agent-passport-system 1.35.0 → 1.36.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/adapters/a2a.d.ts +52 -0
- package/dist/src/adapters/a2a.d.ts.map +1 -1
- package/dist/src/adapters/a2a.js +88 -0
- package/dist/src/adapters/a2a.js.map +1 -1
- package/dist/src/adapters/crewai.d.ts +37 -0
- package/dist/src/adapters/crewai.d.ts.map +1 -1
- package/dist/src/adapters/crewai.js +75 -0
- package/dist/src/adapters/crewai.js.map +1 -1
- package/dist/src/adapters/gonka.d.ts +75 -0
- package/dist/src/adapters/gonka.d.ts.map +1 -0
- package/dist/src/adapters/gonka.js +162 -0
- package/dist/src/adapters/gonka.js.map +1 -0
- package/dist/src/adapters/ibac-cedar.d.ts +24 -0
- package/dist/src/adapters/ibac-cedar.d.ts.map +1 -0
- package/dist/src/adapters/ibac-cedar.js +76 -0
- package/dist/src/adapters/ibac-cedar.js.map +1 -0
- package/dist/src/adapters/ibac.d.ts +77 -0
- package/dist/src/adapters/ibac.d.ts.map +1 -0
- package/dist/src/adapters/ibac.js +117 -0
- package/dist/src/adapters/ibac.js.map +1 -0
- package/dist/src/adapters/langchain.d.ts +32 -0
- package/dist/src/adapters/langchain.d.ts.map +1 -1
- package/dist/src/adapters/langchain.js +73 -0
- package/dist/src/adapters/langchain.js.map +1 -1
- package/dist/src/adapters/mcp.d.ts +45 -0
- package/dist/src/adapters/mcp.d.ts.map +1 -0
- package/dist/src/adapters/mcp.js +84 -0
- package/dist/src/adapters/mcp.js.map +1 -0
- package/dist/src/index.d.ts +13 -0
- package/dist/src/index.d.ts.map +1 -1
- package/dist/src/index.js +7 -0
- package/dist/src/index.js.map +1 -1
- package/package.json +2 -2
|
@@ -27,4 +27,56 @@ export interface A2AGovernance {
|
|
|
27
27
|
hook: GovernanceHook;
|
|
28
28
|
}
|
|
29
29
|
export declare function createA2AGovernance(config: GovernanceHookConfig): A2AGovernance;
|
|
30
|
+
import type { Delegation, SignedPassport } from '../types/passport.js';
|
|
31
|
+
export interface A2AAgentCardV2 {
|
|
32
|
+
name: string;
|
|
33
|
+
description?: string;
|
|
34
|
+
url?: string;
|
|
35
|
+
provider?: {
|
|
36
|
+
organization: string;
|
|
37
|
+
url?: string;
|
|
38
|
+
};
|
|
39
|
+
version?: string;
|
|
40
|
+
capabilities?: {
|
|
41
|
+
streaming?: boolean;
|
|
42
|
+
pushNotifications?: boolean;
|
|
43
|
+
stateTransitionHistory?: boolean;
|
|
44
|
+
};
|
|
45
|
+
skills?: Array<{
|
|
46
|
+
id: string;
|
|
47
|
+
name: string;
|
|
48
|
+
description?: string;
|
|
49
|
+
inputModes?: string[];
|
|
50
|
+
outputModes?: string[];
|
|
51
|
+
}>;
|
|
52
|
+
securitySchemes?: Record<string, unknown>;
|
|
53
|
+
security?: unknown[];
|
|
54
|
+
defaultInputModes?: string[];
|
|
55
|
+
defaultOutputModes?: string[];
|
|
56
|
+
extensions?: {
|
|
57
|
+
aps_trust?: unknown;
|
|
58
|
+
[k: string]: unknown;
|
|
59
|
+
};
|
|
60
|
+
}
|
|
61
|
+
/** Convert APS passport to A2A Agent Card */
|
|
62
|
+
export declare function passportToA2ACard(passport: SignedPassport, opts?: {
|
|
63
|
+
delegation?: Delegation;
|
|
64
|
+
url?: string;
|
|
65
|
+
skills?: A2AAgentCardV2['skills'];
|
|
66
|
+
capabilities?: A2AAgentCardV2['capabilities'];
|
|
67
|
+
}): A2AAgentCardV2;
|
|
68
|
+
/** Convert A2A Agent Card to APS passport metadata */
|
|
69
|
+
export declare function a2aCardToPassportMeta(card: A2AAgentCardV2): {
|
|
70
|
+
agentId: string;
|
|
71
|
+
metadata: Record<string, unknown>;
|
|
72
|
+
};
|
|
73
|
+
/** Verify an A2A agent has valid APS identity */
|
|
74
|
+
export declare function verifyA2AIdentity(card: A2AAgentCardV2, passport: SignedPassport): {
|
|
75
|
+
valid: boolean;
|
|
76
|
+
errors: string[];
|
|
77
|
+
};
|
|
78
|
+
/** Extract delegation scope from A2A skills */
|
|
79
|
+
export declare function a2aSkillsToScope(skills?: A2AAgentCardV2['skills']): string[];
|
|
80
|
+
/** Embed APS trust signal in Agent Card extensions */
|
|
81
|
+
export declare function embedA2ATrustSignal(card: A2AAgentCardV2, passport: SignedPassport, trustEndpoint?: string): A2AAgentCardV2;
|
|
30
82
|
//# sourceMappingURL=a2a.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"a2a.d.ts","sourceRoot":"","sources":["../../../src/adapters/a2a.ts"],"names":[],"mappings":"AACA;;;;;;GAMG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,oBAAoB,EAAoB,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAEnD,MAAM,WAAW,aAAa;IAC5B,qDAAqD;IACrD,YAAY,EAAE,CAAC,IAAI,EAAE,YAAY,KAAK,MAAM,EAAE,CAAA;IAC9C,8BAA8B;IAC9B,cAAc,EAAE,CACd,UAAU,EAAE,YAAY,EACxB,eAAe,EAAE,MAAM,EACvB,OAAO,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,KAC5B,OAAO,CAAC;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,iBAAiB,CAAC;QAAC,UAAU,EAAE,gBAAgB,CAAA;KAAE,CAAC,CAAA;IAC3F,8BAA8B;IAC9B,iBAAiB,EAAE,CACjB,SAAS,EAAE,MAAM,EACjB,eAAe,EAAE,MAAM,EACvB,OAAO,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,KAC5B,OAAO,CAAC;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,iBAAiB,CAAC;QAAC,UAAU,EAAE,gBAAgB,CAAA;KAAE,CAAC,CAAA;IAC3F,eAAe,EAAE,MAAM,iBAAiB,EAAE,CAAA;IAC1C,IAAI,EAAE,cAAc,CAAA;CACrB;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,oBAAoB,GAAG,aAAa,CAmD/E"}
|
|
1
|
+
{"version":3,"file":"a2a.d.ts","sourceRoot":"","sources":["../../../src/adapters/a2a.ts"],"names":[],"mappings":"AACA;;;;;;GAMG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,oBAAoB,EAAoB,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAEnD,MAAM,WAAW,aAAa;IAC5B,qDAAqD;IACrD,YAAY,EAAE,CAAC,IAAI,EAAE,YAAY,KAAK,MAAM,EAAE,CAAA;IAC9C,8BAA8B;IAC9B,cAAc,EAAE,CACd,UAAU,EAAE,YAAY,EACxB,eAAe,EAAE,MAAM,EACvB,OAAO,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,KAC5B,OAAO,CAAC;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,iBAAiB,CAAC;QAAC,UAAU,EAAE,gBAAgB,CAAA;KAAE,CAAC,CAAA;IAC3F,8BAA8B;IAC9B,iBAAiB,EAAE,CACjB,SAAS,EAAE,MAAM,EACjB,eAAe,EAAE,MAAM,EACvB,OAAO,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,KAC5B,OAAO,CAAC;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,iBAAiB,CAAC;QAAC,UAAU,EAAE,gBAAgB,CAAA;KAAE,CAAC,CAAA;IAC3F,eAAe,EAAE,MAAM,iBAAiB,EAAE,CAAA;IAC1C,IAAI,EAAE,cAAc,CAAA;CACrB;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,oBAAoB,GAAG,aAAa,CAmD/E;AAQD,OAAO,KAAK,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAEtE,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,QAAQ,CAAC,EAAE;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACjD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE;QACb,SAAS,CAAC,EAAE,OAAO,CAAA;QACnB,iBAAiB,CAAC,EAAE,OAAO,CAAA;QAC3B,sBAAsB,CAAC,EAAE,OAAO,CAAA;KACjC,CAAA;IACD,MAAM,CAAC,EAAE,KAAK,CAAC;QACb,EAAE,EAAE,MAAM,CAAA;QACV,IAAI,EAAE,MAAM,CAAA;QACZ,WAAW,CAAC,EAAE,MAAM,CAAA;QACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;QACrB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;KACvB,CAAC,CAAA;IACF,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACzC,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAA;IACpB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC5B,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC7B,UAAU,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,OAAO,CAAC;QAAC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAA;CAC3D;AAED,6CAA6C;AAC7C,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,cAAc,EACxB,IAAI,CAAC,EAAE;IACL,UAAU,CAAC,EAAE,UAAU,CAAA;IACvB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,MAAM,CAAC,EAAE,cAAc,CAAC,QAAQ,CAAC,CAAA;IACjC,YAAY,CAAC,EAAE,cAAc,CAAC,cAAc,CAAC,CAAA;CAC9C,GACA,cAAc,CAgChB;AAED,sDAAsD;AACtD,wBAAgB,qBAAqB,CACnC,IAAI,EAAE,cAAc,GACnB;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAAE,CAaxD;AAED,iDAAiD;AACjD,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,cAAc,EACpB,QAAQ,EAAE,cAAc,GACvB;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CAiBtC;AAED,+CAA+C;AAC/C,wBAAgB,gBAAgB,CAC9B,MAAM,CAAC,EAAE,cAAc,CAAC,QAAQ,CAAC,GAChC,MAAM,EAAE,CAGV;AAED,sDAAsD;AACtD,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,cAAc,EACpB,QAAQ,EAAE,cAAc,EACxB,aAAa,CAAC,EAAE,MAAM,GACrB,cAAc,CAahB"}
|
package/dist/src/adapters/a2a.js
CHANGED
|
@@ -50,4 +50,92 @@ export function createA2AGovernance(config) {
|
|
|
50
50
|
hook,
|
|
51
51
|
};
|
|
52
52
|
}
|
|
53
|
+
// ══════════════════════════════════════
|
|
54
|
+
// v2: Direct passport ↔ Agent Card bridge (IBAC pattern)
|
|
55
|
+
// ══════════════════════════════════════
|
|
56
|
+
import { verifyPassport } from '../verification/verify.js';
|
|
57
|
+
/** Convert APS passport to A2A Agent Card */
|
|
58
|
+
export function passportToA2ACard(passport, opts) {
|
|
59
|
+
const p = passport.passport;
|
|
60
|
+
const card = {
|
|
61
|
+
name: p.agentName || p.agentId,
|
|
62
|
+
description: p.mission,
|
|
63
|
+
url: opts?.url,
|
|
64
|
+
version: '1.0',
|
|
65
|
+
capabilities: opts?.capabilities || {},
|
|
66
|
+
securitySchemes: {
|
|
67
|
+
aps_ed25519: {
|
|
68
|
+
type: 'ed25519',
|
|
69
|
+
publicKey: p.publicKey,
|
|
70
|
+
agentId: p.agentId,
|
|
71
|
+
},
|
|
72
|
+
},
|
|
73
|
+
};
|
|
74
|
+
// Map delegation scope to skills
|
|
75
|
+
if (opts?.skills) {
|
|
76
|
+
card.skills = opts.skills;
|
|
77
|
+
}
|
|
78
|
+
else if (opts?.delegation) {
|
|
79
|
+
card.skills = opts.delegation.scope.map(s => ({
|
|
80
|
+
id: s,
|
|
81
|
+
name: s.replace(/:/g, ' ').replace(/\b\w/g, c => c.toUpperCase()),
|
|
82
|
+
}));
|
|
83
|
+
}
|
|
84
|
+
if (p.ownerAlias) {
|
|
85
|
+
card.provider = { organization: p.ownerAlias };
|
|
86
|
+
}
|
|
87
|
+
return card;
|
|
88
|
+
}
|
|
89
|
+
/** Convert A2A Agent Card to APS passport metadata */
|
|
90
|
+
export function a2aCardToPassportMeta(card) {
|
|
91
|
+
return {
|
|
92
|
+
agentId: card.name.toLowerCase().replace(/[^a-z0-9-]/g, '-'),
|
|
93
|
+
metadata: {
|
|
94
|
+
a2a_name: card.name,
|
|
95
|
+
a2a_description: card.description,
|
|
96
|
+
a2a_url: card.url,
|
|
97
|
+
a2a_provider: card.provider,
|
|
98
|
+
a2a_version: card.version,
|
|
99
|
+
a2a_capabilities: card.capabilities,
|
|
100
|
+
a2a_skill_count: card.skills?.length || 0,
|
|
101
|
+
},
|
|
102
|
+
};
|
|
103
|
+
}
|
|
104
|
+
/** Verify an A2A agent has valid APS identity */
|
|
105
|
+
export function verifyA2AIdentity(card, passport) {
|
|
106
|
+
const errors = [];
|
|
107
|
+
const pc = verifyPassport(passport);
|
|
108
|
+
if (!pc.valid)
|
|
109
|
+
errors.push(...pc.errors);
|
|
110
|
+
const p = passport.passport;
|
|
111
|
+
if (card.name !== p.agentName && card.name !== p.agentId) {
|
|
112
|
+
errors.push(`Card name "${card.name}" does not match passport agentName "${p.agentName}" or agentId "${p.agentId}"`);
|
|
113
|
+
}
|
|
114
|
+
const schemePubKey = card.securitySchemes?.aps_ed25519?.publicKey;
|
|
115
|
+
if (schemePubKey && schemePubKey !== p.publicKey) {
|
|
116
|
+
errors.push('Card security scheme publicKey does not match passport publicKey');
|
|
117
|
+
}
|
|
118
|
+
return { valid: errors.length === 0, errors };
|
|
119
|
+
}
|
|
120
|
+
/** Extract delegation scope from A2A skills */
|
|
121
|
+
export function a2aSkillsToScope(skills) {
|
|
122
|
+
if (!skills || skills.length === 0)
|
|
123
|
+
return [];
|
|
124
|
+
return skills.map(s => `a2a:${s.id}`);
|
|
125
|
+
}
|
|
126
|
+
/** Embed APS trust signal in Agent Card extensions */
|
|
127
|
+
export function embedA2ATrustSignal(card, passport, trustEndpoint) {
|
|
128
|
+
return {
|
|
129
|
+
...card,
|
|
130
|
+
extensions: {
|
|
131
|
+
...card.extensions,
|
|
132
|
+
aps_trust: {
|
|
133
|
+
agentId: passport.passport.agentId,
|
|
134
|
+
publicKey: passport.passport.publicKey,
|
|
135
|
+
trustEndpoint: trustEndpoint || `https://gateway.aeoess.com/api/v1/public/trust/${passport.passport.agentId}`,
|
|
136
|
+
protocol: 'agent-passport-system',
|
|
137
|
+
},
|
|
138
|
+
},
|
|
139
|
+
};
|
|
140
|
+
}
|
|
53
141
|
