@private.me/xbind 1.3.0 → 2.3.4

package/dist-standalone/cjs/redis-nonce-store.js

@@ -1,76 +1 @@
-"use strict";
-/* -- RedisNonceStore -- Cross-Node Replay Prevention -- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.RedisNonceStore = void 0;
-/** Default TTL for nonce entries: 600 seconds (10 minutes). */
-const DEFAULT_TTL_SECONDS = 600;
-/** Default key prefix for Redis nonce keys. */
-const DEFAULT_KEY_PREFIX = 'nonce:';
-/**
- * Redis-backed nonce store for multi-node deployments.
- *
- * Uses Redis SET NX with TTL for atomic, distributed nonce deduplication.
- * Nonce expiry is handled by Redis TTL -- no manual cleanup needed.
- * Zero npm dependencies: users provide their own RedisClient implementation.
- *
- * @example
- * ```typescript
- * import { RedisNonceStore } from '@private.me/xbind';
- * import Redis from 'ioredis';
- *
- * const redis = new Redis();
- * const store = new RedisNonceStore({
- *   client: {
- *     setNX: (key, value, ttl) =>
- *       redis.set(key, value, 'EX', ttl, 'NX'),
- *     del: (key) => redis.del(key),
- *     quit: () => redis.quit(),
- *   },
- * });
- * ```
- */
-class RedisNonceStore {
-    client;
-    ttlSeconds;
-    keyPrefix;
-    constructor(opts) {
-        this.client = opts.client;
-        this.ttlSeconds = opts.ttlSeconds ?? DEFAULT_TTL_SECONDS;
-        this.keyPrefix = opts.keyPrefix ?? DEFAULT_KEY_PREFIX;
-    }
-    /**
-     * Check if a nonce is fresh and record it atomically via Redis SET NX.
-     *
-     * Uses Redis SET with NX (set-if-not-exists) and EX (TTL in seconds)
-     * for atomic, distributed deduplication. If the key already exists in
-     * any Redis-connected node, the nonce is rejected as a duplicate.
-     *
-     * @param nonce - The nonce string to check.
-     * @param senderDid - The DID of the sender.
-     * @returns true if the nonce is new (accepted), false if duplicate (rejected).
-     */
-    async check(nonce, senderDid) {
-        const key = `${this.keyPrefix}${senderDid}:${nonce}`;
-        const result = await this.client.setNX(key, '1', this.ttlSeconds);
-        return result === 'OK';
-    }
-    /**
-     * No-op for Redis store -- TTL-based expiry is handled automatically.
-     *
-     * This method exists to satisfy the NonceStore interface. Redis keys
-     * expire based on the TTL set during setNX, so no manual cleanup is needed.
-     */
-    cleanup() {
-        // No-op: Redis TTL handles expiry automatically
-    }
-    /**
-     * Disconnect from Redis gracefully.
-     *
-     * Calls the underlying RedisClient quit() method to close the connection.
-     * After calling dispose(), the store should not be used.
-     */
-    dispose() {
-        void this.client.quit();
-    }
-}
-exports.RedisNonceStore = RedisNonceStore;
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.RedisNonceStore=void 0;const DEFAULT_TTL_SECONDS=600,DEFAULT_KEY_PREFIX="nonce:";class RedisNonceStore{client;ttlSeconds;keyPrefix;constructor(e){this.client=e.client,this.ttlSeconds=e.ttlSeconds??600,this.keyPrefix=e.keyPrefix??"nonce:"}async check(e,t){const s=`${this.keyPrefix}${t}:${e}`;return"OK"===await this.client.setNX(s,"1",this.ttlSeconds)}cleanup(){}dispose(){this.client.quit()}}exports.RedisNonceStore=RedisNonceStore;

package/dist-standalone/cjs/registry-middleware.js

@@ -1,50 +1 @@
-"use strict";
-/**
- * Express middleware for protecting trust registry endpoints with bearer auth.
- *
- * GET/HEAD requests pass through (public reads). POST/PUT/DELETE require
- * a valid Bearer token matching the configured admin token.
- *
- * @example
- * ```ts
- * import express from 'express';
- * import { createRegistryAuthMiddleware } from '@private.me/xbind';
- *
- * const app = express();
- * app.use('/registry', createRegistryAuthMiddleware(process.env.REGISTRY_ADMIN_TOKEN!));
- * ```
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createRegistryAuthMiddleware = createRegistryAuthMiddleware;
-/**
- * Create an Express-compatible middleware that protects write operations
- * on registry endpoints with bearer token authentication.
- *
- * GET and HEAD requests pass through without authentication.
- * POST, PUT, and DELETE require `Authorization: Bearer <token>`.
- *
- * @param token - The admin token to validate against.
- * @returns Express middleware function.
- */
-function createRegistryAuthMiddleware(token) {
-    return (req, res, next) => {
-        const method = req.method.toUpperCase();
-        if (method === 'GET' || method === 'HEAD') {
-            next();
-            return;
-        }
-        const authHeader = typeof req.headers['authorization'] === 'string'
-            ? req.headers['authorization']
-            : undefined;
-        if (!authHeader || !authHeader.startsWith('Bearer ')) {
-            res.status(401).json({ error: 'UNAUTHORIZED' });
-            return;
-        }
-        const provided = authHeader.slice('Bearer '.length);
-        if (provided !== token) {
-            res.status(401).json({ error: 'UNAUTHORIZED' });
-            return;
-        }
-        next();
-    };
-}
+"use strict";function createRegistryAuthMiddleware(e){return(t,r,s)=>{const i=t.method.toUpperCase();if("GET"===i||"HEAD"===i)return void s();const o="string"==typeof t.headers.authorization?t.headers.authorization:void 0;if(!o||!o.startsWith("Bearer "))return void r.status(401).json({error:"UNAUTHORIZED"});o.slice(7)===e?s():r.status(401).json({error:"UNAUTHORIZED"})}}Object.defineProperty(exports,"__esModule",{value:!0}),exports.createRegistryAuthMiddleware=createRegistryAuthMiddleware;

package/dist-standalone/cjs/retry-strategies.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.RetryStrategy=exports.CircuitBreaker=exports.NoRetryStrategy=exports.FixedDelayStrategy=exports.LinearBackoffStrategy=exports.ExponentialBackoffStrategy=void 0,exports.executeWithRetry=executeWithRetry;const shared_1=require("../_deps/shared/index.js");class ExponentialBackoffStrategy{name="ExponentialBackoff";maxAttempts;initialDelayMs;maxDelayMs;multiplier;jitter;jitterFactor;retryableErrors;constructor(t={}){this.maxAttempts=t.maxAttempts??3,this.initialDelayMs=t.initialDelayMs??1e3,this.maxDelayMs=t.maxDelayMs??3e4,this.multiplier=t.multiplier??2,this.jitter=t.jitter??!0,this.jitterFactor=t.jitterFactor??.2,this.retryableErrors=t.retryableErrors?new Set(t.retryableErrors):new Set(["SEND_FAILED","NETWORK_ERROR","RECIPIENT_UNREACHABLE","TIMEOUT"])}shouldRetry(t){if(t.attempt>=this.maxAttempts)return{shouldRetry:!1,reason:`Maximum attempts (${this.maxAttempts}) exceeded`};if(!this.retryableErrors.has(t.error))return{shouldRetry:!1,reason:`Error type '${t.error}' is not retryable`};const e=this.initialDelayMs*Math.pow(this.multiplier,t.attempt),s=Math.min(e,this.maxDelayMs),r=this.jitter?this.applyJitter(s):s;return{shouldRetry:!0,delayMs:Math.round(r),reason:`Attempt ${t.attempt+1}/${this.maxAttempts}`}}applyJitter(t){const e=new Uint32Array(1);crypto.getRandomValues(e);return t+(2*(e[0]/4294967295)-1)*(t*this.jitterFactor)}}exports.ExponentialBackoffStrategy=ExponentialBackoffStrategy;class LinearBackoffStrategy{name="LinearBackoff";maxAttempts;delayIncrementMs;initialDelayMs;maxDelayMs;jitter;jitterFactor;retryableErrors;constructor(t={}){this.maxAttempts=t.maxAttempts??3,this.delayIncrementMs=t.delayIncrementMs??1e3,this.initialDelayMs=t.initialDelayMs??1e3,this.maxDelayMs=t.maxDelayMs??3e4,this.jitter=t.jitter??!0,this.jitterFactor=t.jitterFactor??.1,this.retryableErrors=t.retryableErrors?new Set(t.retryableErrors):new Set(["SEND_FAILED","NETWORK_ERROR","RECIPIENT_UNREACHABLE","TIMEOUT"])}shouldRetry(t){if(t.attempt>=this.maxAttempts)return{shouldRetry:!1,reason:`Maximum attempts (${this.maxAttempts}) exceeded`};if(!this.retryableErrors.has(t.error))return{shouldRetry:!1,reason:`Error type '${t.error}' is not retryable`};const e=this.initialDelayMs+t.attempt*this.delayIncrementMs,s=Math.min(e,this.maxDelayMs),r=this.jitter?this.applyJitter(s):s;return{shouldRetry:!0,delayMs:Math.round(r),reason:`Attempt ${t.attempt+1}/${this.maxAttempts}`}}applyJitter(t){const e=new Uint32Array(1);crypto.getRandomValues(e);return t+(2*(e[0]/4294967295)-1)*(t*this.jitterFactor)}}exports.LinearBackoffStrategy=LinearBackoffStrategy;class FixedDelayStrategy{name="FixedDelay";maxAttempts;delayMs;jitter;jitterFactor;retryableErrors;constructor(t={}){this.maxAttempts=t.maxAttempts??3,this.delayMs=t.delayMs??1e3,this.jitter=t.jitter??!1,this.jitterFactor=t.jitterFactor??.1,this.retryableErrors=t.retryableErrors?new Set(t.retryableErrors):new Set(["SEND_FAILED","NETWORK_ERROR","RECIPIENT_UNREACHABLE","TIMEOUT"])}shouldRetry(t){if(t.attempt>=this.maxAttempts)return{shouldRetry:!1,reason:`Maximum attempts (${this.maxAttempts}) exceeded`};if(!this.retryableErrors.has(t.error))return{shouldRetry:!1,reason:`Error type '${t.error}' is not retryable`};const e=this.jitter?this.applyJitter(this.delayMs):this.delayMs;return{shouldRetry:!0,delayMs:Math.round(e),reason:`Attempt ${t.attempt+1}/${this.maxAttempts}`}}applyJitter(t){const e=new Uint32Array(1);crypto.getRandomValues(e);return t+(2*(e[0]/4294967295)-1)*(t*this.jitterFactor)}}exports.FixedDelayStrategy=FixedDelayStrategy;class NoRetryStrategy{name="NoRetry";shouldRetry(t){return{shouldRetry:!1,reason:"No retry policy - fail immediately"}}}exports.NoRetryStrategy=NoRetryStrategy;class CircuitBreaker{state="CLOSED";consecutiveFailures=0;consecutiveSuccesses=0;openedAt;totalRequests=0;totalFailures=0;totalSuccesses=0;failureTimestamps=[];failureThreshold;resetTimeoutMs;successThreshold;windowMs;constructor(t={}){this.failureThreshold=t.failureThreshold??5,this.resetTimeoutMs=t.resetTimeoutMs??6e4,this.successThreshold=t.successThreshold??2,this.windowMs=t.windowMs??6e4}allowRequest(){const t=Date.now();return this.failureTimestamps=this.failureTimestamps.filter(e=>t-e<this.windowMs),"CLOSED"===this.state||("OPEN"!==this.state||!!(this.openedAt&&t-this.openedAt>=this.resetTimeoutMs)&&(this.state="HALF_OPEN",this.consecutiveSuccesses=0,!0))}recordSuccess(){this.totalRequests++,this.totalSuccesses++,this.consecutiveFailures=0,"HALF_OPEN"===this.state&&(this.consecutiveSuccesses++,this.consecutiveSuccesses>=this.successThreshold&&(this.state="CLOSED",this.consecutiveSuccesses=0,this.openedAt=void 0))}recordFailure(){this.totalRequests++,this.totalFailures++,this.consecutiveFailures++,this.consecutiveSuccesses=0;const t=Date.now();if(this.failureTimestamps.push(t),"CLOSED"===this.state||"HALF_OPEN"===this.state){this.failureTimestamps.filter(e=>t-e<this.windowMs).length>=this.failureThreshold&&(this.state="OPEN",this.openedAt=t)}}getStats(){return{state:this.state,consecutiveFailures:this.consecutiveFailures,consecutiveSuccesses:this.consecutiveSuccesses,openedAt:this.openedAt,totalRequests:this.totalRequests,totalFailures:this.totalFailures,totalSuccesses:this.totalSuccesses}}reset(){this.state="CLOSED",this.consecutiveFailures=0,this.consecutiveSuccesses=0,this.openedAt=void 0,this.totalRequests=0,this.totalFailures=0,this.totalSuccesses=0,this.failureTimestamps=[]}forceOpen(){this.state="OPEN",this.openedAt=Date.now()}forceClose(){this.state="CLOSED",this.consecutiveFailures=0,this.consecutiveSuccesses=0,this.openedAt=void 0}}exports.CircuitBreaker=CircuitBreaker;class RetryStrategy{static exponentialBackoff(t){return new ExponentialBackoffStrategy(t)}static linearBackoff(t){return new LinearBackoffStrategy(t)}static fixedDelay(t){return new FixedDelayStrategy(t)}static noRetry(){return new NoRetryStrategy}static aggressive(){return new ExponentialBackoffStrategy({maxAttempts:5,initialDelayMs:500,maxDelayMs:1e4,multiplier:2,jitter:!0})}static conservative(){return new LinearBackoffStrategy({maxAttempts:2,initialDelayMs:2e3,delayIncrementMs:1e3,maxDelayMs:5e3,jitter:!0})}static default(){return new ExponentialBackoffStrategy({maxAttempts:3,initialDelayMs:1e3,maxDelayMs:3e4,multiplier:2,jitter:!0})}}async function executeWithRetry(t,e,s){const r=Date.now();let a=0,i="NETWORK_ERROR";for(;;){if(s&&!s.allowRequest())return(0,shared_1.err)("SEND_FAILED");const o=await t();if(o.ok)return s?.recordSuccess(),o;i=o.error,s?.recordFailure();const l={attempt:a,error:i,startTime:r,elapsedMs:Date.now()-r},n=e.shouldRetry(l);if(!n.shouldRetry)return(0,shared_1.err)(i);n.delayMs&&n.delayMs>0&&await sleep(n.delayMs),a++}}function sleep(t){return new Promise(e=>setTimeout(e,t))}exports.RetryStrategy=RetryStrategy;

package/dist-standalone/cjs/retry-transport.js

@@ -1,102 +1 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.RetryTransportAdapter = void 0;
-/* ── Implementation ── */
-/**
- * Decorator that adds exponential backoff retry logic to any transport adapter.
- *
- * Retry delays follow exponential backoff with jitter:
- * - Formula: 2^attempt * baseDelay + jitter
- * - Jitter: Math.random() * maxJitter * 2 - maxJitter
- * - Default delays: 1s, 2s, 4s (with ±200ms jitter)
- *
- * Use case: Push notification delivery failures requiring automatic retry.
- *
- * @example
- * ```typescript
- * const transport = new RetryTransportAdapter(baseTransport, {
- *   maxRetries: 3,
- *   baseDelayMs: 1000,
- *   maxJitterMs: 200
- * });
- * ```
- */
-class RetryTransportAdapter {
-    inner;
-    maxRetries;
-    baseDelayMs;
-    maxJitterMs;
-    /**
-     * Create a new RetryTransportAdapter wrapping an existing transport.
-     *
-     * @param inner - The transport adapter to wrap with retry logic
-     * @param options - Retry configuration options
-     */
-    constructor(inner, options = {}) {
-        this.inner = inner;
-        this.maxRetries = options.maxRetries ?? 3;
-        this.baseDelayMs = options.baseDelayMs ?? 1000;
-        this.maxJitterMs = options.maxJitterMs ?? 200;
-    }
-    /**
-     * Send an envelope with exponential backoff retry logic.
-     *
-     * Retries on all error types (SEND_FAILED, NETWORK_ERROR, RECIPIENT_UNREACHABLE, TIMEOUT).
-     * Throws error after all retries are exhausted.
-     *
-     * @param envelope - The envelope to send
-     * @param recipientDid - The recipient's DID
-     * @returns Result with void on success, or TransportError on failure
-     * @throws Error if all retry attempts are exhausted
-     */
-    async send(envelope, recipientDid) {
-        let lastError;
-        for (let attempt = 0; attempt <= this.maxRetries; attempt++) {
-            const result = await this.inner.send(envelope, recipientDid);
-            // Success - return immediately
-            if (result.ok) {
-                return result;
-            }
-            // Store error for final throw
-            lastError = result.error;
-            // Don't delay after final attempt
-            if (attempt < this.maxRetries) {
-                // Exponential backoff: 2^attempt * baseDelay + jitter
-                const delay = Math.pow(2, attempt) * this.baseDelayMs;
-                // SAFETY: Using crypto.getRandomValues for OWASP-compliant secure random jitter
-                const jitterArray = new Uint32Array(1);
-                crypto.getRandomValues(jitterArray);
-                const jitter = (jitterArray[0] / 0xffffffff) * this.maxJitterMs * 2 -
-                    this.maxJitterMs;
-                await this.sleep(delay + jitter);
-            }
-        }
-        // All retries exhausted - throw error with clear message
-        throw new Error(`Failed after ${this.maxRetries} retries: ${lastError ?? 'unknown error'}`);
-    }
-    /**
-     * Register a handler for incoming envelopes.
-     * Delegates directly to the inner transport.
-     *
-     * @param handler - The envelope handler function
-     */
-    onReceive(handler) {
-        this.inner.onReceive(handler);
-    }
-    /**
-     * Shut down the transport.
-     * Delegates directly to the inner transport.
-     */
-    dispose() {
-        this.inner.dispose();
-    }
-    /**
-     * Sleep for a specified duration.
