npm - @stoneforge/quarry - Versions diffs - 0.1.0 - Mend

@stoneforge/quarry 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (330) hide show

package/LICENSE +13 -0
package/README.md +160 -0
package/dist/api/index.d.ts +8 -0
package/dist/api/index.d.ts.map +1 -0
package/dist/api/index.js +8 -0
package/dist/api/index.js.map +1 -0
package/dist/api/quarry-api.d.ts +268 -0
package/dist/api/quarry-api.d.ts.map +1 -0
package/dist/api/quarry-api.js +3905 -0
package/dist/api/quarry-api.js.map +1 -0
package/dist/api/types.d.ts +1359 -0
package/dist/api/types.d.ts.map +1 -0
package/dist/api/types.js +204 -0
package/dist/api/types.js.map +1 -0
package/dist/bin/sf.d.ts +3 -0
package/dist/bin/sf.d.ts.map +1 -0
package/dist/bin/sf.js +9 -0
package/dist/bin/sf.js.map +1 -0
package/dist/cli/commands/admin.d.ts +11 -0
package/dist/cli/commands/admin.d.ts.map +1 -0
package/dist/cli/commands/admin.js +465 -0
package/dist/cli/commands/admin.js.map +1 -0
package/dist/cli/commands/alias.d.ts +8 -0
package/dist/cli/commands/alias.d.ts.map +1 -0
package/dist/cli/commands/alias.js +70 -0
package/dist/cli/commands/alias.js.map +1 -0
package/dist/cli/commands/channel.d.ts +13 -0
package/dist/cli/commands/channel.d.ts.map +1 -0
package/dist/cli/commands/channel.js +680 -0
package/dist/cli/commands/channel.js.map +1 -0
package/dist/cli/commands/completion.d.ts +8 -0
package/dist/cli/commands/completion.d.ts.map +1 -0
package/dist/cli/commands/completion.js +87 -0
package/dist/cli/commands/completion.js.map +1 -0
package/dist/cli/commands/config.d.ts +12 -0
package/dist/cli/commands/config.d.ts.map +1 -0
package/dist/cli/commands/config.js +242 -0
package/dist/cli/commands/config.js.map +1 -0
package/dist/cli/commands/crud.d.ts +64 -0
package/dist/cli/commands/crud.d.ts.map +1 -0
package/dist/cli/commands/crud.js +805 -0
package/dist/cli/commands/crud.js.map +1 -0
package/dist/cli/commands/dep.d.ts +16 -0
package/dist/cli/commands/dep.d.ts.map +1 -0
package/dist/cli/commands/dep.js +499 -0
package/dist/cli/commands/dep.js.map +1 -0
package/dist/cli/commands/document.d.ts +12 -0
package/dist/cli/commands/document.d.ts.map +1 -0
package/dist/cli/commands/document.js +1039 -0
package/dist/cli/commands/document.js.map +1 -0
package/dist/cli/commands/embeddings.d.ts +12 -0
package/dist/cli/commands/embeddings.d.ts.map +1 -0
package/dist/cli/commands/embeddings.js +273 -0
package/dist/cli/commands/embeddings.js.map +1 -0
package/dist/cli/commands/entity.d.ts +16 -0
package/dist/cli/commands/entity.d.ts.map +1 -0
package/dist/cli/commands/entity.js +522 -0
package/dist/cli/commands/entity.js.map +1 -0
package/dist/cli/commands/gc.d.ts +10 -0
package/dist/cli/commands/gc.d.ts.map +1 -0
package/dist/cli/commands/gc.js +257 -0
package/dist/cli/commands/gc.js.map +1 -0
package/dist/cli/commands/help.d.ts +11 -0
package/dist/cli/commands/help.d.ts.map +1 -0
package/dist/cli/commands/help.js +169 -0
package/dist/cli/commands/help.js.map +1 -0
package/dist/cli/commands/history.d.ts +9 -0
package/dist/cli/commands/history.d.ts.map +1 -0
package/dist/cli/commands/history.js +160 -0
package/dist/cli/commands/history.js.map +1 -0
package/dist/cli/commands/identity.d.ts +18 -0
package/dist/cli/commands/identity.d.ts.map +1 -0
package/dist/cli/commands/identity.js +698 -0
package/dist/cli/commands/identity.js.map +1 -0
package/dist/cli/commands/inbox.d.ts +20 -0
package/dist/cli/commands/inbox.d.ts.map +1 -0
package/dist/cli/commands/inbox.js +493 -0
package/dist/cli/commands/inbox.js.map +1 -0
package/dist/cli/commands/init.d.ts +20 -0
package/dist/cli/commands/init.d.ts.map +1 -0
package/dist/cli/commands/init.js +144 -0
package/dist/cli/commands/init.js.map +1 -0
package/dist/cli/commands/install.d.ts +9 -0
package/dist/cli/commands/install.d.ts.map +1 -0
package/dist/cli/commands/install.js +200 -0
package/dist/cli/commands/install.js.map +1 -0
package/dist/cli/commands/library.d.ts +12 -0
package/dist/cli/commands/library.d.ts.map +1 -0
package/dist/cli/commands/library.js +665 -0
package/dist/cli/commands/library.js.map +1 -0
package/dist/cli/commands/message.d.ts +11 -0
package/dist/cli/commands/message.d.ts.map +1 -0
package/dist/cli/commands/message.js +608 -0
package/dist/cli/commands/message.js.map +1 -0
package/dist/cli/commands/plan.d.ts +17 -0
package/dist/cli/commands/plan.d.ts.map +1 -0
package/dist/cli/commands/plan.js +698 -0
package/dist/cli/commands/plan.js.map +1 -0
package/dist/cli/commands/playbook.d.ts +12 -0
package/dist/cli/commands/playbook.d.ts.map +1 -0
package/dist/cli/commands/playbook.js +730 -0
package/dist/cli/commands/playbook.js.map +1 -0
package/dist/cli/commands/reset.d.ts +12 -0
package/dist/cli/commands/reset.d.ts.map +1 -0
package/dist/cli/commands/reset.js +306 -0
package/dist/cli/commands/reset.js.map +1 -0
package/dist/cli/commands/serve.d.ts +11 -0
