@sempdev/semp 0.5.1 → 0.5.5

package/dist/reputation/sign.d.ts

@@ -2,7 +2,7 @@
  * Sign / verify primitives for reputation wire records per
  * REPUTATION.md §4.2 + §3.5 + §5.
  *
- * Reputation records use a NO-PREFIX signing input — the canonical
+ * Reputation records use a NO-PREFIX signing input - the canonical
  * bytes with `signature.value` elided are signed directly under
  * Ed25519. Other SEMP records use SEMP-* domain-separation
  * prefixes (registered in ENVELOPE.md §4.3) but reputation ones do

package/dist/reputation/sign.js

@@ -2,7 +2,7 @@
  * Sign / verify primitives for reputation wire records per
  * REPUTATION.md §4.2 + §3.5 + §5.
  *
- * Reputation records use a NO-PREFIX signing input — the canonical
+ * Reputation records use a NO-PREFIX signing input - the canonical
  * bytes with `signature.value` elided are signed directly under
  * Ed25519. Other SEMP records use SEMP-* domain-separation
  * prefixes (registered in ENVELOPE.md §4.3) but reputation ones do
@@ -126,7 +126,7 @@ export function authAllowsEnclosure(auth) {
     return auth.scope === "enclosure_only" || auth.scope === "brief_and_enclosure";
 }
 // ---------------------------------------------------------------------------
-// AbuseReport — sent over an authenticated session, no own signature
+// AbuseReport - sent over an authenticated session, no own signature
 /** Structural validation of an {@link AbuseReport} per §3.2. Throws on first violation. */
 export function validateAbuseReport(r) {
     if (r.type !== "SEMP_ABUSE_REPORT") {

package/dist/reputation/types.d.ts

@@ -12,8 +12,16 @@ export declare const Version = "1.0.0";
 export declare const PublicationPath = "/.well-known/semp/reputation/";
 /** Assessment classification per §4.6. */
 export type Assessment = "trusted" | "neutral" | "suspicious" | "hostile";
-/** Abuse category per §3.4 + ERRORS.md §9. */
-export type AbuseCategory = "spam" | "harassment" | "phishing" | "malware" | "protocol_abuse" | "impersonation" | "other";
+/**
+ * Abuse category per §3.4 + ERRORS.md §9.
+ *
+ * `observation_record_abuse` covers misbehavior in the trust-
+ * gossip observation records themselves: oversized records,
+ * evidence-hash mismatches, hostile or non-conforming evidence_uri
+ * content, fabricated metrics, and systematic publication of
+ * unverifiable assessments.
+ */
+export type AbuseCategory = "spam" | "harassment" | "phishing" | "malware" | "protocol_abuse" | "impersonation" | "observation_record_abuse" | "other";
 /**
  * Report whether `c` is one of the categories defined in §3.4.
  * Unknown categories are permitted for forward compatibility.
@@ -44,6 +52,19 @@ export interface Metrics {
 }
 /** Cap applied by Bucketize: counts at/above this clamp here. */
 export declare const MaxMetricBucket: number;
+/**
+ * Binds the bytes returned by an observation's `evidence_uri` to
+ * the signed observation record per REPUTATION.md §4.2 / §5.5.1.
+ * Consumers MUST compute the digest of the fetched bytes under
+ * `algorithm` and MUST treat a mismatch as a verification failure
+ * equivalent to a signature failure.
+ */
+export interface EvidenceHash {
+    /** Digest algorithm identifier. "sha-256" is the only value currently defined. */
+    algorithm: string;
+    /** Base64-encoded digest of the evidence bytes. */
+    value: string;
+}
 /** Single signed observation record per §4.2. */
 export interface Observation {
     type: typeof ObservationType;
@@ -55,7 +76,17 @@ export interface Observation {
     metrics: Metrics;
     assessment: Assessment;
     evidence_available: boolean;
+    /**
+     * URL where evidence can be fetched. REQUIRED when
+     * `evidence_available` is true; MUST be absent when false.
+     */
     evidence_uri?: string;
+    /**
+     * Digest binding fetched evidence to the signed observation per
+     * §5.5.1. REQUIRED when `evidence_available` is true; MUST be
+     * absent when false.
+     */
+    evidence_hash?: EvidenceHash;
     /** ISO 8601 UTC. */
     timestamp: string;
     /** ISO 8601 UTC hard expiry. */
@@ -64,6 +95,19 @@ export interface Observation {
     /** Always emitted (even when empty) so canonical bytes are stable. */
     extensions: Record<string, unknown>;
 }
+/**
+ * §4.6.1 hard upper bound on the canonical UTF-8 JSON form of a
+ * single SEMP_TRUST_OBSERVATION record. Servers MUST reject larger
+ * records as malformed and MUST NOT propagate them.
+ */
+export declare const MaxObservationBytes = 16384;
+/**
+ * §5.5.2 RECOMMENDED upper bound on a single evidence-fetch
+ * response body. Operators MAY tighten further via local
+ * configuration; consumers MUST cap their fetch at a
+ * locally-configured limit.
+ */
+export declare const MaxEvidenceBytes: number;
 /** Publication envelope carrying a list of observations per §5.1. */
 export interface TrustObservations {
     type: typeof ObservationsEnvelopeType;

