@vorionsys/contracts 0.1.0

package/dist/v2/policy-bundle.d.ts

@@ -0,0 +1,166 @@
+/**
+ * Policy Bundle types - compliance rules as data
+ */
+import type { DataSensitivity, TrustBand, ActionType } from './enums.js';
+/**
+ * Operator for policy conditions
+ */
+export declare enum PolicyOperator {
+    EQUALS = "equals",
+    NOT_EQUALS = "not_equals",
+    GREATER_THAN = "greater_than",
+    LESS_THAN = "less_than",
+    GREATER_OR_EQUAL = "greater_or_equal",
+    LESS_OR_EQUAL = "less_or_equal",
+    IN = "in",
+    NOT_IN = "not_in",
+    CONTAINS = "contains",
+    MATCHES = "matches"
+}
+/**
+ * Policy condition
+ */
+export interface PolicyCondition {
+    /** Field to evaluate */
+    field: string;
+    /** Comparison operator */
+    operator: PolicyOperator;
+    /** Value to compare against */
+    value: unknown;
+}
+/**
+ * Policy rule - a single authorization rule
+ */
+export interface PolicyRule {
+    /** Unique rule identifier */
+    ruleId: string;
+    /** Rule name */
+    name: string;
+    /** Rule description */
+    description: string;
+    /** Priority (lower = higher priority) */
+    priority: number;
+    /** Conditions that must be met */
+    conditions: PolicyCondition[];
+    /** Effect when conditions match */
+    effect: 'permit' | 'deny';
+    /** Optional constraints to apply if permitted */
+    constraints?: Partial<{
+        requiredApprovals: string[];
+        allowedTools: string[];
+        dataScopes: string[];
+        maxExecutionTimeMs: number;
+        reversibilityRequired: boolean;
+    }>;
+    /** Is this rule active? */
+    enabled: boolean;
+}
+/**
+ * Jurisdiction restrictions
+ */
+export interface JurisdictionRestrictions {
+    /** Allowed jurisdictions */
+    allowedJurisdictions: string[];
+    /** Blocked jurisdictions */
+    blockedJurisdictions: string[];
+    /** Data residency requirements */
+    dataResidency?: string[];
+    /** Cross-border transfer allowed? */
+    crossBorderAllowed: boolean;
+}
+/**
+ * Data classification policy
+ */
+export interface DataClassificationPolicy {
+    /** Sensitivity levels this bundle handles */
+    allowedSensitivities: DataSensitivity[];
+    /** Minimum trust band for each sensitivity */
+    minimumTrustByClassification: Partial<Record<DataSensitivity, TrustBand>>;
+    /** Encryption required for these classifications */
+    encryptionRequired: DataSensitivity[];
+    /** Audit required for these classifications */
+    auditRequired: DataSensitivity[];
+}
+/**
+ * Action restrictions by trust band
+ */
+export interface ActionRestrictions {
+    /** Action types allowed per trust band */
+    allowedByBand: Partial<Record<TrustBand, ActionType[]>>;
+    /** Actions that always require approval */
+    alwaysRequireApproval: ActionType[];
+    /** Actions that are never allowed */
+    neverAllowed: ActionType[];
+}
+/**
+ * Policy bundle - a collection of related policies
+ */
+export interface PolicyBundle {
+    /** Unique bundle identifier */
+    bundleId: string;
+    /** Bundle name */
+    name: string;
+    /** Bundle description */
+    description: string;
+    /** Version (semver) */
+    version: string;
+    /** Is this bundle active? */
+    enabled: boolean;
+    /** Domains this bundle applies to */
+    applicableDomains: string[];
+    /** Environments (prod, staging, dev) */
+    applicableEnvironments: string[];
+    /** Jurisdictions */
+    jurisdictions: JurisdictionRestrictions;
+    /** Data classification policies */
+    dataClassification: DataClassificationPolicy;
+    /** Action restrictions */
+    actionRestrictions: ActionRestrictions;
+    /** Individual rules */
+    rules: PolicyRule[];
+    /** Default effect when no rules match */
+    defaultEffect: 'permit' | 'deny';
+    /** Metadata */
+    createdAt: Date;
+    updatedAt: Date;
+    createdBy: string;
+}
+/**
+ * Policy evaluation result
+ */
+export interface PolicyEvaluationResult {
+    /** Was access permitted? */
+    permitted: boolean;
+    /** Which rule(s) matched */
+    matchedRules: string[];
+    /** Combined constraints from all matching rules */
+    constraints: PolicyRule['constraints'];
+    /** Reasoning for the decision */
+    reasoning: string[];
+    /** Time to evaluate (ms) */
+    evaluationTimeMs: number;
+}
+/**
+ * Request to resolve applicable policies
+ */
+export interface PolicyResolutionRequest {
+    domain?: string;
+    environment?: string;
+    jurisdictions?: string[];
+    dataSensitivity?: DataSensitivity;
+    actionType?: ActionType;
+    trustBand?: TrustBand;
+}
+/**
+ * Policy bundle summary for listings
+ */
+export interface PolicyBundleSummary {
+    bundleId: string;
+    name: string;
+    version: string;
+    enabled: boolean;
+    applicableDomains: string[];
+    ruleCount: number;
+    updatedAt: Date;
+}
+//# sourceMappingURL=policy-bundle.d.ts.map

