@motebit/crypto 1.2.0 → 1.3.0

package/dist/signing.js

@@ -1,314 +0,0 @@
-/**
- * Protocol signing primitives — Ed25519, encoding, canonical JSON, signed tokens.
- *
- * These are the cryptographic building blocks that any protocol participant
- * needs to produce valid Motebit artifacts. Moved from BSL @motebit/encryption
- * to the permissive floor in @motebit/crypto (Apache-2.0) so the protocol's
- * signing format is open.
- *
- * Zero monorepo dependencies — only @noble/ed25519 for cryptography.
- */
-import * as ed from "@noble/ed25519";
-import { sha512 } from "@noble/hashes/sha512";
-// @noble/ed25519 v3 requires explicit SHA-512 binding
-if (!ed.hashes.sha512) {
-    ed.hashes.sha512 = (msg) => sha512(msg);
-}
-/** The one suite this token shape uses. Exported as a const so the
- * signer emits exactly this value and the verifier checks for exactly
- * this value — no string drift risk.
- */
-export const SIGNED_TOKEN_SUITE = "motebit-jwt-ed25519-v1";
-// === Canonical JSON (JCS/RFC 8785) ===
-/**
- * Deterministic JSON serialization with sorted keys (recursive).
- * Produces identical output regardless of insertion order.
- *
- * Used by every signed-payload helper: execution receipts, identity files,
- * succession records, settlement leaves, etc. Two structurally-equal payloads
- * always produce identical bytes here, which is what makes the Ed25519
- * signatures verifiable.
- */
-export function canonicalJson(obj) {
-    if (obj === null || obj === undefined)
-        return JSON.stringify(obj);
-    if (typeof obj !== "object")
-        return JSON.stringify(obj);
-    if (Array.isArray(obj)) {
-        return "[" + obj.map((item) => canonicalJson(item)).join(",") + "]";
-    }
-    const sorted = Object.keys(obj).sort();
-    const entries = [];
-    for (const key of sorted) {
-        const val = obj[key];
-        if (val === undefined)
-            continue;
-        entries.push(JSON.stringify(key) + ":" + canonicalJson(val));
-    }
-    return "{" + entries.join(",") + "}";
-}
-// === Encoding Helpers ===
-export function bytesToHex(bytes) {
-    return Array.from(bytes)
-        .map((b) => b.toString(16).padStart(2, "0"))
-        .join("");
-}
-export function hexToBytes(hex) {
-    const bytes = new Uint8Array(hex.length / 2);
-    for (let i = 0; i < hex.length; i += 2) {
-        bytes[i / 2] = parseInt(hex.slice(i, i + 2), 16);
-    }
-    return bytes;
-}
-export function toBase64Url(data) {
-    let binary = "";
-    for (let i = 0; i < data.length; i++) {
-        binary += String.fromCharCode(data[i]);
-    }
-    return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}
-export function fromBase64Url(str) {
-    const padded = str.replace(/-/g, "+").replace(/_/g, "/");
-    const binary = atob(padded);
-    const bytes = new Uint8Array(binary.length);
-    for (let i = 0; i < binary.length; i++) {
-        bytes[i] = binary.charCodeAt(i);
-    }
-    return bytes;
-}
-// === Base58btc ===
-const BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
-export function base58btcEncode(bytes) {
-    let zeros = 0;
-    while (zeros < bytes.length && bytes[zeros] === 0)
-        zeros++;
-    let value = 0n;
-    for (let i = 0; i < bytes.length; i++) {
-        value = value * 256n + BigInt(bytes[i]);
-    }
-    let result = "";
-    while (value > 0n) {
-        const remainder = Number(value % 58n);
-        value = value / 58n;
-        result = BASE58_ALPHABET[remainder] + result;
-    }
-    return BASE58_ALPHABET[0].repeat(zeros) + result;
-}
-export function base58btcDecode(str) {
-    let zeros = 0;
-    while (zeros < str.length && str[zeros] === BASE58_ALPHABET[0])
-        zeros++;
-    let value = 0n;
-    for (let i = 0; i < str.length; i++) {
-        const idx = BASE58_ALPHABET.indexOf(str[i]);
-        if (idx === -1)
-            throw new Error(`Invalid base58 character: ${str[i]}`);
-        value = value * 58n + BigInt(idx);
-    }
-    const hex = [];
-    while (value > 0n) {
-        const byte = Number(value & 0xffn);
-        hex.unshift(byte.toString(16).padStart(2, "0"));
-        value >>= 8n;
-    }
-    const dataBytes = hex.length > 0 ? new Uint8Array(hex.map((h) => parseInt(h, 16))) : new Uint8Array(0);
-    const result = new Uint8Array(zeros + dataBytes.length);
-    result.set(dataBytes, zeros);
-    return result;
-}
-// === did:key (W3C Decentralized Identifier) ===
-/**
- * Extract a raw 32-byte Ed25519 public key from a did:key URI.