//# sourceMappingURL=a2a.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"a2a.js","sourceRoot":"","sources":["../../../src/adapters/a2a.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E;;;;;;GAMG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAuBrD,MAAM,UAAU,mBAAmB,CAAC,MAA4B;IAC9D,MAAM,IAAI,GAAG,IAAI,cAAc,CAAC,MAAM,CAAC,CAAA;IAEvC,MAAM,YAAY,GAAG,CAAC,IAAkB,EAAY,EAAE;QACpD,MAAM,MAAM,GAAa,EAAE,CAAA;QAC3B,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChC,MAAM,CAAC,IAAI,CAAC,aAAa,KAAK,CAAC,EAAE,EAAE,CAAC,CAAA;YACtC,CAAC;QACH,CAAC;QACD,IAAI,IAAI,CAAC,YAAY,EAAE,SAAS;YAAE,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QAC9D,IAAI,IAAI,CAAC,YAAY,EAAE,iBAAiB;YAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACjE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;QACxD,OAAO,MAAM,CAAA;IACf,CAAC,CAAA;IAED,MAAM,cAAc,GAAG,KAAK,EAC1B,UAAwB,EACxB,eAAuB,EACvB,OAA+B,EAC/B,EAAE;QACF,MAAM,MAAM,GAAqB;YAC/B,IAAI,EAAE,eAAe;YACrB,MAAM,EAAE,UAAU,CAAC,GAAG;YACtB,aAAa,EAAE,kBAAkB;YACjC,QAAQ,EAAE,EAAE,UAAU,EAAE,UAAU,CAAC,IAAI,EAAE,IAAI,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SAC/E,CAAA;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC,CAAA;IAED,MAAM,iBAAiB,GAAG,KAAK,EAC7B,SAAiB,EACjB,eAAuB,EACvB,OAA+B,EAC/B,EAAE;QACF,MAAM,MAAM,GAAqB;YAC/B,IAAI,EAAE,kBAAkB;YACxB,MAAM,EAAE,SAAS;YACjB,aAAa,EAAE,kBAAkB;YACjC,QAAQ,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SACrE,CAAA;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC,CAAA;IAED,OAAO;QACL,YAAY;QACZ,cAAc;QACd,iBAAiB;QACjB,eAAe,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE;QACzC,IAAI;KACL,CAAA;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"a2a.js","sourceRoot":"","sources":["../../../src/adapters/a2a.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E;;;;;;GAMG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAuBrD,MAAM,UAAU,mBAAmB,CAAC,MAA4B;IAC9D,MAAM,IAAI,GAAG,IAAI,cAAc,CAAC,MAAM,CAAC,CAAA;IAEvC,MAAM,YAAY,GAAG,CAAC,IAAkB,EAAY,EAAE;QACpD,MAAM,MAAM,GAAa,EAAE,CAAA;QAC3B,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChC,MAAM,CAAC,IAAI,CAAC,aAAa,KAAK,CAAC,EAAE,EAAE,CAAC,CAAA;YACtC,CAAC;QACH,CAAC;QACD,IAAI,IAAI,CAAC,YAAY,EAAE,SAAS;YAAE,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QAC9D,IAAI,IAAI,CAAC,YAAY,EAAE,iBAAiB;YAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACjE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;QACxD,OAAO,MAAM,CAAA;IACf,CAAC,CAAA;IAED,MAAM,cAAc,GAAG,KAAK,EAC1B,UAAwB,EACxB,eAAuB,EACvB,OAA+B,EAC/B,EAAE;QACF,MAAM,MAAM,GAAqB;YAC/B,IAAI,EAAE,eAAe;YACrB,MAAM,EAAE,UAAU,CAAC,GAAG;YACtB,aAAa,EAAE,kBAAkB;YACjC,QAAQ,EAAE,EAAE,UAAU,EAAE,UAAU,CAAC,IAAI,EAAE,IAAI,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SAC/E,CAAA;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC,CAAA;IAED,MAAM,iBAAiB,GAAG,KAAK,EAC7B,SAAiB,EACjB,eAAuB,EACvB,OAA+B,EAC/B,EAAE;QACF,MAAM,MAAM,GAAqB;YAC/B,IAAI,EAAE,kBAAkB;YACxB,MAAM,EAAE,SAAS;YACjB,aAAa,EAAE,kBAAkB;YACjC,QAAQ,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SACrE,CAAA;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC,CAAA;IAED,OAAO;QACL,YAAY;QACZ,cAAc;QACd,iBAAiB;QACjB,eAAe,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE;QACzC,IAAI;KACL,CAAA;AACH,CAAC;AAGD,yCAAyC;AACzC,yDAAyD;AACzD,yCAAyC;AAEzC,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AA4B1D,6CAA6C;AAC7C,MAAM,UAAU,iBAAiB,CAC/B,QAAwB,EACxB,IAKC;IAED,MAAM,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAA;IAC3B,MAAM,IAAI,GAAmB;QAC3B,IAAI,EAAE,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,OAAO;QAC9B,WAAW,EAAE,CAAC,CAAC,OAAO;QACtB,GAAG,EAAE,IAAI,EAAE,GAAG;QACd,OAAO,EAAE,KAAK;QACd,YAAY,EAAE,IAAI,EAAE,YAAY,IAAI,EAAE;QACtC,eAAe,EAAE;YACf,WAAW,EAAE;gBACX,IAAI,EAAE,SAAS;gBACf,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,OAAO,EAAE,CAAC,CAAC,OAAO;aACnB;SACF;KACF,CAAA;IAED,iCAAiC;IACjC,IAAI,IAAI,EAAE,MAAM,EAAE,CAAC;QACjB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAA;IAC3B,CAAC;SAAM,IAAI,IAAI,EAAE,UAAU,EAAE,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC5C,EAAE,EAAE,CAAC;YACL,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;SAClE,CAAC,CAAC,CAAA;IACL,CAAC;IAED,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;QACjB,IAAI,CAAC,QAAQ,GAAG,EAAE,YAAY,EAAE,CAAC,CAAC,UAAU,EAAE,CAAA;IAChD,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAED,sDAAsD;AACtD,MAAM,UAAU,qBAAqB,CACnC,IAAoB;IAEpB,OAAO;QACL,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC;QAC5D,QAAQ,EAAE;YACR,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,eAAe,EAAE,IAAI,CAAC,WAAW;YACjC,OAAO,EAAE,IAAI,CAAC,GAAG;YACjB,YAAY,EAAE,IAAI,CAAC,QAAQ;YAC3B,WAAW,EAAE,IAAI,CAAC,OAAO;YACzB,gBAAgB,EAAE,IAAI,CAAC,YAAY;YACnC,eAAe,EAAE,IAAI,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC;SAC1C;KACF,CAAA;AACH,CAAC;AAED,iDAAiD;AACjD,MAAM,UAAU,iBAAiB,CAC/B,IAAoB,EACpB,QAAwB;IAExB,MAAM,MAAM,GAAa,EAAE,CAAA;IAE3B,MAAM,EAAE,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAA;IACnC,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAA;IAExC,MAAM,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAA;IAC3B,IAAI,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,SAAS,IAAI,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;QACzD,MAAM,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,IAAI,wCAAwC,CAAC,CAAC,SAAS,iBAAiB,CAAC,CAAC,OAAO,GAAG,CAAC,CAAA;IACtH,CAAC;IAED,MAAM,YAAY,GAAI,IAAI,CAAC,eAAe,EAAE,WAAuC,EAAE,SAAS,CAAA;IAC9F,IAAI,YAAY,IAAI,YAAY,KAAK,CAAC,CAAC,SAAS,EAAE,CAAC;QACjD,MAAM,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAA;IACjF,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;AAC/C,CAAC;AAED,+CAA+C;AAC/C,MAAM,UAAU,gBAAgB,CAC9B,MAAiC;IAEjC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IAC7C,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;AACvC,CAAC;AAED,sDAAsD;AACtD,MAAM,UAAU,mBAAmB,CACjC,IAAoB,EACpB,QAAwB,EACxB,aAAsB;IAEtB,OAAO;QACL,GAAG,IAAI;QACP,UAAU,EAAE;YACV,GAAG,IAAI,CAAC,UAAU;YAClB,SAAS,EAAE;gBACT,OAAO,EAAE,QAAQ,CAAC,QAAQ,CAAC,OAAO;gBAClC,SAAS,EAAE,QAAQ,CAAC,QAAQ,CAAC,SAAS;gBACtC,aAAa,EAAE,aAAa,IAAI,kDAAkD,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE;gBAC7G,QAAQ,EAAE,uBAAuB;aAClC;SACF;KACF,CAAA;AACH,CAAC"}
|
|
@@ -40,4 +40,41 @@ export interface CrewAIGovernance {
|
|
|
40
40
|
* Maps CrewAI's task/tool lifecycle to APS governance.
