@seasonkoh/webaz 0.1.7 → 0.1.9

package/dist/pwa/routes/disputes-write.js

@@ -0,0 +1,475 @@
+import express from 'express';
+export function registerDisputesWriteRoutes(app, deps) {
+    const { db, auth, generateId, detectFraud, errorRes, isEligibleArbitrator, requireHumanPresence, getDisputeDetails, respondToDispute, arbitrateDispute, addPartyEvidence, requestEvidence, markEvidenceExpiry, uploadEvidence, EVIDENCE_MAX_BYTES, EVIDENCE_ALLOWED_MIME, appendOrderEvent, FUND_BASE_RATE, settleCommission, depositToFund, calculatePv, recordDisputeReputation, issueAgentStrike, publishDisputeCase, logAdminAction, snfSend } = deps;
+    // 被诉方反驳
+    app.post('/api/disputes/:id/respond', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const { notes = '', evidence_description = '' } = req.body;
+        const dispute = getDisputeDetails(db, req.params.id);
+        if (!dispute)
+            return void res.status(404).json({ error: '争议不存在' });
+        if (dispute.defendant_id !== user.id)
+            return void res.status(403).json({ error: '你不是本争议的被诉方' });
+        const evidenceIds = [];
+        if (evidence_description) {
+            const eid = generateId('evt');
+            const evReasons = detectFraud(String(evidence_description));
+            db.prepare(`INSERT INTO evidence (id, order_id, uploader_id, type, description, file_hash, flag_reasons)
+        VALUES (?,?,?,'description',?,?,?)`).run(eid, dispute.order_id, user.id, evidence_description, `hash_${Date.now()}`, evReasons.length ? JSON.stringify(evReasons) : null);
+            evidenceIds.push(eid);
+        }
+        const result = respondToDispute(db, req.params.id, user.id, notes || evidence_description, evidenceIds);
+        if (!result.success)
+            return void res.json({ error: result.error });
+        res.json({ success: true, message: result.message });
+    });
+    // 仲裁员裁定
+    app.post('/api/disputes/:id/arbitrate', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const elig = isEligibleArbitrator(user.id);
+        if (!elig.ok)
+            return void errorRes(res, 403, 'NOT_ARBITRATOR', elig.reason || '仅限仲裁员');
+        // 2026-05-23 Agent 治理铁律：仲裁需真实人工
+        const hpCheck = requireHumanPresence(user.id, 'arbitrate', req.body?.webauthn_token, 'require_human_presence_for_arbitrate', (data) => {
+            const d = data;
+            return d == null || d.dispute_id === req.params.id;
+        });
+        if (!hpCheck.ok)
+            return void errorRes(res, 412, hpCheck.error_code || 'HUMAN_PRESENCE_REQUIRED', hpCheck.reason || '此操作需真实人工 WebAuthn 验证');
+        const { ruling, reason, refund_amount, liable_party_id, liability_parties } = req.body;
+        if (!ruling || !reason)
+            return void res.json({ error: '请提供裁定结果（ruling）和理由（reason）' });
+        const validRulings = ['refund_buyer', 'release_seller', 'partial_refund', 'liability_split'];
+        if (!validRulings.includes(ruling)) {
+            return void res.json({ error: `ruling 必须是 ${validRulings.join(' / ')} 之一` });
+        }
+        if (ruling === 'liability_split') {
+            if (!Array.isArray(liability_parties) || liability_parties.length === 0) {
+                return void res.json({ error: '责任分配裁定需要提供 liability_parties 数组' });
+            }
+            for (const p of liability_parties) {
+                if (!p.user_id || typeof p.amount !== 'number' || p.amount < 0) {
+                    return void res.json({ error: '每个责任方需提供 user_id 和非负 amount' });
+                }
+            }
+        }
+        const dispute = getDisputeDetails(db, req.params.id);
+        if (!dispute)
+            return void res.status(404).json({ error: '争议不存在' });
+        // P0: 防"任意仲裁员裁决任意争议"
+        // 若 assigned_arbitrators 为空 → 首位调用者原子领取
+        const arbRow = db.prepare(`SELECT assigned_arbitrators FROM disputes WHERE id = ?`).get(req.params.id);
+        let assignedArbitrators = [];
+        try {
+            assignedArbitrators = JSON.parse(arbRow?.assigned_arbitrators || '[]');
+        }
+        catch { }
+        if (assignedArbitrators.length === 0) {
+            const claimRes = db.prepare(`UPDATE disputes SET assigned_arbitrators = ? WHERE id = ? AND (assigned_arbitrators IS NULL OR assigned_arbitrators = '[]')`)
