@private.me/xbind 1.3.5 → 3.0.0

package/dist-standalone/debug-mode.d.ts

@@ -0,0 +1,286 @@
+/**
+ * @module debug-mode
+ * Debug mode for enhanced developer experience with verbose logging and state inspection
+ *
+ * Provides comprehensive debugging capabilities including:
+ * - Verbose logging of all operations
+ * - Internal state dumping and inspection
+ * - Network request/response logging
+ * - Crypto operation tracing
+ * - Performance profiling and timing
+ * - Memory usage tracking
+ *
+ * Usage:
+ * ```typescript
+ * import { enableDebugMode, dumpState, createDebugLogger } from '@private.me/xbind/debug-mode';
+ *
+ * // Enable debug mode globally
+ * enableDebugMode({ verbose: true, traceNetwork: true });
+ *
+ * // Create debug logger for component
+ * const debug = createDebugLogger('agent');
+ * debug.trace('Operation starting', { did: 'did:key:...' });
+ *
+ * // Dump internal state
+ * const state = dumpState(agent);
+ * console.log(state);
+ * ```
+ */
+import type { Logger, LogContext } from './logger.js';
+import type { Agent } from './agent.js';
+/**
+ * Debug mode configuration options
+ */
+export interface DebugModeOptions {
+    /** Enable verbose logging (default: false) */
+    verbose?: boolean;
+    /** Trace network requests/responses (default: false) */
+    traceNetwork?: boolean;
+    /** Trace crypto operations (default: false) */
+    traceCrypto?: boolean;
+    /** Enable performance profiling (default: false) */
+    profile?: boolean;
+    /** Track memory usage (default: false) */
+    trackMemory?: boolean;
+    /** Log internal state changes (default: false) */
+    traceState?: boolean;
+    /** Custom output function (default: console.log) */
+    output?: (message: string) => void;
+    /** Filter patterns for selective logging */
+    filters?: {
+        /** Include only operations matching these patterns */
+        include?: RegExp[];
+        /** Exclude operations matching these patterns */
+        exclude?: RegExp[];
+    };
+}
+/**
+ * Performance measurement result
+ */
+export interface PerformanceMeasurement {
+    /** Operation name */
+    operation: string;
+    /** Start timestamp (ms) */
+    startTime: number;
+    /** End timestamp (ms) */
+    endTime: number;
+    /** Duration (ms) */
+    duration: number;
+    /** Memory usage before operation (bytes) */
+    memoryBefore?: number;
+    /** Memory usage after operation (bytes) */
+    memoryAfter?: number;
+    /** Memory delta (bytes) */
+    memoryDelta?: number;
+    /** Additional context */
+    context?: Record<string, unknown>;
+}
+/**
+ * Network trace entry
+ */
+export interface NetworkTrace {
+    /** Request ID */
+    id: string;
+    /** HTTP method */
+    method: string;
+    /** URL */
+    url: string;
+    /** Request headers (redacted) */
+    requestHeaders: Record<string, string>;
+    /** Request body (truncated) */
+    requestBody?: string;
+    /** Response status code */
+    status?: number;
+    /** Response headers (redacted) */
+    responseHeaders?: Record<string, string>;
+    /** Response body (truncated) */
+    responseBody?: string;
+    /** Start timestamp */
+    startTime: number;
+    /** End timestamp */
+    endTime?: number;
+    /** Duration (ms) */
+    duration?: number;
+    /** Error (if failed) */
+    error?: string;
+}
+/**
+ * Crypto operation trace entry
+ */
+export interface CryptoTrace {
+    /** Operation type (encrypt, decrypt, sign, verify, etc.) */
+    operation: string;
+    /** Algorithm */
+    algorithm: string;
+    /** Input size (bytes) */
+    inputSize: number;
+    /** Output size (bytes) */
+    outputSize?: number;
+    /** Duration (ms) */
+    duration: number;
+    /** Success flag */
+    success: boolean;
+    /** Error message (if failed) */
+    error?: string;
+    /** Timestamp */
+    timestamp: number;
+}
+/**
