@passportsign/core 0.1.0

package/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for describing the origin of the Work and
+      reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Support. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or support.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2026 passportsign contributors
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -0,0 +1,36 @@
+# @passportsign/core
+
+Core primitives for [passportsign](https://passportsign.dev) — the
+Sigstore-adjacent personhood-attestation toolkit. Binds a GitHub
+account to a passport-holding human via [zkPassport](https://zkpassport.id)
+and logs the binding to the public [Sigstore Rekor](https://docs.sigstore.dev/logging/overview/)
+transparency log as an [in-toto attestation](https://in-toto.io/Statement/v1).
+
+This package contains the protocol primitives. See
+[`@passportsign/cli`](https://www.npmjs.com/package/@passportsign/cli)
+for the user-facing tool.
+
+## What's in here
+
+- **`canonical`** — RFC 8785 JCS canonical serialization
+- **`statement`** — in-toto Statement v1 builder with our `passportsign.dev/personhood/v1` predicate type
+- **`bundle`** — `binding.passportsign.json` portable format
+- **`github`** — gist control check with full §4 error vocabulary
+- **`log/rekor`** — Rekor client (intoto v0.0.2, log info, consistency proofs)
+- **`merkle`** — RFC 6962 Merkle inclusion + consistency verification
+- **`dsse`** — DSSE envelope builder (ephemeral ECDSA P-256)
+- **`verifier`** — full bundle verifier
+- **`badge`** — self-contained inline SVG badge
+- **`storage/sqlite`** — local cache (separate export to avoid bundling `node:sqlite`)
+
+## Spec
+
+Full v0.4 spec at
+[`docs/passportsign.md`](https://github.com/debugmcp/passportsign/blob/main/docs/passportsign.md)
+in the source repo. The v0 acceptance evidence — including a live
+real-passport Rekor entry — is at
+[`docs/v0-acceptance.md`](https://github.com/debugmcp/passportsign/blob/main/docs/v0-acceptance.md).
+
+## License
+
+Apache-2.0

package/dist/badge.d.ts

@@ -0,0 +1,37 @@
+/**
+ * Self-contained inline SVG badge generator for passportsign.
+ *
+ * v0 ships without a hosted badge service. Maintainers commit the
+ * generated `passportsign-badge.svg` to a public repo (typically the
+ * `username/username` profile repo) and reference it from their
+ * README. GitHub's image proxy renders the SVG; the badge wraps a
+ * link to the Rekor entry for click-through verification.
+ *
+ * Visual: shields.io-style pill, two segments, ~190-280px wide
+ * depending on text. Renders with the 10x scale + transform=scale(.1)
+ * trick used by shields.io for crisper text rendering.
+ */
+export interface BadgeInput {
+    github_username: string;
+    issuing_country: string | null;
+    bound_at: string;
+    /** Rekor entry UUID for the `<title>` tooltip. */
+    log_entry_hash?: string;
+}
+/**
+ * Render the badge SVG. The output is intentionally a string (not a
+ * DOM tree or stream) so callers can write it to disk directly with
+ * `writeFileSync`.
+ */
+export declare function renderBadgeSvg(input: BadgeInput): string;
+/**
+ * Render the Markdown snippet that wraps the badge in a click-through
+ * link to the Rekor entry. Suitable for pasting into a README.
+ */
+export declare function renderBadgeMarkdown(input: {
+    badge_path: string;
+    log_entry_hash: string;
+    rekor_base_url?: string;
+    alt_text?: string;
+}): string;
+//# sourceMappingURL=badge.d.ts.map

package/dist/badge.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"badge.d.ts","sourceRoot":"","sources":["../src/badge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,MAAM,WAAW,UAAU;IACzB,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AA6BD;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CA0CxD;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,GAAG,MAAM,CAKT"}

