@mneme-ai/core 2.17.0 → 2.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent_manifest.d.ts +1 -1
- package/dist/agent_manifest.d.ts.map +1 -1
- package/dist/agent_manifest.js +14 -1
- package/dist/agent_manifest.js.map +1 -1
- package/dist/arena/arena.test.d.ts +2 -0
- package/dist/arena/arena.test.d.ts.map +1 -0
- package/dist/arena/arena.test.js +107 -0
- package/dist/arena/arena.test.js.map +1 -0
- package/dist/arena/index.d.ts +114 -0
- package/dist/arena/index.d.ts.map +1 -0
- package/dist/arena/index.js +158 -0
- package/dist/arena/index.js.map +1 -0
- package/dist/cosmic/aurelian_v218.test.d.ts +2 -0
- package/dist/cosmic/aurelian_v218.test.d.ts.map +1 -0
- package/dist/cosmic/aurelian_v218.test.js +68 -0
- package/dist/cosmic/aurelian_v218.test.js.map +1 -0
- package/dist/index.d.ts +4 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +9 -0
- package/dist/index.js.map +1 -1
- package/dist/jackpot/index.d.ts +36 -0
- package/dist/jackpot/index.d.ts.map +1 -1
- package/dist/jackpot/index.js +59 -0
- package/dist/jackpot/index.js.map +1 -1
- package/dist/nexus_proactive/index.d.ts +134 -0
- package/dist/nexus_proactive/index.d.ts.map +1 -0
- package/dist/nexus_proactive/index.js +277 -0
- package/dist/nexus_proactive/index.js.map +1 -0
- package/dist/nexus_proactive/nexus_proactive.test.d.ts +2 -0
- package/dist/nexus_proactive/nexus_proactive.test.d.ts.map +1 -0
- package/dist/nexus_proactive/nexus_proactive.test.js +135 -0
- package/dist/nexus_proactive/nexus_proactive.test.js.map +1 -0
- package/dist/oracle_liability/index.d.ts +122 -0
- package/dist/oracle_liability/index.d.ts.map +1 -0
- package/dist/oracle_liability/index.js +203 -0
- package/dist/oracle_liability/index.js.map +1 -0
- package/dist/oracle_liability/oracle_liability.test.d.ts +2 -0
- package/dist/oracle_liability/oracle_liability.test.d.ts.map +1 -0
- package/dist/oracle_liability/oracle_liability.test.js +186 -0
- package/dist/oracle_liability/oracle_liability.test.js.map +1 -0
- package/dist/verified_badge/index.d.ts +78 -0
- package/dist/verified_badge/index.d.ts.map +1 -0
- package/dist/verified_badge/index.js +131 -0
- package/dist/verified_badge/index.js.map +1 -0
- package/dist/verified_badge/verified_badge.test.d.ts +2 -0
- package/dist/verified_badge/verified_badge.test.d.ts.map +1 -0
- package/dist/verified_badge/verified_badge.test.js +88 -0
- package/dist/verified_badge/verified_badge.test.js.map +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1,203 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* v2.18.0 — MNEME ORACLE (the AI you can't sue Mneme for)
|
|
3
|
+
*
|
|
4
|
+
* "Mneme issues a signed liability certificate for any AI-proposed
|
|
5
|
+
* change that passes AURELIAN AUDIT + SOUL gate + BUG PROPHET (risk
|
|
6
|
+
* < 0.20). The certificate caps Mneme's liability at the published
|
|
7
|
+
* coverage tier; corporates pay annual premium for higher tiers.
|
|
8
|
+
* Insurance + AI provenance in one primitive."
|
|
9
|
+
*
|
|
10
|
+
* Honest scope (what ORACLE IS):
|
|
11
|
+
* 1. assessRisk — pure-function risk calculation over a proposed change
|
|
12
|
+
* 2. issueCertificate — HMAC-signed liability certificate with cap +
|
|
13
|
+
* conditions + per-incident max
|
|
14
|
+
* 3. verifyClaim — given an incident, does the certificate apply? what's
|
|
15
|
+
* the payout?
|
|
16
|
+
* 4. tierPremium — annual premium calculator (defensible reference table)
|
|
17
|
+
*
|
|
18
|
+
* Honest scope (what ORACLE IS NOT):
|
|
19
|
+
* - Not real insurance — Mneme is not an insurance carrier; the data
|
|
20
|
+
* contract is what real insurers (Lloyd's syndicates, Munich Re) use
|
|
21
|
+
* to underwrite policies. ORACLE is the *trust primitive* that makes
|
|
22
|
+
* AI insurance pricing feasible.
|
|
23
|
+
* - Not a legal opinion. Real underwriting requires actuarial review.
|
|
24
|
+
* - Not unlimited — every certificate has a cap. Cheap tiers cap low.
|
|
25
|
+
*
|
|
26
|
+
* Composes onto v2.13 AURELIAN + v2.14 SOUL + v2.15.1 BUG PROPHET.
|
|
27
|
+
* Pure orchestrator + signed receipt.
|
|
28
|
+
*/
|
|
29
|
+
import { createHmac, timingSafeEqual } from "node:crypto";
|
|
30
|
+
const PROTOCOL_VERSION = 1;
|
|
31
|
+
export function assessRisk(input) {
|
|
32
|
+
const reasons = [];
|
|
33
|
+
// Start with prophet risk if available; otherwise default skeptical 0.5
|
|
34
|
+
let risk = input.bugProphetRisk ?? 0.5;
|
|
35
|
+
if (input.bugProphetRisk !== undefined)
|
|
36
|
+
reasons.push(`BUG PROPHET risk: ${(input.bugProphetRisk * 100).toFixed(0)}%`);
|
|
37
|
+
// SOUL verdict has hard impact
|
|
38
|
+
if (input.soulVerdict === "BLOCK") {
|
|
39
|
+
risk = Math.max(risk, 0.85);
|
|
40
|
+
reasons.push("PROJECT SOUL verdict: BLOCK");
|
|
41
|
+
}
|
|
42
|
+
else if (input.soulVerdict === "WARN") {
|
|
43
|
+
risk += 0.10;
|
|
44
|
+
reasons.push("PROJECT SOUL verdict: WARN (+0.10)");
|
|
45
|
+
}
|
|
46
|
+
else if (input.soulVerdict === "PASS") {
|
|
47
|
+
risk -= 0.05;
|
|
48
|
+
reasons.push("PROJECT SOUL verdict: PASS (-0.05)");
|
|
49
|
+
}
|
|
50
|
+
// AURELIAN: high composite reduces risk (well-graded change)
|
|
51
|
+
if (input.aurelianComposite !== undefined) {
|
|
52
|
+
const adj = (50 - input.aurelianComposite) / 200; // 80→-0.15, 50→0, 20→+0.15
|
|
53
|
+
risk += adj;
|
|
54
|
+
reasons.push(`AURELIAN composite ${input.aurelianComposite} → adj ${adj >= 0 ? "+" : ""}${adj.toFixed(2)}`);
|
|
55
|
+
}
|
|
56
|
+
// Vendor trust adjustment
|
|
57
|
+
if (input.vendorFalseRateLB !== undefined && input.vendorFalseRateLB > 0.1) {
|
|
58
|
+
risk += input.vendorFalseRateLB * 0.5;
|
|
59
|
+
reasons.push(`Vendor falseRateLB ${input.vendorFalseRateLB} adds ${(input.vendorFalseRateLB * 0.5).toFixed(3)}`);
|
|
60
|
+
}
|
|
61
|
+
// Category multipliers
|
|
62
|
+
const catMult = {
|
|
63
|
+
code: 1.0, config: 1.1, deploy: 1.2,
|
|
64
|
+
data: 1.4, financial: 1.6, infra: 1.3, other: 1.0,
|
|
65
|
+
};
|
|
66
|
+
if (input.category) {
|
|
67
|
+
const m = catMult[input.category];
|
|
68
|
+
risk *= m;
|
|
69
|
+
if (m !== 1)
|
|
70
|
+
reasons.push(`Category ${input.category} multiplier ${m.toFixed(1)}×`);
|
|
71
|
+
}
|
|
72
|
+
risk = Math.max(0.01, Math.min(0.99, risk));
|
|
73
|
+
let band;
|
|
74
|
