@stevenvo780/st-lang 4.8.0 → 4.9.0

package/dist/proof-systems/certificate/verify.js

@@ -0,0 +1,171 @@
+"use strict";
+// ============================================================
+// ST Proof Certificate — Check-only verifier
+// ============================================================
+//
+// El verificador NO hace búsqueda de prueba. Asume que el
+// certificado declara cada paso con su regla y premisas, y se
+// limita a:
+//   1. validar integridad (hash + estructura);
+//   2. validar acíclicidad de `depends`;
+//   3. resolver premisas y delegar al `CertRuleChecker` de la regla;
+//   4. comprobar que el goal aparece como conclusión.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.canonicalize = void 0;
+exports.verifyCertificate = verifyCertificate;
+const canonical_1 = require("./canonical");
+Object.defineProperty(exports, "canonicalize", { enumerable: true, get: function () { return canonical_1.canonicalize; } });
+const rules_1 = require("./rules");
+function detectCycle(steps) {
+    const byId = new Map();
+    for (const s of steps)
+        byId.set(s.id, s);
+    const WHITE = 0;
+    const GRAY = 1;
+    const BLACK = 2;
+    const color = new Map();
+    for (const s of steps)
+        color.set(s.id, WHITE);
+    let cyclePath = null;
+    function dfs(id, path) {
+        color.set(id, GRAY);
+        const step = byId.get(id);
+        if (!step)
+            return false;
+        for (const dep of step.depends) {
+            const cdep = color.get(dep);
+            if (cdep === undefined)
+                continue; // missing deps reportadas aparte
+            if (cdep === GRAY) {
+                const cycleStart = path.indexOf(dep);
+                cyclePath = cycleStart >= 0 ? path.slice(cycleStart).concat(dep) : [...path, id, dep];
+                return true;
+            }
+            if (cdep === WHITE) {
+                if (dfs(dep, [...path, id]))
+                    return true;
+            }
+        }
+        color.set(id, BLACK);
+        return false;
+    }
+    for (const s of steps) {
+        if (color.get(s.id) === WHITE) {
+            if (dfs(s.id, []))
+                return cyclePath;
+        }
+    }
+    return null;
+}
+/**
+ * Verifica un certificado en modo check-only.
+ *
+ * Las reglas custom (parámetro `rules`) se prueban PRIMERO; si no
+ * está la regla, se busca en `STANDARD_RULES`. Esto permite a
+ * profiles externos extender el conjunto sin tocar el core.
+ */
+async function verifyCertificate(cert, rules = rules_1.STANDARD_RULES) {
+    const errors = [];
+    const totalSteps = cert.steps.length;
+    let stepsVerified = 0;
+    // 1. Versión.
+    if (cert.version !== '1.0') {
+        errors.push(`unsupported certificate version: ${String(cert.version)}`);
+    }
+    // 2. Hash.
+    try {
+        const expected = await (0, canonical_1.hashCertificate)({
+            version: cert.version,
+            goal: cert.goal,
+            profile: cert.profile,
+            axioms: cert.axioms,
+            steps: cert.steps,
+        });
+        if (expected !== cert.hash) {
+            errors.push(`hash mismatch: expected ${expected}, got ${cert.hash}`);
+        }
+    }
+    catch (err) {
+        errors.push(`hash computation failed: ${err instanceof Error ? err.message : String(err)}`);
+    }
+    // 3. Ids únicos.
+    const seenIds = new Set();
+    for (const step of cert.steps) {
+        if (seenIds.has(step.id)) {
+            errors.push(`duplicate step id: ${step.id}`);
+        }
+        seenIds.add(step.id);
+    }
+    // 4. Referencias existentes.
+    const byId = new Map();
+    for (const s of cert.steps)
+        byId.set(s.id, s);
+    for (const step of cert.steps) {
+        for (const dep of step.depends) {
+            if (!byId.has(dep)) {
+                errors.push(`step "${step.id}" depends on missing step "${dep}"`);
+            }
+        }
+    }
+    // 5. Acíclicidad.
+    const cycle = detectCycle(cert.steps);
+    if (cycle) {
+        errors.push(`cycle detected in depends: ${cycle.join(' -> ')}`);
+    }
+    // 6. Orden topológico (deps deben aparecer antes que dependientes).
+    const indexOf = new Map();
+    cert.steps.forEach((s, i) => indexOf.set(s.id, i));
+    for (const step of cert.steps) {
+        const myIdx = indexOf.get(step.id) ?? -1;
+        for (const dep of step.depends) {
+            const depIdx = indexOf.get(dep);
+            if (depIdx !== undefined && depIdx >= myIdx) {
+                errors.push(`step "${step.id}" references "${dep}" out of topological order`);
+            }
+        }
+    }
+    // 7. Goal aparece como conclusión.
+    const normalizedGoal = (0, canonical_1.normalizeFormula)(cert.goal);
+    const goalFound = cert.steps.some((s) => (0, canonical_1.normalizeFormula)(s.conclusion) === normalizedGoal);
+    if (!goalFound && cert.steps.length > 0) {
+        errors.push(`goal "${cert.goal}" not produced by any step`);
+    }
+    // 8. Chequeo regla a regla.
+    if (!cycle) {
+        for (const step of cert.steps) {
+            const checker = rules.get(step.rule) ?? rules_1.STANDARD_RULES.get(step.rule);
+            if (!checker) {
+                errors.push(`step "${step.id}": unknown rule "${step.rule}"`);
+                continue;
+            }
+            // Resolver premisas: las conclusiones de los pasos referenciados
+            // en depends, en el orden declarado. Si alguna referencia falta,
+            // ya fue reportada en chequeo #4; aquí evitamos crashear.
+            const premises = step.depends.map((d) => {
+                const ref = byId.get(d);
+                return ref ? ref.conclusion : '';
+            });
+            let ok;
+            try {
+                ok = checker(step.args, step.conclusion, premises);
+            }
+            catch (err) {
+                errors.push(`step "${step.id}": checker for "${step.rule}" threw ${err instanceof Error ? err.message : String(err)}`);
+                continue;
+            }
+            if (!ok) {
+                errors.push(`step "${step.id}": rule "${step.rule}" does not justify conclusion "${step.conclusion}"`);
+            }
+            else {
+                stepsVerified++;
+            }
+        }
+    }
+    return {
+        valid: errors.length === 0,
+        errors,
+        stepsVerified,
+        totalSteps,
+    };
+}
+//# sourceMappingURL=verify.js.map

