npm - @tokenbuddy/tokenbuddy - Versions diffs - 1.0.36 → 1.0.38 - Mend

@tokenbuddy/tokenbuddy 1.0.36 → 1.0.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (146) hide show

package/dist/src/buyer-store.d.ts +7 -2
package/dist/src/buyer-store.js +46 -7
package/dist/src/cli.d.ts +1 -0
package/dist/src/cli.js +15 -7
package/dist/src/daemon.d.ts +12 -0
package/dist/src/daemon.js +791 -61
package/dist/src/doctor-diagnostics.js +1 -6
package/dist/src/provider-install.d.ts +2 -2
package/dist/src/provider-install.js +248 -2
package/dist/src/seller-catalog.d.ts +21 -0
package/dist/src/seller-catalog.js +17 -0
package/dist/src/seller-route-planner.d.ts +4 -1
package/dist/src/seller-route-planner.js +3 -0
package/dist/src/seller-routing-strategy.d.ts +3 -0
package/dist/src/terminal-detect.d.ts +1 -1
package/dist/src/terminal-detect.js +3 -2
package/dist/src/workdir.d.ts +10 -0
package/dist/src/workdir.js +26 -0
package/package.json +15 -2
package/static/ui/assets/index-Djfl9tw5.js +271 -0
package/static/ui/assets/index-DkfztCkn.css +1 -0
package/static/ui/index.html +2 -2
package/dist/src/buyer-store.d.ts.map +0 -1
package/dist/src/buyer-store.js.map +0 -1
package/dist/src/clawtip-bootstrap.d.ts.map +0 -1
package/dist/src/clawtip-bootstrap.js.map +0 -1
package/dist/src/cli.d.ts.map +0 -1
package/dist/src/cli.js.map +0 -1
package/dist/src/credit-tracker.d.ts.map +0 -1
package/dist/src/credit-tracker.js.map +0 -1
package/dist/src/daemon.d.ts.map +0 -1
package/dist/src/daemon.js.map +0 -1
package/dist/src/doctor-clawtip-wallet.d.ts.map +0 -1
package/dist/src/doctor-clawtip-wallet.js.map +0 -1
package/dist/src/doctor-diagnostics.d.ts.map +0 -1
package/dist/src/doctor-diagnostics.js.map +0 -1
package/dist/src/index.d.ts.map +0 -1
package/dist/src/index.js.map +0 -1
package/dist/src/init-clawtip-activation.d.ts.map +0 -1
package/dist/src/init-clawtip-activation.js.map +0 -1
package/dist/src/init-payment-options.d.ts.map +0 -1
package/dist/src/init-payment-options.js.map +0 -1
package/dist/src/init-setup.d.ts.map +0 -1
package/dist/src/init-setup.js.map +0 -1
package/dist/src/model-index.d.ts.map +0 -1
package/dist/src/model-index.js.map +0 -1
package/dist/src/package-update.d.ts.map +0 -1
package/dist/src/package-update.js.map +0 -1
package/dist/src/prewarm-cache.d.ts.map +0 -1
package/dist/src/prewarm-cache.js.map +0 -1
package/dist/src/prewarm-scheduler.d.ts.map +0 -1
package/dist/src/prewarm-scheduler.js.map +0 -1
package/dist/src/provider-install.d.ts.map +0 -1
package/dist/src/provider-install.js.map +0 -1
package/dist/src/provider-routing-config.d.ts.map +0 -1
package/dist/src/provider-routing-config.js.map +0 -1
package/dist/src/registry-trust.d.ts.map +0 -1
package/dist/src/registry-trust.js.map +0 -1
package/dist/src/route-failover.d.ts.map +0 -1
package/dist/src/route-failover.js.map +0 -1
package/dist/src/seller-catalog.d.ts.map +0 -1
package/dist/src/seller-catalog.js.map +0 -1
package/dist/src/seller-concurrency-limiter.d.ts.map +0 -1
package/dist/src/seller-concurrency-limiter.js.map +0 -1
package/dist/src/seller-metadata-cache.d.ts.map +0 -1
package/dist/src/seller-metadata-cache.js.map +0 -1
package/dist/src/seller-pool.d.ts.map +0 -1
package/dist/src/seller-pool.js.map +0 -1
package/dist/src/seller-route-planner.d.ts.map +0 -1
package/dist/src/seller-route-planner.js.map +0 -1
package/dist/src/seller-routing-config.d.ts.map +0 -1
package/dist/src/seller-routing-config.js.map +0 -1
package/dist/src/seller-routing-strategy.d.ts.map +0 -1
package/dist/src/seller-routing-strategy.js.map +0 -1
package/dist/src/stream-failover.d.ts.map +0 -1
package/dist/src/stream-failover.js.map +0 -1
package/dist/src/tb-clawtip-proof.d.ts.map +0 -1
