npm - @sempdev/semp - Versions diffs - 0.4.3 - Mend

@sempdev/semp 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (559) hide show

package/LICENSE +21 -0
package/README.md +59 -0
package/dist/brief/address.d.ts +77 -0
package/dist/brief/address.d.ts.map +1 -0
package/dist/brief/address.js +217 -0
package/dist/brief/address.js.map +1 -0
package/dist/brief/brief.d.ts +75 -0
package/dist/brief/brief.d.ts.map +1 -0
package/dist/brief/brief.js +56 -0
package/dist/brief/brief.js.map +1 -0
package/dist/brief/index.d.ts +11 -0
package/dist/brief/index.d.ts.map +1 -0
package/dist/brief/index.js +11 -0
package/dist/brief/index.js.map +1 -0
package/dist/canonical/index.d.ts +8 -0
package/dist/canonical/index.d.ts.map +1 -0
package/dist/canonical/index.js +8 -0
package/dist/canonical/index.js.map +1 -0
package/dist/canonical/marshal.d.ts +35 -0
package/dist/canonical/marshal.d.ts.map +1 -0
package/dist/canonical/marshal.js +107 -0
package/dist/canonical/marshal.js.map +1 -0
package/dist/clockskew/index.d.ts +52 -0
package/dist/clockskew/index.d.ts.map +1 -0
package/dist/clockskew/index.js +62 -0
package/dist/clockskew/index.js.map +1 -0
package/dist/closure/closure.d.ts +106 -0
package/dist/closure/closure.d.ts.map +1 -0
package/dist/closure/closure.js +152 -0
package/dist/closure/closure.js.map +1 -0
package/dist/closure/driver.d.ts +103 -0
package/dist/closure/driver.d.ts.map +1 -0
package/dist/closure/driver.js +126 -0
package/dist/closure/driver.js.map +1 -0
package/dist/closure/index.d.ts +13 -0
package/dist/closure/index.d.ts.map +1 -0
package/dist/closure/index.js +13 -0
package/dist/closure/index.js.map +1 -0
package/dist/closure/store.d.ts +80 -0
package/dist/closure/store.d.ts.map +1 -0
package/dist/closure/store.js +89 -0
package/dist/closure/store.js.map +1 -0
package/dist/crypto/aead.d.ts +29 -0
package/dist/crypto/aead.d.ts.map +1 -0
package/dist/crypto/aead.js +48 -0
package/dist/crypto/aead.js.map +1 -0
package/dist/crypto/argon2.d.ts +20 -0
package/dist/crypto/argon2.d.ts.map +1 -0
package/dist/crypto/argon2.js +28 -0
package/dist/crypto/argon2.js.map +1 -0
package/dist/crypto/index.d.ts +14 -0
package/dist/crypto/index.d.ts.map +1 -0
package/dist/crypto/index.js +14 -0
package/dist/crypto/index.js.map +1 -0
package/dist/crypto/kdf.d.ts +96 -0
package/dist/crypto/kdf.d.ts.map +1 -0
package/dist/crypto/kdf.js +122 -0
package/dist/crypto/kdf.js.map +1 -0
package/dist/crypto/kem.d.ts +85 -0
package/dist/crypto/kem.d.ts.map +1 -0
package/dist/crypto/kem.js +130 -0
package/dist/crypto/kem.js.map +1 -0
package/dist/crypto/mac.d.ts +19 -0
package/dist/crypto/mac.d.ts.map +1 -0
package/dist/crypto/mac.js +32 -0
package/dist/crypto/mac.js.map +1 -0
package/dist/delivery/ack.d.ts +125 -0
package/dist/delivery/ack.d.ts.map +1 -0
package/dist/delivery/ack.js +141 -0
package/dist/delivery/ack.js.map +1 -0
package/dist/delivery/blocklist.d.ts +87 -0
package/dist/delivery/blocklist.d.ts.map +1 -0
package/dist/delivery/blocklist.js +107 -0
package/dist/delivery/blocklist.js.map +1 -0
package/dist/delivery/cancel.d.ts +60 -0
package/dist/delivery/cancel.d.ts.map +1 -0
package/dist/delivery/cancel.js +43 -0
package/dist/delivery/cancel.js.map +1 -0
package/dist/delivery/disposition.d.ts +106 -0
package/dist/delivery/disposition.d.ts.map +1 -0
package/dist/delivery/disposition.js +105 -0
package/dist/delivery/disposition.js.map +1 -0
package/dist/delivery/fetch.d.ts +59 -0
package/dist/delivery/fetch.d.ts.map +1 -0
package/dist/delivery/fetch.js +47 -0
package/dist/delivery/fetch.js.map +1 -0
package/dist/delivery/forwarder.d.ts +106 -0
package/dist/delivery/forwarder.d.ts.map +1 -0
package/dist/delivery/forwarder.js +251 -0
package/dist/delivery/forwarder.js.map +1 -0
package/dist/delivery/inbox.d.ts +42 -0
package/dist/delivery/inbox.d.ts.map +1 -0
package/dist/delivery/inbox.js +68 -0
package/dist/delivery/inbox.js.map +1 -0
package/dist/delivery/index.d.ts +31 -0
package/dist/delivery/index.d.ts.map +1 -0
package/dist/delivery/index.js +31 -0
package/dist/delivery/index.js.map +1 -0
package/dist/delivery/internalroute.d.ts +50 -0
package/dist/delivery/internalroute.d.ts.map +1 -0
package/dist/delivery/internalroute.js +23 -0
package/dist/delivery/internalroute.js.map +1 -0
package/dist/delivery/pipeline.d.ts +153 -0
package/dist/delivery/pipeline.d.ts.map +1 -0
package/dist/delivery/pipeline.js +356 -0
package/dist/delivery/pipeline.js.map +1 -0
package/dist/delivery/policy_state.d.ts +105 -0
package/dist/delivery/policy_state.d.ts.map +1 -0
package/dist/delivery/policy_state.js +293 -0
package/dist/delivery/policy_state.js.map +1 -0
package/dist/delivery/queue.d.ts +47 -0
package/dist/delivery/queue.d.ts.map +1 -0
package/dist/delivery/queue.js +33 -0
package/dist/delivery/queue.js.map +1 -0
package/dist/delivery/receipt.d.ts +137 -0
package/dist/delivery/receipt.d.ts.map +1 -0
package/dist/delivery/receipt.js +181 -0
package/dist/delivery/receipt.js.map +1 -0
package/dist/delivery/receipt_store.d.ts +81 -0
package/dist/delivery/receipt_store.d.ts.map +1 -0
package/dist/delivery/receipt_store.js +74 -0
package/dist/delivery/receipt_store.js.map +1 -0
package/dist/delivery/retry.d.ts +78 -0
package/dist/delivery/retry.d.ts.map +1 -0
package/dist/delivery/retry.js +132 -0
package/dist/delivery/retry.js.map +1 -0
package/dist/delivery/scheduler.d.ts +156 -0
package/dist/delivery/scheduler.d.ts.map +1 -0
package/dist/delivery/scheduler.js +349 -0
package/dist/delivery/scheduler.js.map +1 -0
package/dist/delivery/stage_partition.d.ts +87 -0
package/dist/delivery/stage_partition.d.ts.map +1 -0
package/dist/delivery/stage_partition.js +122 -0
package/dist/delivery/stage_partition.js.map +1 -0
package/dist/delivery/staged_runner.d.ts +100 -0
package/dist/delivery/staged_runner.d.ts.map +1 -0
package/dist/delivery/staged_runner.js +277 -0
package/dist/delivery/staged_runner.js.map +1 -0
package/dist/delivery/submission.d.ts +72 -0
package/dist/delivery/submission.d.ts.map +1 -0
package/dist/delivery/submission.js +58 -0
package/dist/delivery/submission.js.map +1 -0
package/dist/delivery/sync.d.ts +68 -0
package/dist/delivery/sync.d.ts.map +1 -0
package/dist/delivery/sync.js +99 -0
package/dist/delivery/sync.js.map +1 -0
package/dist/delivery/user_policy.d.ts +74 -0
package/dist/delivery/user_policy.d.ts.map +1 -0
package/dist/delivery/user_policy.js +140 -0
package/dist/delivery/user_policy.js.map +1 -0
package/dist/discovery/cache.d.ts +37 -0
package/dist/discovery/cache.d.ts.map +1 -0
package/dist/discovery/cache.js +45 -0
package/dist/discovery/cache.js.map +1 -0
package/dist/discovery/configuration.d.ts +97 -0
package/dist/discovery/configuration.d.ts.map +1 -0
package/dist/discovery/configuration.js +146 -0
package/dist/discovery/configuration.js.map +1 -0
package/dist/discovery/dns.d.ts +56 -0
package/dist/discovery/dns.d.ts.map +1 -0
package/dist/discovery/dns.js +120 -0
package/dist/discovery/dns.js.map +1 -0
package/dist/discovery/domain_keys.d.ts +62 -0
package/dist/discovery/domain_keys.d.ts.map +1 -0
package/dist/discovery/domain_keys.js +89 -0
package/dist/discovery/domain_keys.js.map +1 -0
package/dist/discovery/index.d.ts +19 -0
package/dist/discovery/index.d.ts.map +1 -0
package/dist/discovery/index.js +19 -0
package/dist/discovery/index.js.map +1 -0
package/dist/discovery/lookup.d.ts +72 -0
package/dist/discovery/lookup.d.ts.map +1 -0
package/dist/discovery/lookup.js +121 -0
package/dist/discovery/lookup.js.map +1 -0
package/dist/discovery/onion.d.ts +34 -0
package/dist/discovery/onion.d.ts.map +1 -0
package/dist/discovery/onion.js +61 -0
package/dist/discovery/onion.js.map +1 -0
package/dist/discovery/partition.d.ts +96 -0
package/dist/discovery/partition.d.ts.map +1 -0
package/dist/discovery/partition.js +247 -0
package/dist/discovery/partition.js.map +1 -0
package/dist/discovery/resolver.d.ts +113 -0
package/dist/discovery/resolver.d.ts.map +1 -0
package/dist/discovery/resolver.js +176 -0
package/dist/discovery/resolver.js.map +1 -0
package/dist/discovery/txt.d.ts +39 -0
package/dist/discovery/txt.d.ts.map +1 -0