-     *
-     * @param ms - Duration in milliseconds
-     */
-    sleep(ms) {
-        return new Promise((resolve) => setTimeout(resolve, ms));
-    }
-}
-exports.RetryTransportAdapter = RetryTransportAdapter;
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.RetryTransportAdapter=void 0;class RetryTransportAdapter{inner;maxRetries;baseDelayMs;maxJitterMs;constructor(e,t={}){this.inner=e,this.maxRetries=t.maxRetries??3,this.baseDelayMs=t.baseDelayMs??1e3,this.maxJitterMs=t.maxJitterMs??200}async send(e,t){let r;for(let s=0;s<=this.maxRetries;s++){const i=await this.inner.send(e,t);if(i.ok)return i;if(r=i.error,s<this.maxRetries){const e=Math.pow(2,s)*this.baseDelayMs,t=new Uint32Array(1);crypto.getRandomValues(t);const r=t[0]/4294967295*this.maxJitterMs*2-this.maxJitterMs;await this.sleep(e+r)}}throw new Error(`Failed after ${this.maxRetries} retries: ${r??"unknown error"}`)}onReceive(e){this.inner.onReceive(e)}dispose(){this.inner.dispose()}sleep(e){return new Promise(t=>setTimeout(t,e))}}exports.RetryTransportAdapter=RetryTransportAdapter;

package/dist-standalone/cjs/runtime/browser.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.DEFAULT_SERVICE_WORKER_CONFIG=exports.MemoryStorageAdapter=exports.IndexedDBAdapter=exports.LocalStorageAdapter=void 0,exports.detectRuntime=detectRuntime,exports.isBrowser=isBrowser,exports.isNode=isNode,exports.isServiceWorker=isServiceWorker,exports.getRandomBytes=getRandomBytes,exports.generateUUID=generateUUID,exports.isWasmSupported=isWasmSupported,exports.loadWasmModule=loadWasmModule,exports.detectCapabilities=detectCapabilities,exports.installNodePolyfills=installNodePolyfills,exports.initServiceWorker=initServiceWorker;const shared_1=require("../../_deps/shared/index.js");function detectRuntime(){return"undefined"!=typeof self&&"ServiceWorkerGlobalScope"in self?"service-worker":"undefined"!=typeof self&&"WorkerGlobalScope"in self&&"importScripts"in self?"web-worker":"undefined"!=typeof window&&"undefined"!=typeof document?"browser":"undefined"!=typeof process&&process.versions&&process.versions.node?"node":"unknown"}function isBrowser(){const e=detectRuntime();return"browser"===e||"service-worker"===e||"web-worker"===e}function isNode(){return"node"===detectRuntime()}function isServiceWorker(){return"service-worker"===detectRuntime()}function getRandomBytes(e){if("undefined"==typeof crypto||!crypto.getRandomValues)throw new Error("Web Crypto API not available - secure random generation impossible");const t=new Uint8Array(e);return crypto.getRandomValues(t),t}function generateUUID(){if("undefined"!=typeof crypto&&crypto.randomUUID)return crypto.randomUUID();const e=getRandomBytes(16),t=e[6],r=e[8];void 0!==t&&(e[6]=15&t|64),void 0!==r&&(e[8]=63&r|128);const o=Array.from(e).map(e=>e.toString(16).padStart(2,"0")).join("");return[o.slice(0,8),o.slice(8,12),o.slice(12,16),o.slice(16,20),o.slice(20,32)].join("-")}class LocalStorageAdapter{prefix;constructor(e="xbind:"){if(this.prefix=e,"undefined"==typeof localStorage)throw new Error("localStorage not available in this environment")}async setItem(e,t){const r=this.prefix+e,o=JSON.stringify(t);localStorage.setItem(r,o)}async getItem(e){const t=this.prefix+e,r=localStorage.getItem(t);if(null===r)return null;try{return JSON.parse(r)}catch{return null}}async removeItem(e){const t=this.prefix+e;localStorage.removeItem(t)}async clear(){Object.keys(localStorage).filter(e=>e.startsWith(this.prefix)).forEach(e=>localStorage.removeItem(e))}}exports.LocalStorageAdapter=LocalStorageAdapter;class IndexedDBAdapter{dbName;storeName;version;db=null;constructor(e="xbind-storage",t="keyval",r=1){this.dbName=e,this.storeName=t,this.version=r}async ensureDB(){return this.db?this.db:new Promise((e,t)=>{const r=indexedDB.open(this.dbName,this.version);r.onerror=()=>t(r.error),r.onsuccess=()=>{this.db=r.result,e(r.result)},r.onupgradeneeded=e=>{const t=e.target.result;t.objectStoreNames.contains(this.storeName)||t.createObjectStore(this.storeName)}})}async setItem(e,t){const r=(await this.ensureDB()).transaction(this.storeName,"readwrite").objectStore(this.storeName);return new Promise((o,s)=>{const n=r.put(t,e);n.onerror=()=>s(n.error),n.onsuccess=()=>o()})}async getItem(e){const t=(await this.ensureDB()).transaction(this.storeName,"readonly").objectStore(this.storeName);return new Promise((r,o)=>{const s=t.get(e);s.onerror=()=>o(s.error),s.onsuccess=()=>{const e=s.result;r(void 0===e?null:e)}})}async removeItem(e){const t=(await this.ensureDB()).transaction(this.storeName,"readwrite").objectStore(this.storeName);return new Promise((r,o)=>{const s=t.delete(e);s.onerror=()=>o(s.error),s.onsuccess=()=>r()})}async clear(){const e=(await this.ensureDB()).transaction(this.storeName,"readwrite").objectStore(this.storeName);return new Promise((t,r)=>{const o=e.clear();o.onerror=()=>r(o.error),o.onsuccess=()=>t()})}close(){this.db&&(this.db.close(),this.db=null)}}exports.IndexedDBAdapter=IndexedDBAdapter;class MemoryStorageAdapter{store=new Map;async setItem(e,t){this.store.set(e,t)}async getItem(e){const t=this.store.get(e);return void 0===t?null:t}async removeItem(e){this.store.delete(e)}async clear(){this.store.clear()}}function isWasmSupported(){try{if("undefined"==typeof WebAssembly)return!1;const e=new WebAssembly.Module(new Uint8Array([0,97,115,109,1,0,0,0]));if(!(e instanceof WebAssembly.Module))return!1;return new WebAssembly.Instance(e)instanceof WebAssembly.Instance}catch{return!1}}async function loadWasmModule(e,t){if(!isWasmSupported())return(0,shared_1.err)("WASM_NOT_SUPPORTED");try{if(void 0!==WebAssembly.instantiateStreaming){const r=await fetch(e),o=await WebAssembly.instantiateStreaming(r,t);return(0,shared_1.ok)(o.instance)}const r=await fetch(e),o=await r.arrayBuffer(),s=await WebAssembly.instantiate(o,t);return(0,shared_1.ok)(s.instance)}catch(e){return console.error("WASM load failed:",e),(0,shared_1.err)("WASM_LOAD_FAILED")}}async function detectCapabilities(){const e={webCrypto:"undefined"!=typeof crypto&&!!crypto.subtle,subtleCrypto:"undefined"!=typeof crypto&&!!crypto.subtle,ed25519:!1,x25519:!1,wasm:isWasmSupported(),indexedDB:"undefined"!=typeof indexedDB,localStorage:"undefined"!=typeof localStorage,serviceWorker:"undefined"!=typeof navigator&&"serviceWorker"in navigator,webWorker:"undefined"!=typeof Worker,fetch:"undefined"!=typeof fetch,textEncoding:"undefined"!=typeof TextEncoder&&"undefined"!=typeof TextDecoder};if(e.subtleCrypto)try{await crypto.subtle.generateKey({name:"Ed25519"},!0,["sign","verify"]),e.ed25519=!0}catch{e.ed25519=!1}if(e.subtleCrypto)try{await crypto.subtle.generateKey({name:"X25519"},!0,["deriveBits"]),e.x25519=!0}catch{e.x25519=!1}return e}function installNodePolyfills(){isBrowser()&&(void 0===globalThis.process&&(globalThis.process={env:{},versions:{},nextTick:e=>Promise.resolve().then(e)}),void 0===globalThis.Buffer&&(globalThis.Buffer={from:(e,t)=>{if(e instanceof Uint8Array)return e;if("base64"===t){const t=atob(e);return new Uint8Array(t.split("").map(e=>e.charCodeAt(0)))}return(new TextEncoder).encode(e)},alloc:e=>new Uint8Array(e)}),void 0===globalThis.global&&(globalThis.global=globalThis))}function initServiceWorker(e={}){const t={...exports.DEFAULT_SERVICE_WORKER_CONFIG,...e};if(!isServiceWorker())throw new Error("initServiceWorker() must be called from service worker context");self.__xbind_sw_config=t,console.log("[xBind] Service worker initialized with config:",t)}exports.MemoryStorageAdapter=MemoryStorageAdapter,exports.DEFAULT_SERVICE_WORKER_CONFIG={wasmCacheStrategy:"cache-first",wasmCacheMaxAge:864e5,enableBackgroundSync:!0};

