life-as-api 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (303) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +377 -0
  3. package/dist/agent/finance-agent.d.ts +44 -0
  4. package/dist/agent/finance-agent.js +75 -0
  5. package/dist/agent/finance-agent.js.map +1 -0
  6. package/dist/agent/legal-agent.d.ts +44 -0
  7. package/dist/agent/legal-agent.js +76 -0
  8. package/dist/agent/legal-agent.js.map +1 -0
  9. package/dist/agent/medical-agent.d.ts +44 -0
  10. package/dist/agent/medical-agent.js +75 -0
  11. package/dist/agent/medical-agent.js.map +1 -0
  12. package/dist/agent/trusted-agent-registry.d.ts +53 -0
  13. package/dist/agent/trusted-agent-registry.js +57 -0
  14. package/dist/agent/trusted-agent-registry.js.map +1 -0
  15. package/dist/audit/audit-chain-verifier.d.ts +10 -0
  16. package/dist/audit/audit-chain-verifier.js +67 -0
  17. package/dist/audit/audit-chain-verifier.js.map +1 -0
  18. package/dist/audit/audit-log.d.ts +48 -0
  19. package/dist/audit/audit-log.js +74 -0
  20. package/dist/audit/audit-log.js.map +1 -0
  21. package/dist/audit/sqlite-audit-log.d.ts +29 -0
  22. package/dist/audit/sqlite-audit-log.js +142 -0
  23. package/dist/audit/sqlite-audit-log.js.map +1 -0
  24. package/dist/auth/access-context-issuer.d.ts +18 -0
  25. package/dist/auth/access-context-issuer.js +88 -0
  26. package/dist/auth/access-context-issuer.js.map +1 -0
  27. package/dist/auth/assert-authorized-for-subject.d.ts +2 -0
  28. package/dist/auth/assert-authorized-for-subject.js +20 -0
  29. package/dist/auth/assert-authorized-for-subject.js.map +1 -0
  30. package/dist/auth/backend-context-minting-boundary.d.ts +23 -0
  31. package/dist/auth/backend-context-minting-boundary.js +281 -0
  32. package/dist/auth/backend-context-minting-boundary.js.map +1 -0
  33. package/dist/auth/default-authorization-policy.d.ts +7 -0
  34. package/dist/auth/default-authorization-policy.js +64 -0
  35. package/dist/auth/default-authorization-policy.js.map +1 -0
  36. package/dist/auth/fake-auth-adapter.d.ts +7 -0
  37. package/dist/auth/fake-auth-adapter.js +27 -0
  38. package/dist/auth/fake-auth-adapter.js.map +1 -0
  39. package/dist/auth/http-client.d.ts +12 -0
  40. package/dist/auth/http-client.js +7 -0
  41. package/dist/auth/http-client.js.map +1 -0
  42. package/dist/auth/in-memory-grant-resolver.d.ts +21 -0
  43. package/dist/auth/in-memory-grant-resolver.js +73 -0
  44. package/dist/auth/in-memory-grant-resolver.js.map +1 -0
  45. package/dist/auth/in-memory-tenant-boundary.d.ts +16 -0
  46. package/dist/auth/in-memory-tenant-boundary.js +37 -0
  47. package/dist/auth/in-memory-tenant-boundary.js.map +1 -0
  48. package/dist/auth/jwks-key-ring-auth-adapter.d.ts +38 -0
  49. package/dist/auth/jwks-key-ring-auth-adapter.js +123 -0
  50. package/dist/auth/jwks-key-ring-auth-adapter.js.map +1 -0
  51. package/dist/auth/jwks-key-ring.d.ts +25 -0
  52. package/dist/auth/jwks-key-ring.js +111 -0
  53. package/dist/auth/jwks-key-ring.js.map +1 -0
  54. package/dist/auth/jwt-auth-adapter.d.ts +15 -0
  55. package/dist/auth/jwt-auth-adapter.js +59 -0
  56. package/dist/auth/jwt-auth-adapter.js.map +1 -0
  57. package/dist/auth/jwt-core.d.ts +32 -0
  58. package/dist/auth/jwt-core.js +226 -0
  59. package/dist/auth/jwt-core.js.map +1 -0
  60. package/dist/auth/jwt-key-ring-auth-adapter.d.ts +16 -0
  61. package/dist/auth/jwt-key-ring-auth-adapter.js +58 -0
  62. package/dist/auth/jwt-key-ring-auth-adapter.js.map +1 -0
  63. package/dist/auth/oidc-discovery.d.ts +15 -0
  64. package/dist/auth/oidc-discovery.js +46 -0
  65. package/dist/auth/oidc-discovery.js.map +1 -0
  66. package/dist/auth/production-scoped-life-api.d.ts +58 -0
  67. package/dist/auth/production-scoped-life-api.js +802 -0
  68. package/dist/auth/production-scoped-life-api.js.map +1 -0
  69. package/dist/auth/proposal-scope-inspector.d.ts +3 -0
  70. package/dist/auth/proposal-scope-inspector.js +42 -0
  71. package/dist/auth/proposal-scope-inspector.js.map +1 -0
  72. package/dist/auth/proposal-scoped-life-api.d.ts +21 -0
  73. package/dist/auth/proposal-scoped-life-api.js +168 -0
  74. package/dist/auth/proposal-scoped-life-api.js.map +1 -0
  75. package/dist/auth/rate-limited-context-minting-boundary.d.ts +27 -0
  76. package/dist/auth/rate-limited-context-minting-boundary.js +77 -0
  77. package/dist/auth/rate-limited-context-minting-boundary.js.map +1 -0
  78. package/dist/auth/revocation-aware-auth-adapter.d.ts +21 -0
  79. package/dist/auth/revocation-aware-auth-adapter.js +88 -0
  80. package/dist/auth/revocation-aware-auth-adapter.js.map +1 -0
  81. package/dist/auth/sqlite-grant-resolver.d.ts +8 -0
  82. package/dist/auth/sqlite-grant-resolver.js +78 -0
  83. package/dist/auth/sqlite-grant-resolver.js.map +1 -0
  84. package/dist/auth/sqlite-tenant-boundary.d.ts +7 -0
  85. package/dist/auth/sqlite-tenant-boundary.js +41 -0
  86. package/dist/auth/sqlite-tenant-boundary.js.map +1 -0
  87. package/dist/auth/static-jwt-key-ring.d.ts +13 -0
  88. package/dist/auth/static-jwt-key-ring.js +73 -0
  89. package/dist/auth/static-jwt-key-ring.js.map +1 -0
  90. package/dist/auth/subject-scoped-life-api.d.ts +14 -0
  91. package/dist/auth/subject-scoped-life-api.js +51 -0
  92. package/dist/auth/subject-scoped-life-api.js.map +1 -0
  93. package/dist/auth/test-context-minting-boundary.d.ts +13 -0
  94. package/dist/auth/test-context-minting-boundary.js +74 -0
  95. package/dist/auth/test-context-minting-boundary.js.map +1 -0
  96. package/dist/auth/types.d.ts +77 -0
  97. package/dist/auth/types.js +16 -0
  98. package/dist/auth/types.js.map +1 -0
  99. package/dist/compliance/subject-data-report.d.ts +43 -0
  100. package/dist/compliance/subject-data-report.js +155 -0
  101. package/dist/compliance/subject-data-report.js.map +1 -0
  102. package/dist/consent/consent-guard.d.ts +4 -0
  103. package/dist/consent/consent-guard.js +37 -0
  104. package/dist/consent/consent-guard.js.map +1 -0
  105. package/dist/consent/grant-registry.d.ts +7 -0
  106. package/dist/consent/grant-registry.js +13 -0
  107. package/dist/consent/grant-registry.js.map +1 -0
  108. package/dist/consent/intersect-selector.d.ts +3 -0
  109. package/dist/consent/intersect-selector.js +66 -0
  110. package/dist/consent/intersect-selector.js.map +1 -0
  111. package/dist/contract/diagnostics.d.ts +32 -0
  112. package/dist/contract/diagnostics.js +112 -0
  113. package/dist/contract/diagnostics.js.map +1 -0
  114. package/dist/contract/project-contracts.d.ts +5 -0
  115. package/dist/contract/project-contracts.js +159 -0
  116. package/dist/contract/project-contracts.js.map +1 -0
  117. package/dist/contract/types.d.ts +32 -0
  118. package/dist/contract/types.js +5 -0
  119. package/dist/contract/types.js.map +1 -0
  120. package/dist/crypto/aes-gcm.d.ts +11 -0
  121. package/dist/crypto/aes-gcm.js +78 -0
