@peac/schema 0.11.3 → 0.12.0-preview.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/errors.d.ts +2 -1
- package/dist/errors.d.ts.map +1 -1
- package/dist/index.cjs +520 -5
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +18 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +478 -7
- package/dist/index.mjs.map +1 -1
- package/dist/policy-binding.d.ts +24 -0
- package/dist/policy-binding.d.ts.map +1 -0
- package/dist/receipt-parser.cjs +492 -3
- package/dist/receipt-parser.cjs.map +1 -1
- package/dist/receipt-parser.d.ts +36 -14
- package/dist/receipt-parser.d.ts.map +1 -1
- package/dist/receipt-parser.mjs +493 -5
- package/dist/receipt-parser.mjs.map +1 -1
- package/dist/validators.d.ts +16 -0
- package/dist/validators.d.ts.map +1 -1
- package/dist/wire-02-envelope.d.ts +152 -0
- package/dist/wire-02-envelope.d.ts.map +1 -0
- package/dist/wire-02-extensions.d.ts +216 -0
- package/dist/wire-02-extensions.d.ts.map +1 -0
- package/dist/wire-02-registries.d.ts +21 -0
- package/dist/wire-02-registries.d.ts.map +1 -0
- package/dist/wire-02-representation.d.ts +49 -0
- package/dist/wire-02-representation.d.ts.map +1 -0
- package/dist/wire-02-warnings.d.ts +29 -0
- package/dist/wire-02-warnings.d.ts.map +1 -0
- package/package.json +2 -2
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* PEAC Protocol Schema Package
|
|
3
|
-
*
|
|
3
|
+
*
|
|
4
|
+
* Dual-stack: Wire 0.1 (peac-receipt/0.1, stable) + Wire 0.2 preview
|
|
5
|
+
* (interaction-record+jwt, v0.12.0-preview.1+, next tag).
|
|
6
|
+
*
|
|
7
|
+
* Wire 0.1 remains fully supported and stable. All existing Wire 0.1 schemas,
|
|
8
|
+
* validators, and helpers are unchanged. Wire 0.2 types are additive exports
|
|
9
|
+
* and do not affect Wire 0.1 parsing or validation.
|
|
4
10
|
*/
|
|
5
11
|
export * from './envelope';
|
|
6
12
|
export * from './control';
|
|
@@ -18,7 +24,7 @@ export type { JsonSafetyResult } from './json';
|
|
|
18
24
|
export type { JsonEvidenceLimits as UNSAFE_JsonEvidenceLimits } from './json';
|
|
19
25
|
export * from './constants';
|
|
20
26
|
export * from './types';
|
|
21
|
-
export { NormalizedPayment, Extensions, JWSHeader, ReceiptClaimsSchema, ReceiptClaims, // @deprecated - use ReceiptClaimsSchema
|
|
27
|
+
export { NormalizedPayment, Extensions, Wire01JWSHeaderSchema, JWSHeader, ReceiptClaimsSchema, ReceiptClaims, // @deprecated - use ReceiptClaimsSchema
|
|
22
28
|
Subject as SubjectSchema, AIPREFSnapshot as AIPREFSnapshotSchema, VerifyRequest as VerifyRequestSchema, ControlPurposeSchema, ControlLicensingModeSchema, ControlDecisionSchema, ControlStepSchema, ControlBlockSchema, PaymentSplitSchema, PaymentEvidenceSchema, PaymentRoutingSchema, SubjectTypeSchema, SubjectProfileSchema, SubjectProfileSnapshotSchema, AttestationSchema, ExtensionsSchema, PurposeTokenSchema, CanonicalPurposeSchema, PurposeReasonSchema, validateSubjectSnapshot, validateEvidence, } from './validators';
|
|
23
29
|
export type { EvidenceValidationResult, ReceiptClaimsType } from './validators';
|
|
24
30
|
export { ControlTypeSchema, ProofMethodSchema, BindingDetailsSchema, AgentProofSchema, AgentIdentityEvidenceSchema, AgentIdentityAttestationSchema, IdentityBindingSchema, AgentIdentityVerifiedSchema, AGENT_IDENTITY_TYPE, CONTROL_TYPES, PROOF_METHODS, validateAgentIdentityAttestation, isAgentIdentityAttestation, createAgentIdentityAttestation, validateIdentityBinding, isAttestationExpired, isAttestationNotYetValid, } from './agent-identity';
|
|
@@ -42,8 +48,17 @@ export { MinimalInteractionBindingSchema, AttestationExtensionsSchema, Attestati
|
|
|
42
48
|
export type { MinimalInteractionBinding, AttestationExtensions, AttestationReceiptClaims, AttestationValidationResult, CreateAttestationReceiptParams, } from './attestation-receipt';
|
|
43
49
|
export { ReceiptRefSchema, CompactJwsSchema, ReceiptUrlSchema, CarrierFormatSchema, PeacEvidenceCarrierSchema, CarrierMetaSchema, CARRIER_TRANSPORT_LIMITS, computeReceiptRef, validateCarrierConstraints, verifyReceiptRefConsistency, } from './carrier';
|
|
44
50
|
export type { ReceiptRef, CarrierFormat, PeacEvidenceCarrier, CarrierMeta, CarrierValidationResult, CarrierAdapter, } from './carrier';
|
|
45
|
-
export { parseReceiptClaims } from './receipt-parser';
|
|
51
|
+
export { parseReceiptClaims, detectWireVersion } from './receipt-parser';
|
|
46
52
|
export type { ParseReceiptResult, ParseSuccess, ParseFailure, PEACParseError, ReceiptVariant, ParseReceiptOptions, } from './receipt-parser';
|
|
53
|
+
export { EvidencePillarSchema, PillarsSchema, Wire02KindSchema, ReceiptTypeSchema, CanonicalIssSchema, PolicyBlockSchema, Wire02ClaimsSchema, isCanonicalIss, isValidReceiptType, checkOccurredAtSkew, } from './wire-02-envelope';
|
|
54
|
+
export type { Wire02Claims } from './wire-02-envelope';
|
|
55
|
+
export { WARNING_TYPE_UNREGISTERED, WARNING_UNKNOWN_EXTENSION, WARNING_OCCURRED_AT_SKEW, WARNING_TYP_MISSING, sortWarnings, } from './wire-02-warnings';
|
|
56
|
+
export { Wire02RepresentationFieldsSchema, RepresentationFieldsSchema, REPRESENTATION_LIMITS, } from './wire-02-representation';
|
|
57
|
+
export type { Wire02RepresentationFields } from './wire-02-representation';
|
|
58
|
+
export { CommerceExtensionSchema, AccessExtensionSchema, ChallengeExtensionSchema, ChallengeTypeSchema, ProblemDetailsSchema, IdentityExtensionSchema, CorrelationExtensionSchema, COMMERCE_EXTENSION_KEY, ACCESS_EXTENSION_KEY, CHALLENGE_EXTENSION_KEY, IDENTITY_EXTENSION_KEY, CORRELATION_EXTENSION_KEY, CHALLENGE_TYPES, EXTENSION_LIMITS, isValidExtensionKey, getCommerceExtension, getAccessExtension, getChallengeExtension, getIdentityExtension, getCorrelationExtension, validateKnownExtensions, } from './wire-02-extensions';
|
|
59
|
+
export type { CommerceExtension, AccessExtension, ChallengeExtension, ChallengeType, IdentityExtension, CorrelationExtension, } from './wire-02-extensions';
|
|
60
|
+
export { REGISTERED_RECEIPT_TYPES, REGISTERED_EXTENSION_GROUP_KEYS } from './wire-02-registries';
|
|
61
|
+
export { verifyPolicyBinding } from './policy-binding';
|
|
47
62
|
export { RevokedKeyEntrySchema, RevokedKeysArraySchema, REVOCATION_REASONS, validateRevokedKeys, findRevokedKey, } from './issuer-config';
|
|
48
63
|
export type { RevokedKeyEntryInput, RevokedKeyEntryOutput, RevocationReason, } from './issuer-config';
|
|
49
64
