clawpowers 2.0.0 → 2.2.0

package/native/wasm/pkg-node/clawpowers_wasm_bg.wasm.d.ts

@@ -0,0 +1,40 @@
+/* tslint:disable */
+/* eslint-disable */
+export const memory: WebAssembly.Memory;
+export const __wbg_wasmcanonicalstore_free: (a: number, b: number) => void;
+export const approximateDistance: (a: number, b: number, c: number, d: number, e: number) => [number, number, number];
+export const calculateFee: (a: number, b: number, c: number, d: number, e: number, f: bigint, g: number, h: bigint) => [number, number, number, number];
+export const compressVector: (a: number, b: number, c: number) => [number, number, number, number];
+export const computeKeccak256: (a: number, b: number) => [number, number];
+export const computeSha256: (a: number, b: number) => [number, number];
+export const decompressVector: (a: number, b: number, c: number) => [number, number, number, number];
+export const deriveEthereumAddress: (a: number, b: number) => [number, number, number, number];
+export const derivePublicKey: (a: number, b: number) => [number, number, number, number];
+export const evaluateWriteFirewall: (a: number, b: number) => [number, number, number, number];
+export const getAvailableModules: () => [number, number];
+export const getDefaultTokenRegistry: () => [number, number, number, number];
+export const getVersion: () => [number, number];
+export const signEcdsa: (a: number, b: number, c: number, d: number) => [number, number, number, number];
+export const tokenAmountAdd: (a: number, b: number, c: number, d: number) => [number, number, number, number];
+export const tokenAmountFromHuman: (a: number, b: number) => [number, number, number, number];
+export const tokenAmountMulBps: (a: number, b: number, c: bigint) => [number, number, number, number];
+export const tokenAmountSub: (a: number, b: number, c: number, d: number) => [number, number, number, number];
+export const tokenAmountToHuman: (a: number, b: number) => [number, number, number];
+export const verifyEcdsa: (a: number, b: number, c: number, d: number, e: number, f: number) => [number, number, number];
+export const wasmcanonicalstore_exportJson: (a: number) => [number, number, number, number];
+export const wasmcanonicalstore_get: (a: number, b: number, c: number) => [number, number, number, number];
+export const wasmcanonicalstore_getByHash: (a: number, b: number, c: number) => [number, number, number, number];
+export const wasmcanonicalstore_importJson: (a: number, b: number, c: number) => [number, number, number];
+export const wasmcanonicalstore_insert: (a: number, b: number, c: number) => [number, number, number, number];
+export const wasmcanonicalstore_new: () => [number, number, number];
+export const wasmcanonicalstore_queryNamespace: (a: number, b: number, c: number, d: number) => [number, number, number, number];
+export const wasmcanonicalstore_softDelete: (a: number, b: number, c: number) => [number, number, number];
+export const wasmcanonicalstore_verifyIntegrity: (a: number, b: number, c: number) => [number, number, number];
+export const __wbindgen_exn_store: (a: number) => void;
+export const __externref_table_alloc: () => number;
+export const __wbindgen_externrefs: WebAssembly.Table;
+export const __wbindgen_malloc: (a: number, b: number) => number;
+export const __wbindgen_realloc: (a: number, b: number, c: number, d: number) => number;
+export const __externref_table_dealloc: (a: number) => void;
+export const __wbindgen_free: (a: number, b: number, c: number) => void;
+export const __wbindgen_start: () => void;

package/native/wasm/pkg-node/package.json

@@ -0,0 +1,13 @@
+{
+  "name": "clawpowers-wasm",
+  "description": "WASM bindings for ClawPowers core — tokens, fees, policy, compression, index, canonical, verification, security",
+  "version": "0.1.0",
+  "license": "BUSL-1.1",
+  "files": [
+    "clawpowers_wasm_bg.wasm",
+    "clawpowers_wasm.js",
+    "clawpowers_wasm.d.ts"
+  ],
+  "main": "clawpowers_wasm.js",
+  "types": "clawpowers_wasm.d.ts"
+}

package/native/wasm/src/lib.rs

@@ -0,0 +1,433 @@
+//! WASM bindings for ClawPowers core.
