npm - @motebit/crypto - Versions diffs - 1.1.0 → 1.2.1 - Mend

@motebit/crypto 1.1.0 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/artifacts.d.ts +1 -1
package/dist/credential-anchor.d.ts.map +1 -1
package/dist/deletion-certificate.d.ts +256 -0
package/dist/deletion-certificate.d.ts.map +1 -0
package/dist/index.d.ts +120 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +878 -13
package/dist/merkle.d.ts +34 -0
package/dist/merkle.d.ts.map +1 -0
package/dist/skills.d.ts +95 -0
package/dist/skills.d.ts.map +1 -0
package/dist/witness-omission-dispute.d.ts +98 -0
package/dist/witness-omission-dispute.d.ts.map +1 -0
package/package.json +2 -2

package/dist/index.js CHANGED Viewed

@@ -3747,6 +3747,135 @@ function isScopeNarrowed(parentScope, childScope) {
   return true;
 }
+// src/skills.ts
+var SKILL_SIGNATURE_SUITE = "motebit-jcs-ed25519-b64-v1";
+function signatureWithoutValue(sig) {
+  return { suite: sig.suite, public_key: sig.public_key };
+}
+function canonicalizeSkillManifestBytes(manifest, body) {
+  const motebitForCanonical = manifest.motebit.signature ? {
+    ...manifest.motebit,
+    signature: signatureWithoutValue(manifest.motebit.signature)
+  } : manifest.motebit;
+  const manifestForCanonical = { ...manifest, motebit: motebitForCanonical };
+  const canonical = canonicalJson(manifestForCanonical);
+  const manifestBytes = new TextEncoder().encode(canonical);
+  const out = new Uint8Array(manifestBytes.length + 1 + body.length);
+  out.set(manifestBytes, 0);
+  out[manifestBytes.length] = 10;
+  out.set(body, manifestBytes.length + 1);
+  return out;
+}
+function canonicalizeSkillEnvelopeBytes(envelope) {
+  const envelopeForCanonical = {
+    ...envelope,
+    signature: signatureWithoutValue(envelope.signature)
+  };
+  const canonical = canonicalJson(envelopeForCanonical);
+  return new TextEncoder().encode(canonical);
+}
+async function signSkillManifest(unsigned, privateKey, publicKey, body) {
+  const publicKeyHex = bytesToLowerHex(publicKey);
+  const unsignedWithSig = {
+    ...unsigned,
+    motebit: {
+      ...unsigned.motebit,
+      signature: {
+        suite: SKILL_SIGNATURE_SUITE,
+        public_key: publicKeyHex,
+        value: ""
+        // placeholder; stripped by canonicalize
+      }
+    }
+  };
+  const message = canonicalizeSkillManifestBytes(unsignedWithSig, body);
+  const sig = await signBySuite(SKILL_SIGNATURE_SUITE, message, privateKey);
+  return {
+    ...unsigned,
+    motebit: {
+      ...unsigned.motebit,
+      signature: {
+        suite: SKILL_SIGNATURE_SUITE,
+        public_key: publicKeyHex,
+        value: toBase64Url(sig)
+      }
+    }
+  };
+}
+async function signSkillEnvelope(unsigned, privateKey, publicKey) {
+  const publicKeyHex = bytesToLowerHex(publicKey);
+  const unsignedWithSig = {
+    ...unsigned,
+    signature: {
+      suite: SKILL_SIGNATURE_SUITE,
+      public_key: publicKeyHex,
+      value: ""
+      // placeholder; stripped by canonicalize
+    }
+  };
+  const message = canonicalizeSkillEnvelopeBytes(unsignedWithSig);
+  const sig = await signBySuite(SKILL_SIGNATURE_SUITE, message, privateKey);
+  return {
+    ...unsigned,
+    signature: {
+      suite: SKILL_SIGNATURE_SUITE,
+      public_key: publicKeyHex,
+      value: toBase64Url(sig)
+    }
+  };
+}
+async function verifySkillManifest(manifest, body, publicKey) {
+  return (await verifySkillManifestDetailed(manifest, body, publicKey)).valid;
+}
+async function verifySkillManifestDetailed(manifest, body, publicKey) {
+  const sig = manifest.motebit.signature;
+  if (!sig) return { valid: false, reason: "no_signature" };
+  if (sig.suite !== SKILL_SIGNATURE_SUITE) return { valid: false, reason: "wrong_suite" };
+  const publicKeyHex = bytesToLowerHex(publicKey);
+  if (sig.public_key.toLowerCase() !== publicKeyHex) {
+    return { valid: false, reason: "bad_public_key" };
+  }
+  let sigBytes;
+  try {
+    sigBytes = fromBase64Url(sig.value);
+  } catch {
+    return { valid: false, reason: "bad_signature_value" };
+  }
+  const message = canonicalizeSkillManifestBytes(manifest, body);
+  const valid = await verifyBySuite(SKILL_SIGNATURE_SUITE, message, sigBytes, publicKey);
+  return { valid, reason: valid ? "ok" : "ed25519_mismatch" };
+}
+async function verifySkillEnvelope(envelope, publicKey) {
+  return (await verifySkillEnvelopeDetailed(envelope, publicKey)).valid;
+}
+async function verifySkillEnvelopeDetailed(envelope, publicKey) {
+  const sig = envelope.signature;
+  if (sig.suite !== SKILL_SIGNATURE_SUITE) return { valid: false, reason: "wrong_suite" };
+  const publicKeyHex = bytesToLowerHex(publicKey);
+  if (sig.public_key.toLowerCase() !== publicKeyHex) {
+    return { valid: false, reason: "bad_public_key" };
+  }
+  let sigBytes;