package/dist/v2/policy-bundle.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-bundle.d.ts","sourceRoot":"","sources":["../../src/v2/policy-bundle.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAEzE;;GAEG;AACH,oBAAY,cAAc;IACxB,MAAM,WAAW;IACjB,UAAU,eAAe;IACzB,YAAY,iBAAiB;IAC7B,SAAS,cAAc;IACvB,gBAAgB,qBAAqB;IACrC,aAAa,kBAAkB;IAC/B,EAAE,OAAO;IACT,MAAM,WAAW;IACjB,QAAQ,aAAa;IACrB,OAAO,YAAY;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,wBAAwB;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,QAAQ,EAAE,cAAc,CAAC;IACzB,+BAA+B;IAC/B,KAAK,EAAE,OAAO,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,6BAA6B;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,yCAAyC;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,kCAAkC;IAClC,UAAU,EAAE,eAAe,EAAE,CAAC;IAC9B,mCAAmC;IACnC,MAAM,EAAE,QAAQ,GAAG,MAAM,CAAC;IAC1B,iDAAiD;IACjD,WAAW,CAAC,EAAE,OAAO,CAAC;QACpB,iBAAiB,EAAE,MAAM,EAAE,CAAC;QAC5B,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,UAAU,EAAE,MAAM,EAAE,CAAC;QACrB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,qBAAqB,EAAE,OAAO,CAAC;KAChC,CAAC,CAAC;IACH,2BAA2B;IAC3B,OAAO,EAAE,OAAO,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,4BAA4B;IAC5B,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,4BAA4B;IAC5B,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,kCAAkC;IAClC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,qCAAqC;IACrC,kBAAkB,EAAE,OAAO,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,6CAA6C;IAC7C,oBAAoB,EAAE,eAAe,EAAE,CAAC;IACxC,8CAA8C;IAC9C,4BAA4B,EAAE,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1E,oDAAoD;IACpD,kBAAkB,EAAE,eAAe,EAAE,CAAC;IACtC,+CAA+C;IAC/C,aAAa,EAAE,eAAe,EAAE,CAAC;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,0CAA0C;IAC1C,aAAa,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;IACxD,2CAA2C;IAC3C,qBAAqB,EAAE,UAAU,EAAE,CAAC;IACpC,qCAAqC;IACrC,YAAY,EAAE,UAAU,EAAE,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,+BAA+B;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,yBAAyB;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,uBAAuB;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,6BAA6B;IAC7B,OAAO,EAAE,OAAO,CAAC;IAEjB,qCAAqC;IACrC,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,wCAAwC;IACxC,sBAAsB,EAAE,MAAM,EAAE,CAAC;IACjC,oBAAoB;IACpB,aAAa,EAAE,wBAAwB,CAAC;IAExC,mCAAmC;IACnC,kBAAkB,EAAE,wBAAwB,CAAC;IAE7C,0BAA0B;IAC1B,kBAAkB,EAAE,kBAAkB,CAAC;IAEvC,uBAAuB;IACvB,KAAK,EAAE,UAAU,EAAE,CAAC;IAEpB,yCAAyC;IACzC,aAAa,EAAE,QAAQ,GAAG,MAAM,CAAC;IAEjC,eAAe;IACf,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,4BAA4B;IAC5B,SAAS,EAAE,OAAO,CAAC;IACnB,4BAA4B;IAC5B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,mDAAmD;IACnD,WAAW,EAAE,UAAU,CAAC,aAAa,CAAC,CAAC;IACvC,iCAAiC;IACjC,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,4BAA4B;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,SAAS,CAAC,EAAE,SAAS,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,OAAO,CAAC;IACjB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,IAAI,CAAC;CACjB"}

