@ouro.bot/friends 0.1.0-alpha.4 → 0.1.0-alpha.5

package/dist/a2a-client/did-key.js

@@ -0,0 +1,120 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.base58btcEncode = base58btcEncode;
+exports.base58btcDecode = base58btcDecode;
+exports.parseDidKey = parseDidKey;
+exports.ed25519PubToDidKey = ed25519PubToDidKey;
+exports.keyAgreementFromDidKey = keyAgreementFromDidKey;
+exports.didKeyIdentityFromEd25519 = didKeyIdentityFromEd25519;
+const BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+// Reverse lookup: char → value, or `undefined` for a char not in the alphabet
+// (base58btcDecode checks `=== undefined`).
+const BASE58_MAP = (() => {
+    const m = {};
+    for (let i = 0; i < BASE58_ALPHABET.length; i++)
+        m[BASE58_ALPHABET[i]] = i;
+    return m;
+})();
+// The ed25519-pub multicodec, varint-encoded: 0xed → [0xed, 0x01].
+const ED25519_MULTICODEC = Uint8Array.from([0xed, 0x01]);
+const ED25519_PUB_LEN = 32;
+/** Encode bytes as base58btc (Bitcoin alphabet). */
+function base58btcEncode(bytes) {
+    if (bytes.length === 0)
+        return "";
+    // Count leading zero bytes → leading '1's.
+    let zeros = 0;
+    while (zeros < bytes.length && bytes[zeros] === 0)
+        zeros++;
+    // Big-endian base-256 → base-58 via repeated division.
+    const digits = [0];
+    for (let i = zeros; i < bytes.length; i++) {
+        let carry = bytes[i];
+        for (let j = 0; j < digits.length; j++) {
+            carry += digits[j] << 8;
+            digits[j] = carry % 58;
+            carry = (carry / 58) | 0;
+        }
+        while (carry > 0) {
+            digits.push(carry % 58);
+            carry = (carry / 58) | 0;
+        }
+    }
+    let out = "1".repeat(zeros);
+    for (let k = digits.length - 1; k >= 0; k--)
+        out += BASE58_ALPHABET[digits[k]];
+    return out;
+}
+/** Decode a base58btc string. Returns null on an invalid character. */
+function base58btcDecode(str) {
+    if (str.length === 0)
+        return new Uint8Array(0);
+    let zeros = 0;
+    while (zeros < str.length && str[zeros] === "1")
+        zeros++;
+    const bytes = [0];
+    for (let i = zeros; i < str.length; i++) {
+        const val = BASE58_MAP[str[i]];
+        if (val === undefined)
+            return null;
+        let carry = val;
+        for (let j = 0; j < bytes.length; j++) {
+            carry += bytes[j] * 58;
+            bytes[j] = carry & 0xff;
+            carry >>= 8;
+        }
+        while (carry > 0) {
+            bytes.push(carry & 0xff);
+            carry >>= 8;
+        }
+    }
+    const out = new Uint8Array(zeros + bytes.length);
+    // leading zeros already 0; fill the rest big-endian.
+    for (let k = 0; k < bytes.length; k++)
+        out[zeros + k] = bytes[bytes.length - 1 - k];
+    return out;
+}
+/** Parse a `did:key:z…` (Ed25519) into its 32-byte public key. Returns null on:
+ * wrong scheme, missing `z` multibase prefix, bad base58, wrong multicodec, or
+ * wrong key length. */
+function parseDidKey(did) {
+    if (typeof did !== "string" || !did.startsWith("did:key:"))
+        return null;
+    const mb = did.slice("did:key:".length);
+    if (!mb.startsWith("z"))
+        return null; // only base58btc multibase supported
+    const decoded = base58btcDecode(mb.slice(1));
+    if (!decoded)
+        return null;
+    if (decoded.length !== ED25519_MULTICODEC.length + ED25519_PUB_LEN)
+        return null;
+    if (decoded[0] !== ED25519_MULTICODEC[0] || decoded[1] !== ED25519_MULTICODEC[1])
+        return null;
+    return { ed25519Pub: decoded.slice(ED25519_MULTICODEC.length) };
+}
+/** Encode an Ed25519 public key as a `did:key:z…`. Throws on a wrong-length key
+ * (a guard — callers pass real 32-byte keys). */
+function ed25519PubToDidKey(pub) {
+    if (pub.length !== ED25519_PUB_LEN) {
+        throw new Error(`did:key: expected a ${ED25519_PUB_LEN}-byte Ed25519 public key, got ${pub.length}`);
+    }
+    const prefixed = new Uint8Array(ED25519_MULTICODEC.length + pub.length);
+    prefixed.set(ED25519_MULTICODEC, 0);
+    prefixed.set(pub, ED25519_MULTICODEC.length);
+    return `did:key:z${base58btcEncode(prefixed)}`;
+}
+/** Derive the X25519 keyAgreement PUBLIC key from an Ed25519 public key. */
+function keyAgreementFromDidKey(input) {
+    return input.sodium.crypto_sign_ed25519_pk_to_curve25519(input.ed25519Pub);
+}
+/** Build a did:key identity from an Ed25519 keypair (the signing + the derived
+ * X25519 keyAgreement keys). */
+function didKeyIdentityFromEd25519(input) {
+    const { sodium, ed25519Pub, ed25519Priv } = input;
+    const did = ed25519PubToDidKey(ed25519Pub);
+    const x25519Pub = sodium.crypto_sign_ed25519_pk_to_curve25519(ed25519Pub);
+    const x25519Priv = sodium.crypto_sign_ed25519_sk_to_curve25519(ed25519Priv);
+    // The did:key fragment repeats the multibase body (did:key is self-describing).
+    const zBase = did.slice("did:key:".length);
+    return { did, ed25519Pub, ed25519Priv, x25519Pub, x25519Priv, keyId: `${did}#${zBase}` };
+}

