agent-passport-system 1.32.0 → 1.34.0

package/README.md

@@ -2,7 +2,7 @@
 
 [![npm version](https://img.shields.io/npm/v/agent-passport-system)](https://www.npmjs.com/package/agent-passport-system)
 [![license](https://img.shields.io/npm/l/agent-passport-system)](https://github.com/aeoess/agent-passport-system/blob/main/LICENSE)
-[![tests](https://img.shields.io/badge/tests-2180%20passing-brightgreen)](https://github.com/aeoess/agent-passport-system)
+[![tests](https://img.shields.io/badge/tests-2230%20passing-brightgreen)](https://github.com/aeoess/agent-passport-system)
 [![DOI](https://zenodo.org/badge/DOI/10.5281/zenodo.18749779.svg)](https://doi.org/10.5281/zenodo.18749779)
 
 > **For AI agents:** visit [aeoess.com/llms.txt](https://aeoess.com/llms.txt) for machine-readable docs or [llms-full.txt](https://aeoess.com/llms-full.txt) for the complete reference.
@@ -107,7 +107,7 @@ const agent = joinSocialContract({ name: 'my-agent', owner: 'alice', floor: floo
 
 ## The Stack
 
-71 core modules + 32 v2 constitutional modules. 2,180 tests. Zero heavy dependencies.
+71 core modules + 32 v2 constitutional modules. 2,306 tests. Zero heavy dependencies.
 
 | Layer | What it does | Key primitive |
 |-------|-------------|---------------|
@@ -126,7 +126,7 @@ const agent = joinSocialContract({ name: 'my-agent', owner: 'alice', floor: floo
 
 ## MCP Server
 
-125 tools across all modules. Any MCP client connects agents directly.
+131 tools across all modules. Any MCP client connects agents directly.
 
 ```bash
 npm install -g agent-passport-system-mcp
@@ -161,7 +161,7 @@ npx agent-passport audit --floor values/floor.yaml
 
 ```bash
 npm test
-# 2,180 tests, 0 failures
+# 2,306 tests, 0 failures
 ```
 
 50 adversarial tests: Merkle tampering, attribution gaming, compliance violations, floor negotiation attacks, cross-chain confused deputy, taint laundering, authority probing.
@@ -179,7 +179,7 @@ npm test
 | Signed receipts | 3-sig chain | Proposed | Logs | General | — |
 | Values enforcement | 8 principles, graduated | — | Rules | — | — |
 | Coordination | Task lifecycle + MCP | — | — | — | — |
-| Tests | 2,180 (50 adversarial) | None | Limited | None | None |
+| Tests | 2,230 (50 adversarial) | None | Limited | None | None |
 
 ## Recognition
 

package/dist/src/core/action-ref.d.ts

@@ -0,0 +1,17 @@
+import type { ActionIntent } from '../types/policy.js';
+/**
+ * Compute the content-addressed request identity for an ActionIntent.
+ *
+ * Inputs hashed: agentId, action.type, action.scopeRequired, normalized timestamp.
+ * Timestamp defaults to intent.createdAt; falls back to current time.
+ *
+ * Returns: lowercase hex SHA-256 digest.
+ */
+export declare function computeActionRef(intent: Pick<ActionIntent, 'agentId' | 'action' | 'createdAt'>): string;
+/**
+ * Two receipts with the same action_ref describe the same request.
+ * Simple equality check — provided as a named predicate so the semantic
+ * intent is explicit at the call site.
+ */
+export declare function actionRefsMatch(a: string, b: string): boolean;
+//# sourceMappingURL=action-ref.d.ts.map

package/dist/src/core/action-ref.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"action-ref.d.ts","sourceRoot":"","sources":["../../../src/core/action-ref.ts"],"names":[],"mappings":"AAmBA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEtD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,SAAS,GAAG,QAAQ,GAAG,WAAW,CAAC,GAAG,MAAM,CAQvG;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAE7D"}

package/dist/src/core/action-ref.js

@@ -0,0 +1,44 @@
+// Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
+// ══════════════════════════════════════════════════════════════════
+// action_ref — Content-Addressed Request Identity
+// ══════════════════════════════════════════════════════════════════
+// Thread claim (A2A#1672, xsa520/desiorac):
+//   action_ref     = request identity = SHA-256(canonical(agentId + actionType + scope + timestamp))
+//   compoundDigest = decision identity (evaluated) — already on PolicyReceipt
+//
+// Two receipts with the same action_ref describe the same request.
+// Two receipts with the same compound_digest describe the same evaluated
+// decision. Equivalence for cross-verifier replay is over compound_digest,
+// invariant to verification method.
+//
+// Timestamps are normalized to ISO 8601 second-precision UTC so that two
+// systems independently hashing the same request within the same second
+// produce the same action_ref.
+// ══════════════════════════════════════════════════════════════════
+import { canonicalHash, normalizeTimestamp } from './canonical.js';
+/**
+ * Compute the content-addressed request identity for an ActionIntent.
+ *
+ * Inputs hashed: agentId, action.type, action.scopeRequired, normalized timestamp.
+ * Timestamp defaults to intent.createdAt; falls back to current time.
+ *
+ * Returns: lowercase hex SHA-256 digest.
+ */
+export function computeActionRef(intent) {
+    const ts = intent.createdAt ?? new Date().toISOString();
+    return canonicalHash({
+        agentId: intent.agentId,
+        actionType: intent.action.type,
+        scopeRequired: intent.action.scopeRequired,
+        timestamp: normalizeTimestamp(ts),
+    });
+}
+/**
+ * Two receipts with the same action_ref describe the same request.
+ * Simple equality check — provided as a named predicate so the semantic
+ * intent is explicit at the call site.
+ */
+export function actionRefsMatch(a, b) {
+    return typeof a === 'string' && typeof b === 'string' && a.length > 0 && a === b;
+}
+//# sourceMappingURL=action-ref.js.map

package/dist/src/core/action-ref.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"action-ref.js","sourceRoot":"","sources":["../../../src/core/action-ref.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,qEAAqE;AACrE,kDAAkD;AAClD,qEAAqE;AACrE,4CAA4C;AAC5C,qGAAqG;AACrG,8EAA8E;AAC9E,EAAE;AACF,mEAAmE;AACnE,yEAAyE;AACzE,2EAA2E;AAC3E,oCAAoC;AACpC,EAAE;AACF,yEAAyE;AACzE,wEAAwE;AACxE,+BAA+B;AAC/B,qEAAqE;AAErE,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAA;AAGlE;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAA8D;IAC7F,MAAM,EAAE,GAAG,MAAM,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;IACvD,OAAO,aAAa,CAAC;QACnB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI;QAC9B,aAAa,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa;QAC1C,SAAS,EAAE,kBAAkB,CAAC,EAAE,CAAC;KAClC,CAAC,CAAA;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,CAAS,EAAE,CAAS;IAClD,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;AAClF,CAAC"}

package/dist/src/core/attestation.d.ts

@@ -1,10 +1,32 @@
-import type { PassportGrade, AttestationFlag, IssuanceChallenge, IssuanceEvidenceRecord, IssuanceContext, PassportAttestationSummary, RuntimeAttestation, ProviderAttestation, ObservedContext, SignalVerificationResult, DerivedSignal, AttestationClass, WorkspaceManifest } from '../types/attestation.js';
+import type { PassportGrade, AttestationFlag, EvidenceQuality, IssuanceChallenge, IssuanceEvidenceRecord, IssuanceContext, PassportAttestationSummary, RuntimeAttestation, ProviderAttestation, ObservedContext, SignalVerificationResult, DerivedSignal, AttestationClass, WorkspaceManifest } from '../types/attestation.js';
 import type { SignedPassport } from '../types/passport.js';
 export declare function createIssuanceChallenge(publicKeyHash: string, options?: {
     requestedClasses?: AttestationClass[];
     expiresInSeconds?: number;
 }): IssuanceChallenge;
 export declare function verifyRuntimeAttestation(attestation: RuntimeAttestation, challenge: IssuanceChallenge, trustedAttesterKeys: Map<string, string>): SignalVerificationResult;
+/** Map evidence quality level to passport grade number. */
+export declare function evidenceQualityToGrade(quality: EvidenceQuality): PassportGrade;
+/**
+ * Classify evidence quality from attestation metadata.
+ *
+ * Precedence (highest to lowest):
+ *   1. Principal binding → 'principal_bound'
+ *   2. Infrastructure evidence (SPIFFE method, TPM quote, hardware attestation,
+ *      TEE proof, or any known infrastructure-binding key in evidence) → 'infrastructure'
+ *   3. Issuer signature → 'issuer_vouched'
+ *   4. None
+ *
+ * This is where a did:key with TPM evidence gets elevated to Grade 2.
