npm - @private.me/xbind - Versions diffs - 3.0.2 → 3.0.3 - Mend

@private.me/xbind 3.0.2 → 3.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (221) hide show

package/README.md +2366 -204
package/README.md.backup +2121 -0
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1 -1920
package/dist-standalone/_deps/shared/cjs/errors.js +1 -729
package/dist-standalone/_deps/shared/cjs/index.js +1 -463
package/dist-standalone/_deps/shared/cjs/types.js +1 -315
package/dist-standalone/_deps/shared/errors.js +1 -244
package/dist-standalone/_deps/shared/index.js +1 -72
package/dist-standalone/_deps/shared/types.js +1 -86
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js +1 -1
package/dist-standalone/_deps/ux-helpers/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/search.js +1 -1
package/dist-standalone/_deps/xchange/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -1
package/dist-standalone/_deps/xchange/cjs/index.js +1 -1
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -1
package/dist-standalone/_deps/xchange/errors.js +1 -1
package/dist-standalone/_deps/xchange/index.js +1 -1
package/dist-standalone/_deps/xchange/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/xchange.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -1
package/dist-standalone/_deps/xregistry/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/errors.js +1 -1
package/dist-standalone/_deps/xregistry/index.js +1 -1
package/dist-standalone/_deps/xregistry/registry.js +1 -1
package/dist-standalone/_deps/xregistry/schema.js +1 -1
package/dist-standalone/_deps/xregistry/types.js +1 -1
package/dist-standalone/agent-call.d.ts +2 -2
package/dist-standalone/agent-call.js +1 -659
package/dist-standalone/agent-sdk.js +1 -328
package/dist-standalone/agent.d.ts +2 -0
package/dist-standalone/agent.js +1 -1800
package/dist-standalone/approval.js +1 -193
package/dist-standalone/async-iterators.d.ts +3 -3
package/dist-standalone/async-iterators.js +1 -382
package/dist-standalone/auth.js +1 -219
package/dist-standalone/auto-accept.js +1 -229
package/dist-standalone/backup-config.js +1 -201
package/dist-standalone/backup.js +1 -326
package/dist-standalone/batch-operations.js +1 -388
package/dist-standalone/cancellation.js +1 -477
package/dist-standalone/checkpoint.js +1 -186
package/dist-standalone/circuit-breaker.js +1 -468
package/dist-standalone/cjs/agent-call.js +1 -701
package/dist-standalone/cjs/agent-sdk.js +1 -332
package/dist-standalone/cjs/agent.js +1 -1837
package/dist-standalone/cjs/approval.js +1 -199
package/dist-standalone/cjs/async-iterators.js +1 -392
package/dist-standalone/cjs/auth.js +1 -225
package/dist-standalone/cjs/auto-accept.js +1 -233
package/dist-standalone/cjs/backup-config.js +1 -207
package/dist-standalone/cjs/backup.js +1 -330
package/dist-standalone/cjs/batch-operations.js +1 -397
package/dist-standalone/cjs/cancellation.js +1 -490
package/dist-standalone/cjs/checkpoint.js +1 -193
package/dist-standalone/cjs/circuit-breaker.js +1 -476
package/dist-standalone/cjs/cli/init.js +1 -492
package/dist-standalone/cjs/config-validation.js +1 -522
package/dist-standalone/cjs/connect.js +1 -312
package/dist-standalone/cjs/connection-pool.js +1 -506
package/dist-standalone/cjs/correlation-id.js +1 -339
package/dist-standalone/cjs/crypto-utils.js +1 -176
package/dist-standalone/cjs/debug-mode.js +1 -534
package/dist-standalone/cjs/did-document.js +1 -101
package/dist-standalone/cjs/did-privateme.js +1 -130
package/dist-standalone/cjs/did-web.js +1 -201
package/dist-standalone/cjs/discovery.js +1 -462
package/dist-standalone/cjs/dual-mode.js +1 -251
package/dist-standalone/cjs/email-templates.js +1 -313
package/dist-standalone/cjs/email-transport.js +1 -239