+  try {
+    sigBytes = fromBase64Url(sig.value);
+  } catch {
+    return { valid: false, reason: "bad_signature_value" };
+  }
+  const message = canonicalizeSkillEnvelopeBytes(envelope);
+  const valid = await verifyBySuite(SKILL_SIGNATURE_SUITE, message, sigBytes, publicKey);
+  return { valid, reason: valid ? "ok" : "ed25519_mismatch" };
+}
+function bytesToLowerHex(bytes) {
+  let hex = "";
+  for (const b of bytes) {
+    hex += b.toString(16).padStart(2, "0");
+  }
+  return hex;
+}
+function decodeSkillSignaturePublicKey(sig) {
+  return hexToBytes4(sig.public_key);
+}
 // src/hardware-attestation.ts
 function verifyHardwareAttestationClaim(claim, expectedIdentityPublicKeyHex, verifiers, deviceCheckContext) {
   const platform = claim.platform;
@@ -4934,11 +5063,7 @@ async function createPresentation(credentials, privateKey, publicKey) {
   return signVerifiablePresentation(unsignedVP, privateKey, publicKey);
 }
-// src/credential-anchor.ts
-var CREDENTIAL_ANCHOR_SUITE = "motebit-jcs-ed25519-hex-v1";
-function toHex(bytes) {
-  return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
-}
+// src/merkle.ts
 function fromHex(hex) {
   const bytes = new Uint8Array(hex.length / 2);
   for (let i = 0; i < hex.length; i += 2) {
@@ -4946,19 +5071,22 @@ function fromHex(hex) {
   }
   return bytes;
 }
+function toHex(bytes) {
+  return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
 function concat(a, b) {
   const out = new Uint8Array(a.length + b.length);
   out.set(a);
   out.set(b, a.length);
   return out;
 }
-async function computeCredentialLeaf(credential) {
-  const canonical = canonicalJson(credential);
-  const hash2 = await sha2563(new TextEncoder().encode(canonical));
-  return toHex(hash2);
-}
 async function verifyMerkleInclusion(leaf, index, siblings, layerSizes, expectedRoot) {
-  let current = fromHex(leaf);
+  let current;
+  try {
+    current = fromHex(leaf);
+  } catch {
+    return false;
+  }
   let idx = index;
   let sibIdx = 0;
   for (const layerSize of layerSizes) {
@@ -4966,7 +5094,12 @@ async function verifyMerkleInclusion(leaf, index, siblings, layerSizes, expected
     const hasSibling = siblingPos >= 0 && siblingPos < layerSize;
     if (hasSibling) {
       if (sibIdx >= siblings.length) return false;
-      const siblingBytes = fromHex(siblings[sibIdx]);
+      let siblingBytes;
+      try {
+        siblingBytes = fromHex(siblings[sibIdx]);
+      } catch {
+        return false;
+      }
       const combined = idx % 2 === 0 ? concat(current, siblingBytes) : concat(siblingBytes, current);
       current = await sha2563(combined);
       sibIdx++;
@@ -4975,6 +5108,14 @@ async function verifyMerkleInclusion(leaf, index, siblings, layerSizes, expected
   }
   return toHex(current) === expectedRoot;
 }
+// src/credential-anchor.ts
+var CREDENTIAL_ANCHOR_SUITE = "motebit-jcs-ed25519-hex-v1";
+async function computeCredentialLeaf(credential) {
+  const canonical = canonicalJson(credential);
+  const hash2 = await sha2563(new TextEncoder().encode(canonical));
+  return bytesToHex3(hash2);
+}
 async function verifyCredentialAnchor(credential, anchorProof, chainVerifier) {
   const errors = [];
   const computedHash = await computeCredentialLeaf(credential);
@@ -5116,6 +5257,537 @@ async function verifyRevocationAnchor(proof, revocationPayload, chainVerifier) {
   };
 }
+// src/deletion-certificate.ts
+var DELETION_CERTIFICATE_SUITE = "motebit-jcs-ed25519-b64-v1";
+var WITNESS_OMISSION_DISPUTE_WINDOW_MS = 24 * 60 * 60 * 1e3;
+var EMPTY_FEDERATION_GRAPH_ANCHOR_ROOT = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+var REASON_TABLE = Object.freeze({
+  user_request: {
+    required: "subject",
+    optional: ["operator"],
+    forbidden: [],
+    modes: ["sovereign", "mediated", "enterprise"]
+  },
+  retention_enforcement: {
+    required: "operator",
+    optional: ["subject"],
+    forbidden: [],
+    modes: ["mediated", "enterprise"]
+  },
+  retention_enforcement_post_classification: {
+    required: "operator",
+    optional: ["subject"],
+    forbidden: [],
+    modes: ["mediated", "enterprise"]
+  },
+  operator_request: {
+    required: "operator",
+    optional: [],
+    forbidden: ["subject"],
+    modes: ["mediated", "enterprise"]
+  },
+  delegated_request: {
+    required: "delegate",
+    optional: ["operator"],
+    forbidden: [],
+    modes: ["mediated", "enterprise"]
+  },
+  self_enforcement: {
+    required: "subject",
+    optional: [],
+    forbidden: ["operator"],
+    // Admitted in every mode: the subject's runtime can drive its own
+    // retention policy whether or not an operator exists. The
+    // distinction from `retention_enforcement` is who signs — subject
+    // for self_enforcement, operator for retention_enforcement.
