@nextera.one/axis-server-sdk 0.8.0 → 0.9.1

package/dist/index.d.mts

@@ -1,4 +1,4 @@
-import { AxisFrame } from './core/index.mjs';
+import { AxisFrame as AxisFrame$1 } from './core/index.mjs';
 export { AXIS_MAGIC, AXIS_VERSION, AxisBinaryFrame, AxisFrameZ, TLV as AxisTlvType, BodyProfile, ERR_BAD_SIGNATURE, ERR_CONTRACT_VIOLATION, ERR_INVALID_PACKET, ERR_REPLAY_DETECTED, FLAG_BODY_TLV, FLAG_CHAIN_REQ, FLAG_HAS_WITNESS, MAX_BODY_LEN, MAX_FRAME_LEN, MAX_HDR_LEN, MAX_SIG_LEN, NCERT_ALG, NCERT_EXP, NCERT_ISSUER_KID, NCERT_KID, NCERT_NBF, NCERT_NODE_ID, NCERT_PAYLOAD, NCERT_PUB, NCERT_SCOPE, NCERT_SIG, PROOF_CAPSULE, PROOF_JWT, PROOF_LOOM, PROOF_MTLS, PROOF_NONE, PROOF_WITNESS, ProofType, TLV, TLV_ACTOR_ID, TLV_AUD, TLV_BODY_ARR, TLV_BODY_OBJ, TLV_CAPSULE, TLV_EFFECT, TLV_ERROR_CODE, TLV_ERROR_MSG, TLV_INDEX, TLV_INTENT, TLV_KID, TLV_LOOM_PRESENCE_ID, TLV_LOOM_THREAD_HASH, TLV_LOOM_WRIT, TLV_NODE, TLV_NODE_CERT_HASH, TLV_NODE_KID, TLV_NONCE, TLV_OFFSET, TLV_OK, TLV_PID, TLV_PREV_HASH, TLV_PROOF_REF, TLV_PROOF_TYPE, TLV_REALM, TLV_RECEIPT_HASH, TLV_RID, TLV_SHA256_CHUNK, TLV_TRACE_ID, TLV_TS, TLV_UPLOAD_ID, computeReceiptHash, computeSignaturePayload, decodeArray, decodeFrame, decodeObject, decodeTLVs, decodeTLVsList, decodeVarint, encodeFrame, encodeTLVs, encodeVarint, generateEd25519KeyPair, getSignTarget, sha256, signFrame, varintLength, verifyFrameSignature } from './core/index.mjs';
 import 'zod';
 
@@ -29,7 +29,7 @@ declare class IntentRouter {
     private handlers;
     register(intent: string, handler: any): void;
     registerHandler(instance: any): void;
-    route(frame: AxisFrame): Promise<AxisEffect>;
+    route(frame: AxisFrame$1): Promise<AxisEffect>;
     private recordLatency;
 }
 
@@ -307,12 +307,12 @@ declare function b64urlDecodeString(str: string, encoding?: BufferEncoding): str
 declare function canonicalJson(value: any): string;
 declare function canonicalJsonExcluding(obj: Record<string, any>, exclude: string[]): string;
 
-type AxisAlg = 'EdDSA' | 'ES256' | 'RS256';
+type AxisAlg$1 = 'EdDSA' | 'ES256' | 'RS256';
 type CapsuleStatus = 'ACTIVE' | 'CONSUMED' | 'REVOKED' | 'EXPIRED';
 type CapsuleMode = 'SINGLE_USE' | 'MULTI_USE';
 type KeyStatus = 'ACTIVE' | 'GRACE' | 'REVOKED' | 'RETIRED';
-interface AxisSig {
-    alg: AxisAlg;
+interface AxisSig$1 {
+    alg: AxisAlg$1;
     kid: string;
     value: string;
 }
@@ -324,7 +324,7 @@ interface AxisPacket$1<T = any> {
     actorId: string;
     opcode: string;
     body: T;
-    sig: AxisSig;
+    sig: AxisSig$1;
 }
 interface AxisCapsuleConstraints {
     maxAmount?: number;
@@ -364,7 +364,7 @@ interface AxisCapsulePayload {
 }
 interface AxisCapsule {
     payload: AxisCapsulePayload;
-    sig: AxisSig;
+    sig: AxisSig$1;
 }
 interface CapsuleIssueBody {
     intent: string;
@@ -396,7 +396,7 @@ interface CapsuleRevokeBody {
     capsuleId: string;
     reason: string;
 }
-interface AxisResponse<T = any> {
+interface AxisResponse$1<T = any> {
     ok: boolean;
     pid: string;
     decisionId: string;
@@ -546,6 +546,26 @@ type AxisPacket = {
 };
 declare function buildPacket(hdr: Buffer, body: Buffer, sig: Buffer, flags?: number): AxisPacket;
 
