@stelis/say-ur-intent 0.0.0 → 0.0.2

package/dist/adapters/flowx/flowxSwapTransactionMaterialProducer.js

@@ -0,0 +1,362 @@
+import { Trade } from "@flowx-finance/sdk";
+import { bcs } from "@mysten/sui/bcs";
+import { Transaction } from "@mysten/sui/transactions";
+import { fromBase64, normalizeSuiObjectId } from "@mysten/sui/utils";
+import { FLOWX_CLMM_MAINNET } from "../../core/read/flowxRegistry.js";
+import { LocalTransactionMaterialStoreError } from "../../core/session/transactionMaterialStore.js";
+import { suiTransactionDigestSchema } from "../../core/suiAddress.js";
+import { failReviewCheck, passReviewCheck } from "../../core/review/reviewComputationResult.js";
+const FLOWX_SWAP_GAS_BUDGET_MIST = 50000000n;
+const SUI_COIN_TYPE = "0x0000000000000000000000000000000000000000000000000000000000000002::sui::SUI";
+const SUI_CLOCK_OBJECT_ID = "0x0000000000000000000000000000000000000000000000000000000000000006";
+const MOVE_STDLIB_PACKAGE_ID = "0x0000000000000000000000000000000000000000000000000000000000000001";
+const SUI_FRAMEWORK_PACKAGE_ID = "0x0000000000000000000000000000000000000000000000000000000000000002";
+export function createFlowxSwapTransactionMaterialProducer(options) {
+    const buildBytes = options.buildSwapTransactionBytes ?? sdkTradeBytesBuilder(options.client);
+    return async (input) => {
+        if (options.network !== "mainnet" || options.chainIdentifier !== options.expectedChainIdentifier) {
+            return {
+                status: "blocked",
+                blockedReason: "network_mismatch",
+                checks: [
+                    failReviewCheck("flowx_transaction_material_network_mismatch", "Transaction material network", "FlowX transaction material build requires a verified Sui mainnet gRPC endpoint and matching mainnet chain identifier.", "network")
+                ]
+            };
+        }
+        if (input.quoteEvidence.swapXToY !== input.quotePolicy.swapXToY) {
+            return {
+                status: "blocked",
+                blockedReason: "amount_mismatch",
+                checks: [
+                    failReviewCheck("flowx_transaction_material_direction_mismatch", "Transaction material quote policy", "FlowX transaction material build requires route quote evidence and quote policy to describe the same swap direction.", "adapter")
+                ]
+            };
+        }
+        const quoteExpiresAt = new Date(Date.parse(input.quotePolicy.fetchedAt) + input.quotePolicy.staleAfterMs);
+        if (quoteExpiresAt.getTime() <= input.now.getTime()) {
+            return {
+                status: "refresh_required",
+                refreshReason: "quote_stale",
+                checks: [
+                    failReviewCheck("flowx_transaction_material_quote_expired", "Transaction material quote policy", "FlowX transaction material was not built because the quote policy expired before build.", "quote")
+                ]
+            };
+        }
+        try {
+            const sourceAmountRaw = BigInt(input.quotePolicy.sourceAmountRaw);
+            const source = input.pairEvidence.source;
+            const requirements = source.coinType === SUI_COIN_TYPE
+                ? [{ symbol: source.symbol, coinType: SUI_COIN_TYPE, decimals: source.decimals, requiredRaw: sourceAmountRaw + FLOWX_SWAP_GAS_BUDGET_MIST }]
+                : [
+                    { symbol: source.symbol, coinType: source.coinType, decimals: source.decimals, requiredRaw: sourceAmountRaw },
+                    { symbol: "SUI", coinType: SUI_COIN_TYPE, decimals: 9, requiredRaw: FLOWX_SWAP_GAS_BUDGET_MIST }
+                ];
+            for (const requirement of requirements) {
+                const balance = await options.client.core.getBalance({
+                    owner: input.account,
+                    coinType: requirement.coinType
+                });
+                const heldRaw = BigInt(balance.balance.balance);
+                if (heldRaw < requirement.requiredRaw) {
+                    const isGasOnly = requirement.coinType === SUI_COIN_TYPE && source.coinType !== SUI_COIN_TYPE;
+                    return {
+                        status: "blocked",
