npm - @psavelis/enterprise-blockchain - Versions diffs - 0.1.0 → 1.1.1 - Mend

@psavelis/enterprise-blockchain 0.1.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (296) hide show

package/README.md +15 -2
package/dist/aid-settlement/application/reconciler.d.ts +13 -0
package/dist/aid-settlement/application/reconciler.d.ts.map +1 -0
package/dist/aid-settlement/application/reconciler.js +77 -0
package/dist/aid-settlement/domain/entities.d.ts +24 -0
package/dist/aid-settlement/domain/entities.d.ts.map +1 -0
package/dist/aid-settlement/domain/entities.js +1 -0
package/dist/aid-settlement/domain/ports.d.ts +10 -0
package/dist/aid-settlement/domain/ports.d.ts.map +1 -0
package/dist/aid-settlement/domain/ports.js +1 -0
package/dist/aid-settlement/index.d.ts +19 -0
package/dist/aid-settlement/index.d.ts.map +1 -0
package/dist/aid-settlement/index.js +23 -0
package/dist/aid-settlement/infrastructure/in-memory-store.d.ts +12 -0
package/dist/aid-settlement/infrastructure/in-memory-store.d.ts.map +1 -0
package/dist/aid-settlement/infrastructure/in-memory-store.js +17 -0
package/dist/credentialing/application/clearance-evaluator.d.ts +10 -0
package/dist/credentialing/application/clearance-evaluator.d.ts.map +1 -0
package/dist/credentialing/application/clearance-evaluator.js +63 -0
package/dist/credentialing/domain/entities.d.ts +28 -0
package/dist/credentialing/domain/entities.d.ts.map +1 -0
package/dist/credentialing/domain/entities.js +1 -0
package/dist/credentialing/domain/ports.d.ts +9 -0
package/dist/credentialing/domain/ports.d.ts.map +1 -0
package/dist/credentialing/domain/ports.js +1 -0
package/dist/credentialing/index.d.ts +19 -0
package/dist/credentialing/index.d.ts.map +1 -0
package/dist/credentialing/index.js +23 -0
package/dist/credentialing/infrastructure/in-memory-store.d.ts +11 -0
package/dist/credentialing/infrastructure/in-memory-store.d.ts.map +1 -0
package/dist/credentialing/infrastructure/in-memory-store.js +14 -0
package/dist/hsm/application/asymmetric-key-service.d.ts +23 -0
package/dist/hsm/application/asymmetric-key-service.d.ts.map +1 -0
package/dist/hsm/application/asymmetric-key-service.js +109 -0
package/dist/hsm/application/envelope-encryption-service.d.ts +18 -0
package/dist/hsm/application/envelope-encryption-service.d.ts.map +1 -0
package/dist/hsm/application/envelope-encryption-service.js +59 -0
package/dist/hsm/application/symmetric-key-service.d.ts +34 -0
package/dist/hsm/application/symmetric-key-service.d.ts.map +1 -0
package/dist/hsm/application/symmetric-key-service.js +107 -0
package/dist/hsm/domain/entities.d.ts +104 -0
package/dist/hsm/domain/entities.d.ts.map +1 -0
package/dist/hsm/domain/entities.js +10 -0
package/dist/hsm/domain/ports.d.ts +20 -0
package/dist/hsm/domain/ports.d.ts.map +1 -0
package/dist/hsm/domain/ports.js +1 -0
package/dist/hsm/index.d.ts +48 -0
package/dist/hsm/index.d.ts.map +1 -0
package/dist/hsm/index.js +97 -0
package/dist/hsm/infrastructure/audit-log-factory.d.ts +59 -0
package/dist/hsm/infrastructure/audit-log-factory.d.ts.map +1 -0
package/dist/hsm/infrastructure/audit-log-factory.js +95 -0
package/dist/hsm/infrastructure/audit-log.d.ts +8 -0
package/dist/hsm/infrastructure/audit-log.d.ts.map +1 -0
package/dist/hsm/infrastructure/audit-log.js +18 -0
package/dist/hsm/infrastructure/file-audit-log.d.ts +55 -0
package/dist/hsm/infrastructure/file-audit-log.d.ts.map +1 -0
package/dist/hsm/infrastructure/file-audit-log.js +128 -0
package/dist/hsm/infrastructure/key-store.d.ts +9 -0
package/dist/hsm/infrastructure/key-store.d.ts.map +1 -0
package/dist/hsm/infrastructure/key-store.js +12 -0
package/dist/hsm/infrastructure/syslog-audit-log.d.ts +64 -0
package/dist/hsm/infrastructure/syslog-audit-log.d.ts.map +1 -0
package/dist/hsm/infrastructure/syslog-audit-log.js +167 -0
package/dist/index.d.ts +22 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +37 -0
package/dist/integrations/besu-client/error-mapper.d.ts +9 -0
package/dist/integrations/besu-client/error-mapper.d.ts.map +1 -0
package/dist/integrations/besu-client/error-mapper.js +22 -0
package/dist/integrations/besu-client/index.d.ts +65 -0
package/dist/integrations/besu-client/index.d.ts.map +1 -0
package/dist/integrations/besu-client/index.js +276 -0
package/dist/integrations/besu-client/ports.d.ts +44 -0
package/dist/integrations/besu-client/ports.d.ts.map +1 -0
package/dist/integrations/besu-client/ports.js +1 -0
package/dist/integrations/corda-gateway/index.d.ts +37 -0
package/dist/integrations/corda-gateway/index.d.ts.map +1 -0
package/dist/integrations/corda-gateway/index.js +234 -0
package/dist/integrations/corda-gateway/ports.d.ts +33 -0
package/dist/integrations/corda-gateway/ports.d.ts.map +1 -0
package/dist/integrations/corda-gateway/ports.js +1 -0
package/dist/integrations/fabric-gateway/index.d.ts +78 -0
package/dist/integrations/fabric-gateway/index.d.ts.map +1 -0
package/dist/integrations/fabric-gateway/index.js +214 -0
package/dist/integrations/fabric-gateway/ports.d.ts +50 -0
package/dist/integrations/fabric-gateway/ports.d.ts.map +1 -0
package/dist/integrations/fabric-gateway/ports.js +1 -0
package/dist/integrations/index.d.ts +19 -0
package/dist/integrations/index.d.ts.map +1 -0
package/dist/integrations/index.js +19 -0
package/dist/integrations/shared/env.d.ts +4 -0
package/dist/integrations/shared/env.d.ts.map +1 -0
package/dist/integrations/shared/env.js +24 -0
package/dist/integrations/shared/retry.d.ts +79 -0
package/dist/integrations/shared/retry.d.ts.map +1 -0
package/dist/integrations/shared/retry.js +315 -0
package/dist/mpc/adapters.d.ts +36 -0
package/dist/mpc/adapters.d.ts.map +1 -0
package/dist/mpc/adapters.js +46 -0
package/dist/mpc/crypto.d.ts +2 -0
package/dist/mpc/crypto.d.ts.map +1 -0
package/dist/mpc/crypto.js +2 -0
package/dist/mpc/dsa.d.ts +134 -0
package/dist/mpc/dsa.d.ts.map +1 -0
package/dist/mpc/dsa.js +127 -0
package/dist/mpc/field.d.ts +127 -0
package/dist/mpc/field.d.ts.map +1 -0
package/dist/mpc/field.js +209 -0
package/dist/mpc/hybrid-kem.d.ts +96 -0
package/dist/mpc/hybrid-kem.d.ts.map +1 -0
package/dist/mpc/hybrid-kem.js +136 -0
package/dist/mpc/index.d.ts +135 -0
package/dist/mpc/index.d.ts.map +1 -0
package/dist/mpc/index.js +348 -0
package/dist/mpc/kyber.d.ts +134 -0
package/dist/mpc/kyber.d.ts.map +1 -0
package/dist/mpc/kyber.js +143 -0
package/dist/mpc/ports.d.ts +67 -0
package/dist/mpc/ports.d.ts.map +1 -0
package/dist/mpc/ports.js +9 -0
package/dist/mpc/quantum.d.ts +80 -0
package/dist/mpc/quantum.d.ts.map +1 -0
package/dist/mpc/quantum.js +180 -0
package/dist/p2mr/adapters.d.ts +31 -0
package/dist/p2mr/adapters.d.ts.map +1 -0
package/dist/p2mr/adapters.js +35 -0
package/dist/p2mr/index.d.ts +63 -0
package/dist/p2mr/index.d.ts.map +1 -0
package/dist/p2mr/index.js +59 -0
package/dist/p2mr/merkle-tree.d.ts +109 -0
package/dist/p2mr/merkle-tree.d.ts.map +1 -0
package/dist/p2mr/merkle-tree.js +239 -0
package/dist/p2mr/p2mr-output.d.ts +142 -0
package/dist/p2mr/p2mr-output.d.ts.map +1 -0
package/dist/p2mr/p2mr-output.js +150 -0
package/dist/p2mr/ports.d.ts +52 -0
package/dist/p2mr/ports.d.ts.map +1 -0
package/dist/p2mr/ports.js +9 -0
package/dist/p2mr/script-interpreter.d.ts +92 -0
package/dist/p2mr/script-interpreter.d.ts.map +1 -0
package/dist/p2mr/script-interpreter.js +535 -0
package/dist/p2mr/script-leaf.d.ts +70 -0
package/dist/p2mr/script-leaf.d.ts.map +1 -0
package/dist/p2mr/script-leaf.js +203 -0
package/dist/p2mr/spend-proof.d.ts +95 -0
package/dist/p2mr/spend-proof.d.ts.map +1 -0
package/dist/p2mr/spend-proof.js +358 -0
package/dist/p2mr/types.d.ts +209 -0
package/dist/p2mr/types.d.ts.map +1 -0
package/dist/p2mr/types.js +9 -0
package/dist/privacy/application/view-projector.d.ts +13 -0
package/dist/privacy/application/view-projector.d.ts.map +1 -0
package/dist/privacy/application/view-projector.js +85 -0
package/dist/privacy/domain/entities.d.ts +26 -0
package/dist/privacy/domain/entities.d.ts.map +1 -0
package/dist/privacy/domain/entities.js +1 -0
package/dist/privacy/domain/ports.d.ts +7 -0
