@synoi/gap 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (58) hide show
  1. package/LICENSE +195 -0
  2. package/README.md +223 -0
  3. package/dist/canonicalize.d.ts +19 -0
  4. package/dist/canonicalize.d.ts.map +1 -0
  5. package/dist/canonicalize.js +36 -0
  6. package/dist/canonicalize.js.map +1 -0
  7. package/dist/capabilities.d.ts +605 -0
  8. package/dist/capabilities.d.ts.map +1 -0
  9. package/dist/capabilities.js +53 -0
  10. package/dist/capabilities.js.map +1 -0
  11. package/dist/cdro.d.ts +63 -0
  12. package/dist/cdro.d.ts.map +1 -0
  13. package/dist/cdro.js +16 -0
  14. package/dist/cdro.js.map +1 -0
  15. package/dist/channels.d.ts +107 -0
  16. package/dist/channels.d.ts.map +1 -0
  17. package/dist/channels.js +29 -0
  18. package/dist/channels.js.map +1 -0
  19. package/dist/constants.d.ts +32 -0
  20. package/dist/constants.d.ts.map +1 -0
  21. package/dist/constants.js +36 -0
  22. package/dist/constants.js.map +1 -0
  23. package/dist/index.d.ts +28 -0
  24. package/dist/index.d.ts.map +1 -0
  25. package/dist/index.js +35 -0
  26. package/dist/index.js.map +1 -0
  27. package/dist/oid.d.ts +28 -0
  28. package/dist/oid.d.ts.map +1 -0
  29. package/dist/oid.js +68 -0
  30. package/dist/oid.js.map +1 -0
  31. package/dist/receipts.d.ts +128 -0
  32. package/dist/receipts.d.ts.map +1 -0
  33. package/dist/receipts.js +14 -0
  34. package/dist/receipts.js.map +1 -0
  35. package/dist/revocations.d.ts +65 -0
  36. package/dist/revocations.d.ts.map +1 -0
  37. package/dist/revocations.js +22 -0
  38. package/dist/revocations.js.map +1 -0
  39. package/dist/validate.d.ts +59 -0
  40. package/dist/validate.d.ts.map +1 -0
  41. package/dist/validate.js +835 -0
  42. package/dist/validate.js.map +1 -0
  43. package/dist/workflows.d.ts +186 -0
  44. package/dist/workflows.d.ts.map +1 -0
  45. package/dist/workflows.js +14 -0
  46. package/dist/workflows.js.map +1 -0
  47. package/package.json +55 -0
  48. package/src/canonicalize.ts +38 -0
  49. package/src/capabilities.ts +711 -0
  50. package/src/cdro.ts +92 -0
  51. package/src/channels.ts +183 -0
  52. package/src/constants.ts +46 -0
  53. package/src/index.ts +180 -0
  54. package/src/oid.ts +71 -0
  55. package/src/receipts.ts +169 -0
  56. package/src/revocations.ts +90 -0
  57. package/src/validate.ts +1008 -0
  58. package/src/workflows.ts +241 -0
package/dist/cdro.d.ts ADDED
@@ -0,0 +1,63 @@
1
+ /**
2
+ * cdro.ts -- GAP CDRO envelope.
3
+ *
4
+ * CDRO = Content-addressed, Deterministic, Replayable Object. Every GAP
5
+ * top-level record sits inside a `GapCdroEnvelope<TBody>`. The shape mirrors
6
+ * the GAP gateway reference implementation wire types.
7
+ *
8
+ * NOTE: this envelope shape is locally redeclared in @synoi/gap rather
9
+ * than imported from @synoi/sraid (which is being built in parallel). The two
10
+ * packages will be wired together in a follow-up. The wire format is
11
+ * identical, so cross-package compatibility is by-shape.
12
+ */
13
+ export type GapObjectType = 'gap:capability_declaration' | 'gap:capability_grant' | 'gap:capability_invocation' | 'gap:workflow_definition' | 'gap:workflow_instance' | 'gap:stage_transition' | 'gap:channel_event' | 'gap:decision_receipt' | 'gap:revocation_event' | 'gap:federation_handshake' | 'gap:break_glass_token' | 'gap:local_override_credential' | 'gap:lca_root' | 'gap:erasure_event' | 'gap:orchestration_chain' | 'gap:consent_record' | 'gap:pip_response';
14
+ /** Current GAP wire version. CDROs that don't match this version are
15
+ * rejected by validators. */
16
+ export declare const GAP_VERSION: "1.0";
17
+ export type GapVersion = typeof GAP_VERSION;
18
+ /**
19
+ * Fields excluded from the OID hash input (they are NOT part of the canonical
20
+ * body): `oid`, `gap_version`, `signature`, `signature_key_id`, `supersedes`.
21
+ *
22
+ * Any future addition to this exclusion set constitutes a protocol version
23
+ * bump. Implementors must strip all five fields before passing the object to
24
+ * `computeGapOid` / `canonicalize`.
25
+ */
26
+ export interface GapCdroEnvelope<TBody> {
27
+ /** Content-addressed identifier: `sha256:<hex>` over canonical body. */
28
+ oid: string;
29
+ /** Object type discriminator, e.g. `gap:capability_grant`. */
30
+ type: GapObjectType;
31
+ /** Wire version of the GAP protocol. */
32
+ gap_version: GapVersion;
33
+ /** Tenant scope. CDROs never cross tenant boundaries implicitly. */
34
+ tenant_id: string;
35
+ /** Server-clock millisecond timestamp at envelope construction. */
36
+ created_at_ms: number;
37
+ /** Actor OID that created this CDRO. */
38
+ created_by: string;
39
+ /** Type-specific payload. */
40
+ body: TBody;
41
+ /** Optional Ed25519 signature, base64-encoded. */
42
+ signature?: string;
43
+ /** Identifier of the public key that produced `signature`. */
44
+ signature_key_id?: string;
45
+ /** OID of a prior CDRO that this one replaces. */
46
+ supersedes?: string;
47
+ }
48
+ /**
49
+ * Payload shape passed to `computeGapOid` -- the envelope minus oid +
50
+ * gap_version + signature fields. Useful when builders are constructing a
51
+ * CDRO step-by-step.
52
+ *
53
+ * This is the canonical input shape for `computeGapOid` -- it already excludes
54
+ * `oid`, `gap_version`, `signature`, `signature_key_id`, and `supersedes`.
