@vorionsys/proof-plane 0.1.0

package/dist/events/event-emitter.d.ts

@@ -0,0 +1,140 @@
+/**
+ * Event Emitter - Creates and chains proof events
+ *
+ * Handles the creation of properly hashed and chained proof events,
+ * ensuring immutability and tamper detection.
+ */
+import type { ProofEvent, ProofEventPayload, ProofEventType, LogProofEventRequest, ShadowModeStatus } from '@vorion/contracts';
+import { type ProofEventStore } from './event-store.js';
+import { type EventSigningService } from './event-signatures.js';
+/**
+ * Configuration for the event emitter
+ */
+export interface EventEmitterConfig {
+    /** Event store to use */
+    store: ProofEventStore;
+    /** Signer identifier (e.g., service name) */
+    signedBy?: string;
+    /** Enable signature generation */
+    enableSignatures?: boolean;
+    /**
+     * Signing service for Ed25519 signatures
+     * Required when enableSignatures is true
+     */
+    signingService?: EventSigningService;
+    /**
+     * Private key for signing (base64-encoded Ed25519 private key)
+     * Alternative to signingService for simple setups
+     */
+    privateKey?: string;
+    /** Event listeners for real-time notifications */
+    listeners?: EventListener[];
+    /**
+     * Shadow mode for sandbox/testnet events
+     *
+     * When set, all emitted events are tagged with this status.
+     * Used for T0_SANDBOX agents whose events need HITL verification.
+     *
+     * @default 'production'
+     */
+    shadowMode?: ShadowModeStatus;
+}
+/**
+ * Event listener callback
+ */
+export type EventListener = (event: ProofEvent) => void | Promise<void>;
+/**
+ * Result of emitting an event
+ */
+export interface EmitResult {
+    /** The created event */
+    event: ProofEvent;
+    /** Whether this is the first event in the chain */
+    isGenesis: boolean;
+    /** Previous event hash (null for genesis) */
+    previousHash: string | null;
+}
+/**
+ * Batch emit options
+ */
+export interface BatchEmitOptions {
+    /** Whether to stop on first error */
+    stopOnError?: boolean;
+    /** Correlation ID to use for all events */
+    correlationId?: string;
+}
+/**
+ * Result of batch emit
+ */
+export interface BatchEmitResult {
+    /** Successfully created events */
+    events: ProofEvent[];
+    /** Errors encountered */
+    errors: Array<{
+        index: number;
+        error: Error;
+    }>;
+    /** Whether all events were created successfully */
+    success: boolean;
+}
+/**
+ * ProofEventEmitter - Creates properly hashed and chained events
+ */
+export declare class ProofEventEmitter {
+    private readonly store;
+    private readonly signedBy?;
+    private readonly enableSignatures;
+    private readonly signingService?;
+    private readonly privateKey?;
+    private readonly listeners;
+    private readonly shadowMode;
+    private emitLock;
+    constructor(config: EventEmitterConfig);
+    /**
+     * Check if signature generation is enabled and configured
+     */
+    isSigningEnabled(): boolean;
+    /**
+     * Check if this emitter is in shadow mode
+     */
+    isShadowMode(): boolean;
+    /**
+     * Get the current shadow mode status
+     */
+    getShadowMode(): ShadowModeStatus;
+    /**
+     * Emit a new proof event
+     *
+     * Events are serialized to ensure proper chaining.
