@peac/protocol 0.10.7 → 0.10.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/crypto-utils.d.ts +9 -0
- package/dist/crypto-utils.d.ts.map +1 -0
- package/dist/crypto-utils.js +21 -0
- package/dist/crypto-utils.js.map +1 -0
- package/dist/index.d.ts +7 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +14 -1
- package/dist/index.js.map +1 -1
- package/dist/issue.d.ts +3 -0
- package/dist/issue.d.ts.map +1 -1
- package/dist/issue.js +7 -17
- package/dist/issue.js.map +1 -1
- package/dist/pointer-fetch.d.ts +86 -0
- package/dist/pointer-fetch.d.ts.map +1 -0
- package/dist/pointer-fetch.js +305 -0
- package/dist/pointer-fetch.js.map +1 -0
- package/dist/ssrf-safe-fetch.d.ts +205 -0
- package/dist/ssrf-safe-fetch.d.ts.map +1 -0
- package/dist/ssrf-safe-fetch.js +671 -0
- package/dist/ssrf-safe-fetch.js.map +1 -0
- package/dist/telemetry.d.ts +43 -0
- package/dist/telemetry.d.ts.map +1 -1
- package/dist/telemetry.js +25 -0
- package/dist/telemetry.js.map +1 -1
- package/dist/transport-profiles.d.ts +115 -0
- package/dist/transport-profiles.d.ts.map +1 -0
- package/dist/transport-profiles.js +424 -0
- package/dist/transport-profiles.js.map +1 -0
- package/dist/verification-report.d.ts +135 -0
- package/dist/verification-report.d.ts.map +1 -0
- package/dist/verification-report.js +322 -0
- package/dist/verification-report.js.map +1 -0
- package/dist/verifier-core.d.ts +62 -0
- package/dist/verifier-core.d.ts.map +1 -0
- package/dist/verifier-core.js +578 -0
- package/dist/verifier-core.js.map +1 -0
- package/dist/verifier-types.d.ts +328 -0
- package/dist/verifier-types.d.ts.map +1 -0
- package/dist/verifier-types.js +161 -0
- package/dist/verifier-types.js.map +1 -0
- package/dist/verify-local.d.ts +46 -4
- package/dist/verify-local.d.ts.map +1 -1
- package/dist/verify-local.js +78 -37
- package/dist/verify-local.js.map +1 -1
- package/dist/verify.d.ts +3 -0
- package/dist/verify.d.ts.map +1 -1
- package/dist/verify.js +39 -28
- package/dist/verify.js.map +1 -1
- package/package.json +16 -5
package/dist/verify-local.js
CHANGED
|
@@ -7,6 +7,8 @@
|
|
|
7
7
|
*/
|
|
8
8
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
9
|
exports.verifyLocal = verifyLocal;
|
|
10
|
+
exports.isCommerceResult = isCommerceResult;
|
|
11
|
+
exports.isAttestationResult = isAttestationResult;
|
|
10
12
|
const crypto_1 = require("@peac/crypto");
|
|
11
13
|
const schema_1 = require("@peac/schema");
|
|
12
14
|
/**
|
|
@@ -34,6 +36,20 @@ const FORMAT_ERROR_CODES = new Set([
|
|
|
34
36
|
'CRYPTO_INVALID_ALG',
|
|
35
37
|
'CRYPTO_INVALID_KEY_LENGTH',
|
|
36
38
|
]);
|
|
39
|
+
/** Max parse issues to include in details (prevents log bloat) */
|
|
40
|
+
const MAX_PARSE_ISSUES = 25;
|
|
41
|
+
/**
|
|
42
|
+
* Sanitize Zod issues into a bounded, stable structure.
|
|
43
|
+
* Avoids exposing raw Zod internals or unbounded arrays in the public API.
|
|
44
|
+
*/
|
|
45
|
+
function sanitizeParseIssues(issues) {
|
|
46
|
+
if (!Array.isArray(issues))
|
|
47
|
+
return undefined;
|
|
48
|
+
return issues.slice(0, MAX_PARSE_ISSUES).map((issue) => ({
|
|
49
|
+
path: Array.isArray(issue?.path) ? issue.path.join('.') : '',
|
|
50
|
+
message: typeof issue?.message === 'string' ? issue.message : String(issue),
|
|
51
|
+
}));
|
|
52
|
+
}
|
|
37
53
|
/**
|
|
38
54
|
* Verify a PEAC receipt locally with a known public key
|
|
39
55
|
*
|
|
@@ -80,81 +96,88 @@ async function verifyLocal(jws, publicKey, options = {}) {
|
|
|
80
96
|
message: 'Ed25519 signature verification failed',
|
|
81
97
|
};
|
|
82
98
|
}
|
|
83
|
-
// 2. Validate schema
|
|
84
|
-
const
|
|
85
|
-
if (!