55
+ */
56
+ export interface GapOidPayload<TBody> {
57
+ type: GapObjectType;
58
+ tenant_id: string;
59
+ created_at_ms: number;
60
+ created_by: string;
61
+ body: TBody;
62
+ }
63
+ //# sourceMappingURL=cdro.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cdro.d.ts","sourceRoot":"","sources":["../src/cdro.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,MAAM,MAAM,aAAa,GAKrB,4BAA4B,GAC5B,sBAAsB,GACtB,2BAA2B,GAC3B,yBAAyB,GACzB,uBAAuB,GACvB,sBAAsB,GACtB,mBAAmB,GACnB,sBAAsB,GACtB,sBAAsB,GACtB,0BAA0B,GAM1B,uBAAuB,GACvB,+BAA+B,GAC/B,cAAc,GACd,mBAAmB,GACnB,yBAAyB,GACzB,oBAAoB,GACpB,kBAAkB,CAAA;AAEtB;8BAC8B;AAC9B,eAAO,MAAM,WAAW,EAAG,KAAc,CAAA;AACzC,MAAM,MAAM,UAAU,GAAG,OAAO,WAAW,CAAA;AAE3C;;;;;;;GAOG;AACH,MAAM,WAAW,eAAe,CAAC,KAAK;IACpC,wEAAwE;IACxE,GAAG,EAAE,MAAM,CAAA;IACX,8DAA8D;IAC9D,IAAI,EAAE,aAAa,CAAA;IACnB,wCAAwC;IACxC,WAAW,EAAE,UAAU,CAAA;IACvB,oEAAoE;IACpE,SAAS,EAAE,MAAM,CAAA;IACjB,mEAAmE;IACnE,aAAa,EAAE,MAAM,CAAA;IACrB,wCAAwC;IACxC,UAAU,EAAE,MAAM,CAAA;IAClB,6BAA6B;IAC7B,IAAI,EAAE,KAAK,CAAA;IACX,kDAAkD;IAClD,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,8DAA8D;IAC9D,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,kDAAkD;IAClD,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,aAAa,CAAC,KAAK;IAClC,IAAI,EAAE,aAAa,CAAA;IACnB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,UAAU,EAAE,MAAM,CAAA;IAClB,IAAI,EAAE,KAAK,CAAA;CACZ"}
package/dist/cdro.js ADDED
@@ -0,0 +1,16 @@
1
+ /**
2
+ * cdro.ts -- GAP CDRO envelope.
3
+ *
4
+ * CDRO = Content-addressed, Deterministic, Replayable Object. Every GAP
5
+ * top-level record sits inside a `GapCdroEnvelope<TBody>`. The shape mirrors
6
+ * the GAP gateway reference implementation wire types.
7
+ *
8
+ * NOTE: this envelope shape is locally redeclared in @synoi/gap rather
9
+ * than imported from @synoi/sraid (which is being built in parallel). The two
10
+ * packages will be wired together in a follow-up. The wire format is
11
+ * identical, so cross-package compatibility is by-shape.
12
+ */
13
+ /** Current GAP wire version. CDROs that don't match this version are
14
+ * rejected by validators. */
15
+ export const GAP_VERSION = '1.0';
16
+ //# sourceMappingURL=cdro.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cdro.js","sourceRoot":"","sources":["../src/cdro.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AA8BH;8BAC8B;AAC9B,MAAM,CAAC,MAAM,WAAW,GAAG,KAAc,CAAA"}
@@ -0,0 +1,107 @@
1
+ /**
2
+ * channels.ts -- channel taxonomy + adapter interface.
3
+ *
4
+ * Channels bridge GAP's abstract `actions`/`listen` model to concrete
5
+ * delivery surfaces (SMS, mobile push, home assistant, etc.).
6
+ *
7
+ * This file declares only the TYPES. Adapter implementations live in
8
+ * downstream packages (the gateway, vendor SDKs). The interface here is the
9
+ * contract those implementations satisfy.
10
+ */
11
+ import type { GapCdroEnvelope } from './cdro.js';
12
+ /** Built-in channel kinds. The `(string & {})` branch keeps the union open
13
+ * for vendor-specific extensions (e.g. 'com.example.pager') while
14
+ * preserving autocomplete on the canonical entries.
15
+ *
16
+ * Connectivity categories:
17
+ * Internet: sms, voice, email, slack, mobile_push
18
+ * LAN/Internet: sse, webhook
19
+ * Local: in_app, game_engine, home_assistant, desktop_overlay
20
+ * Air-gapped: local_terminal, hmi_panel, opc_ua_ack, local_signed_token
21
+ */
22
+ export type ChannelKind = 'sms' | 'voice' | 'email' | 'slack' | 'mobile_push' | 'sse' | 'webhook' | 'in_app' | 'game_engine' | 'home_assistant' | 'desktop_overlay' | 'local_terminal' | 'hmi_panel' | 'opc_ua_ack' | 'local_signed_token' | (string & {});
23
+ /** Subset of ChannelKind containing only the canonical (literal) values.
24
+ * Useful for exhaustive switches in code that only handles built-ins. */
25
+ export type CanonicalChannelKind = 'sms' | 'voice' | 'email' | 'slack' | 'mobile_push' | 'sse' | 'webhook' | 'in_app' | 'game_engine' | 'home_assistant' | 'desktop_overlay' | 'local_terminal' | 'hmi_panel' | 'opc_ua_ack' | 'local_signed_token';
26
+ /** Ordered list of canonical channels, useful for menu UIs + tests. */
27
+ export declare const CANONICAL_CHANNEL_KINDS: readonly CanonicalChannelKind[];
28
+ export interface StageAction {
29
+ channel: ChannelKind;
30
+ method: string;
31
+ params: Record<string, unknown>;
32
+ }
33
+ export interface StageTransitionTarget {
34
+ next_stage_id?: string;
35
+ bind?: Record<string, string>;
36
+ }
37
+ export interface StageListen {
38
+ channel: ChannelKind;
39
+ intent?: string;
40
+ pattern?: string;
41
+ event_kind?: string;
42
+ next: StageTransitionTarget;
43
+ /**
44
+ * When set, the gateway MUST verify that the channel event's `from` field
45
+ * matches this value before accepting it as a valid stage signal. For SMS
46
+ * channels this is the operator's registered phone number (E.164 format).
47
+ * For webhook channels this is the expected sender identity string.
48
+ *
49
+ * Required for stages that govern physical_safety=true or safety_class C
50
+ * capabilities. Absent means no sender-identity check is performed.
51
+ */
52
+ required_from_binding?: string;
53
+ }
54
+ export interface ChannelEventBody {
55
+ channel: ChannelKind;
56
+ event_kind: string;
57
+ payload: Record<string, unknown>;
58
+ observed_at_ms: number;
59
+ /** Workflow context if this event originated from / is routed to a workflow. */
60
+ workflow_instance_oid?: string;
61
+ stage_id?: string;
62
+ }
63
+ export type ChannelEvent = GapCdroEnvelope<ChannelEventBody>;
64
+ export interface AdapterContext {
65
+ tenant_id: string;
66
+ workflow_instance_oid: string;
67
+ stage_id: string;
68
+ scope_variables: Record<string, unknown>;
69
+ }
70
+ export interface ActionResult {
71
+ ok: boolean;
72
+ detail?: string;
73
+ /** OID of a channel event spawned by the action, if any. */
74
+ spawned_event_oid?: string;
75
+ }
76
+ export interface ListenHandle {
77
+ cancel(): void;
78
+ }
79
+ /**
80
+ * Interface that every channel adapter must implement. Adapter
81
+ * implementations are out of scope for this types package -- they live in
82
+ * synoi-gateway and downstream packages.