+ */
+export declare function classifyEvidenceQuality(opts: {
+    /** Identity method prefix (e.g. "did:key", "spiffe", "oauth"). Fallback signal. */
+    method?: string;
+    hasIssuerSignature?: boolean;
+    hasPrincipalBinding?: boolean;
+    /** Raw evidence payload — checked loosely for infrastructure-binding keys. */
+    evidence?: Record<string, unknown>;
+}): EvidenceQuality;
 export declare function computePassportGrade(evidence: IssuanceEvidenceRecord, options?: {
     hasIssuerSignature?: boolean;
     hasVerifiedRuntime?: boolean;
@@ -41,6 +63,8 @@ export declare function importProviderAttestation(input: {
     subjectClass?: string;
     /** Verification method used by the provider */
     verificationMethod?: string;
+    /** Typed staleness metadata (A2A#1712): snapshot (TPM) vs rotating (SPIFFE) vs static. */
+    freshness?: import('../types/passport.js').AttestationFreshness;
 }): ProviderAttestation;
 export declare function addIdentityBoundary<T extends Record<string, unknown>>(obj: T, fields?: string[]): T & {
     _identityBoundary: string[];

package/dist/src/core/attestation.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"attestation.d.ts","sourceRoot":"","sources":["../../../src/core/attestation.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,aAAa,EAAE,eAAe,EAC9B,iBAAiB,EACjB,sBAAsB,EACtB,eAAe,EAAE,0BAA0B,EAC3C,kBAAkB,EAAE,mBAAmB,EACvB,eAAe,EAC/B,wBAAwB,EAAE,aAAa,EACvC,gBAAgB,EAChB,iBAAiB,EAElB,MAAM,yBAAyB,CAAA;AAChC,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAU1D,wBAAgB,uBAAuB,CACrC,aAAa,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE;IACR,gBAAgB,CAAC,EAAE,gBAAgB,EAAE,CAAC;IACtC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,GACA,iBAAiB,CAYnB;AAKD,wBAAgB,wBAAwB,CACtC,WAAW,EAAE,kBAAkB,EAC/B,SAAS,EAAE,iBAAiB,EAC5B,mBAAmB,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GACvC,wBAAwB,CA0E1B;AAQD,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,sBAAsB,EAChC,OAAO,CAAC,EAAE;IACR,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC,GACA,aAAa,CAmBf;AAID,wBAAgB,uBAAuB,CACrC,KAAK,EAAE,aAAa,EACpB,QAAQ,EAAE,sBAAsB,GAC/B,eAAe,EAAE,CAWnB;AAKD,wBAAgB,4BAA4B,CAAC,QAAQ,EAAE,sBAAsB,GAAG,MAAM,CAErF;AAID,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,sBAAsB,EAChC,OAAO,CAAC,EAAE;IACR,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,mBAAmB,CAAC,EAAE,wBAAwB,EAAE,CAAC;IACjD,cAAc,CAAC,EAAE,aAAa,EAAE,CAAC;CAClC,GACA,eAAe,CAgBjB;AAKD,wBAAgB,eAAe,CAC7B,cAAc,EAAE,cAAc,EAC9B,OAAO,EAAE,eAAe,GACvB,cAAc,GAAG;IAAE,WAAW,EAAE,0BAA0B,CAAA;CAAE,CAU9D;AAMD,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,IAAI,CAAA;CAAE,CAAC,GACtE,iBAAiB,CA0BnB;AAID,wBAAgB,yBAAyB,CACvC,QAAQ,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,GAClC,sBAAsB,CAaxB;AAID,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,iBAAiB,GAAG,OAAO,CAEtE;AAID,wBAAgB,cAAc,CAAC,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAEpF;AAOD,wBAAgB,yBAAyB,CACvC,KAAK,EAAE;IACL,wFAAwF;IACxF,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC7C,sFAAsF;IACtF,QAAQ,EAAE,MAAM,CAAA;IAChB,wCAAwC;IACxC,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,+CAA+C;IAC/C,kBAAkB,CAAC,EAAE,MAAM,CAAA;CAC5B,GACA,mBAAmB,CAwCrB;AAMD,wBAAgB,mBAAmB,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACnE,GAAG,EAAE,CAAC,EACN,MAAM,CAAC,EAAE,MAAM,EAAE,GAChB,CAAC,GAAG;IAAE,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAW3D"}
+{"version":3,"file":"attestation.d.ts","sourceRoot":"","sources":["../../../src/core/attestation.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,aAAa,EAAE,eAAe,EAAE,eAAe,EAC/C,iBAAiB,EACjB,sBAAsB,EACtB,eAAe,EAAE,0BAA0B,EAC3C,kBAAkB,EAAE,mBAAmB,EACvB,eAAe,EAC/B,wBAAwB,EAAE,aAAa,EACvC,gBAAgB,EAChB,iBAAiB,EAElB,MAAM,yBAAyB,CAAA;AAChC,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAU1D,wBAAgB,uBAAuB,CACrC,aAAa,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE;IACR,gBAAgB,CAAC,EAAE,gBAAgB,EAAE,CAAC;IACtC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,GACA,iBAAiB,CAYnB;AAKD,wBAAgB,wBAAwB,CACtC,WAAW,EAAE,kBAAkB,EAC/B,SAAS,EAAE,iBAAiB,EAC5B,mBAAmB,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GACvC,wBAAwB,CA0E1B;AAWD,2DAA2D;AAC3D,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,eAAe,GAAG,aAAa,CAO9E;AAcD;;;;;;;;;;;GAWG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE;IAC5C,mFAAmF;IACnF,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,kBAAkB,CAAC,EAAE,OAAO,CAAA;IAC5B,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAC7B,8EAA8E;IAC9E,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACnC,GAAG,eAAe,CAuBlB;AAQD,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,sBAAsB,EAChC,OAAO,CAAC,EAAE;IACR,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC,GACA,aAAa,CAmBf;AAID,wBAAgB,uBAAuB,CACrC,KAAK,EAAE,aAAa,EACpB,QAAQ,EAAE,sBAAsB,GAC/B,eAAe,EAAE,CAWnB;AAKD,wBAAgB,4BAA4B,CAAC,QAAQ,EAAE,sBAAsB,GAAG,MAAM,CAErF;AAID,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,sBAAsB,EAChC,OAAO,CAAC,EAAE;IACR,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,mBAAmB,CAAC,EAAE,wBAAwB,EAAE,CAAC;IACjD,cAAc,CAAC,EAAE,aAAa,EAAE,CAAC;CAClC,GACA,eAAe,CAgBjB;AAKD,wBAAgB,eAAe,CAC7B,cAAc,EAAE,cAAc,EAC9B,OAAO,EAAE,eAAe,GACvB,cAAc,GAAG;IAAE,WAAW,EAAE,0BAA0B,CAAA;CAAE,CAU9D;AAMD,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,IAAI,CAAA;CAAE,CAAC,GACtE,iBAAiB,CA0BnB;AAID,wBAAgB,yBAAyB,CACvC,QAAQ,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,GAClC,sBAAsB,CAaxB;AAID,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,iBAAiB,GAAG,OAAO,CAEtE;AAID,wBAAgB,cAAc,CAAC,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAEpF;AAOD,wBAAgB,yBAAyB,CACvC,KAAK,EAAE;IACL,wFAAwF;IACxF,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC7C,sFAAsF;IACtF,QAAQ,EAAE,MAAM,CAAA;IAChB,wCAAwC;IACxC,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,+CAA+C;IAC/C,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,0FAA0F;IAC1F,SAAS,CAAC,EAAE,OAAO,sBAAsB,EAAE,oBAAoB,CAAA;CAChE,GACA,mBAAmB,CAyCrB;AAMD,wBAAgB,mBAAmB,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACnE,GAAG,EAAE,CAAC,EACN,MAAM,CAAC,EAAE,MAAM,EAAE,GAChB,CAAC,GAAG;IAAE,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAW3D"}

package/dist/src/core/attestation.js

@@ -95,6 +95,69 @@ export function verifyRuntimeAttestation(attestation, challenge, trustedAttester
         verifiedAt: now.toISOString(),
     };
 }
+// ── Evidence-Based Grade Assignment (A2A#1712 — VCOne-AI) ──
+// VCOne-AI flagged on A2A#1712: the original grade mapping was method-prefix
+// driven. A TPM-backed did:key was Grade 0 because it's did:key; a SPIFFE SVID
+// from a misconfigured cluster was Grade 2 because it's SPIFFE. That's backwards.
+//
+// The fix: classify by EVIDENCE QUALITY, not identity method. A did:key with
+// TPM attestation evidence reaches Grade 2, same as a verified SPIFFE SVID.
+// Evidence quality determines grade; method is only a fallback signal.
+/** Map evidence quality level to passport grade number. */
+export function evidenceQualityToGrade(quality) {
+    switch (quality) {
+        case 'none': return 0;
+        case 'issuer_vouched': return 1;
+        case 'infrastructure': return 2;
+        case 'principal_bound': return 3;
+    }
+}
+// Evidence field keys that indicate infrastructure/hardware binding.
+// External attestations come in many shapes — check loosely.
+const INFRASTRUCTURE_EVIDENCE_KEYS = [
+    'tpm_quote', 'tpmQuote',
+    'hardware_attestation', 'hardwareAttestation',
+    'tee_proof', 'teeProof',
+    'infrastructure_binding', 'infrastructureBinding',
+    'sgx_quote', 'sgxQuote',
+    'sev_attestation', 'sevAttestation',
+    'workload_attestation', 'workloadAttestation',
+];
+/**
+ * Classify evidence quality from attestation metadata.
+ *
+ * Precedence (highest to lowest):
+ *   1. Principal binding → 'principal_bound'
+ *   2. Infrastructure evidence (SPIFFE method, TPM quote, hardware attestation,
+ *      TEE proof, or any known infrastructure-binding key in evidence) → 'infrastructure'
+ *   3. Issuer signature → 'issuer_vouched'
+ *   4. None
+ *
+ * This is where a did:key with TPM evidence gets elevated to Grade 2.
+ */
+export function classifyEvidenceQuality(opts) {
+    // Principal binding takes precedence
+    if (opts.hasPrincipalBinding)
+        return 'principal_bound';
+    // Infrastructure evidence: method-based signal for SPIFFE, plus evidence-key detection
+    if (opts.method) {
+        const m = opts.method.toLowerCase();
+        if (m === 'spiffe' || m.startsWith('spiffe:') || m.startsWith('spiffe://')) {
+            return 'infrastructure';
+        }
+    }
+    if (opts.evidence) {
+        for (const key of INFRASTRUCTURE_EVIDENCE_KEYS) {
+            if (opts.evidence[key] !== undefined && opts.evidence[key] !== null) {
+                return 'infrastructure';
+            }
+        }
+    }
+    // Issuer vouched
+    if (opts.hasIssuerSignature)
+        return 'issuer_vouched';
+    return 'none';
+}
 // ── computePassportGrade ──
 // Determines grade from available verified attestations.