package/dist/privacy/domain/ports.d.ts.map +1 -0
package/dist/privacy/domain/ports.js +1 -0
package/dist/privacy/index.d.ts +21 -0
package/dist/privacy/index.d.ts.map +1 -0
package/dist/privacy/index.js +25 -0
package/dist/privacy/infrastructure/in-memory-store.d.ts +8 -0
package/dist/privacy/infrastructure/in-memory-store.d.ts.map +1 -0
package/dist/privacy/infrastructure/in-memory-store.js +7 -0
package/dist/protocols/besu-port.d.ts +80 -0
package/dist/protocols/besu-port.d.ts.map +1 -0
package/dist/protocols/besu-port.js +1 -0
package/dist/protocols/corda-port.d.ts +103 -0
package/dist/protocols/corda-port.d.ts.map +1 -0
package/dist/protocols/corda-port.js +9 -0
package/dist/protocols/credentialing-port.d.ts +11 -0
package/dist/protocols/credentialing-port.d.ts.map +1 -0
package/dist/protocols/credentialing-port.js +1 -0
package/dist/protocols/fabric-port.d.ts +89 -0
package/dist/protocols/fabric-port.d.ts.map +1 -0
package/dist/protocols/fabric-port.js +9 -0
package/dist/protocols/index.d.ts +14 -0
package/dist/protocols/index.d.ts.map +1 -0
package/dist/protocols/index.js +7 -0
package/dist/protocols/p2mr-port.d.ts +159 -0
package/dist/protocols/p2mr-port.d.ts.map +1 -0
package/dist/protocols/p2mr-port.js +12 -0
package/dist/protocols/privacy-port.d.ts +9 -0
package/dist/protocols/privacy-port.d.ts.map +1 -0
package/dist/protocols/privacy-port.js +1 -0
package/dist/protocols/traceability-port.d.ts +12 -0
package/dist/protocols/traceability-port.d.ts.map +1 -0
package/dist/protocols/traceability-port.js +1 -0
package/dist/shared/collection-store.d.ts +12 -0
package/dist/shared/collection-store.d.ts.map +1 -0
package/dist/shared/collection-store.js +26 -0
package/dist/shared/commit.d.ts +24 -0
package/dist/shared/commit.d.ts.map +1 -0
package/dist/shared/commit.js +50 -0
package/dist/shared/crypto.d.ts +2 -0
package/dist/shared/crypto.d.ts.map +1 -0
package/dist/shared/crypto.js +4 -0
package/dist/shared/date.d.ts +2 -0
package/dist/shared/date.d.ts.map +1 -0
package/dist/shared/date.js +3 -0
package/dist/shared/index.d.ts +9 -0
package/dist/shared/index.d.ts.map +1 -0
package/dist/shared/index.js +11 -0
package/dist/shared/logger.d.ts +37 -0
package/dist/shared/logger.d.ts.map +1 -0
package/dist/shared/logger.js +45 -0
package/dist/shared/store.d.ts +25 -0
package/dist/shared/store.d.ts.map +1 -0
package/dist/shared/store.js +18 -0
package/dist/shared/telemetry-sdk.d.ts +26 -0
package/dist/shared/telemetry-sdk.d.ts.map +1 -0
package/dist/shared/telemetry-sdk.js +97 -0
package/dist/shared/telemetry.d.ts +86 -0
package/dist/shared/telemetry.d.ts.map +1 -0
package/dist/shared/telemetry.js +137 -0
package/dist/stark-settlement/application/aggregator-service.d.ts +112 -0
package/dist/stark-settlement/application/aggregator-service.d.ts.map +1 -0
package/dist/stark-settlement/application/aggregator-service.js +256 -0
package/dist/stark-settlement/application/ledger-service.d.ts +114 -0
package/dist/stark-settlement/application/ledger-service.d.ts.map +1 -0
package/dist/stark-settlement/application/ledger-service.js +318 -0
package/dist/stark-settlement/application/settlement-service.d.ts +104 -0
package/dist/stark-settlement/application/settlement-service.d.ts.map +1 -0
package/dist/stark-settlement/application/settlement-service.js +251 -0
package/dist/stark-settlement/domain/entities.d.ts +365 -0
package/dist/stark-settlement/domain/entities.d.ts.map +1 -0
package/dist/stark-settlement/domain/entities.js +29 -0
package/dist/stark-settlement/domain/ports.d.ts +485 -0
package/dist/stark-settlement/domain/ports.d.ts.map +1 -0
package/dist/stark-settlement/domain/ports.js +14 -0
package/dist/stark-settlement/domain/value-objects.d.ts +268 -0
package/dist/stark-settlement/domain/value-objects.d.ts.map +1 -0
package/dist/stark-settlement/domain/value-objects.js +500 -0
package/dist/stark-settlement/index.d.ts +172 -0
package/dist/stark-settlement/index.d.ts.map +1 -0
package/dist/stark-settlement/index.js +193 -0
package/dist/stark-settlement/infrastructure/adapters/audit-adapter.d.ts +52 -0
package/dist/stark-settlement/infrastructure/adapters/audit-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/audit-adapter.js +154 -0
package/dist/stark-settlement/infrastructure/adapters/bitcoin-adapter.d.ts +88 -0
package/dist/stark-settlement/infrastructure/adapters/bitcoin-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/bitcoin-adapter.js +187 -0
package/dist/stark-settlement/infrastructure/adapters/clock-adapter.d.ts +59 -0
package/dist/stark-settlement/infrastructure/adapters/clock-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/clock-adapter.js +85 -0
package/dist/stark-settlement/infrastructure/adapters/dilithium-adapter.d.ts +60 -0
package/dist/stark-settlement/infrastructure/adapters/dilithium-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/dilithium-adapter.js +104 -0
package/dist/stark-settlement/infrastructure/adapters/event-emitter-adapter.d.ts +115 -0
package/dist/stark-settlement/infrastructure/adapters/event-emitter-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/event-emitter-adapter.js +191 -0
package/dist/stark-settlement/infrastructure/adapters/fiat-adapter.d.ts +65 -0
package/dist/stark-settlement/infrastructure/adapters/fiat-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/fiat-adapter.js +207 -0
package/dist/stark-settlement/infrastructure/adapters/mock-stark-adapter.d.ts +73 -0
package/dist/stark-settlement/infrastructure/adapters/mock-stark-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/mock-stark-adapter.js +287 -0
package/dist/stark-settlement/infrastructure/adapters/solana-adapter.d.ts +78 -0
package/dist/stark-settlement/infrastructure/adapters/solana-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/solana-adapter.js +172 -0
package/dist/stark-settlement/infrastructure/adapters/starknet-proof-adapter.d.ts +56 -0
package/dist/stark-settlement/infrastructure/adapters/starknet-proof-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/starknet-proof-adapter.js +261 -0
package/dist/stark-settlement/infrastructure/adapters/stone-proof-adapter.d.ts +125 -0
package/dist/stark-settlement/infrastructure/adapters/stone-proof-adapter.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/adapters/stone-proof-adapter.js +416 -0
package/dist/stark-settlement/infrastructure/persistence/ledger-store.d.ts +68 -0
package/dist/stark-settlement/infrastructure/persistence/ledger-store.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/persistence/ledger-store.js +238 -0
package/dist/stark-settlement/infrastructure/persistence/offset-store.d.ts +30 -0
package/dist/stark-settlement/infrastructure/persistence/offset-store.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/persistence/offset-store.js +57 -0
package/dist/stark-settlement/infrastructure/persistence/outbox-store.d.ts +45 -0
package/dist/stark-settlement/infrastructure/persistence/outbox-store.d.ts.map +1 -0
package/dist/stark-settlement/infrastructure/persistence/outbox-store.js +171 -0
package/dist/traceability/application/recall-assessor.d.ts +13 -0
package/dist/traceability/application/recall-assessor.d.ts.map +1 -0
package/dist/traceability/application/recall-assessor.js +74 -0
package/dist/traceability/domain/entities.d.ts +23 -0
package/dist/traceability/domain/entities.d.ts.map +1 -0
package/dist/traceability/domain/entities.js +1 -0
package/dist/traceability/domain/ports.d.ts +23 -0
package/dist/traceability/domain/ports.d.ts.map +1 -0
package/dist/traceability/domain/ports.js +1 -0
package/dist/traceability/domain/recall.d.ts +12 -0
package/dist/traceability/domain/recall.d.ts.map +1 -0
package/dist/traceability/domain/recall.js +1 -0
package/dist/traceability/index.d.ts +22 -0
package/dist/traceability/index.d.ts.map +1 -0
package/dist/traceability/index.js +26 -0
package/dist/traceability/infrastructure/in-memory-store.d.ts +13 -0
package/dist/traceability/infrastructure/in-memory-store.d.ts.map +1 -0
package/dist/traceability/infrastructure/in-memory-store.js +24 -0
package/package.json +12 -9