package/dist/proof-systems/certificate/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../../src/proof-systems/certificate/verify.ts"],"names":[],"mappings":";AAAA,+DAA+D;AAC/D,6CAA6C;AAC7C,+DAA+D;AAC/D,EAAE;AACF,0DAA0D;AAC1D,8DAA8D;AAC9D,YAAY;AACZ,+CAA+C;AAC/C,yCAAyC;AACzC,qEAAqE;AACrE,sDAAsD;;;AAoDtD,8CAqHC;AAvKD,2CAA8E;AAiLrE,6FAjLA,wBAAY,OAiLA;AAhLrB,mCAAyC;AAGzC,SAAS,WAAW,CAAC,KAAiB;IACpC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAoB,CAAC;IACzC,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACzC,MAAM,KAAK,GAAG,CAAC,CAAC;IAChB,MAAM,IAAI,GAAG,CAAC,CAAC;IACf,MAAM,KAAK,GAAG,CAAC,CAAC;IAChB,MAAM,KAAK,GAAG,IAAI,GAAG,EAAkB,CAAC;IACxC,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IAE9C,IAAI,SAAS,GAAoB,IAAI,CAAC;IAEtC,SAAS,GAAG,CAAC,EAAU,EAAE,IAAc;QACrC,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC1B,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QACxB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAC5B,IAAI,IAAI,KAAK,SAAS;gBAAE,SAAS,CAAC,iCAAiC;YACnE,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAClB,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBACrC,SAAS,GAAG,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;gBACtF,OAAO,IAAI,CAAC;YACd,CAAC;YACD,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;gBACnB,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,EAAE,EAAE,CAAC,CAAC;oBAAE,OAAO,IAAI,CAAC;YAC3C,CAAC;QACH,CAAC;QACD,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,KAAK,EAAE,CAAC;YAC9B,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC;gBAAE,OAAO,SAAS,CAAC;QACtC,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,iBAAiB,CACrC,IAAsB,EACtB,QAAsC,sBAAc;IAEpD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACrC,IAAI,aAAa,GAAG,CAAC,CAAC;IAEtB,cAAc;IACd,IAAI,IAAI,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC3B,MAAM,CAAC,IAAI,CAAC,oCAAoC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC;IAED,WAAW;IACX,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,IAAA,2BAAe,EAAC;YACrC,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QACH,IAAI,QAAQ,KAAK,IAAI,CAAC,IAAI,EAAE,CAAC;YAC3B,MAAM,CAAC,IAAI,CAAC,2BAA2B,QAAQ,SAAS,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CAAC,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC9F,CAAC;IAED,iBAAiB;IACjB,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QAC9B,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC,sBAAsB,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/C,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvB,CAAC;IAED,6BAA6B;IAC7B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAoB,CAAC;IACzC,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,KAAK;QAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAC9C,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnB,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,EAAE,8BAA8B,GAAG,GAAG,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtC,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,CAAC,IAAI,CAAC,8BAA8B,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAClE,CAAC;IAED,oEAAoE;IACpE,MAAM,OAAO,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACnD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;QACzC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAChC,IAAI,MAAM,KAAK,SAAS,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBAC5C,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,EAAE,iBAAiB,GAAG,4BAA4B,CAAC,CAAC;YAChF,CAAC;QACH,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,MAAM,cAAc,GAAG,IAAA,4BAAgB,EAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,4BAAgB,EAAC,CAAC,CAAC,UAAU,CAAC,KAAK,cAAc,CAAC,CAAC;IAC5F,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,4BAA4B,CAAC,CAAC;IAC9D,CAAC;IAED,4BAA4B;IAC5B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,sBAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACtE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,EAAE,oBAAoB,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC;gBAC9D,SAAS;YACX,CAAC;YACD,iEAAiE;YACjE,iEAAiE;YACjE,0DAA0D;YAC1D,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACtC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACxB,OAAO,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YACnC,CAAC,CAAC,CAAC;YACH,IAAI,EAAW,CAAC;YAChB,IAAI,CAAC;gBACH,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YACrD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,IAAI,CACT,SAAS,IAAI,CAAC,EAAE,mBAAmB,IAAI,CAAC,IAAI,WAC1C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CACjD,EAAE,CACH,CAAC;gBACF,SAAS;YACX,CAAC;YACD,IAAI,CAAC,EAAE,EAAE,CAAC;gBACR,MAAM,CAAC,IAAI,CACT,SAAS,IAAI,CAAC,EAAE,YAAY,IAAI,CAAC,IAAI,kCAAkC,IAAI,CAAC,UAAU,GAAG,CAC1F,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,aAAa,EAAE,CAAC;YAClB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,MAAM;QACN,aAAa;QACb,UAAU;KACX,CAAC;AACJ,CAAC"}

