@provnai/vex-sdk 1.5.0 → 1.6.0

package/README.md

@@ -1,4 +1,4 @@
-# VEX SDK for TypeScript (v1.5.0) 🛡️js
+# VEX SDK for TypeScript (v1.6.0) 🛡️js
 ## Cognitive Routing & Silicon-Rooted Evidence
 
 Official TypeScript implementation of the VEX Protocol. Designed to wrap agent tool-calls in a cryptographically verifiable envelope.

package/dist/agent.d.ts

@@ -13,26 +13,46 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import { VexCapsule } from './builder';
 export interface VexConfig {
     identityKey: string;
     vanguardUrl: string;
+    aid?: string;
+}
+export interface VexResult {
+    status: string;
+    outcome: 'ALLOW' | 'HALT' | 'ESCALATE';
+    reason_code?: string;
+    capsule_root: string;
+    capability_token?: string;
+    [key: string]: unknown;
 }
 export declare class VexAgent {
     private config;
     private sdk;
+    private currentToken?;
     constructor(config: VexConfig);
     private ensureSDK;
+    /**
+     * Retrieves the Gate's public key for HPKE encryption.
+     */
+    fetchPublicKey(): Promise<string>;
     /**
      * Executes a tool via the VEX verifiable execution loop.
      */
-    execute(toolName: string, params: Record<string, any>, intentContext?: string): Promise<any>;
+    /**
+     * Locally verifies a VEX Continuation Token (v3) against the Gate's public key.
+     * Ensures the token was signed by the authoritative Gate and binds to the current capsule.
+     */
+    verifyToken(tokenBase64: string, expectedCapsuleRoot?: string): Promise<boolean>;
+    execute(toolName: string, params: Record<string, unknown>, intentContext?: string): Promise<VexResult>;
     /**
      * Manually construct a signed Evidence Capsule without dispatching it.
      */
-    buildCapsule(toolName: string, params: Record<string, any>, intentContext?: string): Promise<any>;
+    buildCapsule(toolName: string, params: Record<string, unknown>, intentContext?: string): Promise<VexCapsule>;
     /**
      * Serializes the Evidence Capsule into the v0x03 Binary Wire format.
      */
-    toBinary(capsule: any): Buffer;
+    toBinary(capsule: VexCapsule): Buffer;
     private hashObject;
 }

