@nekzus/liop 1.2.0 → 1.3.0-alpha.1

package/README.md

@@ -4,19 +4,19 @@
     <img alt="Logic-Injection-on-Origin Protocol Logo" src="https://res.cloudinary.com/dsvsl0b0b/image/upload/v1774702621/Neural-Mesh-Protocol/hoanw0m6tybpz5fbl12n.svg?v=20260328" width="700">
   </picture>
 
-  <h1>Logic-Injection-on-Origin Protocol (LIOP) — TypeScript SDK</h1>
+<h1>Logic-Injection-on-Origin Protocol (LIOP) — TypeScript SDK</h1>
 <p align="center">
-  <a href="https://github.com/Nekzus/Neural-Mesh-Protocol/actions/workflows/ci.yml"><img src="https://github.com/Nekzus/Neural-Mesh-Protocol/actions/workflows/ci.yml/badge.svg?event=push" alt="Github Workflow"></a>
+  <a href="https://github.com/Nekzus/LIOP/actions/workflows/ci.yml"><img src="https://github.com/Nekzus/LIOP/actions/workflows/ci.yml/badge.svg?event=push" alt="Github Workflow"></a>
   <a href="https://www.npmjs.com/package/@nekzus/liop"><img src="https://img.shields.io/npm/v/@nekzus/liop.svg" alt="npm version"></a>
   <a href="https://www.npmjs.com/package/@nekzus/liop"><img src="https://img.shields.io/npm/dm/@nekzus/liop.svg" alt="npm-month"></a>
   <a href="https://www.npmjs.com/package/@nekzus/liop"><img src="https://img.shields.io/npm/dt/@nekzus/liop.svg?style=flat" alt="npm-total"></a>
-  <a href="https://github.com/Nekzus/Neural-Mesh-Protocol/blob/main/LICENSE"><img src="https://img.shields.io/github/license/Nekzus/LIOP.svg" alt="License"></a>
-  <a href="https://liop.mintlify.app/"><img src="https://img.shields.io/badge/docs-mintlify-0D9373?style=flat" alt="Docs"></a>
+  <a href="https://github.com/Nekzus/LIOP/blob/main/LICENSE"><img src="https://img.shields.io/github/license/Nekzus/LIOP.svg" alt="License"></a>
+  <a href="https://nekzus-32.mintlify.app/"><img src="https://img.shields.io/badge/docs-mintlify-0D9373?style=flat" alt="Docs"></a>
   <a href="https://deepwiki.com/Nekzus/LIOP"><img src="https://deepwiki.com/badge.svg" alt="Ask DeepWiki"></a>
   <a href="https://paypal.me/maseortega"><img src="https://img.shields.io/badge/donate-paypal-blue.svg?style=flat-square" alt="Donate"></a>
 </p>
 
-  <p><strong>The official TypeScript SDK for the Logic-Injection-on-Origin Protocol.</strong></p>
+<p><strong>The official TypeScript SDK for the Logic-Injection-on-Origin Protocol.</strong></p>
   <p>Deploy Logic-on-Origin with WebAssembly sandboxing, gRPC-speed execution, and full MCP backward compatibility.</p>
 </div>
 
@@ -30,19 +30,19 @@ This fundamentally solves the data privacy, bandwidth, and latency challenges of
 
 ### Key Capabilities
 
-| Feature | Description |
-|:--|:--|
-| **Logic-Injection-on-Origin** | LLMs send code, not queries. Data never leaves the origin server. |
-| **MCP Drop-in Replacement** | `LiopServer` mirrors the Anthropic MCP `Server` API — tools, resources, and prompts with `Zod` schemas. |
-| **Guardian AST** | Zero-time heuristic inspection blocks sandbox escapes (`require`, `fs`, `eval`, `fetch`, prototype pollution). |
-| **WASI Sandbox** | JavaScript payloads execute inside V8 isolates with CPU fuel limits and no access to Node.js globals. |
-| **PII Shield** | Multi-layer egress filter with Regional Presets (Email, Credit Card with Luhn, IP, Phone, SSN, IBAN Mod-97, Passport MRZ) and custom keys. |