+ * Agent state snapshot
+ */
+export interface AgentStateSnapshot {
+    /** Agent DID */
+    did: string;
+    /** Identity mode */
+    identityMode: 'persistent' | 'ephemeral';
+    /** Registration status */
+    registered: boolean;
+    /** Trust registry URL */
+    registryUrl?: string;
+    /** Nonce store type */
+    nonceStoreType: string;
+    /** Nonce count */
+    nonceCount: number;
+    /** Transport adapter type */
+    transportType: string;
+    /** Security policy summary */
+    securityPolicy: {
+        level: string;
+        replayWindow: number;
+        timestampTolerance: number;
+    };
+    /** Post-quantum enabled */
+    postQuantum: boolean;
+    /** Memory usage (bytes) */
+    memoryUsage?: number;
+    /** Snapshot timestamp */
+    timestamp: number;
+}
+/**
+ * Enable debug mode with optional configuration
+ *
+ * @param options - Debug mode options
+ */
+export declare function enableDebugMode(options?: DebugModeOptions): void;
+/**
+ * Disable debug mode and clear collected data
+ */
+export declare function disableDebugMode(): void;
+/**
+ * Check if debug mode is enabled
+ */
+export declare function isDebugEnabled(): boolean;
+/**
+ * Get current debug mode options
+ */
+export declare function getDebugOptions(): DebugModeOptions;
+/**
+ * Create a debug logger for a specific component
+ *
+ * @param component - Component name
+ * @returns Logger instance with debug capabilities
+ */
+export declare function createDebugLogger(component: string): Logger & {
+    trace: (message: string, context?: LogContext) => void;
+};
+/**
+ * Start performance measurement for an operation
+ *
+ * @param operation - Operation name
+ * @param context - Optional context
+ */
+export declare function startProfiling(operation: string, context?: Record<string, unknown>): void;
+/**
+ * End performance measurement and record result
+ *
+ * @param operation - Operation name
+ * @param context - Optional context (overrides context from startProfiling if provided)
+ */
+export declare function endProfiling(operation: string, context?: Record<string, unknown>): void;
+/**
+ * Get all performance measurements
+ */
+export declare function getPerformanceMeasurements(): PerformanceMeasurement[];
+/**
+ * Clear performance measurements
+ */
+export declare function clearPerformanceMeasurements(): void;
+/**
+ * Log network request start
+ *
+ * @param id - Request ID
+ * @param method - HTTP method
+ * @param url - URL
+ * @param headers - Request headers
+ * @param body - Request body
+ */
+export declare function traceNetworkRequest(id: string, method: string, url: string, headers: Record<string, string>, body?: string): void;
+/**
+ * Log network response
+ *
+ * @param id - Request ID
+ * @param status - HTTP status code
+ * @param headers - Response headers
+ * @param body - Response body
+ * @param error - Error (if failed)
+ */
+export declare function traceNetworkResponse(id: string, status?: number, headers?: Record<string, string>, body?: string, error?: string): void;
+/**
+ * Get all network traces
+ */
+export declare function getNetworkTraces(): NetworkTrace[];
+/**
+ * Clear network traces
+ */
+export declare function clearNetworkTraces(): void;
+/**
+ * Log crypto operation
+ *
+ * @param operation - Operation type
+ * @param algorithm - Algorithm name
+ * @param inputSize - Input size (bytes)
+ * @param outputSize - Output size (bytes)
+ * @param duration - Duration (ms)
+ * @param success - Success flag
+ * @param error - Error message (if failed)
+ */
+export declare function traceCryptoOperation(operation: string, algorithm: string, inputSize: number, outputSize?: number, duration?: number, success?: boolean, error?: string): void;
+/**
+ * Get all crypto traces
+ */
+export declare function getCryptoTraces(): CryptoTrace[];
+/**
+ * Clear crypto traces
+ */
