authproof-sdk 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 AuthProof
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,382 @@
+# AuthProof
+
+**Cryptographically signed delegation receipts for AI agents.**
+
+Define exactly what an AI agent can and can't do. Sign it. Share it. Verify it anywhere.
+
+```js
+import AuthProof from 'authproof';
+
+const { privateKey, publicJwk } = await AuthProof.generateKey();
+
+const { receiptId, systemPrompt } = await AuthProof.create({
+  scope:        'Search the web for competitor pricing and summarize findings.',
+  boundaries:   'Do not send emails. Do not make purchases.',
+  instructions: 'Cite every source. Keep the report under 500 words.',
+  ttlHours:     4,
+  privateKey,
+  publicJwk,
+});
+
+// Paste systemPrompt into any AI chat or agent system prompt
+```
+
+---
+
+## The Problem
+
+AI agents are taking real actions — browsing the web, scheduling meetings, sending emails, making purchases. But there's no standard way to define what an agent is authorized to do, or prove it after the fact.
+
+AuthProof fixes that with a simple, tamper-proof delegation receipt:
+
+- **Cryptographically signed** — ECDSA P-256 via the native Web Crypto API
+- **Content-addressed** — SHA-256 proof ID that changes if anything is modified
+- **Time-windowed** — auto-expires, no open-ended permissions
+- **Instantly revocable** — one call to invalidate
+- **Zero dependencies** — works in Node.js, browsers, Deno, Bun, Cloudflare Workers
+
+---
+
+## Install
+
+```bash
+npm install authproof
+```
+
+Or load directly in a browser / Deno:
+
+```js
+import AuthProof from 'https://esm.sh/authproof@1';
+```
+
+---
+
+## Quick Start
+
+### 1. Generate a key pair
+
+```js
+import AuthProof from 'authproof';
+
+const { privateKey, publicJwk, privateJwk } = await AuthProof.generateKey();
+
+// Store privateJwk securely (env var, secrets manager, etc.)
+// publicJwk is safe to store anywhere
+```
+
+### 2. Create a receipt
+
+```js
+const { receipt, receiptId, systemPrompt } = await AuthProof.create({
+  scope:        'Read the user\'s calendar for the next 7 days and identify conflicts.',
+  boundaries:   'Do not create, edit, or delete calendar events. Do not read emails.',
+  instructions: 'Present the 3 best available slots with a brief reason for each.',
+  ttlHours:     1,           // Expires in 1 hour
+  privateKey,
+  publicJwk,
+  agentId:      'calendar-agent-v1',   // optional
+  metadata:     { requestedBy: 'user@example.com' },  // optional
+});
+
+console.log(receiptId);    // 64-char SHA-256 proof ID
+console.log(systemPrompt); // ready-to-paste AI system prompt
+```
+
+### 3. Use the system prompt
+
+Paste `systemPrompt` into any AI:
+
+```
+You are authorized to act within the following scope:
+
+Read the user's calendar for the next 7 days and identify conflicts.
+
+You must not:
+Do not create, edit, or delete calendar events. Do not read emails.
+
+Operator instructions:
+Present the 3 best available slots with a brief reason for each.
+
+This authorization is valid until: Apr 5, 2026, 3:00 PM
+Authorization ID: a3f9c2...
+```
+
+### 4. Verify a receipt
+
+```js
+const result = await AuthProof.verify(receipt, receiptId, {
+  action: 'Check calendar for next Tuesday and find a free hour',
+});
+
+if (result.authorized) {
+  console.log('✓ Action authorized');
+} else {
+  console.log('✗ Denied:', result.checks.filter(c => !c.passed));
+}
+```
+
+---
+
+## API Reference
+
+### `AuthProof.generateKey()`
+
+Generate a new ECDSA P-256 signing key pair.
+
+```js
+const { privateKey, publicJwk, privateJwk } = await AuthProof.generateKey();
+```
+
+Returns:
+- `privateKey` — `CryptoKey` for signing
+- `publicJwk` — plain object, safe to store publicly
+- `privateJwk` — plain object, **store securely**
+
+---
+
+### `AuthProof.importPrivateKey(privateJwk)`
+
+Load a signing key from a stored JWK (e.g., from an env var).
