@onsignet/core 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/attestation.d.ts +8 -0
- package/dist/attestation.d.ts.map +1 -0
- package/dist/attestation.js +23 -0
- package/dist/attestation.js.map +1 -0
- package/dist/capability.d.ts +7 -0
- package/dist/capability.d.ts.map +1 -0
- package/dist/capability.js +25 -0
- package/dist/capability.js.map +1 -0
- package/dist/crypto.d.ts +40 -0
- package/dist/crypto.d.ts.map +1 -0
- package/dist/crypto.js +121 -0
- package/dist/crypto.js.map +1 -0
- package/dist/identity.d.ts +11 -0
- package/dist/identity.d.ts.map +1 -0
- package/dist/identity.js +14 -0
- package/dist/identity.js.map +1 -0
- package/dist/index.d.ts +8 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +24 -0
- package/dist/index.js.map +1 -0
- package/dist/message.d.ts +26 -0
- package/dist/message.d.ts.map +1 -0
- package/dist/message.js +128 -0
- package/dist/message.js.map +1 -0
- package/dist/revocation.d.ts +7 -0
- package/dist/revocation.d.ts.map +1 -0
- package/dist/revocation.js +37 -0
- package/dist/revocation.js.map +1 -0
- package/dist/types.d.ts +106 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +22 -0
- package/dist/types.js.map +1 -0
- package/package.json +28 -0
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Owner attestation verification: verify that an owner signed an attestation for an agent nodeId.
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* Verify owner attestation signature. The attestation is sign("Signet owner attestation: agent <nodeId>").
|
|
6
|
+
*/
|
|
7
|
+
export declare function verifyOwnerAttestation(agentNodeId: string, attestationBase64: string, ownerEd25519PublicKey: Uint8Array): boolean;
|
|
8
|
+
//# sourceMappingURL=attestation.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"attestation.d.ts","sourceRoot":"","sources":["../src/attestation.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH;;GAEG;AACH,wBAAgB,sBAAsB,CACpC,WAAW,EAAE,MAAM,EACnB,iBAAiB,EAAE,MAAM,EACzB,qBAAqB,EAAE,UAAU,GAChC,OAAO,CAST"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Owner attestation verification: verify that an owner signed an attestation for an agent nodeId.
|
|
4
|
+
*/
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.verifyOwnerAttestation = verifyOwnerAttestation;
|
|
7
|
+
const crypto_js_1 = require("./crypto.js");
|
|
8
|
+
const ATTESTATION_PREFIX = "Signet owner attestation: agent ";
|
|
9
|
+
/**
|
|
10
|
+
* Verify owner attestation signature. The attestation is sign("Signet owner attestation: agent <nodeId>").
|
|
11
|
+
*/
|
|
12
|
+
function verifyOwnerAttestation(agentNodeId, attestationBase64, ownerEd25519PublicKey) {
|
|
13
|
+
try {
|
|
14
|
+
const statement = ATTESTATION_PREFIX + agentNodeId;
|
|
15
|
+
const msg = new TextEncoder().encode(statement);
|
|
16
|
+
const sig = (0, crypto_js_1.decodeBase64)(attestationBase64);
|
|
17
|
+
return (0, crypto_js_1.verify)(msg, sig, ownerEd25519PublicKey);
|
|
18
|
+
}
|
|
19
|
+
catch {
|
|
20
|
+
return false;
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
//# sourceMappingURL=attestation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"attestation.js","sourceRoot":"","sources":["../src/attestation.ts"],"names":[],"mappings":";AAAA;;GAEG;;AASH,wDAaC;AApBD,2CAAmD;AAEnD,MAAM,kBAAkB,GAAG,kCAAkC,CAAC;AAE9D;;GAEG;AACH,SAAgB,sBAAsB,CACpC,WAAmB,EACnB,iBAAyB,EACzB,qBAAiC;IAEjC,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,kBAAkB,GAAG,WAAW,CAAC;QACnD,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,iBAAiB,CAAC,CAAC;QAC5C,OAAO,IAAA,kBAAM,EAAC,GAAG,EAAE,GAAG,EAAE,qBAAqB,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Minimal capability helper: build capability blob and sign. Full policy in daemon.
|
|
3
|
+
*/
|
|
4
|
+
import type { MessageCapability } from "./types.js";
|
|
5
|
+
export declare function createCapabilityToken(scope: string, constraints: Record<string, unknown>, ownerEd25519SecretKey: Uint8Array): MessageCapability;
|
|
6
|
+
export declare function verifyCapabilitySignature(capability: MessageCapability, ownerEd25519PublicKey: Uint8Array): boolean;
|
|
7
|
+
//# sourceMappingURL=capability.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"capability.d.ts","sourceRoot":"","sources":["../src/capability.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAEpD,wBAAgB,qBAAqB,CACnC,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACpC,qBAAqB,EAAE,UAAU,GAChC,iBAAiB,CASnB;AAED,wBAAgB,yBAAyB,CACvC,UAAU,EAAE,iBAAiB,EAC7B,qBAAqB,EAAE,UAAU,GAChC,OAAO,CAKT"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Minimal capability helper: build capability blob and sign. Full policy in daemon.
|
|
4
|
+
*/
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.createCapabilityToken = createCapabilityToken;
|
|
7
|
+
exports.verifyCapabilitySignature = verifyCapabilitySignature;
|
|
8
|
+
const crypto_js_1 = require("./crypto.js");
|
|
9
|
+
function createCapabilityToken(scope, constraints, ownerEd25519SecretKey) {
|
|
10
|
+
const payload = JSON.stringify({ scope, constraints });
|
|
11
|
+
const payloadBytes = new TextEncoder().encode(payload);
|
|
12
|
+
const ownerSignature = (0, crypto_js_1.sign)(payloadBytes, ownerEd25519SecretKey);
|
|
13
|
+
return {
|
|
14
|
+
scope,
|
|
15
|
+
constraints,
|
|
16
|
+
ownerSignature: (0, crypto_js_1.encodeBase64)(ownerSignature),
|
|
17
|
+
};
|
|
18
|
+
}
|
|
19
|
+
function verifyCapabilitySignature(capability, ownerEd25519PublicKey) {
|
|
20
|
+
const payload = JSON.stringify({ scope: capability.scope, constraints: capability.constraints });
|
|
21
|
+
const payloadBytes = new TextEncoder().encode(payload);
|
|
22
|
+
const sig = (0, crypto_js_1.decodeBase64)(capability.ownerSignature);
|
|
23
|
+
return (0, crypto_js_1.verify)(payloadBytes, sig, ownerEd25519PublicKey);
|
|
24
|
+
}
|
|
25
|
+
//# sourceMappingURL=capability.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"capability.js","sourceRoot":"","sources":["../src/capability.ts"],"names":[],"mappings":";AAAA;;GAEG;;AAKH,sDAaC;AAED,8DAQC;AA1BD,2CAAuE;AAGvE,SAAgB,qBAAqB,CACnC,KAAa,EACb,WAAoC,EACpC,qBAAiC;IAEjC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;IACvD,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvD,MAAM,cAAc,GAAG,IAAA,gBAAI,EAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;IACjE,OAAO;QACL,KAAK;QACL,WAAW;QACX,cAAc,EAAE,IAAA,wBAAY,EAAC,cAAc,CAAC;KAC7C,CAAC;AACJ,CAAC;AAED,SAAgB,yBAAyB,CACvC,UAA6B,EAC7B,qBAAiC;IAEjC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,WAAW,EAAE,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC;IACjG,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvD,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,UAAU,CAAC,cAAc,CAAC,CAAC;IACpD,OAAO,IAAA,kBAAM,EAAC,YAAY,EAAE,GAAG,EAAE,qBAAqB,CAAC,CAAC;AAC1D,CAAC"}
|
package/dist/crypto.d.ts
ADDED
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Cryptographic operations: Ed25519 signing, X25519+XSalsa20-Poly1305 box.