+type AxisAlg = Extract<AxisAlg$1, 'EdDSA'>;
+type AxisSig = AxisSig$1 & {
+    alg: AxisAlg;
+};
+interface AxisFrame<T = any> {
+    v: 1;
+    pid: string;
+    nonce: string;
+    ts: number;
+    actorId: string;
+    aud?: string;
+    opcode: string;
+    headers: Map<number, Uint8Array>;
+    body: T;
+    sig: AxisSig;
+}
+type AxisResponse<T = any> = AxisResponse$1<T> & {
+    policyRefs?: string[];
+    riskScore?: number;
+};
 interface AxisObservedContext {
     ip?: string;
     ua?: string;
@@ -703,6 +723,27 @@ type Capability = keyof typeof CAPABILITIES;
 declare const PROOF_CAPABILITIES: Record<number, Capability[]>;
 declare const INTENT_REQUIREMENTS: Record<string, Capability[]>;
 
+interface RiskSignal {
+    type: string;
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    value: any;
+    message: string;
+}
+declare enum RiskDecision {
+    ALLOW = "ALLOW",
+    THROTTLE = "THROTTLE",
+    STEP_UP = "STEP_UP",
+    WITNESS = "WITNESS",
+    DENY = "DENY"
+}
+interface RiskEvaluation {
+    decision: RiskDecision;
+    reason?: string;
+    retryAfterMs?: number;
+    confidence: number;
+    signals: RiskSignal[];
+}
+
 declare const AXIS_OPCODES: Set<string>;
 declare function isKnownOpcode(op: string): boolean;
 declare function isAdminOpcode(op: string): boolean;
@@ -737,4 +778,7 @@ interface IntentDefinition {
     deprecated?: boolean;
 }
 
