@peac/schema 0.12.1 → 0.12.2

package/dist/index.mjs

@@ -1,5 +1,6 @@
 import * as kernel from '@peac/kernel';
-import { ALGORITHMS, HEADERS, POLICY, ISSUER_CONFIG, DISCOVERY, WIRE_TYPE, TYPE_GRAMMAR, ISS_CANONICAL, POLICY_BLOCK, HASH, OCCURRED_AT_TOLERANCE_SECONDS } from '@peac/kernel';
+import { ALGORITHMS, HEADERS, POLICY, ISSUER_CONFIG, DISCOVERY, WIRE_TYPE, HASH, TYPE_GRAMMAR, ISS_CANONICAL, POLICY_BLOCK, RECEIPT_TYPES, EXTENSION_GROUPS, ERROR_CODES as ERROR_CODES$1, EXTENSION_BUDGET, OCCURRED_AT_TOLERANCE_SECONDS } from '@peac/kernel';
+export { EXTENSION_BUDGET } from '@peac/kernel';
 import { z } from 'zod';
 
 // src/errors.ts
@@ -33,9 +34,9 @@ var ERROR_CODES = {
   E_WORKFLOW_PARENT_NOT_FOUND: "E_WORKFLOW_PARENT_NOT_FOUND",
   E_WORKFLOW_SUMMARY_INVALID: "E_WORKFLOW_SUMMARY_INVALID",
   E_WORKFLOW_CYCLE_DETECTED: "E_WORKFLOW_CYCLE_DETECTED",
-  // Constraint errors (400, DD-121)
+  // Constraint errors (400)
   E_CONSTRAINT_VIOLATION: "E_CONSTRAINT_VIOLATION",
-  // Wire 0.2 extension errors (400, DD-153/DD-156)
+  // Wire 0.2 extension errors (400/)
   E_INVALID_EXTENSION_KEY: "E_INVALID_EXTENSION_KEY"
 };
 function createPEACError(code, category, severity, retryable, options) {
@@ -303,7 +304,7 @@ var KERNEL_CONSTRAINTS = {
   MAX_STRING_LENGTH: 65536,
   /** Maximum total nodes to visit during traversal */
   MAX_TOTAL_NODES: 1e5,
-  /** Temporal validity clock skew tolerance in seconds (DD-8) */
+  /** Temporal validity clock skew tolerance in seconds */
   CLOCK_SKEW_SECONDS: 60
 };
 function validateKernelConstraints(claims) {
@@ -574,7 +575,10 @@ var BindingDetailsSchema = z.object({
   signed_at: z.string().datetime()
 }).strict();
 var AgentProofSchema = z.object({
-  /** Proof method used */
+  /**
+   * Proof method used.
+   * @see ProofMethodSchema - deprecated in v0.12.2; will migrate in v0.13.0
+   */
   method: ProofMethodSchema,
   /** Key ID (matches kid in JWS header or JWKS) */
   key_id: z.string().min(1).max(256),
@@ -1186,7 +1190,7 @@ var ACTOR_BINDING_EXTENSION_KEY = "org.peacprotocol/actor_binding";
 var ActorBindingSchema = z.object({
   /** Stable actor identifier (opaque, no PII) */
   id: z.string().min(1).max(256),
-  /** Proof type from DD-143 multi-root vocabulary */
+  /** Proof type from multi-root vocabulary */
   proof_type: ProofTypeSchema,
   /** URI or hash of external proof artifact */
   proof_ref: z.string().max(2048).optional(),
@@ -1194,7 +1198,7 @@ var ActorBindingSchema = z.object({
   origin: z.string().max(2048).refine(isOriginOnly, {
     message: "origin must be an origin-only URL (scheme + host + optional port; no path, query, or fragment)"
   }),
-  /** SHA-256 hash of the intent (hash-first per DD-138) */
+  /** SHA-256 hash of the intent (hash-first per ) */
   intent_hash: z.string().regex(/^sha256:[a-f0-9]{64}$/, {
     message: "intent_hash must match sha256:<64 hex chars>"
   }).optional()
@@ -3102,6 +3106,7 @@ var EXTENSION_LIMITS = {
   maxAmountMinorLength: 64,
   maxReferenceLength: 256,
   maxAssetLength: 256,
+  maxCommerceEventLength: 64,
   // Access
   maxResourceLength: 2048,
   maxActionLength: 256,
@@ -3117,8 +3122,61 @@ var EXTENSION_LIMITS = {
   maxSpanIdLength: 16,
   maxWorkflowIdLength: 256,
   maxParentJtiLength: 256,
-  maxDependsOnLength: 64
+  maxDependsOnLength: 64,
+  // Consent
+  maxConsentBasisLength: 128,
+  maxConsentMethodLength: 128,
+  maxDataCategoriesCount: 64,
+  maxDataCategoryLength: 128,
+  maxConsentScopeLength: 256,
+  maxJurisdictionLength: 16,
+  // Compliance
+  maxFrameworkLength: 256,
+  maxAuditRefLength: 256,
+  maxAuditorLength: 256,
+  maxComplianceScopeLength: 512,
+  // Privacy
+  maxDataClassificationLength: 128,
+  maxProcessingBasisLength: 128,
+  maxAnonymizationMethodLength: 128,
+  maxDataSubjectCategoryLength: 128,
+  maxTransferMechanismLength: 128,
+  // Safety
+  maxAssessmentMethodLength: 256,
+  maxSafetyMeasuresCount: 32,
+  maxSafetyMeasureLength: 256,
+  maxIncidentRefLength: 256,
+  maxModelRefLength: 256,
+  maxSafetyCategoryLength: 128,
+  // Provenance
+  maxSourceTypeLength: 128,
+  maxSourceRefLength: 256,
+  maxVerificationMethodLength: 128,
+  maxCustodyChainCount: 16,
+  maxCustodianLength: 256,
+  maxCustodyActionLength: 128,
+  maxSlsaTrackLength: 64,
+  maxSlsaVersionLength: 16,
+  // Attribution
+  maxCreatorRefLength: 256,
+  maxObligationTypeLength: 128,
+  maxAttributionTextLength: 1024,
+  maxContentSignalSourceLength: 128,
+  // Purpose
+  maxExternalPurposesCount: 32,
+  maxExternalPurposeLength: 128,
+  maxPurposeBasisLength: 128,
+  maxCompatiblePurposesCount: 32,
+  // Shared field bounds
+  maxHttpsUriLength: 2048,
+  maxSha256DigestLength: 71,
+  // "sha256:" (7) + 64 hex = 71 chars
+  maxIso8601DurationLength: 64,
+  maxIso8601DateLength: 10,
+  maxSpdxExpressionLength: 128
 };
+
+// src/wire-02-extensions/grammar.ts
 var DNS_LABEL = /^[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$/;
 var SEGMENT_PATTERN = /^[a-z0-9][a-z0-9_-]*$/;
 function isValidExtensionKey(key) {
@@ -3138,11 +3196,6 @@ function isValidExtensionKey(key) {
   }
   return true;
 }
-var COMMERCE_EXTENSION_KEY = "org.peacprotocol/commerce";
-var ACCESS_EXTENSION_KEY = "org.peacprotocol/access";
-var CHALLENGE_EXTENSION_KEY = "org.peacprotocol/challenge";
-var IDENTITY_EXTENSION_KEY = "org.peacprotocol/identity";
-var CORRELATION_EXTENSION_KEY = "org.peacprotocol/correlation";
 function escapePointerSegment(s) {
   return s.replace(/~/g, "~0").replace(/\//g, "~1");
 }
@@ -3151,6 +3204,7 @@ function zodPathToPointer(groupKey, zodPath) {
   const segments = zodPath.map((s) => escapePointerSegment(String(s)));
   return `/extensions/${escaped}` + (segments.length > 0 ? "/" + segments.join("/") : "");
 }
+var COMMERCE_EXTENSION_KEY = "org.peacprotocol/commerce";
 var AMOUNT_MINOR_PATTERN = /^-?[0-9]+$/;
 var CommerceExtensionSchema = z.object({
   /** Payment rail identifier (e.g., 'stripe', 'x402', 'lightning') */
@@ -3171,8 +3225,11 @@ var CommerceExtensionSchema = z.object({
   /** Asset identifier for non-fiat (e.g., token address) */
   asset: z.string().max(EXTENSION_LIMITS.maxAssetLength).optional(),
   /** Environment discriminant */
-  env: z.enum(["live", "test"]).optional()
+  env: z.enum(["live", "test"]).optional(),
+  /** Commerce lifecycle phase. Observational metadata only: does not encode settlement finality or protocol state transitions */
+  event: z.enum(["authorization", "capture", "settlement", "refund", "void", "chargeback"]).optional()
 }).strict();
+var ACCESS_EXTENSION_KEY = "org.peacprotocol/access";
 var AccessExtensionSchema = z.object({
   /** Resource being accessed (URI or identifier) */
   resource: z.string().min(1).max(EXTENSION_LIMITS.maxResourceLength),
@@ -3181,6 +3238,7 @@ var AccessExtensionSchema = z.object({
   /** Access decision */
   decision: z.enum(["allow", "deny", "review"])
 }).strict();
+var CHALLENGE_EXTENSION_KEY = "org.peacprotocol/challenge";
 var CHALLENGE_TYPES = [
   "payment_required",
   "identity_required",
@@ -3215,10 +3273,12 @@ var ChallengeExtensionSchema = z.object({
   /** Caller-defined requirements for resolving the challenge */
   requirements: z.record(z.string(), z.unknown()).optional()
 }).strict();
+var IDENTITY_EXTENSION_KEY = "org.peacprotocol/identity";
 var IdentityExtensionSchema = z.object({
   /** Proof reference (opaque string; no actor_binding: top-level actor is sole location) */
   proof_ref: z.string().max(EXTENSION_LIMITS.maxProofRefLength).optional()
 }).strict();
+var CORRELATION_EXTENSION_KEY = "org.peacprotocol/correlation";
 var TRACE_ID_PATTERN = /^[0-9a-f]{32}$/;