package/dist/discovery/txt.js +71 -0
package/dist/discovery/txt.js.map +1 -0
package/dist/enclosure/forwarding.d.ts +128 -0
package/dist/enclosure/forwarding.d.ts.map +1 -0
package/dist/enclosure/forwarding.js +119 -0
package/dist/enclosure/forwarding.js.map +1 -0
package/dist/enclosure/index.d.ts +11 -0
package/dist/enclosure/index.d.ts.map +1 -0
package/dist/enclosure/index.js +11 -0
package/dist/enclosure/index.js.map +1 -0
package/dist/envelope/buckets.d.ts +38 -0
package/dist/envelope/buckets.d.ts.map +1 -0
package/dist/envelope/buckets.js +73 -0
package/dist/envelope/buckets.js.map +1 -0
package/dist/envelope/canonical.d.ts +28 -0
package/dist/envelope/canonical.d.ts.map +1 -0
package/dist/envelope/canonical.js +54 -0
package/dist/envelope/canonical.js.map +1 -0
package/dist/envelope/compose.d.ts +171 -0
package/dist/envelope/compose.d.ts.map +1 -0
package/dist/envelope/compose.js +237 -0
package/dist/envelope/compose.js.map +1 -0
package/dist/envelope/encode.d.ts +41 -0
package/dist/envelope/encode.d.ts.map +1 -0
package/dist/envelope/encode.js +69 -0
package/dist/envelope/encode.js.map +1 -0
package/dist/envelope/index.d.ts +20 -0
package/dist/envelope/index.d.ts.map +1 -0
package/dist/envelope/index.js +20 -0
package/dist/envelope/index.js.map +1 -0
package/dist/envelope/open_any.d.ts +48 -0
package/dist/envelope/open_any.d.ts.map +1 -0
package/dist/envelope/open_any.js +81 -0
package/dist/envelope/open_any.js.map +1 -0
package/dist/envelope/open_verified.d.ts +59 -0
package/dist/envelope/open_verified.d.ts.map +1 -0
package/dist/envelope/open_verified.js +67 -0
package/dist/envelope/open_verified.js.map +1 -0
package/dist/envelope/padding.d.ts +55 -0
package/dist/envelope/padding.d.ts.map +1 -0
package/dist/envelope/padding.js +162 -0
package/dist/envelope/padding.js.map +1 -0
package/dist/envelope/rejection.d.ts +22 -0
package/dist/envelope/rejection.d.ts.map +1 -0
package/dist/envelope/rejection.js +30 -0
package/dist/envelope/rejection.js.map +1 -0
package/dist/envelope/sendtime.d.ts +49 -0
package/dist/envelope/sendtime.d.ts.map +1 -0
package/dist/envelope/sendtime.js +87 -0
package/dist/envelope/sendtime.js.map +1 -0
package/dist/envelope/verify.d.ts +29 -0
package/dist/envelope/verify.d.ts.map +1 -0
package/dist/envelope/verify.js +90 -0
package/dist/envelope/verify.js.map +1 -0
package/dist/extensions/index.d.ts +7 -0
package/dist/extensions/index.d.ts.map +1 -0
package/dist/extensions/index.js +7 -0
package/dist/extensions/index.js.map +1 -0
package/dist/extensions/limits.d.ts +101 -0
package/dist/extensions/limits.d.ts.map +1 -0
package/dist/extensions/limits.js +175 -0
package/dist/extensions/limits.js.map +1 -0
package/dist/handshake/abort.d.ts +49 -0
package/dist/handshake/abort.d.ts.map +1 -0
package/dist/handshake/abort.js +82 -0
package/dist/handshake/abort.js.map +1 -0
package/dist/handshake/capabilities.d.ts +46 -0
package/dist/handshake/capabilities.d.ts.map +1 -0
package/dist/handshake/capabilities.js +114 -0
package/dist/handshake/capabilities.js.map +1 -0
package/dist/handshake/client_state.d.ts +186 -0
package/dist/handshake/client_state.d.ts.map +1 -0
package/dist/handshake/client_state.js +520 -0
package/dist/handshake/client_state.js.map +1 -0
package/dist/handshake/confirm.d.ts +21 -0
package/dist/handshake/confirm.d.ts.map +1 -0
package/dist/handshake/confirm.js +27 -0
package/dist/handshake/confirm.js.map +1 -0
package/dist/handshake/driver.d.ts +126 -0
package/dist/handshake/driver.d.ts.map +1 -0
package/dist/handshake/driver.js +251 -0
package/dist/handshake/driver.js.map +1 -0
package/dist/handshake/federation.d.ts +365 -0
package/dist/handshake/federation.d.ts.map +1 -0
package/dist/handshake/federation.js +664 -0
package/dist/handshake/federation.js.map +1 -0
package/dist/handshake/first_contact.d.ts +57 -0
package/dist/handshake/first_contact.d.ts.map +1 -0
package/dist/handshake/first_contact.js +124 -0
package/dist/handshake/first_contact.js.map +1 -0
package/dist/handshake/identity.d.ts +101 -0
package/dist/handshake/identity.d.ts.map +1 -0
package/dist/handshake/identity.js +117 -0
package/dist/handshake/identity.js.map +1 -0
package/dist/handshake/index.d.ts +21 -0
package/dist/handshake/index.d.ts.map +1 -0
package/dist/handshake/index.js +21 -0
package/dist/handshake/index.js.map +1 -0
package/dist/handshake/messages.d.ts +176 -0
package/dist/handshake/messages.d.ts.map +1 -0
package/dist/handshake/messages.js +125 -0
package/dist/handshake/messages.js.map +1 -0
package/dist/handshake/pow.d.ts +53 -0
package/dist/handshake/pow.d.ts.map +1 -0
package/dist/handshake/pow.js +142 -0
package/dist/handshake/pow.js.map +1 -0
package/dist/handshake/resume_driver.d.ts +56 -0
package/dist/handshake/resume_driver.d.ts.map +1 -0
package/dist/handshake/resume_driver.js +75 -0
package/dist/handshake/resume_driver.js.map +1 -0
package/dist/handshake/server.d.ts +112 -0
package/dist/handshake/server.d.ts.map +1 -0
package/dist/handshake/server.js +247 -0
package/dist/handshake/server.js.map +1 -0
package/dist/handshake/server_state.d.ts +102 -0
package/dist/handshake/server_state.d.ts.map +1 -0
package/dist/handshake/server_state.js +278 -0
package/dist/handshake/server_state.js.map +1 -0
package/dist/index.d.ts +33 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +33 -0
package/dist/index.js.map +1 -0
package/dist/keys/compromise.d.ts +118 -0
package/dist/keys/compromise.d.ts.map +1 -0
package/dist/keys/compromise.js +218 -0
package/dist/keys/compromise.js.map +1 -0
package/dist/keys/device_certificate.d.ts +166 -0
package/dist/keys/device_certificate.d.ts.map +1 -0
package/dist/keys/device_certificate.js +328 -0
package/dist/keys/device_certificate.js.map +1 -0
package/dist/keys/device_records.d.ts +175 -0
package/dist/keys/device_records.d.ts.map +1 -0
package/dist/keys/device_records.js +418 -0
package/dist/keys/device_records.js.map +1 -0
package/dist/keys/directory_cache.d.ts +64 -0
package/dist/keys/directory_cache.d.ts.map +1 -0
package/dist/keys/directory_cache.js +98 -0
package/dist/keys/directory_cache.js.map +1 -0
package/dist/keys/directory_state.d.ts +79 -0
package/dist/keys/directory_state.d.ts.map +1 -0
package/dist/keys/directory_state.js +155 -0
package/dist/keys/directory_state.js.map +1 -0
package/dist/keys/index.d.ts +18 -0
package/dist/keys/index.d.ts.map +1 -0
package/dist/keys/index.js +18 -0
package/dist/keys/index.js.map +1 -0
package/dist/keys/key_revocation.d.ts +61 -0
package/dist/keys/key_revocation.d.ts.map +1 -0
package/dist/keys/key_revocation.js +88 -0
package/dist/keys/key_revocation.js.map +1 -0
package/dist/keys/request.d.ts +124 -0
package/dist/keys/request.d.ts.map +1 -0
package/dist/keys/request.js +130 -0
package/dist/keys/request.js.map +1 -0
package/dist/keys/sign.d.ts +49 -0
package/dist/keys/sign.d.ts.map +1 -0
package/dist/keys/sign.js +80 -0
package/dist/keys/sign.js.map +1 -0
package/dist/keys/signed.d.ts +80 -0
package/dist/keys/signed.d.ts.map +1 -0
package/dist/keys/signed.js +138 -0
package/dist/keys/signed.js.map +1 -0
package/dist/keys/store.d.ts +138 -0
package/dist/keys/store.d.ts.map +1 -0
package/dist/keys/store.js +107 -0
package/dist/keys/store.js.map +1 -0
package/dist/largeattachment/crypto.d.ts +47 -0
package/dist/largeattachment/crypto.d.ts.map +1 -0
package/dist/largeattachment/crypto.js +235 -0
package/dist/largeattachment/crypto.js.map +1 -0
package/dist/largeattachment/enclosure.d.ts +48 -0
package/dist/largeattachment/enclosure.d.ts.map +1 -0
package/dist/largeattachment/enclosure.js +102 -0
package/dist/largeattachment/enclosure.js.map +1 -0
package/dist/largeattachment/index.d.ts +15 -0
package/dist/largeattachment/index.d.ts.map +1 -0
package/dist/largeattachment/index.js +15 -0
package/dist/largeattachment/index.js.map +1 -0
package/dist/largeattachment/store.d.ts +36 -0
package/dist/largeattachment/store.d.ts.map +1 -0
package/dist/largeattachment/store.js +37 -0
package/dist/largeattachment/store.js.map +1 -0
package/dist/largeattachment/types.d.ts +56 -0
package/dist/largeattachment/types.d.ts.map +1 -0
package/dist/largeattachment/types.js +31 -0