package/dist/reasoning/ban-logic/analyze.d.ts

@@ -0,0 +1,31 @@
+import type { BANFormula, Protocol, ProtocolAnalysis } from './types';
+export interface SaturateOptions {
+    /** Máximo de iteraciones del punto fijo. Default: 200. */
+    maxIterations?: number;
+    /** Máximo de fórmulas nuevas a derivar. Default: 1024. */
+    maxDerivations?: number;
+}
+/**
+ * Aplica las reglas BAN al estado hasta punto fijo. Devuelve el estado
+ * saturado y la lista de derivaciones nuevas (no incluye las iniciales).
+ */
+export declare function saturate(initial: ReadonlyArray<BANFormula>, opts?: SaturateOptions): {
+    state: BANFormula[];
+    trace: BANFormula[];
+};
+/**
+ * Idealización mínima: cada step `from → to: msg` produce la
+ * fórmula `to ◁ msg`. Asumimos que el receptor literalmente ve el
+ * mensaje que se le envía.
+ *
+ * (BAN tradicional pide idealización manual para descartar texto
+ * inseguro como nombres en claro; aquí preservamos todos los
+ * subtérminos, que es la lectura conservadora.)
+ */
+export declare function idealize(p: Protocol): BANFormula[];
+/**
+ * Analiza un protocolo: parte de las assumptions + idealización,
+ * satura, y verifica goals.
+ */
+export declare function analyzeProtocol(p: Protocol, opts?: SaturateOptions): ProtocolAnalysis;
+//# sourceMappingURL=analyze.d.ts.map

package/dist/reasoning/ban-logic/analyze.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"analyze.d.ts","sourceRoot":"","sources":["../../../src/reasoning/ban-logic/analyze.ts"],"names":[],"mappings":"AA0BA,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAEtE,MAAM,WAAW,eAAe;IAC9B,0DAA0D;IAC1D,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,0DAA0D;IAC1D,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAwBD;;;GAGG;AACH,wBAAgB,QAAQ,CACtB,OAAO,EAAE,aAAa,CAAC,UAAU,CAAC,EAClC,IAAI,CAAC,EAAE,eAAe,GACrB;IAAE,KAAK,EAAE,UAAU,EAAE,CAAC;IAAC,KAAK,EAAE,UAAU,EAAE,CAAA;CAAE,CA4C9C;AAED;;;;;;;;GAQG;AACH,wBAAgB,QAAQ,CAAC,CAAC,EAAE,QAAQ,GAAG,UAAU,EAAE,CAElD;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,EAAE,eAAe,GAAG,gBAAgB,CAYrF"}

