@r4security/sdk 0.0.2

package/lib/index.js

@@ -0,0 +1,1058 @@
+// src/index.ts
+import path3 from "node:path";
+
+// src/client.ts
+var R4Client = class {
+  apiKey;
+  baseUrl;
+  constructor(apiKey, baseUrl) {
+    this.apiKey = apiKey;
+    this.baseUrl = baseUrl.replace(/\/$/, "");
+  }
+  buildHeaders() {
+    return {
+      "X-API-Key": this.apiKey,
+      "Content-Type": "application/json"
+    };
+  }
+  async request(path4, init) {
+    const response = await fetch(`${this.baseUrl}${path4}`, {
+      ...init,
+      headers: {
+        ...this.buildHeaders(),
+        ...init.headers ?? {}
+      }
+    });
+    if (!response.ok) {
+      const errorBody = await response.json().catch(() => ({}));
+      const errorMessage = typeof errorBody.error?.message === "string" ? errorBody.error.message : `HTTP ${response.status}: ${response.statusText}`;
+      throw new Error(`R4 API Error: ${errorMessage}`);
+    }
+    if (response.status === 204) {
+      return void 0;
+    }
+    return response.json();
+  }
+  /**
+   * Registers or re-confirms the agent runtime's local RSA public key.
+   */
+  async registerAgentPublicKey(body) {
+    return this.request("/api/v1/machine/vault/public-key", {
+      method: "POST",
+      body: JSON.stringify(body)
+    });
+  }
+  /**
+   * Lists all accessible non-hidden vaults. When `projectId` is provided, the
+   * backend additionally filters to vaults associated with that project.
+   */
+  async listVaults(projectId) {
+    const search = projectId ? `?projectId=${encodeURIComponent(projectId)}` : "";
+    return this.request(`/api/v1/machine/vault${search}`, {
+      method: "GET"
+    });
+  }
+  /**
+   * Retrieves the active wrapped DEK for the authenticated agent on a vault.
+   */
+  async getAgentWrappedKey(vaultId) {
+    return this.request(
+      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/wrapped-key`,
+      { method: "GET" }
+    );
+  }
+  /**
+   * Retrieves the trusted user-key directory for a vault so the runtime can
+   * verify wrapped-DEK signatures locally.
+   */
+  async getVaultUserKeyDirectory(vaultId, params) {
+    const searchParams = new URLSearchParams();
+    if (params?.knownTransparencyVersion !== void 0) {
+      searchParams.set("knownTransparencyVersion", String(params.knownTransparencyVersion));
+    }
+    if (params?.knownTransparencyHash) {
+      searchParams.set("knownTransparencyHash", params.knownTransparencyHash);
+    }
+    const search = searchParams.size > 0 ? `?${searchParams.toString()}` : "";
+    return this.request(
+      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/public-keys${search}`,
+      { method: "GET" }
+    );
+  }
+  /**
+   * Lists all items in a vault with lightweight metadata.
+   */
+  async listVaultItems(vaultId) {
+    return this.request(
+      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/items`,
+      { method: "GET" }
+    );
+  }
+  /**
+   * Retrieves the full field payloads for a vault item.
+   */
+  async getVaultItemDetail(vaultId, itemId) {
+    return this.request(
+      `/api/v1/machine/vault/${encodeURIComponent(vaultId)}/items/${encodeURIComponent(itemId)}`,
+      { method: "GET" }
+    );
+  }
+};
+
+// src/crypto.ts
+import crypto from "node:crypto";
+import fs from "node:fs";
+import path from "node:path";
+
+// src/transparency.ts
+var TRANSPARENCY_WITNESS_PAYLOAD_PREFIX = "r4-transparency-witness-v1";
+var DEFAULT_TRANSPARENCY_WITNESS_URL = "https://transparency.r4.dev";
+var TRANSPARENCY_WITNESS_ROOT_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA18JhILFiS/BOWR9laubW
+g2vepQy26BXAlnrscZZVQUzBBaCM4hWobpt3Nh77vxP0gqVAJXP1hVhPPwxGQnOF
+4Qg/RK4iEETjMdmh3KMqFX9MeE9tP4cTOGtsgWsedNpu6TvMT+2vu+0ltmr7p4Xv
+H0ID48Q8JLeNksc/RekrsfzQ9DVtXFS7z1FF2VQgzamdJsW9hGMiM7Q+0iXei7PW
+3PsLd1aNtqJ3lIj3t12qFiJiYyKF0hEq0//Abgb9SgDv/WOlRG1Ianf1/fnP2jer
+ZYiZSylXqQdun0Db2d0+FDm/znV2AGAmBEXm6qnCogEHu77LoLyCyJOlB9WNtRwh
+KnbzTmE2Mw/43jxvCcR7pE5kik/tdeMvqGFZfg3ozUG9eM0q0TURH6g9b9J4sBnR
+dxz2PbF4cl/AeL4ANPmLz3kUQaDA6wR0veVk5jV+Uqr55TYz/zEbY1rtJbmnc53Q
+ihPS6xtSiexrqnOgqm/AVbiRhxjPqfg3/VJM3zR5Blnu02AqVR9kCT0WkyEWRz5X
+6HU8DEocJIPz8UwBMKQ7rnjMPv/Fjpuav/EIad5vOdfxCZkjyTYoQg8vLUyfXvgD
+mBWFgKIN8GTRyM+LjZIgznjN58dZ8ZvsGd14oKnH7WgAh9FVh8ri7gNmsdJeRTn/
+2zDkTlx+FQxAxqFaYV7qCvcCAwEAAQ==
+-----END PUBLIC KEY-----`;
+var buildOrgUserKeyDirectoryWitnessPayload = (orgId, head) => [
+  TRANSPARENCY_WITNESS_PAYLOAD_PREFIX,
+  "org-user-key-directory",
+  orgId,
+  String(head.version),
+  head.hash
+].join(":");
+var buildOrgUserKeyDirectoryWitnessPath = (orgId) => `v1/orgs/${orgId}/user-key-directory-head.json`;
+var buildTransparencyWitnessUrl = (baseUrl, path4) => `${baseUrl.replace(/\/+$/, "")}/${path4.replace(/^\/+/, "")}`;
+var shouldUseDefaultTransparencyWitness = (apiBaseUrl) => /(^https?:\/\/)?([^.]+\.)?r4\.dev(?::\d+)?(\/|$)/i.test(apiBaseUrl.trim());
+
+// src/crypto.ts
+var RSA_OAEP_CONFIG = {