package/dist/v2/policy-bundle.js

@@ -0,0 +1,20 @@
+/**
+ * Policy Bundle types - compliance rules as data
+ */
+/**
+ * Operator for policy conditions
+ */
+export var PolicyOperator;
+(function (PolicyOperator) {
+    PolicyOperator["EQUALS"] = "equals";
+    PolicyOperator["NOT_EQUALS"] = "not_equals";
+    PolicyOperator["GREATER_THAN"] = "greater_than";
+    PolicyOperator["LESS_THAN"] = "less_than";
+    PolicyOperator["GREATER_OR_EQUAL"] = "greater_or_equal";
+    PolicyOperator["LESS_OR_EQUAL"] = "less_or_equal";
+    PolicyOperator["IN"] = "in";
+    PolicyOperator["NOT_IN"] = "not_in";
+    PolicyOperator["CONTAINS"] = "contains";
+    PolicyOperator["MATCHES"] = "matches";
+})(PolicyOperator || (PolicyOperator = {}));
+//# sourceMappingURL=policy-bundle.js.map

package/dist/v2/policy-bundle.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-bundle.js","sourceRoot":"","sources":["../../src/v2/policy-bundle.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH;;GAEG;AACH,MAAM,CAAN,IAAY,cAWX;AAXD,WAAY,cAAc;IACxB,mCAAiB,CAAA;IACjB,2CAAyB,CAAA;IACzB,+CAA6B,CAAA;IAC7B,yCAAuB,CAAA;IACvB,uDAAqC,CAAA;IACrC,iDAA+B,CAAA;IAC/B,2BAAS,CAAA;IACT,mCAAiB,CAAA;IACjB,uCAAqB,CAAA;IACrB,qCAAmB,CAAA;AACrB,CAAC,EAXW,cAAc,KAAd,cAAc,QAWzB"}

