@nekzus/liop 2.0.0-alpha.1 → 2.0.0-alpha.3

package/dist/index.d.ts

@@ -1,12 +1,313 @@
-export * from "./bridge/index.js";
-export * from "./client/index.js";
-export * from "./economy/index.js";
-export * from "./errors.js";
-export * from "./gateway/hybrid.js";
-export * from "./mesh/node.js";
-export * from "./prompts/adapters.js";
-export * from "./rpc/client.js";
-export * from "./rpc/server.js";
-export * from "./sandbox/wasi.js";
-export * from "./server/index.js";
-export * from "./types.js";
+export { LiopBridgeOptions, LiopMcpBridge, LiopStreamBridge, LiopStreamBridgeOptions } from './bridge.js';
+import { L as LiopTlsOptions } from './index-CyxNLlz7.js';
+export { a as LiopClient } from './index-CyxNLlz7.js';
+export { LiopHybridGateway } from './gateway.js';
+export { LiopManifest, MeshNode, MeshNodeConfig } from './mesh.js';
+import * as grpc from '@grpc/grpc-js';
+export { AggregationPolicy, LiopServer, LiopServerOptions, LogicExecutionPolicy, NerScanner, PII_PATTERNS, PII_PRESETS, PiiRule, PiiScanner, ToolHandler } from './server.js';
+export { CallToolRequest, CallToolResult, GetPromptRequest, GetPromptResult, McpRequest, McpResponse, Prompt, PromptSchema, Resource, ResourceSchema, ServerInfo, Tool, ToolSchema } from './types.js';
+import '@modelcontextprotocol/sdk/server/mcp.js';
+import 'zod';
+import './verifier-DTCD9imJ.js';
+
+/**
+ * TokenEstimator — Pluggable strategy for counting tokens in text content.
+ *
+ * Implementations range from exact BPE tokenization to lightweight heuristics,
+ * allowing the SDK to choose the best trade-off for the runtime environment.
+ */
+interface TokenEstimator {
+    /** Count the number of tokens in the given text */
+    countTokens(text: string): number;
+    /** Human-readable name of the estimation strategy */
+    readonly name: string;
+}
+/**
+ * Exact BPE tokenizer using o200k_base encoding.
+ *
+ * o200k_base is the standard encoding for all modern OpenAI models
+ * (GPT-4o, GPT-4.1, o1, o3, o4) and provides a reasonable baseline
+ * for Anthropic/Google models as well (~±5% variance).
+ *
+ * - Synchronous: safe for hot-path usage without async overhead
+ * - Merge cache reduced to 10K entries for long-running server processes
+ * - Zero runtime dependencies beyond gpt-tokenizer itself
+ */
+declare class RealTokenEstimator implements TokenEstimator {
+    readonly name = "o200k_base";
+    private countFn;
+    constructor(countFn: (text: string) => number, setMergeCacheSizeFn?: (size: number) => void);
+    countTokens(text: string): number;
+}
+/**
+ * Fallback heuristic estimator: ~4 characters per token.
+ *
+ * Industry-standard approximation (±10% for English/code content).
+ * Used only when gpt-tokenizer fails to load in constrained environments.
+ */
+declare class HeuristicTokenEstimator implements TokenEstimator {
+    readonly name = "heuristic (chars/4)";
+    countTokens(text: string): number;
+}
+/**
+ * Factory: creates a RealTokenEstimator with gpt-tokenizer,
+ * falling back to HeuristicTokenEstimator if the import fails.
+ *
+ * Uses dynamic import to avoid blocking SDK initialization and to
+ * gracefully degrade in environments where gpt-tokenizer is unavailable.
+ */
+declare function createTokenEstimator(): Promise<TokenEstimator>;
+/**
+ * Synchronous factory: creates a HeuristicTokenEstimator immediately.
+ * Used when the async factory cannot be awaited (e.g., constructor contexts).
+ * The engine should upgrade to the real estimator via setEstimator() later.
+ */
+declare function createSyncTokenEstimator(): TokenEstimator;
+
+/**
+ * LiopOTelBridge — OpenTelemetry gen_ai.* metric emitter.
+ *
+ * Pattern: Library Instrumentation (uses global MeterProvider only).
+ * Per official OTel JS documentation:
+ * - Libraries MUST NOT create their own MeterProvider
+ * - Libraries SHOULD use metrics.getMeter() from the global API
+ * - If no MeterProvider is registered by the application, all operations are NoOp
+ *   with zero runtime overhead (confirmed by OTel JS source: NoopMeterProvider)
+ *
+ * Follows OpenTelemetry Generative AI Semantic Conventions (Development status).
+ * @see https://opentelemetry.io/docs/specs/semconv/gen-ai/
+ */
+declare class LiopOTelBridge {
+    private tokenUsage;
+    private operationDuration;
+    private active;