+  padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
+  oaepHash: "sha256"
+};
+var RSA_PSS_SIGN_CONFIG = {
+  padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
+  saltLength: 32
+};
+var USER_KEY_ROTATION_PREFIX = "r4-user-key-rotation-v1";
+var USER_KEY_DIRECTORY_CHECKPOINT_PREFIX = "r4-user-key-directory-checkpoint-v1";
+var USER_KEY_DIRECTORY_TRANSPARENCY_ENTRY_PREFIX = "r4-user-key-directory-transparency-entry-v1";
+var WRAPPED_DEK_SIGNATURE_PREFIX = "r4-wrapped-dek-signature-v1";
+var VAULT_SUMMARY_CHECKPOINT_PREFIX = "r4-vault-summary-checkpoint-v1";
+var VAULT_ITEM_DETAIL_CHECKPOINT_PREFIX = "r4-vault-item-detail-checkpoint-v1";
+function pemToDer(pem, beginLabel, endLabel) {
+  const derBase64 = pem.replace(beginLabel, "").replace(endLabel, "").replace(/\s/g, "");
+  return Buffer.from(derBase64, "base64");
+}
+function getWrappedDekFingerprint(wrappedDek) {
+  return crypto.createHash("sha256").update(Buffer.from(wrappedDek, "base64")).digest("hex");
+}
+function getCheckpointFingerprint(prefix, canonicalJson) {
+  return `${prefix}:${crypto.createHash("sha256").update(canonicalJson, "utf8").digest("hex")}`;
+}
+function loadPrivateKey(privateKeyPath) {
+  return fs.readFileSync(path.resolve(privateKeyPath), "utf8").trim();
+}
+function derivePublicKey(privateKeyPem) {
+  return crypto.createPublicKey(privateKeyPem).export({
+    type: "spki",
+    format: "pem"
+  }).toString();
+}
+function getPublicKeyFingerprint(publicKeyPem) {
+  const derBytes = pemToDer(publicKeyPem, "-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----");
+  return crypto.createHash("sha256").update(derBytes).digest("hex");
+}
+function buildUserKeyRotationPayload(previousUserKeyPairId, newPublicKeyFingerprint) {
+  return `${USER_KEY_ROTATION_PREFIX}:${previousUserKeyPairId}:${newPublicKeyFingerprint}`;
+}
+function verifyUserKeyRotation(previousUserKeyPairId, newPublicKeyPem, rotationSignature, previousPublicKeyPem) {
+  const payload = buildUserKeyRotationPayload(
+    previousUserKeyPairId,
+    getPublicKeyFingerprint(newPublicKeyPem)
+  );
+  try {
+    return crypto.verify(
+      "sha256",
+      Buffer.from(payload, "utf8"),
+      {
+        key: previousPublicKeyPem,
+        ...RSA_PSS_SIGN_CONFIG
+      },
+      Buffer.from(rotationSignature, "base64")
+    );
+  } catch {
+    return false;
+  }
+}
+function verifyTransparencyWitnessPayload(payload, signature, publicKeyPem) {
+  try {
+    return crypto.verify(
+      "sha256",
+      Buffer.from(payload, "utf8"),
+      {
+        key: publicKeyPem,
+        ...RSA_PSS_SIGN_CONFIG
+      },
+      Buffer.from(signature, "base64")
+    );
+  } catch {
+    return false;
+  }
+}
+function verifyOrgUserKeyDirectoryWitnessArtifact(artifact, publicKeyPem) {
+  return verifyTransparencyWitnessPayload(
+    buildOrgUserKeyDirectoryWitnessPayload(artifact.orgId, artifact.head),
+    artifact.signature,
+    publicKeyPem
+  );
+}
+function normalizeUserKeyDirectoryCheckpoint(checkpoint) {
+  return {
+    orgId: checkpoint.orgId,
+    version: checkpoint.version,
+    entries: [...checkpoint.entries].map((entry) => ({
+      userKeyPairId: entry.userKeyPairId,
+      orgUserId: entry.orgUserId,
+      fingerprint: entry.fingerprint,
+      previousUserKeyPairId: entry.previousUserKeyPairId ?? null,
+      rotationSignature: entry.rotationSignature ?? null
+    })).sort((left, right) => left.userKeyPairId.localeCompare(right.userKeyPairId))
+  };
+}
+function canonicalizeUserKeyDirectoryCheckpoint(checkpoint) {
+  return JSON.stringify(normalizeUserKeyDirectoryCheckpoint(checkpoint));
+}
+function buildUserKeyDirectoryCheckpointPayload(checkpoint) {
+  return getCheckpointFingerprint(
+    USER_KEY_DIRECTORY_CHECKPOINT_PREFIX,
+    canonicalizeUserKeyDirectoryCheckpoint(checkpoint)
+  );
+}
+function verifyUserKeyDirectoryCheckpoint(checkpoint, signature, publicKeyPem) {
+  try {
+    return crypto.verify(
+      "sha256",
+      Buffer.from(buildUserKeyDirectoryCheckpointPayload(checkpoint), "utf8"),
+      {
+        key: publicKeyPem,
+        ...RSA_PSS_SIGN_CONFIG
+      },
+      Buffer.from(signature, "base64")
+    );
+  } catch {
+    return false;
+  }
+}
+function buildUserKeyDirectoryTransparencyEntryHash(entry) {
+  return getCheckpointFingerprint(
+    USER_KEY_DIRECTORY_TRANSPARENCY_ENTRY_PREFIX,
+    JSON.stringify({
+      orgId: entry.orgId,
+      version: entry.version,
+      directoryCheckpointPayload: entry.directoryCheckpointPayload,
+      signerUserKeyPairId: entry.signerUserKeyPairId,
+      signerOrgUserId: entry.signerOrgUserId,
+      signerFingerprint: entry.signerFingerprint,
+      signature: entry.signature,
+      previousEntryHash: entry.previousEntryHash ?? null
+    })
+  );
+}
+function buildUserKeyDirectoryTransparencyEntry(params) {
+  const entryWithoutHash = {
+    orgId: params.checkpoint.orgId,
+    version: params.checkpoint.version,