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,cAAc,YAAY,CAAC;AAC3B,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,WAAW,CAAC;AAC1B,cAAc,UAAU,CAAC;AACzB,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC;AAC1B,cAAc,kBAAkB,CAAC;AACjC,cAAc,eAAe,CAAC;AAG9B,OAAO,EAAE,kBAAkB,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAC9E,YAAY,EACV,mBAAmB,EACnB,mBAAmB,EACnB,0BAA0B,GAC3B,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAChB,eAAe,EAEf,oBAAoB,EACpB,uBAAuB,GACxB,MAAM,QAAQ,CAAC;AAChB,YAAY,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAC;AAI/C,YAAY,EAAE,kBAAkB,IAAI,yBAAyB,EAAE,MAAM,QAAQ,CAAC;AAG9E,cAAc,aAAa,CAAC;AAC5B,cAAc,SAAS,CAAC;AAGxB,OAAO,EACL,iBAAiB,EACjB,UAAU,EAIV,qBAAqB,EAErB,SAAS,EACT,mBAAmB,EACnB,aAAa,EAAE,wCAAwC;AACvD,OAAO,IAAI,aAAa,EACxB,cAAc,IAAI,oBAAoB,EACtC,aAAa,IAAI,mBAAmB,EAEpC,oBAAoB,EACpB,0BAA0B,EAC1B,qBAAqB,EACrB,iBAAiB,EACjB,kBAAkB,EAElB,kBAAkB,EAClB,qBAAqB,EACrB,oBAAoB,EAEpB,iBAAiB,EACjB,oBAAoB,EACpB,4BAA4B,EAE5B,iBAAiB,EACjB,gBAAgB,EAEhB,kBAAkB,EAClB,sBAAsB,EACtB,mBAAmB,EAEnB,uBAAuB,EAEvB,gBAAgB,GACjB,MAAM,cAAc,CAAC;AACtB,YAAY,EAAE,wBAAwB,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAGhF,OAAO,EACL,iBAAiB,EACjB,iBAAiB,EACjB,oBAAoB,EACpB,gBAAgB,EAChB,2BAA2B,EAC3B,8BAA8B,EAC9B,qBAAqB,EACrB,2BAA2B,EAE3B,mBAAmB,EACnB,aAAa,EACb,aAAa,EAEb,gCAAgC,EAChC,0BAA0B,EAC1B,8BAA8B,EAC9B,uBAAuB,EACvB,oBAAoB,EACpB,wBAAwB,GACzB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,WAAW,EACX,WAAW,EACX,cAAc,EACd,UAAU,EACV,qBAAqB,EACrB,wBAAwB,EACxB,eAAe,EACf,qBAAqB,EACrB,oCAAoC,GACrC,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,oBAAoB,EACpB,0BAA0B,EAE1B,WAAW,EACX,2BAA2B,EAE3B,YAAY,EACZ,oBAAoB,EACpB,YAAY,GACb,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,SAAS,EACT,YAAY,EACZ,UAAU,EACV,cAAc,EACd,oBAAoB,GACrB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EAEL,yBAAyB,EACzB,mBAAmB,EACnB,qBAAqB,EACrB,8BAA8B,EAC9B,iBAAiB,EACjB,uBAAuB,EAEvB,kBAAkB,EAClB,2BAA2B,EAC3B,oBAAoB,EAEpB,uBAAuB,EACvB,oBAAoB,EACpB,mBAAmB,EACnB,4BAA4B,EAC5B,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EAErB,qBAAqB,EACrB,YAAY,EACZ,oBAAoB,EACpB,kBAAkB,EAClB,cAAc,EAEd,sBAAsB,EACtB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,mBAAmB,EACnB,eAAe,EACf,YAAY,EACZ,iBAAiB,EACjB,cAAc,EACd,aAAa,EACb,eAAe,EACf,MAAM,EACN,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,mBAAmB,EACnB,kBAAkB,EAClB,iBAAiB,EACjB,sBAAsB,EACtB,oBAAoB,EACpB,uBAAuB,EACvB,yBAAyB,EACzB,4BAA4B,EAE5B,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAEhB,mBAAmB,EACnB,yBAAyB,EACzB,8BAA8B,EAC9B,wBAAwB,EACxB,4BAA4B,EAC5B,oBAAoB,EACpB,wBAAwB,EACxB,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,eAAe,CAAC;AACvB,YAAY,EACV,aAAa,EACb,YAAY,EACZ,WAAW,EACX,gBAAgB,EAChB,cAAc,EACd,iBAAiB,EACjB,mBAAmB,EACnB,sBAAsB,EACtB,uBAAuB,EACvB,kCAAkC,GACnC,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,uBAAuB,EACvB,wBAAwB,EACxB,oBAAoB,EACpB,kBAAkB,EAClB,oBAAoB,EACpB,qBAAqB,EACrB,iBAAiB,EACjB,uBAAuB,EACvB,mBAAmB,EACnB,oBAAoB,EACpB,iBAAiB,EACjB,qBAAqB,EACrB,wBAAwB,EAExB,YAAY,EACZ,cAAc,EACd,aAAa,EACb,oBAAoB,EACpB,qBAAqB,EACrB,cAAc,EACd,eAAe,EACf,mBAAmB,EACnB,gBAAgB,EAChB,iBAAiB,EAEjB,0BAA0B,EAC1B,yBAAyB,EACzB,oBAAoB,EACpB,yBAAyB,EACzB,sBAAsB,EACtB,wBAAwB,EACxB,sBAAsB,EACtB,eAAe,EACf,eAAe,EACf,mBAAmB,EACnB,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,WAAW,CAAC;AACnB,YAAY,EACV,SAAS,EACT,WAAW,EACX,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACd,YAAY,EACZ,cAAc,EACd,eAAe,EACf,WAAW,EACX,iBAAiB,EACjB,aAAa,EACb,cAAc,EACd,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,8BAA8B,GAC/B,MAAM,WAAW,CAAC;AAGnB,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,oBAAoB,EACpB,4BAA4B,EAC5B,qBAAqB,EACrB,0BAA0B,EAC1B,6BAA6B,EAC7B,gCAAgC,EAEhC,sBAAsB,EACtB,qBAAqB,EACrB,iBAAiB,EACjB,wBAAwB,EACxB,eAAe,EACf,mBAAmB,EACnB,eAAe,EAEf,gBAAgB,EAChB,YAAY,EACZ,uBAAuB,EACvB,8BAA8B,EAC9B,sBAAsB,EACtB,kCAAkC,EAClC,4BAA4B,EAC5B,wBAAwB,EACxB,oBAAoB,EACpB,qBAAqB,EACrB,gCAAgC,GACjC,MAAM,YAAY,CAAC;AACpB,YAAY,EACV,UAAU,EACV,MAAM,EACN,cAAc,EACd,sBAAsB,EACtB,eAAe,EACf,oBAAoB,EACpB,uBAAuB,EACvB,0BAA0B,EAC1B,wBAAwB,EACxB,2BAA2B,GAC5B,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,eAAe,EACf,YAAY,EACZ,gBAAgB,EAChB,cAAc,EACd,gBAAgB,EAChB,oBAAoB,EACpB,YAAY,EACZ,mBAAmB,EACnB,UAAU,EACV,UAAU,EACV,4BAA4B,EAE5B,yBAAyB,EACzB,qBAAqB,EACrB,qBAAqB,EACrB,eAAe,EACf,eAAe,EACf,gBAAgB,EAChB,gBAAgB,EAChB,sBAAsB,EACtB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EAEpB,mBAAmB,EACnB,0BAA0B,EAC1B,2BAA2B,EAC3B,0BAA0B,EAE1B,eAAe,EACf,oBAAoB,EACpB,iBAAiB,EAEjB,cAAc,EACd,cAAc,EACd,cAAc,EAEd,iBAAiB,EAEjB,yBAAyB,GAC1B,MAAM,eAAe,CAAC;AACvB,YAAY,EACV,SAAS,EACT,MAAM,EACN,UAAU,EACV,QAAQ,EACR,UAAU,EACV,cAAc,EACd,YAAY,EACZ,MAAM,EACN,cAAc,EACd,aAAa,EACb,IAAI,EACJ,sBAAsB,EACtB,eAAe,EACf,iBAAiB,EACjB,2BAA2B,EAC3B,sBAAsB,EACtB,WAAW,EACX,uBAAuB,GACxB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,4BAA4B,EAC5B,0BAA0B,EAE1B,yBAAyB,EACzB,cAAc,EACd,kBAAkB,EAElB,wBAAwB,EACxB,8BAA8B,EAC9B,4BAA4B,EAC5B,2BAA2B,EAC3B,gBAAgB,EAChB,sBAAsB,EACtB,sBAAsB,EACtB,4BAA4B,EAC5B,0BAA0B,GAC3B,MAAM,eAAe,CAAC;AACvB,YAAY,EACV,YAAY,EACZ,gBAAgB,EAChB,gBAAgB,EAChB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,eAAe,CAAC;AAGvB,YAAY,EACV,YAAY,EACZ,WAAW,EACX,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,GAChB,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,+BAA+B,EAC/B,2BAA2B,EAC3B,8BAA8B,EAE9B,wBAAwB,EACxB,0BAA0B,EAC1B,kBAAkB,EAElB,gCAAgC,EAChC,0BAA0B,EAC1B,iCAAiC,EACjC,2BAA2B,EAC3B,8BAA8B,EAC9B,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,uBAAuB,CAAC;AAC/B,YAAY,EACV,yBAAyB,EACzB,qBAAqB,EACrB,wBAAwB,EACxB,2BAA2B,EAC3B,8BAA8B,GAC/B,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,mBAAmB,EACnB,yBAAyB,EACzB,iBAAiB,EACjB,wBAAwB,EACxB,iBAAiB,EACjB,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,WAAW,CAAC;AACnB,YAAY,EACV,UAAU,EACV,aAAa,EACb,mBAAmB,EACnB,WAAW,EACX,uBAAuB,EACvB,cAAc,GACf,MAAM,WAAW,CAAC;AAGnB,OAAO,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACzE,YAAY,EACV,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,cAAc,EACd,mBAAmB,GACpB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,oBAAoB,EACpB,aAAa,EACb,gBAAgB,EAChB,iBAAiB,EACjB,kBAAkB,EAClB,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,mBAAmB,GACpB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGvD,OAAO,EACL,yBAAyB,EACzB,yBAAyB,EACzB,wBAAwB,EACxB,mBAAmB,EACnB,YAAY,GACb,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,gCAAgC,EAChC,0BAA0B,EAC1B,qBAAqB,GACtB,MAAM,0BAA0B,CAAC;AAClC,YAAY,EAAE,0BAA0B,EAAE,MAAM,0BAA0B,CAAC;AAG3E,OAAO,EAEL,uBAAuB,EACvB,qBAAqB,EACrB,wBAAwB,EACxB,mBAAmB,EACnB,oBAAoB,EACpB,uBAAuB,EACvB,0BAA0B,EAE1B,sBAAsB,EACtB,oBAAoB,EACpB,uBAAuB,EACvB,sBAAsB,EACtB,yBAAyB,EACzB,eAAe,EACf,gBAAgB,EAEhB,mBAAmB,EAEnB,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,oBAAoB,EACpB,uBAAuB,EAEvB,uBAAuB,GACxB,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EACV,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,aAAa,EACb,iBAAiB,EACjB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAE,wBAAwB,EAAE,+BAA+B,EAAE,MAAM,sBAAsB,CAAC;AAGjG,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAGvD,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,GACf,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,oBAAoB,EACpB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,iBAAiB,CAAC"}
|
package/dist/index.mjs
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import * as kernel from '@peac/kernel';
|
|
2
|
-
import { ALGORITHMS, HEADERS, POLICY, ISSUER_CONFIG, DISCOVERY, WIRE_TYPE } from '@peac/kernel';
|
|
2
|
+