-| **ZK-Receipts** | Cryptographic proof (SHA-256 + SHA-512 seal) that the returned result was computed honestly from the injected logic. |
-| **Worker Pool** | Heavy computation (crypto, sandboxing) dispatched to OS threads via `piscina`, unblocking the V8 event loop. |
-| **Cross-AI Adapters**| Zero-Shot system prompts automatically adapt instructions for Claude (XML-heavy) vs OpenAI/Gemini (JSON-schema). |
-| **MCP Bridge** | `LiopMcpBridge` adapts any `LiopServer` to the JSON-RPC 2.0 / stdio protocol used by Claude Desktop, Cursor, etc. |
-| **Post-Quantum Ready** | ML-KEM-768 (Kyber) handshake + AES-256-GCM symmetric encryption for transport-layer security. |
-| **P2P Mesh** | Kademlia DHT discovery via `libp2p` with TCP + WebSocket + Yamux multiplexing and Noise encryption. |
+| Feature                             | Description                                                                                                                                |
+| :---------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------------- |
+| **Logic-Injection-on-Origin** | LLMs send code, not queries. Data never leaves the origin server.                                                                          |
+| **MCP Drop-in Replacement**   | `LiopServer` mirrors the Anthropic MCP `Server` API — tools, resources, and prompts with `Zod` schemas.                             |
+| **Guardian AST**              | Zero-time heuristic inspection blocks sandbox escapes (`require`, `fs`, `eval`, `fetch`, prototype pollution).                     |
+| **WASI Sandbox**              | JavaScript payloads execute inside V8 isolates with CPU fuel limits and no access to Node.js globals.                                      |
+| **PII Shield**                | Multi-layer egress filter with Regional Presets (Email, Credit Card with Luhn, IP, Phone, SSN, IBAN Mod-97, Passport MRZ) and custom keys. |
+| **ZK-Receipts**               | Cryptographic proof (SHA-256 ImageID + HMAC-SHA256 seal) that the returned result was computed honestly from the injected logic.            |
+| **Worker Pool**               | Heavy computation (crypto, sandboxing) dispatched to OS threads via `piscina`, unblocking the V8 event loop.                             |
+| **Cross-AI Adapters**         | Zero-Shot system prompts automatically adapt instructions for Claude (XML-heavy) vs OpenAI/Gemini (JSON-schema).                           |
+| **MCP Bridge**                | `LiopMcpBridge` adapts any `LiopServer` to the JSON-RPC 2.0 / stdio protocol used by Claude Desktop, Cursor, etc.                      |
+| **Post-Quantum Ready**        | ML-KEM-768 (Kyber) handshake + AES-256-GCM symmetric encryption for transport-layer security.                                              |
+| **P2P Mesh**                  | Kademlia DHT discovery via `libp2p` with TCP + WebSocket + Yamux multiplexing and Noise encryption.                                      |
 
 ---
 
@@ -91,6 +91,7 @@ To use the Neural Mesh inside Claude Desktop, update your `claude_desktop_config
 ### Persistence & Identity
 
 The agent automatically manages your P2P identity:
+
 - **Identity Path**: `~/.liop/identity.json`. This file contains your unique PeerID. Keep it safe if you want to maintain a consistent identity in the mesh.
