@vorim/sdk 3.0.2 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/README.md +27 -10
  2. package/dist/index.cjs +268 -10
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.d.cts +300 -4
  5. package/dist/index.d.ts +300 -4
  6. package/dist/index.js +256 -9
  7. package/dist/index.js.map +1 -1
  8. package/dist/integrations/anthropic.cjs +108 -4
  9. package/dist/integrations/anthropic.cjs.map +1 -1
  10. package/dist/integrations/anthropic.d.cts +13 -2
  11. package/dist/integrations/anthropic.d.ts +13 -2
  12. package/dist/integrations/anthropic.js +96 -4
  13. package/dist/integrations/anthropic.js.map +1 -1
  14. package/dist/integrations/crewai.cjs +8 -2
  15. package/dist/integrations/crewai.cjs.map +1 -1
  16. package/dist/integrations/crewai.d.cts +18 -0
  17. package/dist/integrations/crewai.d.ts +18 -0
  18. package/dist/integrations/crewai.js +8 -2
  19. package/dist/integrations/crewai.js.map +1 -1
  20. package/dist/integrations/langchain.cjs +140 -10
  21. package/dist/integrations/langchain.cjs.map +1 -1
  22. package/dist/integrations/langchain.d.cts +23 -2
  23. package/dist/integrations/langchain.d.ts +23 -2
  24. package/dist/integrations/langchain.js +128 -10
  25. package/dist/integrations/langchain.js.map +1 -1
  26. package/dist/integrations/llamaindex.cjs +96 -4
  27. package/dist/integrations/llamaindex.cjs.map +1 -1
  28. package/dist/integrations/llamaindex.d.cts +7 -1
  29. package/dist/integrations/llamaindex.d.ts +7 -1
  30. package/dist/integrations/llamaindex.js +84 -4
  31. package/dist/integrations/llamaindex.js.map +1 -1
  32. package/dist/integrations/openai.cjs +108 -4
  33. package/dist/integrations/openai.cjs.map +1 -1
  34. package/dist/integrations/openai.d.cts +15 -2
  35. package/dist/integrations/openai.d.ts +15 -2
  36. package/dist/integrations/openai.js +96 -4
  37. package/dist/integrations/openai.js.map +1 -1
  38. package/package.json +2 -2
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — TypeScript\n// Thin client wrapping the Vorim AI REST API\n// ============================================================================\n\nimport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, PermissionScope, PermissionCheckResult,\n} from './types.js';\n\n// Keep in sync with package.json version. Used in the User-Agent header.\nconst SDK_VERSION = '3.0.2';\nconst USER_AGENT = `vorim-sdk/${SDK_VERSION}`;\n\nexport interface VorimConfig {\n apiKey: string;\n baseUrl?: string;\n timeout?: number;\n}\n\nexport class VorimSDK {\n private apiKey: string;\n private baseUrl: string;\n private timeout: number;\n\n constructor(config: VorimConfig) {\n this.apiKey = config.apiKey;\n this.baseUrl = (config.baseUrl || 'https://api.vorim.ai').replace(/\\/$/, '') + '/v1';\n this.timeout = config.timeout || 10000;\n }\n\n // ─── Health Check ────────────────────────────────────────────────\n\n /**\n * Ping the Vorim API to verify connectivity and API key validity.\n * Returns { status, timestamp } on success, throws VorimError on failure.\n */\n async ping(): Promise<{ status: string; timestamp: string }> {\n const response = await fetch(`${this.baseUrl.replace('/v1', '')}/health`, {\n headers: { 'User-Agent': USER_AGENT },\n signal: AbortSignal.timeout(this.timeout),\n });\n if (!response.ok) throw new VorimError(response.status, 'UNREACHABLE', 'Vorim API is not reachable');\n return response.json() as Promise<{ status: string; timestamp: string }>;\n }\n\n // ─── Agent Identity ────────────────────────────────────────────────\n\n /**\n * Register a new agent with Vorim AI.\n * Returns the agent identity and a private key (shown once).\n */\n async register(input: AgentRegistrationInput): Promise<AgentRegistrationResult> {\n return this.post('/agents', input);\n }\n\n /**\n * Verify an agent's identity via the public Trust API.\n */\n async verify(agentId: string): Promise<TrustRecord> {\n return this.get(`/trust/verify/${agentId}`);\n }\n\n /**\n * Get agent details.\n */\n async getAgent(agentId: string): Promise<Agent> {\n return this.get(`/agents/${agentId}`);\n }\n\n /**\n * List all agents in the organisation.\n */\n async listAgents(params?: { page?: number; per_page?: number; status?: string }): Promise<{ agents: Agent[]; meta: any }> {\n const qs = new URLSearchParams(params as any).toString();\n return this.get(`/agents${qs ? '?' + qs : ''}`);\n }\n\n /**\n * Update an agent's metadata.\n */\n async updateAgent(agentId: string, updates: Partial<Pick<Agent, 'name' | 'description' | 'status' | 'capabilities'>>): Promise<Agent> {\n return this.patch(`/agents/${agentId}`, updates);\n }\n\n /**\n * Revoke an agent (permanent deactivation).\n */\n async revoke(agentId: string): Promise<void> {\n await this.delete(`/agents/${agentId}`);\n }\n\n // ─── Permissions ──────────────────────────────────────────────────\n\n /**\n * Check if an agent has a specific permission scope.\n * Target: < 5ms response via Redis cache.\n */\n async check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult> {\n return this.post(`/agents/${agentId}/permissions/verify`, { scope });\n }\n\n /**\n * Grant a permission scope to an agent.\n */\n async grant(agentId: string, scope: PermissionScope, options?: {\n valid_until?: string;\n rate_limit?: { max: number; window: string };\n }): Promise<any> {\n return this.post(`/agents/${agentId}/permissions`, { scope, ...options });\n }\n\n /**\n * List all active permissions for an agent.\n */\n async listPermissions(agentId: string): Promise<any[]> {\n return this.get(`/agents/${agentId}/permissions`);\n }\n\n /**\n * Revoke a specific permission scope from an agent.\n */\n async revokePermission(agentId: string, scope: PermissionScope): Promise<any> {\n return this.delete(`/agents/${agentId}/permissions/${scope}`);\n }\n\n // ─── Audit ────────────────────────────────────────────────────────\n\n /**\n * Emit an audit event for an agent action.\n */\n async emit(event: AuditEventInput): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events: [event] });\n }\n\n /**\n * Emit a batch of audit events (up to 1,000).\n */\n async emitBatch(events: AuditEventInput[]): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events });\n }\n\n /**\n * Export a signed audit bundle for a date range.\n */\n async exportAudit(from: string, to: string, format: string = 'json'): Promise<any> {\n return this.post('/audit/export', { from, to, format });\n }\n\n // ─── API Keys ──────────────────────────────────────────────────────\n\n /**\n * List all API keys for the organisation.\n */\n async listApiKeys(): Promise<any[]> {\n return this.get('/api-keys');\n }\n\n /**\n * Create a new API key.\n */\n async createApiKey(name: string, options?: { scopes?: string[]; expires_at?: string }): Promise<any> {\n return this.post('/api-keys', { name, ...options });\n }\n\n /**\n * Revoke an API key.\n */\n async deleteApiKey(keyId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/api-keys/${keyId}`);\n }\n\n // ─── Ephemeral Agents ──────────────────────────────────────────────\n\n /**\n * Register an ephemeral agent with W3C did:key identity.\n * The agent auto-expires after the specified TTL.\n */\n async registerEphemeral(input: {\n capabilities: string[];\n scopes: string[];\n ttl_seconds?: number;\n }): Promise<any> {\n return this.post('/agents/ephemeral', input);\n }\n\n // ─── Credential Delegation ──────────────────────────────────────────\n\n /**\n * Register an OAuth provider for credential delegation.\n */\n async registerProvider(input: {\n provider_key: string;\n display_name?: string;\n client_id: string;\n client_secret: string;\n auth_url: string;\n token_url: string;\n revoke_url?: string;\n scopes_available?: string[];\n }): Promise<any> {\n return this.post('/credentials/providers', input);\n }\n\n /**\n * List registered OAuth providers.\n */\n async listProviders(): Promise<any[]> {\n return this.get('/credentials/providers');\n }\n\n /**\n * Store an OAuth connection (user's authorized tokens).\n */\n async storeConnection(input: {\n provider_id: string;\n refresh_token: string;\n scopes_granted: string[];\n external_account_id?: string;\n }): Promise<any> {\n return this.post('/credentials/connections', input);\n }\n\n /**\n * List OAuth connections.\n */\n async listConnections(): Promise<any[]> {\n return this.get('/credentials/connections');\n }\n\n /**\n * Delegate a credential to an agent.\n * The agent will be able to request short-lived access tokens\n * for the delegated scopes without ever seeing the refresh token.\n */\n async delegateCredential(input: {\n connection_id: string;\n agent_id: string;\n scopes_delegated: string[];\n max_requests_per_hr?: number;\n valid_until?: string;\n }): Promise<any> {\n return this.post('/credentials/delegations', input);\n }\n\n /**\n * List credential delegations for the organisation or a specific agent.\n */\n async listDelegations(agentId?: string): Promise<any[]> {\n const params = agentId ? `?agent_id=${agentId}` : '';\n return this.get(`/credentials/delegations${params}`);\n }\n\n /**\n * Revoke a credential delegation (cascades to delegation chains).\n */\n async revokeDelegation(delegationId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/credentials/delegations/${delegationId}`);\n }\n\n /**\n * Request a short-lived access token for an agent.\n * The agent must have an active credential delegation.\n * The refresh token is never exposed — the platform proxies the request.\n */\n async requestToken(input: {\n agent_id: string;\n scope: string;\n provider_id?: string;\n }): Promise<{\n access_token: string;\n token_type: string;\n expires_in: number;\n scope: string;\n delegation_id: string;\n }> {\n return this.post('/credentials/token', input);\n }\n\n // ─── Signing ──────────────────────────────────────────────────────\n\n /**\n * Sign a payload with an Ed25519 private key (client-side).\n * Uses the Web Crypto API or Node.js crypto.\n */\n async sign(payload: string, privateKeyPem: string): Promise<string> {\n if (typeof globalThis.crypto?.subtle !== 'undefined') {\n // Web Crypto API\n const keyData = this.pemToArrayBuffer(privateKeyPem);\n const key = await globalThis.crypto.subtle.importKey(\n 'pkcs8', keyData, { name: 'Ed25519' }, false, ['sign']\n );\n const signature = await globalThis.crypto.subtle.sign(\n 'Ed25519', key, new TextEncoder().encode(payload)\n );\n return `ed25519:${this.arrayBufferToBase64(signature)}`;\n } else {\n // Node.js crypto fallback\n const crypto = await import('node:crypto');\n const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);\n return `ed25519:${sign.toString('base64')}`;\n }\n }\n\n // ─── HTTP Client ──────────────────────────────────────────────────\n\n private async get(path: string): Promise<any> {\n return this.request('GET', path);\n }\n\n private async post(path: string, body: any): Promise<any> {\n return this.request('POST', path, body);\n }\n\n private async patch(path: string, body: any): Promise<any> {\n return this.request('PATCH', path, body);\n }\n\n private async delete(path: string): Promise<any> {\n return this.request('DELETE', path);\n }\n\n private async request(method: string, path: string, body?: any): Promise<any> {\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.apiKey}`,\n 'Content-Type': 'application/json',\n 'User-Agent': USER_AGENT,\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n if (!response.ok) {\n const errBody = await response.json().catch(() => ({})) as Record<string, any>;\n throw new VorimError(\n response.status,\n errBody.error?.code || 'UNKNOWN_ERROR',\n errBody.error?.message || `HTTP ${response.status}`,\n errBody.error?.details\n );\n }\n\n const json = await response.json() as Record<string, any>;\n return json.data;\n } finally {\n clearTimeout(timeoutId);\n }\n }\n\n private pemToArrayBuffer(pem: string): ArrayBuffer {\n const b64 = pem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, '');\n const binary = atob(b64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n }\n\n private arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary);\n }\n}\n\nexport class VorimError extends Error {\n constructor(\n public status: number,\n public code: string,\n message: string,\n public details?: Record<string, unknown>\n ) {\n super(message);\n this.name = 'VorimError';\n }\n}\n\n// ─── Convenience export ──────────────────────────────────────────────\n\nexport default function createVorim(config: VorimConfig): VorimSDK {\n return new VorimSDK(config);\n}\n\n// Re-export types for consumers\nexport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, AuditEventType, AuditResult,\n PermissionScope, PermissionCheckResult, AgentStatus,\n} from './types.js';\n"],"mappings":";AAWA,IAAM,cAAc;AACpB,IAAM,aAAa,aAAa,WAAW;AAQpC,IAAM,WAAN,MAAe;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,SAAS,OAAO;AACrB,SAAK,WAAW,OAAO,WAAW,wBAAwB,QAAQ,OAAO,EAAE,IAAI;AAC/E,SAAK,UAAU,OAAO,WAAW;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAuD;AAC3D,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,QAAQ,QAAQ,OAAO,EAAE,CAAC,WAAW;AAAA,MACxE,SAAS,EAAE,cAAc,WAAW;AAAA,MACpC,QAAQ,YAAY,QAAQ,KAAK,OAAO;AAAA,IAC1C,CAAC;AACD,QAAI,CAAC,SAAS,GAAI,OAAM,IAAI,WAAW,SAAS,QAAQ,eAAe,4BAA4B;AACnG,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SAAS,OAAiE;AAC9E,WAAO,KAAK,KAAK,WAAW,KAAK;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAuC;AAClD,WAAO,KAAK,IAAI,iBAAiB,OAAO,EAAE;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAiC;AAC9C,WAAO,KAAK,IAAI,WAAW,OAAO,EAAE;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAW,QAAyG;AACxH,UAAM,KAAK,IAAI,gBAAgB,MAAa,EAAE,SAAS;AACvD,WAAO,KAAK,IAAI,UAAU,KAAK,MAAM,KAAK,EAAE,EAAE;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAiB,SAAmG;AACpI,WAAO,KAAK,MAAM,WAAW,OAAO,IAAI,OAAO;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAgC;AAC3C,UAAM,KAAK,OAAO,WAAW,OAAO,EAAE;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,MAAM,SAAiB,OAAwD;AACnF,WAAO,KAAK,KAAK,WAAW,OAAO,uBAAuB,EAAE,MAAM,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,SAAiB,OAAwB,SAGpC;AACf,WAAO,KAAK,KAAK,WAAW,OAAO,gBAAgB,EAAE,OAAO,GAAG,QAAQ,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAiC;AACrD,WAAO,KAAK,IAAI,WAAW,OAAO,cAAc;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,SAAiB,OAAsC;AAC5E,WAAO,KAAK,OAAO,WAAW,OAAO,gBAAgB,KAAK,EAAE;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,KAAK,OAAuD;AAChE,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,QAA0D;AACxE,WAAO,KAAK,KAAK,iBAAiB,EAAE,OAAO,CAAC;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,MAAc,IAAY,SAAiB,QAAsB;AACjF,WAAO,KAAK,KAAK,iBAAiB,EAAE,MAAM,IAAI,OAAO,CAAC;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAA8B;AAClC,WAAO,KAAK,IAAI,WAAW;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,MAAc,SAAoE;AACnG,WAAO,KAAK,KAAK,aAAa,EAAE,MAAM,GAAG,QAAQ,CAAC;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,OAA8C;AAC/D,WAAO,KAAK,OAAO,aAAa,KAAK,EAAE;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,kBAAkB,OAIP;AACf,WAAO,KAAK,KAAK,qBAAqB,KAAK;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,iBAAiB,OASN;AACf,WAAO,KAAK,KAAK,0BAA0B,KAAK;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgC;AACpC,WAAO,KAAK,IAAI,wBAAwB;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,OAKL;AACf,WAAO,KAAK,KAAK,4BAA4B,KAAK;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,kBAAkC;AACtC,WAAO,KAAK,IAAI,0BAA0B;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,mBAAmB,OAMR;AACf,WAAO,KAAK,KAAK,4BAA4B,KAAK;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAkC;AACtD,UAAM,SAAS,UAAU,aAAa,OAAO,KAAK;AAClD,WAAO,KAAK,IAAI,2BAA2B,MAAM,EAAE;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,cAAqD;AAC1E,WAAO,KAAK,OAAO,4BAA4B,YAAY,EAAE;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa,OAUhB;AACD,WAAO,KAAK,KAAK,sBAAsB,KAAK;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAK,SAAiB,eAAwC;AAClE,QAAI,OAAO,WAAW,QAAQ,WAAW,aAAa;AAEpD,YAAM,UAAU,KAAK,iBAAiB,aAAa;AACnD,YAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,QACzC;AAAA,QAAS;AAAA,QAAS,EAAE,MAAM,UAAU;AAAA,QAAG;AAAA,QAAO,CAAC,MAAM;AAAA,MACvD;AACA,YAAM,YAAY,MAAM,WAAW,OAAO,OAAO;AAAA,QAC/C;AAAA,QAAW;AAAA,QAAK,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,MAClD;AACA,aAAO,WAAW,KAAK,oBAAoB,SAAS,CAAC;AAAA,IACvD,OAAO;AAEL,YAAM,SAAS,MAAM,OAAO,QAAa;AACzC,YAAM,OAAO,OAAO,KAAK,MAAM,OAAO,KAAK,OAAO,GAAG,aAAa;AAClE,aAAO,WAAW,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA,EAIA,MAAc,IAAI,MAA4B;AAC5C,WAAO,KAAK,QAAQ,OAAO,IAAI;AAAA,EACjC;AAAA,EAEA,MAAc,KAAK,MAAc,MAAyB;AACxD,WAAO,KAAK,QAAQ,QAAQ,MAAM,IAAI;AAAA,EACxC;AAAA,EAEA,MAAc,MAAM,MAAc,MAAyB;AACzD,WAAO,KAAK,QAAQ,SAAS,MAAM,IAAI;AAAA,EACzC;AAAA,EAEA,MAAc,OAAO,MAA4B;AAC/C,WAAO,KAAK,QAAQ,UAAU,IAAI;AAAA,EACpC;AAAA,EAEA,MAAc,QAAQ,QAAgB,MAAc,MAA0B;AAC5E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,QACrD;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,UACtC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,IAAI;AAAA,UACR,SAAS;AAAA,UACT,QAAQ,OAAO,QAAQ;AAAA,UACvB,QAAQ,OAAO,WAAW,QAAQ,SAAS,MAAM;AAAA,UACjD,QAAQ,OAAO;AAAA,QACjB;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,UAAE;AACA,mBAAa,SAAS;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,MAAM,IAAI,QAAQ,oBAAoB,EAAE,EAAE,QAAQ,OAAO,EAAE;AACjE,UAAM,SAAS,KAAK,GAAG;AACvB,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,IAChC;AACA,WAAO,MAAM;AAAA,EACf;AAAA,EAEQ,oBAAoB,QAA6B;AACvD,UAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,QAAI,SAAS;AACb,eAAW,QAAQ,OAAO;AACxB,gBAAU,OAAO,aAAa,IAAI;AAAA,IACpC;AACA,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,MAAM;AAAA,EACpC,YACS,QACA,MACP,SACO,SACP;AACA,UAAM,OAAO;AALN;AACA;AAEA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAIe,SAAR,YAA6B,QAA+B;AACjE,SAAO,IAAI,SAAS,MAAM;AAC5B;","names":[]}
1
+ {"version":3,"sources":["../src/replay.ts","../src/index.ts"],"sourcesContent":["/**\n * Replayable agent decision evidence helpers.\n *\n * Canonical-form hashing for the VAIP -02 schema fields that the SDK\n * attaches to audit events. The hashes recorded in audit_events.tool_catalogue_hash\n * and audit_events.system_prompt_hash use these functions, so the bytes\n * an auditor or counterparty reconstructs must match what the SDK produced.\n *\n * These helpers are intentionally separate from the signing path. The\n * v0 canonical signature form (event_type|action|resource|input_hash|\n * output_hash|result) does NOT cover model_version, tool_catalogue_hash,\n * or system_prompt_hash. They will enter the canonical bytes in v1\n * (RFC 8785 JCS) in a follow-up release.\n *\n * Stable across SDK versions: the canonical-form version is documented\n * in CANONICAL_TOOL_CATALOGUE_VERSION. Future changes get a v2 etc;\n * never edit the existing v1 logic, or already-recorded hashes lose\n * their meaning.\n */\n\n// ─── Versioning ───────────────────────────────────────────────────────────\n\n/**\n * Canonical-form version for tool catalogue hashes produced by this SDK.\n * Recorded in tool_catalogue_canon_version on the event metadata (when\n * the metadata field is used) so verifiers know which hash recipe to\n * reproduce. Increment ONLY if the algorithm changes in a way that\n * would change the hash for the same logical catalogue.\n */\nexport const CANONICAL_TOOL_CATALOGUE_VERSION = 'v1' as const;\n\n// ─── Types ────────────────────────────────────────────────────────────────\n\n/**\n * Minimum shape a tool needs for catalogue hashing. The framework\n * integrations adapt their native tool objects to this shape before\n * calling hashToolCatalogue.\n */\nexport interface CatalogueTool {\n /** The name the model sees and calls. Required. */\n name: string;\n /** Human-readable description shown to the model. Optional; absent ↔ empty string. */\n description?: string;\n /**\n * JSON Schema describing the tool's input parameters. Optional;\n * absent ↔ empty object `{}`. The schema gets RFC 8785 JCS-canonicalised\n * before hashing so semantically-equivalent variations (key order,\n * whitespace) produce the same hash.\n */\n schema?: Record<string, unknown> | null;\n}\n\n// ─── RFC 8785 JCS subset ──────────────────────────────────────────────────\n\n/**\n * RFC 8785 JSON Canonicalization Scheme, sufficient subset for tool\n * catalogue values.\n *\n * Rules:\n * - Object keys sorted lexicographically by UTF-16 code units (which\n * is what JS string comparison does naturally).\n * - No whitespace between tokens.\n * - Numbers: integers as integers, finite floats per ECMAScript\n * Number.prototype.toString. JCS forbids NaN and Infinity.\n * - Strings: JSON-escape using minimal set per RFC 8259 § 7.\n * - null, true, false, arrays: as JSON.stringify produces them, since\n * JSON.stringify already produces the canonical form for these.\n *\n * Not vendoring a full library because tool schemas don't carry\n * non-integer numbers in practice and the JS spec for Number.toString\n * happens to coincide with JCS § 3.2.2.2 for the integer case.\n */\nexport function jcsCanonicalise(value: unknown): string {\n if (value === null) return 'null';\n if (value === true) return 'true';\n if (value === false) return 'false';\n\n if (typeof value === 'number') {\n if (!Number.isFinite(value)) {\n throw new Error('jcsCanonicalise: NaN and Infinity are not JCS-valid');\n }\n // For integers in safe range, .toString() matches JCS. For\n // non-integer floats, .toString() also matches in modern JS\n // engines (V8, JavaScriptCore, SpiderMonkey all use the shortest\n // round-trip representation, which is what JCS § 3.2.2.2 requires).\n return value.toString();\n }\n\n if (typeof value === 'string') {\n return JSON.stringify(value);\n }\n\n if (Array.isArray(value)) {\n return '[' + value.map(jcsCanonicalise).join(',') + ']';\n }\n\n if (typeof value === 'object') {\n const keys = Object.keys(value as Record<string, unknown>).sort();\n const parts = keys.map(k => {\n return JSON.stringify(k) + ':' + jcsCanonicalise((value as Record<string, unknown>)[k]);\n });\n return '{' + parts.join(',') + '}';\n }\n\n // undefined, function, symbol, bigint — not JSON-representable\n throw new Error(`jcsCanonicalise: unsupported value type: ${typeof value}`);\n}\n\n// ─── SHA-256 ──────────────────────────────────────────────────────────────\n\nasync function sha256Hex(input: string | Uint8Array): Promise<string> {\n const bytes = typeof input === 'string' ? new TextEncoder().encode(input) : input;\n\n // Node.js Web Crypto (Node 18+) supports digest. Browser Web Crypto does too.\n // Fall back to node:crypto if Web Crypto is unavailable.\n const subtle = (globalThis as any).crypto?.subtle;\n if (subtle) {\n const buf = await subtle.digest('SHA-256', bytes);\n return Array.from(new Uint8Array(buf))\n .map(b => b.toString(16).padStart(2, '0'))\n .join('');\n }\n\n // Node fallback\n const nodeCrypto = await import('node:crypto');\n return nodeCrypto.createHash('sha256').update(bytes).digest('hex');\n}\n\n// ─── Public API ───────────────────────────────────────────────────────────\n\n/**\n * Hash a single tool definition. Returns `sha256:<hex>`.\n *\n * Canonical form (v1):\n * JCS-canonicalised JSON of `{name, description, schema}` where\n * absent fields substitute `description: \"\"` and `schema: {}`.\n */\nexport async function hashTool(tool: CatalogueTool): Promise<string> {\n const normalised = {\n name: tool.name,\n description: tool.description ?? '',\n schema: tool.schema ?? {},\n };\n const hex = await sha256Hex(jcsCanonicalise(normalised));\n return `sha256:${hex}`;\n}\n\n/**\n * Hash an entire tool catalogue. Returns `sha256:<hex>`.\n *\n * Reordering tools does NOT change the hash (tool hashes sorted\n * lexicographically before concatenation). Adding, removing, or\n * modifying a tool DOES change the hash.\n *\n * Per-tool hashing first means a verifier comparing two catalogue\n * hashes that differ can also be given the per-tool hashes to\n * identify which specific tool changed.\n */\nexport async function hashToolCatalogue(tools: CatalogueTool[]): Promise<string> {\n if (tools.length === 0) {\n // Empty catalogue has a deterministic, stable hash distinct from \"no field\"\n return `sha256:${await sha256Hex('[]')}`;\n }\n const perTool = await Promise.all(tools.map(hashTool));\n perTool.sort();\n const hex = await sha256Hex(perTool.join(''));\n return `sha256:${hex}`;\n}\n\n/**\n * Hash a system prompt. Returns `sha256:<hex>`.\n *\n * The prompt is UTF-8 encoded and hashed verbatim — no normalisation.\n * If a caller wants to ignore whitespace or comment differences, they\n * should normalise before calling. The intent here is deterministic\n * reproducibility, not semantic equivalence.\n */\nexport async function hashSystemPrompt(prompt: string): Promise<string> {\n const hex = await sha256Hex(prompt);\n return `sha256:${hex}`;\n}\n\n/**\n * Convenience: hash the previous event's canonical bytes for use in\n * the prev_event_hash field of hash-chained ingest. Caller provides\n * the canonical bytes (use canonicalPayloadV0 from the main module).\n */\nexport async function hashPreviousEvent(canonicalBytes: string): Promise<string> {\n const hex = await sha256Hex(canonicalBytes);\n return `sha256:${hex}`;\n}\n\n// ─── Replay context — framework integration helper ────────────────────────\n\n/**\n * Raw inputs the integration captures from the framework. Set by the\n * integration's config; turned into hashes by {@link prepareReplayContext}.\n */\nexport interface ReplayInputs {\n /** Stable identifier for the model. E.g. `\"anthropic:claude-opus-4-8\"`. */\n modelVersion?: string;\n /** Tools available to the agent at call time. Hashed via {@link hashToolCatalogue}. */\n tools?: CatalogueTool[];\n /** System prompt active at call time. Hashed via {@link hashSystemPrompt}. */\n systemPrompt?: string;\n}\n\n/**\n * Pre-computed hashes ready to attach to audit events. The three keys\n * match the audit_events column names.\n */\nexport interface ReplayContext {\n model_version?: string;\n tool_catalogue_hash?: string;\n system_prompt_hash?: string;\n}\n\n/**\n * Compute replay context once from raw inputs. Use at integration\n * setup time so each emit can attach the hashes without re-hashing.\n *\n * Returns an object suitable for spreading into an AuditEventInput:\n * `await vorim.emit({ ...event, ...replayContext })`\n *\n * If a field is absent in the inputs, it is absent in the result\n * (not the empty string). That keeps the event lean.\n */\nexport async function prepareReplayContext(\n inputs: ReplayInputs,\n): Promise<ReplayContext> {\n const ctx: ReplayContext = {};\n if (inputs.modelVersion) ctx.model_version = inputs.modelVersion;\n if (inputs.tools) ctx.tool_catalogue_hash = await hashToolCatalogue(inputs.tools);\n if (inputs.systemPrompt) ctx.system_prompt_hash = await hashSystemPrompt(inputs.systemPrompt);\n return ctx;\n}\n","// ============================================================================\n// VORIM SDK — TypeScript\n// Thin client wrapping the Vorim AI REST API\n// ============================================================================\n\nimport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, PermissionScope, PermissionCheckResult,\n} from './types.js';\nimport { jcsCanonicalise, hashPreviousEvent } from './replay.js';\n\n// __SDK_VERSION__ is replaced at build time (tsup define) with the package.json\n// version, so the User-Agent always matches the published version. Falls back to\n// '0.0.0' when run un-bundled (e.g. ts-node / tests) where the define isn't applied.