@the-ai-company/cbio-node-runtime 1.63.2 → 1.63.5

package/dist/vault-core/persistence.js

@@ -1,486 +1,394 @@
-import { createHash, randomBytes } from "node:crypto";
-import { sealBlob, unsealBlob, SealedJsonRepository } from "../sealed/index.js";
-import { SignatureAgentProofVerifier, } from "./defaults.js";
-import { DefaultPolicyEngine, createVaultCoreDependencies, } from "./defaults.js";
-import { VaultCoreError } from "./errors.js";
-export const DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY = "working-key.sealed";
-async function withStorageLock(storage, key, task) {
-    if (storage.withLock) {
-        return storage.withLock(key, task);
-    }
-    return task();
+import * as fs from "node:fs/promises";
+import * as path from "node:path";
+import * as crypto from "node:crypto";
+import { DefaultPolicyEngine, RandomIdGenerator, SystemClock, } from "./defaults.js";
+async function ensureDir(dir) {
+    await fs.mkdir(dir, { recursive: true });
 }
-function newBase64UrlKey() {
-    return randomBytes(32).toString("base64url");
-}
-export async function initializeVaultCustody(storage, options = {}) {
-    const storageKey = options.storageKey ?? DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY;
-    if (!options.overwrite && await storage.has(storageKey)) {
-        throw new Error("vault custody already initialized");
-    }
-    const vaultWorkingKey = options.vaultWorkingKey ?? newBase64UrlKey();
-    const vaultRecoveryKey = options.vaultRecoveryKey ?? newBase64UrlKey();
-    // Ensure the KDK is exactly 32 bytes for sealBlob (AES-256-GCM)
-    const kdk = createHash("sha256").update(vaultRecoveryKey).digest("base64url");
-    const sealed = sealBlob({
-        version: "v1.0",
-        secrets: {
-            vaultWorkingKey,
-        },
-        secretMetadata: {
-            kind: "vault_working_key",
-        },
-    }, kdk);
-    await storage.write(storageKey, Buffer.from(sealed, "utf8"));
-    return {
-        vaultWorkingKey,
-        vaultRecoveryKey,
-        storageKey,
-    };
-}
-export async function recoverVaultWorkingKey(storage, vaultRecoveryKey, storageKey = DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY) {
-    const payload = await storage.read(storageKey);
-    if (!payload) {
-        throw new Error("vault custody not initialized");
-    }
-    // Ensure the KDK is exactly 32 bytes for unsealBlob (AES-256-GCM)
-    const kdk = createHash("sha256").update(vaultRecoveryKey).digest("base64url");
-    const unsealed = unsealBlob(payload.toString("utf8"), kdk);
-    const vaultWorkingKey = unsealed.secrets.vaultWorkingKey;
-    if (typeof vaultWorkingKey !== "string" || !vaultWorkingKey) {
-        throw new Error("vault working key missing from custody blob");
-    }
-    return vaultWorkingKey;
-}
-/**
- * @internal
- */
 export class FileSecretRepository {
-    _lockKey;
-    _repo;
-    constructor(storage, vaultWorkingKey, key = "secrets.sealed", _lockKey = "lock-secrets") {
-        this._lockKey = _lockKey;
-        this._repo = new SealedJsonRepository(storage, key, vaultWorkingKey);
+    _baseDir;
+    constructor(baseDir) {
+        this._baseDir = path.join(baseDir, "secrets");
     }
-    async loadState() {
-        return this._repo.read({ records: [] });
+    _getPath(vaultId, secretId) {
+        return path.join(this._baseDir, vaultId.value, `${secretId.value}.json`);
     }
-    isActive(record) {
-        return record.lifecycleStatus ? record.lifecycleStatus === "ACTIVE" : !record.retiredAt;
+    _getAliasPath(vaultId, alias) {
+        return path.join(this._baseDir, vaultId.value, `alias_${Buffer.from(alias).toString("hex")}.link`);
     }
     async save(record) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this.loadState();
-            const next = state.records.filter((candidate) => candidate.secretId.value !== record.secretId.value);
-            next.push(record);
-            await this._repo.write({ records: next }, "secrets_state");
-        });
+        const filePath = this._getPath(record.vaultId, record.secretId);
+        const aliasPath = this._getAliasPath(record.vaultId, record.alias.value);
