@tjamescouch/agentchat 0.22.0 → 0.23.0

package/lib/escrow-hooks.js

@@ -1,237 +0,0 @@
-/**
- * EscrowHooks - Event system for external escrow integration
- *
- * Allows external systems (blockchain, multi-sig, compliance) to hook into
- * escrow lifecycle events without modifying core AgentChat code.
- *
- * Events:
- *   escrow:created    - Escrow created when proposal accepted with stakes
- *   escrow:released   - Escrow released (expired, cancelled)
- *   settlement:completion - Proposal completed, stakes returned
- *   settlement:dispute    - Proposal disputed, stakes transferred/burned
- */
-
-export const EscrowEvent = {
-  CREATED: 'escrow:created',
-  RELEASED: 'escrow:released',
-  COMPLETION_SETTLED: 'settlement:completion',
-  DISPUTE_SETTLED: 'settlement:dispute'
-};
-
-export class EscrowHooks {
-  constructor(options = {}) {
-    this.handlers = new Map(); // event -> Set of handlers
-    this.logger = options.logger || console;
-    this.continueOnError = options.continueOnError !== false; // default true
-
-    // Initialize event handler sets
-    for (const event of Object.values(EscrowEvent)) {
-      this.handlers.set(event, new Set());
-    }
-  }
-
-  /**
-   * Register a handler for an escrow event
-   * @param {string} event - Event name from EscrowEvent
-   * @param {Function} handler - Async function(payload) to call
-   * @returns {Function} Unsubscribe function
-   */
-  on(event, handler) {
-    if (!this.handlers.has(event)) {
-      throw new Error(`Unknown escrow event: ${event}`);
-    }
-
-    if (typeof handler !== 'function') {
-      throw new Error('Handler must be a function');
-    }
-
-    this.handlers.get(event).add(handler);
-
-    // Return unsubscribe function
-    return () => this.off(event, handler);
-  }
-
-  /**
-   * Remove a handler for an escrow event
-   * @param {string} event - Event name
-   * @param {Function} handler - Handler to remove
-   */
-  off(event, handler) {
-    if (this.handlers.has(event)) {
-      this.handlers.get(event).delete(handler);
-    }
-  }
-
-  /**
-   * Remove all handlers for an event (or all events)
-   * @param {string} [event] - Optional event name
-   */
-  clear(event) {
-    if (event) {
-      if (this.handlers.has(event)) {
-        this.handlers.get(event).clear();
-      }
-    } else {
-      for (const handlers of this.handlers.values()) {
-        handlers.clear();
-      }
-    }
-  }
-
-  /**
-   * Emit an escrow event to all registered handlers
-   * @param {string} event - Event name
-   * @param {Object} payload - Event payload
-   * @returns {Promise<Object>} Results from all handlers
-   */
-  async emit(event, payload) {
-    if (!this.handlers.has(event)) {
-      throw new Error(`Unknown escrow event: ${event}`);
-    }
-
-    const handlers = this.handlers.get(event);
-    if (handlers.size === 0) {
-      return { event, handled: false, results: [] };
-    }
-
-    const results = [];
-    const errors = [];
-
-    for (const handler of handlers) {
-      try {
-        const result = await handler(payload);
-        results.push({ success: true, result });
-      } catch (err) {
-        const errorInfo = {
-          success: false,
-          error: err.message,
-          stack: err.stack
-        };
-        errors.push(errorInfo);
-        results.push(errorInfo);
-
-        this.logger.error?.(`[EscrowHooks] Error in ${event} handler:`, err.message);
-
-        if (!this.continueOnError) {
-          break;
-        }
-      }
-    }
-
-    return {
-      event,
-      handled: true,
-      results,
-      errors: errors.length > 0 ? errors : undefined
-    };
-  }
-
-  /**
-   * Check if any handlers are registered for an event
-   * @param {string} event - Event name
-   * @returns {boolean}
-   */
-  hasHandlers(event) {
-    return this.handlers.has(event) && this.handlers.get(event).size > 0;
-  }
-
-  /**
-   * Get count of handlers for an event
-   * @param {string} event - Event name
-   * @returns {number}
-   */
-  handlerCount(event) {
-    return this.handlers.has(event) ? this.handlers.get(event).size : 0;
-  }
-}
-
-/**
- * Create payload for escrow:created event
- */
-export function createEscrowCreatedPayload(proposal, escrowResult) {
-  return {
-    event: EscrowEvent.CREATED,
-    timestamp: Date.now(),
-    proposal_id: proposal.id,
-    from_agent: proposal.from,
