@nossen/morphing 2.0.2 → 2.1.0

package/dist/morph.d.ts

@@ -94,6 +94,8 @@ export declare function unveil(m: morph): any;
 export type PorygonShard = {
     id: number;
     morph: morph;
+    layer?: PorygonLayer;
+    passport?: MorphPassport;
 };
 export type Porygon = {
     layoutId: number;
@@ -110,8 +112,71 @@ export declare function resolvePorygon(p: Porygon): any;
 /** Cube helpers for higher-level Freeland / RGBA tooling */
 export declare function cubeToRef(cube: MorphCube, space?: MorphSpace, localTag?: number): morph;
 export declare function refToCube(m: morph): MorphCube | undefined;
-export declare const MORPHING_VERSION = "0.1.6";
+export declare const MORPHING_VERSION = "0.2.0";
 export declare function isMorph(x: any): x is morph;
 export declare function describeRefSpaces(): MorphRefSpaceDescription[];
 export declare function clearSpace(space: MorphSpace): void;
 export declare function clearAllSpaces(): void;
+export type MorphOrigin = "internal" | "user_upload" | "decoded_payload" | "web" | "agent";
+export type MorphTaint = "trusted" | "untrusted" | "quarantined" | "verified" | "rejected";
+export type MorphActor = "system" | "agent" | "user" | "test";
+export type MorphTrustEffect = "preserve" | "increase_after_validation" | "decrease" | "quarantine";
+export type MorphLineageOp = "encode" | "decode" | "quantize" | "ref" | "porygon-shard" | "zen-wrap" | "verify" | (string & {});
+export type MorphLineageStep = {
+    readonly op: MorphLineageOp;
+    readonly inputHash: string;
+    readonly outputHash: string;
+    readonly timestamp: string;
+    readonly actor: MorphActor;
+    readonly trustEffect: MorphTrustEffect;
+};
+export type MorphPermissions = {
+    readonly canRead: boolean;
+    readonly canDecode: boolean;
+    readonly canExecute: false;
+    readonly canBecomeConfig: boolean;
+};
+export type MorphRefScope = "process-local" | "serialized" | "external";
+export type MorphPassport = {
+    readonly id: string;
+    readonly morph: morph;
+    readonly origin: MorphOrigin;
+    readonly taint: MorphTaint;
+    readonly lineage: readonly MorphLineageStep[];
+    readonly sourceHash?: string;
+    readonly payloadHash?: string;
+    readonly refScope?: MorphRefScope;
+    readonly permissions: MorphPermissions;
+};
+export type PorygonLayer = "technical" | "security" | "semantic" | "symbolic" | "spatial" | "provenance" | "render";
+export type SerializedRefResult = {
+    readonly ok: true;
+    readonly namespace: string;
+    readonly index: number;
+    readonly handle: string;
+} | {
+    readonly ok: false;
+    readonly error: "process-local-ref-not-serializable" | "not-a-ref";
+};
+export declare function morphHash(m: morph): string;
+/** Enveloppe un morph interne (système, confiance initiale : trusted). */
+export declare function wrapInternal(m: morph, sourceHash?: string): MorphPassport;
+/** Enveloppe un morph externe (upload, payload, web…). Taint : untrusted par défaut. */
+export declare function wrapExternal(m: morph, origin?: Exclude<MorphOrigin, "internal">, payloadHash?: string): MorphPassport;
+/**
+ * Transforme un passport en propageant la lignée.
+ * Le taint ne peut jamais augmenter automatiquement — passe par verifyPassport.
+ */
+export declare function transformPassport(input: MorphPassport, op: MorphLineageOp, outputMorph: morph, actor?: MorphActor, trustEffect?: MorphTrustEffect): MorphPassport;
+/**
+ * Augmente la confiance après validation externe explicite.
+ * Ne fonctionne pas sur "rejected" ou "quarantined".
+ */
+export declare function verifyPassport(passport: MorphPassport, verifiedBy?: MorphActor): MorphPassport;
+/**
+ * Sérialisation de ref process-local.
+ * Une ref process-local ne peut PAS survivre à une sérialisation silencieuse.
+ * V1 : retourne toujours une erreur explicite — pas de manifest cross-process encore.
+ */
+export declare function serializeRef(m: morph): SerializedRefResult;
+export declare function isMorphPassport(x: unknown): x is MorphPassport;