package/dist/src/tb-clawtip-proof.js.map +0 -1
package/dist/src/tb-proxyd.d.ts.map +0 -1
package/dist/src/tb-proxyd.js.map +0 -1
package/dist/src/terminal-detect.d.ts.map +0 -1
package/dist/src/terminal-detect.js.map +0 -1
package/dist/src/terminal-image.d.ts.map +0 -1
package/dist/src/terminal-image.js.map +0 -1
package/src/buyer-store.ts +0 -1090
package/src/clawtip-bootstrap.ts +0 -65
package/src/cli.ts +0 -2243
package/src/credit-tracker.ts +0 -295
package/src/daemon.ts +0 -5475
package/src/doctor-clawtip-wallet.ts +0 -95
package/src/doctor-diagnostics.ts +0 -1026
package/src/index.ts +0 -16
package/src/init-clawtip-activation.ts +0 -695
package/src/init-payment-options.ts +0 -373
package/src/init-setup.ts +0 -165
package/src/model-index.ts +0 -278
package/src/package-update.ts +0 -311
package/src/prewarm-cache.ts +0 -485
package/src/prewarm-scheduler.ts +0 -675
package/src/provider-install.ts +0 -1006
package/src/provider-routing-config.ts +0 -410
package/src/registry-trust.ts +0 -51
package/src/route-failover.ts +0 -304
package/src/seller-catalog.ts +0 -505
package/src/seller-concurrency-limiter.ts +0 -161
package/src/seller-metadata-cache.ts +0 -91
package/src/seller-pool.ts +0 -557
package/src/seller-route-planner.ts +0 -513
package/src/seller-routing-config.ts +0 -211
package/src/seller-routing-strategy.ts +0 -362
package/src/stream-failover.ts +0 -152
package/src/tb-clawtip-proof.ts +0 -28
package/src/tb-proxyd.ts +0 -101
package/src/terminal-detect.ts +0 -333
package/src/terminal-image.ts +0 -228
package/static/ui/assets/index-0MVXD7bH.css +0 -1
package/static/ui/assets/index-BVbeDEwq.js +0 -271
package/static/ui/assets/index-BVbeDEwq.js.map +0 -1
package/tests/cli-routing.test.ts +0 -363
package/tests/control-plane-ui-endpoints.test.ts +0 -1630
package/tests/credit-tracker.test.ts +0 -165
package/tests/daemon-413-fallback.test.ts +0 -92
package/tests/daemon-classify.test.ts +0 -452
package/tests/daemon-roles.test.ts +0 -92
package/tests/daemon-trusted-registry-cache.test.ts +0 -132
package/tests/e2e.test.ts +0 -366
package/tests/image-generation-e2e.test.ts +0 -230
package/tests/model-index.test.ts +0 -198
package/tests/package-update.test.ts +0 -147
package/tests/prewarm-cache.test.ts +0 -296
package/tests/prewarm-scheduler.test.ts +0 -367
package/tests/provider-routing-config.test.ts +0 -150
package/tests/registry-trust.test.ts +0 -28
package/tests/route-failover.test.ts +0 -222
package/tests/seller-catalog-413.test.ts +0 -120
package/tests/seller-catalog-utilities.test.ts +0 -124
package/tests/seller-concurrency-limiter.test.ts +0 -83
package/tests/seller-metadata-cache.test.ts +0 -89
package/tests/seller-pool.test.ts +0 -365
package/tests/seller-route-planner.test.ts +0 -312
package/tests/seller-routing-config.test.ts +0 -124
package/tests/seller-routing-strategy.test.ts +0 -167
package/tests/stream-failover.test.ts +0 -52
package/tests/thousand-seller.test.ts +0 -151
package/tests/tokenbuddy.test.ts +0 -4043
package/tsconfig.json +0 -8

package/src/provider-routing-config.ts DELETED Viewed

@@ -1,410 +0,0 @@
-import type { SellerRoutingScorer } from "./seller-routing-strategy.js";
-export const PROVIDER_MODE_CONFIG_KEY = "provider-mode";
-export const MANUAL_PROVIDER_CONFIG_KEY = "manual-providers";
-export const AUTO_PROVIDER_CONFIG_KEY = "auto-provider";
-export const MANUAL_PROVIDER_OBSERVATIONS_CONFIG_KEY = "manual-provider-observations";
-export type ProviderMode = "manual" | "auto";
-export type ManualProviderKind = "openai-compatible";
-export type ProviderProtocol = "chat_completions" | "responses" | "messages" | "images_generations";
-export type AutoProviderRange = "recommended" | "custom";
-export type ManualProviderRoutingPolicy = "fallback" | "locked";
