npm - @mneme-ai/core - Versions diffs - 2.21.3 → 2.21.4 - Mend

@mneme-ai/core 2.21.3 → 2.21.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/dist/agent_manifest.d.ts.map +1 -1
package/dist/agent_manifest.js +16 -0
package/dist/agent_manifest.js.map +1 -1
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +9 -0
package/dist/index.js.map +1 -1
package/dist/trust_capsule/index.d.ts +194 -0
package/dist/trust_capsule/index.d.ts.map +1 -0
package/dist/trust_capsule/index.js +392 -0
package/dist/trust_capsule/index.js.map +1 -0
package/dist/trust_capsule/trust_capsule.test.d.ts +2 -0
package/dist/trust_capsule/trust_capsule.test.d.ts.map +1 -0
package/dist/trust_capsule/trust_capsule.test.js +297 -0
package/dist/trust_capsule/trust_capsule.test.js.map +1 -0
package/package.json +1 -1

package/dist/trust_capsule/index.d.ts ADDED Viewed

@@ -0,0 +1,194 @@
+/**
+ * v2.21.4 — TRUST CAPSULE.
+ *
+ * Discrete, single-line, tamper-evident attestation that an installed
+ * Mneme is what it claims to be. AI agents read ONE number (trustScore
+ * 0-100) instead of 30 fields. Composes on top of `verify-self`.
+ *
+ * INNOVATIONS
+ *
+ *   1. MERKLE INSTALL-ROOT — compute a single 22-char hash over every
+ *      shipped file (.js / .cjs / .mjs / .json / .d.ts). Detects a
+ *      single-byte tamper anywhere in the install tree, not just in
+ *      package.json (which is all the v2.19.96 verify-self hashed).
+ *
+ *   2. TRUST SCORE (0-100) — single composed signal:
+ *        +40 if HMAC signature of capsule verifies
+ *        +20 if current Merkle matches the install-time snapshot
+ *        +20 if install path lives under a sane npm prefix
+ *        +20 if install is recent (≤ 90 days since first snapshot)
+ *      Bands: 0-39 ABORT · 40-69 CAUTION · 70-100 TRUST. One number
+ *      replaces "read 30 fields and decide".
+ *
+ *   3. CAPSULE URI — `mneme://attest/v1/<ver>/<merkle22>/<ts>/<sig22>`
+ *      paste-able anywhere: pulse banner, commit message, Slack, gist.
+ *      Receiver pastes back into `mneme verify-self --verify <uri>`
+ *      to validate.
+ *
+ *   4. NONCE-BOUND CAPABILITY — optional caller-supplied nonce binds
+ *      the capsule to a single session. Stops replay of a captured
+ *      capsule into a future session.
+ *
+ *   5. OFFLINE-FIRST DRIFT — first verify-self call caches the
+ *      Merkle to `.mneme/trust/install-merkle.json`; subsequent calls
+ *      compare. No network. A file tampered with AFTER install
+ *      shows up as `driftedFiles[]`.
+ *
+ * Composes onto v2.19.96 verifySelf — does not replace it.
+ */
+export interface MerkleResult {
+    /** Merkle root: base64url, 22 chars. */
+    root: string;
+    /** Total file count hashed. */
+    fileCount: number;
+    /** Total bytes hashed. */
+    byteCount: number;
+    /** Per-file hash lines (sorted by relative path) — useful for diff. */
+    entries: Array<{
+        path: string;
+        sha: string;
+        size: number;
+    }>;
+}
+/** Compute the Merkle install-root over all hashable files under installRoot.
+ *  Pure read-only. Deterministic: same install → same root, byte for byte. */
+export declare function computeInstallMerkle(installRoot: string): MerkleResult;
+export interface InstallSnapshot {
+    v: 1;
+    /** When the install was first observed. */
+    capturedAt: string;
+    /** Installed version at capture time. */
+    version: string;
+    /** Merkle root at capture time. */
+    merkle: string;
+    /** File count at capture time. */
+    fileCount: number;
+}
+export declare function getInstallSnapshot(repoRoot: string): InstallSnapshot | null;
+/** Persist the install Merkle as the offline-first drift baseline.
+ *  Called by `verify-self` on first run (lazy) or by postinstall (eager).