package/dist/v2/pre-action-gate.d.ts

@@ -0,0 +1,185 @@
+/**
+ * Pre-Action Verification Gate Types - ATSF v2.0 Section 4.4
+ *
+ * Per ATSF v2.0: "Trust score gates CAPABILITY, not just post-hoc scoring"
+ *
+ * Key insight: At the moment of a "Treacherous Turn," an agent's trust
+ * is maximal because trust is updated AFTER action. Pre-action gating
+ * prevents high-risk actions by low-trust agents BEFORE execution.
+ *
+ * Trust must be earned through demonstrated success on low-risk actions first.
+ */
+import type { ActionType, DataSensitivity, Reversibility } from './enums.js';
+/**
+ * Risk levels for action classification
+ * Per ATSF v2.0 Section 4.4
+ */
+export declare enum RiskLevel {
+    /** Read-only operations - anyone can do */
+    READ = "READ",
+    /** Low-risk modifications */
+    LOW = "LOW",
+    /** Medium-risk operations */
+    MEDIUM = "MEDIUM",
+    /** High-risk operations - requires verification */
+    HIGH = "HIGH",
+    /** Critical operations - requires human approval */
+    CRITICAL = "CRITICAL"
+}
+/**
+ * Trust thresholds per risk level
+ * Per ATSF v2.0 Section 4.4
+ */
+export declare const TRUST_THRESHOLDS: Record<RiskLevel, number>;
+/**
+ * Gate decision status
+ */
+export declare enum GateStatus {
+    /** Action approved - proceed with execution */
+    APPROVED = "APPROVED",
+    /** Action rejected - trust below threshold */
+    REJECTED = "REJECTED",
+    /** Action pending - requires additional verification */
+    PENDING_VERIFICATION = "PENDING_VERIFICATION",
+    /** Action pending - requires human approval */
+    PENDING_HUMAN_APPROVAL = "PENDING_HUMAN_APPROVAL"
+}
+/**
+ * Request to verify an action before execution
+ */
+export interface GateVerificationRequest {
+    /** Agent requesting the action */
+    agentId: string;
+    /** Description of the action */
+    action: string;
+    /** Type of action */
+    actionType: ActionType;
+    /** Resources being accessed/modified */
+    resourceScope: string[];
+    /** Data sensitivity level */
+    dataSensitivity: DataSensitivity;
+    /** Whether the action is reversible */
+    reversibility: Reversibility;
+    /** Estimated magnitude/impact (for risk calculation) */
+    magnitude?: number;
+    /** Additional context */
+    context?: Record<string, unknown>;
+}
+/**
+ * Result of pre-action gate verification
+ */
+export interface GateVerificationResult {
+    /** Status of the verification */
+    status: GateStatus;
+    /** Calculated risk level */
+    riskLevel: RiskLevel;
+    /** Required trust threshold */
+    requiredTrust: number;
+    /** Agent's current trust score */
+    currentTrust: number;
+    /** Trust deficit (how much more trust needed) */
+    trustDeficit: number;
+    /** Whether action passed the gate */
+    passed: boolean;
+    /** Human-readable reasoning */
+    reasoning: string[];
+    /** If pending, what's needed to proceed */
+    requirements?: GateRequirement[];
+    /** When the verification was performed */
+    verifiedAt: Date;
+    /** Verification expires at (must re-verify after) */
+    expiresAt: Date;
+    /** Unique verification ID for tracking */
+    verificationId: string;
+}
+/**
+ * Requirement to proceed when pending
+ */
+export interface GateRequirement {
+    /** Type of requirement */
+    type: 'MULTI_PROVER_VERIFICATION' | 'HUMAN_APPROVAL' | 'ADDITIONAL_TRUST';
+    /** Description of what's needed */
+    description: string;
+    /** Who needs to fulfill this */
+    fulfiller?: string;
+    /** Timeout for this requirement */
+    timeoutMs?: number;
+}
+/**
+ * Configuration for the pre-action gate
+ */
+export interface PreActionGateConfig {
+    /** Custom trust thresholds (override defaults) */
+    trustThresholds?: Partial<Record<RiskLevel, number>>;
+    /**
+     * Risk level that requires multi-prover verification
+     * Default: HIGH
+     */
+    verificationThreshold: RiskLevel;
+    /**
+     * Risk level that requires human approval
+     * Default: CRITICAL
+     */
+    humanApprovalThreshold: RiskLevel;
+    /**
+     * Verification validity period (ms)
+     * Default: 5 minutes
+     */
+    verificationValidityMs: number;
+    /**
+     * Whether to allow pending states or just approve/reject
+     * Default: true
+     */
+    allowPendingStates: boolean;
+    /**
+     * Risk multipliers for specific action types
+     */
+    actionTypeRiskMultipliers?: Partial<Record<ActionType, number>>;
+    /**
+     * Risk multipliers for data sensitivity
+     */
+    dataSensitivityRiskMultipliers?: Partial<Record<DataSensitivity, number>>;
+}
+/**
+ * Default pre-action gate configuration per ATSF v2.0
+ */
+export declare const DEFAULT_GATE_CONFIG: PreActionGateConfig;
+/**
+ * Action risk factors for classification
+ */
+export interface ActionRiskFactors {
+    /** Base action type risk */
+    actionTypeRisk: number;
+    /** Data sensitivity risk */
+    dataSensitivityRisk: number;
+    /** Reversibility risk (irreversible = higher) */
+    reversibilityRisk: number;
+    /** Magnitude/impact risk */
+    magnitudeRisk: number;
+    /** Combined risk score (0-100) */
+    combinedScore: number;
+    /** Resulting risk level */
+    riskLevel: RiskLevel;
+}
+/**
+ * Gate event for audit trail
+ */
+export interface GateEvent {
+    /** Event type */
+    type: 'GATE_CHECK' | 'GATE_APPROVED' | 'GATE_REJECTED' | 'GATE_PENDING';
+    /** Agent involved */
+    agentId: string;
+    /** Action that was checked */
+    action: string;
+    /** Risk level determined */
+    riskLevel: RiskLevel;
+    /** Trust score at time of check */
+    trustScore: number;
+    /** Whether the check passed */
+    passed: boolean;
+    /** Timestamp */
+    timestamp: Date;
+    /** Verification ID */
+    verificationId: string;
+}
+//# sourceMappingURL=pre-action-gate.d.ts.map