- *
- * Parses `did:key:z<base58btc(0xed01 + publicKey)>`, strips the 2-byte
- * multicodec prefix, and returns the raw public key bytes.
- */
-export function didKeyToPublicKey(did) {
-    if (!did.startsWith("did:key:z")) {
-        throw new Error("Invalid did:key URI: must start with did:key:z");
-    }
-    const encoded = did.slice("did:key:z".length);
-    const decoded = base58btcDecode(encoded);
-    if (decoded.length !== 34) {
-        throw new Error(`Invalid did:key: expected 34 bytes (2 prefix + 32 key), got ${decoded.length}`);
-    }
-    if (decoded[0] !== 0xed || decoded[1] !== 0x01) {
-        throw new Error("Invalid did:key: multicodec prefix is not ed25519-pub (0xed01)");
-    }
-    return decoded.slice(2);
-}
-/**
- * Derive a did:key URI from an Ed25519 public key.
- *
- * Format: did:key:z<base58btc(0xed01 + publicKey)>
- * See: https://w3c-ccg.github.io/did-method-key/
- */
-export function publicKeyToDidKey(publicKey) {
-    if (publicKey.length !== 32) {
-        throw new Error("Ed25519 public key must be 32 bytes");
-    }
-    const prefixed = new Uint8Array(34);
-    prefixed[0] = 0xed;
-    prefixed[1] = 0x01;
-    prefixed.set(publicKey, 2);
-    return `did:key:z${base58btcEncode(prefixed)}`;
-}
-export function hexPublicKeyToDidKey(hexPublicKey) {
-    return publicKeyToDidKey(hexToBytes(hexPublicKey));
-}
-// === SHA-256 ===
-export async function hash(data) {
-    const hashBuffer = await crypto.subtle.digest("SHA-256", data);
-    const hashArray = new Uint8Array(hashBuffer);
-    return Array.from(hashArray)
-        .map((b) => b.toString(16).padStart(2, "0"))
-        .join("");
-}
-/**
- * Canonical-bytes hash. Convenience wrapper over `canonicalJson` + SHA-256
- * for diagnostic and audit use: lets a producer and a verifier deterministically
- * agree on (or disagree about) the exact bytes a signature was computed over,
- * without re-implementing the canonicalization recipe at the call site.
- *
- * Returns the hex SHA-256 of the UTF-8 bytes of `canonicalJson(obj)`. Stable
- * across processes, machines, and Node versions — same input ⇒ same output,
- * always. The only requirement on `obj` is that it be a JSON-serializable
- * value (no functions, no symbols, no cycles).
- *
- * Primary use case: when a signed-artifact verification fails, both ends of
- * the pipeline can log `canonicalSha256(body)` and the producer can confirm
- * whether the bytes the verifier reproduced match the bytes the producer
- * signed. A hash mismatch localizes the bug to the wire path; a hash match
- * localizes it to the signature primitive (which is far less likely).
- */
-export async function canonicalSha256(obj) {
-    return hash(new TextEncoder().encode(canonicalJson(obj)));
-}
-/** SHA-256 returning raw bytes (used by credential signing). */
-export async function sha256(data) {
-    const buf = await crypto.subtle.digest("SHA-256", data);
-    return new Uint8Array(buf);
-}
-// === Ed25519 Signing ===
-//
-// The primitive sign/verify functions and keypair generation now live
-// in `./suite-dispatch.ts`, which is the one file in @motebit/crypto
-// permitted to call `ed.signAsync` / `ed.verifyAsync` directly (the
-// `check-suite-dispatch` drift gate enforces that rule). These
-// re-exports preserve the historical call sites that import from
-// signing.ts directly (especially tests and @motebit/encryption).
-// New artifact-level verifiers should prefer `verifyBySuite`.
-import { generateEd25519Keypair, signBySuite, verifyBySuite } from "./suite-dispatch.js";
-export { ed25519Sign, ed25519Verify, generateEd25519Keypair, getPublicKeyBySuite, signBySuite, verifyBySuite, } from "./suite-dispatch.js";
-export async function generateKeypair() {
-    return generateEd25519Keypair();
-}
-// === Signed Tokens ===
-/**
- * Create a signed token: base64url(payload) + "." + base64url(signature).
- * Default expiry: 5 minutes from now.
- *
- * The payload includes a fixed `suite` field (`SIGNED_TOKEN_SUITE`) so
- * the verifier can dispatch primitive verification explicitly rather
- * than implicitly assuming Ed25519. Callers MUST supply every other
- * required payload field; this function does not fill defaults for
- * `mid` / `did` / `iat` / `exp` / `jti` / `aud`.