+ *  Idempotent. */
+export declare function captureInstallSnapshot(repoRoot: string, opts: {
+    version: string;
+    merkle: string;
+    fileCount: number;
+}): InstallSnapshot;
+export interface DriftReport {
+    drifted: boolean;
+    /** Files present in current Merkle but absent from snapshot. */
+    added: string[];
+    /** Files in snapshot but absent now. */
+    removed: string[];
+    /** Files in both but content changed. */
+    changed: string[];
+}
+export declare function compareToSnapshot(current: MerkleResult, snapshot: InstallSnapshot | null, snapshotEntries?: Array<{
+    path: string;
+    sha: string;
+}>): DriftReport;
+export interface TrustScoreInput {
+    signatureOk: boolean;
+    noDrift: boolean;
+    pathSane: boolean;
+    recent: boolean;
+}
+export type TrustBand = "ABORT" | "CAUTION" | "TRUST";
+export interface TrustScore {
+    score: number;
+    band: TrustBand;
+    components: {
+        signature: 0 | 40;
+        drift: 0 | 20;
+        path: 0 | 20;
+        age: 0 | 20;
+    };
+}
+export declare function computeTrustScore(inp: TrustScoreInput): TrustScore;
+export interface Capsule {
+    version: string;
+    merkle: string;
+    ts: number;
+    exp: number;
+    sig: string;
+    nonce?: string;
+    /** 22-char sig of the previous capsule in this chain (optional). */
+    prev?: string;
+}
+/** Default capsule TTL — 5 minutes. Short enough that replaying a
+ *  captured capsule into a future session is physically prevented;
+ *  long enough that humans + AI agents can paste-and-act without race
+ *  conditions. */
+export declare const DEFAULT_TTL_SECONDS = 300;
+export interface BuildCapsuleOptions {
+    version: string;
+    merkle: string;
+    /** Caller-supplied nonce binds the capsule to a single session. */
+    nonce?: string;
+    /** Time-to-live in seconds (default 300 = 5 min). Pass 0 to mint a
+     *  capsule with no expiry — discouraged in production. */
+    ttlSeconds?: number;
+    /** Previous capsule's sig — links this capsule into a chain. AI
+     *  agents that see multiple capsules in one session verify they form
+     *  a chain (no rogue capsule injection mid-session). */
+    prev?: string;
+}
+/** Build a single-line capsule URI. Pure local — uses the install-local
+ *  HMAC key (auto-generated on first call, lives in
+ *  `.mneme/trust/capsule.key`).
+ *
+ *  Musk-style first-principles defenses:
+ *    - TTL: capsule self-destructs after ttlSeconds (default 300).
+ *      Replay attack window is physical, not cryptographic.
+ *    - chain-link: optional `prev` ties this capsule to predecessor.
+ *      Captured one capsule? Useless without the whole chain.
+ *    - nonce: session-bound capability. */
+export declare function buildCapsule(repoRoot: string, opts: BuildCapsuleOptions): {
+    capsule: Capsule;
+    uri: string;
+};
+export declare function parseCapsule(uri: string): Capsule | null;
+export interface VerifyCapsuleOptions {
+    /** When true, accept capsules past their expiry (use for forensics
+     *  on old capsules; never for production gating). */
+    allowExpired?: boolean;
+    /** Caller-known expected nonce — if set, capsule's nonce must match. */
+    expectedNonce?: string;
+}
+export declare function verifyCapsule(repoRoot: string, capsule: Capsule | string, opts?: VerifyCapsuleOptions): {
+    ok: boolean;
+    reason?: string;
+};
+/** Verify a sequence of capsules forms a valid chain. Each capsule's
+ *  `prev` must equal the prior capsule's `sig`. First capsule must not
+ *  have `prev` (or `prev` is ignored on the first link). All capsules
+ *  must individually verify (signature + non-expired). */
+export declare function verifyCapsuleChain(repoRoot: string, capsules: Array<Capsule | string>, opts?: VerifyCapsuleOptions): {
+    ok: boolean;
+    reason?: string;
+    brokenAt?: number;
+};
+export interface DeepAttestation {
+    ok: boolean;
+    version: string;
+    installPath: string;
+    merkle: string;
+    fileCount: number;
+    snapshotCaptured: boolean;
+    drift: DriftReport;
+    trustScore: TrustScore;
+    capsuleUri: string;
+    /** One line a human can paste anywhere. */
+    oneLine: string;
+}
+export interface VerifySelfDeepOptions {
+    /** Caller-supplied nonce to bind capsule to a session. */
+    nonce?: string;
+    /** When true, refuses to capture a snapshot if none exists yet.
+     *  Useful for CI gating. */
+    noAutoCapture?: boolean;
+}
+/** The discrete + super-optimized verify-self. Composes Merkle install-
+ *  root + drift + trust score + capsule URI into one call. */
+export declare function verifySelfDeep(installRoot: string, repoRoot: string, version: string, opts?: VerifySelfDeepOptions): DeepAttestation;
+export declare function formatDeepAttestation(a: DeepAttestation): string;
+//# sourceMappingURL=index.d.ts.map

package/dist/trust_capsule/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/trust_capsule/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAoCH,MAAM,WAAW,YAAY;IAC3B,wCAAwC;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,+BAA+B;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,uEAAuE;IACvE,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAC7D;AAsBD;8EAC8E;AAC9E,wBAAgB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,YAAY,CAiBtE;AAID,MAAM,WAAW,eAAe;IAC9B,CAAC,EAAE,CAAC,CAAC;IACL,2CAA2C;IAC3C,UAAU,EAAE,MAAM,CAAC;IACnB,yCAAyC;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,mCAAmC;IACnC,MAAM,EAAE,MAAM,CAAC;IACf,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAMD,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI,CAI3E;AAED;;kBAEkB;AAClB,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,GAAG,eAAe,CAUtI;AAID,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,gEAAgE;IAChE,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,wCAAwC;IACxC,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,yCAAyC;IACzC,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,eAAe,GAAG,IAAI,EAAE,eAAe,CAAC,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAAC,GAAG,WAAW,CAmB9J;AAID,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,OAAO,CAAC;IACrB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,MAAM,SAAS,GAAG,OAAO,GAAG,SAAS,GAAG,OAAO,CAAC;AAEtD,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,SAAS,CAAC;IAChB,UAAU,EAAE;QACV,SAAS,EAAE,CAAC,GAAG,EAAE,CAAC;QAClB,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC;QACd,IAAI,EAAE,CAAC,GAAG,EAAE,CAAC;QACb,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC;KACb,CAAC;CACH;AA+BD,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,eAAe,GAAG,UAAU,CAUlE;AAID,MAAM,WAAW,OAAO;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,oEAAoE;IACpE,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAID;;;kBAGkB;AAClB,eAAO,MAAM,mBAAmB,MAAM,CAAC;AAEvC,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,mEAAmE;IACnE,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;8DAC0D;IAC1D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;4DAEwD;IACxD,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED;;;;;;;;;2CAS2C;AAC3C,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,mBAAmB,GAAG;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAkB3G;AAED,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,GAAG,IAAI,CAmBxD;AAED,MAAM,WAAW,oBAAoB;IACnC;yDACqD;IACrD,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,wEAAwE;IACxE,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,MAAM,EAAE,IAAI,GAAE,oBAAyB,GAAG;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAiB5I;AAED;;;0DAG0D;AAC1D,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,EAAE,IAAI,GAAE,oBAAyB,GAAG;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,CAc5K;AAID,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,KAAK,EAAE,WAAW,CAAC;IACnB,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,2CAA2C;IAC3C,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAqB;IACpC,0DAA0D;IAC1D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;gCAC4B;IAC5B,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;8DAC8D;AAC9D,wBAAgB,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,GAAE,qBAA0B,GAAG,eAAe,CAgCxI;AAID,wBAAgB,qBAAqB,CAAC,CAAC,EAAE,eAAe,GAAG,MAAM,CA2BhE"}

package/dist/trust_capsule/index.js ADDED Viewed

@@ -0,0 +1,392 @@
+/**
+ * v2.21.4 — TRUST CAPSULE.