+export declare function clearCryptoTraces(): void;
+/**
+ * Dump internal state of an agent
+ *
+ * @param agent - Agent instance
+ * @returns State snapshot
+ */
+export declare function dumpState(agent: Agent): AgentStateSnapshot;
+/**
+ * Get all state snapshots
+ */
+export declare function getStateSnapshots(): AgentStateSnapshot[];
+/**
+ * Clear state snapshots
+ */
+export declare function clearStateSnapshots(): void;
+/**
+ * Export all debug data as JSON
+ *
+ * @returns JSON string with all debug data
+ */
+export declare function exportDebugData(): string;
+/**
+ * Clear all debug data
+ */
+export declare function clearAllDebugData(): void;
+/**
+ * Generate debug report
+ *
+ * @returns Human-readable debug report
+ */
+export declare function generateDebugReport(): string;

package/dist-standalone/debug-mode.js

@@ -0,0 +1 @@
+import{createLogger,LogLevel}from"./logger.js";class DebugModeState{enabled=!1;options={};measurements=[];networkTraces=[];cryptoTraces=[];stateSnapshots=[];activeTimers=new Map}const globalDebugState=new DebugModeState;export function enableDebugMode(e={}){globalDebugState.enabled=!0,globalDebugState.options={verbose:e.verbose??!1,traceNetwork:e.traceNetwork??!1,traceCrypto:e.traceCrypto??!1,profile:e.profile??!1,trackMemory:e.trackMemory??!1,traceState:e.traceState??!1,output:e.output??console.log,filters:e.filters};const t=createLogger("debug-mode");t.setLevel(LogLevel.DEBUG),t.info("Debug mode enabled",{options:globalDebugState.options})}export function disableDebugMode(){globalDebugState.enabled=!1,globalDebugState.measurements=[],globalDebugState.networkTraces=[],globalDebugState.cryptoTraces=[],globalDebugState.stateSnapshots=[],globalDebugState.activeTimers.clear();createLogger("debug-mode").info("Debug mode disabled")}export function isDebugEnabled(){return globalDebugState.enabled}export function getDebugOptions(){return{...globalDebugState.options}}export function createDebugLogger(e){const t=createLogger(e);return globalDebugState.enabled&&globalDebugState.options.verbose&&t.setLevel(LogLevel.DEBUG),{...t,trace(e,o){if(globalDebugState.enabled&&globalDebugState.options.verbose){if(globalDebugState.options.filters){const{include:t,exclude:o}=globalDebugState.options.filters;if(t&&!t.some(t=>t.test(e)))return;if(o&&o.some(t=>t.test(e)))return}t.debug(e,o)}}}}export function startProfiling(e,t){if(!globalDebugState.enabled||!globalDebugState.options.profile)return;const o=performance.now();globalDebugState.activeTimers.set(e,{startTime:o,context:t});createDebugLogger("profiler").trace(`[PROFILE] Starting: ${e}`,t)}export function endProfiling(e,t){if(!globalDebugState.enabled||!globalDebugState.options.profile)return;const o=globalDebugState.activeTimers.get(e);if(!o){return void createDebugLogger("profiler").warn(`[PROFILE] No start time found for: ${e}`)}const r=performance.now(),a=r-o.startTime,s=t??o.context;let n,u,g;if(globalDebugState.options.trackMemory&&"undefined"!=typeof process&&process.memoryUsage){u=process.memoryUsage().heapUsed,n=u,g=0}const l={operation:e,startTime:o.startTime,endTime:r,duration:a,memoryBefore:n,memoryAfter:u,memoryDelta:g,context:s};globalDebugState.measurements.push(l),globalDebugState.activeTimers.delete(e);createDebugLogger("profiler").trace(`[PROFILE] Completed: ${e} (${a.toFixed(2)}ms)`,{duration:a,memoryDelta:g,...t})}export function getPerformanceMeasurements(){return[...globalDebugState.measurements]}export function clearPerformanceMeasurements(){globalDebugState.measurements=[],globalDebugState.activeTimers.clear()}export function traceNetworkRequest(e,t,o,r,a){if(!globalDebugState.enabled||!globalDebugState.options.traceNetwork)return;const s={id:e,method:t,url:o,requestHeaders:redactHeaders(r),requestBody:truncateBody(a),startTime:performance.now()};globalDebugState.networkTraces.push(s);createDebugLogger("network").trace(`[NETWORK] ${t} ${o}`,{requestId:e,headers:s.requestHeaders,bodyLength:a?.length??0})}export