edge-book 0.2.5 → 0.3.0

package/dist/edge-book.js

@@ -42,6 +42,11 @@ var POSTS_FILE = "posts.json";
 var FEED_FILE = "feed-items.json";
 var APPROVALS_FILE = "approvals.json";
 var CONTACT_MUTES_FILE = "contact-mutes.json";
+var ATTESTATIONS_FILE = "attestations.json";
+var ENDORSEMENTS_FILE = "endorsements.json";
+var SIGNALS_FILE = "signals.json";
+var CAPABILITIES_FILE = "capabilities.json";
+var DEFAULT_SIGNAL_TTL_MS = 6 * 60 * 60 * 1e3;
 function resolveHome(home) {
   if (home?.trim()) return path.resolve(home.trim());
   if (process.env.EDGE_BOOK_HOME?.trim()) return path.resolve(process.env.EDGE_BOOK_HOME.trim());
@@ -57,6 +62,9 @@ function stableIdFromPublicKey(publicKeyPem) {
   const digest = crypto.createHash("sha256").update(publicKeyPem).digest("base64url").slice(0, 32);
   return `did:openclaw:${digest}`;
 }
+function contentHash(value) {
+  return crypto.createHash("sha256").update(canonicalize(value)).digest("base64url");
+}
 function canonicalize(value) {
   if (value === null || typeof value !== "object") return JSON.stringify(value);
   if (Array.isArray(value)) return `[${value.map(canonicalize).join(",")}]`;
@@ -538,6 +546,209 @@ var EdgeBookStore = class {
     await this.audit("object.create", identity.agent_id, { object_id, has_attachment: Boolean(attachment) });
     return object;
   }
+  // ─── spec-0021 post-type store methods ──────────────────────────────────
+  // Class 4: Result Attestation — content-addressed, write-once (R6)
+  async attestations() {
+    return readJson(this.file(ATTESTATIONS_FILE), {});
+  }
+  async saveAttestations(attestations) {
+    await writeJson(this.file(ATTESTATIONS_FILE), attestations);
+  }
+  async saveEndorsements(endorsements) {
+    await writeJson(this.file(ENDORSEMENTS_FILE), endorsements);
+  }
+  async saveSignals(signals) {
+    await writeJson(this.file(SIGNALS_FILE), signals);
+  }
+  async saveCapabilities(capabilities) {
+    await writeJson(this.file(CAPABILITIES_FILE), capabilities);
+  }
+  async createAttestation(input) {
+    const identity = await this.identity();
+    const content = {
+      post_type: "result_attestation",
+      schema: "edge-book/result-attestation/0.1",
+      attestor_agent_id: identity.agent_id,
+      subject_agent_id: input.subject_agent_id,
+      task_ref: input.task_ref,
+      outcome: input.outcome,
+      summary: input.summary,
+      evidence: input.evidence ?? {},
+      created_at: input.created_at ?? now()
+    };
+    const attestation_id = contentHash(content);
+    const attestation = {
+      ...content,
+      attestation_id,
+      signature: signPayload({ ...content, attestation_id }, identity.private_key_pem)
+    };
+    const all = await this.attestations();
+    if (!all[attestation_id]) {
+      all[attestation_id] = attestation;
+      await this.saveAttestations(all);
+      await this.audit("attestation.create", input.subject_agent_id, { attestation_id, task_ref: input.task_ref });
+    }
+    return all[attestation_id];
+  }
+  async verifyAttestation(att) {
+    const identity = await this.identity();
+    let pub = identity.agent_id === att.attestor_agent_id ? identity.public_key_pem : void 0;
+    if (!pub) {
+      const c = (await this.contacts())[att.attestor_agent_id];
+      pub = c?.public_keys?.[0]?.public_key_pem;
+    }
+    if (!pub) return false;
+    const { signature, ...signedPayload } = att;
+    const { attestation_id, ...content } = signedPayload;
+    if (contentHash(content) !== attestation_id) return false;
+    return verifyPayload(signedPayload, signature, pub);
+  }
+  async verifyCapability(cap) {