-export interface ProviderModeConfig {
-  mode: ProviderMode;
-  updatedAt: string;
-}
-export interface ManualProviderConfig {
-  id: string;
-  name: string;
-  kind: ManualProviderKind;
-  baseUrl: string;
-  apiKeyEnv?: string;
-  secretRef?: string;
-  models: string[];
-  supportedProtocols: ProviderProtocol[];
-  enabled: boolean;
-  notes?: string;
-  createdAt: string;
-  updatedAt: string;
-}
-export interface ManualProvidersConfig {
-  version: 1;
-  providers: ManualProviderConfig[];
-  routing: ManualProviderRoutingConfig;
-  updatedAt: string;
-}
-export interface ManualProviderRoutingConfig {
-  policy: ManualProviderRoutingPolicy;
-  lockedProviderId?: string;
-}
-export interface AutoProviderConfig {
-  enabled: boolean;
-  range: AutoProviderRange;
-  scorer: SellerRoutingScorer;
-  modelIds: string[];
-  sellerIds: string[];
-  maxConcurrentProviders: 10;
-  updatedAt: string;
-}
-export interface PublicManualProviderConfig extends Omit<ManualProviderConfig, "apiKeyEnv" | "secretRef"> {
-  keyRef?: {
-    kind: "env" | "secret";
-    name: string;
-    configured: boolean;
-  };
-  current?: boolean;
-  lastAccess?: string;
-  status?: "healthy" | "degraded" | "unhealthy" | "unknown";
-  errorClass?: string;
-  errorMessage?: string;
-  ttftMs?: number;
-  avgTokensPerSecond?: number;
-}
-export interface ManualProviderObservation {
-  providerId: string;
-  current: boolean;
-  lastAccess: string;
-  status: "healthy" | "degraded" | "unhealthy" | "unknown";
-  errorClass?: string;
-  errorMessage?: string;
-  ttftMs?: number;
-  avgTokensPerSecond?: number;
-}
-export interface ManualProviderObservationsConfig {
-  version: 1;
-  observations: ManualProviderObservation[];
-  updatedAt: string;
-}
-const VALID_PROTOCOLS = new Set<ProviderProtocol>(["chat_completions", "responses", "messages", "images_generations"]);
-const VALID_SCORERS = new Set<SellerRoutingScorer>(["balanced", "speed", "discount"]);
-export function defaultProviderModeConfig(now = new Date().toISOString()): ProviderModeConfig {
-  return {
-    mode: "manual",
-    updatedAt: now
-  };
-}
-export function normalizeProviderModeConfig(value: unknown, now = new Date().toISOString()): ProviderModeConfig {
-  if (!isRecord(value)) {
-    return defaultProviderModeConfig(now);
-  }
-  return {
-    mode: readProviderMode(value.mode),
-    updatedAt: readOptionalString(value.updatedAt) ?? now
-  };
-}
-export function normalizeManualProvidersConfig(value: unknown, now = new Date().toISOString()): ManualProvidersConfig {
-  if (!isRecord(value)) {
-    return {
-      version: 1,
-      providers: [],
-      routing: defaultManualProviderRoutingConfig(),
-      updatedAt: now
-    };
-  }
-  const providersValue = Array.isArray(value.providers) ? value.providers : [];
-  const seen = new Set<string>();
-  const providers = providersValue.map((providerValue) => {
-    const provider = normalizeManualProviderConfig(providerValue, { now });
-    if (seen.has(provider.id)) {
-      throw new Error(`manual provider id is duplicated: ${provider.id}`);
-    }
-    seen.add(provider.id);
-    return provider;
-  });
-  return {
-    version: 1,
-    providers,
-    routing: normalizeManualProviderRoutingConfig(value.routing),
-    updatedAt: readOptionalString(value.updatedAt) ?? now
-  };
-}
-export function defaultManualProviderRoutingConfig(): ManualProviderRoutingConfig {
-  return {
-    policy: "fallback"
-  };
-}
-export function normalizeManualProviderRoutingConfig(value: unknown): ManualProviderRoutingConfig {
-  if (!isRecord(value)) {
-    return defaultManualProviderRoutingConfig();
-  }
-  const policy = readManualProviderRoutingPolicy(value.policy);
