@zintrust/cloudflare-d1-proxy 0.7.9

package/README.md

@@ -0,0 +1,108 @@
+# @zintrust/cloudflare-d1-proxy
+
+Cloudflare Worker service that exposes a small HTTPS API for executing D1 operations.
+
+Docs: https://zintrust.com/package-cloudflare-d1-proxy
+
+This is intended for **server-to-server** use (e.g. a Node app running outside Cloudflare), via ZinTrust’s `d1-remote` adapter.
+
+## Endpoints
+
+All endpoints are `POST` and require signed request headers.
+
+- `/zin/d1/query` → `{ sql, params }` → `{ rows, rowCount }`
+- `/zin/d1/queryOne` → `{ sql, params }` → `{ row }`
+- `/zin/d1/exec` → `{ sql, params }` → `{ ok: true, meta? }`
+- `/zin/d1/statement` → `{ statementId, params }` → `{ rows, rowCount }` or `{ ok: true, meta? }`
+
+## Required bindings
+
+- D1 binding: `DB`
+
+If your binding name is not `DB`, set Worker var `D1_BINDING` to your binding name.
+
+Optional (recommended):
+
+- KV binding: `ZT_NONCES` (nonce replay protection)
+
+## Required secrets / vars
+
+**Secret (required):**
+
+- `D1_REMOTE_SECRET` – shared signing secret used to verify requests.
+- `APP_KEY` – fallback shared signing secret if `D1_REMOTE_SECRET` is not set.
+
+Example:
+
+```json
+{
+  "k1": { "secret": "super-secret-shared-key" }
+}
+```
+
+**Vars (optional):**
+
+- `ZT_PROXY_SIGNING_WINDOW_MS` (default `60000`)
+- `ZT_MAX_BODY_BYTES` (default `131072`)
+- `ZT_MAX_SQL_BYTES` (default `32768`)
+- `ZT_MAX_PARAMS` (default `256`)
+
+**Secret/var (optional):**
+
+- `ZT_D1_STATEMENTS_JSON` – required if you use `/zin/d1/statement` (registry mode). This is a JSON map of `statementId -> sql`.
+
+## Deploy
+
+From this package directory:
+
+```bash
+wrangler deploy
+```
+
+Set secrets:
+
+```bash
+wrangler secret put D1_REMOTE_SECRET
+# optional
+wrangler secret put ZT_D1_STATEMENTS_JSON
+```
+
+## Use from ZinTrust (Node app)
+
+Configure your app:
+
+- `DB_CONNECTION=d1-remote`
+- `D1_REMOTE_URL=https://<your-worker-host>`
+- `D1_REMOTE_KEY_ID=k1`
+- `D1_REMOTE_SECRET=super-secret-shared-key`
+- `D1_REMOTE_MODE=registry` or `sql`
+
+Then use `Database` / QueryBuilder as normal.
+
+## Threat model (what this protects)
+
+Registry mode (`/zin/d1/statement` + `ZT_D1_STATEMENTS_JSON`) primarily reduces risk when there is a **trust boundary** (your app calls this Worker proxy over HTTPS).
+
+In registry mode, the caller sends only `{ statementId, params }` and the Worker looks up SQL from the allowlist. This prevents **network-level** SQL injection into the proxy (the proxy never receives SQL text to be injected).
+
+### What registry mode does NOT automatically prevent
+
+- Authorization bugs (e.g. querying another user’s data by changing `id` parameters).
+- Dangerous allowlisted statements (wide `UPDATE`/`DELETE`, admin operations).
+- Replay/duplicate execution (must be prevented via nonce + timestamp verification).
+- DoS / expensive queries (needs rate limiting, timeouts, and query budgets).
+- A fully compromised app runtime (RCE) — attackers can steal secrets and abuse whatever is allowed.