+                .run(JSON.stringify([user.id]), req.params.id);
+            if (claimRes.changes === 0) {
+                const fresh = db.prepare(`SELECT assigned_arbitrators FROM disputes WHERE id = ?`).get(req.params.id);
+                try {
+                    assignedArbitrators = JSON.parse(fresh?.assigned_arbitrators || '[]');
+                }
+                catch { }
+            }
+            else {
+                assignedArbitrators = [user.id];
+            }
+        }
+        if (!assignedArbitrators.includes(user.id)) {
+            return void res.status(403).json({ error: '此争议未分配给你 — 仅指派的仲裁员可裁定', error_code: 'NOT_ASSIGNED_ARBITRATOR' });
+        }
+        // 协议层：仲裁员签名的 ruling 入订单链
+        try {
+            appendOrderEvent(db, {
+                orderId: dispute.order_id,
+                eventType: 'transition',
+                fromStatus: 'disputed',
+                toStatus: 'disputed',
+                actorId: user.id,
+                actorRole: 'arbitrator',
+                extra: {
+                    action: 'arbitration_ruling',
+                    dispute_id: req.params.id,
+                    ruling, reason,
+                    refund_amount: refund_amount ? Number(refund_amount) : null,
+                    liable_party_id: liable_party_id || null,
+                    liability_parties: liability_parties || null,
+                },
+            });
+        }
+        catch (e) {
+            console.warn('[order-chain] arbitration ruling event failed:', e.message);
+        }
+        const result = arbitrateDispute(db, req.params.id, user.id, ruling, reason, refund_amount ? Number(refund_amount) : undefined, liability_parties, liable_party_id);
+        if (!result.success)
+            return void res.json({ error: result.error });
+        // 争议结案 → 给证据 blob 打过期戳
+        try {
+            markEvidenceExpiry(db, req.params.id);
+        }
+        catch (e) {
+            console.warn('[evidence] mark expiry:', e.message);
+        }
+        // release_seller 等同正常完成 → 触发推土机分润 + 原子能
+        if (ruling === 'release_seller') {
+            try {
+                db.transaction(() => {
+                    const order = db.prepare("SELECT * FROM orders WHERE id = ?").get(dispute.order_id);
+                    if (!order || order.settled_commission_at)
+                        return;
+                    const total = Number(order.total_amount);
+                    const commRate = Number(order.snapshot_commission_rate ?? 0);
+                    const commPool = Math.round(total * commRate * 100) / 100;
+                    const fundBase = Math.round(total * FUND_BASE_RATE() * 100) / 100;
+                    const deduct = commPool + fundBase;
+                    const sellerWallet = db.prepare("SELECT balance FROM wallets WHERE user_id = ?").get(order.seller_id);
+                    if (sellerWallet && sellerWallet.balance >= deduct) {
+                        db.prepare("UPDATE wallets SET balance = balance - ?, earned = earned - ? WHERE user_id = ?").run(deduct, deduct, order.seller_id);
+                        const { redirected: disputeRedirected } = settleCommission(dispute.order_id);
+                        depositToFund(dispute.order_id, disputeRedirected);
+                        const productRow = db.prepare("SELECT category_id FROM products WHERE id = ?").get(order.product_id);
+                        const categoryId = productRow?.category_id || 'cat_default';
+                        const catRow = db.prepare("SELECT pv_multiplier FROM product_categories WHERE id = ?").get(categoryId);
+                        const mPv = Number(catRow?.pv_multiplier ?? 1.0);
+                        const pv = calculatePv(total, mPv);
+                        if (pv > 0) {
+                            db.prepare(`INSERT INTO pv_ledger (id, order_id, buyer_id, pv, processed) VALUES (?,?,?,?,0)`)
+                                .run(generateId('pvl'), dispute.order_id, order.buyer_id, pv);
+                            db.prepare("UPDATE users SET pv_dirty_at = datetime('now') WHERE id = ?").run(order.buyer_id);
