@peac/audit 0.10.9

package/dist/dispute-bundle-types.d.ts

@@ -0,0 +1,303 @@
+/**
+ * Dispute Bundle Types (v0.9.30+)
+ *
+ * DisputeBundle is a ZIP archive containing receipts, keys, and policy
+ * for offline verification and audit. Distinct from CaseBundle (JSONL).
+ *
+ * Key design principles:
+ * 1. ZIP is transport container, not what we hash
+ * 2. Deterministic integrity at content layer (JCS-canonicalized manifest)
+ * 3. receipts.ndjson format for determinism + streaming
+ * 4. bundle.sig for authenticity
+ */
+/**
+ * Bundle format version.
+ * Normalized in v0.10.0 to peac-<artifact>/<major>.<minor> pattern.
+ * The `kind` field distinguishes bundle types (dispute, audit, etc.).
+ */
+export declare const BUNDLE_VERSION: "peac-bundle/0.1";
+/**
+ * @deprecated Use BUNDLE_VERSION instead. Will be removed in v1.0.
+ */
+export declare const DISPUTE_BUNDLE_VERSION: "peac-bundle/0.1";
+/**
+ * Verification report format version.
+ * Normalized in v0.10.0 to peac-<artifact>/<major>.<minor> pattern.
+ */
+export declare const VERIFICATION_REPORT_VERSION: "peac-verification-report/0.1";
+/**
+ * Bundle kind - identifies the purpose of the bundle.
+ */
+export type BundleKind = 'dispute' | 'audit' | 'archive';
+/**
+ * File entry in the bundle manifest.
+ * Each file has a SHA-256 hash for integrity verification.
+ */
+export interface ManifestFileEntry {
+    /** Relative path within the bundle (e.g., "receipts.ndjson", "keys/keys.json") */
+    path: string;
+    /** SHA-256 hash of file contents (hex-encoded, lowercase) */
+    sha256: string;
+    /** File size in bytes */
+    size: number;
+}
+/**
+ * Receipt entry in the manifest.
+ * Provides receipt metadata for ordering and lookup.
+ */
+export interface ManifestReceiptEntry {
+    /** Receipt ID (from claims.jti) */
+    receipt_id: string;
+    /** When the receipt was issued (ISO 8601) */
+    issued_at: string;
+    /** SHA-256 hash of the JWS bytes (for deduplication and ordering) */
+    receipt_hash: string;
+}
+/**
+ * Key entry in the manifest.
+ * Maps key IDs to their algorithms.
+ */
+export interface ManifestKeyEntry {
+    /** Key ID (kid from JWK) */
+    kid: string;
+    /** Key algorithm (e.g., "EdDSA") */
+    alg: string;
+}
+/**
+ * Bundle time range.
+ * All receipts must have issued_at within this range.
+ */
+export interface BundleTimeRange {
+    /** Earliest receipt issued_at (ISO 8601) */
+    start: string;
+    /** Latest receipt issued_at (ISO 8601) */
+    end: string;
+}
+/**
+ * Bundle reference - identifies what this bundle is for.
+ * Format: sha256:<hex> for hash-based refs, or ULID/UUID for ID refs.
+ */
+export interface BundleRef {
+    /** Reference type */
+    type: 'dispute' | 'receipt' | 'audit_case' | 'external';
+    /** Reference ID (ULID, UUID, or sha256:<hex> hash) */
+    id: string;
+}
+/**
+ * Bundle manifest (manifest.json).
+ *
+ * The manifest is the source of truth for bundle integrity.
+ * `content_hash` is sha256:<hex> of JCS(manifest without content_hash).
+ */
+export interface DisputeBundleManifest {
+    /** Bundle format version (peac-bundle/0.1) */
+    version: typeof BUNDLE_VERSION;
+    /** Bundle kind - what type of bundle this is */
+    kind: BundleKind;
+    /** Unique bundle identifier (ULID) */
+    bundle_id: string;
+    /** What this bundle references (replaces dispute_ref) */
+    refs: BundleRef[];
+    /**
+     * @deprecated Use refs instead. Will be removed in v1.0.