package/dist-standalone/cjs/runtime/edge.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.EdgeTransportAdapter=exports.KVTrustRegistry=exports.KVNonceStore=exports.DenoKVAdapter=exports.VercelKVAdapter=exports.CloudflareKVAdapter=void 0,exports.detectRuntime=detectRuntime,exports.isEdgeRuntime=isEdgeRuntime,exports.validateEdgeRuntime=validateEdgeRuntime,exports.createEdgeAgent=createEdgeAgent,exports.checkBundleSize=checkBundleSize,exports.getOptimizationTips=getOptimizationTips;const shared_1=require("../../_deps/shared/index.js");function detectRuntime(){const e=globalThis;return void 0!==e.caches&&"string"==typeof e.EdgeRuntime?"cloudflare":"string"==typeof e.EdgeRuntime&&"undefined"!=typeof process&&"1"===process.env?.VERCEL?"vercel":void 0!==e.Deno?"deno":"undefined"!=typeof process&&"string"==typeof process.versions?.node?"node":"unknown"}function isEdgeRuntime(){const e=detectRuntime();return"cloudflare"===e||"vercel"===e||"deno"===e}function validateEdgeRuntime(){if(void 0===globalThis.crypto)return(0,shared_1.err)("Missing globalThis.crypto");if(void 0===globalThis.crypto.subtle)return(0,shared_1.err)("Missing crypto.subtle");if("function"!=typeof globalThis.crypto.getRandomValues)return(0,shared_1.err)("Missing crypto.getRandomValues");const e=["generateKey","sign","verify","encrypt","decrypt","deriveBits","importKey","exportKey"];for(const t of e)if("function"!=typeof globalThis.crypto.subtle[t])return(0,shared_1.err)(`Missing crypto.subtle.${t}`);return void 0===globalThis.TextEncoder?(0,shared_1.err)("Missing TextEncoder"):void 0===globalThis.TextDecoder?(0,shared_1.err)("Missing TextDecoder"):"function"!=typeof globalThis.fetch?(0,shared_1.err)("Missing fetch API"):(0,shared_1.ok)(void 0)}class CloudflareKVAdapter{namespace;constructor(e){this.namespace=e}async get(e){return await this.namespace.get(e)}async put(e,t,r){const s=r?{expirationTtl:r}:void 0;await this.namespace.put(e,t,s)}async delete(e){await this.namespace.delete(e)}async list(e,t){return(await this.namespace.list({prefix:e,limit:t})).keys.map(e=>e.name)}}exports.CloudflareKVAdapter=CloudflareKVAdapter;class VercelKVAdapter{client;constructor(e){this.client=e}async get(e){return await this.client.get(e)}async put(e,t,r){const s=r?{ex:r}:void 0;await this.client.set(e,t,s)}async delete(e){await this.client.del(e)}async list(e,t){const r=e?`${e}*`:"*",s=await this.client.keys(r);return t?s.slice(0,t):s}}exports.VercelKVAdapter=VercelKVAdapter;class DenoKVAdapter{kv;constructor(e){this.kv=e}async get(e){return(await this.kv.get([e])).value}async put(e,t,r){const s=r?{expireIn:1e3*r}:void 0;await this.kv.set([e],t,s)}async delete(e){await this.kv.delete([e])}async list(e,t){const r={prefix:e?[e]:[]},s=[];for await(const e of this.kv.list(r))if(s.push(e.key.join("/")),t&&s.length>=t)break;return s}}exports.DenoKVAdapter=DenoKVAdapter;class KVNonceStore{kv;ttlSeconds;constructor(e,t=6e5){this.kv=e,this.ttlSeconds=Math.floor(t/1e3)}buildKey(e,t,r){const s=`xbind:nonce:${t}:${e}`;if(!r)return s;return`${s}:${r.shareGroupId??""}:${void 0!==r.shareIndex?String(r.shareIndex):""}`}async check(e,t,r){const s=this.buildKey(e,t,r);return null===await this.kv.get(s)&&(await this.kv.put(s,Date.now().toString(),this.ttlSeconds),!0)}cleanup(){}dispose(){}}exports.KVNonceStore=KVNonceStore;class KVTrustRegistry{kv;constructor(e){this.kv=e}buildKey(e){return`xbind:trust:${e}`}async register(e,t,r,s,i,n,o,a,c,d,l,u,p){const h=this.buildKey(e),y=e=>btoa(String.fromCharCode(...Array.from(e))),g={did:e,publicKey:y(t),name:r,scopes:s??[],x25519PublicKey:i?y(i):void 0,mlKemPublicKey:n?y(n):void 0,mlDsaPublicKey:o?y(o):void 0,xchange:a??!1,receiveScopes:c??[],sdkVersion:d,minEnvelopeVersion:l,maxEnvelopeVersion:u,registeredAt:Date.now(),rotation_sequence:0};try{const e=p?Math.floor(p/1e3):void 0;return await this.kv.put(h,JSON.stringify(g),e),(0,shared_1.ok)(void 0)}catch(e){return(0,shared_1.err)("NETWORK_ERROR")}}async resolve(e){const t=this.buildKey(e);try{const e=await this.kv.get(t);if(null===e)return(0,shared_1.err)("NOT_FOUND");const r=JSON.parse(e),s=e=>Uint8Array.from(atob(e),e=>e.charCodeAt(0));return(0,shared_1.ok)(s(r.publicKey))}catch(e){return(0,shared_1.err)("NETWORK_ERROR")}}async hasScope(e,t){const r=this.buildKey(e);try{const e=await this.kv.get(r);if(null===e)return!1;const s=JSON.parse(e);return s.scopes?.includes(t)??!1}catch{return!1}}async hasReceiveScope(e,t){const r=this.buildKey(e);try{const e=await this.kv.get(r);if(null===e)return!1;const s=JSON.parse(e);return s.receiveScopes?.includes(t)??!1}catch{return!1}}async revoke(e){const t=this.buildKey(e);try{return await this.kv.delete(t),(0,shared_1.ok)(void 0)}catch(e){return(0,shared_1.err)("NETWORK_ERROR")}}async list(){try{return(await this.kv.list("xbind:trust:",1e3)).map(e=>e.replace("xbind:trust:",""))}catch{return[]}}async getEntry(e){const t=this.buildKey(e);try{const e=await this.kv.get(t);if(null===e)return(0,shared_1.err)("NOT_FOUND");const r=JSON.parse(e),s=e=>Uint8Array.from(atob(e),e=>e.charCodeAt(0)),i={did:r.did,publicKey:s(r.publicKey),name:r.name,scopes:new Set(r.scopes),receiveScopes:r.receiveScopes?new Set(r.receiveScopes):void 0,revoked:!1,x25519PublicKey:r.x25519PublicKey?s(r.x25519PublicKey):void 0,mlKemPublicKey:r.mlKemPublicKey?s(r.mlKemPublicKey):void 0,mlDsaPublicKey:r.mlDsaPublicKey?s(r.mlDsaPublicKey):void 0,xchange:r.xchange,rotation_sequence:r.rotation_sequence,sdkVersion:r.sdkVersion,minEnvelopeVersion:r.minEnvelopeVersion,maxEnvelopeVersion:r.maxEnvelopeVersion};return(0,shared_1.ok)(i)}catch(e){return(0,shared_1.err)("NETWORK_ERROR")}}async getFullEntry(e){const t=this.buildKey(e);try{const e=await this.kv.get(t);if(null===e)return(0,shared_1.err)("NOT_FOUND");const r=JSON.parse(e);return(0,shared_1.ok)(r)}catch(e){return(0,shared_1.err)("NETWORK_ERROR")}}dispose(){}}exports.KVTrustRegistry=KVTrustRegistry;class EdgeTransportAdapter{baseUrl;timeoutMs;handlers=[];constructor(e){this.baseUrl=e.baseUrl.replace(/\/$/,""),this.timeoutMs=e.timeoutMs??1e4}async send(e,t){const r=`${this.baseUrl}/deliver/${encodeURIComponent(t)}`;try{const t=new AbortController,s=setTimeout(()=>t.abort(),this.timeoutMs),i=await globalThis.fetch(r,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(e),signal:t.signal});return clearTimeout(s),i.ok?(0,shared_1.ok)(void 0):(0,shared_1.err)(404===i.status?"RECIPIENT_UNREACHABLE":"SEND_FAILED")}catch(e){return e instanceof DOMException&&"AbortError"===e.name?(0,shared_1.err)("TIMEOUT"):(0,shared_1.err)("NETWORK_ERROR")}}onReceive(e){this.handlers.push(e)}dispatch(e){for(const t of this.handlers)t(e)}dispose(){this.handlers=[]}}function createEdgeAgent(e){return{nonceStore:new KVNonceStore(e.kv,e.nonceTtlMs),trustRegistry:new KVTrustRegistry(e.kv),transport:new EdgeTransportAdapter({baseUrl:e.baseUrl,timeoutMs:e.timeoutMs})}}function checkBundleSize(e){const t=1048576;if(e>t){const t=(e/1024/1024).toFixed(2),r=1..toFixed(2);return(0,shared_1.err)(`Bundle size ${t}MB exceeds edge runtime limit of ${r}MB. Consider using tree-shaking or dynamic imports.`)}return(0,shared_1.ok)(void 0)}function getOptimizationTips(){return["1. Use tree-shaking: Import only required functions","2. Enable minification in bundler config","3. Use dynamic imports for large dependencies (mlkem, mldsa)","4. Exclude Node.js polyfills (crypto, fs, process)","5. Use Brotli compression for Cloudflare Workers","6. Consider splitting post-quantum crypto into separate bundle","7. Use KV storage instead of in-memory caches"]}exports.EdgeTransportAdapter=EdgeTransportAdapter;