package/dist/v2/pre-action-gate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pre-action-gate.d.ts","sourceRoot":"","sources":["../../src/v2/pre-action-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE7E;;;GAGG;AACH,oBAAY,SAAS;IACnB,2CAA2C;IAC3C,IAAI,SAAS;IACb,6BAA6B;IAC7B,GAAG,QAAQ;IACX,6BAA6B;IAC7B,MAAM,WAAW;IACjB,mDAAmD;IACnD,IAAI,SAAS;IACb,oDAAoD;IACpD,QAAQ,aAAa;CACtB;AAED;;;GAGG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAMtD,CAAC;AAEF;;GAEG;AACH,oBAAY,UAAU;IACpB,+CAA+C;IAC/C,QAAQ,aAAa;IACrB,8CAA8C;IAC9C,QAAQ,aAAa;IACrB,wDAAwD;IACxD,oBAAoB,yBAAyB;IAC7C,+CAA+C;IAC/C,sBAAsB,2BAA2B;CAClD;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,kCAAkC;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB;IACrB,UAAU,EAAE,UAAU,CAAC;IACvB,wCAAwC;IACxC,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,6BAA6B;IAC7B,eAAe,EAAE,eAAe,CAAC;IACjC,uCAAuC;IACvC,aAAa,EAAE,aAAa,CAAC;IAC7B,wDAAwD;IACxD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,yBAAyB;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,iCAAiC;IACjC,MAAM,EAAE,UAAU,CAAC;IACnB,4BAA4B;IAC5B,SAAS,EAAE,SAAS,CAAC;IACrB,+BAA+B;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,kCAAkC;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,iDAAiD;IACjD,YAAY,EAAE,MAAM,CAAC;IACrB,qCAAqC;IACrC,MAAM,EAAE,OAAO,CAAC;IAChB,+BAA+B;IAC/B,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,2CAA2C;IAC3C,YAAY,CAAC,EAAE,eAAe,EAAE,CAAC;IACjC,0CAA0C;IAC1C,UAAU,EAAE,IAAI,CAAC;IACjB,qDAAqD;IACrD,SAAS,EAAE,IAAI,CAAC;IAChB,0CAA0C;IAC1C,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,0BAA0B;IAC1B,IAAI,EAAE,2BAA2B,GAAG,gBAAgB,GAAG,kBAAkB,CAAC;IAC1E,mCAAmC;IACnC,WAAW,EAAE,MAAM,CAAC;IACpB,gCAAgC;IAChC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,mCAAmC;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,kDAAkD;IAClD,eAAe,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;IACrD;;;OAGG;IACH,qBAAqB,EAAE,SAAS,CAAC;IACjC;;;OAGG;IACH,sBAAsB,EAAE,SAAS,CAAC;IAClC;;;OAGG;IACH,sBAAsB,EAAE,MAAM,CAAC;IAC/B;;;OAGG;IACH,kBAAkB,EAAE,OAAO,CAAC;IAC5B;;OAEG;IACH,yBAAyB,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC;IAChE;;OAEG;IACH,8BAA8B,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC,CAAC;CAC3E;AAED;;GAEG;AACH,eAAO,MAAM,mBAAmB,EAAE,mBAMjC,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,4BAA4B;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,4BAA4B;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,iDAAiD;IACjD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,4BAA4B;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,kCAAkC;IAClC,aAAa,EAAE,MAAM,CAAC;IACtB,2BAA2B;IAC3B,SAAS,EAAE,SAAS,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,iBAAiB;IACjB,IAAI,EAAE,YAAY,GAAG,eAAe,GAAG,eAAe,GAAG,cAAc,CAAC;IACxE,qBAAqB;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,SAAS,EAAE,SAAS,CAAC;IACrB,mCAAmC;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,+BAA+B;IAC/B,MAAM,EAAE,OAAO,CAAC;IAChB,gBAAgB;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,sBAAsB;IACtB,cAAc,EAAE,MAAM,CAAC;CACxB"}