+    modes: ["sovereign", "mediated", "enterprise"]
+  },
+  guardian_request: {
+    required: "guardian",
+    optional: ["operator"],
+    forbidden: [],
+    modes: ["enterprise"]
+  }
+});
+function canonicalizeMultiSignatureCert(cert) {
+  const { subject_signature, operator_signature, delegate_signature, guardian_signature, ...body } = cert;
+  void subject_signature;
+  void operator_signature;
+  void delegate_signature;
+  void guardian_signature;
+  return new TextEncoder().encode(canonicalJson(body));
+}
+function canonicalizeHorizonCert(cert) {
+  const { signature, ...body } = cert;
+  void signature;
+  return new TextEncoder().encode(canonicalJson(body));
+}
+function canonicalizeHorizonCertForWitness(cert) {
+  const { signature, witnessed_by, ...body } = cert;
+  void signature;
+  void witnessed_by;
+  return new TextEncoder().encode(canonicalJson(body));
+}
+async function signCertAsSubject(cert, motebitId, privateKey) {
+  const bytes = canonicalizeMultiSignatureCert(cert);
+  const sig = await signBySuite(DELETION_CERTIFICATE_SUITE, bytes, privateKey);
+  return {
+    ...cert,
+    subject_signature: {
+      motebit_id: motebitId,
+      suite: DELETION_CERTIFICATE_SUITE,
+      signature: toBase64Url(sig)
+    }
+  };
+}
+async function signCertAsOperator(cert, operatorId, privateKey) {
+  const bytes = canonicalizeMultiSignatureCert(cert);
+  const sig = await signBySuite(DELETION_CERTIFICATE_SUITE, bytes, privateKey);
+  return {
+    ...cert,
+    operator_signature: {
+      operator_id: operatorId,
+      suite: DELETION_CERTIFICATE_SUITE,
+      signature: toBase64Url(sig)
+    }
+  };
+}
+async function signCertAsDelegate(cert, delegateMotebitId, delegationReceiptId, privateKey) {
+  const bytes = canonicalizeMultiSignatureCert(cert);
+  const sig = await signBySuite(DELETION_CERTIFICATE_SUITE, bytes, privateKey);
+  return {
+    ...cert,
+    delegate_signature: {
+      motebit_id: delegateMotebitId,
+      delegation_receipt_id: delegationReceiptId,
+      suite: DELETION_CERTIFICATE_SUITE,
+      signature: toBase64Url(sig)
+    }
+  };
+}
+async function signCertAsGuardian(cert, guardianPublicKey, privateKey) {
+  const bytes = canonicalizeMultiSignatureCert(cert);
+  const sig = await signBySuite(DELETION_CERTIFICATE_SUITE, bytes, privateKey);
+  return {
+    ...cert,
+    guardian_signature: {
+      guardian_public_key: bytesToHex3(guardianPublicKey),
+      suite: DELETION_CERTIFICATE_SUITE,
+      signature: toBase64Url(sig)
+    }
+  };
+}
+async function signHorizonCertAsIssuer(cert, privateKey) {
+  const withSuite = { ...cert, suite: DELETION_CERTIFICATE_SUITE, signature: "" };
+  const bytes = canonicalizeHorizonCert(withSuite);
+  const sig = await signBySuite(DELETION_CERTIFICATE_SUITE, bytes, privateKey);
+  return { ...withSuite, signature: toBase64Url(sig) };
+}
+async function signHorizonWitness(cert, witnessMotebitId, privateKey, inclusionProof) {
+  const bytes = canonicalizeHorizonCertForWitness(cert);
+  const sig = await signBySuite(DELETION_CERTIFICATE_SUITE, bytes, privateKey);
+  const witness = {
+    motebit_id: witnessMotebitId,
+    signature: toBase64Url(sig),
+    ...inclusionProof !== void 0 ? { inclusion_proof: inclusionProof } : {}
+  };
+  return witness;
+}
+function canonicalizeHorizonWitnessRequestBody(body) {
+  return canonicalizeHorizonCertForWitness({
+    ...body,
+    witnessed_by: [],
+    signature: ""
+  });
+}
+async function signHorizonWitnessRequestBody(body, privateKey) {
+  const bytes = canonicalizeHorizonWitnessRequestBody(body);
+  const sig = await signBySuite(DELETION_CERTIFICATE_SUITE, bytes, privateKey);
+  return toBase64Url(sig);
+}
+async function verifyHorizonWitnessRequestSignature(body, signatureBase64Url, issuerPublicKey) {
+  let sigBytes;
+  try {
+    sigBytes = fromBase64Url(signatureBase64Url);
+  } catch {
+    return false;
+  }
+  if (sigBytes.length === 0) return false;
+  const bytes = canonicalizeHorizonWitnessRequestBody(body);
+  return verifyBySuite(DELETION_CERTIFICATE_SUITE, bytes, sigBytes, issuerPublicKey);
+}
+async function verifyDeletionCertificate(cert, ctx) {
+  switch (cert.kind) {
+    case "mutable_pruning":
+    case "consolidation_flush":
+      return verifyMultiSignatureCert(cert, ctx);
+    case "append_only_horizon":
+      return verifyHorizonCert(cert, ctx);
+  }
+}
+async function verifyMultiSignatureCert(cert, ctx) {
+  const errors = [];
+  const rule = REASON_TABLE[cert.reason];
+  if (rule === void 0) {
+    return failResult(`unknown reason: ${cert.reason}`);
+  }
+  if (ctx.deploymentMode !== void 0 && !rule.modes.includes(ctx.deploymentMode)) {