package/dist-standalone/cjs/runtime/react-native.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.BufferPolyfill=exports.AsyncStorageAdapter=void 0,exports.detectCrypto=detectCrypto,exports.getRandomBytes=getRandomBytes,exports.sha256=sha256,exports.isReactNative=isReactNative,exports.detectPlatform=detectPlatform,exports.initializeReactNative=initializeReactNative;const shared_1=require("../../_deps/shared/index.js");class AsyncStorageAdapter{storage;prefix;debug;constructor(t){this.storage=t.storage,this.prefix=t.storagePrefix||"@xbind:",this.debug=t.debug||!1}async get(t){try{const e=this.prefix+t,r=await this.storage.getItem(e);return this.debug&&console.log(`[AsyncStorage] GET ${e}:`,r?"found":"not found"),(0,shared_1.ok)(r)}catch(t){return(0,shared_1.err)(new Error(`AsyncStorage get failed: ${t}`))}}async set(t,e){try{const r=this.prefix+t;return await this.storage.setItem(r,e),this.debug&&console.log(`[AsyncStorage] SET ${r}:`,e.length,"bytes"),(0,shared_1.ok)(void 0)}catch(t){return(0,shared_1.err)(new Error(`AsyncStorage set failed: ${t}`))}}async remove(t){try{const e=this.prefix+t;return await this.storage.removeItem(e),this.debug&&console.log(`[AsyncStorage] REMOVE ${e}`),(0,shared_1.ok)(void 0)}catch(t){return(0,shared_1.err)(new Error(`AsyncStorage remove failed: ${t}`))}}async keys(){try{const t=(await this.storage.getAllKeys()).filter(t=>t.startsWith(this.prefix)).map(t=>t.substring(this.prefix.length));return this.debug&&console.log("[AsyncStorage] KEYS:",t.length,"items"),(0,shared_1.ok)(t)}catch(t){return(0,shared_1.err)(new Error(`AsyncStorage keys failed: ${t}`))}}async multiGet(t){try{const e=t.map(t=>this.prefix+t),r=(await this.storage.multiGet(e)).map(([t,e])=>[t.substring(this.prefix.length),e]);return this.debug&&console.log("[AsyncStorage] MULTI_GET:",t.length,"keys"),(0,shared_1.ok)(r)}catch(t){return(0,shared_1.err)(new Error(`AsyncStorage multiGet failed: ${t}`))}}async multiSet(t){try{const e=t.map(([t,e])=>[this.prefix+t,e]);return await this.storage.multiSet(e),this.debug&&console.log("[AsyncStorage] MULTI_SET:",t.length,"pairs"),(0,shared_1.ok)(void 0)}catch(t){return(0,shared_1.err)(new Error(`AsyncStorage multiSet failed: ${t}`))}}async clear(){try{const t=await this.keys();if(!t.ok)return(0,shared_1.err)(t.error);const e=t.value.map(t=>this.prefix+t);return e.length>0&&await this.storage.multiRemove(e),this.debug&&console.log("[AsyncStorage] CLEAR:",e.length,"items removed"),(0,shared_1.ok)(void 0)}catch(t){return(0,shared_1.err)(new Error(`AsyncStorage clear failed: ${t}`))}}}function detectCrypto(){if("undefined"!=typeof global&&global.crypto)return global.crypto;try{return require("react-native-quick-crypto")}catch{}try{const t=require("expo-crypto");return{getRandomValues:e=>{const r=t.getRandomBytes(e.length);e.set(r)}}}catch{}return null}function getRandomBytes(t,e){const r=e||detectCrypto();if(!r)throw new Error("No crypto implementation available. Install react-native-quick-crypto or expo-crypto.");const o=new Uint8Array(t);return r.getRandomValues(o),o}async function sha256(t,e){const r=e||detectCrypto();if(!r?.subtle)throw new Error("No SubtleCrypto implementation available. Install react-native-quick-crypto.");const o=new Uint8Array(t).buffer,a=await r.subtle.digest("SHA-256",o);return new Uint8Array(a)}exports.AsyncStorageAdapter=AsyncStorageAdapter;class BufferPolyfill{static isBuffer(t){return t instanceof Uint8Array}static from(t,e){if("string"==typeof t){if("base64"===e)return this.fromBase64(t);if("hex"===e)return this.fromHex(t);return(new TextEncoder).encode(t)}return Array.isArray(t),new Uint8Array(t)}static toString(t,e){if("base64"===e)return this.toBase64(t);if("hex"===e)return this.toHex(t);return(new TextDecoder).decode(t)}static concat(t){const e=t.reduce((t,e)=>t+e.length,0),r=new Uint8Array(e);let o=0;for(const e of t)r.set(e,o),o+=e.length;return r}static alloc(t,e){const r=new Uint8Array(t);return void 0!==e&&r.fill(e),r}static fromBase64(t){const e=atob(t),r=new Uint8Array(e.length);for(let t=0;t<e.length;t++)r[t]=e.charCodeAt(t);return r}static toBase64(t){let e="";for(let r=0;r<t.length;r++){const o=t[r];void 0!==o&&(e+=String.fromCharCode(o))}return btoa(e)}static fromHex(t){const e=new Uint8Array(t.length/2);for(let r=0;r<e.length;r++)e[r]=parseInt(t.substr(2*r,2),16);return e}static toHex(t){return Array.from(t).map(t=>t.toString(16).padStart(2,"0")).join("")}}function isReactNative(){return"undefined"!=typeof navigator&&"ReactNative"===navigator.product}function detectPlatform(){if("undefined"==typeof navigator)return"unknown";const t=navigator.userAgent||"";return/iPhone|iPad|iPod/.test(t)?"ios":/Android/.test(t)?"android":"unknown"}function initializeReactNative(t){try{if(!t.storage)return(0,shared_1.err)(new Error("AsyncStorage is required for React Native runtime"));const e=t.crypto||detectCrypto();return e?(global.crypto||(global.crypto=e),global.Buffer||(global.Buffer=BufferPolyfill),t.debug&&console.log("[xBind] React Native runtime initialized:",{platform:detectPlatform(),crypto:e.subtle?"full":"basic",storage:"AsyncStorage",prefix:t.storagePrefix||"@xbind:"}),(0,shared_1.ok)(void 0)):(0,shared_1.err)(new Error("No crypto implementation found. Install react-native-quick-crypto or expo-crypto."))}catch(t){return(0,shared_1.err)(new Error(`React Native initialization failed: ${t}`))}}exports.BufferPolyfill=BufferPolyfill,exports.default={AsyncStorageAdapter:AsyncStorageAdapter,detectCrypto:detectCrypto,getRandomBytes:getRandomBytes,sha256:sha256,BufferPolyfill:BufferPolyfill,isReactNative:isReactNative,detectPlatform:detectPlatform,initializeReactNative:initializeReactNative};

package/dist-standalone/cjs/security-policy.js

@@ -1,245 +1 @@
-"use strict";
-/**
- * Security policy interface for automatic risk-based Xorida activation.
- *
- * Determines when to apply information-theoretic security (XorIDA split-channel)
- * vs standard encrypted transport based on action semantics and parameters.
- *
- * Design principle: Security should be invisible to users. The policy classifies
- * risk automatically so developers don't need to understand threshold cryptography.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DefaultSecurityPolicy = void 0;
-exports.describeSecurityMode = describeSecurityMode;
-exports.describeSecurityModeStructured = describeSecurityModeStructured;
-/**
- * Default security policy for basic XBind.
- *
- * Rules:
- * - Explicit risk tags: low → 2-of-2, medium → 2-of-3, high/critical → 3-of-5
- * - Fiat transfers: USD/EUR/GBP >$100k → 2-of-3, >$1M → 3-of-5
- * - Crypto transfers: Require explicit risk tag (no numeric auto-detection)
- * - Sensitive scopes: custody/admin/settlement → 2-of-3
- * - Cross-entity communication: 2-of-3
- * - Explicit 'high' override: 2-of-3, 'critical' override: 3-of-5
- * - Everything else: Standard encrypted transport (V3 hybrid PQ)
- *
- * Enterprise and Government variants extend this with custom rules.
- */
-class DefaultSecurityPolicy {
-    options;
-    /**
-     * Create a default security policy.
-     *
-     * @param options - Optional configuration
-     * @param options.highValueThreshold - Amount threshold for high security (default: 100000)
-     * @param options.criticalValueThreshold - Amount threshold for critical security (default: 1000000)
-     * @param options.enableXchange - Allow Xchange mode for performance (default: false)
-     */
-    constructor(options = {}) {
-        this.options = options;
-    }
-    classify(context) {
-        const { action, params, securityOverride } = context;
-        const highThreshold = this.options.highValueThreshold ?? 100_000;
-        const criticalThreshold = this.options.criticalValueThreshold ?? 1_000_000;
-        // Explicit override: critical
-        if (securityOverride === 'critical') {
-            return {
-                mode: { type: 'split', shares: 5, threshold: 3 },
-                reason: 'User requested critical security level (5 shares, 3-of-5 threshold)',
-                wasOverridden: true,
-            };
-        }
-        // Explicit override: high
-        if (securityOverride === 'high') {
-            return {
-                mode: { type: 'split', shares: 3, threshold: 2 },
-                reason: 'User requested high security level (3 shares, 2-of-3 threshold)',
-                wasOverridden: true,
-            };
-        }
-        // Explicit override: standard
-        if (securityOverride === 'standard') {
-            return {
-                mode: { type: 'standard' },
-                reason: 'User requested standard security level (encrypted transport)',
-                wasOverridden: true,
-            };
-        }
-        // Risk tag detection (preferred for crypto: BTC, ETH, etc.)
