@zcloak/ai-agent 1.0.0

package/dist/delete.js

@@ -0,0 +1,231 @@
+#!/usr/bin/env node
+"use strict";
+/**
+ * zCloak.ai File Deletion with 2FA Verification Tool
+ *
+ * Implements secure file deletion requiring 2FA (WebAuthn passkey) authorization.
+ * The deletion flow: prepare → user authenticates via browser → confirm & delete.
+ * Uses @dfinity JS SDK to interact directly with ICP canister, no dfx required.
+ *
+ * Usage:
+ *   zcloak-ai delete prepare <file_path>                Prepare 2FA request and generate authentication URL
+ *   zcloak-ai delete check <challenge>                  Check 2FA verification status
+ *   zcloak-ai delete confirm <challenge> <file_path>    Confirm 2FA and delete file if authorized
+ *
+ * All commands support --identity=<pem_path> to specify identity file.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.run = run;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+// ========== Help Information ==========
+function showHelp() {
+    console.log('zCloak.ai File Deletion with 2FA Verification Tool');
+    console.log('');
+    console.log('Usage:');
+    console.log('  zcloak-ai delete prepare <file_path>                Prepare 2FA request and generate auth URL');
+    console.log('  zcloak-ai delete check <challenge>                  Check 2FA verification status');
+    console.log('  zcloak-ai delete confirm <challenge> <file_path>    Confirm 2FA and delete file');
+    console.log('');
+    console.log('Options:');
+    console.log('  --identity=<pem_path>     Specify identity PEM file');
+    console.log('');
+    console.log('Flow:');
+    console.log('  1. Run `delete prepare <file>` to get a 2FA challenge and authentication URL');
+    console.log('  2. Open the URL in your browser and complete passkey authentication');
+    console.log('  3. Run `delete confirm <challenge> <file>` to verify 2FA and delete the file');
+    console.log('');
+    console.log('Examples:');
+    console.log('  zcloak-ai delete prepare ./report.pdf');
+    console.log('  zcloak-ai delete check "abc123..."');
+    console.log('  zcloak-ai delete confirm "abc123..." ./report.pdf');
+}
+// ========== Command Implementations ==========
+/**
+ * Prepare 2FA request for file deletion.
+ * Builds a JSON payload with file info, calls prepare_2fa_info on the canister,
+ * extracts the challenge, and generates a browser authentication URL.
+ */
+async function cmdPrepare(session, filePath) {
+    if (!filePath) {
+        console.error('Error: file path is required');
+        console.error('Usage: zcloak-ai delete prepare <file_path>');
+        process.exit(1);
+    }
+    // Resolve and verify the file exists
+    const resolvedPath = path_1.default.resolve(filePath);
+    if (!fs_1.default.existsSync(resolvedPath)) {
+        console.error(`Error: file not found: ${resolvedPath}`);
+        process.exit(1);
+    }
+    // Gather file information
+    const fileName = path_1.default.basename(resolvedPath);
+    const fileStats = fs_1.default.statSync(resolvedPath);
+    const fileSize = fileStats.size;
+    const requestTimestamp = Math.floor(Date.now() / 1000); // Unix timestamp in seconds
+    // Build the deletion info JSON payload
+    const deleteInfo = JSON.stringify({
+        operation: 'delete',
+        file_name: fileName,
+        file_size: fileSize,
+        request_timestamp: requestTimestamp,
+    });
+    console.error(`File: ${fileName} (${fileSize} bytes)`);
+    console.error('Calling prepare_2fa_info...');
+    // Call prepare_2fa_info (update call, requires identity)
+    const actor = await session.getRegistryActor();
+    const result = await actor.prepare_2fa_info(deleteInfo);
+    // Check return result — variant { Ok: text } | { Err: text }
+    if ('Err' in result) {
+        console.error('2FA preparation failed:');
+        console.log(`(variant { Err = "${result.Err}" })`);
+        process.exit(1);
+    }
+    // Parse the returned WebAuthn challenge JSON
+    const authContent = result.Ok;
+    let challenge;
+    try {
+        const parsed = JSON.parse(authContent);
+        challenge = parsed.publicKey?.challenge ?? '';
+        if (!challenge) {
+            throw new Error('challenge field not found in response');
+        }
+    }
+    catch {
+        console.error('Warning: could not extract challenge from response. Save the full response for later use.');
+        challenge = '';
+    }
+    // Build the 2FA authentication URL
+    const twofaBase = session.getTwoFAUrl();
+    const url = `${twofaBase}?auth_content=${encodeURIComponent(authContent)}`;
+    // Output challenge for subsequent check/confirm commands
+    if (challenge) {
+        console.log('');
+        console.log('=== 2FA Challenge ===');
+        console.log('');
+        console.log(challenge);
+    }
+    // Output authentication URL
+    console.log('');
+    console.log('=== 2FA Authentication URL ===');
+    console.log('');
+    console.log(url);
+    console.log('');
+    console.log('Please open the URL above in your browser and use your passkey to authorize the file deletion.');
+    if (challenge) {
+        console.log('');
+        console.log('After completing authentication, run:');
+        console.log(`  zcloak-ai delete confirm "${challenge}" "${filePath}"`);
+    }
+}
+/**
+ * Check 2FA verification status by challenge string.
