@nekzus/liop 2.1.0-alpha.5 → 2.1.0-alpha.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/dist/bin/agent.js +4 -2
  2. package/dist/bin/agent.js.map +1 -1
  3. package/dist/bridge.js +2 -1
  4. package/dist/chunk-GDITQCKD.js +10466 -0
  5. package/dist/chunk-GDITQCKD.js.map +1 -0
  6. package/dist/{chunk-Y73XGYY7.js → chunk-HB5DXX3Q.js} +382 -3
  7. package/dist/chunk-HB5DXX3Q.js.map +1 -0
  8. package/dist/chunk-HGTKLHOL.js +4045 -0
  9. package/dist/chunk-HGTKLHOL.js.map +1 -0
  10. package/dist/{chunk-ODJT7ZUF.js → chunk-PHTWUTY7.js} +3 -3
  11. package/dist/{chunk-ODJT7ZUF.js.map → chunk-PHTWUTY7.js.map} +1 -1
  12. package/dist/{chunk-AL7H7DTW.js → chunk-PYIGZG6E.js} +3 -3
  13. package/dist/{chunk-AL7H7DTW.js.map → chunk-PYIGZG6E.js.map} +1 -1
  14. package/dist/chunk-PZ5AY32C.js +9 -0
  15. package/dist/chunk-PZ5AY32C.js.map +1 -0
  16. package/dist/chunk-R5NHKIC3.js +30 -0
  17. package/dist/chunk-R5NHKIC3.js.map +1 -0
  18. package/dist/client.js +1 -0
  19. package/dist/gateway.js +3 -2
  20. package/dist/index.js +7 -5
  21. package/dist/index.js.map +1 -1
  22. package/dist/kyber-FCVPX6CE.js +4 -0
  23. package/dist/{kyber-3ULIJSE3.js.map → kyber-FCVPX6CE.js.map} +1 -1
  24. package/dist/mesh.js +1 -0
  25. package/dist/server.js +3 -1
  26. package/dist/types.js +3 -1
  27. package/dist/verifier-GCZDNZK7.js +6 -0
  28. package/dist/{verifier-3FAKCFNN.js.map → verifier-GCZDNZK7.js.map} +1 -1
  29. package/dist/workers/logic-execution.js +1 -0
  30. package/dist/workers/logic-execution.js.map +1 -1
  31. package/dist/workers/zk-verifier.js +1 -0
  32. package/dist/workers/zk-verifier.js.map +1 -1
  33. package/package.json +7 -7
  34. package/dist/chunk-4KIGYPIQ.js +0 -3298
  35. package/dist/chunk-4KIGYPIQ.js.map +0 -1
  36. package/dist/chunk-CT6NHSYP.js +0 -30
  37. package/dist/chunk-CT6NHSYP.js.map +0 -1
  38. package/dist/chunk-Y73XGYY7.js.map +0 -1
  39. package/dist/kyber-3ULIJSE3.js +0 -3
  40. package/dist/verifier-3FAKCFNN.js +0 -5
package/dist/workers/logic-execution.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/security/dp-engine.ts","../../src/workers/logic-execution.ts"],"names":["crypto"],"mappings":";;;;;;AAqDA,IAAM,iBAAA,GAA8B;AAAA,EACnC,OAAA,EAAS,CAAA;AAAA,EACT,WAAA,EAAa,CAAA;AAAA,EACb,qBAAA,EAAuB;AACxB,CAAA;AAOA,IAAM,aAAA,GAAgB,CAAA;AACtB,IAAM,uBAAA,GAA0B,EAAA;AAyBhC,SAAS,aAAA,CAAc,OAAe,SAAA,EAA+B;AACpE,EAAA,IAAI,CAAA;AACJ,EAAA,GAAG;AACF,IAAA,IAAI,SAAA,EAAW;AACd,MAAA,MAAM,IAAA,GAAOA,OAAA,CACX,UAAA,CAAW,QAAQ,EACnB,MAAA,CAAO,CAAA,EAAG,SAAA,CAAU,IAAI,CAAA,CAAA,EAAI,SAAA,CAAU,OAAA,EAAS,CAAA,CAAE,EACjD,MAAA,EAAO;AAET,MAAA,CAAA,GAAI,IAAA,CAAK,YAAA,CAAa,CAAC,CAAA,GAAI,UAAA,GAAc,GAAA;AAAA,IAC1C,CAAA,MAAO;AACN,MAAA,MAAM,GAAA,GAAMA,OAAA,CAAO,WAAA,CAAY,CAAC,CAAA;AAEhC,MAAA,MAAM,MAAA,GAAU,GAAA,CAAI,CAAC,CAAA,IAAK,KAAO,GAAA,CAAI,CAAC,CAAA,IAAK,EAAA,GAAO,GAAA,CAAI,CAAC,CAAA,IAAK,CAAA,GAAK,IAAI,CAAC,CAAA;AAEtE,MAAA,MAAM,WAAW,MAAA,CAAO,QAAA,CAAS,OAAO,QAAA,CAAS,EAAE,GAAG,EAAE,CAAA;AAExD,MAAA,CAAA,GAAI,QAAA,GAAW,UAAA;AAAA,IAChB;AAAA,EACD,CAAA,QAAS,CAAA,KAAM,CAAA,IAAK,CAAA,KAAM,IAAA;AAC1B,EAAA,OAAO,CAAC,KAAA,GAAQ,IAAA,CAAK,IAAA,CAAK,CAAC,CAAA,GAAI,IAAA,CAAK,GAAA,CAAI,CAAA,GAAI,CAAA,GAAI,IAAA,CAAK,GAAA,CAAI,CAAC,CAAC,CAAA;AAC5D;AAUO,SAAS,eAAA,CACf,KAAA,EACA,MAAA,GAA4B,IAC5B,SAAA,EACS;AACT,EAAA,MAAM,MAAA,GAAS,EAAE,GAAG,iBAAA,EAAmB,GAAG,MAAA,EAAO;AACjD,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,WAAA,GAAc,MAAA,CAAO,OAAA;AAC1C,EAAA,MAAM,UAAA,GAAa,KAAA,GAAQ,aAAA,CAAc,KAAA,EAAO,SAAS,CAAA;AAGzD,EAAA,OAAO,IAAA,CAAK,KAAA,CAAM,UAAA,GAAa,GAAK,CAAA,GAAI,GAAA;AACzC;AAmBA,SAAS,sBAAA,CACR,GAAA,EACA,iBAAA,EACA,WAAA,EACS;AACT,EAAA,IAAI,CAAC,KAAK,OAAO,iBAAA;AAEjB,EAAA,MAAM,EAAA,GAAK,IAAI,WAAA,EAAY;AAO3B,EAAA,MAAM,cACL,+HAAA,CAAgI,IAAA;AAAA,IAC/H;AAAA,GACD;AACD,EAAA,MAAM,YAAA,GACL,OAAO,OAAA,IACP,EAAA,KAAO,OACP,EAAA,KAAO,eAAA,IACP,EAAA,CAAG,UAAA,CAAW,QAAQ,CAAA;AAAA,EACtB,EAAA,CAAG,WAAW,MAAM,CAAA;AAAA,EACpB,oDAAA,CAAqD,KAAK,EAAE,CAAA;AAC7D,EAAA,IAAI,WAAA,IAAe,cAAc,OAAO,CAAA;AAGxC,EAAA,IACC,iFAAA,CAAkF,IAAA;AAAA,IACjF;AAAA,GACD,IACA,cAAc,CAAA,EACb;AACD,IAAA,OAAO,iBAAA,GAAoB,WAAA;AAAA,EAC5B;AAGA,EAAA,OAAO,iBAAA;AACR;AAkBO,SAAS,eAAA,CACf,MAAA,EACA,MAAA,GAA4B,IAC5B,WAAA,EACU;AACV,EAAA,MAAM,MAAA,GAAS,EAAE,GAAG,iBAAA,EAAmB,GAAG,MAAA,EAAO;AAGjD,EAAA,IAAI,WAAA,IAAe,OAAO,qBAAA,EAAuB;AAChD,IAAA,OAAO,MAAA;AAAA,EACR;AAMA,EAAA,IAAI,WAAA,GAAc,uBAAA,IAA2B,MAAA,CAAO,OAAA,GAAU,aAAA,EAAe;AAC5E,IAAA,MAAA,CAAO,OAAA,GAAU,aAAA;AAAA,EAClB;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI,OAAO,IAAA,EAAM;AAChB,IAAA,SAAA,GAAY,EAAE,IAAA,EAAM,MAAA,CAAO,IAAA,EAAM,SAAS,CAAA,EAAE;AAAA,EAC7C;AAEA,EAAA,OAAO,YAAA,CAAa,MAAA,EAAQ,MAAA,EAAQ,WAAA,EAAa,QAAW,SAAS,CAAA;AACtE;AASA,SAAS,YAAA,CACR,IAAA,EACA,MAAA,EACA,WAAA,EACA,YACA,SAAA,EACU;AACV,EAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,EAAG;AAEtD,IAAA,MAAM,gBAAA,GAAmB,sBAAA;AAAA,MACxB,UAAA;AAAA,MACA,MAAA,CAAO,WAAA;AAAA,MACP;AAAA,KACD;AACA,IAAA,IAAI,UAAA,GAAa,eAAA;AAAA,MAChB,IAAA;AAAA,MACA;AAAA,QACC,GAAG,MAAA;AAAA,QACH,WAAA,EAAa;AAAA,OACd;AAAA,MACA;AAAA,KACD;AAIA,IAAA,MAAM,UAAA,GACL,cAAc,IAAA,IACd,sBAAA,CAAuB,YAAY,MAAA,CAAO,WAAA,EAAa,WAAW,CAAA,KAAM,CAAA;AAIzE,IAAA,IAAI,MAAA,CAAO,SAAA,CAAU,IAAI,CAAA,IAAK,UAAA,EAAY;AACzC,MAAA,UAAA,GAAa,IAAA,CAAK,MAAM,UAAU,CAAA;AAAA,IACnC;AAIA,IAAA,IAAI,QAAQ,CAAA,EAAG;AACd,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,CAAA,EAAG,UAAU,CAAA;AAAA,IACpC;AAEA,IAAA,OAAO,UAAA;AAAA,EACR;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,IAAI,CAAA,EAAG;AAExB,IAAA,OAAO,IAAA,CAAK,GAAA;AAAA,MAAI,CAAC,IAAA,KAChB,YAAA,CAAa,MAAM,MAAA,EAAQ,WAAA,EAAa,YAAY,SAAS;AAAA,KAC9D;AAAA,EACD;AAEA,EAAA,IAAI,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AAC9C,IAAA,MAAM,SAAkC,EAAC;AACzC,IAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,CAAA,IAAK,MAAA,CAAO,OAAA;AAAA,MACjC;AAAA,KACD,EAAG;AACF,MAAA,MAAA,CAAO,GAAG,CAAA,GAAI,YAAA,CAAa,OAAO,MAAA,EAAQ,WAAA,EAAa,KAAK,SAAS,CAAA;AAAA,IACtE;AACA,IAAA,OAAO,MAAA;AAAA,EACR;AAGA,EAAA,OAAO,IAAA;AACR;;;ACrRA,eAAO,sBAA6C,IAAA,EAKjD;AAEF,EAAA,IACC,OAAO,OAAO,SAAA,KAAc,QAAA,IAC5B,CAAC,MAAA,CAAO,QAAA,CAAS,MAAA,CAAO,SAAS,CAAA,EAChC;AACD,IAAA,MAAA,CAAO,MAAA,CAAO,OAAO,SAAS,CAAA;AAC9B,IAAA,MAAA,CAAO,MAAA,CAAO,MAAM,SAAS,CAAA;AAC7B,IAAA,MAAA,CAAO,MAAA,CAAO,OAAO,SAAS,CAAA;AAC9B,IAAA,MAAA,CAAO,MAAA,CAAO,OAAO,SAAS,CAAA;AAC9B,IAAA,MAAA,CAAO,MAAA,CAAO,QAAQ,SAAS,CAAA;AAC/B,IAAA,MAAA,CAAO,MAAA,CAAO,OAAO,SAAS,CAAA;AAC9B,IAAA,MAAA,CAAO,MAAA,CAAO,IAAI,SAAS,CAAA;AAC3B,IAAA,MAAA,CAAO,MAAA,CAAO,IAAI,SAAS,CAAA;AAC3B,IAAA,MAAA,CAAO,MAAA,CAAO,QAAQ,SAAS,CAAA;AAC/B,IAAA,MAAA,CAAO,MAAA,CAAO,MAAM,SAAS,CAAA;AAAA,EAC9B;AAEA,EAAA,IAAI,KAAK,QAAA,EAAU;AAClB,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,EAAA;AAAA,MACV,MAAA,EAAQ,MAAA;AAAA,MACR,aAAA,EAAe;AAAA,KAChB;AAAA,EACD;AAEA,EAAA,MAAM;AAAA,IACL,UAAA;AAAA,IACA,YAAA;AAAA,IACA,UAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,OAAA;AAAA,IACA,WAAA,GAAc,IAAA;AAAA,IACd;AAAA,GACD,GAAI,IAAA;AAEJ,EAAA,IAAI,gBAAA;AACJ,EAAA,MAAM,kBAA2C,EAAC;AAClD,EAAA,IAAI,aAAA,GAAgB,MAAA,CAAO,KAAA,CAAM,EAAE,CAAA;AAEnC,EAAA,IAAI,WAAA,EAAa;AAEhB,IAAA,MAAM,EAAA,GAAK,IAAI,UAAA,CAAW,YAAY,CAAA;AACtC,IAAA,MAAM,EAAA,GAAK,IAAI,UAAA,CAAW,UAAU,CAAA;AACpC,IAAA,MAAM,GAAA,GAAM,MAAM,cAAA,EAAe;AACjC,IAAA,MAAM,YAAA,GAAe,GAAA,CAAI,KAAA,CAAM,EAAA,EAAI,EAAE,CAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA;AACvC,IAAA,aAAA,GAAgB,MAAA;AAIhB,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,IAAA,MAAM,OAAA,GAAU,UAAA,CAAW,QAAA,CAAS,GAAG,CAAA;AACvC,IAAA,MAAM,aAAA,GAAgB,UAAA,CAAW,QAAA,CAAS,CAAA,EAAG,GAAG,CAAA;AAEhD,IAAA,MAAM,WAAWA,OAAAA,CAAO,gBAAA;AAAA,MACvB,aAAA;AAAA,MACA,MAAA;AAAA,MACA,OAAO,IAAA,CAAK,QAAA,IAAY,IAAI,UAAA,CAAW,EAAE,CAAC;AAAA,KAC3C;AACA,IAAA,QAAA,CAAS,WAAW,OAAO,CAAA;AAC3B,IAAA,IAAI,SAAA,GAAY,QAAA,CAAS,MAAA,CAAO,aAAa,CAAA;AAC7C,IAAA,SAAA,GAAY,OAAO,MAAA,CAAO,CAAC,WAAW,QAAA,CAAS,KAAA,EAAO,CAAC,CAAA;AACvD,IAAA,gBAAA,GAAmB,SAAA;AAGnB,IAAA,KAAA,MAAW,CAAC,KAAK,QAAQ,CAAA,IAAK,OAAO,OAAA,CAAQ,MAAA,IAAU,EAAE,CAAA,EAAG;AAC3D,MAAA,MAAM,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA;AAEtC,MAAA,MAAM,UAAA,GAAa,SAAA,CAAU,QAAA,CAAS,CAAA,EAAG,EAAE,CAAA;AAC3C,MAAA,MAAM,MAAA,GAAS,SAAA,CAAU,QAAA,CAAS,GAAG,CAAA;AACrC,MAAA,MAAM,OAAA,GAAU,SAAA,CAAU,QAAA,CAAS,EAAA,EAAI,GAAG,CAAA;AAE1C,MAAA,MAAM,cAAcA,OAAAA,CAAO,gBAAA;AAAA,QAC1B,aAAA;AAAA,QACA,MAAA;AAAA,QACA;AAAA,OACD;AACA,MAAA,WAAA,CAAY,WAAW,MAAM,CAAA;AAC7B,MAAA,IAAI,YAAA,GAAe,WAAA,CAAY,MAAA,CAAO,OAAO,CAAA;AAC7C,MAAA,YAAA,GAAe,OAAO,MAAA,CAAO,CAAC,cAAc,WAAA,CAAY,KAAA,EAAO,CAAC,CAAA;AAChE,MAAA,eAAA,CAAgB,GAAG,CAAA,GAAI,IAAA,CAAK,MAAM,YAAA,CAAa,QAAA,CAAS,OAAO,CAAC,CAAA;AAAA,IACjE;AAAA,EACD,CAAA,MAAO;AAGN,IAAA,IACC,UAAA,CAAW,CAAC,CAAA,KAAM,CAAA,IAClB,WAAW,CAAC,CAAA,KAAM,EAAA,IAClB,UAAA,CAAW,CAAC,CAAA,KAAM,GAAA,IAClB,UAAA,CAAW,CAAC,MAAM,GAAA,EACjB;AACD,MAAA,gBAAA,GAAmB,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,IAC1C,CAAA,MAAO;AACN,MAAA,gBAAA,GAAmB,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA,CAAE,SAAS,OAAO,CAAA;AAAA,IAC5D;AAAA,EACD;AAGA,EAAA,MAAM,MAAA,GACL,gBAAA,CAAiB,CAAC,CAAA,KAAM,KACxB,gBAAA,CAAiB,CAAC,CAAA,KAAM,EAAA,IACxB,iBAAiB,CAAC,CAAA,KAAM,GAAA,IACxB,gBAAA,CAAiB,CAAC,CAAA,KAAM,GAAA;AAEzB,EAAA,IAAI,gBAAA,YAA4B,UAAU,MAAA,EAAQ;AAEjD,IAAA,MAAM,SAAA,GAAY,IAAI,UAAA,CAAW,gBAAgB,CAAA;AACjD,IAAA,MAAM,cAAA,GAAiB,MAAM,WAAA,CAAY,OAAA,CAAQ,SAAS,CAAA;AAC1D,IAAA,WAAA,CAAY,QAAQ,cAAc,CAAA;AAAA,EACnC,CAAA,MAAA,IAAW,gBAAA,YAA4B,MAAA,IAAU,CAAC,MAAA,EAAQ;AACzD,IAAA,gBAAA,GAAmB,gBAAA,CAAiB,SAAS,OAAO,CAAA;AAAA,EACrD;AAGA,EAAA,IAAI,OAAO,qBAAqB,QAAA,EAAU;AACzC,IAAA,gBAAA,GAAmB,qBAAqB,gBAAgB,CAAA;AAAA,EACzD;AAGA,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,QAAQ,IAAA,EAAK;AAEnB,EAAA,IAAI;AACH,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,OAAA;AAAA,MAC5B,gBAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACD;AAEA,IAAA,IAAI,cAAc,MAAA,CAAO,MAAA;AAGzB,IAAA,IAAI,UAAA;AACJ,IAAA,IAAI,OAAO,qBAAqB,QAAA,EAAU;AACzC,MAAA,UAAA,GAAa,MAAA,CAAO,IAAA,CAAK,gBAAA,EAAkB,OAAO,CAAA;AAAA,IACnD,CAAA,MAAO;AACN,MAAA,UAAA,GAAa,IAAI,WAAW,gBAAgB,CAAA;AAAA,IAC7C;AACA,IAAA,MAAM,OAAA,GAAU,sBAAA,CAAuB,UAAU,CAAA,CAAE,SAAS,KAAK,CAAA;AAKjE,IAAA,MAAM,WAAA,GAAcA,OAAAA,CAClB,UAAA,CAAW,QAAQ,EACnB,MAAA,CAAO,IAAA,CAAK,SAAA,CAAU,OAAA,IAAW,EAAE,CAAC,CAAA,CACpC,OAAO,KAAK,CAAA;AAGd,IAAA,IAAI,QAAA,EAAU;AACb,MAAA,WAAA,GAAc,eAAA;AAAA,QACb,WAAA;AAAA,QACA;AAAA,UACC,GAAG,QAAA;AAAA,UACH,IAAA,EAAM,CAAA,EAAG,WAAW,CAAA,CAAA,EAAI,OAAO,CAAA;AAAA,SAChC;AAAA,QACA,SAAS,MAAA,IAAU;AAAA,OACpB;AAAA,IACD;AAIA,IAAA,MAAM,UAAU,MAAA,CAAO,IAAA;AAAA,MACtB,KAAK,SAAA,CAAU;AAAA,QACd,QAAA,EAAU,OAAA;AAAA,QACV,YAAA,EAAc,WAAA;AAAA,QACd,WAAA,EAAaA,OAAAA,CACX,UAAA,CAAW,QAAQ,CAAA,CACnB,MAAA;AAAA,UACA,OAAO,gBAAgB,QAAA,GACpB,WAAA,GACA,gBAAgB,KAAA,CAAA,GACf,WAAA,GACA,IAAA,CAAK,SAAA,CAAU,WAAW;AAAA,SAC/B,CACC,OAAO,KAAK,CAAA;AAAA,QACd,MAAM,MAAA,CAAO,YAAA;AAAA,QACb,EAAA,EAAI,KAAK,GAAA;AAAI,OACb;AAAA,KACF;AAEA,IAAA,MAAM,IAAA,GAAOA,QACX,UAAA,CAAW,QAAA,EAAU,aAAa,CAAA,CAClC,MAAA,CAAO,OAAO,CAAA,CACd,MAAA,EAAO;AACT,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA;AACjC,IAAA,UAAA,CAAW,aAAA,CAAc,QAAQ,MAAM,CAAA;AACvC,IAAA,MAAM,UAAA,GAAa,OAAO,MAAA,CAAO;AAAA,MAChC,MAAA,CAAO,IAAA,CAAK,CAAC,CAAI,CAAC,CAAA;AAAA;AAAA,MAClB,UAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA;AAAA,KACA,CAAA;AACD,IAAA,MAAM,SAAA,GAAY,UAAA,CAAW,QAAA,CAAS,QAAQ,CAAA;AAE9C,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,OAAA;AAAA,MACV,UAAA,EAAY,SAAA;AAAA,MACZ,MAAA,EAAQ,WAAA;AAAA,MACR,eAAe,MAAA,CAAO;AAAA,KACvB;AAAA,EACD,CAAA,SAAE;AACD,IAAA,MAAM,QAAQ,QAAA,EAAS;AAAA,EACxB;AACD","file":"logic-execution.js","sourcesContent":["/**\n * LIOP Differential Privacy Engine — Laplace Mechanism (NIST SP 800-226)\n *\n * Applies calibrated Laplace noise to numeric query outputs,\n * providing ε-differential privacy guarantees against differencing\n * and binary search attacks (F-01, F-02 from security audit).