+//!
+//! Exposes the following modules via `wasm-bindgen`:
+//!
+//! - **tokens** — Token registry, token amounts, decimal math
+//! - **fee** — Fee schedule calculation
+//! - **policy** — Spending policy engine
+//! - **compression** — TurboQuant vector compression
+//! - **index** — In-memory vector index
+//! - **canonical** — Canonical record store (in-memory backend for WASM)
+//! - **verification** — Record verification pipeline
+//! - **security** — Write firewall and audit log
+//!
+//! **NOT included (falls back to TypeScript):**
+//! - **wallet** — Uses `alloy-signer-local` which depends on native crypto
+//!   primitives that are not fully WASM-compatible without significant patching.
+//!   The TypeScript fallback uses `ethers.js` / `viem` for equivalent functionality.
+//! - **x402** — Uses `reqwest` with `tokio` runtime; in WASM, HTTP is handled
+//!   natively by `fetch()` in the TypeScript layer.
+
+use wasm_bindgen::prelude::*;
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// Tokens
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/// Create a TokenAmount from a human-readable f64 value and decimal count.
+/// Returns JSON: `{"raw": "...", "decimals": N}`
+#[wasm_bindgen(js_name = "tokenAmountFromHuman")]
+pub fn token_amount_from_human(human: f64, decimals: u8) -> Result<String, JsError> {
+    let amount = clawpowers_tokens::TokenAmount::from_human(human, decimals);
+    Ok(serde_json::to_string(&amount)?)
+}
+
+/// Convert a TokenAmount JSON back to a human-readable f64.
+#[wasm_bindgen(js_name = "tokenAmountToHuman")]
+pub fn token_amount_to_human(json: &str) -> Result<f64, JsError> {
+    let amount: clawpowers_tokens::TokenAmount = serde_json::from_str(json)?;
+    Ok(amount.to_human())
+}
+
+/// Add two TokenAmount JSONs. Returns the sum as JSON.
+#[wasm_bindgen(js_name = "tokenAmountAdd")]
+pub fn token_amount_add(a_json: &str, b_json: &str) -> Result<String, JsError> {
+    let a: clawpowers_tokens::TokenAmount = serde_json::from_str(a_json)?;
+    let b: clawpowers_tokens::TokenAmount = serde_json::from_str(b_json)?;
+    let result = a.add(&b).map_err(|e| JsError::new(&e.to_string()))?;
+    Ok(serde_json::to_string(&result)?)
+}
+
+/// Subtract two TokenAmount JSONs. Returns the difference as JSON.
+#[wasm_bindgen(js_name = "tokenAmountSub")]
+pub fn token_amount_sub(a_json: &str, b_json: &str) -> Result<String, JsError> {
+    let a: clawpowers_tokens::TokenAmount = serde_json::from_str(a_json)?;
+    let b: clawpowers_tokens::TokenAmount = serde_json::from_str(b_json)?;
+    let result = a.sub(&b).map_err(|e| JsError::new(&e.to_string()))?;
+    Ok(serde_json::to_string(&result)?)
+}
+
+/// Multiply a TokenAmount by basis points. Returns result as JSON.
+#[wasm_bindgen(js_name = "tokenAmountMulBps")]
+pub fn token_amount_mul_bps(json: &str, bps: u64) -> Result<String, JsError> {
+    let amount: clawpowers_tokens::TokenAmount = serde_json::from_str(json)?;
+    let result = amount
+        .checked_mul_bps(bps)
+        .ok_or_else(|| JsError::new("overflow in checked_mul_bps"))?;
+    Ok(serde_json::to_string(&result)?)
+}
+
+/// Get the default token registry as JSON.
+#[wasm_bindgen(js_name = "getDefaultTokenRegistry")]
+pub fn get_default_token_registry() -> Result<String, JsError> {
+    let registry = clawpowers_tokens::TokenRegistry::default();
+    let tokens: Vec<_> = registry.iter().collect();
+    Ok(serde_json::to_string(&tokens)?)
