npm - @private.me/xbind - Versions diffs - 3.0.2 → 3.0.4 - Mend

@private.me/xbind 3.0.2 → 3.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (222) hide show

package/README.md +2366 -204
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1 -1920
package/dist-standalone/_deps/shared/cjs/errors.js +1 -729
package/dist-standalone/_deps/shared/cjs/index.js +1 -463
package/dist-standalone/_deps/shared/cjs/types.js +1 -315
package/dist-standalone/_deps/shared/errors.js +1 -244
package/dist-standalone/_deps/shared/index.js +1 -72
package/dist-standalone/_deps/shared/types.js +1 -86
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js +1 -1
package/dist-standalone/_deps/ux-helpers/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/search.js +1 -1
package/dist-standalone/_deps/xchange/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -1
package/dist-standalone/_deps/xchange/cjs/index.js +1 -1
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -1
package/dist-standalone/_deps/xchange/errors.js +1 -1
package/dist-standalone/_deps/xchange/index.js +1 -1
package/dist-standalone/_deps/xchange/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/xchange.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -1
package/dist-standalone/_deps/xregistry/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/errors.js +1 -1
package/dist-standalone/_deps/xregistry/index.js +1 -1
package/dist-standalone/_deps/xregistry/registry.js +1 -1
package/dist-standalone/_deps/xregistry/schema.js +1 -1
package/dist-standalone/_deps/xregistry/types.js +1 -1
package/dist-standalone/agent-call.d.ts +2 -2
package/dist-standalone/agent-call.js +1 -659
package/dist-standalone/agent-sdk.js +1 -328
package/dist-standalone/agent.d.ts +2 -0
package/dist-standalone/agent.js +1 -1800
package/dist-standalone/approval.js +1 -193
package/dist-standalone/async-iterators.d.ts +3 -3
package/dist-standalone/async-iterators.js +1 -382
package/dist-standalone/auth.js +1 -219
package/dist-standalone/auto-accept.js +1 -229
package/dist-standalone/backup-config.js +1 -201
package/dist-standalone/backup.js +1 -326
package/dist-standalone/batch-operations.js +1 -388
package/dist-standalone/cancellation.js +1 -477
package/dist-standalone/checkpoint.js +1 -186
package/dist-standalone/circuit-breaker.js +1 -468
package/dist-standalone/cjs/agent-call.js +1 -701
package/dist-standalone/cjs/agent-sdk.js +1 -332
package/dist-standalone/cjs/agent.js +1 -1837
package/dist-standalone/cjs/approval.js +1 -199
package/dist-standalone/cjs/async-iterators.js +1 -392
package/dist-standalone/cjs/auth.js +1 -225
package/dist-standalone/cjs/auto-accept.js +1 -233
package/dist-standalone/cjs/backup-config.js +1 -207
package/dist-standalone/cjs/backup.js +1 -330
package/dist-standalone/cjs/batch-operations.js +1 -397
package/dist-standalone/cjs/cancellation.js +1 -490
package/dist-standalone/cjs/checkpoint.js +1 -193
package/dist-standalone/cjs/circuit-breaker.js +1 -476
package/dist-standalone/cjs/cli/init.js +1 -492
package/dist-standalone/cjs/config-validation.js +1 -522
package/dist-standalone/cjs/connect.js +1 -312
package/dist-standalone/cjs/connection-pool.js +1 -506
package/dist-standalone/cjs/correlation-id.js +1 -339
package/dist-standalone/cjs/crypto-utils.js +1 -176
package/dist-standalone/cjs/debug-mode.js +1 -534
package/dist-standalone/cjs/did-document.js +1 -101
package/dist-standalone/cjs/did-privateme.js +1 -130
package/dist-standalone/cjs/did-web.js +1 -201
package/dist-standalone/cjs/discovery.js +1 -462