package/dist/badge.js

@@ -0,0 +1,94 @@
+/**
+ * Self-contained inline SVG badge generator for passportsign.
+ *
+ * v0 ships without a hosted badge service. Maintainers commit the
+ * generated `passportsign-badge.svg` to a public repo (typically the
+ * `username/username` profile repo) and reference it from their
+ * README. GitHub's image proxy renders the SVG; the badge wraps a
+ * link to the Rekor entry for click-through verification.
+ *
+ * Visual: shields.io-style pill, two segments, ~190-280px wide
+ * depending on text. Renders with the 10x scale + transform=scale(.1)
+ * trick used by shields.io for crisper text rendering.
+ */
+const LABEL = 'passportsign';
+const CHAR_WIDTH_PX = 7; // Approx Verdana 11pt character width
+const SIDE_PADDING_PX = 8;
+function escapeXml(s) {
+    return s.replace(/[<>&"']/g, (c) => {
+        switch (c) {
+            case '<': return '&lt;';
+            case '>': return '&gt;';
+            case '&': return '&amp;';
+            case '"': return '&quot;';
+            case "'": return '&apos;';
+            default: return c;
+        }
+    });
+}
+function dateStringFor(isoTimestamp) {
+    // Render as YYYY-MM-DD for the badge.
+    const d = new Date(isoTimestamp);
+    if (Number.isNaN(d.getTime()))
+        return isoTimestamp.slice(0, 10);
+    const y = d.getUTCFullYear();
+    const m = String(d.getUTCMonth() + 1).padStart(2, '0');
+    const day = String(d.getUTCDate()).padStart(2, '0');
+    return `${y}-${m}-${day}`;
+}
+/**
+ * Render the badge SVG. The output is intentionally a string (not a
+ * DOM tree or stream) so callers can write it to disk directly with
+ * `writeFileSync`.
+ */
+export function renderBadgeSvg(input) {
+    const date = dateStringFor(input.bound_at);
+    const valueParts = ['verified human'];
+    if (input.issuing_country)
+        valueParts.push(input.issuing_country);
+    valueParts.push(date);
+    const valueText = valueParts.join(' · '); // middle dot ·
+    const labelEsc = escapeXml(LABEL);
+    const valueEsc = escapeXml(valueText);
+    const labelW = LABEL.length * CHAR_WIDTH_PX + 2 * SIDE_PADDING_PX;
+    const valueW = valueText.length * CHAR_WIDTH_PX + 2 * SIDE_PADDING_PX;
+    const totalW = labelW + valueW;
+    const labelCx10 = labelW * 5; // centre of label segment, scaled x10
+    const valueCx10 = (labelW + valueW / 2) * 10;
+    const ariaLabel = `${labelEsc}: ${valueEsc}`;
+    const tooltipExtra = input.log_entry_hash
+        ? ` (rekor entry ${escapeXml(input.log_entry_hash.slice(0, 16))}…)`
+        : '';
+    return [
+        `<svg xmlns="http://www.w3.org/2000/svg" width="${totalW}" height="20" role="img" aria-label="${ariaLabel}">`,
+        `<title>${ariaLabel}${tooltipExtra}</title>`,
+        `<linearGradient id="s" x2="0" y2="100%">`,
+        `<stop offset="0" stop-color="#bbb" stop-opacity=".1"/>`,
+        `<stop offset="1" stop-opacity=".1"/>`,
+        `</linearGradient>`,
+        `<clipPath id="r"><rect width="${totalW}" height="20" rx="3" fill="#fff"/></clipPath>`,
+        `<g clip-path="url(#r)">`,
+        `<rect width="${labelW}" height="20" fill="#555"/>`,
+        `<rect x="${labelW}" width="${valueW}" height="20" fill="#4c1"/>`,
+        `<rect width="${totalW}" height="20" fill="url(#s)"/>`,
+        `</g>`,
+        `<g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="110">`,
+        `<text x="${labelCx10}" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)">${labelEsc}</text>`,
+        `<text x="${labelCx10}" y="140" transform="scale(.1)">${labelEsc}</text>`,
+        `<text x="${valueCx10}" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)">${valueEsc}</text>`,
+        `<text x="${valueCx10}" y="140" transform="scale(.1)">${valueEsc}</text>`,
+        `</g>`,
+        `</svg>`,
+    ].join('');
+}
+/**
+ * Render the Markdown snippet that wraps the badge in a click-through
+ * link to the Rekor entry. Suitable for pasting into a README.
+ */
+export function renderBadgeMarkdown(input) {
+    const base = input.rekor_base_url ?? 'https://rekor.sigstore.dev';
+    const url = `${base}/api/v1/log/entries/${input.log_entry_hash}`;
+    const alt = input.alt_text ?? 'passportsign verified';
+    return `[![${alt}](${input.badge_path})](${url})`;
+}
+//# sourceMappingURL=badge.js.map