|
|
86
|
-
const firstIssue = parseResult.error.issues[0];
|
|
99
|
+
// 2. Validate schema (unified parser supports both commerce and attestation)
|
|
100
|
+
const pr = (0, schema_1.parseReceiptClaims)(result.payload);
|
|
101
|
+
if (!pr.ok) {
|
|
87
102
|
return {
|
|
88
103
|
valid: false,
|
|
89
104
|
code: 'E_INVALID_FORMAT',
|
|
90
|
-
message: `Receipt schema validation failed: ${
|
|
105
|
+
message: `Receipt schema validation failed: ${pr.error.message}`,
|
|
106
|
+
details: { parse_code: pr.error.code, issues: sanitizeParseIssues(pr.error.issues) },
|
|
91
107
|
};
|
|
92
108
|
}
|
|
93
|
-
|
|
109
|
+
// Shared binding checks (iss, aud, rid, iat, exp exist on both receipt types)
|
|
94
110
|
// 3. Check issuer binding
|
|
95
|
-
if (issuer !== undefined && claims.iss !== issuer) {
|
|
111
|
+
if (issuer !== undefined && pr.claims.iss !== issuer) {
|
|
96
112
|
return {
|
|
97
113
|
valid: false,
|
|
98
114
|
code: 'E_INVALID_ISSUER',
|
|
99
|
-
message: `Issuer mismatch: expected "${issuer}", got "${claims.iss}"`,
|
|
115
|
+
message: `Issuer mismatch: expected "${issuer}", got "${pr.claims.iss}"`,
|
|
100
116
|
};
|
|
101
117
|
}
|
|
102
118
|
// 4. Check audience binding
|
|
103
|
-
if (audience !== undefined && claims.aud !== audience) {
|
|
119
|
+
if (audience !== undefined && pr.claims.aud !== audience) {
|
|
104
120
|
return {
|
|
105
121
|
valid: false,
|
|
106
122
|
code: 'E_INVALID_AUDIENCE',
|
|
107
|
-
message: `Audience mismatch: expected "${audience}", got "${claims.aud}"`,
|
|
123
|
+
message: `Audience mismatch: expected "${audience}", got "${pr.claims.aud}"`,
|
|
108
124
|
};
|
|
109
125
|
}
|
|
110
|
-
// 5. Check
|
|
111
|
-
if (
|
|
112
|
-
const actualSubjectUri = claims.subject?.uri;
|
|
113
|
-
if (actualSubjectUri !== subjectUri) {
|
|
114
|
-
return {
|
|
115
|
-
valid: false,
|
|
116
|
-
code: 'E_INVALID_SUBJECT',
|
|
117
|
-
message: `Subject mismatch: expected "${subjectUri}", got "${actualSubjectUri ?? 'undefined'}"`,
|
|
118
|
-
};
|
|
119
|
-
}
|
|
120
|
-
}
|
|
121
|
-
// 6. Check receipt ID binding
|
|
122
|
-
if (rid !== undefined && claims.rid !== rid) {
|
|
126
|
+
// 5. Check receipt ID binding
|
|
127
|
+
if (rid !== undefined && pr.claims.rid !== rid) {
|
|
123
128
|
return {
|
|
124
129
|
valid: false,
|
|
125
130
|
code: 'E_INVALID_RECEIPT_ID',
|
|
126
|
-
message: `Receipt ID mismatch: expected "${rid}", got "${claims.rid}"`,
|
|
131
|
+
message: `Receipt ID mismatch: expected "${rid}", got "${pr.claims.rid}"`,
|
|
127
132
|
};
|
|
128
133
|
}
|
|
129
|
-
//
|
|
130
|
-
if (requireExp && claims.exp === undefined) {
|
|
134
|
+
// 6. Check requireExp
|
|
135
|
+
if (requireExp && pr.claims.exp === undefined) {
|
|
131
136
|
return {
|
|
132
137
|
valid: false,
|
|
133
138
|
code: 'E_MISSING_EXP',
|
|
134
139
|