+                        blockedReason: "insufficient_balance",
+                        checks: [
+                            failReviewCheck("flowx_transaction_material_build_failed", "Transaction material build", `Insufficient balance: this swap needs ${displayRaw(requirement.requiredRaw, requirement.decimals)} ${requirement.symbol}${isGasOnly ? " for gas" : requirement.coinType === SUI_COIN_TYPE ? " (amount + gas)" : ""}, but the account holds ${displayRaw(heldRaw, requirement.decimals)} ${requirement.symbol}. Nothing was signed and no funds moved.`, "adapter")
+                        ]
+                    };
+                }
+            }
+            const transactionBytes = await buildBytes({
+                account: input.account,
+                quotePolicy: input.quotePolicy,
+                sdkRoutes: input.quoteEvidence.sdkRoutes
+            });
+            const verification = await verifyFlowxSwapMaterialBytes({
+                transactionBytes,
+                quotePolicy: input.quotePolicy
+            });
+            if (verification.status === "failed") {
+                return {
+                    status: "blocked",
+                    blockedReason: verification.blockedReason,
+                    checks: [
+                        failReviewCheck("flowx_transaction_material_bytes_verification_failed", "Transaction material verification", verification.message, "adapter")
+                    ]
+                };
+            }
+            options.materialStore.deleteReviewSessionTransactionMaterials(input.reviewSessionId);
+            const handle = options.materialStore.recordTransactionMaterial({
+                reviewSessionId: input.reviewSessionId,
+                planId: input.plan.id,
+                account: input.account,
+                kind: "flowx_swap_transaction_data",
+                source: "say_ur_intent_built",
+                transactionBytes,
+                expiresAt: quoteExpiresAt,
+                redactedDiagnostics: {
+                    protocol: input.plan.protocol,
+                    adapterId: input.plan.adapterId,
+                    actionKind: input.plan.actionKind,
+                    poolKeys: input.quoteEvidence.pools.map((pool) => pool.poolKey),
+                    swapXToY: input.quotePolicy.swapXToY,
+                    quoteFetchedAt: input.quotePolicy.fetchedAt,
+                    quoteExpiresAt: quoteExpiresAt.toISOString(),
+                    sourceAmountRaw: input.quotePolicy.sourceAmountRaw,
+                    expectedOutRaw: input.quotePolicy.expectedOutRaw,
+                    minOutRaw: input.quotePolicy.minOutRaw,
+                    routerSlippageUnits: input.quotePolicy.routerSlippageUnits,
+                    deadlineMsEpoch: input.quotePolicy.deadlineMsEpoch
+                }
+            }, input.now);
+            return {
+                status: "completed",
+                evidence: handle,
+                checks: [
+                    passReviewCheck("flowx_transaction_material_built", "Transaction material build", "Built account-bound FlowX swap transaction material locally from the quoted route and verified inside the bytes that every Move call targets pinned FlowX packages, every shared object is a pinned FlowX config object, and the router arguments carry the policy expected-output, slippage, and deadline. The unsigned bytes stay only in the local material store until quote expiry.", "adapter")
+                ]
+            };
+        }
+        catch (error) {
+            const blockedReason = blockedReasonForBuildError(error);
+            return {
+                status: "blocked",
+                blockedReason,
+                checks: [
+                    failReviewCheck("flowx_transaction_material_build_failed", "Transaction material build", buildFailureMessage(blockedReason), "adapter")
+                ]
+            };
+        }
+    };
+}
+export function createFlowxSwapTransactionMaterialDigestProducer(options) {
+    return async (input) => {
+        const material = options.materialStore.getTransactionMaterial(input.materialHandle, input.now);
