outcome-cli 1.0.0

package/src/modules/omnibridge/auth/session-vault.ts

@@ -0,0 +1,577 @@
+/**
+ * Session Vault - Zero-Knowledge Credential Storage
+ *
+ * Implements secure, encrypted storage for session states.
+ * Credentials are NEVER exposed to LLM context - only capability tokens.
+ *
+ * Requirements: 6.1, 6.2, 6.3, 6.4, 6.5, 6.6, 6.7
+ */
+
+import { randomBytes, createCipheriv, createDecipheriv } from 'crypto';
+import type {
+  EncryptedBlob,
+  SerializedSession,
+  ActionScope,
+  CapabilityToken,
+  OmniBridgeError,
+} from '../core/types.js';
+
+// =============================================================================
+// Types
+// =============================================================================
+
+/**
+ * Raw session data before encryption.
+ */
+export interface RawSessionData {
+  cookies: string;
+  localStorage: string;
+  sessionStorage: string;
+}
+
+/**
+ * Credential access log entry (redacted).
+ */
+export interface CredentialAccessLog {
+  timestamp: number;
+  tokenId: string;
+  domain: string;
+  action: 'issued' | 'used' | 'revoked' | 'violation';
+  /** Redacted details - never contains actual credentials */
+  details: string;
+}
+
+/**
+ * Session Vault configuration.
+ */
+export interface SessionVaultConfig {
+  /** Encryption key (32 bytes for AES-256) */
+  encryptionKey: Buffer;
+  /** Default token expiration in milliseconds (default: 1 hour) */
+  defaultTokenExpirationMs?: number;
+  /** Default max executions per token (default: 100) */
+  defaultMaxExecutions?: number;
+}
+
+/**
+ * Result of a scope check.
+ */
+export interface ScopeCheckResult {
+  allowed: boolean;
+  error?: OmniBridgeError;
+}
+
+// =============================================================================
+// Session Vault Implementation
+// =============================================================================
+
+/**
+ * Session Vault - Zero-Knowledge Credential Storage
+ *
+ * Key security properties:
+ * - All stored data is AES-256-GCM encrypted
+ * - Credentials never exposed to LLM context
+ * - Capability tokens contain only action permissions, not credentials
+ * - All access is logged (with redacted details)
+ */
+export class SessionVault {
+  private readonly encryptionKey: Buffer;
+  private readonly defaultTokenExpirationMs: number;
+  private readonly defaultMaxExecutions: number;
+
+  /** Encrypted session storage by domain */
+  private sessions: Map<string, SerializedSession> = new Map();
+
+  /** Active capability tokens by ID */
+  private tokens: Map<string, CapabilityToken> = new Map();
+
+  /** Token to session mapping */
+  private tokenToSession: Map<string, string> = new Map();
+
+  /** Access logs (redacted) */
+  private accessLogs: CredentialAccessLog[] = [];
+
+  /** Revoked token IDs */
+  private revokedTokens: Set<string> = new Set();
+
+  constructor(config: SessionVaultConfig) {
+    if (config.encryptionKey.length !== 32) {
+      throw new Error('Encryption key must be 32 bytes for AES-256');
+    }
+    this.encryptionKey = config.encryptionKey;
+    this.defaultTokenExpirationMs = config.defaultTokenExpirationMs ?? 3600000; // 1 hour
+    this.defaultMaxExecutions = config.defaultMaxExecutions ?? 100;
+  }
+
+  // ===========================================================================
+  // Encryption Methods
+  // ===========================================================================
+
+  /**
+   * Encrypt data using AES-256-GCM.
+   * Returns an EncryptedBlob with the encrypted data and IV.
+   */
+  encrypt(data: string): EncryptedBlob {
+    const iv = randomBytes(16);
+    const cipher = createCipheriv('aes-256-gcm', this.encryptionKey, iv);
+
+    let encrypted = cipher.update(data, 'utf8', 'base64');
+    encrypted += cipher.final('base64');
+
+    // Append auth tag to encrypted data
+    const authTag = cipher.getAuthTag();
+    const encryptedWithTag = encrypted + ':' + authTag.toString('base64');
+
+    return {
+      data: encryptedWithTag,
+      iv: iv.toString('base64'),
+      algorithm: 'AES-256-GCM',
+    };
+  }
+
+  /**
+   * Decrypt an EncryptedBlob back to plaintext.