-        const riskTag = typeof params.risk === 'string' ? params.risk.toLowerCase() : undefined;
-        if (riskTag) {
-            if (riskTag === 'critical' || riskTag === 'high') {
-                return {
-                    mode: { type: 'split', shares: 5, threshold: 3 },
-                    reason: `Explicit risk tag "${riskTag}" requires 3-of-5 threshold`,
-                    wasOverridden: false,
-                };
-            }
-            else if (riskTag === 'medium') {
-                return {
-                    mode: { type: 'split', shares: 3, threshold: 2 },
-                    reason: `Explicit risk tag "medium" requires 2-of-3 threshold`,
-                    wasOverridden: false,
-                };
-            }
-            else if (riskTag === 'low') {
-                return {
-                    mode: { type: 'split', shares: 2, threshold: 2 },
-                    reason: `Explicit risk tag "low" requires 2-of-2 threshold`,
-                    wasOverridden: false,
-                };
-            }
-        }
-        // Numeric thresholds ONLY for fiat currencies (USD, EUR, GBP)
-        // Crypto (BTC, ETH) should use risk tags instead
-        if ((action === 'transfer' || action === 'execute') && typeof params.amount === 'number') {
-            const currency = typeof params.currency === 'string' ? params.currency.toUpperCase() : 'USD';
-            const isFiat = ['USD', 'EUR', 'GBP'].includes(currency);
-            if (isFiat) {
-                if (params.amount >= criticalThreshold) {
-                    return {
-                        mode: { type: 'split', shares: 5, threshold: 3 },
-                        reason: `Critical-value transfer (${currency} ${params.amount.toLocaleString()}) requires 3-of-5 threshold`,
-                        wasOverridden: false,
-                    };
-                }
-                else if (params.amount >= highThreshold) {
-                    return {
-                        mode: { type: 'split', shares: 3, threshold: 2 },
-                        reason: `High-value transfer (${currency} ${params.amount.toLocaleString()}) requires 2-of-3 threshold`,
-                        wasOverridden: false,
-                    };
-                }
-            }
-        }
-        // Auto-detection: Cross-entity communication
-        if (params.crossEntity === true) {
-            return {
-                mode: { type: 'split', shares: 3, threshold: 2 },
-                reason: 'Cross-organization communication requires multi-party approval (2 of 3)',
-                wasOverridden: false,
-            };
-        }
-        // Auto-detection: Sensitive scopes
-        if (context.scope.includes('admin') ||
-            context.scope.includes('custody') ||
-            context.scope.includes('settlement')) {
-            return {
-                mode: { type: 'split', shares: 3, threshold: 2 },
-                reason: `Sensitive scope "${context.scope}" requires multi-party approval (2 of 3)`,
-                wasOverridden: false,
-            };
-        }
-        // Xchange mode: opt-in performance mode (if enabled)
-        if (this.options.enableXchange && params.xchange === true) {
-            return {
-                mode: { type: 'xchange' },
-                reason: 'Xchange mode enabled for performance (~180x faster)',
-                wasOverridden: false,
-            };
-        }
-        // Default: Standard encrypted transport
-        return {
-            mode: { type: 'standard' },
-            reason: 'Standard encrypted transport (hybrid post-quantum)',
-            wasOverridden: false,
-        };
-    }
-}
-exports.DefaultSecurityPolicy = DefaultSecurityPolicy;
-/**
- * Get a human-readable security mode description.
- *
- * Used for logging and user feedback.
- *
- * @param mode - Security mode
- * @returns User-friendly description
- *
- * @deprecated Use describeSecurityModeStructured() for new code. This function remains for backward compatibility.
- */
-function describeSecurityMode(mode) {
-    switch (mode.type) {
-        case 'standard':
-            return 'Standard (encrypted)';
-        case 'split':
-            return `Multi-party approval (${mode.threshold} of ${mode.shares})`;
-        case 'xchange':
-            return 'Xchange (fast mode)';
-    }
-}
-/**
- * Get a structured security mode description with multiple formats.
- *
- * Returns an object with the security classification and formatted descriptions
- * optimized for different use cases (display, logging, APIs, docs).
- *
- * @param mode - Security mode
- * @returns Security mode description with formats
- *
- * @example
- * ```typescript
- * const mode: SecurityMode = { type: 'split', shares: 3, threshold: 2 };
- * const description = describeSecurityModeStructured(mode);
- *
- * console.log(description.formats.singleline);
- * // "high | split | 2-of-3"
- *
- * console.log(description.formats.multiline);
- * // "Security Level: High
- * //  Mode: Split-channel (XorIDA)
- * //  Shares: 3 total, 2 required"
- *
- * console.log(description.shares);
- * // { total: 3, threshold: 2 }
- * ```
- */
-function describeSecurityModeStructured(mode) {
-    let level;
-    let multiline;
-    let singleline;
-    let markdown;
-    let shares;
-    switch (mode.type) {
-        case 'standard':
-            level = 'standard';
-            multiline = 'Security Level: Standard\nMode: Encrypted transport (hybrid post-quantum)';
-            singleline = 'standard | encrypted';
-            markdown = '**Security Level:** Standard\n\n**Mode:** Encrypted transport (hybrid post-quantum)';
-            break;
-        case 'split':
-            // Classify split mode as high or critical based on threshold
-            level = mode.shares >= 5 ? 'critical' : 'high';
-            shares = { total: mode.shares, threshold: mode.threshold };
-            multiline = `Security Level: ${level === 'critical' ? 'Critical' : 'High'}\nMode: Split-channel (XorIDA)\nShares: ${mode.shares} total, ${mode.threshold} required`;
-            singleline = `${level} | split | ${mode.threshold}-of-${mode.shares}`;
-            markdown = `**Security Level:** ${level === 'critical' ? 'Critical' : 'High'}\n\n**Mode:** Split-channel (XorIDA)\n\n**Shares:** ${mode.shares} total, ${mode.threshold} required`;
-            break;
-        case 'xchange':
-            level = 'performance';
-            multiline = 'Security Level: Performance\nMode: Xchange (single IT layer, ~180x faster)';
-            singleline = 'performance | xchange';
-            markdown = '**Security Level:** Performance\n\n**Mode:** Xchange (single IT layer, ~180x faster)';
-            break;
-    }
-    const jsonObj = {
-        type: mode.type,
-        level,
-    };
-    if (shares) {
-        jsonObj.shares = shares;
-    }
-    const json = JSON.stringify(jsonObj);
-    return {
-        type: mode.type,
-        level,
-        shares,
-        formats: {
-            multiline,
-            singleline,
-            json,
-            markdown,
-        },
-    };
-}
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.DefaultSecurityPolicy=void 0,exports.describeSecurityMode=describeSecurityMode,exports.describeSecurityModeStructured=describeSecurityModeStructured;class DefaultSecurityPolicy{options;constructor(e={}){this.options=e}classify(e){const{action:r,params:t,securityOverride:s}=e,i=this.options.highValueThreshold??1e5,a=this.options.criticalValueThreshold??1e6;if("critical"===s)return{mode:{type:"split",shares:5,threshold:3},reason:"User requested critical security level (5 shares, 3-of-5 threshold)",wasOverridden:!0};if("high"===s)return{mode:{type:"split",shares:3,threshold:2},reason:"User requested high security level (3 shares, 2-of-3 threshold)",wasOverridden:!0};if("standard"===s)return{mode:{type:"standard"},reason:"User requested standard security level (encrypted transport)",wasOverridden:!0};const o="string"==typeof t.risk?t.risk.toLowerCase():void 0;if(o){if("critical"===o||"high"===o)return{mode:{type:"split",shares:5,threshold:3},reason:`Explicit risk tag "${o}" requires 3-of-5 threshold`,wasOverridden:!1};if("medium"===o)return{mode:{type:"split",shares:3,threshold:2},reason:'Explicit risk tag "medium" requires 2-of-3 threshold',wasOverridden:!1};if("low"===o)return{mode:{type:"split",shares:2,threshold:2},reason:'Explicit risk tag "low" requires 2-of-2 threshold',wasOverridden:!1}}if(("transfer"===r||"execute"===r)&&"number"==typeof t.amount){const e="string"==typeof t.currency?t.currency.toUpperCase():"USD";if(["USD","EUR","GBP"].includes(e)){if(t.amount>=a)return{mode:{type:"split",shares:5,threshold:3},reason:`Critical-value transfer (${e} ${t.amount.toLocaleString()}) requires 3-of-5 threshold`,wasOverridden:!1};if(t.amount>=i)return{mode:{type:"split",shares:3,threshold:2},reason:`High-value transfer (${e} ${t.amount.toLocaleString()}) requires 2-of-3 threshold`,wasOverridden:!1}}}return!0===t.crossEntity?