@totemsdk/manifest 0.1.0 → 0.1.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Totem SDK Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -217,7 +217,7 @@ interface EdgeServiceManifest {
 
 ## See also
 
-- [`@totemsdk/core`](../core) — WOTS signing primitives used internally
-- [`@totemsdk/lookup-protocol`](../lookup-protocol) — embeds `encodeManifest()` output in `APP_ANNOUNCE` / `AGENT_ANNOUNCE` messages
-- [`@totemsdk/wots-lease`](../wots-lease) — manage WOTS key index reservation before calling `signManifest`
-- [`@totemsdk/root-identity`](../root-identity) — optional `rootIdentityProof` field for chain-of-custody linking
+- [`@totemsdk/core`](https://www.npmjs.com/package/@totemsdk/core) — WOTS signing primitives used internally
+- [`@totemsdk/lookup-protocol`](https://www.npmjs.com/package/@totemsdk/lookup-protocol) — embeds `encodeManifest()` output in `APP_ANNOUNCE` / `AGENT_ANNOUNCE` messages
+- [`@totemsdk/wots-lease`](https://www.npmjs.com/package/@totemsdk/wots-lease) — manage WOTS key index reservation before calling `signManifest`
+- [`@totemsdk/root-identity`](https://www.npmjs.com/package/@totemsdk/root-identity) — optional `rootIdentityProof` field for chain-of-custody linking

package/dist/constants.js

@@ -1,11 +1,14 @@
-export const MANIFEST_VERSION = 1;
-export const MANIFEST_TYPE_BYTE = {
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MANIFEST_BYTE_TO_TYPE = exports.MANIFEST_TYPE_BYTE = exports.MANIFEST_VERSION = void 0;
+exports.MANIFEST_VERSION = 1;
+exports.MANIFEST_TYPE_BYTE = {
     app: 0x01,
     capability: 0x02,
     dapp: 0x03,
     'edge-service': 0x04,
 };
-export const MANIFEST_BYTE_TO_TYPE = {
+exports.MANIFEST_BYTE_TO_TYPE = {
     0x01: 'app',
     0x02: 'capability',
     0x03: 'dapp',

package/dist/encoding.js

@@ -1,3 +1,4 @@
+"use strict";
 /**
  * Wire encoding/decoding for SignedManifest.
  *
@@ -12,15 +13,18 @@
  * The trailing WOTS signature bytes are stored separately for easy extraction by
  * the DHT / lookup-protocol layer without needing to parse the JSON.
  */
-import { MANIFEST_VERSION, MANIFEST_TYPE_BYTE, MANIFEST_BYTE_TO_TYPE } from './constants.js';
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.encodeManifest = encodeManifest;
+exports.decodeManifest = decodeManifest;
+const constants_js_1 = require("./constants.js");
 function manifestTypeByte(type) {
-    const byte = MANIFEST_TYPE_BYTE[type];
+    const byte = constants_js_1.MANIFEST_TYPE_BYTE[type];
     if (byte === undefined) {
         throw new Error(`encodeManifest: unknown manifest type: ${type}`);
     }
     return byte;
 }
-export function encodeManifest(signed) {
+function encodeManifest(signed) {
     const enc = new TextEncoder();
     const json = JSON.stringify(signed);
     const jsonBytes = enc.encode(json);
@@ -28,7 +32,7 @@ export function encodeManifest(signed) {
     const len = jsonBytes.length;
     const out = new Uint8Array(1 + 1 + 4 + len + sigBytes.length);
     let offset = 0;
-    out[offset++] = MANIFEST_VERSION;
+    out[offset++] = constants_js_1.MANIFEST_VERSION;
     out[offset++] = manifestTypeByte(signed.manifest.type);
     out[offset++] = (len >>> 24) & 0xff;
     out[offset++] = (len >>> 16) & 0xff;
@@ -39,16 +43,16 @@ export function encodeManifest(signed) {
     out.set(sigBytes, offset);
     return out;
 }
-export function decodeManifest(bytes) {
+function decodeManifest(bytes) {
     if (bytes.length < 6) {
         throw new Error('decodeManifest: buffer too short (< 6 bytes)');
     }
     const version = bytes[0];
-    if (version !== MANIFEST_VERSION) {
+    if (version !== constants_js_1.MANIFEST_VERSION) {
         throw new Error(`decodeManifest: unsupported MANIFEST_VERSION ${version}`);
     }
     const typeByte = bytes[1];
-    const expectedType = MANIFEST_BYTE_TO_TYPE[typeByte];
+    const expectedType = constants_js_1.MANIFEST_BYTE_TO_TYPE[typeByte];
     if (!expectedType) {
         throw new Error(`decodeManifest: unknown type discriminant 0x${typeByte.toString(16).padStart(2, '0')}`);
     }

