@vess-id/vess 0.2.0-alpha.1

package/dist/policy/types.d.ts

@@ -0,0 +1,21 @@
+import { PermissionRule } from '@vess-id/ai-identity';
+export type PolicySource = 'org' | 'user' | 'system';
+/**
+ * Local policy rule — extends PermissionRule with deny support.
+ * SDK PermissionRule is 'allow'-only because VCs only express positive permissions.
+ * Local policy needs 'deny' to block actions before they reach the Gateway.
+ */
+export interface LocalPolicyRule extends Omit<PermissionRule, 'effect'> {
+    effect: 'allow' | 'deny';
+    source?: PolicySource;
+}
+export interface LocalPolicy {
+    v: string;
+    rules: LocalPolicyRule[];
+}
+export interface PolicyEvaluationResult {
+    allowed: boolean;
+    reason?: string;
+    matchedRule?: LocalPolicyRule;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/policy/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/policy/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAsB,MAAM,sBAAsB,CAAA;AAEzE,MAAM,MAAM,YAAY,GAAG,KAAK,GAAG,MAAM,GAAG,QAAQ,CAAA;AAEpD;;;;GAIG;AACH,MAAM,WAAW,eAAgB,SAAQ,IAAI,CAAC,cAAc,EAAE,QAAQ,CAAC;IACrE,MAAM,EAAE,OAAO,GAAG,MAAM,CAAA;IACxB,MAAM,CAAC,EAAE,YAAY,CAAA;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B,CAAC,EAAE,MAAM,CAAA;IACT,KAAK,EAAE,eAAe,EAAE,CAAA;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAA;IAChB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,WAAW,CAAC,EAAE,eAAe,CAAA;CAC9B"}

package/dist/policy/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/policy/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/policy/types.ts"],"names":[],"mappings":""}

package/dist/utils/credential-errors.d.ts

@@ -0,0 +1,3 @@
+/** Check if an error message indicates an invalid credential (expired, revoked, etc.) */
+export declare function isCredentialInvalidError(message?: string): boolean;
+//# sourceMappingURL=credential-errors.d.ts.map

package/dist/utils/credential-errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-errors.d.ts","sourceRoot":"","sources":["../../src/utils/credential-errors.ts"],"names":[],"mappings":"AAcA,yFAAyF;AACzF,wBAAgB,wBAAwB,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAGlE"}

package/dist/utils/credential-errors.js

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isCredentialInvalidError = isCredentialInvalidError;
+/**
+ * Patterns that indicate a credential/VP is invalid (expired, revoked, malformed).
+ * Shared between gateway-client (HTTP response detection) and execution-engine (error classification).
+ */
+const CREDENTIAL_ERROR_PATTERNS = [
+    /VP verification failed/i,
+    /SD-JWT.*verification failed/i,
+    /JWT is expired/i,
+    /VC has expired/i,
+    /credential is not valid/i,
+    /credential.*expired/i,
+    /Authentication failed/i,
+];
+/** Check if an error message indicates an invalid credential (expired, revoked, etc.) */
+function isCredentialInvalidError(message) {
+    if (!message)
+        return false;
+    return CREDENTIAL_ERROR_PATTERNS.some(pattern => pattern.test(message));
+}
+//# sourceMappingURL=credential-errors.js.map

package/dist/utils/credential-errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-errors.js","sourceRoot":"","sources":["../../src/utils/credential-errors.ts"],"names":[],"mappings":";;AAeA,4DAGC;AAlBD;;;GAGG;AACH,MAAM,yBAAyB,GAAa;IAC1C,yBAAyB;IACzB,8BAA8B;IAC9B,iBAAiB;IACjB,iBAAiB;IACjB,0BAA0B;IAC1B,sBAAsB;IACtB,wBAAwB;CACzB,CAAA;AAED,yFAAyF;AACzF,SAAgB,wBAAwB,CAAC,OAAgB;IACvD,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAA;IAC1B,OAAO,yBAAyB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;AACzE,CAAC"}