package/dist/badge.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"badge.js","sourceRoot":"","sources":["../src/badge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAUH,MAAM,KAAK,GAAG,cAAc,CAAC;AAC7B,MAAM,aAAa,GAAG,CAAC,CAAC,CAAQ,sCAAsC;AACtE,MAAM,eAAe,GAAG,CAAC,CAAC;AAE1B,SAAS,SAAS,CAAC,CAAS;IAC1B,OAAO,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE;QACjC,QAAQ,CAAC,EAAE,CAAC;YACV,KAAK,GAAG,CAAC,CAAC,OAAO,MAAM,CAAC;YACxB,KAAK,GAAG,CAAC,CAAC,OAAO,MAAM,CAAC;YACxB,KAAK,GAAG,CAAC,CAAC,OAAO,OAAO,CAAC;YACzB,KAAK,GAAG,CAAC,CAAC,OAAO,QAAQ,CAAC;YAC1B,KAAK,GAAG,CAAC,CAAC,OAAO,QAAQ,CAAC;YAC1B,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC;QACpB,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,aAAa,CAAC,YAAoB;IACzC,sCAAsC;IACtC,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,YAAY,CAAC,CAAC;IACjC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;QAAE,OAAO,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChE,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,EAAE,CAAC;IAC7B,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACvD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACpD,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,EAAE,CAAC;AAC5B,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,KAAiB;IAC9C,MAAM,IAAI,GAAG,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAC3C,MAAM,UAAU,GAAG,CAAC,gBAAgB,CAAC,CAAC;IACtC,IAAI,KAAK,CAAC,eAAe;QAAE,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IAClE,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtB,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,eAAe;IAEzD,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC;IAEtC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,aAAa,GAAG,CAAC,GAAG,eAAe,CAAC;IAClE,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,GAAG,aAAa,GAAG,CAAC,GAAG,eAAe,CAAC;IACtE,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;IAE/B,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,CAAC,CAAU,sCAAsC;IAC7E,MAAM,SAAS,GAAG,CAAC,MAAM,GAAG,MAAM,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IAC7C,MAAM,SAAS,GAAG,GAAG,QAAQ,KAAK,QAAQ,EAAE,CAAC;IAC7C,MAAM,YAAY,GAAG,KAAK,CAAC,cAAc;QACvC,CAAC,CAAC,iBAAiB,SAAS,CAAC,KAAK,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI;QACnE,CAAC,CAAC,EAAE,CAAC;IAEP,OAAO;QACL,kDAAkD,MAAM,wCAAwC,SAAS,IAAI;QAC7G,UAAU,SAAS,GAAG,YAAY,UAAU;QAC5C,0CAA0C;QAC1C,wDAAwD;QACxD,sCAAsC;QACtC,mBAAmB;QACnB,iCAAiC,MAAM,+CAA+C;QACtF,yBAAyB;QACzB,gBAAgB,MAAM,6BAA6B;QACnD,YAAY,MAAM,YAAY,MAAM,6BAA6B;QACjE,gBAAgB,MAAM,gCAAgC;QACtD,MAAM;QACN,8IAA8I;QAC9I,YAAY,SAAS,oEAAoE,QAAQ,SAAS;QAC1G,YAAY,SAAS,mCAAmC,QAAQ,SAAS;QACzE,YAAY,SAAS,oEAAoE,QAAQ,SAAS;QAC1G,YAAY,SAAS,mCAAmC,QAAQ,SAAS;QACzE,MAAM;QACN,QAAQ;KACT,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,KAKnC;IACC,MAAM,IAAI,GAAG,KAAK,CAAC,cAAc,IAAI,4BAA4B,CAAC;IAClE,MAAM,GAAG,GAAG,GAAG,IAAI,uBAAuB,KAAK,CAAC,cAAc,EAAE,CAAC;IACjE,MAAM,GAAG,GAAG,KAAK,CAAC,QAAQ,IAAI,uBAAuB,CAAC;IACtD,OAAO,MAAM,GAAG,KAAK,KAAK,CAAC,UAAU,MAAM,GAAG,GAAG,CAAC;AACpD,CAAC"}