package/dist/guards.js

@@ -1,7 +1,13 @@
+"use strict";
 /**
  * Type guards for manifest kinds.
  * Each guard accepts a raw Manifest or a SignedManifest.
  */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isAppManifest = isAppManifest;
+exports.isCapabilityManifest = isCapabilityManifest;
+exports.isDAppManifest = isDAppManifest;
+exports.isEdgeServiceManifest = isEdgeServiceManifest;
 function getRawManifest(input) {
     if (!input || typeof input !== 'object')
         return null;
@@ -12,15 +18,15 @@ function getRawManifest(input) {
         return input;
     return null;
 }
-export function isAppManifest(input) {
+function isAppManifest(input) {
     return getRawManifest(input)?.type === 'app';
 }
-export function isCapabilityManifest(input) {
+function isCapabilityManifest(input) {
     return getRawManifest(input)?.type === 'capability';
 }
-export function isDAppManifest(input) {
+function isDAppManifest(input) {
     return getRawManifest(input)?.type === 'dapp';
 }
-export function isEdgeServiceManifest(input) {
+function isEdgeServiceManifest(input) {
     return getRawManifest(input)?.type === 'edge-service';
 }

package/dist/id.js

@@ -1,3 +1,4 @@
+"use strict";
 /**
  * computeManifestId — deterministic stable ID for any manifest.
  *
@@ -10,13 +11,15 @@
  *   DAppManifest       → "dapp"       + authorAddress + contractHash
  *   EdgeServiceManifest → "edge-service" + operatorAddress + serviceType + name
  */
-import { sha3_256 } from '@noble/hashes/sha3.js';
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.computeManifestId = computeManifestId;
+const sha3_js_1 = require("@noble/hashes/sha3.js");
 function bytesToHex(b) {
     return Array.from(b)
         .map((x) => x.toString(16).padStart(2, '0'))
         .join('');
 }
-export function computeManifestId(manifest) {
+function computeManifestId(manifest) {
     let stableKey;
     switch (manifest.type) {
         case 'app':
@@ -36,5 +39,5 @@ export function computeManifestId(manifest) {
             throw new Error(`computeManifestId: unknown manifest type: ${JSON.stringify(_exhaustive)}`);
         }
     }
-    return bytesToHex(sha3_256(new TextEncoder().encode(stableKey)));
+    return bytesToHex((0, sha3_js_1.sha3_256)(new TextEncoder().encode(stableKey)));
 }

