evidential-protocol 2.0.0 → 3.0.0

package/dist/attestation.d.ts

@@ -0,0 +1,80 @@
+/**
+ * Content Attestation (Kusunda isolate identity + Coldstar integration)
+ *
+ * Proves content is original, not derived. Designed to work with
+ * Coldstar's air-gapped signing flow: content is hashed here, the hash
+ * is signed on the cold device, and the signature is attached back.
+ */
+/** A complete attestation record for a piece of content. */
+export interface ContentAttestation {
+    /** SHA-256 hash of the content. */
+    content_hash: string;
+    /** Hash algorithm used. */
+    algorithm: "sha256";
+    /** Identifier of the entity that produced the content. */
+    producer: string;
+    /** ISO 8601 timestamp of attestation creation. */
+    timestamp: string;
+    /** Cryptographic signature (added after external signing). */
+    signature?: string;
+    /** Blockchain target for on-chain anchoring. */
+    chain?: "solana-devnet" | "solana-mainnet";
+    /** On-chain transaction hash after anchoring. */
+    tx_hash?: string;
+    /** Hash of the associated claims array, if any. */
+    claims_hash?: string;
+}
+/**
+ * Builds unsigned content attestations. The signing step is deliberately
+ * decoupled so it can happen on an air-gapped Coldstar device.
+ */
+export declare class AttestationBuilder {
+    private readonly producer;
+    constructor(producer: string);
+    /** Compute the SHA-256 hash of arbitrary content. Returns hex string. */
+    hashContent(content: string): string;
+    /**
+     * Hash an array of claims (claim text + evidence class pairs).
+     * The claims are JSON-serialised in a deterministic order before hashing.
+     */
+    hashClaims(claims: Array<{
+        claim: string;
+        evidence_class: string;
+    }>): string;
+    /**
+     * Build an unsigned `ContentAttestation`.
+     *
+     * @param content - The raw content to attest.
+     * @param claims  - Optional claims to bind into the attestation via hash.
+     */
+    build(content: string, claims?: Array<{
+        claim: string;
+        evidence_class: string;
+    }>): ContentAttestation;
+    /**
+     * Attach a signature to an attestation. Returns a new object;
+     * the original is not mutated.
+     */
+    sign(attestation: ContentAttestation, signature: string): ContentAttestation;
+    /**
+     * Verify that an attestation's `content_hash` matches the given content.
+     * Does NOT verify the cryptographic signature — that requires the
+     * signer's public key which lives on-chain or in the Coldstar vault.
+     */
+    verify(attestation: ContentAttestation, content: string): boolean;
+}
+/**
+ * Produce a canonical string representation of an attestation suitable
+ * for external signing (e.g. on a Coldstar air-gapped device).
+ *
+ * Format: deterministic, line-delimited, no optional fields unless present.
+ */
+export declare function formatForSigning(attestation: ContentAttestation): string;
+/**
+ * Format an attestation as compact data suitable for a Solana memo
+ * instruction. Memo programs accept arbitrary UTF-8 up to ~566 bytes.
+ *
+ * Format: pipe-delimited, minimal field names.
+ */
+export declare function attestationToMemo(attestation: ContentAttestation): string;
+//# sourceMappingURL=attestation.d.ts.map

package/dist/attestation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"attestation.d.ts","sourceRoot":"","sources":["../src/attestation.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AASH,4DAA4D;AAC5D,MAAM,WAAW,kBAAkB;IACjC,mCAAmC;IACnC,YAAY,EAAE,MAAM,CAAC;IACrB,2BAA2B;IAC3B,SAAS,EAAE,QAAQ,CAAC;IACpB,0DAA0D;IAC1D,QAAQ,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,SAAS,EAAE,MAAM,CAAC;IAClB,8DAA8D;IAC9D,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,gDAAgD;IAChD,KAAK,CAAC,EAAE,eAAe,GAAG,gBAAgB,CAAC;IAC3C,iDAAiD;IACjD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,mDAAmD;IACnD,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAMD;;;GAGG;AACH,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;gBAEtB,QAAQ,EAAE,MAAM;IAI5B,yEAAyE;IACzE,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IAIpC;;;OAGG;IACH,UAAU,CAAC,MAAM,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,cAAc,EAAE,MAAM,CAAA;KAAE,CAAC,GAAG,MAAM;IAO5E;;;;;OAKG;IACH,KAAK,CACH,OAAO,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,cAAc,EAAE,MAAM,CAAA;KAAE,CAAC,GACxD,kBAAkB;IAerB;;;OAGG;IACH,IAAI,CAAC,WAAW,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,GAAG,kBAAkB;IAI5E;;;;OAIG;IACH,MAAM,CAAC,WAAW,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO;CAIlE;AAMD;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,kBAAkB,GAAG,MAAM,CAiBxE;AAED;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,WAAW,EAAE,kBAAkB,GAAG,MAAM,CAiBzE"}