|
|
41
41
|
*/
|
|
42
42
|
export declare function createCrewAIGovernance(config: GovernanceHookConfig): CrewAIGovernance;
|
|
43
|
+
import type { Delegation, ActionReceipt, SignedPassport } from '../types/passport.js';
|
|
44
|
+
export interface CrewTask {
|
|
45
|
+
description: string;
|
|
46
|
+
agent: string;
|
|
47
|
+
tools?: string[];
|
|
48
|
+
expected_output?: string;
|
|
49
|
+
}
|
|
50
|
+
export interface CrewGovernanceConfig {
|
|
51
|
+
passport: SignedPassport;
|
|
52
|
+
delegation: Delegation;
|
|
53
|
+
privateKey: string;
|
|
54
|
+
onReceipt?: (r: ActionReceipt) => void;
|
|
55
|
+
onDenied?: (info: {
|
|
56
|
+
task: string;
|
|
57
|
+
agent: string;
|
|
58
|
+
reason: string;
|
|
59
|
+
}) => void;
|
|
60
|
+
}
|
|
61
|
+
export interface GovernedTaskResult {
|
|
62
|
+
output: unknown;
|
|
63
|
+
receipt: ActionReceipt;
|
|
64
|
+
toolReceipts: ActionReceipt[];
|
|
65
|
+
}
|
|
66
|
+
/** Generate scopes needed for a CrewTask */
|
|
67
|
+
export declare function crewTaskToScopes(task: CrewTask): string[];
|
|
68
|
+
/** Verify crew member has authority for task */
|
|
69
|
+
export declare function verifyCrewMember(agentName: string, task: CrewTask, config: CrewGovernanceConfig): {
|
|
70
|
+
authorized: boolean;
|
|
71
|
+
reason: string;
|
|
72
|
+
scope: string;
|
|
73
|
+
};
|
|
74
|
+
/** Wrap task execution with governance */
|
|
75
|
+
export declare function governCrewTask(task: CrewTask, execute: (task: CrewTask) => Promise<unknown>, config: CrewGovernanceConfig): Promise<GovernedTaskResult | {
|
|
76
|
+
denied: true;
|
|
77
|
+
reason: string;
|
|
78
|
+
receipt: ActionReceipt;
|
|
79
|
+
}>;
|
|
43
80
|
//# sourceMappingURL=crewai.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crewai.d.ts","sourceRoot":"","sources":["../../../src/adapters/crewai.ts"],"names":[],"mappings":"AACA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,oBAAoB,EAAoB,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAEvH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;CACd;AAED,MAAM,WAAW,gBAAgB;IAC/B,kCAAkC;IAClC,YAAY,EAAE,CAAC,MAAM,EAAE,gBAAgB,KAAK,iBAAiB,CAAA;IAC7D,uCAAuC;IACvC,gBAAgB,EAAE,CAAC,CAAC,EAClB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,aAAa,CAAC,EAAE,MAAM,KACnB,OAAO,CAAC;QAAE,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC;QAAC,OAAO,EAAE,iBAAiB,CAAC;QAAC,UAAU,EAAE,gBAAgB,CAAA;KAAE,CAAC,CAAA;IAC5F,uBAAuB;IACvB,WAAW,EAAE,MAAM,iBAAiB,EAAE,CAAA;IACtC,8BAA8B;IAC9B,IAAI,EAAE,cAAc,CAAA;CACrB;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,oBAAoB,GAAG,gBAAgB,CAoCrF"}
|
|
1
|
+
{"version":3,"file":"crewai.d.ts","sourceRoot":"","sources":["../../../src/adapters/crewai.ts"],"names":[],"mappings":"AACA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,oBAAoB,EAAoB,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAEvH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;CACd;AAED,MAAM,WAAW,gBAAgB;IAC/B,kCAAkC;IAClC,YAAY,EAAE,CAAC,MAAM,EAAE,gBAAgB,KAAK,iBAAiB,CAAA;IAC7D,uCAAuC;IACvC,gBAAgB,EAAE,CAAC,CAAC,EAClB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,aAAa,CAAC,EAAE,MAAM,KACnB,OAAO,CAAC;QAAE,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC;QAAC,OAAO,EAAE,iBAAiB,CAAC;QAAC,UAAU,EAAE,gBAAgB,CAAA;KAAE,CAAC,CAAA;IAC5F,uBAAuB;IACvB,WAAW,EAAE,MAAM,iBAAiB,EAAE,CAAA;IACtC,8BAA8B;IAC9B,IAAI,EAAE,cAAc,CAAA;CACrB;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,oBAAoB,GAAG,gBAAgB,CAoCrF;AAWD,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAErF,MAAM,WAAW,QAAQ;IACvB,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,cAAc,CAAA;IACxB,UAAU,EAAE,UAAU,CAAA;IACtB,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,aAAa,KAAK,IAAI,CAAA;IACtC,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,KAAK,IAAI,CAAA;CAC3E;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,OAAO,CAAA;IACf,OAAO,EAAE,aAAa,CAAA;IACtB,YAAY,EAAE,aAAa,EAAE,CAAA;CAC9B;AAmBD,4CAA4C;AAC5C,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,QAAQ,GAAG,MAAM,EAAE,CAQzD;AAED,gDAAgD;AAChD,wBAAgB,gBAAgB,CAC9B,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,QAAQ,EACd,MAAM,EAAE,oBAAoB,GAC3B;IAAE,UAAU,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAiBxD;AAED,0CAA0C;AAC1C,wBAAsB,cAAc,CAClC,IAAI,EAAE,QAAQ,EACd,OAAO,EAAE,CAAC,IAAI,EAAE,QAAQ,KAAK,OAAO,CAAC,OAAO,CAAC,EAC7C,MAAM,EAAE,oBAAoB,GAC3B,OAAO,CAAC,kBAAkB,GAAG;IAAE,MAAM,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,aAAa,CAAA;CAAE,CAAC,CAyBxF"}
|
|
@@ -49,4 +49,79 @@ export function createCrewAIGovernance(config) {
|
|
|
49
49
|
hook,
|
|
50
50
|
};
|
|
51
51
|
}
|
|
52
|
+
// ══════════════════════════════════════
|
|
53
|
+
// v2: Direct receipt-builder governance (IBAC pattern)
|
|
54
|
+
// ══════════════════════════════════════
|
|
55
|
+
import { scopeAuthorizes, verifyDelegation } from '../core/delegation.js';
|
|
56
|
+
import { verifyPassport } from '../verification/verify.js';
|
|
57
|
+
import { sign } from '../crypto/keys.js';
|
|
58
|
+
import { canonicalize } from '../core/canonical.js';
|
|
59
|
+
function buildCrewReceipt(agentId, delegationId, privateKey, target, scope, status, summary) {
|
|
60
|
+
const data = {
|
|
61
|
+
receiptId: `rcpt_crew_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 6)}`,
|
|
62
|
+
version: '1.1',
|
|
63
|
+
timestamp: new Date().toISOString(),
|
|
64
|
+
agentId, delegationId,
|
|
65
|
+
action: { type: 'crew_task', target, scopeUsed: scope },
|
|
66
|
+
result: { status, summary },
|
|
67
|
+
delegationChain: [],
|
|
68
|
+
};
|
|
69
|
+
const sig = sign(canonicalize(data), privateKey);
|
|
70
|
+
return { ...data, signature: sig };
|
|
71
|
+
}
|
|
72
|
+
/** Generate scopes needed for a CrewTask */
|
|
73
|
+
export function crewTaskToScopes(task) {
|
|
74
|
+
const scopes = [`crew:execute:${task.agent}`];
|
|
75
|
+
if (task.tools) {
|
|
76
|
+
for (const tool of task.tools) {
|
|
77
|
+
scopes.push(`tools:${tool}`);
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
return scopes;
|
|
81
|
+
}
|
|
82
|
+
/** Verify crew member has authority for task */
|
|
83
|
+
export function verifyCrewMember(agentName, task, config) {
|
|
84
|
+
const scopes = crewTaskToScopes(task);
|
|
85
|
+
const mainScope = scopes[0];
|
|
86
|
+
const pc = verifyPassport(config.passport);
|
|
87
|
+
if (!pc.valid)
|
|
88
|
+
return { authorized: false, reason: `Passport invalid: ${pc.errors.join(', ')}`, scope: mainScope };
|
|
89
|
+
const dc = verifyDelegation(config.delegation);
|
|
90
|
+
if (!dc.valid)
|
|
91
|
+
return { authorized: false, reason: `Delegation invalid: ${dc.errors.join(', ')}`, scope: mainScope };
|
|
92
|
+
for (const scope of scopes) {
|
|
93
|
+
if (!scopeAuthorizes(config.delegation.scope, scope)) {
|
|
94
|
+
return { authorized: false, reason: `Scope "${scope}" not covered by delegation`, scope };
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
return { authorized: true, reason: `All ${scopes.length} scopes authorized`, scope: mainScope };
|
|
98
|
+
}
|
|
99
|
+
/** Wrap task execution with governance */
|
|
100
|
+
export async function governCrewTask(task, execute, config) {
|
|
101
|
+
const check = verifyCrewMember(task.agent, task, config);
|
|
102
|
+
const { passport, delegation, privateKey } = config;
|
|
103
|
+
if (!check.authorized) {
|
|
104
|
+
