secretvm-verify 0.5.0 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +8 -2
- package/data/sev.json +42 -2
- package/data/tdx.csv +13 -1
- package/dist/agent.js +35 -28
- package/dist/agent.js.map +1 -1
- package/dist/cli.js +85 -107
- package/dist/cli.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/proofOfCloud.d.ts +11 -0
- package/dist/proofOfCloud.js +68 -0
- package/dist/proofOfCloud.js.map +1 -0
- package/dist/types.d.ts +1 -0
- package/dist/types.js +38 -0
- package/dist/types.js.map +1 -1
- package/dist/vm.js +33 -27
- package/dist/vm.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -9,6 +9,7 @@ Attestation verification SDK for confidential computing environments. Verifies I
|
|
|
9
9
|
- **NVIDIA GPU** — Submits GPU attestation evidence to NVIDIA's Remote Attestation Service (NRAS), verifies the returned JWT signatures against NVIDIA's published JWKS keys, and extracts per-GPU attestation claims.
|
|
10
10
|
- **SecretVM workload** — Given a TDX or SEV-SNP quote and a `docker-compose.yaml`, determines whether the quote was produced by a known SecretVM image and verifies the exact compose file that was booted.
|
|
11
11
|
- **Secret VM** — End-to-end verification that connects to a VM's attestation endpoints, verifies CPU and GPU attestation, and validates TLS and GPU cryptographic bindings.
|
|
12
|
+
- **Proof of cloud** — POSTs a CPU quote to SCRT Labs' [`/api/quote-parse`](https://secretai.scrtlabs.com/api/quote-parse) endpoint, which confirms the quote originated on a Secret VM and returns its `origin` and `machine_id`. Included in the default `checkSecretVm` flow and exposed as a standalone `checkProofOfCloud` function.
|
|
12
13
|
- **ERC-8004 Agent verification** — End-to-end verification of on-chain AI agents registered under the [ERC-8004](https://eips.ethereum.org/EIPS/eip-8004) standard. Resolves agent metadata from any supported blockchain (Ethereum, Base, Arbitrum, Polygon, and 14 more), discovers the agent's TEE attestation endpoints, and runs the full verification flow. Three composable functions:
|
|
13
14
|
- **`resolveAgent`** — Queries the on-chain registry contract for the agent's metadata.
|
|
14
15
|
- **`verifyAgent`** — Takes agent metadata and runs full TEE verification against the agent's declared endpoints.
|
|
@@ -33,7 +34,7 @@ const result = await checkSecretVm('my-vm.example.com');
|
|
|
33
34
|
|
|
34
35
|
console.log(result.valid); // true if all checks pass
|
|
35
36
|
console.log(result.attestationType); // "SECRET-VM"
|
|
36
|
-
console.log(result.checks); // {
|
|
37
|
+
console.log(result.checks); // { cpu_quote_fetched: true, tls_cert_fetched: true, ... }
|
|
37
38
|
console.log(result.report); // { tls_fingerprint: "...", cpu: {...}, cpu_type: "TDX", ... }
|
|
38
39
|
console.log(result.errors); // [] if no errors
|
|
39
40
|
```
|
|
@@ -168,6 +169,10 @@ Verifies an AMD SEV-SNP attestation report.
|
|
|
168
169
|
|
|
169
170
|
Verifies NVIDIA GPU attestation via NRAS.
|
|
170
171
|
|
|
172
|
+
#### `checkProofOfCloud(quote)`
|
|
173
|
+
|
|
174
|
+
POSTs a raw CPU quote to SCRT Labs' [`/api/quote-parse`](https://secretai.scrtlabs.com/api/quote-parse) endpoint. Returns an `AttestationResult` with `attestationType: "PROOF-OF-CLOUD"` and a single check `proof_of_cloud_verified`. The report exposes `origin`, `proof_of_cloud`, `status`, and `machine_id`. Also runs automatically inside `checkSecretVm` and is spliced into the CLI output for `--cpu`, `--tdx`, and `--sev`.
|
|
175
|
+
|
|
171
176
|
#### `resolveSecretVmVersion(data)`
|
|
172
177
|
|
|
173
178
|
Looks up a quote in the SecretVM artifact registry. Returns the matching template name and version, or `null` if not found.