message: 'Receipt missing required exp claim',
|
|
135
140
|
};
|
|
136
141
|
}
|
|
137
|
-
//
|
|
138
|
-
if (claims.iat > now + maxClockSkew) {
|
|
142
|
+
// 7. Check not-yet-valid (iat with clock skew)
|
|
143
|
+
if (pr.claims.iat > now + maxClockSkew) {
|
|
139
144
|
return {
|
|
140
145
|
valid: false,
|
|
141
146
|
code: 'E_NOT_YET_VALID',
|
|
142
|
-
message: `Receipt not yet valid: issued at ${new Date(claims.iat * 1000).toISOString()}, now is ${new Date(now * 1000).toISOString()}`,
|
|
147
|
+
message: `Receipt not yet valid: issued at ${new Date(pr.claims.iat * 1000).toISOString()}, now is ${new Date(now * 1000).toISOString()}`,
|
|
143
148
|
};
|
|
144
149
|
}
|
|
145
|
-
//
|
|
146
|
-
if (claims.exp !== undefined && claims.exp < now - maxClockSkew) {
|
|
150
|
+
// 8. Check expiry (with clock skew tolerance)
|
|
151
|
+
if (pr.claims.exp !== undefined && pr.claims.exp < now - maxClockSkew) {
|
|
147
152
|
return {
|
|
148
153
|
valid: false,
|
|
149
154
|
code: 'E_EXPIRED',
|
|
150
|
-
message: `Receipt expired at ${new Date(claims.exp * 1000).toISOString()}`,
|
|
155
|
+
message: `Receipt expired at ${new Date(pr.claims.exp * 1000).toISOString()}`,
|
|
151
156
|
};
|
|
152
157
|
}
|
|
153
|
-
return
|
|
154
|
-
|
|
155
|
-
claims
|
|
156
|
-
|
|
157
|
-
|
|
158
|
+
// 9. Subject binding + typed return (variant-branched, no unsafe casts)
|
|
159
|
+
if (pr.variant === 'commerce') {
|
|
160
|
+
const claims = pr.claims;
|
|
161
|
+
if (subjectUri !== undefined && claims.subject?.uri !== subjectUri) {
|
|
162
|
+
return {
|
|
163
|
+
valid: false,
|
|
164
|
+
code: 'E_INVALID_SUBJECT',
|
|
165
|
+
message: `Subject mismatch: expected "${subjectUri}", got "${claims.subject?.uri ?? 'undefined'}"`,
|
|
166
|
+
};
|
|
167
|
+
}
|
|
168
|
+
return { valid: true, variant: 'commerce', claims, kid: result.header.kid };
|
|
169
|
+
}
|
|
170
|
+
else {
|
|
171
|
+
const claims = pr.claims;
|
|
172
|
+
if (subjectUri !== undefined && claims.sub !== subjectUri) {
|
|
173
|
+
return {
|
|
174
|
+
valid: false,
|
|
175
|
+
code: 'E_INVALID_SUBJECT',
|
|
176
|
+
message: `Subject mismatch: expected "${subjectUri}", got "${claims.sub ?? 'undefined'}"`,
|
|
177
|
+
};
|
|
178
|
+
}
|
|
179
|
+
return { valid: true, variant: 'attestation', claims, kid: result.header.kid };
|
|
180
|
+
}
|
|
158
181
|
}
|
|
159
182
|
catch (err) {
|
|
160
183
|
// Handle typed CryptoError from @peac/crypto
|
|
@@ -186,4 +209,22 @@ async function verifyLocal(jws, publicKey, options = {}) {
|
|
|
186
209
|
};
|
|
187
210
|
}
|
|
188
211
|
}
|
|
212
|
+
/**
|
|
213
|
+
* Type guard: narrows a VerifyLocalResult to a commerce success.
|
|
214
|
+
*
|
|
215
|
+
* Use instead of manual `result.valid && result.variant === 'commerce'` checks
|
|
216
|
+
* to get proper claims narrowing to ReceiptClaimsType.