function traceNetworkResponse(e,t,o,r,a){if(!globalDebugState.enabled||!globalDebugState.options.traceNetwork)return;const s=globalDebugState.networkTraces.find(t=>t.id===e);if(!s)return;s.endTime=performance.now(),s.duration=s.endTime-s.startTime,s.status=t,s.responseHeaders=o?redactHeaders(o):void 0,s.responseBody=truncateBody(r),s.error=a;createDebugLogger("network").trace(`[NETWORK] Response ${t??"ERROR"} (${s.duration.toFixed(2)}ms)`,{requestId:e,status:t,duration:s.duration,error:a})}export function getNetworkTraces(){return[...globalDebugState.networkTraces]}export function clearNetworkTraces(){globalDebugState.networkTraces=[]}export function traceCryptoOperation(e,t,o,r,a,s,n){if(!globalDebugState.enabled||!globalDebugState.options.traceCrypto)return;const u={operation:e,algorithm:t,inputSize:o,outputSize:r,duration:a??0,success:s??!0,error:n,timestamp:Date.now()};globalDebugState.cryptoTraces.push(u);createDebugLogger("crypto").trace(`[CRYPTO] ${e} (${t})`,{inputSize:o,outputSize:r,duration:a,success:s,error:n})}export function getCryptoTraces(){return[...globalDebugState.cryptoTraces]}export function clearCryptoTraces(){globalDebugState.cryptoTraces=[]}export function dumpState(e){const t={did:e.did,identityMode:e.identityMode??"persistent",registered:e.registered??!1,registryUrl:e.registry?.url,nonceStoreType:e.nonceStore?.constructor?.name??"unknown",nonceCount:e.nonceStore?.size??0,transportType:e.transport?.constructor?.name??"unknown",securityPolicy:{level:e.securityPolicy?.level??"unknown",replayWindow:e.securityPolicy?.replayWindow??0,timestampTolerance:e.securityPolicy?.timestampTolerance??0},postQuantum:e.postQuantum??!1,memoryUsage:"undefined"!=typeof process&&process.memoryUsage?process.memoryUsage().heapUsed:void 0,timestamp:Date.now()};globalDebugState.enabled&&globalDebugState.options.traceState&&globalDebugState.stateSnapshots.push(t);return createDebugLogger("state").trace("[STATE] Agent snapshot",t),t}export function getStateSnapshots(){return[...globalDebugState.stateSnapshots]}export function clearStateSnapshots(){globalDebugState.stateSnapshots=[]}export function exportDebugData(){const e={enabled:globalDebugState.enabled,options:globalDebugState.options,measurements:globalDebugState.measurements,networkTraces:globalDebugState.networkTraces,cryptoTraces:globalDebugState.cryptoTraces,stateSnapshots:globalDebugState.stateSnapshots,exportedAt:(new Date).toISOString()};return JSON.stringify(e,null,2)}export function clearAllDebugData(){clearPerformanceMeasurements(),clearNetworkTraces(),clearCryptoTraces(),clearStateSnapshots()}function redactHeaders(e){const t={},o=new Set(["authorization","cookie","set-cookie","x-api-key","x-auth-token"]);for(const[r,a]of Object.entries(e)){const e=r.toLowerCase();o.has(e)?t[r]="[REDACTED]":t[r]=a}return t}function truncateBody(e){if(!e)return;const t=1e3;return e.length<=t?e:e.substring(0,t)+`... (${e.length-t} more bytes)`}export function generateDebugReport(){const e=[];if(e.push("=".repeat(80)),e.push("xBind Debug Report"),e.push("=".repeat(80)),e.push(""),e.push(`Generated: ${(new Date).toISOString()}`),e.push("Debug Mode: "+(globalDebugState.enabled?"ENABLED":"DISABLED")),e.push(""),globalDebugState.measurements.length>0){e.push("Performance Measurements:"),e.push("-".repeat(80));for(const t of globalDebugState.measurements)e.push(`  ${t.operation}: ${t.duration.toFixed(2)}ms`),void 0!