-export { ATS1_HDR, ATS1_SCHEMA, AXIS_OPCODES, type ActorKeyRecord, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, type AxisCrudHandler, type AxisEffect, type AxisHandler, type AxisHandlerInit, type AxisObservedContext, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, type AxisPostSensor, type AxisPreSensor, type AxisRequestContext, type AxisResponse, type AxisSensor, type AxisSensorInit, type AxisSig, CAPABILITIES, type Capability, type CapsuleBatchBody, type CapsuleBatchResult, type CapsuleIssueBody, type CapsuleIssueResult, type CapsuleMode, type CapsuleRecord, type CapsuleRevokeBody, type CapsuleStatus, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, HANDLER_METADATA_KEY, Handler, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_TIMEOUTS, Intent, type IntentDefinition, type IntentExecBody, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, type IssuerKeyRecord, type KeyStatus, PROOF_CAPABILITIES, type ReceiptEffect, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, type SensorDecision, SensorDecisions, type SensorInput, type SensorMinifiedDecision, type SensorPhaseMetadata, type TickWindow, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildPacket, buildReceiptHash, buildTLVs, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, classifyIntent, decodeAxis1Frame, encVarint, encodeAxis1Frame, hasScope, isAdminOpcode, isKnownOpcode, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseScope, resolveTimeout, sensitivityName, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, varintU };
+declare function validateFrameShape(frame: any): boolean;
+declare function isTimestampValid(ts: number, skewSeconds?: number): boolean;
+
+export { ATS1_HDR, ATS1_SCHEMA, AXIS_OPCODES, type ActorKeyRecord, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg$1 as AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, type AxisCrudHandler, type AxisEffect, type AxisHandler, type AxisHandlerInit, type AxisAlg as AxisJsonAlg, type AxisFrame as AxisJsonFrame, type AxisResponse as AxisJsonResponse, type AxisSig as AxisJsonSig, type AxisObservedContext, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, type AxisPostSensor, type AxisPreSensor, type AxisRequestContext, type AxisResponse$1 as AxisResponse, type AxisSensor, type AxisSensorInit, type AxisSig$1 as AxisSig, CAPABILITIES, type Capability, type CapsuleBatchBody, type CapsuleBatchResult, type CapsuleIssueBody, type CapsuleIssueResult, type CapsuleMode, type CapsuleRecord, type CapsuleRevokeBody, type CapsuleStatus, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, HANDLER_METADATA_KEY, Handler, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_TIMEOUTS, Intent, type IntentDefinition, type IntentExecBody, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, type IssuerKeyRecord, type KeyStatus, PROOF_CAPABILITIES, type ReceiptEffect, RiskDecision, type RiskEvaluation, type RiskSignal, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, type SensorDecision, SensorDecisions, type SensorInput, type SensorMinifiedDecision, type SensorPhaseMetadata, type TickWindow, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildPacket, buildReceiptHash, buildTLVs, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, classifyIntent, decodeAxis1Frame, encVarint, encodeAxis1Frame, hasScope, isAdminOpcode, isKnownOpcode, isTimestampValid, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseScope, resolveTimeout, sensitivityName, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, validateFrameShape, varintU };

package/dist/index.d.ts

@@ -1,4 +1,4 @@
-import { AxisFrame } from './core/index.js';
+import { AxisFrame as AxisFrame$1 } from './core/index.js';
 export { AXIS_MAGIC, AXIS_VERSION, AxisBinaryFrame, AxisFrameZ, TLV as AxisTlvType, BodyProfile, ERR_BAD_SIGNATURE, ERR_CONTRACT_VIOLATION, ERR_INVALID_PACKET, ERR_REPLAY_DETECTED, FLAG_BODY_TLV, FLAG_CHAIN_REQ, FLAG_HAS_WITNESS, MAX_BODY_LEN, MAX_FRAME_LEN, MAX_HDR_LEN, MAX_SIG_LEN, NCERT_ALG, NCERT_EXP, NCERT_ISSUER_KID, NCERT_KID, NCERT_NBF, NCERT_NODE_ID, NCERT_PAYLOAD, NCERT_PUB, NCERT_SCOPE, NCERT_SIG, PROOF_CAPSULE, PROOF_JWT, PROOF_LOOM, PROOF_MTLS, PROOF_NONE, PROOF_WITNESS, ProofType, TLV, TLV_ACTOR_ID, TLV_AUD, TLV_BODY_ARR, TLV_BODY_OBJ, TLV_CAPSULE, TLV_EFFECT, TLV_ERROR_CODE, TLV_ERROR_MSG, TLV_INDEX, TLV_INTENT, TLV_KID, TLV_LOOM_PRESENCE_ID, TLV_LOOM_THREAD_HASH, TLV_LOOM_WRIT, TLV_NODE, TLV_NODE_CERT_HASH, TLV_NODE_KID, TLV_NONCE, TLV_OFFSET, TLV_OK, TLV_PID, TLV_PREV_HASH, TLV_PROOF_REF, TLV_PROOF_TYPE, TLV_REALM, TLV_RECEIPT_HASH, TLV_RID, TLV_SHA256_CHUNK, TLV_TRACE_ID, TLV_TS, TLV_UPLOAD_ID, computeReceiptHash, computeSignaturePayload, decodeArray, decodeFrame, decodeObject, decodeTLVs, decodeTLVsList, decodeVarint, encodeFrame, encodeTLVs, encodeVarint, generateEd25519KeyPair, getSignTarget, sha256, signFrame, varintLength, verifyFrameSignature } from './core/index.js';
 import 'zod';
 