+   * Validates the encrypted data format before attempting decryption.
+   */
+  decrypt(blob: EncryptedBlob): string {
+    // Validate encrypted data format
+    if (!blob.data || !blob.data.includes(':')) {
+      throw new Error('Invalid encrypted data format: missing auth tag separator');
+    }
+    
+    const iv = Buffer.from(blob.iv, 'base64');
+    const [encryptedData, authTagBase64] = blob.data.split(':');
+    
+    if (!encryptedData || !authTagBase64) {
+      throw new Error('Invalid encrypted data format: malformed data or auth tag');
+    }
+    
+    const authTag = Buffer.from(authTagBase64, 'base64');
+
+    const decipher = createDecipheriv('aes-256-gcm', this.encryptionKey, iv);
+    decipher.setAuthTag(authTag);
+
+    let decrypted = decipher.update(encryptedData, 'base64', 'utf8');
+    decrypted += decipher.final('utf8');
+
+    return decrypted;
+  }
+
+  // ===========================================================================
+  // Session Storage Methods
+  // ===========================================================================
+
+  /**
+   * Store a session with encrypted data.
+   * Raw credentials are encrypted immediately and never stored in plaintext.
+   */
+  async store(domain: string, rawData: RawSessionData, expiresAt?: number): Promise<void> {
+    const session: SerializedSession = {
+      cookies: this.encrypt(rawData.cookies),
+      localStorage: this.encrypt(rawData.localStorage),
+      sessionStorage: this.encrypt(rawData.sessionStorage),
+      expiresAt: expiresAt ?? Date.now() + 86400000, // Default: 24 hours
+    };
+
+    this.sessions.set(domain, session);
+
+    this.logAccess({
+      timestamp: Date.now(),
+      tokenId: 'system',
+      domain,
+      action: 'issued',
+      details: `Session stored for domain (expires: ${new Date(session.expiresAt).toISOString()})`,
+    });
+  }
+
+  /**
+   * Retrieve an encrypted session for a domain.
+   * Returns null if no session exists or if expired.
+   */
+  async retrieve(domain: string): Promise<SerializedSession | null> {
+    const session = this.sessions.get(domain);
+
+    if (!session) {
+      return null;
+    }
+
+    // Check expiration
+    if (session.expiresAt < Date.now()) {
+      this.sessions.delete(domain);
+      return null;
+    }
+
+    return session;
+  }
+
+  /**
+   * Decrypt and retrieve raw session data.
+   * This should only be used internally by Shadow Sessions.
+   */
+  async retrieveDecrypted(domain: string): Promise<RawSessionData | null> {
+    const session = await this.retrieve(domain);
+
+    if (!session) {
+      return null;
+    }
+
+    return {
+      cookies: this.decrypt(session.cookies),
+      localStorage: this.decrypt(session.localStorage),
+      sessionStorage: this.decrypt(session.sessionStorage),
+    };
+  }
+
+  // ===========================================================================
+  // Capability Token Methods
+  // ===========================================================================
+
+  /**
+   * Generate a unique token ID.
+   */
+  private generateTokenId(): string {
+    return `cap_${randomBytes(16).toString('hex')}`;
+  }
+
+  /**
+   * Issue a Capability Token scoped to specific actions.
+   * The token contains ONLY capabilities, never raw credentials.
+   *
+   * Requirements: 6.2, 6.3
+   */
+  async issueToken(domain: string, scope: Partial<ActionScope>): Promise<CapabilityToken> {
+    // Verify session exists
+    const session = await this.retrieve(domain);
+    if (!session) {
+      throw new Error(`No session found for domain: ${domain}`);
+    }
+
+    const tokenId = this.generateTokenId();
+    const now = Date.now();
+
+    const fullScope: ActionScope = {
+      allowedActions: scope.allowedActions ?? [],
+      blockedActions: scope.blockedActions ?? [],
+      maxExecutions: scope.maxExecutions ?? this.defaultMaxExecutions,
+      expiresAt: scope.expiresAt ?? now + this.defaultTokenExpirationMs,
+    };
+
+    const token: CapabilityToken = {
+      id: tokenId,
+      domain,
+      scope: fullScope,
+      issuedAt: now,
+      executionCount: 0,
+    };
+
+    this.tokens.set(tokenId, token);
+    this.tokenToSession.set(tokenId, domain);
+
+    this.logAccess({
+      timestamp: now,
+      tokenId,
+      domain,
+      action: 'issued',
+      details: `Token issued with ${fullScope.allowedActions.length} allowed actions, ${fullScope.blockedActions.length} blocked actions`,
+    });
+
+    return token;
+  }
+
+  /**
+   * Get a token by ID.
