@peac/kernel 0.12.1 → 0.12.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/carrier.d.ts +9 -9
- package/dist/constants.cjs +10 -1
- package/dist/constants.cjs.map +1 -1
- package/dist/constants.d.ts +34 -3
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.mjs +10 -2
- package/dist/constants.mjs.map +1 -1
- package/dist/error-categories.generated.d.ts +1 -1
- package/dist/errors.cjs +40 -0
- package/dist/errors.cjs.map +1 -1
- package/dist/errors.generated.d.ts +5 -1
- package/dist/errors.generated.d.ts.map +1 -1
- package/dist/errors.mjs +40 -0
- package/dist/errors.mjs.map +1 -1
- package/dist/index.cjs +353 -25
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +3 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +345 -26
- package/dist/index.mjs.map +1 -1
- package/dist/registries.cjs +303 -24
- package/dist/registries.cjs.map +1 -1
- package/dist/registries.d.ts +9 -49
- package/dist/registries.d.ts.map +1 -1
- package/dist/registries.generated.cjs +418 -0
- package/dist/registries.generated.cjs.map +1 -0
- package/dist/registries.generated.d.ts +78 -0
- package/dist/registries.generated.d.ts.map +1 -0
- package/dist/registries.generated.mjs +400 -0
- package/dist/registries.generated.mjs.map +1 -0
- package/dist/registries.mjs +296 -25
- package/dist/registries.mjs.map +1 -1
- package/dist/types.cjs.map +1 -1
- package/dist/types.d.ts +1 -1
- package/dist/types.mjs.map +1 -1
- package/dist/wire-02-types.d.ts +6 -6
- package/dist/wire-02-types.d.ts.map +1 -1
- package/package.json +1 -1
package/dist/index.d.ts
CHANGED
|
@@ -7,11 +7,12 @@
|
|
|
7
7
|
export type { JsonPrimitive, JsonValue, JsonArray, JsonObject, NextAction, ErrorDefinition, ErrorCategory, PaymentRailEntry, ControlEngineEntry, TransportMethodEntry, AgentProtocolEntry, Wire02Kind, EvidencePillar, } from './types.js';
|
|
8
8
|
export { ERROR_CATEGORIES } from './types.js';
|
|
9
9
|
export { WIRE_TYPE, WIRE_VERSION, ALGORITHMS, HEADERS, POLICY, ISSUER_CONFIG, DISCOVERY, // @deprecated - use POLICY instead
|
|
10
|
-
JWKS, RECEIPT, LIMITS, BUNDLE_VERSION, VERIFICATION_REPORT_VERSION, HASH, parseHash, formatHash, isValidHash, VERIFIER_LIMITS, VERIFIER_NETWORK, PRIVATE_IP_RANGES, VERIFIER_POLICY_VERSION, VERIFICATION_MODES, CONSTANTS, WIRE_01_JWS_TYP, WIRE_02_JWS_TYP, WIRE_02_JWS_TYP_ACCEPT, WIRE_02_VERSION, WIRE_VERSIONS, ISS_CANONICAL, TYPE_GRAMMAR, POLICY_BLOCK, OCCURRED_AT_TOLERANCE_SECONDS, PEAC_ALG, } from './constants.js';
|
|
10
|
+
JWKS, RECEIPT, LIMITS, BUNDLE_VERSION, VERIFICATION_REPORT_VERSION, HASH, parseHash, formatHash, isValidHash, VERIFIER_LIMITS, VERIFIER_NETWORK, PRIVATE_IP_RANGES, VERIFIER_POLICY_VERSION, VERIFICATION_MODES, CONSTANTS, WIRE_01_JWS_TYP, WIRE_02_JWS_TYP, WIRE_02_JWS_TYP_ACCEPT, WIRE_02_VERSION, WIRE_VERSIONS, ISS_CANONICAL, TYPE_GRAMMAR, POLICY_BLOCK, OCCURRED_AT_TOLERANCE_SECONDS, PEAC_ALG, EXTENSION_BUDGET, } from './constants.js';
|
|
11
11
|
export type { WireVersion, VerificationStrictness } from './constants.js';
|
|
12
12
|
export type { PolicyBlock, RepresentationFields, VerificationWarning } from './wire-02-types.js';
|
|
13
13
|
export { ERROR_CODES, ERRORS, BUNDLE_ERRORS, DISPUTE_ERRORS, getError, isRetryable, type ErrorCode, } from './errors.js';
|
|
14
|
-
export { PAYMENT_RAILS, CONTROL_ENGINES, TRANSPORT_METHODS, AGENT_PROTOCOLS, REGISTRIES, findPaymentRail, findControlEngine, findTransportMethod, findAgentProtocol, } from './registries.js';
|
|
14
|
+
