agent-passport-system 1.7.0 → 1.8.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -6
- package/dist/src/core/context.d.ts +75 -0
- package/dist/src/core/context.d.ts.map +1 -0
- package/dist/src/core/context.js +351 -0
- package/dist/src/core/context.js.map +1 -0
- package/dist/src/core/policy.d.ts.map +1 -1
- package/dist/src/core/policy.js +67 -14
- package/dist/src/core/policy.js.map +1 -1
- package/dist/src/core/values.d.ts +23 -1
- package/dist/src/core/values.d.ts.map +1 -1
- package/dist/src/core/values.js +54 -1
- package/dist/src/core/values.js.map +1 -1
- package/dist/src/index.d.ts +5 -2
- package/dist/src/index.d.ts.map +1 -1
- package/dist/src/index.js +4 -1
- package/dist/src/index.js.map +1 -1
- package/dist/src/types/context.d.ts +112 -0
- package/dist/src/types/context.d.ts.map +1 -0
- package/dist/src/types/context.js +8 -0
- package/dist/src/types/context.js.map +1 -0
- package/dist/src/types/index.d.ts +1 -0
- package/dist/src/types/index.d.ts.map +1 -1
- package/dist/src/types/index.js +1 -0
- package/dist/src/types/index.js.map +1 -1
- package/dist/src/types/passport.d.ts +15 -1
- package/dist/src/types/passport.d.ts.map +1 -1
- package/dist/src/types/passport.js +5 -1
- package/dist/src/types/passport.js.map +1 -1
- package/dist/src/types/policy.d.ts +11 -1
- package/dist/src/types/policy.d.ts.map +1 -1
- package/package.json +16 -15
- package/values/floor.yaml +13 -7
package/README.md
CHANGED
|
@@ -2,12 +2,12 @@
|
|
|
2
2
|
|
|
3
3
|
[](https://www.npmjs.com/package/agent-passport-system)
|
|
4
4
|
[](https://github.com/aeoess/agent-passport-system/blob/main/LICENSE)
|
|
5
|
-
[](https://github.com/aeoess/agent-passport-system)
|
|
6
6
|
[](https://doi.org/10.5281/zenodo.18749779)
|
|
7
7
|
|
|
8
8
|
Cryptographic identity, ethical governance, economic attribution, protocol-native communication, intent architecture, cascade revocation, coordination primitives, and agentic commerce for autonomous AI agents.
|
|
9
9
|
|
|
10
|
-
**8 layers.
|
|
10
|
+
**8 layers. 240 tests. Zero heavy dependencies. Running code. MCP server included.**
|
|
11
11
|
|
|
12
12
|
> *As AI agents from different creators, running different models, serving different humans begin to collaborate — who is responsible, under what authority, according to what values, and who benefits?*
|
|
13
13
|
|
|
@@ -369,7 +369,7 @@ The protocol ships with a coordination-native MCP server — any MCP client (Cla
|
|
|
369
369
|
npm install agent-passport-system-mcp
|
|
370
370
|
```
|
|
371
371
|
|
|
372
|
-
**
|
|
372
|
+
**33 tools across all 8 layers, role-scoped access control.** Identity, delegation, agora, values/policy, coordination, and commerce — all accessible via MCP. Every operation Ed25519 signed.
|
|
373
373
|
|
|
374
374
|
```json
|
|
375
375
|
{
|
|
@@ -395,7 +395,7 @@ npm: [agent-passport-system-mcp](https://www.npmjs.com/package/agent-passport-sy
|
|
|
395
395
|
|
|
396
396
|
```bash
|
|
397
397
|
npm test
|
|
398
|
-
#
|
|
398
|
+
# 240 tests across 15 files, 64 suites, 0 failures
|
|
399
399
|
```
|
|
400
400
|
|
|
401
401
|
Includes 23 adversarial tests: Merkle tree tampering, attribution gaming resistance, compliance violations, floor negotiation attacks, wrong-key attestations.
|
|
@@ -427,7 +427,7 @@ By Tymofii Pidlisnyi — Published on Zenodo
|
|
|
427
427
|
| Communication | Signed Agora | — | — | — | — |
|
|
428
428
|
| Coordination | Task units + MCP server | — | — | — | — |
|
|
429
429
|
| Commerce | ACP + 4-gate enforcement | — | — | — | — |
|
|
430
|
-
| Tests |
|
|
430
|
+
| Tests | 214 (38 adversarial) | None | Limited | None | None |
|
|
431
431
|
| Dependencies | Node.js crypto + uuid | — | Multi-LLM | — | Consensus network |
|
|
432
432
|
|
|
433
433
|
## Structure
|
|
@@ -456,7 +456,7 @@ src/ 22 source files
|
|
|
456
456
|
policy.ts — Layer 6 types
|
|
457
457
|
coordination.ts — Layer 7 types
|
|
458
458
|
commerce.ts — Layer 8 types
|
|
459
|
-
tests/
|
|
459
|
+
tests/ 16 test files, 240 tests (64 suites)
|
|
460
460
|
adversarial.ts — 23 adversarial cases
|
|
461
461
|
agora.test.ts — 15 Agora tests
|
|
462
462
|
contract.test.ts — High-level API tests
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
import type { SocialContractAgent } from '../contract.js';
|
|
2
|
+
import type { ValuesFloor, Delegation, ActionReceipt } from '../types/passport.js';
|
|
3
|
+
import type { PolicyDecision } from '../types/policy.js';
|
|
4
|
+
import type { AgentContextConfig, AgentContextState, ExecuteRequest, ExecuteResult, CompletedAction, AuditEntry, EnforcementLevel } from '../types/context.js';
|
|
5
|
+
export declare class AgentContext {
|
|
6
|
+
private agent;
|
|
7
|
+
private floor;
|
|
8
|
+
private config;
|
|
9
|
+
private validator;
|
|
10
|
+
private state;
|
|
11
|
+
constructor(agent: SocialContractAgent, floor: ValuesFloor, config?: Partial<AgentContextConfig>);
|
|
12
|
+
/** Register a delegation this agent can use. */
|
|
13
|
+
addDelegation(delegation: Delegation): void;
|
|
14
|
+
/** Remove a delegation (e.g., after revocation). */
|
|
15
|
+
removeDelegation(delegationId: string): boolean;
|
|
16
|
+
/** Find the best matching delegation for a required scope. */
|
|
17
|
+
findDelegation(scopeRequired: string): Delegation | null;
|
|
18
|
+
/**
|
|
19
|
+
* Execute an action through the policy engine.
|
|
20
|
+
*
|
|
21
|
+
* In 'auto' and 'strict' mode, this runs the full 3-signature chain:
|
|
22
|
+
* 1. Creates ActionIntent (signed by this agent)
|
|
23
|
+
* 2. Evaluates against floor via validator (signed by evaluator)
|
|
24
|
+
* 3. Returns the decision — caller decides whether to proceed
|
|
25
|
+
*
|
|
26
|
+
* In 'manual' mode, skips enforcement and returns a permit.