if (config.onDenied)
|
|
105
|
+
config.onDenied({ task: task.description, agent: task.agent, reason: check.reason });
|
|
106
|
+
const receipt = buildCrewReceipt(passport.passport.agentId, delegation.delegationId, privateKey, task.description, check.scope, 'failure', check.reason);
|
|
107
|
+
if (config.onReceipt)
|
|
108
|
+
config.onReceipt(receipt);
|
|
109
|
+
return { denied: true, reason: check.reason, receipt };
|
|
110
|
+
}
|
|
111
|
+
const output = await execute(task);
|
|
112
|
+
// Build tool-level receipts
|
|
113
|
+
const toolReceipts = (task.tools || []).map(tool => {
|
|
114
|
+
const scope = `tools:${tool}`;
|
|
115
|
+
return buildCrewReceipt(passport.passport.agentId, delegation.delegationId, privateKey, tool, scope, 'success', `Tool ${tool} used during task`);
|
|
116
|
+
});
|
|
117
|
+
const mainScope = crewTaskToScopes(task).join(', ');
|
|
118
|
+
const receipt = buildCrewReceipt(passport.passport.agentId, delegation.delegationId, privateKey, task.description, mainScope, 'success', `Task completed with ${(task.tools || []).length} tools`);
|
|
119
|
+
if (config.onReceipt)
|
|
120
|
+
config.onReceipt(receipt);
|
|
121
|
+
for (const tr of toolReceipts) {
|
|
122
|
+
if (config.onReceipt)
|
|
123
|
+
config.onReceipt(tr);
|
|
124
|
+
}
|
|
125
|
+
return { output, receipt, toolReceipts };
|
|
126
|
+
}
|
|
52
127
|
//# sourceMappingURL=crewai.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crewai.js","sourceRoot":"","sources":["../../../src/adapters/crewai.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAyBrD;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAA4B;IACjE,MAAM,IAAI,GAAG,IAAI,cAAc,CAAC,MAAM,CAAC,CAAA;IAEvC,MAAM,YAAY,GAAG,CAAC,MAAwB,EAAqB,EAAE;QACnE,MAAM,MAAM,GAAqB;YAC/B,IAAI,EAAE,sBAAsB;YAC5B,MAAM,EAAE,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;YACxC,aAAa,EAAE,cAAc;YAC7B,QAAQ,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;SACtE,CAAA;QACD,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;QAC5C,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAA;IAClF,CAAC,CAAA;IAED,MAAM,gBAAgB,GAAG,KAAK,EAC5B,QAAgB,EAChB,MAA+B,EAC/B,OAAyB,EACzB,aAAsB,EACtB,EAAE;QACF,MAAM,MAAM,GAAqB;YAC/B,IAAI,EAAE,eAAe,QAAQ,EAAE;YAC/B,MAAM,EAAE,QAAQ;YAChB,aAAa,EAAE,QAAQ,QAAQ,EAAE;YACjC,QAAQ,EAAE,MAAM;YAChB,aAAa;SACd,CAAA;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC,CAAA;IAED,OAAO;QACL,YAAY;QACZ,gBAAgB;QAChB,WAAW,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE;QACrC,IAAI;KACL,CAAA;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"crewai.js","sourceRoot":"","sources":["../../../src/adapters/crewai.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAyBrD;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAA4B;IACjE,MAAM,IAAI,GAAG,IAAI,cAAc,CAAC,MAAM,CAAC,CAAA;IAEvC,MAAM,YAAY,GAAG,CAAC,MAAwB,EAAqB,EAAE;QACnE,MAAM,MAAM,GAAqB;YAC/B,IAAI,EAAE,sBAAsB;YAC5B,MAAM,EAAE,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;YACxC,aAAa,EAAE,cAAc;YAC7B,QAAQ,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;SACtE,CAAA;QACD,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;QAC5C,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAA;IAClF,CAAC,CAAA;IAED,MAAM,gBAAgB,GAAG,KAAK,EAC5B,QAAgB,EAChB,MAA+B,EAC/B,OAAyB,EACzB,aAAsB,EACtB,EAAE;QACF,MAAM,MAAM,GAAqB;YAC/B,IAAI,EAAE,eAAe,QAAQ,EAAE;YAC/B,MAAM,EAAE,QAAQ;YAChB,aAAa,EAAE,QAAQ,QAAQ,EAAE;YACjC,QAAQ,EAAE,MAAM;YAChB,aAAa;SACd,CAAA;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC,CAAA;IAED,OAAO;QACL,YAAY;QACZ,gBAAgB;QAChB,WAAW,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE;QACrC,IAAI;KACL,CAAA;AACH,CAAC;AAGD,yCAAyC;AACzC,uDAAuD;AACvD,yCAAyC;AAEzC,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AACzE,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAA;AAwBnD,SAAS,gBAAgB,CACvB,OAAe,EAAE,YAAoB,EAAE,UAAkB,EACzD,MAAc,EAAE,KAAa,EAAE,MAA6B,EAAE,OAAe;IAE7E,MAAM,IAAI,GAAqC;QAC7C,SAAS,EAAE,aAAa,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;QAC3F,OAAO,EAAE,KAAK;QACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,YAAY;QACrB,MAAM,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE;QACvD,MAAM,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE;QAC3B,eAAe,EAAE,EAAE;KACpB,CAAA;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC,CAAA;IAChD,OAAO,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,GAAG,EAAmB,CAAA;AACrD,CAAC;AAED,4CAA4C;AAC5C,MAAM,UAAU,gBAAgB,CAAC,IAAc;IAC7C,MAAM,MAAM,GAAG,CAAC,gBAAgB,IAAI,CAAC,KAAK,EAAE,CAAC,CAAA;IAC7C,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC,CAAA;QAC9B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,gDAAgD;AAChD,MAAM,UAAU,gBAAgB,CAC9B,SAAiB,EACjB,IAAc,EACd,MAA4B;IAE5B,MAAM,MAAM,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAA;IACrC,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,CAAA;IAE3B,MAAM,EAAE,GAAG,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;IAC1C,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAA;IAElH,MAAM,EAAE,GAAG,gBAAgB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAA;IAC9C,IAAI,CAAC,EAAE,CAAC,KAAK;QAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAA;IAEpH,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,CAAC;YACrD,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,KAAK,6BAA6B,EAAE,KAAK,EAAE,CAAA;QAC3F,CAAC;IACH,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,MAAM,CAAC,MAAM,oBAAoB,EAAE,KAAK,EAAE,SAAS,EAAE,CAAA;AACjG,CAAC;AAED,0CAA0C;AAC1C,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAc,EACd,OAA6C,EAC7C,MAA4B;IAE5B,MAAM,KAAK,GAAG,gBAAgB,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,CAAA;IACxD,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,MAAM,CAAA;IAEnD,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;QACtB,IAAI,MAAM,CAAC,QAAQ;YAAE,MAAM,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAA;QACzG,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,CAAC,CAAA;QACxJ,IAAI,MAAM,CAAC,SAAS;YAAE,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;QAC/C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,CAAA;IACxD,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IAElC,4BAA4B;IAC5B,MAAM,YAAY,GAAoB,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;QAClE,MAAM,KAAK,GAAG,SAAS,IAAI,EAAE,CAAA;QAC7B,OAAO,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,IAAI,mBAAmB,CAAC,CAAA;IAClJ,CAAC,CAAC,CAAA;IAEF,MAAM,SAAS,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACnD,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,SAAS,EAAE,uBAAuB,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,MAAM,QAAQ,CAAC,CAAA;IAClM,IAAI,MAAM,CAAC,SAAS;QAAE,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;IAC/C,KAAK,MAAM,EAAE,IAAI,YAAY,EAAE,CAAC;QAAC,IAAI,MAAM,CAAC,SAAS;YAAE,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IAAC,CAAC;IAE7E,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,CAAA;AAC1C,CAAC"}
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Gonka Adapter — Governance layer for decentralized GPU inference networks
|
|
3
|
+
*
|
|
4
|
+
* Replaces Gonka's primitive allowlist.csv + manual governance votes with
|
|
5
|
+
* APS delegation chains: automatic expiry, monotonic narrowing, cascade
|
|
6
|
+
* revocation, signed receipts for off-chain devshard settlement.
|
|
7
|
+
*
|
|
8
|
+
* No Gonka SDK dependency. All types are local interfaces.