package/dist/agent.js

@@ -14,14 +14,52 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.VexAgent = void 0;
+const crypto = __importStar(require("crypto"));
+const { canonicalize } = require('json-canonicalize');
 const axios_1 = __importDefault(require("axios"));
 const builder_1 = require("./builder");
 const sdk_1 = require("@provncloud/sdk");
+const { CipherSuite } = require('hpke-js');
+const { DhkemX25519HkdfSha256, HkdfSha256 } = require('@hpke/dhkem-x25519');
+const { Aes128Gcm } = require('@hpke/core');
 class VexAgent {
     constructor(config) {
         this.sdk = null;
@@ -33,9 +71,53 @@ class VexAgent {
             this.sdk = new sdk_1.ProvnSDK();
         }
     }
+    /**
+     * Retrieves the Gate's public key for HPKE encryption.
+     */
+    async fetchPublicKey() {
+        const response = await axios_1.default.get(`${this.config.vanguardUrl}/public_key`);
+        return response.data.public_key;
+    }
     /**
      * Executes a tool via the VEX verifiable execution loop.
      */
+    /**
+     * Locally verifies a VEX Continuation Token (v3) against the Gate's public key.
+     * Ensures the token was signed by the authoritative Gate and binds to the current capsule.
+     */
+    async verifyToken(tokenBase64, expectedCapsuleRoot) {
+        const { canonicalize } = require('json-canonicalize');
+        const crypto = require('crypto');
+        try {
+            const token = JSON.parse(Buffer.from(tokenBase64, 'base64').toString());
+            const gatePkBase64 = await this.fetchPublicKey();
+            const gatePublicKey = crypto.createPublicKey({
+                key: Buffer.from(gatePkBase64, 'base64'),
+                format: 'der',
+                type: 'spki', // Ed25519 in SPKI format
+            });
+            // 1. Re-hash the payload (JCS)
+            const payloadHash = crypto.createHash('sha256')
+                .update(canonicalize(token.payload))
+                .digest();
+            // 2. Verify signature
+            const isSignatureValid = crypto.verify(null, payloadHash, gatePublicKey, Buffer.from(token.signature, 'hex'));
+            if (!isSignatureValid) {
+                console.error('VEX Token Verification Failed: Invalid Signature');
+                return false;
+            }
+            // 3. Bind to capsule root
+            if (expectedCapsuleRoot && token.payload.source_capsule_root !== expectedCapsuleRoot) {
+                console.error('VEX Token Verification Failed: Root Mismatch');
+                return false;
+            }
+            return true;
+        }
+        catch (error) {
+            console.error('VEX Token Verification Error:', error);
+            return false;
+        }
+    }
     async execute(toolName, params, intentContext) {
         await this.ensureSDK();
         // 1. Build Capsule
@@ -71,7 +153,8 @@ class VexAgent {
             return result;
         }
         catch (error) {
-            console.error('VEX Execution Failed:', error.response?.data || error.message);
+            const err = error;
+            console.error('VEX Execution Failed:', err.response?.data || err.message);
             throw error;
         }
     }
@@ -83,7 +166,10 @@ class VexAgent {
         // This is a simplified implementation for the SDK.
         // It demonstrates how the builder is leveraged.
         const intent = {
+            schema: 'vex/intent/v3',
+            aid: this.config.aid || '00'.repeat(32),
             request_sha256: this.hashObject(params),
+            commands: [toolName, params],
             confidence: 1.0,
             capabilities: ['sdk_execution']
         };
@@ -97,6 +183,7 @@ class VexAgent {
             trace_root: '00'.repeat(32),
             nonce: Date.now(),
             prev_hash: '00'.repeat(32), // Start of chain
+            binding_status: 'UNBOUND',
             supervision: {
                 branch_completeness: 1.0,
                 contradictions: 0,
@@ -104,7 +191,7 @@ class VexAgent {
             }
         };
         const identity = {
-            aid: '00'.repeat(32), // Placeholder for hardware AID
+            aid: this.config.aid || '00'.repeat(32),
             identity_type: 'software_sim',
             pcrs: { '0': '00'.repeat(32) }
         };
@@ -113,7 +200,35 @@ class VexAgent {
             receipt_hash: '00'.repeat(32),
             timestamp: Math.floor(Date.now() / 1000)
         };
-        const intent_hash = builder_1.VEPBuilder.hashSegment(intent);
+        // --- Phase 2: HPKE Encryption (Optional/v3) ---
+        let intent_hash;
+        const gatePkBase64 = await this.fetchPublicKey().catch(() => null);
+        if (gatePkBase64) {
+            const suite = new CipherSuite({
+                kem: new DhkemX25519HkdfSha256(),
+                kdf: new HkdfSha256(),
+                aead: new Aes128Gcm(),
+            });
+            const recipientPublicKeyRaw = new Uint8Array(Buffer.from(gatePkBase64, 'base64'));
+            const recipientKey = await suite.importKey('raw', recipientPublicKeyRaw, true);
+            const info = new Uint8Array(Buffer.from('vex/intent/v3'));
+            const { enc, ct } = await suite.seal({
+                recipientPublicKey: recipientKey,
+                info: info
+            }, new Uint8Array(Buffer.from(JSON.stringify(intent))));
+            // In v1.6.0, the "Intent Pillar" commitment is the hash of the ciphertext
+            intent_hash = require('crypto').createHash('sha256').update(Buffer.from(ct)).digest('hex');
+            // Add HPKE metadata to the segment so the Gate can decrypt
+            intent.hpke = {
+                enc: Buffer.from(enc).toString('base64'),
+                ciphertext: Buffer.from(ct).toString('base64'),
+                schema: 'vex/intent/v3/encrypted'
+            };
+        }
+        else {
+            // Fallback: Standard JCS hash for Transparent intents
+            intent_hash = builder_1.VEPBuilder.hashSegment(intent);
+        }
         const authority_hash = builder_1.VEPBuilder.hashSegment(authority);
         const identity_hash = builder_1.VEPBuilder.hashSegment(identity);
         const witness_hash = builder_1.VEPBuilder.hashSegment(witness, false); // Minimal scope
@@ -180,8 +295,6 @@ class VexAgent {
         return Buffer.concat([header, ...segments, header]);
     }
     hashObject(obj) {
-        const { canonicalize } = require('json-canonicalize');
-        const crypto = require('crypto');
         const canonicalJSON = canonicalize(obj);
         return crypto.createHash('sha256').update(canonicalJSON).digest('hex');
     }