package/dist-standalone/cjs/dual-mode.js +1 -251
package/dist-standalone/cjs/email-templates.js +1 -313
package/dist-standalone/cjs/email-transport.js +1 -239
package/dist-standalone/cjs/envelope.js +1 -538
package/dist-standalone/cjs/errors.js +1 -913
package/dist-standalone/cjs/event-emitter.js +1 -461
package/dist-standalone/cjs/gateway-state.js +1 -55
package/dist-standalone/cjs/gateway-transport.js +1 -120
package/dist-standalone/cjs/graceful-degradation.js +1 -403
package/dist-standalone/cjs/guardrails.js +1 -223
package/dist-standalone/cjs/health-check.js +1 -336
package/dist-standalone/cjs/http-compat.js +1 -272
package/dist-standalone/cjs/http-status-map.js +1 -571
package/dist-standalone/cjs/identity.js +1 -645
package/dist-standalone/cjs/index.js +1 -406
package/dist-standalone/cjs/invitation.js +1 -421
package/dist-standalone/cjs/invite.js +1 -328
package/dist-standalone/cjs/key-agreement.js +1 -335
package/dist-standalone/cjs/lazy-init.js +1 -300
package/dist-standalone/cjs/logger.js +1 -291
package/dist-standalone/cjs/loopback-transport.js +1 -0
package/dist-standalone/cjs/mdns-discovery.js +1 -202
package/dist-standalone/cjs/nonce-store.js +1 -80
package/dist-standalone/cjs/pairing-manager.js +1 -223
package/dist-standalone/cjs/plugin-system.js +1 -264
package/dist-standalone/cjs/plugins/logging.js +1 -168
package/dist-standalone/cjs/plugins/metrics.js +1 -181
package/dist-standalone/cjs/plugins/validation.js +1 -302
package/dist-standalone/cjs/policy.js +1 -320
package/dist-standalone/cjs/progress-callbacks.js +1 -583
package/dist-standalone/cjs/redis-nonce-store.js +1 -76
package/dist-standalone/cjs/registry-middleware.js +1 -50
package/dist-standalone/cjs/retry-strategies.js +1 -544
package/dist-standalone/cjs/retry-transport.js +1 -102
package/dist-standalone/cjs/runtime/browser.js +1 -533
package/dist-standalone/cjs/runtime/edge.js +1 -526
package/dist-standalone/cjs/runtime/react-native.js +1 -394
package/dist-standalone/cjs/security-policy.js +1 -245
package/dist-standalone/cjs/serialization.js +1 -1040
package/dist-standalone/cjs/split-channel.js +1 -225
package/dist-standalone/cjs/subscription-proof.js +1 -230
package/dist-standalone/cjs/succession.js +1 -148
package/dist-standalone/cjs/timeouts.js +1 -412
package/dist-standalone/cjs/trace-context.js +1 -424
package/dist-standalone/cjs/trace-spans.js +1 -495
package/dist-standalone/cjs/transport.js +1 -63
package/dist-standalone/cjs/trust-registry.js +1 -991
package/dist-standalone/cjs/types/error-response.js +1 -56
package/dist-standalone/cjs/vault-auth.js +1 -178
package/dist-standalone/cjs/vault-store-loader.js +1 -194
package/dist-standalone/cjs/verify.js +1 -25
package/dist-standalone/cjs/version-info.js +1 -543
package/dist-standalone/cjs/xfetch.js +1 -340
package/dist-standalone/cli/init.js +1 -455
package/dist-standalone/cli/setup.js +1 -514
package/dist-standalone/cli/types.js +1 -27
package/dist-standalone/cli/xbind.js +1 -148
package/dist-standalone/config-validation.js +1 -513
package/dist-standalone/connect.js +1 -274
package/dist-standalone/connection-pool.js +1 -500
package/dist-standalone/correlation-id.js +1 -326
package/dist-standalone/crypto-utils.d.ts +2 -7
package/dist-standalone/crypto-utils.js +1 -157
package/dist-standalone/debug-mode.js +1 -510
package/dist-standalone/did-document.js +1 -96
package/dist-standalone/did-privateme.js +1 -121
package/dist-standalone/did-web.js +1 -196
package/dist-standalone/discovery.js +1 -458
package/dist-standalone/dual-mode.js +1 -247