  122. package/dist/crypto/aes-gcm.js.map +1 -0
  123. package/dist/crypto/claim-serializer.d.ts +26 -0
  124. package/dist/crypto/claim-serializer.js +59 -0
  125. package/dist/crypto/claim-serializer.js.map +1 -0
  126. package/dist/crypto/sha256.d.ts +12 -0
  127. package/dist/crypto/sha256.js +40 -0
  128. package/dist/crypto/sha256.js.map +1 -0
  129. package/dist/crypto/static-key.d.ts +11 -0
  130. package/dist/crypto/static-key.js +60 -0
  131. package/dist/crypto/static-key.js.map +1 -0
  132. package/dist/crypto/types.d.ts +20 -0
  133. package/dist/crypto/types.js +8 -0
  134. package/dist/crypto/types.js.map +1 -0
  135. package/dist/datasource/trusted-data-source-registry.d.ts +51 -0
  136. package/dist/datasource/trusted-data-source-registry.js +57 -0
  137. package/dist/datasource/trusted-data-source-registry.js.map +1 -0
  138. package/dist/erasure/tombstone.d.ts +13 -0
  139. package/dist/erasure/tombstone.js +20 -0
  140. package/dist/erasure/tombstone.js.map +1 -0
  141. package/dist/evidence/evidence-backed-claim-creator.d.ts +48 -0
  142. package/dist/evidence/evidence-backed-claim-creator.js +107 -0
  143. package/dist/evidence/evidence-backed-claim-creator.js.map +1 -0
  144. package/dist/evidence/in-memory-raw-document-store.d.ts +26 -0
  145. package/dist/evidence/in-memory-raw-document-store.js +84 -0
  146. package/dist/evidence/in-memory-raw-document-store.js.map +1 -0
  147. package/dist/evidence/raw-document-store.d.ts +12 -0
  148. package/dist/evidence/raw-document-store.js +8 -0
  149. package/dist/evidence/raw-document-store.js.map +1 -0
  150. package/dist/evidence/source-evidence-validator.d.ts +4 -0
  151. package/dist/evidence/source-evidence-validator.js +14 -0
  152. package/dist/evidence/source-evidence-validator.js.map +1 -0
  153. package/dist/evidence/sqlite-raw-document-store.d.ts +19 -0
  154. package/dist/evidence/sqlite-raw-document-store.js +122 -0
  155. package/dist/evidence/sqlite-raw-document-store.js.map +1 -0
  156. package/dist/guardian/guardian-registry.d.ts +96 -0
  157. package/dist/guardian/guardian-registry.js +95 -0
  158. package/dist/guardian/guardian-registry.js.map +1 -0
  159. package/dist/index.d.ts +44 -0
  160. package/dist/index.js +72 -0
  161. package/dist/index.js.map +1 -0
  162. package/dist/observability/health.d.ts +12 -0
  163. package/dist/observability/health.js +16 -0
  164. package/dist/observability/health.js.map +1 -0
  165. package/dist/observability/logger.d.ts +21 -0
  166. package/dist/observability/logger.js +40 -0
  167. package/dist/observability/logger.js.map +1 -0
  168. package/dist/observability/metrics.d.ts +15 -0
  169. package/dist/observability/metrics.js +52 -0
  170. package/dist/observability/metrics.js.map +1 -0
  171. package/dist/persistence/backup.d.ts +24 -0
  172. package/dist/persistence/backup.js +251 -0
  173. package/dist/persistence/backup.js.map +1 -0
  174. package/dist/persistence/decryptability-scan.d.ts +10 -0
  175. package/dist/persistence/decryptability-scan.js +144 -0
  176. package/dist/persistence/decryptability-scan.js.map +1 -0
  177. package/dist/persistence/in-memory-unit-of-work.d.ts +11 -0
  178. package/dist/persistence/in-memory-unit-of-work.js +32 -0
  179. package/dist/persistence/in-memory-unit-of-work.js.map +1 -0
  180. package/dist/persistence/key-availability.d.ts +9 -0
  181. package/dist/persistence/key-availability.js +125 -0
  182. package/dist/persistence/key-availability.js.map +1 -0
  183. package/dist/persistence/sqlite/migrations.d.ts +9 -0
  184. package/dist/persistence/sqlite/migrations.js +535 -0
  185. package/dist/persistence/sqlite/migrations.js.map +1 -0
  186. package/dist/persistence/sqlite/schema.d.ts +10 -0
  187. package/dist/persistence/sqlite/schema.js +101 -0
  188. package/dist/persistence/sqlite/schema.js.map +1 -0
  189. package/dist/persistence/sqlite/sqlite-fact-store.d.ts +24 -0
  190. package/dist/persistence/sqlite/sqlite-fact-store.js +207 -0
  191. package/dist/persistence/sqlite/sqlite-fact-store.js.map +1 -0
  192. package/dist/persistence/sqlite/sqlite-source-registry.d.ts +17 -0
  193. package/dist/persistence/sqlite/sqlite-source-registry.js +132 -0
  194. package/dist/persistence/sqlite/sqlite-source-registry.js.map +1 -0
  195. package/dist/persistence/sqlite/sqlite-unit-of-work.d.ts +8 -0
  196. package/dist/persistence/sqlite/sqlite-unit-of-work.js +41 -0
  197. package/dist/persistence/sqlite/sqlite-unit-of-work.js.map +1 -0
  198. package/dist/persistence/sqlite/types.d.ts +24 -0
  199. package/dist/persistence/sqlite/types.js +28 -0
  200. package/dist/persistence/sqlite/types.js.map +1 -0
  201. package/dist/persistence/unit-of-work.d.ts +6 -0
  202. package/dist/persistence/unit-of-work.js +15 -0
  203. package/dist/persistence/unit-of-work.js.map +1 -0
  204. package/dist/proposal/accepted-claim-appender.d.ts +7 -0
  205. package/dist/proposal/accepted-claim-appender.js +16 -0
  206. package/dist/proposal/accepted-claim-appender.js.map +1 -0
  207. package/dist/proposal/in-memory-proposal-queue.d.ts +21 -0
  208. package/dist/proposal/in-memory-proposal-queue.js +218 -0
  209. package/dist/proposal/in-memory-proposal-queue.js.map +1 -0
  210. package/dist/proposal/policy-aware-proposal-queue.d.ts +23 -0
  211. package/dist/proposal/policy-aware-proposal-queue.js +162 -0
  212. package/dist/proposal/policy-aware-proposal-queue.js.map +1 -0
  213. package/dist/proposal/proposal-policy.d.ts +37 -0
  214. package/dist/proposal/proposal-policy.js +72 -0
  215. package/dist/proposal/proposal-policy.js.map +1 -0
  216. package/dist/proposal/proposal-queue.d.ts +13 -0
  217. package/dist/proposal/proposal-queue.js +15 -0
  218. package/dist/proposal/proposal-queue.js.map +1 -0
  219. package/dist/proposal/source-aware-claim-appender.d.ts +13 -0
  220. package/dist/proposal/source-aware-claim-appender.js +47 -0
  221. package/dist/proposal/source-aware-claim-appender.js.map +1 -0
  222. package/dist/proposal/sqlite-proposal-queue.d.ts +26 -0
  223. package/dist/proposal/sqlite-proposal-queue.js +282 -0
  224. package/dist/proposal/sqlite-proposal-queue.js.map +1 -0
  225. package/dist/resolution/resolve-claims.d.ts +4 -0
  226. package/dist/resolution/resolve-claims.js +101 -0
  227. package/dist/resolution/resolve-claims.js.map +1 -0
  228. package/dist/resolution/trust-profile.d.ts +12 -0
  229. package/dist/resolution/trust-profile.js +23 -0
  230. package/dist/resolution/trust-profile.js.map +1 -0
  231. package/dist/resolution/types.d.ts +15 -0
  232. package/dist/resolution/types.js +8 -0
  233. package/dist/resolution/types.js.map +1 -0
  234. package/dist/sdk/create-backend-integrated-life-api-for-test.d.ts +23 -0
  235. package/dist/sdk/create-backend-integrated-life-api-for-test.js +240 -0
  236. package/dist/sdk/create-backend-integrated-life-api-for-test.js.map +1 -0
