attestix 0.4.0

package/CHANGELOG.md

@@ -0,0 +1,62 @@
+# Changelog
+
+All notable changes to the `attestix` npm package are documented here.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.4.0] - 2026-05-30
+
+Version alignment to the Attestix 0.4.0 release line — the JS/TS engine now
+shares its name and version with the Python `attestix` 0.4.0 stable release on
+PyPI and the other verifier ports (Go, Rust, Java, R), so the story is "same
+name, same version, same conformance suite, every ecosystem."
+
+### Changed
+
+- Bumped `0.2.0` → `0.4.0` to match the Attestix 0.4.0 release across all engines.
+- `description` now states that the package verifies credentials and delegation
+  chains issued by **Attestix 0.4.0** and conforms to the shared `spec/verify/v1`
+  vectors.
+
+### Added
+
+- **Shared cross-language conformance vectors.** `tests/conformance.test.ts`
+  loads the authoritative `vectors.json` from the foundation repo
+  (`VibeTensor/attestix:spec/verify/v1`, attestix 0.4.0) and drives every kind
+  through the public API — `canonicalize`, `didKeyToPublicKey`,
+  `verifyCredential`, and `verifyDelegationChain`. This is the **same** suite the
+  Go / Rust / Java / R ports must reproduce byte-for-byte, so the npm engine is
+  now on the identical conformance contract. The vectors are vendored at
+  `tests/vectors/conformance/vectors.json`.
+  - Note: the `canon-001` vector includes `9007199254740993` (2^53 + 1), which a
+    JS `number` cannot represent exactly; the test accounts for that known
+    runtime limitation and still asserts the rest byte-for-byte.
+
+### Notes
+
+- **Publishing is not yet done.** The unscoped `attestix` name is claimed on npm
+  but not published; this release is staged for a future token-free publish via
+  GitHub Release (OIDC trusted publishing, `.github/workflows/publish.yml`). The
+  currently published artifact remains the scoped, stale
+  `@vibetensor/attestix@0.2.0`.
+
+## [0.2.0]
+
+### Added
+
+- Offline, cross-engine verification of Attestix Ed25519-signed W3C Verifiable
+  Credentials / Presentations and UCAN-style delegation chains (`verifyCredential`,
+  `verifyPresentation`, `verifyDelegationChain`) plus the lower-level
+  `canonicalize`, `did:key` codec, and raw `verifyEd25519` primitives. No network
+  access; one small audited dependency (`@noble/curves`). Tracks the cross-engine
+  interop work in [attestix#7](https://github.com/VibeTensor/attestix/issues/7).
+- Claimed the bare `attestix` name on npm (renamed from `@vibetensor/attestix`).
+
+## [0.1.0]
+
+### Added
+
+- Initial REST client (`AttestixClient`) for the Attestix API: identity,
+  credentials, compliance, reputation, provenance, delegation, DID, and
+  blockchain anchoring, with typed errors and automatic retry/backoff.

package/LICENSE

@@ -0,0 +1,190 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to the Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by the Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding any notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2026 VibeTensor Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -0,0 +1,296 @@
+# attestix
+
+[![version](https://img.shields.io/badge/version-0.4.0-blue)](https://github.com/VibeTensor/attestix-js)
+
+TypeScript SDK and offline verifier for [Attestix](https://github.com/VibeTensor/attestix) - Attestation Infrastructure for AI Agents.
+
+This is the JavaScript/TypeScript engine in the Attestix family. Version **0.4.0**
+is aligned with the Attestix 0.4.0 release line: the same name, the same version,
+and the same conformance suite across every ecosystem (Python on PyPI, this package
+on npm, and the Go / Rust / Java / R verifier ports). A credential or delegation
+issued by Attestix 0.4.0 (in any engine) verifies here, byte-for-byte, offline.
+
+Provides typed client methods for identity management, verifiable credentials, compliance tracking, reputation scoring, provenance recording, delegation chains, DID operations, and blockchain anchoring.
+
+## Installation
+
+```bash
+npm install attestix
+```
+
+> **Heads-up on the package name (transition state).** The unscoped `attestix`
+> name on npm is claimed but **not yet published** — the unscoped publish is
+> pending a registry token. Until that lands, the published artifact is the
+> scoped, stale `@vibetensor/attestix@0.2.0`:
+>
+> ```bash
+> npm install @vibetensor/attestix   # currently published (0.2.0)
+> ```
+>
+> Once `attestix@0.4.0` is published, `@vibetensor/attestix` will be deprecated
+> with a pointer to the unscoped name. Prefer `attestix` in new code.