package/dist-standalone/cjs/envelope.js +1 -538
package/dist-standalone/cjs/errors.js +1 -913
package/dist-standalone/cjs/event-emitter.js +1 -461
package/dist-standalone/cjs/gateway-state.js +1 -55
package/dist-standalone/cjs/gateway-transport.js +1 -120
package/dist-standalone/cjs/graceful-degradation.js +1 -403
package/dist-standalone/cjs/guardrails.js +1 -223
package/dist-standalone/cjs/health-check.js +1 -336
package/dist-standalone/cjs/http-compat.js +1 -272
package/dist-standalone/cjs/http-status-map.js +1 -571
package/dist-standalone/cjs/identity.js +1 -645
package/dist-standalone/cjs/index.js +1 -406
package/dist-standalone/cjs/invitation.js +1 -421
package/dist-standalone/cjs/invite.js +1 -328
package/dist-standalone/cjs/key-agreement.js +1 -335
package/dist-standalone/cjs/lazy-init.js +1 -300
package/dist-standalone/cjs/logger.js +1 -291
package/dist-standalone/cjs/loopback-transport.js +1 -0
package/dist-standalone/cjs/mdns-discovery.js +1 -202
package/dist-standalone/cjs/nonce-store.js +1 -80
package/dist-standalone/cjs/pairing-manager.js +1 -223
package/dist-standalone/cjs/plugin-system.js +1 -264
package/dist-standalone/cjs/plugins/logging.js +1 -168
package/dist-standalone/cjs/plugins/metrics.js +1 -181
package/dist-standalone/cjs/plugins/validation.js +1 -302
package/dist-standalone/cjs/policy.js +1 -320
package/dist-standalone/cjs/progress-callbacks.js +1 -583
package/dist-standalone/cjs/redis-nonce-store.js +1 -76
package/dist-standalone/cjs/registry-middleware.js +1 -50
package/dist-standalone/cjs/retry-strategies.js +1 -544
package/dist-standalone/cjs/retry-transport.js +1 -102
package/dist-standalone/cjs/runtime/browser.js +1 -533
package/dist-standalone/cjs/runtime/edge.js +1 -526
package/dist-standalone/cjs/runtime/react-native.js +1 -394
package/dist-standalone/cjs/security-policy.js +1 -245
package/dist-standalone/cjs/serialization.js +1 -1040
package/dist-standalone/cjs/split-channel.js +1 -225
package/dist-standalone/cjs/subscription-proof.js +1 -230
package/dist-standalone/cjs/succession.js +1 -148
package/dist-standalone/cjs/timeouts.js +1 -412
package/dist-standalone/cjs/trace-context.js +1 -424
package/dist-standalone/cjs/trace-spans.js +1 -495
package/dist-standalone/cjs/transport.js +1 -63
package/dist-standalone/cjs/trust-registry.js +1 -991
package/dist-standalone/cjs/types/error-response.js +1 -56
package/dist-standalone/cjs/vault-auth.js +1 -178
package/dist-standalone/cjs/vault-store-loader.js +1 -194
package/dist-standalone/cjs/verify.js +1 -25
package/dist-standalone/cjs/version-info.js +1 -543
package/dist-standalone/cjs/xfetch.js +1 -340
package/dist-standalone/cli/init.js +1 -455
package/dist-standalone/cli/setup.js +1 -514
package/dist-standalone/cli/types.js +1 -27
package/dist-standalone/cli/xbind.js +1 -148
package/dist-standalone/config-validation.js +1 -513
package/dist-standalone/connect.js +1 -274
package/dist-standalone/connection-pool.js +1 -500
package/dist-standalone/correlation-id.js +1 -326
package/dist-standalone/crypto-utils.d.ts +2 -7
package/dist-standalone/crypto-utils.js +1 -157
package/dist-standalone/debug-mode.js +1 -510
package/dist-standalone/did-document.js +1 -96
package/dist-standalone/did-privateme.js +1 -121
package/dist-standalone/did-web.js +1 -196
package/dist-standalone/discovery.js +1 -458
package/dist-standalone/dual-mode.js +1 -247
package/dist-standalone/email-templates.js +1 -309
package/dist-standalone/email-transport.d.ts +2 -2
package/dist-standalone/email-transport.js +1 -232
package/dist-standalone/envelope.js +1 -525
package/dist-standalone/errors.d.ts +13 -3
package/dist-standalone/errors.js +1 -896
package/dist-standalone/event-emitter.js +1 -456