+
+### Threat model table
+
+| Attacker scenario (facts)                                               | What can go wrong                                     | What helps most                                                                | What registry mode helps with                                                         | What registry mode does NOT fix                                             |
+| ----------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- |
+| Proxy signing secret leaked (CI logs, env leak, SSRF reading env, etc.) | Attacker can call proxy endpoints as a trusted client | Request signing + nonce/timestamp replay protection + rate limiting            | **Big win**: attacker limited to allowlisted statements (no arbitrary SQL)            | If allowlist includes dangerous statements, attacker can still cause damage |
+| App SQL injection bug (string concatenation, unsafe interpolation)      | Arbitrary SQL may run using app’s DB credentials      | Parameterized queries + query builders + linting + tests                       | Limited value for direct DB; can become reliability failure (statementId won’t match) | Does not fix SQLi root cause; attacker may still exfiltrate/modify via app  |
+| App runtime compromised (RCE)                                           | Secrets stolen, arbitrary internal calls, data theft  | Least-privilege credentials, network segmentation, secret rotation, monitoring | Some value if proxy creds leak is the only path and allowlist is tight                | If attacker has code exec, they can still abuse allowed reads/writes        |
+| Replay / MITM within allowed clock skew                                 | Re-sending signed requests can repeat effects         | Nonce + timestamp verification; short signing window                           | Minor (statements still re-playable)                                                  | Registry does not prevent replay; must be blocked by nonce/time             |
+| DoS / resource exhaustion                                               | High CPU/DB load, high egress, timeouts               | Rate limiting, payload limits, query timeouts, concurrency limits              | Minor (allowlisted queries can still be expensive)                                    | Registry doesn’t limit cost by itself                                       |
+
+## License
+
+This package and its dependencies are MIT licensed, permitting free commercial use.

package/dist/SignedRequest.d.ts

@@ -0,0 +1,38 @@
+export type SignedRequestHeaders = {
+    'x-zt-key-id': string;
+    'x-zt-timestamp': string;
+    'x-zt-nonce': string;
+    'x-zt-body-sha256': string;
+    'x-zt-signature': string;
+};
+export type SignedRequestVerifyParams = {
+    method: string;
+    url: string | URL;
+    body?: string | Uint8Array | null;
+    headers: Headers | Record<string, string | undefined>;
+    getSecretForKeyId: (keyId: string) => string | undefined | Promise<string | undefined>;
+    nowMs?: number;
+    windowMs?: number;
+    verifyNonce?: (keyId: string, nonce: string, ttlMs: number) => Promise<boolean>;
+};
+export type SignedRequestVerifyResult = {
+    ok: true;
+    keyId: string;
+    timestampMs: number;
+    nonce: string;
+} | {
+    ok: false;
+    code: 'MISSING_HEADER' | 'INVALID_TIMESTAMP' | 'EXPIRED' | 'INVALID_BODY_SHA' | 'INVALID_SIGNATURE' | 'UNKNOWN_KEY' | 'REPLAYED';
+    message: string;
+};
+export declare const SignedRequest: Readonly<{
+    sha256Hex: (data: string | Uint8Array) => Promise<string>;
+    canonicalString: (params: {
+        method: string;
+        url: string | URL;
+        timestampMs: number;
+        nonce: string;
+        bodySha256Hex: string;
+    }) => string;
+    verify(params: SignedRequestVerifyParams): Promise<SignedRequestVerifyResult>;
+}>;

package/dist/SignedRequest.js

@@ -0,0 +1,144 @@
+const getHeader = (headers, name) => {
+    if (typeof headers.get === 'function') {
+        const value = headers.get(name);
+        return value ?? undefined;
+    }
+    return headers[name];
+};
+const timingSafeEquals = (a, b) => {
