npm - @sempdev/semp - Versions diffs - 0.4.3 - Mend

@sempdev/semp 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (559) hide show

package/LICENSE +21 -0
package/README.md +59 -0
package/dist/brief/address.d.ts +77 -0
package/dist/brief/address.d.ts.map +1 -0
package/dist/brief/address.js +217 -0
package/dist/brief/address.js.map +1 -0
package/dist/brief/brief.d.ts +75 -0
package/dist/brief/brief.d.ts.map +1 -0
package/dist/brief/brief.js +56 -0
package/dist/brief/brief.js.map +1 -0
package/dist/brief/index.d.ts +11 -0
package/dist/brief/index.d.ts.map +1 -0
package/dist/brief/index.js +11 -0
package/dist/brief/index.js.map +1 -0
package/dist/canonical/index.d.ts +8 -0
package/dist/canonical/index.d.ts.map +1 -0
package/dist/canonical/index.js +8 -0
package/dist/canonical/index.js.map +1 -0
package/dist/canonical/marshal.d.ts +35 -0
package/dist/canonical/marshal.d.ts.map +1 -0
package/dist/canonical/marshal.js +107 -0
package/dist/canonical/marshal.js.map +1 -0
package/dist/clockskew/index.d.ts +52 -0
package/dist/clockskew/index.d.ts.map +1 -0
package/dist/clockskew/index.js +62 -0
package/dist/clockskew/index.js.map +1 -0
package/dist/closure/closure.d.ts +106 -0
package/dist/closure/closure.d.ts.map +1 -0
package/dist/closure/closure.js +152 -0
package/dist/closure/closure.js.map +1 -0
package/dist/closure/driver.d.ts +103 -0
package/dist/closure/driver.d.ts.map +1 -0
package/dist/closure/driver.js +126 -0
package/dist/closure/driver.js.map +1 -0
package/dist/closure/index.d.ts +13 -0
package/dist/closure/index.d.ts.map +1 -0
package/dist/closure/index.js +13 -0
package/dist/closure/index.js.map +1 -0
package/dist/closure/store.d.ts +80 -0
package/dist/closure/store.d.ts.map +1 -0
package/dist/closure/store.js +89 -0
package/dist/closure/store.js.map +1 -0
package/dist/crypto/aead.d.ts +29 -0
package/dist/crypto/aead.d.ts.map +1 -0
package/dist/crypto/aead.js +48 -0
package/dist/crypto/aead.js.map +1 -0
package/dist/crypto/argon2.d.ts +20 -0
package/dist/crypto/argon2.d.ts.map +1 -0
package/dist/crypto/argon2.js +28 -0
package/dist/crypto/argon2.js.map +1 -0
package/dist/crypto/index.d.ts +14 -0
package/dist/crypto/index.d.ts.map +1 -0
package/dist/crypto/index.js +14 -0
package/dist/crypto/index.js.map +1 -0
package/dist/crypto/kdf.d.ts +96 -0
package/dist/crypto/kdf.d.ts.map +1 -0
package/dist/crypto/kdf.js +122 -0
package/dist/crypto/kdf.js.map +1 -0
package/dist/crypto/kem.d.ts +85 -0
package/dist/crypto/kem.d.ts.map +1 -0
package/dist/crypto/kem.js +130 -0
package/dist/crypto/kem.js.map +1 -0
package/dist/crypto/mac.d.ts +19 -0
package/dist/crypto/mac.d.ts.map +1 -0
package/dist/crypto/mac.js +32 -0
package/dist/crypto/mac.js.map +1 -0
package/dist/delivery/ack.d.ts +125 -0
package/dist/delivery/ack.d.ts.map +1 -0
package/dist/delivery/ack.js +141 -0
package/dist/delivery/ack.js.map +1 -0
package/dist/delivery/blocklist.d.ts +87 -0
package/dist/delivery/blocklist.d.ts.map +1 -0
package/dist/delivery/blocklist.js +107 -0
package/dist/delivery/blocklist.js.map +1 -0
package/dist/delivery/cancel.d.ts +60 -0
package/dist/delivery/cancel.d.ts.map +1 -0
package/dist/delivery/cancel.js +43 -0
package/dist/delivery/cancel.js.map +1 -0
package/dist/delivery/disposition.d.ts +106 -0
package/dist/delivery/disposition.d.ts.map +1 -0
package/dist/delivery/disposition.js +105 -0
package/dist/delivery/disposition.js.map +1 -0
package/dist/delivery/fetch.d.ts +59 -0
package/dist/delivery/fetch.d.ts.map +1 -0
package/dist/delivery/fetch.js +47 -0
package/dist/delivery/fetch.js.map +1 -0
package/dist/delivery/forwarder.d.ts +106 -0
package/dist/delivery/forwarder.d.ts.map +1 -0
package/dist/delivery/forwarder.js +251 -0
package/dist/delivery/forwarder.js.map +1 -0
package/dist/delivery/inbox.d.ts +42 -0
package/dist/delivery/inbox.d.ts.map +1 -0
package/dist/delivery/inbox.js +68 -0
package/dist/delivery/inbox.js.map +1 -0
package/dist/delivery/index.d.ts +31 -0
package/dist/delivery/index.d.ts.map +1 -0
package/dist/delivery/index.js +31 -0
package/dist/delivery/index.js.map +1 -0
package/dist/delivery/internalroute.d.ts +50 -0
package/dist/delivery/internalroute.d.ts.map +1 -0
package/dist/delivery/internalroute.js +23 -0
package/dist/delivery/internalroute.js.map +1 -0
package/dist/delivery/pipeline.d.ts +153 -0
package/dist/delivery/pipeline.d.ts.map +1 -0
package/dist/delivery/pipeline.js +356 -0
package/dist/delivery/pipeline.js.map +1 -0
package/dist/delivery/policy_state.d.ts +105 -0
package/dist/delivery/policy_state.d.ts.map +1 -0
package/dist/delivery/policy_state.js +293 -0
package/dist/delivery/policy_state.js.map +1 -0
package/dist/delivery/queue.d.ts +47 -0
package/dist/delivery/queue.d.ts.map +1 -0
package/dist/delivery/queue.js +33 -0
package/dist/delivery/queue.js.map +1 -0
package/dist/delivery/receipt.d.ts +137 -0
package/dist/delivery/receipt.d.ts.map +1 -0
package/dist/delivery/receipt.js +181 -0
package/dist/delivery/receipt.js.map +1 -0
package/dist/delivery/receipt_store.d.ts +81 -0
package/dist/delivery/receipt_store.d.ts.map +1 -0
package/dist/delivery/receipt_store.js +74 -0
package/dist/delivery/receipt_store.js.map +1 -0
package/dist/delivery/retry.d.ts +78 -0
package/dist/delivery/retry.d.ts.map +1 -0
package/dist/delivery/retry.js +132 -0
package/dist/delivery/retry.js.map +1 -0
package/dist/delivery/scheduler.d.ts +156 -0
package/dist/delivery/scheduler.d.ts.map +1 -0
package/dist/delivery/scheduler.js +349 -0
package/dist/delivery/scheduler.js.map +1 -0
package/dist/delivery/stage_partition.d.ts +87 -0
package/dist/delivery/stage_partition.d.ts.map +1 -0
package/dist/delivery/stage_partition.js +122 -0
package/dist/delivery/stage_partition.js.map +1 -0
package/dist/delivery/staged_runner.d.ts +100 -0
package/dist/delivery/staged_runner.d.ts.map +1 -0
package/dist/delivery/staged_runner.js +277 -0
package/dist/delivery/staged_runner.js.map +1 -0
package/dist/delivery/submission.d.ts +72 -0
package/dist/delivery/submission.d.ts.map +1 -0
package/dist/delivery/submission.js +58 -0
package/dist/delivery/submission.js.map +1 -0
package/dist/delivery/sync.d.ts +68 -0
package/dist/delivery/sync.d.ts.map +1 -0
package/dist/delivery/sync.js +99 -0
package/dist/delivery/sync.js.map +1 -0
package/dist/delivery/user_policy.d.ts +74 -0
package/dist/delivery/user_policy.d.ts.map +1 -0
package/dist/delivery/user_policy.js +140 -0
package/dist/delivery/user_policy.js.map +1 -0
package/dist/discovery/cache.d.ts +37 -0
package/dist/discovery/cache.d.ts.map +1 -0
package/dist/discovery/cache.js +45 -0
package/dist/discovery/cache.js.map +1 -0
package/dist/discovery/configuration.d.ts +97 -0
package/dist/discovery/configuration.d.ts.map +1 -0
package/dist/discovery/configuration.js +146 -0
package/dist/discovery/configuration.js.map +1 -0
package/dist/discovery/dns.d.ts +56 -0
package/dist/discovery/dns.d.ts.map +1 -0
package/dist/discovery/dns.js +120 -0
package/dist/discovery/dns.js.map +1 -0
package/dist/discovery/domain_keys.d.ts +62 -0
package/dist/discovery/domain_keys.d.ts.map +1 -0
package/dist/discovery/domain_keys.js +89 -0
package/dist/discovery/domain_keys.js.map +1 -0
package/dist/discovery/index.d.ts +19 -0
package/dist/discovery/index.d.ts.map +1 -0
package/dist/discovery/index.js +19 -0
package/dist/discovery/index.js.map +1 -0
package/dist/discovery/lookup.d.ts +72 -0
package/dist/discovery/lookup.d.ts.map +1 -0
package/dist/discovery/lookup.js +121 -0
package/dist/discovery/lookup.js.map +1 -0
package/dist/discovery/onion.d.ts +34 -0
package/dist/discovery/onion.d.ts.map +1 -0
package/dist/discovery/onion.js +61 -0
package/dist/discovery/onion.js.map +1 -0
package/dist/discovery/partition.d.ts +96 -0
package/dist/discovery/partition.d.ts.map +1 -0
package/dist/discovery/partition.js +247 -0
package/dist/discovery/partition.js.map +1 -0
package/dist/discovery/resolver.d.ts +113 -0
package/dist/discovery/resolver.d.ts.map +1 -0
package/dist/discovery/resolver.js +176 -0
package/dist/discovery/resolver.js.map +1 -0
package/dist/discovery/txt.d.ts +39 -0
package/dist/discovery/txt.d.ts.map +1 -0