- */
-export async function createSignedToken(payload, privateKey) {
-    const withSuite = { ...payload, suite: SIGNED_TOKEN_SUITE };
-    const payloadBytes = new TextEncoder().encode(JSON.stringify(withSuite));
-    const payloadB64 = toBase64Url(payloadBytes);
-    const signature = await signBySuite(SIGNED_TOKEN_SUITE, payloadBytes, privateKey);
-    const sigB64 = toBase64Url(signature);
-    return `${payloadB64}.${sigB64}`;
-}
-/**
- * Verify a signed token. Returns the parsed payload if valid and not
- * expired, null otherwise.
- *
- * Rejects fail-closed on:
- *   - malformed token string (no dot separator, invalid base64url),
- *   - missing `suite` field,
- *   - `suite` value other than `SIGNED_TOKEN_SUITE`,
- *   - signature mismatch,
- *   - expired token,
- *   - missing `jti` (replay defense),
- *   - missing `aud` (cross-endpoint replay defense).
- */
-export async function verifySignedToken(token, publicKey) {
-    const dotIdx = token.indexOf(".");
-    if (dotIdx === -1)
-        return null;
-    const payloadB64 = token.slice(0, dotIdx);
-    const sigB64 = token.slice(dotIdx + 1);
-    let payloadBytes;
-    let signature;
-    try {
-        payloadBytes = fromBase64Url(payloadB64);
-        signature = fromBase64Url(sigB64);
-    }
-    catch {
-        return null;
-    }
-    // Parse before verify so the suite value routes the primitive call.
-    // Malformed JSON → reject.
-    let payload;
-    try {
-        payload = JSON.parse(new TextDecoder().decode(payloadBytes));
-    }
-    catch {
-        return null;
-    }
-    // Missing or unknown suite → reject fail-closed. No legacy-no-suite path.
-    if (payload.suite !== SIGNED_TOKEN_SUITE)
-        return null;
-    const valid = await verifyBySuite(payload.suite, payloadBytes, signature, publicKey);
-    if (!valid)
-        return null;
-    if (payload.exp <= Date.now())
-        return null;
-    if (!payload.jti)
-        return null;
-    if (!payload.aud)
-        return null;
-    return payload;
-}
-// === Scope Utilities (Capability Attenuation) ===
-/**
- * Parse a comma-separated scope string into a Set.
- * `"*"` is the wildcard meaning "all capabilities".
- * Trims whitespace from each element.
- */
-export function parseScopeSet(scope) {
-    if (scope === "*")
-        return new Set(["*"]);
-    return new Set(scope
-        .split(",")
-        .map((s) => s.trim())
-        .filter((s) => s.length > 0));
-}
-/**
- * Returns true if `childScope` is a proper subset of (or equal to) `parentScope`.
- *
- * Rules:
- * - If parentScope is `"*"`, any childScope is valid (wildcard grants all).
- * - If childScope is `"*"`, it's only valid if parentScope is also `"*"`.
- * - Otherwise, every capability in childScope must appear in parentScope.
- */
-export function isScopeNarrowed(parentScope, childScope) {
-    const parent = parseScopeSet(parentScope);
-    const child = parseScopeSet(childScope);
-    // Wildcard parent allows anything
-    if (parent.has("*"))
-        return true;
-    // Child requests wildcard but parent is not wildcard — scope widening
-    if (child.has("*"))
-        return false;
-    // Every capability in child must exist in parent
-    for (const cap of child) {
-        if (!parent.has(cap))
-            return false;
-    }
-    return true;
-}
-//# sourceMappingURL=signing.js.map

package/dist/signing.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"signing.js","sourceRoot":"","sources":["../src/signing.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAE9C,sDAAsD;AACtD,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;IACtB,EAAE,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,GAAe,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AACtD,CAAC;AA4BD;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,wBAAiC,CAAC;AAEpE,wCAAwC;AAExC;;;;;;;;GAQG;AACH,MAAM,UAAU,aAAa,CAAC,GAAY;IACxC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAClE,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACxD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;IACtE,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAA8B,CAAC,CAAC,IAAI,EAAE,CAAC;IAClE,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QACzB,MAAM,GAAG,GAAI,GAA+B,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,GAAG,KAAK,SAAS;YAAE,SAAS;QAChC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;AACvC,CAAC;AAED,2BAA2B;AAE3B,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SACrB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,IAAgB;IAC1C,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACjF,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACzD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,oBAAoB;AAEpB,MAAM,eAAe,GAAG,4DAA4D,CAAC;AAErF,MAAM,UAAU,eAAe,CAAC,KAAiB;IAC/C,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OAAO,KAAK,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC;QAAE,KAAK,EAAE,CAAC;IAC3D,IAAI,KAAK,GAAG,EAAE,CAAC;IACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,KAAK,GAAG,KAAK,GAAG,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,OAAO,KAAK,GAAG,EAAE,EAAE,CAAC;QAClB,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;QACtC,KAAK,GAAG,KAAK,GAAG,GAAG,CAAC;QACpB,MAAM,GAAG,eAAe,CAAC,SAAS,CAAE,GAAG,MAAM,CAAC;IAChD,CAAC;IACD,OAAO,eAAe,CAAC,CAAC,CAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,GAAW;IACzC