83
+ */
84
+ export interface ChannelAdapter {
85
+ /** Channel kind this adapter handles. */
86
+ kind: ChannelKind;
87
+ /** Adapter capabilities -- which GAP listen/action shapes it supports. */
88
+ supports: {
89
+ actions: string[];
90
+ listens: Array<'intent' | 'pattern' | 'event_kind'>;
91
+ };
92
+ /** Execute an action. Returns when complete or errors. */
93
+ performAction(spec: StageAction, context: AdapterContext): Promise<ActionResult>;
94
+ /** Arm a listener. Returns a handle that can be cancelled. */
95
+ armListen(spec: StageListen, context: AdapterContext, onMatch: (event: ChannelEvent) => void): ListenHandle;
96
+ /** Health check. */
97
+ health(): Promise<{
98
+ ok: boolean;
99
+ detail?: string;
100
+ }>;
101
+ }
102
+ export interface ChannelRegistry {
103
+ register(adapter: ChannelAdapter): void;
104
+ get(kind: ChannelKind): ChannelAdapter | null;
105
+ list(): ChannelAdapter[];
106
+ }
107
+ //# sourceMappingURL=channels.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"channels.d.ts","sourceRoot":"","sources":["../src/channels.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAEhD;;;;;;;;;GASG;AACH,MAAM,MAAM,WAAW,GAEnB,KAAK,GACL,OAAO,GACP,OAAO,GACP,OAAO,GACP,aAAa,GAEb,KAAK,GACL,SAAS,GAET,QAAQ,GACR,aAAa,GACb,gBAAgB,GAChB,iBAAiB,GAEjB,gBAAgB,GAChB,WAAW,GACX,YAAY,GACZ,oBAAoB,GAEpB,CAAC,MAAM,GAAG,EAAE,CAAC,CAAA;AAEjB;0EAC0E;AAC1E,MAAM,MAAM,oBAAoB,GAC5B,KAAK,GACL,OAAO,GACP,OAAO,GACP,OAAO,GACP,aAAa,GACb,KAAK,GACL,SAAS,GACT,QAAQ,GACR,aAAa,GACb,gBAAgB,GAChB,iBAAiB,GACjB,gBAAgB,GAChB,WAAW,GACX,YAAY,GACZ,oBAAoB,CAAA;AAExB,uEAAuE;AACvE,eAAO,MAAM,uBAAuB,EAAE,SAAS,oBAAoB,EAgBzD,CAAA;AAIV,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,WAAW,CAAA;IACpB,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAChC;AAED,MAAM,WAAW,qBAAqB;IACpC,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAC9B;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,WAAW,CAAA;IACpB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,IAAI,EAAE,qBAAqB,CAAA;IAC3B;;;;;;;;OAQG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAA;CAC/B;AAID,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,WAAW,CAAA;IACpB,UAAU,EAAE,MAAM,CAAA;IAClB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAChC,cAAc,EAAE,MAAM,CAAA;IACtB,gFAAgF;IAChF,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,MAAM,YAAY,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAA;AAI5D,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,qBAAqB,EAAE,MAAM,CAAA;IAC7B,QAAQ,EAAE,MAAM,CAAA;IAChB,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACzC;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,OAAO,CAAA;IACX,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,4DAA4D;IAC5D,iBAAiB,CAAC,EAAE,MAAM,CAAA;CAC3B;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,IAAI,IAAI,CAAA;CACf;AAED;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B,yCAAyC;IACzC,IAAI,EAAE,WAAW,CAAA;IAEjB,0EAA0E;IAC1E,QAAQ,EAAE;QACR,OAAO,EAAE,MAAM,EAAE,CAAA;QACjB,OAAO,EAAE,KAAK,CAAC,QAAQ,GAAG,SAAS,GAAG,YAAY,CAAC,CAAA;KACpD,CAAA;IAED,0DAA0D;IAC1D,aAAa,CAAC,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;IAEhF,8DAA8D;IAC9D,SAAS,CACP,IAAI,EAAE,WAAW,EACjB,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,CAAC,KAAK,EAAE,YAAY,KAAK,IAAI,GACrC,YAAY,CAAA;IAEf,oBAAoB;IACpB,MAAM,IAAI,OAAO,CAAC;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CACpD;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,OAAO,EAAE,cAAc,GAAG,IAAI,CAAA;IACvC,GAAG,CAAC,IAAI,EAAE,WAAW,GAAG,cAAc,GAAG,IAAI,CAAA;IAC7C,IAAI,IAAI,cAAc,EAAE,CAAA;CACzB"}
@@ -0,0 +1,29 @@
1
+ /**
2
+ * channels.ts -- channel taxonomy + adapter interface.
3
+ *
4
+ * Channels bridge GAP's abstract `actions`/`listen` model to concrete
5
+ * delivery surfaces (SMS, mobile push, home assistant, etc.).
6
+ *
7
+ * This file declares only the TYPES. Adapter implementations live in
8
+ * downstream packages (the gateway, vendor SDKs). The interface here is the
9
+ * contract those implementations satisfy.
10
+ */
11
+ /** Ordered list of canonical channels, useful for menu UIs + tests. */
12
+ export const CANONICAL_CHANNEL_KINDS = [
13
+ 'sms',
14
+ 'voice',
15
+ 'email',
16
+ 'slack',
17
+ 'mobile_push',
18
+ 'sse',
19
+ 'webhook',
20
+ 'in_app',
21
+ 'game_engine',
22
+ 'home_assistant',
23
+ 'desktop_overlay',
24
+ 'local_terminal',
25
+ 'hmi_panel',
26
+ 'opc_ua_ack',
27
+ 'local_signed_token',
28
+ ];
29
+ //# sourceMappingURL=channels.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"channels.js","sourceRoot":"","sources":["../src/channels.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAwDH,uEAAuE;AACvE,MAAM,CAAC,MAAM,uBAAuB,GAAoC;IACtE,KAAK;IACL,OAAO;IACP,OAAO;IACP,OAAO;IACP,aAAa;IACb,KAAK;IACL,SAAS;IACT,QAAQ;IACR,aAAa;IACb,gBAAgB;IAChB,iBAAiB;IACjB,gBAAgB;IAChB,WAAW;IACX,YAAY;IACZ,oBAAoB;CACZ,CAAA"}
@@ -0,0 +1,32 @@
1
+ /**
2
+ * constants.ts -- well-known capability OIDs + channel kinds.
3
+ *
4
+ * Reserved OID strings for the GAP platform. These identifiers are stable
5
+ * across all conforming gateway implementations. Third-party implementations
6
+ * MUST NOT redefine them.