 - **Bootstrap Nodes**: By default, the agent connects to the **LIOP Alpha Nexus**. You can provide custom bootstrap addresses as CLI arguments:
   ```bash
@@ -197,24 +198,24 @@ new LiopServer(
 
 #### Methods
 
-| Method | Signature | Description |
-|:--|:--|:--|
-| `tool()` | `(name, description, zodSchema, handler)` | Registers a callable tool with Zod input validation. |
-| `prompt()` | `(name, description, args, handler)` | Registers a dynamic prompt template. |
-| `resource()` | `(name, uri, description?, mimeType?, content?)` | Registers a readable resource. |
-| `dataDictionary()` | `(schema, name?, uri?, description?)` | Broadcasts a data schema so LLMs can write accurate Logic-Injection-on-Origin code. |
-| `setSandboxData()` | `(records: Record[])` | Injects data into the sandbox as `env.records` for Logic-on-Origin tools. |
-| `enableZeroShotAutonomy()` | `()` | Registers the "Blind Analyst" prompt for autonomous code generation. |
-| `callTool()` | `(request: CallToolRequest)` | Invokes a registered tool (used locally or via MCP Bridge). |
-| `listTools()` | `()` | Returns all registered tools. |
-| `listPrompts()` | `()` | Returns all registered prompts. |
-| `getPrompt()` | `(request: GetPromptRequest)` | Returns a specific prompt by name. |
-| `listResources()` | `()` | Returns all registered resources. |
-| `readResource()` | `(uri: string)` | Reads a resource by URI. |
-| `getServerInfo()` | `()` | Returns the server's name and version. |
-| `connectToMesh()` | `()` | Connects to the libp2p Kademlia DHT. |
-| `clearAstCache()` | `()` | Invalidates the Guardian AST logic cache. |
-| `close()` | `()` | Destroys the worker pool and releases threads. |
+| Method                       | Signature                                          | Description                                                                         |
+| :--------------------------- | :------------------------------------------------- | :---------------------------------------------------------------------------------- |
+| `tool()`                   | `(name, description, zodSchema, handler)`        | Registers a callable tool with Zod input validation.                                |
+| `prompt()`                 | `(name, description, args, handler)`             | Registers a dynamic prompt template.                                                |
+| `resource()`               | `(name, uri, description?, mimeType?, content?)` | Registers a readable resource.                                                      |
+| `dataDictionary()`         | `(schema, name?, uri?, description?)`            | Broadcasts a data schema so LLMs can write accurate Logic-Injection-on-Origin code. |
+| `setSandboxData()`         | `(records: Record[])`                            | Injects data into the sandbox as `env.records` for Logic-on-Origin tools.         |
+| `enableZeroShotAutonomy()` | `()`                                             | Registers the "Blind Analyst" prompt for autonomous code generation.                |
+| `callTool()`               | `(request: CallToolRequest)`                     | Invokes a registered tool (used locally or via MCP Bridge).                         |
+| `listTools()`              | `()`                                             | Returns all registered tools.                                                       |
+| `listPrompts()`            | `()`                                             | Returns all registered prompts.                                                     |
+| `getPrompt()`              | `(request: GetPromptRequest)`                    | Returns a specific prompt by name.                                                  |
+| `listResources()`          | `()`                                             | Returns all registered resources.                                                   |
+| `readResource()`           | `(uri: string)`                                  | Reads a resource by URI.                                                            |
+| `getServerInfo()`          | `()`                                             | Returns the server's name and version.                                              |
+| `connectToMesh()`          | `()`                                             | Connects to the libp2p Kademlia DHT.                                                |
+| `clearAstCache()`          | `()`                                             | Invalidates the Guardian AST logic cache.                                           |
+| `close()`                  | `()`                                             | Destroys the worker pool and releases threads.                                      |
 
 ### `LiopMcpBridge`
 
@@ -226,6 +227,7 @@ await bridge.connect();
 ```
 
 **Supported JSON-RPC methods:**
+
 - `initialize` — Returns server capabilities and info
 - `tools/list` — Lists available tools
 - `tools/call` — Calls a tool (with ZK-Receipt verification)
@@ -255,7 +257,7 @@ await bridge.connect();
 ├─────────────────────────────────────────────────────┤
 │  Layer 4: ZK-Receipt (Integrity Verification)       │
 │  SHA-256 ImageID + SHA-512 RISC0-style Seal         │
-│  LiopMcpBridge verifies before forwarding to LLM     │
+│  LiopMcpBridge verifies before forwarding to LLM    │
 └─────────────────────────────────────────────────────┘
 ```
 
@@ -388,26 +390,27 @@ await server.connectToMesh();
 
 This package is continuously tested across multiple platforms and Node.js versions via CI/CD:
 
-- **51+ tests** spanning unit, integration, and conformance suites
+- **209+ tests** spanning unit, integration, conformance, and crossnet suites
 - **Multi-OS matrix:** Ubuntu, Windows, macOS
 - **Node.js versions:** 22.x, 24.x
 - **Code quality:** Enforced by [Biome.js](https://biomejs.dev/) (linting + formatting)
+- **Security:** Verified defense-in-depth architecture — see [Security Architecture](https://nekzus-32.mintlify.app/typescript-sdk/security)
 
-> To run tests locally or contribute, clone the [repository](https://github.com/Nekzus/Neural-Mesh-Protocol) and follow the [Contributing Guide](https://github.com/Nekzus/Neural-Mesh-Protocol/blob/main/CONTRIBUTING.md).