package/dist/utils/resource-canonicalizer.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Canonicalize a file path for resource identity (spec §8.3).
+ *
+ * Steps:
+ * 1. Expand ~ to home directory
+ * 2. Convert to absolute path
+ * 3. Normalize . and ..
+ * 4. Resolve symlinks (realpath) if file exists
+ * 5. Normalize case (macOS is case-insensitive)
+ */
+export declare function canonicalizePath(filePath: string): string;
+/**
+ * Compute a fingerprint for a resource (spec §8.3).
+ *
+ * Fingerprint = sha256(canonical_path + device_id + inode)
+ * device_id = Root DID (cryptographically bound to device)
+ */
+export declare function computeFingerprint(canonicalPath: string, deviceId: string): string;
+//# sourceMappingURL=resource-canonicalizer.d.ts.map

package/dist/utils/resource-canonicalizer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resource-canonicalizer.d.ts","sourceRoot":"","sources":["../../src/utils/resource-canonicalizer.ts"],"names":[],"mappings":"AAKA;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAiCzD;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,GACf,MAAM,CAYR"}

package/dist/utils/resource-canonicalizer.js

@@ -0,0 +1,100 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.canonicalizePath = canonicalizePath;
+exports.computeFingerprint = computeFingerprint;
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const fs = __importStar(require("fs"));
+const crypto_1 = require("crypto");
+/**
+ * Canonicalize a file path for resource identity (spec §8.3).
+ *
+ * Steps:
+ * 1. Expand ~ to home directory
+ * 2. Convert to absolute path
+ * 3. Normalize . and ..
+ * 4. Resolve symlinks (realpath) if file exists
+ * 5. Normalize case (macOS is case-insensitive)
+ */
+function canonicalizePath(filePath) {
+    let resolved = filePath;
+    // 1. Expand ~
+    if (resolved.startsWith('~/') || resolved === '~') {
+        resolved = path.join(os.homedir(), resolved.slice(1));
+    }
+    // 2. Convert to absolute
+    if (!path.isAbsolute(resolved)) {
+        resolved = path.resolve(resolved);
+    }
+    // 3. Normalize . and ..
+    resolved = path.normalize(resolved);
+    // 4. Resolve symlinks if file exists
+    try {
+        resolved = fs.realpathSync(resolved);
+    }
+    catch {
+        // File doesn't exist yet, use normalized path
+    }
+    // 5. Case normalization (macOS is case-insensitive)
+    // NOTE: Fingerprints generated on macOS (lowercased) will differ from Linux
+    // (case-preserved) for the same file. This is by design since fingerprints
+    // are device-bound (via Root DID), but cross-platform migration would
+    // require re-canonicalization.
+    if (process.platform === 'darwin') {
+        resolved = resolved.toLowerCase();
+    }
+    return resolved;
+}
+/**
+ * Compute a fingerprint for a resource (spec §8.3).
+ *
+ * Fingerprint = sha256(canonical_path + device_id + inode)
+ * device_id = Root DID (cryptographically bound to device)
+ */
+function computeFingerprint(canonicalPath, deviceId) {
+    let inode = '';
+    try {
+        const stat = fs.statSync(canonicalPath);
+        inode = String(stat.ino);
+    }
+    catch {
+        // File doesn't exist, omit inode
+    }
+    const data = `${canonicalPath}:${deviceId}:${inode}`;
+    const hash = (0, crypto_1.createHash)('sha256').update(data).digest('hex');
+    return `sha256:${hash}`;
+}
+//# sourceMappingURL=resource-canonicalizer.js.map

package/dist/utils/resource-canonicalizer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resource-canonicalizer.js","sourceRoot":"","sources":["../../src/utils/resource-canonicalizer.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAeA,4CAiCC;AAQD,gDAeC;AAvED,2CAA4B;AAC5B,uCAAwB;AACxB,uCAAwB;AACxB,mCAAmC;AAEnC;;;;;;;;;GASG;AACH,SAAgB,gBAAgB,CAAC,QAAgB;IAC/C,IAAI,QAAQ,GAAG,QAAQ,CAAA;IAEvB,cAAc;IACd,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,QAAQ,KAAK,GAAG,EAAE,CAAC;QAClD,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,yBAAyB;IACzB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IACnC,CAAC;IAED,wBAAwB;IACxB,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAA;IAEnC,qCAAqC;IACrC,IAAI,CAAC;QACH,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;IAED,oDAAoD;IACpD,4EAA4E;IAC5E,2EAA2E;IAC3E,sEAAsE;IACtE,+BAA+B;IAC/B,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAClC,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAA;IACnC,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;;;;GAKG;AACH,SAAgB,kBAAkB,CAChC,aAAqB,EACrB,QAAgB;IAEhB,IAAI,KAAK,GAAG,EAAE,CAAA;IACd,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAA;QACvC,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,iCAAiC;IACnC,CAAC;IAED,MAAM,IAAI,GAAG,GAAG,aAAa,IAAI,QAAQ,IAAI,KAAK,EAAE,CAAA;IACpD,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAC5D,OAAO,UAAU,IAAI,EAAE,CAAA;AACzB,CAAC"}

