err("NOT_FOUND", "content not found"), 404);
-    const genesis = chain.operations[0];
-    const head = chain.operations[chain.operations.length - 1];
-    const headDecoded = decodeJwsUnsafe(head.jwsToken);
-    const headPayload = headDecoded?.payload;
-    const headType = headPayload?.type;
-    return c.json({
-      contentId,
-      isDeleted: headType === "delete",
-      currentDocumentCID: headType === "delete" ? null : headPayload?.documentCID ?? null,
-      genesisCID: genesis.cid,
-      headCID: head.cid
-    });
-  });
-  app.get("/content/:contentId/operations", (c) => {
-    const contentId = c.req.param("contentId");
-    const chain = store.getContentChain(contentId);
-    if (!chain) return c.json(err("NOT_FOUND", "content not found"), 404);
-    const { cursor, limit } = paginationParams(c.req);
-    return c.json(paginate(chain.operations, cursor, limit));
-  });
-  app.get("/operations/:cid", (c) => {
-    const cid = c.req.param("cid");
-    const op = store.getOperation(cid);
-    if (!op) return c.json(err("NOT_FOUND", "operation not found"), 404);
-    return c.json({ cid: op.cid, jwsToken: op.jwsToken });
-  });
-  return { app, store };
-};
-
-export {
-  SubmitIdentityChainRequest,
-  SubmitIdentityChainResponse,
-  ResolveIdentityResponse,
-  IdentityOperationsParams,
-  IdentityOperationsResponse,
-  SubmitContentChainRequest,
-  SubmitContentChainResponse,
-  ResolveContentResponse,
-  ContentOperationsParams,
-  ContentOperationsResponse,
-  ResolveOperationResponse,
-  RegistryError,
-  ChainStore,
-  createRegistryServer
-};

package/dist/registry/index.d.ts

@@ -1,143 +0,0 @@
-import { z } from 'zod';
-import * as hono_types from 'hono/types';
-import { Hono } from 'hono';
-
-declare const OperationEntry: z.ZodObject<{
-    cid: z.ZodString;
-    jwsToken: z.ZodString;
-    createdAt: z.ZodString;
-}, z.core.$strict>;
-type OperationEntry = z.infer<typeof OperationEntry>;
-declare const PaginationParams: z.ZodObject<{
-    cursor: z.ZodOptional<z.ZodString>;
-    limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
-}, z.core.$strip>;
-type PaginationParams = z.infer<typeof PaginationParams>;
-declare const SubmitIdentityChainRequest: z.ZodObject<{
-    chain: z.ZodArray<z.ZodString>;
-}, z.core.$strict>;
-type SubmitIdentityChainRequest = z.infer<typeof SubmitIdentityChainRequest>;
-declare const SubmitIdentityChainResponse: z.ZodObject<{
-    did: z.ZodString;
-    isDeleted: z.ZodBoolean;
-    authKeys: z.ZodArray<z.ZodObject<{
-        id: z.ZodString;
-        type: z.ZodLiteral<"Multikey">;
-        publicKeyMultibase: z.ZodString;
-    }, z.core.$strict>>;
-    assertKeys: z.ZodArray<z.ZodObject<{
-        id: z.ZodString;
-        type: z.ZodLiteral<"Multikey">;
-        publicKeyMultibase: z.ZodString;
-    }, z.core.$strict>>;
-    controllerKeys: z.ZodArray<z.ZodObject<{
-        id: z.ZodString;
-        type: z.ZodLiteral<"Multikey">;
-        publicKeyMultibase: z.ZodString;
-    }, z.core.$strict>>;
-}, z.core.$strict>;
-type SubmitIdentityChainResponse = z.infer<typeof SubmitIdentityChainResponse>;
-declare const ResolveIdentityResponse: z.ZodObject<{
-    did: z.ZodString;
-    isDeleted: z.ZodBoolean;
-    authKeys: z.ZodArray<z.ZodObject<{
-        id: z.ZodString;
-        type: z.ZodLiteral<"Multikey">;
-        publicKeyMultibase: z.ZodString;
-    }, z.core.$strict>>;
-    assertKeys: z.ZodArray<z.ZodObject<{
-        id: z.ZodString;
-        type: z.ZodLiteral<"Multikey">;
-        publicKeyMultibase: z.ZodString;
-    }, z.core.$strict>>;
-    controllerKeys: z.ZodArray<z.ZodObject<{
-        id: z.ZodString;
-        type: z.ZodLiteral<"Multikey">;
-        publicKeyMultibase: z.ZodString;
-    }, z.core.$strict>>;
-}, z.core.$strict>;