+    constructor();
+    /**
+     * Record token usage with gen_ai.* standard attributes.
+     *
+     * @param tokens - Number of tokens consumed
+     * @param tokenType - "input" or "output" (gen_ai.token.type)
+     * @param operationName - gen_ai.operation.name (e.g., "execute_tool", "chat")
+     * @param toolName - Optional LIOP-specific tool name for attribution
+     */
+    recordTokens(tokens: number, tokenType: "input" | "output", operationName: string, toolName?: string): void;
+    /**
+     * Record operation duration with gen_ai.* standard attributes.
+     *
+     * @param durationMs - Duration in milliseconds (converted to seconds for OTel)
+     * @param operationName - gen_ai.operation.name
+     * @param error - Optional error type string if the operation failed
+     */
+    recordDuration(durationMs: number, operationName: string, error?: string): void;
+    /** Whether the OTel bridge is actively connected to a MeterProvider */
+    isActive(): boolean;
+}
+
+/** Single MCP operation token footprint */
+interface TokenOperationMetric {
+    readonly type: "tools_list" | "tool_call" | "resource_read" | "resource_list" | "prompt_get" | "prompt_list" | "diagnostic";
+    readonly method: string;
+    readonly estimatedInputTokens: number;
+    readonly estimatedOutputTokens: number;
+    readonly timestamp: number;
+    readonly toolName?: string;
+    readonly peerId?: string;
+    readonly durationMs?: number;
+}
+/** Session-level aggregate report */
+interface TokenSessionReport {
+    readonly sessionId: string;
+    readonly operations: ReadonlyArray<TokenOperationMetric>;
+    readonly totalInputTokens: number;
+    readonly totalOutputTokens: number;
+    readonly estimatorName: string;
+    readonly sessionUptimeMs: number;
+}
+/** Per-tool aggregate breakdown */
+interface ToolTokenBreakdown {
+    readonly input: number;
+    readonly output: number;
+    readonly calls: number;
+    readonly avgDurationMs: number;
+}
+/**
+ * TokenTelemetryEngine — Full-spectrum observational singleton for token cost measurement.
+ *
+ * Design principles:
+ * - Pure observer pattern: NEVER mutates MCP payloads or protocol flow.
+ * - Real tokenization: o200k_base BPE via gpt-tokenizer (async init, sync counting).
+ * - OTel gen_ai.* emission: standard metrics via @opentelemetry/api (NoOp if no provider).
+ * - Error isolation: telemetry failures never propagate to protocol operations.
+ */
+declare class TokenTelemetryEngine {
+    private static instance;
+    private operations;
+    private readonly sessionId;
+    private readonly startedAt;
+    private estimator;
+    private otelBridge;
+    private constructor();
+    /** Async upgrade from heuristic to real BPE tokenizer */
+    private initRealEstimator;
+    static getInstance(): TokenTelemetryEngine;
+    /**
+     * Count tokens in a string using the active estimator.
+     * Delegates to o200k_base BPE tokenizer (or heuristic fallback).
+     */
+    countTokens(content: string): number;
+    /**
+     * Record a single MCP operation's token footprint.
+     * Emits both internal metrics and OTel gen_ai.* histograms.
+     */
+    record(metric: Omit<TokenOperationMetric, "timestamp">): void;
+    /**
+     * @deprecated Use countTokens() instead. Kept for backward compatibility.
+     */
+    estimateTokens(content: string): number;
+    /** Generate the full session report */
+    getReport(): TokenSessionReport;
+    /** Get per-tool token breakdown for diagnostic display */
+    getPerToolReport(): Map<string, ToolTokenBreakdown>;
+    /**
+     * Format a rich, human-readable summary block for LiopMeshStatus diagnostic.
+     * Returns empty string when no operations have been recorded.
+     */
+    formatStatusBlock(): string;
+    /** Format milliseconds into human-readable uptime string */
+    private formatUptime;
+    /** Reset all recorded metrics (used in tests) */
+    reset(): void;
+    /** Destroy the singleton (used in tests to guarantee isolation) */
+    static destroy(): void;
+}
+
+declare enum ErrorCode {
+    CapabilityViolation = "CapabilityViolation",
+    SandboxEscape = "SandboxEscape",
+    PiiLeak = "PiiLeak",
+    InvalidIntent = "InvalidIntent",
+    Throttled = "Throttled",
+    ZkVerificationFailed = "ZkVerificationFailed",