+    if (a.length !== b.length)
+        return false;
+    let result = 0;
+    for (let i = 0; i < a.length; i++) {
+        result |= (a.codePointAt(i) ?? 0) ^ (b.codePointAt(i) ?? 0);
+    }
+    return result === 0;
+};
+const getSubtleOrNull = () => {
+    if (typeof crypto === 'undefined' || crypto.subtle === undefined)
+        return null;
+    return crypto.subtle;
+};
+const toBytes = (data) => {
+    const bytes = typeof data === 'string' ? new TextEncoder().encode(data) : data;
+    return new Uint8Array(bytes);
+};
+const toHex = (bytes) => {
+    const view = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
+    let out = '';
+    for (const element of view) {
+        out += element.toString(16).padStart(2, '0');
+    }
+    return out;
+};
+const sha256Hex = async (data) => {
+    const subtle = getSubtleOrNull();
+    if (subtle === null)
+        return '';
+    const digest = await subtle.digest('SHA-256', toBytes(data));
+    return toHex(digest);
+};
+const canonicalString = (params) => {
+    const u = typeof params.url === 'string' ? new URL(params.url) : params.url;
+    const method = params.method.toUpperCase();
+    return [
+        method,
+        u.pathname,
+        u.search,
+        String(params.timestampMs),
+        params.nonce,
+        params.bodySha256Hex,
+    ].join('\n');
+};
+const parseAndValidateHeaders = (headers) => {
+    const keyId = getHeader(headers, 'x-zt-key-id');
+    const ts = getHeader(headers, 'x-zt-timestamp');
+    const nonce = getHeader(headers, 'x-zt-nonce');
+    const bodySha = getHeader(headers, 'x-zt-body-sha256');
+    const signature = getHeader(headers, 'x-zt-signature');
+    if (keyId === undefined ||
+        ts === undefined ||
+        nonce === undefined ||
+        bodySha === undefined ||
+        signature === undefined) {
+        return { ok: false, code: 'MISSING_HEADER', message: 'Missing required signing headers' };
+    }
+    const timestampMs = Number.parseInt(ts, 10);
+    if (!Number.isFinite(timestampMs)) {
+        return { ok: false, code: 'INVALID_TIMESTAMP', message: 'Invalid x-zt-timestamp' };
+    }
+    return { ok: true, keyId, timestampMs, nonce, bodySha, signature };
+};
+const validateTimestampWindow = (params) => {
+    if (Math.abs(params.nowMs - params.timestampMs) > params.windowMs) {
+        return { ok: false, code: 'EXPIRED', message: 'Request timestamp outside allowed window' };
+    }
+    return { ok: true };
+};
+const validateBodyHash = async (params) => {
+    const computedBodySha = await sha256Hex(params.body);
+    if (computedBodySha === '' || !timingSafeEquals(computedBodySha, params.bodyShaHeader)) {
+        return { ok: false, code: 'INVALID_BODY_SHA', message: 'Body hash mismatch' };
+    }
+    return { ok: true };
+};
+const validateSignature = async (params) => {
+    const subtle = getSubtleOrNull();
+    if (subtle === null) {
+        return { ok: false, code: 'INVALID_SIGNATURE', message: 'WebCrypto is not available' };
+    }
+    const canonical = canonicalString({
+        method: params.method,
+        url: params.url,
+        timestampMs: params.timestampMs,
+        nonce: params.nonce,
+        bodySha256Hex: params.bodySha,
+    });
+    const key = await subtle.importKey('raw', toBytes(params.secret), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);
+    const expectedBytes = await subtle.sign('HMAC', key, toBytes(canonical));
+    const expected = toHex(expectedBytes);
+    if (!timingSafeEquals(expected, params.signature)) {
+        return { ok: false, code: 'INVALID_SIGNATURE', message: 'Invalid signature' };
+    }
+    return { ok: true };
+};
+export const SignedRequest = Object.freeze({
+    sha256Hex,
+    canonicalString,
+    async verify(params) {
+        const parsed = parseAndValidateHeaders(params.headers);
+        if (parsed.ok === false)
+            return parsed;
+        const { keyId, timestampMs, nonce, bodySha, signature } = parsed;
+        const nowMs = params.nowMs ?? Date.now();
+        const windowMs = params.windowMs ?? 60_000;
