@vorim/sdk 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Vorim AI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,101 @@
+# @vorim/sdk
+
+Official TypeScript SDK for **Vorim AI** — the AI Agent Identity & Trust Layer.
+
+Register agents with cryptographic identities, enforce fine-grained permissions, emit immutable audit trails, and verify trust scores.
+
+## Install
+
+```bash
+npm install @vorim/sdk
+```
+
+## Quick Start
+
+```typescript
+import createVorim from '@vorim/sdk';
+
+const vorim = createVorim({
+  apiKey: 'agid_sk_live_your_api_key_here',
+});
+
+// Register an agent with Ed25519 keypair
+const { agent, private_key } = await vorim.register({
+  name: 'InvoiceBot',
+  capabilities: ['api_access', 'email_send'],
+  scopes: ['agent:read', 'agent:write'],
+});
+
+// Check permissions (sub-5ms via Redis cache)
+const { allowed } = await vorim.check(agent.agent_id, 'agent:write');
+
+// Emit audit event
+await vorim.emit({
+  agent_id: agent.agent_id,
+  event_type: 'api_request',
+  action: 'POST /invoices',
+  result: 'success',
+});
+
+// Verify trust (public API, no auth needed)
+const trust = await vorim.verify(agent.agent_id);
+console.log(trust.trust_score); // 0-100
+```
+
+## Features
+
+- **Cryptographic Identity** — Ed25519 keypairs, SHA-256 fingerprints
+- **7 Permission Scopes** — `agent:read`, `write`, `execute`, `transact`, `communicate`, `delegate`, `elevate`
+- **Immutable Audit Trail** — ULID-ordered events with content hashes
+- **Trust Scoring** — Multi-factor algorithm (0-100)
+- **Payload Signing** — Client-side Ed25519 signatures via Web Crypto or Node.js crypto
+- **Dual Runtime** — Works in Node.js 18+ and modern browsers
+
+## API
+
+| Method | Description |
+|---|---|
+| `vorim.register(input)` | Register agent with keypair |
+| `vorim.getAgent(agentId)` | Get agent details |
+| `vorim.listAgents(params?)` | List organisation agents |
+| `vorim.revoke(agentId)` | Permanently revoke agent |
+| `vorim.check(agentId, scope)` | Check permission |
+| `vorim.grant(agentId, scope, options?)` | Grant permission |
+| `vorim.emit(event)` | Emit single audit event |
+| `vorim.emitBatch(events)` | Emit up to 1,000 events |
+| `vorim.verify(agentId)` | Public trust verification |
+| `vorim.sign(payload, privateKey)` | Ed25519 payload signing |
+
+## Configuration
+
+```typescript
+const vorim = createVorim({
+  apiKey: 'agid_sk_live_...',     // Required — your API key
+  baseUrl: 'https://api.vorim.ai', // Optional — API base URL
+  timeout: 10000,                   // Optional — request timeout (ms)
+});
+```
+
+## Error Handling
+
+```typescript
+import { VorimError } from '@vorim/sdk';
+
+try {
+  await vorim.check('invalid_id', 'agent:read');
+} catch (err) {
+  if (err instanceof VorimError) {
+    console.log(err.status);  // 404
+    console.log(err.code);    // 'AGENT_NOT_FOUND'
+    console.log(err.message); // 'Agent not found'
+  }
+}
+```
+
+## Documentation
+
+Full documentation at [vorim.dev/docs](https://vorim.dev/docs)
+
+## License
+
+MIT

package/dist/index.cjs

@@ -0,0 +1,208 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  VorimError: () => VorimError,
+  VorimSDK: () => VorimSDK,
+  default: () => createVorim
+});
+module.exports = __toCommonJS(index_exports);
+var VorimSDK = class {
+  apiKey;
+  baseUrl;
+  timeout;
+  constructor(config) {
+    this.apiKey = config.apiKey;
+    this.baseUrl = (config.baseUrl || "https://api.vorim.ai").replace(/\/$/, "") + "/v1";
+    this.timeout = config.timeout || 1e4;
+  }
+  // ─── Agent Identity ────────────────────────────────────────────────
+  /**
+   * Register a new agent with Vorim AI.
+   * Returns the agent identity and a private key (shown once).
+   */
+  async register(input) {
+    return this.post("/agents", input);
+  }
+  /**
+   * Verify an agent's identity via the public Trust API.
+   */
+  async verify(agentId) {
+    return this.get(`/trust/verify/${agentId}`);
+  }
+  /**
+   * Get agent details.
+   */
+  async getAgent(agentId) {
+    return this.get(`/agents/${agentId}`);
+  }
+  /**
+   * List all agents in the organisation.
+   */
+  async listAgents(params) {
+    const qs = new URLSearchParams(params).toString();
+    return this.get(`/agents${qs ? "?" + qs : ""}`);
+  }
+  /**
+   * Revoke an agent (permanent deactivation).
+   */
+  async revoke(agentId) {
+    await this.delete(`/agents/${agentId}`);
+  }
+  // ─── Permissions ──────────────────────────────────────────────────
+  /**
+   * Check if an agent has a specific permission scope.
+   * Target: < 5ms response via Redis cache.
+   */
+  async check(agentId, scope) {
+    return this.post(`/agents/${agentId}/permissions/verify`, { scope });
+  }
+  /**
+   * Grant a permission scope to an agent.
+   */
+  async grant(agentId, scope, options) {
+    return this.post(`/agents/${agentId}/permissions`, { scope, ...options });
+  }
+  // ─── Audit ────────────────────────────────────────────────────────
+  /**
+   * Emit an audit event for an agent action.
+   */
+  async emit(event) {
+    return this.post("/audit/events", { events: [event] });
+  }
+  /**
+   * Emit a batch of audit events (up to 1,000).
+   */
+  async emitBatch(events) {
+    return this.post("/audit/events", { events });
+  }
+  // ─── Signing ──────────────────────────────────────────────────────
+  /**
+   * Sign a payload with an Ed25519 private key (client-side).
