@primust/verifier 1.0.0 → 1.0.1

package/dist/index.js

@@ -1,13 +1,1181 @@
-export { verify } from './verifier';
-export { generateVerifyHtml } from './verify-html-template';
-export { seedKeyCache } from './key-cache';
-export { REASONS, buildMerkleRoot, canonicalJson, canonicalJsonString, canonicalNumber, verifyBoundedTrace, } from './bounded-trace';
-export { SCOPED_REASONS, verifyScopedCertificates, } from './scoped';
-// Cross-org upstream-VPEC resolver (Follow-7)
-// UpstreamRootResolver type is canonical from ./types (Follow-6); we
-// only re-export the resolver factory + its options here.
-export { createUpstreamRootResolver, closeResolver, } from './upstream_resolver';
-// v29 Layer 1 — ProofCheck envelope + manifest + runtime-binding
-// conformance. Mirror of packages/verifier-py/.../v29_envelope.py.
-export { ENVELOPE_VERSION, ALLOWED_KINDS, ALLOWED_TRUST_EDGES, PROOF_TIER_HIERARCHY, canonicalJson as canonicalJsonV29, canonicalHash as canonicalHashV29, validateEnvelopeShape, reproduceAggregations, validateAggregations, reproduceTierCeiling, validateRecordsAgainstHarness, validateRuntimeBindingHash, reproduceManifestCanonicalHash, validateManifestCanonicalHash, verifyV29, } from './v29-envelope';
-//# sourceMappingURL=index.js.map
+import {
+  closeResolver,
+  createUpstreamRootResolver,
+  seedKeyCache,
+  verify
+} from "./chunk-ZADQUKKN.js";
+import {
+  ALLOWED_KINDS,
+  ALLOWED_TRUST_EDGES,
+  ENVELOPE_VERSION,
+  PROOF_TIER_HIERARCHY,
+  canonicalHash,
+  canonicalJson,
+  reproduceAggregations,
+  reproduceManifestCanonicalHash,
+  reproduceTierCeiling,
+  validateAggregations,
+  validateEnvelopeShape,
+  validateManifestCanonicalHash,
+  validateRecordsAgainstHarness,
+  validateRuntimeBindingHash,
+  verifyV29
+} from "./chunk-LTWQK3HT.js";
+
+// src/verify-html-template.ts
+function generateVerifyHtml(options) {
+  const { publicKeyB64, packData } = options;
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Primust Evidence Pack \u2014 Offline Verification</title>
+  <style>
+    * { box-sizing: border-box; margin: 0; padding: 0; }
+    body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; background: #fafafa; color: #1a1a1a; padding: 2rem; max-width: 900px; margin: 0 auto; }
+    h1 { font-size: 1.5rem; margin-bottom: 0.5rem; }
+    .subtitle { color: #666; font-size: 0.9rem; margin-bottom: 2rem; }
+    .status { padding: 1rem; border-radius: 8px; margin-bottom: 1.5rem; font-weight: 600; font-size: 1.1rem; }
+    .status.verified { background: #d4edda; color: #155724; border: 1px solid #c3e6cb; }
+    .status.failed { background: #f8d7da; color: #721c24; border: 1px solid #f5c6cb; }
+    .status.loading { background: #e2e3e5; color: #383d41; border: 1px solid #d6d8db; }
+    .summary { display: grid; grid-template-columns: repeat(4, 1fr); gap: 1rem; margin-bottom: 1.5rem; }
+    .stat { background: white; border: 1px solid #e0e0e0; border-radius: 8px; padding: 1rem; }
+    .stat-label { font-size: 0.75rem; color: #888; text-transform: uppercase; }
+    .stat-value { font-size: 1.5rem; font-weight: 700; margin-top: 0.25rem; }
+    .vpec-table { width: 100%; border-collapse: collapse; background: white; border-radius: 8px; overflow: hidden; border: 1px solid #e0e0e0; }
+    .vpec-table th, .vpec-table td { padding: 0.75rem 1rem; text-align: left; border-bottom: 1px solid #f0f0f0; font-size: 0.85rem; }
+    .vpec-table th { background: #f8f9fa; font-weight: 600; font-size: 0.75rem; text-transform: uppercase; color: #666; }
+    .badge { display: inline-block; padding: 0.2rem 0.5rem; border-radius: 4px; font-size: 0.75rem; font-weight: 600; }
+    .badge-pass { background: #d4edda; color: #155724; }
+    .badge-fail { background: #f8d7da; color: #721c24; }
+    .badge-pending { background: #fff3cd; color: #856404; }
+    .chain { margin-top: 2rem; }
+    .chain-node { border: 1px solid #e0e0e0; border-radius: 8px; padding: 1rem; margin-bottom: 0; background: white; }
+    .chain-node.current { border-color: #007bff; background: #f0f7ff; }
+    .chain-arrow { text-align: center; padding: 0.25rem 0; color: #ccc; font-size: 1.2rem; }
+    .footer { margin-top: 2rem; padding-top: 1rem; border-top: 1px solid #e0e0e0; font-size: 0.8rem; color: #888; }
+    code { font-family: 'SF Mono', Monaco, monospace; font-size: 0.8rem; background: #f4f4f4; padding: 0.1rem 0.3rem; border-radius: 3px; }
+  </style>
+</head>
+<body>
+  <h1>Primust Evidence Pack Verification</h1>
+  <div class="subtitle">Pack: ${packData.pack_id} &middot; Period: ${packData.period_start} to ${packData.period_end}</div>
+
+  <div id="status" class="status loading">Verifying...</div>
+
+  <div class="summary">
+    <div class="stat">
+      <div class="stat-label">VPECs</div>
+      <div class="stat-value">${packData.vpec_count}</div>
+    </div>
+    <div class="stat">
+      <div class="stat-label">Mathematical</div>
+      <div class="stat-value">${packData.provable_surface_summary.mathematical}</div>
+    </div>
+    <div class="stat">
+      <div class="stat-label">Execution</div>
+      <div class="stat-value">${packData.provable_surface_summary.execution}</div>
+    </div>
+    <div class="stat">
+      <div class="stat-label">Witnessed</div>
