@nextera.one/axis-server-sdk 2.1.4 → 2.1.6

package/dist/index.d.mts

@@ -1,7 +1,7 @@
+import * as z from 'zod';
 import { A as AxisFrame$2 } from './index-DXHfWxLG.mjs';
 export { a as AxisBinaryFrame, b as AxisError, c as AxisFrameZ, d as AxisMediaTypes, e as computeReceiptHash, f as computeSignaturePayload, i as core, g as decodeFrame, h as encodeFrame, j as generateEd25519KeyPair, k as getSignTarget, s as sha256, l as signFrame, v as verifyFrameSignature } from './index-DXHfWxLG.mjs';
 import { ModuleRef, DiscoveryService, Reflector, MetadataScanner } from '@nestjs/core';
-import * as z from 'zod';
 import { PROOF_LOOM, TLV_LOOM_PRESENCE_ID, TLV_LOOM_THREAD_HASH, TLV_LOOM_WRIT } from '@nextera.one/axis-protocol';
 export { AXIS_MAGIC, AXIS_VERSION, TLV as AxisTlvType, BodyProfile, ERR_BAD_SIGNATURE, ERR_CONTRACT_VIOLATION, ERR_INVALID_PACKET, ERR_REPLAY_DETECTED, FLAG_BODY_TLV, FLAG_CHAIN_REQ, FLAG_HAS_WITNESS, MAX_BODY_LEN, MAX_FRAME_LEN, MAX_HDR_LEN, MAX_SIG_LEN, NCERT_ALG, NCERT_EXP, NCERT_ISSUER_KID, NCERT_KID, NCERT_NBF, NCERT_NODE_ID, NCERT_PAYLOAD, NCERT_PUB, NCERT_SCOPE, NCERT_SIG, PROOF_CAPSULE, PROOF_JWT, PROOF_LOOM, PROOF_MTLS, PROOF_NONE, PROOF_WITNESS, ProofType, TLV, TLV_ACTOR_ID, TLV_AUD, TLV_BODY_ARR, TLV_BODY_OBJ, TLV_CAPSULE, TLV_EFFECT, TLV_ERROR_CODE, TLV_ERROR_MSG, TLV_INDEX, TLV_INTENT, TLV_KID, TLV_LOOM_PRESENCE_ID, TLV_LOOM_THREAD_HASH, TLV_LOOM_WRIT, TLV_NODE, TLV_NODE_CERT_HASH, TLV_NODE_KID, TLV_NONCE, TLV_OFFSET, TLV_OK, TLV_PID, TLV_LOOM_PRESENCE_ID as TLV_PRESENCE_ID, TLV_PREV_HASH, TLV_PROOF_REF, TLV_PROOF_TYPE, TLV_REALM, TLV_RECEIPT_HASH, TLV_RID, TLV_SHA256_CHUNK, TLV_LOOM_THREAD_HASH as TLV_THREAD_HASH, TLV_TRACE_ID, TLV_TS, TLV_UPLOAD_ID, TLV_LOOM_WRIT as TLV_WRIT, decodeArray, decodeObject, decodeTLVs, decodeTLVsList, decodeVarint, encodeTLVs, encodeVarint, varintLength } from '@nextera.one/axis-protocol';
 import { OnApplicationBootstrap, OnModuleInit } from '@nestjs/common';
@@ -139,800 +139,73 @@ declare function CapsulePolicy(options?: CapsulePolicyOptions): ClassDecorator &
 declare function normalizeCapsulePolicyOptions(options?: CapsulePolicyOptions): CapsulePolicyOptions;
 declare function mergeCapsulePolicyOptions(base?: CapsulePolicyOptions, override?: CapsulePolicyOptions): CapsulePolicyOptions | undefined;
 
-declare const HANDLER_METADATA_KEY = "axis:handler";
-declare function Handler(intent?: string): ClassDecorator;
-
-declare const INTENT_METADATA_KEY = "axis:intent";
-declare const INTENT_ROUTES_KEY = "axis:intent_routes";
-type IntentKind = 'create' | 'read' | 'update' | 'delete' | 'action';
-interface IntentTlvField {
-    name: string;
-    tag: number;
-    kind: 'utf8' | 'u64' | 'bytes' | 'bytes16' | 'bool' | 'obj' | 'arr';
-    required?: boolean;
-    maxLen?: number;
-    max?: string;
-    scope?: 'header' | 'body';
-}
-interface IntentRoute {
-    action: string;
-    methodName: string | symbol;
-    absolute?: boolean;
-    frame?: boolean;
-    kind?: IntentKind;
-    chain?: boolean | ChainOptions;
-    bodyProfile?: 'TLV_MAP' | 'RAW' | 'TLV_OBJ' | 'TLV_ARR';
-    tlv?: IntentTlvField[];
-    dto?: Function;
-}
-interface IntentOptions {
-    kind?: IntentKind;
-    absolute?: boolean;
-    frame?: boolean;
-    chain?: boolean | ChainOptions;
-    bodyProfile?: 'TLV_MAP' | 'RAW' | 'TLV_OBJ' | 'TLV_ARR';
-    tlv?: IntentTlvField[];
-    dto?: Function;
-}
-declare function Intent(action: string, options?: IntentOptions): MethodDecorator;
-
-declare const INTENT_BODY_KEY = "axis:intent:body";
-declare function IntentBody(decoder: (buf: Buffer) => any): MethodDecorator;
-
-declare const INTENT_SENSORS_KEY = "axis:intent:sensors";
-declare function IntentSensors(sensors: Function[]): MethodDecorator;
-
-declare const OBSERVER_METADATA_KEY = "axis:observer";
-declare const OBSERVER_BINDINGS_KEY = "axis:observer:bindings";
-type AxisObserverRef = string | Function;
-interface AxisObserverDefinition {
-    name?: string;
-    tags?: string[];
-    events?: AxisObserverEvent[];
-    intents?: string[];
-    handlers?: string[];
-}
-interface AxisObserverBinding {
-    refs: AxisObserverRef[];
-    tags?: string[];
-    events?: AxisObserverEvent[];
-}
-interface AxisObserverBindingOptions {
-    use: AxisObserverRef | AxisObserverRef[];
-    tags?: string[];
-    events?: AxisObserverEvent[];
-}
-declare function Observer(input?: AxisObserverDefinition | AxisObserverBindingOptions | AxisObserverRef | AxisObserverRef[]): ClassDecorator & MethodDecorator;
-
-declare const HANDLER_SENSORS_KEY = "axis:handler:sensors";
-declare function HandlerSensors(sensors: Function[]): ClassDecorator;
-
-declare const SENSOR_METADATA_KEY = "axis:sensor";
-type SensorPhase = 'PRE_DECODE' | 'POST_DECODE';
-interface SensorOptions {
-    phase?: SensorPhase;
-}
-declare function Sensor(options?: SensorOptions): ClassDecorator;
-
-declare const TLV_FIELDS_KEY = "axis:tlv:fields";
-declare const TLV_VALIDATORS_KEY = "axis:tlv:validators";
-type TlvFieldKind = 'utf8' | 'u64' | 'bytes' | 'bytes16' | 'bool' | 'obj' | 'arr';
-interface TlvFieldOptions {
-    kind: TlvFieldKind;
-    required?: boolean;
-    maxLen?: number;
-    max?: string;
-    scope?: 'header' | 'body';
-}
-interface TlvFieldMeta {
-    property: string;
-    tag: number;
-    options: TlvFieldOptions;
-}
-type TlvValidatorFn = (value: Uint8Array, property: string) => string | null | undefined;
-interface TlvValidatorMeta {
-    property: string;
-    tag: number;
-    validators: TlvValidatorFn[];
-}
-declare function TlvField(tag: number, options: TlvFieldOptions): PropertyDecorator;
-declare function TlvValidate(validator: TlvValidatorFn): PropertyDecorator;
-declare function TlvUtf8Pattern(pattern: RegExp, message?: string): PropertyDecorator;
-declare function TlvMinLen(min: number, message?: string): PropertyDecorator;
-declare function TlvEnum(allowed: string[], message?: string): PropertyDecorator;
-declare function TlvRange(min: bigint, max: bigint, message?: string): PropertyDecorator;
-
-interface DtoSchema {
-    fields: IntentTlvField[];
-    validators: Map<number, TlvValidatorFn[]>;
-}
-declare function extractDtoSchema(dto: Function): DtoSchema;
-declare function buildDtoDecoder(dto: Function): (bodyBytes: Buffer) => Record<string, any>;
-
-declare abstract class AxisTlvDto {
-}
-
-declare class AxisIdDto extends AxisTlvDto {
-    id: string;
-}
-
-declare function AxisPartialType<T extends new (...args: any[]) => AxisTlvDto>(BaseDto: T): new (...args: any[]) => Partial<InstanceType<T>> & AxisTlvDto;
-
-declare const RESPONSE_TAG_ID = 1;
-declare const RESPONSE_TAG_CREATED_AT = 2;
-declare const RESPONSE_TAG_UPDATED_AT = 3;
-declare const RESPONSE_TAG_CREATED_BY = 4;
-declare const RESPONSE_TAG_UPDATED_BY = 5;
-declare abstract class AxisResponseDto extends AxisTlvDto {
-    id?: string;
-    created_at?: bigint;
-    updated_at?: bigint;
-    created_by?: string;
-    updated_by?: string;
+interface ExecutionContract {
+    maxDbWrites: number;
+    maxDbReads?: number;
+    maxExternalCalls: number;
+    maxTimeMs: number;
+    allowedEffects: string[];
+    maxMemoryMb?: number;
 }
+declare const DEFAULT_CONTRACTS: Record<string, ExecutionContract>;
+declare const FALLBACK_CONTRACT: ExecutionContract;
 
-declare const CCE_PROTOCOL_VERSION: "cce-v1";
-declare const CCE_DERIVATION: {
-    readonly REQUEST: "axis:cce:req:v1";
-    readonly RESPONSE: "axis:cce:resp:v1";
-    readonly WITNESS: "axis:cce:witness:v1";
-};
-type CceAlgorithm = "AES-256-GCM";
-type CceKemAlgorithm = "X25519" | "RSA-OAEP-256";
-type CceKdfAlgorithm = "HKDF-SHA256";
-declare const CCE_AES_KEY_BYTES = 32;
-declare const CCE_IV_BYTES = 12;
-declare const CCE_TAG_BYTES = 16;
-declare const CCE_NONCE_BYTES = 32;
-interface CceCapsuleClaims {
-    capsule_id: string;
-    ver: typeof CCE_PROTOCOL_VERSION;
-    sub: string;
-    kid: string;
-    intent: string;
-    aud: string;
-    tps_from: number;
-    tps_to: number;
-    capsule_nonce: string;
-    challenge_id: string;
-    proof_hash?: string;
-    policy_hash?: string;
-    iat: number;
-    exp: number;
-    mode: "SINGLE_USE" | "SESSION";
-    scope?: string[];
-    constraints?: CceConstraints;
-    issuer_sig: CceSignature;
-}
-interface CceConstraints {
-    max_payload_bytes?: number;
-    ip_allow?: string[];
-    device_allow?: string[];
-    country_allow?: string[];
-}
-interface CceSignature {
-    alg: "EdDSA" | "ES256";
-    kid: string;
-    value: string;
-}
-interface CceRequestEnvelope {
-    ver: typeof CCE_PROTOCOL_VERSION;
-    request_id: string;
-    correlation_id: string;
-    client_kid: string;
-    capsule: CceCapsuleClaims;
-    encrypted_key: CceEncryptedKey;
-    encrypted_payload: CceEncryptedPayload;
-    request_nonce: string;
-    client_sig: CceSignature;
-    content_type: string;
-    algorithms: CceAlgorithmDescriptor;
-    aad_descriptor?: string;
-}
-interface CceEncryptedKey {
-    alg: CceKemAlgorithm;
-    axis_kid: string;
-    ciphertext: string;
-    ephemeral_pk?: string;
-}
-interface CceEncryptedPayload {
-    alg: CceAlgorithm;
-    iv: string;
-    ciphertext: string;
-    tag: string;
-}
-interface CceAlgorithmDescriptor {
-    kem: CceKemAlgorithm;
-    enc: CceAlgorithm;
-    kdf: CceKdfAlgorithm;
-    sig: "EdDSA" | "ES256";
-}
-interface CceResponseEnvelope {
-    ver: typeof CCE_PROTOCOL_VERSION;
-    response_id: string;
-    request_id: string;
-    correlation_id: string;
-    capsule_id: string;
-    encrypted_key: CceEncryptedKey;
-    encrypted_payload: CceEncryptedPayload;
-    response_nonce: string;
-    axis_sig: CceSignature;
-    witness_ref?: string;
-    algorithms: CceAlgorithmDescriptor;
-    status: CceResponseStatus;
-}
-type CceResponseStatus = "SUCCESS" | "DENIED" | "PARTIAL" | "FAILED" | "ERROR";
-interface CceExecutionContext {
-    execution_key_hash: string;