package/dist/a2a-client/did-verifier.d.ts

@@ -0,0 +1,109 @@
+import type { AgentVerifier } from "../verifier";
+import type { TrustLevel } from "../types";
+import type { Sodium } from "./sodium";
+/** The pinned identity record for a peer (persisted by the HOST onto
+ * `AgentMeta.a2a.did` + a pinned-key field; injectable so tests use a map). */
+export interface PinnedDid {
+    did: string;
+    ed25519Pub: Uint8Array;
+}
+/** A pin store the host implements (in-memory map in tests; persisted on the
+ * agent record in production — a2a-client never touches fs itself). */
+export interface PinStore {
+    get(fromAgentId: string): PinnedDid | undefined;
+    set(fromAgentId: string, pinned: PinnedDid): void;
+}
+/** A simple in-memory PinStore (used by tests + as a host convenience). */
+export declare class MemoryPinStore implements PinStore {
+    private readonly map;
+    get(fromAgentId: string): PinnedDid | undefined;
+    set(fromAgentId: string, pinned: PinnedDid): void;
+}
+export interface DidVerifierInput {
+    sodium: Sodium;
+    /** The already-resolved+pinned Ed25519 public key for the inbound message's
+     * sender (the key the signature is verified against). */
+    pinnedEd25519Pub: Uint8Array;
+    /** The DID the pinned key belongs to (== the expected `fromAgentId`). */
+    pinnedDid: string;
+    /** The concrete inbound plaintext envelope this verifier is bound to. The
+     * signature is over `jcsBytes(envelope without proof)`, so the verifier must
+     * hold the envelope to perform a REAL crypto check inside the sync `verify`.
+     * The adapter (U8) constructs a fresh DidVerifier per inbound message. */
+    envelope: unknown;
+}
+/** The sync verifier handed to a core importer. Bound to one inbound envelope;
+ * `verify` confirms the agentId===did binding AND the Ed25519 signature over that
+ * envelope against the PINNED key. Pure sync, no I/O — the async DID resolve + pin
+ * happened in the adapter BEFORE construction. */
+export declare class DidVerifier implements AgentVerifier {
+    private readonly sodium;
+    private readonly pinnedEd25519Pub;
+    private readonly pinnedDid;
+    private readonly envelope;
+    constructor(input: DidVerifierInput);
+    /** Sync, no I/O. False on any binding or signature failure. */
+    verify(fromAgentId: string, proof?: string): boolean;
+}
+export interface CardDidBindingInput {
+    /** The agent card (carries a `did`; for did:web also a back-reference). */
+    card: {
+        did?: unknown;
+        url?: unknown;
+    };
+    /** The resolved DID document (did:web). For did:key pass `null` — the binding is
+     * "card.did === the did:key string" only (did:key is self-contained). */
+    didDoc: {
+        id: string;
+        cardServiceUrl?: string;
+    } | null;
+    /** The DID the card claims (the agent's identity). */
+    did: string;
+}
+/** Verify the card and DID agree BOTH directions. For did:web: card.did === did
+ * === didDoc.id AND the doc's `service` endpoint === the card URL. For did:key
+ * (didDoc null): card.did === did only. */
+export declare function verifyCardDidBinding(input: CardDidBindingInput): boolean;
+/** First contact: accept + pin the (did, key). Idempotent re-pin to the same key
+ * is fine; a DIFFERENT key for an existing pin must go through `evaluateRotation`,
+ * not this. Returns the pinned record. */
+export declare function pinOnFirstContact(input: {
+    pinStore: PinStore;
+    fromAgentId: string;
+    did: string;
+    ed25519Pub: Uint8Array;
+}): PinnedDid;
+/** Whether a peer is already pinned. */
+export declare function isPinned(pinStore: PinStore, fromAgentId: string): boolean;
+/** The pinned record for a peer, or undefined. */
+export declare function getPinned(pinStore: PinStore, fromAgentId: string): PinnedDid | undefined;
+export type RotationDecision = {
+    decision: "unchanged";
+} | {
+    decision: "accepted";
+} | {
+    decision: "rejected";
+    reason: "bad_rotation_proof" | "rotation_requires_reconfirm" | "not_pinned";
+};
+/** Mint a rotation proof: the OLD private key signs `{successor:newDid, newKey}`.
+ * Returns the base64 detached signature. (Test/host helper.) */
+export declare function signSuccessor(input: {
+    sodium: Sodium;
+    oldEd25519Priv: Uint8Array;
+    newDid: string;
+    newEd25519Pub: Uint8Array;
+}): string;
+export interface EvaluateRotationInput {
+    sodium: Sodium;
+    pinStore: PinStore;
+    fromAgentId: string;
+    trustOfSource: TrustLevel;
+    newDid: string;
+    newEd25519Pub: Uint8Array;
+    /** The base64 signature from `signSuccessor`, if presented. */
+    rotationProof?: string;
+}
+/** Evaluate a presented key against the pin (Fork 11). family/friend auto-accept a
+ * VALID signed successor proof (re-pin); acquaintance/stranger reject regardless;
+ * an unchanged key is `unchanged`; an unpinned peer is `not_pinned` (use TOFU). */
+export declare function evaluateRotation(input: EvaluateRotationInput): RotationDecision;