+
+## Quick Start
+
+```typescript
+import { AttestixClient } from 'attestix';
+
+const client = new AttestixClient({
+  baseUrl: 'https://api.attestix.io',
+  apiKey: 'your-api-key',
+});
+
+// Create an agent identity
+const identity = await client.createIdentity({
+  name: 'My AI Agent',
+  type: 'autonomous',
+  capabilities: ['text-generation', 'code-review'],
+});
+
+console.log(identity.agent_id);
+
+// Issue a credential
+const credential = await client.issueCredential({
+  issuer: identity.agent_id,
+  subject: identity.agent_id,
+  type: 'SafetyAudit',
+  claims: { passed: true, score: 95 },
+});
+
+// Verify it
+const result = await client.verifyCredential(credential.credential_id);
+console.log(result.valid); // true
+```
+
+## Offline verification (cross-engine interop)
+
+Since v0.2.0 the package can verify Attestix Ed25519-signed **W3C Verifiable
+Credentials / Presentations** and **UCAN-style delegation chains** entirely
+offline — no API call, in Node or the browser. The canonical-JSON rules,
+`did:key` codec, and signed-field sets are byte-compatible with the Python
+Attestix engine, so a credential or delegation issued by the Python server
+verifies in JS/TS and vice-versa. This is the cross-engine interop path tracked
+in [attestix#7](https://github.com/VibeTensor/attestix/issues/7); the exact wire
+format and canonicalization rules are documented in [`SPEC.md`](./SPEC.md).
+
+It adds one small, audited dependency (`@noble/curves`) for Ed25519 and no
+network access.
+
+### Cross-language conformance
+
+The verifier is held to the **shared conformance vectors** maintained in the
+foundation repo at
+[`spec/verify/v1`](https://github.com/VibeTensor/attestix/tree/main/spec/verify/v1)
+(canonical-form rules in
+[`README.md`](https://github.com/VibeTensor/attestix/blob/main/spec/verify/v1/README.md),
+verifier surface in
+[`CONFORMANCE.md`](https://github.com/VibeTensor/attestix/blob/main/spec/verify/v1/CONFORMANCE.md)).
+These are the **same** vectors every port (Go, Rust, Java, R, JS) must reproduce
+byte-for-byte. This package runs them in CI
+([`tests/conformance.test.ts`](./tests/conformance.test.ts)) against the
+`vectors.json` for attestix 0.4.0, so the npm engine stays on the exact same
+suite as the others.
+
+### Verify a credential
+
+```typescript
+import { verifyCredential } from 'attestix';
+
+// `vc` is the raw VC JSON (e.g. from issueCredential, a file, or a QR payload)
+const result = verifyCredential(vc);
+
+if (result.valid) {
+  console.log('Issuer:', result.issuer);   // did:key:z...
+  console.log('Subject:', result.subject);
+} else {
+  console.log('Invalid:', result.reason);   // e.g. "Invalid signature"
+}
+
+// Per-check detail:
+// result.checks = { structure_valid, signature_valid, not_expired, not_revoked }
+```
+
+`verifyCredential` recomputes the canonical bytes over the signed fields
+(everything except the mutable `proof` and `credentialStatus`), then verifies
+the `Ed25519Signature2020` proof against the issuer's `did:key`. Revocation can
+only be confirmed against the embedded `credentialStatus`; live revocation is a
+server-side lookup, so `not_revoked` reflects only what is present in the
+document offline.
+
+### Verify a delegation chain
+
+```typescript
+import { verifyDelegationChain } from 'attestix';
+
+// Pass the leaf JWT (its `prf` parent chain is walked automatically),
+// or an explicit array of tokens ordered leaf..root.
+const result = verifyDelegationChain(leafToken);
+
+if (result.valid) {
+  console.log('Effective capabilities:', result.capabilities);
+  console.log('Chain length:', result.links.length);
+}
+```
+
+`verifyDelegationChain` verifies every link's EdDSA JWS signature against its
+issuer `did:key`, walks the full `prf` proof chain, detects cycles, enforces
+expiry/`nbf`, and re-checks **capability attenuation** (each child's `att` must
+be a subset of its parent's `att`) so a forged chain that escalates scope is
+rejected.
+
+### Lower-level primitives
+
+The canonicalizer, `did:key` codec, and raw Ed25519 verify are also exported:
+
+```typescript
+import {
+  canonicalize,        // JSON value -> canonical UTF-8 bytes (Python-compatible)
+  didKeyToPublicKey,   // did:key:z... -> 32-byte Ed25519 public key
+  publicKeyToDidKey,   // 32-byte Ed25519 public key -> did:key:z...