package/dist/reputation/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/reputation/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,+CAA+C;AAC/C,eAAO,MAAM,eAAe,2BAA2B,CAAC;AACxD,eAAO,MAAM,wBAAwB,4BAA4B,CAAC;AAClE,eAAO,MAAM,eAAe,sBAAsB,CAAC;AACnD,eAAO,MAAM,OAAO,UAAU,CAAC;AAE/B,0CAA0C;AAC1C,eAAO,MAAM,eAAe,kCAAkC,CAAC;AAE/D,0CAA0C;AAC1C,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,SAAS,GAAG,YAAY,GAAG,SAAS,CAAC;AAE1E,8CAA8C;AAC9C,MAAM,MAAM,aAAa,GACrB,MAAM,GACN,YAAY,GACZ,UAAU,GACV,SAAS,GACT,gBAAgB,GAChB,eAAe,GACf,OAAO,CAAC;AAEZ;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,IAAI,aAAa,CAalE;AAED,gCAAgC;AAChC,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;CACf;AAED,8CAA8C;AAC9C,MAAM,WAAW,MAAM;IACrB,oBAAoB;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,oBAAoB;IACpB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,uDAAuD;AACvD,MAAM,WAAW,OAAO;IACtB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,CAAC,EAAE,aAAa,EAAE,CAAC;IACnC,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,iEAAiE;AACjE,eAAO,MAAM,eAAe,QAAU,CAAC;AAEvC,iDAAiD;AACjD,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,OAAO,eAAe,CAAC;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,gCAAgC;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,mBAAmB,CAAC;IAC/B,sEAAsE;IACtE,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED,qEAAqE;AACrE,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,OAAO,wBAAwB,CAAC;IACtC,OAAO,EAAE,MAAM,CAAC;IAChB,uBAAuB;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,2EAA2E;IAC3E,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,WAAW,EAAE,CAAC;IAC5B,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,mBAAmB,CAAC;CAChC;AAED,uCAAuC;AACvC,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,6BAA6B;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,oBAAoB;IACpB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,iCAAiC;AACjC,MAAM,MAAM,eAAe,GACvB,YAAY,GACZ,gBAAgB,GAChB,qBAAqB,CAAC;AAE1B,sFAAsF;AACtF,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,oBAAoB;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,eAAe,CAAC;IACvB,SAAS,EAAE,mBAAmB,CAAC;CAChC;AAED,uDAAuD;AACvD,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC1C,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9C,wBAAwB,CAAC,EAAE,uBAAuB,CAAC;CACpD;AAED,6CAA6C;AAC7C,MAAM,MAAM,QAAQ,GAChB;IACE,IAAI,EAAE,mBAAmB,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gCAAgC;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,GACD;IACE,IAAI,EAAE,iBAAiB,CAAC;IACxB,SAAS,EAAE,sBAAsB,EAAE,CAAC;CACrC,CAAC;AAEN,0CAA0C;AAC1C,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,OAAO,eAAe,CAAC;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,aAAa,GAAG,MAAM,CAAC;IACjC,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/reputation/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,+CAA+C;AAC/C,eAAO,MAAM,eAAe,2BAA2B,CAAC;AACxD,eAAO,MAAM,wBAAwB,4BAA4B,CAAC;AAClE,eAAO,MAAM,eAAe,sBAAsB,CAAC;AACnD,eAAO,MAAM,OAAO,UAAU,CAAC;AAE/B,0CAA0C;AAC1C,eAAO,MAAM,eAAe,kCAAkC,CAAC;AAE/D,0CAA0C;AAC1C,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,SAAS,GAAG,YAAY,GAAG,SAAS,CAAC;AAE1E;;;;;;;;GAQG;AACH,MAAM,MAAM,aAAa,GACrB,MAAM,GACN,YAAY,GACZ,UAAU,GACV,SAAS,GACT,gBAAgB,GAChB,eAAe,GACf,0BAA0B,GAC1B,OAAO,CAAC;AAEZ;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,IAAI,aAAa,CAclE;AAED,gCAAgC;AAChC,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;CACf;AAED,8CAA8C;AAC9C,MAAM,WAAW,MAAM;IACrB,oBAAoB;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,oBAAoB;IACpB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,uDAAuD;AACvD,MAAM,WAAW,OAAO;IACtB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,CAAC,EAAE,aAAa,EAAE,CAAC;IACnC,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,iEAAiE;AACjE,eAAO,MAAM,eAAe,QAAU,CAAC;AAEvC;;;;;;GAMG;AACH,MAAM,WAAW,YAAY;IAC3B,kFAAkF;IAClF,SAAS,EAAE,MAAM,CAAC;IAClB,mDAAmD;IACnD,KAAK,EAAE,MAAM,CAAC;CACf;AAED,iDAAiD;AACjD,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,OAAO,eAAe,CAAC;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,kBAAkB,EAAE,OAAO,CAAC;IAC5B;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,aAAa,CAAC,EAAE,YAAY,CAAC;IAC7B,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,gCAAgC;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,mBAAmB,CAAC;IAC/B,sEAAsE;IACtE,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED;;;;GAIG;AACH,eAAO,MAAM,mBAAmB,QAAQ,CAAC;AAEzC;;;;;GAKG;AACH,eAAO,MAAM,gBAAgB,QAAc,CAAC;AAE5C,qEAAqE;AACrE,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,OAAO,wBAAwB,CAAC;IACtC,OAAO,EAAE,MAAM,CAAC;IAChB,uBAAuB;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,2EAA2E;IAC3E,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,WAAW,EAAE,CAAC;IAC5B,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,mBAAmB,CAAC;CAChC;AAED,uCAAuC;AACvC,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,6BAA6B;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,oBAAoB;IACpB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,iCAAiC;AACjC,MAAM,MAAM,eAAe,GACvB,YAAY,GACZ,gBAAgB,GAChB,qBAAqB,CAAC;AAE1B,sFAAsF;AACtF,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,oBAAoB;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,eAAe,CAAC;IACvB,SAAS,EAAE,mBAAmB,CAAC;CAChC;AAED,uDAAuD;AACvD,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC1C,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9C,wBAAwB,CAAC,EAAE,uBAAuB,CAAC;CACpD;AAED,6CAA6C;AAC7C,MAAM,MAAM,QAAQ,GAChB;IACE,IAAI,EAAE,mBAAmB,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gCAAgC;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,GACD;IACE,IAAI,EAAE,iBAAiB,CAAC;IACxB,SAAS,EAAE,sBAAsB,EAAE,CAAC;CACrC,CAAC;AAEN,0CAA0C;AAC1C,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,OAAO,eAAe,CAAC;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,aAAa,GAAG,MAAM,CAAC;IACjC,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC"}