{mode:{type:"split",shares:3,threshold:2},reason:"Cross-organization communication requires multi-party approval (2 of 3)",wasOverridden:!1}:e.scope.includes("admin")||e.scope.includes("custody")||e.scope.includes("settlement")?{mode:{type:"split",shares:3,threshold:2},reason:`Sensitive scope "${e.scope}" requires multi-party approval (2 of 3)`,wasOverridden:!1}:this.options.enableXchange&&!0===t.xchange?{mode:{type:"xchange"},reason:"Xchange mode enabled for performance (~180x faster)",wasOverridden:!1}:{mode:{type:"standard"},reason:"Standard encrypted transport (hybrid post-quantum)",wasOverridden:!1}}}function describeSecurityMode(e){switch(e.type){case"standard":return"Standard (encrypted)";case"split":return`Multi-party approval (${e.threshold} of ${e.shares})`;case"xchange":return"Xchange (fast mode)"}}function describeSecurityModeStructured(e){let r,t,s,i,a;switch(e.type){case"standard":r="standard",t="Security Level: Standard\nMode: Encrypted transport (hybrid post-quantum)",s="standard | encrypted",i="**Security Level:** Standard\n\n**Mode:** Encrypted transport (hybrid post-quantum)";break;case"split":r=e.shares>=5?"critical":"high",a={total:e.shares,threshold:e.threshold},t=`Security Level: ${"critical"===r?"Critical":"High"}\nMode: Split-channel (XorIDA)\nShares: ${e.shares} total, ${e.threshold} required`,s=`${r} | split | ${e.threshold}-of-${e.shares}`,i=`**Security Level:** ${"critical"===r?"Critical":"High"}\n\n**Mode:** Split-channel (XorIDA)\n\n**Shares:** ${e.shares} total, ${e.threshold} required`;break;case"xchange":r="performance",t="Security Level: Performance\nMode: Xchange (single IT layer, ~180x faster)",s="performance | xchange",i="**Security Level:** Performance\n\n**Mode:** Xchange (single IT layer, ~180x faster)"}const o={type:e.type,level:r};a&&(o.shares=a);const n=JSON.stringify(o);return{type:e.type,level:r,shares:a,formats:{multiline:t,singleline:s,json:n,markdown:i}}}exports.DefaultSecurityPolicy=DefaultSecurityPolicy;

package/dist-standalone/cjs/serialization.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.serialize=serialize,exports.deserialize=deserialize,exports.detectFormat=detectFormat,exports.negotiateFormat=negotiateFormat,exports.compareFormats=compareFormats,exports.getContentType=getContentType,exports.parseContentType=parseContentType;const shared_1=require("../_deps/shared/index.js");class JSONSerializer{format="json";contentType="application/json";serialize(e,t){try{const r=t?.pretty?JSON.stringify(e,null,2):JSON.stringify(e);return(0,shared_1.ok)((new TextEncoder).encode(r))}catch(e){return(0,shared_1.err)({code:"SERIALIZATION_FAILED",reason:e instanceof Error?e.message:String(e),format:"json"})}}deserialize(e){try{const t=(new TextDecoder).decode(e);return(0,shared_1.ok)(JSON.parse(t))}catch(e){return(0,shared_1.err)({code:"DESERIALIZATION_FAILED",reason:e instanceof Error?e.message:String(e)})}}detect(e){if(0===e.length)return!1;const t=e[0];if(void 0===t)return!1;if(123===t||91===t||34===t)return!0;if(32===t||9===t||10===t||13===t)for(let t=1;t<Math.min(e.length,10);t++){const r=e[t];if(void 0===r)return!1;if(123===r||91===r||34===r)return!0;if(32!==r&&9!==r&&10!==r&&13!==r)return!1}return!1}}class MessagePackSerializer{format="msgpack";contentType="application/msgpack";serialize(e,t){try{return(0,shared_1.ok)(this.encode(e))}catch(e){return(0,shared_1.err)({code:"SERIALIZATION_FAILED",reason:e instanceof Error?e.message:String(e),format:"msgpack"})}}deserialize(e){try{return(0,shared_1.ok)(this.decode(e))}catch(e){return(0,shared_1.err)({code:"DESERIALIZATION_FAILED",reason:e instanceof Error?e.message:String(e)})}}detect(e){if(0===e.length)return!1;const t=e[0];if(void 0===t)return!1;if(t>=224&&t<=255&&e.length<2)return!1;try{const t={offset:0};return this.decodeValue(e,t),!0}catch{return!1}}encode(e){const t=[];this.encodeValue(e,t);const r=t.reduce((e,t)=>e+t.length,0),n=new Uint8Array(r);let s=0;for(const e of t)n.set(e,s),s+=e.length;return n}encodeValue(e,t){if(null==e)t.push(new Uint8Array([192]));else if("boolean"==typeof e)t.push(new Uint8Array([e?195:194]));else if("number"==typeof e)this.encodeNumber(e,t);else if("string"==typeof e)this.encodeString(e,t);else if(e instanceof Uint8Array)this.encodeBinary(e,t);else if(Array.isArray(e))this.encodeArray(e,t);else{if("object"!=typeof e)throw new Error("Unsupported type: "+typeof e);this.encodeObject(e,t)}}encodeNumber(e,t){if(Number.isInteger(e))if(e>=0&&e<=127)t.push(new Uint8Array([e]));else if(e>=-32&&e<0)t.push(new Uint8Array([224|31&e]));else if(e>=0&&e<=255)t.push(new Uint8Array([204,e]));else if(e>=0&&e<=65535)t.push(new Uint8Array([205,e>>8,255&e]));else if(e>=0&&e<=4294967295){const r=new Uint8Array(5);r[0]=206,new DataView(r.buffer).setUint32(1,e,!1),t.push(r)}else{const r=new Uint8Array(9);r[0]=203,new DataView(r.buffer).setFloat64(1,e,!1),t.push(r)}else{const r=new Uint8Array(9);r[0]=203,new DataView(r.buffer).setFloat64(1,e,!1),t.push(r)}}encodeString(e,t){const r=(new TextEncoder).encode(e),n=r.length;if(n<=31)t.push(new Uint8Array([160|n]));else if(n<=255)t.push(new Uint8Array([217,n]));else if(n<=65535)t.push(new Uint8Array([218,n>>8,255&n]));else{const e=new Uint8Array(5);e[0]=219,new DataView(e.buffer).setUint32(1,n,!1),t.push(e)}t.push(r)}encodeBinary(e,t){const r=e.length;if(r<=255)t.push(new Uint8Array([196,r]));else if(r<=65535)t.push(new Uint8Array([197,r>>8,255&r]));else{const e=new Uint8Array(5);e[0]=198,new DataView(e.buffer).setUint32(1,r,!1),t.push(e)}t.push(e)}encodeArray(e,t){const r=e.length;if(r<=15)t.push(new Uint8Array([144|r]));else if(r<=65535)t.push(new Uint8Array([220,r>>8,255&r]));else{const e=new Uint8Array(5);e[0]=221,new DataView(e.buffer).setUint32(1,r,!1),t.push(e)}for(const r of e)this.encodeValue(r,t)}encodeObject(e,t){const r=Object.keys(e),n=r.length;if(n<=15)t.push(new Uint8Array([128|n]));else if(n<=65535)t.push(new Uint8Array([222,n>>8,255&n]));else{const e=new Uint8Array(5);e[0]=223,new DataView(e.buffer).setUint32(1,n,!1),t.push(e)}for(const n of r)this.encodeValue(n,t),this.encodeValue(e[n],t)}decode(e){return this.decodeValue(e,{offset:0})}decodeValue(e,t){if(t.offset>=e.length)throw new Error("Unexpected end of data");const r=e[t.offset++];if(void 0===r)throw new Error("Unexpected end of data");if(r<=127)return r;if(r>=128&&r<=143){const n=15&r;return this.decodeMap(e,t,n)}if(r>=144&&r<=159){const n=15&r;return this.decodeArray(e,t,n)}if(r>=160&&r<=191){const n=31&r;return this.decodeString(e,t,n)}if(r>=224)return(31&r)-32;switch(r){case 192:return null;case 194:return!1;case 195:return!0;case 196:{const r=e[t.offset++];if(void 0===r)throw new Error("Unexpected end of data");return this.decodeBinary(e,t,r)}case 197:return this.decodeBinary(e,t,this.readUint16(e,t));case 198:return this.decodeBinary(e,t,this.readUint32(e,t));case 202:return this.readFloat32(e,t);case 203:return this.readFloat64(e,t);case 204:{const r=e[t.offset++];if(void 0===r)throw new Error("Unexpected end of data");return r}case 205:return this.readUint16(e,t);case 206:return this.readUint32(e,t);case 208:return this.readInt8(e,t);case 209:return this.readInt16(e,t);case 210:return this.readInt32(e,t);case 217:{const r=e[t.offset++];if(void 0===r)throw new Error("Unexpected end of data");return this.decodeString(e,t,r)}case 218:return this.decodeString(e,t,this.readUint16(e,t));case 219:return this.decodeString(e,t,this.readUint32(e,t));case 220:return this.decodeArray(e,t,this.readUint16(e,t));case 221:return this.decodeArray(e,t,this.readUint32(e,t));case 222:return this.decodeMap(e,t,this.readUint16(e,t));case 223:return this.decodeMap(e,t,this.readUint32(e,t));default:throw new Error(`Unknown MessagePack type: 0x${r.toString(16)}`)}}decodeString(e,t,r){const n=e.slice(t.offset,t.offset+r);return t.offset+=r,(new