+   * Uses the Web Crypto API or Node.js crypto.
+   */
+  async sign(payload, privateKeyPem) {
+    if (typeof globalThis.crypto?.subtle !== "undefined") {
+      const keyData = this.pemToArrayBuffer(privateKeyPem);
+      const key = await globalThis.crypto.subtle.importKey(
+        "pkcs8",
+        keyData,
+        { name: "Ed25519" },
+        false,
+        ["sign"]
+      );
+      const signature = await globalThis.crypto.subtle.sign(
+        "Ed25519",
+        key,
+        new TextEncoder().encode(payload)
+      );
+      return `ed25519:${this.arrayBufferToBase64(signature)}`;
+    } else {
+      const crypto = await import("crypto");
+      const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);
+      return `ed25519:${sign.toString("base64")}`;
+    }
+  }
+  // ─── HTTP Client ──────────────────────────────────────────────────
+  async get(path) {
+    return this.request("GET", path);
+  }
+  async post(path, body) {
+    return this.request("POST", path, body);
+  }
+  async delete(path) {
+    return this.request("DELETE", path);
+  }
+  async request(method, path, body) {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+    try {
+      const response = await fetch(`${this.baseUrl}${path}`, {
+        method,
+        headers: {
+          "Authorization": `Bearer ${this.apiKey}`,
+          "Content-Type": "application/json",
+          "User-Agent": "vorim-sdk/1.0.0"
+        },
+        body: body ? JSON.stringify(body) : void 0,
+        signal: controller.signal
+      });
+      if (!response.ok) {
+        const errBody = await response.json().catch(() => ({}));
+        throw new VorimError(
+          response.status,
+          errBody.error?.code || "UNKNOWN_ERROR",
+          errBody.error?.message || `HTTP ${response.status}`,
+          errBody.error?.details
+        );
+      }
+      const json = await response.json();
+      return json.data;
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+  pemToArrayBuffer(pem) {
+    const b64 = pem.replace(/-----[^-]+-----/g, "").replace(/\s/g, "");
+    const binary = atob(b64);
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+      bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes.buffer;
+  }
+  arrayBufferToBase64(buffer) {
+    const bytes = new Uint8Array(buffer);
+    let binary = "";
+    for (const byte of bytes) {
+      binary += String.fromCharCode(byte);
+    }
+    return btoa(binary);
+  }
+};
+var VorimError = class extends Error {
+  constructor(status, code, message, details) {
+    super(message);
+    this.status = status;
+    this.code = code;
+    this.details = details;
+    this.name = "VorimError";
+  }
+};
+function createVorim(config) {
+  return new VorimSDK(config);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  VorimError,
+  VorimSDK
+});
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — TypeScript\n// Thin client wrapping the Vorim AI REST API\n// ============================================================================\n\nimport type {\n  Agent, AgentRegistrationInput, AgentRegistrationResult,\n  TrustRecord, AuditEventInput, PermissionScope, PermissionCheckResult,\n} from './types.js';\n\nexport interface VorimConfig {\n  apiKey: string;\n  baseUrl?: string;\n  timeout?: number;\n}\n\nexport class VorimSDK {\n  private apiKey: string;\n  private baseUrl: string;\n  private timeout: number;\n\n  constructor(config: VorimConfig) {\n    this.apiKey = config.apiKey;\n    this.baseUrl = (config.baseUrl || 'https://api.vorim.ai').replace(/\\/$/, '') + '/v1';\n    this.timeout = config.timeout || 10000;\n  }\n\n  // ─── Agent Identity ────────────────────────────────────────────────\n\n  /**\n   * Register a new agent with Vorim AI.\n   * Returns the agent identity and a private key (shown once).\n   */\n  async register(input: AgentRegistrationInput): Promise<AgentRegistrationResult> {\n    return this.post('/agents', input);\n  }\n\n  /**\n   * Verify an agent's identity via the public Trust API.\n   */\n  async verify(agentId: string): Promise<TrustRecord> {\n    return this.get(`/trust/verify/${agentId}`);\n  }\n\n  /**\n   * Get agent details.\n   */\n  async getAgent(agentId: string): Promise<Agent> {\n    return this.get(`/agents/${agentId}`);\n  }\n\n  /**\n   * List all agents in the organisation.\n   */\n  async listAgents(params?: { page?: number; per_page?: number; status?: string }): Promise<{ agents: Agent[]; meta: any }> {\n    const qs = new URLSearchParams(params as any).toString();\n    return this.get(`/agents${qs ? '?' + qs : ''}`);\n  }\n\n  /**\n   * Revoke an agent (permanent deactivation).\n   */\n  async revoke(agentId: string): Promise<void> {\n    await this.delete(`/agents/${agentId}`);\n  }\n\n  // ─── Permissions ──────────────────────────────────────────────────\n\n  /**\n   * Check if an agent has a specific permission scope.\n   * Target: < 5ms response via Redis cache.\n   */\n  async check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult> {\n    return this.post(`/agents/${agentId}/permissions/verify`, { scope });\n  }\n\n  /**\n   * Grant a permission scope to an agent.\n   */\n  async grant(agentId: string, scope: PermissionScope, options?: {\n    valid_until?: string;\n    rate_limit?: { max: number; window: string };\n  }): Promise<any> {\n    return this.post(`/agents/${agentId}/permissions`, { scope, ...options });\n  }\n\n  // ─── Audit ────────────────────────────────────────────────────────\n\n  /**\n   * Emit an audit event for an agent action.