+> To run tests locally or contribute, clone the [repository](https://github.com/Nekzus/LIOP) and follow the [Contributing Guide](https://github.com/Nekzus/LIOP/blob/main/CONTRIBUTING.md).
 
 ---
 
 ## Related
 
-- [LIOP Documentation](https://liop.mintlify.app/) — Full conceptual and API documentation
-- [LIOP Specification](https://github.com/Nekzus/Neural-Mesh-Protocol/blob/main/protocol/SPECIFICATION.md) — Technical specification
-- [LIOP Manifesto](https://github.com/Nekzus/Neural-Mesh-Protocol/blob/main/MANIFESTO.md) — Project philosophy
-- [Contributing Guide](https://github.com/Nekzus/Neural-Mesh-Protocol/blob/main/CONTRIBUTING.md) — How to contribute
-- [Rust Mesh Node](https://github.com/Nekzus/Neural-Mesh-Protocol/tree/main/servers/liop-node) — Native high-performance backend
-- [LIOP CLI](https://github.com/Nekzus/Neural-Mesh-Protocol/tree/main/tools/liop-cli) — Developer diagnostics
+- [LIOP Documentation](https://nekzus-32.mintlify.app/) — Full conceptual and API documentation
+- [LIOP Specification](https://github.com/Nekzus/LIOP/blob/main/protocol/SPECIFICATION.md) — Technical specification
+- [LIOP Manifesto](https://github.com/Nekzus/LIOP/blob/main/MANIFESTO.md) — Project philosophy
+- [Contributing Guide](https://github.com/Nekzus/LIOP/blob/main/CONTRIBUTING.md) — How to contribute
+- [Rust Mesh Node](https://github.com/Nekzus/LIOP/tree/main/servers/liop-node) — Native high-performance backend
+- [LIOP CLI](https://github.com/Nekzus/LIOP/tree/main/tools/liop-cli) — Developer diagnostics
 
 ---
 
 ## License
 
-[MIT](https://github.com/Nekzus/Neural-Mesh-Protocol/blob/main/LICENSE) © [Nekzus](https://github.com/Nekzus)
+[MIT](https://github.com/Nekzus/LIOP/blob/main/LICENSE) © [Nekzus](https://github.com/Nekzus)

package/dist/bridge/stream.js

@@ -120,16 +120,24 @@ export class LiopStreamBridge {
     }
     setupRoutes() {
         this.app.use("*", cors());
+        // Initialize strict zero-trust token if not provided
+        if (!process.env.ZERO_TRUST_TOKEN) {
+            process.env.ZERO_TRUST_TOKEN = randomUUID();
+            log.info("=".repeat(60));
+            log.info("⚠️ STRICT ZERO-TRUST MODE ENABLED ⚠️");
+            log.info("No ZERO_TRUST_TOKEN found in environment.");
+            log.info("A secure ephemeral token has been generated for this session:");
+            log.info(`Token: ${process.env.ZERO_TRUST_TOKEN}`);
+            log.info("=".repeat(60));
+        }
         // ZTA (Zero-Trust Architecture) Security Middleware
         this.app.use("/mcp", async (c, next) => {
             const auth = c.req.header("Authorization");
             const expectedToken = process.env.ZERO_TRUST_TOKEN;
-            if (expectedToken) {
-                if (!auth?.startsWith("Bearer ") ||
-                    auth.split(" ")[1] !== expectedToken) {
-                    log.info("[LIOP-StreamBridge] ALERT: Access denied - Invalid Zero-Trust token.");
-                    return c.json({ error: "Unauthorized: LIOP Zero-Trust Policy Enforced" }, 401);
-                }
+            if (!auth?.startsWith("Bearer ") ||
+                auth.split(" ")[1] !== expectedToken) {
+                log.info("[LIOP-StreamBridge] ALERT: Access denied - Invalid Zero-Trust token.");
+                return c.json({ error: "Unauthorized: LIOP Zero-Trust Policy Enforced" }, 401);
             }
             await next();
         });

package/dist/client/index.js

@@ -147,19 +147,19 @@ export class LiopClient {
         const _safePayload = _wasmPayload || Buffer.from("");
         // Encrypt WASM binary
         const { ciphertext: encryptedWasm, nonce: aesNonce } = AesGcmWrapper.encryptPayload(_safePayload, sharedSecret);
-        // Encrypt inputs using the SAME session nonce for the multi-payload request (Standard LIOP V1)
+        // Encrypt inputs using a fresh random nonce per input to prevent AES-GCM nonce reuse
         const encryptedInputs = {};
+        const crypto = await import("node:crypto");
         for (const [key, value] of Object.entries(request.arguments || {})) {
-            // We manually encrypt with the same nonce/key to match the Proto structure
-            // ideally we'd have per-field nonces, but for Alpha we follow the liop_core.proto v1.