\ndeclare const __SDK_VERSION__: string | undefined;\nconst SDK_VERSION = typeof __SDK_VERSION__ !== 'undefined' ? __SDK_VERSION__ : '0.0.0';\nconst USER_AGENT = `vorim-sdk/${SDK_VERSION}`;\n\nexport interface VorimConfig {\n apiKey: string;\n baseUrl?: string;\n timeout?: number;\n /**\n * Auto-sign audit events with the agent's private key at emit time.\n * Default true in v3.1+. Set to false to opt out globally.\n * When enabled, the SDK signs the event using whichever private key was\n * stored via {@link VorimSDK.useAgentKey} or returned by\n * {@link VorimSDK.register}. Events for unknown agents pass through unsigned.\n */\n autoSign?: boolean;\n /**\n * Canonical form to use when signing. Default `\"v0\"` for backward-compat\n * with `@vorim/sdk` 3.1.x. Set to `\"v1\"` to sign the full event object\n * via RFC 8785 JCS, covering replayable-evidence fields (model_version,\n * tool_catalogue_hash, system_prompt_hash, prev_event_hash). v1 events\n * carry `canonical_form: \"v1\"` on the wire so the server can dispatch\n * verification correctly.\n */\n canonicalForm?: 'v0' | 'v1';\n /**\n * Hash-chain events per agent so deletion of a single audit row\n * becomes detectable. Default `false` (no chaining). When enabled,\n * the SDK sets `prev_event_hash` on each event to SHA-256 of the\n * previous event's canonical bytes for the same agent. The first\n * event after enable / process restart has `prev_event_hash = null`,\n * which the verifier reports as `chain_restart` (informational, not\n * a failure). Chain integrity is checked by `@vorim/verify`.\n */\n chainEvents?: boolean;\n}\n\n/**\n * VAIP v0 canonical bytes used by Vorim's per-event signing.\n *\n * Pipe-joined content fields with empty-string substitution for missing values.\n * This is intentionally duplicated from `@vorim/shared-types` so the published\n * SDK ships with zero runtime dependencies. A parity test in this package\n * imports both definitions and asserts byte-exact equality across a fixture\n * matrix, so they cannot drift silently.\n *\n * To upgrade the format, version the function (`canonicalPayloadV1`) — never\n * edit this one. Old signatures must remain verifiable.\n */\nexport function canonicalPayloadV0(event: AuditEventInput): string {\n return [\n event.event_type,\n event.action,\n event.resource ?? '',\n event.input_hash ?? '',\n event.output_hash ?? '',\n event.result,\n ].join('|');\n}\n\n/**\n * VAIP v1 canonical bytes for audit-event signing (RFC 8785 JCS).\n *\n * Signs the full event object excluding `signature` (the field being\n * computed) and `canonical_form` (metadata about the recipe). Unlike v0,\n * v1 covers the replayable-evidence fields and the metadata field.\n *\n * Re-exports `jcsCanonicalise` from `./replay.js` which is the byte-exact\n * twin of `@vorim/shared-types`' implementation. The cross-language parity\n * script enforces equivalence with the Python SDK.\n */\nexport function canonicalPayloadV1(event: AuditEventInput): string {\n // Strip the fields that are out of scope for v1 signing.\n const { signature: _sig, canonical_form: _cf, ...rest } = event as Record<string, unknown> & AuditEventInput;\n return jcsCanonicalise(rest);\n}\n\nexport class VorimSDK {\n private apiKey: string;\n private baseUrl: string;\n private timeout: number;\n private autoSign: boolean;\n private canonicalForm: 'v0' | 'v1';\n private chainEvents: boolean;\n /**\n * In-memory keyring mapping agent_id -> PEM-encoded Ed25519 private key.\n * Populated automatically by register() and registerEphemeral(), or\n * explicitly via useAgentKey(). Lost on process restart by design; the\n * caller is responsible for durable key storage.\n */\n private agentKeys: Map<string, string> = new Map();\n /**\n * Per-agent hash of the last emitted event's canonical bytes. Used to\n * populate prev_event_hash on the next emit when chainEvents is on.\n * Empty string ↔ no previous event (chain restart). Reset by\n * forgetAgentKey() so reusing an agent_id after revocation doesn't\n * link to the old chain.\n */\n private lastEventHash: Map<string, string> = new Map();\n /**\n * Per-agent emit promise. Each new emit awaits the previous one so\n * the chain is constructed in order. Concurrent emits to the same\n * agent are serialised (correct); concurrent emits to different\n * agents remain parallel (fast).\n */\n private chainLocks: Map<string, Promise<void>> = new Map();\n\n constructor(config: VorimConfig) {\n this.apiKey = config.apiKey;\n this.baseUrl = (config.baseUrl || 'https://api.vorim.ai').replace(/\\/$/, '') + '/v1';\n this.timeout = config.timeout || 10000;\n this.autoSign = config.autoSign !== false;\n this.canonicalForm = config.canonicalForm ?? 'v0';\n this.chainEvents = config.chainEvents ?? false;\n }\n\n /**\n * Register a previously-issued agent keypair so this SDK instance can\n * auto-sign events for it on emit. Use this when restoring an agent across\n * process restarts: read the agent's private_key from durable storage,\n * call useAgentKey(agentId, privateKey), and emit() will sign automatically.\n */\n useAgentKey(agentId: string, privateKeyPem: string): void {\n this.agentKeys.set(agentId, privateKeyPem);\n }\n\n /**\n * Forget an agent's signing key (e.g. after revocation). Subsequent emit()\n * calls for that agent will pass through unsigned unless a key is provided\n * inline. Also clears the per-agent chain state — re-using the same\n * agent_id after revocation does NOT link to the old chain.\n */\n forgetAgentKey(agentId: string): void {\n this.agentKeys.delete(agentId);\n this.lastEventHash.delete(agentId);\n this.chainLocks.delete(agentId);\n }\n\n // ─── Health Check ────────────────────────────────────────────────\n\n /**\n * Ping the Vorim API to verify connectivity and API key validity.\n * Returns { status, timestamp } on success, throws VorimError on failure.\n */\n async ping(): Promise<{ status: string; timestamp: string }> {\n const response = await fetch(`${this.baseUrl.replace('/v1', '')}/health`, {\n headers: { 'User-Agent': USER_AGENT },\n signal: AbortSignal.timeout(this.timeout),\n });\n if (!response.ok) throw new VorimError(response.status, 'UNREACHABLE', 'Vorim API is not reachable');\n return response.json() as Promise<{ status: string; timestamp: string }>;\n }\n\n // ─── Agent Identity ────────────────────────────────────────────────\n\n /**\n * Register a new agent with Vorim AI.\n * Returns the agent identity and a private key (shown once).\n *\n * Side effect: the returned private_key is cached in this SDK instance's\n * in-memory keyring so subsequent emit() calls for this agent auto-sign.\n * The keyring is process-local; the caller is responsible for persisting\n * the private_key to durable storage if the agent should survive restarts.\n */\n async register(input: AgentRegistrationInput): Promise<AgentRegistrationResult> {\n const result = await this.post('/agents', input) as AgentRegistrationResult;\n if (result?.agent?.agent_id && result?.private_key) {\n this.agentKeys.set(result.agent.agent_id, result.private_key);\n }\n return result;\n }\n\n /**\n * Verify an agent's identity via the public Trust API.\n */\n async verify(agentId: string): Promise<TrustRecord> {\n return this.get(`/trust/verify/${agentId}`);\n }\n\n /**\n * Get agent details.\n */\n async getAgent(agentId: string): Promise<Agent> {\n return this.get(`/agents/${agentId}`);\n }\n\n /**\n * List all agents in the organisation.\n */\n async listAgents(params?: { page?: number; per_page?: number; status?: string }): Promise<{ agents: Agent[]; meta: any }> {\n const qs = new URLSearchParams(params as any).toString();\n return this.get(`/agents${qs ? '?' + qs : ''}`);\n }\n\n /**\n * Update an agent's metadata.\n */\n async updateAgent(agentId: string, updates: Partial<Pick<Agent, 'name' | 'description' | 'status' | 'capabilities'>>): Promise<Agent> {\n return this.patch(`/agents/${agentId}`, updates);\n }\n\n /**\n * Revoke an agent (permanent deactivation).\n */\n async revoke(agentId: string): Promise<void> {\n await this.delete(`/agents/${agentId}`);\n }\n\n // ─── Permissions ──────────────────────────────────────────────────\n\n /**\n * Check if an agent has a specific permission scope.\n * Target: < 5ms response via Redis cache.\n */\n async check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult> {\n return this.post(`/agents/${agentId}/permissions/verify`, { scope });\n }\n\n /**\n * Grant a permission scope to an agent.\n */\n async grant(agentId: string, scope: PermissionScope, options?: {\n valid_until?: string;\n rate_limit?: { max: number; window: string };\n }): Promise<any> {\n return this.post(`/agents/${agentId}/permissions`, { scope, ...options });\n }\n\n /**\n * List all active permissions for an agent.\n */\n async listPermissions(agentId: string): Promise<any[]> {\n return this.get(`/agents/${agentId}/permissions`);\n }\n\n /**\n * Revoke a specific permission scope from an agent.\n */\n async revokePermission(agentId: string, scope: PermissionScope): Promise<any> {\n return this.delete(`/agents/${agentId}/permissions/${scope}`);\n }\n\n // ─── Audit ────────────────────────────────────────────────────────\n\n /**\n * Emit an audit event for an agent action.\n *\n * By default (autoSign=true on the SDK), the event is signed with the\n * agent's private key before it leaves the process. Set options.sign=false\n * to skip signing (e.g. for testing). If the SDK has no private key for the\n * event's agent_id, the event is sent unsigned and a warning is not\n * raised — callers that require signing should check event.signature on\n * the returned event after a round-trip, or use a server-side enforcement\n * flag (VORIM_VERIFY_AUDIT_SIGNATURES).\n */\n async emit(event: AuditEventInput, options?: { sign?: boolean }): Promise<{ ingested: number }> {\n const prepared = await this.prepareEvent(event, options?.sign);\n return this.post('/audit/events', { events: [prepared] });\n }\n\n /**\n * Emit a batch of audit events (up to 1,000). Each event is signed\n * independently using its agent_id to look up the signing key. See\n * {@link VorimSDK.emit} for signing behaviour and opt-out.\n */\n async emitBatch(events: AuditEventInput[], options?: { sign?: boolean }): Promise<{ ingested: number }> {\n const prepared = await Promise.all(events.map(e => this.prepareEvent(e, options?.sign)));\n return this.post('/audit/events', { events: prepared });\n }\n\n /**\n * Internal: prepare an event for transmission. Auto-signs if the SDK has a\n * key for this agent and signing isn't explicitly opted out. Pre-existing\n * signatures on the event are respected (caller-signed events are not\n * re-signed). Per-agent failure is non-fatal: if signing throws, the event\n * still sends unsigned so a single bad key doesn't break a batch.\n *\n * Canonical-form dispatch:\n * - If the event already carries `canonical_form`, that wins (caller\n * opted in/out for this specific event).\n * - Otherwise the SDK-level `canonicalForm` (config) applies.\n * - v0 signs the pipe-joined 6 fields. v1 signs the RFC 8785 JCS\n * bytes over the full event minus signature and canonical_form,\n * and the event goes on the wire with `canonical_form: \"v1\"`.\n *\n * Chain construction:\n * - When chainEvents is on, the event gets `prev_event_hash` set to\n * the SHA-256 of the previous event's canonical bytes for the\n * same agent, set BEFORE the signature is computed (so v1\n * signatures cover the chain link).\n * - Chain ops are serialised per-agent via `chainLocks` so\n * concurrent emits to the same agent build a deterministic chain.\n */\n private async prepareEvent(\n event: AuditEventInput,\n signOverride?: boolean\n ): Promise<AuditEventInput> {\n const shouldSign = signOverride ?? this.autoSign;\n if (!shouldSign && !this.chainEvents) return event;\n // Even unsigned events participate in the chain if chaining is on.\n if (this.chainEvents) {\n return this.prepareEventChained(event, shouldSign);\n }\n if (!shouldSign) return event;\n if (event.signature) return event;\n return this.signEventNow(event, shouldSign);\n }\n\n /** Serialise per-agent and apply chain hash + sign. */\n private async prepareEventChained(\n event: AuditEventInput,\n shouldSign: boolean,\n ): Promise<AuditEventInput> {\n const agentId = event.agent_id;\n const prior = this.chainLocks.get(agentId) ?? Promise.resolve();\n let release!: () => void;\n const next = new Promise<void>(r => { release = r; });\n this.chainLocks.set(agentId, prior.then(() => next));\n await prior;\n try {\n // Insert prev_event_hash if we have a previous bytes-hash for this\n // agent. First event after enable / process restart has none.\n const prev = this.lastEventHash.get(agentId);\n const eventWithPrev: AuditEventInput = prev\n ? { ...event, prev_event_hash: prev }\n : event;\n\n // Sign (or pass through unsigned if signing not requested / no key).