@wasmagent/aep 0.1.0 → 1.3.1

package/README.md

@@ -1,8 +1,10 @@
 # @wasmagent/aep
 
+> **Maturity: beta (v0.2 signature contract)** — AEP v0.2 Ed25519 signature contract shipped and schema-versioned. The signing key management story (KMS rotation, key revocation) is still evolving; treat key-id semantics as beta-stable.
+
 Agent Evidence Protocol — runtime action evidence and run provenance types for WasmAgent.
 
-Emit verifiable `AEPRecord` evidence after every agent run. Records are schema-versioned (`aep/v0.1`) and consumable by `evomerge` for audit and training data export.
+Emit verifiable `AEPRecord` evidence after every agent run. Records are schema-versioned; v0.2 (Ed25519 signature contract) is the current shipped schema. v0.1 records are still parsed for backward compatibility but no longer produced. Records are consumable by `evomerge` for audit and training data export.
 
 ## Install
 
@@ -40,6 +42,73 @@ const record = emitter.build();
 - [wasmagent-js security pack](https://WasmAgent.github.io/wasmagent-js/security-governance-pack/)
 - [trace-pipeline evomerge](https://github.com/WasmAgent/trace-pipeline)
 
+## Signature contract v0.2
+
+Every `AEPRecord` emitted via `AEPEmitter.emit()` carries a mandatory `signature` block:
+
+```ts
+signature: {
+  alg: "ed25519",   // always "ed25519" in v0.2
+  key_id: string,   // stable identifier for the signing key (e.g. "local-dev-key-01")
+  sig: string,      // base64-encoded 64-byte Ed25519 signature
+}
+```
+
+### What is signed
+
+The signature covers the **canonical serialisation** of the record minus the `signature` field itself.
+Canonical serialisation sorts JSON object keys lexicographically (recursive) and UTF-8-encodes the result.
+This means any field mutation (including `run_id`, `created_at_ms`, `actions`, etc.) invalidates the signature.
+
+### Verifying a record
+
+```ts
+import { verifyAEPRecord, createLocalSignerFromSeed } from "@wasmagent/aep";
+
+const signer = createLocalSignerFromSeed(seedHex, "my-key-01");
+const publicKey = await signer.getPublicKey();
+
+const valid = await verifyAEPRecord(record, publicKey);  // true / false
+```
+
+### KMS adapter interface
+
+To swap in a hardware KMS (AWS KMS, GCP Cloud KMS, HashiCorp Vault, etc.) implement the `AEPSigner` interface:
+
+```ts
+export interface AEPSigner {
+  readonly keyId: string;
+  sign(bytes: Uint8Array): Promise<string>;  // returns base64-encoded signature
+}
+```
+
+Example skeleton for AWS KMS (not included in this package — bring your own SDK):
+
+```ts
+import { KMSClient, SignCommand } from "@aws-sdk/client-kms";
+
+class AwsKmsSigner implements AEPSigner {
+  constructor(readonly keyId: string, private client: KMSClient) {}
+
+  async sign(bytes: Uint8Array): Promise<string> {
+    const resp = await this.client.send(new SignCommand({
+      KeyId: this.keyId,
+      Message: bytes,
+      MessageType: "RAW",
+      SigningAlgorithm: "ECDSA_SHA_256",  // use the algorithm supported by your key
+    }));
+    return Buffer.from(resp.Signature!).toString("base64");
+  }
+}
+```
+
+Pass any `AEPSigner` implementation to `AEPEmitter`:
+
+```ts
+const emitter = new AEPEmitter({ run_id: "run-001", signer: new AwsKmsSigner(keyId, kmsClient) });
+const record = await emitter.emit();
+```
+
 ## License
 
 Apache-2.0

package/dist/canonical.d.ts

@@ -0,0 +1,18 @@
+/**
+ * canonical.ts — deterministic serialisation for AEP record signing.
+ *
+ * Rules:
+ * - Object keys are sorted lexicographically (recursive).
+ * - Arrays preserve order.
+ * - The result is UTF-8 encoded JSON with no trailing newline.
+ *
+ * The `signature` field MUST be stripped before calling this function.
+ * That is the responsibility of the caller (AEPEmitter / verifyAEPRecord).
+ */
+/**
+ * Serialize an object to canonical UTF-8 bytes for signing.
+ *
+ * Object keys are sorted recursively; arrays preserve their order.
+ */
+export declare function canonicalBytes(obj: unknown): Uint8Array;
+//# sourceMappingURL=canonical.d.ts.map

package/dist/canonical.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"canonical.d.ts","sourceRoot":"","sources":["../src/canonical.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAaH;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,UAAU,CAGvD"}

package/dist/canonical.js

@@ -0,0 +1,31 @@
+/**
+ * canonical.ts — deterministic serialisation for AEP record signing.
+ *
+ * Rules:
+ * - Object keys are sorted lexicographically (recursive).
+ * - Arrays preserve order.
+ * - The result is UTF-8 encoded JSON with no trailing newline.
+ *
+ * The `signature` field MUST be stripped before calling this function.
+ * That is the responsibility of the caller (AEPEmitter / verifyAEPRecord).
+ */
+function sortedReplacer(_key, value) {
+    if (value !== null && typeof value === "object" && !Array.isArray(value)) {
+        const sorted = {};
+        for (const k of Object.keys(value).sort()) {
+            sorted[k] = value[k];
+        }
+        return sorted;
+    }
+    return value;
+}
+/**
+ * Serialize an object to canonical UTF-8 bytes for signing.
+ *
+ * Object keys are sorted recursively; arrays preserve their order.
+ */
+export function canonicalBytes(obj) {
+    const json = JSON.stringify(obj, sortedReplacer);
+    return new TextEncoder().encode(json);
+}
+//# sourceMappingURL=canonical.js.map

package/dist/canonical.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"canonical.js","sourceRoot":"","sources":["../src/canonical.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,SAAS,cAAc,CAAC,IAAY,EAAE,KAAc;IAClD,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzE,MAAM,MAAM,GAA4B,EAAE,CAAC;QAC3C,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,KAAgC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YACrE,MAAM,CAAC,CAAC,CAAC,GAAI,KAAiC,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,GAAY;IACzC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IACjD,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACxC,CAAC"}

