npm - @motebit/crypto - Versions diffs - 0.8.0 - Mend

@motebit/crypto 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/LICENSE +26 -0
package/README.md +142 -0
package/dist/artifacts.d.ts +268 -0
package/dist/artifacts.d.ts.map +1 -0
package/dist/artifacts.js +506 -0
package/dist/artifacts.js.map +1 -0
package/dist/credential-anchor.d.ts +97 -0
package/dist/credential-anchor.d.ts.map +1 -0
package/dist/credential-anchor.js +159 -0
package/dist/credential-anchor.js.map +1 -0
package/dist/credentials.d.ts +107 -0
package/dist/credentials.d.ts.map +1 -0
package/dist/credentials.js +209 -0
package/dist/credentials.js.map +1 -0
package/dist/index.d.ts +212 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2513 -0
package/dist/index.js.map +1 -0
package/dist/signing.d.ts +97 -0
package/dist/signing.d.ts.map +1 -0
package/dist/signing.js +282 -0
package/dist/signing.js.map +1 -0
package/package.json +67 -0

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,212 @@
+/**
+ * @motebit/crypto — Protocol cryptography for Motebit artifacts.
+ *
+ * Sign and verify identity files, execution receipts, verifiable credentials,
+ * delegation tokens, key successions, and presentations. One package, any
+ * artifact, zero monorepo dependencies.
+ *
+ * Zero monorepo dependencies — only @noble/ed25519 for cryptography.
+ *
+ * Usage:
+ *   import { verify } from "@motebit/crypto";
+ *
+ *   // Verify any artifact
+ *   const result = await verify(fs.readFileSync("motebit.md", "utf-8"));
+ *
+ *   // Sign an execution receipt
+ *   import { signExecutionReceipt } from "@motebit/crypto";
+ *   const signed = await signExecutionReceipt(receipt, privateKey, publicKey);
+ *
+ *   // Issue a verifiable credential
+ *   import { issueReputationCredential } from "@motebit/crypto";
+ *   const vc = await issueReputationCredential(snapshot, privateKey, publicKey, did);
+ */
+export interface MotebitIdentityFile {
+    spec: string;
+    motebit_id: string;
+    created_at: string;
+    owner_id: string;
+    type?: "personal" | "service" | "collaborative";
+    service_name?: string;
+    service_description?: string;
+    service_url?: string;
+    capabilities?: string[];
+    terms_url?: string;
+    identity: {
+        algorithm: "Ed25519";
+        public_key: string;
+    };
+    governance: {
+        trust_mode: "full" | "guarded" | "minimal";
+        max_risk_auto: string;
+        require_approval_above: string;
+        deny_above: string;
+        operator_mode: boolean;
+    };
+    privacy: {
+        default_sensitivity: string;
+        retention_days: Record<string, number>;
+        fail_closed: boolean;
+    };
+    memory: {
+        half_life_days: number;
+        confidence_threshold: number;
+        per_turn_limit: number;
+    };
+    /** Organizational guardian for key recovery and enterprise custody (§3.3). */
+    guardian?: {
+        public_key: string;
+        organization?: string;
+        organization_id?: string;
+        established_at: string;
+        /** Ed25519 signature proving guardian governs this agent. */
+        attestation?: string;
+    };
+    devices: Array<{
+        device_id: string;
+        name: string;
+        public_key: string;
+        registered_at: string;
+    }>;
+    succession?: Array<SuccessionRecord>;
+}
+export interface SuccessionRecord {
+    old_public_key: string;
+    new_public_key: string;
+    timestamp: number;
+    reason?: string;
+    old_key_signature?: string;
+    new_key_signature: string;
+    /** True when succession was authorized by guardian, not old key. */
+    recovery?: boolean;
+    /** Guardian signature — present only when recovery is true. */
+    guardian_signature?: string;
+}
+export interface ExecutionReceipt {
+    task_id: string;
+    motebit_id: string;
+    /** Signer's Ed25519 public key (hex). Enables verification without relay lookup. */