+                        }
+                        db.prepare("UPDATE orders SET settled_pv_at = datetime('now') WHERE id = ?").run(dispute.order_id);
+                    }
+                    else {
+                        // P2 #6：seller 余额不足，commission/PV 被吞 — 记 audit
+                        console.warn(`[dispute hook · release_seller] commission/PV 被吞 order=${dispute.order_id} seller=${order.seller_id} balance=${sellerWallet?.balance ?? 'null'} required=${deduct}`);
+                        try {
+                            logAdminAction('system', 'commission_skipped', 'order', String(dispute.order_id), { reason: 'seller_balance_insufficient', ruling: 'release_seller', required: deduct, actual: sellerWallet?.balance ?? 0 });
+                        }
+                        catch { }
+                    }
+                })();
+            }
+            catch (e) {
+                console.error('[dispute commission/pv hook]', e);
+            }
+        }
+        // Bug-A fix：partial_refund / liability_split 也按 effectiveBase 发 commission/PV/基金池
+        if (ruling === 'partial_refund' || ruling === 'liability_split') {
+            try {
+                db.transaction(() => {
+                    const order = db.prepare("SELECT * FROM orders WHERE id = ?").get(dispute.order_id);
+                    if (!order || order.settled_commission_at)
+                        return;
+                    let effectiveBase = 0;
+                    if (ruling === 'partial_refund' && liable_party_id) {
+                        effectiveBase = Number(order.total_amount);
+                    }
+                    else if (ruling === 'partial_refund') {
+                        effectiveBase = Number(result.settlement?.seller_received ?? 0);
+                    }
+                    else {
+                        effectiveBase = Number(result.settlement?.seller_escrow_share ?? 0);
+                    }
+                    if (effectiveBase <= 0)
+                        return;
+                    const commRate = Number(order.snapshot_commission_rate ?? 0);
+                    const commPool = Math.round(effectiveBase * commRate * 100) / 100;
+                    const fundBase = Math.round(effectiveBase * FUND_BASE_RATE() * 100) / 100;
+                    const deduct = Math.round((commPool + fundBase) * 100) / 100;
+                    const sellerWallet = db.prepare("SELECT balance FROM wallets WHERE user_id = ?").get(order.seller_id);
+                    if (sellerWallet && sellerWallet.balance >= deduct) {
+                        if (deduct > 0) {
+                            db.prepare("UPDATE wallets SET balance = balance - ?, earned = earned - ? WHERE user_id = ?").run(deduct, deduct, order.seller_id);
+                        }
+                        const { redirected } = settleCommission(dispute.order_id, effectiveBase);
+                        depositToFund(dispute.order_id, redirected, effectiveBase);
+                        const productRow = db.prepare("SELECT category_id FROM products WHERE id = ?").get(order.product_id);
+                        const categoryId = productRow?.category_id || 'cat_default';
+                        const catRow = db.prepare("SELECT pv_multiplier FROM product_categories WHERE id = ?").get(categoryId);
+                        const mPv = Number(catRow?.pv_multiplier ?? 1.0);
+                        const pv = calculatePv(effectiveBase, mPv);
+                        if (pv > 0) {
+                            db.prepare(`INSERT INTO pv_ledger (id, order_id, buyer_id, pv, processed) VALUES (?,?,?,?,0)`)
+                                .run(generateId('pvl'), dispute.order_id, order.buyer_id, pv);
+                            db.prepare("UPDATE users SET pv_dirty_at = datetime('now') WHERE id = ?").run(order.buyer_id);
+                        }
+                        db.prepare("UPDATE orders SET settled_pv_at = datetime('now') WHERE id = ?").run(dispute.order_id);
+                    }
+                    else {
+                        // P2 #6：seller 余额不足，commission/PV 被吞