|
|
@@ -281,7 +286,8 @@ secretvm-verify --verify-workload cpu_quote.txt --compose docker-compose.yaml
|
|
|
281
286
|
secretvm-verify -vw cpu_quote.txt --compose docker-compose.yaml
|
|
282
287
|
|
|
283
288
|
# JSON output (any command)
|
|
284
|
-
secretvm-verify --secretvm yellow-krill.vm.scrtlabs.com --
|
|
289
|
+
secretvm-verify --secretvm yellow-krill.vm.scrtlabs.com --json # minimal JSON
|
|
290
|
+
secretvm-verify --secretvm yellow-krill.vm.scrtlabs.com --raw # full JSON with parsed report
|
|
285
291
|
|
|
286
292
|
# Verbose output (all attestation fields)
|
|
287
293
|
secretvm-verify --secretvm yellow-krill.vm.scrtlabs.com -v
|
package/data/sev.json
CHANGED
|
@@ -190,5 +190,45 @@
|
|
|
190
190
|
"section_type": 16
|
|
191
191
|
}
|
|
192
192
|
]
|
|
193
|
-
}
|
|
194
|
-
|
|
193
|
+
},
|
|
194
|
+
{
|
|
195
|
+
"vm_type": "prod",
|
|
196
|
+
"rootfs_hash": "f44141c9a0cbed19ddf30b16929de33633e5631cfd68731e9ff9e4321d5775fd",
|
|
197
|
+
"artifacts_ver": "v0.0.27-alpha.1",
|
|
198
|
+
"kernel_hash": "98c41a86a1ba6a9a9d772ae0b028835091b4930f79ea509b595d2080d7df90c2",
|
|
199
|
+
"initrd_hash": "6b19d1b356c1e791f5c1c3d7dd86a723b870c87ebdfe3f7ccace80215ac71d2e",
|
|
200
|
+
"vcpu_type": "EPYC",
|
|
201
|
+
"ovmf_hash": "c581d3eaebf2941beb1f757de97497279b953a6999921cab05f9ed5268f9c0505d741f4021b5a3995c9893851cde190e",
|
|
202
|
+
"sev_hashes_table_gpa": 8457216,
|
|
203
|
+
"sev_es_reset_eip": 8433668,
|
|
204
|
+
"ovmf_sections": [
|
|
205
|
+
{"gpa": 8388608, "size": 36864, "section_type": 1},
|
|
206
|
+
{"gpa": 8429568, "size": 12288, "section_type": 1},
|
|
207
|
+
{"gpa": 8441856, "size": 4096, "section_type": 2},
|
|
208
|
+
{"gpa": 8445952, "size": 4096, "section_type": 3},
|
|
209
|
+
{"gpa": 8450048, "size": 4096, "section_type": 4},
|
|
210
|
+
{"gpa": 8458240, "size": 61440, "section_type": 1},
|
|
211
|
+
{"gpa": 8454144, "size": 4096, "section_type": 16}
|
|
212
|
+
]
|
|
213
|
+
},
|
|
214
|
+
{
|
|
215
|
+
"vm_type": "dev",
|
|
216
|
+
"rootfs_hash": "a2e5a4582bba5a0cfa512b1c0809c375ec78912af238dbbaf37afdecee60c25c",
|
|
217
|
+
"artifacts_ver": "v0.0.27-alpha.1",
|
|
218
|
+
"kernel_hash": "98c41a86a1ba6a9a9d772ae0b028835091b4930f79ea509b595d2080d7df90c2",
|
|
219
|
+
"initrd_hash": "6b19d1b356c1e791f5c1c3d7dd86a723b870c87ebdfe3f7ccace80215ac71d2e",
|
|
220
|
+
"vcpu_type": "EPYC",
|
|
221
|
+
"ovmf_hash": "c581d3eaebf2941beb1f757de97497279b953a6999921cab05f9ed5268f9c0505d741f4021b5a3995c9893851cde190e",
|
|
222
|
+
"sev_hashes_table_gpa": 8457216,
|
|
223
|
+
"sev_es_reset_eip": 8433668,
|
|
224
|
+
"ovmf_sections": [
|
|
225
|
+
{"gpa": 8388608, "size": 36864, "section_type": 1},
|
|
226
|
+
{"gpa": 8429568, "size": 12288, "section_type": 1},
|
|
227
|
+
{"gpa": 8441856, "size": 4096, "section_type": 2},
|
|
228
|
+
{"gpa": 8445952, "size": 4096, "section_type": 3},
|
|
229
|
+
{"gpa": 8450048, "size": 4096, "section_type": 4},
|
|
230
|
+
{"gpa": 8458240, "size": 61440, "section_type": 1},
|
|
231
|
+
{"gpa": 8454144, "size": 4096, "section_type": 16}
|
|
232
|
+
]
|
|
233
|
+
}
|
|
234
|
+
]
|
package/data/tdx.csv
CHANGED
|
@@ -50,4 +50,16 @@ large,prod,v0.0.25,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb47
|
|
|
50
50
|