|
|
9
|
+
*/
|
|
10
|
+
import type { Delegation, ActionReceipt, SignedPassport } from '../types/passport.js';
|
|
11
|
+
export interface GonkaInferenceRequest {
|
|
12
|
+
model: string;
|
|
13
|
+
prompt: string;
|
|
14
|
+
maxTokens?: number;
|
|
15
|
+
hostAddress?: string;
|
|
16
|
+
epochId?: number;
|
|
17
|
+
devshardId?: string;
|
|
18
|
+
}
|
|
19
|
+
export interface GonkaHostConfig {
|
|
20
|
+
passport: SignedPassport;
|
|
21
|
+
delegation: Delegation;
|
|
22
|
+
privateKey: string;
|
|
23
|
+
allowedModels?: string[];
|
|
24
|
+
maxInferencesPerEpoch?: number;
|
|
25
|
+
onReceipt?: (r: ActionReceipt) => void;
|
|
26
|
+
onDenied?: (info: {
|
|
27
|
+
host: string;
|
|
28
|
+
reason: string;
|
|
29
|
+
}) => void;
|
|
30
|
+
}
|
|
31
|
+
export interface GonkaInferenceReceipt {
|
|
32
|
+
receipt: ActionReceipt;
|
|
33
|
+
model: string;
|
|
34
|
+
epochId?: number;
|
|
35
|
+
devshardId?: string;
|
|
36
|
+
inferenceHash: string;
|
|
37
|
+
}
|
|
38
|
+
export interface GonkaHostVerification {
|
|
39
|
+
authorized: boolean;
|
|
40
|
+
reason: string;
|
|
41
|
+
scope: string;
|
|
42
|
+
hostAddress: string;
|
|
43
|
+
model: string;
|
|
44
|
+
}
|
|
45
|
+
/** Verify a host has authority to serve inference for a model */
|
|
46
|
+
export declare function verifyGonkaHost(hostAddress: string, model: string, config: GonkaHostConfig): GonkaHostVerification;
|
|
47
|
+
/** Govern an inference request -- check delegation, model, rate limits */
|
|
48
|
+
export declare function governGonkaInference(request: GonkaInferenceRequest, execute: (req: GonkaInferenceRequest) => Promise<{
|
|
49
|
+
response: string;
|
|
50
|
+
tokensUsed: number;
|
|
51
|
+
}>, config: GonkaHostConfig): Promise<{
|
|
52
|
+
result: {
|
|
53
|
+
response: string;
|
|
54
|
+
tokensUsed: number;
|
|
55
|
+
};
|
|
56
|
+
receipt: GonkaInferenceReceipt;
|
|
57
|
+
} | {
|
|
58
|
+
denied: true;
|
|
59
|
+
reason: string;
|
|
60
|
+
receipt: ActionReceipt;
|
|
61
|
+
}>;
|
|
62
|
+
/** Create a devshard session receipt (off-chain proof for settlement) */
|
|
63
|
+
export declare function createDevshardReceipt(devshardId: string, inferenceCount: number, totalTokens: number, participants: string[], config: Pick<GonkaHostConfig, 'passport' | 'delegation' | 'privateKey'>): ActionReceipt;
|
|
64
|
+
/** Convert APS delegation to Gonka-compatible allowlist entry */
|
|
65
|
+
export declare function delegationToAllowlistEntry(delegation: Delegation, passport: SignedPassport): {
|
|
66
|
+
address: string;
|
|
67
|
+
model: string;
|
|
68
|
+
scope: string[];
|
|
69
|
+
expiresAtBlock?: number;
|
|
70
|
+
};
|
|
71
|
+
/** Convert Gonka epoch timing to APS delegation expiry */
|
|
72
|
+
export declare function epochToDelegationExpiry(currentEpoch: number, epochDurationBlocks: number, epochsValid: number): Date;
|
|
73
|
+
/** Validate PoC (Proof-of-Compute) participation receipt */
|
|
74
|
+
export declare function verifyPoCParticipation(hostAddress: string, epochId: number, weight: number, config: Pick<GonkaHostConfig, 'passport' | 'privateKey'>): ActionReceipt;
|
|
75
|
+
//# sourceMappingURL=gonka.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"gonka.d.ts","sourceRoot":"","sources":["../../../src/adapters/gonka.ts"],"names":[],"mappings":"AACA;;;;;;;;GAQG;AAOH,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAIrF,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,cAAc,CAAA;IACxB,UAAU,EAAE,UAAU,CAAA;IACtB,UAAU,EAAE,MAAM,CAAA;IAClB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,SAAS,CAAC,EAAE,CAAC,CAAC,EAAE,aAAa,KAAK,IAAI,CAAA;IACtC,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,KAAK,IAAI,CAAA;CAC5D;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,aAAa,CAAA;IACtB,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,aAAa,EAAE,MAAM,CAAA;CACtB;AAED,MAAM,WAAW,qBAAqB;IACpC,UAAU,EAAE,OAAO,CAAA;IACnB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;IACb,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,EAAE,MAAM,CAAA;CACd;AAkCD,iEAAiE;AACjE,wBAAgB,eAAe,CAC7B,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,eAAe,GACtB,qBAAqB,CAsBvB;AAED,0EAA0E;AAC1E,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,qBAAqB,EAC9B,OAAO,EAAE,CAAC,GAAG,EAAE,qBAAqB,KAAK,OAAO,CAAC;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAAC,EAC1F,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC;IAAE,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAAC,OAAO,EAAE,qBAAqB,CAAA;CAAE,GAAG;IAAE,MAAM,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,aAAa,CAAA;CAAE,CAAC,CA4C1J;AAED,yEAAyE;AACzE,wBAAgB,qBAAqB,CACnC,UAAU,EAAE,MAAM,EAClB,cAAc,EAAE,MAAM,EACtB,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EAAE,EACtB,MAAM,EAAE,IAAI,CAAC,eAAe,EAAE,UAAU,GAAG,YAAY,GAAG,YAAY,CAAC,GACtE,aAAa,CAoBf;AAED,iEAAiE;AACjE,wBAAgB,0BAA0B,CACxC,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,cAAc,GACvB;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,EAAE,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,CAAA;CAAE,CAW9E;AAED,0DAA0D;AAC1D,wBAAgB,uBAAuB,CACrC,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,MAAM,EAC3B,WAAW,EAAE,MAAM,GAClB,IAAI,CAKN;AAED,4DAA4D;AAC5D,wBAAgB,sBAAsB,CACpC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,IAAI,CAAC,eAAe,EAAE,UAAU,GAAG,YAAY,CAAC,GACvD,aAAa,CAoBf"}
|
|
@@ -0,0 +1,162 @@
|
|
|
1
|
+
// Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
|
|
2
|
+
/**
|
|
3
|
+
* Gonka Adapter — Governance layer for decentralized GPU inference networks
|
|
4
|
+
*
|
|
5
|
+
* Replaces Gonka's primitive allowlist.csv + manual governance votes with
|
|
6
|
+
* APS delegation chains: automatic expiry, monotonic narrowing, cascade
|
|
7
|
+
* revocation, signed receipts for off-chain devshard settlement.
|
|
8
|
+
*
|
|
9
|
+
* No Gonka SDK dependency. All types are local interfaces.