-  const lockedProviderId = readOptionalString(value.lockedProviderId);
-  if (policy === "locked" && !lockedProviderId) {
-    throw new Error("manual provider locked routing requires lockedProviderId");
-  }
-  return {
-    policy,
-    lockedProviderId: policy === "locked" ? readProviderId(lockedProviderId) : undefined
-  };
-}
-export function normalizeManualProviderConfig(
-  value: unknown,
-  options: { now?: string; id?: string; existingIds?: ReadonlySet<string> } = {}
-): ManualProviderConfig {
-  if (!isRecord(value)) {
-    throw new Error("manual provider config must be an object");
-  }
-  if ("apiKey" in value) {
-    throw new Error("manual provider config must not contain a raw apiKey; use apiKeyEnv or secretRef");
-  }
-  const now = options.now ?? new Date().toISOString();
-  const id = readProviderId(options.id ?? value.id);
-  if (options.existingIds?.has(id)) {
-    throw new Error(`manual provider id is duplicated: ${id}`);
-  }
-  const apiKeyEnv = readOptionalString(value.apiKeyEnv);
-  const secretRef = readOptionalString(value.secretRef);
-  if (!apiKeyEnv && !secretRef) {
-    throw new Error("manual provider requires apiKeyEnv or secretRef");
-  }
-  if (apiKeyEnv && !/^[A-Za-z_][A-Za-z0-9_]*$/.test(apiKeyEnv)) {
-    throw new Error("manual provider apiKeyEnv must be a valid environment variable name");
-  }
-  return {
-    id,
-    name: readRequiredString(value.name, "manual provider name"),
-    kind: readManualProviderKind(value.kind),
-    baseUrl: normalizeProviderBaseUrl(value.baseUrl),
-    apiKeyEnv,
-    secretRef,
-    models: readNonEmptyStringList(value.models, "manual provider models"),
-    supportedProtocols: readProtocols(value.supportedProtocols),
-    enabled: value.enabled === undefined ? true : value.enabled === true,
-    notes: readOptionalString(value.notes),
-    createdAt: readOptionalString(value.createdAt) ?? now,
-    updatedAt: now
-  };
-}
-export function normalizeAutoProviderConfig(value: unknown, now = new Date().toISOString()): AutoProviderConfig {
-  if (!isRecord(value)) {
-    return defaultAutoProviderConfig(now);
-  }
-  return {
-    enabled: value.enabled === true,
-    range: readAutoProviderRange(value.range),
-    scorer: readScorer(value.scorer),
-    modelIds: readStringList(value.modelIds),
-    sellerIds: readStringList(value.sellerIds),
-    maxConcurrentProviders: 10,
-    updatedAt: readOptionalString(value.updatedAt) ?? now
-  };
-}
-export function defaultAutoProviderConfig(now = new Date().toISOString()): AutoProviderConfig {
-  return {
-    enabled: false,
-    range: "recommended",
-    scorer: "balanced",
-    modelIds: [],
-    sellerIds: [],
-    maxConcurrentProviders: 10,
-    updatedAt: now
-  };
-}
-export function normalizeManualProviderObservationsConfig(
-  value: unknown,
-  now = new Date().toISOString()
-): ManualProviderObservationsConfig {
-  if (!isRecord(value)) {
-    return {
-      version: 1,
-      observations: [],
-      updatedAt: now
-    };
-  }
-  const observationsValue = Array.isArray(value.observations) ? value.observations : [];
-  const seen = new Set<string>();
-  const observations = observationsValue
-    .filter(isRecord)
-    .map((entry) => normalizeManualProviderObservation(entry, now))
-    .filter((entry) => {
-      if (seen.has(entry.providerId)) {
-        return false;
-      }
-      seen.add(entry.providerId);
-      return true;
-    });
-  return {
-    version: 1,
-    observations,
-    updatedAt: readOptionalString(value.updatedAt) ?? now
-  };
-}
-export function publicManualProviderConfig(
-  provider: ManualProviderConfig,
-  observation?: ManualProviderObservation,