package/dist/reasoning/ban-logic/analyze.js

@@ -0,0 +1,113 @@
+"use strict";
+// ============================================================
+// BAN Logic — Saturación de estado + análisis de protocolos
+// ============================================================
+//
+// `saturate(state)` aplica las reglas R1-R10 en forward-chaining
+// hasta punto fijo (o cota de iteraciones). Devuelve la lista de
+// fórmulas inferidas en orden de derivación (trace).
+//
+// `analyzeProtocol(p)` toma un Protocol con assumptions, steps y goals;
+// idealiza los mensajes (cada step produce `P ◁ msg` para el receptor),
+// satura, y reporta cuáles goals quedaron satisfechos.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.saturate = saturate;
+exports.idealize = idealize;
+exports.analyzeProtocol = analyzeProtocol;
+const rules_1 = require("./rules");
+const terms_1 = require("./terms");
+const STATE_RULES = [
+    { name: 'message-meaning-shared', apply: rules_1.applyMessageMeaningShared },
+    { name: 'message-meaning-public', apply: rules_1.applyMessageMeaningPublic },
+    { name: 'message-meaning-secret', apply: rules_1.applyMessageMeaningSecret },
+    { name: 'nonce-verification', apply: rules_1.applyNonceVerification },
+    { name: 'jurisdiction', apply: rules_1.applyJurisdiction },
+    { name: 'seeing-encrypted', apply: rules_1.applySeeingEncrypted },
+    { name: 'sees-compound', apply: rules_1.applySeesCompound },
+    { name: 'freshness-propagation', apply: rules_1.applyFreshnessPropagation },
+];
+const FOCUS_ONLY_RULES = [
+    { name: 'belief-conj-left', apply: rules_1.applyBeliefConjunction },
+    { name: 'belief-conj-right', apply: rules_1.applyBeliefConjunctionRight },
+    { name: 'said-conj', apply: rules_1.applySaidConjunction },
+];
+/**
+ * Aplica las reglas BAN al estado hasta punto fijo. Devuelve el estado
+ * saturado y la lista de derivaciones nuevas (no incluye las iniciales).
+ */
+function saturate(initial, opts) {
+    const maxIter = opts?.maxIterations ?? 200;
+    const maxDeriv = opts?.maxDerivations ?? 1024;
+    const state = [];
+    const trace = [];
+    const tryAdd = (f) => {
+        if (state.some((g) => (0, terms_1.formulaEquals)(g, f)))
+            return false;
+        state.push(f);
+        return true;
+    };
+    for (const f of initial)
+        tryAdd(f);
+    let iter = 0;
+    let changed = true;
+    while (changed && iter < maxIter && trace.length < maxDeriv) {
+        changed = false;
+        iter++;
+        // Snapshot del estado para iterar de forma estable.
+        const snapshot = state.slice();
+        for (const focus of snapshot) {
+            // Reglas state+focus.
+            for (const rule of STATE_RULES) {
+                const out = rule.apply(snapshot, focus);
+                if (out && tryAdd(out)) {
+                    trace.push(out);
+                    changed = true;
+                    if (trace.length >= maxDeriv)
+                        return { state, trace };
+                }
+            }
+            // Reglas focus-only.
+            for (const rule of FOCUS_ONLY_RULES) {
+                const out = rule.apply(focus);
+                if (out && tryAdd(out)) {
+                    trace.push(out);
+                    changed = true;
+                    if (trace.length >= maxDeriv)
+                        return { state, trace };
+                }
+            }
+        }
+    }
+    return { state, trace };
+}
+/**
+ * Idealización mínima: cada step `from → to: msg` produce la
+ * fórmula `to ◁ msg`. Asumimos que el receptor literalmente ve el
+ * mensaje que se le envía.
+ *
+ * (BAN tradicional pide idealización manual para descartar texto
+ * inseguro como nombres en claro; aquí preservamos todos los
+ * subtérminos, que es la lectura conservadora.)
+ */
+function idealize(p) {
+    return p.steps.map((s) => (0, terms_1.sees)((0, terms_1.principal)(s.to), s.message));
+}
+/**
+ * Analiza un protocolo: parte de las assumptions + idealización,
+ * satura, y verifica goals.
+ */
+function analyzeProtocol(p, opts) {
+    const idealized = idealize(p);
+    const initial = [...p.initialAssumptions, ...idealized];
+    const { state, trace } = saturate(initial, opts);
+    const satisfied = [];
+    const unsatisfied = [];
+    for (const g of p.goals) {
+        if ((0, terms_1.hasFormula)(state, g))
+            satisfied.push(g);
+        else
+            unsatisfied.push(g);
+    }
+    return { satisfied, unsatisfied, trace };
+}
+//# sourceMappingURL=analyze.js.map