package/dist/reputation/types.js

@@ -22,6 +22,7 @@ export function isKnownAbuseCategory(c) {
         case "malware":
         case "protocol_abuse":
         case "impersonation":
+        case "observation_record_abuse":
         case "other":
             return true;
         default:
@@ -30,4 +31,17 @@ export function isKnownAbuseCategory(c) {
 }
 /** Cap applied by Bucketize: counts at/above this clamp here. */
 export const MaxMetricBucket = 1 << 20;
+/**
+ * §4.6.1 hard upper bound on the canonical UTF-8 JSON form of a
+ * single SEMP_TRUST_OBSERVATION record. Servers MUST reject larger
+ * records as malformed and MUST NOT propagate them.
+ */
+export const MaxObservationBytes = 16384;
+/**
+ * §5.5.2 RECOMMENDED upper bound on a single evidence-fetch
+ * response body. Operators MAY tighten further via local
+ * configuration; consumers MUST cap their fetch at a
+ * locally-configured limit.
+ */
+export const MaxEvidenceBytes = 1024 * 1024;
 //# sourceMappingURL=types.js.map

package/dist/reputation/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/reputation/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,+CAA+C;AAC/C,MAAM,CAAC,MAAM,eAAe,GAAG,wBAAwB,CAAC;AACxD,MAAM,CAAC,MAAM,wBAAwB,GAAG,yBAAyB,CAAC;AAClE,MAAM,CAAC,MAAM,eAAe,GAAG,mBAAmB,CAAC;AACnD,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B,0CAA0C;AAC1C,MAAM,CAAC,MAAM,eAAe,GAAG,+BAA+B,CAAC;AAe/D;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,CAAS;IAC5C,QAAQ,CAAC,EAAE,CAAC;QACV,KAAK,MAAM,CAAC;QACZ,KAAK,YAAY,CAAC;QAClB,KAAK,UAAU,CAAC;QAChB,KAAK,SAAS,CAAC;QACf,KAAK,gBAAgB,CAAC;QACtB,KAAK,eAAe,CAAC;QACrB,KAAK,OAAO;YACV,OAAO,IAAI,CAAC;QACd;YACE,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC;AA4BD,iEAAiE;AACjE,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,IAAI,EAAE,CAAC"}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/reputation/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,+CAA+C;AAC/C,MAAM,CAAC,MAAM,eAAe,GAAG,wBAAwB,CAAC;AACxD,MAAM,CAAC,MAAM,wBAAwB,GAAG,yBAAyB,CAAC;AAClE,MAAM,CAAC,MAAM,eAAe,GAAG,mBAAmB,CAAC;AACnD,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B,0CAA0C;AAC1C,MAAM,CAAC,MAAM,eAAe,GAAG,+BAA+B,CAAC;AAwB/D;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,CAAS;IAC5C,QAAQ,CAAC,EAAE,CAAC;QACV,KAAK,MAAM,CAAC;QACZ,KAAK,YAAY,CAAC;QAClB,KAAK,UAAU,CAAC;QAChB,KAAK,SAAS,CAAC;QACf,KAAK,gBAAgB,CAAC;QACtB,KAAK,eAAe,CAAC;QACrB,KAAK,0BAA0B,CAAC;QAChC,KAAK,OAAO;YACV,OAAO,IAAI,CAAC;QACd;YACE,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC;AA4BD,iEAAiE;AACjE,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,IAAI,EAAE,CAAC;AA+CvC;;;;GAIG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,CAAC;AAEzC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,GAAG,IAAI,CAAC"}

package/dist/reputation/whois.d.ts

@@ -1,7 +1,7 @@
 /**
  * WHOIS hooks per REPUTATION.md §2.1.
  *
- * Operators supply their own WHOIS implementation — there is no de
+ * Operators supply their own WHOIS implementation - there is no de
  * facto WHOIS library that is both reliable and free of rate limits,
  * so this is intentionally pluggable.
  *

package/dist/reputation/whois.js

@@ -1,7 +1,7 @@
 /**
  * WHOIS hooks per REPUTATION.md §2.1.
  *
- * Operators supply their own WHOIS implementation — there is no de
+ * Operators supply their own WHOIS implementation - there is no de
  * facto WHOIS library that is both reliable and free of rate limits,
  * so this is intentionally pluggable.
  *