+     * Dispute reference this bundle is for (ULID)
+     */
+    dispute_ref?: string;
+    /** Who created the bundle (URI) */
+    created_by: string;
+    /** When the bundle was created (ISO 8601) */
+    created_at: string;
+    /** Time range covered by receipts */
+    time_range: BundleTimeRange;
+    /** Receipt entries (sorted by issued_at, then receipt_id, then receipt_hash) */
+    receipts: ManifestReceiptEntry[];
+    /** Key entries (sorted by kid) */
+    keys: ManifestKeyEntry[];
+    /** All files in the bundle (sorted by path) */
+    files: ManifestFileEntry[];
+    /** sha256:<hex> hash of policy.yaml if included */
+    policy_hash?: string;
+    /** sha256:<hex> of JCS(manifest without content_hash) - deterministic bundle hash */
+    content_hash: string;
+}
+/**
+ * Options for creating a dispute bundle.
+ */
+export interface CreateDisputeBundleOptions {
+    /** Bundle kind (defaults to 'dispute') */
+    kind?: BundleKind;
+    /** Bundle references (what this bundle is for) */
+    refs?: BundleRef[];
+    /**
+     * @deprecated Use refs instead. Will be removed in v1.0.
+     * Dispute reference (ULID)
+     */
+    dispute_ref?: string;
+    /** Who is creating the bundle (URI) */
+    created_by: string;
+    /** Receipt JWS strings to include */
+    receipts: string[];
+    /** JWKS containing public keys for verification */
+    keys: JsonWebKeySet;
+    /** Optional policy YAML content */
+    policy?: string;
+    /** Optional bundle ID (generated if not provided) */
+    bundle_id?: string;
+    /** Optional created_at timestamp (for deterministic fixtures) */
+    created_at?: string;
+    /** Optional signing key for bundle.sig (Ed25519 private key, 32 bytes) */
+    signing_key?: Uint8Array;
+    /** Key ID for bundle.sig (required if signing_key is provided) */
+    signing_kid?: string;
+}
+/**
+ * JSON Web Key Set (JWKS) structure.
+ */
+export interface JsonWebKeySet {
+    keys: JsonWebKey[];
+}
+/**
+ * JSON Web Key (JWK) with required fields for PEAC.
+ */
+export interface JsonWebKey {
+    /** Key type (e.g., "OKP" for Ed25519) */
+    kty: string;
+    /** Key ID */
+    kid: string;
+    /** Algorithm (e.g., "EdDSA") */
+    alg?: string;
+    /** Curve (e.g., "Ed25519") */
+    crv?: string;
+    /** Public key (base64url) */
+    x?: string;
+    /** Key use (e.g., "sig") */
+    use?: string;
+    /** Additional properties */
+    [key: string]: unknown;
+}
+/**
+ * Result of reading a dispute bundle.
+ */
+export interface DisputeBundleContents {
+    /** Parsed manifest */
+    manifest: DisputeBundleManifest;
+    /** Receipt JWS strings by receipt_id */
+    receipts: Map<string, string>;
+    /** JWKS containing all keys */
+    keys: JsonWebKeySet;
+    /** Policy content if present */
+    policy?: string;
+    /** bundle.sig JWS if present */
+    bundle_sig?: string;
+}
+/**
+ * Receipt verification result.
+ */
+export interface ReceiptVerificationResult {
+    /** Receipt ID */
+    receipt_id: string;
+    /** Whether signature is valid */
+    signature_valid: boolean;
+    /** Whether claims are valid */
+    claims_valid: boolean;
+    /** Key ID used to sign */
+    key_id?: string;
+    /** Error codes if invalid */
+    errors: string[];
+    /** Parsed claims if valid */
+    claims?: Record<string, unknown>;
+}
+/**
+ * Key usage tracking.