|
|
10
|
+
*/
|
|
11
|
+
import { createHash } from 'node:crypto';
|
|
12
|
+
import { scopeAuthorizes, verifyDelegation } from '../core/delegation.js';
|
|
13
|
+
import { verifyPassport } from '../verification/verify.js';
|
|
14
|
+
import { sign } from '../crypto/keys.js';
|
|
15
|
+
import { canonicalize } from '../core/canonical.js';
|
|
16
|
+
// ── Helpers ──
|
|
17
|
+
function sha256(data) {
|
|
18
|
+
return createHash('sha256').update(data).digest('hex');
|
|
19
|
+
}
|
|
20
|
+
function buildReceipt(agentId, delegationId, privateKey, target, scope, status, summary) {
|
|
21
|
+
const data = {
|
|
22
|
+
receiptId: `rcpt_gonka_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 6)}`,
|
|
23
|
+
version: '1.1',
|
|
24
|
+
timestamp: new Date().toISOString(),
|
|
25
|
+
agentId, delegationId,
|
|
26
|
+
action: { type: 'gonka_inference', target, scopeUsed: scope },
|
|
27
|
+
result: { status, summary },
|
|
28
|
+
delegationChain: [],
|
|
29
|
+
};
|
|
30
|
+
const sig = sign(canonicalize(data), privateKey);
|
|
31
|
+
return { ...data, signature: sig };
|
|
32
|
+
}
|
|
33
|
+
// Track inferences per epoch for rate limiting
|
|
34
|
+
const epochCounters = new Map();
|
|
35
|
+
function getEpochKey(agentId, epochId) {
|
|
36
|
+
return `${agentId}:${epochId ?? 'default'}`;
|
|
37
|
+
}
|
|
38
|
+
// ── Core functions ──
|
|
39
|
+
/** Verify a host has authority to serve inference for a model */
|
|
40
|
+
export function verifyGonkaHost(hostAddress, model, config) {
|
|
41
|
+
const scope = `inference:serve:${model}`;
|
|
42
|
+
const pc = verifyPassport(config.passport);
|
|
43
|
+
if (!pc.valid) {
|
|
44
|
+
return { authorized: false, reason: `Passport invalid: ${pc.errors.join(', ')}`, scope, hostAddress, model };
|
|
45
|
+
}
|
|
46
|
+
const dc = verifyDelegation(config.delegation);
|
|
47
|
+
if (!dc.valid) {
|
|
48
|
+
return { authorized: false, reason: `Delegation invalid: ${dc.errors.join(', ')}`, scope, hostAddress, model };
|
|
49
|
+
}
|
|
50
|
+
if (config.allowedModels && config.allowedModels.length > 0 && !config.allowedModels.includes(model)) {
|
|
51
|
+
return { authorized: false, reason: `Model "${model}" not in allowed models`, scope, hostAddress, model };
|
|
52
|
+
}
|
|
53
|
+
if (!scopeAuthorizes(config.delegation.scope, scope)) {
|
|
54
|
+
return { authorized: false, reason: `Scope "${scope}" not covered by delegation [${config.delegation.scope.join(', ')}]`, scope, hostAddress, model };
|
|
55
|
+
}
|
|
56
|
+
return { authorized: true, reason: `Host authorized to serve ${model}`, scope, hostAddress, model };
|
|
57
|
+
}
|
|
58
|
+
/** Govern an inference request -- check delegation, model, rate limits */
|
|
59
|
+
export async function governGonkaInference(request, execute, config) {
|
|
60
|
+
const host = request.hostAddress || config.passport.passport.agentId;
|
|
61
|
+
const scope = `inference:serve:${request.model}`;
|
|
62
|
+
// Verify host
|
|
63
|
+
const check = verifyGonkaHost(host, request.model, config);
|
|
64
|
+
if (!check.authorized) {
|
|
65
|
+
if (config.onDenied)
|
|
66
|
+
config.onDenied({ host, reason: check.reason });
|
|
67
|
+
const receipt = buildReceipt(config.passport.passport.agentId, config.delegation.delegationId, config.privateKey, request.model, scope, 'failure', check.reason);
|
|
68
|
+
if (config.onReceipt)
|
|
69
|
+
config.onReceipt(receipt);
|
|
70
|
+
return { denied: true, reason: check.reason, receipt };
|
|
71
|
+
}
|
|
72
|
+
// Rate limit check
|
|
73
|
+
if (config.maxInferencesPerEpoch != null) {
|
|
74
|
+
const key = getEpochKey(config.passport.passport.agentId, request.epochId);
|
|
75
|
+
const count = epochCounters.get(key) || 0;
|
|
76
|
+
if (count >= config.maxInferencesPerEpoch) {
|
|
77
|
+
const reason = `Rate limit exceeded: ${count}/${config.maxInferencesPerEpoch} inferences this epoch`;
|
|
78
|
+
if (config.onDenied)
|
|
79
|
+
config.onDenied({ host, reason });
|
|
80
|
+
const receipt = buildReceipt(config.passport.passport.agentId, config.delegation.delegationId, config.privateKey, request.model, scope, 'failure', reason);
|
|
81
|
+
if (config.onReceipt)
|
|
82
|
+
config.onReceipt(receipt);
|
|
83
|
+
return { denied: true, reason, receipt };
|
|
84
|
+
}
|
|
85
|
+
epochCounters.set(key, count + 1);
|
|
86
|
+
}
|
|
87
|
+
// Execute
|
|
88
|
+
const result = await execute(request);
|
|
89
|
+
// Compute inference hash for devshard verification
|
|
90
|
+
const inferenceHash = sha256(canonicalize({ prompt: request.prompt, response: result.response }));
|
|
91
|
+
const receipt = buildReceipt(config.passport.passport.agentId, config.delegation.delegationId, config.privateKey, request.model, scope, 'success', `Inference completed: ${result.tokensUsed} tokens, hash: ${inferenceHash.slice(0, 16)}`);
|
|
92
|
+
if (config.onReceipt)
|
|
93
|
+
config.onReceipt(receipt);
|
|
94
|
+
return {
|
|
95
|
+
result,
|
|
96
|
+
receipt: { receipt, model: request.model, epochId: request.epochId, devshardId: request.devshardId, inferenceHash },
|
|
97
|
+
};
|
|
98
|
+
}
|
|
99
|
+
/** Create a devshard session receipt (off-chain proof for settlement) */
|
|
100
|
+
export function createDevshardReceipt(devshardId, inferenceCount, totalTokens, participants, config) {
|
|
101
|
+
const data = {
|
|
102
|
+
receiptId: `rcpt_devshard_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 6)}`,
|
|
103
|
+
version: '1.1',
|
|
104
|
+
timestamp: new Date().toISOString(),
|
|
105
|
+
agentId: config.passport.passport.agentId,
|
|
106
|
+
delegationId: config.delegation.delegationId,
|
|
107
|
+
action: {
|
|
108
|
+
type: 'devshard_session',
|
|
109
|
+
target: devshardId,
|
|
110
|
+
scopeUsed: 'devshard:participate',
|
|
111
|
+
},
|
|
112
|
+
result: {
|
|
113
|
+
status: 'success',
|
|
114
|
+
summary: `Devshard ${devshardId}: ${inferenceCount} inferences, ${totalTokens} tokens, ${participants.length} participants`,
|
|
115
|
+
},
|
|
116
|
+
delegationChain: participants,
|
|
117
|
+
};
|
|
118
|
+
const sig = sign(canonicalize(data), config.privateKey);
|
|
119
|
+
return { ...data, signature: sig };
|
|
120
|
+
}
|
|
121
|
+
/** Convert APS delegation to Gonka-compatible allowlist entry */
|
|
122
|
+
export function delegationToAllowlistEntry(delegation, passport) {
|
|
123
|
+
const models = delegation.scope
|
|
124
|
+
.filter(s => s.startsWith('inference:serve:'))
|
|
125
|
+
.map(s => s.replace('inference:serve:', ''));
|
|
126
|
+
return {
|
|
127
|
+
address: passport.passport.agentId,
|
|
128
|
+
model: models[0] || '*',
|
|
129
|
+
scope: delegation.scope,
|
|
130
|
+
expiresAtBlock: undefined,
|
|
131
|
+
};
|
|
132
|
+
}
|
|
133
|
+
/** Convert Gonka epoch timing to APS delegation expiry */
|
|
134
|
+
export function epochToDelegationExpiry(currentEpoch, epochDurationBlocks, epochsValid) {
|
|
135
|
+
// Assume ~6 second block time (Cosmos SDK default)
|
|
136
|
+
const blocksRemaining = epochDurationBlocks * epochsValid;
|
|
137
|
+
const secondsRemaining = blocksRemaining * 6;
|
|
138
|
+
return new Date(Date.now() + secondsRemaining * 1000);
|
|
139
|
+
}
|
|
140
|
+
/** Validate PoC (Proof-of-Compute) participation receipt */
|
|
141
|
+
export function verifyPoCParticipation(hostAddress, epochId, weight, config) {
|
|
142
|
+
const data = {
|
|
143
|
+
receiptId: `rcpt_poc_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 6)}`,
|
|
144
|
+
version: '1.1',
|
|
145
|
+
timestamp: new Date().toISOString(),
|
|
146
|
+
agentId: config.passport.passport.agentId,
|
|
147
|
+
delegationId: 'poc_validation',
|
|
148
|
+
action: {
|
|
149
|
+
type: 'poc_participation',
|
|
150
|
+
target: hostAddress,
|
|
151
|
+
scopeUsed: 'inference:validate',
|
|
152
|
+
},
|
|
153
|
+
result: {
|
|
154
|
+
status: 'success',
|
|
155
|
+
summary: `PoC validation: host ${hostAddress}, epoch ${epochId}, weight ${weight}`,
|
|
156
|
+
},
|
|
157
|
+
delegationChain: [],
|
|
158
|
+
};
|
|
159
|
+
const sig = sign(canonicalize(data), config.privateKey);
|
|
160
|
+
return { ...data, signature: sig };
|
|
161
|
+
}
|
|
162
|
+