package/dist/seal/wrap.d.ts

@@ -40,7 +40,7 @@ export declare function unwrap(suite: Suite, recipientPrivateKey: Uint8Array, re
  * Wrap `symmetricKey` for the given recipient under the negotiated
  * suite. Production code path: uses the platform CSPRNG to generate
  * a fresh ephemeral every call, which is what the §4.4.1 wrap
- * construction requires — wrap-key uniqueness is what makes the
+ * construction requires - wrap-key uniqueness is what makes the
  * zero-nonce AEAD safe.
  *
  * For deterministic byte-level reproducibility (vectors, audits),
@@ -63,7 +63,7 @@ export interface WrapRandomness {
 }
 /**
  * Deterministic wrap for vector reproduction and audits. Production
- * code MUST use {@link wrap} (which sources fresh entropy) — a
+ * code MUST use {@link wrap} (which sources fresh entropy) - a
  * deterministic wrap that leaks `ephemeralX25519Priv` reduces to
  * "the adversary has the wrap key". Exposed here only because
  * cross-language vectors pin these inputs.

package/dist/seal/wrap.js

@@ -61,7 +61,7 @@ export function unwrap(suite, recipientPrivateKey, recipientPublicKey, wrappedB6
     const prk = kdf.extract(salt, sharedSecret);
     const wrapKey = kdf.expand(prk, new TextEncoder().encode(WrapInfo), 32);
     // AEAD: zero nonce, recipientPublicKey as AAD. The seal AEAD is
-    // ChaCha20-Poly1305 (12-byte nonce) regardless of suite — only
+    // ChaCha20-Poly1305 (12-byte nonce) regardless of suite - only
     // the KEM is post-quantum on the PQ side. The `suite`-derived
     // `aead` here is unused but kept for signature parity.
     void aead;
@@ -72,7 +72,7 @@ export function unwrap(suite, recipientPrivateKey, recipientPublicKey, wrappedB6
  * Wrap `symmetricKey` for the given recipient under the negotiated
  * suite. Production code path: uses the platform CSPRNG to generate
  * a fresh ephemeral every call, which is what the §4.4.1 wrap
- * construction requires — wrap-key uniqueness is what makes the
+ * construction requires - wrap-key uniqueness is what makes the
  * zero-nonce AEAD safe.
  *
  * For deterministic byte-level reproducibility (vectors, audits),
@@ -99,7 +99,7 @@ export function wrap(suite, recipientPublicKey, symmetricKey) {
 }
 /**
  * Deterministic wrap for vector reproduction and audits. Production
- * code MUST use {@link wrap} (which sources fresh entropy) — a
+ * code MUST use {@link wrap} (which sources fresh entropy) - a
  * deterministic wrap that leaks `ephemeralX25519Priv` reduces to
  * "the adversary has the wrap key". Exposed here only because
  * cross-language vectors pin these inputs.
@@ -114,7 +114,7 @@ export function wrapWithRandomness(suite, recipientPublicKey, symmetricKey, rand
     const prk = kdf.extract(salt, sharedSecret);
     const wrapKey = kdf.expand(prk, new TextEncoder().encode(WrapInfo), 32);
     // AEAD: zero nonce, recipientPublicKey as AAD. Always
-    // ChaCha20-Poly1305 (12-byte nonce) regardless of suite — only
+    // ChaCha20-Poly1305 (12-byte nonce) regardless of suite - only
     // the KEM is post-quantum on the PQ side.
     const nonce = new Uint8Array(12);
     const aeadCT = aeadSeal("chacha20-poly1305", wrapKey, nonce, symmetricKey, recipientPublicKey);

package/dist/session/dispatcher.d.ts

@@ -4,7 +4,7 @@
  * Reads frames off a Session's transport in a loop, parses the
  * outermost `type` field, and routes each frame to the matching
  * caller-supplied handler. Designed for the long-running phase
- * after a successful handshake — when the wire carries a mix of
+ * after a successful handshake - when the wire carries a mix of
  * envelopes, sealed rekey messages, key-fetch requests, etc.
  *
  * The dispatcher does NOT verify envelope signatures or open
@@ -21,7 +21,7 @@ export interface DispatchHandlers {
      * transport and invokes this with the JSON object (already
      * parsed). Production callers route through {@link "./rekey".rekeyServer}
      * by feeding the bytes back through their own transport-level
-     * input — see the dispatcher example in the README.
+     * input - see the dispatcher example in the README.
      */
     onRekey?: (frame: Uint8Array, parsed: unknown) => Promise<void> | void;
     /** A wire envelope (`type: SEMP_ENVELOPE`). */
@@ -44,7 +44,7 @@ export interface DispatchHandlers {
     onUnknown?: (type: string, frame: Uint8Array) => Promise<void> | void;
     /**
      * Invoked on a non-fatal error inside a handler. The dispatcher
-     * loop continues — the caller MUST decide whether to close the
+     * loop continues - the caller MUST decide whether to close the
      * session. If this is not supplied, handler errors are swallowed.
      */
     onHandlerError?: (err: Error, type: string) => void;

package/dist/session/dispatcher.js

@@ -4,7 +4,7 @@
  * Reads frames off a Session's transport in a loop, parses the
  * outermost `type` field, and routes each frame to the matching
  * caller-supplied handler. Designed for the long-running phase
- * after a successful handshake — when the wire carries a mix of
+ * after a successful handshake - when the wire carries a mix of
  * envelopes, sealed rekey messages, key-fetch requests, etc.
  *
  * The dispatcher does NOT verify envelope signatures or open