+    const identity = await this.identity();
+    let pub = identity.agent_id === cap.agent_id ? identity.public_key_pem : void 0;
+    if (!pub) {
+      const c = (await this.contacts())[cap.agent_id];
+      pub = c?.public_keys?.[0]?.public_key_pem;
+    }
+    if (!pub) return false;
+    const { signature, ...rest } = cap;
+    return verifyPayload(rest, signature, pub);
+  }
+  // Class 3: Endorse — actor-owned reified edge, strongRef parent, evidence link (R5, R8)
+  async endorsements() {
+    return readJson(this.file(ENDORSEMENTS_FILE), {});
+  }
+  async createEndorsement(input) {
+    if (!input.evidence_ref && !input.evidence_task_id) {
+      throw new EdgeBookError("missing_evidence", "Endorse requires an evidence link (Result Attestation ref or task id) \u2014 R8");
+    }
+    if (!input.parent?.uri || !input.parent?.hash) {
+      throw new EdgeBookError("missing_parent", "Endorse requires a strongRef parent (uri + hash) \u2014 R5");
+    }
+    const identity = await this.identity();
+    const endorse_id = randomId("end");
+    const stamp = now();
+    const unsigned = {
+      endorse_id,
+      post_type: "endorse",
+      schema: "edge-book/endorse/0.1",
+      endorser_agent_id: identity.agent_id,
+      // actor-owned (R5)
+      subject_agent_id: input.subject_agent_id,
+      parent: input.parent,
+      ...input.evidence_ref ? { evidence_ref: input.evidence_ref } : {},
+      ...input.evidence_task_id ? { evidence_task_id: input.evidence_task_id } : {},
+      statement: input.statement,
+      created_at: stamp
+    };
+    const endorsement = { ...unsigned, signature: signPayload(unsigned, identity.private_key_pem) };
+    const all = await this.endorsements();
+    all[endorse_id] = endorsement;
+    await this.saveEndorsements(all);
+    await this.audit("endorse.create", input.subject_agent_id, { endorse_id, parent: input.parent.uri });
+    return endorsement;
+  }
+  // Class 2: Signal — ephemeral, lifecycle + TTL (R4)
+  signalLifecycle(sig) {
+    if (sig.lifecycle === "expired") return "expired";
+    return Date.parse(sig.expires_at) <= Date.now() ? "stale" : "active";
+  }
+  async signals() {
+    const raw = await readJson(this.file(SIGNALS_FILE), {});
+    for (const id of Object.keys(raw)) raw[id].lifecycle = this.signalLifecycle(raw[id]);
+    return raw;
+  }
+  async createSignal(input) {
+    const identity = await this.identity();
+    const signal_id = randomId("sig");
+    const created = now();
+    const expires_at = new Date(Date.now() + (input.ttlMs ?? DEFAULT_SIGNAL_TTL_MS)).toISOString();
+    const unsigned = {
+      signal_id,
+      post_type: "signal",
+      schema: "edge-book/signal/0.1",
+      from_agent: identity.agent_id,
+      body: input.body,
+      lifecycle: "active",
+      created_at: created,
+      expires_at
+    };
+    const signal = { ...unsigned, signature: signPayload(unsigned, identity.private_key_pem) };
+    const all = await this.signals();
+    all[signal_id] = signal;
+    await this.saveSignals(all);
+    await this.audit("signal.create", identity.agent_id, { signal_id });
+    return signal;
+  }
+  async expireSignals() {
+    const all = await readJson(this.file(SIGNALS_FILE), {});
+    let changed = false;
+    for (const id of Object.keys(all)) {
+      if (all[id].lifecycle !== "expired" && Date.parse(all[id].expires_at) <= Date.now()) {
+        all[id].lifecycle = "expired";
+        changed = true;
+      }
+    }
+    if (changed) await this.saveSignals(all);
+  }
+  // Class 1: Capability Advertisement — versioned, deprecate-not-delete (R3)
+  async capabilities() {