@@ -29,7 +29,7 @@ declare class IntentRouter {
     private handlers;
     register(intent: string, handler: any): void;
     registerHandler(instance: any): void;
-    route(frame: AxisFrame): Promise<AxisEffect>;
+    route(frame: AxisFrame$1): Promise<AxisEffect>;
     private recordLatency;
 }
 
@@ -307,12 +307,12 @@ declare function b64urlDecodeString(str: string, encoding?: BufferEncoding): str
 declare function canonicalJson(value: any): string;
 declare function canonicalJsonExcluding(obj: Record<string, any>, exclude: string[]): string;
 
-type AxisAlg = 'EdDSA' | 'ES256' | 'RS256';
+type AxisAlg$1 = 'EdDSA' | 'ES256' | 'RS256';
 type CapsuleStatus = 'ACTIVE' | 'CONSUMED' | 'REVOKED' | 'EXPIRED';
 type CapsuleMode = 'SINGLE_USE' | 'MULTI_USE';
 type KeyStatus = 'ACTIVE' | 'GRACE' | 'REVOKED' | 'RETIRED';
-interface AxisSig {
-    alg: AxisAlg;
+interface AxisSig$1 {
+    alg: AxisAlg$1;
     kid: string;
     value: string;
 }
@@ -324,7 +324,7 @@ interface AxisPacket$1<T = any> {
     actorId: string;
     opcode: string;
     body: T;
-    sig: AxisSig;
+    sig: AxisSig$1;
 }
 interface AxisCapsuleConstraints {
     maxAmount?: number;
@@ -364,7 +364,7 @@ interface AxisCapsulePayload {
 }
 interface AxisCapsule {
     payload: AxisCapsulePayload;
-    sig: AxisSig;
+    sig: AxisSig$1;
 }
 interface CapsuleIssueBody {
     intent: string;
@@ -396,7 +396,7 @@ interface CapsuleRevokeBody {
     capsuleId: string;
     reason: string;
 }
-interface AxisResponse<T = any> {
+interface AxisResponse$1<T = any> {
     ok: boolean;
     pid: string;
     decisionId: string;
@@ -546,6 +546,26 @@ type AxisPacket = {
 };
 declare function buildPacket(hdr: Buffer, body: Buffer, sig: Buffer, flags?: number): AxisPacket;
 
+type AxisAlg = Extract<AxisAlg$1, 'EdDSA'>;
+type AxisSig = AxisSig$1 & {
+    alg: AxisAlg;
+};
+interface AxisFrame<T = any> {
+    v: 1;
+    pid: string;
+    nonce: string;
+    ts: number;
+    actorId: string;
+    aud?: string;
+    opcode: string;
+    headers: Map<number, Uint8Array>;
+    body: T;
+    sig: AxisSig;
+}
+type AxisResponse<T = any> = AxisResponse$1<T> & {
+    policyRefs?: string[];
+    riskScore?: number;
+};
 interface AxisObservedContext {
     ip?: string;
     ua?: string;
@@ -703,6 +723,27 @@ type Capability = keyof typeof CAPABILITIES;
 declare const PROOF_CAPABILITIES: Record<number, Capability[]>;
 declare const INTENT_REQUIREMENTS: Record<string, Capability[]>;
 
+interface RiskSignal {
+    type: string;
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    value: any;
+    message: string;
+}
+declare enum RiskDecision {
+    ALLOW = "ALLOW",
+    THROTTLE = "THROTTLE",
+    STEP_UP = "STEP_UP",
+    WITNESS = "WITNESS",
+    DENY = "DENY"
+}
+interface RiskEvaluation {
+    decision: RiskDecision;
+    reason?: string;
+    retryAfterMs?: number;
+    confidence: number;
+    signals: RiskSignal[];
+}
+
 declare const AXIS_OPCODES: Set<string>;
 declare function isKnownOpcode(op: string): boolean;
 declare function isAdminOpcode(op: string): boolean;
@@ -737,4 +778,7 @@ interface IntentDefinition {
     deprecated?: boolean;
 }
 