package/dist/hsm/infrastructure/audit-log.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { HsmAuditEntry } from "../domain/entities.js";
+import type { AuditLog } from "../domain/ports.js";
+export declare class InMemoryAuditLog implements AuditLog {
+    private readonly log;
+    record(operation: string, keyLabel: string, result: "success" | "failed", detail?: string): void;
+    entries(): readonly HsmAuditEntry[];
+}
+//# sourceMappingURL=audit-log.d.ts.map

package/dist/hsm/infrastructure/audit-log.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"audit-log.d.ts","sourceRoot":"","sources":["../../../src/hsm/infrastructure/audit-log.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEnD,qBAAa,gBAAiB,YAAW,QAAQ;IAC/C,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAuB;IAE3C,MAAM,CACJ,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,SAAS,GAAG,QAAQ,EAC5B,MAAM,CAAC,EAAE,MAAM,GACd,IAAI;IAaP,OAAO,IAAI,SAAS,aAAa,EAAE;CAGpC"}

package/dist/hsm/infrastructure/audit-log.js ADDED Viewed

@@ -0,0 +1,18 @@
+export class InMemoryAuditLog {
+    log = [];
+    record(operation, keyLabel, result, detail) {
+        const entry = {
+            timestamp: new Date().toISOString(),
+            operation,
+            keyLabel,
+            result,
+        };
+        if (detail !== undefined) {
+            entry.detail = detail;
+        }
+        this.log.push(entry);
+    }
+    entries() {
+        return [...this.log];
+    }
+}