|
|
3
|
+
* Product plan Section 8.2: Ed25519, X25519, XSalsa20-Poly1305.
|
|
4
|
+
*/
|
|
5
|
+
export interface Ed25519KeyPair {
|
|
6
|
+
publicKey: Uint8Array;
|
|
7
|
+
secretKey: Uint8Array;
|
|
8
|
+
}
|
|
9
|
+
export interface X25519KeyPair {
|
|
10
|
+
publicKey: Uint8Array;
|
|
11
|
+
secretKey: Uint8Array;
|
|
12
|
+
}
|
|
13
|
+
export declare function generateEd25519KeyPair(): Ed25519KeyPair;
|
|
14
|
+
export declare function generateX25519KeyPair(): X25519KeyPair;
|
|
15
|
+
export declare function sign(payload: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
16
|
+
export declare function verify(payload: Uint8Array, signature: Uint8Array, publicKey: Uint8Array): boolean;
|
|
17
|
+
/**
|
|
18
|
+
* NodeId = "am_" + base58(Ed25519 public key). Product plan Section 6.4.
|
|
19
|
+
*/
|
|
20
|
+
export declare function nodeIdFromPublicKey(ed25519PublicKey: Uint8Array): string;
|
|
21
|
+
/**
|
|
22
|
+
* Parse nodeId to Ed25519 public key bytes. Returns null if invalid.
|
|
23
|
+
*/
|
|
24
|
+
export declare function parseNodeId(nodeId: string): Uint8Array | null;
|
|
25
|
+
/**
|
|
26
|
+
* Encrypt payload for recipient using ephemeral sender key (X25519 box).
|
|
27
|
+
* Returns ciphertext, nonce, and ephemeral public key for the envelope.
|
|
28
|
+
*/
|
|
29
|
+
export declare function encrypt(payload: Uint8Array, recipientX25519PublicKey: Uint8Array): {
|
|
30
|
+
ciphertext: Uint8Array;
|
|
31
|
+
nonce: Uint8Array;
|
|
32
|
+
senderPublicKey: Uint8Array;
|
|
33
|
+
};
|
|
34
|
+
/**
|
|
35
|
+
* Decrypt payload from sender's ephemeral key using recipient's X25519 secret key.
|
|
36
|
+
*/
|
|
37
|
+
export declare function decrypt(ciphertext: Uint8Array, nonce: Uint8Array, senderEphemeralPublicKey: Uint8Array, recipientX25519SecretKey: Uint8Array): Uint8Array | null;
|
|
38
|
+
export declare function encodeBase64(bytes: Uint8Array): string;
|
|
39
|
+
export declare function decodeBase64(s: string): Uint8Array;
|
|
40
|
+
//# sourceMappingURL=crypto.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAAA;;;GAGG;AASH,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,UAAU,CAAC;IACtB,SAAS,EAAE,UAAU,CAAC;CACvB;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,UAAU,CAAC;IACtB,SAAS,EAAE,UAAU,CAAC;CACvB;AAED,wBAAgB,sBAAsB,IAAI,cAAc,CAGvD;AAED,wBAAgB,qBAAqB,IAAI,aAAa,CAGrD;AAED,wBAAgB,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,GAAG,UAAU,CAE3E;AAED,wBAAgB,MAAM,CAAC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,GAAG,OAAO,CAEjG;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,gBAAgB,EAAE,UAAU,GAAG,MAAM,CAExE;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI,CAU7D;AAED;;;GAGG;AACH,wBAAgB,OAAO,CACrB,OAAO,EAAE,UAAU,EACnB,wBAAwB,EAAE,UAAU,GACnC;IAAE,UAAU,EAAE,UAAU,CAAC;IAAC,KAAK,EAAE,UAAU,CAAC;IAAC,eAAe,EAAE,UAAU,CAAA;CAAE,CAS5E;AAED;;GAEG;AACH,wBAAgB,OAAO,CACrB,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,UAAU,EACjB,wBAAwB,EAAE,UAAU,EACpC,wBAAwB,EAAE,UAAU,GACnC,UAAU,GAAG,IAAI,CAEnB;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAEtD;AAED,wBAAgB,YAAY,CAAC,CAAC,EAAE,MAAM,GAAG,UAAU,CAElD"}
|
package/dist/crypto.js
ADDED
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Cryptographic operations: Ed25519 signing, X25519+XSalsa20-Poly1305 box.
|
|
4
|
+
* Product plan Section 8.2: Ed25519, X25519, XSalsa20-Poly1305.
|
|
5
|
+
*/
|
|
6
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
7
|
+
if (k2 === undefined) k2 = k;
|
|
8
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
9
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
10
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
11
|
+
}
|
|
12
|
+
Object.defineProperty(o, k2, desc);
|
|
13
|
+
}) : (function(o, m, k, k2) {
|
|
14
|
+
if (k2 === undefined) k2 = k;
|
|
15
|
+
o[k2] = m[k];
|
|
16
|
+
}));
|
|
17
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
18
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
19
|
+
}) : function(o, v) {
|
|
20
|
+
o["default"] = v;
|
|
21
|
+
});
|
|
22
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
23
|
+
var ownKeys = function(o) {
|
|
24
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
25
|
+
var ar = [];
|
|
26
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
27
|
+
return ar;
|
|
28
|
+
};
|
|
29
|
+
return ownKeys(o);
|
|
30
|
+
};
|
|
31
|
+
return function (mod) {
|
|
32
|
+
if (mod && mod.__esModule) return mod;
|
|
33
|
+
var result = {};
|
|
34
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
35
|
+
__setModuleDefault(result, mod);
|
|
36
|
+
return result;
|
|
37
|
+
};
|
|
38
|
+
})();
|
|
39
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
40
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
41
|
+
};
|
|
42
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
43
|
+
exports.generateEd25519KeyPair = generateEd25519KeyPair;
|
|
44
|
+
exports.generateX25519KeyPair = generateX25519KeyPair;
|
|
45
|
+
exports.sign = sign;
|
|
46
|
+
exports.verify = verify;
|
|
47
|
+
exports.nodeIdFromPublicKey = nodeIdFromPublicKey;
|
|
48
|
+
exports.parseNodeId = parseNodeId;
|
|
49
|
+
exports.encrypt = encrypt;
|
|
50
|
+
exports.decrypt = decrypt;
|
|
51
|
+
exports.encodeBase64 = encodeBase64;
|
|
52
|
+
exports.decodeBase64 = decodeBase64;
|
|
53
|
+
const nacl = __importStar(require("tweetnacl"));
|
|
54
|
+
const util = __importStar(require("tweetnacl-util"));
|
|
55
|
+
const bs58_1 = __importDefault(require("bs58"));
|
|
56
|
+
const NODE_ID_PREFIX = "am_";
|
|
57
|
+
const BOX_NONCE_LENGTH = 24;
|
|
58
|
+
function generateEd25519KeyPair() {
|
|
59
|
+
const kp = nacl.sign.keyPair();
|
|
60
|
+
return { publicKey: kp.publicKey, secretKey: kp.secretKey };
|
|
61
|
+
}
|
|
62
|
+
function generateX25519KeyPair() {
|
|
63
|
+
const kp = nacl.box.keyPair();
|
|
64
|
+
return { publicKey: kp.publicKey, secretKey: kp.secretKey };
|
|
65
|
+
}
|
|
66
|
+
function sign(payload, secretKey) {
|
|
67
|
+
return nacl.sign.detached(payload, secretKey);
|
|
68
|
+
}
|
|
69
|
+
function verify(payload, signature, publicKey) {
|
|
70
|
+
return nacl.sign.detached.verify(payload, signature, publicKey);
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* NodeId = "am_" + base58(Ed25519 public key). Product plan Section 6.4.