|
|
27
|
+
*/
|
|
28
|
+
execute(request: ExecuteRequest): ExecuteResult;
|
|
29
|
+
/**
|
|
30
|
+
* Complete an action after execution.
|
|
31
|
+
*
|
|
32
|
+
* Takes the ExecuteResult from execute() plus the actual outcome,
|
|
33
|
+
* creates the ActionReceipt (signature 3) and PolicyReceipt
|
|
34
|
+
* (linking all 3 signatures).
|
|
35
|
+
*/
|
|
36
|
+
complete(execution: ExecuteResult, outcome: {
|
|
37
|
+
status: 'success' | 'failure' | 'partial';
|
|
38
|
+
summary: string;
|
|
39
|
+
}): CompletedAction;
|
|
40
|
+
private enforceAction;
|
|
41
|
+
private buildValidationContext;
|
|
42
|
+
private createIntent;
|
|
43
|
+
private createDeniedResult;
|
|
44
|
+
private createPermitResult;
|
|
45
|
+
private logAudit;
|
|
46
|
+
/** Get the current enforcement level. */
|
|
47
|
+
get enforcement(): EnforcementLevel;
|
|
48
|
+
/** Get all receipts produced through this context. */
|
|
49
|
+
get allReceipts(): ActionReceipt[];
|
|
50
|
+
/** Get all policy decisions made through this context. */
|
|
51
|
+
get allDecisions(): PolicyDecision[];
|
|
52
|
+
/** Get the full audit log. */
|
|
53
|
+
get auditLog(): AuditEntry[];
|
|
54
|
+
/** Get context state snapshot (for serialization / inspection). */
|
|
55
|
+
getState(): AgentContextState;
|
|
56
|
+
/** How many actions have been permitted vs denied. */
|
|
57
|
+
get stats(): {
|
|
58
|
+
permitted: number;
|
|
59
|
+
denied: number;
|
|
60
|
+
narrowed: number;
|
|
61
|
+
total: number;
|
|
62
|
+
};
|
|
63
|
+
}
|
|
64
|
+
/**
|
|
65
|
+
* Create an Agent Context — the enforcement boundary.
|
|
66
|
+
*
|
|
67
|
+
* Every action that goes through this context is automatically
|
|
68
|
+
* checked against the Values Floor via the 3-signature chain.
|
|
69
|
+
*
|
|
70
|
+
* @param agent - From joinSocialContract()
|
|
71
|
+
* @param floor - The Values Floor to enforce
|
|
72
|
+
* @param config - Enforcement level and callbacks
|
|
73
|
+
*/
|
|
74
|
+
export declare function createAgentContext(agent: SocialContractAgent, floor: ValuesFloor, config?: Partial<AgentContextConfig>): AgentContext;
|
|
75
|
+
//# sourceMappingURL=context.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../../src/core/context.ts"],"names":[],"mappings":"AA2BA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAA;AACzD,OAAO,KAAK,EAAE,WAAW,EAAoB,UAAU,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AACpG,OAAO,KAAK,EAAgB,cAAc,EAAqD,MAAM,oBAAoB,CAAA;AACzH,OAAO,KAAK,EACV,kBAAkB,EAAE,iBAAiB,EACrC,cAAc,EAAE,aAAa,EAAE,eAAe,EAC9C,UAAU,EAAE,gBAAgB,EAC7B,MAAM,qBAAqB,CAAA;AAM5B,qBAAa,YAAY;IACvB,OAAO,CAAC,KAAK,CAAqB;IAClC,OAAO,CAAC,KAAK,CAAa;IAC1B,OAAO,CAAC,MAAM,CAA+F;IAC7G,OAAO,CAAC,SAAS,CAAiB;IAClC,OAAO,CAAC,KAAK,CAAmB;gBAG9B,KAAK,EAAE,mBAAmB,EAC1B,KAAK,EAAE,WAAW,EAClB,MAAM,GAAE,OAAO,CAAC,kBAAkB,CAAM;IA0B1C,gDAAgD;IAChD,aAAa,CAAC,UAAU,EAAE,UAAU,GAAG,IAAI;IAI3C,oDAAoD;IACpD,gBAAgB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAI/C,8DAA8D;IAC9D,cAAc,CAAC,aAAa,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI;IAWxD;;;;;;;;;OASG;IACH,OAAO,CAAC,OAAO,EAAE,cAAc,GAAG,aAAa;IAwB/C;;;;;;OAMG;IACH,QAAQ,CACN,SAAS,EAAE,aAAa,EACxB,OAAO,EAAE;QAAE,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,GACtE,eAAe;IAkDlB,OAAO,CAAC,aAAa;IAiErB,OAAO,CAAC,sBAAsB;IA6B9B,OAAO,CAAC,YAAY;IAgBpB,OAAO,CAAC,kBAAkB;IAuC1B,OAAO,CAAC,kBAAkB;IAU1B,OAAO,CAAC,QAAQ;IAmBhB,yCAAyC;IACzC,IAAI,WAAW,IAAI,gBAAgB,CAAmC;IAEtE,sDAAsD;IACtD,IAAI,WAAW,IAAI,aAAa,EAAE,CAAoC;IAEtE,0DAA0D;IAC1D,IAAI,YAAY,IAAI,cAAc,EAAE,CAAqC;IAEzE,8BAA8B;IAC9B,IAAI,QAAQ,IAAI,UAAU,EAAE,CAAoC;IAEhE,mEAAmE;IACnE,QAAQ,IAAI,iBAAiB;IAE7B,sDAAsD;IACtD,IAAI,KAAK,IAAI;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAQlF;CACF;AAMD;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,CAChC,KAAK,EAAE,mBAAmB,EAC1B,KAAK,EAAE,WAAW,EAClB,MAAM,CAAC,EAAE,OAAO,CAAC,kBAAkB,CAAC,GACnC,YAAY,CAKd"}
|
|
@@ -0,0 +1,351 @@
|
|
|
1
|
+
// ══════════════════════════════════════════════════════════════════
|
|
2
|
+
// Agent Context — Automatic Protocol Compliance
|
|
3
|
+
// ══════════════════════════════════════════════════════════════════
|
|
4
|
+
//
|
|
5
|
+
// The missing piece between "agent has access to trust infrastructure"
|
|
6
|
+
// and "agent is trustworthy."
|
|
7
|
+
//
|
|
8
|
+
// Without context: agent CAN call evaluateIntent() but nothing
|
|
9
|
+
// forces it. The protocol is opt-in at the action level.
|
|
10
|
+
//
|
|
11
|
+
// With context: every action goes through the 3-signature chain
|
|
12
|
+
// automatically. The agent physically cannot skip enforcement.
