@vorionsys/basis 1.0.1

package/dist/validation-gate.test.js

@@ -0,0 +1,419 @@
+/**
+ * Tests for BASIS Validation Gate
+ */
+import { describe, it, expect } from 'vitest';
+import { validateAgent, isValidAgent, createValidationGate, strictValidationGate, productionValidationGate, GateDecision, ValidationSeverity, scoreToTier, } from './validation-gate';
+import { TrustTier } from './trust-factors';
+describe('ValidationGate', () => {
+    // =============================================================================
+    // BASIC VALIDATION TESTS
+    // =============================================================================
+    describe('validateAgent', () => {
+        it('should PASS a valid manifest', () => {
+            const manifest = {
+                agentId: 'a3i.acme-corp.invoice-bot:ABF-L3@1.0.0',
+                organization: 'acme-corp',
+                agentClass: 'invoice-bot',
+                domains: ['A', 'B', 'F'],
+                capabilityLevel: 3,
+                version: '1.0.0',
+                trustScore: 450,
+            };
+            const result = validateAgent(manifest);
+            expect(result.decision).toBe(GateDecision.PASS);
+            expect(result.valid).toBe(true);
+            expect(result.errors).toHaveLength(0);
+        });
+        it('should REJECT manifest missing required agentId', () => {
+            const manifest = {
+                organization: 'acme-corp',
+                trustScore: 450,
+            };
+            const result = validateAgent(manifest);
+            expect(result.decision).toBe(GateDecision.REJECT);
+            expect(result.valid).toBe(false);
+            expect(result.errors.length).toBeGreaterThan(0);
+        });
+        it('should include timing information', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest);
+            expect(result.validatedAt).toBeInstanceOf(Date);
+            expect(result.durationMs).toBeGreaterThanOrEqual(0);
+        });
+        it('should detect invalid CAR format', () => {
+            const manifest = {
+                agentId: 'invalid-format:missing-parts@1.0.0',
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest);
+            const formatIssue = result.issues.find((i) => i.code === 'INVALID_CAR_FORMAT');
+            expect(formatIssue).toBeDefined();
+        });
+        it('should accept simple ID format with info note', () => {
+            const manifest = {
+                agentId: 'simple-agent-id',
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest);
+            expect(result.valid).toBe(true);
+            const infoIssue = result.issues.find((i) => i.code === 'SIMPLE_ID_FORMAT');
+            expect(infoIssue).toBeDefined();
+            expect(infoIssue?.severity).toBe(ValidationSeverity.INFO);
+        });
+    });
+    // =============================================================================
+    // TRUST TIER VALIDATION
+    // =============================================================================
+    describe('trust tier validation', () => {
+        it('should calculate trust tier from score', () => {
+            // T0: 0-199
+            expect(scoreToTier(0)).toBe(TrustTier.T0_SANDBOX);
+            expect(scoreToTier(199)).toBe(TrustTier.T0_SANDBOX);
+            // T1: 200-349
+            expect(scoreToTier(200)).toBe(TrustTier.T1_OBSERVED);
+            expect(scoreToTier(349)).toBe(TrustTier.T1_OBSERVED);
+            // T2: 350-500
+            expect(scoreToTier(350)).toBe(TrustTier.T2_PROVISIONAL);
+            expect(scoreToTier(500)).toBe(TrustTier.T2_PROVISIONAL);
+            // T3: 501-649
+            expect(scoreToTier(501)).toBe(TrustTier.T3_MONITORED);
+            expect(scoreToTier(649)).toBe(TrustTier.T3_MONITORED);
+            // T4: 650-799
+            expect(scoreToTier(650)).toBe(TrustTier.T4_STANDARD);
+            expect(scoreToTier(799)).toBe(TrustTier.T4_STANDARD);
+            // T5: 800-875
+            expect(scoreToTier(800)).toBe(TrustTier.T5_TRUSTED);
+            expect(scoreToTier(875)).toBe(TrustTier.T5_TRUSTED);
+            // T6: 876-950
+            expect(scoreToTier(876)).toBe(TrustTier.T6_CERTIFIED);
+            expect(scoreToTier(950)).toBe(TrustTier.T6_CERTIFIED);
+            // T7: 951-1000
+            expect(scoreToTier(951)).toBe(TrustTier.T7_AUTONOMOUS);
+            expect(scoreToTier(1000)).toBe(TrustTier.T7_AUTONOMOUS);
+        });