small,dev,v0.0.25,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb470c7903d7a8ddffa5a7be2a60e349bb75b6e,2709012eccc10afb618d90f4e2849de97ede129e27b3f53b4465f71852af9e1a52583e931f340ce9ebfa06be3c3feb48,2db7eacca93100fb7199b055f55e8fd3a52f2153e25696f937745ff7f254d1be9cf37223237375dec74e685250b273ab,be378f0c4f1180fde14d8bb0a13a9dd430c842b135be23acd7b09cd6181550b6f8adb36588eabdc10be9325d92a8e055,e0a44b90c318d2b081f8fe0247b7952576fda01e3cf3f9c4b607f19554510ea1,cb15e395fb189df263feb84049d0c37917d053ebf7bd688517bb76918ee1836898148d5051e43bb684d6ef25c4db67c0
|
|
51
51
|
medium,dev,v0.0.25,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb470c7903d7a8ddffa5a7be2a60e349bb75b6e,660eb1c0ce5b816b45ad7d6b49d1e9c2fcd1e14e08ef77faa7b0e9f1d180da593231adae01081799a0c700eb6ab350e7,2db7eacca93100fb7199b055f55e8fd3a52f2153e25696f937745ff7f254d1be9cf37223237375dec74e685250b273ab,be378f0c4f1180fde14d8bb0a13a9dd430c842b135be23acd7b09cd6181550b6f8adb36588eabdc10be9325d92a8e055,e0a44b90c318d2b081f8fe0247b7952576fda01e3cf3f9c4b607f19554510ea1,cb15e395fb189df263feb84049d0c37917d053ebf7bd688517bb76918ee1836898148d5051e43bb684d6ef25c4db67c0
|
|
52
52
|
4xlarge_256GB_gpu,prod,v0.0.21,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,6fd479c2f47a90d10070db2f2a489ec88d752577d42e65164fa0f144ebc898ee71c2852722e37f897e80ad9596bd2539,b918cee54c974b16a89c16367df46b9b54a37db35f3d983ad4b7c0d024b09b9bc345f4eed6f30a5fce5ceffa654fd076,b35419954f635b3c9188cf8731c4b542eb00fc376c657d2e2d7bfe2acfc087300439e4e41bad5cebfba5f5866f84da5c,9fa99509306bf652e45ce0a689b3e480ab369649240f14ff53a265a279ff8202,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
|
53
|
-
4xlarge_256GB_gpu,prod,v0.0.25,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,6fd479c2f47a90d10070db2f2a489ec88d752577d42e65164fa0f144ebc898ee71c2852722e37f897e80ad9596bd2539,2db7eacca93100fb7199b055f55e8fd3a52f2153e25696f937745ff7f254d1be9cf37223237375dec74e685250b273ab,be378f0c4f1180fde14d8bb0a13a9dd430c842b135be23acd7b09cd6181550b6f8adb36588eabdc10be9325d92a8e055, f19a00d3575f6b4340b1aefb60a686b51bba9db628092b3c73c129a1b5c73c08,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
|
53
|
+
4xlarge_256GB_gpu,prod,v0.0.25,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,6fd479c2f47a90d10070db2f2a489ec88d752577d42e65164fa0f144ebc898ee71c2852722e37f897e80ad9596bd2539,2db7eacca93100fb7199b055f55e8fd3a52f2153e25696f937745ff7f254d1be9cf37223237375dec74e685250b273ab,be378f0c4f1180fde14d8bb0a13a9dd430c842b135be23acd7b09cd6181550b6f8adb36588eabdc10be9325d92a8e055, f19a00d3575f6b4340b1aefb60a686b51bba9db628092b3c73c129a1b5c73c08,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
|
54
|
+
small,dev,v0.0.27-alpha.1,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb470c7903d7a8ddffa5a7be2a60e349bb75b6e,2709012eccc10afb618d90f4e2849de97ede129e27b3f53b4465f71852af9e1a52583e931f340ce9ebfa06be3c3feb48,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,ea74c4d024d2732dfdf8c8ba240cb383df2cc198a72901f4d9a902caa0582f17,cb15e395fb189df263feb84049d0c37917d053ebf7bd688517bb76918ee1836898148d5051e43bb684d6ef25c4db67c0
|
|
55
|
+
small,dev,v0.0.27-alpha.1,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,671800f0b5fefa5ca79b63bde0ee0e55f38944cedfa69282ac014a9fc5f6a4a19b0cdfe33661012b3390d2aecb8e486a,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,ea74c4d024d2732dfdf8c8ba240cb383df2cc198a72901f4d9a902caa0582f17,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