-    to_agent: proposal.to,
-    proposer_stake: proposal.proposer_stake || 0,
-    acceptor_stake: proposal.acceptor_stake || 0,
-    total_stake: (proposal.proposer_stake || 0) + (proposal.acceptor_stake || 0),
-    task: proposal.task,
-    amount: proposal.amount,
-    currency: proposal.currency,
-    expires: proposal.expires,
-    escrow_id: escrowResult.escrow?.proposal_id || proposal.id
-  };
-}
-
-/**
- * Create payload for settlement:completion event
- */
-export function createCompletionPayload(proposal, ratingChanges) {
-  const escrowInfo = ratingChanges?._escrow || {};
-  return {
-    event: EscrowEvent.COMPLETION_SETTLED,
-    timestamp: Date.now(),
-    proposal_id: proposal.id,
-    from_agent: proposal.from,
-    to_agent: proposal.to,
-    completed_by: proposal.completed_by,
-    completion_proof: proposal.completion_proof,
-    settlement: 'returned',
-    stakes_returned: {
-      proposer: escrowInfo.proposer_stake || 0,
-      acceptor: escrowInfo.acceptor_stake || 0
-    },
-    rating_changes: {
-      [proposal.from]: ratingChanges?.[proposal.from],
-      [proposal.to]: ratingChanges?.[proposal.to]
-    }
-  };
-}
-
-/**
- * Create payload for settlement:dispute event
- */
-export function createDisputePayload(proposal, ratingChanges) {
-  const escrowInfo = ratingChanges?._escrow || {};
-  return {
-    event: EscrowEvent.DISPUTE_SETTLED,
-    timestamp: Date.now(),
-    proposal_id: proposal.id,
-    from_agent: proposal.from,
-    to_agent: proposal.to,
-    disputed_by: proposal.disputed_by,
-    dispute_reason: proposal.dispute_reason,
-    settlement: escrowInfo.settlement || 'settled',
-    settlement_reason: escrowInfo.settlement_reason,
-    fault_determination: escrowInfo.fault_party,
-    stakes_transferred: escrowInfo.transferred,
-    stakes_burned: escrowInfo.burned,
-    rating_changes: {
-      [proposal.from]: ratingChanges?.[proposal.from],
-      [proposal.to]: ratingChanges?.[proposal.to]
-    }
-  };
-}
-
-/**
- * Create payload for escrow:released event
- */
-export function createEscrowReleasedPayload(proposalId, escrow, reason) {
-  return {
-    event: EscrowEvent.RELEASED,
-    timestamp: Date.now(),
-    proposal_id: proposalId,
-    from_agent: escrow.from?.agent_id,
-    to_agent: escrow.to?.agent_id,
-    stakes_released: {
-      proposer: escrow.from?.stake || 0,
-      acceptor: escrow.to?.stake || 0
-    },
-    reason: reason || 'expired'
-  };
-}
-
-export default EscrowHooks;

package/lib/identity.js

@@ -1,376 +0,0 @@
-/**
- * AgentChat Identity Module
- * Ed25519 key generation, storage, and signing
- */
-
-import crypto from 'crypto';
-import fs from 'fs/promises';
-import path from 'path';
-import os from 'os';
-
-// Default identity file location
-export const DEFAULT_IDENTITY_PATH = path.join(process.cwd(), '.agentchat', 'identity.json');
-
-/**
- * Generate stable agent ID from pubkey
- * Returns first 8 chars of SHA256 hash (hex)
- */
-export function pubkeyToAgentId(pubkey) {
-  const hash = crypto.createHash('sha256').update(pubkey).digest('hex');
-  return hash.substring(0, 8);
-}
-
-/**
- * Validate Ed25519 public key in PEM format
- */
-export function isValidPubkey(pubkey) {
-  if (!pubkey || typeof pubkey !== 'string') return false;
-
-  try {
-    const keyObj = crypto.createPublicKey(pubkey);
-    return keyObj.asymmetricKeyType === 'ed25519';
-  } catch {
-    return false;
-  }
-}
-
-/**
- * AgentChat Identity
- * Represents an agent's Ed25519 keypair and associated metadata
- */
-export class Identity {
-  constructor(data) {
-    this.name = data.name;
-    this.pubkey = data.pubkey;      // PEM format
-    this.privkey = data.privkey;    // PEM format (null if loaded from export)
-    this.created = data.created;
-    this.rotations = data.rotations || [];  // Array of rotation records
-
-    // Lazy-load crypto key objects
-    this._publicKey = null;
-    this._privateKey = null;
-  }
-
-  /**
-   * Generate new Ed25519 keypair
-   */
-  static generate(name) {
-    const { publicKey, privateKey } = crypto.generateKeyPairSync('ed25519');
-
-    return new Identity({
-      name,
-      pubkey: publicKey.export({ type: 'spki', format: 'pem' }),
-      privkey: privateKey.export({ type: 'pkcs8', format: 'pem' }),
-      created: new Date().toISOString()
-    });
-  }
-
-  /**
-   * Load identity from JSON file