package/dist/emitter.d.ts

@@ -1,3 +1,4 @@
+import type { AEPSigner } from "./signer.js";
 import type { ActionEvidence, AEPRecord, BudgetLedger, CapabilityDecision, InputRef, OutputRef, VerifierResult } from "./types.js";
 export interface AEPEmitterOptions {
     run_id: string;
@@ -9,6 +10,8 @@ export interface AEPEmitterOptions {
     model_id?: string;
     policy_bundle_digest?: string;
     tool_manifest_digest?: string;
+    /** Optional signer. When provided, emit() signs the record; build() remains unsigned-compatible via a dummy placeholder. */
+    signer?: AEPSigner;
 }
 export declare class AEPEmitter {
     #private;
@@ -22,7 +25,30 @@ export declare class AEPEmitter {
     addOutputRef(ref: OutputRef): void;
     addVerifierResult(result: VerifierResult): void;
     setBudgetLedger(ledger: BudgetLedger): void;
+    /**
+     * Build an unsigned AEPRecord. A placeholder `signature` block is included
+     * so the record satisfies the schema (signature is required since v0.2).
+     *
+     * For a fully signed record use `emit()` instead.
+     *
+     * @param createdAtMs - Override creation timestamp (defaults to performance.now()).
+     * @param signerOverride - Optional: provide a signer to sign inline (async variant).
+     *   Prefer `emit()` for async signing.
+     */
     build(createdAtMs?: number): AEPRecord;
+    /**
+     * Build and sign an AEPRecord.
+     *
+     * Sequence:
+     * 1. Assemble the record payload (no signature field yet).
+     * 2. Serialise to canonical bytes.
+     * 3. Sign with the configured AEPSigner.
+     * 4. Attach the `signature` block and validate the full schema.
+     *
+     * @param createdAtMs - Override creation timestamp.
+     * @throws If no signer was provided at construction time.
+     */
+    emit(createdAtMs?: number): Promise<AEPRecord>;
     static digestContent(content: string): string;
 }
 //# sourceMappingURL=emitter.d.ts.map

package/dist/emitter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"emitter.d.ts","sourceRoot":"","sources":["../src/emitter.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,cAAc,EACd,SAAS,EACT,YAAY,EACZ,kBAAkB,EAClB,QAAQ,EACR,SAAS,EACT,cAAc,EACf,MAAM,YAAY,CAAC;AAGpB,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,qBAAa,UAAU;;gBAST,IAAI,EAAE,iBAAiB;IAInC,SAAS,CACP,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,WAAW,GAAG,cAAc,CAAC,GAAG;QAC3D,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,GACA,IAAI;IAQP,qBAAqB,CAAC,QAAQ,EAAE,kBAAkB,GAAG,IAAI;IAIzD,WAAW,CAAC,GAAG,EAAE,QAAQ,GAAG,IAAI;IAIhC,YAAY,CAAC,GAAG,EAAE,SAAS,GAAG,IAAI;IAIlC,iBAAiB,CAAC,MAAM,EAAE,cAAc,GAAG,IAAI;IAI/C,eAAe,CAAC,MAAM,EAAE,YAAY,GAAG,IAAI;IAI3C,KAAK,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS;IActC,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;CAG9C"}
+{"version":3,"file":"emitter.d.ts","sourceRoot":"","sources":["../src/emitter.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,KAAK,EACV,cAAc,EACd,SAAS,EACT,YAAY,EACZ,kBAAkB,EAClB,QAAQ,EACR,SAAS,EACT,cAAc,EACf,MAAM,YAAY,CAAC;AAGpB,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,4HAA4H;IAC5H,MAAM,CAAC,EAAE,SAAS,CAAC;CACpB;AAED,qBAAa,UAAU;;gBAST,IAAI,EAAE,iBAAiB;IAInC,SAAS,CACP,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,WAAW,GAAG,cAAc,CAAC,GAAG;QAC3D,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,GACA,IAAI;IAQP,qBAAqB,CAAC,QAAQ,EAAE,kBAAkB,GAAG,IAAI;IAIzD,WAAW,CAAC,GAAG,EAAE,QAAQ,GAAG,IAAI;IAIhC,YAAY,CAAC,GAAG,EAAE,SAAS,GAAG,IAAI;IAIlC,iBAAiB,CAAC,MAAM,EAAE,cAAc,GAAG,IAAI;IAI/C,eAAe,CAAC,MAAM,EAAE,YAAY,GAAG,IAAI;IAI3C;;;;;;;;;OASG;IACH,KAAK,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS;IAetC;;;;;;;;;;;OAWG;IACG,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IA6CpD,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;CAG9C"}