package/dist/largeattachment/types.js.map +1 -0
package/dist/largeattachment/upload.d.ts +62 -0
package/dist/largeattachment/upload.d.ts.map +1 -0
package/dist/largeattachment/upload.js +166 -0
package/dist/largeattachment/upload.js.map +1 -0
package/dist/migration/index.d.ts +17 -0
package/dist/migration/index.d.ts.map +1 -0
package/dist/migration/index.js +17 -0
package/dist/migration/index.js.map +1 -0
package/dist/migration/lockout.d.ts +48 -0
package/dist/migration/lockout.d.ts.map +1 -0
package/dist/migration/lockout.js +57 -0
package/dist/migration/lockout.js.map +1 -0
package/dist/migration/migration.d.ts +48 -0
package/dist/migration/migration.d.ts.map +1 -0
package/dist/migration/migration.js +58 -0
package/dist/migration/migration.js.map +1 -0
package/dist/migration/notice.d.ts +33 -0
package/dist/migration/notice.d.ts.map +1 -0
package/dist/migration/notice.js +85 -0
package/dist/migration/notice.js.map +1 -0
package/dist/migration/orchestrate.d.ts +109 -0
package/dist/migration/orchestrate.d.ts.map +1 -0
package/dist/migration/orchestrate.js +212 -0
package/dist/migration/orchestrate.js.map +1 -0
package/dist/migration/publication_store.d.ts +34 -0
package/dist/migration/publication_store.d.ts.map +1 -0
package/dist/migration/publication_store.js +44 -0
package/dist/migration/publication_store.js.map +1 -0
package/dist/migration/sign.d.ts +65 -0
package/dist/migration/sign.d.ts.map +1 -0
package/dist/migration/sign.js +331 -0
package/dist/migration/sign.js.map +1 -0
package/dist/migration/types.d.ts +92 -0
package/dist/migration/types.d.ts.map +1 -0
package/dist/migration/types.js +26 -0
package/dist/migration/types.js.map +1 -0
package/dist/reasoncodes.d.ts +42 -0
package/dist/reasoncodes.d.ts.map +1 -0
package/dist/reasoncodes.js +80 -0
package/dist/reasoncodes.js.map +1 -0
package/dist/recovery/bundle.d.ts +34 -0
package/dist/recovery/bundle.d.ts.map +1 -0
package/dist/recovery/bundle.js +144 -0
package/dist/recovery/bundle.js.map +1 -0
package/dist/recovery/bundle_crypto.d.ts +60 -0
package/dist/recovery/bundle_crypto.d.ts.map +1 -0
package/dist/recovery/bundle_crypto.js +179 -0
package/dist/recovery/bundle_crypto.js.map +1 -0
package/dist/recovery/bundle_store.d.ts +57 -0
package/dist/recovery/bundle_store.d.ts.map +1 -0
package/dist/recovery/bundle_store.js +104 -0
package/dist/recovery/bundle_store.js.map +1 -0
package/dist/recovery/index.d.ts +19 -0
package/dist/recovery/index.d.ts.map +1 -0
package/dist/recovery/index.js +19 -0
package/dist/recovery/index.js.map +1 -0
package/dist/recovery/manifest_crosscheck.d.ts +59 -0
package/dist/recovery/manifest_crosscheck.d.ts.map +1 -0
package/dist/recovery/manifest_crosscheck.js +59 -0
package/dist/recovery/manifest_crosscheck.js.map +1 -0
package/dist/recovery/shamir.d.ts +51 -0
package/dist/recovery/shamir.d.ts.map +1 -0
package/dist/recovery/shamir.js +181 -0
package/dist/recovery/shamir.js.map +1 -0
package/dist/recovery/sign.d.ts +61 -0
package/dist/recovery/sign.d.ts.map +1 -0
package/dist/recovery/sign.js +359 -0
package/dist/recovery/sign.js.map +1 -0
package/dist/recovery/types.d.ts +180 -0
package/dist/recovery/types.d.ts.map +1 -0
package/dist/recovery/types.js +31 -0
package/dist/recovery/types.js.map +1 -0
package/dist/reputation/abuse_report.d.ts +62 -0
package/dist/reputation/abuse_report.d.ts.map +1 -0
package/dist/reputation/abuse_report.js +111 -0
package/dist/reputation/abuse_report.js.map +1 -0
package/dist/reputation/bucketize.d.ts +31 -0
package/dist/reputation/bucketize.d.ts.map +1 -0
package/dist/reputation/bucketize.js +77 -0
package/dist/reputation/bucketize.js.map +1 -0
package/dist/reputation/gossip.d.ts +24 -0
package/dist/reputation/gossip.d.ts.map +1 -0
package/dist/reputation/gossip.js +64 -0
package/dist/reputation/gossip.js.map +1 -0
package/dist/reputation/gossip_fetch.d.ts +64 -0
package/dist/reputation/gossip_fetch.d.ts.map +1 -0
package/dist/reputation/gossip_fetch.js +114 -0
package/dist/reputation/gossip_fetch.js.map +1 -0
package/dist/reputation/index.d.ts +20 -0
package/dist/reputation/index.d.ts.map +1 -0
package/dist/reputation/index.js +20 -0
package/dist/reputation/index.js.map +1 -0
package/dist/reputation/observation_store.d.ts +67 -0
package/dist/reputation/observation_store.d.ts.map +1 -0
package/dist/reputation/observation_store.js +171 -0
package/dist/reputation/observation_store.js.map +1 -0
package/dist/reputation/pow.d.ts +91 -0
package/dist/reputation/pow.d.ts.map +1 -0
package/dist/reputation/pow.js +209 -0
package/dist/reputation/pow.js.map +1 -0
package/dist/reputation/sign.d.ts +40 -0
package/dist/reputation/sign.d.ts.map +1 -0
package/dist/reputation/sign.js +202 -0
package/dist/reputation/sign.js.map +1 -0
package/dist/reputation/types.d.ts +133 -0
package/dist/reputation/types.d.ts.map +1 -0
package/dist/reputation/types.js +33 -0
package/dist/reputation/types.js.map +1 -0
package/dist/reputation/whois.d.ts +25 -0
package/dist/reputation/whois.d.ts.map +1 -0
package/dist/reputation/whois.js +20 -0
package/dist/reputation/whois.js.map +1 -0
package/dist/seal/index.d.ts +8 -0
package/dist/seal/index.d.ts.map +1 -0
package/dist/seal/index.js +8 -0
package/dist/seal/index.js.map +1 -0
package/dist/seal/wrap.d.ts +74 -0
package/dist/seal/wrap.d.ts.map +1 -0
package/dist/seal/wrap.js +213 -0
package/dist/seal/wrap.js.map +1 -0
package/dist/session/dispatcher.d.ts +65 -0
package/dist/session/dispatcher.d.ts.map +1 -0
package/dist/session/dispatcher.js +96 -0
package/dist/session/dispatcher.js.map +1 -0
package/dist/session/index.d.ts +15 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +15 -0
package/dist/session/index.js.map +1 -0
package/dist/session/rekey.d.ts +108 -0
package/dist/session/rekey.d.ts.map +1 -0
package/dist/session/rekey.js +207 -0
package/dist/session/rekey.js.map +1 -0
package/dist/session/rekey_seal.d.ts +66 -0
package/dist/session/rekey_seal.d.ts.map +1 -0
package/dist/session/rekey_seal.js +153 -0
package/dist/session/rekey_seal.js.map +1 -0
package/dist/session/resume.d.ts +125 -0
package/dist/session/resume.d.ts.map +1 -0
package/dist/session/resume.js +263 -0
package/dist/session/resume.js.map +1 -0
package/dist/session/session.d.ts +136 -0
package/dist/session/session.d.ts.map +1 -0
package/dist/session/session.js +188 -0
package/dist/session/session.js.map +1 -0
package/dist/transparency/index.d.ts +13 -0
package/dist/transparency/index.d.ts.map +1 -0
package/dist/transparency/index.js +13 -0
package/dist/transparency/index.js.map +1 -0
package/dist/transparency/log.d.ts +61 -0
package/dist/transparency/log.d.ts.map +1 -0
package/dist/transparency/log.js +133 -0
package/dist/transparency/log.js.map +1 -0
package/dist/transparency/merkle.d.ts +59 -0
package/dist/transparency/merkle.d.ts.map +1 -0
package/dist/transparency/merkle.js +314 -0
package/dist/transparency/merkle.js.map +1 -0
package/dist/transparency/sign.d.ts +48 -0
package/dist/transparency/sign.d.ts.map +1 -0
package/dist/transparency/sign.js +140 -0
package/dist/transparency/sign.js.map +1 -0
package/dist/transparency/types.d.ts +97 -0
package/dist/transparency/types.d.ts.map +1 -0
package/dist/transparency/types.js +25 -0
package/dist/transparency/types.js.map +1 -0
package/dist/transport/h2.d.ts +163 -0
package/dist/transport/h2.d.ts.map +1 -0
package/dist/transport/h2.js +397 -0
package/dist/transport/h2.js.map +1 -0
package/dist/transport/index.d.ts +15 -0
package/dist/transport/index.d.ts.map +1 -0
package/dist/transport/index.js +15 -0
package/dist/transport/index.js.map +1 -0
package/dist/transport/memory.d.ts +21 -0
package/dist/transport/memory.d.ts.map +1 -0
package/dist/transport/memory.js +112 -0
package/dist/transport/memory.js.map +1 -0
package/dist/transport/transport.d.ts +54 -0
package/dist/transport/transport.d.ts.map +1 -0
package/dist/transport/transport.js +20 -0
package/dist/transport/transport.js.map +1 -0
package/dist/transport/ws.d.ts +40 -0
package/dist/transport/ws.d.ts.map +1 -0
package/dist/transport/ws.js +204 -0
package/dist/transport/ws.js.map +1 -0
package/package.json +147 -0