 var SPAN_ID_PATTERN = /^[0-9a-f]{16}$/;
 var CorrelationExtensionSchema = z.object({
@@ -3233,12 +3293,497 @@ var CorrelationExtensionSchema = z.object({
   /** JTIs this receipt depends on */
   depends_on: z.array(z.string().min(1).max(EXTENSION_LIMITS.maxParentJtiLength)).max(EXTENSION_LIMITS.maxDependsOnLength).optional()
 }).strict();
-var EXTENSION_SCHEMA_MAP = /* @__PURE__ */ new Map();
-EXTENSION_SCHEMA_MAP.set(COMMERCE_EXTENSION_KEY, CommerceExtensionSchema);
-EXTENSION_SCHEMA_MAP.set(ACCESS_EXTENSION_KEY, AccessExtensionSchema);
-EXTENSION_SCHEMA_MAP.set(CHALLENGE_EXTENSION_KEY, ChallengeExtensionSchema);
-EXTENSION_SCHEMA_MAP.set(IDENTITY_EXTENSION_KEY, IdentityExtensionSchema);
-EXTENSION_SCHEMA_MAP.set(CORRELATION_EXTENSION_KEY, CorrelationExtensionSchema);
+var Sha256DigestSchema = z.string().max(71).regex(HASH.pattern, "must be a valid SHA-256 digest (sha256:<64 lowercase hex>)");
+var CONTROL_CHAR_PATTERN = /[\x00-\x1f\x7f]/;
+var HttpsUriHintSchema = z.string().min(1).max(2048).refine(
+  (value) => {
+    if (CONTROL_CHAR_PATTERN.test(value)) return false;
+    if (value.includes("#")) return false;
+    try {
+      const url = new URL(value);
+      if (url.protocol !== "https:") return false;
+      if (url.username !== "" || url.password !== "") return false;
+      if (!url.hostname) return false;
+      return true;
+    } catch {
+      return false;
+    }
+  },
+  {
+    message: "must be a valid HTTPS URI (no credentials, no fragments, no control characters)"
+  }
+);
+var DATE_DESIGNATOR_ORDER = ["Y", "M", "W", "D"];
+var TIME_DESIGNATOR_ORDER = ["H", "M", "S"];
+function parseIso8601Duration(value) {
+  if (typeof value !== "string" || value.length === 0 || value.length > 64) {
+    return null;
+  }
+  if (value.charAt(0) !== "P") return null;
+  let pos = 1;
+  const len = value.length;
+  if (pos >= len) return null;
+  const result = {
+    years: 0,
+    months: 0,
+    weeks: 0,
+    days: 0,
+    hours: 0,
+    minutes: 0,
+    seconds: 0
+  };
+  let inTimePart = false;
+  let hasAnyComponent = false;
+  const seenDesignators = /* @__PURE__ */ new Set();
+  let dateOrderIdx = 0;
+  let timeOrderIdx = 0;
+  while (pos < len) {
+    if (value.charAt(pos) === "T") {
+      if (inTimePart) return null;
+      inTimePart = true;
+      pos++;
+      if (pos >= len) return null;
+      continue;
+    }
+    const numStart = pos;
+    while (pos < len && value.charAt(pos) >= "0" && value.charAt(pos) <= "9") {
+      pos++;
+    }
+    if (pos === numStart) return null;
+    const digits = value.slice(numStart, pos);
+    if (digits.length > 15) return null;
+    const num = parseInt(digits, 10);
+    if (!Number.isFinite(num) || num < 0) return null;
+    if (pos >= len) return null;
+    const designator = value.charAt(pos);
+    pos++;
+    const designatorKey = (inTimePart ? "T" : "") + designator;
+    if (seenDesignators.has(designatorKey)) return null;
+    seenDesignators.add(designatorKey);
+    if (inTimePart) {
+      const timeIdx = TIME_DESIGNATOR_ORDER.indexOf(designator);
+      if (timeIdx === -1) return null;
+      if (timeIdx < timeOrderIdx) return null;
+      timeOrderIdx = timeIdx + 1;
+      switch (designator) {
+        case "H":
+          result.hours = num;
+          break;
+        case "M":
+          result.minutes = num;
+          break;
+        case "S":
+          result.seconds = num;
+          break;
+      }
+    } else {
+      const dateIdx = DATE_DESIGNATOR_ORDER.indexOf(designator);
+      if (dateIdx === -1) return null;
+      if (dateIdx < dateOrderIdx) return null;
+      dateOrderIdx = dateIdx + 1;
+      switch (designator) {
+        case "Y":
+          result.years = num;
+          break;
+        case "M":
+          result.months = num;
+          break;
+        case "W":
+          result.weeks = num;
+          break;
+        case "D":
+          result.days = num;
+          break;
+      }
+    }
+    hasAnyComponent = true;
+  }
+  if (!hasAnyComponent) return null;
+  if (result.weeks > 0 && (result.years > 0 || result.months > 0 || result.days > 0)) {
+    return null;
+  }
+  return result;
+}
+var Iso8601DurationSchema = z.string().min(2).max(64).refine((value) => parseIso8601Duration(value) !== null, {
+  message: "must be a valid ISO 8601 duration (e.g., P30D, P1Y6M, PT1H30M)"
+});
+var Iso8601DateStringSchema = z.string().length(10).regex(/^\d{4}-(?:0[1-9]|1[0-2])-(?:0[1-9]|[12]\d|3[01])$/, {
+  message: "must be a structurally valid date string (YYYY-MM-DD)"
+});
+var Iso8601DateSchema = Iso8601DateStringSchema;
+var Iso8601OffsetDateTimeSchema = z.iso.datetime({ offset: true });
+var RFC3339_SECONDS_PATTERN = /T\d{2}:\d{2}:\d{2}/;
+var Rfc3339DateTimeSchema = z.iso.datetime({ offset: true }).refine((value) => RFC3339_SECONDS_PATTERN.test(value), {
+  message: "RFC 3339 requires seconds precision (e.g., 2026-03-14T12:00:00Z)"
+});
+var Rfc3339TimestampSchema = Iso8601OffsetDateTimeSchema;
+function isValidSpdxSubsetExpression(expr) {
+  if (typeof expr !== "string" || expr.length === 0 || expr.length > 128) {
+    return false;
+  }
+  const tokens = [];
+  let current = "";
+  for (let i = 0; i < expr.length; i++) {
+    const ch = expr.charAt(i);
+    if (ch === "(" || ch === ")") {
+      if (current.length > 0) {
+        tokens.push(current);
+        current = "";
+      }
+      tokens.push(ch);
+    } else if (ch === " " || ch === "	") {
+      if (current.length > 0) {
+        tokens.push(current);
+        current = "";
+      }
+    } else {
+      current += ch;
+    }
+  }
+  if (current.length > 0) {
+    tokens.push(current);
+  }
+  if (tokens.length === 0) return false;
+  let pos = 0;
+  function peek() {
+    return tokens[pos];
+  }
+  function advance() {
+    return tokens[pos++];
+  }
+  function isLicenseId(token) {
+    const base = token.endsWith("+") ? token.slice(0, -1) : token;
+    if (base.length === 0) return false;
+    if (base.startsWith("LicenseRef-")) {
+      const ref = base.slice(11);
+      return ref.length > 0 && /^[A-Za-z0-9][A-Za-z0-9._-]*$/.test(ref);
+    }
+    return /^[A-Za-z0-9][A-Za-z0-9._-]*$/.test(base);
+  }
+  function isExceptionId(token) {
+    return /^[A-Za-z0-9][A-Za-z0-9._-]*$/.test(token);
+  }
+  function parseExpr() {
+    if (!parseTerm()) return false;
+    while (pos < tokens.length) {
+      const op = peek();
+      if (op === "AND" || op === "OR") {
+        advance();
+        if (!parseTerm()) return false;
+      } else {
+        break;
+      }
+    }
+    return true;
+  }
+  function parseTerm() {
+    if (!parseAtom()) return false;
+    if (peek() === "WITH") {
+      advance();
+      const exception = peek();
+      if (exception === void 0 || !isExceptionId(exception)) return false;
+      advance();
+    }
+    return true;
+  }
+  function parseAtom() {
+    const token = peek();
+    if (token === void 0) return false;
+    if (token === "(") {
+      advance();
+      if (!parseExpr()) return false;
+      if (peek() !== ")") return false;
+      advance();
+      return true;
+    }
+    if (token === ")" || token === "AND" || token === "OR" || token === "WITH") {
+      return false;
+    }
+    if (!isLicenseId(token)) return false;
+    advance();
+    return true;
+  }
+  const result = parseExpr();
+  return result && pos === tokens.length;
+}
+var SpdxExpressionSchema = z.string().min(1).max(128).refine(isValidSpdxSubsetExpression, {
+  message: "must be a valid SPDX license expression (e.g., MIT, Apache-2.0, MIT AND Apache-2.0). DocumentRef-* not yet supported."