 // Grade 0: self-signed (bare keypair)
@@ -272,6 +335,7 @@ export function importProviderAttestation(input) {
         issuedAt: String(payload.iat ? new Date(Number(payload.iat) * 1000).toISOString() : payload.issued_at || new Date().toISOString()),
         expiresAt: payload.exp ? new Date(Number(payload.exp) * 1000).toISOString() : (payload.expires_at ? String(payload.expires_at) : undefined),
         signature,
+        freshness: input.freshness,
     };
 }
 // ── addIdentityBoundary ──

package/dist/src/core/attestation.js.map

@@ -1 +1 @@
-{"version":3,"file":"attestation.js","sourceRoot":"","sources":["../../../src/core/attestation.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,kDAAkD;AAClD,2FAA2F;AAE3F,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EAAQ,MAAM,EAAwB,MAAM,mBAAmB,CAAA;AACtE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAe7C,uBAAuB;AACvB,SAAS,SAAS,CAAC,KAAa;IAC9B,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACzD,CAAC;AAED,gCAAgC;AAChC,wCAAwC;AACxC,4DAA4D;AAC5D,MAAM,UAAU,uBAAuB,CACrC,aAAqB,EACrB,OAGC;IAED,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IACtB,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,gBAAgB,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,CAAA;IAElF,OAAO;QACL,WAAW,EAAE,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;QAC7F,KAAK,EAAE,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QAC/E,qBAAqB,EAAE,aAAa;QACpC,2BAA2B,EAAE,OAAO,EAAE,gBAAgB,IAAI,CAAC,SAAS,CAAC;QACrE,SAAS,EAAE,MAAM,CAAC,WAAW,EAAE;QAC/B,QAAQ,EAAE,GAAG,CAAC,WAAW,EAAE;KAC5B,CAAA;AACH,CAAC;AAED,iCAAiC;AACjC,iDAAiD;AACjD,kFAAkF;AAClF,MAAM,UAAU,wBAAwB,CACtC,WAA+B,EAC/B,SAA4B,EAC5B,mBAAwC,CAAC,6BAA6B;;IAEtE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,kBAAkB;IAClB,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,GAAG,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,iCAAiC;YACzC,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,sBAAsB;IACtB,IAAI,WAAW,CAAC,KAAK,KAAK,SAAS,CAAC,KAAK,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,yCAAyC;YACjD,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,oBAAoB;IACpB,IAAI,WAAW,CAAC,aAAa,KAAK,SAAS,CAAC,qBAAqB,EAAE,CAAC;QAClE,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,sDAAsD;YAC9D,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAG,mBAAmB,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;IACjE,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,UAAU;YAClB,MAAM,EAAE,YAAY,WAAW,CAAC,QAAQ,6BAA6B;YACrE,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,OAAO,GAAG,YAAY,CAAC;QAC3B,QAAQ,EAAE,WAAW,CAAC,QAAQ;QAC9B,KAAK,EAAE,WAAW,CAAC,KAAK;QACxB,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,YAAY,EAAE,WAAW,CAAC,YAAY;QACtC,SAAS,EAAE,WAAW,CAAC,SAAS;QAChC,qBAAqB,EAAE,WAAW,CAAC,qBAAqB;QACxD,mBAAmB,EAAE,WAAW,CAAC,mBAAmB;QACpD,mBAAmB,EAAE,WAAW,CAAC,mBAAmB;QACpD,QAAQ,EAAE,WAAW,CAAC,QAAQ;QAC9B,SAAS,EAAE,WAAW,CAAC,SAAS;KACjC,CAAC,CAAA;IAEF,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,EAAE,WAAW,CAAC,SAAS,EAAE,WAAW,CAAC,CAAA;IACpE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,wCAAwC;YAChD,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,OAAO;QACL,SAAS,EAAE,qBAAqB;QAChC,MAAM,EAAE,UAAU;QAClB,MAAM,EAAE,gCAAgC,WAAW,CAAC,QAAQ,EAAE;QAC9D,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;KAC9B,CAAA;AACH,CAAC;AAED,6BAA6B;AAC7B,yDAAyD;AACzD,sCAAsC;AACtC,gCAAgC;AAChC,6EAA6E;AAC7E,qCAAqC;AACrC,MAAM,UAAU,oBAAoB,CAClC,QAAgC,EAChC,OAKC;IAED,MAAM,GAAG,GAAG,OAAO,IAAI,EAAE,CAAA;IAEzB,+BAA+B;IAC/B,IAAI,GAAG,CAAC,kBAAkB,IAAI,GAAG,CAAC,uBAAuB,IAAI,GAAG,CAAC,kBAAkB,EAAE,CAAC;QACpF,OAAO,CAAC,CAAA;IACV,CAAC;IACD,IAAI,GAAG,CAAC,kBAAkB,IAAI,GAAG,CAAC,kBAAkB,EAAE,CAAC;QACrD,OAAO,CAAC,CAAA;IACV,CAAC;IACD,4DAA4D;IAC5D,iEAAiE;IACjE,IAAI,GAAG,CAAC,mBAAmB,IAAI,GAAG,CAAC,kBAAkB,EAAE,CAAC;QACtD,OAAO,CAAC,CAAA;IACV,CAAC;IACD,IAAI,GAAG,CAAC,kBAAkB,EAAE,CAAC;QAC3B,OAAO,CAAC,CAAA;IACV,CAAC;IACD,OAAO,CAAC,CAAA;AACV,CAAC;AAED,gCAAgC;AAChC,+CAA+C;AAC/C,MAAM,UAAU,uBAAuB,CACrC,KAAoB,EACpB,QAAgC;IAEhC,MAAM,KAAK,GAAsB,EAAE,CAAA;IAEnC,IAAI,KAAK,IAAI,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC1C,IAAI,KAAK,IAAI,CAAC,IAAI,QAAQ,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IACtF,IAAI,KAAK,IAAI,CAAC,IAAI,QAAQ,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;IACxF,IAAI,KAAK,IAAI,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;IAC7C,IAAI,QAAQ,CAAC,gBAAgB;QAAE,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;IAC5D,IAAI,QAAQ,CAAC,oBAAoB;QAAE,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAA;IAElE,OAAO,KAAK,CAAA;AACd,CAAC;AAED,qCAAqC;AACrC,wEAAwE;AACxE,wFAAwF;AACxF,MAAM,UAAU,4BAA4B,CAAC,QAAgC;IAC3E,OAAO,SAAS,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC1C,CAAC;AAED,8BAA8B;AAC9B,iEAAiE;AACjE,MAAM,UAAU,qBAAqB,CACnC,QAAgC,EAChC,OAOC;IAED,MAAM,KAAK,GAAG,oBAAoB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;IACrD,MAAM,KAAK,GAAG,uBAAuB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAA;IACtD,MAAM,UAAU,GAAG,4BAA4B,CAAC,QAAQ,CAAC,CAAA;IAEzD,OAAO;QACL,QAAQ;QACR,UAAU,EAAE;YACV,aAAa,EAAE,KAAK;YACpB,qBAAqB,EAAE,UAAU;YACjC,KAAK;YACL,mBAAmB,EAAE,OAAO,EAAE,mBAAmB,IAAI,EAAE;YACvD,cAAc,EAAE,OAAO,EAAE,cAAc;YACvC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC;KACF,CAAA;AACH,CAAC;AAED,wBAAwB;AACxB,yDAAyD;AACzD,kEAAkE;AAClE,MAAM,UAAU,eAAe,CAC7B,cAA8B,EAC9B,OAAwB;IAExB,MAAM,OAAO,GAA+B;QAC1C,aAAa,EAAE,OAAO,CAAC,UAAU,CAAC,aAAa;QAC/C,qBAAqB,EAAE,OAAO,CAAC,UAAU,CAAC,qBAAqB;QAC/D,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,KAAK;KAChC,CAAA;IACD,OAAO;QACL,GAAG,cAAc;QACjB,WAAW,EAAE,OAAO;KACrB,CAAA;AACH,CAAC;AAED,gCAAgC;AAChC,kDAAkD;AAClD,qEAAqE;AACrE,8BAA8B;AAC9B,MAAM,UAAU,uBAAuB,CACrC,OAAuE;IAEvE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,8CAA8C;IAC9C,MAAM,eAAe,GAA6B,OAAO;SACtD,GAAG,CAAC,CAAC,CAAC,EAAE;QACP,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,YAAY,CAAC,CAAA;QAC1C,SAAS,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;QAC7B,OAAO;YACL,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC;YAC3B,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,kBAAkB,EAAE,SAAS,CAAC,WAAW,EAAE;SAC5C,CAAA;IACH,CAAC,CAAC;SACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAA;IAEvD,MAAM,SAAS,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAA;IAC1E,MAAM,YAAY,GAAG,SAAS,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC,CAAA;IAE7D,OAAO;QACL,OAAO,EAAE,eAAe;QACxB,UAAU,EAAE,eAAe,CAAC,MAAM;QAClC,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;QAC7B,YAAY;KACb,CAAA;AACH,CAAC;AAED,kCAAkC;AAClC,kFAAkF;AAClF,MAAM,UAAU,yBAAyB,CACvC,QAAmC;IAEnC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IACtB,OAAO;QACL,SAAS,EAAE,OAAO,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;QAC5F,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE;QAC9B,QAAQ,EAAE;YACR,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;YAC7B,GAAG,QAAQ;SACZ;QACD,mBAAmB,EAAE,EAAE;QACvB,oBAAoB,EAAE,EAAE;QACxB,mBAAmB,EAAE,EAAE;KACxB,CAAA;AACH,CAAC;AAED,yBAAyB;AACzB,iDAAiD;AACjD,MAAM,UAAU,gBAAgB,CAAC,SAA4B;IAC3D,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE,CAAA;AACnD,CAAC;AAED,uBAAuB;AACvB,yDAAyD;AACzD,MAAM,UAAU,cAAc,CAAC,KAAoB,EAAE,OAAsB;IACzE,OAAO,KAAK,IAAI,OAAO,CAAA;AACzB,CAAC;AAED,kCAAkC;AAClC,4FAA4F;AAC5F,0FAA0F;AAC1F,gFAAgF;AAChF,0EAA0E;AAC1E,MAAM,UAAU,yBAAyB,CACvC,KASC;IAED,IAAI,OAAgC,CAAA;IACpC,IAAI,SAA6B,CAAA;IAEjC,IAAI,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC1C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,wCAAwC;YACxC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;gBACpE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;gBAC7B,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;YACtB,CAAC;YAAC,MAAM,CAAC;gBACP,mCAAmC;gBACnC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;YACzC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QACzC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,KAAK,CAAC,WAAW,CAAA;IAC7B,CAAC;IAED,yCAAyC;IACzC,MAAM,SAAS,GAAG,MAAM,CACtB,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,QAAQ,IAAI,EAAE,CAC/E,CAAA;IACD,MAAM,aAAa,GAAG,SAAS,CAAC,SAAS,CAAC,CAAA;IAE1C,OAAO;QACL,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,YAAY,EAAE,KAAK,CAAC,YAAY,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC;QAC5E,aAAa;QACb,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS;QACxD,aAAa,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;QACrF,kBAAkB,EAAE,KAAK,CAAC,kBAAkB,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,IAAI,KAAK,CAAC;QAC5F,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAClI,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC3I,SAAS;KACV,CAAA;AACH,CAAC;AAED,4BAA4B;AAC5B,qFAAqF;AACrF,oFAAoF;AACpF,8FAA8F;AAC9F,MAAM,UAAU,mBAAmB,CACjC,GAAM,EACN,MAAiB;IAEjB,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;IACpF,MAAM,SAAS,GAA4B,EAAE,iBAAiB,EAAE,QAAQ,EAAE,CAAA;IAC1E,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG;YAAE,SAAS,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;IACrC,CAAC;IACD,OAAO;QACL,GAAG,GAAG;QACN,iBAAiB,EAAE,QAAQ;QAC3B,YAAY,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;KACnD,CAAA;AACH,CAAC"}