package/dist/emitter.js

@@ -1,4 +1,5 @@
 import { createHash } from "node:crypto";
+import { canonicalBytes } from "./canonical.js";
 import { AEPRecordSchema } from "./types.js";
 export class AEPEmitter {
     #opts;
@@ -33,10 +34,73 @@ export class AEPEmitter {
     setBudgetLedger(ledger) {
         this.#budgetLedger = ledger;
     }
+    /**
+     * Build an unsigned AEPRecord. A placeholder `signature` block is included
+     * so the record satisfies the schema (signature is required since v0.2).
+     *
+     * For a fully signed record use `emit()` instead.
+     *
+     * @param createdAtMs - Override creation timestamp (defaults to performance.now()).
+     * @param signerOverride - Optional: provide a signer to sign inline (async variant).
+     *   Prefer `emit()` for async signing.
+     */
     build(createdAtMs) {
-        return AEPRecordSchema.parse({
-            schema_version: "aep/v0.1",
-            ...this.#opts,
+        const signer = this.#opts.signer;
+        if (signer) {
+            // Caller should use emit() when a signer is configured — but if they
+            // call build() synchronously we return a placeholder-signed record.
+            // The placeholder is stable and deterministic; it will fail verifyAEPRecord.
+            // This path is only reached in synchronous test helpers.
+        }
+        const unsigned = this.#buildUnsigned(createdAtMs);
+        const placeholder = signer
+            ? { alg: "ed25519", key_id: signer.keyId, sig: "UNSIGNED_PLACEHOLDER" }
+            : { alg: "ed25519", key_id: "none", sig: "UNSIGNED_PLACEHOLDER" };
+        return AEPRecordSchema.parse({ ...unsigned, signature: placeholder });
+    }
+    /**
+     * Build and sign an AEPRecord.
+     *
+     * Sequence:
+     * 1. Assemble the record payload (no signature field yet).
+     * 2. Serialise to canonical bytes.
+     * 3. Sign with the configured AEPSigner.
+     * 4. Attach the `signature` block and validate the full schema.
+     *
+     * @param createdAtMs - Override creation timestamp.
+     * @throws If no signer was provided at construction time.
+     */
+    async emit(createdAtMs) {
+        const signer = this.#opts.signer;
+        if (!signer) {
+            throw new Error("AEPEmitter.emit() requires a signer. Pass `signer` in AEPEmitterOptions or use build() for unsigned records.");
+        }
+        const unsigned = this.#buildUnsigned(createdAtMs);
+        // Parse through zod with a placeholder so that zod normalises the record
+        // (applies defaults, strips unknown fields) before we compute canonical bytes.
+        // verifyAEPRecord strips `signature` from the already-parsed record and
+        // recomputes the same canonical bytes, so both sides are consistent.
+        const placeholder = {
+            alg: "ed25519",
+            key_id: signer.keyId,
+            sig: "PLACEHOLDER",
+        };
+        const normalised = AEPRecordSchema.parse({ ...unsigned, signature: placeholder });
+        const { signature: _placeholder, ...normalisedUnsigned } = normalised;
+        const bytes = canonicalBytes(normalisedUnsigned);
+        const sig = await signer.sign(bytes);
+        const signature = {
+            alg: "ed25519",
+            key_id: signer.keyId,
+            sig,
+        };
+        return AEPRecordSchema.parse({ ...normalisedUnsigned, signature });
+    }
+    #buildUnsigned(createdAtMs) {
+        const { signer: _signer, ...opts } = this.#opts;
+        return {
+            schema_version: "aep/v0.2",
+            ...opts,
             input_refs: this.#inputRefs,
             output_refs: this.#outputRefs,
             capability_decisions: this.#capabilityDecisions,
@@ -44,7 +108,7 @@ export class AEPEmitter {
             verifier_results: this.#verifierResults,
             budget_ledger: this.#budgetLedger,
             created_at_ms: createdAtMs ?? performance.now(),
-        });
+        };
     }
     static digestContent(content) {
         return createHash("sha256").update(content).digest("hex");

package/dist/emitter.js.map

@@ -1 +1 @@
-{"version":3,"file":"emitter.js","sourceRoot":"","sources":["../src/emitter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAUzC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAc7C,MAAM,OAAO,UAAU;IACZ,KAAK,CAAoB;IACzB,QAAQ,GAAqB,EAAE,CAAC;IAChC,oBAAoB,GAAyB,EAAE,CAAC;IAChD,UAAU,GAAe,EAAE,CAAC;IAC5B,WAAW,GAAgB,EAAE,CAAC;IAC9B,gBAAgB,GAAqB,EAAE,CAAC;IACjD,aAAa,CAA2B;IAExC,YAAY,IAAuB;QACjC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;IAED,SAAS,CACP,MAGC;QAED,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,UAAU,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;YAC/D,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,GAAG,EAAE;YACtD,GAAG,MAAM;SACQ,CAAC,CAAC;IACvB,CAAC;IAED,qBAAqB,CAAC,QAA4B;QAChD,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IAED,WAAW,CAAC,GAAa;QACvB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC;IAED,YAAY,CAAC,GAAc;QACzB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,iBAAiB,CAAC,MAAsB;QACtC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAED,eAAe,CAAC,MAAoB;QAClC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,WAAoB;QACxB,OAAO,eAAe,CAAC,KAAK,CAAC;YAC3B,cAAc,EAAE,UAAU;YAC1B,GAAG,IAAI,CAAC,KAAK;YACb,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;YAC/C,OAAO,EAAE,IAAI,CAAC,QAAQ;YACtB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,aAAa,EAAE,WAAW,IAAI,WAAW,CAAC,GAAG,EAAE;SAChD,CAAC,CAAC;IACL,CAAC;IAED,MAAM,CAAC,aAAa,CAAC,OAAe;QAClC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5D,CAAC;CACF"}
+{"version":3,"file":"emitter.js","sourceRoot":"","sources":["../src/emitter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAWhD,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAgB7C,MAAM,OAAO,UAAU;IACZ,KAAK,CAAoB;IACzB,QAAQ,GAAqB,EAAE,CAAC;IAChC,oBAAoB,GAAyB,EAAE,CAAC;IAChD,UAAU,GAAe,EAAE,CAAC;IAC5B,WAAW,GAAgB,EAAE,CAAC;IAC9B,gBAAgB,GAAqB,EAAE,CAAC;IACjD,aAAa,CAA2B;IAExC,YAAY,IAAuB;QACjC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;IAED,SAAS,CACP,MAGC;QAED,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,UAAU,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;YAC/D,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,GAAG,EAAE;YACtD,GAAG,MAAM;SACQ,CAAC,CAAC;IACvB,CAAC;IAED,qBAAqB,CAAC,QAA4B;QAChD,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IAED,WAAW,CAAC,GAAa;QACvB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC;IAED,YAAY,CAAC,GAAc;QACzB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,iBAAiB,CAAC,MAAsB;QACtC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAED,eAAe,CAAC,MAAoB;QAClC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC;IAC9B,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,WAAoB;QACxB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;QACjC,IAAI,MAAM,EAAE,CAAC;YACX,qEAAqE;YACrE,oEAAoE;YACpE,6EAA6E;YAC7E,yDAAyD;QAC3D,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;QAClD,MAAM,WAAW,GAA2B,MAAM;YAChD,CAAC,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,sBAAsB,EAAE;YACvE,CAAC,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,sBAAsB,EAAE,CAAC;QACpE,OAAO,eAAe,CAAC,KAAK,CAAC,EAAE,GAAG,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;IACxE,CAAC;IAED;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,IAAI,CAAC,WAAoB;QAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;QACjC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CACb,8GAA8G,CAC/G,CAAC;QACJ,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;QAElD,yEAAyE;QACzE,+EAA+E;QAC/E,wEAAwE;QACxE,qEAAqE;QACrE,MAAM,WAAW,GAA2B;YAC1C,GAAG,EAAE,SAAS;YACd,MAAM,EAAE,MAAM,CAAC,KAAK;YACpB,GAAG,EAAE,aAAa;SACnB,CAAC;QACF,MAAM,UAAU,GAAG,eAAe,CAAC,KAAK,CAAC,EAAE,GAAG,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;QAClF,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,kBAAkB,EAAE,GAAG,UAAU,CAAC;QACtE,MAAM,KAAK,GAAG,cAAc,CAAC,kBAAkB,CAAC,CAAC;QACjD,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,SAAS,GAA2B;YACxC,GAAG,EAAE,SAAS;YACd,MAAM,EAAE,MAAM,CAAC,KAAK;YACpB,GAAG;SACJ,CAAC;QACF,OAAO,eAAe,CAAC,KAAK,CAAC,EAAE,GAAG,kBAAkB,EAAE,SAAS,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,cAAc,CAAC,WAAoB;QACjC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAChD,OAAO;YACL,cAAc,EAAE,UAAU;YAC1B,GAAG,IAAI;YACP,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;YAC/C,OAAO,EAAE,IAAI,CAAC,QAAQ;YACtB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,aAAa,EAAE,WAAW,IAAI,WAAW,CAAC,GAAG,EAAE;SAChD,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,aAAa,CAAC,OAAe;QAClC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5D,CAAC;CACF"}