+        it('should REJECT when trust tier is below minimum', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 100, // T0
+            };
+            const result = validateAgent(manifest, undefined, {
+                minimumTrustTier: TrustTier.T3_MONITORED,
+            });
+            expect(result.decision).toBe(GateDecision.REJECT);
+            expect(result.errors.some((e) => e.code === 'INSUFFICIENT_TRUST_TIER')).toBe(true);
+        });
+        it('should PASS when trust tier meets minimum', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 700, // T4 (650-799)
+            };
+            const result = validateAgent(manifest, undefined, {
+                minimumTrustTier: TrustTier.T3_MONITORED,
+            });
+            expect(result.decision).toBe(GateDecision.PASS);
+            expect(result.trustTier).toBe(TrustTier.T4_STANDARD);
+        });
+        it('should warn when trust score is missing', () => {
+            const manifest = {
+                agentId: 'test-agent',
+            };
+            const result = validateAgent(manifest);
+            expect(result.warnings.some((w) => w.code === 'MISSING_TRUST_SCORE')).toBe(true);
+        });
+    });
+    // =============================================================================
+    // PROFILE VALIDATION
+    // =============================================================================
+    describe('profile validation', () => {
+        const validProfile = {
+            agentId: 'a3i.acme-corp.invoice-bot:ABF-L3@1.0.0',
+            organization: 'acme-corp',
+            agentClass: 'invoice-bot',
+            approvedDomains: ['A', 'B', 'F'],
+            maxCapabilityLevel: 4,
+            approvedCapabilities: ['CAP-READ-PUBLIC', 'CAP-DB-READ', 'CAP-WRITE-APPROVED'],
+            trustScore: 500,
+            registeredAt: new Date('2024-01-01'),
+        };
+        it('should PASS when manifest matches profile', () => {
+            const manifest = {
+                agentId: 'a3i.acme-corp.invoice-bot:ABF-L3@1.0.0',
+                organization: 'acme-corp',
+                agentClass: 'invoice-bot',
+                domains: ['A', 'B'],
+                capabilityLevel: 3,
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest, validProfile);
+            expect(result.decision).toBe(GateDecision.PASS);
+            expect(result.valid).toBe(true);
+        });
+        it('should REJECT when organization mismatches', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                organization: 'evil-corp',
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest, validProfile);
+            expect(result.decision).toBe(GateDecision.REJECT);
+            expect(result.errors.some((e) => e.code === 'ORG_MISMATCH')).toBe(true);
+        });
+        it('should REJECT when capability level exceeds maximum', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                organization: 'acme-corp',
+                capabilityLevel: 7, // exceeds profile max of 4
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest, validProfile);
+            expect(result.decision).toBe(GateDecision.REJECT);
+            expect(result.errors.some((e) => e.code === 'CAPABILITY_LEVEL_EXCEEDED')).toBe(true);
+        });
+        it('should REJECT unauthorized domains', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                organization: 'acme-corp',
+                domains: ['A', 'B', 'S'], // S not approved
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest, validProfile);
+            expect(result.decision).toBe(GateDecision.REJECT);
+            expect(result.errors.some((e) => e.code === 'UNAUTHORIZED_DOMAINS')).toBe(true);
+        });
+        it('should warn on unauthorized capabilities', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                organization: 'acme-corp',
+                requestedCapabilities: ['CAP-READ-PUBLIC', 'CAP-SYSTEM-ADMIN-FULL'], // admin not approved
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest, validProfile);
+            expect(result.warnings.some((w) => w.code === 'UNAUTHORIZED_CAPABILITIES')).toBe(true);
+        });
+        it('should REJECT when profile required but missing', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest, undefined, {
+                requireRegisteredProfile: true,
+            });
+            expect(result.decision).toBe(GateDecision.REJECT);
+            expect(result.errors.some((e) => e.code === 'PROFILE_NOT_FOUND')).toBe(true);