+    directoryCheckpointPayload: buildUserKeyDirectoryCheckpointPayload(params.checkpoint),
+    signerUserKeyPairId: params.signerUserKeyPairId,
+    signerOrgUserId: params.signerOrgUserId,
+    signerFingerprint: getPublicKeyFingerprint(params.signerPublicKey),
+    signature: params.signature,
+    previousEntryHash: params.previousEntryHash ?? null
+  };
+  return {
+    ...entryWithoutHash,
+    entryHash: buildUserKeyDirectoryTransparencyEntryHash(entryWithoutHash)
+  };
+}
+function verifyUserKeyDirectoryTransparencyProof(params) {
+  if (params.proof.head.version !== params.currentEntry.version || params.proof.head.hash !== params.currentEntry.entryHash) {
+    return false;
+  }
+  if (!params.previousHead) {
+    if (params.proof.entries.length === 0) {
+      return false;
+    }
+    for (let index = 0; index < params.proof.entries.length; index++) {
+      const entry = params.proof.entries[index];
+      if (!entry) {
+        return false;
+      }
+      const expectedHash = buildUserKeyDirectoryTransparencyEntryHash({
+        orgId: entry.orgId,
+        version: entry.version,
+        directoryCheckpointPayload: entry.directoryCheckpointPayload,
+        signerUserKeyPairId: entry.signerUserKeyPairId,
+        signerOrgUserId: entry.signerOrgUserId,
+        signerFingerprint: entry.signerFingerprint,
+        signature: entry.signature,
+        previousEntryHash: entry.previousEntryHash
+      });
+      if (expectedHash !== entry.entryHash) {
+        return false;
+      }
+      if (index === 0) {
+        continue;
+      }
+      const previousEntry = params.proof.entries[index - 1];
+      if (!previousEntry) {
+        return false;
+      }
+      if (entry.previousEntryHash !== previousEntry.entryHash || entry.version !== previousEntry.version + 1) {
+        return false;
+      }
+    }
+    const lastEntry = params.proof.entries[params.proof.entries.length - 1];
+    return lastEntry?.entryHash === params.currentEntry.entryHash && lastEntry.version === params.currentEntry.version;
+  }
+  if (params.currentEntry.version < params.previousHead.version) {
+    return false;
+  }
+  if (params.currentEntry.version === params.previousHead.version) {
+    return params.currentEntry.entryHash === params.previousHead.hash && params.proof.entries.length === 0;
+  }
+  if (params.proof.entries.length === 0) {
+    return false;
+  }
+  let previousVersion = params.previousHead.version;
+  let previousHash = params.previousHead.hash;
+  for (const entry of params.proof.entries) {
+    const expectedHash = buildUserKeyDirectoryTransparencyEntryHash({
+      orgId: entry.orgId,
+      version: entry.version,
+      directoryCheckpointPayload: entry.directoryCheckpointPayload,
+      signerUserKeyPairId: entry.signerUserKeyPairId,
+      signerOrgUserId: entry.signerOrgUserId,
+      signerFingerprint: entry.signerFingerprint,
+      signature: entry.signature,
+      previousEntryHash: entry.previousEntryHash
+    });
+    if (expectedHash !== entry.entryHash || entry.previousEntryHash !== previousHash || entry.version !== previousVersion + 1) {
+      return false;
+    }
+    previousVersion = entry.version;
+    previousHash = entry.entryHash;
+  }
+  return previousHash === params.currentEntry.entryHash && previousVersion === params.currentEntry.version;
+}
+function buildWrappedDekSignaturePayload(vaultId, recipientKeyId, signerUserKeyPairId, dekVersion, wrappedDek) {
+  return [
+    WRAPPED_DEK_SIGNATURE_PREFIX,
+    vaultId,
+    recipientKeyId,
+    signerUserKeyPairId,
+    String(dekVersion),
+    getWrappedDekFingerprint(wrappedDek)
+  ].join(":");
+}
+function verifyWrappedDekSignature(vaultId, recipientKeyId, signerUserKeyPairId, dekVersion, wrappedDek, wrappedDekSignature, signerPublicKeyPem) {
+  const payload = buildWrappedDekSignaturePayload(
+    vaultId,
+    recipientKeyId,
+    signerUserKeyPairId,
+    dekVersion,
+    wrappedDek
+  );
+  try {
+    return crypto.verify(
+      "sha256",
+      Buffer.from(payload, "utf8"),
+      {
+        key: signerPublicKeyPem,
+        ...RSA_PSS_SIGN_CONFIG
+      },
+      Buffer.from(wrappedDekSignature, "base64")
+    );
+  } catch {
+    return false;
+  }
+}
+function normalizeVaultSummaryCheckpoint(checkpoint) {
+  return {
+    vaultId: checkpoint.vaultId,
+    version: checkpoint.version,
+    name: checkpoint.name,
+    dataClassification: checkpoint.dataClassification ?? null,
+    currentDekVersion: checkpoint.currentDekVersion ?? null,
+    items: [...checkpoint.items].map((item) => ({
+      id: item.id,
+      name: item.name,
+      type: item.type ?? null,
+      websites: [...item.websites],
+      groupId: item.groupId ?? null
+    })).sort((left, right) => left.id.localeCompare(right.id)),
+    groups: [...checkpoint.groups].map((group) => ({
+      id: group.id,
+      name: group.name,
+      parentId: group.parentId ?? null