package/dist/migration/migration.js ADDED Viewed

@@ -0,0 +1,58 @@
+/**
+ * Convenience compose for the full migration record per MIGRATION.md §3.
+ *
+ * Wraps {@link prepareSignatures} + the four `sign*` passes into a
+ * single deterministic composer. Production callers that need the
+ * cooperative submit / accept flow use
+ * {@link "./orchestrate".buildSubmission} +
+ * {@link "./orchestrate".acceptSubmission} instead.
+ *
+ * @module
+ */
+import { prepareSignatures, signNewDomain, signNewIdentity, signOldDomain, signOldIdentity, } from "./sign.js";
+import { MigrationPrefix, MigrationRecordType, MigrationRecordVersion, } from "./types.js";
+/**
+ * Compose a fully-signed migration record. The four (or three, in
+ * unilateral mode) signatures are applied in §3.3 chain order.
+ */
+export function composeMigrationRecord(input) {
+    const r = {
+        type: MigrationRecordType,
+        version: MigrationRecordVersion,
+        record_id: input.recordId,
+        old_address: input.oldAddress,
+        new_address: input.newAddress,
+        old_identity_key_id: input.oldIdentityKeyId,
+        new_identity_key_id: input.newIdentityKeyId,
+        new_identity_public_key: input.newIdentityPublicKey,
+        migrated_at: input.migratedAt,
+        forwarding_window_until: input.forwardingWindowUntil === undefined ||
+            input.forwardingWindowUntil === ""
+            ? null
+            : input.forwardingWindowUntil,
+        mode: input.mode,
+        old_identity_signature: { algorithm: "", key_id: "", value: "" },
+        new_identity_signature: { algorithm: "", key_id: "", value: "" },
+        new_domain_signature: { algorithm: "", key_id: "", value: "" },
+        old_domain_signature: null,
+    };
+    if (input.extensions !== undefined) {
+        r.extensions = input.extensions;
+    }
+    prepareSignatures(r, input.oldIdentityKeyId, input.newIdentityKeyId, input.newDomainKeyId, input.oldDomainKeyId);
+    signOldIdentity(r, input.oldIdentitySeed, input.oldIdentityKeyId);
+    signNewIdentity(r, input.newIdentitySeed, input.newIdentityKeyId);
+    signNewDomain(r, input.newDomainSeed, input.newDomainKeyId);
+    if (input.mode === "cooperative") {
+        if (input.oldDomainSeed === undefined ||
+            input.oldDomainKeyId === undefined ||
+            input.oldDomainKeyId === "") {
+            throw new Error("migration: cooperative mode requires oldDomainSeed + oldDomainKeyId");
+        }
+        signOldDomain(r, input.oldDomainSeed, input.oldDomainKeyId);
+    }
+    return r;
+}
+// Re-export so old import paths keep working.
+export { MigrationPrefix };
+//# sourceMappingURL=migration.js.map

package/dist/migration/migration.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"migration.js","sourceRoot":"","sources":["../../src/migration/migration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EACL,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,aAAa,EACb,eAAe,GAChB,MAAM,WAAW,CAAC;AACnB,OAAO,EAGL,eAAe,EACf,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,YAAY,CAAC;AAqCpB;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CACpC,KAA4B;IAE5B,MAAM,CAAC,GAAoB;QACzB,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,sBAAsB;QAC/B,SAAS,EAAE,KAAK,CAAC,QAAQ;QACzB,WAAW,EAAE,KAAK,CAAC,UAAU;QAC7B,WAAW,EAAE,KAAK,CAAC,UAAU;QAC7B,mBAAmB,EAAE,KAAK,CAAC,gBAAgB;QAC3C,mBAAmB,EAAE,KAAK,CAAC,gBAAgB;QAC3C,uBAAuB,EAAE,KAAK,CAAC,oBAAoB;QACnD,WAAW,EAAE,KAAK,CAAC,UAAU;QAC7B,uBAAuB,EACrB,KAAK,CAAC,qBAAqB,KAAK,SAAS;YACzC,KAAK,CAAC,qBAAqB,KAAK,EAAE;YAChC,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,KAAK,CAAC,qBAAqB;QACjC,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,sBAAsB,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;QAChE,sBAAsB,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;QAChE,oBAAoB,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;QAC9D,oBAAoB,EAAE,IAAI;KAC3B,CAAC;IACF,IAAI,KAAK,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACnC,CAAC,CAAC,UAAU,GAAG,KAAK,CAAC,UAAU,CAAC;IAClC,CAAC;IACD,iBAAiB,CACf,CAAC,EACD,KAAK,CAAC,gBAAgB,EACtB,KAAK,CAAC,gBAAgB,EACtB,KAAK,CAAC,cAAc,EACpB,KAAK,CAAC,cAAc,CACrB,CAAC;IACF,eAAe,CAAC,CAAC,EAAE,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAClE,eAAe,CAAC,CAAC,EAAE,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAClE,aAAa,CAAC,CAAC,EAAE,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;IAC5D,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACjC,IACE,KAAK,CAAC,aAAa,KAAK,SAAS;YACjC,KAAK,CAAC,cAAc,KAAK,SAAS;YAClC,KAAK,CAAC,cAAc,KAAK,EAAE,EAC3B,CAAC;YACD,MAAM,IAAI,KAAK,CACb,qEAAqE,CACtE,CAAC;QACJ,CAAC;QACD,aAAa,CAAC,CAAC,EAAE,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,8CAA8C;AAC9C,OAAO,EAAE,eAAe,EAAE,CAAC"}