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OAAO,KAAK,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,eAAe,CAAC,CAAC,CAAC;QAAE,KAAK,EAAE,CAAC;IACxE,IAAI,KAAK,GAAG,EAAE,CAAC;IACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC,CAAC;QAC7C,IAAI,GAAG,KAAK,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACvE,KAAK,GAAG,KAAK,GAAG,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,OAAO,KAAK,GAAG,EAAE,EAAE,CAAC;QAClB,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC;QACnC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;QAChD,KAAK,KAAK,EAAE,CAAC;IACf,CAAC;IACD,MAAM,SAAS,GACb,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IACvF,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACxD,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAC7B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,iDAAiD;AAEjD;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,GAAW;IAC3C,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IACD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CACb,+DAA+D,OAAO,CAAC,MAAM,EAAE,CAChF,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;IACpF,CAAC;IACD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,SAAqB;IACrD,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACpC,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IACnB,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IACnB,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IAC3B,OAAO,YAAY,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,YAAoB;IACvD,OAAO,iBAAiB,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC;AACrD,CAAC;AAED,kBAAkB;AAElB,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,IAAgB;IACzC,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAoB,CAAC,CAAC;IAC/E,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;IAC7C,OAAO,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;SACzB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAY;IAChD,OAAO,IAAI,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AAED,gEAAgE;AAChE,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,IAAgB;IAC3C,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAoB,CAAC,CAAC;IACxE,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,0BAA0B;AAC1B,EAAE;AACF,sEAAsE;AACtE,qEAAqE;AACrE,oEAAoE;AACpE,+DAA+D;AAC/D,iEAAiE;AACjE,kEAAkE;AAClE,8DAA8D;AAC9D,OAAO,EAAE,sBAAsB,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEzF,OAAO,EACL,WAAW,EACX,aAAa,EACb,sBAAsB,EACtB,mBAAmB,EACnB,WAAW,EACX,aAAa,GACd,MAAM,qBAAqB,CAAC;AAE7B,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,OAAO,sBAAsB,EAAE,CAAC;AAClC,CAAC;AAED,wBAAwB;AAExB;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAA0C,EAC1C,UAAsB;IAEtB,MAAM,SAAS,GAAuB,EAAE,GAAG,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC;IAChF,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;IACzE,MAAM,UAAU,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,kBAAkB,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;IAClF,MAAM,MAAM,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC;IACtC,OAAO,GAAG,UAAU,IAAI,MAAM,EAAE,CAAC;AACnC,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,KAAa,EACb,SAAqB;IAErB,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,MAAM,KAAK,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE/B,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAEvC,IAAI,YAAwB,CAAC;IAC7B,IAAI,SAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,YAAY,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QACzC,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,oEAAoE;IACpE,2BAA2B;IAC3B,IAAI,OAA2B,CAAC;IAChC,IAAI,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAuB,CAAC;IACrF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,0EAA0E;IAC1E,IAAI,OAAO,CAAC,KAAK,KAAK,kBAAkB;QAAE,OAAO,IAAI,CAAC;IAEtD,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,OAAO,CAAC,KAAK,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;IACrF,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAExB,IAAI,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE;QAAE,OAAO,IAAI,CAAC;IAC3C,IAAI,CAAC,OAAO,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAC9B,IAAI,CAAC,OAAO,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAE9B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,mDAAmD;AAEnD;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACzC,OAAO,IAAI,GAAG,CACZ,KAAK;SACF,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAC/B,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,eAAe,CAAC,WAAmB,EAAE,UAAkB;IACrE,MAAM,MAAM,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IAExC,kCAAkC;IAClC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjC,sEAAsE;IACtE,IAAI,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAEjC,iDAAiD;IACjD,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;IACrC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/skills.js

@@ -1,228 +0,0 @@
-/**
- * Skill manifest + envelope signing and verification — spec/skills-v1.md.
- *
- * Skills are motebit-internal protocol artifacts. They install locally,
- * verify on motebit runtimes, and are signed by their author's motebit
- * identity using `motebit-jcs-ed25519-b64-v1` — the same suite used for
- * execution receipts, tool invocation receipts, settlement anchors, and
- * migration artifacts. NOT W3C `eddsa-jcs-2022` (that suite is reserved for
- * credentials, identity files, and presentations needing third-party W3C
- * interop).