package/dist/a2a-client/did-verifier.js

@@ -0,0 +1,163 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DidVerifier = exports.MemoryPinStore = void 0;
+exports.verifyCardDidBinding = verifyCardDidBinding;
+exports.pinOnFirstContact = pinOnFirstContact;
+exports.isPinned = isPinned;
+exports.getPinned = getPinned;
+exports.signSuccessor = signSuccessor;
+exports.evaluateRotation = evaluateRotation;
+const jcs_1 = require("./jcs");
+const sign_1 = require("./sign");
+/** A simple in-memory PinStore (used by tests + as a host convenience). */
+class MemoryPinStore {
+    map = new Map();
+    get(fromAgentId) {
+        return this.map.get(fromAgentId);
+    }
+    set(fromAgentId, pinned) {
+        this.map.set(fromAgentId, pinned);
+    }
+}
+exports.MemoryPinStore = MemoryPinStore;
+/** Constant-time-ish byte equality (length-checked). The keys are public, so this
+ * is correctness, not timing-secrecy — but keep it total. */
+function bytesEqual(a, b) {
+    if (a.length !== b.length)
+        return false;
+    let diff = 0;
+    for (let i = 0; i < a.length; i++)
+        diff |= a[i] ^ b[i];
+    return diff === 0;
+}
+/** The sync verifier handed to a core importer. Bound to one inbound envelope;
+ * `verify` confirms the agentId===did binding AND the Ed25519 signature over that
+ * envelope against the PINNED key. Pure sync, no I/O — the async DID resolve + pin
+ * happened in the adapter BEFORE construction. */
+class DidVerifier {
+    sodium;
+    pinnedEd25519Pub;
+    pinnedDid;
+    envelope;
+    constructor(input) {
+        this.sodium = input.sodium;
+        this.pinnedEd25519Pub = input.pinnedEd25519Pub;
+        this.pinnedDid = input.pinnedDid;
+        this.envelope = input.envelope;
+    }
+    /** Sync, no I/O. False on any binding or signature failure. */
+    verify(fromAgentId, proof) {
+        if (proof === undefined)
+            return false;
+        const parsed = (0, sign_1.parseProof)(proof);
+        if (!parsed)
+            return false;
+        // agentId === did binding (Fork 10): the proof's signer DID must equal the
+        // arriving agentId AND the pinned DID. A spoof where agentId ≠ signerDid, or a
+        // proof claiming a different DID than the pinned one, is rejected here before
+        // any crypto.
+        if (parsed.signerDid !== fromAgentId)
+            return false;
+        if (parsed.signerDid !== this.pinnedDid)
+            return false;
+        // Real cryptographic gate: the pinned Ed25519 key must have signed this exact
+        // (proof-stripped) envelope.
+        return (0, sign_1.verifyEnvelopeSignature)({
+            sodium: this.sodium,
+            envelope: this.envelope,
+            proof: parsed,
+            signerEd25519Pub: this.pinnedEd25519Pub,
+        });
+    }
+}
+exports.DidVerifier = DidVerifier;
+/** Verify the card and DID agree BOTH directions. For did:web: card.did === did
+ * === didDoc.id AND the doc's `service` endpoint === the card URL. For did:key
+ * (didDoc null): card.did === did only. */
+function verifyCardDidBinding(input) {
+    const cardDid = typeof input.card.did === "string" ? input.card.did : undefined;
+    if (cardDid !== input.did)
+        return false; // card → DID
+    if (input.didDoc === null) {
+        // did:key: self-contained; the card.did === did check above is sufficient.
+        return true;
+    }
+    // did:web: DID → card. The doc must reference the card URL via a service entry.
+    if (input.didDoc.id !== input.did)
+        return false;
+    const cardUrl = typeof input.card.url === "string" ? input.card.url : undefined;
+    if (!cardUrl)
+        return false;
+    return input.didDoc.cardServiceUrl === cardUrl;
+}
+// ── TOFU pin ──────────────────────────────────────────────────────────────────
+/** First contact: accept + pin the (did, key). Idempotent re-pin to the same key
+ * is fine; a DIFFERENT key for an existing pin must go through `evaluateRotation`,
+ * not this. Returns the pinned record. */
+function pinOnFirstContact(input) {
+    const pinned = { did: input.did, ed25519Pub: input.ed25519Pub };
+    input.pinStore.set(input.fromAgentId, pinned);
+    return pinned;
+}
+/** Whether a peer is already pinned. */
+function isPinned(pinStore, fromAgentId) {
+    return pinStore.get(fromAgentId) !== undefined;
+}
+/** The pinned record for a peer, or undefined. */
+function getPinned(pinStore, fromAgentId) {
+    return pinStore.get(fromAgentId);
+}
+/** The canonical successor statement the OLD key signs to authorize a rotation. */
+function successorMessage(newDid, newEd25519Pub, b64) {
+    return (0, jcs_1.jcsBytes)({ statement: "key-successor", successor: newDid, newKey: b64(newEd25519Pub) });
+}
+/** Mint a rotation proof: the OLD private key signs `{successor:newDid, newKey}`.
+ * Returns the base64 detached signature. (Test/host helper.) */
+function signSuccessor(input) {
+    const { sodium } = input;
+    const b64 = (b) => sodium.to_base64(b, sodium.base64_variants.ORIGINAL);
+    const msg = successorMessage(input.newDid, input.newEd25519Pub, b64);
+    return b64(sodium.crypto_sign_detached(msg, input.oldEd25519Priv));
+}
+/** Evaluate a presented key against the pin (Fork 11). family/friend auto-accept a
+ * VALID signed successor proof (re-pin); acquaintance/stranger reject regardless;
+ * an unchanged key is `unchanged`; an unpinned peer is `not_pinned` (use TOFU). */
+function evaluateRotation(input) {
+    const { sodium, pinStore, fromAgentId, trustOfSource, newDid, newEd25519Pub } = input;
+    const current = pinStore.get(fromAgentId);
+    if (!current)
+        return { decision: "rejected", reason: "not_pinned" };
+    // Unchanged key (same bytes) → nothing to rotate.
+    if (current.did === newDid && bytesEqual(current.ed25519Pub, newEd25519Pub)) {
+        return { decision: "unchanged" };
+    }
+    // acquaintance / stranger: never auto-accept a rotation, even with a valid proof.
+    if (trustOfSource === "acquaintance" || trustOfSource === "stranger") {
+        return { decision: "rejected", reason: "rotation_requires_reconfirm" };
+    }
+    // family / friend: require a VALID signed successor proof from the OLD pinned key.
+    if (input.rotationProof === undefined) {
+        return { decision: "rejected", reason: "bad_rotation_proof" };
+    }
+    const b64 = (b) => sodium.to_base64(b, sodium.base64_variants.ORIGINAL);
+    const msg = successorMessage(newDid, newEd25519Pub, b64);
+    let sig;
+    try {
+        sig = sodium.from_base64(input.rotationProof, sodium.base64_variants.ORIGINAL);
+    }
+    catch {
+        return { decision: "rejected", reason: "bad_rotation_proof" };
+    }
+    let ok = false;
+    try {
+        ok = sodium.crypto_sign_verify_detached(sig, msg, current.ed25519Pub);
+    }
+    catch {
+        ok = false;
+    }
+    if (!ok)
+        return { decision: "rejected", reason: "bad_rotation_proof" };
+    // Valid: re-pin to the new key.
+    pinStore.set(fromAgentId, { did: newDid, ed25519Pub: newEd25519Pub });
+    return { decision: "accepted" };
+}