+});
+
+// src/wire-02-extensions/consent.ts
+var CONSENT_EXTENSION_KEY = "org.peacprotocol/consent";
+var CONSENT_STATUSES = ["granted", "withdrawn", "denied", "expired"];
+var ConsentStatusSchema = z.enum(CONSENT_STATUSES);
+var ConsentExtensionSchema = z.object({
+  /**
+   * Legal basis identifier for consent.
+   * Open string: jurisdictions define different bases
+   * (e.g., explicit, implied, opt_out, legitimate_interest, contractual, legal_obligation).
+   */
+  consent_basis: z.string().min(1).max(EXTENSION_LIMITS.maxConsentBasisLength),
+  /** Consent lifecycle state (closed vocabulary) */
+  consent_status: ConsentStatusSchema,
+  /**
+   * Data categories covered by this consent.
+   * Open vocabulary (e.g., personal, sensitive, biometric).
+   */
+  data_categories: z.array(z.string().min(1).max(EXTENSION_LIMITS.maxDataCategoryLength)).max(EXTENSION_LIMITS.maxDataCategoriesCount).optional(),
+  /** Data retention period as ISO 8601 duration. */
+  retention_period: Iso8601DurationSchema.optional(),
+  /**
+   * How consent was collected.
+   * Open vocabulary (e.g., click_through, double_opt_in, verbal, written).
+   */
+  consent_method: z.string().min(1).max(EXTENSION_LIMITS.maxConsentMethodLength).optional(),
+  /**
+   * HTTPS URI hint for consent withdrawal.
+   * Locator hint only: callers MUST NOT auto-fetch.
+   * Rejects non-HTTPS, embedded credentials, fragments, control chars.
+   */
+  withdrawal_uri: HttpsUriHintSchema.optional(),
+  /** Free-text scope description */
+  scope: z.string().min(1).max(EXTENSION_LIMITS.maxConsentScopeLength).optional(),
+  /**
+   * Jurisdiction code: ISO 3166-1 alpha-2 or composite.
+   * Examples: EU, US-CA, BR, GB, DE, JP, IN.
+   */
+  jurisdiction: z.string().min(1).max(EXTENSION_LIMITS.maxJurisdictionLength).optional()
+}).strict();
+var PRIVACY_EXTENSION_KEY = "org.peacprotocol/privacy";
+var RETENTION_MODES = ["time_bound", "indefinite", "session_only"];
+var RetentionModeSchema = z.enum(RETENTION_MODES);
+var RECIPIENT_SCOPES = ["internal", "processor", "third_party", "public"];
+var RecipientScopeSchema = z.enum(RECIPIENT_SCOPES);
+var PrivacyExtensionSchema = z.object({
+  /**
+   * Data classification level.
+   * Open taxonomy (e.g., public, internal, confidential, restricted, pii, sensitive_pii).
+   */
+  data_classification: z.string().min(1).max(EXTENSION_LIMITS.maxDataClassificationLength),
+  /**
+   * Legal basis for data processing.
+   * Open vocabulary (e.g., consent, legitimate_interest, contract, legal_obligation).
+   */
+  processing_basis: z.string().min(1).max(EXTENSION_LIMITS.maxProcessingBasisLength).optional(),
+  /**
+   * Data retention period as ISO 8601 duration.
+   * For non-duration retention semantics, use retention_mode instead.
+   */
+  retention_period: Iso8601DurationSchema.optional(),
+  /**
+   * Retention mode for non-duration semantics.
+   * Closed enum: time_bound, indefinite, session_only.
+   * When time_bound, retention_period SHOULD also be present.
+   */
+  retention_mode: RetentionModeSchema.optional(),
+  /**
+   * Data recipient classification.
+   * Closed enum aligned with GDPR Art 13-14 disclosure categories.
+   */
+  recipient_scope: RecipientScopeSchema.optional(),
+  /**
+   * Anonymization or pseudonymization method applied.
+   * Open vocabulary (e.g., k_anonymity, differential_privacy, pseudonymization,
+   * tokenization, aggregation).
+   */
+  anonymization_method: z.string().min(1).max(EXTENSION_LIMITS.maxAnonymizationMethodLength).optional(),
+  /**
+   * Data subject category.
+   * Open vocabulary (e.g., customer, employee, minor, patient, student).
+   */
+  data_subject_category: z.string().min(1).max(EXTENSION_LIMITS.maxDataSubjectCategoryLength).optional(),
+  /**
+   * Cross-border data transfer mechanism.
+   * Open vocabulary (e.g., adequacy_decision, scc, bcr, derogation, consent).
+   */
+  transfer_mechanism: z.string().min(1).max(EXTENSION_LIMITS.maxTransferMechanismLength).optional()
+}).strict();
+var SAFETY_EXTENSION_KEY = "org.peacprotocol/safety";
+var REVIEW_STATUSES = ["reviewed", "pending", "flagged", "not_applicable"];
+var ReviewStatusSchema = z.enum(REVIEW_STATUSES);
+var RISK_LEVELS = ["unacceptable", "high", "limited", "minimal"];
+var RiskLevelSchema = z.enum(RISK_LEVELS);
+var SafetyExtensionSchema = z.object({
+  /** Safety review status (closed vocabulary, universal lifecycle) */
+  review_status: ReviewStatusSchema,
+  /**
+   * Risk classification level.
+   * Optional at schema level; usage profiles may require it.
+   * Converges across EU AI Act Art 6, NIST AI RMF, ISO 23894.
+   */
+  risk_level: RiskLevelSchema.optional(),
+  /**
+   * Assessment method used.
+   * Open vocabulary (e.g., automated_scan, human_review, red_team,
+   * penetration_test, static_analysis, model_evaluation).
+   */
+  assessment_method: z.string().min(1).max(EXTENSION_LIMITS.maxAssessmentMethodLength).optional(),
+  /**
+   * Safety measures applied.
