@vallum/registry 0.0.0-prerelease

package/dist/profileSchema.js

@@ -0,0 +1,187 @@
+export const AGENT_PROFILE_VERSION = "agent-profile/v1";
+export function validAgentProfileFixture() {
+    return {
+        version: AGENT_PROFILE_VERSION,
+        name: "researcher.demo.iota",
+        agentDid: "did:iota:agent:researcher-demo",
+        ownerDid: "did:iota:owner:research-team",
+        wallet: {
+            walletId: "wallet_researcher_demo",
+            address: "0x1111111111111111111111111111111111111111111111111111111111111111",
+            signerRef: "signer_ref_researcher_demo",
+            creationSource: "agent_created",
+            status: "active",
+        },
+        capabilities: [{
+                id: "research.summary",
+                displayName: "Research summary",
+                contracts: ["escrow:v1"],
+                scopes: ["contract:escrow", "action:open_escrow"],
+                credentialRefs: ["credential:research-summary:v1"],
+            }],
+        endpoints: [
+            { type: "mcp", url: "https://agent.example.test/mcp" },
+            { type: "agent_card", url: "https://agent.example.test/.well-known/agent-card.json" },
+        ],
+        credentialRefs: ["credential:research-summary:v1"],
+        supportedContracts: [{
+                id: "escrow:v1",
+                packageId: "0x2222222222222222222222222222222222222222222222222222222222222222",
+                module: "escrow",
+                functionName: "open_escrow",
+            }],
+        paymentMethods: [{
+                type: "iota",
+                asset: "IOTA",
+                address: "0x1111111111111111111111111111111111111111111111111111111111111111",
+            }],
+        spendPolicyRef: "policy:researcher-demo",
+        reputationRef: "reputation:researcher-demo",
+        expiresAt: "2026-06-10T13:00:00.000Z",
+        status: "active",
+        revocation: {
+            revoked: false,
+        },
+        metadata: {
+            purpose: "profile-schema-fixture",
+        },
+    };
+}
+export function validateAgentProfile(value, options = {}) {
+    if (!isRecord(value)) {
+        return fail("PROFILE_NOT_OBJECT", "$", "Agent profile must be a JSON object.");
+    }
+    if (value.version !== AGENT_PROFILE_VERSION) {
+        return fail("UNSUPPORTED_VERSION", "$.version", "Agent profile version is unsupported.");
+    }
+    const profile = value;
+    const errors = [];
+    rejectSecretFields(errors, value);
+    requireNonEmptyString(errors, profile.name, "$.name");
+    requireNonEmptyString(errors, profile.agentDid, "$.agentDid");
+    requireNonEmptyString(errors, profile.ownerDid, "$.ownerDid");
+    requireWallet(errors, profile.wallet, "$.wallet");
+    requireCapabilities(errors, profile.capabilities, "$.capabilities");
+    requireEndpoints(errors, profile.endpoints, "$.endpoints");
+    requireNonEmptyString(errors, profile.expiresAt, "$.expiresAt");
+    requireRevocation(errors, profile.revocation, "$.revocation");
+    const explicitStatus = normalizeStatus(profile.status);
+    if (!explicitStatus) {
+        push(errors, "FIELD_INVALID", "$.status", "Profile status must be active, revoked, or expired.");
+    }
+    if (typeof profile.expiresAt === "string" && profile.expiresAt.trim() !== "") {
+        const expiresAt = Date.parse(profile.expiresAt);
+        if (Number.isNaN(expiresAt)) {
+            push(errors, "FIELD_INVALID", "$.expiresAt", "Profile expiry must be an ISO timestamp.");
+        }
+        else if (expiresAt <= (options.now ?? new Date()).getTime()) {
+            push(errors, "PROFILE_EXPIRED", "$.expiresAt", "Agent profile is expired.");
+        }
+    }
+    if (profile.revocation?.revoked || profile.status === "revoked") {
+        push(errors, "PROFILE_REVOKED", "$.revocation.revoked", "Agent profile is revoked.");
+    }
+    if (profile.status === "expired") {
+        push(errors, "PROFILE_EXPIRED", "$.status", "Agent profile status is expired.");
+    }
+    if (errors.length > 0) {
+        return {
+            ok: false,
+            errors,
+            ...(explicitStatus ? { status: explicitStatus } : {}),