package/dist/cli/commands/serve.d.ts.map +1 -0
package/dist/cli/commands/serve.js +106 -0
package/dist/cli/commands/serve.js.map +1 -0
package/dist/cli/commands/stats.d.ts +8 -0
package/dist/cli/commands/stats.d.ts.map +1 -0
package/dist/cli/commands/stats.js +82 -0
package/dist/cli/commands/stats.js.map +1 -0
package/dist/cli/commands/sync.d.ts +14 -0
package/dist/cli/commands/sync.d.ts.map +1 -0
package/dist/cli/commands/sync.js +370 -0
package/dist/cli/commands/sync.js.map +1 -0
package/dist/cli/commands/task.d.ts +25 -0
package/dist/cli/commands/task.d.ts.map +1 -0
package/dist/cli/commands/task.js +1153 -0
package/dist/cli/commands/task.js.map +1 -0
package/dist/cli/commands/team.d.ts +13 -0
package/dist/cli/commands/team.d.ts.map +1 -0
package/dist/cli/commands/team.js +471 -0
package/dist/cli/commands/team.js.map +1 -0
package/dist/cli/commands/workflow.d.ts +16 -0
package/dist/cli/commands/workflow.d.ts.map +1 -0
package/dist/cli/commands/workflow.js +753 -0
package/dist/cli/commands/workflow.js.map +1 -0
package/dist/cli/completion.d.ts +28 -0
package/dist/cli/completion.d.ts.map +1 -0
package/dist/cli/completion.js +295 -0
package/dist/cli/completion.js.map +1 -0
package/dist/cli/db.d.ts +38 -0
package/dist/cli/db.d.ts.map +1 -0
package/dist/cli/db.js +90 -0
package/dist/cli/db.js.map +1 -0
package/dist/cli/formatter.d.ts +87 -0
package/dist/cli/formatter.d.ts.map +1 -0
package/dist/cli/formatter.js +464 -0
package/dist/cli/formatter.js.map +1 -0
package/dist/cli/index.d.ts +33 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +38 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/parser.d.ts +45 -0
package/dist/cli/parser.d.ts.map +1 -0
package/dist/cli/parser.js +256 -0
package/dist/cli/parser.js.map +1 -0
package/dist/cli/plugin-loader.d.ts +39 -0
package/dist/cli/plugin-loader.d.ts.map +1 -0
package/dist/cli/plugin-loader.js +165 -0
package/dist/cli/plugin-loader.js.map +1 -0
package/dist/cli/plugin-registry.d.ts +50 -0
package/dist/cli/plugin-registry.d.ts.map +1 -0
package/dist/cli/plugin-registry.js +206 -0
package/dist/cli/plugin-registry.js.map +1 -0
package/dist/cli/plugin-types.d.ts +106 -0
package/dist/cli/plugin-types.d.ts.map +1 -0
package/dist/cli/plugin-types.js +103 -0
package/dist/cli/plugin-types.js.map +1 -0
package/dist/cli/runner.d.ts +35 -0
package/dist/cli/runner.d.ts.map +1 -0
package/dist/cli/runner.js +340 -0
package/dist/cli/runner.js.map +1 -0
package/dist/cli/suggest.d.ts +15 -0
package/dist/cli/suggest.d.ts.map +1 -0
package/dist/cli/suggest.js +49 -0
package/dist/cli/suggest.js.map +1 -0
package/dist/cli/types.d.ts +138 -0
package/dist/cli/types.d.ts.map +1 -0
package/dist/cli/types.js +63 -0
package/dist/cli/types.js.map +1 -0
package/dist/config/config.d.ts +86 -0
package/dist/config/config.d.ts.map +1 -0
package/dist/config/config.js +348 -0
package/dist/config/config.js.map +1 -0
package/dist/config/defaults.d.ts +66 -0
package/dist/config/defaults.d.ts.map +1 -0
package/dist/config/defaults.js +114 -0
package/dist/config/defaults.js.map +1 -0
package/dist/config/duration.d.ts +75 -0
package/dist/config/duration.d.ts.map +1 -0
package/dist/config/duration.js +190 -0
package/dist/config/duration.js.map +1 -0
package/dist/config/env.d.ts +67 -0
package/dist/config/env.d.ts.map +1 -0
package/dist/config/env.js +207 -0
package/dist/config/env.js.map +1 -0
package/dist/config/file.d.ts +97 -0
package/dist/config/file.d.ts.map +1 -0
package/dist/config/file.js +365 -0
package/dist/config/file.js.map +1 -0
package/dist/config/index.d.ts +35 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +41 -0
package/dist/config/index.js.map +1 -0
package/dist/config/merge.d.ts +53 -0
package/dist/config/merge.d.ts.map +1 -0
package/dist/config/merge.js +226 -0
package/dist/config/merge.js.map +1 -0
package/dist/config/types.d.ts +257 -0
package/dist/config/types.d.ts.map +1 -0
package/dist/config/types.js +72 -0
package/dist/config/types.js.map +1 -0
package/dist/config/validation.d.ts +55 -0
package/dist/config/validation.d.ts.map +1 -0
package/dist/config/validation.js +251 -0
package/dist/config/validation.js.map +1 -0
package/dist/http/index.d.ts +8 -0
package/dist/http/index.d.ts.map +1 -0
package/dist/http/index.js +12 -0
package/dist/http/index.js.map +1 -0
package/dist/http/sync-handlers.d.ts +162 -0
package/dist/http/sync-handlers.d.ts.map +1 -0
package/dist/http/sync-handlers.js +271 -0
package/dist/http/sync-handlers.js.map +1 -0
package/dist/index.d.ts +25 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +69 -0
package/dist/index.js.map +1 -0
package/dist/server/index.d.ts +34 -0
package/dist/server/index.d.ts.map +1 -0
package/dist/server/index.js +3329 -0
package/dist/server/index.js.map +1 -0
package/dist/server/static.d.ts +18 -0
package/dist/server/static.d.ts.map +1 -0
package/dist/server/static.js +71 -0