|
|
74
|
+
*/
|
|
75
|
+
function nodeIdFromPublicKey(ed25519PublicKey) {
|
|
76
|
+
return NODE_ID_PREFIX + bs58_1.default.encode(ed25519PublicKey);
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Parse nodeId to Ed25519 public key bytes. Returns null if invalid.
|
|
80
|
+
*/
|
|
81
|
+
function parseNodeId(nodeId) {
|
|
82
|
+
if (!nodeId.startsWith(NODE_ID_PREFIX))
|
|
83
|
+
return null;
|
|
84
|
+
const b58 = nodeId.slice(NODE_ID_PREFIX.length);
|
|
85
|
+
if (!b58)
|
|
86
|
+
return null;
|
|
87
|
+
try {
|
|
88
|
+
const bytes = bs58_1.default.decode(b58);
|
|
89
|
+
return bytes.length > 0 ? new Uint8Array(bytes) : null;
|
|
90
|
+
}
|
|
91
|
+
catch {
|
|
92
|
+
return null;
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
/**
|
|
96
|
+
* Encrypt payload for recipient using ephemeral sender key (X25519 box).
|
|
97
|
+
* Returns ciphertext, nonce, and ephemeral public key for the envelope.
|
|
98
|
+
*/
|
|
99
|
+
function encrypt(payload, recipientX25519PublicKey) {
|
|
100
|
+
const ephemeral = nacl.box.keyPair();
|
|
101
|
+
const nonce = nacl.randomBytes(BOX_NONCE_LENGTH);
|
|
102
|
+
const ciphertext = nacl.box(payload, nonce, recipientX25519PublicKey, ephemeral.secretKey);
|
|
103
|
+
return {
|
|
104
|
+
ciphertext,
|
|
105
|
+
nonce,
|
|
106
|
+
senderPublicKey: ephemeral.publicKey,
|
|
107
|
+
};
|
|
108
|
+
}
|
|
109
|
+
/**
|
|
110
|
+
* Decrypt payload from sender's ephemeral key using recipient's X25519 secret key.
|
|
111
|
+
*/
|
|
112
|
+
function decrypt(ciphertext, nonce, senderEphemeralPublicKey, recipientX25519SecretKey) {
|
|
113
|
+
return nacl.box.open(ciphertext, nonce, senderEphemeralPublicKey, recipientX25519SecretKey);
|
|
114
|
+
}
|
|
115
|
+
function encodeBase64(bytes) {
|
|
116
|
+
return util.encodeBase64(bytes);
|
|
117
|
+
}
|
|
118
|
+
function decodeBase64(s) {
|
|
119
|
+
return util.decodeBase64(s);
|
|
120
|
+
}
|
|
121
|
+
//# sourceMappingURL=crypto.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmBH,wDAGC;AAED,sDAGC;AAED,oBAEC;AAED,wBAEC;AAKD,kDAEC;AAKD,kCAUC;AAMD,0BAYC;AAKD,0BAOC;AAED,oCAEC;AAED,oCAEC;AA7FD,gDAAkC;AAClC,qDAAuC;AACvC,gDAAwB;AAExB,MAAM,cAAc,GAAG,KAAK,CAAC;AAC7B,MAAM,gBAAgB,GAAG,EAAE,CAAC;AAY5B,SAAgB,sBAAsB;IACpC,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;IAC/B,OAAO,EAAE,SAAS,EAAE,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,EAAE,CAAC,SAAS,EAAE,CAAC;AAC9D,CAAC;AAED,SAAgB,qBAAqB;IACnC,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;IAC9B,OAAO,EAAE,SAAS,EAAE,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,EAAE,CAAC,SAAS,EAAE,CAAC;AAC9D,CAAC;AAED,SAAgB,IAAI,CAAC,OAAmB,EAAE,SAAqB;IAC7D,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;AAChD,CAAC;AAED,SAAgB,MAAM,CAAC,OAAmB,EAAE,SAAqB,EAAE,SAAqB;IACtF,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;AAClE,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,gBAA4B;IAC9D,OAAO,cAAc,GAAG,cAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;AACxD,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,MAAc;IACxC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,cAAc,CAAC;QAAE,OAAO,IAAI,CAAC;IACpD,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAChD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,cAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC/B,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,OAAO,CACrB,OAAmB,EACnB,wBAAoC;IAEpC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;IACrC,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;IACjD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,wBAAwB,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;IAC3F,OAAO;QACL,UAAU;QACV,KAAK;QACL,eAAe,EAAE,SAAS,CAAC,SAAS;KACrC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,OAAO,CACrB,UAAsB,EACtB,KAAiB,EACjB,wBAAoC,EACpC,wBAAoC;IAEpC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,wBAAwB,EAAE,wBAAwB,CAAC,CAAC;AAC9F,CAAC;AAED,SAAgB,YAAY,CAAC,KAAiB;IAC5C,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;AAClC,CAAC;AAED,SAAgB,YAAY,CAAC,CAAS;IACpC,OAAO,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;AAC9B,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Minimal identity helper: keypair + nodeId. Full identity logic lives in daemon.
|
|
3
|
+
*/
|
|
4
|
+
import { type Ed25519KeyPair, type X25519KeyPair } from "./crypto.js";
|
|
5
|
+
export interface AgentIdentityKeys {
|
|
6
|
+
ed25519: Ed25519KeyPair;
|
|
7
|
+
x25519: X25519KeyPair;
|
|
8
|
+
nodeId: string;
|
|
9
|
+
}
|
|
10
|
+
export declare function createAgentIdentity(): AgentIdentityKeys;
|
|
11
|
+
//# sourceMappingURL=identity.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../src/identity.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAIL,KAAK,cAAc,EACnB,KAAK,aAAa,EACnB,MAAM,aAAa,CAAC;AAErB,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,cAAc,CAAC;IACxB,MAAM,EAAE,aAAa,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,wBAAgB,mBAAmB,IAAI,iBAAiB,CAKvD"}
|
package/dist/identity.js
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Minimal identity helper: keypair + nodeId. Full identity logic lives in daemon.