+    MeshUnavailable = "MeshUnavailable",
+    ConnectionFailed = "ConnectionFailed"
+}
+declare class LiopError extends Error {
+    readonly code: ErrorCode;
+    constructor(code: ErrorCode, message: string);
+}
+
+/**
+ * LIOP Cross-AI Prompt Adapters (Fase 92)
+ *
+ * Normalizes system instructions for different LLM providers (Claude, OpenAI, Gemini)
+ * to ensure they understand how to generate "Logic-on-Origin" WASM-compatible payload structures.
+ */
+type AIProvider = "claude" | "openai" | "gemini";
+interface PromptConfig {
+    xmlStandard: boolean;
+    jsonSchemaPreferred: boolean;
+}
+/**
+ * Generates specific System Prompts optimized for the provided AI.
+ * This instructs the LLM on how to bypass Context-Pulling and use Logic-Injection (Zero-Shot).
+ */
+declare function generateSystemInstructions(provider: AIProvider): string;
+
+/**
+ * TypeScript interfaces reflecting liop_core.proto (LIOP v1)
+ * Optimized for logic-on-origin and high-performance serialization.
+ */
+interface IntentRequest {
+    agent_did: string;
+    capability_hash: string;
+    proof_of_intent: Uint8Array;
+}
+interface IntentResponse {
+    accepted: boolean;
+    session_token: string;
+    error_message: string;
+    kyber_public_key: Uint8Array;
+}
+interface LogicRequest {
+    session_token: string;
+    wasm_binary: Uint8Array;
+    inputs: Record<string, Uint8Array>;
+    pqc_ciphertext: Uint8Array;
+    aes_nonce: Uint8Array;
+}
+interface LogicResponse {
+    semantic_evidence: string;
+    cryptographic_proof: Uint8Array;
+    zk_receipt: Uint8Array;
+    is_error: boolean;
+}
+
+/**
+ * LIOP gRPC Client Implementation
+ * Provides a high-level interface for secure intent negotiation and logic execution.
+ */
+declare class LiopRpcClient {
+    private client;
+    constructor(address: string, tls?: LiopTlsOptions);
+    /**
+     * Negotiates intent with the remote host.
+     * Returns the ephemeral Kyber public key for payload encryption.
+     */
+    negotiateIntent(request: IntentRequest): Promise<IntentResponse>;
+    /**
+     * Pushes the encrypted Logic-on-Origin payload to the origin.
+     * Returns a stream of semantic responses and ZK proofs.
+     */
+    executeLogic(request: LogicRequest): grpc.ClientReadableStream<LogicResponse>;
+    close(): void;
+}
+
+declare class LiopRpcServer {
+    private server;
+    constructor();
+    addService(handlers: {
+        negotiateIntent: (call: grpc.ServerUnaryCall<IntentRequest, IntentResponse>, callback: grpc.sendUnaryData<IntentResponse>) => void;
+        executeLogic: (call: grpc.ServerWritableStream<LogicRequest, LogicResponse>) => void;
+    }): void;
+    listen(port?: number, tls?: LiopTlsOptions): Promise<number>;
+    stop(): Promise<void>;
+}
+
+interface SandboxConfig {
+    allowEnv?: boolean;
+    allowedDirectories?: Record<string, string>;
+    memoryLimitMb?: number;
+}
+/**
+ * LIOP WasiSandbox (Industrial Grade)
+ *
+ * Provides a production-grade isolated environment for executing untrusted logic.
+ * Primarily uses WebAssembly (WASI) for byte-code isolation, with a hardened
+ * V8 Isolate fallback for dynamic JS-to-WASM logic injection.
+ */
+declare class WasiSandbox {
+    private wasi;
+    private sandboxId;
+    private workingDir;
+    private config;
+    private stdoutHandle;
+    private stderrHandle;
+    constructor(config?: SandboxConfig);
+    /**
+     * Initializes the physical sandbox environment with strict directory lockdown.
+     */
+    init(): Promise<void>;
+    /**
+     * Executes logic (WASM or JS-Wrapped) with hard resource limits.
+     */
+    execute(compiledLogic: Buffer | string, records?: Record<string, unknown>[], inputs?: Record<string, unknown>): Promise<{
+        output: unknown;
+        fuelConsumed: number;
+    }>;
+    /**
+     * Physically cleans up the sandbox and releases resources.
+     */
+    teardown(): Promise<void>;
+}
+
+export { type AIProvider, ErrorCode, HeuristicTokenEstimator, LiopError, LiopOTelBridge, LiopRpcClient, LiopRpcServer, type PromptConfig, RealTokenEstimator, type SandboxConfig, type TokenEstimator, type TokenOperationMetric, type TokenSessionReport, TokenTelemetryEngine, type ToolTokenBreakdown, WasiSandbox, createSyncTokenEstimator, createTokenEstimator, generateSystemInstructions };