package/dist/index.d.ts

@@ -1,3 +1,6 @@
+export * from "./canonical.js";
 export * from "./emitter.js";
+export * from "./signer.js";
 export * from "./types.js";
+export * from "./verify.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,YAAY,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,cAAc,CAAC;AAC7B,cAAc,aAAa,CAAC;AAC5B,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC"}

package/dist/index.js

@@ -1,3 +1,6 @@
+export * from "./canonical.js";
 export * from "./emitter.js";
+export * from "./signer.js";
 export * from "./types.js";
+export * from "./verify.js";
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,YAAY,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,cAAc,CAAC;AAC7B,cAAc,aAAa,CAAC;AAC5B,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC"}

package/dist/signer.d.ts

@@ -0,0 +1,64 @@
+/**
+ * AEPSigner — pluggable signing interface.
+ *
+ * Implement this interface to swap in a KMS adapter (AWS KMS, GCP KMS, etc.)
+ * without changing the AEPEmitter call site.
+ *
+ * KMS adapter shape (for reference — not implemented in this package):
+ *
+ * ```ts
+ * class AwsKmsSigner implements AEPSigner {
+ *   constructor(readonly keyId: string, private client: KMSClient) {}
+ *   async sign(bytes: Uint8Array): Promise<string> {
+ *     const resp = await this.client.send(new SignCommand({
+ *       KeyId: this.keyId,
+ *       Message: bytes,
+ *       SigningAlgorithm: "ED25519",
+ *     }));
+ *     return Buffer.from(resp.Signature!).toString("base64");
+ *   }
+ * }
+ * ```
+ */
+export interface AEPSigner {
+    /** Stable key identifier stored in the AEPRecord signature block. */
+    readonly keyId: string;
+    /**
+     * Sign the provided bytes and return a base64-encoded signature string.
+     *
+     * @param bytes - The canonical serialisation of the unsigned AEPRecord.
+     * @returns base64-encoded ed25519 signature (or equivalent for KMS adapters).
+     */
+    sign(bytes: Uint8Array): Promise<string>;
+}
+/**
+ * LocalEd25519Signer — in-process ed25519 signer backed by @noble/ed25519.
+ *
+ * Suitable for development, CI, and environments where a hardware KMS is
+ * unavailable. For production, replace with a KMS adapter that implements
+ * the AEPSigner interface above.
+ */
+export declare class LocalEd25519Signer implements AEPSigner {
+    #private;
+    readonly keyId: string;
+    constructor(keyId: string, secretKey: Uint8Array);
+    sign(bytes: Uint8Array): Promise<string>;
+    /** Returns the corresponding Ed25519 public key bytes (32 bytes). */
+    getPublicKey(): Promise<Uint8Array>;
+}
+/**
+ * createLocalSignerFromSeed — create a LocalEd25519Signer from a 32-byte hex seed.
+ *
+ * @param seedHex - 64-character hex string representing 32 secret key bytes.
+ * @param keyId   - Stable key identifier (e.g. "local-dev-key-01").
+ *
+ * @example
+ * ```ts
+ * const signer = createLocalSignerFromSeed(
+ *   "a".repeat(64),   // 32 zero-ish bytes for dev/testing
+ *   "local-dev-key-01"
+ * );
+ * ```
+ */
+export declare function createLocalSignerFromSeed(seedHex: string, keyId: string): LocalEd25519Signer;
+//# sourceMappingURL=signer.d.ts.map

package/dist/signer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../src/signer.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,WAAW,SAAS;IACxB,qEAAqE;IACrE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IAEvB;;;;;OAKG;IACH,IAAI,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC1C;AAED;;;;;;GAMG;AACH,qBAAa,kBAAmB,YAAW,SAAS;;IAClD,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;gBAIX,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU;IAK1C,IAAI,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;IAK9C,qEAAqE;IAC/D,YAAY,IAAI,OAAO,CAAC,UAAU,CAAC;CAM1C;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,kBAAkB,CAM5F"}

package/dist/signer.js

@@ -0,0 +1,50 @@
+import * as ed from "@noble/ed25519";
+/**
+ * LocalEd25519Signer — in-process ed25519 signer backed by @noble/ed25519.
+ *
+ * Suitable for development, CI, and environments where a hardware KMS is
+ * unavailable. For production, replace with a KMS adapter that implements
+ * the AEPSigner interface above.
+ */
+export class LocalEd25519Signer {
+    keyId;
+    #secretKey;
+    #publicKey;
+    constructor(keyId, secretKey) {
+        this.keyId = keyId;
+        this.#secretKey = secretKey;
+    }
+    async sign(bytes) {
+        const sigBytes = await ed.signAsync(bytes, this.#secretKey);
+        return Buffer.from(sigBytes).toString("base64");
+    }
+    /** Returns the corresponding Ed25519 public key bytes (32 bytes). */
+    async getPublicKey() {
+        if (!this.#publicKey) {
+            this.#publicKey = await ed.getPublicKeyAsync(this.#secretKey);
+        }
+        return this.#publicKey;
+    }
+}
+/**
+ * createLocalSignerFromSeed — create a LocalEd25519Signer from a 32-byte hex seed.
+ *
+ * @param seedHex - 64-character hex string representing 32 secret key bytes.
+ * @param keyId   - Stable key identifier (e.g. "local-dev-key-01").
+ *
+ * @example
+ * ```ts
+ * const signer = createLocalSignerFromSeed(
+ *   "a".repeat(64),   // 32 zero-ish bytes for dev/testing
+ *   "local-dev-key-01"
+ * );
+ * ```
+ */
+export function createLocalSignerFromSeed(seedHex, keyId) {
+    if (!/^[0-9a-fA-F]{64}$/.test(seedHex)) {
+        throw new Error("seedHex must be a 64-character hexadecimal string (32 bytes)");
+    }
+    const bytes = Uint8Array.from(Buffer.from(seedHex, "hex"));
+    return new LocalEd25519Signer(keyId, bytes);
+}
+//# sourceMappingURL=signer.js.map