+
if (risk < 0.10)
|
|
75
|
+
band = "very_low";
|
|
76
|
+
else if (risk < 0.25)
|
|
77
|
+
band = "low";
|
|
78
|
+
else if (risk < 0.50)
|
|
79
|
+
band = "medium";
|
|
80
|
+
else if (risk < 0.75)
|
|
81
|
+
band = "high";
|
|
82
|
+
else
|
|
83
|
+
band = "very_high";
|
|
84
|
+
// Insurable rule: risk must be < 0.50 AND SOUL must not be BLOCK
|
|
85
|
+
const insurable = risk < 0.50 && input.soulVerdict !== "BLOCK";
|
|
86
|
+
return {
|
|
87
|
+
riskScore: Math.round(risk * 1000) / 1000,
|
|
88
|
+
band, reasons, insurable,
|
|
89
|
+
};
|
|
90
|
+
}
|
|
91
|
+
const TIER_LIMITS = {
|
|
92
|
+
starter: { perIncident: 1_000, annualAggregate: 10_000, annualPremium: 1_200 },
|
|
93
|
+
team: { perIncident: 10_000, annualAggregate: 100_000, annualPremium: 8_400 },
|
|
94
|
+
business: { perIncident: 100_000, annualAggregate: 1_000_000, annualPremium: 60_000 },
|
|
95
|
+
enterprise: { perIncident: 1_000_000, annualAggregate: 10_000_000, annualPremium: 480_000 },
|
|
96
|
+
sovereign: { perIncident: 10_000_000, annualAggregate: 100_000_000, annualPremium: 3_600_000 },
|
|
97
|
+
};
|
|
98
|
+
function canon(v) {
|
|
99
|
+
if (v === null || typeof v !== "object")
|
|
100
|
+
return JSON.stringify(v);
|
|
101
|
+
if (Array.isArray(v))
|
|
102
|
+
return "[" + v.map(canon).join(",") + "]";
|
|
103
|
+
const keys = Object.keys(v).sort();
|
|
104
|
+
return "{" + keys.map((k) => JSON.stringify(k) + ":" + canon(v[k])).join(",") + "}";
|
|
105
|
+
}
|
|
106
|
+
function defaultSecret() {
|
|
107
|
+
return process.env["MNEME_ORACLE_SECRET"] || `mneme-oracle-liability-v${PROTOCOL_VERSION}`;
|
|
108
|
+
}
|
|
109
|
+
export function issueCertificate(input) {
|
|
110
|
+
const risk = assessRisk(input.change);
|
|
111
|
+
if (!risk.insurable) {
|
|
112
|
+
return { issued: null, reason: `not insurable: risk ${risk.riskScore} band=${risk.band}; reasons: ${risk.reasons.join("; ")}` };
|
|
113
|
+
}
|
|
114
|
+
const limits = TIER_LIMITS[input.tier];
|
|
115
|
+
const issuedAt = input.issuedAt ?? new Date().toISOString();
|
|
116
|
+
const validityDays = input.validityDays ?? 30;
|
|
117
|
+
const validUntil = new Date(Date.parse(issuedAt) + validityDays * 24 * 60 * 60 * 1000).toISOString();
|
|
118
|
+
const certId = "lc-" + createHmac("sha256", "mneme-oracle-certid").update(`${input.subscriber}|${issuedAt}|${input.change.description}`).digest("hex").slice(0, 14);
|
|
119
|
+
const conditions = [
|
|
120
|
+
"Cert is void if PROJECT SOUL is mutated after issuance to remove a rule that would have BLOCKed this change.",
|
|
121
|
+
"Cert is void if AI vendor used differs from the one whose falseRateLB underpinned the risk score.",
|
|
122
|
+
"Cert is void if the change is shipped after validUntil.",
|
|
123
|
+
"Per-incident payout requires Mneme-signed AURELIAN audit of the incident.",
|
|
124
|
+
"Aggregate cap is shared across ALL certificates issued to the subscriber in the policy year.",
|
|
125
|
+
];
|
|
126
|
+
const body = {
|
|
127
|
+
v: PROTOCOL_VERSION,
|
|
128
|
+
certId,
|
|
129
|
+
subscriber: input.subscriber,
|
|
130
|
+
tier: input.tier,
|
|
131
|
+
perIncidentCapUsd: limits.perIncident,
|
|
132
|
+
annualAggregateCapUsd: limits.annualAggregate,
|
|
133
|
+
risk,
|
|
134
|
+
issuedAt,
|
|
135
|
+
validUntil,
|
|
136
|
+
conditions,
|
|
137
|
+
};
|
|
138
|
+
const sig = createHmac("sha256", input.secret ?? defaultSecret()).update(canon(body)).digest("hex");
|
|
139
|
+
return { issued: { ...body, sig } };
|
|
140
|
+
}
|
|
141
|
+
export function verifyCertificate(cert, secret) {
|
|
142
|
+
const { sig: claimed, ...body } = cert;
|
|
143
|
+
const expected = createHmac("sha256", secret ?? defaultSecret()).update(canon(body)).digest("hex");
|
|
144
|
+
let okSig = false;
|
|
145
|
+
try {
|
|
146
|
+
okSig = timingSafeEqual(Buffer.from(expected, "hex"), Buffer.from(claimed, "hex"));
|
|
147
|
+
}
|
|
148
|
+
catch {
|
|
149
|
+
okSig = false;
|
|
150
|
+
}
|
|
151
|
+
if (!okSig)
|
|
152
|
+
return { ok: false, expired: false, reason: "cert sig mismatch — forged or wrong key" };
|
|
153
|
+
const expired = Date.now() > Date.parse(cert.validUntil);
|
|
154
|
+
if (expired)
|
|
155
|
+
return { ok: false, expired: true, reason: "cert expired" };
|
|
156
|
+
return { ok: true, expired: false };
|
|
157
|
+
}
|
|
158
|
+
export function decideClaim(input) {
|
|
159
|
+
const reasons = [];
|
|
160
|
+
let payoutUsd = 0;
|
|
161
|
+
let decision = "denied";
|
|
162
|
+
// Verify cert first
|
|
163
|
+
const v = verifyCertificate(input.cert, input.secret);
|
|
164
|
+
if (!v.ok) {
|
|
165
|
+
reasons.push(`certificate failed verification: ${v.reason}`);
|
|
166
|
+
}
|
|
167
|
+
else if (input.conditionsBreached && input.conditionsBreached.length > 0) {
|
|
168
|
+
reasons.push(`conditions breached: ${input.conditionsBreached.join("; ")}`);
|
|
169
|
+
}
|
|
170
|
+
else {
|
|
171
|
+
// Eligible — compute payout
|
|
172
|
+
const perIncidentMax = input.cert.perIncidentCapUsd;
|
|
173
|
+
const aggregateRemaining = input.cert.annualAggregateCapUsd - (input.aggregatePaidYtdUsd ?? 0);
|
|
174
|
+
const eligible = Math.min(input.estimatedLossUsd, perIncidentMax, Math.max(0, aggregateRemaining));
|
|
175
|
+
payoutUsd = eligible;
|
|
176
|
+
if (eligible >= input.estimatedLossUsd) {
|
|
177
|
+
decision = "approved";
|
|
178
|
+
reasons.push(`approved at full estimated loss; per-incident cap not hit; aggregate remaining ${aggregateRemaining}.`);
|
|
179
|
+
}
|
|
180
|
+
else if (eligible > 0) {
|
|
181
|
+
decision = "partial";
|
|
182
|
+
reasons.push(`partial: estimated loss ${input.estimatedLossUsd} exceeds per-incident cap ${perIncidentMax} or aggregate remaining ${aggregateRemaining}.`);
|
|
183
|
+
}
|
|
184
|
+
else {
|
|
185
|
+
decision = "denied";
|
|
186
|
+
reasons.push(`aggregate cap exhausted for the policy year.`);
|
|
187
|
+
}
|
|
188
|
+
}
|
|
189
|
+
const decidedAt = new Date().toISOString();
|
|
190
|
+
const body = {
|
|
191
|
+
v: PROTOCOL_VERSION,
|
|
192
|
+
certId: input.cert.certId, decision, payoutUsd, reasons, decidedAt,
|
|
193
|
+
};
|
|
194
|
+
const sig = createHmac("sha256", input.secret ?? defaultSecret()).update(canon(body)).digest("hex");
|
|
195
|
+
return { ...body, sig };
|
|
196
|
+
}
|
|
197
|
+