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// Fee
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/// Calculate a transaction fee.
+/// Returns JSON: `{"gross_amount": ..., "fee_amount": ..., "net_amount": ...}`
+#[wasm_bindgen(js_name = "calculateFee")]
+pub fn calculate_fee(
+    amount_json: &str,
+    fee_type: &str,
+    tx_fee_bps: Option<u64>,
+    swap_fee_bps: Option<u64>,
+) -> Result<String, JsError> {
+    let amount: clawpowers_tokens::TokenAmount = serde_json::from_str(amount_json)?;
+
+    let fee_type = match fee_type {
+        "transaction" => clawpowers_fee::FeeType::Transaction,
+        "swap" => clawpowers_fee::FeeType::Swap,
+        s if s.starts_with("custom:") => {
+            let bps: u64 = s[7..]
+                .parse()
+                .map_err(|_| JsError::new("invalid custom bps"))?;
+            clawpowers_fee::FeeType::Custom(bps)
+        }
+        _ => return Err(JsError::new("fee_type must be 'transaction', 'swap', or 'custom:N'")),
+    };
+
+    let schedule = clawpowers_fee::FeeSchedule::new(
+        tx_fee_bps.unwrap_or(clawpowers_fee::DEFAULT_TX_FEE_BPS),
+        swap_fee_bps.unwrap_or(clawpowers_fee::DEFAULT_SWAP_FEE_BPS),
+        alloy_primitives::Address::ZERO,
+    );
+
+    let calc = schedule
+        .calculate(amount, fee_type)
+        .map_err(|e| JsError::new(&e.to_string()))?;
+
+    let result = serde_json::json!({
+        "gross_amount": calc.gross_amount.to_human(),
+        "fee_amount": calc.fee_amount.to_human(),
+        "net_amount": calc.net_amount.to_human(),
+    });
+    Ok(serde_json::to_string(&result)?)
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// Compression
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/// Compress a float32 vector. Input: JSON array of f32. Output: CompressedVector JSON.
+#[wasm_bindgen(js_name = "compressVector")]
+pub fn compress_vector(vector_json: &str, dimensions: usize) -> Result<String, JsError> {
+    let vector: Vec<f32> = serde_json::from_str(vector_json)?;
+    let config = clawpowers_compression::CompressionConfig {
+        dimensions,
+        quantization_bits: 8,
+        rotation_seed: 0xDEAD_BEEF_CAFE_1234,
+    };
+    let compressor = clawpowers_compression::TurboCompressor::new(config);
+    let compressed = compressor
+        .compress(&vector)
+        .map_err(|e| JsError::new(&e.to_string()))?;
+    Ok(serde_json::to_string(&compressed)?)
+}
+
+/// Decompress a CompressedVector JSON back to a float32 array JSON.
+#[wasm_bindgen(js_name = "decompressVector")]
+pub fn decompress_vector(compressed_json: &str, dimensions: usize) -> Result<String, JsError> {
+    let compressed: clawpowers_compression::CompressedVector =
+        serde_json::from_str(compressed_json)?;
+    let config = clawpowers_compression::CompressionConfig {
+        dimensions,
+        quantization_bits: 8,
+        rotation_seed: 0xDEAD_BEEF_CAFE_1234,
+    };
+    let compressor = clawpowers_compression::TurboCompressor::new(config);
+    let vector = compressor
+        .decompress(&compressed)
+        .map_err(|e| JsError::new(&e.to_string()))?;
+    Ok(serde_json::to_string(&vector)?)
+}
+
+/// Compute approximate distance between two CompressedVector JSONs.
+#[wasm_bindgen(js_name = "approximateDistance")]
+pub fn approximate_distance(
+    a_json: &str,
+    b_json: &str,
+    dimensions: usize,
+) -> Result<f32, JsError> {
+    let a: clawpowers_compression::CompressedVector = serde_json::from_str(a_json)?;
+    let b: clawpowers_compression::CompressedVector = serde_json::from_str(b_json)?;
+    let config = clawpowers_compression::CompressionConfig {
+        dimensions,
+        quantization_bits: 8,
+        rotation_seed: 0xDEAD_BEEF_CAFE_1234,
+    };
+    let compressor = clawpowers_compression::TurboCompressor::new(config);
+    let dist = compressor
+        .approximate_distance(&a, &b)
+        .map_err(|e| JsError::new(&e.to_string()))?;
+    Ok(dist)
+}
+
+/// Compute SHA-256 hash of content string.