import { ALGORITHMS, HEADERS, POLICY, ISSUER_CONFIG, DISCOVERY, WIRE_TYPE, TYPE_GRAMMAR, ISS_CANONICAL, POLICY_BLOCK, HASH, OCCURRED_AT_TOLERANCE_SECONDS } from '@peac/kernel';
|
|
3
3
|
import { z } from 'zod';
|
|
4
4
|
|
|
5
5
|
// src/errors.ts
|
|
@@ -34,7 +34,9 @@ var ERROR_CODES = {
|
|
|
34
34
|
E_WORKFLOW_SUMMARY_INVALID: "E_WORKFLOW_SUMMARY_INVALID",
|
|
35
35
|
E_WORKFLOW_CYCLE_DETECTED: "E_WORKFLOW_CYCLE_DETECTED",
|
|
36
36
|
// Constraint errors (400, DD-121)
|
|
37
|
-
E_CONSTRAINT_VIOLATION: "E_CONSTRAINT_VIOLATION"
|
|
37
|
+
E_CONSTRAINT_VIOLATION: "E_CONSTRAINT_VIOLATION",
|
|
38
|
+
// Wire 0.2 extension errors (400, DD-153/DD-156)
|
|
39
|
+
E_INVALID_EXTENSION_KEY: "E_INVALID_EXTENSION_KEY"
|
|
38
40
|
};
|
|
39
41
|
function createPEACError(code, category, severity, retryable, options) {
|
|
40
42
|
return {
|
|
@@ -943,11 +945,12 @@ var Extensions = z.object({
|
|
|
943
945
|
aipref_snapshot: AIPREFSnapshot.optional()
|
|
944
946
|
// control block validated via ControlBlockSchema when present
|
|
945
947
|
}).catchall(z.unknown());
|
|
946
|
-
var
|
|
948
|
+
var Wire01JWSHeaderSchema = z.object({
|
|
947
949
|
typ: z.literal(PEAC_WIRE_TYP),
|
|
948
950
|
alg: z.literal(PEAC_ALG),
|
|
949
951
|
kid: z.string().min(8)
|
|
950
952
|
}).strict();
|
|
953
|
+
var JWSHeader = Wire01JWSHeaderSchema;
|
|
951
954
|
var CanonicalPurposeValues = ["train", "search", "user_action", "inference", "index"];
|
|
952
955
|
var PurposeReasonValues = [
|
|
953
956
|
"allowed",
|
|
@@ -3051,15 +3054,404 @@ async function verifyReceiptRefConsistency(carrier) {
|
|
|
3051
3054
|
}
|
|
3052
3055
|
return null;
|
|
3053
3056
|
}
|
|
3057
|
+
function isValidContentHash(s) {
|
|
3058
|
+
const ref = stringToFingerprintRef(s);
|
|
3059
|
+
if (ref === null) return false;
|
|
3060
|
+
return ref.alg === "sha256";
|
|
3061
|
+
}
|
|
3062
|
+
var MIME_PATTERN = /^[a-zA-Z0-9][a-zA-Z0-9!#$&\-^_.+]*\/[a-zA-Z0-9][a-zA-Z0-9!#$&\-^_.+]*(;\s*[a-zA-Z0-9][a-zA-Z0-9!#$&\-^_.+]*=[^\s;]+)*$/;
|
|
3063
|
+
function isValidMimeType(s) {
|
|
3064
|
+
return MIME_PATTERN.test(s);
|
|
3065
|
+
}
|
|
3066
|
+
var REPRESENTATION_LIMITS = {
|
|
3067
|
+
/** Max content_hash string length (sha256:<64 hex> = 71 chars, capped at FingerprintRef max) */
|
|
3068
|
+
maxContentHashLength: MAX_FINGERPRINT_REF_LENGTH,
|
|
3069
|
+
/** Max content_type string length */
|
|
3070
|
+
maxContentTypeLength: 256
|
|
3071
|
+
};
|
|
3072
|
+
var Wire02RepresentationFieldsSchema = z.object({
|
|
3073
|
+
/**
|
|
3074
|
+
* FingerprintRef of the served content body.
|
|
3075
|
+
* Format: sha256:<64 lowercase hex>
|
|
3076
|
+
* hmac-sha256 is NOT permitted for representation hashes.
|
|
3077
|
+
*/
|
|
3078
|
+
content_hash: z.string().max(REPRESENTATION_LIMITS.maxContentHashLength).refine(isValidContentHash, {
|
|
3079
|
+
message: "content_hash must be a valid sha256 FingerprintRef (sha256:<64 lowercase hex>)"
|
|
3080
|
+
}).optional(),
|
|
3081
|
+
/**
|
|
3082
|
+
* MIME type of the served content (e.g., 'text/plain', 'application/json').
|
|
3083
|
+
* Conservative pattern validation: type/subtype with optional parameters.
|
|
3084
|
+
*/
|
|
3085
|
+
content_type: z.string().max(REPRESENTATION_LIMITS.maxContentTypeLength).refine(isValidMimeType, {
|
|
3086
|
+
message: "content_type must be a valid MIME type (type/subtype with optional parameters)"
|
|
3087
|
+
}).optional(),
|
|
3088
|
+
/**
|
|
3089
|
+
* Size of the served content in bytes.
|
|
3090
|
+
* Non-negative integer, bounded by Number.MAX_SAFE_INTEGER.
|
|
3091
|
+
*/
|
|
3092
|
+
content_length: z.number().int().finite().nonnegative().max(Number.MAX_SAFE_INTEGER).optional()
|
|
3093
|
+
}).strict();
|
|
3094
|
+
var EXTENSION_LIMITS = {
|
|
3095
|
+
// Extension key grammar
|
|
3096
|
+
maxExtensionKeyLength: 512,
|
|
3097
|
+
maxDnsLabelLength: 63,
|
|
3098
|
+
maxDnsDomainLength: 253,
|
|
3099
|
+
// Commerce
|
|
3100
|
+
maxPaymentRailLength: 128,
|
|
3101
|
+
maxCurrencyLength: 16,
|
|
3102
|
+
maxAmountMinorLength: 64,
|
|
3103
|
+
maxReferenceLength: 256,
|
|
3104
|
+
maxAssetLength: 256,
|
|
3105
|
+
// Access
|
|
3106
|
+
maxResourceLength: 2048,
|
|
3107
|
+
maxActionLength: 256,
|
|
3108
|
+
// Challenge
|
|
3109
|
+
maxProblemTypeLength: 2048,
|
|
3110
|
+
maxProblemTitleLength: 256,
|
|
3111
|
+
maxProblemDetailLength: 4096,
|
|
3112
|
+
maxProblemInstanceLength: 2048,
|
|
3113
|
+
// Identity
|
|
3114
|
+
maxProofRefLength: 256,
|
|
3115
|
+
// Correlation
|
|
3116
|
+
maxTraceIdLength: 32,
|
|
3117
|
+
maxSpanIdLength: 16,
|
|
3118
|
+
maxWorkflowIdLength: 256,
|
|
3119
|
+
maxParentJtiLength: 256,
|
|
3120
|
+
maxDependsOnLength: 64
|
|
3121
|
+
};
|
|
3122
|
+
var DNS_LABEL = /^[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$/;
|
|
3123
|
+
var SEGMENT_PATTERN = /^[a-z0-9][a-z0-9_-]*$/;
|
|
3124
|
+
function isValidExtensionKey(key) {
|
|
3125
|
+
if (key.length === 0 || key.length > EXTENSION_LIMITS.maxExtensionKeyLength) return false;
|
|
3126
|
+
const slashIdx = key.indexOf("/");
|
|
3127
|
+
if (slashIdx <= 0) return false;
|
|
3128
|
+
const domain = key.slice(0, slashIdx);
|
|
3129
|
+
const segment = key.slice(slashIdx + 1);
|
|
3130
|
+
if (!domain.includes(".")) return false;
|
|
3131
|
+
if (domain.length > EXTENSION_LIMITS.maxDnsDomainLength) return false;
|
|
3132
|
+
if (segment.length === 0) return false;
|
|
3133
|
+
if (!SEGMENT_PATTERN.test(segment)) return false;
|
|
3134
|
+
const labels = domain.split(".");
|
|
3135
|
+
for (const label of labels) {
|
|
3136
|
+
if (label.length === 0 || label.length > EXTENSION_LIMITS.maxDnsLabelLength) return false;
|
|
3137
|
+
if (!DNS_LABEL.test(label)) return false;
|
|
3138
|
+
}
|
|
3139
|
+
return true;
|
|
3140
|
+
}
|
|
3141
|
+
var COMMERCE_EXTENSION_KEY = "org.peacprotocol/commerce";
|
|
3142
|
+
var ACCESS_EXTENSION_KEY = "org.peacprotocol/access";
|
|
3143
|
+
var CHALLENGE_EXTENSION_KEY = "org.peacprotocol/challenge";
|
|
3144
|
+
var IDENTITY_EXTENSION_KEY = "org.peacprotocol/identity";
|
|
3145
|
+
var CORRELATION_EXTENSION_KEY = "org.peacprotocol/correlation";
|
|
3146
|
+
function escapePointerSegment(s) {
|
|
3147
|
+
return s.replace(/~/g, "~0").replace(/\//g, "~1");
|
|
3148
|
+
}
|
|
3149
|
+
function zodPathToPointer(groupKey, zodPath) {
|
|
3150
|
+
const escaped = escapePointerSegment(groupKey);
|
|
3151
|
+
const segments = zodPath.map((s) => escapePointerSegment(String(s)));
|
|
3152
|
+
return `/extensions/${escaped}` + (segments.length > 0 ? "/" + segments.join("/") : "");
|
|
3153
|
+
}
|
|
3154
|
+
var AMOUNT_MINOR_PATTERN = /^-?[0-9]+$/;
|
|
3155
|
+
var CommerceExtensionSchema = z.object({
|
|
3156
|
+
/** Payment rail identifier (e.g., 'stripe', 'x402', 'lightning') */
|
|
3157
|
+
payment_rail: z.string().min(1).max(EXTENSION_LIMITS.maxPaymentRailLength),
|
|
3158
|
+
/**
|
|
3159
|
+
* Amount in smallest currency unit as a string for arbitrary precision.