+     */
+    emit(request: LogProofEventRequest): Promise<EmitResult>;
+    /**
+     * Emit an event with specific type helper
+     */
+    emitTyped<T extends ProofEventPayload>(eventType: ProofEventType, correlationId: string, payload: T, agentId?: string): Promise<EmitResult>;
+    /**
+     * Emit multiple events in a batch
+     */
+    emitBatch(requests: LogProofEventRequest[], options?: BatchEmitOptions): Promise<BatchEmitResult>;
+    /**
+     * Add an event listener
+     */
+    addListener(listener: EventListener): void;
+    /**
+     * Remove an event listener
+     */
+    removeListener(listener: EventListener): void;
+    /**
+     * Get the underlying store
+     */
+    getStore(): ProofEventStore;
+    private serializedEmit;
+    private createAndStoreEvent;
+    private validateEvent;
+    private notifyListeners;
+}
+/**
+ * Create a proof event emitter
+ */
+export declare function createEventEmitter(config: EventEmitterConfig): ProofEventEmitter;
+//# sourceMappingURL=event-emitter.d.ts.map

package/dist/events/event-emitter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"event-emitter.d.ts","sourceRoot":"","sources":["../../src/events/event-emitter.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EACV,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,gBAAgB,EACjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,KAAK,eAAe,EAAwC,MAAM,kBAAkB,CAAC;AAE9F,OAAO,EAAE,KAAK,mBAAmB,EAAa,MAAM,uBAAuB,CAAC;AAE5E;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,yBAAyB;IACzB,KAAK,EAAE,eAAe,CAAC;IACvB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kCAAkC;IAClC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B;;;OAGG;IACH,cAAc,CAAC,EAAE,mBAAmB,CAAC;IACrC;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,kDAAkD;IAClD,SAAS,CAAC,EAAE,aAAa,EAAE,CAAC;IAC5B;;;;;;;OAOG;IACH,UAAU,CAAC,EAAE,gBAAgB,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAExE;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,wBAAwB;IACxB,KAAK,EAAE,UAAU,CAAC;IAClB,mDAAmD;IACnD,SAAS,EAAE,OAAO,CAAC;IACnB,6CAA6C;IAC7C,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,qCAAqC;IACrC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,2CAA2C;IAC3C,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,kCAAkC;IAClC,MAAM,EAAE,UAAU,EAAE,CAAC;IACrB,yBAAyB;IACzB,MAAM,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,KAAK,CAAA;KAAE,CAAC,CAAC;IAC/C,mDAAmD;IACnD,OAAO,EAAE,OAAO,CAAC;CAClB;AAED;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkB;IACxC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAU;IAC3C,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAsB;IACtD,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAkB;IAC5C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAmB;IAC9C,OAAO,CAAC,QAAQ,CAAoC;gBAExC,MAAM,EAAE,kBAAkB;IAkBtC;;OAEG;IACH,gBAAgB,IAAI,OAAO;IAI3B;;OAEG;IACH,YAAY,IAAI,OAAO;IAIvB;;OAEG;IACH,aAAa,IAAI,gBAAgB;IAIjC;;;;OAIG;IACG,IAAI,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,UAAU,CAAC;IAK9D;;OAEG;IACG,SAAS,CAAC,CAAC,SAAS,iBAAiB,EACzC,SAAS,EAAE,cAAc,EACzB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,CAAC,EACV,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC,UAAU,CAAC;IAWtB;;OAEG;IACG,SAAS,CACb,QAAQ,EAAE,oBAAoB,EAAE,EAChC,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,eAAe,CAAC;IA4B3B;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,aAAa,GAAG,IAAI;IAI1C;;OAEG;IACH,cAAc,CAAC,QAAQ,EAAE,aAAa,GAAG,IAAI;IAO7C;;OAEG;IACH,QAAQ,IAAI,eAAe;YAMb,cAAc;YAcd,mBAAmB;IAwEjC,OAAO,CAAC,aAAa;YA2BP,eAAe;CAU9B;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,GAAG,iBAAiB,CAEhF"}

package/dist/events/event-emitter.js

@@ -0,0 +1,235 @@
+/**
+ * Event Emitter - Creates and chains proof events
+ *
+ * Handles the creation of properly hashed and chained proof events,
+ * ensuring immutability and tamper detection.