package/dist/index.js

@@ -1,12 +1,31 @@
-export * from "./bridge/index.js";
-export * from "./client/index.js";
-export * from "./economy/index.js";
-export * from "./errors.js";
-export * from "./gateway/hybrid.js";
-export * from "./mesh/node.js";
-export * from "./prompts/adapters.js";
-export * from "./rpc/client.js";
-export * from "./rpc/server.js";
-export * from "./sandbox/wasi.js";
-export * from "./server/index.js";
-export * from "./types.js";
+export{b as WasiSandbox}from'./chunk-HNDVAKEK.js';export{b as LiopClient,a as LiopRpcClient}from'./chunk-P52IE4L6.js';export{c as PromptSchema,b as ResourceSchema,a as ToolSchema}from'./chunk-HQZHZM6U.js';export{b as LiopMcpBridge,a as LiopStreamBridge}from'./chunk-LYULZHZO.js';export{a as LiopHybridGateway}from'./chunk-JBMEAXYU.js';export{a as LiopRpcServer,f as LiopServer,b as NerScanner,c as PII_PATTERNS,d as PII_PRESETS,e as PiiScanner}from'./chunk-FW6CICSY.js';export{b as HeuristicTokenEstimator,e as LiopOTelBridge,a as RealTokenEstimator,f as TokenTelemetryEngine,d as createSyncTokenEstimator,c as createTokenEstimator}from'./chunk-7MAGL6ON.js';import'./chunk-UVTEJYHN.js';import'./chunk-ANFXJGMP.js';import'./chunk-DBXGYHKY.js';import'./chunk-HM77MWB6.js';export{a as MeshNode}from'./chunk-PPCOS2NU.js';import'./chunk-S6RJHZV2.js';var u=(e=>(e.CapabilityViolation="CapabilityViolation",e.SandboxEscape="SandboxEscape",e.PiiLeak="PiiLeak",e.InvalidIntent="InvalidIntent",e.Throttled="Throttled",e.ZkVerificationFailed="ZkVerificationFailed",e.MeshUnavailable="MeshUnavailable",e.ConnectionFailed="ConnectionFailed",e))(u||{}),n=class extends Error{code;constructor(t,o){super(o),this.name="LiopError",this.code=t;}};var f={claude:{xmlStandard:true,jsonSchemaPreferred:false},openai:{xmlStandard:false,jsonSchemaPreferred:true},gemini:{xmlStandard:false,jsonSchemaPreferred:true}};function D(a){let t=f[a],o=`[LIOP-PROTO-V1: LOGIC-ON-ORIGIN SPECIFICATION]
+You are interacting with a Logic-Injection-on-Origin Protocol (LIOP) Mesh Network.
+Unlike standard MCP where you pull context to evaluate it remotely, in LIOP you WRITE code that executes on the data's origin.
+
+### CORE PARADIGM
+When you call a tool or resource, you MUST provide a payload that represents secure sandboxed logic to be executed on the remote Node.
+The node will execute your logic securely on the raw secure data, and return only the RESULT, avoiding PII data egress.
+
+### EXECUTION RULES
+1. Provide a self-contained JavaScript syntax block that we will compile to WASM-Sandboxed logic.
+2. Rely only on standard ECMA script features (No Node.js polyfills).
+3. The logic must end by returning the calculated insights, not the raw data.
+`;return t.xmlStandard?o+=`
+### PAYLOAD FORMATTING (CLAUDE-XML PREFERRED)
+You must wrap your logic precisely within <liop_logic> tags.
+Example:
+<liop_logic>
+const records = await liop.readResource("liop://vault/patients");
+const filtered = records.filter(r => r.disease === "Hypertension");
+return { alert: "High risk demographic", targetCount: filtered.length };
+</liop_logic>
+`:t.jsonSchemaPreferred&&(o+=`
+### PAYLOAD FORMATTING (JSON PARSING PREFERRED)
+You must provide your logic strictly within a JSON string key called \`"logic_blob"\` inside your tool call parameters.
+Example:
+{
+  "target": "liop://vault/patients",
+  "logic_blob": "const records = await liop.readResource(args.target); return { targetCount: records.filter(r => r.disease === 'Hypertension').length };"
+}
