@private.me/xbind 1.2.15 → 1.2.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +92 -2
- package/dist-standalone/cjs/errors.js +265 -1
- package/dist-standalone/cjs/security-policy.js +55 -14
- package/dist-standalone/cli/init.js +0 -0
- package/dist-standalone/errors.d.ts +4 -0
- package/dist-standalone/errors.js +263 -0
- package/dist-standalone/security-policy.d.ts +8 -4
- package/dist-standalone/security-policy.js +55 -14
- package/package.json +14 -13
- package/share1.dat +0 -0
package/README.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# @private.me/xbind
|
|
2
2
|
|
|
3
3
|
|
|
4
|
-
|
|
5
5
|
|
|
6
6
|
|
|
7
7
|
|
|
@@ -12,7 +12,7 @@ Build AI agents that communicate securely using ML-DSA-65 DID identity, ML-KEM-7
|
|
|
12
12
|
|
|
13
13
|
Part of the **Private.Me** platform—where APIs have keys, but ACIs have identity.
|
|
14
14
|
|
|
15
|
-
**Version 1.
|
|
15
|
+
**Version 1.2.16** — **AWS/gRPC/HTTP Error Mappings:** All 49 error codes now include protocol-specific mappings (aws, grpc, http fields) for cross-platform error translation. Previous v1.2.15: JITR Fix - POST /registry/register accepts all cryptographic keys (X25519, ML-KEM-768, ML-DSA-65), fixes KEY_AGREEMENT_FAILED errors. Agent.fromSeed() JITR now registers full identity with encryption keys.
|
|
16
16
|
|
|
17
17
|
## Install
|
|
18
18
|
|
|
@@ -205,6 +205,96 @@ Zero key management, zero cascade failures, zero bearer credentials. Cryptograph
|
|
|
205
205
|
|
|
206
206
|
**Zero-config JITR:** Just-in-Time Registration auto-registers agents with trust registry on first use (AWS IoT JITR, OAuth DCR, MCP 2025 standards). Post-quantum cryptography (ML-KEM-768, ML-DSA-65), bilateral authorization, XorIDA split-channel delivery, Python SDK, Full Control IP protection, zero rotation, type safety with `Result<T, E>`, PLAN-3 hybrid signatures, 96 error codes.
|
|
207
207
|
|
|
208
|
+
## Automatic XorIDA Split-Channel Protection
|
|
209
|
+
|
|
210
|
+
xBind automatically activates information-theoretic XorIDA threshold sharing for high-risk operations. No code changes required—security is transparent.
|
|
211
|
+
|
|
212
|
+
### Risk Tags (Recommended for Crypto)
|
|
213
|
+
|
|
214
|
+
For cryptocurrency transactions (BTC, ETH, etc.), use explicit risk tags in your payload:
|
|
215
|
+
|
|
216
|
+
```typescript
|
|
217
|
+
// Low risk: 2-of-2 threshold
|
|
218
|
+
await agent.send({
|
|
219
|
+
to: recipientDid,
|
|
220
|
+
payload: { amount: 0.5, currency: 'BTC', risk: 'low' }
|
|
221
|
+
});
|
|
222
|
+
|
|
223
|
+
// Medium risk: 2-of-3 threshold
|
|
224
|
+
await agent.send({
|
|
225
|
+
to: recipientDid,
|
|
226
|
+
payload: { amount: 5.0, currency: 'ETH', risk: 'medium' }
|
|
227
|
+
});
|
|
228
|
+
|
|
229
|
+
// High risk: 3-of-5 threshold
|
|
230
|
+
await agent.send({
|
|
231
|
+
to: recipientDid,
|
|
232
|
+
payload: { amount: 50, currency: 'BTC', risk: 'high' }
|
|
233
|
+
});
|
|
234
|
+
|
|
235
|
+
// Critical risk: 3-of-5 threshold
|
|
236
|
+
await agent.send({
|
|
237
|
+
to: recipientDid,
|
|
238
|
+
payload: { amount: 100, currency: 'BTC', risk: 'critical' }
|
|
239
|
+
});
|
|
240
|
+
```
|
|
241
|
+
|
|
242
|
+
### Fiat Currency Auto-Detection
|
|
243
|
+
|
|
244
|
+
For fiat currencies (USD, EUR, GBP), xBind uses numeric thresholds:
|
|
245
|
+
|
|
246
|
+
```typescript
|
|
247
|
+
// Automatically triggers 2-of-3 (amount >= $100,000)
|
|
248
|
+
await agent.send({
|
|
249
|
+
to: recipientDid,
|
|
250
|
+
payload: { amount: 500000, currency: 'USD', action: 'transfer' }
|
|
251
|
+
});
|
|
252
|
+
|
|
253
|
+
// Automatically triggers 3-of-5 (amount >= $1,000,000)
|
|
254
|
+
await agent.send({
|
|
255
|
+
to: recipientDid,
|
|
256
|
+
payload: { amount: 2500000, currency: 'USD', action: 'transfer' }
|
|
257
|
+
});
|
|
258
|
+
```
|
|
259
|
+
|
|
260
|
+
### Manual Security Override
|
|
261
|
+
|
|
262
|
+
Override automatic detection with explicit security levels:
|
|
263
|
+
|
|
264
|
+
```typescript
|
|
265
|
+
// Force 2-of-3 regardless of amount/risk
|
|
266
|
+
await agent.send({
|
|
267
|
+
to: recipientDid,
|
|
268
|
+
payload: data,
|
|
269
|
+
security: 'high'
|
|
270
|
+
});
|
|
271
|
+
|
|
272
|
+
// Force 3-of-5 for maximum security
|
|
273
|
+
await agent.send({
|
|
274
|
+
to: recipientDid,
|
|
275
|
+
payload: data,
|
|
276
|
+
security: 'critical'
|
|
277
|
+
});
|
|
278
|
+
|
|
279
|
+
// Disable XorIDA (standard encrypted transport)
|
|
280
|
+
await agent.send({
|
|
281
|
+
to: recipientDid,
|
|
282
|
+
payload: data,
|
|
283
|
+
security: 'standard'
|
|
284
|
+
});
|
|
285
|
+
```
|
|
286
|
+
|
|
287
|
+
### Threshold Schemes
|
|
288
|
+
|
|
289
|
+
| Risk Tag / Threshold | Shares | Required | Security Level |
|
|
290
|
+
|---------------------|--------|----------|----------------|
|
|
291
|
+
| `low` | 2 | 2 | 2-of-2 threshold |
|
|
292
|
+
| `medium` / $100k-$1M | 3 | 2 | 2-of-3 threshold |
|
|
293
|
+
| `high` / `critical` / >$1M | 5 | 3 | 3-of-5 threshold |
|
|
294
|
+
| No tag / <$100k | — | — | Standard encrypted transport |
|
|
295
|
+
|
|
296
|
+
**Key Insight:** XorIDA is information-theoretically secure. Any K-1 shares reveal zero information about the secret, even with unlimited computing power. Quantum computers cannot break XorIDA.
|
|
297
|
+
|
|
208
298
|
## Billing & Metering
|
|
209
299
|
|
|
210
300
|
xBind includes usage-based billing with automated milestone notifications:
|