+
+```js
+const privateJwk = JSON.parse(process.env.AUTHPROOF_PRIVATE_JWK);
+const privateKey = await AuthProof.importPrivateKey(privateJwk);
+```
+
+---
+
+### `AuthProof.create(options)`
+
+Create a signed delegation receipt.
+
+| Option | Type | Required | Description |
+|---|---|---|---|
+| `scope` | string | ✓ | What the AI is authorized to do |
+| `boundaries` | string | ✓ | What the AI must never do |
+| `instructions` | string | ✓ | How the AI should approach the task |
+| `ttlHours` | number | — | Validity window in hours (default: `1`) |
+| `privateKey` | CryptoKey | ✓ | ECDSA P-256 signing key |
+| `publicJwk` | object | ✓ | Corresponding public key JWK |
+| `agentId` | string | — | Optional agent identifier |
+| `metadata` | object | — | Optional arbitrary metadata |
+
+Returns `{ receipt, receiptId, systemPrompt }`.
+
+---
+
+### `AuthProof.verify(receipt, receiptId, options?)`
+
+Verify a receipt locally — no network required.
+
+```js
+const result = await AuthProof.verify(receipt, receiptId, {
+  revoked: false,   // pass true if you've marked it revoked in your store
+  action:  'Proposed action text to scope-check',
+});
+```
+
+Returns:
+```js
+{
+  authorized: true | false,
+  result: 'Human-readable verdict',
+  checks: [
+    { name: 'Not revoked',       passed: true,  detail: 'Active' },
+    { name: 'Within time window',passed: true,  detail: 'Expires Apr 5, 2026' },
+    { name: 'Signature valid',   passed: true,  detail: 'ECDSA P-256 verified' },
+    { name: 'Receipt ID matches',passed: true,  detail: 'SHA-256 hash verified' },
+    { name: 'Instructions intact',passed: true, detail: 'Instructions hash verified' },
+    // if action provided:
+    { name: 'Action within scope', passed: true, detail: '72% keyword match' },
+    { name: 'Action not blocked',  passed: true, detail: '8% overlap with boundaries' },
+  ],
+  receiptContext: { scope, boundaries, operatorInstructions, timeWindow, ... }
+}
+```
+
+---
+
+### `AuthProof.buildSystemPrompt(receipt, receiptId, verifyUrl?)`
+
+Build a ready-to-use system prompt from a receipt.
+
+```js
+const prompt = AuthProof.buildSystemPrompt(receipt, receiptId, 'https://authproof.dev');
+```
+
+---
+
+### `AuthProof.checkScope(action, receipt)`
+
+Quick keyword-overlap scope check without full verification.
+
+```js
+const { withinScope, scopeScore, boundaryScore } = AuthProof.checkScope(
+  'Search Google for competitor pricing',
+  receipt
+);
+// { withinScope: true, scopeScore: 72, boundaryScore: 5 }
+```
+
+---
+
+### `AuthProof.isActive(receipt, revoked?)`
+
+Returns `true` if the receipt is currently within its time window and not revoked.
+
+```js
+AuthProof.isActive(receipt);           // true
+AuthProof.isActive(receipt, true);     // false (revoked)
+```
+
+---
+
+### `AuthProof.secondsRemaining(receipt)`
+
+Seconds until the receipt expires. Returns `0` if already expired.
+
+```js
+const secs = AuthProof.secondsRemaining(receipt);
+console.log(`Expires in ${Math.floor(secs / 60)} minutes`);
+```
+
+---
+
+### `AuthProof.receiptId(receipt)`
+
+Compute the SHA-256 receipt ID from a receipt object.