+      <div class="stat-value">${packData.provable_surface_summary.witnessed}</div>
+    </div>
+  </div>
+
+  <table class="vpec-table" id="vpec-table">
+    <thead>
+      <tr>
+        <th>Status</th>
+        <th>VPEC ID</th>
+        <th>Proof Level</th>
+        <th>Surface</th>
+        <th>Gaps</th>
+        <th>Issued</th>
+      </tr>
+    </thead>
+    <tbody id="vpec-tbody"></tbody>
+  </table>
+
+  <div class="chain" id="chain-container"></div>
+
+  <div class="footer">
+    This file verifies offline. Nothing is sent to any server.<br>
+    For CLI verification: <code>pip install primust-verify</code>
+  </div>
+
+  <script>
+    const PRIMUST_PUBLIC_KEY_B64 = "${publicKeyB64}";
+    const PACK_DATA = ${JSON.stringify(packData)};
+
+    async function importKey(b64) {
+      const raw = Uint8Array.from(atob(b64), c => c.charCodeAt(0));
+      return crypto.subtle.importKey('raw', raw, { name: 'Ed25519' }, false, ['verify']);
+    }
+
+    async function verifySignature(key, signatureHex, payloadStr) {
+      const sig = new Uint8Array(signatureHex.match(/.{2}/g).map(b => parseInt(b, 16)));
+      const data = new TextEncoder().encode(payloadStr);
+      return crypto.subtle.verify('Ed25519', key, sig, data);
+    }
+
+    async function main() {
+      const statusEl = document.getElementById('status');
+      const tbody = document.getElementById('vpec-tbody');
+      let allValid = true;
+
+      try {
+        const key = await importKey(PRIMUST_PUBLIC_KEY_B64);
+
+        for (const vpec of PACK_DATA.vpecs) {
+          let valid = false;
+          try {
+            valid = await verifySignature(key, vpec.signature, vpec.signed_payload);
+          } catch (e) {
+            valid = false;
+          }
+
+          if (!valid) allValid = false;
+
+          const row = document.createElement('tr');
+          row.innerHTML =
+            '<td><span class="badge ' + (valid ? 'badge-pass' : 'badge-fail') + '">' + (valid ? 'VERIFIED' : 'NOT VERIFIED') + '</span></td>' +
+            '<td><code>' + vpec.vpec_id + '</code></td>' +
+            '<td>' + vpec.proof_level_floor + '</td>' +
+            '<td>' + (vpec.provable_surface * 100).toFixed(0) + '%</td>' +
+            '<td>' + vpec.gap_count + '</td>' +
+            '<td>' + vpec.issued_at + '</td>';
+          tbody.appendChild(row);
+        }
+
+        // Render upstream chain if present
+        if (PACK_DATA.upstream_vpecs && PACK_DATA.upstream_vpecs.length > 0) {
+          const container = document.getElementById('chain-container');
+          container.innerHTML = '<h2 style="font-size:1.1rem;margin-bottom:1rem;">Cross-Organization Chain</h2>';
+
+          for (const uv of PACK_DATA.upstream_vpecs) {
+            let uvValid = false;
+            try {
+              uvValid = await verifySignature(key, uv.signature, uv.signed_payload);
+            } catch (e) { uvValid = false; }
+
+            const node = document.createElement('div');
+            node.className = 'chain-node';
+            node.innerHTML =
+              '<span class="badge ' + (uvValid ? 'badge-pass' : 'badge-fail') + '">' + (uvValid ? 'VERIFIED' : 'NOT VERIFIED') + '</span> ' +
+              '<strong>' + uv.org_id + '</strong> &mdash; <code>' + uv.vpec_id + '</code> (' + uv.proof_level_floor + ')';
+            container.appendChild(node);
+
+            const arrow = document.createElement('div');
+            arrow.className = 'chain-arrow';
+            arrow.textContent = '\\u25BC';
+            container.appendChild(arrow);
+          }
+
+          const currentNode = document.createElement('div');
+          currentNode.className = 'chain-node current';
+          currentNode.innerHTML = '<strong>This Pack</strong> &mdash; <code>' + PACK_DATA.pack_id + '</code>';
+          container.appendChild(currentNode);
+        }
+
+        statusEl.className = 'status ' + (allValid ? 'verified' : 'failed');
+        statusEl.textContent = allValid
+          ? '\\u2713 VERIFIED \u2014 All ' + PACK_DATA.vpecs.length + ' credentials verified'
+          : '\\u2717 NOT VERIFIED \u2014 Some credentials failed verification';
+      } catch (e) {
+        statusEl.className = 'status failed';
+        statusEl.textContent = 'Verification error: ' + e.message;
+      }
+    }
+
+    main();
+  </script>
+</body>
+</html>`;
+}
+
+// src/bounded-trace.ts
+import { createHash } from "crypto";
+function canonicalNumber(x) {
+  if (typeof x !== "number" || Number.isNaN(x) || !Number.isFinite(x)) {
+    throw new Error("canonical JSON cannot represent NaN, infinity, or non-numbers");
+  }
+  if (x === 0) return "0";
+  let s = x.toString();
+  const eIdx = s.indexOf("e");
+  if (eIdx >= 0) {
+    const mantissa = s.slice(0, eIdx);
+    const expPart = s.slice(eIdx + 1);
+    const sign = expPart.startsWith("-") ? "-" : "+";
+    const expDigits = expPart.replace(/^[+-]/, "").replace(/^0+(?=\d)/, "");
+    return `${mantissa}e${sign}${expDigits || "0"}`;
+  }
+  if (s.includes(".")) {
+    s = s.replace(/\.?0+$/, (m) => m.startsWith(".") ? "" : m);
+  }
+  if (s === "-0") s = "0";
+  return s;
+}
+function canonicalJson2(obj) {
+  const s = canonicalJsonString(obj);
+  return new TextEncoder().encode(s);
+}