+                        console.warn(`[dispute hook · ${ruling}] commission/PV 被吞 order=${dispute.order_id} seller=${order.seller_id} balance=${sellerWallet?.balance ?? 'null'} required=${deduct} effectiveBase=${effectiveBase}`);
+                        try {
+                            logAdminAction('system', 'commission_skipped', 'order', String(dispute.order_id), { reason: 'seller_balance_insufficient', ruling, required: deduct, actual: sellerWallet?.balance ?? 0, effectiveBase });
+                        }
+                        catch { }
+                    }
+                })();
+            }
+            catch (e) {
+                console.error('[partial_refund/liability_split commission/pv hook]', e);
+            }
+        }
+        // 争议声誉更新（责任分配时以主要责任方为败诉方）
+        let winnerId = null;
+        let loserId = null;
+        if (ruling === 'refund_buyer') {
+            winnerId = dispute.initiator_id;
+            loserId = dispute.defendant_id;
+        }
+        else if (ruling === 'release_seller') {
+            winnerId = dispute.defendant_id;
+            loserId = dispute.initiator_id;
+        }
+        else if (ruling === 'liability_split' && Array.isArray(liability_parties) && liability_parties.length > 0) {
+            const maxLiable = liability_parties.reduce((a, b) => a.amount >= b.amount ? a : b);
+            loserId = maxLiable.user_id;
+            winnerId = dispute.initiator_id !== loserId ? dispute.initiator_id : dispute.defendant_id;
+        }
+        if (winnerId && loserId)
+            recordDisputeReputation(db, dispute.order_id, winnerId, loserId);
+        // Tier 7：商品级争议败诉计数（卖家败诉时 +1）
+        try {
+            const sellerLost = (ruling === 'refund_buyer' || ruling === 'partial_refund'
+                || (ruling === 'liability_split' && loserId === dispute.defendant_id));
+            if (sellerLost) {
+                const orderRow = db.prepare('SELECT product_id FROM orders WHERE id = ?').get(dispute.order_id);
+                if (orderRow?.product_id) {
+                    db.prepare(`UPDATE products SET dispute_loss_count = COALESCE(dispute_loss_count, 0) + 1 WHERE id = ?`).run(orderRow.product_id);
+                }
+            }
+        }
+        catch (e) {
+            console.error('[Tier7-hook dispute]', e);
+        }
+        // 2026-05-23 P0: 败诉方若 api_key 行为可能为 agent 代操 → 发 strike
+        try {
+            if (loserId) {
+                const loserKey = db.prepare(`SELECT api_key FROM users WHERE id = ?`).get(loserId);
+                if (loserKey?.api_key) {
+                    issueAgentStrike({
+                        apiKey: loserKey.api_key,
+                        userId: loserId,
+                        reasonCode: 'dispute_loss',
+                        reasonDetail: `仲裁裁定 ${ruling}`,
+                        relatedRef: req.params.id,
+                    });
+                }
+            }
+        }
+        catch (e) {
+            console.error('[strike issuance]', e);
+        }
+        // 自动发布到公开判例库（脱敏）
+        try {
+            publishDisputeCase(req.params.id, ruling, reason);
+        }
+        catch (e) {
+            console.error('[publishDisputeCase]', e);
+        }
+        res.json({ success: true, message: result.message, settlement: result.settlement });
+    });
+    // 参与方主动举证（text）+ SNF 信封分发
+    app.post('/api/disputes/:id/add-evidence', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const { description, evidence_type = 'text', file_hash } = req.body;
+        if (!description?.trim())
+            return void res.json({ error: '请填写证据内容' });
+        const rawDesc = String(description).trim();
+        const result = addPartyEvidence(db, req.params.id, user.id, rawDesc, evidence_type, file_hash);
+        if (!result.success)
+            return void res.json({ error: result.error });
+        // 跨窗反诈
+        const evReasons = detectFraud(rawDesc);
+        if (evReasons.length > 0 && result.evidenceId) {
+            try {
+                db.prepare(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`)
+                    .run(JSON.stringify(evReasons), result.evidenceId);
+            }
+            catch { }
+        }
+        // 协议层：作为签名 SNF 信封投到对方 + 已分配仲裁员 inbox