package/dist/discovery/txt.js +71 -0
package/dist/discovery/txt.js.map +1 -0
package/dist/enclosure/forwarding.d.ts +128 -0
package/dist/enclosure/forwarding.d.ts.map +1 -0
package/dist/enclosure/forwarding.js +119 -0
package/dist/enclosure/forwarding.js.map +1 -0
package/dist/enclosure/index.d.ts +11 -0
package/dist/enclosure/index.d.ts.map +1 -0
package/dist/enclosure/index.js +11 -0
package/dist/enclosure/index.js.map +1 -0
package/dist/envelope/buckets.d.ts +38 -0
package/dist/envelope/buckets.d.ts.map +1 -0
package/dist/envelope/buckets.js +73 -0
package/dist/envelope/buckets.js.map +1 -0
package/dist/envelope/canonical.d.ts +28 -0
package/dist/envelope/canonical.d.ts.map +1 -0
package/dist/envelope/canonical.js +54 -0
package/dist/envelope/canonical.js.map +1 -0
package/dist/envelope/compose.d.ts +171 -0
package/dist/envelope/compose.d.ts.map +1 -0
package/dist/envelope/compose.js +237 -0
package/dist/envelope/compose.js.map +1 -0
package/dist/envelope/encode.d.ts +41 -0
package/dist/envelope/encode.d.ts.map +1 -0
package/dist/envelope/encode.js +69 -0
package/dist/envelope/encode.js.map +1 -0
package/dist/envelope/index.d.ts +20 -0
package/dist/envelope/index.d.ts.map +1 -0
package/dist/envelope/index.js +20 -0
package/dist/envelope/index.js.map +1 -0
package/dist/envelope/open_any.d.ts +48 -0
package/dist/envelope/open_any.d.ts.map +1 -0
package/dist/envelope/open_any.js +81 -0
package/dist/envelope/open_any.js.map +1 -0
package/dist/envelope/open_verified.d.ts +59 -0
package/dist/envelope/open_verified.d.ts.map +1 -0
package/dist/envelope/open_verified.js +67 -0
package/dist/envelope/open_verified.js.map +1 -0
package/dist/envelope/padding.d.ts +55 -0
package/dist/envelope/padding.d.ts.map +1 -0
package/dist/envelope/padding.js +162 -0
package/dist/envelope/padding.js.map +1 -0
package/dist/envelope/rejection.d.ts +22 -0
package/dist/envelope/rejection.d.ts.map +1 -0
package/dist/envelope/rejection.js +30 -0
package/dist/envelope/rejection.js.map +1 -0
package/dist/envelope/sendtime.d.ts +49 -0
package/dist/envelope/sendtime.d.ts.map +1 -0
package/dist/envelope/sendtime.js +87 -0
package/dist/envelope/sendtime.js.map +1 -0
package/dist/envelope/verify.d.ts +29 -0
package/dist/envelope/verify.d.ts.map +1 -0
package/dist/envelope/verify.js +90 -0
package/dist/envelope/verify.js.map +1 -0
package/dist/extensions/index.d.ts +7 -0
package/dist/extensions/index.d.ts.map +1 -0
package/dist/extensions/index.js +7 -0
package/dist/extensions/index.js.map +1 -0
package/dist/extensions/limits.d.ts +101 -0
package/dist/extensions/limits.d.ts.map +1 -0
package/dist/extensions/limits.js +175 -0
package/dist/extensions/limits.js.map +1 -0
package/dist/handshake/abort.d.ts +49 -0
package/dist/handshake/abort.d.ts.map +1 -0
package/dist/handshake/abort.js +82 -0
package/dist/handshake/abort.js.map +1 -0
package/dist/handshake/capabilities.d.ts +46 -0
package/dist/handshake/capabilities.d.ts.map +1 -0
package/dist/handshake/capabilities.js +114 -0
package/dist/handshake/capabilities.js.map +1 -0
package/dist/handshake/client_state.d.ts +186 -0
package/dist/handshake/client_state.d.ts.map +1 -0
package/dist/handshake/client_state.js +520 -0
package/dist/handshake/client_state.js.map +1 -0
package/dist/handshake/confirm.d.ts +21 -0
package/dist/handshake/confirm.d.ts.map +1 -0
package/dist/handshake/confirm.js +27 -0
package/dist/handshake/confirm.js.map +1 -0
package/dist/handshake/driver.d.ts +126 -0
package/dist/handshake/driver.d.ts.map +1 -0
package/dist/handshake/driver.js +251 -0
package/dist/handshake/driver.js.map +1 -0
package/dist/handshake/federation.d.ts +365 -0
package/dist/handshake/federation.d.ts.map +1 -0
package/dist/handshake/federation.js +664 -0
package/dist/handshake/federation.js.map +1 -0
package/dist/handshake/first_contact.d.ts +57 -0
package/dist/handshake/first_contact.d.ts.map +1 -0
package/dist/handshake/first_contact.js +124 -0
package/dist/handshake/first_contact.js.map +1 -0
package/dist/handshake/identity.d.ts +101 -0
package/dist/handshake/identity.d.ts.map +1 -0
package/dist/handshake/identity.js +117 -0
package/dist/handshake/identity.js.map +1 -0
package/dist/handshake/index.d.ts +21 -0
package/dist/handshake/index.d.ts.map +1 -0
package/dist/handshake/index.js +21 -0
package/dist/handshake/index.js.map +1 -0
package/dist/handshake/messages.d.ts +176 -0
package/dist/handshake/messages.d.ts.map +1 -0
package/dist/handshake/messages.js +125 -0
package/dist/handshake/messages.js.map +1 -0
package/dist/handshake/pow.d.ts +53 -0
package/dist/handshake/pow.d.ts.map +1 -0
package/dist/handshake/pow.js +142 -0
package/dist/handshake/pow.js.map +1 -0
package/dist/handshake/resume_driver.d.ts +56 -0
package/dist/handshake/resume_driver.d.ts.map +1 -0
package/dist/handshake/resume_driver.js +75 -0
package/dist/handshake/resume_driver.js.map +1 -0
package/dist/handshake/server.d.ts +112 -0
package/dist/handshake/server.d.ts.map +1 -0
package/dist/handshake/server.js +247 -0
package/dist/handshake/server.js.map +1 -0
package/dist/handshake/server_state.d.ts +102 -0
package/dist/handshake/server_state.d.ts.map +1 -0
package/dist/handshake/server_state.js +278 -0
package/dist/handshake/server_state.js.map +1 -0
package/dist/index.d.ts +33 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +33 -0
package/dist/index.js.map +1 -0
package/dist/keys/compromise.d.ts +118 -0
package/dist/keys/compromise.d.ts.map +1 -0
package/dist/keys/compromise.js +218 -0
package/dist/keys/compromise.js.map +1 -0
package/dist/keys/device_certificate.d.ts +166 -0
package/dist/keys/device_certificate.d.ts.map +1 -0
package/dist/keys/device_certificate.js +328 -0
package/dist/keys/device_certificate.js.map +1 -0
package/dist/keys/device_records.d.ts +175 -0
package/dist/keys/device_records.d.ts.map +1 -0
package/dist/keys/device_records.js +418 -0
package/dist/keys/device_records.js.map +1 -0
package/dist/keys/directory_cache.d.ts +64 -0
package/dist/keys/directory_cache.d.ts.map +1 -0
package/dist/keys/directory_cache.js +98 -0
package/dist/keys/directory_cache.js.map +1 -0
package/dist/keys/directory_state.d.ts +79 -0
package/dist/keys/directory_state.d.ts.map +1 -0
package/dist/keys/directory_state.js +155 -0
package/dist/keys/directory_state.js.map +1 -0
package/dist/keys/index.d.ts +18 -0
package/dist/keys/index.d.ts.map +1 -0
package/dist/keys/index.js +18 -0
package/dist/keys/index.js.map +1 -0
package/dist/keys/key_revocation.d.ts +61 -0
package/dist/keys/key_revocation.d.ts.map +1 -0
package/dist/keys/key_revocation.js +88 -0
package/dist/keys/key_revocation.js.map +1 -0
package/dist/keys/request.d.ts +124 -0
package/dist/keys/request.d.ts.map +1 -0
package/dist/keys/request.js +130 -0
package/dist/keys/request.js.map +1 -0
package/dist/keys/sign.d.ts +49 -0
package/dist/keys/sign.d.ts.map +1 -0
package/dist/keys/sign.js +80 -0
package/dist/keys/sign.js.map +1 -0
package/dist/keys/signed.d.ts +80 -0
package/dist/keys/signed.d.ts.map +1 -0
package/dist/keys/signed.js +138 -0
package/dist/keys/signed.js.map +1 -0
package/dist/keys/store.d.ts +138 -0
package/dist/keys/store.d.ts.map +1 -0
package/dist/keys/store.js +107 -0
package/dist/keys/store.js.map +1 -0
package/dist/largeattachment/crypto.d.ts +47 -0
package/dist/largeattachment/crypto.d.ts.map +1 -0
package/dist/largeattachment/crypto.js +235 -0
package/dist/largeattachment/crypto.js.map +1 -0
package/dist/largeattachment/enclosure.d.ts +48 -0
package/dist/largeattachment/enclosure.d.ts.map +1 -0
package/dist/largeattachment/enclosure.js +102 -0
package/dist/largeattachment/enclosure.js.map +1 -0
package/dist/largeattachment/index.d.ts +15 -0
package/dist/largeattachment/index.d.ts.map +1 -0
package/dist/largeattachment/index.js +15 -0
package/dist/largeattachment/index.js.map +1 -0
package/dist/largeattachment/store.d.ts +36 -0
package/dist/largeattachment/store.d.ts.map +1 -0
package/dist/largeattachment/store.js +37 -0
package/dist/largeattachment/store.js.map +1 -0
package/dist/largeattachment/types.d.ts +56 -0
package/dist/largeattachment/types.d.ts.map +1 -0
package/dist/largeattachment/types.js +31 -0