+ * Queries the canister to see if the 2FA has been confirmed.
+ */
+async function cmdCheck(session, challenge) {
+    if (!challenge) {
+        console.error('Error: challenge string is required');
+        console.error('Usage: zcloak-ai delete check <challenge>');
+        process.exit(1);
+    }
+    console.error('Querying 2FA result...');
+    // Query 2FA result (query call, can use anonymous actor)
+    const actor = await session.getAnonymousRegistryActor();
+    const result = await actor.query_2fa_result_by_challenge(challenge);
+    // opt TwoFARecord — empty array means no record found
+    if (!result || result.length === 0) {
+        console.log('Status: not found');
+        console.log('No 2FA record found for this challenge. The challenge may be invalid or expired.');
+        return;
+    }
+    const record = result[0];
+    // Check confirm_timestamp — CandidOpt: [] means pending, [timestamp] means confirmed
+    const isConfirmed = record.confirm_timestamp.length > 0;
+    console.log(`Status: ${isConfirmed ? 'confirmed' : 'pending'}`);
+    console.log(`Caller: ${record.caller}`);
+    console.log(`Owners: ${record.owner_list.join(', ')}`);
+    if (isConfirmed) {
+        console.log(`Confirmed by: ${record.confirm_owner.length > 0 ? record.confirm_owner[0] : 'unknown'}`);
+        console.log(`Confirmed at: ${record.confirm_timestamp[0].toString()}`);
+    }
+    else {
+        console.log('');
+        console.log('The 2FA has not been confirmed yet. Please complete passkey authentication first.');
+    }
+}
+/**
+ * Confirm 2FA and delete the file.
+ * Queries the 2FA result, and if confirmed, deletes the specified file.
+ */
+async function cmdConfirm(session, challenge, filePath) {
+    if (!challenge || !filePath) {
+        console.error('Error: both challenge and file path are required');
+        console.error('Usage: zcloak-ai delete confirm <challenge> <file_path>');
+        process.exit(1);
+    }
+    // Resolve and verify the file exists
+    const resolvedPath = path_1.default.resolve(filePath);
+    if (!fs_1.default.existsSync(resolvedPath)) {
+        console.error(`Error: file not found: ${resolvedPath}`);
+        process.exit(1);
+    }
+    console.error('Querying 2FA result...');
+    // Query 2FA result (query call, can use anonymous actor)
+    const actor = await session.getAnonymousRegistryActor();
+    const result = await actor.query_2fa_result_by_challenge(challenge);
+    // opt TwoFARecord — empty array means no record found
+    if (!result || result.length === 0) {
+        console.error('Error: no 2FA record found for this challenge.');
+        console.error('The challenge may be invalid or expired.');
+        process.exit(1);
+    }
+    const record = result[0];
+    // Check confirm_timestamp — CandidOpt: [] means pending, [timestamp] means confirmed
+    const isConfirmed = record.confirm_timestamp.length > 0;
+    if (!isConfirmed) {
+        console.error('Error: 2FA has not been confirmed yet.');
+        console.error('Please complete passkey authentication in your browser first.');
+        process.exit(1);
+    }
+    // 2FA confirmed — proceed with file deletion
+    const fileName = path_1.default.basename(resolvedPath);
+    console.error(`2FA confirmed. Deleting file: ${fileName}`);
+    fs_1.default.unlinkSync(resolvedPath);
+    console.log(`File "${fileName}" deleted successfully.`);
+    console.log(`Confirmed by: ${record.confirm_owner.length > 0 ? record.confirm_owner[0] : 'unknown'}`);
+}
+// ========== Exported run() — called by cli.ts ==========
+/**
+ * Entry point when invoked via cli.ts.
+ * Receives a Session instance with pre-parsed arguments.