+`),o}export{u as ErrorCode,n as LiopError,D as generateSystemInstructions};//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/errors.ts","../src/prompts/adapters.ts"],"names":["ErrorCode","LiopError","code","message","PROVIDER_CONFIGS","generateSystemInstructions","provider","config","instructions"],"mappings":"60BAAO,IAAKA,OACXA,CAAAA,CAAA,mBAAA,CAAsB,qBAAA,CACtBA,CAAAA,CAAA,cAAgB,eAAA,CAChBA,CAAAA,CAAA,OAAA,CAAU,SAAA,CACVA,EAAA,aAAA,CAAgB,eAAA,CAChBA,EAAA,SAAA,CAAY,WAAA,CACZA,EAAA,oBAAA,CAAuB,sBAAA,CACvBA,CAAAA,CAAA,eAAA,CAAkB,kBAClBA,CAAAA,CAAA,gBAAA,CAAmB,kBAAA,CARRA,CAAAA,CAAAA,EAAAA,CAAAA,EAAA,IAWCC,CAAAA,CAAN,cAAwB,KAAM,CACpB,KAEhB,WAAA,CAAYC,CAAAA,CAAiBC,EAAiB,CAC7C,KAAA,CAAMA,CAAO,CAAA,CACb,IAAA,CAAK,IAAA,CAAO,WAAA,CACZ,KAAK,IAAA,CAAOD,EACb,CACD,ECLA,IAAME,CAAAA,CAAqD,CAC1D,MAAA,CAAQ,CAAE,YAAa,IAAA,CAAM,mBAAA,CAAqB,KAAM,CAAA,CACxD,MAAA,CAAQ,CAAE,WAAA,CAAa,KAAA,CAAO,mBAAA,CAAqB,IAAK,EACxD,MAAA,CAAQ,CAAE,YAAa,KAAA,CAAO,mBAAA,CAAqB,IAAK,CACzD,CAAA,CAMO,SAASC,CAAAA,CAA2BC,EAA8B,CACxE,IAAMC,EAASH,CAAAA,CAAiBE,CAAQ,EAEpCE,CAAAA,CAAe,CAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA,CAAA,CAcnB,OAAID,CAAAA,CAAO,WAAA,CACVC,CAAAA,EAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,CAAA,CAUND,CAAAA,CAAO,sBACjBC,CAAAA,EAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,CAAA,CAAA,CAWVA,CACR","file":"index.js","sourcesContent":["export enum ErrorCode {\n\tCapabilityViolation = \"CapabilityViolation\",\n\tSandboxEscape = \"SandboxEscape\",\n\tPiiLeak = \"PiiLeak\",\n\tInvalidIntent = \"InvalidIntent\",\n\tThrottled = \"Throttled\",\n\tZkVerificationFailed = \"ZkVerificationFailed\",\n\tMeshUnavailable = \"MeshUnavailable\",\n\tConnectionFailed = \"ConnectionFailed\",\n}\n\nexport class LiopError extends Error {\n\tpublic readonly code: ErrorCode;\n\n\tconstructor(code: ErrorCode, message: string) {\n\t\tsuper(message);\n\t\tthis.name = \"LiopError\";\n\t\tthis.code = code;\n\t}\n}\n","/**\n * LIOP Cross-AI Prompt Adapters (Fase 92)\n *\n * Normalizes system instructions for different LLM providers (Claude, OpenAI, Gemini)\n * to ensure they understand how to generate \"Logic-on-Origin\" WASM-compatible payload structures.\n */\n\nexport type AIProvider = \"claude\" | \"openai\" | \"gemini\";\n\nexport interface PromptConfig {\n\txmlStandard: boolean;\n\tjsonSchemaPreferred: boolean;\n}\n\nconst PROVIDER_CONFIGS: Record<AIProvider, PromptConfig> = {\n\tclaude: { xmlStandard: true, jsonSchemaPreferred: false },\n\topenai: { xmlStandard: false, jsonSchemaPreferred: true },\n\tgemini: { xmlStandard: false, jsonSchemaPreferred: true },\n};\n\n/**\n * Generates specific System Prompts optimized for the provided AI.\n * This instructs the LLM on how to bypass Context-Pulling and use Logic-Injection (Zero-Shot).\n */\nexport function generateSystemInstructions(provider: AIProvider): string {\n\tconst config = PROVIDER_CONFIGS[provider];\n\n\tlet instructions = `[LIOP-PROTO-V1: LOGIC-ON-ORIGIN SPECIFICATION]\nYou are interacting with a Logic-Injection-on-Origin Protocol (LIOP) Mesh Network.\nUnlike standard MCP where you pull context to evaluate it remotely, in LIOP you WRITE code that executes on the data's origin.\n\n### CORE PARADIGM\nWhen you call a tool or resource, you MUST provide a payload that represents secure sandboxed logic to be executed on the remote Node.\nThe node will execute your logic securely on the raw secure data, and return only the RESULT, avoiding PII data egress.\n\n### EXECUTION RULES\n1. Provide a self-contained JavaScript syntax block that we will compile to WASM-Sandboxed logic.\n2. Rely only on standard ECMA script features (No Node.js polyfills).\n3. The logic must end by returning the calculated insights, not the raw data.\n`;\n\n\tif (config.xmlStandard) {\n\t\tinstructions += `\n### PAYLOAD FORMATTING (CLAUDE-XML PREFERRED)\nYou must wrap your logic precisely within <liop_logic> tags.\nExample:\n<liop_logic>\nconst records = await liop.readResource(\"liop://vault/patients\");\nconst filtered = records.filter(r => r.disease === \"Hypertension\");\nreturn { alert: \"High risk demographic\", targetCount: filtered.length };\n</liop_logic>\n`;\n\t} else if (config.jsonSchemaPreferred) {\n\t\tinstructions += `\n### PAYLOAD FORMATTING (JSON PARSING PREFERRED)\nYou must provide your logic strictly within a JSON string key called \\`\"logic_blob\"\\` inside your tool call parameters.\nExample:\n{\n  \"target\": \"liop://vault/patients\",\n  \"logic_blob\": \"const records = await liop.readResource(args.target); return { targetCount: records.filter(r => r.disease === 'Hypertension').length };\"\n}\n`;\n\t}\n\n\treturn instructions;\n}\n"]}