package/dist/attestation.js

@@ -0,0 +1,115 @@
+/**
+ * Content Attestation (Kusunda isolate identity + Coldstar integration)
+ *
+ * Proves content is original, not derived. Designed to work with
+ * Coldstar's air-gapped signing flow: content is hashed here, the hash
+ * is signed on the cold device, and the signature is attached back.
+ */
+import { createHash } from "node:crypto";
+// ---------------------------------------------------------------------------
+// AttestationBuilder
+// ---------------------------------------------------------------------------
+/**
+ * Builds unsigned content attestations. The signing step is deliberately
+ * decoupled so it can happen on an air-gapped Coldstar device.
+ */
+export class AttestationBuilder {
+    producer;
+    constructor(producer) {
+        this.producer = producer;
+    }
+    /** Compute the SHA-256 hash of arbitrary content. Returns hex string. */
+    hashContent(content) {
+        return createHash("sha256").update(content, "utf-8").digest("hex");
+    }
+    /**
+     * Hash an array of claims (claim text + evidence class pairs).
+     * The claims are JSON-serialised in a deterministic order before hashing.
+     */
+    hashClaims(claims) {
+        // Sort by claim text for deterministic ordering.
+        const sorted = [...claims].sort((a, b) => a.claim.localeCompare(b.claim));
+        const canonical = JSON.stringify(sorted);
+        return createHash("sha256").update(canonical, "utf-8").digest("hex");
+    }
+    /**
+     * Build an unsigned `ContentAttestation`.
+     *
+     * @param content - The raw content to attest.
+     * @param claims  - Optional claims to bind into the attestation via hash.
+     */
+    build(content, claims) {
+        const attestation = {
+            content_hash: this.hashContent(content),
+            algorithm: "sha256",
+            producer: this.producer,
+            timestamp: new Date().toISOString(),
+        };
+        if (claims && claims.length > 0) {
+            attestation.claims_hash = this.hashClaims(claims);
+        }
+        return attestation;
+    }
+    /**
+     * Attach a signature to an attestation. Returns a new object;
+     * the original is not mutated.
+     */
+    sign(attestation, signature) {
+        return { ...attestation, signature };
+    }
+    /**
+     * Verify that an attestation's `content_hash` matches the given content.
+     * Does NOT verify the cryptographic signature — that requires the
+     * signer's public key which lives on-chain or in the Coldstar vault.
+     */
+    verify(attestation, content) {
+        const expected = this.hashContent(content);
+        return attestation.content_hash === expected;
+    }
+}
+// ---------------------------------------------------------------------------
+// Standalone utilities
+// ---------------------------------------------------------------------------
+/**
+ * Produce a canonical string representation of an attestation suitable
+ * for external signing (e.g. on a Coldstar air-gapped device).
+ *
+ * Format: deterministic, line-delimited, no optional fields unless present.
+ */
+export function formatForSigning(attestation) {
+    const lines = [
+        `ep-attest:v1`,
+        `hash:${attestation.algorithm}:${attestation.content_hash}`,
+        `producer:${attestation.producer}`,
+        `ts:${attestation.timestamp}`,
+    ];
+    if (attestation.claims_hash) {
+        lines.push(`claims:${attestation.claims_hash}`);
+    }
+    if (attestation.chain) {
+        lines.push(`chain:${attestation.chain}`);
+    }
+    return lines.join("\n");
+}
+/**
+ * Format an attestation as compact data suitable for a Solana memo
+ * instruction. Memo programs accept arbitrary UTF-8 up to ~566 bytes.
+ *
+ * Format: pipe-delimited, minimal field names.
+ */
+export function attestationToMemo(attestation) {
+    const parts = [
+        "EP1",
+        attestation.content_hash,
+        attestation.producer,
+        attestation.timestamp,
+    ];
+    if (attestation.claims_hash) {
+        parts.push(`c:${attestation.claims_hash}`);
+    }
+    if (attestation.signature) {
+        parts.push(`s:${attestation.signature}`);
+    }
+    return parts.join("|");
+}
+//# sourceMappingURL=attestation.js.map