+    })).sort((left, right) => left.id.localeCompare(right.id))
+  };
+}
+function canonicalizeVaultSummaryCheckpoint(checkpoint) {
+  return JSON.stringify(normalizeVaultSummaryCheckpoint(checkpoint));
+}
+function buildVaultSummaryCheckpointPayload(checkpoint) {
+  return getCheckpointFingerprint(
+    VAULT_SUMMARY_CHECKPOINT_PREFIX,
+    canonicalizeVaultSummaryCheckpoint(checkpoint)
+  );
+}
+function verifyVaultSummaryCheckpoint(checkpoint, signature, publicKeyPem) {
+  try {
+    return crypto.verify(
+      "sha256",
+      Buffer.from(buildVaultSummaryCheckpointPayload(checkpoint), "utf8"),
+      {
+        key: publicKeyPem,
+        ...RSA_PSS_SIGN_CONFIG
+      },
+      Buffer.from(signature, "base64")
+    );
+  } catch {
+    return false;
+  }
+}
+function normalizeVaultItemDetailCheckpoint(checkpoint) {
+  return {
+    vaultItemId: checkpoint.vaultItemId,
+    vaultId: checkpoint.vaultId,
+    version: checkpoint.version,
+    name: checkpoint.name,
+    type: checkpoint.type ?? null,
+    websites: [...checkpoint.websites],
+    groupId: checkpoint.groupId ?? null,
+    fields: [...checkpoint.fields].map((field) => ({
+      id: field.id,
+      name: field.name,
+      type: field.type,
+      order: field.order,
+      fieldInstanceIds: [...field.fieldInstanceIds].sort(),
+      assetIds: [...field.assetIds].sort()
+    })).sort((left, right) => left.order - right.order || left.id.localeCompare(right.id))
+  };
+}
+function canonicalizeVaultItemDetailCheckpoint(checkpoint) {
+  return JSON.stringify(normalizeVaultItemDetailCheckpoint(checkpoint));
+}
+function buildVaultItemDetailCheckpointPayload(checkpoint) {
+  return getCheckpointFingerprint(
+    VAULT_ITEM_DETAIL_CHECKPOINT_PREFIX,
+    canonicalizeVaultItemDetailCheckpoint(checkpoint)
+  );
+}
+function verifyVaultItemDetailCheckpoint(checkpoint, signature, publicKeyPem) {
+  try {
+    return crypto.verify(
+      "sha256",
+      Buffer.from(buildVaultItemDetailCheckpointPayload(checkpoint), "utf8"),
+      {
+        key: publicKeyPem,
+        ...RSA_PSS_SIGN_CONFIG
+      },
+      Buffer.from(signature, "base64")
+    );
+  } catch {
+    return false;
+  }
+}
+function isVaultEnvelope(value) {
+  if (!value.startsWith("{")) {
+    return false;
+  }
+  try {
+    const parsed = JSON.parse(value);
+    return parsed.v === 3;
+  } catch {
+    return false;
+  }
+}
+function decryptWithVaultDEK(encryptedValue, dek) {
+  if (!isVaultEnvelope(encryptedValue)) {
+    throw new Error("Invalid encrypted value: expected v3 vault envelope format");
+  }
+  const envelope = JSON.parse(encryptedValue);
+  const decipher = crypto.createDecipheriv("aes-256-gcm", dek, Buffer.from(envelope.iv, "base64"));
+  decipher.setAuthTag(Buffer.from(envelope.t, "base64"));
+  const decrypted = Buffer.concat([
+    decipher.update(Buffer.from(envelope.d, "base64")),
+    decipher.final()
+  ]);
+  return decrypted.toString("utf8");
+}
+function decryptStoredFieldValue(value, dek) {
+  return isVaultEnvelope(value) ? decryptWithVaultDEK(value, dek) : value;
+}
+function unwrapDEKWithPrivateKey(wrappedDek, privateKeyPem) {
+  return crypto.privateDecrypt(
+    { key: privateKeyPem, ...RSA_OAEP_CONFIG },
+    Buffer.from(wrappedDek, "base64")
+  );
+}
+
+// src/trust-store.ts
+import fs2 from "node:fs";
+import path2 from "node:path";
+function loadTrustStore(trustStorePath) {
+  try {
+    const raw = fs2.readFileSync(trustStorePath, "utf8");
+    const parsed = JSON.parse(raw);
+    return {
+      version: 1,
+      userKeyPins: parsed.userKeyPins ?? {},
+      checkpointVersionPins: parsed.checkpointVersionPins ?? {},
+      transparencyHeadPins: parsed.transparencyHeadPins ?? {}
+    };
+  } catch {
+    return {
+      version: 1,
+      userKeyPins: {},
+      checkpointVersionPins: {},
+      transparencyHeadPins: {}
+    };
+  }
+}
+function saveTrustStore(trustStorePath, store) {
+  fs2.mkdirSync(path2.dirname(trustStorePath), { recursive: true });
+  fs2.writeFileSync(trustStorePath, JSON.stringify(store, null, 2) + "\n", "utf8");
+}
+function getPinStorageKey(orgId, orgUserId) {
+  return `${orgId}:${orgUserId}`;
+}
+function getDirectoryPinStorageKey(orgId) {
+  return `org:${orgId}`;
+}
+async function fetchWitnessArtifact(pathName) {
+  const response = await fetch(
+    buildTransparencyWitnessUrl(DEFAULT_TRANSPARENCY_WITNESS_URL, pathName),
+    {
+      cache: "no-store"
+    }
+  );
+  if (!response.ok) {
+    throw new Error(`Failed to fetch public transparency witness artifact (${response.status}).`);
+  }
+  return response.json();
+}
+function getSinglePinnedTransparencyHead(trustStorePath) {
+  const store = loadTrustStore(trustStorePath);
+  const heads = Object.values(store.transparencyHeadPins);
+  return heads.length === 1 ? heads[0] : null;
+}
+async function getPublicOrgWitnessHead(apiBaseUrl, orgId) {
+  if (!shouldUseDefaultTransparencyWitness(apiBaseUrl)) {
+    return null;
+  }
