npm - @private.me/xbind - Versions diffs - 3.0.2 → 3.0.4 - Mend

@private.me/xbind 3.0.2 → 3.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (222) hide show

package/README.md +2366 -204
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1 -1920
package/dist-standalone/_deps/shared/cjs/errors.js +1 -729
package/dist-standalone/_deps/shared/cjs/index.js +1 -463
package/dist-standalone/_deps/shared/cjs/types.js +1 -315
package/dist-standalone/_deps/shared/errors.js +1 -244
package/dist-standalone/_deps/shared/index.js +1 -72
package/dist-standalone/_deps/shared/types.js +1 -86
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js +1 -1
package/dist-standalone/_deps/ux-helpers/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/search.js +1 -1
package/dist-standalone/_deps/xchange/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -1
package/dist-standalone/_deps/xchange/cjs/index.js +1 -1
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -1
package/dist-standalone/_deps/xchange/errors.js +1 -1
package/dist-standalone/_deps/xchange/index.js +1 -1
package/dist-standalone/_deps/xchange/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/xchange.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -1
package/dist-standalone/_deps/xregistry/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/errors.js +1 -1
package/dist-standalone/_deps/xregistry/index.js +1 -1
package/dist-standalone/_deps/xregistry/registry.js +1 -1
package/dist-standalone/_deps/xregistry/schema.js +1 -1
package/dist-standalone/_deps/xregistry/types.js +1 -1
package/dist-standalone/agent-call.d.ts +2 -2
package/dist-standalone/agent-call.js +1 -659
package/dist-standalone/agent-sdk.js +1 -328
package/dist-standalone/agent.d.ts +2 -0
package/dist-standalone/agent.js +1 -1800
package/dist-standalone/approval.js +1 -193
package/dist-standalone/async-iterators.d.ts +3 -3
package/dist-standalone/async-iterators.js +1 -382
package/dist-standalone/auth.js +1 -219
package/dist-standalone/auto-accept.js +1 -229
package/dist-standalone/backup-config.js +1 -201
package/dist-standalone/backup.js +1 -326
package/dist-standalone/batch-operations.js +1 -388
package/dist-standalone/cancellation.js +1 -477
package/dist-standalone/checkpoint.js +1 -186
package/dist-standalone/circuit-breaker.js +1 -468
package/dist-standalone/cjs/agent-call.js +1 -701
package/dist-standalone/cjs/agent-sdk.js +1 -332
package/dist-standalone/cjs/agent.js +1 -1837
package/dist-standalone/cjs/approval.js +1 -199
package/dist-standalone/cjs/async-iterators.js +1 -392
package/dist-standalone/cjs/auth.js +1 -225
package/dist-standalone/cjs/auto-accept.js +1 -233
package/dist-standalone/cjs/backup-config.js +1 -207
package/dist-standalone/cjs/backup.js +1 -330
package/dist-standalone/cjs/batch-operations.js +1 -397
package/dist-standalone/cjs/cancellation.js +1 -490
package/dist-standalone/cjs/checkpoint.js +1 -193
package/dist-standalone/cjs/circuit-breaker.js +1 -476
package/dist-standalone/cjs/cli/init.js +1 -492
package/dist-standalone/cjs/config-validation.js +1 -522
package/dist-standalone/cjs/connect.js +1 -312
package/dist-standalone/cjs/connection-pool.js +1 -506
package/dist-standalone/cjs/correlation-id.js +1 -339
package/dist-standalone/cjs/crypto-utils.js +1 -176
package/dist-standalone/cjs/debug-mode.js +1 -534
package/dist-standalone/cjs/did-document.js +1 -101
package/dist-standalone/cjs/did-privateme.js +1 -130
package/dist-standalone/cjs/did-web.js +1 -201
package/dist-standalone/cjs/discovery.js +1 -462
package/dist-standalone/cjs/dual-mode.js +1 -251
package/dist-standalone/cjs/email-templates.js +1 -313
package/dist-standalone/cjs/email-transport.js +1 -239
package/dist-standalone/cjs/envelope.js +1 -538
package/dist-standalone/cjs/errors.js +1 -913
package/dist-standalone/cjs/event-emitter.js +1 -461
package/dist-standalone/cjs/gateway-state.js +1 -55
package/dist-standalone/cjs/gateway-transport.js +1 -120
package/dist-standalone/cjs/graceful-degradation.js +1 -403
package/dist-standalone/cjs/guardrails.js +1 -223
package/dist-standalone/cjs/health-check.js +1 -336
package/dist-standalone/cjs/http-compat.js +1 -272
package/dist-standalone/cjs/http-status-map.js +1 -571
package/dist-standalone/cjs/identity.js +1 -645
package/dist-standalone/cjs/index.js +1 -406