package/dist/server/static.js.map +1 -0
package/dist/server/ws/broadcaster.d.ts +8 -0
package/dist/server/ws/broadcaster.d.ts.map +1 -0
package/dist/server/ws/broadcaster.js +7 -0
package/dist/server/ws/broadcaster.js.map +1 -0
package/dist/server/ws/handler.d.ts +55 -0
package/dist/server/ws/handler.d.ts.map +1 -0
package/dist/server/ws/handler.js +160 -0
package/dist/server/ws/handler.js.map +1 -0
package/dist/services/blocked-cache.d.ts +297 -0
package/dist/services/blocked-cache.d.ts.map +1 -0
package/dist/services/blocked-cache.js +755 -0
package/dist/services/blocked-cache.js.map +1 -0
package/dist/services/dependency.d.ts +205 -0
package/dist/services/dependency.d.ts.map +1 -0
package/dist/services/dependency.js +566 -0
package/dist/services/dependency.js.map +1 -0
package/dist/services/embeddings/fusion.d.ts +33 -0
package/dist/services/embeddings/fusion.d.ts.map +1 -0
package/dist/services/embeddings/fusion.js +34 -0
package/dist/services/embeddings/fusion.js.map +1 -0
package/dist/services/embeddings/index.d.ts +12 -0
package/dist/services/embeddings/index.d.ts.map +1 -0
package/dist/services/embeddings/index.js +10 -0
package/dist/services/embeddings/index.js.map +1 -0
package/dist/services/embeddings/local-provider.d.ts +31 -0
package/dist/services/embeddings/local-provider.d.ts.map +1 -0
package/dist/services/embeddings/local-provider.js +80 -0
package/dist/services/embeddings/local-provider.js.map +1 -0
package/dist/services/embeddings/service.d.ts +76 -0
package/dist/services/embeddings/service.d.ts.map +1 -0
package/dist/services/embeddings/service.js +153 -0
package/dist/services/embeddings/service.js.map +1 -0
package/dist/services/embeddings/types.d.ts +70 -0
package/dist/services/embeddings/types.d.ts.map +1 -0
package/dist/services/embeddings/types.js +8 -0
package/dist/services/embeddings/types.js.map +1 -0
package/dist/services/id-length-cache.d.ts +156 -0
package/dist/services/id-length-cache.d.ts.map +1 -0
package/dist/services/id-length-cache.js +197 -0
package/dist/services/id-length-cache.js.map +1 -0
package/dist/services/inbox.d.ts +147 -0
package/dist/services/inbox.d.ts.map +1 -0
package/dist/services/inbox.js +428 -0
package/dist/services/inbox.js.map +1 -0
package/dist/services/index.d.ts +10 -0
package/dist/services/index.d.ts.map +1 -0
package/dist/services/index.js +10 -0
package/dist/services/index.js.map +1 -0
package/dist/services/priority-service.d.ts +145 -0
package/dist/services/priority-service.d.ts.map +1 -0
package/dist/services/priority-service.js +272 -0
package/dist/services/priority-service.js.map +1 -0
package/dist/services/search-utils.d.ts +47 -0
package/dist/services/search-utils.d.ts.map +1 -0
package/dist/services/search-utils.js +83 -0
package/dist/services/search-utils.js.map +1 -0
package/dist/sync/hash.d.ts +48 -0
package/dist/sync/hash.d.ts.map +1 -0
package/dist/sync/hash.js +136 -0
package/dist/sync/hash.js.map +1 -0
package/dist/sync/index.d.ts +11 -0
package/dist/sync/index.d.ts.map +1 -0
package/dist/sync/index.js +16 -0
package/dist/sync/index.js.map +1 -0
package/dist/sync/merge.d.ts +80 -0
package/dist/sync/merge.d.ts.map +1 -0
package/dist/sync/merge.js +310 -0
package/dist/sync/merge.js.map +1 -0
package/dist/sync/serialization.d.ts +132 -0
package/dist/sync/serialization.d.ts.map +1 -0
package/dist/sync/serialization.js +306 -0
package/dist/sync/serialization.js.map +1 -0
package/dist/sync/service.d.ts +102 -0
package/dist/sync/service.d.ts.map +1 -0
package/dist/sync/service.js +493 -0
package/dist/sync/service.js.map +1 -0
package/dist/sync/types.d.ts +275 -0
package/dist/sync/types.d.ts.map +1 -0
package/dist/sync/types.js +76 -0
package/dist/sync/types.js.map +1 -0
package/dist/systems/identity.d.ts +479 -0
package/dist/systems/identity.d.ts.map +1 -0
package/dist/systems/identity.js +817 -0
package/dist/systems/identity.js.map +1 -0
package/dist/systems/index.d.ts +8 -0
package/dist/systems/index.d.ts.map +1 -0
package/dist/systems/index.js +29 -0
package/dist/systems/index.js.map +1 -0
package/package.json +121 -0
package/web/assets/charts-vendor-D1YcbGux.js +55 -0
package/web/assets/dnd-vendor-DmxE-_ZH.js +5 -0
package/web/assets/editor-vendor-BxraAWts.js +279 -0
package/web/assets/index-B77vv208.js +341 -0
package/web/assets/index-CF_XnVLh.css +1 -0
package/web/assets/router-vendor-BCKpRBrB.js +41 -0
package/web/assets/ui-vendor-DUahGnbT.js +45 -0
package/web/assets/utils-vendor-CfYKiENT.js +813 -0
package/web/favicon.ico +0 -0
package/web/index.html +23 -0
package/web/logo.png +0 -0

package/dist/systems/identity.d.ts ADDED Viewed

@@ -0,0 +1,479 @@
+/**
+ * Identity System - Authentication and Signature Verification
+ *
+ * The identity system manages entity authentication and verification, supporting
+ * both soft (name-based) and cryptographic (key-based) identity models.