+        });
+    });
+    // =============================================================================
+    // CAPABILITY VALIDATION
+    // =============================================================================
+    describe('capability validation', () => {
+        it('should allow capabilities matching trust tier', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 700, // T4_STANDARD (650-799)
+                requestedCapabilities: ['CAP-READ-PUBLIC', 'CAP-AGENT-COMMUNICATE'],
+            };
+            const result = validateAgent(manifest);
+            expect(result.allowedCapabilities).toContain('CAP-READ-PUBLIC');
+            expect(result.allowedCapabilities).toContain('CAP-AGENT-COMMUNICATE');
+            expect(result.deniedCapabilities).toBeUndefined();
+        });
+        it('should deny capabilities above trust tier', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 100, // T0_SANDBOX
+                requestedCapabilities: ['CAP-READ-PUBLIC', 'CAP-AGENT-SPAWN'], // spawn requires T6
+            };
+            const result = validateAgent(manifest);
+            expect(result.allowedCapabilities).toContain('CAP-READ-PUBLIC');
+            expect(result.deniedCapabilities).toContain('CAP-AGENT-SPAWN');
+        });
+        it('should provide recommendations for denied capabilities', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 100,
+                requestedCapabilities: ['CAP-AGENT-SPAWN'],
+            };
+            const result = validateAgent(manifest);
+            expect(result.recommendations).toBeDefined();
+            expect(result.recommendations?.some((r) => r.includes('trust score'))).toBe(true);
+        });
+    });
+    // =============================================================================
+    // REQUIRED DOMAINS
+    // =============================================================================
+    describe('required domains', () => {
+        it('should REJECT when required domains are missing', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                domains: ['A', 'B'],
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest, undefined, {
+                requiredDomains: ['A', 'F'], // F is missing
+            });
+            expect(result.decision).toBe(GateDecision.REJECT);
+            expect(result.errors.some((e) => e.code === 'MISSING_REQUIRED_DOMAINS')).toBe(true);
+        });
+        it('should PASS when all required domains present', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                domains: ['A', 'B', 'F'],
+                trustScore: 500,
+            };
+            const result = validateAgent(manifest, undefined, {
+                requiredDomains: ['A', 'F'],
+            });
+            expect(result.decision).toBe(GateDecision.PASS);
+        });
+    });
+    // =============================================================================
+    // STRICT MODE
+    // =============================================================================
+    describe('strict mode', () => {
+        it('should REJECT on warnings in strict mode', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                // No trust score - generates warning
+            };
+            const normalResult = validateAgent(manifest, undefined, { strict: false });
+            const strictResult = validateAgent(manifest, undefined, { strict: true });
+            expect(normalResult.decision).toBe(GateDecision.PASS);
+            expect(strictResult.decision).toBe(GateDecision.REJECT);
+        });
+    });
+    // =============================================================================
+    // CUSTOM VALIDATORS
+    // =============================================================================
+    describe('custom validators', () => {
+        it('should run custom validators', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 500,
+                metadata: { version: '0.0.1' },
+            };
+            const customValidator = (m) => {
+                const issues = [];
+                if (m.metadata?.version === '0.0.1') {
+                    issues.push({
+                        code: 'UNSTABLE_VERSION',
+                        message: 'Agent is using unstable version',
+                        severity: ValidationSeverity.WARNING,
+                    });
+                }
+                return issues;
+            };