package/dist/attestation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"attestation.js","sourceRoot":"","sources":["../src/attestation.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AA2BzC,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,OAAO,kBAAkB;IACZ,QAAQ,CAAS;IAElC,YAAY,QAAgB;QAC1B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED,yEAAyE;IACzE,WAAW,CAAC,OAAe;QACzB,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrE,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,MAAwD;QACjE,iDAAiD;QACjD,MAAM,MAAM,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACzC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CACH,OAAe,EACf,MAAyD;QAEzD,MAAM,WAAW,GAAuB;YACtC,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC;YACvC,SAAS,EAAE,QAAQ;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;QAEF,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,WAAW,CAAC,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACpD,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAED;;;OAGG;IACH,IAAI,CAAC,WAA+B,EAAE,SAAiB;QACrD,OAAO,EAAE,GAAG,WAAW,EAAE,SAAS,EAAE,CAAC;IACvC,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,WAA+B,EAAE,OAAe;QACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAC3C,OAAO,WAAW,CAAC,YAAY,KAAK,QAAQ,CAAC;IAC/C,CAAC;CACF;AAED,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,WAA+B;IAC9D,MAAM,KAAK,GAAa;QACtB,cAAc;QACd,QAAQ,WAAW,CAAC,SAAS,IAAI,WAAW,CAAC,YAAY,EAAE;QAC3D,YAAY,WAAW,CAAC,QAAQ,EAAE;QAClC,MAAM,WAAW,CAAC,SAAS,EAAE;KAC9B,CAAC;IAEF,IAAI,WAAW,CAAC,WAAW,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,UAAU,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC,SAAS,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,WAA+B;IAC/D,MAAM,KAAK,GAAa;QACtB,KAAK;QACL,WAAW,CAAC,YAAY;QACxB,WAAW,CAAC,QAAQ;QACpB,WAAW,CAAC,SAAS;KACtB,CAAC;IAEF,IAAI,WAAW,CAAC,WAAW,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,KAAK,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,KAAK,WAAW,CAAC,SAAS,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC"}