- *
- * Signature recipe (spec §5.1):
- *
- *   manifest_bytes = JCS(manifest_with_signature_value_removed) || 0x0A || lf_body
- *   envelope_bytes = JCS(envelope_with_signature_value_removed)
- *   signature = Ed25519.sign(bytes, privateKey)  -- routed through verifyBySuite
- *
- * Verification is offline: no relay, no registry, no external service. Per
- * @motebit/crypto/CLAUDE.md rule 4, third-party verifiers using only this
- * package and the signer's public key can validate any motebit-signed skill.
- */
-import { canonicalJson, fromBase64Url, hexToBytes, signBySuite, toBase64Url, verifyBySuite, } from "./signing.js";
-/** The suite skills sign under in v1. Mirrors EXECUTION_RECEIPT_SUITE. */
-export const SKILL_SIGNATURE_SUITE = "motebit-jcs-ed25519-b64-v1";
-// ---------------------------------------------------------------------------
-// Canonicalization — pure, deterministic, dependency-free
-// ---------------------------------------------------------------------------
-/**
- * Strip `signature.value` from a SkillSignature, preserving `suite` and
- * `public_key` (those ARE part of the signed canonical form per spec §5.1).
- */
-function signatureWithoutValue(sig) {
-    return { suite: sig.suite, public_key: sig.public_key };
-}
-/**
- * Compute the canonical bytes that a SkillManifest signature is computed over.
- * `body` is the LF-normalized SKILL.md body bytes (everything after the
- * closing `---` delimiter), with CRLF/CR converted to LF, no BOM, UTF-8.
- *
- * Caller is responsible for body normalization. The reference parser in
- * @motebit/skills (BSL) does the normalization at file-read time.
- *
- * The manifest's `motebit.signature.value` is removed before canonicalization;
- * `suite` and `public_key` are preserved (they are signature-bound).
- */
-export function canonicalizeSkillManifestBytes(manifest, body) {
-    const motebitForCanonical = manifest.motebit.signature
-        ? {
-            ...manifest.motebit,
-            signature: signatureWithoutValue(manifest.motebit.signature),
-        }
-        : manifest.motebit;
-    const manifestForCanonical = { ...manifest, motebit: motebitForCanonical };
-    const canonical = canonicalJson(manifestForCanonical);
-    const manifestBytes = new TextEncoder().encode(canonical);
-    const out = new Uint8Array(manifestBytes.length + 1 + body.length);
-    out.set(manifestBytes, 0);
-    out[manifestBytes.length] = 0x0a; // LF separator
-    out.set(body, manifestBytes.length + 1);
-    return out;
-}
-/**
- * Compute the canonical bytes that a SkillEnvelope signature is computed
- * over. Sibling to manifest canonicalization; envelope is pure JSON so no
- * body concatenation.
- */
-export function canonicalizeSkillEnvelopeBytes(envelope) {
-    const envelopeForCanonical = {
-        ...envelope,
-        signature: signatureWithoutValue(envelope.signature),
-    };
-    const canonical = canonicalJson(envelopeForCanonical);
-    return new TextEncoder().encode(canonical);
-}
-// ---------------------------------------------------------------------------
-// Signing — for skill authors
-// ---------------------------------------------------------------------------
-/**
- * Sign a SkillManifest, returning the signed manifest with `motebit.signature`
- * populated. Caller provides the LF-normalized body bytes; signing recipe is
- * spec §5.1.
- *
- * The returned manifest's `motebit.signature.public_key` is hex-encoded and
- * `motebit.signature.value` is base64url-encoded, matching the suite contract.
- */
-export async function signSkillManifest(unsigned, privateKey, publicKey, body) {
-    const publicKeyHex = bytesToLowerHex(publicKey);
-    // Stamp the unsigned signature block (suite + public_key) so it participates
-    // in canonicalization at sign time.
-    const unsignedWithSig = {
-        ...unsigned,
-        motebit: {
-            ...unsigned.motebit,
-            signature: {
-                suite: SKILL_SIGNATURE_SUITE,
-                public_key: publicKeyHex,
-                value: "", // placeholder; stripped by canonicalize
-            },
-        },
-    };
-    const message = canonicalizeSkillManifestBytes(unsignedWithSig, body);
-    const sig = await signBySuite(SKILL_SIGNATURE_SUITE, message, privateKey);
-    return {
-        ...unsigned,
-        motebit: {
-            ...unsigned.motebit,
-            signature: {
-                suite: SKILL_SIGNATURE_SUITE,
-                public_key: publicKeyHex,
-                value: toBase64Url(sig),
-            },
-        },
-    };
-}
-/**
- * Sign a SkillEnvelope, returning the signed envelope. Sibling to
- * `signSkillManifest`. Envelope canonicalization is pure JSON (§5.1).