package/dist/morph.js

@@ -270,7 +270,7 @@ export function refToCube(m) {
     return undefined;
 }
 // --- Version ---
-export const MORPHING_VERSION = "0.1.6";
+export const MORPHING_VERSION = "0.2.0";
 // --- Type guard ---
 export function isMorph(x) {
     return (x != null &&
@@ -312,3 +312,128 @@ export function clearAllSpaces() {
         MorphRefSpaces[i].length = 0;
     }
 }
+// Identifiant stable d'un morph basé sur ses 4 bytes (hex).
+export function morphHash(m) {
+    return (m.tt.toString(16).padStart(2, "0") +
+        m.d1.toString(16).padStart(2, "0") +
+        m.d2.toString(16).padStart(2, "0") +
+        m.d3.toString(16).padStart(2, "0"));
+}
+let _passportSeq = 0;
+function newPassportId(m) {
+    return `mp-${morphHash(m)}-${(++_passportSeq).toString(36)}`;
+}
+function permissionsFor(taint) {
+    const open = taint === "trusted" || taint === "verified";
+    return {
+        canRead: taint !== "rejected",
+        canDecode: open,
+        canExecute: false,
+        canBecomeConfig: open,
+    };
+}
+function applyTrustEffect(current, effect, op) {
+    if (effect === "quarantine")
+        return "quarantined";
+    // decode depuis une source non-trusted → quarantaine automatique
+    if (op === "decode" && current !== "trusted" && current !== "verified")
+        return "quarantined";
+    if (effect === "decrease") {
+        return (current === "trusted" || current === "verified") ? "untrusted" : current;
+    }
+    // "increase_after_validation" et "preserve" ne changent rien ici —
+    // l'augmentation de confiance passe uniquement par verifyPassport.
+    return current;
+}
+/** Enveloppe un morph interne (système, confiance initiale : trusted). */
+export function wrapInternal(m, sourceHash) {
+    return {
+        id: newPassportId(m),
+        morph: m,
+        origin: "internal",
+        taint: "trusted",
+        lineage: [],
+        sourceHash,
+        refScope: kindOf(m) === MorphKind.Ref ? "process-local" : undefined,
+        permissions: permissionsFor("trusted"),
+    };
+}
+/** Enveloppe un morph externe (upload, payload, web…). Taint : untrusted par défaut. */
+export function wrapExternal(m, origin = "decoded_payload", payloadHash) {
+    return {
+        id: newPassportId(m),
+        morph: m,
+        origin,
+        taint: "untrusted",
+        lineage: [],
+        payloadHash,
+        refScope: kindOf(m) === MorphKind.Ref ? "external" : undefined,
+        permissions: permissionsFor("untrusted"),
+    };
+}
+/**
+ * Transforme un passport en propageant la lignée.
+ * Le taint ne peut jamais augmenter automatiquement — passe par verifyPassport.
+ */
+export function transformPassport(input, op, outputMorph, actor = "system", trustEffect = "preserve") {
+    const step = {
+        op,
+        inputHash: morphHash(input.morph),
+        outputHash: morphHash(outputMorph),
+        timestamp: new Date().toISOString(),
+        actor,
+        trustEffect,
+    };
+    const newTaint = applyTrustEffect(input.taint, trustEffect, op);
+    return {
+        id: newPassportId(outputMorph),
+        morph: outputMorph,
+        origin: input.origin,
+        taint: newTaint,
+        lineage: [...input.lineage, step],
+        sourceHash: input.sourceHash,
+        payloadHash: input.payloadHash,
+        refScope: kindOf(outputMorph) === MorphKind.Ref ? (input.refScope ?? "process-local") : undefined,
+        permissions: permissionsFor(newTaint),
+    };
+}
+/**
+ * Augmente la confiance après validation externe explicite.
+ * Ne fonctionne pas sur "rejected" ou "quarantined".
+ */
+export function verifyPassport(passport, verifiedBy = "system") {
+    if (passport.taint === "rejected" || passport.taint === "quarantined")
+        return passport;
+    const step = {
+        op: "verify",
+        inputHash: morphHash(passport.morph),
+        outputHash: morphHash(passport.morph),
+        timestamp: new Date().toISOString(),
+        actor: verifiedBy,
+        trustEffect: "increase_after_validation",
+    };
+    return {
+        ...passport,
+        taint: "verified",
+        lineage: [...passport.lineage, step],
+        permissions: permissionsFor("verified"),
+    };
+}
+/**
+ * Sérialisation de ref process-local.
+ * Une ref process-local ne peut PAS survivre à une sérialisation silencieuse.
+ * V1 : retourne toujours une erreur explicite — pas de manifest cross-process encore.
+ */
+export function serializeRef(m) {
+    if (kindOf(m) !== MorphKind.Ref)
+        return { ok: false, error: "not-a-ref" };
+    // ref process-local → erreur explicite, jamais silencieuse
+    return { ok: false, error: "process-local-ref-not-serializable" };
+}
+export function isMorphPassport(x) {
+    return (x != null &&
+        typeof x === "object" &&
+        "morph" in x && isMorph(x.morph) &&
+        "taint" in x && typeof x.taint === "string" &&
+        "lineage" in x && Array.isArray(x.lineage));
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nossen/morphing",
-  "version": "2.0.2",
+  "version": "2.1.0",
   "description": "Compact 4-byte value shapes and RGBA/cube helpers for low-friction transport.",
   "author": "NOSSEN <contact@funesterie.me>",
   "license": "MIT",
@@ -21,7 +21,8 @@
   "exports": {
     ".": {
       "import": "./dist/morph.js",
-      "types": "./dist/morph.d.ts"
+      "types": "./dist/morph.d.ts",
+      "default": "./dist/morph.js"
     },
     "./package.json": "./package.json"
   },