+ *
+ * Discrete, single-line, tamper-evident attestation that an installed
+ * Mneme is what it claims to be. AI agents read ONE number (trustScore
+ * 0-100) instead of 30 fields. Composes on top of `verify-self`.
+ *
+ * INNOVATIONS
+ *
+ *   1. MERKLE INSTALL-ROOT — compute a single 22-char hash over every
+ *      shipped file (.js / .cjs / .mjs / .json / .d.ts). Detects a
+ *      single-byte tamper anywhere in the install tree, not just in
+ *      package.json (which is all the v2.19.96 verify-self hashed).
+ *
+ *   2. TRUST SCORE (0-100) — single composed signal:
+ *        +40 if HMAC signature of capsule verifies
+ *        +20 if current Merkle matches the install-time snapshot
+ *        +20 if install path lives under a sane npm prefix
+ *        +20 if install is recent (≤ 90 days since first snapshot)
+ *      Bands: 0-39 ABORT · 40-69 CAUTION · 70-100 TRUST. One number
+ *      replaces "read 30 fields and decide".
+ *
+ *   3. CAPSULE URI — `mneme://attest/v1/<ver>/<merkle22>/<ts>/<sig22>`
+ *      paste-able anywhere: pulse banner, commit message, Slack, gist.
+ *      Receiver pastes back into `mneme verify-self --verify <uri>`
+ *      to validate.
+ *
+ *   4. NONCE-BOUND CAPABILITY — optional caller-supplied nonce binds
+ *      the capsule to a single session. Stops replay of a captured
+ *      capsule into a future session.
+ *
+ *   5. OFFLINE-FIRST DRIFT — first verify-self call caches the
+ *      Merkle to `.mneme/trust/install-merkle.json`; subsequent calls
+ *      compare. No network. A file tampered with AFTER install
+ *      shows up as `driftedFiles[]`.
+ *
+ * Composes onto v2.19.96 verifySelf — does not replace it.
+ */
+import { existsSync, readFileSync, writeFileSync, mkdirSync, readdirSync, statSync } from "node:fs";
+import { join, relative, sep } from "node:path";
+import { createHash, createHmac, randomBytes } from "node:crypto";
+const KEY_FILE = "capsule.key";
+const SNAPSHOT_FILE = "install-merkle.json";
+const TRUST_DIR_REL = join(".mneme", "trust");
+const HASHABLE_EXT = new Set([".js", ".cjs", ".mjs", ".json", ".d.ts", ".ts", ".md", ".txt"]);
+const SKIP_DIR = new Set(["node_modules", ".git", ".mneme", "logs", "cache", "tmp", "coverage", "dist-test"]);
+const MAX_FILES = 50_000;
+// ─── KEY ─────────────────────────────────────────────────────────────
+function trustDir(repoRoot) {
+    const d = join(repoRoot, TRUST_DIR_REL);
+    if (!existsSync(d))
+        mkdirSync(d, { recursive: true });
+    return d;
+}
+function getKey(repoRoot) {
+    const p = join(trustDir(repoRoot), KEY_FILE);
+    if (existsSync(p))
+        return readFileSync(p, "utf8").trim();
+    const k = randomBytes(32).toString("base64url");
+    writeFileSync(p, k, "utf8");
+    return k;
+}
+function sign(payload, k) {
+    return createHmac("sha256", k).update(payload).digest("base64url").slice(0, 22);
+}
+function walk(root, dir, files) {
+    if (files.length > MAX_FILES)
+        return;
+    let names;
+    try {
+        names = readdirSync(dir);
+    }
+    catch {
+        return;
+    }
+    for (const name of names) {
+        if (SKIP_DIR.has(name))
+            continue;
+        const full = join(dir, name);
+        let st;
+        try {
+            st = statSync(full);
+        }
+        catch {
+            continue;
+        }
+        if (st.isDirectory())
+            walk(root, full, files);
+        else if (st.isFile()) {
+            const lower = name.toLowerCase();
+            const dot = lower.lastIndexOf(".");
+            if (dot === -1)
+                continue;
+            const ext = lower.endsWith(".d.ts") ? ".d.ts" : lower.slice(dot);
+            if (HASHABLE_EXT.has(ext))
+                files.push(full);
+        }
+    }
+}
+/** Compute the Merkle install-root over all hashable files under installRoot.