package/dist/hsm/infrastructure/file-audit-log.d.ts ADDED Viewed

@@ -0,0 +1,55 @@
+import type { HsmAuditEntry } from "../domain/entities.js";
+import type { AuditLog } from "../domain/ports.js";
+/**
+ * Chained audit entry with cryptographic integrity.
+ * Each entry includes a hash of the previous entry, creating a tamper-evident chain.
+ */
+export interface ChainedAuditEntry extends HsmAuditEntry {
+    /** SHA-256 hash of the previous entry (hex). First entry uses "genesis". */
+    previousHash: string;
+    /** SHA-256 hash of this entry including previousHash (hex). */
+    entryHash: string;
+    /** Monotonic sequence number starting at 1. */
+    sequenceNumber: number;
+}
+/**
+ * Persistent audit log with append-only writes and cryptographic chaining.
+ *
+ * Each entry includes:
+ * - SHA-256 hash of the previous entry (tamper-evidence)
+ * - Monotonic sequence number (gap detection)
+ * - Entry hash for integrity verification
+ *
+ * File format: NDJSON (newline-delimited JSON) for append-only writes.
+ *
+ * Ref: NIST SP 800-57 Part 1, §8.1 — key management lifecycle auditing
+ */
+export declare class FileAuditLog implements AuditLog {
+    private readonly filePath;
+    private lastHash;
+    private sequenceNumber;
+    private readonly cache;
+    constructor(filePath: string);
+    record(operation: string, keyLabel: string, result: "success" | "failed", detail?: string): void;
+    entries(): readonly HsmAuditEntry[];
+    /**
+     * Get all chained entries including integrity metadata.
+     */
+    chainedEntries(): readonly ChainedAuditEntry[];
+    /**
+     * Verify the integrity of the entire audit chain.
+     * Returns true if all hashes are valid and sequence is unbroken.
+     */
+    verifyIntegrity(): {
+        valid: boolean;
+        errors: string[];
+    };
+    /**
+     * Get the current chain tip hash for external anchoring.
+     */
+    getChainTipHash(): string;
+    private computeHash;
+    private appendToFile;
+    private loadExistingEntries;
+}
+//# sourceMappingURL=file-audit-log.d.ts.map

package/dist/hsm/infrastructure/file-audit-log.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"file-audit-log.d.ts","sourceRoot":"","sources":["../../../src/hsm/infrastructure/file-audit-log.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEnD;;;GAGG;AACH,MAAM,WAAW,iBAAkB,SAAQ,aAAa;IACtD,4EAA4E;IAC5E,YAAY,EAAE,MAAM,CAAC;IACrB,+DAA+D;IAC/D,SAAS,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;;;;;;;;;;GAWG;AACH,qBAAa,YAAa,YAAW,QAAQ;IAC3C,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAqB;IACrC,OAAO,CAAC,cAAc,CAAa;IACnC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA2B;gBAErC,QAAQ,EAAE,MAAM;IAK5B,MAAM,CACJ,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,SAAS,GAAG,QAAQ,EAC5B,MAAM,CAAC,EAAE,MAAM,GACd,IAAI;IA2BP,OAAO,IAAI,SAAS,aAAa,EAAE;IAenC;;OAEG;IACH,cAAc,IAAI,SAAS,iBAAiB,EAAE;IAI9C;;;OAGG;IACH,eAAe,IAAI;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAA;KAAE;IAmCvD;;OAEG;IACH,eAAe,IAAI,MAAM;IAIzB,OAAO,CAAC,WAAW;IAanB,OAAO,CAAC,YAAY;IAKpB,OAAO,CAAC,mBAAmB;CAgB5B"}

package/dist/hsm/infrastructure/file-audit-log.js ADDED Viewed

@@ -0,0 +1,128 @@
+import { createHash } from "node:crypto";
+import { appendFileSync, existsSync, readFileSync, writeFileSync, } from "node:fs";
+/**
+ * Persistent audit log with append-only writes and cryptographic chaining.
+ *
+ * Each entry includes:
+ * - SHA-256 hash of the previous entry (tamper-evidence)
+ * - Monotonic sequence number (gap detection)
+ * - Entry hash for integrity verification
+ *
+ * File format: NDJSON (newline-delimited JSON) for append-only writes.
+ *
+ * Ref: NIST SP 800-57 Part 1, §8.1 — key management lifecycle auditing
+ */
+export class FileAuditLog {
+    filePath;
+    lastHash = "genesis";
+    sequenceNumber = 0;
+    cache = [];
+    constructor(filePath) {
+        this.filePath = filePath;
+        this.loadExistingEntries();
+    }
+    record(operation, keyLabel, result, detail) {
+        this.sequenceNumber++;
+        const baseEntry = {
+            timestamp: new Date().toISOString(),
+            operation,
+            keyLabel,
+            result,
+        };
+        if (detail !== undefined) {
+            baseEntry.detail = detail;
+        }
+        const chainedEntry = {
+            ...baseEntry,
+            previousHash: this.lastHash,
+            sequenceNumber: this.sequenceNumber,
+            entryHash: "", // Computed below
+        };
+        chainedEntry.entryHash = this.computeHash(chainedEntry);
+        this.lastHash = chainedEntry.entryHash;
+        this.appendToFile(chainedEntry);
+        this.cache.push(chainedEntry);
+    }
+    entries() {
+        return this.cache.map((e) => {
+            const entry = {
+                timestamp: e.timestamp,
+                operation: e.operation,
+                keyLabel: e.keyLabel,
+                result: e.result,
+            };
+            if (e.detail !== undefined) {
+                entry.detail = e.detail;
+            }
+            return entry;
+        });
+    }
+    /**
+     * Get all chained entries including integrity metadata.
+     */
+    chainedEntries() {
+        return [...this.cache];
+    }
+    /**
+     * Verify the integrity of the entire audit chain.
+     * Returns true if all hashes are valid and sequence is unbroken.
+     */
+    verifyIntegrity() {
+        const errors = [];
+        let expectedPreviousHash = "genesis";
+        for (let i = 0; i < this.cache.length; i++) {
+            const entry = this.cache[i];
+            // Verify sequence number
+            if (entry.sequenceNumber !== i + 1) {
+                errors.push(`Entry ${i}: sequence number mismatch (expected ${i + 1}, got ${entry.sequenceNumber})`);
+            }
+            // Verify previous hash chain
+            if (entry.previousHash !== expectedPreviousHash) {
+                errors.push(`Entry ${i}: previous hash mismatch (expected ${expectedPreviousHash.slice(0, 16)}..., got ${entry.previousHash.slice(0, 16)}...)`);
+            }
+            // Verify entry hash
+            const computedHash = this.computeHash(entry);
+            if (entry.entryHash !== computedHash) {
+                errors.push(`Entry ${i}: entry hash mismatch (computed ${computedHash.slice(0, 16)}..., stored ${entry.entryHash.slice(0, 16)}...)`);
+            }
+            expectedPreviousHash = entry.entryHash;
+        }
+        return { valid: errors.length === 0, errors };
+    }
+    /**
+     * Get the current chain tip hash for external anchoring.
+     */
+    getChainTipHash() {
+        return this.lastHash;
+    }
+    computeHash(entry) {
+        const payload = JSON.stringify({
+            timestamp: entry.timestamp,
+            operation: entry.operation,
+            keyLabel: entry.keyLabel,
+            result: entry.result,
+            detail: entry.detail,
+            previousHash: entry.previousHash,
+            sequenceNumber: entry.sequenceNumber,
+        });
+        return createHash("sha256").update(payload).digest("hex");
+    }
+    appendToFile(entry) {
+        const line = JSON.stringify(entry) + "\n";
+        appendFileSync(this.filePath, line, "utf-8");
+    }
+    loadExistingEntries() {
+        if (!existsSync(this.filePath)) {
+            writeFileSync(this.filePath, "", "utf-8");
+            return;
+        }
+        const content = readFileSync(this.filePath, "utf-8");
+        const lines = content.trim().split("\n").filter(Boolean);
+        for (const line of lines) {
+            const entry = JSON.parse(line);
+            this.cache.push(entry);
+            this.lastHash = entry.entryHash;
+            this.sequenceNumber = entry.sequenceNumber;
+        }
+    }
+}