package/dist/reasoning/ban-logic/analyze.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"analyze.js","sourceRoot":"","sources":["../../../src/reasoning/ban-logic/analyze.ts"],"names":[],"mappings":";AAAA,+DAA+D;AAC/D,4DAA4D;AAC5D,+DAA+D;AAC/D,EAAE;AACF,iEAAiE;AACjE,iEAAiE;AACjE,qDAAqD;AACrD,EAAE;AACF,wEAAwE;AACxE,wEAAwE;AACxE,uDAAuD;;AAmDvD,4BA+CC;AAWD,4BAEC;AAMD,0CAYC;AA/HD,mCAYiB;AACjB,mCAAqE;AAerE,MAAM,WAAW,GAAmB;IAClC,EAAE,IAAI,EAAE,wBAAwB,EAAE,KAAK,EAAE,iCAAyB,EAAE;IACpE,EAAE,IAAI,EAAE,wBAAwB,EAAE,KAAK,EAAE,iCAAyB,EAAE;IACpE,EAAE,IAAI,EAAE,wBAAwB,EAAE,KAAK,EAAE,iCAAyB,EAAE;IACpE,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,8BAAsB,EAAE;IAC7D,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,yBAAiB,EAAE;IAClD,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,4BAAoB,EAAE;IACzD,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,yBAAiB,EAAE;IACnD,EAAE,IAAI,EAAE,uBAAuB,EAAE,KAAK,EAAE,iCAAyB,EAAE;CACpE,CAAC;AAEF,MAAM,gBAAgB,GAAoE;IACxF,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,8BAAsB,EAAE;IAC3D,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,mCAA2B,EAAE;IACjE,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,4BAAoB,EAAE;CACnD,CAAC;AAEF;;;GAGG;AACH,SAAgB,QAAQ,CACtB,OAAkC,EAClC,IAAsB;IAEtB,MAAM,OAAO,GAAG,IAAI,EAAE,aAAa,IAAI,GAAG,CAAC;IAC3C,MAAM,QAAQ,GAAG,IAAI,EAAE,cAAc,IAAI,IAAI,CAAC;IAE9C,MAAM,KAAK,GAAiB,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAiB,EAAE,CAAC;IAE/B,MAAM,MAAM,GAAG,CAAC,CAAa,EAAW,EAAE;QACxC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,qBAAa,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzD,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;IAEF,KAAK,MAAM,CAAC,IAAI,OAAO;QAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IAEnC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,IAAI,OAAO,GAAG,IAAI,CAAC;IACnB,OAAO,OAAO,IAAI,IAAI,GAAG,OAAO,IAAI,KAAK,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;QAC5D,OAAO,GAAG,KAAK,CAAC;QAChB,IAAI,EAAE,CAAC;QACP,oDAAoD;QACpD,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC;QAC/B,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;YAC7B,sBAAsB;YACtB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;gBAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;gBACxC,IAAI,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;oBACvB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAChB,OAAO,GAAG,IAAI,CAAC;oBACf,IAAI,KAAK,CAAC,MAAM,IAAI,QAAQ;wBAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;gBACxD,CAAC;YACH,CAAC;YACD,qBAAqB;YACrB,KAAK,MAAM,IAAI,IAAI,gBAAgB,EAAE,CAAC;gBACpC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBAC9B,IAAI,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;oBACvB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAChB,OAAO,GAAG,IAAI,CAAC;oBACf,IAAI,KAAK,CAAC,MAAM,IAAI,QAAQ;wBAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;gBACxD,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;AAC1B,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,QAAQ,CAAC,CAAW;IAClC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,YAAI,EAAC,IAAA,iBAAS,EAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,CAAW,EAAE,IAAsB;IACjE,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,GAAG,SAAS,CAAC,CAAC;IACxD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAEjD,MAAM,SAAS,GAAiB,EAAE,CAAC;IACnC,MAAM,WAAW,GAAiB,EAAE,CAAC;IACrC,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;QACxB,IAAI,IAAA,kBAAU,EAAC,KAAK,EAAE,CAAC,CAAC;YAAE,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;;YACvC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC3B,CAAC;IACD,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;AAC3C,CAAC"}

package/dist/reasoning/ban-logic/index.d.ts

@@ -0,0 +1,7 @@
+export type { BANFormula, BANRule, BANTerm, Protocol, ProtocolAnalysis, ProtocolStep, } from './types';
+export { atom, compound, encrypted, hashed, key, message, nonce, principal, believes, controls, formulaAnd, fresh, jurisdiction, publicKey, said, saidMessage, sees, sharedKey, sharedSecret, formulaEquals, formulaToString, hasFormula, termEquals, termToString, } from './terms';
+export { applyBeliefConjunction, applyBeliefConjunctionRight, applyFreshnessPropagation, applyJurisdiction, applyMessageMeaningPublic, applyMessageMeaningSecret, applyMessageMeaningShared, applyNonceVerification, applySaidConjunction, applySeeingEncrypted, applySeesCompound, RULES_REGISTRY, } from './rules';
+export type { SaturateOptions } from './analyze';
+export { analyzeProtocol, idealize, saturate } from './analyze';
+export { kerberos, needhamSchroederPublicKey, needhamSchroederSymmetric } from './protocols';
+//# sourceMappingURL=index.d.ts.map

package/dist/reasoning/ban-logic/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/reasoning/ban-logic/index.ts"],"names":[],"mappings":"AAcA,YAAY,EACV,UAAU,EACV,OAAO,EACP,OAAO,EACP,QAAQ,EACR,gBAAgB,EAChB,YAAY,GACb,MAAM,SAAS,CAAC;AAEjB,OAAO,EAEL,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,MAAM,EACN,GAAG,EACH,OAAO,EACP,KAAK,EACL,SAAS,EAET,QAAQ,EACR,QAAQ,EACR,UAAU,EACV,KAAK,EACL,YAAY,EACZ,SAAS,EACT,IAAI,EACJ,WAAW,EACX,IAAI,EACJ,SAAS,EACT,YAAY,EAEZ,aAAa,EACb,eAAe,EACf,UAAU,EACV,UAAU,EACV,YAAY,GACb,MAAM,SAAS,CAAC;AAEjB,OAAO,EACL,sBAAsB,EACtB,2BAA2B,EAC3B,yBAAyB,EACzB,iBAAiB,EACjB,yBAAyB,EACzB,yBAAyB,EACzB,yBAAyB,EACzB,sBAAsB,EACtB,oBAAoB,EACpB,oBAAoB,EACpB,iBAAiB,EACjB,cAAc,GACf,MAAM,SAAS,CAAC;AAEjB,YAAY,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAEhE,OAAO,EAAE,QAAQ,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC"}