+function canonicalJsonString(obj) {
+  if (obj === null) return "null";
+  if (typeof obj === "boolean") return obj ? "true" : "false";
+  if (typeof obj === "number") return canonicalNumber(obj);
+  if (typeof obj === "string") return JSON.stringify(obj);
+  if (Array.isArray(obj)) {
+    return "[" + obj.map((v) => canonicalJsonString(v)).join(",") + "]";
+  }
+  if (typeof obj === "object") {
+    const keys = Object.keys(obj).sort();
+    const parts = keys.map((k) => {
+      const v = obj[k];
+      return JSON.stringify(k) + ":" + canonicalJsonString(v);
+    });
+    return "{" + parts.join(",") + "}";
+  }
+  throw new Error(`canonical_json cannot encode value of type ${typeof obj}`);
+}
+function sha256(bytes) {
+  const h = createHash("sha256");
+  h.update(bytes);
+  return new Uint8Array(h.digest());
+}
+function leafHash(payload) {
+  const prefixed = new Uint8Array(payload.length + 1);
+  prefixed[0] = 0;
+  prefixed.set(payload, 1);
+  return sha256(prefixed);
+}
+function nodeHash(left, right) {
+  const prefixed = new Uint8Array(1 + left.length + right.length);
+  prefixed[0] = 1;
+  prefixed.set(left, 1);
+  prefixed.set(right, 1 + left.length);
+  return sha256(prefixed);
+}
+function toHex(bytes) {
+  let out = "";
+  for (const b of bytes) {
+    out += b.toString(16).padStart(2, "0");
+  }
+  return out;
+}
+function buildMerkleRoot(leaves) {
+  if (leaves.length === 0) {
+    throw new Error("cannot build Merkle root over empty leaf list");
+  }
+  let level = leaves.map((l) => leafHash(l));
+  while (level.length > 1) {
+    if (level.length % 2 === 1) {
+      level.push(level[level.length - 1]);
+    }
+    const next = [];
+    for (let i = 0; i < level.length; i += 2) {
+      next.push(nodeHash(level[i], level[i + 1]));
+    }
+    level = next;
+  }
+  return "sha256:" + toHex(level[0]);
+}
+var REASONS = [
+  "profile_not_found",
+  "profile_signature_invalid",
+  "profile_not_empirical",
+  "profile_expired",
+  "profile_revoked",
+  "profile_no_freshness_window",
+  "profile_trace_mismatch",
+  "runtime_not_supported",
+  "trace_schema_unknown",
+  "missing_merkle_root",
+  "merkle_inclusion_failed",
+  "threshold_violation",
+  "runtime_section_missing",
+  "retrieval_section_missing",
+  // v28.5 §4 — closed-API lifecycle downgrade codes. Mirrors the
+  // primust_verify (Python) 1.0.3 vocabulary so cross-verifier
+  // conformance holds. The TS verifier consults
+  // `model_profiles.lifecycle_state` (mig 123) BEFORE the legacy
+  // profile_class check; rows with non-empirical lifecycle states
+  // downgrade to `execution` with the listed reason regardless of class.
+  "closed_api_pre_cohort",
+  "closed_api_pre_promote",
+  "closed_api_v2_promoted",
+  "profile_deprecated",
+  "unknown_lifecycle_state"
+];
+var KNOWN_LIFECYCLE_STATES = /* @__PURE__ */ new Set([
+  "v1_placeholder",
+  "v2_run_complete",
+  "v2_staged",
+  "cohort_validated",
+  "v2_empirical_closed_api",
+  "deprecated"
+]);
+var LIFECYCLE_DOWNGRADE_REASON = {
+  v1_placeholder: "closed_api_pre_cohort",
+  v2_run_complete: "closed_api_pre_cohort",
+  v2_staged: "closed_api_pre_cohort",
+  cohort_validated: "closed_api_pre_promote",
+  deprecated: "profile_deprecated"
+};
+function asDate(x) {
+  if (!x) return null;
+  if (x instanceof Date) return x;
+  if (typeof x === "string") {
+    const d = new Date(x);
+    if (!isNaN(d.getTime())) return d;
+  }
+  return null;
+}
+function checkProfile(profile, now) {
+  if (!profile || Object.keys(profile).length === 0) {
+    return { ok: false, reason: "profile_not_found" };
+  }
+  const sig = String(profile.profile_signature ?? profile.signature ?? "");
+  if (sig.includes("PLACEHOLDER") || sig.includes("UNSIGNED_PENDING")) {
+    return { ok: false, reason: "profile_signature_invalid" };
+  }
+  const status = String(profile.status ?? "active").toLowerCase();
+  if (status === "revoked" || status === "suspended") {
+    return { ok: false, reason: "profile_revoked" };
+  }
+  const lifecycle = profile.lifecycle_state;
+  if (lifecycle !== null && lifecycle !== void 0) {
+    const ls = String(lifecycle).toLowerCase();
+    if (!KNOWN_LIFECYCLE_STATES.has(ls)) {
+      return { ok: false, reason: "unknown_lifecycle_state" };
+    }
+    const downgrade = LIFECYCLE_DOWNGRADE_REASON[ls];
+    if (downgrade !== void 0) {
+      return { ok: false, reason: downgrade };
+    }
+  }
+  const cls = String(profile.profile_class ?? "placeholder").toLowerCase();
+  if (cls === "revoked") return { ok: false, reason: "profile_revoked" };
+  if (cls === "synthetic" || cls === "placeholder") {
+    return { ok: false, reason: "profile_not_empirical" };
+  }
+  if (cls === "expired") return { ok: false, reason: "profile_expired" };
+  if (cls !== "empirical") return { ok: false, reason: "profile_not_empirical" };
+  const validFrom = asDate(profile.freshness_valid_from);
+  const validUntil = asDate(profile.freshness_valid_until);
+  if (!validFrom || !validUntil) {
+    return { ok: false, reason: "profile_no_freshness_window" };
+  }
+  const graceDays = Number(profile.freshness_grace_days) || 0;
+  const graceMs = graceDays * 24 * 60 * 60 * 1e3;
+  if (now.getTime() > validUntil.getTime() + graceMs) {