+ */
+async function run(session) {
+    const command = session.args._args[0];
+    try {
+        switch (command) {
+            case 'prepare':
+                await cmdPrepare(session, session.args._args[1]);
+                break;
+            case 'check':
+                await cmdCheck(session, session.args._args[1]);
+                break;
+            case 'confirm':
+                await cmdConfirm(session, session.args._args[1], session.args._args[2]);
+                break;
+            default:
+                showHelp();
+                if (command) {
+                    console.error(`\nUnknown command: ${command}`);
+                }
+                process.exit(1);
+        }
+    }
+    catch (err) {
+        console.error(`Operation failed: ${err instanceof Error ? err.message : String(err)}`);
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=delete.js.map

package/dist/delete.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"delete.js","sourceRoot":"","sources":["../src/delete.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;GAaG;;;;;AA2NH,kBAyBC;AAlPD,4CAAoB;AACpB,gDAAwB;AAGxB,yCAAyC;AACzC,SAAS,QAAQ;IACf,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtB,OAAO,CAAC,GAAG,CAAC,iGAAiG,CAAC,CAAC;IAC/G,OAAO,CAAC,GAAG,CAAC,qFAAqF,CAAC,CAAC;IACnG,OAAO,CAAC,GAAG,CAAC,mFAAmF,CAAC,CAAC;IACjG,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACxB,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;IACrE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACrB,OAAO,CAAC,GAAG,CAAC,gFAAgF,CAAC,CAAC;IAC9F,OAAO,CAAC,GAAG,CAAC,uEAAuE,CAAC,CAAC;IACrF,OAAO,CAAC,GAAG,CAAC,gFAAgF,CAAC,CAAC;IAC9F,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACzB,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,qDAAqD,CAAC,CAAC;AACrE,CAAC;AAED,gDAAgD;AAEhD;;;;GAIG;AACH,KAAK,UAAU,UAAU,CAAC,OAAgB,EAAE,QAA4B;IACtE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC7D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,qCAAqC;IACrC,MAAM,YAAY,GAAG,cAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC5C,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,KAAK,CAAC,0BAA0B,YAAY,EAAE,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,cAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,YAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;IAC5C,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC;IAChC,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAE,4BAA4B;IAErF,uCAAuC;IACvC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC;QAChC,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,QAAQ;QACnB,iBAAiB,EAAE,gBAAgB;KACpC,CAAC,CAAC;IAEH,OAAO,CAAC,KAAK,CAAC,SAAS,QAAQ,KAAK,QAAQ,SAAS,CAAC,CAAC;IACvD,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;IAE7C,yDAAyD;IACzD,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,gBAAgB,EAAE,CAAC;IAC/C,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAExD,6DAA6D;IAC7D,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6CAA6C;IAC7C,MAAM,WAAW,GAAG,MAAM,CAAC,EAAE,CAAC;IAC9B,IAAI,SAAiB,CAAC;IACtB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACvC,SAAS,GAAG,MAAM,CAAC,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC;QAC9C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,2FAA2F,CAAC,CAAC;QAC3G,SAAS,GAAG,EAAE,CAAC;IACjB,CAAC;IAED,mCAAmC;IACnC,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IACxC,MAAM,GAAG,GAAG,GAAG,SAAS,iBAAiB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;IAE3E,yDAAyD;IACzD,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACzB,CAAC;IAED,4BAA4B;IAC5B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,gGAAgG,CAAC,CAAC;IAC9G,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,+BAA+B,SAAS,MAAM,QAAQ,GAAG,CAAC,CAAC;IACzE,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,QAAQ,CAAC,OAAgB,EAAE,SAA6B;IACrE,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAExC,yDAAyD;IACzD,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,yBAAyB,EAAE,CAAC;IACxD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,6BAA6B,CAAC,SAAS,CAAC,CAAC;IAEpE,sDAAsD;IACtD,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,kFAAkF,CAAC,CAAC;QAChG,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAE,CAAC;IAC1B,qFAAqF;IACrF,MAAM,WAAW,GAAG,MAAM,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC;IAExD,OAAO,CAAC,GAAG,CAAC,WAAW,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvD,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACtG,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,iBAAiB,CAAC,CAAC,CAAE,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,mFAAmF,CAAC,CAAC;IACnG,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,UAAU,CACvB,OAAgB,EAChB,SAA6B,EAC7B,QAA4B;IAE5B,