package/dist/bind.d.ts

@@ -0,0 +1,61 @@
+/**
+ * Bind-flow orchestrator (no Rekor yet).
+ *
+ * Composes the pieces from `github.ts`, `statement.ts`, and `canonical.ts`
+ * into a single "given these inputs, produce a ready-to-submit binding"
+ * function. Day 5 will chain this with the Rekor submission and bundle
+ * write to deliver the full `passportsign bind` CLI command.
+ *
+ * Deliberately does **not** call the zkPassport SDK directly — the proof
+ * blob and SDK-derived metadata come in as plain data. The CLI's bind
+ * command is the producer of that data (it drives the SDK + UI),
+ * keeping this module pure and unit-testable without the SDK.
+ */
+import { checkGistControl, type GistEvidence } from './github.js';
+import { type PassportsignStatement } from './statement.js';
+export interface PrepareBindingInput {
+    github_username: string;
+    /** Base64-encoded zkPassport proof blob (the SDK callback's serialized output). */
+    proof_blob_b64: string;
+    /** From the SDK's `onResult` callback. Deterministic for this passport + scope. */
+    unique_identifier: string;
+    /** ICAO 3-letter code if disclosed, else null. Pass through as-returned by SDK. */
+    issuing_country: string | null;
+    /** Per-binding nonce that was placed in the user's gist for the control check. */
+    nonce: string;
+    /** Full scope string (e.g. "passportsign.dev:nationality-disclose:1"). */
+    scope: string;
+    /** Version string from the zkPassport SDK that produced the proof. */
+    zkpassport_sdk_version: string;
+    /** Optional GitHub token for the gist check (rate limits only — no special access). */
+    github_token?: string;
+}
+export interface PrepareBindingInit {
+    /** Init timestamp — gist `updated_at` must be on or after this. */
+    issuedAt: Date;
+    /** Filename to look for in the user's gists. Defaults to `passportsign.txt`. */
+    gistFilename?: string;
+}
+export interface PrepareBindingDeps {
+    /** Inject for tests. Defaults to {@link checkGistControl}. */
+    github?: typeof checkGistControl;
+    /** Inject a fetch (forwarded to github). */
+    fetch?: typeof fetch;
+}
+export interface PreparedBinding {
+    statement: PassportsignStatement;
+    statement_canonical: Uint8Array;
+    statement_sha256_hex: string;
+    proof_blob_b64: string;
+    proof_blob_sha256_hex: string;
+    gist: GistEvidence;
+}
+/**
+ * Run the GitHub gist control check, then build the in-toto statement and
+ * compute canonical bytes + hashes for the Rekor handoff.
+ *
+ * Throws {@link PassportsignError} with the matching §4 code on any
+ * failure path.
+ */
+export declare function prepareBinding(input: PrepareBindingInput, init: PrepareBindingInit, deps?: PrepareBindingDeps): Promise<PreparedBinding>;
+//# sourceMappingURL=bind.d.ts.map

package/dist/bind.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bind.d.ts","sourceRoot":"","sources":["../src/bind.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAMH,OAAO,EAAE,gBAAgB,EAAE,KAAK,YAAY,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAkB,KAAK,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAE5E,MAAM,WAAW,mBAAmB;IAClC,eAAe,EAAE,MAAM,CAAC;IACxB,mFAAmF;IACnF,cAAc,EAAE,MAAM,CAAC;IACvB,mFAAmF;IACnF,iBAAiB,EAAE,MAAM,CAAC;IAC1B,mFAAmF;IACnF,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,kFAAkF;IAClF,KAAK,EAAE,MAAM,CAAC;IACd,0EAA0E;IAC1E,KAAK,EAAE,MAAM,CAAC;IACd,sEAAsE;IACtE,sBAAsB,EAAE,MAAM,CAAC;IAC/B,uFAAuF;IACvF,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,mEAAmE;IACnE,QAAQ,EAAE,IAAI,CAAC;IACf,gFAAgF;IAChF,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,8DAA8D;IAC9D,MAAM,CAAC,EAAE,OAAO,gBAAgB,CAAC;IACjC,4CAA4C;IAC5C,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,qBAAqB,CAAC;IACjC,mBAAmB,EAAE,UAAU,CAAC;IAChC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,IAAI,EAAE,YAAY,CAAC;CACpB;AAYD;;;;;;GAMG;AACH,wBAAsB,cAAc,CAClC,KAAK,EAAE,mBAAmB,EAC1B,IAAI,EAAE,kBAAkB,EACxB,IAAI,GAAE,kBAAuB,GAC5B,OAAO,CAAC,eAAe,CAAC,CAqD1B"}