+ */
+import { v4 as uuidv4 } from 'uuid';
+import { EventStoreError, EventStoreErrorCode } from './event-store.js';
+import { computeEventHash, getGenesisHash } from './hash-chain.js';
+import { signEvent } from './event-signatures.js';
+/**
+ * ProofEventEmitter - Creates properly hashed and chained events
+ */
+export class ProofEventEmitter {
+    store;
+    signedBy;
+    enableSignatures;
+    signingService;
+    privateKey;
+    listeners;
+    shadowMode;
+    emitLock = Promise.resolve();
+    constructor(config) {
+        this.store = config.store;
+        this.signedBy = config.signedBy;
+        this.enableSignatures = config.enableSignatures ?? false;
+        this.signingService = config.signingService;
+        this.privateKey = config.privateKey;
+        this.listeners = config.listeners ?? [];
+        this.shadowMode = config.shadowMode ?? 'production';
+        // Validate signing configuration
+        if (this.enableSignatures && !this.signingService && !this.privateKey) {
+            console.warn('[ProofEventEmitter] Signatures enabled but no signingService or privateKey provided. ' +
+                'Events will be emitted without signatures.');
+        }
+    }
+    /**
+     * Check if signature generation is enabled and configured
+     */
+    isSigningEnabled() {
+        return this.enableSignatures && (this.signingService?.canSign() || !!this.privateKey);
+    }
+    /**
+     * Check if this emitter is in shadow mode
+     */
+    isShadowMode() {
+        return this.shadowMode !== 'production';
+    }
+    /**
+     * Get the current shadow mode status
+     */
+    getShadowMode() {
+        return this.shadowMode;
+    }
+    /**
+     * Emit a new proof event
+     *
+     * Events are serialized to ensure proper chaining.
+     */
+    async emit(request) {
+        // Serialize event creation to ensure proper chaining
+        return this.serializedEmit(request);
+    }
+    /**
+     * Emit an event with specific type helper
+     */
+    async emitTyped(eventType, correlationId, payload, agentId) {
+        return this.emit({
+            eventType,
+            correlationId,
+            payload,
+            agentId,
+            occurredAt: new Date(),
+            signedBy: this.signedBy,
+        });
+    }
+    /**
+     * Emit multiple events in a batch
+     */
+    async emitBatch(requests, options) {
+        const events = [];
+        const errors = [];
+        for (let i = 0; i < requests.length; i++) {
+            try {
+                const request = {
+                    ...requests[i],
+                    correlationId: options?.correlationId ?? requests[i].correlationId,
+                };
+                const result = await this.emit(request);
+                events.push(result.event);
+            }
+            catch (error) {
+                const err = error instanceof Error ? error : new Error(String(error));
+                errors.push({ index: i, error: err });
+                if (options?.stopOnError) {
+                    break;
+                }
+            }
+        }
+        return {
+            events,
+            errors,
+            success: errors.length === 0,
+        };
+    }
+    /**
+     * Add an event listener
+     */
+    addListener(listener) {
+        this.listeners.push(listener);
+    }
+    /**
+     * Remove an event listener
+     */
+    removeListener(listener) {
+        const index = this.listeners.indexOf(listener);
+        if (index !== -1) {
+            this.listeners.splice(index, 1);
+        }
+    }
+    /**
+     * Get the underlying store
+     */
+    getStore() {
+        return this.store;
+    }
+    // Private methods
+    async serializedEmit(request) {
+        // Wait for any pending emit to complete
+        const previousLock = this.emitLock;
+        let resolve;
+        this.emitLock = new Promise(r => { resolve = r; });
+        try {
+            await previousLock;
+            return await this.createAndStoreEvent(request);
+        }
+        finally {
+            resolve();
+        }
+    }
+    async createAndStoreEvent(request) {
+        const now = new Date();
+        const eventId = uuidv4();
+        // Get previous hash for chaining
+        const previousHash = await this.store.getLatestHash() ?? getGenesisHash();
+        const isGenesis = previousHash === null;
+        // Determine the signer identity
+        const signerIdentity = request.signedBy ?? this.signedBy ?? this.signingService?.getServiceId();