package/dist/builder.d.ts

@@ -14,10 +14,15 @@
  * limitations under the License.
  */
 export interface IntentSegment {
+    schema: string;
+    aid: string;
     request_sha256: string;
+    commands: unknown[];
     confidence: number;
     capabilities: string[];
     magpie_source?: string;
+    intent_context?: string;
+    [key: string]: unknown;
 }
 export interface AuthoritySegment {
     capsule_id: string;
@@ -26,22 +31,27 @@ export interface AuthoritySegment {
     trace_root: string;
     nonce: number;
     prev_hash?: string;
+    binding_status: string;
+    continuation_token?: string;
     supervision?: {
         branch_completeness?: number;
         contradictions?: number;
         confidence?: number;
     };
-    gate_sensors?: Record<string, any>;
+    gate_sensors?: Record<string, unknown>;
+    [key: string]: unknown;
 }
 export interface IdentitySegment {
     aid: string;
     identity_type: string;
     pcrs: Record<string, string>;
+    [key: string]: unknown;
 }
 export interface WitnessSegment {
     chora_node_id: string;
     receipt_hash: string;
     timestamp: number;
+    [key: string]: unknown;
 }
 export interface VexPillars {
     intent: IntentSegment;
@@ -49,11 +59,24 @@ export interface VexPillars {
     identity: IdentitySegment;
     witness: WitnessSegment;
 }
+export interface VexCapsule extends VexPillars {
+    intent_hash: string;
+    authority_hash: string;
+    identity_hash: string;
+    witness_hash: string;
+    capsule_root: string;
+    crypto: {
+        algo: string;
+        signature_scope: string;
+        signature_b64: string;
+        signature_raw: Buffer;
+    };
+}
 export declare class VEPBuilder {
     /**
      * Computes the SHA-256 hash of a JCS canonicalized object.
      */
-    static hashSegment(segment: any, inclusive?: boolean): string;
+    static hashSegment(segment: Record<string, unknown>, inclusive?: boolean): string;
     /**
      * Calculates the capsule_root commitment using a 4-leaf binary Merkle tree
      * with domain separation (0x00 for leaves, 0x01 for internal nodes).

package/dist/middleware.d.ts

@@ -22,9 +22,9 @@ export declare const vexMiddleware: (config: {
 }) => {
     onToolCall({ toolName, args }: {
         toolName: string;
-        args: any;
+        args: Record<string, unknown>;
     }): Promise<{
         status: string;
-        vex_root: any;
+        vex_root: string;
     }>;
 };