+
+```js
+const id = await AuthProof.receiptId(receipt);
+```
+
+---
+
+## Integrations
+
+### LangChain / LangGraph
+
+```js
+const { systemPrompt, receiptId } = await AuthProof.create({ ... });
+
+const messages = [
+  { role: 'system', content: systemPrompt },
+  { role: 'user',   content: userMessage },
+];
+
+// Pass to your LangChain chain or LangGraph node
+```
+
+### n8n
+
+In a **Code node** before your AI node:
+
+```js
+const AuthProof = require('authproof');
+const privateKey = await AuthProof.importPrivateKey(JSON.parse($env.AUTHPROOF_PRIVATE_JWK));
+const publicJwk  = JSON.parse($env.AUTHPROOF_PUBLIC_JWK);
+
+const { systemPrompt, receiptId } = await AuthProof.create({
+  scope:        $input.item.json.scope,
+  boundaries:   $input.item.json.boundaries,
+  instructions: $input.item.json.instructions,
+  ttlHours:     1,
+  privateKey,
+  publicJwk,
+});
+
+return [{ json: { ...$input.item.json, systemPrompt, receiptId } }];
+```
+
+### Express.js Middleware
+
+```js
+import { authproofMiddleware } from 'authproof/examples/integrations.js';
+
+app.use('/api/agent', authproofMiddleware(receiptStore));
+// Agent must send: X-AuthProof-Receipt-Id header
+```
+
+### Cloudflare Workers / Deno
+
+```js
+import AuthProof from 'https://esm.sh/authproof@1';
+// All APIs work identically — uses native Web Crypto
+```
+
+---
+
+## Receipt Schema
+
+```json
+{
+  "delegationId":         "auth-1712345678901-a3f9c",
+  "issuedAt":             "2026-04-05T14:00:00.000Z",
+  "scope":                "Search the web for competitor pricing...",
+  "boundaries":           "Do not send emails. Do not make purchases.",
+  "timeWindow": {
+    "start":              "2026-04-05T14:00:00.000Z",
+    "end":                "2026-04-05T18:00:00.000Z"
+  },
+  "operatorInstructions": "Cite every source. Keep under 500 words.",
+  "instructionsHash":     "a3f9c2d1...",
+  "signerPublicKey": {
+    "kty": "EC", "crv": "P-256", "x": "...", "y": "..."
+  },
+  "agentId":              "my-agent-v1",
+  "metadata":             {},
+  "signature":            "3045022100..."
+}
+```
+
+The **receipt ID** is `SHA-256(JSON.stringify(receipt))` — if any field changes, the ID changes.
+
+---
+
+## Supabase Backend (optional)
+
+For persistent receipts with remote verify/revoke, deploy the included Edge Functions.
+See the SQL schema and function code in [`examples/integrations.js`](examples/integrations.js).
+
+```sql
+create table receipts (
+  hash                 text primary key,
+  delegation_id        text not null,
+  scope                text not null,
+  boundaries           text not null,
+  time_window_start    timestamptz not null,
+  time_window_end      timestamptz not null,
+  operator_instructions text not null,
+  instructions_hash    text not null,
+  signer_public_key    jsonb not null,
+  signature            text not null,
+  issued_at            timestamptz not null,
+  revoked              boolean default false,
+  revoked_at           timestamptz
+);
+```
+
+---
+
+## Interactive Tool
+
+Not a developer? Use the **[AuthProof web app](https://authproof.dev)** — no code required.  
+Create, verify, and manage receipts visually in your browser.
+
+---
+
+## License
+
+MIT — free for personal and commercial use.
+
+---
+
+## Contributing
+
+PRs welcome. Run tests with:
+
+```bash
+node tests/authproof.test.js
+```
+
+40 tests, zero dependencies, zero build step required.