package/dist/largeattachment/types.js.map +1 -0
package/dist/largeattachment/upload.d.ts +62 -0
package/dist/largeattachment/upload.d.ts.map +1 -0
package/dist/largeattachment/upload.js +166 -0
package/dist/largeattachment/upload.js.map +1 -0
package/dist/migration/index.d.ts +17 -0
package/dist/migration/index.d.ts.map +1 -0
package/dist/migration/index.js +17 -0
package/dist/migration/index.js.map +1 -0
package/dist/migration/lockout.d.ts +48 -0
package/dist/migration/lockout.d.ts.map +1 -0
package/dist/migration/lockout.js +57 -0
package/dist/migration/lockout.js.map +1 -0
package/dist/migration/migration.d.ts +48 -0
package/dist/migration/migration.d.ts.map +1 -0
package/dist/migration/migration.js +58 -0
package/dist/migration/migration.js.map +1 -0
package/dist/migration/notice.d.ts +33 -0
package/dist/migration/notice.d.ts.map +1 -0
package/dist/migration/notice.js +85 -0
package/dist/migration/notice.js.map +1 -0
package/dist/migration/orchestrate.d.ts +109 -0
package/dist/migration/orchestrate.d.ts.map +1 -0
package/dist/migration/orchestrate.js +212 -0
package/dist/migration/orchestrate.js.map +1 -0
package/dist/migration/publication_store.d.ts +34 -0
package/dist/migration/publication_store.d.ts.map +1 -0
package/dist/migration/publication_store.js +44 -0
package/dist/migration/publication_store.js.map +1 -0
package/dist/migration/sign.d.ts +65 -0
package/dist/migration/sign.d.ts.map +1 -0
package/dist/migration/sign.js +331 -0
package/dist/migration/sign.js.map +1 -0
package/dist/migration/types.d.ts +92 -0
package/dist/migration/types.d.ts.map +1 -0
package/dist/migration/types.js +26 -0
package/dist/migration/types.js.map +1 -0
package/dist/reasoncodes.d.ts +42 -0
package/dist/reasoncodes.d.ts.map +1 -0
package/dist/reasoncodes.js +80 -0
package/dist/reasoncodes.js.map +1 -0
package/dist/recovery/bundle.d.ts +34 -0
package/dist/recovery/bundle.d.ts.map +1 -0
package/dist/recovery/bundle.js +144 -0
package/dist/recovery/bundle.js.map +1 -0
package/dist/recovery/bundle_crypto.d.ts +60 -0
package/dist/recovery/bundle_crypto.d.ts.map +1 -0
package/dist/recovery/bundle_crypto.js +179 -0
package/dist/recovery/bundle_crypto.js.map +1 -0
package/dist/recovery/bundle_store.d.ts +57 -0
package/dist/recovery/bundle_store.d.ts.map +1 -0
package/dist/recovery/bundle_store.js +104 -0
package/dist/recovery/bundle_store.js.map +1 -0
package/dist/recovery/index.d.ts +19 -0
package/dist/recovery/index.d.ts.map +1 -0
package/dist/recovery/index.js +19 -0
package/dist/recovery/index.js.map +1 -0
package/dist/recovery/manifest_crosscheck.d.ts +59 -0
package/dist/recovery/manifest_crosscheck.d.ts.map +1 -0
package/dist/recovery/manifest_crosscheck.js +59 -0
package/dist/recovery/manifest_crosscheck.js.map +1 -0
package/dist/recovery/shamir.d.ts +51 -0
package/dist/recovery/shamir.d.ts.map +1 -0
package/dist/recovery/shamir.js +181 -0
package/dist/recovery/shamir.js.map +1 -0
package/dist/recovery/sign.d.ts +61 -0
package/dist/recovery/sign.d.ts.map +1 -0
package/dist/recovery/sign.js +359 -0
package/dist/recovery/sign.js.map +1 -0
package/dist/recovery/types.d.ts +180 -0
package/dist/recovery/types.d.ts.map +1 -0
package/dist/recovery/types.js +31 -0
package/dist/recovery/types.js.map +1 -0
package/dist/reputation/abuse_report.d.ts +62 -0
package/dist/reputation/abuse_report.d.ts.map +1 -0
package/dist/reputation/abuse_report.js +111 -0
package/dist/reputation/abuse_report.js.map +1 -0
package/dist/reputation/bucketize.d.ts +31 -0
package/dist/reputation/bucketize.d.ts.map +1 -0
package/dist/reputation/bucketize.js +77 -0
package/dist/reputation/bucketize.js.map +1 -0
package/dist/reputation/gossip.d.ts +24 -0
package/dist/reputation/gossip.d.ts.map +1 -0
package/dist/reputation/gossip.js +64 -0
package/dist/reputation/gossip.js.map +1 -0
package/dist/reputation/gossip_fetch.d.ts +64 -0
package/dist/reputation/gossip_fetch.d.ts.map +1 -0
package/dist/reputation/gossip_fetch.js +114 -0
package/dist/reputation/gossip_fetch.js.map +1 -0
package/dist/reputation/index.d.ts +20 -0
package/dist/reputation/index.d.ts.map +1 -0
package/dist/reputation/index.js +20 -0
package/dist/reputation/index.js.map +1 -0
package/dist/reputation/observation_store.d.ts +67 -0
package/dist/reputation/observation_store.d.ts.map +1 -0
package/dist/reputation/observation_store.js +171 -0
package/dist/reputation/observation_store.js.map +1 -0
package/dist/reputation/pow.d.ts +91 -0
package/dist/reputation/pow.d.ts.map +1 -0
package/dist/reputation/pow.js +209 -0
package/dist/reputation/pow.js.map +1 -0
package/dist/reputation/sign.d.ts +40 -0
package/dist/reputation/sign.d.ts.map +1 -0
package/dist/reputation/sign.js +202 -0
package/dist/reputation/sign.js.map +1 -0
package/dist/reputation/types.d.ts +133 -0
package/dist/reputation/types.d.ts.map +1 -0
package/dist/reputation/types.js +33 -0
package/dist/reputation/types.js.map +1 -0
package/dist/reputation/whois.d.ts +25 -0
package/dist/reputation/whois.d.ts.map +1 -0
package/dist/reputation/whois.js +20 -0
package/dist/reputation/whois.js.map +1 -0
package/dist/seal/index.d.ts +8 -0
package/dist/seal/index.d.ts.map +1 -0
package/dist/seal/index.js +8 -0
package/dist/seal/index.js.map +1 -0
package/dist/seal/wrap.d.ts +74 -0
package/dist/seal/wrap.d.ts.map +1 -0
package/dist/seal/wrap.js +213 -0
package/dist/seal/wrap.js.map +1 -0
package/dist/session/dispatcher.d.ts +65 -0
package/dist/session/dispatcher.d.ts.map +1 -0
package/dist/session/dispatcher.js +96 -0
package/dist/session/dispatcher.js.map +1 -0
package/dist/session/index.d.ts +15 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +15 -0
package/dist/session/index.js.map +1 -0
package/dist/session/rekey.d.ts +108 -0
package/dist/session/rekey.d.ts.map +1 -0
package/dist/session/rekey.js +207 -0
package/dist/session/rekey.js.map +1 -0
package/dist/session/rekey_seal.d.ts +66 -0
package/dist/session/rekey_seal.d.ts.map +1 -0
package/dist/session/rekey_seal.js +153 -0
package/dist/session/rekey_seal.js.map +1 -0
package/dist/session/resume.d.ts +125 -0
package/dist/session/resume.d.ts.map +1 -0
package/dist/session/resume.js +263 -0
package/dist/session/resume.js.map +1 -0
package/dist/session/session.d.ts +136 -0
package/dist/session/session.d.ts.map +1 -0
package/dist/session/session.js +188 -0
package/dist/session/session.js.map +1 -0
package/dist/transparency/index.d.ts +13 -0
package/dist/transparency/index.d.ts.map +1 -0
package/dist/transparency/index.js +13 -0
package/dist/transparency/index.js.map +1 -0
package/dist/transparency/log.d.ts +61 -0
package/dist/transparency/log.d.ts.map +1 -0
package/dist/transparency/log.js +133 -0
package/dist/transparency/log.js.map +1 -0
package/dist/transparency/merkle.d.ts +59 -0
package/dist/transparency/merkle.d.ts.map +1 -0
package/dist/transparency/merkle.js +314 -0
package/dist/transparency/merkle.js.map +1 -0
package/dist/transparency/sign.d.ts +48 -0
package/dist/transparency/sign.d.ts.map +1 -0
package/dist/transparency/sign.js +140 -0
package/dist/transparency/sign.js.map +1 -0
package/dist/transparency/types.d.ts +97 -0
package/dist/transparency/types.d.ts.map +1 -0
package/dist/transparency/types.js +25 -0
package/dist/transparency/types.js.map +1 -0
package/dist/transport/h2.d.ts +163 -0
package/dist/transport/h2.d.ts.map +1 -0
package/dist/transport/h2.js +397 -0
package/dist/transport/h2.js.map +1 -0
package/dist/transport/index.d.ts +15 -0
package/dist/transport/index.d.ts.map +1 -0
package/dist/transport/index.js +15 -0
package/dist/transport/index.js.map +1 -0
package/dist/transport/memory.d.ts +21 -0
package/dist/transport/memory.d.ts.map +1 -0
package/dist/transport/memory.js +112 -0
package/dist/transport/memory.js.map +1 -0
package/dist/transport/transport.d.ts +54 -0
package/dist/transport/transport.d.ts.map +1 -0
package/dist/transport/transport.js +20 -0
package/dist/transport/transport.js.map +1 -0
package/dist/transport/ws.d.ts +40 -0
package/dist/transport/ws.d.ts.map +1 -0
package/dist/transport/ws.js +204 -0
package/dist/transport/ws.js.map +1 -0
package/package.json +147 -0