package/package.json

@@ -1,31 +1,34 @@
-{
-  "name": "@provnai/vex-sdk",
-  "version": "1.5.0",
-  "description": "High-level routing and cognitive abstraction SDK for the VEX Protocol",
-  "main": "dist/index.js",
-  "types": "dist/index.d.ts",
-  "scripts": {
-    "build": "tsc",
-    "test": "jest",
-    "lint": "eslint src/**/*.ts"
-  },
-  "dependencies": {
-    "@provncloud/sdk": "^0.3.0",
-    "axios": "^1.6.0",
-    "json-canonicalize": "^1.0.4"
-  },
-  "devDependencies": {
-    "@types/jest": "^29.5.0",
-    "@types/node": "^20.0.0",
-    "@typescript-eslint/eslint-plugin": "^8.57.1",
-    "@typescript-eslint/parser": "^8.57.1",
-    "@eslint/js": "^9.39.4",
-    "eslint": "^9.11.0",
-    "jest": "^29.5.0",
-    "ts-jest": "^29.1.0",
-    "typescript": "^5.0.0"
-  },
-  "publishConfig": {
-    "access": "public"
-  }
-}
+{
+  "name": "@provnai/vex-sdk",
+  "version": "1.6.0",
+  "description": "High-level routing and cognitive abstraction SDK for the VEX Protocol",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc",
+    "test": "jest",
+    "lint": "eslint src/**/*.ts"
+  },
+  "dependencies": {
+    "@provncloud/sdk": "^0.3.0",
+    "hpke-js": "^1.2.0",
+    "@hpke/core": "^1.2.7",
+    "@hpke/dhkem-x25519": "^1.2.7",
+    "axios": "^1.6.0",
+    "json-canonicalize": "^1.0.4"
+  },
+  "devDependencies": {
+    "@types/jest": "^29.5.0",
+    "@types/node": "^20.0.0",
+    "@typescript-eslint/eslint-plugin": "^8.57.1",
+    "@typescript-eslint/parser": "^8.57.1",
+    "@eslint/js": "^9.39.4",
+    "eslint": "^9.11.0",
+    "jest": "^29.5.0",
+    "ts-jest": "^29.1.0",
+    "typescript": "^5.0.0"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}

package/src/agent.ts

@@ -14,19 +14,36 @@
  * limitations under the License.
  */
 
+import * as crypto from 'crypto';
+const { canonicalize } = require('json-canonicalize');
 import axios from 'axios';
-import { VEPBuilder, VexPillars } from './builder';
+import { VEPBuilder, VexCapsule, IntentSegment, AuthoritySegment } from './builder';
 import { ProvnSDK, init } from '@provncloud/sdk';
+const { CipherSuite } = require('hpke-js');
+const { DhkemX25519HkdfSha256, HkdfSha256 } = require('@hpke/dhkem-x25519');
+const { Aes128Gcm } = require('@hpke/core');
 
 export interface VexConfig {
     identityKey: string;     // Hex or Base64 Ed25519 private key
     vanguardUrl: string;     // Target proxy endpoint (McpVanguard/VEX sidecar)
+    aid?: string;            // Agent Identity ID (NEW in v3)
+}
+
+export interface VexResult {
+    status: string;
+    outcome: 'ALLOW' | 'HALT' | 'ESCALATE';
+    reason_code?: string;
+    capsule_root: string;
+    capability_token?: string;
+    [key: string]: unknown;
 }
 
 export class VexAgent {
     private config: VexConfig;
     private sdk: ProvnSDK | null = null;
 
+    private currentToken?: string;
+
     constructor(config: VexConfig) {
         this.config = config;
     }
@@ -38,10 +55,66 @@ export class VexAgent {
         }
     }
 