export { PAYMENT_RAILS, CONTROL_ENGINES, TRANSPORT_METHODS, AGENT_PROTOCOLS, PROOF_TYPES, RECEIPT_TYPES, EXTENSION_GROUPS, PILLAR_VALUES, TYPE_TO_EXTENSION_MAP, REGISTRIES, findPaymentRail, findControlEngine, findTransportMethod, findAgentProtocol, findProofType, findReceiptType, findExtensionGroup, } from './registries.generated.js';
|
|
15
|
+
export type { ProofTypeEntry, ReceiptTypeEntry, ExtensionGroupEntry, } from './registries.generated.js';
|
|
15
16
|
export { VARY_HEADERS, applyPurposeVary, getPeacVaryHeaders, needsPurposeVary } from './http.js';
|
|
16
17
|
export { PEAC_RECEIPT_HEADER, PEAC_RECEIPT_URL_HEADER } from './carrier.js';
|
|
17
18
|
export type { ReceiptRef, CarrierFormat, PeacEvidenceCarrier, CarrierMeta, CarrierValidationResult, CarrierAdapter, } from './carrier.js';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,YAAY,EAEV,aAAa,EACb,SAAS,EACT,SAAS,EACT,UAAU,EAEV,UAAU,EACV,eAAe,EACf,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAElB,UAAU,EACV,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAG9C,OAAO,EACL,SAAS,EACT,YAAY,EACZ,UAAU,EACV,OAAO,EACP,MAAM,EACN,aAAa,EACb,SAAS,EAAE,mCAAmC;AAC9C,IAAI,EACJ,OAAO,EACP,MAAM,EACN,cAAc,EACd,2BAA2B,EAC3B,IAAI,EACJ,SAAS,EACT,UAAU,EACV,WAAW,EAEX,eAAe,EACf,gBAAgB,EAChB,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,SAAS,EAET,eAAe,EACf,eAAe,EACf,sBAAsB,EACtB,eAAe,EACf,aAAa,EACb,aAAa,EACb,YAAY,EACZ,YAAY,EACZ,6BAA6B,EAC7B,QAAQ,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,YAAY,EAEV,aAAa,EACb,SAAS,EACT,SAAS,EACT,UAAU,EAEV,UAAU,EACV,eAAe,EACf,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAElB,UAAU,EACV,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAG9C,OAAO,EACL,SAAS,EACT,YAAY,EACZ,UAAU,EACV,OAAO,EACP,MAAM,EACN,aAAa,EACb,SAAS,EAAE,mCAAmC;AAC9C,IAAI,EACJ,OAAO,EACP,MAAM,EACN,cAAc,EACd,2BAA2B,EAC3B,IAAI,EACJ,SAAS,EACT,UAAU,EACV,WAAW,EAEX,eAAe,EACf,gBAAgB,EAChB,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,SAAS,EAET,eAAe,EACf,eAAe,EACf,sBAAsB,EACtB,eAAe,EACf,aAAa,EACb,aAAa,EACb,YAAY,EACZ,YAAY,EACZ,6BAA6B,EAC7B,QAAQ,EAER,gBAAgB,GACjB,MAAM,gBAAgB,CAAC;AAGxB,YAAY,EAAE,WAAW,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AAG1E,YAAY,EAAE,WAAW,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAGjG,OAAO,EACL,WAAW,EACX,MAAM,EACN,aAAa,EACb,cAAc,EACd,QAAQ,EACR,WAAW,EACX,KAAK,SAAS,GACf,MAAM,aAAa,CAAC;AAKrB,OAAO,EACL,aAAa,EACb,eAAe,EACf,iBAAiB,EACjB,eAAe,EACf,WAAW,EACX,aAAa,EACb,gBAAgB,EAChB,aAAa,EACb,qBAAqB,EACrB,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,kBAAkB,GACnB,MAAM,2BAA2B,CAAC;AACnC,YAAY,EACV,cAAc,EACd,gBAAgB,EAChB,mBAAmB,GACpB,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EAAE,YAAY,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAGjG,OAAO,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AAC5E,YAAY,EACV,UAAU,EACV,aAAa,EACb,mBAAmB,EACnB,WAAW,EACX,uBAAuB,EACvB,cAAc,GACf,MAAM,cAAc,CAAC"}
|
package/dist/index.mjs
CHANGED
|
@@ -56,7 +56,7 @@ var DISCOVERY = {
|
|
|
56
56
|
};
|
|
57
57
|
var JWKS = {
|
|
58
58
|
rotationDays: 90,
|
|
59
|
-
/** Normative minimum overlap period (
|
|
59
|
+
/** Normative minimum overlap period (v0.11.3+) */
|
|
60
60
|
overlapDays: 30,
|
|
61
61
|
emergencyRevocationHours: 24
|
|
62
62
|
};
|
|
@@ -177,6 +177,14 @@ var POLICY_BLOCK = {
|
|
|
177
177
|
};
|
|
178
178
|
var OCCURRED_AT_TOLERANCE_SECONDS = 300;
|
|
179
179
|
var PEAC_ALG = ALGORITHMS.default;
|
|
180
|
+
var EXTENSION_BUDGET = {
|
|
181
|
+
/** Max UTF-8 bytes per extension group after JSON.stringify (64 KB) */
|
|
182
|
+
maxGroupBytes: 65536,
|
|
183
|
+
/** Max total UTF-8 bytes across all extensions after JSON.stringify (256 KB) */
|
|
184
|
+
maxTotalBytes: 262144,
|
|
185
|
+
/** Max UTF-8 bytes for any single string array field (32 KB) */
|
|
186
|
+
maxArrayPayloadBytes: 32768
|
|