package/dist-standalone/cjs/invitation.js +1 -421
package/dist-standalone/cjs/invite.js +1 -328
package/dist-standalone/cjs/key-agreement.js +1 -335
package/dist-standalone/cjs/lazy-init.js +1 -300
package/dist-standalone/cjs/logger.js +1 -291
package/dist-standalone/cjs/loopback-transport.js +1 -0
package/dist-standalone/cjs/mdns-discovery.js +1 -202
package/dist-standalone/cjs/nonce-store.js +1 -80
package/dist-standalone/cjs/pairing-manager.js +1 -223
package/dist-standalone/cjs/plugin-system.js +1 -264
package/dist-standalone/cjs/plugins/logging.js +1 -168
package/dist-standalone/cjs/plugins/metrics.js +1 -181
package/dist-standalone/cjs/plugins/validation.js +1 -302
package/dist-standalone/cjs/policy.js +1 -320
package/dist-standalone/cjs/progress-callbacks.js +1 -583
package/dist-standalone/cjs/redis-nonce-store.js +1 -76
package/dist-standalone/cjs/registry-middleware.js +1 -50
package/dist-standalone/cjs/retry-strategies.js +1 -544
package/dist-standalone/cjs/retry-transport.js +1 -102
package/dist-standalone/cjs/runtime/browser.js +1 -533
package/dist-standalone/cjs/runtime/edge.js +1 -526
package/dist-standalone/cjs/runtime/react-native.js +1 -394
package/dist-standalone/cjs/security-policy.js +1 -245
package/dist-standalone/cjs/serialization.js +1 -1040
package/dist-standalone/cjs/split-channel.js +1 -225
package/dist-standalone/cjs/subscription-proof.js +1 -230
package/dist-standalone/cjs/succession.js +1 -148
package/dist-standalone/cjs/timeouts.js +1 -412
package/dist-standalone/cjs/trace-context.js +1 -424
package/dist-standalone/cjs/trace-spans.js +1 -495
package/dist-standalone/cjs/transport.js +1 -63
package/dist-standalone/cjs/trust-registry.js +1 -991
package/dist-standalone/cjs/types/error-response.js +1 -56
package/dist-standalone/cjs/vault-auth.js +1 -178
package/dist-standalone/cjs/vault-store-loader.js +1 -194
package/dist-standalone/cjs/verify.js +1 -25
package/dist-standalone/cjs/version-info.js +1 -543
package/dist-standalone/cjs/xfetch.js +1 -340
package/dist-standalone/cli/init.js +1 -455
package/dist-standalone/cli/setup.js +1 -514
package/dist-standalone/cli/types.js +1 -27
package/dist-standalone/cli/xbind.js +1 -148
package/dist-standalone/config-validation.js +1 -513
package/dist-standalone/connect.js +1 -274
package/dist-standalone/connection-pool.js +1 -500
package/dist-standalone/correlation-id.js +1 -326
package/dist-standalone/crypto-utils.d.ts +2 -7
package/dist-standalone/crypto-utils.js +1 -157
package/dist-standalone/debug-mode.js +1 -510
package/dist-standalone/did-document.js +1 -96
package/dist-standalone/did-privateme.js +1 -121
package/dist-standalone/did-web.js +1 -196
package/dist-standalone/discovery.js +1 -458
package/dist-standalone/dual-mode.js +1 -247
package/dist-standalone/email-templates.js +1 -309
package/dist-standalone/email-transport.d.ts +2 -2
package/dist-standalone/email-transport.js +1 -232
package/dist-standalone/envelope.js +1 -525
package/dist-standalone/errors.d.ts +13 -3
package/dist-standalone/errors.js +1 -896
package/dist-standalone/event-emitter.js +1 -456
package/dist-standalone/gateway-state.d.ts +1 -1
package/dist-standalone/gateway-state.js +1 -51
package/dist-standalone/gateway-transport.js +1 -116
package/dist-standalone/graceful-degradation.js +1 -396
package/dist-standalone/guardrails.js +1 -216
package/dist-standalone/health-check.d.ts +5 -1
package/dist-standalone/health-check.js +1 -332
package/dist-standalone/http-compat.d.ts +1 -1
package/dist-standalone/http-compat.js +1 -267
package/dist-standalone/http-status-map.js +1 -561
package/dist-standalone/identity.js +1 -619
package/dist-standalone/index.d.ts +15 -4
package/dist-standalone/index.js +1 -78
package/dist-standalone/invitation.js +1 -415
package/dist-standalone/invite.js +1 -324
package/dist-standalone/key-agreement.js +1 -325
package/dist-standalone/lazy-init.d.ts +11 -6
package/dist-standalone/lazy-init.js +1 -295
package/dist-standalone/logger.js +1 -285
package/dist-standalone/loopback-transport.d.ts +87 -0
package/dist-standalone/loopback-transport.js +1 -0
package/dist-standalone/mdns-discovery.js +1 -195
package/dist-standalone/nonce-store.js +1 -76
package/dist-standalone/pairing-manager.js +1 -219
package/dist-standalone/plugin-system.js +1 -257