|
|
4
|
+
*/
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.createAgentIdentity = createAgentIdentity;
|
|
7
|
+
const crypto_js_1 = require("./crypto.js");
|
|
8
|
+
function createAgentIdentity() {
|
|
9
|
+
const ed25519 = (0, crypto_js_1.generateEd25519KeyPair)();
|
|
10
|
+
const x25519 = (0, crypto_js_1.generateX25519KeyPair)();
|
|
11
|
+
const nodeId = (0, crypto_js_1.nodeIdFromPublicKey)(ed25519.publicKey);
|
|
12
|
+
return { ed25519, x25519, nodeId };
|
|
13
|
+
}
|
|
14
|
+
//# sourceMappingURL=identity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.js","sourceRoot":"","sources":["../src/identity.ts"],"names":[],"mappings":";AAAA;;GAEG;;AAgBH,kDAKC;AAnBD,2CAMqB;AAQrB,SAAgB,mBAAmB;IACjC,MAAM,OAAO,GAAG,IAAA,kCAAsB,GAAE,CAAC;IACzC,MAAM,MAAM,GAAG,IAAA,iCAAqB,GAAE,CAAC;IACvC,MAAM,MAAM,GAAG,IAAA,+BAAmB,EAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACtD,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACrC,CAAC"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
export * from "./crypto.js";
|
|
2
|
+
export * from "./message.js";
|
|
3
|
+
export * from "./identity.js";
|
|
4
|
+
export * from "./capability.js";
|
|
5
|
+
export * from "./types.js";
|
|
6
|
+
export * from "./revocation.js";
|
|
7
|
+
export * from "./attestation.js";
|
|
8
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC;AAC7B,cAAc,eAAe,CAAC;AAC9B,cAAc,iBAAiB,CAAC;AAChC,cAAc,YAAY,CAAC;AAC3B,cAAc,iBAAiB,CAAC;AAChC,cAAc,kBAAkB,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./crypto.js"), exports);
|
|
18
|
+
__exportStar(require("./message.js"), exports);
|
|
19
|
+
__exportStar(require("./identity.js"), exports);
|
|
20
|
+
__exportStar(require("./capability.js"), exports);
|
|
21
|
+
__exportStar(require("./types.js"), exports);
|
|
22
|
+
__exportStar(require("./revocation.js"), exports);
|
|
23
|
+
__exportStar(require("./attestation.js"), exports);
|
|
24
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,8CAA4B;AAC5B,+CAA6B;AAC7B,gDAA8B;AAC9B,kDAAgC;AAChC,6CAA2B;AAC3B,kDAAgC;AAChC,mDAAiC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Message envelope: build, serialize, parse, verify. Product plan Section 6.4.
|
|
3
|
+
*/
|
|
4
|
+
import { type Ed25519KeyPair, type X25519KeyPair } from "./crypto.js";
|
|
5
|
+
import type { SignetEnvelopeWire, SignetEnvelope, MessagePayload, MessageCapability } from "./types.js";
|
|
6
|
+
export interface CreateEnvelopeOptions {
|
|
7
|
+
recipientX25519PublicKey: Uint8Array;
|
|
8
|
+
ownerAttestation?: string;
|
|
9
|
+
ownerPublicKey?: string;
|
|
10
|
+
replyTo?: string;
|
|
11
|
+
}
|
|
12
|
+
/**
|
|
13
|
+
* Build a wire envelope: encrypt payload for recipient, sign with from keypair.
|
|
14
|
+
*/
|
|
15
|
+
export declare function createEnvelope(fromEd25519: Ed25519KeyPair, _fromX25519: X25519KeyPair, toNodeId: string, payload: MessagePayload, capability: MessageCapability, options: CreateEnvelopeOptions): SignetEnvelopeWire;
|
|
16
|
+
export declare function serializeEnvelope(envelope: SignetEnvelopeWire): string;
|
|
17
|
+
export declare function parseEnvelope(json: string): SignetEnvelopeWire;
|
|
18
|
+
/**
|
|
19
|
+
* Verify envelope signature. Sender's Ed25519 public key must be provided (e.g. from registry).
|
|
20
|
+
*/
|
|
21
|
+
export declare function verifyEnvelope(envelope: SignetEnvelopeWire, senderEd25519PublicKey: Uint8Array): boolean;
|
|
22
|
+
/**
|
|
23
|
+
* Decrypt payload and return in-memory envelope. Caller must have verified signature first.
|
|
24
|
+
*/
|
|
25
|
+
export declare function decryptEnvelope(wire: SignetEnvelopeWire, recipientX25519SecretKey: Uint8Array): SignetEnvelope;
|
|
26
|
+
//# sourceMappingURL=message.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"message.d.ts","sourceRoot":"","sources":["../src/message.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAQL,KAAK,cAAc,EACnB,KAAK,aAAa,EACnB,MAAM,aAAa,CAAC;AACrB,OAAO,KAAK,EACV,kBAAkB,EAClB,cAAc,EAEd,cAAc,EACd,iBAAiB,EAElB,MAAM,YAAY,CAAC;AAkBpB,MAAM,WAAW,qBAAqB;IACpC,wBAAwB,EAAE,UAAU,CAAC;IACrC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,WAAW,EAAE,cAAc,EAC3B,WAAW,EAAE,aAAa,EAC1B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,cAAc,EACvB,UAAU,EAAE,iBAAiB,EAC7B,OAAO,EAAE,qBAAqB,GAC7B,kBAAkB,CAoCpB;AAkBD,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,kBAAkB,GAAG,MAAM,CAEtE;AAED,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,kBAAkB,CAa9D;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,QAAQ,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,UAAU,GAAG,OAAO,CAQxG;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,IAAI,EAAE,kBAAkB,EACxB,wBAAwB,EAAE,UAAU,GACnC,cAAc,CAQhB"}
|
package/dist/message.js
ADDED
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Message envelope: build, serialize, parse, verify. Product plan Section 6.4.
|
|
4
|
+
*/
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.createEnvelope = createEnvelope;
|
|
7
|
+
exports.serializeEnvelope = serializeEnvelope;
|
|
8
|
+
exports.parseEnvelope = parseEnvelope;
|
|
9
|
+
exports.verifyEnvelope = verifyEnvelope;
|
|
10
|
+
exports.decryptEnvelope = decryptEnvelope;
|
|
11
|
+
const crypto_js_1 = require("./crypto.js");
|
|
12
|
+
const types_js_1 = require("./types.js");
|
|
13
|
+
const ENCRYPTION_ALGORITHM = "x25519-xsalsa20-poly1305";
|
|
14
|
+
function randomId() {
|
|
15
|
+
const bytes = new Uint8Array(16);
|
|
16
|
+
if (typeof crypto !== "undefined" && crypto.getRandomValues) {
|
|
17
|
+
crypto.getRandomValues(bytes);
|
|
18
|
+
}
|
|
19
|
+
else {
|
|
20
|
+
for (let i = 0; i < 16; i++)
|
|
21
|
+
bytes[i] = Math.floor(Math.random() * 256);
|
|
22
|
+
}
|
|
23
|
+
const hex = Array.from(bytes)
|
|
24
|
+
.map((b) => b.toString(16).padStart(2, "0"))
|
|
25
|
+
.join("");
|
|
26
|
+
return "msg_" + hex;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Build a wire envelope: encrypt payload for recipient, sign with from keypair.