\n const prepared = shouldSign && !eventWithPrev.signature\n ? await this.signEventNow(eventWithPrev, shouldSign)\n : eventWithPrev;\n\n // Record this event's canonical bytes hash as the chain's new tail.\n // Use the v1 form for v1 events (matches what the signature covered);\n // v0 form for v0 events.\n const wireForm = (prepared.canonical_form as 'v0' | 'v1' | undefined) ?? 'v0';\n const bytes = wireForm === 'v1' ? canonicalPayloadV1(prepared) : canonicalPayloadV0(prepared);\n try {\n this.lastEventHash.set(agentId, await hashPreviousEvent(bytes));\n } catch {\n // hashing failure (extreme edge) is non-fatal; chain restarts next time\n this.lastEventHash.delete(agentId);\n }\n return prepared;\n } finally {\n release();\n }\n }\n\n /** Sign an event right now, no chain handling. */\n private async signEventNow(\n event: AuditEventInput,\n _shouldSign: boolean,\n ): Promise<AuditEventInput> {\n const key = this.agentKeys.get(event.agent_id);\n if (!key) return event;\n const form: 'v0' | 'v1' = (event.canonical_form as 'v0' | 'v1' | undefined) ?? this.canonicalForm;\n try {\n const withForm: AuditEventInput = form === 'v0'\n ? event\n : { ...event, canonical_form: 'v1' };\n const payload = form === 'v1' ? canonicalPayloadV1(withForm) : canonicalPayloadV0(withForm);\n const signature = await this.sign(payload, key);\n return { ...withForm, signature };\n } catch {\n return event;\n }\n }\n\n /**\n * Export a signed audit bundle for a date range.\n */\n async exportAudit(from: string, to: string, format: string = 'json'): Promise<any> {\n return this.post('/audit/export', { from, to, format });\n }\n\n // ─── API Keys ──────────────────────────────────────────────────────\n\n /**\n * List all API keys for the organisation.\n */\n async listApiKeys(): Promise<any[]> {\n return this.get('/api-keys');\n }\n\n /**\n * Create a new API key.\n */\n async createApiKey(name: string, options?: { scopes?: string[]; expires_at?: string }): Promise<any> {\n return this.post('/api-keys', { name, ...options });\n }\n\n /**\n * Revoke an API key.\n */\n async deleteApiKey(keyId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/api-keys/${keyId}`);\n }\n\n // ─── Ephemeral Agents ──────────────────────────────────────────────\n\n /**\n * Register an ephemeral agent with W3C did:key identity.\n * The agent auto-expires after the specified TTL.\n *\n * Side effect: the returned private_key is cached in this SDK instance's\n * in-memory keyring (matching register()).\n */\n async registerEphemeral(input: {\n capabilities: string[];\n scopes: string[];\n ttl_seconds?: number;\n }): Promise<any> {\n const result = await this.post('/agents/ephemeral', input);\n const agentId: string | undefined = result?.agent?.agent_id ?? result?.did_key;\n if (agentId && result?.private_key) {\n this.agentKeys.set(agentId, result.private_key);\n }\n return result;\n }\n\n // ─── Credential Delegation ──────────────────────────────────────────\n\n /**\n * Register an OAuth provider for credential delegation.\n */\n async registerProvider(input: {\n provider_key: string;\n display_name?: string;\n client_id: string;\n client_secret: string;\n auth_url: string;\n token_url: string;\n revoke_url?: string;\n scopes_available?: string[];\n }): Promise<any> {\n return this.post('/credentials/providers', input);\n }\n\n /**\n * List registered OAuth providers.\n */\n async listProviders(): Promise<any[]> {\n return this.get('/credentials/providers');\n }\n\n /**\n * Store an OAuth connection (user's authorized tokens).\n */\n async storeConnection(input: {\n provider_id: string;\n refresh_token: string;\n scopes_granted: string[];\n external_account_id?: string;\n }): Promise<any> {\n return this.post('/credentials/connections', input);\n }\n\n /**\n * List OAuth connections.\n */\n async listConnections(): Promise<any[]> {\n return this.get('/credentials/connections');\n }\n\n /**\n * Delegate a credential to an agent.\n * The agent will be able to request short-lived access tokens\n * for the delegated scopes without ever seeing the refresh token.\n */\n async delegateCredential(input: {\n connection_id: string;\n agent_id: string;\n scopes_delegated: string[];\n max_requests_per_hr?: number;\n valid_until?: string;\n }): Promise<any> {\n return this.post('/credentials/delegations', input);\n }\n\n /**\n * List credential delegations for the organisation or a specific agent.\n */\n async listDelegations(agentId?: string): Promise<any[]> {\n const params = agentId ? `?agent_id=${agentId}` : '';\n return this.get(`/credentials/delegations${params}`);\n }\n\n /**\n * Revoke a credential delegation (cascades to delegation chains).\n */\n async revokeDelegation(delegationId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/credentials/delegations/${delegationId}`);\n }\n\n /**\n * Request a short-lived access token for an agent.\n * The agent must have an active credential delegation.\n * The refresh token is never exposed — the platform proxies the request.\n */\n async requestToken(input: {\n agent_id: string;\n scope: string;\n provider_id?: string;\n }): Promise<{\n access_token: string;\n token_type: string;\n expires_in: number;\n scope: string;\n delegation_id: string;\n }> {\n return this.post('/credentials/token', input);\n }\n\n // ─── Signing ──────────────────────────────────────────────────────\n\n /**\n * Sign a payload with an Ed25519 private key (client-side).\n * Uses the Web Crypto API or Node.js crypto.\n */\n async sign(payload: string, privateKeyPem: string): Promise<string> {\n if (typeof globalThis.crypto?.subtle !== 'undefined') {\n // Web Crypto API\n const keyData = this.pemToArrayBuffer(privateKeyPem);\n const key = await globalThis.crypto.subtle.importKey(\n 'pkcs8', keyData, { name: 'Ed25519' }, false, ['sign']\n );\n const signature = await globalThis.crypto.subtle.sign(\n 'Ed25519', key, new TextEncoder().encode(payload)\n );\n return `ed25519:${this.arrayBufferToBase64(signature)}`;\n } else {\n // Node.js crypto fallback\n const crypto = await import('node:crypto');\n const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);\n return `ed25519:${sign.toString('base64')}`;\n }\n }\n\n // ─── HTTP Client ──────────────────────────────────────────────────\n\n private async get(path: string): Promise<any> {\n return this.request('GET', path);\n }\n\n private async post(path: string, body: any): Promise<any> {\n return this.request('POST', path, body);\n }\n\n private async patch(path: string, body: any): Promise<any> {\n return this.request('PATCH', path, body);\n }\n\n private async delete(path: string): Promise<any> {\n return this.request('DELETE', path);\n }\n\n private async request(method: string, path: string, body?: any): Promise<any> {\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.apiKey}`,\n 'Content-Type': 'application/json',\n 'User-Agent': USER_AGENT,\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n if (!response.ok) {\n const errBody = await response.json().catch(() => ({})) as Record<string, any>;\n throw new VorimError(\n response.status,\n errBody.error?.code || 'UNKNOWN_ERROR',\n errBody.error?.message || `HTTP ${response.status}`,\n errBody.error?.details\n );\n }\n\n const json = await response.json() as Record<string, any>;\n return json.data;\n } finally {\n clearTimeout(timeoutId);\n }\n }\n\n private pemToArrayBuffer(pem: string): ArrayBuffer {\n const b64 = pem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, '');\n const binary = atob(b64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n }\n\n private arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary);\n }\n}\n\nexport class VorimError extends Error {\n constructor(\n public status: number,\n public code: string,\n message: string,\n public details?: Record<string, unknown>\n ) {\n super(message);\n this.name = 'VorimError';\n }\n}\n\n// ─── Convenience export ──────────────────────────────────────────────\n\nexport default function createVorim(config: VorimConfig): VorimSDK {\n return new VorimSDK(config);\n}\n\n// Re-export types for consumers\nexport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, AuditEventType, AuditResult,\n PermissionScope, PermissionCheckResult, AgentStatus,\n} from './types.js';\n\n// Re-export replayable evidence helpers (VAIP -02 schema field hashing)\nexport {\n hashTool, hashToolCatalogue, hashSystemPrompt, hashPreviousEvent,\n jcsCanonicalise, prepareReplayContext, CANONICAL_TOOL_CATALOGUE_VERSION,\n} from './replay.js';\nexport type { CatalogueTool, ReplayInputs, ReplayContext } from './replay.js';\n"],"mappings":";AA6BO,IAAM,mCAAmC;AA2CzC,SAAS,gBAAgB,OAAwB;AACtD,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,UAAU,MAAO,QAAO;AAE5B,MAAI,OAAO,UAAU,UAAU;AAC7B,QAAI,CAAC,OAAO,SAAS,KAAK,GAAG;AAC3B,YAAM,IAAI,MAAM,qDAAqD;AAAA,IACvE;AAKA,WAAO,MAAM,SAAS;AAAA,EACxB;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO,KAAK,UAAU,KAAK;AAAA,EAC7B;AAEA,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,WAAO,MAAM,MAAM,IAAI,eAAe,EAAE,KAAK,GAAG,IAAI;AAAA,EACtD;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,OAAO,OAAO,KAAK,KAAgC,EAAE,KAAK;AAChE,UAAM,QAAQ,KAAK,IAAI,OAAK;AAC1B,aAAO,KAAK,UAAU,CAAC,IAAI,MAAM,gBAAiB,MAAkC,CAAC,CAAC;AAAA,IACxF,CAAC;AACD,WAAO,MAAM,MAAM,KAAK,GAAG,IAAI;AAAA,EACjC;AAGA,QAAM,IAAI,MAAM,4CAA4C,OAAO,KAAK,EAAE;AAC5E;AAIA,eAAe,UAAU,OAA6C;AACpE,QAAM,QAAQ,OAAO,UAAU,WAAW,IAAI,YAAY,EAAE,OAAO,KAAK,IAAI;AAI5E,QAAM,SAAU,WAAmB,QAAQ;AAC3C,MAAI,QAAQ;AACV,UAAM,MAAM,MAAM,OAAO,OAAO,WAAW,KAAK;AAChD,WAAO,MAAM,KAAK,IAAI,WAAW,GAAG,CAAC,EAClC,IAAI,OAAK,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EACxC,KAAK,EAAE;AAAA,EACZ;AAGA,QAAM,aAAa,MAAM,OAAO,QAAa;AAC7C,SAAO,WAAW,WAAW,QAAQ,EAAE,OAAO,KAAK,EAAE,OAAO,KAAK;AACnE;AAWA,eAAsB,SAAS,MAAsC;AACnE,QAAM,aAAa;AAAA,IACjB,MAAM,KAAK;AAAA,IACX,aAAa,KAAK,eAAe;AAAA,IACjC,QAAQ,KAAK,UAAU,CAAC;AAAA,EAC1B;AACA,QAAM,MAAM,MAAM,UAAU,gBAAgB,UAAU,CAAC;AACvD,SAAO,UAAU,GAAG;AACtB;AAaA,eAAsB,kBAAkB,OAAyC;AAC/E,MAAI,MAAM,WAAW,GAAG;AAEtB,WAAO,UAAU,MAAM,UAAU,IAAI,CAAC;AAAA,EACxC;AACA,QAAM,UAAU,MAAM,QAAQ,IAAI,MAAM,IAAI,QAAQ,CAAC;AACrD,UAAQ,KAAK;AACb,QAAM,MAAM,MAAM,UAAU,QAAQ,KAAK,EAAE,CAAC;AAC5C,SAAO,UAAU,GAAG;AACtB;AAUA,eAAsB,iBAAiB,QAAiC;AACtE,QAAM,MAAM,MAAM,UAAU,MAAM;AAClC,SAAO,UAAU,GAAG;AACtB;AAOA,eAAsB,kBAAkB,gBAAyC;AAC/E,QAAM,MAAM,MAAM,UAAU,cAAc;AAC1C,SAAO,UAAU,GAAG;AACtB;AAqCA,eAAsB,qBACpB,QACwB;AACxB,QAAM,MAAqB,CAAC;AAC5B,MAAI,OAAO,aAAc,KAAI,gBAAgB,OAAO;AACpD,MAAI,OAAO,MAAO,KAAI,sBAAsB,MAAM,kBAAkB,OAAO,KAAK;AAChF,MAAI,OAAO,aAAc,KAAI,qBAAqB,MAAM,iBAAiB,OAAO,YAAY;AAC5F,SAAO;AACT;;;AC5NA,IAAM,cAAc,OAAyC,UAAkB;AAC/E,IAAM,aAAa,aAAa,WAAW;AA+CpC,SAAS,mBAAmB,OAAgC;AACjE,SAAO;AAAA,IACL,MAAM;AAAA,IACN,MAAM;AAAA,IACN,MAAM,YAAY;AAAA,IAClB,MAAM,cAAc;AAAA,IACpB,MAAM,eAAe;AAAA,IACrB,MAAM;AAAA,EACR,EAAE,KAAK,GAAG;AACZ;AAaO,SAAS,mBAAmB,OAAgC;AAEjE,QAAM,EAAE,WAAW,MAAM,gBAAgB,KAAK,GAAG,KAAK,IAAI;AAC1D,SAAO,gBAAgB,IAAI;AAC7B;AAEO,IAAM,WAAN,MAAe;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,YAAiC,oBAAI,IAAI;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQzC,gBAAqC,oBAAI,IAAI;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAO7C,aAAyC,oBAAI,IAAI;AAAA,EAEzD,YAAY,QAAqB;AAC/B,SAAK,SAAS,OAAO;AACrB,SAAK,WAAW,OAAO,WAAW,wBAAwB,QAAQ,OAAO,EAAE,IAAI;AAC/E,SAAK,UAAU,OAAO,WAAW;AACjC,SAAK,WAAW,OAAO,aAAa;AACpC,SAAK,gBAAgB,OAAO,iBAAiB;AAC7C,SAAK,cAAc,OAAO,eAAe;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,YAAY,SAAiB,eAA6B;AACxD,SAAK,UAAU,IAAI,SAAS,aAAa;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,eAAe,SAAuB;AACpC,SAAK,UAAU,OAAO,OAAO;AAC7B,SAAK,cAAc,OAAO,OAAO;AACjC,SAAK,WAAW,OAAO,OAAO;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAuD;AAC3D,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,QAAQ,QAAQ,OAAO,EAAE,CAAC,WAAW;AAAA,MACxE,SAAS,EAAE,cAAc,WAAW;AAAA,MACpC,QAAQ,YAAY,QAAQ,KAAK,OAAO;AAAA,IAC1C,CAAC;AACD,QAAI,CAAC,SAAS,GAAI,OAAM,IAAI,WAAW,SAAS,QAAQ,eAAe,4BAA4B;AACnG,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,SAAS,OAAiE;AAC9E,UAAM,SAAS,MAAM,KAAK,KAAK,WAAW,KAAK;AAC/C,QAAI,QAAQ,OAAO,YAAY,QAAQ,aAAa;AAClD,WAAK,UAAU,IAAI,OAAO,MAAM,UAAU,OAAO,WAAW;AAAA,IAC9D;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAuC;AAClD,WAAO,KAAK,IAAI,iBAAiB,OAAO,EAAE;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAiC;AAC9C,WAAO,KAAK,IAAI,WAAW,OAAO,EAAE;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAW,QAAyG;AACxH,UAAM,KAAK,IAAI,gBAAgB,MAAa,EAAE,SAAS;AACvD,WAAO,KAAK,IAAI,UAAU,KAAK,MAAM,KAAK,EAAE,EAAE;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAiB,SAAmG;AACpI,WAAO,KAAK,MAAM,WAAW,OAAO,IAAI,OAAO;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAgC;AAC3C,UAAM,KAAK,OAAO,WAAW,OAAO,EAAE;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,MAAM,SAAiB,OAAwD;AACnF,WAAO,KAAK,KAAK,WAAW,OAAO,uBAAuB,EAAE,MAAM,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,SAAiB,OAAwB,SAGpC;AACf,WAAO,KAAK,KAAK,WAAW,OAAO,gBAAgB,EAAE,OAAO,GAAG,QAAQ,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAiC;AACrD,WAAO,KAAK,IAAI,WAAW,OAAO,cAAc;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,SAAiB,OAAsC;AAC5E,WAAO,KAAK,OAAO,WAAW,OAAO,gBAAgB,KAAK,EAAE;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,KAAK,OAAwB,SAA6D;AAC9F,UAAM,WAAW,MAAM,KAAK,aAAa,OAAO,SAAS,IAAI;AAC7D,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC;AAAA,EAC1D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,UAAU,QAA2B,SAA6D;AACtG,UAAM,WAAW,MAAM,QAAQ,IAAI,OAAO,IAAI,OAAK,KAAK,aAAa,GAAG,SAAS,IAAI,CAAC,CAAC;AACvF,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,SAAS,CAAC;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAyBA,MAAc,aACZ,OACA,cAC0B;AAC1B,UAAM,aAAa,gBAAgB,KAAK;AACxC,QAAI,CAAC,cAAc,CAAC,KAAK,YAAa,QAAO;AAE7C,QAAI,KAAK,aAAa;AACpB,aAAO,KAAK,oBAAoB,OAAO,UAAU;AAAA,IACnD;AACA,QAAI,CAAC,WAAY,QAAO;AACxB,QAAI,MAAM,UAAW,QAAO;AAC5B,WAAO,KAAK,aAAa,OAAO,UAAU;AAAA,EAC5C;AAAA;AAAA,EAGA,MAAc,oBACZ,OACA,YAC0B;AAC1B,UAAM,UAAU,MAAM;AACtB,UAAM,QAAQ,KAAK,WAAW,IAAI,OAAO,KAAK,QAAQ,QAAQ;AAC9D,QAAI;AACJ,UAAM,OAAO,IAAI,QAAc,OAAK;AAAE,gBAAU;AAAA,IAAG,CAAC;AACpD,SAAK,WAAW,IAAI,SAAS,MAAM,KAAK,MAAM,IAAI,CAAC;AACnD,UAAM;AACN,QAAI;AAGF,YAAM,OAAO,KAAK,cAAc,IAAI,OAAO;AAC3C,YAAM,gBAAiC,OACnC,EAAE,GAAG,OAAO,iBAAiB,KAAK,IAClC;AAGJ,YAAM,WAAW,cAAc,CAAC,cAAc,YAC1C,MAAM,KAAK,aAAa,eAAe,UAAU,IACjD;AAKJ,YAAM,WAAY,SAAS,kBAA8C;AACzE,YAAM,QAAQ,aAAa,OAAO,mBAAmB,QAAQ,IAAI,mBAAmB,QAAQ;AAC5F,UAAI;AACF,aAAK,cAAc,IAAI,SAAS,MAAM,kBAAkB,KAAK,CAAC;AAAA,MAChE,QAAQ;AAEN,aAAK,cAAc,OAAO,OAAO;AAAA,MACnC;AACA,aAAO;AAAA,IACT,UAAE;AACA,cAAQ;AAAA,IACV;AAAA,EACF;AAAA;AAAA,EAGA,MAAc,aACZ,OACA,aAC0B;AAC1B,UAAM,MAAM,KAAK,UAAU,IAAI,MAAM,QAAQ;AAC7C,QAAI,CAAC,IAAK,QAAO;AACjB,UAAM,OAAqB,MAAM,kBAA8C,KAAK;AACpF,QAAI;AACF,YAAM,WAA4B,SAAS,OACvC,QACA,EAAE,GAAG,OAAO,gBAAgB,KAAK;AACrC,YAAM,UAAU,SAAS,OAAO,mBAAmB,QAAQ,IAAI,mBAAmB,QAAQ;AAC1F,YAAM,YAAY,MAAM,KAAK,KAAK,SAAS,GAAG;AAC9C,aAAO,EAAE,GAAG,UAAU,UAAU;AAAA,IAClC,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,MAAc,IAAY,SAAiB,QAAsB;AACjF,WAAO,KAAK,KAAK,iBAAiB,EAAE,MAAM,IAAI,OAAO,CAAC;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAA8B;AAClC,WAAO,KAAK,IAAI,WAAW;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,MAAc,SAAoE;AACnG,WAAO,KAAK,KAAK,aAAa,EAAE,MAAM,GAAG,QAAQ,CAAC;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,OAA8C;AAC/D,WAAO,KAAK,OAAO,aAAa,KAAK,EAAE;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,kBAAkB,OAIP;AACf,UAAM,SAAS,MAAM,KAAK,KAAK,qBAAqB,KAAK;AACzD,UAAM,UAA8B,QAAQ,OAAO,YAAY,QAAQ;AACvE,QAAI,WAAW,QAAQ,aAAa;AAClC,WAAK,UAAU,IAAI,SAAS,OAAO,WAAW;AAAA,IAChD;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,iBAAiB,OASN;AACf,WAAO,KAAK,KAAK,0BAA0B,KAAK;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgC;AACpC,WAAO,KAAK,IAAI,wBAAwB;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,OAKL;AACf,WAAO,KAAK,KAAK,4BAA4B,KAAK;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,kBAAkC;AACtC,WAAO,KAAK,IAAI,0BAA0B;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,mBAAmB,OAMR;AACf,WAAO,KAAK,KAAK,4BAA4B,KAAK;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAkC;AACtD,UAAM,SAAS,UAAU,aAAa,OAAO,KAAK;AAClD,WAAO,KAAK,IAAI,2BAA2B,MAAM,EAAE;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,cAAqD;AAC1E,WAAO,KAAK,OAAO,4BAA4B,YAAY,EAAE;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa,OAUhB;AACD,WAAO,KAAK,KAAK,sBAAsB,KAAK;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAK,SAAiB,eAAwC;AAClE,QAAI,OAAO,WAAW,QAAQ,WAAW,aAAa;AAEpD,YAAM,UAAU,KAAK,iBAAiB,aAAa;AACnD,YAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,QACzC;AAAA,QAAS;AAAA,QAAS,EAAE,MAAM,UAAU;AAAA,QAAG;AAAA,QAAO,CAAC,MAAM;AAAA,MACvD;AACA,YAAM,YAAY,MAAM,WAAW,OAAO,OAAO;AAAA,QAC/C;AAAA,QAAW;AAAA,QAAK,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,MAClD;AACA,aAAO,WAAW,KAAK,oBAAoB,SAAS,CAAC;AAAA,IACvD,OAAO;AAEL,YAAM,SAAS,MAAM,OAAO,QAAa;AACzC,YAAM,OAAO,OAAO,KAAK,MAAM,OAAO,KAAK,OAAO,GAAG,aAAa;AAClE,aAAO,WAAW,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA,EAIA,MAAc,IAAI,MAA4B;AAC5C,WAAO,KAAK,QAAQ,OAAO,IAAI;AAAA,EACjC;AAAA,EAEA,MAAc,KAAK,MAAc,MAAyB;AACxD,WAAO,KAAK,QAAQ,QAAQ,MAAM,IAAI;AAAA,EACxC;AAAA,EAEA,MAAc,MAAM,MAAc,MAAyB;AACzD,WAAO,KAAK,QAAQ,SAAS,MAAM,IAAI;AAAA,EACzC;AAAA,EAEA,MAAc,OAAO,MAA4B;AAC/C,WAAO,KAAK,QAAQ,UAAU,IAAI;AAAA,EACpC;AAAA,EAEA,MAAc,QAAQ,QAAgB,MAAc,MAA0B;AAC5E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,QACrD;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,UACtC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,IAAI;AAAA,UACR,SAAS;AAAA,UACT,QAAQ,OAAO,QAAQ;AAAA,UACvB,QAAQ,OAAO,WAAW,QAAQ,SAAS,MAAM;AAAA,UACjD,QAAQ,OAAO;AAAA,QACjB;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,UAAE;AACA,mBAAa,SAAS;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,MAAM,IAAI,QAAQ,oBAAoB,EAAE,EAAE,QAAQ,OAAO,EAAE;AACjE,UAAM,SAAS,KAAK,GAAG;AACvB,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,IAChC;AACA,WAAO,MAAM;AAAA,EACf;AAAA,EAEQ,oBAAoB,QAA6B;AACvD,UAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,QAAI,SAAS;AACb,eAAW,QAAQ,OAAO;AACxB,gBAAU,OAAO,aAAa,IAAI;AAAA,IACpC;AACA,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,MAAM;AAAA,EACpC,YACS,QACA,MACP,SACO,SACP;AACA,UAAM,OAAO;AALN;AACA;AAEA;AAGP,SAAK,OAAO;AAAA,EACd;AAAA,EAPS;AAAA,EACA;AAAA,EAEA;AAKX;AAIe,SAAR,YAA6B,QAA+B;AACjE,SAAO,IAAI,SAAS,MAAM;AAC5B;","names":[]}
package/dist/integrations/anthropic.cjs CHANGED
@@ -1,7 +1,9 @@
1
1
  "use strict";
2
+ var __create = Object.create;
2
3
  var __defProp = Object.defineProperty;
3
4
  var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
5
  var __getOwnPropNames = Object.getOwnPropertyNames;
6
+ var __getProtoOf = Object.getPrototypeOf;
5
7
  var __hasOwnProp = Object.prototype.hasOwnProperty;
6
8
  var __export = (target, all) => {
7
9
  for (var name in all)
@@ -15,6 +17,14 @@ var __copyProps = (to, from, except, desc) => {
15
17
  }
16
18
  return to;
17
19
  };
20
+ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
21
+ // If the importer is in node compatibility mode or this is not an ESM
22
+ // file that has been converted to a CommonJS file using a Babel-
23
+ // compatible transform (i.e. "__esModule" has not been set), then set
24
+ // "default" to the CommonJS "module.exports" for node compatibility.
25
+ isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
26
+ mod
27
+ ));
18
28
  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
29
 
20
30
  // src/integrations/anthropic.ts
@@ -25,21 +35,111 @@ __export(anthropic_exports, {
25
35
  runAgentLoop: () => runAgentLoop
26
36
  });
27
37
  module.exports = __toCommonJS(anthropic_exports);
38
+
39
+ // src/replay.ts
40
+ function jcsCanonicalise(value) {
41
+ if (value === null) return "null";
42
+ if (value === true) return "true";
43
+ if (value === false) return "false";
44
+ if (typeof value === "number") {
45
+ if (!Number.isFinite(value)) {
46
+ throw new Error("jcsCanonicalise: NaN and Infinity are not JCS-valid");
47
+ }
48
+ return value.toString();
49
+ }
50
+ if (typeof value === "string") {
51
+ return JSON.stringify(value);
52
+ }
53
+ if (Array.isArray(value)) {
54
+ return "[" + value.map(jcsCanonicalise).join(",") + "]";
55
+ }
56
+ if (typeof value === "object") {
57
+ const keys = Object.keys(value).sort();
58
+ const parts = keys.map((k) => {
59
+ return JSON.stringify(k) + ":" + jcsCanonicalise(value[k]);
60
+ });
61
+ return "{" + parts.join(",") + "}";
62
+ }
63
+ throw new Error(`jcsCanonicalise: unsupported value type: ${typeof value}`);
64
+ }
65
+ async function sha256Hex(input) {
66
+ const bytes = typeof input === "string" ? new TextEncoder().encode(input) : input;
67
+ const subtle = globalThis.crypto?.subtle;
68
+ if (subtle) {
69
+ const buf = await subtle.digest("SHA-256", bytes);
70
+ return Array.from(new Uint8Array(buf)).map((b) => b.toString(16).padStart(2, "0")).join("");
71
+ }
72
+ const nodeCrypto = await import("crypto");
73
+ return nodeCrypto.createHash("sha256").update(bytes).digest("hex");
74
+ }
75
+ async function hashTool(tool) {
76
+ const normalised = {
77
+ name: tool.name,
78
+ description: tool.description ?? "",
79
+ schema: tool.schema ?? {}
80
+ };
81
+ const hex = await sha256Hex(jcsCanonicalise(normalised));
82
+ return `sha256:${hex}`;
83
+ }
84
+ async function hashToolCatalogue(tools) {
85
+ if (tools.length === 0) {
86
+ return `sha256:${await sha256Hex("[]")}`;
87
+ }
88
+ const perTool = await Promise.all(tools.map(hashTool));
89
+ perTool.sort();
90
+ const hex = await sha256Hex(perTool.join(""));
91
+ return `sha256:${hex}`;
92
+ }
93
+ async function hashSystemPrompt(prompt) {
94
+ const hex = await sha256Hex(prompt);
95
+ return `sha256:${hex}`;
96
+ }
97
+ async function prepareReplayContext(inputs) {
98
+ const ctx = {};
99
+ if (inputs.modelVersion) ctx.model_version = inputs.modelVersion;
100
+ if (inputs.tools) ctx.tool_catalogue_hash = await hashToolCatalogue(inputs.tools);
101
+ if (inputs.systemPrompt) ctx.system_prompt_hash = await hashSystemPrompt(inputs.systemPrompt);
102
+ return ctx;
103
+ }
104
+
105
+ // src/integrations/anthropic.ts
28
106
  var VorimToolRegistry = class {
29
107
  vorim;
30
108
  agentId;
31
109
  defaultPermission;
32
110
  asyncAudit;
33
111
  tools = /* @__PURE__ */ new Map();
112
+ replayInputs;
113
+ replayCache = null;
34
114
  constructor(config) {
35
115
  this.vorim = config.vorim;
36
116
  this.agentId = config.agentId;
37
117
  this.defaultPermission = config.defaultPermission ?? "agent:execute";
38
118
  this.asyncAudit = config.asyncAudit ?? true;
119
+ this.replayInputs = config.replay;
120
+ }
121
+ async getReplayContext() {
122
+ if (!this.replayInputs) return {};
123
+ if (!this.replayCache) {
124
+ const inputs = {
125
+ ...this.replayInputs,
126
+ tools: this.replayInputs.tools ?? this.deriveCatalogue()
127
+ };
128
+ this.replayCache = prepareReplayContext(inputs);
129
+ }
130
+ return this.replayCache;
131
+ }
132
+ deriveCatalogue() {
133
+ return [...this.tools.values()].map((t) => ({
134
+ name: t.name,
135
+ description: t.description,
136
+ schema: t.input_schema
137
+ }));
39
138
  }
40
- /** Register a tool. */
139
+ /** Register a tool. Invalidates the cached tool-catalogue hash. */
41
140
  add(definition) {
42
141
  this.tools.set(definition.name, definition);
142
+ this.replayCache = null;
43
143
  return this;
44
144
  }
45
145
  /** Register multiple tools. */
@@ -77,6 +177,7 @@ var VorimToolRegistry = class {
77
177
  }
78
178
  const scope = definition.permission ?? this.defaultPermission;
79
179
  const { allowed, reason } = await this.vorim.check(this.agentId, scope);
180
+ const replayCtx = await this.getReplayContext();
80
181
  if (!allowed) {
81
182
  const event = {
82
183
  agent_id: this.agentId,
@@ -85,7 +186,8 @@ var VorimToolRegistry = class {
85
186
  resource: truncate(JSON.stringify(block.input), 500),
86
187
  permission: scope,
87
188
  result: "denied",
88
- metadata: { reason, framework: "anthropic" }
189
+ metadata: { reason, framework: "anthropic" },
190
+ ...replayCtx
89
191
  };
90
192
  this.emitAudit(event);
91
193
  return {
@@ -107,7 +209,8 @@ var VorimToolRegistry = class {
107
209
  permission: scope,
108
210
  result: "success",
109
211
  latency_ms: Date.now() - start,
110
- metadata: { framework: "anthropic" }
212
+ metadata: { framework: "anthropic" },
213
+ ...replayCtx
111
214
  };
112
215
  this.emitAudit(event);
113
216
  return { type: "tool_result", tool_use_id: block.id, content };
@@ -122,7 +225,8 @@ var VorimToolRegistry = class {
122
225
  result: "error",
123
226
  latency_ms: Date.now() - start,
124
227
  error_code: err instanceof Error ? err.name : "UNKNOWN",
125
- metadata: { error: errMsg, framework: "anthropic" }
228
+ metadata: { error: errMsg, framework: "anthropic" },
229
+ ...replayCtx
126
230
  };
127
231
  this.emitAudit(event);
128
232
  return {
package/dist/integrations/anthropic.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/integrations/anthropic.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — Anthropic/Claude Integration\n// Wraps Anthropic tool use with Vorim permission checks, audit trails,\n// and agent identity. Works with the Anthropic Node.js SDK (messages API\n// with tool use).\n//\n// Peer dependency: @anthropic-ai/sdk >=0.30.0\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type { PermissionScope, AuditEventInput } from '../types.js';\n\n// ─── Re-declared Anthropic types (peer dependency — not bundled) ──────────\n\ninterface AnthropicTool {\n name: string;\n description: string;\n input_schema: Record<string, unknown>;\n}\n\ninterface ToolUseBlock {\n type: 'tool_use';\n id: string;\n name: string;\n input: Record<string, unknown>;\n}\n\ninterface ToolResultBlock {\n type: 'tool_result';\n tool_use_id: string;\n content: string;\n is_error?: boolean;\n}\n\n// ─── Configuration ────────────────────────────────────────────────────────\n\nexport interface VorimToolDefinition<TArgs = Record<string, unknown>, TResult = unknown> {\n /** Tool name (must match the tool name sent to Claude). */\n name: string;\n /** Description shown to Claude. */\n description: string;\n /** JSON Schema for the tool's input. */\n input_schema: Record<string, unknown>;\n /** The function to execute when the tool is called. */\n execute: (args: TArgs) => Promise<TResult>;\n /** Vorim permission scope required. @default 'agent:execute' */\n permission?: PermissionScope;\n}\n\nexport interface VorimAnthropicConfig {\n /** Vorim SDK instance. */\n vorim: VorimSDK;\n /** The Vorim agent_id. */\n agentId: string;\n /** Default permission scope for tools without an explicit one. @default 'agent:execute' */\n defaultPermission?: PermissionScope;\n /** Whether to emit audit events asynchronously (fire-and-forget). @default true */\n asyncAudit?: boolean;\n}\n\n// ─── Tool Registry ────────────────────────────────────────────────────────\n\n/**\n * Manages a set of tools with Vorim permission checks and audit logging.\n * Converts tools to Anthropic's tool format and handles execution of\n * tool_use blocks from Claude's response.