+  const artifact = await fetchWitnessArtifact(
+    buildOrgUserKeyDirectoryWitnessPath(orgId)
+  );
+  if (artifact.kind !== "org-user-key-directory" || artifact.orgId !== orgId || !verifyOrgUserKeyDirectoryWitnessArtifact(
+    artifact,
+    TRANSPARENCY_WITNESS_ROOT_PUBLIC_KEY_PEM
+  )) {
+    throw new Error(`Public transparency witness verification failed for org ${orgId}.`);
+  }
+  return artifact.head;
+}
+async function pinVaultUserPublicKeys(trustStorePath, orgId, publicKeys) {
+  const store = loadTrustStore(trustStorePath);
+  let changed = false;
+  for (const key of publicKeys) {
+    const storageKey = getPinStorageKey(orgId, key.orgUserId);
+    const computedFingerprint = getPublicKeyFingerprint(key.publicKey);
+    if (computedFingerprint !== key.fingerprint) {
+      throw new Error(`Server returned a mismatched fingerprint for user ${key.orgUserId}.`);
+    }
+    const existing = store.userKeyPins[storageKey];
+    const verifiedAt = (/* @__PURE__ */ new Date()).toISOString();
+    if (!existing) {
+      store.userKeyPins[storageKey] = {
+        keyPairId: key.userKeyPairId,
+        fingerprint: key.fingerprint,
+        publicKey: key.publicKey,
+        pinnedAt: verifiedAt,
+        verifiedAt
+      };
+      changed = true;
+      continue;
+    }
+    if (existing.keyPairId === key.userKeyPairId) {
+      if (existing.fingerprint !== key.fingerprint || existing.publicKey !== key.publicKey) {
+        throw new Error(
+          `Pinned public key ${key.userKeyPairId} changed unexpectedly for user ${key.orgUserId}.`
+        );
+      }
+      if (existing.verifiedAt !== verifiedAt) {
+        store.userKeyPins[storageKey] = {
+          ...existing,
+          verifiedAt
+        };
+        changed = true;
+      }
+      continue;
+    }
+    if (!key.previousUserKeyPairId || key.previousUserKeyPairId !== existing.keyPairId || !key.rotationSignature) {
+      throw new Error(`Public key rotation for user ${key.orgUserId} is missing a trusted continuity proof.`);
+    }
+    const rotationVerified = verifyUserKeyRotation(
+      existing.keyPairId,
+      key.publicKey,
+      key.rotationSignature,
+      existing.publicKey
+    );
+    if (!rotationVerified) {
+      throw new Error(`Public key rotation for user ${key.orgUserId} failed signature verification.`);
+    }
+    store.userKeyPins[storageKey] = {
+      keyPairId: key.userKeyPairId,
+      fingerprint: key.fingerprint,
+      publicKey: key.publicKey,
+      pinnedAt: existing.pinnedAt,
+      verifiedAt
+    };
+    changed = true;
+  }
+  if (changed) {
+    saveTrustStore(trustStorePath, store);
+  }
+  return publicKeys;
+}
+async function verifySignedUserKeyDirectory(trustStorePath, directory, anchorHead) {
+  if (!directory.directoryCheckpoint) {
+    if (directory.publicKeys.length > 0) {
+      throw new Error("Server omitted the user-key directory checkpoint for a non-empty vault signer directory.");
+    }
+    return null;
+  }
+  const { directoryCheckpoint } = directory;
+  const orgId = directoryCheckpoint.checkpoint.orgId;
+  if (!directoryCheckpoint.signerOrgUserId || !directoryCheckpoint.signerPublicKey) {
+    throw new Error("Server returned an incomplete user-key directory signer payload.");
+  }
+  const signerFingerprint = getPublicKeyFingerprint(directoryCheckpoint.signerPublicKey);
+  const signerEntry = directoryCheckpoint.checkpoint.entries.find(
+    (entry) => entry.userKeyPairId === directoryCheckpoint.signerUserKeyPairId && entry.orgUserId === directoryCheckpoint.signerOrgUserId
+  );
+  const signerKey = {
+    userKeyPairId: directoryCheckpoint.signerUserKeyPairId,
+    orgUserId: directoryCheckpoint.signerOrgUserId,
+    publicKey: directoryCheckpoint.signerPublicKey,
+    fingerprint: signerFingerprint,
+    previousUserKeyPairId: signerEntry?.previousUserKeyPairId ?? null,
+    rotationSignature: signerEntry?.rotationSignature ?? null
+  };
+  const storeBeforeVerification = loadTrustStore(trustStorePath);
+  try {
+    await pinVaultUserPublicKeys(trustStorePath, orgId, [signerKey]);
+    const verified = verifyUserKeyDirectoryCheckpoint(
+      directoryCheckpoint.checkpoint,
+      directoryCheckpoint.signature,
+      directoryCheckpoint.signerPublicKey
+    );
+    if (!verified) {
+      throw new Error(`User-key directory signature verification failed for org ${orgId}.`);
+    }
+    if (!directory.transparency) {
+      throw new Error(`Server omitted the user-key directory transparency proof for org ${orgId}.`);
+    }
+    const store = loadTrustStore(trustStorePath);
+    const pinnedTransparencyHead = store.transparencyHeadPins[getDirectoryPinStorageKey(orgId)] ?? null;
+    const trustedPreviousHead = anchorHead ?? pinnedTransparencyHead;
+    const legacyPinnedVersion = store.checkpointVersionPins[getDirectoryPinStorageKey(orgId)] ?? null;
+    if (!trustedPreviousHead && legacyPinnedVersion !== null && directory.transparency.head.version < legacyPinnedVersion) {