  237. package/dist/sdk/create-life-api.d.ts +55 -0
  238. package/dist/sdk/create-life-api.js +251 -0
  239. package/dist/sdk/create-life-api.js.map +1 -0
  240. package/dist/sdk/create-sqlite-life-api.d.ts +33 -0
  241. package/dist/sdk/create-sqlite-life-api.js +654 -0
  242. package/dist/sdk/create-sqlite-life-api.js.map +1 -0
  243. package/dist/sdk/life-api.d.ts +27 -0
  244. package/dist/sdk/life-api.js +17 -0
  245. package/dist/sdk/life-api.js.map +1 -0
  246. package/dist/sdk/validation.d.ts +8 -0
  247. package/dist/sdk/validation.js +216 -0
  248. package/dist/sdk/validation.js.map +1 -0
  249. package/dist/source/in-memory-source-registry.d.ts +15 -0
  250. package/dist/source/in-memory-source-registry.js +104 -0
  251. package/dist/source/in-memory-source-registry.js.map +1 -0
  252. package/dist/source/source-aware-fact-store.d.ts +19 -0
  253. package/dist/source/source-aware-fact-store.js +40 -0
  254. package/dist/source/source-aware-fact-store.js.map +1 -0
  255. package/dist/source/source-kind-predicate-policy.d.ts +4 -0
  256. package/dist/source/source-kind-predicate-policy.js +62 -0
  257. package/dist/source/source-kind-predicate-policy.js.map +1 -0
  258. package/dist/source/source-registry.d.ts +11 -0
  259. package/dist/source/source-registry.js +12 -0
  260. package/dist/source/source-registry.js.map +1 -0
  261. package/dist/store/in-memory-fact-store.d.ts +25 -0
  262. package/dist/store/in-memory-fact-store.js +192 -0
  263. package/dist/store/in-memory-fact-store.js.map +1 -0
  264. package/dist/surface/context-query.d.ts +21 -0
  265. package/dist/surface/context-query.js +113 -0
  266. package/dist/surface/context-query.js.map +1 -0
  267. package/dist/surface/evidence-backed-context-query.d.ts +62 -0
  268. package/dist/surface/evidence-backed-context-query.js +240 -0
  269. package/dist/surface/evidence-backed-context-query.js.map +1 -0
  270. package/dist/types/access-context.d.ts +25 -0
  271. package/dist/types/access-context.js +6 -0
  272. package/dist/types/access-context.js.map +1 -0
  273. package/dist/types/claim.d.ts +48 -0
  274. package/dist/types/claim.js +5 -0
  275. package/dist/types/claim.js.map +1 -0
  276. package/dist/types/consent.d.ts +41 -0
  277. package/dist/types/consent.js +3 -0
  278. package/dist/types/consent.js.map +1 -0
  279. package/dist/types/crypto-boundary.d.ts +12 -0
  280. package/dist/types/crypto-boundary.js +15 -0
  281. package/dist/types/crypto-boundary.js.map +1 -0
  282. package/dist/types/evidence.d.ts +31 -0
  283. package/dist/types/evidence.js +8 -0
  284. package/dist/types/evidence.js.map +1 -0
  285. package/dist/types/fact-store.d.ts +24 -0
  286. package/dist/types/fact-store.js +12 -0
  287. package/dist/types/fact-store.js.map +1 -0
  288. package/dist/types/ids.d.ts +36 -0
  289. package/dist/types/ids.js +11 -0
  290. package/dist/types/ids.js.map +1 -0
  291. package/dist/types/proposal.d.ts +38 -0
  292. package/dist/types/proposal.js +7 -0
  293. package/dist/types/proposal.js.map +1 -0
  294. package/dist/types/source.d.ts +33 -0
  295. package/dist/types/source.js +6 -0
  296. package/dist/types/source.js.map +1 -0
  297. package/dist/types/trust.d.ts +24 -0
  298. package/dist/types/trust.js +5 -0
  299. package/dist/types/trust.js.map +1 -0
  300. package/dist/utilities/deep-freeze.d.ts +1 -0
  301. package/dist/utilities/deep-freeze.js +17 -0
  302. package/dist/utilities/deep-freeze.js.map +1 -0
  303. package/package.json +55 -0
@@ -0,0 +1,240 @@
1
+ // Slice-12b: Evidence-backed Context Query Surface — Scoped Hydrated Projection.
2
+ //
3
+ // CONTEXT_QUERY_SURFACE_EXISTS_001: single entry point for contract context queries.
4
+ // CONTEXT_QUERY_CONSENT_BEFORE_PROJECTION_001: consent validated and selector restricted
5
+ // BEFORE any claim read or projection. Never filter post-read.
6
+ // CONTEXT_QUERY_SCOPED_HYDRATED_READ_001: agent flow reads hydrated claims with SystemProjectionContext
7
+ // ONLY after selector restriction has been applied.
8
+ // CONTEXT_QUERY_NO_BROAD_HYDRATION_001: the broad requested selector is never passed to
9
+ // readStoredClaims(); only the intersected restrictedSelector is used.
10
+ // CONTEXT_QUERY_ALLOWED_PAYLOAD_VALUES_RETURNED_001: resolved field values for in-scope predicates
11
+ // are returned to the caller via HydratedContractProjection.fields[f].resolvedValue.
12
+ // CONTEXT_QUERY_OUT_OF_SCOPE_PAYLOAD_REDACTED_001: fields whose winning claim was not in the
13
+ // restricted selector have resolvedValue absent from the response.
14
+ // CONTEXT_QUERY_AUDIT_NO_PAYLOAD_VALUES_001: audit events never contain payload values.
15
+ // CONTEXT_QUERY_AGENT_SCOPE_BOUND_001: agent sees only intersection of requested + granted scope.
16
+ // CONTEXT_QUERY_AGENT_NO_RAW_BYTES_001: no getDocument() calls; diagnostics are metadata-only.
17
+ // CONTEXT_QUERY_EVIDENCE_DIAGNOSTICS_INCLUDED_001: diagnostics attached when requested.
18
+ // CONTEXT_QUERY_AUDIT_EVERY_REQUEST_001: every attempt (allow or deny) writes an AuditEvent.
19
+ // CONTEXT_QUERY_AUDIT_FAIL_CLOSED_001: audit write failure returns {ok:false} before any data.
20
+ // CONTEXT_QUERY_OWNER_FULL_ALLOWED_001: OwnerContext uses full requested selector, no grant needed.
21
+ // CONTEXT_QUERY_DETERMINISTIC_001: same inputs produce identical output.
22
+ import { ERASURE_TOMBSTONE_PREDICATE } from "../erasure/tombstone.js";
23
+ import { evaluateGrant } from "../consent/consent-guard.js";
24
+ import { intersectSelector } from "../consent/intersect-selector.js";
25
+ import { buildAuditEvent, denyReasonToAuditCode } from "../audit/audit-log.js";
26
+ import { asISOTime } from "../types/ids.js";
27
+ import { projectContracts } from "../contract/project-contracts.js";
28
+ import { diagnoseContractProjections } from "../contract/diagnostics.js";
29
+ // Internal SystemProjectionContext used for hydrated reads after consent restriction.
30
+ // MUST only be used with the restrictedSelector — never with the raw requested selector.
31
+ const _INTERNAL_PROJ_CTX = { kind: "system_projection" };
32
+ export class EvidenceBackedContextQueryService {
33
+ _store;
34
+ _grantRegistry;
35
+ _auditLog;
36
+ _sourceRegistry;
37
+ _docStore;
38
+ _trust;
39
+ _clock;
40
+ constructor(_store, _grantRegistry, _auditLog, _sourceRegistry, _docStore, _trust, _clock) {
41
+ this._store = _store;
42
+ this._grantRegistry = _grantRegistry;
43
+ this._auditLog = _auditLog;
44
+ this._sourceRegistry = _sourceRegistry;
45
+ this._docStore = _docStore;
46
+ this._trust = _trust;
47
+ this._clock = _clock;
48
+ }
49
+ async queryContracts(ctx, input) {
50
+ const now = this._clock ? this._clock() : asISOTime(new Date().toISOString());
51
+ if (ctx.kind === "audit") {
52
+ return { ok: true, contracts: [] };
53
+ }
54
+ // ERASURE_QUERY_SUPPRESSION_DEFINED_001: tombstone check before any query output.