\n *\n * @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n *\n * const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n * const anthropic = new Anthropic();\n *\n * const registry = new VorimToolRegistry({\n * vorim,\n * agentId: \"agid_acme_a1b2c3d4\",\n * });\n *\n * registry.add({\n * name: \"search_docs\",\n * description: \"Search internal documents\",\n * input_schema: {\n * type: \"object\",\n * properties: { query: { type: \"string\" } },\n * required: [\"query\"],\n * },\n * execute: async ({ query }) => searchDocs(query),\n * permission: \"agent:read\",\n * });\n *\n * const response = await anthropic.messages.create({\n * model: \"claude-sonnet-4-20250514\",\n * max_tokens: 1024,\n * messages,\n * tools: registry.toAnthropicTools(),\n * });\n *\n * // Execute tool_use blocks from response\n * const toolResults = await registry.executeToolUseBlocks(\n * response.content.filter(b => b.type === \"tool_use\")\n * );\n * ```\n */\nexport class VorimToolRegistry {\n private vorim: VorimSDK;\n private agentId: string;\n private defaultPermission: PermissionScope;\n private asyncAudit: boolean;\n private tools = new Map<string, VorimToolDefinition>();\n\n constructor(config: VorimAnthropicConfig) {\n this.vorim = config.vorim;\n this.agentId = config.agentId;\n this.defaultPermission = config.defaultPermission ?? 'agent:execute';\n this.asyncAudit = config.asyncAudit ?? true;\n }\n\n /** Register a tool. */\n add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this {\n this.tools.set(definition.name, definition as VorimToolDefinition);\n return this;\n }\n\n /** Register multiple tools. */\n addAll(definitions: VorimToolDefinition[]): this {\n for (const def of definitions) this.add(def);\n return this;\n }\n\n /** Convert registered tools to Anthropic's tool format. */\n toAnthropicTools(): AnthropicTool[] {\n return [...this.tools.values()].map(t => ({\n name: t.name,\n description: t.description,\n input_schema: t.input_schema,\n }));\n }\n\n /**\n * Execute tool_use blocks from a Claude message response.\n * Each call is checked against Vorim permissions and audited.\n * Returns an array of tool_result blocks ready to send back to Claude.\n */\n async executeToolUseBlocks(toolUseBlocks: ToolUseBlock[]): Promise<ToolResultBlock[]> {\n return Promise.all(\n toolUseBlocks.map(block => this.executeSingleBlock(block)),\n );\n }\n\n private async executeSingleBlock(block: ToolUseBlock): Promise<ToolResultBlock> {\n const definition = this.tools.get(block.name);\n\n if (!definition) {\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Unknown tool: ${block.name}` }),\n is_error: true,\n };\n }\n\n const scope = definition.permission ?? this.defaultPermission;\n\n // 1. Permission check\n const { allowed, reason } = await this.vorim.check(this.agentId, scope);\n\n if (!allowed) {\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'denied',\n metadata: { reason, framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Permission denied: ${scope}${reason ? ` — ${reason}` : ''}` }),\n is_error: true,\n };\n }\n\n // 2. Execute\n const start = Date.now();\n try {\n const result = await definition.execute(block.input as any);\n const content = typeof result === 'string' ? result : JSON.stringify(result);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'success',\n latency_ms: Date.now() - start,\n metadata: { framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return { type: 'tool_result', tool_use_id: block.id, content };\n } catch (err) {\n const errMsg = err instanceof Error ? err.message : String(err);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'error',\n latency_ms: Date.now() - start,\n error_code: err instanceof Error ? err.name : 'UNKNOWN',\n metadata: { error: errMsg, framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: errMsg }),\n is_error: true,\n };\n }\n }\n\n private emitAudit(event: AuditEventInput): void {\n this.vorim.emit(event).catch(() => {});\n }\n}\n\n// ─── Agent Loop ───────────────────────────────────────────────────────────\n\n/** Minimal Anthropic client interface (avoids importing the full SDK). */\ninterface AnthropicClient {\n messages: {\n create(params: any): Promise<any>;\n };\n}\n\nexport interface VorimAgentLoopConfig extends VorimAnthropicConfig {\n /** Anthropic client instance. */\n anthropic: AnthropicClient;\n /** Model to use. @default 'claude-sonnet-4-20250514' */\n model?: string;\n /** System prompt for the agent. */\n systemPrompt?: string;\n /** Maximum tool-use iterations before stopping. @default 10 */\n maxIterations?: number;\n /** Max tokens per response. @default 1024 */\n maxTokens?: number;\n}\n\n/**\n * Runs a complete agent loop with Claude tool use, Vorim\n * permission enforcement, and audit logging.\n *\n * @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { runAgentLoop, VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n *\n * const registry = new VorimToolRegistry({ vorim, agentId });\n * registry.add({ name: \"search\", ... });\n *\n * const response = await runAgentLoop({\n * vorim,\n * agentId,\n * anthropic: new Anthropic(),\n * model: \"claude-sonnet-4-20250514\",\n * systemPrompt: \"You are a helpful assistant.\",\n * registry,\n * userMessage: \"Find docs about onboarding\",\n * });\n * ```\n */\nexport async function runAgentLoop(\n config: VorimAgentLoopConfig & {\n registry: VorimToolRegistry;\n userMessage: string;\n },\n): Promise<string> {\n const {\n anthropic,\n model = 'claude-sonnet-4-20250514',\n systemPrompt,\n maxIterations = 10,\n maxTokens = 1024,\n registry,\n userMessage,\n } = config;\n\n const tools = registry.toAnthropicTools();\n const messages: any[] = [{ role: 'user', content: userMessage }];\n\n for (let i = 0; i < maxIterations; i++) {\n const response = await anthropic.messages.create({\n model,\n max_tokens: maxTokens,\n ...(systemPrompt ? { system: systemPrompt } : {}),\n messages,\n ...(tools.length > 0 ? { tools } : {}),\n });\n\n // If stop_reason is \"end_turn\" — Claude is done\n if (response.stop_reason === 'end_turn' || response.stop_reason !== 'tool_use') {\n const textBlocks = response.content.filter((b: any) => b.type === 'text');\n return textBlocks.map((b: any) => b.text).join('') || '';\n }\n\n // Extract tool_use blocks and execute\n const toolUseBlocks = response.content.filter((b: any) => b.type === 'tool_use');\n const toolResults = await registry.executeToolUseBlocks(toolUseBlocks);\n\n // Append assistant response and tool results to conversation\n messages.push({ role: 'assistant', content: response.content });\n messages.push({ role: 'user', content: toolResults });\n }\n\n return '';\n}\n\n// ─── Agent Registration Helper ───────────────────────────────────────────\n\n/**\n * Registers a new agent with Vorim and returns a ready-to-use tool registry\n * configured for Anthropic/Claude.\n *\n * @example\n * ```ts\n * const { agentId, registry } = await createVorimClaudeAgent({\n * vorim,\n * name: \"claude-assistant\",\n * capabilities: [\"search\", \"calculate\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * tools: [searchTool, calcTool],\n * });\n * ```\n */\nexport async function createVorimClaudeAgent(config: {\n vorim: VorimSDK;\n name: string;\n description?: string;\n capabilities: string[];\n scopes: PermissionScope[];\n tools: VorimToolDefinition[];\n}) {\n const { vorim, name, description, capabilities, scopes, tools } = config;\n\n const registration = await vorim.register({\n name,\n description,\n capabilities,\n scopes,\n });\n\n const agentId = registration.agent.agent_id;\n const registry = new VorimToolRegistry({ vorim, agentId });\n registry.addAll(tools);\n\n return {\n agentId,\n registration,\n registry,\n privateKey: registration.private_key,\n };\n}\n\n// ─── Helpers ──────────────────────────────────────────────────────────────\n\nfunction truncate(str: string, max: number): string {\n return str.length > max ? str.slice(0, max) + '…' : str;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA0GO,IAAM,oBAAN,MAAwB;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,QAAQ,oBAAI,IAAiC;AAAA,EAErD,YAAY,QAA8B;AACxC,SAAK,QAAQ,OAAO;AACpB,SAAK,UAAU,OAAO;AACtB,SAAK,oBAAoB,OAAO,qBAAqB;AACrD,SAAK,aAAa,OAAO,cAAc;AAAA,EACzC;AAAA;AAAA,EAGA,IAAoB,YAAuD;AACzE,SAAK,MAAM,IAAI,WAAW,MAAM,UAAiC;AACjE,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAO,aAA0C;AAC/C,eAAW,OAAO,YAAa,MAAK,IAAI,GAAG;AAC3C,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,mBAAoC;AAClC,WAAO,CAAC,GAAG,KAAK,MAAM,OAAO,CAAC,EAAE,IAAI,QAAM;AAAA,MACxC,MAAM,EAAE;AAAA,MACR,aAAa,EAAE;AAAA,MACf,cAAc,EAAE;AAAA,IAClB,EAAE;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,qBAAqB,eAA2D;AACpF,WAAO,QAAQ;AAAA,MACb,cAAc,IAAI,WAAS,KAAK,mBAAmB,KAAK,CAAC;AAAA,IAC3D;AAAA,EACF;AAAA,EAEA,MAAc,mBAAmB,OAA+C;AAC9E,UAAM,aAAa,KAAK,MAAM,IAAI,MAAM,IAAI;AAE5C,QAAI,CAAC,YAAY;AACf,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,iBAAiB,MAAM,IAAI,GAAG,CAAC;AAAA,QAChE,UAAU;AAAA,MACZ;AAAA,IACF;AAEA,UAAM,QAAQ,WAAW,cAAc,KAAK;AAG5C,UAAM,EAAE,SAAS,OAAO,IAAI,MAAM,KAAK,MAAM,MAAM,KAAK,SAAS,KAAK;AAEtE,QAAI,CAAC,SAAS;AACZ,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,UAAU,EAAE,QAAQ,WAAW,YAAY;AAAA,MAC7C;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,sBAAsB,KAAK,GAAG,SAAS,WAAM,MAAM,KAAK,EAAE,GAAG,CAAC;AAAA,QAC/F,UAAU;AAAA,MACZ;AAAA,IACF;AAGA,UAAM,QAAQ,KAAK,IAAI;AACvB,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,QAAQ,MAAM,KAAY;AAC1D,YAAM,UAAU,OAAO,WAAW,WAAW,SAAS,KAAK,UAAU,MAAM;AAE3E,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,UAAU,EAAE,WAAW,YAAY;AAAA,MACrC;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO,EAAE,MAAM,eAAe,aAAa,MAAM,IAAI,QAAQ;AAAA,IAC/D,SAAS,KAAK;AACZ,YAAM,SAAS,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAE9D,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,YAAY,eAAe,QAAQ,IAAI,OAAO;AAAA,QAC9C,UAAU,EAAE,OAAO,QAAQ,WAAW,YAAY;AAAA,MACpD;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,OAAO,CAAC;AAAA,QACzC,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,UAAU,OAA8B;AAC9C,SAAK,MAAM,KAAK,KAAK,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAAA,EACvC;AACF;AAgDA,eAAsB,aACpB,QAIiB;AACjB,QAAM;AAAA,IACJ;AAAA,IACA,QAAQ;AAAA,IACR;AAAA,IACA,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,QAAQ,SAAS,iBAAiB;AACxC,QAAM,WAAkB,CAAC,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAE/D,WAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,UAAM,WAAW,MAAM,UAAU,SAAS,OAAO;AAAA,MAC/C;AAAA,MACA,YAAY;AAAA,MACZ,GAAI,eAAe,EAAE,QAAQ,aAAa,IAAI,CAAC;AAAA,MAC/C;AAAA,MACA,GAAI,MAAM,SAAS,IAAI,EAAE,MAAM,IAAI,CAAC;AAAA,IACtC,CAAC;AAGD,QAAI,SAAS,gBAAgB,cAAc,SAAS,gBAAgB,YAAY;AAC9E,YAAM,aAAa,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,MAAM;AACxE,aAAO,WAAW,IAAI,CAAC,MAAW,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK;AAAA,IACxD;AAGA,UAAM,gBAAgB,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,UAAU;AAC/E,UAAM,cAAc,MAAM,SAAS,qBAAqB,aAAa;AAGrE,aAAS,KAAK,EAAE,MAAM,aAAa,SAAS,SAAS,QAAQ,CAAC;AAC9D,aAAS,KAAK,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAAA,EACtD;AAEA,SAAO;AACT;AAmBA,eAAsB,uBAAuB,QAO1C;AACD,QAAM,EAAE,OAAO,MAAM,aAAa,cAAc,QAAQ,MAAM,IAAI;AAElE,QAAM,eAAe,MAAM,MAAM,SAAS;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAU,aAAa,MAAM;AACnC,QAAM,WAAW,IAAI,kBAAkB,EAAE,OAAO,QAAQ,CAAC;AACzD,WAAS,OAAO,KAAK;AAErB,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY,aAAa;AAAA,EAC3B;AACF;AAIA,SAAS,SAAS,KAAa,KAAqB;AAClD,SAAO,IAAI,SAAS,MAAM,IAAI,MAAM,GAAG,GAAG,IAAI,WAAM;AACtD;","names":[]}
1
+ {"version":3,"sources":["../../src/integrations/anthropic.ts","../../src/replay.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — Anthropic/Claude Integration\n// Wraps Anthropic tool use with Vorim permission checks, audit trails,\n// and agent identity. Works with the Anthropic Node.js SDK (messages API\n// with tool use).\n//\n// Peer dependency: @anthropic-ai/sdk >=0.30.0\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type { PermissionScope, AuditEventInput } from '../types.js';\nimport {\n prepareReplayContext,\n type ReplayInputs,\n type ReplayContext,\n type CatalogueTool,\n} from '../replay.js';\n\n// ─── Re-declared Anthropic types (peer dependency — not bundled) ──────────\n\ninterface AnthropicTool {\n name: string;\n description: string;\n input_schema: Record<string, unknown>;\n}\n\ninterface ToolUseBlock {\n type: 'tool_use';\n id: string;\n name: string;\n input: Record<string, unknown>;\n}\n\ninterface ToolResultBlock {\n type: 'tool_result';\n tool_use_id: string;\n content: string;\n is_error?: boolean;\n}\n\n// ─── Configuration ────────────────────────────────────────────────────────\n\nexport interface VorimToolDefinition<TArgs = Record<string, unknown>, TResult = unknown> {\n /** Tool name (must match the tool name sent to Claude). */\n name: string;\n /** Description shown to Claude. */\n description: string;\n /** JSON Schema for the tool's input. */\n input_schema: Record<string, unknown>;\n /** The function to execute when the tool is called. */\n execute: (args: TArgs) => Promise<TResult>;\n /** Vorim permission scope required. @default 'agent:execute' */\n permission?: PermissionScope;\n}\n\nexport interface VorimAnthropicConfig {\n /** Vorim SDK instance. */\n vorim: VorimSDK;\n /** The Vorim agent_id. */\n agentId: string;\n /** Default permission scope for tools without an explicit one. @default 'agent:execute' */\n defaultPermission?: PermissionScope;\n /** Whether to emit audit events asynchronously (fire-and-forget). @default true */\n asyncAudit?: boolean;\n /**\n * Replayable agent decision evidence (VAIP -02). Hashes attached to\n * every audit event. If `replay.tools` is omitted, the registry's\n * own tool list is used automatically. Not covered by v0 canonical\n * signature form.