@opendatalabs/personal-server-ts-core 0.0.1-canary.0078f25

package/dist/signing/eip712.js

@@ -0,0 +1,68 @@
+/**
+ * EIP-712 domain and type definitions for gateway write operations.
+ * Must match the gateway's lib/eip712.ts exactly.
+ */
+const DOMAIN_NAME = "Vana Data Portability";
+const DOMAIN_VERSION = "1";
+/** Build a domain for a specific verifying contract. */
+function buildDomain(chainId, verifyingContract) {
+    return {
+        name: DOMAIN_NAME,
+        version: DOMAIN_VERSION,
+        chainId,
+        verifyingContract,
+    };
+}
+export function fileRegistrationDomain(config) {
+    return buildDomain(config.chainId, config.contracts.dataRegistry);
+}
+export function grantRegistrationDomain(config) {
+    return buildDomain(config.chainId, config.contracts.dataPortabilityPermissions);
+}
+export function grantRevocationDomain(config) {
+    return buildDomain(config.chainId, config.contracts.dataPortabilityPermissions);
+}
+export const FILE_REGISTRATION_TYPES = {
+    FileRegistration: [
+        { name: "ownerAddress", type: "address" },
+        { name: "url", type: "string" },
+        { name: "schemaId", type: "bytes32" },
+    ],
+};
+export const GRANT_REGISTRATION_TYPES = {
+    GrantRegistration: [
+        { name: "grantorAddress", type: "address" },
+        { name: "granteeId", type: "bytes32" },
+        { name: "grant", type: "string" },
+        { name: "fileIds", type: "uint256[]" },
+    ],
+};
+export const GRANT_REVOCATION_TYPES = {
+    GrantRevocation: [
+        { name: "grantorAddress", type: "address" },
+        { name: "grantId", type: "bytes32" },
+    ],
+};
+export function serverRegistrationDomain(config) {
+    return buildDomain(config.chainId, config.contracts.dataPortabilityServer);
+}
+export const SERVER_REGISTRATION_TYPES = {
+    ServerRegistration: [
+        { name: "ownerAddress", type: "address" },
+        { name: "serverAddress", type: "address" },
+        { name: "publicKey", type: "string" },
+        { name: "serverUrl", type: "string" },
+    ],
+};
+export function builderRegistrationDomain(config) {
+    return buildDomain(config.chainId, config.contracts.dataPortabilityGrantees);
+}
+export const BUILDER_REGISTRATION_TYPES = {
+    BuilderRegistration: [
+        { name: "ownerAddress", type: "address" },
+        { name: "granteeAddress", type: "address" },
+        { name: "publicKey", type: "string" },
+        { name: "appUrl", type: "string" },
+    ],
+};
+//# sourceMappingURL=eip712.js.map

package/dist/signing/eip712.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"eip712.js","sourceRoot":"","sources":["../../src/signing/eip712.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,MAAM,WAAW,GAAG,uBAAuB,CAAC;AAC5C,MAAM,cAAc,GAAG,GAAG,CAAC;AAE3B,wDAAwD;AACxD,SAAS,WAAW,CAClB,OAAe,EACf,iBAAgC;IAEhC,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,cAAc;QACvB,OAAO;QACP,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,MAAqB;IAC1D,OAAO,WAAW,CAChB,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,SAAS,CAAC,YAA6B,CAC/C,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,MAAqB;IAErB,OAAO,WAAW,CAChB,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,SAAS,CAAC,0BAA2C,CAC7D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAAqB;IACzD,OAAO,WAAW,CAChB,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,SAAS,CAAC,0BAA2C,CAC7D,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,gBAAgB,EAAE;QAChB,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,SAAS,EAAE;QACzC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE;QAC/B,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE;KACtC;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,iBAAiB,EAAE;QACjB,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,SAAS,EAAE;QAC3C,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE;QACtC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE;QACjC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE;KACvC;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,eAAe,EAAE;QACf,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,SAAS,EAAE;QAC3C,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE;KACrC;CACF,CAAC;AAoBF,MAAM,UAAU,wBAAwB,CACtC,MAAqB;IAErB,OAAO,WAAW,CAChB,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,SAAS,CAAC,qBAAsC,CACxD,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,yBAAyB,GAAG;IACvC,kBAAkB,EAAE;QAClB,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,SAAS,EAAE;QACzC,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,SAAS,EAAE;QAC1C,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE;QACrC,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE;KACtC;CACF,CAAC;AASF,MAAM,UAAU,yBAAyB,CACvC,MAAqB;IAErB,OAAO,WAAW,CAChB,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,SAAS,CAAC,uBAAwC,CAC1D,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,mBAAmB,EAAE;QACnB,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,SAAS,EAAE;QACzC,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,SAAS,EAAE;QAC3C,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE;QACrC,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE;KACnC;CACF,CAAC"}