55
+ // ERASURE_TOMBSTONE_LOOKUP_PERF_DEFERRED_001: O(n) scan acceptable for Slice-21a.
56
+ const tombstones = await this._store.readClaims(_INTERNAL_PROJ_CTX, {
57
+ predicates: [ERASURE_TOMBSTONE_PREDICATE],
58
+ });
59
+ const erasedSubjects = new Set(tombstones.map(t => t.subject));
60
+ if (ctx.kind === "agent") {
61
+ return this._queryAsAgent(ctx, input, now, erasedSubjects);
62
+ }
63
+ return this._queryAsPrivileged(ctx, input, now, erasedSubjects);
64
+ }
65
+ async _queryAsAgent(ctx, input, now, erasedSubjects) {
66
+ const fingerprint = selectorFingerprint(input.selector);
67
+ // 1. Resolve + validate grant — CONTEXT_QUERY_CONSENT_BEFORE_PROJECTION_001
68
+ const grant = this._grantRegistry.lookup(ctx.grantId);
69
+ const decision = evaluateGrant(grant, ctx, "query", now);
70
+ if (!decision.allowed) {
71
+ const event = buildAuditEvent({
72
+ actor: ctx.agentId,
73
+ grantId: ctx.grantId,
74
+ purpose: ctx.purpose,
75
+ decision: "deny",
76
+ reasonCode: denyReasonToAuditCode(decision.reason),
77
+ selectorFingerprint: fingerprint,
78
+ resultCount: 0,
79
+ resultClaimIds: [],
80
+ now,
81
+ });
82
+ try {
83
+ await this._auditLog.write(event);
84
+ }
85
+ catch {
86
+ return { ok: false, reason: "audit-write-failed" };
87
+ }
88
+ return { ok: true, contracts: [] };
89
+ }
90
+ // 2. Restrict selector BEFORE any read — CONTEXT_QUERY_CONSENT_BEFORE_PROJECTION_001
91
+ const restrictedSelector = intersectSelector(input.selector, grant);
92
+ // 3. CONTEXT_QUERY_SCOPED_HYDRATED_READ_001: hydrated read with SystemProjectionContext
93
+ // and the ALREADY-RESTRICTED selector. The broad requested selector is never used here.
94
+ let rawClaims = [];
95
+ if (restrictedSelector !== null) {
96
+ rawClaims = await this._store.readStoredClaims(_INTERNAL_PROJ_CTX, restrictedSelector);
97
+ }
98
+ // ERASURE_QUERY_SUPPRESSION_DEFINED_001: suppress claims for erased subjects.
99
+ // ERASURE_TOMBSTONE_SELF_SUPPRESSION_CARVEOUT_001: tombstone lookup is separate;
100
+ // tombstone predicate is never in restrictedSelector here.
101
+ const storedClaims = erasedSubjects.size > 0
102
+ ? rawClaims.filter(c => !erasedSubjects.has(c.subject))
103
+ : rawClaims;
104
+ // 4. Project from in-scope claims only. StoredClaim satisfies ClaimMeta structurally.
105
+ // erasedSubjects passed for defense-in-depth; storedClaims is already pre-filtered.
106
+ const projections = projectContracts(storedClaims, this._trust, erasedSubjects);
107
+ // 5. Hydrate projections with payload values for in-scope resolved fields.
108
+ // CONTEXT_QUERY_OUT_OF_SCOPE_PAYLOAD_REDACTED_001: storedClaimMap only contains
109
+ // claims from restrictedSelector — out-of-scope winning claims yield no resolvedValue.
110
+ const storedClaimMap = new Map(storedClaims.map((c) => [c.id, c]));
111
+ const hydratedProjections = hydrateProjections(projections, storedClaimMap);
112
+ // 6. Optionally attach diagnostics — CONTEXT_QUERY_EVIDENCE_DIAGNOSTICS_INCLUDED_001
113
+ const claimMap = new Map(storedClaims.map((c) => [c.id, c]));
114
+ const diagnostics = input.includeDiagnostics
115
+ ? diagnoseContractProjections(projections, claimMap, this._sourceRegistry, this._docStore, ctx)
116
+ : undefined;
117
+ // 7. Build + write allow audit — CONTEXT_QUERY_AUDIT_NO_PAYLOAD_VALUES_001
118
+ // Audit stores only contractIds (metadata), never payload values.
119
+ const contractIds = projections.map((p) => p.contractId);
120
+ const auditEvent = buildAuditEvent({
121
+ actor: ctx.agentId,
122
+ grantId: ctx.grantId,
123
+ purpose: ctx.purpose,
124
+ decision: "allow",
125
+ reasonCode: restrictedSelector === null ? "SCOPE_INTERSECTION_EMPTY" : "ALLOWED",
126
+ selectorFingerprint: fingerprint,
127
+ resultCount: projections.length,
128
+ resultClaimIds: storedClaims.map((c) => c.id),
129
+ contractIds,
130
+ now,
131
+ });
132
+ // CONTEXT_QUERY_AUDIT_FAIL_CLOSED_001: write BEFORE returning contract data
133
+ try {
134
+ await this._auditLog.write(auditEvent);
135
+ }
136
+ catch {
137
+ return { ok: false, reason: "audit-write-failed" };
138
+ }
139
+ return {
140
+ ok: true,
141
+ contracts: hydratedProjections,
142
+ auditId: auditEvent.id,
143
+ ...(diagnostics !== undefined ? { diagnostics } : {}),
144
+ };
145
+ }
146
+ async _queryAsPrivileged(ctx, input, now, erasedSubjects) {
147
+ const fingerprint = selectorFingerprint(input.selector);
148
+ // CONTEXT_QUERY_OWNER_FULL_ALLOWED_001: no grant needed; full hydrated read
149
+ const rawClaims = await this._store.readStoredClaims(ctx, input.selector);
150
+ // ERASURE_QUERY_SUPPRESSION_DEFINED_001: suppress claims for erased subjects.
151
+ const storedClaims = erasedSubjects.size > 0
152
+ ? rawClaims.filter(c => !erasedSubjects.has(c.subject))
153
+ : rawClaims;
154
+ // erasedSubjects passed for defense-in-depth; storedClaims is already pre-filtered.