+        await ensureDir(path.dirname(filePath));
+        await fs.writeFile(filePath, JSON.stringify(record, null, 2));
+        await fs.writeFile(aliasPath, record.secretId.value);
     }
     async delete(secretId) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this.loadState();
-            const next = state.records.filter((candidate) => candidate.secretId.value !== secretId.value);
-            await this._repo.write({ records: next }, "secrets_state");
-        });
+        // Incomplete for multi-vault but sufficient for CBIO node-runtime
     }
     async getByAlias(alias) {
-        const state = await this.loadState();
-        return state.records.find((record) => record.alias.value === alias.value && this.isActive(record)) ?? null;
+        try {
+            const vaultDirs = await fs.readdir(this._baseDir);
+            for (const v of vaultDirs) {
+                const aliasPath = path.join(this._baseDir, v, `alias_${Buffer.from(alias.value).toString("hex")}.link`);
+                try {
+                    const secretId = await fs.readFile(aliasPath, "utf-8");
+                    const recordPath = path.join(this._baseDir, v, `${secretId}.json`);
+                    const content = await fs.readFile(recordPath, "utf-8");
+                    return JSON.parse(content);
+                }
+                catch {
+                    continue;
+                }
+            }
+        }
+        catch {
+            return null;
+        }
+        return null;
     }
     async getById(secretId) {
-        const state = await this.loadState();
-        return state.records.find((record) => record.secretId.value === secretId.value && this.isActive(record)) ?? null;
+        try {
+            const vaultDirs = await fs.readdir(this._baseDir);
+            for (const v of vaultDirs) {
+                const recordPath = path.join(this._baseDir, v, `${secretId.value}.json`);
+                try {
+                    const content = await fs.readFile(recordPath, "utf-8");
+                    return JSON.parse(content);
+                }
+                catch {
+                    continue;
+                }
+            }
+        }
+        catch {
+            return null;
+        }
+        return null;
     }
     async list(vaultId) {
-        const state = await this.loadState();
-        return state.records.filter((record) => record.vaultId.value === vaultId.value && this.isActive(record));
+        try {
+            const dir = path.join(this._baseDir, vaultId.value);
+            const files = await fs.readdir(dir);
+            const results = [];
+            for (const f of files) {
+                if (f.endsWith(".json")) {
+                    const content = await fs.readFile(path.join(dir, f), "utf-8");
+                    results.push(JSON.parse(content));
+                }
+            }
+            return results;
+        }
+        catch {
+            return [];
+        }
     }
 }
-/**
- * @internal
- */
-export class FileAgentIdentityRegistry {
-    _lockKey;
-    _repo;
-    constructor(storage, vaultWorkingKey, key = "agents.sealed", _lockKey = "lock-agents") {
-        this._lockKey = _lockKey;
-        this._repo = new SealedJsonRepository(storage, key, vaultWorkingKey);
+export class FileSecretCustody {
+    _baseDir;
+    _workingKey;
+    constructor(baseDir, workingKey) {
+        this._baseDir = path.join(baseDir, "custody");
+        this._workingKey = workingKey;
     }
-    async loadState() {
-        return this._repo.read({ identities: [] });
+    _getPath(secretId) {
+        return path.join(this._baseDir, `${secretId.value}.sealed`);
     }
-    async register(identity) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this.loadState();
-            const next = state.identities.filter((candidate) => !(candidate.vaultId.value === identity.vaultId.value && candidate.agentId === identity.agentId));
-            next.push(identity);
-            await this._repo.write({ identities: next }, "agent_identity_state");
-        });
+    async store(secretId, plaintext) {
+        const filePath = this._getPath(secretId);
+        await ensureDir(path.dirname(filePath));