\n   */\n  async emit(event: AuditEventInput): Promise<{ ingested: number }> {\n    return this.post('/audit/events', { events: [event] });\n  }\n\n  /**\n   * Emit a batch of audit events (up to 1,000).\n   */\n  async emitBatch(events: AuditEventInput[]): Promise<{ ingested: number }> {\n    return this.post('/audit/events', { events });\n  }\n\n  // ─── Signing ──────────────────────────────────────────────────────\n\n  /**\n   * Sign a payload with an Ed25519 private key (client-side).\n   * Uses the Web Crypto API or Node.js crypto.\n   */\n  async sign(payload: string, privateKeyPem: string): Promise<string> {\n    if (typeof globalThis.crypto?.subtle !== 'undefined') {\n      // Web Crypto API\n      const keyData = this.pemToArrayBuffer(privateKeyPem);\n      const key = await globalThis.crypto.subtle.importKey(\n        'pkcs8', keyData, { name: 'Ed25519' }, false, ['sign']\n      );\n      const signature = await globalThis.crypto.subtle.sign(\n        'Ed25519', key, new TextEncoder().encode(payload)\n      );\n      return `ed25519:${this.arrayBufferToBase64(signature)}`;\n    } else {\n      // Node.js crypto fallback\n      const crypto = await import('node:crypto');\n      const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);\n      return `ed25519:${sign.toString('base64')}`;\n    }\n  }\n\n  // ─── HTTP Client ──────────────────────────────────────────────────\n\n  private async get(path: string): Promise<any> {\n    return this.request('GET', path);\n  }\n\n  private async post(path: string, body: any): Promise<any> {\n    return this.request('POST', path, body);\n  }\n\n  private async delete(path: string): Promise<any> {\n    return this.request('DELETE', path);\n  }\n\n  private async request(method: string, path: string, body?: any): Promise<any> {\n    const controller = new AbortController();\n    const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n    try {\n      const response = await fetch(`${this.baseUrl}${path}`, {\n        method,\n        headers: {\n          'Authorization': `Bearer ${this.apiKey}`,\n          'Content-Type': 'application/json',\n          'User-Agent': 'vorim-sdk/1.0.0',\n        },\n        body: body ? JSON.stringify(body) : undefined,\n        signal: controller.signal,\n      });\n\n      if (!response.ok) {\n        const errBody = await response.json().catch(() => ({})) as Record<string, any>;\n        throw new VorimError(\n          response.status,\n          errBody.error?.code || 'UNKNOWN_ERROR',\n          errBody.error?.message || `HTTP ${response.status}`,\n          errBody.error?.details\n        );\n      }\n\n      const json = await response.json() as Record<string, any>;\n      return json.data;\n    } finally {\n      clearTimeout(timeoutId);\n    }\n  }\n\n  private pemToArrayBuffer(pem: string): ArrayBuffer {\n    const b64 = pem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, '');\n    const binary = atob(b64);\n    const bytes = new Uint8Array(binary.length);\n    for (let i = 0; i < binary.length; i++) {\n      bytes[i] = binary.charCodeAt(i);\n    }\n    return bytes.buffer;\n  }\n\n  private arrayBufferToBase64(buffer: ArrayBuffer): string {\n    const bytes = new Uint8Array(buffer);\n    let binary = '';\n    for (const byte of bytes) {\n      binary += String.fromCharCode(byte);\n    }\n    return btoa(binary);\n  }\n}\n\nexport class VorimError extends Error {\n  constructor(\n    public status: number,\n    public code: string,\n    message: string,\n    public details?: Record<string, unknown>\n  ) {\n    super(message);\n    this.name = 'VorimError';\n  }\n}\n\n// ─── Convenience export ──────────────────────────────────────────────\n\nexport default function createVorim(config: VorimConfig): VorimSDK {\n  return new VorimSDK(config);\n}\n\n// Re-export types for consumers\nexport type {\n  Agent, AgentRegistrationInput, AgentRegistrationResult,\n  TrustRecord, AuditEventInput, AuditEventType, AuditResult,\n  PermissionScope, PermissionCheckResult, AgentStatus,\n} from './types.js';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAgBO,IAAM,WAAN,MAAe;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,SAAS,OAAO;AACrB,SAAK,WAAW,OAAO,WAAW,wBAAwB,QAAQ,OAAO,EAAE,IAAI;AAC/E,SAAK,UAAU,OAAO,WAAW;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SAAS,OAAiE;AAC9E,WAAO,KAAK,KAAK,WAAW,KAAK;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAuC;AAClD,WAAO,KAAK,IAAI,iBAAiB,OAAO,EAAE;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAiC;AAC9C,WAAO,KAAK,IAAI,WAAW,OAAO,EAAE;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAW,QAAyG;AACxH,UAAM,KAAK,IAAI,gBAAgB,MAAa,EAAE,SAAS;AACvD,WAAO,KAAK,IAAI,UAAU,KAAK,MAAM,KAAK,EAAE,EAAE;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAgC;AAC3C,UAAM,KAAK,OAAO,WAAW,OAAO,EAAE;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,MAAM,SAAiB,OAAwD;AACnF,WAAO,KAAK,KAAK,WAAW,OAAO,uBAAuB,EAAE,MAAM,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,SAAiB,OAAwB,SAGpC;AACf,WAAO,KAAK,KAAK,WAAW,OAAO,gBAAgB,EAAE,OAAO,GAAG,QAAQ,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,KAAK,OAAuD;AAChE,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,QAA0D;AACxE,WAAO,KAAK,KAAK,iBAAiB,EAAE,OAAO,CAAC;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAK,SAAiB,eAAwC;AAClE,QAAI,OAAO,WAAW,QAAQ,WAAW,aAAa;AAEpD,YAAM,UAAU,KAAK,iBAAiB,aAAa;AACnD,YAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,QACzC;AAAA,QAAS;AAAA,QAAS,EAAE,MAAM,UAAU;AAAA,QAAG;AAAA,QAAO,CAAC,MAAM;AAAA,MACvD;AACA,YAAM,YAAY,MAAM,WAAW,OAAO,OAAO;AAAA,QAC/C;AAAA,QAAW;AAAA,QAAK,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,MAClD;AACA,aAAO,WAAW,KAAK,oBAAoB,SAAS,CAAC;AAAA,IACvD,OAAO;AAEL,YAAM,SAAS,MAAM,OAAO,QAAa;AACzC,YAAM,OAAO,OAAO,KAAK,MAAM,OAAO,KAAK,OAAO,GAAG,aAAa;AAClE,aAAO,WAAW,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA,EAIA,MAAc,IAAI,MAA4B;AAC5C,WAAO,KAAK,QAAQ,OAAO,IAAI;AAAA,EACjC;AAAA,EAEA,MAAc,KAAK,MAAc,MAAyB;AACxD,WAAO,KAAK,QAAQ,QAAQ,MAAM,IAAI;AAAA,EACxC;AAAA,EAEA,MAAc,OAAO,MAA4B;AAC/C,WAAO,KAAK,QAAQ,UAAU,IAAI;AAAA,EACpC;AAAA,EAEA,MAAc,QAAQ,QAAgB,MAAc,MAA0B;AAC5E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,QACrD;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,UACtC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,IAAI;AAAA,UACR,SAAS;AAAA,UACT,QAAQ,OAAO,QAAQ;AAAA,UACvB,QAAQ,OAAO,WAAW,QAAQ,SAAS,MAAM;AAAA,UACjD,QAAQ,OAAO;AAAA,QACjB;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,UAAE;AACA,mBAAa,SAAS;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,MAAM,IAAI,QAAQ,oBAAoB,EAAE,EAAE,QAAQ,OAAO,EAAE;AACjE,UAAM,SAAS,KAAK,GAAG;AACvB,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,IAChC;AACA,WAAO,MAAM;AAAA,EACf;AAAA,EAEQ,oBAAoB,QAA6B;AACvD,UAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,QAAI,SAAS;AACb,eAAW,QAAQ,OAAO;AACxB,gBAAU,OAAO,aAAa,IAAI;AAAA,IACpC;AACA,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,MAAM;AAAA,EACpC,YACS,QACA,MACP,SACO,SACP;AACA,UAAM,OAAO;AALN;AACA;AAEA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAIe,SAAR,YAA6B,QAA+B;AACjE,SAAO,IAAI,SAAS,MAAM;AAC5B;","names":[]}

package/dist/index.d.cts

@@ -0,0 +1,157 @@
+type AgentStatus = 'pending' | 'active' | 'suspended' | 'revoked' | 'expired';
+interface Agent {
+    id: string;
+    agent_id: string;
+    org_id: string;
+    owner_user_id: string;
+    name: string;
+    description?: string;
+    status: AgentStatus;
+    public_key: string;
+    key_fingerprint: string;
+    trust_score: number;
+    capabilities: string[];
+    metadata: Record<string, unknown>;
+    expires_at?: string;
+    created_at: string;
+    updated_at: string;
+    revoked_at?: string;
+    revoked_by?: string;
+}
+interface AgentRegistrationInput {
+    name: string;
+    description?: string;
+    capabilities: string[];
+    scopes: PermissionScope[];
+}
+interface AgentRegistrationResult {
+    agent: Agent;
+    private_key: string;
+    public_key: string;
+    key_fingerprint: string;
+}
+type PermissionScope = 'agent:read' | 'agent:write' | 'agent:execute' | 'agent:transact' | 'agent:communicate' | 'agent:delegate' | 'agent:elevate';
+interface PermissionCheckResult {
+    allowed: boolean;
+    scope: PermissionScope;
+    agent_id: string;
+    reason?: string;
+    remaining_quota?: number;
+}
+type AuditEventType = 'tool_call' | 'api_request' | 'message_sent' | 'permission_change' | 'status_change' | 'key_rotation' | 'login' | 'export';
+type AuditResult = 'success' | 'denied' | 'error';
+interface AuditEventInput {
+    agent_id: string;
+    event_type: AuditEventType;
+    action: string;
+    resource?: string;
+    input_hash?: string;
+    output_hash?: string;
+    permission?: PermissionScope;
+    result: AuditResult;
+    latency_ms?: number;
+    error_code?: string;
+    signature?: string;
+    metadata?: Record<string, unknown>;
+}
+interface TrustRecord {
+    agent_id: string;
+    owner: {
+        org_name: string;
+        verified: boolean;
+    };
+    trust_score: number;
+    status: AgentStatus;
+    created_at: string;
+    active_scopes: PermissionScope[];
+    key_fingerprint: string;
+    revocation_status: boolean;
+    last_active?: string;
+}
+
+interface VorimConfig {
+    apiKey: string;
+    baseUrl?: string;
+    timeout?: number;
+}
+declare class VorimSDK {
+    private apiKey;
+    private baseUrl;
+    private timeout;
+    constructor(config: VorimConfig);
+    /**
+     * Register a new agent with Vorim AI.
+     * Returns the agent identity and a private key (shown once).
+     */
+    register(input: AgentRegistrationInput): Promise<AgentRegistrationResult>;
+    /**
+     * Verify an agent's identity via the public Trust API.
+     */
+    verify(agentId: string): Promise<TrustRecord>;
+    /**
+     * Get agent details.
+     */
+    getAgent(agentId: string): Promise<Agent>;
+    /**
+     * List all agents in the organisation.
+     */
+    listAgents(params?: {
+        page?: number;
+        per_page?: number;
+        status?: string;
+    }): Promise<{
+        agents: Agent[];
+        meta: any;
+    }>;
+    /**
+     * Revoke an agent (permanent deactivation).
+     */
+    revoke(agentId: string): Promise<void>;
+    /**
+     * Check if an agent has a specific permission scope.
+     * Target: < 5ms response via Redis cache.
+     */
+    check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult>;
+    /**
+     * Grant a permission scope to an agent.
+     */
+    grant(agentId: string, scope: PermissionScope, options?: {
+        valid_until?: string;
+        rate_limit?: {
+            max: number;
+            window: string;
+        };
+    }): Promise<any>;
+    /**
+     * Emit an audit event for an agent action.