package/dist-standalone/email-templates.js +1 -309
package/dist-standalone/email-transport.d.ts +2 -2
package/dist-standalone/email-transport.js +1 -232
package/dist-standalone/envelope.js +1 -525
package/dist-standalone/errors.d.ts +13 -3
package/dist-standalone/errors.js +1 -896
package/dist-standalone/event-emitter.js +1 -456
package/dist-standalone/gateway-state.d.ts +1 -1
package/dist-standalone/gateway-state.js +1 -51
package/dist-standalone/gateway-transport.js +1 -116
package/dist-standalone/graceful-degradation.js +1 -396
package/dist-standalone/guardrails.js +1 -216
package/dist-standalone/health-check.d.ts +5 -1
package/dist-standalone/health-check.js +1 -332
package/dist-standalone/http-compat.d.ts +1 -1
package/dist-standalone/http-compat.js +1 -267
package/dist-standalone/http-status-map.js +1 -561
package/dist-standalone/identity.js +1 -619
package/dist-standalone/index.d.ts +15 -4
package/dist-standalone/index.js +1 -78
package/dist-standalone/invitation.js +1 -415
package/dist-standalone/invite.js +1 -324
package/dist-standalone/key-agreement.js +1 -325
package/dist-standalone/lazy-init.d.ts +11 -6
package/dist-standalone/lazy-init.js +1 -295
package/dist-standalone/logger.js +1 -285
package/dist-standalone/loopback-transport.d.ts +87 -0
package/dist-standalone/loopback-transport.js +1 -0
package/dist-standalone/mdns-discovery.js +1 -195
package/dist-standalone/nonce-store.js +1 -76
package/dist-standalone/pairing-manager.js +1 -219
package/dist-standalone/plugin-system.js +1 -257
package/dist-standalone/plugins/logging.js +1 -163
package/dist-standalone/plugins/metrics.d.ts +4 -4
package/dist-standalone/plugins/metrics.js +1 -176
package/dist-standalone/plugins/validation.js +1 -297
package/dist-standalone/policy.js +1 -315
package/dist-standalone/progress-callbacks.js +1 -576
package/dist-standalone/redis-nonce-store.js +1 -72
package/dist-standalone/registry-middleware.js +1 -47
package/dist-standalone/retry-strategies.js +1 -534
package/dist-standalone/retry-transport.js +1 -98
package/dist-standalone/runtime/browser.js +1 -516
package/dist-standalone/runtime/edge.js +1 -511
package/dist-standalone/runtime/react-native.d.ts +1 -1
package/dist-standalone/runtime/react-native.js +1 -383
package/dist-standalone/security-policy.js +1 -239
package/dist-standalone/serialization.js +1 -1031
package/dist-standalone/split-channel.d.ts +1 -1
package/dist-standalone/split-channel.js +1 -219
package/dist-standalone/subscription-proof.js +1 -224
package/dist-standalone/succession.js +1 -142
package/dist-standalone/timeouts.js +1 -398
package/dist-standalone/trace-context.js +1 -414
package/dist-standalone/trace-spans.js +1 -488
package/dist-standalone/transport.d.ts +1 -1
package/dist-standalone/transport.js +1 -59
package/dist-standalone/trust-registry.d.ts +3 -3
package/dist-standalone/trust-registry.js +1 -950
package/dist-standalone/types/error-response.js +1 -52
package/dist-standalone/vault-auth.js +1 -174
package/dist-standalone/vault-store-loader.d.ts +9 -0
package/dist-standalone/vault-store-loader.js +1 -187
package/dist-standalone/verify.js +1 -16
package/dist-standalone/version-info.js +1 -530
package/dist-standalone/xfetch.js +1 -335
package/package.json +1 -1
package/share1.dat +0 -0

package/dist-standalone/did-privateme.js CHANGED Viewed

@@ -1,121 +1 @@
-import { ok, err } from"./_deps/shared/index.js";
-import { publicKeyToDid, didToPublicKeyBytes } from './identity.js';
-/**
- * Mechanism 4: Convert Ed25519 public key to did:privateme DID.