+#[wasm_bindgen(js_name = "computeSha256")]
+pub fn compute_sha256(content: &str) -> String {
+    clawpowers_canonical::compute_sha256(content)
+}
+
+/// Compute Keccak-256 hash of raw bytes (EVM-compatible). Returns `0x` + 64 hex chars.
+#[wasm_bindgen(js_name = "computeKeccak256")]
+pub fn compute_keccak256(bytes: &[u8]) -> String {
+    let h = alloy_primitives::keccak256(bytes);
+    format!("0x{:x}", h)
+}
+
+/// Ethereum address from 32-byte secp256k1 private key (`0x` + 20 bytes, EIP-55 checksum).
+#[wasm_bindgen(js_name = "deriveEthereumAddress")]
+pub fn derive_ethereum_address_wasm(private_key: &[u8]) -> Result<String, JsError> {
+    clawpowers_evm_eth::derive_ethereum_address(private_key).map_err(|e| JsError::new(&e))
+}
+
+/// Uncompressed public key: 64 bytes (x || y), no `0x04` prefix.
+#[wasm_bindgen(js_name = "derivePublicKey")]
+pub fn derive_public_key_wasm(private_key: &[u8]) -> Result<Vec<u8>, JsError> {
+    clawpowers_evm_eth::derive_public_key(private_key).map_err(|e| JsError::new(&e))
+}
+
+/// ECDSA sign 32-byte message hash → 65 bytes (r || s || recovery_id).
+#[wasm_bindgen(js_name = "signEcdsa")]
+pub fn sign_ecdsa_wasm(private_key: &[u8], message_hash: &[u8]) -> Result<Vec<u8>, JsError> {
+    clawpowers_evm_eth::sign_ecdsa(private_key, message_hash).map_err(|e| JsError::new(&e))
+}
+
+#[wasm_bindgen(js_name = "verifyEcdsa")]
+pub fn verify_ecdsa_wasm(
+    public_key: &[u8],
+    message_hash: &[u8],
+    signature: &[u8],
+) -> Result<bool, JsError> {
+    clawpowers_evm_eth::verify_ecdsa(public_key, message_hash, signature).map_err(|e| JsError::new(&e))
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// Canonical Store
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/// Opaque handle to an in-memory CanonicalStore.
+#[wasm_bindgen]
+pub struct WasmCanonicalStore {
+    inner: clawpowers_canonical::CanonicalStore,
+}
+
+#[wasm_bindgen]
+impl WasmCanonicalStore {
+    /// Create a new in-memory canonical store.
+    #[wasm_bindgen(constructor)]
+    pub fn new() -> Result<WasmCanonicalStore, JsError> {
+        let store = clawpowers_canonical::CanonicalStore::in_memory()
+            .map_err(|e| JsError::new(&e.to_string()))?;
+        Ok(Self { inner: store })
+    }
+
+    /// Insert a record. Input: JSON with {namespace, content, metadata, provenance}.
+    /// Returns the record UUID as a string.
+    pub fn insert(&self, json: &str) -> Result<String, JsError> {
+        #[derive(serde::Deserialize)]
+        struct InsertInput {
+            namespace: String,
+            content: String,
+            #[serde(default)]
+            metadata: serde_json::Value,
+            #[serde(default = "default_provenance")]
+            provenance: String,
+        }
+        fn default_provenance() -> String {
+            "wasm".to_string()
+        }
+
+        let input: InsertInput = serde_json::from_str(json)?;
+        let record = clawpowers_canonical::CanonicalRecord::new(
+            input.namespace,
+            input.content,
+            None,
+            input.metadata,
+            input.provenance,
+        );
+        let id = self
+            .inner
+            .insert(&record)
+            .map_err(|e| JsError::new(&e.to_string()))?;
+        Ok(id.to_string())
+    }
+
+    /// Get a record by UUID. Returns JSON or null.