|
|
217
|
+
*/
|
|
218
|
+
function isCommerceResult(r) {
|
|
219
|
+
return r.valid === true && r.variant === 'commerce';
|
|
220
|
+
}
|
|
221
|
+
/**
|
|
222
|
+
* Type guard: narrows a VerifyLocalResult to an attestation success.
|
|
223
|
+
*
|
|
224
|
+
* Use instead of manual `result.valid && result.variant === 'attestation'` checks
|
|
225
|
+
* to get proper claims narrowing to AttestationReceiptClaims.
|
|
226
|
+
*/
|
|
227
|
+
function isAttestationResult(r) {
|
|
228
|
+
return r.valid === true && r.variant === 'attestation';
|
|
229
|
+
}
|
|
189
230
|
//# sourceMappingURL=verify-local.js.map
|
package/dist/verify-local.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify-local.js","sourceRoot":"","sources":["../src/verify-local.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;
|
|
1
|
+
{"version":3,"file":"verify-local.js","sourceRoot":"","sources":["../src/verify-local.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAoOH,kCA2IC;AAQD,4CAIC;AAQD,kDAIC;AArYD,yCAAmD;AACnD,yCAIsB;AAYtB;;;GAGG;AACH,SAAS,aAAa,CAAC,GAAY;IACjC,OAAO,CACL,GAAG,KAAK,IAAI;QACZ,OAAO,GAAG,KAAK,QAAQ;QACvB,MAAM,IAAI,GAAG;QACb,GAAG,CAAC,IAAI,KAAK,aAAa;QAC1B,MAAM,IAAI,GAAG;QACb,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ;QAC5B,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAC9B,SAAS,IAAI,GAAG;QAChB,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,CAChC,CAAC;AACJ,CAAC;AAoID;;;GAGG;AACH,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,2BAA2B;IAC3B,oBAAoB;IACpB,oBAAoB;IACpB,2BAA2B;CAC5B,CAAC,CAAC;AAEH,kEAAkE;AAClE,MAAM,gBAAgB,GAAG,EAAE,CAAC;AAE5B;;;GAGG;AACH,SAAS,mBAAmB,CAC1B,MAAe;IAEf,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,OAAO,SAAS,CAAC;IAC7C,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACvD,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE;QAC5D,OAAO,EAAE,OAAO,KAAK,EAAE,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;KAC5E,CAAC,CAAC,CAAC;AACN,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACI,KAAK,UAAU,WAAW,CAC/B,GAAW,EACX,SAAqB,EACrB,UAA8B,EAAE;IAEhC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,GAAG,KAAK,EAAE,YAAY,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC;IAC9F,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAEzD,IAAI,CAAC;QACH,sEAAsE;QACtE,MAAM,MAAM,GAAG,MAAM,IAAA,eAAS,EAAU,GAAG,EAAE,SAAS,CAAC,CAAC;QAExD,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,uCAAuC;aACjD,CAAC;QACJ,CAAC;QAED,6EAA6E;QAC7E,MAAM,EAAE,GAAG,IAAA,2BAAkB,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAE9C,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACX,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,kBAAkB;gBACxB,OAAO,EAAE,qCAAqC,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE;gBAChE,OAAO,EAAE,EAAE,UAAU,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,mBAAmB,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;aACrF,CAAC;QACJ,CAAC;QAED,8EAA8E;QAC9E,0BAA0B;QAC1B,IAAI,MAAM,KAAK,SAAS,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,MAAM,EAAE,CAAC;YACrD,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,kBAAkB;gBACxB,OAAO,EAAE,8BAA8B,MAAM,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG;aACzE,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,IAAI,QAAQ,KAAK,SAAS,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YACzD,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,gCAAgC,QAAQ,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG;aAC7E,CAAC;QACJ,CAAC;QAED,8BAA8B;QAC9B,IAAI,GAAG,KAAK,SAAS,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,GAAG,EAAE,CAAC;YAC/C,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,sBAAsB;gBAC5B,OAAO,EAAE,kCAAkC,GAAG,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG;aAC1E,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,IAAI,UAAU,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC9C,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,oCAAoC;aAC9C,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,YAAY,EAAE