7
+ *
8
+ * - DISCOVERY_QUERY_CAPABILITY reserved for /by-grant discovery queries
9
+ * - SKILL_CREATE_CAPABILITY reserved for skill manifest upload
10
+ * - VOICE_JOIN_CAPABILITY reserved for voice bridge authorization
11
+ */
12
+ import type { CanonicalChannelKind } from './channels.js';
13
+ /** Capability that authorizes /by-grant discovery queries. */
14
+ export declare const DISCOVERY_QUERY_CAPABILITY: "gap.discovery.query";
15
+ /** Capability that authorizes skill creation (skill manifest upload). */
16
+ export declare const SKILL_CREATE_CAPABILITY: "skill.create";
17
+ /** Capability that authorizes joining a voice bridge call. */
18
+ export declare const VOICE_JOIN_CAPABILITY: "gap.voice.join";
19
+ /** All well-known capability names, useful for tests + audit dashboards. */
20
+ export declare const WELL_KNOWN_CAPABILITIES: readonly ["gap.discovery.query", "skill.create", "gap.voice.join"];
21
+ export type WellKnownCapability = typeof WELL_KNOWN_CAPABILITIES[number];
22
+ export declare const CHANNEL_VOICE: CanonicalChannelKind;
23
+ export declare const CHANNEL_SMS: CanonicalChannelKind;
24
+ export declare const CHANNEL_SLACK: CanonicalChannelKind;
25
+ export declare const CHANNEL_MOBILE_PUSH: CanonicalChannelKind;
26
+ export declare const CHANNEL_HOME_ASSISTANT: CanonicalChannelKind;
27
+ export declare const CHANNEL_DESKTOP_OVERLAY: CanonicalChannelKind;
28
+ export declare const CHANNEL_EMAIL: CanonicalChannelKind;
29
+ export declare const CHANNEL_IN_APP: CanonicalChannelKind;
30
+ export declare const CHANNEL_GAME_ENGINE: CanonicalChannelKind;
31
+ export declare const CHANNEL_WEBHOOK: CanonicalChannelKind;
32
+ //# sourceMappingURL=constants.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAA;AAIzD,8DAA8D;AAC9D,eAAO,MAAM,0BAA0B,EAAG,qBAA8B,CAAA;AAExE,yEAAyE;AACzE,eAAO,MAAM,uBAAuB,EAAG,cAAuB,CAAA;AAE9D,8DAA8D;AAC9D,eAAO,MAAM,qBAAqB,EAAG,gBAAyB,CAAA;AAE9D,4EAA4E;AAC5E,eAAO,MAAM,uBAAuB,oEAI1B,CAAA;AAEV,MAAM,MAAM,mBAAmB,GAAG,OAAO,uBAAuB,CAAC,MAAM,CAAC,CAAA;AAIxE,eAAO,MAAM,aAAa,EAAE,oBAA8B,CAAA;AAC1D,eAAO,MAAM,WAAW,EAAE,oBAA4B,CAAA;AACtD,eAAO,MAAM,aAAa,EAAE,oBAA8B,CAAA;AAC1D,eAAO,MAAM,mBAAmB,EAAE,oBAAoC,CAAA;AACtE,eAAO,MAAM,sBAAsB,EAAE,oBAAuC,CAAA;AAC5E,eAAO,MAAM,uBAAuB,EAAE,oBAAwC,CAAA;AAC9E,eAAO,MAAM,aAAa,EAAE,oBAA8B,CAAA;AAC1D,eAAO,MAAM,cAAc,EAAE,oBAA+B,CAAA;AAC5D,eAAO,MAAM,mBAAmB,EAAE,oBAAoC,CAAA;AACtE,eAAO,MAAM,eAAe,EAAE,oBAAgC,CAAA"}
@@ -0,0 +1,36 @@
1
+ /**
2
+ * constants.ts -- well-known capability OIDs + channel kinds.
3
+ *
4
+ * Reserved OID strings for the GAP platform. These identifiers are stable
5
+ * across all conforming gateway implementations. Third-party implementations
6
+ * MUST NOT redefine them.
7
+ *
8
+ * - DISCOVERY_QUERY_CAPABILITY reserved for /by-grant discovery queries
9
+ * - SKILL_CREATE_CAPABILITY reserved for skill manifest upload
10
+ * - VOICE_JOIN_CAPABILITY reserved for voice bridge authorization
11
+ */
12
+ // -- Well-known capability names (dotted taxonomy) ---------------------------
13
+ /** Capability that authorizes /by-grant discovery queries. */
14
+ export const DISCOVERY_QUERY_CAPABILITY = 'gap.discovery.query';
15
+ /** Capability that authorizes skill creation (skill manifest upload). */
16
+ export const SKILL_CREATE_CAPABILITY = 'skill.create';
17
+ /** Capability that authorizes joining a voice bridge call. */
18
+ export const VOICE_JOIN_CAPABILITY = 'gap.voice.join';
19
+ /** All well-known capability names, useful for tests + audit dashboards. */
20
+ export const WELL_KNOWN_CAPABILITIES = [
21
+ DISCOVERY_QUERY_CAPABILITY,
22
+ SKILL_CREATE_CAPABILITY,
23
+ VOICE_JOIN_CAPABILITY,
24
+ ];
25
+ // -- Channel kind constants (mirror canonical list) --------------------------
26
+ export const CHANNEL_VOICE = 'voice';
27
+ export const CHANNEL_SMS = 'sms';
28
+ export const CHANNEL_SLACK = 'slack';
29
+ export const CHANNEL_MOBILE_PUSH = 'mobile_push';
30
+ export const CHANNEL_HOME_ASSISTANT = 'home_assistant';
31
+ export const CHANNEL_DESKTOP_OVERLAY = 'desktop_overlay';
32
+ export const CHANNEL_EMAIL = 'email';
33
+ export const CHANNEL_IN_APP = 'in_app';
34
+ export const CHANNEL_GAME_ENGINE = 'game_engine';
35
+ export const CHANNEL_WEBHOOK = 'webhook';
36
+ //# sourceMappingURL=constants.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,+EAA+E;AAE/E,8DAA8D;AAC9D,MAAM,CAAC,MAAM,0BAA0B,GAAG,qBAA8B,CAAA;AAExE,yEAAyE;AACzE,MAAM,CAAC,MAAM,uBAAuB,GAAG,cAAuB,CAAA;AAE9D,8DAA8D;AAC9D,MAAM,CAAC,MAAM,qBAAqB,GAAG,gBAAyB,CAAA;AAE9D,4EAA4E;AAC5E,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,0BAA0B;IAC1B,uBAAuB;IACvB,qBAAqB;CACb,CAAA;AAIV,+EAA+E;AAE/E,MAAM,CAAC,MAAM,aAAa,GAAyB,OAAO,CAAA;AAC1D,MAAM,CAAC,MAAM,WAAW,GAAyB,KAAK,CAAA;AACtD,MAAM,CAAC,MAAM,aAAa,GAAyB,OAAO,CAAA;AAC1D,MAAM,CAAC,MAAM,mBAAmB,GAAyB,aAAa,CAAA;AACtE,MAAM,CAAC,MAAM,sBAAsB,GAAyB,gBAAgB,CAAA;AAC5E,MAAM,CAAC,MAAM,uBAAuB,GAAyB,iBAAiB,CAAA;AAC9E,MAAM,CAAC,MAAM,aAAa,GAAyB,OAAO,CAAA;AAC1D,MAAM,CAAC,MAAM,cAAc,GAAyB,QAAQ,CAAA;AAC5D,MAAM,CAAC,MAAM,mBAAmB,GAAyB,aAAa,CAAA;AACtE,MAAM,CAAC,MAAM,eAAe,GAAyB,SAAS,CAAA"}
@@ -0,0 +1,28 @@
1
+ /**
2
+ * @synoi/gap -- public surface.