+ *
+ * Features:
+ * - Identity mode configuration (soft, cryptographic, hybrid)
+ * - Ed25519 signature generation and verification
+ * - Signed request validation with time tolerance
+ * - Actor context management
+ */
+import { Timestamp } from '@stoneforge/core';
+/**
+ * Identity mode determines the level of verification required
+ */
+export declare const IdentityMode: {
+    /** Name-based identity without verification (default) */
+    readonly SOFT: "soft";
+    /** Key-based identity with signature verification */
+    readonly CRYPTOGRAPHIC: "cryptographic";
+    /** Mixed mode - accepts both verified and unverified actors */
+    readonly HYBRID: "hybrid";
+};
+export type IdentityMode = (typeof IdentityMode)[keyof typeof IdentityMode];
+/**
+ * Base64-encoded Ed25519 signature (88 characters for 64 bytes)
+ */
+declare const SignatureBrand: unique symbol;
+export type Signature = string & {
+    readonly [SignatureBrand]: typeof SignatureBrand;
+};
+/**
+ * Base64-encoded Ed25519 public key (44 characters for 32 bytes)
+ */
+declare const PublicKeyBrand: unique symbol;
+export type PublicKey = string & {
+    readonly [PublicKeyBrand]: typeof PublicKeyBrand;
+};
+/**
+ * Signed request fields included in cryptographic requests
+ */
+export interface SignedRequestFields {
+    /** Base64 Ed25519 signature */
+    readonly signature: Signature;
+    /** Timestamp when the request was signed (ISO 8601) */
+    readonly signedAt: Timestamp;
+    /** Entity name making the request */
+    readonly actor: string;
+}
+/**
+ * Input for signing a request
+ */
+export interface SigningInput {
+    /** Entity name making the request */
+    actor: string;
+    /** Hash of the request body (SHA256, hex encoded) */
+    requestHash: string;
+}
+/**
+ * Signed data format: actor|signedAt|requestHash
+ */
+export interface SignedData {
+    readonly actor: string;
+    readonly signedAt: Timestamp;
+    readonly requestHash: string;
+}
+/**
+ * Result of signature verification
+ */
+export declare const VerificationStatus: {
+    /** Signature is valid */
+    readonly VALID: "valid";
+    /** Signature is invalid or doesn't match */
+    readonly INVALID: "invalid";
+    /** Signature has expired (outside time tolerance) */
+    readonly EXPIRED: "expired";
+    /** Entity not found for verification */
+    readonly ACTOR_NOT_FOUND: "actor_not_found";
+    /** Entity has no public key */
+    readonly NO_PUBLIC_KEY: "no_public_key";
+    /** Signature was not provided */
+    readonly NOT_SIGNED: "not_signed";
+};
+export type VerificationStatus = (typeof VerificationStatus)[keyof typeof VerificationStatus];
+/**
+ * Full verification result with details
+ */
+export interface VerificationResult {
+    /** Overall verification status */
+    readonly status: VerificationStatus;
+    /** Whether the request should be allowed */
+    readonly allowed: boolean;
+    /** Actor name if verified */
+    readonly actor?: string;
+    /** Error message if verification failed */
+    readonly error?: string;
+    /** Additional details about the verification */
+    readonly details?: {
+        /** How old the signature is in milliseconds */
+        signatureAgeMs?: number;
+        /** Whether the entity was found */
+        entityFound?: boolean;
+        /** Whether the entity has a public key */
+        hasPublicKey?: boolean;
+    };
+}
+/**
+ * Identity system configuration
+ */
+export interface IdentityConfig {
+    /** Identity verification mode */
+    mode: IdentityMode;
+    /** Time tolerance for signature expiry in milliseconds (default: 5 minutes) */
+    timeTolerance: number;
+    /** Whether to allow unregistered actors in soft mode */
+    allowUnregisteredActors: boolean;
+}
+/** Default time tolerance: 5 minutes in milliseconds */
+export declare const DEFAULT_TIME_TOLERANCE: number;
+/**
+ * Default identity configuration
+ */
+export declare const DEFAULT_IDENTITY_CONFIG: IdentityConfig;
+/**
+ * Validates an identity mode value
+ */
+export declare function isValidIdentityMode(value: unknown): value is IdentityMode;
+/**
+ * Validates identity mode and throws if invalid
+ */
+export declare function validateIdentityMode(value: unknown): IdentityMode;
+/**
+ * Validates a base64-encoded Ed25519 public key format
+ */
+export declare function isValidPublicKey(value: unknown): value is PublicKey;
+/**
+ * Validates a public key and throws if invalid format
+ */
+export declare function validatePublicKey(value: unknown): PublicKey;
+/**
+ * Validates a base64-encoded Ed25519 signature format
+ */
+export declare function isValidSignature(value: unknown): value is Signature;
+/**
+ * Validates a signature and throws if invalid format
+ */
+export declare function validateSignature(value: unknown): Signature;
+/**
+ * Validates a request hash (SHA256 hex)
+ */
+export declare function isValidRequestHash(value: unknown): value is string;