,CAAC;YACvC,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,oCAAoC,IAAI,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,YAAY,IAAI,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;aAC1I,CAAC;QACJ,CAAC;QAED,8CAA8C;QAC9C,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,SAAS,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,YAAY,EAAE,CAAC;YACtE,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,sBAAsB,IAAI,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;aAC9E,CAAC;QACJ,CAAC;QAED,wEAAwE;QACxE,IAAI,EAAE,CAAC,OAAO,KAAK,UAAU,EAAE,CAAC;YAC9B,MAAM,MAAM,GAAG,EAAE,CAAC,MAA2B,CAAC;YAC9C,IAAI,UAAU,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,KAAK,UAAU,EAAE,CAAC;gBACnE,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,+BAA+B,UAAU,WAAW,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,WAAW,GAAG;iBACnG,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,MAAM,MAAM,GAAG,EAAE,CAAC,MAAkC,CAAC;YACrD,IAAI,UAAU,KAAK,SAAS,IAAI,MAAM,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;gBAC1D,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,+BAA+B,UAAU,WAAW,MAAM,CAAC,GAAG,IAAI,WAAW,GAAG;iBAC1F,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QACjF,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,6CAA6C;QAC7C,sFAAsF;QACtF,qDAAqD;QACrD,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,IAAI,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,IAAI,EAAE,kBAAkB;oBACxB,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC;YACJ,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;gBAC5C,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,IAAI,EAAE,qBAAqB;oBAC3B,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,0DAA0D;QAC1D,+CAA+C;QAC/C,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,IAAI,EAAE,YAAY;YAClB,OAAO,EAAE,kCAAkC,OAAO,EAAE;SACrD,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,gBAAgB,CAC9B,CAAoB;IAEpB,OAAO,CAAC,CAAC,KAAK,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC;AACtD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CACjC,CAAoB;IAEpB,OAAO,CAAC,CAAC,KAAK,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,KAAK,aAAa,CAAC;AACzD,CAAC"}
|
package/dist/verify.d.ts
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
* Receipt verification with JWKS fetching and caching
|
|
3
3
|
*/
|
|
4
4
|
import { PEACReceiptClaims, SubjectProfileSnapshot } from '@peac/schema';
|
|
5
|
+
import { type TelemetryHook } from './telemetry.js';
|
|
5
6
|
/**
|
|
6
7
|
* Verification result
|
|
7
8
|
*/
|
|
@@ -37,6 +38,8 @@ export interface VerifyOptions {
|
|
|
37
38
|
receiptJws: string;
|
|
38
39
|
/** Subject profile snapshot (v0.9.17+, optional envelope metadata) */
|
|
39
40
|
subject_snapshot?: SubjectProfileSnapshot;
|
|
41
|
+
/** Telemetry hook (optional, fire-and-forget) */
|
|
42
|
+
telemetry?: TelemetryHook;
|
|
40
43
|
}
|
|
41
44
|
/**
|
|
42
45
|
* Verify a PEAC receipt JWS
|
package/dist/verify.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EACL,iBAAiB,EAEjB,sBAAsB,EAEvB,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EACL,iBAAiB,EAEjB,sBAAsB,EAEvB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAkC,KAAK,aAAa,EAAE,MAAM,gBAAgB,CAAC;AA8BpF;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,6BAA6B;IAC7B,EAAE,EAAE,IAAI,CAAC;IAET,qBAAqB;IACrB,MAAM,EAAE,iBAAiB,CAAC;IAE1B,uDAAuD;IACvD,gBAAgB,CAAC,EAAE,sBAAsB,CAAC;IAE1C,0BAA0B;IAC1B,IAAI,CAAC,EAAE;QACL,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,CAAC,EAAE,MAAM,CAAC;KACxB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,0BAA0B;IAC1B,EAAE,EAAE,KAAK,CAAC;IAEV,mBAAmB;IACnB,MAAM,EAAE,MAAM,CAAC;IAEf,oBAAoB;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAmGD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,gCAAgC;IAChC,UAAU,EAAE,MAAM,CAAC;IAEnB,sEAAsE;IACtE,gBAAgB,CAAC,EAAE,sBAAsB,CAAC;IAE1C,iDAAiD;IACjD,SAAS,CAAC,EAAE,aAAa,CAAC;CAC3B;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CACjC,YAAY,EAAE,MAAM,GAAG,aAAa,GACnC,OAAO,CAAC,YAAY,GAAG,aAAa,CAAC,CAyHvC"}