package/dist/a2a-client/did-web.d.ts

@@ -0,0 +1,26 @@
+/** The injectable resolver: given the resolved DID-doc URL, return the document.
+ * The host wires real `fetch`; tests inject a `(url) => Promise<fixture>` map. */
+export type DidDocResolver = (didDocUrl: string) => Promise<unknown>;
+/** A parsed did:web document (only the fields the overlay needs). */
+export interface DidDocument {
+    id: string;
+    ed25519Pub: Uint8Array;
+    ed25519KeyId: string;
+    x25519Pub: Uint8Array;
+    x25519KeyId: string;
+    /** The agent-card URL declared in a `service` entry, if present (U6 binding). */
+    cardServiceUrl?: string;
+}
+/** `did:web:…` → the DID-doc URL. Returns null on a malformed DID. */
+export declare function didWebToUrl(did: string): string | null;
+/** Parse a DID document. Returns null/typed-failure on: not an object, id
+ * mismatch, missing assertionMethod (Ed25519), missing keyAgreement (X25519),
+ * unsupported key encoding, or a key-length mismatch. */
+export declare function parseDidDocument(doc: unknown, did: string): DidDocument | null;
+export interface ResolveDidWebInput {
+    did: string;
+    resolver: DidDocResolver;
+}
+/** Resolve a did:web via the injected resolver and parse the document. Returns
+ * null (never throws) on a malformed DID, a resolver error, or a parse failure. */
+export declare function resolveDidWeb(input: ResolveDidWebInput): Promise<DidDocument | null>;