|
|
3160
|
+
* Base-10 integer: optional leading minus, one or more digits.
|
|
3161
|
+
* Decimals and empty strings are rejected.
|
|
3162
|
+
*/
|
|
3163
|
+
amount_minor: z.string().min(1).max(EXTENSION_LIMITS.maxAmountMinorLength).regex(
|
|
3164
|
+
AMOUNT_MINOR_PATTERN,
|
|
3165
|
+
'amount_minor must be a base-10 integer string (e.g., "1000", "-50")'
|
|
3166
|
+
),
|
|
3167
|
+
/** ISO 4217 currency code or asset identifier */
|
|
3168
|
+
currency: z.string().min(1).max(EXTENSION_LIMITS.maxCurrencyLength),
|
|
3169
|
+
/** Caller-assigned payment reference */
|
|
3170
|
+
reference: z.string().max(EXTENSION_LIMITS.maxReferenceLength).optional(),
|
|
3171
|
+
/** Asset identifier for non-fiat (e.g., token address) */
|
|
3172
|
+
asset: z.string().max(EXTENSION_LIMITS.maxAssetLength).optional(),
|
|
3173
|
+
/** Environment discriminant */
|
|
3174
|
+
env: z.enum(["live", "test"]).optional()
|
|
3175
|
+
}).strict();
|
|
3176
|
+
var AccessExtensionSchema = z.object({
|
|
3177
|
+
/** Resource being accessed (URI or identifier) */
|
|
3178
|
+
resource: z.string().min(1).max(EXTENSION_LIMITS.maxResourceLength),
|
|
3179
|
+
/** Action performed on the resource */
|
|
3180
|
+
action: z.string().min(1).max(EXTENSION_LIMITS.maxActionLength),
|
|
3181
|
+
/** Access decision */
|
|
3182
|
+
decision: z.enum(["allow", "deny", "review"])
|
|
3183
|
+
}).strict();
|
|
3184
|
+
var CHALLENGE_TYPES = [
|
|
3185
|
+
"payment_required",
|
|
3186
|
+
"identity_required",
|
|
3187
|
+
"consent_required",
|
|
3188
|
+
"attestation_required",
|
|
3189
|
+
"rate_limited",
|
|
3190
|
+
"purpose_disallowed",
|
|
3191
|
+
"custom"
|
|
3192
|
+
];
|
|
3193
|
+
var ChallengeTypeSchema = z.enum(CHALLENGE_TYPES);
|
|
3194
|
+
var ProblemDetailsSchema = z.object({
|
|
3195
|
+
/** HTTP status code (100-599) */
|
|
3196
|
+
status: z.number().int().min(100).max(599),
|
|
3197
|
+
/** Problem type URI */
|
|
3198
|
+
type: z.string().min(1).max(EXTENSION_LIMITS.maxProblemTypeLength).url(),
|
|
3199
|
+
/** Short human-readable summary */
|
|
3200
|
+
title: z.string().max(EXTENSION_LIMITS.maxProblemTitleLength).optional(),
|
|
3201
|
+
/** Human-readable explanation specific to this occurrence */
|
|
3202
|
+
detail: z.string().max(EXTENSION_LIMITS.maxProblemDetailLength).optional(),
|
|
3203
|
+
/** URI reference identifying the specific occurrence */
|
|
3204
|
+
instance: z.string().max(EXTENSION_LIMITS.maxProblemInstanceLength).optional()
|
|
3205
|
+
}).passthrough();
|
|
3206
|
+
var ChallengeExtensionSchema = z.object({
|
|
3207
|
+
/** Challenge type (7 values) */
|
|
3208
|
+
challenge_type: ChallengeTypeSchema,
|
|
3209
|
+
/** RFC 9457 Problem Details */
|
|
3210
|
+
problem: ProblemDetailsSchema,
|
|
3211
|
+
/** Resource that triggered the challenge */
|
|
3212
|
+
resource: z.string().max(EXTENSION_LIMITS.maxResourceLength).optional(),
|
|
3213
|
+
/** Action that triggered the challenge */
|
|
3214
|
+
action: z.string().max(EXTENSION_LIMITS.maxActionLength).optional(),
|
|
3215
|
+
/** Caller-defined requirements for resolving the challenge */
|
|
3216
|
+
requirements: z.record(z.string(), z.unknown()).optional()
|
|
3217
|
+
}).strict();
|
|
3218
|
+
var IdentityExtensionSchema = z.object({
|
|
3219
|
+
/** Proof reference (opaque string; no actor_binding: top-level actor is sole location) */
|
|
3220
|
+
proof_ref: z.string().max(EXTENSION_LIMITS.maxProofRefLength).optional()
|
|
3221
|
+
}).strict();
|
|
3222
|
+
var TRACE_ID_PATTERN = /^[0-9a-f]{32}$/;
|
|
3223
|
+
var SPAN_ID_PATTERN = /^[0-9a-f]{16}$/;
|
|
3224
|
+
var CorrelationExtensionSchema = z.object({
|
|
3225
|
+
/** OpenTelemetry-compatible trace ID (32 lowercase hex chars) */
|
|
3226
|
+
trace_id: z.string().length(EXTENSION_LIMITS.maxTraceIdLength).regex(TRACE_ID_PATTERN, "trace_id must be 32 lowercase hex characters").optional(),
|
|
3227
|
+
/** OpenTelemetry-compatible span ID (16 lowercase hex chars) */
|
|
3228
|
+
span_id: z.string().length(EXTENSION_LIMITS.maxSpanIdLength).regex(SPAN_ID_PATTERN, "span_id must be 16 lowercase hex characters").optional(),
|
|
3229
|
+
/** Workflow identifier */
|
|
3230
|
+
workflow_id: z.string().min(1).max(EXTENSION_LIMITS.maxWorkflowIdLength).optional(),
|
|
3231
|
+
/** Parent receipt JTI for causal chains */
|
|
3232
|
+
parent_jti: z.string().min(1).max(EXTENSION_LIMITS.maxParentJtiLength).optional(),
|
|
3233
|
+
/** JTIs this receipt depends on */
|
|
3234
|
+
depends_on: z.array(z.string().min(1).max(EXTENSION_LIMITS.maxParentJtiLength)).max(EXTENSION_LIMITS.maxDependsOnLength).optional()
|
|
3235
|
+
}).strict();
|
|
3236
|
+
var EXTENSION_SCHEMA_MAP = /* @__PURE__ */ new Map();
|
|
3237
|
+
EXTENSION_SCHEMA_MAP.set(COMMERCE_EXTENSION_KEY, CommerceExtensionSchema);
|
|
3238
|
+
EXTENSION_SCHEMA_MAP.set(ACCESS_EXTENSION_KEY, AccessExtensionSchema);
|
|
3239
|
+
EXTENSION_SCHEMA_MAP.set(CHALLENGE_EXTENSION_KEY, ChallengeExtensionSchema);
|
|
3240
|
+
EXTENSION_SCHEMA_MAP.set(IDENTITY_EXTENSION_KEY, IdentityExtensionSchema);
|
|
3241
|
+
EXTENSION_SCHEMA_MAP.set(CORRELATION_EXTENSION_KEY, CorrelationExtensionSchema);
|
|
3242
|
+
function getExtension(extensions, key, schema) {
|
|
3243
|
+
if (extensions === void 0) return void 0;
|
|
3244
|
+
if (!Object.prototype.hasOwnProperty.call(extensions, key)) return void 0;
|
|
3245
|
+
const value = extensions[key];
|
|
3246
|
+
const result = schema.safeParse(value);
|
|
3247
|
+
if (result.success) {
|
|
3248
|
+
return result.data;
|
|
3249
|
+
}
|
|
3250
|
+
const firstIssue = result.error.issues[0];
|
|
3251
|
+