-   */
-  static async load(filePath = DEFAULT_IDENTITY_PATH) {
-    const data = await fs.readFile(filePath, 'utf-8');
-    const parsed = JSON.parse(data);
-    return new Identity(parsed);
-  }
-
-  /**
-   * Save identity to JSON file
-   */
-  async save(filePath = DEFAULT_IDENTITY_PATH) {
-    // Ensure directory exists
-    const dir = path.dirname(filePath);
-    await fs.mkdir(dir, { recursive: true });
-
-    const data = {
-      name: this.name,
-      pubkey: this.pubkey,
-      privkey: this.privkey,
-      created: this.created,
-      rotations: this.rotations
-    };
-
-    await fs.writeFile(filePath, JSON.stringify(data, null, 2), {
-      mode: 0o600  // Owner read/write only
-    });
-  }
-
-  /**
-   * Check if identity file exists
-   */
-  static async exists(filePath = DEFAULT_IDENTITY_PATH) {
-    try {
-      await fs.access(filePath);
-      return true;
-    } catch {
-      return false;
-    }
-  }
-
-  /**
-   * Get fingerprint (first 16 chars of SHA256 hash of pubkey)
-   */
-  getFingerprint() {
-    const hash = crypto.createHash('sha256').update(this.pubkey).digest('hex');
-    return hash.substring(0, 16);
-  }
-
-  /**
-   * Get stable agent ID (first 8 chars of fingerprint)
-   */
-  getAgentId() {
-    return pubkeyToAgentId(this.pubkey);
-  }
-
-  /**
-   * Sign data with private key
-   * Returns base64-encoded signature
-   */
-  sign(data) {
-    if (!this.privkey) {
-      throw new Error('Private key not available (identity was loaded from export)');
-    }
-
-    if (!this._privateKey) {
-      this._privateKey = crypto.createPrivateKey(this.privkey);
-    }
-
-    const buffer = Buffer.isBuffer(data) ? data : Buffer.from(data);
-    const signature = crypto.sign(null, buffer, this._privateKey);
-    return signature.toString('base64');
-  }
-
-  /**
-   * Verify a signature
-   * Static method for verifying any message
-   */
-  static verify(data, signature, pubkey) {
-    try {
-      const keyObj = crypto.createPublicKey(pubkey);
-      const buffer = Buffer.isBuffer(data) ? data : Buffer.from(data);
-      const sigBuffer = Buffer.from(signature, 'base64');
-      return crypto.verify(null, buffer, keyObj, sigBuffer);
-    } catch {
-      return false;
-    }
-  }
-
-  /**
-   * Export for sharing (pubkey only, no private key)
-   */
-  export() {
-    return {
-      name: this.name,
-      pubkey: this.pubkey,
-      created: this.created,
-      rotations: this.rotations
-    };
-  }
-
-  /**
-   * Rotate to a new keypair
-   * Signs the new public key with the old private key for chain of custody
-   * @returns {object} Rotation record with old_pubkey, new_pubkey, signature, timestamp
-   */
-  rotate() {
-    if (!this.privkey) {
-      throw new Error('Private key not available - cannot rotate');
-    }
-
-    // Generate new keypair
-    const { publicKey, privateKey } = crypto.generateKeyPairSync('ed25519');
-    const newPubkey = publicKey.export({ type: 'spki', format: 'pem' });
-    const newPrivkey = privateKey.export({ type: 'pkcs8', format: 'pem' });
-
-    // Use same timestamp for both signing and record
-    const timestamp = new Date().toISOString();
-
-    // Create rotation record content to sign
-    const rotationContent = JSON.stringify({
-      old_pubkey: this.pubkey,
-      new_pubkey: newPubkey,
-      timestamp
-    });
-
-    // Sign with old private key
-    const signature = this.sign(rotationContent);
-
-    // Create rotation record
-    const rotationRecord = {
-      old_pubkey: this.pubkey,
-      old_agent_id: this.getAgentId(),
-      new_pubkey: newPubkey,
-      new_agent_id: pubkeyToAgentId(newPubkey),
-      signature,
-      timestamp
-    };
-
-    // Update identity with new keys
-    this.rotations.push(rotationRecord);
-    this.pubkey = newPubkey;
-    this.privkey = newPrivkey;
-    this._publicKey = null;
-    this._privateKey = null;
-
-    return rotationRecord;
-  }
-
-  /**
-   * Verify a rotation record
-   * Checks that the signature is valid using the old public key
-   * @param {object} record - Rotation record to verify
-   * @returns {boolean} True if signature is valid
-   */
-  static verifyRotation(record) {
-    try {
-      const rotationContent = JSON.stringify({
-        old_pubkey: record.old_pubkey,
-        new_pubkey: record.new_pubkey,
