@vorionsys/runtime 0.1.0

package/dist/trust-facade/types.d.ts

@@ -0,0 +1,211 @@
+/**
+ * TrustFacade Types
+ *
+ * Defines the unified trust interface combining Gate Trust (the door)
+ * and Dynamic Trust (the handshake).
+ *
+ * @packageDocumentation
+ */
+/**
+ * Trust tier levels (T0-T7)
+ */
+export type TrustTier = 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7;
+/**
+ * Trust tier names for display
+ */
+export declare const TRUST_TIER_NAMES: Record<TrustTier, string>;
+/**
+ * Trust score ranges for each tier
+ */
+export declare const TRUST_TIER_RANGES: Record<TrustTier, {
+    min: number;
+    max: number;
+}>;
+/**
+ * Decision tier for intent processing
+ */
+export type DecisionTier = 'GREEN' | 'YELLOW' | 'RED';
+/**
+ * Observation tier for agent visibility
+ */
+export type ObservationTier = 'BLACK_BOX' | 'GRAY_BOX' | 'WHITE_BOX';
+/**
+ * Agent credentials for admission
+ */
+export interface AgentCredentials {
+    /** Unique agent identifier */
+    agentId: string;
+    /** Agent name for display */
+    name: string;
+    /** Claimed capabilities */
+    capabilities: string[];
+    /** Observation tier - how visible is the agent's internals */
+    observationTier: ObservationTier;
+    /** Optional metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Result of agent admission (Gate Trust)
+ */
+export interface AdmissionResult {
+    /** Whether the agent was admitted */
+    admitted: boolean;
+    /** Initial trust tier assigned */
+    initialTier: TrustTier;
+    /** Initial trust score */
+    initialScore: number;
+    /** Maximum trust score based on observation tier */
+    observationCeiling: number;
+    /** Validated capabilities */
+    capabilities: string[];
+    /** When admission expires (requires re-verification) */
+    expiresAt: Date;
+    /** Reason for denial if not admitted */
+    reason?: string;
+}
+/**
+ * Action to be authorized
+ */
+export interface Action {
+    /** Action type (e.g., 'read', 'write', 'execute', 'delete') */
+    type: string;
+    /** Resource being acted upon */
+    resource: string;
+    /** Additional action context */
+    context?: Record<string, unknown>;
+}
+/**
+ * Constraints applied to authorized actions
+ */
+export interface Constraints {
+    /** Maximum number of operations */
+    maxOperations?: number;
+    /** Time limit in milliseconds */
+    timeoutMs?: number;
+    /** Resource limits */
+    resourceLimits?: {
+        maxMemoryMb?: number;
+        maxCpuPercent?: number;
+        maxNetworkRequests?: number;
+    };
+    /** Allowed resources (allowlist) */
+    allowedResources?: string[];
+    /** Blocked resources (blocklist) */
+    blockedResources?: string[];
+}
+/**
+ * Refinement option for YELLOW decisions
+ */
+export interface Refinement {
+    /** Refinement ID */
+    id: string;
+    /** Human-readable description */
+    description: string;
+    /** Modified action if this refinement is chosen */
+    modifiedAction: Action;
+    /** Constraints that would apply */
+    constraints: Constraints;
+}
+/**
+ * Result of action authorization (Dynamic Trust)
+ */
+export interface AuthorizationResult {
+    /** Whether the action is allowed */
+    allowed: boolean;
+    /** Decision tier */
+    tier: DecisionTier;
+    /** Current trust score */
+    currentScore: number;
+    /** Current trust tier */
+    currentTier: TrustTier;
+    /** Constraints if allowed */
+    constraints?: Constraints;
+    /** Refinement options if YELLOW */
+    refinements?: Refinement[];
+    /** Human-readable reason */
+    reason: string;
+    /** How long authorization took */
+    latencyMs: number;
+    /** Proof commitment ID */
+    proofCommitmentId?: string;
+}
+/**
+ * Combined result for full check (admission + authorization)
+ */
+export interface FullCheckResult {
+    /** Admission result */
+    admission: AdmissionResult;
+    /** Authorization result (if admitted) */
+    authorization?: AuthorizationResult;
+}
+/**
+ * Trust signal for updating dynamic trust
+ */
+export interface TrustSignal {
+    /** Agent ID */
+    agentId: string;
+    /** Signal type */
+    type: 'success' | 'failure' | 'violation' | 'neutral';
+    /** Signal weight (0-1) */
+    weight: number;
+    /** Signal source */
+    source: string;
+    /** Additional context */
+    context?: Record<string, unknown>;
+}
+/**
+ * Configuration for TrustFacade
+ */
+export interface TrustFacadeConfig {
+    /** Use atsf-core for persistence */
+    useAtsfForPersistence: boolean;
+    /** Use a3i for trust dynamics (asymmetric updates) */
+    useA3iForDynamics: boolean;
+    /** Primary source for trust scores */
+    primaryScoreSource: 'atsf' | 'a3i';
+    /** Cache TTL for gate trust results (ms) */
+    gateTrustCacheTtlMs: number;
+    /** Maximum authorization latency target (ms) */