package/dist/delivery/sync.d.ts ADDED Viewed

@@ -0,0 +1,68 @@
+/**
+ * SEMP_BLOCK block-list sync wire shape per DELIVERY.md §6.1.
+ *
+ * Used to propagate block-list changes from a client to its home
+ * server and onward to the user's other devices. The message MUST
+ * be signed by the originating device's identity key. The home
+ * server MUST verify the signature before storing or propagating
+ * (DELIVERY.md §6.2 / §8.2).
+ *
+ * @module
+ */
+import { type BlockEntry } from "./blocklist.js";
+/** Wire-level type discriminator. */
+export declare const SyncMessageType = "SEMP_BLOCK";
+/** Schema version. */
+export declare const SyncMessageVersion = "1.0.0";
+/** The only defined step. */
+export declare const SyncStep = "update";
+/** Domain-separation prefix; SEMP_BLOCK uses no extra prefix beyond the SEMP-REVOCATION-style canonical-blanked pattern. */
+export declare const SyncMessagePrefix = "SEMP-BLOCK:";
+/** Sync operation verb. */
+export type SyncOp = "add" | "remove" | "modify";
+/** One entry in {@link SyncMessage.operations}. */
+export interface SyncOperation {
+    op: SyncOp;
+    /** For `remove` and `modify`. */
+    entry_id?: string;
+    /** For `add` and `modify`. */
+    entry?: BlockEntry;
+}
+/** SEMP_BLOCK reusable signature block. */
+export interface SyncSignatureBlock {
+    algorithm: string;
+    key_id: string;
+    /** Base64. */
+    value: string;
+}
+/**
+ * SEMP_BLOCK sync message per DELIVERY.md §6.1.
+ *
+ * Signed by the originating device's identity key under the
+ * `SEMP-BLOCK:` prefix; the canonical bytes are computed with
+ * `signature.value` blanked.
+ */
+export interface SyncMessage {
+    type: typeof SyncMessageType;
+    step: typeof SyncStep;
+    version: string;
+    user_id: string;
+    device_id: string;
+    list_version: number;
+    /** ISO 8601 UTC. */
+    timestamp: string;
+    operations: SyncOperation[];
+    signature: SyncSignatureBlock;
+}
+/**
+ * Sign `m.signature` with the originating device's identity private
+ * key per §6.2. Mutates `m` in place. Returns the base64 signature.
+ */
+export declare function signSyncMessage(m: SyncMessage, devicePriv: Uint8Array, deviceKeyId: string): string;
+/** Verify `m.signature` against the originating device's identity public key. */
+export declare function verifySyncMessage(m: SyncMessage, devicePub: Uint8Array): boolean;
+/** Structural validation per §6.1. Throws on first violation. */
+export declare function validateSyncMessage(m: SyncMessage, opts?: {
+    skipSignatureCheck?: boolean;
+}): void;
+//# sourceMappingURL=sync.d.ts.map

package/dist/delivery/sync.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sync.d.ts","sourceRoot":"","sources":["../../src/delivery/sync.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAGjD,qCAAqC;AACrC,eAAO,MAAM,eAAe,eAAe,CAAC;AAE5C,sBAAsB;AACtB,eAAO,MAAM,kBAAkB,UAAU,CAAC;AAE1C,6BAA6B;AAC7B,eAAO,MAAM,QAAQ,WAAW,CAAC;AAEjC,4HAA4H;AAC5H,eAAO,MAAM,iBAAiB,gBAAgB,CAAC;AAE/C,2BAA2B;AAC3B,MAAM,MAAM,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEjD,mDAAmD;AACnD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,8BAA8B;IAC9B,KAAK,CAAC,EAAE,UAAU,CAAC;CACpB;AAED,2CAA2C;AAC3C,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,cAAc;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;;;;;GAMG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,OAAO,eAAe,CAAC;IAC7B,IAAI,EAAE,OAAO,QAAQ,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,aAAa,EAAE,CAAC;IAC5B,SAAS,EAAE,kBAAkB,CAAC;CAC/B;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAC7B,CAAC,EAAE,WAAW,EACd,UAAU,EAAE,UAAU,EACtB,WAAW,EAAE,MAAM,GAClB,MAAM,CAgBR;AAED,iFAAiF;AACjF,wBAAgB,iBAAiB,CAC/B,CAAC,EAAE,WAAW,EACd,SAAS,EAAE,UAAU,GACpB,OAAO,CAYT;AAED,iEAAiE;AACjE,wBAAgB,mBAAmB,CACjC,CAAC,EAAE,WAAW,EACd,IAAI,GAAE;IAAE,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAAO,GAC1C,IAAI,CAsDN"}