+    errors.push(`reason "${cert.reason}" not admitted in deployment mode "${ctx.deploymentMode}"`);
+  }
+  const present = {
+    subject: cert.subject_signature !== void 0,
+    operator: cert.operator_signature !== void 0,
+    delegate: cert.delegate_signature !== void 0,
+    guardian: cert.guardian_signature !== void 0
+  };
+  if (!present[rule.required]) {
+    errors.push(`reason "${cert.reason}" requires ${rule.required}_signature, not present`);
+  }
+  for (const f of rule.forbidden) {
+    if (present[f]) {
+      errors.push(`reason "${cert.reason}" forbids ${f}_signature, present`);
+    }
+  }
+  const bytes = canonicalizeMultiSignatureCert(cert);
+  let subjectValid = null;
+  if (cert.subject_signature !== void 0) {
+    subjectValid = await verifyOneSignature(
+      bytes,
+      cert.subject_signature.signature,
+      cert.subject_signature.suite,
+      await ctx.resolveMotebitPublicKey(cert.subject_signature.motebit_id)
+    );
+    if (!subjectValid) errors.push("subject_signature invalid");
+  }
+  let operatorValid = null;
+  if (cert.operator_signature !== void 0) {
+    operatorValid = await verifyOneSignature(
+      bytes,
+      cert.operator_signature.signature,
+      cert.operator_signature.suite,
+      await ctx.resolveOperatorPublicKey(cert.operator_signature.operator_id)
+    );
+    if (!operatorValid) errors.push("operator_signature invalid");
+  }
+  let delegateValid = null;
+  if (cert.delegate_signature !== void 0) {
+    delegateValid = await verifyOneSignature(
+      bytes,
+      cert.delegate_signature.signature,
+      cert.delegate_signature.suite,
+      await ctx.resolveMotebitPublicKey(cert.delegate_signature.motebit_id)
+    );
+    if (!delegateValid) errors.push("delegate_signature invalid");
+  }
+  let guardianValid = null;
+  if (cert.guardian_signature !== void 0) {
+    let guardianKey;
+    try {
+      guardianKey = hexToBytes4(cert.guardian_signature.guardian_public_key);
+    } catch {
+      guardianKey = null;
+      errors.push("guardian_public_key not valid hex");
+    }
+    if (ctx.validateGuardianBinding !== void 0) {
+      const subjectMotebitId = cert.subject_signature !== void 0 ? cert.subject_signature.motebit_id : void 0;
+      const ok = await ctx.validateGuardianBinding(
+        subjectMotebitId,
+        cert.guardian_signature.guardian_public_key
+      );
+      if (!ok) errors.push("guardian_public_key not bound to subject motebit");
+    }
+    guardianValid = await verifyOneSignature(
+      bytes,
+      cert.guardian_signature.signature,
+      cert.guardian_signature.suite,
+      guardianKey
+    );
+    if (!guardianValid) errors.push("guardian_signature invalid");
+  }
+  return {
+    valid: errors.length === 0,
+    errors,
+    steps: {
+      reason_table_satisfied: errors.length === 0,
+      subject_signature_valid: subjectValid,
+      operator_signature_valid: operatorValid,
+      delegate_signature_valid: delegateValid,
+      guardian_signature_valid: guardianValid,
+      horizon_issuer_signature_valid: null,
+      horizon_witnesses_valid_count: null,
+      horizon_witnesses_present_count: null
+    }
+  };
+}
+async function verifyHorizonCert(cert, ctx) {
+  const errors = [];
+  const anchor = cert.federation_graph_anchor;
+  if (anchor !== void 0) {
+    if (anchor.leaf_count === 0 && anchor.merkle_root !== EMPTY_FEDERATION_GRAPH_ANCHOR_ROOT) {
+      errors.push("federation_graph_anchor.leaf_count=0 requires the empty-tree merkle_root");
+    }
+    if (anchor.leaf_count < 0 || !Number.isInteger(anchor.leaf_count)) {
+      errors.push("federation_graph_anchor.leaf_count must be a non-negative integer");
+    }
+  }
+  const issuerBytes = canonicalizeHorizonCert(cert);
+  const witnessBytes = canonicalizeHorizonCertForWitness(cert);
+  const issuerKey = cert.subject.kind === "motebit" ? await ctx.resolveMotebitPublicKey(cert.subject.motebit_id) : await ctx.resolveOperatorPublicKey(cert.subject.operator_id);
+  const issuerValid = await verifyOneSignature(issuerBytes, cert.signature, cert.suite, issuerKey);
+  if (!issuerValid) errors.push("horizon issuer signature invalid");
+  let witnessesValid = 0;
+  for (const w of cert.witnessed_by) {
+    const key = await ctx.resolveMotebitPublicKey(w.motebit_id);
+    const ok = await verifyOneSignature(witnessBytes, w.signature, cert.suite, key);
+    if (ok) witnessesValid++;
+    else errors.push(`witness ${w.motebit_id} signature invalid`);
+  }
+  return {
+    valid: errors.length === 0,
+    errors,
+    steps: {
+      reason_table_satisfied: true,
+      subject_signature_valid: null,
+      operator_signature_valid: null,
+      delegate_signature_valid: null,