+            const result = validateAgent(manifest, undefined, {
+                customValidators: [customValidator],
+            });
+            expect(result.warnings.some((w) => w.code === 'UNSTABLE_VERSION')).toBe(true);
+        });
+        it('should handle custom validator errors gracefully', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 500,
+            };
+            const failingValidator = () => {
+                throw new Error('Validator crashed');
+            };
+            const result = validateAgent(manifest, undefined, {
+                customValidators: [failingValidator],
+            });
+            // Should not crash, just add a warning
+            expect(result.warnings.some((w) => w.code === 'CUSTOM_VALIDATOR_ERROR')).toBe(true);
+        });
+    });
+    // =============================================================================
+    // HELPER FUNCTIONS
+    // =============================================================================
+    describe('isValidAgent', () => {
+        it('should return true for valid agent', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 500,
+            };
+            expect(isValidAgent(manifest)).toBe(true);
+        });
+        it('should return false for invalid agent', () => {
+            const manifest = {};
+            expect(isValidAgent(manifest)).toBe(false);
+        });
+    });
+    describe('createValidationGate', () => {
+        it('should create gate with preset options', () => {
+            const gate = createValidationGate({
+                minimumTrustTier: TrustTier.T3_MONITORED,
+            });
+            const lowTrustManifest = {
+                agentId: 'test-agent',
+                trustScore: 100,
+            };
+            const result = gate.validate(lowTrustManifest);
+            expect(result.decision).toBe(GateDecision.REJECT);
+        });
+        it('should allow option overrides', () => {
+            const gate = createValidationGate({
+                minimumTrustTier: TrustTier.T5_TRUSTED,
+            });
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 700, // T4 (650-799)
+            };
+            // With default options, should fail (T4 < T5)
+            const result1 = gate.validate(manifest);
+            expect(result1.decision).toBe(GateDecision.REJECT);
+            // With override, should pass (T4 >= T3)
+            const result2 = gate.validate(manifest, undefined, {
+                minimumTrustTier: TrustTier.T3_MONITORED,
+            });
+            expect(result2.decision).toBe(GateDecision.PASS);
+        });
+    });
+    describe('preset gates', () => {
+        it('strictValidationGate should reject on warnings', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                // Missing trustScore generates warning
+            };
+            expect(strictValidationGate.isValid(manifest)).toBe(false);
+        });
+        it('productionValidationGate should require profile', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 500,
+            };
+            const result = productionValidationGate.validate(manifest);
+            expect(result.errors.some((e) => e.code === 'PROFILE_NOT_FOUND')).toBe(true);
+        });
+    });
+    // =============================================================================
+    // ESCALATION
+    // =============================================================================
+    describe('escalation', () => {
+        it('should ESCALATE when capability escalation allowed and denied caps exist', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 100, // T0
+                requestedCapabilities: ['CAP-AGENT-SPAWN'], // Requires T6
+            };
+            const result = validateAgent(manifest, undefined, {
+                allowCapabilityEscalation: true,
+            });
+            expect(result.decision).toBe(GateDecision.ESCALATE);
+        });
+        it('should REJECT when capability escalation not allowed', () => {
+            const manifest = {
+                agentId: 'test-agent',
+                trustScore: 100,
+                requestedCapabilities: ['CAP-AGENT-SPAWN'],
+            };
+            const result = validateAgent(manifest, undefined, {
+                allowCapabilityEscalation: false,
+            });
+            expect(result.decision).toBe(GateDecision.REJECT);
+        });
+    });
+});
+//# sourceMappingURL=validation-gate.test.js.map