-    request_id: string;
-    capsule_id: string;
-    sub: string;
-    kid: string;
-    intent: string;
-    aud: string;
-    tps_from: number;
-    tps_to: number;
-    policy_hash?: string;
-    derived_at: number;
-    valid: boolean;
-}
-interface CceWitnessRecord {
-    witness_id: string;
-    request_id: string;
-    capsule_id: string;
-    sub: string;
-    intent: string;
-    aud: string;
-    tps_from: number;
-    tps_to: number;
-    timestamp: number;
-    verification: {
-        client_sig: boolean;
-        capsule_sig: boolean;
-        tps_valid: boolean;
-        audience_match: boolean;
-        intent_match: boolean;
-        replay_clean: boolean;
-        nonce_unique: boolean;
-        decryption_ok: boolean;
-    };
-    execution: {
-        status: CceResponseStatus;
-        handler_duration_ms: number;
-        effect?: string;
-    };
-    response_encrypted: boolean;
-    execution_context_hash: string;
-    request_payload_hash?: string;
-    response_payload_hash?: string;
-}
-declare const CCE_ERROR: {
-    readonly INVALID_ENVELOPE: "CCE_INVALID_ENVELOPE";
-    readonly UNSUPPORTED_VERSION: "CCE_UNSUPPORTED_VERSION";
-    readonly MISSING_CAPSULE: "CCE_MISSING_CAPSULE";
-    readonly MISSING_ENCRYPTED_KEY: "CCE_MISSING_ENCRYPTED_KEY";
-    readonly CLIENT_SIG_INVALID: "CCE_CLIENT_SIG_INVALID";
-    readonly CLIENT_KEY_NOT_FOUND: "CCE_CLIENT_KEY_NOT_FOUND";
-    readonly CAPSULE_SIG_INVALID: "CCE_CAPSULE_SIG_INVALID";
-    readonly CAPSULE_EXPIRED: "CCE_CAPSULE_EXPIRED";
-    readonly CAPSULE_NOT_YET_VALID: "CCE_CAPSULE_NOT_YET_VALID";
-    readonly CAPSULE_REVOKED: "CCE_CAPSULE_REVOKED";
-    readonly CAPSULE_CONSUMED: "CCE_CAPSULE_CONSUMED";
-    readonly AUDIENCE_MISMATCH: "CCE_AUDIENCE_MISMATCH";
-    readonly INTENT_MISMATCH: "CCE_INTENT_MISMATCH";
-    readonly TPS_WINDOW_EXPIRED: "CCE_TPS_WINDOW_EXPIRED";
-    readonly TPS_WINDOW_FUTURE: "CCE_TPS_WINDOW_FUTURE";
-    readonly REPLAY_DETECTED: "CCE_REPLAY_DETECTED";
-    readonly NONCE_REUSED: "CCE_NONCE_REUSED";
-    readonly DECRYPTION_FAILED: "CCE_DECRYPTION_FAILED";
-    readonly KEY_UNWRAP_FAILED: "CCE_KEY_UNWRAP_FAILED";
-    readonly AEAD_TAG_MISMATCH: "CCE_AEAD_TAG_MISMATCH";
-    readonly PAYLOAD_TOO_LARGE: "CCE_PAYLOAD_TOO_LARGE";
-    readonly PAYLOAD_SCHEMA_INVALID: "CCE_PAYLOAD_SCHEMA_INVALID";
-    readonly INTENT_SCHEMA_MISMATCH: "CCE_INTENT_SCHEMA_MISMATCH";
-    readonly POLICY_DENIED: "CCE_POLICY_DENIED";
-    readonly CONSTRAINT_VIOLATED: "CCE_CONSTRAINT_VIOLATED";
-    readonly HANDLER_NOT_FOUND: "CCE_HANDLER_NOT_FOUND";
-    readonly HANDLER_EXECUTION_FAILED: "CCE_HANDLER_EXECUTION_FAILED";
-    readonly HANDLER_TIMEOUT: "CCE_HANDLER_TIMEOUT";
-    readonly RESPONSE_ENCRYPTION_FAILED: "CCE_RESPONSE_ENCRYPTION_FAILED";
-};
-type CceErrorCode = (typeof CCE_ERROR)[keyof typeof CCE_ERROR];
-declare class CceError extends Error {
-    readonly code: CceErrorCode;
-    readonly metadata?: Record<string, unknown> | undefined;
-    constructor(code: CceErrorCode, message: string, metadata?: Record<string, unknown> | undefined);
-    get clientSafe(): boolean;
-    toClientError(): {
-        code: CceErrorCode;
-        message: string;
-    };
-}
-
-interface CceClientKeyEncryptor {
-    wrapKey(aesKey: Uint8Array, clientKid: string, clientPublicKeyHex: string): Promise<CceEncryptedKey>;
-}
-interface CceAxisSigner {
-    sign(payload: Uint8Array): Promise<CceSignature>;
-}
-interface CceResponseOptions {
-    request: CceRequestEnvelope;
-    capsule: CceCapsuleClaims;
-    status: CceResponseStatus;
-    body: Uint8Array;
-    clientPublicKeyHex: string;
-    witnessRef?: string;
-}
-declare function buildCceResponse(options: CceResponseOptions, clientKeyEncryptor: CceClientKeyEncryptor, axisSigner: CceAxisSigner): Promise<{
-    envelope: CceResponseEnvelope;
-    responsePayloadHash: string;
-}>;
-declare function buildCceErrorResponse(requestId: string, correlationId: string, status: CceResponseStatus, errorCode: string, message: string): {
-    ver: string;
-    request_id: string;
-    correlation_id: string;
-    status: CceResponseStatus;
-    error: {
-        code: string;
-        message: string;
-    };
-};
-
-interface CceWitnessStore {
-    record(witness: CceWitnessRecord): Promise<void>;
-}
-declare class InMemoryCceWitnessStore implements CceWitnessStore {
-    readonly records: CceWitnessRecord[];
-    record(witness: CceWitnessRecord): Promise<void>;
-    getByRequestId(requestId: string): CceWitnessRecord | undefined;
-    getByCapsuleId(capsuleId: string): CceWitnessRecord[];
-}
-interface CceVerificationState {
-    clientSigVerified: boolean;
-    capsuleSigVerified: boolean;
-    tpsValid: boolean;
-    audienceMatch: boolean;
-    intentMatch: boolean;
-    replayClean: boolean;
-    nonceUnique: boolean;
-    decryptionOk: boolean;
-}
-declare function buildWitnessRecord(envelope: CceRequestEnvelope, capsule: CceCapsuleClaims, verification: CceVerificationState, execution: {
-    status: CceResponseStatus;
-    handlerDurationMs: number;
-    effect?: string;
-}, options: {
-    axisLocalSecret: string;
-    requestPayload?: Uint8Array;
-    responsePayload?: Uint8Array;
-    responseEncrypted: boolean;
-}): CceWitnessRecord;
-declare function extractVerificationState(metadata: Record<string, any>): CceVerificationState;
-
-type AxisAlg$1 = 'EdDSA' | 'ES256' | 'RS256';
-type CapsuleStatus = 'ACTIVE' | 'CONSUMED' | 'REVOKED' | 'EXPIRED';
-type CapsuleMode = 'SINGLE_USE' | 'MULTI_USE';
-type KeyStatus = 'ACTIVE' | 'GRACE' | 'REVOKED' | 'RETIRED';
-interface AxisSig$1 {
-    alg: AxisAlg$1;
-    kid: string;
-    value: string;
-}
-interface AxisPacket$1<T = any> {
-    v: 1;
-    pid: string;
-    nonce: string;
-    ts: number;
-    actorId: string;
-    opcode: string;
-    body: T;
-    sig: AxisSig$1;
-}
-interface AxisCapsuleConstraints {
-    maxAmount?: number;
-    maxCount?: number;
-    ttlSeconds?: number;
-    ipCidrAllow?: string[];
-    countryAllow?: string[];
-    deviceIdAllow?: string[];
-    sessionIdLock?: string;
-    nonceRequired?: boolean;
-}
-interface TickWindow {
-    start: number;
-    end: number;
-}
-interface AxisCapsulePayload {
-    v: 1;
-    capsuleId: string;
-    actorId: string;
-    issuer: string;
-    audience: string;
-    subject?: string;
-    intent: string;
-    scopes: string[];
-    actions?: string[];
-    iat: number;
-    nbf?: number;
-    exp: number;
-    tickWindow?: TickWindow;
-    mode: CapsuleMode;
-    maxUses: number;
-    nonceSeed?: string;
-    policyRefs?: string[];
-    riskScore?: number;
-    constraints?: AxisCapsuleConstraints;
-    meta?: Record<string, unknown>;
-}
-interface AxisCapsule {
-    payload: AxisCapsulePayload;
-    sig: AxisSig$1;
-}
-interface CapsuleIssueBody {
-    intent: string;
-    audience: string;
-    scopes: string[];
-    subject?: string;
-    mode: CapsuleMode;
-    maxUses?: number;
-    expSeconds?: number;
-    constraints?: AxisCapsuleConstraints;
-    hints?: {
-        ip?: string;
-        ua?: string;
-        deviceId?: string;
-        geo?: string;
-    };
-}
-interface CapsuleBatchBody extends Omit<CapsuleIssueBody, 'mode' | 'maxUses'> {
-    count: number;
-    mode: 'SINGLE_USE';
-}
-interface IntentExecBody {
-    intent: string;
-    capsule: AxisCapsule;
-    execNonce?: string;
-    args: Record<string, any>;
-}
-interface CapsuleRevokeBody {
-    capsuleId: string;
-    reason: string;
-}
-interface AxisResponse$1<T = any> {
-    ok: boolean;
-    pid: string;
-    decisionId: string;
-    code: string;
-    message?: string;
-    data?: T;
-    meta?: Record<string, unknown>;
-}
-interface CapsuleIssueResult {
-    capsule: AxisCapsule;
-}
-interface CapsuleBatchResult {
-    capsules: AxisCapsule[];
-}
-interface ActorKeyRecord {
-    id: Buffer;
-    actor_id: string;
-    key_id: string;
-    algorithm: string;
-    public_key: Buffer;
-    purpose: string;
-    status: KeyStatus;
-    is_primary: boolean;
-    not_before: Date | null;
-    expires_at: Date | null;
-    rotated_from_key_id: string | null;
-    revoked_at: Date | null;
-    revocation_reason: string | null;
-    metadata: any;
-    created_at: Date;
-    updated_at: Date;
-}
-interface IssuerKeyRecord {
-    id: Buffer;
-    kid: string;
-    issuer_id: string;
-    alg: string;
-    public_key_pem: string;
-    status: KeyStatus;
-    not_before: Date | null;
-    not_after: Date | null;
-    fingerprint: string | null;
-    metadata: any;
-    created_at: Date;
-    updated_at: Date;
-}
-interface CapsuleRecord {
-    id: Buffer;
-    capsule_id: string;
-    actor_id: string;
-    intent: string;
-    audience: string;
-    issuer: string;
-    subject: string | null;
-    status: CapsuleStatus;
-    mode: CapsuleMode;
-    max_uses: number;
-    used_count: number;
-    iat: Date;
-    nbf: Date | null;
-    exp: Date;
-    scopes_json: any;
-    constraints_json: any;
-    policy_refs_json: any;
-    risk_score: number | null;
-    payload_hash: Buffer;
-    sig_alg: string;
-    sig_kid: string;
-    sig_value: Buffer;
-    created_at: Date;
-    updated_at: Date;
-    last_used_at: Date | null;
-}
-
-type AxisAlg = Extract<AxisAlg$1, 'EdDSA'>;
-type AxisSig = AxisSig$1 & {
-    alg: AxisAlg;
-};
-interface AxisFrame$1<T = any> {
-    v: 1;
-    pid: string;
-    nonce: string;
-    ts: number;
-    actorId: string;
-    aud?: string;
-    opcode: string;
-    headers: Map<number, Uint8Array>;
-    body: T;
-    sig: AxisSig;
-}
-type AxisResponse<T = any> = AxisResponse$1<T> & {
-    policyRefs?: string[];
-    riskScore?: number;
-};
-interface AxisObservedContext {
-    ip?: string;
-    ua?: string;
-    geo?: string;
-}
-interface AxisRequestContext {
-    observed: AxisObservedContext;
-    actorKeyKid?: string;
-    issuerKeyKid?: string;
-    decisionId: string;