-            const crypto = await import("node:crypto");
-            const cipher = crypto.createCipheriv("aes-256-gcm", sharedSecret, aesNonce);
+            const inputNonce = crypto.randomBytes(12);
+            const cipher = crypto.createCipheriv("aes-256-gcm", sharedSecret, inputNonce);
             const encrypted = Buffer.concat([
                 cipher.update(JSON.stringify(value)),
                 cipher.final(),
             ]);
             const authTag = cipher.getAuthTag();
-            encryptedInputs[key] = Buffer.concat([encrypted, authTag]);
+            // Prepend the 12-byte nonce to the ciphertext
+            encryptedInputs[key] = Buffer.concat([inputNonce, encrypted, authTag]);
         }
         // 4. Assemble and Execute gRPC LogicRequest
         const logicRequest = {
@@ -183,7 +183,7 @@ export class LiopClient {
                 hasReceivedData = true;
                 log.info("[LiopClient] Logic Executed. Verification in progress...");
                 try {
-                    const isValid = await this.verifier.verifyZkReceipt(_safePayload, Buffer.from(response.cryptographic_proof).toString("hex"), Buffer.from(response.zk_receipt));
+                    const isValid = await this.verifier.verifyZkReceipt(_safePayload, Buffer.from(response.cryptographic_proof).toString("hex"), Buffer.from(response.zk_receipt), Buffer.from(sharedSecret));
                     if (!isValid) {
                         reject(new Error("PROTOCOL INTEGRITY VIOLATION: ZK-Receipt verification failed."));
                         return;

package/dist/crypto/verifier.d.ts

@@ -15,7 +15,7 @@ export declare class LiopVerifier {
      * @param remoteImageIdHex The ImageID reported by the provider (must match our local calculation).
      * @param zkReceipt The mathematical proof (Seal + Journal) from the zkVM.
      */
-    verifyZkReceipt(logicPayload: Buffer, remoteImageIdHex: string, zkReceipt: Buffer): Promise<boolean>;
+    verifyZkReceipt(logicPayload: Buffer, remoteImageIdHex: string, zkReceipt: Buffer, sessionSecret?: Buffer): Promise<boolean>;
     /**
      * Verifies if a node is running inside an authenticated TEE (e.g. AWS Nitro).
      *

package/dist/crypto/verifier.js

@@ -49,7 +49,7 @@ export class LiopVerifier {
      * @param remoteImageIdHex The ImageID reported by the provider (must match our local calculation).
      * @param zkReceipt The mathematical proof (Seal + Journal) from the zkVM.