package/dist-standalone/plugins/logging.js +1 -163
package/dist-standalone/plugins/metrics.d.ts +4 -4
package/dist-standalone/plugins/metrics.js +1 -176
package/dist-standalone/plugins/validation.js +1 -297
package/dist-standalone/policy.js +1 -315
package/dist-standalone/progress-callbacks.js +1 -576
package/dist-standalone/redis-nonce-store.js +1 -72
package/dist-standalone/registry-middleware.js +1 -47
package/dist-standalone/retry-strategies.js +1 -534
package/dist-standalone/retry-transport.js +1 -98
package/dist-standalone/runtime/browser.js +1 -516
package/dist-standalone/runtime/edge.js +1 -511
package/dist-standalone/runtime/react-native.d.ts +1 -1
package/dist-standalone/runtime/react-native.js +1 -383
package/dist-standalone/security-policy.js +1 -239
package/dist-standalone/serialization.js +1 -1031
package/dist-standalone/split-channel.d.ts +1 -1
package/dist-standalone/split-channel.js +1 -219
package/dist-standalone/subscription-proof.js +1 -224
package/dist-standalone/succession.js +1 -142
package/dist-standalone/timeouts.js +1 -398
package/dist-standalone/trace-context.js +1 -414
package/dist-standalone/trace-spans.js +1 -488
package/dist-standalone/transport.d.ts +1 -1
package/dist-standalone/transport.js +1 -59
package/dist-standalone/trust-registry.d.ts +3 -3
package/dist-standalone/trust-registry.js +1 -950
package/dist-standalone/types/error-response.js +1 -52
package/dist-standalone/vault-auth.js +1 -174
package/dist-standalone/vault-store-loader.d.ts +9 -0
package/dist-standalone/vault-store-loader.js +1 -187
package/dist-standalone/verify.js +1 -16
package/dist-standalone/version-info.js +1 -530
package/dist-standalone/xfetch.js +1 -335
package/package.json +1 -1
package/share1.dat +0 -0

package/dist-standalone/cjs/runtime/edge.js CHANGED Viewed

@@ -1,526 +1 @@
-"use strict";
-/**
- * Edge Runtime Support for xBind
- *
- * Enables xBind to run on edge compute platforms:
- * - Cloudflare Workers
- * - Vercel Edge Functions
- * - Deno Deploy
- *
- * Key Features:
- * - Edge-compatible crypto operations (Web Crypto API only)
- * - KV storage integration for nonce stores and trust registry
- * - Size-optimized build (<1MB constraint)
- * - No Node.js dependencies (no fs, crypto, process)
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.EdgeTransportAdapter = exports.KVTrustRegistry = exports.KVNonceStore = exports.DenoKVAdapter = exports.VercelKVAdapter = exports.CloudflareKVAdapter = void 0;
-exports.detectRuntime = detectRuntime;
-exports.isEdgeRuntime = isEdgeRuntime;
-exports.validateEdgeRuntime = validateEdgeRuntime;
-exports.createEdgeAgent = createEdgeAgent;
-exports.checkBundleSize = checkBundleSize;
-exports.getOptimizationTips = getOptimizationTips;
-const shared_1 = require("../../_deps/shared/index.js");
-/**
- * Detect the current edge runtime environment.
- *
- * Detection order:
- * 1. Cloudflare Workers: globalThis.caches + EdgeRuntime
- * 2. Vercel Edge: process.env.VERCEL + EdgeRuntime
- * 3. Deno Deploy: globalThis.Deno
- * 4. Node.js: process.versions.node
- * 5. Unknown: fallback
- */
-function detectRuntime() {
-    // SAFETY: Edge runtime detection requires checking for vendor-specific globals
-    const global = globalThis;
-    // Cloudflare Workers: Has global caches API and no process
-    if (typeof global.caches !== 'undefined' &&
-        typeof global.EdgeRuntime === 'string') {
-        return 'cloudflare';
-    }
-    // Vercel Edge: Has EdgeRuntime and process.env.VERCEL
-    if (typeof global.EdgeRuntime === 'string' &&
-        typeof process !== 'undefined' &&
-        process.env?.VERCEL === '1') {
-        return 'vercel';
-    }
-    // Deno Deploy: Has global Deno object
-    if (typeof global.Deno !== 'undefined') {
-        return 'deno';
-    }
-    // Node.js: Has process.versions.node
-    if (typeof process !== 'undefined' &&
-        typeof process.versions?.node === 'string') {
-        return 'node';
-    }
-    return 'unknown';
-}
-/**
- * Check if the current runtime is an edge environment.
- */
-function isEdgeRuntime() {
-    const runtime = detectRuntime();
-    return runtime === 'cloudflare' || runtime === 'vercel' || runtime === 'deno';
-}
-/**
- * Validate that the runtime supports required Web Crypto APIs.