|
56
|
+
small,prod,v0.0.27-alpha.1,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb470c7903d7a8ddffa5a7be2a60e349bb75b6e,2709012eccc10afb618d90f4e2849de97ede129e27b3f53b4465f71852af9e1a52583e931f340ce9ebfa06be3c3feb48,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,1d638b068bc6f9254e74ea917818d4e09a7ffce8e486d54c5b5dbe9e6c44b261,cb15e395fb189df263feb84049d0c37917d053ebf7bd688517bb76918ee1836898148d5051e43bb684d6ef25c4db67c0
|
|
57
|
+
small,prod,v0.0.27-alpha.1,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,671800f0b5fefa5ca79b63bde0ee0e55f38944cedfa69282ac014a9fc5f6a4a19b0cdfe33661012b3390d2aecb8e486a,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,1d638b068bc6f9254e74ea917818d4e09a7ffce8e486d54c5b5dbe9e6c44b261,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
|
58
|
+
medium,dev,v0.0.27-alpha.1,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb470c7903d7a8ddffa5a7be2a60e349bb75b6e,660eb1c0ce5b816b45ad7d6b49d1e9c2fcd1e14e08ef77faa7b0e9f1d180da593231adae01081799a0c700eb6ab350e7,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,ea74c4d024d2732dfdf8c8ba240cb383df2cc198a72901f4d9a902caa0582f17,cb15e395fb189df263feb84049d0c37917d053ebf7bd688517bb76918ee1836898148d5051e43bb684d6ef25c4db67c0
|
|
59
|
+
medium,dev,v0.0.27-alpha.1,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,09d747e568e012bb560b37604e25f1a83988037d8286e81bb97e46fb31ec4d35edf9e23236ae573265417e7ed2f89b99,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,ea74c4d024d2732dfdf8c8ba240cb383df2cc198a72901f4d9a902caa0582f17,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
|
60
|
+
medium,prod,v0.0.27-alpha.1,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb470c7903d7a8ddffa5a7be2a60e349bb75b6e,660eb1c0ce5b816b45ad7d6b49d1e9c2fcd1e14e08ef77faa7b0e9f1d180da593231adae01081799a0c700eb6ab350e7,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,1d638b068bc6f9254e74ea917818d4e09a7ffce8e486d54c5b5dbe9e6c44b261,cb15e395fb189df263feb84049d0c37917d053ebf7bd688517bb76918ee1836898148d5051e43bb684d6ef25c4db67c0
|
|
61
|
+
medium,prod,v0.0.27-alpha.1,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,09d747e568e012bb560b37604e25f1a83988037d8286e81bb97e46fb31ec4d35edf9e23236ae573265417e7ed2f89b99,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,1d638b068bc6f9254e74ea917818d4e09a7ffce8e486d54c5b5dbe9e6c44b261,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
|
62
|
+
large,dev,v0.0.27-alpha.1,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb470c7903d7a8ddffa5a7be2a60e349bb75b6e,5814602c6329237ab8ab42caba02bb39a4e69723ae19b062429a95f5bec6715217ae66b431e480bc877eb4f3415332b5,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,ea74c4d024d2732dfdf8c8ba240cb383df2cc198a72901f4d9a902caa0582f17,cb15e395fb189df263feb84049d0c37917d053ebf7bd688517bb76918ee1836898148d5051e43bb684d6ef25c4db67c0
|
|
63
|
+
large,dev,v0.0.27-alpha.1,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,8cf0b4047ce95aa84e38049ff7c959b1cc062a50cea4dee141e6cdea8d59c59c78c55a5ad50fef025b7009b68e01fca9,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,ea74c4d024d2732dfdf8c8ba240cb383df2cc198a72901f4d9a902caa0582f17,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