package/dist/audit-ledger.d.ts

@@ -0,0 +1,96 @@
+/**
+ * EP-2: Bilateral Audit Ledger (Kusunda dual-person marking)
+ *
+ * Every action records WHO called and WHAT was affected in a single
+ * fused record. Provides query, cross-reference, and hot-spot analysis.
+ */
+import type { EvidenceClass } from "./types.js";
+/** Allowed actions in the audit ledger. */
+export type AuditAction = "read" | "write" | "delete" | "invoke";
+/** A single bilateral audit record. */
+export interface AuditEntry {
+    /** Unique entry identifier. */
+    id: string;
+    /** Agent identity that initiated the action. */
+    caller: string;
+    /** Resource identifier that was affected. */
+    target: string;
+    /** What kind of action was performed. */
+    action: AuditAction;
+    /** MCP tool name used for the action. */
+    tool: string;
+    /** Evidence class of the action's output. */
+    evidence_class: EvidenceClass;
+    /** ISO 8601 timestamp of when the action occurred. */
+    timestamp: string;
+    /** Duration of the action in milliseconds. */
+    duration_ms: number;
+    /** Whether the action completed successfully. */
+    success: boolean;
+}
+/** Serialized form of the audit ledger for persistence. */
+export interface AuditLedgerSnapshot {
+    version: "1.0";
+    entries: AuditEntry[];
+    created_at: string;
+}
+/**
+ * In-memory bilateral audit ledger.
+ *
+ * Records every caller-target interaction and supports multidimensional
+ * querying: by caller, target, time range, tool, and cross-references.
+ */
+export declare class AuditLedger {
+    private entries;
+    private byCallerIndex;
+    private byTargetIndex;
+    private byToolIndex;
+    /** Total number of entries in the ledger. */
+    get size(): number;
+    /**
+     * Record a new audit entry.
+     *
+     * @returns The created AuditEntry with generated id and timestamp.
+     */
+    record(params: {
+        caller: string;
+        target: string;
+        action: AuditAction;
+        tool: string;
+        evidence_class: EvidenceClass;
+        duration_ms: number;
+        success: boolean;
+        timestamp?: string;
+    }): AuditEntry;
+    /** Append a pre-built entry (used by fromJSON). */
+    private append;
+    /** Query all entries by caller identity. */
+    queryCaller(name: string): AuditEntry[];
+    /** Query all entries by target resource. */
+    queryTarget(resource: string): AuditEntry[];
+    /** Query entries within a time range (inclusive). */
+    queryTimeRange(from: Date, to: Date): AuditEntry[];
+    /** Query all entries by tool name. */
+    queryTool(toolName: string): AuditEntry[];
+    /**
+     * Get the N most-touched resources (by total interaction count).
+     * Returns [target, count] pairs sorted descending.
+     */
+    getHotTargets(n: number): Array<[string, number]>;
+    /**
+     * Get the N most-active callers (by total interaction count).
+     * Returns [caller, count] pairs sorted descending.
+     */
+    getActiveCallers(n: number): Array<[string, number]>;
+    /**
+     * Cross-reference: all interactions between a specific caller and target.
+     */
+    crossReference(caller: string, target: string): AuditEntry[];
+    /** Serialize the ledger to a JSON-safe snapshot. */
+    toJSON(): AuditLedgerSnapshot;
+    /** Restore a ledger from a serialized snapshot. */
+    static fromJSON(snapshot: AuditLedgerSnapshot): AuditLedger;
+    private indexPush;
+    private topN;
+}
+//# sourceMappingURL=audit-ledger.d.ts.map

package/dist/audit-ledger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-ledger.d.ts","sourceRoot":"","sources":["../src/audit-ledger.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD,2CAA2C;AAC3C,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEjE,uCAAuC;AACvC,MAAM,WAAW,UAAU;IACzB,+BAA+B;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,gDAAgD;IAChD,MAAM,EAAE,MAAM,CAAC;IACf,6CAA6C;IAC7C,MAAM,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,MAAM,EAAE,WAAW,CAAC;IACpB,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,6CAA6C;IAC7C,cAAc,EAAE,aAAa,CAAC;IAC9B,sDAAsD;IACtD,SAAS,EAAE,MAAM,CAAC;IAClB,8CAA8C;IAC9C,WAAW,EAAE,MAAM,CAAC;IACpB,iDAAiD;IACjD,OAAO,EAAE,OAAO,CAAC;CAClB;AAED,2DAA2D;AAC3D,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,KAAK,CAAC;IACf,OAAO,EAAE,UAAU,EAAE,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;CACpB;AASD;;;;;GAKG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,OAAO,CAAoB;IACnC,OAAO,CAAC,aAAa,CAA+B;IACpD,OAAO,CAAC,aAAa,CAA+B;IACpD,OAAO,CAAC,WAAW,CAA+B;IAElD,6CAA6C;IAC7C,IAAI,IAAI,IAAI,MAAM,CAEjB;IAED;;;;OAIG;IACH,MAAM,CAAC,MAAM,EAAE;QACb,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,WAAW,CAAC;QACpB,IAAI,EAAE,MAAM,CAAC;QACb,cAAc,EAAE,aAAa,CAAC;QAC9B,WAAW,EAAE,MAAM,CAAC;QACpB,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GAAG,UAAU;IAwBd,mDAAmD;IACnD,OAAO,CAAC,MAAM;IAQd,4CAA4C;IAC5C,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,EAAE;IAMvC,4CAA4C;IAC5C,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,EAAE;IAM3C,qDAAqD;IACrD,cAAc,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,GAAG,UAAU,EAAE;IASlD,sCAAsC;IACtC,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,EAAE;IAMzC;;;OAGG;IACH,aAAa,CAAC,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAIjD;;;OAGG;IACH,gBAAgB,CAAC,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAIpD;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,UAAU,EAAE;IAU5D,oDAAoD;IACpD,MAAM,IAAI,mBAAmB;IAQ7B,mDAAmD;IACnD,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,mBAAmB,GAAG,WAAW;IAU3D,OAAO,CAAC,SAAS;IAajB,OAAO,CAAC,IAAI;CAWb"}