+        const windowCheck = validateTimestampWindow({ nowMs, timestampMs, windowMs });
+        if (windowCheck.ok === false)
+            return windowCheck;
+        const bodyCheck = await validateBodyHash({ body: params.body ?? '', bodyShaHeader: bodySha });
+        if (bodyCheck.ok === false)
+            return bodyCheck;
+        const secret = await params.getSecretForKeyId(keyId);
+        if (secret === undefined || secret.trim() === '') {
+            return { ok: false, code: 'UNKNOWN_KEY', message: 'Unknown key id' };
+        }
+        const sigCheck = await validateSignature({
+            method: params.method,
+            url: params.url,
+            timestampMs,
+            nonce,
+            bodySha,
+            signature,
+            secret,
+        });
+        if (sigCheck.ok === false)
+            return sigCheck;
+        if (params.verifyNonce !== undefined) {
+            const ok = await params.verifyNonce(keyId, nonce, windowMs);
+            if (ok === false) {
+                return { ok: false, code: 'REPLAYED', message: 'Nonce replayed or rejected' };
+            }
+        }
+        return { ok: true, keyId, timestampMs, nonce };
+    },
+});

package/dist/build-manifest.json

@@ -0,0 +1,45 @@
+{
+  "name": "@zintrust/cloudflare-d1-proxy",
+  "version": "0.7.9",
+  "buildDate": "2026-04-20T20:59:39.877Z",
+  "buildEnvironment": {
+    "node": "v22.22.1",
+    "platform": "darwin",
+    "arch": "arm64"
+  },
+  "git": {
+    "commit": "e04d1cae",
+    "branch": "release"
+  },
+  "package": {
+    "engines": {
+      "node": ">=20.0.0"
+    },
+    "dependencies": [],
+    "peerDependencies": [
+      "@zintrust/core"
+    ]
+  },
+  "files": {
+    "SignedRequest.d.ts": {
+      "size": 1270,
+      "sha256": "961adc3b27574e480dfaa478b20e5fae421f59500b3fcdf2e10414550a963f6f"
+    },
+    "SignedRequest.js": {
+      "size": 5398,
+      "sha256": "5be1bc4b1ad88b1980c28e5ca45c1e564f44466bd5d0cda8bc07403031ce87a1"
+    },
+    "build-manifest.json": {
+      "size": 1112,
+      "sha256": "7ab95afeeaab1ef9f3e3b9c01f6d63ab79302145c4b739ab69138fc7bb1299ec"
+    },
+    "index.d.ts": {
+      "size": 1510,
+      "sha256": "d67887da027057cab5a12e732cacd3b8c014c9ff5067734d82d946304c5f8cf5"
+    },
+    "index.js": {
+      "size": 14083,
+      "sha256": "68851c99815f0fb331c75eae2f90b5f057eb84ca719211812378e9f837905316"
+    }
+  }
+}

package/dist/index.d.ts

@@ -0,0 +1,47 @@
+type KvGetType = 'text' | 'json' | 'arrayBuffer';
+type KVNamespacePutOptions = {
+    expirationTtl?: number;
+};
+type KVNamespace = {
+    get: {
+        (key: string): Promise<string | null>;
+        (key: string, type: 'json'): Promise<unknown | null>;
+        (key: string, type: 'arrayBuffer'): Promise<ArrayBuffer | null>;
+        (key: string, type: KvGetType): Promise<unknown | ArrayBuffer | string | null>;
+    };
+    put: (key: string, value: string, options?: KVNamespacePutOptions) => Promise<void>;
+};
+type D1AllResult<T> = {
+    results?: T[];
+};
+type D1RunResult = {
+    meta?: unknown;
+};
+type D1PreparedStatement = {
+    bind: (...values: unknown[]) => D1PreparedStatement;
+    all: <T = unknown>() => Promise<D1AllResult<T>>;
+    first: <T = unknown>() => Promise<T | null>;
+    run: () => Promise<D1RunResult>;
+};
+type D1Database = {
+    prepare: (sql: string) => D1PreparedStatement;
+};
+type D1Env = {
+    DB?: D1Database;
+    D1_BINDING?: string;
+    APP_KEY?: string;
+    D1_REMOTE_SECRET?: string;
+    ZT_PROXY_SIGNING_WINDOW_MS?: string;
+    ZT_NONCES?: KVNamespace;
+    ZT_PROXY_DEBUG?: string;
+    ZT_MAX_BODY_BYTES?: string;
+    ZT_MAX_SQL_BYTES?: string;
+    ZT_MAX_PARAMS?: string;
+    ZT_D1_STATEMENTS_JSON?: string;
+};
+export declare const ZintrustD1Proxy: Readonly<{
+    _ZINTRUST_CLOUDFLARE_D1_PROXY_VERSION: "0.1.15";
+    _ZINTRUST_CLOUDFLARE_D1_PROXY_BUILD_DATE: "__BUILD_DATE__";
+    fetch(request: Request, env: D1Env): Promise<Response>;
+}>;
+export default ZintrustD1Proxy;

package/dist/index.js

@@ -0,0 +1,398 @@
+/**
+ * @zintrust/cloudflare-d1-proxy v0.7.9
+ *
+ * Cloudflare D1 proxy package for ZinTrust.