+        if (!material) {
+            return {
+                status: "refresh_required",
+                refreshReason: "quote_stale",
+                checks: [
+                    failReviewCheck("flowx_transaction_material_digest_unavailable", "Transaction material digest", "FlowX transaction material digest was not computed because the stored local material was unavailable or expired; refresh the review evidence before continuing.", "adapter")
+                ]
+            };
+        }
+        let transactionDigest;
+        try {
+            transactionDigest = await Transaction.from(material.transactionBytes).getDigest();
+        }
+        catch {
+            return {
+                status: "blocked",
+                blockedReason: "object_resolution_failed",
+                checks: [
+                    failReviewCheck("flowx_transaction_material_digest_failed", "Transaction material digest", "FlowX transaction material digest could not be derived from the stored local transaction bytes.", "adapter")
+                ]
+            };
+        }
+        const parsedDigest = suiTransactionDigestSchema.safeParse(transactionDigest);
+        if (!parsedDigest.success) {
+            return {
+                status: "blocked",
+                blockedReason: "object_resolution_failed",
+                checks: [
+                    failReviewCheck("flowx_transaction_material_digest_invalid", "Transaction material digest", "FlowX transaction material digest did not match the pinned Sui SDK transaction digest format.", "adapter")
+                ]
+            };
+        }
+        return {
+            status: "completed",
+            evidence: {
+                materialId: material.materialId,
+                reviewSessionId: material.reviewSessionId,
+                planId: material.planId,
+                account: material.account,
+                kind: material.kind,
+                source: material.source,
+                digestKind: "sui_transaction_digest",
+                transactionDigest: parsedDigest.data,
+                computedAt: input.now.toISOString(),
+                expiresAt: material.expiresAt
+            },
+            checks: [
+                passReviewCheck("flowx_transaction_material_digest_commitment", "Transaction material digest", "Derived a Sui transaction digest from the stored local unsigned transaction material. The digest and bytes remain internal until later review stages bind object ownership, human-readable review, and simulation evidence.", "adapter")
+            ]
+        };
+    };
+}
+function sdkTradeBytesBuilder(client) {
+    return async ({ account, quotePolicy, sdkRoutes }) => {
+        const trade = new Trade({
+            network: "mainnet",
+            sender: account,
+            recipient: account,
+            amountIn: quotePolicy.sourceAmountRaw,
+            amountOut: quotePolicy.expectedOutRaw,
+            slippage: quotePolicy.routerSlippageUnits,
+            deadline: quotePolicy.deadlineMsEpoch,
+            // The route entities come from the same quoter response that produced
+            // the validated quote evidence; the byte verification below re-checks
+            // every pinned target and policy number inside the built bytes.
+            routes: sdkRoutes
+        });
+        const transaction = await trade.buildTransaction({ client });
+        transaction.setSenderIfNotSet(account);
+        transaction.setGasBudget(FLOWX_SWAP_GAS_BUDGET_MIST);
+        return transaction.build({ client });
+    };
+}
+/**
+ * Re-derive the safety-relevant facts from the built transaction bytes and
+ * compare them with the pinned registry and the derived quote policy. The
+ * bytes are the only authority: a mismatch blocks the review.
+ */
+export async function verifyFlowxSwapMaterialBytes(input) {
+    let data;
+    try {
+        data = Transaction.from(input.transactionBytes).getData();
+    }
+    catch {
+        return {
+            status: "failed",
+            blockedReason: "object_resolution_failed",
+            message: "FlowX transaction material bytes could not be parsed as a Sui transaction."