\n */\n replay?: ReplayInputs;\n}\n\n// ─── Tool Registry ────────────────────────────────────────────────────────\n\n/**\n * Manages a set of tools with Vorim permission checks and audit logging.\n * Converts tools to Anthropic's tool format and handles execution of\n * tool_use blocks from Claude's response.\n *\n * @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n *\n * const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n * const anthropic = new Anthropic();\n *\n * const registry = new VorimToolRegistry({\n * vorim,\n * agentId: \"agid_acme_a1b2c3d4\",\n * });\n *\n * registry.add({\n * name: \"search_docs\",\n * description: \"Search internal documents\",\n * input_schema: {\n * type: \"object\",\n * properties: { query: { type: \"string\" } },\n * required: [\"query\"],\n * },\n * execute: async ({ query }) => searchDocs(query),\n * permission: \"agent:read\",\n * });\n *\n * const response = await anthropic.messages.create({\n * model: \"claude-sonnet-4-20250514\",\n * max_tokens: 1024,\n * messages,\n * tools: registry.toAnthropicTools(),\n * });\n *\n * // Execute tool_use blocks from response\n * const toolResults = await registry.executeToolUseBlocks(\n * response.content.filter(b => b.type === \"tool_use\")\n * );\n * ```\n */\nexport class VorimToolRegistry {\n private vorim: VorimSDK;\n private agentId: string;\n private defaultPermission: PermissionScope;\n private asyncAudit: boolean;\n private tools = new Map<string, VorimToolDefinition>();\n private replayInputs: ReplayInputs | undefined;\n private replayCache: Promise<ReplayContext> | null = null;\n\n constructor(config: VorimAnthropicConfig) {\n this.vorim = config.vorim;\n this.agentId = config.agentId;\n this.defaultPermission = config.defaultPermission ?? 'agent:execute';\n this.asyncAudit = config.asyncAudit ?? true;\n this.replayInputs = config.replay;\n }\n\n private async getReplayContext(): Promise<ReplayContext> {\n if (!this.replayInputs) return {};\n if (!this.replayCache) {\n const inputs: ReplayInputs = {\n ...this.replayInputs,\n tools: this.replayInputs.tools ?? this.deriveCatalogue(),\n };\n this.replayCache = prepareReplayContext(inputs);\n }\n return this.replayCache;\n }\n\n private deriveCatalogue(): CatalogueTool[] {\n return [...this.tools.values()].map(t => ({\n name: t.name,\n description: t.description,\n schema: t.input_schema,\n }));\n }\n\n /** Register a tool. Invalidates the cached tool-catalogue hash. */\n add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this {\n this.tools.set(definition.name, definition as VorimToolDefinition);\n this.replayCache = null;\n return this;\n }\n\n /** Register multiple tools. */\n addAll(definitions: VorimToolDefinition[]): this {\n for (const def of definitions) this.add(def);\n return this;\n }\n\n /** Convert registered tools to Anthropic's tool format. */\n toAnthropicTools(): AnthropicTool[] {\n return [...this.tools.values()].map(t => ({\n name: t.name,\n description: t.description,\n input_schema: t.input_schema,\n }));\n }\n\n /**\n * Execute tool_use blocks from a Claude message response.\n * Each call is checked against Vorim permissions and audited.\n * Returns an array of tool_result blocks ready to send back to Claude.\n */\n async executeToolUseBlocks(toolUseBlocks: ToolUseBlock[]): Promise<ToolResultBlock[]> {\n return Promise.all(\n toolUseBlocks.map(block => this.executeSingleBlock(block)),\n );\n }\n\n private async executeSingleBlock(block: ToolUseBlock): Promise<ToolResultBlock> {\n const definition = this.tools.get(block.name);\n\n if (!definition) {\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Unknown tool: ${block.name}` }),\n is_error: true,\n };\n }\n\n const scope = definition.permission ?? this.defaultPermission;\n\n // 1. Permission check\n const { allowed, reason } = await this.vorim.check(this.agentId, scope);\n const replayCtx = await this.getReplayContext();\n\n if (!allowed) {\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'denied',\n metadata: { reason, framework: 'anthropic' },\n ...replayCtx,\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Permission denied: ${scope}${reason ? ` — ${reason}` : ''}` }),\n is_error: true,\n };\n }\n\n // 2. Execute\n const start = Date.now();\n try {\n const result = await definition.execute(block.input as any);\n const content = typeof result === 'string' ? result : JSON.stringify(result);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'success',\n latency_ms: Date.now() - start,\n metadata: { framework: 'anthropic' },\n ...replayCtx,\n };\n this.emitAudit(event);\n\n return { type: 'tool_result', tool_use_id: block.id, content };\n } catch (err) {\n const errMsg = err instanceof Error ? err.message : String(err);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'error',\n latency_ms: Date.now() - start,\n error_code: err instanceof Error ? err.name : 'UNKNOWN',\n metadata: { error: errMsg, framework: 'anthropic' },\n ...replayCtx,\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: errMsg }),\n is_error: true,\n };\n }\n }\n\n private emitAudit(event: AuditEventInput): void {\n this.vorim.emit(event).catch(() => {});\n }\n}\n\n// ─── Agent Loop ───────────────────────────────────────────────────────────\n\n/** Minimal Anthropic client interface (avoids importing the full SDK). */\ninterface AnthropicClient {\n messages: {\n create(params: any): Promise<any>;\n };\n}\n\nexport interface VorimAgentLoopConfig extends VorimAnthropicConfig {\n /** Anthropic client instance. */\n anthropic: AnthropicClient;\n /** Model to use. @default 'claude-sonnet-4-20250514' */\n model?: string;\n /** System prompt for the agent. */\n systemPrompt?: string;\n /** Maximum tool-use iterations before stopping. @default 10 */\n maxIterations?: number;\n /** Max tokens per response. @default 1024 */\n maxTokens?: number;\n}\n\n/**\n * Runs a complete agent loop with Claude tool use, Vorim\n * permission enforcement, and audit logging.\n *\n * @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { runAgentLoop, VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n *\n * const registry = new VorimToolRegistry({ vorim, agentId });\n * registry.add({ name: \"search\", ... });\n *\n * const response = await runAgentLoop({\n * vorim,\n * agentId,\n * anthropic: new Anthropic(),\n * model: \"claude-sonnet-4-20250514\",\n * systemPrompt: \"You are a helpful assistant.\",\n * registry,\n * userMessage: \"Find docs about onboarding\",\n * });\n * ```\n */\nexport async function runAgentLoop(\n config: VorimAgentLoopConfig & {\n registry: VorimToolRegistry;\n userMessage: string;\n },\n): Promise<string> {\n const {\n anthropic,\n model = 'claude-sonnet-4-20250514',\n systemPrompt,\n maxIterations = 10,\n maxTokens = 1024,\n registry,\n userMessage,\n } = config;\n\n const tools = registry.toAnthropicTools();\n const messages: any[] = [{ role: 'user', content: userMessage }];\n\n for (let i = 0; i < maxIterations; i++) {\n const response = await anthropic.messages.create({\n model,\n max_tokens: maxTokens,\n ...(systemPrompt ? { system: systemPrompt } : {}),\n messages,\n ...(tools.length > 0 ? { tools } : {}),\n });\n\n // If stop_reason is \"end_turn\" — Claude is done\n if (response.stop_reason === 'end_turn' || response.stop_reason !== 'tool_use') {\n const textBlocks = response.content.filter((b: any) => b.type === 'text');\n return textBlocks.map((b: any) => b.text).join('') || '';\n }\n\n // Extract tool_use blocks and execute\n const toolUseBlocks = response.content.filter((b: any) => b.type === 'tool_use');\n const toolResults = await registry.executeToolUseBlocks(toolUseBlocks);\n\n // Append assistant response and tool results to conversation\n messages.push({ role: 'assistant', content: response.content });\n messages.push({ role: 'user', content: toolResults });\n }\n\n return '';\n}\n\n// ─── Agent Registration Helper ───────────────────────────────────────────\n\n/**\n * Registers a new agent with Vorim and returns a ready-to-use tool registry\n * configured for Anthropic/Claude.\n *\n * @example\n * ```ts\n * const { agentId, registry } = await createVorimClaudeAgent({\n * vorim,\n * name: \"claude-assistant\",\n * capabilities: [\"search\", \"calculate\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * tools: [searchTool, calcTool],\n * });\n * ```\n */\nexport async function createVorimClaudeAgent(config: {\n vorim: VorimSDK;\n name: string;\n description?: string;\n capabilities: string[];\n scopes: PermissionScope[];\n tools: VorimToolDefinition[];\n}) {\n const { vorim, name, description, capabilities, scopes, tools } = config;\n\n const registration = await vorim.register({\n name,\n description,\n capabilities,\n scopes,\n });\n\n const agentId = registration.agent.agent_id;\n const registry = new VorimToolRegistry({ vorim, agentId });\n registry.addAll(tools);\n\n return {\n agentId,\n registration,\n registry,\n privateKey: registration.private_key,\n };\n}\n\n// ─── Helpers ──────────────────────────────────────────────────────────────\n\nfunction truncate(str: string, max: number): string {\n return str.length > max ? str.slice(0, max) + '…' : str;\n}\n","/**\n * Replayable agent decision evidence helpers.\n *\n * Canonical-form hashing for the VAIP -02 schema fields that the SDK\n * attaches to audit events. The hashes recorded in audit_events.tool_catalogue_hash\n * and audit_events.system_prompt_hash use these functions, so the bytes\n * an auditor or counterparty reconstructs must match what the SDK produced.\n *\n * These helpers are intentionally separate from the signing path. The\n * v0 canonical signature form (event_type|action|resource|input_hash|\n * output_hash|result) does NOT cover model_version, tool_catalogue_hash,\n * or system_prompt_hash. They will enter the canonical bytes in v1\n * (RFC 8785 JCS) in a follow-up release.\n *\n * Stable across SDK versions: the canonical-form version is documented\n * in CANONICAL_TOOL_CATALOGUE_VERSION. Future changes get a v2 etc;\n * never edit the existing v1 logic, or already-recorded hashes lose\n * their meaning.\n */\n\n// ─── Versioning ───────────────────────────────────────────────────────────\n\n/**\n * Canonical-form version for tool catalogue hashes produced by this SDK.\n * Recorded in tool_catalogue_canon_version on the event metadata (when\n * the metadata field is used) so verifiers know which hash recipe to\n * reproduce. Increment ONLY if the algorithm changes in a way that\n * would change the hash for the same logical catalogue.\n */\nexport const CANONICAL_TOOL_CATALOGUE_VERSION = 'v1' as const;\n\n// ─── Types ────────────────────────────────────────────────────────────────\n\n/**\n * Minimum shape a tool needs for catalogue hashing. The framework\n * integrations adapt their native tool objects to this shape before\n * calling hashToolCatalogue.\n */\nexport interface CatalogueTool {\n /** The name the model sees and calls. Required. */\n name: string;\n /** Human-readable description shown to the model. Optional; absent ↔ empty string. */\n description?: string;\n /**\n * JSON Schema describing the tool's input parameters. Optional;\n * absent ↔ empty object `{}`. The schema gets RFC 8785 JCS-canonicalised\n * before hashing so semantically-equivalent variations (key order,\n * whitespace) produce the same hash.\n */\n schema?: Record<string, unknown> | null;\n}\n\n// ─── RFC 8785 JCS subset ──────────────────────────────────────────────────\n\n/**\n * RFC 8785 JSON Canonicalization Scheme, sufficient subset for tool\n * catalogue values.\n *\n * Rules:\n * - Object keys sorted lexicographically by UTF-16 code units (which\n * is what JS string comparison does naturally).\n * - No whitespace between tokens.\n * - Numbers: integers as integers, finite floats per ECMAScript\n * Number.prototype.toString. JCS forbids NaN and Infinity.\n * - Strings: JSON-escape using minimal set per RFC 8259 § 7.\n * - null, true, false, arrays: as JSON.stringify produces them, since\n * JSON.stringify already produces the canonical form for these.\n *\n * Not vendoring a full library because tool schemas don't carry\n * non-integer numbers in practice and the JS spec for Number.toString\n * happens to coincide with JCS § 3.2.2.2 for the integer case.\n */\nexport function jcsCanonicalise(value: unknown): string {\n if (value === null) return 'null';\n if (value === true) return 'true';\n if (value === false) return 'false';\n\n if (typeof value === 'number') {\n if (!Number.isFinite(value)) {\n throw new Error('jcsCanonicalise: NaN and Infinity are not JCS-valid');\n }\n // For integers in safe range, .toString() matches JCS. For\n // non-integer floats, .toString() also matches in modern JS\n // engines (V8, JavaScriptCore, SpiderMonkey all use the shortest\n // round-trip representation, which is what JCS § 3.2.2.2 requires).\n return value.toString();\n }\n\n if (typeof value === 'string') {\n return JSON.stringify(value);\n }\n\n if (Array.isArray(value)) {\n return '[' + value.map(jcsCanonicalise).join(',') + ']';\n }\n\n if (typeof value === 'object') {\n const keys = Object.keys(value as Record<string, unknown>).sort();\n const parts = keys.map(k => {\n return JSON.stringify(k) + ':' + jcsCanonicalise((value as Record<string, unknown>)[k]);\n });\n return '{' + parts.join(',') + '}';\n }\n\n // undefined, function, symbol, bigint — not JSON-representable\n throw new Error(`jcsCanonicalise: unsupported value type: ${typeof value}`);\n}\n\n// ─── SHA-256 ──────────────────────────────────────────────────────────────\n\nasync function sha256Hex(input: string | Uint8Array): Promise<string> {\n const bytes = typeof input === 'string' ? new TextEncoder().encode(input) : input;\n\n // Node.js Web Crypto (Node 18+) supports digest. Browser Web Crypto does too.