export function tierPremiumUsd(tier) {
|
|
198
|
+
return TIER_LIMITS[tier].annualPremium;
|
|
199
|
+
}
|
|
200
|
+
export function formatOracleLine(c) {
|
|
201
|
+
return `ORACLE 🔬 · ${c.subscriber} · ${c.tier} · cap=$${c.perIncidentCapUsd.toLocaleString()}/incident · expires ${c.validUntil.slice(0, 10)}`;
|
|
202
|
+
}
|
|
203
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/oracle_liability/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE1D,MAAM,gBAAgB,GAAG,CAAU,CAAC;AA8BpC,MAAM,UAAU,UAAU,CAAC,KAAgB;IACzC,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,wEAAwE;IACxE,IAAI,IAAI,GAAG,KAAK,CAAC,cAAc,IAAI,GAAG,CAAC;IACvC,IAAI,KAAK,CAAC,cAAc,KAAK,SAAS;QAAE,OAAO,CAAC,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAEtH,+BAA+B;IAC/B,IAAI,KAAK,CAAC,WAAW,KAAK,OAAO,EAAE,CAAC;QAClC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC5B,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAC9C,CAAC;SAAM,IAAI,KAAK,CAAC,WAAW,KAAK,MAAM,EAAE,CAAC;QACxC,IAAI,IAAI,IAAI,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;IACrD,CAAC;SAAM,IAAI,KAAK,CAAC,WAAW,KAAK,MAAM,EAAE,CAAC;QACxC,IAAI,IAAI,IAAI,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;IACrD,CAAC;IAED,6DAA6D;IAC7D,IAAI,KAAK,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,CAAC,EAAE,GAAG,KAAK,CAAC,iBAAiB,CAAC,GAAG,GAAG,CAAC,CAAC,2BAA2B;QAC7E,IAAI,IAAI,GAAG,CAAC;QACZ,OAAO,CAAC,IAAI,CAAC,sBAAsB,KAAK,CAAC,iBAAiB,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC9G,CAAC;IAED,0BAA0B;IAC1B,IAAI,KAAK,CAAC,iBAAiB,KAAK,SAAS,IAAI,KAAK,CAAC,iBAAiB,GAAG,GAAG,EAAE,CAAC;QAC3E,IAAI,IAAI,KAAK,CAAC,iBAAiB,GAAG,GAAG,CAAC;QACtC,OAAO,CAAC,IAAI,CAAC,sBAAsB,KAAK,CAAC,iBAAiB,SAAS,CAAC,KAAK,CAAC,iBAAiB,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACnH,CAAC;IAED,uBAAuB;IACvB,MAAM,OAAO,GAAuD;QAClE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG;QACnC,IAAI,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG;KAClD,CAAC;IACF,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QACnB,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,IAAI,CAAC,CAAC;QACV,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,YAAY,KAAK,CAAC,QAAQ,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACtF,CAAC;IAED,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;IAE5C,IAAI,IAA4B,CAAC;IACjC,IAAI,IAAI,GAAG,IAAI;QAAE,IAAI,GAAG,UAAU,CAAC;SAC9B,IAAI,IAAI,GAAG,IAAI;QAAE,IAAI,GAAG,KAAK,CAAC;SAC9B,IAAI,IAAI,GAAG,IAAI;QAAE,IAAI,GAAG,QAAQ,CAAC;SACjC,IAAI,IAAI,GAAG,IAAI;QAAE,IAAI,GAAG,MAAM,CAAC;;QAC/B,IAAI,GAAG,WAAW,CAAC;IAExB,iEAAiE;IACjE,MAAM,SAAS,GAAG,IAAI,GAAG,IAAI,IAAI,KAAK,CAAC,WAAW,KAAK,OAAO,CAAC;IAE/D,OAAO;QACL,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,IAAI;QACzC,IAAI,EAAE,OAAO,EAAE,SAAS;KACzB,CAAC;AACJ,CAAC;AAoCD,MAAM,WAAW,GAAkG;IACjH,OAAO,EAAK,EAAE,WAAW,EAAK,KAAK,EAAE,eAAe,EAAK,MAAM,EAAE,aAAa,EAAI,KAAK,EAAE;IACzF,IAAI,EAAQ,EAAE,WAAW,EAAI,MAAM,EAAE,eAAe,EAAI,OAAO,EAAE,aAAa,EAAI,KAAK,EAAE;IACzF,QAAQ,EAAI,EAAE,WAAW,EAAG,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,aAAa,EAAG,MAAM,EAAE;IACzF,UAAU,EAAE,EAAE,WAAW,EAAE,SAAS,EAAE,eAAe,EAAC,UAAU,EAAE,aAAa,EAAE,OAAO,EAAE;IAC1F,SAAS,EAAG,EAAE,WAAW,EAAC,UAAU,EAAE,eAAe,EAAC,WAAW,EAAC,aAAa,EAAC,SAAS,EAAE;CAC5F,CAAC;AAEF,SAAS,KAAK,CAAC,CAAU;IACvB,IAAI,CAAC,KAAK,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAClE,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,OAAO,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;IAChE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAA4B,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9D,OAAO,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,KAAK,CAAE,CAA6B,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;AACnH,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,2BAA2B,gBAAgB,EAAE,CAAC;AAC7F,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,KAAuB;IACtD,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACtC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;QACpB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,IAAI,CAAC,SAAS,SAAS,IAAI,CAAC,IAAI,cAAc,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;IAClI,CAAC;IACD,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC5D,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,EAAE,CAAC;IAC9C,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,YAAY,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;IACrG,MAAM,MAAM,GAAG,KAAK,GAAG,UAAU,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,IAAI,QAAQ,IAAI,KAAK,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACpK,MAAM,UAAU,GAAG;QACjB,8GAA8G;QAC9G,mGAAmG;QACnG,yDAAyD;QACzD,2EAA2E;QAC3E,8FAA8F;KAC/F,CAAC;IACF,MAAM,IAAI,GAAsC;QAC9C,CAAC,EAAE,gBAAgB;QACnB,MAAM;QACN,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,iBAAiB,EAAE,MAAM,CAAC,WAAW;QACrC,qBAAqB,EAAE,MAAM,CAAC,eAAe;QAC7C,IAAI;QACJ,QAAQ;QACR,UAAU;QACV,UAAU;KACX,CAAC;IACF,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,EAAE,KAAK,CAAC,MAAM,IAAI,aAAa,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACpG,OAAO,EAAE,MAAM,EAAE,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,IAA0B,EAAE,MAAe;IAC3E,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC;IACvC,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,IAAI,aAAa,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACnG,IAAI,KAAK,GAAG,KAAK,CAAC;IAClB,IAAI,CAAC;QAAC,KAAK,GAAG,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;IAAC,CAAC;IAC3F,MAAM,CAAC;QAAC,KAAK,GAAG,KAAK,CAAC;IAAC,CAAC;IACxB,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,yCAAyC,EAAE,CAAC;IACpG,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACzD,IAAI,OAAO;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;IACzE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AACtC,CAAC;AAyBD,MAAM,UAAU,WAAW,CAAC,KAAiB;IAC3C,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,IAAI,QAAQ,GAA8B,QAAQ,CAAC;IAEnD,oBAAoB;IACpB,MAAM,CAAC,GAAG,iBAAiB,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACtD,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;QACV,OAAO,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/D,CAAC;SAAM,IAAI,KAAK,CAAC,kBAAkB,IAAI,KAAK,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3E,OAAO,CAAC,IAAI,CAAC,wBAAwB,KAAK,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC9E,CAAC;SAAM,CAAC;QACN,4BAA4B;QAC5B,