package/dist/session/rekey_seal.d.ts

@@ -3,8 +3,8 @@
  *
  * Rekey messages are AEAD-encrypted under the CURRENT session's
  * directional keys. Receiving a valid sealed rekey is itself the
- * authentication — only a holder of the live session keys can
- * forge one — so the rekey messages carry no separate identity
+ * authentication - only a holder of the live session keys can
+ * forge one - so the rekey messages carry no separate identity
  * signature.
  *
  * Wire shape:
@@ -26,7 +26,7 @@
  *
  * where LP(x) prepends a 4-byte big-endian length to x. Mixing the
  * MAC key into the AAD ensures that compromising the encryption
- * key alone is insufficient — an attacker would also need the MAC
+ * key alone is insufficient - an attacker would also need the MAC
  * key, which satisfies the spec's "MACed under the MAC key"
  * requirement.
  *

package/dist/session/rekey_seal.js

@@ -3,8 +3,8 @@
  *
  * Rekey messages are AEAD-encrypted under the CURRENT session's
  * directional keys. Receiving a valid sealed rekey is itself the
- * authentication — only a holder of the live session keys can
- * forge one — so the rekey messages carry no separate identity
+ * authentication - only a holder of the live session keys can
+ * forge one - so the rekey messages carry no separate identity
  * signature.
  *
  * Wire shape:
@@ -26,7 +26,7 @@
  *
  * where LP(x) prepends a 4-byte big-endian length to x. Mixing the
  * MAC key into the AAD ensures that compromising the encryption
- * key alone is insufficient — an attacker would also need the MAC
+ * key alone is insufficient - an attacker would also need the MAC
  * key, which satisfies the spec's "MACed under the MAC key"
  * requirement.
  *

package/dist/session/session.d.ts

@@ -92,7 +92,7 @@ export declare class Session {
     isExpired(now?: Date): boolean;
     /**
      * Live session keys. Throws if the session has been closed or
-     * erased — once erase() runs, the bytes are zeroized and any
+     * erased - once erase() runs, the bytes are zeroized and any
      * caller still holding a Session reference cannot accidentally
      * encrypt under invalidated material.
      */
@@ -114,7 +114,7 @@ export declare class Session {
     receive(): Promise<Uint8Array | null>;
     /**
      * Close the session and the underlying transport. Idempotent.
-     * Does NOT zeroize keys — callers that want zeroization use
+     * Does NOT zeroize keys - callers that want zeroization use
      * {@link erase}.
      */
     close(): Promise<void>;
@@ -122,7 +122,7 @@ export declare class Session {
      * Atomically install new session keys + a new session_id from a
      * successful rekey. Zeroizes the prior keys before swapping. The
      * session retains its TTL boundary (TTL counts from the original
-     * establishedAt) — rekey rolls forward the keys, not the lifetime.
+     * establishedAt) - rekey rolls forward the keys, not the lifetime.
      */
     applyRekey(apply: RekeyApply): void;
     /**

package/dist/session/session.js

@@ -75,7 +75,7 @@ export class Session {
     }
     /**
      * Live session keys. Throws if the session has been closed or
-     * erased — once erase() runs, the bytes are zeroized and any
+     * erased - once erase() runs, the bytes are zeroized and any
      * caller still holding a Session reference cannot accidentally
      * encrypt under invalidated material.
      */
@@ -117,7 +117,7 @@ export class Session {
     }
     /**
      * Close the session and the underlying transport. Idempotent.
-     * Does NOT zeroize keys — callers that want zeroization use
+     * Does NOT zeroize keys - callers that want zeroization use
      * {@link erase}.
      */
     async close() {
@@ -136,7 +136,7 @@ export class Session {
      * Atomically install new session keys + a new session_id from a
      * successful rekey. Zeroizes the prior keys before swapping. The
      * session retains its TTL boundary (TTL counts from the original
-     * establishedAt) — rekey rolls forward the keys, not the lifetime.
+     * establishedAt) - rekey rolls forward the keys, not the lifetime.
      */
     applyRekey(apply) {
         if (this._keys === null) {

package/dist/transparency/log.d.ts

@@ -34,7 +34,7 @@ export declare class Log {
     /**
      * Validate `entry`, hash its leaf, and append. Returns the
      * assigned 0-based leaf index. Does NOT verify any signature on
-     * the entry — admission policy is the caller's concern.
+     * the entry - admission policy is the caller's concern.
      */
     append(entry: LogEntry): number;
     /** Current tree size. */

package/dist/transparency/log.js

@@ -35,7 +35,7 @@ export class Log {
     /**
      * Validate `entry`, hash its leaf, and append. Returns the
      * assigned 0-based leaf index. Does NOT verify any signature on
-     * the entry — admission policy is the caller's concern.
+     * the entry - admission policy is the caller's concern.
      */
     append(entry) {
         validateLogEntry(entry);
@@ -125,7 +125,7 @@ export class Log {
     }
 }
 function isoSecond(d) {
-    // Strip milliseconds — STH timestamps are second-precision per
+    // Strip milliseconds - STH timestamps are second-precision per
     // CONFORMANCE.md §9.3.
     const iso = d.toISOString();
     return iso.replace(/\.\d{3}Z$/, "Z");