+ *  Pure read-only. Deterministic: same install → same root, byte for byte. */
+export function computeInstallMerkle(installRoot) {
+    const files = [];
+    walk(installRoot, installRoot, files);
+    const entries = [];
+    let byteCount = 0;
+    for (const f of files) {
+        let buf;
+        try {
+            buf = readFileSync(f);
+        }
+        catch {
+            continue;
+        }
+        const sha = createHash("sha256").update(buf).digest("base64url").slice(0, 22);
+        const rel = relative(installRoot, f).split(sep).join("/");
+        entries.push({ path: rel, sha, size: buf.length });
+        byteCount += buf.length;
+    }
+    entries.sort((a, b) => a.path.localeCompare(b.path));
+    const concat = entries.map((e) => `${e.path}\t${e.sha}`).join("\n");
+    const root = createHash("sha256").update(concat).digest("base64url").slice(0, 22);
+    return { root, fileCount: entries.length, byteCount, entries };
+}
+function snapshotPath(repoRoot) {
+    return join(trustDir(repoRoot), SNAPSHOT_FILE);
+}
+export function getInstallSnapshot(repoRoot) {
+    const p = snapshotPath(repoRoot);
+    if (!existsSync(p))
+        return null;
+    try {
+        return JSON.parse(readFileSync(p, "utf8"));
+    }
+    catch {
+        return null;
+    }
+}
+/** Persist the install Merkle as the offline-first drift baseline.
+ *  Called by `verify-self` on first run (lazy) or by postinstall (eager).
+ *  Idempotent. */
+export function captureInstallSnapshot(repoRoot, opts) {
+    const snap = {
+        v: 1,
+        capturedAt: new Date().toISOString(),
+        version: opts.version,
+        merkle: opts.merkle,
+        fileCount: opts.fileCount,
+    };
+    writeFileSync(snapshotPath(repoRoot), JSON.stringify(snap, null, 2), "utf8");
+    return snap;
+}
+export function compareToSnapshot(current, snapshot, snapshotEntries) {
+    if (!snapshot)
+        return { drifted: false, added: [], removed: [], changed: [] };
+    // Without per-file snapshot we can only compare roots; but we expose
+    // a richer report if the caller hands us entries (used by tests).
+    if (!snapshotEntries) {
+        const drifted = current.root !== snapshot.merkle;
+        return { drifted, added: [], removed: [], changed: drifted ? ["<root-mismatch>"] : [] };
+    }
+    const cur = new Map(current.entries.map((e) => [e.path, e.sha]));
+    const snap = new Map(snapshotEntries.map((e) => [e.path, e.sha]));
+    const added = [];
+    const removed = [];
+    const changed = [];
+    for (const [p, sha] of cur) {
+        if (!snap.has(p))
+            added.push(p);
+        else if (snap.get(p) !== sha)
+            changed.push(p);
+    }
+    for (const [p] of snap)
+        if (!cur.has(p))
+            removed.push(p);
+    return { drifted: added.length + removed.length + changed.length > 0, added, removed, changed };
+}
+/** Standard npm prefix patterns we treat as sane. Pure substring check —
+ *  cheap, no shell-out. */
+const SANE_PATH_HINTS = [
+    "node_modules", // any project local install
+    "/usr/local", // homebrew + manual prefix
+    "/opt/", // /opt/homebrew + /opt/local
+    "AppData\\", // %APPDATA% on Windows
+    "AppData/", // same, forward slashes
+    "nvm", // any NVM variant
+    ".volta", // volta
+    ".fnm", // fnm
+    "scoop", // scoop
+];
+function isPathSane(installPath) {
+    if (!installPath)
+        return false;
+    const p = installPath.toLowerCase();
+    return SANE_PATH_HINTS.some((h) => p.includes(h.toLowerCase()));
+}
+function isRecent(snapshot, maxDays = 90) {
+    if (!snapshot)
+        return true; // fresh first-run snapshot counts as recent
+    try {
+        const captured = Date.parse(snapshot.capturedAt);
+        if (Number.isNaN(captured))
+            return false;
+        return (Date.now() - captured) / 86_400_000 <= maxDays;
+    }
+    catch {
+        return false;
+    }
+}
+export function computeTrustScore(inp) {
+    const components = {
+        signature: (inp.signatureOk ? 40 : 0),
+        drift: (inp.noDrift ? 20 : 0),
+        path: (inp.pathSane ? 20 : 0),
+        age: (inp.recent ? 20 : 0),
+    };
+    const score = components.signature + components.drift + components.path + components.age;
+    const band = score < 40 ? "ABORT" : score < 70 ? "CAUTION" : "TRUST";
+    return { score, band, components };
+}
+const CAPSULE_PREFIX = "mneme://attest/v1/";
+/** Default capsule TTL — 5 minutes. Short enough that replaying a
+ *  captured capsule into a future session is physically prevented;
+ *  long enough that humans + AI agents can paste-and-act without race
+ *  conditions. */
+export const DEFAULT_TTL_SECONDS = 300;
+/** Build a single-line capsule URI. Pure local — uses the install-local
+ *  HMAC key (auto-generated on first call, lives in
+ *  `.mneme/trust/capsule.key`).