+        };
+    }
+    return { ok: true, profile };
+}
+function requireWallet(errors, value, path) {
+    if (!isRecord(value)) {
+        push(errors, "REQUIRED_FIELD_MISSING", path, "Wallet object is required.");
+        return;
+    }
+    requireNonEmptyString(errors, value.walletId, `${path}.walletId`);
+    requireNonEmptyString(errors, value.address, `${path}.address`);
+    requireNonEmptyString(errors, value.signerRef, `${path}.signerRef`);
+    requireNonEmptyString(errors, value.creationSource, `${path}.creationSource`);
+    if (!["active", "disabled", "revoked", "rotated"].includes(String(value.status))) {
+        push(errors, "FIELD_INVALID", `${path}.status`, "Wallet status is invalid.");
+    }
+    else if (value.status !== "active") {
+        push(errors, "PROFILE_REVOKED", `${path}.status`, "Agent profile wallet is not active.");
+    }
+}
+function requireCapabilities(errors, value, path) {
+    if (!Array.isArray(value) || value.length === 0) {
+        push(errors, "REQUIRED_FIELD_MISSING", path, "At least one capability is required.");
+        return;
+    }
+    value.forEach((capability, index) => {
+        if (!isRecord(capability)) {
+            push(errors, "FIELD_INVALID", `${path}[${index}]`, "Capability must be an object.");
+            return;
+        }
+        requireNonEmptyString(errors, capability.id, `${path}[${index}].id`);
+    });
+}
+function requireEndpoints(errors, value, path) {
+    if (!Array.isArray(value) || value.length === 0) {
+        push(errors, "REQUIRED_FIELD_MISSING", path, "At least one endpoint is required.");
+        return;
+    }
+    value.forEach((endpoint, index) => {
+        if (!isRecord(endpoint)) {
+            push(errors, "FIELD_INVALID", `${path}[${index}]`, "Endpoint must be an object.");
+            return;
+        }
+        if (!["mcp", "a2a", "agent_card", "https"].includes(String(endpoint.type))) {
+            push(errors, "FIELD_INVALID", `${path}[${index}].type`, "Endpoint type is invalid.");
+        }
+        requireNonEmptyString(errors, endpoint.url, `${path}[${index}].url`);
+    });
+}
+function requireRevocation(errors, value, path) {
+    if (!isRecord(value)) {
+        push(errors, "REQUIRED_FIELD_MISSING", path, "Revocation object is required.");
+        return;
+    }
+    if (typeof value.revoked !== "boolean") {
+        push(errors, "REQUIRED_FIELD_MISSING", `${path}.revoked`, "Revocation state is required.");
+    }
+}
+function requireNonEmptyString(errors, value, path) {
+    if (typeof value !== "string" || value.trim() === "") {
+        push(errors, "REQUIRED_FIELD_MISSING", path, "Required string field is missing.");
+    }
+}
+function rejectSecretFields(errors, value, path = "$") {
+    if (Array.isArray(value)) {
+        value.forEach((child, index) => {
+            rejectSecretFields(errors, child, `${path}[${index}]`);
+        });
+        return;
+    }
+    if (!isRecord(value))
+        return;
+    for (const [key, child] of Object.entries(value)) {
+        const childPath = `${path}.${key}`;
+        if (isSecretField(key)) {
+            push(errors, "SECRET_FIELD_NOT_ALLOWED", childPath, "Agent profile must not contain secret material.");
+        }
+        rejectSecretFields(errors, child, childPath);
+    }
+}
+function normalizeStatus(value) {
+    return value === "active" || value === "revoked" || value === "expired" ? value : undefined;
+}
+function fail(code, path, message) {
+    return { ok: false, errors: [{ code, path, message }] };
+}
+function push(errors, code, path, message) {
+    errors.push({ code, path, message });
+}
+function isRecord(value) {
+    return Boolean(value) && typeof value === "object" && !Array.isArray(value);
+}
+function isSecretField(key) {
+    return /^(seed|mnemonic|privateKey|private_key|rawKeypair|raw_keypair|rawTransactionBytes|raw_transaction_bytes|userSignature|user_signature|sponsorKey|sponsor_key|appApiKey|app_api_key|bearerToken|bearer_token|paymentCredential|payment_credential|signerSecret|signer_secret)$/i.test(key);
+}
+//# sourceMappingURL=profileSchema.js.map

