@weave_protocol/domere 1.0.0

package/package.json

@@ -0,0 +1,24 @@
+{
+  "name": "@weave_protocol/domere",
+  "version": "1.0.0",
+  "description": "The Judge Protocol - Thread identity, intent verification, and blockchain anchoring",
+  "type": "module",
+  "main": "dist/index.js",
+  "bin": { "domere": "./dist/index.js" },
+  "scripts": {
+    "build": "tsc",
+    "start": "node dist/index.js",
+    "dev": "tsx src/index.ts"
+  },
+  "keywords": ["ai", "security", "mcp", "blockchain", "solana", "ethereum", "intent-verification"],
+  "license": "MIT",
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^0.5.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.10.0",
+    "typescript": "^5.3.0",
+    "tsx": "^4.7.0"
+  },
+  "engines": { "node": ">=18.0.0" }
+}

package/src/anchoring/ethereum.ts

@@ -0,0 +1,568 @@
+/**
+ * Dōmere - The Judge Protocol
+ * Ethereum Anchoring Client
+ * 
+ * Note: This is the client interface. The actual Ethereum contract
+ * should be deployed separately.
+ */
+
+import type { 
+  AnchorRequest, 
+  AnchorResult, 
+  AnchorVerification,
+  BlockchainNetwork 
+} from '../types.js';
+import { AnchoringError } from '../types.js';
+import { DEFAULT_CONFIG, PROTOCOL_FEES } from '../constants.js';
+
+// ============================================================================
+// Ethereum Client Interface
+// ============================================================================
+
+export interface EthereumConfig {
+  rpc_url: string;
+  contract_address: string;
+  chain_id?: number;
+}
+
+export interface EthereumAnchorData {
+  threadId: string;        // bytes32
+  merkleRoot: string;      // bytes32
+  hopCount: number;        // uint256
+  intentHash: string;      // bytes32
+  compliant: boolean;
+}
+
+// ============================================================================
+// Ethereum Anchoring Client
+// ============================================================================
+
+export class EthereumAnchorClient {
+  private config: EthereumConfig;
+  private isTestnet: boolean;
+  
+  constructor(config?: Partial<EthereumConfig>) {
+    this.config = {
+      rpc_url: config?.rpc_url ?? DEFAULT_CONFIG.anchoring.ethereum_rpc,
+      contract_address: config?.contract_address ?? DEFAULT_CONFIG.anchoring.ethereum_contract,
+      chain_id: config?.chain_id ?? 1,  // Mainnet default
+    };
+    this.isTestnet = this.config.rpc_url.includes('sepolia') || 
+                     this.config.rpc_url.includes('goerli') ||
+                     this.config.chain_id !== 1;
+  }
+  
+  /**
+   * Prepare anchor data for Ethereum
+   */
+  prepareAnchorData(request: AnchorRequest): EthereumAnchorData {
+    return {
+      threadId: this.stringToBytes32(request.thread_id),
+      merkleRoot: this.ensureBytes32(request.merkle_root),
+      hopCount: request.hop_count,
+      intentHash: this.ensureBytes32(request.intent_hash),
+      compliant: request.compliant,
+    };
+  }
+  
+  /**
+   * Estimate gas cost
+   */
+  async estimateGas(): Promise<{
+    gas_limit: number;
+    gas_price_gwei: number;
+    estimated_eth: string;
+    protocol_fee_eth: string;
+    total_eth: string;
+    usd_estimate?: string;
+  }> {
+    // Typical gas for storing thread anchor data
+    const gasLimit = 80000;  // Conservative estimate
+    
+    // This would normally be fetched from the network
+    // Using placeholder values
+    const gasPriceGwei = 30;  // Moderate gas price
+    const gasPriceWei = gasPriceGwei * 1e9;
+    const gasCostWei = gasLimit * gasPriceWei;
+    const gasCostEth = gasCostWei / 1e18;
+    
+    // Protocol fee is 5% of gas
+    const protocolFeeEth = gasCostEth * (PROTOCOL_FEES.ethereum.protocol_fee_bps / 10000);
+    
+    const totalEth = gasCostEth + protocolFeeEth;
+    
+    return {
+      gas_limit: gasLimit,
+      gas_price_gwei: gasPriceGwei,
+      estimated_eth: gasCostEth.toFixed(6),
+      protocol_fee_eth: protocolFeeEth.toFixed(6),
+      total_eth: totalEth.toFixed(6),
+    };
+  }
+  
+  /**
+   * Create anchor transaction
+   * 
+   * Returns unsigned transaction data for client-side signing.