+ *
+ *  Musk-style first-principles defenses:
+ *    - TTL: capsule self-destructs after ttlSeconds (default 300).
+ *      Replay attack window is physical, not cryptographic.
+ *    - chain-link: optional `prev` ties this capsule to predecessor.
+ *      Captured one capsule? Useless without the whole chain.
+ *    - nonce: session-bound capability. */
+export function buildCapsule(repoRoot, opts) {
+    const k = getKey(repoRoot);
+    const ts = Math.floor(Date.now() / 1000);
+    const ttl = opts.ttlSeconds === undefined ? DEFAULT_TTL_SECONDS : Math.max(0, opts.ttlSeconds);
+    const exp = ttl === 0 ? 0 : ts + ttl;
+    const noncePart = opts.nonce ? `|${opts.nonce}` : "";
+    const prevPart = opts.prev ? `|${opts.prev}` : "";
+    const canonical = `${opts.version}|${opts.merkle}|${ts}|${exp}${noncePart}${prevPart}`;
+    const sig = sign(canonical, k);
+    const capsule = { version: opts.version, merkle: opts.merkle, ts, exp, sig };
+    if (opts.nonce)
+        capsule.nonce = opts.nonce;
+    if (opts.prev)
+        capsule.prev = opts.prev;
+    const params = [];
+    if (opts.nonce)
+        params.push(`nonce=${encodeURIComponent(opts.nonce)}`);
+    if (opts.prev)
+        params.push(`prev=${encodeURIComponent(opts.prev)}`);
+    const queryPart = params.length ? `?${params.join("&")}` : "";
+    const uri = `${CAPSULE_PREFIX}${encodeURIComponent(opts.version)}/${opts.merkle}/${ts}/${exp}/${sig}${queryPart}`;
+    return { capsule, uri };
+}
+export function parseCapsule(uri) {
+    if (!uri.startsWith(CAPSULE_PREFIX))
+        return null;
+    const rest = uri.slice(CAPSULE_PREFIX.length);
+    const [pathPart, queryPart] = rest.split("?");
+    const segs = pathPart.split("/");
+    if (segs.length !== 5)
+        return null;
+    const [verEnc, merkle, tsStr, expStr, sig] = segs;
+    const ts = parseInt(tsStr, 10);
+    const exp = parseInt(expStr, 10);
+    if (Number.isNaN(ts) || Number.isNaN(exp) || !merkle || !sig)
+        return null;
+    const out = { version: decodeURIComponent(verEnc), merkle, ts, exp, sig };
+    if (queryPart) {
+        const params = new URLSearchParams(queryPart);
+        const n = params.get("nonce");
+        if (n)
+            out.nonce = n;
+        const p = params.get("prev");
+        if (p)
+            out.prev = p;
+    }
+    return out;
+}
+export function verifyCapsule(repoRoot, capsule, opts = {}) {
+    const c = typeof capsule === "string" ? parseCapsule(capsule) : capsule;
+    if (!c)
+        return { ok: false, reason: "malformed capsule URI" };
+    const k = getKey(repoRoot);
+    const noncePart = c.nonce ? `|${c.nonce}` : "";
+    const prevPart = c.prev ? `|${c.prev}` : "";
+    const canonical = `${c.version}|${c.merkle}|${c.ts}|${c.exp}${noncePart}${prevPart}`;
+    const expected = sign(canonical, k);
+    if (expected !== c.sig)
+        return { ok: false, reason: "HMAC signature mismatch — capsule was forged or signed by a different install" };
+    if (c.exp > 0 && !opts.allowExpired) {
+        const now = Math.floor(Date.now() / 1000);
+        if (now > c.exp)
+            return { ok: false, reason: `capsule expired ${now - c.exp}s ago — request a fresh one` };
+    }
+    if (opts.expectedNonce !== undefined && c.nonce !== opts.expectedNonce) {
+        return { ok: false, reason: "nonce mismatch — capsule was minted for a different session" };
+    }
+    return { ok: true };
+}
+/** Verify a sequence of capsules forms a valid chain. Each capsule's
+ *  `prev` must equal the prior capsule's `sig`. First capsule must not
+ *  have `prev` (or `prev` is ignored on the first link). All capsules
+ *  must individually verify (signature + non-expired). */
+export function verifyCapsuleChain(repoRoot, capsules, opts = {}) {
+    if (capsules.length === 0)
+        return { ok: false, reason: "empty chain" };
+    let prevSig = undefined;
+    for (let i = 0; i < capsules.length; i++) {
+        const c = typeof capsules[i] === "string" ? parseCapsule(capsules[i]) : capsules[i];
+        if (!c)
+            return { ok: false, reason: `capsule ${i} malformed`, brokenAt: i };
+        const v = verifyCapsule(repoRoot, c, opts);
+        if (!v.ok)
+            return { ok: false, reason: `capsule ${i}: ${v.reason}`, brokenAt: i };
+        if (i > 0 && c.prev !== prevSig) {
+            return { ok: false, reason: `capsule ${i} prev=${c.prev?.slice(0, 8) ?? "<none>"} does not match capsule ${i - 1} sig=${prevSig?.slice(0, 8)}`, brokenAt: i };
+        }
+        prevSig = c.sig;
+    }
+    return { ok: true };
+}
+/** The discrete + super-optimized verify-self. Composes Merkle install-
+ *  root + drift + trust score + capsule URI into one call. */
+export function verifySelfDeep(installRoot, repoRoot, version, opts = {}) {
+    const merkle = computeInstallMerkle(installRoot);
+    let snapshot = getInstallSnapshot(repoRoot);
+    let snapshotCaptured = false;
+    // Offline-first: lazy capture on first run (unless caller opted out).