+      throw new Error(`User-key transparency head rolled back unexpectedly for org ${orgId}.`);
+    }
+    if (!trustedPreviousHead && directory.transparency.entries.length === 0) {
+      throw new Error(`Server omitted the current transparency entry for org ${orgId}.`);
+    }
+    if (directory.transparency.entries.length > 0) {
+      const currentProofEntry = directory.transparency.entries[directory.transparency.entries.length - 1];
+      if (!currentProofEntry) {
+        throw new Error(`Server returned an empty transparency proof for org ${orgId}.`);
+      }
+      const expectedCurrentEntry = buildUserKeyDirectoryTransparencyEntry({
+        checkpoint: directoryCheckpoint.checkpoint,
+        signerUserKeyPairId: directoryCheckpoint.signerUserKeyPairId,
+        signerOrgUserId: directoryCheckpoint.signerOrgUserId,
+        signerPublicKey: directoryCheckpoint.signerPublicKey,
+        signature: directoryCheckpoint.signature,
+        previousEntryHash: currentProofEntry.previousEntryHash ?? null
+      });
+      if (expectedCurrentEntry.entryHash !== currentProofEntry.entryHash) {
+        throw new Error(`User-key transparency entry does not match the signed directory for org ${orgId}.`);
+      }
+      if (anchorHead && directory.transparency.head.version === anchorHead.version) {
+        if (directory.transparency.head.hash !== anchorHead.hash) {
+          throw new Error(`Public transparency witness head fork detected for org ${orgId}.`);
+        }
+        if (currentProofEntry.entryHash !== anchorHead.hash || expectedCurrentEntry.entryHash !== anchorHead.hash) {
+          throw new Error(`User-key transparency witness anchor mismatch for org ${orgId}.`);
+        }
+      } else if (!verifyUserKeyDirectoryTransparencyProof({
+        currentEntry: expectedCurrentEntry,
+        proof: directory.transparency,
+        previousHead: trustedPreviousHead
+      })) {
+        throw new Error(`User-key transparency proof verification failed for org ${orgId}.`);
+      }
+    } else if (anchorHead && directory.transparency.head.version === anchorHead.version) {
+      throw new Error(`Server omitted the current transparency entry required to verify org ${orgId} against the public witness.`);
+    } else if (!trustedPreviousHead || trustedPreviousHead.version !== directory.transparency.head.version || trustedPreviousHead.hash !== directory.transparency.head.hash) {
+      throw new Error(`Server returned an incomplete user-key transparency proof for org ${orgId}.`);
+    }
+    assertAndPinTransparencyHead(trustStorePath, orgId, directory.transparency.head);
+    const checkpointEntries = new Map(
+      directoryCheckpoint.checkpoint.entries.map((entry) => [entry.userKeyPairId, entry])
+    );
+    for (const key of directory.publicKeys) {
+      const entry = checkpointEntries.get(key.userKeyPairId);
+      if (!entry) {
+        throw new Error(`User key ${key.userKeyPairId} is missing from the signed org directory.`);
+      }
+      if (entry.orgUserId !== key.orgUserId || entry.fingerprint !== key.fingerprint || entry.previousUserKeyPairId !== key.previousUserKeyPairId || entry.rotationSignature !== key.rotationSignature) {
+        throw new Error(`User key ${key.userKeyPairId} does not match the signed org directory.`);
+      }
+    }
+    return orgId;
+  } catch (error) {
+    saveTrustStore(trustStorePath, storeBeforeVerification);
+    throw error;
+  }
+}
+async function verifyAndPinVaultUserPublicKeys(trustStorePath, directory, anchorHead) {
+  const orgId = await verifySignedUserKeyDirectory(trustStorePath, directory, anchorHead);
+  if (!orgId) {
+    return directory.publicKeys;
+  }
+  return pinVaultUserPublicKeys(trustStorePath, orgId, directory.publicKeys);
+}
+function assertAndPinCheckpointVersion(trustStorePath, storageKey, version) {
+  const store = loadTrustStore(trustStorePath);
+  const pinnedVersion = store.checkpointVersionPins[storageKey];
+  if (pinnedVersion !== void 0 && version < pinnedVersion) {
+    throw new Error(`Checkpoint version rolled back unexpectedly for ${storageKey}.`);
+  }
+  if (pinnedVersion === void 0 || version > pinnedVersion) {
+    store.checkpointVersionPins[storageKey] = version;
+    saveTrustStore(trustStorePath, store);
+  }
+}
+function assertAndPinTransparencyHead(trustStorePath, orgId, head) {
+  const store = loadTrustStore(trustStorePath);
+  const storageKey = getDirectoryPinStorageKey(orgId);
+  const pinnedHead = store.transparencyHeadPins[storageKey];
+  if (pinnedHead) {
+    if (head.version < pinnedHead.version) {
+      throw new Error(`User-key transparency head rolled back unexpectedly for org ${orgId}.`);
+    }
+    if (head.version === pinnedHead.version && head.hash !== pinnedHead.hash) {
+      throw new Error(`User-key transparency head fork detected for org ${orgId}.`);
+    }
+  }