+ *
+ * Build Information:
+ *   Built: 2026-04-20T20:59:39.807Z
+ *   Node: >=20.0.0
+ *   License: MIT
+ *
+ */
+import { ErrorHandler, RequestValidator, SigningService } from '@zintrust/core/proxy';
+const DEFAULT_SIGNING_WINDOW_MS = 60_000;
+const DEFAULT_MAX_BODY_BYTES = 128 * 1024;
+const DEFAULT_MAX_SQL_BYTES = 32 * 1024;
+const DEFAULT_MAX_PARAMS = 256;
+const json = (status, body) => new Response(JSON.stringify(body), {
+    status,
+    headers: {
+        'Content-Type': 'application/json; charset=utf-8',
+        'Cache-Control': 'no-store',
+    },
+});
+const toErrorResponse = (status, code, message) => {
+    const error = ErrorHandler.toProxyError(status, code, message);
+    return json(error.status, error.body);
+};
+const getEnvInt = (env, name, fallback) => {
+    const raw = env[name];
+    if (typeof raw !== 'string')
+        return fallback;
+    const parsed = Number.parseInt(raw, 10);
+    return Number.isFinite(parsed) ? parsed : fallback;
+};
+const isRecord = (value) => typeof value === 'object' && value !== null;
+const isString = (value) => typeof value === 'string';
+const isArray = (value) => Array.isArray(value);
+const isDebugEnabled = (env) => {
+    const raw = env.ZT_PROXY_DEBUG;
+    if (typeof raw !== 'string')
+        return false;
+    const normalized = raw.trim().toLowerCase();
+    return normalized === 'true' || normalized === '1' || normalized === 'yes';
+};
+const safeErrorMessage = (error) => {
+    if (error instanceof Error)
+        return error.message;
+    if (typeof error === 'string')
+        return error;
+    try {
+        return JSON.stringify(error);
+    }
+    catch {
+        return 'Unknown D1 error';
+    }
+};
+const logProxyError = (env, context, error) => {
+    if (!isDebugEnabled(env))
+        return;
+    try {
+        // eslint-disable-next-line no-console
+        console.error('[ZintrustD1Proxy] error', {
+            ...context,
+            message: safeErrorMessage(error).slice(0, 800),
+        });
+    }
+    catch {
+        // ignore logging failures
+    }
+};
+const normalizeBindingName = (value) => {
+    if (typeof value !== 'string')
+        return null;
+    const trimmed = value.trim();
+    return trimmed === '' ? null : trimmed;
+};
+const resolveD1Binding = (env) => {
+    const candidates = ['DB', 'zintrust_db', normalizeBindingName(env.D1_BINDING)].filter((v, idx, arr) => typeof v === 'string' && v.trim() !== '' && arr.indexOf(v) === idx);
+    const record = env;
+    for (const name of candidates) {
+        const binding = record[name];
+        if (binding !== undefined && binding !== null && typeof binding.prepare === 'function')
+            return binding;
+    }
+    return null;
+};
+const readBodyBytes = async (request, maxBytes) => {
+    const buf = await request.arrayBuffer();
+    if (buf.byteLength > maxBytes) {
+        return {
+            ok: false,
+            response: toErrorResponse(413, 'PAYLOAD_TOO_LARGE', 'Body too large'),
+        };
+    }
+    const bytes = new Uint8Array(buf);
+    const text = new TextDecoder().decode(bytes);
+    return { ok: true, bytes, text };
+};
+const parseOptionalJson = (text) => {
+    if (text.trim() === '')
+        return { ok: true, payload: null };
+    const parsed = RequestValidator.parseJson(text);
+    if (!parsed.ok) {
+        // Type guard: we know parsed has 'error' property when ok is false
+        const errorResult = parsed;
+        let message = errorResult.error.message;
+        if (errorResult.error.code === 'INVALID_JSON') {
+            message = 'Invalid JSON body';
+        }
+        else if (errorResult.error.code === 'VALIDATION_ERROR') {
+            message = 'Invalid body';
+        }