+     */
+    emit(event: AuditEventInput): Promise<{
+        ingested: number;
+    }>;
+    /**
+     * Emit a batch of audit events (up to 1,000).
+     */
+    emitBatch(events: AuditEventInput[]): Promise<{
+        ingested: number;
+    }>;
+    /**
+     * Sign a payload with an Ed25519 private key (client-side).
+     * Uses the Web Crypto API or Node.js crypto.
+     */
+    sign(payload: string, privateKeyPem: string): Promise<string>;
+    private get;
+    private post;
+    private delete;
+    private request;
+    private pemToArrayBuffer;
+    private arrayBufferToBase64;
+}
+declare class VorimError extends Error {
+    status: number;
+    code: string;
+    details?: Record<string, unknown> | undefined;
+    constructor(status: number, code: string, message: string, details?: Record<string, unknown> | undefined);
+}
+declare function createVorim(config: VorimConfig): VorimSDK;
+
+export { type Agent, type AgentRegistrationInput, type AgentRegistrationResult, type AgentStatus, type AuditEventInput, type AuditEventType, type AuditResult, type PermissionCheckResult, type PermissionScope, type TrustRecord, type VorimConfig, VorimError, VorimSDK, createVorim as default };

package/dist/index.d.ts

@@ -0,0 +1,157 @@
+type AgentStatus = 'pending' | 'active' | 'suspended' | 'revoked' | 'expired';
+interface Agent {
+    id: string;
+    agent_id: string;
+    org_id: string;
+    owner_user_id: string;
+    name: string;
+    description?: string;
+    status: AgentStatus;
+    public_key: string;
+    key_fingerprint: string;
+    trust_score: number;
+    capabilities: string[];
+    metadata: Record<string, unknown>;
+    expires_at?: string;
+    created_at: string;
+    updated_at: string;
+    revoked_at?: string;
+    revoked_by?: string;
+}
+interface AgentRegistrationInput {
+    name: string;
+    description?: string;
+    capabilities: string[];
+    scopes: PermissionScope[];
+}
+interface AgentRegistrationResult {
+    agent: Agent;
+    private_key: string;
+    public_key: string;
+    key_fingerprint: string;
+}
+type PermissionScope = 'agent:read' | 'agent:write' | 'agent:execute' | 'agent:transact' | 'agent:communicate' | 'agent:delegate' | 'agent:elevate';
+interface PermissionCheckResult {
+    allowed: boolean;
+    scope: PermissionScope;
+    agent_id: string;
+    reason?: string;
+    remaining_quota?: number;
+}
+type AuditEventType = 'tool_call' | 'api_request' | 'message_sent' | 'permission_change' | 'status_change' | 'key_rotation' | 'login' | 'export';
+type AuditResult = 'success' | 'denied' | 'error';
+interface AuditEventInput {
+    agent_id: string;
+    event_type: AuditEventType;
+    action: string;
+    resource?: string;
+    input_hash?: string;
+    output_hash?: string;
+    permission?: PermissionScope;
+    result: AuditResult;
+    latency_ms?: number;
+    error_code?: string;
+    signature?: string;
+    metadata?: Record<string, unknown>;
+}
+interface TrustRecord {
+    agent_id: string;
+    owner: {
+        org_name: string;
+        verified: boolean;
+    };
+    trust_score: number;
+    status: AgentStatus;
+    created_at: string;
+    active_scopes: PermissionScope[];
+    key_fingerprint: string;
+    revocation_status: boolean;
+    last_active?: string;
+}
+
+interface VorimConfig {
+    apiKey: string;
+    baseUrl?: string;
+    timeout?: number;
+}
+declare class VorimSDK {
+    private apiKey;
+    private baseUrl;
+    private timeout;
+    constructor(config: VorimConfig);
+    /**
+     * Register a new agent with Vorim AI.
+     * Returns the agent identity and a private key (shown once).
+     */
+    register(input: AgentRegistrationInput): Promise<AgentRegistrationResult>;
+    /**
+     * Verify an agent's identity via the public Trust API.
+     */
+    verify(agentId: string): Promise<TrustRecord>;
+    /**
+     * Get agent details.
+     */
+    getAgent(agentId: string): Promise<Agent>;
+    /**
+     * List all agents in the organisation.
+     */
+    listAgents(params?: {
+        page?: number;
+        per_page?: number;
+        status?: string;
+    }): Promise<{
+        agents: Agent[];
+        meta: any;
+    }>;
+    /**
+     * Revoke an agent (permanent deactivation).
+     */
+    revoke(agentId: string): Promise<void>;
+    /**
+     * Check if an agent has a specific permission scope.
+     * Target: < 5ms response via Redis cache.
+     */
+    check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult>;
+    /**
+     * Grant a permission scope to an agent.
+     */
+    grant(agentId: string, scope: PermissionScope, options?: {
+        valid_until?: string;
+        rate_limit?: {
+            max: number;
+            window: string;
+        };
+    }): Promise<any>;
+    /**
+     * Emit an audit event for an agent action.
+     */
+    emit(event: AuditEventInput): Promise<{
+        ingested: number;
+    }>;
+    /**
+     * Emit a batch of audit events (up to 1,000).
+     */
+    emitBatch(events: AuditEventInput[]): Promise<{
+        ingested: number;
+    }>;
+    /**
+     * Sign a payload with an Ed25519 private key (client-side).
+     * Uses the Web Crypto API or Node.js crypto.