package/dist/signing/index.d.ts

@@ -0,0 +1,4 @@
+export { fileRegistrationDomain, grantRegistrationDomain, grantRevocationDomain, serverRegistrationDomain, builderRegistrationDomain, FILE_REGISTRATION_TYPES, GRANT_REGISTRATION_TYPES, GRANT_REVOCATION_TYPES, SERVER_REGISTRATION_TYPES, BUILDER_REGISTRATION_TYPES, type FileRegistrationMessage, type GrantRegistrationMessage, type GrantRevocationMessage, type ServerRegistrationMessage, type BuilderRegistrationMessage, } from "./eip712.js";
+export { createServerSigner, type ServerSigner } from "./signer.js";
+export { createRequestSigner } from "./request-signer.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/signing/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/signing/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EACvB,qBAAqB,EACrB,wBAAwB,EACxB,yBAAyB,EACzB,uBAAuB,EACvB,wBAAwB,EACxB,sBAAsB,EACtB,yBAAyB,EACzB,0BAA0B,EAC1B,KAAK,uBAAuB,EAC5B,KAAK,wBAAwB,EAC7B,KAAK,sBAAsB,EAC3B,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,GAChC,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,kBAAkB,EAAE,KAAK,YAAY,EAAE,MAAM,aAAa,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC"}

package/dist/signing/index.js

@@ -0,0 +1,4 @@
+export { fileRegistrationDomain, grantRegistrationDomain, grantRevocationDomain, serverRegistrationDomain, builderRegistrationDomain, FILE_REGISTRATION_TYPES, GRANT_REGISTRATION_TYPES, GRANT_REVOCATION_TYPES, SERVER_REGISTRATION_TYPES, BUILDER_REGISTRATION_TYPES, } from "./eip712.js";
+export { createServerSigner } from "./signer.js";
+export { createRequestSigner } from "./request-signer.js";
+//# sourceMappingURL=index.js.map

package/dist/signing/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/signing/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EACvB,qBAAqB,EACrB,wBAAwB,EACxB,yBAAyB,EACzB,uBAAuB,EACvB,wBAAwB,EACxB,sBAAsB,EACtB,yBAAyB,EACzB,0BAA0B,GAM3B,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,kBAAkB,EAAqB,MAAM,aAAa,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC"}

package/dist/signing/request-signer.d.ts

@@ -0,0 +1,12 @@
+/**
+ * RequestSigner — produces Web3Signed Authorization headers for HTTP requests.
+ * Used by the Vana Storage adapter for authenticated blob operations.
+ */
+import type { ServerAccount } from "../keys/server-account.js";
+import type { RequestSigner } from "../storage/adapters/vana.js";
+/**
+ * Create a RequestSigner that produces Web3Signed Authorization headers
+ * using the server account's EIP-191 signing capability.
+ */
+export declare function createRequestSigner(account: ServerAccount): RequestSigner;
+//# sourceMappingURL=request-signer.d.ts.map

package/dist/signing/request-signer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-signer.d.ts","sourceRoot":"","sources":["../../src/signing/request-signer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAWjE;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,aAAa,GAAG,aAAa,CAuCzE"}

package/dist/signing/request-signer.js

@@ -0,0 +1,48 @@
+/**
+ * RequestSigner — produces Web3Signed Authorization headers for HTTP requests.
+ * Used by the Vana Storage adapter for authenticated blob operations.
+ */
+import { createHash } from "node:crypto";
+/** Base64url encode a string (no padding). */
+function base64urlEncode(input) {
+    return Buffer.from(input, "utf-8")
+        .toString("base64")
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=+$/, "");
+}
+/**
+ * Create a RequestSigner that produces Web3Signed Authorization headers
+ * using the server account's EIP-191 signing capability.
+ */
+export function createRequestSigner(account) {
+    return {
+        async signRequest(params) {
+            const now = Math.floor(Date.now() / 1000);
+            const payload = {
+                aud: params.aud,
+                // SHA256 of empty string is a well-known constant
+                bodyHash: params.body
+                    ? `sha256:${createHash("sha256").update(params.body).digest("hex")}`
+                    : "sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
+                exp: now + 300,
+                iat: now,
+                method: params.method,
+                uri: params.uri,
+            };
+            // Sort keys for deterministic serialization
+            const sortedPayload = Object.keys(payload)
+                .sort()
+                .reduce((acc, key) => {
+                acc[key] = payload[key];
+                return acc;
+            }, {});
+            const payloadJson = JSON.stringify(sortedPayload);
+            const payloadBase64 = base64urlEncode(payloadJson);
+            // Sign the base64url string via EIP-191
+            const signature = await account.signMessage(payloadBase64);
+            return `Web3Signed ${payloadBase64}.${signature}`;
+        },
+    };
+}
+//# sourceMappingURL=request-signer.js.map