+    maxAuthorizationLatencyMs: number;
+}
+/**
+ * Default configuration
+ */
+export declare const DEFAULT_TRUST_FACADE_CONFIG: TrustFacadeConfig;
+/**
+ * TrustGate interface - The unified trust API
+ */
+export interface TrustGate {
+    /**
+     * THE DOOR - Called once at agent registration
+     * Can be slow, result is cached
+     */
+    admit(agent: AgentCredentials): Promise<AdmissionResult>;
+    /**
+     * THE HANDSHAKE - Called every action
+     * Must be fast (<50ms), uses cached gate trust
+     */
+    authorize(agentId: string, action: Action): Promise<AuthorizationResult>;
+    /**
+     * Combined check - door + handshake in one call
+     * For new/unknown agents
+     */
+    fullCheck(agent: AgentCredentials, action: Action): Promise<FullCheckResult>;
+    /**
+     * Record a trust signal (positive or negative)
+     */
+    recordSignal(signal: TrustSignal): Promise<void>;
+    /**
+     * Get current trust score for an agent
+     */
+    getScore(agentId: string): Promise<number | null>;
+    /**
+     * Get current trust tier for an agent
+     */
+    getTier(agentId: string): Promise<TrustTier | null>;
+    /**
+     * Revoke agent admission
+     */
+    revoke(agentId: string, reason: string): Promise<void>;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/trust-facade/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/trust-facade/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;AAEtD;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAStD,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,SAAS,EAAE;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAS7E,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEtD;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,WAAW,GAAG,UAAU,GAAG,WAAW,CAAC;AAErE;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,8BAA8B;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,6BAA6B;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,2BAA2B;IAC3B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,8DAA8D;IAC9D,eAAe,EAAE,eAAe,CAAC;IACjC,wBAAwB;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,qCAAqC;IACrC,QAAQ,EAAE,OAAO,CAAC;IAClB,kCAAkC;IAClC,WAAW,EAAE,SAAS,CAAC;IACvB,0BAA0B;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,oDAAoD;IACpD,kBAAkB,EAAE,MAAM,CAAC;IAC3B,6BAA6B;IAC7B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,wDAAwD;IACxD,SAAS,EAAE,IAAI,CAAC;IAChB,wCAAwC;IACxC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB,+DAA+D;IAC/D,IAAI,EAAE,MAAM,CAAC;IACb,gCAAgC;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,gCAAgC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,mCAAmC;IACnC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,iCAAiC;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sBAAsB;IACtB,cAAc,CAAC,EAAE;QACf,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,CAAC;IACF,oCAAoC;IACpC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,oCAAoC;IACpC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,oBAAoB;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,mDAAmD;IACnD,cAAc,EAAE,MAAM,CAAC;IACvB,mCAAmC;IACnC,WAAW,EAAE,WAAW,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,oCAAoC;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,oBAAoB;IACpB,IAAI,EAAE,YAAY,CAAC;IACnB,0BAA0B;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,yBAAyB;IACzB,WAAW,EAAE,SAAS,CAAC;IACvB,6BAA6B;IAC7B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,mCAAmC;IACnC,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,4BAA4B;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,uBAAuB;IACvB,SAAS,EAAE,eAAe,CAAC;IAC3B,yCAAyC;IACzC,aAAa,CAAC,EAAE,mBAAmB,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,eAAe;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB;IAClB,IAAI,EAAE,SAAS,GAAG,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;IACtD,0BAA0B;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,oBAAoB;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,yBAAyB;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,oCAAoC;IACpC,qBAAqB,EAAE,OAAO,CAAC;IAC/B,sDAAsD;IACtD,iBAAiB,EAAE,OAAO,CAAC;IAC3B,sCAAsC;IACtC,kBAAkB,EAAE,MAAM,GAAG,KAAK,CAAC;IACnC,4CAA4C;IAC5C,mBAAmB,EAAE,MAAM,CAAC;IAC5B,gDAAgD;IAChD,yBAAyB,EAAE,MAAM,CAAC;CACnC;AAED;;GAEG;AACH,eAAO,MAAM,2BAA2B,EAAE,iBAMzC,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB;;;OAGG;IACH,KAAK,CAAC,KAAK,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;IAEzD;;;OAGG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAEzE;;;OAGG;IACH,SAAS,CAAC,KAAK,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;IAE7E;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjD;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAElD;;OAEG;IACH,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAEpD;;OAEG;IACH,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACxD"}