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "authproof-sdk",
+  "version": "1.0.0",
+  "description": "Cryptographically signed delegation receipts for AI agents. Define exactly what an AI can and can't do — signed, verifiable, tamper-proof.",
+  "main": "src/authproof.js",
+  "module": "src/authproof.js",
+  "type": "module",
+  "exports": {
+    ".": {
+      "import": "./src/authproof.js",
+      "require": "./src/authproof.cjs.js",
+      "default": "./src/authproof.js"
+    }
+  },
+  "scripts": {
+    "test": "node --experimental-vm-modules tests/authproof.test.js",
+    "build:cjs": "node scripts/build-cjs.js"
+  },
+  "keywords": [
+    "ai",
+    "agents",
+    "authorization",
+    "delegation",
+    "receipt",
+    "cryptography",
+    "ecdsa",
+    "permissions",
+    "ai-safety",
+    "llm",
+    "agent-security"
+  ],
+  "author": "AuthProof",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Commonguy25/authproof-sdk"
+  },
+  "homepage": "https://authproof.dev",
+  "bugs": {
+    "url": "https://github.com/Commonguy25/authproof-sdk/issues"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "files": [
+    "src/",
+    "README.md",
+    "LICENSE"
+  ],
+  "devDependencies": {}
+}

package/src/authproof.js

@@ -0,0 +1,446 @@
+/**
+ * AuthProof SDK
+ * Cryptographically signed delegation receipts for AI agents.
+ *
+ * Works in: Node.js 18+, modern browsers, Deno, Bun, Cloudflare Workers
+ * Zero dependencies. Uses native Web Crypto API everywhere.
+ *
+ * @version 1.0.0
+ * @license MIT
+ */
+
+'use strict';
+
+// ─────────────────────────────────────────────
+// CRYPTO PRIMITIVES
+// ─────────────────────────────────────────────
+
+const _enc = s => new TextEncoder().encode(s);
+const _hex = b => Array.from(new Uint8Array(b)).map(x => x.toString(16).padStart(2, '0')).join('');
+const _fromHex = h => new Uint8Array(h.match(/.{2}/g).map(b => parseInt(b, 16)));
+
+async function _sha256(str) {
+  const buf = await crypto.subtle.digest('SHA-256', _enc(str));
+  return _hex(buf);
+}
+
+async function _generateKeyPair() {
+  return crypto.subtle.generateKey(
+    { name: 'ECDSA', namedCurve: 'P-256' },
+    true,
+    ['sign', 'verify']
+  );
+}
+
+async function _exportPublicJwk(publicKey) {
+  const jwk = await crypto.subtle.exportKey('jwk', publicKey);
+  const { kty, crv, x, y } = jwk;
+  return { kty, crv, x, y };
+}
+
+async function _sign(privateKey, str) {
+  const sig = await crypto.subtle.sign(
+    { name: 'ECDSA', hash: 'SHA-256' },
+    privateKey,
+    _enc(str)
+  );
+  return _hex(sig);
+}
+
+async function _verify(publicJwk, signature, str) {
+  try {
+    const pk = await crypto.subtle.importKey(
+      'jwk',
+      { ...publicJwk, key_ops: ['verify'] },
+      { name: 'ECDSA', namedCurve: 'P-256' },
+      false,
+      ['verify']
+    );
+    return crypto.subtle.verify(
+      { name: 'ECDSA', hash: 'SHA-256' },
+      pk,
+      _fromHex(signature),
+      _enc(str)
+    );
+  } catch {
+    return false;
+  }
+}
+
+// ─────────────────────────────────────────────
+// SCOPE MATCHING
+// ─────────────────────────────────────────────
+
+const STOP_WORDS = new Set([
+  'the','a','an','and','or','but','in','on','at','to','for','of','with',
+  'by','from','is','are','was','were','be','been','have','has','had','do',
+  'does','did','will','would','could','should','may','might','can','not',
+  'no','this','that','these','those','i','you','he','she','it','we','they',
+  'what','which','who','all','any','each','some','only','just','as','if',
+  'then','up','out'
+]);
+
+function _tokenize(text) {
+  return new Set(
+    text.toLowerCase()
+      .split(/[\s,;:.()\[\]{}'"""]+/)
+      .filter(w => w.length > 3 && !STOP_WORDS.has(w))
+  );
+}
+
+function _overlapScore(a, b) {
+  const ta = _tokenize(a);
+  const tb = _tokenize(b);
+  if (ta.size === 0) return 0;
+  let hits = 0;
+  for (const w of ta) if (tb.has(w)) hits++;
+  return hits / ta.size;
+}
+
+/**
+ * Check if a proposed action falls within scope and doesn't violate boundaries.