+ */
+export interface KeyUsageEntry {
+    /** Key ID */
+    kid: string;
+    /** Number of receipts signed with this key */
+    receipts_signed: number;
+    /** Receipt IDs signed with this key */
+    receipt_ids: string[];
+}
+/**
+ * Auditor-friendly summary.
+ */
+export interface AuditorSummary {
+    /** One-line headline (e.g., "17/20 receipts valid") */
+    headline: string;
+    /** List of issues found */
+    issues: string[];
+    /** Recommendation based on findings */
+    recommendation: 'valid' | 'invalid' | 'needs_review';
+}
+/**
+ * Bundle signature verification result.
+ */
+export interface BundleSignatureResult {
+    /** Whether bundle.sig was present */
+    present: boolean;
+    /** Whether the signature is valid (only set if present) */
+    valid?: boolean;
+    /** Key ID used to sign the bundle (only set if present) */
+    key_id?: string;
+    /** Error if signature verification failed */
+    error?: string;
+}
+/**
+ * Deterministic verification report.
+ *
+ * This is the canonical output format for bundle verification.
+ * `report_hash` is SHA-256 of JCS(report without report_hash).
+ */
+export interface VerificationReport {
+    /** Report format version */
+    version: typeof VERIFICATION_REPORT_VERSION;
+    /** Bundle content hash (from manifest) */
+    bundle_content_hash: string;
+    /** Bundle signature verification result */
+    bundle_signature: BundleSignatureResult;
+    /** Summary counts */
+    summary: {
+        total_receipts: number;
+        valid: number;
+        invalid: number;
+    };
+    /** Individual receipt results (sorted by receipt_id) */
+    receipts: ReceiptVerificationResult[];
+    /** Keys used in verification (sorted by kid) */
+    keys_used: KeyUsageEntry[];
+    /** Human-friendly summary */
+    auditor_summary: AuditorSummary;
+    /** SHA-256 of JCS(report without report_hash) - deterministic report hash */
+    report_hash: string;
+}
+/**
+ * Options for bundle verification.
+ */
+export interface VerifyBundleOptions {
+    /** Use only keys from the bundle (no external key fetching) */
+    offline: boolean;
+    /** Custom time for validation (defaults to now) */
+    now?: Date;
+}
+/**
+ * Bundle read/write error.
+ */
+export interface BundleError {
+    /** Error code (E_BUNDLE_*) */
+    code: string;
+    /** Human-readable message */
+    message: string;
+    /** Additional context */
+    details?: Record<string, unknown>;
+}
+/**
+ * Result type for bundle operations.
+ */
+export type BundleResult<T> = {
+    ok: true;
+    value: T;
+} | {
+    ok: false;
+    error: BundleError;
+};
+//# sourceMappingURL=dispute-bundle-types.d.ts.map