//# sourceMappingURL=gonka.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"gonka.js","sourceRoot":"","sources":["../../../src/adapters/gonka.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E;;;;;;;;GAQG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AACzE,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAA;AAwCnD,gBAAgB;AAEhB,SAAS,MAAM,CAAC,IAAY;IAC1B,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACxD,CAAC;AAED,SAAS,YAAY,CACnB,OAAe,EAAE,YAAoB,EAAE,UAAkB,EACzD,MAAc,EAAE,KAAa,EAAE,MAA6B,EAAE,OAAe;IAE7E,MAAM,IAAI,GAAqC;QAC7C,SAAS,EAAE,cAAc,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;QAC5F,OAAO,EAAE,KAAK;QACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,YAAY;QACrB,MAAM,EAAE,EAAE,IAAI,EAAE,iBAAiB,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE;QAC7D,MAAM,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE;QAC3B,eAAe,EAAE,EAAE;KACpB,CAAA;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC,CAAA;IAChD,OAAO,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,GAAG,EAAmB,CAAA;AACrD,CAAC;AAED,+CAA+C;AAC/C,MAAM,aAAa,GAAG,IAAI,GAAG,EAAkB,CAAA;AAE/C,SAAS,WAAW,CAAC,OAAe,EAAE,OAAgB;IACpD,OAAO,GAAG,OAAO,IAAI,OAAO,IAAI,SAAS,EAAE,CAAA;AAC7C,CAAC;AAED,uBAAuB;AAEvB,iEAAiE;AACjE,MAAM,UAAU,eAAe,CAC7B,WAAmB,EACnB,KAAa,EACb,MAAuB;IAEvB,MAAM,KAAK,GAAG,mBAAmB,KAAK,EAAE,CAAA;IAExC,MAAM,EAAE,GAAG,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;IAC1C,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QACd,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,CAAA;IAC9G,CAAC;IAED,MAAM,EAAE,GAAG,gBAAgB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAA;IAC9C,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QACd,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,CAAA;IAChH,CAAC;IAED,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACrG,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,KAAK,yBAAyB,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,CAAA;IAC3G,CAAC;IAED,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,CAAC;QACrD,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,KAAK,gCAAgC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,CAAA;IACvJ,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,4BAA4B,KAAK,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,CAAA;AACrG,CAAC;AAED,0EAA0E;AAC1E,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,OAA8B,EAC9B,OAA0F,EAC1F,MAAuB;IAEvB,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAA;IACpE,MAAM,KAAK,GAAG,mBAAmB,OAAO,CAAC,KAAK,EAAE,CAAA;IAEhD,cAAc;IACd,MAAM,KAAK,GAAG,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;IAC1D,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;QACtB,IAAI,MAAM,CAAC,QAAQ;YAAE,MAAM,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAA;QACpE,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,UAAU,CAAC,YAAY,EAAE,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,CAAC,CAAA;QAChK,IAAI,MAAM,CAAC,SAAS;YAAE,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;QAC/C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,CAAA;IACxD,CAAC;IAED,mBAAmB;IACnB,IAAI,MAAM,CAAC,qBAAqB,IAAI,IAAI,EAAE,CAAC;QACzC,MAAM,GAAG,GAAG,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;QAC1E,MAAM,KAAK,GAAG,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACzC,IAAI,KAAK,IAAI,MAAM,CAAC,qBAAqB,EAAE,CAAC;YAC1C,MAAM,MAAM,GAAG,wBAAwB,KAAK,IAAI,MAAM,CAAC,qBAAqB,wBAAwB,CAAA;YACpG,IAAI,MAAM,CAAC,QAAQ;gBAAE,MAAM,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;YACtD,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,UAAU,CAAC,YAAY,EAAE,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;YAC1J,IAAI,MAAM,CAAC,SAAS;gBAAE,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;YAC/C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAA;QAC1C,CAAC;QACD,aAAa,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,GAAG,CAAC,CAAC,CAAA;IACnC,CAAC;IAED,UAAU;IACV,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,CAAA;IAErC,mDAAmD;IACnD,MAAM,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAA;IAEjG,MAAM,OAAO,GAAG,YAAY,CAC1B,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,UAAU,CAAC,YAAY,EAAE,MAAM,CAAC,UAAU,EACnF,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,SAAS,EAC/B,wBAAwB,MAAM,CAAC,UAAU,kBAAkB,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CACxF,CAAA;IACD,IAAI,MAAM,CAAC,SAAS;QAAE,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;IAE/C,OAAO;QACL,MAAM;QACN,OAAO,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,aAAa,EAAE;KACpH,CAAA;AACH,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,qBAAqB,CACnC,UAAkB,EAClB,cAAsB,EACtB,WAAmB,EACnB,YAAsB,EACtB,MAAuE;IAEvE,MAAM,IAAI,GAAqC;QAC7C,SAAS,EAAE,iBAAiB,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;QAC/F,OAAO,EAAE,KAAK;QACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO;QACzC,YAAY,EAAE,MAAM,CAAC,UAAU,CAAC,YAAY;QAC5C,MAAM,EAAE;YACN,IAAI,EAAE,kBAAkB;YACxB,MAAM,EAAE,UAAU;YAClB,SAAS,EAAE,sBAAsB;SAClC;QACD,MAAM,EAAE;YACN,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,YAAY,UAAU,KAAK,cAAc,gBAAgB,WAAW,YAAY,YAAY,CAAC,MAAM,eAAe;SAC5H;QACD,eAAe,EAAE,YAAY;KAC9B,CAAA;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;IACvD,OAAO,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,GAAG,EAAmB,CAAA;AACrD,CAAC;AAED,iEAAiE;AACjE,MAAM,UAAU,0BAA0B,CACxC,UAAsB,EACtB,QAAwB;IAExB,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK;SAC5B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC;SAC7C,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC,CAAA;IAE9C,OAAO;QACL,OAAO,EAAE,QAAQ,CAAC,QAAQ,CAAC,OAAO;QAClC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,GAAG;QACvB,KAAK,EAAE,UAAU,CAAC,KAAK;QACvB,cAAc,EAAE,SAAS;KAC1B,CAAA;AACH,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,uBAAuB,CACrC,YAAoB,EACpB,mBAA2B,EAC3B,WAAmB;IAEnB,mDAAmD;IACnD,MAAM,eAAe,GAAG,mBAAmB,GAAG,WAAW,CAAA;IACzD,MAAM,gBAAgB,GAAG,eAAe,GAAG,CAAC,CAAA;IAC5C,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,gBAAgB,GAAG,IAAI,CAAC,CAAA;AACvD,CAAC;AAED,4DAA4D;AAC5D,MAAM,UAAU,sBAAsB,CACpC,WAAmB,EACnB,OAAe,EACf,MAAc,EACd,MAAwD;IAExD,MAAM,IAAI,GAAqC;QAC7C,SAAS,EAAE,YAAY,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;QAC1F,OAAO,EAAE,KAAK;QACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO;QACzC,YAAY,EAAE,gBAAgB;QAC9B,MAAM,EAAE;YACN,IAAI,EAAE,mBAAmB;YACzB,MAAM,EAAE,WAAW;YACnB,SAAS,EAAE,oBAAoB;SAChC;QACD,MAAM,EAAE;YACN,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,wBAAwB,WAAW,WAAW,OAAO,YAAY,MAAM,EAAE;SACnF;QACD,eAAe,EAAE,EAAE;KACpB,CAAA;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;IACvD,OAAO,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,GAAG,EAAmB,CAAA;AACrD,CAAC"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Cedar Policy Format Bridge for IBAC
|
|
3
|
+
*
|
|
4
|
+
* Converts between Cedar-style policy strings and IBAC tuples,
|
|
5
|
+
* and between APS delegations and Cedar policy format.
|
|
6
|
+
* No external dependencies.
|
|
7
|
+
*/
|
|
8
|
+
import type { Delegation } from '../types/passport.js';
|
|
9
|
+
import type { IBACTuple } from './ibac.js';
|
|
10
|
+
/**
|
|
11
|
+
* Parse a Cedar-style policy string into IBAC tuples.
|
|
12
|
+
*
|
|
13
|
+
* Supported format:
|
|
14
|
+
* permit(principal == "agent:agent-123", action == "tool:query_db", resource == "table:patients");
|
|
15
|
+
* permit(principal == "agent:agent-123", action == "tool:read", resource == "file:report.pdf")
|
|
16
|
+
* when { max_rows < 100 };
|
|
17
|
+
*/
|
|
18
|
+
export declare function cedarPolicyToTuples(cedarPolicy: string): IBACTuple[];
|
|
19
|
+
/**
|
|
20
|
+
* Generate a Cedar-style policy string from an APS delegation.
|
|
21
|
+
* Each scope in the delegation becomes a separate permit statement.
|
|
22
|
+
*/
|
|
23
|
+
export declare function delegationToCedarPolicy(delegation: Delegation): string;
|
|
24
|
+
//# sourceMappingURL=ibac-cedar.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ibac-cedar.d.ts","sourceRoot":"","sources":["../../../src/adapters/ibac-cedar.ts"],"names":[],"mappings":"AACA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,WAAW,CAAA;AAE1C;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,SAAS,EAAE,CAqCpE;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,UAAU,GAAG,MAAM,CAuBtE"}
|