+    /**
+     * Retrieves the Gate's public key for HPKE encryption.
+     */
+    async fetchPublicKey(): Promise<string> {
+        const response = await axios.get(`${this.config.vanguardUrl}/public_key`);
+        return response.data.public_key;
+    }
+
     /**
      * Executes a tool via the VEX verifiable execution loop.
      */
-    async execute(toolName: string, params: Record<string, any>, intentContext?: string): Promise<any> {
+    /**
+     * Locally verifies a VEX Continuation Token (v3) against the Gate's public key.
+     * Ensures the token was signed by the authoritative Gate and binds to the current capsule.
+     */
+    async verifyToken(tokenBase64: string, expectedCapsuleRoot?: string): Promise<boolean> {
+        const { canonicalize } = require('json-canonicalize');
+        const crypto = require('crypto');
+        
+        try {
+            const token = JSON.parse(Buffer.from(tokenBase64, 'base64').toString());
+            const gatePkBase64 = await this.fetchPublicKey();
+            const gatePublicKey = crypto.createPublicKey({
+                key: Buffer.from(gatePkBase64, 'base64'),
+                format: 'der',
+                type: 'spki', // Ed25519 in SPKI format
+            });
+
+            // 1. Re-hash the payload (JCS)
+            const payloadHash = crypto.createHash('sha256')
+                .update(canonicalize(token.payload))
+                .digest();
+
+            // 2. Verify signature
+            const isSignatureValid = crypto.verify(
+                null,
+                payloadHash,
+                gatePublicKey,
+                Buffer.from(token.signature, 'hex')
+            );
+
+            if (!isSignatureValid) {
+                console.error('VEX Token Verification Failed: Invalid Signature');
+                return false;
+            }
+
+            // 3. Bind to capsule root
+            if (expectedCapsuleRoot && token.payload.source_capsule_root !== expectedCapsuleRoot) {
+                console.error('VEX Token Verification Failed: Root Mismatch');
+                return false;
+            }
+
+            return true;
+        } catch (error) {
+            console.error('VEX Token Verification Error:', error);
+            return false;
+        }
+    }
+
+    async execute(toolName: string, params: Record<string, unknown>, intentContext?: string): Promise<VexResult> {
         await this.ensureSDK();
 
         // 1. Build Capsule
@@ -79,12 +152,13 @@ export class VexAgent {
 
             // 4. Store Capability Token
             if (result.capability_token) {
-                (this as any).currentToken = result.capability_token;
+                this.currentToken = result.capability_token;
             }
 
-            return result;
-        } catch (error: any) {
-            console.error('VEX Execution Failed:', error.response?.data || error.message);
+            return result as VexResult;
+        } catch (error) {
+            const err = error as { response?: { data: Record<string, unknown> }, message: string };
+            console.error('VEX Execution Failed:', err.response?.data || err.message);
             throw error;
         }
     }
@@ -92,13 +166,16 @@ export class VexAgent {
     /**
      * Manually construct a signed Evidence Capsule without dispatching it.
      */
-    async buildCapsule(toolName: string, params: Record<string, any>, intentContext?: string): Promise<any> {
+    async buildCapsule(toolName: string, params: Record<string, unknown>, intentContext?: string): Promise<VexCapsule> {
         await this.ensureSDK();
         // This is a simplified implementation for the SDK.
         // It demonstrates how the builder is leveraged.
         
-        const intent: any = {
+        const intent: IntentSegment = {
+            schema: 'vex/intent/v3',
+            aid: this.config.aid || '00'.repeat(32),
             request_sha256: this.hashObject(params),
+            commands: [toolName, params],
             confidence: 1.0,
             capabilities: ['sdk_execution']
         };
@@ -106,13 +183,14 @@ export class VexAgent {
             intent.intent_context = intentContext;
         }
 
-        const authority = {
+        const authority: AuthoritySegment = {
             capsule_id: require('crypto').randomUUID(),
             outcome: 'ALLOW',
             reason_code: 'SDK_GENERATED',
             trace_root: '00'.repeat(32),
             nonce: Date.now(),
             prev_hash: '00'.repeat(32), // Start of chain
+            binding_status: 'UNBOUND',
             supervision: {
                 branch_completeness: 1.0,
                 contradictions: 0,
@@ -121,7 +199,7 @@ export class VexAgent {
         };
 
         const identity = {
-            aid: '00'.repeat(32), // Placeholder for hardware AID
+            aid: this.config.aid || '00'.repeat(32),
             identity_type: 'software_sim',
             pcrs: { '0': '00'.repeat(32) }
         };
@@ -132,7 +210,43 @@ export class VexAgent {
             timestamp: Math.floor(Date.now() / 1000)
         };
 