package/dist/utils/vc-utils.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Shared VC utility functions for agentd.
+ *
+ * NOTE: These functions decode the JWT payload WITHOUT verifying the signature.
+ * This is intentional — the Gateway is the authoritative verifier. These local
+ * checks are optimizations to avoid sending obviously-expired VCs over the network.
+ */
+/**
+ * Extract jti (JWT ID) from an SD-JWT VC credential string.
+ *
+ * @param credentialJwt - The full SD-JWT credential string
+ * @returns The jti string, or null if extraction fails
+ */
+export declare function extractJtiFromVC(credentialJwt: string): string | null;
+/**
+ * Extract exp (expiration time) from an SD-JWT VC credential string.
+ *
+ * @param credentialJwt - The full SD-JWT credential string
+ * @returns The exp as seconds since epoch, or null if extraction fails.
+ *          Returns null for non-finite or non-positive values.
+ */
+export declare function extractExpFromVC(credentialJwt: string): number | null;
+//# sourceMappingURL=vc-utils.d.ts.map

package/dist/utils/vc-utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vc-utils.d.ts","sourceRoot":"","sources":["../../src/utils/vc-utils.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAqBH;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAGrE;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAMrE"}

package/dist/utils/vc-utils.js

@@ -0,0 +1,53 @@
+"use strict";
+/**
+ * Shared VC utility functions for agentd.
+ *
+ * NOTE: These functions decode the JWT payload WITHOUT verifying the signature.
+ * This is intentional — the Gateway is the authoritative verifier. These local
+ * checks are optimizations to avoid sending obviously-expired VCs over the network.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.extractJtiFromVC = extractJtiFromVC;
+exports.extractExpFromVC = extractExpFromVC;
+/**
+ * Parse the payload of an SD-JWT VC credential string without signature verification.
+ * Shared helper to avoid duplicating base64url decode logic.
+ */
+function parseVCPayload(credentialJwt) {
+    try {
+        // SD-JWT format: <issuer-jwt>~<disclosure1>~<disclosure2>~...
+        const issuerJwt = credentialJwt.split('~')[0];
+        const parts = issuerJwt.split('.');
+        if (parts.length < 2)
+            return null;
+        return JSON.parse(Buffer.from(parts[1], 'base64url').toString('utf-8'));
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Extract jti (JWT ID) from an SD-JWT VC credential string.
+ *
+ * @param credentialJwt - The full SD-JWT credential string
+ * @returns The jti string, or null if extraction fails
+ */
+function extractJtiFromVC(credentialJwt) {
+    const payload = parseVCPayload(credentialJwt);
+    return typeof payload?.jti === 'string' ? payload.jti : null;
+}
+/**
+ * Extract exp (expiration time) from an SD-JWT VC credential string.
+ *
+ * @param credentialJwt - The full SD-JWT credential string
+ * @returns The exp as seconds since epoch, or null if extraction fails.
+ *          Returns null for non-finite or non-positive values.
+ */
+function extractExpFromVC(credentialJwt) {
+    const payload = parseVCPayload(credentialJwt);
+    if (typeof payload?.exp === 'number' && Number.isFinite(payload.exp) && payload.exp > 0) {
+        return payload.exp;
+    }
+    return null;
+}
+//# sourceMappingURL=vc-utils.js.map