+ * Returns { withinScope: boolean, scopeScore: number, boundaryScore: number }
+ */
+function checkScope(action, receipt) {
+  const scopeScore    = _overlapScore(action, receipt.scope);
+  const boundaryScore = _overlapScore(action, receipt.boundaries);
+  return {
+    withinScope:    scopeScore >= 0.3 && boundaryScore < 0.5,
+    scopeScore:     Math.round(scopeScore * 100),
+    boundaryScore:  Math.round(boundaryScore * 100),
+  };
+}
+
+// ─────────────────────────────────────────────
+// KEY MANAGEMENT
+// ─────────────────────────────────────────────
+
+/**
+ * Generate a new ECDSA P-256 signing key pair.
+ * Returns exportable JWK representations for storage.
+ *
+ * @returns {{ privateJwk: object, publicJwk: object, privateKey: CryptoKey, publicKey: CryptoKey }}
+ */
+async function generateKey() {
+  const kp = await _generateKeyPair();
+  const privateJwk = await crypto.subtle.exportKey('jwk', kp.privateKey);
+  const publicJwk  = await _exportPublicJwk(kp.publicKey);
+  return {
+    privateKey: kp.privateKey,
+    publicKey:  kp.publicKey,
+    privateJwk,
+    publicJwk,
+  };
+}
+
+/**
+ * Load a signing key from a stored private JWK.
+ * @param {object} privateJwk
+ * @returns {CryptoKey}
+ */
+async function importPrivateKey(privateJwk) {
+  return crypto.subtle.importKey(
+    'jwk',
+    privateJwk,
+    { name: 'ECDSA', namedCurve: 'P-256' },
+    false,
+    ['sign']
+  );
+}
+
+// ─────────────────────────────────────────────
+// RECEIPT CREATION
+// ─────────────────────────────────────────────
+
+/**
+ * Create a signed delegation receipt.
+ *
+ * @param {object} options
+ * @param {string}      options.scope          - What the AI is authorized to do
+ * @param {string}      options.boundaries     - What the AI must never do
+ * @param {string}      options.instructions   - Operator instructions locked into the receipt
+ * @param {number}      [options.ttlHours=1]   - How long the receipt is valid (hours)
+ * @param {CryptoKey}   options.privateKey     - ECDSA P-256 private signing key
+ * @param {object}      options.publicJwk      - Corresponding public key JWK
+ * @param {string}      [options.agentId]      - Optional identifier for the agent being authorized
+ * @param {object}      [options.metadata]     - Optional arbitrary metadata attached to receipt
+ *
+ * @returns {{ receipt: object, receiptId: string, systemPrompt: string }}
+ */
+async function create(options) {
+  const {
+    scope,
+    boundaries,
+    instructions,
+    ttlHours = 1,
+    privateKey,
+    publicJwk,
+    agentId,
+    metadata,
+  } = options;
+
+  if (!scope)        throw new Error('AuthProof: scope is required');
+  if (!boundaries)   throw new Error('AuthProof: boundaries is required');
+  if (!instructions) throw new Error('AuthProof: instructions is required');
+  if (!privateKey)   throw new Error('AuthProof: privateKey is required');
+  if (!publicJwk)    throw new Error('AuthProof: publicJwk is required');
+
+  const now  = new Date();
+  const end  = new Date(now.getTime() + ttlHours * 3_600_000);
+  const id   = `auth-${now.getTime()}-${Math.random().toString(36).slice(2, 7)}`;
+  const instructionsHash = await _sha256(instructions);
+
+  const { kty, crv, x, y } = publicJwk;
+
+  const body = {
+    delegationId:         id,
+    issuedAt:             now.toISOString(),
+    scope,
+    boundaries,
+    timeWindow:           { start: now.toISOString(), end: end.toISOString() },
+    operatorInstructions: instructions,
+    instructionsHash,
+    signerPublicKey:      { kty, crv, x, y },
+    ...(agentId   ? { agentId }   : {}),
+    ...(metadata  ? { metadata }  : {}),
+  };
+
+  const signature = await _sign(privateKey, JSON.stringify(body));
+  const receipt   = { ...body, signature };
+  const receiptId = await _sha256(JSON.stringify(receipt));
+
+  return {
+    receipt,
+    receiptId,
+    systemPrompt: buildSystemPrompt(receipt, receiptId),
+  };
+}
+
+// ─────────────────────────────────────────────
+// RECEIPT VERIFICATION
+// ─────────────────────────────────────────────
+
+/**
+ * Verify a receipt locally (no network call).