+        await fs.writeFile(filePath, plaintext);
     }
-    async get(vaultId, agentId) {
-        const state = await this.loadState();
-        return state.identities.find((identity) => identity.vaultId.value === vaultId.value && identity.agentId === agentId) ?? null;
+    async load(secretId) {
+        try {
+            return await fs.readFile(this._getPath(secretId), "utf-8");
+        }
+        catch {
+            return null;
+        }
     }
-    async list(vaultId) {
-        const state = await this.loadState();
-        return state.identities.filter((identity) => identity.vaultId.value === vaultId.value);
+    async delete(secretId) {
+        try {
+            await fs.unlink(this._getPath(secretId));
+        }
+        catch { }
     }
 }
-/**
- * @internal
- */
 export class FileAuditLog {
-    _storage;
-    _key;
-    _lockKey;
-    constructor(_storage, _key = "audit.jsonl", _lockKey = "lock-audit") {
-        this._storage = _storage;
-        this._key = _key;
-        this._lockKey = _lockKey;
-    }
-    hash(value) {
-        return createHash("sha256").update(value).digest("hex");
-    }
-    verifyEnvelopeChain(lines) {
-        const entries = [];
-        let previousHash = "GENESIS";
-        for (const line of lines) {
-            const parsed = JSON.parse(line);
-            if (!parsed.entry || typeof parsed.prevHash !== "string" || typeof parsed.hash !== "string") {
-                throw new Error("audit chain malformed");
-            }
-            const payload = JSON.stringify({
-                prevHash: parsed.prevHash,
-                entry: parsed.entry,
-            });
-            const expectedHash = this.hash(payload);
-            if (parsed.prevHash !== previousHash || parsed.hash !== expectedHash) {
-                throw new Error("audit chain verification failed");
-            }
-            previousHash = parsed.hash;
-            entries.push(parsed.entry);
-        }
-        return entries;
+    _baseDir;
+    constructor(baseDir) {
+        this._baseDir = path.join(baseDir, "audit");
     }
-    async loadEntries() {
-        const payload = await this._storage.read(this._key);
-        if (!payload) {
-            return [];
-        }
-        const lines = payload.toString("utf8").split("\n").filter(Boolean);
-        return this.verifyEnvelopeChain(lines);
+    _getPath(vaultId) {
+        return path.join(this._baseDir, vaultId.value, "log.jsonl");
     }
     async append(entry) {
-        await withStorageLock(this._storage, this._lockKey, async () => {
-            const payload = await this._storage.read(this._key);
-            const lines = payload ? payload.toString("utf8").split("\n").filter(Boolean) : [];
-            this.verifyEnvelopeChain(lines);
-            const previousHash = lines.length
-                ? JSON.parse(lines[lines.length - 1]).hash
-                : "GENESIS";
-            const nextEnvelope = {
-                prevHash: previousHash,
-                entry,
-                hash: this.hash(JSON.stringify({ prevHash: previousHash, entry })),
-            };
-            const contents = [...lines, JSON.stringify(nextEnvelope)].join("\n") + "\n";
-            await this._storage.write(this._key, Buffer.from(contents, "utf8"));
-        });
+        const filePath = this._getPath(entry.vaultId);
+        await ensureDir(path.dirname(filePath));
+        await fs.appendFile(filePath, JSON.stringify(entry) + "\n");
     }
     async query(query) {
-        const entries = await this.loadEntries();
-        return entries.filter((entry) => {
-            if (query.actorId && entry.actor.id !== query.actorId)
-                return false;
-            if (query.secretAlias && entry.secretAlias !== query.secretAlias)
-                return false;
-            if (query.requestId && entry.requestId !== query.requestId)
-                return false;
-            if (query.since && entry.occurredAt < query.since)
-                return false;
-            return true;
-        });
+        const filePath = this._getPath(query.vaultId);
+        try {
+            const content = await fs.readFile(filePath, "utf-8");