package/dist/signing/request-signer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-signer.js","sourceRoot":"","sources":["../../src/signing/request-signer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAIzC,8CAA8C;AAC9C,SAAS,eAAe,CAAC,KAAa;IACpC,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC;SAC/B,QAAQ,CAAC,QAAQ,CAAC;SAClB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAsB;IACxD,OAAO;QACL,KAAK,CAAC,WAAW,CAAC,MAKjB;YACC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAE1C,MAAM,OAAO,GAA4B;gBACvC,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,kDAAkD;gBAClD,QAAQ,EAAE,MAAM,CAAC,IAAI;oBACnB,CAAC,CAAC,UAAU,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE;oBACpE,CAAC,CAAC,yEAAyE;gBAC7E,GAAG,EAAE,GAAG,GAAG,GAAG;gBACd,GAAG,EAAE,GAAG;gBACR,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,GAAG,EAAE,MAAM,CAAC,GAAG;aAChB,CAAC;YAEF,4CAA4C;YAC5C,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;iBACvC,IAAI,EAAE;iBACN,MAAM,CAA0B,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;gBAC5C,GAAG,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;gBACxB,OAAO,GAAG,CAAC;YACb,CAAC,EAAE,EAAE,CAAC,CAAC;YAET,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;YAClD,MAAM,aAAa,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;YAEnD,wCAAwC;YACxC,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;YAE3D,OAAO,cAAc,aAAa,IAAI,SAAS,EAAE,CAAC;QACpD,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/signing/signer.d.ts

@@ -0,0 +1,14 @@
+/**
+ * ServerSigner — signs EIP-712 messages for gateway write operations.
+ * Uses the ServerAccount's derived key for all signatures.
+ */
+import type { ServerAccount } from "../keys/server-account.js";
+import type { GatewayConfig } from "../schemas/server-config.js";
+import { type FileRegistrationMessage, type GrantRegistrationMessage, type GrantRevocationMessage } from "./eip712.js";
+export interface ServerSigner {
+    signFileRegistration(msg: FileRegistrationMessage): Promise<`0x${string}`>;
+    signGrantRegistration(msg: GrantRegistrationMessage): Promise<`0x${string}`>;
+    signGrantRevocation(msg: GrantRevocationMessage): Promise<`0x${string}`>;
+}
+export declare function createServerSigner(account: ServerAccount, gatewayConfig: GatewayConfig): ServerSigner;
+//# sourceMappingURL=signer.d.ts.map

package/dist/signing/signer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../src/signing/signer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAOL,KAAK,uBAAuB,EAC5B,KAAK,wBAAwB,EAC7B,KAAK,sBAAsB,EAC5B,MAAM,aAAa,CAAC;AAErB,MAAM,WAAW,YAAY;IAC3B,oBAAoB,CAAC,GAAG,EAAE,uBAAuB,GAAG,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;IAC3E,qBAAqB,CAAC,GAAG,EAAE,wBAAwB,GAAG,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;IAC7E,mBAAmB,CAAC,GAAG,EAAE,sBAAsB,GAAG,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;CAC1E;AAED,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,aAAa,EACtB,aAAa,EAAE,aAAa,GAC3B,YAAY,CAsCd"}

package/dist/signing/signer.js

@@ -0,0 +1,37 @@
+/**
+ * ServerSigner — signs EIP-712 messages for gateway write operations.
+ * Uses the ServerAccount's derived key for all signatures.
+ */
+import { fileRegistrationDomain, grantRegistrationDomain, grantRevocationDomain, FILE_REGISTRATION_TYPES, GRANT_REGISTRATION_TYPES, GRANT_REVOCATION_TYPES, } from "./eip712.js";
+export function createServerSigner(account, gatewayConfig) {
+    return {
+        async signFileRegistration(msg) {
+            return account.signTypedData({
+                domain: fileRegistrationDomain(gatewayConfig),
+                types: FILE_REGISTRATION_TYPES,
+                primaryType: "FileRegistration",
+                message: msg,
+            });
+        },
+        async signGrantRegistration(msg) {
+            return account.signTypedData({
+                domain: grantRegistrationDomain(gatewayConfig),
+                types: GRANT_REGISTRATION_TYPES,
+                primaryType: "GrantRegistration",
+                message: {
+                    ...msg,
+                    fileIds: msg.fileIds.map((id) => id),
+                },
+            });
+        },
+        async signGrantRevocation(msg) {
+            return account.signTypedData({
+                domain: grantRevocationDomain(gatewayConfig),
+                types: GRANT_REVOCATION_TYPES,
+                primaryType: "GrantRevocation",
+                message: msg,
+            });
+        },
+    };
+}
+//# sourceMappingURL=signer.js.map