+   * Open vocabulary. Array bounded by maxSafetyMeasuresCount.
+   */
+  safety_measures: z.array(z.string().min(1).max(EXTENSION_LIMITS.maxSafetyMeasureLength)).max(EXTENSION_LIMITS.maxSafetyMeasuresCount).optional(),
+  /** Incident report reference. Opaque identifier (e.g., ticket ID or digest). */
+  incident_ref: z.string().min(1).max(EXTENSION_LIMITS.maxIncidentRefLength).optional(),
+  /** AI model reference. Opaque identifier (e.g., model version string). */
+  model_ref: z.string().min(1).max(EXTENSION_LIMITS.maxModelRefLength).optional(),
+  /**
+   * Safety category.
+   * Open vocabulary (e.g., content_safety, bias, hallucination,
+   * toxicity, fairness, robustness, privacy_risk).
+   */
+  category: z.string().min(1).max(EXTENSION_LIMITS.maxSafetyCategoryLength).optional()
+}).strict();
+var COMPLIANCE_EXTENSION_KEY = "org.peacprotocol/compliance";
+var COMPLIANCE_STATUSES = [
+  "compliant",
+  "non_compliant",
+  "partial",
+  "under_review",
+  "exempt"
+];
+var ComplianceStatusSchema = z.enum(COMPLIANCE_STATUSES);
+var ComplianceExtensionSchema = z.object({
+  /**
+   * Framework identifier evaluated.
+   * Open string: preferred grammar is lowercase slugs with hyphens
+   * (e.g., eu-ai-act, soc2-type2, iso-27001, nist-ai-rmf, gdpr, hipaa).
+   */
+  framework: z.string().min(1).max(EXTENSION_LIMITS.maxFrameworkLength),
+  /** Observed compliance status (closed vocabulary) */
+  compliance_status: ComplianceStatusSchema,
+  /** Opaque reference to audit report or evidence (e.g., report ID, ticket number). */
+  audit_ref: z.string().min(1).max(EXTENSION_LIMITS.maxAuditRefLength).optional(),
+  /** Auditor identifier (organization name or DID). */
+  auditor: z.string().min(1).max(EXTENSION_LIMITS.maxAuditorLength).optional(),
+  /** Date the compliance check was performed (YYYY-MM-DD). */
+  audit_date: Iso8601DateStringSchema.optional(),
+  /** Scope of the compliance check. */
+  scope: z.string().min(1).max(EXTENSION_LIMITS.maxComplianceScopeLength).optional(),
+  /** How long this finding remains valid as an ISO 8601 duration. */
+  validity_period: Iso8601DurationSchema.optional(),
+  /** SHA-256 digest of supporting evidence document. */
+  evidence_ref: Sha256DigestSchema.optional()
+}).strict();
+var PROVENANCE_EXTENSION_KEY = "org.peacprotocol/provenance";
+var CustodyEntrySchema = z.object({
+  /** Custodian identifier (organization name, DID, or opaque ID). */
+  custodian: z.string().min(1).max(EXTENSION_LIMITS.maxCustodianLength),
+  /** Action performed (e.g., received, transformed, verified, released). */
+  action: z.string().min(1).max(EXTENSION_LIMITS.maxCustodyActionLength),
+  /** When the custody event occurred (RFC 3339 with seconds). */
+  timestamp: Rfc3339DateTimeSchema
+}).strict();
+var SlsaLevelSchema = z.object({
+  /** SLSA track identifier (e.g., build, source). */
+  track: z.string().min(1).max(EXTENSION_LIMITS.maxSlsaTrackLength),
+  /** SLSA level within the track (0-4). */
+  level: z.number().int().min(0).max(4),
+  /** SLSA spec version this metadata references (e.g., 1.0, 1.2). */
+  version: z.string().min(1).max(EXTENSION_LIMITS.maxSlsaVersionLength)
+}).strict();
+var ProvenanceExtensionSchema = z.object({
+  /**
+   * Type of source or derivation.
+   * Open vocabulary (e.g., original, derived, curated, synthetic, aggregated, transformed).
+   */
+  source_type: z.string().min(1).max(EXTENSION_LIMITS.maxSourceTypeLength),
+  /** Opaque source reference identifier (e.g., commit hash, artifact ID). */
+  source_ref: z.string().min(1).max(EXTENSION_LIMITS.maxSourceRefLength).optional(),
+  /**
+   * HTTPS URI hint for the source artifact.
+   * Locator hint only: callers MUST NOT auto-fetch.
+   */
+  source_uri: HttpsUriHintSchema.optional(),
+  /**
+   * HTTPS URI hint for build provenance metadata.
+   * Locator hint only: callers MUST NOT auto-fetch.
+   */
+  build_provenance_uri: HttpsUriHintSchema.optional(),
+  /**
+   * How provenance was verified.
+   * Open vocabulary (e.g., signature_check, hash_chain,
+   * manual_attestation, transparency_log).
+   */
+  verification_method: z.string().min(1).max(EXTENSION_LIMITS.maxVerificationMethodLength).optional(),
+  /**
+   * Ordered custody chain entries.
+   * Each entry records a custodian, action, and timestamp.
+   */
+  custody_chain: z.array(CustodyEntrySchema).max(EXTENSION_LIMITS.maxCustodyChainCount).optional(),
+  /**
+   * Structured SLSA-aligned provenance metadata.
+   * Records track, level, and spec version.
+   */
+  slsa: SlsaLevelSchema.optional()
+}).strict();
+var ATTRIBUTION_EXTENSION_KEY = "org.peacprotocol/attribution";
+var CONTENT_SIGNAL_SOURCES = [
+  "tdmrep_json",
+  "content_signal_header",
+  "content_usage_header",
+  "robots_txt",
+  "custom"
+];
+var ContentSignalSourceSchema = z.enum(CONTENT_SIGNAL_SOURCES);
+var AttributionExtensionSchema = z.object({
+  /**
+   * Creator identifier (DID, URI, or opaque ID).
+   * Not an identity attestation; records observed attribution metadata.
+   */
+  creator_ref: z.string().min(1).max(EXTENSION_LIMITS.maxCreatorRefLength),
+  /** SPDX license expression (parser-grade structural subset validator). */
+  license_spdx: SpdxExpressionSchema.optional(),
+  /**
+   * Obligation type.
+   * Open vocabulary (e.g., attribution_required, share_alike, non_commercial).
+   */
+  obligation_type: z.string().min(1).max(EXTENSION_LIMITS.maxObligationTypeLength).optional(),
+  /** Required attribution text. */
+  attribution_text: z.string().min(1).max(EXTENSION_LIMITS.maxAttributionTextLength).optional(),
+  /** Content signal observation source (closed vocabulary). */
+  content_signal_source: ContentSignalSourceSchema.optional(),
+  /** SHA-256 digest of the attributed content. */
+  content_digest: Sha256DigestSchema.optional()
+}).strict();
+var PURPOSE_EXTENSION_KEY = "org.peacprotocol/purpose";
+var MachineSafePurposeTokenSchema = z.string().min(1).max(EXTENSION_LIMITS.maxExternalPurposeLength).regex(PURPOSE_TOKEN_REGEX, "must be a machine-safe lowercase token");
+function hasUniqueItems(items) {
+  return new Set(items).size === items.length;
+}
+var PurposeExtensionSchema = z.object({
+  /**
+   * External/legal/business purpose labels.
+   * Machine-safe tokens: lowercase alphanumeric with underscores, hyphens,
+   * and optional vendor prefix (e.g., ai_training, analytics, marketing).
+   * Not PEAC operational tokens; use peac_purpose_mapping for bridging.
+   * Items must be unique.
+   */
+  external_purposes: z.array(MachineSafePurposeTokenSchema).min(1).max(EXTENSION_LIMITS.maxExternalPurposesCount).refine(hasUniqueItems, { message: "external_purposes must contain unique items" }),
+  /**
+   * Legal or policy basis for the declared purposes.
+   * Open vocabulary (e.g., consent, legitimate_interest, contract).
+   */
+  purpose_basis: z.string().min(1).max(EXTENSION_LIMITS.maxPurposeBasisLength).optional(),
+  /** Whether purpose limitation applies. */
+  purpose_limitation: z.boolean().optional(),
+  /** Whether data minimization was applied. */
+  data_minimization: z.boolean().optional(),
+  /**
+   * Compatible purposes for secondary use.