package/dist/signer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"signer.js","sourceRoot":"","sources":["../src/signer.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,gBAAgB,CAAC;AAqCrC;;;;;;GAMG;AACH,MAAM,OAAO,kBAAkB;IACpB,KAAK,CAAS;IACd,UAAU,CAAa;IAChC,UAAU,CAAyB;IAEnC,YAAY,KAAa,EAAE,SAAqB;QAC9C,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,KAAiB;QAC1B,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAC5D,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAClD,CAAC;IAED,qEAAqE;IACrE,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,IAAI,CAAC,UAAU,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAChE,CAAC;QACD,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;CACF;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAe,EAAE,KAAa;IACtE,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IACD,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;IAC3D,OAAO,IAAI,kBAAkB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;AAC9C,CAAC"}

package/dist/types.d.ts

@@ -46,6 +46,18 @@ export declare const ActionEvidenceSchema: z.ZodObject<{
         reason_code?: string | undefined;
     }>>;
     timestamp_ms: z.ZodNumber;
+    parent_action_id: z.ZodOptional<z.ZodString>;
+    causal_chain_id: z.ZodOptional<z.ZodString>;
+    tool_descriptor_digest: z.ZodOptional<z.ZodString>;
+    server_card_digest: z.ZodOptional<z.ZodString>;
+    scope_lease_id: z.ZodOptional<z.ZodString>;
+    approval_context_hash: z.ZodOptional<z.ZodString>;
+    input_taint_labels: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    output_taint_labels: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    memory_read_refs: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    memory_write_refs: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    pre_state_digest: z.ZodOptional<z.ZodString>;
+    post_state_digest: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
     action_id: string;
     tool_name: string;
@@ -61,6 +73,18 @@ export declare const ActionEvidenceSchema: z.ZodObject<{
         decision: "allow" | "deny" | "ask_user" | "dry_run";
         reason_code?: string | undefined;
     } | undefined;
+    parent_action_id?: string | undefined;
+    causal_chain_id?: string | undefined;
+    tool_descriptor_digest?: string | undefined;
+    server_card_digest?: string | undefined;
+    scope_lease_id?: string | undefined;
+    approval_context_hash?: string | undefined;
+    input_taint_labels?: string[] | undefined;
+    output_taint_labels?: string[] | undefined;
+    memory_read_refs?: string[] | undefined;
+    memory_write_refs?: string[] | undefined;
+    pre_state_digest?: string | undefined;
+    post_state_digest?: string | undefined;
 }, {
     action_id: string;
     tool_name: string;
@@ -76,6 +100,18 @@ export declare const ActionEvidenceSchema: z.ZodObject<{
         decision: "allow" | "deny" | "ask_user" | "dry_run";
         reason_code?: string | undefined;
     } | undefined;
+    parent_action_id?: string | undefined;
+    causal_chain_id?: string | undefined;
+    tool_descriptor_digest?: string | undefined;
+    server_card_digest?: string | undefined;
+    scope_lease_id?: string | undefined;
+    approval_context_hash?: string | undefined;
+    input_taint_labels?: string[] | undefined;
+    output_taint_labels?: string[] | undefined;
+    memory_read_refs?: string[] | undefined;
+    memory_write_refs?: string[] | undefined;
+    pre_state_digest?: string | undefined;
+    post_state_digest?: string | undefined;
 }>;
 export type ActionEvidence = z.infer<typeof ActionEvidenceSchema>;
 export declare const InputRefSchema: z.ZodObject<{
@@ -247,8 +283,31 @@ export declare const BudgetLedgerSchema: z.ZodObject<{
     } | undefined;
 }>;
 export type BudgetLedger = z.infer<typeof BudgetLedgerSchema>;
+export declare const RunContextSchema: z.ZodObject<{
+    agent_id: z.ZodOptional<z.ZodString>;
+    agent_version: z.ZodOptional<z.ZodString>;
+    subagent_id: z.ZodOptional<z.ZodString>;
+    delegation_chain: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
+    environment_digest: z.ZodOptional<z.ZodString>;
+    dependency_lock_digest: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    delegation_chain: string[];
+    agent_id?: string | undefined;
+    agent_version?: string | undefined;
+    subagent_id?: string | undefined;
+    environment_digest?: string | undefined;
+    dependency_lock_digest?: string | undefined;
+}, {
+    agent_id?: string | undefined;
+    agent_version?: string | undefined;
+    subagent_id?: string | undefined;
+    delegation_chain?: string[] | undefined;
+    environment_digest?: string | undefined;
+    dependency_lock_digest?: string | undefined;
+}>;
+export type RunContext = z.infer<typeof RunContextSchema>;
 export declare const AEPRecordSchema: z.ZodObject<{
-    schema_version: z.ZodLiteral<"aep/v0.1">;
+    schema_version: z.ZodEnum<["aep/v0.1", "aep/v0.2"]>;
     run_id: z.ZodString;
     trace_id: z.ZodOptional<z.ZodString>;
     parent_trace_id: z.ZodOptional<z.ZodNullable<z.ZodString>>;
@@ -331,6 +390,18 @@ export declare const AEPRecordSchema: z.ZodObject<{
             reason_code?: string | undefined;
         }>>;
         timestamp_ms: z.ZodNumber;
+        parent_action_id: z.ZodOptional<z.ZodString>;
+        causal_chain_id: z.ZodOptional<z.ZodString>;
+        tool_descriptor_digest: z.ZodOptional<z.ZodString>;
+        server_card_digest: z.ZodOptional<z.ZodString>;
+        scope_lease_id: z.ZodOptional<z.ZodString>;
+        approval_context_hash: z.ZodOptional<z.ZodString>;
+        input_taint_labels: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        output_taint_labels: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        memory_read_refs: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        memory_write_refs: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        pre_state_digest: z.ZodOptional<z.ZodString>;
+        post_state_digest: z.ZodOptional<z.ZodString>;
     }, "strip", z.ZodTypeAny, {
         action_id: string;
         tool_name: string;
@@ -346,6 +417,18 @@ export declare const AEPRecordSchema: z.ZodObject<{
             decision: "allow" | "deny" | "ask_user" | "dry_run";
             reason_code?: string | undefined;
         } | undefined;
+        parent_action_id?: string | undefined;
+        causal_chain_id?: string | undefined;
+        tool_descriptor_digest?: string | undefined;
+        server_card_digest?: string | undefined;
+        scope_lease_id?: string | undefined;
+        approval_context_hash?: string | undefined;
+        input_taint_labels?: string[] | undefined;