      */
-    async verifyZkReceipt(logicPayload, remoteImageIdHex, zkReceipt) {
+    async verifyZkReceipt(logicPayload, remoteImageIdHex, zkReceipt, sessionSecret) {
         const pool = this.getZkPool();
         if (!pool)
             throw new Error("Worker pool initialization failed");
@@ -58,6 +58,7 @@ export class LiopVerifier {
             logicPayload: new Uint8Array(logicPayload),
             remoteImageIdHex,
             zkReceipt: new Uint8Array(zkReceipt),
+            sessionSecret: sessionSecret ? new Uint8Array(sessionSecret) : undefined,
         });
         if (result.verified) {
             log.info(`[LiopVerifier] ${result.message}`);

package/dist/sandbox/guardian.js

@@ -20,13 +20,36 @@ export const ASTGuardian = {
     analyze(module) {
         const imports = WebAssembly.Module.imports(module);
         let _importCount = 0;
+        const ALLOWED_WASI_FUNCTIONS = new Set([
+            "fd_write",
+            "fd_read",
+            "fd_close",
+            "fd_seek",
+            "environ_get",
+            "environ_sizes_get",
+            "args_get",
+            "args_sizes_get",
+            "clock_time_get",
+            "random_get",
+            "proc_exit",
+            "fd_prestat_get",
+            "fd_prestat_dir_name",
+            "fd_fdstat_get",
+        ]);
         for (const imp of imports) {
-            // Strict Sandbox Validation: Only allow WASI preview 1 and native LIOP functions.
-            // Reject any custom or unexpected host imports.
-            if (imp.module !== "wasi_snapshot_preview1" && imp.module !== "LIOP") {
-                throw new GuardianError(`Banned Host Import Detected: ${imp.module}/${imp.name}`);
+            // Strict Sandbox Validation: Only allow WASI preview 1 specific whitelisted functions.
+            if (imp.module === "wasi_snapshot_preview1") {
+                if (!ALLOWED_WASI_FUNCTIONS.has(imp.name)) {
+                    throw new GuardianError(`Banned WASI Import Detected: ${imp.module}/${imp.name}`);
+                }
+            }
+            else {
+                throw new GuardianError(`Banned Host Import Module Detected: ${imp.module}`);
             }
             _importCount++;
+            if (_importCount > 128) {
+                throw new GuardianError("Import limit exceeded. Possible resource exhaustion attack.");
+            }
         }
         // In Node.js / V8, the maximum module size and function limits
         // are natively enforced by the engine during compilation.

package/dist/sandbox/wasi.js

@@ -116,6 +116,7 @@ export class WasiSandbox {
             sandboxEnv.queueMicrotask = undefined;
             sandboxEnv.eval = undefined;
             sandboxEnv.Function = undefined;
+            sandboxEnv.SharedArrayBuffer = undefined;
             // Inject strictly monitored globals
             sandboxEnv.records = JSON.parse(JSON.stringify(records)); // Deep copy safety
             sandboxEnv.env = JSON.parse(JSON.stringify(env));

package/dist/security/zk.d.ts

@@ -26,7 +26,7 @@ export declare const ZkVerifier: {
      * @throws ZkVerificationError if the proof is invalid or image IDs mismatch
      * @returns true if the proof mathematically verifies the execution
      */
-    verify(receipt: ZkReceipt, expectedImageId: Buffer): boolean;
+    verify(receipt: ZkReceipt, expectedImageId: Buffer, sessionSecret?: Buffer): boolean;
     /**
      * Derives a predictable ImageID (usually a Hash) from a raw WASM binary.