package/dist/migration/notice.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * Migration notice messages per MIGRATION.md §4.
+ *
+ * A `SEMP_MIGRATION_NOTICE` is what a server returns to a sender
+ * that attempted to deliver to a migrated address. It carries a
+ * pointer to the published migration record (URL + record_id) so
+ * the sender's stack can fetch and verify it before redirecting.
+ *
+ * @module
+ */
+import { type MigrationNotice, type MigrationNoticeRejection, type MigrationRecord } from "./types.js";
+/** Inputs to {@link buildMigrationNotice}. */
+export interface BuildMigrationNoticeInput {
+    record: MigrationRecord;
+    /** URL pattern with `{record_id}` placeholder, e.g. `https://old.example/migration/{record_id}`. */
+    recordUrlPattern: string;
+    /** Optional pre-assigned notice id; auto-generated when omitted. */
+    noticeId?: string;
+    /** Wall-clock; defaults to `() => new Date()`. */
+    nowFn?: () => Date;
+    /** Random source for ULID generation. */
+    rand?: (n: number) => Uint8Array;
+}
+/**
+ * Build a {@link MigrationNotice} that points at the published
+ * `record`. The notice is unsigned — the recipient sender verifies
+ * the underlying record by fetching `record_url` and running
+ * `verifyMigrationRecord`.
+ */
+export declare function buildMigrationNotice(input: BuildMigrationNoticeInput): MigrationNotice;
+/** Construct a rejection wrapper to refuse honoring a notice. */
+export declare function newMigrationNoticeRejection(notice: MigrationNotice, reason: string): MigrationNoticeRejection;
+//# sourceMappingURL=notice.d.ts.map

package/dist/migration/notice.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"notice.d.ts","sourceRoot":"","sources":["../../src/migration/notice.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EACL,KAAK,eAAe,EACpB,KAAK,wBAAwB,EAC7B,KAAK,eAAe,EAGrB,MAAM,YAAY,CAAC;AAEpB,8CAA8C;AAC9C,MAAM,WAAW,yBAAyB;IACxC,MAAM,EAAE,eAAe,CAAC;IACxB,oGAAoG;IACpG,gBAAgB,EAAE,MAAM,CAAC;IACzB,oEAAoE;IACpE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kDAAkD;IAClD,KAAK,CAAC,EAAE,MAAM,IAAI,CAAC;IACnB,yCAAyC;IACzC,IAAI,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;CAClC;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,yBAAyB,GAC/B,eAAe,CAuBjB;AAED,iEAAiE;AACjE,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,eAAe,EACvB,MAAM,EAAE,MAAM,GACb,wBAAwB,CAE1B"}

package/dist/migration/notice.js ADDED Viewed

@@ -0,0 +1,85 @@
+/**
+ * Migration notice messages per MIGRATION.md §4.
+ *
+ * A `SEMP_MIGRATION_NOTICE` is what a server returns to a sender
+ * that attempted to deliver to a migrated address. It carries a
+ * pointer to the published migration record (URL + record_id) so
+ * the sender's stack can fetch and verify it before redirecting.
+ *
+ * @module
+ */
+import { MigrationNoticeType, MigrationRecordVersion, } from "./types.js";
+/**
+ * Build a {@link MigrationNotice} that points at the published
+ * `record`. The notice is unsigned — the recipient sender verifies
+ * the underlying record by fetching `record_url` and running
+ * `verifyMigrationRecord`.
+ */
+export function buildMigrationNotice(input) {
+    if (input.recordUrlPattern === "" || !input.recordUrlPattern.includes("{record_id}")) {
+        throw new Error("migration: recordUrlPattern must include {record_id} placeholder");
+    }
+    const recordUrl = input.recordUrlPattern.replace("{record_id}", encodeURIComponent(input.record.record_id));
+    const noticeId = input.noticeId ?? newULID(input.rand);
+    const nowFn = input.nowFn ?? (() => new Date());
+    return {
+        type: MigrationNoticeType,
+        version: MigrationRecordVersion,
+        notice_id: noticeId,
+        record_id: input.record.record_id,
+        record_url: recordUrl,
+        old_address: input.record.old_address,
+        new_address: input.record.new_address,
+        mode: input.record.mode,
+        issued_at: isoSecond(nowFn()),
+    };
+}
+/** Construct a rejection wrapper to refuse honoring a notice. */
+export function newMigrationNoticeRejection(notice, reason) {
+    return { notice, reason };
+}
+// ---------------------------------------------------------------------------
+// Helpers (inlined ULID minter — same as elsewhere in the codebase)
+const ULID_ALPHABET = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
+function newULID(rand) {
+    const r = rand ?? defaultRand;
+    const bits = new Uint8Array(16);
+    const ms = BigInt(Date.now());
+    bits[0] = Number((ms >> 40n) & 0xffn);
+    bits[1] = Number((ms >> 32n) & 0xffn);
+    bits[2] = Number((ms >> 24n) & 0xffn);
+    bits[3] = Number((ms >> 16n) & 0xffn);
+    bits[4] = Number((ms >> 8n) & 0xffn);
+    bits[5] = Number(ms & 0xffn);
+    const random = r(10);
+    for (let i = 0; i < 10; i++) {
+        bits[6 + i] = random[i] ?? 0;
+    }
+    let u = 0n;
+    for (let i = 0; i < 8; i++) {
+        u = (u << 8n) | BigInt(bits[i] ?? 0);
+    }
+    let u2 = 0n;
+    for (let i = 8; i < 16; i++) {
+        u2 = (u2 << 8n) | BigInt(bits[i] ?? 0);
+    }
+    const out = new Array(26);
+    for (let i = 25; i >= 13; i--) {
+        out[i] = ULID_ALPHABET[Number(u2 & 31n)] ?? "0";
+        u2 >>= 5n;
+    }
+    for (let i = 12; i >= 0; i--) {
+        out[i] = ULID_ALPHABET[Number(u & 31n)] ?? "0";
+        u >>= 5n;
+    }
+    return out.join("");
+}
+function defaultRand(n) {
+    const out = new Uint8Array(n);
+    globalThis.crypto.getRandomValues(out);
+    return out;
+}
+function isoSecond(d) {
+    return d.toISOString().replace(/\.\d{3}Z$/, "Z");
+}
+//# sourceMappingURL=notice.js.map

package/dist/migration/notice.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"notice.js","sourceRoot":"","sources":["../../src/migration/notice.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAIL,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,YAAY,CAAC;AAepB;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAClC,KAAgC;IAEhC,IAAI,KAAK,CAAC,gBAAgB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;QACrF,MAAM,IAAI,KAAK,CACb,kEAAkE,CACnE,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,KAAK,CAAC,gBAAgB,CAAC,OAAO,CAC9C,aAAa,EACb,kBAAkB,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAC3C,CAAC;IACF,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACvD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IAChD,OAAO;QACL,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,sBAAsB;QAC/B,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,KAAK,CAAC,MAAM,CAAC,SAAS;QACjC,UAAU,EAAE,SAAS;QACrB,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,WAAW;QACrC,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,WAAW;QACrC,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,IAAI;QACvB,SAAS,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC;KAC9B,CAAC;AACJ,CAAC;AAED,iEAAiE;AACjE,MAAM,UAAU,2BAA2B,CACzC,MAAuB,EACvB,MAAc;IAEd,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC5B,CAAC;AAED,8EAA8E;AAC9E,oEAAoE;AAEpE,MAAM,aAAa,GAAG,kCAAkC,CAAC;AAEzD,SAAS,OAAO,CAAC,IAAgC;IAC/C,MAAM,CAAC,GAAG,IAAI,IAAI,WAAW,CAAC;IAC9B,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAChC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC9B,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC;IACrC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC;IAC7B,MAAM,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;IACD,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACvC,CAAC;IACD,IAAI,EAAE,GAAG,EAAE,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACzC,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAS,EAAE,CAAC,CAAC;IAClC,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9B,GAAG,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,MAAM,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC;QAChD,EAAE,KAAK,EAAE,CAAC;IACZ,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,GAAG,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC;QAC/C,CAAC,KAAK,EAAE,CAAC;IACX,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACtB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,SAAS,CAAC,CAAO;IACxB,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;AACnD,CAAC"}