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC;QACpD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAC,qBAAqB,GAAG,CAAC,KAAK,CAAC,mBAAmB,IAAI,CAAC,CAAC,CAAC;QAC/F,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,gBAAgB,EAAE,cAAc,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC,CAAC;QACnG,SAAS,GAAG,QAAQ,CAAC;QACrB,IAAI,QAAQ,IAAI,KAAK,CAAC,gBAAgB,EAAE,CAAC;YACvC,QAAQ,GAAG,UAAU,CAAC;YACtB,OAAO,CAAC,IAAI,CAAC,kFAAkF,kBAAkB,GAAG,CAAC,CAAC;QACxH,CAAC;aAAM,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;YACxB,QAAQ,GAAG,SAAS,CAAC;YACrB,OAAO,CAAC,IAAI,CAAC,2BAA2B,KAAK,CAAC,gBAAgB,6BAA6B,cAAc,2BAA2B,kBAAkB,GAAG,CAAC,CAAC;QAC7J,CAAC;aAAM,CAAC;YACN,QAAQ,GAAG,QAAQ,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,IAAI,GAAG;QACX,CAAC,EAAE,gBAA2C;QAC9C,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS;KACnE,CAAC;IACF,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,EAAE,KAAK,CAAC,MAAM,IAAI,aAAa,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACpG,OAAO,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,IAAkB;IAC/C,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC,aAAa,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,CAAuB;IACtD,OAAO,eAAe,CAAC,CAAC,UAAU,MAAM,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,iBAAiB,CAAC,cAAc,EAAE,uBAAuB,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AAClJ,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oracle_liability.test.d.ts","sourceRoot":"","sources":["../../src/oracle_liability/oracle_liability.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,186 @@
|
|
|
1
|
+
import { describe, it, expect } from "vitest";
|
|
2
|
+
import { assessRisk, issueCertificate, verifyCertificate, decideClaim, tierPremiumUsd, formatOracleLine, } from "./index.js";
|
|
3
|
+
describe("v2.18 · MNEME ORACLE", () => {
|
|
4
|
+
describe("assessRisk", () => {
|
|
5
|
+
it("BLOCK SOUL forces very_high regardless of other inputs", () => {
|
|
6
|
+
const r = assessRisk({ description: "x", soulVerdict: "BLOCK", bugProphetRisk: 0.05 });
|
|
7
|
+
expect(r.band).toBe("very_high");
|
|
8
|
+
expect(r.insurable).toBe(false);
|
|
9
|
+
});
|
|
10
|
+
it("PASS SOUL + low prophet + good aurelian = very_low / low", () => {
|
|
11
|
+
const r = assessRisk({
|
|
12
|
+
description: "tiny doc fix",
|
|
13
|
+
soulVerdict: "PASS",
|
|
14
|
+
bugProphetRisk: 0.05,
|
|
15
|
+
aurelianComposite: 90,
|
|
16
|
+
});
|
|
17
|
+
expect(r.insurable).toBe(true);
|
|
18
|
+
expect(["very_low", "low"]).toContain(r.band);
|
|
19
|
+
});
|
|
20
|
+
it("WARN SOUL adds 0.10", () => {
|
|
21
|
+
const a = assessRisk({ description: "x", soulVerdict: "PASS", bugProphetRisk: 0.20 });
|
|
22
|
+
const b = assessRisk({ description: "x", soulVerdict: "WARN", bugProphetRisk: 0.20 });
|
|
23
|
+
expect(b.riskScore).toBeGreaterThan(a.riskScore);
|
|
24
|
+
});
|
|
25
|
+
it("financial category multiplies risk 1.6×", () => {
|
|
26
|
+
const a = assessRisk({ description: "x", bugProphetRisk: 0.30, soulVerdict: "PASS", category: "code" });
|
|
27
|
+
const b = assessRisk({ description: "x", bugProphetRisk: 0.30, soulVerdict: "PASS", category: "financial" });
|
|
28
|
+
expect(b.riskScore).toBeGreaterThan(a.riskScore);
|
|
29
|
+
});
|
|
30
|
+
it("vendor falseRateLB > 0.1 increases risk", () => {
|
|
31
|
+
const a = assessRisk({ description: "x", bugProphetRisk: 0.10, soulVerdict: "PASS", vendorFalseRateLB: 0.05 });
|
|
32
|
+
const b = assessRisk({ description: "x", bugProphetRisk: 0.10, soulVerdict: "PASS", vendorFalseRateLB: 0.30 });
|
|
33
|
+
expect(b.riskScore).toBeGreaterThan(a.riskScore);
|
|
34
|
+
});
|
|
35
|
+
it("missing prophet defaults to skeptical 0.5", () => {
|
|
36
|
+
const r = assessRisk({ description: "x" });
|
|
37
|
+
expect(r.riskScore).toBeGreaterThanOrEqual(0.45);
|
|
38
|
+
});
|
|
39
|
+
it("riskScore is clamped to (0, 1)", () => {
|
|
40
|
+
const r = assessRisk({ description: "x", soulVerdict: "BLOCK", bugProphetRisk: 0.99, vendorFalseRateLB: 0.99, category: "financial" });
|
|
41
|
+
expect(r.riskScore).toBeLessThanOrEqual(0.99);
|
|
42
|
+
expect(r.riskScore).toBeGreaterThan(0);
|
|
43
|
+
});
|
|
44
|
+
});
|
|
45
|
+
describe("issueCertificate", () => {
|
|
46
|
+
it("issues a starter cert for low-risk change", () => {
|
|
47
|
+
const r = issueCertificate({
|
|
48
|
+
subscriber: "acme-corp",
|
|
49
|
+
tier: "starter",
|
|
50
|
+
change: { description: "doc tweak", soulVerdict: "PASS", bugProphetRisk: 0.05, aurelianComposite: 90 },
|
|
51
|
+
});
|
|
52
|
+
expect(r.issued).not.toBeNull();
|
|
53
|
+
expect(r.issued.tier).toBe("starter");
|
|
54
|
+
expect(r.issued.perIncidentCapUsd).toBe(1_000);
|
|
55
|
+
expect(r.issued.annualAggregateCapUsd).toBe(10_000);
|
|
56
|
+
expect(r.issued.sig).toMatch(/^[0-9a-f]{64}$/);
|
|
57
|
+
expect(r.issued.certId).toMatch(/^lc-[0-9a-f]{14}$/);
|
|
58
|
+
});
|
|
59
|
+
it("refuses to issue when not insurable (BLOCK SOUL)", () => {
|
|
60
|
+
const r = issueCertificate({
|
|
61
|
+
subscriber: "acme-corp",
|
|
62
|
+
tier: "team",
|
|
63
|
+
change: { description: "yolo prod migration", soulVerdict: "BLOCK", bugProphetRisk: 0.6 },
|
|
64
|
+
});
|
|
65
|
+
expect(r.issued).toBeNull();
|
|
66
|
+
expect(r.reason).toContain("not insurable");
|
|
67
|
+
});
|
|
68
|
+
it("refuses to issue when risk >= 0.50", () => {
|
|
69
|
+
const r = issueCertificate({
|
|
70
|
+
subscriber: "x",
|
|
71
|
+
tier: "starter",
|
|
72
|
+
change: { description: "x", soulVerdict: "WARN", bugProphetRisk: 0.55 },
|
|
73
|
+
});
|
|
74
|
+
expect(r.issued).toBeNull();
|
|
75
|
+
});
|
|
76
|
+
it("enterprise tier has $1M per-incident / $10M aggregate", () => {
|
|
77
|
+
const r = issueCertificate({
|
|
78
|
+
subscriber: "bigco",
|
|
79
|
+
tier: "enterprise",
|
|
80
|
+
change: { description: "x", soulVerdict: "PASS", bugProphetRisk: 0.05, aurelianComposite: 90 },
|
|
81
|
+
});
|
|
82
|
+
expect(r.issued.perIncidentCapUsd).toBe(1_000_000);
|
|
83
|
+
expect(r.issued.annualAggregateCapUsd).toBe(10_000_000);
|
|
84
|
+
});
|
|
85
|
+
it("attaches 5+ conditions to the cert", () => {
|
|
86
|
+
const r = issueCertificate({
|
|
87
|
+
subscriber: "x", tier: "starter",
|
|
88
|
+
change: { description: "x", soulVerdict: "PASS", bugProphetRisk: 0.05 },
|
|
89
|
+
});
|
|
90
|
+