+    if (!snapshot && !opts.noAutoCapture) {
+        snapshot = captureInstallSnapshot(repoRoot, { version, merkle: merkle.root, fileCount: merkle.fileCount });
+        snapshotCaptured = true;
+    }
+    const drift = compareToSnapshot(merkle, snapshot);
+    // Build capsule first so we know whether sig verifies (used in trust score).
+    const { uri } = buildCapsule(repoRoot, { version, merkle: merkle.root, nonce: opts.nonce });
+    const sigOk = verifyCapsule(repoRoot, uri).ok;
+    const trustScore = computeTrustScore({
+        signatureOk: sigOk,
+        noDrift: !drift.drifted,
+        pathSane: isPathSane(installRoot),
+        recent: isRecent(snapshot),
+    });
+    const oneLine = `TRUST=${trustScore.score}/100 [${trustScore.band}] · v${version} · merkle=${merkle.root} · drift=${drift.drifted ? "YES" : "no"} · ${uri}`;
+    return {
+        ok: trustScore.band !== "ABORT",
+        version,
+        installPath: installRoot,
+        merkle: merkle.root,
+        fileCount: merkle.fileCount,
+        snapshotCaptured,
+        drift,
+        trustScore,
+        capsuleUri: uri,
+        oneLine,
+    };
+}
+// ─── FORMATTER ───────────────────────────────────────────────────────
+export function formatDeepAttestation(a) {
+    const badge = a.trustScore.band === "TRUST" ? "🟢"
+        : a.trustScore.band === "CAUTION" ? "🟡"
+            : "🔴";
+    const lines = [
+        `${badge} TRUST CAPSULE — ${a.trustScore.band} (${a.trustScore.score}/100)`,
+        ``,
+        `  Version:        ${a.version}`,
+        `  Install path:   ${a.installPath}`,
+        `  Merkle root:    ${a.merkle}  (${a.fileCount} files)`,
+        `  Snapshot:       ${a.snapshotCaptured ? "captured now (first run)" : "loaded from .mneme/trust/install-merkle.json"}`,
+        `  Drift:          ${a.drift.drifted ? `⚠ YES (added=${a.drift.added.length} removed=${a.drift.removed.length} changed=${a.drift.changed.length})` : "✓ no drift"}`,
+        ``,
+        `  Trust score components:`,
+        `    signature OK:   ${a.trustScore.components.signature === 40 ? "✓ +40" : "✗ +0"}`,
+        `    no drift:       ${a.trustScore.components.drift === 20 ? "✓ +20" : "✗ +0"}`,
+        `    path sane:      ${a.trustScore.components.path === 20 ? "✓ +20" : "✗ +0"}`,
+        `    recent install: ${a.trustScore.components.age === 20 ? "✓ +20" : "✗ +0"}`,
+        ``,
+        `  Capsule URI (paste anywhere — pulse, commit, Slack):`,
+        `    ${a.capsuleUri}`,
+        ``,
+        `  One-line for AI agents:`,
+        `    ${a.oneLine}`,
+        ``,
+    ];
+    return lines.join("\n");
+}
+//# sourceMappingURL=index.js.map

package/dist/trust_capsule/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/trust_capsule/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACpG,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAElE,MAAM,QAAQ,GAAG,aAAa,CAAC;AAC/B,MAAM,aAAa,GAAG,qBAAqB,CAAC;AAC5C,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAE9C,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;AAC9F,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC;AAC9G,MAAM,SAAS,GAAG,MAAM,CAAC;AAEzB,wEAAwE;AAExE,SAAS,QAAQ,CAAC,QAAgB;IAChC,MAAM,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IACxC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAAE,SAAS,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,MAAM,CAAC,QAAgB;IAC9B,MAAM,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,CAAC;IAC7C,IAAI,UAAU,CAAC,CAAC,CAAC;QAAE,OAAO,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;IACzD,MAAM,CAAC,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAChD,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;IAC5B,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,IAAI,CAAC,OAAe,EAAE,CAAS;IACtC,OAAO,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAClF,CAAC;AAeD,SAAS,IAAI,CAAC,IAAY,EAAE,GAAW,EAAE,KAAe;IACtD,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS;QAAE,OAAO;IACrC,IAAI,KAAe,CAAC;IACpB,IAAI,CAAC;QAAC,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC;IAAC,MAAM,CAAC;QAAC,OAAO;IAAC,CAAC;IACnD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,SAAS;QACjC,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC7B,IAAI,EAAE,CAAC;QACP,IAAI,CAAC;YAAC,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,SAAS;QAAC,CAAC;QAChD,IAAI,EAAE,CAAC,WAAW,EAAE;YAAE,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;aACzC,IAAI,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACnC,IAAI,GAAG,KAAK,CAAC,CAAC;gBAAE,SAAS;YACzB,MAAM,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACjE,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;AACH,CAAC;AAED;8EAC8E;AAC9E,MAAM,UAAU,oBAAoB,CAAC,WAAmB;IACtD,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC;IACtC,MAAM,OAAO,GAAuD,EAAE,CAAC;IACvE,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,GAAW,CAAC;QAChB,IAAI,CAAC;YAAC,GAAG,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,SAAS;QAAC,CAAC;QAClD,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9E,MAAM,GAAG,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QACnD,SAAS,IAAI,GAAG,CAAC,MAAM,CAAC;IAC1B,