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QAClE,OAAO,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;QACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,qCAAqC;IACrC,MAAM,YAAY,GAAG,cAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC5C,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,KAAK,CAAC,0BAA0B,YAAY,EAAE,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAExC,yDAAyD;IACzD,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,yBAAyB,EAAE,CAAC;IACxD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,6BAA6B,CAAC,SAAS,CAAC,CAAC;IAEpE,sDAAsD;IACtD,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAChE,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAE,CAAC;IAC1B,qFAAqF;IACrF,MAAM,WAAW,GAAG,MAAM,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC;IAExD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACxD,OAAO,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;QAC/E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6CAA6C;IAC7C,MAAM,QAAQ,GAAG,cAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;IAC7C,OAAO,CAAC,KAAK,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;IAE3D,YAAE,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IAE5B,OAAO,CAAC,GAAG,CAAC,SAAS,QAAQ,yBAAyB,CAAC,CAAC;IACxD,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;AACxG,CAAC;AAED,0DAA0D;AAE1D;;;GAGG;AACI,KAAK,UAAU,GAAG,CAAC,OAAgB;IACxC,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEtC,IAAI,CAAC;QACH,QAAQ,OAAO,EAAE,CAAC;YAChB,KAAK,SAAS;gBACZ,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACjD,MAAM;YACR,KAAK,OAAO;gBACV,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC/C,MAAM;YACR,KAAK,SAAS;gBACZ,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACxE,MAAM;YACR;gBACE,QAAQ,EAAE,CAAC;gBACX,IAAI,OAAO,EAAE,CAAC;oBACZ,OAAO,CAAC,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;gBACjD,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,qBAAqB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACvF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/doc.d.ts

@@ -0,0 +1,23 @@
+#!/usr/bin/env node
+/**
+ * zCloak.ai Document Tool
+ *
+ * Provides MANIFEST.sha256 generation, verification, file hash computation, and more.
+ * Pure Node.js implementation, cross-platform compatible, no external shell commands required.
+ *
+ * Usage:
+ *   zcloak-ai doc manifest <folder_path> [--version=1.0.0]    Generate MANIFEST.sha256 (with metadata header)
+ *   zcloak-ai doc verify-manifest <folder_path>               Verify file integrity in MANIFEST.sha256
+ *   zcloak-ai doc hash <file_path>                            Compute single file SHA256 hash
+ *   zcloak-ai doc info <file_path>                            Show file hash, size, MIME, etc.
+ */
+import { Session } from './session';
+/**
+ * Entry point when invoked via cli.ts.
+ * Receives a Session instance with pre-parsed arguments.
+ *
+ * Note: doc commands are pure local operations (no canister calls),
+ * so Session is only used for argument parsing here.
+ */
+export declare function run(session: Session): void;
+//# sourceMappingURL=doc.d.ts.map

package/dist/doc.js

@@ -0,0 +1,180 @@
+#!/usr/bin/env node
+"use strict";
+/**
+ * zCloak.ai Document Tool
+ *
+ * Provides MANIFEST.sha256 generation, verification, file hash computation, and more.
+ * Pure Node.js implementation, cross-platform compatible, no external shell commands required.
+ *
+ * Usage:
+ *   zcloak-ai doc manifest <folder_path> [--version=1.0.0]    Generate MANIFEST.sha256 (with metadata header)
+ *   zcloak-ai doc verify-manifest <folder_path>               Verify file integrity in MANIFEST.sha256
+ *   zcloak-ai doc hash <file_path>                            Compute single file SHA256 hash
+ *   zcloak-ai doc info <file_path>                            Show file hash, size, MIME, etc.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.run = run;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const utils_1 = require("./utils");
+// ========== Help Information ==========
+function showHelp() {
+    console.log('zCloak.ai Document Tool');
+    console.log('');
+    console.log('Usage:');
+    console.log('  zcloak-ai doc manifest <folder_path> [--version=1.0.0]   Generate MANIFEST.sha256');
+    console.log('  zcloak-ai doc verify-manifest <folder_path>              Verify file integrity');
+    console.log('  zcloak-ai doc hash <file_path>                           Compute SHA256 hash');
+    console.log('  zcloak-ai doc info <file_path>                           Show file details');
+    console.log('');
+    console.log('Options:');
+    console.log('  --version=x.y.z  MANIFEST version (default: 1.0.0)');
+    console.log('');
+    console.log('Examples:');