package/dist/resolveAgent.d.ts

@@ -0,0 +1,26 @@
+import { type AgentProfile, type AgentProfileValidationError } from "./profileSchema.js";
+export type ResolveAgentErrorCode = "PROFILE_NOT_FOUND" | "PROFILE_MALFORMED" | "PROFILE_UNSUPPORTED_SCHEMA" | "PROFILE_REVOKED" | "PROFILE_EXPIRED" | "PROFILE_UNVERIFIABLE" | "PROFILE_STALE_CACHE";
+export interface ResolveAgentError {
+    readonly code: ResolveAgentErrorCode;
+    readonly message: string;
+    readonly name: string;
+    readonly validationErrors?: readonly AgentProfileValidationError[];
+}
+export type ResolveAgentResult = {
+    readonly ok: true;
+    readonly profile: AgentProfile;
+} | {
+    readonly ok: false;
+    readonly error: ResolveAgentError;
+};
+export interface AgentResolver {
+    resolve(name: string): Promise<ResolveAgentResult>;
+}
+export interface LocalAgentResolverOptions {
+    readonly profiles: readonly unknown[];
+    readonly now?: () => Date;
+}
+export declare function createLocalAgentResolver(options: LocalAgentResolverOptions): AgentResolver;
+export declare function resolveAgent(name: string, resolver: AgentResolver): Promise<ResolveAgentResult>;
+export declare function resolveAgentValidationErrorCode(errors: readonly AgentProfileValidationError[]): ResolveAgentErrorCode;
+//# sourceMappingURL=resolveAgent.d.ts.map

package/dist/resolveAgent.js

@@ -0,0 +1,63 @@
+import { validateAgentProfile, } from "./profileSchema.js";
+export function createLocalAgentResolver(options) {
+    const profilesByName = new Map();
+    for (const profile of options.profiles) {
+        if (isNamedProfileRecord(profile)) {
+            profilesByName.set(profile.name, profile);
+        }
+    }
+    return {
+        async resolve(name) {
+            const normalizedName = normalizeName(name);
+            const profile = profilesByName.get(normalizedName);
+            if (!profile) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "PROFILE_NOT_FOUND",
+                        message: "Agent profile was not found.",
+                        name: normalizedName,
+                    },
+                };
+            }
+            return validateResolvedProfile(normalizedName, profile, options.now?.());
+        },
+    };
+}
+export async function resolveAgent(name, resolver) {
+    return resolver.resolve(normalizeName(name));
+}
+function validateResolvedProfile(name, profile, now) {
+    const validation = validateAgentProfile(profile, { now });
+    if (validation.ok) {
+        return { ok: true, profile: validation.profile };
+    }
+    return {
+        ok: false,
+        error: {
+            code: resolveAgentValidationErrorCode(validation.errors),
+            message: "Agent profile failed validation.",
+            name,
+            validationErrors: validation.errors,
+        },
+    };
+}
+export function resolveAgentValidationErrorCode(errors) {
+    if (errors.some((error) => error.code === "PROFILE_REVOKED"))
+        return "PROFILE_REVOKED";
+    if (errors.some((error) => error.code === "PROFILE_EXPIRED"))
+        return "PROFILE_EXPIRED";
+    if (errors.some((error) => error.code === "UNSUPPORTED_VERSION"))
+        return "PROFILE_UNSUPPORTED_SCHEMA";
+    return "PROFILE_MALFORMED";
+}
+function normalizeName(name) {
+    return name.trim();
+}
+function isNamedProfileRecord(value) {
+    return Boolean(value) &&
+        typeof value === "object" &&
+        !Array.isArray(value) &&
+        typeof value.name === "string";
+}
+//# sourceMappingURL=resolveAgent.js.map

package/package.json

@@ -0,0 +1,32 @@
+{
+  "name": "@vallum/registry",
+  "version": "0.0.0-prerelease",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "license": "Apache-2.0",
+  "description": "Versioned Agent Profile schema and validator for Vallum.",
+  "files": [
+    "dist/**/*.js",
+    "dist/**/*.d.ts",
+    "LICENSE",
+    "README.md"
+  ],
+  "sideEffects": false,
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json"
+  },
+  "engines": {
+    "node": ">=20"
+  },
+  "publishConfig": {
+    "access": "public",
+    "tag": "next"
+  }
+}