package/dist-standalone/gateway-state.d.ts +1 -1
package/dist-standalone/gateway-state.js +1 -51
package/dist-standalone/gateway-transport.js +1 -116
package/dist-standalone/graceful-degradation.js +1 -396
package/dist-standalone/guardrails.js +1 -216
package/dist-standalone/health-check.d.ts +5 -1
package/dist-standalone/health-check.js +1 -332
package/dist-standalone/http-compat.d.ts +1 -1
package/dist-standalone/http-compat.js +1 -267
package/dist-standalone/http-status-map.js +1 -561
package/dist-standalone/identity.js +1 -619
package/dist-standalone/index.d.ts +15 -4
package/dist-standalone/index.js +1 -78
package/dist-standalone/invitation.js +1 -415
package/dist-standalone/invite.js +1 -324
package/dist-standalone/key-agreement.js +1 -325
package/dist-standalone/lazy-init.d.ts +11 -6
package/dist-standalone/lazy-init.js +1 -295
package/dist-standalone/logger.js +1 -285
package/dist-standalone/loopback-transport.d.ts +87 -0
package/dist-standalone/loopback-transport.js +1 -0
package/dist-standalone/mdns-discovery.js +1 -195
package/dist-standalone/nonce-store.js +1 -76
package/dist-standalone/pairing-manager.js +1 -219
package/dist-standalone/plugin-system.js +1 -257
package/dist-standalone/plugins/logging.js +1 -163
package/dist-standalone/plugins/metrics.d.ts +4 -4
package/dist-standalone/plugins/metrics.js +1 -176
package/dist-standalone/plugins/validation.js +1 -297
package/dist-standalone/policy.js +1 -315
package/dist-standalone/progress-callbacks.js +1 -576
package/dist-standalone/redis-nonce-store.js +1 -72
package/dist-standalone/registry-middleware.js +1 -47
package/dist-standalone/retry-strategies.js +1 -534
package/dist-standalone/retry-transport.js +1 -98
package/dist-standalone/runtime/browser.js +1 -516
package/dist-standalone/runtime/edge.js +1 -511
package/dist-standalone/runtime/react-native.d.ts +1 -1
package/dist-standalone/runtime/react-native.js +1 -383
package/dist-standalone/security-policy.js +1 -239
package/dist-standalone/serialization.js +1 -1031
package/dist-standalone/split-channel.js +1 -219
package/dist-standalone/subscription-proof.js +1 -224
package/dist-standalone/succession.js +1 -142
package/dist-standalone/timeouts.js +1 -398
package/dist-standalone/trace-context.js +1 -414
package/dist-standalone/trace-spans.js +1 -488
package/dist-standalone/transport.js +1 -59
package/dist-standalone/trust-registry.d.ts +3 -3
package/dist-standalone/trust-registry.js +1 -950
package/dist-standalone/types/error-response.js +1 -52
package/dist-standalone/vault-auth.js +1 -174
package/dist-standalone/vault-store-loader.d.ts +9 -0
package/dist-standalone/vault-store-loader.js +1 -187
package/dist-standalone/verify.js +1 -16
package/dist-standalone/version-info.js +1 -530
package/dist-standalone/xfetch.js +1 -335
package/package.json +1 -1
package/share1.dat +0 -0

package/dist-standalone/http-status-map.js CHANGED Viewed

@@ -1,561 +1 @@
-/**
- * @module http-status-map
- * Maps xBind error codes to HTTP status codes for REST API responses.
- *
- * This mapping provides:
- * - Consistent HTTP status codes for all 52 xBind error codes
- * - Retryability information for client retry logic
- * - Error categorization (client vs server errors)
- * - Human-readable status text
- *
- * Based on RFC 9110 HTTP Semantics and REST API best practices.
- *
- * @example
- * ```typescript
- * import { getHttpStatus, isRetryable } from '@private.me/xbind/http-status-map';
- *
- * const status = getHttpStatus('VERIFY_FAILED'); // 401
- * const canRetry = isRetryable('NETWORK_ERROR');  // true
- * ```
- */
-/**
- * Complete mapping of xBind error codes to HTTP status codes.
- * All 52 error codes are mapped for 100% coverage.