package/dist/dispute-bundle-types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dispute-bundle-types.d.ts","sourceRoot":"","sources":["../src/dispute-bundle-types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH;;;;GAIG;AACH,eAAO,MAAM,cAAc,EAAG,iBAA0B,CAAC;AAEzD;;GAEG;AACH,eAAO,MAAM,sBAAsB,mBAAiB,CAAC;AAErD;;;GAGG;AACH,eAAO,MAAM,2BAA2B,EAAG,8BAAuC,CAAC;AAEnF;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,OAAO,GAAG,SAAS,CAAC;AAEzD;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,kFAAkF;IAClF,IAAI,EAAE,MAAM,CAAC;IAEb,6DAA6D;IAC7D,MAAM,EAAE,MAAM,CAAC;IAEf,yBAAyB;IACzB,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC,mCAAmC;IACnC,UAAU,EAAE,MAAM,CAAC;IAEnB,6CAA6C;IAC7C,SAAS,EAAE,MAAM,CAAC;IAElB,qEAAqE;IACrE,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,4BAA4B;IAC5B,GAAG,EAAE,MAAM,CAAC;IAEZ,oCAAoC;IACpC,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,4CAA4C;IAC5C,KAAK,EAAE,MAAM,CAAC;IAEd,0CAA0C;IAC1C,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,qBAAqB;IACrB,IAAI,EAAE,SAAS,GAAG,SAAS,GAAG,YAAY,GAAG,UAAU,CAAC;IAExD,sDAAsD;IACtD,EAAE,EAAE,MAAM,CAAC;CACZ;AAED;;;;;GAKG;AACH,MAAM,WAAW,qBAAqB;IACpC,8CAA8C;IAC9C,OAAO,EAAE,OAAO,cAAc,CAAC;IAE/B,gDAAgD;IAChD,IAAI,EAAE,UAAU,CAAC;IAEjB,sCAAsC;IACtC,SAAS,EAAE,MAAM,CAAC;IAElB,yDAAyD;IACzD,IAAI,EAAE,SAAS,EAAE,CAAC;IAElB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,mCAAmC;IACnC,UAAU,EAAE,MAAM,CAAC;IAEnB,6CAA6C;IAC7C,UAAU,EAAE,MAAM,CAAC;IAEnB,qCAAqC;IACrC,UAAU,EAAE,eAAe,CAAC;IAE5B,gFAAgF;IAChF,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IAEjC,kCAAkC;IAClC,IAAI,EAAE,gBAAgB,EAAE,CAAC;IAEzB,+CAA+C;IAC/C,KAAK,EAAE,iBAAiB,EAAE,CAAC;IAE3B,mDAAmD;IACnD,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,qFAAqF;IACrF,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC,0CAA0C;IAC1C,IAAI,CAAC,EAAE,UAAU,CAAC;IAElB,kDAAkD;IAClD,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC;IAEnB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,uCAAuC;IACvC,UAAU,EAAE,MAAM,CAAC;IAEnB,qCAAqC;IACrC,QAAQ,EAAE,MAAM,EAAE,CAAC;IAEnB,mDAAmD;IACnD,IAAI,EAAE,aAAa,CAAC;IAEpB,mCAAmC;IACnC,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,qDAAqD;IACrD,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,iEAAiE;IACjE,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,0EAA0E;IAC1E,WAAW,CAAC,EAAE,UAAU,CAAC;IAEzB,kEAAkE;IAClE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,UAAU,EAAE,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,yCAAyC;IACzC,GAAG,EAAE,MAAM,CAAC;IAEZ,aAAa;IACb,GAAG,EAAE,MAAM,CAAC;IAEZ,gCAAgC;IAChC,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,8BAA8B;IAC9B,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,6BAA6B;IAC7B,CAAC,CAAC,EAAE,MAAM,CAAC;IAEX,4BAA4B;IAC5B,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,4BAA4B;IAC5B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,sBAAsB;IACtB,QAAQ,EAAE,qBAAqB,CAAC;IAEhC,wCAAwC;IACxC,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE9B,+BAA+B;IAC/B,IAAI,EAAE,aAAa,CAAC;IAEpB,gCAAgC;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,gCAAgC;IAChC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,iBAAiB;IACjB,UAAU,EAAE,MAAM,CAAC;IAEnB,iCAAiC;IACjC,eAAe,EAAE,OAAO,CAAC;IAEzB,+BAA+B;IAC/B,YAAY,EAAE,OAAO,CAAC;IAEtB,0BAA0B;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,6BAA6B;IAC7B,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB,6BAA6B;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,aAAa;IACb,GAAG,EAAE,MAAM,CAAC;IAEZ,8CAA8C;IAC9C,eAAe,EAAE,MAAM,CAAC;IAExB,uCAAuC;IACvC,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,uDAAuD;IACvD,QAAQ,EAAE,MAAM,CAAC;IAEjB,2BAA2B