package/dist/trust-facade/types.js

@@ -0,0 +1,45 @@
+/**
+ * TrustFacade Types
+ *
+ * Defines the unified trust interface combining Gate Trust (the door)
+ * and Dynamic Trust (the handshake).
+ *
+ * @packageDocumentation
+ */
+/**
+ * Trust tier names for display
+ */
+export const TRUST_TIER_NAMES = {
+    0: 'Sandbox',
+    1: 'Observed',
+    2: 'Provisional',
+    3: 'Monitored',
+    4: 'Standard',
+    5: 'Trusted',
+    6: 'Certified',
+    7: 'Autonomous',
+};
+/**
+ * Trust score ranges for each tier
+ */
+export const TRUST_TIER_RANGES = {
+    0: { min: 0, max: 199 },
+    1: { min: 200, max: 349 },
+    2: { min: 350, max: 499 },
+    3: { min: 500, max: 649 },
+    4: { min: 650, max: 799 },
+    5: { min: 800, max: 875 },
+    6: { min: 876, max: 950 },
+    7: { min: 951, max: 1000 },
+};
+/**
+ * Default configuration
+ */
+export const DEFAULT_TRUST_FACADE_CONFIG = {
+    useAtsfForPersistence: true,
+    useA3iForDynamics: true,
+    primaryScoreSource: 'atsf',
+    gateTrustCacheTtlMs: 3600000, // 1 hour
+    maxAuthorizationLatencyMs: 50,
+};
+//# sourceMappingURL=types.js.map

package/dist/trust-facade/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/trust-facade/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAOH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAA8B;IACzD,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,UAAU;IACb,CAAC,EAAE,aAAa;IAChB,CAAC,EAAE,WAAW;IACd,CAAC,EAAE,UAAU;IACb,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,WAAW;IACd,CAAC,EAAE,YAAY;CAChB,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAoD;IAChF,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE;IACvB,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;IACzB,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;IACzB,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;IACzB,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;IACzB,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;IACzB,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;IACzB,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE;CAC3B,CAAC;AAgKF;;GAEG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAsB;IAC5D,qBAAqB,EAAE,IAAI;IAC3B,iBAAiB,EAAE,IAAI;IACvB,kBAAkB,EAAE,MAAM;IAC1B,mBAAmB,EAAE,OAAO,EAAE,SAAS;IACvC,yBAAyB,EAAE,EAAE;CAC9B,CAAC"}

package/package.json

@@ -0,0 +1,84 @@
+{
+  "name": "@vorionsys/runtime",
+  "version": "0.1.0",
+  "description": "Vorion Runtime - Orchestration layer for AI agent governance",
+  "publishConfig": {
+    "access": "public"
+  },
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./trust-facade": {
+      "types": "./dist/trust-facade/index.d.ts",
+      "import": "./dist/trust-facade/index.js"
+    },
+    "./intent-pipeline": {
+      "types": "./dist/intent-pipeline/index.d.ts",
+      "import": "./dist/intent-pipeline/index.js"
+    },
+    "./proof-committer": {
+      "types": "./dist/proof-committer/index.d.ts",
+      "import": "./dist/proof-committer/index.js"
+    },
+    "./stores": {
+      "types": "./dist/stores/index.d.ts",
+      "import": "./dist/stores/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src",
+    "clean": "rm -rf dist"
+  },
+  "dependencies": {
+    "better-sqlite3": "^11.0.0",
+    "pino": "^9.0.0",
+    "pino-pretty": "^11.0.0"
+  },
+  "devDependencies": {
+    "@types/better-sqlite3": "^7.6.11",
+    "@types/node": "^22.10.5",
+    "typescript": "^5.7.2",
+    "vitest": "^2.1.8"
+  },
+  "peerDependencies": {
+    "@vorionsys/atsf-core": ">=0.1.0",
+    "@vorionsys/contracts": ">=0.1.0",
+    "typescript": "^5.0.0"
+  },
+  "peerDependenciesMeta": {
+    "@vorionsys/atsf-core": {
+      "optional": true
+    },
+    "@vorionsys/contracts": {
+      "optional": true
+    }
+  },
+  "keywords": [
+    "ai",
+    "agent",
+    "trust",
+    "governance",
+    "runtime",
+    "vorion"
+  ],
+  "author": "Vorion",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/voriongit/vorion.git",
+    "directory": "packages/runtime"
+  }
+}