- */
-export const HTTP_STATUS_MAP = {
-    // ============================================================================
-    // IDENTITY (8 error codes)
-    // ============================================================================
-    KEYGEN_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Identity',
-        rationale: 'Server crypto initialization failure - client should retry',
-    },
-    SIGN_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: false,
-        errorType: 'Server',
-        category: 'Identity',
-        rationale: 'Server key corruption - requires admin intervention',
-    },
-    VERIFY_FAILED: {
-        statusCode: 401,
-        statusText: 'Unauthorized',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Identity',
-        rationale: 'Invalid signature - authentication failure',
-    },
-    INVALID_DID: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Identity',
-        rationale: 'Malformed DID format - client validation error',
-    },
-    INVALID_KEY_LENGTH: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Identity',
-        rationale: 'Invalid key material size - client validation error',
-    },
-    EXPORT_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Identity',
-        rationale: 'Crypto API failure - transient server issue',
-    },
-    IMPORT_FAILED: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Identity',
-        rationale: 'Invalid PKCS8 format - client validation error',
-    },
-    // ============================================================================
-    // ENVELOPE (7 error codes)
-    // ============================================================================
-    INVALID_VERSION: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Envelope',
-        rationale: 'Unsupported protocol version - client must upgrade',
-    },
-    INVALID_ALG: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Envelope',
-        rationale: 'Unsupported algorithm - client must use AES-256-GCM',
-    },
-    INVALID_NONCE: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Envelope',
-        rationale: 'Missing or invalid nonce - client validation error',
-    },
-    INVALID_FIELDS: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Envelope',
-        rationale: 'Missing required envelope fields - client validation error',
-    },
-    ENCRYPT_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Envelope',
-        rationale: 'Server encryption failure - transient issue',
-    },
-    DECRYPT_FAILED: {
-        statusCode: 401,
-        statusText: 'Unauthorized',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Envelope',
-        rationale: 'Decryption failed - wrong key or corrupted data',
-    },
-    PARSE_FAILED: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Envelope',
-        rationale: 'Malformed JSON envelope - client validation error',
-    },
-    // ============================================================================
-    // TRANSPORT (4 error codes)
-    // ============================================================================
-    SEND_FAILED: {
-        statusCode: 503,
-        statusText: 'Service Unavailable',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Transport',
-        rationale: 'Network send failure - retry with backoff',
-    },
-    NETWORK_ERROR: {
-        statusCode: 503,
-        statusText: 'Service Unavailable',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Transport',
-        rationale: 'Network connectivity issue - retry with backoff',
-    },
-    RECIPIENT_UNREACHABLE: {
-        statusCode: 503,
-        statusText: 'Service Unavailable',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Transport',
-        rationale: 'Recipient offline or unreachable - retry later',
-    },
-    TIMEOUT: {
-        statusCode: 504,
-        statusText: 'Gateway Timeout',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Transport',
-        rationale: 'Request timed out - increase timeout and retry',
-    },
-    // ============================================================================
-    // REGISTRY (3 error codes)
-    // ============================================================================
-    NOT_FOUND: {
-        statusCode: 404,
-        statusText: 'Not Found',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Registry',
-        rationale: 'Agent not in registry - recipient must register first',
-    },
-    ALREADY_REGISTERED: {
-        statusCode: 409,
-        statusText: 'Conflict',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Registry',
-        rationale: 'DID already exists - use updateAgent instead',
-    },
-    REVOKED: {
-        statusCode: 403,
-        statusText: 'Forbidden',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Registry',
-        rationale: 'Agent revoked - contact admin for re-registration',
-    },
-    // ============================================================================
-    // KEY AGREEMENT (8 error codes)
-    // ============================================================================
-    DERIVE_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Key Agreement',
-        rationale: 'ECDH derivation failure - transient crypto issue',
-    },
-    KEM_ENCAPSULATE_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Key Agreement',
-        rationale: 'ML-KEM encapsulation failure - transient crypto issue',
-    },
-    KEM_DECAPSULATE_FAILED: {
-        statusCode: 401,
-        statusText: 'Unauthorized',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Key Agreement',
-        rationale: 'ML-KEM decapsulation failed - wrong ciphertext',