+        try {
+            const d = db.prepare(`SELECT order_id, initiator_id, defendant_id, assigned_arbitrators FROM disputes WHERE id = ?`).get(req.params.id);
+            if (d) {
+                const uid = user.id;
+                const recipients = new Set();
+                if (d.initiator_id && d.initiator_id !== uid)
+                    recipients.add(d.initiator_id);
+                if (d.defendant_id && d.defendant_id !== uid)
+                    recipients.add(d.defendant_id);
+                try {
+                    const arbs = JSON.parse(d.assigned_arbitrators || '[]');
+                    for (const a of arbs)
+                        if (a && a !== uid)
+                            recipients.add(a);
+                }
+                catch { }
+                const envelope = {
+                    dispute_id: req.params.id,
+                    evidence_id: result.evidenceId,
+                    anchor_hash: result.anchorHash,
+                    evidence_type,
+                    description: description.trim(),
+                    file_hash: file_hash || null,
+                };
+                for (const rid of recipients) {
+                    try {
+                        snfSend(db, {
+                            senderId: uid, recipientId: rid,
+                            messageType: 'dispute_evidence',
+                            payload: envelope, priority: 1,
+                            relatedOrderId: d.order_id,
+                        });
+                    }
+                    catch (e) {
+                        console.warn('[snf dispute-evidence]', rid, e.message);
+                    }
+                }
+            }
+        }
+        catch (e) {
+            console.warn('[snf dispute-evidence] route err:', e.message);
+        }
+        res.json({ success: true, evidence_id: result.evidenceId, anchor_hash: result.anchorHash });
+    });
+    // L0-4 证据 blob 上传 — raw body + HMAC 签 + dedup + SNF 分发
+    // M: 轻量 authGuard 在 raw 解析之前 — 挡掉 unauth 20MB 请求避免内存浪费
+    const lightAuthGuard = (req, res, next) => {
+        const hasAuth = !!req.headers.authorization;
+        if (!hasAuth)
+            return void res.status(401).json({ error: 'auth required' });
+        next();
+    };
+    // N: limit 精确 = EVIDENCE_MAX_BYTES
+    app.post('/api/disputes/:id/evidence-blob', lightAuthGuard, express.raw({ type: 'application/octet-stream', limit: EVIDENCE_MAX_BYTES }), (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const hash = String(req.headers['x-content-hash'] || '').trim().toLowerCase();
+        const mime = String(req.headers['x-content-mime'] || '').trim().toLowerCase();
+        // J: decodeURIComponent 收 %ZZ 坏序列会抛 URIError → 400
+        let description;
+        let filename;
+        try {
+            description = decodeURIComponent(String(req.headers['x-description'] || '').trim());
+            filename = req.headers['x-filename'] ? decodeURIComponent(String(req.headers['x-filename'])) : undefined;
+        }
+        catch {
+            return void res.status(400).json({ error: 'malformed_header_encoding' });
+        }
+        // L: filename 长度封顶
+        if (filename && filename.length > 200)
+            return void res.status(400).json({ error: 'filename_too_long' });
+        if (!hash || !/^[0-9a-f]{64}$/.test(hash))
+            return void res.status(400).json({ error: 'invalid_hash' });
+        if (!mime)
+            return void res.status(400).json({ error: 'missing_mime' });
+        if (!EVIDENCE_ALLOWED_MIME.has(mime))
+            return void res.status(415).json({ error: 'mime_not_allowed', allowed: [...EVIDENCE_ALLOWED_MIME] });
+        const blob = req.body;
+        if (!Buffer.isBuffer(blob) || blob.length === 0)
+            return void res.status(400).json({ error: 'empty_body' });
+        try {
+            const out = uploadEvidence(db, {
+                uploaderId: user.id,
+                uploaderApiKey: user.api_key,
+                disputeId: String(req.params.id),
+                blob, declaredHash: hash, mime, description, filename,
+            });
+            // 跨窗反诈：detect description（已 decoded）