package/dist/delivery/sync.js ADDED Viewed

@@ -0,0 +1,99 @@
+/**
+ * SEMP_BLOCK block-list sync wire shape per DELIVERY.md §6.1.
+ *
+ * Used to propagate block-list changes from a client to its home
+ * server and onward to the user's other devices. The message MUST
+ * be signed by the originating device's identity key. The home
+ * server MUST verify the signature before storing or propagating
+ * (DELIVERY.md §6.2 / §8.2).
+ *
+ * @module
+ */
+import {} from "./blocklist.js";
+import { signSignedDoc, verifySignedDoc } from "../keys/index.js";
+/** Wire-level type discriminator. */
+export const SyncMessageType = "SEMP_BLOCK";
+/** Schema version. */
+export const SyncMessageVersion = "1.0.0";
+/** The only defined step. */
+export const SyncStep = "update";
+/** Domain-separation prefix; SEMP_BLOCK uses no extra prefix beyond the SEMP-REVOCATION-style canonical-blanked pattern. */
+export const SyncMessagePrefix = "SEMP-BLOCK:";
+/**
+ * Sign `m.signature` with the originating device's identity private
+ * key per §6.2. Mutates `m` in place. Returns the base64 signature.
+ */
+export function signSyncMessage(m, devicePriv, deviceKeyId) {
+    if (deviceKeyId === "") {
+        throw new Error("delivery: empty device key_id");
+    }
+    validateSyncMessage(m, { skipSignatureCheck: true });
+    m.signature.algorithm = "ed25519";
+    m.signature.key_id = deviceKeyId;
+    m.signature.value = "";
+    const { signedJSON, signatureB64 } = signSignedDoc({
+        preSignJSON: m,
+        seed: devicePriv,
+        signaturePath: "signature.value",
+        prefix: SyncMessagePrefix,
+    });
+    m.signature.value = signedJSON.signature.value;
+    return signatureB64;
+}
+/** Verify `m.signature` against the originating device's identity public key. */
+export function verifySyncMessage(m, devicePub) {
+    validateSyncMessage(m);
+    if (m.signature.value === "") {
+        return false;
+    }
+    const { ok } = verifySignedDoc({
+        signedJSON: m,
+        publicKey: devicePub,
+        signaturePath: "signature.value",
+        prefix: SyncMessagePrefix,
+    });
+    return ok;
+}
+/** Structural validation per §6.1. Throws on first violation. */
+export function validateSyncMessage(m, opts = {}) {
+    if (m.type !== SyncMessageType) {
+        throw new Error(`delivery: sync message type ${JSON.stringify(m.type)}, want ${SyncMessageType}`);
+    }
+    if (m.step !== SyncStep) {
+        throw new Error(`delivery: sync message step ${JSON.stringify(m.step)}, want ${SyncStep}`);
+    }
+    for (const f of ["version", "user_id", "device_id", "timestamp"]) {
+        if (typeof m[f] !== "string" || m[f] === "") {
+            throw new Error(`delivery: sync message missing ${f}`);
+        }
+    }
+    if (Number.isNaN(Date.parse(m.timestamp))) {
+        throw new Error("delivery: sync message timestamp is not ISO 8601");
+    }
+    if (!Number.isInteger(m.list_version) ||
+        m.list_version < 0) {
+        throw new Error(`delivery: sync message list_version ${m.list_version} MUST be an unsigned integer`);
+    }
+    if (!Array.isArray(m.operations) || m.operations.length === 0) {
+        throw new Error("delivery: sync message operations MUST be non-empty");
+    }
+    for (let i = 0; i < m.operations.length; i++) {
+        const op = m.operations[i];
+        if (op.op !== "add" && op.op !== "remove" && op.op !== "modify") {
+            throw new Error(`delivery: sync operations[${i}] op ${JSON.stringify(op.op)} is invalid`);
+        }
+        if (op.op === "remove" && (op.entry_id === undefined || op.entry_id === "")) {
+            throw new Error(`delivery: sync operations[${i}] op=remove MUST set entry_id`);
+        }
+        if (op.op === "add" && (op.entry === undefined || op.entry === null)) {
+            throw new Error(`delivery: sync operations[${i}] op=add MUST carry entry`);
+        }
+    }
+    if (typeof m.signature?.value !== "string") {
+        throw new Error("delivery: sync message signature.value must be a string");
+    }
+    if (!opts.skipSignatureCheck && m.signature.value === "") {
+        throw new Error("delivery: sync message is unsigned");
+    }
+}
+//# sourceMappingURL=sync.js.map

package/dist/delivery/sync.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sync.js","sourceRoot":"","sources":["../../src/delivery/sync.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAmB,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAElE,qCAAqC;AACrC,MAAM,CAAC,MAAM,eAAe,GAAG,YAAY,CAAC;AAE5C,sBAAsB;AACtB,MAAM,CAAC,MAAM,kBAAkB,GAAG,OAAO,CAAC;AAE1C,6BAA6B;AAC7B,MAAM,CAAC,MAAM,QAAQ,GAAG,QAAQ,CAAC;AAEjC,4HAA4H;AAC5H,MAAM,CAAC,MAAM,iBAAiB,GAAG,aAAa,CAAC;AA0C/C;;;GAGG;AACH,MAAM,UAAU,eAAe,CAC7B,CAAc,EACd,UAAsB,EACtB,WAAmB;IAEnB,IAAI,WAAW,KAAK,EAAE,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,mBAAmB,CAAC,CAAC,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAC;IACrD,CAAC,CAAC,SAAS,CAAC,SAAS,GAAG,SAAS,CAAC;IAClC,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,WAAW,CAAC;IACjC,CAAC,CAAC,SAAS,CAAC,KAAK,GAAG,EAAE,CAAC;IACvB,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,aAAa,CAAC;QACjD,WAAW,EAAE,CAAuC;QACpD,IAAI,EAAE,UAAU;QAChB,aAAa,EAAE,iBAAiB;QAChC,MAAM,EAAE,iBAAiB;KAC1B,CAAC,CAAC;IACH,CAAC,CAAC,SAAS,CAAC,KAAK,GAAI,UAAU,CAAC,SAA+B,CAAC,KAAK,CAAC;IACtE,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,iBAAiB,CAC/B,CAAc,EACd,SAAqB;IAErB,mBAAmB,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,KAAK,EAAE,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,EAAE,EAAE,EAAE,GAAG,eAAe,CAAC;QAC7B,UAAU,EAAE,CAAuC;QACnD,SAAS,EAAE,SAAS;QACpB,aAAa,EAAE,iBAAiB;QAChC,MAAM,EAAE,iBAAiB;KAC1B,CAAC,CAAC;IACH,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,iEAAiE;AACjE,MAAM,UAAU,mBAAmB,CACjC,CAAc,EACd,OAAyC,EAAE;IAE3C,IAAI,CAAC,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CACb,+BAA+B,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,eAAe,EAAE,CACjF,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,+BAA+B,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,QAAQ,EAAE,CAC1E,CAAC;IACJ,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE,WAAW,CAAU,EAAE,CAAC;QAC1E,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC;YAC5C,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACtE,CAAC;IACD,IACE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC;QACjC,CAAC,CAAC,YAAY,GAAG,CAAC,EAClB,CAAC;QACD,MAAM,IAAI,KAAK,CACb,uCAAuC,CAAC,CAAC,YAAY,8BAA8B,CACpF,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,MAAM,EAAE,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAE,CAAC;QAC5B,IAAI,EAAE,CAAC,EAAE,KAAK,KAAK,IAAI,EAAE,CAAC,EAAE,KAAK,QAAQ,IAAI,EAAE,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;YAChE,MAAM,IAAI,KAAK,CACb,6BAA6B,CAAC,QAAQ,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAAC,aAAa,CACzE,CAAC;QACJ,CAAC;QACD,IAAI,EAAE,CAAC,EAAE,KAAK,QAAQ,IAAI,CAAC,EAAE,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,CAAC,QAAQ,KAAK,EAAE,CAAC,EAAE,CAAC;YAC5E,MAAM,IAAI,KAAK,CACb,6BAA6B,CAAC,+BAA+B,CAC9D,CAAC;QACJ,CAAC;QACD,IAAI,EAAE,CAAC,EAAE,KAAK,KAAK,IAAI,CAAC,EAAE,CAAC,KAAK,KAAK,SAAS,IAAI,EAAE,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAC;YACrE,MAAM,IAAI,KAAK,CACb,6BAA6B,CAAC,2BAA2B,CAC1D,CAAC;QACJ,CAAC;IACH,CAAC;IACD,IAAI,OAAO,CAAC,CAAC,SAAS,EAAE,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,KAAK,EAAE,EAAE,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACxD,CAAC;AACH,CAAC"}