|
|
30
|
+
*/
|
|
31
|
+
function createEnvelope(fromEd25519, _fromX25519, toNodeId, payload, capability, options) {
|
|
32
|
+
const id = randomId();
|
|
33
|
+
const timestamp = new Date().toISOString();
|
|
34
|
+
const from = {
|
|
35
|
+
nodeId: (0, crypto_js_1.nodeIdFromPublicKey)(fromEd25519.publicKey),
|
|
36
|
+
...(options.ownerAttestation !== undefined && { ownerAttestation: options.ownerAttestation }),
|
|
37
|
+
...(options.ownerPublicKey !== undefined && { ownerPublicKey: options.ownerPublicKey }),
|
|
38
|
+
};
|
|
39
|
+
const payloadBytes = new TextEncoder().encode(JSON.stringify(payload));
|
|
40
|
+
const { ciphertext, nonce, senderPublicKey } = (0, crypto_js_1.encrypt)(payloadBytes, options.recipientX25519PublicKey);
|
|
41
|
+
const encryption = {
|
|
42
|
+
algorithm: ENCRYPTION_ALGORITHM,
|
|
43
|
+
nonce: (0, crypto_js_1.encodeBase64)(nonce),
|
|
44
|
+
senderPublicKey: (0, crypto_js_1.encodeBase64)(senderPublicKey),
|
|
45
|
+
};
|
|
46
|
+
const envelopeWithoutSig = {
|
|
47
|
+
protocol: types_js_1.PROTOCOL_VERSION,
|
|
48
|
+
id,
|
|
49
|
+
timestamp,
|
|
50
|
+
from,
|
|
51
|
+
to: toNodeId,
|
|
52
|
+
...(options.replyTo !== undefined && { replyTo: options.replyTo }),
|
|
53
|
+
capability,
|
|
54
|
+
payload: (0, crypto_js_1.encodeBase64)(ciphertext),
|
|
55
|
+
encryption,
|
|
56
|
+
signature: "",
|
|
57
|
+
};
|
|
58
|
+
const canonical = canonicalEnvelopeBytes(envelopeWithoutSig);
|
|
59
|
+
const sig = (0, crypto_js_1.sign)(canonical, fromEd25519.secretKey);
|
|
60
|
+
return {
|
|
61
|
+
...envelopeWithoutSig,
|
|
62
|
+
signature: (0, crypto_js_1.encodeBase64)(sig),
|
|
63
|
+
};
|
|
64
|
+
}
|
|
65
|
+
function canonicalEnvelopeBytes(envelope) {
|
|
66
|
+
const obj = {
|
|
67
|
+
protocol: envelope.protocol,
|
|
68
|
+
id: envelope.id,
|
|
69
|
+
timestamp: envelope.timestamp,
|
|
70
|
+
from: envelope.from,
|
|
71
|
+
to: envelope.to,
|
|
72
|
+
replyTo: envelope.replyTo,
|
|
73
|
+
capability: envelope.capability,
|
|
74
|
+
payload: envelope.payload,
|
|
75
|
+
encryption: envelope.encryption,
|
|
76
|
+
signature: envelope.signature,
|
|
77
|
+
};
|
|
78
|
+
return new TextEncoder().encode(JSON.stringify(obj));
|
|
79
|
+
}
|
|
80
|
+
function serializeEnvelope(envelope) {
|
|
81
|
+
return JSON.stringify(envelope);
|
|
82
|
+
}
|
|
83
|
+
function parseEnvelope(json) {
|
|
84
|
+
const raw = JSON.parse(json);
|
|
85
|
+
if (typeof raw !== "object" || raw === null)
|
|
86
|
+
throw new Error("Invalid envelope: not an object");
|
|
87
|
+
const e = raw;
|
|
88
|
+
for (const key of ["protocol", "id", "timestamp", "from", "to", "capability", "payload", "encryption", "signature"]) {
|
|
89
|
+
if (!(key in e))
|
|
90
|
+
throw new Error(`Invalid envelope: missing ${key}`);
|
|
91
|
+
}
|
|
92
|
+
const from = e.from;
|
|
93
|
+
if (!from.nodeId || typeof from.nodeId !== "string")
|
|
94
|
+
throw new Error("Invalid envelope: from.nodeId");
|
|
95
|
+
if (typeof e.to !== "string")
|
|
96
|
+
throw new Error("Invalid envelope: to");
|
|
97
|
+
if (typeof e.payload !== "string")
|
|
98
|
+
throw new Error("Invalid envelope: payload");
|
|
99
|
+
if (typeof e.signature !== "string")
|
|
100
|
+
throw new Error("Invalid envelope: signature");
|
|
101
|
+
return raw;
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* Verify envelope signature. Sender's Ed25519 public key must be provided (e.g. from registry).
|
|
105
|
+
*/
|
|
106
|
+
function verifyEnvelope(envelope, senderEd25519PublicKey) {
|
|
107
|
+
const envelopeWithoutSig = {
|
|
108
|
+
...envelope,
|
|
109
|
+
signature: "",
|
|
110
|
+
};
|
|
111
|
+
const canonical = canonicalEnvelopeBytes(envelopeWithoutSig);
|
|
112
|
+
const sig = (0, crypto_js_1.decodeBase64)(envelope.signature);
|
|
113
|
+
return (0, crypto_js_1.verify)(canonical, sig, senderEd25519PublicKey);
|
|
114
|
+
}
|
|
115
|
+
/**
|
|
116
|
+
* Decrypt payload and return in-memory envelope. Caller must have verified signature first.