+        output_taint_labels?: string[] | undefined;
+        memory_read_refs?: string[] | undefined;
+        memory_write_refs?: string[] | undefined;
+        pre_state_digest?: string | undefined;
+        post_state_digest?: string | undefined;
     }, {
         action_id: string;
         tool_name: string;
@@ -361,6 +444,18 @@ export declare const AEPRecordSchema: z.ZodObject<{
             decision: "allow" | "deny" | "ask_user" | "dry_run";
             reason_code?: string | undefined;
         } | undefined;
+        parent_action_id?: string | undefined;
+        causal_chain_id?: string | undefined;
+        tool_descriptor_digest?: string | undefined;
+        server_card_digest?: string | undefined;
+        scope_lease_id?: string | undefined;
+        approval_context_hash?: string | undefined;
+        input_taint_labels?: string[] | undefined;
+        output_taint_labels?: string[] | undefined;
+        memory_read_refs?: string[] | undefined;
+        memory_write_refs?: string[] | undefined;
+        pre_state_digest?: string | undefined;
+        post_state_digest?: string | undefined;
     }>, "many">>;
     verifier_results: z.ZodDefault<z.ZodArray<z.ZodObject<{
         verifier_id: z.ZodString;
@@ -491,21 +586,43 @@ export declare const AEPRecordSchema: z.ZodObject<{
         } | undefined;
     }>>;
     created_at_ms: z.ZodNumber;
-    signature: z.ZodOptional<z.ZodObject<{
-        alg: z.ZodString;
+    run_context: z.ZodOptional<z.ZodObject<{
+        agent_id: z.ZodOptional<z.ZodString>;
+        agent_version: z.ZodOptional<z.ZodString>;
+        subagent_id: z.ZodOptional<z.ZodString>;
+        delegation_chain: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
+        environment_digest: z.ZodOptional<z.ZodString>;
+        dependency_lock_digest: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        delegation_chain: string[];
+        agent_id?: string | undefined;
+        agent_version?: string | undefined;
+        subagent_id?: string | undefined;
+        environment_digest?: string | undefined;
+        dependency_lock_digest?: string | undefined;
+    }, {
+        agent_id?: string | undefined;
+        agent_version?: string | undefined;
+        subagent_id?: string | undefined;
+        delegation_chain?: string[] | undefined;
+        environment_digest?: string | undefined;
+        dependency_lock_digest?: string | undefined;
+    }>>;
+    signature: z.ZodObject<{
+        alg: z.ZodLiteral<"ed25519">;
         key_id: z.ZodString;
         sig: z.ZodString;
     }, "strip", z.ZodTypeAny, {
-        alg: string;
+        alg: "ed25519";
         key_id: string;
         sig: string;
     }, {
-        alg: string;
+        alg: "ed25519";
         key_id: string;
         sig: string;
-    }>>;
+    }>;
 }, "strip", z.ZodTypeAny, {
-    schema_version: "aep/v0.1";
+    schema_version: "aep/v0.1" | "aep/v0.2";
     run_id: string;
     input_refs: {
         uri: string;
@@ -539,6 +656,18 @@ export declare const AEPRecordSchema: z.ZodObject<{
             decision: "allow" | "deny" | "ask_user" | "dry_run";
             reason_code?: string | undefined;
         } | undefined;
+        parent_action_id?: string | undefined;
+        causal_chain_id?: string | undefined;
+        tool_descriptor_digest?: string | undefined;
+        server_card_digest?: string | undefined;
+        scope_lease_id?: string | undefined;
+        approval_context_hash?: string | undefined;
+        input_taint_labels?: string[] | undefined;
+        output_taint_labels?: string[] | undefined;
+        memory_read_refs?: string[] | undefined;
+        memory_write_refs?: string[] | undefined;
+        pre_state_digest?: string | undefined;
+        post_state_digest?: string | undefined;
     }[];
     verifier_results: {
         verifier_id: string;
@@ -547,6 +676,11 @@ export declare const AEPRecordSchema: z.ZodObject<{
         score?: number | undefined;
     }[];
     created_at_ms: number;
+    signature: {
+        alg: "ed25519";
+        key_id: string;
+        sig: string;
+    };
     trace_id?: string | undefined;
     parent_trace_id?: string | null | undefined;
     repo_commit?: string | undefined;
@@ -582,15 +716,23 @@ export declare const AEPRecordSchema: z.ZodObject<{
             limit?: number | undefined;
         } | undefined;
     } | undefined;
-    signature?: {
-        alg: string;
-        key_id: string;
-        sig: string;
+    run_context?: {
+        delegation_chain: string[];
+        agent_id?: string | undefined;
+        agent_version?: string | undefined;
+        subagent_id?: string | undefined;
+        environment_digest?: string | undefined;
+        dependency_lock_digest?: string | undefined;
     } | undefined;
 }, {
-    schema_version: "aep/v0.1";
+    schema_version: "aep/v0.1" | "aep/v0.2";
     run_id: string;
     created_at_ms: number;
+    signature: {
+        alg: "ed25519";
+        key_id: string;
+        sig: string;
+    };
     trace_id?: string | undefined;
     parent_trace_id?: string | null | undefined;
     repo_commit?: string | undefined;
@@ -632,6 +774,18 @@ export declare const AEPRecordSchema: z.ZodObject<{
             decision: "allow" | "deny" | "ask_user" | "dry_run";
             reason_code?: string | undefined;
         } | undefined;
+        parent_action_id?: string | undefined;
+        causal_chain_id?: string | undefined;
+        tool_descriptor_digest?: string | undefined;
+        server_card_digest?: string | undefined;
+        scope_lease_id?: string | undefined;
+        approval_context_hash?: string | undefined;
+        input_taint_labels?: string[] | undefined;
+        output_taint_labels?: string[] | undefined;
+        memory_read_refs?: string[] | undefined;
+        memory_write_refs?: string[] | undefined;
+        pre_state_digest?: string | undefined;
+        post_state_digest?: string | undefined;
     }[] | undefined;
     verifier_results?: {
         verifier_id: string;
@@ -665,10 +819,13 @@ export declare const AEPRecordSchema: z.ZodObject<{
             limit?: number | undefined;
         } | undefined;
     } | undefined;
-    signature?: {
-        alg: string;
-        key_id: string;
-        sig: string;
+    run_context?: {
+        agent_id?: string | undefined;
+        agent_version?: string | undefined;
+        subagent_id?: string | undefined;
+        delegation_chain?: string[] | undefined;
+        environment_digest?: string | undefined;
+        dependency_lock_digest?: string | undefined;
     } | undefined;
 }>;
 export type AEPRecord = z.infer<typeof AEPRecordSchema>;