package/dist/kyber-2WDOTUQX.js

@@ -0,0 +1,2 @@
+export{a as Kyber768Wrapper}from'./chunk-DBXGYHKY.js';//# sourceMappingURL=kyber-2WDOTUQX.js.map
+//# sourceMappingURL=kyber-2WDOTUQX.js.map

package/dist/kyber-2WDOTUQX.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"kyber-2WDOTUQX.js"}

package/dist/{mesh/node.d.ts → mesh.d.ts}

@@ -2,7 +2,7 @@
  * Manifest describing a node's capabilities in the LIOP Mesh.
  * Exchanged via the /liop/manifest/1.0.0 protocol stream.
  */
-export interface LiopManifest {
+interface LiopManifest {
     peerId: string;
     grpcPort: number;
     tools: Array<{
@@ -27,7 +27,7 @@ export interface LiopManifest {
         executionTypes: string[];
     };
 }
-export interface MeshNodeConfig {
+interface MeshNodeConfig {
     listenAddresses?: string[];
     bootstrapNodes?: string[];
     identityPath?: string;
@@ -42,7 +42,7 @@ export interface MeshNodeConfig {
  * Provides capability advertisement via CID-based content routing
  * and decentralized peer discovery.
  */
-export declare class MeshNode {
+declare class MeshNode {
     private node;
     private config;
     private manifestDialFailureState;
@@ -127,3 +127,5 @@ export declare class MeshNode {
     findProviders(hash: string): Promise<string[]>;
     resolvePeer(peerIdStr: string): Promise<string[]>;
 }
+
+export { type LiopManifest, MeshNode, type MeshNodeConfig };