package/dist/bind.js

@@ -0,0 +1,79 @@
+/**
+ * Bind-flow orchestrator (no Rekor yet).
+ *
+ * Composes the pieces from `github.ts`, `statement.ts`, and `canonical.ts`
+ * into a single "given these inputs, produce a ready-to-submit binding"
+ * function. Day 5 will chain this with the Rekor submission and bundle
+ * write to deliver the full `passportsign bind` CLI command.
+ *
+ * Deliberately does **not** call the zkPassport SDK directly — the proof
+ * blob and SDK-derived metadata come in as plain data. The CLI's bind
+ * command is the producer of that data (it drives the SDK + UI),
+ * keeping this module pure and unit-testable without the SDK.
+ */
+import { createHash } from 'node:crypto';
+import { canonicalize, canonicalSha256Hex } from './canonical.js';
+import { PassportsignError } from './errors.js';
+import { checkGistControl } from './github.js';
+import { buildStatement } from './statement.js';
+const DEFAULT_GIST_FILENAME = 'passportsign.txt';
+function decodeBase64(b64) {
+    return new Uint8Array(Buffer.from(b64, 'base64'));
+}
+function sha256Hex(bytes) {
+    return createHash('sha256').update(bytes).digest('hex');
+}
+/**
+ * Run the GitHub gist control check, then build the in-toto statement and
+ * compute canonical bytes + hashes for the Rekor handoff.
+ *
+ * Throws {@link PassportsignError} with the matching §4 code on any
+ * failure path.
+ */
+export async function prepareBinding(input, init, deps = {}) {
+    const githubImpl = deps.github ?? checkGistControl;
+    // 1. GitHub gist control check (throws PassportsignError on any §4 path).
+    const gist = await githubImpl({
+        username: input.github_username,
+        expected_filename: init.gistFilename ?? DEFAULT_GIST_FILENAME,
+        expected_content: input.nonce,
+        not_before: init.issuedAt,
+        ...(input.github_token ? { token: input.github_token } : {}),
+        ...(deps.fetch ? { fetch: deps.fetch } : {}),
+    });
+    // 2. Derive proof_blob sha256 from the base64 input.
+    let proofBytes;
+    try {
+        proofBytes = decodeBase64(input.proof_blob_b64);
+    }
+    catch (err) {
+        throw new PassportsignError('proof_invalid', `proof_blob_b64 is not valid base64`, err);
+    }
+    if (proofBytes.length === 0) {
+        throw new PassportsignError('proof_invalid', 'proof_blob_b64 decoded to zero bytes');
+    }
+    const proof_blob_sha256_hex = sha256Hex(proofBytes);
+    // 3. Build the in-toto statement (enforces hex / non-empty invariants).
+    const statement = buildStatement({
+        github_username: input.github_username,
+        unique_identifier: input.unique_identifier,
+        issuing_country: input.issuing_country,
+        proof_blob_sha256: proof_blob_sha256_hex,
+        gist_url: gist.url,
+        gist_content_sha256: gist.content_sha256,
+        scope: input.scope,
+        zkpassport_sdk_version: input.zkpassport_sdk_version,
+    });
+    // 4. Canonical bytes + sha256 for the Rekor entry.
+    const statement_canonical = canonicalize(statement);
+    const statement_sha256_hex = canonicalSha256Hex(statement);
+    return {
+        statement,
+        statement_canonical,
+        statement_sha256_hex,
+        proof_blob_b64: input.proof_blob_b64,
+        proof_blob_sha256_hex,
+        gist,
+    };
+}
+//# sourceMappingURL=bind.js.map