-    actorId: string;
-    aud?: string;
-    opcode: string;
-    deviceId?: string;
-    sessionId?: string;
-}
-
-interface SensorPhaseMetadata {
-    phase: 'PRE_DECODE' | 'POST_DECODE';
-    dependencies?: string[];
-    asyncOk?: boolean;
-    cryptoOk?: boolean;
-    description?: string;
-}
-interface AxisSensor {
-    readonly name: string;
-    readonly order?: number;
-    phase?: SensorPhaseMetadata | 'PRE_DECODE' | 'POST_DECODE';
-    supports?(input: SensorInput): boolean;
-    run(input: SensorInput): Promise<SensorDecision>;
-}
-interface AxisSensorInit extends AxisSensor {
-    onModuleInit?(): void | Promise<void>;
-}
-interface AxisPreSensor extends AxisSensor {
-    phase: 'PRE_DECODE';
-}
-interface AxisPostSensor extends AxisSensor {
-    phase: 'POST_DECODE';
-}
-interface SensorInput {
-    rawBytes?: Buffer | Uint8Array;
-    intent?: string;
-    ip?: string;
-    path?: string;
-    contentLength?: number;
-    peek?: Uint8Array;
-    country?: string;
-    clientId?: string;
-    isWs?: boolean;
-    metadata?: Record<string, any>;
-    actorId?: string;
-    opcode?: string;
-    aud?: string;
-    observed?: AxisObservedContext;
-    frameBody?: any;
-    deviceId?: string;
-    sessionId?: string;
-    packet?: Record<string, any>;
-    [key: string]: any;
-}
-declare enum Decision {
-    ALLOW = "ALLOW",
-    DENY = "DENY",
-    THROTTLE = "THROTTLE",
-    FLAG = "FLAG"
-}
-type SensorDecision = {
-    decision?: Decision;
-    allow: boolean;
-    riskScore: number;
-    reasons: string[];
-    code?: string;
-    retryAfterMs?: number;
-    scoreDelta?: number;
-    tags?: Record<string, any>;
-    meta?: any;
-    tighten?: {
-        expSecondsMax?: number;
-        constraintsPatch?: Record<string, any>;
-    };
-} | {
-    action: 'ALLOW';
-    meta?: any;
-} | {
-    action: 'DENY';
-    code: string;
-    reason?: string;
-    retryAfterMs?: number;
-    meta?: any;
-} | {
-    action: 'THROTTLE';
-    retryAfterMs: number;
-    meta?: any;
-} | {
-    action: 'FLAG';
-    scoreDelta: number;
-    reasons: string[];
-    meta?: any;
-};
-type SensorMinifiedDecision = {
-    allow: boolean;
-    riskScore: number;
-    reasons: string[];
-    tags?: Record<string, any>;
-    meta?: any;
-    tighten?: {
-        expSecondsMax?: number;
-        constraintsPatch?: Record<string, any>;
-    };
-    retryAfterMs?: number;
-};
-declare function normalizeSensorDecision(sensorDecision: SensorDecision): SensorMinifiedDecision;
-declare const SensorDecisions: {
-    allow(meta?: any, tags?: Record<string, any>): SensorDecision;
-    deny(code: string, reason?: string, meta?: any): SensorDecision;
-    throttle(retryAfterMs: number, meta?: any): SensorDecision;
-    flag(scoreDelta: number, reasons: string[], meta?: any): SensorDecision;
-};
-
-type CceHandler = (payload: Uint8Array, context: CceHandlerContext) => Promise<CceHandlerResult>;
-interface CceHandlerContext {
-    capsule: CceCapsuleClaims;
-    executionContext: CceExecutionContext;
-    envelope: CceRequestEnvelope;
-    clientPublicKeyHex: string;
-    intent: string;
-    sub: string;
-}
-interface CceHandlerResult {
-    status: CceResponseStatus;
-    body: Uint8Array;
-    effect?: string;
-}
-interface CcePolicyContext {
-    envelope: CceRequestEnvelope;
-    capsule: CceCapsuleClaims;
-    executionContext: CceExecutionContext;
-    decryptedPayload: Uint8Array;
-    clientPublicKeyHex: string;
-}
-interface CcePolicyDecision {
-    allow: boolean;
-    code?: string;
-    message?: string;
-}
-interface CcePolicyEvaluator {
-    evaluate(context: CcePolicyContext): Promise<CcePolicyDecision>;
-}
-interface CcePipelineConfig {
-    axisLocalSecret: string;
-    axisAudience: string;
-    sensors: AxisSensor[];
-    handlers: Map<string, CceHandler>;
-    witnessStore: CceWitnessStore;
-    clientKeyEncryptor: CceClientKeyEncryptor;
-    axisSigner: CceAxisSigner;
-    policyEvaluator?: CcePolicyEvaluator;
-}
-type CcePipelineResult = {
-    ok: true;
-    response: CceResponseEnvelope;
-    witnessId: string;
-} | {
-    ok: false;
-    error: {
-        code: string;
-        message: string;
-    };
-    status: CceResponseStatus;
-};
-declare function executeCcePipeline(envelope: CceRequestEnvelope, config: CcePipelineConfig): Promise<CcePipelineResult>;
-
-interface ExecutionContract {
-    maxDbWrites: number;
-    maxDbReads?: number;
-    maxExternalCalls: number;
-    maxTimeMs: number;
-    allowedEffects: string[];
-    maxMemoryMb?: number;
-}
-declare const DEFAULT_CONTRACTS: Record<string, ExecutionContract>;
-declare const FALLBACK_CONTRACT: ExecutionContract;
-
-declare const SensorDecisionZ: z.ZodUnion<readonly [z.ZodObject<{
-    action: z.ZodLiteral<"ALLOW">;
-    meta: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>, z.ZodObject<{
-    action: z.ZodLiteral<"DENY">;
-    code: z.ZodString;
-    reason: z.ZodOptional<z.ZodString>;
-    meta: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>]>;
-declare const SensorDecisionWithMetadataZ: z.ZodUnion<readonly [z.ZodObject<{
-    action: z.ZodLiteral<"ALLOW">;
-    meta: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>, z.ZodObject<{
-    action: z.ZodLiteral<"DENY">;
-    code: z.ZodString;
-    reason: z.ZodOptional<z.ZodString>;
-    retryAfterMs: z.ZodOptional<z.ZodNumber>;
-    meta: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>]>;
-declare const CountryBlockSensorInputZ: z.ZodObject<{
-    ip: z.ZodString;
-    country: z.ZodOptional<z.ZodString>;
-}, z.z.core.$strip>;
-type CountryBlockSensorInput = z.infer<typeof CountryBlockSensorInputZ>;
-declare const CountryBlockDecisionZ: z.ZodUnion<readonly [z.ZodObject<{
-    action: z.ZodLiteral<"ALLOW">;
-    meta: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>, z.ZodObject<{
-    action: z.ZodLiteral<"DENY">;
-    code: z.ZodString;
-    reason: z.ZodOptional<z.ZodString>;
-    meta: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>]>;
-type CountryBlockDecision = z.infer<typeof CountryBlockDecisionZ>;
-declare const ScanBurstSensorInputZ: z.ZodObject<{
-    ip: z.ZodString;
-    isFailure: z.ZodOptional<z.ZodBoolean>;
-}, z.z.core.$strip>;
-type ScanBurstSensorInput = z.infer<typeof ScanBurstSensorInputZ>;
-declare const ScanBurstDecisionZ: z.ZodUnion<readonly [z.ZodObject<{
-    action: z.ZodLiteral<"ALLOW">;
-    meta: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>, z.ZodObject<{
-    action: z.ZodLiteral<"DENY">;
-    code: z.ZodString;
-    reason: z.ZodOptional<z.ZodString>;
-    retryAfterMs: z.ZodOptional<z.ZodNumber>;
-    meta: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>]>;
-type ScanBurstDecision = z.infer<typeof ScanBurstDecisionZ>;
-declare const ProofKindZ: z.ZodEnum<{
-    NONE: "NONE";
-    CAPSULE: "CAPSULE";
-    PASSPORT: "PASSPORT";
-    MTLS: "MTLS";
-    JWT: "JWT";
+declare const SensorDecisionZ: z.ZodUnion<readonly [z.ZodObject<{
+    action: z.ZodLiteral<"ALLOW">;
+    meta: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>, z.ZodObject<{
+    action: z.ZodLiteral<"DENY">;
+    code: z.ZodString;
+    reason: z.ZodOptional<z.ZodString>;
+    meta: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>]>;
+declare const SensorDecisionWithMetadataZ: z.ZodUnion<readonly [z.ZodObject<{
+    action: z.ZodLiteral<"ALLOW">;
+    meta: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>, z.ZodObject<{
+    action: z.ZodLiteral<"DENY">;
+    code: z.ZodString;
+    reason: z.ZodOptional<z.ZodString>;
+    retryAfterMs: z.ZodOptional<z.ZodNumber>;
+    meta: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>]>;
+declare const CountryBlockSensorInputZ: z.ZodObject<{
+    ip: z.ZodString;
+    country: z.ZodOptional<z.ZodString>;
+}, z.z.core.$strip>;
+type CountryBlockSensorInput = z.infer<typeof CountryBlockSensorInputZ>;
+declare const CountryBlockDecisionZ: z.ZodUnion<readonly [z.ZodObject<{
+    action: z.ZodLiteral<"ALLOW">;
+    meta: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>, z.ZodObject<{
+    action: z.ZodLiteral<"DENY">;
+    code: z.ZodString;
+    reason: z.ZodOptional<z.ZodString>;
+    meta: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>]>;
+type CountryBlockDecision = z.infer<typeof CountryBlockDecisionZ>;
+declare const ScanBurstSensorInputZ: z.ZodObject<{
+    ip: z.ZodString;
+    isFailure: z.ZodOptional<z.ZodBoolean>;
+}, z.z.core.$strip>;
+type ScanBurstSensorInput = z.infer<typeof ScanBurstSensorInputZ>;
+declare const ScanBurstDecisionZ: z.ZodUnion<readonly [z.ZodObject<{
+    action: z.ZodLiteral<"ALLOW">;
+    meta: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>, z.ZodObject<{
+    action: z.ZodLiteral<"DENY">;
+    code: z.ZodString;
+    reason: z.ZodOptional<z.ZodString>;
+    retryAfterMs: z.ZodOptional<z.ZodNumber>;
+    meta: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>]>;
+type ScanBurstDecision = z.infer<typeof ScanBurstDecisionZ>;
+declare const ProofKindZ: z.ZodEnum<{
+    NONE: "NONE";
+    CAPSULE: "CAPSULE";
+    PASSPORT: "PASSPORT";
+    MTLS: "MTLS";
+    JWT: "JWT";
 }>;
 type ProofKind = z.infer<typeof ProofKindZ>;
 declare const AccessProfileZ: z.ZodEnum<{
@@ -1195,8 +468,8 @@ declare const SchemaFieldKindZ: z.ZodEnum<{
 }>;
 type SchemaFieldKind = z.infer<typeof SchemaFieldKindZ>;
 declare const ScopeZ: z.ZodEnum<{
-    header: "header";
     body: "body";
+    header: "header";
 }>;
 type Scope = z.infer<typeof ScopeZ>;
 declare const SchemaFieldZ: z.ZodObject<{
@@ -1215,8 +488,8 @@ declare const SchemaFieldZ: z.ZodObject<{
     maxLen: z.ZodOptional<z.ZodNumber>;
     max: z.ZodOptional<z.ZodString>;
     scope: z.ZodOptional<z.ZodEnum<{
-        header: "header";
         body: "body";
+        header: "header";
     }>>;
 }, z.z.core.$strip>;
 type SchemaField = z.infer<typeof SchemaFieldZ>;
@@ -1251,8 +524,8 @@ declare const IntentSchemaZ: z.ZodObject<{