|
|
117
|
+
*/
|
|
118
|
+
function decryptEnvelope(wire, recipientX25519SecretKey) {
|
|
119
|
+
const ciphertext = (0, crypto_js_1.decodeBase64)(wire.payload);
|
|
120
|
+
const nonce = (0, crypto_js_1.decodeBase64)(wire.encryption.nonce);
|
|
121
|
+
const senderPublicKey = (0, crypto_js_1.decodeBase64)(wire.encryption.senderPublicKey);
|
|
122
|
+
const plain = (0, crypto_js_1.decrypt)(ciphertext, nonce, senderPublicKey, recipientX25519SecretKey);
|
|
123
|
+
if (!plain)
|
|
124
|
+
throw new Error("Decryption failed");
|
|
125
|
+
const payload = JSON.parse(new TextDecoder().decode(plain));
|
|
126
|
+
return { ...wire, payload };
|
|
127
|
+
}
|
|
128
|
+
//# sourceMappingURL=message.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"message.js","sourceRoot":"","sources":["../src/message.ts"],"names":[],"mappings":";AAAA;;GAEG;;AAgDH,wCA2CC;AAkBD,8CAEC;AAED,sCAaC;AAKD,wCAQC;AAKD,0CAWC;AAzJD,2CAUqB;AASrB,yCAA8C;AAE9C,MAAM,oBAAoB,GAAG,0BAA0B,CAAC;AAExD,SAAS,QAAQ;IACf,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QAC5D,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;SAAM,CAAC;QACN,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;IAC1E,CAAC;IACD,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAC1B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;IACZ,OAAO,MAAM,GAAG,GAAG,CAAC;AACtB,CAAC;AASD;;GAEG;AACH,SAAgB,cAAc,CAC5B,WAA2B,EAC3B,WAA0B,EAC1B,QAAgB,EAChB,OAAuB,EACvB,UAA6B,EAC7B,OAA8B;IAE9B,MAAM,EAAE,GAAG,QAAQ,EAAE,CAAC;IACtB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,IAAI,GAAgB;QACxB,MAAM,EAAE,IAAA,+BAAmB,EAAC,WAAW,CAAC,SAAS,CAAC;QAClD,GAAG,CAAC,OAAO,CAAC,gBAAgB,KAAK,SAAS,IAAI,EAAE,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,EAAE,CAAC;QAC7F,GAAG,CAAC,OAAO,CAAC,cAAc,KAAK,SAAS,IAAI,EAAE,cAAc,EAAE,OAAO,CAAC,cAAc,EAAE,CAAC;KACxF,CAAC;IACF,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;IACvE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,eAAe,EAAE,GAAG,IAAA,mBAAO,EACpD,YAAY,EACZ,OAAO,CAAC,wBAAwB,CACjC,CAAC;IACF,MAAM,UAAU,GAAsB;QACpC,SAAS,EAAE,oBAAoB;QAC/B,KAAK,EAAE,IAAA,wBAAY,EAAC,KAAK,CAAC;QAC1B,eAAe,EAAE,IAAA,wBAAY,EAAC,eAAe,CAAC;KAC/C,CAAC;IACF,MAAM,kBAAkB,GAAkE;QACxF,QAAQ,EAAE,2BAAgB;QAC1B,EAAE;QACF,SAAS;QACT,IAAI;QACJ,EAAE,EAAE,QAAQ;QACZ,GAAG,CAAC,OAAO,CAAC,OAAO,KAAK,SAAS,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC;QAClE,UAAU;QACV,OAAO,EAAE,IAAA,wBAAY,EAAC,UAAU,CAAC;QACjC,UAAU;QACV,SAAS,EAAE,EAAE;KACd,CAAC;IACF,MAAM,SAAS,GAAG,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,WAAW,CAAC,SAAS,CAAC,CAAC;IACnD,OAAO;QACL,GAAG,kBAAkB;QACrB,SAAS,EAAE,IAAA,wBAAY,EAAC,GAAG,CAAC;KAC7B,CAAC;AACJ,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAuE;IACrG,MAAM,GAAG,GAAG;QACV,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,EAAE,EAAE,QAAQ,CAAC,EAAE;QACf,SAAS,EAAE,QAAQ,CAAC,SAAS;QAC7B,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,EAAE,EAAE,QAAQ,CAAC,EAAE;QACf,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;KAC9B,CAAC;IACF,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;AACvD,CAAC;AAED,SAAgB,iBAAiB,CAAC,QAA4B;IAC5D,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;AAClC,CAAC;AAED,SAAgB,aAAa,CAAC,IAAY;IACxC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAY,CAAC;IACxC,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAChG,MAAM,CAAC,GAAG,GAA8B,CAAC;IACzC,KAAK,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,EAAE,CAAC;QACpH,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAG,EAAE,CAAC,CAAC;IACvE,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,CAAC,IAAmB,CAAC;IACnC,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACtG,IAAI,OAAO,CAAC,CAAC,EAAE,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IACtE,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAChF,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACpF,OAAO,GAAyB,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,QAA4B,EAAE,sBAAkC;IAC7F,MAAM,kBAAkB,GAAkE;QACxF,GAAG,QAAQ;QACX,SAAS,EAAE,EAAE;KACd,CAAC;IACF,MAAM,SAAS,GAAG,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAC7C,OAAO,IAAA,kBAAM,EAAC,SAAS,EAAE,GAAG,EAAE,sBAAsB,CAAC,CAAC;AACxD,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAC7B,IAAwB,EACxB,wBAAoC;IAEpC,MAAM,UAAU,GAAG,IAAA,wBAAY,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,KAAK,GAAG,IAAA,wBAAY,EAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IAClD,MAAM,eAAe,GAAG,IAAA,wBAAY,EAAC,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;IACtE,MAAM,KAAK,GAAG,IAAA,mBAAO,EAAC,UAAU,EAAE,KAAK,EAAE,eAAe,EAAE,wBAAwB,CAAC,CAAC;IACpF,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACjD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAmB,CAAC;IAC9E,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC;AAC9B,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Key revocation: create, serialize, and verify revocation notices.
|
|
3
|
+
*/
|
|
4
|
+
import type { KeyRevocation } from "./types.js";
|
|
5
|
+
export declare function createKeyRevocation(revokedNodeId: string, reason: KeyRevocation["reason"], ownerEd25519SecretKey: Uint8Array, ownerEd25519PublicKey: Uint8Array, replacementNodeId?: string): KeyRevocation;
|
|
6
|
+
export declare function verifyKeyRevocation(revocation: KeyRevocation): boolean;
|
|
7
|
+
//# sourceMappingURL=revocation.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"revocation.d.ts","sourceRoot":"","sources":["../src/revocation.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAOhD,wBAAgB,mBAAmB,CACjC,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,aAAa,CAAC,QAAQ,CAAC,EAC/B,qBAAqB,EAAE,UAAU,EACjC,qBAAqB,EAAE,UAAU,EACjC,iBAAiB,CAAC,EAAE,MAAM,GACzB,aAAa,CAYf;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,aAAa,GAAG,OAAO,CActE"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Key revocation: create, serialize, and verify revocation notices.