package/dist/utils/vc-utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vc-utils.js","sourceRoot":"","sources":["../../src/utils/vc-utils.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AA2BH,4CAGC;AASD,4CAMC;AA3CD;;;GAGG;AACH,SAAS,cAAc,CAAC,aAAqB;IAC3C,IAAI,CAAC;QACH,8DAA8D;QAC9D,MAAM,SAAS,GAAG,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC7C,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAClC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QAEjC,OAAO,IAAI,CAAC,KAAK,CACf,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CACrD,CAAA;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,gBAAgB,CAAC,aAAqB;IACpD,MAAM,OAAO,GAAG,cAAc,CAAC,aAAa,CAAC,CAAA;IAC7C,OAAO,OAAO,OAAO,EAAE,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAA;AAC9D,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,aAAqB;IACpD,MAAM,OAAO,GAAG,cAAc,CAAC,aAAa,CAAC,CAAA;IAC7C,IAAI,OAAO,OAAO,EAAE,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC;QACxF,OAAO,OAAO,CAAC,GAAG,CAAA;IACpB,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC"}

package/dist/wallet/sqlite.d.ts

@@ -0,0 +1,4 @@
+import Database from 'better-sqlite3';
+export declare function openDatabase(dbPath: string): Database.Database;
+export declare function initSchema(db: Database.Database): void;
+//# sourceMappingURL=sqlite.d.ts.map

package/dist/wallet/sqlite.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sqlite.d.ts","sourceRoot":"","sources":["../../src/wallet/sqlite.ts"],"names":[],"mappings":"AAAA,OAAO,QAAQ,MAAM,gBAAgB,CAAA;AAGrC,wBAAgB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAO9D;AAED,wBAAgB,UAAU,CAAC,EAAE,EAAE,QAAQ,CAAC,QAAQ,GAAG,IAAI,CA2GtD"}

package/dist/wallet/sqlite.js

@@ -0,0 +1,158 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.openDatabase = openDatabase;
+exports.initSchema = initSchema;
+const better_sqlite3_1 = __importDefault(require("better-sqlite3"));
+const fs = __importStar(require("fs"));
+function openDatabase(dbPath) {
+    const existed = fs.existsSync(dbPath);
+    const db = new better_sqlite3_1.default(dbPath);
+    if (!existed && fs.existsSync(dbPath)) {
+        fs.chmodSync(dbPath, 0o600);
+    }
+    return db;
+}
+function initSchema(db) {
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS projects (
+      id TEXT PRIMARY KEY,
+      name TEXT NOT NULL,
+      is_default INTEGER DEFAULT 0,
+      user_role TEXT,
+      synced_at INTEGER
+    );
+
+    CREATE TABLE IF NOT EXISTS keys (
+      id TEXT PRIMARY KEY,
+      did TEXT NOT NULL UNIQUE,
+      key_type TEXT NOT NULL,
+      public_key TEXT NOT NULL,
+      keychain_ref TEXT NOT NULL,
+      storage_type TEXT NOT NULL DEFAULT 'keychain',
+      parent_did TEXT,
+      project_id TEXT,
+      client_name TEXT,
+      status TEXT DEFAULT 'active',
+      created_at INTEGER NOT NULL,
+      rotated_at INTEGER,
+      FOREIGN KEY (project_id) REFERENCES projects(id)
+    );
+
+    CREATE TABLE IF NOT EXISTS credentials (
+      id TEXT PRIMARY KEY,
+      holder_did TEXT NOT NULL,
+      project_id TEXT NOT NULL,
+      credential_jwt TEXT NOT NULL,
+      actions TEXT NOT NULL,
+      provider TEXT NOT NULL,
+      resources TEXT,
+      normalized_resource_key TEXT,
+      resource_fingerprint TEXT,
+      delegated_from TEXT,
+      status TEXT DEFAULT 'active',
+      expires_at INTEGER,
+      created_at INTEGER,
+      metadata TEXT,
+      FOREIGN KEY (project_id) REFERENCES projects(id)
+    );
+
+    CREATE INDEX IF NOT EXISTS idx_credentials_status ON credentials(status, provider);
+    CREATE INDEX IF NOT EXISTS idx_credentials_normalized_resource ON credentials(normalized_resource_key, status);
+
+    CREATE TABLE IF NOT EXISTS synced_policies (
+      id TEXT PRIMARY KEY,
+      project_id TEXT NOT NULL,
+      policy_json TEXT NOT NULL,
+      synced_at INTEGER NOT NULL,
+      FOREIGN KEY (project_id) REFERENCES projects(id)
+    );
+
+  `);
+    // Migration: add metadata column to existing databases
+    try {
+        db.exec('ALTER TABLE credentials ADD COLUMN metadata TEXT');
+    }
+    catch {
+        // Column already exists — safe to ignore
+    }
+    // Migration: add resources column to existing databases
+    try {
+        db.exec('ALTER TABLE credentials ADD COLUMN resources TEXT');
+    }
+    catch {
+        // Column already exists — safe to ignore
+    }
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS env_profiles (
+      id TEXT PRIMARY KEY,
+      profile_name TEXT NOT NULL,
+      key_name TEXT NOT NULL,
+      backend_type TEXT NOT NULL DEFAULT 'keychain',
+      imported_at INTEGER NOT NULL,
+      UNIQUE(profile_name, key_name)
+    );
+
+    CREATE TABLE IF NOT EXISTS audit_log (
+      id TEXT PRIMARY KEY,
+      timestamp INTEGER NOT NULL,
+      project_id TEXT,
+      root_did TEXT,
+      agent_did TEXT,
+      presenter_did TEXT,
+      action TEXT NOT NULL,
+      provider TEXT,
+      enforcement_type TEXT,
+      decision_source TEXT,
+      execution_type TEXT NOT NULL,
+      decision TEXT NOT NULL,
+      decision_reason TEXT,
+      requested_resource TEXT,
+      normalized_resource TEXT,
+      resource_fingerprint TEXT,
+      grant_id TEXT,
+      credential_id TEXT,
+      approval_mode TEXT,
+      approval_nonce TEXT,
+      metadata TEXT,
+      synced_at INTEGER,
+      FOREIGN KEY (project_id) REFERENCES projects(id)
+    );
+  `);
+}
+//# sourceMappingURL=sqlite.js.map