|
64
|
+
large,prod,v0.0.27-alpha.1,1e305ac8284517f73ada985bfc9fded48b23ed091ba8149678bb10207fb470c7903d7a8ddffa5a7be2a60e349bb75b6e,5814602c6329237ab8ab42caba02bb39a4e69723ae19b062429a95f5bec6715217ae66b431e480bc877eb4f3415332b5,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,1d638b068bc6f9254e74ea917818d4e09a7ffce8e486d54c5b5dbe9e6c44b261,cb15e395fb189df263feb84049d0c37917d053ebf7bd688517bb76918ee1836898148d5051e43bb684d6ef25c4db67c0
|
|
65
|
+
large,prod,v0.0.27-alpha.1,ba87a347454466680bfd267446df89d8117c04ea9f28234dd3d84e1a8a957d5adaf02d4aa88433b559fb13bd40f0109e,8cf0b4047ce95aa84e38049ff7c959b1cc062a50cea4dee141e6cdea8d59c59c78c55a5ad50fef025b7009b68e01fca9,ec47f52ade4cac8b52bf17017779b393cbe9093ebcf44a422875c9a0e9639f624334088862575e23d226b5d225b5d764,398d93923bcd8f1c9df5ef0c04ee7c938427961f6118b47f65f64e7c00434750222e644b614e14251924f7694f3c7370,1d638b068bc6f9254e74ea917818d4e09a7ffce8e486d54c5b5dbe9e6c44b261,b60b27d5c6d7b89200deb0b560b33d357d00494d51f10f57647f21ac9d3b0e48ca33f01dde868bb21ce0a877fb0fca75
|
package/dist/agent.js
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
import { ethers } from "ethers";
|
|
2
2
|
import { getChainConfig, getRpcUrl } from "./chains.js";
|
|
3
|
-
import { makeResult } from "./types.js";
|
|
3
|
+
import { makeResult, orderChecks } from "./types.js";
|
|
4
4
|
import { checkCpuAttestation } from "./cpu.js";
|
|
5
5
|
import { checkNvidiaGpuAttestation } from "./nvidia.js";
|
|
6
|
+
import { checkProofOfCloud } from "./proofOfCloud.js";
|
|
6
7
|
import { verifyWorkload } from "./workload.js";
|
|
7
8
|
import { extractDockerCompose, getTlsCertFingerprint } from "./url.js";
|
|
8
9
|
const REGISTRY_ABI = [
|
|
@@ -145,13 +146,13 @@ export async function verifyAgent(metadata, reloadAmdKds = false) {
|
|
|
145
146
|
if (!hasTeeAttestation) {
|
|
146
147
|
errors.push("Agent does not support tee-attestation");
|
|
147
148
|
checks.metadata_valid = false;
|
|
148
|
-
return makeResult("ERC-8004", { checks, report, errors });
|
|
149
|
+
return makeResult("ERC-8004", { checks: orderChecks(checks), report, errors });
|
|
149
150
|
}
|
|
150
151
|
const teequoteEndpoint = findTeequoteEndpoint(metadata.services);
|
|
151
152
|
if (!teequoteEndpoint) {
|
|
152
153
|
errors.push("No teequote service endpoint found in agent metadata");
|
|
153
154
|
checks.metadata_valid = false;
|
|
154
|
-
return makeResult("ERC-8004", { checks, report, errors });
|
|
155
|
+
return makeResult("ERC-8004", { checks: orderChecks(checks), report, errors });
|
|
155
156
|
}
|
|
156
157
|
checks.metadata_valid = true;
|
|
157
158
|
// 2. Derive URLs
|
|
@@ -173,13 +174,13 @@ export async function verifyAgent(metadata, reloadAmdKds = false) {
|
|
|
173
174
|
let tlsFingerprint;
|
|
174
175
|
try {
|
|
175
176
|
tlsFingerprint = await getTlsCertFingerprint(host, port);
|
|
176
|
-
checks.
|
|
177
|
+
checks.tls_cert_fetched = true;
|
|
177
178
|
report.tls_fingerprint = tlsFingerprint.toString("hex");
|
|
178
179
|
}
|
|
179
180
|
catch (e) {
|
|
180
181
|
errors.push(`Failed to get TLS certificate: ${e.message}`);
|
|
181
|
-
checks.