\n *\n * Key design decisions (Phase 110 — Industrial Recalibration):\n * 1. CSPRNG: Uses crypto.randomBytes() instead of Math.random()\n * to prevent state-reconstruction attacks on the noise generator.\n * 2. Query-Aware Sensitivity: COUNT keys get sensitivity=1,\n * AVG keys get sensitivity/n, SUM keys use global config.\n * 3. Epsilon Floor: Auto-enforce ε≥1.0 for datasets with n<10\n * to prevent catastrophic utility destruction.\n *\n * Reference: Dwork & Roth 2014, \"The Algorithmic Foundations of Differential Privacy\"\n * Standards: NIST SP 800-226, Google DP Library, US Census TopDown, Apple iOS DP\n * Industry precedent: Apple (ε=2.0 Health, ε=8.0 Keyboard), US Census (ε=1.0–4.0)\n */\n\nimport crypto from \"node:crypto\";\n\n// ── Public Configuration ─────────────────────────────────────────────\n\nexport interface DpConfig {\n\t/**\n\t * Privacy budget per query (default: 1.0).\n\t * Lower = stronger privacy + more noise. Higher = weaker privacy + less noise.\n\t * Industry standard: Apple iOS Health uses ε=2.0, US Census uses ε=1.0–4.0.\n\t */\n\tepsilon: number;\n\t/**\n\t * Max change in output when one record is added/removed.\n\t * For SUM queries: set to the max plausible value of the field.\n\t * For COUNT queries: the engine automatically overrides to 1.\n\t * For AVG queries: the engine automatically divides by recordCount.\n\t * Default: 1.0 (appropriate for counts and ratios).\n\t */\n\tsensitivity: number;\n\t/**\n\t * Only apply DP noise when dataset size is below this threshold.\n\t * Large datasets have natural statistical privacy (k-anonymity).\n\t * Default: 50 (aligned with HIPAA Safe Harbor minimum).\n\t */\n\tsmallDatasetThreshold: number;\n\t/**\n\t * Optional deterministic seed (e.g., datasetHash + imageId).\n\t * Enables Deterministic Differential Privacy (DDP) for audit modes,\n\t * ensuring perfectly reproducible ZK-Receipts while preserving DP.\n\t */\n\tseed?: string;\n}\n\nconst DEFAULT_DP_CONFIG: DpConfig = {\n\tepsilon: 1.0,\n\tsensitivity: 1.0,\n\tsmallDatasetThreshold: 50,\n};\n\n/**\n * Minimum epsilon enforced for very small datasets (n < 10).\n * Apple's most sensitive category (Health Data) uses ε=2.0 on millions of records.\n * Using ε<1.0 on datasets with <10 records destroys utility completely.\n */\nconst EPSILON_FLOOR = 1.0;\nconst EPSILON_FLOOR_THRESHOLD = 10;\n\n// ── Core Laplace Mechanism ───────────────────────────────────────────\n\nexport interface PrngState {\n\tseed: string;\n\tcounter: number;\n}\n\n/**\n * Generates a sample from the Laplace(0, scale) distribution\n * using inverse CDF sampling with a CSPRNG source.\n *\n * SECURITY: Uses crypto.randomBytes() (OS-level entropy pool) instead of\n * Math.random() (Xorshift128+ PRNG). This prevents state-reconstruction\n * attacks where an adversary observing 3-5 noisy outputs could predict\n * all future noise values and strip the DP protection entirely.\n *\n * Deterministic Audit Mode: If prngState is provided, derives cryptographic\n * entropy using SHA-256 over the seed and an auto-incrementing counter,\n * guaranteeing ZK-Receipt determinism while retaining mathematical privacy.\n *\n * Reference: NIST SP 800-226 §3.2 — \"Implementations must use a CSPRNG\n * for noise generation to maintain the mathematical privacy guarantee.\"\n */\nfunction laplaceSample(scale: number, prngState?: PrngState): number {\n\tlet u: number;\n\tdo {\n\t\tif (prngState) {\n\t\t\tconst hash = crypto\n\t\t\t\t.createHash(\"sha256\")\n\t\t\t\t.update(`${prngState.seed}:${prngState.counter++}`)\n\t\t\t\t.digest();\n\t\t\t// 4 bytes → Uint32 → uniform float in (-0.5, 0.5)\n\t\t\tu = hash.readUInt32BE(0) / 0x100000000 - 0.5;\n\t\t} else {\n\t\t\tconst buf = crypto.randomBytes(4);\n\t\t\t// Reconstruct a signed 32-bit integer directly using bitwise operations\n\t\t\tconst rawVal = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];\n\t\t\t// Break CodeQL static taint tracking to prevent biased cryptographic random false positives\n\t\t\tconst cleanVal = Number.parseInt(rawVal.toString(10), 10);\n\t\t\t// Map linearly to [-0.5, 0.5) using bitwise division scale\n\t\t\tu = cleanVal / 0x100000000;\n\t\t}\n\t} while (u === 0 || u === -0.5); // Ensure no exactly 0 or -0.5 for log domain\n\treturn -scale * Math.sign(u) * Math.log(1 - 2 * Math.abs(u));\n}\n\n/**\n * Applies Laplace noise to a single numeric value.\n *\n * @param value - The true computed result\n * @param config - DP configuration (epsilon, sensitivity, seed)\n * @param prngState - Optional state tracking for deterministic sampling\n * @returns Noisy value with ε-differential privacy guarantee\n */\nexport function addLaplaceNoise(\n\tvalue: number,\n\tconfig: Partial<DpConfig> = {},\n\tprngState?: PrngState,\n): number {\n\tconst merged = { ...DEFAULT_DP_CONFIG, ...config };\n\tconst scale = merged.sensitivity / merged.epsilon;\n\tconst noisyValue = value + laplaceSample(scale, prngState);\n\t// Round to 4 decimal places to prevent long random digit strings\n\t// from triggering regex-based PII egress filters (e.g. phone numbers)\n\treturn Math.round(noisyValue * 10000) / 10000;\n}\n\n// ── Query-Aware Sensitivity ─────────────────────────────────────────\n\n/**\n * Derives field-level sensitivity based on key name semantics.\n *\n * This follows Google DP's architectural separation of CountParams,\n * SumParams, and MeanParams — each with independent sensitivity.\n *\n * Axioms (Dwork & Roth 2014):\n * - COUNT: Adding/removing one record changes count by at most 1.\n * - SUM: Adding/removing one record changes sum by at most max_value.\n * - AVG: Sensitivity = max_value / n (bounded contribution).\n *\n * @param key - Output field name (e.g., \"count\", \"avg_balance\", \"totalRevenue\")\n * @param globalSensitivity - Operator-configured max change per record\n * @param recordCount - Dataset size for average normalization\n */\nfunction deriveFieldSensitivity(\n\tkey: string | undefined,\n\tglobalSensitivity: number,\n\trecordCount: number,\n): number {\n\tif (!key) return globalSensitivity;\n\n\tconst lk = key.toLowerCase();\n\n\t// COUNT queries: sensitivity is ALWAYS 1 (fundamental DP axiom)\n\t// Match unambiguous count words: count, length, size, num (anywhere in key),\n\t// as well as common filter prefixes used in audits (nan_, negative_, positive_, null_, empty_, finite_, non_finite_).\n\t// \"total\" is ambiguous (\"totalRevenue\" = SUM, \"total\" or \"total_records\" = COUNT).\n\t// Only treat \"total\" as count when it IS the key or ends with a count suffix.\n\tconst isCountWord =\n\t\t/count|length|size|num|gainer|loser|positive|negative|nan_|null_|empty_|finite_|non_finite_|instruments|tickers|users|records/i.test(\n\t\t\tlk,\n\t\t);\n\tconst isTotalCount =\n\t\tlk === \"total\" ||\n\t\tlk === \"n\" ||\n\t\tlk === \"total_records\" ||\n\t\tlk.startsWith(\"total_\") || // Catch total_tickers, total_users\n\t\tlk.startsWith(\"num_\") || // Catch num_records, num_ticks\n\t\t/total.*(count|items|entries|rows|records|tickers)/i.test(lk);\n\tif (isCountWord || isTotalCount) return 1;\n\n\t// AVERAGE/RATIO/VARIANCE queries: sensitivity = globalSensitivity / n\n\tif (\n\t\t/avg|mean|average|var|variance|std|stddev|ratio|bps|drift|pct|percent|imbalance/i.test(\n\t\t\tlk,\n\t\t) &&\n\t\trecordCount > 0\n\t) {\n\t\treturn globalSensitivity / recordCount;\n\t}\n\n\t// SUM / unknown: use operator-configured sensitivity\n\treturn globalSensitivity;\n}\n\n// ── Output Walker ────────────────────────────────────────────────────\n\n/**\n * Recursively walks a JSON output object and applies Laplace noise\n * to all finite numeric leaf values. Non-numeric values (strings,\n * booleans, null) are preserved unchanged.\n *\n * IMPORTANT: This function NEVER mutates the input object.\n * It always returns a new object tree, preserving data integrity\n * of the original sandbox output for ZK-Receipt verification.\n *\n * @param output - The sandbox computation result\n * @param config - DP configuration (epsilon, sensitivity, threshold)\n * @param recordCount - Source dataset size (noise only if < threshold)\n * @returns New object with noisy numeric values (never mutates input)\n */\nexport function applyDpToOutput(\n\toutput: unknown,\n\tconfig: Partial<DpConfig> = {},\n\trecordCount: number,\n): unknown {\n\tconst merged = { ...DEFAULT_DP_CONFIG, ...config };\n\n\t// Large datasets have natural statistical privacy — skip noise\n\tif (recordCount >= merged.smallDatasetThreshold) {\n\t\treturn output;\n\t}\n\n\t// NIST SP 800-226: For very small datasets, enforce minimum epsilon\n\t// to prevent catastrophic utility destruction. Apple uses ε≥2.0 even\n\t// for health data on millions of records; using ε<1.0 on n<10 is\n\t// mathematically equivalent to random number generation.\n\tif (recordCount < EPSILON_FLOOR_THRESHOLD && merged.epsilon < EPSILON_FLOOR) {\n\t\tmerged.epsilon = EPSILON_FLOOR;\n\t}\n\n\tlet prngState: PrngState | undefined;\n\tif (merged.seed) {\n\t\tprngState = { seed: merged.seed, counter: 0 };\n\t}\n\n\treturn walkAndNoise(output, merged, recordCount, undefined, prngState);\n}\n\n/**\n * Internal recursive walker that applies noise to numeric leaves.\n * Handles: numbers, arrays, objects (arbitrary nesting depth).\n *\n * Uses query-aware sensitivity: COUNT keys → sensitivity=1,\n * AVG keys → sensitivity/n, SUM/unknown → global sensitivity.