-    },
-    HKDF_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Key Agreement',
-        rationale: 'HKDF derivation failure - transient crypto issue',
-    },
-    MLKEM_NOT_AVAILABLE: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Key Agreement',
-        rationale: 'Post-quantum not enabled - client must configure',
-    },
-    PQ_SIGN_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Key Agreement',
-        rationale: 'ML-DSA signing failure - transient crypto issue',
-    },
-    PQ_VERIFY_FAILED: {
-        statusCode: 401,
-        statusText: 'Unauthorized',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Key Agreement',
-        rationale: 'ML-DSA verification failed - invalid signature',
-    },
-    // ============================================================================
-    // SPLIT CHANNEL (6 error codes)
-    // ============================================================================
-    SPLIT_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Split Channel',
-        rationale: 'XorIDA split failure - transient issue',
-    },
-    INSUFFICIENT_SHARES: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Split Channel',
-        rationale: 'Not enough shares - client must collect more',
-    },
-    INCONSISTENT_SHARES: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Split Channel',
-        rationale: 'Mismatched shares - client validation error',
-    },
-    HMAC_VERIFICATION_FAILED: {
-        statusCode: 401,
-        statusText: 'Unauthorized',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Split Channel',
-        rationale: 'Share tampered with - security violation',
-    },
-    UNPAD_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: false,
-        errorType: 'Server',
-        category: 'Split Channel',
-        rationale: 'Padding removal error - data corruption',
-    },
-    INVALID_SHARE_DATA: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Split Channel',
-        rationale: 'Malformed share format - client validation error',
-    },
-    // ============================================================================
-    // XCHANGE (4 error codes)
-    // ============================================================================
-    XCHANGE_KEYGEN_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Xchange',
-        rationale: 'Key generation failure - transient crypto issue',
-    },
-    XCHANGE_ENCRYPT_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Xchange',
-        rationale: 'Bundle encryption failure - transient crypto issue',
-    },
-    XCHANGE_DECRYPT_FAILED: {
-        statusCode: 401,
-        statusText: 'Unauthorized',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Xchange',
-        rationale: 'Bundle decryption failed - wrong key',
-    },
-    INVALID_BUNDLE: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Xchange',
-        rationale: 'Malformed bundle format - client validation error',
-    },
-    // ============================================================================
-    // AGENT (12 error codes)
-    // ============================================================================
-    IDENTITY_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Agent',
-        rationale: 'Agent identity creation failed - transient issue',
-    },
-    REGISTRATION_FAILED: {
-        statusCode: 503,
-        statusText: 'Service Unavailable',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Agent',
-        rationale: 'Registry unavailable - retry with backoff',
-    },
-    RECIPIENT_NOT_FOUND: {
-        statusCode: 404,
-        statusText: 'Not Found',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Agent',
-        rationale: 'Recipient not in registry - recipient must register',
-    },
-    RECIPIENT_REVOKED: {
-        statusCode: 403,
-        statusText: 'Forbidden',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Agent',
-        rationale: 'Recipient revoked - contact admin',
-    },
-    KEY_AGREEMENT_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Agent',
-        rationale: 'Key agreement failure - transient crypto issue',
-    },
-    ENVELOPE_FAILED: {
-        statusCode: 500,
-        statusText: 'Internal Server Error',
-        retryable: true,
-        errorType: 'Server',
-        category: 'Agent',
-        rationale: 'Envelope creation failed - transient issue',
-    },
-    VERIFICATION_FAILED: {
-        statusCode: 401,
-        statusText: 'Unauthorized',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Agent',
-        rationale: 'Envelope verification failed - authentication error',
-    },
-    REPLAY_DETECTED: {
-        statusCode: 403,
-        statusText: 'Forbidden',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Agent',
-        rationale: 'Replay attack detected - security violation',
-    },
-    SCOPE_DENIED: {
-        statusCode: 403,
-        statusText: 'Forbidden',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Agent',
-        rationale: 'Sender lacks scope permission - authorization failure',
-    },
-    RECEIVER_SCOPE_DENIED: {
-        statusCode: 403,
-        statusText: 'Forbidden',
-        retryable: false,
-        errorType: 'Client',
-        category: 'Agent',
-        rationale: 'Recipient rejects scope - authorization failure',
-    },
-    TIMESTAMP_EXPIRED: {
-        statusCode: 400,
-        statusText: 'Bad Request',
-        retryable: true,
-        errorType: 'Client',
-        category: 'Agent',
-        rationale: 'Timestamp outside window - clock sync issue (retryable)',
-    },
-};
-/**
- * Get HTTP status code for a given xBind error code.