+   */
+  async createAnchorTransaction(request: AnchorRequest): Promise<{
+    to: string;
+    data: string;
+    value: string;
+    gas_limit: number;
+    chain_id: number;
+    estimated_cost: any;
+  }> {
+    const anchorData = this.prepareAnchorData(request);
+    const cost = await this.estimateGas();
+    
+    // Encode function call: anchorThread(bytes32,bytes32,uint256,bytes32,bool)
+    const functionSelector = '0x' + this.keccak256('anchorThread(bytes32,bytes32,uint256,bytes32,bool)').slice(0, 8);
+    
+    const encodedData = functionSelector +
+      this.encodeBytes32(anchorData.threadId) +
+      this.encodeBytes32(anchorData.merkleRoot) +
+      this.encodeUint256(anchorData.hopCount) +
+      this.encodeBytes32(anchorData.intentHash) +
+      this.encodeBool(anchorData.compliant);
+    
+    return {
+      to: this.config.contract_address,
+      data: encodedData,
+      value: '0',  // Protocol fee handled by contract
+      gas_limit: cost.gas_limit,
+      chain_id: this.config.chain_id!,
+      estimated_cost: cost,
+    };
+  }
+  
+  /**
+   * Submit signed transaction
+   */
+  async submitSignedTransaction(signedTransaction: string): Promise<AnchorResult> {
+    // This is a placeholder - real implementation would:
+    // 1. Submit to Ethereum RPC (eth_sendRawTransaction)
+    // 2. Wait for confirmation
+    // 3. Return result
+    
+    const network: BlockchainNetwork = this.isTestnet ? 'ethereum-sepolia' : 'ethereum';
+    
+    // Simulate success for testing
+    const mockTxHash = '0x' + Array(64).fill(0).map(() => 
+      Math.floor(Math.random() * 16).toString(16)
+    ).join('');
+    
+    const mockBlockNumber = 19000000 + Math.floor(Math.random() * 100000);
+    
+    return {
+      success: true,
+      network,
+      transaction_id: mockTxHash,
+      block: mockBlockNumber,
+      timestamp: new Date(),
+      network_fee: '0.002',
+      protocol_fee: '0.0001',
+      total_cost: '0.0021',
+      verification_url: this.getExplorerUrl(mockTxHash),
+    };
+  }
+  
+  /**
+   * Verify anchor on-chain
+   */
+  async verifyAnchor(
+    threadId: string,
+    expectedMerkleRoot: string
+  ): Promise<AnchorVerification> {
+    // In production, this would call the contract's verifyAnchor function
+    
+    const network: BlockchainNetwork = this.isTestnet ? 'ethereum-sepolia' : 'ethereum';
+    
+    return {
+      valid: true,
+      thread_id: threadId,
+      merkle_root: expectedMerkleRoot,
+      anchor: {
+        network,
+        transaction_id: 'verification_pending',
+        timestamp: new Date(),
+        verified: false,
+      },
+      verified_at: new Date(),
+    };
+  }
+  
+  /**
+   * Create batch certification transaction
+   */
+  async createCertificationTransaction(config: {
+    period_id: string;
+    merkle_root: string;
+    attestation_count: number;
+    violation_count: number;
+    period_start: Date;
+    period_end: Date;
+  }): Promise<{
+    to: string;
+    data: string;
+    estimated_cost: any;
+  }> {
+    // Encode function call: certifyPeriod(bytes32,bytes32,uint256,uint256,uint256,uint256)
+    const functionSelector = '0x' + this.keccak256(
+      'certifyPeriod(bytes32,bytes32,uint256,uint256,uint256,uint256)'
+    ).slice(0, 8);
+    
+    const encodedData = functionSelector +
+      this.encodeBytes32(this.stringToBytes32(config.period_id)) +
+      this.encodeBytes32(this.ensureBytes32(config.merkle_root)) +
+      this.encodeUint256(config.attestation_count) +
+      this.encodeUint256(config.violation_count) +
+      this.encodeUint256(Math.floor(config.period_start.getTime() / 1000)) +
+      this.encodeUint256(Math.floor(config.period_end.getTime() / 1000));
+    
+    return {
+      to: this.config.contract_address,
+      data: encodedData,
+      estimated_cost: await this.estimateGas(),
+    };
+  }
+  
+  /**
+   * Get explorer URL
+   */
+  getExplorerUrl(txHash: string): string {
+    const base = this.isTestnet 
+      ? 'https://sepolia.etherscan.io'
+      : 'https://etherscan.io';
+    return `${base}/tx/${txHash}`;
+  }
+  
+  /**
+   * Get contract address
+   */
+  getContractAddress(): string {
+    return this.config.contract_address;
+  }
+  
+  // ============================================================================
+  // Encoding Utilities
+  // ============================================================================
+  
+  /**
+   * Convert string to bytes32 hex
+   */
+  private stringToBytes32(str: string): string {
+    const crypto = require('crypto');