-export { ATS1_HDR, ATS1_SCHEMA, AXIS_OPCODES, type ActorKeyRecord, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, type AxisCrudHandler, type AxisEffect, type AxisHandler, type AxisHandlerInit, type AxisObservedContext, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, type AxisPostSensor, type AxisPreSensor, type AxisRequestContext, type AxisResponse, type AxisSensor, type AxisSensorInit, type AxisSig, CAPABILITIES, type Capability, type CapsuleBatchBody, type CapsuleBatchResult, type CapsuleIssueBody, type CapsuleIssueResult, type CapsuleMode, type CapsuleRecord, type CapsuleRevokeBody, type CapsuleStatus, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, HANDLER_METADATA_KEY, Handler, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_TIMEOUTS, Intent, type IntentDefinition, type IntentExecBody, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, type IssuerKeyRecord, type KeyStatus, PROOF_CAPABILITIES, type ReceiptEffect, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, type SensorDecision, SensorDecisions, type SensorInput, type SensorMinifiedDecision, type SensorPhaseMetadata, type TickWindow, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildPacket, buildReceiptHash, buildTLVs, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, classifyIntent, decodeAxis1Frame, encVarint, encodeAxis1Frame, hasScope, isAdminOpcode, isKnownOpcode, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseScope, resolveTimeout, sensitivityName, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, varintU };
+declare function validateFrameShape(frame: any): boolean;
+declare function isTimestampValid(ts: number, skewSeconds?: number): boolean;
+
+export { ATS1_HDR, ATS1_SCHEMA, AXIS_OPCODES, type ActorKeyRecord, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg$1 as AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, type AxisCrudHandler, type AxisEffect, type AxisHandler, type AxisHandlerInit, type AxisAlg as AxisJsonAlg, type AxisFrame as AxisJsonFrame, type AxisResponse as AxisJsonResponse, type AxisSig as AxisJsonSig, type AxisObservedContext, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, type AxisPostSensor, type AxisPreSensor, type AxisRequestContext, type AxisResponse$1 as AxisResponse, type AxisSensor, type AxisSensorInit, type AxisSig$1 as AxisSig, CAPABILITIES, type Capability, type CapsuleBatchBody, type CapsuleBatchResult, type CapsuleIssueBody, type CapsuleIssueResult, type CapsuleMode, type CapsuleRecord, type CapsuleRevokeBody, type CapsuleStatus, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, HANDLER_METADATA_KEY, Handler, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_TIMEOUTS, Intent, type IntentDefinition, type IntentExecBody, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, type IssuerKeyRecord, type KeyStatus, PROOF_CAPABILITIES, type ReceiptEffect, RiskDecision, type RiskEvaluation, type RiskSignal, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, type SensorDecision, SensorDecisions, type SensorInput, type SensorMinifiedDecision, type SensorPhaseMetadata, type TickWindow, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildPacket, buildReceiptHash, buildTLVs, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, classifyIntent, decodeAxis1Frame, encVarint, encodeAxis1Frame, hasScope, isAdminOpcode, isKnownOpcode, isTimestampValid, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseScope, resolveTimeout, sensitivityName, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, validateFrameShape, varintU };