+        };
+    }
+    const allowedPackages = new Set([
+        MOVE_STDLIB_PACKAGE_ID,
+        SUI_FRAMEWORK_PACKAGE_ID,
+        FLOWX_CLMM_MAINNET.universalRouter.packageId,
+        FLOWX_CLMM_MAINNET.universalRouter.wrappedRouterPackageId
+    ].map((id) => normalizeSuiObjectId(id)));
+    const allowedSharedObjects = new Set([
+        SUI_CLOCK_OBJECT_ID,
+        FLOWX_CLMM_MAINNET.universalRouter.treasuryObjectId,
+        FLOWX_CLMM_MAINNET.universalRouter.tradeIdTrackerObjectId,
+        FLOWX_CLMM_MAINNET.universalRouter.partnerRegistryObjectId,
+        FLOWX_CLMM_MAINNET.universalRouter.versionedObjectId,
+        FLOWX_CLMM_MAINNET.poolRegistry.objectId,
+        FLOWX_CLMM_MAINNET.versioned.objectId
+    ].map((id) => normalizeSuiObjectId(id)));
+    let routerBuildCall;
+    for (const command of data.commands) {
+        if (command.$kind !== "MoveCall" || !command.MoveCall) {
+            continue;
+        }
+        const moveCall = command.MoveCall;
+        const packageId = normalizeSuiObjectId(moveCall.package);
+        if (!allowedPackages.has(packageId)) {
+            return {
+                status: "failed",
+                blockedReason: "object_resolution_failed",
+                message: `FlowX transaction material calls a package outside the pinned FlowX set: ${moveCall.package}::${moveCall.module}::${moveCall.function}.`
+            };
+        }
+        if (packageId === normalizeSuiObjectId(FLOWX_CLMM_MAINNET.universalRouter.packageId) &&
+            moveCall.module === "universal_router" &&
+            moveCall.function === "build") {
+            if (routerBuildCall !== undefined) {
+                return {
+                    status: "failed",
+                    blockedReason: "object_resolution_failed",
+                    message: "FlowX transaction material contains more than one universal_router::build call."
+                };
+            }
+            routerBuildCall = { arguments: moveCall.arguments };
+        }
+    }
+    if (!routerBuildCall) {
+        return {
+            status: "failed",
+            blockedReason: "object_resolution_failed",
+            message: "FlowX transaction material does not contain the universal_router::build call."
+        };
+    }
+    for (const inputEntry of data.inputs) {
+        if (inputEntry.$kind !== "Object" || !inputEntry.Object) {
+            continue;
+        }
+        const objectInput = inputEntry.Object;
+        if (objectInput.$kind === "SharedObject" && objectInput.SharedObject) {
+            const objectId = normalizeSuiObjectId(objectInput.SharedObject.objectId);
+            if (!allowedSharedObjects.has(objectId)) {
+                return {
+                    status: "failed",
+                    blockedReason: "object_resolution_failed",
+                    message: `FlowX transaction material references a shared object outside the pinned FlowX set: ${objectId}.`
+                };
+            }
+        }
+    }
+    const expectations = [
+        { label: "expected output", argumentIndex: 4, expected: BigInt(input.quotePolicy.expectedOutRaw) },
+        { label: "slippage", argumentIndex: 5, expected: BigInt(input.quotePolicy.routerSlippageUnits) },
+        { label: "deadline", argumentIndex: 6, expected: BigInt(input.quotePolicy.deadlineMsEpoch) }
+    ];
+    for (const expectation of expectations) {
+        const actual = pureU64ArgumentValue(data, routerBuildCall.arguments, expectation.argumentIndex);
+        if (actual === undefined) {
+            return {
+                status: "failed",
+                blockedReason: "amount_mismatch",
+                message: `FlowX transaction material router ${expectation.label} argument is not a pure u64 input.`
+            };
+        }
+        if (actual !== expectation.expected) {
+            return {