- *
- * Format: did:privateme:z + base58btc(0xed01 || publicKey)
- *
- * This is a new DID method identifier for PRIVATE.ME ACIs.
- * It uses the same base58btc encoding as did:key for compatibility,
- * but signals that the identity is backed by PRIVATE.ME infrastructure.
- *
- * Backward compatible: agents accept both did:key and did:privateme formats.
- *
- * @param rawPublicKey - 32-byte Ed25519 public key
- * @returns DID in format did:privateme:z...
- */
-export function publicKeyToPrivateMeDid(rawPublicKey) {
-    // Use same encoding as did:key, but with privateme method
-    const didKeyFormat = publicKeyToDid(rawPublicKey);
-    // Replace did:key: with did:privateme:
-    return didKeyFormat.replace(/^did:key:/, 'did:privateme:');
-}
-/**
- * Extract raw 32-byte public key from a did:privateme DID.
- *
- * Format: did:privateme:z + base58btc(0xed01 || publicKey)
- *
- * @param did - DID in format did:privateme:z...
- * @returns 32-byte public key or error
- */
-export function privateMeDidToPublicKeyBytes(did) {
-    if (!did.startsWith('did:privateme:z')) {
-        return err('INVALID_DID_FORMAT');
-    }
-    // Convert to did:key format temporarily for parsing
-    const didKeyFormat = did.replace(/^did:privateme:/, 'did:key:');
-    // Use the existing parser
-    const result = didToPublicKeyBytes(didKeyFormat);
-    if (!result.ok) {
-        return err(result.error);
-    }
-    return ok(result.value);
-}
-/**
- * Determine if a DID is in the new did:privateme format.
- *
- * @param did - The DID to check
- * @returns true if DID is did:privateme format, false otherwise
- */
-export function isPrivateMeDid(did) {
-    return did.startsWith('did:privateme:');
-}
-/**
- * Determine if a DID is in the did:key format.
- *
- * @param did - The DID to check
- * @returns true if DID is did:key format, false otherwise
- */
-export function isDidKeyFormat(did) {
-    return did.startsWith('did:key:');
-}
-/**
- * Convert between DID formats (did:key ↔ did:privateme).
- *
- * Allows backward compatibility between old did:key and new did:privateme formats.
- * The public key remains the same; only the method identifier changes.
- *
- * @param did - Source DID in either format
- * @returns Converted DID in the other format, or error
- */
-export function convertDidFormat(did) {
-    if (isDidKeyFormat(did)) {
-        // Convert did:key to did:privateme
-        return ok(did.replace(/^did:key:/, 'did:privateme:'));
-    }
-    if (isPrivateMeDid(did)) {
-        // Convert did:privateme to did:key
-        return ok(did.replace(/^did:privateme:/, 'did:key:'));
-    }
-    return err('UNSUPPORTED_DID_FORMAT');
-}
-/**
- * Normalize a DID to the canonical format (did:privateme).
- *
- * All DIDs are converted to did:privateme format for consistency.
- * Existing did:key DIDs are automatically upgraded.
- *
- * @param did - Source DID in any supported format
- * @returns Normalized DID in did:privateme format
- */
-export function normalizeDid(did) {
-    if (isPrivateMeDid(did)) {
-        // Already in target format
-        return ok(did);
-    }
-    if (isDidKeyFormat(did)) {
-        // Convert to did:privateme
-        return ok(did.replace(/^did:key:/, 'did:privateme:'));
-    }
-    return err('UNSUPPORTED_DID_FORMAT');
-}
-/**
- * Parse a DID into method, identifier, and fragment.
