@nekzus/liop 1.3.0-alpha.1 → 2.0.0-alpha.2

package/dist/{server/index.d.ts → server.d.ts}

@@ -1,22 +1,136 @@
-import { z } from "zod";
-import { MeshNode } from "../mesh/node.js";
-import type { CallToolRequest, CallToolResult, GetPromptRequest, GetPromptResult, Prompt, Resource, ServerInfo, Tool } from "../types.js";
-import { PII_PATTERNS, PII_PRESETS, type PiiRule, PiiScanner } from "./pii.js";
-export { PII_PATTERNS, PII_PRESETS, type PiiRule, PiiScanner };
-export type ToolHandler<T extends z.ZodRawShape = z.ZodRawShape> = (args: z.infer<z.ZodObject<T>>, extra: {
+import { z } from 'zod';
+import { MeshNode } from './mesh.js';
+import { ServerInfo, CallToolResult, Prompt, GetPromptRequest, GetPromptResult, CallToolRequest, Tool, Resource } from './types.js';
+
+/** Single named entity detected by the NER scanner. */
+interface NerEntity {
+    type: "person" | "place" | "organization";
+    text: string;
+}
+/** Result of an NER scan operation. */
+interface NerScanResult {
+    detected: boolean;
+    entities: NerEntity[];
+}
+/**
+ * Scans text content for named entities that may represent PII.
+ * Uses `compromise/three` for person, place, and organization detection.
+ *
+ * Designed for egress filtering — optimized for recall over precision
+ * to ensure sensitive data does not leak through aliased output keys.
+ */
+declare class NerScanner {
+    private static nlp;
+    /**
+     * Lazy loads the compromise library only when needed.
+     */
+    private getNlp;
+    /**
+     * Scans a single string value for named entities.
+     * Returns detected entities if the text contains recognizable PII.
+     */
+    scan(text: string): Promise<NerScanResult>;
+    /**
+     * Recursively scans all string values within an object/array.
+     * Stops at the first detection for performance (fail-fast).
+     */
+    scanDeep(input: unknown, seen?: WeakSet<object>): Promise<NerScanResult>;
+}
+
+/**
+ * LIOP Professional PII Engine (The Shield V2 - Tier-1 Military Edition)
+ * Implements high-fidelity detection based on NIST and OWASP standards.
+ * Features Multi-Layer Verification (Regex + Algorithmic Validators).
+ */
+type PiiRuleDefinition = {
+    name: string;
+    pattern: string | RegExp;
+    validator?: (match: string) => boolean;
+};
+type PiiRule = string | RegExp | PiiRuleDefinition;
+declare const PII_PATTERNS: {
+    EMAIL: PiiRuleDefinition;
+    CREDIT_CARD: PiiRuleDefinition;
+    IP_ADDRESS: PiiRuleDefinition;
+    PHONE: PiiRuleDefinition;
+    SSN: PiiRuleDefinition;
+    IBAN: PiiRuleDefinition;
+    PASSPORT_MRZ: PiiRuleDefinition;
+};
+/**
+ * Regional and Cultural Security Presets for Out-Of-The-Box compliance.
+ * Developers can override, merge, or omit these based on local laws.
+ */
+declare const PII_PRESETS: {
+    GLOBAL_STRICT: PiiRuleDefinition[];
+    US_COMPLIANT: PiiRuleDefinition[];
+    EU_GDPR: PiiRuleDefinition[];
+};
+declare class PiiScanner {
+    private patterns;
+    private forbiddenKeysSet;
+    private nerScanner;
+    /**
+     * Safelist of keys that contain forbidden substrings but are NOT PII.
+     * Prevents false positives from fuzzy matching (e.g., "grid" contains "id").
+     */
+    private static readonly KEY_SAFELIST;
+    /**
+     * Short forbidden tokens (< 4 chars) that require boundary-aware matching.
+     * Uses regex boundary detection to avoid false positives.
+     */
+    private shortTokenBoundaryPatterns;
+    /**
+     * Long forbidden tokens (>= 4 chars) that use substring containment.
+     */
+    private longForbiddenTokens;
+    constructor(patterns?: PiiRule[], forbiddenKeys?: string[], nerScanner?: NerScanner | null);
+    /**
+     * Scans any input (string, object, array) for PII violations.
+     * Returns the pattern/rule name that triggered the violation, or null if safe.
+     *
+     * Detection pipeline (fail-fast):
+     *   1. Exact key match (O(1) Set lookup)
+     *   2. Fuzzy key match (boundary detection for short tokens, substring for long)
+     *   3. Regex/algorithmic pattern match on string values
+     *   4. NER content scan on string values (if enabled)
+     */
+    scan(input: unknown, seen?: WeakSet<object>): Promise<string | null>;
+    /**
+     * Checks a key against fuzzy matching rules.
+     * Short tokens use boundary-aware regex; long tokens use substring containment.
+     */
+    private checkKeyFuzzy;
+    private checkString;
+}
+
+type ToolHandler<T extends z.ZodRawShape = z.ZodRawShape> = (args: z.infer<z.ZodObject<T>>, extra: {
     signal?: AbortSignal;
 }) => Promise<CallToolResult>;
-export interface LiopServerOptions {
+interface LiopServerOptions {
     capabilities?: Record<string, unknown>;
     workerPool?: {
         enabled?: boolean;
         minThreads?: number;
         maxThreads?: number;
         idleTimeout?: number;
+        /** Max heap memory per worker in MB (default: 64). Prevents heap bomb DoS. */
+        maxHeapMb?: number;
     };
     security?: {
         piiPatterns?: PiiRule[];
         forbiddenKeys?: string[];
+        /** Enable NLP-based Named Entity Recognition scanning on output values. */
+        enableNerScanning?: boolean;
+        /** Rate limiting configuration for tool calls (OWASP A01). */
+        rateLimit?: {
+            /** Maximum calls per window per tool (default: 15). */
+            maxPerWindow?: number;
+            /** Maximum calls per window across ALL tools combined (default: 40). */
+            globalMaxPerWindow?: number;
+            /** Sliding window duration in milliseconds (default: 60000 = 1 min). */
+            windowMs?: number;
+        };
     };
     taxonomy?: {
         domain?: string;
@@ -24,13 +138,13 @@ export interface LiopServerOptions {
         executionTypes?: string[];
     };
 }
-export interface AggregationPolicy {
+interface AggregationPolicy {
     /** Maximum number of object-type array elements allowed (default: 10) */
     maxOutputRows?: number;
     /** Allow arrays containing only primitive values (default: true) */
     allowPrimitiveArrays?: boolean;
 }
-export interface LogicExecutionPolicy {
+interface LogicExecutionPolicy {
     /**
      * Validate the business payload returned by sandbox logic (post-execution).
      * This runs before final egress checks and blocks non-conforming outputs.
@@ -45,7 +159,7 @@ export interface LogicExecutionPolicy {
      */
     preflightDenyPatterns?: RegExp[];
 }
-export declare class LiopServer {
+declare class LiopServer {
     private serverInfo;
     private config?;
     private logicCache;
@@ -53,6 +167,12 @@ export declare class LiopServer {
     private readonly CACHE_TTL_MS;
     private readonly THROTTLE_THRESHOLD;
     private readonly THROTTLE_COOLDOWN_MS;
+    private toolCallWindows;
+    private readonly toolCallMaxPerWindow;
+    private readonly toolCallWindowMs;
+    private globalCallWindow;
+    private readonly globalCallMaxPerWindow;
+    private readonly taintAnalyzer;
     private tools;
     private resources;
     private prompts;
@@ -128,6 +248,19 @@ export declare class LiopServer {
      * Manually invalidates the AST Logic Cache (e.g. for Zero-Day patches).
      */
     clearAstCache(): void;
+    /**
+     * Sliding window rate limiter for tool call frequency.
+     * Prevents micro-query exfiltration attacks where an attacker
+     * makes hundreds of individually-legitimate calls to reconstruct
+     * the full dataset field by field. (OWASP A01)
+     */
+    private checkToolCallRateLimit;
+    /**
+     * Global cross-tool rate limiter.
+     * Prevents attackers from distributing micro-queries across multiple tools
+     * to evade per-tool rate limits. (OWASP A01)
+     */
+    private checkGlobalRateLimit;
     /**
      * Emulates calling a tool (used locally or via LIOPMcpBridge)
      */
@@ -187,3 +320,5 @@ export declare class LiopServer {
      */
     close(): Promise<void>;
 }
+
+export { type AggregationPolicy, LiopServer, type LiopServerOptions, type LogicExecutionPolicy, NerScanner, PII_PATTERNS, PII_PRESETS, type PiiRule, PiiScanner, type ToolHandler };