package/dist/audit-ledger.js

@@ -0,0 +1,152 @@
+/**
+ * EP-2: Bilateral Audit Ledger (Kusunda dual-person marking)
+ *
+ * Every action records WHO called and WHAT was affected in a single
+ * fused record. Provides query, cross-reference, and hot-spot analysis.
+ */
+/** Generate a compact unique ID. */
+function generateId() {
+    const ts = Date.now().toString(36);
+    const rand = Math.random().toString(36).slice(2, 8);
+    return `aud_${ts}_${rand}`;
+}
+/**
+ * In-memory bilateral audit ledger.
+ *
+ * Records every caller-target interaction and supports multidimensional
+ * querying: by caller, target, time range, tool, and cross-references.
+ */
+export class AuditLedger {
+    entries = [];
+    byCallerIndex = new Map();
+    byTargetIndex = new Map();
+    byToolIndex = new Map();
+    /** Total number of entries in the ledger. */
+    get size() {
+        return this.entries.length;
+    }
+    /**
+     * Record a new audit entry.
+     *
+     * @returns The created AuditEntry with generated id and timestamp.
+     */
+    record(params) {
+        const entry = {
+            id: generateId(),
+            caller: params.caller,
+            target: params.target,
+            action: params.action,
+            tool: params.tool,
+            evidence_class: params.evidence_class,
+            timestamp: params.timestamp ?? new Date().toISOString(),
+            duration_ms: params.duration_ms,
+            success: params.success,
+        };
+        const idx = this.entries.length;
+        this.entries.push(entry);
+        // Update indexes
+        this.indexPush(this.byCallerIndex, entry.caller, idx);
+        this.indexPush(this.byTargetIndex, entry.target, idx);
+        this.indexPush(this.byToolIndex, entry.tool, idx);
+        return entry;
+    }
+    /** Append a pre-built entry (used by fromJSON). */
+    append(entry) {
+        const idx = this.entries.length;
+        this.entries.push(entry);
+        this.indexPush(this.byCallerIndex, entry.caller, idx);
+        this.indexPush(this.byTargetIndex, entry.target, idx);
+        this.indexPush(this.byToolIndex, entry.tool, idx);
+    }
+    /** Query all entries by caller identity. */
+    queryCaller(name) {
+        const indices = this.byCallerIndex.get(name);
+        if (!indices)
+            return [];
+        return indices.map((i) => this.entries[i]);
+    }
+    /** Query all entries by target resource. */
+    queryTarget(resource) {
+        const indices = this.byTargetIndex.get(resource);
+        if (!indices)
+            return [];
+        return indices.map((i) => this.entries[i]);
+    }
+    /** Query entries within a time range (inclusive). */
+    queryTimeRange(from, to) {
+        const fromMs = from.getTime();
+        const toMs = to.getTime();
+        return this.entries.filter((e) => {
+            const ts = new Date(e.timestamp).getTime();
+            return ts >= fromMs && ts <= toMs;
+        });
+    }
+    /** Query all entries by tool name. */
+    queryTool(toolName) {
+        const indices = this.byToolIndex.get(toolName);
+        if (!indices)
+            return [];
+        return indices.map((i) => this.entries[i]);
+    }
+    /**
+     * Get the N most-touched resources (by total interaction count).
+     * Returns [target, count] pairs sorted descending.
+     */
+    getHotTargets(n) {
+        return this.topN(this.byTargetIndex, n);
+    }
+    /**
+     * Get the N most-active callers (by total interaction count).
+     * Returns [caller, count] pairs sorted descending.
+     */
+    getActiveCallers(n) {
+        return this.topN(this.byCallerIndex, n);
+    }
+    /**
+     * Cross-reference: all interactions between a specific caller and target.
+     */
+    crossReference(caller, target) {
+        const callerIndices = this.byCallerIndex.get(caller);
+        if (!callerIndices)
+            return [];
+        const targetSet = new Set(this.byTargetIndex.get(target) ?? []);
+        return callerIndices
+            .filter((i) => targetSet.has(i))
+            .map((i) => this.entries[i]);
+    }
+    /** Serialize the ledger to a JSON-safe snapshot. */
+    toJSON() {
+        return {
+            version: "1.0",
+            entries: [...this.entries],
+            created_at: new Date().toISOString(),
+        };
+    }
+    /** Restore a ledger from a serialized snapshot. */
+    static fromJSON(snapshot) {
+        const ledger = new AuditLedger();
+        for (const entry of snapshot.entries) {
+            ledger.append(entry);
+        }
+        return ledger;
+    }
+    // ---- Internal helpers ----
+    indexPush(index, key, value) {
+        const arr = index.get(key);
+        if (arr) {
+            arr.push(value);
+        }
+        else {
+            index.set(key, [value]);
+        }
+    }
+    topN(index, n) {
+        const pairs = [];
+        for (const [key, indices] of index) {
+            pairs.push([key, indices.length]);
+        }
+        pairs.sort((a, b) => b[1] - a[1]);
+        return pairs.slice(0, n);
+    }
+}
+//# sourceMappingURL=audit-ledger.js.map