+        // Build event without hash and signature
+        const eventWithoutHashAndSig = {
+            eventId,
+            eventType: request.eventType,
+            correlationId: request.correlationId,
+            agentId: request.agentId,
+            payload: request.payload,
+            previousHash,
+            occurredAt: request.occurredAt ?? now,
+            signedBy: signerIdentity,
+            // Tag with shadow mode for T0 sandbox/testnet events
+            shadowMode: this.shadowMode !== 'production' ? this.shadowMode : undefined,
+        };
+        // Generate signature if enabled
+        let signature;
+        if (this.isSigningEnabled() && signerIdentity) {
+            try {
+                if (this.signingService?.canSign()) {
+                    signature = await this.signingService.sign(eventWithoutHashAndSig);
+                }
+                else if (this.privateKey) {
+                    signature = await signEvent(eventWithoutHashAndSig, this.privateKey, signerIdentity);
+                }
+            }
+            catch (error) {
+                console.error('[ProofEventEmitter] Failed to sign event:', error);
+                // Continue without signature - event is still valid for hash chain
+            }
+        }
+        // Build event with signature (for hash computation)
+        const eventWithSig = {
+            ...eventWithoutHashAndSig,
+            signature,
+        };
+        // Compute hash (includes signature if present)
+        const eventHash = await computeEventHash(eventWithSig);
+        // Create complete event
+        const event = {
+            ...eventWithSig,
+            eventHash,
+            recordedAt: now,
+        };
+        // Validate the event
+        this.validateEvent(event);
+        // Store the event
+        const storedEvent = await this.store.append(event);
+        // Notify listeners
+        await this.notifyListeners(storedEvent);
+        return {
+            event: storedEvent,
+            isGenesis,
+            previousHash,
+        };
+    }
+    validateEvent(event) {
+        if (!event.eventId) {
+            throw new EventStoreError('Event ID is required', EventStoreErrorCode.INVALID_EVENT);
+        }
+        if (!event.eventType) {
+            throw new EventStoreError('Event type is required', EventStoreErrorCode.INVALID_EVENT);
+        }
+        if (!event.correlationId) {
+            throw new EventStoreError('Correlation ID is required', EventStoreErrorCode.INVALID_EVENT);
+        }
+        if (!event.payload) {
+            throw new EventStoreError('Event payload is required', EventStoreErrorCode.INVALID_EVENT);
+        }
+    }
+    async notifyListeners(event) {
+        for (const listener of this.listeners) {
+            try {
+                await listener(event);
+            }
+            catch (error) {
+                // Log but don't throw - listeners shouldn't block event creation
+                console.error('Event listener error:', error);
+            }
+        }
+    }
+}
+/**
+ * Create a proof event emitter
+ */
+export function createEventEmitter(config) {
+    return new ProofEventEmitter(config);
+}
+//# sourceMappingURL=event-emitter.js.map

package/dist/events/event-emitter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"event-emitter.js","sourceRoot":"","sources":["../../src/events/event-emitter.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,EAAE,IAAI,MAAM,EAAE,MAAM,MAAM,CAAC;AAQpC,OAAO,EAAwB,eAAe,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC9F,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACnE,OAAO,EAA4B,SAAS,EAAE,MAAM,uBAAuB,CAAC;AA0E5E;;GAEG;AACH,MAAM,OAAO,iBAAiB;IACX,KAAK,CAAkB;IACvB,QAAQ,CAAU;IAClB,gBAAgB,CAAU;IAC1B,cAAc,CAAuB;IACrC,UAAU,CAAU;IACpB,SAAS,CAAkB;IAC3B,UAAU,CAAmB;IACtC,QAAQ,GAAkB,OAAO,CAAC,OAAO,EAAE,CAAC;IAEpD,YAAY,MAA0B;QACpC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;QAChC,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,IAAI,KAAK,CAAC;QACzD,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QAC5C,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;QACpC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC;QACxC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,YAAY,CAAC;QAEpD,iCAAiC;QACjC,IAAI,IAAI,CAAC,gBAAgB,IAAI,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACtE,OAAO,CAAC,IAAI,CACV,uFAAuF;gBACvF,4CAA4C,CAC7C,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