package/dist/index.js

@@ -1,6 +1,19 @@
-export { MANIFEST_VERSION } from './constants.js';
-export { computeManifestId } from './id.js';
-export { signManifest } from './sign.js';
-export { verifyManifest } from './verify.js';
-export { encodeManifest, decodeManifest } from './encoding.js';
-export { isAppManifest, isCapabilityManifest, isDAppManifest, isEdgeServiceManifest, } from './guards.js';
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isEdgeServiceManifest = exports.isDAppManifest = exports.isCapabilityManifest = exports.isAppManifest = exports.decodeManifest = exports.encodeManifest = exports.verifyManifest = exports.signManifest = exports.computeManifestId = exports.MANIFEST_VERSION = void 0;
+var constants_js_1 = require("./constants.js");
+Object.defineProperty(exports, "MANIFEST_VERSION", { enumerable: true, get: function () { return constants_js_1.MANIFEST_VERSION; } });
+var id_js_1 = require("./id.js");
+Object.defineProperty(exports, "computeManifestId", { enumerable: true, get: function () { return id_js_1.computeManifestId; } });
+var sign_js_1 = require("./sign.js");
+Object.defineProperty(exports, "signManifest", { enumerable: true, get: function () { return sign_js_1.signManifest; } });
+var verify_js_1 = require("./verify.js");
+Object.defineProperty(exports, "verifyManifest", { enumerable: true, get: function () { return verify_js_1.verifyManifest; } });
+var encoding_js_1 = require("./encoding.js");
+Object.defineProperty(exports, "encodeManifest", { enumerable: true, get: function () { return encoding_js_1.encodeManifest; } });
+Object.defineProperty(exports, "decodeManifest", { enumerable: true, get: function () { return encoding_js_1.decodeManifest; } });
+var guards_js_1 = require("./guards.js");
+Object.defineProperty(exports, "isAppManifest", { enumerable: true, get: function () { return guards_js_1.isAppManifest; } });
+Object.defineProperty(exports, "isCapabilityManifest", { enumerable: true, get: function () { return guards_js_1.isCapabilityManifest; } });
+Object.defineProperty(exports, "isDAppManifest", { enumerable: true, get: function () { return guards_js_1.isDAppManifest; } });
+Object.defineProperty(exports, "isEdgeServiceManifest", { enumerable: true, get: function () { return guards_js_1.isEdgeServiceManifest; } });

package/dist/sign.js

@@ -1,3 +1,4 @@
+"use strict";
 /**
  * signManifest — signs a manifest with a WOTS key.
  *
@@ -14,8 +15,11 @@
  * The caller is responsible for reserving the WOTS key index before calling
  * this function. This package does NOT depend on @totemsdk/wots-lease.
  */
-import { sha3_256 } from '@noble/hashes/sha3.js';
-import { wotsSign, wotsKeypairFromSeed, wotsAddressFromKeypair, bytesToHex, } from '@totemsdk/core';
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.manifestDigest = manifestDigest;
+exports.signManifest = signManifest;
+const sha3_js_1 = require("@noble/hashes/sha3.js");
+const core_1 = require("@totemsdk/core");
 /** Produce a deterministic canonical JSON string with sorted keys (recursive). */
 function canonicalJson(value) {
     if (value === null || typeof value !== 'object') {
@@ -29,20 +33,20 @@ function canonicalJson(value) {
     const pairs = keys.map((k) => `${JSON.stringify(k)}:${canonicalJson(obj[k])}`);
     return '{' + pairs.join(',') + '}';
 }
-export function manifestDigest(manifest) {
+function manifestDigest(manifest) {
     const canonical = canonicalJson(manifest);
-    return sha3_256(new TextEncoder().encode(canonical));
+    return (0, sha3_js_1.sha3_256)(new TextEncoder().encode(canonical));
 }
-export async function signManifest(manifest, seed, keyIndex) {
+async function signManifest(manifest, seed, keyIndex) {
     const digest = manifestDigest(manifest);
-    const sigBytes = wotsSign(seed, keyIndex, digest);
-    const kp = wotsKeypairFromSeed(seed, keyIndex);
-    const address = wotsAddressFromKeypair(kp);
+    const sigBytes = (0, core_1.wotsSign)(seed, keyIndex, digest);
+    const kp = (0, core_1.wotsKeypairFromSeed)(seed, keyIndex);
+    const address = (0, core_1.wotsAddressFromKeypair)(kp);
     return {
         manifest,
         authorAddress: address,
-        signerPublicKey: bytesToHex(kp.pk),
+        signerPublicKey: (0, core_1.bytesToHex)(kp.pk),
         signedAt: Date.now(),
-        signature: bytesToHex(sigBytes),
+        signature: (0, core_1.bytesToHex)(sigBytes),
     };
 }

package/dist/types.js

@@ -1,3 +1,4 @@
+"use strict";
 /**
  * @totemsdk/manifest — Manifest type definitions
  *
@@ -9,4 +10,4 @@
  *
  * No network, no blockchain, no Hyperswarm — pure schema.
  */
-export {};
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/verify.js