+    pub fn get(&self, id: &str) -> Result<Option<String>, JsError> {
+        let uuid = uuid::Uuid::parse_str(id).map_err(|e| JsError::new(&e.to_string()))?;
+        let record = self
+            .inner
+            .get(&uuid)
+            .map_err(|e| JsError::new(&e.to_string()))?;
+        match record {
+            Some(r) => Ok(Some(serde_json::to_string(&r)?)),
+            None => Ok(None),
+        }
+    }
+
+    /// Get a record by content hash. Returns JSON or null.
+    #[wasm_bindgen(js_name = "getByHash")]
+    pub fn get_by_hash(&self, hash: &str) -> Result<Option<String>, JsError> {
+        let record = self
+            .inner
+            .get_by_hash(hash)
+            .map_err(|e| JsError::new(&e.to_string()))?;
+        match record {
+            Some(r) => Ok(Some(serde_json::to_string(&r)?)),
+            None => Ok(None),
+        }
+    }
+
+    /// Query records by namespace. Returns JSON array.
+    #[wasm_bindgen(js_name = "queryNamespace")]
+    pub fn query_namespace(&self, namespace: &str, limit: usize) -> Result<String, JsError> {
+        let records = self
+            .inner
+            .query_namespace(namespace, limit)
+            .map_err(|e| JsError::new(&e.to_string()))?;
+        Ok(serde_json::to_string(&records)?)
+    }
+
+    /// Soft-delete a record. Returns true if the record existed.
+    #[wasm_bindgen(js_name = "softDelete")]
+    pub fn soft_delete(&self, id: &str) -> Result<bool, JsError> {
+        let uuid = uuid::Uuid::parse_str(id).map_err(|e| JsError::new(&e.to_string()))?;
+        self.inner
+            .soft_delete(&uuid)
+            .map_err(|e| JsError::new(&e.to_string()))
+    }
+
+    /// Verify record integrity. Returns true if hash matches.
+    #[wasm_bindgen(js_name = "verifyIntegrity")]
+    pub fn verify_integrity(&self, id: &str) -> Result<bool, JsError> {
+        let uuid = uuid::Uuid::parse_str(id).map_err(|e| JsError::new(&e.to_string()))?;
+        self.inner
+            .verify_integrity(&uuid)
+            .map_err(|e| JsError::new(&e.to_string()))
+    }
+
+    /// Export all records as JSON for IndexedDB persistence.
+    #[wasm_bindgen(js_name = "exportJson")]
+    pub fn export_json(&self) -> Result<String, JsError> {
+        self.inner
+            .export_json()
+            .map_err(|e| JsError::new(&e.to_string()))
+    }
+
+    /// Import records from JSON (e.g., loaded from IndexedDB).
+    #[wasm_bindgen(js_name = "importJson")]
+    pub fn import_json(&self, json: &str) -> Result<usize, JsError> {
+        self.inner
+            .import_json(json)
+            .map_err(|e| JsError::new(&e.to_string()))
+    }
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// Security — Write Firewall
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/// Evaluate a write request against a firewall.