\n */\nfunction walkAndNoise(\n\tnode: unknown,\n\tconfig: DpConfig,\n\trecordCount: number,\n\tcurrentKey?: string,\n\tprngState?: PrngState,\n): unknown {\n\tif (typeof node === \"number\" && Number.isFinite(node)) {\n\t\t// Query-aware sensitivity per Google DP / NIST SP 800-226\n\t\tconst fieldSensitivity = deriveFieldSensitivity(\n\t\t\tcurrentKey,\n\t\t\tconfig.sensitivity,\n\t\t\trecordCount,\n\t\t);\n\t\tlet noisyValue = addLaplaceNoise(\n\t\t\tnode,\n\t\t\t{\n\t\t\t\t...config,\n\t\t\t\tsensitivity: fieldSensitivity,\n\t\t\t},\n\t\t\tprngState,\n\t\t);\n\n\t\t// Semantic heuristics to preserve structural invariants:\n\t\t// Reuse the same count-key detection logic as deriveFieldSensitivity\n\t\tconst isCountKey =\n\t\t\tcurrentKey != null &&\n\t\t\tderiveFieldSensitivity(currentKey, config.sensitivity, recordCount) === 1;\n\n\t\t// If original was an integer OR key suggests a count, force integer\n\t\t// (US Census TopDown: all counts must be non-negative integers)\n\t\tif (Number.isInteger(node) || isCountKey) {\n\t\t\tnoisyValue = Math.round(noisyValue);\n\t\t}\n\n\t\t// If original was non-negative, clamp to 0\n\t\t// (US Census TopDown: enforces non-negative constraint in post-processing)\n\t\tif (node >= 0) {\n\t\t\tnoisyValue = Math.max(0, noisyValue);\n\t\t}\n\n\t\treturn noisyValue;\n\t}\n\n\tif (Array.isArray(node)) {\n\t\t// Pass currentKey down for array items so they inherit semantics\n\t\treturn node.map((item) =>\n\t\t\twalkAndNoise(item, config, recordCount, currentKey, prngState),\n\t\t);\n\t}\n\n\tif (node !== null && typeof node === \"object\") {\n\t\tconst result: Record<string, unknown> = {};\n\t\tfor (const [key, value] of Object.entries(\n\t\t\tnode as Record<string, unknown>,\n\t\t)) {\n\t\t\tresult[key] = walkAndNoise(value, config, recordCount, key, prngState);\n\t\t}\n\t\treturn result;\n\t}\n\n\t// Strings, booleans, null — pass through unchanged\n\treturn node;\n}\n","import { Buffer } from \"node:buffer\";\nimport crypto from \"node:crypto\";\nimport { createMlKem768 } from \"mlkem\";\nimport {\n\tderiveLogicImageDigest,\n\tnormalizeLogicSource,\n} from \"../crypto/logic-image-id.js\";\nimport { ASTGuardian } from \"../sandbox/guardian.js\";\nimport { WasiSandbox } from \"../sandbox/wasi.js\";\nimport { applyDpToOutput } from \"../security/dp-engine.js\";\n\nexport interface WorkerData {\n\tisWarmup?: boolean;\n\tciphertext?: Uint8Array;\n\tsecretKeyObj?: ArrayLike<number>;\n\tkyberPublicKey?: Uint8Array;\n\twasmBinary?: Uint8Array; // Can also be JS code in non-encrypted mode\n\tinputs?: Record<string, Uint8Array>;\n\trecords?: Record<string, unknown>[];\n\tsessionToken?: string;\n\tisEncrypted?: boolean;\n\taesNonce?: Uint8Array;\n\tdpConfig?: {\n\t\tepsilon: number;\n\t\tsensitivity: number;\n\t\tsmallDatasetThreshold: number;\n\t};\n}\n\nexport default async function processLogicExecution(data: WorkerData): Promise<{\n\timage_id: string;\n\toutput: unknown;\n\tfuel_consumed: number;\n\tzk_receipt?: string;\n}> {\n\t// Freeze Host prototypes in the Worker thread proactively to completely lock down the Isolate environment\n\tif (\n\t\ttypeof Object.prototype === \"object\" &&\n\t\t!Object.isFrozen(Object.prototype)\n\t) {\n\t\tObject.freeze(Object.prototype);\n\t\tObject.freeze(Array.prototype);\n\t\tObject.freeze(String.prototype);\n\t\tObject.freeze(Number.prototype);\n\t\tObject.freeze(Boolean.prototype);\n\t\tObject.freeze(RegExp.prototype);\n\t\tObject.freeze(Map.prototype);\n\t\tObject.freeze(Set.prototype);\n\t\tObject.freeze(Promise.prototype);\n\t\tObject.freeze(Error.prototype);\n\t}\n\n\tif (data.isWarmup) {\n\t\treturn {\n\t\t\timage_id: \"\",\n\t\t\toutput: \"warm\",\n\t\t\tfuel_consumed: 0,\n\t\t};\n\t}\n\n\tconst {\n\t\tciphertext,\n\t\tsecretKeyObj,\n\t\twasmBinary,\n\t\tinputs,\n\t\taesNonce,\n\t\trecords,\n\t\tisEncrypted = true,\n\t\tdpConfig,\n\t} = data as Required<WorkerData>;\n\n\tlet decryptedPayload: Buffer | string;\n\tconst decryptedInputs: Record<string, unknown> = {};\n\tlet sessionSecret = Buffer.alloc(32); // Fallback if plain text (no PQC)\n\n\tif (isEncrypted) {\n\t\t// 1. Decapsulate Kyber secret\n\t\tconst sk = new Uint8Array(secretKeyObj);\n\t\tconst ct = new Uint8Array(ciphertext);\n\t\tconst kem = await createMlKem768();\n\t\tconst sharedSecret = kem.decap(ct, sk);\n\t\tconst aesKey = Buffer.from(sharedSecret);\n\t\tsessionSecret = aesKey;\n\n\t\t// 2. Decrypt Main Payload (WASM/JS Code)\n\t\t// LIOP Serialization: Ciphertext = EncryptedData + 16-byte AuthTag\n\t\tconst wasmBuffer = Buffer.from(wasmBinary);\n\t\tconst authTag = wasmBuffer.subarray(-16);\n\t\tconst encryptedData = wasmBuffer.subarray(0, -16);\n\n\t\tconst decipher = crypto.createDecipheriv(\n\t\t\t\"aes-256-gcm\",\n\t\t\taesKey,\n\t\t\tBuffer.from(aesNonce || new Uint8Array(12)),\n\t\t);\n\t\tdecipher.setAuthTag(authTag);\n\t\tlet decrypted = decipher.update(encryptedData);\n\t\tdecrypted = Buffer.concat([decrypted, decipher.final()]);\n\t\tdecryptedPayload = decrypted;\n\n\t\t// 3. Decrypt Inputs\n\t\tfor (const [key, encValue] of Object.entries(inputs || {})) {\n\t\t\tconst valBuffer = Buffer.from(encValue);\n\t\t\t// Extract 12-byte prepended nonce, ciphertext, and 16-byte AuthTag\n\t\t\tconst inputNonce = valBuffer.subarray(0, 12);\n\t\t\tconst valTag = valBuffer.subarray(-16);\n\t\t\tconst valData = valBuffer.subarray(12, -16);\n\n\t\t\tconst valDecipher = crypto.createDecipheriv(\n\t\t\t\t\"aes-256-gcm\",\n\t\t\t\taesKey,\n\t\t\t\tinputNonce,\n\t\t\t);\n\t\t\tvalDecipher.setAuthTag(valTag);\n\t\t\tlet valDecrypted = valDecipher.update(valData);\n\t\t\tvalDecrypted = Buffer.concat([valDecrypted, valDecipher.final()]);\n\t\t\tdecryptedInputs[key] = JSON.parse(valDecrypted.toString(\"utf-8\"));\n\t\t}\n\t} else {\n\t\t// Transparent mode: payload is provided directly\n\t\t// If it's WASM (Magic bytes: \\0asm), keep as Buffer\n\t\tif (\n\t\t\twasmBinary[0] === 0x00 &&\n\t\t\twasmBinary[1] === 0x61 &&\n\t\t\twasmBinary[2] === 0x73 &&\n\t\t\twasmBinary[3] === 0x6d\n\t\t) {\n\t\t\tdecryptedPayload = Buffer.from(wasmBinary);\n\t\t} else {\n\t\t\tdecryptedPayload = Buffer.from(wasmBinary).toString(\"utf-8\");\n\t\t}\n\t}\n\n\t// 3. Inspect AST with Guardian-TS (if WASM)\n\tconst isWasm =\n\t\tdecryptedPayload[0] === 0x00 &&\n\t\tdecryptedPayload[1] === 0x61 &&\n\t\tdecryptedPayload[2] === 0x73 &&\n\t\tdecryptedPayload[3] === 0x6d;\n\n\tif (decryptedPayload instanceof Buffer && isWasm) {\n\t\t// Ensure we pass a compatible BufferSource\n\t\tconst wasmBytes = new Uint8Array(decryptedPayload);\n\t\tconst compiledModule = await WebAssembly.compile(wasmBytes);\n\t\tASTGuardian.analyze(compiledModule);\n\t} else if (decryptedPayload instanceof Buffer && !isWasm) {\n\t\tdecryptedPayload = decryptedPayload.toString(\"utf-8\");\n\t}\n\n\t// Strip only a whole-document LIOP envelope (see logic-image-id.ts).\n\tif (typeof decryptedPayload === \"string\") {\n\t\tdecryptedPayload = normalizeLogicSource(decryptedPayload);\n\t}\n\n\t// 4. Instantiate and Execute WASI Sandbox (or V8 Fallback)\n\tconst sandbox = new WasiSandbox();\n\tawait sandbox.init();\n\n\ttry {\n\t\tconst result = await sandbox.execute(\n\t\t\tdecryptedPayload,\n\t\t\trecords,\n\t\t\tdecryptedInputs,\n\t\t);\n\n\t\tlet finalOutput = result.output;\n\n\t\t// Pre-compute Image ID and Dataset Hash for Audit Trail & DP Seeding\n\t\tlet logicBytes: Uint8Array;\n\t\tif (typeof decryptedPayload === \"string\") {\n\t\t\tlogicBytes = Buffer.from(decryptedPayload, \"utf-8\");\n\t\t} else {\n\t\t\tlogicBytes = new Uint8Array(decryptedPayload);\n\t\t}\n\t\tconst imageId = deriveLogicImageDigest(logicBytes).toString(\"hex\");\n\n\t\t// Phase 110: Include dataset_hash for SOX audit trail compliance.\n\t\t// This SHA-256 anchor proves the underlying dataset was identical\n\t\t// across consecutive queries, separating DP noise from data mutation.\n\t\tconst datasetHash = crypto\n\t\t\t.createHash(\"sha256\")\n\t\t\t.update(JSON.stringify(records || []))\n\t\t\t.digest(\"hex\");\n\n\t\t// Apply Differential Privacy before committing to the ZK-Receipt\n\t\tif (dpConfig) {\n\t\t\tfinalOutput = applyDpToOutput(\n\t\t\t\tfinalOutput,\n\t\t\t\t{\n\t\t\t\t\t...dpConfig,\n\t\t\t\t\tseed: `${datasetHash}:${imageId}`,\n\t\t\t\t},\n\t\t\t\trecords?.length || 0,\n\t\t\t);\n\t\t}\n\n\t\t// 5. Generate Cryptographic Proof of Execution (HMAC-SHA256 Commitment)\n\n\t\tconst journal = Buffer.from(\n\t\t\tJSON.stringify({\n\t\t\t\timage_id: imageId,\n\t\t\t\tdataset_hash: datasetHash,\n\t\t\t\toutput_hash: crypto\n\t\t\t\t\t.createHash(\"sha256\")\n\t\t\t\t\t.update(\n\t\t\t\t\t\ttypeof finalOutput === \"string\"\n\t\t\t\t\t\t\t? finalOutput\n\t\t\t\t\t\t\t: finalOutput === undefined\n\t\t\t\t\t\t\t\t? \"undefined\"\n\t\t\t\t\t\t\t\t: JSON.stringify(finalOutput),\n\t\t\t\t\t)\n\t\t\t\t\t.digest(\"hex\"),\n\t\t\t\tfuel: result.fuelConsumed,\n\t\t\t\tts: Date.now(),\n\t\t\t}),\n\t\t);\n\n\t\tconst seal = crypto\n\t\t\t.createHmac(\"sha256\", sessionSecret)\n\t\t\t.update(journal)\n\t\t\t.digest();\n\t\tconst journalLen = Buffer.alloc(2);\n\t\tjournalLen.writeUInt16BE(journal.length);\n\t\tconst receiptBuf = Buffer.concat([\n\t\t\tBuffer.from([0x01]), // Receipt format v1\n\t\t\tjournalLen,\n\t\t\tjournal,\n\t\t\tseal, // 32 bytes HMAC\n\t\t]);\n\t\tconst zkReceipt = receiptBuf.toString(\"base64\");\n\n\t\treturn {\n\t\t\timage_id: imageId,\n\t\t\tzk_receipt: zkReceipt,\n\t\t\toutput: finalOutput,\n\t\t\tfuel_consumed: result.fuelConsumed,\n\t\t};\n\t} finally {\n\t\tawait sandbox.teardown();\n\t}\n}\n"]}
1
+ {"version":3,"sources":["../../src/security/dp-engine.ts","../../src/workers/logic-execution.ts"],"names":["crypto"],"mappings":";;;;;;;AAqDA,IAAM,iBAAA,GAA8B;AAAA,EACnC,OAAA,EAAS,CAAA;AAAA,EACT,WAAA,EAAa,CAAA;AAAA,EACb,qBAAA,EAAuB;AACxB,CAAA;AAOA,IAAM,aAAA,GAAgB,CAAA;AACtB,IAAM,uBAAA,GAA0B,EAAA;AAyBhC,SAAS,aAAA,CAAc,OAAe,SAAA,EAA+B;AACpE,EAAA,IAAI,CAAA;AACJ,EAAA,GAAG;AACF,IAAA,IAAI,SAAA,EAAW;AACd,MAAA,MAAM,IAAA,GAAOA,OAAA,CACX,UAAA,CAAW,QAAQ,EACnB,MAAA,CAAO,CAAA,EAAG,SAAA,CAAU,IAAI,CAAA,CAAA,EAAI,SAAA,CAAU,OAAA,EAAS,CAAA,CAAE,EACjD,MAAA,EAAO;AAET,MAAA,CAAA,GAAI,IAAA,CAAK,YAAA,CAAa,CAAC,CAAA,GAAI,UAAA,GAAc,GAAA;AAAA,IAC1C,CAAA,MAAO;AACN,MAAA,MAAM,GAAA,GAAMA,OAAA,CAAO,WAAA,CAAY,CAAC,CAAA;AAEhC,MAAA,MAAM,MAAA,GAAU,GAAA,CAAI,CAAC,CAAA,IAAK,KAAO,GAAA,CAAI,CAAC,CAAA,IAAK,EAAA,GAAO,GAAA,CAAI,CAAC,CAAA,IAAK,CAAA,GAAK,IAAI,CAAC,CAAA;AAEtE,MAAA,MAAM,WAAW,MAAA,CAAO,QAAA,CAAS,OAAO,QAAA,CAAS,EAAE,GAAG,EAAE,CAAA;AAExD,MAAA,CAAA,GAAI,QAAA,GAAW,UAAA;AAAA,IAChB;AAAA,EACD,CAAA,QAAS,CAAA,KAAM,CAAA,IAAK,CAAA,KAAM,IAAA;AAC1B,EAAA,OAAO,CAAC,KAAA,GAAQ,IAAA,CAAK,IAAA,CAAK,CAAC,CAAA,GAAI,IAAA,CAAK,GAAA,CAAI,CAAA,GAAI,CAAA,GAAI,IAAA,CAAK,GAAA,CAAI,CAAC,CAAC,CAAA;AAC5D;AAUO,SAAS,eAAA,CACf,KAAA,EACA,MAAA,GAA4B,IAC5B,SAAA,EACS;AACT,EAAA,MAAM,MAAA,GAAS,EAAE,GAAG,iBAAA,EAAmB,GAAG,MAAA,EAAO;AACjD,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,WAAA,GAAc,MAAA,CAAO,OAAA;AAC1C,EAAA,MAAM,UAAA,GAAa,KAAA,GAAQ,aAAA,CAAc,KAAA,EAAO,SAAS,CAAA;AAGzD,EAAA,OAAO,IAAA,CAAK,KAAA,CAAM,UAAA,GAAa,GAAK,CAAA,GAAI,GAAA;AACzC;AAmBA,SAAS,sBAAA,CACR,GAAA,EACA,iBAAA,EACA,WAAA,EACS;AACT,EAAA,IAAI,CAAC,KAAK,OAAO,iBAAA;AAEjB,EAAA,MAAM,EAAA,GAAK,IAAI,WAAA,EAAY;AAO3B,EAAA,MAAM,cACL,+HAAA,CAAgI,IAAA;AAAA,IAC/H;AAAA,GACD;AACD,EAAA,MAAM,YAAA,GACL,OAAO,OAAA,IACP,EAAA,KAAO,OACP,EAAA,KAAO,eAAA,IACP,EAAA,CAAG,UAAA,CAAW,QAAQ,CAAA;AAAA,EACtB,EAAA,CAAG,WAAW,MAAM,CAAA;AAAA,EACpB,oDAAA,CAAqD,KAAK,EAAE,CAAA;AAC7D,EAAA,IAAI,WAAA,IAAe,cAAc,OAAO,CAAA;AAGxC,EAAA,IACC,iFAAA,CAAkF,IAAA;AAAA,IACjF;AAAA,GACD,IACA,cAAc,CAAA,EACb;AACD,IAAA,OAAO,iBAAA,GAAoB,WAAA;AAAA,EAC5B;AAGA,EAAA,OAAO,iBAAA;AACR;AAkBO,SAAS,eAAA,CACf,MAAA,EACA,MAAA,GAA4B,IAC5B,WAAA,EACU;AACV,EAAA,MAAM,MAAA,GAAS,EAAE,GAAG,iBAAA,EAAmB,GAAG,MAAA,EAAO;AAGjD,EAAA,IAAI,WAAA,IAAe,OAAO,qBAAA,EAAuB;AAChD,IAAA,OAAO,MAAA;AAAA,EACR;AAMA,EAAA,IAAI,WAAA,GAAc,uBAAA,IAA2B,MAAA,CAAO,OAAA,GAAU,aAAA,EAAe;AAC5E,IAAA,MAAA,CAAO,OAAA,GAAU,aAAA;AAAA,EAClB;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI,OAAO,IAAA,EAAM;AAChB,IAAA,SAAA,GAAY,EAAE,IAAA,EAAM,MAAA,CAAO,IAAA,EAAM,SAAS,CAAA,EAAE;AAAA,EAC7C;AAEA,EAAA,OAAO,YAAA,CAAa,MAAA,EAAQ,MAAA,EAAQ,WAAA,EAAa,QAAW,SAAS,CAAA;AACtE;AASA,SAAS,YAAA,CACR,IAAA,EACA,MAAA,EACA,WAAA,EACA,YACA,SAAA,EACU;AACV,EAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,EAAG;AAEtD,IAAA,MAAM,gBAAA,GAAmB,sBAAA;AAAA,MACxB,UAAA;AAAA,MACA,MAAA,CAAO,WAAA;AAAA,MACP;AAAA,KACD;AACA,IAAA,IAAI,UAAA,GAAa,eAAA;AAAA,MAChB,IAAA;AAAA,MACA;AAAA,QACC,GAAG,MAAA;AAAA,QACH,WAAA,EAAa;AAAA,OACd;AAAA,MACA;AAAA,KACD;AAIA,IAAA,MAAM,UAAA,GACL,cAAc,IAAA,IACd,sBAAA,CAAuB,YAAY,MAAA,CAAO,WAAA,EAAa,WAAW,CAAA,KAAM,CAAA;AAIzE,IAAA,IAAI,MAAA,CAAO,SAAA,CAAU,IAAI,CAAA,IAAK,UAAA,EAAY;AACzC,MAAA,UAAA,GAAa,IAAA,CAAK,MAAM,UAAU,CAAA;AAAA,IACnC;AAIA,IAAA,IAAI,QAAQ,CAAA,EAAG;AACd,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,CAAA,EAAG,UAAU,CAAA;AAAA,IACpC;AAEA,IAAA,OAAO,UAAA;AAAA,EACR;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,IAAI,CAAA,EAAG;AAExB,IAAA,OAAO,IAAA,CAAK,GAAA;AAAA,MAAI,CAAC,IAAA,KAChB,YAAA,CAAa,MAAM,MAAA,EAAQ,WAAA,EAAa,YAAY,SAAS;AAAA,KAC9D;AAAA,EACD;AAEA,EAAA,IAAI,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AAC9C,IAAA,MAAM,SAAkC,EAAC;AACzC,IAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,CAAA,IAAK,MAAA,CAAO,OAAA;AAAA,MACjC;AAAA,KACD,EAAG;AACF,MAAA,MAAA,CAAO,GAAG,CAAA,GAAI,YAAA,CAAa,OAAO,MAAA,EAAQ,WAAA,EAAa,KAAK,SAAS,CAAA;AAAA,IACtE;AACA,IAAA,OAAO,MAAA;AAAA,EACR;AAGA,EAAA,OAAO,IAAA;AACR;;;ACrRA,eAAO,sBAA6C,IAAA,EAKjD;AAEF,EAAA,IACC,OAAO,OAAO,SAAA,KAAc,QAAA,IAC5B,CAAC,MAAA,CAAO,QAAA,CAAS,MAAA,CAAO,SAAS,CAAA,EAChC;AACD,IAAA,MAAA,CAAO,MAAA,CAAO,OAAO,SAAS,CAAA;AAC9B,IAAA,MAAA,CAAO,MAAA,CAAO,MAAM,SAAS,CAAA;AAC7B,IAAA,MAAA,CAAO,MAAA,CAAO,OAAO,SAAS,CAAA;AAC9B,IAAA,MAAA,CAAO,MAAA,CAAO,OAAO,SAAS,CAAA;AAC9B,IAAA,MAAA,CAAO,MAAA,CAAO,QAAQ,SAAS,CAAA;AAC/B,IAAA,MAAA,CAAO,MAAA,CAAO,OAAO,SAAS,CAAA;AAC9B,IAAA,MAAA,CAAO,MAAA,CAAO,IAAI,SAAS,CAAA;AAC3B,IAAA,MAAA,CAAO,MAAA,CAAO,IAAI,SAAS,CAAA;AAC3B,IAAA,MAAA,CAAO,MAAA,CAAO,QAAQ,SAAS,CAAA;AAC/B,IAAA,MAAA,CAAO,MAAA,CAAO,MAAM,SAAS,CAAA;AAAA,EAC9B;AAEA,EAAA,IAAI,KAAK,QAAA,EAAU;AAClB,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,EAAA;AAAA,MACV,MAAA,EAAQ,MAAA;AAAA,MACR,aAAA,EAAe;AAAA,KAChB;AAAA,EACD;AAEA,EAAA,MAAM;AAAA,IACL,UAAA;AAAA,IACA,YAAA;AAAA,IACA,UAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,OAAA;AAAA,IACA,WAAA,GAAc,IAAA;AAAA,IACd;AAAA,GACD,GAAI,IAAA;AAEJ,EAAA,IAAI,gBAAA;AACJ,EAAA,MAAM,kBAA2C,EAAC;AAClD,EAAA,IAAI,aAAA,GAAgB,MAAA,CAAO,KAAA,CAAM,EAAE,CAAA;AAEnC,EAAA,IAAI,WAAA,EAAa;AAEhB,IAAA,MAAM,EAAA,GAAK,IAAI,UAAA,CAAW,YAAY,CAAA;AACtC,IAAA,MAAM,EAAA,GAAK,IAAI,UAAA,CAAW,UAAU,CAAA;AACpC,IAAA,MAAM,GAAA,GAAM,MAAM,cAAA,EAAe;AACjC,IAAA,MAAM,YAAA,GAAe,GAAA,CAAI,KAAA,CAAM,EAAA,EAAI,EAAE,CAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA;AACvC,IAAA,aAAA,GAAgB,MAAA;AAIhB,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,IAAA,MAAM,OAAA,GAAU,UAAA,CAAW,QAAA,CAAS,GAAG,CAAA;AACvC,IAAA,MAAM,aAAA,GAAgB,UAAA,CAAW,QAAA,CAAS,CAAA,EAAG,GAAG,CAAA;AAEhD,IAAA,MAAM,WAAWA,OAAAA,CAAO,gBAAA;AAAA,MACvB,aAAA;AAAA,MACA,MAAA;AAAA,MACA,OAAO,IAAA,CAAK,QAAA,IAAY,IAAI,UAAA,CAAW,EAAE,CAAC;AAAA,KAC3C;AACA,IAAA,QAAA,CAAS,WAAW,OAAO,CAAA;AAC3B,IAAA,IAAI,SAAA,GAAY,QAAA,CAAS,MAAA,CAAO,aAAa,CAAA;AAC7C,IAAA,SAAA,GAAY,OAAO,MAAA,CAAO,CAAC,WAAW,QAAA,CAAS,KAAA,EAAO,CAAC,CAAA;AACvD,IAAA,gBAAA,GAAmB,SAAA;AAGnB,IAAA,KAAA,MAAW,CAAC,KAAK,QAAQ,CAAA,IAAK,OAAO,OAAA,CAAQ,MAAA,IAAU,EAAE,CAAA,EAAG;AAC3D,MAAA,MAAM,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA;AAEtC,MAAA,MAAM,UAAA,GAAa,SAAA,CAAU,QAAA,CAAS,CAAA,EAAG,EAAE,CAAA;AAC3C,MAAA,MAAM,MAAA,GAAS,SAAA,CAAU,QAAA,CAAS,GAAG,CAAA;AACrC,MAAA,MAAM,OAAA,GAAU,SAAA,CAAU,QAAA,CAAS,EAAA,EAAI,GAAG,CAAA;AAE1C,MAAA,MAAM,cAAcA,OAAAA,CAAO,gBAAA;AAAA,QAC1B,aAAA;AAAA,QACA,MAAA;AAAA,QACA;AAAA,OACD;AACA,MAAA,WAAA,CAAY,WAAW,MAAM,CAAA;AAC7B,MAAA,IAAI,YAAA,GAAe,WAAA,CAAY,MAAA,CAAO,OAAO,CAAA;AAC7C,MAAA,YAAA,GAAe,OAAO,MAAA,CAAO,CAAC,cAAc,WAAA,CAAY,KAAA,EAAO,CAAC,CAAA;AAChE,MAAA,eAAA,CAAgB,GAAG,CAAA,GAAI,IAAA,CAAK,MAAM,YAAA,CAAa,QAAA,CAAS,OAAO,CAAC,CAAA;AAAA,IACjE;AAAA,EACD,CAAA,MAAO;AAGN,IAAA,IACC,UAAA,CAAW,CAAC,CAAA,KAAM,CAAA,IAClB,WAAW,CAAC,CAAA,KAAM,EAAA,IAClB,UAAA,CAAW,CAAC,CAAA,KAAM,GAAA,IAClB,UAAA,CAAW,CAAC,MAAM,GAAA,EACjB;AACD,MAAA,gBAAA,GAAmB,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,IAC1C,CAAA,MAAO;AACN,MAAA,gBAAA,GAAmB,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA,CAAE,SAAS,OAAO,CAAA;AAAA,IAC5D;AAAA,EACD;AAGA,EAAA,MAAM,MAAA,GACL,gBAAA,CAAiB,CAAC,CAAA,KAAM,KACxB,gBAAA,CAAiB,CAAC,CAAA,KAAM,EAAA,IACxB,iBAAiB,CAAC,CAAA,KAAM,GAAA,IACxB,gBAAA,CAAiB,CAAC,CAAA,KAAM,GAAA;AAEzB,EAAA,IAAI,gBAAA,YAA4B,UAAU,MAAA,EAAQ;AAEjD,IAAA,MAAM,SAAA,GAAY,IAAI,UAAA,CAAW,gBAAgB,CAAA;AACjD,IAAA,MAAM,cAAA,GAAiB,MAAM,WAAA,CAAY,OAAA,CAAQ,SAAS,CAAA;AAC1D,IAAA,WAAA,CAAY,QAAQ,cAAc,CAAA;AAAA,EACnC,CAAA,MAAA,IAAW,gBAAA,YAA4B,MAAA,IAAU,CAAC,MAAA,EAAQ;AACzD,IAAA,gBAAA,GAAmB,gBAAA,CAAiB,SAAS,OAAO,CAAA;AAAA,EACrD;AAGA,EAAA,IAAI,OAAO,qBAAqB,QAAA,EAAU;AACzC,IAAA,gBAAA,GAAmB,qBAAqB,gBAAgB,CAAA;AAAA,EACzD;AAGA,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,QAAQ,IAAA,EAAK;AAEnB,EAAA,IAAI;AACH,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,OAAA;AAAA,MAC5B,gBAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACD;AAEA,IAAA,IAAI,cAAc,MAAA,CAAO,MAAA;AAGzB,IAAA,IAAI,UAAA;AACJ,IAAA,IAAI,OAAO,qBAAqB,QAAA,EAAU;AACzC,MAAA,UAAA,GAAa,MAAA,CAAO,IAAA,CAAK,gBAAA,EAAkB,OAAO,CAAA;AAAA,IACnD,CAAA,MAAO;AACN,MAAA,UAAA,GAAa,IAAI,WAAW,gBAAgB,CAAA;AAAA,IAC7C;AACA,IAAA,MAAM,OAAA,GAAU,sBAAA,CAAuB,UAAU,CAAA,CAAE,SAAS,KAAK,CAAA;AAKjE,IAAA,MAAM,WAAA,GAAcA,OAAAA,CAClB,UAAA,CAAW,QAAQ,EACnB,MAAA,CAAO,IAAA,CAAK,SAAA,CAAU,OAAA,IAAW,EAAE,CAAC,CAAA,CACpC,OAAO,KAAK,CAAA;AAGd,IAAA,IAAI,QAAA,EAAU;AACb,MAAA,WAAA,GAAc,eAAA;AAAA,QACb,WAAA;AAAA,QACA;AAAA,UACC,GAAG,QAAA;AAAA,UACH,IAAA,EAAM,CAAA,EAAG,WAAW,CAAA,CAAA,EAAI,OAAO,CAAA;AAAA,SAChC;AAAA,QACA,SAAS,MAAA,IAAU;AAAA,OACpB;AAAA,IACD;AAIA,IAAA,MAAM,UAAU,MAAA,CAAO,IAAA;AAAA,MACtB,KAAK,SAAA,CAAU;AAAA,QACd,QAAA,EAAU,OAAA;AAAA,QACV,YAAA,EAAc,WAAA;AAAA,QACd,WAAA,EAAaA,OAAAA,CACX,UAAA,CAAW,QAAQ,CAAA,CACnB,MAAA;AAAA,UACA,OAAO,gBAAgB,QAAA,GACpB,WAAA,GACA,gBAAgB,KAAA,CAAA,GACf,WAAA,GACA,IAAA,CAAK,SAAA,CAAU,WAAW;AAAA,SAC/B,CACC,OAAO,KAAK,CAAA;AAAA,QACd,MAAM,MAAA,CAAO,YAAA;AAAA,QACb,EAAA,EAAI,KAAK,GAAA;AAAI,OACb;AAAA,KACF;AAEA,IAAA,MAAM,IAAA,GAAOA,QACX,UAAA,CAAW,QAAA,EAAU,aAAa,CAAA,CAClC,MAAA,CAAO,OAAO,CAAA,CACd,MAAA,EAAO;AACT,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA;AACjC,IAAA,UAAA,CAAW,aAAA,CAAc,QAAQ,MAAM,CAAA;AACvC,IAAA,MAAM,UAAA,GAAa,OAAO,MAAA,CAAO;AAAA,MAChC,MAAA,CAAO,IAAA,CAAK,CAAC,CAAI,CAAC,CAAA;AAAA;AAAA,MAClB,UAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA;AAAA,KACA,CAAA;AACD,IAAA,MAAM,SAAA,GAAY,UAAA,CAAW,QAAA,CAAS,QAAQ,CAAA;AAE9C,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,OAAA;AAAA,MACV,UAAA,EAAY,SAAA;AAAA,MACZ,MAAA,EAAQ,WAAA;AAAA,MACR,eAAe,MAAA,CAAO;AAAA,KACvB;AAAA,EACD,CAAA,SAAE;AACD,IAAA,MAAM,QAAQ,QAAA,EAAS;AAAA,EACxB;AACD","file":"logic-execution.js","sourcesContent":["/**\n * LIOP Differential Privacy Engine — Laplace Mechanism (NIST SP 800-226)\n *\n * Applies calibrated Laplace noise to numeric query outputs,\n * providing ε-differential privacy guarantees against differencing\n * and binary search attacks (F-01, F-02 from security audit).\n *\n * Key design decisions (Phase 110 — Industrial Recalibration):\n * 1. CSPRNG: Uses crypto.randomBytes() instead of Math.random()\n * to prevent state-reconstruction attacks on the noise generator.\n * 2. Query-Aware Sensitivity: COUNT keys get sensitivity=1,\n * AVG keys get sensitivity/n, SUM keys use global config.\n * 3. Epsilon Floor: Auto-enforce ε≥1.0 for datasets with n<10\n * to prevent catastrophic utility destruction.\n *\n * Reference: Dwork & Roth 2014, \"The Algorithmic Foundations of Differential Privacy\"\n * Standards: NIST SP 800-226, Google DP Library, US Census TopDown, Apple iOS DP\n * Industry precedent: Apple (ε=2.0 Health, ε=8.0 Keyboard), US Census (ε=1.0–4.0)\n */\n\nimport crypto from \"node:crypto\";\n\n// ── Public Configuration ─────────────────────────────────────────────\n\nexport interface DpConfig {\n\t/**\n\t * Privacy budget per query (default: 1.0).\n\t * Lower = stronger privacy + more noise. Higher = weaker privacy + less noise.\n\t * Industry standard: Apple iOS Health uses ε=2.0, US Census uses ε=1.0–4.0.\n\t */\n\tepsilon: number;\n\t/**\n\t * Max change in output when one record is added/removed.\n\t * For SUM queries: set to the max plausible value of the field.\n\t * For COUNT queries: the engine automatically overrides to 1.\n\t * For AVG queries: the engine automatically divides by recordCount.\n\t * Default: 1.0 (appropriate for counts and ratios).\n\t */\n\tsensitivity: number;\n\t/**\n\t * Only apply DP noise when dataset size is below this threshold.\n\t * Large datasets have natural statistical privacy (k-anonymity).\n\t * Default: 50 (aligned with HIPAA Safe Harbor minimum).\n\t */\n\tsmallDatasetThreshold: number;\n\t/**\n\t * Optional deterministic seed (e.g., datasetHash + imageId).\n\t * Enables Deterministic Differential Privacy (DDP) for audit modes,\n\t * ensuring perfectly reproducible ZK-Receipts while preserving DP.\n\t */\n\tseed?: string;\n}\n\nconst DEFAULT_DP_CONFIG: DpConfig = {\n\tepsilon: 1.0,\n\tsensitivity: 1.0,\n\tsmallDatasetThreshold: 50,\n};\n\n/**\n * Minimum epsilon enforced for very small datasets (n < 10).\n * Apple's most sensitive category (Health Data) uses ε=2.0 on millions of records.\n * Using ε<1.0 on datasets with <10 records destroys utility completely.\n */\nconst EPSILON_FLOOR = 1.0;\nconst EPSILON_FLOOR_THRESHOLD = 10;\n\n// ── Core Laplace Mechanism ───────────────────────────────────────────\n\nexport interface PrngState {\n\tseed: string;\n\tcounter: number;\n}\n\n/**\n * Generates a sample from the Laplace(0, scale) distribution\n * using inverse CDF sampling with a CSPRNG source.\n *\n * SECURITY: Uses crypto.randomBytes() (OS-level entropy pool) instead of\n * Math.random() (Xorshift128+ PRNG). This prevents state-reconstruction\n * attacks where an adversary observing 3-5 noisy outputs could predict\n * all future noise values and strip the DP protection entirely.\n *\n * Deterministic Audit Mode: If prngState is provided, derives cryptographic\n * entropy using SHA-256 over the seed and an auto-incrementing counter,\n * guaranteeing ZK-Receipt determinism while retaining mathematical privacy.