,gBAAgB;QACd,OAAO,IAAI,CAAC,gBAAgB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACxF,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,UAAU,KAAK,YAAY,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,aAAa;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,IAAI,CAAC,OAA6B;QACtC,qDAAqD;QACrD,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CACb,SAAyB,EACzB,aAAqB,EACrB,OAAU,EACV,OAAgB;QAEhB,OAAO,IAAI,CAAC,IAAI,CAAC;YACf,SAAS;YACT,aAAa;YACb,OAAO;YACP,OAAO;YACP,UAAU,EAAE,IAAI,IAAI,EAAE;YACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CACb,QAAgC,EAChC,OAA0B;QAE1B,MAAM,MAAM,GAAiB,EAAE,CAAC;QAChC,MAAM,MAAM,GAA2C,EAAE,CAAC;QAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG;oBACd,GAAG,QAAQ,CAAC,CAAC,CAAC;oBACd,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC,aAAa;iBACnE,CAAC;gBACF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBACxC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;gBACtE,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;gBACtC,IAAI,OAAO,EAAE,WAAW,EAAE,CAAC;oBACzB,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO;YACL,MAAM;YACN,MAAM;YACN,OAAO,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,QAAuB;QACjC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,QAAuB;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;YACjB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,kBAAkB;IAEV,KAAK,CAAC,cAAc,CAAC,OAA6B;QACxD,wCAAwC;QACxC,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC;QACnC,IAAI,OAAmB,CAAC;QACxB,IAAI,CAAC,QAAQ,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnD,IAAI,CAAC;YACH,MAAM,YAAY,CAAC;YACnB,OAAO,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;QACjD,CAAC;gBAAS,CAAC;YACT,OAAQ,EAAE,CAAC;QACb,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,OAA6B;QAC7D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC;QAEzB,iCAAiC;QACjC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,cAAc,EAAE,CAAC;QAC1E,MAAM,SAAS,GAAG,YAAY,KAAK,IAAI,CAAC;QAExC,gCAAgC;QAChC,MAAM,cAAc,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,CAAC;QAEhG,yCAAyC;QACzC,MAAM,sBAAsB,GAA+D;YACzF,OAAO;YACP,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,YAAY;YACZ,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,GAAG;YACrC,QAAQ,EAAE,cAAc;YACxB,qDAAqD;YACrD,UAAU,EAAE,IAAI,CAAC,UAAU,KAAK,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;SAC3E,CAAC;QAEF,gCAAgC;QAChC,IAAI,SAA6B,CAAC;QAClC,IAAI,IAAI,CAAC,gBAAgB,EAAE,IAAI,cAAc,EAAE,CAAC;YAC9C,IAAI,CAAC;gBACH,IAAI,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,EAAE,CAAC;oBACnC,SAAS,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;gBACrE,CAAC;qBAAM,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBAC3B,SAAS,GAAG,MAAM,SAAS,CAAC,sBAAsB,EAAE,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;gBACvF,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,KAAK,CAAC,CAAC;gBAClE,mEAAmE;YACrE,CAAC;QACH,CAAC;QAED,oDAAoD;QACpD,MAAM,YAAY,GAAiD;YACjE,GAAG,sBAAsB;YACzB,SAAS;SACV,CAAC;QAEF,+CAA+C;QAC/C,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,YAAY,CAAC,CAAC;QAEvD,wBAAwB;QACxB,MAAM,KAAK,GAAe;YACxB,GAAG,YAAY;YACf,SAAS;YACT,UAAU,EAAE,GAAG;SAChB,CAAC;QAEF,qBAAqB;QACrB,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAE1B,kBAAkB;QAClB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAEnD,mBAAmB;QACnB,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;QAExC,OAAO;YACL,KAAK,EAAE,WAAW;YAClB,SAAS;YACT,YAAY;SACb,CAAC;IACJ,CAAC;IAEO,aAAa,CAAC,KAAiB;QACrC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,eAAe,CACvB,sBAAsB,EACtB,mBAAmB,CAAC,aAAa,CAClC,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACrB,MAAM,IAAI,eAAe,CACvB,wBAAwB,EACxB,mBAAmB,CAAC,aAAa,CAClC,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;YACzB,MAAM,IAAI,eAAe,CACvB,4BAA4B,EAC5B,mBAAmB,CAAC,aAAa,CAClC,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,eAAe,CACvB,2BAA2B,EAC3B,mBAAmB,CAAC,aAAa,CAClC,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,eAAe,CAAC,KAAiB;QAC7C,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC;YACxB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,iEAAiE;gBACjE,OAAO,CAAC,KAAK,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAA0B;IAC3D,OAAO,IAAI,iBAAiB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC"}

package/dist/events/event-signatures.d.ts

@@ -0,0 +1,154 @@
+/**
+ * Event Signatures - Ed25519 Digital Signatures for Proof Events
+ *
+ * Provides cryptographic signing and verification for proof events,
+ * ensuring authenticity and non-repudiation in the audit trail.