const pointer = zodPathToPointer(key, firstIssue?.path ?? []);
|
|
3252
|
+
throw createPEACError(ERROR_CODES.E_INVALID_ENVELOPE, "validation", "error", false, {
|
|
3253
|
+
http_status: 400,
|
|
3254
|
+
pointer,
|
|
3255
|
+
remediation: `Fix the ${key} extension group value`,
|
|
3256
|
+
details: {
|
|
3257
|
+
message: firstIssue?.message ?? "Invalid extension value",
|
|
3258
|
+
issues: result.error.issues
|
|
3259
|
+
}
|
|
3260
|
+
});
|
|
3261
|
+
}
|
|
3262
|
+
function getCommerceExtension(extensions) {
|
|
3263
|
+
return getExtension(extensions, COMMERCE_EXTENSION_KEY, CommerceExtensionSchema);
|
|
3264
|
+
}
|
|
3265
|
+
function getAccessExtension(extensions) {
|
|
3266
|
+
return getExtension(extensions, ACCESS_EXTENSION_KEY, AccessExtensionSchema);
|
|
3267
|
+
}
|
|
3268
|
+
function getChallengeExtension(extensions) {
|
|
3269
|
+
return getExtension(extensions, CHALLENGE_EXTENSION_KEY, ChallengeExtensionSchema);
|
|
3270
|
+
}
|
|
3271
|
+
function getIdentityExtension(extensions) {
|
|
3272
|
+
return getExtension(extensions, IDENTITY_EXTENSION_KEY, IdentityExtensionSchema);
|
|
3273
|
+
}
|
|
3274
|
+
function getCorrelationExtension(extensions) {
|
|
3275
|
+
return getExtension(extensions, CORRELATION_EXTENSION_KEY, CorrelationExtensionSchema);
|
|
3276
|
+
}
|
|
3277
|
+
function validateKnownExtensions(extensions, ctx) {
|
|
3278
|
+
if (extensions === void 0) return;
|
|
3279
|
+
for (const key of Object.keys(extensions)) {
|
|
3280
|
+
if (!isValidExtensionKey(key)) {
|
|
3281
|
+
ctx.addIssue({
|
|
3282
|
+
code: "custom",
|
|
3283
|
+
message: ERROR_CODES.E_INVALID_EXTENSION_KEY,
|
|
3284
|
+
path: ["extensions", key]
|
|
3285
|
+
});
|
|
3286
|
+
continue;
|
|
3287
|
+
}
|
|
3288
|
+
const schema = EXTENSION_SCHEMA_MAP.get(key);
|
|
3289
|
+
if (schema !== void 0) {
|
|
3290
|
+
const result = schema.safeParse(extensions[key]);
|
|
3291
|
+
if (!result.success) {
|
|
3292
|
+
const firstIssue = result.error.issues[0];
|
|
3293
|
+
const issuePath = firstIssue?.path ?? [];
|
|
3294
|
+
ctx.addIssue({
|
|
3295
|
+
code: "custom",
|
|
3296
|
+
message: firstIssue?.message ?? "Invalid extension value",
|
|
3297
|
+
path: ["extensions", key, ...issuePath]
|
|
3298
|
+
});
|
|
3299
|
+
}
|
|
3300
|
+
}
|
|
3301
|
+
}
|
|
3302
|
+
}
|
|
3303
|
+
|
|
3304
|
+
// src/wire-02-envelope.ts
|
|
3305
|
+
function isSortedAndUnique(arr) {
|
|
3306
|
+
for (let i = 1; i < arr.length; i++) {
|
|
3307
|
+
if (arr[i] <= arr[i - 1]) return false;
|
|
3308
|
+
}
|
|
3309
|
+
return true;
|
|
3310
|
+
}
|
|
3311
|
+
function isCanonicalIss(iss) {
|
|
3312
|
+
if (typeof iss !== "string" || iss.length === 0 || iss.length > ISS_CANONICAL.maxLength) {
|
|
3313
|
+
return false;
|
|
3314
|
+
}
|
|
3315
|
+
if (iss.startsWith("did:")) {
|
|
3316
|
+
return /^did:[a-z0-9]+:[^#?/]+$/.test(iss);
|
|
3317
|
+
}
|
|
3318
|
+
try {
|
|
3319
|
+
const url = new URL(iss);
|
|
3320
|
+
if (url.protocol !== "https:") return false;
|
|
3321
|
+
if (!url.hostname) return false;
|
|
3322
|
+
if (url.username !== "" || url.password !== "") return false;
|
|
3323
|
+
const origin = `${url.protocol}//${url.host}`;
|
|
3324
|
+
return iss === origin;
|
|
3325
|
+
} catch {
|
|
3326
|
+
return false;
|
|
3327
|
+
}
|
|
3328
|
+
}
|
|
3329
|
+
var ABS_URI_PATTERN = /^[a-z][a-z0-9+.-]*:\/\//;
|
|
3330
|
+
function isValidReceiptType(value) {
|
|
3331
|
+
if (value.length === 0 || value.length > TYPE_GRAMMAR.maxLength) return false;
|
|
3332
|
+
if (ABS_URI_PATTERN.test(value)) return true;
|
|
3333
|
+
const slashIdx = value.indexOf("/");
|
|
3334
|
+
if (slashIdx <= 0) return false;
|
|
3335
|
+
const domain = value.slice(0, slashIdx);
|
|
3336
|
+
const segment = value.slice(slashIdx + 1);
|
|
3337
|
+
if (!domain.includes(".")) return false;
|
|
3338
|
+
if (segment.length === 0) return false;
|
|
3339
|
+
if (!/^[a-zA-Z0-9][a-zA-Z0-9.-]*$/.test(domain)) return false;
|
|
3340
|
+
if (!/^[a-zA-Z0-9][a-zA-Z0-9._-]*$/.test(segment)) return false;
|
|
3341
|
+
return true;
|
|
3342
|
+
}
|
|
3343
|
+
var EVIDENCE_PILLARS = [
|
|
3344
|
+
"access",
|
|
3345
|
+
"attribution",
|
|
3346
|
+
"commerce",
|
|
3347
|
+
"compliance",
|
|
3348
|
+
"consent",
|
|
3349
|
+
"identity",
|
|
3350
|
+
"privacy",
|
|
3351
|
+
"provenance",
|
|
3352
|
+
"purpose",
|
|
3353
|
+
"safety"
|
|
3354
|
+
];
|
|
3355
|
+
var EvidencePillarSchema = z.enum(
|
|
3356
|
+
EVIDENCE_PILLARS
|
|
3357
|
+
);
|
|
3358
|
+
var PillarsSchema = z.array(EvidencePillarSchema).min(1).superRefine((arr, ctx) => {
|
|
3359
|
+
if (!isSortedAndUnique(arr)) {
|
|
3360
|
+
ctx.addIssue({
|
|
3361
|
+
code: "custom",
|
|
3362
|
+
message: "E_PILLARS_NOT_SORTED"
|
|
3363
|
+
});
|
|
3364
|
+
}
|
|
3365
|
+
});
|
|
3366
|
+
var Wire02KindSchema = z.enum(["evidence", "challenge"]);
|
|
3367
|
+
var ReceiptTypeSchema = z.string().max(TYPE_GRAMMAR.maxLength).refine(isValidReceiptType, {
|
|
3368
|
+
message: "type must be reverse-DNS notation (e.g., org.example/flow) or an absolute URI"
|
|
3369
|
+
});
|
|
3370
|
+
var CanonicalIssSchema = z.string().max(ISS_CANONICAL.maxLength).refine(isCanonicalIss, {
|
|
3371
|
+
message: "E_ISS_NOT_CANONICAL"
|
|
3372
|
+
});
|
|
3373
|
+
var PolicyBlockSchema = z.object({
|
|
3374
|
+
/** JCS+SHA-256 digest: 'sha256:<64 lowercase hex>' */
|
|
3375
|
+
digest: z.string().regex(HASH.pattern, "digest must be sha256:<64 lowercase hex>"),
|
|
3376
|
+
/**
|
|
3377
|
+
* HTTPS locator hint for the policy document.
|
|
3378
|
+
* MUST be an https:// URL (max 2048 chars).
|
|
3379
|
+
* MUST NOT trigger auto-fetch; callers use this as a hint only (DD-55).