+   * Same machine-safe token grammar as external_purposes.
+   * Items must be unique.
+   */
+  compatible_purposes: z.array(MachineSafePurposeTokenSchema).max(EXTENSION_LIMITS.maxCompatiblePurposesCount).refine(hasUniqueItems, { message: "compatible_purposes must contain unique items" }).optional(),
+  /**
+   * Explicit mapping to a PEAC operational CanonicalPurpose token.
+   * Validated against PURPOSE_TOKEN_REGEX from purpose.ts.
+   * Bridges external purpose vocabulary to operational tokens.
+   */
+  peac_purpose_mapping: z.string().min(1).max(MAX_PURPOSE_TOKEN_LENGTH).regex(PURPOSE_TOKEN_REGEX, "must be a valid PEAC purpose token").optional()
+}).strict();
+
+// src/wire-02-extensions/accessors.ts
 function getExtension(extensions, key, schema) {
   if (extensions === void 0) return void 0;
   if (!Object.prototype.hasOwnProperty.call(extensions, key)) return void 0;
@@ -3274,9 +3819,88 @@ function getIdentityExtension(extensions) {
 function getCorrelationExtension(extensions) {
   return getExtension(extensions, CORRELATION_EXTENSION_KEY, CorrelationExtensionSchema);
 }
+function getConsentExtension(extensions) {
+  return getExtension(extensions, CONSENT_EXTENSION_KEY, ConsentExtensionSchema);
+}
+function getPrivacyExtension(extensions) {
+  return getExtension(extensions, PRIVACY_EXTENSION_KEY, PrivacyExtensionSchema);
+}
+function getSafetyExtension(extensions) {
+  return getExtension(extensions, SAFETY_EXTENSION_KEY, SafetyExtensionSchema);
+}
+function getComplianceExtension(extensions) {
+  return getExtension(extensions, COMPLIANCE_EXTENSION_KEY, ComplianceExtensionSchema);
+}
+function getProvenanceExtension(extensions) {
+  return getExtension(extensions, PROVENANCE_EXTENSION_KEY, ProvenanceExtensionSchema);
+}
+function getAttributionExtension(extensions) {
+  return getExtension(extensions, ATTRIBUTION_EXTENSION_KEY, AttributionExtensionSchema);
+}
+function getPurposeExtension(extensions) {
+  return getExtension(extensions, PURPOSE_EXTENSION_KEY, PurposeExtensionSchema);
+}
+
+// src/wire-02-extensions/schema-map.ts
+var EXTENSION_SCHEMA_MAP = /* @__PURE__ */ new Map();
+EXTENSION_SCHEMA_MAP.set(COMMERCE_EXTENSION_KEY, CommerceExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(ACCESS_EXTENSION_KEY, AccessExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(CHALLENGE_EXTENSION_KEY, ChallengeExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(IDENTITY_EXTENSION_KEY, IdentityExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(CORRELATION_EXTENSION_KEY, CorrelationExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(CONSENT_EXTENSION_KEY, ConsentExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(PRIVACY_EXTENSION_KEY, PrivacyExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(SAFETY_EXTENSION_KEY, SafetyExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(COMPLIANCE_EXTENSION_KEY, ComplianceExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(PROVENANCE_EXTENSION_KEY, ProvenanceExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(ATTRIBUTION_EXTENSION_KEY, AttributionExtensionSchema);
+EXTENSION_SCHEMA_MAP.set(PURPOSE_EXTENSION_KEY, PurposeExtensionSchema);
+
+// src/wire-02-extensions/validation.ts
+var textEncoder = new TextEncoder();
+function jsonUtf8ByteLength(value) {
+  try {
+    return textEncoder.encode(JSON.stringify(value)).byteLength;
+  } catch {
+    return Infinity;
+  }
+}
+var MAX_JSON_GUARD_DEPTH = 64;
+function isPlainJsonValueRecursive(value, depth, seen) {
+  if (depth > MAX_JSON_GUARD_DEPTH) return false;
+  if (value === null) return true;
+  const t = typeof value;
+  if (t === "string" || t === "boolean") return true;
+  if (t === "number") return Number.isFinite(value);
+  if (t === "function" || t === "symbol" || t === "bigint" || t === "undefined") return false;
+  if (t !== "object") return false;
+  const obj = value;
+  if (seen.has(obj)) return false;
+  seen.add(obj);
+  if (Array.isArray(obj)) {
+    for (let i = 0; i < obj.length; i++) {
+      if (!isPlainJsonValueRecursive(obj[i], depth + 1, seen)) return false;
+    }
+    return true;
+  }
+  const proto = Object.getPrototypeOf(obj);
+  if (proto !== Object.prototype && proto !== null) return false;
+  if (typeof obj.toJSON === "function") return false;
+  const keys = Object.keys(obj);
+  for (const key of keys) {
+    if (!isPlainJsonValueRecursive(obj[key], depth + 1, seen)) {
+      return false;
+    }
+  }
+  return true;
+}
+function isPlainJsonValue(value) {
+  return isPlainJsonValueRecursive(value, 0, /* @__PURE__ */ new WeakSet());
+}
 function validateKnownExtensions(extensions, ctx) {
   if (extensions === void 0) return;
-  for (const key of Object.keys(extensions)) {
+  const keys = Object.keys(extensions);
+  for (const key of keys) {
     if (!isValidExtensionKey(key)) {
       ctx.addIssue({
         code: "custom",
@@ -3285,6 +3909,14 @@ function validateKnownExtensions(extensions, ctx) {
       });
       continue;
     }
+    if (!isPlainJsonValue(extensions[key])) {
+      ctx.addIssue({
+        code: "custom",
+        message: ERROR_CODES$1.E_EXTENSION_NON_JSON_VALUE,
+        path: ["extensions", key]
+      });
+      continue;
+    }
     const schema = EXTENSION_SCHEMA_MAP.get(key);
     if (schema !== void 0) {
       const result = schema.safeParse(extensions[key]);
@@ -3299,6 +3931,25 @@ function validateKnownExtensions(extensions, ctx) {
       }
     }
   }
+  const totalBytes = jsonUtf8ByteLength(extensions);
+  if (totalBytes > EXTENSION_BUDGET.maxTotalBytes) {
+    ctx.addIssue({
+      code: "custom",
+      message: ERROR_CODES$1.E_EXTENSION_SIZE_EXCEEDED,
+      path: ["extensions"]
+    });
+    return;
+  }
+  for (const key of keys) {
+    const groupBytes = jsonUtf8ByteLength(extensions[key]);
+    if (groupBytes > EXTENSION_BUDGET.maxGroupBytes) {
+      ctx.addIssue({
+        code: "custom",
+        message: ERROR_CODES$1.E_EXTENSION_SIZE_EXCEEDED,
+        path: ["extensions", key]
+      });
+    }
+  }
 }
 
 // src/wire-02-envelope.ts
@@ -3376,7 +4027,7 @@ var PolicyBlockSchema = z.object({
   /**
    * HTTPS locator hint for the policy document.
    * MUST be an https:// URL (max 2048 chars).
-   * MUST NOT trigger auto-fetch; callers use this as a hint only (DD-55).
+   * MUST NOT trigger auto-fetch; callers use this as a hint only.