-  env: NodeJS.ProcessEnv = process.env
-): PublicManualProviderConfig {
-  const keyRef = provider.apiKeyEnv
-    ? { kind: "env" as const, name: provider.apiKeyEnv, configured: Boolean(env[provider.apiKeyEnv]) }
-    : provider.secretRef
-      ? { kind: "secret" as const, name: provider.secretRef, configured: true }
-      : undefined;
-  const { apiKeyEnv: _apiKeyEnv, secretRef: _secretRef, ...publicProvider } = provider;
-  return {
-    ...publicProvider,
-    keyRef,
-    current: observation?.current,
-    lastAccess: observation?.lastAccess,
-    status: observation?.status,
-    errorClass: observation?.errorClass,
-    errorMessage: observation?.errorMessage,
-    ttftMs: observation?.ttftMs,
-    avgTokensPerSecond: observation?.avgTokensPerSecond
-  };
-}
-function normalizeManualProviderObservation(value: Record<string, unknown>, now: string): ManualProviderObservation {
-  return {
-    providerId: readRequiredString(value.providerId, "manual provider observation providerId"),
-    current: value.current === true,
-    lastAccess: readOptionalString(value.lastAccess) ?? now,
-    status: readObservationStatus(value.status),
-    errorClass: readOptionalString(value.errorClass),
-    errorMessage: readOptionalString(value.errorMessage),
-    ttftMs: readOptionalNumber(value.ttftMs),
-    avgTokensPerSecond: readOptionalNumber(value.avgTokensPerSecond)
-  };
-}
-function readObservationStatus(value: unknown): ManualProviderObservation["status"] {
-  if (value === "healthy" || value === "degraded" || value === "unhealthy" || value === "unknown") {
-    return value;
-  }
-  return "unknown";
-}
-function readProviderMode(value: unknown): ProviderMode {
-  if (value === "manual" || value === "auto") {
-    return value;
-  }
-  throw new Error("provider mode must be manual or auto");
-}
-function readManualProviderRoutingPolicy(value: unknown): ManualProviderRoutingPolicy {
-  if (value === undefined || value === null || value === "" || value === "fallback") {
-    return "fallback";
-  }
-  if (value === "locked") {
-    return "locked";
-  }
-  throw new Error("manual provider routing policy must be fallback or locked");
-}
-function readManualProviderKind(value: unknown): ManualProviderKind {
-  if (value === undefined || value === null || value === "" || value === "openai-compatible") {
-    return "openai-compatible";
-  }
-  throw new Error("manual provider kind must be openai-compatible");
-}
-function readAutoProviderRange(value: unknown): AutoProviderRange {
-  if (value === undefined || value === null || value === "" || value === "recommended") {
-    return "recommended";
-  }
-  if (value === "custom") {
-    return "custom";
-  }
-  throw new Error("auto provider range must be recommended or custom");
-}
-function readScorer(value: unknown): SellerRoutingScorer {
-  if (value === undefined || value === null || value === "") {
-    return "balanced";
-  }
-  if (typeof value === "string" && VALID_SCORERS.has(value as SellerRoutingScorer)) {
-    return value as SellerRoutingScorer;
-  }
-  throw new Error("auto provider scorer must be balanced, speed, or discount");
-}
-function readProtocols(value: unknown): ProviderProtocol[] {
-  const protocols = readStringList(value);
-  if (protocols.length === 0) {
-    return ["chat_completions"];
-  }
-  const invalid = protocols.find((protocol) => !VALID_PROTOCOLS.has(protocol as ProviderProtocol));
-  if (invalid) {
-    throw new Error(`manual provider protocol is invalid: ${invalid}`);
-  }
-  return protocols as ProviderProtocol[];
-}
-function normalizeProviderBaseUrl(value: unknown): string {
-  const raw = readRequiredString(value, "manual provider baseUrl");
-  let parsed: URL;
-  try {