+    return { ok: false, reason: "profile_expired" };
+  }
+  if (now.getTime() < validFrom.getTime()) {
+    return { ok: false, reason: "profile_expired" };
+  }
+  return { ok: true, reason: "ok" };
+}
+function asDict(v) {
+  if (v && typeof v === "object" && !Array.isArray(v)) {
+    return v;
+  }
+  if (typeof v === "string") {
+    try {
+      const parsed = JSON.parse(v);
+      if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+        return parsed;
+      }
+    } catch {
+    }
+  }
+  return {};
+}
+function checkRuntime(trace, profile) {
+  const runtime = asDict(trace.runtime);
+  const kernel = runtime.kernel_profile_id;
+  const gpu = runtime.gpu_class;
+  const supportedRaw = profile.supported_runtime_classes;
+  const supported = new Set(Array.isArray(supportedRaw) ? supportedRaw : []);
+  if (supported.size > 0) {
+    if (kernel && supported.has(kernel)) return { ok: true, reason: "ok" };
+    if (gpu && supported.has(gpu)) return { ok: true, reason: "ok" };
+    return { ok: false, reason: "runtime_not_supported" };
+  }
+  const profileData = asDict(profile.profile_data);
+  const calibrated = profileData.calibrated_gpu_classes;
+  if (calibrated && typeof calibrated === "object") {
+    const keys = Array.isArray(calibrated) ? calibrated : Object.keys(calibrated);
+    if (gpu && keys.includes(gpu)) return { ok: true, reason: "ok" };
+    if (kernel && keys.includes(kernel)) return { ok: true, reason: "ok" };
+  }
+  return { ok: false, reason: "runtime_not_supported" };
+}
+function recomputeMerkleRoot(operators) {
+  const leaves = operators.map(
+    (op) => canonicalJson2({ v: "bounded_trace_v1", op })
+  );
+  return buildMerkleRoot(leaves);
+}
+function compareThresholds(trace, profile) {
+  const runtime = asDict(trace.runtime);
+  const gpu = runtime.gpu_class;
+  const profileData = asDict(profile.profile_data);
+  let opThresholds = {};
+  const calibrated = profileData.calibrated_gpu_classes;
+  if (calibrated && typeof calibrated === "object" && !Array.isArray(calibrated) && gpu && gpu in calibrated) {
+    const gpuBlock = calibrated[gpu];
+    if (gpuBlock && typeof gpuBlock === "object") {
+      const ops = gpuBlock.operators;
+      if (ops && typeof ops === "object" && !Array.isArray(ops)) {
+        opThresholds = ops;
+      }
+    }
+  }
+  if (Object.keys(opThresholds).length === 0) {
+    const legacyOps = profileData.operators;
+    if (legacyOps && typeof legacyOps === "object" && !Array.isArray(legacyOps)) {
+      opThresholds = legacyOps;
+    }
+  }
+  if (Object.keys(opThresholds).length === 0) {
+    return {
+      ok: false,
+      violations: [{ reason: "no_operator_thresholds_in_profile" }]
+    };
+  }
+  let marginFactor = 1;
+  const safetyMargin = profile.safety_margin;
+  if (typeof safetyMargin === "number" && !Number.isNaN(safetyMargin)) {
+    marginFactor = 1 + safetyMargin;
+  }
+  const absOrViolation = (raw) => {
+    if (raw === null || raw === void 0) return null;
+    if (typeof raw !== "number") return null;
+    if (Number.isNaN(raw) || !Number.isFinite(raw)) return null;
+    return Math.abs(raw);
+  };
+  const violations = [];
+  const tops = Array.isArray(trace.operators) ? trace.operators : [];
+  for (const rawOp of tops) {
+    const op = asDict(rawOp);
+    const opType = op.operator_type;
+    const thresholds = opType && typeof opType === "string" ? opThresholds[opType] : void 0;
+    if (!thresholds) {
+      violations.push({
+        operator_index: op.operator_index,
+        operator_type: opType,
+        stat: "operator_type",
+        observed: opType,
+        allowed: Object.keys(opThresholds)
+      });
+      continue;
+    }
+    const stats = asDict(op.stats);
+    const p99 = thresholds.p99;
+    const p99_99 = thresholds.p99_99;
+    const rawP99 = stats.p99_abs;
+    const rawMax = stats.max_abs;
+    const observedP99 = absOrViolation(rawP99);
+    const observedMax = absOrViolation(rawMax);
+    if (rawP99 !== null && rawP99 !== void 0 && observedP99 === null) {
+      violations.push({
+        operator_index: op.operator_index,
+        operator_type: opType,
+        stat: "p99_abs",
+        observed: rawP99,
+        allowed: "finite non-negative number"
+      });
+    } else if (observedP99 !== null && typeof p99 === "number" && observedP99 > p99 * marginFactor) {
+      violations.push({
+        operator_index: op.operator_index,
+        operator_type: opType,
+        stat: "p99_abs",
+        observed: observedP99,
+        allowed: p99 * marginFactor
+      });
+    }
+    if (rawMax !== null && rawMax !== void 0 && observedMax === null) {
+      violations.push({
+        operator_index: op.operator_index,
+        operator_type: opType,
+        stat: "max_abs",
+        observed: rawMax,
+        allowed: "finite non-negative number"
+      });
+    } else if (observedMax !== null && typeof p99_99 === "number" && observedMax > p99_99 * marginFactor) {
+      violations.push({
+        operator_index: op.operator_index,
+        operator_type: opType,
+        stat: "max_abs",
+        observed: observedMax,
+        allowed: p99_99 * marginFactor
+      });
+    }
+  }
+  return { ok: violations.length === 0, violations };
+}