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACrD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpE,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAClF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;AACjE,CAAC;AAgBD,SAAS,YAAY,CAAC,QAAgB;IACpC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,aAAa,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,QAAgB;IACjD,MAAM,CAAC,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACjC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAChC,IAAI,CAAC;QAAC,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IAAC,CAAC;IAAC,MAAM,CAAC;QAAC,OAAO,IAAI,CAAC;IAAC,CAAC;AAC5E,CAAC;AAED;;kBAEkB;AAClB,MAAM,UAAU,sBAAsB,CAAC,QAAgB,EAAE,IAA4D;IACnH,MAAM,IAAI,GAAoB;QAC5B,CAAC,EAAE,CAAC;QACJ,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,SAAS,EAAE,IAAI,CAAC,SAAS;KAC1B,CAAC;IACF,aAAa,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IAC7E,OAAO,IAAI,CAAC;AACd,CAAC;AAcD,MAAM,UAAU,iBAAiB,CAAC,OAAqB,EAAE,QAAgC,EAAE,eAAsD;IAC/I,IAAI,CAAC,QAAQ;QAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IAC9E,qEAAqE;IACrE,kEAAkE;IAClE,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,MAAM,CAAC;QACjD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC1F,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACjE,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAClE,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,GAAG,EAAE,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;aAC3B,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC;IACD,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI;QAAE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACzD,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAClG,CAAC;AAwBD;2BAC2B;AAC3B,MAAM,eAAe,GAAG;IACtB,cAAc,EAAM,4BAA4B;IAChD,YAAY,EAAQ,2BAA2B;IAC/C,OAAO,EAAa,6BAA6B;IACjD,WAAW,EAAS,uBAAuB;IAC3C,UAAU,EAAU,wBAAwB;IAC5C,KAAK,EAAe,kBAAkB;IACtC,QAAQ,EAAY,QAAQ;IAC5B,MAAM,EAAc,MAAM;IAC1B,OAAO,EAAa,QAAQ;CAC7B,CAAC;AAEF,SAAS,UAAU,CAAC,WAAmB;IACrC,IAAI,CAAC,WAAW;QAAE,OAAO,KAAK,CAAC;IAC/B,MAAM,CAAC,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC;IACpC,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;AAClE,CAAC;AAED,SAAS,QAAQ,CAAC,QAAgC,EAAE,OAAO,GAAG,EAAE;IAC9D,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC,CAAC,4CAA4C;IACxE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC;YAAE,OAAO,KAAK,CAAC;QACzC,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,GAAG,UAAU,IAAI,OAAO,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QAAC,OAAO,KAAK,CAAC;IAAC,CAAC;AAC3B,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,GAAoB;IACpD,MAAM,UAAU,GAAG;QACjB,SAAS,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAW;QAC/C,KAAK,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAW;QACvC,IAAI,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAW;QACvC,GAAG,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAW;KACrC,CAAC;IACF,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,GAAG,UAAU,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC;IACzF,MAAM,IAAI,GAAc,KAAK,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC;IAChF,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;AACrC,CAAC;AAeD,MAAM,cAAc,GAAG,oBAAoB,CAAC;AAE5C;;;kBAGkB;AAClB,MAAM,CAAC,MAAM,mBAAmB,GAAG,GAAG,CAAC;AAgBvC;;;;;;;;;2CAS2C;AAC3C,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,IAAyB;IACtE,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACzC,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IAC/F,MAAM,GAAG,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAClD,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,IAAI,EAAE,IAAI,GAAG,GAAG,SAAS,GAAG,QAAQ,EAAE,CAAC;IACvF,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IAC/B,MAAM,OAAO,GAAY,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IACtF,IAAI,IAAI,CAAC,KAAK;QAAE,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;IAC3C,IAAI,IAAI,CAAC,IAAI;QAAE,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;IACxC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,IAAI,CAAC,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,SAAS,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACvE,IAAI,IAAI,CAAC,IAAI;QAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpE,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC9D,MAAM,GAAG,GAAG,GAAG,cAAc,GAAG,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,MAAM,IAAI,EAAE,IAAI,GAAG,IAAI,GAAG,GAAG,SAAS,EAAE,CAAC;IAClH,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,GAAW;IACtC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,cAAc,CAAC;QAAE,OAAO,IAAI,CAAC;IACjD,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAC9C,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9C,MAAM,IAAI,GAAG,QAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI,CAAC;IAClD,MAAM,EAAE,GAAG,QAAQ,CAAC,KAAM,EAAE,EAAE,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAO,EAAE,EAAE,CAAC,CAAC;IAClC,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAC1E,MAAM,GAAG,GAAY,EAAE,OAAO,EAAE,kBAAkB,CAAC,MAAO,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IACpF,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,SAAS,CAAC,CAAC;QAC9C,