- * Handles colon-separated sub-codes (e.g., 'DECRYPT_FAILED:KEY_AGREEMENT').
- *
- * @param errorCode - xBind error code (e.g., 'VERIFY_FAILED')
- * @returns HTTP status code (e.g., 401) or 500 if unknown
- *
- * @example
- * ```typescript
- * getHttpStatus('VERIFY_FAILED')           // 401
- * getHttpStatus('DECRYPT_FAILED:NETWORK')  // 401 (ignores sub-code)
- * getHttpStatus('UNKNOWN_ERROR')           // 500 (fallback)
- * ```
- */
-export function getHttpStatus(errorCode) {
-    const baseCode = errorCode.split(':')[0] ?? errorCode;
-    const mapping = HTTP_STATUS_MAP[baseCode];
-    return mapping?.statusCode ?? 500; // Default to 500 for unknown errors
-}
-/**
- * Get HTTP status text for a given xBind error code.
- *
- * @param errorCode - xBind error code (e.g., 'VERIFY_FAILED')
- * @returns HTTP status text (e.g., 'Unauthorized') or 'Internal Server Error' if unknown
- *
- * @example
- * ```typescript
- * getStatusText('VERIFY_FAILED')  // 'Unauthorized'
- * getStatusText('NOT_FOUND')      // 'Not Found'
- * ```
- */
-export function getStatusText(errorCode) {
-    const baseCode = errorCode.split(':')[0] ?? errorCode;
-    const mapping = HTTP_STATUS_MAP[baseCode];
-    return mapping?.statusText ?? 'Internal Server Error';
-}
-/**
- * Check if an error is retryable by the client.
- *
- * @param errorCode - xBind error code (e.g., 'NETWORK_ERROR')
- * @returns True if the client should retry the operation
- *
- * @example
- * ```typescript
- * isRetryable('NETWORK_ERROR')    // true  (503 - retry with backoff)
- * isRetryable('VERIFY_FAILED')    // false (401 - authentication failure)
- * isRetryable('KEYGEN_FAILED')    // true  (500 - transient server issue)
- * ```
- */
-export function isRetryable(errorCode) {
-    const baseCode = errorCode.split(':')[0] ?? errorCode;
-    const mapping = HTTP_STATUS_MAP[baseCode];
-    return mapping?.retryable ?? false; // Default to non-retryable for unknown errors
-}
-/**
- * Get complete mapping information for an error code.
- *
- * @param errorCode - xBind error code (e.g., 'VERIFY_FAILED')
- * @returns Complete mapping information or null if not found
- *
- * @example
- * ```typescript
- * const mapping = getMapping('VERIFY_FAILED');
- * if (mapping) {
- *   console.log(`${mapping.statusCode} ${mapping.statusText}`);
- *   console.log(`Retryable: ${mapping.retryable}`);
- *   console.log(`Rationale: ${mapping.rationale}`);
- * }
- * ```
- */
-export function getMapping(errorCode) {
-    const baseCode = errorCode.split(':')[0] ?? errorCode;
-    return HTTP_STATUS_MAP[baseCode] ?? null;
-}
-/**
- * Get all error codes in a specific category.
- *
- * @param category - Error category (e.g., 'Identity', 'Transport')
- * @returns Array of error codes in that category
- *
- * @example
- * ```typescript
- * const identityErrors = getErrorCodesByCategory('Identity');
- * // ['KEYGEN_FAILED', 'SIGN_FAILED', 'VERIFY_FAILED', ...]
- * ```
- */
-export function getErrorCodesByCategory(category) {
-    return Object.entries(HTTP_STATUS_MAP)
-        .filter(([_, mapping]) => mapping.category === category)
-        .map(([code]) => code);
-}
-/**
- * Get all retryable error codes.
- *
- * @returns Array of error codes that are retryable
- *
- * @example
- * ```typescript
- * const retryableErrors = getRetryableErrorCodes();
- * // ['KEYGEN_FAILED', 'EXPORT_FAILED', 'ENCRYPT_FAILED', ...]