- */
-export async function signSkillEnvelope(unsigned, privateKey, publicKey) {
-    const publicKeyHex = bytesToLowerHex(publicKey);
-    const unsignedWithSig = {
-        ...unsigned,
-        signature: {
-            suite: SKILL_SIGNATURE_SUITE,
-            public_key: publicKeyHex,
-            value: "", // placeholder; stripped by canonicalize
-        },
-    };
-    const message = canonicalizeSkillEnvelopeBytes(unsignedWithSig);
-    const sig = await signBySuite(SKILL_SIGNATURE_SUITE, message, privateKey);
-    return {
-        ...unsigned,
-        signature: {
-            suite: SKILL_SIGNATURE_SUITE,
-            public_key: publicKeyHex,
-            value: toBase64Url(sig),
-        },
-    };
-}
-// ---------------------------------------------------------------------------
-// Verification — fail-closed on every error path
-// ---------------------------------------------------------------------------
-/**
- * Verify a SkillManifest's signature against the provided public key and
- * LF-normalized body bytes. Returns `false` on any failure path:
- *
- *  - manifest is unsigned (`motebit.signature` absent)
- *  - suite mismatch (only `motebit-jcs-ed25519-b64-v1` accepted in v1)
- *  - public_key in the signature doesn't match the supplied public key
- *  - signature value fails base64url decode
- *  - Ed25519 verification fails
- *
- * Per CLAUDE.md rule 4, this is the third-party self-verification entry
- * point. Only this package + the signer's public key are required.
- */
-export async function verifySkillManifest(manifest, body, publicKey) {
-    return (await verifySkillManifestDetailed(manifest, body, publicKey)).valid;
-}
-/**
- * Companion to `verifySkillManifest` that returns a categorized failure
- * reason for observability. Same recipe; same fail-closed behavior.
- */
-export async function verifySkillManifestDetailed(manifest, body, publicKey) {
-    const sig = manifest.motebit.signature;
-    if (!sig)
-        return { valid: false, reason: "no_signature" };
-    if (sig.suite !== SKILL_SIGNATURE_SUITE)
-        return { valid: false, reason: "wrong_suite" };
-    const publicKeyHex = bytesToLowerHex(publicKey);
-    if (sig.public_key.toLowerCase() !== publicKeyHex) {
-        return { valid: false, reason: "bad_public_key" };
-    }
-    let sigBytes;
-    try {
-        sigBytes = fromBase64Url(sig.value);
-    }
-    catch {
-        return { valid: false, reason: "bad_signature_value" };
-    }
-    const message = canonicalizeSkillManifestBytes(manifest, body);
-    const valid = await verifyBySuite(SKILL_SIGNATURE_SUITE, message, sigBytes, publicKey);
-    return { valid, reason: valid ? "ok" : "ed25519_mismatch" };
-}
-/**
- * Verify a SkillEnvelope's signature. Sibling to `verifySkillManifest` —
- * same suite, same fail-closed semantics. Note: envelope verification does
- * NOT cross-check `body_hash` or `files[].hash` against on-disk bytes; the
- * caller (install-time logic in the registry) is responsible for that pass
- * after signature verification succeeds.
- */
-export async function verifySkillEnvelope(envelope, publicKey) {
-    return (await verifySkillEnvelopeDetailed(envelope, publicKey)).valid;
-}
-export async function verifySkillEnvelopeDetailed(envelope, publicKey) {
-    const sig = envelope.signature;
-    if (sig.suite !== SKILL_SIGNATURE_SUITE)
-        return { valid: false, reason: "wrong_suite" };
-    const publicKeyHex = bytesToLowerHex(publicKey);
-    if (sig.public_key.toLowerCase() !== publicKeyHex) {
-        return { valid: false, reason: "bad_public_key" };
-    }
-    let sigBytes;
-    try {
-        sigBytes = fromBase64Url(sig.value);
-    }
-    catch {
-        return { valid: false, reason: "bad_signature_value" };
-    }
-    const message = canonicalizeSkillEnvelopeBytes(envelope);
-    const valid = await verifyBySuite(SKILL_SIGNATURE_SUITE, message, sigBytes, publicKey);
-    return { valid, reason: valid ? "ok" : "ed25519_mismatch" };
-}
-// ---------------------------------------------------------------------------
-// Helpers
-// ---------------------------------------------------------------------------
-/** Hex-encode a 32-byte public key as 64 lowercase hex chars. */
-function bytesToLowerHex(bytes) {