         maxLen: z.ZodOptional<z.ZodNumber>;
         max: z.ZodOptional<z.ZodString>;
         scope: z.ZodOptional<z.ZodEnum<{
-            header: "header";
             body: "body";
+            header: "header";
         }>>;
     }, z.z.core.$strip>>;
 }, z.z.core.$strip>;
@@ -1290,117 +563,846 @@ declare const UploadStatusZ: z.ZodEnum<{
     DONE: "DONE";
     ABORTED: "ABORTED";
 }>;
-type UploadStatus = z.infer<typeof UploadStatusZ>;
-declare const UploadSessionZ: z.ZodObject<{
-    uploadIdHex: z.ZodString;
-    fileName: z.ZodString;
-    totalSize: z.ZodNumber;
-    chunkSize: z.ZodNumber;
-    totalChunks: z.ZodNumber;
-    receivedCount: z.ZodNumber;
-    status: z.ZodEnum<{
-        INIT: "INIT";
-        UPLOADING: "UPLOADING";
-        FINALIZING: "FINALIZING";
-        DONE: "DONE";
-        ABORTED: "ABORTED";
-    }>;
-}, z.z.core.$strip>;
-type UploadSession = z.infer<typeof UploadSessionZ>;
-declare const BodyBudgetInputZ: z.ZodObject<{
-    intent: z.ZodString;
-    headerLen: z.ZodNumber;
-    bodyLen: z.ZodNumber;
-}, z.z.core.$strip>;
-type BodyBudgetInput = z.infer<typeof BodyBudgetInputZ>;
-declare const BodyBudgetPolicyZ: z.ZodObject<{
-    maxHeaderBytes: z.ZodNumber;
-    maxBodyBytes: z.ZodNumber;
-}, z.z.core.$strip>;
-type BodyBudgetPolicy = z.infer<typeof BodyBudgetPolicyZ>;
-declare const ChunkHashInputZ: z.ZodObject<{
-    headerTLVs: z.ZodAny;
-    bodyBytes: z.ZodAny;
-    intent: z.ZodString;
-}, z.z.core.$strip>;
-type ChunkHashInput = z.infer<typeof ChunkHashInputZ>;
-declare enum ProofType$1 {
-    CAPSULE = 1,
-    JWT = 2,
-    MTLS_ID = 3,
-    DEVICE_SE = 4,
-    WITNESS_SIG = 5
+type UploadStatus = z.infer<typeof UploadStatusZ>;
+declare const UploadSessionZ: z.ZodObject<{
+    uploadIdHex: z.ZodString;
+    fileName: z.ZodString;
+    totalSize: z.ZodNumber;
+    chunkSize: z.ZodNumber;
+    totalChunks: z.ZodNumber;
+    receivedCount: z.ZodNumber;
+    status: z.ZodEnum<{
+        INIT: "INIT";
+        UPLOADING: "UPLOADING";
+        FINALIZING: "FINALIZING";
+        DONE: "DONE";
+        ABORTED: "ABORTED";
+    }>;
+}, z.z.core.$strip>;
+type UploadSession = z.infer<typeof UploadSessionZ>;
+declare const BodyBudgetInputZ: z.ZodObject<{
+    intent: z.ZodString;
+    headerLen: z.ZodNumber;
+    bodyLen: z.ZodNumber;
+}, z.z.core.$strip>;
+type BodyBudgetInput = z.infer<typeof BodyBudgetInputZ>;
+declare const BodyBudgetPolicyZ: z.ZodObject<{
+    maxHeaderBytes: z.ZodNumber;
+    maxBodyBytes: z.ZodNumber;
+}, z.z.core.$strip>;
+type BodyBudgetPolicy = z.infer<typeof BodyBudgetPolicyZ>;
+declare const ChunkHashInputZ: z.ZodObject<{
+    headerTLVs: z.ZodAny;
+    bodyBytes: z.ZodAny;
+    intent: z.ZodString;
+}, z.z.core.$strip>;
+type ChunkHashInput = z.infer<typeof ChunkHashInputZ>;
+declare enum ProofType$1 {
+    CAPSULE = 1,
+    JWT = 2,
+    MTLS_ID = 3,
+    DEVICE_SE = 4,
+    WITNESS_SIG = 5
+}
+declare const AxisContextZ: z.ZodObject<{
+    pid: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
+    ts: z.ZodBigInt;
+    intent: z.ZodString;
+    actorId: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
+    proofType: z.ZodEnum<typeof ProofType$1>;
+    proofRef: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
+    nonce: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
+    ip: z.ZodString;
+    nodeCertHash: z.ZodOptional<z.ZodString>;
+    capsule: z.ZodOptional<z.ZodObject<{
+        id: z.ZodString;
+        claims: z.ZodObject<{
+            capsuleId: z.ZodString;
+            allowIntents: z.ZodArray<z.ZodString>;
+            limits: z.ZodOptional<z.ZodObject<{
+                maxBodyBytes: z.ZodOptional<z.ZodNumber>;
+            }, z.z.core.$strip>>;
+            scopes: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
+        }, z.z.core.$strip>;
+        issuedAt: z.ZodNumber;
+        expiresAt: z.ZodNumber;
+        tier: z.ZodEnum<{
+            FREE: "FREE";
+            STANDARD: "STANDARD";
+            PREMIUM: "PREMIUM";
+        }>;
+    }, z.z.core.$strip>>;
+    passport: z.ZodOptional<z.ZodObject<{
+        id: z.ZodString;
+        public_key: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
+        status: z.ZodEnum<{
+            ACTIVE: "ACTIVE";
+            REVOKED: "REVOKED";
+            EXPIRED: "EXPIRED";
+            PENDING: "PENDING";
+        }>;
+        issuedAt: z.ZodNumber;
+        expiresAt: z.ZodOptional<z.ZodNumber>;
+    }, z.z.core.$strip>>;
+    meter: z.ZodOptional<z.ZodAny>;
+}, z.z.core.$strip>;
+type AxisContext$1 = z.infer<typeof AxisContextZ>;
+declare const AxisErrorZ: z.ZodObject<{
+    code: z.ZodString;
+    message: z.ZodString;
+    httpStatus: z.ZodNumber;
+}, z.z.core.$strip>;
+type AxisError = z.infer<typeof AxisErrorZ>;
+
+declare const AXIS_META_KEY = "axis:axis";
+declare const SENSITIVITY_METADATA_KEY = "axis:sensitivity";
+declare const CONTRACT_METADATA_KEY = "axis:contract";
+declare const REQUIRED_PROOF_METADATA_KEY = "axis:required_proof";
+type RequiredProofKind = ProofKind | "WITNESS";
+declare function Sensitivity(level: SensitivityLevel): ClassDecorator & MethodDecorator;
+declare function Contract(options: Partial<ExecutionContract>): ClassDecorator & MethodDecorator;
+declare function RequiredProof(proofs: [RequiredProofKind, ...RequiredProofKind[]]): ClassDecorator & MethodDecorator;
+declare function Capsule(): ClassDecorator & MethodDecorator;
+declare function Witness(): ClassDecorator & MethodDecorator;
+declare function Axis(): ClassDecorator;
+declare const AXIS_PUBLIC_KEY = "axis:public";
+declare function AxisPublic(): ClassDecorator & MethodDecorator;
+declare const AXIS_ANONYMOUS_KEY = "axis:anonymous";
+declare function AxisAnonymous(): ClassDecorator & MethodDecorator;
+declare const AXIS_RATE_LIMIT_KEY = "axis:rateLimit";
+interface AxisRateLimitConfig {
+    max: number;
+    windowSec: number;
+    key?: string;
+}
+declare function AxisRateLimit(config: AxisRateLimitConfig): MethodDecorator;
+
+declare const HANDLER_METADATA_KEY = "axis:handler";
+declare function Handler(intent?: string): ClassDecorator;
+
+declare const INTENT_METADATA_KEY = "axis:intent";
+declare const INTENT_ROUTES_KEY = "axis:intent_routes";
+type IntentKind = 'create' | 'read' | 'update' | 'delete' | 'action';
+interface IntentTlvField {
+    name: string;
+    tag: number;
+    kind: 'utf8' | 'u64' | 'bytes' | 'bytes16' | 'bool' | 'obj' | 'arr';
+    required?: boolean;
+    maxLen?: number;
+    max?: string;
+    scope?: 'header' | 'body';
+}
+interface IntentRoute {
+    action: string;
+    methodName: string | symbol;
+    absolute?: boolean;
+    frame?: boolean;
+    kind?: IntentKind;
+    chain?: boolean | ChainOptions;
+    bodyProfile?: 'TLV_MAP' | 'RAW' | 'TLV_OBJ' | 'TLV_ARR';
+    tlv?: IntentTlvField[];
+    dto?: Function;
+}
+interface IntentOptions {
+    kind?: IntentKind;
+    absolute?: boolean;
+    frame?: boolean;
+    chain?: boolean | ChainOptions;
+    bodyProfile?: 'TLV_MAP' | 'RAW' | 'TLV_OBJ' | 'TLV_ARR';
+    tlv?: IntentTlvField[];
+    dto?: Function;
+}
+declare function Intent(action: string, options?: IntentOptions): MethodDecorator;
+
+declare const INTENT_BODY_KEY = "axis:intent:body";
+declare function IntentBody(decoder: (buf: Buffer) => any): MethodDecorator;
+
+declare const INTENT_SENSORS_KEY = "axis:intent:sensors";
+declare function IntentSensors(sensors: Function[]): MethodDecorator;
+
+declare const OBSERVER_METADATA_KEY = "axis:observer";
+declare const OBSERVER_BINDINGS_KEY = "axis:observer:bindings";
+type AxisObserverRef = string | Function;
+interface AxisObserverDefinition {
+    name?: string;
+    tags?: string[];
+    events?: AxisObserverEvent[];
+    intents?: string[];
+    handlers?: string[];
+}
+interface AxisObserverBinding {
+    refs: AxisObserverRef[];
+    tags?: string[];
+    events?: AxisObserverEvent[];
+}
+interface AxisObserverBindingOptions {
+    use: AxisObserverRef | AxisObserverRef[];
+    tags?: string[];
+    events?: AxisObserverEvent[];
+}
+declare function Observer(input?: AxisObserverDefinition | AxisObserverBindingOptions | AxisObserverRef | AxisObserverRef[]): ClassDecorator & MethodDecorator;
+
+declare const HANDLER_SENSORS_KEY = "axis:handler:sensors";
+declare function HandlerSensors(sensors: Function[]): ClassDecorator;
+
+declare const SENSOR_METADATA_KEY = "axis:sensor";
+type SensorPhase = 'PRE_DECODE' | 'POST_DECODE';
+interface SensorOptions {
+    phase?: SensorPhase;
+}
+declare function Sensor(options?: SensorOptions): ClassDecorator;
+
+declare const TLV_FIELDS_KEY = "axis:tlv:fields";
+declare const TLV_VALIDATORS_KEY = "axis:tlv:validators";
+type TlvFieldKind = 'utf8' | 'u64' | 'bytes' | 'bytes16' | 'bool' | 'obj' | 'arr';
+interface TlvFieldOptions {
+    kind: TlvFieldKind;
+    required?: boolean;
+    maxLen?: number;
+    max?: string;
+    scope?: 'header' | 'body';
+}
+interface TlvFieldMeta {
+    property: string;
+    tag: number;
+    options: TlvFieldOptions;
+}
+type TlvValidatorFn = (value: Uint8Array, property: string) => string | null | undefined;
+interface TlvValidatorMeta {
+    property: string;
+    tag: number;
+    validators: TlvValidatorFn[];
+}
+declare function TlvField(tag: number, options: TlvFieldOptions): PropertyDecorator;
+declare function TlvValidate(validator: TlvValidatorFn): PropertyDecorator;
+declare function TlvUtf8Pattern(pattern: RegExp, message?: string): PropertyDecorator;
+declare function TlvMinLen(min: number, message?: string): PropertyDecorator;
+declare function TlvEnum(allowed: string[], message?: string): PropertyDecorator;
+declare function TlvRange(min: bigint, max: bigint, message?: string): PropertyDecorator;
+
+interface DtoSchema {
+    fields: IntentTlvField[];
+    validators: Map<number, TlvValidatorFn[]>;
+}
+declare function extractDtoSchema(dto: Function): DtoSchema;