+    console.log('  zcloak-ai doc manifest ./my-skill/ --version=2.0.0');
+    console.log('  zcloak-ai doc verify-manifest ./my-skill/');
+    console.log('  zcloak-ai doc hash ./report.pdf');
+    console.log('  zcloak-ai doc info ./report.pdf');
+}
+// ========== Command Implementations ==========
+/**
+ * Generate MANIFEST.sha256 (with metadata header)
+ * Format compatible with GNU sha256sum, metadata represented as # comment lines
+ */
+function cmdManifest(folderPath, args) {
+    if (!folderPath) {
+        console.error('Error: folder path is required');
+        process.exit(1);
+    }
+    if (!fs_1.default.existsSync(folderPath) || !fs_1.default.statSync(folderPath).isDirectory()) {
+        console.error(`Error: directory does not exist: ${folderPath}`);
+        process.exit(1);
+    }
+    const version = typeof args.version === 'string' ? args.version : '1.0.0';
+    try {
+        const result = (0, utils_1.generateManifest)(folderPath, { version });
+        console.log(`MANIFEST.sha256 generated: ${result.manifestPath}`);
+        console.log(`File count: ${result.fileCount}`);
+        console.log(`Version: ${version}`);
+        console.log(`MANIFEST SHA256: ${result.manifestHash}`);
+        console.log(`MANIFEST size: ${result.manifestSize} bytes`);
+    }
+    catch (err) {
+        console.error(`Failed to generate MANIFEST: ${err instanceof Error ? err.message : String(err)}`);
+        process.exit(1);
+    }
+}
+/**
+ * Verify file integrity in MANIFEST.sha256
+ * Uses shared MANIFEST parser from utils.ts for consistent parsing and strict validation
+ */
+function cmdVerifyManifest(folderPath) {
+    if (!folderPath) {
+        console.error('Error: folder path is required');
+        process.exit(1);
+    }
+    const manifestPath = path_1.default.join(folderPath, 'MANIFEST.sha256');
+    if (!fs_1.default.existsSync(manifestPath)) {
+        console.error(`Error: MANIFEST.sha256 not found: ${manifestPath}`);
+        process.exit(1);
+    }
+    const manifestContent = fs_1.default.readFileSync(manifestPath, 'utf-8');
+    const results = (0, utils_1.verifyManifestEntries)(manifestContent, folderPath);
+    let allPassed = true;
+    for (const r of results) {
+        if (r.passed) {
+            console.log(`OK: ${r.relativePath}`);
+        }
+        else {
+            const suffix = r.reason === 'not_found' ? ' (file not found)' : '';
+            console.log(`FAILED: ${r.relativePath}${suffix}`);
+            allPassed = false;
+        }
+    }
+    if (!allPassed) {
+        console.error(`\nVerification failed! Some files do not match (checked ${results.length} files)`);
+        process.exit(1);
+    }
+    console.log(`\nAll files verified successfully! (${results.length} files)`);
+    // Output MANIFEST hash (for subsequent on-chain verification)
+    const manifestHash = (0, utils_1.hashFile)(manifestPath);
+    console.log(`\nMANIFEST SHA256: ${manifestHash}`);
+    console.log('(Use this hash for on-chain signature verification: zcloak-ai verify file MANIFEST.sha256)');
+}
+/** Compute single file SHA256 hash */
+function cmdHash(filePath) {
+    if (!filePath) {
+        console.error('Error: file path is required');
+        process.exit(1);
+    }
+    if (!fs_1.default.existsSync(filePath)) {
+        console.error(`Error: file does not exist: ${filePath}`);
+        process.exit(1);
+    }
+    const hash = (0, utils_1.hashFile)(filePath);
+    console.log(hash);
+}
+/** Show file details (hash, size, MIME) */
+function cmdInfo(filePath) {
+    if (!filePath) {
+        console.error('Error: file path is required');
+        process.exit(1);
+    }
+    if (!fs_1.default.existsSync(filePath)) {
+        console.error(`Error: file does not exist: ${filePath}`);
+        process.exit(1);
+    }
+    const hash = (0, utils_1.hashFile)(filePath);
+    const size = (0, utils_1.getFileSize)(filePath);
+    const fileName = path_1.default.basename(filePath);
+    const mime = (0, utils_1.getMimeType)(filePath);
+    console.log(`Filename: ${fileName}`);
+    console.log(`SHA256: ${hash}`);
+    console.log(`Size: ${size} bytes`);
+    console.log(`MIME: ${mime}`);
+    // Output JSON format (for easy copy-paste for signing)
+    const contentObj = { title: fileName, hash, mime, url: '', size_bytes: size };
+    console.log(`\nJSON (for signing):\n${JSON.stringify(contentObj, null, 2)}`);
+}
+// ========== Exported run() — called by cli.ts ==========
+/**
+ * Entry point when invoked via cli.ts.
+ * Receives a Session instance with pre-parsed arguments.
+ *
+ * Note: doc commands are pure local operations (no canister calls),
+ * so Session is only used for argument parsing here.