+    public_key?: string;
+    device_id: string;
+    submitted_at: number;
+    completed_at: number;
+    status: string;
+    result: string;
+    tools_used: string[];
+    memories_formed: number;
+    prompt_hash: string;
+    result_hash: string;
+    delegation_receipts?: ExecutionReceipt[];
+    delegated_scope?: string;
+    signature: string;
+}
+export type { DataIntegrityProof, VerifiableCredential, VerifiablePresentation, } from "./credentials.js";
+import type { VerifiableCredential, VerifiablePresentation } from "./credentials.js";
+export interface VerificationError {
+    message: string;
+    path?: string;
+}
+interface BaseResult {
+    valid: boolean;
+    errors?: VerificationError[];
+}
+export interface IdentityVerifyResult extends BaseResult {
+    type: "identity";
+    identity: MotebitIdentityFile | null;
+    did?: string;
+    /** First error message. Convenience accessor for backward compatibility. */
+    error?: string;
+    succession?: {
+        valid: boolean;
+        genesis_public_key?: string;
+        rotations: number;
+        error?: string;
+    };
+}
+export interface ReceiptVerifyResult extends BaseResult {
+    type: "receipt";
+    receipt: ExecutionReceipt | null;
+    signer?: string;
+    delegations?: ReceiptVerifyResult[];
+}
+export interface CredentialVerifyResult extends BaseResult {
+    type: "credential";
+    credential: VerifiableCredential | null;
+    issuer?: string;
+    subject?: string;
+    expired?: boolean;
+}
+export interface PresentationVerifyResult extends BaseResult {
+    type: "presentation";
+    presentation: VerifiablePresentation | null;
+    holder?: string;
+    credentials?: CredentialVerifyResult[];
+}
+export type VerifyResult = IdentityVerifyResult | ReceiptVerifyResult | CredentialVerifyResult | PresentationVerifyResult;
+export type ArtifactType = VerifyResult["type"];
+export interface VerifyOptions {
+    expectedType?: ArtifactType;
+    /** Clock skew tolerance in seconds for credential expiry checks. Default: 60. */
+    clockSkewSeconds?: number;
+}
+/** @deprecated Use VerifyResult instead. Kept for backward compatibility. */
+export interface LegacyVerifyResult {
+    valid: boolean;
+    identity: MotebitIdentityFile | null;
+    did?: string;
+    error?: string;
+    succession?: {
+        valid: boolean;
+        genesis_public_key?: string;
+        rotations: number;
+        error?: string;
+    };
+}
+/**
+ * Parse a motebit.md file into its components.
+ * Does not verify the signature — use `verify()` for that.
+ */
+export declare function parse(content: string): {
+    frontmatter: MotebitIdentityFile;
+    signature: string;
+    rawFrontmatter: string;
+};
+/**
+ * Verify any Motebit artifact: identity file, execution receipt,
+ * verifiable credential, or verifiable presentation.
+ *
+ * Accepts strings (identity files, JSON) or parsed objects (receipts,
+ * credentials, presentations). Detects the artifact type automatically.
+ *
+ * Use `options.expectedType` to fail fast if the artifact doesn't match
+ * the expected type.
+ *
+ * @example
+ * ```ts
+ * import { verify } from "@motebit/crypto";
+ *
+ * // Identity file (string)
+ * const r1 = await verify(identityFileContent);
+ * if (r1.type === "identity" && r1.valid) console.log(r1.did);
+ *
+ * // Execution receipt (object or JSON string)
+ * const r2 = await verify(receipt, { expectedType: "receipt" });
+ * if (r2.type === "receipt" && r2.valid) console.log(r2.signer);
+ *
+ * // Verifiable credential
+ * const r3 = await verify(credential);
+ * if (r3.type === "credential" && r3.valid) console.log(r3.issuer);
+ * ```
+ */
+export declare function verify(artifact: unknown, options?: VerifyOptions): Promise<VerifyResult>;
+/**
+ * Verify a motebit.md identity file. Backward-compatible with pre-0.4.0.
+ *
+ * @deprecated Use `verify(content)` instead — it handles all artifact types.