-        const intent_hash = VEPBuilder.hashSegment(intent);
+        // --- Phase 2: HPKE Encryption (Optional/v3) ---
+        let intent_hash: string;
+        const gatePkBase64 = await this.fetchPublicKey().catch(() => null);
+        
+        if (gatePkBase64) {
+            const suite = new CipherSuite({
+                kem: new DhkemX25519HkdfSha256(),
+                kdf: new HkdfSha256(),
+                aead: new Aes128Gcm(),
+            });
+
+            const recipientPublicKeyRaw = new Uint8Array(Buffer.from(gatePkBase64, 'base64'));
+            const recipientKey = await suite.importKey('raw', recipientPublicKeyRaw, true);
+            const info = new Uint8Array(Buffer.from('vex/intent/v3'));
+            
+            const { enc, ct } = await suite.seal(
+                { 
+                    recipientPublicKey: recipientKey,
+                    info: info
+                },
+                new Uint8Array(Buffer.from(JSON.stringify(intent)))
+            );
+
+            // In v1.6.0, the "Intent Pillar" commitment is the hash of the ciphertext
+            intent_hash = require('crypto').createHash('sha256').update(Buffer.from(ct)).digest('hex');
+            
+            // Add HPKE metadata to the segment so the Gate can decrypt
+            intent.hpke = {
+                enc: Buffer.from(enc).toString('base64'),
+                ciphertext: Buffer.from(ct).toString('base64'),
+                schema: 'vex/intent/v3/encrypted'
+            };
+        } else {
+            // Fallback: Standard JCS hash for Transparent intents
+            intent_hash = VEPBuilder.hashSegment(intent);
+        }
+
         const authority_hash = VEPBuilder.hashSegment(authority);
         const identity_hash = VEPBuilder.hashSegment(identity);
         const witness_hash = VEPBuilder.hashSegment(witness, false); // Minimal scope
@@ -176,7 +290,7 @@ export class VexAgent {
     /**
      * Serializes the Evidence Capsule into the v0x03 Binary Wire format.
      */
-    toBinary(capsule: any): Buffer {
+    toBinary(capsule: VexCapsule): Buffer {
         const { canonicalize } = require('json-canonicalize');
         
         // --- Header (76 Bytes) ---
@@ -207,9 +321,7 @@ export class VexAgent {
         return Buffer.concat([header, ...segments, header]);
     }
 
-    private hashObject(obj: any): string {
-        const { canonicalize } = require('json-canonicalize');
-        const crypto = require('crypto');
+    private hashObject(obj: Record<string, unknown>): string {
         const canonicalJSON = canonicalize(obj);
         return crypto.createHash('sha256').update(canonicalJSON).digest('hex');
     }

package/src/builder.ts

@@ -18,10 +18,15 @@ import * as crypto from 'crypto';
 const { canonicalize } = require('json-canonicalize');
 
 export interface IntentSegment {
+    schema: string;          // NEW (v3)
+    aid: string;             // NEW (v3)
     request_sha256: string;
+    commands: unknown[];         // NEW (v3)
     confidence: number;
     capabilities: string[];
     magpie_source?: string;
+    intent_context?: string;     // Context for v3 enforcement
+    [key: string]: unknown;      // For HPKE and other metadata
 }
 