package/dist/hsm/infrastructure/key-store.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { KeyEntry } from "../domain/entities.js";
+import type { KeyStore } from "../domain/ports.js";
+export declare class InMemoryKeyStore implements KeyStore {
+    private readonly data;
+    has(label: string): boolean;
+    get(label: string): KeyEntry | undefined;
+    set(label: string, entry: KeyEntry): void;
+}
+//# sourceMappingURL=key-store.d.ts.map

package/dist/hsm/infrastructure/key-store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"key-store.d.ts","sourceRoot":"","sources":["../../../src/hsm/infrastructure/key-store.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEnD,qBAAa,gBAAiB,YAAW,QAAQ;IAC/C,OAAO,CAAC,QAAQ,CAAC,IAAI,CAA+B;IAEpD,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO;IAI3B,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,QAAQ,GAAG,SAAS;IAIxC,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,GAAG,IAAI;CAG1C"}

package/dist/hsm/infrastructure/key-store.js ADDED Viewed

@@ -0,0 +1,12 @@
+export class InMemoryKeyStore {
+    data = new Map();
+    has(label) {
+        return this.data.has(label);
+    }
+    get(label) {
+        return this.data.get(label);
+    }
+    set(label, entry) {
+        this.data.set(label, entry);
+    }
+}

package/dist/hsm/infrastructure/syslog-audit-log.d.ts ADDED Viewed

@@ -0,0 +1,64 @@
+import type { HsmAuditEntry } from "../domain/entities.js";
+import type { AuditLog } from "../domain/ports.js";
+/**
+ * Syslog severity levels per RFC 5424.
+ */
+export type SyslogSeverity = "emergency" | "alert" | "critical" | "error" | "warning" | "notice" | "info" | "debug";
+/**
+ * Syslog facility codes per RFC 5424.
+ */
+export type SyslogFacility = "kern" | "user" | "mail" | "daemon" | "auth" | "syslog" | "lpr" | "news" | "uucp" | "cron" | "authpriv" | "ftp" | "local0" | "local1" | "local2" | "local3" | "local4" | "local5" | "local6" | "local7";
+export interface SyslogConfig {
+    /** Syslog server hostname or IP address. Default: "127.0.0.1" */
+    host: string;
+    /** Syslog server port. Default: 514 */
+    port: number;
+    /** Syslog facility. Default: "auth" (security/authorization) */
+    facility: SyslogFacility;
+    /** Application name for syslog messages. Default: "hsm-audit" */
+    appName: string;
+    /** Protocol: UDP or TCP. Default: "udp" */
+    protocol: "udp" | "tcp";
+}
+export declare const DEFAULT_SYSLOG_CONFIG: SyslogConfig;
+/**
+ * Syslog audit log adapter for enterprise SIEM integration.
+ *
+ * Sends HSM audit entries to a syslog server using RFC 5424 format.
+ * Also maintains an in-memory cache for the entries() API contract.
+ *
+ * Severity mapping:
+ * - "success" → info
+ * - "failed" → warning
+ *
+ * Ref: RFC 5424 — The Syslog Protocol
+ * Ref: NIST SP 800-57 Part 1, §8.1 — key management lifecycle auditing
+ */
+export declare class SyslogAuditLog implements AuditLog {
+    private readonly config;
+    private readonly cache;
+    private socket;
+    private sequenceNumber;
+    constructor(config?: Partial<SyslogConfig>);
+    record(operation: string, keyLabel: string, result: "success" | "failed", detail?: string): void;
+    entries(): readonly HsmAuditEntry[];
+    /**
+     * Close the UDP socket if open.
+     */
+    close(): void;
+    private sendToSyslog;
+    private formatSyslogMessage;
+    /**
+     * Escape structured-data parameter values per RFC 5424 §6.3.3.
+     * Must escape: " (double-quote), ] (right bracket), \ (backslash)
+     */
+    private escapeStructuredDataValue;
+    /**
+     * Sanitize message text to prevent log injection.
+     * Removes control characters that could manipulate log parsing.
+     */
+    private sanitizeMessageText;
+    private computeEntryHash;
+    private sendUdp;
+}
+//# sourceMappingURL=syslog-audit-log.d.ts.map

package/dist/hsm/infrastructure/syslog-audit-log.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"syslog-audit-log.d.ts","sourceRoot":"","sources":["../../../src/hsm/infrastructure/syslog-audit-log.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEnD;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,WAAW,GACX,OAAO,GACP,UAAU,GACV,OAAO,GACP,SAAS,GACT,QAAQ,GACR,MAAM,GACN,OAAO,CAAC;AAEZ;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,MAAM,GACN,MAAM,GACN,MAAM,GACN,QAAQ,GACR,MAAM,GACN,QAAQ,GACR,KAAK,GACL,MAAM,GACN,MAAM,GACN,MAAM,GACN,UAAU,GACV,KAAK,GACL,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,QAAQ,CAAC;AAoCb,MAAM,WAAW,YAAY;IAC3B,iEAAiE;IACjE,IAAI,EAAE,MAAM,CAAC;IACb,uCAAuC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,gEAAgE;IAChE,QAAQ,EAAE,cAAc,CAAC;IACzB,iEAAiE;IACjE,OAAO,EAAE,MAAM,CAAC;IAChB,2CAA2C;IAC3C,QAAQ,EAAE,KAAK,GAAG,KAAK,CAAC;CACzB;AAED,eAAO,MAAM,qBAAqB,EAAE,YAMnC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,qBAAa,cAAe,YAAW,QAAQ;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAe;IACtC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAuB;IAC7C,OAAO,CAAC,MAAM,CAA6B;IAC3C,OAAO,CAAC,cAAc,CAAK;gBAEf,MAAM,GAAE,OAAO,CAAC,YAAY,CAAM;IAI9C,MAAM,CACJ,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,SAAS,GAAG,QAAQ,EAC5B,MAAM,CAAC,EAAE,MAAM,GACd,IAAI;IAiBP,OAAO,IAAI,SAAS,aAAa,EAAE;IAInC;;OAEG;IACH,KAAK,IAAI,IAAI;IAOb,OAAO,CAAC,YAAY;IAWpB,OAAO,CAAC,mBAAmB;IAuC3B;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IAOjC;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAM3B,OAAO,CAAC,gBAAgB;IAYxB,OAAO,CAAC,OAAO;CAsBhB"}