|
package/dist/verify.js
CHANGED
|
@@ -6,7 +6,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
6
6
|
exports.verifyReceipt = verifyReceipt;
|
|
7
7
|
const crypto_1 = require("@peac/crypto");
|
|
8
8
|
const schema_1 = require("@peac/schema");
|
|
9
|
-
const telemetry_1 = require("@peac/telemetry");
|
|
10
9
|
const telemetry_js_1 = require("./telemetry.js");
|
|
11
10
|
/**
|
|
12
11
|
* In-memory JWKS cache
|
|
@@ -95,27 +94,6 @@ function jwkToPublicKey(jwk) {
|
|
|
95
94
|
}
|
|
96
95
|
return new Uint8Array(xBytes);
|
|
97
96
|
}
|
|
98
|
-
/**
|
|
99
|
-
* Emit verification telemetry (no-throw guard)
|
|
100
|
-
*/
|
|
101
|
-
function emitVerifyTelemetry(receiptJws, valid, reasonCode, issuer, kid, durationMs) {
|
|
102
|
-
const p = telemetry_1.providerRef.current;
|
|
103
|
-
if (p) {
|
|
104
|
-
try {
|
|
105
|
-
p.onReceiptVerified({
|
|
106
|
-
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
107
|
-
valid,
|
|
108
|
-
reasonCode,
|
|
109
|
-
issuer,
|
|
110
|
-
kid,
|
|
111
|
-
durationMs,
|
|
112
|
-
});
|
|
113
|
-
}
|
|
114
|
-
catch {
|
|
115
|
-
// Telemetry MUST NOT break core flow
|
|
116
|
-
}
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
97
|
/**
|
|
120
98
|
* Verify a PEAC receipt JWS
|
|
121
99
|
*
|
|
@@ -126,6 +104,7 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
126
104
|
// Support both old (string) and new (options) signatures for backwards compatibility
|
|
127
105
|
const receiptJws = typeof optionsOrJws === 'string' ? optionsOrJws : optionsOrJws.receiptJws;
|
|
128
106
|
const inputSnapshot = typeof optionsOrJws === 'string' ? undefined : optionsOrJws.subject_snapshot;
|
|
107
|
+
const telemetry = typeof optionsOrJws === 'string' ? undefined : optionsOrJws.telemetry;
|
|
129
108
|
const startTime = performance.now();
|
|
130
109
|
let jwksFetchTime;
|
|
131
110
|
try {
|
|
@@ -136,7 +115,14 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
136
115
|
// Check expiry
|
|
137
116
|
if (payload.exp && payload.exp < Math.floor(Date.now() / 1000)) {
|
|
138
117
|
const durationMs = performance.now() - startTime;
|
|
139
|
-
|
|
118
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
119
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
120
|
+
valid: false,
|
|
121
|
+
reasonCode: 'expired',
|
|
122
|
+
issuer: payload.iss,
|
|
123
|
+
kid: header.kid,
|
|
124
|
+
durationMs,
|
|
125
|
+
});
|
|
140
126
|
return {
|
|
141
127
|
ok: false,
|
|
142
128
|
reason: 'expired',
|
|
@@ -153,7 +139,14 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
153
139
|
const jwk = jwks.keys.find((k) => k.kid === header.kid);
|
|
154
140
|
if (!jwk) {
|
|
155
141
|
const durationMs = performance.now() - startTime;
|
|
156
|
-
|
|
142
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
143
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
144
|
+
valid: false,
|
|
145
|
+
reasonCode: 'unknown_key',
|
|
146
|
+
issuer: payload.iss,
|
|
147
|
+
kid: header.kid,
|
|
148
|
+
durationMs,
|
|
149
|
+
});
|
|
157
150
|
return {
|
|
158
151
|
ok: false,
|
|
159
152
|
reason: 'unknown_key',
|
|
@@ -166,7 +159,14 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
166
159
|
const result = await (0, crypto_1.verify)(receiptJws, publicKey);
|
|
167
160
|
if (!result.valid) {
|
|
168
161
|
const durationMs = performance.now() - startTime;
|
|
169
|
-
|
|
162
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
163
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
164
|
+
valid: false,
|
|
165
|
+
reasonCode: 'invalid_signature',
|
|
166
|
+
issuer: payload.iss,
|
|
167
|
+
kid: header.kid,
|
|
168
|
+
durationMs,
|
|
169
|
+
});
|
|
170
170
|
return {
|
|
171
171
|
ok: false,
|
|
172
172
|
reason: 'invalid_signature',
|
|
@@ -177,8 +177,14 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
177
177
|
// This validates schema and logs advisory PII warning if applicable
|
|
178
178
|