|
|
13
|
+
//
|
|
14
|
+
// Usage:
|
|
15
|
+
// const ctx = createAgentContext(agent, floor, { enforcement: 'auto' })
|
|
16
|
+
// ctx.addDelegation(delegation)
|
|
17
|
+
// const result = ctx.execute({ type: 'api:fetch', scope: 'data:read', target: '...' })
|
|
18
|
+
// const completed = ctx.complete(result, { status: 'success', summary: '...' })
|
|
19
|
+
//
|
|
20
|
+
// ══════════════════════════════════════════════════════════════════
|
|
21
|
+
import { v4 as uuidv4 } from 'uuid';
|
|
22
|
+
import { sign } from '../crypto/keys.js';
|
|
23
|
+
import { canonicalize } from './canonical.js';
|
|
24
|
+
import { createActionIntent, evaluateIntent, createPolicyReceipt, FloorValidatorV1 } from './policy.js';
|
|
25
|
+
import { createReceipt } from './delegation.js';
|
|
26
|
+
import { verifyAttestation } from './values.js';
|
|
27
|
+
// ══════════════════════════════════════
|
|
28
|
+
// AGENT CONTEXT CLASS
|
|
29
|
+
// ══════════════════════════════════════
|
|
30
|
+
export class AgentContext {
|
|
31
|
+
agent;
|
|
32
|
+
floor;
|
|
33
|
+
config;
|
|
34
|
+
validator;
|
|
35
|
+
state;
|
|
36
|
+
constructor(agent, floor, config = {}) {
|
|
37
|
+
this.agent = agent;
|
|
38
|
+
this.floor = floor;
|
|
39
|
+
this.validator = config.validator || new FloorValidatorV1();
|
|
40
|
+
this.config = {
|
|
41
|
+
enforcement: config.enforcement || 'auto',
|
|
42
|
+
decisionTTLMinutes: config.decisionTTLMinutes || 5,
|
|
43
|
+
...config
|
|
44
|
+
};
|
|
45
|
+
this.state = {
|
|
46
|
+
agentId: agent.agentId,
|
|
47
|
+
publicKey: agent.publicKey,
|
|
48
|
+
delegations: new Map(),
|
|
49
|
+
floor,
|
|
50
|
+
attestation: agent.attestation,
|
|
51
|
+
receipts: [],
|
|
52
|
+
decisions: [],
|
|
53
|
+
policyReceipts: [],
|
|
54
|
+
auditLog: []
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
// ── Delegation Management ──
|
|
58
|
+
/** Register a delegation this agent can use. */
|
|
59
|
+
addDelegation(delegation) {
|
|
60
|
+
this.state.delegations.set(delegation.delegationId, delegation);
|
|
61
|
+
}
|
|
62
|
+
/** Remove a delegation (e.g., after revocation). */
|
|
63
|
+
removeDelegation(delegationId) {
|
|
64
|
+
return this.state.delegations.delete(delegationId);
|
|
65
|
+
}
|
|
66
|
+
/** Find the best matching delegation for a required scope. */
|
|
67
|
+
findDelegation(scopeRequired) {
|
|
68
|
+
for (const [, d] of this.state.delegations) {
|
|
69
|
+
if (d.scope.includes(scopeRequired) && new Date(d.expiresAt) > new Date()) {
|
|
70
|
+
return d;
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
return null;
|
|
74
|
+
}
|
|
75
|
+
// ── Core: Execute with Enforcement ──
|
|
76
|
+
/**
|
|
77
|
+
* Execute an action through the policy engine.
|
|
78
|
+
*
|
|
79
|
+
* In 'auto' and 'strict' mode, this runs the full 3-signature chain:
|
|
80
|
+
* 1. Creates ActionIntent (signed by this agent)
|
|
81
|
+
* 2. Evaluates against floor via validator (signed by evaluator)
|
|
82
|
+
* 3. Returns the decision — caller decides whether to proceed
|
|
83
|
+
*
|
|
84
|
+
* In 'manual' mode, skips enforcement and returns a permit.
|
|
85
|
+
*/
|
|
86
|
+
execute(request) {
|
|
87
|
+
// Find delegation
|
|
88
|
+
const delegation = request.delegationId
|
|
89
|
+
? this.state.delegations.get(request.delegationId) || null
|
|
90
|
+
: this.findDelegation(request.scope);
|
|
91
|
+
if (!delegation) {
|
|
92
|
+
const intent = this.createIntent(request, 'no-delegation');
|
|
93
|
+
const denied = this.createDeniedResult(intent, 'No valid delegation for scope: ' + request.scope);
|
|
94
|
+
this.logAudit(request, denied);
|
|
95
|
+
this.config.onDenied?.(denied.decision, denied.intent);
|
|
96
|
+
return denied;
|
|
97
|
+
}
|
|
98
|
+
// Manual mode: skip enforcement, return permit
|
|
99
|
+
if (this.config.enforcement === 'manual') {
|
|
100
|
+
const intent = this.createIntent(request, delegation.delegationId);
|
|
101
|
+
return this.createPermitResult(intent, 'Manual mode — enforcement skipped');
|
|
102
|
+
}
|
|
103
|
+
// Auto/Strict mode: full 3-signature chain
|
|
104
|
+
return this.enforceAction(request, delegation);
|
|
105
|
+
}
|
|
106
|
+
/**
|
|
107
|
+
* Complete an action after execution.
|
|
108
|
+
*
|
|
109
|
+
* Takes the ExecuteResult from execute() plus the actual outcome,
|
|
110
|
+
* creates the ActionReceipt (signature 3) and PolicyReceipt
|
|
111
|
+
* (linking all 3 signatures).