expect(r.issued.conditions.length).toBeGreaterThanOrEqual(5);
|
|
91
|
+
expect(r.issued.conditions.some((c) => c.includes("PROJECT SOUL"))).toBe(true);
|
|
92
|
+
});
|
|
93
|
+
});
|
|
94
|
+
describe("verifyCertificate", () => {
|
|
95
|
+
it("verifies a clean cert", () => {
|
|
96
|
+
const r = issueCertificate({
|
|
97
|
+
subscriber: "x", tier: "starter",
|
|
98
|
+
change: { description: "x", soulVerdict: "PASS", bugProphetRisk: 0.05 },
|
|
99
|
+
});
|
|
100
|
+
const v = verifyCertificate(r.issued);
|
|
101
|
+
expect(v.ok).toBe(true);
|
|
102
|
+
});
|
|
103
|
+
it("rejects tampered cert", () => {
|
|
104
|
+
const r = issueCertificate({
|
|
105
|
+
subscriber: "x", tier: "starter",
|
|
106
|
+
change: { description: "x", soulVerdict: "PASS", bugProphetRisk: 0.05 },
|
|
107
|
+
});
|
|
108
|
+
const tampered = { ...r.issued, perIncidentCapUsd: 1_000_000_000 };
|
|
109
|
+
const v = verifyCertificate(tampered);
|
|
110
|
+
expect(v.ok).toBe(false);
|
|
111
|
+
expect(v.reason).toContain("sig mismatch");
|
|
112
|
+
});
|
|
113
|
+
it("rejects expired cert", () => {
|
|
114
|
+
const issuedAt = new Date(Date.now() - 31 * 24 * 60 * 60 * 1000).toISOString();
|
|
115
|
+
const r = issueCertificate({
|
|
116
|
+
subscriber: "x", tier: "starter", issuedAt,
|
|
117
|
+
change: { description: "x", soulVerdict: "PASS", bugProphetRisk: 0.05 },
|
|
118
|
+
});
|
|
119
|
+
const v = verifyCertificate(r.issued);
|
|
120
|
+
expect(v.expired).toBe(true);
|
|
121
|
+
expect(v.ok).toBe(false);
|
|
122
|
+
});
|
|
123
|
+
});
|
|
124
|
+
describe("decideClaim", () => {
|
|
125
|
+
function freshCert() {
|
|
126
|
+
return issueCertificate({
|
|
127
|
+
subscriber: "acme", tier: "team",
|
|
128
|
+
change: { description: "x", soulVerdict: "PASS", bugProphetRisk: 0.05, aurelianComposite: 90 },
|
|
129
|
+
}).issued;
|
|
130
|
+
}
|
|
131
|
+
it("approves a small claim under cap", () => {
|
|
132
|
+
const cert = freshCert();
|
|
133
|
+
const d = decideClaim({ cert, estimatedLossUsd: 500, incidentDescription: "minor bug" });
|
|
134
|
+
expect(d.decision).toBe("approved");
|
|
135
|
+
expect(d.payoutUsd).toBe(500);
|
|
136
|
+
expect(d.sig).toMatch(/^[0-9a-f]{64}$/);
|
|
137
|
+
});
|
|
138
|
+
it("partial when loss exceeds per-incident cap", () => {
|
|
139
|
+
const cert = freshCert(); // team: $10k per incident
|
|
140
|
+
const d = decideClaim({ cert, estimatedLossUsd: 50_000, incidentDescription: "big bug" });
|
|
141
|
+
expect(d.decision).toBe("partial");
|
|
142
|
+
expect(d.payoutUsd).toBe(10_000);
|
|
143
|
+
});
|
|
144
|
+
it("denied when aggregate cap exhausted", () => {
|
|
145
|
+
const cert = freshCert();
|
|
146
|
+
const d = decideClaim({
|
|
147
|
+
cert, estimatedLossUsd: 1000, incidentDescription: "x",
|
|
148
|
+
aggregatePaidYtdUsd: cert.annualAggregateCapUsd, // already paid out the whole year
|
|
149
|
+
});
|
|
150
|
+
expect(d.decision).toBe("denied");
|
|
151
|
+
expect(d.payoutUsd).toBe(0);
|
|
152
|
+
});
|
|
153
|
+
it("denied when conditions breached", () => {
|
|
154
|
+
const cert = freshCert();
|
|
155
|
+
const d = decideClaim({
|
|
156
|
+
cert, estimatedLossUsd: 500, incidentDescription: "x",
|
|
157
|
+
conditionsBreached: ["vendor swap mid-policy"],
|
|
158
|
+
});
|
|
159
|
+
expect(d.decision).toBe("denied");
|
|
160
|
+
expect(d.payoutUsd).toBe(0);
|
|
161
|
+
});
|
|
162
|
+
it("denied when cert sig is invalid", () => {
|
|
163
|
+
const cert = freshCert();
|
|
164
|
+
const tampered = { ...cert, perIncidentCapUsd: cert.perIncidentCapUsd * 1000 };
|
|
165
|
+
const d = decideClaim({ cert: tampered, estimatedLossUsd: 500, incidentDescription: "x" });
|
|
166
|
+
expect(d.decision).toBe("denied");
|
|
167
|
+
});
|
|
168
|
+
});
|
|
169
|
+
it("tierPremiumUsd ladder is monotone", () => {
|
|
170
|
+
expect(tierPremiumUsd("sovereign")).toBeGreaterThan(tierPremiumUsd("enterprise"));
|
|
171
|
+
expect(tierPremiumUsd("enterprise")).toBeGreaterThan(tierPremiumUsd("business"));
|
|
172
|
+
expect(tierPremiumUsd("business")).toBeGreaterThan(tierPremiumUsd("team"));
|
|
173
|
+
expect(tierPremiumUsd("team")).toBeGreaterThan(tierPremiumUsd("starter"));
|
|
174
|
+
});
|
|
175
|
+
it("formatOracleLine summarises", () => {
|
|
176
|
+
const r = issueCertificate({
|
|
177
|
+
subscriber: "acme", tier: "team",
|
|
178
|
+
change: { description: "x", soulVerdict: "PASS", bugProphetRisk: 0.05 },
|
|
179
|
+
});
|
|
180
|
+
const line = formatOracleLine(r.issued);
|
|
181
|
+
expect(line).toContain("ORACLE");
|
|
182
|
+
expect(line).toContain("acme");
|
|
183
|
+
expect(line).toContain("team");
|
|
184
|
+
});
|
|
185
|
+
});
|
|
186
|
+
//# sourceMappingURL=oracle_liability.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oracle_liability.test.js","sourceRoot":"","sources":["../../src/oracle_liability/oracle_liability.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,UAAU,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,WAAW,EAC5D,cAAc,EAAE,gBAAgB,GACjC,MAAM,YAAY,CAAC;AAEpB,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QAC1B,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;YAChE,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC;YACvF,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;YAClE,MAAM,CAAC,GAAG,UAAU,CAAC;gBACnB,WAAW,EAAE,cAAc;gBAC3B,WAAW,EAAE,MAAM;gBACnB,cAAc,EAAE,IAAI;gBACpB,iBAAiB,EAAE,EAAE;aACtB,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/B,MAAM,CAAC,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qBAAqB,EAAE,GAAG,EAAE;YAC7B,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC;YACtF,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC;YACtF,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YACxG,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC,CAAC;YAC7G,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC;YAC/G,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC;YAC/G,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3C,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,CAAC,GAAG,UAAU,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC,CAAC;YACvI,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAC9C,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;QAChC,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,CAAC,GAAG,gBAAgB,CAAC;gBACzB,UAAU,EAAE,WAAW;gBACvB,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE;aACvG,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAChC,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACvC,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAChD,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,qBAAqB,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACrD,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;YAChD,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;YAC1D,MAAM,CAAC,GAAG,gBAAgB,CAAC;gBACzB,UAAU,EAAE,WAAW;gBACvB,IAAI,EAAE,MAAM;gBACZ,MAAM,EAAE,EAAE,WAAW,EAAE,qBAAqB,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,EAAE;aAC1F,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;YAC5B,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,CAAC,GAAG,gBAAgB,CAAC;gBACzB,UAAU,EAAE,GAAG;gBACf,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE;aACxE,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uDAAuD,EAAE,GAAG,EAAE;YAC/D,MAAM,CAAC,GAAG,gBAAgB,CAAC;gBACzB,UAAU,EAAE,OAAO;gBACnB,IAAI,EAAE,YAAY;gBAClB,MAAM,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE;aAC/F,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACpD,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,qBAAqB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,CAAC,GAAG,gBAAgB,CAAC;gBACzB,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS;gBAChC,MAAM,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE;aACxE,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;YAC9D,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;YAC/B,MAAM,CAAC,GAAG,gBAAgB,CAAC;gBACzB,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS;gBAChC,MAAM,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE;aACxE,CAAC,CAAC;YACH,MAAM,CAAC,GAAG,iBAAiB,CAAC,CAAC,CAAC,MAAO,CAAC,CAAC;YACvC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;YAC/B,MAAM,CAAC,GAAG,gBAAgB,CAAC;gBACzB,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS;gBAChC,MAAM,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE;aACxE,CAAC,CAAC;YACH,MAAM,QAAQ,GAAG,EAAE,GAAG,CAAC,CAAC,MAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,CAAC;YACpE,MAAM,CAAC,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YACtC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACzB,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;YAC9B,MAAM,QAAQ,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;YAC/E,MAAM,CAAC,GAAG,gBAAgB,CAAC;gBACzB,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ;gBAC1C,MAAM,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE;aACxE,CAAC,CAAC;YACH,MAAM,CAAC,GAAG,iBAAiB,CAAC,CAAC,CAAC,MAAO,CAAC,CAAC;YACvC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,SAAS,SAAS;YAChB,OAAO,gBAAgB,CAAC;gBACtB,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM;gBAChC,MAAM,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE;aAC/F,CAAC,CAAC,MAAO,CAAC;QACb,CAAC;QAED,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,WAAW,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,EAAE,mBAAmB,EAAE,WAAW,EAAE,CAAC,CAAC;YACzF,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACpC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC9B,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;YACpD,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC,CAAC,0BAA0B;YACpD,MAAM,CAAC,GAAG,WAAW,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,MAAM,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,CAAC;YAC1F,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACnC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,WAAW,CAAC;gBACpB,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,mBAAmB,EAAE,GAAG;gBACtD,mBAAmB,EAAE,IAAI,CAAC,qBAAqB,EAAE,kCAAkC;aACpF,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,WAAW,CAAC;gBACpB,IAAI,EAAE,gBAAgB,EAAE,GAAG,EAAE,mBAAmB,EAAE,GAAG;gBACrD,kBAAkB,EAAE,CAAC,wBAAwB,CAAC;aAC/C,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,EAAE,GAAG,IAAI,EAAE,iBAAiB,EAAE,IAAI,CAAC,iBAAiB,GAAG,IAAI,EAAE,CAAC;YAC/E,MAAM,CAAC,GAAG,WAAW,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,gBAAgB,EAAE,GAAG,EAAE,mBAAmB,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3F,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC,CAAC,eAAe,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC,CAAC;QAClF,MAAM,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC,CAAC,eAAe,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC;QACjF,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,eAAe,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;QAC3E,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,CAAC,GAAG,gBAAgB,CAAC;YACzB,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM;YAChC,MAAM,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE;SACxE,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,gBAAgB,CAAC,CAAC,CAAC,MAAO,CAAC,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACjC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC/B,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* v2.18.0 — MNEME VERIFIED BADGE (the "Energy Star" of AI)
|
|
3
|
+
*
|
|
4
|
+
* "Vendor with measured falseRateLB < 0.05 (and minimum sample size)
|
|
5
|
+
* earns the right to display the 🛡 Mneme Verified Trustworthy badge.
|
|
6
|
+
* Badges are HMAC-signed time-limited certificates. Vendors PAY annual
|
|
7
|
+
* license to display. Renewal requires re-passing the gate."
|
|
8
|
+
*
|
|
9
|
+
* Tier system:
|
|
10
|
+
* PLATINUM — falseRateLB < 0.02, totalVerdicts >= 5000
|
|
11
|
+
* GOLD — falseRateLB < 0.05, totalVerdicts >= 1000
|
|
12
|
+
* SILVER — falseRateLB < 0.10, totalVerdicts >= 200
|
|
13
|
+
* BRONZE — falseRateLB < 0.20, totalVerdicts >= 50
|
|
14
|
+
* FAIL — none of the above; cannot display the badge
|
|
15
|
+
*
|
|
16
|
+
* Each badge:
|
|
17
|
+
* - Validity period: 90 days (re-test required)
|
|
18
|
+
* - Tier-locked (vendor can't claim PLATINUM if measured GOLD)
|
|
19
|
+
* - HMAC-signed; verifier can confirm any badge in the wild
|
|
20
|
+
* - Embed-safe SVG generator for marketing pages
|
|
21
|
+
*
|
|
22
|
+
* Composes onto v2.14 BOUNTY (falseRateLB) + v2.16 OBELISK (federated
|
|
23
|
+
* trust graph) + v2.18 ARENA (leaderboard). Pure issuance + verification;
|
|
24
|
+
* no liability — that's MNEME ORACLE.