+            const evReasons = detectFraud(description);
+            if (evReasons.length > 0 && out.id) {
+                try {
+                    db.prepare(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`)
+                        .run(JSON.stringify(evReasons), out.id);
+                }
+                catch { }
+            }
+            // SNF 信封投递
+            try {
+                const d = db.prepare(`SELECT order_id, initiator_id, defendant_id, assigned_arbitrators FROM disputes WHERE id = ?`)
+                    .get(req.params.id);
+                if (d) {
+                    const uid = user.id;
+                    const recipients = new Set();
+                    if (d.initiator_id && d.initiator_id !== uid)
+                        recipients.add(d.initiator_id);
+                    if (d.defendant_id && d.defendant_id !== uid)
+                        recipients.add(d.defendant_id);
+                    try {
+                        const arbs = JSON.parse(d.assigned_arbitrators || '[]');
+                        for (const a of arbs)
+                            if (a && a !== uid)
+                                recipients.add(a);
+                    }
+                    catch { }
+                    for (const rid of recipients) {
+                        try {
+                            snfSend(db, {
+                                senderId: uid, recipientId: rid,
+                                messageType: 'dispute_evidence_blob',
+                                payload: {
+                                    dispute_id: req.params.id,
+                                    evidence_id: out.id,
+                                    file_hash: out.hash,
+                                    size: out.size,
+                                    mime, description, filename: filename || null,
+                                    sig: out.sig,
+                                },
+                                priority: 1, relatedOrderId: d.order_id,
+                            });
+                        }
+                        catch (e) {
+                            console.warn('[snf evidence-blob]', rid, e.message);
+                        }
+                    }
+                }
+            }
+            catch (e) {
+                console.warn('[snf evidence-blob] route err:', e.message);
+            }
+            res.json({ success: true, evidence_id: out.id, hash: out.hash, sig: out.sig, dedup: out.dedup, size: out.size });
+        }
+        catch (e) {
+            const msg = e.message;
+            const status = msg === 'not_dispute_party' ? 403
+                : msg === 'dispute_not_found' || msg === 'evidence_not_found' ? 404
+                    : msg === 'evidence_too_large' ? 413
+                        : msg === 'evidence_mime_not_allowed' ? 415
+                            : 400;
+            res.status(status).json({ error: msg });
+        }
+    });
+    // 仲裁员：请求某方补证
+    app.post('/api/disputes/:id/request-evidence', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const elig = isEligibleArbitrator(user.id);
+        if (!elig.ok)
+            return void errorRes(res, 403, 'NOT_ARBITRATOR', elig.reason || '仅限仲裁员');
+        const { requested_from_id, evidence_types, description, deadline_hours = 48 } = req.body;
+        if (!requested_from_id || !description)
+            return void res.json({ error: '请指定被要求方和证据要求说明' });
+        if (!Array.isArray(evidence_types) || evidence_types.length === 0) {
+            return void res.json({ error: '请至少选择一种证据类型' });
+        }
+        const validTypes = ['text', 'image', 'video', 'document', 'chain_data'];
+        if (!evidence_types.every((t) => validTypes.includes(t))) {
+            return void res.json({ error: `证据类型无效，支持：${validTypes.join('/')}` });
+        }
+        const result = requestEvidence(db, req.params.id, user.id, requested_from_id, evidence_types, description, Number(deadline_hours));
+        if (!result.success)
+            return void res.json({ error: result.error });
+        res.json({ success: true, request_id: result.requestId });
+    });
+}

package/dist/pwa/routes/evidence.js