package/dist/bind.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bind.js","sourceRoot":"","sources":["../src/bind.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAClE,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAqB,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,cAAc,EAA8B,MAAM,gBAAgB,CAAC;AA2C5E,MAAM,qBAAqB,GAAG,kBAAkB,CAAC;AAEjD,SAAS,YAAY,CAAC,GAAW;IAC/B,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC;AACpD,CAAC;AAED,SAAS,SAAS,CAAC,KAAiB;IAClC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC1D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,KAA0B,EAC1B,IAAwB,EACxB,OAA2B,EAAE;IAE7B,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,IAAI,gBAAgB,CAAC;IAEnD,0EAA0E;IAC1E,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC;QAC5B,QAAQ,EAAE,KAAK,CAAC,eAAe;QAC/B,iBAAiB,EAAE,IAAI,CAAC,YAAY,IAAI,qBAAqB;QAC7D,gBAAgB,EAAE,KAAK,CAAC,KAAK;QAC7B,UAAU,EAAE,IAAI,CAAC,QAAQ;QACzB,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC7C,CAAC,CAAC;IAEH,qDAAqD;IACrD,IAAI,UAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,UAAU,GAAG,YAAY,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,iBAAiB,CACzB,eAAe,EACf,oCAAoC,EACpC,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAiB,CAAC,eAAe,EAAE,sCAAsC,CAAC,CAAC;IACvF,CAAC;IACD,MAAM,qBAAqB,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAEpD,wEAAwE;IACxE,MAAM,SAAS,GAAG,cAAc,CAAC;QAC/B,eAAe,EAAE,KAAK,CAAC,eAAe;QACtC,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,eAAe,EAAE,KAAK,CAAC,eAAe;QACtC,iBAAiB,EAAE,qBAAqB;QACxC,QAAQ,EAAE,IAAI,CAAC,GAAG;QAClB,mBAAmB,EAAE,IAAI,CAAC,cAAc;QACxC,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;KACrD,CAAC,CAAC;IAEH,mDAAmD;IACnD,MAAM,mBAAmB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;IACpD,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;IAE3D,OAAO;QACL,SAAS;QACT,mBAAmB;QACnB,oBAAoB;QACpB,cAAc,EAAE,KAAK,CAAC,cAAc;QACpC,qBAAqB;QACrB,IAAI;KACL,CAAC;AACJ,CAAC"}

package/dist/bundle.d.ts

@@ -0,0 +1,47 @@
+/**
+ * `binding.passportsign.json` bundle format — the portable unit of
+ * verification.
+ *
+ * Rekor stores hashes, not artifacts. To verify a binding, a third party
+ * needs both the Rekor entry (hash + inclusion proof) and the artifacts
+ * that were hashed. The bundle carries both: the canonical statement bytes
+ * (hex), the proof blob (base64), and the Rekor metadata.
+ *
+ * Shape follows the Sigstore verification-bundle pattern. The
+ * `rekor.inclusion_proof` field is intentionally `unknown` for now — its
+ * shape gets pinned in Day 5 after we've smoke-tested the public Sigstore
+ * Rekor response format.
+ */
+export declare const BUNDLE_FORMAT_VERSION: 1;
+export interface RekorBundleFields {
+    log_entry_hash: string;
+    inclusion_proof: unknown;
+    log_root_at_submission: string;
+}
+export interface PassportsignBundle {
+    bundle_format_version: typeof BUNDLE_FORMAT_VERSION;
+    /** Hex-encoded canonical JCS bytes of the in-toto statement. */
+    statement: string;
+    /** Base64-encoded zkPassport proof blob. */
+    proof_blob: string;
+    rekor: RekorBundleFields;
+}
+export declare class BundleValidationError extends Error {
+    readonly path: string;
+    constructor(path: string, message: string);
+}
+/**
+ * Type-guard validator for `PassportsignBundle`. Throws
+ * `BundleValidationError` with a structured path on the first issue.
+ */
+export declare function validateBundle(value: unknown): asserts value is PassportsignBundle;
+/**
+ * Read and validate a `binding.passportsign.json` file. Throws on
+ * invalid JSON or schema violations.
+ */
+export declare function readBundle(path: string): PassportsignBundle;
+/**
+ * Validate and write a `binding.passportsign.json` file (pretty-printed).
+ */
+export declare function writeBundle(path: string, bundle: PassportsignBundle): void;
+//# sourceMappingURL=bundle.d.ts.map

package/dist/bundle.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bundle.d.ts","sourceRoot":"","sources":["../src/bundle.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAIH,eAAO,MAAM,qBAAqB,EAAG,CAAU,CAAC;AAEhD,MAAM,WAAW,iBAAiB;IAChC,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,OAAO,CAAC;IACzB,sBAAsB,EAAE,MAAM,CAAC;CAChC;AAED,MAAM,WAAW,kBAAkB;IACjC,qBAAqB,EAAE,OAAO,qBAAqB,CAAC;IACpD,gEAAgE;IAChE,SAAS,EAAE,MAAM,CAAC;IAClB,4CAA4C;IAC5C,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,iBAAiB,CAAC;CAC1B;AAOD,qBAAa,qBAAsB,SAAQ,KAAK;IAE5C,QAAQ,CAAC,IAAI,EAAE,MAAM;gBAAZ,IAAI,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM;CAKlB;AAUD;;;GAGG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,KAAK,IAAI,kBAAkB,CAsClF;AAED;;;GAGG;AACH,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,kBAAkB,CAa3D;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,kBAAkB,GAAG,IAAI,CAG1E"}