155
+ const projections = projectContracts(storedClaims, this._trust, erasedSubjects);
156
+ const storedClaimMap = new Map(storedClaims.map((c) => [c.id, c]));
157
+ const hydratedProjections = hydrateProjections(projections, storedClaimMap);
158
+ const claimMap = new Map(storedClaims.map((c) => [c.id, c]));
159
+ const diagnostics = input.includeDiagnostics
160
+ ? diagnoseContractProjections(projections, claimMap, this._sourceRegistry, this._docStore, ctx)
161
+ : undefined;
162
+ const contractIds = projections.map((p) => p.contractId);
163
+ const auditEvent = buildAuditEvent({
164
+ actor: actorLabel(ctx),
165
+ decision: "allow",
166
+ reasonCode: "ALLOWED",
167
+ selectorFingerprint: fingerprint,
168
+ resultCount: projections.length,
169
+ resultClaimIds: storedClaims.map((c) => c.id),
170
+ contractIds,
171
+ now,
172
+ });
173
+ // CONTEXT_QUERY_AUDIT_FAIL_CLOSED_001
174
+ try {
175
+ await this._auditLog.write(auditEvent);
176
+ }
177
+ catch {
178
+ return { ok: false, reason: "audit-write-failed" };
179
+ }
180
+ return {
181
+ ok: true,
182
+ contracts: hydratedProjections,
183
+ auditId: auditEvent.id,
184
+ ...(diagnostics !== undefined ? { diagnostics } : {}),
185
+ };
186
+ }
187
+ }
188
+ // ─── Hydration helpers ────────────────────────────────────────────────────────
189
+ function hydrateField(field, storedClaimMap) {
190
+ const stored = field.winningClaimId !== undefined
191
+ ? storedClaimMap.get(field.winningClaimId)
192
+ : undefined;
193
+ return {
194
+ status: field.status,
195
+ competingClaimIds: field.competingClaimIds,
196
+ reasonCode: field.reasonCode,
197
+ ...(field.winningClaimId !== undefined ? { winningClaimId: field.winningClaimId } : {}),
198
+ ...(stored !== undefined ? { resolvedValue: stored.payload } : {}),
199
+ };
200
+ }
201
+ function hydrateProjection(proj, storedClaimMap) {
202
+ return {
203
+ contractId: proj.contractId,
204
+ status: proj.status,
205
+ conflicts: proj.conflicts,
206
+ derivedFrom: proj.derivedFrom,
207
+ policyId: proj.policyId,
208
+ policyVersion: proj.policyVersion,
209
+ fields: {
210
+ counterparty: hydrateField(proj.fields.counterparty, storedClaimMap),
211
+ amount: hydrateField(proj.fields.amount, storedClaimMap),
212
+ cadence: hydrateField(proj.fields.cadence, storedClaimMap),
213
+ nextDue: hydrateField(proj.fields.nextDue, storedClaimMap),
214
+ cancellationTerms: hydrateField(proj.fields.cancellationTerms, storedClaimMap),
215
+ contractStatus: hydrateField(proj.fields.contractStatus, storedClaimMap),
216
+ },
217
+ };
218
+ }
219
+ function hydrateProjections(projections, storedClaimMap) {
220
+ return projections.map((p) => hydrateProjection(p, storedClaimMap));
221
+ }
222
+ // ─── Utilities ────────────────────────────────────────────────────────────────
223
+ function actorLabel(ctx) {
224
+ if (ctx.kind === "owner")
225
+ return `owner:${ctx.personId}`;
226
+ if (ctx.kind === "system_projection")
227
+ return "system_projection";
228
+ return `test:${ctx.label}`;
229
+ }
230
+ function selectorFingerprint(selector) {
231
+ const parts = [];
232
+ if (selector.subject)
233
+ parts.push(`subject:${selector.subject}`);
234
+ if (selector.predicates)
235
+ parts.push(`preds:[${[...selector.predicates].sort().join(",")}]`);
236
+ if (selector.sinceRecordedSeq !== undefined)
237
+ parts.push(`since:${selector.sinceRecordedSeq}`);
238
+ return parts.join("|") || "no-filter";
239
+ }
240
+ //# sourceMappingURL=evidence-backed-context-query.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"evidence-backed-context-query.js","sourceRoot":"","sources":["../../src/surface/evidence-backed-context-query.ts"],"names":[],"mappings":"AAAA,iFAAiF;AACjF,EAAE;AACF,qFAAqF;AACrF,yFAAyF;AACzF,iEAAiE;AACjE,wGAAwG;AACxG,sDAAsD;AACtD,wFAAwF;AACxF,yEAAyE;AACzE,mGAAmG;AACnG,uFAAuF;AACvF,6FAA6F;AAC7F,qEAAqE;AACrE,wFAAwF;AACxF,kGAAkG;AAClG,+FAA+F;AAC/F,wFAAwF;AACxF,6FAA6F;AAC7F,+FAA+F;AAC/F,oGAAoG;AACpG,yEAAyE;AAMzE,OAAO,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAC;AAStE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC/E,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AACpE,OAAO,EAAE,2BAA2B,EAAE,MAAM,4BAA4B,CAAC;AAEzE,sFAAsF;AACtF,yFAAyF;AACzF,MAAM,kBAAkB,GAA4B,EAAE,IAAI,EAAE,mBAAmB,EAAE,CAAC;AA8ClF,MAAM,OAAO,iCAAiC;IAEzB;IACA;IACA;IACA;IACA;IACA;IACA;IAPnB,YACmB,MAA0B,EAC1B,cAA8B,EAC9B,SAAyB,EACzB,eAA+B,EAC/B,SAAiC,EACjC,MAA6B,EAC7B,MAA8B;QAN9B,WAAM,GAAN,MAAM,CAAoB;QAC1B,mBAAc,GAAd,cAAc,CAAgB;QAC9B,cAAS,GAAT,SAAS,CAAgB;QACzB,oBAAe,GAAf,eAAe,CAAgB;QAC/B,cAAS,GAAT,SAAS,CAAwB;QACjC,WAAM,GAAN,MAAM,CAAuB;QAC7B,WAAM,GAAN,MAAM,CAAwB;IAC9C,CAAC;IAEJ,KAAK,CAAC,cAAc,CAAC,GAAkB,EAAE,KAA0B;QACjE,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;QAE9E,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;QACrC,CAAC;QAED,kFAAkF;QAClF,kFAAkF;QAClF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,kBAAkB,EAAE;YAClE,UAAU,EAAE,CAAC,2BAA2B,CAAC;SAC1C,CAAC,CAAC;QACH,MAAM,cAAc,GAA0B,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;QAEtF,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,cAAc,CAAC,CAAC;QAC7D,CAAC;QAED,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,cAAc,CAAC,CAAC;IAClE,CAAC;IAEO,KAAK,CAAC,aAAa,CACzB,GAAmC,EACnC,KAAmC,EACnC,GAAuB,EACvB,cAAqC;QAErC,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAExD,4EAA4E;QAC5E,MAAM,KAAK,GAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACzD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;QAEzD,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtB,MAAM,KAAK,GAAG,eAAe,CAAC;gBAC5B,KAAK,EAAgB,GAAG,CAAC,OAAO;gBAChC,OAAO,EAAc,GAAG,CAAC,OAAO;gBAChC,OAAO,EAAc,GAAG,CAAC,OAAO;gBAChC,QAAQ,EAAa,MAAM;gBAC3B,UAAU,EAAW,qBAAqB,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC3D,mBAAmB,EAAE,WAAW;gBAChC,WAAW,EAAU,CAAC;gBACtB,cAAc,EAAO,EAAE;gBACvB,GAAG;aACJ,CAAC,CAAC;YACH,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACpC,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;YACrD,CAAC;YACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;QACrC,CAAC;QAED,qFAAqF;QACrF,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAM,CAAC,CAAC;QAErE,wFAAwF;QACxF,2FAA2F;QAC3F,IAAI,SAAS,GAA+B,EAAE,CAAC;QAC/C,IAAI,kBAAkB,KAAK,IAAI,EAAE,CAAC;YAChC,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,kBAAkB,CAAC,CAAC;QACzF,CAAC;QAED,8EAA8E;QAC9E,iFAAiF;QACjF,6DAA6D;QAC7D,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,GAAG,CAAC;YAC1C,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;YACvD,CAAC,CAAC,SAAS,CAAC;QAEd,sFAAsF;QACtF,oFAAoF;QACpF,MAAM,WAAW,GAAG,gBAAgB,CAAC,YAAY,EAAE,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAEhF,2EAA2E;QAC3E,mFAAmF;QACnF,0FAA0F;QAC1F,MAAM,cAAc,GAAG,IAAI,GAAG,CAAuB,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACzF,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;QAE5E,qFAAqF;QACrF,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAqB,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACjF,MAAM,WAAW,GAAG,KAAK,CAAC,kBAAkB;YAC1C,CAAC,CAAC,2BAA2B,CAAC,WAAW,EAAE,QAAQ,EAAE,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC,SAAS,EAAE,GAAG,CAAC;YAC/F,CAAC,CAAC,SAAS,CAAC;QAEd,2EAA2E;QAC3E,qEAAqE;QACrE,MAAM,WAAW,GAA8B,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;QACpF,MAAM,UAAU,GAAG,eAAe,CAAC;YACjC,KAAK,EAAgB,GAAG,CAAC,OAAO;YAChC,OAAO,EAAc,GAAG,CAAC,OAAO;YAChC,OAAO,EAAc,GAAG,CAAC,OAAO;YAChC,QAAQ,EAAa,OAAO;YAC5B,UAAU,EAAW,kBAAkB,KAAK,IAAI,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,SAAS;YACzF,mBAAmB,EAAE,WAAW;YAChC,WAAW,EAAU,WAAW,CAAC,MAAM;YACvC,cAAc,EAAO,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClD,WAAW;YACX,GAAG;SACJ,CAAC,CAAC;QAEH,4EAA4E;QAC5E,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;QACrD,CAAC;QAED,OAAO;YACL,EAAE,EAAS,IAAI;YACf,SAAS,EAAE,mBAAmB;YAC9B,OAAO,EAAI,UAAU,CAAC,EAAE;YACxB,GAAG,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtD,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAC9B,GAAoE,EACpE,KAAmC,EACnC,GAAuB,EACvB,cAAqC;QAErC,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAExD,4EAA4E;QAC5E,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC;QAE1E,8EAA8E;QAC9E,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,GAAG,CAAC;YAC1C,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;YACvD,CAAC,CAAC,SAAS,CAAC;QAEd,oFAAoF;QACpF,MAAM,WAAW,GAAG,gBAAgB,CAAC,YAAY,EAAE,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAEhF,MAAM,cAAc,GAAG,IAAI,GAAG,CAAuB,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACzF,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;QAE5E,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAqB,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACjF,MAAM,WAAW,GAAG,KAAK,CAAC,kBAAkB;YAC1C,CAAC,CAAC,2BAA2B,CAAC,WAAW,EAAE,QAAQ,EAAE,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC,SAAS,EAAE,GAAG,CAAC;YAC/F,CAAC,CAAC,SAAS,CAAC;QAEd,MAAM,WAAW,GAA8B,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;QACpF,MAAM,UAAU,GAAG,eAAe,CAAC;YACjC,KAAK,EAAgB,UAAU,CAAC,GAAG,CAAC;YACpC,QAAQ,EAAa,OAAO;YAC5B,UAAU,EAAW,SAAS;YAC9B,mBAAmB,EAAE,WAAW;YAChC,WAAW,EAAU,WAAW,CAAC,MAAM;YACvC,cAAc,EAAO,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClD,WAAW;YACX,GAAG;SACJ,CAAC,CAAC;QAEH,sCAAsC;QACtC,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;QACrD,CAAC;QAED,OAAO;YACL,EAAE,EAAS,IAAI;YACf,SAAS,EAAE,mBAAmB;YAC9B,OAAO,EAAI,UAAU,CAAC,EAAE;YACxB,GAAG,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtD,CAAC;IACJ,CAAC;CACF;AAED,iFAAiF;AAEjF,SAAS,YAAY,CACnB,KAAkL,EAClL,cAAiD;IAEjD,MAAM,MAAM,GACV,KAAK,CAAC,cAAc,KAAK,SAAS;QAChC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC;QAC1C,CAAC,CAAC,SAAS,CAAC;IAEhB,OAAO;QACL,MAAM,EAAa,KAAK,CAAC,MAAM;QAC/B,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,UAAU,EAAS,KAAK,CAAC,UAAU;QACnC,GAAG,CAAC,KAAK,CAAC,cAAc,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,KAAK,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvF,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CACxB,IAAkC,EAClC,cAAiD;IAEjD,OAAO;QACL,UAAU,EAAK,IAAI,CAAC,UAAU;QAC9B,MAAM,EAAS,IAAI,CAAC,MAAM;QAC1B,SAAS,EAAM,IAAI,CAAC,SAAS;QAC7B,WAAW,EAAI,IAAI,CAAC,WAAW;QAC/B,QAAQ,EAAO,IAAI,CAAC,QAAQ;QAC5B,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,MAAM,EAAE;YACN,YAAY,EAAO,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAO,cAAc,CAAC;YAC9E,MAAM,EAAa,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAa,cAAc,CAAC;YAC9E,OAAO,EAAY,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAY,cAAc,CAAC;YAC9E,OAAO,EAAY,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAY,cAAc,CAAC;YAC9E,iBAAiB,EAAE,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,cAAc,CAAC;YAC9E,cAAc,EAAK,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,EAAK,cAAc,CAAC;SAC/E;KACF,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,WAAiD,EACjD,cAAiD;IAEjD,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC;AACtE,CAAC;AAED,iFAAiF;AAEjF,SAAS,UAAU,CAAC,GAAyD;IAC3E,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO;QAAc,OAAO,SAAS,GAAG,CAAC,QAAQ,EAAE,CAAC;IACrE,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB;QAAE,OAAO,mBAAmB,CAAC;IACjE,OAAO,QAAQ,GAAG,CAAC,KAAK,EAAE,CAAC;AAC7B,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAuB;IAClD,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,QAAQ,CAAC,OAAO;QAAyB,KAAK,CAAC,IAAI,CAAC,WAAW,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;IACvF,IAAI,QAAQ,CAAC,UAAU;QAAsB,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChH,IAAI,QAAQ,CAAC,gBAAgB,KAAK,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,SAAS,QAAQ,CAAC,gBAAgB,EAAE,CAAC,CAAC;IAC9F,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC;AACxC,CAAC"}
@@ -0,0 +1,25 @@
1
+ import type { PersonId, GrantId } from "./ids.js";
2
+ export type AccessContext = OwnerContext | AgentConsentContext | SystemProjectionContext | AuditContext | TestContext;
3
+ export interface OwnerContext {
4
+ readonly kind: "owner";
5
+ readonly personId: PersonId;
6
+ }
7
+ export interface AgentConsentContext {
8
+ readonly kind: "agent";
9
+ readonly grantId: GrantId;
10
+ readonly agentId: string;
11
+ readonly purpose: PurposeTag;
12
+ readonly notAfter: string;
13
+ }
14
+ export interface SystemProjectionContext {
15
+ readonly kind: "system_projection";
16
+ }
17
+ export interface AuditContext {
18
+ readonly kind: "audit";
19
+ readonly personId: PersonId;
20
+ }
21
+ export interface TestContext {
22
+ readonly kind: "test";
23
+ readonly label: string;
24
+ }
25
+ export type PurposeTag = "obligation_review" | "cancellation_assist" | "budget_analysis" | "b2b_verification" | "proposal_submission" | "erasure_request" | "emergency_access" | "diagnosis" | "treatment" | "emergency" | "tax" | "credit_check" | "insurance_claim" | "account_overview" | "notary" | "contract_review" | "evidence_preservation" | "court_filing";
@@ -0,0 +1,6 @@
1
+ // ADR-004 + GPT-5.5 correction:
2
+ // "No store read without AccessContext" — not just ConsentContext.
3
+ // Projection rebuilds, audits, owner actions, and tests each get a typed context.
4
+ // External agents ONLY receive AgentConsentContext — never OwnerContext or SystemContext.
5
+ export {};
6
+ //# sourceMappingURL=access-context.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"access-context.js","sourceRoot":"","sources":["../../src/types/access-context.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,mEAAmE;AACnE,kFAAkF;AAClF,0FAA0F"}
@@ -0,0 +1,48 @@
1
+ import type { ClaimId, ContractId, SourceId, PersonId, ISOTime } from "./ids.js";
2
+ export interface ClaimMeta {
3
+ readonly id: ClaimId;
4
+ readonly sourceId: SourceId;
5
+ readonly subject: PersonId;
6
+ readonly predicate: ClaimPredicate;
7
+ readonly validFrom: ISOTime;
8
+ readonly validTo?: ISOTime;
9
+ readonly recordedAt: ISOTime;
10
+ readonly recordedSeq: number;
11
+ readonly retracts?: ClaimId;
12
+ readonly supersedes?: ClaimId;
13
+ readonly overrides?: ClaimId;
14
+ readonly contractId?: ContractId;
15
+ readonly confidence?: number;
16
+ }
17
+ export interface Claim<P extends ClaimPayload = ClaimPayload> extends ClaimMeta {
18
+ readonly payload: P;
19
+ }
20
+ export type AppendClaimInput = Omit<Claim, "id" | "recordedAt" | "recordedSeq">;
21
+ export type StoredClaim = Readonly<Claim>;
22
+ export type ClaimPredicate = "person.name" | "person.email" | "contract.exists" | "contract.counterparty" | "contract.amount" | "contract.cadence" | "contract.next_due" | "contract.cancellation_terms" | "contract.identity.link" | (string & Record<never, never>);
23
+ export type ClaimPayload = StringPayload | MoneyPayload | CadencePayload | DatePayload | IdentityLinkPayload;
24
+ export interface StringPayload {
25
+ readonly type: "string";
26
+ readonly value: string;
27
+ }
28
+ export interface MoneyPayload {
29
+ readonly type: "money";
30
+ readonly currency: string;
31
+ readonly minorUnits: number;
32
+ }
33
+ export interface CadencePayload {
34
+ readonly type: "cadence";
35
+ readonly rrule: string;
36
+ }
37
+ export interface DatePayload {
38
+ readonly type: "date";
39
+ readonly value: ISOTime;
40
+ }
41
+ export interface IdentityLinkPayload {
42
+ readonly type: "identity_link";
43
+ readonly contractId: string;
44
+ readonly observedAlias: string;
45
+ readonly normalizedAlias: string;
46
+ readonly normalizerVersion: string;
47
+ readonly matchMethod: "manual" | "auto_high_confidence" | "proposal_accepted";
48
+ }
@@ -0,0 +1,5 @@
1
+ // Core Claim types — ADR-001, ADR-003
2
+ // Claims are append-only, bitemporal assertions. Never mutated. Never deleted.