3
+ *
4
+ * Apache-2.0 TypeScript types + runtime validators for SynOI's
5
+ * GAP (Governed Action Protocol).
6
+ *
7
+ * The protocol itself is open under CC0; this package ships the wire-format
8
+ * types so any GAP implementation (third-party gateway, audit tool, vendor
9
+ * SDK) can speak the same wire format from a single source of truth.
10
+ */
11
+ export { GAP_VERSION, } from './cdro.js';
12
+ export type { GapCdroEnvelope, GapObjectType, GapOidPayload, GapVersion, } from './cdro.js';
13
+ export { capabilityMatches, } from './capabilities.js';
14
+ export type { GapActorType, Capability, CapabilityDeclaration, CapabilityDeclarationBody, CapabilityGrant, CapabilityGrantBody, CapabilityInvocation, CapabilityInvocationBody, CapabilityPredicate, GrantedCapabilityScope, DelegationStep, OrchestrationChainBody, McpToolCallContext, TokenBudgetArgs, ConsentRecordBody, CredentialKind, IdentityBinding, ExternalPipArgs, PipResponseBody, } from './capabilities.js';
15
+ export { CANONICAL_CHANNEL_KINDS, } from './channels.js';
16
+ export type { ActionResult, AdapterContext, CanonicalChannelKind, ChannelAdapter, ChannelEvent, ChannelEventBody, ChannelKind, ChannelRegistry, ListenHandle, StageAction, StageListen, StageTransitionTarget, } from './channels.js';
17
+ export type { OptionalEffect, StageSafety, StageTransition, StageTransitionBody, StageTransitionReason, WorkflowDefinition, WorkflowDefinitionBody, WorkflowInstance, WorkflowInstanceBody, WorkflowStage, WorkflowStageDefinition, WorkflowTrigger, WorkflowTriggerKind, } from './workflows.js';
18
+ export { isGapFailure, } from './receipts.js';
19
+ export type { GapDecisionReceipt, GapDecisionReceiptBody, GapFailure, GapFailureReason, DecisionStatus, DecisionSubjectKind, TokenConsumption, } from './receipts.js';
20
+ export { revokeGapObject, } from './revocations.js';
21
+ export type { RevocationEvent, RevocationEventBody, RevocationTargetKind, } from './revocations.js';
22
+ export { CHANNEL_DESKTOP_OVERLAY, CHANNEL_EMAIL, CHANNEL_GAME_ENGINE, CHANNEL_HOME_ASSISTANT, CHANNEL_IN_APP, CHANNEL_MOBILE_PUSH, CHANNEL_SLACK, CHANNEL_SMS, CHANNEL_VOICE, CHANNEL_WEBHOOK, DISCOVERY_QUERY_CAPABILITY, SKILL_CREATE_CAPABILITY, VOICE_JOIN_CAPABILITY, WELL_KNOWN_CAPABILITIES, } from './constants.js';
23
+ export type { WellKnownCapability, } from './constants.js';
24
+ export { computeGapOid, } from './oid.js';
25
+ export { canonicalize, } from './canonicalize.js';
26
+ export type { ValidationResult, } from './validate.js';
27
+ export { validateGapDecisionReceipt, validateGapDecisionReceiptBody, validateCapabilityDeclaration, validateCapabilityDeclarationBody, validateCapabilityGrant, validateCapabilityGrantBody, validateCapabilityInvocation, validateCapabilityInvocationBody, validateChannelEvent, validateChannelEventBody, validateRevocationEvent, validateRevocationEventBody, validateStageTransition, validateStageTransitionBody, validateWorkflowDefinition, validateWorkflowDefinitionBody, validateWorkflowInstance, validateWorkflowInstanceBody, validateOrchestrationChainBody, validateOrchestrationChain, validateTokenConsumption, validateConsentRecordBody, validateConsentRecord, validatePipResponseBody, validatePipResponse, } from './validate.js';
28
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EACL,WAAW,GACZ,MAAM,WAAW,CAAA;AAClB,YAAY,EACV,eAAe,EACf,aAAa,EACb,aAAa,EACb,UAAU,GACX,MAAM,WAAW,CAAA;AAGlB,OAAO,EACL,iBAAiB,GAClB,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EACV,YAAY,EACZ,UAAU,EACV,qBAAqB,EACrB,yBAAyB,EACzB,eAAe,EACf,mBAAmB,EACnB,oBAAoB,EACpB,wBAAwB,EACxB,mBAAmB,EACnB,sBAAsB,EAEtB,cAAc,EACd,sBAAsB,EAEtB,kBAAkB,EAElB,eAAe,EAEf,iBAAiB,EAEjB,cAAc,EACd,eAAe,EAGf,eAAe,EACf,eAAe,GAChB,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EACL,uBAAuB,GACxB,MAAM,eAAe,CAAA;AACtB,YAAY,EACV,YAAY,EACZ,cAAc,EACd,oBAAoB,EACpB,cAAc,EACd,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACX,eAAe,EACf,YAAY,EACZ,WAAW,EACX,WAAW,EACX,qBAAqB,GACtB,MAAM,eAAe,CAAA;AAGtB,YAAY,EACV,cAAc,EACd,WAAW,EACX,eAAe,EACf,mBAAmB,EACnB,qBAAqB,EACrB,kBAAkB,EAClB,sBAAsB,EACtB,gBAAgB,EAChB,oBAAoB,EACpB,aAAa,EACb,uBAAuB,EACvB,eAAe,EACf,mBAAmB,GACpB,MAAM,gBAAgB,CAAA;AAGvB,OAAO,EACL,YAAY,GACb,MAAM,eAAe,CAAA;AACtB,YAAY,EACV,kBAAkB,EAClB,sBAAsB,EACtB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,mBAAmB,EAEnB,gBAAgB,GACjB,MAAM,eAAe,CAAA;AAGtB,OAAO,EACL,eAAe,GAChB,MAAM,kBAAkB,CAAA;AACzB,YAAY,EACV,eAAe,EACf,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,kBAAkB,CAAA;AAGzB,OAAO,EACL,uBAAuB,EACvB,aAAa,EACb,mBAAmB,EACnB,sBAAsB,EACtB,cAAc,EACd,mBAAmB,EACnB,aAAa,EACb,WAAW,EACX,aAAa,EACb,eAAe,EACf,0BAA0B,EAC1B,uBAAuB,EACvB,qBAAqB,EACrB,uBAAuB,GACxB,MAAM,gBAAgB,CAAA;AACvB,YAAY,EACV,mBAAmB,GACpB,MAAM,gBAAgB,CAAA;AAGvB,OAAO,EACL,aAAa,GACd,MAAM,UAAU,CAAA;AACjB,OAAO,EACL,YAAY,GACb,MAAM,mBAAmB,CAAA;AAG1B,YAAY,EACV,gBAAgB,GACjB,MAAM,eAAe,CAAA;AACtB,OAAO,EACL,0BAA0B,EAC1B,8BAA8B,EAC9B,6BAA6B,EAC7B,iCAAiC,EACjC,uBAAuB,EACvB,2BAA2B,EAC3B,4BAA4B,EAC5B,gCAAgC,EAChC,oBAAoB,EACpB,wBAAwB,EACxB,uBAAuB,EACvB,2BAA2B,EAC3B,uBAAuB,EACvB,2BAA2B,EAC3B,0BAA0B,EAC1B,8BAA8B,EAC9B,wBAAwB,EACxB,4BAA4B,EAE5B,8BAA8B,EAC9B,0BAA0B,EAE1B,wBAAwB,EAExB,yBAAyB,EACzB,qBAAqB,EAErB,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,eAAe,CAAA"}
package/dist/index.js ADDED
@@ -0,0 +1,35 @@
1
+ /**
2
+ * @synoi/gap -- public surface.