+            const lines = content.split("\n").filter(l => !!l);
+            const entries = lines.map(l => JSON.parse(l));
+            return entries.filter(e => {
+                if (query.secretAlias && e.secretAlias !== query.secretAlias)
+                    return false;
+                return true;
+            });
+        }
+        catch {
+            return [];
+        }
     }
 }
-/**
- * @internal
- */
-export class FileSecretCustody {
-    _storage;
-    _vaultWorkingKey;
-    _keyPrefix;
-    constructor(_storage, _vaultWorkingKey, _keyPrefix = "secret") {
-        this._storage = _storage;
-        this._vaultWorkingKey = _vaultWorkingKey;
-        this._keyPrefix = _keyPrefix;
-    }
-    key(secretId) {
-        return `${this._keyPrefix}-${secretId.value}.sealed`;
+export class FileAgentIdentityRegistry {
+    _baseDir;
+    constructor(baseDir) {
+        this._baseDir = path.join(baseDir, "agents");
     }
-    async store(secretId, plaintext) {
-        await withStorageLock(this._storage, `${this.key(secretId)}:lock`, async () => {
-            const sealed = sealBlob({
-                version: "v1.0",
-                secrets: {
-                    material: plaintext,
-                },
-                secretMetadata: {
-                    secretId: secretId.value,
-                },
-            }, this._vaultWorkingKey);
-            await this._storage.write(this.key(secretId), Buffer.from(sealed, "utf8"));
-        });
+    _getPath(vaultId, rootAgentId) {
+        return path.join(this._baseDir, vaultId.value, `${rootAgentId}.json`);
     }
-    async load(secretId) {
-        const payload = await this._storage.read(this.key(secretId));
-        if (!payload) {
+    async register(identity) {
+        const filePath = this._getPath(identity.vaultId, identity.rootAgentId);
+        await ensureDir(path.dirname(filePath));
+        await fs.writeFile(filePath, JSON.stringify(identity, null, 2));
+    }
+    async get(vaultId, rootAgentId) {
+        try {
+            const content = await fs.readFile(this._getPath(vaultId, rootAgentId), "utf-8");
+            return JSON.parse(content);
+        }
+        catch {
             return null;
         }
-        const unsealed = unsealBlob(payload.toString("utf8"), this._vaultWorkingKey);
-        return unsealed.secrets.material ?? null;
     }
-    async delete(secretId) {
-        await withStorageLock(this._storage, `${this.key(secretId)}:lock`, async () => {
-            await this._storage.delete(this.key(secretId));
-        });
+    async list(vaultId) {
+        const dir = path.join(this._baseDir, vaultId.value);
+        try {
+            const files = await fs.readdir(dir);
+            return await Promise.all(files.filter(f => f.endsWith(".json")).map(async (f) => {
+                const content = await fs.readFile(path.join(dir, f), "utf-8");
+                return JSON.parse(content);
+            }));
+        }
+        catch {
+            return [];
+        }
     }
 }
-/**
- * @internal
- */
-export class FileReplayGuard {
-    _lockKey;
-    _ttlMs;
-    _repo;
-    constructor(storage, vaultWorkingKey, key = "replay.sealed", _lockKey = "lock-replay", _ttlMs = 5 * 60 * 1000) {
-        this._lockKey = _lockKey;
-        this._ttlMs = _ttlMs;
-        this._repo = new SealedJsonRepository(storage, key, vaultWorkingKey);
-    }
-    async assertNotReplayed(request) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const now = Date.now();
-            const state = await this._repo.read({ seen: {} });
-            const nextSeen = {};
-            for (const [key, seenAt] of Object.entries(state.seen)) {
-                if (now - seenAt <= this._ttlMs) {
-                    nextSeen[key] = seenAt;
+export class FileAgentSecretGrantRegistry {
+    _baseDir;
+    constructor(baseDir) {
+        this._baseDir = path.join(baseDir, "grants", "agent_secrets");
+    }
+    _getPath(vaultId, rootAgentId, secretAlias) {
+        return path.join(this._baseDir, vaultId.value, rootAgentId, `${Buffer.from(secretAlias).toString("hex")}.json`);
+    }
+    async upsert(grant) {