package/dist/delivery/user_policy.d.ts ADDED Viewed

@@ -0,0 +1,74 @@
+/**
+ * SEMP_USER_POLICY wire shape + sign/verify per DELIVERY.md §7.1.
+ *
+ * Signed by the originating device's identity key under the
+ * `SEMP-USER-POLICY:` prefix; the canonical bytes are computed with
+ * `signature.value` blanked.
+ *
+ * @module
+ */
+/** Wire-level constants per §7.1. */
+export declare const UserPolicyType = "SEMP_USER_POLICY";
+export declare const UserPolicyStep = "update";
+export declare const UserPolicyVersion = "1.0.0";
+export declare const UserPolicyPrefix = "SEMP-USER-POLICY:";
+/** Policy operation verb per §7.1. The set is closed; extensibility is via new kinds. */
+export type PolicyOp = "add" | "remove" | "modify";
+/**
+ * Defined policy rule kinds per §7.3. Operators MAY define more
+ * via the §7.2 namespaced-identifier rule; the home server rejects
+ * unknown kinds with reason_code `policy_kind_unsupported` per §7.2.
+ */
+export declare const PolicyKindBlock = "semp.dev/block";
+export declare const PolicyKindAcceptedSender = "semp.dev/accepted_sender";
+export declare const PolicyKindFirstContact = "semp.dev/first_contact";
+/** One entry inside {@link UserPolicyMessage.operations} per §7.1. */
+export interface PolicyOperation {
+    op: PolicyOp;
+    kind: string;
+    /** For `remove` and `modify` references. */
+    entry_id?: string;
+    /**
+     * For `add` and `modify` carries the new entry shape. Inner shape
+     * varies by `kind`.
+     */
+    entry?: unknown;
+}
+/** Reusable signature block. */
+export interface UserPolicySignatureBlock {
+    algorithm: string;
+    key_id: string;
+    /** Base64. */
+    value: string;
+}
+/** SEMP_USER_POLICY update record per §7.1. */
+export interface UserPolicyMessage {
+    type: typeof UserPolicyType;
+    step: typeof UserPolicyStep;
+    version: string;
+    user_id: string;
+    device_id: string;
+    policy_version: number;
+    /** ISO 8601 UTC. */
+    timestamp: string;
+    operations: PolicyOperation[];
+    signature: UserPolicySignatureBlock;
+}
+/**
+ * Sign `m.signature` with the originating device's identity private
+ * key per §7.1. Mutates `m` in place. Returns the base64 signature.
+ */
+export declare function signUserPolicyMessage(m: UserPolicyMessage, devicePriv: Uint8Array, deviceKeyId: string): string;
+/** Verify `m.signature` against the originating device's identity public key. */
+export declare function verifyUserPolicyMessage(m: UserPolicyMessage, devicePub: Uint8Array): boolean;
+/**
+ * Structural validation per §7.1 + the §7.3 op-kind rules.
+ *
+ * Singleton-shaped kinds (`semp.dev/first_contact`) accept only
+ * `modify`; list-shaped kinds accept `add`, `remove`, and `modify`
+ * with the entry_id rules in §7.3.
+ */
+export declare function validateUserPolicyMessage(m: UserPolicyMessage, opts?: {
+    skipSignatureCheck?: boolean;
+}): void;
+//# sourceMappingURL=user_policy.d.ts.map

package/dist/delivery/user_policy.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user_policy.d.ts","sourceRoot":"","sources":["../../src/delivery/user_policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,qCAAqC;AACrC,eAAO,MAAM,cAAc,qBAAqB,CAAC;AACjD,eAAO,MAAM,cAAc,WAAW,CAAC;AACvC,eAAO,MAAM,iBAAiB,UAAU,CAAC;AACzC,eAAO,MAAM,gBAAgB,sBAAsB,CAAC;AAEpD,yFAAyF;AACzF,MAAM,MAAM,QAAQ,GAAG,KAAK,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEnD;;;;GAIG;AACH,eAAO,MAAM,eAAe,mBAAmB,CAAC;AAChD,eAAO,MAAM,wBAAwB,6BAA6B,CAAC;AACnE,eAAO,MAAM,sBAAsB,2BAA2B,CAAC;AAE/D,sEAAsE;AACtE,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,QAAQ,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,4CAA4C;IAC5C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;;OAGG;IACH,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,gCAAgC;AAChC,MAAM,WAAW,wBAAwB;IACvC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,cAAc;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAED,+CAA+C;AAC/C,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,OAAO,cAAc,CAAC;IAC5B,IAAI,EAAE,OAAO,cAAc,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,eAAe,EAAE,CAAC;IAC9B,SAAS,EAAE,wBAAwB,CAAC;CACrC;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CACnC,CAAC,EAAE,iBAAiB,EACpB,UAAU,EAAE,UAAU,EACtB,WAAW,EAAE,MAAM,GAClB,MAAM,CA0BR;AAED,iFAAiF;AACjF,wBAAgB,uBAAuB,CACrC,CAAC,EAAE,iBAAiB,EACpB,SAAS,EAAE,UAAU,GACpB,OAAO,CAYT;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CACvC,CAAC,EAAE,iBAAiB,EACpB,IAAI,GAAE;IAAE,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAAO,GAC1C,IAAI,CAyCN"}

package/dist/delivery/user_policy.js ADDED Viewed

@@ -0,0 +1,140 @@
+/**
+ * SEMP_USER_POLICY wire shape + sign/verify per DELIVERY.md §7.1.
+ *
+ * Signed by the originating device's identity key under the
+ * `SEMP-USER-POLICY:` prefix; the canonical bytes are computed with
+ * `signature.value` blanked.
+ *
+ * @module
+ */
+import { signSignedDoc, verifySignedDoc } from "../keys/index.js";
+/** Wire-level constants per §7.1. */
+export const UserPolicyType = "SEMP_USER_POLICY";
+export const UserPolicyStep = "update";
+export const UserPolicyVersion = "1.0.0";
+export const UserPolicyPrefix = "SEMP-USER-POLICY:";
+/**
+ * Defined policy rule kinds per §7.3. Operators MAY define more
+ * via the §7.2 namespaced-identifier rule; the home server rejects
+ * unknown kinds with reason_code `policy_kind_unsupported` per §7.2.
+ */
+export const PolicyKindBlock = "semp.dev/block";
+export const PolicyKindAcceptedSender = "semp.dev/accepted_sender";
+export const PolicyKindFirstContact = "semp.dev/first_contact";
+/**
+ * Sign `m.signature` with the originating device's identity private
+ * key per §7.1. Mutates `m` in place. Returns the base64 signature.
+ */
+export function signUserPolicyMessage(m, devicePriv, deviceKeyId) {
+    if (deviceKeyId === "") {
+        throw new Error("delivery: empty device key_id");
+    }
+    // Auto-fill discriminators for caller convenience.
+    if (m.type === "") {
+        m.type = UserPolicyType;
+    }
+    if (m.step === "") {
+        m.step = UserPolicyStep;
+    }
+    if (m.version === "") {
+        m.version = UserPolicyVersion;
+    }
+    validateUserPolicyMessage(m, { skipSignatureCheck: true });
+    m.signature.algorithm = "ed25519";
+    m.signature.key_id = deviceKeyId;
+    m.signature.value = "";
+    const { signedJSON, signatureB64 } = signSignedDoc({
+        preSignJSON: m,
+        seed: devicePriv,
+        signaturePath: "signature.value",
+        prefix: UserPolicyPrefix,
+    });
+    m.signature.value = signedJSON.signature.value;
+    return signatureB64;
+}
+/** Verify `m.signature` against the originating device's identity public key. */
+export function verifyUserPolicyMessage(m, devicePub) {
+    validateUserPolicyMessage(m);
+    if (m.signature.value === "") {
+        return false;
+    }
+    const { ok } = verifySignedDoc({
+        signedJSON: m,
+        publicKey: devicePub,
+        signaturePath: "signature.value",
+        prefix: UserPolicyPrefix,
+    });
+    return ok;
+}
+/**
+ * Structural validation per §7.1 + the §7.3 op-kind rules.
+ *
+ * Singleton-shaped kinds (`semp.dev/first_contact`) accept only
+ * `modify`; list-shaped kinds accept `add`, `remove`, and `modify`
+ * with the entry_id rules in §7.3.
+ */
+export function validateUserPolicyMessage(m, opts = {}) {
+    if (m.type !== UserPolicyType) {
+        throw new Error(`delivery: user policy type ${JSON.stringify(m.type)}, want ${UserPolicyType}`);
+    }
+    if (m.step !== UserPolicyStep) {
+        throw new Error(`delivery: user policy step ${JSON.stringify(m.step)}, want ${UserPolicyStep}`);
+    }
+    if (m.user_id === "") {
+        throw new Error("delivery: user policy missing user_id");
+    }
+    if (m.device_id === "") {
+        throw new Error("delivery: user policy missing device_id");
+    }
+    if (!Number.isInteger(m.policy_version) || m.policy_version < 1) {
+        throw new Error(`delivery: user policy policy_version ${m.policy_version} MUST be >= 1`);
+    }
+    if (typeof m.timestamp !== "string" || m.timestamp === "") {
+        throw new Error("delivery: user policy missing timestamp");
+    }
+    if (Number.isNaN(Date.parse(m.timestamp))) {
+        throw new Error("delivery: user policy timestamp is not ISO 8601");
+    }
+    if (!Array.isArray(m.operations) || m.operations.length === 0) {
+        throw new Error("delivery: user policy operations MUST be non-empty");
+    }
+    for (let i = 0; i < m.operations.length; i++) {
+        const op = m.operations[i];
+        validateOp(op, i);
+    }
+    if (typeof m.signature?.value !== "string") {
+        throw new Error("delivery: user policy signature.value must be a string");
+    }
+    if (!opts.skipSignatureCheck && m.signature.value === "") {
+        throw new Error("delivery: user policy is unsigned");
+    }
+}
+function validateOp(op, i) {
+    if (op.op !== "add" && op.op !== "remove" && op.op !== "modify") {
+        throw new Error(`delivery: user policy operations[${i}] op ${JSON.stringify(op.op)} is not in the closed set {add, remove, modify}`);
+    }
+    if (op.kind === "") {
+        throw new Error(`delivery: user policy operations[${i}] missing kind`);
+    }
+    // Singleton kinds accept only modify per §7.3.
+    if (op.kind === PolicyKindFirstContact) {
+        if (op.op !== "modify") {
+            throw new Error(`delivery: user policy operations[${i}] singleton kind ${JSON.stringify(op.kind)} accepts only modify, got ${op.op}`);
+        }
+        if (op.entry_id !== undefined && op.entry_id !== "") {
+            throw new Error(`delivery: user policy operations[${i}] singleton kind ${JSON.stringify(op.kind)} MUST NOT carry entry_id`);
+        }
+        if (op.entry === undefined || op.entry === null) {
+            throw new Error(`delivery: user policy operations[${i}] singleton kind ${JSON.stringify(op.kind)} modify MUST carry entry`);
+        }
+    }
+    // List-shaped kinds: remove/modify reference by entry_id; add
+    // supplies a new entry.
+    if (op.op === "remove" && (op.entry_id === undefined || op.entry_id === "")) {
+        throw new Error(`delivery: user policy operations[${i}] remove op MUST set entry_id`);
+    }
+    if (op.op === "add" && (op.entry === undefined || op.entry === null)) {
+        throw new Error(`delivery: user policy operations[${i}] add op MUST carry entry`);
+    }
+}
+//# sourceMappingURL=user_policy.js.map