package/dist/migration/orchestrate.d.ts ADDED Viewed

@@ -0,0 +1,109 @@
+/**
+ * Migration submission + acceptance orchestration per MIGRATION.md
+ * §4.1.
+ *
+ * The new provider builds a 3-signature submission record and POSTs
+ * it to the old provider's migration endpoint. The old provider
+ * verifies the three submitted signatures, applies its forwarding
+ * policy, registers the §6 lockout, countersigns, persists, and
+ * returns the final 4-signature record.
+ *
+ * Unilateral mode skips the countersign step — the new provider's
+ * 3-signature record is the final published form.
+ *
+ * @module
+ */
+import { type LockoutRegistry } from "./lockout.js";
+import { type PublicationStore } from "./publication_store.js";
+import { type MigrationMode, type MigrationRecord } from "./types.js";
+/** Inputs to {@link buildSubmission}. */
+export interface BuildSubmissionInput {
+    oldAddress: string;
+    newAddress: string;
+    oldIdentityKeyId: string;
+    newIdentityKeyId: string;
+    /** Base64-encoded new identity public key (advertised in the record body). */
+    newIdentityPublicKey: string;
+    oldIdentityPriv: Uint8Array;
+    newIdentityPriv: Uint8Array;
+    newDomainKeyId: string;
+    newDomainPriv: Uint8Array;
+    /** Old provider's domain signing fingerprint (cooperative only). */
+    oldDomainKeyId?: string;
+    mode: MigrationMode;
+    /** Forwarding window in milliseconds. Cooperative mode only. */
+    forwardingWindowMs?: number;
+    /** ISO 8601 UTC. */
+    migratedAt: string;
+    /** Optional pre-assigned record_id; auto-generated when omitted. */
+    recordId?: string;
+    /** Random source for record id minting. */
+    rand?: (n: number) => Uint8Array;
+}
+/**
+ * Construct and apply the new-provider signatures (passes 1–3). In
+ * cooperative mode the returned record's `old_domain_signature`
+ * slot is prepared but empty — the new provider POSTs the record
+ * to the old provider, who runs {@link acceptSubmission} to verify
+ * and countersign.
+ */
+export declare function buildSubmission(input: BuildSubmissionInput): MigrationRecord;
+/** Inputs to {@link acceptSubmission}. */
+export interface AcceptSubmissionInput {
+    /** 3-signature record submitted by the new provider. */
+    record: MigrationRecord;
+    /** Old identity public key resolved from the old provider's prior key state. */
+    oldIdentityPub: Uint8Array;
+    /** New provider's current domain signing key (resolved via discovery). */
+    newDomainPub: Uint8Array;
+    /** Old provider's domain signing private key. */
+    oldDomainPriv: Uint8Array;
+    oldDomainKeyId: string;
+    /** Wall-clock; used for migrated_at clock-skew validation. */
+    now: Date;
+    /** Old identity key's `created` timestamp (for §3.4 lower bound check). */
+    oldIdentityCreated?: Date | null;
+    /** Optional clock-skew tolerance. Defaults to 5 minutes. */
+    clockSkewMs?: number;
+    /**
+     * Optional forwarding-policy hook. Called BEFORE countersigning.
+     * Throw to refuse the submission with a structured reason.
+     */
+    forwardingPolicy?: (r: MigrationRecord) => Promise<void> | void;
+    /** Optional persistence layer. */
+    store?: PublicationStore;
+    /** Optional lockout registry. */
+    lockout?: LockoutRegistry;
+}
+/**
+ * Old-provider side of cooperative migration: verify the 3
+ * submitted signatures, apply optional forwarding policy, register
+ * the §6 lockout, countersign with `old_domain_priv`, persist via
+ * the store, and return the 4-sig record.
+ *
+ * In unilateral mode this throws — there is no countersignature
+ * step in the unilateral flow.
+ */
+export declare function acceptSubmission(input: AcceptSubmissionInput): Promise<MigrationRecord>;
+/**
+ * Per-hook signature for {@link applyThirdPartyPolicy}. A hook
+ * receives the published record and returns either nothing
+ * (success) or throws with a reason string (the third-party
+ * verifier rejects).
+ */
+export type ThirdPartyHook = (record: MigrationRecord) => Promise<void> | void;
+/** Group of policy hooks third parties apply when verifying a published record. */
+export interface ThirdPartyPolicy {
+    /** Verify the four-signature chain. */
+    verifyChain?: ThirdPartyHook;
+    /** Operator-defined acceptability policy (domain reputation, etc.). */
+    acceptability?: ThirdPartyHook;
+    /** Cross-check the record against transparency-log inclusion. */
+    transparency?: ThirdPartyHook;
+}
+/**
+ * Run every non-nil hook in `policy`. Aggregates errors so the
+ * caller sees every reason at once.
+ */
+export declare function applyThirdPartyPolicy(record: MigrationRecord, policy: ThirdPartyPolicy): Promise<void>;
+//# sourceMappingURL=orchestrate.d.ts.map

package/dist/migration/orchestrate.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"orchestrate.d.ts","sourceRoot":"","sources":["../../src/migration/orchestrate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EACL,KAAK,eAAe,EACrB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,KAAK,gBAAgB,EACtB,MAAM,wBAAwB,CAAC;AAWhC,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,eAAe,EAKrB,MAAM,YAAY,CAAC;AAEpB,yCAAyC;AACzC,MAAM,WAAW,oBAAoB;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,8EAA8E;IAC9E,oBAAoB,EAAE,MAAM,CAAC;IAE7B,eAAe,EAAE,UAAU,CAAC;IAC5B,eAAe,EAAE,UAAU,CAAC;IAE5B,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,UAAU,CAAC;IAE1B,oEAAoE;IACpE,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,IAAI,EAAE,aAAa,CAAC;IAEpB,gEAAgE;IAChE,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,oBAAoB;IACpB,UAAU,EAAE,MAAM,CAAC;IAEnB,oEAAoE;IACpE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,2CAA2C;IAC3C,IAAI,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;CAClC;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE,oBAAoB,GAC1B,eAAe,CAgFjB;AAED,0CAA0C;AAC1C,MAAM,WAAW,qBAAqB;IACpC,wDAAwD;IACxD,MAAM,EAAE,eAAe,CAAC;IAExB,gFAAgF;IAChF,cAAc,EAAE,UAAU,CAAC;IAE3B,0EAA0E;IAC1E,YAAY,EAAE,UAAU,CAAC;IAEzB,iDAAiD;IACjD,aAAa,EAAE,UAAU,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;IAEvB,8DAA8D;IAC9D,GAAG,EAAE,IAAI,CAAC;IAEV,2EAA2E;IAC3E,kBAAkB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAEjC,4DAA4D;IAC5D,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;IAEhE,kCAAkC;IAClC,KAAK,CAAC,EAAE,gBAAgB,CAAC;IAEzB,iCAAiC;IACjC,OAAO,CAAC,EAAE,eAAe,CAAC;CAC3B;AAED;;;;;;;;GAQG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,qBAAqB,GAC3B,OAAO,CAAC,eAAe,CAAC,CAsD1B;AAED;;;;;GAKG;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,MAAM,EAAE,eAAe,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AAE/E,mFAAmF;AACnF,MAAM,WAAW,gBAAgB;IAC/B,uCAAuC;IACvC,WAAW,CAAC,EAAE,cAAc,CAAC;IAC7B,uEAAuE;IACvE,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B,iEAAiE;IACjE,YAAY,CAAC,EAAE,cAAc,CAAC;CAC/B;AAED;;;GAGG;AACH,wBAAsB,qBAAqB,CACzC,MAAM,EAAE,eAAe,EACvB,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,IAAI,CAAC,CAef"}