3
+ *
4
+ * Apache-2.0 TypeScript types + runtime validators for SynOI's
5
+ * GAP (Governed Action Protocol).
6
+ *
7
+ * The protocol itself is open under CC0; this package ships the wire-format
8
+ * types so any GAP implementation (third-party gateway, audit tool, vendor
9
+ * SDK) can speak the same wire format from a single source of truth.
10
+ */
11
+ // -- CDRO envelope -----------------------------------------------------------
12
+ export { GAP_VERSION, } from './cdro.js';
13
+ // -- Capabilities (declarations, grants, invocations) ------------------------
14
+ export { capabilityMatches, } from './capabilities.js';
15
+ // -- Channels ----------------------------------------------------------------
16
+ export { CANONICAL_CHANNEL_KINDS, } from './channels.js';
17
+ // -- Receipts + failures -----------------------------------------------------
18
+ export { isGapFailure, } from './receipts.js';
19
+ // -- Revocations -------------------------------------------------------------
20
+ export { revokeGapObject, } from './revocations.js';
21
+ // -- Constants ---------------------------------------------------------------
22
+ export { CHANNEL_DESKTOP_OVERLAY, CHANNEL_EMAIL, CHANNEL_GAME_ENGINE, CHANNEL_HOME_ASSISTANT, CHANNEL_IN_APP, CHANNEL_MOBILE_PUSH, CHANNEL_SLACK, CHANNEL_SMS, CHANNEL_VOICE, CHANNEL_WEBHOOK, DISCOVERY_QUERY_CAPABILITY, SKILL_CREATE_CAPABILITY, VOICE_JOIN_CAPABILITY, WELL_KNOWN_CAPABILITIES, } from './constants.js';
23
+ // -- OID + canonicalize ------------------------------------------------------
24
+ export { computeGapOid, } from './oid.js';
25
+ export { canonicalize, } from './canonicalize.js';
26
+ export { validateGapDecisionReceipt, validateGapDecisionReceiptBody, validateCapabilityDeclaration, validateCapabilityDeclarationBody, validateCapabilityGrant, validateCapabilityGrantBody, validateCapabilityInvocation, validateCapabilityInvocationBody, validateChannelEvent, validateChannelEventBody, validateRevocationEvent, validateRevocationEventBody, validateStageTransition, validateStageTransitionBody, validateWorkflowDefinition, validateWorkflowDefinitionBody, validateWorkflowInstance, validateWorkflowInstanceBody,
27
+ // Item 1: Agent Delegation Chain
28
+ validateOrchestrationChainBody, validateOrchestrationChain,
29
+ // Item 3: Token Budget Governance
30
+ validateTokenConsumption,
31
+ // Item 4: Consent Version Chain
32
+ validateConsentRecordBody, validateConsentRecord,
33
+ // Item 7: Signed PIP Response
34
+ validatePipResponseBody, validatePipResponse, } from './validate.js';
35
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,+EAA+E;AAC/E,OAAO,EACL,WAAW,GACZ,MAAM,WAAW,CAAA;AAQlB,+EAA+E;AAC/E,OAAO,EACL,iBAAiB,GAClB,MAAM,mBAAmB,CAAA;AA8B1B,+EAA+E;AAC/E,OAAO,EACL,uBAAuB,GACxB,MAAM,eAAe,CAAA;AAiCtB,+EAA+E;AAC/E,OAAO,EACL,YAAY,GACb,MAAM,eAAe,CAAA;AAYtB,+EAA+E;AAC/E,OAAO,EACL,eAAe,GAChB,MAAM,kBAAkB,CAAA;AAOzB,+EAA+E;AAC/E,OAAO,EACL,uBAAuB,EACvB,aAAa,EACb,mBAAmB,EACnB,sBAAsB,EACtB,cAAc,EACd,mBAAmB,EACnB,aAAa,EACb,WAAW,EACX,aAAa,EACb,eAAe,EACf,0BAA0B,EAC1B,uBAAuB,EACvB,qBAAqB,EACrB,uBAAuB,GACxB,MAAM,gBAAgB,CAAA;AAKvB,+EAA+E;AAC/E,OAAO,EACL,aAAa,GACd,MAAM,UAAU,CAAA;AACjB,OAAO,EACL,YAAY,GACb,MAAM,mBAAmB,CAAA;AAM1B,OAAO,EACL,0BAA0B,EAC1B,8BAA8B,EAC9B,6BAA6B,EAC7B,iCAAiC,EACjC,uBAAuB,EACvB,2BAA2B,EAC3B,4BAA4B,EAC5B,gCAAgC,EAChC,oBAAoB,EACpB,wBAAwB,EACxB,uBAAuB,EACvB,2BAA2B,EAC3B,uBAAuB,EACvB,2BAA2B,EAC3B,0BAA0B,EAC1B,8BAA8B,EAC9B,wBAAwB,EACxB,4BAA4B;AAC5B,iCAAiC;AACjC,8BAA8B,EAC9B,0BAA0B;AAC1B,kCAAkC;AAClC,wBAAwB;AACxB,gCAAgC;AAChC,yBAAyB,EACzB,qBAAqB;AACrB,8BAA8B;AAC9B,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,eAAe,CAAA"}
package/dist/oid.d.ts ADDED
@@ -0,0 +1,28 @@
1
+ /**
2
+ * oid.ts -- OID computation for GAP CDROs.
3
+ *
4
+ * Implements RFC 8785 JCS canonical JSON. See IMPLEMENTING.md §2.2 for the
5
+ * normative rules.
6
+ *
7
+ * sha256(canonicalize(envelope_minus_excluded_fields))
8
+ *
9
+ * Excluded fields (stripped before hashing): oid, gap_version, signature,
10
+ * signature_key_id, supersedes. Signatures are added after OID computation.
11
+ *
12
+ * The shape passed in is the OID payload: `{ type, tenant_id, created_at_ms,
13
+ * created_by, body }`. The full envelope (with oid + gap_version) is built
14
+ * around it.
15
+ */
16
+ /**
17
+ * Compute the OID of a GAP CDRO payload.
18
+ *
19
+ * Accepts either a pre-stripped payload or a full envelope (with oid,
20
+ * gap_version, signature, signature_key_id, supersedes present). The 5
21
+ * excluded fields are stripped before canonicalization so both forms produce
22
+ * the same OID.
23
+ *
24
+ * @param body - the OID payload or full envelope (see CDRO §2.1 in GAP_SPEC).
25
+ * @returns the canonical OID string `"sha256:<hex>"`.