-type ResolveIdentityResponse = SubmitIdentityChainResponse;
-declare const IdentityOperationsParams: z.ZodObject<{
-    cursor: z.ZodOptional<z.ZodString>;
-    limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
-}, z.core.$strip>;
-declare const IdentityOperationsResponse: z.ZodObject<{
-    operations: z.ZodArray<z.ZodObject<{
-        cid: z.ZodString;
-        jwsToken: z.ZodString;
-        createdAt: z.ZodString;
-    }, z.core.$strict>>;
-    nextCursor: z.ZodNullable<z.ZodString>;
-}, z.core.$strict>;
-type IdentityOperationsResponse = z.infer<typeof IdentityOperationsResponse>;
-declare const SubmitContentChainRequest: z.ZodObject<{
-    chain: z.ZodArray<z.ZodString>;
-}, z.core.$strict>;
-type SubmitContentChainRequest = z.infer<typeof SubmitContentChainRequest>;
-declare const SubmitContentChainResponse: z.ZodObject<{
-    contentId: z.ZodString;
-    isDeleted: z.ZodBoolean;
-    currentDocumentCID: z.ZodNullable<z.ZodString>;
-    genesisCID: z.ZodString;
-    headCID: z.ZodString;
-}, z.core.$strict>;
-type SubmitContentChainResponse = z.infer<typeof SubmitContentChainResponse>;
-declare const ResolveContentResponse: z.ZodObject<{
-    contentId: z.ZodString;
-    isDeleted: z.ZodBoolean;
-    currentDocumentCID: z.ZodNullable<z.ZodString>;
-    genesisCID: z.ZodString;
-    headCID: z.ZodString;
-}, z.core.$strict>;
-type ResolveContentResponse = SubmitContentChainResponse;
-declare const ContentOperationsParams: z.ZodObject<{
-    cursor: z.ZodOptional<z.ZodString>;
-    limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
-}, z.core.$strip>;
-declare const ContentOperationsResponse: z.ZodObject<{
-    operations: z.ZodArray<z.ZodObject<{
-        cid: z.ZodString;
-        jwsToken: z.ZodString;
-        createdAt: z.ZodString;
-    }, z.core.$strict>>;
-    nextCursor: z.ZodNullable<z.ZodString>;
-}, z.core.$strict>;
-type ContentOperationsResponse = z.infer<typeof ContentOperationsResponse>;
-declare const ResolveOperationResponse: z.ZodObject<{
-    cid: z.ZodString;
-    jwsToken: z.ZodString;
-}, z.core.$strict>;
-type ResolveOperationResponse = z.infer<typeof ResolveOperationResponse>;
-declare const RegistryError: z.ZodObject<{
-    error: z.ZodString;
-    message: z.ZodString;
-}, z.core.$strict>;
-type RegistryError = z.infer<typeof RegistryError>;
-
-interface StoredChain {
-    /** Ordered array of operations, genesis first */
-    operations: OperationEntry[];
-}
-declare class ChainStore {
-    private identityChains;
-    private contentChains;
-    getIdentityChain(did: string): StoredChain | undefined;
-    /**
-     * Submit an identity chain. Returns 'accepted' | 'noop' | 'conflict'.
-     * - accepted: chain was stored or extended
-     * - noop: submitted chain is same as or prefix of stored chain
-     * - conflict: submitted chain diverges from stored chain (fork)
-     */
-    submitIdentityChain(did: string, operations: OperationEntry[]): 'accepted' | 'noop' | 'conflict';
-    getContentChain(contentId: string): StoredChain | undefined;
-    submitContentChain(contentId: string, operations: OperationEntry[]): 'accepted' | 'noop' | 'conflict';
-    getOperation(cid: string): OperationEntry | undefined;
-    private submitChain;
-}
-
-declare const createRegistryServer: (store?: ChainStore) => {
-    app: Hono<hono_types.BlankEnv, hono_types.BlankSchema, "/">;
-    store: ChainStore;
-};
-
-export { ChainStore, ContentOperationsParams, ContentOperationsResponse, IdentityOperationsParams, IdentityOperationsResponse, OperationEntry, PaginationParams, RegistryError, ResolveContentResponse, ResolveIdentityResponse, ResolveOperationResponse, type StoredChain, SubmitContentChainRequest, SubmitContentChainResponse, SubmitIdentityChainRequest, SubmitIdentityChainResponse, createRegistryServer };