 export interface AuthoritySegment {
@@ -31,24 +36,29 @@ export interface AuthoritySegment {
     trace_root: string;
     nonce: number;
     prev_hash?: string;       // VEX Ledger Link
+    binding_status: string;   // NEW (v3)
+    continuation_token?: string; // NEW (v3)
     supervision?: {           // MCS Signals
         branch_completeness?: number;
         contradictions?: number;
         confidence?: number;
     };
-    gate_sensors?: Record<string, any>;
+    gate_sensors?: Record<string, unknown>;
+    [key: string]: unknown;
 }
 
 export interface IdentitySegment {
     aid: string;
     identity_type: string;
     pcrs: Record<string, string>;
+    [key: string]: unknown;
 }
 
 export interface WitnessSegment {
     chora_node_id: string;
     receipt_hash: string;
     timestamp: number;
+    [key: string]: unknown;
 }
 
 export interface VexPillars {
@@ -58,11 +68,25 @@ export interface VexPillars {
     witness: WitnessSegment;
 }
 
+export interface VexCapsule extends VexPillars {
+    intent_hash: string;
+    authority_hash: string;
+    identity_hash: string;
+    witness_hash: string;
+    capsule_root: string;
+    crypto: {
+        algo: string;
+        signature_scope: string;
+        signature_b64: string;
+        signature_raw: Buffer;
+    };
+}
+
 export class VEPBuilder {
     /**
      * Computes the SHA-256 hash of a JCS canonicalized object.
      */
-    static hashSegment(segment: any, inclusive: boolean = true): string {
+    static hashSegment(segment: Record<string, unknown>, inclusive: boolean = true): string {
         let dataToHash = segment;
         
         if (!inclusive) {

package/src/index.ts

@@ -14,8 +14,6 @@
  * limitations under the License.
  */
 
-import { VexAgent } from './agent';
-import { VEPBuilder } from './builder';
 
 export * from './agent';
 export * from './builder';

package/src/middleware.ts

@@ -24,7 +24,7 @@ export const vexMiddleware = (config: { identityKey: string, vanguardUrl: string
 
     return {
         // This is a pattern used by Vercel AI SDK to intercept tool calls
-        async onToolCall({ toolName, args }: { toolName: string, args: any }) {
+        async onToolCall({ toolName, args }: { toolName: string, args: Record<string, unknown> }) {
             console.log(`[VEX] Securing tool call: ${toolName}`);
             
             try {

package/tests/agent.test.ts

@@ -19,11 +19,15 @@ describe('VexAgent', () => {
         vanguardUrl: 'http://localhost:3000'
     };
 
+    beforeEach(() => {
+        // Valid 32-byte X25519 public key (non-zero)
+        const validPkBase64 = 'uSJQ6R87m8qPk96hQc64b5S67890123456789012344='; 
+        mockedAxios.get.mockResolvedValue({ data: { public_key: validPkBase64 } });
+        mockedAxios.post.mockResolvedValue({ data: { status: 'verified', outcome: 'ALLOW' } });
+    });
+
     test('execute() constructs a capsule and sends it via POST', async () => {
         const agent = new VexAgent(config);
-        
-        mockedAxios.post.mockResolvedValue({ data: { status: 'verified' } });
-
         const result = await agent.execute('test_tool', { foo: 'bar' });
 
         expect(mockedAxios.post).toHaveBeenCalledWith(

package/tests/binary_parity.test.ts

@@ -1,5 +1,9 @@
 import { VexAgent } from '../src/agent';
 
+jest.mock('axios');
+import axios from 'axios';
+const mockedAxios = axios as jest.Mocked<typeof axios>;
+
 jest.mock('@provncloud/sdk', () => ({
     ProvnSDK: jest.fn().mockImplementation(() => ({
         generateKeypair: jest.fn(),
@@ -25,6 +29,10 @@ describe('Binary Parity', () => {
         const crypto = require('crypto');
         jest.spyOn(crypto, 'randomUUID').mockReturnValue('0'.repeat(64));
 