+    const hash = crypto.createHash('sha256').update(str).digest('hex');
+    return '0x' + hash;
+  }
+  
+  /**
+   * Ensure value is bytes32 format
+   */
+  private ensureBytes32(hex: string): string {
+    let cleanHex = hex.startsWith('0x') ? hex.slice(2) : hex;
+    cleanHex = cleanHex.padStart(64, '0');
+    return '0x' + cleanHex;
+  }
+  
+  /**
+   * Encode bytes32 for ABI
+   */
+  private encodeBytes32(value: string): string {
+    const clean = value.startsWith('0x') ? value.slice(2) : value;
+    return clean.padStart(64, '0');
+  }
+  
+  /**
+   * Encode uint256 for ABI
+   */
+  private encodeUint256(value: number): string {
+    return value.toString(16).padStart(64, '0');
+  }
+  
+  /**
+   * Encode bool for ABI
+   */
+  private encodeBool(value: boolean): string {
+    return value ? '0'.repeat(63) + '1' : '0'.repeat(64);
+  }
+  
+  /**
+   * Simple keccak256 (placeholder - use ethers.js in production)
+   */
+  private keccak256(input: string): string {
+    // In production, use ethers.js keccak256
+    // This is a placeholder that returns a deterministic hash
+    const crypto = require('crypto');
+    return crypto.createHash('sha256').update(input).digest('hex');
+  }
+}
+
+// ============================================================================
+// Ethereum Contract ABI (for reference)
+// ============================================================================
+
+export const ETHEREUM_CONTRACT_ABI = [
+  {
+    "inputs": [
+      { "name": "threadId", "type": "bytes32" },
+      { "name": "merkleRoot", "type": "bytes32" },
+      { "name": "hopCount", "type": "uint256" },
+      { "name": "intentHash", "type": "bytes32" },
+      { "name": "compliant", "type": "bool" }
+    ],
+    "name": "anchorThread",
+    "outputs": [],
+    "stateMutability": "payable",
+    "type": "function"
+  },
+  {
+    "inputs": [
+      { "name": "periodId", "type": "bytes32" },
+      { "name": "merkleRoot", "type": "bytes32" },
+      { "name": "attestationCount", "type": "uint256" },
+      { "name": "violationCount", "type": "uint256" },
+      { "name": "periodStart", "type": "uint256" },
+      { "name": "periodEnd", "type": "uint256" }
+    ],
+    "name": "certifyPeriod",
+    "outputs": [],
+    "stateMutability": "payable",
+    "type": "function"
+  },
+  {
+    "inputs": [
+      { "name": "threadId", "type": "bytes32" },
+      { "name": "expectedMerkleRoot", "type": "bytes32" }
+    ],
+    "name": "verifyAnchor",
+    "outputs": [
+      { "name": "valid", "type": "bool" },
+      { "name": "timestamp", "type": "uint256" }
+    ],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "inputs": [
+      { "name": "threadId", "type": "bytes32" },
+      { "name": "attestationHash", "type": "bytes32" },
+      { "name": "merkleProof", "type": "bytes32[]" }
+    ],
+    "name": "verifyAttestation",
+    "outputs": [{ "name": "", "type": "bool" }],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      { "indexed": true, "name": "threadId", "type": "bytes32" },
+      { "indexed": false, "name": "merkleRoot", "type": "bytes32" },
+      { "indexed": false, "name": "anchorer", "type": "address" },
+      { "indexed": false, "name": "timestamp", "type": "uint256" }
+    ],
+    "name": "ThreadAnchored",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      { "indexed": true, "name": "periodId", "type": "bytes32" },
+      { "indexed": false, "name": "merkleRoot", "type": "bytes32" },
+      { "indexed": false, "name": "attestationCount", "type": "uint256" },
+      { "indexed": false, "name": "timestamp", "type": "uint256" }
+    ],
+    "name": "PeriodCertified",
+    "type": "event"
+  }
+];
+
+// ============================================================================
+// Solidity Contract (for reference)
+// ============================================================================
+
+export const ETHEREUM_CONTRACT_SOURCE = `
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.19;
+
+/**
+ * @title DomereProtocol
+ * @dev Thread anchoring and compliance certification for AI agent security
+ */
+contract DomereProtocol {
+    
+    // Protocol fee (5% of gas, calculated off-chain and sent as msg.value)
+    uint256 public protocolFeeBps = 500;
+    address public treasury;
+    address public owner;
+    
+    struct ThreadAnchor {
+        bytes32 merkleRoot;
+        uint256 hopCount;
+        bytes32 intentHash;
+        bool compliant;
+        uint256 timestamp;
+        address anchorer;
+    }
+    
+    struct CompliancePeriod {
+        bytes32 merkleRoot;
