@vess-id/ai-identity 0.5.0-alpha.16 → 0.5.0-alpha.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/index.d.mts +14 -6
  2. package/dist/index.js.map +1 -1
  3. package/dist/index.mjs.map +1 -1
  4. package/dist/vp/kb-jwt-builder.d.ts +14 -6
  5. package/dist/vp/kb-jwt-builder.d.ts.map +1 -1
  6. package/package.json +1 -1
package/dist/index.d.mts CHANGED
@@ -3493,20 +3493,28 @@ declare class APIVCManager {
3493
3493
 
3494
3494
  /**
3495
3495
  * Single source of truth for Key Binding JWT (KB-JWT) issuance shared across
3496
- * the AIdentity stack. Three production code paths build KB-JWTs and they
3496
+ * the AIdentity stack. Four production code paths build KB-JWTs and they
3497
3497
  * MUST stay byte-for-byte equivalent so a presentation built on one side is
3498
3498
  * accepted by the verifier on the other:
3499
3499
  *
3500
3500
  * - SDK clients via `VPManager.create()` (this package)
3501
3501
  * - API service via `packages/api/src/vp/vp-creation.service.ts`
3502
3502
  * - Remote MCP via `packages/remote-mcp/src/services/vp-creation.service.ts`
3503
+ * - agentd (`@vess-id/vess`) via `VPBuilder.buildVP()`
3504
+ * (`packages/agentd/src/wallet/vp-builder.ts`)
3503
3505
  *
3504
- * Historically each path had its own copy of this logic, and PR #391 (the
3506
+ * Historically each path had its own copy of this logic. PR #391 (the
3505
3507
  * commit that made `exp` REQUIRED on the verifier side) updated only two of
3506
- * the three. The SDK was missed and every SDK-built VP started failing at
3507
- * verification time. This module exists so that a future verifier change
3508
- * cannot drift from the issuer side: any update lands in one place and all
3509
- * three paths inherit it.
3508
+ * the three issuer paths known at the time; the SDK was missed and every
3509
+ * SDK-built VP started failing at verification time. The follow-up
3510
+ * consolidation (commit 02b169aa) brought the SDK in line, but agentd
3511
+ * which had its own KB-JWT literal in `wallet/vp-builder.ts` — was not
3512
+ * recognized as a fourth issuer. Staging then rejected every VP from
3513
+ * `@vess-id/vess` agentd alpha builds with `KB-JWT missing exp` until the
3514
+ * agentd hotfix (this commit's cohort) wired its VPBuilder through
3515
+ * `buildKbJwtPayload()`. This module exists so that a future verifier
3516
+ * change cannot drift from the issuer side: any update lands in one place
3517
+ * and all four paths inherit it.
3510
3518
  */
3511
3519
  /**
3512
3520
  * Default KB-JWT lifetime in seconds. Mirrors the cap enforced by the API's