package/dist/wallet/sqlite.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sqlite.js","sourceRoot":"","sources":["../../src/wallet/sqlite.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,oCAOC;AAED,gCA2GC;AAvHD,oEAAqC;AACrC,uCAAwB;AAExB,SAAgB,YAAY,CAAC,MAAc;IACzC,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IACrC,MAAM,EAAE,GAAG,IAAI,wBAAQ,CAAC,MAAM,CAAC,CAAA;IAC/B,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;IAC7B,CAAC;IACD,OAAO,EAAE,CAAA;AACX,CAAC;AAED,SAAgB,UAAU,CAAC,EAAqB;IAC9C,EAAE,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsDP,CAAC,CAAA;IAEF,uDAAuD;IACvD,IAAI,CAAC;QACH,EAAE,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAA;IAC7D,CAAC;IAAC,MAAM,CAAC;QACP,yCAAyC;IAC3C,CAAC;IAED,wDAAwD;IACxD,IAAI,CAAC;QACH,EAAE,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAA;IAC9D,CAAC;IAAC,MAAM,CAAC;QACP,yCAAyC;IAC3C,CAAC;IAED,EAAE,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCP,CAAC,CAAA;AACJ,CAAC"}

package/dist/wallet/vp-builder.d.ts

@@ -0,0 +1,18 @@
+export interface VPBuildOptions {
+    credentialJwt: string;
+    signerDid: string;
+    signerPrivateKeyJwk: string;
+    nonce: string;
+    domain: string;
+}
+/**
+ * Build a Verifiable Presentation (SD-JWT KB-JWT) for local signing.
+ *
+ * The VP signer is the Agent DID (not Root DID — spec §4.2).
+ * Follows the same pattern as remote-mcp's VPCreationService.
+ * Accepts injectable signing key for future session key switching.
+ */
+export declare class VPBuilder {
+    buildVP(options: VPBuildOptions): Promise<string>;
+}
+//# sourceMappingURL=vp-builder.d.ts.map

package/dist/wallet/vp-builder.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vp-builder.d.ts","sourceRoot":"","sources":["../../src/wallet/vp-builder.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,cAAc;IAC7B,aAAa,EAAE,MAAM,CAAA;IACrB,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;IAC3B,KAAK,EAAE,MAAM,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;CACf;AAED;;;;;;GAMG;AACH,qBAAa,SAAS;IACd,OAAO,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC;CAwCxD"}