package/dist/v2/pre-action-gate.js

@@ -0,0 +1,64 @@
+/**
+ * Pre-Action Verification Gate Types - ATSF v2.0 Section 4.4
+ *
+ * Per ATSF v2.0: "Trust score gates CAPABILITY, not just post-hoc scoring"
+ *
+ * Key insight: At the moment of a "Treacherous Turn," an agent's trust
+ * is maximal because trust is updated AFTER action. Pre-action gating
+ * prevents high-risk actions by low-trust agents BEFORE execution.
+ *
+ * Trust must be earned through demonstrated success on low-risk actions first.
+ */
+/**
+ * Risk levels for action classification
+ * Per ATSF v2.0 Section 4.4
+ */
+export var RiskLevel;
+(function (RiskLevel) {
+    /** Read-only operations - anyone can do */
+    RiskLevel["READ"] = "READ";
+    /** Low-risk modifications */
+    RiskLevel["LOW"] = "LOW";
+    /** Medium-risk operations */
+    RiskLevel["MEDIUM"] = "MEDIUM";
+    /** High-risk operations - requires verification */
+    RiskLevel["HIGH"] = "HIGH";
+    /** Critical operations - requires human approval */
+    RiskLevel["CRITICAL"] = "CRITICAL";
+})(RiskLevel || (RiskLevel = {}));
+/**
+ * Trust thresholds per risk level
+ * Per ATSF v2.0 Section 4.4
+ */
+export const TRUST_THRESHOLDS = {
+    [RiskLevel.READ]: 0.0, // Anyone can read
+    [RiskLevel.LOW]: 20, // Minimal trust required (0.2 * 100)
+    [RiskLevel.MEDIUM]: 40, // Moderate trust required (0.4 * 100)
+    [RiskLevel.HIGH]: 60, // Significant trust required (0.6 * 100)
+    [RiskLevel.CRITICAL]: 80, // Maximum trust + human approval (0.8 * 100)
+};
+/**
+ * Gate decision status
+ */
+export var GateStatus;
+(function (GateStatus) {
+    /** Action approved - proceed with execution */
+    GateStatus["APPROVED"] = "APPROVED";
+    /** Action rejected - trust below threshold */
+    GateStatus["REJECTED"] = "REJECTED";
+    /** Action pending - requires additional verification */
+    GateStatus["PENDING_VERIFICATION"] = "PENDING_VERIFICATION";
+    /** Action pending - requires human approval */
+    GateStatus["PENDING_HUMAN_APPROVAL"] = "PENDING_HUMAN_APPROVAL";
+})(GateStatus || (GateStatus = {}));
+/**
+ * Default pre-action gate configuration per ATSF v2.0
+ */
+export const DEFAULT_GATE_CONFIG = {
+    trustThresholds: TRUST_THRESHOLDS,
+    verificationThreshold: RiskLevel.HIGH,
+    humanApprovalThreshold: RiskLevel.CRITICAL,
+    verificationValidityMs: 5 * 60 * 1000, // 5 minutes
+    allowPendingStates: true,
+};
+//# sourceMappingURL=pre-action-gate.js.map

package/dist/v2/pre-action-gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pre-action-gate.js","sourceRoot":"","sources":["../../src/v2/pre-action-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH;;;GAGG;AACH,MAAM,CAAN,IAAY,SAWX;AAXD,WAAY,SAAS;IACnB,2CAA2C;IAC3C,0BAAa,CAAA;IACb,6BAA6B;IAC7B,wBAAW,CAAA;IACX,6BAA6B;IAC7B,8BAAiB,CAAA;IACjB,mDAAmD;IACnD,0BAAa,CAAA;IACb,oDAAoD;IACpD,kCAAqB,CAAA;AACvB,CAAC,EAXW,SAAS,KAAT,SAAS,QAWpB;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAA8B;IACzD,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,GAAG,EAAO,kBAAkB;IAC9C,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,EAAE,EAAS,qCAAqC;IACjE,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,EAAE,EAAM,sCAAsC;IAClE,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,EAAQ,yCAAyC;IACrE,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAI,6CAA6C;CAC1E,CAAC;AAEF;;GAEG;AACH,MAAM,CAAN,IAAY,UASX;AATD,WAAY,UAAU;IACpB,+CAA+C;IAC/C,mCAAqB,CAAA;IACrB,8CAA8C;IAC9C,mCAAqB,CAAA;IACrB,wDAAwD;IACxD,2DAA6C,CAAA;IAC7C,+CAA+C;IAC/C,+DAAiD,CAAA;AACnD,CAAC,EATW,UAAU,KAAV,UAAU,QASrB;AAsGD;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAwB;IACtD,eAAe,EAAE,gBAAgB;IACjC,qBAAqB,EAAE,SAAS,CAAC,IAAI;IACrC,sBAAsB,EAAE,SAAS,CAAC,QAAQ;IAC1C,sBAAsB,EAAE,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,YAAY;IACnD,kBAAkB,EAAE,IAAI;CACzB,CAAC"}