@@ -0,0 +1,86 @@
+import { readEvidenceBlob, withdrawEvidence, verifyEvidenceSig, listEvidence as listEvidenceFiles } from '../../layer3-trust/L3-1-dispute-engine/evidence-storage.js';
+import { submitEvidenceForRequest } from '../../layer3-trust/L3-1-dispute-engine/dispute-engine.js';
+export function registerEvidenceRoutes(app, deps) {
+    const { db, auth, detectFraud } = deps;
+    // 下载证据 blob（仅参与方/仲裁员）
+    app.get('/api/evidence/:id/blob', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        try {
+            const out = readEvidenceBlob(db, req.params.id, user.id);
+            res.setHeader('Content-Type', out.mime);
+            res.setHeader('X-Content-Hash', out.hash);
+            res.setHeader('Cache-Control', 'private, max-age=300');
+            if (out.filename) {
+                res.setHeader('Content-Disposition', `inline; filename*=UTF-8''${encodeURIComponent(out.filename)}`);
+            }
+            res.send(out.blob);
+        }
+        catch (e) {
+            const msg = e.message;
+            const status = msg === 'not_dispute_party' ? 403
+                : msg === 'evidence_not_found' || msg === 'evidence_blob_missing' ? 404
+                    : msg === 'evidence_withdrawn' ? 410
+                        : msg === 'evidence_corrupted' ? 500
+                            : 400;
+            res.status(status).json({ error: msg });
+        }
+    });
+    // 撤回证据（仅上传者，争议未结案时）
+    app.delete('/api/evidence/:id', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        try {
+            withdrawEvidence(db, req.params.id, user.id);
+            res.json({ success: true });
+        }
+        catch (e) {
+            const msg = e.message;
+            const status = msg === 'not_uploader' || msg === 'dispute_closed_cannot_withdraw' ? 403
+                : msg === 'evidence_not_found' ? 404
+                    : 400;
+            res.status(status).json({ error: msg });
+        }
+    });
+    // 验签 — 任意参与方
+    app.get('/api/evidence/:id/verify', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const ev = db.prepare('SELECT dispute_id FROM evidence WHERE id = ?').get(req.params.id);
+        if (!ev)
+            return void res.status(404).json({ error: 'evidence_not_found' });
+        try {
+            listEvidenceFiles(db, ev.dispute_id, user.id);
+        } // 复用鉴权
+        catch {
+            return void res.status(403).json({ error: 'not_dispute_party' });
+        }
+        res.json(verifyEvidenceSig(db, req.params.id));
+    });
+    // 当事人提交补充证据响应（仲裁员 request 后用）
+    app.post('/api/evidence-requests/:requestId/submit', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const { evidence_type = 'text', description, file_hash } = req.body;
+        if (!description?.trim())
+            return void res.json({ error: '请填写证据内容' });
+        const rawDesc = String(description).trim();
+        const result = submitEvidenceForRequest(db, req.params.requestId, user.id, evidence_type, rawDesc, file_hash);
+        if (!result.success)
+            return void res.json({ error: result.error });
+        // 跨窗反诈：写 flag_reasons
+        const evReasons = detectFraud(rawDesc);
+        if (evReasons.length > 0 && result.evidenceId) {
+            try {
+                db.prepare(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`)
+                    .run(JSON.stringify(evReasons), result.evidenceId);
+            }
+            catch { }
+        }
+        res.json({ success: true, evidence_id: result.evidenceId, anchor_hash: result.anchorHash, flag_reasons: evReasons });
+    });
+}

package/dist/pwa/routes/external-anchors.js

@@ -0,0 +1,107 @@
+import { createAnchor, verifyAnchorSignature, revokeAnchor, issueOwnershipToken, submitVerification, getAnchor, listAnchorsByProduct, listAnchorsBySeller, distributeAnchorRewards, ANCHOR_VERIFICATION_FEE_RECOMMENDED, } from '../../layer1-agent/L1-2-external-anchor/anchor-engine.js';
+export function registerExternalAnchorsRoutes(app, deps) {
+    const { db, auth } = deps;
+    app.post('/api/external-anchors', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const { product_id, platform, external_url, canonical, seller_node_url, verification_fee } = req.body || {};