-    parsed = new URL(raw);
-  } catch {
-    throw new Error("manual provider baseUrl must be a valid URL");
-  }
-  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
-    throw new Error("manual provider baseUrl must use http or https");
-  }
-  return parsed.toString().replace(/\/+$/, "");
-}
-function readProviderId(value: unknown): string {
-  const id = readRequiredString(value, "manual provider id");
-  if (!/^[A-Za-z0-9][A-Za-z0-9_-]{1,63}$/.test(id)) {
-    throw new Error("manual provider id must be 2-64 characters of letters, numbers, underscore, or dash");
-  }
-  return id;
-}
-function readRequiredString(value: unknown, label: string): string {
-  if (typeof value !== "string" || value.trim().length === 0) {
-    throw new Error(`${label} is required`);
-  }
-  return value.trim();
-}
-function readOptionalString(value: unknown): string | undefined {
-  return typeof value === "string" && value.trim().length > 0 ? value.trim() : undefined;
-}
-function readOptionalNumber(value: unknown): number | undefined {
-  return typeof value === "number" && Number.isFinite(value) ? value : undefined;
-}
-function readNonEmptyStringList(value: unknown, label: string): string[] {
-  const entries = readStringList(value);
-  if (entries.length === 0) {
-    throw new Error(`${label} must contain at least one value`);
-  }
-  return entries;
-}
-function readStringList(value: unknown): string[] {
-  if (!Array.isArray(value)) {
-    return [];
-  }
-  return value
-    .filter((entry): entry is string => typeof entry === "string")
-    .map((entry) => entry.trim())
-    .filter((entry, index, all) => entry.length > 0 && all.indexOf(entry) === index);
-}
-function isRecord(value: unknown): value is Record<string, unknown> {
-  return Boolean(value && typeof value === "object" && !Array.isArray(value));
-}

package/src/registry-trust.ts DELETED Viewed

@@ -1,51 +0,0 @@
-import * as crypto from "crypto";
-export const DEFAULT_SELLER_REGISTRY_URL = "https://registry.tokenbuddy.ai/v1/registry.json";
-export const DEFAULT_SELLER_REGISTRY_SIGNATURE_URL = "https://registry.tokenbuddy.ai/v1/registry.sig";
-const TRUSTED_REGISTRY_KEYS: Record<string, string> = {
-  "registry-ed25519-2026-06": "MCowBQYDK2VwAyEAcPWdwqqycIHmhSBWmt+HgFgQEMNFJv2uEEcpxPzwgb0="
-};
-export function signatureUrlForRegistryUrl(registryUrl: string): string {
-  if (registryUrl === DEFAULT_SELLER_REGISTRY_URL) {
-    return DEFAULT_SELLER_REGISTRY_SIGNATURE_URL;
-  }
-  return registryUrl.replace(/\.json(?:\?.*)?$/, ".sig");
-}
-export function shouldVerifyRegistry(registryUrl: string): boolean {
-  if (process.env.TB_PROXYD_ALLOW_UNSIGNED_REGISTRY === "1") {
-    return false;
-  }
-  return registryUrl === DEFAULT_SELLER_REGISTRY_URL || process.env.TB_PROXYD_REQUIRE_SIGNED_REGISTRY === "1";
-}
-export function verifyTrustedRegistrySignature(registryBytes: string, signatureText: string): string {
-  return verifyRegistrySignatureWithKeys(registryBytes, signatureText, TRUSTED_REGISTRY_KEYS);
-}
-export function verifyRegistrySignatureWithKeys(
-  registryBytes: string,
-  signatureText: string,
-  trustedKeys: Record<string, string>
-): string {
-  const signature = signatureText.trim();
-  for (const [keyId, publicKeyDerBase64] of Object.entries(trustedKeys)) {
-    const publicKey = crypto.createPublicKey({
-      key: Buffer.from(publicKeyDerBase64, "base64"),
-      format: "der",
-      type: "spki"
-    });
-    const ok = crypto.verify(
-      null,
-      Buffer.from(registryBytes, "utf8"),
-      publicKey,
-      Buffer.from(signature, "base64url")
-    );
-    if (ok) {
-      return keyId;
-    }
-  }
-  throw new Error("registry signature verification failed");
-}