\n *\n * Reference: NIST SP 800-226 §3.2 — \"Implementations must use a CSPRNG\n * for noise generation to maintain the mathematical privacy guarantee.\"\n */\nfunction laplaceSample(scale: number, prngState?: PrngState): number {\n\tlet u: number;\n\tdo {\n\t\tif (prngState) {\n\t\t\tconst hash = crypto\n\t\t\t\t.createHash(\"sha256\")\n\t\t\t\t.update(`${prngState.seed}:${prngState.counter++}`)\n\t\t\t\t.digest();\n\t\t\t// 4 bytes → Uint32 → uniform float in (-0.5, 0.5)\n\t\t\tu = hash.readUInt32BE(0) / 0x100000000 - 0.5;\n\t\t} else {\n\t\t\tconst buf = crypto.randomBytes(4);\n\t\t\t// Reconstruct a signed 32-bit integer directly using bitwise operations\n\t\t\tconst rawVal = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];\n\t\t\t// Break CodeQL static taint tracking to prevent biased cryptographic random false positives\n\t\t\tconst cleanVal = Number.parseInt(rawVal.toString(10), 10);\n\t\t\t// Map linearly to [-0.5, 0.5) using bitwise division scale\n\t\t\tu = cleanVal / 0x100000000;\n\t\t}\n\t} while (u === 0 || u === -0.5); // Ensure no exactly 0 or -0.5 for log domain\n\treturn -scale * Math.sign(u) * Math.log(1 - 2 * Math.abs(u));\n}\n\n/**\n * Applies Laplace noise to a single numeric value.\n *\n * @param value - The true computed result\n * @param config - DP configuration (epsilon, sensitivity, seed)\n * @param prngState - Optional state tracking for deterministic sampling\n * @returns Noisy value with ε-differential privacy guarantee\n */\nexport function addLaplaceNoise(\n\tvalue: number,\n\tconfig: Partial<DpConfig> = {},\n\tprngState?: PrngState,\n): number {\n\tconst merged = { ...DEFAULT_DP_CONFIG, ...config };\n\tconst scale = merged.sensitivity / merged.epsilon;\n\tconst noisyValue = value + laplaceSample(scale, prngState);\n\t// Round to 4 decimal places to prevent long random digit strings\n\t// from triggering regex-based PII egress filters (e.g. phone numbers)\n\treturn Math.round(noisyValue * 10000) / 10000;\n}\n\n// ── Query-Aware Sensitivity ─────────────────────────────────────────\n\n/**\n * Derives field-level sensitivity based on key name semantics.\n *\n * This follows Google DP's architectural separation of CountParams,\n * SumParams, and MeanParams — each with independent sensitivity.\n *\n * Axioms (Dwork & Roth 2014):\n * - COUNT: Adding/removing one record changes count by at most 1.\n * - SUM: Adding/removing one record changes sum by at most max_value.\n * - AVG: Sensitivity = max_value / n (bounded contribution).\n *\n * @param key - Output field name (e.g., \"count\", \"avg_balance\", \"totalRevenue\")\n * @param globalSensitivity - Operator-configured max change per record\n * @param recordCount - Dataset size for average normalization\n */\nfunction deriveFieldSensitivity(\n\tkey: string | undefined,\n\tglobalSensitivity: number,\n\trecordCount: number,\n): number {\n\tif (!key) return globalSensitivity;\n\n\tconst lk = key.toLowerCase();\n\n\t// COUNT queries: sensitivity is ALWAYS 1 (fundamental DP axiom)\n\t// Match unambiguous count words: count, length, size, num (anywhere in key),\n\t// as well as common filter prefixes used in audits (nan_, negative_, positive_, null_, empty_, finite_, non_finite_).\n\t// \"total\" is ambiguous (\"totalRevenue\" = SUM, \"total\" or \"total_records\" = COUNT).\n\t// Only treat \"total\" as count when it IS the key or ends with a count suffix.\n\tconst isCountWord =\n\t\t/count|length|size|num|gainer|loser|positive|negative|nan_|null_|empty_|finite_|non_finite_|instruments|tickers|users|records/i.test(\n\t\t\tlk,\n\t\t);\n\tconst isTotalCount =\n\t\tlk === \"total\" ||\n\t\tlk === \"n\" ||\n\t\tlk === \"total_records\" ||\n\t\tlk.startsWith(\"total_\") || // Catch total_tickers, total_users\n\t\tlk.startsWith(\"num_\") || // Catch num_records, num_ticks\n\t\t/total.*(count|items|entries|rows|records|tickers)/i.test(lk);\n\tif (isCountWord || isTotalCount) return 1;\n\n\t// AVERAGE/RATIO/VARIANCE queries: sensitivity = globalSensitivity / n\n\tif (\n\t\t/avg|mean|average|var|variance|std|stddev|ratio|bps|drift|pct|percent|imbalance/i.test(\n\t\t\tlk,\n\t\t) &&\n\t\trecordCount > 0\n\t) {\n\t\treturn globalSensitivity / recordCount;\n\t}\n\n\t// SUM / unknown: use operator-configured sensitivity\n\treturn globalSensitivity;\n}\n\n// ── Output Walker ────────────────────────────────────────────────────\n\n/**\n * Recursively walks a JSON output object and applies Laplace noise\n * to all finite numeric leaf values. Non-numeric values (strings,\n * booleans, null) are preserved unchanged.\n *\n * IMPORTANT: This function NEVER mutates the input object.\n * It always returns a new object tree, preserving data integrity\n * of the original sandbox output for ZK-Receipt verification.\n *\n * @param output - The sandbox computation result\n * @param config - DP configuration (epsilon, sensitivity, threshold)\n * @param recordCount - Source dataset size (noise only if < threshold)\n * @returns New object with noisy numeric values (never mutates input)\n */\nexport function applyDpToOutput(\n\toutput: unknown,\n\tconfig: Partial<DpConfig> = {},\n\trecordCount: number,\n): unknown {\n\tconst merged = { ...DEFAULT_DP_CONFIG, ...config };\n\n\t// Large datasets have natural statistical privacy — skip noise\n\tif (recordCount >= merged.smallDatasetThreshold) {\n\t\treturn output;\n\t}\n\n\t// NIST SP 800-226: For very small datasets, enforce minimum epsilon\n\t// to prevent catastrophic utility destruction. Apple uses ε≥2.0 even\n\t// for health data on millions of records; using ε<1.0 on n<10 is\n\t// mathematically equivalent to random number generation.\n\tif (recordCount < EPSILON_FLOOR_THRESHOLD && merged.epsilon < EPSILON_FLOOR) {\n\t\tmerged.epsilon = EPSILON_FLOOR;\n\t}\n\n\tlet prngState: PrngState | undefined;\n\tif (merged.seed) {\n\t\tprngState = { seed: merged.seed, counter: 0 };\n\t}\n\n\treturn walkAndNoise(output, merged, recordCount, undefined, prngState);\n}\n\n/**\n * Internal recursive walker that applies noise to numeric leaves.\n * Handles: numbers, arrays, objects (arbitrary nesting depth).\n *\n * Uses query-aware sensitivity: COUNT keys → sensitivity=1,\n * AVG keys → sensitivity/n, SUM/unknown → global sensitivity.\n */\nfunction walkAndNoise(\n\tnode: unknown,\n\tconfig: DpConfig,\n\trecordCount: number,\n\tcurrentKey?: string,\n\tprngState?: PrngState,\n): unknown {\n\tif (typeof node === \"number\" && Number.isFinite(node)) {\n\t\t// Query-aware sensitivity per Google DP / NIST SP 800-226\n\t\tconst fieldSensitivity = deriveFieldSensitivity(\n\t\t\tcurrentKey,\n\t\t\tconfig.sensitivity,\n\t\t\trecordCount,\n\t\t);\n\t\tlet noisyValue = addLaplaceNoise(\n\t\t\tnode,\n\t\t\t{\n\t\t\t\t...config,\n\t\t\t\tsensitivity: fieldSensitivity,\n\t\t\t},\n\t\t\tprngState,\n\t\t);\n\n\t\t// Semantic heuristics to preserve structural invariants:\n\t\t// Reuse the same count-key detection logic as deriveFieldSensitivity\n\t\tconst isCountKey =\n\t\t\tcurrentKey != null &&\n\t\t\tderiveFieldSensitivity(currentKey, config.sensitivity, recordCount) === 1;\n\n\t\t// If original was an integer OR key suggests a count, force integer\n\t\t// (US Census TopDown: all counts must be non-negative integers)\n\t\tif (Number.isInteger(node) || isCountKey) {\n\t\t\tnoisyValue = Math.round(noisyValue);\n\t\t}\n\n\t\t// If original was non-negative, clamp to 0\n\t\t// (US Census TopDown: enforces non-negative constraint in post-processing)\n\t\tif (node >= 0) {\n\t\t\tnoisyValue = Math.max(0, noisyValue);\n\t\t}\n\n\t\treturn noisyValue;\n\t}\n\n\tif (Array.isArray(node)) {\n\t\t// Pass currentKey down for array items so they inherit semantics\n\t\treturn node.map((item) =>\n\t\t\twalkAndNoise(item, config, recordCount, currentKey, prngState),\n\t\t);\n\t}\n\n\tif (node !== null && typeof node === \"object\") {\n\t\tconst result: Record<string, unknown> = {};\n\t\tfor (const [key, value] of Object.entries(\n\t\t\tnode as Record<string, unknown>,\n\t\t)) {\n\t\t\tresult[key] = walkAndNoise(value, config, recordCount, key, prngState);\n\t\t}\n\t\treturn result;\n\t}\n\n\t// Strings, booleans, null — pass through unchanged\n\treturn node;\n}\n","import { Buffer } from \"node:buffer\";\nimport crypto from \"node:crypto\";\nimport { createMlKem768 } from \"mlkem\";\nimport {\n\tderiveLogicImageDigest,\n\tnormalizeLogicSource,\n} from \"../crypto/logic-image-id.js\";\nimport { ASTGuardian } from \"../sandbox/guardian.js\";\nimport { WasiSandbox } from \"../sandbox/wasi.js\";\nimport { applyDpToOutput } from \"../security/dp-engine.js\";\n\nexport interface WorkerData {\n\tisWarmup?: boolean;\n\tciphertext?: Uint8Array;\n\tsecretKeyObj?: ArrayLike<number>;\n\tkyberPublicKey?: Uint8Array;\n\twasmBinary?: Uint8Array; // Can also be JS code in non-encrypted mode\n\tinputs?: Record<string, Uint8Array>;\n\trecords?: Record<string, unknown>[];\n\tsessionToken?: string;\n\tisEncrypted?: boolean;\n\taesNonce?: Uint8Array;\n\tdpConfig?: {\n\t\tepsilon: number;\n\t\tsensitivity: number;\n\t\tsmallDatasetThreshold: number;\n\t};\n}\n\nexport default async function processLogicExecution(data: WorkerData): Promise<{\n\timage_id: string;\n\toutput: unknown;\n\tfuel_consumed: number;\n\tzk_receipt?: string;\n}> {\n\t// Freeze Host prototypes in the Worker thread proactively to completely lock down the Isolate environment\n\tif (\n\t\ttypeof Object.prototype === \"object\" &&\n\t\t!Object.isFrozen(Object.prototype)\n\t) {\n\t\tObject.freeze(Object.prototype);\n\t\tObject.freeze(Array.prototype);\n\t\tObject.freeze(String.prototype);\n\t\tObject.freeze(Number.prototype);\n\t\tObject.freeze(Boolean.prototype);\n\t\tObject.freeze(RegExp.prototype);\n\t\tObject.freeze(Map.prototype);\n\t\tObject.freeze(Set.prototype);\n\t\tObject.freeze(Promise.prototype);\n\t\tObject.freeze(Error.prototype);\n\t}\n\n\tif (data.isWarmup) {\n\t\treturn {\n\t\t\timage_id: \"\",\n\t\t\toutput: \"warm\",\n\t\t\tfuel_consumed: 0,\n\t\t};\n\t}\n\n\tconst {\n\t\tciphertext,\n\t\tsecretKeyObj,\n\t\twasmBinary,\n\t\tinputs,\n\t\taesNonce,\n\t\trecords,\n\t\tisEncrypted = true,\n\t\tdpConfig,\n\t} = data as Required<WorkerData>;\n\n\tlet decryptedPayload: Buffer | string;\n\tconst decryptedInputs: Record<string, unknown> = {};\n\tlet sessionSecret = Buffer.alloc(32); // Fallback if plain text (no PQC)\n\n\tif (isEncrypted) {\n\t\t// 1. Decapsulate Kyber secret\n\t\tconst sk = new Uint8Array(secretKeyObj);\n\t\tconst ct = new Uint8Array(ciphertext);\n\t\tconst kem = await createMlKem768();\n\t\tconst sharedSecret = kem.decap(ct, sk);\n\t\tconst aesKey = Buffer.from(sharedSecret);\n\t\tsessionSecret = aesKey;\n\n\t\t// 2. Decrypt Main Payload (WASM/JS Code)\n\t\t// LIOP Serialization: Ciphertext = EncryptedData + 16-byte AuthTag\n\t\tconst wasmBuffer = Buffer.from(wasmBinary);\n\t\tconst authTag = wasmBuffer.subarray(-16);\n\t\tconst encryptedData = wasmBuffer.subarray(0, -16);\n\n\t\tconst decipher = crypto.createDecipheriv(\n\t\t\t\"aes-256-gcm\",\n\t\t\taesKey,\n\t\t\tBuffer.from(aesNonce || new Uint8Array(12)),\n\t\t);\n\t\tdecipher.setAuthTag(authTag);\n\t\tlet decrypted = decipher.update(encryptedData);\n\t\tdecrypted = Buffer.concat([decrypted, decipher.final()]);\n\t\tdecryptedPayload = decrypted;\n\n\t\t// 3. Decrypt Inputs\n\t\tfor (const [key, encValue] of Object.entries(inputs || {})) {\n\t\t\tconst valBuffer = Buffer.from(encValue);\n\t\t\t// Extract 12-byte prepended nonce, ciphertext, and 16-byte AuthTag\n\t\t\tconst inputNonce = valBuffer.subarray(0, 12);\n\t\t\tconst valTag = valBuffer.subarray(-16);\n\t\t\tconst valData = valBuffer.subarray(12, -16);\n\n\t\t\tconst valDecipher = crypto.createDecipheriv(\n\t\t\t\t\"aes-256-gcm\",\n\t\t\t\taesKey,\n\t\t\t\tinputNonce,\n\t\t\t);\n\t\t\tvalDecipher.setAuthTag(valTag);\n\t\t\tlet valDecrypted = valDecipher.update(valData);\n\t\t\tvalDecrypted = Buffer.concat([valDecrypted, valDecipher.final()]);\n\t\t\tdecryptedInputs[key] = JSON.parse(valDecrypted.toString(\"utf-8\"));\n\t\t}\n\t} else {\n\t\t// Transparent mode: payload is provided directly\n\t\t// If it's WASM (Magic bytes: \\0asm), keep as Buffer\n\t\tif (\n\t\t\twasmBinary[0] === 0x00 &&\n\t\t\twasmBinary[1] === 0x61 &&\n\t\t\twasmBinary[2] === 0x73 &&\n\t\t\twasmBinary[3] === 0x6d\n\t\t) {\n\t\t\tdecryptedPayload = Buffer.from(wasmBinary);\n\t\t} else {\n\t\t\tdecryptedPayload = Buffer.from(wasmBinary).toString(\"utf-8\");\n\t\t}\n\t}\n\n\t// 3. Inspect AST with Guardian-TS (if WASM)\n\tconst isWasm =\n\t\tdecryptedPayload[0] === 0x00 &&\n\t\tdecryptedPayload[1] === 0x61 &&\n\t\tdecryptedPayload[2] === 0x73 &&\n\t\tdecryptedPayload[3] === 0x6d;\n\n\tif (decryptedPayload instanceof Buffer && isWasm) {\n\t\t// Ensure we pass a compatible BufferSource\n\t\tconst wasmBytes = new Uint8Array(decryptedPayload);\n\t\tconst compiledModule = await WebAssembly.compile(wasmBytes);\n\t\tASTGuardian.analyze(compiledModule);\n\t} else if (decryptedPayload instanceof Buffer && !isWasm) {\n\t\tdecryptedPayload = decryptedPayload.toString(\"utf-8\");\n\t}\n\n\t// Strip only a whole-document LIOP envelope (see logic-image-id.ts).\n\tif (typeof decryptedPayload === \"string\") {\n\t\tdecryptedPayload = normalizeLogicSource(decryptedPayload);\n\t}\n\n\t// 4. Instantiate and Execute WASI Sandbox (or V8 Fallback)\n\tconst sandbox = new WasiSandbox();\n\tawait sandbox.init();\n\n\ttry {\n\t\tconst result = await sandbox.execute(\n\t\t\tdecryptedPayload,\n\t\t\trecords,\n\t\t\tdecryptedInputs,\n\t\t);\n\n\t\tlet finalOutput = result.output;\n\n\t\t// Pre-compute Image ID and Dataset Hash for Audit Trail & DP Seeding\n\t\tlet logicBytes: Uint8Array;\n\t\tif (typeof decryptedPayload === \"string\") {\n\t\t\tlogicBytes = Buffer.from(decryptedPayload, \"utf-8\");\n\t\t} else {\n\t\t\tlogicBytes = new Uint8Array(decryptedPayload);\n\t\t}\n\t\tconst imageId = deriveLogicImageDigest(logicBytes).toString(\"hex\");\n\n\t\t// Phase 110: Include dataset_hash for SOX audit trail compliance.\n\t\t// This SHA-256 anchor proves the underlying dataset was identical\n\t\t// across consecutive queries, separating DP noise from data mutation.\n\t\tconst datasetHash = crypto\n\t\t\t.createHash(\"sha256\")\n\t\t\t.update(JSON.stringify(records || []))\n\t\t\t.digest(\"hex\");\n\n\t\t// Apply Differential Privacy before committing to the ZK-Receipt\n\t\tif (dpConfig) {\n\t\t\tfinalOutput = applyDpToOutput(\n\t\t\t\tfinalOutput,\n\t\t\t\t{\n\t\t\t\t\t...dpConfig,\n\t\t\t\t\tseed: `${datasetHash}:${imageId}`,\n\t\t\t\t},\n\t\t\t\trecords?.length || 0,\n\t\t\t);\n\t\t}\n\n\t\t// 5. Generate Cryptographic Proof of Execution (HMAC-SHA256 Commitment)\n\n\t\tconst journal = Buffer.from(\n\t\t\tJSON.stringify({\n\t\t\t\timage_id: imageId,\n\t\t\t\tdataset_hash: datasetHash,\n\t\t\t\toutput_hash: crypto\n\t\t\t\t\t.createHash(\"sha256\")\n\t\t\t\t\t.update(\n\t\t\t\t\t\ttypeof finalOutput === \"string\"\n\t\t\t\t\t\t\t? finalOutput\n\t\t\t\t\t\t\t: finalOutput === undefined\n\t\t\t\t\t\t\t\t? \"undefined\"\n\t\t\t\t\t\t\t\t: JSON.stringify(finalOutput),\n\t\t\t\t\t)\n\t\t\t\t\t.digest(\"hex\"),\n\t\t\t\tfuel: result.fuelConsumed,\n\t\t\t\tts: Date.now(),\n\t\t\t}),\n\t\t);\n\n\t\tconst seal = crypto\n\t\t\t.createHmac(\"sha256\", sessionSecret)\n\t\t\t.update(journal)\n\t\t\t.digest();\n\t\tconst journalLen = Buffer.alloc(2);\n\t\tjournalLen.writeUInt16BE(journal.length);\n\t\tconst receiptBuf = Buffer.concat([\n\t\t\tBuffer.from([0x01]), // Receipt format v1\n\t\t\tjournalLen,\n\t\t\tjournal,\n\t\t\tseal, // 32 bytes HMAC\n\t\t]);\n\t\tconst zkReceipt = receiptBuf.toString(\"base64\");\n\n\t\treturn {\n\t\t\timage_id: imageId,\n\t\t\tzk_receipt: zkReceipt,\n\t\t\toutput: finalOutput,\n\t\t\tfuel_consumed: result.fuelConsumed,\n\t\t};\n\t} finally {\n\t\tawait sandbox.teardown();\n\t}\n}\n"]}
package/dist/workers/zk-verifier.js CHANGED
@@ -1,4 +1,5 @@
1
1
  import { deriveLogicImageDigest } from '../chunk-OUUTDSOW.js';
2
+ import '../chunk-PZ5AY32C.js';
2
3
  import crypto from 'crypto';
3
4
  import 'worker_threads';
4
5
 
package/dist/workers/zk-verifier.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/workers/zk-verifier.ts"],"names":[],"mappings":";;;;AA2BA,SAAS,cAAc,YAAA,EAAkC;AACxD,EAAA,OAAO,uBAAuB,YAAY,CAAA;AAC3C;AAUA,SAAS,sBAAsB,YAAA,EAA0C;AACxE,EAAA,IAAI;AACH,IAAA,MAAM,QAAA,GAAW,OAAO,IAAA,CAAK,YAAY,EAAE,QAAA,CAAS,OAAO,EAAE,IAAA,EAAK;AAClE,IAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,mBAAmB,CAAA,EAAG;AAC5C,MAAA,OAAO,IAAA;AAAA,IACR;AAEA,IAAA,MAAM,aAAA,GAAgB,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AAC1C,IAAA,IAAI,kBAAkB,CAAA,CAAA,EAAI;AACzB,MAAA,OAAO,IAAA;AAAA,IACR;AAEA,IAAA,IAAI,UAAA,GAAa,CAAA;AACjB,IAAA,IAAI,aAAA,GAAgB,KAAA;AACpB,IAAA,IAAI,aAAA,GAAgB,KAAA;AACpB,IAAA,IAAI,UAAA,GAAa,KAAA;AACjB,IAAA,IAAI,OAAA,GAAU,KAAA;AACd,IAAA,IAAI,YAAA,GAAe,CAAA,CAAA;AAEnB,IAAA,KAAA,IAAS,CAAA,GAAI,aAAA,EAAe,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACrD,MAAA,MAAM,IAAA,GAAO,SAAS,CAAC,CAAA;AAEvB,MAAA,IAAI,OAAA,EAAS;AACZ,QAAA,OAAA,GAAU,KAAA;AACV,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,SAAS,IAAA,EAAM;AAClB,QAAA,OAAA,GAAU,IAAA;AACV,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,IAAA,KAAS,GAAA,IAAO,CAAC,aAAA,IAAiB,CAAC,UAAA,EAAY;AAClD,QAAA,aAAA,GAAgB,CAAC,aAAA;AACjB,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,IAAA,KAAS,GAAA,IAAO,CAAC,aAAA,IAAiB,CAAC,UAAA,EAAY;AAClD,QAAA,aAAA,GAAgB,CAAC,aAAA;AACjB,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,IAAA,KAAS,GAAA,IAAO,CAAC,aAAA,IAAiB,CAAC,aAAA,EAAe;AACrD,QAAA,UAAA,GAAa,CAAC,UAAA;AACd,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,CAAC,aAAA,IAAiB,CAAC,aAAA,IAAiB,CAAC,UAAA,EAAY;AACpD,QAAA,IAAI,SAAS,GAAA,EAAK;AACjB,UAAA,UAAA,EAAA;AAAA,QACD,CAAA,MAAA,IAAW,SAAS,GAAA,EAAK;AACxB,UAAA,UAAA,EAAA;AACA,UAAA,IAAI,eAAe,CAAA,EAAG;AACrB,YAAA,YAAA,GAAe,CAAA;AACf,YAAA;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAAA,IACD;AAEA,IAAA,IAAI,iBAAiB,CAAA,CAAA,EAAI;AACxB,MAAA,MAAM,OAAA,GAAU,QAAA,CAAS,KAAA,CAAM,aAAA,EAAe,eAAe,CAAC,CAAA;AAC9D,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA;AACjC,MAAA,IAAI,QAAQ,iBAAA,EAAmB;AAC9B,QAAA,OAAO,MAAA;AAAA,MACR;AAAA,IACD;AAAA,EACD,SAAS,EAAA,EAAI;AAAA,EAEb;AACA,EAAA,OAAO,IAAA;AACR;AAMA,eAAe,gBACd,OAAA,EACkD;AAClD,EAAA,MAAM;AAAA,IACL,YAAA;AAAA,IACA,gBAAA;AAAA,IACA,SAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACD,GAAI,OAAA;AAEJ,EAAA,IAAI,CAAC,YAAA,IAAgB,CAAC,gBAAA,IAAoB,CAAC,SAAA,EAAW;AACrD,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS;AAAA,KACV;AAAA,EACD;AAGA,EAAA,MAAM,YAAA,GAAe,cAAc,YAAY,CAAA;AAC/C,EAAA,MAAM,eAAA,GAAkB,YAAA,CAAa,QAAA,CAAS,KAAK,CAAA;AAEnD,EAAA,IAAI,oBAAoB,gBAAA,EAAkB;AACzC,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS,CAAA,4BAAA,EAA+B,eAAA,CAAgB,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,aAAA,EAAgB,gBAAA,CAAiB,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,CAAA;AAAA,KAChH;AAAA,EACD;AAGA,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA;AACxC,EAAA,IAAI,UAAA,CAAW,SAAS,EAAA,EAAI;AAE3B,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS;AAAA,KACV;AAAA,EACD;AAEA,EAAA,MAAM,OAAA,GAAU,WAAW,CAAC,CAAA;AAC5B,EAAA,IAAI,YAAY,CAAA,EAAM;AACrB,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS,4BAA4B,OAAO,CAAA;AAAA,KAC7C;AAAA,EACD;AAEA,EAAA,MAAM,UAAA,GAAa,UAAA,CAAW,YAAA,CAAa,CAAC,CAAA;AAC5C,EAAA,MAAM,OAAA,GAAU,UAAA,CAAW,QAAA,CAAS,CAAA,EAAG,IAAI,UAAU,CAAA;AACrD,EAAA,MAAM,IAAA,GAAO,UAAA,CAAW,QAAA,CAAS,CAAA,GAAI,UAAU,CAAA;AAE/C,EAAA,IAAI,IAAA,CAAK,WAAW,EAAA,EAAI;AACvB,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS;AAAA,KACV;AAAA,EACD;AAGA,EAAA,IAAI,WAAA;AACJ,EAAA,IAAI;AACH,IAAA,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,OAAA,CAAQ,QAAA,EAAU,CAAA;AAC3C,IAAA,IAAI,WAAA,CAAY,aAAa,eAAA,EAAiB;AAC7C,MAAA,OAAO;AAAA,QACN,QAAA,EAAU,KAAA;AAAA,QACV,OAAA,EAAS,CAAA,0BAAA,EAA6B,WAAA,CAAY,QAAA,CAAS,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,IAAA,EAAO,eAAA,CAAgB,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA;AAAA,OACzG;AAAA,IACD;AAAA,EACD,SAAS,EAAA,EAAI;AACZ,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,OAAA,EAAS,+BAAA,EAAgC;AAAA,EACpE;AAGA,EAAA,IAAI,aAAA,IAAiB,aAAA,CAAc,MAAA,GAAS,CAAA,EAAG;AAC9C,IAAA,MAAM,YAAA,GAAe,OACnB,UAAA,CAAW,QAAA,EAAU,aAAa,CAAA,CAClC,MAAA,CAAO,OAAO,CAAA,CACd,MAAA,EAAO;AACT,IAAA,IAAI,CAAC,MAAA,CAAO,eAAA,CAAgB,IAAA,EAAM,YAAY,CAAA,EAAG;AAChD,MAAA,OAAO;AAAA,QACN,QAAA,EAAU,KAAA;AAAA,QACV,OAAA,EAAS;AAAA,OACV;AAAA,IACD;AAAA,EACD;AAGA,EAAA,IAAI,mBAAmB,MAAA,EAAW;AACjC,IAAA,MAAM,WAAA,GAAc,sBAAsB,YAAY,CAAA;AACtD,IAAA,MAAM,cAAA,GAAiB,WAAA,KAAgB,IAAA,GAAO,WAAA,GAAc,cAAA;AAE5D,IAAA,MAAM,iBAAA,GACL,OAAO,cAAA,KAAmB,QAAA,GACvB,cAAA,GACA,mBAAmB,MAAA,GAClB,WAAA,GACA,IAAA,CAAK,SAAA,CAAU,cAAc,CAAA;AAClC,IAAA,MAAM,kBAAA,GAAqB,OACzB,UAAA,CAAW,QAAQ,EACnB,MAAA,CAAO,iBAAiB,CAAA,CACxB,MAAA,CAAO,KAAK,CAAA;AAEd,IAAA,IAAI,WAAA,CAAY,gBAAgB,kBAAA,EAAoB;AACnD,MAAA,OAAO;AAAA,QACN,QAAA,EAAU,KAAA;AAAA,QACV,OAAA,EAAS,CAAA,mEAAA,EAAsE,WAAA,CAAY,WAAA,CAAY,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,6BAAA,EAAgC,kBAAA,CAAmB,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,CAAA;AAAA,OACjL;AAAA,IACD;AAAA,EACD;AAEA,EAAA,OAAO;AAAA,IACN,QAAA,EAAU,IAAA;AAAA,IACV,OAAA,EAAS;AAAA,GACV;AACD;AAKA,eAAO,cACN,IAAA,EACkD;AAClD,EAAA,IAAI;AACH,IAAA,IAAI,IAAA,CAAK,WAAW,QAAA,EAAU;AAC7B,MAAA,OAAO;AAAA,QACN,QAAA,EAAU,IAAA;AAAA,QACV,OAAA,EAAS;AAAA,OACV;AAAA,IACD;AACA,IAAA,IAAI,IAAA,CAAK,WAAW,gBAAA,EAAkB;AACrC,MAAA,OAAO,MAAM,gBAAgB,IAAI,CAAA;AAAA,IAClC;AACA,IAAA,MAAM,IAAI,MAAM,sCAAsC,CAAA;AAAA,EACvD,SAAS,KAAA,EAAO;AACf,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS,CAAA,oBAAA,EAAwB,KAAA,CAAgB,OAAO,CAAA;AAAA,KACzD;AAAA,EACD;AACD","file":"zk-verifier.js","sourcesContent":["import crypto from \"node:crypto\";\nimport { parentPort } from \"node:worker_threads\";\nimport { deriveLogicImageDigest } from \"../crypto/logic-image-id.js\";\n\n// Ensure this worker is used via Piscina pool\nif (!parentPort) {\n\t// Not fatal in Piscina, but handled appropriately\n}\n\n/**\n * ZK Verification Payload Structure.