+/**
+ * Validates a request hash and throws if invalid
+ */
+export declare function validateRequestHash(value: unknown): string;
+/**
+ * Validates time tolerance value
+ */
+export declare function isValidTimeTolerance(value: unknown): value is number;
+/**
+ * Validates time tolerance and throws if invalid
+ */
+export declare function validateTimeTolerance(value: unknown): number;
+/**
+ * Type guard for SignedRequestFields
+ */
+export declare function isSignedRequestFields(value: unknown): value is SignedRequestFields;
+/**
+ * Validates SignedRequestFields and throws detailed errors
+ */
+export declare function validateSignedRequestFields(value: unknown): SignedRequestFields;
+/**
+ * Type guard for VerificationResult
+ */
+export declare function isVerificationResult(value: unknown): value is VerificationResult;
+/**
+ * Type guard for IdentityConfig
+ */
+export declare function isIdentityConfig(value: unknown): value is IdentityConfig;
+/**
+ * Validates IdentityConfig and throws detailed errors
+ */
+export declare function validateIdentityConfig(value: unknown): IdentityConfig;
+/**
+ * Constructs the signed data string from components
+ * Format: actor|signedAt|requestHash
+ */
+export declare function constructSignedData(data: SignedData): string;
+/**
+ * Parses a signed data string into components
+ * Format: actor|signedAt|requestHash
+ */
+export declare function parseSignedData(signedDataString: string): SignedData;
+/**
+ * Checks if a signature timestamp is within the allowed time tolerance
+ *
+ * @param signedAt - The timestamp when the request was signed
+ * @param tolerance - Time tolerance in milliseconds (default: 5 minutes)
+ * @param now - Current timestamp for testing (defaults to now)
+ * @returns Object with validity and age information
+ */
+export declare function checkTimeTolerance(signedAt: Timestamp, tolerance?: number, now?: Date): {
+    valid: boolean;
+    ageMs: number;
+    expiredBy?: number;
+};
+/**
+ * Checks time tolerance and throws if expired
+ */
+export declare function validateTimeTolerance2(signedAt: Timestamp, tolerance?: number, now?: Date): void;
+/**
+ * Creates a successful verification result
+ */
+export declare function verificationSuccess(actor: string, ageMs?: number): VerificationResult;
+/**
+ * Creates a failed verification result
+ */
+export declare function verificationFailure(status: VerificationStatus, error: string, details?: VerificationResult['details']): VerificationResult;
+/**
+ * Creates a "not signed" result (may be allowed in soft/hybrid mode)
+ */
+export declare function verificationNotSigned(allowed: boolean, actor?: string): VerificationResult;
+/**
+ * Verifies an Ed25519 signature using Bun's native crypto
+ *
+ * @param publicKey - Base64-encoded Ed25519 public key
+ * @param signature - Base64-encoded Ed25519 signature
+ * @param data - The data that was signed (as string or Uint8Array)
+ * @returns true if signature is valid, false otherwise
+ */
+export declare function verifyEd25519Signature(publicKey: PublicKey, signature: Signature, data: string | Uint8Array): Promise<boolean>;
+/**
+ * Signs data using Ed25519 (for testing purposes)
+ * In production, signing should be done by the entity externally
+ *
+ * @param privateKey - Base64-encoded Ed25519 private key in PKCS8 format
+ * @param data - The data to sign
+ * @returns Base64-encoded signature
+ */
+export declare function signEd25519(privateKey: string, data: string | Uint8Array): Promise<Signature>;
+/**
+ * Generates a new Ed25519 keypair (for testing purposes)
+ *
+ * @returns Object with base64-encoded public and private keys (PKCS8 format for private)
+ */
+export declare function generateEd25519Keypair(): Promise<{
+    publicKey: PublicKey;
+    privateKey: string;
+}>;
+/**
+ * Entity lookup function type for verification
+ */
+export type EntityLookup = (actor: string) => Promise<{
+    publicKey?: string;
+} | null>;
+/**
+ * Full verification options
+ */
+export interface VerifySignatureOptions {
+    /** The signed request fields */
+    signedRequest: SignedRequestFields;
+    /** The hash of the request body */
+    requestHash: string;
+    /** Function to look up entity by name */
+    lookupEntity: EntityLookup;
+    /** Identity configuration */
+    config?: Partial<IdentityConfig>;
+    /** Current time for testing */
+    now?: Date;
+}
+/**
+ * Performs full signature verification pipeline
+ *
+ * 1. Validates signature format
+ * 2. Looks up entity's public key
+ * 3. Constructs signed data
+ * 4. Checks time tolerance
+ * 5. Verifies signature cryptographically
+ */
+export declare function verifySignature(options: VerifySignatureOptions): Promise<VerificationResult>;
+/**
+ * Determines if a request should be allowed based on identity mode
+ */
+export declare function shouldAllowRequest(mode: IdentityMode, verificationResult: VerificationResult): boolean;
+/**