+  verifyEd25519,       // (signature, message, publicKey) -> boolean
+  verifyPresentation,  // verify a Verifiable Presentation + its embedded VCs
+} from 'attestix';
+```
+
+## API Reference
+
+### Identity
+
+| Method | Description |
+|--------|-------------|
+| `createIdentity(params)` | Register a new agent identity |
+| `getIdentity(agentId)` | Retrieve an identity by agent ID |
+| `listIdentities(params?)` | List identities with optional filters |
+| `verifyIdentity(agentId)` | Verify an identity's validity |
+| `translateIdentity(agentId, format)` | Translate identity to another format |
+| `revokeIdentity(agentId, reason?)` | Revoke an identity |
+| `purgeAgentData(agentId)` | Delete all data for an agent |
+
+### Credentials
+
+| Method | Description |
+|--------|-------------|
+| `issueCredential(params)` | Issue a new verifiable credential |
+| `getCredential(credentialId)` | Retrieve a credential |
+| `listCredentials(params?)` | List credentials with filters |
+| `verifyCredential(credentialId)` | Verify a credential |
+| `verifyExternalCredential(credential)` | Verify an externally-issued credential |
+| `revokeCredential(credentialId, reason?)` | Revoke a credential |
+| `createPresentation(params)` | Create a verifiable presentation |
+
+### Compliance
+
+| Method | Description |
+|--------|-------------|
+| `createComplianceProfile(params)` | Create a compliance profile |
+| `getComplianceProfile(profileId)` | Get a compliance profile |
+| `listComplianceProfiles()` | List all compliance profiles |
+| `getComplianceStatus(profileId)` | Get compliance status |
+| `recordAssessment(params)` | Record a compliance assessment |
+| `generateDeclaration(params)` | Generate a declaration of conformity |
+
+### Reputation
+
+| Method | Description |
+|--------|-------------|
+| `recordInteraction(params)` | Record an agent interaction |
+| `getReputation(agentId)` | Get reputation score for an agent |
+| `queryReputation(params?)` | Query reputation scores with filters |
+
+### Provenance
+
+| Method | Description |
+|--------|-------------|
+| `recordTrainingData(params)` | Record training data provenance |
+| `recordModelLineage(params)` | Record model lineage |
+| `logAction(params)` | Log an auditable action |
+| `getProvenance(agentId)` | Get provenance entries for an agent |
+| `getAuditTrail(params?)` | Query the audit trail |
+
+### Delegation
+
+| Method | Description |
+|--------|-------------|
+| `createDelegation(params)` | Create a delegation chain |
+| `listDelegations(params?)` | List delegations |
+| `verifyDelegation(token)` | Verify a delegation token |
+| `revokeDelegation(delegationId)` | Revoke a delegation |
+
+### DID
+
+| Method | Description |
+|--------|-------------|
+| `createDidKey()` | Create a did:key document |
+| `createDidWeb(domain)` | Create a did:web document |
+| `resolveDid(did)` | Resolve a DID to its document |
+
+### Blockchain Anchoring
+
+| Method | Description |
+|--------|-------------|
+| `anchorIdentity(agentId)` | Anchor an identity on-chain |
+| `anchorCredential(credentialId)` | Anchor a credential on-chain |
+| `anchorAuditBatch(entryIds?)` | Anchor a batch of audit entries |
+| `verifyAnchor(anchorId)` | Verify an on-chain anchor |
+| `getAnchorStatus(anchorId)` | Get anchor status |
+| `estimateAnchorCost()` | Estimate anchoring cost |
+
+### Offline Verification
+
+| Function | Description |
+|--------|-------------|
+| `verifyCredential(vc, options?)` | Verify a W3C VC's Ed25519 proof, structure, and expiry offline |
+| `verifyPresentation(vp, options?)` | Verify a VP's holder proof and every embedded credential offline |
+| `verifyDelegationChain(token \| tokens, options?)` | Verify a UCAN/JWT delegation chain (signatures, attenuation, expiry, cycles) |
+| `canonicalize(value)` | Canonical UTF-8 bytes matching the Python engine's JCS form |
+| `didKeyToPublicKey(did)` / `publicKeyToDidKey(bytes)` | did:key (Ed25519) decode / encode |
+| `verifyEd25519(sig, msg, pubKey)` | Raw Ed25519 signature verification |
+
+## Error Handling
+
+The SDK throws typed errors based on HTTP status codes:
+
+```typescript
+import {
+  AttestixAuthError,
+  AttestixNotFoundError,
+  AttestixValidationError,
+  AttestixRateLimitError,
+} from 'attestix';
+
+try {
+  await client.getIdentity('nonexistent');
+} catch (error) {
+  if (error instanceof AttestixNotFoundError) {
+    console.log('Agent not found');
+  } else if (error instanceof AttestixAuthError) {
+    console.log('Invalid API key');
+  } else if (error instanceof AttestixRateLimitError) {
+    console.log(`Rate limited, retry after ${error.retryAfter}s`);
+  }
+}
+```
+
+## Configuration
+
+```typescript
+const client = new AttestixClient({
+  baseUrl: 'https://api.attestix.io',  // Required: API server URL
+  apiKey: 'your-api-key',               // Required: API key
+  timeout: 30000,                        // Optional: request timeout in ms (default: 30000)
+});
+```
+
+The SDK automatically retries on 429 (rate limit) and 503 (service unavailable) responses with exponential backoff.
+
+## License
+
+Apache-2.0
+
+## Links
+
+- [Attestix (parent repo)](https://github.com/VibeTensor/attestix) — the Attestix core engine (Python, PyPI)
+- [Verifier conformance spec](https://github.com/VibeTensor/attestix/tree/main/spec/verify/v1) — shared cross-language vectors + canonical-form rules
+- [Attestix Documentation](https://attestix.io/docs)
+- [GitHub (this package)](https://github.com/VibeTensor/attestix-js)
+- [VibeTensor](https://vibetensor.com)