\n // Fall back to node:crypto if Web Crypto is unavailable.\n const subtle = (globalThis as any).crypto?.subtle;\n if (subtle) {\n const buf = await subtle.digest('SHA-256', bytes);\n return Array.from(new Uint8Array(buf))\n .map(b => b.toString(16).padStart(2, '0'))\n .join('');\n }\n\n // Node fallback\n const nodeCrypto = await import('node:crypto');\n return nodeCrypto.createHash('sha256').update(bytes).digest('hex');\n}\n\n// ─── Public API ───────────────────────────────────────────────────────────\n\n/**\n * Hash a single tool definition. Returns `sha256:<hex>`.\n *\n * Canonical form (v1):\n * JCS-canonicalised JSON of `{name, description, schema}` where\n * absent fields substitute `description: \"\"` and `schema: {}`.\n */\nexport async function hashTool(tool: CatalogueTool): Promise<string> {\n const normalised = {\n name: tool.name,\n description: tool.description ?? '',\n schema: tool.schema ?? {},\n };\n const hex = await sha256Hex(jcsCanonicalise(normalised));\n return `sha256:${hex}`;\n}\n\n/**\n * Hash an entire tool catalogue. Returns `sha256:<hex>`.\n *\n * Reordering tools does NOT change the hash (tool hashes sorted\n * lexicographically before concatenation). Adding, removing, or\n * modifying a tool DOES change the hash.\n *\n * Per-tool hashing first means a verifier comparing two catalogue\n * hashes that differ can also be given the per-tool hashes to\n * identify which specific tool changed.\n */\nexport async function hashToolCatalogue(tools: CatalogueTool[]): Promise<string> {\n if (tools.length === 0) {\n // Empty catalogue has a deterministic, stable hash distinct from \"no field\"\n return `sha256:${await sha256Hex('[]')}`;\n }\n const perTool = await Promise.all(tools.map(hashTool));\n perTool.sort();\n const hex = await sha256Hex(perTool.join(''));\n return `sha256:${hex}`;\n}\n\n/**\n * Hash a system prompt. Returns `sha256:<hex>`.\n *\n * The prompt is UTF-8 encoded and hashed verbatim — no normalisation.\n * If a caller wants to ignore whitespace or comment differences, they\n * should normalise before calling. The intent here is deterministic\n * reproducibility, not semantic equivalence.\n */\nexport async function hashSystemPrompt(prompt: string): Promise<string> {\n const hex = await sha256Hex(prompt);\n return `sha256:${hex}`;\n}\n\n/**\n * Convenience: hash the previous event's canonical bytes for use in\n * the prev_event_hash field of hash-chained ingest. Caller provides\n * the canonical bytes (use canonicalPayloadV0 from the main module).\n */\nexport async function hashPreviousEvent(canonicalBytes: string): Promise<string> {\n const hex = await sha256Hex(canonicalBytes);\n return `sha256:${hex}`;\n}\n\n// ─── Replay context — framework integration helper ────────────────────────\n\n/**\n * Raw inputs the integration captures from the framework. Set by the\n * integration's config; turned into hashes by {@link prepareReplayContext}.\n */\nexport interface ReplayInputs {\n /** Stable identifier for the model. E.g. `\"anthropic:claude-opus-4-8\"`. */\n modelVersion?: string;\n /** Tools available to the agent at call time. Hashed via {@link hashToolCatalogue}. */\n tools?: CatalogueTool[];\n /** System prompt active at call time. Hashed via {@link hashSystemPrompt}. */\n systemPrompt?: string;\n}\n\n/**\n * Pre-computed hashes ready to attach to audit events. The three keys\n * match the audit_events column names.\n */\nexport interface ReplayContext {\n model_version?: string;\n tool_catalogue_hash?: string;\n system_prompt_hash?: string;\n}\n\n/**\n * Compute replay context once from raw inputs. Use at integration\n * setup time so each emit can attach the hashes without re-hashing.\n *\n * Returns an object suitable for spreading into an AuditEventInput:\n * `await vorim.emit({ ...event, ...replayContext })`\n *\n * If a field is absent in the inputs, it is absent in the result\n * (not the empty string). That keeps the event lean.\n */\nexport async function prepareReplayContext(\n inputs: ReplayInputs,\n): Promise<ReplayContext> {\n const ctx: ReplayContext = {};\n if (inputs.modelVersion) ctx.model_version = inputs.modelVersion;\n if (inputs.tools) ctx.tool_catalogue_hash = await hashToolCatalogue(inputs.tools);\n if (inputs.systemPrompt) ctx.system_prompt_hash = await hashSystemPrompt(inputs.systemPrompt);\n return ctx;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACwEO,SAAS,gBAAgB,OAAwB;AACtD,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,UAAU,MAAO,QAAO;AAE5B,MAAI,OAAO,UAAU,UAAU;AAC7B,QAAI,CAAC,OAAO,SAAS,KAAK,GAAG;AAC3B,YAAM,IAAI,MAAM,qDAAqD;AAAA,IACvE;AAKA,WAAO,MAAM,SAAS;AAAA,EACxB;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO,KAAK,UAAU,KAAK;AAAA,EAC7B;AAEA,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,WAAO,MAAM,MAAM,IAAI,eAAe,EAAE,KAAK,GAAG,IAAI;AAAA,EACtD;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,OAAO,OAAO,KAAK,KAAgC,EAAE,KAAK;AAChE,UAAM,QAAQ,KAAK,IAAI,OAAK;AAC1B,aAAO,KAAK,UAAU,CAAC,IAAI,MAAM,gBAAiB,MAAkC,CAAC,CAAC;AAAA,IACxF,CAAC;AACD,WAAO,MAAM,MAAM,KAAK,GAAG,IAAI;AAAA,EACjC;AAGA,QAAM,IAAI,MAAM,4CAA4C,OAAO,KAAK,EAAE;AAC5E;AAIA,eAAe,UAAU,OAA6C;AACpE,QAAM,QAAQ,OAAO,UAAU,WAAW,IAAI,YAAY,EAAE,OAAO,KAAK,IAAI;AAI5E,QAAM,SAAU,WAAmB,QAAQ;AAC3C,MAAI,QAAQ;AACV,UAAM,MAAM,MAAM,OAAO,OAAO,WAAW,KAAK;AAChD,WAAO,MAAM,KAAK,IAAI,WAAW,GAAG,CAAC,EAClC,IAAI,OAAK,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EACxC,KAAK,EAAE;AAAA,EACZ;AAGA,QAAM,aAAa,MAAM,OAAO,QAAa;AAC7C,SAAO,WAAW,WAAW,QAAQ,EAAE,OAAO,KAAK,EAAE,OAAO,KAAK;AACnE;AAWA,eAAsB,SAAS,MAAsC;AACnE,QAAM,aAAa;AAAA,IACjB,MAAM,KAAK;AAAA,IACX,aAAa,KAAK,eAAe;AAAA,IACjC,QAAQ,KAAK,UAAU,CAAC;AAAA,EAC1B;AACA,QAAM,MAAM,MAAM,UAAU,gBAAgB,UAAU,CAAC;AACvD,SAAO,UAAU,GAAG;AACtB;AAaA,eAAsB,kBAAkB,OAAyC;AAC/E,MAAI,MAAM,WAAW,GAAG;AAEtB,WAAO,UAAU,MAAM,UAAU,IAAI,CAAC;AAAA,EACxC;AACA,QAAM,UAAU,MAAM,QAAQ,IAAI,MAAM,IAAI,QAAQ,CAAC;AACrD,UAAQ,KAAK;AACb,QAAM,MAAM,MAAM,UAAU,QAAQ,KAAK,EAAE,CAAC;AAC5C,SAAO,UAAU,GAAG;AACtB;AAUA,eAAsB,iBAAiB,QAAiC;AACtE,QAAM,MAAM,MAAM,UAAU,MAAM;AAClC,SAAO,UAAU,GAAG;AACtB;AA+CA,eAAsB,qBACpB,QACwB;AACxB,QAAM,MAAqB,CAAC;AAC5B,MAAI,OAAO,aAAc,KAAI,gBAAgB,OAAO;AACpD,MAAI,OAAO,MAAO,KAAI,sBAAsB,MAAM,kBAAkB,OAAO,KAAK;AAChF,MAAI,OAAO,aAAc,KAAI,qBAAqB,MAAM,iBAAiB,OAAO,YAAY;AAC5F,SAAO;AACT;;;ADpHO,IAAM,oBAAN,MAAwB;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,QAAQ,oBAAI,IAAiC;AAAA,EAC7C;AAAA,EACA,cAA6C;AAAA,EAErD,YAAY,QAA8B;AACxC,SAAK,QAAQ,OAAO;AACpB,SAAK,UAAU,OAAO;AACtB,SAAK,oBAAoB,OAAO,qBAAqB;AACrD,SAAK,aAAa,OAAO,cAAc;AACvC,SAAK,eAAe,OAAO;AAAA,EAC7B;AAAA,EAEA,MAAc,mBAA2C;AACvD,QAAI,CAAC,KAAK,aAAc,QAAO,CAAC;AAChC,QAAI,CAAC,KAAK,aAAa;AACrB,YAAM,SAAuB;AAAA,QAC3B,GAAG,KAAK;AAAA,QACR,OAAO,KAAK,aAAa,SAAS,KAAK,gBAAgB;AAAA,MACzD;AACA,WAAK,cAAc,qBAAqB,MAAM;AAAA,IAChD;AACA,WAAO,KAAK;AAAA,EACd;AAAA,EAEQ,kBAAmC;AACzC,WAAO,CAAC,GAAG,KAAK,MAAM,OAAO,CAAC,EAAE,IAAI,QAAM;AAAA,MACxC,MAAM,EAAE;AAAA,MACR,aAAa,EAAE;AAAA,MACf,QAAQ,EAAE;AAAA,IACZ,EAAE;AAAA,EACJ;AAAA;AAAA,EAGA,IAAoB,YAAuD;AACzE,SAAK,MAAM,IAAI,WAAW,MAAM,UAAiC;AACjE,SAAK,cAAc;AACnB,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAO,aAA0C;AAC/C,eAAW,OAAO,YAAa,MAAK,IAAI,GAAG;AAC3C,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,mBAAoC;AAClC,WAAO,CAAC,GAAG,KAAK,MAAM,OAAO,CAAC,EAAE,IAAI,QAAM;AAAA,MACxC,MAAM,EAAE;AAAA,MACR,aAAa,EAAE;AAAA,MACf,cAAc,EAAE;AAAA,IAClB,EAAE;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,qBAAqB,eAA2D;AACpF,WAAO,QAAQ;AAAA,MACb,cAAc,IAAI,WAAS,KAAK,mBAAmB,KAAK,CAAC;AAAA,IAC3D;AAAA,EACF;AAAA,EAEA,MAAc,mBAAmB,OAA+C;AAC9E,UAAM,aAAa,KAAK,MAAM,IAAI,MAAM,IAAI;AAE5C,QAAI,CAAC,YAAY;AACf,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,iBAAiB,MAAM,IAAI,GAAG,CAAC;AAAA,QAChE,UAAU;AAAA,MACZ;AAAA,IACF;AAEA,UAAM,QAAQ,WAAW,cAAc,KAAK;AAG5C,UAAM,EAAE,SAAS,OAAO,IAAI,MAAM,KAAK,MAAM,MAAM,KAAK,SAAS,KAAK;AACtE,UAAM,YAAY,MAAM,KAAK,iBAAiB;AAE9C,QAAI,CAAC,SAAS;AACZ,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,UAAU,EAAE,QAAQ,WAAW,YAAY;AAAA,QAC3C,GAAG;AAAA,MACL;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,sBAAsB,KAAK,GAAG,SAAS,WAAM,MAAM,KAAK,EAAE,GAAG,CAAC;AAAA,QAC/F,UAAU;AAAA,MACZ;AAAA,IACF;AAGA,UAAM,QAAQ,KAAK,IAAI;AACvB,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,QAAQ,MAAM,KAAY;AAC1D,YAAM,UAAU,OAAO,WAAW,WAAW,SAAS,KAAK,UAAU,MAAM;AAE3E,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,UAAU,EAAE,WAAW,YAAY;AAAA,QACnC,GAAG;AAAA,MACL;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO,EAAE,MAAM,eAAe,aAAa,MAAM,IAAI,QAAQ;AAAA,IAC/D,SAAS,KAAK;AACZ,YAAM,SAAS,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAE9D,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,YAAY,eAAe,QAAQ,IAAI,OAAO;AAAA,QAC9C,UAAU,EAAE,OAAO,QAAQ,WAAW,YAAY;AAAA,QAClD,GAAG;AAAA,MACL;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,OAAO,CAAC;AAAA,QACzC,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,UAAU,OAA8B;AAC9C,SAAK,MAAM,KAAK,KAAK,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAAA,EACvC;AACF;AAgDA,eAAsB,aACpB,QAIiB;AACjB,QAAM;AAAA,IACJ;AAAA,IACA,QAAQ;AAAA,IACR;AAAA,IACA,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,QAAQ,SAAS,iBAAiB;AACxC,QAAM,WAAkB,CAAC,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAE/D,WAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,UAAM,WAAW,MAAM,UAAU,SAAS,OAAO;AAAA,MAC/C;AAAA,MACA,YAAY;AAAA,MACZ,GAAI,eAAe,EAAE,QAAQ,aAAa,IAAI,CAAC;AAAA,MAC/C;AAAA,MACA,GAAI,MAAM,SAAS,IAAI,EAAE,MAAM,IAAI,CAAC;AAAA,IACtC,CAAC;AAGD,QAAI,SAAS,gBAAgB,cAAc,SAAS,gBAAgB,YAAY;AAC9E,YAAM,aAAa,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,MAAM;AACxE,aAAO,WAAW,IAAI,CAAC,MAAW,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK;AAAA,IACxD;AAGA,UAAM,gBAAgB,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,UAAU;AAC/E,UAAM,cAAc,MAAM,SAAS,qBAAqB,aAAa;AAGrE,aAAS,KAAK,EAAE,MAAM,aAAa,SAAS,SAAS,QAAQ,CAAC;AAC9D,aAAS,KAAK,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAAA,EACtD;AAEA,SAAO;AACT;AAmBA,eAAsB,uBAAuB,QAO1C;AACD,QAAM,EAAE,OAAO,MAAM,aAAa,cAAc,QAAQ,MAAM,IAAI;AAElE,QAAM,eAAe,MAAM,MAAM,SAAS;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAU,aAAa,MAAM;AACnC,QAAM,WAAW,IAAI,kBAAkB,EAAE,OAAO,QAAQ,CAAC;AACzD,WAAS,OAAO,KAAK;AAErB,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY,aAAa;AAAA,EAC3B;AACF;AAIA,SAAS,SAAS,KAAa,KAAqB;AAClD,SAAO,IAAI,SAAS,MAAM,IAAI,MAAM,GAAG,GAAG,IAAI,WAAM;AACtD;","names":[]}
package/dist/integrations/anthropic.d.cts CHANGED
@@ -1,4 +1,4 @@
1
- import { VorimSDK, PermissionScope, AgentRegistrationResult } from '../index.cjs';
1
+ import { VorimSDK, PermissionScope, ReplayInputs, AgentRegistrationResult } from '../index.cjs';
2
2
 
3
3
  interface AnthropicTool {
4
4
  name: string;
@@ -38,6 +38,13 @@ interface VorimAnthropicConfig {
38
38
  defaultPermission?: PermissionScope;
39
39
  /** Whether to emit audit events asynchronously (fire-and-forget). @default true */
40
40
  asyncAudit?: boolean;
41
+ /**
42
+ * Replayable agent decision evidence (VAIP -02). Hashes attached to
43
+ * every audit event. If `replay.tools` is omitted, the registry's
44
+ * own tool list is used automatically. Not covered by v0 canonical
45
+ * signature form.
46
+ */
47
+ replay?: ReplayInputs;
41
48
  }
42
49
  /**
43
50
  * Manages a set of tools with Vorim permission checks and audit logging.
@@ -89,8 +96,12 @@ declare class VorimToolRegistry {
89
96
  private defaultPermission;
90
97
  private asyncAudit;
91
98
  private tools;
99
+ private replayInputs;
100
+ private replayCache;
92
101
  constructor(config: VorimAnthropicConfig);
93
- /** Register a tool. */
102
+ private getReplayContext;
103
+ private deriveCatalogue;
104
+ /** Register a tool. Invalidates the cached tool-catalogue hash. */
94
105
  add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this;
95
106
  /** Register multiple tools. */
96
107
  addAll(definitions: VorimToolDefinition[]): this;
package/dist/integrations/anthropic.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { VorimSDK, PermissionScope, AgentRegistrationResult } from '../index.js';
1
+ import { VorimSDK, PermissionScope, ReplayInputs, AgentRegistrationResult } from '../index.js';
2
2
 
3
3
  interface AnthropicTool {
4
4
  name: string;
@@ -38,6 +38,13 @@ interface VorimAnthropicConfig {
38
38
  defaultPermission?: PermissionScope;
39
39
  /** Whether to emit audit events asynchronously (fire-and-forget). @default true */
40
40
  asyncAudit?: boolean;
41
+ /**
42
+ * Replayable agent decision evidence (VAIP -02). Hashes attached to
43
+ * every audit event. If `replay.tools` is omitted, the registry's
44
+ * own tool list is used automatically. Not covered by v0 canonical
45
+ * signature form.
46
+ */
47
+ replay?: ReplayInputs;
41
48
  }
42
49
  /**
43
50
  * Manages a set of tools with Vorim permission checks and audit logging.
@@ -89,8 +96,12 @@ declare class VorimToolRegistry {
89
96
  private defaultPermission;
90
97
  private asyncAudit;
91
98
  private tools;
99
+ private replayInputs;
100
+ private replayCache;
92
101
  constructor(config: VorimAnthropicConfig);
93
- /** Register a tool. */
102
+ private getReplayContext;
103
+ private deriveCatalogue;
104
+ /** Register a tool. Invalidates the cached tool-catalogue hash. */
94
105
  add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this;
95
106
  /** Register multiple tools. */
96
107
  addAll(definitions: VorimToolDefinition[]): this;