+        return { ok: false, response: toErrorResponse(400, errorResult.error.code, message) };
+    }
+    // Type guard: we know parsed has 'value' property when ok is true
+    const successResult = parsed;
+    return { ok: true, payload: successResult.value };
+};
+const loadSigningSecret = (env) => {
+    const direct = typeof env.D1_REMOTE_SECRET === 'string' ? env.D1_REMOTE_SECRET.trim() : '';
+    if (direct !== '')
+        return direct;
+    const fallback = typeof env.APP_KEY === 'string' ? env.APP_KEY.trim() : '';
+    if (fallback !== '')
+        return fallback;
+    return null;
+};
+const loadStatements = (env) => {
+    const raw = env.ZT_D1_STATEMENTS_JSON;
+    if (typeof raw !== 'string' || raw.trim() === '')
+        return null;
+    try {
+        const parsed = JSON.parse(raw);
+        if (!isRecord(parsed))
+            return null;
+        return parsed;
+    }
+    catch {
+        return null;
+    }
+};
+const isMutatingSql = (sql) => {
+    const s = sql.trimStart().toLowerCase();
+    return (s.startsWith('insert') ||
+        s.startsWith('update') ||
+        s.startsWith('delete') ||
+        s.startsWith('create') ||
+        s.startsWith('drop') ||
+        s.startsWith('alter') ||
+        s.startsWith('replace'));
+};
+const verifyNonceKv = async (kv, keyId, nonce, ttlMs) => {
+    const ttlSeconds = Math.max(1, Math.ceil(ttlMs / 1000));
+    const storageKey = `nonce:${keyId}:${nonce}`;
+    const existing = await kv.get(storageKey);
+    if (existing !== null)
+        return false;
+    await kv.put(storageKey, '1', { expirationTtl: ttlSeconds });
+    return true;
+};
+const verifySignedRequest = async (request, env, bodyBytes) => {
+    const secret = loadSigningSecret(env);
+    if (secret === null) {
+        return toErrorResponse(401, 'CONFIG_ERROR', 'Missing signing secret (D1_REMOTE_SECRET or APP_KEY)');
+    }
+    const windowMs = getEnvInt(env, 'ZT_PROXY_SIGNING_WINDOW_MS', DEFAULT_SIGNING_WINDOW_MS);
+    const verifyResult = await SigningService.verifyWithKeyProvider({
+        method: request.method,
+        url: request.url,
+        body: bodyBytes,
+        headers: request.headers,
+        windowMs,
+        getSecretForKeyId: async (_keyId) => secret,
+        verifyNonce: env.ZT_NONCES === undefined
+            ? undefined
+            : async (keyId, nonce, ttlMs) => verifyNonceKv(env.ZT_NONCES, keyId, nonce, ttlMs),
+    });
+    if (verifyResult.ok === false) {
+        return toErrorResponse(verifyResult.status, verifyResult.code, verifyResult.message);
+    }
+    return { ok: true };
+};
+const requireDb = (env) => {
+    const db = resolveD1Binding(env);
+    if (db === null) {
+        return toErrorResponse(400, 'CONFIG_ERROR', 'Missing D1 binding (DB) or binding name via D1_BINDING');
+    }
+    return db;
+};
+const toD1ExceptionResponse = (error) => {
+    let message;
+    if (error instanceof Error) {
+        message = error.message;
+    }
+    else if (typeof error === 'string') {
+        message = error;
+    }
+    else {
+        message = 'Unknown D1 error';
+    }
+    return toErrorResponse(500, 'D1_ERROR', message);
+};
+const parseSqlPayload = (payload) => {
+    if (!isRecord(payload)) {
+        return {
+            ok: false,
+            response: toErrorResponse(400, 'VALIDATION_ERROR', 'Invalid body'),
+        };
+    }
+    const sql = payload['sql'];
+    const params = payload['params'];
+    if (!isString(sql)) {
+        return {
+            ok: false,
+            response: toErrorResponse(400, 'VALIDATION_ERROR', 'sql must be a string'),
+        };
+    }
+    return { ok: true, sql, params: isArray(params) ? params : [] };
+};
+const enforceSqlLimits = (env, sql, params) => {