+ * Creates a SHA256 hash of the request body for signing
+ */
+export declare function hashRequestBody(body: string | object): Promise<string>;
+/**
+ * Creates a signed request from signing input
+ */
+export declare function createSignedRequest(input: SigningInput, privateKey: string, signedAt?: Timestamp): Promise<SignedRequestFields>;
+/**
+ * Merges partial config with defaults
+ */
+export declare function createIdentityConfig(partial?: Partial<IdentityConfig>): IdentityConfig;
+/**
+ * Sources from which actor identity can be determined
+ */
+export declare const ActorSource: {
+    /** Explicitly provided in the operation */
+    readonly EXPLICIT: "explicit";
+    /** From CLI --actor flag */
+    readonly CLI_FLAG: "cli_flag";
+    /** From configuration file */
+    readonly CONFIG: "config";
+    /** From element's createdBy field (fallback) */
+    readonly ELEMENT: "element";
+    /** System-generated operations */
+    readonly SYSTEM: "system";
+};
+export type ActorSource = (typeof ActorSource)[keyof typeof ActorSource];
+/**
+ * Actor context for tracking who is performing an operation
+ */
+export interface ActorContext {
+    /** The actor's entity ID or name */
+    readonly actor: string;
+    /** Where the actor identity came from */
+    readonly source: ActorSource;
+    /** Whether the actor has been verified (always false in soft mode) */
+    readonly verified: boolean;
+    /** Optional entity ID if the actor was looked up and exists */
+    readonly entityId?: string;
+}
+/**
+ * Options for resolving actor context
+ */
+export interface ActorResolutionOptions {
+    /** Explicitly provided actor (highest priority) */
+    explicitActor?: string;
+    /** Actor from CLI flag */
+    cliActor?: string;
+    /** Actor from configuration */
+    configActor?: string;
+    /** Fallback actor from element's createdBy (lowest priority) */
+    elementCreatedBy?: string;
+    /** Identity configuration */
+    config?: Partial<IdentityConfig>;
+    /** Function to look up entity by name */
+    lookupEntity?: EntityLookup;
+}
+/**
+ * Result of actor validation
+ */
+export interface ActorValidationResult {
+    /** Whether the actor is valid */
+    valid: boolean;
+    /** The resolved actor context if valid */
+    context?: ActorContext;
+    /** Error message if invalid */
+    error?: string;
+    /** Whether the actor entity exists (only checked in soft mode with lookupEntity) */
+    entityExists?: boolean;
+}
+/**
+ * Resolves actor context from multiple sources
+ *
+ * Priority order (highest to lowest):
+ * 1. Explicit actor (provided in operation)
+ * 2. CLI actor (--actor flag)
+ * 3. Config actor (default actor in config)
+ * 4. Element's createdBy (fallback for updates/deletes)
+ *
+ * @param options - Resolution options with actor sources
+ * @returns The resolved actor context
+ * @throws ValidationError if no actor can be resolved
+ */
+export declare function resolveActor(options: ActorResolutionOptions): ActorContext;
+/**
+ * Validates an actor in soft identity mode
+ *
+ * In soft mode:
+ * - Accepts any non-empty string as actor
+ * - Optionally checks if entity exists (if lookupEntity provided and allowUnregisteredActors is false)
+ * - Always returns verified: false
+ *
+ * @param actor - The actor name/ID to validate
+ * @param options - Validation options
+ * @returns Validation result with context if valid
+ */
+export declare function validateSoftActor(actor: string, options?: {
+    lookupEntity?: EntityLookup;
+    config?: Partial<IdentityConfig>;
+}): Promise<ActorValidationResult>;
+/**
+ * Type guard for ActorContext
+ */
+export declare function isActorContext(value: unknown): value is ActorContext;
+/**
+ * Creates an actor context for system operations
+ */
+export declare function createSystemActorContext(): ActorContext;
+/**
+ * Creates an actor context from an explicit actor string
+ */
+export declare function createActorContext(actor: string, source?: ActorSource): ActorContext;
+/**
+ * Middleware context for request verification
+ */
+export interface MiddlewareContext {
+    /** The actor making the request (if authenticated) */
+    actor?: string;
+    /** Whether the request was verified cryptographically */
+    verified: boolean;
+    /** The verification result (if verification was attempted) */
+    verificationResult?: VerificationResult;
+    /** The identity mode used */
+    mode: IdentityMode;
+}
+/**
+ * Request object that may contain signed fields
+ */
+export interface SignableRequest {
+    /** Optional signed request fields for cryptographic verification */
+    signedRequest?: SignedRequestFields;
+    /** The request body (used to compute hash for verification) */
+    body?: string | object;
+}
+/**
+ * Middleware result
+ */
+export interface MiddlewareResult {
+    /** Whether the request is allowed to proceed */
+    allowed: boolean;