package/dist/transparency/types.d.ts

@@ -18,7 +18,7 @@ export declare const LeafPrefix = 0;
 /** RFC 6962 interior-node domain-separation byte. */
 export declare const InteriorPrefix = 1;
 /**
- * STH staleness ceiling per §2.3 — verifiers reject STHs whose
+ * STH staleness ceiling per §2.3 - verifiers reject STHs whose
  * timestamp is more than this old.
  */
 export declare const MaxSTHFreshnessMs: number;
@@ -47,7 +47,7 @@ export interface LogEntry {
     revoked_at?: string | null;
     /** Populated only on `revoke`. */
     revoked_reason?: string | null;
-    /** Populated only on `rotate` — names the key being rotated out. */
+    /** Populated only on `rotate` - names the key being rotated out. */
     supersedes?: string | null;
     /** ISO 8601 UTC; the log's timestamp for this insertion. */
     log_timestamp: string;

package/dist/transparency/types.js

@@ -18,7 +18,7 @@ export const LeafPrefix = 0x00;
 /** RFC 6962 interior-node domain-separation byte. */
 export const InteriorPrefix = 0x01;
 /**
- * STH staleness ceiling per §2.3 — verifiers reject STHs whose
+ * STH staleness ceiling per §2.3 - verifiers reject STHs whose
  * timestamp is more than this old.
  */
 export const MaxSTHFreshnessMs = 60 * 60 * 1000;

package/dist/transport/h2.d.ts

@@ -1,18 +1,18 @@
 /**
  * HTTP/2 transport binding per TRANSPORT.md §4.2.
  *
- * Unlike WebSocket — which gives us a single bidirectional pipe —
+ * Unlike WebSocket, which gives us a single bidirectional pipe,
  * the SEMP HTTP/2 binding is a collection of HTTP endpoints with
  * path-based routing:
  *
- *  - `POST /v1/discovery`     — discovery lookup
- *  - `POST /v1/keys`          — key request
- *  - `POST /v1/handshake`     — handshake step
- *  - `POST /v1/envelope`      — envelope submit
- *  - `POST /v1/session/{id}`  — long-lived bidirectional session
- *                                stream (server pushes via SSE,
- *                                client posts additional messages
- *                                to the same URL)
+ *  - `GET  /v1/discovery/{address}` - discovery lookup (preferred)
+ *  - `POST /v1/discovery/{address}` - same lookup with a signed body
+ *  - `GET  /v1/keys/{address}`      - key request (preferred)
+ *  - `POST /v1/keys/{address}`      - same lookup with a signed body
+ *  - `POST /v1/handshake`           - handshake step
+ *  - `POST /v1/envelope`            - envelope submit
+ *  - `GET  /v1/session/{id}`        - long-lived server-push stream
+ *                                     (Server-Sent Events)
  *
  * This module exposes:
  *
@@ -31,6 +31,27 @@
 import type { DialOptions, Transport } from "./transport.js";
 /** Header name the server sets on its response to handshake init. */
 export declare const SempSessionIdHeader = "Semp-Session-Id";
+/** Path constants for the HTTP/2 binding per TRANSPORT.md §4.2.1. */
+export declare const PathDiscovery = "/v1/discovery";
+export declare const PathKeys = "/v1/keys";
+export declare const PathHandshake = "/v1/handshake";
+export declare const PathEnvelope = "/v1/envelope";
+export declare const PathSession = "/v1/session/";
+/**
+ * Build the GET-lookup URL path for a discovery lookup per
+ * TRANSPORT.md §4.2.1: `/v1/discovery/{address}`.
+ */
+export declare function discoveryPath(address: string): string;
+/**
+ * Build the GET-lookup URL path for a key request per
+ * TRANSPORT.md §4.2.1: `/v1/keys/{address}`.
+ */
+export declare function keysPath(address: string): string;
+/**
+ * Build the GET-stream URL path for a session id per
+ * TRANSPORT.md §4.2.4: `/v1/session/{id}`.
+ */
+export declare function sessionPath(sessionId: string): string;
 /**
  * Minimal subset of the WHATWG fetch surface this module depends on.
  * Both Node 22+ and browsers ship `fetch` matching this shape. Tests
@@ -104,7 +125,7 @@ export interface DialH2SessionOptions extends DialOptions {
     /** Override the fetch implementation. Defaults to `globalThis.fetch`. */
     fetchImpl?: H2FetchLike;
     /**
-     * URL of the session endpoint, including the session id segment —
+     * URL of the session endpoint, including the session id segment -
      * for example `https://semp.example.com/v1/session/01J...`. The
      * caller composes this from the configuration's
      * `endpoints.client.h2` base + the session id.
@@ -134,13 +155,13 @@ export declare function dialH2Session(opts: DialH2SessionOptions): Promise<Trans
  * The encoder normalizes CR / CRLF line terminators to LF before
  * emitting each `data:` line. SEMP payloads are JSON documents whose
  * control bytes are escaped (`\r`, `\n`), so the wire form never
- * actually carries a literal CR or LF — but be defensive.
+ * actually carries a literal CR or LF - but be defensive.
  */
 export declare function encodeSSE(message: string): string;
 /**
  * Decode SSE events from a string buffer. Each call returns the next
  * complete event's `data` payload (or `null` if no complete event is
- * buffered yet). Stateful — the buffer accumulates partial input.
+ * buffered yet). Stateful - the buffer accumulates partial input.
  */
 export declare class SSEDecoder {
     private buffer;