3
+ // Retraction = new Claim. Override = new Claim. Supersede = new Claim.
4
+ export {};
5
+ //# sourceMappingURL=claim.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"claim.js","sourceRoot":"","sources":["../../src/types/claim.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,+EAA+E;AAC/E,uEAAuE"}
@@ -0,0 +1,41 @@
1
+ import type { GrantId, PersonId, ISOTime } from "./ids.js";
2
+ import type { ClaimPredicate } from "./claim.js";
3
+ import type { PurposeTag } from "./access-context.js";
4
+ export interface ConsentGrant {
5
+ readonly id: GrantId;
6
+ readonly grantedTo: AgentIdentity;
7
+ readonly purpose: PurposeTag;
8
+ readonly scope: Scope;
9
+ readonly capabilities: ReadonlyArray<Capability>;
10
+ readonly notBefore: ISOTime;
11
+ readonly notAfter: ISOTime;
12
+ readonly maxFieldDepth?: "summary" | "full";
13
+ readonly revokedAt?: ISOTime;
14
+ readonly createdAt: ISOTime;
15
+ }
16
+ export interface AgentIdentity {
17
+ readonly agentId: string;
18
+ readonly displayName: string;
19
+ }
20
+ export interface Scope {
21
+ readonly predicates: ReadonlyArray<ClaimPredicate>;
22
+ readonly subjects?: ReadonlyArray<PersonId>;
23
+ readonly contractIds?: ReadonlyArray<string>;
24
+ readonly excludePredicates?: ReadonlyArray<ClaimPredicate>;
25
+ }
26
+ export type Capability = "query" | "propose";
27
+ export type ConsentDecision = {
28
+ allowed: true;
29
+ scopedPredicates: ReadonlyArray<ClaimPredicate>;
30
+ maxFieldDepth: "summary" | "full";
31
+ } | {
32
+ allowed: false;
33
+ reason: ConsentDenyReason;
34
+ };
35
+ export type ConsentDenyReason = "grant_not_found" | "grant_expired" | "grant_not_yet_active" | "grant_revoked" | "purpose_mismatch" | "capability_not_granted" | "scope_empty" | "subject_not_granted";
36
+ export type ScopedQueryResult<T> = {
37
+ found: true;
38
+ data: T;
39
+ } | {
40
+ found: false;
41
+ };
@@ -0,0 +1,3 @@
1
+ // ADR-004 — ConsentGrant and Scope types
2
+ export {};
3
+ //# sourceMappingURL=consent.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"consent.js","sourceRoot":"","sources":["../../src/types/consent.ts"],"names":[],"mappings":"AAAA,yCAAyC"}
@@ -0,0 +1,12 @@
1
+ export interface CryptoBoundary {
2
+ encryptPayload(plaintext: string): Promise<EncryptedBlob>;
3
+ decryptPayload(blob: EncryptedBlob): Promise<string>;
4
+ encryptDocument(plaintext: Uint8Array): Promise<EncryptedBlob>;
5
+ decryptDocument(blob: EncryptedBlob): Promise<Uint8Array>;
6
+ }
7
+ export interface EncryptedBlob {
8
+ readonly ciphertext: string;
9
+ readonly iv: string;
10
+ readonly authTag: string;
11
+ readonly keyRef: string;
12
+ }
@@ -0,0 +1,15 @@
1
+ // ADR-005 — CryptoBoundary interface
2
+ // Exactly ONE layer between domain (plaintext) and persistence (ciphertext).
3
+ // No domain module may import crypto primitives directly (enforced by architecture tests).
4
+ export {};
5
+ // What is encrypted at rest (ADR-005, field-level list):
6
+ // - Claim.payload (value field)
7
+ // - raw source documents (PDF, email body)
8
+ //
9
+ // What remains plaintext metadata (explicitly accepted risk for MVP):
10
+ // - ContractId, ClaimId, SourceId, predicate names
11
+ // - recordedAt, validFrom/validTo, confidence
12
+ // - Consent scope structure
13
+ // Risk: allows traffic analysis ("user has N contracts")
14
+ // Accepted: no real PII in MVP 0.1. Post-MVP: metadata encryption.
15
+ //# sourceMappingURL=crypto-boundary.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto-boundary.js","sourceRoot":"","sources":["../../src/types/crypto-boundary.ts"],"names":[],"mappings":"AAAA,qCAAqC;AACrC,6EAA6E;AAC7E,2FAA2F;;AAuB3F,yDAAyD;AACzD,gCAAgC;AAChC,2CAA2C;AAC3C,EAAE;AACF,sEAAsE;AACtE,mDAAmD;AACnD,8CAA8C;AAC9C,4BAA4B;AAC5B,yDAAyD;AACzD,mEAAmE"}
@@ -0,0 +1,31 @@
1
+ import type { EvidenceId, ISOTime } from "./ids.js";
2
+ import type { OwnerContext, SystemProjectionContext, TestContext } from "./access-context.js";
3
+ export type EvidenceWriter = OwnerContext | SystemProjectionContext | TestContext;
4
+ export interface EvidenceRef {
5
+ readonly id: EvidenceId;
6
+ readonly uri: string;
7
+ readonly mimeType: string;
8
+ readonly byteLength: number;
9
+ readonly encrypted: true;
10
+ readonly createdAt: ISOTime;
11
+ readonly label?: string;
12
+ }
13
+ export interface RawDocument {
14
+ readonly id: EvidenceId;
15
+ readonly mimeType: string;
16
+ readonly byteLength: number;
17
+ readonly createdAt: ISOTime;
18
+ readonly createdBy: EvidenceWriter;
19
+ readonly label?: string;
20
+ readonly metadata?: Readonly<Record<string, unknown>>;
21
+ readonly plainBytes: Uint8Array;
22
+ }
23
+ export interface RawDocumentInput {
24
+ readonly mimeType: string;
25
+ readonly bytes: Uint8Array;
26
+ readonly label?: string;
27
+ readonly metadata?: Record<string, unknown>;
28
+ }
29
+ export interface EvidenceFilter {
30
+ readonly mimeType?: string;
31
+ }
@@ -0,0 +1,8 @@
1
+ // Evidence types — Slice-09 encrypted RawDocument / EvidenceRef store.
2
+ //
3
+ // RAW_DOCUMENT_STORE_EXISTS_001: RawDocumentStore is the only durable home for raw bytes.
4
+ // RAW_DOCUMENT_BYTES_ENCRYPTED_AT_REST_001: only EncryptedBlob is persisted, never plaintext.
5
+ // RAW_DOCUMENT_IMMUTABLE_001: documents have no update/delete path.
6
+ // RAW_DOCUMENT_ACCESS_BOUND_001: only Owner/System/Test may write or read raw bytes.
7
+ export {};
8
+ //# sourceMappingURL=evidence.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"evidence.js","sourceRoot":"","sources":["../../src/types/evidence.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,EAAE;AACF,0FAA0F;AAC1F,8FAA8F;AAC9F,oEAAoE;AACpE,qFAAqF"}
@@ -0,0 +1,24 @@
1
+ import type { ClaimId, PersonId, ISOTime } from "./ids.js";
2
+ import type { AppendClaimInput, ClaimMeta, ClaimPredicate, StoredClaim } from "./claim.js";
3
+ import type { AccessContext } from "./access-context.js";
4
+ export interface FactStore {
5
+ append(input: AppendClaimInput, ctx: AccessContext): Promise<{
6
+ claimId: ClaimId;
7
+ recordedSeq: number;
8
+ }>;
9
+ readAll(ctx: AccessContext): Promise<ReadonlyArray<ClaimMeta>>;
10
+ readSince(seq: number, ctx: AccessContext): Promise<ReadonlyArray<ClaimMeta>>;
11
+ readAt(params: BitemporalQuery, ctx: AccessContext): Promise<ReadonlyArray<ClaimMeta>>;
12
+ readClaims(ctx: AccessContext, selector: ClaimSelector): Promise<ReadonlyArray<ClaimMeta>>;
13
+ readStoredClaims(ctx: AccessContext, selector: ClaimSelector): Promise<ReadonlyArray<StoredClaim>>;
14
+ }
15
+ export interface BitemporalQuery {
16
+ validAsOf?: ISOTime;
17
+ knownAsOf?: ISOTime;
18
+ }
19
+ export interface ClaimSelector {
20
+ readonly subject?: PersonId;
21
+ readonly predicates?: ReadonlyArray<ClaimPredicate>;
22
+ readonly sinceRecordedSeq?: number;
23
+ readonly includeRetracted?: boolean;
24
+ }
@@ -0,0 +1,12 @@
1
+ // FactStore interface — the only write+read primitive.