- *
- * @param did - Full DID string
- * @returns Parsed DID components or error
- */
-export function parseDid(did) {
-    const fragmentMatch = did.indexOf('#');
-    const base = fragmentMatch >= 0 ? did.substring(0, fragmentMatch) : did;
-    const fragment = fragmentMatch >= 0 ? did.substring(fragmentMatch + 1) : undefined;
-    const parts = base.split(':');
-    if (parts.length < 3 || parts[0] !== 'did') {
-        return err('INVALID_DID_FORMAT');
-    }
-    return ok({
-        method: parts[1],
-        identifier: parts.slice(2).join(':'),
-        fragment,
-    });
-}
+import{ok,err}from"./_deps/shared/index.js";import{publicKeyToDid,didToPublicKeyBytes}from"./identity.js";export function publicKeyToPrivateMeDid(e){return publicKeyToDid(e).replace(/^did:key:/,"did:privateme:")}export function privateMeDidToPublicKeyBytes(e){if(!e.startsWith("did:privateme:z"))return err("INVALID_DID_FORMAT");const i=e.replace(/^did:privateme:/,"did:key:"),r=didToPublicKeyBytes(i);return r.ok?ok(r.value):err(r.error)}export function isPrivateMeDid(e){return e.startsWith("did:privateme:")}export function isDidKeyFormat(e){return e.startsWith("did:key:")}export function convertDidFormat(e){return isDidKeyFormat(e)?ok(e.replace(/^did:key:/,"did:privateme:")):isPrivateMeDid(e)?ok(e.replace(/^did:privateme:/,"did:key:")):err("UNSUPPORTED_DID_FORMAT")}export function normalizeDid(e){return isPrivateMeDid(e)?ok(e):isDidKeyFormat(e)?ok(e.replace(/^did:key:/,"did:privateme:")):err("UNSUPPORTED_DID_FORMAT")}export function parseDid(e){const i=e.indexOf("#"),r=i>=0?e.substring(0,i):e,t=i>=0?e.substring(i+1):void 0,d=r.split(":");return d.length<3||"did"!==d[0]?err("INVALID_DID_FORMAT"):ok({method:d[1],identifier:d.slice(2).join(":"),fragment:t})}

package/dist-standalone/did-web.js CHANGED Viewed

@@ -1,196 +1 @@
-/**
- * did:web resolver — resolves DIDs hosted on developer domains.
- *
- * Implements the W3C did:web method:
- *   did:web:example.com -> https://example.com/.well-known/did.json
- *   did:web:example.com:path:to -> https://example.com/path/to/did.json
- *
- * Enables direct agent-to-agent communication without a centralized registry.
- * Implements TrustRegistry interface for drop-in use with Agent class.
- */
-import { ok, err } from"./_deps/shared/index.js";
-import { fromBase64 } from './crypto-utils.js';
-/**
- * Resolve did:web DIDs by fetching DID documents from the hosting domain.
- *
- * Implements TrustRegistry interface so it can be used as a drop-in
- * replacement for MemoryTrustRegistry or HttpTrustRegistry.
- */
-export class DidWebResolver {
-    fetchFn;
-    cacheTtlMs;
-    cache = new Map();
-    constructor(opts) {
-        this.fetchFn = opts?.fetch ?? globalThis.fetch.bind(globalThis);
-        this.cacheTtlMs = opts?.cacheTtlMs ?? 300_000;
-    }
-    /** Registration not supported for did:web (developers host their own). */
-    async register(_did, _publicKey, _name, _scopes, _x25519PublicKey) {
-        return err('ALREADY_REGISTERED');
-    }
-    /**
-     * Resolve a did:web DID to its raw public key bytes.
-     * @param did - A did:web DID string.
-     * @returns Public key bytes or error.
-     */
-    async resolve(did) {
-        const entry = await this.fetchEntry(did);
-        if (!entry.ok)
-            return entry;
-        if (entry.value.revoked)
-            return err('REVOKED');
-        return ok(entry.value.publicKey);
-    }
-    /**
-     * Check if a did:web DID has a specific scope.
-     * @param did - The DID to check.
-     * @param scope - The scope to verify.
-     * @returns True if scope is granted.
-     */
-    async hasScope(did, scope) {
-        const entry = await this.fetchEntry(did);
-        if (!entry.ok)
-            return false;
-        return entry.value.scopes.has(scope);
-    }
-    /**
-     * Check if a did:web DID has a specific receive scope.