package/dist/a2a-client/did-web.js

@@ -0,0 +1,140 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.didWebToUrl = didWebToUrl;
+exports.parseDidDocument = parseDidDocument;
+exports.resolveDidWeb = resolveDidWeb;
+// did:web — DID resolution behind an INJECTABLE resolver hook. did:key needs no
+// network (U4); did:web does — so the resolver is the only network seam, and it
+// is injected (the host supplies real `fetch`; tests inject a fixture map). NO
+// real HTTP lives here. The a2a-client stays transport-injectable end to end.
+//
+// did:web → URL: `did:web:host` → https://host/.well-known/did.json;
+//                `did:web:host:a:b` → https://host/a/b/did.json
+// Each colon-separated segment is percent-decoded (the host may carry an encoded
+// port `%3A`). The DID-doc parse extracts the Ed25519 assertion key + the X25519
+// keyAgreement key + the card service back-reference (for the U6 binding check).
+const did_key_1 = require("./did-key");
+// Multicodec prefixes (varint) for publicKeyMultibase decoding.
+const ED25519_MULTICODEC = [0xed, 0x01];
+const X25519_MULTICODEC = [0xec, 0x01];
+const KEY_LEN = 32;
+/** `did:web:…` → the DID-doc URL. Returns null on a malformed DID. */
+function didWebToUrl(did) {
+    if (typeof did !== "string" || !did.startsWith("did:web:"))
+        return null;
+    const rest = did.slice("did:web:".length);
+    if (rest.length === 0)
+        return null;
+    const rawSegments = rest.split(":");
+    if (rawSegments.some((s) => s.length === 0))
+        return null;
+    let segments;
+    try {
+        segments = rawSegments.map((s) => decodeURIComponent(s));
+    }
+    catch {
+        return null; // a malformed percent-escape
+    }
+    // segments[0] (the host) is guaranteed non-empty: the `some(s.length === 0)`
+    // guard above rejects any empty segment, and decodeURIComponent of a non-empty
+    // string can't yield empty.
+    const host = segments[0];
+    if (segments.length === 1) {
+        return `https://${host}/.well-known/did.json`;
+    }
+    const path = segments.slice(1).join("/");
+    return `https://${host}/${path}/did.json`;
+}
+/** Decode a `publicKeyMultibase` (`z…` base58btc) and verify the multicodec +
+ * length. Returns the 32-byte key or null. */
+function decodeMultibaseKey(value, multicodec) {
+    if (typeof value !== "string" || !value.startsWith("z"))
+        return null;
+    const decoded = (0, did_key_1.base58btcDecode)(value.slice(1));
+    if (!decoded)
+        return null;
+    if (decoded.length !== multicodec.length + KEY_LEN)
+        return null;
+    if (decoded[0] !== multicodec[0] || decoded[1] !== multicodec[1])
+        return null;
+    return decoded.slice(multicodec.length);
+}
+/** A verification method may be inline (an object) or a string reference. We only
+ * support inline methods here (string refs into the same doc are resolved by
+ * matching `id`). Returns the inline method object or null. */
+function asMethodObject(m) {
+    if (!m || typeof m !== "object" || Array.isArray(m))
+        return null;
+    return m;
+}
+/** Find the first verification method in `methods` that decodes to a key of the
+ * given multicodec, returning the key + its id. */
+function extractKey(methods, multicodec) {
+    if (!Array.isArray(methods))
+        return null;
+    for (const m of methods) {
+        const obj = asMethodObject(m);
+        if (!obj)
+            continue;
+        const pub = decodeMultibaseKey(obj.publicKeyMultibase, multicodec);
+        if (pub && typeof obj.id === "string") {
+            return { pub, keyId: obj.id };
+        }
+    }
+    return null;
+}
+/** Extract the agent-card service URL: a `service` entry whose endpoint is a
+ * string. Returns undefined when no usable service is present. */