TextDecoder).decode(n)}decodeBinary(e,t,r){const n=e.slice(t.offset,t.offset+r);return t.offset+=r,n}decodeArray(e,t,r){const n=[];for(let s=0;s<r;s++)n.push(this.decodeValue(e,t));return n}decodeMap(e,t,r){const n={};for(let s=0;s<r;s++){const r=this.decodeValue(e,t),s=this.decodeValue(e,t);n[String(r)]=s}return n}readUint16(e,t){const r=new DataView(e.buffer,e.byteOffset).getUint16(t.offset,!1);return t.offset+=2,r}readUint32(e,t){const r=new DataView(e.buffer,e.byteOffset).getUint32(t.offset,!1);return t.offset+=4,r}readInt8(e,t){if(t.offset>=e.length)throw new Error("Unexpected end of data");const r=new DataView(e.buffer,e.byteOffset).getInt8(t.offset);return t.offset+=1,r}readInt16(e,t){const r=new DataView(e.buffer,e.byteOffset).getInt16(t.offset,!1);return t.offset+=2,r}readInt32(e,t){const r=new DataView(e.buffer,e.byteOffset).getInt32(t.offset,!1);return t.offset+=4,r}readFloat32(e,t){const r=new DataView(e.buffer,e.byteOffset).getFloat32(t.offset,!1);return t.offset+=4,r}readFloat64(e,t){const r=new DataView(e.buffer,e.byteOffset).getFloat64(t.offset,!1);return t.offset+=8,r}}class CBORSerializer{format="cbor";contentType="application/cbor";serialize(e,t){try{return(0,shared_1.ok)(this.encode(e))}catch(e){return(0,shared_1.err)({code:"SERIALIZATION_FAILED",reason:e instanceof Error?e.message:String(e),format:"cbor"})}}deserialize(e){try{return(0,shared_1.ok)(this.decode(e))}catch(e){return(0,shared_1.err)({code:"DESERIALIZATION_FAILED",reason:e instanceof Error?e.message:String(e)})}}detect(e){if(0===e.length)return!1;e[0];try{const t={offset:0};return this.decodeValue(e,t),!0}catch{return!1}}encode(e){const t=[];this.encodeValue(e,t);const r=t.reduce((e,t)=>e+t.length,0),n=new Uint8Array(r);let s=0;for(const e of t)n.set(e,s),s+=e.length;return n}encodeValue(e,t){if(null==e)t.push(new Uint8Array([246]));else if("boolean"==typeof e)t.push(new Uint8Array([e?245:244]));else if("number"==typeof e)this.encodeNumber(e,t);else if("string"==typeof e)this.encodeString(e,t);else if(e instanceof Uint8Array)this.encodeBinary(e,t);else if(Array.isArray(e))this.encodeArray(e,t);else{if("object"!=typeof e)throw new Error("Unsupported type: "+typeof e);this.encodeObject(e,t)}}encodeNumber(e,t){if(Number.isInteger(e))if(e>=0)if(e<=23)t.push(new Uint8Array([e]));else if(e<=255)t.push(new Uint8Array([24,e]));else if(e<=65535)t.push(new Uint8Array([25,e>>8,255&e]));else if(e<=4294967295){const r=new Uint8Array(5);r[0]=26,new DataView(r.buffer).setUint32(1,e,!1),t.push(r)}else{const r=new Uint8Array(9);r[0]=251,new DataView(r.buffer).setFloat64(1,e,!1),t.push(r)}else{const r=-1-e;if(r<=23)t.push(new Uint8Array([32|r]));else if(r<=255)t.push(new Uint8Array([56,r]));else if(r<=65535)t.push(new Uint8Array([57,r>>8,255&r]));else{const e=new Uint8Array(5);e[0]=58,new DataView(e.buffer).setUint32(1,r,!1),t.push(e)}}else{const r=new Uint8Array(9);r[0]=251,new DataView(r.buffer).setFloat64(1,e,!1),t.push(r)}}encodeString(e,t){const r=(new TextEncoder).encode(e),n=r.length;if(n<=23)t.push(new Uint8Array([96|n]));else if(n<=255)t.push(new Uint8Array([120,n]));else if(n<=65535)t.push(new Uint8Array([121,n>>8,255&n]));else{const e=new Uint8Array(5);e[0]=122,new DataView(e.buffer).setUint32(1,n,!1),t.push(e)}t.push(r)}encodeBinary(e,t){const r=e.length;if(r<=23)t.push(new Uint8Array([64|r]));else if(r<=255)t.push(new Uint8Array([88,r]));else if(r<=65535)t.push(new Uint8Array([89,r>>8,255&r]));else{const e=new Uint8Array(5);e[0]=90,new DataView(e.buffer).setUint32(1,r,!1),t.push(e)}t.push(e)}encodeArray(e,t){const r=e.length;if(r<=23)t.push(new Uint8Array([128|r]));else if(r<=255)t.push(new Uint8Array([152,r]));else if(r<=65535)t.push(new Uint8Array([153,r>>8,255&r]));else{const e=new Uint8Array(5);e[0]=154,new DataView(e.buffer).setUint32(1,r,!1),t.push(e)}for(const r of e)this.encodeValue(r,t)}encodeObject(e,t){const r=Object.keys(e),n=r.length;if(n<=23)t.push(new Uint8Array([160|n]));else if(n<=255)t.push(new Uint8Array([184,n]));else if(n<=65535)t.push(new Uint8Array([185,n>>8,255&n]));else{const e=new Uint8Array(5);e[0]=186,new DataView(e.buffer).setUint32(1,n,!1),t.push(e)}for(const n of r)this.encodeValue(n,t),this.encodeValue(e[n],t)}decode(e){return this.decodeValue(e,{offset:0})}decodeValue(e,t){if(t.offset>=e.length)throw new Error("Unexpected end of data");const r=e[t.offset++];if(void 0===r)throw new Error("Unexpected end of data");const n=r>>5&7,s=31&r;switch(n){case 0:return this.decodeInteger(e,t,s);case 1:return-1-this.decodeInteger(e,t,s);case 2:return this.decodeBinary(e,t,s);case 3:return this.decodeString(e,t,s);case 4:return this.decodeArray(e,t,s);case 5:return this.decodeMap(e,t,s);case 7:return this.decodeSpecial(e,t,s);default:throw new Error(`Unsupported CBOR major type: ${n}`)}}decodeInteger(e,t,r){if(r<=23)return r;if(24===r){const r=e[t.offset++];if(void 0===r)throw new Error("Unexpected end of data");return r}if(25===r)return this.readUint16(e,t);if(26===r)return this.readUint32(e,t);throw new Error("Unsupported integer size")}decodeString(e,t,r){let n;n=r<=23?r:this.decodeInteger(e,t,r);const s=e.slice(t.offset,t.offset+n);return t.offset+=n,(new TextDecoder).decode(s)}decodeBinary(e,t,r){let n;n=r<=23?r:this.decodeInteger(e,t,r);const s=e.slice(t.offset,t.offset+n);return t.offset+=n,s}decodeArray(e,t,r){let n;n=r<=23?r:this.decodeInteger(e,t,r);const s=[];for(let r=0;r<n;r++)s.push(this.decodeValue(e,t));return s}decodeMap(e,t,r){let n;n=r<=23?r:this.decodeInteger(e,t,r);const s={};for(let r=0;r<n;r++){const r=this.decodeValue(e,t),n=this.decodeValue(e,t);s[String(r)]=n}return s}decodeSpecial(e,t,r){switch(r){case 20:return!1;case 21:return!0;case 22:return null;case 23:return;case 27:return this.readFloat64(e,t);default:throw new Error(`Unsupported CBOR special: ${r}`)}}readUint16(e,t){const r=new DataView(e.buffer,e.byteOffset).getUint16(t.offset,!1);return t.offset+=2,r}readUint32(e,t){const r=new DataView(e.buffer,e.byteOffset).getUint32(t.offset,!1);return t.offset+=4,r}readFloat64(e,t){const r=new DataView(e.buffer,e.byteOffset).getFloat64(t.offset,!1);return t.offset+=8,r}}const serializers=new Map([["json",new JSONSerializer],["cbor",new CBORSerializer],["msgpack",new MessagePackSerializer]]);function serialize(e,t={}){const r=t.format??"json",n=serializers.get(r);if(!n)return(0,shared_1.err)({code:"UNSUPPORTED_FORMAT",format:r});const s=t.collectMetrics?performance.now():0,o=n.serialize(e,t);if(!o.ok)return o;const i=t.collectMetrics?{serializeDuration:performance.now()-s,size:o.value.length,format:r,timestamp:Date.now()}:void 0;return(0,shared_1.ok)({data:o.value,format:r,size:o.value.length,contentType:n.contentType,metrics:i})}function deserialize(e,t={}){const r=t.collectMetrics?performance.now():0;let n,s;if(t.format){if(n=t.format,s=serializers.get(n),!s)return(0,shared_1.err)({code:"UNSUPPORTED_FORMAT",format:n})}else{const t=detectFormat(e);if(!t.ok)return t;if(n=t.value,s=serializers.get(n),!s)return(0,shared_1.err)({code:"UNSUPPORTED_FORMAT",format:n})}const o=s.deserialize(e);if(!o.ok)return o;const i=t.collectMetrics?{serializeDuration:performance.now()-r,size:e.length,format:n,timestamp:Date.now()}:void 0;return(0,shared_1.ok)({value:o.value,format:n,metrics:i})}function detectFormat(e){const t=serializers.get("json");if(t?.detect(e))return(0,shared_1.ok)("json");if(0===e.length)return(0,shared_1.err)({code:"FORMAT_DETECTION_FAILED",reason:"Empty data"});const r=serializers.get("cbor");if(r?.detect(e))return(0,shared_1.ok)("cbor");const n=serializers.get("msgpack");return n?.detect(e)?(0,shared_1.ok)("msgpack"):(0,shared_1.err)({code:"FORMAT_DETECTION_FAILED",reason:"No serializer recognized the data format"})}function negotiateFormat(e,t){for(const r of e)if(t.includes(r))return(0,shared_1.ok)(r);return(0,shared_1.err)({code:"UNSUPPORTED_FORMAT",format:`No common format (client: ${e.join(",")}, server: ${t.join(",")})`})}function compareFormats(e,t=["json","msgpack","cbor"]){const r=[];for(const n of t){const t=serialize(e,{format:n,collectMetrics:!0});if(!t.ok)return t;r.push({format:n,size:t.value.size,duration:t.value.metrics?.serializeDuration??0})}return(0,shared_1.ok)(r)}function getContentType(e){const t=serializers.get(e);return t?.contentType??"application/octet-stream"}function parseContentType(e){const t=e.toLowerCase().split(";")[0]?.trim()??"";for(const e of serializers.values())if(e.contentType===t)return e.format}