package/dist/signing/signer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/signing/signer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EACvB,qBAAqB,EACrB,uBAAuB,EACvB,wBAAwB,EACxB,sBAAsB,GAIvB,MAAM,aAAa,CAAC;AAQrB,MAAM,UAAU,kBAAkB,CAChC,OAAsB,EACtB,aAA4B;IAE5B,OAAO;QACL,KAAK,CAAC,oBAAoB,CACxB,GAA4B;YAE5B,OAAO,OAAO,CAAC,aAAa,CAAC;gBAC3B,MAAM,EAAE,sBAAsB,CAAC,aAAa,CAAC;gBAC7C,KAAK,EAAE,uBAAuB;gBAC9B,WAAW,EAAE,kBAAkB;gBAC/B,OAAO,EAAE,GAAyC;aACnD,CAAC,CAAC;QACL,CAAC;QAED,KAAK,CAAC,qBAAqB,CACzB,GAA6B;YAE7B,OAAO,OAAO,CAAC,aAAa,CAAC;gBAC3B,MAAM,EAAE,uBAAuB,CAAC,aAAa,CAAC;gBAC9C,KAAK,EAAE,wBAAwB;gBAC/B,WAAW,EAAE,mBAAmB;gBAChC,OAAO,EAAE;oBACP,GAAG,GAAG;oBACN,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;iBACC;aACxC,CAAC,CAAC;QACL,CAAC;QAED,KAAK,CAAC,mBAAmB,CACvB,GAA2B;YAE3B,OAAO,OAAO,CAAC,aAAa,CAAC;gBAC3B,MAAM,EAAE,qBAAqB,CAAC,aAAa,CAAC;gBAC5C,KAAK,EAAE,sBAAsB;gBAC7B,WAAW,EAAE,iBAAiB;gBAC9B,OAAO,EAAE,GAAyC;aACnD,CAAC,CAAC;QACL,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/storage/adapters/index.d.ts

@@ -0,0 +1,3 @@
+export type { StorageAdapter } from "./interface.js";
+export { createVanaStorageAdapter, type VanaStorageOptions, type RequestSigner, } from "./vana.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/storage/adapters/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/storage/adapters/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAO,EACL,wBAAwB,EACxB,KAAK,kBAAkB,EACvB,KAAK,aAAa,GACnB,MAAM,WAAW,CAAC"}

package/dist/storage/adapters/index.js

@@ -0,0 +1,2 @@
+export { createVanaStorageAdapter, } from "./vana.js";
+//# sourceMappingURL=index.js.map

package/dist/storage/adapters/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/storage/adapters/index.ts"],"names":[],"mappings":"AACA,OAAO,EACL,wBAAwB,GAGzB,MAAM,WAAW,CAAC"}

package/dist/storage/adapters/interface.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Abstract storage backend adapter.
+ * All methods operate on encrypted binary blobs.
+ * Keys are opaque strings (e.g., "{scope}/{collectedAt}").
+ */
+export interface StorageAdapter {
+    /**
+     * Upload an encrypted blob to the storage backend.
+     * @param key - unique storage key / path
+     * @param data - encrypted binary data
+     * @returns URL where the blob is accessible
+     */
+    upload(key: string, data: Uint8Array): Promise<string>;
+    /**
+     * Download an encrypted blob from the storage backend.
+     * @param url - storage URL returned by upload()
+     * @returns encrypted binary data
+     * @throws if blob not found
+     */
+    download(url: string): Promise<Uint8Array>;
+    /**
+     * Delete an encrypted blob from the storage backend.
+     * @param url - storage URL
+     * @returns true if deleted, false if not found
+     */
+    delete(url: string): Promise<boolean>;
+    /**
+     * Check if a blob exists in the storage backend.
+     * @param url - storage URL
+     * @returns true if blob exists
+     */
+    exists(url: string): Promise<boolean>;
+    /**
+     * Bulk delete all blobs for a scope.
+     * Optional — not all backends support bulk delete.
+     * @param scope - scope identifier (dot notation)
+     * @returns count of blobs deleted
+     */
+    deleteScope?(scope: string): Promise<number>;
+    /**
+     * Delete all blobs for the owner.
+     * Optional — not all backends support bulk delete.
+     * @returns count of blobs deleted
+     */
+    deleteAll?(): Promise<number>;
+}
+//# sourceMappingURL=interface.d.ts.map