-     * @param did - The DID to check.
-     * @param scope - The scope to verify.
-     * @returns True if receive scope is granted.
-     */
-    async hasReceiveScope(did, scope) {
-        const entry = await this.fetchEntry(did);
-        if (!entry.ok)
-            return false;
-        // Undefined = accept all scopes (backward compatibility)
-        if (!entry.value.receiveScopes)
-            return true;
-        return entry.value.receiveScopes.has(scope);
-    }
-    /** Revocation not supported for did:web (developer controls their domain). */
-    async revoke(_did) {
-        return err('NOT_FOUND');
-    }
-    /**
-     * Get the full registry entry for a did:web DID.
-     * @param did - The DID to look up.
-     * @returns Full entry or error.
-     */
-    async getEntry(did) {
-        return this.fetchEntry(did);
-    }
-    /** Number of cached entries (for testing). */
-    get cacheSize() {
-        return this.cache.size;
-    }
-    /** Fetch and parse a DID document, with caching. */
-    async fetchEntry(did) {
-        // Check cache
-        const cached = this.cache.get(did);
-        if (cached && Date.now() - cached.fetchedAt < this.cacheTtlMs) {
-            return ok(cached.entry);
-        }
-        const url = didWebToUrl(did);
-        if (!url)
-            return err('NOT_FOUND');
-        try {
-            const res = await this.fetchFn(url);
-            if (!res.ok)
-                return err('NOT_FOUND');
-            const doc = (await res.json());
-            const entry = parseDidDocument(did, doc);
-            if (!entry)
-                return err('NOT_FOUND');
-            this.cache.set(did, { entry, fetchedAt: Date.now() });
-            return ok(entry);
-        }
-        catch {
-            return err('NETWORK_ERROR');
-        }
-    }
-}
-/**
- * Convert a did:web DID to its HTTPS URL.
- *   did:web:example.com -> https://example.com/.well-known/did.json
- *   did:web:example.com:path:to -> https://example.com/path/to/did.json
- * @param did - The did:web DID string.
- * @returns HTTPS URL or null if invalid.
- */
-export function didWebToUrl(did) {
-    if (!did.startsWith('did:web:'))
-        return null;
-    const parts = did.slice('did:web:'.length).split(':');
-    if (parts.length === 0 || !parts[0])
-        return null;
-    const domain = decodeURIComponent(parts[0]);
-    if (parts.length === 1) {
-        return `https://${domain}/.well-known/did.json`;
-    }
-    const path = parts.slice(1).map(decodeURIComponent).join('/');
-    return `https://${domain}/${path}/did.json`;
-}
-/** Parse a DID document into a RegistryEntry. */
-function parseDidDocument(did, doc) {
-    if (!doc.verificationMethod || doc.verificationMethod.length === 0) {
-        return null;
-    }
-    const vm = doc.verificationMethod[0];
-    if (!vm)
-        return null;
-    let publicKey = null;
-    if (vm.publicKeyMultibase) {
-        publicKey = decodeMultibase(vm.publicKeyMultibase);
-    }
-    else if (vm.publicKeyBase64) {
-        publicKey = fromBase64(vm.publicKeyBase64);
-    }
-    if (!publicKey)
-        return null;
-    return {
-        did,
-        publicKey,
-        name: doc.xailName ?? did,
-        scopes: new Set(doc.xailScopes ?? []),
-        revoked: doc.deactivated === true,
-        rotation_sequence: 1, // DID documents don't track rotation, default to 1
-    };
-}
-/** Decode z-prefixed base58btc multibase to bytes. */
-function decodeMultibase(mb) {
-    if (!mb.startsWith('z'))