26
+ */
27
+ export declare function computeGapOid(body: unknown): string;
28
+ //# sourceMappingURL=oid.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oid.d.ts","sourceRoot":"","sources":["../src/oid.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AA8BH;;;;;;;;;;GAUG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM,CAenD"}
package/dist/oid.js ADDED
@@ -0,0 +1,68 @@
1
+ /**
2
+ * oid.ts -- OID computation for GAP CDROs.
3
+ *
4
+ * Implements RFC 8785 JCS canonical JSON. See IMPLEMENTING.md §2.2 for the
5
+ * normative rules.
6
+ *
7
+ * sha256(canonicalize(envelope_minus_excluded_fields))
8
+ *
9
+ * Excluded fields (stripped before hashing): oid, gap_version, signature,
10
+ * signature_key_id, supersedes. Signatures are added after OID computation.
11
+ *
12
+ * The shape passed in is the OID payload: `{ type, tenant_id, created_at_ms,
13
+ * created_by, body }`. The full envelope (with oid + gap_version) is built
14
+ * around it.
15
+ */
16
+ import { sha256 } from '@noble/hashes/sha256';
17
+ import { canonicalize } from './canonicalize.js';
18
+ /** Convert a Uint8Array to a lowercase hex string. */
19
+ function bytesToHex(bytes) {
20
+ const hex = [];
21
+ for (let i = 0; i < bytes.length; i++) {
22
+ const b = bytes[i];
23
+ hex.push((b >>> 4).toString(16));
24
+ hex.push((b & 0x0f).toString(16));
25
+ }
26
+ return hex.join('');
27
+ }
28
+ /**
29
+ * Fields excluded from the OID hash. These are present in the full envelope
30
+ * but MUST NOT contribute to the content hash. Strip them before hashing so
31
+ * that TypeScript and Python produce byte-identical OIDs regardless of whether
32
+ * the caller passes a pre-stripped payload or a full envelope.
33
+ */
34
+ const EXCLUDED_FIELDS = new Set([
35
+ 'oid',
36
+ 'gap_version',
37
+ 'signature',
38
+ 'signature_key_id',
39
+ 'supersedes',
40
+ ]);
41
+ /**
42
+ * Compute the OID of a GAP CDRO payload.
43
+ *
44
+ * Accepts either a pre-stripped payload or a full envelope (with oid,
45
+ * gap_version, signature, signature_key_id, supersedes present). The 5
46
+ * excluded fields are stripped before canonicalization so both forms produce
47
+ * the same OID.
48
+ *
49
+ * @param body - the OID payload or full envelope (see CDRO §2.1 in GAP_SPEC).
50
+ * @returns the canonical OID string `"sha256:<hex>"`.
51
+ */
52
+ export function computeGapOid(body) {
53
+ let stripped = body;
54
+ if (body !== null && typeof body === 'object' && !Array.isArray(body)) {
55
+ const obj = body;
56
+ const result = {};
57
+ for (const key of Object.keys(obj)) {
58
+ if (!EXCLUDED_FIELDS.has(key)) {
59
+ result[key] = obj[key];
60
+ }
61
+ }
62
+ stripped = result;
63
+ }
64
+ const canonical = canonicalize(stripped);
65
+ const digest = sha256(new TextEncoder().encode(canonical));
66
+ return 'sha256:' + bytesToHex(digest);
67
+ }
68
+ //# sourceMappingURL=oid.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oid.js","sourceRoot":"","sources":["../src/oid.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAEhD,sDAAsD;AACtD,SAAS,UAAU,CAAC,KAAiB;IACnC,MAAM,GAAG,GAAa,EAAE,CAAA;IACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAW,CAAA;QAC5B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAA;QAChC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAA;IACnC,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;AACrB,CAAC;AAED;;;;;GAKG;AACH,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;IAC9B,KAAK;IACL,aAAa;IACb,WAAW;IACX,kBAAkB;IAClB,YAAY;CACb,CAAC,CAAA;AAEF;;;;;;;;;;GAUG;AACH,MAAM,UAAU,aAAa,CAAC,IAAa;IACzC,IAAI,QAAQ,GAAY,IAAI,CAAA;IAC5B,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QACtE,MAAM,GAAG,GAAG,IAA+B,CAAA;QAC3C,MAAM,MAAM,GAA4B,EAAE,CAAA;QAC1C,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAA;YACxB,CAAC;QACH,CAAC;QACD,QAAQ,GAAG,MAAM,CAAA;IACnB,CAAC;IACD,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAA;IACxC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAA;IAC1D,OAAO,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAA;AACvC,CAAC"}
@@ -0,0 +1,128 @@
1
+ /**
2
+ * receipts.ts -- GAP Decision Receipts.
3
+ *
4
+ * Every gate decision (capability invocation, workflow transition, grant
5
+ * issuance/revocation, federation handshake (reserved for GAP 1.1), provisional block) produces
6
+ * an immutable Decision Receipt. These are the audit trail of the agent
7
+ * platform -- what was allowed, what was denied, when, and by whom.
8
+ *
9
+ * Mirrors GAP_SPEC §8.
10
+ */
11
+ import type { GapCdroEnvelope } from './cdro.js';
12
+ import type { GapActorType } from './capabilities.js';
13
+ export type DecisionSubjectKind = 'capability_invocation' | 'stage_transition' | 'grant_issued' | 'grant_revoked' | 'workflow_started' | 'workflow_terminated' | 'revocation_initiated' | 'revocation_effective' | 'federation_handshake' | 'provisional_block';
14
+ export type DecisionStatus = 'ok' | 'denied' | 'failed' | 'deferred' | 'timed_out' | 'pending' | 'rate_limited';
15
+ export interface GapDecisionReceiptBody {
16
+ subject_kind: DecisionSubjectKind;
17
+ subject_oid: string;
18
+ initiator: {
19
+ actor_oid: string;
20
+ actor_type: GapActorType;
21
+ };
22
+ status: DecisionStatus;
23
+ detail?: string;
24
+ capability_grant_oids?: string[];
25
+ workflow_instance_oid?: string;
26
+ workflow_stage_id?: string;
27
+ inference_receipt_oid?: string;
28
+ channel_event_oids?: string[];
29
+ initiated_at_ms: number;
30
+ resolved_at_ms: number;
31
+ metrics?: {
32
+ latency_ms?: number;
33
+ channel_count?: number;
34
+ listen_match_count?: number;
35
+ };
36
+ compliance_tags?: string[];
37
+ /**
38
+ * True when this receipt was served from the idempotency deduplication cache
39
+ * rather than freshly evaluated. The cached args and grant state at the time
40
+ * of original evaluation apply; this is NOT a fresh gate decision.
41
+ */
42
+ is_idempotency_replay?: boolean;
43
+ /**
44
+ * The client-supplied `invoked_at_ms` value from the invocation body,
45
+ * preserved here for debugging only. MUST NOT be used as `initiated_at_ms`.
46
+ * The gateway always server-stamps `initiated_at_ms`.