+                status: "failed",
+                blockedReason: "amount_mismatch",
+                message: `FlowX transaction material router ${expectation.label} is ${actual}, but the derived quote policy requires ${expectation.expected}.`
+            };
+        }
+    }
+    return { status: "ok" };
+}
+function pureU64ArgumentValue(data, callArguments, argumentIndex) {
+    const argument = callArguments[argumentIndex];
+    if (typeof argument !== "object" || argument === null) {
+        return undefined;
+    }
+    const argumentRecord = argument;
+    if (argumentRecord.$kind !== "Input" || typeof argumentRecord.Input !== "number") {
+        return undefined;
+    }
+    const inputEntry = data.inputs[argumentRecord.Input];
+    if (!inputEntry || inputEntry.$kind !== "Pure" || !inputEntry.Pure) {
+        return undefined;
+    }
+    try {
+        return BigInt(bcs.U64.parse(fromBase64(inputEntry.Pure.bytes)));
+    }
+    catch {
+        return undefined;
+    }
+}
+function displayRaw(raw, decimals) {
+    const base = 10n ** BigInt(decimals);
+    const whole = raw / base;
+    const fraction = (raw % base).toString().padStart(decimals, "0").replace(/0+$/, "");
+    return fraction ? `${whole}.${fraction}` : whole.toString();
+}
+function blockedReasonForBuildError(error) {
+    if (error instanceof LocalTransactionMaterialStoreError) {
+        return "object_resolution_failed";
+    }
+    const message = error instanceof Error ? error.message : String(error);
+    if (/insufficient ?coin ?balance|insufficient balance/i.test(message)) {
+        return "insufficient_balance";
+    }
+    if (/gas/i.test(message) && /insufficient|no valid|payment|budget/i.test(message)) {
+        return "insufficient_gas";
+    }
+    return "object_resolution_failed";
+}
+function buildFailureMessage(blockedReason) {
+    if (blockedReason === "insufficient_balance") {
+        return "FlowX transaction material build failed before wallet handoff because the account does not have enough source or fee assets.";
+    }
+    if (blockedReason === "insufficient_gas") {
+        return "FlowX transaction material build failed before wallet handoff because a usable gas payment could not be resolved.";
+    }
+    return "FlowX transaction material build failed before wallet handoff because required account-bound objects could not be resolved.";
+}

package/dist/adapters/intentPlanFactories.js

@@ -0,0 +1,59 @@
+import { z } from "zod";
+import { createDeepbookSwapActionPlan, DEEPBOOK_SWAP_ACTION_KIND, DEEPBOOK_SWAP_ADAPTER_ID, DEEPBOOK_SWAP_PROTOCOL } from "./deepbook/deepbookSwapIntent.js";
+import { createFlowxSwapActionPlan, FLOWX_SWAP_ACTION_KIND, FLOWX_SWAP_ADAPTER_ID, FLOWX_SWAP_PROTOCOL } from "./flowx/flowxSwapIntent.js";
+/**
+ * Protocol-neutral swap intent. The optional `protocol` field carries the
+ * protocol slug (same slug vocabulary as the adapter prompt surfaces). When
+ * several protocols support the same action kind, the caller must name one -
+ * the entry point never picks a venue silently.
+ */
+export const swapIntentInputSchema = z.object({
+    type: z.literal("swap"),
+    from: z.object({
+        symbol: z.string().min(1),
+        amount: z.string().min(1)
+    }),
+    to: z.object({
+        symbol: z.string().min(1)
+    }),
+    maxSlippageBps: z.number().int().min(1).max(1000),
+    protocol: z
+        .string()
+        .min(1)
+        .optional()
+        .describe("Protocol slug, required only when several protocols support the action")
+});
+export const INTENT_PLAN_FACTORIES = [
+    {
+        adapterId: DEEPBOOK_SWAP_ADAPTER_ID,
+        actionKind: DEEPBOOK_SWAP_ACTION_KIND,
+        protocolSlug: "deep",
+        protocol: DEEPBOOK_SWAP_PROTOCOL,
+        createPlan: (intent, now) => createDeepbookSwapActionPlan({ ...intent, type: "swap" }, now)
+    },
+    {
+        adapterId: FLOWX_SWAP_ADAPTER_ID,