+function verifyBoundedTrace(trace, profile, options = {}) {
+  const now = options.now ?? /* @__PURE__ */ new Date();
+  const schema = trace.trace_schema_version;
+  if (schema !== "bounded_trace_v1") {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: "trace_schema_unknown",
+      disclosed_operator_count: 0,
+      verified_merkle_paths: 0,
+      details: { trace_schema_version: schema }
+    };
+  }
+  const profileProfileId = profile.profile_id;
+  const traceProfileId = trace.profile_id;
+  if (profileProfileId !== void 0 && profileProfileId !== null && traceProfileId !== profileProfileId) {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: "profile_trace_mismatch",
+      disclosed_operator_count: 0,
+      verified_merkle_paths: 0,
+      details: {
+        trace_profile_id: traceProfileId,
+        profile_profile_id: profileProfileId
+      }
+    };
+  }
+  const claimedRoot = trace.merkle_root;
+  if (typeof claimedRoot !== "string" || !claimedRoot.startsWith("sha256:")) {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: "missing_merkle_root",
+      disclosed_operator_count: 0,
+      verified_merkle_paths: 0,
+      details: { merkle_root: claimedRoot }
+    };
+  }
+  const operators = Array.isArray(trace.operators) ? trace.operators : [];
+  const declaredCount = trace.operator_count;
+  if (typeof declaredCount === "number" && Number.isInteger(declaredCount) && declaredCount !== operators.length) {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: "merkle_inclusion_failed",
+      disclosed_operator_count: operators.length,
+      verified_merkle_paths: 0,
+      details: {
+        declared_operator_count: declaredCount,
+        disclosed_operator_count: operators.length,
+        error: "operator_count_mismatch_without_inclusion_proofs"
+      }
+    };
+  }
+  let recomputed;
+  try {
+    recomputed = recomputeMerkleRoot(operators);
+  } catch (exc) {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: "merkle_inclusion_failed",
+      disclosed_operator_count: operators.length,
+      verified_merkle_paths: 0,
+      details: { error: String(exc) }
+    };
+  }
+  if (recomputed !== claimedRoot) {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: "merkle_inclusion_failed",
+      disclosed_operator_count: operators.length,
+      verified_merkle_paths: 0,
+      details: { claimed: claimedRoot, recomputed }
+    };
+  }
+  const policy = checkProfile(profile, now);
+  if (!policy.ok) {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: policy.reason,
+      disclosed_operator_count: operators.length,
+      verified_merkle_paths: operators.length,
+      details: { profile_class: profile.profile_class }
+    };
+  }
+  const runtime = checkRuntime(trace, profile);
+  if (!runtime.ok) {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: runtime.reason,
+      disclosed_operator_count: operators.length,
+      verified_merkle_paths: operators.length,
+      details: { trace_runtime: trace.runtime }
+    };
+  }
+  const thresholds = compareThresholds(trace, profile);
+  if (!thresholds.ok) {
+    return {
+      valid: false,
+      proof_level: "execution",
+      reason: "threshold_violation",
+      disclosed_operator_count: operators.length,
+      verified_merkle_paths: operators.length,
+      details: { violations: thresholds.violations }
+    };
+  }
+  return {
+    valid: true,
+    proof_level: "operator_bound",
+    reason: "thresholds_verified",
+    disclosed_operator_count: operators.length,
+    verified_merkle_paths: operators.length,
+    details: {
+      profile_id: profile.profile_id,
+      profile_class: profile.profile_class
+    }
+  };
+}
+
+// src/scoped.ts
+import { createHash as createHash2 } from "crypto";
+function canonicalSha256(obj) {
+  const h = createHash2("sha256");
+  h.update(canonicalJson2(obj));
+  return "sha256:" + h.digest("hex");
+}
+var HASH_RE = /^sha256:[0-9a-f]{64}$/;
+function isCommitment(s) {
+  return typeof s === "string" && HASH_RE.test(s);
+}
+var SURFACE_SCHEMA = {
+  required: {
+    kind: { enum: ["field", "field_group", "document", "process", "workflow_step"] },
+    id: { type: "string" }
+  },
+  optional: {
+    path: { type: "string", nullable: true }
+  }
+};
+var SUPPORT_REF_SCHEMA = {
+  required: {
+    doc_id: { type: "string" },
+    span_commitment: { type: "string", pattern: "commitment" }
+  },
+  optional: {}
+};
+var SHADOW_RESULT_SCHEMA = {
+  required: {
+    shadow_id: { type: "string" },
+    result: { enum: ["certified", "not_certified", "abstain"] }
+  },
+  optional: {
+    shadow_type: {
+      enum: ["quantized", "distilled", "architecture_diverse", "base"],
+      nullable: true
+    },
+    score: { type: "number", nullable: true }
+  }
+};
+var RETRIEVAL_REF_SCHEMA = {
+  required: {
+    chunk_id: { type: "string" },
+    span_commitment: { type: "string", pattern: "commitment" }
+  },
+  optional: {}
+};
+var NAMED_SCHEMAS = {
+  _surface: SURFACE_SCHEMA,
+  _support_ref: SUPPORT_REF_SCHEMA,
+  _shadow_result: SHADOW_RESULT_SCHEMA,
+  _retrieval_ref: RETRIEVAL_REF_SCHEMA
+};
+var CERTIFICATE_LEVELS = [
+  "scoped_weak",
+  "scoped_moderate",
+  "scoped_strong",
+  "scoped_asymptotic",
+  "bounded_agreement"
+];
+var ARTIFACT_SCHEMAS = {