+{"version":3,"file":"attestation.js","sourceRoot":"","sources":["../../../src/core/attestation.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,kDAAkD;AAClD,2FAA2F;AAE3F,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EAAQ,MAAM,EAAwB,MAAM,mBAAmB,CAAA;AACtE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAe7C,uBAAuB;AACvB,SAAS,SAAS,CAAC,KAAa;IAC9B,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACzD,CAAC;AAED,gCAAgC;AAChC,wCAAwC;AACxC,4DAA4D;AAC5D,MAAM,UAAU,uBAAuB,CACrC,aAAqB,EACrB,OAGC;IAED,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IACtB,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,gBAAgB,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,CAAA;IAElF,OAAO;QACL,WAAW,EAAE,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;QAC7F,KAAK,EAAE,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QAC/E,qBAAqB,EAAE,aAAa;QACpC,2BAA2B,EAAE,OAAO,EAAE,gBAAgB,IAAI,CAAC,SAAS,CAAC;QACrE,SAAS,EAAE,MAAM,CAAC,WAAW,EAAE;QAC/B,QAAQ,EAAE,GAAG,CAAC,WAAW,EAAE;KAC5B,CAAA;AACH,CAAC;AAED,iCAAiC;AACjC,iDAAiD;AACjD,kFAAkF;AAClF,MAAM,UAAU,wBAAwB,CACtC,WAA+B,EAC/B,SAA4B,EAC5B,mBAAwC,CAAC,6BAA6B;;IAEtE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,kBAAkB;IAClB,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,GAAG,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,iCAAiC;YACzC,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,sBAAsB;IACtB,IAAI,WAAW,CAAC,KAAK,KAAK,SAAS,CAAC,KAAK,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,yCAAyC;YACjD,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,oBAAoB;IACpB,IAAI,WAAW,CAAC,aAAa,KAAK,SAAS,CAAC,qBAAqB,EAAE,CAAC;QAClE,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,sDAAsD;YAC9D,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAG,mBAAmB,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;IACjE,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,UAAU;YAClB,MAAM,EAAE,YAAY,WAAW,CAAC,QAAQ,6BAA6B;YACrE,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,OAAO,GAAG,YAAY,CAAC;QAC3B,QAAQ,EAAE,WAAW,CAAC,QAAQ;QAC9B,KAAK,EAAE,WAAW,CAAC,KAAK;QACxB,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,YAAY,EAAE,WAAW,CAAC,YAAY;QACtC,SAAS,EAAE,WAAW,CAAC,SAAS;QAChC,qBAAqB,EAAE,WAAW,CAAC,qBAAqB;QACxD,mBAAmB,EAAE,WAAW,CAAC,mBAAmB;QACpD,mBAAmB,EAAE,WAAW,CAAC,mBAAmB;QACpD,QAAQ,EAAE,WAAW,CAAC,QAAQ;QAC9B,SAAS,EAAE,WAAW,CAAC,SAAS;KACjC,CAAC,CAAA;IAEF,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,EAAE,WAAW,CAAC,SAAS,EAAE,WAAW,CAAC,CAAA;IACpE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,SAAS,EAAE,qBAAqB;YAChC,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,wCAAwC;YAChD,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;SAC9B,CAAA;IACH,CAAC;IAED,OAAO;QACL,SAAS,EAAE,qBAAqB;QAChC,MAAM,EAAE,UAAU;QAClB,MAAM,EAAE,gCAAgC,WAAW,CAAC,QAAQ,EAAE;QAC9D,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;KAC9B,CAAA;AACH,CAAC;AAED,8DAA8D;AAC9D,6EAA6E;AAC7E,+EAA+E;AAC/E,kFAAkF;AAClF,EAAE;AACF,6EAA6E;AAC7E,4EAA4E;AAC5E,uEAAuE;AAEvE,2DAA2D;AAC3D,MAAM,UAAU,sBAAsB,CAAC,OAAwB;IAC7D,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,MAAM,CAAC,CAAC,OAAO,CAAC,CAAA;QACrB,KAAK,gBAAgB,CAAC,CAAC,OAAO,CAAC,CAAA;QAC/B,KAAK,gBAAgB,CAAC,CAAC,OAAO,CAAC,CAAA;QAC/B,KAAK,iBAAiB,CAAC,CAAC,OAAO,CAAC,CAAA;IAClC,CAAC;AACH,CAAC;AAED,qEAAqE;AACrE,6DAA6D;AAC7D,MAAM,4BAA4B,GAAG;IACnC,WAAW,EAAE,UAAU;IACvB,sBAAsB,EAAE,qBAAqB;IAC7C,WAAW,EAAE,UAAU;IACvB,wBAAwB,EAAE,uBAAuB;IACjD,WAAW,EAAE,UAAU;IACvB,iBAAiB,EAAE,gBAAgB;IACnC,sBAAsB,EAAE,qBAAqB;CACrC,CAAA;AAEV;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAOvC;IACC,qCAAqC;IACrC,IAAI,IAAI,CAAC,mBAAmB;QAAE,OAAO,iBAAiB,CAAA;IAEtD,uFAAuF;IACvF,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAA;QACnC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC3E,OAAO,gBAAgB,CAAA;QACzB,CAAC;IACH,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,KAAK,MAAM,GAAG,IAAI,4BAA4B,EAAE,CAAC;YAC/C,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,SAAS,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;gBACpE,OAAO,gBAAgB,CAAA;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED,iBAAiB;IACjB,IAAI,IAAI,CAAC,kBAAkB;QAAE,OAAO,gBAAgB,CAAA;IAEpD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,6BAA6B;AAC7B,yDAAyD;AACzD,sCAAsC;AACtC,gCAAgC;AAChC,6EAA6E;AAC7E,qCAAqC;AACrC,MAAM,UAAU,oBAAoB,CAClC,QAAgC,EAChC,OAKC;IAED,MAAM,GAAG,GAAG,OAAO,IAAI,EAAE,CAAA;IAEzB,+BAA+B;IAC/B,IAAI,GAAG,CAAC,kBAAkB,IAAI,GAAG,CAAC,uBAAuB,IAAI,GAAG,CAAC,kBAAkB,EAAE,CAAC;QACpF,OAAO,CAAC,CAAA;IACV,CAAC;IACD,IAAI,GAAG,CAAC,kBAAkB,IAAI,GAAG,CAAC,kBAAkB,EAAE,CAAC;QACrD,OAAO,CAAC,CAAA;IACV,CAAC;IACD,4DAA4D;IAC5D,iEAAiE;IACjE,IAAI,GAAG,CAAC,mBAAmB,IAAI,GAAG,CAAC,kBAAkB,EAAE,CAAC;QACtD,OAAO,CAAC,CAAA;IACV,CAAC;IACD,IAAI,GAAG,CAAC,kBAAkB,EAAE,CAAC;QAC3B,OAAO,CAAC,CAAA;IACV,CAAC;IACD,OAAO,CAAC,CAAA;AACV,CAAC;AAED,gCAAgC;AAChC,+CAA+C;AAC/C,MAAM,UAAU,uBAAuB,CACrC,KAAoB,EACpB,QAAgC;IAEhC,MAAM,KAAK,GAAsB,EAAE,CAAA;IAEnC,IAAI,KAAK,IAAI,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC1C,IAAI,KAAK,IAAI,CAAC,IAAI,QAAQ,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IACtF,IAAI,KAAK,IAAI,CAAC,IAAI,QAAQ,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;IACxF,IAAI,KAAK,IAAI,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;IAC7C,IAAI,QAAQ,CAAC,gBAAgB;QAAE,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;IAC5D,IAAI,QAAQ,CAAC,oBAAoB;QAAE,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAA;IAElE,OAAO,KAAK,CAAA;AACd,CAAC;AAED,qCAAqC;AACrC,wEAAwE;AACxE,wFAAwF;AACxF,MAAM,UAAU,4BAA4B,CAAC,QAAgC;IAC3E,OAAO,SAAS,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC1C,CAAC;AAED,8BAA8B;AAC9B,iEAAiE;AACjE,MAAM,UAAU,qBAAqB,CACnC,QAAgC,EAChC,OAOC;IAED,MAAM,KAAK,GAAG,oBAAoB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;IACrD,MAAM,KAAK,GAAG,uBAAuB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAA;IACtD,MAAM,UAAU,GAAG,4BAA4B,CAAC,QAAQ,CAAC,CAAA;IAEzD,OAAO;QACL,QAAQ;QACR,UAAU,EAAE;YACV,aAAa,EAAE,KAAK;YACpB,qBAAqB,EAAE,UAAU;YACjC,KAAK;YACL,mBAAmB,EAAE,OAAO,EAAE,mBAAmB,IAAI,EAAE;YACvD,cAAc,EAAE,OAAO,EAAE,cAAc;YACvC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC;KACF,CAAA;AACH,CAAC;AAED,wBAAwB;AACxB,yDAAyD;AACzD,kEAAkE;AAClE,MAAM,UAAU,eAAe,CAC7B,cAA8B,EAC9B,OAAwB;IAExB,MAAM,OAAO,GAA+B;QAC1C,aAAa,EAAE,OAAO,CAAC,UAAU,CAAC,aAAa;QAC/C,qBAAqB,EAAE,OAAO,CAAC,UAAU,CAAC,qBAAqB;QAC/D,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,KAAK;KAChC,CAAA;IACD,OAAO;QACL,GAAG,cAAc;QACjB,WAAW,EAAE,OAAO;KACrB,CAAA;AACH,CAAC;AAED,gCAAgC;AAChC,kDAAkD;AAClD,qEAAqE;AACrE,8BAA8B;AAC9B,MAAM,UAAU,uBAAuB,CACrC,OAAuE;IAEvE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,8CAA8C;IAC9C,MAAM,eAAe,GAA6B,OAAO;SACtD,GAAG,CAAC,CAAC,CAAC,EAAE;QACP,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,YAAY,CAAC,CAAA;QAC1C,SAAS,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAA;QAC7B,OAAO;YACL,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC;YAC3B,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,kBAAkB,EAAE,SAAS,CAAC,WAAW,EAAE;SAC5C,CAAA;IACH,CAAC,CAAC;SACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAA;IAEvD,MAAM,SAAS,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAA;IAC1E,MAAM,YAAY,GAAG,SAAS,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC,CAAA;IAE7D,OAAO;QACL,OAAO,EAAE,eAAe;QACxB,UAAU,EAAE,eAAe,CAAC,MAAM;QAClC,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;QAC7B,YAAY;KACb,CAAA;AACH,CAAC;AAED,kCAAkC;AAClC,kFAAkF;AAClF,MAAM,UAAU,yBAAyB,CACvC,QAAmC;IAEnC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IACtB,OAAO;QACL,SAAS,EAAE,OAAO,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;QAC5F,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE;QAC9B,QAAQ,EAAE;YACR,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE;YAC7B,GAAG,QAAQ;SACZ;QACD,mBAAmB,EAAE,EAAE;QACvB,oBAAoB,EAAE,EAAE;QACxB,mBAAmB,EAAE,EAAE;KACxB,CAAA;AACH,CAAC;AAED,yBAAyB;AACzB,iDAAiD;AACjD,MAAM,UAAU,gBAAgB,CAAC,SAA4B;IAC3D,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE,CAAA;AACnD,CAAC;AAED,uBAAuB;AACvB,yDAAyD;AACzD,MAAM,UAAU,cAAc,CAAC,KAAoB,EAAE,OAAsB;IACzE,OAAO,KAAK,IAAI,OAAO,CAAA;AACzB,CAAC;AAED,kCAAkC;AAClC,4FAA4F;AAC5F,0FAA0F;AAC1F,gFAAgF;AAChF,0EAA0E;AAC1E,MAAM,UAAU,yBAAyB,CACvC,KAWC;IAED,IAAI,OAAgC,CAAA;IACpC,IAAI,SAA6B,CAAA;IAEjC,IAAI,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC1C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,wCAAwC;YACxC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;gBACpE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;gBAC7B,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;YACtB,CAAC;YAAC,MAAM,CAAC;gBACP,mCAAmC;gBACnC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;YACzC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QACzC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,KAAK,CAAC,WAAW,CAAA;IAC7B,CAAC;IAED,yCAAyC;IACzC,MAAM,SAAS,GAAG,MAAM,CACtB,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,QAAQ,IAAI,EAAE,CAC/E,CAAA;IACD,MAAM,aAAa,GAAG,SAAS,CAAC,SAAS,CAAC,CAAA;IAE1C,OAAO;QACL,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,YAAY,EAAE,KAAK,CAAC,YAAY,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC;QAC5E,aAAa;QACb,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS;QACxD,aAAa,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;QACrF,kBAAkB,EAAE,KAAK,CAAC,kBAAkB,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,IAAI,KAAK,CAAC;QAC5F,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAClI,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC3I,SAAS;QACT,SAAS,EAAE,KAAK,CAAC,SAAS;KAC3B,CAAA;AACH,CAAC;AAED,4BAA4B;AAC5B,qFAAqF;AACrF,oFAAoF;AACpF,8FAA8F;AAC9F,MAAM,UAAU,mBAAmB,CACjC,GAAM,EACN,MAAiB;IAEjB,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;IACpF,MAAM,SAAS,GAA4B,EAAE,iBAAiB,EAAE,QAAQ,EAAE,CAAA;IAC1E,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG;YAAE,SAAS,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;IACrC,CAAC;IACD,OAAO;QACL,GAAG,GAAG;QACN,iBAAiB,EAAE,QAAQ;QAC3B,YAAY,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;KACnD,CAAA;AACH,CAAC"}

package/dist/src/core/canonical.d.ts

@@ -1,2 +1,5 @@
 export declare function canonicalize(obj: unknown): string;
+export declare function canonicalJson(obj: Record<string, unknown>): string;
+export declare function canonicalHash(obj: Record<string, unknown>): string;
+export declare function normalizeTimestamp(ts: string): string;
 //# sourceMappingURL=canonical.d.ts.map

package/dist/src/core/canonical.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"canonical.d.ts","sourceRoot":"","sources":["../../../src/core/canonical.ts"],"names":[],"mappings":"AAGA,wBAAgB,YAAY,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAkBjD"}
+{"version":3,"file":"canonical.d.ts","sourceRoot":"","sources":["../../../src/core/canonical.ts"],"names":[],"mappings":"AAKA,wBAAgB,YAAY,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAkBjD;AAKD,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAElE;AAGD,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAElE;AAMD,wBAAgB,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,CAOrD"}

package/dist/src/core/canonical.js

@@ -1,5 +1,6 @@
 // Canonical JSON — deterministic serialization for signing
 // Sorts keys alphabetically, omits null/undefined in object keys (not arrays)
+import { createHash } from 'node:crypto';
 export function canonicalize(obj) {
     if (obj === null || obj === undefined)
         return 'null';
@@ -22,4 +23,26 @@ export function canonicalize(obj) {
     });
     return '{' + sorted.join(',') + '}';
 }
+// canonicalJson — deterministic JSON serialization of an object.