package/dist/wallet/vp-builder.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VPBuilder = void 0;
+const sd_jwt_vc_1 = require("@sd-jwt/sd-jwt-vc");
+const crypto_nodejs_1 = require("@sd-jwt/crypto-nodejs");
+/**
+ * Build a Verifiable Presentation (SD-JWT KB-JWT) for local signing.
+ *
+ * The VP signer is the Agent DID (not Root DID — spec §4.2).
+ * Follows the same pattern as remote-mcp's VPCreationService.
+ * Accepts injectable signing key for future session key switching.
+ */
+class VPBuilder {
+    async buildVP(options) {
+        const privateKey = JSON.parse(options.signerPrivateKeyJwk);
+        const signer = await crypto_nodejs_1.ES256.getSigner(privateKey);
+        const { d, key_ops, ...publicKeyJwk } = privateKey;
+        const verifier = await crypto_nodejs_1.ES256.getVerifier(publicKeyJwk);
+        const sdJwtInstance = new sd_jwt_vc_1.SDJwtVcInstance({
+            signer,
+            verifier,
+            signAlg: crypto_nodejs_1.ES256.alg,
+            hasher: crypto_nodejs_1.digest,
+            hashAlg: 'sha-256',
+            saltGenerator: crypto_nodejs_1.generateSalt,
+            kbSigner: signer,
+            kbSignAlg: crypto_nodejs_1.ES256.alg,
+        });
+        const decodedVC = await sdJwtInstance.decode(options.credentialJwt);
+        const presentableKeys = await decodedVC.presentableKeys(crypto_nodejs_1.digest);
+        const presentationFrame = {};
+        for (const key of presentableKeys) {
+            presentationFrame[key] = true;
+        }
+        const kbJwtPayload = {
+            iss: options.signerDid,
+            aud: options.domain,
+            nonce: options.nonce,
+            iat: Math.floor(Date.now() / 1000),
+        };
+        const presentation = await sdJwtInstance.present(options.credentialJwt, presentationFrame, { kb: { payload: kbJwtPayload } });
+        return presentation;
+    }
+}
+exports.VPBuilder = VPBuilder;
+//# sourceMappingURL=vp-builder.js.map

package/dist/wallet/vp-builder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vp-builder.js","sourceRoot":"","sources":["../../src/wallet/vp-builder.ts"],"names":[],"mappings":";;;AAAA,iDAAmD;AACnD,yDAAmE;AAUnE;;;;;;GAMG;AACH,MAAa,SAAS;IACpB,KAAK,CAAC,OAAO,CAAC,OAAuB;QACnC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;QAC1D,MAAM,MAAM,GAAG,MAAM,qBAAK,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;QAChD,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,YAAY,EAAE,GAAG,UAAqC,CAAA;QAC7E,MAAM,QAAQ,GAAG,MAAM,qBAAK,CAAC,WAAW,CAAC,YAAY,CAAC,CAAA;QAEtD,MAAM,aAAa,GAAG,IAAI,2BAAe,CAAC;YACxC,MAAM;YACN,QAAQ;YACR,OAAO,EAAE,qBAAK,CAAC,GAAG;YAClB,MAAM,EAAE,sBAAM;YACd,OAAO,EAAE,SAAS;YAClB,aAAa,EAAE,4BAAY;YAC3B,QAAQ,EAAE,MAAM;YAChB,SAAS,EAAE,qBAAK,CAAC,GAAG;SACrB,CAAC,CAAA;QAEF,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;QACnE,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,eAAe,CAAC,sBAAM,CAAC,CAAA;QAE/D,MAAM,iBAAiB,GAA4B,EAAE,CAAA;QACrD,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;YAClC,iBAAiB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAA;QAC/B,CAAC;QAED,MAAM,YAAY,GAAG;YACnB,GAAG,EAAE,OAAO,CAAC,SAAS;YACtB,GAAG,EAAE,OAAO,CAAC,MAAM;YACnB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;SACnC,CAAA;QAED,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,OAAO,CAC9C,OAAO,CAAC,aAAa,EACrB,iBAAiB,EACjB,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,CAClC,CAAA;QAED,OAAO,YAAY,CAAA;IACrB,CAAC;CACF;AAzCD,8BAyCC"}