|
|
182
|
-
return makeResult("ERC-8004", { checks, report, errors });
|
|
182
|
+
checks.tls_cert_fetched = false;
|
|
183
|
+
return makeResult("ERC-8004", { checks: orderChecks(checks), report, errors });
|
|
183
184
|
}
|
|
184
185
|
// 4. Fetch and verify CPU quote
|
|
185
186
|
let cpuData;
|
|
@@ -193,14 +194,10 @@ export async function verifyAgent(metadata, reloadAmdKds = false) {
|
|
|
193
194
|
catch (e) {
|
|
194
195
|
errors.push(`Failed to fetch CPU quote: ${e.message}`);
|
|
195
196
|
checks.cpu_quote_fetched = false;
|
|
196
|
-
return makeResult("ERC-8004", { checks, report, errors });
|
|
197
|
+
return makeResult("ERC-8004", { checks: orderChecks(checks), report, errors });
|
|
197
198
|
}
|
|
198
199
|
const cpuResult = await checkCpuAttestation(cpuData, "", reloadAmdKds);
|
|
199
|
-
checks.
|
|
200
|
-
// Propagate the inner DCAP/QVL verification verdict for prominent display.
|
|
201
|
-
if (cpuResult.checks.quote_verified !== undefined) {
|
|
202
|
-
checks.cpu_quote_verified = cpuResult.checks.quote_verified;
|
|
203
|
-
}
|
|
200
|
+
checks.cpu_quote_verified = cpuResult.valid;
|
|
204
201
|
report.cpu = cpuResult.report;
|
|
205
202
|
report.cpu_type = cpuResult.attestationType;
|
|
206
203
|
if (!cpuResult.valid)
|
|
@@ -209,14 +206,14 @@ export async function verifyAgent(metadata, reloadAmdKds = false) {
|
|
|
209
206
|
const reportDataHex = cpuResult.report.report_data ?? "";
|
|
210
207
|
if (reportDataHex.length >= 64) {
|
|
211
208
|
const firstHalf = reportDataHex.slice(0, 64);
|
|
212
|
-
checks.
|
|
213
|
-
if (!checks.
|
|
209
|
+
checks.tls_binding_verified = firstHalf === tlsFingerprint.toString("hex");
|
|
210
|
+
if (!checks.tls_binding_verified) {
|
|
214
211
|
errors.push(`TLS binding failed: report_data first half (${firstHalf.slice(0, 16)}...) ` +
|
|
215
212
|
`!= TLS fingerprint (${tlsFingerprint.toString("hex").slice(0, 16)}...)`);
|
|
216
213
|
}
|
|
217
214
|
}
|
|
218
215
|
else {
|
|
219
|
-
checks.
|
|
216
|
+
checks.tls_binding_verified = false;
|
|
220
217
|
errors.push("report_data too short for TLS binding check");
|
|
221
218
|
}
|
|
222
219
|
// 6. GPU quote (optional)
|
|
@@ -244,7 +241,7 @@ export async function verifyAgent(metadata, reloadAmdKds = false) {
|
|
|
244
241
|
}
|
|
245
242
|
if (gpuPresent) {
|
|
246
243
|
const gpuResult = await checkNvidiaGpuAttestation(gpuData);
|
|
247
|
-
checks.
|
|
244
|
+
checks.gpu_quote_verified = gpuResult.valid;
|
|
248
245
|
report.gpu = gpuResult.report;
|
|
249
246
|
if (!gpuResult.valid)
|
|
250
247
|
errors.push(...gpuResult.errors);
|
|
@@ -252,14 +249,14 @@ export async function verifyAgent(metadata, reloadAmdKds = false) {
|
|
|
252
249
|
const gpuNonce = gpuJson.nonce ?? "";
|
|
253
250
|
if (reportDataHex.length >= 128) {
|
|
254
251
|
const secondHalf = reportDataHex.slice(64, 128);
|
|
255
|
-
checks.
|
|
256
|
-
if (!checks.
|
|
252
|
+
checks.gpu_binding_verified = secondHalf === gpuNonce;
|
|
253
|
+
if (!checks.gpu_binding_verified) {
|
|
257
254
|
errors.push(`GPU binding failed: report_data second half (${secondHalf.slice(0, 16)}...) ` +
|
|
258
255
|
`!= GPU nonce (${gpuNonce.slice(0, 16)}...)`);
|
|
259
256
|
}
|
|
260
257
|
}
|
|
261
258
|
else {
|
|
262
|
-
checks.
|
|
259
|
+
checks.gpu_binding_verified = false;
|
|
263
260
|
errors.push("report_data too short for GPU binding check");
|
|
264
261
|
}
|
|
265
262
|
}
|
|
@@ -271,7 +268,7 @@ export async function verifyAgent(metadata, reloadAmdKds = false) {
|
|
|
271
268
|
const dockerCompose = extractDockerCompose(await resp.text());
|
|
272
269
|
checks.workload_fetched = true;
|
|
273
270
|
const workloadResult = await verifyWorkload(cpuData, dockerCompose);
|
|
274
|
-
checks.