package/dist/v2/proof-event.d.ts

@@ -0,0 +1,201 @@
+/**
+ * Proof Event types - immutable audit trail entries
+ */
+import type { ProofEventType } from './enums.js';
+/**
+ * Shadow mode status for events from sandbox/testnet environments
+ *
+ * Shadow mode events are recorded but don't count toward production
+ * trust scores until verified by HITL review.
+ */
+export type ShadowModeStatus = 'production' | 'shadow' | 'testnet' | 'verified' | 'rejected';
+/**
+ * Proof event - an immutable record in the audit trail
+ *
+ * Events form a hash chain for tamper detection.
+ * Once created, events cannot be modified or deleted.
+ */
+export interface ProofEvent {
+    /** Unique event identifier */
+    eventId: string;
+    /** Type of event */
+    eventType: ProofEventType;
+    /** Correlation ID for end-to-end tracing */
+    correlationId: string;
+    /** Agent involved (if applicable) */
+    agentId?: string;
+    /** Event payload (type varies by eventType) */
+    payload: ProofEventPayload;
+    /** Hash of the previous event in chain */
+    previousHash: string | null;
+    /** SHA-256 hash of this event */
+    eventHash: string;
+    /** When the event occurred */
+    occurredAt: Date;
+    /** When the event was recorded (may differ from occurred) */
+    recordedAt: Date;
+    /** Who/what signed this event */
+    signedBy?: string;
+    /** Digital signature */
+    signature?: string;
+    /**
+     * Shadow mode status for sandbox/testnet events
+     *
+     * Events from T0_SANDBOX agents are automatically tagged as 'shadow'
+     * and require HITL verification before counting toward trust scores.
+     * This solves the chicken-and-egg problem of validating sandbox behavior.
+     *
+     * @default 'production'
+     */
+    shadowMode?: ShadowModeStatus;
+    /**
+     * ID of the HITL review that verified/rejected this shadow event
+     * Set when shadowMode transitions from 'shadow' to 'verified' or 'rejected'
+     */
+    verificationId?: string;
+    /**
+     * When the shadow event was verified/rejected
+     */
+    verifiedAt?: Date;
+}
+/**
+ * Union type for event payloads based on event type
+ */
+export type ProofEventPayload = IntentReceivedPayload | DecisionMadePayload | TrustDeltaPayload | ExecutionStartedPayload | ExecutionCompletedPayload | ExecutionFailedPayload | IncidentDetectedPayload | RollbackInitiatedPayload | ComponentRegisteredPayload | ComponentUpdatedPayload | GenericPayload;
+/** Intent received payload */
+export interface IntentReceivedPayload {
+    type: 'intent_received';
+    intentId: string;
+    action: string;
+    actionType: string;
+    resourceScope: string[];
+}
+/** Decision made payload */
+export interface DecisionMadePayload {
+    type: 'decision_made';
+    decisionId: string;
+    intentId: string;
+    permitted: boolean;
+    trustBand: string;
+    trustScore: number;
+    reasoning: string[];
+}
+/** Trust delta payload */
+export interface TrustDeltaPayload {
+    type: 'trust_delta';
+    deltaId: string;
+    previousScore: number;
+    newScore: number;
+    previousBand: string;
+    newBand: string;
+    reason: string;
+}
+/** Execution started payload */
+export interface ExecutionStartedPayload {
+    type: 'execution_started';
+    executionId: string;
+    actionId: string;
+    decisionId: string;
+    adapterId: string;
+}
+/** Execution completed payload */
+export interface ExecutionCompletedPayload {
+    type: 'execution_completed';
+    executionId: string;
+    actionId: string;
+    status: 'success' | 'partial';
+    durationMs: number;
+    outputHash: string;
+}
+/** Execution failed payload */
+export interface ExecutionFailedPayload {
+    type: 'execution_failed';
+    executionId: string;
+    actionId: string;
+    error: string;
+    durationMs: number;
+    retryable: boolean;
+}
+/** Incident detected payload */
+export interface IncidentDetectedPayload {
+    type: 'incident_detected';
+    incidentId: string;
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    description: string;
+    affectedResources: string[];
+}
+/** Rollback initiated payload */
+export interface RollbackInitiatedPayload {
+    type: 'rollback_initiated';
+    rollbackId: string;
+    executionId: string;
+    reason: string;
+    initiatedBy: string;
+}
+/** Component registered payload */
+export interface ComponentRegisteredPayload {
+    type: 'component_registered';
+    componentId: string;
+    componentType: string;
+    name: string;
+    version: string;
+}
+/** Component updated payload */
+export interface ComponentUpdatedPayload {
+    type: 'component_updated';
+    componentId: string;
+    changes: string[];
+    previousVersion?: string;
+    newVersion?: string;
+}
+/** Generic payload for extensibility */
+export interface GenericPayload {
+    type: string;
+    [key: string]: unknown;
+}
+/**
+ * Filter for querying proof events
+ */
+export interface ProofEventFilter {
+    correlationId?: string;
+    agentId?: string;
+    eventTypes?: ProofEventType[];
+    from?: Date;
+    to?: Date;
+    limit?: number;
+    offset?: number;
+}
+/**
+ * Result of chain verification
+ */
+export interface ChainVerificationResult {
+    valid: boolean;
+    verifiedEvents: number;
+    firstEventId: string;
+    lastEventId: string;
+    brokenAt?: string;
+    error?: string;
+}
+/**
+ * Request to log a new proof event
+ */
+export interface LogProofEventRequest {
+    eventType: ProofEventType;
+    correlationId: string;
+    agentId?: string;
+    payload: ProofEventPayload;
+    occurredAt?: Date;
+    signedBy?: string;
+}
+/**
+ * Proof event summary for listings
+ */
+export interface ProofEventSummary {
+    eventId: string;
+    eventType: ProofEventType;
+    correlationId: string;
+    agentId?: string;
+    occurredAt: Date;
+    recordedAt: Date;
+}
+//# sourceMappingURL=proof-event.d.ts.map