|
|
4
|
+
*/
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.createKeyRevocation = createKeyRevocation;
|
|
7
|
+
exports.verifyKeyRevocation = verifyKeyRevocation;
|
|
8
|
+
const crypto_js_1 = require("./crypto.js");
|
|
9
|
+
function canonicalRevocationBytes(revokedNodeId, revokedAt, reason, replacementNodeId) {
|
|
10
|
+
const obj = { revokedNodeId, revokedAt, reason, ...(replacementNodeId && { replacementNodeId }) };
|
|
11
|
+
return new TextEncoder().encode(JSON.stringify(obj));
|
|
12
|
+
}
|
|
13
|
+
function createKeyRevocation(revokedNodeId, reason, ownerEd25519SecretKey, ownerEd25519PublicKey, replacementNodeId) {
|
|
14
|
+
const revokedAt = new Date().toISOString();
|
|
15
|
+
const canonical = canonicalRevocationBytes(revokedNodeId, revokedAt, reason, replacementNodeId);
|
|
16
|
+
const sig = (0, crypto_js_1.sign)(canonical, ownerEd25519SecretKey);
|
|
17
|
+
return {
|
|
18
|
+
revokedNodeId,
|
|
19
|
+
revokedAt,
|
|
20
|
+
reason,
|
|
21
|
+
...(replacementNodeId && { replacementNodeId }),
|
|
22
|
+
ownerSignature: (0, crypto_js_1.encodeBase64)(sig),
|
|
23
|
+
ownerPublicKey: (0, crypto_js_1.encodeBase64)(ownerEd25519PublicKey),
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
function verifyKeyRevocation(revocation) {
|
|
27
|
+
try {
|
|
28
|
+
const canonical = canonicalRevocationBytes(revocation.revokedNodeId, revocation.revokedAt, revocation.reason, revocation.replacementNodeId);
|
|
29
|
+
const sig = (0, crypto_js_1.decodeBase64)(revocation.ownerSignature);
|
|
30
|
+
const pubKey = (0, crypto_js_1.decodeBase64)(revocation.ownerPublicKey);
|
|
31
|
+
return (0, crypto_js_1.verify)(canonical, sig, pubKey);
|
|
32
|
+
}
|
|
33
|
+
catch {
|
|
34
|
+
return false;
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
//# sourceMappingURL=revocation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"revocation.js","sourceRoot":"","sources":["../src/revocation.ts"],"names":[],"mappings":";AAAA;;GAEG;;AAUH,kDAkBC;AAED,kDAcC;AA1CD,2CAAuE;AAGvE,SAAS,wBAAwB,CAAC,aAAqB,EAAE,SAAiB,EAAE,MAAc,EAAE,iBAA0B;IACpH,MAAM,GAAG,GAAG,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,iBAAiB,IAAI,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAC;IAClG,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;AACvD,CAAC;AAED,SAAgB,mBAAmB,CACjC,aAAqB,EACrB,MAA+B,EAC/B,qBAAiC,EACjC,qBAAiC,EACjC,iBAA0B;IAE1B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,SAAS,GAAG,wBAAwB,CAAC,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,iBAAiB,CAAC,CAAC;IAChG,MAAM,GAAG,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,qBAAqB,CAAC,CAAC;IACnD,OAAO;QACL,aAAa;QACb,SAAS;QACT,MAAM;QACN,GAAG,CAAC,iBAAiB,IAAI,EAAE,iBAAiB,EAAE,CAAC;QAC/C,cAAc,EAAE,IAAA,wBAAY,EAAC,GAAG,CAAC;QACjC,cAAc,EAAE,IAAA,wBAAY,EAAC,qBAAqB,CAAC;KACpD,CAAC;AACJ,CAAC;AAED,SAAgB,mBAAmB,CAAC,UAAyB;IAC3D,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,wBAAwB,CACxC,UAAU,CAAC,aAAa,EACxB,UAAU,CAAC,SAAS,EACpB,UAAU,CAAC,MAAM,EACjB,UAAU,CAAC,iBAAiB,CAC7B,CAAC;QACF,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,UAAU,CAAC,cAAc,CAAC,CAAC;QACpD,MAAM,MAAM,GAAG,IAAA,wBAAY,EAAC,UAAU,CAAC,cAAc,CAAC,CAAC;QACvD,OAAO,IAAA,kBAAM,EAAC,SAAS,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Signet protocol types (aligned with product plan Section 6.4).
|
|
3
|
+
*/
|
|
4
|
+
export declare const PROTOCOL_VERSION = "Signet/1.0";
|
|
5
|
+
export interface MessageFrom {
|
|
6
|
+
nodeId: string;
|
|
7
|
+
ownerAttestation?: string;
|
|
8
|
+
/** Base64-encoded Ed25519 public key of the agent's owner (for attestation/capability verification). */
|
|
9
|
+
ownerPublicKey?: string;
|
|
10
|
+
}
|
|
11
|
+
export interface KeyRevocation {
|
|
12
|
+
/** The nodeId whose key is being revoked. */
|
|
13
|
+
revokedNodeId: string;
|
|
14
|
+
/** ISO timestamp of the revocation. */
|
|
15
|
+
revokedAt: string;
|
|
16
|
+
/** Reason for revocation (compromise, rotation, decommission). */
|
|
17
|
+
reason: "compromise" | "rotation" | "decommission";
|
|
18
|
+
/** Optional replacement nodeId (when reason is "rotation"). */
|
|
19
|
+
replacementNodeId?: string;
|
|
20
|
+
/** Base64 Ed25519 signature of the canonical revocation payload, signed by the owner key. */
|
|
21
|
+
ownerSignature: string;
|
|
22
|
+
/** Base64 Ed25519 public key of the owner who signed the revocation. */
|
|
23
|
+
ownerPublicKey: string;
|
|
24
|
+
}
|
|
25
|
+
export interface MessageCapability {
|
|
26
|
+
scope: string;
|
|
27
|
+
constraints: Record<string, unknown>;
|
|
28
|
+
ownerSignature: string;
|
|
29
|
+
}
|
|
30
|
+
export interface MessagePayload {
|
|
31
|
+
type: string;
|
|
32
|
+
version: string;
|
|
33
|
+
content: Record<string, unknown>;
|
|
34
|
+
}
|
|
35
|
+
export interface MessageEncryption {
|
|
36
|
+
algorithm: string;
|
|
37
|
+
nonce: string;
|
|
38
|
+
senderPublicKey: string;
|
|
39
|
+
}
|
|
40
|
+
/** Wire envelope: payload is base64-encoded ciphertext. */
|
|
41
|
+
export interface SignetEnvelopeWire {
|
|
42
|
+
protocol: string;
|
|
43
|
+
id: string;
|
|
44
|
+
timestamp: string;
|
|
45
|
+
from: MessageFrom;
|
|
46
|
+
to: string;
|
|
47
|
+
replyTo?: string;
|
|
48
|
+
capability: MessageCapability;
|
|
49
|
+
payload: string;
|
|
50
|
+
encryption: MessageEncryption;
|
|
51
|
+
signature: string;
|
|
52
|
+
}
|
|
53
|
+
/** In-memory envelope after decryption: payload is plain MessagePayload. */
|
|
54
|
+
export interface SignetEnvelope extends Omit<SignetEnvelopeWire, "payload"> {
|
|
55
|
+
payload: MessagePayload;
|
|
56
|
+
}
|
|
57
|
+
/** Escrow type for payment flows. */
|
|
58
|
+
export type EscrowType = "immediate" | "on_delivery" | "milestone" | "time_release";
|
|
59
|
+
/** Payment status in the lifecycle. */
|
|
60
|
+
export type PaymentStatus = "pending" | "initiated" | "confirmed" | "delivered" | "released" | "complete" | "cancelled" | "disputed" | "refund_requested" | "refund_complete";
|
|
61
|
+
/** Terms for a payment (delivery, auto-release, cancellation). */
|
|
62