+ */
+function run(session) {
+    const args = session.args;
+    const command = args._args[0];
+    try {
+        switch (command) {
+            case 'manifest':
+                cmdManifest(args._args[1], args);
+                break;
+            case 'verify-manifest':
+                cmdVerifyManifest(args._args[1]);
+                break;
+            case 'hash':
+                cmdHash(args._args[1]);
+                break;
+            case 'info':
+                cmdInfo(args._args[1]);
+                break;
+            default:
+                showHelp();
+                if (command) {
+                    console.error(`\nUnknown command: ${command}`);
+                }
+                process.exit(1);
+        }
+    }
+    catch (err) {
+        console.error(`Operation failed: ${err instanceof Error ? err.message : String(err)}`);
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=doc.js.map

package/dist/doc.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"doc.js","sourceRoot":"","sources":["../src/doc.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;GAWG;;;;;AAiKH,kBA6BC;AA5LD,4CAAoB;AACpB,gDAAwB;AACxB,mCAMiB;AAIjB,yCAAyC;AACzC,SAAS,QAAQ;IACf,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtB,OAAO,CAAC,GAAG,CAAC,qFAAqF,CAAC,CAAC;IACnG,OAAO,CAAC,GAAG,CAAC,kFAAkF,CAAC,CAAC;IAChG,OAAO,CAAC,GAAG,CAAC,gFAAgF,CAAC,CAAC;IAC9F,OAAO,CAAC,GAAG,CAAC,8EAA8E,CAAC,CAAC;IAC5F,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACxB,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACzB,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;AACnD,CAAC;AAED,gDAAgD;AAEhD;;;GAGG;AACH,SAAS,WAAW,CAAC,UAA8B,EAAE,IAAgB;IACnE,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,YAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QACzE,OAAO,CAAC,KAAK,CAAC,oCAAoC,UAAU,EAAE,CAAC,CAAC;QAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;IAE1E,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAgB,EAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,8BAA8B,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,eAAe,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,YAAY,OAAO,EAAE,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,YAAY,QAAQ,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,gCAAgC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,UAA8B;IACvD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC;IAC9D,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,KAAK,CAAC,qCAAqC,YAAY,EAAE,CAAC,CAAC;QACnE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,eAAe,GAAG,YAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC/D,MAAM,OAAO,GAAG,IAAA,6BAAqB,EAAC,eAAe,EAAE,UAAU,CAAC,CAAC;IAEnE,IAAI,SAAS,GAAG,IAAI,CAAC;IACrB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,CAAC;YACnE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,YAAY,GAAG,MAAM,EAAE,CAAC,CAAC;YAClD,SAAS,GAAG,KAAK,CAAC;QACpB,CAAC;IACH,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,2DAA2D,OAAO,CAAC,MAAM,SAAS,CAAC,CAAC;QAClG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uCAAuC,OAAO,CAAC,MAAM,SAAS,CAAC,CAAC;IAE5E,8DAA8D;IAC9D,MAAM,YAAY,GAAG,IAAA,gBAAQ,EAAC,YAAY,CAAC,CAAC;IAC5C,OAAO,CAAC,GAAG,CAAC,sBAAsB,YAAY,EAAE,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,4FAA4F,CAAC,CAAC;AAC5G,CAAC;AAED,sCAAsC;AACtC,SAAS,OAAO,CAAC,QAA4B;IAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,OAAO,CAAC,KAAK,CAAC,+BAA+B,QAAQ,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,IAAA,gBAAQ,EAAC,QAAQ,CAAC,CAAC;IAChC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AACpB,CAAC;AAED,2CAA2C;AAC3C,SAAS,OAAO,CAAC,QAA4B;IAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,OAAO,CAAC,KAAK,CAAC,+BAA+B,QAAQ,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,IAAA,gBAAQ,EAAC,QAAQ,CAAC,CAAC;IAChC,MAAM,IAAI,GAAG,IAAA,mBAAW,EAAC,QAAQ,CAAC,CAAC;IACnC,MAAM,QAAQ,GAAG,cAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACzC,MAAM,IAAI,GAAG,IAAA,mBAAW,EAAC,QAAQ,CAAC,CAAC;IAEnC,OAAO,CAAC,GAAG,CAAC,aAAa,QAAQ,EAAE,CAAC,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;IAC/B,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,QAAQ,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;IAE7B,uDAAuD;IACvD,MAAM,UAAU,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;IAC9E,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,0DAA0D;AAE1D;;;;;;GAMG;AACH,SAAgB,GAAG,CAAC,OAAgB;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAC1B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAE9B,IAAI,CAAC;QACH,QAAQ,OAAO,EAAE,CAAC;YAChB,KAAK,UAAU;gBACb,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;gBACjC,MAAM;YACR,KAAK,iBAAiB;gBACpB,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACjC,MAAM;YACR,KAAK,MAAM;gBACT,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACvB,MAAM;YACR,KAAK,MAAM;gBACT,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACvB,MAAM;YACR;gBACE,QAAQ,EAAE,CAAC;gBACX,IAAI,OAAO,EAAE,CAAC;oBACZ,OAAO,CAAC,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;gBACjD,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,qBAAqB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACvF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/error.d.ts

@@ -0,0 +1,45 @@
+/**
+ * Unified Error Types for VetKey Operations
+ *
+ * All VetKey-related errors are instances of ToolError with a specific `code` field
+ * that identifies the error category. This enables callers to switch
+ * on the error code for structured error handling.