+  local_manifold: {
+    required: {
+      certificate_type: { literal: "local_manifold" },
+      certificate_level: { enum: CERTIFICATE_LEVELS },
+      calibration_epoch: { type: "string" },
+      localizer_id: { type: "string" },
+      manifold_id: { type: "string" },
+      neighborhood_commitment: { type: "string", pattern: "commitment" },
+      local_threshold: { type: "number", min: 0, max: 1 },
+      surface: { schema: "_surface" },
+      result: { enum: ["certified", "not_certified", "abstain"] }
+    },
+    optional: {
+      fallback_to_global: { type: "boolean" },
+      signature: { type: "string", nullable: true }
+    }
+  },
+  hierarchical_output: {
+    required: {
+      certificate_type: { literal: "hierarchical_output" },
+      hierarchy_id: { type: "string" },
+      certified_paths: {
+        type: "array",
+        items: {
+          type: "array",
+          items: { type: "array", items: { type: "string" } }
+        }
+      },
+      uncertified_paths: {
+        type: "array",
+        items: {
+          type: "array",
+          items: { type: "array", items: { type: "string" } }
+        }
+      }
+    },
+    optional: {
+      uncertified_remainder: { type: "object", nullable: true },
+      signature: { type: "string", nullable: true }
+    }
+  },
+  model_continuity: {
+    required: {
+      certificate_type: { literal: "model_continuity" },
+      service_id: { type: "string" },
+      continuity_epoch: { type: "string" },
+      envelope_id: { type: "string" },
+      continuity_state: {
+        enum: [
+          "within_envelope",
+          "outside_envelope",
+          "epoch_change",
+          "insufficient_probes"
+        ]
+      },
+      probe_suite_id: { type: "string" },
+      probe_suite_commitment: { type: "string", pattern: "commitment" },
+      probe_response_commitment: { type: "string", pattern: "commitment" }
+    },
+    optional: {
+      signature: { type: "string", nullable: true }
+    }
+  },
+  retrieval_grounding: {
+    required: {
+      certificate_type: { literal: "retrieval_grounding" },
+      surface: { schema: "_surface" },
+      support_set: { type: "array", items: { schema: "_support_ref" } },
+      grounded: { type: "boolean" }
+    },
+    optional: {
+      per_stage_fn_bounds: {
+        type: "array",
+        items: { type: "number", min: 0, max: 1 },
+        nullable: true
+      },
+      aggregation_model: { type: "string", nullable: true },
+      signature: { type: "string", nullable: true }
+    }
+  },
+  workflow_composition: {
+    required: {
+      certificate_type: { literal: "workflow_composition" },
+      workflow_id: { type: "string" },
+      step_vpec_ids: { type: "array", items: { type: "string" } },
+      hard_relevant_steps: { type: "array", items: { type: "string" } },
+      composition_rule: { literal: "weakest_link_hard" },
+      composed_result: { enum: CERTIFICATE_LEVELS }
+    },
+    optional: {
+      informational_summary: { type: "object", nullable: true },
+      signature: { type: "string", nullable: true }
+    }
+  },
+  proof_of_absence: {
+    required: {
+      certificate_type: { literal: "proof_of_absence" },
+      surface: { schema: "_surface" },
+      absence_class: {
+        enum: [
+          "no_phi",
+          "no_restricted_identifier",
+          "no_prohibited_financial_claim"
+        ]
+      },
+      result: { type: "boolean" }
+    },
+    optional: {
+      detector_family: { type: "string", nullable: true },
+      per_stage_fn_bounds: {
+        type: "array",
+        items: { type: "number", min: 0, max: 1 },
+        nullable: true
+      },
+      signature: { type: "string", nullable: true }
+    }
+  },
+  calibration_epoch: {
+    required: {
+      certificate_type: { literal: "calibration_epoch" },
+      calibration_epoch: { type: "string" },
+      drift_state: { enum: ["stable", "drifting", "break"] },
+      source_mix: { type: "object" }
+    },
+    optional: {
+      parent_epoch: { type: "string", nullable: true },
+      signature: { type: "string", nullable: true }
+    }
+  },
+  shadow_committee: {
+    required: {
+      certificate_type: { literal: "shadow_committee" },
+      committee_rule: { type: "string" },
+      shadow_results: { type: "array", items: { schema: "_shadow_result" } },
+      committee_result: { enum: ["certified", "not_certified", "abstain"] }
+    },
+    optional: {
+      disagreement: { type: "boolean" }
+    }
+  },
+  decision_context: {
+    required: {
+      certificate_type: { literal: "decision_context" },
+      primitive_type: { literal: "DCE" },
+      scope: { type: "string" },
+      capture_mode: {
+        enum: [
+          "reasoning_block",
+          "planner_output",
+          "prompt_and_output_binding",
+          "declared_context_only"
+        ]
+      },
+      rationale_commitment: { type: "string", pattern: "commitment" },
+      context_commitment: { type: "string", pattern: "commitment" },
+      source_binding: { type: "string" },
+      proof_level_achieved: { enum: ["execution", "witnessed", "attestation"] },
+      scope_disclosure: { type: "string" }
+    },
+    optional: {