187
|
+
};
|
|
180
188
|
var CONSTANTS = {
|
|
181
189
|
WIRE_TYPE,
|
|
182
190
|
WIRE_VERSION,
|
|
@@ -316,6 +324,8 @@ var ERROR_CODES = {
|
|
|
316
324
|
E_EAT_UNSUPPORTED_ALG: "E_EAT_UNSUPPORTED_ALG",
|
|
317
325
|
E_EVIDENCE_NOT_JSON: "E_EVIDENCE_NOT_JSON",
|
|
318
326
|
E_EXPIRED: "E_EXPIRED",
|
|
327
|
+
E_EXTENSION_NON_JSON_VALUE: "E_EXTENSION_NON_JSON_VALUE",
|
|
328
|
+
E_EXTENSION_SIZE_EXCEEDED: "E_EXTENSION_SIZE_EXCEEDED",
|
|
319
329
|
E_INVALID_AMOUNT: "E_INVALID_AMOUNT",
|
|
320
330
|
E_INVALID_AUDIENCE: "E_INVALID_AUDIENCE",
|
|
321
331
|
E_INVALID_CURRENCY: "E_INVALID_CURRENCY",
|
|
@@ -342,6 +352,8 @@ var ERROR_CODES = {
|
|
|
342
352
|
E_WIRE_VERSION_MISMATCH: "E_WIRE_VERSION_MISMATCH",
|
|
343
353
|
// Verification error codes
|
|
344
354
|
E_EAT_SIGNATURE_FAILED: "E_EAT_SIGNATURE_FAILED",
|
|
355
|
+
E_EXTENSION_GROUP_MISMATCH: "E_EXTENSION_GROUP_MISMATCH",
|
|
356
|
+
E_EXTENSION_GROUP_REQUIRED: "E_EXTENSION_GROUP_REQUIRED",
|
|
345
357
|
E_INVALID_SIGNATURE: "E_INVALID_SIGNATURE",
|
|
346
358
|
E_KEY_NOT_FOUND: "E_KEY_NOT_FOUND",
|
|
347
359
|
E_KID_REUSE_DETECTED: "E_KID_REUSE_DETECTED",
|
|
@@ -1372,6 +1384,24 @@ var ERRORS = {
|
|
|
1372
1384
|
next_action: "retry_with_different_input",
|
|
1373
1385
|
category: "validation"
|
|
1374
1386
|
},
|
|
1387
|
+
E_EXTENSION_NON_JSON_VALUE: {
|
|
1388
|
+
code: "E_EXTENSION_NON_JSON_VALUE",
|
|
1389
|
+
http_status: 400,
|
|
1390
|
+
title: "Extension Non-JSON Value",
|
|
1391
|
+
description: "Extension group value is not a plain JSON value; functions, Symbols, BigInt, Date, RegExp, Map, Set, objects with toJSON(), and other non-JSON types are rejected",
|
|
1392
|
+
retryable: false,
|
|
1393
|
+
next_action: "retry_with_different_input",
|
|
1394
|
+
category: "validation"
|
|
1395
|
+
},
|
|
1396
|
+
E_EXTENSION_SIZE_EXCEEDED: {
|
|
1397
|
+
code: "E_EXTENSION_SIZE_EXCEEDED",
|
|
1398
|
+
http_status: 400,
|
|
1399
|
+
title: "Extension Size Exceeded",
|
|
1400
|
+
description: "Extension group or total extensions record exceeds the normative byte-budget limit (EXTENSION_BUDGET)",
|
|
1401
|
+
retryable: false,
|
|
1402
|
+
next_action: "retry_with_different_input",
|
|
1403
|
+
category: "validation"
|
|
1404
|
+
},
|
|
1375
1405
|
E_INVALID_AMOUNT: {
|
|
1376
1406
|
code: "E_INVALID_AMOUNT",
|
|
1377
1407
|
http_status: 400,
|
|
@@ -1598,6 +1628,24 @@ var ERRORS = {
|
|
|
1598
1628
|
next_action: "retry_with_different_key",
|
|
1599
1629
|
category: "verification"
|
|
1600
1630
|
},
|
|
1631
|
+
E_EXTENSION_GROUP_MISMATCH: {
|
|
1632
|
+
code: "E_EXTENSION_GROUP_MISMATCH",
|
|
1633
|
+
http_status: 400,
|
|
1634
|
+
title: "Extension Group Mismatch",
|
|
1635
|
+
description: "Registered receipt type has a mapped extension group, but a different registered first-party extension group is present while the expected one is absent",
|
|
1636
|
+
retryable: false,
|
|
1637
|
+
next_action: "retry_with_different_input",
|
|
1638
|
+
category: "verification"
|
|
1639
|
+
},
|
|
1640
|
+
E_EXTENSION_GROUP_REQUIRED: {
|
|
1641
|
+
code: "E_EXTENSION_GROUP_REQUIRED",
|
|
1642
|
+
http_status: 400,
|
|
1643
|
+
title: "Extension Group Required",
|
|
1644
|
+
description: "Registered receipt type has a mapped extension group, but that group is absent from the extensions record",
|
|
1645
|
+
retryable: false,
|
|
1646
|
+
next_action: "retry_with_different_input",
|
|
1647
|
+
category: "verification"
|
|
1648
|
+
},
|
|
1601
1649
|
E_INVALID_SIGNATURE: {
|
|
1602
1650
|
code: "E_INVALID_SIGNATURE",
|
|
1603
1651
|
http_status: 400,
|
|
@@ -1956,13 +2004,13 @@ var DISPUTE_ERRORS = {
|