==t.memoryDelta&&e.push(`    Memory: ${formatBytes(t.memoryDelta)}`);e.push("")}if(globalDebugState.networkTraces.length>0){e.push("Network Traces:"),e.push("-".repeat(80));for(const t of globalDebugState.networkTraces)e.push(`  ${t.method} ${t.url}`),t.status&&e.push(`    Status: ${t.status}`),t.duration&&e.push(`    Duration: ${t.duration.toFixed(2)}ms`),t.error&&e.push(`    Error: ${t.error}`);e.push("")}if(globalDebugState.cryptoTraces.length>0){e.push("Crypto Operations:"),e.push("-".repeat(80));for(const t of globalDebugState.cryptoTraces)e.push(`  ${t.operation} (${t.algorithm})`),e.push(`    Input: ${formatBytes(t.inputSize)}`),t.outputSize&&e.push(`    Output: ${formatBytes(t.outputSize)}`),e.push(`    Duration: ${t.duration.toFixed(2)}ms`),e.push(`    Success: ${t.success}`),t.error&&e.push(`    Error: ${t.error}`);e.push("")}if(globalDebugState.stateSnapshots.length>0){e.push("State Snapshots:"),e.push("-".repeat(80));const t=globalDebugState.stateSnapshots[globalDebugState.stateSnapshots.length-1];t&&(e.push(`  DID: ${t.did}`),e.push(`  Mode: ${t.identityMode}`),e.push(`  Registered: ${t.registered}`),e.push(`  Post-Quantum: ${t.postQuantum}`),e.push(`  Nonce Count: ${t.nonceCount}`),t.memoryUsage&&e.push(`  Memory Usage: ${formatBytes(t.memoryUsage)}`)),e.push("")}return e.push("=".repeat(80)),e.join("\n")}function formatBytes(e){if(0===e)return"0 B";const t=Math.floor(Math.log(Math.abs(e))/Math.log(1024));return`${(e/Math.pow(1024,t)).toFixed(2)} ${["B","KB","MB","GB"][t]}`}

package/dist-standalone/did-document.js

@@ -1,96 +1 @@
-import { ok, err } from"./_deps/shared/index.js";
-import { toBase64 } from"./_deps/crypto/index.js";
-/**
- * Generate a DID document for a given DID.
- *
- * Includes service endpoints that advertise PRIVATE.ME/xBind.
- * Both did:key and did:privateme DIDs generate the same service endpoints.
- *
- * @param did - The DID (did:key:z... or did:privateme:z...)
- * @param rawPublicKey - The 32-byte Ed25519 public key
- * @param name - Optional name for the identity
- * @returns DID document with service endpoints
- */
-export function generateDidDocument(did, rawPublicKey, name) {
-    if (!did.startsWith('did:key:') && !did.startsWith('did:privateme:')) {
-        return err('INVALID_DID_FORMAT');
-    }
-    // Convert public key to base64 for inclusion in document
-    const publicKeyBase64 = toBase64(rawPublicKey);
-    const document = {
-        '@context': [
-            'https://www.w3.org/ns/did/v1',
-            'https://w3id.org/security/suites/ed25519-2020/v1',
-        ],
-        id: did,
-        publicKey: [
-            {
-                id: `${did}#key-1`,
-                type: 'Ed25519VerificationKey2020',
-                controller: did,
-                publicKeyBase64,
-            },
-        ],
-        authentication: [`${did}#key-1`],
-        assertionMethod: [`${did}#key-1`],
-        keyAgreement: [`${did}#key-1`],
-        service: [
-            {
-                id: `${did}#identity-provider`,
-                type: 'IdentityProvider',
-                serviceEndpoint: 'https://private.me',
-                description: 'PRIVATE.ME xBind Agent - M2M identity authentication',
-            },
-            {
-                id: `${did}#documentation`,
-                type: 'Documentation',
-                serviceEndpoint: 'https://private.me/docs/xbind.html',
-                description: 'Learn more about PRIVATE.ME/xBind protocol',
-            },
-        ],
-        ...(name ? { name } : {}),
-    };
-    return ok(document);
-}
-/**
- * Resolve a DID to its document (simulated).
- *
- * In a production system, this would query a DID resolver.
- * For now, this generates a synthetic document based on the DID.
- *
- * @param did - The DID to resolve
- * @param rawPublicKey - The 32-byte Ed25519 public key
- * @returns DID document or error
- */
-export async function resolveDid(did, rawPublicKey) {
-    // In a production system, this would make an HTTP request to a DID resolver
-    // For now, generate a synthetic document
-    return generateDidDocument(did, rawPublicKey);
-}
-/**
- * Extract service endpoints from a DID document.
- *
- * Filters for PRIVATE.ME service endpoints to provide discovery information.