package/dist/migration/orchestrate.js ADDED Viewed

@@ -0,0 +1,212 @@
+/**
+ * Migration submission + acceptance orchestration per MIGRATION.md
+ * §4.1.
+ *
+ * The new provider builds a 3-signature submission record and POSTs
+ * it to the old provider's migration endpoint. The old provider
+ * verifies the three submitted signatures, applies its forwarding
+ * policy, registers the §6 lockout, countersigns, persists, and
+ * returns the final 4-signature record.
+ *
+ * Unilateral mode skips the countersign step — the new provider's
+ * 3-signature record is the final published form.
+ *
+ * @module
+ */
+import {} from "./lockout.js";
+import {} from "./publication_store.js";
+import { checkMigratedAtBound, prepareSignatures, signNewDomain, signNewIdentity, signOldDomain, signOldIdentity, validateMigrationRecord, verifyMigrationPass, } from "./sign.js";
+import { MaxForwardingWindowMs, MigrationRecordType, MigrationRecordVersion, MinForwardingWindowMs, } from "./types.js";
+/**
+ * Construct and apply the new-provider signatures (passes 1–3). In
+ * cooperative mode the returned record's `old_domain_signature`
+ * slot is prepared but empty — the new provider POSTs the record
+ * to the old provider, who runs {@link acceptSubmission} to verify
+ * and countersign.
+ */
+export function buildSubmission(input) {
+    if (input.oldAddress === "" || input.newAddress === "") {
+        throw new Error("migration: old_address and new_address are required");
+    }
+    if (input.oldIdentityKeyId === "" || input.newIdentityKeyId === "") {
+        throw new Error("migration: old_identity_key_id and new_identity_key_id are required");
+    }
+    if (input.newIdentityPublicKey === "") {
+        throw new Error("migration: new_identity_public_key is required");
+    }
+    if (input.newDomainKeyId === "") {
+        throw new Error("migration: new_domain_key_id is required");
+    }
+    if (input.migratedAt === "") {
+        throw new Error("migration: migrated_at is required");
+    }
+    if (input.mode !== "cooperative" && input.mode !== "unilateral") {
+        throw new Error(`migration: unknown mode ${JSON.stringify(input.mode)}`);
+    }
+    let forwardingUntil = null;
+    if (input.mode === "cooperative") {
+        const windowMs = input.forwardingWindowMs ?? 0;
+        if (windowMs < MinForwardingWindowMs) {
+            throw new Error(`migration: forwarding window ${windowMs} below minimum ${MinForwardingWindowMs}`);
+        }
+        if (windowMs > MaxForwardingWindowMs) {
+            throw new Error(`migration: forwarding window ${windowMs} exceeds maximum ${MaxForwardingWindowMs}`);
+        }
+        if (input.oldDomainKeyId === undefined || input.oldDomainKeyId === "") {
+            throw new Error("migration: cooperative mode requires oldDomainKeyId (looked up from the old provider's discovery configuration)");
+        }
+        const migratedMs = Date.parse(input.migratedAt);
+        if (Number.isNaN(migratedMs)) {
+            throw new Error("migration: migrated_at is not ISO 8601");
+        }
+        forwardingUntil = new Date(migratedMs + windowMs).toISOString().replace(/\.\d{3}Z$/, "Z");
+    }
+    const recordId = input.recordId ?? newRecordID(input.rand);
+    const record = {
+        type: MigrationRecordType,
+        version: MigrationRecordVersion,
+        record_id: recordId,
+        old_address: input.oldAddress,
+        new_address: input.newAddress,
+        old_identity_key_id: input.oldIdentityKeyId,
+        new_identity_key_id: input.newIdentityKeyId,
+        new_identity_public_key: input.newIdentityPublicKey,
+        migrated_at: input.migratedAt,
+        forwarding_window_until: forwardingUntil,
+        mode: input.mode,
+        old_identity_signature: { algorithm: "", key_id: "", value: "" },
+        new_identity_signature: { algorithm: "", key_id: "", value: "" },
+        new_domain_signature: { algorithm: "", key_id: "", value: "" },
+        old_domain_signature: null,
+    };
+    prepareSignatures(record, input.oldIdentityKeyId, input.newIdentityKeyId, input.newDomainKeyId, input.oldDomainKeyId);
+    signOldIdentity(record, input.oldIdentityPriv, input.oldIdentityKeyId);
+    signNewIdentity(record, input.newIdentityPriv, input.newIdentityKeyId);
+    signNewDomain(record, input.newDomainPriv, input.newDomainKeyId);
+    return record;
+}
+/**
+ * Old-provider side of cooperative migration: verify the 3
+ * submitted signatures, apply optional forwarding policy, register
+ * the §6 lockout, countersign with `old_domain_priv`, persist via
+ * the store, and return the 4-sig record.
+ *
+ * In unilateral mode this throws — there is no countersignature
+ * step in the unilateral flow.
+ */
+export async function acceptSubmission(input) {
+    const r = input.record;
+    if (r.mode !== "cooperative") {
+        throw new Error(`migration: acceptSubmission only valid for mode=cooperative (got ${JSON.stringify(r.mode)})`);
+    }
+    validateMigrationRecord(r);
+    // Verify the three submitted signatures (the §3.3 chain is not
+    // yet complete — the old domain signature has not been added —
+    // so verify each prior pass individually rather than calling the
+    // full verifyMigrationRecord.)
+    const newIdentityPub = base64Decode(r.new_identity_public_key);
+    if (!verifyMigrationPass(r, 0, input.oldIdentityPub)) {
+        throw new Error("migration: old_identity_signature verification failed");
+    }
+    if (!verifyMigrationPass(r, 1, newIdentityPub)) {
+        throw new Error("migration: new_identity_signature verification failed");
+    }
+    if (!verifyMigrationPass(r, 2, input.newDomainPub)) {
+        throw new Error("migration: new_domain_signature verification failed");
+    }
+    // §3.3 migrated_at bound.
+    checkMigratedAtBound(r, input.oldIdentityCreated ?? null, input.now, input.clockSkewMs);
+    // Optional forwarding-policy hook.
+    if (input.forwardingPolicy !== undefined) {
+        await input.forwardingPolicy(r);
+    }
+    // Register lockout for the duration of the forwarding window.
+    if (input.lockout !== undefined && r.forwarding_window_until !== null) {
+        const untilMs = Date.parse(r.forwarding_window_until);
+        if (!Number.isNaN(untilMs)) {
+            const localpart = r.old_address.includes("@")
+                ? r.old_address.split("@")[0] ?? r.old_address
+                : r.old_address;
+            await input.lockout.reserve(localpart, new Date(untilMs), r.record_id);
+        }
+    }
+    signOldDomain(r, input.oldDomainPriv, input.oldDomainKeyId);
+    if (input.store !== undefined) {
+        await input.store.putRecord(r);
+    }
+    return r;
+}
+/**
+ * Run every non-nil hook in `policy`. Aggregates errors so the
+ * caller sees every reason at once.
+ */
+export async function applyThirdPartyPolicy(record, policy) {
+    const errors = [];
+    for (const hook of [policy.verifyChain, policy.acceptability, policy.transparency]) {
+        if (hook === undefined) {
+            continue;
+        }
+        try {
+            await hook(record);
+        }
+        catch (err) {
+            errors.push(err instanceof Error ? err.message : String(err));
+        }
+    }
+    if (errors.length > 0) {
+        throw new Error(`migration: third-party policy: ${errors.join("; ")}`);
+    }
+}
+// ---------------------------------------------------------------------------
+// Helpers (inline ULID minter — same shape as elsewhere)
+const ULID_ALPHABET = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
+function newRecordID(rand) {
+    const r = rand ?? defaultRand;
+    const bits = new Uint8Array(16);
+    const ms = BigInt(Date.now());
+    bits[0] = Number((ms >> 40n) & 0xffn);
+    bits[1] = Number((ms >> 32n) & 0xffn);
+    bits[2] = Number((ms >> 24n) & 0xffn);
+    bits[3] = Number((ms >> 16n) & 0xffn);
+    bits[4] = Number((ms >> 8n) & 0xffn);
+    bits[5] = Number(ms & 0xffn);
+    const random = r(10);
+    for (let i = 0; i < 10; i++) {
+        bits[6 + i] = random[i] ?? 0;
+    }
+    let u = 0n;
+    for (let i = 0; i < 8; i++) {
+        u = (u << 8n) | BigInt(bits[i] ?? 0);
+    }
+    let u2 = 0n;
+    for (let i = 8; i < 16; i++) {
+        u2 = (u2 << 8n) | BigInt(bits[i] ?? 0);
+    }
+    const out = new Array(26);
+    for (let i = 25; i >= 13; i--) {
+        out[i] = ULID_ALPHABET[Number(u2 & 31n)] ?? "0";
+        u2 >>= 5n;
+    }
+    for (let i = 12; i >= 0; i--) {
+        out[i] = ULID_ALPHABET[Number(u & 31n)] ?? "0";
+        u >>= 5n;
+    }
+    return out.join("");
+}
+function defaultRand(n) {
+    const out = new Uint8Array(n);
+    globalThis.crypto.getRandomValues(out);
+    return out;
+}
+function base64Decode(s) {
+    if (typeof Buffer !== "undefined") {
+        return new Uint8Array(Buffer.from(s, "base64"));
+    }
+    const bin = atob(s);
+    const out = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++) {
+        out[i] = bin.charCodeAt(i);
+    }
+    return out;
+}
+//# sourceMappingURL=orchestrate.js.map