+     */
+    sign(payload: string, privateKeyPem: string): Promise<string>;
+    private get;
+    private post;
+    private delete;
+    private request;
+    private pemToArrayBuffer;
+    private arrayBufferToBase64;
+}
+declare class VorimError extends Error {
+    status: number;
+    code: string;
+    details?: Record<string, unknown> | undefined;
+    constructor(status: number, code: string, message: string, details?: Record<string, unknown> | undefined);
+}
+declare function createVorim(config: VorimConfig): VorimSDK;
+
+export { type Agent, type AgentRegistrationInput, type AgentRegistrationResult, type AgentStatus, type AuditEventInput, type AuditEventType, type AuditResult, type PermissionCheckResult, type PermissionScope, type TrustRecord, type VorimConfig, VorimError, VorimSDK, createVorim as default };

package/dist/index.js

@@ -0,0 +1,172 @@
+// src/index.ts
+var VorimSDK = class {
+  apiKey;
+  baseUrl;
+  timeout;
+  constructor(config) {
+    this.apiKey = config.apiKey;
+    this.baseUrl = (config.baseUrl || "https://api.vorim.ai").replace(/\/$/, "") + "/v1";
+    this.timeout = config.timeout || 1e4;
+  }
+  // ─── Agent Identity ────────────────────────────────────────────────
+  /**
+   * Register a new agent with Vorim AI.
+   * Returns the agent identity and a private key (shown once).
+   */
+  async register(input) {
+    return this.post("/agents", input);
+  }
+  /**
+   * Verify an agent's identity via the public Trust API.
+   */
+  async verify(agentId) {
+    return this.get(`/trust/verify/${agentId}`);
+  }
+  /**
+   * Get agent details.
+   */
+  async getAgent(agentId) {
+    return this.get(`/agents/${agentId}`);
+  }
+  /**
+   * List all agents in the organisation.
+   */
+  async listAgents(params) {
+    const qs = new URLSearchParams(params).toString();
+    return this.get(`/agents${qs ? "?" + qs : ""}`);
+  }
+  /**
+   * Revoke an agent (permanent deactivation).
+   */
+  async revoke(agentId) {
+    await this.delete(`/agents/${agentId}`);
+  }
+  // ─── Permissions ──────────────────────────────────────────────────
+  /**
+   * Check if an agent has a specific permission scope.
+   * Target: < 5ms response via Redis cache.
+   */
+  async check(agentId, scope) {
+    return this.post(`/agents/${agentId}/permissions/verify`, { scope });
+  }
+  /**
+   * Grant a permission scope to an agent.
+   */
+  async grant(agentId, scope, options) {
+    return this.post(`/agents/${agentId}/permissions`, { scope, ...options });
+  }
+  // ─── Audit ────────────────────────────────────────────────────────
+  /**
+   * Emit an audit event for an agent action.
+   */
+  async emit(event) {
+    return this.post("/audit/events", { events: [event] });
+  }
+  /**
+   * Emit a batch of audit events (up to 1,000).
+   */
+  async emitBatch(events) {
+    return this.post("/audit/events", { events });
+  }
+  // ─── Signing ──────────────────────────────────────────────────────
+  /**
+   * Sign a payload with an Ed25519 private key (client-side).
+   * Uses the Web Crypto API or Node.js crypto.
+   */
+  async sign(payload, privateKeyPem) {
+    if (typeof globalThis.crypto?.subtle !== "undefined") {
+      const keyData = this.pemToArrayBuffer(privateKeyPem);
+      const key = await globalThis.crypto.subtle.importKey(
+        "pkcs8",
+        keyData,
+        { name: "Ed25519" },
+        false,
+        ["sign"]
+      );
+      const signature = await globalThis.crypto.subtle.sign(
+        "Ed25519",
+        key,
+        new TextEncoder().encode(payload)
+      );
+      return `ed25519:${this.arrayBufferToBase64(signature)}`;
+    } else {
+      const crypto = await import("crypto");
+      const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);
+      return `ed25519:${sign.toString("base64")}`;
+    }
+  }
+  // ─── HTTP Client ──────────────────────────────────────────────────
+  async get(path) {
+    return this.request("GET", path);
+  }
+  async post(path, body) {
+    return this.request("POST", path, body);
+  }
+  async delete(path) {
+    return this.request("DELETE", path);
+  }
+  async request(method, path, body) {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+    try {
+      const response = await fetch(`${this.baseUrl}${path}`, {
+        method,
+        headers: {
+          "Authorization": `Bearer ${this.apiKey}`,
+          "Content-Type": "application/json",
+          "User-Agent": "vorim-sdk/1.0.0"
+        },
+        body: body ? JSON.stringify(body) : void 0,
+        signal: controller.signal
+      });
+      if (!response.ok) {
+        const errBody = await response.json().catch(() => ({}));
+        throw new VorimError(
+          response.status,
+          errBody.error?.code || "UNKNOWN_ERROR",
+          errBody.error?.message || `HTTP ${response.status}`,
+          errBody.error?.details
+        );
+      }
+      const json = await response.json();
+      return json.data;
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+  pemToArrayBuffer(pem) {
+    const b64 = pem.replace(/-----[^-]+-----/g, "").replace(/\s/g, "");
+    const binary = atob(b64);
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+      bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes.buffer;
+  }
+  arrayBufferToBase64(buffer) {
+    const bytes = new Uint8Array(buffer);
+    let binary = "";
+    for (const byte of bytes) {
+      binary += String.fromCharCode(byte);
+    }
+    return btoa(binary);
+  }
+};
+var VorimError = class extends Error {