|
|
271
|
+
checks.workload_binding_verified = workloadResult.status === "authentic_match";
|
|
275
272
|
report.workload = workloadResult;
|
|
276
273
|
if (workloadResult.status === "authentic_mismatch") {
|
|
277
274
|
errors.push("Workload mismatch: VM is authentic but docker-compose does not match");
|
|
@@ -284,21 +281,31 @@ export async function verifyAgent(metadata, reloadAmdKds = false) {
|
|
|
284
281
|
errors.push(`Failed to fetch workload: ${e.message}`);
|
|
285
282
|
checks.workload_fetched = false;
|
|
286
283
|
}
|
|
284
|
+
// 8. Proof of cloud: confirm the quote was produced on a Secret VM.
|
|
285
|
+
const pocResult = await checkProofOfCloud(cpuData);
|
|
286
|
+
checks.proof_of_cloud_verified = pocResult.valid;
|
|
287
|
+
if (pocResult.report.proof_of_cloud !== undefined) {
|
|
288
|
+
report.proof_of_cloud = pocResult.report.proof_of_cloud;
|
|
289
|
+
}
|
|
290
|
+
if (!pocResult.valid) {
|
|
291
|
+
errors.push(...pocResult.errors);
|
|
292
|
+
}
|
|
287
293
|
// Overall validity
|
|
288
294
|
const requiredChecks = [
|
|
289
295
|
checks.metadata_valid,
|
|
290
|
-
checks.
|
|
296
|
+
checks.tls_cert_fetched,
|
|
291
297
|
checks.cpu_quote_fetched,
|
|
292
|
-
checks.
|
|
293
|
-
checks.
|
|
294
|
-
!!checks.
|
|
298
|
+
checks.cpu_quote_verified,
|
|
299
|
+
checks.tls_binding_verified,
|
|
300
|
+
!!checks.workload_binding_verified,
|
|
301
|
+
!!checks.proof_of_cloud_verified,
|
|
295
302
|
];
|
|
296
303
|
if (gpuPresent) {
|
|
297
|
-
requiredChecks.push(!!checks.
|
|
298
|
-
requiredChecks.push(!!checks.
|
|
304
|
+
requiredChecks.push(!!checks.gpu_quote_verified);
|
|
305
|
+
requiredChecks.push(!!checks.gpu_binding_verified);
|
|
299
306
|
}
|
|
300
307
|
const valid = requiredChecks.every(Boolean);
|
|
301
|
-
return makeResult("ERC-8004", { valid, checks, report, errors });
|
|
308
|
+
return makeResult("ERC-8004", { valid, checks: orderChecks(checks), report, errors });
|
|
302
309
|
}
|
|
303
310
|
// ---------------------------------------------------------------------------
|
|
304
311
|
// Public: checkAgent
|
|
@@ -323,7 +330,7 @@ export async function checkAgent(agentId, chain, reloadAmdKds = false) {
|
|
|
323
330
|
catch (e) {
|
|
324
331
|
errors.push(`Failed to resolve agent: ${e.message}`);
|
|
325
332
|
checks.agent_resolved = false;
|
|
326
|
-
return makeResult("ERC-8004", { checks, errors });
|
|
333
|
+
return makeResult("ERC-8004", { checks: orderChecks(checks), errors });
|
|
327
334
|
}
|
|
328
335
|
const result = await verifyAgent(metadata, reloadAmdKds);
|
|
329
336
|
result.checks = { agent_resolved: true, ...result.checks };
|
package/dist/agent.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"agent.js","sourceRoot":"","sources":["../src/agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAqB,UAAU,EAAE,MAAM,YAAY,CAAC;AAE3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAC/C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAC;AAEvE,MAAM,YAAY,GAAG;IACnB,0DAA0D;IAC1D,0DAA0D;CAC3D,CAAC;AAEF,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,SAAS,iBAAiB,CAAC,GAAY;IACrC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,EAAE,CAAC;IACnC,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE;QAChC,MAAM,KAAK,GAAG,CAAC,OAAO,IAAI,EAAE,CAA4B,CAAC;QACzD,MAAM,IAAI,GAAG,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9D,MAAM,QAAQ,GAAG,OAAO,KAAK,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,MAAM,WAAW,GAAG,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;QACnF,OAAO;YACL,IAAI,EAAE,IAAI,IAAI,WAAW,KAAK,GAAG,CAAC,EAAE;YACpC,QAAQ;YACR,WAAW;SACZ,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAwB;IACpD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ;YAAE,OAAO,CAAC,CAAC,QAAQ,CAAC;IAC3E,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAAE,OAAO,CAAC,CAAC,QAAQ,CAAC;IACrE,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAwB;IACpD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ;YAAE,OAAO,CAAC,CAAC,QAAQ,CAAC;IAC3E,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAgB;IACzC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACxE,OAAO,WAAW,QAAQ,EAAE,CAAC;IAC/B