|
|
112
|
+
*/
|
|
113
|
+
complete(execution, outcome) {
|
|
114
|
+
if (!execution.permitted) {
|
|
115
|
+
throw new Error('Cannot complete a denied action');
|
|
116
|
+
}
|
|
117
|
+
const delegation = this.state.delegations.get(execution.intent.delegationId);
|
|
118
|
+
if (!delegation) {
|
|
119
|
+
throw new Error('Delegation not found: ' + execution.intent.delegationId);
|
|
120
|
+
}
|
|
121
|
+
// Create ActionReceipt (signature 3)
|
|
122
|
+
const receipt = createReceipt({
|
|
123
|
+
agentId: this.agent.agentId,
|
|
124
|
+
delegationId: delegation.delegationId,
|
|
125
|
+
delegation,
|
|
126
|
+
action: {
|
|
127
|
+
type: execution.intent.action.type,
|
|
128
|
+
target: execution.intent.action.target,
|
|
129
|
+
scopeUsed: execution.intent.action.scopeRequired,
|
|
130
|
+
spend: execution.intent.action.spend
|
|
131
|
+
},
|
|
132
|
+
result: outcome,
|
|
133
|
+
delegationChain: [delegation.delegatedBy, this.agent.publicKey],
|
|
134
|
+
privateKey: this.agent.keyPair.privateKey
|
|
135
|
+
});
|
|
136
|
+
// Create PolicyReceipt (links all 3 signatures)
|
|
137
|
+
const evaluatorKey = this.config.evaluator?.privateKey || this.agent.keyPair.privateKey;
|
|
138
|
+
const policyReceipt = createPolicyReceipt({
|
|
139
|
+
intent: execution.intent,
|
|
140
|
+
decision: execution.decision,
|
|
141
|
+
receipt,
|
|
142
|
+
verifierPrivateKey: evaluatorKey
|
|
143
|
+
});
|
|
144
|
+
// Store everything
|
|
145
|
+
this.state.receipts.push(receipt);
|
|
146
|
+
this.state.policyReceipts.push(policyReceipt);
|
|
147
|
+
// Update audit log with receipt
|
|
148
|
+
const lastAudit = this.state.auditLog[this.state.auditLog.length - 1];
|
|
149
|
+
if (lastAudit && lastAudit.intentId === execution.intent.intentId) {
|
|
150
|
+
lastAudit.receiptId = receipt.receiptId;
|
|
151
|
+
}
|
|
152
|
+
return { execution, receipt, policyReceipt };
|
|
153
|
+
}
|
|
154
|
+
// ── Internal: Enforcement Logic ──
|
|
155
|
+
enforceAction(request, delegation) {
|
|
156
|
+
// 1. Create ActionIntent (signature 1)
|
|
157
|
+
const intent = createActionIntent({
|
|
158
|
+
agentId: this.agent.agentId,
|
|
159
|
+
agentPublicKey: this.agent.publicKey,
|
|
160
|
+
delegationId: delegation.delegationId,
|
|
161
|
+
action: {
|
|
162
|
+
type: request.type,
|
|
163
|
+
target: request.target,
|
|
164
|
+
scopeRequired: request.scope,
|
|
165
|
+
spend: request.spend
|
|
166
|
+
},
|
|
167
|
+
context: request.context,
|
|
168
|
+
privateKey: this.agent.keyPair.privateKey
|
|
169
|
+
});
|
|
170
|
+
// 2. Build validation context
|
|
171
|
+
const validationContext = this.buildValidationContext(delegation);
|
|
172
|
+
// 3. Evaluate against floor (signature 2)
|
|
173
|
+
const evaluatorId = this.config.evaluator?.id || this.agent.agentId;
|
|
174
|
+
const evaluatorPub = this.config.evaluator?.publicKey || this.agent.publicKey;
|
|
175
|
+
const evaluatorPriv = this.config.evaluator?.privateKey || this.agent.keyPair.privateKey;
|
|
176
|
+
const decision = evaluateIntent({
|
|
177
|
+
intent,
|
|
178
|
+
validator: this.validator,
|
|
179
|
+
validationContext,
|
|
180
|
+
evaluatorId,
|
|
181
|
+
evaluatorPublicKey: evaluatorPub,
|
|
182
|
+
evaluatorPrivateKey: evaluatorPriv,
|
|
183
|
+
decisionTTLMinutes: this.config.decisionTTLMinutes
|
|
184
|
+
});
|
|
185
|
+
// Store decision
|
|
186
|
+
this.state.decisions.push(decision);
|
|
187
|
+
// Build result
|
|
188
|
+
const result = {
|
|
189
|
+
permitted: decision.verdict !== 'deny',
|
|
190
|
+
verdict: decision.verdict,
|
|
191
|
+
intent,
|
|
192
|
+
decision,
|
|
193
|
+
constraints: decision.constraints,
|
|
194
|
+
auditFindings: decision.auditFindings?.length,
|
|
195
|
+
warnings: decision.warnings?.length,
|
|
196
|
+
reason: decision.reason
|
|
197
|
+
};
|
|
198
|
+
// Fire callbacks
|
|
199
|
+
this.config.onPolicyDecision?.(decision, intent);
|
|
200
|
+
if (decision.verdict === 'deny') {
|
|
201
|
+
this.config.onDenied?.(decision, intent);
|
|
202
|
+
}
|
|
203
|
+
if (decision.auditFindings?.length > 0) {
|
|
204
|
+
this.config.onAuditFinding?.(decision);
|
|
205
|
+
}
|
|
206
|
+
if (decision.warnings?.length > 0) {
|
|
207
|
+
this.config.onWarning?.(decision);
|
|
208
|
+
}
|
|
209
|
+
this.logAudit(request, result);
|
|
210
|
+
return result;
|
|
211
|
+
}
|
|
212
|
+
buildValidationContext(delegation) {
|
|
213
|
+
const attValid = this.agent.attestation
|
|
214
|
+
? verifyAttestation(this.agent.attestation).valid
|
|
215
|
+
: false;
|
|
216
|
+
return {
|
|
217
|
+
floorVersion: this.floor.version,
|
|
218
|
+
floorPrinciples: this.floor.floor.map(p => ({
|
|
219
|
+
id: p.id,
|
|
220
|
+
name: p.name,
|
|
221
|
+
enforcement: p.enforcement,
|
|
222
|
+
weight: p.weight
|
|
223
|
+
})),
|
|
224
|
+
delegation: {
|
|
225
|
+
scope: delegation.scope,
|
|
226
|
+
spendLimit: delegation.spendLimit,
|
|
227
|
+
spentAmount: delegation.spentAmount || 0,
|
|
228
|
+
expiresAt: delegation.expiresAt,
|
|
229
|
+
revoked: false,
|
|
230
|
+
currentDepth: delegation.currentDepth,
|
|
231
|
+
maxDepth: delegation.maxDepth
|
|
232
|
+
},
|
|
233
|
+
agentRegistered: true,
|
|
234
|
+
agentAttestationValid: attValid
|
|
235
|
+
};
|
|
236
|
+
}
|
|
237
|
+
// ── Internal: Result Builders ──
|
|
238
|
+
createIntent(request, delegationId) {
|
|
239
|
+
return createActionIntent({
|
|
240
|
+
agentId: this.agent.agentId,
|
|
241
|
+
agentPublicKey: this.agent.publicKey,
|
|
242
|
+
delegationId,
|
|
243
|
+
action: {
|
|
244
|
+
type: request.type,
|
|
245
|
+
target: request.target,
|
|
246
|
+
scopeRequired: request.scope,
|
|
247
|
+
spend: request.spend
|