+  constructor(status, code, message, details) {
+    super(message);
+    this.status = status;
+    this.code = code;
+    this.details = details;
+    this.name = "VorimError";
+  }
+};
+function createVorim(config) {
+  return new VorimSDK(config);
+}
+export {
+  VorimError,
+  VorimSDK,
+  createVorim as default
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — TypeScript\n// Thin client wrapping the Vorim AI REST API\n// ============================================================================\n\nimport type {\n  Agent, AgentRegistrationInput, AgentRegistrationResult,\n  TrustRecord, AuditEventInput, PermissionScope, PermissionCheckResult,\n} from './types.js';\n\nexport interface VorimConfig {\n  apiKey: string;\n  baseUrl?: string;\n  timeout?: number;\n}\n\nexport class VorimSDK {\n  private apiKey: string;\n  private baseUrl: string;\n  private timeout: number;\n\n  constructor(config: VorimConfig) {\n    this.apiKey = config.apiKey;\n    this.baseUrl = (config.baseUrl || 'https://api.vorim.ai').replace(/\\/$/, '') + '/v1';\n    this.timeout = config.timeout || 10000;\n  }\n\n  // ─── Agent Identity ────────────────────────────────────────────────\n\n  /**\n   * Register a new agent with Vorim AI.\n   * Returns the agent identity and a private key (shown once).\n   */\n  async register(input: AgentRegistrationInput): Promise<AgentRegistrationResult> {\n    return this.post('/agents', input);\n  }\n\n  /**\n   * Verify an agent's identity via the public Trust API.\n   */\n  async verify(agentId: string): Promise<TrustRecord> {\n    return this.get(`/trust/verify/${agentId}`);\n  }\n\n  /**\n   * Get agent details.\n   */\n  async getAgent(agentId: string): Promise<Agent> {\n    return this.get(`/agents/${agentId}`);\n  }\n\n  /**\n   * List all agents in the organisation.\n   */\n  async listAgents(params?: { page?: number; per_page?: number; status?: string }): Promise<{ agents: Agent[]; meta: any }> {\n    const qs = new URLSearchParams(params as any).toString();\n    return this.get(`/agents${qs ? '?' + qs : ''}`);\n  }\n\n  /**\n   * Revoke an agent (permanent deactivation).\n   */\n  async revoke(agentId: string): Promise<void> {\n    await this.delete(`/agents/${agentId}`);\n  }\n\n  // ─── Permissions ──────────────────────────────────────────────────\n\n  /**\n   * Check if an agent has a specific permission scope.\n   * Target: < 5ms response via Redis cache.\n   */\n  async check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult> {\n    return this.post(`/agents/${agentId}/permissions/verify`, { scope });\n  }\n\n  /**\n   * Grant a permission scope to an agent.\n   */\n  async grant(agentId: string, scope: PermissionScope, options?: {\n    valid_until?: string;\n    rate_limit?: { max: number; window: string };\n  }): Promise<any> {\n    return this.post(`/agents/${agentId}/permissions`, { scope, ...options });\n  }\n\n  // ─── Audit ────────────────────────────────────────────────────────\n\n  /**\n   * Emit an audit event for an agent action.\n   */\n  async emit(event: AuditEventInput): Promise<{ ingested: number }> {\n    return this.post('/audit/events', { events: [event] });\n  }\n\n  /**\n   * Emit a batch of audit events (up to 1,000).\n   */\n  async emitBatch(events: AuditEventInput[]): Promise<{ ingested: number }> {\n    return this.post('/audit/events', { events });\n  }\n\n  // ─── Signing ──────────────────────────────────────────────────────\n\n  /**\n   * Sign a payload with an Ed25519 private key (client-side).\n   * Uses the Web Crypto API or Node.js crypto.\n   */\n  async sign(payload: string, privateKeyPem: string): Promise<string> {\n    if (typeof globalThis.crypto?.subtle !== 'undefined') {\n      // Web Crypto API\n      const keyData = this.pemToArrayBuffer(privateKeyPem);\n      const key = await globalThis.crypto.subtle.importKey(\n        'pkcs8', keyData, { name: 'Ed25519' }, false, ['sign']\n      );\n      const signature = await globalThis.crypto.subtle.sign(\n        'Ed25519', key, new TextEncoder().encode(payload)\n      );\n      return `ed25519:${this.arrayBufferToBase64(signature)}`;\n    } else {\n      // Node.js crypto fallback\n      const crypto = await import('node:crypto');\n      const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);\n      return `ed25519:${sign.toString('base64')}`;\n    }\n  }\n\n  // ─── HTTP Client ──────────────────────────────────────────────────\n\n  private async get(path: string): Promise<any> {\n    return this.request('GET', path);\n  }\n\n  private async post(path: string, body: any): Promise<any> {\n    return this.request('POST', path, body);\n  }\n\n  private async delete(path: string): Promise<any> {\n    return this.request('DELETE', path);\n  }\n\n  private async request(method: string, path: string, body?: any): Promise<any> {\n    const controller = new AbortController();\n    const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n    try {\n      const response = await fetch(`${this.baseUrl}${path}`, {\n        method,\n        headers: {\n          'Authorization': `Bearer ${this.apiKey}`,\n          'Content-Type': 'application/json',\n          'User-Agent': 'vorim-sdk/1.0.0',\n        },\n        body: body ? JSON.stringify(body) : undefined,\n        signal: controller.signal,\n      });\n\n      if (!response.ok) {\n        const errBody = await response.json().catch(() => ({})) as Record<string, any>;\n        throw new VorimError(\n          response.status,\n          errBody.error?.code || 'UNKNOWN_ERROR',\n          