package/dist/transport/h2.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"h2.d.ts","sourceRoot":"","sources":["../../src/transport/h2.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE7D,qEAAqE;AACrE,eAAO,MAAM,mBAAmB,oBAAoB,CAAC;AAErD;;;;GAIG;AACH,MAAM,MAAM,WAAW,GAAG,CACxB,GAAG,EAAE,MAAM,EACX,IAAI,EAAE;IACJ,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,IAAI,CAAC,EAAE,UAAU,GAAG,MAAM,CAAC;IAC3B,MAAM,CAAC,EAAE,WAAW,CAAC;CACtB,KACE,OAAO,CAAC,UAAU,CAAC,CAAC;AAEzB,qDAAqD;AACrD,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QAAE,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;KAAE,CAAC;IAC9C,gFAAgF;IAChF,WAAW,IAAI,OAAO,CAAC,WAAW,CAAC,CAAC;IACpC;;;;;OAKG;IACH,IAAI,CAAC,EACD,aAAa,CAAC,UAAU,CAAC,GACzB;QAAE,SAAS,IAAI;YAAE,IAAI,IAAI,OAAO,CAAC;gBAAE,IAAI,EAAE,OAAO,CAAC;gBAAC,KAAK,CAAC,EAAE,UAAU,CAAA;aAAE,CAAC,CAAA;SAAE,CAAA;KAAE,GAC3E,IAAI,CAAC;CACV;AAKD,gCAAgC;AAChC,MAAM,WAAW,aAAc,SAAQ,WAAW;IAChD,yEAAyE;IACzE,SAAS,CAAC,EAAE,WAAW,CAAC;IACxB;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sCAAsC;IACtC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED,6CAA6C;AAC7C,MAAM,WAAW,YAAY;IAC3B,6BAA6B;IAC7B,IAAI,EAAE,UAAU,CAAC;IACjB,yDAAyD;IACzD,MAAM,EAAE,MAAM,CAAC;IACf,iDAAiD;IACjD,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED;;;;;;;;;GASG;AACH,wBAAsB,MAAM,CAC1B,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,UAAU,EACnB,IAAI,GAAE,aAAkB,GACvB,OAAO,CAAC,YAAY,CAAC,CAsCvB;AAoBD,uCAAuC;AACvC,MAAM,WAAW,oBAAqB,SAAQ,WAAW;IACvD,yEAAyE;IACzE,SAAS,CAAC,EAAE,WAAW,CAAC;IACxB;;;;;OAKG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB;;;;OAIG;IACH,WAAW,CAAC,EAAE,UAAU,CAAC;CAC1B;AAED;;;;;;;GAOG;AACH,wBAAsB,aAAa,CACjC,IAAI,EAAE,oBAAoB,GACzB,OAAO,CAAC,SAAS,CAAC,CAmFpB;AAKD;;;;;;;;;GASG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAQjD;AA0BD;;;;GAIG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,SAAS,CAAgB;IAEjC,uCAAuC;IACvC,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAIzB;;;OAGG;IACH,IAAI,IAAI,MAAM,GAAG,IAAI;IA6CrB;;;OAGG;IACH,KAAK,IAAI,MAAM,GAAG,IAAI;CAQvB;AAED,2EAA2E;AAC3E,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAgBhD"}
+{"version":3,"file":"h2.d.ts","sourceRoot":"","sources":["../../src/transport/h2.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE7D,qEAAqE;AACrE,eAAO,MAAM,mBAAmB,oBAAoB,CAAC;AAErD,qEAAqE;AACrE,eAAO,MAAM,aAAa,kBAAkB,CAAC;AAC7C,eAAO,MAAM,QAAQ,aAAa,CAAC;AACnC,eAAO,MAAM,aAAa,kBAAkB,CAAC;AAC7C,eAAO,MAAM,YAAY,iBAAiB,CAAC;AAC3C,eAAO,MAAM,WAAW,iBAAiB,CAAC;AAE1C;;;GAGG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAErD;AAED;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEhD;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAErD;AAED;;;;GAIG;AACH,MAAM,MAAM,WAAW,GAAG,CACxB,GAAG,EAAE,MAAM,EACX,IAAI,EAAE;IACJ,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,IAAI,CAAC,EAAE,UAAU,GAAG,MAAM,CAAC;IAC3B,MAAM,CAAC,EAAE,WAAW,CAAC;CACtB,KACE,OAAO,CAAC,UAAU,CAAC,CAAC;AAEzB,qDAAqD;AACrD,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QAAE,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;KAAE,CAAC;IAC9C,gFAAgF;IAChF,WAAW,IAAI,OAAO,CAAC,WAAW,CAAC,CAAC;IACpC;;;;;OAKG;IACH,IAAI,CAAC,EACD,aAAa,CAAC,UAAU,CAAC,GACzB;QAAE,SAAS,IAAI;YAAE,IAAI,IAAI,OAAO,CAAC;gBAAE,IAAI,EAAE,OAAO,CAAC;gBAAC,KAAK,CAAC,EAAE,UAAU,CAAA;aAAE,CAAC,CAAA;SAAE,CAAA;KAAE,GAC3E,IAAI,CAAC;CACV;AAKD,gCAAgC;AAChC,MAAM,WAAW,aAAc,SAAQ,WAAW;IAChD,yEAAyE;IACzE,SAAS,CAAC,EAAE,WAAW,CAAC;IACxB;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sCAAsC;IACtC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED,6CAA6C;AAC7C,MAAM,WAAW,YAAY;IAC3B,6BAA6B;IAC7B,IAAI,EAAE,UAAU,CAAC;IACjB,yDAAyD;IACzD,MAAM,EAAE,MAAM,CAAC;IACf,iDAAiD;IACjD,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED;;;;;;;;;GASG;AACH,wBAAsB,MAAM,CAC1B,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,UAAU,EACnB,IAAI,GAAE,aAAkB,GACvB,OAAO,CAAC,YAAY,CAAC,CAsCvB;AAoBD,uCAAuC;AACvC,MAAM,WAAW,oBAAqB,SAAQ,WAAW;IACvD,yEAAyE;IACzE,SAAS,CAAC,EAAE,WAAW,CAAC;IACxB;;;;;OAKG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB;;;;OAIG;IACH,WAAW,CAAC,EAAE,UAAU,CAAC;CAC1B;AAED;;;;;;;GAOG;AACH,wBAAsB,aAAa,CACjC,IAAI,EAAE,oBAAoB,GACzB,OAAO,CAAC,SAAS,CAAC,CAmFpB;AAKD;;;;;;;;;GASG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAQjD;AA0BD;;;;GAIG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,SAAS,CAAgB;IAEjC,uCAAuC;IACvC,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAIzB;;;OAGG;IACH,IAAI,IAAI,MAAM,GAAG,IAAI;IA6CrB;;;OAGG;IACH,KAAK,IAAI,MAAM,GAAG,IAAI;CAQvB;AAED,2EAA2E;AAC3E,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAgBhD"}