|
248
|
+
},
|
|
249
|
+
context: request.context,
|
|
250
|
+
privateKey: this.agent.keyPair.privateKey
|
|
251
|
+
});
|
|
252
|
+
}
|
|
253
|
+
createDeniedResult(intent, reason) {
|
|
254
|
+
// Create a synthetic denial decision (not from the validator)
|
|
255
|
+
const evaluatorPriv = this.config.evaluator?.privateKey || this.agent.keyPair.privateKey;
|
|
256
|
+
const evaluatorPub = this.config.evaluator?.publicKey || this.agent.publicKey;
|
|
257
|
+
const evaluatorId = this.config.evaluator?.id || this.agent.agentId;
|
|
258
|
+
// Use evaluateIntent would fail without delegation context, so build synthetic
|
|
259
|
+
const now = new Date();
|
|
260
|
+
const expires = new Date(now);
|
|
261
|
+
expires.setMinutes(expires.getMinutes() + (this.config.decisionTTLMinutes || 5));
|
|
262
|
+
const decision = {
|
|
263
|
+
decisionId: 'pdec_' + uuidv4().slice(0, 12),
|
|
264
|
+
intentId: intent.intentId,
|
|
265
|
+
evaluatorId,
|
|
266
|
+
evaluatorPublicKey: evaluatorPub,
|
|
267
|
+
verdict: 'deny',
|
|
268
|
+
principlesEvaluated: [],
|
|
269
|
+
reason,
|
|
270
|
+
floorVersion: this.floor.version,
|
|
271
|
+
evaluatedAt: now.toISOString(),
|
|
272
|
+
expiresAt: expires.toISOString()
|
|
273
|
+
};
|
|
274
|
+
const signature = sign(canonicalize(decision), evaluatorPriv);
|
|
275
|
+
const signedDecision = { ...decision, signature };
|
|
276
|
+
this.state.decisions.push(signedDecision);
|
|
277
|
+
return {
|
|
278
|
+
permitted: false,
|
|
279
|
+
verdict: 'deny',
|
|
280
|
+
intent,
|
|
281
|
+
decision: signedDecision,
|
|
282
|
+
reason
|
|
283
|
+
};
|
|
284
|
+
}
|
|
285
|
+
createPermitResult(intent, reason) {
|
|
286
|
+
return {
|
|
287
|
+
permitted: true,
|
|
288
|
+
verdict: 'permit',
|
|
289
|
+
intent,
|
|
290
|
+
decision: {}, // Manual mode — no real decision
|
|
291
|
+
reason
|
|
292
|
+
};
|
|
293
|
+
}
|
|
294
|
+
logAudit(request, result) {
|
|
295
|
+
this.state.auditLog.push({
|
|
296
|
+
timestamp: new Date().toISOString(),
|
|
297
|
+
action: request,
|
|
298
|
+
verdict: result.verdict,
|
|
299
|
+
intentId: result.intent.intentId,
|
|
300
|
+
decisionId: result.decision.decisionId || 'manual',
|
|
301
|
+
receiptId: undefined,
|
|
302
|
+
reason: result.reason,
|
|
303
|
+
enforcement: {
|
|
304
|
+
inlinePassed: result.verdict !== 'deny',
|
|
305
|
+
auditIssueCount: result.auditFindings || 0,
|
|
306
|
+
warningCount: result.warnings || 0
|
|
307
|
+
}
|
|
308
|
+
});
|
|
309
|
+
}
|
|
310
|
+
// ── Query State ──
|
|
311
|
+
/** Get the current enforcement level. */
|
|
312
|
+
get enforcement() { return this.config.enforcement; }
|
|
313
|
+
/** Get all receipts produced through this context. */
|
|
314
|
+
get allReceipts() { return [...this.state.receipts]; }
|
|
315
|
+
/** Get all policy decisions made through this context. */
|
|
316
|
+
get allDecisions() { return [...this.state.decisions]; }
|
|
317
|
+
/** Get the full audit log. */
|
|
318
|
+
get auditLog() { return [...this.state.auditLog]; }
|
|
319
|
+
/** Get context state snapshot (for serialization / inspection). */
|
|
320
|
+
getState() { return { ...this.state }; }
|
|
321
|
+
/** How many actions have been permitted vs denied. */
|
|
322
|
+
get stats() {
|
|
323
|
+
const log = this.state.auditLog;
|
|
324
|
+
return {
|
|
325
|
+
permitted: log.filter(e => e.verdict === 'permit').length,
|
|
326
|
+
denied: log.filter(e => e.verdict === 'deny').length,
|
|
327
|
+
narrowed: log.filter(e => e.verdict === 'narrow').length,
|
|
328
|
+
total: log.length
|
|
329
|
+
};
|
|
330
|
+
}
|
|
331
|
+
}
|
|
332
|
+
// ══════════════════════════════════════
|
|
333
|
+
// FACTORY FUNCTION
|
|
334
|
+
// ══════════════════════════════════════
|
|
335
|
+
/**
|
|
336
|
+
* Create an Agent Context — the enforcement boundary.
|
|
337
|
+
*
|
|
338
|
+
* Every action that goes through this context is automatically
|
|
339
|
+
* checked against the Values Floor via the 3-signature chain.
|
|
340
|
+
*
|
|
341
|
+
* @param agent - From joinSocialContract()
|
|
342
|
+
* @param floor - The Values Floor to enforce
|
|
343
|
+
* @param config - Enforcement level and callbacks
|
|
344
|
+
*/
|
|
345
|
+
export function createAgentContext(agent, floor, config) {
|
|
346
|
+
if (!agent.attestation) {
|
|
347
|
+
throw new Error('Agent must have a floor attestation to create a context. Did you pass a floor to joinSocialContract()?');
|
|
348
|
+
}
|
|
349
|
+
return new AgentContext(agent, floor, config);
|
|
350
|
+
}
|
|
351
|
+
//# sourceMappingURL=context.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"context.js","sourceRoot":"","sources":["../../../src/core/context.ts"],"names":[],"mappings":"AAAA,qEAAqE;AACrE,gDAAgD;AAChD,qEAAqE;AACrE,EAAE;AACF,uEAAuE;AACvE,8BAA8B;AAC9B,EAAE;AACF,+DAA+D;AAC/D,yDAAyD;AACzD,EAAE;AACF,gEAAgE;AAChE,+DAA+D;AAC/D,EAAE;AACF,SAAS;AACT,0EAA0E;AAC1E,kCAAkC;AAClC,yFAAyF;AACzF,kFAAkF;AAClF,EAAE;AACF,qEAAqE;AAErE,OAAO,EAAE,EAAE,IAAI,MAAM,EAAE,MAAM,MAAM,CAAA;AACnC,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAA;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,kBAAkB,EAAE,cAAc,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAA;AACvG,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAU/C,yCAAyC;AACzC,sBAAsB;AACtB,yCAAyC;AAEzC,MAAM,OAAO,YAAY;IACf,KAAK,CAAqB;IAC1B,KAAK,CAAa;IAClB,MAAM,CAA+F;IACrG,SAAS,CAAiB;IAC1B,KAAK,CAAmB;IAEhC,YACE,KAA0B,EAC1B,KAAkB,EAClB,SAAsC,EAAE;QAExC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,IAAI,gBAAgB,EAAE,CAAA;QAC3D,IAAI,CAAC,MAAM,GAAG;YACZ,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,MAAM;YACzC,kBAAkB,EAAE,MAAM,CAAC,kBAAkB,IAAI,CAAC;YAClD,GAAG,MAAM;SACV,CAAA;QAED,IAAI,CAAC,KAAK,GAAG;YACX,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,WAAW,EAAE,IAAI,GAAG,EAAE;YACtB,KAAK;YACL,WAAW,EAAE,KAAK,CAAC,WAAY;YAC/B,QAAQ,EAAE,EAAE;YACZ,SAAS,EAAE,EAAE;YACb,cAAc,EAAE,EAAE;YAClB,QAAQ,EAAE,EAAE;SACb,CAAA;IACH,CAAC;IAED,8BAA8B;IAE9B,gDAAgD;IAChD,aAAa,CAAC,UAAsB;QAClC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,CAAC,CAAA;IACjE,CAAC;IAED,oDAAoD;IACpD,gBAAgB,CAAC,YAAoB;QACnC,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;IACpD,CAAC;IAED,8DAA8D;IAC9D,cAAc,CAAC,aAAqB;QAClC,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;YAC3C,IAAI,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAC1E,OAAO,CAAC,CAAA;YACV,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,uCAAuC;IAEvC;;;;;;;;;OASG;IACH,OAAO,CAAC,OAAuB;QAC7B,kBAAkB;QAClB,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY;YACrC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,IAAI;YAC1D,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAEtC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,eAAe,CAAC,CAAA;YAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,iCAAiC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;YACjG,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;YAC9B,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;YACtD,OAAO,MAAM,CAAA;QACf,CAAC;QAED,+CAA+C;QAC/C,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,UAAU,CAAC,YAAY,CAAC,CAAA;YAClE,OAAO,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,mCAAmC,CAAC,CAAA;QAC7E,CAAC;QAED,2CAA2C;QAC3C,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;IAChD,CAAC;IAED;;;;;;OAMG;IACH,QAAQ,CACN,SAAwB,EACxB,OAAuE;QAEvE,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAA;QACpD,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;QAC5E,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;QAC3E,CAAC;QAED,qCAAqC;QACrC,MAAM,OAAO,GAAG,aAAa,CAAC;YAC5B,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO;YAC3B,YAAY,EAAE,UAAU,CAAC,YAAY;YACrC,UAAU;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI;gBAClC,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM;gBACtC,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa;gBAChD,KAAK,EAAE,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK;aACrC;YACD,MAAM,EAAE,OAAO;YACf,eAAe,EAAE,CAAC,UAAU,CAAC,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC;YAC/D,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU;SAC1C,CAAC,CAAA;QAEF,gDAAgD;QAChD,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAA;QACvF,MAAM,aAAa,GAAG,mBAAmB,CAAC;YACxC,MAAM,EAAE,SAAS,CAAC,MAAM;YACxB,QAAQ,EAAE,SAAS,CAAC,QAAQ;YAC5B,OAAO;YACP,kBAAkB,EAAE,YAAY;SACjC,CAAC,CAAA;QAEF,mBAAmB;QACnB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACjC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;QAE7C,gCAAgC;QAChC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACrE,IAAI,SAAS,IAAI,SAAS,CAAC,QAAQ,KAAK,SAAS,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAClE,SAAS,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;QACzC,CAAC;QAED,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;IAC9C,CAAC;IAED,oCAAoC;IAE5B,aAAa,CAAC,OAAuB,EAAE,UAAsB;QACnE,uCAAuC;QACvC,MAAM,MAAM,GAAG,kBAAkB,CAAC;YAChC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO;YAC3B,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS;YACpC,YAAY,EAAE,UAAU,CAAC,YAAY;YACrC,MAAM,EAAE;gBACN,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,aAAa,EAAE,OAAO,CAAC,KAAK;gBAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;aACrB;YACD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU;SAC1C,CAAC,CAAA;QAEF,8BAA8B;QAC9B,MAAM,iBAAiB,GAAG,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAA;QAEjE,0CAA0C;QAC1C,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAA;QACnE,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,SAAS,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAA;QAC7E,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAA;QAExF,MAAM,QAAQ,GAAG,cAAc,CAAC;YAC9B,MAAM;YACN,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,iBAAiB;YACjB,WAAW;YACX,kBAAkB,EAAE,YAAY;YAChC,mBAAmB,EAAE,aAAa;YAClC,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;SACnD,CAAC,CAAA;QAEF,iBAAiB;QACjB,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAEnC,eAAe;QACf,MAAM,MAAM,GAAkB;YAC5B,SAAS,EAAE,QAAQ,CAAC,OAAO,KAAK,MAAM;YACtC,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,MAAM;YACN,QAAQ;YACR,WAAW,EAAE,QAAQ,CAAC,WAAW;YACjC,aAAa,EAAG,QAAgB,CAAC,aAAa,EAAE,MAAM;YACtD,QAAQ,EAAG,QAAgB,CAAC,QAAQ,EAAE,MAAM;YAC5C,MAAM,EAAE,QAAQ,CAAC,MAAM;SACxB,CAAA;QAED,iBAAiB;QACjB,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;QAChD,IAAI,QAAQ,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;YAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;QAC1C,CAAC;QACD,IAAK,QAAgB,CAAC,aAAa,EAAE,MAAM,GAAG,CAAC,EAAE,CAAC;YAChD,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC,QAAQ,CAAC,CAAA;QACxC,CAAC;QACD,IAAK,QAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3C,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,CAAA;QACnC,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC9B,OAAO,MAAM,CAAA;IACf,CAAC;IAEO,sBAAsB,CAAC,UAAsB;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW;YACrC,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,KAAK;YACjD,CAAC,CAAC,KAAK,CAAA;QAET,OAAO;YACL,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO;YAChC,eAAe,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC1C,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,IAAI,EAAE,CAAC,CAAC,IAAK;gBACb,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,MAAM,EAAE,CAAC,CAAC,MAAO;aAClB,CAAC,CAAC;YACH,UAAU,EAAE;gBACV,KAAK,EAAE,