+// Same semantics as canonicalize() but typed to objects for cross-system
+// receipt comparison (action_ref, compound_digest, etc.)
+export function canonicalJson(obj) {
+    return canonicalize(obj);
+}
+// canonicalHash — SHA-256 of canonicalJson(obj), returned as lowercase hex.
+export function canonicalHash(obj) {
+    return createHash('sha256').update(canonicalJson(obj)).digest('hex');
+}
+// normalizeTimestamp — force ISO 8601 second-precision UTC.
+// Accepts any parseable timestamp; returns format: YYYY-MM-DDTHH:mm:ssZ
+// Strips fractional seconds and normalizes timezone offsets to UTC.
+// Thread claim (A2A#1672): action_ref timestamps are second-precision.
+export function normalizeTimestamp(ts) {
+    const d = new Date(ts);
+    if (Number.isNaN(d.getTime())) {
+        throw new Error(`normalizeTimestamp: invalid timestamp "${ts}"`);
+    }
+    // ISO with milliseconds: 2026-04-05T03:39:31.123Z → strip ms
+    return d.toISOString().replace(/\.\d{3}Z$/, 'Z');
+}
 //# sourceMappingURL=canonical.js.map

package/dist/src/core/canonical.js.map

@@ -1 +1 @@
-{"version":3,"file":"canonical.js","sourceRoot":"","sources":["../../../src/core/canonical.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,8EAA8E;AAE9E,MAAM,UAAU,YAAY,CAAC,GAAY;IACvC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,MAAM,CAAA;IACpD,IAAI,GAAG,YAAY,IAAI;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;IACnD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;IACvD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAA;IAClE,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAA8B,CAAC;SACvD,IAAI,EAAE;SACN,MAAM,CAAC,GAAG,CAAC,EAAE;QACZ,MAAM,GAAG,GAAI,GAA+B,CAAC,GAAG,CAAC,CAAA;QACjD,OAAO,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS,CAAA;IAC1C,CAAC,CAAC;SACD,GAAG,CAAC,GAAG,CAAC,EAAE;QACT,MAAM,GAAG,GAAI,GAA+B,CAAC,GAAG,CAAC,CAAA;QACjD,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,EAAE,CAAA;IACtD,CAAC,CAAC,CAAA;IACJ,OAAO,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAA;AACrC,CAAC"}
+{"version":3,"file":"canonical.js","sourceRoot":"","sources":["../../../src/core/canonical.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,8EAA8E;AAE9E,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAExC,MAAM,UAAU,YAAY,CAAC,GAAY;IACvC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,MAAM,CAAA;IACpD,IAAI,GAAG,YAAY,IAAI;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;IACnD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;IACvD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAA;IAClE,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAA8B,CAAC;SACvD,IAAI,EAAE;SACN,MAAM,CAAC,GAAG,CAAC,EAAE;QACZ,MAAM,GAAG,GAAI,GAA+B,CAAC,GAAG,CAAC,CAAA;QACjD,OAAO,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS,CAAA;IAC1C,CAAC,CAAC;SACD,GAAG,CAAC,GAAG,CAAC,EAAE;QACT,MAAM,GAAG,GAAI,GAA+B,CAAC,GAAG,CAAC,CAAA;QACjD,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,EAAE,CAAA;IACtD,CAAC,CAAC,CAAA;IACJ,OAAO,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAA;AACrC,CAAC;AAED,iEAAiE;AACjE,yEAAyE;AACzE,yDAAyD;AACzD,MAAM,UAAU,aAAa,CAAC,GAA4B;IACxD,OAAO,YAAY,CAAC,GAAG,CAAC,CAAA;AAC1B,CAAC;AAED,4EAA4E;AAC5E,MAAM,UAAU,aAAa,CAAC,GAA4B;IACxD,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACtE,CAAC;AAED,4DAA4D;AAC5D,wEAAwE;AACxE,oEAAoE;AACpE,uEAAuE;AACvE,MAAM,UAAU,kBAAkB,CAAC,EAAU;IAC3C,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC,CAAA;IACtB,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,0CAA0C,EAAE,GAAG,CAAC,CAAA;IAClE,CAAC;IACD,6DAA6D;IAC7D,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;AAClD,CAAC"}

package/dist/src/core/execution-envelope.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"execution-envelope.d.ts","sourceRoot":"","sources":["../../../src/core/execution-envelope.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AACrF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,KAAK,EACV,iBAAiB,EAAE,oBAAoB,EACvC,gBAAgB,EAAE,gBAAgB,EACnC,MAAM,gCAAgC,CAAA;AAEvC;;;;;;;;GAQG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE;IAC5C,MAAM,EAAE,YAAY,CAAA;IACpB,QAAQ,EAAE,cAAc,CAAA;IACxB,OAAO,EAAE,aAAa,CAAA;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,0BAA0B;IAC1B,KAAK,EAAE,MAAM,CAAA;IACb,4CAA4C;IAC5C,QAAQ,EAAE,MAAM,CAAA;IAChB,sBAAsB;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,uDAAuD;IACvD,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,6BAA6B;IAC7B,UAAU,EAAE,MAAM,CAAA;IAClB,0CAA0C;IAC1C,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,oDAAoD;IACpD,gBAAgB,EAAE,MAAM,CAAA;IACxB,0BAA0B;IAC1B,eAAe,EAAE,MAAM,CAAA;CACxB,GAAG,iBAAiB,CAwEpB;AAED;;;;;;;;;GASG;AACH,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,iBAAiB,EAC3B,IAAI,CAAC,EAAE;IACL,kDAAkD;IAClD,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,6DAA6D;IAC7D,kBAAkB,CAAC,EAAE,MAAM,CAAA;CAC5B,GACA,oBAAoB,CAkDtB;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE;IAC1C,QAAQ,EAAE,MAAM,CAAA;IAChB,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,OAAO,EAAE,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAA;IAC/C,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,EAAE,MAAM,CAAA;IACpB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,WAAW,EAAE,MAAM,CAAA;IACnB,gBAAgB,EAAE,MAAM,CAAA;IACxB,eAAe,EAAE,MAAM,CAAA;CACxB,GAAG,iBAAiB,CAyCpB"}
+{"version":3,"file":"execution-envelope.d.ts","sourceRoot":"","sources":["../../../src/core/execution-envelope.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AACrF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,KAAK,EACV,iBAAiB,EAAE,oBAAoB,EACvC,gBAAgB,EAAE,gBAAgB,EACnC,MAAM,gCAAgC,CAAA;AAEvC;;;;;;;;GAQG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE;IAC5C,MAAM,EAAE,YAAY,CAAA;IACpB,QAAQ,EAAE,cAAc,CAAA;IACxB,OAAO,EAAE,aAAa,CAAA;IACtB,UAAU,EAAE,UAAU,CAAA;IACtB,0BAA0B;IAC1B,KAAK,EAAE,MAAM,CAAA;IACb,4CAA4C;IAC5C,QAAQ,EAAE,MAAM,CAAA;IAChB,sBAAsB;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,uDAAuD;IACvD,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,6BAA6B;IAC7B,UAAU,EAAE,MAAM,CAAA;IAClB,0CAA0C;IAC1C,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,oDAAoD;IACpD,gBAAgB,EAAE,MAAM,CAAA;IACxB,0BAA0B;IAC1B,eAAe,EAAE,MAAM,CAAA;CACxB,GAAG,iBAAiB,CAyEpB;AAED;;;;;;;;;GASG;AACH,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,iBAAiB,EAC3B,IAAI,CAAC,EAAE;IACL,kDAAkD;IAClD,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,6DAA6D;IAC7D,kBAAkB,CAAC,EAAE,MAAM,CAAA;CAC5B,GACA,oBAAoB,CAkDtB;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE;IAC1C,QAAQ,EAAE,MAAM,CAAA;IAChB,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,OAAO,EAAE,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAA;IAC/C,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,EAAE,MAAM,CAAA;IACpB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,WAAW,EAAE,MAAM,CAAA;IACnB,gBAAgB,EAAE,MAAM,CAAA;IACxB,eAAe,EAAE,MAAM,CAAA;CACxB,GAAG,iBAAiB,CAyCpB"}

package/dist/src/core/execution-envelope.js

@@ -43,6 +43,7 @@ export function createExecutionEnvelope(opts) {
         agent_did: opts.agentDid,
         run_id: opts.runId,
         action_id: opts.intent.intentId,
+        ...(opts.intent.actionRef ? { action_ref: opts.intent.actionRef } : {}),
         capability_ref: {
             manifest_hash: `sha256:${manifestHash}`,
             scope: opts.delegation.scope,

package/dist/src/core/execution-envelope.js.map

@@ -1 +1 @@
-{"version":3,"file":"execution-envelope.js","sourceRoot":"","sources":["../../../src/core/execution-envelope.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,qEAAqE;AACrE,0DAA0D;AAC1D,qEAAqE;AACrE,mDAAmD;AACnD,EAAE;AACF,qEAAqE;AACrE,2DAA2D;AAC3D,iEAAiE;AACjE,qEAAqE;AAErE,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAQ7C;;;;;;;;GAQG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAqBvC;IAEC,mDAAmD;IACnD,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC;SACtC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;SAC3C,MAAM,CAAC,KAAK,CAAC,CAAA;IAEhB,gCAAgC;IAChC,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC;SACtC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;SACnC,MAAM,CAAC,KAAK,CAAC,CAAA;IAEhB,6BAA6B;IAC7B,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC;SACrC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;SAClC,MAAM,CAAC,KAAK,CAAC,CAAA;IAEhB,oCAAoC;IACpC,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,KAAK,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW;QAC/E,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC;QACtC,CAAC,CAAC,IAAI,CAAA;IAER,kEAAkE;IAClE,MAAM,YAAY,GAAG;QACnB,MAAM,EAAE,yBAAkC;QAC1C,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,MAAM,EAAE,IAAI,CAAC,KAAK;QAClB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;QAE/B,cAAc,EAAE;YACd,aAAa,EAAE,UAAU,YAAY,EAAE;YACvC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK;YAC5B,sBAAsB,EAAE,IAAI,CAAC,UAAU;YACvC,iBAAiB,EAAE,IAAI,CAAC,gBAAgB;SACzC;QAED,QAAQ,EAAE;YACR,aAAa,EAAE,UAAU,YAAY,EAAE;YACvC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY;YACtC,iBAAiB,EAAE,IAAI,CAAC,gBAAgB;YACxC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAuC;YAC9D,SAAS;YACT,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,WAAW;YACvC,aAAa,EAAE,IAAI,CAAC,YAAY;YAChC,mBAAmB,EAAE,IAAI,CAAC,QAAQ,CAAC,SAAS;SAC7C;QAED,WAAW,EAAE;YACX,YAAY,EAAE,UAAU,WAAW,EAAE;YACrC,YAAY,EAAE,eAAe;YAC7B,gBAAgB,EAAE;gBAChB,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe;gBAC1C,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB;gBAC9C,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB;aAC7C;SACF;QAED,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAA;IAED,gCAAgC;IAChC,MAAM,SAAS,GAAG,YAAY,CAAC,YAAY,CAAC,CAAA;IAC5C,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAA;IAE7D,OAAO;QACL,GAAG,YAAY;QACf,SAAS,EAAE;YACT,SAAS,EAAE,SAAkB;YAC7B,UAAU,EAAE,IAAI,CAAC,eAAe;YAChC,KAAK,EAAE,cAAc;SACtB;KACF,CAAA;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,uBAAuB,CACrC,QAA2B,EAC3B,IAKC;IAED,MAAM,MAAM,GAAa,EAAE,CAAA;IAE3B,+BAA+B;IAC/B,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,EAAE,GAAG,QAAQ,CAAA;IACvC,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;IACpC,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,EAAE,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,UAAU,CAAC,CAAA;IAC/E,IAAI,CAAC,cAAc;QAAE,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAA;IAE9D,kCAAkC;IAClC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,cAAc,CAAC,iBAAiB,KAAK,QAAQ,CAAA;IAC/E,IAAI,CAAC,gBAAgB;QAAE,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAA;IAE1E,8BAA8B;IAC9B,IAAI,aAAa,GAAG,IAAI,CAAA;IACxB,IAAI,IAAI,EAAE,gBAAgB,EAAE,CAAC;QAC3B,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAA;QACnF,IAAI,WAAW,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxC,aAAa,GAAG,KAAK,CAAA;YACrB,MAAM,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,IAAI,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC,CAAA;QACxH,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,uBAAuB,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAA;IACrE,IAAI,CAAC,uBAAuB,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;IAC5C,CAAC;IAED,mEAAmE;IACnE,2DAA2D;IAC3D,IAAI,IAAI,EAAE,kBAAkB,IAAI,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,EAAE,CAAC;QACtE,uFAAuF;QACvF,2FAA2F;QAC3F,yFAAyF;QACzF,6FAA6F;QAC7F,2FAA2F;QAC3F,qFAAqF;QACrF,gEAAgE;QAChE,uBAAuB,GAAG,IAAI,CAAA,CAAC,uCAAuC;IACxE,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,cAAc;QACd,uBAAuB;QACvB,gBAAgB;QAChB,aAAa;QACb,MAAM;KACP,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,IAgBrC;IAEC,MAAM,YAAY,GAAG;QACnB,MAAM,EAAE,yBAAkC;QAC1C,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,MAAM,EAAE,IAAI,CAAC,KAAK;QAClB,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,cAAc,EAAE;YACd,aAAa,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;YAClF,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,sBAAsB,EAAE,CAAC;YACzB,iBAAiB,EAAE,IAAI,CAAC,gBAAgB;SACzC;QACD,QAAQ,EAAE;YACR,aAAa,EAAE,IAAI,CAAC,YAAY;YAChC,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,iBAAiB,EAAE,IAAI,CAAC,gBAAgB;YACxC,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS,EAAE,IAAI;YACf,YAAY,EAAE,IAAI,CAAC,WAAW;YAC9B,aAAa,EAAE,IAAI,CAAC,YAAY;YAChC,mBAAmB,EAAE,IAAI,CAAC,kBAAkB;SAC7C;QACD,WAAW,EAAE;YACX,YAAY,EAAE,IAAI,CAAC,WAAW;YAC9B,YAAY,EAAE,gBAAgB;SAC/B;QACD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAA;IAED,MAAM,SAAS,GAAG,YAAY,CAAC,YAAY,CAAC,CAAA;IAC5C,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAA;IAE7D,OAAO;QACL,GAAG,YAAY;QACf,SAAS,EAAE;YACT,SAAS,EAAE,SAAkB;YAC7B,UAAU,EAAE,IAAI,CAAC,eAAe;YAChC,KAAK,EAAE,cAAc;SACtB;KACF,CAAA;AACH,CAAC"}
+{"version":3,"file":"execution-envelope.js","sourceRoot":"","sources":["../../../src/core/execution-envelope.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,qEAAqE;AACrE,0DAA0D;AAC1D,qEAAqE;AACrE,mDAAmD;AACnD,EAAE;AACF,qEAAqE;AACrE,2DAA2D;AAC3D,iEAAiE;AACjE,qEAAqE;AAErE,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAQ7C;;;;;;;;GAQG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAqBvC;IAEC,mDAAmD;IACnD,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC;SACtC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;SAC3C,MAAM,CAAC,KAAK,CAAC,CAAA;IAEhB,gCAAgC;IAChC,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC;SACtC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;SACnC,MAAM,CAAC,KAAK,CAAC,CAAA;IAEhB,6BAA6B;IAC7B,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC;SACrC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;SAClC,MAAM,CAAC,KAAK,CAAC,CAAA;IAEhB,oCAAoC;IACpC,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,KAAK,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW;QAC/E,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC;QACtC,CAAC,CAAC,IAAI,CAAA;IAER,kEAAkE;IAClE,MAAM,YAAY,GAAG;QACnB,MAAM,EAAE,yBAAkC;QAC1C,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,MAAM,EAAE,IAAI,CAAC,KAAK;QAClB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;QAC/B,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAEvE,cAAc,EAAE;YACd,aAAa,EAAE,UAAU,YAAY,EAAE;YACvC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK;YAC5B,sBAAsB,EAAE,IAAI,CAAC,UAAU;YACvC,iBAAiB,EAAE,IAAI,CAAC,gBAAgB;SACzC;QAED,QAAQ,EAAE;YACR,aAAa,EAAE,UAAU,YAAY,EAAE;YACvC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY;YACtC,iBAAiB,EAAE,IAAI,CAAC,gBAAgB;YACxC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAuC;YAC9D,SAAS;YACT,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,WAAW;YACvC,aAAa,EAAE,IAAI,CAAC,YAAY;YAChC,mBAAmB,EAAE,IAAI,CAAC,QAAQ,CAAC,SAAS;SAC7C;QAED,WAAW,EAAE;YACX,YAAY,EAAE,UAAU,WAAW,EAAE;YACrC,YAAY,EAAE,eAAe;YAC7B,gBAAgB,EAAE;gBAChB,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe;gBAC1C,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB;gBAC9C,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB;aAC7C;SACF;QAED,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAA;IAED,gCAAgC;IAChC,MAAM,SAAS,GAAG,YAAY,CAAC,YAAY,CAAC,CAAA;IAC5C,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAA;IAE7D,OAAO;QACL,GAAG,YAAY;QACf,SAAS,EAAE;YACT,SAAS,EAAE,SAAkB;YAC7B,UAAU,EAAE,IAAI,CAAC,eAAe;YAChC,KAAK,EAAE,cAAc;SACtB;KACF,CAAA;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,uBAAuB,CACrC,QAA2B,EAC3B,IAKC;IAED,MAAM,MAAM,GAAa,EAAE,CAAA;IAE3B,+BAA+B;IAC/B,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,EAAE,GAAG,QAAQ,CAAA;IACvC,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;IACpC,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,EAAE,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,UAAU,CAAC,CAAA;IAC/E,IAAI,CAAC,cAAc;QAAE,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAA;IAE9D,kCAAkC;IAClC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,cAAc,CAAC,iBAAiB,KAAK,QAAQ,CAAA;IAC/E,IAAI,CAAC,gBAAgB;QAAE,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAA;IAE1E,8BAA8B;IAC9B,IAAI,aAAa,GAAG,IAAI,CAAA;IACxB,IAAI,IAAI,EAAE,gBAAgB,EAAE,CAAC;QAC3B,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAA;QACnF,IAAI,WAAW,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxC,aAAa,GAAG,KAAK,CAAA;YACrB,MAAM,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,IAAI,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC,CAAA;QACxH,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,uBAAuB,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAA;IACrE,IAAI,CAAC,uBAAuB,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;IAC5C,CAAC;IAED,mEAAmE;IACnE,2DAA2D;IAC3D,IAAI,IAAI,EAAE,kBAAkB,IAAI,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,EAAE,CAAC;QACtE,uFAAuF;QACvF,2FAA2F;QAC3F,yFAAyF;QACzF,6FAA6F;QAC7F,2FAA2F;QAC3F,qFAAqF;QACrF,gEAAgE;QAChE,uBAAuB,GAAG,IAAI,CAAA,CAAC,uCAAuC;IACxE,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,cAAc;QACd,uBAAuB;QACvB,gBAAgB;QAChB,aAAa;QACb,MAAM;KACP,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,IAgBrC;IAEC,MAAM,YAAY,GAAG;QACnB,MAAM,EAAE,yBAAkC;QAC1C,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,MAAM,EAAE,IAAI,CAAC,KAAK;QAClB,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,cAAc,EAAE;YACd,aAAa,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;YAClF,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,sBAAsB,EAAE,CAAC;YACzB,iBAAiB,EAAE,IAAI,CAAC,gBAAgB;SACzC;QACD,QAAQ,EAAE;YACR,aAAa,EAAE,IAAI,CAAC,YAAY;YAChC,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,iBAAiB,EAAE,IAAI,CAAC,gBAAgB;YACxC,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS,EAAE,IAAI;YACf,YAAY,EAAE,IAAI,CAAC,WAAW;YAC9B,aAAa,EAAE,IAAI,CAAC,YAAY;YAChC,mBAAmB,EAAE,IAAI,CAAC,kBAAkB;SAC7C;QACD,WAAW,EAAE;YACX,YAAY,EAAE,IAAI,CAAC,WAAW;YAC9B,YAAY,EAAE,gBAAgB;SAC/B;QACD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAA;IAED,MAAM,SAAS,GAAG,YAAY,CAAC,YAAY,CAAC,CAAA;IAC5C,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAA;IAE7D,OAAO;QACL,GAAG,YAAY;QACf,SAAS,EAAE;YACT,SAAS,EAAE,SAAkB;YAC7B,UAAU,EAAE,IAAI,CAAC,eAAe;YAChC,KAAK,EAAE,cAAc;SACtB;KACF,CAAA;AACH,CAAC"}

package/dist/src/core/feasibility.d.ts

@@ -23,4 +23,30 @@ export declare function lintTaskFeasibility(opts: {
     role: TaskRoleSpec;
     taskDeadline?: string;
 }): FeasibilityResult;
+export interface GatewayLintResult {
+    severity: 'error' | 'warning';
+    code: string;
+    message: string;
+}
+export interface GatewayLintReport {
+    delegation_id?: string;
+    checks_run: number;
+    checks_skipped: number;
+    skipped_reasons: string[];
+    errors: number;
+    warnings: number;
+    results: GatewayLintResult[];
+}
+/**
+ * Lint a delegation against a task context using only checks
+ * that the gateway can actually enforce.