@@ -1,3 +1,4 @@
+"use strict";
 /**
  * verifyManifest — verifies a SignedManifest without external state.
  *
@@ -11,8 +12,10 @@
  * stores the 32-byte WOTS PKdigest as returned by wotsKeypairFromSeed.kp.pk.
  * The full 1088-byte key is not stored in SignedManifest to keep it compact.
  */
-import { wotsVerifyDigest, hexToBytes } from '@totemsdk/core';
-import { manifestDigest } from './sign.js';
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyManifest = verifyManifest;
+const core_1 = require("@totemsdk/core");
+const sign_js_1 = require("./sign.js");
 function manifestAddressField(manifest) {
     switch (manifest.type) {
         case 'app': return manifest.authorAddress;
@@ -25,21 +28,21 @@ function manifestAddressField(manifest) {
         }
     }
 }
-export function verifyManifest(signed) {
+function verifyManifest(signed) {
     const { manifest, signature, signerPublicKey, authorAddress } = signed;
     let sigBytes;
     let pkDigest;
     try {
-        sigBytes = hexToBytes(signature);
-        pkDigest = hexToBytes(signerPublicKey);
+        sigBytes = (0, core_1.hexToBytes)(signature);
+        pkDigest = (0, core_1.hexToBytes)(signerPublicKey);
     }
     catch (e) {
         return { valid: false, reason: `hex decode failed: ${String(e)}`, signerAddress: authorAddress };
     }
-    const digest = manifestDigest(manifest);
+    const digest = (0, sign_js_1.manifestDigest)(manifest);
     let sigValid;
     try {
-        sigValid = wotsVerifyDigest(sigBytes, digest, pkDigest);
+        sigValid = (0, core_1.wotsVerifyDigest)(sigBytes, digest, pkDigest);
     }
     catch (e) {
         return { valid: false, reason: `WOTS verify threw: ${String(e)}`, signerAddress: authorAddress };

package/package.json

@@ -1,25 +1,26 @@
 {
   "name": "@totemsdk/manifest",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Canonical signed declaration format for Totem Edge entities — apps, agent capabilities, dApps, and edge services",
-  "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "exports": {
     ".": {
       "types": "./dist/index.d.ts",
+      "require": "./dist/index.js",
       "import": "./dist/index.js"
     }
   },
   "files": [
     "dist",
-    "src"
+    "README.md",
+    "LICENSE"
   ],
   "dependencies": {
     "@totemsdk/core": "1.0.9"
   },
   "peerDependencies": {
-    "@noble/hashes": ">=1.3.0 <2.0.0"
+    "@noble/hashes": ">=1.3.0"
   },
   "peerDependenciesMeta": {
     "@noble/hashes": {
@@ -27,7 +28,7 @@
     }
   },
   "devDependencies": {
-    "@noble/hashes": "^1.3.0",
+    "@noble/hashes": "^2.2.0",
     "@types/jest": "^29.0.0",
     "@types/node": "^20.0.0",
     "jest": "^29.0.0",
@@ -41,6 +42,26 @@
     "access": "public"
   },
   "license": "MIT",
+  "author": "Totem SDK",
+  "homepage": "https://totemsdk.com",
+  "bugs": {
+    "url": "https://github.com/MrGheek/axia-totem/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/MrGheek/axia-totem.git",
+    "directory": "packages/totem-sdk/packages/manifest"
+  },
+  "keywords": [
+    "totem",
+    "totemsdk",
+    "minima",
+    "blockchain",
+    "quantum-resistant",
+    "wots",
+    "kissvm",
+    "utxo"
+  ],
   "scripts": {
     "build": "tsc",
     "clean": "rm -rf dist",