|
|
25
|
+
*/
|
|
26
|
+
declare const PROTOCOL_VERSION: 1;
|
|
27
|
+
export type BadgeTier = "platinum" | "gold" | "silver" | "bronze" | "fail";
|
|
28
|
+
export interface BadgeInput {
|
|
29
|
+
vendor: string;
|
|
30
|
+
/** Vendor's display name on the badge (e.g., "Anthropic Claude"). */
|
|
31
|
+
displayName: string;
|
|
32
|
+
/** Measured falseRateLB from BOUNTY/OBELISK. */
|
|
33
|
+
falseRateLB: number;
|
|
34
|
+
/** Total verdicts in the sample (must clear tier minimum). */
|
|
35
|
+
totalVerdicts: number;
|
|
36
|
+
/** Issuance timestamp; defaults to now. */
|
|
37
|
+
issuedAt?: string;
|
|
38
|
+
/** Validity in days; defaults to 90. */
|
|
39
|
+
validityDays?: number;
|
|
40
|
+
secret?: string;
|
|
41
|
+
}
|
|
42
|
+
export interface VerifiedBadge {
|
|
43
|
+
v: typeof PROTOCOL_VERSION;
|
|
44
|
+
vendor: string;
|
|
45
|
+
displayName: string;
|
|
46
|
+
tier: BadgeTier;
|
|
47
|
+
measured: {
|
|
48
|
+
falseRateLB: number;
|
|
49
|
+
totalVerdicts: number;
|
|
50
|
+
};
|
|
51
|
+
issuedAt: string;
|
|
52
|
+
validUntil: string;
|
|
53
|
+
/** Public certificate ID for embed. */
|
|
54
|
+
certId: string;
|
|
55
|
+
/** HMAC over the certificate body. */
|
|
56
|
+
sig: string;
|
|
57
|
+
}
|
|
58
|
+
export interface VerifyResult {
|
|
59
|
+
ok: boolean;
|
|
60
|
+
expired: boolean;
|
|
61
|
+
reason?: string;
|
|
62
|
+
badge?: VerifiedBadge;
|
|
63
|
+
}
|
|
64
|
+
export declare function determineTier(falseRateLB: number, totalVerdicts: number): BadgeTier;
|
|
65
|
+
export declare function issueBadge(input: BadgeInput): VerifiedBadge;
|
|
66
|
+
export declare function verifyBadge(badge: VerifiedBadge, secret?: string): VerifyResult;
|
|
67
|
+
/**
|
|
68
|
+
* Generate an embed-safe SVG for the badge. Width/height fixed at 240×60
|
|
69
|
+
* for marketing footers. Tier color: platinum silver-blue, gold yellow-orange,
|
|
70
|
+
* silver gray, bronze copper. Includes the certId so verifiers can lookup.
|
|
71
|
+
*/
|
|
72
|
+
export declare function badgeSvg(badge: VerifiedBadge): string;
|
|
73
|
+
/** One-line pulse summary. */
|
|
74
|
+
export declare function formatBadgeLine(b: VerifiedBadge): string;
|
|
75
|
+
/** Tier-pricing model (informational; the actual billing is out of band). */
|
|
76
|
+
export declare function tierAnnualLicense(tier: BadgeTier): number;
|
|
77
|
+
export {};
|
|
78
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/verified_badge/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAIH,QAAA,MAAM,gBAAgB,EAAG,CAAU,CAAC;AAEpC,MAAM,MAAM,SAAS,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,CAAC;AAE3E,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,qEAAqE;IACrE,WAAW,EAAE,MAAM,CAAC;IACpB,gDAAgD;IAChD,WAAW,EAAE,MAAM,CAAC;IACpB,8DAA8D;IAC9D,aAAa,EAAE,MAAM,CAAC;IACtB,2CAA2C;IAC3C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,wCAAwC;IACxC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,aAAa;IAC5B,CAAC,EAAE,OAAO,gBAAgB,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,SAAS,CAAC;IAChB,QAAQ,EAAE;QACR,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,EAAE,MAAM,CAAC;KACvB,CAAC;IACF,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,uCAAuC;IACvC,MAAM,EAAE,MAAM,CAAC;IACf,sCAAsC;IACtC,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,aAAa,CAAC;CACvB;AAoBD,wBAAgB,aAAa,CAAC,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,SAAS,CAOnF;AAQD,wBAAgB,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,aAAa,CAqB3D;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,aAAa,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,YAAY,CAW/E;AAED;;;;GAIG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,MAAM,CAiBrD;AAED,8BAA8B;AAC9B,wBAAgB,eAAe,CAAC,CAAC,EAAE,aAAa,GAAG,MAAM,CAExD;AAED,6EAA6E;AAC7E,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,SAAS,GAAG,MAAM,CAGzD"}
|
|
@@ -0,0 +1,131 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* v2.18.0 — MNEME VERIFIED BADGE (the "Energy Star" of AI)
|
|
3
|
+
*
|
|
4
|
+
* "Vendor with measured falseRateLB < 0.05 (and minimum sample size)
|
|
5
|
+
* earns the right to display the 🛡 Mneme Verified Trustworthy badge.
|
|
6
|
+
* Badges are HMAC-signed time-limited certificates. Vendors PAY annual
|
|
7
|
+
* license to display. Renewal requires re-passing the gate."
|
|
8
|
+
*
|
|
9
|
+
* Tier system:
|
|
10
|
+
* PLATINUM — falseRateLB < 0.02, totalVerdicts >= 5000
|
|
11
|
+
* GOLD — falseRateLB < 0.05, totalVerdicts >= 1000
|
|
12
|
+
* SILVER — falseRateLB < 0.10, totalVerdicts >= 200
|
|
13
|
+
* BRONZE — falseRateLB < 0.20, totalVerdicts >= 50
|
|
14
|
+
* FAIL — none of the above; cannot display the badge
|
|
15
|
+
*
|
|
16
|
+
* Each badge:
|
|
17
|
+
* - Validity period: 90 days (re-test required)
|
|
18
|
+
* - Tier-locked (vendor can't claim PLATINUM if measured GOLD)
|
|
19
|
+
* - HMAC-signed; verifier can confirm any badge in the wild
|
|
20
|
+
* - Embed-safe SVG generator for marketing pages
|
|
21
|
+
*
|
|
22
|
+
* Composes onto v2.14 BOUNTY (falseRateLB) + v2.16 OBELISK (federated
|
|
23
|
+
* trust graph) + v2.18 ARENA (leaderboard). Pure issuance + verification;
|
|
24
|
+
* no liability — that's MNEME ORACLE.