package/dist/hsm/infrastructure/syslog-audit-log.js ADDED Viewed

@@ -0,0 +1,167 @@
+import { createHash } from "node:crypto";
+import * as dgram from "node:dgram";
+const FACILITY_CODES = {
+    kern: 0,
+    user: 1,
+    mail: 2,
+    daemon: 3,
+    auth: 4,
+    syslog: 5,
+    lpr: 6,
+    news: 7,
+    uucp: 8,
+    cron: 9,
+    authpriv: 10,
+    ftp: 11,
+    local0: 16,
+    local1: 17,
+    local2: 18,
+    local3: 19,
+    local4: 20,
+    local5: 21,
+    local6: 22,
+    local7: 23,
+};
+const SEVERITY_CODES = {
+    emergency: 0,
+    alert: 1,
+    critical: 2,
+    error: 3,
+    warning: 4,
+    notice: 5,
+    info: 6,
+    debug: 7,
+};
+export const DEFAULT_SYSLOG_CONFIG = {
+    host: "127.0.0.1",
+    port: 514,
+    facility: "auth",
+    appName: "hsm-audit",
+    protocol: "udp",
+};
+/**
+ * Syslog audit log adapter for enterprise SIEM integration.
+ *
+ * Sends HSM audit entries to a syslog server using RFC 5424 format.
+ * Also maintains an in-memory cache for the entries() API contract.
+ *
+ * Severity mapping:
+ * - "success" → info
+ * - "failed" → warning
+ *
+ * Ref: RFC 5424 — The Syslog Protocol
+ * Ref: NIST SP 800-57 Part 1, §8.1 — key management lifecycle auditing
+ */
+export class SyslogAuditLog {
+    config;
+    cache = [];
+    socket = null;
+    sequenceNumber = 0;
+    constructor(config = {}) {
+        this.config = { ...DEFAULT_SYSLOG_CONFIG, ...config };
+    }
+    record(operation, keyLabel, result, detail) {
+        this.sequenceNumber++;
+        const entry = {
+            timestamp: new Date().toISOString(),
+            operation,
+            keyLabel,
+            result,
+        };
+        if (detail !== undefined) {
+            entry.detail = detail;
+        }
+        this.cache.push(entry);
+        this.sendToSyslog(entry);
+    }
+    entries() {
+        return [...this.cache];
+    }
+    /**
+     * Close the UDP socket if open.
+     */
+    close() {
+        if (this.socket) {
+            this.socket.close();
+            this.socket = null;
+        }
+    }
+    sendToSyslog(entry) {
+        const severity = entry.result === "success" ? "info" : "warning";
+        const message = this.formatSyslogMessage(entry, severity);
+        if (this.config.protocol === "udp") {
+            this.sendUdp(message);
+        }
+        // TCP support can be added later if needed
+    }
+    formatSyslogMessage(entry, severity) {
+        const priority = FACILITY_CODES[this.config.facility] * 8 + SEVERITY_CODES[severity];
+        const timestamp = entry.timestamp;
+        const hostname = "-"; // NILVALUE per RFC 5424
+        const appName = this.config.appName;
+        const procId = process.pid.toString();
+        const msgId = `HSM_${entry.operation.toUpperCase()}`;
+        // Escape values per RFC 5424 §6.3.3 - SD-PARAM values must escape ", ], and \
+        const escapedOperation = this.escapeStructuredDataValue(entry.operation);
+        const escapedKeyLabel = this.escapeStructuredDataValue(entry.keyLabel);
+        // Sanitize message text to prevent log injection
+        const messageOperation = this.sanitizeMessageText(entry.operation);
+        const messageKeyLabel = this.sanitizeMessageText(entry.keyLabel);
+        const messageDetail = entry.detail
+            ? this.sanitizeMessageText(entry.detail)
+            : undefined;
+        // Structured data with audit details
+        const entryHash = this.computeEntryHash(entry);
+        const structuredData = `[hsm-audit@32473 operation="${escapedOperation}" ` +
+            `keyLabel="${escapedKeyLabel}" result="${entry.result}" ` +
+            `sequence="${this.sequenceNumber}" hash="${entryHash.slice(0, 16)}"]`;
+        // Human-readable message
+        const message = messageDetail
+            ? `${messageOperation} ${messageKeyLabel}: ${entry.result} - ${messageDetail}`
+            : `${messageOperation} ${messageKeyLabel}: ${entry.result}`;
+        // RFC 5424 format: <PRI>VERSION TIMESTAMP HOSTNAME APP-NAME PROCID MSGID SD MSG
+        return `<${priority}>1 ${timestamp} ${hostname} ${appName} ${procId} ${msgId} ${structuredData} ${message}`;
+    }
+    /**
+     * Escape structured-data parameter values per RFC 5424 §6.3.3.
+     * Must escape: " (double-quote), ] (right bracket), \ (backslash)
+     */
+    escapeStructuredDataValue(value) {
+        return value
+            .replace(/\\/g, "\\\\")
+            .replace(/"/g, '\\"')
+            .replace(/]/g, "\\]");
+    }
+    /**
+     * Sanitize message text to prevent log injection.
+     * Removes control characters that could manipulate log parsing.
+     */
+    sanitizeMessageText(value) {
+        // Remove C0 control chars (0x00-0x1F) except tab/newline, and DEL (0x7F)
+        // eslint-disable-next-line no-control-regex
+        return value.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, " ").trim();
+    }
+    computeEntryHash(entry) {
+        const payload = JSON.stringify({
+            timestamp: entry.timestamp,
+            operation: entry.operation,
+            keyLabel: entry.keyLabel,
+            result: entry.result,
+            detail: entry.detail,
+            sequenceNumber: this.sequenceNumber,
+        });
+        return createHash("sha256").update(payload).digest("hex");
+    }
+    sendUdp(message) {
+        if (!this.socket) {
+            this.socket = dgram.createSocket("udp4");
+        }
+        const buffer = Buffer.from(message, "utf-8");
+        this.socket.send(buffer, 0, buffer.length, this.config.port, this.config.host, (err) => {
+            if (err) {
+                // Log to stderr but don't throw — audit logging shouldn't break HSM operations
+                console.error(`SyslogAuditLog: failed to send to ${this.config.host}:${this.config.port}: ${err.message}`);
+            }
+        });
+    }
+}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * @psavelis/enterprise-blockchain
+ *
+ * Production-grade enterprise blockchain modules:
+ * - MPC (Multiparty Computation) with post-quantum cryptography
+ * - HSM (Hardware Security Module) key management
+ * - STARK settlement with recursive proof aggregation
+ * - Protocol adapters for Fabric, Besu, and Corda
+ *
+ * @license Apache-2.0
+ */
+export * from "./shared/index.js";
+export * from "./mpc/index.js";
+export * from "./hsm/index.js";
+export * from "./p2mr/index.js";