+function extractCardServiceUrl(doc) {
+    const services = doc.service;
+    if (!Array.isArray(services))
+        return undefined;
+    for (const s of services) {
+        if (!s || typeof s !== "object" || Array.isArray(s))
+            continue;
+        const endpoint = s.serviceEndpoint;
+        if (typeof endpoint === "string")
+            return endpoint;
+    }
+    return undefined;
+}
+/** Parse a DID document. Returns null/typed-failure on: not an object, id
+ * mismatch, missing assertionMethod (Ed25519), missing keyAgreement (X25519),
+ * unsupported key encoding, or a key-length mismatch. */
+function parseDidDocument(doc, did) {
+    if (!doc || typeof doc !== "object" || Array.isArray(doc))
+        return null;
+    const d = doc;
+    if (typeof d.id !== "string" || d.id !== did)
+        return null;
+    // assertionMethod is the signing relationship; fall back to authentication.
+    const ed = extractKey(d.assertionMethod, ED25519_MULTICODEC) ?? extractKey(d.authentication, ED25519_MULTICODEC);
+    if (!ed)
+        return null;
+    const x = extractKey(d.keyAgreement, X25519_MULTICODEC);
+    if (!x)
+        return null;
+    return {
+        id: did,
+        ed25519Pub: ed.pub,
+        ed25519KeyId: ed.keyId,
+        x25519Pub: x.pub,
+        x25519KeyId: x.keyId,
+        cardServiceUrl: extractCardServiceUrl(d),
+    };
+}
+/** Resolve a did:web via the injected resolver and parse the document. Returns
+ * null (never throws) on a malformed DID, a resolver error, or a parse failure. */
+async function resolveDidWeb(input) {
+    const url = didWebToUrl(input.did);
+    if (!url)
+        return null;
+    let doc;
+    try {
+        doc = await input.resolver(url);
+    }
+    catch {
+        return null; // network error / resolver throw — never propagates
+    }
+    return parseDidDocument(doc, input.did);
+}

package/dist/a2a-client/index.d.ts

@@ -0,0 +1,23 @@
+export { ready } from "./sodium";
+export type { Sodium } from "./sodium";
+export { jcsBytes, jcsString } from "./jcs";
+export { openSealed, sealTo, SealOpenError } from "./seal";
+export type { SealedBlob, OpenSealedInput, SealToInput } from "./seal";
+export { parseProof, serializeProof, signEnvelope, verifyEnvelopeSignature } from "./sign";
+export type { StructuredProof } from "./sign";
+export { base58btcDecode, base58btcEncode, didKeyIdentityFromEd25519, ed25519PubToDidKey, keyAgreementFromDidKey, parseDidKey, } from "./did-key";
+export type { DidKeyIdentity } from "./did-key";
+export { didWebToUrl, parseDidDocument, resolveDidWeb } from "./did-web";
+export type { DidDocResolver, DidDocument, ResolveDidWebInput } from "./did-web";
+export { DidVerifier, evaluateRotation, getPinned, isPinned, MemoryPinStore, pinOnFirstContact, signSuccessor, verifyCardDidBinding, } from "./did-verifier";
+export type { PinnedDid, PinStore, RotationDecision } from "./did-verifier";
+export { openSealedEnvelope, sealEnvelope } from "./sealed-envelope";
+export type { FriendsKind, FromIdentity, OpenSealedEnvelopeResult, RecipientIdentity, SealedEnvelope, } from "./sealed-envelope";
+export { unwrapDataPart, wrapInDataPart } from "./a2a-message";
+export type { A2ADataPart, A2AMessage, FriendsDataPartPayload } from "./a2a-message";
+export { buildFriendsAgentCard } from "./agent-card";
+export type { A2ACapabilities, A2ASkill, FriendsAgentCard } from "./agent-card";
+export { resolveReachability } from "./reachability";
+export type { ReachabilityPlan } from "./reachability";
+export { receiveShare, sendShare } from "./adapter";
+export type { A2ATransport, DidResolution, ReceiveShareInput, ReceiveShareResult, SeenLedgerLike, SendShareInput, SendShareResult, } from "./adapter";