- * ```
- */
-export function getRetryableErrorCodes() {
-    return Object.entries(HTTP_STATUS_MAP)
-        .filter(([_, mapping]) => mapping.retryable)
-        .map(([code]) => code);
-}
-/**
- * Validate that all error codes from the CSV are mapped.
- * This function is used for testing purposes to ensure 100% coverage.
- *
- * @param csvErrorCodes - Array of error codes from the CSV file
- * @returns Array of missing error codes (empty if all mapped)
- *
- * @internal
- */
-export function validateCoverage(csvErrorCodes) {
-    return csvErrorCodes.filter((code) => !HTTP_STATUS_MAP[code]);
-}
+export const HTTP_STATUS_MAP={KEYGEN_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Identity",rationale:"Server crypto initialization failure - client should retry"},SIGN_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!1,errorType:"Server",category:"Identity",rationale:"Server key corruption - requires admin intervention"},VERIFY_FAILED:{statusCode:401,statusText:"Unauthorized",retryable:!1,errorType:"Client",category:"Identity",rationale:"Invalid signature - authentication failure"},INVALID_DID:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Identity",rationale:"Malformed DID format - client validation error"},INVALID_KEY_LENGTH:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Identity",rationale:"Invalid key material size - client validation error"},EXPORT_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Identity",rationale:"Crypto API failure - transient server issue"},IMPORT_FAILED:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Identity",rationale:"Invalid PKCS8 format - client validation error"},INVALID_VERSION:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Envelope",rationale:"Unsupported protocol version - client must upgrade"},INVALID_ALG:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Envelope",rationale:"Unsupported algorithm - client must use AES-256-GCM"},INVALID_NONCE:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Envelope",rationale:"Missing or invalid nonce - client validation error"},INVALID_FIELDS:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Envelope",rationale:"Missing required envelope fields - client validation error"},ENCRYPT_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Envelope",rationale:"Server encryption failure - transient issue"},DECRYPT_FAILED:{statusCode:401,statusText:"Unauthorized",retryable:!1,errorType:"Client",category:"Envelope",rationale:"Decryption failed - wrong key or corrupted data"},PARSE_FAILED:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Envelope",rationale:"Malformed JSON envelope - client validation error"},SEND_FAILED:{statusCode:503,statusText:"Service Unavailable",retryable:!0,errorType:"Server",category:"Transport",rationale:"Network send failure - retry with backoff"},NETWORK_ERROR:{statusCode:503,statusText:"Service Unavailable",retryable:!0,errorType:"Server",category:"Transport",rationale:"Network connectivity issue - retry with backoff"},RECIPIENT_UNREACHABLE:{statusCode:503,statusText:"Service Unavailable",retryable:!0,errorType:"Server",category:"Transport",rationale:"Recipient offline or unreachable - retry later"},TIMEOUT:{statusCode:504,statusText:"Gateway Timeout",retryable:!0,errorType:"Server",category:"Transport",rationale:"Request timed out - increase timeout and retry"},NOT_FOUND:{statusCode:404,statusText:"Not Found",retryable:!1,errorType:"Client",category:"Registry",rationale:"Agent not in registry - recipient must register first"},ALREADY_REGISTERED:{statusCode:409,statusText:"Conflict",retryable:!1,errorType:"Client",category:"Registry",rationale:"DID already exists - use updateAgent instead"},REVOKED:{statusCode:403,statusText:"Forbidden",retryable:!1,errorType:"Client",category:"Registry",rationale:"Agent revoked - contact admin for re-registration"},DERIVE_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Key Agreement",rationale:"ECDH derivation failure - transient crypto issue"},KEM_ENCAPSULATE_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Key Agreement",rationale:"ML-KEM encapsulation failure - transient crypto issue"},KEM_DECAPSULATE_FAILED:{statusCode:401,statusText:"Unauthorized",retryable:!1,errorType:"Client",category:"Key Agreement",rationale:"ML-KEM decapsulation failed - wrong ciphertext"},HKDF_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Key Agreement",rationale:"HKDF derivation failure - transient crypto