+      guardian_signature_valid: null,
+      horizon_issuer_signature_valid: issuerValid,
+      horizon_witnesses_valid_count: witnessesValid,
+      horizon_witnesses_present_count: cert.witnessed_by.length
+    }
+  };
+}
+async function verifyOneSignature(canonicalBytes, signatureBase64Url, suite, publicKey) {
+  if (publicKey === null) return false;
+  let sigBytes;
+  try {
+    sigBytes = fromBase64Url(signatureBase64Url);
+  } catch {
+    return false;
+  }
+  return verifyBySuite(suite, canonicalBytes, sigBytes, publicKey);
+}
+function failResult(message) {
+  return {
+    valid: false,
+    errors: [message],
+    steps: {
+      reason_table_satisfied: false,
+      subject_signature_valid: null,
+      operator_signature_valid: null,
+      delegate_signature_valid: null,
+      guardian_signature_valid: null,
+      horizon_issuer_signature_valid: null,
+      horizon_witnesses_valid_count: null,
+      horizon_witnesses_present_count: null
+    }
+  };
+}
+async function verifyRetentionManifest(manifest, operatorPublicKey) {
+  const errors = [];
+  if (manifest.spec !== "motebit/retention-manifest@1") {
+    errors.push(`unexpected spec: ${String(manifest.spec)}`);
+  }
+  if (manifest.suite !== "motebit-jcs-ed25519-hex-v1") {
+    errors.push(`unexpected suite: ${manifest.suite}`);
+  }
+  if (errors.length > 0) {
+    return { valid: false, errors, manifest: null };
+  }
+  const { signature, ...body } = manifest;
+  const canonical = canonicalJson(body);
+  const canonicalBytes = new TextEncoder().encode(canonical);
+  let signatureBytes;
+  try {
+    if (signature.length !== 128 || !/^[0-9a-f]+$/i.test(signature)) {
+      errors.push("signature is not 128-char hex");
+      return { valid: false, errors, manifest: null };
+    }
+    const out = new Uint8Array(64);
+    for (let i = 0; i < 64; i++) {
+      out[i] = parseInt(signature.slice(i * 2, i * 2 + 2), 16);
+    }
+    signatureBytes = out;
+  } catch {
+    errors.push("signature decode failed");
+    return { valid: false, errors, manifest: null };
+  }
+  const ok = await verifyBySuite(
+    "motebit-jcs-ed25519-hex-v1",
+    canonicalBytes,
+    signatureBytes,
+    operatorPublicKey
+  );
+  if (!ok) {
+    errors.push("manifest signature does not verify against operator_public_key");
+    return { valid: false, errors, manifest: null };
+  }
+  return { valid: true, errors: [], manifest };
+}
+// src/witness-omission-dispute.ts
+var WITNESS_OMISSION_DISPUTE_SUITE = "motebit-jcs-ed25519-b64-v1";
+var FEDERATION_HEARTBEAT_SUITE = "motebit-concat-ed25519-hex-v1";
+var HEARTBEAT_FRESHNESS_WINDOW_MS = 5 * 60 * 1e3;
+function canonicalizeWitnessOmissionDispute(dispute) {
+  const { signature, ...body } = dispute;
+  void signature;
+  return new TextEncoder().encode(canonicalJson(body));
+}
+async function signWitnessOmissionDispute(body, privateKey) {
+  const withSuite = {
+    ...body,
+    suite: WITNESS_OMISSION_DISPUTE_SUITE,
+    signature: ""
+  };
+  const bytes = canonicalizeWitnessOmissionDispute(withSuite);
+  const sig = await signBySuite(WITNESS_OMISSION_DISPUTE_SUITE, bytes, privateKey);
+  return { ...withSuite, signature: toBase64Url(sig) };
+}
+async function verifyWitnessOmissionDispute(dispute, ctx) {
+  const errors = [];
+  const { cert } = ctx;
+  const windowEnd = cert.issued_at + WITNESS_OMISSION_DISPUTE_WINDOW_MS;
+  const wallClockOpen = ctx.now <= windowEnd;
+  const filedAtInRange = dispute.filed_at >= cert.issued_at && dispute.filed_at <= windowEnd;
+  const windowOpen = wallClockOpen && filedAtInRange;
+  if (!wallClockOpen) {
+    errors.push(
+      `dispute window expired: now (${ctx.now}) > cert.issued_at + ${WITNESS_OMISSION_DISPUTE_WINDOW_MS}ms`
+    );
+  }
+  if (!filedAtInRange) {
+    errors.push(
+      "dispute.filed_at outside [cert.issued_at, cert.issued_at + WINDOW] \u2014 disputant-attested clock cannot widen window"
+    );
+  }
+  let certBindingValid = true;
+  if (dispute.cert_signature !== cert.signature) {
+    errors.push("dispute.cert_signature does not match cert.signature");
+    certBindingValid = false;
+  }
+  const certSubjectId = cert.subject.kind === "motebit" ? cert.subject.motebit_id : cert.subject.operator_id;
+  if (dispute.cert_issuer !== certSubjectId) {
+    errors.push(
+      `dispute.cert_issuer (${dispute.cert_issuer}) does not match cert subject (${certSubjectId})`
+    );
+    certBindingValid = false;
+  }
+  let disputantSignatureValid = false;
+  if (ctx.disputantPublicKey === null) {
+    errors.push("disputant public key not resolvable");
+  } else if (dispute.suite !== WITNESS_OMISSION_DISPUTE_SUITE) {