+        actionKind: FLOWX_SWAP_ACTION_KIND,
+        protocolSlug: "flowx",
+        protocol: FLOWX_SWAP_PROTOCOL,
+        createPlan: (intent, now) => createFlowxSwapActionPlan({ ...intent, type: "swap" }, now)
+    }
+];
+export function resolveIntentPlanFactory(factories, actionKind, protocolSlug) {
+    const group = factories.filter((factory) => factory.actionKind === actionKind);
+    if (group.length === 0) {
+        return { status: "unsupported_action", actionKind };
+    }
+    const available = group.map((factory) => factory.protocolSlug);
+    if (protocolSlug !== undefined) {
+        const factory = group.find((candidate) => candidate.protocolSlug === protocolSlug.trim());
+        if (!factory) {
+            return { status: "unknown_protocol", protocolSlug, available };
+        }
+        return { status: "resolved", factory };
+    }
+    if (group.length === 1 && group[0]) {
+        return { status: "resolved", factory: group[0] };
+    }
+    return { status: "protocol_choice_required", available };
+}

package/dist/adapters/reviewAdapters.js

@@ -0,0 +1,81 @@
+import { computeDeepbookSwapReviewEvidence } from "./deepbook/deepbookReviewEvidence.js";
+import { DEEPBOOK_SWAP_ACTION_KIND, DEEPBOOK_SWAP_ADAPTER_ID, DEEPBOOK_SWAP_PROTOCOL, isDeepbookSwapActionPlanIdentity } from "./deepbook/deepbookSwapIntent.js";
+import { DEEPBOOK_SWAP_REVIEW_LIFECYCLE_STAGE_CATALOG_ID } from "./deepbook/deepbookReviewLifecycle.js";
+import { computeFlowxSwapReviewEvidence } from "./flowx/flowxSwapReviewEvidence.js";
+import { FLOWX_SWAP_ACTION_KIND, FLOWX_SWAP_ADAPTER_ID, FLOWX_SWAP_PROTOCOL, isFlowxSwapActionPlanIdentity } from "./flowx/flowxSwapIntent.js";
+import { FLOWX_SWAP_REVIEW_LIFECYCLE_STAGE_CATALOG_ID } from "./flowx/flowxSwapReviewLifecycle.js";
+import { unsupportedDeepbookSwapPlanIdentityCheck, unsupportedFlowxSwapPlanIdentityCheck } from "../core/review/reviewChecks.js";
+import { blockedReviewResult } from "../core/review/reviewComputationResult.js";
+export function buildSupportedReviewAdapterDescriptors(wiring) {
+    const descriptors = [
+        {
+            adapterId: DEEPBOOK_SWAP_ADAPTER_ID,
+            protocol: DEEPBOOK_SWAP_PROTOCOL,
+            actionKind: DEEPBOOK_SWAP_ACTION_KIND,
+            stageCatalogId: DEEPBOOK_SWAP_REVIEW_LIFECYCLE_STAGE_CATALOG_ID,
+            computeReview: deepbookSwapEvidenceComputer(wiring.deepbook)
+        }
+    ];
+    if (wiring.flowx) {
+        descriptors.push({
+            adapterId: FLOWX_SWAP_ADAPTER_ID,
+            protocol: FLOWX_SWAP_PROTOCOL,
+            actionKind: FLOWX_SWAP_ACTION_KIND,
+            stageCatalogId: FLOWX_SWAP_REVIEW_LIFECYCLE_STAGE_CATALOG_ID,
+            computeReview: flowxSwapEvidenceComputer(wiring.flowx)
+        });
+    }
+    return descriptors;
+}
+function deepbookSwapEvidenceComputer(wiring) {
+    return async (input) => {
+        if (!isDeepbookSwapActionPlanIdentity(input.plan)) {
+            return {
+                result: blockedReviewResult("unsupported_action", [unsupportedDeepbookSwapPlanIdentityCheck()])
+            };
+        }
+        return computeDeepbookSwapReviewEvidence({
+            reviewSessionId: input.reviewSessionId,
+            plan: input.plan,
+            account: input.account,
+            now: input.now,
+            quoteSource: wiring.deepbookQuoteSource,
+            deepBalanceSource: wiring.deepbookDeepBalanceSource,
+            transactionMaterialProducer: wiring.deepbookTransactionMaterialProducer,
+            transactionMaterialDigestProducer: wiring.deepbookTransactionMaterialDigestProducer,
+            transactionObjectOwnershipProducer: wiring.transactionObjectOwnershipProducer,
+            humanReadableReviewProducer: wiring.deepbookHumanReadableReviewProducer,
+            reviewTimeSimulationProducer: wiring.reviewTimeSimulationProducer,