package/dist/storage/adapters/interface.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/storage/adapters/interface.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;OAKG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEvD;;;;;OAKG;IACH,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAE3C;;;;OAIG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEtC;;;;OAIG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEtC;;;;;OAKG;IACH,WAAW,CAAC,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAE7C;;;;OAIG;IACH,SAAS,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CAC/B"}

package/dist/storage/adapters/interface.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=interface.js.map

package/dist/storage/adapters/interface.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interface.js","sourceRoot":"","sources":["../../../src/storage/adapters/interface.ts"],"names":[],"mappings":""}

package/dist/storage/adapters/vana.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Vana Storage adapter.
+ * Uses REST: PUT/GET/DELETE/HEAD against {apiUrl}/v1/blobs/{ownerAddress}/{key}
+ * Auth: Web3Signed header on all requests (see vana-storage-design.md Section 3).
+ * URL format: full HTTPS URL (no vana:// scheme).
+ */
+import type { StorageAdapter } from "./interface.js";
+/**
+ * Signs HTTP requests for Web3Signed auth.
+ * Produces "Web3Signed {base64url(payload)}.{signature}" header values.
+ * Implementation provided by the caller (typically wraps the server keypair).
+ */
+export interface RequestSigner {
+    /**
+     * Produce a Web3Signed Authorization header value for an HTTP request.
+     * @param params - request metadata to sign
+     * @returns full Authorization header value (e.g., "Web3Signed ...")
+     */
+    signRequest(params: {
+        aud: string;
+        method: string;
+        uri: string;
+        body?: Uint8Array;
+    }): Promise<string>;
+}
+export interface VanaStorageOptions {
+    apiUrl: string;
+    ownerAddress: string;
+    signer: RequestSigner;
+}
+export declare function createVanaStorageAdapter(options: VanaStorageOptions): StorageAdapter;
+//# sourceMappingURL=vana.d.ts.map

package/dist/storage/adapters/vana.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vana.d.ts","sourceRoot":"","sources":["../../../src/storage/adapters/vana.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAErD;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B;;;;OAIG;IACH,WAAW,CAAC,MAAM,EAAE;QAClB,GAAG,EAAE,MAAM,CAAC;QACZ,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,IAAI,CAAC,EAAE,UAAU,CAAC;KACnB,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACrB;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,aAAa,CAAC;CACvB;AAED,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,kBAAkB,GAC1B,cAAc,CA6GhB"}