|
|
3380
|
+
*/
|
|
3381
|
+
uri: z.string().max(POLICY_BLOCK.uriMaxLength).url().refine((u) => u.startsWith("https://"), "policy.uri must be an https:// URL").optional(),
|
|
3382
|
+
/** Caller-assigned version label (max 256 chars) */
|
|
3383
|
+
version: z.string().max(POLICY_BLOCK.versionMaxLength).optional()
|
|
3384
|
+
});
|
|
3385
|
+
var Wire02ClaimsSchema = z.object({
|
|
3386
|
+
/** Wire format version discriminant; always '0.2' for Wire 0.2 */
|
|
3387
|
+
peac_version: z.literal("0.2"),
|
|
3388
|
+
/** Structural kind: 'evidence' or 'challenge' */
|
|
3389
|
+
kind: Wire02KindSchema,
|
|
3390
|
+
/** Open semantic type (reverse-DNS or absolute URI) */
|
|
3391
|
+
type: ReceiptTypeSchema,
|
|
3392
|
+
/** Canonical issuer (https:// ASCII origin or did: identifier) */
|
|
3393
|
+
iss: CanonicalIssSchema,
|
|
3394
|
+
/** Issued-at time (Unix seconds). REQUIRED. */
|
|
3395
|
+
iat: z.number().int(),
|
|
3396
|
+
/** Unique receipt identifier; 1 to 256 chars */
|
|
3397
|
+
jti: z.string().min(1).max(256),
|
|
3398
|
+
/** Subject identifier; max 2048 chars */
|
|
3399
|
+
sub: z.string().max(2048).optional(),
|
|
3400
|
+
/** Evidence pillars (closed 10-value taxonomy); sorted ascending, unique */
|
|
3401
|
+
pillars: PillarsSchema.optional(),
|
|
3402
|
+
/** Top-level actor binding (sole location for ActorBinding in Wire 0.2) */
|
|
3403
|
+
actor: ActorBindingSchema.optional(),
|
|
3404
|
+
/** Policy binding block (DD-151) */
|
|
3405
|
+
policy: PolicyBlockSchema.optional(),
|
|
3406
|
+
/** Representation fields (DD-152): FingerprintRef validation, sha256-only, strict */
|
|
3407
|
+
representation: Wire02RepresentationFieldsSchema.optional(),
|
|
3408
|
+
/** ISO 8601 / RFC 3339 timestamp when the interaction occurred; evidence kind only */
|
|
3409
|
+
occurred_at: z.string().datetime({ offset: true }).optional(),
|
|
3410
|
+
/** Declared purpose string; max 256 chars */
|
|
3411
|
+
purpose_declared: z.string().max(256).optional(),
|
|
3412
|
+
/** Extension groups (open; known group keys validated by group schema) */
|
|
3413
|
+
extensions: z.record(z.string(), z.unknown()).optional()
|
|
3414
|
+
}).superRefine((data, ctx) => {
|
|
3415
|
+
if (data.kind === "challenge" && data.occurred_at !== void 0) {
|
|
3416
|
+
ctx.addIssue({
|
|
3417
|
+
code: "custom",
|
|
3418
|
+
message: "E_OCCURRED_AT_ON_CHALLENGE"
|
|
3419
|
+
});
|
|
3420
|
+
}
|
|
3421
|
+
validateKnownExtensions(data.extensions, ctx);
|
|
3422
|
+
}).strict();
|
|
3423
|
+
function checkOccurredAtSkew(occurredAt, iat, now, tolerance = OCCURRED_AT_TOLERANCE_SECONDS) {
|
|
3424
|
+
if (occurredAt === void 0) return null;
|
|
3425
|
+
const ts = Date.parse(occurredAt) / 1e3;
|
|
3426
|
+
if (isNaN(ts)) return null;
|
|
3427
|
+
if (ts > now + tolerance) return "future_error";
|
|
3428
|
+
if (ts > iat) {
|
|
3429
|
+
return {
|
|
3430
|
+
code: "occurred_at_skew",
|
|
3431
|
+
message: "occurred_at is after iat",
|
|
3432
|
+
pointer: "/occurred_at"
|
|
3433
|
+
};
|
|
3434
|
+
}
|
|
3435
|
+
return null;
|
|
3436
|
+
}
|
|
3054
3437
|
|
|
3055
3438
|
// src/receipt-parser.ts
|
|
3056
|
-
function
|
|
3439
|
+
function detectWireVersion(obj) {
|
|
3440
|
+
if (obj === null || obj === void 0 || typeof obj !== "object" || Array.isArray(obj)) {
|
|
3441
|
+
return null;
|
|
3442
|
+
}
|
|
3443
|
+
const record = obj;
|
|
3444
|
+
if (record.peac_version === "0.2") return "0.2";
|
|
3445
|
+
if ("peac_version" in record) return null;
|
|
3446
|
+
return "0.1";
|
|
3447
|
+
}
|
|
3448
|
+
function classifyWire01Receipt(obj) {
|
|
3057
3449
|
if ("amt" in obj || "cur" in obj || "payment" in obj) {
|
|
3058
3450
|
return "commerce";
|
|
3059
3451
|
}
|
|
3060
3452
|
return "attestation";
|
|
3061
3453
|
}
|
|
3062
|
-
function parseReceiptClaims(input,
|
|
3454
|
+
function parseReceiptClaims(input, opts) {
|
|
3063
3455
|
if (input === null || input === void 0 || typeof input !== "object" || Array.isArray(input)) {
|
|
3064
3456
|
return {
|
|
3065
3457
|
ok: false,
|
|
@@ -3070,7 +3462,37 @@ function parseReceiptClaims(input, _opts) {
|
|
|
3070
3462
|
};
|
|
3071
3463
|
}
|
|
3072
3464
|
const obj = input;
|
|
3073
|
-
const
|
|
3465
|
+
const wireVersion = opts?.wireVersion === "0.2" || opts?.wireVersion === "0.1" ? opts.wireVersion : detectWireVersion(obj);
|
|
3466
|
+
if (wireVersion === null) {
|
|
3467
|
+
return {
|
|
3468
|
+
ok: false,
|
|
3469
|
+
error: {
|
|
3470
|
+
code: "E_UNSUPPORTED_WIRE_VERSION",
|
|
3471
|
+
message: `Unsupported or unrecognized peac_version: ${JSON.stringify(obj["peac_version"])}`
|
|
3472
|
+
}
|
|
3473
|
+
};
|
|
3474
|
+
}
|
|
3475
|
+
if (wireVersion === "0.2") {
|
|
3476
|
+
const result2 = Wire02ClaimsSchema.safeParse(obj);
|
|
3477
|
+
if (!result2.success) {
|
|
3478
|
+
return {
|
|
3479
|
+
ok: false,
|
|
3480
|
+
error: {
|
|
3481
|
+
code: "E_INVALID_FORMAT",
|
|
3482
|
+
message: `Wire 0.2 receipt validation failed: ${result2.error.issues.map((i) => i.message).join("; ")}`,
|
|
3483
|
+
issues: result2.error.issues
|
|
3484
|
+
}
|
|
3485
|
+
};
|
|
3486
|
+
}
|
|
3487
|
+
return {
|
|
3488
|
+
ok: true,
|
|
3489
|
+
variant: "wire-02",
|
|
3490
|
+
wireVersion: "0.2",
|
|
3491
|
+
warnings: [],
|
|
3492
|
+
claims: result2.data
|
|
3493
|
+
};
|
|
3494
|
+
}
|
|
3495
|
+
const variant = classifyWire01Receipt(obj);
|
|
3074
3496
|
if (variant === "commerce") {
|
|
3075
3497
|
const result2 = ReceiptClaimsSchema.safeParse(obj);
|
|
3076
3498
|
if (!result2.success) {
|
|
@@ -3086,6 +3508,8 @@ function parseReceiptClaims(input, _opts) {
|
|
|
3086
3508
|
return {
|
|
3087
3509
|
ok: true,
|
|
3088
3510
|
variant: "commerce",
|
|
3511
|
+
wireVersion: "0.1",
|
|
3512
|
+
warnings: [],
|
|
3089
3513
|
claims: result2.data
|
|
3090
3514
|
};
|
|
3091
3515
|
}
|
|
@@ -3103,9 +3527,56 @@ function parseReceiptClaims(input, _opts) {
|
|
|
3103
3527
|
return {
|
|
3104
3528
|
ok: true,
|
|
3105
3529
|
variant: "attestation",
|
|
3530
|
+
wireVersion: "0.1",
|
|
3531
|
+
warnings: [],
|
|
3106
3532
|
claims: result.data
|
|
3107
3533
|
};
|
|
3108
3534
|
}
|
|
3535
|
+
|
|
3536
|
+
// src/wire-02-warnings.ts
|
|
3537
|
+
var WARNING_TYPE_UNREGISTERED = "type_unregistered";
|
|
3538
|
+
var WARNING_UNKNOWN_EXTENSION = "unknown_extension_preserved";
|
|
3539
|
+
var WARNING_OCCURRED_AT_SKEW = "occurred_at_skew";
|
|
3540
|
+
var WARNING_TYP_MISSING = "typ_missing";
|
|
3541
|
+
function sortWarnings(warnings) {
|
|
3542
|
+
return [...warnings].sort((a, b) => {
|
|
3543
|
+
const aHasPtr = a.pointer !== void 0;
|
|
3544
|
+
const bHasPtr = b.pointer !== void 0;
|
|
3545
|
+
if (!aHasPtr && bHasPtr) return -1;
|
|
3546
|
+
if (aHasPtr && !bHasPtr) return 1;
|
|
3547
|
+
if (aHasPtr && bHasPtr) {
|
|
3548
|
+
const cmp = a.pointer.localeCompare(b.pointer);
|
|
3549
|
+
if (cmp !== 0) return cmp;
|
|
3550
|
+
}
|
|
3551
|
+
return a.code.localeCompare(b.code);
|
|
3552
|
+
});
|
|
3553
|
+
}
|
|
3554
|
+
|
|
3555
|
+
// src/wire-02-registries.ts
|
|
3556
|
+
var REGISTERED_RECEIPT_TYPES = /* @__PURE__ */ new Set([
|
|
3557
|
+
"org.peacprotocol/payment",
|
|
3558
|
+
"org.peacprotocol/access-decision",
|
|
3559
|
+
"org.peacprotocol/identity-attestation",
|
|
3560
|
+
"org.peacprotocol/consent-record",
|
|
3561
|
+
"org.peacprotocol/compliance-check",
|
|
3562
|
+
"org.peacprotocol/privacy-signal",
|
|
3563
|
+
"org.peacprotocol/safety-review",
|
|
3564
|
+
"org.peacprotocol/provenance-record",
|
|
3565
|
+
"org.peacprotocol/attribution-event",
|
|
3566
|
+
"org.peacprotocol/purpose-declaration"
|
|
3567
|
+
]);
|
|
3568
|
+