+export { type AssetType, type AssetConfig, type MirrorAccount, type TransactionType, type TransactionStatus, type LedgerTransaction, type TransactionPayload, type BaseProof, type Tier1Proof, type Tier2BlockProof, type OutboxEntryStatus, type OutboxEntry, type NetTransfer, type SolanaSettlementResult, type BitcoinSettlementResult, type FiatSettlementResult, type DepositEvent, type RaftState, type RaftNode, type AuditRecord, ASSET_CONFIGS, STARK_PRIME, STARK_GENERATOR, FieldElement, IdempotencyKey, ProofCommitment, StateRoot, Amount, sha256, sha256Bytes, pedersenHash, type StarkProofGeneratorPort, type LedgerPersistencePort, type OutboxPort, type OffsetTrackingPort, type SolanaSettlementPort, type BitcoinSettlementPort, type FiatSettlementPort, type OutboxListenerPort, type DilithiumSigningPort, type TransactionSigningPort, type AuditPort, type RaftPort, type ClockPort, type SettlementEvent, type EventEmitterPort, InMemoryLedgerStore, InMemoryOutboxStore, InMemoryOffsetStore, MockStarkAdapter, FlexibleMockStarkAdapter, type MockStarkAdapterConfig, SystemClock, FixedClock, defaultClock, InMemoryEventEmitter, AsyncEventEmitter, defaultEventEmitter, DilithiumSigningAdapter, TransactionSigningAdapter, MockDilithiumAdapter, defaultDilithiumAdapter, createTransactionSigningAdapter, InMemoryAuditLog as StarkInMemoryAuditLog, defaultAuditLog as starkDefaultAuditLog, StarknetProofAdapter, createStarknetProofAdapter, type StarknetProofAdapterConfig, StoneProofAdapter, createStoneProofAdapter, type StoneProofAdapterConfig, SolanaDevnetAdapter, MockSolanaAdapter, type SolanaAdapterConfig, BitcoinTestnetAdapter, MockBitcoinAdapter, type BitcoinAdapterConfig, FiatMockAdapter, MockFiatAdapter, type FiatAdapterConfig, LedgerService, type CreateAccountOptions, type SubmitTransactionOptions, type SubmitTransactionResult, AggregatorService, type AggregationResult, type AggregatorConfig, SettlementService, type SettlementRailResult, type SettleAllRailsResult, type SettlementServiceConfig, type SettlementContext, type CreateContextOptions, createDefaultContext, type ProductionContextOptions, createProductionContext, createTestContext, } from "./stark-settlement/index.js";
+export * from "./credentialing/index.js";
+export * from "./privacy/index.js";
+export * from "./traceability/index.js";
+export * from "./aid-settlement/index.js";
+export * from "./protocols/index.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,cAAc,mBAAmB,CAAC;AAGlC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,iBAAiB,CAAC;AAGhC,OAAO,EAEL,KAAK,SAAS,EACd,KAAK,WAAW,EAChB,KAAK,aAAa,EAClB,KAAK,eAAe,EACpB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,EACvB,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,iBAAiB,EACtB,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,EACzB,KAAK,YAAY,EACjB,KAAK,SAAS,EACd,KAAK,QAAQ,EACb,KAAK,WAAW,EAChB,aAAa,EAEb,WAAW,EACX,eAAe,EACf,YAAY,EACZ,cAAc,EACd,eAAe,EACf,SAAS,EACT,MAAM,EACN,MAAM,EACN,WAAW,EACX,YAAY,EAEZ,KAAK,uBAAuB,EAC5B,KAAK,qBAAqB,EAC1B,KAAK,UAAU,EACf,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,EACzB,KAAK,qBAAqB,EAC1B,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,EACzB,KAAK,sBAAsB,EAC3B,KAAK,SAAS,EACd,KAAK,QAAQ,EACb,KAAK,SAAS,EACd,KAAK,eAAe,EACpB,KAAK,gBAAgB,EAErB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,gBAAgB,EAChB,wBAAwB,EACxB,KAAK,sBAAsB,EAC3B,WAAW,EACX,UAAU,EACV,YAAY,EACZ,oBAAoB,EACpB,iBAAiB,EACjB,mBAAmB,EACnB,uBAAuB,EACvB,yBAAyB,EACzB,oBAAoB,EACpB,uBAAuB,EACvB,+BAA+B,EAE/B,gBAAgB,IAAI,qBAAqB,EACzC,eAAe,IAAI,oBAAoB,EACvC,oBAAoB,EACpB,0BAA0B,EAC1B,KAAK,0BAA0B,EAC/B,iBAAiB,EACjB,uBAAuB,EACvB,KAAK,uBAAuB,EAC5B,mBAAmB,EACnB,iBAAiB,EACjB,KAAK,mBAAmB,EACxB,qBAAqB,EACrB,kBAAkB,EAClB,KAAK,oBAAoB,EACzB,eAAe,EACf,eAAe,EACf,KAAK,iBAAiB,EAEtB,aAAa,EACb,KAAK,oBAAoB,EACzB,KAAK,wBAAwB,EAC7B,KAAK,uBAAuB,EAC5B,iBAAiB,EACjB,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,EACrB,iBAAiB,EACjB,KAAK,oBAAoB,EACzB,KAAK,oBAAoB,EACzB,KAAK,uBAAuB,EAE5B,KAAK,iBAAiB,EACtB,KAAK,oBAAoB,EACzB,oBAAoB,EACpB,KAAK,wBAAwB,EAC7B,uBAAuB,EACvB,iBAAiB,GAClB,MAAM,6BAA6B,CAAC;AAGrC,cAAc,0BAA0B,CAAC;AACzC,cAAc,oBAAoB,CAAC;AACnC,cAAc,yBAAyB,CAAC;AACxC,cAAc,2BAA2B,CAAC;AAG1C,cAAc,sBAAsB,CAAC"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,37 @@
+/**
+ * @psavelis/enterprise-blockchain
+ *
+ * Production-grade enterprise blockchain modules:
+ * - MPC (Multiparty Computation) with post-quantum cryptography
+ * - HSM (Hardware Security Module) key management
+ * - STARK settlement with recursive proof aggregation
+ * - Protocol adapters for Fabric, Besu, and Corda
+ *
+ * @license Apache-2.0
+ */
+// Core utilities
+export * from "./shared/index.js";
+// Cryptography
+export * from "./mpc/index.js";
+export * from "./hsm/index.js";
+export * from "./p2mr/index.js";
+// Settlement - exclude InMemoryAuditLog to avoid conflict with HSM module
+export { ASSET_CONFIGS,
+// Value Objects
+STARK_PRIME, STARK_GENERATOR, FieldElement, IdempotencyKey, ProofCommitment, StateRoot, Amount, sha256, sha256Bytes, pedersenHash,
+// Infrastructure Adapters
+InMemoryLedgerStore, InMemoryOutboxStore, InMemoryOffsetStore, MockStarkAdapter, FlexibleMockStarkAdapter, SystemClock, FixedClock, defaultClock, InMemoryEventEmitter, AsyncEventEmitter, defaultEventEmitter, DilithiumSigningAdapter, TransactionSigningAdapter, MockDilithiumAdapter, defaultDilithiumAdapter, createTransactionSigningAdapter,
+// Rename STARK InMemoryAuditLog to avoid conflict with HSM
+InMemoryAuditLog as StarkInMemoryAuditLog, defaultAuditLog as starkDefaultAuditLog, StarknetProofAdapter, createStarknetProofAdapter, StoneProofAdapter, createStoneProofAdapter, SolanaDevnetAdapter, MockSolanaAdapter, BitcoinTestnetAdapter, MockBitcoinAdapter, FiatMockAdapter, MockFiatAdapter,
+// Application Services
+LedgerService, AggregatorService, SettlementService, createDefaultContext, createProductionContext, createTestContext, } from "./stark-settlement/index.js";
+// Domain modules
+export * from "./credentialing/index.js";
+export * from "./privacy/index.js";
+export * from "./traceability/index.js";
+export * from "./aid-settlement/index.js";
+// Protocol adapters (types only - no runtime dependencies)
+export * from "./protocols/index.js";
+// NOTE: Integrations are NOT re-exported from the package root to preserve
+// optional peer dependencies. Import them via their dedicated subpath:
+//   import { ... } from "@psavelis/enterprise-blockchain/integrations";