+    errors.push(`unexpected suite: ${String(dispute.suite)}`);
+  } else {
+    const bytes = canonicalizeWitnessOmissionDispute(dispute);
+    let sigBytes;
+    try {
+      sigBytes = fromBase64Url(dispute.signature);
+    } catch {
+      sigBytes = new Uint8Array(0);
+    }
+    if (sigBytes.length === 0) {
+      errors.push("dispute.signature decode failed");
+    } else {
+      disputantSignatureValid = await verifyBySuite(
+        dispute.suite,
+        bytes,
+        sigBytes,
+        ctx.disputantPublicKey
+      );
+      if (!disputantSignatureValid) errors.push("dispute.signature does not verify");
+    }
+  }
+  if (!windowOpen || !certBindingValid || !disputantSignatureValid) {
+    return {
+      valid: false,
+      errors,
+      steps: {
+        window_open: windowOpen,
+        cert_binding_valid: certBindingValid,
+        disputant_signature_valid: disputantSignatureValid,
+        evidence_valid: null
+      }
+    };
+  }
+  const evidenceValid = await verifyEvidence(dispute.evidence, cert, ctx, errors);
+  return {
+    valid: errors.length === 0,
+    errors,
+    steps: {
+      window_open: windowOpen,
+      cert_binding_valid: certBindingValid,
+      disputant_signature_valid: disputantSignatureValid,
+      evidence_valid: evidenceValid
+    }
+  };
+}
+async function verifyEvidence(evidence, cert, ctx, errors) {
+  if (evidence.kind === "inclusion_proof") {
+    const anchor = cert.federation_graph_anchor;
+    if (anchor === void 0) {
+      errors.push("inclusion_proof evidence requires cert.federation_graph_anchor \u2014 none present");
+      return false;
+    }
+    if (anchor.leaf_count === 0) {
+      errors.push(
+        "inclusion_proof evidence rejected: cert is self-witnessed (anchor.leaf_count=0)"
+      );
+      return false;
+    }
+    const ok = await verifyMerkleInclusion(
+      evidence.leaf_hash,
+      evidence.proof.leaf_index,
+      evidence.proof.siblings,
+      evidence.proof.layer_sizes,
+      anchor.merkle_root
+    );
+    if (!ok) errors.push("inclusion proof does not reconstruct to anchor.merkle_root");
+    return ok;
+  }
+  return verifyAlternativePeeringArtifact(evidence.peering_artifact, cert, ctx, errors);
+}
+async function verifyAlternativePeeringArtifact(artifact, cert, ctx, errors) {
+  const relayId = artifact["relay_id"];
+  const timestamp = artifact["timestamp"];
+  const signatureHex = artifact["signature"];
+  if (typeof relayId !== "string" || typeof timestamp !== "number" || typeof signatureHex !== "string") {
+    errors.push(
+      "alternative_peering artifact unrecognized \u2014 expected federation Heartbeat shape (relay_id, timestamp, signature)"
+    );
+    return false;
+  }
+  const certSubjectId = cert.subject.kind === "motebit" ? cert.subject.motebit_id : cert.subject.operator_id;
+  if (relayId !== certSubjectId) {
+    errors.push(
+      `peering artifact relay_id (${relayId}) does not match cert issuer (${certSubjectId})`
+    );
+    return false;
+  }
+  if (Math.abs(timestamp - cert.horizon_ts) > HEARTBEAT_FRESHNESS_WINDOW_MS) {
+    errors.push(
+      `peering artifact timestamp (${timestamp}) outside \xB1${HEARTBEAT_FRESHNESS_WINDOW_MS}ms of cert.horizon_ts (${cert.horizon_ts})`
+    );
+    return false;
+  }
+  let sigBytes;
+  try {
+    sigBytes = hexToBytes4(signatureHex);
+  } catch {
+    errors.push("peering artifact signature is not valid hex");
+    return false;
+  }
+  const payload = new TextEncoder().encode(`${relayId}|${timestamp}|${FEDERATION_HEARTBEAT_SUITE}`);
+  const ok = await verifyBySuite(
+    FEDERATION_HEARTBEAT_SUITE,
+    payload,
+    sigBytes,
+    ctx.issuerPublicKey
+  );
+  if (!ok) errors.push("peering artifact signature does not verify against cert issuer pubkey");
+  return ok;
+}
 // src/index.ts
 function parseYamlValue(raw) {
   const trimmed = raw.trim();
@@ -5314,6 +5986,11 @@ async function sha2564(data) {
   const buf = await crypto.subtle.digest("SHA-256", data);
   return new Uint8Array(buf);
 }
+function bytesToLowerHex2(bytes) {
+  let out = "";
+  for (const b of bytes) out += b.toString(16).padStart(2, "0");
+  return out;
+}
 var IDENTITY_FILE_SUITE = "motebit-jcs-ed25519-hex-v1";
 var SIG_PREFIX = `<!-- motebit:sig:${IDENTITY_FILE_SUITE}:`;
 var SIG_SUFFIX = " -->";
@@ -5340,6 +6017,9 @@ function detectArtifactType(artifact) {
   if ("task_id" in obj && "motebit_id" in obj && "signature" in obj && "prompt_hash" in obj) {
     return "receipt";
   }
+  if ("spec_version" in obj && "skill" in obj && "manifest" in obj && "body_hash" in obj && "signature" in obj) {
+    return "skill";
+  }
   return null;
 }
 function parse(content) {