+        uint256 attestationCount;
+        uint256 violationCount;
+        uint256 periodStart;
+        uint256 periodEnd;
+        uint256 timestamp;
+        bool certified;
+    }
+    
+    mapping(bytes32 => ThreadAnchor) public anchors;
+    mapping(bytes32 => CompliancePeriod) public periods;
+    mapping(address => bool) public authorizedAnchors;
+    
+    event ThreadAnchored(
+        bytes32 indexed threadId,
+        bytes32 merkleRoot,
+        address anchorer,
+        uint256 timestamp
+    );
+    
+    event PeriodCertified(
+        bytes32 indexed periodId,
+        bytes32 merkleRoot,
+        uint256 attestationCount,
+        uint256 timestamp
+    );
+    
+    modifier onlyOwner() {
+        require(msg.sender == owner, "Not owner");
+        _;
+    }
+    
+    constructor(address _treasury) {
+        owner = msg.sender;
+        treasury = _treasury;
+        authorizedAnchors[msg.sender] = true;
+    }
+    
+    /**
+     * @dev Anchor a thread to the blockchain
+     */
+    function anchorThread(
+        bytes32 threadId,
+        bytes32 merkleRoot,
+        uint256 hopCount,
+        bytes32 intentHash,
+        bool compliant
+    ) external payable {
+        require(anchors[threadId].timestamp == 0, "Thread already anchored");
+        
+        // Store anchor
+        anchors[threadId] = ThreadAnchor({
+            merkleRoot: merkleRoot,
+            hopCount: hopCount,
+            intentHash: intentHash,
+            compliant: compliant,
+            timestamp: block.timestamp,
+            anchorer: msg.sender
+        });
+        
+        // Transfer protocol fee to treasury
+        if (msg.value > 0) {
+            payable(treasury).transfer(msg.value);
+        }
+        
+        emit ThreadAnchored(threadId, merkleRoot, msg.sender, block.timestamp);
+    }
+    
+    /**
+     * @dev Certify a compliance period
+     */
+    function certifyPeriod(
+        bytes32 periodId,
+        bytes32 merkleRoot,
+        uint256 attestationCount,
+        uint256 violationCount,
+        uint256 periodStart,
+        uint256 periodEnd
+    ) external payable {
+        require(authorizedAnchors[msg.sender], "Not authorized");
+        
+        periods[periodId] = CompliancePeriod({
+            merkleRoot: merkleRoot,
+            attestationCount: attestationCount,
+            violationCount: violationCount,
+            periodStart: periodStart,
+            periodEnd: periodEnd,
+            timestamp: block.timestamp,
+            certified: true
+        });
+        
+        if (msg.value > 0) {
+            payable(treasury).transfer(msg.value);
+        }
+        
+        emit PeriodCertified(periodId, merkleRoot, attestationCount, block.timestamp);
+    }
+    
+    /**
+     * @dev Verify a thread anchor
+     */
+    function verifyAnchor(
+        bytes32 threadId,
+        bytes32 expectedMerkleRoot
+    ) external view returns (bool valid, uint256 timestamp) {
+        ThreadAnchor memory anchor = anchors[threadId];
+        return (
+            anchor.merkleRoot == expectedMerkleRoot && anchor.timestamp > 0,
+            anchor.timestamp
+        );
+    }
+    
+    /**
+     * @dev Verify an attestation using Merkle proof
+     */
+    function verifyAttestation(
+        bytes32 threadId,
+        bytes32 attestationHash,
+        bytes32[] calldata merkleProof
+    ) external view returns (bool) {
+        ThreadAnchor memory anchor = anchors[threadId];
+        require(anchor.timestamp > 0, "Thread not anchored");
+        
+        bytes32 computedHash = attestationHash;
+        for (uint256 i = 0; i < merkleProof.length; i++) {
+            bytes32 proofElement = merkleProof[i];
+            if (computedHash <= proofElement) {
+                computedHash = keccak256(abi.encodePacked(computedHash, proofElement));
+            } else {
+                computedHash = keccak256(abi.encodePacked(proofElement, computedHash));
+            }
+        }
+        
+        return computedHash == anchor.merkleRoot;
+    }
+    
+    /**
+     * @dev Authorize an address to certify periods
+     */
+    function authorizeAnchor(address addr) external onlyOwner {
+        authorizedAnchors[addr] = true;
+    }
+    
+    /**
+     * @dev Revoke authorization
+     */
+    function revokeAuthorization(address addr) external onlyOwner {
+        authorizedAnchors[addr] = false;
+    }
+    
+    /**
+     * @dev Update treasury address
+     */
+    function setTreasury(address _treasury) external onlyOwner {
+        treasury = _treasury;
+    }
+}
+`;