+ *
+ * Non-VetKey modules in zcloak-agent continue to use standard Error instances.
+ */
+/** Error codes for categorizing VetKey Tool errors */
+export type ErrorCode = "CANISTER_CALL" | "ENCRYPTION" | "DECRYPTION" | "IDENTITY" | "CONFIG" | "DAEMON" | "IO" | "RPC_PARSE" | "FILE_OP";
+/**
+ * Unified error class for all VetKey Tool operations.
+ *
+ * Extends the standard Error class with a `code` field for programmatic
+ * error handling, and an optional `cause` for error chaining.
+ */
+export declare class ToolError extends Error {
+    /** Error category code */
+    readonly code: ErrorCode;
+    /** Original cause of this error (for error chaining) */
+    readonly cause?: unknown;
+    constructor(code: ErrorCode, message: string, options?: {
+        cause?: unknown;
+    });
+}
+/** Canister call failed (network, consensus, or canister rejection) */
+export declare function canisterCallError(message: string, cause?: unknown): ToolError;
+/** Encryption failed (IBE or AES) */
+export declare function encryptionError(message: string, cause?: unknown): ToolError;
+/** Decryption failed (IBE or AES) */
+export declare function decryptionError(message: string, cause?: unknown): ToolError;
+/** Identity loading or generation failed */
+export declare function identityError(message: string, cause?: unknown): ToolError;
+/** Configuration resolution failed (missing required fields, etc.) */
+export declare function configError(message: string): ToolError;
+/** Daemon lifecycle error (PID conflicts, socket failures, etc.) */
+export declare function daemonError(message: string, cause?: unknown): ToolError;
+/** File system I/O error */
+export declare function ioError(message: string, cause?: unknown): ToolError;
+/** JSON-RPC protocol parse error */
+export declare function rpcParseError(message: string, cause?: unknown): ToolError;
+/** File operation error (size limit exceeded, permissions, etc.) */
+export declare function fileOpError(message: string, cause?: unknown): ToolError;
+//# sourceMappingURL=error.d.ts.map

package/dist/error.js

@@ -0,0 +1,79 @@
+"use strict";
+/**
+ * Unified Error Types for VetKey Operations
+ *
+ * All VetKey-related errors are instances of ToolError with a specific `code` field
+ * that identifies the error category. This enables callers to switch
+ * on the error code for structured error handling.
+ *
+ * Non-VetKey modules in zcloak-agent continue to use standard Error instances.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ToolError = void 0;
+exports.canisterCallError = canisterCallError;
+exports.encryptionError = encryptionError;
+exports.decryptionError = decryptionError;
+exports.identityError = identityError;
+exports.configError = configError;
+exports.daemonError = daemonError;
+exports.ioError = ioError;
+exports.rpcParseError = rpcParseError;
+exports.fileOpError = fileOpError;
+/**
+ * Unified error class for all VetKey Tool operations.
+ *
+ * Extends the standard Error class with a `code` field for programmatic
+ * error handling, and an optional `cause` for error chaining.