- *
- * @param document - The DID document
- * @returns Array of service endpoints advertising PRIVATE.ME services
- */
-export function getServiceEndpoints(document) {
-    if (!document.service)
-        return [];
-    return document.service
-        .filter((svc) => {
-        const endpoint = typeof svc.serviceEndpoint === 'string' ? svc.serviceEndpoint : '';
-        return (endpoint.includes('private.me') ||
-            svc.type.includes('PRIVATE.ME') ||
-            svc.type === 'IdentityProvider' ||
-            svc.type === 'Documentation');
-    })
-        .map((svc) => ({
-        type: svc.type,
-        endpoint: typeof svc.serviceEndpoint === 'string'
-            ? svc.serviceEndpoint
-            : JSON.stringify(svc.serviceEndpoint),
-        description: svc.description,
-    }));
-}
+import{ok,err}from"./_deps/shared/index.js";import{toBase64}from"./crypto-utils.js";export function generateDidDocument(e,t,i){if(!e.startsWith("did:key:")&&!e.startsWith("did:privateme:"))return err("INVALID_DID_FORMAT");const n={"@context":["https://www.w3.org/ns/did/v1","https://w3id.org/security/suites/ed25519-2020/v1"],id:e,publicKey:[{id:`${e}#key-1`,type:"Ed25519VerificationKey2020",controller:e,publicKeyBase64:toBase64(t)}],authentication:[`${e}#key-1`],assertionMethod:[`${e}#key-1`],keyAgreement:[`${e}#key-1`],service:[{id:`${e}#identity-provider`,type:"IdentityProvider",serviceEndpoint:"https://private.me",description:"PRIVATE.ME xBind Agent - M2M identity authentication"},{id:`${e}#documentation`,type:"Documentation",serviceEndpoint:"https://private.me/docs/xbind.html",description:"Learn more about PRIVATE.ME/xBind protocol"}],...i?{name:i}:{}};return ok(n)}export async function resolveDid(e,t){return generateDidDocument(e,t)}export function getServiceEndpoints(e){return e.service?e.service.filter(e=>("string"==typeof e.serviceEndpoint?e.serviceEndpoint:"").includes("private.me")||e.type.includes("PRIVATE.ME")||"IdentityProvider"===e.type||"Documentation"===e.type).map(e=>({type:e.type,endpoint:"string"==typeof e.serviceEndpoint?e.serviceEndpoint:JSON.stringify(e.serviceEndpoint),description:e.description})):[]}

package/dist-standalone/did-privateme.js

@@ -1,121 +1 @@
-import { ok, err } from"./_deps/shared/index.js";
-import { publicKeyToDid, didToPublicKeyBytes } from './identity.js';
-/**
- * Mechanism 4: Convert Ed25519 public key to did:privateme DID.
- *
- * Format: did:privateme:z + base58btc(0xed01 || publicKey)
- *
- * This is a new DID method identifier for PRIVATE.ME ACIs.
- * It uses the same base58btc encoding as did:key for compatibility,
- * but signals that the identity is backed by PRIVATE.ME infrastructure.
- *
- * Backward compatible: agents accept both did:key and did:privateme formats.
- *
- * @param rawPublicKey - 32-byte Ed25519 public key
- * @returns DID in format did:privateme:z...
- */
-export function publicKeyToPrivateMeDid(rawPublicKey) {
-    // Use same encoding as did:key, but with privateme method
-    const didKeyFormat = publicKeyToDid(rawPublicKey);
-    // Replace did:key: with did:privateme:
-    return didKeyFormat.replace(/^did:key:/, 'did:privateme:');
-}
-/**
- * Extract raw 32-byte public key from a did:privateme DID.
- *
- * Format: did:privateme:z + base58btc(0xed01 || publicKey)
- *
- * @param did - DID in format did:privateme:z...
- * @returns 32-byte public key or error
- */
-export function privateMeDidToPublicKeyBytes(did) {
-    if (!did.startsWith('did:privateme:z')) {
-        return err('INVALID_DID_FORMAT');
-    }
-    // Convert to did:key format temporarily for parsing
-    const didKeyFormat = did.replace(/^did:privateme:/, 'did:key:');
-    // Use the existing parser
-    const result = didToPublicKeyBytes(didKeyFormat);
-    if (!result.ok) {
-        return err(result.error);
-    }
-    return ok(result.value);
-}
-/**
- * Determine if a DID is in the new did:privateme format.