+   */
+  getToken(tokenId: string): CapabilityToken | null {
+    if (this.revokedTokens.has(tokenId)) {
+      return null;
+    }
+    return this.tokens.get(tokenId) ?? null;
+  }
+
+  /**
+   * Check if an action is allowed by a token's scope.
+   *
+   * Requirements: 6.2, 6.3
+   */
+  checkScope(tokenId: string, action: string): ScopeCheckResult {
+    const token = this.getToken(tokenId);
+
+    if (!token) {
+      return {
+        allowed: false,
+        error: {
+          type: 'scope_violation',
+          attemptedAction: action,
+          allowedActions: [],
+        },
+      };
+    }
+
+    // Check if token is expired
+    if (token.scope.expiresAt < Date.now()) {
+      this.revokeToken(tokenId);
+      return {
+        allowed: false,
+        error: {
+          type: 'scope_violation',
+          attemptedAction: action,
+          allowedActions: token.scope.allowedActions,
+        },
+      };
+    }
+
+    // Check if max executions exceeded
+    if (token.executionCount >= token.scope.maxExecutions) {
+      return {
+        allowed: false,
+        error: {
+          type: 'scope_violation',
+          attemptedAction: action,
+          allowedActions: token.scope.allowedActions,
+        },
+      };
+    }
+
+    // Check if action is explicitly blocked
+    if (token.scope.blockedActions.includes(action)) {
+      return {
+        allowed: false,
+        error: {
+          type: 'scope_violation',
+          attemptedAction: action,
+          allowedActions: token.scope.allowedActions,
+        },
+      };
+    }
+
+    // Check if action is in allowed list (if allowedActions is non-empty)
+    if (token.scope.allowedActions.length > 0 && !token.scope.allowedActions.includes(action)) {
+      return {
+        allowed: false,
+        error: {
+          type: 'scope_violation',
+          attemptedAction: action,
+          allowedActions: token.scope.allowedActions,
+        },
+      };
+    }
+
+    return { allowed: true };
+  }
+
+  /**
+   * Use a token for an action.
+   * Increments execution count and logs access.
+   */
+  async useToken(tokenId: string, action: string): Promise<ScopeCheckResult> {
+    const scopeCheck = this.checkScope(tokenId, action);
+
+    if (!scopeCheck.allowed) {
+      // Log the violation
+      const token = this.tokens.get(tokenId);
+      this.logAccess({
+        timestamp: Date.now(),
+        tokenId,
+        domain: token?.domain ?? 'unknown',
+        action: 'violation',
+        details: `Attempted blocked action: ${action}`,
+      });
+      return scopeCheck;
+    }
+
+    // Increment execution count
+    const token = this.tokens.get(tokenId)!;
+    token.executionCount++;
+
+    this.logAccess({
+      timestamp: Date.now(),
+      tokenId,
+      domain: token.domain,
+      action: 'used',
+      details: `Action executed: ${action} (${token.executionCount}/${token.scope.maxExecutions})`,
+    });
+
+    return { allowed: true };
+  }
+
+  /**
+   * Revoke a Capability Token immediately.
+   *
+   * Requirements: 6.5
+   */
+  revokeToken(tokenId: string): void {
+    const token = this.tokens.get(tokenId);
+
+    if (token) {
+      this.revokedTokens.add(tokenId);
+      this.tokens.delete(tokenId);
+      this.tokenToSession.delete(tokenId);
+
+      this.logAccess({
+        timestamp: Date.now(),
+        tokenId,
+        domain: token.domain,
+        action: 'revoked',
+        details: 'Token revoked',
+      });
+    }
+  }
+
+  /**
+   * Revoke all tokens for a domain.
+   * Used when a bounty completes.