const validatedSnapshot = (0, schema_1.validateSubjectSnapshot)(inputSnapshot);
|
|
179
179
|
const verifyTime = performance.now() - startTime;
|
|
180
|
-
// Emit success telemetry
|
|
181
|
-
|
|
180
|
+
// Emit success telemetry (fire-and-forget, guarded)
|
|
181
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
182
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
183
|
+
valid: true,
|
|
184
|
+
issuer: payload.iss,
|
|
185
|
+
kid: header.kid,
|
|
186
|
+
durationMs: verifyTime,
|
|
187
|
+
});
|
|
182
188
|
return {
|
|
183
189
|
ok: true,
|
|
184
190
|
claims: payload,
|
|
@@ -191,7 +197,12 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
191
197
|
}
|
|
192
198
|
catch (err) {
|
|
193
199
|
const durationMs = performance.now() - startTime;
|
|
194
|
-
|
|
200
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
201
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
202
|
+
valid: false,
|
|
203
|
+
reasonCode: 'verification_error',
|
|
204
|
+
durationMs,
|
|
205
|
+
});
|
|
195
206
|
return {
|
|
196
207
|
ok: false,
|
|
197
208
|
reason: 'verification_error',
|
package/dist/verify.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":";AAAA;;GAEG;;
|
|
1
|
+
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":";AAAA;;GAEG;;AA8LH,sCA2HC;AAvTD,yCAA2D;AAC3D,yCAKsB;AACtB,iDAAoF;AAmBpF;;;GAGG;AACH,MAAM,SAAS,GAAG,IAAI,GAAG,EAA6C,CAAC;AAEvE;;GAEG;AACH,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAoCnC;;GAEG;AACH,KAAK,UAAU,SAAS,CAAC,SAAiB;IACxC,uCAAuC;IACvC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACjD,CAAC;IAED,oCAAoC;IACpC,MAAM,YAAY,GAAG,GAAG,SAAS,uBAAuB,CAAC;IAEzD,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE;YAC9C,OAAO,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE;YACjC,0BAA0B;YAC1B,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,2BAA2B,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,IAAI,EAAE,CAAC;QAEjD,wDAAwD;QACxD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC;QACpF,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAErD,oDAAoD;QACpD,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC/C,CAAC;QAED,aAAa;QACb,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;YACpC,OAAO,EAAE,EAAE,MAAM,EAAE,kBAAkB,EAAE;YACvC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,sBAAsB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAS,CAAC;QAE7C,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5F,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,OAAO,CAAC,SAAiB;IACtC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEvB,cAAc;IACd,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;QACrC,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAChD,CAAC;IAED,mBAAmB;IACnB,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;IAExC,WAAW;IACX,SAAS,CAAC,GAAG,CAAC,SAAS,EAAE;QACvB,IAAI,EAAE,IAAI;QACV,SAAS,EAAE,GAAG,GAAG,YAAY;KAC9B,CAAC,CAAC;IAEH,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,GAAQ;IAC9B,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,gCAAgC;IAChC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC/C,IAAI,MAAM,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAgBD;;;;;GAKG;AACI,KAAK,UAAU,aAAa,CACjC,YAAoC;IAEpC,qFAAqF;IACrF,MAAM,UAAU,GAAG,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC;IAC7F,MAAM,aAAa,GACjB,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,gBAAgB,CAAC;IAC/E,MAAM,SAAS,GAAG,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,SAAS,CAAC;IACxF,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IACpC,IAAI,aAAiC,CAAC;IAEtC,IAAI,CAAC;QACH,2BAA2B;QAC3B,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,eAAM,EAAoB,UAAU,CAAC,CAAC;QAElE,4BAA4B;QAC5B,sBAAa,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE7B,eAAe;QACf,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;YAC/D,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACjD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;gBAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;