+    const maxSqlBytes = getEnvInt(env, 'ZT_MAX_SQL_BYTES', DEFAULT_MAX_SQL_BYTES);
+    const maxParams = getEnvInt(env, 'ZT_MAX_PARAMS', DEFAULT_MAX_PARAMS);
+    if (new TextEncoder().encode(sql).byteLength > maxSqlBytes) {
+        return toErrorResponse(413, 'PAYLOAD_TOO_LARGE', 'SQL too large');
+    }
+    if (params.length > maxParams) {
+        return toErrorResponse(400, 'VALIDATION_ERROR', 'Too many params');
+    }
+    return null;
+};
+const readAndVerifyJson = async (request, env) => {
+    const maxBodyBytes = getEnvInt(env, 'ZT_MAX_BODY_BYTES', DEFAULT_MAX_BODY_BYTES);
+    const bodyResult = await readBodyBytes(request, maxBodyBytes);
+    if (bodyResult.ok === false)
+        return { ok: false, response: bodyResult.response };
+    const auth = await verifySignedRequest(request, env, bodyResult.bytes);
+    if (auth instanceof Response)
+        return { ok: false, response: auth };
+    const parsed = parseOptionalJson(bodyResult.text);
+    if (parsed.ok === false)
+        return { ok: false, response: parsed.response };
+    return { ok: true, payload: parsed.payload, bodyBytes: bodyResult.bytes };
+};
+const handleQuery = async (request, env) => {
+    try {
+        const check = await readAndVerifyJson(request, env);
+        if (check.ok === false)
+            return check.response;
+        const db = requireDb(env);
+        if (db instanceof Response)
+            return db;
+        const parsed = parseSqlPayload(check.payload);
+        if (parsed.ok === false)
+            return parsed.response;
+        const limit = enforceSqlLimits(env, parsed.sql, parsed.params);
+        if (limit !== null)
+            return limit;
+        const result = await db
+            .prepare(parsed.sql)
+            .bind(...parsed.params)
+            .all();
+        const rows = result.results ?? [];
+        return json(200, { rows, rowCount: rows.length });
+    }
+    catch (error) {
+        logProxyError(env, { op: 'query', path: '/zin/d1/query' }, error);
+        return toD1ExceptionResponse(error);
+    }
+};
+const handleQueryOne = async (request, env) => {
+    try {
+        const check = await readAndVerifyJson(request, env);
+        if (check.ok === false)
+            return check.response;
+        const db = requireDb(env);
+        if (db instanceof Response)
+            return db;
+        const parsed = parseSqlPayload(check.payload);
+        if (parsed.ok === false)
+            return parsed.response;
+        const limit = enforceSqlLimits(env, parsed.sql, parsed.params);
+        if (limit !== null)
+            return limit;
+        const row = await db
+            .prepare(parsed.sql)
+            .bind(...parsed.params)
+            .first();
+        return json(200, { row: row ?? null });
+    }
+    catch (error) {
+        logProxyError(env, { op: 'queryOne', path: '/zin/d1/queryOne' }, error);
+        return toD1ExceptionResponse(error);
+    }
+};
+const handleExec = async (request, env) => {
+    try {
+        const check = await readAndVerifyJson(request, env);
+        if (check.ok === false)
+            return check.response;
+        const db = requireDb(env);
+        if (db instanceof Response)
+            return db;
+        const parsed = parseSqlPayload(check.payload);
+        if (parsed.ok === false)
+            return parsed.response;
+        const limit = enforceSqlLimits(env, parsed.sql, parsed.params);
+        if (limit !== null)
+            return limit;
+        const out = await db
+            .prepare(parsed.sql)
+            .bind(...parsed.params)
+            .run();
+        return json(200, { ok: true, meta: out.meta });
+    }
+    catch (error) {
+        logProxyError(env, { op: 'exec', path: '/zin/d1/exec' }, error);