-    let hex = "";
-    for (const b of bytes) {
-        hex += b.toString(16).padStart(2, "0");
-    }
-    return hex;
-}
-/** Decode a hex public key from a SkillSignature for caller convenience. */
-export function decodeSkillSignaturePublicKey(sig) {
-    return hexToBytes(sig.public_key);
-}
-//# sourceMappingURL=skills.js.map

package/dist/skills.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"skills.js","sourceRoot":"","sources":["../src/skills.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAIH,OAAO,EACL,aAAa,EACb,aAAa,EACb,UAAU,EACV,WAAW,EACX,WAAW,EACX,aAAa,GACd,MAAM,cAAc,CAAC;AAEtB,0EAA0E;AAC1E,MAAM,CAAC,MAAM,qBAAqB,GAAG,4BAAqC,CAAC;AAgB3E,8EAA8E;AAC9E,0DAA0D;AAC1D,8EAA8E;AAE9E;;;GAGG;AACH,SAAS,qBAAqB,CAAC,GAAmB;IAChD,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC;AAC1D,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,8BAA8B,CAC5C,QAAuB,EACvB,IAAgB;IAEhB,MAAM,mBAAmB,GAAG,QAAQ,CAAC,OAAO,CAAC,SAAS;QACpD,CAAC,CAAC;YACE,GAAG,QAAQ,CAAC,OAAO;YACnB,SAAS,EAAE,qBAAqB,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC;SAC7D;QACH,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;IAErB,MAAM,oBAAoB,GAAG,EAAE,GAAG,QAAQ,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC;IAC3E,MAAM,SAAS,GAAG,aAAa,CAAC,oBAAoB,CAAC,CAAC;IACtD,MAAM,aAAa,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAE1D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IACnE,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;IAC1B,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,eAAe;IACjD,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACxC,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,8BAA8B,CAAC,QAAuB;IACpE,MAAM,oBAAoB,GAAG;QAC3B,GAAG,QAAQ;QACX,SAAS,EAAE,qBAAqB,CAAC,QAAQ,CAAC,SAAS,CAAC;KACrD,CAAC;IACF,MAAM,SAAS,GAAG,aAAa,CAAC,oBAAoB,CAAC,CAAC;IACtD,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AAC7C,CAAC;AAED,8EAA8E;AAC9E,8BAA8B;AAC9B,8EAA8E;AAE9E;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAEC,EACD,UAAsB,EACtB,SAAqB,EACrB,IAAgB;IAEhB,MAAM,YAAY,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IAEhD,6EAA6E;IAC7E,oCAAoC;IACpC,MAAM,eAAe,GAAkB;QACrC,GAAG,QAAQ;QACX,OAAO,EAAE;YACP,GAAG,QAAQ,CAAC,OAAO;YACnB,SAAS,EAAE;gBACT,KAAK,EAAE,qBAAqB;gBAC5B,UAAU,EAAE,YAAY;gBACxB,KAAK,EAAE,EAAE,EAAE,wCAAwC;aACpD;SACF;KACF,CAAC;IAEF,MAAM,OAAO,GAAG,8BAA8B,CAAC,eAAe,EAAE,IAAI,CAAC,CAAC;IACtE,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,qBAAqB,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;IAE1E,OAAO;QACL,GAAG,QAAQ;QACX,OAAO,EAAE;YACP,GAAG,QAAQ,CAAC,OAAO;YACnB,SAAS,EAAE;gBACT,KAAK,EAAE,qBAAqB;gBAC5B,UAAU,EAAE,YAAY;gBACxB,KAAK,EAAE,WAAW,CAAC,GAAG,CAAC;aACxB;SACF;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAA0C,EAC1C,UAAsB,EACtB,SAAqB;IAErB,MAAM,YAAY,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IAChD,MAAM,eAAe,GAAkB;QACrC,GAAG,QAAQ;QACX,SAAS,EAAE;YACT,KAAK,EAAE,qBAAqB;YAC5B,UAAU,EAAE,YAAY;YACxB,KAAK,EAAE,EAAE,EAAE,wCAAwC;SACpD;KACF,CAAC;IACF,MAAM,OAAO,GAAG,8BAA8B,CAAC,eAAe,CAAC,CAAC;IAChE,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,qBAAqB,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;IAC1E,OAAO;QACL,GAAG,QAAQ;QACX,SAAS,EAAE;YACT,KAAK,EAAE,qBAAqB;YAC5B,UAAU,EAAE,YAAY;YACxB,KAAK,EAAE,WAAW,CAAC,GAAG,CAAC;SACxB;KACF,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,iDAAiD;AACjD,8EAA8E;AAE9E;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,QAAuB,EACvB,IAAgB,EAChB,SAAqB;IAErB,OAAO,CAAC,MAAM,2BAA2B,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC;AAC9E,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,QAAuB,EACvB,IAAgB,EAChB,SAAqB;IAErB,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC;IACvC,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;IAC1D,IAAI,GAAG,CAAC,KAAK,KAAK,qBAAqB;QAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IAExF,MAAM,YAAY,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IAChD,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,KAAK,YAAY,EAAE,CAAC;QAClD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACpD,CAAC;IAED,IAAI,QAAoB,CAAC;IACzB,IAAI,CAAC;QACH,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC;IACzD,CAAC;IAED,MAAM,OAAO,GAAG,8BAA8B,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC/D,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,qBAAqB,