2
+ // ALL reads require an AccessContext. No implicit read-all. (ADR-004, GPT-5.5)
3
+ //
4
+ // Two read tiers (Slice-06b):
5
+ // Metadata reads — readAll / readClaims / readSince / readAt → ClaimMeta[]
6
+ // Safe for AgentConsentContext and AuditContext.
7
+ // Hydrated reads — readStoredClaims → StoredClaim[] (includes decrypted payload)
8
+ // FACTSTORE_HYDRATED_READ_ACCESS_BOUND_001:
9
+ // Only OwnerContext, SystemProjectionContext, TestContext are allowed.
10
+ // AgentConsentContext and AuditContext are denied — fail closed.
11
+ export {};
12
+ //# sourceMappingURL=fact-store.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"fact-store.js","sourceRoot":"","sources":["../../src/types/fact-store.ts"],"names":[],"mappings":"AAAA,uDAAuD;AACvD,+EAA+E;AAC/E,EAAE;AACF,8BAA8B;AAC9B,8EAA8E;AAC9E,qEAAqE;AACrE,oFAAoF;AACpF,gEAAgE;AAChE,2FAA2F;AAC3F,qFAAqF"}
@@ -0,0 +1,36 @@
1
+ export type PersonId = string & {
2
+ readonly __brand: "PersonId";
3
+ };
4
+ export type SourceId = string & {
5
+ readonly __brand: "SourceId";
6
+ };
7
+ export type ClaimId = string & {
8
+ readonly __brand: "ClaimId";
9
+ };
10
+ export type ContractId = string & {
11
+ readonly __brand: "ContractId";
12
+ };
13
+ export type GrantId = string & {
14
+ readonly __brand: "GrantId";
15
+ };
16
+ export type ProposalId = string & {
17
+ readonly __brand: "ProposalId";
18
+ };
19
+ export type AuditId = string & {
20
+ readonly __brand: "AuditId";
21
+ };
22
+ export type ISOTime = string & {
23
+ readonly __brand: "ISOTime";
24
+ };
25
+ export type EvidenceId = string & {
26
+ readonly __brand: "EvidenceId";
27
+ };
28
+ export declare function asPersonId(s: string): PersonId;
29
+ export declare function asSourceId(s: string): SourceId;
30
+ export declare function asClaimId(s: string): ClaimId;
31
+ export declare function asContractId(s: string): ContractId;
32
+ export declare function asGrantId(s: string): GrantId;
33
+ export declare function asProposalId(s: string): ProposalId;
34
+ export declare function asAuditId(s: string): AuditId;
35
+ export declare function asISOTime(s: string): ISOTime;
36
+ export declare function asEvidenceId(s: string): EvidenceId;
@@ -0,0 +1,11 @@
1
+ // Branded IDs — prevent mixing ClaimId where ContractId is expected at compile time
2
+ export function asPersonId(s) { return s; }
3
+ export function asSourceId(s) { return s; }
4
+ export function asClaimId(s) { return s; }
5
+ export function asContractId(s) { return s; }
6
+ export function asGrantId(s) { return s; }
7
+ export function asProposalId(s) { return s; }
8
+ export function asAuditId(s) { return s; }
9
+ export function asISOTime(s) { return s; }
10
+ export function asEvidenceId(s) { return s; }
11
+ //# sourceMappingURL=ids.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"ids.js","sourceRoot":"","sources":["../../src/types/ids.ts"],"names":[],"mappings":"AAAA,oFAAoF;AAYpF,MAAM,UAAU,UAAU,CAAC,CAAS,IAAkB,OAAO,CAAa,CAAC,CAAC,CAAC;AAC7E,MAAM,UAAU,UAAU,CAAC,CAAS,IAAkB,OAAO,CAAa,CAAC,CAAC,CAAC;AAC7E,MAAM,UAAU,SAAS,CAAC,CAAS,IAAmB,OAAO,CAAY,CAAC,CAAC,CAAC;AAC5E,MAAM,UAAU,YAAY,CAAC,CAAS,IAAgB,OAAO,CAAe,CAAC,CAAC,CAAC;AAC/E,MAAM,UAAU,SAAS,CAAC,CAAS,IAAmB,OAAO,CAAY,CAAC,CAAC,CAAC;AAC5E,MAAM,UAAU,YAAY,CAAC,CAAS,IAAgB,OAAO,CAAe,CAAC,CAAC,CAAC;AAC/E,MAAM,UAAU,SAAS,CAAC,CAAS,IAAmB,OAAO,CAAY,CAAC,CAAC,CAAC;AAC5E,MAAM,UAAU,SAAS,CAAC,CAAS,IAAmB,OAAO,CAAY,CAAC,CAAC,CAAC;AAC5E,MAAM,UAAU,YAAY,CAAC,CAAS,IAAgB,OAAO,CAAe,CAAC,CAAC,CAAC"}
@@ -0,0 +1,38 @@
1
+ import type { ClaimId, GrantId, ISOTime, ProposalId, SourceId } from "./ids.js";
2
+ import type { OwnerContext, SystemProjectionContext, TestContext } from "./access-context.js";
3
+ import type { AppendClaimInput } from "./claim.js";
4
+ export type ProposalStatus = "pending" | "accepted" | "rejected" | "expired";
5
+ export interface ProposalAuthor {
6
+ readonly agentId: string;
7
+ readonly grantId: GrantId;
8
+ readonly purpose: string;
9
+ }
10
+ export interface Proposal {
11
+ readonly id: ProposalId;
12
+ readonly proposedBy: ProposalAuthor;
13
+ readonly underGrant: GrantId;
14
+ readonly candidateClaims: ReadonlyArray<AppendClaimInput>;
15
+ readonly rationale?: string;
16
+ readonly status: ProposalStatus;
17
+ readonly createdAt: ISOTime;
18
+ readonly decidedAt?: ISOTime;
19
+ readonly decidedBy?: OwnerContext | SystemProjectionContext | TestContext;
20
+ readonly resultingClaimIds?: ReadonlyArray<ClaimId>;
21
+ readonly rejectionReason?: string;
22
+ }
23
+ export interface ProposalInput {
24
+ readonly candidateClaims: ReadonlyArray<AppendClaimInput>;
25
+ readonly rationale?: string;
26
+ }
27
+ export interface ProposalFilter {
28
+ readonly status?: ProposalStatus;
29
+ readonly proposedByAgent?: string;
30
+ readonly underGrant?: GrantId;
31
+ }
32
+ export interface AcceptOptions {
33
+ readonly sourceId: SourceId;
34
+ }
35
+ export interface RejectOptions {
36
+ readonly reason: string;
37
+ }
38
+ export type ProposalDecider = OwnerContext | SystemProjectionContext | TestContext;
@@ -0,0 +1,7 @@
1
+ // Proposal model — Slice-08.
2
+ //
3
+ // PROPOSAL_QUEUE_EXISTS_001: ProposalQueue is the sole mechanism for agent-authored claim proposals.
4
+ // PROPOSAL_CANDIDATE_CLAIMS_NOT_LOGGED_BEFORE_ACCEPT_001: candidateClaims never reach FactStore until accept.
5
+ // PROPOSAL_STATUS_IMMUTABLE_AFTER_DECISION_001: once accepted/rejected, no further transitions allowed.
6
+ export {};
7
+ //# sourceMappingURL=proposal.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"proposal.js","sourceRoot":"","sources":["../../src/types/proposal.ts"],"names":[],"mappings":"AAAA,6BAA6B;AAC7B,EAAE;AACF,qGAAqG;AACrG,8GAA8G;AAC9G,wGAAwG"}