- *
- * Edge runtimes MUST provide:
- * - crypto.subtle (Ed25519, X25519, AES-GCM, HMAC)
- * - crypto.getRandomValues()
- * - TextEncoder/TextDecoder
- */
-function validateEdgeRuntime() {
-    // Check Web Crypto API
-    if (typeof globalThis.crypto === 'undefined') {
-        return (0, shared_1.err)('Missing globalThis.crypto');
-    }
-    if (typeof globalThis.crypto.subtle === 'undefined') {
-        return (0, shared_1.err)('Missing crypto.subtle');
-    }
-    if (typeof globalThis.crypto.getRandomValues !== 'function') {
-        return (0, shared_1.err)('Missing crypto.getRandomValues');
-    }
-    // Check required subtle crypto methods
-    const requiredMethods = [
-        'generateKey',
-        'sign',
-        'verify',
-        'encrypt',
-        'decrypt',
-        'deriveBits',
-        'importKey',
-        'exportKey',
-    ];
-    for (const method of requiredMethods) {
-        if (typeof globalThis.crypto.subtle[method] !== 'function') {
-            return (0, shared_1.err)(`Missing crypto.subtle.${method}`);
-        }
-    }
-    // Check TextEncoder/TextDecoder
-    if (typeof globalThis.TextEncoder === 'undefined') {
-        return (0, shared_1.err)('Missing TextEncoder');
-    }
-    if (typeof globalThis.TextDecoder === 'undefined') {
-        return (0, shared_1.err)('Missing TextDecoder');
-    }
-    // Check fetch API
-    if (typeof globalThis.fetch !== 'function') {
-        return (0, shared_1.err)('Missing fetch API');
-    }
-    return (0, shared_1.ok)(undefined);
-}
-/**
- * Adapter for Cloudflare Workers KV.
- */
-class CloudflareKVAdapter {
-    namespace;
-    constructor(namespace) {
-        this.namespace = namespace;
-    }
-    async get(key) {
-        return await this.namespace.get(key);
-    }
-    async put(key, value, ttlSeconds) {
-        const options = ttlSeconds ? { expirationTtl: ttlSeconds } : undefined;
-        await this.namespace.put(key, value, options);
-    }
-    async delete(key) {
-        await this.namespace.delete(key);
-    }
-    async list(prefix, limit) {
-        const result = await this.namespace.list({ prefix, limit });
-        return result.keys.map((k) => k.name);
-    }
-}
-exports.CloudflareKVAdapter = CloudflareKVAdapter;
-/**
- * Adapter for Vercel KV (Redis).
- */
-class VercelKVAdapter {
-    client;
-    constructor(client) {
-        this.client = client;
-    }
-    async get(key) {
-        return await this.client.get(key);
-    }
-    async put(key, value, ttlSeconds) {
-        const options = ttlSeconds ? { ex: ttlSeconds } : undefined;
-        await this.client.set(key, value, options);
-    }
-    async delete(key) {
-        await this.client.del(key);
-    }
-    async list(prefix, limit) {
-        const pattern = prefix ? `${prefix}*` : '*';
-        const allKeys = await this.client.keys(pattern);
-        return limit ? allKeys.slice(0, limit) : allKeys;
-    }
-}
-exports.VercelKVAdapter = VercelKVAdapter;
-/**
- * Adapter for Deno KV.
- */
-class DenoKVAdapter {
-    kv;
-    constructor(kv) {
-        this.kv = kv;
-    }
-    async get(key) {
-        const result = await this.kv.get([key]);
-        return result.value;
-    }
-    async put(key, value, ttlSeconds) {
-        const options = ttlSeconds ? { expireIn: ttlSeconds * 1000 } : undefined;
-        await this.kv.set([key], value, options);
-    }
-    async delete(key) {
-        await this.kv.delete([key]);
-    }
-    async list(prefix, limit) {
-        const selector = { prefix: prefix ? [prefix] : [] };
-        const keys = [];
-        for await (const entry of this.kv.list(selector)) {
-            keys.push(entry.key.join('/'));
-            if (limit && keys.length >= limit)
-                break;
-        }
-        return keys;
-    }
-}
-exports.DenoKVAdapter = DenoKVAdapter;
-/* ── KV-Backed Nonce Store ── */
-/**
- * Nonce store implementation using KV storage.
- *
- * Suitable for edge runtimes where in-memory storage
- * is ephemeral across invocations.
- */
-class KVNonceStore {
-    kv;
-    ttlSeconds;
-    constructor(kv, ttlMs = 10 * 60 * 1000) {
-        this.kv = kv;
-        this.ttlSeconds = Math.floor(ttlMs / 1000);
-    }
-    /**
-     * Build composite key: xbind:nonce:{senderDid}:{nonce}:{shareGroupId}:{shareIndex}
-     */
-    buildKey(nonce, senderDid, shareContext) {
-        const base = `xbind:nonce:${senderDid}:${nonce}`;
-        if (!shareContext)
-            return base;
-        const groupId = shareContext.shareGroupId ?? '';
-        const index = shareContext.shareIndex !== undefined ? String(shareContext.shareIndex) : '';
-        return `${base}:${groupId}:${index}`;
-    }
-    async check(nonce, senderDid, shareContext) {
-        const key = this.buildKey(nonce, senderDid, shareContext);
-        const existing = await this.kv.get(key);
-        if (existing !== null) {
-            // Nonce already seen
-            return false;
-        }
-        // Record nonce with TTL
-        await this.kv.put(key, Date.now().toString(), this.ttlSeconds);
-        return true;
-    }
-    cleanup() {
-        // KV stores auto-expire via TTL, no manual cleanup needed
-    }
-    dispose() {
-        // No resources to clean up
-    }
-}
-exports.KVNonceStore = KVNonceStore;
-/* ── KV-Backed Trust Registry ── */
-/**
- * Trust registry implementation using KV storage.