;IAC3B,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB,uCAAuC;IACvC,cAAc,EAAE,OAAO,GAAG,SAAS,GAAG,cAAc,CAAC;CACtD;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,qCAAqC;IACrC,OAAO,EAAE,OAAO,CAAC;IAEjB,2DAA2D;IAC3D,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB,2DAA2D;IAC3D,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,6CAA6C;IAC7C,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;;GAKG;AACH,MAAM,WAAW,kBAAkB;IACjC,4BAA4B;IAC5B,OAAO,EAAE,OAAO,2BAA2B,CAAC;IAE5C,0CAA0C;IAC1C,mBAAmB,EAAE,MAAM,CAAC;IAE5B,2CAA2C;IAC3C,gBAAgB,EAAE,qBAAqB,CAAC;IAExC,qBAAqB;IACrB,OAAO,EAAE;QACP,cAAc,EAAE,MAAM,CAAC;QACvB,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;IAEF,wDAAwD;IACxD,QAAQ,EAAE,yBAAyB,EAAE,CAAC;IAEtC,gDAAgD;IAChD,SAAS,EAAE,aAAa,EAAE,CAAC;IAE3B,6BAA6B;IAC7B,eAAe,EAAE,cAAc,CAAC;IAEhC,6EAA6E;IAC7E,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,+DAA+D;IAC/D,OAAO,EAAE,OAAO,CAAC;IAEjB,mDAAmD;IACnD,GAAG,CAAC,EAAE,IAAI,CAAC;CACZ;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IAEb,6BAA6B;IAC7B,OAAO,EAAE,MAAM,CAAC;IAEhB,yBAAyB;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,MAAM,YAAY,CAAC,CAAC,IAAI;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,KAAK,EAAE,CAAC,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,WAAW,CAAA;CAAE,CAAC"}

package/dist/dispute-bundle-types.js

@@ -0,0 +1,31 @@
+"use strict";
+/**
+ * Dispute Bundle Types (v0.9.30+)
+ *
+ * DisputeBundle is a ZIP archive containing receipts, keys, and policy
+ * for offline verification and audit. Distinct from CaseBundle (JSONL).
+ *
+ * Key design principles:
+ * 1. ZIP is transport container, not what we hash
+ * 2. Deterministic integrity at content layer (JCS-canonicalized manifest)
+ * 3. receipts.ndjson format for determinism + streaming
+ * 4. bundle.sig for authenticity
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VERIFICATION_REPORT_VERSION = exports.DISPUTE_BUNDLE_VERSION = exports.BUNDLE_VERSION = void 0;
+/**
+ * Bundle format version.
+ * Normalized in v0.10.0 to peac-<artifact>/<major>.<minor> pattern.
+ * The `kind` field distinguishes bundle types (dispute, audit, etc.).
+ */
+exports.BUNDLE_VERSION = 'peac-bundle/0.1';
+/**
+ * @deprecated Use BUNDLE_VERSION instead. Will be removed in v1.0.
+ */
+exports.DISPUTE_BUNDLE_VERSION = exports.BUNDLE_VERSION;
+/**
+ * Verification report format version.
+ * Normalized in v0.10.0 to peac-<artifact>/<major>.<minor> pattern.
+ */
+exports.VERIFICATION_REPORT_VERSION = 'peac-verification-report/0.1';
+//# sourceMappingURL=dispute-bundle-types.js.map

package/dist/dispute-bundle-types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dispute-bundle-types.js","sourceRoot":"","sources":["../src/dispute-bundle-types.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAEH;;;;GAIG;AACU,QAAA,cAAc,GAAG,iBAA0B,CAAC;AAEzD;;GAEG;AACU,QAAA,sBAAsB,GAAG,sBAAc,CAAC;AAErD;;;GAGG;AACU,QAAA,2BAA2B,GAAG,8BAAuC,CAAC"}

package/dist/dispute-bundle.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Dispute Bundle (v0.9.30+)
+ *
+ * DisputeBundle is a ZIP archive containing receipts, keys, and policy
+ * for offline verification and audit.