UAAU,CAAC,KAAK;gBACvB,UAAU,EAAE,UAAU,CAAC,UAAU;gBACjC,WAAW,EAAE,UAAU,CAAC,WAAW,IAAI,CAAC;gBACxC,SAAS,EAAE,UAAU,CAAC,SAAS;gBAC/B,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B;YACD,eAAe,EAAE,IAAI;YACrB,qBAAqB,EAAE,QAAQ;SAChC,CAAA;IACH,CAAC;IAED,kCAAkC;IAE1B,YAAY,CAAC,OAAuB,EAAE,YAAoB;QAChE,OAAO,kBAAkB,CAAC;YACxB,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO;YAC3B,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS;YACpC,YAAY;YACZ,MAAM,EAAE;gBACN,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,aAAa,EAAE,OAAO,CAAC,KAAK;gBAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;aACrB;YACD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU;SAC1C,CAAC,CAAA;IACJ,CAAC;IAEO,kBAAkB,CAAC,MAAoB,EAAE,MAAc;QAC7D,8DAA8D;QAC9D,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAA;QACxF,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,SAAS,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAA;QAC7E,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAA;QAEnE,+EAA+E;QAE/E,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;QACtB,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAA;QAC7B,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,CAAC,CAAC,CAAC,CAAA;QAEhF,MAAM,QAAQ,GAAsC;YAClD,UAAU,EAAE,OAAO,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC3C,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,WAAW;YACX,kBAAkB,EAAE,YAAY;YAChC,OAAO,EAAE,MAAM;YACf,mBAAmB,EAAE,EAAE;YACvB,MAAM;YACN,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO;YAChC,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE;YAC9B,SAAS,EAAE,OAAO,CAAC,WAAW,EAAE;SACjC,CAAA;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,aAAa,CAAC,CAAA;QAC7D,MAAM,cAAc,GAAmB,EAAE,GAAG,QAAQ,EAAE,SAAS,EAAE,CAAA;QAEjE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAEzC,OAAO;YACL,SAAS,EAAE,KAAK;YAChB,OAAO,EAAE,MAAM;YACf,MAAM;YACN,QAAQ,EAAE,cAAc;YACxB,MAAM;SACP,CAAA;IACH,CAAC;IAEO,kBAAkB,CAAC,MAAoB,EAAE,MAAc;QAC7D,OAAO;YACL,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,QAAQ;YACjB,MAAM;YACN,QAAQ,EAAE,EAAoB,EAAG,iCAAiC;YAClE,MAAM;SACP,CAAA;IACH,CAAC;IAEO,QAAQ,CAAC,OAAuB,EAAE,MAAqB;QAC7D,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;YACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,OAAO;YACf,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;YAChC,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,UAAU,IAAI,QAAQ;YAClD,SAAS,EAAE,SAAS;YACpB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,WAAW,EAAE;gBACX,YAAY,EAAE,MAAM,CAAC,OAAO,KAAK,MAAM;gBACvC,eAAe,EAAE,MAAM,CAAC,aAAa,IAAI,CAAC;gBAC1C,YAAY,EAAE,MAAM,CAAC,QAAQ,IAAI,CAAC;aACnC;SACF,CAAC,CAAA;IACJ,CAAC;IAED,oBAAoB;IAEpB,yCAAyC;IACzC,IAAI,WAAW,KAAuB,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAA,CAAC,CAAC;IAEtE,sDAAsD;IACtD,IAAI,WAAW,KAAsB,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAA,CAAC,CAAC;IAEtE,0DAA0D;IAC1D,IAAI,YAAY,KAAuB,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA,CAAC,CAAC;IAEzE,8BAA8B;IAC9B,IAAI,QAAQ,KAAmB,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAA,CAAC,CAAC;IAEhE,mEAAmE;IACnE,QAAQ,KAAwB,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAA,CAAC,CAAC;IAE1D,sDAAsD;IACtD,IAAI,KAAK;QACP,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAA;QAC/B,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,MAAM;YACzD,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,MAAM,CAAC,CAAC,MAAM;YACpD,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,MAAM;YACxD,KAAK,EAAE,GAAG,CAAC,MAAM;SAClB,CAAA;IACH,CAAC;CACF;AAED,yCAAyC;AACzC,mBAAmB;AACnB,yCAAyC;AAEzC;;;;;;;;;GASG;AACH,MAAM,UAAU,kBAAkB,CAChC,KAA0B,EAC1B,KAAkB,EAClB,MAAoC;IAEpC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC,CAAA;IAC3H,CAAC;IACD,OAAO,IAAI,YAAY,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;AAC/C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../../src/core/policy.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../../src/core/policy.ts"],"names":[],"mappings":"AAsBA,OAAO,KAAK,EACV,YAAY,EAAE,cAAc,EAAE,aAAa,EAC3C,eAAe,EAAE,iBAAiB,EAAE,sBAAsB,EAE3D,MAAM,oBAAoB,CAAA;AAC3B,OAAO,KAAK,EAAE,aAAa,EAAe,MAAM,sBAAsB,CAAA;AAMtE;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE;IACvC,OAAO,EAAE,MAAM,CAAA;IACf,cAAc,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,MAAM,EAAE,YAAY,CAAC,QAAQ,CAAC,CAAA;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;CACnB,GAAG,YAAY,CAaf;AAED,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,YAAY,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CAU7F;AAMD;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE;IACnC,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,eAAe,CAAA;IAC1B,iBAAiB,EAAE,iBAAiB,CAAA;IACpC,WAAW,EAAE,MAAM,CAAA;IACnB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,mBAAmB,EAAE,MAAM,CAAA;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAA;CAC5B,GAAG,cAAc,CAkCjB;AAED,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,cAAc,GACvB;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CAWtC;AAMD;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE;IACxC,MAAM,EAAE,YAAY,CAAA;IACpB,QAAQ,EAAE,cAAc,CAAA;IACxB,OAAO,EAAE,aAAa,CAAA;IACtB,kBAAkB,EAAE,MAAM,CAAA;CAC3B,GAAG,aAAa,CAwBhB;AAED,wBAAgB,mBAAmB,CACjC,aAAa,EAAE,aAAa,EAC5B,iBAAiB,EAAE,MAAM,GACxB;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CAUtC;AAeD,qBAAa,gBAAiB,YAAW,eAAe;IACtD,QAAQ,CAAC,OAAO,SAAQ;IACxB,QAAQ,CAAC,IAAI,wBAAuB;IAEpC,QAAQ,CACN,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,EACvC,GAAG,EAAE,iBAAiB,GACrB,sBAAsB;IAwHzB,OAAO,CAAC,iBAAiB;IAazB,OAAO,CAAC,aAAa;IAarB,OAAO,CAAC,UAAU;IAiBlB,OAAO,CAAC,iBAAiB;IAazB,OAAO,CAAC,iBAAiB;IAoBzB,OAAO,CAAC,UAAU;CAuBnB;AAMD;;;;;;;;;GASG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE;IAClC,OAAO,EAAE,MAAM,CAAA;IACf,cAAc,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,YAAY,EAAE,MAAM,CAAA;IACpB,MAAM,EAAE,YAAY,CAAC,QAAQ,CAAC,CAAA;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,eAAe,CAAA;IAC1B,iBAAiB,EAAE,iBAAiB,CAAA;IACpC,WAAW,EAAE,MAAM,CAAA;IACnB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,mBAAmB,EAAE,MAAM,CAAA;CAC5B,GAAG;IAAE,MAAM,EAAE,YAAY,CAAC;IAAC,QAAQ,EAAE,cAAc,CAAA;CAAE,CAoBrD"}