+ */
+export declare function verifyIdentityFile(content: string): Promise<LegacyVerifyResult>;
+export * from "./signing.js";
+export * from "./artifacts.js";
+export { signVerifiableCredential, verifyVerifiableCredential, signVerifiablePresentation, verifyVerifiablePresentation, issueGradientCredential, issueReputationCredential, issueTrustCredential, createPresentation, type GradientCredentialSubject, type ReputationCredentialSubject, type TrustCredentialSubject, } from "./credentials.js";
+export { computeCredentialLeaf, verifyCredentialAnchor, type CredentialAnchorVerifyResult, type CredentialAnchorProofFields, type ChainAnchorVerifier, } from "./credential-anchor.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAcH,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IAGjB,IAAI,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,eAAe,CAAC;IAChD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,QAAQ,EAAE;QACR,SAAS,EAAE,SAAS,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;IAEF,UAAU,EAAE;QACV,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS,CAAC;QAC3C,aAAa,EAAE,MAAM,CAAC;QACtB,sBAAsB,EAAE,MAAM,CAAC;QAC/B,UAAU,EAAE,MAAM,CAAC;QACnB,aAAa,EAAE,OAAO,CAAC;KACxB,CAAC;IAEF,OAAO,EAAE;QACP,mBAAmB,EAAE,MAAM,CAAC;QAC5B,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACvC,WAAW,EAAE,OAAO,CAAC;KACtB,CAAC;IAEF,MAAM,EAAE;QACN,cAAc,EAAE,MAAM,CAAC;QACvB,oBAAoB,EAAE,MAAM,CAAC;QAC7B,cAAc,EAAE,MAAM,CAAC;KACxB,CAAC;IAEF,8EAA8E;IAC9E,QAAQ,CAAC,EAAE;QACT,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,cAAc,EAAE,MAAM,CAAC;QACvB,6DAA6D;QAC7D,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IAEF,OAAO,EAAE,KAAK,CAAC;QACb,SAAS,EAAE,MAAM,CAAC;QAClB,IAAI,EAAE,MAAM,CAAC;QACb,UAAU,EAAE,MAAM,CAAC;QACnB,aAAa,EAAE,MAAM,CAAC;KACvB,CAAC,CAAC;IAEH,UAAU,CAAC,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;CACtC;AAED,MAAM,WAAW,gBAAgB;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,oEAAoE;IACpE,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,+DAA+D;IAC/D,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAMD,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,oFAAoF;IACpF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,eAAe,EAAE,MAAM,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,gBAAgB,EAAE,CAAC;IACzC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;CACnB;AAOD,YAAY,EACV,kBAAkB,EAClB,oBAAoB,EACpB,sBAAsB,GACvB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAEV,oBAAoB,EACpB,sBAAsB,EACvB,MAAM,kBAAkB,CAAC;AAM1B,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,UAAU,UAAU;IAClB,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,iBAAiB,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,oBAAqB,SAAQ,UAAU;IACtD,IAAI,EAAE,UAAU,CAAC;IACjB,QAAQ,EAAE,mBAAmB,GAAG,IAAI,CAAC;IACrC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,4EAA4E;IAC5E,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE;QACX,KAAK,EAAE,OAAO,CAAC;QACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,SAAS,EAAE,MAAM,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;CACH;AAED,MAAM,WAAW,mBAAoB,SAAQ,UAAU;IACrD,IAAI,EAAE,SAAS,CAAC;IAChB,OAAO,EAAE,gBAAgB,GAAG,IAAI,CAAC;IACjC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,mBAAmB,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,sBAAuB,SAAQ,UAAU;IACxD,IAAI,EAAE,YAAY,CAAC;IACnB,UAAU,EAAE,oBAAoB,GAAG,IAAI,CAAC;IACxC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,wBAAyB,SAAQ,UAAU;IAC1D,IAAI,EAAE,cAAc,CAAC;IACrB,YAAY,EAAE,sBAAsB,GAAG,IAAI,CAAC;IAC5C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,sBAAsB,EAAE,CAAC;CACxC;AAED,MAAM,MAAM,YAAY,GACpB,oBAAoB,GACpB,mBAAmB,GACnB,sBAAsB,GACtB,wBAAwB,CAAC;AAE7B,MAAM,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;AAEhD,MAAM,WAAW,aAAa;IAC5B,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,iFAAiF;IACjF,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAMD,6EAA6E;AAC7E,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,OAAO,CAAC;IACf,QAAQ,EAAE,mBAAmB,GAAG,IAAI,CAAC;IACrC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE;QACX,KAAK,EAAE,OAAO,CAAC;QACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,SAAS,EAAE,MAAM,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;CACH;AAyTD;;;GAGG;AACH,wBAAgB,KAAK,CAAC,OAAO,EAAE,MAAM,GAAG;IACtC,WAAW,EAAE,mBAAmB,CAAC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;CACxB,CAqBA;AAieD;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAsB,MAAM,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC,CAwD9F;AAED;;;;GAIG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC,CASrF;AAOD,cAAc,cAAc,CAAC;AAC7B,cAAc,gBAAgB,CAAC;AAC/B,OAAO,EACL,wBAAwB,EACxB,0BAA0B,EAC1B,0BAA0B,EAC1B,4BAA4B,EAC5B,uBAAuB,EACvB,yBAAyB,EACzB,oBAAoB,EACpB,kBAAkB,EAClB,KAAK,yBAAyB,EAC9B,KAAK,2BAA2B,EAChC,KAAK,sBAAsB,GAC5B,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,KAAK,4BAA4B,EACjC,KAAK,2BAA2B,EAChC,KAAK,mBAAmB,GACzB,MAAM,wBAAwB,CAAC"}