+ *
+ * Key design principles:
+ * 1. ZIP is transport container, not what we hash - deterministic integrity at content layer
+ * 2. bundle.sig provides authenticity (JWS over content_hash)
+ * 3. receipts.ndjson format for determinism + streaming
+ * 4. Real Ed25519 signature verification
+ */
+import type { BundleResult, CreateDisputeBundleOptions, DisputeBundleContents, DisputeBundleManifest } from './dispute-bundle-types.js';
+/**
+ * Re-export BUNDLE_ERRORS as BundleErrorCodes for backwards compatibility
+ * @deprecated Use BUNDLE_ERRORS from @peac/kernel directly
+ */
+export declare const BundleErrorCodes: {
+    readonly DUPLICATE_RECEIPT: "E_BUNDLE_DUPLICATE_RECEIPT";
+    readonly HASH_MISMATCH: "E_BUNDLE_HASH_MISMATCH";
+    readonly INVALID_FORMAT: "E_BUNDLE_INVALID_FORMAT";
+    readonly KEY_MISSING: "E_BUNDLE_KEY_MISSING";
+    readonly MANIFEST_INVALID: "E_BUNDLE_MANIFEST_INVALID";
+    readonly MANIFEST_MISSING: "E_BUNDLE_MANIFEST_MISSING";
+    readonly MISSING_KEYS: "E_BUNDLE_MISSING_KEYS";
+    readonly MISSING_RECEIPTS: "E_BUNDLE_MISSING_RECEIPTS";
+    readonly PATH_TRAVERSAL: "E_BUNDLE_PATH_TRAVERSAL";
+    readonly POLICY_HASH_MISMATCH: "E_BUNDLE_POLICY_HASH_MISMATCH";
+    readonly RECEIPTS_UNORDERED: "E_BUNDLE_RECEIPTS_UNORDERED";
+    readonly RECEIPT_INVALID: "E_BUNDLE_RECEIPT_INVALID";
+    readonly SIGNATURE_INVALID: "E_BUNDLE_SIGNATURE_INVALID";
+    readonly SIZE_EXCEEDED: "E_BUNDLE_SIZE_EXCEEDED";
+    readonly TIME_RANGE_INVALID: "E_BUNDLE_TIME_RANGE_INVALID";
+};
+/**
+ * Create a dispute bundle from receipts, keys, and optional policy.
+ */
+export declare function createDisputeBundle(options: CreateDisputeBundleOptions): Promise<BundleResult<Buffer>>;
+/**
+ * Read and parse a dispute bundle from a ZIP buffer.
+ */
+export declare function readDisputeBundle(zipBuffer: Buffer): Promise<BundleResult<DisputeBundleContents>>;
+/**
+ * Verify bundle integrity without verifying receipt signatures.
+ */
+export declare function verifyBundleIntegrity(zipBuffer: Buffer): Promise<BundleResult<{
+    manifest: DisputeBundleManifest;
+}>>;
+/**
+ * Get the content hash of a bundle without fully parsing it.
+ */
+export declare function getBundleContentHash(zipBuffer: Buffer): Promise<BundleResult<string>>;
+export { BundleErrorCodes as BUNDLE_ERROR_CODES };
+//# sourceMappingURL=dispute-bundle.d.ts.map

package/dist/dispute-bundle.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dispute-bundle.d.ts","sourceRoot":"","sources":["../src/dispute-bundle.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AASH,OAAO,KAAK,EAEV,YAAY,EAEZ,0BAA0B,EAC1B,qBAAqB,EACrB,qBAAqB,EAMtB,MAAM,2BAA2B,CAAC;AA2BnC;;;GAGG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;CAAgB,CAAC;AAwL9C;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,0BAA0B,GAClC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CA4Q/B;AA6BD;;GAEG;AACH,wBAAsB,iBAAiB,CACrC,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,YAAY,CAAC,qBAAqB,CAAC,CAAC,CAqL9C;AAwND;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,YAAY,CAAC;IAAE,QAAQ,EAAE,qBAAqB,CAAA;CAAE,CAAC,CAAC,CAM5D;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAyE3F;AAGD,OAAO,EAAE,gBAAgB,IAAI,kBAAkB,EAAE,CAAC"}