|
|
25
|
+
*/
|
|
26
|
+
import { createHmac, timingSafeEqual } from "node:crypto";
|
|
27
|
+
const PROTOCOL_VERSION = 1;
|
|
28
|
+
const TIER_RULES = [
|
|
29
|
+
{ tier: "platinum", maxFR: 0.02, minVerdicts: 5000 },
|
|
30
|
+
{ tier: "gold", maxFR: 0.05, minVerdicts: 1000 },
|
|
31
|
+
{ tier: "silver", maxFR: 0.10, minVerdicts: 200 },
|
|
32
|
+
{ tier: "bronze", maxFR: 0.20, minVerdicts: 50 },
|
|
33
|
+
];
|
|
34
|
+
function canon(v) {
|
|
35
|
+
if (v === null || typeof v !== "object")
|
|
36
|
+
return JSON.stringify(v);
|
|
37
|
+
if (Array.isArray(v))
|
|
38
|
+
return "[" + v.map(canon).join(",") + "]";
|
|
39
|
+
const keys = Object.keys(v).sort();
|
|
40
|
+
return "{" + keys.map((k) => JSON.stringify(k) + ":" + canon(v[k])).join(",") + "}";
|
|
41
|
+
}
|
|
42
|
+
function defaultSecret() {
|
|
43
|
+
return process.env["MNEME_BADGE_SECRET"] || `mneme-verified-badge-v${PROTOCOL_VERSION}`;
|
|
44
|
+
}
|
|
45
|
+
export function determineTier(falseRateLB, totalVerdicts) {
|
|
46
|
+
for (const rule of TIER_RULES) {
|
|
47
|
+
if (falseRateLB < rule.maxFR && totalVerdicts >= rule.minVerdicts) {
|
|
48
|
+
return rule.tier;
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
return "fail";
|
|
52
|
+
}
|
|
53
|
+
function rng32(seed) {
|
|
54
|
+
// Deterministic certId derived from canonical body — easier to verify out
|
|
55
|
+
// of band; not a secret, just a pretty handle.
|
|
56
|
+
return createHmac("sha256", "mneme-badge-certid").update(seed).digest("hex").slice(0, 12);
|
|
57
|
+
}
|
|
58
|
+
export function issueBadge(input) {
|
|
59
|
+
const tier = determineTier(input.falseRateLB, input.totalVerdicts);
|
|
60
|
+
const issuedAt = input.issuedAt ?? new Date().toISOString();
|
|
61
|
+
const validityDays = input.validityDays ?? 90;
|
|
62
|
+
const validUntil = new Date(Date.parse(issuedAt) + validityDays * 24 * 60 * 60 * 1000).toISOString();
|
|
63
|
+
const certIdSeed = `${input.vendor}|${tier}|${issuedAt}|${input.falseRateLB}`;
|
|
64
|
+
const body = {
|
|
65
|
+
v: PROTOCOL_VERSION,
|
|
66
|
+
vendor: input.vendor,
|
|
67
|
+
displayName: input.displayName,
|
|
68
|
+
tier,
|
|
69
|
+
measured: {
|
|
70
|
+
falseRateLB: Math.round(input.falseRateLB * 100000) / 100000,
|
|
71
|
+
totalVerdicts: input.totalVerdicts,
|
|
72
|
+
},
|
|
73
|
+
issuedAt,
|
|
74
|
+
validUntil,
|
|
75
|
+
certId: rng32(certIdSeed),
|
|
76
|
+
};
|
|
77
|
+
const sig = createHmac("sha256", input.secret ?? defaultSecret()).update(canon(body)).digest("hex");
|
|
78
|
+
return { ...body, sig };
|
|
79
|
+
}
|
|
80
|
+
export function verifyBadge(badge, secret) {
|
|
81
|
+
const { sig: claimed, ...body } = badge;
|
|
82
|
+
const expected = createHmac("sha256", secret ?? defaultSecret()).update(canon(body)).digest("hex");
|
|
83
|
+
let okSig = false;
|
|
84
|
+
try {
|
|
85
|
+
okSig = timingSafeEqual(Buffer.from(expected, "hex"), Buffer.from(claimed, "hex"));
|
|
86
|
+
}
|
|
87
|
+
catch {
|
|
88
|
+
okSig = false;
|
|
89
|
+
}
|
|
90
|
+
if (!okSig)
|
|
91
|
+
return { ok: false, expired: false, reason: "badge sig mismatch — forged or wrong key" };
|
|
92
|
+
const expired = Date.now() > Date.parse(badge.validUntil);
|
|
93
|
+
if (expired)
|
|
94
|
+
return { ok: false, expired: true, reason: "badge expired", badge };
|
|
95
|
+
if (badge.tier === "fail")
|
|
96
|
+
return { ok: false, expired: false, reason: "tier=fail; vendor cannot display badge" };
|
|
97
|
+
return { ok: true, expired: false, badge };
|
|
98
|
+
}
|
|
99
|
+
/**
|
|
100
|
+
* Generate an embed-safe SVG for the badge. Width/height fixed at 240×60
|
|
101
|
+
* for marketing footers. Tier color: platinum silver-blue, gold yellow-orange,
|
|
102
|
+
* silver gray, bronze copper. Includes the certId so verifiers can lookup.
|
|
103
|
+
*/
|
|
104
|
+
export function badgeSvg(badge) {
|
|
105
|
+
const colors = {
|
|
106
|
+
platinum: { bg: "#1e293b", ring: "#94a3b8", text: "#e2e8f0" },
|
|
107
|
+
gold: { bg: "#3a2e0a", ring: "#fbbf24", text: "#fef3c7" },
|
|
108
|
+
silver: { bg: "#27272a", ring: "#a1a1aa", text: "#f4f4f5" },
|
|
109
|
+
bronze: { bg: "#3a1f0e", ring: "#d97706", text: "#fed7aa" },
|
|
110
|
+
fail: { bg: "#1a1015", ring: "#6b7280", text: "#9ca3af" },
|
|
111
|
+
};
|
|
112
|
+
const c = colors[badge.tier];
|
|
113
|
+
const escape = (s) => s.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">");
|
|
114
|
+
return `<svg xmlns="http://www.w3.org/2000/svg" width="240" height="60" viewBox="0 0 240 60" role="img" aria-label="Mneme Verified Trustworthy ${badge.tier} for ${badge.vendor}">
|
|
115
|
+
<rect width="240" height="60" rx="8" fill="${c.bg}" stroke="${c.ring}" stroke-width="2"/>
|
|
116
|
+
<text x="14" y="22" font-family="system-ui, sans-serif" font-size="11" fill="${c.ring}" letter-spacing="1.5">🛡 MNEME VERIFIED</text>
|
|
117
|
+
<text x="14" y="42" font-family="system-ui, sans-serif" font-size="14" font-weight="700" fill="${c.text}">${escape(badge.displayName)}</text>
|
|
118
|
+
<text x="226" y="22" text-anchor="end" font-family="system-ui, sans-serif" font-size="11" fill="${c.ring}" font-weight="700" letter-spacing="2">${badge.tier.toUpperCase()}</text>
|
|
119
|
+
<text x="226" y="42" text-anchor="end" font-family="ui-monospace, monospace" font-size="9" fill="${c.text}" opacity="0.65">cert:${badge.certId}</text>
|
|
120
|
+
</svg>`;
|
|
121
|
+
}
|
|
122
|
+
/** One-line pulse summary. */
|
|
123
|
+
export function formatBadgeLine(b) {
|
|
124
|
+
return `BADGE 🛡 · ${b.displayName} · ${b.tier} · expires ${b.validUntil.slice(0, 10)}`;
|
|
125
|
+
}
|
|
126
|
+
/** Tier-pricing model (informational; the actual billing is out of band). */
|
|
127
|
+
export function tierAnnualLicense(tier) {
|
|
128
|
+
// USD/year. Defensible numbers based on certification industry comparables.
|
|
129
|
+
return { platinum: 50000, gold: 12000, silver: 3000, bronze: 500, fail: 0 }[tier];
|
|
130
|
+
}
|
|
131
|
+
//# sourceMappingURL=index.js.map
|