+        if (!platform || !external_url || !canonical)
+            return void res.status(400).json({ error: 'platform / external_url / canonical 必填' });
+        try {
+            const r = createAnchor(db, {
+                sellerId: user.id,
+                productId: product_id ? String(product_id) : null,
+                platform: String(platform), externalUrl: String(external_url),
+                canonical: canonical,
+                sellerNodeUrl: seller_node_url ? String(seller_node_url) : null,
+                verificationFee: verification_fee != null ? Number(verification_fee) : undefined,
+            });
+            res.json({ ok: true, ...r });
+        }
+        catch (e) {
+            res.status(400).json({ error: e.message });
+        }
+    });
+    // 透出推荐 fee + anchor 的奖励情况
+    app.get('/api/external-anchors/:id/rewards', (req, res) => {
+        const a = getAnchor(db, req.params.id);
+        if (!a)
+            return void res.status(404).json({ error: 'anchor 不存在' });
+        const verifications = db.prepare(`
+      SELECT verifier_id, verifier_role, content_matches, token_found, reward_amount, verified_at
+      FROM external_anchor_verifications WHERE anchor_id = ? ORDER BY verified_at ASC
+    `).all(req.params.id);
+        res.json({
+            verification_fee: a.verification_fee || 0,
+            fee_paid_out: !!a.fee_paid_out,
+            ownership_verified: a.ownership_verified,
+            recommended_fee: ANCHOR_VERIFICATION_FEE_RECOMMENDED,
+            verifications,
+            total_paid_out: verifications.reduce((s, v) => s + Number(v.reward_amount || 0), 0),
+        });
+    });
+    // 手动 distribute（admin/arbitrator 补救：anchor 已 community 但 fee_paid_out=0）
+    app.post('/api/external-anchors/:id/distribute-rewards', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        if (user.role !== 'admin' && user.role !== 'arbitrator')
+            return void res.status(403).json({ error: '仅管理员/仲裁员可手动分发' });
+        const paid = distributeAnchorRewards(db, req.params.id);
+        res.json({ ok: true, paid });
+    });
+    app.get('/api/external-anchors/by-product/:id', (req, res) => {
+        res.json({ items: listAnchorsByProduct(db, req.params.id) });
+    });
+    app.get('/api/external-anchors/by-seller/:id', (req, res) => {
+        res.json({ items: listAnchorsBySeller(db, req.params.id) });
+    });
+    app.get('/api/external-anchors/:id', (req, res) => {
+        const a = getAnchor(db, req.params.id);
+        if (!a)
+            return void res.status(404).json({ error: 'anchor 不存在' });
+        res.json(a);
+    });
+    app.get('/api/external-anchors/:id/verify-sig', (req, res) => {
+        res.json(verifyAnchorSignature(db, req.params.id));
+    });
+    app.post('/api/external-anchors/:id/revoke', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const r = revokeAnchor(db, req.params.id, user.id, String(req.body?.reason || 'manual'));
+        if (!r.ok)
+            return void res.status(400).json({ error: r.reason });
+        res.json({ ok: true });
+    });
+    app.post('/api/external-anchors/:id/issue-token', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const r = issueOwnershipToken(db, req.params.id, user.id);
+        if (!r.ok)
+            return void res.status(400).json({ error: r.reason });
+        res.json(r);
+    });
+    // verifier 提交独立验证（任何已登录用户可做）
+    app.post('/api/external-anchors/:id/verify', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const { submitted_canonical, token_found, notes } = req.body || {};
+        if (!submitted_canonical)
+            return void res.status(400).json({ error: '请提交独立提取的 canonical 数据' });
+        const r = submitVerification(db, {
+            anchorId: req.params.id,
+            verifierId: user.id,
+            verifierRole: user.role,
+            submittedCanonical: submitted_canonical,
+            tokenFoundInExternal: !!token_found,
+            notes: notes ? String(notes) : undefined,
+        });
+        if (!r.ok)
+            return void res.status(400).json({ error: r.reason });
+        res.json(r);
+    });
+}