package/dist/reasoning/ban-logic/index.js

@@ -0,0 +1,66 @@
+"use strict";
+// ============================================================
+// BAN Logic — Barrel export
+// ============================================================
+//
+// Burrows-Abadi-Needham logic para verificación de protocolos
+// criptográficos de autenticación.
+//
+// API pública:
+//   - Constructores de términos y fórmulas (`principal`, `key`, ...)
+//   - Reglas de inferencia (R1-R10 y variantes)
+//   - `saturate(initial)` para cerrar un estado bajo las reglas
+//   - `analyzeProtocol(p)` para evaluar goals de un Protocol
+//   - Protocolos pre-armados: Needham-Schroeder symmetric / PK / Kerberos
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.needhamSchroederSymmetric = exports.needhamSchroederPublicKey = exports.kerberos = exports.saturate = exports.idealize = exports.analyzeProtocol = exports.RULES_REGISTRY = exports.applySeesCompound = exports.applySeeingEncrypted = exports.applySaidConjunction = exports.applyNonceVerification = exports.applyMessageMeaningShared = exports.applyMessageMeaningSecret = exports.applyMessageMeaningPublic = exports.applyJurisdiction = exports.applyFreshnessPropagation = exports.applyBeliefConjunctionRight = exports.applyBeliefConjunction = exports.termToString = exports.termEquals = exports.hasFormula = exports.formulaToString = exports.formulaEquals = exports.sharedSecret = exports.sharedKey = exports.sees = exports.saidMessage = exports.said = exports.publicKey = exports.jurisdiction = exports.fresh = exports.formulaAnd = exports.controls = exports.believes = exports.principal = exports.nonce = exports.message = exports.key = exports.hashed = exports.encrypted = exports.compound = exports.atom = void 0;
+var terms_1 = require("./terms");
+// Constructores de términos
+Object.defineProperty(exports, "atom", { enumerable: true, get: function () { return terms_1.atom; } });
+Object.defineProperty(exports, "compound", { enumerable: true, get: function () { return terms_1.compound; } });
+Object.defineProperty(exports, "encrypted", { enumerable: true, get: function () { return terms_1.encrypted; } });
+Object.defineProperty(exports, "hashed", { enumerable: true, get: function () { return terms_1.hashed; } });
+Object.defineProperty(exports, "key", { enumerable: true, get: function () { return terms_1.key; } });
+Object.defineProperty(exports, "message", { enumerable: true, get: function () { return terms_1.message; } });
+Object.defineProperty(exports, "nonce", { enumerable: true, get: function () { return terms_1.nonce; } });
+Object.defineProperty(exports, "principal", { enumerable: true, get: function () { return terms_1.principal; } });
+// Constructores de fórmulas
+Object.defineProperty(exports, "believes", { enumerable: true, get: function () { return terms_1.believes; } });
+Object.defineProperty(exports, "controls", { enumerable: true, get: function () { return terms_1.controls; } });
+Object.defineProperty(exports, "formulaAnd", { enumerable: true, get: function () { return terms_1.formulaAnd; } });
+Object.defineProperty(exports, "fresh", { enumerable: true, get: function () { return terms_1.fresh; } });
+Object.defineProperty(exports, "jurisdiction", { enumerable: true, get: function () { return terms_1.jurisdiction; } });
+Object.defineProperty(exports, "publicKey", { enumerable: true, get: function () { return terms_1.publicKey; } });
+Object.defineProperty(exports, "said", { enumerable: true, get: function () { return terms_1.said; } });
+Object.defineProperty(exports, "saidMessage", { enumerable: true, get: function () { return terms_1.saidMessage; } });
+Object.defineProperty(exports, "sees", { enumerable: true, get: function () { return terms_1.sees; } });
+Object.defineProperty(exports, "sharedKey", { enumerable: true, get: function () { return terms_1.sharedKey; } });
+Object.defineProperty(exports, "sharedSecret", { enumerable: true, get: function () { return terms_1.sharedSecret; } });
+// Equality + printing
+Object.defineProperty(exports, "formulaEquals", { enumerable: true, get: function () { return terms_1.formulaEquals; } });
+Object.defineProperty(exports, "formulaToString", { enumerable: true, get: function () { return terms_1.formulaToString; } });
+Object.defineProperty(exports, "hasFormula", { enumerable: true, get: function () { return terms_1.hasFormula; } });
+Object.defineProperty(exports, "termEquals", { enumerable: true, get: function () { return terms_1.termEquals; } });
+Object.defineProperty(exports, "termToString", { enumerable: true, get: function () { return terms_1.termToString; } });
+var rules_1 = require("./rules");
+Object.defineProperty(exports, "applyBeliefConjunction", { enumerable: true, get: function () { return rules_1.applyBeliefConjunction; } });
+Object.defineProperty(exports, "applyBeliefConjunctionRight", { enumerable: true, get: function () { return rules_1.applyBeliefConjunctionRight; } });
+Object.defineProperty(exports, "applyFreshnessPropagation", { enumerable: true, get: function () { return rules_1.applyFreshnessPropagation; } });
+Object.defineProperty(exports, "applyJurisdiction", { enumerable: true, get: function () { return rules_1.applyJurisdiction; } });
+Object.defineProperty(exports, "applyMessageMeaningPublic", { enumerable: true, get: function () { return rules_1.applyMessageMeaningPublic; } });
+Object.defineProperty(exports, "applyMessageMeaningSecret", { enumerable: true, get: function () { return rules_1.applyMessageMeaningSecret; } });
+Object.defineProperty(exports, "applyMessageMeaningShared", { enumerable: true, get: function () { return rules_1.applyMessageMeaningShared; } });
+Object.defineProperty(exports, "applyNonceVerification", { enumerable: true, get: function () { return rules_1.applyNonceVerification; } });
+Object.defineProperty(exports, "applySaidConjunction", { enumerable: true, get: function () { return rules_1.applySaidConjunction; } });
+Object.defineProperty(exports, "applySeeingEncrypted", { enumerable: true, get: function () { return rules_1.applySeeingEncrypted; } });
+Object.defineProperty(exports, "applySeesCompound", { enumerable: true, get: function () { return rules_1.applySeesCompound; } });
+Object.defineProperty(exports, "RULES_REGISTRY", { enumerable: true, get: function () { return rules_1.RULES_REGISTRY; } });
+var analyze_1 = require("./analyze");
+Object.defineProperty(exports, "analyzeProtocol", { enumerable: true, get: function () { return analyze_1.analyzeProtocol; } });
+Object.defineProperty(exports, "idealize", { enumerable: true, get: function () { return analyze_1.idealize; } });
+Object.defineProperty(exports, "saturate", { enumerable: true, get: function () { return analyze_1.saturate; } });
+var protocols_1 = require("./protocols");
+Object.defineProperty(exports, "kerberos", { enumerable: true, get: function () { return protocols_1.kerberos; } });
+Object.defineProperty(exports, "needhamSchroederPublicKey", { enumerable: true, get: function () { return protocols_1.needhamSchroederPublicKey; } });
+Object.defineProperty(exports, "needhamSchroederSymmetric", { enumerable: true, get: function () { return protocols_1.needhamSchroederSymmetric; } });
+//# sourceMappingURL=index.js.map