47
+ */
48
+ client_claimed_at_ms?: number;
49
+ /**
50
+ * For receipts covering physical_safety=true capabilities: constrained
51
+ * devices performing offline Ed25519 signature verification MUST NOT accept
52
+ * this receipt after this TTL has elapsed (milliseconds since epoch).
53
+ * Absent means no offline TTL is enforced by the protocol (gateway-level
54
+ * policy may still apply).
55
+ */
56
+ max_offline_ttl_ms?: number;
57
+ /**
58
+ * For 21 CFR Part 11 contexts: display name, role, and credential identifier
59
+ * of the authorizing human. The `granted_by` actor OID SHOULD resolve to
60
+ * this identity. Gateway-populated when the deployment asserts 21 CFR Part 11
61
+ * compliance and the receipt covers a medical device / clinical capability.
62
+ */
63
+ signer_identity?: {
64
+ display_name: string;
65
+ role?: string;
66
+ credential_id?: string;
67
+ };
68
+ /**
69
+ * C8: Sub-millisecond sequence numbers (GAP spec section Phase 4).
70
+ *
71
+ * Monotonically increasing integer within the tenant, incremented per receipt,
72
+ * gapless. Gaps in the sequence indicate dropped receipts. Provides
73
+ * determinable ordering within a millisecond for high-frequency deployments
74
+ * (MiFID II RTS 25). A gateway MUST guarantee strict monotonicity within a
75
+ * tenant.
76
+ */
77
+ sequence_number?: number;
78
+ /**
79
+ * C8: Optional nanoseconds since Unix epoch for sub-millisecond precision.
80
+ * RECOMMENDED for financial.* capabilities. Complements decided_at_ms
81
+ * (the spec's alias for resolved_at_ms) when nanosecond ordering matters.
82
+ */
83
+ decided_at_ns?: number;
84
+ /**
85
+ * Item 3 [DESIGN]: Settled token consumption for this invocation. Populated
86
+ * by the gateway post-invoke when the 'token_budget' precondition is active.
87
+ * input_tokens and output_tokens MUST be non-negative integers.
88
+ */
89
+ token_consumption?: TokenConsumption;
90
+ }
91
+ /**
92
+ * [DESIGN] Actual token usage settled onto the receipt by the gateway after
93
+ * execution. Used by the 'token_budget' precondition (post_invoke evaluation).
94
+ * Any cost_usd figures are [MODELED] until a conformance vector exists.
95
+ */
96
+ export interface TokenConsumption {
97
+ /** Input (prompt) tokens consumed. Must be a non-negative integer. */
98
+ input_tokens: number;
99
+ /** Output (completion) tokens consumed. Must be a non-negative integer. */
100
+ output_tokens: number;
101
+ /** Model identifier that produced the tokens. */
102
+ model: string;
103
+ /** Estimated cost in USD. [MODELED] -- not authoritative until conformance vector exists. */
104
+ cost_usd?: number;
105
+ /** Unix epoch ms when consumption was settled. */
106
+ settled_at_ms: number;
107
+ }
108
+ export type GapDecisionReceipt = GapCdroEnvelope<GapDecisionReceiptBody>;
109
+ /**
110
+ * In-process failure classification returned by gate helpers and SDK utilities.
111
+ * This is an internal enum and does NOT appear on the wire.
112
+ *
113
+ * The wire `detail` field in `GapDecisionReceipt.body.detail` uses the
114
+ * namespaced error codes from ERROR_CODES.md, for example:
115
+ * capability_denied:no_grant
116
+ * capability_denied:grant_expired
117
+ * capability_denied:grant_revoked
118
+ * capability_denied:rate_limited
119
+ * Do NOT expose GapFailureReason values in serialized receipts or HTTP responses.
120
+ */
121
+ export type GapFailureReason = 'capability_not_found' | 'capability_denied' | 'capability_revoked' | 'precondition_failed' | 'rate_limited' | 'grant_expired' | 'workflow_not_found' | 'workflow_revoked' | 'missing_required_channels' | 'execution_failed';
122
+ export interface GapFailure {
123
+ reason: GapFailureReason;
124
+ detail?: string;
125
+ receipt_oid: string;
126
+ }
127
+ export declare function isGapFailure<T>(r: T | GapFailure): r is GapFailure;
128
+ //# sourceMappingURL=receipts.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"receipts.d.ts","sourceRoot":"","sources":["../src/receipts.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAErD,MAAM,MAAM,mBAAmB,GAC3B,uBAAuB,GACvB,kBAAkB,GAClB,cAAc,GACd,eAAe,GACf,kBAAkB,GAClB,qBAAqB,GACrB,sBAAsB,GACtB,sBAAsB,GACtB,sBAAsB,GACtB,mBAAmB,CAAA;AAEvB,MAAM,MAAM,cAAc,GACtB,IAAI,GACJ,QAAQ,GACR,QAAQ,GACR,UAAU,GACV,WAAW,GACX,SAAS,GACT,cAAc,CAAA;AAElB,MAAM,WAAW,sBAAsB;IACrC,YAAY,EAAE,mBAAmB,CAAA;IACjC,WAAW,EAAE,MAAM,CAAA;IACnB,SAAS,EAAE;QACT,SAAS,EAAE,MAAM,CAAA;QACjB,UAAU,EAAE,YAAY,CAAA;KACzB,CAAA;IACD,MAAM,EAAE,cAAc,CAAA;IACtB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAA;IAChC,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC7B,eAAe,EAAE,MAAM,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;IACtB,OAAO,CAAC,EAAE;QACR,UAAU,CAAC,EAAE,MAAM,CAAA;QACnB,aAAa,CAAC,EAAE,MAAM,CAAA;QACtB,kBAAkB,CAAC,EAAE,MAAM,CAAA;KAC5B,CAAA;IACD,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAC1B;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAC7B;;;;;;OAMG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B;;;;;OAKG;IACH,eAAe,CAAC,EAAE;QAChB,YAAY,EAAE,MAAM,CAAA;QACpB,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,aAAa,CAAC,EAAE,MAAM,CAAA;KACvB,CAAA;IACD;;;;;;;;OAQG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB;;;;OAIG;IACH,iBAAiB,CAAC,EAAE,gBAAgB,CAAA;CACrC;AAID;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B,sEAAsE;IACtE,YAAY,EAAE,MAAM,CAAA;IACpB,2EAA2E;IAC3E,aAAa,EAAE,MAAM,CAAA;IACrB,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAA;IACb,6FAA6F;IAC7F,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,kDAAkD;IAClD,aAAa,EAAE,MAAM,CAAA;CACtB;AAED,MAAM,MAAM,kBAAkB,GAAG,eAAe,CAAC,sBAAsB,CAAC,CAAA;AAIxE;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,gBAAgB,GACxB,sBAAsB,GACtB,mBAAmB,GACnB,oBAAoB,GACpB,qBAAqB,GACrB,cAAc,GACd,eAAe,GACf,oBAAoB,GACpB,kBAAkB,GAClB,2BAA2B,GAC3B,kBAAkB,CAAA;AAEtB,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,gBAAgB,CAAA;IACxB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;CACpB;AAED,wBAAgB,YAAY,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,UAAU,GAAG,CAAC,IAAI,UAAU,CAElE"}