package/dist/delivery/user_policy.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user_policy.js","sourceRoot":"","sources":["../../src/delivery/user_policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAElE,qCAAqC;AACrC,MAAM,CAAC,MAAM,cAAc,GAAG,kBAAkB,CAAC;AACjD,MAAM,CAAC,MAAM,cAAc,GAAG,QAAQ,CAAC;AACvC,MAAM,CAAC,MAAM,iBAAiB,GAAG,OAAO,CAAC;AACzC,MAAM,CAAC,MAAM,gBAAgB,GAAG,mBAAmB,CAAC;AAKpD;;;;GAIG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,gBAAgB,CAAC;AAChD,MAAM,CAAC,MAAM,wBAAwB,GAAG,0BAA0B,CAAC;AACnE,MAAM,CAAC,MAAM,sBAAsB,GAAG,wBAAwB,CAAC;AAqC/D;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CACnC,CAAoB,EACpB,UAAsB,EACtB,WAAmB;IAEnB,IAAI,WAAW,KAAK,EAAE,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,mDAAmD;IACnD,IAAK,CAAC,CAAC,IAAe,KAAK,EAAE,EAAE,CAAC;QAC9B,CAAC,CAAC,IAAI,GAAG,cAAc,CAAC;IAC1B,CAAC;IACD,IAAK,CAAC,CAAC,IAAe,KAAK,EAAE,EAAE,CAAC;QAC9B,CAAC,CAAC,IAAI,GAAG,cAAc,CAAC;IAC1B,CAAC;IACD,IAAI,CAAC,CAAC,OAAO,KAAK,EAAE,EAAE,CAAC;QACrB,CAAC,CAAC,OAAO,GAAG,iBAAiB,CAAC;IAChC,CAAC;IACD,yBAAyB,CAAC,CAAC,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3D,CAAC,CAAC,SAAS,CAAC,SAAS,GAAG,SAAS,CAAC;IAClC,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,WAAW,CAAC;IACjC,CAAC,CAAC,SAAS,CAAC,KAAK,GAAG,EAAE,CAAC;IACvB,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,aAAa,CAAC;QACjD,WAAW,EAAE,CAAuC;QACpD,IAAI,EAAE,UAAU;QAChB,aAAa,EAAE,iBAAiB;QAChC,MAAM,EAAE,gBAAgB;KACzB,CAAC,CAAC;IACH,CAAC,CAAC,SAAS,CAAC,KAAK,GAAI,UAAU,CAAC,SAA+B,CAAC,KAAK,CAAC;IACtE,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,uBAAuB,CACrC,CAAoB,EACpB,SAAqB;IAErB,yBAAyB,CAAC,CAAC,CAAC,CAAC;IAC7B,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,KAAK,EAAE,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,EAAE,EAAE,EAAE,GAAG,eAAe,CAAC;QAC7B,UAAU,EAAE,CAAuC;QACnD,SAAS,EAAE,SAAS;QACpB,aAAa,EAAE,iBAAiB;QAChC,MAAM,EAAE,gBAAgB;KACzB,CAAC,CAAC;IACH,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,yBAAyB,CACvC,CAAoB,EACpB,OAAyC,EAAE;IAE3C,IAAI,CAAC,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,8BAA8B,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,cAAc,EAAE,CAC/E,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,8BAA8B,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,cAAc,EAAE,CAC/E,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,CAAC,OAAO,KAAK,EAAE,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IACD,IAAI,CAAC,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CACb,wCAAwC,CAAC,CAAC,cAAc,eAAe,CACxE,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IACxE,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,MAAM,EAAE,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAE,CAAC;QAC5B,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACpB,CAAC;IACD,IAAI,OAAO,CAAC,CAAC,SAAS,EAAE,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;IAC5E,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,KAAK,EAAE,EAAE,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,EAAmB,EAAE,CAAS;IAChD,IAAI,EAAE,CAAC,EAAE,KAAK,KAAK,IAAI,EAAE,CAAC,EAAE,KAAK,QAAQ,IAAI,EAAE,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CACb,oCAAoC,CAAC,QAAQ,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAAC,iDAAiD,CACpH,CAAC;IACJ,CAAC;IACD,IAAI,EAAE,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,gBAAgB,CAAC,CAAC;IACzE,CAAC;IACD,+CAA+C;IAC/C,IAAI,EAAE,CAAC,IAAI,KAAK,sBAAsB,EAAE,CAAC;QACvC,IAAI,EAAE,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CACb,oCAAoC,CAAC,oBAAoB,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,CAAC,6BAA6B,EAAE,CAAC,EAAE,EAAE,CACrH,CAAC;QACJ,CAAC;QACD,IAAI,EAAE,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,CAAC,QAAQ,KAAK,EAAE,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CACb,oCAAoC,CAAC,oBAAoB,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,CAAC,0BAA0B,CAC3G,CAAC;QACJ,CAAC;QACD,IAAI,EAAE,CAAC,KAAK,KAAK,SAAS,IAAI,EAAE,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;YAChD,MAAM,IAAI,KAAK,CACb,oCAAoC,CAAC,oBAAoB,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,CAAC,0BAA0B,CAC3G,CAAC;QACJ,CAAC;IACH,CAAC;IACD,8DAA8D;IAC9D,wBAAwB;IACxB,IAAI,EAAE,CAAC,EAAE,KAAK,QAAQ,IAAI,CAAC,EAAE,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,CAAC,QAAQ,KAAK,EAAE,CAAC,EAAE,CAAC;QAC5E,MAAM,IAAI,KAAK,CACb,oCAAoC,CAAC,+BAA+B,CACrE,CAAC;IACJ,CAAC;IACD,IAAI,EAAE,CAAC,EAAE,KAAK,KAAK,IAAI,CAAC,EAAE,CAAC,KAAK,KAAK,SAAS,IAAI,EAAE,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAC;QACrE,MAAM,IAAI,KAAK,CACb,oCAAoC,CAAC,2BAA2B,CACjE,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/discovery/cache.d.ts ADDED Viewed

@@ -0,0 +1,37 @@
+/**
+ * Discovery result cache per DISCOVERY.md §6.1 + §7.3.
+ *
+ * Resolvers consult the cache before any DNS / HTTPS lookup and
+ * write fresh results back with the TTL declared by the source.
+ * Implementations MUST respect TTLs, invalidate entries on
+ * delivery failure, and encrypt cached results at rest where
+ * feasible (the in-memory reference does NOT encrypt; production
+ * deployments wrap a durable encrypted backend).
+ *
+ * @module
+ */
+/** Default TTLs when the source declines to declare one. */
+export declare const DefaultTTLSEMPMs: number;
+export declare const DefaultTTLLegacyMs: number;
+export declare const DefaultTTLNotFoundMs: number;
+/**
+ * Discovery result cache interface.
+ *
+ * Keys are normalized by the cache implementation (lowercased) so
+ * that case-equivalent addresses share an entry.
+ */
+export interface DiscoveryCache<T> {
+    get(address: string): Promise<T | null>;
+    put(address: string, value: T, ttlMs: number): Promise<void>;
+    invalidate(address: string): Promise<void>;
+}
+/** Reference in-memory {@link DiscoveryCache}. Single-process only. */
+export declare class InMemoryDiscoveryCache<T> implements DiscoveryCache<T> {
+    private readonly entries;
+    private readonly nowFn;
+    constructor(nowFn?: () => Date);
+    get(address: string): Promise<T | null>;
+    put(address: string, value: T, ttlMs: number): Promise<void>;
+    invalidate(address: string): Promise<void>;
+}
+//# sourceMappingURL=cache.d.ts.map