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9B,IAAI,CAAC;YAAE,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC;QACrB,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC7B,IAAI,CAAC;YAAE,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC;IACtB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAUD,MAAM,UAAU,aAAa,CAAC,QAAgB,EAAE,OAAyB,EAAE,OAA6B,EAAE;IACxG,MAAM,CAAC,GAAG,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IACxE,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;IAC9D,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC3B,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC/C,MAAM,QAAQ,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC5C,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,GAAG,SAAS,GAAG,QAAQ,EAAE,CAAC;IACrF,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACpC,IAAI,QAAQ,KAAK,CAAC,CAAC,GAAG;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,+EAA+E,EAAE,CAAC;IACtI,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,IAAI,GAAG,GAAG,CAAC,CAAC,GAAG;YAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,GAAG,GAAG,CAAC,CAAC,GAAG,6BAA6B,EAAE,CAAC;IAC7G,CAAC;IACD,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,IAAI,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;QACvE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,6DAA6D,EAAE,CAAC;IAC9F,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;AACtB,CAAC;AAED;;;0DAG0D;AAC1D,MAAM,UAAU,kBAAkB,CAAC,QAAgB,EAAE,QAAiC,EAAE,OAA6B,EAAE;IACrH,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IACvE,IAAI,OAAO,GAAuB,SAAS,CAAC;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAY,CAAC;QACzG,IAAI,CAAC,CAAC;YAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,CAAC,YAAY,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,GAAG,aAAa,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAC3C,IAAI,CAAC,CAAC,CAAC,EAAE;YAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;QAClF,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YAChC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,QAAQ,2BAA2B,CAAC,GAAG,CAAC,QAAQ,OAAO,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;QAChK,CAAC;QACD,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC;IAClB,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;AACtB,CAAC;AA0BD;8DAC8D;AAC9D,MAAM,UAAU,cAAc,CAAC,WAAmB,EAAE,QAAgB,EAAE,OAAe,EAAE,OAA8B,EAAE;IACrH,MAAM,MAAM,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;IACjD,IAAI,QAAQ,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAC5C,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAC7B,sEAAsE;IACtE,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;QACrC,QAAQ,GAAG,sBAAsB,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QAC3G,gBAAgB,GAAG,IAAI,CAAC;IAC1B,CAAC;IACD,MAAM,KAAK,GAAG,iBAAiB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAClD,6EAA6E;IAC7E,MAAM,EAAE,GAAG,EAAE,GAAG,YAAY,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IAC5F,MAAM,KAAK,GAAG,aAAa,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;IAC9C,MAAM,UAAU,GAAG,iBAAiB,CAAC;QACnC,WAAW,EAAE,KAAK;QAClB,OAAO,EAAE,CAAC,KAAK,CAAC,OAAO;QACvB,QAAQ,EAAE,UAAU,CAAC,WAAW,CAAC;QACjC,MAAM,EAAE,QAAQ,CAAC,QAAQ,CAAC;KAC3B,CAAC,CAAC;IACH,MAAM,OAAO,GAAG,SAAS,UAAU,CAAC,KAAK,SAAS,UAAU,CAAC,IAAI,QAAQ,OAAO,aAAa,MAAM,CAAC,IAAI,YAAY,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,MAAM,GAAG,EAAE,CAAC;IAC5J,OAAO;QACL,EAAE,EAAE,UAAU,CAAC,IAAI,KAAK,OAAO;QAC/B,OAAO;QACP,WAAW,EAAE,WAAW;QACxB,MAAM,EAAE,MAAM,CAAC,IAAI;QACnB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,gBAAgB;QAChB,KAAK;QACL,UAAU;QACV,UAAU,EAAE,GAAG;QACf,OAAO;KACR,CAAC;AACJ,CAAC;AAED,wEAAwE;AAExE,MAAM,UAAU,qBAAqB,CAAC,CAAkB;IACtD,MAAM,KAAK,GAAG,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI;QACtC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI;YACxC,CAAC,CAAC,IAAI,CAAC;IACnB,MAAM,KAAK,GAAa;QACtB,GAAG,KAAK,oBAAoB,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,CAAC,CAAC,UAAU,CAAC,KAAK,OAAO;QAC3E,EAAE;QACF,qBAAqB,CAAC,CAAC,OAAO,EAAE;QAChC,qBAAqB,CAAC,CAAC,WAAW,EAAE;QACpC,qBAAqB,CAAC,CAAC,MAAM,MAAM,CAAC,CAAC,SAAS,SAAS;QACvD,qBAAqB,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,8CAA8C,EAAE;QACvH,qBAAqB,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,YAAY,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,YAAY,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,YAAY,EAAE;QACnK,EAAE;QACF,2BAA2B;QAC3B,uBAAuB,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE;QACpF,uBAAuB,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE;QAChF,uBAAuB,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE;QAC/E,uBAAuB,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE;QAC9E,EAAE;QACF,wDAAwD;QACxD,OAAO,CAAC,CAAC,UAAU,EAAE;QACrB,EAAE;QACF,2BAA2B;QAC3B,OAAO,CAAC,CAAC,OAAO,EAAE;QAClB,EAAE;KACH,CAAC;IACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/trust_capsule/trust_capsule.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=trust_capsule.test.d.ts.map

package/dist/trust_capsule/trust_capsule.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"trust_capsule.test.d.ts","sourceRoot":"","sources":["../../src/trust_capsule/trust_capsule.test.ts"],"names":[],"mappings":""}