+    /** The middleware context with authentication info */
+    context: MiddlewareContext;
+    /** Error message if not allowed */
+    error?: string;
+}
+/**
+ * Options for verification middleware
+ */
+export interface VerificationMiddlewareOptions {
+    /** Identity configuration */
+    config?: Partial<IdentityConfig>;
+    /** Function to look up entity by actor name */
+    lookupEntity: EntityLookup;
+    /** Current time (for testing) */
+    now?: Date;
+}
+/**
+ * Creates a verification middleware function
+ *
+ * The middleware:
+ * 1. Checks identity mode from config
+ * 2. In soft mode: allows all requests, extracts actor if provided
+ * 3. In cryptographic mode: requires valid signature
+ * 4. In hybrid mode: allows unsigned or validly signed requests
+ *
+ * @param options - Middleware options
+ * @returns A middleware function that verifies requests
+ *
+ * @example
+ * ```typescript
+ * const middleware = createVerificationMiddleware({
+ *   lookupEntity: (actor) => api.lookupEntityByName(actor),
+ *   config: { mode: IdentityMode.CRYPTOGRAPHIC }
+ * });
+ *
+ * const result = await middleware(request);
+ * if (!result.allowed) {
+ *   throw new Error(result.error);
+ * }
+ * // Use result.context.actor for the verified actor
+ * ```
+ */
+export declare function createVerificationMiddleware(options: VerificationMiddlewareOptions): (request: SignableRequest) => Promise<MiddlewareResult>;
+/**
+ * Creates middleware context for an unsigned request in soft mode
+ */
+export declare function createSoftModeContext(actor?: string): MiddlewareContext;
+/**
+ * Creates middleware context for a verified request
+ */
+export declare function createVerifiedContext(actor: string, verificationResult: VerificationResult): MiddlewareContext;
+export {};
+//# sourceMappingURL=identity.d.ts.map

package/dist/systems/identity.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/systems/identity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAA6C,SAAS,EAAoB,MAAM,kBAAkB,CAAC;AAM1G;;GAEG;AACH,eAAO,MAAM,YAAY;IACvB,yDAAyD;;IAEzD,qDAAqD;;IAErD,+DAA+D;;CAEvD,CAAC;AAEX,MAAM,MAAM,YAAY,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,OAAO,YAAY,CAAC,CAAC;AAM5E;;GAEG;AACH,OAAO,CAAC,MAAM,cAAc,EAAE,OAAO,MAAM,CAAC;AAC5C,MAAM,MAAM,SAAS,GAAG,MAAM,GAAG;IAAE,QAAQ,CAAC,CAAC,cAAc,CAAC,EAAE,OAAO,cAAc,CAAA;CAAE,CAAC;AAEtF;;GAEG;AACH,OAAO,CAAC,MAAM,cAAc,EAAE,OAAO,MAAM,CAAC;AAC5C,MAAM,MAAM,SAAS,GAAG,MAAM,GAAG;IAAE,QAAQ,CAAC,CAAC,cAAc,CAAC,EAAE,OAAO,cAAc,CAAA;CAAE,CAAC;AAEtF;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,+BAA+B;IAC/B,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,uDAAuD;IACvD,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC;IAC7B,qCAAqC;IACrC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,qCAAqC;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,qDAAqD;IACrD,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC;IAC7B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;CAC9B;AAMD;;GAEG;AACH,eAAO,MAAM,kBAAkB;IAC7B,yBAAyB;;IAEzB,4CAA4C;;IAE5C,qDAAqD;;IAErD,wCAAwC;;IAExC,+BAA+B;;IAE/B,iCAAiC;;CAEzB,CAAC;AAEX,MAAM,MAAM,kBAAkB,GAAG,CAAC,OAAO,kBAAkB,CAAC,CAAC,MAAM,OAAO,kBAAkB,CAAC,CAAC;AAE9F;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,kCAAkC;IAClC,QAAQ,CAAC,MAAM,EAAE,kBAAkB,CAAC;IACpC,4CAA4C;IAC5C,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,6BAA6B;IAC7B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,2CAA2C;IAC3C,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,gDAAgD;IAChD,QAAQ,CAAC,OAAO,CAAC,EAAE;QACjB,+CAA+C;QAC/C,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,mCAAmC;QACnC,WAAW,CAAC,EAAE,OAAO,CAAC;QACtB,0CAA0C;QAC1C,YAAY,CAAC,EAAE,OAAO,CAAC;KACxB,CAAC;CACH;AAMD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,iCAAiC;IACjC,IAAI,EAAE,YAAY,CAAC;IACnB,+EAA+E;IAC/E,aAAa,EAAE,MAAM,CAAC;IACtB,wDAAwD;IACxD,uBAAuB,EAAE,OAAO,CAAC;CAClC;AAED,wDAAwD;AACxD,eAAO,MAAM,sBAAsB,QAAgB,CAAC;AAEpD;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,cAIrC,CAAC;AAsBF;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,YAAY,CAKzE;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,GAAG,YAAY,CASjE;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,SAAS,CAKnE;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,OAAO,GAAG,SAAS,CAkB3D;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,SAAS,CAKnE;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,OAAO,GAAG,SAAS,CAkB3D;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAQlE;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAkB1D;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAOpE;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAS5D;AAMD;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,mBAAmB,CAYlF;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,KAAK,EAAE,OAAO,GAAG,mBAAmB,CAiC/E;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,kBAAkB,CAWhF;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,cAAc,CAWxE;