gBACpC,KAAK,EAAE,KAAK;gBACZ,UAAU,EAAE,SAAS;gBACrB,MAAM,EAAE,OAAO,CAAC,GAAG;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,UAAU;aACX,CAAC,CAAC;YACH,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,SAAS;gBACjB,OAAO,EAAE,sBAAsB,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;aAC5E,CAAC;QACJ,CAAC;QAED,aAAa;QACb,MAAM,cAAc,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QACzC,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,aAAa,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,cAAc,CAAC;QACrD,CAAC;QAED,kBAAkB;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,MAAM,CAAC,GAAG,CAAC,CAAC;QACxD,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACjD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;gBAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;gBACpC,KAAK,EAAE,KAAK;gBACZ,UAAU,EAAE,aAAa;gBACzB,MAAM,EAAE,OAAO,CAAC,GAAG;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,UAAU;aACX,CAAC,CAAC;YACH,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,aAAa;gBACrB,OAAO,EAAE,yBAAyB,MAAM,CAAC,GAAG,EAAE;aAC/C,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,MAAM,SAAS,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;QAEtC,mBAAmB;QACnB,MAAM,MAAM,GAAG,MAAM,IAAA,eAAS,EAAoB,UAAU,EAAE,SAAS,CAAC,CAAC;QAEzE,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACjD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;gBAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;gBACpC,KAAK,EAAE,KAAK;gBACZ,UAAU,EAAE,mBAAmB;gBAC/B,MAAM,EAAE,OAAO,CAAC,GAAG;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,UAAU;aACX,CAAC,CAAC;YACH,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,OAAO,EAAE,uCAAuC;aACjD,CAAC;QACJ,CAAC;QAED,mDAAmD;QACnD,oEAAoE;QACpE,MAAM,iBAAiB,GAAG,IAAA,gCAAuB,EAAC,aAAa,CAAC,CAAC;QAEjE,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAEjD,oDAAoD;QACpD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;YAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;YACpC,KAAK,EAAE,IAAI;YACX,MAAM,EAAE,OAAO,CAAC,GAAG;YACnB,GAAG,EAAE,MAAM,CAAC,GAAG;YACf,UAAU,EAAE,UAAU;SACvB,CAAC,CAAC;QAEH,OAAO;YACL,EAAE,EAAE,IAAI;YACR,MAAM,EAAE,OAAO;YACf,GAAG,CAAC,iBAAiB,IAAI,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,CAAC;YACjE,IAAI,EAAE;gBACJ,SAAS,EAAE,UAAU;gBACrB,GAAG,CAAC,aAAa,IAAI,EAAE,aAAa,EAAE,aAAa,EAAE,CAAC;aACvD;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QACjD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;YAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;YACpC,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,oBAAoB;YAChC,UAAU;SACX,CAAC,CAAC;QACH,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,oBAAoB;YAC5B,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SAC1D,CAAC;IACJ,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,9 +1,21 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@peac/protocol",
|
|
3
|
-
"version": "0.10.
|
|
3
|
+
"version": "0.10.9",
|
|
4
4
|
"description": "PEAC protocol implementation - receipt issuance and verification",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
7
|
+
"exports": {
|
|
8
|
+
".": {
|
|
9
|
+
"types": "./dist/index.d.ts",
|
|
10
|
+
"import": "./dist/index.js",
|
|
11
|
+
"require": "./dist/index.js"
|
|
12
|
+
},
|
|
13
|
+
"./verify-local": {
|
|
14
|
+
"types": "./dist/verify-local.d.ts",
|
|
15
|
+
"import": "./dist/verify-local.js",
|
|
16
|
+
"require": "./dist/verify-local.js"
|
|
17
|
+
}
|
|
18
|
+
},
|
|
7
19
|
"repository": {
|
|
8
20
|
"type": "git",
|
|
9
21
|
"url": "https://github.com/peacprotocol/peac.git",
|
|
@@ -25,10 +37,9 @@
|
|
|
25
37
|
"dependencies": {
|
|
26
38
|
"uuidv7": "^0.6.3",
|
|
27
39
|
"zod": "^3.22.4",
|
|
28
|
-
"@peac/kernel": "0.10.
|
|
29
|
-
"@peac/
|
|
30
|
-
"@peac/
|
|
31
|
-
"@peac/schema": "0.10.7"
|
|
40
|
+
"@peac/kernel": "0.10.9",
|
|
41
|
+
"@peac/schema": "0.10.9",
|
|
42
|
+
"@peac/crypto": "0.10.9"
|
|
32
43
|
},
|
|
33
44
|
"devDependencies": {
|
|
34
45
|
"@types/node": "^20.10.0",
|