+ *
+ * Uses Ed25519 (EdDSA) which provides:
+ * - 128-bit security level
+ * - Small signatures (64 bytes)
+ * - Fast signing and verification
+ * - Deterministic signatures (no random nonce needed)
+ */
+import type { ProofEvent } from '@vorion/contracts';
+/**
+ * Signing key pair
+ */
+export interface SigningKeyPair {
+    /** Public key in base64 format */
+    publicKey: string;
+    /** Private key in base64 format (keep secret!) */
+    privateKey: string;
+    /** Key ID for identification */
+    keyId: string;
+    /** When the key was created */
+    createdAt: Date;
+    /** Service/component that owns this key */
+    owner: string;
+}
+/**
+ * Public key for verification only
+ */
+export interface PublicKey {
+    /** Public key in base64 format */
+    publicKey: string;
+    /** Key ID for identification */
+    keyId: string;
+    /** Service/component that owns this key */
+    owner: string;
+}
+/**
+ * Result of signature verification
+ */
+export interface SignatureVerificationResult {
+    /** Is the signature valid? */
+    valid: boolean;
+    /** Key ID that was used for signing */
+    keyId?: string;
+    /** Signer identity (signedBy field) */
+    signer?: string;
+    /** Error message if verification failed */
+    error?: string;
+    /** Verification timestamp */
+    verifiedAt: Date;
+}
+/**
+ * Configuration for the signing service
+ */
+export interface SigningServiceConfig {
+    /** Service identifier (used in signedBy field) */
+    serviceId: string;
+    /** Private key for signing (base64) */
+    privateKey?: string;
+    /** Key ID */
+    keyId?: string;
+    /** Known public keys for verification */
+    trustedKeys?: PublicKey[];
+}
+/**
+ * Generate a new Ed25519 signing key pair
+ */
+export declare function generateSigningKeyPair(owner: string): Promise<SigningKeyPair>;
+/**
+ * Sign an event using Ed25519
+ */
+export declare function signEvent(event: Omit<ProofEvent, 'signature' | 'eventHash' | 'recordedAt'>, privateKeyBase64: string, signedBy: string): Promise<string>;
+/**
+ * Verify an event signature using Ed25519
+ */
+export declare function verifyEventSignature(event: ProofEvent, publicKeyBase64: string): Promise<SignatureVerificationResult>;
+/**
+ * Event Signing Service - Manages signing keys and operations
+ */
+export declare class EventSigningService {
+    private readonly serviceId;
+    private readonly privateKey?;
+    private readonly keyId?;
+    private readonly trustedKeys;
+    constructor(config: SigningServiceConfig);
+    /**
+     * Check if this service can sign events
+     */
+    canSign(): boolean;
+    /**
+     * Get the service ID (used in signedBy field)
+     */
+    getServiceId(): string;
+    /**
+     * Get the key ID
+     */
+    getKeyId(): string | undefined;
+    /**
+     * Sign an event
+     */
+    sign(event: Omit<ProofEvent, 'signature' | 'eventHash' | 'recordedAt'>): Promise<string>;
+    /**
+     * Verify an event signature
+     */
+    verify(event: ProofEvent): Promise<SignatureVerificationResult>;
+    /**
+     * Add a trusted public key
+     */
+    addTrustedKey(key: PublicKey): void;
+    /**
+     * Remove a trusted public key
+     */
+    removeTrustedKey(owner: string): boolean;
+    /**
+     * Get all trusted keys
+     */
+    getTrustedKeys(): PublicKey[];
+    /**
+     * Check if a signer is trusted
+     */
+    isTrusted(signer: string): boolean;
+}
+/**
+ * Create an event signing service
+ */