|
|
1956
2004
|
TARGET_NOT_FOUND: "E_DISPUTE_TARGET_NOT_FOUND"
|
|
1957
2005
|
};
|
|
1958
2006
|
|
|
1959
|
-
// src/registries.ts
|
|
2007
|
+
// src/registries.generated.ts
|
|
1960
2008
|
var PAYMENT_RAILS = [
|
|
1961
2009
|
{
|
|
1962
|
-
id: "
|
|
1963
|
-
category: "
|
|
1964
|
-
description: "
|
|
1965
|
-
reference:
|
|
2010
|
+
id: "card-network",
|
|
2011
|
+
category: "card",
|
|
2012
|
+
description: "Generic card network authorizations/clearing",
|
|
2013
|
+
reference: null,
|
|
1966
2014
|
status: "informational"
|
|
1967
2015
|
},
|
|
1968
2016
|
{
|
|
@@ -1973,10 +2021,17 @@ var PAYMENT_RAILS = [
|
|
|
1973
2021
|
status: "informational"
|
|
1974
2022
|
},
|
|
1975
2023
|
{
|
|
1976
|
-
id: "
|
|
1977
|
-
category: "
|
|
1978
|
-
description: "
|
|
1979
|
-
reference:
|
|
2024
|
+
id: "razorpay",
|
|
2025
|
+
category: "payment-gateway",
|
|
2026
|
+
description: "Razorpay payment gateway (UPI, cards, netbanking, wallets)",
|
|
2027
|
+
reference: "https://razorpay.com/docs/",
|
|
2028
|
+
status: "informational"
|
|
2029
|
+
},
|
|
2030
|
+
{
|
|
2031
|
+
id: "stripe",
|
|
2032
|
+
category: "payment-gateway",
|
|
2033
|
+
description: "Stripe payment processing",
|
|
2034
|
+
reference: "https://stripe.com/docs",
|
|
1980
2035
|
status: "informational"
|
|
1981
2036
|
},
|
|
1982
2037
|
{
|
|
@@ -1985,13 +2040,20 @@ var PAYMENT_RAILS = [
|
|
|
1985
2040
|
description: "Unified Payments Interface",
|
|
1986
2041
|
reference: "https://www.npci.org.in/",
|
|
1987
2042
|
status: "informational"
|
|
2043
|
+
},
|
|
2044
|
+
{
|
|
2045
|
+
id: "x402",
|
|
2046
|
+
category: "agentic-payment",
|
|
2047
|
+
description: "HTTP 402-based paid call receipts",
|
|
2048
|
+
reference: "https://www.x402.org/",
|
|
2049
|
+
status: "informational"
|
|
1988
2050
|
}
|
|
1989
2051
|
];
|
|
1990
2052
|
var CONTROL_ENGINES = [
|
|
1991
2053
|
{
|
|
1992
|
-
id: "
|
|
1993
|
-
category: "
|
|
1994
|
-
description: "Generic
|
|
2054
|
+
id: "mandate-service",
|
|
2055
|
+
category: "mandate",
|
|
2056
|
+
description: "Generic enterprise mandate/approval chain evaluator",
|
|
1995
2057
|
reference: null,
|
|
1996
2058
|
status: "informational"
|
|
1997
2059
|
},
|
|
@@ -2003,11 +2065,25 @@ var CONTROL_ENGINES = [
|
|
|
2003
2065
|
status: "informational"
|
|
2004
2066
|
},
|
|
2005
2067
|
{
|
|
2006
|
-
id: "
|
|
2007
|
-
category: "
|
|
2008
|
-
description: "
|
|
2068
|
+
id: "rsl",
|
|
2069
|
+
category: "access-policy",
|
|
2070
|
+
description: "Robots Specification Layer usage token evaluation",
|
|
2009
2071
|
reference: null,
|
|
2010
2072
|
status: "informational"
|
|
2073
|
+
},
|
|
2074
|
+
{
|
|
2075
|
+
id: "spend-control-service",
|
|
2076
|
+
category: "limits",
|
|
2077
|
+
description: "Generic spend control decisions (per-tx, daily, monthly limits)",
|
|
2078
|
+
reference: null,
|
|
2079
|
+
status: "informational"
|
|
2080
|
+
},
|
|
2081
|
+
{
|
|
2082
|
+
id: "tap",
|
|
2083
|
+
category: "agent-verification",
|
|
2084
|
+
description: "Trusted Agent Protocol control decisions (HTTP signature verification)",
|
|
2085
|
+
reference: "https://developer.visa.com/",
|
|
2086
|
+
status: "informational"
|
|
2011
2087
|
}
|
|
2012
2088
|
];
|
|
2013
2089
|
var TRANSPORT_METHODS = [
|
|
@@ -2035,10 +2111,10 @@ var TRANSPORT_METHODS = [
|
|
|
2035
2111
|
];
|
|
2036
2112
|
var AGENT_PROTOCOLS = [
|
|
2037
2113
|
{
|
|
2038
|
-
id: "
|
|
2039
|
-
category: "
|
|
2040
|
-
description: "
|
|
2041
|
-
reference: "https://
|
|
2114
|
+
id: "a2a",
|
|
2115
|
+
category: "agent-protocol",
|
|
2116
|
+
description: "Agent-to-Agent Protocol (A2A, Linux Foundation)",