    */
   uri: z.string().max(POLICY_BLOCK.uriMaxLength).url().refine((u) => u.startsWith("https://"), "policy.uri must be an https:// URL").optional(),
   /** Caller-assigned version label (max 256 chars) */
@@ -3401,9 +4052,9 @@ var Wire02ClaimsSchema = z.object({
   pillars: PillarsSchema.optional(),
   /** Top-level actor binding (sole location for ActorBinding in Wire 0.2) */
   actor: ActorBindingSchema.optional(),
-  /** Policy binding block (DD-151) */
+  /** Policy binding block */
   policy: PolicyBlockSchema.optional(),
-  /** Representation fields (DD-152): FingerprintRef validation, sha256-only, strict */
+  /** Representation fields: FingerprintRef validation, sha256-only, strict */
   representation: Wire02RepresentationFieldsSchema.optional(),
   /** ISO 8601 / RFC 3339 timestamp when the interaction occurred; evidence kind only */
   occurred_at: z.string().datetime({ offset: true }).optional(),
@@ -3538,6 +4189,8 @@ var WARNING_TYPE_UNREGISTERED = "type_unregistered";
 var WARNING_UNKNOWN_EXTENSION = "unknown_extension_preserved";
 var WARNING_OCCURRED_AT_SKEW = "occurred_at_skew";
 var WARNING_TYP_MISSING = "typ_missing";
+var WARNING_EXTENSION_GROUP_MISSING = "extension_group_missing";
+var WARNING_EXTENSION_GROUP_MISMATCH = "extension_group_mismatch";
 function sortWarnings(warnings) {
   return [...warnings].sort((a, b) => {
     const aHasPtr = a.pointer !== void 0;
@@ -3551,27 +4204,12 @@ function sortWarnings(warnings) {
     return a.code.localeCompare(b.code);
   });
 }
-
-// src/wire-02-registries.ts
-var REGISTERED_RECEIPT_TYPES = /* @__PURE__ */ new Set([
-  "org.peacprotocol/payment",
-  "org.peacprotocol/access-decision",
-  "org.peacprotocol/identity-attestation",
-  "org.peacprotocol/consent-record",
-  "org.peacprotocol/compliance-check",
-  "org.peacprotocol/privacy-signal",
-  "org.peacprotocol/safety-review",
-  "org.peacprotocol/provenance-record",
-  "org.peacprotocol/attribution-event",
-  "org.peacprotocol/purpose-declaration"
-]);
-var REGISTERED_EXTENSION_GROUP_KEYS = /* @__PURE__ */ new Set([
-  "org.peacprotocol/commerce",
-  "org.peacprotocol/access",
-  "org.peacprotocol/challenge",
-  "org.peacprotocol/identity",
-  "org.peacprotocol/correlation"
-]);
+var REGISTERED_RECEIPT_TYPES = new Set(
+  RECEIPT_TYPES.map((entry) => entry.id)
+);
+var REGISTERED_EXTENSION_GROUP_KEYS = new Set(
+  EXTENSION_GROUPS.map((entry) => entry.id)
+);
 
 // src/policy-binding.ts
 function verifyPolicyBinding(receiptDigest, localDigest) {
@@ -3603,6 +4241,6 @@ function findRevokedKey(revokedKeys, kid) {
   return revokedKeys.find((entry) => entry.kid === kid) ?? null;
 }
 
-export { ACCESS_EXTENSION_KEY, ACTOR_BINDING_EXTENSION_KEY, AGENT_IDENTITY_TYPE, AIPREFSnapshot as AIPREFSnapshotSchema, ATTESTATION_LIMITS, ATTESTATION_RECEIPT_TYPE, ATTRIBUTION_LIMITS, ATTRIBUTION_TYPE, ATTRIBUTION_USAGES, AccessExtensionSchema, ActorBindingSchema, AgentIdentityAttestationSchema, AgentIdentityEvidenceSchema, AgentIdentityVerifiedSchema, AgentProofSchema, AttestationExtensionsSchema, AttestationReceiptClaimsSchema, AttestationSchema, AttributionAttestationSchema, AttributionEvidenceSchema, AttributionSourceSchema, AttributionUsageSchema, BindingDetailsSchema, CANONICAL_DIGEST_ALGS, CANONICAL_PURPOSES, CARRIER_TRANSPORT_LIMITS, CHALLENGE_EXTENSION_KEY, CHALLENGE_TYPES, COMMERCE_EXTENSION_KEY, COMMITMENT_CLASSES, CONTRIBUTION_TYPES, CONTROL_ACTIONS, CONTROL_ACTION_EXTENSION_KEY, CONTROL_TRIGGERS, CONTROL_TYPES, CORRELATION_EXTENSION_KEY, CREDENTIAL_EVENTS, CREDENTIAL_EVENT_EXTENSION_KEY, CREDIT_METHODS, CanonicalIssSchema, CanonicalPurposeSchema, CarrierFormatSchema, CarrierMetaSchema, ChallengeExtensionSchema, ChallengeTypeSchema, CommerceExtensionSchema, CommitmentClassSchema, CompactJwsSchema, ContactMethodSchema, ContentHashSchema, ContributionObligationSchema, ContributionTypeSchema, ControlActionSchema, ControlActionTypeSchema, ControlBlockSchema, ControlDecisionSchema, ControlLicensingModeSchema, ControlPurposeSchema, ControlStepSchema, ControlTriggerSchema, ControlTypeSchema, CorrelationExtensionSchema, CredentialEventSchema, CredentialEventTypeSchema, CredentialRefSchema, CreditMethodSchema, CreditObligationSchema, DERIVATION_TYPES, DIGEST_SIZE_CONSTANTS, DIGEST_VALUE_PATTERN, DISPUTE_GROUNDS_CODES, DISPUTE_LIMITS, DISPUTE_OUTCOMES, DISPUTE_STATES, DISPUTE_TARGET_TYPES, DISPUTE_TRANSITIONS, DISPUTE_TYPE, DISPUTE_TYPES, DerivationTypeSchema, DigestAlgSchema, DigestSchema, DisputeAttestationSchema, DisputeContactSchema, DisputeEvidenceSchema, DisputeGroundsCodeSchema, DisputeGroundsSchema, DisputeIdSchema, DisputeOutcomeSchema, DisputeResolutionSchema, DisputeStateSchema, DisputeTargetTypeSchema, DisputeTypeSchema, DocumentRefSchema, ERROR_CATEGORIES_CANONICAL, ERROR_CODES, EXTENSION_KEY_PATTERN, EXTENSION_LIMITS, EvidencePillarSchema, ExecutorSchema, Extensions, ExtensionsSchema, HashAlgorithmSchema, HashEncodingSchema, IDENTITY_EXTENSION_KEY, INTERACTION_EXTENSION_KEY, INTERACTION_LIMITS, INTERNAL_PURPOSE_UNDECLARED, IdentityBindingSchema, IdentityExtensionSchema, InteractionEvidenceV01Schema, JSON_EVIDENCE_LIMITS, JWSHeader, JsonArraySchema, JsonObjectSchema, JsonPrimitiveSchema, JsonValueSchema, KERNEL_CONSTRAINTS, KIND_FORMAT_PATTERN, KindSchema, MAX_PURPOSE_TOKENS_PER_REQUEST, MAX_PURPOSE_TOKEN_LENGTH, MIDDLEWARE_INTERACTION_KEY, MVISFieldsSchema, MVISReplayProtectionSchema, MVISTimeBoundsSchema, MinimalInteractionBindingSchema, NormalizedPayment, OBLIGATIONS_EXTENSION_KEY, ORCHESTRATION_FRAMEWORKS, ObligationsExtensionSchema, OrchestrationFrameworkSchema, PEAC_ALG, PEAC_DISCOVERY_MAX_BYTES, PEAC_DISCOVERY_PATH, PEAC_ISSUER_CONFIG_MAX_BYTES, PEAC_ISSUER_CONFIG_PATH, PEAC_ISSUER_CONFIG_VERSION, PEAC_POLICY_FALLBACK_PATH, PEAC_POLICY_MAX_BYTES, PEAC_POLICY_PATH, PEAC_PURPOSE_APPLIED_HEADER, PEAC_PURPOSE_HEADER, PEAC_PURPOSE_REASON_HEADER, PEAC_RECEIPT_HEADER, PEAC_RECEIPT_SCHEMA_URL, PEAC_WIRE_TYP, POLICY_DECISIONS, PROOF_METHODS, PROOF_TYPES, PURPOSE_REASONS, PURPOSE_TOKEN_REGEX, PayloadRefSchema, PaymentEvidenceSchema, PaymentRoutingSchema, PaymentSplitSchema, PeacEvidenceCarrierSchema, PillarsSchema, PolicyBlockSchema, PolicyContextSchema, ProblemDetailsSchema, ProofMethodSchema, ProofTypeSchema, PurposeReasonSchema, PurposeTokenSchema, REDACTION_MODES, REGISTERED_EXTENSION_GROUP_KEYS, REGISTERED_RECEIPT_TYPES, REMEDIATION_TYPES, REPRESENTATION_LIMITS, RESERVED_KIND_PREFIXES, RESULT_STATUSES, REVOCATION_REASONS, ReceiptClaims, ReceiptClaimsSchema, ReceiptRefSchema2 