package/dist/index.js

@@ -91,6 +91,7 @@ __export(index_exports, {
   PROOF_NONE: () => PROOF_NONE,
   PROOF_WITNESS: () => PROOF_WITNESS,
   ProofType: () => ProofType,
+  RiskDecision: () => RiskDecision,
   Schema2002_PasskeyLoginOptionsRes: () => Schema2002_PasskeyLoginOptionsRes,
   Schema2011_PasskeyLoginVerifyReq: () => Schema2011_PasskeyLoginVerifyReq,
   Schema2012_PasskeyLoginVerifyRes: () => Schema2012_PasskeyLoginVerifyRes,
@@ -160,6 +161,7 @@ __export(index_exports, {
   hasScope: () => hasScope,
   isAdminOpcode: () => isAdminOpcode,
   isKnownOpcode: () => isKnownOpcode,
+  isTimestampValid: () => isTimestampValid,
   nonce16: () => nonce16,
   normalizeSensorDecision: () => normalizeSensorDecision,
   packPasskeyLoginOptionsReq: () => packPasskeyLoginOptionsReq,
@@ -178,6 +180,7 @@ __export(index_exports, {
   unpackPasskeyLoginVerifyReq: () => unpackPasskeyLoginVerifyReq,
   unpackPasskeyRegisterOptionsReq: () => unpackPasskeyRegisterOptionsReq,
   utf8: () => utf8,
+  validateFrameShape: () => validateFrameShape,
   varintLength: () => varintLength,
   varintU: () => varintU,
   verifyFrameSignature: () => verifyFrameSignature
@@ -2109,6 +2112,16 @@ var INTENT_REQUIREMENTS = {
   "admin.*": ["admin"]
 };
 
+// src/risk/index.ts
+var RiskDecision = /* @__PURE__ */ ((RiskDecision2) => {
+  RiskDecision2["ALLOW"] = "ALLOW";
+  RiskDecision2["THROTTLE"] = "THROTTLE";
+  RiskDecision2["STEP_UP"] = "STEP_UP";
+  RiskDecision2["WITNESS"] = "WITNESS";
+  RiskDecision2["DENY"] = "DENY";
+  return RiskDecision2;
+})(RiskDecision || {});
+
 // src/core/opcodes.ts
 var AXIS_OPCODES = /* @__PURE__ */ new Set([
   "CAPSULE.ISSUE",
@@ -2228,6 +2241,49 @@ function resolveTimeout(intent) {
   }
   return DEFAULT_TIMEOUT;
 }
+
+// src/core/frame-validator.ts
+function validateFrameShape(frame) {
+  if (!frame || typeof frame !== "object") {
+    return false;
+  }
+  if (frame.v !== 1) {
+    return false;
+  }
+  const requiredStrings = ["pid", "nonce", "actorId", "opcode"];
+  for (const key of requiredStrings) {
+    if (typeof frame[key] !== "string" || frame[key].length < 6) {
+      return false;
+    }
+  }
+  if (typeof frame.ts !== "number" || !Number.isFinite(frame.ts)) {
+    return false;
+  }
+  if (frame.aud !== void 0 && (typeof frame.aud !== "string" || frame.aud.length === 0)) {
+    return false;
+  }
+  if (!frame.sig || typeof frame.sig !== "object") {
+    return false;
+  }
+  if (frame.sig.alg !== "EdDSA") {
+    return false;
+  }
+  if (typeof frame.sig.kid !== "string" || frame.sig.kid.length < 8) {
+    return false;
+  }
+  if (typeof frame.sig.value !== "string" || frame.sig.value.length < 32) {
+    return false;
+  }
+  if (typeof frame.body !== "object" || frame.body === null) {
+    return false;
+  }
+  return true;
+}
+function isTimestampValid(ts, skewSeconds = 120) {
+  const now = Math.floor(Date.now() / 1e3);
+  const diff = Math.abs(now - ts);
+  return diff <= skewSeconds;
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   ATS1_HDR,
@@ -2284,6 +2340,7 @@ function resolveTimeout(intent) {
   PROOF_NONE,
   PROOF_WITNESS,
   ProofType,
+  RiskDecision,
   Schema2002_PasskeyLoginOptionsRes,
   Schema2011_PasskeyLoginVerifyReq,
   Schema2012_PasskeyLoginVerifyRes,
@@ -2353,6 +2410,7 @@ function resolveTimeout(intent) {
   hasScope,
   isAdminOpcode,
   isKnownOpcode,
+  isTimestampValid,
   nonce16,
   normalizeSensorDecision,
   packPasskeyLoginOptionsReq,
@@ -2371,6 +2429,7 @@ function resolveTimeout(intent) {
   unpackPasskeyLoginVerifyReq,
   unpackPasskeyRegisterOptionsReq,
   utf8,
+  validateFrameShape,
   varintLength,
   varintU,
   verifyFrameSignature