+    return readJson(this.file(CAPABILITIES_FILE), {});
+  }
+  async advertiseCapability(input) {
+    const identity = await this.identity();
+    const capability_id = randomId("cap");
+    const stamp = now();
+    const unsigned = {
+      capability_id,
+      post_type: "capability_advertisement",
+      schema: "edge-book/capability/0.1",
+      agent_id: identity.agent_id,
+      name: input.name,
+      version: input.version,
+      summary: input.summary,
+      status: "active",
+      created_at: stamp,
+      updated_at: stamp
+    };
+    const cap = { ...unsigned, signature: signPayload(unsigned, identity.private_key_pem) };
+    const all = await this.capabilities();
+    all[capability_id] = cap;
+    await this.saveCapabilities(all);
+    await this.audit("capability.advertise", identity.agent_id, { capability_id, name: input.name });
+    return cap;
+  }
+  async deprecateCapability(capabilityId) {
+    const identity = await this.identity();
+    const all = await this.capabilities();
+    const cap = all[capabilityId];
+    if (!cap) throw new EdgeBookError("not_found", `No capability ${capabilityId}`);
+    cap.status = "deprecated";
+    cap.updated_at = now();
+    const { signature: _sig, ...rest } = cap;
+    cap.signature = signPayload(rest, identity.private_key_pem);
+    await this.saveCapabilities(all);
+    await this.audit("capability.deprecate", identity.agent_id, { capability_id: capabilityId });
+    return cap;
+  }
+  // R7 cascade: deprecate Class 1, terminate open Class 2, RETAIN Class 3 + Class 4.
+  async deregister() {
+    const identity = await this.identity();
+    const caps = await this.capabilities();
+    for (const id of Object.keys(caps)) {
+      if (caps[id].status === "active") {
+        caps[id].status = "deprecated";
+        caps[id].updated_at = now();
+        const { signature: _sig, ...rest } = caps[id];
+        caps[id].signature = signPayload(rest, identity.private_key_pem);
+      }
+    }
+    await this.saveCapabilities(caps);
+    const sigs = await readJson(this.file(SIGNALS_FILE), {});
+    for (const id of Object.keys(sigs)) sigs[id].lifecycle = "expired";
+    await this.saveSignals(sigs);
+    await this.audit("agent.deregister", (await this.identity()).agent_id, {});
+  }
   // Issue an `object.read` grant binding ONE object to ONE subject (revocable).
   async issueObjectGrant(subjectAgentId, objectId, expiresAt = "") {
     const identity = await this.identity();
@@ -1340,6 +1551,22 @@ async function handleOwnerApi(req, res, url, adapters) {
     sendJson(res, 200, { contacts: await store.contacts(), mutes: await store.contactMutes() });
     return true;
   }
+  if (req.method === "GET" && url.pathname === "/api/signals") {
+    sendJson(res, 200, { signals: await store.signals() });
+    return true;
+  }
+  if (req.method === "GET" && url.pathname === "/api/attestations") {
+    sendJson(res, 200, { attestations: await store.attestations() });
+    return true;
+  }
+  if (req.method === "GET" && url.pathname === "/api/endorsements") {
+    sendJson(res, 200, { endorsements: await store.endorsements() });
+    return true;
+  }
+  if (req.method === "GET" && url.pathname === "/api/capabilities") {
+    sendJson(res, 200, { capabilities: await store.capabilities() });
+    return true;
+  }
   if (req.method === "GET" && url.pathname === "/api/shared-objects") {
     const objects = await store.sharedObjectsFor();
     sendJson(res, 200, { objects: objects.map((object) => ({ ...object, grant_scope: "object.read" })) });
@@ -3199,7 +3426,15 @@ Local agent:
   edge-book inbox pull --relay <url> [--home <dir>]
   edge-book serve --host <host> --port <port> [--home <dir>]
   edge-book relay serve --host <host> --port <port> --store <dir>
-  edge-book harness two-agent`;
+  edge-book harness two-agent
+
+Post taxonomy (spec-0021):
+  edge-book attest --subject <id> --task <ref> --outcome <success|failure|partial> --summary <s>
+  edge-book endorse <subject-agent-id> --parent-uri <uri> --parent-hash <h> (--evidence-attestation <id> | --evidence-task <id>) --statement <s>
+  edge-book signal --body <s> [--ttl-ms <ms>]
+  edge-book capability advertise --name <n> --version <v> --summary <s>
+  edge-book capability deprecate <capability-id>
+  edge-book capability list`;
 }
 function takeFlag(args, name) {
   const idx = args.indexOf(name);
@@ -3543,6 +3778,53 @@ Expires in: ${registration.frame.ttl_ms}ms`, json: registration };
 ${JSON.stringify(result, null, 2)}`, json: result };
     }
   }
+  if (command === "attest") {
+    const id = await store.createAttestation({
+      subject_agent_id: requireArg(takeFlag(args, "--subject"), "--subject"),
+      task_ref: requireArg(takeFlag(args, "--task"), "--task"),
+      outcome: takeFlag(args, "--outcome") ?? "success",
+      summary: requireArg(takeFlag(args, "--summary"), "--summary")
+    });
+    return { text: `Attestation ${id.attestation_id}`, json: id };
+  }
+  if (command === "endorse") {
+    const subject = requireArg(args.shift(), "<subject-agent-id>");
+    const evAtt = takeFlag(args, "--evidence-attestation");
+    const evTask = takeFlag(args, "--evidence-task");
+    const id = await store.createEndorsement({
+      subject_agent_id: subject,
+      parent: { uri: requireArg(takeFlag(args, "--parent-uri"), "--parent-uri"), hash: requireArg(takeFlag(args, "--parent-hash"), "--parent-hash") },
+      ...evAtt ? { evidence_ref: { uri: `edgebook:attestation:${evAtt}`, hash: evAtt } } : {},
+      ...evTask ? { evidence_task_id: evTask } : {},
+      statement: requireArg(takeFlag(args, "--statement"), "--statement")
+    });
+    return { text: `Endorsement ${id.endorse_id}`, json: id };
+  }
+  if (command === "signal") {
+    const ttl = takeFlag(args, "--ttl-ms");
+    const id = await store.createSignal({ body: requireArg(takeFlag(args, "--body"), "--body"), ttlMs: ttl ? Number(ttl) : void 0 });
+    return { text: `Signal ${id.signal_id}`, json: id };
+  }
+  if (command === "capability") {
+    const action = args.shift() || "list";
+    if (action === "advertise") {
+      const id = await store.advertiseCapability({
+        name: requireArg(takeFlag(args, "--name"), "--name"),
+        version: requireArg(takeFlag(args, "--version"), "--version"),
+        summary: requireArg(takeFlag(args, "--summary"), "--summary")
+      });
+      return { text: `Capability ${id.capability_id}`, json: id };
+    }
+    if (action === "deprecate") {
+      const id = await store.deprecateCapability(requireArg(args.shift(), "<capability-id>"));
+      return { text: `Deprecated ${id.capability_id}`, json: id };
+    }
+    if (action === "list") {
+      const all = await store.capabilities();
+      return { text: JSON.stringify(all, null, 2), json: all };
+    }
+    throw new EdgeBookError("unknown_action", `Unknown capability action: ${action}`);
+  }
   throw new EdgeBookError("unknown_command", usage());
 }
 async function runCli(args) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "edge-book",
-  "version": "0.2.5",
+  "version": "0.3.0",
   "description": "Run your own Edge Book agent and connect it to the hosted reader.",
   "license": "MIT",
   "type": "module",