package/dist/reasoning/ban-logic/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/reasoning/ban-logic/index.ts"],"names":[],"mappings":";AAAA,+DAA+D;AAC/D,4BAA4B;AAC5B,+DAA+D;AAC/D,EAAE;AACF,8DAA8D;AAC9D,mCAAmC;AACnC,EAAE;AACF,eAAe;AACf,qEAAqE;AACrE,gDAAgD;AAChD,gEAAgE;AAChE,6DAA6D;AAC7D,0EAA0E;;;AAW1E,iCA4BiB;AA3Bf,4BAA4B;AAC5B,6FAAA,IAAI,OAAA;AACJ,iGAAA,QAAQ,OAAA;AACR,kGAAA,SAAS,OAAA;AACT,+FAAA,MAAM,OAAA;AACN,4FAAA,GAAG,OAAA;AACH,gGAAA,OAAO,OAAA;AACP,8FAAA,KAAK,OAAA;AACL,kGAAA,SAAS,OAAA;AACT,4BAA4B;AAC5B,iGAAA,QAAQ,OAAA;AACR,iGAAA,QAAQ,OAAA;AACR,mGAAA,UAAU,OAAA;AACV,8FAAA,KAAK,OAAA;AACL,qGAAA,YAAY,OAAA;AACZ,kGAAA,SAAS,OAAA;AACT,6FAAA,IAAI,OAAA;AACJ,oGAAA,WAAW,OAAA;AACX,6FAAA,IAAI,OAAA;AACJ,kGAAA,SAAS,OAAA;AACT,qGAAA,YAAY,OAAA;AACZ,sBAAsB;AACtB,sGAAA,aAAa,OAAA;AACb,wGAAA,eAAe,OAAA;AACf,mGAAA,UAAU,OAAA;AACV,mGAAA,UAAU,OAAA;AACV,qGAAA,YAAY,OAAA;AAGd,iCAaiB;AAZf,+GAAA,sBAAsB,OAAA;AACtB,oHAAA,2BAA2B,OAAA;AAC3B,kHAAA,yBAAyB,OAAA;AACzB,0GAAA,iBAAiB,OAAA;AACjB,kHAAA,yBAAyB,OAAA;AACzB,kHAAA,yBAAyB,OAAA;AACzB,kHAAA,yBAAyB,OAAA;AACzB,+GAAA,sBAAsB,OAAA;AACtB,6GAAA,oBAAoB,OAAA;AACpB,6GAAA,oBAAoB,OAAA;AACpB,0GAAA,iBAAiB,OAAA;AACjB,uGAAA,cAAc,OAAA;AAIhB,qCAAgE;AAAvD,0GAAA,eAAe,OAAA;AAAE,mGAAA,QAAQ,OAAA;AAAE,mGAAA,QAAQ,OAAA;AAE5C,yCAA6F;AAApF,qGAAA,QAAQ,OAAA;AAAE,sHAAA,yBAAyB,OAAA;AAAE,sHAAA,yBAAyB,OAAA"}