+            ptbVisualizationProducer: wiring.ptbVisualizationProducer
+        });
+    };
+}
+function flowxSwapEvidenceComputer(wiring) {
+    return async (input) => {
+        if (!isFlowxSwapActionPlanIdentity(input.plan)) {
+            return {
+                result: blockedReviewResult("unsupported_action", [unsupportedFlowxSwapPlanIdentityCheck()])
+            };
+        }
+        return computeFlowxSwapReviewEvidence({
+            reviewSessionId: input.reviewSessionId,
+            plan: input.plan,
+            account: input.account,
+            now: input.now,
+            quoteSource: wiring.flowxQuoteSource,
+            transactionMaterialProducer: wiring.flowxTransactionMaterialProducer,
+            transactionMaterialDigestProducer: wiring.flowxTransactionMaterialDigestProducer,
+            transactionObjectOwnershipProducer: wiring.transactionObjectOwnershipProducer,
+            humanReadableReviewProducer: wiring.flowxHumanReadableReviewProducer,
+            reviewTimeSimulationProducer: wiring.reviewTimeSimulationProducer,
+            ptbVisualizationProducer: wiring.ptbVisualizationProducer
+        });
+    };
+}
+export function buildSupportedReviewAdapters(wiring) {
+    const adapters = {};
+    for (const descriptor of buildSupportedReviewAdapterDescriptors(wiring)) {
+        adapters[descriptor.adapterId] = descriptor.computeReview;
+    }
+    return adapters;
+}

package/dist/core/action/adapterLifecycleValidation.js

@@ -0,0 +1,12 @@
+export function createAdapterLifecycleValidator(validatorsByStageCatalogId) {
+    return (lifecycle) => {
+        const validator = validatorsByStageCatalogId[lifecycle.stageCatalogId];
+        if (!validator) {
+            throw new Error(`Unsupported adapter lifecycle stage catalog: ${lifecycle.stageCatalogId}`);
+        }
+        validator(lifecycle);
+    };
+}
+export const rejectAdapterLifecycle = (lifecycle) => {
+    throw new Error(`Adapter lifecycle is not accepted here: ${lifecycle.stageCatalogId}`);
+};

package/dist/core/action/forbiddenFields.js

@@ -0,0 +1,43 @@
+const FORBIDDEN_EDGE_TERMS = [
+    "bytes",
+    "signature",
+    "sessiontoken",
+    "reviewtoken",
+    "wallettoken",
+    "fragmenttoken",
+    "tokenhash",
+    "privatekey",
+    "secretkey",
+    "seed",
+    "mnemonic"
+];
+const FORBIDDEN_PREFIX_OR_SUFFIX_TERMS = ["serialized", "signable"];
+function isForbiddenFieldKey(key) {
+    const normalized = key.toLowerCase();
+    return (FORBIDDEN_EDGE_TERMS.some((term) => normalized === term || normalized.endsWith(term)) ||
+        FORBIDDEN_PREFIX_OR_SUFFIX_TERMS.some((term) => normalized === term || normalized.startsWith(term) || normalized.endsWith(term)));
+}
+export function findForbiddenMcpFields(value, path = "$") {
+    if (value === null || typeof value !== "object") {
+        return [];
+    }
+    if (Array.isArray(value)) {
+        return value.flatMap((item, index) => findForbiddenMcpFields(item, `${path}[${index}]`));
+    }
+    return Object.entries(value).flatMap(([key, nested]) => {
+        const normalized = key.toLowerCase();
+        const currentPath = `${path}.${key}`;
+        // Deliberately conservative: MCP tool output and stored evidence should not
+        // carry raw byte, signing, token, signature, seed, or key material under
+        // direct prefix/suffix key names. Generic domain keys such as tokenSymbol
+        // and bytesPerSecond remain valid.
+        const current = isForbiddenFieldKey(normalized) ? [currentPath] : [];
+        return current.concat(findForbiddenMcpFields(nested, currentPath));
+    });
+}
+export function assertNoForbiddenMcpFields(value) {
+    const forbidden = findForbiddenMcpFields(value);
+    if (forbidden.length > 0) {
+        throw new Error(`MCP payload contains forbidden field(s): ${forbidden.join(", ")}`);
+    }
+}