package/dist/mesh.js

@@ -0,0 +1,2 @@
+import'./chunk-RWRRBYG4.js';export{a as MeshNode}from'./chunk-PPCOS2NU.js';import'./chunk-S6RJHZV2.js';//# sourceMappingURL=mesh.js.map
+//# sourceMappingURL=mesh.js.map

package/dist/mesh.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"mesh.js"}

package/dist/{server/index.d.ts → server.d.ts}

@@ -1,13 +1,113 @@
-import { z } from "zod";
-import { MeshNode } from "../mesh/node.js";
-import type { CallToolRequest, CallToolResult, GetPromptRequest, GetPromptResult, Prompt, Resource, ServerInfo, Tool } from "../types.js";
-import { NerScanner } from "./ner-scanner.js";
-import { PII_PATTERNS, PII_PRESETS, type PiiRule, PiiScanner } from "./pii.js";
-export { NerScanner, PII_PATTERNS, PII_PRESETS, type PiiRule, PiiScanner };
-export type ToolHandler<T extends z.ZodRawShape = z.ZodRawShape> = (args: z.infer<z.ZodObject<T>>, extra: {
+import { z } from 'zod';
+import { MeshNode } from './mesh.js';
+import { ServerInfo, CallToolResult, Prompt, GetPromptRequest, GetPromptResult, CallToolRequest, Tool, Resource } from './types.js';
+
+/** Single named entity detected by the NER scanner. */
+interface NerEntity {
+    type: "person" | "place" | "organization";
+    text: string;
+}
+/** Result of an NER scan operation. */
+interface NerScanResult {
+    detected: boolean;
+    entities: NerEntity[];
+}
+/**
+ * Scans text content for named entities that may represent PII.
+ * Uses `compromise/three` for person, place, and organization detection.
+ *
+ * Designed for egress filtering — optimized for recall over precision
+ * to ensure sensitive data does not leak through aliased output keys.
+ */
+declare class NerScanner {
+    private static nlp;
+    /**
+     * Lazy loads the compromise library only when needed.
+     */
+    private getNlp;
+    /**
+     * Scans a single string value for named entities.
+     * Returns detected entities if the text contains recognizable PII.
+     */
+    scan(text: string): Promise<NerScanResult>;
+    /**
+     * Recursively scans all string values within an object/array.
+     * Stops at the first detection for performance (fail-fast).
+     */
+    scanDeep(input: unknown, seen?: WeakSet<object>): Promise<NerScanResult>;
+}
+
+/**
+ * LIOP Professional PII Engine (The Shield V2 - Tier-1 Military Edition)
+ * Implements high-fidelity detection based on NIST and OWASP standards.
+ * Features Multi-Layer Verification (Regex + Algorithmic Validators).
+ */
+type PiiRuleDefinition = {
+    name: string;
+    pattern: string | RegExp;
+    validator?: (match: string) => boolean;
+};
+type PiiRule = string | RegExp | PiiRuleDefinition;
+declare const PII_PATTERNS: {
+    EMAIL: PiiRuleDefinition;
+    CREDIT_CARD: PiiRuleDefinition;
+    IP_ADDRESS: PiiRuleDefinition;
+    PHONE: PiiRuleDefinition;
+    SSN: PiiRuleDefinition;
+    IBAN: PiiRuleDefinition;
+    PASSPORT_MRZ: PiiRuleDefinition;
+};
+/**
+ * Regional and Cultural Security Presets for Out-Of-The-Box compliance.
+ * Developers can override, merge, or omit these based on local laws.
+ */
+declare const PII_PRESETS: {
+    GLOBAL_STRICT: PiiRuleDefinition[];
+    US_COMPLIANT: PiiRuleDefinition[];
+    EU_GDPR: PiiRuleDefinition[];
+};
+declare class PiiScanner {
+    private patterns;
+    private forbiddenKeysSet;
+    private nerScanner;
+    /**
+     * Safelist of keys that contain forbidden substrings but are NOT PII.
+     * Prevents false positives from fuzzy matching (e.g., "grid" contains "id").
+     */
+    private static readonly KEY_SAFELIST;
+    /**
+     * Short forbidden tokens (< 4 chars) that require boundary-aware matching.
+     * Uses regex boundary detection to avoid false positives.
+     */
+    private shortTokenBoundaryPatterns;
+    /**
+     * Long forbidden tokens (>= 4 chars) that use substring containment.
+     */
+    private longForbiddenTokens;
+    constructor(patterns?: PiiRule[], forbiddenKeys?: string[], nerScanner?: NerScanner | null);
+    /**