package/src/__tests__/encoding.test.ts

@@ -1,185 +0,0 @@
-/**
- * encoding.test.ts
- * encode → decode round-trips for all four manifest types.
- */
-
-import { signManifest } from '../sign.js';
-import { encodeManifest, decodeManifest } from '../encoding.js';
-import { MANIFEST_VERSION, MANIFEST_TYPE_BYTE } from '../constants.js';
-import type {
-  AppManifest,
-  CapabilityManifest,
-  DAppManifest,
-  EdgeServiceManifest,
-} from '../types.js';
-
-jest.setTimeout(60_000);
-
-const TEST_SEED = new Uint8Array(32).fill(0x11);
-const KEY_INDEX = 0;
-
-let resolvedAddress: string;
-
-beforeAll(async () => {
-  const tmp = await signManifest(
-    {
-      type: 'app',
-      appId: '',
-      name: 'init',
-      version: '1.0.0',
-      authorAddress: 'MxINIT',
-      pearTopicKey: 'a'.repeat(64),
-      price: '0',
-      category: [],
-      permissions: [],
-      description: '',
-      minTotemVersion: '0.1.0',
-    } satisfies AppManifest,
-    TEST_SEED,
-    KEY_INDEX,
-  );
-  resolvedAddress = tmp.authorAddress;
-});
-
-describe('encodeManifest / decodeManifest', () => {
-  it('round-trips AppManifest and preserves manifest type', async () => {
-    const manifest: AppManifest = {
-      type: 'app',
-      appId: 'abc123',
-      name: 'My App',
-      version: '1.0.0',
-      authorAddress: resolvedAddress,
-      pearTopicKey: 'f'.repeat(64),
-      price: '0',
-      category: ['finance'],
-      permissions: ['wallet:read-balance'],
-      description: 'Test',
-      minTotemVersion: '0.1.0',
-    };
-    const signed = await signManifest(manifest, TEST_SEED, KEY_INDEX);
-    const encoded = encodeManifest(signed);
-    const decoded = decodeManifest(encoded);
-
-    expect(decoded.manifest.type).toBe('app');
-    expect(decoded.manifest.type).toBe(signed.manifest.type);
-    expect((decoded.manifest as AppManifest).name).toBe('My App');
-    expect(decoded.signature).toBe(signed.signature);
-  });
-
-  it('round-trips CapabilityManifest', async () => {
-    const manifest: CapabilityManifest = {
-      type: 'capability',
-      capabilityId: 'cap1',
-      capabilityName: 'price-oracle',
-      agentAddress: resolvedAddress,
-      agentIdentityKey: 'e'.repeat(64),
-      description: 'Price oracle',
-      inputSchema: { type: 'object' },
-      outputSchema: { type: 'object' },
-      pricePerCall: '2',
-      expiresAt: Date.now() + 3600_000,
-      tags: ['oracle'],
-    };
-    const signed = await signManifest(manifest, TEST_SEED, KEY_INDEX);
-    const encoded = encodeManifest(signed);
-    const decoded = decodeManifest(encoded);
-
-    expect(decoded.manifest.type).toBe('capability');
-    expect((decoded.manifest as CapabilityManifest).capabilityName).toBe('price-oracle');
-  });
-
-  it('round-trips DAppManifest', async () => {
-    const manifest: DAppManifest = {
-      type: 'dapp',
-      dappId: 'dapp1',
-      name: 'Swap dApp',
-      version: '2.0.0',
-      authorAddress: resolvedAddress,
-      contractHash: 'd'.repeat(64),
-      abi: [],
-      price: '5',
-      category: ['defi'],
-      description: 'A swap contract',
-    };
-    const signed = await signManifest(manifest, TEST_SEED, KEY_INDEX);
-    const encoded = encodeManifest(signed);