@@ -5695,6 +6375,134 @@ async function verifyDataIntegrity(document, proof) {
   }
   return verifyBySuite("eddsa-jcs-2022", combined, signature, publicKey);
 }
+async function verifySkillBundle(input) {
+  const { envelope, body, files = {} } = input;
+  let publicKey;
+  try {
+    publicKey = decodeSkillSignaturePublicKey(envelope.signature);
+  } catch (err2) {
+    const msg = err2 instanceof Error ? err2.message : String(err2);
+    return {
+      type: "skill",
+      valid: false,
+      envelope,
+      skill: `${envelope.skill.name}@${envelope.skill.version}`,
+      steps: {
+        envelope: { valid: false, reason: "bad_public_key" },
+        body_hash: null,
+        files: []
+      },
+      errors: [{ message: `public key decode failed: ${msg}`, path: "signature.public_key" }]
+    };
+  }
+  const sigDetail = await verifySkillEnvelopeDetailed(envelope, publicKey);
+  const envelopeStep = { valid: sigDetail.valid, reason: sigDetail.reason };
+  const bodyHashActual = bytesToLowerHex2(await sha2564(body));
+  const bodyHashStep = {
+    valid: bodyHashActual === envelope.body_hash.toLowerCase(),
+    expected: envelope.body_hash,
+    actual: bodyHashActual
+  };
+  const fileSteps = [];
+  for (const entry of envelope.files) {
+    const fileBytes = files[entry.path];
+    if (fileBytes === void 0) {
+      fileSteps.push({
+        path: entry.path,
+        valid: false,
+        expected: entry.hash,
+        actual: null,
+        reason: "missing"
+      });
+      continue;
+    }
+    const actual = bytesToLowerHex2(await sha2564(fileBytes));
+    fileSteps.push({
+      path: entry.path,
+      valid: actual === entry.hash.toLowerCase(),
+      expected: entry.hash,
+      actual,
+      reason: actual === entry.hash.toLowerCase() ? "ok" : "hash_mismatch"
+    });
+  }
+  const filesAllOk = fileSteps.every((f) => f.valid);
+  const valid = envelopeStep.valid && bodyHashStep.valid && filesAllOk;
+  const errors = [];
+  if (!envelopeStep.valid) {
+    errors.push({
+      message: `envelope signature verification failed (${envelopeStep.reason})`,
+      path: "signature"
+    });
+  }
+  if (!bodyHashStep.valid) {
+    errors.push({
+      message: `body_hash mismatch \u2014 expected ${bodyHashStep.expected}, got ${bodyHashStep.actual}`,
+      path: "body_hash"
+    });
+  }
+  for (const f of fileSteps) {
+    if (!f.valid) {
+      errors.push({
+        message: f.reason === "missing" ? `file declared in envelope.files[] but not provided in bundle: ${f.path}` : `file hash mismatch for ${f.path} \u2014 expected ${f.expected}, got ${f.actual ?? "<missing>"}`,
+        path: `files[${f.path}]`
+      });
+    }
+  }
+  return {
+    type: "skill",
+    valid,
+    envelope,
+    skill: `${envelope.skill.name}@${envelope.skill.version}`,
+    signer: envelope.signature.public_key,
+    steps: { envelope: envelopeStep, body_hash: bodyHashStep, files: fileSteps },
+    ...errors.length > 0 ? { errors } : {}
+  };
+}
+async function verifySkillEnvelopeArtifact(envelope) {
+  let publicKey;
+  try {
+    publicKey = decodeSkillSignaturePublicKey(envelope.signature);
+  } catch (err2) {
+    const msg = err2 instanceof Error ? err2.message : String(err2);
+    return {
+      type: "skill",
+      valid: false,
+      envelope,
+      skill: `${envelope.skill.name}@${envelope.skill.version}`,
+      steps: {
+        envelope: { valid: false, reason: "bad_public_key" },
+        body_hash: null,
+        files: []
+      },
+      errors: [{ message: `public key decode failed: ${msg}`, path: "signature.public_key" }]
+    };
+  }
+  const detail = await verifySkillEnvelopeDetailed(envelope, publicKey);
+  const errors = [];
+  if (!detail.valid) {
+    errors.push({
+      message: `envelope signature verification failed (${detail.reason})`,
+      path: "signature"
+    });
+  }
+  errors.push({
+    message: "body_hash and files[] cross-check were not attempted \u2014 verifying a bare envelope JSON only checks the envelope signature. Use `verifySkillDirectory` from @motebit/verifier (or `motebit-verify <skill-directory>`) for full verification.",
+    path: "body_hash"
+  });
+  return {
+    type: "skill",
+    valid: false,
+    envelope,
+    skill: `${envelope.skill.name}@${envelope.skill.version}`,
+    signer: envelope.signature.public_key,
+    steps: {
+      envelope: { valid: detail.valid, reason: detail.reason },
+      body_hash: null,
+      files: []
+    },
+    errors
+  };
+}
 var DEFAULT_CLOCK_SKEW_SECONDS = 60;
 async function verifyCredential(vc, clockSkewSeconds = DEFAULT_CLOCK_SKEW_SECONDS, hardwareAttestationVerifiers) {
   const errors = [];
@@ -5781,6 +6589,14 @@ async function verify(artifact, options) {