+        return toD1ExceptionResponse(error);
+    }
+};
+const parseStatementPayload = (payload) => {
+    if (!isRecord(payload)) {
+        return {
+            ok: false,
+            response: toErrorResponse(400, 'VALIDATION_ERROR', 'Invalid body'),
+        };
+    }
+    const statementId = payload['statementId'];
+    const params = payload['params'];
+    if (!isString(statementId) || statementId.trim() === '') {
+        return {
+            ok: false,
+            response: toErrorResponse(400, 'VALIDATION_ERROR', 'statementId must be a string'),
+        };
+    }
+    return { ok: true, statementId, params: isArray(params) ? params : [] };
+};
+const handleStatement = async (request, env) => {
+    try {
+        const check = await readAndVerifyJson(request, env);
+        if (check.ok === false)
+            return check.response;
+        const db = requireDb(env);
+        if (db instanceof Response)
+            return db;
+        const statements = loadStatements(env);
+        if (statements === null) {
+            return toErrorResponse(400, 'CONFIG_ERROR', 'Missing or invalid ZT_D1_STATEMENTS_JSON');
+        }
+        const parsed = parseStatementPayload(check.payload);
+        if (parsed.ok === false)
+            return parsed.response;
+        const sql = statements[parsed.statementId];
+        if (!isString(sql) || sql.trim() === '') {
+            return toErrorResponse(404, 'NOT_FOUND', 'Unknown statementId');
+        }
+        if (isMutatingSql(sql)) {
+            const out = await db
+                .prepare(sql)
+                .bind(...parsed.params)
+                .run();
+            return json(200, { ok: true, meta: out.meta });
+        }
+        const out = await db
+            .prepare(sql)
+            .bind(...parsed.params)
+            .all();
+        const rows = out.results ?? [];
+        return json(200, { rows, rowCount: rows.length });
+    }
+    catch (error) {
+        logProxyError(env, { op: 'statement', path: '/zin/d1/statement' }, error);
+        return toD1ExceptionResponse(error);
+    }
+};
+export const ZintrustD1Proxy = Object.freeze({
+    _ZINTRUST_CLOUDFLARE_D1_PROXY_VERSION: '0.1.15',
+    _ZINTRUST_CLOUDFLARE_D1_PROXY_BUILD_DATE: '2026-04-20T20:59:39.840Z',
+    async fetch(request, env) {
+        const url = new URL(request.url);
+        const methodError = RequestValidator.requirePost(request.method);
+        if (methodError !== null) {
+            return toErrorResponse(405, methodError.code, 'Method not allowed');
+        }
+        switch (url.pathname) {
+            case '/zin/d1/query':
+                return handleQuery(request, env);
+            case '/zin/d1/queryOne':
+                return handleQueryOne(request, env);
+            case '/zin/d1/exec':
+                return handleExec(request, env);
+            case '/zin/d1/statement':
+                return handleStatement(request, env);
+            default:
+                return toErrorResponse(404, 'NOT_FOUND', 'Not found');
+        }
+    },
+});
+export default ZintrustD1Proxy;

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "@zintrust/cloudflare-d1-proxy",
+  "version": "0.7.9",
+  "description": "Cloudflare D1 proxy package for ZinTrust.",
+  "type": "module",
+  "private": false,
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "engines": {
+    "node": ">=20.0.0"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "peerDependencies": {
+    "@zintrust/core": "^0.7.9"
+  },
+  "keywords": [
+    "zintrust",
+    "cloudflare",
+    "d1",
+    "proxy",
+    "workers"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json && tsc-alias -p tsconfig.json",
+    "type-check": "tsc -p tsconfig.json --noEmit"
+  }
+}