|
|
2117
|
+
reference: "https://a2a-protocol.org/",
|
|
2042
2118
|
status: "informational"
|
|
2043
2119
|
},
|
|
2044
2120
|
{
|
|
@@ -2055,31 +2131,274 @@ var AGENT_PROTOCOLS = [
|
|
|
2055
2131
|
reference: null,
|
|
2056
2132
|
status: "informational"
|
|
2057
2133
|
},
|
|
2134
|
+
{
|
|
2135
|
+
id: "mcp",
|
|
2136
|
+
category: "tool-protocol",
|
|
2137
|
+
description: "Model Context Protocol (MCP)",
|
|
2138
|
+
reference: "https://modelcontextprotocol.io/",
|
|
2139
|
+
status: "informational"
|
|
2140
|
+
},
|
|
2058
2141
|
{
|
|
2059
2142
|
id: "tap",
|
|
2060
2143
|
category: "card-protocol",
|
|
2061
2144
|
description: "Trusted Agent Protocol (Visa TAP)",
|
|
2062
2145
|
reference: "https://developer.visa.com/",
|
|
2063
2146
|
status: "informational"
|
|
2147
|
+
},
|
|
2148
|
+
{
|
|
2149
|
+
id: "ucp",
|
|
2150
|
+
category: "commerce-protocol",
|
|
2151
|
+
description: "Universal Commerce Protocol (UCP)",
|
|
2152
|
+
reference: null,
|
|
2153
|
+
status: "informational"
|
|
2064
2154
|
}
|
|
2065
2155
|
];
|
|
2156
|
+
var PROOF_TYPES = [
|
|
2157
|
+
{
|
|
2158
|
+
id: "custom",
|
|
2159
|
+
category: "vendor-defined",
|
|
2160
|
+
description: "Vendor-defined proof type; registered per-issuer in extension metadata",
|
|
2161
|
+
reference: null,
|
|
2162
|
+
status: "informational"
|
|
2163
|
+
},
|
|
2164
|
+
{
|
|
2165
|
+
id: "did",
|
|
2166
|
+
category: "decentralized-identity",
|
|
2167
|
+
description: "W3C Decentralized Identifier (DID) resolution and verification",
|
|
2168
|
+
reference: "https://www.w3.org/TR/did-core/",
|
|
2169
|
+
status: "informational"
|
|
2170
|
+
},
|
|
2171
|
+
{
|
|
2172
|
+
id: "eat-background-check",
|
|
2173
|
+
category: "rats",
|
|
2174
|
+
description: "Verifier fetches attestation result from registry in RATS Background-Check model (RFC 9711)",
|
|
2175
|
+
reference: "https://www.rfc-editor.org/rfc/rfc9711",
|
|
2176
|
+
status: "informational"
|
|
2177
|
+
},
|
|
2178
|
+
{
|
|
2179
|
+
id: "eat-passport",
|
|
2180
|
+
category: "rats",
|
|
2181
|
+
description: "Agent carries Entity Attestation Token in RATS Passport model (RFC 9711)",
|
|
2182
|
+
reference: "https://www.rfc-editor.org/rfc/rfc9711",
|
|
2183
|
+
status: "informational"
|
|
2184
|
+
},
|
|
2185
|
+
{
|
|
2186
|
+
id: "ed25519-cert-chain",
|
|
2187
|
+
category: "attestation-chain",
|
|
2188
|
+
description: "Ed25519 issuer-to-holder attestation chain (RFC 8032)",
|
|
2189
|
+
reference: "https://www.rfc-editor.org/rfc/rfc8032",
|
|
2190
|
+
status: "informational"
|
|
2191
|
+
},
|
|
2192
|
+
{
|
|
2193
|
+
id: "sigstore-oidc",
|
|
2194
|
+
category: "keyless-signing",
|
|
2195
|
+
description: "OIDC-bound keyless signing via Sigstore (Fulcio + Rekor transparency log)",
|
|
2196
|
+
reference: "https://docs.sigstore.dev/",
|
|
2197
|
+
status: "informational"
|
|
2198
|
+
},
|
|
2199
|
+
{
|
|
2200
|
+
id: "spiffe",
|
|
2201
|
+
category: "workload-identity",
|
|
2202
|
+
description: "CNCF SPIFFE workload identity (spiffe:// URI scheme)",
|
|
2203
|
+
reference: "https://spiffe.io/docs/latest/spiffe-about/overview/",
|
|
2204
|
+
status: "informational"
|
|
2205
|
+
},
|
|
2206
|
+
{
|
|
2207
|
+
id: "x509-pki",
|
|
2208
|
+
category: "pki",
|
|
2209
|
+
description: "Traditional X.509 PKI certificate chain verification (RFC 5280)",
|
|
2210
|
+
reference: "https://www.rfc-editor.org/rfc/rfc5280",
|
|
2211
|
+
status: "informational"
|
|
2212
|
+
}
|
|
2213
|
+
];
|
|
2214
|
+
var RECEIPT_TYPES = [
|
|
2215
|
+
{
|
|
2216
|
+
id: "org.peacprotocol/access-decision",
|
|
2217
|
+