package/dist/audit-ledger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-ledger.js","sourceRoot":"","sources":["../src/audit-ledger.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAoCH,oCAAoC;AACpC,SAAS,UAAU;IACjB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACpD,OAAO,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC;AAC7B,CAAC;AAED;;;;;GAKG;AACH,MAAM,OAAO,WAAW;IACd,OAAO,GAAiB,EAAE,CAAC;IAC3B,aAAa,GAAG,IAAI,GAAG,EAAoB,CAAC;IAC5C,aAAa,GAAG,IAAI,GAAG,EAAoB,CAAC;IAC5C,WAAW,GAAG,IAAI,GAAG,EAAoB,CAAC;IAElD,6CAA6C;IAC7C,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;IAC7B,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,MASN;QACC,MAAM,KAAK,GAAe;YACxB,EAAE,EAAE,UAAU,EAAE;YAChB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,cAAc,EAAE,MAAM,CAAC,cAAc;YACrC,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACvD,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,OAAO,EAAE,MAAM,CAAC,OAAO;SACxB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEzB,iBAAiB;QACjB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACtD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACtD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAElD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,mDAAmD;IAC3C,MAAM,CAAC,KAAiB;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACtD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACtD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;IAED,4CAA4C;IAC5C,WAAW,CAAC,IAAY;QACtB,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,CAAC;QACxB,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,4CAA4C;IAC5C,WAAW,CAAC,QAAgB;QAC1B,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,CAAC;QACxB,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,qDAAqD;IACrD,cAAc,CAAC,IAAU,EAAE,EAAQ;QACjC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YAC/B,MAAM,EAAE,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;YAC3C,OAAO,EAAE,IAAI,MAAM,IAAI,EAAE,IAAI,IAAI,CAAC;QACpC,CAAC,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,SAAS,CAAC,QAAgB;QACxB,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,CAAC;QACxB,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,CAAS;QACrB,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED;;;OAGG;IACH,gBAAgB,CAAC,CAAS;QACxB,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,MAAc,EAAE,MAAc;QAC3C,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACrD,IAAI,CAAC,aAAa;YAAE,OAAO,EAAE,CAAC;QAE9B,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAChE,OAAO,aAAa;aACjB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;aAC/B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC;IAED,oDAAoD;IACpD,MAAM;QACJ,OAAO;YACL,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC;YAC1B,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC,CAAC;IACJ,CAAC;IAED,mDAAmD;IACnD,MAAM,CAAC,QAAQ,CAAC,QAA6B;QAC3C,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;QACjC,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvB,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,6BAA6B;IAErB,SAAS,CACf,KAA4B,EAC5B,GAAW,EACX,KAAa;QAEb,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC3B,IAAI,GAAG,EAAE,CAAC;YACR,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAEO,IAAI,CACV,KAA4B,EAC5B,CAAS;QAET,MAAM,KAAK,GAA4B,EAAE,CAAC;QAC1C,KAAK,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,KAAK,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACpC,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,CAAC;CACF"}