package/dist/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;EAMnC,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAG1E,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAS/B,CAAC;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAGlE,eAAO,MAAM,cAAc;;;;;;;;;;;;EAIzB,CAAC;AACH,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAEtD,eAAO,MAAM,eAAe;;;;;;;;;;;;EAI1B,CAAC;AACH,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAGxD,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;EAK/B,CAAC;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAGlE,eAAO,MAAM,iBAAiB;;;;;;;;;EAG5B,CAAC;AACH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAG5D,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAO7B,CAAC;AACH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAG9D,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA0B1B,CAAC;AACH,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;EAMnC,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAG1E,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2B/B,CAAC;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAGlE,eAAO,MAAM,cAAc;;;;;;;;;;;;EAIzB,CAAC;AACH,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAEtD,eAAO,MAAM,eAAe;;;;;;;;;;;;EAI1B,CAAC;AACH,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAGxD,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;EAK/B,CAAC;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAGlE,eAAO,MAAM,iBAAiB;;;;;;;;;EAG5B,CAAC;AACH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAG5D,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAO7B,CAAC;AACH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAG9D,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;EAO3B,CAAC;AACH,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAG1D,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyB1B,CAAC;AACH,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC"}

package/dist/types.js

@@ -17,6 +17,24 @@ export const ActionEvidenceSchema = z.object({
     evidence_refs: z.array(z.string()).default([]),
     capability_decision: CapabilityDecisionSchema.optional(),
     timestamp_ms: z.number(),
+    // v0.2 causal chain fields
+    parent_action_id: z.string().optional(),
+    causal_chain_id: z.string().optional(),
+    // v0.2 tool/server provenance
+    tool_descriptor_digest: z.string().optional(),
+    server_card_digest: z.string().optional(),
+    // v0.2 scope & approval
+    scope_lease_id: z.string().optional(),
+    approval_context_hash: z.string().optional(),
+    // v0.2 taint tracking
+    input_taint_labels: z.array(z.string()).optional(),
+    output_taint_labels: z.array(z.string()).optional(),
+    // v0.2 memory provenance
+    memory_read_refs: z.array(z.string()).optional(),
+    memory_write_refs: z.array(z.string()).optional(),
+    // v0.2 state digests
+    pre_state_digest: z.string().optional(),
+    post_state_digest: z.string().optional(),
 });
 // InputRef / OutputRef — digested references to inputs and outputs
 export const InputRefSchema = z.object({
@@ -50,9 +68,18 @@ export const BudgetLedgerSchema = z.object({
     retry_budget: BudgetEntrySchema.optional(),
     human_approval_budget: BudgetEntrySchema.optional(),
 });
+// RunContext — execution environment and delegation metadata (v0.2)
+export const RunContextSchema = z.object({
+    agent_id: z.string().optional(),
+    agent_version: z.string().optional(),
+    subagent_id: z.string().optional(),
+    delegation_chain: z.array(z.string()).default([]),
+    environment_digest: z.string().optional(),
+    dependency_lock_digest: z.string().optional(),
+});
 // AEPRecord — the top-level Agent Evidence Protocol record
 export const AEPRecordSchema = z.object({
-    schema_version: z.literal("aep/v0.1"),
+    schema_version: z.enum(["aep/v0.1", "aep/v0.2"]),
     run_id: z.string(),
     trace_id: z.string().optional(),
     parent_trace_id: z.string().nullish(),
@@ -70,12 +97,11 @@ export const AEPRecordSchema = z.object({
     verifier_results: z.array(VerifierResultSchema).default([]),
     budget_ledger: BudgetLedgerSchema.optional(),
     created_at_ms: z.number(),
-    signature: z
-        .object({
-        alg: z.string(),
+    run_context: RunContextSchema.optional(),
+    signature: z.object({
+        alg: z.literal("ed25519"),
         key_id: z.string(),
         sig: z.string(),
-    })
-        .optional(),
+    }),
 });
 //# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,qEAAqE;AACrE,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;IAC1D,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACnC,CAAC,CAAC;AAGH,iEAAiE;AACjE,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,cAAc,EAAE,CAAC,CAAC,OAAO,EAAE;IAC3B,mBAAmB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1C,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC9C,mBAAmB,EAAE,wBAAwB,CAAC,QAAQ,EAAE;IACxD,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;CACzB,CAAC,CAAC;AAGH,mEAAmE;AACnE,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;IACf,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CAC9C,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;IACf,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACzC,CAAC,CAAC;AAGH,0CAA0C;AAC1C,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,MAAM,EAAE,CAAC,CAAC,OAAO,EAAE;IACnB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CAC3C,CAAC,CAAC;AAGH,qCAAqC;AACrC,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACxC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;CAClB,CAAC,CAAC;AAGH,4CAA4C;AAC5C,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,YAAY,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IAC1C,cAAc,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC/F,WAAW,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IACzC,WAAW,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IACzC,YAAY,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IAC1C,qBAAqB,EAAE,iBAAiB,CAAC,QAAQ,EAAE;CACpD,CAAC,CAAC;AAGH,2DAA2D;AAC3D,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,cAAc,EAAE,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC;IACrC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;IACrC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtC,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,oBAAoB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3C,oBAAoB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3C,sBAAsB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;IAC5C,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC/C,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACjD,oBAAoB,EAAE,CAAC,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACnE,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,gBAAgB,EAAE,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3D,aAAa,EAAE,kBAAkB,CAAC,QAAQ,EAAE;IAC5C,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IACzB,SAAS,EAAE,CAAC;SACT,MAAM,CAAC;QACN,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;QACf,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;QAClB,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;KAChB,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC"}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,qEAAqE;AACrE,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;IAC1D,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACnC,CAAC,CAAC;AAGH,iEAAiE;AACjE,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,cAAc,EAAE,CAAC,CAAC,OAAO,EAAE;IAC3B,mBAAmB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1C,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC9C,mBAAmB,EAAE,wBAAwB,CAAC,QAAQ,EAAE;IACxD,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;IACxB,2BAA2B;IAC3B,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACvC,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtC,8BAA8B;IAC9B,sBAAsB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7C,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACzC,wBAAwB;IACxB,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,qBAAqB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5C,sBAAsB;IACtB,kBAAkB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAClD,mBAAmB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACnD,yBAAyB;IACzB,gBAAgB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,iBAAiB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACjD,qBAAqB;IACrB,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACvC,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACzC,CAAC,CAAC;AAGH,mEAAmE;AACnE,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;IACf,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CAC9C,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;IACf,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACzC,CAAC,CAAC;AAGH,0CAA0C;AAC1C,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,MAAM,EAAE,CAAC,CAAC,OAAO,EAAE;IACnB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CAC3C,CAAC,CAAC;AAGH,qCAAqC;AACrC,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACxC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;CAClB,CAAC,CAAC;AAGH,4CAA4C;AAC5C,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,YAAY,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IAC1C,cAAc,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC/F,WAAW,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IACzC,WAAW,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IACzC,YAAY,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IAC1C,qBAAqB,EAAE,iBAAiB,CAAC,QAAQ,EAAE;CACpD,CAAC,CAAC;AAGH,oEAAoE;AACpE,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,gBAAgB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACjD,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACzC,sBAAsB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC9C,CAAC,CAAC;AAGH,2DAA2D;AAC3D,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IAChD,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;IACrC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtC,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,oBAAoB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3C,oBAAoB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3C,sBAAsB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;IAC5C,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC/C,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACjD,oBAAoB,EAAE,CAAC,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACnE,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,gBAAgB,EAAE,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3D,aAAa,EAAE,kBAAkB,CAAC,QAAQ,EAAE;IAC5C,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IACzB,WAAW,EAAE,gBAAgB,CAAC,QAAQ,EAAE;IACxC,SAAS,EAAE,CAAC,CAAC,MAAM,CAAC;QAClB,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;QACzB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;QAClB,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;KAChB,CAAC;CACH,CAAC,CAAC"}