+ *
+ * When context is not provided, checks that depend on it are skipped
+ * and listed in skipped_reasons. An empty-context call returns a report
+ * that says "N checks skipped" — not a false "clean" report.
+ */
+export declare function lintDelegationForGateway(delegation: Delegation, context?: {
+    requiredScopes?: string[];
+    estimatedSpend?: number;
+}): GatewayLintReport;
 //# sourceMappingURL=feasibility.d.ts.map

package/dist/src/core/feasibility.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"feasibility.d.ts","sourceRoot":"","sources":["../../../src/core/feasibility.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AAC5D,OAAO,KAAK,EAAoB,iBAAiB,EAAE,MAAM,yBAAyB,CAAA;AAkBlF;;;GAGG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE;IACnC,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB,GAAG,iBAAiB,CAgHpB;AAMD;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE;IACxC,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,YAAY,CAAA;IAClB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,GAAG,iBAAiB,CA8EpB"}
+{"version":3,"file":"feasibility.d.ts","sourceRoot":"","sources":["../../../src/core/feasibility.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AAC5D,OAAO,KAAK,EAAoB,iBAAiB,EAAE,MAAM,yBAAyB,CAAA;AAkBlF;;;GAGG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE;IACnC,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB,GAAG,iBAAiB,CAgHpB;AAMD;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE;IACxC,UAAU,EAAE,UAAU,CAAA;IACtB,IAAI,EAAE,YAAY,CAAA;IAClB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,GAAG,iBAAiB,CA8EpB;AASD,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,OAAO,GAAG,SAAS,CAAA;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;CAChB;AAED,MAAM,WAAW,iBAAiB;IAChC,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,UAAU,EAAE,MAAM,CAAA;IAClB,cAAc,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,EAAE,CAAA;IACzB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE,iBAAiB,EAAE,CAAA;CAC7B;AAED;;;;;;;GAOG;AACH,wBAAgB,wBAAwB,CACtC,UAAU,EAAE,UAAU,EACtB,OAAO,CAAC,EAAE;IACR,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB,GACA,iBAAiB,CA4DnB"}

package/dist/src/core/feasibility.js

@@ -202,4 +202,66 @@ export function lintTaskFeasibility(opts) {
     }
     return result(issues);
 }
+/**
+ * Lint a delegation against a task context using only checks
+ * that the gateway can actually enforce.
+ *
+ * When context is not provided, checks that depend on it are skipped
+ * and listed in skipped_reasons. An empty-context call returns a report
+ * that says "N checks skipped" — not a false "clean" report.
+ */
+export function lintDelegationForGateway(delegation, context) {
+    const results = [];
+    let checksRun = 0;
+    let checksSkipped = 0;
+    const skippedReasons = [];
+    // ── Check 1: SPEND_TOO_LOW ──
+    if (delegation.spendLimit !== undefined && context?.estimatedSpend !== undefined) {
+        checksRun++;
+        if (delegation.spendLimit < context.estimatedSpend) {
+            results.push({
+                severity: 'error',
+                code: 'SPEND_TOO_LOW',
+                message: `Spend limit ($${delegation.spendLimit}) is below estimated task cost ($${context.estimatedSpend}).`,
+            });
+        }
+    }
+    else {
+        checksSkipped++;
+        if (context?.estimatedSpend === undefined) {
+            skippedReasons.push('estimatedSpend not provided');
+        }
+        else {
+            skippedReasons.push('spendLimit not set on delegation');
+        }
+    }
+    // ── Check 2: SCOPE_MISSING ──
+    if (context?.requiredScopes && context.requiredScopes.length > 0) {
+        checksRun++;
+        const missingScopes = context.requiredScopes.filter(required => !delegation.scope.some(granted => scopeCovers(granted, required)));
+        if (missingScopes.length > 0) {
+            results.push({
+                severity: 'error',
+                code: 'SCOPE_MISSING',
+                message: `Task requires scope '${missingScopes.join("', '")}' but delegation grants [${delegation.scope.map(s => `'${s}'`).join(', ')}].`,
+            });
+        }
+    }
+    else {
+        checksSkipped++;
+        skippedReasons.push('requiredScopes not provided');
+    }
+    // ── Skipped checks (gateway schema limitations) ──
+    checksSkipped += 3;
+    skippedReasons.push('ALREADY_EXPIRED: expiresAt not in gateway delegations table', 'DEADLINE_IMPOSSIBLE: expiresAt not available', 'DEPTH_MAXED: currentDepth not tracked by gateway');
+    return {
+        delegation_id: delegation.delegationId,
+        checks_run: checksRun,
+        checks_skipped: checksSkipped,
+        skipped_reasons: skippedReasons,
+        errors: results.filter(r => r.severity === 'error').length,
+        warnings: results.filter(r => r.severity === 'warning').length,
+        results,
+    };
+}
 //# sourceMappingURL=feasibility.js.map

package/dist/src/core/feasibility.js.map

@@ -1 +1 @@
-{"version":3,"file":"feasibility.js","sourceRoot":"","sources":["../../../src/core/feasibility.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,0DAA0D;AAC1D,4DAA4D;AAK5D,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAA;AAE7C,SAAS,MAAM,CAAC,MAA0B;IACxC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAA;IACpE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAA;IACxE,OAAO;QACL,QAAQ,EAAE,UAAU,KAAK,CAAC;QAC1B,MAAM;QACN,UAAU;QACV,YAAY;KACb,CAAA;AACH,CAAC;AAED,yCAAyC;AACzC,qBAAqB;AACrB,yCAAyC;AAEzC;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,IAQ9B;IACC,MAAM,MAAM,GAAuB,EAAE,CAAA;IAErC,6CAA6C;IAC7C,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,mDAAmD;YAC5D,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;IACJ,CAAC;IAED,8CAA8C;IAC9C,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;QAC9D,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,iBAAiB;YACvB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,+BAA+B;YACxC,KAAK,EAAE,aAAa;SACrB,CAAC,CAAA;IACJ,CAAC;IAED,6BAA6B;IAC7B,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,8CAA8C;YACvD,KAAK,EAAE,aAAa;SACrB,CAAC,CAAA;IACJ,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,mBAAmB;YACzB,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,+CAA+C;YACxD,KAAK,EAAE,aAAa;SACrB,CAAC,CAAA;IACJ,CAAC;IAED,kCAAkC;IAClC,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,4BAA4B,IAAI,CAAC,UAAU,EAAE;gBACtD,KAAK,EAAE,YAAY;aACpB,CAAC,CAAA;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;YAC1B,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,6CAA6C;gBACtD,KAAK,EAAE,YAAY;aACpB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,IAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAA;IAC/B,IAAI,KAAK,GAAG,IAAI,EAAE,CAAC;QACjB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,iBAAiB,KAAK,sBAAsB,IAAI,EAAE;YAC3D,KAAK,EAAE,cAAc;SACtB,CAAC,CAAA;IACJ,CAAC;IACD,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACnB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,mBAAmB,KAAK,IAAI,IAAI,wCAAwC;YACjF,KAAK,EAAE,cAAc;SACtB,CAAC,CAAA;IACJ,CAAC;IAED,6BAA6B;IAC7B,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,IAAI,IAAI,CAAC,cAAc,IAAI,CAAC,EAAE,CAAC;QAClE,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,qBAAqB;YAC3B,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,kDAAkD,IAAI,CAAC,cAAc,IAAI;YAClF,KAAK,EAAE,gBAAgB;SACxB,CAAC,CAAA;IACJ,CAAC;IAED,+BAA+B;IAC/B,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,IAAI,IAAI,CAAC,cAAc,GAAG,CAAC,IAAI,IAAI,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAC5F,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,2CAA2C,IAAI,CAAC,cAAc,IAAI;YAC3E,KAAK,EAAE,gBAAgB;SACxB,CAAC,CAAA;IACJ,CAAC;IAED,4BAA4B;IAC5B,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,mEAAmE;YAC5E,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC,CAAA;AACvB,CAAC;AAED,yCAAyC;AACzC,2BAA2B;AAC3B,yCAAyC;AAEzC;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAInC;IACC,MAAM,MAAM,GAAuB,EAAE,CAAA;IACrC,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,IAAI,CAAA;IAEjC,6DAA6D;IAC7D,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACtE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,qBAAqB,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,oCAAoC,QAAQ,GAAG;gBACxG,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,qEAAqE;IACrE,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC,CAAA;QACvE,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,sBAAsB,SAAS,oCAAoC;gBAC5E,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,MAAM,gBAAgB,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACvD,MAAM,QAAQ,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC5C,IAAI,gBAAgB,GAAG,QAAQ,EAAE,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,oCAAoC;gBAC1C,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,sBAAsB,UAAU,CAAC,SAAS,yBAAyB,IAAI,CAAC,YAAY,EAAE;gBAC/F,KAAK,EAAE,WAAW;aACnB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QAChD,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,oBAAoB;YAC1B,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,yBAAyB,UAAU,CAAC,SAAS,EAAE;YACxD,KAAK,EAAE,WAAW;SACnB,CAAC,CAAA;IACJ,CAAC;IAED,+BAA+B;IAC/B,IAAI,UAAU,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,SAAS,GAAG,UAAU,CAAC,UAAU,GAAG,CAAC,UAAU,CAAC,WAAW,IAAI,CAAC,CAAC,CAAA;QACvE,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;YACnB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,sCAAsC,UAAU,CAAC,WAAW,OAAO,UAAU,CAAC,UAAU,EAAE;gBACnG,KAAK,EAAE,YAAY;aACpB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,IAAI,UAAU,CAAC,YAAY,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC;QACnD,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,oBAAoB;YAC1B,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,8BAA8B,UAAU,CAAC,YAAY,IAAI,UAAU,CAAC,QAAQ,iCAAiC;YACtH,KAAK,EAAE,cAAc;SACtB,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC,CAAA;AACvB,CAAC"}