package/dist/discovery/cache.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cache.d.ts","sourceRoot":"","sources":["../../src/discovery/cache.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,4DAA4D;AAC5D,eAAO,MAAM,gBAAgB,QAAiB,CAAC;AAC/C,eAAO,MAAM,kBAAkB,QAAsB,CAAC;AACtD,eAAO,MAAM,oBAAoB,QAAiB,CAAC;AAEnD;;;;;GAKG;AACH,MAAM,WAAW,cAAc,CAAC,CAAC;IAC/B,GAAG,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACxC,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7D,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC5C;AAED,uEAAuE;AACvE,qBAAa,sBAAsB,CAAC,CAAC,CAAE,YAAW,cAAc,CAAC,CAAC,CAAC;IACjE,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAsD;IAC9E,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAa;gBAEvB,KAAK,GAAE,MAAM,IAAuB;IAI1C,GAAG,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAavC,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM5D,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGjD"}

package/dist/discovery/cache.js ADDED Viewed

@@ -0,0 +1,45 @@
+/**
+ * Discovery result cache per DISCOVERY.md §6.1 + §7.3.
+ *
+ * Resolvers consult the cache before any DNS / HTTPS lookup and
+ * write fresh results back with the TTL declared by the source.
+ * Implementations MUST respect TTLs, invalidate entries on
+ * delivery failure, and encrypt cached results at rest where
+ * feasible (the in-memory reference does NOT encrypt; production
+ * deployments wrap a durable encrypted backend).
+ *
+ * @module
+ */
+/** Default TTLs when the source declines to declare one. */
+export const DefaultTTLSEMPMs = 60 * 60 * 1000; // 1 hour
+export const DefaultTTLLegacyMs = 24 * 60 * 60 * 1000; // 24 hours
+export const DefaultTTLNotFoundMs = 60 * 60 * 1000; // 1 hour
+/** Reference in-memory {@link DiscoveryCache}. Single-process only. */
+export class InMemoryDiscoveryCache {
+    entries = new Map();
+    nowFn;
+    constructor(nowFn = () => new Date()) {
+        this.nowFn = nowFn;
+    }
+    async get(address) {
+        const k = address.toLowerCase();
+        const entry = this.entries.get(k);
+        if (entry === undefined) {
+            return null;
+        }
+        if (entry.expiresAt > 0 && this.nowFn().getTime() > entry.expiresAt) {
+            this.entries.delete(k);
+            return null;
+        }
+        return entry.value;
+    }
+    async put(address, value, ttlMs) {
+        const k = address.toLowerCase();
+        const expiresAt = ttlMs > 0 ? this.nowFn().getTime() + ttlMs : 0;
+        this.entries.set(k, { value, expiresAt });
+    }
+    async invalidate(address) {
+        this.entries.delete(address.toLowerCase());
+    }
+}
+//# sourceMappingURL=cache.js.map

package/dist/discovery/cache.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/discovery/cache.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,4DAA4D;AAC5D,MAAM,CAAC,MAAM,gBAAgB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,SAAS;AACzD,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW;AAClE,MAAM,CAAC,MAAM,oBAAoB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,SAAS;AAc7D,uEAAuE;AACvE,MAAM,OAAO,sBAAsB;IAChB,OAAO,GAAG,IAAI,GAAG,EAA2C,CAAC;IAC7D,KAAK,CAAa;IAEnC,YAAY,QAAoB,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE;QAC9C,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe;QACvB,MAAM,CAAC,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAClC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,IAAI,KAAK,CAAC,SAAS,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YACpE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC,KAAK,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe,EAAE,KAAQ,EAAE,KAAa;QAChD,MAAM,CAAC,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;QAChC,MAAM,SAAS,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACjE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,OAAe;QAC9B,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7C,CAAC;CACF"}

package/dist/discovery/configuration.d.ts ADDED Viewed

@@ -0,0 +1,97 @@
+/**
+ * Well-known configuration document parsing per DISCOVERY.md §3.1.
+ *
+ * The bootstrapping path `/.well-known/semp/configuration` returns a
+ * JSON document that describes a server's capabilities, transport
+ * endpoints, API endpoints, and supported extensions. This module
+ * provides a typed shape and a validator that enforces the §3.2
+ * "fixed by the protocol" rules:
+ *
+ *  - `type` MUST be `"SEMP_CONFIGURATION"`
+ *  - `endpoints.client` and `endpoints.federation` MUST each contain
+ *    at least an `h2` entry
+ *  - `endpoints.register`, `endpoints.keys`, `endpoints.domain_keys`
+ *    MUST be present
+ *  - `suites` MUST contain at least `x25519-chacha20-poly1305`
+ *  - `limits.max_envelope_size` MUST be present
+ *
+ * Unknown fields are preserved on the typed object via the
+ * index signature so callers can read forward-compatible additions
+ * without requiring a parser update.
+ *
+ * @module
+ */
+/** Canonical well-known path. Fixed by the protocol per §3. */
+export declare const WellKnownPath = "/.well-known/semp/configuration";
+/** Document `type` discriminator. */
+export declare const ConfigurationType = "SEMP_CONFIGURATION";
+/**
+ * Maximum byte size accepted for a fetched well-known body. 64 KiB
+ * is large enough for any reasonable configuration (including rich
+ * extension maps) without letting a hostile server feed us
+ * gigabytes.
+ */
+export declare const WellKnownMaxBytes: number;
+/** Endpoint group: transport-identifier → URL. */
+export type TransportEndpoints = Record<string, string>;
+/** Endpoints object per §3.1.1. */
+export interface ConfigEndpoints {
+    client: TransportEndpoints;
+    federation: TransportEndpoints;
+    register: string;
+    device_register?: string;
+    blocklist?: string;
+    keys: string;
+    domain_keys: string;
+    reputation?: string;
+    reputation_references?: string;
+    verify?: string;
+    reputation_transfer?: string;
+    backup?: string;
+    migration?: string;
+    transparency_log?: string;
+    attachment_storage?: string;
+    /** Forward-compatible: any unknown endpoint URL keys land here. */
+    [key: string]: string | TransportEndpoints | undefined;
+}
+/** Operational limits per §3.1.3. */
+export interface ConfigLimits {
+    max_envelope_size: number;
+    /** Future limits land here without requiring a parser update. */
+    [key: string]: number | undefined;
+}
+/** Extension declaration per §3.1.4. */
+export interface ConfigExtension {
+    id: string;
+    required: boolean;
+}
+/** Parsed well-known configuration document. */
+export interface Configuration {
+    type: typeof ConfigurationType;
+    version: string;
+    domain: string;
+    revision: number;
+    ttl_seconds: number;
+    endpoints: ConfigEndpoints;
+    suites: string[];
+    limits: ConfigLimits;
+    extensions?: ConfigExtension[];
+    /** Forward-compatible: unknown top-level fields preserved here. */
+    [key: string]: unknown;
+}
+/**
+ * Validate and narrow a parsed JSON value into a {@link Configuration}.
+ * Throws with a descriptive message on the first protocol violation.
+ *
+ * The validator enforces the §3.2 mandatory-fixed rules (h2 baseline,
+ * x25519 baseline, max_envelope_size present) but is permissive about
+ * unknown fields per §3.1 ("Implementations MUST ignore unknown
+ * fields rather than failing").
+ */
+export declare function parseConfiguration(value: unknown): Configuration;
+export declare function isRecord(v: unknown): v is Record<string, unknown>;
+export declare function requireString(obj: Record<string, unknown>, key: string): string;
+export declare function requireInt(obj: Record<string, unknown>, key: string): number;
+export declare function requireObject(obj: Record<string, unknown>, key: string): Record<string, unknown>;
+export declare function requireStringArray(obj: Record<string, unknown>, key: string): string[];
+//# sourceMappingURL=configuration.d.ts.map

package/dist/discovery/configuration.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"configuration.d.ts","sourceRoot":"","sources":["../../src/discovery/configuration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,+DAA+D;AAC/D,eAAO,MAAM,aAAa,oCAAoC,CAAC;AAE/D,qCAAqC;AACrC,eAAO,MAAM,iBAAiB,uBAAuB,CAAC;AAEtD;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB,QAAY,CAAC;AAE3C,kDAAkD;AAClD,MAAM,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAExD,mCAAmC;AACnC,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,kBAAkB,CAAC;IAC3B,UAAU,EAAE,kBAAkB,CAAC;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,mEAAmE;IACnE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,kBAAkB,GAAG,SAAS,CAAC;CACxD;AAED,qCAAqC;AACrC,MAAM,WAAW,YAAY;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iEAAiE;IACjE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC;AAED,wCAAwC;AACxC,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,gDAAgD;AAChD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,OAAO,iBAAiB,CAAC;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,eAAe,CAAC;IAC3B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,MAAM,EAAE,YAAY,CAAC;IACrB,UAAU,CAAC,EAAE,eAAe,EAAE,CAAC;IAC/B,mEAAmE;IACnE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,aAAa,CAyDhE;AAKD,wBAAgB,QAAQ,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEjE;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAM/E;AAED,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAM5E;AAED,wBAAgB,aAAa,CAC3B,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC5B,GAAG,EAAE,MAAM,GACV,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAMzB;AAED,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC5B,GAAG,EAAE,MAAM,GACV,MAAM,EAAE,CAWV"}