var REGISTERED_EXTENSION_GROUP_KEYS = /* @__PURE__ */ new Set([
|
|
3569
|
+
"org.peacprotocol/commerce",
|
|
3570
|
+
"org.peacprotocol/access",
|
|
3571
|
+
"org.peacprotocol/challenge",
|
|
3572
|
+
"org.peacprotocol/identity",
|
|
3573
|
+
"org.peacprotocol/correlation"
|
|
3574
|
+
]);
|
|
3575
|
+
|
|
3576
|
+
// src/policy-binding.ts
|
|
3577
|
+
function verifyPolicyBinding(receiptDigest, localDigest) {
|
|
3578
|
+
return receiptDigest === localDigest ? "verified" : "failed";
|
|
3579
|
+
}
|
|
3109
3580
|
var REVOCATION_REASONS = [
|
|
3110
3581
|
"key_compromise",
|
|
3111
3582
|
"superseded",
|
|
@@ -3132,6 +3603,6 @@ function findRevokedKey(revokedKeys, kid) {
|
|
|
3132
3603
|
return revokedKeys.find((entry) => entry.kid === kid) ?? null;
|
|
3133
3604
|
}
|
|
3134
3605
|
|
|
3135
|
-
export { ACTOR_BINDING_EXTENSION_KEY, AGENT_IDENTITY_TYPE, AIPREFSnapshot as AIPREFSnapshotSchema, ATTESTATION_LIMITS, ATTESTATION_RECEIPT_TYPE, ATTRIBUTION_LIMITS, ATTRIBUTION_TYPE, ATTRIBUTION_USAGES, ActorBindingSchema, AgentIdentityAttestationSchema, AgentIdentityEvidenceSchema, AgentIdentityVerifiedSchema, AgentProofSchema, AttestationExtensionsSchema, AttestationReceiptClaimsSchema, AttestationSchema, AttributionAttestationSchema, AttributionEvidenceSchema, AttributionSourceSchema, AttributionUsageSchema, BindingDetailsSchema, CANONICAL_DIGEST_ALGS, CANONICAL_PURPOSES, CARRIER_TRANSPORT_LIMITS, COMMITMENT_CLASSES, CONTRIBUTION_TYPES, CONTROL_ACTIONS, CONTROL_ACTION_EXTENSION_KEY, CONTROL_TRIGGERS, CONTROL_TYPES, CREDENTIAL_EVENTS, CREDENTIAL_EVENT_EXTENSION_KEY, CREDIT_METHODS, CanonicalPurposeSchema, CarrierFormatSchema, CarrierMetaSchema, CommitmentClassSchema, CompactJwsSchema, ContactMethodSchema, ContentHashSchema, ContributionObligationSchema, ContributionTypeSchema, ControlActionSchema, ControlActionTypeSchema, ControlBlockSchema, ControlDecisionSchema, ControlLicensingModeSchema, ControlPurposeSchema, ControlStepSchema, ControlTriggerSchema, ControlTypeSchema, CredentialEventSchema, CredentialEventTypeSchema, CredentialRefSchema, CreditMethodSchema, CreditObligationSchema, DERIVATION_TYPES, DIGEST_SIZE_CONSTANTS, DIGEST_VALUE_PATTERN, DISPUTE_GROUNDS_CODES, DISPUTE_LIMITS, DISPUTE_OUTCOMES, DISPUTE_STATES, DISPUTE_TARGET_TYPES, DISPUTE_TRANSITIONS, DISPUTE_TYPE, DISPUTE_TYPES, DerivationTypeSchema, DigestAlgSchema, DigestSchema, DisputeAttestationSchema, DisputeContactSchema, DisputeEvidenceSchema, DisputeGroundsCodeSchema, DisputeGroundsSchema, DisputeIdSchema, DisputeOutcomeSchema, DisputeResolutionSchema, DisputeStateSchema, DisputeTargetTypeSchema, DisputeTypeSchema, DocumentRefSchema, ERROR_CATEGORIES_CANONICAL, ERROR_CODES, EXTENSION_KEY_PATTERN, ExecutorSchema, Extensions, ExtensionsSchema, HashAlgorithmSchema, HashEncodingSchema, INTERACTION_EXTENSION_KEY, INTERACTION_LIMITS, INTERNAL_PURPOSE_UNDECLARED, IdentityBindingSchema, InteractionEvidenceV01Schema, JSON_EVIDENCE_LIMITS, JWSHeader, JsonArraySchema, JsonObjectSchema, JsonPrimitiveSchema, JsonValueSchema, KERNEL_CONSTRAINTS, KIND_FORMAT_PATTERN, KindSchema, MAX_PURPOSE_TOKENS_PER_REQUEST, MAX_PURPOSE_TOKEN_LENGTH, MIDDLEWARE_INTERACTION_KEY, MVISFieldsSchema, MVISReplayProtectionSchema, MVISTimeBoundsSchema, MinimalInteractionBindingSchema, NormalizedPayment, OBLIGATIONS_EXTENSION_KEY, ORCHESTRATION_FRAMEWORKS, ObligationsExtensionSchema, OrchestrationFrameworkSchema, PEAC_ALG, PEAC_DISCOVERY_MAX_BYTES, PEAC_DISCOVERY_PATH, PEAC_ISSUER_CONFIG_MAX_BYTES, PEAC_ISSUER_CONFIG_PATH, PEAC_ISSUER_CONFIG_VERSION, PEAC_POLICY_FALLBACK_PATH, PEAC_POLICY_MAX_BYTES, PEAC_POLICY_PATH, PEAC_PURPOSE_APPLIED_HEADER, PEAC_PURPOSE_HEADER, PEAC_PURPOSE_REASON_HEADER, PEAC_RECEIPT_HEADER, PEAC_RECEIPT_SCHEMA_URL, PEAC_WIRE_TYP, POLICY_DECISIONS, PROOF_METHODS, PROOF_TYPES, PURPOSE_REASONS, PURPOSE_TOKEN_REGEX, PayloadRefSchema, PaymentEvidenceSchema, PaymentRoutingSchema, PaymentSplitSchema, PeacEvidenceCarrierSchema, PolicyContextSchema, ProofMethodSchema, ProofTypeSchema, PurposeReasonSchema, PurposeTokenSchema, REDACTION_MODES, REMEDIATION_TYPES, RESERVED_KIND_PREFIXES, RESULT_STATUSES, REVOCATION_REASONS, ReceiptClaims, ReceiptClaimsSchema, ReceiptRefSchema2 as ReceiptRefSchema, ReceiptUrlSchema, RefsSchema, RemediationSchema, RemediationTypeSchema, ResourceTargetSchema, ResultSchema, RevokedKeyEntrySchema, RevokedKeysArraySchema, STEP_ID_PATTERN, StepIdSchema, SubjectProfileSchema, SubjectProfileSnapshotSchema, Subject as SubjectSchema, SubjectTypeSchema, TERMINAL_STATES, TOOL_REGISTRY_EXTENSION_KEY, TREATY_EXTENSION_KEY, ToolRegistrySchema, ToolTargetSchema, TreatySchema, VerifyRequest as VerifyRequestSchema, WELL_KNOWN_KINDS, WORKFLOW_EXTENSION_KEY, WORKFLOW_ID_PATTERN, WORKFLOW_LIMITS, WORKFLOW_STATUSES, WORKFLOW_SUMMARY_TYPE, WorkflowContextSchema, WorkflowErrorContextSchema, WorkflowIdSchema, WorkflowStatusSchema, WorkflowSummaryAttestationSchema, WorkflowSummaryEvidenceSchema, assertJsonSafeIterative, canTransitionTo, computeReceiptRef, computeTotalWeight, createAgentIdentityAttestation, createAttestationReceiptClaims, createAttributionAttestation, createConstraintViolationError, createContributionObligation, createCreditObligation, createDisputeAttestation, createEvidenceNotJsonError, createInteractionEvidence, createObligationsExtension, createPEACError, createReceiptView, createStepId, createWorkflowContext, createWorkflowContextInvalidError, createWorkflowDagInvalidError, createWorkflowId, createWorkflowSummaryAttestation, deriveKnownPurposes, detectCycleInSources, determinePurposeReason, extractObligationsExtension, findRevokedKey, fingerprintRefToString, getInteraction, getValidTransitions, hasInteraction, hasUnknownPurposeTokens, hasValidDagSemantics, isAgentIdentityAttestation, isAttestationExpired, isAttestationNotYetValid, isAttestationOnly, isAttestationReceiptClaims, isAttributionAttestation, isAttributionExpired, isAttributionNotYetValid, isCanonicalPurpose, isContributionRequired, isCreditRequired, isDigestTruncated, isDisputeAttestation, isDisputeExpired, isDisputeNotYetValid, isLegacyPurpose, isMinimalInteractionBinding, isOriginOnly, isPaymentReceipt, isReservedKindPrefix, isTerminalState, isTerminalWorkflowStatus, isUndeclaredPurpose, isValidDisputeAttestation, isValidInteractionEvidence, isValidPurposeReason, isValidPurposeToken, isValidWorkflowContext, isWellKnownKind, isWorkflowSummaryAttestation, mapLegacyToCanonical, normalizePurposeToken, normalizeToCanonicalOrPreserve, parsePurposeHeader, parseReceiptClaims, setInteraction, stringToFingerprintRef, toCoreClaims, transitionDisputeState, validateActorBinding, validateAgentIdentityAttestation, validateAttestationReceiptClaims, validateAttributionAttestation, validateAttributionSource, validateCarrierConstraints, validateContentHash, validateContributionObligation, validateControlAction, validateCredentialEvent, validateCreditObligation, validateDisputeAttestation, validateDisputeContact, validateDisputeResolution, validateEvidence, validateIdentityBinding, validateInteraction, validateInteractionEvidence, validateInteractionOrdered, validateKernelConstraints, validateMVIS, validateMinimalInteractionBinding, validateObligationsExtension, validatePurposeTokens, validateRevokedKeys, validateSubjectSnapshot, validateToolRegistry, validateTreaty, validateWorkflowContext, validateWorkflowContextOrdered, validateWorkflowSummaryAttestation, verifyReceiptRefConsistency };
|
|
3606
|
+