+declare function buildDtoDecoder(dto: Function): (bodyBytes: Buffer) => Record<string, any>;
+
+declare abstract class AxisTlvDto {
+}
+
+declare class AxisIdDto extends AxisTlvDto {
+    id: string;
+}
+
+declare function AxisPartialType<T extends new (...args: any[]) => AxisTlvDto>(BaseDto: T): new (...args: any[]) => Partial<InstanceType<T>> & AxisTlvDto;
+
+declare const RESPONSE_TAG_ID = 1;
+declare const RESPONSE_TAG_CREATED_AT = 2;
+declare const RESPONSE_TAG_UPDATED_AT = 3;
+declare const RESPONSE_TAG_CREATED_BY = 4;
+declare const RESPONSE_TAG_UPDATED_BY = 5;
+declare abstract class AxisResponseDto extends AxisTlvDto {
+    id?: string;
+    created_at?: bigint;
+    updated_at?: bigint;
+    created_by?: string;
+    updated_by?: string;
+}
+
+declare const CCE_PROTOCOL_VERSION: "cce-v1";
+declare const CCE_DERIVATION: {
+    readonly REQUEST: "axis:cce:req:v1";
+    readonly RESPONSE: "axis:cce:resp:v1";
+    readonly WITNESS: "axis:cce:witness:v1";
+};
+type CceAlgorithm = "AES-256-GCM";
+type CceKemAlgorithm = "X25519" | "RSA-OAEP-256";
+type CceKdfAlgorithm = "HKDF-SHA256";
+declare const CCE_AES_KEY_BYTES = 32;
+declare const CCE_IV_BYTES = 12;
+declare const CCE_TAG_BYTES = 16;
+declare const CCE_NONCE_BYTES = 32;
+interface CceCapsuleClaims {
+    capsule_id: string;
+    ver: typeof CCE_PROTOCOL_VERSION;
+    sub: string;
+    kid: string;
+    intent: string;
+    aud: string;
+    tps_from: number;
+    tps_to: number;
+    capsule_nonce: string;
+    challenge_id: string;
+    proof_hash?: string;
+    policy_hash?: string;
+    iat: number;
+    exp: number;
+    mode: "SINGLE_USE" | "SESSION";
+    scope?: string[];
+    constraints?: CceConstraints;
+    issuer_sig: CceSignature;
+}
+interface CceConstraints {
+    max_payload_bytes?: number;
+    ip_allow?: string[];
+    device_allow?: string[];
+    country_allow?: string[];
+}
+interface CceSignature {
+    alg: "EdDSA" | "ES256";
+    kid: string;
+    value: string;
+}
+interface CceRequestEnvelope {
+    ver: typeof CCE_PROTOCOL_VERSION;
+    request_id: string;
+    correlation_id: string;
+    client_kid: string;
+    capsule: CceCapsuleClaims;
+    encrypted_key: CceEncryptedKey;
+    encrypted_payload: CceEncryptedPayload;
+    request_nonce: string;
+    client_sig: CceSignature;
+    content_type: string;
+    algorithms: CceAlgorithmDescriptor;
+    aad_descriptor?: string;
+}
+interface CceEncryptedKey {
+    alg: CceKemAlgorithm;
+    axis_kid: string;
+    ciphertext: string;
+    ephemeral_pk?: string;
+}
+interface CceEncryptedPayload {
+    alg: CceAlgorithm;
+    iv: string;
+    ciphertext: string;
+    tag: string;
+}
+interface CceAlgorithmDescriptor {
+    kem: CceKemAlgorithm;
+    enc: CceAlgorithm;
+    kdf: CceKdfAlgorithm;
+    sig: "EdDSA" | "ES256";
+}
+interface CceResponseEnvelope {
+    ver: typeof CCE_PROTOCOL_VERSION;
+    response_id: string;
+    request_id: string;
+    correlation_id: string;
+    capsule_id: string;
+    encrypted_key: CceEncryptedKey;
+    encrypted_payload: CceEncryptedPayload;
+    response_nonce: string;
+    axis_sig: CceSignature;
+    witness_ref?: string;
+    algorithms: CceAlgorithmDescriptor;
+    status: CceResponseStatus;
+}
+type CceResponseStatus = "SUCCESS" | "DENIED" | "PARTIAL" | "FAILED" | "ERROR";
+interface CceExecutionContext {
+    execution_key_hash: string;
+    request_id: string;
+    capsule_id: string;
+    sub: string;
+    kid: string;
+    intent: string;
+    aud: string;
+    tps_from: number;
+    tps_to: number;
+    policy_hash?: string;
+    derived_at: number;
+    valid: boolean;
+}
+interface CceWitnessRecord {
+    witness_id: string;
+    request_id: string;
+    capsule_id: string;
+    sub: string;
+    intent: string;
+    aud: string;
+    tps_from: number;
+    tps_to: number;
+    timestamp: number;
+    verification: {
+        client_sig: boolean;
+        capsule_sig: boolean;
+        tps_valid: boolean;
+        audience_match: boolean;
+        intent_match: boolean;
+        replay_clean: boolean;
+        nonce_unique: boolean;
+        decryption_ok: boolean;
+    };
+    execution: {
+        status: CceResponseStatus;
+        handler_duration_ms: number;
+        effect?: string;
+    };
+    response_encrypted: boolean;
+    execution_context_hash: string;
+    request_payload_hash?: string;
+    response_payload_hash?: string;
+}
+declare const CCE_ERROR: {
+    readonly INVALID_ENVELOPE: "CCE_INVALID_ENVELOPE";
+    readonly UNSUPPORTED_VERSION: "CCE_UNSUPPORTED_VERSION";
+    readonly MISSING_CAPSULE: "CCE_MISSING_CAPSULE";
+    readonly MISSING_ENCRYPTED_KEY: "CCE_MISSING_ENCRYPTED_KEY";
+    readonly CLIENT_SIG_INVALID: "CCE_CLIENT_SIG_INVALID";
+    readonly CLIENT_KEY_NOT_FOUND: "CCE_CLIENT_KEY_NOT_FOUND";
+    readonly CAPSULE_SIG_INVALID: "CCE_CAPSULE_SIG_INVALID";
+    readonly CAPSULE_EXPIRED: "CCE_CAPSULE_EXPIRED";
+    readonly CAPSULE_NOT_YET_VALID: "CCE_CAPSULE_NOT_YET_VALID";
+    readonly CAPSULE_REVOKED: "CCE_CAPSULE_REVOKED";
+    readonly CAPSULE_CONSUMED: "CCE_CAPSULE_CONSUMED";
+    readonly AUDIENCE_MISMATCH: "CCE_AUDIENCE_MISMATCH";
+    readonly INTENT_MISMATCH: "CCE_INTENT_MISMATCH";
+    readonly TPS_WINDOW_EXPIRED: "CCE_TPS_WINDOW_EXPIRED";
+    readonly TPS_WINDOW_FUTURE: "CCE_TPS_WINDOW_FUTURE";
+    readonly REPLAY_DETECTED: "CCE_REPLAY_DETECTED";
+    readonly NONCE_REUSED: "CCE_NONCE_REUSED";
+    readonly DECRYPTION_FAILED: "CCE_DECRYPTION_FAILED";
+    readonly KEY_UNWRAP_FAILED: "CCE_KEY_UNWRAP_FAILED";
+    readonly AEAD_TAG_MISMATCH: "CCE_AEAD_TAG_MISMATCH";
+    readonly PAYLOAD_TOO_LARGE: "CCE_PAYLOAD_TOO_LARGE";
+    readonly PAYLOAD_SCHEMA_INVALID: "CCE_PAYLOAD_SCHEMA_INVALID";
+    readonly INTENT_SCHEMA_MISMATCH: "CCE_INTENT_SCHEMA_MISMATCH";
+    readonly POLICY_DENIED: "CCE_POLICY_DENIED";
+    readonly CONSTRAINT_VIOLATED: "CCE_CONSTRAINT_VIOLATED";
+    readonly HANDLER_NOT_FOUND: "CCE_HANDLER_NOT_FOUND";
+    readonly HANDLER_EXECUTION_FAILED: "CCE_HANDLER_EXECUTION_FAILED";
+    readonly HANDLER_TIMEOUT: "CCE_HANDLER_TIMEOUT";
+    readonly RESPONSE_ENCRYPTION_FAILED: "CCE_RESPONSE_ENCRYPTION_FAILED";
+};
+type CceErrorCode = (typeof CCE_ERROR)[keyof typeof CCE_ERROR];
+declare class CceError extends Error {
+    readonly code: CceErrorCode;
+    readonly metadata?: Record<string, unknown> | undefined;
+    constructor(code: CceErrorCode, message: string, metadata?: Record<string, unknown> | undefined);
+    get clientSafe(): boolean;
+    toClientError(): {
+        code: CceErrorCode;
+        message: string;
+    };
+}
+
+interface CceClientKeyEncryptor {
+    wrapKey(aesKey: Uint8Array, clientKid: string, clientPublicKeyHex: string): Promise<CceEncryptedKey>;
+}
+interface CceAxisSigner {
+    sign(payload: Uint8Array): Promise<CceSignature>;
+}
+interface CceResponseOptions {
+    request: CceRequestEnvelope;
+    capsule: CceCapsuleClaims;
+    status: CceResponseStatus;
+    body: Uint8Array;
+    clientPublicKeyHex: string;
+    witnessRef?: string;
+}
+declare function buildCceResponse(options: CceResponseOptions, clientKeyEncryptor: CceClientKeyEncryptor, axisSigner: CceAxisSigner): Promise<{
+    envelope: CceResponseEnvelope;
+    responsePayloadHash: string;
+}>;
+declare function buildCceErrorResponse(requestId: string, correlationId: string, status: CceResponseStatus, errorCode: string, message: string): {
+    ver: string;
+    request_id: string;
+    correlation_id: string;
+    status: CceResponseStatus;
+    error: {
+        code: string;
+        message: string;
+    };
+};
+
+interface CceWitnessStore {
+    record(witness: CceWitnessRecord): Promise<void>;
+}
+declare class InMemoryCceWitnessStore implements CceWitnessStore {
+    readonly records: CceWitnessRecord[];
+    record(witness: CceWitnessRecord): Promise<void>;
+    getByRequestId(requestId: string): CceWitnessRecord | undefined;
+    getByCapsuleId(capsuleId: string): CceWitnessRecord[];
+}
+interface CceVerificationState {
+    clientSigVerified: boolean;
+    capsuleSigVerified: boolean;
+    tpsValid: boolean;
+    audienceMatch: boolean;
+    intentMatch: boolean;
+    replayClean: boolean;
+    nonceUnique: boolean;
+    decryptionOk: boolean;
+}
+declare function buildWitnessRecord(envelope: CceRequestEnvelope, capsule: CceCapsuleClaims, verification: CceVerificationState, execution: {
+    status: CceResponseStatus;
+    handlerDurationMs: number;
+    effect?: string;
+}, options: {
+    axisLocalSecret: string;
+    requestPayload?: Uint8Array;
+    responsePayload?: Uint8Array;
+    responseEncrypted: boolean;
+}): CceWitnessRecord;
+declare function extractVerificationState(metadata: Record<string, any>): CceVerificationState;
+
+type AxisAlg$1 = 'EdDSA' | 'ES256' | 'RS256';
+type CapsuleStatus = 'ACTIVE' | 'CONSUMED' | 'REVOKED' | 'EXPIRED';
+type CapsuleMode = 'SINGLE_USE' | 'MULTI_USE';
+type KeyStatus = 'ACTIVE' | 'GRACE' | 'REVOKED' | 'RETIRED';
+interface AxisSig$1 {
+    alg: AxisAlg$1;
+    kid: string;
+    value: string;
+}
+interface AxisPacket$1<T = any> {
+    v: 1;
+    pid: string;
+    nonce: string;
+    ts: number;
+    actorId: string;
+    opcode: string;
+    body: T;
+    sig: AxisSig$1;
+}
+interface AxisCapsuleConstraints {
+    maxAmount?: number;
+    maxCount?: number;
+    ttlSeconds?: number;
+    ipCidrAllow?: string[];
+    countryAllow?: string[];
+    deviceIdAllow?: string[];
+    sessionIdLock?: string;
+    nonceRequired?: boolean;
+}
+interface TickWindow {
+    start: number;
+    end: number;
+}
+interface AxisCapsulePayload {
+    v: 1;
+    capsuleId: string;
+    actorId: string;
+    issuer: string;
+    audience: string;
+    subject?: string;
+    intent: string;
+    scopes: string[];
+    actions?: string[];
+    iat: number;
+    nbf?: number;
+    exp: number;
+    tickWindow?: TickWindow;