package/hardhat.config.ts

@@ -0,0 +1,55 @@
+import { HardhatUserConfig } from 'hardhat/config';
+import '@nomicfoundation/hardhat-ethers';
+import * as dotenv from 'dotenv';
+
+dotenv.config();
+
+const config: HardhatUserConfig = {
+  solidity: {
+    version: '0.8.20',
+    settings: {
+      optimizer: {
+        enabled: true,
+        runs: 200,
+      },
+    },
+  },
+
+  networks: {
+    hardhat: {
+      chainId: 31337,
+    },
+
+    // Ethereum Sepolia Testnet (uses ETH)
+    sepolia: {
+      url: process.env.SEPOLIA_RPC_URL || 'https://ethereum-sepolia-rpc.publicnode.com',
+      accounts: process.env.PRIVATE_KEY && process.env.PRIVATE_KEY.startsWith('0x') && process.env.PRIVATE_KEY.length === 66 ? [process.env.PRIVATE_KEY] : [],
+      chainId: 11155111,
+    },
+
+    // Polygon Amoy Testnet
+    amoy: {
+      url: process.env.AMOY_RPC_URL || 'https://rpc-amoy.polygon.technology',
+      accounts: process.env.PRIVATE_KEY && process.env.PRIVATE_KEY.startsWith('0x') && process.env.PRIVATE_KEY.length === 66 ? [process.env.PRIVATE_KEY] : [],
+      chainId: 80002,
+      gasPrice: 30000000000, // 30 gwei
+    },
+
+    // Polygon Mainnet (uses POL token)
+    polygon: {
+      url: process.env.POLYGON_RPC_URL || 'https://polygon-rpc.com',
+      accounts: process.env.PRIVATE_KEY && process.env.PRIVATE_KEY.startsWith('0x') && process.env.PRIVATE_KEY.length === 66 ? [process.env.PRIVATE_KEY] : [],
+      chainId: 137,
+      gasPrice: 50000000000, // 50 gwei
+    },
+  },
+
+  paths: {
+    sources: './contracts',
+    tests: './test',
+    cache: './cache',
+    artifacts: './artifacts',
+  },
+};
+
+export default config;

package/package.json

@@ -0,0 +1,57 @@
+{
+  "name": "@vorionsys/basis",
+  "version": "1.0.1",
+  "type": "module",
+  "description": "Blockchain Agent Standard for Identity and Security (BASIS) - Open standard for AI agent governance",
+  "license": "Apache-2.0",
+  "publishConfig": {
+    "access": "public"
+  },
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./kya": {
+      "types": "./dist/kya/index.d.ts",
+      "import": "./dist/kya/index.js"
+    }
+  },
+  "scripts": {
+    "build": "tsc",
+    "test:trust": "vitest run src/trust-1000-agents.test.ts",
+    "test:trust:watch": "vitest src/trust-1000-agents.test.ts"
+  },
+  "dependencies": {
+    "@noble/ed25519": "^2.0.0",
+    "did-resolver": "^4.1.0",
+    "zod": "^3.22.4"
+  },
+  "devDependencies": {
+    "@types/node": "^20.10.6",
+    "typescript": "^5.3.3",
+    "vitest": "4.0.18"
+  },
+  "keywords": [
+    "vorion",
+    "basis",
+    "trust",
+    "ai",
+    "agent",
+    "governance",
+    "blockchain",
+    "identity"
+  ],
+  "author": "Vorion <team@vorion.org>",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/voriongit/vorion.git",
+    "directory": "packages/basis"
+  },
+  "homepage": "https://vorion.org",
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}

package/scripts/certify-agent.ts

@@ -0,0 +1,91 @@
+import { ethers } from 'hardhat';
+
+/**
+ * Certify CC Agent with AgentAnchor (T2: Standard tier, 350 trust score)
+ */
+async function main() {
+  const [deployer] = await ethers.getSigners();
+
+  console.log('Certifying agent with account:', deployer.address);
+
+  // Get deployed AgentCard contract
+  const AgentCard = await ethers.getContractFactory('AgentCard');
+  const agentCard = await AgentCard.attach(
+    process.env.AGENTCARD_ADDRESS || 'REPLACE_WITH_DEPLOYED_ADDRESS'
+  );
+
+  console.log('AgentCard contract:', await agentCard.getAddress());
+
+  const tokenId = 0; // First minted card (CC Agent)
+
+  // Check if account has CERTIFIER_ROLE
+  const CERTIFIER_ROLE = await agentCard.CERTIFIER_ROLE();
+  const hasCertifierRole = await agentCard.hasRole(CERTIFIER_ROLE, deployer.address);
+
+  if (!hasCertifierRole) {
+    console.error('❌ Account does not have CERTIFIER_ROLE');
+    console.log('Granting CERTIFIER_ROLE to:', deployer.address);
+
+    const grantTx = await agentCard.grantRole(CERTIFIER_ROLE, deployer.address);
+    await grantTx.wait();
+
+    console.log('✅ CERTIFIER_ROLE granted');
+  }
+
+  // Certify with trust score 350 (T2: Standard)
+  const trustScore = 350;
+  const expiryTimestamp = Math.floor(Date.now() / 1000) + (365 * 24 * 60 * 60); // 1 year from now
+
+  console.log('\nCertifying agent:');
+  console.log('- Token ID:', tokenId);
+  console.log('- Trust Score:', trustScore);
+  console.log('- Tier: T2 (Standard)');