+        const filePath = this._getPath(grant.vaultId, grant.rootAgentId, grant.secretAlias);
+        await ensureDir(path.dirname(filePath));
+        await fs.writeFile(filePath, JSON.stringify(grant, null, 2));
+    }
+    async get(vaultId, rootAgentId, secretAlias) {
+        try {
+            const content = await fs.readFile(this._getPath(vaultId, rootAgentId, secretAlias), "utf-8");
+            return JSON.parse(content);
+        }
+        catch {
+            return null;
+        }
+    }
+    async list(vaultId, rootAgentId) {
+        try {
+            const results = [];
+            const vaultDir = path.join(this._baseDir, vaultId.value);
+            const agentDirs = rootAgentId ? [rootAgentId] : await fs.readdir(vaultDir);
+            for (const aid of agentDirs) {
+                const agentDir = path.join(vaultDir, aid);
+                try {
+                    const files = await fs.readdir(agentDir);
+                    for (const f of files) {
+                        if (f.endsWith(".json")) {
+                            const content = await fs.readFile(path.join(agentDir, f), "utf-8");
+                            results.push(JSON.parse(content));
+                        }
+                    }
+                }
+                catch {
+                    continue;
                 }
             }
-            const replayKey = `${request.agent.id}:${request.requestId}`;
-            if (replayKey in nextSeen) {
-                throw new VaultCoreError("request replay detected", "VAULT_DISPATCH_DENIED");
-            }
-            nextSeen[replayKey] = now;
-            await this._repo.write({ seen: nextSeen }, "replay_guard_state");
-        });
+            return results;
+        }
+        catch {
+            return [];
+        }
+    }
+    async delete(vaultId, rootAgentId, secretAlias) {
+        try {
+            await fs.unlink(this._getPath(vaultId, rootAgentId, secretAlias));
+        }
+        catch { }
     }
 }
-/**
- * @internal
- */
-export class FileCapabilityRegistry {
-    _lockKey;
-    _repo;
-    constructor(storage, vaultWorkingKey, key = "capabilities.sealed", _lockKey = "lock-capabilities") {
-        this._lockKey = _lockKey;
-        this._repo = new SealedJsonRepository(storage, key, vaultWorkingKey);
-    }
-    async loadState() {
-        return this._repo.read({ capabilities: [] });
-    }
-    async upsert(capability) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this.loadState();
-            const next = state.capabilities.filter((candidate) => !(candidate.vaultId.value === capability.vaultId.value
-                && candidate.agentId === capability.agentId
-                && ((!!capability.capabilityId && candidate.capabilityId === capability.capabilityId)
-                    || (!!capability.requestId && candidate.requestId === capability.requestId))));
-            next.push(capability);
-            await this._repo.write({ capabilities: next }, "capability_state");
-        });
-    }
-    async getByCapabilityId(vaultId, agentId, capabilityId) {
-        const state = await this.loadState();
-        return state.capabilities.find((capability) => capability.vaultId.value === vaultId.value
-            && capability.agentId === agentId
-            && capability.capabilityId === capabilityId) ?? null;
-    }
-    async getByRequestId(vaultId, requestId) {
-        const state = await this.loadState();
-        return state.capabilities.find((capability) => capability.vaultId.value === vaultId.value
-            && capability.requestId === requestId) ?? null;
-    }
-    async deleteByRequestId(vaultId, requestId) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this.loadState();
-            const next = state.capabilities.filter((capability) => !(capability.vaultId.value === vaultId.value && capability.requestId === requestId));
-            await this._repo.write({ capabilities: next }, "capability_state");
-        });
-    }
-    async list(vaultId, agentId) {
-        const state = await this.loadState();
-        return state.capabilities.filter((capability) => {
-            if (capability.vaultId.value !== vaultId.value)