package/dist/wallet/wallet.d.ts

@@ -0,0 +1,58 @@
+import Database from 'better-sqlite3';
+import { ResourceConstraint } from '../gateway/gateway-client';
+export interface CredentialEntry {
+    id?: string;
+    holderDid: string;
+    projectId: string;
+    credentialJwt: string;
+    actions: string[];
+    provider: string;
+    normalizedResourceKey?: string;
+    resourceFingerprint?: string;
+    delegatedFrom?: string;
+    status?: 'active' | 'revoked' | 'expired';
+    expiresAt?: number;
+    /**
+     * Structured resource constraints from the VC grant (e.g., Slack channel, GitHub repo).
+     * Stored as a denormalized cache for local resource-scoped credential lookup.
+     * Unlike credential_jwt (which requires SD-JWT decoding), this enables direct DB queries
+     * to find credentials by resource scope.
+     */
+    resources?: ResourceConstraint[];
+    metadata?: Record<string, unknown>;
+}
+export interface StoredCredential extends CredentialEntry {
+    id: string;
+    status: 'active' | 'revoked' | 'expired';
+    createdAt: number;
+}
+/**
+ * Validate and sanitize resources from gateway response at runtime.
+ * Strips unknown fields to prevent prototype pollution or type confusion.
+ */
+export declare function validateResources(raw: unknown): ResourceConstraint[] | undefined;
+export declare class Wallet {
+    private readonly db;
+    constructor(db: Database.Database);
+    storeCredential(entry: CredentialEntry): StoredCredential;
+    /**
+     * Find a credential by holder DID, action, and project.
+     * Uses json_each for action matching in JSON array.
+     * Excludes expired and revoked credentials.
+     */
+    findCredential(holderDid: string, action: string, projectId: string, resourceId?: string): StoredCredential | null;
+    /**
+     * Find a credential that is NOT scoped to any specific resource.
+     * Returns credentials where resources is NULL or an empty array '[]'.
+     */
+    findUnscopedCredential(holderDid: string, action: string, projectId: string): StoredCredential | null;
+    /**
+     * Find a credential by normalized resource key.
+     */
+    findCredentialByResource(normalizedKey: string, holderDid: string, projectId: string): StoredCredential | null;
+    revokeCredential(id: string): void;
+    getExpiredCredentials(): StoredCredential[];
+    getActiveCredentials(): StoredCredential[];
+    private rowToCredential;
+}
+//# sourceMappingURL=wallet.d.ts.map

package/dist/wallet/wallet.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wallet.d.ts","sourceRoot":"","sources":["../../src/wallet/wallet.ts"],"names":[],"mappings":"AAAA,OAAO,QAAQ,MAAM,gBAAgB,CAAA;AAErC,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAE9D,MAAM,WAAW,eAAe;IAC9B,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,EAAE,CAAA;IACjB,QAAQ,EAAE,MAAM,CAAA;IAChB,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,MAAM,CAAC,EAAE,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAA;IACzC,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,kBAAkB,EAAE,CAAA;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACnC;AAED,MAAM,WAAW,gBAAiB,SAAQ,eAAe;IACvD,EAAE,EAAE,MAAM,CAAA;IACV,MAAM,EAAE,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAA;IACxC,SAAS,EAAE,MAAM,CAAA;CAClB;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAC/B,GAAG,EAAE,OAAO,GACX,kBAAkB,EAAE,GAAG,SAAS,CAelC;AAED,qBAAa,MAAM;IACL,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAAF,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAElD,eAAe,CAAC,KAAK,EAAE,eAAe,GAAG,gBAAgB;IAqDzD;;;;OAIG;IACH,cAAc,CACZ,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,UAAU,CAAC,EAAE,MAAM,GAClB,gBAAgB,GAAG,IAAI;IAoC1B;;;OAGG;IACH,sBAAsB,CACpB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,GAChB,gBAAgB,GAAG,IAAI;IAgB1B;;OAEG;IACH,wBAAwB,CACtB,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GAChB,gBAAgB,GAAG,IAAI;IAe1B,gBAAgB,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAIlC,qBAAqB,IAAI,gBAAgB,EAAE;IAS3C,oBAAoB,IAAI,gBAAgB,EAAE;IAS1C,OAAO,CAAC,eAAe;CAkBxB"}