package/dist/storage/adapters/vana.js

@@ -0,0 +1,96 @@
+/**
+ * Vana Storage adapter.
+ * Uses REST: PUT/GET/DELETE/HEAD against {apiUrl}/v1/blobs/{ownerAddress}/{key}
+ * Auth: Web3Signed header on all requests (see vana-storage-design.md Section 3).
+ * URL format: full HTTPS URL (no vana:// scheme).
+ */
+export function createVanaStorageAdapter(options) {
+    const base = options.apiUrl.replace(/\/+$/, "");
+    const { ownerAddress, signer } = options;
+    function blobUrl(key) {
+        return `${base}/v1/blobs/${ownerAddress}/${key}`;
+    }
+    async function authHeaders(method, uri, body) {
+        const header = await signer.signRequest({
+            aud: options.apiUrl,
+            method,
+            uri,
+            body,
+        });
+        return { Authorization: header };
+    }
+    return {
+        async upload(key, data) {
+            const url = blobUrl(key);
+            const uri = `/v1/blobs/${ownerAddress}/${key}`;
+            const auth = await authHeaders("PUT", uri, data);
+            const res = await fetch(url, {
+                method: "PUT",
+                body: Buffer.from(data),
+                headers: {
+                    "Content-Type": "application/octet-stream",
+                    ...auth,
+                },
+            });
+            if (!res.ok) {
+                throw new Error(`Vana Storage upload failed: ${res.status} ${res.statusText}`);
+            }
+            return url;
+        },
+        async download(storageUrl) {
+            const uri = new URL(storageUrl).pathname;
+            const auth = await authHeaders("GET", uri);
+            const res = await fetch(storageUrl, { headers: auth });
+            if (res.status === 404) {
+                throw new Error(`Blob not found: ${storageUrl}`);
+            }
+            if (!res.ok) {
+                throw new Error(`Vana Storage download failed: ${res.status} ${res.statusText}`);
+            }
+            return new Uint8Array(await res.arrayBuffer());
+        },
+        async delete(storageUrl) {
+            const uri = new URL(storageUrl).pathname;
+            const auth = await authHeaders("DELETE", uri);
+            const res = await fetch(storageUrl, {
+                method: "DELETE",
+                headers: auth,
+            });
+            if (res.status === 404)
+                return false;
+            if (!res.ok) {
+                throw new Error(`Vana Storage delete failed: ${res.status} ${res.statusText}`);
+            }
+            return true;
+        },
+        async exists(storageUrl) {
+            const uri = new URL(storageUrl).pathname;
+            const auth = await authHeaders("HEAD", uri);
+            const res = await fetch(storageUrl, { method: "HEAD", headers: auth });
+            return res.ok;
+        },
+        async deleteScope(scope) {
+            const url = `${base}/v1/blobs/${ownerAddress}/${scope}`;
+            const uri = `/v1/blobs/${ownerAddress}/${scope}`;
+            const auth = await authHeaders("DELETE", uri);
+            const res = await fetch(url, { method: "DELETE", headers: auth });
+            if (!res.ok) {
+                throw new Error(`Vana Storage deleteScope failed: ${res.status} ${res.statusText}`);
+            }
+            const body = (await res.json());
+            return body.count ?? 0;
+        },
+        async deleteAll() {
+            const url = `${base}/v1/blobs/${ownerAddress}`;
+            const uri = `/v1/blobs/${ownerAddress}`;
+            const auth = await authHeaders("DELETE", uri);
+            const res = await fetch(url, { method: "DELETE", headers: auth });
+            if (!res.ok) {
+                throw new Error(`Vana Storage deleteAll failed: ${res.status} ${res.statusText}`);
+            }
+            const body = (await res.json());
+            return body.count ?? 0;
+        },
+    };
+}
+//# sourceMappingURL=vana.js.map

package/dist/storage/adapters/vana.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vana.js","sourceRoot":"","sources":["../../../src/storage/adapters/vana.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AA6BH,MAAM,UAAU,wBAAwB,CACtC,OAA2B;IAE3B,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAChD,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAEzC,SAAS,OAAO,CAAC,GAAW;QAC1B,OAAO,GAAG,IAAI,aAAa,YAAY,IAAI,GAAG,EAAE,CAAC;IACnD,CAAC;IAED,KAAK,UAAU,WAAW,CACxB,MAAc,EACd,GAAW,EACX,IAAiB;QAEjB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC;YACtC,GAAG,EAAE,OAAO,CAAC,MAAM;YACnB,MAAM;YACN,GAAG;YACH,IAAI;SACL,CAAC,CAAC;QACH,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC;IACnC,CAAC;IAED,OAAO;QACL,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI;YACpB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;YACzB,MAAM,GAAG,GAAG,aAAa,YAAY,IAAI,GAAG,EAAE,CAAC;YAC/C,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;YACjD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAC3B,MAAM,EAAE,KAAK;gBACb,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;gBACvB,OAAO,EAAE;oBACP,cAAc,EAAE,0BAA0B;oBAC1C,GAAG,IAAI;iBACR;aACF,CAAC,CAAC;YACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CACb,+BAA+B,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAC9D,CAAC;YACJ,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QAED,KAAK,CAAC,QAAQ,CAAC,UAAU;YACvB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC;YACzC,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAC3C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YACvD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,mBAAmB,UAAU,EAAE,CAAC,CAAC;YACnD,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAChE,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;QACjD,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,UAAU;YACrB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC;YACzC,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC9C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE;gBAClC,MAAM,EAAE,QAAQ;gBAChB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,KAAK,CAAC;YACrC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CACb,+BAA+B,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAC9D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,UAAU;YACrB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC;YACzC,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YAC5C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YACvE,OAAO,GAAG,CAAC,EAAE,CAAC;QAChB,CAAC;QAED,KAAK,CAAC,WAAW,CAAC,KAAK;YACrB,MAAM,GAAG,GAAG,GAAG,IAAI,aAAa,YAAY,IAAI,KAAK,EAAE,CAAC;YACxD,MAAM,GAAG,GAAG,aAAa,YAAY,IAAI,KAAK,EAAE,CAAC;YACjD,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC9C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YAClE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CACb,oCAAoC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CACnE,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAuB,CAAC;YACtD,OAAO,IAAI,CAAC,KAAK,IAAI,CAAC,CAAC;QACzB,CAAC;QAED,KAAK,CAAC,SAAS;YACb,MAAM,GAAG,GAAG,GAAG,IAAI,aAAa,YAAY,EAAE,CAAC;YAC/C,MAAM,GAAG,GAAG,aAAa,YAAY,EAAE,CAAC;YACxC,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC9C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YAClE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CACb,kCAAkC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CACjE,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAuB,CAAC;YACtD,OAAO,IAAI,CAAC,KAAK,IAAI,CAAC,CAAC;QACzB,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/storage/encryption/decrypt.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Decrypt an OpenPGP password-encrypted binary.
+ *
+ * @param encrypted - OpenPGP encrypted binary data
+ * @param password - hex-encoded scope key
+ * @returns plaintext Uint8Array
+ * @throws if password is wrong or data is corrupted
+ */
+export declare function decryptWithPassword(encrypted: Uint8Array, password: string): Promise<Uint8Array>;
+//# sourceMappingURL=decrypt.d.ts.map