- *
- * Stores DID registrations in edge KV for distributed lookups.
- * Simplified version suitable for edge runtimes - stores minimal metadata.
- */
-class KVTrustRegistry {
-    kv;
-    constructor(kv) {
-        this.kv = kv;
-    }
-    /**
-     * Build key: xbind:trust:{did}
-     */
-    buildKey(did) {
-        return `xbind:trust:${did}`;
-    }
-    async register(did, publicKey, name, scopes, x25519PublicKey, mlKemPublicKey, mlDsaPublicKey, xchange, receiveScopes, sdkVersion, minEnvelopeVersion, maxEnvelopeVersion, ttlMs) {
-        const key = this.buildKey(did);
-        // Convert Uint8Arrays to base64 for JSON storage
-        const toBase64 = (arr) => btoa(String.fromCharCode(...Array.from(arr)));
-        const entry = {
-            did,
-            publicKey: toBase64(publicKey),
-            name,
-            scopes: scopes ?? [],
-            x25519PublicKey: x25519PublicKey ? toBase64(x25519PublicKey) : undefined,
-            mlKemPublicKey: mlKemPublicKey ? toBase64(mlKemPublicKey) : undefined,
-            mlDsaPublicKey: mlDsaPublicKey ? toBase64(mlDsaPublicKey) : undefined,
-            xchange: xchange ?? false,
-            receiveScopes: receiveScopes ?? [],
-            sdkVersion,
-            minEnvelopeVersion,
-            maxEnvelopeVersion,
-            registeredAt: Date.now(),
-            rotation_sequence: 0,
-        };
-        try {
-            const ttlSeconds = ttlMs ? Math.floor(ttlMs / 1000) : undefined;
-            await this.kv.put(key, JSON.stringify(entry), ttlSeconds);
-            return (0, shared_1.ok)(undefined);
-        }
-        catch (e) {
-            return (0, shared_1.err)('NETWORK_ERROR');
-        }
-    }
-    async resolve(did) {
-        const key = this.buildKey(did);
-        try {
-            const value = await this.kv.get(key);
-            if (value === null) {
-                return (0, shared_1.err)('NOT_FOUND');
-            }
-            const entry = JSON.parse(value);
-            // Convert base64 back to Uint8Array
-            const fromBase64 = (b64) => Uint8Array.from(atob(b64), (c) => c.charCodeAt(0));
-            return (0, shared_1.ok)(fromBase64(entry.publicKey));
-        }
-        catch (e) {
-            return (0, shared_1.err)('NETWORK_ERROR');
-        }
-    }
-    async hasScope(did, scope) {
-        const key = this.buildKey(did);
-        try {
-            const value = await this.kv.get(key);
-            if (value === null)
-                return false;
-            const entry = JSON.parse(value);
-            return entry.scopes?.includes(scope) ?? false;
-        }
-        catch {
-            return false;
-        }
-    }
-    async hasReceiveScope(did, scope) {
-        const key = this.buildKey(did);
-        try {
-            const value = await this.kv.get(key);
-            if (value === null)
-                return false;
-            const entry = JSON.parse(value);
-            return entry.receiveScopes?.includes(scope) ?? false;
-        }
-        catch {
-            return false;
-        }
-    }
-    async revoke(did) {
-        const key = this.buildKey(did);
-        try {
-            await this.kv.delete(key);
-            return (0, shared_1.ok)(undefined);
-        }
-        catch (e) {
-            return (0, shared_1.err)('NETWORK_ERROR');
-        }
-    }
-    async list() {
-        try {
-            const keys = await this.kv.list('xbind:trust:', 1000);
-            return keys.map((k) => k.replace('xbind:trust:', ''));
-        }
-        catch {
-            return [];
-        }
-    }
-    async getEntry(did) {
-        const key = this.buildKey(did);
-        try {
-            const value = await this.kv.get(key);
-            if (value === null) {
-                return (0, shared_1.err)('NOT_FOUND');
-            }
-            const stored = JSON.parse(value);
-            // Convert base64 back to Uint8Array
-            const fromBase64 = (b64) => Uint8Array.from(atob(b64), (c) => c.charCodeAt(0));
-            const entry = {
-                did: stored.did,
-                publicKey: fromBase64(stored.publicKey),
-                name: stored.name,
-                scopes: new Set(stored.scopes),
-                receiveScopes: stored.receiveScopes ? new Set(stored.receiveScopes) : undefined,
-                revoked: false,
-                x25519PublicKey: stored.x25519PublicKey ? fromBase64(stored.x25519PublicKey) : undefined,
-                mlKemPublicKey: stored.mlKemPublicKey ? fromBase64(stored.mlKemPublicKey) : undefined,
-                mlDsaPublicKey: stored.mlDsaPublicKey ? fromBase64(stored.mlDsaPublicKey) : undefined,
-                xchange: stored.xchange,
-                rotation_sequence: stored.rotation_sequence,
-                sdkVersion: stored.sdkVersion,
-                minEnvelopeVersion: stored.minEnvelopeVersion,
-                maxEnvelopeVersion: stored.maxEnvelopeVersion,
-            };
-            return (0, shared_1.ok)(entry);
-        }
-        catch (e) {
-            return (0, shared_1.err)('NETWORK_ERROR');
-        }
-    }
-    /** Additional methods for edge compatibility */
-    async getFullEntry(did) {
-        const key = this.buildKey(did);
-        try {
-            const value = await this.kv.get(key);
-            if (value === null) {
-                return (0, shared_1.err)('NOT_FOUND');
-            }
-            const entry = JSON.parse(value);
-            return (0, shared_1.ok)(entry);
-        }
-        catch (e) {
-            return (0, shared_1.err)('NETWORK_ERROR');
-        }
-    }
-    dispose() {
-        // No resources to clean up
-    }
-}
-exports.KVTrustRegistry = KVTrustRegistry;
-/* ── Edge-Compatible Transport ── */
-/**
- * Edge-compatible HTTPS transport adapter.