pillar: "access",
|
|
2218
|
+
description: "Access control decision evidence (allow, deny, review)",
|
|
2219
|
+
extension_group: "org.peacprotocol/access",
|
|
2220
|
+
status: "informational"
|
|
2221
|
+
},
|
|
2222
|
+
{
|
|
2223
|
+
id: "org.peacprotocol/attribution-event",
|
|
2224
|
+
pillar: "attribution",
|
|
2225
|
+
description: "Content or action attribution evidence",
|
|
2226
|
+
extension_group: "org.peacprotocol/attribution",
|
|
2227
|
+
status: "informational"
|
|
2228
|
+
},
|
|
2229
|
+
{
|
|
2230
|
+
id: "org.peacprotocol/compliance-check",
|
|
2231
|
+
pillar: "compliance",
|
|
2232
|
+
description: "Regulatory compliance check evidence",
|
|
2233
|
+
extension_group: "org.peacprotocol/compliance",
|
|
2234
|
+
status: "informational"
|
|
2235
|
+
},
|
|
2236
|
+
{
|
|
2237
|
+
id: "org.peacprotocol/consent-record",
|
|
2238
|
+
pillar: "consent",
|
|
2239
|
+
description: "Consent collection or withdrawal evidence",
|
|
2240
|
+
extension_group: "org.peacprotocol/consent",
|
|
2241
|
+
status: "informational"
|
|
2242
|
+
},
|
|
2243
|
+
{
|
|
2244
|
+
id: "org.peacprotocol/identity-attestation",
|
|
2245
|
+
pillar: "identity",
|
|
2246
|
+
description: "Identity verification or attestation evidence",
|
|
2247
|
+
extension_group: "org.peacprotocol/identity",
|
|
2248
|
+
status: "informational"
|
|
2249
|
+
},
|
|
2250
|
+
{
|
|
2251
|
+
id: "org.peacprotocol/payment",
|
|
2252
|
+
pillar: "commerce",
|
|
2253
|
+
description: "Commerce transaction evidence (payment, authorization, settlement)",
|
|
2254
|
+
extension_group: "org.peacprotocol/commerce",
|
|
2255
|
+
status: "informational"
|
|
2256
|
+
},
|
|
2257
|
+
{
|
|
2258
|
+
id: "org.peacprotocol/privacy-signal",
|
|
2259
|
+
pillar: "privacy",
|
|
2260
|
+
description: "Privacy signal observation or enforcement evidence",
|
|
2261
|
+
extension_group: "org.peacprotocol/privacy",
|
|
2262
|
+
status: "informational"
|
|
2263
|
+
},
|
|
2264
|
+
{
|
|
2265
|
+
id: "org.peacprotocol/provenance-record",
|
|
2266
|
+
pillar: "provenance",
|
|
2267
|
+
description: "Data or content provenance tracking evidence",
|
|
2268
|
+
extension_group: "org.peacprotocol/provenance",
|
|
2269
|
+
status: "informational"
|
|
2270
|
+
},
|
|
2271
|
+
{
|
|
2272
|
+
id: "org.peacprotocol/purpose-declaration",
|
|
2273
|
+
pillar: "purpose",
|
|
2274
|
+
description: "Purpose declaration or limitation evidence",
|
|
2275
|
+
extension_group: "org.peacprotocol/purpose",
|
|
2276
|
+
status: "informational"
|
|
2277
|
+
},
|
|
2278
|
+
{
|
|
2279
|
+
id: "org.peacprotocol/safety-review",
|
|
2280
|
+
pillar: "safety",
|
|
2281
|
+
description: "Content or agent safety review evidence",
|
|
2282
|
+
extension_group: "org.peacprotocol/safety",
|
|
2283
|
+
status: "informational"
|
|
2284
|
+
}
|
|
2285
|
+
];
|
|
2286
|
+
var EXTENSION_GROUPS = [
|
|
2287
|
+
{
|
|
2288
|
+
id: "org.peacprotocol/access",
|
|
2289
|
+
description: "Access extension: resource, action, decision (allow/deny/review)",
|
|
2290
|
+
status: "informational"
|
|
2291
|
+
},
|
|
2292
|
+
{
|
|
2293
|
+
id: "org.peacprotocol/attribution",
|
|
2294
|
+
description: "Attribution extension: creator_ref, license_spdx, obligation_type, attribution_text, content_signal_source, content_digest",
|
|
2295
|
+
status: "informational"
|
|
2296
|
+
},
|
|
2297
|
+
{
|
|
2298
|
+
id: "org.peacprotocol/challenge",
|
|
2299
|
+
description: "Challenge extension: challenge_type, problem (RFC 9457), requirements",
|
|
2300
|
+
status: "informational"
|
|
2301
|
+
},
|
|
2302
|
+
{
|
|
2303
|
+
id: "org.peacprotocol/commerce",
|
|
2304