package/dist/a2a-client/index.js

@@ -0,0 +1,72 @@
+"use strict";
+// @ouro.bot/friends/a2a-client — the public host-side A2A adapter + the friends
+// E2E security overlay (sign-then-seal + DID identity). This is the ONLY directory
+// permitted to import libsodium / A2A / DID; the dependency-direction lint enforces
+// core ⊥ a2a-client and a2a-client ⊥ mcp.
+//
+// The security model in one line: friends agents speak REAL A2A (`message/send`,
+// DataPart) while every envelope is SIGNED by the sender (Ed25519) and SEALED to
+// the recipient (XChaCha20-Poly1305 AEAD over ephemeral X25519 ECDH, with the
+// recipient DID bound into the AEAD AD), so a relay carries CIPHERTEXT ONLY — it
+// can never read, forge, tamper, re-target, replay-to-effect, or escalate.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sendShare = exports.receiveShare = exports.resolveReachability = exports.buildFriendsAgentCard = exports.wrapInDataPart = exports.unwrapDataPart = exports.sealEnvelope = exports.openSealedEnvelope = exports.verifyCardDidBinding = exports.signSuccessor = exports.pinOnFirstContact = exports.MemoryPinStore = exports.isPinned = exports.getPinned = exports.evaluateRotation = exports.DidVerifier = exports.resolveDidWeb = exports.parseDidDocument = exports.didWebToUrl = exports.parseDidKey = exports.keyAgreementFromDidKey = exports.ed25519PubToDidKey = exports.didKeyIdentityFromEd25519 = exports.base58btcEncode = exports.base58btcDecode = exports.verifyEnvelopeSignature = exports.signEnvelope = exports.serializeProof = exports.parseProof = exports.SealOpenError = exports.sealTo = exports.openSealed = exports.jcsString = exports.jcsBytes = exports.ready = void 0;
+// ── init seam ──
+var sodium_1 = require("./sodium");
+Object.defineProperty(exports, "ready", { enumerable: true, get: function () { return sodium_1.ready; } });
+// ── canonicalization (RFC 8785 JCS) ──
+var jcs_1 = require("./jcs");
+Object.defineProperty(exports, "jcsBytes", { enumerable: true, get: function () { return jcs_1.jcsBytes; } });
+Object.defineProperty(exports, "jcsString", { enumerable: true, get: function () { return jcs_1.jcsString; } });
+// ── seal / open primitives ──
+var seal_1 = require("./seal");
+Object.defineProperty(exports, "openSealed", { enumerable: true, get: function () { return seal_1.openSealed; } });
+Object.defineProperty(exports, "sealTo", { enumerable: true, get: function () { return seal_1.sealTo; } });
+Object.defineProperty(exports, "SealOpenError", { enumerable: true, get: function () { return seal_1.SealOpenError; } });
+// ── sign / verify + structured proof ──
+var sign_1 = require("./sign");
+Object.defineProperty(exports, "parseProof", { enumerable: true, get: function () { return sign_1.parseProof; } });
+Object.defineProperty(exports, "serializeProof", { enumerable: true, get: function () { return sign_1.serializeProof; } });
+Object.defineProperty(exports, "signEnvelope", { enumerable: true, get: function () { return sign_1.signEnvelope; } });
+Object.defineProperty(exports, "verifyEnvelopeSignature", { enumerable: true, get: function () { return sign_1.verifyEnvelopeSignature; } });
+// ── did:key (both keys from one DID) ──
+var did_key_1 = require("./did-key");
+Object.defineProperty(exports, "base58btcDecode", { enumerable: true, get: function () { return did_key_1.base58btcDecode; } });
+Object.defineProperty(exports, "base58btcEncode", { enumerable: true, get: function () { return did_key_1.base58btcEncode; } });
+Object.defineProperty(exports, "didKeyIdentityFromEd25519", { enumerable: true, get: function () { return did_key_1.didKeyIdentityFromEd25519; } });
+Object.defineProperty(exports, "ed25519PubToDidKey", { enumerable: true, get: function () { return did_key_1.ed25519PubToDidKey; } });