- *
- * Uses standard fetch API (available in all edge runtimes).
- * Optimized for edge constraints:
- * - No Node.js http/https modules
- * - No setTimeout (uses AbortSignal.timeout)
- * - Minimal allocations
- */
-class EdgeTransportAdapter {
-    baseUrl;
-    timeoutMs;
-    handlers = [];
-    constructor(opts) {
-        this.baseUrl = opts.baseUrl.replace(/\/$/, '');
-        this.timeoutMs = opts.timeoutMs ?? 10_000;
-    }
-    async send(envelope, recipientDid) {
-        const url = `${this.baseUrl}/deliver/${encodeURIComponent(recipientDid)}`;
-        try {
-            // Use AbortSignal.timeout (supported in modern edge runtimes)
-            const controller = new AbortController();
-            const timeoutId = setTimeout(() => controller.abort(), this.timeoutMs);
-            const response = await globalThis.fetch(url, {
-                method: 'POST',
-                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify(envelope),
-                signal: controller.signal,
-            });
-            clearTimeout(timeoutId);
-            if (!response.ok) {
-                return (0, shared_1.err)(response.status === 404 ? 'RECIPIENT_UNREACHABLE' : 'SEND_FAILED');
-            }
-            return (0, shared_1.ok)(undefined);
-        }
-        catch (e) {
-            if (e instanceof DOMException && e.name === 'AbortError') {
-                return (0, shared_1.err)('TIMEOUT');
-            }
-            return (0, shared_1.err)('NETWORK_ERROR');
-        }
-    }
-    onReceive(handler) {
-        this.handlers.push(handler);
-    }
-    /**
-     * Dispatch received envelope to all handlers.
-     * Called by edge function handler when processing incoming requests.
-     */
-    dispatch(envelope) {
-        for (const handler of this.handlers) {
-            handler(envelope);
-        }
-    }
-    dispose() {
-        this.handlers = [];
-    }
-}
-exports.EdgeTransportAdapter = EdgeTransportAdapter;
-/**
- * Create edge-compatible xBind components.
- *
- * Returns nonce store, trust registry, and transport adapter
- * configured for the edge runtime.
- *
- * @example
- * ```typescript
- * // Cloudflare Workers
- * const kv = new CloudflareKVAdapter(env.XBIND_KV);
- * const { nonceStore, trustRegistry, transport } = createEdgeAgent({
- *   kv,
- *   baseUrl: 'https://private.me/relay',
- * });
- *
- * const agent = new Agent({
- *   identity: 'persistent',
- *   nonceStore,
- *   trustRegistry,
- *   transport,
- * });
- * ```
- */
-function createEdgeAgent(opts) {
-    const nonceStore = new KVNonceStore(opts.kv, opts.nonceTtlMs);
-    const trustRegistry = new KVTrustRegistry(opts.kv);
-    const transport = new EdgeTransportAdapter({
-        baseUrl: opts.baseUrl,
-        timeoutMs: opts.timeoutMs,
-    });
-    return {
-        nonceStore,
-        trustRegistry,
-        transport,
-    };
-}
-/* ── Size Optimization Helpers ── */
-/**
- * Check if the bundled size is within edge runtime limits.
- *
- * Cloudflare Workers: 1MB compressed limit
- * Vercel Edge: 1MB limit
- * Deno Deploy: 1MB limit
- */
-function checkBundleSize(bundleSizeBytes) {
-    const MAX_SIZE_BYTES = 1024 * 1024; // 1MB
-    if (bundleSizeBytes > MAX_SIZE_BYTES) {
-        const sizeMB = (bundleSizeBytes / 1024 / 1024).toFixed(2);
-        const limitMB = (MAX_SIZE_BYTES / 1024 / 1024).toFixed(2);
-        return (0, shared_1.err)(`Bundle size ${sizeMB}MB exceeds edge runtime limit of ${limitMB}MB. ` +
-            `Consider using tree-shaking or dynamic imports.`);
-    }
-    return (0, shared_1.ok)(undefined);
-}
-/**
- * Get edge-optimized build recommendations.