+      retrieval_references: { type: "array", items: { schema: "_retrieval_ref" } },
+      tool_output_commitments: {
+        type: "array",
+        items: { type: "string", pattern: "commitment" }
+      },
+      intent_declaration_ids: { type: "array", items: { type: "string" } },
+      constraints: { type: "array", items: { type: "string" } }
+    }
+  },
+  temporal_comparison: {
+    required: {
+      certificate_type: { literal: "temporal_comparison" },
+      pack_a_id: { type: "string" },
+      pack_b_id: { type: "string" },
+      pack_a_commitment: { type: "string", pattern: "commitment" },
+      pack_b_commitment: { type: "string", pattern: "commitment" },
+      pack_a_period_start: { type: "string" },
+      pack_a_period_end: { type: "string" },
+      pack_b_period_start: { type: "string" },
+      pack_b_period_end: { type: "string" },
+      checks_added: { type: "array", items: { type: "string" } },
+      checks_removed: { type: "array", items: { type: "string" } },
+      checks_retained_count: { type: "integer" },
+      coverage_changes_count: { type: "integer" },
+      performance_changes_count: { type: "integer" },
+      redaction_consistent: { type: "boolean" },
+      diff_commitment: { type: "string", pattern: "commitment" }
+    },
+    optional: {
+      redaction_profile_a: { type: "string", nullable: true },
+      redaction_profile_b: { type: "string", nullable: true },
+      signature: { type: "string", nullable: true }
+    }
+  }
+};
+function isPlainObject(v) {
+  return typeof v === "object" && v !== null && !Array.isArray(v);
+}
+function checkValue(value, spec) {
+  if (spec.nullable && value === null) return null;
+  if ("literal" in spec && spec.literal !== void 0) {
+    if (value !== spec.literal) return `expected literal ${JSON.stringify(spec.literal)}, got ${JSON.stringify(value)}`;
+    return null;
+  }
+  if (spec.enum) {
+    if (!spec.enum.includes(value)) {
+      return `value ${JSON.stringify(value)} not in enum ${JSON.stringify(spec.enum)}`;
+    }
+    return null;
+  }
+  if (spec.schema) {
+    const sub = NAMED_SCHEMAS[spec.schema];
+    return checkObject(value, sub);
+  }
+  switch (spec.type) {
+    case "string":
+      if (typeof value !== "string") return `expected string, got ${typeof value}`;
+      if (spec.pattern === "commitment" && !isCommitment(value)) {
+        return "expected sha256:[64-hex] commitment";
+      }
+      return null;
+    case "number":
+      if (typeof value !== "number" || Number.isNaN(value)) return `expected number, got ${typeof value}`;
+      if (spec.min !== void 0 && value < spec.min) return `value ${value} below minimum ${spec.min}`;
+      if (spec.max !== void 0 && value > spec.max) return `value ${value} above maximum ${spec.max}`;
+      return null;
+    case "integer":
+      if (typeof value !== "number" || !Number.isInteger(value)) return `expected integer, got ${typeof value}`;
+      return null;
+    case "boolean":
+      if (typeof value !== "boolean") return `expected boolean, got ${typeof value}`;
+      return null;
+    case "object":
+      if (!isPlainObject(value)) return `expected object, got ${Array.isArray(value) ? "array" : typeof value}`;
+      return null;
+    case "array":
+      if (!Array.isArray(value)) return `expected array, got ${typeof value}`;
+      if (spec.items) {
+        for (let i = 0; i < value.length; i++) {
+          const err = checkValue(value[i], spec.items);
+          if (err) return `[${i}]: ${err}`;
+        }
+      }
+      return null;
+  }
+  return `unknown field spec`;
+}
+function checkObject(value, schema) {
+  if (!isPlainObject(value)) {
+    return `expected object, got ${Array.isArray(value) ? "array" : typeof value}`;
+  }
+  const known = /* @__PURE__ */ new Set([...Object.keys(schema.required), ...Object.keys(schema.optional)]);
+  const extras = Object.keys(value).filter((k) => !known.has(k));
+  if (extras.length > 0) {
+    extras.sort();
+    return `unexpected extra fields: ${JSON.stringify(extras)}`;
+  }
+  for (const [name, spec] of Object.entries(schema.required)) {
+    if (!(name in value)) return `missing required field '${name}'`;
+    const err = checkValue(value[name], spec);
+    if (err) return `${name}: ${err}`;
+  }
+  for (const [name, spec] of Object.entries(schema.optional)) {
+    if (name in value) {
+      const err = checkValue(value[name], spec);
+      if (err) return `${name}: ${err}`;
+    }
+  }
+  return null;
+}
+function checkWorkflowCompositionSubset(entry) {
+  const stepIds = entry.step_vpec_ids;
+  const hard = entry.hard_relevant_steps;
+  if (!Array.isArray(stepIds) || !Array.isArray(hard)) return null;
+  const stepSet = new Set(stepIds);
+  const extras = hard.filter((s) => !stepSet.has(s));
+  if (extras.length > 0) {
+    return `hard_relevant_steps must be a subset of step_vpec_ids; unknown step ids: ${JSON.stringify(extras)}`;
+  }
+  return null;
+}
+function checkSourceMix(value) {
+  if (!isPlainObject(value)) return "source_mix is not an object";
+  let total = 0;
+  for (const [k, v] of Object.entries(value)) {
+    if (typeof k !== "string") return "source_mix has non-string key";
+    if (typeof v !== "number" || Number.isNaN(v)) {