+ * Checks: found, not revoked, within time window, signature valid, hash matches,
+ * and optionally whether a proposed action falls within scope.
+ *
+ * @param {object}  receipt           - The receipt object
+ * @param {string}  receiptId         - The SHA-256 receipt ID to verify against
+ * @param {object}  [options]
+ * @param {boolean} [options.revoked] - Whether the receipt has been revoked (from your store)
+ * @param {string}  [options.action]  - Proposed action to scope-check
+ *
+ * @returns {{ authorized: boolean, checks: Array, receiptContext: object }}
+ */
+async function verify(receipt, receiptId, options = {}) {
+  const { revoked = false, action } = options;
+  const checks = [];
+
+  // 1. Not revoked
+  const notRevoked = !revoked && !receipt.revoked;
+  checks.push({
+    name:   'Not revoked',
+    passed: notRevoked,
+    detail: notRevoked ? 'Active' : 'This authorization has been revoked',
+  });
+
+  // 2. Within time window
+  const now = new Date();
+  const start = new Date(receipt.timeWindow.start);
+  const end   = new Date(receipt.timeWindow.end);
+  const inWindow = now >= start && now <= end;
+  checks.push({
+    name:   'Within time window',
+    passed: inWindow,
+    detail: inWindow
+      ? `Expires ${end.toLocaleString()}`
+      : now < start
+        ? `Not yet valid — starts ${start.toLocaleString()}`
+        : `Expired ${end.toLocaleString()}`,
+  });
+
+  // 3. Signature valid
+  const { signature, ...bodyWithoutSig } = receipt;
+  const sigValid = await _verify(
+    receipt.signerPublicKey,
+    signature,
+    JSON.stringify(bodyWithoutSig)
+  );
+  checks.push({
+    name:   'Signature valid',
+    passed: sigValid,
+    detail: sigValid
+      ? 'Cryptographic signature verified (ECDSA P-256)'
+      : 'Signature verification failed — receipt may be tampered',
+  });
+
+  // 4. Receipt ID matches
+  const computedId = await _sha256(JSON.stringify(receipt));
+  const idMatches  = computedId === receiptId;
+  checks.push({
+    name:   'Receipt ID matches',
+    passed: idMatches,
+    detail: idMatches
+      ? 'SHA-256 content hash verified'
+      : 'ID mismatch — receipt content may have been altered',
+  });
+
+  // 5. Instructions hash matches
+  const computedIH = await _sha256(receipt.operatorInstructions);
+  const ihMatches  = computedIH === receipt.instructionsHash;
+  checks.push({
+    name:   'Instructions intact',
+    passed: ihMatches,
+    detail: ihMatches
+      ? 'Instructions hash verified'
+      : 'Instructions hash mismatch — instructions may have been altered',
+  });
+
+  // 6. Optional scope check
+  if (action) {
+    const { withinScope, scopeScore, boundaryScore } = checkScope(action, receipt);
+    checks.push({
+      name:   'Action within scope',
+      passed: scopeScore >= 30,
+      detail: `${scopeScore}% keyword match with authorized scope`,
+    });
+    checks.push({
+      name:   'Action not blocked',
+      passed: boundaryScore < 50,
+      detail: `${boundaryScore}% overlap with off-limits boundaries`,
+    });
+  }
+
+  const authorized = checks.every(c => c.passed);
+
+  return {
+    authorized,
+    result: authorized
+      ? 'This action is authorized'
+      : 'Authorization denied — see checks for details',
+    checks,
+    receiptContext: {
+      scope:                receipt.scope,
+      boundaries:           receipt.boundaries,
+      operatorInstructions: receipt.operatorInstructions,
+      timeWindow:           receipt.timeWindow,
+      issuedAt:             receipt.issuedAt,
+      agentId:              receipt.agentId,
+      revoked,
+    },
+  };
+}
+
+// ─────────────────────────────────────────────
+// SYSTEM PROMPT BUILDER
+// ─────────────────────────────────────────────
+
+/**
+ * Build a ready-to-use system prompt block from a receipt.