-        return null;
-    return base58Decode(mb.slice(1));
-}
-/** Base58 decode (Bitcoin alphabet). */
-function base58Decode(s) {
-    const ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
-    const BASE = BigInt(58);
-    let num = BigInt(0);
-    for (const char of s) {
-        const idx = ALPHABET.indexOf(char);
-        if (idx < 0)
-            return new Uint8Array(0);
-        num = num * BASE + BigInt(idx);
-    }
-    const hex = num.toString(16);
-    const padded = hex.length % 2 ? '0' + hex : hex;
-    const bytes = new Uint8Array(padded.length / 2);
-    for (let i = 0; i < bytes.length; i++) {
-        bytes[i] = parseInt(padded.slice(i * 2, i * 2 + 2), 16);
-    }
-    // Handle leading zeros (base58 "1" = 0x00)
-    let leadingZeros = 0;
-    for (const c of s) {
-        if (c === '1')
-            leadingZeros++;
-        else
-            break;
-    }
-    if (leadingZeros > 0) {
-        const result = new Uint8Array(leadingZeros + bytes.length);
-        result.set(bytes, leadingZeros);
-        return result;
-    }
-    return bytes;
-}
+import{ok,err}from"./_deps/shared/index.js";import{fromBase64}from"./crypto-utils.js";export class DidWebResolver{fetchFn;cacheTtlMs;cache=new Map;constructor(e){this.fetchFn=e?.fetch??globalThis.fetch.bind(globalThis),this.cacheTtlMs=e?.cacheTtlMs??3e5}async register(e,t,n,r,c){return err("ALREADY_REGISTERED")}async resolve(e){const t=await this.fetchEntry(e);return t.ok?t.value.revoked?err("REVOKED"):ok(t.value.publicKey):t}async hasScope(e,t){const n=await this.fetchEntry(e);return!!n.ok&&n.value.scopes.has(t)}async hasReceiveScope(e,t){const n=await this.fetchEntry(e);return!!n.ok&&(!n.value.receiveScopes||n.value.receiveScopes.has(t))}async revoke(e){return err("NOT_FOUND")}async getEntry(e){return this.fetchEntry(e)}get cacheSize(){return this.cache.size}async fetchEntry(e){const t=this.cache.get(e);if(t&&Date.now()-t.fetchedAt<this.cacheTtlMs)return ok(t.entry);const n=didWebToUrl(e);if(!n)return err("NOT_FOUND");try{const t=await this.fetchFn(n);if(!t.ok)return err("NOT_FOUND");const r=parseDidDocument(e,await t.json());return r?(this.cache.set(e,{entry:r,fetchedAt:Date.now()}),ok(r)):err("NOT_FOUND")}catch{return err("NETWORK_ERROR")}}}export function didWebToUrl(e){if(!e.startsWith("did:web:"))return null;const t=e.slice(8).split(":");if(0===t.length||!t[0])return null;const n=decodeURIComponent(t[0]);if(1===t.length)return`https://${n}/.well-known/did.json`;return`https://${n}/${t.slice(1).map(decodeURIComponent).join("/")}/did.json`}function parseDidDocument(e,t){if(!t.verificationMethod||0===t.verificationMethod.length)return null;const n=t.verificationMethod[0];if(!n)return null;let r=null;return n.publicKeyMultibase?r=decodeMultibase(n.publicKeyMultibase):n.publicKeyBase64&&(r=fromBase64(n.publicKeyBase64)),r?{did:e,publicKey:r,name:t.xailName??e,scopes:new Set(t.xailScopes??[]),revoked:!0===t.deactivated,rotation_sequence:1}:null}function decodeMultibase(e){return e.startsWith("z")?base58Decode(e.slice(1)):null}function base58Decode(e){const t=BigInt(58);let n=BigInt(0);for(const r of e){const e="123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz".indexOf(r);if(e<0)return new Uint8Array(0);n=n*t+BigInt(e)}const r=n.toString(16),c=r.length%2?"0"+r:r,s=new Uint8Array(c.length/2);for(let e=0;e<s.length;e++)s[e]=parseInt(c.slice(2*e,2*e+2),16);let i=0;for(const t of e){if("1"!==t)break;i++}if(i>0){const e=new Uint8Array(i+s.length);return e.set(s,i),e}return s}