+      return `source_mix[${JSON.stringify(k)}] is not a number`;
+    }
+    if (!Number.isFinite(v)) {
+      return `source_mix[${JSON.stringify(k)}] is not finite`;
+    }
+    if (v < 0) {
+      return `source_mix[${JSON.stringify(k)}] is negative`;
+    }
+    total += v;
+  }
+  if (Math.abs(total - 1) > 1e-6) return `source_mix sums to ${total}, expected 1.0`;
+  return null;
+}
+var SCOPED_REASONS = [
+  "ok",
+  "missing_section",
+  "malformed_section",
+  "missing_commitment",
+  "malformed_commitment",
+  "missing_discriminator",
+  "unknown_certificate_type",
+  "schema_validation_failed",
+  "ordering_violation",
+  "commitment_mismatch"
+];
+function emptyBundleCommitment() {
+  return canonicalSha256({ scoped_certificates: [] });
+}
+function validateEntry(entry) {
+  if (!isPlainObject(entry)) {
+    return {
+      ok: false,
+      reason: "schema_validation_failed",
+      details: { detail: "entry is not an object" }
+    };
+  }
+  const ct = entry.certificate_type;
+  if (typeof ct !== "string" || ct.length === 0) {
+    return { ok: false, reason: "missing_discriminator", details: {} };
+  }
+  const schema = ARTIFACT_SCHEMAS[ct];
+  if (!schema) {
+    return {
+      ok: false,
+      reason: "unknown_certificate_type",
+      details: { certificate_type: ct }
+    };
+  }
+  const err = checkObject(entry, schema);
+  if (err) {
+    return {
+      ok: false,
+      reason: "schema_validation_failed",
+      details: { certificate_type: ct, detail: err }
+    };
+  }
+  if (ct === "calibration_epoch") {
+    const smErr = checkSourceMix(entry.source_mix);
+    if (smErr) {
+      return {
+        ok: false,
+        reason: "schema_validation_failed",
+        details: { certificate_type: ct, detail: smErr }
+      };
+    }
+  }
+  if (ct === "workflow_composition") {
+    const subErr = checkWorkflowCompositionSubset(entry);
+    if (subErr) {
+      return {
+        ok: false,
+        reason: "schema_validation_failed",
+        details: { certificate_type: ct, detail: subErr }
+      };
+    }
+  }
+  return { ok: true, certificateType: ct };
+}
+function verifyScopedCertificates(vpecLike) {
+  if (!("scoped_certificates" in vpecLike)) {
+    return { valid: false, reason: "missing_section", entry_count: 0, details: {} };
+  }
+  const entries = vpecLike.scoped_certificates;
+  if (!Array.isArray(entries)) {
+    return {
+      valid: false,
+      reason: "malformed_section",
+      entry_count: 0,
+      details: {
+        detail: "scoped_certificates is not an array",
+        got_type: typeof entries
+      }
+    };
+  }
+  if (!("scoped_certificates_commitment" in vpecLike)) {
+    return {
+      valid: false,
+      reason: "missing_commitment",
+      entry_count: entries.length,
+      details: {}
+    };
+  }
+  const declared = vpecLike.scoped_certificates_commitment;
+  if (!isCommitment(declared)) {
+    return {
+      valid: false,
+      reason: "malformed_commitment",
+      entry_count: entries.length,
+      details: { declared }
+    };
+  }
+  const orderKeys = [];
+  for (let i = 0; i < entries.length; i++) {
+    const res = validateEntry(entries[i]);
+    if (!res.ok) {
+      return {
+        valid: false,
+        reason: res.reason,
+        entry_count: entries.length,
+        details: { index: i, ...res.details }
+      };
+    }
+    const payloadHash = canonicalSha256(entries[i]);
+    orderKeys.push([res.certificateType, payloadHash]);
+  }
+  const sortedKeys = [...orderKeys].sort((a, b) => {
+    if (a[0] !== b[0]) return a[0] < b[0] ? -1 : 1;
+    if (a[1] !== b[1]) return a[1] < b[1] ? -1 : 1;
+    return 0;
+  });
+  for (let i = 0; i < orderKeys.length; i++) {
+    if (orderKeys[i][0] !== sortedKeys[i][0] || orderKeys[i][1] !== sortedKeys[i][1]) {
+      return {
+        valid: false,
+        reason: "ordering_violation",
+        entry_count: entries.length,
+        details: {
+          index: i,
+          got: orderKeys[i],
+          expected: sortedKeys[i]
+        }
+      };
+    }
+  }
+  let recomputed;
+  if (entries.length === 0) {
+    recomputed = emptyBundleCommitment();
+  } else {
+    const leaves = entries.map((e) => canonicalJson2(e));
+    recomputed = buildMerkleRoot(leaves);
+  }
+  if (recomputed !== declared) {
+    return {
+      valid: false,
+      reason: "commitment_mismatch",
+      entry_count: entries.length,
+      details: { declared, recomputed }
+    };
+  }
+  return { valid: true, reason: "ok", entry_count: entries.length, details: {} };
+}
+export {
+  ALLOWED_KINDS,
+  ALLOWED_TRUST_EDGES,
+  ENVELOPE_VERSION,
+  PROOF_TIER_HIERARCHY,
+  REASONS,
+  SCOPED_REASONS,
+  buildMerkleRoot,
+  canonicalHash as canonicalHashV29,
+  canonicalJson2 as canonicalJson,
+  canonicalJsonString,
+  canonicalJson as canonicalJsonV29,
+  canonicalNumber,
+  closeResolver,
+  createUpstreamRootResolver,
+  generateVerifyHtml,
+  reproduceAggregations,
+  reproduceManifestCanonicalHash,
+  reproduceTierCeiling,
+  seedKeyCache,
+  validateAggregations,
+  validateEnvelopeShape,
+  validateManifestCanonicalHash,
+  validateRecordsAgainstHarness,
+  validateRuntimeBindingHash,
+  verify,
+  verifyBoundedTrace,
+  verifyScopedCertificates,
+  verifyV29
+};