+{"version":3,"file":"feasibility.js","sourceRoot":"","sources":["../../../src/core/feasibility.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,0DAA0D;AAC1D,4DAA4D;AAK5D,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAA;AAE7C,SAAS,MAAM,CAAC,MAA0B;IACxC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAA;IACpE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAA;IACxE,OAAO;QACL,QAAQ,EAAE,UAAU,KAAK,CAAC;QAC1B,MAAM;QACN,UAAU;QACV,YAAY;KACb,CAAA;AACH,CAAC;AAED,yCAAyC;AACzC,qBAAqB;AACrB,yCAAyC;AAEzC;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,IAQ9B;IACC,MAAM,MAAM,GAAuB,EAAE,CAAA;IAErC,6CAA6C;IAC7C,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,mDAAmD;YAC5D,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;IACJ,CAAC;IAED,8CAA8C;IAC9C,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;QAC9D,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,iBAAiB;YACvB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,+BAA+B;YACxC,KAAK,EAAE,aAAa;SACrB,CAAC,CAAA;IACJ,CAAC;IAED,6BAA6B;IAC7B,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,8CAA8C;YACvD,KAAK,EAAE,aAAa;SACrB,CAAC,CAAA;IACJ,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,mBAAmB;YACzB,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,+CAA+C;YACxD,KAAK,EAAE,aAAa;SACrB,CAAC,CAAA;IACJ,CAAC;IAED,kCAAkC;IAClC,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,4BAA4B,IAAI,CAAC,UAAU,EAAE;gBACtD,KAAK,EAAE,YAAY;aACpB,CAAC,CAAA;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;YAC1B,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,6CAA6C;gBACtD,KAAK,EAAE,YAAY;aACpB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,IAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAA;IAC/B,IAAI,KAAK,GAAG,IAAI,EAAE,CAAC;QACjB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,iBAAiB,KAAK,sBAAsB,IAAI,EAAE;YAC3D,KAAK,EAAE,cAAc;SACtB,CAAC,CAAA;IACJ,CAAC;IACD,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACnB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,mBAAmB,KAAK,IAAI,IAAI,wCAAwC;YACjF,KAAK,EAAE,cAAc;SACtB,CAAC,CAAA;IACJ,CAAC;IAED,6BAA6B;IAC7B,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,IAAI,IAAI,CAAC,cAAc,IAAI,CAAC,EAAE,CAAC;QAClE,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,qBAAqB;YAC3B,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,kDAAkD,IAAI,CAAC,cAAc,IAAI;YAClF,KAAK,EAAE,gBAAgB;SACxB,CAAC,CAAA;IACJ,CAAC;IAED,+BAA+B;IAC/B,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,IAAI,IAAI,CAAC,cAAc,GAAG,CAAC,IAAI,IAAI,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAC5F,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,2CAA2C,IAAI,CAAC,cAAc,IAAI;YAC3E,KAAK,EAAE,gBAAgB;SACxB,CAAC,CAAA;IACJ,CAAC;IAED,4BAA4B;IAC5B,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,mEAAmE;YAC5E,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC,CAAA;AACvB,CAAC;AAED,yCAAyC;AACzC,2BAA2B;AAC3B,yCAAyC;AAEzC;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAInC;IACC,MAAM,MAAM,GAAuB,EAAE,CAAA;IACrC,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,IAAI,CAAA;IAEjC,6DAA6D;IAC7D,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;QACtE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,qBAAqB,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,oCAAoC,QAAQ,GAAG;gBACxG,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,qEAAqE;IACrE,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC,CAAA;QACvE,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,sBAAsB,SAAS,oCAAoC;gBAC5E,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,MAAM,gBAAgB,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACvD,MAAM,QAAQ,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC5C,IAAI,gBAAgB,GAAG,QAAQ,EAAE,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,oCAAoC;gBAC1C,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,sBAAsB,UAAU,CAAC,SAAS,yBAAyB,IAAI,CAAC,YAAY,EAAE;gBAC/F,KAAK,EAAE,WAAW;aACnB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QAChD,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,oBAAoB;YAC1B,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,yBAAyB,UAAU,CAAC,SAAS,EAAE;YACxD,KAAK,EAAE,WAAW;SACnB,CAAC,CAAA;IACJ,CAAC;IAED,+BAA+B;IAC/B,IAAI,UAAU,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,SAAS,GAAG,UAAU,CAAC,UAAU,GAAG,CAAC,UAAU,CAAC,WAAW,IAAI,CAAC,CAAC,CAAA;QACvE,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;YACnB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,sCAAsC,UAAU,CAAC,WAAW,OAAO,UAAU,CAAC,UAAU,EAAE;gBACnG,KAAK,EAAE,YAAY;aACpB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,IAAI,UAAU,CAAC,YAAY,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC;QACnD,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,oBAAoB;YAC1B,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,8BAA8B,UAAU,CAAC,YAAY,IAAI,UAAU,CAAC,QAAQ,iCAAiC;YACtH,KAAK,EAAE,cAAc;SACtB,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC,CAAA;AACvB,CAAC;AAyBD;;;;;;;GAOG;AACH,MAAM,UAAU,wBAAwB,CACtC,UAAsB,EACtB,OAGC;IAED,MAAM,OAAO,GAAwB,EAAE,CAAA;IACvC,IAAI,SAAS,GAAG,CAAC,CAAA;IACjB,IAAI,aAAa,GAAG,CAAC,CAAA;IACrB,MAAM,cAAc,GAAa,EAAE,CAAA;IAEnC,+BAA+B;IAC/B,IAAI,UAAU,CAAC,UAAU,KAAK,SAAS,IAAI,OAAO,EAAE,cAAc,KAAK,SAAS,EAAE,CAAC;QACjF,SAAS,EAAE,CAAA;QACX,IAAI,UAAU,CAAC,UAAU,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC;gBACX,QAAQ,EAAE,OAAO;gBACjB,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,iBAAiB,UAAU,CAAC,UAAU,oCAAoC,OAAO,CAAC,cAAc,IAAI;aAC9G,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,aAAa,EAAE,CAAA;QACf,IAAI,OAAO,EAAE,cAAc,KAAK,SAAS,EAAE,CAAC;YAC1C,cAAc,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;QACpD,CAAC;aAAM,CAAC;YACN,cAAc,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAA;QACzD,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,IAAI,OAAO,EAAE,cAAc,IAAI,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjE,SAAS,EAAE,CAAA;QACX,MAAM,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC,MAAM,CACjD,QAAQ,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,WAAW,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAC9E,CAAA;QACD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,CAAC,IAAI,CAAC;gBACX,QAAQ,EAAE,OAAO;gBACjB,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,wBAAwB,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,4BAA4B,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;aAC1I,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,aAAa,EAAE,CAAA;QACf,cAAc,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;IACpD,CAAC;IAED,oDAAoD;IACpD,aAAa,IAAI,CAAC,CAAA;IAClB,cAAc,CAAC,IAAI,CACjB,6DAA6D,EAC7D,8CAA8C,EAC9C,kDAAkD,CACnD,CAAA;IAED,OAAO;QACL,aAAa,EAAE,UAAU,CAAC,YAAY;QACtC,UAAU,EAAE,SAAS;QACrB,cAAc,EAAE,aAAa;QAC7B,eAAe,EAAE,cAAc;QAC/B,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM;QAC1D,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM;QAC9D,OAAO;KACR,CAAA;AACH,CAAC"}

package/dist/src/core/freshness.d.ts

@@ -0,0 +1,24 @@
+import type { AttestationFreshness } from '../types/passport.js';
+/**
+ * Seconds elapsed since the evidence was produced (`validAt`).
+ * Returns 0 if validAt is in the future (clock skew); never negative.
+ */
+export declare function computeEvidenceAge(freshness: AttestationFreshness, now?: Date): number;
+/**
+ * Whether the evidence is still fresh for its type.
+ *   rotating: now - validAt < ttl (ttl required; missing ttl → not fresh)
+ *   snapshot: now - validAt < maxAge; if maxAge omitted → fresh (conservative default)
+ *   static:   always true
+ */
+export declare function isEvidenceFresh(freshness: AttestationFreshness, now?: Date): boolean;
+/**
+ * Construct a snapshot freshness record (TPM quote, point-in-time attestation).
+ * `maxAge` is the recommended staleness window in seconds.
+ */
+export declare function createSnapshotFreshness(validAt: string, maxAge?: number): AttestationFreshness;
+/**
+ * Construct a rotating freshness record (SPIFFE SVID, short-lived JWT).
+ * `ttl` is the evidence lifetime in seconds.
+ */
+export declare function createRotatingFreshness(validAt: string, ttl: number): AttestationFreshness;
+//# sourceMappingURL=freshness.d.ts.map

package/dist/src/core/freshness.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"freshness.d.ts","sourceRoot":"","sources":["../../../src/core/freshness.ts"],"names":[],"mappings":"AAoBA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAA;AAEhE;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,oBAAoB,EAAE,GAAG,CAAC,EAAE,IAAI,GAAG,MAAM,CAKtF;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,SAAS,EAAE,oBAAoB,EAAE,GAAG,CAAC,EAAE,IAAI,GAAG,OAAO,CAYpF;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,oBAAoB,CAE9F;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,oBAAoB,CAE1F"}