+ */
+class ToolError extends Error {
+    constructor(code, message, options) {
+        super(message);
+        this.code = code;
+        this.name = "ToolError";
+        // ES2020 target doesn't support Error(message, options), set cause manually
+        if (options?.cause !== undefined) {
+            this.cause = options.cause;
+        }
+    }
+}
+exports.ToolError = ToolError;
+// ============================================================================
+// Factory functions for creating typed errors
+// ============================================================================
+/** Canister call failed (network, consensus, or canister rejection) */
+function canisterCallError(message, cause) {
+    return new ToolError("CANISTER_CALL", `Canister call failed: ${message}`, { cause });
+}
+/** Encryption failed (IBE or AES) */
+function encryptionError(message, cause) {
+    return new ToolError("ENCRYPTION", `Encryption failed: ${message}`, { cause });
+}
+/** Decryption failed (IBE or AES) */
+function decryptionError(message, cause) {
+    return new ToolError("DECRYPTION", `${message}`, { cause });
+}
+/** Identity loading or generation failed */
+function identityError(message, cause) {
+    return new ToolError("IDENTITY", `Identity error: ${message}`, { cause });
+}
+/** Configuration resolution failed (missing required fields, etc.) */
+function configError(message) {
+    return new ToolError("CONFIG", `Config error: ${message}`);
+}
+/** Daemon lifecycle error (PID conflicts, socket failures, etc.) */
+function daemonError(message, cause) {
+    return new ToolError("DAEMON", `Daemon error: ${message}`, { cause });
+}
+/** File system I/O error */
+function ioError(message, cause) {
+    return new ToolError("IO", `IO error: ${message}`, { cause });
+}
+/** JSON-RPC protocol parse error */
+function rpcParseError(message, cause) {
+    return new ToolError("RPC_PARSE", `RPC parse error: ${message}`, { cause });
+}
+/** File operation error (size limit exceeded, permissions, etc.) */
+function fileOpError(message, cause) {
+    return new ToolError("FILE_OP", `File operation error: ${message}`, { cause });
+}
+//# sourceMappingURL=error.js.map

package/dist/error.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"error.js","sourceRoot":"","sources":["../src/error.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AA2CH,8CAEC;AAGD,0CAEC;AAGD,0CAEC;AAGD,sCAEC;AAGD,kCAEC;AAGD,kCAEC;AAGD,0BAEC;AAGD,sCAEC;AAGD,kCAEC;AAvED;;;;;GAKG;AACH,MAAa,SAAU,SAAQ,KAAK;IAOlC,YAAY,IAAe,EAAE,OAAe,EAAE,OAA6B;QACzE,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;QACxB,4EAA4E;QAC5E,IAAI,OAAO,EAAE,KAAK,KAAK,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC7B,CAAC;IACH,CAAC;CACF;AAhBD,8BAgBC;AAED,+EAA+E;AAC/E,8CAA8C;AAC9C,+EAA+E;AAE/E,uEAAuE;AACvE,SAAgB,iBAAiB,CAAC,OAAe,EAAE,KAAe;IAChE,OAAO,IAAI,SAAS,CAAC,eAAe,EAAE,yBAAyB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AACvF,CAAC;AAED,qCAAqC;AACrC,SAAgB,eAAe,CAAC,OAAe,EAAE,KAAe;IAC9D,OAAO,IAAI,SAAS,CAAC,YAAY,EAAE,sBAAsB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AACjF,CAAC;AAED,qCAAqC;AACrC,SAAgB,eAAe,CAAC,OAAe,EAAE,KAAe;IAC9D,OAAO,IAAI,SAAS,CAAC,YAAY,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,4CAA4C;AAC5C,SAAgB,aAAa,CAAC,OAAe,EAAE,KAAe;IAC5D,OAAO,IAAI,SAAS,CAAC,UAAU,EAAE,mBAAmB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED,sEAAsE;AACtE,SAAgB,WAAW,CAAC,OAAe;IACzC,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,iBAAiB,OAAO,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,oEAAoE;AACpE,SAAgB,WAAW,CAAC,OAAe,EAAE,KAAe;IAC1D,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,iBAAiB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,4BAA4B;AAC5B,SAAgB,OAAO,CAAC,OAAe,EAAE,KAAe;IACtD,OAAO,IAAI,SAAS,CAAC,IAAI,EAAE,aAAa,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AAChE,CAAC;AAED,oCAAoC;AACpC,SAAgB,aAAa,CAAC,OAAe,EAAE,KAAe;IAC5D,OAAO,IAAI,SAAS,CAAC,WAAW,EAAE,oBAAoB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AAC9E,CAAC;AAED,oEAAoE;AACpE,SAAgB,WAAW,CAAC,OAAe,EAAE,KAAe;IAC1D,OAAO,IAAI,SAAS,CAAC,SAAS,EAAE,yBAAyB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;AACjF,CAAC"}

package/dist/feed.d.ts

@@ -0,0 +1,20 @@
+#!/usr/bin/env node
+/**
+ * zCloak.ai Event/Post Fetching Tool
+ *
+ * Provides global counter query and event fetching by counter range.
+ * Uses @dfinity JS SDK to interact directly with ICP canister, no dfx required.
+ *
+ * Usage:
+ *   zcloak-ai feed counter                Get current global counter value
+ *   zcloak-ai feed fetch <from> <to>      Fetch events by counter range
+ *
+ * All commands support --identity=<pem_path> to specify identity file.
+ */
+import { Session } from './session';
+/**
+ * Entry point when invoked via cli.ts.
+ * Receives a Session instance with pre-parsed arguments.
+ */
+export declare function run(session: Session): Promise<void>;
+//# sourceMappingURL=feed.d.ts.map