package/dist/verify.d.ts

@@ -0,0 +1,15 @@
+import type { AEPRecord } from "./types.js";
+/**
+ * verifyAEPRecord — verify the ed25519 signature on an AEPRecord.
+ *
+ * Steps:
+ * 1. Strip the `signature` field to reconstruct the unsigned payload.
+ * 2. Re-compute the canonical bytes the signer would have signed.
+ * 3. Base64-decode the `sig` field and verify against the provided public key.
+ *
+ * @param record    - A complete AEPRecord (including `signature`).
+ * @param publicKey - 32-byte Ed25519 public key matching the `key_id` in the record.
+ * @returns `true` if the signature is valid and covers the current record contents.
+ */
+export declare function verifyAEPRecord(record: AEPRecord, publicKey: Uint8Array): Promise<boolean>;
+//# sourceMappingURL=verify.d.ts.map

package/dist/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE5C;;;;;;;;;;;GAWG;AACH,wBAAsB,eAAe,CAAC,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAWhG"}

package/dist/verify.js

@@ -0,0 +1,28 @@
+import * as ed from "@noble/ed25519";
+import { canonicalBytes } from "./canonical.js";
+/**
+ * verifyAEPRecord — verify the ed25519 signature on an AEPRecord.
+ *
+ * Steps:
+ * 1. Strip the `signature` field to reconstruct the unsigned payload.
+ * 2. Re-compute the canonical bytes the signer would have signed.
+ * 3. Base64-decode the `sig` field and verify against the provided public key.
+ *
+ * @param record    - A complete AEPRecord (including `signature`).
+ * @param publicKey - 32-byte Ed25519 public key matching the `key_id` in the record.
+ * @returns `true` if the signature is valid and covers the current record contents.
+ */
+export async function verifyAEPRecord(record, publicKey) {
+    try {
+        const { signature, ...unsigned } = record;
+        if (!signature)
+            return false;
+        const bytes = canonicalBytes(unsigned);
+        const sigBytes = Uint8Array.from(Buffer.from(signature.sig, "base64"));
+        return await ed.verifyAsync(sigBytes, bytes, publicKey);
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=verify.js.map

package/dist/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAGhD;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,MAAiB,EAAE,SAAqB;IAC5E,IAAI,CAAC;QACH,MAAM,EAAE,SAAS,EAAE,GAAG,QAAQ,EAAE,GAAG,MAAM,CAAC;QAC1C,IAAI,CAAC,SAAS;YAAE,OAAO,KAAK,CAAC;QAE7B,MAAM,KAAK,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC;QACvE,OAAO,MAAM,EAAE,CAAC,WAAW,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wasmagent/aep",
-  "version": "0.1.0",
+  "version": "1.3.1",
   "description": "Agent Evidence Protocol — runtime action evidence and run provenance types for WasmAgent",
   "type": "module",
   "main": "./dist/index.js",
@@ -18,6 +18,7 @@
     "clean": "rm -rf dist .turbo"
   },
   "dependencies": {
+    "@noble/ed25519": "^3.1.0",
     "zod": "^3.23.0"
   },
   "devDependencies": {
@@ -36,7 +37,7 @@
   ],
   "wasmagent": {
     "tier": "tier-1",
-    "stability": "experimental"
+    "stability": "beta"
   },
   "homepage": "https://github.com/WasmAgent/wasmagent-js/tree/main/packages/aep#readme",
   "license": "Apache-2.0",