- *
- * @param did - The DID to check
- * @returns true if DID is did:privateme format, false otherwise
- */
-export function isPrivateMeDid(did) {
-    return did.startsWith('did:privateme:');
-}
-/**
- * Determine if a DID is in the did:key format.
- *
- * @param did - The DID to check
- * @returns true if DID is did:key format, false otherwise
- */
-export function isDidKeyFormat(did) {
-    return did.startsWith('did:key:');
-}
-/**
- * Convert between DID formats (did:key ↔ did:privateme).
- *
- * Allows backward compatibility between old did:key and new did:privateme formats.
- * The public key remains the same; only the method identifier changes.
- *
- * @param did - Source DID in either format
- * @returns Converted DID in the other format, or error
- */
-export function convertDidFormat(did) {
-    if (isDidKeyFormat(did)) {
-        // Convert did:key to did:privateme
-        return ok(did.replace(/^did:key:/, 'did:privateme:'));
-    }
-    if (isPrivateMeDid(did)) {
-        // Convert did:privateme to did:key
-        return ok(did.replace(/^did:privateme:/, 'did:key:'));
-    }
-    return err('UNSUPPORTED_DID_FORMAT');
-}
-/**
- * Normalize a DID to the canonical format (did:privateme).
- *
- * All DIDs are converted to did:privateme format for consistency.
- * Existing did:key DIDs are automatically upgraded.
- *
- * @param did - Source DID in any supported format
- * @returns Normalized DID in did:privateme format
- */
-export function normalizeDid(did) {
-    if (isPrivateMeDid(did)) {
-        // Already in target format
-        return ok(did);
-    }
-    if (isDidKeyFormat(did)) {
-        // Convert to did:privateme
-        return ok(did.replace(/^did:key:/, 'did:privateme:'));
-    }
-    return err('UNSUPPORTED_DID_FORMAT');
-}
-/**
- * Parse a DID into method, identifier, and fragment.
- *
- * @param did - Full DID string
- * @returns Parsed DID components or error
- */
-export function parseDid(did) {
-    const fragmentMatch = did.indexOf('#');
-    const base = fragmentMatch >= 0 ? did.substring(0, fragmentMatch) : did;
-    const fragment = fragmentMatch >= 0 ? did.substring(fragmentMatch + 1) : undefined;
-    const parts = base.split(':');
-    if (parts.length < 3 || parts[0] !== 'did') {
-        return err('INVALID_DID_FORMAT');
-    }
-    return ok({
-        method: parts[1],
-        identifier: parts.slice(2).join(':'),
-        fragment,
-    });
-}
+import{ok,err}from"./_deps/shared/index.js";import{publicKeyToDid,didToPublicKeyBytes}from"./identity.js";export function publicKeyToPrivateMeDid(e){return publicKeyToDid(e).replace(/^did:key:/,"did:privateme:")}export function privateMeDidToPublicKeyBytes(e){if(!e.startsWith("did:privateme:z"))return err("INVALID_DID_FORMAT");const i=e.replace(/^did:privateme:/,"did:key:"),r=didToPublicKeyBytes(i);return r.ok?ok(r.value):err(r.error)}export function isPrivateMeDid(e){return e.startsWith("did:privateme:")}export function isDidKeyFormat(e){return e.startsWith("did:key:")}export function convertDidFormat(e){return isDidKeyFormat(e)?ok(e.replace(/^did:key:/,"did:privateme:")):isPrivateMeDid(e)?ok(e.replace(/^did:privateme:/,"did:key:")):err("UNSUPPORTED_DID_FORMAT")}export function normalizeDid(e){return isPrivateMeDid(e)?ok(e):isDidKeyFormat(e)?ok(e.replace(/^did:key:/,"did:privateme:")):err("UNSUPPORTED_DID_FORMAT")}export function parseDid(e){const i=e.indexOf("#"),r=i>=0?e.substring(0,i):e,t=i>=0?e.substring(i+1):void 0,d=r.split(":");return d.length<3||"did"!==d[0]?err("INVALID_DID_FORMAT"):ok({method:d[1],identifier:d.slice(2).join(":"),fragment:t})}