      *

package/dist/security/zk.js

@@ -22,7 +22,7 @@ export const ZkVerifier = {
      * @throws ZkVerificationError if the proof is invalid or image IDs mismatch
      * @returns true if the proof mathematically verifies the execution
      */
-    verify(receipt, expectedImageId) {
+    verify(receipt, expectedImageId, sessionSecret) {
         // 1. Verify Image ID (Ensures the host executed the exact logic we sent, not a malicious one)
         if (!receipt.imageId.equals(expectedImageId)) {
             throw new ZkVerificationError("ImageID mismatch. The remote origin executed a different WASM payload.");
@@ -52,6 +52,16 @@ export const ZkVerifier = {
         catch (_e) {
             throw new ZkVerificationError("Failed to parse journal data.");
         }
+        // 4. Mathematical Verification (HMAC-SHA256)
+        if (sessionSecret && sessionSecret.length > 0) {
+            const expectedSeal = crypto
+                .createHmac("sha256", sessionSecret)
+                .update(journal)
+                .digest();
+            if (!crypto.timingSafeEqual(seal, expectedSeal)) {
+                throw new ZkVerificationError("Invalid seal: HMAC verification failed.");
+            }
+        }
         return true;
     },
     /**

package/dist/workers/logic-execution.js

@@ -30,9 +30,11 @@ export default async function processLogicExecution(data) {
         // 3. Decrypt Inputs
         for (const [key, encValue] of Object.entries(inputs || {})) {
             const valBuffer = Buffer.from(encValue);
+            // Extract 12-byte prepended nonce, ciphertext, and 16-byte AuthTag
+            const inputNonce = valBuffer.subarray(0, 12);
             const valTag = valBuffer.subarray(-16);
-            const valData = valBuffer.subarray(0, -16);
-            const valDecipher = crypto.createDecipheriv("aes-256-gcm", aesKey, Buffer.from(aesNonce || new Uint8Array(12)));
+            const valData = valBuffer.subarray(12, -16);
+            const valDecipher = crypto.createDecipheriv("aes-256-gcm", aesKey, inputNonce);
             valDecipher.setAuthTag(valTag);
             let valDecrypted = valDecipher.update(valData);
             valDecrypted = Buffer.concat([valDecrypted, valDecipher.final()]);

package/dist/workers/zk-verifier.d.ts

@@ -10,6 +10,8 @@ export interface ZkVerificationPayload {
     remoteImageIdHex: string;
     /** Cbor-encoded or raw buffer containing the execution Receipt (Journal + Seal) */
     zkReceipt: Uint8Array;
+    /** Kyber-derived session secret to verify HMAC signature */
+    sessionSecret?: Uint8Array;
 }
 /**
  * Main worker entry point for Piscina.

package/dist/workers/zk-verifier.js

@@ -1,3 +1,4 @@
+import crypto from "node:crypto";
 import { parentPort } from "node:worker_threads";
 import { deriveLogicImageDigest } from "../crypto/logic-image-id.js";
 // Ensure this worker is used via Piscina pool
@@ -12,7 +13,7 @@ function deriveImageId(logicPayload) {
  * In a real environment, this delegates to @risc0/verifier or SP1 FFI bindings.
  */
 async function verifyZkReceipt(payload) {
-    const { logicPayload, remoteImageIdHex, zkReceipt } = payload;
+    const { logicPayload, remoteImageIdHex, zkReceipt, sessionSecret } = payload;
     // 1. Calculate local ImageID (Integrity Check)
     const localImageId = deriveImageId(logicPayload);
     const localImageIdHex = localImageId.toString("hex");
@@ -60,6 +61,19 @@ async function verifyZkReceipt(payload) {
     catch (_e) {
         return { verified: false, message: "Failed to parse journal data." };
     }
+    // 4. Mathematical Verification (HMAC-SHA256)
+    if (sessionSecret && sessionSecret.length > 0) {
+        const expectedSeal = crypto
+            .createHmac("sha256", sessionSecret)
+            .update(journal)
+            .digest();
+        if (!crypto.timingSafeEqual(seal, expectedSeal)) {
+            return {
+                verified: false,
+                message: "Invalid seal: HMAC verification failed.",
+            };
+        }
+    }
     return {
         verified: true,
         message: "HMAC Commitment Verified: Integrity intact.",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nekzus/liop",
-  "version": "1.2.0",
+  "version": "1.3.0-alpha.1",
   "description": "Official SDK for Logic-Injection-on-Origin Protocol (LIOP). Deploy Logic-on-Origin with WebAssembly at gRPC speed and bidirectional MCP compatibility.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -88,10 +88,10 @@
   "type": "module",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/Nekzus/Neural-Mesh-Protocol.git"
+    "url": "git+https://github.com/Nekzus/LIOP.git"
   },
   "bugs": {
-    "url": "https://github.com/Nekzus/Neural-Mesh-Protocol/issues"
+    "url": "https://github.com/Nekzus/LIOP/issues"
   },
   "homepage": "https://nekzus-32.mintlify.app/",
   "publishConfig": {