as ReceiptRefSchema, ReceiptTypeSchema, ReceiptUrlSchema, RefsSchema, RemediationSchema, RemediationTypeSchema, Wire02RepresentationFieldsSchema as RepresentationFieldsSchema, ResourceTargetSchema, ResultSchema, RevokedKeyEntrySchema, RevokedKeysArraySchema, STEP_ID_PATTERN, StepIdSchema, SubjectProfileSchema, SubjectProfileSnapshotSchema, Subject as SubjectSchema, SubjectTypeSchema, TERMINAL_STATES, TOOL_REGISTRY_EXTENSION_KEY, TREATY_EXTENSION_KEY, ToolRegistrySchema, ToolTargetSchema, TreatySchema, VerifyRequest as VerifyRequestSchema, WARNING_OCCURRED_AT_SKEW, WARNING_TYPE_UNREGISTERED, WARNING_TYP_MISSING, WARNING_UNKNOWN_EXTENSION, WELL_KNOWN_KINDS, WORKFLOW_EXTENSION_KEY, WORKFLOW_ID_PATTERN, WORKFLOW_LIMITS, WORKFLOW_STATUSES, WORKFLOW_SUMMARY_TYPE, Wire01JWSHeaderSchema, Wire02ClaimsSchema, Wire02KindSchema, Wire02RepresentationFieldsSchema, WorkflowContextSchema, WorkflowErrorContextSchema, WorkflowIdSchema, WorkflowStatusSchema, WorkflowSummaryAttestationSchema, WorkflowSummaryEvidenceSchema, assertJsonSafeIterative, canTransitionTo, checkOccurredAtSkew, computeReceiptRef, computeTotalWeight, createAgentIdentityAttestation, createAttestationReceiptClaims, createAttributionAttestation, createConstraintViolationError, createContributionObligation, createCreditObligation, createDisputeAttestation, createEvidenceNotJsonError, createInteractionEvidence, createObligationsExtension, createPEACError, createReceiptView, createStepId, createWorkflowContext, createWorkflowContextInvalidError, createWorkflowDagInvalidError, createWorkflowId, createWorkflowSummaryAttestation, deriveKnownPurposes, detectCycleInSources, detectWireVersion, determinePurposeReason, extractObligationsExtension, findRevokedKey, fingerprintRefToString, getAccessExtension, getChallengeExtension, getCommerceExtension, getCorrelationExtension, getIdentityExtension, getInteraction, getValidTransitions, hasInteraction, hasUnknownPurposeTokens, hasValidDagSemantics, isAgentIdentityAttestation, isAttestationExpired, isAttestationNotYetValid, isAttestationOnly, isAttestationReceiptClaims, isAttributionAttestation, isAttributionExpired, isAttributionNotYetValid, isCanonicalIss, isCanonicalPurpose, isContributionRequired, isCreditRequired, isDigestTruncated, isDisputeAttestation, isDisputeExpired, isDisputeNotYetValid, isLegacyPurpose, isMinimalInteractionBinding, isOriginOnly, isPaymentReceipt, isReservedKindPrefix, isTerminalState, isTerminalWorkflowStatus, isUndeclaredPurpose, isValidDisputeAttestation, isValidExtensionKey, isValidInteractionEvidence, isValidPurposeReason, isValidPurposeToken, isValidReceiptType, isValidWorkflowContext, isWellKnownKind, isWorkflowSummaryAttestation, mapLegacyToCanonical, normalizePurposeToken, normalizeToCanonicalOrPreserve, parsePurposeHeader, parseReceiptClaims, setInteraction, sortWarnings, stringToFingerprintRef, toCoreClaims, transitionDisputeState, validateActorBinding, validateAgentIdentityAttestation, validateAttestationReceiptClaims, validateAttributionAttestation, validateAttributionSource, validateCarrierConstraints, validateContentHash, validateContributionObligation, validateControlAction, validateCredentialEvent, validateCreditObligation, validateDisputeAttestation, validateDisputeContact, validateDisputeResolution, validateEvidence, validateIdentityBinding, validateInteraction, validateInteractionEvidence, validateInteractionOrdered, validateKernelConstraints, validateKnownExtensions, validateMVIS, validateMinimalInteractionBinding, validateObligationsExtension, validatePurposeTokens, validateRevokedKeys, validateSubjectSnapshot, validateToolRegistry, validateTreaty, validateWorkflowContext, validateWorkflowContextOrdered, validateWorkflowSummaryAttestation, verifyPolicyBinding, verifyReceiptRefConsistency };
+export { ACCESS_EXTENSION_KEY, ACTOR_BINDING_EXTENSION_KEY, AGENT_IDENTITY_TYPE, AIPREFSnapshot as AIPREFSnapshotSchema, ATTESTATION_LIMITS, ATTESTATION_RECEIPT_TYPE, ATTRIBUTION_EXTENSION_KEY, ATTRIBUTION_LIMITS, ATTRIBUTION_TYPE, ATTRIBUTION_USAGES, AccessExtensionSchema, ActorBindingSchema, AgentIdentityAttestationSchema, AgentIdentityEvidenceSchema, AgentIdentityVerifiedSchema, AgentProofSchema, AttestationExtensionsSchema, AttestationReceiptClaimsSchema, AttestationSchema, AttributionAttestationSchema, AttributionEvidenceSchema, AttributionExtensionSchema, AttributionSourceSchema, AttributionUsageSchema, BindingDetailsSchema, CANONICAL_DIGEST_ALGS, CANONICAL_PURPOSES, CARRIER_TRANSPORT_LIMITS, CHALLENGE_EXTENSION_KEY, CHALLENGE_TYPES, COMMERCE_EXTENSION_KEY, COMMITMENT_CLASSES, COMPLIANCE_EXTENSION_KEY, COMPLIANCE_STATUSES, CONSENT_EXTENSION_KEY, CONSENT_STATUSES, CONTENT_SIGNAL_SOURCES, CONTRIBUTION_TYPES, CONTROL_ACTIONS, CONTROL_ACTION_EXTENSION_KEY, CONTROL_TRIGGERS, CONTROL_TYPES, CORRELATION_EXTENSION_KEY, CREDENTIAL_EVENTS, CREDENTIAL_EVENT_EXTENSION_KEY, CREDIT_METHODS, CanonicalIssSchema, CanonicalPurposeSchema, CarrierFormatSchema, CarrierMetaSchema, ChallengeExtensionSchema, ChallengeTypeSchema, CommerceExtensionSchema, CommitmentClassSchema, CompactJwsSchema, ComplianceExtensionSchema, ComplianceStatusSchema, ConsentExtensionSchema, ConsentStatusSchema, ContactMethodSchema, ContentHashSchema, ContentSignalSourceSchema, ContributionObligationSchema, ContributionTypeSchema, ControlActionSchema, ControlActionTypeSchema, ControlBlockSchema, ControlDecisionSchema, ControlLicensingModeSchema, ControlPurposeSchema, ControlStepSchema, ControlTriggerSchema, ControlTypeSchema, CorrelationExtensionSchema, CredentialEventSchema, CredentialEventTypeSchema, CredentialRefSchema, CreditMethodSchema, CreditObligationSchema, CustodyEntrySchema, DERIVATION_TYPES, DIGEST_SIZE_CONSTANTS, DIGEST_VALUE_PATTERN, DISPUTE_GROUNDS_CODES, DISPUTE_LIMITS, DISPUTE_OUTCOMES, DISPUTE_STATES, DISPUTE_TARGET_TYPES, DISPUTE_TRANSITIONS, DISPUTE_TYPE, DISPUTE_TYPES, DerivationTypeSchema, DigestAlgSchema, DigestSchema, DisputeAttestationSchema, DisputeContactSchema, DisputeEvidenceSchema, DisputeGroundsCodeSchema, DisputeGroundsSchema, DisputeIdSchema, DisputeOutcomeSchema, DisputeResolutionSchema, DisputeStateSchema, DisputeTargetTypeSchema, DisputeTypeSchema, DocumentRefSchema, ERROR_CATEGORIES_CANONICAL, ERROR_CODES, EXTENSION_KEY_PATTERN, EXTENSION_LIMITS, EvidencePillarSchema, ExecutorSchema, Extensions, ExtensionsSchema, HashAlgorithmSchema, HashEncodingSchema, HttpsUriHintSchema, IDENTITY_EXTENSION_KEY, INTERACTION_EXTENSION_KEY, INTERACTION_LIMITS, INTERNAL_PURPOSE_UNDECLARED, IdentityBindingSchema, IdentityExtensionSchema, InteractionEvidenceV01Schema, Iso8601DateSchema, Iso8601DateStringSchema, Iso8601DurationSchema, Iso8601OffsetDateTimeSchema, JSON_EVIDENCE_LIMITS, JWSHeader, JsonArraySchema, JsonObjectSchema, JsonPrimitiveSchema, JsonValueSchema, KERNEL_CONSTRAINTS, KIND_FORMAT_PATTERN, KindSchema, MAX_PURPOSE_TOKENS_PER_REQUEST, MAX_PURPOSE_TOKEN_LENGTH, MIDDLEWARE_INTERACTION_KEY, MVISFieldsSchema, MVISReplayProtectionSchema, MVISTimeBoundsSchema, MinimalInteractionBindingSchema, NormalizedPayment, OBLIGATIONS_EXTENSION_KEY, ORCHESTRATION_FRAMEWORKS, ObligationsExtensionSchema, OrchestrationFrameworkSchema, PEAC_ALG, PEAC_DISCOVERY_MAX_BYTES, PEAC_DISCOVERY_PATH, PEAC_ISSUER_CONFIG_MAX_BYTES, PEAC_ISSUER_CONFIG_PATH, PEAC_ISSUER_CONFIG_VERSION, PEAC_POLICY_FALLBACK_PATH, PEAC_POLICY_MAX_BYTES, PEAC_POLICY_PATH, PEAC_PURPOSE_APPLIED_HEADER, PEAC_PURPOSE_HEADER, PEAC_PURPOSE_REASON_HEADER, PEAC_RECEIPT_HEADER, PEAC_RECEIPT_SCHEMA_URL, PEAC_WIRE_TYP, POLICY_DECISIONS, PRIVACY_EXTENSION_KEY, PROOF_METHODS, PROOF_TYPES, PROVENANCE_EXTENSION_KEY, PURPOSE_EXTENSION_KEY, PURPOSE_REASONS, PURPOSE_TOKEN_REGEX, PayloadRefSchema, PaymentEvidenceSchema, PaymentRoutingSchema, PaymentSplitSchema, PeacEvidenceCarrierSchema, PillarsSchema, PolicyBlockSchema, PolicyContextSchema, PrivacyExtensionSchema, ProblemDetailsSchema, ProofMethodSchema, ProofTypeSchema, ProvenanceExtensionSchema, PurposeExtensionSchema, PurposeReasonSchema, PurposeTokenSchema, RECIPIENT_SCOPES, REDACTION_MODES, REGISTERED_EXTENSION_GROUP_KEYS, REGISTERED_RECEIPT_TYPES, REMEDIATION_TYPES, REPRESENTATION_LIMITS, RESERVED_KIND_PREFIXES, RESULT_STATUSES, RETENTION_MODES, REVIEW_STATUSES, REVOCATION_REASONS, RISK_LEVELS, ReceiptClaims, ReceiptClaimsSchema, ReceiptRefSchema2 as ReceiptRefSchema, ReceiptTypeSchema, ReceiptUrlSchema, RecipientScopeSchema, RefsSchema, RemediationSchema, RemediationTypeSchema, Wire02RepresentationFieldsSchema as RepresentationFieldsSchema, ResourceTargetSchema, ResultSchema, RetentionModeSchema, ReviewStatusSchema, RevokedKeyEntrySchema, RevokedKeysArraySchema, Rfc3339DateTimeSchema, Rfc3339TimestampSchema, RiskLevelSchema, SAFETY_EXTENSION_KEY, STEP_ID_PATTERN, SafetyExtensionSchema, Sha256DigestSchema, SlsaLevelSchema, SpdxExpressionSchema, StepIdSchema, SubjectProfileSchema, SubjectProfileSnapshotSchema, Subject as SubjectSchema, SubjectTypeSchema, TERMINAL_STATES, TOOL_REGISTRY_EXTENSION_KEY, TREATY_EXTENSION_KEY, ToolRegistrySchema, ToolTargetSchema, TreatySchema, VerifyRequest as VerifyRequestSchema, WARNING_EXTENSION_GROUP_MISMATCH, WARNING_EXTENSION_GROUP_MISSING, WARNING_OCCURRED_AT_SKEW, WARNING_TYPE_UNREGISTERED, WARNING_TYP_MISSING, WARNING_UNKNOWN_EXTENSION, WELL_KNOWN_KINDS, WORKFLOW_EXTENSION_KEY, WORKFLOW_ID_PATTERN, WORKFLOW_LIMITS, WORKFLOW_STATUSES, WORKFLOW_SUMMARY_TYPE, Wire01JWSHeaderSchema, Wire02ClaimsSchema, Wire02KindSchema, Wire02RepresentationFieldsSchema, WorkflowContextSchema, WorkflowErrorContextSchema, WorkflowIdSchema, WorkflowStatusSchema, WorkflowSummaryAttestationSchema, WorkflowSummaryEvidenceSchema, assertJsonSafeIterative, canTransitionTo, checkOccurredAtSkew, computeReceiptRef, computeTotalWeight, createAgentIdentityAttestation, createAttestationReceiptClaims, createAttributionAttestation, createConstraintViolationError, createContributionObligation, createCreditObligation, createDisputeAttestation, createEvidenceNotJsonError, createInteractionEvidence, createObligationsExtension, createPEACError, createReceiptView, createStepId, createWorkflowContext, createWorkflowContextInvalidError, createWorkflowDagInvalidError, createWorkflowId, createWorkflowSummaryAttestation, deriveKnownPurposes, detectCycleInSources, detectWireVersion, determinePurposeReason, extractObligationsExtension, findRevokedKey, fingerprintRefToString, getAccessExtension, getAttributionExtension, getChallengeExtension, getCommerceExtension, getComplianceExtension, getConsentExtension, getCorrelationExtension, getIdentityExtension, getInteraction, getPrivacyExtension, getProvenanceExtension, getPurposeExtension, getSafetyExtension, getValidTransitions, hasInteraction, hasUnknownPurposeTokens, hasValidDagSemantics, isAgentIdentityAttestation, isAttestationExpired, isAttestationNotYetValid, isAttestationOnly, isAttestationReceiptClaims, isAttributionAttestation, isAttributionExpired, isAttributionNotYetValid, isCanonicalIss, isCanonicalPurpose, isContributionRequired, isCreditRequired, isDigestTruncated, isDisputeAttestation, isDisputeExpired, isDisputeNotYetValid, isLegacyPurpose, isMinimalInteractionBinding, isOriginOnly, isPaymentReceipt, isReservedKindPrefix, isTerminalState, isTerminalWorkflowStatus, isUndeclaredPurpose, isValidDisputeAttestation, isValidExtensionKey, isValidInteractionEvidence, isValidPurposeReason, isValidPurposeToken, isValidReceiptType, isValidWorkflowContext, isWellKnownKind, isWorkflowSummaryAttestation, mapLegacyToCanonical, normalizePurposeToken, normalizeToCanonicalOrPreserve, parsePurposeHeader, parseReceiptClaims, setInteraction, sortWarnings, stringToFingerprintRef, toCoreClaims, transitionDisputeState, validateActorBinding, validateAgentIdentityAttestation, validateAttestationReceiptClaims, validateAttributionAttestation, validateAttributionSource, validateCarrierConstraints, validateContentHash, validateContributionObligation, validateControlAction, validateCredentialEvent, validateCreditObligation, validateDisputeAttestation, validateDisputeContact, validateDisputeResolution, validateEvidence, validateIdentityBinding, validateInteraction, validateInteractionEvidence, validateInteractionOrdered, validateKernelConstraints, validateKnownExtensions, validateMVIS, validateMinimalInteractionBinding, validateObligationsExtension, validatePurposeTokens, validateRevokedKeys, validateSubjectSnapshot, validateToolRegistry, validateTreaty, validateWorkflowContext, validateWorkflowContextOrdered, validateWorkflowSummaryAttestation, verifyPolicyBinding, verifyReceiptRefConsistency };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map