+   *
+   * Requirements: 6.5
+   */
+  revokeAllTokensForDomain(domain: string): number {
+    let revokedCount = 0;
+
+    for (const [tokenId, sessionDomain] of this.tokenToSession.entries()) {
+      if (sessionDomain === domain) {
+        this.revokeToken(tokenId);
+        revokedCount++;
+      }
+    }
+
+    return revokedCount;
+  }
+
+  /**
+   * Check if a token is revoked.
+   */
+  isTokenRevoked(tokenId: string): boolean {
+    return this.revokedTokens.has(tokenId);
+  }
+
+  // ===========================================================================
+  // Scope Violation Handling
+  // ===========================================================================
+
+  /**
+   * Handle a scope violation.
+   * Terminates the session and revokes the token immediately.
+   *
+   * Requirements: 6.7
+   */
+  async handleScopeViolation(
+    tokenId: string,
+    attemptedAction: string
+  ): Promise<{ terminated: boolean; error: OmniBridgeError }> {
+    const token = this.tokens.get(tokenId);
+    const domain = token?.domain ?? 'unknown';
+
+    // Revoke the token immediately
+    this.revokeToken(tokenId);
+
+    // Log the violation
+    this.logAccess({
+      timestamp: Date.now(),
+      tokenId,
+      domain,
+      action: 'violation',
+      details: `SECURITY: Scope violation - attempted action "${attemptedAction}" - token revoked and session terminated`,
+    });
+
+    return {
+      terminated: true,
+      error: {
+        type: 'scope_violation',
+        attemptedAction,
+        allowedActions: token?.scope.allowedActions ?? [],
+      },
+    };
+  }
+
+  // ===========================================================================
+  // Logging Methods
+  // ===========================================================================
+
+  /**
+   * Log a credential access event (redacted).
+   *
+   * Requirements: 6.6
+   */
+  private logAccess(entry: CredentialAccessLog): void {
+    this.accessLogs.push(entry);
+  }
+
+  /**
+   * Get access logs (redacted - no sensitive data).
+   */
+  getAccessLogs(domain?: string): CredentialAccessLog[] {
+    if (domain) {
+      return this.accessLogs.filter((log) => log.domain === domain);
+    }
+    return [...this.accessLogs];
+  }
+
+  // ===========================================================================
+  // Utility Methods
+  // ===========================================================================
+
+  /**
+   * Check if a token contains raw credentials.
+   * Used for property testing - should always return false.
+   *
+   * Requirements: 6.1
+   */
+  tokenContainsCredentials(token: CapabilityToken): boolean {
+    // Check if any field contains credential-like patterns
+    const tokenStr = JSON.stringify(token);
+
+    // Patterns that would indicate raw credentials
+    const credentialPatterns = [
+      /password["\s]*:/i,
+      /api[_-]?key["\s]*:/i,
+      /secret["\s]*:/i,
+      /token["\s]*:["\s]*[a-zA-Z0-9]{20,}/i, // Long token values (not our token ID format)
+      /cookie["\s]*:/i,
+      /session["\s]*:/i,
+      /Bearer\s+[a-zA-Z0-9]/i,
+      /Basic\s+[a-zA-Z0-9]/i,
+    ];
+
+    for (const pattern of credentialPatterns) {
+      if (pattern.test(tokenStr)) {
+        return true;
+      }
+    }
+
+    return false;
+  }
+
+  /**
+   * Clear all data (for testing).
+   */
+  clear(): void {
+    this.sessions.clear();
+    this.tokens.clear();
+    this.tokenToSession.clear();
+    this.revokedTokens.clear();
+    this.accessLogs = [];
+  }
+}
+
+// =============================================================================
+// Factory Function
+// =============================================================================
+
+/**
+ * Create a new Session Vault instance.
+ */
+export function createSessionVault(config?: Partial<SessionVaultConfig>): SessionVault {
+  const encryptionKey = config?.encryptionKey ?? randomBytes(32);
+
+  return new SessionVault({
+    encryptionKey,
+    defaultTokenExpirationMs: config?.defaultTokenExpirationMs,
+    defaultMaxExecutions: config?.defaultMaxExecutions,
+  });
+}
+
+/**
+ * Generate a secure encryption key for the vault.
+ */
+export function generateEncryptionKey(): Buffer {
+  return randomBytes(32);
+}

package/src/modules/omnibridge/core/.gitkeep

@@ -0,0 +1 @@
+# Core module - Semantic Normalizer, Triangulation Engine, Intent Types