package/dist/dormant.d.ts

@@ -0,0 +1,59 @@
+/**
+ * Dormant Asset Scanner — Kusunda Rediscovery
+ *
+ * Language isolates like Kusunda were "rediscovered" after being
+ * presumed extinct. This module scores repositories and digital
+ * assets for hidden value — dormant projects that deserve revival
+ * vs. those ready for the archive.
+ */
+/** Profile describing a repository or digital asset. */
+export interface AssetProfile {
+    id: string;
+    name: string;
+    path: string;
+    last_commit?: string;
+    last_publish?: string;
+    has_readme: boolean;
+    has_tests: boolean;
+    has_ci: boolean;
+    language?: string;
+    dependencies_count: number;
+    publishable: boolean;
+    published: boolean;
+}
+/** Computed dormancy and value scores for an asset. */
+export interface DormantScore {
+    asset_id: string;
+    dormancy_score: number;
+    value_score: number;
+    recommendation: "publish" | "archive" | "revive" | "maintain" | "investigate";
+    reasons: string[];
+}
+/**
+ * Scans a collection of asset profiles and scores them on two axes:
+ * dormancy (how inactive) and value (how potentially useful).
+ */
+export declare class DormantScanner {
+    private assets;
+    /** Register an asset for scanning. */
+    addAsset(profile: AssetProfile): void;
+    /** Score a single asset by ID. */
+    score(assetId: string): DormantScore;
+    /** Score all registered assets. */
+    scoreAll(): DormantScore[];
+    /** Return unpublished assets with value_score > 0.5. */
+    getPublishable(): DormantScore[];
+    /** Return dormant assets worth reviving (high value despite dormancy). */
+    getRevivable(): DormantScore[];
+    /** Return truly dead assets recommended for archival. */
+    getArchivable(): DormantScore[];
+    /** Generate a Markdown summary report of all assets. */
+    generateReport(): string;
+    /** Compute dormancy and value scores for a single asset. */
+    private computeScore;
+    /** Determine the recommendation based on dormancy/value quadrant. */
+    private recommend;
+    /** Calculate days between a date string and now. */
+    private daysSince;
+}
+//# sourceMappingURL=dormant.d.ts.map

package/dist/dormant.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dormant.d.ts","sourceRoot":"","sources":["../src/dormant.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,wDAAwD;AACxD,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,OAAO,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,uDAAuD;AACvD,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,SAAS,GAAG,SAAS,GAAG,QAAQ,GAAG,UAAU,GAAG,aAAa,CAAC;IAC9E,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB;AAWD;;;GAGG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAwC;IAEtD,sCAAsC;IACtC,QAAQ,CAAC,OAAO,EAAE,YAAY,GAAG,IAAI;IAIrC,kCAAkC;IAClC,KAAK,CAAC,OAAO,EAAE,MAAM,GAAG,YAAY;IAcpC,mCAAmC;IACnC,QAAQ,IAAI,YAAY,EAAE;IAI1B,wDAAwD;IACxD,cAAc,IAAI,YAAY,EAAE;IAShC,0EAA0E;IAC1E,YAAY,IAAI,YAAY,EAAE;IAI9B,yDAAyD;IACzD,aAAa,IAAI,YAAY,EAAE;IAI/B,wDAAwD;IACxD,cAAc,IAAI,MAAM;IA2FxB,4DAA4D;IAC5D,OAAO,CAAC,YAAY;IA6FpB,qEAAqE;IACrE,OAAO,CAAC,SAAS;IA6BjB,oDAAoD;IACpD,OAAO,CAAC,SAAS;CAKlB"}