package/dist/storage/encryption/decrypt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decrypt.d.ts","sourceRoot":"","sources":["../../../src/storage/encryption/decrypt.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,SAAS,EAAE,UAAU,EACrB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,UAAU,CAAC,CAQrB"}

package/dist/storage/encryption/decrypt.js

@@ -0,0 +1,19 @@
+import * as openpgp from "openpgp";
+/**
+ * Decrypt an OpenPGP password-encrypted binary.
+ *
+ * @param encrypted - OpenPGP encrypted binary data
+ * @param password - hex-encoded scope key
+ * @returns plaintext Uint8Array
+ * @throws if password is wrong or data is corrupted
+ */
+export async function decryptWithPassword(encrypted, password) {
+    const message = await openpgp.readMessage({ binaryMessage: encrypted });
+    const { data } = await openpgp.decrypt({
+        message,
+        passwords: [password],
+        format: "binary",
+    });
+    return data;
+}
+//# sourceMappingURL=decrypt.js.map

package/dist/storage/encryption/decrypt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decrypt.js","sourceRoot":"","sources":["../../../src/storage/encryption/decrypt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,SAAS,CAAC;AAEnC;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,SAAqB,EACrB,QAAgB;IAEhB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,EAAE,aAAa,EAAE,SAAS,EAAE,CAAC,CAAC;IACxE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC;QACrC,OAAO;QACP,SAAS,EAAE,CAAC,QAAQ,CAAC;QACrB,MAAM,EAAE,QAAQ;KACjB,CAAC,CAAC;IACH,OAAO,IAAkB,CAAC;AAC5B,CAAC"}

package/dist/storage/encryption/encrypt.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Encrypt plaintext using OpenPGP password-based encryption.
+ * Produces the same binary format as vana-sdk.
+ *
+ * @param plaintext - data to encrypt (typically JSON.stringify of envelope)
+ * @param password - hex-encoded scope key from deriveScopeKey()
+ * @returns OpenPGP encrypted binary (Uint8Array)
+ */
+export declare function encryptWithPassword(plaintext: Uint8Array, password: string): Promise<Uint8Array>;
+//# sourceMappingURL=encrypt.d.ts.map

package/dist/storage/encryption/encrypt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"encrypt.d.ts","sourceRoot":"","sources":["../../../src/storage/encryption/encrypt.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,SAAS,EAAE,UAAU,EACrB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,UAAU,CAAC,CAQrB"}

package/dist/storage/encryption/encrypt.js

@@ -0,0 +1,19 @@
+import * as openpgp from "openpgp";
+/**
+ * Encrypt plaintext using OpenPGP password-based encryption.
+ * Produces the same binary format as vana-sdk.
+ *
+ * @param plaintext - data to encrypt (typically JSON.stringify of envelope)
+ * @param password - hex-encoded scope key from deriveScopeKey()
+ * @returns OpenPGP encrypted binary (Uint8Array)
+ */
+export async function encryptWithPassword(plaintext, password) {
+    const message = await openpgp.createMessage({ binary: plaintext });
+    const encrypted = await openpgp.encrypt({
+        message,
+        passwords: [password],
+        format: "binary",
+    });
+    return encrypted;
+}
+//# sourceMappingURL=encrypt.js.map

package/dist/storage/encryption/encrypt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"encrypt.js","sourceRoot":"","sources":["../../../src/storage/encryption/encrypt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,SAAS,CAAC;AAEnC;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,SAAqB,EACrB,QAAgB;IAEhB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;IACnE,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC;QACtC,OAAO;QACP,SAAS,EAAE,CAAC,QAAQ,CAAC;QACrB,MAAM,EAAE,QAAQ;KACjB,CAAC,CAAC;IACH,OAAO,SAAuB,CAAC;AACjC,CAAC"}