+    mode: CapsuleMode;
+    maxUses: number;
+    nonceSeed?: string;
+    policyRefs?: string[];
+    riskScore?: number;
+    constraints?: AxisCapsuleConstraints;
+    meta?: Record<string, unknown>;
+}
+interface AxisCapsule {
+    payload: AxisCapsulePayload;
+    sig: AxisSig$1;
+}
+interface CapsuleIssueBody {
+    intent: string;
+    audience: string;
+    scopes: string[];
+    subject?: string;
+    mode: CapsuleMode;
+    maxUses?: number;
+    expSeconds?: number;
+    constraints?: AxisCapsuleConstraints;
+    hints?: {
+        ip?: string;
+        ua?: string;
+        deviceId?: string;
+        geo?: string;
+    };
+}
+interface CapsuleBatchBody extends Omit<CapsuleIssueBody, 'mode' | 'maxUses'> {
+    count: number;
+    mode: 'SINGLE_USE';
+}
+interface IntentExecBody {
+    intent: string;
+    capsule: AxisCapsule;
+    execNonce?: string;
+    args: Record<string, any>;
+}
+interface CapsuleRevokeBody {
+    capsuleId: string;
+    reason: string;
+}
+interface AxisResponse$1<T = any> {
+    ok: boolean;
+    pid: string;
+    decisionId: string;
+    code: string;
+    message?: string;
+    data?: T;
+    meta?: Record<string, unknown>;
+}
+interface CapsuleIssueResult {
+    capsule: AxisCapsule;
+}
+interface CapsuleBatchResult {
+    capsules: AxisCapsule[];
+}
+interface ActorKeyRecord {
+    id: Buffer;
+    actor_id: string;
+    key_id: string;
+    algorithm: string;
+    public_key: Buffer;
+    purpose: string;
+    status: KeyStatus;
+    is_primary: boolean;
+    not_before: Date | null;
+    expires_at: Date | null;
+    rotated_from_key_id: string | null;
+    revoked_at: Date | null;
+    revocation_reason: string | null;
+    metadata: any;
+    created_at: Date;
+    updated_at: Date;
+}
+interface IssuerKeyRecord {
+    id: Buffer;
+    kid: string;
+    issuer_id: string;
+    alg: string;
+    public_key_pem: string;
+    status: KeyStatus;
+    not_before: Date | null;
+    not_after: Date | null;
+    fingerprint: string | null;
+    metadata: any;
+    created_at: Date;
+    updated_at: Date;
+}
+interface CapsuleRecord {
+    id: Buffer;
+    capsule_id: string;
+    actor_id: string;
+    intent: string;
+    audience: string;
+    issuer: string;
+    subject: string | null;
+    status: CapsuleStatus;
+    mode: CapsuleMode;
+    max_uses: number;
+    used_count: number;
+    iat: Date;
+    nbf: Date | null;
+    exp: Date;
+    scopes_json: any;
+    constraints_json: any;
+    policy_refs_json: any;
+    risk_score: number | null;
+    payload_hash: Buffer;
+    sig_alg: string;
+    sig_kid: string;
+    sig_value: Buffer;
+    created_at: Date;
+    updated_at: Date;
+    last_used_at: Date | null;
+}
+
+type AxisAlg = Extract<AxisAlg$1, 'EdDSA'>;
+type AxisSig = AxisSig$1 & {
+    alg: AxisAlg;
+};
+interface AxisFrame$1<T = any> {
+    v: 1;
+    pid: string;
+    nonce: string;
+    ts: number;
+    actorId: string;
+    aud?: string;
+    opcode: string;
+    headers: Map<number, Uint8Array>;
+    body: T;
+    sig: AxisSig;
+}
+type AxisResponse<T = any> = AxisResponse$1<T> & {
+    policyRefs?: string[];
+    riskScore?: number;
+};
+interface AxisObservedContext {
+    ip?: string;
+    ua?: string;
+    geo?: string;
+}
+interface AxisRequestContext {
+    observed: AxisObservedContext;
+    actorKeyKid?: string;
+    issuerKeyKid?: string;
+    decisionId: string;
+    actorId: string;
+    aud?: string;
+    opcode: string;
+    deviceId?: string;
+    sessionId?: string;
 }
-declare const AxisContextZ: z.ZodObject<{
-    pid: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
-    ts: z.ZodBigInt;
-    intent: z.ZodString;
-    actorId: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
-    proofType: z.ZodEnum<typeof ProofType$1>;
-    proofRef: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
-    nonce: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
-    ip: z.ZodString;
-    nodeCertHash: z.ZodOptional<z.ZodString>;
-    capsule: z.ZodOptional<z.ZodObject<{
-        id: z.ZodString;
-        claims: z.ZodObject<{
-            capsuleId: z.ZodString;
-            allowIntents: z.ZodArray<z.ZodString>;
-            limits: z.ZodOptional<z.ZodObject<{
-                maxBodyBytes: z.ZodOptional<z.ZodNumber>;
-            }, z.z.core.$strip>>;
-            scopes: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
-        }, z.z.core.$strip>;
-        issuedAt: z.ZodNumber;
-        expiresAt: z.ZodNumber;
-        tier: z.ZodEnum<{
-            FREE: "FREE";
-            STANDARD: "STANDARD";
-            PREMIUM: "PREMIUM";
-        }>;
-    }, z.z.core.$strip>>;
-    passport: z.ZodOptional<z.ZodObject<{
-        id: z.ZodString;
-        public_key: z.ZodCustom<Buffer<ArrayBufferLike>, Buffer<ArrayBufferLike>>;
-        status: z.ZodEnum<{
-            ACTIVE: "ACTIVE";
-            REVOKED: "REVOKED";
-            EXPIRED: "EXPIRED";
-            PENDING: "PENDING";
-        }>;
-        issuedAt: z.ZodNumber;
-        expiresAt: z.ZodOptional<z.ZodNumber>;
-    }, z.z.core.$strip>>;
-    meter: z.ZodOptional<z.ZodAny>;
-}, z.z.core.$strip>;
-type AxisContext$1 = z.infer<typeof AxisContextZ>;
-declare const AxisErrorZ: z.ZodObject<{
-    code: z.ZodString;
-    message: z.ZodString;
-    httpStatus: z.ZodNumber;
-}, z.z.core.$strip>;
-type AxisError = z.infer<typeof AxisErrorZ>;
 
-declare const SENSITIVITY_METADATA_KEY = "axis:sensitivity";
-declare const CONTRACT_METADATA_KEY = "axis:contract";
-declare const REQUIRED_PROOF_METADATA_KEY = "axis:required_proof";
-type RequiredProofKind = ProofKind | "WITNESS";
-declare function Sensitivity(level: SensitivityLevel): ClassDecorator & MethodDecorator;
-declare function Contract(options: Partial<ExecutionContract>): ClassDecorator & MethodDecorator;
-declare function RequiredProof(proofs: [RequiredProofKind, ...RequiredProofKind[]]): ClassDecorator & MethodDecorator;
-declare function Capsule(): ClassDecorator & MethodDecorator;
-declare function Witness(): ClassDecorator & MethodDecorator;
-declare const AXIS_PUBLIC_KEY = "axis:public";
-declare function AxisPublic(): ClassDecorator & MethodDecorator;
-declare const AXIS_ANONYMOUS_KEY = "axis:anonymous";
-declare function AxisAnonymous(): ClassDecorator & MethodDecorator;
-declare const AXIS_RATE_LIMIT_KEY = "axis:rateLimit";
-interface AxisRateLimitConfig {
-    max: number;
-    windowSec: number;
-    key?: string;
+interface SensorPhaseMetadata {
+    phase: 'PRE_DECODE' | 'POST_DECODE';
+    dependencies?: string[];
+    asyncOk?: boolean;
+    cryptoOk?: boolean;
+    description?: string;
 }
-declare function AxisRateLimit(config: AxisRateLimitConfig): MethodDecorator;
+interface AxisSensor {
+    readonly name: string;
+    readonly order?: number;
+    phase?: SensorPhaseMetadata | 'PRE_DECODE' | 'POST_DECODE';
+    supports?(input: SensorInput): boolean;
+    run(input: SensorInput): Promise<SensorDecision>;
+}
+interface AxisSensorInit extends AxisSensor {
+    onModuleInit?(): void | Promise<void>;
+}
+interface AxisPreSensor extends AxisSensor {
+    phase: 'PRE_DECODE';
+}
+interface AxisPostSensor extends AxisSensor {
+    phase: 'POST_DECODE';
+}
+interface SensorInput {
+    rawBytes?: Buffer | Uint8Array;
+    intent?: string;
+    ip?: string;
+    path?: string;
+    contentLength?: number;
+    peek?: Uint8Array;
+    country?: string;
+    clientId?: string;
+    isWs?: boolean;
+    metadata?: Record<string, any>;
+    actorId?: string;
+    opcode?: string;
+    aud?: string;
+    observed?: AxisObservedContext;
+    frameBody?: any;
+    deviceId?: string;
+    sessionId?: string;
+    packet?: Record<string, any>;
+    [key: string]: any;
+}
+declare enum Decision {
+    ALLOW = "ALLOW",
+    DENY = "DENY",
+    THROTTLE = "THROTTLE",
+    FLAG = "FLAG"
+}
+type SensorDecision = {
+    decision?: Decision;
+    allow: boolean;
+    riskScore: number;
+    reasons: string[];
+    code?: string;
+    retryAfterMs?: number;
+    scoreDelta?: number;
+    tags?: Record<string, any>;
+    meta?: any;
+    tighten?: {
+        expSecondsMax?: number;
+        constraintsPatch?: Record<string, any>;
+    };
+} | {
+    action: 'ALLOW';
+    meta?: any;
+} | {
+    action: 'DENY';
+    code: string;
+    reason?: string;
+    retryAfterMs?: number;
+    meta?: any;
+} | {
+    action: 'THROTTLE';
+    retryAfterMs: number;
+    meta?: any;
+} | {
+    action: 'FLAG';
+    scoreDelta: number;
+    reasons: string[];
+    meta?: any;
+};
+type SensorMinifiedDecision = {
+    allow: boolean;
+    riskScore: number;
+    reasons: string[];
+    tags?: Record<string, any>;
+    meta?: any;
+    tighten?: {
+        expSecondsMax?: number;
+        constraintsPatch?: Record<string, any>;
+    };
+    retryAfterMs?: number;
+};
+declare function normalizeSensorDecision(sensorDecision: SensorDecision): SensorMinifiedDecision;
+declare const SensorDecisions: {
+    allow(meta?: any, tags?: Record<string, any>): SensorDecision;
+    deny(code: string, reason?: string, meta?: any): SensorDecision;
+    throttle(retryAfterMs: number, meta?: any): SensorDecision;
+    flag(scoreDelta: number, reasons: string[], meta?: any): SensorDecision;
+};
+
+type CceHandler = (payload: Uint8Array, context: CceHandlerContext) => Promise<CceHandlerResult>;
+interface CceHandlerContext {
+    capsule: CceCapsuleClaims;
+    executionContext: CceExecutionContext;
+    envelope: CceRequestEnvelope;
+    clientPublicKeyHex: string;
+    intent: string;
+    sub: string;
+}
+interface CceHandlerResult {
+    status: CceResponseStatus;
+    body: Uint8Array;
+    effect?: string;
+}
+interface CcePolicyContext {
+    envelope: CceRequestEnvelope;
+    capsule: CceCapsuleClaims;
+    executionContext: CceExecutionContext;
+    decryptedPayload: Uint8Array;
+    clientPublicKeyHex: string;
+}
+interface CcePolicyDecision {