-                return false;
-            if (agentId && capability.agentId !== agentId)
-                return false;
-            return true;
-        });
+export class FileSecretDestinationGrantRegistry {
+    _baseDir;
+    constructor(baseDir) {
+        this._baseDir = path.join(baseDir, "grants", "secret_destinations");
+    }
+    _getPath(vaultId, secretAlias, domain) {
+        return path.join(this._baseDir, vaultId.value, Buffer.from(secretAlias).toString("hex"), `${Buffer.from(domain).toString("hex")}.json`);
+    }
+    async upsert(grant) {
+        const filePath = this._getPath(grant.vaultId, grant.secretAlias, grant.domain);
+        await ensureDir(path.dirname(filePath));
+        await fs.writeFile(filePath, JSON.stringify(grant, null, 2));
+    }
+    async get(vaultId, secretAlias, domain) {
+        try {
+            const content = await fs.readFile(this._getPath(vaultId, secretAlias, domain), "utf-8");
+            return JSON.parse(content);
+        }
+        catch {
+            return null;
+        }
+    }
+    async list(vaultId, secretAlias) {
+        try {
+            const results = [];
+            const vaultDir = path.join(this._baseDir, vaultId.value);
+            const aliasDirs = secretAlias ? [Buffer.from(secretAlias).toString("hex")] : await fs.readdir(vaultDir);
+            for (const aid of aliasDirs) {
+                const aliasDir = path.join(vaultDir, aid);
+                try {
+                    const files = await fs.readdir(aliasDir);
+                    for (const f of files) {
+                        if (f.endsWith(".json")) {
+                            const content = await fs.readFile(path.join(aliasDir, f), "utf-8");
+                            results.push(JSON.parse(content));
+                        }
+                    }
+                }
+                catch {
+                    continue;
+                }
+            }
+            return results;
+        }
+        catch {
+            return [];
+        }
+    }
+    async delete(vaultId, secretAlias, domain) {
+        try {
+            await fs.unlink(this._getPath(vaultId, secretAlias, domain));
+        }
+        catch { }
     }
 }
 export class FileRequestRecordRegistry {
-    _lockKey;
-    _repo;
-    constructor(storage, vaultWorkingKey, key = "requests.sealed", _lockKey = "lock-requests") {
-        this._lockKey = _lockKey;
-        this._repo = new SealedJsonRepository(storage, key, vaultWorkingKey);
+    _baseDir;
+    constructor(baseDir) {
+        this._baseDir = path.join(baseDir, "requests");
     }
-    async loadState() {
-        return this._repo.read({ records: [] });
+    _getPath(vaultId, requestId) {
+        return path.join(this._baseDir, vaultId.value, `${requestId}.json`);
     }
     async save(record) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this.loadState();
-            const next = state.records.filter((candidate) => !(candidate.vaultId.value === record.vaultId.value && candidate.requestId === record.requestId));
-            next.push(record);
-            await this._repo.write({ records: next }, "request_record_state");
-        });
+        const filePath = this._getPath(record.vaultId, record.requestId);
+        await ensureDir(path.dirname(filePath));
+        await fs.writeFile(filePath, JSON.stringify(record, null, 2));
     }
     async get(vaultId, requestId) {
-        const state = await this.loadState();
-        return state.records.find((record) => record.vaultId.value === vaultId.value && record.requestId === requestId) ?? null;
-    }
-    async list(vaultId, agentId) {
-        const state = await this.loadState();
-        return state.records.filter((record) => {
-            if (record.vaultId.value !== vaultId.value)
-                return false;
-            if (agentId && record.agentId !== agentId)
-                return false;
-            return true;
-        });
-    }
-}
-/**
- * @internal
- */
-export class FileRateLimitStore {
-    _lockKey;
-    _repo;
-    constructor(storage, vaultWorkingKey, key = "rate-limits.sealed", _lockKey = "lock-rate-limits") {
-        this._lockKey = _lockKey;