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACvF,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,kBAAkB,EAAE,CAAC;AAC9D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,QAAuB,EACvB,SAAqB;IAErB,OAAO,CAAC,MAAM,2BAA2B,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC;AACxE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,QAAuB,EACvB,SAAqB;IAErB,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC;IAC/B,IAAI,GAAG,CAAC,KAAK,KAAK,qBAAqB;QAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IAExF,MAAM,YAAY,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IAChD,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,KAAK,YAAY,EAAE,CAAC;QAClD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACpD,CAAC;IAED,IAAI,QAAoB,CAAC;IACzB,IAAI,CAAC;QACH,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC;IACzD,CAAC;IAED,MAAM,OAAO,GAAG,8BAA8B,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,qBAAqB,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACvF,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,kBAAkB,EAAE,CAAC;AAC9D,CAAC;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,iEAAiE;AACjE,SAAS,eAAe,CAAC,KAAiB;IACxC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,GAAG,IAAI,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,4EAA4E;AAC5E,MAAM,UAAU,6BAA6B,CAAC,GAAmB;IAC/D,OAAO,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;AACpC,CAAC"}

package/dist/suite-dispatch.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"suite-dispatch.js","sourceRoot":"","sources":["../src/suite-dispatch.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,2CAA2C;AAC3C,sEAAsE;AACtE,sEAAsE;AACtE,0EAA0E;AAC1E,iDAAiD;AACjD,OAAO,KAAK,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,sEAAsE;AACtE,qEAAqE;AACrE,gEAAgE;AAChE,uCAAuC;AACvC,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAM1C,mEAAmE;AACnE,+DAA+D;AAC/D,oEAAoE;AACpE,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;IACtB,EAAE,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,GAAe,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AACtD,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAAc,EACd,cAA0B,EAC1B,cAA0B,EAC1B,cAA0B;IAE1B,gEAAgE;IAChE,gEAAgE;IAChE,4DAA4D;IAC5D,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,4BAA4B,CAAC;QAClC,KAAK,4BAA4B,CAAC;QAClC,KAAK,wBAAwB,CAAC;QAC9B,KAAK,+BAA+B,CAAC;QACrC,KAAK,gBAAgB;YACnB,IAAI,CAAC;gBACH,OAAO,MAAM,EAAE,CAAC,WAAW,CAAC,cAAc,EAAE,cAAc,EAAE,cAAc,CAAC,CAAC;YAC9E,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,KAAc,EACd,cAA0B,EAC1B,eAA2B;IAE3B,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,4BAA4B,CAAC;QAClC,KAAK,4BAA4B,CAAC;QAClC,KAAK,wBAAwB,CAAC;QAC9B,KAAK,+BAA+B,CAAC;QACrC,KAAK,gBAAgB;YACnB,OAAO,EAAE,CAAC,SAAS,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,OAAmB,EACnB,UAAsB;IAEtB,OAAO,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,SAAqB,EACrB,OAAmB,EACnB,SAAqB;IAErB,IAAI,CAAC;QACH,OAAO,MAAM,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;IAC7D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB;IAI1C,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAC,WAAW,EAAE,CAAC;IACxD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;AAC9C,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,UAAsB,EACtB,KAAc;IAEd,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,4BAA4B,CAAC;QAClC,KAAK,4BAA4B,CAAC;QAClC,KAAK,wBAAwB,CAAC;QAC9B,KAAK,+BAA+B,CAAC;QACrC,KAAK,gBAAgB;YACnB,OAAO,EAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC;AAED,wEAAwE;AACxE,EAAE;AACF,sEAAsE;AACtE,sEAAsE;AACtE,qEAAqE;AACrE,qEAAqE;AACrE,kEAAkE;AAClE,gCAAgC;AAChC,EAAE;AACF,uEAAuE;AACvE,kEAAkE;AAClE,kEAAkE;AAElE;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,qBAAqB,CACnC,sBAA8B,EAC9B,YAAwB,EACxB,iBAA6B;IAE7B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;QACpC,MAAM,WAAW,GAAG,UAAU,CAAC,sBAAsB,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,MAAM,EAAE,WAAW,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;IACjF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAChF,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACvE,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACzD,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC5E,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IAChB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}