issue"},MLKEM_NOT_AVAILABLE:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Key Agreement",rationale:"Post-quantum not enabled - client must configure"},PQ_SIGN_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Key Agreement",rationale:"ML-DSA signing failure - transient crypto issue"},PQ_VERIFY_FAILED:{statusCode:401,statusText:"Unauthorized",retryable:!1,errorType:"Client",category:"Key Agreement",rationale:"ML-DSA verification failed - invalid signature"},SPLIT_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Split Channel",rationale:"XorIDA split failure - transient issue"},INSUFFICIENT_SHARES:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Split Channel",rationale:"Not enough shares - client must collect more"},INCONSISTENT_SHARES:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Split Channel",rationale:"Mismatched shares - client validation error"},HMAC_VERIFICATION_FAILED:{statusCode:401,statusText:"Unauthorized",retryable:!1,errorType:"Client",category:"Split Channel",rationale:"Share tampered with - security violation"},UNPAD_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!1,errorType:"Server",category:"Split Channel",rationale:"Padding removal error - data corruption"},INVALID_SHARE_DATA:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Split Channel",rationale:"Malformed share format - client validation error"},XCHANGE_KEYGEN_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Xchange",rationale:"Key generation failure - transient crypto issue"},XCHANGE_ENCRYPT_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Xchange",rationale:"Bundle encryption failure - transient crypto issue"},XCHANGE_DECRYPT_FAILED:{statusCode:401,statusText:"Unauthorized",retryable:!1,errorType:"Client",category:"Xchange",rationale:"Bundle decryption failed - wrong key"},INVALID_BUNDLE:{statusCode:400,statusText:"Bad Request",retryable:!1,errorType:"Client",category:"Xchange",rationale:"Malformed bundle format - client validation error"},IDENTITY_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Agent",rationale:"Agent identity creation failed - transient issue"},REGISTRATION_FAILED:{statusCode:503,statusText:"Service Unavailable",retryable:!0,errorType:"Server",category:"Agent",rationale:"Registry unavailable - retry with backoff"},RECIPIENT_NOT_FOUND:{statusCode:404,statusText:"Not Found",retryable:!1,errorType:"Client",category:"Agent",rationale:"Recipient not in registry - recipient must register"},RECIPIENT_REVOKED:{statusCode:403,statusText:"Forbidden",retryable:!1,errorType:"Client",category:"Agent",rationale:"Recipient revoked - contact admin"},KEY_AGREEMENT_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Agent",rationale:"Key agreement failure - transient crypto issue"},ENVELOPE_FAILED:{statusCode:500,statusText:"Internal Server Error",retryable:!0,errorType:"Server",category:"Agent",rationale:"Envelope creation failed - transient issue"},VERIFICATION_FAILED:{statusCode:401,statusText:"Unauthorized",retryable:!1,errorType:"Client",category:"Agent",rationale:"Envelope verification failed - authentication error"},REPLAY_DETECTED:{statusCode:403,statusText:"Forbidden",retryable:!1,errorType:"Client",category:"Agent",rationale:"Replay attack detected - security violation"},SCOPE_DENIED:{statusCode:403,statusText:"Forbidden",retryable:!1,errorType:"Client",category:"Agent",rationale:"Sender lacks scope permission - authorization failure"},RECEIVER_SCOPE_DENIED:{statusCode:403,statusText:"Forbidden",retryable:!1,errorType:"Client",category:"Agent",rationale:"Recipient rejects scope - authorization failure"},TIMESTAMP_EXPIRED:{statusCode:400,statusText:"Bad Request",retryable:!0,errorType:"Client",category:"Agent",rationale:"Timestamp outside window - clock sync issue (retryable)"}};export function getHttpStatus(e){const t=e.split(":")[0]??e,r=HTTP_STATUS_MAP[t];return r?.statusCode??500}export function getStatusText(e){const t=e.split(":")[0]??e,r=HTTP_STATUS_MAP[t];return r?.statusText??"Internal Server Error"}export function isRetryable(e){const t=e.split(":")[0]??e,r=HTTP_STATUS_MAP[t];return r?.retryable??!1}export function getMapping(e){const t=e.split(":")[0]??e;return HTTP_STATUS_MAP[t]??null}export function getErrorCodesByCategory(e){return Object.entries(HTTP_STATUS_MAP).filter(([t,r])=>r.category===e).map(([e])=>e)}export function getRetryableErrorCodes(){return Object.entries(HTTP_STATUS_MAP).filter(([e,t])=>t.retryable).map(([e])=>e)}export function validateCoverage(e){return e.filter(e=>!HTTP_STATUS_MAP[e])}