+  if (!pinnedHead || head.version > pinnedHead.version) {
+    store.transparencyHeadPins[storageKey] = head;
+    saveTrustStore(trustStorePath, store);
+  }
+  assertAndPinCheckpointVersion(trustStorePath, storageKey, head.version);
+}
+
+// src/index.ts
+var R4_DEFAULT_API_BASE_URL = "https://r4.dev";
+var R4_DEV_API_BASE_URL = "https://dev.r4.dev";
+function toScreamingSnakeCase(input) {
+  return input.replace(/[^a-zA-Z0-9]/g, "_").replace(/_+/g, "_").replace(/^_|_$/g, "").toUpperCase();
+}
+function resolveTrustStorePath(config) {
+  if (config.trustStorePath) {
+    return path3.resolve(config.trustStorePath);
+  }
+  if (config.privateKeyPath) {
+    return `${path3.resolve(config.privateKeyPath)}.trust.json`;
+  }
+  return path3.resolve(process.cwd(), ".r4-trust-store.json");
+}
+function resolveApiBaseUrl(config) {
+  if (config.baseUrl) {
+    return config.baseUrl;
+  }
+  return config.dev ? R4_DEV_API_BASE_URL : R4_DEFAULT_API_BASE_URL;
+}
+function buildVaultSummaryCheckpointFromListResponse(response, version) {
+  return {
+    vaultId: response.vaultId,
+    version,
+    name: response.vaultName,
+    dataClassification: response.dataClassification ?? null,
+    currentDekVersion: response.currentDekVersion ?? null,
+    items: response.items.map((item) => ({
+      id: item.id,
+      name: item.name,
+      type: item.type ?? null,
+      websites: item.websites ?? [],
+      groupId: item.groupId ?? null
+    })),
+    groups: response.vaultItemGroups.map((group) => ({
+      id: group.id,
+      name: group.name,
+      parentId: group.parentId ?? null
+    }))
+  };
+}
+function buildVaultItemDetailCheckpointFromResponse(item, version) {
+  return {
+    vaultItemId: item.id,
+    vaultId: item.vaultId,
+    version,
+    name: item.name,
+    type: item.type ?? null,
+    websites: item.websites ?? [],
+    groupId: item.groupId ?? null,
+    fields: item.fields.map((field, index) => ({
+      id: field.id,
+      name: field.name,
+      type: field.type,
+      order: field.order ?? index,
+      fieldInstanceIds: field.fieldInstanceIds ?? [],
+      assetIds: field.assetIds ?? []
+    }))
+  };
+}
+var R4 = class _R4 {
+  client;
+  baseUrl;
+  projectId;
+  privateKeyPem;
+  publicKeyPem;
+  trustStorePath;
+  _env = null;
+  constructor(config) {
+    if (!config.apiKey) {
+      throw new Error("R4 SDK: apiKey is required");
+    }
+    if (!config.privateKey && !config.privateKeyPath) {
+      throw new Error(
+        "R4 SDK: privateKey or privateKeyPath is required for zero-trust local decryption."
+      );
+    }
+    const baseUrl = resolveApiBaseUrl(config);
+    this.baseUrl = baseUrl;
+    this.client = new R4Client(config.apiKey, baseUrl);
+    this.projectId = config.projectId;
+    this.privateKeyPem = config.privateKey ?? loadPrivateKey(config.privateKeyPath);
+    this.publicKeyPem = derivePublicKey(this.privateKeyPem);
+    this.trustStorePath = resolveTrustStorePath(config);
+  }
+  /**
+   * Static factory method that creates and initializes an R4 instance.
+   */
+  static async create(config) {
+    const instance = new _R4(config);
+    await instance.init();
+    return instance;
+  }
+  /**
+   * Initializes the SDK by registering the agent public key (idempotent) and
+   * decrypting all accessible vault values locally into a flat env map.
+   */
+  async init() {
+    this._env = await this.fetchEnv();
+  }
+  /**
+   * Returns the locally decrypted env map.
+   */
+  get env() {
+    if (!this._env) {
+      throw new Error(
+        "R4 SDK: env is not initialized. Call await r4.init() first, or use R4.create() for automatic initialization."
+      );
+    }
+    return this._env;
+  }
+  /**
+   * Re-fetches and locally re-decrypts the current vault view.
+   */
+  async refresh() {
+    this._env = await this.fetchEnv();
+  }
+  /**
+   * Registers the local agent public key, loads all accessible vaults, verifies
+   * wrapped-DEK signatures against pinned signer keys, unwraps each vault DEK,
+   * and builds a flat SCREAMING_SNAKE_CASE env map from decrypted field values.
+   */
+  async fetchEnv() {
+    try {
+      await this.client.registerAgentPublicKey({
+        publicKey: this.publicKeyPem
+      });
+    } catch (error) {
+      throw new Error(
+        `R4 SDK: failed to register the local agent public key. The zero-trust SDK requires an AGENT-scoped API key and a matching local private key. ${error instanceof Error ? error.message : String(error)}`
+      );
+    }
+    const { vaults } = await this.client.listVaults(this.projectId);
+    const envEntries = await Promise.all(vaults.map((vault) => this.fetchVaultEnv(vault.id)));
+    return Object.assign({}, ...envEntries);
+  }
+  /**
+   * Fetches a single vault's wrapped DEK, verifies it against the pinned signer
+   * directory, unwraps the DEK locally, then decrypts every field value in that
+   * vault item-by-item.