+ * Paste this directly into any AI chat or agent system prompt.
+ *
+ * @param {object} receipt
+ * @param {string} receiptId
+ * @param {string} [verifyUrl] - Optional URL to your verify endpoint
+ * @returns {string}
+ */
+function buildSystemPrompt(receipt, receiptId, verifyUrl) {
+  const expiry = new Date(receipt.timeWindow.end).toLocaleString();
+  const verifyLine = verifyUrl
+    ? `\nVerify this authorization: ${verifyUrl}?receipt=${receiptId}`
+    : `\nAuthorization ID: ${receiptId}`;
+
+  return `You are authorized to act within the following scope:
+
+${receipt.scope}
+
+You must not:
+${receipt.boundaries}
+
+Operator instructions:
+${receipt.operatorInstructions}
+
+This authorization is valid until: ${expiry}${verifyLine}
+
+Before taking any significant action, confirm it falls within the authorized scope above. If uncertain, ask for clarification rather than proceeding.`;
+}
+
+// ─────────────────────────────────────────────
+// UTILITY
+// ─────────────────────────────────────────────
+
+/**
+ * Compute the receipt ID (SHA-256 of the full receipt JSON).
+ * Useful for re-deriving the ID from a stored receipt.
+ *
+ * @param {object} receipt
+ * @returns {string}
+ */
+async function receiptId(receipt) {
+  return _sha256(JSON.stringify(receipt));
+}
+
+/**
+ * Check if a receipt is currently active (not expired, not revoked).
+ * @param {object}  receipt
+ * @param {boolean} [revoked=false]
+ * @returns {boolean}
+ */
+function isActive(receipt, revoked = false) {
+  if (revoked || receipt.revoked) return false;
+  const now = new Date();
+  return now >= new Date(receipt.timeWindow.start) && now <= new Date(receipt.timeWindow.end);
+}
+
+/**
+ * Get seconds remaining before a receipt expires.
+ * Returns 0 if already expired.
+ * @param {object} receipt
+ * @returns {number}
+ */
+function secondsRemaining(receipt) {
+  const remaining = new Date(receipt.timeWindow.end) - new Date();
+  return Math.max(0, Math.floor(remaining / 1000));
+}
+
+// ─────────────────────────────────────────────
+// EXPORTS
+// ─────────────────────────────────────────────
+
+const AuthProof = {
+  // Key management
+  generateKey,
+  importPrivateKey,
+
+  // Core protocol
+  create,
+  verify,
+
+  // Utilities
+  buildSystemPrompt,
+  checkScope,
+  receiptId,
+  isActive,
+  secondsRemaining,
+};
+
+// ESM + CJS compatible export
+if (typeof module !== 'undefined' && module.exports) {
+  module.exports = AuthProof;
+} else if (typeof globalThis !== 'undefined') {
+  globalThis.AuthProof = AuthProof;
+}
+
+export default AuthProof;
+export {
+  generateKey,
+  importPrivateKey,
+  create,
+  verify,
+  buildSystemPrompt,
+  checkScope,
+  receiptId,
+  isActive,
+  secondsRemaining,
+};