export { ACCESS_EXTENSION_KEY, ACTOR_BINDING_EXTENSION_KEY, AGENT_IDENTITY_TYPE, AIPREFSnapshot as AIPREFSnapshotSchema, ATTESTATION_LIMITS, ATTESTATION_RECEIPT_TYPE, ATTRIBUTION_LIMITS, ATTRIBUTION_TYPE, ATTRIBUTION_USAGES, AccessExtensionSchema, ActorBindingSchema, AgentIdentityAttestationSchema, AgentIdentityEvidenceSchema, AgentIdentityVerifiedSchema, AgentProofSchema, AttestationExtensionsSchema, AttestationReceiptClaimsSchema, AttestationSchema, AttributionAttestationSchema, AttributionEvidenceSchema, AttributionSourceSchema, AttributionUsageSchema, BindingDetailsSchema, CANONICAL_DIGEST_ALGS, CANONICAL_PURPOSES, CARRIER_TRANSPORT_LIMITS, CHALLENGE_EXTENSION_KEY, CHALLENGE_TYPES, COMMERCE_EXTENSION_KEY, COMMITMENT_CLASSES, CONTRIBUTION_TYPES, CONTROL_ACTIONS, CONTROL_ACTION_EXTENSION_KEY, CONTROL_TRIGGERS, CONTROL_TYPES, CORRELATION_EXTENSION_KEY, CREDENTIAL_EVENTS, CREDENTIAL_EVENT_EXTENSION_KEY, CREDIT_METHODS, CanonicalIssSchema, CanonicalPurposeSchema, CarrierFormatSchema, CarrierMetaSchema, ChallengeExtensionSchema, ChallengeTypeSchema, CommerceExtensionSchema, CommitmentClassSchema, CompactJwsSchema, ContactMethodSchema, ContentHashSchema, ContributionObligationSchema, ContributionTypeSchema, ControlActionSchema, ControlActionTypeSchema, ControlBlockSchema, ControlDecisionSchema, ControlLicensingModeSchema, ControlPurposeSchema, ControlStepSchema, ControlTriggerSchema, ControlTypeSchema, CorrelationExtensionSchema, CredentialEventSchema, CredentialEventTypeSchema, CredentialRefSchema, CreditMethodSchema, CreditObligationSchema, DERIVATION_TYPES, DIGEST_SIZE_CONSTANTS, DIGEST_VALUE_PATTERN, DISPUTE_GROUNDS_CODES, DISPUTE_LIMITS, DISPUTE_OUTCOMES, DISPUTE_STATES, DISPUTE_TARGET_TYPES, DISPUTE_TRANSITIONS, DISPUTE_TYPE, DISPUTE_TYPES, DerivationTypeSchema, DigestAlgSchema, DigestSchema, DisputeAttestationSchema, DisputeContactSchema, DisputeEvidenceSchema, DisputeGroundsCodeSchema, DisputeGroundsSchema, DisputeIdSchema, DisputeOutcomeSchema, DisputeResolutionSchema, DisputeStateSchema, DisputeTargetTypeSchema, DisputeTypeSchema, DocumentRefSchema, ERROR_CATEGORIES_CANONICAL, ERROR_CODES, EXTENSION_KEY_PATTERN, EXTENSION_LIMITS, EvidencePillarSchema, ExecutorSchema, Extensions, ExtensionsSchema, HashAlgorithmSchema, HashEncodingSchema, IDENTITY_EXTENSION_KEY, INTERACTION_EXTENSION_KEY, INTERACTION_LIMITS, INTERNAL_PURPOSE_UNDECLARED, IdentityBindingSchema, IdentityExtensionSchema, InteractionEvidenceV01Schema, JSON_EVIDENCE_LIMITS, JWSHeader, JsonArraySchema, JsonObjectSchema, JsonPrimitiveSchema, JsonValueSchema, KERNEL_CONSTRAINTS, KIND_FORMAT_PATTERN, KindSchema, MAX_PURPOSE_TOKENS_PER_REQUEST, MAX_PURPOSE_TOKEN_LENGTH, MIDDLEWARE_INTERACTION_KEY, MVISFieldsSchema, MVISReplayProtectionSchema, MVISTimeBoundsSchema, MinimalInteractionBindingSchema, NormalizedPayment, OBLIGATIONS_EXTENSION_KEY, ORCHESTRATION_FRAMEWORKS, ObligationsExtensionSchema, OrchestrationFrameworkSchema, PEAC_ALG, PEAC_DISCOVERY_MAX_BYTES, PEAC_DISCOVERY_PATH, PEAC_ISSUER_CONFIG_MAX_BYTES, PEAC_ISSUER_CONFIG_PATH, PEAC_ISSUER_CONFIG_VERSION, PEAC_POLICY_FALLBACK_PATH, PEAC_POLICY_MAX_BYTES, PEAC_POLICY_PATH, PEAC_PURPOSE_APPLIED_HEADER, PEAC_PURPOSE_HEADER, PEAC_PURPOSE_REASON_HEADER, PEAC_RECEIPT_HEADER, PEAC_RECEIPT_SCHEMA_URL, PEAC_WIRE_TYP, POLICY_DECISIONS, PROOF_METHODS, PROOF_TYPES, PURPOSE_REASONS, PURPOSE_TOKEN_REGEX, PayloadRefSchema, PaymentEvidenceSchema, PaymentRoutingSchema, PaymentSplitSchema, PeacEvidenceCarrierSchema, PillarsSchema, PolicyBlockSchema, PolicyContextSchema, ProblemDetailsSchema, ProofMethodSchema, ProofTypeSchema, PurposeReasonSchema, PurposeTokenSchema, REDACTION_MODES, REGISTERED_EXTENSION_GROUP_KEYS, REGISTERED_RECEIPT_TYPES, REMEDIATION_TYPES, REPRESENTATION_LIMITS, RESERVED_KIND_PREFIXES, RESULT_STATUSES, REVOCATION_REASONS, ReceiptClaims, ReceiptClaimsSchema, ReceiptRefSchema2 as ReceiptRefSchema, ReceiptTypeSchema, ReceiptUrlSchema, RefsSchema, RemediationSchema, RemediationTypeSchema, Wire02RepresentationFieldsSchema as RepresentationFieldsSchema, ResourceTargetSchema, ResultSchema, RevokedKeyEntrySchema, RevokedKeysArraySchema, STEP_ID_PATTERN, StepIdSchema, SubjectProfileSchema, SubjectProfileSnapshotSchema, Subject as SubjectSchema, SubjectTypeSchema, TERMINAL_STATES, TOOL_REGISTRY_EXTENSION_KEY, TREATY_EXTENSION_KEY, ToolRegistrySchema, ToolTargetSchema, TreatySchema, VerifyRequest as VerifyRequestSchema, WARNING_OCCURRED_AT_SKEW, WARNING_TYPE_UNREGISTERED, WARNING_TYP_MISSING, WARNING_UNKNOWN_EXTENSION, WELL_KNOWN_KINDS, WORKFLOW_EXTENSION_KEY, WORKFLOW_ID_PATTERN, WORKFLOW_LIMITS, WORKFLOW_STATUSES, WORKFLOW_SUMMARY_TYPE, Wire01JWSHeaderSchema, Wire02ClaimsSchema, Wire02KindSchema, Wire02RepresentationFieldsSchema, WorkflowContextSchema, WorkflowErrorContextSchema, WorkflowIdSchema, WorkflowStatusSchema, WorkflowSummaryAttestationSchema, WorkflowSummaryEvidenceSchema, assertJsonSafeIterative, canTransitionTo, checkOccurredAtSkew, computeReceiptRef, computeTotalWeight, createAgentIdentityAttestation, createAttestationReceiptClaims, createAttributionAttestation, createConstraintViolationError, createContributionObligation, createCreditObligation, createDisputeAttestation, createEvidenceNotJsonError, createInteractionEvidence, createObligationsExtension, createPEACError, createReceiptView, createStepId, createWorkflowContext, createWorkflowContextInvalidError, createWorkflowDagInvalidError, createWorkflowId, createWorkflowSummaryAttestation, deriveKnownPurposes, detectCycleInSources, detectWireVersion, determinePurposeReason, extractObligationsExtension, findRevokedKey, fingerprintRefToString, getAccessExtension, getChallengeExtension, getCommerceExtension, getCorrelationExtension, getIdentityExtension, getInteraction, getValidTransitions, hasInteraction, hasUnknownPurposeTokens, hasValidDagSemantics, isAgentIdentityAttestation, isAttestationExpired, isAttestationNotYetValid, isAttestationOnly, isAttestationReceiptClaims, isAttributionAttestation, isAttributionExpired, isAttributionNotYetValid, isCanonicalIss, isCanonicalPurpose, isContributionRequired, isCreditRequired, isDigestTruncated, isDisputeAttestation, isDisputeExpired, isDisputeNotYetValid, isLegacyPurpose, isMinimalInteractionBinding, isOriginOnly, isPaymentReceipt, isReservedKindPrefix, isTerminalState, isTerminalWorkflowStatus, isUndeclaredPurpose, isValidDisputeAttestation, isValidExtensionKey, isValidInteractionEvidence, isValidPurposeReason, isValidPurposeToken, isValidReceiptType, isValidWorkflowContext, isWellKnownKind, isWorkflowSummaryAttestation, mapLegacyToCanonical, normalizePurposeToken, normalizeToCanonicalOrPreserve, parsePurposeHeader, parseReceiptClaims, setInteraction, sortWarnings, stringToFingerprintRef, toCoreClaims, transitionDisputeState, validateActorBinding, validateAgentIdentityAttestation, validateAttestationReceiptClaims, validateAttributionAttestation, validateAttributionSource, validateCarrierConstraints, validateContentHash, validateContributionObligation, validateControlAction, validateCredentialEvent, validateCreditObligation, validateDisputeAttestation, validateDisputeContact, validateDisputeResolution, validateEvidence, validateIdentityBinding, validateInteraction, validateInteractionEvidence, validateInteractionOrdered, validateKernelConstraints, validateKnownExtensions, validateMVIS, validateMinimalInteractionBinding, validateObligationsExtension, validatePurposeTokens, validateRevokedKeys, validateSubjectSnapshot, validateToolRegistry, validateTreaty, validateWorkflowContext, validateWorkflowContextOrdered, validateWorkflowSummaryAttestation, verifyPolicyBinding, verifyReceiptRefConsistency };
|
|
3136
3607
|
//# sourceMappingURL=index.mjs.map
|
|
3137
3608
|
//# sourceMappingURL=index.mjs.map
|