package/dist/server.js

@@ -0,0 +1,2 @@
+export{f as LiopServer,b as NerScanner,c as PII_PATTERNS,d as PII_PRESETS,e as PiiScanner}from'./chunk-X6FJATUE.js';import'./chunk-HM77MWB6.js';import'./chunk-PPCOS2NU.js';import'./chunk-S6RJHZV2.js';//# sourceMappingURL=server.js.map
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"server.js"}

package/dist/types.d.ts

@@ -1,8 +1,9 @@
-import { z } from "zod";
+import { z } from 'zod';
+
 /**
  * Base Protocol Types representing parity with Model Context Protocol
  */
-export declare const ToolSchema: z.ZodObject<{
+declare const ToolSchema: z.ZodObject<{
     name: z.ZodString;
     description: z.ZodOptional<z.ZodString>;
     inputSchema: z.ZodRecord<z.ZodString, z.ZodUnknown>;
@@ -15,8 +16,8 @@ export declare const ToolSchema: z.ZodObject<{
     inputSchema: Record<string, unknown>;
     description?: string | undefined;
 }>;
-export type Tool = z.infer<typeof ToolSchema>;
-export declare const ResourceSchema: z.ZodObject<{
+type Tool = z.infer<typeof ToolSchema>;
+declare const ResourceSchema: z.ZodObject<{
     uri: z.ZodString;
     name: z.ZodString;
     description: z.ZodOptional<z.ZodString>;
@@ -32,8 +33,8 @@ export declare const ResourceSchema: z.ZodObject<{
     description?: string | undefined;
     mimeType?: string | undefined;
 }>;
-export type Resource = z.infer<typeof ResourceSchema>;
-export declare const PromptSchema: z.ZodObject<{
+type Resource = z.infer<typeof ResourceSchema>;
+declare const PromptSchema: z.ZodObject<{
     name: z.ZodString;
     description: z.ZodOptional<z.ZodString>;
     arguments: z.ZodOptional<z.ZodArray<z.ZodObject<{
@@ -66,12 +67,12 @@ export declare const PromptSchema: z.ZodObject<{
         required?: boolean | undefined;
     }[] | undefined;
 }>;
-export type Prompt = z.infer<typeof PromptSchema>;
-export interface CallToolRequest {
+type Prompt = z.infer<typeof PromptSchema>;
+interface CallToolRequest {
     name: string;
     arguments?: Record<string, unknown>;
 }
-export interface CallToolResult {
+interface CallToolResult {
     content: Array<{
         type: "text" | "image" | "resource";
         text?: string;
@@ -85,11 +86,11 @@ export interface CallToolResult {
     }>;
     isError?: boolean;
 }
-export interface GetPromptRequest {
+interface GetPromptRequest {
     name: string;
     arguments?: Record<string, string>;
 }
-export interface GetPromptResult {
+interface GetPromptResult {
     description?: string;
     messages: Array<{
         role: "user" | "assistant";
@@ -110,7 +111,7 @@ export interface GetPromptResult {
         };
     }>;
 }
-export interface ServerInfo {
+interface ServerInfo {
     name: string;
     version: string;
     capabilities?: {
@@ -127,13 +128,13 @@ export interface ServerInfo {
         logging?: Record<string, unknown>;
     };
 }
-export interface McpRequest {
+interface McpRequest {
     method: string;
     params?: unknown;
     id?: string | number | null;
     jsonrpc?: "2.0";
 }
-export interface McpResponse {
+interface McpResponse {
     jsonrpc: "2.0";
     id?: string | number | null;
     result?: unknown;
@@ -143,3 +144,5 @@ export interface McpResponse {
         data?: unknown;
     };
 }
+
+export { type CallToolRequest, type CallToolResult, type GetPromptRequest, type GetPromptResult, type McpRequest, type McpResponse, type Prompt, PromptSchema, type Resource, ResourceSchema, type ServerInfo, type Tool, ToolSchema };

package/dist/types.js

@@ -1,26 +1,2 @@
-import { z } from "zod";
-/**
- * Base Protocol Types representing parity with Model Context Protocol
- */
-export const ToolSchema = z.object({
-    name: z.string(),
-    description: z.string().optional(),
-    inputSchema: z.record(z.string(), z.unknown()), // Represents a JSON Schema
-});
-export const ResourceSchema = z.object({
-    uri: z.string(),
-    name: z.string(),
-    description: z.string().optional(),
-    mimeType: z.string().optional(),
-});
-export const PromptSchema = z.object({
-    name: z.string(),
-    description: z.string().optional(),
-    arguments: z
-        .array(z.object({
-        name: z.string(),
-        description: z.string().optional(),
-        required: z.boolean().optional(),
-    }))
-        .optional(),
-});
+export{c as PromptSchema,b as ResourceSchema,a as ToolSchema}from'./chunk-HQZHZM6U.js';//# sourceMappingURL=types.js.map
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"types.js"}

package/dist/{crypto/verifier.d.ts → verifier-DTCD9imJ.d.ts}

@@ -5,7 +5,7 @@
  * It validates both the integrity of the code (ZkImageID) and the mathematical proof
  * of its execution (ZkSeal), as well as hardware-level attestation (TEE).
  */
-export declare class LiopVerifier {
+declare class LiopVerifier {
     private static zkWorkerPool;
     private getZkPool;
     /**
@@ -27,3 +27,5 @@ export declare class LiopVerifier {
      */
     deriveImageId(logicPayload: Buffer): Buffer;
 }
+
+export { LiopVerifier as L };

package/dist/verifier-RQRYXA4C.js

@@ -0,0 +1,2 @@
+export{a as LiopVerifier}from'./chunk-UVTEJYHN.js';import'./chunk-ANFXJGMP.js';import'./chunk-S6RJHZV2.js';//# sourceMappingURL=verifier-RQRYXA4C.js.map
+//# sourceMappingURL=verifier-RQRYXA4C.js.map

package/dist/verifier-RQRYXA4C.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"verifier-RQRYXA4C.js"}

package/dist/workers/logic-execution.d.ts

@@ -1,4 +1,4 @@
-export interface WorkerData {
+interface WorkerData {
     ciphertext: Uint8Array;
     secretKeyObj: ArrayLike<number>;
     kyberPublicKey: Uint8Array;
@@ -9,9 +9,11 @@ export interface WorkerData {
     isEncrypted?: boolean;
     aesNonce?: Uint8Array;
 }
-export default function processLogicExecution(data: WorkerData): Promise<{
+declare function processLogicExecution(data: WorkerData): Promise<{
     image_id: string;
     output: unknown;
     fuel_consumed: number;
     zk_receipt?: string;
 }>;
+
+export { type WorkerData, processLogicExecution as default };

package/dist/workers/logic-execution.js

@@ -1,123 +1,2 @@
-import { Buffer } from "node:buffer";
-import crypto from "node:crypto";
-import { createMlKem768 } from "mlkem";
-import { deriveLogicImageDigest, normalizeLogicSource, } from "../crypto/logic-image-id.js";
-import { ASTGuardian } from "../sandbox/guardian.js";
-import { WasiSandbox } from "../sandbox/wasi.js";
-export default async function processLogicExecution(data) {
-    const { ciphertext, secretKeyObj, wasmBinary, inputs, aesNonce, records, isEncrypted = true, } = data;
-    let decryptedPayload;
-    const decryptedInputs = {};
-    let sessionSecret = Buffer.alloc(32); // Fallback if plain text (no PQC)
-    if (isEncrypted) {
-        // 1. Decapsulate Kyber secret
-        const sk = new Uint8Array(secretKeyObj);
-        const ct = new Uint8Array(ciphertext);
-        const kem = await createMlKem768();
-        const sharedSecret = kem.decap(ct, sk);
-        const aesKey = Buffer.from(sharedSecret);
-        sessionSecret = aesKey;
-        // 2. Decrypt Main Payload (WASM/JS Code)
-        // LIOP Serialization: Ciphertext = EncryptedData + 16-byte AuthTag
-        const wasmBuffer = Buffer.from(wasmBinary);
-        const authTag = wasmBuffer.subarray(-16);
-        const encryptedData = wasmBuffer.subarray(0, -16);
-        const decipher = crypto.createDecipheriv("aes-256-gcm", aesKey, Buffer.from(aesNonce || new Uint8Array(12)));
-        decipher.setAuthTag(authTag);
-        let decrypted = decipher.update(encryptedData);
-        decrypted = Buffer.concat([decrypted, decipher.final()]);
-        decryptedPayload = decrypted;
-        // 3. Decrypt Inputs
-        for (const [key, encValue] of Object.entries(inputs || {})) {
-            const valBuffer = Buffer.from(encValue);
-            // Extract 12-byte prepended nonce, ciphertext, and 16-byte AuthTag
-            const inputNonce = valBuffer.subarray(0, 12);
-            const valTag = valBuffer.subarray(-16);
-            const valData = valBuffer.subarray(12, -16);
-            const valDecipher = crypto.createDecipheriv("aes-256-gcm", aesKey, inputNonce);
-            valDecipher.setAuthTag(valTag);
-            let valDecrypted = valDecipher.update(valData);
-            valDecrypted = Buffer.concat([valDecrypted, valDecipher.final()]);
-            decryptedInputs[key] = JSON.parse(valDecrypted.toString("utf-8"));
-        }
-    }
-    else {
-        // Transparent mode: payload is provided directly
-        // If it's WASM (Magic bytes: \0asm), keep as Buffer
-        if (wasmBinary[0] === 0x00 &&
-            wasmBinary[1] === 0x61 &&
-            wasmBinary[2] === 0x73 &&
-            wasmBinary[3] === 0x6d) {
-            decryptedPayload = Buffer.from(wasmBinary);
-        }
-        else {
-            decryptedPayload = Buffer.from(wasmBinary).toString("utf-8");
-        }
-    }
-    // 3. Inspect AST with Guardian-TS (if WASM)
-    const isWasm = decryptedPayload[0] === 0x00 &&
-        decryptedPayload[1] === 0x61 &&
-        decryptedPayload[2] === 0x73 &&
-        decryptedPayload[3] === 0x6d;
-    if (decryptedPayload instanceof Buffer && isWasm) {
-        // Ensure we pass a compatible BufferSource
-        const wasmBytes = new Uint8Array(decryptedPayload);
-        const compiledModule = await WebAssembly.compile(wasmBytes);
-        ASTGuardian.analyze(compiledModule);
-    }
-    else if (decryptedPayload instanceof Buffer && !isWasm) {
-        decryptedPayload = decryptedPayload.toString("utf-8");
-    }
-    // Strip only a whole-document LIOP envelope (see logic-image-id.ts).
-    if (typeof decryptedPayload === "string") {
-        decryptedPayload = normalizeLogicSource(decryptedPayload);
-    }
-    // 4. Instantiate and Execute WASI Sandbox (or V8 Fallback)
-    const sandbox = new WasiSandbox();
-    await sandbox.init();
-    try {
-        const result = await sandbox.execute(decryptedPayload, records, decryptedInputs);
-        // 5. Generate Cryptographic Proof of Execution (HMAC-SHA256 Commitment)
-        let logicBytes;
-        if (typeof decryptedPayload === "string") {
-            logicBytes = Buffer.from(decryptedPayload, "utf-8");
-        }
-        else {
-            logicBytes = new Uint8Array(decryptedPayload);
-        }
-        const imageId = deriveLogicImageDigest(logicBytes).toString("hex");
-        const journal = Buffer.from(JSON.stringify({
-            image_id: imageId,
-            output_hash: crypto
-                .createHash("sha256")
-                .update(typeof result.output === "string"
-                ? result.output
-                : JSON.stringify(result.output))
-                .digest("hex"),
-            fuel: result.fuelConsumed,
-            ts: Date.now(),
-        }));
-        const seal = crypto
-            .createHmac("sha256", sessionSecret)
-            .update(journal)
-            .digest();
-        const journalLen = Buffer.alloc(2);
-        journalLen.writeUInt16BE(journal.length);
-        const receiptBuf = Buffer.concat([
-            Buffer.from([0x01]), // Receipt format v1
-            journalLen,
-            journal,
-            seal, // 32 bytes HMAC
-        ]);
-        const zkReceipt = receiptBuf.toString("base64");
-        return {
-            image_id: imageId,
-            zk_receipt: zkReceipt,
-            output: result.output,
-            fuel_consumed: result.fuelConsumed,
-        };
-    }
-    finally {
-        await sandbox.teardown();
-    }
-}
+import {a,b}from'../chunk-HNDVAKEK.js';import {a as a$1,b as b$1}from'../chunk-ANFXJGMP.js';import {Buffer}from'buffer';import c from'crypto';import {createMlKem768}from'mlkem';async function I(B){let{ciphertext:D,secretKeyObj:v,wasmBinary:n,inputs:_,aesNonce:N,records:O,isEncrypted:T=true}=B,e,w={},x=Buffer.alloc(32);if(T){let r=new Uint8Array(v),o=new Uint8Array(D),a=(await createMlKem768()).decap(o,r),s=Buffer.from(a);x=s;let i=Buffer.from(n),h=i.subarray(-16),p=i.subarray(0,-16),m=c.createDecipheriv("aes-256-gcm",s,Buffer.from(N||new Uint8Array(12)));m.setAuthTag(h);let y=m.update(p);y=Buffer.concat([y,m.final()]),e=y;for(let[j,z]of Object.entries(_||{})){let l=Buffer.from(z),K=l.subarray(0,12),L=l.subarray(-16),W=l.subarray(12,-16),d=c.createDecipheriv("aes-256-gcm",s,K);d.setAuthTag(L);let g=d.update(W);g=Buffer.concat([g,d.final()]),w[j]=JSON.parse(g.toString("utf-8"));}}else n[0]===0&&n[1]===97&&n[2]===115&&n[3]===109?e=Buffer.from(n):e=Buffer.from(n).toString("utf-8");let b$2=e[0]===0&&e[1]===97&&e[2]===115&&e[3]===109;if(e instanceof Buffer&&b$2){let r=new Uint8Array(e),o=await WebAssembly.compile(r);a.analyze(o);}else e instanceof Buffer&&!b$2&&(e=e.toString("utf-8"));typeof e=="string"&&(e=a$1(e));let u=new b;await u.init();try{let r=await u.execute(e,O,w),o;typeof e=="string"?o=Buffer.from(e,"utf-8"):o=new Uint8Array(e);let f=b$1(o).toString("hex"),a=Buffer.from(JSON.stringify({image_id:f,output_hash:c.createHash("sha256").update(typeof r.output=="string"?r.output:JSON.stringify(r.output)).digest("hex"),fuel:r.fuelConsumed,ts:Date.now()})),s=c.createHmac("sha256",x).update(a).digest(),i=Buffer.alloc(2);i.writeUInt16BE(a.length);let p=Buffer.concat([Buffer.from([1]),i,a,s]).toString("base64");return {image_id:f,zk_receipt:p,output:r.output,fuel_consumed:r.fuelConsumed}}finally{await u.teardown();}}export{I as default};//# sourceMappingURL=logic-execution.js.map
+//# sourceMappingURL=logic-execution.js.map

package/dist/workers/logic-execution.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/workers/logic-execution.ts"],"names":["processLogicExecution","data","ciphertext","secretKeyObj","wasmBinary","inputs","aesNonce","records","isEncrypted","decryptedPayload","decryptedInputs","sessionSecret","Buffer","sk","ct","sharedSecret","createMlKem768","aesKey","wasmBuffer","authTag","encryptedData","decipher","crypto","decrypted","key","encValue","valBuffer","inputNonce","valTag","valData","valDecipher","valDecrypted","isWasm","wasmBytes","compiledModule","ASTGuardian","normalizeLogicSource","sandbox","WasiSandbox","result","logicBytes","imageId","deriveLogicImageDigest","journal","seal","journalLen","zkReceipt"],"mappings":"iLAsBA,eAAOA,EAA6CC,CAAAA,CAKjD,CACF,GAAM,CACL,UAAA,CAAAC,EACA,YAAA,CAAAC,CAAAA,CACA,UAAA,CAAAC,CAAAA,CACA,MAAA,CAAAC,CAAAA,CACA,SAAAC,CAAAA,CACA,OAAA,CAAAC,EACA,WAAA,CAAAC,CAAAA,CAAc,IACf,CAAA,CAAIP,CAAAA,CAEAQ,CAAAA,CACEC,CAAAA,CAA2C,EAAC,CAC9CC,EAAgBC,MAAAA,CAAO,KAAA,CAAM,EAAE,CAAA,CAEnC,GAAIJ,CAAAA,CAAa,CAEhB,IAAMK,CAAAA,CAAK,IAAI,UAAA,CAAWV,CAAY,CAAA,CAChCW,EAAK,IAAI,UAAA,CAAWZ,CAAU,CAAA,CAE9Ba,CAAAA,CAAAA,CADM,MAAMC,cAAAA,EAAe,EACR,KAAA,CAAMF,CAAAA,CAAID,CAAE,CAAA,CAC/BI,EAASL,MAAAA,CAAO,IAAA,CAAKG,CAAY,CAAA,CACvCJ,CAAAA,CAAgBM,EAIhB,IAAMC,CAAAA,CAAaN,MAAAA,CAAO,IAAA,CAAKR,CAAU,CAAA,CACnCe,EAAUD,CAAAA,CAAW,QAAA,CAAS,GAAG,CAAA,CACjCE,CAAAA,CAAgBF,EAAW,QAAA,CAAS,CAAA,CAAG,GAAG,CAAA,CAE1CG,CAAAA,CAAWC,CAAAA,CAAO,iBACvB,aAAA,CACAL,CAAAA,CACAL,MAAAA,CAAO,IAAA,CAAKN,CAAAA,EAAY,IAAI,WAAW,EAAE,CAAC,CAC3C,CAAA,CACAe,CAAAA,CAAS,UAAA,CAAWF,CAAO,CAAA,CAC3B,IAAII,EAAYF,CAAAA,CAAS,MAAA,CAAOD,CAAa,CAAA,CAC7CG,CAAAA,CAAYX,MAAAA,CAAO,MAAA,CAAO,CAACW,CAAAA,CAAWF,EAAS,KAAA,EAAO,CAAC,CAAA,CACvDZ,CAAAA,CAAmBc,EAGnB,IAAA,GAAW,CAACC,CAAAA,CAAKC,CAAQ,CAAA,GAAK,MAAA,CAAO,QAAQpB,CAAAA,EAAU,EAAE,CAAA,CAAG,CAC3D,IAAMqB,CAAAA,CAAYd,MAAAA,CAAO,IAAA,CAAKa,CAAQ,CAAA,CAEhCE,CAAAA,CAAaD,EAAU,QAAA,CAAS,CAAA,CAAG,EAAE,CAAA,CACrCE,CAAAA,CAASF,CAAAA,CAAU,SAAS,GAAG,CAAA,CAC/BG,CAAAA,CAAUH,CAAAA,CAAU,QAAA,CAAS,EAAA,CAAI,GAAG,CAAA,CAEpCI,CAAAA,CAAcR,EAAO,gBAAA,CAC1B,aAAA,CACAL,EACAU,CACD,CAAA,CACAG,CAAAA,CAAY,UAAA,CAAWF,CAAM,CAAA,CAC7B,IAAIG,CAAAA,CAAeD,CAAAA,CAAY,MAAA,CAAOD,CAAO,CAAA,CAC7CE,CAAAA,CAAenB,OAAO,MAAA,CAAO,CAACmB,CAAAA,CAAcD,CAAAA,CAAY,KAAA,EAAO,CAAC,CAAA,CAChEpB,CAAAA,CAAgBc,CAAG,CAAA,CAAI,IAAA,CAAK,MAAMO,CAAAA,CAAa,QAAA,CAAS,OAAO,CAAC,EACjE,CACD,MAIE3B,CAAAA,CAAW,CAAC,CAAA,GAAM,CAAA,EAClBA,CAAAA,CAAW,CAAC,IAAM,EAAA,EAClBA,CAAAA,CAAW,CAAC,CAAA,GAAM,GAAA,EAClBA,CAAAA,CAAW,CAAC,CAAA,GAAM,GAAA,CAElBK,EAAmBG,MAAAA,CAAO,IAAA,CAAKR,CAAU,CAAA,CAEzCK,CAAAA,CAAmBG,MAAAA,CAAO,IAAA,CAAKR,CAAU,CAAA,CAAE,SAAS,OAAO,CAAA,CAK7D,IAAM4B,GAAAA,CACLvB,CAAAA,CAAiB,CAAC,CAAA,GAAM,CAAA,EACxBA,CAAAA,CAAiB,CAAC,CAAA,GAAM,EAAA,EACxBA,EAAiB,CAAC,CAAA,GAAM,KACxBA,CAAAA,CAAiB,CAAC,IAAM,GAAA,CAEzB,GAAIA,CAAAA,YAA4BG,MAAAA,EAAUoB,GAAAA,CAAQ,CAEjD,IAAMC,CAAAA,CAAY,IAAI,UAAA,CAAWxB,CAAgB,CAAA,CAC3CyB,CAAAA,CAAiB,MAAM,WAAA,CAAY,OAAA,CAAQD,CAAS,CAAA,CAC1DE,CAAAA,CAAY,OAAA,CAAQD,CAAc,EACnC,CAAA,KAAWzB,aAA4BG,MAAAA,EAAU,CAACoB,MACjDvB,CAAAA,CAAmBA,CAAAA,CAAiB,QAAA,CAAS,OAAO,CAAA,CAAA,CAIjD,OAAOA,GAAqB,QAAA,GAC/BA,CAAAA,CAAmB2B,GAAAA,CAAqB3B,CAAgB,CAAA,CAAA,CAIzD,IAAM4B,EAAU,IAAIC,CAAAA,CACpB,MAAMD,CAAAA,CAAQ,IAAA,EAAK,CAEnB,GAAI,CACH,IAAME,EAAS,MAAMF,CAAAA,CAAQ,QAC5B5B,CAAAA,CACAF,CAAAA,CACAG,CACD,CAAA,CAGI8B,CAAAA,CACA,OAAO/B,GAAqB,QAAA,CAC/B+B,CAAAA,CAAa5B,MAAAA,CAAO,IAAA,CAAKH,CAAAA,CAAkB,OAAO,EAElD+B,CAAAA,CAAa,IAAI,UAAA,CAAW/B,CAAgB,CAAA,CAE7C,IAAMgC,EAAUC,GAAAA,CAAuBF,CAAU,EAAE,QAAA,CAAS,KAAK,EAE3DG,CAAAA,CAAU/B,MAAAA,CAAO,IAAA,CACtB,IAAA,CAAK,SAAA,CAAU,CACd,SAAU6B,CAAAA,CACV,WAAA,CAAanB,EACX,UAAA,CAAW,QAAQ,EACnB,MAAA,CACA,OAAOiB,CAAAA,CAAO,MAAA,EAAW,QAAA,CACtBA,CAAAA,CAAO,OACP,IAAA,CAAK,SAAA,CAAUA,EAAO,MAAM,CAChC,EACC,MAAA,CAAO,KAAK,CAAA,CACd,IAAA,CAAMA,CAAAA,CAAO,YAAA,CACb,GAAI,IAAA,CAAK,GAAA,EACV,CAAC,CACF,CAAA,CAEMK,EAAOtB,CAAAA,CACX,UAAA,CAAW,QAAA,CAAUX,CAAa,CAAA,CAClC,MAAA,CAAOgC,CAAO,CAAA,CACd,MAAA,GACIE,CAAAA,CAAajC,MAAAA,CAAO,MAAM,CAAC,CAAA,CACjCiC,CAAAA,CAAW,aAAA,CAAcF,CAAAA,CAAQ,MAAM,EAOvC,IAAMG,CAAAA,CANalC,MAAAA,CAAO,MAAA,CAAO,CAChCA,MAAAA,CAAO,KAAK,CAAC,CAAI,CAAC,CAAA,CAClBiC,CAAAA,CACAF,CAAAA,CACAC,CACD,CAAC,CAAA,CAC4B,SAAS,QAAQ,CAAA,CAE9C,OAAO,CACN,QAAA,CAAUH,CAAAA,CACV,UAAA,CAAYK,CAAAA,CACZ,MAAA,CAAQP,EAAO,MAAA,CACf,aAAA,CAAeA,CAAAA,CAAO,YACvB,CACD,CAAA,OAAE,CACD,MAAMF,CAAAA,CAAQ,QAAA,GACf,CACD","file":"logic-execution.js","sourcesContent":["import { Buffer } from \"node:buffer\";\nimport crypto from \"node:crypto\";\nimport { createMlKem768 } from \"mlkem\";\nimport {\n\tderiveLogicImageDigest,\n\tnormalizeLogicSource,\n} from \"../crypto/logic-image-id.js\";\nimport { ASTGuardian } from \"../sandbox/guardian.js\";\nimport { WasiSandbox } from \"../sandbox/wasi.js\";\n\nexport interface WorkerData {\n\tciphertext: Uint8Array;\n\tsecretKeyObj: ArrayLike<number>;\n\tkyberPublicKey: Uint8Array;\n\twasmBinary: Uint8Array; // Can also be JS code in non-encrypted mode\n\tinputs: Record<string, Uint8Array>;\n\trecords?: Record<string, unknown>[];\n\tsessionToken: string;\n\tisEncrypted?: boolean;\n\taesNonce?: Uint8Array;\n}\n\nexport default async function processLogicExecution(data: WorkerData): Promise<{\n\timage_id: string;\n\toutput: unknown;\n\tfuel_consumed: number;\n\tzk_receipt?: string;\n}> {\n\tconst {\n\t\tciphertext,\n\t\tsecretKeyObj,\n\t\twasmBinary,\n\t\tinputs,\n\t\taesNonce,\n\t\trecords,\n\t\tisEncrypted = true,\n\t} = data;\n\n\tlet decryptedPayload: Buffer | string;\n\tconst decryptedInputs: Record<string, unknown> = {};\n\tlet sessionSecret = Buffer.alloc(32); // Fallback if plain text (no PQC)\n\n\tif (isEncrypted) {\n\t\t// 1. Decapsulate Kyber secret\n\t\tconst sk = new Uint8Array(secretKeyObj);\n\t\tconst ct = new Uint8Array(ciphertext);\n\t\tconst kem = await createMlKem768();\n\t\tconst sharedSecret = kem.decap(ct, sk);\n\t\tconst aesKey = Buffer.from(sharedSecret);\n\t\tsessionSecret = aesKey;\n\n\t\t// 2. Decrypt Main Payload (WASM/JS Code)\n\t\t// LIOP Serialization: Ciphertext = EncryptedData + 16-byte AuthTag\n\t\tconst wasmBuffer = Buffer.from(wasmBinary);\n\t\tconst authTag = wasmBuffer.subarray(-16);\n\t\tconst encryptedData = wasmBuffer.subarray(0, -16);\n\n\t\tconst decipher = crypto.createDecipheriv(\n\t\t\t\"aes-256-gcm\",\n\t\t\taesKey,\n\t\t\tBuffer.from(aesNonce || new Uint8Array(12)),\n\t\t);\n\t\tdecipher.setAuthTag(authTag);\n\t\tlet decrypted = decipher.update(encryptedData);\n\t\tdecrypted = Buffer.concat([decrypted, decipher.final()]);\n\t\tdecryptedPayload = decrypted;\n\n\t\t// 3. Decrypt Inputs\n\t\tfor (const [key, encValue] of Object.entries(inputs || {})) {\n\t\t\tconst valBuffer = Buffer.from(encValue);\n\t\t\t// Extract 12-byte prepended nonce, ciphertext, and 16-byte AuthTag\n\t\t\tconst inputNonce = valBuffer.subarray(0, 12);\n\t\t\tconst valTag = valBuffer.subarray(-16);\n\t\t\tconst valData = valBuffer.subarray(12, -16);\n\n\t\t\tconst valDecipher = crypto.createDecipheriv(\n\t\t\t\t\"aes-256-gcm\",\n\t\t\t\taesKey,\n\t\t\t\tinputNonce,\n\t\t\t);\n\t\t\tvalDecipher.setAuthTag(valTag);\n\t\t\tlet valDecrypted = valDecipher.update(valData);\n\t\t\tvalDecrypted = Buffer.concat([valDecrypted, valDecipher.final()]);\n\t\t\tdecryptedInputs[key] = JSON.parse(valDecrypted.toString(\"utf-8\"));\n\t\t}\n\t} else {\n\t\t// Transparent mode: payload is provided directly\n\t\t// If it's WASM (Magic bytes: \\0asm), keep as Buffer\n\t\tif (\n\t\t\twasmBinary[0] === 0x00 &&\n\t\t\twasmBinary[1] === 0x61 &&\n\t\t\twasmBinary[2] === 0x73 &&\n\t\t\twasmBinary[3] === 0x6d\n\t\t) {\n\t\t\tdecryptedPayload = Buffer.from(wasmBinary);\n\t\t} else {\n\t\t\tdecryptedPayload = Buffer.from(wasmBinary).toString(\"utf-8\");\n\t\t}\n\t}\n\n\t// 3. Inspect AST with Guardian-TS (if WASM)\n\tconst isWasm =\n\t\tdecryptedPayload[0] === 0x00 &&\n\t\tdecryptedPayload[1] === 0x61 &&\n\t\tdecryptedPayload[2] === 0x73 &&\n\t\tdecryptedPayload[3] === 0x6d;\n\n\tif (decryptedPayload instanceof Buffer && isWasm) {\n\t\t// Ensure we pass a compatible BufferSource\n\t\tconst wasmBytes = new Uint8Array(decryptedPayload);\n\t\tconst compiledModule = await WebAssembly.compile(wasmBytes);\n\t\tASTGuardian.analyze(compiledModule);\n\t} else if (decryptedPayload instanceof Buffer && !isWasm) {\n\t\tdecryptedPayload = decryptedPayload.toString(\"utf-8\");\n\t}\n\n\t// Strip only a whole-document LIOP envelope (see logic-image-id.ts).\n\tif (typeof decryptedPayload === \"string\") {\n\t\tdecryptedPayload = normalizeLogicSource(decryptedPayload);\n\t}\n\n\t// 4. Instantiate and Execute WASI Sandbox (or V8 Fallback)\n\tconst sandbox = new WasiSandbox();\n\tawait sandbox.init();\n\n\ttry {\n\t\tconst result = await sandbox.execute(\n\t\t\tdecryptedPayload,\n\t\t\trecords,\n\t\t\tdecryptedInputs,\n\t\t);\n\n\t\t// 5. Generate Cryptographic Proof of Execution (HMAC-SHA256 Commitment)\n\t\tlet logicBytes: Uint8Array;\n\t\tif (typeof decryptedPayload === \"string\") {\n\t\t\tlogicBytes = Buffer.from(decryptedPayload, \"utf-8\");\n\t\t} else {\n\t\t\tlogicBytes = new Uint8Array(decryptedPayload);\n\t\t}\n\t\tconst imageId = deriveLogicImageDigest(logicBytes).toString(\"hex\");\n\n\t\tconst journal = Buffer.from(\n\t\t\tJSON.stringify({\n\t\t\t\timage_id: imageId,\n\t\t\t\toutput_hash: crypto\n\t\t\t\t\t.createHash(\"sha256\")\n\t\t\t\t\t.update(\n\t\t\t\t\t\ttypeof result.output === \"string\"\n\t\t\t\t\t\t\t? result.output\n\t\t\t\t\t\t\t: JSON.stringify(result.output),\n\t\t\t\t\t)\n\t\t\t\t\t.digest(\"hex\"),\n\t\t\t\tfuel: result.fuelConsumed,\n\t\t\t\tts: Date.now(),\n\t\t\t}),\n\t\t);\n\n\t\tconst seal = crypto\n\t\t\t.createHmac(\"sha256\", sessionSecret)\n\t\t\t.update(journal)\n\t\t\t.digest();\n\t\tconst journalLen = Buffer.alloc(2);\n\t\tjournalLen.writeUInt16BE(journal.length);\n\t\tconst receiptBuf = Buffer.concat([\n\t\t\tBuffer.from([0x01]), // Receipt format v1\n\t\t\tjournalLen,\n\t\t\tjournal,\n\t\t\tseal, // 32 bytes HMAC\n\t\t]);\n\t\tconst zkReceipt = receiptBuf.toString(\"base64\");\n\n\t\treturn {\n\t\t\timage_id: imageId,\n\t\t\tzk_receipt: zkReceipt,\n\t\t\toutput: result.output,\n\t\t\tfuel_consumed: result.fuelConsumed,\n\t\t};\n\t} finally {\n\t\tawait sandbox.teardown();\n\t}\n}\n"]}

package/dist/workers/zk-verifier.d.ts

@@ -2,7 +2,7 @@
  * ZK Verification Payload Structure.
  * Modeled after RISC Zero & SP1 Receipt formats.
  */
-export interface ZkVerificationPayload {
+interface ZkVerificationPayload {
     action: "verify_receipt";
     /** Original logic payload (JS/WASM) sent by client */
     logicPayload: Uint8Array;
@@ -16,7 +16,9 @@ export interface ZkVerificationPayload {
 /**
  * Main worker entry point for Piscina.
  */
-export default function workerHandler(task: ZkVerificationPayload): Promise<{
+declare function workerHandler(task: ZkVerificationPayload): Promise<{
     verified: boolean;
     message: string;
 }>;
+
+export { type ZkVerificationPayload, workerHandler as default };

package/dist/workers/zk-verifier.js

@@ -1,98 +1,2 @@
-import crypto from "node:crypto";
-import { parentPort } from "node:worker_threads";
-import { deriveLogicImageDigest } from "../crypto/logic-image-id.js";
-// Ensure this worker is used via Piscina pool
-if (!parentPort) {
-    // Not fatal in Piscina, but handled appropriately
-}
-function deriveImageId(logicPayload) {
-    return deriveLogicImageDigest(logicPayload);
-}
-/**
- * Simulates heavy ZK-Proof cryptographic verification.
- * In a real environment, this delegates to @risc0/verifier or SP1 FFI bindings.
- */
-async function verifyZkReceipt(payload) {
-    const { logicPayload, remoteImageIdHex, zkReceipt, sessionSecret } = payload;
-    // 1. Calculate local ImageID (Integrity Check)
-    const localImageId = deriveImageId(logicPayload);
-    const localImageIdHex = localImageId.toString("hex");
-    if (localImageIdHex !== remoteImageIdHex) {
-        return {
-            verified: false,
-            message: `Integrity Violation: Local (${localImageIdHex.slice(0, 8)}) != Remote (${remoteImageIdHex.slice(0, 8)})`,
-        };
-    }
-    // 2. Structural Verification: Deserialize Binary Receipt
-    const receiptBuf = Buffer.from(zkReceipt);
-    if (receiptBuf.length < 35) {
-        // 1 version + 2 len + 32 seal minimum
-        return {
-            verified: false,
-            message: "Receipt too short for binary format.",
-        };
-    }
-    const version = receiptBuf[0];
-    if (version !== 0x01) {
-        return {
-            verified: false,
-            message: `Unknown receipt version: ${version}`,
-        };
-    }
-    const journalLen = receiptBuf.readUInt16BE(1);
-    const journal = receiptBuf.subarray(3, 3 + journalLen);
-    const seal = receiptBuf.subarray(3 + journalLen);
-    if (seal.length !== 32) {
-        return {
-            verified: false,
-            message: "Invalid seal length (expected 32 bytes HMAC-SHA256).",
-        };
-    }
-    // 3. Parse journal and verify imageId
-    try {
-        const journalData = JSON.parse(journal.toString());
-        if (journalData.image_id !== localImageIdHex) {
-            return {
-                verified: false,
-                message: `Journal ImageID mismatch: ${journalData.image_id.slice(0, 8)} != ${localImageIdHex.slice(0, 8)}`,
-            };
-        }
-    }
-    catch (_e) {
-        return { verified: false, message: "Failed to parse journal data." };
-    }
-    // 4. Mathematical Verification (HMAC-SHA256)
-    if (sessionSecret && sessionSecret.length > 0) {
-        const expectedSeal = crypto
-            .createHmac("sha256", sessionSecret)
-            .update(journal)
-            .digest();
-        if (!crypto.timingSafeEqual(seal, expectedSeal)) {
-            return {
-                verified: false,
-                message: "Invalid seal: HMAC verification failed.",
-            };
-        }
-    }
-    return {
-        verified: true,
-        message: "HMAC Commitment Verified: Integrity intact.",
-    };
-}
-/**
- * Main worker entry point for Piscina.
- */
-export default async function workerHandler(task) {
-    try {
-        if (task.action === "verify_receipt") {
-            return await verifyZkReceipt(task);
-        }
-        throw new Error("Unknown action in ZkVerifier Worker.");
-    }
-    catch (error) {
-        return {
-            verified: false,
-            message: `Verification Error: ${error.message}`,
-        };
-    }
-}
+import {b}from'../chunk-ANFXJGMP.js';import d from'crypto';import'worker_threads';function u(e){return b(e)}async function y(e){let{logicPayload:t,remoteImageIdHex:o,zkReceipt:g,sessionSecret:n}=e,a=u(t).toString("hex");if(a!==o)return {verified:false,message:`Integrity Violation: Local (${a.slice(0,8)}) != Remote (${o.slice(0,8)})`};let r=Buffer.from(g);if(r.length<35)return {verified:false,message:"Receipt too short for binary format."};let s=r[0];if(s!==1)return {verified:false,message:`Unknown receipt version: ${s}`};let c=r.readUInt16BE(1),f=r.subarray(3,3+c),l=r.subarray(3+c);if(l.length!==32)return {verified:false,message:"Invalid seal length (expected 32 bytes HMAC-SHA256)."};try{let i=JSON.parse(f.toString());if(i.image_id!==a)return {verified:!1,message:`Journal ImageID mismatch: ${i.image_id.slice(0,8)} != ${a.slice(0,8)}`}}catch{return {verified:false,message:"Failed to parse journal data."}}if(n&&n.length>0){let i=d.createHmac("sha256",n).update(f).digest();if(!d.timingSafeEqual(l,i))return {verified:false,message:"Invalid seal: HMAC verification failed."}}return {verified:true,message:"HMAC Commitment Verified: Integrity intact."}}async function v(e){try{if(e.action==="verify_receipt")return await y(e);throw new Error("Unknown action in ZkVerifier Worker.")}catch(t){return {verified:false,message:`Verification Error: ${t.message}`}}}export{v as default};//# sourceMappingURL=zk-verifier.js.map
+//# sourceMappingURL=zk-verifier.js.map