+export declare function createSigningService(config: SigningServiceConfig): EventSigningService;
+/**
+ * Batch verification result
+ */
+export interface BatchVerificationResult {
+    /** Number of events verified */
+    totalEvents: number;
+    /** Number of valid signatures */
+    validCount: number;
+    /** Number of invalid signatures */
+    invalidCount: number;
+    /** Number of unsigned events */
+    unsignedCount: number;
+    /** All verification results */
+    results: Array<{
+        eventId: string;
+        result: SignatureVerificationResult;
+    }>;
+    /** Overall success (all signed events valid) */
+    success: boolean;
+}
+/**
+ * Verify signatures for a batch of events
+ */
+export declare function verifyEventSignatures(events: ProofEvent[], signingService: EventSigningService): Promise<BatchVerificationResult>;
+//# sourceMappingURL=event-signatures.d.ts.map

package/dist/events/event-signatures.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"event-signatures.d.ts","sourceRoot":"","sources":["../../src/events/event-signatures.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAqB,MAAM,mBAAmB,CAAC;AAEvE;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,kDAAkD;IAClD,UAAU,EAAE,MAAM,CAAC;IACnB,gCAAgC;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,+BAA+B;IAC/B,SAAS,EAAE,IAAI,CAAC;IAChB,2CAA2C;IAC3C,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,gCAAgC;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,2CAA2C;IAC3C,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,8BAA8B;IAC9B,KAAK,EAAE,OAAO,CAAC;IACf,uCAAuC;IACvC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,6BAA6B;IAC7B,UAAU,EAAE,IAAI,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,kDAAkD;IAClD,SAAS,EAAE,MAAM,CAAC;IAClB,uCAAuC;IACvC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,WAAW,CAAC,EAAE,SAAS,EAAE,CAAC;CAC3B;AAuFD;;GAEG;AACH,wBAAsB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAqBnF;AA8BD;;GAEG;AACH,wBAAsB,SAAS,CAC7B,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,WAAW,GAAG,WAAW,GAAG,YAAY,CAAC,EACjE,gBAAgB,EAAE,MAAM,EACxB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAcjB;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE,UAAU,EACjB,eAAe,EAAE,MAAM,GACtB,OAAO,CAAC,2BAA2B,CAAC,CAkDtC;AAED;;GAEG;AACH,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAyB;gBAEzC,MAAM,EAAE,oBAAoB;IAYxC;;OAEG;IACH,OAAO,IAAI,OAAO;IAIlB;;OAEG;IACH,YAAY,IAAI,MAAM;IAItB;;OAEG;IACH,QAAQ,IAAI,MAAM,GAAG,SAAS;IAI9B;;OAEG;IACG,IAAI,CACR,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,WAAW,GAAG,WAAW,GAAG,YAAY,CAAC,GAChE,OAAO,CAAC,MAAM,CAAC;IAQlB;;OAEG;IACG,MAAM,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,2BAA2B,CAAC;IAuBrE;;OAEG;IACH,aAAa,CAAC,GAAG,EAAE,SAAS,GAAG,IAAI;IAInC;;OAEG;IACH,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO;IAIxC;;OAEG;IACH,cAAc,IAAI,SAAS,EAAE;IAI7B;;OAEG;IACH,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;CAGnC;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,oBAAoB,GAAG,mBAAmB,CAEtF;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,gCAAgC;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,iCAAiC;IACjC,UAAU,EAAE,MAAM,CAAC;IACnB,mCAAmC;IACnC,YAAY,EAAE,MAAM,CAAC;IACrB,gCAAgC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,+BAA+B;IAC/B,OAAO,EAAE,KAAK,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,MAAM,EAAE,2BAA2B,CAAC;KACrC,CAAC,CAAC;IACH,gDAAgD;IAChD,OAAO,EAAE,OAAO,CAAC;CAClB;AAED;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,MAAM,EAAE,UAAU,EAAE,EACpB,cAAc,EAAE,mBAAmB,GAClC,OAAO,CAAC,uBAAuB,CAAC,CAsClC"}