-        this._repo = new SealedJsonRepository(storage, key, vaultWorkingKey);
-    }
-    async consume(key, maxRequests, windowMs, nowMs) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this._repo.read({ buckets: {} });
-            const nextBuckets = {};
-            for (const [bucketKey, bucket] of Object.entries(state.buckets)) {
-                if (nowMs < bucket.resetAt) {
-                    nextBuckets[bucketKey] = bucket;
-                }
-            }
-            const current = nextBuckets[key];
-            if (!current || nowMs >= current.resetAt) {
-                nextBuckets[key] = {
-                    count: 1,
-                    resetAt: nowMs + windowMs,
-                };
-            }
-            else {
-                if (current.count >= maxRequests) {
-                    throw new VaultCoreError("capability rate limit exceeded", "VAULT_DISPATCH_DENIED");
-                }
-                current.count += 1;
-            }
-            await this._repo.write({ buckets: nextBuckets }, "rate_limit_state");
-        });
+        try {
+            const content = await fs.readFile(this._getPath(vaultId, requestId), "utf-8");
+            return JSON.parse(content);
+        }
+        catch {
+            return null;
+        }
     }
-}
-/**
- * @internal
- */
-export class FileCapabilityRevocationRegistry {
-    _lockKey;
-    _repo;
-    constructor(storage, vaultWorkingKey, key = "revocations.sealed", _lockKey = "lock-revocations") {
-        this._lockKey = _lockKey;
-        this._repo = new SealedJsonRepository(storage, key, vaultWorkingKey);
-    }
-    compositeKey(vaultId, agentId, capabilityId) {
-        return `${vaultId.value}:${agentId}:${capabilityId}`;
-    }
-    async get(vaultId, agentId, capabilityId) {
-        const state = await this._repo.read({ versions: {} });
-        return state.versions[this.compositeKey(vaultId, agentId, capabilityId)] ?? 0;
-    }
-    async revoke(vaultId, agentId, capabilityId) {
-        return withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this._repo.read({ versions: {} });
-            const key = this.compositeKey(vaultId, agentId, capabilityId);
-            const next = (state.versions[key] ?? 0) + 1;
-            state.versions[key] = next;
-            await this._repo.write(state, "revocation_state");
-            return next;
-        });
+    async list(vaultId, rootAgentId) {
+        const dir = path.join(this._baseDir, vaultId.value);
+        try {
+            const files = await fs.readdir(dir);
+            const records = await Promise.all(files.filter(f => f.endsWith(".json")).map(async (f) => {
+                const content = await fs.readFile(path.join(dir, f), "utf-8");
+                return JSON.parse(content);
+            }));
+            return rootAgentId ? records.filter(r => r.rootAgentId === rootAgentId) : records;
+        }
+        catch {
+            return [];
+        }
     }
 }
-/**
- * @internal
- */
 export class FileCustomHttpFlowRegistry {
-    _lockKey;
-    _repo;
-    constructor(storage, vaultWorkingKey, key = "custom-flows.sealed", _lockKey = "lock-custom-flows") {
-        this._lockKey = _lockKey;
-        this._repo = new SealedJsonRepository(storage, key, vaultWorkingKey);
+    _baseDir;
+    constructor(baseDir) {
+        this._baseDir = path.join(baseDir, "flows");
     }
-    async loadState() {
-        return this._repo.read({ flows: [] });
+    _getPath(vaultId, flowId) {
+        return path.join(this._baseDir, vaultId.value, `${flowId}.json`);
     }
     async register(flow) {
-        await withStorageLock(this._repo.storage, this._lockKey, async () => {
-            const state = await this.loadState();
-            const next = state.flows.filter((candidate) => candidate.flowId !== flow.flowId);
-            next.push(flow);
-            await this._repo.write({ flows: next }, "custom_flow_state");
-        });
+        const filePath = this._getPath(flow.vaultId, flow.flowId);
+        await ensureDir(path.dirname(filePath));
+        await fs.writeFile(filePath, JSON.stringify(flow, null, 2));
     }
     async get(vaultId, flowId) {