errBody.error?.message || `HTTP ${response.status}`,\n          errBody.error?.details\n        );\n      }\n\n      const json = await response.json() as Record<string, any>;\n      return json.data;\n    } finally {\n      clearTimeout(timeoutId);\n    }\n  }\n\n  private pemToArrayBuffer(pem: string): ArrayBuffer {\n    const b64 = pem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, '');\n    const binary = atob(b64);\n    const bytes = new Uint8Array(binary.length);\n    for (let i = 0; i < binary.length; i++) {\n      bytes[i] = binary.charCodeAt(i);\n    }\n    return bytes.buffer;\n  }\n\n  private arrayBufferToBase64(buffer: ArrayBuffer): string {\n    const bytes = new Uint8Array(buffer);\n    let binary = '';\n    for (const byte of bytes) {\n      binary += String.fromCharCode(byte);\n    }\n    return btoa(binary);\n  }\n}\n\nexport class VorimError extends Error {\n  constructor(\n    public status: number,\n    public code: string,\n    message: string,\n    public details?: Record<string, unknown>\n  ) {\n    super(message);\n    this.name = 'VorimError';\n  }\n}\n\n// ─── Convenience export ──────────────────────────────────────────────\n\nexport default function createVorim(config: VorimConfig): VorimSDK {\n  return new VorimSDK(config);\n}\n\n// Re-export types for consumers\nexport type {\n  Agent, AgentRegistrationInput, AgentRegistrationResult,\n  TrustRecord, AuditEventInput, AuditEventType, AuditResult,\n  PermissionScope, PermissionCheckResult, AgentStatus,\n} from './types.js';\n"],"mappings":";AAgBO,IAAM,WAAN,MAAe;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,SAAS,OAAO;AACrB,SAAK,WAAW,OAAO,WAAW,wBAAwB,QAAQ,OAAO,EAAE,IAAI;AAC/E,SAAK,UAAU,OAAO,WAAW;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SAAS,OAAiE;AAC9E,WAAO,KAAK,KAAK,WAAW,KAAK;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAuC;AAClD,WAAO,KAAK,IAAI,iBAAiB,OAAO,EAAE;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAiC;AAC9C,WAAO,KAAK,IAAI,WAAW,OAAO,EAAE;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAW,QAAyG;AACxH,UAAM,KAAK,IAAI,gBAAgB,MAAa,EAAE,SAAS;AACvD,WAAO,KAAK,IAAI,UAAU,KAAK,MAAM,KAAK,EAAE,EAAE;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAgC;AAC3C,UAAM,KAAK,OAAO,WAAW,OAAO,EAAE;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,MAAM,SAAiB,OAAwD;AACnF,WAAO,KAAK,KAAK,WAAW,OAAO,uBAAuB,EAAE,MAAM,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,SAAiB,OAAwB,SAGpC;AACf,WAAO,KAAK,KAAK,WAAW,OAAO,gBAAgB,EAAE,OAAO,GAAG,QAAQ,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,KAAK,OAAuD;AAChE,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,QAA0D;AACxE,WAAO,KAAK,KAAK,iBAAiB,EAAE,OAAO,CAAC;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAK,SAAiB,eAAwC;AAClE,QAAI,OAAO,WAAW,QAAQ,WAAW,aAAa;AAEpD,YAAM,UAAU,KAAK,iBAAiB,aAAa;AACnD,YAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,QACzC;AAAA,QAAS;AAAA,QAAS,EAAE,MAAM,UAAU;AAAA,QAAG;AAAA,QAAO,CAAC,MAAM;AAAA,MACvD;AACA,YAAM,YAAY,MAAM,WAAW,OAAO,OAAO;AAAA,QAC/C;AAAA,QAAW;AAAA,QAAK,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,MAClD;AACA,aAAO,WAAW,KAAK,oBAAoB,SAAS,CAAC;AAAA,IACvD,OAAO;AAEL,YAAM,SAAS,MAAM,OAAO,QAAa;AACzC,YAAM,OAAO,OAAO,KAAK,MAAM,OAAO,KAAK,OAAO,GAAG,aAAa;AAClE,aAAO,WAAW,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA,EAIA,MAAc,IAAI,MAA4B;AAC5C,WAAO,KAAK,QAAQ,OAAO,IAAI;AAAA,EACjC;AAAA,EAEA,MAAc,KAAK,MAAc,MAAyB;AACxD,WAAO,KAAK,QAAQ,QAAQ,MAAM,IAAI;AAAA,EACxC;AAAA,EAEA,MAAc,OAAO,MAA4B;AAC/C,WAAO,KAAK,QAAQ,UAAU,IAAI;AAAA,EACpC;AAAA,EAEA,MAAc,QAAQ,QAAgB,MAAc,MAA0B;AAC5E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,QACrD;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,UACtC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,IAAI;AAAA,UACR,SAAS;AAAA,UACT,QAAQ,OAAO,QAAQ;AAAA,UACvB,QAAQ,OAAO,WAAW,QAAQ,SAAS,MAAM;AAAA,UACjD,QAAQ,OAAO;AAAA,QACjB;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,UAAE;AACA,mBAAa,SAAS;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,MAAM,IAAI,QAAQ,oBAAoB,EAAE,EAAE,QAAQ,OAAO,EAAE;AACjE,UAAM,SAAS,KAAK,GAAG;AACvB,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,IAChC;AACA,WAAO,MAAM;AAAA,EACf;AAAA,EAEQ,oBAAoB,QAA6B;AACvD,UAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,QAAI,SAAS;AACb,eAAW,QAAQ,OAAO;AACxB,gBAAU,OAAO,aAAa,IAAI;AAAA,IACpC;AACA,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,MAAM;AAAA,EACpC,YACS,QACA,MACP,SACO,SACP;AACA,UAAM,OAAO;AALN;AACA;AAEA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAIe,SAAR,YAA6B,QAA+B;AACjE,SAAO,IAAI,SAAS,MAAM;AAC5B;","names":[]}

package/package.json

@@ -0,0 +1,61 @@
+{
+  "name": "@vorim/sdk",
+  "version": "1.0.0",
+  "description": "Official TypeScript SDK for Vorim AI — AI Agent Identity, Permissions & Audit",
+  "type": "module",
+  "main": "dist/index.cjs",
+  "module": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "prepublishOnly": "npm run build",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {},
+  "devDependencies": {
+    "@vorim/shared-types": "*",
+    "tsup": "^8.5.1",
+    "typescript": "^5.4.0"
+  },
+  "keywords": [
+    "ai-agent",
+    "agent-identity",
+    "trust",
+    "permissions",
+    "audit",
+    "ed25519",
+    "vorim",
+    "typescript"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Kzino/vorim-protocol",
+    "directory": "packages/sdk"
+  },
+  "homepage": "https://vorim.ai",
+  "bugs": {
+    "url": "https://github.com/Kzino/vorim-protocol/issues"
+  },
+  "author": "Vorim AI <hello@vorim.ai>",
+  "license": "MIT",
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}