+        // Mock fetchPublicKey to avoid network calls
+        const validPkBase64 = 'uSJQ6R87m8qPk96hQc64b5S67890123456789012344=';
+        mockedAxios.get.mockResolvedValue({ data: { public_key: validPkBase64 } });
+
         // Mock SDK signing
         const mockSDK = {
             createClaimNow: jest.fn().mockReturnValue({}),

package/tests/parity.test.ts

@@ -1,17 +1,15 @@
 import { VEPBuilder } from '../src/builder';
 
 describe('VEX SDK Parity Verification', () => {
-    test('calculateCapsuleRoot matches Rust test vector (v1.5.0 Merkle Shift)', () => {
-        // Test hashes provided in COWORKER_HANDOFF.md.resolved
+    test('calculateCapsuleRoot matches Rust test vector (v1.6.0 Protocol Alignment)', () => {
         const parityHashes = {
-            authority_hash: "6fac0de31355fc1dfe36eee1e0c226f7cc36dd58eaad0aca0c2d3873b4784d35",
+            authority_hash: "1f66eab08c7276b5bd65b6624193eb216159a675e43b85d827de85ec065495c6",
             identity_hash: "7869bae0249b33e09b881a0b44faba6ee3f4bab7edcc2aa5a5e9290e2563c828",
-            intent_hash: "e02504ea88bd9f05a744cd8a462a114dc2045eb7210ea8c6f5ff2679663c92cb",
-            witness_hash: "174dfb80917cca8a8d4760b82656e78df0778cb3aadd60b51cd018b3313d5733"
+            intent_hash: "ce4041d35af4dd0c00b60a04c80779516178097f7ab7e20fea6da2996dc06446",
+            witness_hash: "2aa5ae39acd791e6ae12341b4e82ec16cfcdd2ab4e46a8fb48389dff6217fd42"
         };
 
-        // Recalculated for 4-leaf Merkle Tree with 0x00/0x01 domain separation (Definitive v1.5.0)
-        const expectedRoot = "8acf6d45aedaf61c61142ea8f9f7a89bc90994532313f20fcc1493a95e36d405";
+        const expectedRoot = "35ef4684c3168f54f040e0e6a24d5bde35464731e6c32bb34bcc30fbb69c8255";
 
         const calculatedRoot = VEPBuilder.calculateCapsuleRoot(parityHashes);
         expect(calculatedRoot).toBe(expectedRoot);
@@ -31,16 +29,22 @@ describe('VEX SDK Parity Verification', () => {
     test('hashSegment matches expected output (Verification of JCS + SHA256)', () => {
         // Intent Pillar (Inclusive)
         const intent = {
-            request_sha256: "e02504ea88bd9f05a744cd8a462a114dc2045eb7210ea8c6f5ff2679663c92cb",
-            confidence: 0.95,
-            capabilities: ["filesystem", "network"]
+            schema: "vex/intent/v3",
+            aid: "00".repeat(32),
+            request_sha256: "ce4041d35af4dd0c00b60a04c80779516178097f7ab7e20fea6da2996dc06446",
+            commands: ["test_tool", { foo: "bar" }],
+            confidence: 1.0,
+            capabilities: ["sdk_execution"]
         };
         // This is a sanity check that JCS stable-sorting works
         const hash1 = VEPBuilder.hashSegment(intent);
         const hash2 = VEPBuilder.hashSegment({
-            capabilities: ["filesystem", "network"],
-            confidence: 0.95,
-            request_sha256: "e02504ea88bd9f05a744cd8a462a114dc2045eb7210ea8c6f5ff2679663c92cb"
+            capabilities: ["sdk_execution"],
+            confidence: 1.0,
+            commands: ["test_tool", { foo: "bar" }],
+            request_sha256: "ce4041d35af4dd0c00b60a04c80779516178097f7ab7e20fea6da2996dc06446",
+            aid: "00".repeat(32),
+            schema: "vex/intent/v3"
         });
         
         expect(hash1).toBe(hash2);