-        timestamp: record.timestamp
-      });
-
-      return Identity.verify(rotationContent, record.signature, record.old_pubkey);
-    } catch {
-      return false;
-    }
-  }
-
-  /**
-   * Verify the entire rotation chain
-   * @returns {object} { valid: boolean, errors: string[] }
-   */
-  verifyRotationChain() {
-    const errors = [];
-
-    if (this.rotations.length === 0) {
-      return { valid: true, errors: [] };
-    }
-
-    // Verify each rotation in sequence
-    for (let i = 0; i < this.rotations.length; i++) {
-      const record = this.rotations[i];
-
-      // Verify signature
-      if (!Identity.verifyRotation(record)) {
-        errors.push(`Rotation ${i + 1}: Invalid signature`);
-        continue;
-      }
-
-      // Verify chain continuity (each new_pubkey should match next old_pubkey)
-      if (i < this.rotations.length - 1) {
-        const nextRecord = this.rotations[i + 1];
-        if (record.new_pubkey !== nextRecord.old_pubkey) {
-          errors.push(`Rotation ${i + 1}: Chain break - new_pubkey doesn't match next old_pubkey`);
-        }
-      }
-    }
-
-    // Verify final pubkey matches current identity
-    const lastRotation = this.rotations[this.rotations.length - 1];
-    if (lastRotation.new_pubkey !== this.pubkey) {
-      errors.push('Final rotation new_pubkey does not match current identity pubkey');
-    }
-
-    return {
-      valid: errors.length === 0,
-      errors
-    };
-  }
-
-  /**
-   * Get the original (genesis) public key before any rotations
-   * @returns {string} Original public key in PEM format
-   */
-  getOriginalPubkey() {
-    if (this.rotations.length === 0) {
-      return this.pubkey;
-    }
-    return this.rotations[0].old_pubkey;
-  }
-
-  /**
-   * Get the original (genesis) agent ID
-   * @returns {string} Original agent ID
-   */
-  getOriginalAgentId() {
-    return pubkeyToAgentId(this.getOriginalPubkey());
-  }
-
-  /**
-   * Generate a signed revocation notice for this identity
-   * A revocation notice declares that the key should no longer be trusted
-   * @param {string} reason - Reason for revocation (e.g., "compromised", "retired", "lost")
-   * @returns {object} Revocation notice with pubkey, reason, signature, timestamp
-   */
-  revoke(reason = 'revoked') {
-    if (!this.privkey) {
-      throw new Error('Private key not available - cannot create revocation notice');
-    }
-
-    const timestamp = new Date().toISOString();
-
-    // Create revocation content to sign
-    const revocationContent = JSON.stringify({
-      type: 'REVOCATION',
-      pubkey: this.pubkey,
-      agent_id: this.getAgentId(),
-      reason,
-      timestamp
-    });
-
-    // Sign with the key being revoked (proves ownership)
-    const signature = this.sign(revocationContent);
-
-    return {
-      type: 'REVOCATION',
-      pubkey: this.pubkey,
-      agent_id: this.getAgentId(),
-      fingerprint: this.getFingerprint(),
-      reason,
-      timestamp,
-      signature,
-      // Include rotation history for full chain verification
-      rotations: this.rotations.length > 0 ? this.rotations : undefined,
-      original_agent_id: this.rotations.length > 0 ? this.getOriginalAgentId() : undefined
-    };
-  }
-
-  /**
-   * Verify a revocation notice
-   * Checks that the signature is valid using the pubkey in the notice
-   * @param {object} notice - Revocation notice to verify
-   * @returns {boolean} True if signature is valid
-   */
-  static verifyRevocation(notice) {
-    if (!notice || notice.type !== 'REVOCATION') {
-      return false;
-    }
-
-    try {
-      const revocationContent = JSON.stringify({
-        type: 'REVOCATION',
-        pubkey: notice.pubkey,
-        agent_id: notice.agent_id,
-        reason: notice.reason,
-        timestamp: notice.timestamp
-      });
-
-      return Identity.verify(revocationContent, notice.signature, notice.pubkey);
-    } catch {
-      return false;
-    }
-  }
-
-  /**
-   * Check if a pubkey has been revoked by checking against a revocation notice
-   * @param {string} pubkey - Public key to check
-   * @param {object} notice - Revocation notice
-   * @returns {boolean} True if the pubkey matches the revoked key
-   */
-  static isRevoked(pubkey, notice) {
-    if (!Identity.verifyRevocation(notice)) {
-      return false;
-    }
-    return notice.pubkey === pubkey;
-  }
-}