|
+
description: "Commerce extension: payment_rail, amount_minor, currency, reference, asset, env",
|
|
2305
|
+
status: "informational"
|
|
2306
|
+
},
|
|
2307
|
+
{
|
|
2308
|
+
id: "org.peacprotocol/compliance",
|
|
2309
|
+
description: "Compliance extension: framework, compliance_status, audit_ref, auditor, audit_date, scope, validity_period, evidence_ref",
|
|
2310
|
+
status: "informational"
|
|
2311
|
+
},
|
|
2312
|
+
{
|
|
2313
|
+
id: "org.peacprotocol/consent",
|
|
2314
|
+
description: "Consent extension: consent_basis, consent_status, data_categories, retention_period, consent_method, withdrawal_uri, scope, jurisdiction",
|
|
2315
|
+
status: "informational"
|
|
2316
|
+
},
|
|
2317
|
+
{
|
|
2318
|
+
id: "org.peacprotocol/correlation",
|
|
2319
|
+
description: "Correlation extension: trace_id, span_id, workflow_id, parent_jti, depends_on",
|
|
2320
|
+
status: "informational"
|
|
2321
|
+
},
|
|
2322
|
+
{
|
|
2323
|
+
id: "org.peacprotocol/identity",
|
|
2324
|
+
description: "Identity extension: proof_ref",
|
|
2325
|
+
status: "informational"
|
|
2326
|
+
},
|
|
2327
|
+
{
|
|
2328
|
+
id: "org.peacprotocol/privacy",
|
|
2329
|
+
description: "Privacy extension: data_classification, processing_basis, retention_period, retention_mode, recipient_scope, anonymization_method, data_subject_category, transfer_mechanism",
|
|
2330
|
+
status: "informational"
|
|
2331
|
+
},
|
|
2332
|
+
{
|
|
2333
|
+
id: "org.peacprotocol/provenance",
|
|
2334
|
+
description: "Provenance extension: source_type, source_ref, source_uri, build_provenance_uri, verification_method, custody_chain, slsa",
|
|
2335
|
+
status: "informational"
|
|
2336
|
+
},
|
|
2337
|
+
{
|
|
2338
|
+
id: "org.peacprotocol/purpose",
|
|
2339
|
+
description: "Purpose extension: external_purposes, purpose_basis, purpose_limitation, data_minimization, compatible_purposes, peac_purpose_mapping",
|
|
2340
|
+
status: "informational"
|
|
2341
|
+
},
|
|
2342
|
+
{
|
|
2343
|
+
id: "org.peacprotocol/safety",
|
|
2344
|
+
description: "Safety extension: review_status, risk_level, assessment_method, safety_measures, incident_ref, model_ref, category",
|
|
2345
|
+
status: "informational"
|
|
2346
|
+
}
|
|
2347
|
+
];
|
|
2348
|
+
var TYPE_TO_EXTENSION_MAP = /* @__PURE__ */ new Map([
|
|
2349
|
+
["org.peacprotocol/access-decision", "org.peacprotocol/access"],
|
|
2350
|
+
["org.peacprotocol/attribution-event", "org.peacprotocol/attribution"],
|
|
2351
|
+
["org.peacprotocol/compliance-check", "org.peacprotocol/compliance"],
|
|
2352
|
+
["org.peacprotocol/consent-record", "org.peacprotocol/consent"],
|
|
2353
|
+
["org.peacprotocol/identity-attestation", "org.peacprotocol/identity"],
|
|
2354
|
+
["org.peacprotocol/payment", "org.peacprotocol/commerce"],
|
|
2355
|
+
["org.peacprotocol/privacy-signal", "org.peacprotocol/privacy"],
|
|
2356
|
+
["org.peacprotocol/provenance-record", "org.peacprotocol/provenance"],
|
|
2357
|
+
["org.peacprotocol/purpose-declaration", "org.peacprotocol/purpose"],
|
|
2358
|
+
["org.peacprotocol/safety-review", "org.peacprotocol/safety"]
|
|
2359
|
+
]);
|
|
2360
|
+
var PILLAR_VALUES = [
|
|
2361
|
+
"access",
|
|
2362
|
+
"attribution",
|
|
2363
|
+
"commerce",
|
|
2364
|
+
"compliance",
|
|
2365
|
+
"consent",
|
|
2366
|
+
"identity",
|
|
2367
|
+
"privacy",
|
|
2368
|
+
"provenance",
|
|
2369
|
+
"purpose",
|
|
2370
|
+
"safety"
|
|
2371
|
+
];
|
|
2066
2372
|
var REGISTRIES = {
|
|
2067
2373
|
payment_rails: PAYMENT_RAILS,
|
|
2068
2374
|
control_engines: CONTROL_ENGINES,
|
|
2069
2375
|
transport_methods: TRANSPORT_METHODS,
|
|
2070
|
-