+  console.log('- Expires:', new Date(expiryTimestamp * 1000).toISOString());
+
+  const tx = await agentCard.certify(tokenId, trustScore, expiryTimestamp);
+
+  console.log('Certification transaction submitted:', tx.hash);
+  const receipt = await tx.wait();
+
+  // Get certification event
+  const certifyEvent = receipt?.logs?.find(
+    (log: any) => log.fragment?.name === 'AgentCertified'
+  );
+
+  if (certifyEvent) {
+    console.log('\n✅ Agent certified successfully!');
+    console.log('Token ID:', certifyEvent.args?.tokenId.toString());
+    console.log('DID:', certifyEvent.args?.did);
+    console.log('Certifier:', certifyEvent.args?.certifier);
+    console.log('Trust Score:', certifyEvent.args?.trustScore.toString());
+    console.log('Tier:', certifyEvent.args?.tier); // Should be 2 (T2)
+  }
+
+  // Query updated card
+  const card = await agentCard.getCard(tokenId);
+
+  console.log('\n📋 Updated AgentCard:');
+  console.log('-------------------');
+  console.log('DID:', card.did);
+  console.log('Name:', card.name);
+  console.log('Trust Score:', card.trustScore.toString());
+  console.log('Tier:', ['T0', 'T1', 'T2', 'T3', 'T4', 'T5'][card.tier]);
+  console.log('Certified:', card.certified);
+  console.log('Certifier:', card.certifier);
+  console.log('Certification Date:', new Date(Number(card.certificationDate) * 1000).toISOString());
+  console.log('Certification Expiry:', new Date(Number(card.certificationExpiry) * 1000).toISOString());
+
+  // Check if certified and valid
+  const isCertified = await agentCard.isCertified(tokenId);
+  console.log('\nIs Certified (not expired/revoked):', isCertified);
+
+  console.log('\n🔗 View on PolygonScan:');
+  console.log(`https://mumbai.polygonscan.com/token/${await agentCard.getAddress()}?a=${tokenId}`);
+}
+
+main()
+  .then(() => process.exit(0))
+  .catch((error) => {
+    console.error(error);
+    process.exit(1);
+  });

package/scripts/deploy-agentcard.ts

@@ -0,0 +1,63 @@
+import { ethers } from 'hardhat';
+
+/**
+ * Deploy AgentCard contract to network
+ */
+async function main() {
+  const [deployer] = await ethers.getSigners();
+
+  console.log('Deploying AgentCard with account:', deployer.address);
+  console.log('Account balance:', ethers.formatEther(await ethers.provider.getBalance(deployer.address)), 'MATIC');
+
+  // Deploy AgentCard
+  const AgentCard = await ethers.getContractFactory('AgentCard');
+  const agentCard = await AgentCard.deploy();
+
+  await agentCard.waitForDeployment();
+
+  const contractAddress = await agentCard.getAddress();
+
+  console.log('\n✅ AgentCard deployed to:', contractAddress);
+
+  // Grant CERTIFIER_ROLE to deployer (for testing)
+  console.log('\nGranting CERTIFIER_ROLE to deployer...');
+  const CERTIFIER_ROLE = await agentCard.CERTIFIER_ROLE();
+  await agentCard.grantRole(CERTIFIER_ROLE, deployer.address);
+
+  console.log('✅ CERTIFIER_ROLE granted');
+
+  console.log('\n📋 Deployment Summary:');
+  console.log('=====================');
+  console.log('Contract Address:', contractAddress);
+  console.log('Deployer:', deployer.address);
+  console.log('Network:', (await ethers.provider.getNetwork()).name);
+  console.log('Chain ID:', (await ethers.provider.getNetwork()).chainId);
+
+  console.log('\n🔗 View on Block Explorer:');
+  const chainId = (await ethers.provider.getNetwork()).chainId;
+  if (chainId === 11155111n) {
+    console.log(`https://sepolia.etherscan.io/address/${contractAddress}`);
+  } else if (chainId === 80002n) {
+    console.log(`https://amoy.polygonscan.com/address/${contractAddress}`);
+  } else if (chainId === 80001n) {
+    console.log(`https://mumbai.polygonscan.com/address/${contractAddress}`);
+    console.log('⚠️  WARNING: Mumbai testnet is deprecated. Use Amoy instead!');
+  } else if (chainId === 137n) {
+    console.log(`https://polygonscan.com/address/${contractAddress}`);
+  } else if (chainId === 1n) {
+    console.log(`https://etherscan.io/address/${contractAddress}`);
+  }
+
+  console.log('\n📝 Next Steps:');
+  console.log('1. Save contract address:', contractAddress);
+  console.log('2. Verify contract: npx hardhat verify --network mumbai', contractAddress);
+  console.log('3. Mint AgentCard: npx hardhat run scripts/mint-agentcard.ts --network mumbai');
+  console.log('4. Certify agent: npx hardhat run scripts/certify-agent.ts --network mumbai');
+}
+
+main()
+  .then(() => process.exit(0))
+  .catch((error) => {
+    console.error(error);
+    process.exit(1);
+  });