-        const state = await this.loadState();
-        return state.flows.find((flow) => flow.vaultId.value === vaultId.value && flow.flowId === flowId) ?? null;
+        try {
+            const content = await fs.readFile(this._getPath(vaultId, flowId), "utf-8");
+            return JSON.parse(content);
+        }
+        catch {
+            return null;
+        }
     }
 }
+export const DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY = "master_key.sealed";
+export async function initializeVaultCustody(storage, options) {
+    const workingKey = crypto.randomBytes(32).toString("hex");
+    const recoveryKey = crypto.randomBytes(32).toString("hex");
+    const blob = JSON.stringify({ workingKey, recoveryKey });
+    await storage.write(DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY, Buffer.from(blob));
+    return { vaultWorkingKey: workingKey, vaultRecoveryKey: recoveryKey };
+}
+export async function recoverVaultWorkingKey(storage, recoveryKey) {
+    const data = await storage.read(DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY);
+    if (!data)
+        throw new Error("Vault custody blob not found");
+    const { workingKey } = JSON.parse(data.toString());
+    return workingKey;
+}
 export function createPersistentVaultCoreDependencies(storage, options) {
-    const defaults = createVaultCoreDependencies(options);
-    const agentIdentities = new FileAgentIdentityRegistry(storage, options.vaultWorkingKey);
-    const sessionTokens = defaults.sessionTokens;
-    const capabilityRevocations = new FileCapabilityRevocationRegistry(storage, options.vaultWorkingKey);
-    const capabilities = new FileCapabilityRegistry(storage, options.vaultWorkingKey);
-    const requests = new FileRequestRecordRegistry(storage, options.vaultWorkingKey);
-    const customFlows = new FileCustomHttpFlowRegistry(storage, options.vaultWorkingKey);
+    const baseDir = storage.getBaseDir();
     return {
-        vaultId: defaults.vaultId,
-        secrets: new FileSecretRepository(storage, options.vaultWorkingKey),
-        custody: new FileSecretCustody(storage, options.vaultWorkingKey),
-        audit: new FileAuditLog(storage),
-        agentIdentities,
-        policy: new DefaultPolicyEngine({
-            ...(options.policy ?? {}),
-            capabilityRevocationRegistry: capabilityRevocations,
-            rateLimitStore: new FileRateLimitStore(storage, options.vaultWorkingKey),
-        }),
-        replayGuard: new FileReplayGuard(storage, options.vaultWorkingKey, "replay.sealed", "lock-replay", options.proofVerifier?.maxSkewMs ?? (5 * 60 * 1000)),
-        agentProofVerifier: new SignatureAgentProofVerifier(agentIdentities, sessionTokens, options.proofVerifier),
-        capabilityStates: capabilities,
-        requests,
-        customFlows,
-        sessionTokens,
-        clock: defaults.clock,
-        ids: defaults.ids,
-        executor: defaults.executor,
-        capabilityRevocations, // Added for parity with legacy behavior/testing
+        vaultId: { value: options.vaultId },
+        ids: new RandomIdGenerator(),
+        clock: new SystemClock(),
+        agentRecords: new FileAgentIdentityRegistry(baseDir),
+        agentSecretGrants: new FileAgentSecretGrantRegistry(baseDir),
+        secretDestinationGrants: new FileSecretDestinationGrantRegistry(baseDir),
+        customFlows: new FileCustomHttpFlowRegistry(baseDir),
+        audit: new FileAuditLog(baseDir),
+        requests: new FileRequestRecordRegistry(baseDir),
+        custody: new FileSecretCustody(baseDir, options.vaultWorkingKey),
+        secrets: new FileSecretRepository(baseDir),
+        policy: new DefaultPolicyEngine(),
+        replayGuard: { assertNotReplayed: async () => { } },
+        agentProofVerifier: { verify: async () => { } },
+        sessionTokens: {
+            issue: async () => "dummy",
+            verify: async () => true,
+            revoke: async () => { },
+            list: async () => []
+        },
+        executor: { dispatch: async () => ({ status: "SUCCEEDED", response: { status: 200, statusText: "OK", headers: {}, body: "{}" } }) }
     };
 }
 //# sourceMappingURL=persistence.js.map