package/dist/storage/encryption/index.d.ts

@@ -0,0 +1,3 @@
+export { encryptWithPassword } from "./encrypt.js";
+export { decryptWithPassword } from "./decrypt.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/storage/encryption/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/storage/encryption/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC"}

package/dist/storage/encryption/index.js

@@ -0,0 +1,3 @@
+export { encryptWithPassword } from "./encrypt.js";
+export { decryptWithPassword } from "./decrypt.js";
+//# sourceMappingURL=index.js.map

package/dist/storage/encryption/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/storage/encryption/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC"}

package/dist/storage/hierarchy/index.d.ts

@@ -0,0 +1,4 @@
+export { timestampToFilename, filenameToTimestamp, buildDataFilePath, buildScopeDir, generateCollectedAt, } from "./paths.js";
+export { writeDataFile, readDataFile, listVersions, deleteDataFile, deleteAllForScope, } from "./manager.js";
+export type { HierarchyManagerOptions, WriteResult } from "./manager.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/storage/hierarchy/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/storage/hierarchy/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,iBAAiB,EACjB,aAAa,EACb,mBAAmB,GACpB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,aAAa,EACb,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,iBAAiB,GAClB,MAAM,cAAc,CAAC;AAEtB,YAAY,EAAE,uBAAuB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC"}

package/dist/storage/hierarchy/index.js

@@ -0,0 +1,3 @@
+export { timestampToFilename, filenameToTimestamp, buildDataFilePath, buildScopeDir, generateCollectedAt, } from "./paths.js";
+export { writeDataFile, readDataFile, listVersions, deleteDataFile, deleteAllForScope, } from "./manager.js";
+//# sourceMappingURL=index.js.map

package/dist/storage/hierarchy/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/storage/hierarchy/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,iBAAiB,EACjB,aAAa,EACb,mBAAmB,GACpB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,aAAa,EACb,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,iBAAiB,GAClB,MAAM,cAAc,CAAC"}

package/dist/storage/hierarchy/manager.d.ts

@@ -0,0 +1,23 @@
+import type { DataFileEnvelope } from "../../schemas/data-file.js";
+export interface HierarchyManagerOptions {
+    dataDir: string;
+}
+export interface WriteResult {
+    path: string;
+    relativePath: string;
+    sizeBytes: number;
+}
+/** Atomic write: mkdir -p, write temp file, rename */
+export declare function writeDataFile(options: HierarchyManagerOptions, envelope: DataFileEnvelope): Promise<WriteResult>;
+/** Read and parse a data file */
+export declare function readDataFile(options: HierarchyManagerOptions, scope: string, collectedAt: string): Promise<DataFileEnvelope>;
+/** List version filenames for a scope, newest first. Empty array if scope dir doesn't exist. */
+export declare function listVersions(options: HierarchyManagerOptions, scope: string): Promise<string[]>;
+/** Delete a single data file */
+export declare function deleteDataFile(options: HierarchyManagerOptions, scope: string, collectedAt: string): Promise<void>;
+/**
+ * Delete all files for a scope by removing the scope directory recursively.
+ * No-op if directory doesn't exist.
+ */
+export declare function deleteAllForScope(options: HierarchyManagerOptions, scope: string): Promise<void>;
+//# sourceMappingURL=manager.d.ts.map

package/dist/storage/hierarchy/manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"manager.d.ts","sourceRoot":"","sources":["../../../src/storage/hierarchy/manager.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAQnE,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,sDAAsD;AACtD,wBAAsB,aAAa,CACjC,OAAO,EAAE,uBAAuB,EAChC,QAAQ,EAAE,gBAAgB,GACzB,OAAO,CAAC,WAAW,CAAC,CAuBtB;AAED,iCAAiC;AACjC,wBAAsB,YAAY,CAChC,OAAO,EAAE,uBAAuB,EAChC,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,gBAAgB,CAAC,CAI3B;AAED,gGAAgG;AAChG,wBAAsB,YAAY,CAChC,OAAO,EAAE,uBAAuB,EAChC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,MAAM,EAAE,CAAC,CAmBnB;AAED,gCAAgC;AAChC,wBAAsB,cAAc,CAClC,OAAO,EAAE,uBAAuB,EAChC,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,IAAI,CAAC,CAGf;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,uBAAuB,EAChC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,IAAI,CAAC,CAGf"}