|
+
export interface PaymentTerms {
|
|
63
|
+
delivery_deadline?: string;
|
|
64
|
+
auto_release_hours?: number;
|
|
65
|
+
cancellation_policy?: string;
|
|
66
|
+
}
|
|
67
|
+
/** Carried in payload.content for every payment.* message. */
|
|
68
|
+
export interface PaymentContext {
|
|
69
|
+
payment_id: string;
|
|
70
|
+
stripe_payment_intent_id?: string;
|
|
71
|
+
amount: number;
|
|
72
|
+
currency: string;
|
|
73
|
+
description?: string;
|
|
74
|
+
escrow_type: EscrowType;
|
|
75
|
+
platform_fee_percent?: number;
|
|
76
|
+
buyer_agent_id: string;
|
|
77
|
+
seller_agent_id: string;
|
|
78
|
+
terms?: PaymentTerms;
|
|
79
|
+
status: PaymentStatus;
|
|
80
|
+
}
|
|
81
|
+
/** Payment message payload types (payload.type). */
|
|
82
|
+
export declare const PAYMENT_MESSAGE_TYPES: readonly ["payment.service_request", "payment.service_offer", "payment.initiate", "payment.confirmed", "payment.service_delivered", "payment.release", "payment.complete", "payment.cancelled", "payment.disputed", "payment.refund_requested", "payment.refund_complete"];
|
|
83
|
+
export type PaymentMessageType = (typeof PAYMENT_MESSAGE_TYPES)[number];
|
|
84
|
+
/** Spending policy (capability token extension and daemon config). */
|
|
85
|
+
export interface PaymentPolicy {
|
|
86
|
+
enabled: boolean;
|
|
87
|
+
max_single_payment_usd?: number;
|
|
88
|
+
max_daily_spend_usd?: number;
|
|
89
|
+
max_monthly_spend_usd?: number;
|
|
90
|
+
auto_approve_below_usd?: number;
|
|
91
|
+
require_human_approval_above_usd?: number;
|
|
92
|
+
allowed_categories?: string[];
|
|
93
|
+
blocked_agents?: string[];
|
|
94
|
+
require_signet_verified_sellers?: boolean;
|
|
95
|
+
}
|
|
96
|
+
/** Agent profile payment fields (directory API). */
|
|
97
|
+
export interface AgentPaymentProfile {
|
|
98
|
+
accepts_payments: boolean;
|
|
99
|
+
payment_terms?: {
|
|
100
|
+
default_escrow?: EscrowType;
|
|
101
|
+
min_amount_usd?: number;
|
|
102
|
+
categories?: string[];
|
|
103
|
+
[key: string]: unknown;
|
|
104
|
+
};
|
|
105
|
+
}
|
|
106
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,eAAO,MAAM,gBAAgB,eAAe,CAAC;AAE7C,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,wGAAwG;IACxG,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAMD,MAAM,WAAW,aAAa;IAC5B,6CAA6C;IAC7C,aAAa,EAAE,MAAM,CAAC;IACtB,uCAAuC;IACvC,SAAS,EAAE,MAAM,CAAC;IAClB,kEAAkE;IAClE,MAAM,EAAE,YAAY,GAAG,UAAU,GAAG,cAAc,CAAC;IACnD,+DAA+D;IAC/D,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,6FAA6F;IAC7F,cAAc,EAAE,MAAM,CAAC;IACvB,wEAAwE;IACxE,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,2DAA2D;AAC3D,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,WAAW,CAAC;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,iBAAiB,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,iBAAiB,CAAC;IAC9B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,4EAA4E;AAC5E,MAAM,WAAW,cAAe,SAAQ,IAAI,CAAC,kBAAkB,EAAE,SAAS,CAAC;IACzE,OAAO,EAAE,cAAc,CAAC;CACzB;AAMD,qCAAqC;AACrC,MAAM,MAAM,UAAU,GAAG,WAAW,GAAG,aAAa,GAAG,WAAW,GAAG,cAAc,CAAC;AAEpF,uCAAuC;AACvC,MAAM,MAAM,aAAa,GACrB,SAAS,GACT,WAAW,GACX,WAAW,GACX,WAAW,GACX,UAAU,GACV,UAAU,GACV,WAAW,GACX,UAAU,GACV,kBAAkB,GAClB,iBAAiB,CAAC;AAEtB,kEAAkE;AAClE,MAAM,WAAW,YAAY;IAC3B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,8DAA8D;AAC9D,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,UAAU,CAAC;IACxB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,KAAK,CAAC,EAAE,YAAY,CAAC;IACrB,MAAM,EAAE,aAAa,CAAC;CACvB;AAED,oDAAoD;AACpD,eAAO,MAAM,qBAAqB,4QAYxB,CAAC;AAEX,MAAM,MAAM,kBAAkB,GAAG,CAAC,OAAO,qBAAqB,CAAC,CAAC,MAAM,CAAC,CAAC;AAExE,sEAAsE;AACtE,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,gCAAgC,CAAC,EAAE,MAAM,CAAC;IAC1C,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,+BAA+B,CAAC,EAAE,OAAO,CAAC;CAC3C;AAED,oDAAoD;AACpD,MAAM,WAAW,mBAAmB;IAClC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,aAAa,CAAC,EAAE;QACd,cAAc,CAAC,EAAE,UAAU,CAAC;QAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;QACtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC;CACH"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Signet protocol types (aligned with product plan Section 6.4).
|
|
4
|
+
*/
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.PAYMENT_MESSAGE_TYPES = exports.PROTOCOL_VERSION = void 0;
|
|
7
|
+
exports.PROTOCOL_VERSION = "Signet/1.0";
|
|
8
|
+
/** Payment message payload types (payload.type). */
|
|
9
|
+
exports.PAYMENT_MESSAGE_TYPES = [
|
|
10
|
+
"payment.service_request",
|
|
11
|
+
"payment.service_offer",
|
|
12
|
+
"payment.initiate",
|
|
13
|
+
"payment.confirmed",
|
|
14
|
+
"payment.service_delivered",
|
|
15
|
+
"payment.release",
|
|
16
|
+
"payment.complete",
|
|
17
|
+
"payment.cancelled",
|
|
18
|
+
"payment.disputed",
|
|
19
|
+
"payment.refund_requested",
|
|
20
|
+
"payment.refund_complete",
|
|
21
|
+
];
|
|
22
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEU,QAAA,gBAAgB,GAAG,YAAY,CAAC;AA2G7C,oDAAoD;AACvC,QAAA,qBAAqB,GAAG;IACnC,yBAAyB;IACzB,uBAAuB;IACvB,kBAAkB;IAClB,mBAAmB;IACnB,2BAA2B;IAC3B,iBAAiB;IACjB,kBAAkB;IAClB,mBAAmB;IACnB,kBAAkB;IAClB,0BAA0B;IAC1B,yBAAyB;CACjB,CAAC"}
|
package/package.json
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@onsignet/core",
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"description": "Signet protocol core: crypto, message format, identity",
|
|
5
|
+
"license": "MIT",
|
|
6
|
+
"main": "dist/index.js",
|
|
7
|
+
"types": "dist/index.d.ts",
|
|
8
|
+
"files": [
|
|
9
|
+
"dist/",
|
|
10
|
+
"README.md"
|
|
11
|
+
],
|
|
12
|
+
"scripts": {
|
|
13
|
+
"build": "tsc",
|
|
14
|
+
"clean": "rm -rf dist",
|
|
15
|
+
"lint": "eslint src tests --ext .ts",
|
|
16
|
+
"typecheck": "tsc --noEmit",
|
|
17
|
+
"test": "npx vitest run"
|
|
18
|
+
},
|
|
19
|
+
"dependencies": {
|
|
20
|
+
"bs58": "^5.0.0",
|
|
21
|
+
"tweetnacl": "^1.0.3",
|
|
22
|
+
"tweetnacl-util": "^0.15.1"
|
|
23
|
+
},
|
|
24
|
+
"devDependencies": {
|
|
25
|
+
"tsx": "^4.6.0",
|
|
26
|
+
"vitest": "^1.0.0"
|
|
27
|
+
}
|
|
28
|
+
}
|