- */
-function getOptimizationTips() {
-    return [
-        '1. Use tree-shaking: Import only required functions',
-        '2. Enable minification in bundler config',
-        '3. Use dynamic imports for large dependencies (mlkem, mldsa)',
-        '4. Exclude Node.js polyfills (crypto, fs, process)',
-        '5. Use Brotli compression for Cloudflare Workers',
-        '6. Consider splitting post-quantum crypto into separate bundle',
-        '7. Use KV storage instead of in-memory caches',
-    ];
-}
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.EdgeTransportAdapter=exports.KVTrustRegistry=exports.KVNonceStore=exports.DenoKVAdapter=exports.VercelKVAdapter=exports.CloudflareKVAdapter=void 0,exports.detectRuntime=detectRuntime,exports.isEdgeRuntime=isEdgeRuntime,exports.validateEdgeRuntime=validateEdgeRuntime,exports.createEdgeAgent=createEdgeAgent,exports.checkBundleSize=checkBundleSize,exports.getOptimizationTips=getOptimizationTips;const shared_1=require("../../_deps/shared/index.js");function detectRuntime(){const e=globalThis;return void 0!==e.caches&&"string"==typeof e.EdgeRuntime?"cloudflare":"string"==typeof e.EdgeRuntime&&"undefined"!=typeof process&&"1"===process.env?.VERCEL?"vercel":void 0!==e.Deno?"deno":"undefined"!=typeof process&&"string"==typeof process.versions?.node?"node":"unknown"}function isEdgeRuntime(){const e=detectRuntime();return"cloudflare"===e||"vercel"===e||"deno"===e}function validateEdgeRuntime(){if(void 0===globalThis.crypto)return(0,shared_1.err)("Missing globalThis.crypto");if(void 0===globalThis.crypto.subtle)return(0,shared_1.err)("Missing crypto.subtle");if("function"!=typeof globalThis.crypto.getRandomValues)return(0,shared_1.err)("Missing crypto.getRandomValues");const e=["generateKey","sign","verify","encrypt","decrypt","deriveBits","importKey","exportKey"];for(const t of e)if("function"!=typeof globalThis.crypto.subtle[t])return(0,shared_1.err)(`Missing crypto.subtle.${t}`);return void 0===globalThis.TextEncoder?(0,shared_1.err)("Missing TextEncoder"):void 0===globalThis.TextDecoder?(0,shared_1.err)("Missing TextDecoder"):"function"!=typeof globalThis.fetch?(0,shared_1.err)("Missing fetch API"):(0,shared_1.ok)(void 0)}class CloudflareKVAdapter{namespace;constructor(e){this.namespace=e}async get(e){return await this.namespace.get(e)}async put(e,t,r){const s=r?{expirationTtl:r}:void 0;await this.namespace.put(e,t,s)}async delete(e){await this.namespace.delete(e)}async list(e,t){return(await this.namespace.list({prefix:e,limit:t})).keys.map(e=>e.name)}}exports.CloudflareKVAdapter=CloudflareKVAdapter;class VercelKVAdapter{client;constructor(e){this.client=e}async get(e){return await this.client.get(e)}async put(e,t,r){const s=r?{ex:r}:void 0;await this.client.set(e,t,s)}async delete(e){await this.client.del(e)}async list(e,t){const r=e?`${e}*`:"*",s=await this.client.keys(r);return t?s.slice(0,t):s}}exports.VercelKVAdapter=VercelKVAdapter;class DenoKVAdapter{kv;constructor(e){this.kv=e}async get(e){return(await this.kv.get([e])).value}async put(e,t,r){const s=r?{expireIn:1e3*r}:void 0;await this.kv.set([e],t,s)}async delete(e){await this.kv.delete([e])}async list(e,t){const r={prefix:e?[e]:[]},s=[];for await(const e of this.kv.list(r))if(s.push(e.key.join("/")),t&&s.length>=t)break;return s}}exports.DenoKVAdapter=DenoKVAdapter;class KVNonceStore{kv;ttlSeconds;constructor(e,t=6e5){this.kv=e,this.ttlSeconds=Math.floor(t/1e3)}buildKey(e,t,r){const s=`xbind:nonce:${t}:${e}`;if(!r)return s;return`${s}:${r.shareGroupId??""}:${void 0!==r.shareIndex?String(r.shareIndex):""}`}async check(e,t,r){const s=this.buildKey(e,t,r);return null===await this.kv.get(s)&&(await this.kv.put(s,Date.now().toString(),this.ttlSeconds),!0)}cleanup(){}dispose(){}}exports.KVNonceStore=KVNonceStore;class KVTrustRegistry{kv;constructor(e){this.kv=e}buildKey(e){return`xbind:trust:${e}`}async register(e,t,r,s,i,n,o,a,c,d,l,u,p){const h=this.buildKey(e),y=e=>btoa(String.fromCharCode(...Array.from(e))),g={did:e,publicKey:y(t),name:r,scopes:s??