       ...fallbackType === "receipt" ? { receipt: null } : {},
       ...fallbackType === "credential" ? { credential: null } : {},
       ...fallbackType === "presentation" ? { presentation: null } : {},
+      ...fallbackType === "skill" ? {
+        envelope: null,
+        steps: {
+          envelope: { valid: false, reason: "wrong_suite" },
+          body_hash: null,
+          files: []
+        }
+      } : {},
       errors: [{ message: "Unrecognized artifact format" }]
     };
   }
@@ -5792,6 +6608,14 @@ async function verify(artifact, options) {
       ...detected === "receipt" ? { receipt: null } : {},
       ...detected === "credential" ? { credential: null } : {},
       ...detected === "presentation" ? { presentation: null } : {},
+      ...detected === "skill" ? {
+        envelope: null,
+        steps: {
+          envelope: { valid: false, reason: "wrong_suite" },
+          body_hash: null,
+          files: []
+        }
+      } : {},
       errors: [{ message: `Expected type "${options.expectedType}" but detected "${detected}"` }]
     };
   }
@@ -5806,6 +6630,14 @@ async function verify(artifact, options) {
         ...detected === "receipt" ? { receipt: null } : {},
         ...detected === "credential" ? { credential: null } : {},
         ...detected === "presentation" ? { presentation: null } : {},
+        ...detected === "skill" ? {
+          envelope: null,
+          steps: {
+            envelope: { valid: false, reason: "wrong_suite" },
+            body_hash: null,
+            files: []
+          }
+        } : {},
         errors: [{ message: "Failed to parse JSON" }]
       };
     }
@@ -5827,6 +6659,8 @@ async function verify(artifact, options) {
         options?.clockSkewSeconds,
         options?.hardwareAttestation
       );
+    case "skill":
+      return verifySkillEnvelopeArtifact(resolved);
   }
 }
 async function verifyIdentityFile(content) {
@@ -5845,6 +6679,7 @@ export {
   COLLABORATIVE_RECEIPT_SUITE,
   CONSOLIDATION_RECEIPT_SUITE,
   DELEGATION_TOKEN_SUITE,
+  DELETION_CERTIFICATE_SUITE,
   DEVICE_REGISTRATION_MAX_AGE_MS,
   DEVICE_REGISTRATION_SUITE,
   DISPUTE_APPEAL_SUITE,
@@ -5856,16 +6691,26 @@ export {
   KEY_SUCCESSION_SUITE,
   SETTLEMENT_RECORD_SUITE,
   SIGNED_TOKEN_SUITE,
+  SKILL_SIGNATURE_SUITE,
   TOOL_INVOCATION_RECEIPT_SUITE,
+  WITNESS_OMISSION_DISPUTE_WINDOW_MS,
   base58btcDecode,
   base58btcEncode,
   bytesToHex3 as bytesToHex,
   canonicalJson,
   canonicalSecureEnclaveBodyForTest,
   canonicalSha256,
+  canonicalizeHorizonCert,
+  canonicalizeHorizonCertForWitness,
+  canonicalizeHorizonWitnessRequestBody,
+  canonicalizeMultiSignatureCert,
+  canonicalizeSkillEnvelopeBytes,
+  canonicalizeSkillManifestBytes,
+  canonicalizeWitnessOmissionDispute,
   computeCredentialLeaf,
   createPresentation,
   createSignedToken,
+  decodeSkillSignaturePublicKey,
   didKeyToPublicKey,
   ed25519Sign,
   ed25519Verify,
@@ -5890,6 +6735,10 @@ export {
   signAdjudicatorVote,
   signBalanceWaiver,
   signBySuite,
+  signCertAsDelegate,
+  signCertAsGuardian,
+  signCertAsOperator,
+  signCertAsSubject,
   signCollaborativeReceipt,
   signConsolidationReceipt,
   signDelegation,
@@ -5901,12 +6750,18 @@ export {
   signExecutionReceipt,
   signGuardianRecoverySuccession,
   signGuardianRevocation,
+  signHorizonCertAsIssuer,
+  signHorizonWitness,
+  signHorizonWitnessRequestBody,
   signKeySuccession,
   signSettlement,
+  signSkillEnvelope,
+  signSkillManifest,
   signSovereignPaymentReceipt,
   signToolInvocationReceipt,
   signVerifiableCredential,
   signVerifiablePresentation,
+  signWitnessOmissionDispute,
   toBase64Url,
   verify,
   verifyAdjudicatorVote,
@@ -5917,6 +6772,7 @@ export {
   verifyCredentialAnchor,
   verifyDelegation,
   verifyDelegationChain,
+  verifyDeletionCertificate,
   verifyDeviceRegistration,
   verifyDisputeAppeal,
   verifyDisputeEvidence,
@@ -5926,17 +6782,26 @@ export {
   verifyExecutionReceiptDetailed,
   verifyGuardianRevocation,
   verifyHardwareAttestationClaim,
+  verifyHorizonWitnessRequestSignature,
   verifyIdentityFile,
   verifyKeySuccession,
+  verifyMerkleInclusion,
   verifyReceiptChain,
   verifyReceiptSequence,
+  verifyRetentionManifest,
   verifyRevocationAnchor,
   verifySettlement,
   verifySignedToken,
+  verifySkillBundle,
+  verifySkillEnvelope,
+  verifySkillEnvelopeDetailed,
+  verifySkillManifest,
+  verifySkillManifestDetailed,
   verifySuccessionChain,
   verifyToolInvocationReceipt,
   verifyVerifiableCredential,
-  verifyVerifiablePresentation
+  verifyVerifiablePresentation,
+  verifyWitnessOmissionDispute
 };
 /*! Bundled license information: