@nekzus/liop 1.3.0-alpha.1 → 2.0.0-alpha.2

package/dist/client/index.js

@@ -1,275 +0,0 @@
-import { LiopVerifier } from "../crypto/verifier.js";
-import { MeshNode, } from "../mesh/node.js";
-import { LiopRpcClient } from "../rpc/client.js";
-import { AesGcmWrapper } from "../rpc/crypto/aes.js";
-import { Kyber768Wrapper } from "../rpc/crypto/kyber.js";
-import { log } from "../utils/logger.js";
-/**
- * LIOP Client
- * High-level orchestration for discovery and execution in the Logic-Injection-on-Origin mesh.
- */
-export class LiopClient {
-    meshNode = null;
-    rpcClients = new Map();
-    manifests = new Map();
-    tlsOptions;
-    serverInfo;
-    verifier = new LiopVerifier();
-    constructor(tls) {
-        this.tlsOptions = tls;
-    }
-    /**
-     * Discovers and connects to the target server or mesh capability.
-     * If address is omitted, it sets up the MeshNode to act purely dynamically.
-     */
-    async connect(address, options) {
-        this.meshNode = new MeshNode(options?.meshConfig);
-        await this.meshNode.start();
-        log.info(`[LiopClient] Mesh Node synchronized. PeerID: ${this.meshNode.getPeerId()}`);
-        if (address) {
-            this.rpcClients.set("static", new LiopRpcClient(address, this.tlsOptions));
-            this.serverInfo = { name: `LiopServer (${address})`, version: "1.0.0" };
-            log.info(`[LiopClient] Static gRPC configured for: ${address}`);
-        }
-        else {
-            this.serverInfo = { name: "LiopServer (Mesh Alpha)", version: "1.0.0" };
-        }
-    }
-    /**
-     * Dynamically queries Kademlia DHT to find the optimal PeerID providing the Capability
-     * and returns the physical gRPC target (host:port) resolved from the provider's manifest.
-     */
-    async resolveCapability(toolName) {
-        if (!this.meshNode)
-            throw new Error("Client must be connected to Mesh to resolve capabilities.");
-        log.info(`[LiopClient] Querying Mesh DHT for Provider: ${toolName}...`);
-        const providers = await this.meshNode.findProviders(toolName);
-        if (providers.length === 0) {
-            throw new Error(`Kademlia DHT found zero providers for capability: ${toolName}`);
-        }
-        const providerId = providers[0];
-        log.info(`[LiopClient] Identified Alpha Provider PeerID: ${providerId}`);
-        let grpcPort = 50051;
-        const manifest = await this.meshNode.queryManifest(providerId);
-        if (manifest) {
-            grpcPort = manifest.grpcPort;
-            log.info(`[LiopClient] Manifest resolved: gRPC port ${grpcPort}`);
-        }
-        const addrs = await this.meshNode.resolvePeer(providerId);
-        for (const maddr of addrs) {
-            const parts = maddr.split("/");
-            if (parts[1] === "ip4") {
-                const grpcHost = `${parts[2]}:${grpcPort}`;
-                log.info(`[LiopClient] Translated Multiaddr to gRPC Target: ${grpcHost}`);
-                return grpcHost;
-            }
-        }
-        return `127.0.0.1:${grpcPort}`;
-    }
-    /**
-     * Discovers remote capabilities via the LIOP Manifest Protocol.
-     */
-    async discoverTools() {
-        if (!this.meshNode) {
-            throw new Error("Client must be connected before discovering tools.");
-        }
-        log.info(`[LiopClient] Discovery started...`);
-        const providerIds = await this.meshNode.discoverManifestProviders();
-        const tools = [];
-        const seenNames = new Set();
-        for (const peerId of providerIds) {
-            try {
-                log.info(`[LiopClient] Querying manifest from: ${peerId}`);
-                const manifest = await this.meshNode.queryManifest(peerId);
-                if (manifest) {
-                    this.manifests.set(peerId, manifest);
-                    for (const tool of manifest.tools) {
-                        if (!seenNames.has(tool.name)) {
-                            tools.push({ name: tool.name, description: tool.description });
-                            seenNames.add(tool.name);
-                        }
-                    }
-                }
-            }
-            catch (err) {
-                log.info(`[LiopClient] Error querying manifest from ${peerId}:`, err instanceof Error ? err.message : String(err));
-            }
-        }
-        log.info(`[LiopClient] Discovery finished. Found ${tools.length} unique tools.`);
-        return tools;
-    }
-    /**
-     * Invokes a tool.
-     */
-    async callTool(request, _wasmPayload) {
-        if (!this.meshNode) {
-            throw new Error("Client must be connected before calling tools.");
-        }
-        const toolName = request.name;
-        log.info(`[LiopClient] Resolving Tool: ${toolName}`);
-        // [ALPHA-FIX] Bypass DHT discovery if we are already statically connected to a provider (Enterprise/Test mode)
-        let rpcClient = this.rpcClients.get("static");
-        if (!rpcClient) {
-            const dynamicAddress = await this.resolveCapability(toolName);
-            rpcClient = this.getOrCreateRpcClient(toolName, dynamicAddress);
-        }
-        else {
-            log.info(`[LiopClient] Using existing static gRPC connection for ${toolName}.`);
-        }
-        log.info(`[LiopClient] Negotiating intent for ${toolName}...`);
-        const agentDid = this.meshNode
-            ? `did:liop:${this.meshNode.getPeerId()}`
-            : "did:liop:ephemeral";
-        const intentPayload = Buffer.from(`${toolName}:${Date.now()}`);
-        const proofOfIntent = this.meshNode
-            ? await this.meshNode.sign(intentPayload)
-            : intentPayload;
-        const intentResponse = (await rpcClient.negotiateIntent({
-            agent_did: agentDid,
-            capability_hash: toolName,
-            proof_of_intent: proofOfIntent,
-        }));
-        if (!intentResponse.accepted) {
-            throw new Error(`Intent denied by host: ${intentResponse.error_message}`);
-        }
-        // LIOP Robust Field Extraction (Supports both snake_case and camelCase via gRPC-JS)
-        const publicKey = intentResponse.kyber_public_key || intentResponse.kyberPublicKey;
-        const sessionToken = intentResponse.session_token || intentResponse.sessionToken;
-        if (!publicKey) {
-            log.info("[LiopClient] Critical Error: Kyber Public Key not found in IntentResponse.", intentResponse);
-            throw new Error("Handshake failed: Remote host did not provide a valid Kyber Public Key.");
-        }
-        // 2. Post-Quantum Encapsulation (ML-KEM-768)
-        log.info(`[LiopClient] Encapsulating Post-Quantum Shared Secret for ${request.name}...`);
-        const { ciphertext: kyberCiphertext, sharedSecret } = await Kyber768Wrapper.encapsulateAsymmetric(publicKey);
-        // 3. Symmetric Sealing (AES-256-GCM)
-        log.info(`[LiopClient] Sealing WASM Payload and Inputs...`);
-        const _safePayload = _wasmPayload || Buffer.from("");
-        // Encrypt WASM binary
-        const { ciphertext: encryptedWasm, nonce: aesNonce } = AesGcmWrapper.encryptPayload(_safePayload, sharedSecret);
-        // Encrypt inputs using a fresh random nonce per input to prevent AES-GCM nonce reuse
-        const encryptedInputs = {};
-        const crypto = await import("node:crypto");
-        for (const [key, value] of Object.entries(request.arguments || {})) {
-            const inputNonce = crypto.randomBytes(12);
-            const cipher = crypto.createCipheriv("aes-256-gcm", sharedSecret, inputNonce);
-            const encrypted = Buffer.concat([
-                cipher.update(JSON.stringify(value)),
-                cipher.final(),
-            ]);
-            const authTag = cipher.getAuthTag();
-            // Prepend the 12-byte nonce to the ciphertext
-            encryptedInputs[key] = Buffer.concat([inputNonce, encrypted, authTag]);
-        }
-        // 4. Assemble and Execute gRPC LogicRequest
-        const logicRequest = {
-            session_token: sessionToken,
-            wasm_binary: encryptedWasm,
-            inputs: encryptedInputs,
-            pqc_ciphertext: kyberCiphertext,
-            aes_nonce: aesNonce,
-        };
-        return new Promise((resolve, reject) => {
-            const stream = rpcClient.executeLogic(logicRequest);
-            if (!stream) {
-                reject(new Error("RPC Client unavailable or failed to create stream."));
-                return;
-            }
-            let resultFulfilled = false;
-            let hasReceivedData = false;
-            stream.on("data", async (response) => {
-                if (resultFulfilled)
-                    return;
-                hasReceivedData = true;
-                log.info("[LiopClient] Logic Executed. Verification in progress...");
-                try {
-                    const isValid = await this.verifier.verifyZkReceipt(_safePayload, Buffer.from(response.cryptographic_proof).toString("hex"), Buffer.from(response.zk_receipt), Buffer.from(sharedSecret));
-                    if (!isValid) {
-                        reject(new Error("PROTOCOL INTEGRITY VIOLATION: ZK-Receipt verification failed."));
-                        return;
-                    }
-                    resultFulfilled = true;
-                    resolve({
-                        content: [
-                            {
-                                type: "text",
-                                text: response.semantic_evidence,
-                            },
-                        ],
-                        isError: response.is_error,
-                    });
-                }
-                catch (err) {
-                    reject(err);
-                }
-            });
-            stream.on("error", (err) => {
-                if (resultFulfilled)
-                    return;
-                log.error("[LiopClient] Stream Error:", err);
-                reject(err);
-            });
-            stream.on("end", () => {
-                // We don't throw here if we already received a response block that is currently
-                // undergoing ZK Verification in the Piscina worker pool.
-                if (!hasReceivedData && !resultFulfilled) {
-                    reject(new Error("Logic-on-Origin stream closed without results."));
-                }
-            });
-        });
-    }
-    getOrCreateRpcClient(peerId, address) {
-        let client = this.rpcClients.get(peerId);
-        if (!client) {
-            client = new LiopRpcClient(address, this.tlsOptions);
-            this.rpcClients.set(peerId, client);
-        }
-        return client;
-    }
-    /**
-     * Reads a specific resource by URI.
-     * In LIOP, resources can be static definitions or dynamic streams.
-     */
-    async readResource(uri) {
-        if (!this.meshNode) {
-            throw new Error("Client must be connected before reading resources.");
-        }
-        log.info(`[LiopClient] Querying Mesh for Resource: ${uri}...`);
-        // We search for the peer hosting the resource in the P2P Mesh
-        const providers = await this.meshNode.findProviders(uri);
-        if (providers.length === 0) {
-            throw new Error(`No mesh providers found for resource: ${uri}`);
-        }
-        // Query the remote peer's manifest
-        const manifest = await this.meshNode.queryManifest(providers[0]);
-        if (!manifest) {
-            throw new Error("Target peer did not return a valid LIOP Manifest.");
-        }
-        // Locate the exact resource metadata
-        const resourceDef = manifest.resources?.find((r) => r.uri === uri);
-        if (!resourceDef) {
-            throw new Error(`Resource ${uri} not listed in remote manifest.`);
-        }
-        // Return the declarative metadata (Logic-Injection is required for actual data extraction)
-        return {
-            contents: [
-                {
-                    uri,
-                    mimeType: resourceDef.mimeType || "application/json",
-                    text: JSON.stringify(resourceDef, null, 2),
-                },
-            ],
-        };
-    }
-    getServerInfo() {
-        return this.serverInfo;
-    }
-    /**
-     * Destroys the active Mesh Node resources.
-     */
-    async close() {
-        if (this.meshNode) {
-            await this.meshNode.stop();
-        }
-    }
-}

package/dist/crypto/logic-image-id.d.ts

@@ -1,3 +0,0 @@
-export declare function normalizeLogicSource(logicUtf8: string): string;
-/** SHA-256 digest of logic bytes (WASM raw; JS UTF-8 after top-level envelope strip). */
-export declare function deriveLogicImageDigest(logicPayload: Uint8Array): Buffer;

package/dist/crypto/logic-image-id.js

@@ -1,27 +0,0 @@
-import crypto from "node:crypto";
-/**
- * Top-level LIOP v1 envelope only. Must NOT use multiline (^/$) mode:
- * proxy logic embeds a full envelope inside JSON strings; `^` per line would
- * incorrectly treat that as the document root and desync ImageID vs the worker.
- */
-const TOP_LEVEL_ENVELOPE = /^\s*@LIOP\{[^}]+\}\n?([\s\S]*?)\n?@END\s*$/;
-export function normalizeLogicSource(logicUtf8) {
-    const match = logicUtf8.match(TOP_LEVEL_ENVELOPE);
-    if (match?.[1] !== undefined) {
-        return match[1].trim();
-    }
-    return logicUtf8.trim();
-}
-/** SHA-256 digest of logic bytes (WASM raw; JS UTF-8 after top-level envelope strip). */
-export function deriveLogicImageDigest(logicPayload) {
-    const isWasm = logicPayload[0] === 0x00 && logicPayload[1] === 0x61;
-    if (isWasm) {
-        return crypto.createHash("sha256").update(logicPayload).digest();
-    }
-    const text = Buffer.from(logicPayload).toString("utf-8");
-    const normalized = normalizeLogicSource(text);
-    return crypto
-        .createHash("sha256")
-        .update(Buffer.from(normalized, "utf-8"))
-        .digest();
-}

package/dist/crypto/verifier.js

@@ -1,97 +0,0 @@
-import { createRequire } from "node:module";
-import path from "node:path";
-import { fileURLToPath, pathToFileURL } from "node:url";
-import { Piscina } from "piscina";
-import { log } from "../utils/logger.js";
-import { deriveLogicImageDigest } from "./logic-image-id.js";
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
-/**
- * LIOP Tier-0 Industrial Verifier
- *
- * This engine is responsible for the trustless verification of remote logic execution.
- * It validates both the integrity of the code (ZkImageID) and the mathematical proof
- * of its execution (ZkSeal), as well as hardware-level attestation (TEE).
- */
-export class LiopVerifier {
-    // Singleton Worker Pool for heavy ZK verification
-    static zkWorkerPool = null;
-    getZkPool() {
-        if (!LiopVerifier.zkWorkerPool) {
-            const isTS = import.meta.url.endsWith(".ts");
-            const workerExt = isTS ? ".ts" : ".js";
-            let execArgv = [];
-            if (isTS) {
-                try {
-                    const req = createRequire(import.meta.url);
-                    const tsxPkg = req.resolve("tsx/package.json");
-                    const absoluteTsx = pathToFileURL(path.join(path.dirname(tsxPkg), "dist", "loader.mjs")).href;
-                    execArgv = ["--import", absoluteTsx];
-                }
-                catch (_e) {
-                    execArgv = ["--import", "tsx"];
-                }
-            }
-            LiopVerifier.zkWorkerPool = new Piscina({
-                filename: path.resolve(__dirname, `../workers/zk-verifier${workerExt}`),
-                minThreads: 1,
-                maxThreads: 2, // Minimal footprint since verification is fast compared to generation
-                idleTimeout: 30000,
-                execArgv,
-            });
-        }
-        return LiopVerifier.zkWorkerPool;
-    }
-    /**
-     * Verifies a Zero-Knowledge Receipt from a remote LIOP node via Worker Pool.
-     *
-     * @param logicPayload The raw WASM or JS logic that was sent to the provider.
-     * @param remoteImageIdHex The ImageID reported by the provider (must match our local calculation).
-     * @param zkReceipt The mathematical proof (Seal + Journal) from the zkVM.
-     */
-    async verifyZkReceipt(logicPayload, remoteImageIdHex, zkReceipt, sessionSecret) {
-        const pool = this.getZkPool();
-        if (!pool)
-            throw new Error("Worker pool initialization failed");
-        const result = await pool.run({
-            action: "verify_receipt",
-            logicPayload: new Uint8Array(logicPayload),
-            remoteImageIdHex,
-            zkReceipt: new Uint8Array(zkReceipt),
-            sessionSecret: sessionSecret ? new Uint8Array(sessionSecret) : undefined,
-        });
-        if (result.verified) {
-            log.info(`[LiopVerifier] ${result.message}`);
-            return true;
-        }
-        log.error(`[LiopVerifier] FAILED: ${result.message}`);
-        return false;
-    }
-    /**
-     * Verifies if a node is running inside an authenticated TEE (e.g. AWS Nitro).
-     *
-     * @param attestationReport The COSE-signed attestation document from the hardware.
-     */
-    async verifyTeeAttestation(attestationReport) {
-        if (attestationReport.length === 0)
-            return true; // Optional in Mesh Alpha
-        try {
-            // Architecture for AWS Nitro Enclaves:
-            // 1. Decode CBOR/COSE
-            // 2. Verify Signature against AWS Nitro Root CA
-            // 3. Compare PCRs
-            log.info("[LiopVerifier] TEE Attestation: Not configured (no-op).");
-            return true;
-        }
-        catch (err) {
-            log.error("[LiopVerifier] TEE Verification Failed:", err);
-            return false;
-        }
-    }
-    /**
-     * Derives the ImageID of a logic payload following the LIOP v1 Standard.
-     */
-    deriveImageId(logicPayload) {
-        return deriveLogicImageDigest(logicPayload);
-    }
-}

package/dist/economy/estimator.d.ts

@@ -1,53 +0,0 @@
-/**
- * TokenEstimator — Pluggable strategy for counting tokens in text content.
- *
- * Implementations range from exact BPE tokenization to lightweight heuristics,
- * allowing the SDK to choose the best trade-off for the runtime environment.
- */
-export interface TokenEstimator {
-    /** Count the number of tokens in the given text */
-    countTokens(text: string): number;
-    /** Human-readable name of the estimation strategy */
-    readonly name: string;
-}
-/**
- * Exact BPE tokenizer using o200k_base encoding.
- *
- * o200k_base is the standard encoding for all modern OpenAI models
- * (GPT-4o, GPT-4.1, o1, o3, o4) and provides a reasonable baseline
- * for Anthropic/Google models as well (~±5% variance).
- *
- * - Synchronous: safe for hot-path usage without async overhead
- * - Merge cache reduced to 10K entries for long-running server processes
- * - Zero runtime dependencies beyond gpt-tokenizer itself
- */
-export declare class RealTokenEstimator implements TokenEstimator {
-    readonly name = "o200k_base";
-    private countFn;
-    constructor(countFn: (text: string) => number, setMergeCacheSizeFn?: (size: number) => void);
-    countTokens(text: string): number;
-}
-/**
- * Fallback heuristic estimator: ~4 characters per token.
- *
- * Industry-standard approximation (±10% for English/code content).
- * Used only when gpt-tokenizer fails to load in constrained environments.
- */
-export declare class HeuristicTokenEstimator implements TokenEstimator {
-    readonly name = "heuristic (chars/4)";
-    countTokens(text: string): number;
-}
-/**
- * Factory: creates a RealTokenEstimator with gpt-tokenizer,
- * falling back to HeuristicTokenEstimator if the import fails.
- *
- * Uses dynamic import to avoid blocking SDK initialization and to
- * gracefully degrade in environments where gpt-tokenizer is unavailable.
- */
-export declare function createTokenEstimator(): Promise<TokenEstimator>;
-/**
- * Synchronous factory: creates a HeuristicTokenEstimator immediately.
- * Used when the async factory cannot be awaited (e.g., constructor contexts).
- * The engine should upgrade to the real estimator via setEstimator() later.
- */
-export declare function createSyncTokenEstimator(): TokenEstimator;

package/dist/economy/estimator.js

@@ -1,69 +0,0 @@
-import { log } from "../utils/logger.js";
-/**
- * Exact BPE tokenizer using o200k_base encoding.
- *
- * o200k_base is the standard encoding for all modern OpenAI models
- * (GPT-4o, GPT-4.1, o1, o3, o4) and provides a reasonable baseline
- * for Anthropic/Google models as well (~±5% variance).
- *
- * - Synchronous: safe for hot-path usage without async overhead
- * - Merge cache reduced to 10K entries for long-running server processes
- * - Zero runtime dependencies beyond gpt-tokenizer itself
- */
-export class RealTokenEstimator {
-    name = "o200k_base";
-    countFn;
-    constructor(countFn, setMergeCacheSizeFn) {
-        this.countFn = countFn;
-        // Reduce merge cache from default 100K to 10K for server processes
-        if (setMergeCacheSizeFn) {
-            setMergeCacheSizeFn(10_000);
-        }
-    }
-    countTokens(text) {
-        if (text.length === 0)
-            return 0;
-        return this.countFn(text);
-    }
-}
-/**
- * Fallback heuristic estimator: ~4 characters per token.
- *
- * Industry-standard approximation (±10% for English/code content).
- * Used only when gpt-tokenizer fails to load in constrained environments.
- */
-export class HeuristicTokenEstimator {
-    name = "heuristic (chars/4)";
-    countTokens(text) {
-        if (text.length === 0)
-            return 0;
-        return Math.ceil(text.length / 4);
-    }
-}
-/**
- * Factory: creates a RealTokenEstimator with gpt-tokenizer,
- * falling back to HeuristicTokenEstimator if the import fails.
- *
- * Uses dynamic import to avoid blocking SDK initialization and to
- * gracefully degrade in environments where gpt-tokenizer is unavailable.
- */
-export async function createTokenEstimator() {
-    try {
-        const mod = await import("gpt-tokenizer");
-        const estimator = new RealTokenEstimator(mod.countTokens, mod.setMergeCacheSize);
-        log.debug("[LIOP-Economy] Token estimator initialized: o200k_base");
-        return estimator;
-    }
-    catch {
-        log.info("[LIOP-Economy] gpt-tokenizer unavailable, falling back to heuristic estimator");
-        return new HeuristicTokenEstimator();
-    }
-}
-/**
- * Synchronous factory: creates a HeuristicTokenEstimator immediately.
- * Used when the async factory cannot be awaited (e.g., constructor contexts).
- * The engine should upgrade to the real estimator via setEstimator() later.
- */
-export function createSyncTokenEstimator() {
-    return new HeuristicTokenEstimator();
-}

package/dist/economy/index.d.ts

@@ -1,5 +0,0 @@
-export type { TokenEstimator } from "./estimator.js";
-export { createSyncTokenEstimator, createTokenEstimator, HeuristicTokenEstimator, RealTokenEstimator, } from "./estimator.js";
-export { LiopOTelBridge } from "./otel.js";
-export type { TokenOperationMetric, TokenSessionReport, ToolTokenBreakdown, } from "./telemetry.js";
-export { TokenTelemetryEngine } from "./telemetry.js";

package/dist/economy/index.js

@@ -1,3 +0,0 @@
-export { createSyncTokenEstimator, createTokenEstimator, HeuristicTokenEstimator, RealTokenEstimator, } from "./estimator.js";
-export { LiopOTelBridge } from "./otel.js";
-export { TokenTelemetryEngine } from "./telemetry.js";

package/dist/economy/otel.d.ts

@@ -1,38 +0,0 @@
-/**
- * LiopOTelBridge — OpenTelemetry gen_ai.* metric emitter.
- *
- * Pattern: Library Instrumentation (uses global MeterProvider only).
- * Per official OTel JS documentation:
- * - Libraries MUST NOT create their own MeterProvider
- * - Libraries SHOULD use metrics.getMeter() from the global API
- * - If no MeterProvider is registered by the application, all operations are NoOp
- *   with zero runtime overhead (confirmed by OTel JS source: NoopMeterProvider)
- *
- * Follows OpenTelemetry Generative AI Semantic Conventions (Development status).
- * @see https://opentelemetry.io/docs/specs/semconv/gen-ai/
- */
-export declare class LiopOTelBridge {
-    private tokenUsage;
-    private operationDuration;
-    private active;
-    constructor();
-    /**
-     * Record token usage with gen_ai.* standard attributes.
-     *
-     * @param tokens - Number of tokens consumed
-     * @param tokenType - "input" or "output" (gen_ai.token.type)
-     * @param operationName - gen_ai.operation.name (e.g., "execute_tool", "chat")
-     * @param toolName - Optional LIOP-specific tool name for attribution
-     */
-    recordTokens(tokens: number, tokenType: "input" | "output", operationName: string, toolName?: string): void;
-    /**
-     * Record operation duration with gen_ai.* standard attributes.
-     *
-     * @param durationMs - Duration in milliseconds (converted to seconds for OTel)
-     * @param operationName - gen_ai.operation.name
-     * @param error - Optional error type string if the operation failed
-     */
-    recordDuration(durationMs: number, operationName: string, error?: string): void;
-    /** Whether the OTel bridge is actively connected to a MeterProvider */
-    isActive(): boolean;
-}

package/dist/economy/otel.js

@@ -1,100 +0,0 @@
-import { metrics } from "@opentelemetry/api";
-import { log } from "../utils/logger.js";
-/** SDK identifier for the OTel Meter */
-const METER_NAME = "@nekzus/liop";
-const METER_VERSION = "1.2.0-alpha.9";
-/**
- * gen_ai.client.token.usage — Recommended explicit bucket boundaries.
- * Source: OpenTelemetry Generative AI Semantic Conventions (experimental).
- */
-const TOKEN_USAGE_BUCKETS = [
-    1, 4, 16, 64, 256, 1024, 4096, 16384, 65536, 262144, 1048576, 4194304,
-    16777216, 67108864,
-];
-/**
- * gen_ai.client.operation.duration — Recommended bucket boundaries (seconds).
- * Source: OpenTelemetry Generative AI Semantic Conventions.
- */
-const DURATION_BUCKETS = [
-    0.01, 0.02, 0.04, 0.08, 0.16, 0.32, 0.64, 1.28, 2.56, 5.12, 10.24, 20.48,
-    40.96, 81.92,
-];
-/**
- * LiopOTelBridge — OpenTelemetry gen_ai.* metric emitter.
- *
- * Pattern: Library Instrumentation (uses global MeterProvider only).
- * Per official OTel JS documentation:
- * - Libraries MUST NOT create their own MeterProvider
- * - Libraries SHOULD use metrics.getMeter() from the global API
- * - If no MeterProvider is registered by the application, all operations are NoOp
- *   with zero runtime overhead (confirmed by OTel JS source: NoopMeterProvider)
- *
- * Follows OpenTelemetry Generative AI Semantic Conventions (Development status).
- * @see https://opentelemetry.io/docs/specs/semconv/gen-ai/
- */
-export class LiopOTelBridge {
-    tokenUsage;
-    operationDuration;
-    active = false;
-    constructor() {
-        try {
-            const meter = metrics.getMeter(METER_NAME, METER_VERSION);
-            this.tokenUsage = meter.createHistogram("gen_ai.client.token.usage", {
-                description: "Number of tokens used in LIOP Logic-on-Origin operations",
-                unit: "{token}",
-                advice: { explicitBucketBoundaries: TOKEN_USAGE_BUCKETS },
-            });
-            this.operationDuration = meter.createHistogram("gen_ai.client.operation.duration", {
-                description: "Duration of LIOP operations",
-                unit: "s",
-                advice: { explicitBucketBoundaries: DURATION_BUCKETS },
-            });
-            this.active = true;
-            log.debug("[LIOP-OTel] gen_ai.* metrics bridge initialized");
-        }
-        catch (err) {
-            // OTel API failed to load — degrade gracefully without affecting protocol
-            log.debug(`[LIOP-OTel] Bridge disabled: ${err instanceof Error ? err.message : String(err)}`);
-            const noopHistogram = {
-                record: () => { },
-            };
-            this.tokenUsage = noopHistogram;
-            this.operationDuration = noopHistogram;
-        }
-    }
-    /**
-     * Record token usage with gen_ai.* standard attributes.
-     *
-     * @param tokens - Number of tokens consumed
-     * @param tokenType - "input" or "output" (gen_ai.token.type)
-     * @param operationName - gen_ai.operation.name (e.g., "execute_tool", "chat")
-     * @param toolName - Optional LIOP-specific tool name for attribution
-     */
-    recordTokens(tokens, tokenType, operationName, toolName) {
-        this.tokenUsage.record(tokens, {
-            "gen_ai.system": "liop",
-            "gen_ai.operation.name": operationName,
-            "gen_ai.token.type": tokenType,
-            "gen_ai.request.model": "liop-mesh",
-            ...(toolName ? { "liop.tool.name": toolName } : {}),
-        });
-    }
-    /**
-     * Record operation duration with gen_ai.* standard attributes.
-     *
-     * @param durationMs - Duration in milliseconds (converted to seconds for OTel)
-     * @param operationName - gen_ai.operation.name
-     * @param error - Optional error type string if the operation failed
-     */
-    recordDuration(durationMs, operationName, error) {
-        this.operationDuration.record(durationMs / 1000, {
-            "gen_ai.system": "liop",
-            "gen_ai.operation.name": operationName,
-            ...(error ? { "error.type": error } : {}),
-        });
-    }
-    /** Whether the OTel bridge is actively connected to a MeterProvider */
-    isActive() {
-        return this.active;
-    }
-}