package/dist/migration/orchestrate.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"orchestrate.js","sourceRoot":"","sources":["../../src/migration/orchestrate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAEN,MAAM,cAAc,CAAC;AACtB,OAAO,EAEN,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,aAAa,EACb,eAAe,EACf,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,WAAW,CAAC;AACnB,OAAO,EAGL,qBAAqB,EACrB,mBAAmB,EACnB,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,YAAY,CAAC;AAmCpB;;;;;;GAMG;AACH,MAAM,UAAU,eAAe,CAC7B,KAA2B;IAE3B,IAAI,KAAK,CAAC,UAAU,KAAK,EAAE,IAAI,KAAK,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IACD,IAAI,KAAK,CAAC,gBAAgB,KAAK,EAAE,IAAI,KAAK,CAAC,gBAAgB,KAAK,EAAE,EAAE,CAAC;QACnE,MAAM,IAAI,KAAK,CACb,qEAAqE,CACtE,CAAC;IACJ,CAAC;IACD,IAAI,KAAK,CAAC,oBAAoB,KAAK,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACxD,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,2BAA2B,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,eAAe,GAAkB,IAAI,CAAC;IAC1C,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACjC,MAAM,QAAQ,GAAG,KAAK,CAAC,kBAAkB,IAAI,CAAC,CAAC;QAC/C,IAAI,QAAQ,GAAG,qBAAqB,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CACb,gCAAgC,QAAQ,kBAAkB,qBAAqB,EAAE,CAClF,CAAC;QACJ,CAAC;QACD,IAAI,QAAQ,GAAG,qBAAqB,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CACb,gCAAgC,QAAQ,oBAAoB,qBAAqB,EAAE,CACpF,CAAC;QACJ,CAAC;QACD,IAAI,KAAK,CAAC,cAAc,KAAK,SAAS,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;YACtE,MAAM,IAAI,KAAK,CACb,iHAAiH,CAClH,CAAC;QACJ,CAAC;QACD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAChD,IAAI,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QACD,eAAe,GAAG,IAAI,IAAI,CAAC,UAAU,GAAG,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;IAC5F,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE3D,MAAM,MAAM,GAAoB;QAC9B,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,sBAAsB;QAC/B,SAAS,EAAE,QAAQ;QACnB,WAAW,EAAE,KAAK,CAAC,UAAU;QAC7B,WAAW,EAAE,KAAK,CAAC,UAAU;QAC7B,mBAAmB,EAAE,KAAK,CAAC,gBAAgB;QAC3C,mBAAmB,EAAE,KAAK,CAAC,gBAAgB;QAC3C,uBAAuB,EAAE,KAAK,CAAC,oBAAoB;QACnD,WAAW,EAAE,KAAK,CAAC,UAAU;QAC7B,uBAAuB,EAAE,eAAe;QACxC,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,sBAAsB,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;QAChE,sBAAsB,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;QAChE,oBAAoB,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;QAC9D,oBAAoB,EAAE,IAAI;KAC3B,CAAC;IAEF,iBAAiB,CACf,MAAM,EACN,KAAK,CAAC,gBAAgB,EACtB,KAAK,CAAC,gBAAgB,EACtB,KAAK,CAAC,cAAc,EACpB,KAAK,CAAC,cAAc,CACrB,CAAC;IAEF,eAAe,CAAC,MAAM,EAAE,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACvE,eAAe,CAAC,MAAM,EAAE,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACvE,aAAa,CAAC,MAAM,EAAE,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;IAEjE,OAAO,MAAM,CAAC;AAChB,CAAC;AAuCD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAA4B;IAE5B,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC;IACvB,IAAI,CAAC,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CACb,oEAAoE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAC9F,CAAC;IACJ,CAAC;IACD,uBAAuB,CAAC,CAAC,CAAC,CAAC;IAE3B,+DAA+D;IAC/D,+DAA+D;IAC/D,iEAAiE;IACjE,+BAA+B;IAC/B,MAAM,cAAc,GAAG,YAAY,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC;IAC/D,IAAI,CAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;IAC3E,CAAC;IACD,IAAI,CAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,EAAE,cAAc,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;IAC3E,CAAC;IACD,IAAI,CAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,YAAY,CAAC,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IAED,0BAA0B;IAC1B,oBAAoB,CAClB,CAAC,EACD,KAAK,CAAC,kBAAkB,IAAI,IAAI,EAChC,KAAK,CAAC,GAAG,EACT,KAAK,CAAC,WAAW,CAClB,CAAC;IAEF,mCAAmC;IACnC,IAAI,KAAK,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;QACzC,MAAM,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IAED,8DAA8D;IAC9D,IAAI,KAAK,CAAC,OAAO,KAAK,SAAS,IAAI,CAAC,CAAC,uBAAuB,KAAK,IAAI,EAAE,CAAC;QACtE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAC3C,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW;gBAC9C,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;YAClB,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAED,aAAa,CAAC,CAAC,EAAE,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;IAE5D,IAAI,KAAK,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;QAC9B,MAAM,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAoBD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,MAAuB,EACvB,MAAwB;IAExB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,aAAa,EAAE,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC;QACnF,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,SAAS;QACX,CAAC;QACD,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,MAAM,CAAC,CAAC;QACrB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,kCAAkC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACzE,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,yDAAyD;AAEzD,MAAM,aAAa,GAAG,kCAAkC,CAAC;AAEzD,SAAS,WAAW,CAAC,IAAgC;IACnD,MAAM,CAAC,GAAG,IAAI,IAAI,WAAW,CAAC;IAC9B,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAChC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC9B,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC;IACrC,IAAI,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC;IAC7B,MAAM,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;IACD,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACvC,CAAC;IACD,IAAI,EAAE,GAAG,EAAE,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACzC,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAS,EAAE,CAAC,CAAC;IAClC,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9B,GAAG,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,MAAM,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC;QAChD,EAAE,KAAK,EAAE,CAAC;IACZ,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,GAAG,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC;QAC/C,CAAC,KAAK,EAAE,CAAC;IACX,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACtB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,CAAS;IAC7B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/migration/publication_store.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+/**
+ * Persistence interface for published migration records per
+ * MIGRATION.md §3.4 + §6.2.
+ *
+ * Even after the local-part is reassigned, the published migration
+ * record stays accessible as historical evidence. The store keys
+ * records by both `old_address` (for sender-side address lookups
+ * after a delivery failure) and by `record_id` (for direct fetches
+ * via `record_url`).
+ *
+ * @module
+ */
+import type { MigrationRecord } from "./types.js";
+/** Persistence interface for migration records. */
+export interface PublicationStore {
+    /** Persist `r`. Idempotent on repeated calls with the same record_id. */
+    putRecord(r: MigrationRecord): Promise<void>;
+    /**
+     * Return the most recent published record for `oldAddress`, or
+     * null if none exists.
+     */
+    getByOldAddress(oldAddress: string): Promise<MigrationRecord | null>;
+    /** Return the record with `recordId`, or null if not found. */
+    getByRecordId(recordId: string): Promise<MigrationRecord | null>;
+}
+/** Reference {@link PublicationStore}. Single-process only. */
+export declare class InMemoryPublicationStore implements PublicationStore {
+    private readonly byRecordId;
+    private readonly byOldAddress;
+    putRecord(r: MigrationRecord): Promise<void>;
+    getByOldAddress(oldAddress: string): Promise<MigrationRecord | null>;
+    getByRecordId(recordId: string): Promise<MigrationRecord | null>;
+}
+//# sourceMappingURL=publication_store.d.ts.map

package/dist/migration/publication_store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"publication_store.d.ts","sourceRoot":"","sources":["../../src/migration/publication_store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAElD,mDAAmD;AACnD,MAAM,WAAW,gBAAgB;IAC/B,yEAAyE;IACzE,SAAS,CAAC,CAAC,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE7C;;;OAGG;IACH,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAAC;IAErE,+DAA+D;IAC/D,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAAC;CAClE;AAED,+DAA+D;AAC/D,qBAAa,wBAAyB,YAAW,gBAAgB;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAsC;IACjE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAsC;IAE7D,SAAS,CAAC,CAAC,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAa5C,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;IAQpE,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;CAOvE"}

package/dist/migration/publication_store.js ADDED Viewed

@@ -0,0 +1,44 @@
+/**
+ * Persistence interface for published migration records per
+ * MIGRATION.md §3.4 + §6.2.
+ *
+ * Even after the local-part is reassigned, the published migration
+ * record stays accessible as historical evidence. The store keys
+ * records by both `old_address` (for sender-side address lookups
+ * after a delivery failure) and by `record_id` (for direct fetches
+ * via `record_url`).
+ *
+ * @module
+ */
+/** Reference {@link PublicationStore}. Single-process only. */
+export class InMemoryPublicationStore {
+    byRecordId = new Map();
+    byOldAddress = new Map();
+    async putRecord(r) {
+        if (r.record_id === "") {
+            throw new Error("migration: empty record_id");
+        }
+        if (r.old_address === "") {
+            throw new Error("migration: empty old_address");
+        }
+        const cp = JSON.parse(JSON.stringify(r));
+        this.byRecordId.set(r.record_id, cp);
+        // The most recent record for an address wins (later put overrides).
+        this.byOldAddress.set(r.old_address.toLowerCase(), cp);
+    }
+    async getByOldAddress(oldAddress) {
+        const r = this.byOldAddress.get(oldAddress.toLowerCase());
+        if (r === undefined) {
+            return null;
+        }
+        return JSON.parse(JSON.stringify(r));
+    }
+    async getByRecordId(recordId) {
+        const r = this.byRecordId.get(recordId);
+        if (r === undefined) {
+            return null;
+        }
+        return JSON.parse(JSON.stringify(r));
+    }
+}
+//# sourceMappingURL=publication_store.js.map

package/dist/migration/publication_store.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"publication_store.js","sourceRoot":"","sources":["../../src/migration/publication_store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAmBH,+DAA+D;AAC/D,MAAM,OAAO,wBAAwB;IAClB,UAAU,GAAG,IAAI,GAAG,EAA2B,CAAC;IAChD,YAAY,GAAG,IAAI,GAAG,EAA2B,CAAC;IAEnE,KAAK,CAAC,SAAS,CAAC,CAAkB;QAChC,IAAI,CAAC,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QACD,IAAI,CAAC,CAAC,WAAW,KAAK,EAAE,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,MAAM,EAAE,GAAoB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QACrC,oEAAoE;QACpE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,UAAkB;QACtC,MAAM,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAoB,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,QAAgB;QAClC,MAAM,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAoB,CAAC;IAC1D,CAAC;CACF"}