agent_protocols: AGENT_PROTOCOLS
|
|
2376
|
+
agent_protocols: AGENT_PROTOCOLS,
|
|
2377
|
+
proof_types: PROOF_TYPES,
|
|
2378
|
+
receipt_types: RECEIPT_TYPES,
|
|
2379
|
+
extension_groups: EXTENSION_GROUPS,
|
|
2380
|
+
pillar_values: PILLAR_VALUES
|
|
2071
2381
|
};
|
|
2072
2382
|
function findPaymentRail(id) {
|
|
2073
|
-
return PAYMENT_RAILS.find((
|
|
2383
|
+
return PAYMENT_RAILS.find((entry) => entry.id === id);
|
|
2074
2384
|
}
|
|
2075
2385
|
function findControlEngine(id) {
|
|
2076
|
-
return CONTROL_ENGINES.find((
|
|
2386
|
+
return CONTROL_ENGINES.find((entry) => entry.id === id);
|
|
2077
2387
|
}
|
|
2078
2388
|
function findTransportMethod(id) {
|
|
2079
|
-
return TRANSPORT_METHODS.find((
|
|
2389
|
+
return TRANSPORT_METHODS.find((entry) => entry.id === id);
|
|
2080
2390
|
}
|
|
2081
2391
|
function findAgentProtocol(id) {
|
|
2082
|
-
return AGENT_PROTOCOLS.find((
|
|
2392
|
+
return AGENT_PROTOCOLS.find((entry) => entry.id === id);
|
|
2393
|
+
}
|
|
2394
|
+
function findProofType(id) {
|
|
2395
|
+
return PROOF_TYPES.find((entry) => entry.id === id);
|
|
2396
|
+
}
|
|
2397
|
+
function findReceiptType(id) {
|
|
2398
|
+
return RECEIPT_TYPES.find((entry) => entry.id === id);
|
|
2399
|
+
}
|
|
2400
|
+
function findExtensionGroup(id) {
|
|
2401
|
+
return EXTENSION_GROUPS.find((entry) => entry.id === id);
|
|
2083
2402
|
}
|
|
2084
2403
|
|
|
2085
2404
|
// src/http.ts
|
|
@@ -2112,6 +2431,6 @@ function needsPurposeVary(purposeEnforced) {
|
|
|
2112
2431
|
var PEAC_RECEIPT_HEADER = "PEAC-Receipt";
|
|
2113
2432
|
var PEAC_RECEIPT_URL_HEADER = "PEAC-Receipt-URL";
|
|
2114
2433
|
|
|
2115
|
-
export { AGENT_PROTOCOLS, ALGORITHMS, BUNDLE_ERRORS, BUNDLE_VERSION, CONSTANTS, CONTROL_ENGINES, DISCOVERY, DISPUTE_ERRORS, ERRORS, ERROR_CATEGORIES, ERROR_CODES, HASH, HEADERS, ISSUER_CONFIG, ISS_CANONICAL, JWKS, LIMITS, OCCURRED_AT_TOLERANCE_SECONDS, PAYMENT_RAILS, PEAC_ALG, PEAC_RECEIPT_HEADER, PEAC_RECEIPT_URL_HEADER, POLICY, POLICY_BLOCK, PRIVATE_IP_RANGES, RECEIPT, REGISTRIES, TRANSPORT_METHODS, TYPE_GRAMMAR, VARY_HEADERS, VERIFICATION_MODES, VERIFICATION_REPORT_VERSION, VERIFIER_LIMITS, VERIFIER_NETWORK, VERIFIER_POLICY_VERSION, WIRE_01_JWS_TYP, WIRE_02_JWS_TYP, WIRE_02_JWS_TYP_ACCEPT, WIRE_02_VERSION, WIRE_TYPE, WIRE_VERSION, WIRE_VERSIONS, applyPurposeVary, findAgentProtocol, findControlEngine, findPaymentRail, findTransportMethod, formatHash, getError, getPeacVaryHeaders, isRetryable, isValidHash, needsPurposeVary, parseHash };
|
|
2434
|
+
export { AGENT_PROTOCOLS, ALGORITHMS, BUNDLE_ERRORS, BUNDLE_VERSION, CONSTANTS, CONTROL_ENGINES, DISCOVERY, DISPUTE_ERRORS, ERRORS, ERROR_CATEGORIES, ERROR_CODES, EXTENSION_BUDGET, EXTENSION_GROUPS, HASH, HEADERS, ISSUER_CONFIG, ISS_CANONICAL, JWKS, LIMITS, OCCURRED_AT_TOLERANCE_SECONDS, PAYMENT_RAILS, PEAC_ALG, PEAC_RECEIPT_HEADER, PEAC_RECEIPT_URL_HEADER, PILLAR_VALUES, POLICY, POLICY_BLOCK, PRIVATE_IP_RANGES, PROOF_TYPES, RECEIPT, RECEIPT_TYPES, REGISTRIES, TRANSPORT_METHODS, TYPE_GRAMMAR, TYPE_TO_EXTENSION_MAP, VARY_HEADERS, VERIFICATION_MODES, VERIFICATION_REPORT_VERSION, VERIFIER_LIMITS, VERIFIER_NETWORK, VERIFIER_POLICY_VERSION, WIRE_01_JWS_TYP, WIRE_02_JWS_TYP, WIRE_02_JWS_TYP_ACCEPT, WIRE_02_VERSION, WIRE_TYPE, WIRE_VERSION, WIRE_VERSIONS, applyPurposeVary, findAgentProtocol, findControlEngine, findExtensionGroup, findPaymentRail, findProofType, findReceiptType, findTransportMethod, formatHash, getError, getPeacVaryHeaders, isRetryable, isValidHash, needsPurposeVary, parseHash };
|
|
2116
2435
|
//# sourceMappingURL=index.mjs.map
|
|
2117
2436
|
//# sourceMappingURL=index.mjs.map
|