\n * Modeled after RISC Zero & SP1 Receipt formats.\n */\nexport interface ZkVerificationPayload {\n\taction: \"verify_receipt\" | \"warmup\";\n\t/** Original logic payload (JS/WASM) sent by client */\n\tlogicPayload?: Uint8Array;\n\t/** Expected ImageID (SHA-256) of the execution state */\n\tremoteImageIdHex?: string;\n\t/** Cbor-encoded or raw buffer containing the execution Receipt (Journal + Seal) */\n\tzkReceipt?: Uint8Array;\n\t/** Kyber-derived session secret to verify HMAC signature */\n\tsessionSecret?: Uint8Array;\n\t/** The expected output value of the computation for anti-replay/tampering verification */\n\texpectedOutput?: unknown;\n}\n\nfunction deriveImageId(logicPayload: Uint8Array): Buffer {\n\treturn deriveLogicImageDigest(logicPayload);\n}\n\ninterface ZkJournal {\n\timage_id: string;\n\tdataset_hash: string;\n\toutput_hash: string;\n\tfuel: number;\n\tts: number;\n}\n\nfunction tryExtractProxyOutput(logicPayload: Uint8Array): unknown | null {\n\ttry {\n\t\tconst logicStr = Buffer.from(logicPayload).toString(\"utf-8\").trim();\n\t\tif (!logicStr.includes(\"__liop_proxy_tool\")) {\n\t\t\treturn null;\n\t\t}\n\n\t\tconst firstBraceIdx = logicStr.indexOf(\"{\");\n\t\tif (firstBraceIdx === -1) {\n\t\t\treturn null;\n\t\t}\n\n\t\tlet braceCount = 0;\n\t\tlet inDoubleQuote = false;\n\t\tlet inSingleQuote = false;\n\t\tlet inBacktick = false;\n\t\tlet escaped = false;\n\t\tlet lastBraceIdx = -1;\n\n\t\tfor (let i = firstBraceIdx; i < logicStr.length; i++) {\n\t\t\tconst char = logicStr[i];\n\n\t\t\tif (escaped) {\n\t\t\t\tescaped = false;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (char === \"\\\\\") {\n\t\t\t\tescaped = true;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (char === '\"' && !inSingleQuote && !inBacktick) {\n\t\t\t\tinDoubleQuote = !inDoubleQuote;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (char === \"'\" && !inDoubleQuote && !inBacktick) {\n\t\t\t\tinSingleQuote = !inSingleQuote;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (char === \"`\" && !inDoubleQuote && !inSingleQuote) {\n\t\t\t\tinBacktick = !inBacktick;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (!inDoubleQuote && !inSingleQuote && !inBacktick) {\n\t\t\t\tif (char === \"{\") {\n\t\t\t\t\tbraceCount++;\n\t\t\t\t} else if (char === \"}\") {\n\t\t\t\t\tbraceCount--;\n\t\t\t\t\tif (braceCount === 0) {\n\t\t\t\t\t\tlastBraceIdx = i;\n\t\t\t\t\t\tbreak;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\tif (lastBraceIdx !== -1) {\n\t\t\tconst jsonStr = logicStr.slice(firstBraceIdx, lastBraceIdx + 1);\n\t\t\tconst parsed = JSON.parse(jsonStr);\n\t\t\tif (parsed?.__liop_proxy_tool) {\n\t\t\t\treturn parsed;\n\t\t\t}\n\t\t}\n\t} catch (_e) {\n\t\t// Fallback\n\t}\n\treturn null;\n}\n\n/**\n * Simulates heavy ZK-Proof cryptographic verification.\n * In a real environment, this delegates to @risc0/verifier or SP1 FFI bindings.\n */\nasync function verifyZkReceipt(\n\tpayload: ZkVerificationPayload,\n): Promise<{ verified: boolean; message: string }> {\n\tconst {\n\t\tlogicPayload,\n\t\tremoteImageIdHex,\n\t\tzkReceipt,\n\t\tsessionSecret,\n\t\texpectedOutput,\n\t} = payload;\n\n\tif (!logicPayload || !remoteImageIdHex || !zkReceipt) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: \"Missing required verification fields.\",\n\t\t};\n\t}\n\n\t// 1. Calculate local ImageID (Integrity Check)\n\tconst localImageId = deriveImageId(logicPayload);\n\tconst localImageIdHex = localImageId.toString(\"hex\");\n\n\tif (localImageIdHex !== remoteImageIdHex) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: `Integrity Violation: Local (${localImageIdHex.slice(0, 8)}) != Remote (${remoteImageIdHex.slice(0, 8)})`,\n\t\t};\n\t}\n\n\t// 2. Structural Verification: Deserialize Binary Receipt\n\tconst receiptBuf = Buffer.from(zkReceipt);\n\tif (receiptBuf.length < 35) {\n\t\t// 1 version + 2 len + 32 seal minimum\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: \"Receipt too short for binary format.\",\n\t\t};\n\t}\n\n\tconst version = receiptBuf[0];\n\tif (version !== 0x01) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: `Unknown receipt version: ${version}`,\n\t\t};\n\t}\n\n\tconst journalLen = receiptBuf.readUInt16BE(1);\n\tconst journal = receiptBuf.subarray(3, 3 + journalLen);\n\tconst seal = receiptBuf.subarray(3 + journalLen);\n\n\tif (seal.length !== 32) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: \"Invalid seal length (expected 32 bytes HMAC-SHA256).\",\n\t\t};\n\t}\n\n\t// 3. Parse journal and verify imageId\n\tlet journalData: ZkJournal;\n\ttry {\n\t\tjournalData = JSON.parse(journal.toString()) as ZkJournal;\n\t\tif (journalData.image_id !== localImageIdHex) {\n\t\t\treturn {\n\t\t\t\tverified: false,\n\t\t\t\tmessage: `Journal ImageID mismatch: ${journalData.image_id.slice(0, 8)} != ${localImageIdHex.slice(0, 8)}`,\n\t\t\t};\n\t\t}\n\t} catch (_e) {\n\t\treturn { verified: false, message: \"Failed to parse journal data.\" };\n\t}\n\n\t// 4. Mathematical Verification (HMAC-SHA256)\n\tif (sessionSecret && sessionSecret.length > 0) {\n\t\tconst expectedSeal = crypto\n\t\t\t.createHmac(\"sha256\", sessionSecret)\n\t\t\t.update(journal)\n\t\t\t.digest();\n\t\tif (!crypto.timingSafeEqual(seal, expectedSeal)) {\n\t\t\treturn {\n\t\t\t\tverified: false,\n\t\t\t\tmessage: \"Invalid seal: HMAC verification failed.\",\n\t\t\t};\n\t\t}\n\t}\n\n\t// 5. Output Hash Verification (Anti-Replay / Anti-Tampering)\n\tif (expectedOutput !== undefined) {\n\t\tconst proxyOutput = tryExtractProxyOutput(logicPayload);\n\t\tconst actualExpected = proxyOutput !== null ? proxyOutput : expectedOutput;\n\n\t\tconst expectedOutputStr =\n\t\t\ttypeof actualExpected === \"string\"\n\t\t\t\t? actualExpected\n\t\t\t\t: actualExpected === undefined\n\t\t\t\t\t? \"undefined\"\n\t\t\t\t\t: JSON.stringify(actualExpected);\n\t\tconst expectedOutputHash = crypto\n\t\t\t.createHash(\"sha256\")\n\t\t\t.update(expectedOutputStr)\n\t\t\t.digest(\"hex\");\n\n\t\tif (journalData.output_hash !== expectedOutputHash) {\n\t\t\treturn {\n\t\t\t\tverified: false,\n\t\t\t\tmessage: `Output Hash Mismatch (Replay/Tamper attempt): Journal output_hash (${journalData.output_hash.slice(0, 8)}) != Calculated output_hash (${expectedOutputHash.slice(0, 8)})`,\n\t\t\t};\n\t\t}\n\t}\n\n\treturn {\n\t\tverified: true,\n\t\tmessage: \"HMAC Commitment Verified: Integrity intact.\",\n\t};\n}\n\n/**\n * Main worker entry point for Piscina.\n */\nexport default async function workerHandler(\n\ttask: ZkVerificationPayload,\n): Promise<{ verified: boolean; message: string }> {\n\ttry {\n\t\tif (task.action === \"warmup\") {\n\t\t\treturn {\n\t\t\t\tverified: true,\n\t\t\t\tmessage: \"warm\",\n\t\t\t};\n\t\t}\n\t\tif (task.action === \"verify_receipt\") {\n\t\t\treturn await verifyZkReceipt(task);\n\t\t}\n\t\tthrow new Error(\"Unknown action in ZkVerifier Worker.\");\n\t} catch (error) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: `Verification Error: ${(error as Error).message}`,\n\t\t};\n\t}\n}\n"]}
1
+ {"version":3,"sources":["../../src/workers/zk-verifier.ts"],"names":[],"mappings":";;;;;AA2BA,SAAS,cAAc,YAAA,EAAkC;AACxD,EAAA,OAAO,uBAAuB,YAAY,CAAA;AAC3C;AAUA,SAAS,sBAAsB,YAAA,EAA0C;AACxE,EAAA,IAAI;AACH,IAAA,MAAM,QAAA,GAAW,OAAO,IAAA,CAAK,YAAY,EAAE,QAAA,CAAS,OAAO,EAAE,IAAA,EAAK;AAClE,IAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,mBAAmB,CAAA,EAAG;AAC5C,MAAA,OAAO,IAAA;AAAA,IACR;AAEA,IAAA,MAAM,aAAA,GAAgB,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AAC1C,IAAA,IAAI,kBAAkB,CAAA,CAAA,EAAI;AACzB,MAAA,OAAO,IAAA;AAAA,IACR;AAEA,IAAA,IAAI,UAAA,GAAa,CAAA;AACjB,IAAA,IAAI,aAAA,GAAgB,KAAA;AACpB,IAAA,IAAI,aAAA,GAAgB,KAAA;AACpB,IAAA,IAAI,UAAA,GAAa,KAAA;AACjB,IAAA,IAAI,OAAA,GAAU,KAAA;AACd,IAAA,IAAI,YAAA,GAAe,CAAA,CAAA;AAEnB,IAAA,KAAA,IAAS,CAAA,GAAI,aAAA,EAAe,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACrD,MAAA,MAAM,IAAA,GAAO,SAAS,CAAC,CAAA;AAEvB,MAAA,IAAI,OAAA,EAAS;AACZ,QAAA,OAAA,GAAU,KAAA;AACV,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,SAAS,IAAA,EAAM;AAClB,QAAA,OAAA,GAAU,IAAA;AACV,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,IAAA,KAAS,GAAA,IAAO,CAAC,aAAA,IAAiB,CAAC,UAAA,EAAY;AAClD,QAAA,aAAA,GAAgB,CAAC,aAAA;AACjB,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,IAAA,KAAS,GAAA,IAAO,CAAC,aAAA,IAAiB,CAAC,UAAA,EAAY;AAClD,QAAA,aAAA,GAAgB,CAAC,aAAA;AACjB,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,IAAA,KAAS,GAAA,IAAO,CAAC,aAAA,IAAiB,CAAC,aAAA,EAAe;AACrD,QAAA,UAAA,GAAa,CAAC,UAAA;AACd,QAAA;AAAA,MACD;AAEA,MAAA,IAAI,CAAC,aAAA,IAAiB,CAAC,aAAA,IAAiB,CAAC,UAAA,EAAY;AACpD,QAAA,IAAI,SAAS,GAAA,EAAK;AACjB,UAAA,UAAA,EAAA;AAAA,QACD,CAAA,MAAA,IAAW,SAAS,GAAA,EAAK;AACxB,UAAA,UAAA,EAAA;AACA,UAAA,IAAI,eAAe,CAAA,EAAG;AACrB,YAAA,YAAA,GAAe,CAAA;AACf,YAAA;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAAA,IACD;AAEA,IAAA,IAAI,iBAAiB,CAAA,CAAA,EAAI;AACxB,MAAA,MAAM,OAAA,GAAU,QAAA,CAAS,KAAA,CAAM,aAAA,EAAe,eAAe,CAAC,CAAA;AAC9D,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA;AACjC,MAAA,IAAI,QAAQ,iBAAA,EAAmB;AAC9B,QAAA,OAAO,MAAA;AAAA,MACR;AAAA,IACD;AAAA,EACD,SAAS,EAAA,EAAI;AAAA,EAEb;AACA,EAAA,OAAO,IAAA;AACR;AAMA,eAAe,gBACd,OAAA,EACkD;AAClD,EAAA,MAAM;AAAA,IACL,YAAA;AAAA,IACA,gBAAA;AAAA,IACA,SAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACD,GAAI,OAAA;AAEJ,EAAA,IAAI,CAAC,YAAA,IAAgB,CAAC,gBAAA,IAAoB,CAAC,SAAA,EAAW;AACrD,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS;AAAA,KACV;AAAA,EACD;AAGA,EAAA,MAAM,YAAA,GAAe,cAAc,YAAY,CAAA;AAC/C,EAAA,MAAM,eAAA,GAAkB,YAAA,CAAa,QAAA,CAAS,KAAK,CAAA;AAEnD,EAAA,IAAI,oBAAoB,gBAAA,EAAkB;AACzC,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS,CAAA,4BAAA,EAA+B,eAAA,CAAgB,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,aAAA,EAAgB,gBAAA,CAAiB,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,CAAA;AAAA,KAChH;AAAA,EACD;AAGA,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA;AACxC,EAAA,IAAI,UAAA,CAAW,SAAS,EAAA,EAAI;AAE3B,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS;AAAA,KACV;AAAA,EACD;AAEA,EAAA,MAAM,OAAA,GAAU,WAAW,CAAC,CAAA;AAC5B,EAAA,IAAI,YAAY,CAAA,EAAM;AACrB,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS,4BAA4B,OAAO,CAAA;AAAA,KAC7C;AAAA,EACD;AAEA,EAAA,MAAM,UAAA,GAAa,UAAA,CAAW,YAAA,CAAa,CAAC,CAAA;AAC5C,EAAA,MAAM,OAAA,GAAU,UAAA,CAAW,QAAA,CAAS,CAAA,EAAG,IAAI,UAAU,CAAA;AACrD,EAAA,MAAM,IAAA,GAAO,UAAA,CAAW,QAAA,CAAS,CAAA,GAAI,UAAU,CAAA;AAE/C,EAAA,IAAI,IAAA,CAAK,WAAW,EAAA,EAAI;AACvB,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS;AAAA,KACV;AAAA,EACD;AAGA,EAAA,IAAI,WAAA;AACJ,EAAA,IAAI;AACH,IAAA,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,OAAA,CAAQ,QAAA,EAAU,CAAA;AAC3C,IAAA,IAAI,WAAA,CAAY,aAAa,eAAA,EAAiB;AAC7C,MAAA,OAAO;AAAA,QACN,QAAA,EAAU,KAAA;AAAA,QACV,OAAA,EAAS,CAAA,0BAAA,EAA6B,WAAA,CAAY,QAAA,CAAS,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,IAAA,EAAO,eAAA,CAAgB,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA;AAAA,OACzG;AAAA,IACD;AAAA,EACD,SAAS,EAAA,EAAI;AACZ,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,OAAA,EAAS,+BAAA,EAAgC;AAAA,EACpE;AAGA,EAAA,IAAI,aAAA,IAAiB,aAAA,CAAc,MAAA,GAAS,CAAA,EAAG;AAC9C,IAAA,MAAM,YAAA,GAAe,OACnB,UAAA,CAAW,QAAA,EAAU,aAAa,CAAA,CAClC,MAAA,CAAO,OAAO,CAAA,CACd,MAAA,EAAO;AACT,IAAA,IAAI,CAAC,MAAA,CAAO,eAAA,CAAgB,IAAA,EAAM,YAAY,CAAA,EAAG;AAChD,MAAA,OAAO;AAAA,QACN,QAAA,EAAU,KAAA;AAAA,QACV,OAAA,EAAS;AAAA,OACV;AAAA,IACD;AAAA,EACD;AAGA,EAAA,IAAI,mBAAmB,MAAA,EAAW;AACjC,IAAA,MAAM,WAAA,GAAc,sBAAsB,YAAY,CAAA;AACtD,IAAA,MAAM,cAAA,GAAiB,WAAA,KAAgB,IAAA,GAAO,WAAA,GAAc,cAAA;AAE5D,IAAA,MAAM,iBAAA,GACL,OAAO,cAAA,KAAmB,QAAA,GACvB,cAAA,GACA,mBAAmB,MAAA,GAClB,WAAA,GACA,IAAA,CAAK,SAAA,CAAU,cAAc,CAAA;AAClC,IAAA,MAAM,kBAAA,GAAqB,OACzB,UAAA,CAAW,QAAQ,EACnB,MAAA,CAAO,iBAAiB,CAAA,CACxB,MAAA,CAAO,KAAK,CAAA;AAEd,IAAA,IAAI,WAAA,CAAY,gBAAgB,kBAAA,EAAoB;AACnD,MAAA,OAAO;AAAA,QACN,QAAA,EAAU,KAAA;AAAA,QACV,OAAA,EAAS,CAAA,mEAAA,EAAsE,WAAA,CAAY,WAAA,CAAY,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,6BAAA,EAAgC,kBAAA,CAAmB,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA,CAAA;AAAA,OACjL;AAAA,IACD;AAAA,EACD;AAEA,EAAA,OAAO;AAAA,IACN,QAAA,EAAU,IAAA;AAAA,IACV,OAAA,EAAS;AAAA,GACV;AACD;AAKA,eAAO,cACN,IAAA,EACkD;AAClD,EAAA,IAAI;AACH,IAAA,IAAI,IAAA,CAAK,WAAW,QAAA,EAAU;AAC7B,MAAA,OAAO;AAAA,QACN,QAAA,EAAU,IAAA;AAAA,QACV,OAAA,EAAS;AAAA,OACV;AAAA,IACD;AACA,IAAA,IAAI,IAAA,CAAK,WAAW,gBAAA,EAAkB;AACrC,MAAA,OAAO,MAAM,gBAAgB,IAAI,CAAA;AAAA,IAClC;AACA,IAAA,MAAM,IAAI,MAAM,sCAAsC,CAAA;AAAA,EACvD,SAAS,KAAA,EAAO;AACf,IAAA,OAAO;AAAA,MACN,QAAA,EAAU,KAAA;AAAA,MACV,OAAA,EAAS,CAAA,oBAAA,EAAwB,KAAA,CAAgB,OAAO,CAAA;AAAA,KACzD;AAAA,EACD;AACD","file":"zk-verifier.js","sourcesContent":["import crypto from \"node:crypto\";\nimport { parentPort } from \"node:worker_threads\";\nimport { deriveLogicImageDigest } from \"../crypto/logic-image-id.js\";\n\n// Ensure this worker is used via Piscina pool\nif (!parentPort) {\n\t// Not fatal in Piscina, but handled appropriately\n}\n\n/**\n * ZK Verification Payload Structure.\n * Modeled after RISC Zero & SP1 Receipt formats.\n */\nexport interface ZkVerificationPayload {\n\taction: \"verify_receipt\" | \"warmup\";\n\t/** Original logic payload (JS/WASM) sent by client */\n\tlogicPayload?: Uint8Array;\n\t/** Expected ImageID (SHA-256) of the execution state */\n\tremoteImageIdHex?: string;\n\t/** Cbor-encoded or raw buffer containing the execution Receipt (Journal + Seal) */\n\tzkReceipt?: Uint8Array;\n\t/** Kyber-derived session secret to verify HMAC signature */\n\tsessionSecret?: Uint8Array;\n\t/** The expected output value of the computation for anti-replay/tampering verification */\n\texpectedOutput?: unknown;\n}\n\nfunction deriveImageId(logicPayload: Uint8Array): Buffer {\n\treturn deriveLogicImageDigest(logicPayload);\n}\n\ninterface ZkJournal {\n\timage_id: string;\n\tdataset_hash: string;\n\toutput_hash: string;\n\tfuel: number;\n\tts: number;\n}\n\nfunction tryExtractProxyOutput(logicPayload: Uint8Array): unknown | null {\n\ttry {\n\t\tconst logicStr = Buffer.from(logicPayload).toString(\"utf-8\").trim();\n\t\tif (!logicStr.includes(\"__liop_proxy_tool\")) {\n\t\t\treturn null;\n\t\t}\n\n\t\tconst firstBraceIdx = logicStr.indexOf(\"{\");\n\t\tif (firstBraceIdx === -1) {\n\t\t\treturn null;\n\t\t}\n\n\t\tlet braceCount = 0;\n\t\tlet inDoubleQuote = false;\n\t\tlet inSingleQuote = false;\n\t\tlet inBacktick = false;\n\t\tlet escaped = false;\n\t\tlet lastBraceIdx = -1;\n\n\t\tfor (let i = firstBraceIdx; i < logicStr.length; i++) {\n\t\t\tconst char = logicStr[i];\n\n\t\t\tif (escaped) {\n\t\t\t\tescaped = false;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (char === \"\\\\\") {\n\t\t\t\tescaped = true;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (char === '\"' && !inSingleQuote && !inBacktick) {\n\t\t\t\tinDoubleQuote = !inDoubleQuote;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (char === \"'\" && !inDoubleQuote && !inBacktick) {\n\t\t\t\tinSingleQuote = !inSingleQuote;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (char === \"`\" && !inDoubleQuote && !inSingleQuote) {\n\t\t\t\tinBacktick = !inBacktick;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (!inDoubleQuote && !inSingleQuote && !inBacktick) {\n\t\t\t\tif (char === \"{\") {\n\t\t\t\t\tbraceCount++;\n\t\t\t\t} else if (char === \"}\") {\n\t\t\t\t\tbraceCount--;\n\t\t\t\t\tif (braceCount === 0) {\n\t\t\t\t\t\tlastBraceIdx = i;\n\t\t\t\t\t\tbreak;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\tif (lastBraceIdx !== -1) {\n\t\t\tconst jsonStr = logicStr.slice(firstBraceIdx, lastBraceIdx + 1);\n\t\t\tconst parsed = JSON.parse(jsonStr);\n\t\t\tif (parsed?.__liop_proxy_tool) {\n\t\t\t\treturn parsed;\n\t\t\t}\n\t\t}\n\t} catch (_e) {\n\t\t// Fallback\n\t}\n\treturn null;\n}\n\n/**\n * Simulates heavy ZK-Proof cryptographic verification.\n * In a real environment, this delegates to @risc0/verifier or SP1 FFI bindings.\n */\nasync function verifyZkReceipt(\n\tpayload: ZkVerificationPayload,\n): Promise<{ verified: boolean; message: string }> {\n\tconst {\n\t\tlogicPayload,\n\t\tremoteImageIdHex,\n\t\tzkReceipt,\n\t\tsessionSecret,\n\t\texpectedOutput,\n\t} = payload;\n\n\tif (!logicPayload || !remoteImageIdHex || !zkReceipt) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: \"Missing required verification fields.\",\n\t\t};\n\t}\n\n\t// 1. Calculate local ImageID (Integrity Check)\n\tconst localImageId = deriveImageId(logicPayload);\n\tconst localImageIdHex = localImageId.toString(\"hex\");\n\n\tif (localImageIdHex !== remoteImageIdHex) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: `Integrity Violation: Local (${localImageIdHex.slice(0, 8)}) != Remote (${remoteImageIdHex.slice(0, 8)})`,\n\t\t};\n\t}\n\n\t// 2. Structural Verification: Deserialize Binary Receipt\n\tconst receiptBuf = Buffer.from(zkReceipt);\n\tif (receiptBuf.length < 35) {\n\t\t// 1 version + 2 len + 32 seal minimum\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: \"Receipt too short for binary format.\",\n\t\t};\n\t}\n\n\tconst version = receiptBuf[0];\n\tif (version !== 0x01) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: `Unknown receipt version: ${version}`,\n\t\t};\n\t}\n\n\tconst journalLen = receiptBuf.readUInt16BE(1);\n\tconst journal = receiptBuf.subarray(3, 3 + journalLen);\n\tconst seal = receiptBuf.subarray(3 + journalLen);\n\n\tif (seal.length !== 32) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: \"Invalid seal length (expected 32 bytes HMAC-SHA256).\",\n\t\t};\n\t}\n\n\t// 3. Parse journal and verify imageId\n\tlet journalData: ZkJournal;\n\ttry {\n\t\tjournalData = JSON.parse(journal.toString()) as ZkJournal;\n\t\tif (journalData.image_id !== localImageIdHex) {\n\t\t\treturn {\n\t\t\t\tverified: false,\n\t\t\t\tmessage: `Journal ImageID mismatch: ${journalData.image_id.slice(0, 8)} != ${localImageIdHex.slice(0, 8)}`,\n\t\t\t};\n\t\t}\n\t} catch (_e) {\n\t\treturn { verified: false, message: \"Failed to parse journal data.\" };\n\t}\n\n\t// 4. Mathematical Verification (HMAC-SHA256)\n\tif (sessionSecret && sessionSecret.length > 0) {\n\t\tconst expectedSeal = crypto\n\t\t\t.createHmac(\"sha256\", sessionSecret)\n\t\t\t.update(journal)\n\t\t\t.digest();\n\t\tif (!crypto.timingSafeEqual(seal, expectedSeal)) {\n\t\t\treturn {\n\t\t\t\tverified: false,\n\t\t\t\tmessage: \"Invalid seal: HMAC verification failed.\",\n\t\t\t};\n\t\t}\n\t}\n\n\t// 5. Output Hash Verification (Anti-Replay / Anti-Tampering)\n\tif (expectedOutput !== undefined) {\n\t\tconst proxyOutput = tryExtractProxyOutput(logicPayload);\n\t\tconst actualExpected = proxyOutput !== null ? proxyOutput : expectedOutput;\n\n\t\tconst expectedOutputStr =\n\t\t\ttypeof actualExpected === \"string\"\n\t\t\t\t? actualExpected\n\t\t\t\t: actualExpected === undefined\n\t\t\t\t\t? \"undefined\"\n\t\t\t\t\t: JSON.stringify(actualExpected);\n\t\tconst expectedOutputHash = crypto\n\t\t\t.createHash(\"sha256\")\n\t\t\t.update(expectedOutputStr)\n\t\t\t.digest(\"hex\");\n\n\t\tif (journalData.output_hash !== expectedOutputHash) {\n\t\t\treturn {\n\t\t\t\tverified: false,\n\t\t\t\tmessage: `Output Hash Mismatch (Replay/Tamper attempt): Journal output_hash (${journalData.output_hash.slice(0, 8)}) != Calculated output_hash (${expectedOutputHash.slice(0, 8)})`,\n\t\t\t};\n\t\t}\n\t}\n\n\treturn {\n\t\tverified: true,\n\t\tmessage: \"HMAC Commitment Verified: Integrity intact.\",\n\t};\n}\n\n/**\n * Main worker entry point for Piscina.\n */\nexport default async function workerHandler(\n\ttask: ZkVerificationPayload,\n): Promise<{ verified: boolean; message: string }> {\n\ttry {\n\t\tif (task.action === \"warmup\") {\n\t\t\treturn {\n\t\t\t\tverified: true,\n\t\t\t\tmessage: \"warm\",\n\t\t\t};\n\t\t}\n\t\tif (task.action === \"verify_receipt\") {\n\t\t\treturn await verifyZkReceipt(task);\n\t\t}\n\t\tthrow new Error(\"Unknown action in ZkVerifier Worker.\");\n\t} catch (error) {\n\t\treturn {\n\t\t\tverified: false,\n\t\t\tmessage: `Verification Error: ${(error as Error).message}`,\n\t\t};\n\t}\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nekzus/liop",
3
- "version": "2.1.0-alpha.5",
3
+ "version": "2.1.0-alpha.7",
4
4
  "description": "Official SDK for Logic-Injection-on-Origin Protocol (LIOP). Deploy Logic-on-Origin with WebAssembly at gRPC speed and bidirectional MCP compatibility.",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -85,10 +85,14 @@
85
85
  "@types/node": "25.3.1",
86
86
  "@types/oidc-provider": "9.5.0",
87
87
  "@vitest/coverage-v8": "4.1.8",
88
+ "acorn": "8.16.0",
89
+ "acorn-walk": "8.3.5",
88
90
  "tsup": "8.5.1",
89
91
  "tsx": "4.21.0",
90
92
  "typescript": "5.9.3",
91
- "vitest": "4.1.8"
93
+ "vitest": "4.1.8",
94
+ "zod": "3.25.76",
95
+ "zod-to-json-schema": "3.24.1"
92
96
  },
93
97
  "dependencies": {
94
98
  "@chainsafe/libp2p-noise": "17.0.0",
@@ -105,8 +109,6 @@
105
109
  "@libp2p/tcp": "11.0.20",
106
110
  "@libp2p/websockets": "10.1.13",
107
111
  "@multiformats/multiaddr": "13.0.1",
108
- "acorn": "8.16.0",
109
- "acorn-walk": "8.3.5",
110
112
  "hono": "4.12.23",
111
113
  "it-pipe": "3.0.1",
112
114
  "jose": "6.2.3",
@@ -115,9 +117,7 @@
115
117
  "multiformats": "13.4.2",
116
118
  "oidc-provider": "9.8.4",
117
119
  "piscina": "5.1.4",
118
- "uint8arrays": "3.1.1",
119
- "zod": "3.25.76",
120
- "zod-to-json-schema": "3.24.1"
120
+ "uint8arrays": "3.1.1"
121
121
  },
122
122
  "optionalDependencies": {
123
123
  "@modelcontextprotocol/sdk": "1.28.0",