package/dist/integrations/besu-client/error-mapper.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+/**
+ * Extracts and normalizes error codes from ethers.js error objects.
+ * See: https://docs.ethers.org/v6/api/utils/#errors
+ */
+export declare function extractErrorCode(err: unknown): string;
+export declare function extractErrorMessage(err: unknown): string;
+export declare function isInsufficientFunds(err: unknown): boolean;
+export declare function isNonceTooLow(err: unknown): boolean;
+//# sourceMappingURL=error-mapper.d.ts.map

package/dist/integrations/besu-client/error-mapper.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"error-mapper.d.ts","sourceRoot":"","sources":["../../../src/integrations/besu-client/error-mapper.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAarD;AAED,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAExD;AAED,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAIzD;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAInD"}

package/dist/integrations/besu-client/error-mapper.js ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * Extracts and normalizes error codes from ethers.js error objects.
+ * See: https://docs.ethers.org/v6/api/utils/#errors
+ */
+export function extractErrorCode(err) {
+    const anyErr = err;
+    const rawCode = anyErr?.code ?? anyErr?.error?.code ?? anyErr?.info?.error?.code;
+    return typeof rawCode === "string" ? rawCode.toUpperCase() : "";
+}
+export function extractErrorMessage(err) {
+    return err instanceof Error ? err.message : String(err);
+}
+export function isInsufficientFunds(err) {
+    const code = extractErrorCode(err);
+    const msg = extractErrorMessage(err).toLowerCase();
+    return code === "INSUFFICIENT_FUNDS" || msg.includes("insufficient funds");
+}
+export function isNonceTooLow(err) {
+    const code = extractErrorCode(err);
+    const msg = extractErrorMessage(err).toLowerCase();
+    return code === "NONCE_TOO_LOW" || msg.includes("nonce too low");
+}

package/dist/integrations/besu-client/index.d.ts ADDED Viewed

@@ -0,0 +1,65 @@
+import { Contract, JsonRpcProvider, NonceManager, Wallet, type ContractRunner, type TransactionRequest } from "ethers";
+import type { PurchaseOrder, SharedOrderView } from "../../privacy/domain/entities.js";
+import { type CircuitBreakerOptions } from "../shared/retry.js";
+import type { BesuPrivateTransactionRequest, BesuHealthStatus, BesuRpcProfile, IBesuGasEstimator, IBesuHealthChecker, IBesuProfileFactory, IBesuProviderFactory, IBesuTransactionBuilder, IBesuTransactionSender } from "./ports.js";
+export type { BesuRpcProfile, BesuPrivateTransactionRequest, BesuHealthStatus, } from "./ports.js";
+export declare class BesuProfileFactory implements IBesuProfileFactory {
+    createProfileFromEnv(env?: NodeJS.ProcessEnv): BesuRpcProfile;
+    createProfile(profile: BesuRpcProfile): BesuRpcProfile;
+}
+export declare class BesuProviderFactory implements IBesuProviderFactory {
+    createProvider(profile: BesuRpcProfile): JsonRpcProvider;
+    createSigner(profile: BesuRpcProfile): Wallet;
+    createManagedSigner(profile: BesuRpcProfile): NonceManager;
+    createContract(profile: BesuRpcProfile, runner?: ContractRunner): Contract;
+}
+export declare class BesuGasEstimator implements IBesuGasEstimator {
+    private readonly providerFactory;
+    constructor(providerFactory: IBesuProviderFactory);
+    estimateGas(profile: BesuRpcProfile, tx: TransactionRequest, gasLimitOverride?: bigint): Promise<bigint>;
+}
+export declare class BesuTransactionBuilder implements IBesuTransactionBuilder {
+    buildAnchorOrderTransaction(profile: BesuRpcProfile, order: PurchaseOrder, auditProof: string, gasLimit?: bigint): TransactionRequest;
+    buildAudienceViewTransaction(profile: BesuRpcProfile, view: SharedOrderView, gasLimit?: bigint): BesuPrivateTransactionRequest;
+}
+export declare class BesuTransactionSender implements IBesuTransactionSender {
+    sendTransaction(signer: NonceManager, tx: TransactionRequest): Promise<string>;
+}
+export declare class BesuHealthChecker implements IBesuHealthChecker {
+    private readonly providerFactory;
+    constructor(providerFactory: IBesuProviderFactory);
+    checkHealth(profile: BesuRpcProfile): Promise<BesuHealthStatus>;
+}
+/**
+ * Resilient Besu client with circuit breaker and retry support.
+ *
+ * Circuit breaker prevents cascading failures when Besu RPC is unavailable.
+ * Retry policy handles transient errors (SERVER_ERROR, TIMEOUT) with backoff.
+ *
+ * NOTE: sketch only — do not store key material as plain strings in production
+ */
+export declare class BesuEthersClientSketch implements IBesuProfileFactory, IBesuProviderFactory, IBesuGasEstimator, IBesuTransactionBuilder, IBesuTransactionSender, IBesuHealthChecker {
+    private readonly profileFactory;
+    private readonly providerFactory;
+    private readonly txBuilder;
+    private readonly txSender;
+    private readonly healthChecker;
+    private readonly circuitBreaker;
+    constructor(circuitBreakerOptions?: Partial<CircuitBreakerOptions>);
+    createProfileFromEnv(env?: NodeJS.ProcessEnv): BesuRpcProfile;
+    createProfile(profile: BesuRpcProfile): BesuRpcProfile;
+    createProvider(profile: BesuRpcProfile): JsonRpcProvider;
+    createSigner(profile: BesuRpcProfile): Wallet;
+    createManagedSigner(profile: BesuRpcProfile): NonceManager;
+    createContract(profile: BesuRpcProfile, runner?: ContractRunner): Contract;
+    estimateGas(profile: BesuRpcProfile, tx: TransactionRequest, gasLimitOverride?: bigint): Promise<bigint>;
+    buildAnchorOrderTransaction(profile: BesuRpcProfile, order: PurchaseOrder, auditProof: string, gasLimit?: bigint): TransactionRequest;
+    buildAudienceViewTransaction(profile: BesuRpcProfile, view: SharedOrderView, gasLimit?: bigint): BesuPrivateTransactionRequest;
+    sendTransaction(signer: NonceManager, tx: TransactionRequest): Promise<string>;
+    checkHealth(profile: BesuRpcProfile): Promise<BesuHealthStatus>;
+    /** Get circuit breaker state for monitoring dashboards. */
+    getCircuitBreakerHealth(): import("../shared/retry.js").CircuitBreakerHealth;
+    /** Reset circuit breaker (use after resolving underlying issues). */
+    resetCircuitBreaker(): void;
+}
+//# sourceMappingURL=index.d.ts.map