+    allow: boolean;
+    code?: string;
+    message?: string;
+}
+interface CcePolicyEvaluator {
+    evaluate(context: CcePolicyContext): Promise<CcePolicyDecision>;
+}
+interface CcePipelineConfig {
+    axisLocalSecret: string;
+    axisAudience: string;
+    sensors: AxisSensor[];
+    handlers: Map<string, CceHandler>;
+    witnessStore: CceWitnessStore;
+    clientKeyEncryptor: CceClientKeyEncryptor;
+    axisSigner: CceAxisSigner;
+    policyEvaluator?: CcePolicyEvaluator;
+}
+type CcePipelineResult = {
+    ok: true;
+    response: CceResponseEnvelope;
+    witnessId: string;
+} | {
+    ok: false;
+    error: {
+        code: string;
+        message: string;
+    };
+    status: CceResponseStatus;
+};
+declare function executeCcePipeline(envelope: CceRequestEnvelope, config: CcePipelineConfig): Promise<CcePipelineResult>;
 
 interface IntentSchema {
     intent: string;
@@ -2774,8 +2776,10 @@ declare namespace index$8 {
 }
 
 declare const index$7_AXIS_ANONYMOUS_KEY: typeof AXIS_ANONYMOUS_KEY;
+declare const index$7_AXIS_META_KEY: typeof AXIS_META_KEY;
 declare const index$7_AXIS_PUBLIC_KEY: typeof AXIS_PUBLIC_KEY;
 declare const index$7_AXIS_RATE_LIMIT_KEY: typeof AXIS_RATE_LIMIT_KEY;
+declare const index$7_Axis: typeof Axis;
 declare const index$7_AxisAnonymous: typeof AxisAnonymous;
 declare const index$7_AxisContext: typeof AxisContext;
 declare const index$7_AxisDemoPubkey: typeof AxisDemoPubkey;
@@ -2844,7 +2848,7 @@ declare const index$7_extractDtoSchema: typeof extractDtoSchema;
 declare const index$7_mergeCapsulePolicyOptions: typeof mergeCapsulePolicyOptions;
 declare const index$7_normalizeCapsulePolicyOptions: typeof normalizeCapsulePolicyOptions;
 declare namespace index$7 {
-  export { index$7_AXIS_ANONYMOUS_KEY as AXIS_ANONYMOUS_KEY, index$7_AXIS_PUBLIC_KEY as AXIS_PUBLIC_KEY, index$7_AXIS_RATE_LIMIT_KEY as AXIS_RATE_LIMIT_KEY, index$7_AxisAnonymous as AxisAnonymous, index$7_AxisContext as AxisContext, index$7_AxisDemoPubkey as AxisDemoPubkey, index$7_AxisFrame as AxisFrame, index$7_AxisIp as AxisIp, type index$7_AxisObserverBinding as AxisObserverBinding, type index$7_AxisObserverBindingOptions as AxisObserverBindingOptions, type index$7_AxisObserverDefinition as AxisObserverDefinition, type index$7_AxisObserverRef as AxisObserverRef, index$7_AxisPublic as AxisPublic, index$7_AxisRateLimit as AxisRateLimit, type index$7_AxisRateLimitConfig as AxisRateLimitConfig, index$7_AxisRaw as AxisRaw, type index$7_AxisRequestData as AxisRequestData, index$7_CAPSULE_POLICY_METADATA_KEY as CAPSULE_POLICY_METADATA_KEY, index$7_CHAIN_METADATA_KEY as CHAIN_METADATA_KEY, index$7_CONTRACT_METADATA_KEY as CONTRACT_METADATA_KEY, index$7_Capsule as Capsule, index$7_CapsulePolicy as CapsulePolicy, type index$7_CapsulePolicyOptions as CapsulePolicyOptions, type index$7_CapsuleScopeMode as CapsuleScopeMode, index$7_Chain as Chain, index$7_Contract as Contract, type index$7_DtoSchema as DtoSchema, index$7_HANDLER_METADATA_KEY as HANDLER_METADATA_KEY, index$7_Handler as Handler, index$7_INTENT_BODY_KEY as INTENT_BODY_KEY, index$7_INTENT_METADATA_KEY as INTENT_METADATA_KEY, index$7_INTENT_ROUTES_KEY as INTENT_ROUTES_KEY, index$7_INTENT_SENSORS_KEY as INTENT_SENSORS_KEY, index$7_Intent as Intent, index$7_IntentBody as IntentBody, type index$7_IntentKind as IntentKind, type index$7_IntentOptions as IntentOptions, type index$7_IntentRoute as IntentRoute, index$7_IntentSensors as IntentSensors, type index$7_IntentTlvField as IntentTlvField, index$7_OBSERVER_BINDINGS_KEY as OBSERVER_BINDINGS_KEY, index$7_OBSERVER_METADATA_KEY as OBSERVER_METADATA_KEY, index$7_Observer as Observer, index$7_REQUIRED_PROOF_METADATA_KEY as REQUIRED_PROOF_METADATA_KEY, index$7_RequiredProof as RequiredProof, type index$7_RequiredProofKind as RequiredProofKind, index$7_SENSITIVITY_METADATA_KEY as SENSITIVITY_METADATA_KEY, index$7_SENSOR_METADATA_KEY as SENSOR_METADATA_KEY, index$7_Sensitivity as Sensitivity, index$7_Sensor as Sensor, type index$7_SensorOptions as SensorOptions, type index$7_SensorPhase as SensorPhase, index$7_TLV_FIELDS_KEY as TLV_FIELDS_KEY, index$7_TLV_VALIDATORS_KEY as TLV_VALIDATORS_KEY, index$7_TlvEnum as TlvEnum, index$7_TlvField as TlvField, type index$7_TlvFieldKind as TlvFieldKind, type index$7_TlvFieldMeta as TlvFieldMeta, type index$7_TlvFieldOptions as TlvFieldOptions, index$7_TlvMinLen as TlvMinLen, index$7_TlvRange as TlvRange, index$7_TlvUtf8Pattern as TlvUtf8Pattern, index$7_TlvValidate as TlvValidate, type index$7_TlvValidatorFn as TlvValidatorFn, type index$7_TlvValidatorMeta as TlvValidatorMeta, index$7_Witness as Witness, index$7_buildDtoDecoder as buildDtoDecoder, index$7_extractDtoSchema as extractDtoSchema, index$7_mergeCapsulePolicyOptions as mergeCapsulePolicyOptions, index$7_normalizeCapsulePolicyOptions as normalizeCapsulePolicyOptions };
+  export { index$7_AXIS_ANONYMOUS_KEY as AXIS_ANONYMOUS_KEY, index$7_AXIS_META_KEY as AXIS_META_KEY, index$7_AXIS_PUBLIC_KEY as AXIS_PUBLIC_KEY, index$7_AXIS_RATE_LIMIT_KEY as AXIS_RATE_LIMIT_KEY, index$7_Axis as Axis, index$7_AxisAnonymous as AxisAnonymous, index$7_AxisContext as AxisContext, index$7_AxisDemoPubkey as AxisDemoPubkey, index$7_AxisFrame as AxisFrame, index$7_AxisIp as AxisIp, type index$7_AxisObserverBinding as AxisObserverBinding, type index$7_AxisObserverBindingOptions as AxisObserverBindingOptions, type index$7_AxisObserverDefinition as AxisObserverDefinition, type index$7_AxisObserverRef as AxisObserverRef, index$7_AxisPublic as AxisPublic, index$7_AxisRateLimit as AxisRateLimit, type index$7_AxisRateLimitConfig as AxisRateLimitConfig, index$7_AxisRaw as AxisRaw, type index$7_AxisRequestData as AxisRequestData, index$7_CAPSULE_POLICY_METADATA_KEY as CAPSULE_POLICY_METADATA_KEY, index$7_CHAIN_METADATA_KEY as CHAIN_METADATA_KEY, index$7_CONTRACT_METADATA_KEY as CONTRACT_METADATA_KEY, index$7_Capsule as Capsule, index$7_CapsulePolicy as CapsulePolicy, type index$7_CapsulePolicyOptions as CapsulePolicyOptions, type index$7_CapsuleScopeMode as CapsuleScopeMode, index$7_Chain as Chain, index$7_Contract as Contract, type index$7_DtoSchema as DtoSchema, index$7_HANDLER_METADATA_KEY as HANDLER_METADATA_KEY, index$7_Handler as Handler, index$7_INTENT_BODY_KEY as INTENT_BODY_KEY, index$7_INTENT_METADATA_KEY as INTENT_METADATA_KEY, index$7_INTENT_ROUTES_KEY as INTENT_ROUTES_KEY, index$7_INTENT_SENSORS_KEY as INTENT_SENSORS_KEY, index$7_Intent as Intent, index$7_IntentBody as IntentBody, type index$7_IntentKind as IntentKind, type index$7_IntentOptions as IntentOptions, type index$7_IntentRoute as IntentRoute, index$7_IntentSensors as IntentSensors, type index$7_IntentTlvField as IntentTlvField, index$7_OBSERVER_BINDINGS_KEY as OBSERVER_BINDINGS_KEY, index$7_OBSERVER_METADATA_KEY as OBSERVER_METADATA_KEY, index$7_Observer as Observer, index$7_REQUIRED_PROOF_METADATA_KEY as REQUIRED_PROOF_METADATA_KEY, index$7_RequiredProof as RequiredProof, type index$7_RequiredProofKind as RequiredProofKind, index$7_SENSITIVITY_METADATA_KEY as SENSITIVITY_METADATA_KEY, index$7_SENSOR_METADATA_KEY as SENSOR_METADATA_KEY, index$7_Sensitivity as Sensitivity, index$7_Sensor as Sensor, type index$7_SensorOptions as SensorOptions, type index$7_SensorPhase as SensorPhase, index$7_TLV_FIELDS_KEY as TLV_FIELDS_KEY, index$7_TLV_VALIDATORS_KEY as TLV_VALIDATORS_KEY, index$7_TlvEnum as TlvEnum, index$7_TlvField as TlvField, type index$7_TlvFieldKind as TlvFieldKind, type index$7_TlvFieldMeta as TlvFieldMeta, type index$7_TlvFieldOptions as TlvFieldOptions, index$7_TlvMinLen as TlvMinLen, index$7_TlvRange as TlvRange, index$7_TlvUtf8Pattern as TlvUtf8Pattern, index$7_TlvValidate as TlvValidate, type index$7_TlvValidatorFn as TlvValidatorFn, type index$7_TlvValidatorMeta as TlvValidatorMeta, index$7_Witness as Witness, index$7_buildDtoDecoder as buildDtoDecoder, index$7_extractDtoSchema as extractDtoSchema, index$7_mergeCapsulePolicyOptions as mergeCapsulePolicyOptions, index$7_normalizeCapsulePolicyOptions as normalizeCapsulePolicyOptions };
 }
 
 type index$6_ObservationQueueConfig = ObservationQueueConfig;
@@ -3317,4 +3321,4 @@ declare namespace index {
   export { index_encodeAxisTlvDto as encodeAxisTlvDto };
 }
 
-export { ATS1_HDR, ATS1_SCHEMA, AXIS_EXECUTION_CONTEXT_KEY, AXIS_OPCODES, AXIS_UPLOAD_FILE_STORE, AXIS_UPLOAD_RECEIPT_SIGNER, AXIS_UPLOAD_SESSION_STORE, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg$1 as AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, type AxisCapsuleRef, type AxisChainEncryption, type AxisChainEnvelope, AxisChainExecutor, type AxisChainRequest, type AxisChainResult, type AxisChainStatus, type AxisChainStep, type AxisChainStepResult, type AxisChainStepStatus, AxisContext, type AxisCrudHandler, type AxisDecoded, AxisDemoPubkey, type AxisEffect, type AxisExecutionContext, type AxisExecutionMode, AxisFilesDownloadHandler, AxisFilesFinalizeHandler, AxisFrame$2 as AxisFrame, type AxisHandler, type AxisHandlerInit, AxisIdDto, type AxisIntentEnvelope, type AxisIntentObserver, AxisIp, type AxisAlg as AxisJsonAlg, type AxisFrame$1 as AxisJsonFrame, type AxisResponse as AxisJsonResponse, type AxisSig as AxisJsonSig, type AxisKeyExchangeRef, type AxisObservation, type AxisObservedContext, type AxisObserverBinding, type AxisObserverBindingOptions, type AxisObserverContext, type AxisObserverDefinition, type AxisObserverEvent, type AxisObserverRef, type AxisObserverRegistration, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, AxisPartialType, type AxisPostSensor, type AxisPreSensor, AxisRaw, type AxisRequestContext, type AxisRequestData, AxisResponseDto, type AxisSensor, AxisSensorChainService, type AxisSensorInit, type AxisSig$1 as AxisSig, AxisTlvDto, BAND, CAPABILITIES, CAPSULE_POLICY_METADATA_KEY, CCE_ERROR, CCE_PROTOCOL_VERSION, CHAIN_METADATA_KEY, type Capability, type CapsuleMode, CapsulePolicy, type