|
package/dist/src/core/policy.js
CHANGED
|
@@ -165,30 +165,72 @@ export class FloorValidatorV1 {
|
|
|
165
165
|
name = 'floor-validator-v1';
|
|
166
166
|
evaluate(intent, ctx) {
|
|
167
167
|
const evals = [];
|
|
168
|
+
const auditFindings = [];
|
|
169
|
+
const warnings = [];
|
|
168
170
|
let dominated = 'permit';
|
|
169
171
|
const constraints = [];
|
|
170
172
|
const reasons = [];
|
|
173
|
+
// Helper: look up enforcement mode for a principle from context
|
|
174
|
+
const getMode = (principleId) => {
|
|
175
|
+
const p = ctx.floorPrinciples?.find(fp => fp.id === principleId);
|
|
176
|
+
if (p?.enforcement?.mode)
|
|
177
|
+
return p.enforcement.mode;
|
|
178
|
+
// Backward compat: technical: true → inline, false → audit
|
|
179
|
+
if (p?.enforcement?.technical === true)
|
|
180
|
+
return 'inline';
|
|
181
|
+
if (p?.enforcement?.technical === false)
|
|
182
|
+
return 'audit';
|
|
183
|
+
// Default: F-001 through F-005 → inline, F-006/F-007 → audit
|
|
184
|
+
const num = parseInt(principleId.replace('F-', ''), 10);
|
|
185
|
+
return num <= 5 ? 'inline' : 'audit';
|
|
186
|
+
};
|
|
187
|
+
// Helper: handle a check result based on enforcement mode
|
|
188
|
+
const handleResult = (eval_) => {
|
|
189
|
+
const mode = getMode(eval_.principleId);
|
|
190
|
+
eval_.enforcementMode = mode;
|
|
191
|
+
evals.push(eval_);
|
|
192
|
+
if (eval_.status === 'fail') {
|
|
193
|
+
switch (mode) {
|
|
194
|
+
case 'inline':
|
|
195
|
+
// Hard failure — will deny
|
|
196
|
+
reasons.push(`${eval_.principleName}: ${eval_.detail}`);
|
|
197
|
+
break;
|
|
198
|
+
case 'audit':
|
|
199
|
+
// Logged for human review — action proceeds
|
|
200
|
+
auditFindings.push(eval_);
|
|
201
|
+
break;
|
|
202
|
+
case 'warn':
|
|
203
|
+
// Surfaced immediately — action proceeds
|
|
204
|
+
warnings.push(eval_);
|
|
205
|
+
break;
|
|
206
|
+
}
|
|
207
|
+
}
|
|
208
|
+
};
|
|
171
209
|
// F-001: Traceability — is the agent registered?
|
|
172
|
-
|
|
210
|
+
handleResult(this.checkTraceability(ctx));
|
|
173
211
|
// F-002: Honest Identity — valid attestation?
|
|
174
|
-
|
|
212
|
+
handleResult(this.checkIdentity(ctx));
|
|
175
213
|
// F-003: Scoped Authority — action within scope?
|
|
176
|
-
|
|
214
|
+
handleResult(this.checkScope(intent, ctx));
|
|
177
215
|
// F-004: Revocability — delegation not revoked?
|
|
178
|
-
|
|
216
|
+
handleResult(this.checkRevocability(ctx));
|
|
179
217
|
// F-005: Auditability — delegation not expired, depth ok?
|
|
180
|
-
|
|
181
|
-
// F-006: Non-Deception —
|
|
218
|
+
handleResult(this.checkAuditability(ctx));
|
|
219
|
+
// F-006: Non-Deception — v1 can't check this technically
|
|
220
|
+
const f006Mode = getMode('F-006');
|
|
182
221
|
evals.push({
|
|
183
222
|
principleId: 'F-006', principleName: 'Non-Deception',
|
|
184
223
|
status: 'not_applicable',
|
|
185
|
-
detail: 'Requires reasoning-level evaluation (v2+)'
|
|
224
|
+
detail: 'Requires reasoning-level evaluation (v2+)',
|
|
225
|
+
enforcementMode: f006Mode
|
|
186
226
|
});
|
|
187
|
-
// F-007: Proportionality —
|
|
227
|
+
// F-007: Proportionality — v1 can't check this technically
|
|
228
|
+
const f007Mode = getMode('F-007');
|
|
188
229
|
evals.push({
|
|
189
230
|
principleId: 'F-007', principleName: 'Proportionality',
|
|
190
231
|
status: 'not_applicable',
|
|
191
|
-
detail: 'Requires reputation context (v2+)'
|
|
232
|
+
detail: 'Requires reputation context (v2+)',
|
|
233
|
+
enforcementMode: f007Mode
|
|
192
234
|
});
|
|
193
235
|
// Check spend — if over limit, narrow instead of deny
|
|
194
236
|
const spendCheck = this.checkSpend(intent, ctx);
|
|
@@ -203,11 +245,10 @@ export class FloorValidatorV1 {
|
|
|
203
245
|
reasons.push(spendCheck.reason);
|
|
204
246
|
}
|
|
205
247
|
}
|
|
206
|
-
// Any
|
|
207
|
-
const
|
|
208
|
-
if (
|
|
248
|
+
// Any inline failure → deny (only inline failures block)
|
|
249
|
+
const inlineFailures = evals.filter(e => e.status === 'fail' && e.enforcementMode === 'inline');
|
|
250
|
+
if (inlineFailures.length > 0) {
|
|
209
251
|
dominated = 'deny';
|
|
210
|
-
reasons.push(...failures.map(f => `${f.principleName}: ${f.detail}`));
|
|
211
252
|
}
|
|
212
253
|
return {
|
|
213
254
|
verdict: dominated,
|
|
@@ -215,7 +256,19 @@ export class FloorValidatorV1 {
|
|
|
215
256
|
constraints: constraints.length > 0 ? constraints : undefined,
|
|
216
257
|
reason: reasons.length > 0
|
|
217
258
|
? reasons.join('; ')
|
|
218
|
-
:
|
|
259
|
+
: auditFindings.length > 0
|
|
260
|
+
? `Permitted with ${auditFindings.length} audit finding(s)`
|
|
261
|
+
: warnings.length > 0
|
|
262
|
+
? `Permitted with ${warnings.length} warning(s)`
|
|
263
|
+
: 'All checks passed',
|
|
264
|
+
// Graduated enforcement output
|
|
265
|
+
auditFindings: auditFindings.length > 0 ? auditFindings : undefined,
|
|
266
|
+
warnings: warnings.length > 0 ? warnings : undefined,
|
|
267
|
+
enforcement: {
|
|
268
|
+
inlinePassed: inlineFailures.length === 0,
|
|
269
|
+
auditIssueCount: auditFindings.length,
|
|
270
|
+
warningCount: warnings.length
|
|
271
|
+
}
|
|
219
272
|
};
|
|
220
273
|
}
|
|
221
274
|
checkTraceability(ctx) {
|