[],x25519PublicKey:i?y(i):void 0,mlKemPublicKey:n?y(n):void 0,mlDsaPublicKey:o?y(o):void 0,xchange:a??!1,receiveScopes:c??[],sdkVersion:d,minEnvelopeVersion:l,maxEnvelopeVersion:u,registeredAt:Date.now(),rotation_sequence:0};try{const e=p?Math.floor(p/1e3):void 0;return await this.kv.put(h,JSON.stringify(g),e),(0,shared_1.ok)(void 0)}catch{return(0,shared_1.err)("NETWORK_ERROR")}}async resolve(e){const t=this.buildKey(e);try{const e=await this.kv.get(t);if(null===e)return(0,shared_1.err)("NOT_FOUND");const r=JSON.parse(e),s=e=>Uint8Array.from(atob(e),e=>e.charCodeAt(0));return(0,shared_1.ok)(s(r.publicKey))}catch{return(0,shared_1.err)("NETWORK_ERROR")}}async hasScope(e,t){const r=this.buildKey(e);try{const e=await this.kv.get(r);if(null===e)return!1;const s=JSON.parse(e);return s.scopes?.includes(t)??!1}catch{return!1}}async hasReceiveScope(e,t){const r=this.buildKey(e);try{const e=await this.kv.get(r);if(null===e)return!1;const s=JSON.parse(e);return s.receiveScopes?.includes(t)??!1}catch{return!1}}async revoke(e){const t=this.buildKey(e);try{return await this.kv.delete(t),(0,shared_1.ok)(void 0)}catch{return(0,shared_1.err)("NETWORK_ERROR")}}async list(){try{return(await this.kv.list("xbind:trust:",1e3)).map(e=>e.replace("xbind:trust:",""))}catch{return[]}}async getEntry(e){const t=this.buildKey(e);try{const e=await this.kv.get(t);if(null===e)return(0,shared_1.err)("NOT_FOUND");const r=JSON.parse(e),s=e=>Uint8Array.from(atob(e),e=>e.charCodeAt(0)),i={did:r.did,publicKey:s(r.publicKey),name:r.name,scopes:new Set(r.scopes),receiveScopes:r.receiveScopes?new Set(r.receiveScopes):void 0,revoked:!1,x25519PublicKey:r.x25519PublicKey?s(r.x25519PublicKey):void 0,mlKemPublicKey:r.mlKemPublicKey?s(r.mlKemPublicKey):void 0,mlDsaPublicKey:r.mlDsaPublicKey?s(r.mlDsaPublicKey):void 0,xchange:r.xchange,rotation_sequence:r.rotation_sequence,sdkVersion:r.sdkVersion,minEnvelopeVersion:r.minEnvelopeVersion,maxEnvelopeVersion:r.maxEnvelopeVersion};return(0,shared_1.ok)(i)}catch{return(0,shared_1.err)("NETWORK_ERROR")}}async getFullEntry(e){const t=this.buildKey(e);try{const e=await this.kv.get(t);if(null===e)return(0,shared_1.err)("NOT_FOUND");const r=JSON.parse(e);return(0,shared_1.ok)(r)}catch{return(0,shared_1.err)("NETWORK_ERROR")}}dispose(){}}exports.KVTrustRegistry=KVTrustRegistry;class EdgeTransportAdapter{baseUrl;timeoutMs;handlers=[];constructor(e){this.baseUrl=e.baseUrl.replace(/\/$/,""),this.timeoutMs=e.timeoutMs??1e4}async send(e,t){const r=`${this.baseUrl}/deliver/${encodeURIComponent(t)}`;try{const t=new AbortController,s=setTimeout(()=>t.abort(),this.timeoutMs),i=await globalThis.fetch(r,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(e),signal:t.signal});return clearTimeout(s),i.ok?(0,shared_1.ok)(void 0):(0,shared_1.err)(404===i.status?"RECIPIENT_UNREACHABLE":"SEND_FAILED")}catch(e){return e instanceof DOMException&&"AbortError"===e.name?(0,shared_1.err)("TIMEOUT"):(0,shared_1.err)("NETWORK_ERROR")}}onReceive(e){this.handlers.push(e)}dispatch(e){for(const t of this.handlers)t(e)}dispose(){this.handlers=[]}}function createEdgeAgent(e){return{nonceStore:new KVNonceStore(e.kv,e.nonceTtlMs),trustRegistry:new KVTrustRegistry(e.kv),transport:new EdgeTransportAdapter({baseUrl:e.baseUrl,timeoutMs:e.timeoutMs})}}function checkBundleSize(e){const t=1048576;if(e>t){const t=(e/1024/1024).toFixed(2),r=1..toFixed(2);return(0,shared_1.err)(`Bundle size ${t}MB exceeds edge runtime limit of ${r}MB. Consider using tree-shaking or dynamic imports.`)}return(0,shared_1.ok)(void 0)}function getOptimizationTips(){return["1. Use tree-shaking: Import only required functions","2. Enable minification in bundler config","3. Use dynamic imports for large dependencies (mlkem, mldsa)","4. Exclude Node.js polyfills (crypto, fs, process)","5. Use Brotli compression for Cloudflare Workers","6. Consider splitting post-quantum crypto into separate bundle","7. Use KV storage instead of in-memory caches"]}exports.EdgeTransportAdapter=EdgeTransportAdapter;