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,OAAO,GAAG,cAAc,CAuBrE;AAMD;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM,CAE5D;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,gBAAgB,EAAE,MAAM,GAAG,UAAU,CAmCpE;AAMD;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,SAAS,EACnB,SAAS,GAAE,MAA+B,EAC1C,GAAG,CAAC,EAAE,IAAI,GACT;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAcvD;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CACpC,QAAQ,EAAE,SAAS,EACnB,SAAS,GAAE,MAA+B,EAC1C,GAAG,CAAC,EAAE,IAAI,GACT,IAAI,CAcN;AAMD;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,kBAAkB,CAOrF;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,kBAAkB,EAC1B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,kBAAkB,CAAC,SAAS,CAAC,GACtC,kBAAkB,CAOpB;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,OAAO,EAChB,KAAK,CAAC,EAAE,MAAM,GACb,kBAAkB,CAOpB;AAMD;;;;;;;GAOG;AACH,wBAAsB,sBAAsB,CAC1C,SAAS,EAAE,SAAS,EACpB,SAAS,EAAE,SAAS,EACpB,IAAI,EAAE,MAAM,GAAG,UAAU,GACxB,OAAO,CAAC,OAAO,CAAC,CAsClB;AAED;;;;;;;GAOG;AACH,wBAAsB,WAAW,CAC/B,UAAU,EAAE,MAAM,EAClB,IAAI,EAAE,MAAM,GAAG,UAAU,GACxB,OAAO,CAAC,SAAS,CAAC,CA0BpB;AAED;;;;GAIG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC;IACtD,SAAS,EAAE,SAAS,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC,CAiBD;AAMD;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC;IAAE,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CAAC;AAErF;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,gCAAgC;IAChC,aAAa,EAAE,mBAAmB,CAAC;IACnC,mCAAmC;IACnC,WAAW,EAAE,MAAM,CAAC;IACpB,yCAAyC;IACzC,YAAY,EAAE,YAAY,CAAC;IAC3B,6BAA6B;IAC7B,MAAM,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;IACjC,+BAA+B;IAC/B,GAAG,CAAC,EAAE,IAAI,CAAC;CACZ;AAED;;;;;;;;GAQG;AACH,wBAAsB,eAAe,CACnC,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,kBAAkB,CAAC,CAwE7B;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,YAAY,EAClB,kBAAkB,EAAE,kBAAkB,GACrC,OAAO,CAoBT;AAMD;;GAEG;AACH,wBAAsB,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAO5E;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,KAAK,EAAE,YAAY,EACnB,UAAU,EAAE,MAAM,EAClB,QAAQ,CAAC,EAAE,SAAS,GACnB,OAAO,CAAC,mBAAmB,CAAC,CAgB9B;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,OAAO,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,GAChC,cAAc,CAKhB;AAMD;;GAEG;AACH,eAAO,MAAM,WAAW;IACtB,2CAA2C;;IAE3C,4BAA4B;;IAE5B,8BAA8B;;IAE9B,gDAAgD;;IAEhD,kCAAkC;;CAE1B,CAAC;AAEX,MAAM,MAAM,WAAW,GAAG,CAAC,OAAO,WAAW,CAAC,CAAC,MAAM,OAAO,WAAW,CAAC,CAAC;AAEzE;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,oCAAoC;IACpC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,yCAAyC;IACzC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC;IAC7B,sEAAsE;IACtE,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;IAC3B,+DAA+D;IAC/D,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,mDAAmD;IACnD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,+BAA+B;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gEAAgE;IAChE,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,6BAA6B;IAC7B,MAAM,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;IACjC,yCAAyC;IACzC,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,iCAAiC;IACjC,KAAK,EAAE,OAAO,CAAC;IACf,0CAA0C;IAC1C,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,+BAA+B;IAC/B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,oFAAoF;IACpF,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,sBAAsB,GAAG,YAAY,CAwC1E;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,iBAAiB,CACrC,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;IACR,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,MAAM,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;CAClC,GACA,OAAO,CAAC,qBAAqB,CAAC,CAsDhC;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,YAAY,CAYpE;AAED;;GAEG;AACH,wBAAgB,wBAAwB,IAAI,YAAY,CAMvD;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,KAAK,EAAE,MAAM,EACb,MAAM,GAAE,WAAkC,GACzC,YAAY,CAMd;AAMD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,sDAAsD;IACtD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,yDAAyD;IACzD,QAAQ,EAAE,OAAO,CAAC;IAClB,8DAA8D;IAC9D,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,6BAA6B;IAC7B,IAAI,EAAE,YAAY,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,oEAAoE;IACpE,aAAa,CAAC,EAAE,mBAAmB,CAAC;IACpC,+DAA+D;IAC/D,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,gDAAgD;IAChD,OAAO,EAAE,OAAO,CAAC;IACjB,sDAAsD;IACtD,OAAO,EAAE,iBAAiB,CAAC;IAC3B,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,6BAA6B;IAC5C,6BAA6B;IAC7B,MAAM,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;IACjC,+CAA+C;IAC/C,YAAY,EAAE,YAAY,CAAC;IAC3B,iCAAiC;IACjC,GAAG,CAAC,EAAE,IAAI,CAAC;CACZ;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAgB,4BAA4B,CAC1C,OAAO,EAAE,6BAA6B,GACrC,CAAC,OAAO,EAAE,eAAe,KAAK,OAAO,CAAC,gBAAgB,CAAC,CAmFzD;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,iBAAiB,CAMvE;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,kBAAkB,EAAE,kBAAkB,GAAG,iBAAiB,CAO9G"}