+   */
+  async fetchVaultEnv(vaultId) {
+    const pinnedTransparencyHead = getSinglePinnedTransparencyHead(this.trustStorePath);
+    const [wrappedKey, itemsResponse, initialPublicKeyDirectory] = await Promise.all([
+      this.client.getAgentWrappedKey(vaultId),
+      this.client.listVaultItems(vaultId),
+      this.client.getVaultUserKeyDirectory(
+        vaultId,
+        pinnedTransparencyHead ? {
+          knownTransparencyVersion: pinnedTransparencyHead.version,
+          knownTransparencyHash: pinnedTransparencyHead.hash
+        } : void 0
+      )
+    ]);
+    let publicKeyDirectory = initialPublicKeyDirectory;
+    let witnessAnchorHead = null;
+    if (!pinnedTransparencyHead) {
+      const orgId = initialPublicKeyDirectory.directoryCheckpoint?.checkpoint.orgId ?? null;
+      if (orgId && initialPublicKeyDirectory.directoryCheckpoint && initialPublicKeyDirectory.transparency) {
+        witnessAnchorHead = await getPublicOrgWitnessHead(this.baseUrl, orgId);
+        if (witnessAnchorHead) {
+          if (initialPublicKeyDirectory.transparency.head.version < witnessAnchorHead.version) {
+            throw new Error(`R4 SDK: public transparency witness head is ahead of the server response for org ${orgId}.`);
+          }
+          if (initialPublicKeyDirectory.transparency.head.version === witnessAnchorHead.version) {
+            if (initialPublicKeyDirectory.transparency.head.hash !== witnessAnchorHead.hash) {
+              throw new Error(`R4 SDK: public transparency witness head fork detected for org ${orgId}.`);
+            }
+          } else {
+            publicKeyDirectory = await this.client.getVaultUserKeyDirectory(vaultId, {
+              knownTransparencyVersion: witnessAnchorHead.version,
+              knownTransparencyHash: witnessAnchorHead.hash
+            });
+          }
+        }
+      }
+    }
+    const trustedPublicKeys = await verifyAndPinVaultUserPublicKeys(
+      this.trustStorePath,
+      publicKeyDirectory,
+      witnessAnchorHead
+    );
+    const signerKey = trustedPublicKeys.find(
+      (publicKey) => publicKey.userKeyPairId === wrappedKey.signerUserKeyPairId
+    );
+    if (!signerKey) {
+      throw new Error(
+        `R4 SDK: wrapped DEK for vault ${vaultId} was signed by unknown user key ${wrappedKey.signerUserKeyPairId}.`
+      );
+    }
+    const signatureVerified = verifyWrappedDekSignature(
+      vaultId,
+      wrappedKey.encryptionKeyId,
+      wrappedKey.signerUserKeyPairId,
+      wrappedKey.dekVersion,
+      wrappedKey.wrappedDek,
+      wrappedKey.wrappedDekSignature,
+      signerKey.publicKey
+    );
+    if (!signatureVerified) {
+      throw new Error(`R4 SDK: wrapped DEK signature verification failed for vault ${vaultId}.`);
+    }
+    const dek = unwrapDEKWithPrivateKey(wrappedKey.wrappedDek, this.privateKeyPem);
+    if (!itemsResponse.summaryCheckpoint) {
+      throw new Error(`R4 SDK: vault ${vaultId} is missing a signed summary checkpoint.`);
+    }
+    const summarySignerKey = trustedPublicKeys.find(
+      (publicKey) => publicKey.userKeyPairId === itemsResponse.summaryCheckpoint.signerUserKeyPairId
+    );
+    if (!summarySignerKey) {
+      throw new Error(
+        `R4 SDK: vault ${vaultId} summary checkpoint was signed by unknown user key ${itemsResponse.summaryCheckpoint.signerUserKeyPairId}.`
+      );
+    }
+    const expectedSummaryCheckpoint = buildVaultSummaryCheckpointFromListResponse(
+      itemsResponse,
+      itemsResponse.summaryCheckpoint.checkpoint.version
+    );
+    const summaryVerified = verifyVaultSummaryCheckpoint(
+      expectedSummaryCheckpoint,
+      itemsResponse.summaryCheckpoint.signature,
+      summarySignerKey.publicKey
+    );
+    if (!summaryVerified) {
+      throw new Error(`R4 SDK: vault summary checkpoint verification failed for vault ${vaultId}.`);
+    }
+    assertAndPinCheckpointVersion(
+      this.trustStorePath,
+      `summary:${vaultId}`,
+      expectedSummaryCheckpoint.version
+    );
+    const itemDetails = await Promise.all(
+      itemsResponse.items.map((item) => this.client.getVaultItemDetail(vaultId, item.id))
+    );
+    const env = {};
+    for (const item of itemDetails) {
+      if (!item.detailCheckpoint) {
+        throw new Error(`R4 SDK: vault item ${item.id} is missing a signed detail checkpoint.`);
+      }
+      const detailSignerKey = trustedPublicKeys.find(
+        (publicKey) => publicKey.userKeyPairId === item.detailCheckpoint.signerUserKeyPairId
+      );
+      if (!detailSignerKey) {
+        throw new Error(
+          `R4 SDK: vault item ${item.id} checkpoint was signed by unknown user key ${item.detailCheckpoint.signerUserKeyPairId}.`
+        );
+      }
+      const expectedDetailCheckpoint = buildVaultItemDetailCheckpointFromResponse(
+        item,
+        item.detailCheckpoint.checkpoint.version
+      );
+      const detailVerified = verifyVaultItemDetailCheckpoint(
+        expectedDetailCheckpoint,
+        item.detailCheckpoint.signature,
+        detailSignerKey.publicKey
+      );
+      if (!detailVerified) {
+        throw new Error(`R4 SDK: vault item checkpoint verification failed for item ${item.id}.`);
+      }
+      assertAndPinCheckpointVersion(
+        this.trustStorePath,
+        `detail:${item.id}`,
+        expectedDetailCheckpoint.version
+      );
+      for (const field of item.fields) {
+        if (field.value === null) {
+          continue;
+        }
+        env[toScreamingSnakeCase(`${item.name}_${field.name}`)] = decryptStoredFieldValue(
+          field.value,
+          dek
+        );
+      }
+    }
+    return env;
+  }
+};
+var src_default = R4;
+export {
+  R4,
+  src_default as default
+};
+//# sourceMappingURL=index.js.map