package/dist/reasoning/ban-logic/protocols.d.ts

@@ -0,0 +1,54 @@
+import { key, principal } from './terms';
+import type { BANFormula, Protocol } from './types';
+/**
+ * Needham-Schroeder shared-key (simplificado para BAN).
+ *
+ * 1. A → S : A, B, N_a
+ * 2. S → A : {N_a, K_ab, B, {K_ab, A}_{K_bs}}_{K_as}
+ * 3. A → B : {K_ab, A}_{K_bs}
+ * 4. B → A : {N_b}_{K_ab}
+ * 5. A → B : {N_b - 1}_{K_ab}   (representamos como nonce(N_b'))
+ */
+export declare function needhamSchroederSymmetric(): Protocol;
+/**
+ * Needham-Schroeder public-key (Lowe attack territory).
+ *
+ * Original:
+ *   1. A → B : {N_a, A}_{K_b}
+ *   2. B → A : {N_a, N_b}_{K_a}
+ *   3. A → B : {N_b}_{K_b}
+ *
+ * El "Lowe attack" (1995) muestra que un atacante M puede intercalar
+ * y hacer creer a B que está hablando con A cuando en realidad A
+ * habla con M. Modelamos el protocolo TAL CUAL, sin la corrección
+ * de Lowe; el resultado: el goal "B|≡A|≡(sesión con B)" NO se
+ * deriva.
+ */
+export declare function needhamSchroederPublicKey(): Protocol;
+/**
+ * Kerberos (simplificación BAN).
+ *
+ * 1. C → S : C, T, N_c
+ * 2. S → C : {N_c, T_C, K_ct}_{K_cs}, {C, T_C, K_ct}_{K_ts}
+ * 3. C → T : {C, T_C, K_ct}_{K_ts}, {C, t}_{K_ct}
+ * 4. T → C : {t + 1}_{K_ct}
+ *
+ * Goal: C cree que T comparte K_ct con C; T cree lo mismo.
+ */
+export declare function kerberos(): Protocol;
+export declare const protocolUtils: {
+    believes: (p: import("./types").BANTerm, f: BANFormula) => BANFormula;
+    sharedKey: (a: import("./types").BANTerm, b: import("./types").BANTerm, k: import("./types").BANTerm) => BANFormula;
+    publicKey: (p: ReturnType<typeof principal>, k: ReturnType<typeof key>) => BANFormula;
+    jurisdiction: (p: import("./types").BANTerm, f: BANFormula) => BANFormula;
+    saidMessage: (p: import("./types").BANTerm, w: import("./types").BANTerm) => BANFormula;
+    fresh: (w: import("./types").BANTerm) => BANFormula;
+    encrypted: (msg: import("./types").BANTerm, k: import("./types").BANTerm) => import("./types").BANTerm;
+    sees: (p: import("./types").BANTerm, w: import("./types").BANTerm) => BANFormula;
+    message: (...content: import("./types").BANTerm[]) => import("./types").BANTerm;
+    nonce: (name: string) => import("./types").BANTerm;
+    key: (name: string, shared?: [string, string]) => import("./types").BANTerm;
+    principal: (name: string) => import("./types").BANTerm;
+    controls: (p: import("./types").BANTerm, f: BANFormula) => BANFormula;
+};
+//# sourceMappingURL=protocols.d.ts.map

package/dist/reasoning/ban-logic/protocols.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"protocols.d.ts","sourceRoot":"","sources":["../../../src/reasoning/ban-logic/protocols.ts"],"names":[],"mappings":"AAkBA,OAAO,EAML,GAAG,EAGH,SAAS,EAIV,MAAM,SAAS,CAAC;AACjB,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEpD;;;;;;;;GAQG;AACH,wBAAgB,yBAAyB,IAAI,QAAQ,CAoEpD;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,yBAAyB,IAAI,QAAQ,CAuCpD;AAED;;;;;;;;;GASG;AACH,wBAAgB,QAAQ,IAAI,QAAQ,CAwCnC;AAGD,eAAO,MAAM,aAAa;;;mBAGT,UAAU,CAAC,OAAO,SAAS,CAAC,KAAK,UAAU,CAAC,OAAO,GAAG,CAAC,KAAG,UAAU;;;;;;;;;;;CAepF,CAAC"}