+     * Scans any input (string, object, array) for PII violations.
+     * Returns the pattern/rule name that triggered the violation, or null if safe.
+     *
+     * Detection pipeline (fail-fast):
+     *   1. Exact key match (O(1) Set lookup)
+     *   2. Fuzzy key match (boundary detection for short tokens, substring for long)
+     *   3. Regex/algorithmic pattern match on string values
+     *   4. NER content scan on string values (if enabled)
+     */
+    scan(input: unknown, seen?: WeakSet<object>): Promise<string | null>;
+    /**
+     * Checks a key against fuzzy matching rules.
+     * Short tokens use boundary-aware regex; long tokens use substring containment.
+     */
+    private checkKeyFuzzy;
+    private checkString;
+}
+
+type ToolHandler<T extends z.ZodRawShape = z.ZodRawShape> = (args: z.infer<z.ZodObject<T>>, extra: {
     signal?: AbortSignal;
 }) => Promise<CallToolResult>;
-export interface LiopServerOptions {
+interface LiopServerOptions {
     capabilities?: Record<string, unknown>;
     workerPool?: {
         enabled?: boolean;
@@ -24,8 +124,10 @@ export interface LiopServerOptions {
         enableNerScanning?: boolean;
         /** Rate limiting configuration for tool calls (OWASP A01). */
         rateLimit?: {
-            /** Maximum calls per window per tool (default: 30). */
+            /** Maximum calls per window per tool (default: 15). */
             maxPerWindow?: number;
+            /** Maximum calls per window across ALL tools combined (default: 40). */
+            globalMaxPerWindow?: number;
             /** Sliding window duration in milliseconds (default: 60000 = 1 min). */
             windowMs?: number;
         };
@@ -36,13 +138,13 @@ export interface LiopServerOptions {
         executionTypes?: string[];
     };
 }
-export interface AggregationPolicy {
+interface AggregationPolicy {
     /** Maximum number of object-type array elements allowed (default: 10) */
     maxOutputRows?: number;
     /** Allow arrays containing only primitive values (default: true) */
     allowPrimitiveArrays?: boolean;
 }
-export interface LogicExecutionPolicy {
+interface LogicExecutionPolicy {
     /**
      * Validate the business payload returned by sandbox logic (post-execution).
      * This runs before final egress checks and blocks non-conforming outputs.
@@ -57,7 +159,7 @@ export interface LogicExecutionPolicy {
      */
     preflightDenyPatterns?: RegExp[];
 }
-export declare class LiopServer {
+declare class LiopServer {
     private serverInfo;
     private config?;
     private logicCache;
@@ -68,6 +170,9 @@ export declare class LiopServer {
     private toolCallWindows;
     private readonly toolCallMaxPerWindow;
     private readonly toolCallWindowMs;
+    private globalCallWindow;
+    private readonly globalCallMaxPerWindow;
+    private readonly taintAnalyzer;
     private tools;
     private resources;
     private prompts;
@@ -150,6 +255,12 @@ export declare class LiopServer {
      * the full dataset field by field. (OWASP A01)
      */
     private checkToolCallRateLimit;
+    /**
+     * Global cross-tool rate limiter.
+     * Prevents attackers from distributing micro-queries across multiple tools
+     * to evade per-tool rate limits. (OWASP A01)
+     */
+    private checkGlobalRateLimit;
     /**
      * Emulates calling a tool (used locally or via LIOPMcpBridge)
      */
@@ -209,3 +320,5 @@ export declare class LiopServer {
      */
     close(): Promise<void>;
 }
+
+export { type AggregationPolicy, LiopServer, type LiopServerOptions, type LogicExecutionPolicy, NerScanner, PII_PATTERNS, PII_PRESETS, type PiiRule, PiiScanner, type ToolHandler };

package/dist/server.js

@@ -0,0 +1,2 @@
+export{f as LiopServer,b as NerScanner,c as PII_PATTERNS,d as PII_PRESETS,e as PiiScanner}from'./chunk-FW6CICSY.js';import'./chunk-HM77MWB6.js';import'./chunk-PPCOS2NU.js';import'./chunk-S6RJHZV2.js';//# sourceMappingURL=server.js.map
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"server.js"}