package/dist/transport/h2.js

@@ -1,18 +1,18 @@
 /**
  * HTTP/2 transport binding per TRANSPORT.md §4.2.
  *
- * Unlike WebSocket — which gives us a single bidirectional pipe —
+ * Unlike WebSocket, which gives us a single bidirectional pipe,
  * the SEMP HTTP/2 binding is a collection of HTTP endpoints with
  * path-based routing:
  *
- *  - `POST /v1/discovery`     — discovery lookup
- *  - `POST /v1/keys`          — key request
- *  - `POST /v1/handshake`     — handshake step
- *  - `POST /v1/envelope`      — envelope submit
- *  - `POST /v1/session/{id}`  — long-lived bidirectional session
- *                                stream (server pushes via SSE,
- *                                client posts additional messages
- *                                to the same URL)
+ *  - `GET  /v1/discovery/{address}` - discovery lookup (preferred)
+ *  - `POST /v1/discovery/{address}` - same lookup with a signed body
+ *  - `GET  /v1/keys/{address}`      - key request (preferred)
+ *  - `POST /v1/keys/{address}`      - same lookup with a signed body
+ *  - `POST /v1/handshake`           - handshake step
+ *  - `POST /v1/envelope`            - envelope submit
+ *  - `GET  /v1/session/{id}`        - long-lived server-push stream
+ *                                     (Server-Sent Events)
  *
  * This module exposes:
  *
@@ -30,6 +30,33 @@
  */
 /** Header name the server sets on its response to handshake init. */
 export const SempSessionIdHeader = "Semp-Session-Id";
+/** Path constants for the HTTP/2 binding per TRANSPORT.md §4.2.1. */
+export const PathDiscovery = "/v1/discovery";
+export const PathKeys = "/v1/keys";
+export const PathHandshake = "/v1/handshake";
+export const PathEnvelope = "/v1/envelope";
+export const PathSession = "/v1/session/";
+/**
+ * Build the GET-lookup URL path for a discovery lookup per
+ * TRANSPORT.md §4.2.1: `/v1/discovery/{address}`.
+ */
+export function discoveryPath(address) {
+    return `${PathDiscovery}/${address}`;
+}
+/**
+ * Build the GET-lookup URL path for a key request per
+ * TRANSPORT.md §4.2.1: `/v1/keys/{address}`.
+ */
+export function keysPath(address) {
+    return `${PathKeys}/${address}`;
+}
+/**
+ * Build the GET-stream URL path for a session id per
+ * TRANSPORT.md §4.2.4: `/v1/session/{id}`.
+ */
+export function sessionPath(sessionId) {
+    return `${PathSession}${sessionId}`;
+}
 /**
  * POST a SEMP message to one of the request/response endpoints
  * (`/v1/handshake`, `/v1/keys`, `/v1/envelope`, `/v1/discovery`).
@@ -186,7 +213,7 @@ export async function dialH2Session(opts) {
  * The encoder normalizes CR / CRLF line terminators to LF before
  * emitting each `data:` line. SEMP payloads are JSON documents whose
  * control bytes are escaped (`\r`, `\n`), so the wire form never
- * actually carries a literal CR or LF — but be defensive.
+ * actually carries a literal CR or LF - but be defensive.
  */
 export function encodeSSE(message) {
     const lines = splitSSELines(message);
@@ -222,7 +249,7 @@ function splitSSELines(s) {
 /**
  * Decode SSE events from a string buffer. Each call returns the next
  * complete event's `data` payload (or `null` if no complete event is
- * buffered yet). Stateful — the buffer accumulates partial input.
+ * buffered yet). Stateful - the buffer accumulates partial input.
  */
 export class SSEDecoder {
     buffer = "";
@@ -252,10 +279,10 @@ export class SSEDecoder {
                     this.dataLines = [];
                     return event;
                 }
-                // Empty leading lines (keepalives) — skip.
+                // Empty leading lines (keepalives) - skip.
                 continue;
             }
-            // Comment lines start with ":" — ignore.
+            // Comment lines start with ":" - ignore.
             if (line.startsWith(":")) {
                 continue;
             }