CapsulePolicyOptions, type CapsuleScopeMode, type CceCapsuleClaims as CceCapsuleClaimsType, CceError, type CceExecutionContext as CceExecutionContextType, type CceHandler, type CceHandlerContext, type CceHandlerResult, type CcePipelineConfig, type CcePipelineResult, type CcePolicyContext, type CcePolicyDecision, type CcePolicyEvaluator, type CceRequestEnvelope as CceRequestEnvelopeType, type CceResponseEnvelope as CceResponseEnvelopeType, type CceWitnessRecord as CceWitnessRecordType, Chain, type ChainOptions, type ChainResult, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, DiskUploadFileStore, type DtoSchema, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, type Grant, type GrantCapability, type GrantMeta, type GrantStatus, type GrantType, type GrantValidationResult, HANDLER_METADATA_KEY, HANDLER_SENSORS_KEY, Handler, HandlerDiscoveryService, HandlerSensors, INTENT_BODY_KEY, INTENT_METADATA_KEY, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_SENSORS_KEY, INTENT_TIMEOUTS, Intent, IntentBody, type IntentDefinition, type IntentKind, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, IntentSensors, type IntentTlvField, type KeyStatus, type LoomReceipt, type LoomValidationResult, OBSERVER_BINDINGS_KEY, OBSERVER_METADATA_KEY, type ObservationQueueConfig, type ObservationQueueMessage, type ObservationSensor, type ObservationStage, type ObservationStreamEntry, type ObservationWitnessSummary, Observer, ObserverDiscoveryService, ObserverDispatcherService, ObserverRegistry, type ObserverVerdict, PRE_DECODE_BOUNDARY, PROOF_CAPABILITIES, type PresenceChallenge, type PresenceDeclaration, type PresenceProof, type PresenceReceipt, type PresenceStatus, type PresenceVerifyResult, RESPONSE_TAG_CREATED_AT, RESPONSE_TAG_CREATED_BY, RESPONSE_TAG_ID, RESPONSE_TAG_UPDATED_AT, RESPONSE_TAG_UPDATED_BY, type ReceiptEffect, type RegisteredChainConfig, type ResponseContract, ResponseObserver, type ResponseObserverContext, type Revocation, type RevocationTargetType, RiskDecision, type RiskEvaluation, type RiskSignal, SENSOR_METADATA_KEY, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, Sensor, type SensorBand, type SensorDecision, SensorDecisions, SensorDiscoveryService, type SensorInput, type SensorMinifiedDecision, type SensorOptions, type SensorPhase, type SensorPhaseMetadata, SensorRegistry, TLV_FIELDS_KEY, TLV_VALIDATORS_KEY, type ThreadState, TlvEnum, TlvField, type TlvFieldKind, type TlvFieldMeta, type TlvFieldOptions, TlvMinLen, TlvRange, TlvUtf8Pattern, TlvValidate, type TlvValidatorFn, type TlvValidatorMeta, type UnsignedObservationWitness, type UploadFileStat, type UploadFileStore, type UploadReceiptSigner, type UploadSessionRecord, type UploadSessionStatus, type UploadSessionStore, type Writ, type WritBody, type WritHead, type WritMeta, type WritSignature, type WritValidationResult, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildDtoDecoder, buildPacket, buildQueueMessage, buildReceiptHash, buildTLVs, buildUnsignedWitness, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, canonicalizeGrant, canonicalizeObservation, canonicalizeWrit, index$9 as cce, classifyIntent, createObservation, index$8 as crypto, decodeAxis1Frame, decodeQueueMessage, index$7 as decorators, deriveAnchorReflection, encVarint, encodeAxis1Frame, encodeAxisTlvDto, encodeQueueMessage, endStage, index$5 as engine, executeCcePipeline, extractDtoSchema, finalizeObservation, getAxisExecutionContext, hasScope, hashObservation, isAdminOpcode, isKnownOpcode, isTimestampValid, index$4 as loom, mergeAxisExecutionContext, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseAutoClaimEntries, parseScope, parseStreamEntries, recordSensor, resolveTimeout, index$3 as schemas, index$2 as security, sensitivityName, index$1 as sensors, stableJsonStringify, startStage, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, index as utils, validateFrameShape, varintU, verifyResponse, withAxisExecutionContext };
+export { ATS1_HDR, ATS1_SCHEMA, AXIS_ANONYMOUS_KEY, AXIS_EXECUTION_CONTEXT_KEY, AXIS_META_KEY, AXIS_OPCODES, AXIS_PUBLIC_KEY, AXIS_RATE_LIMIT_KEY, AXIS_UPLOAD_FILE_STORE, AXIS_UPLOAD_RECEIPT_SIGNER, AXIS_UPLOAD_SESSION_STORE, ats1 as Ats1Codec, Axis, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg$1 as AxisAlg, AxisAnonymous, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, type AxisCapsuleRef, type AxisChainEncryption, type AxisChainEnvelope, AxisChainExecutor, type AxisChainRequest, type AxisChainResult, type AxisChainStatus, type AxisChainStep, type AxisChainStepResult, type AxisChainStepStatus, AxisContext, type AxisCrudHandler, type AxisDecoded, AxisDemoPubkey, type AxisEffect, type AxisExecutionContext, type AxisExecutionMode, AxisFilesDownloadHandler, AxisFilesFinalizeHandler, AxisFrame$2 as AxisFrame, type AxisHandler, type AxisHandlerInit, AxisIdDto, type AxisIntentEnvelope, type AxisIntentObserver, AxisIp, type AxisAlg as AxisJsonAlg, type AxisFrame$1 as AxisJsonFrame, type AxisResponse as AxisJsonResponse, type AxisSig as AxisJsonSig, type AxisKeyExchangeRef, type AxisObservation, type AxisObservedContext, type AxisObserverBinding, type AxisObserverBindingOptions, type AxisObserverContext, type AxisObserverDefinition, type AxisObserverEvent, type AxisObserverRef, type AxisObserverRegistration, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, AxisPartialType, type AxisPostSensor, type AxisPreSensor, AxisPublic, AxisRateLimit, type AxisRateLimitConfig, AxisRaw, type AxisRequestContext, type AxisRequestData, AxisResponseDto, type AxisSensor, AxisSensorChainService, type AxisSensorInit, type AxisSig$1 as AxisSig, AxisTlvDto, BAND, CAPABILITIES, CAPSULE_POLICY_METADATA_KEY, CCE_ERROR, CCE_PROTOCOL_VERSION, CHAIN_METADATA_KEY, CONTRACT_METADATA_KEY, type Capability, Capsule, type CapsuleMode, CapsulePolicy, type CapsulePolicyOptions, type CapsuleScopeMode, type CceCapsuleClaims as CceCapsuleClaimsType, CceError, type CceExecutionContext as CceExecutionContextType, type CceHandler, type CceHandlerContext, type CceHandlerResult, type CcePipelineConfig, type CcePipelineResult, type CcePolicyContext, type CcePolicyDecision, type CcePolicyEvaluator, type CceRequestEnvelope as CceRequestEnvelopeType, type CceResponseEnvelope as CceResponseEnvelopeType, type CceWitnessRecord as CceWitnessRecordType, Chain, type ChainOptions, type ChainResult, Contract, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, DiskUploadFileStore, type DtoSchema, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, type Grant, type GrantCapability, type GrantMeta, type GrantStatus, type GrantType, type GrantValidationResult, HANDLER_METADATA_KEY, HANDLER_SENSORS_KEY, Handler, HandlerDiscoveryService, HandlerSensors, INTENT_BODY_KEY, INTENT_METADATA_KEY, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_SENSORS_KEY, INTENT_TIMEOUTS, Intent, IntentBody, type IntentDefinition, type IntentKind, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, IntentSensors, type IntentTlvField, type KeyStatus, type LoomReceipt, type LoomValidationResult, OBSERVER_BINDINGS_KEY, OBSERVER_METADATA_KEY, type ObservationQueueConfig, type ObservationQueueMessage, type ObservationSensor, type ObservationStage, type ObservationStreamEntry, type ObservationWitnessSummary, Observer, ObserverDiscoveryService, ObserverDispatcherService, ObserverRegistry, type ObserverVerdict, PRE_DECODE_BOUNDARY, PROOF_CAPABILITIES, type PresenceChallenge, type PresenceDeclaration, type PresenceProof, type PresenceReceipt, type PresenceStatus, type PresenceVerifyResult, REQUIRED_PROOF_METADATA_KEY, RESPONSE_TAG_CREATED_AT, RESPONSE_TAG_CREATED_BY, RESPONSE_TAG_ID, RESPONSE_TAG_UPDATED_AT, RESPONSE_TAG_UPDATED_BY, type ReceiptEffect, type RegisteredChainConfig, RequiredProof, type RequiredProofKind, type ResponseContract, ResponseObserver, type ResponseObserverContext, type Revocation, type RevocationTargetType, RiskDecision, type RiskEvaluation, type RiskSignal, SENSITIVITY_METADATA_KEY, SENSOR_METADATA_KEY, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, Sensitivity, Sensor, type SensorBand, type SensorDecision, SensorDecisions, SensorDiscoveryService, type SensorInput, type SensorMinifiedDecision, type SensorOptions, type SensorPhase, type SensorPhaseMetadata, SensorRegistry, TLV_FIELDS_KEY, TLV_VALIDATORS_KEY, type ThreadState, TlvEnum, TlvField, type TlvFieldKind, type TlvFieldMeta, type TlvFieldOptions, TlvMinLen, TlvRange, TlvUtf8Pattern, TlvValidate, type TlvValidatorFn, type TlvValidatorMeta, type UnsignedObservationWitness, type UploadFileStat, type UploadFileStore, type UploadReceiptSigner, type UploadSessionRecord, type UploadSessionStatus, type UploadSessionStore, Witness, type Writ, type WritBody, type WritHead, type WritMeta, type WritSignature, type WritValidationResult, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildDtoDecoder, buildPacket, buildQueueMessage, buildReceiptHash, buildTLVs, buildUnsignedWitness, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, canonicalizeGrant, canonicalizeObservation, canonicalizeWrit, index$9 as cce, classifyIntent, createObservation, index$8 as crypto, decodeAxis1Frame, decodeQueueMessage, index$7 as decorators, deriveAnchorReflection, encVarint, encodeAxis1Frame, encodeAxisTlvDto, encodeQueueMessage, endStage, index$5 as engine, executeCcePipeline, extractDtoSchema, finalizeObservation, getAxisExecutionContext, hasScope, hashObservation, isAdminOpcode, isKnownOpcode, isTimestampValid, index$4 as loom, mergeAxisExecutionContext, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseAutoClaimEntries, parseScope, parseStreamEntries, recordSensor, resolveTimeout, index$3 as schemas, index$2 as security, sensitivityName, index$1 as sensors, stableJsonStringify, startStage, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, index as utils, validateFrameShape, varintU, verifyResponse, withAxisExecutionContext };