package/dist/v2/proof-event.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"proof-event.d.ts","sourceRoot":"","sources":["../../src/v2/proof-event.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD;;;;;GAKG;AACH,MAAM,MAAM,gBAAgB,GACxB,YAAY,GACZ,QAAQ,GACR,SAAS,GACT,UAAU,GACV,UAAU,CAAC;AAEf;;;;;GAKG;AACH,MAAM,WAAW,UAAU;IACzB,8BAA8B;IAC9B,OAAO,EAAE,MAAM,CAAC;IAEhB,oBAAoB;IACpB,SAAS,EAAE,cAAc,CAAC;IAE1B,4CAA4C;IAC5C,aAAa,EAAE,MAAM,CAAC;IAEtB,qCAAqC;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,+CAA+C;IAC/C,OAAO,EAAE,iBAAiB,CAAC;IAE3B,0CAA0C;IAC1C,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAE5B,iCAAiC;IACjC,SAAS,EAAE,MAAM,CAAC;IAElB,8BAA8B;IAC9B,UAAU,EAAE,IAAI,CAAC;IAEjB,6DAA6D;IAC7D,UAAU,EAAE,IAAI,CAAC;IAEjB,iCAAiC;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,wBAAwB;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;;;;;OAQG;IACH,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAE9B;;;OAGG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,UAAU,CAAC,EAAE,IAAI,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,MAAM,iBAAiB,GACzB,qBAAqB,GACrB,mBAAmB,GACnB,iBAAiB,GACjB,uBAAuB,GACvB,yBAAyB,GACzB,sBAAsB,GACtB,uBAAuB,GACvB,wBAAwB,GACxB,0BAA0B,GAC1B,uBAAuB,GACvB,cAAc,CAAC;AAEnB,8BAA8B;AAC9B,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,4BAA4B;AAC5B,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,eAAe,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,EAAE,CAAC;CACrB;AAED,0BAA0B;AAC1B,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,aAAa,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,gCAAgC;AAChC,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,mBAAmB,CAAC;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,kCAAkC;AAClC,MAAM,WAAW,yBAAyB;IACxC,IAAI,EAAE,qBAAqB,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,SAAS,GAAG,SAAS,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,+BAA+B;AAC/B,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,kBAAkB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,gCAAgC;AAChC,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,mBAAmB,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACjD,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,EAAE,MAAM,EAAE,CAAC;CAC7B;AAED,iCAAiC;AACjC,MAAM,WAAW,wBAAwB;IACvC,IAAI,EAAE,oBAAoB,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,mCAAmC;AACnC,MAAM,WAAW,0BAA0B;IACzC,IAAI,EAAE,sBAAsB,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,gCAAgC;AAChC,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,mBAAmB,CAAC;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,wCAAwC;AACxC,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,cAAc,EAAE,CAAC;IAC9B,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,EAAE,CAAC,EAAE,IAAI,CAAC;IACV,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,OAAO,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,cAAc,CAAC;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,iBAAiB,CAAC;IAC3B,UAAU,CAAC,EAAE,IAAI,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,cAAc,CAAC;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,IAAI,CAAC;IACjB,UAAU,EAAE,IAAI,CAAC;CAClB"}

package/dist/v2/proof-event.js

@@ -0,0 +1,5 @@
+/**
+ * Proof Event types - immutable audit trail entries
+ */
+export {};
+//# sourceMappingURL=proof-event.js.map

package/dist/v2/proof-event.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"proof-event.js","sourceRoot":"","sources":["../../src/v2/proof-event.ts"],"names":[],"mappings":"AAAA;;GAEG"}