+/// Input JSON: {namespace, content, trust_level, source, allowed_namespaces?, blocked_patterns?, max_content_length?}
+/// Returns JSON: {"decision": "allow"|"deny"|"sanitize", "reason"?: ..., "sanitized"?: ...}
+#[wasm_bindgen(js_name = "evaluateWriteFirewall")]
+pub fn evaluate_write_firewall(json: &str) -> Result<String, JsError> {
+    #[derive(serde::Deserialize)]
+    struct Input {
+        namespace: String,
+        content: String,
+        trust_level: String,
+        source: String,
+        #[serde(default)]
+        allowed_namespaces: Vec<String>,
+        #[serde(default)]
+        blocked_patterns: Vec<String>,
+        max_content_length: Option<usize>,
+    }
+
+    let input: Input = serde_json::from_str(json)?;
+
+    let trust = match input.trust_level.as_str() {
+        "system" => clawpowers_security::TrustLevel::System,
+        "agent" => clawpowers_security::TrustLevel::Agent,
+        "external" => clawpowers_security::TrustLevel::External,
+        _ => clawpowers_security::TrustLevel::Untrusted,
+    };
+
+    let mut firewall = clawpowers_security::WriteFirewall::new(input.allowed_namespaces);
+    firewall.blocked_patterns = input.blocked_patterns;
+    if let Some(max) = input.max_content_length {
+        firewall.max_content_length = max;
+    }
+
+    let request = clawpowers_security::WriteRequest {
+        namespace: input.namespace,
+        content: input.content,
+        trust_level: trust,
+        source: input.source,
+    };
+
+    let decision = firewall.evaluate(&request);
+    let result = match decision {
+        clawpowers_security::FirewallDecision::Allow => {
+            serde_json::json!({"decision": "allow"})
+        }
+        clawpowers_security::FirewallDecision::Deny(reason) => {
+            serde_json::json!({"decision": "deny", "reason": reason})
+        }
+        clawpowers_security::FirewallDecision::Sanitize(original, sanitized) => {
+            serde_json::json!({"decision": "sanitize", "original": original, "sanitized": sanitized})
+        }
+    };
+    Ok(serde_json::to_string(&result)?)
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// Version info
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/// Returns the version and build info.
+#[wasm_bindgen(js_name = "getVersion")]
+pub fn get_version() -> String {
+    format!(
+        "clawpowers-wasm v{} ({})",
+        env!("CARGO_PKG_VERSION"),
+        if cfg!(debug_assertions) {
+            "debug"
+        } else {
+            "release"
+        }
+    )
+}
+
+/// Returns a list of modules available in this WASM build.
+#[wasm_bindgen(js_name = "getAvailableModules")]
+pub fn get_available_modules() -> String {
+    serde_json::to_string(&vec![
+        "tokens",
+        "fee",
+        "compression",
+        "canonical",
+        "verification",
+        "security",
+        "index",
+    ])
+    .unwrap_or_default()
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clawpowers",
-  "version": "2.0.0",
+  "version": "2.2.0",
   "description": "Skills library for AI agents — payments, memory, RSI, wallet. Drop-in capability layer for any agent framework.",
   "type": "module",
   "main": "./dist/index.js",
@@ -14,18 +14,35 @@
   },
   "files": [
     "dist",
+    "src/skills",
+    "native/Cargo.toml",
+    "native/Cargo.lock",
+    "native/crates",
+    "native/ffi",
+    "native/wasm",
+    "native/wasm/pkg",
+    "native/wasm/pkg-node",
+    "native/pyo3",
     "README.md",
     "LICENSE",
     "CHANGELOG.md",
-    "SECURITY.md"
+    "SECURITY.md",
+    "COMPATIBILITY.md",
+    "KNOWN_LIMITATIONS.md",
+    "LICENSING.md"
   ],
   "scripts": {
+    "build:native": "cd native && cargo build --release --workspace || echo 'Rust not installed - using WASM/TS fallback'",
+    "build:wasm": "cd native/wasm && wasm-pack build --target nodejs --out-dir pkg-node || true",
     "build": "tsup",
     "test": "vitest run",
     "test:watch": "vitest",
     "typecheck": "tsc --noEmit",
+    "lint": "eslint src tests benchmarks",
+    "verify:pack": "npm pack --dry-run",
     "clean": "rm -rf dist",
-    "prepublishOnly": "npm run build"
+    "prepublishOnly": "npm run build",
+    "prepack": "npm run build"
   },
   "keywords": [
     "ai-agent",
@@ -58,6 +75,10 @@
   },
   "devDependencies": {
     "@types/node": "^25.5.0",
+    "@typescript-eslint/eslint-plugin": "^8.0.0",
+    "@typescript-eslint/parser": "^8.0.0",
+    "eslint": "^9.0.0",
+    "globals": "^15.0.0",
     "tsup": "^8.0.0",
     "typescript": "^5.5.0",
     "vitest": "^2.0.0"