-    const decoded = decodeManifest(encoded);
-
-    expect(decoded.manifest.type).toBe('dapp');
-    expect((decoded.manifest as DAppManifest).name).toBe('Swap dApp');
-  });
-
-  it('round-trips EdgeServiceManifest', async () => {
-    const manifest: EdgeServiceManifest = {
-      type: 'edge-service',
-      serviceId: 'edge1',
-      name: 'DHT Relay',
-      version: '1.0.0',
-      operatorAddress: resolvedAddress,
-      serviceType: 'omnia-router',
-      description: 'Omnia routing node',
-      capabilities: ['relay'],
-      tags: ['infrastructure'],
-    };
-    const signed = await signManifest(manifest, TEST_SEED, KEY_INDEX);
-    const encoded = encodeManifest(signed);
-    const decoded = decodeManifest(encoded);
-
-    expect(decoded.manifest.type).toBe('edge-service');
-    expect((decoded.manifest as EdgeServiceManifest).serviceType).toBe('omnia-router');
-  });
-
-  it('first byte is MANIFEST_VERSION', async () => {
-    const manifest: AppManifest = {
-      type: 'app',
-      appId: '',
-      name: 'v-test',
-      version: '1.0.0',
-      authorAddress: resolvedAddress,
-      pearTopicKey: 'a'.repeat(64),
-      price: '0',
-      category: [],
-      permissions: [],
-      description: '',
-      minTotemVersion: '0.1.0',
-    };
-    const signed = await signManifest(manifest, TEST_SEED, KEY_INDEX);
-    const encoded = encodeManifest(signed);
-    expect(encoded[0]).toBe(MANIFEST_VERSION);
-  });
-
-  it('second byte is correct type discriminant', async () => {
-    const appSigned = await signManifest(
-      { type: 'app', appId: '', name: 'x', version: '1.0.0', authorAddress: resolvedAddress, pearTopicKey: 'a'.repeat(64), price: '0', category: [], permissions: [], description: '', minTotemVersion: '0.1.0' } satisfies AppManifest,
-      TEST_SEED, KEY_INDEX,
-    );
-    expect(encodeManifest(appSigned)[1]).toBe(MANIFEST_TYPE_BYTE.app);
-
-    const capSigned = await signManifest(
-      { type: 'capability', capabilityId: '', capabilityName: 'x', agentAddress: resolvedAddress, agentIdentityKey: 'e'.repeat(64), description: '', inputSchema: {}, outputSchema: {}, pricePerCall: '1', expiresAt: 0, tags: [] } satisfies CapabilityManifest,
-      TEST_SEED, KEY_INDEX,
-    );
-    expect(encodeManifest(capSigned)[1]).toBe(MANIFEST_TYPE_BYTE.capability);
-
-    const edgeSigned = await signManifest(
-      { type: 'edge-service', serviceId: '', name: 'x', version: '1.0.0', operatorAddress: resolvedAddress, serviceType: 'sensor', description: '', capabilities: [], tags: [] } satisfies EdgeServiceManifest,
-      TEST_SEED, KEY_INDEX,
-    );
-    expect(encodeManifest(edgeSigned)[1]).toBe(MANIFEST_TYPE_BYTE['edge-service']);
-  });
-
-  it('throws on unknown type discriminant byte', () => {
-    const bad = new Uint8Array([1, 0xff, 0, 0, 0, 5, 104, 101, 108, 108, 111]);
-    expect(() => decodeManifest(bad)).toThrow(/unknown type discriminant/);
-  });
-
-  it('throws on buffer too short', () => {
-    expect(() => decodeManifest(new Uint8Array([1, 1, 0, 0]))).toThrow(/too short/);
-  });
-
-  it('throws on MANIFEST_VERSION mismatch', () => {
-    const bad = new Uint8Array(10).fill(0);
-    bad[0] = 255;
-    expect(() => decodeManifest(bad)).toThrow(/unsupported MANIFEST_VERSION/);
-  });
-});