+Object.defineProperty(exports, "keyAgreementFromDidKey", { enumerable: true, get: function () { return did_key_1.keyAgreementFromDidKey; } });
+Object.defineProperty(exports, "parseDidKey", { enumerable: true, get: function () { return did_key_1.parseDidKey; } });
+// ── did:web (behind an injectable resolver) ──
+var did_web_1 = require("./did-web");
+Object.defineProperty(exports, "didWebToUrl", { enumerable: true, get: function () { return did_web_1.didWebToUrl; } });
+Object.defineProperty(exports, "parseDidDocument", { enumerable: true, get: function () { return did_web_1.parseDidDocument; } });
+Object.defineProperty(exports, "resolveDidWeb", { enumerable: true, get: function () { return did_web_1.resolveDidWeb; } });
+// ── DidVerifier — binding, TOFU pin, trust-tiered rotation ──
+var did_verifier_1 = require("./did-verifier");
+Object.defineProperty(exports, "DidVerifier", { enumerable: true, get: function () { return did_verifier_1.DidVerifier; } });
+Object.defineProperty(exports, "evaluateRotation", { enumerable: true, get: function () { return did_verifier_1.evaluateRotation; } });
+Object.defineProperty(exports, "getPinned", { enumerable: true, get: function () { return did_verifier_1.getPinned; } });
+Object.defineProperty(exports, "isPinned", { enumerable: true, get: function () { return did_verifier_1.isPinned; } });
+Object.defineProperty(exports, "MemoryPinStore", { enumerable: true, get: function () { return did_verifier_1.MemoryPinStore; } });
+Object.defineProperty(exports, "pinOnFirstContact", { enumerable: true, get: function () { return did_verifier_1.pinOnFirstContact; } });
+Object.defineProperty(exports, "signSuccessor", { enumerable: true, get: function () { return did_verifier_1.signSuccessor; } });
+Object.defineProperty(exports, "verifyCardDidBinding", { enumerable: true, get: function () { return did_verifier_1.verifyCardDidBinding; } });
+// ── SealedEnvelope sign-then-seal compose ──
+var sealed_envelope_1 = require("./sealed-envelope");
+Object.defineProperty(exports, "openSealedEnvelope", { enumerable: true, get: function () { return sealed_envelope_1.openSealedEnvelope; } });
+Object.defineProperty(exports, "sealEnvelope", { enumerable: true, get: function () { return sealed_envelope_1.sealEnvelope; } });
+// ── A2A DataPart mapping (relay-blind) ──
+var a2a_message_1 = require("./a2a-message");
+Object.defineProperty(exports, "unwrapDataPart", { enumerable: true, get: function () { return a2a_message_1.unwrapDataPart; } });
+Object.defineProperty(exports, "wrapInDataPart", { enumerable: true, get: function () { return a2a_message_1.wrapInDataPart; } });
+// ── friends agent card ──
+var agent_card_1 = require("./agent-card");
+Object.defineProperty(exports, "buildFriendsAgentCard", { enumerable: true, get: function () { return agent_card_1.buildFriendsAgentCard; } });
+// ── reachability ladder ──
+var reachability_1 = require("./reachability");
+Object.defineProperty(exports, "resolveReachability", { enumerable: true, get: function () { return reachability_1.resolveReachability; } });
+// ── send / receive adapter ──
+var adapter_1 = require("./adapter");
+Object.defineProperty(exports, "receiveShare", { enumerable: true, get: function () { return adapter_1.receiveShare; } });
+Object.defineProperty(exports, "sendShare", { enumerable: true, get: function () { return adapter_1.sendShare; } });

package/dist/a2a-client/jcs.d.ts

@@ -0,0 +1,5 @@
+/** The JCS canonical JSON string for `value` (RFC 8785). */
+export declare function jcsString(value: unknown): string;
+/** The UTF-8 bytes of the JCS canonical JSON string — the message fed to
+ * Ed25519 signing and used as AEAD associated-data. */
+export declare function jcsBytes(value: unknown): Uint8Array;