,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAe,EACf,KAAa;IAEb,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;IAChC,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,QAAQ,CAClC,WAAW,CAAC,eAAe,EAC3B,YAAY,EACZ,QAAQ,CACT,CAAC;IAEF,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9C,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CACb,iDAAiD,OAAO,OAAO,WAAW,CAAC,IAAI,EAAE,CAClF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,8CAA8C,OAAO,EAAE,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,QAAiC,CAAC;IACtC,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,2DAA2D;QAC3D,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAE,CAAC;QAC3C,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACzE,CAAC;SAAM,CAAC;QACN,IAAI,QAAQ,GAAG,QAAQ,CAAC;QACxB,IAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACnC,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,SAAS,EAAE,uBAAuB,CAAC,CAAC;QAClE,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,uCAAuC,QAAQ,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAC1F,CAAC;QACD,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAA4B,CAAC;IAC5D,CAAC;IAED,MAAM,KAAK,GACR,QAAQ,CAAC,cAAuC;QAChD,QAAQ,CAAC,eAAwC;QAClD,EAAE,CAAC;IAEL,OAAO;QACL,IAAI,EACF,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE;YACvD,CAAC,CAAC,QAAQ,CAAC,IAAI;YACf,CAAC,CAAC,SAAS,OAAO,EAAE;QACxB,WAAW,EACT,OAAO,QAAQ,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;QAC7E,cAAc,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;QACjD,QAAQ,EAAE,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,IAAI,QAAQ,CAAC,SAAS,CAAC;QACpE,KAAK,EAAE,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;QACtE,IAAI,EAAE,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QACnE,MAAM,EAAE,QAAQ,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI;QACvE,WAAW,EAAE,OAAO,CAAC,QAAQ,CAAC,WAAW,IAAI,KAAK,CAAC;QACnD,UAAU,EAAG,QAAQ,CAAC,UAAkC,IAAI,EAAE;QAC9D,GAAG,EAAE,QAAQ;KACd,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,sBAAsB;AACtB,8EAA8E;AAE9E;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,QAAuB,EACvB,YAAY,GAAG,KAAK;IAEpB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,MAAM,MAAM,GAAwB,EAAE,CAAC;IAEvC,MAAM,CAAC,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC;IAElC,uBAAuB;IACvB,MAAM,iBAAiB,GAAG,QAAQ,CAAC,cAAc;SAC9C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;SAC3B,QAAQ,CAAC,iBAAiB,CAAC,CAAC;IAC/B,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QACtD,MAAM,CAAC,cAAc,GAAG,KAAK,CAAC;QAC9B,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,MAAM,gBAAgB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACjE,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;QACpE,MAAM,CAAC,cAAc,GAAG,KAAK,CAAC;QAC9B,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5D,CAAC;IACD,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC;IAE7B,iBAAiB;IACjB,MAAM,OAAO,GAAG,iBAAiB,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,MAAM,CAAC;IACrE,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC;QACnC,CAAC,CAAC,GAAG,OAAO,MAAM,CAAC;IAErB,MAAM,eAAe,GAAG,oBAAoB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChE,MAAM,WAAW,GAAG,eAAe;QACjC,CAAC,CAAC,iBAAiB,CAAC,eAAe,CAAC;QACpC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;YACxB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,iBAAiB,CAAC;YAC9C,CAAC,CAAC,GAAG,OAAO,iBAAiB,CAAC;IAElC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACxF,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC;IAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAErD,iCAAiC;IACjC,IAAI,cAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,cAAc,GAAG,MAAM,qBAAqB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;QAChC,MAAM,CAAC,eAAe,GAAG,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAC3D,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;QACjC,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,gCAAgC;IAChC,IAAI,OAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAClC,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACvD,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;QACjC,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,mBAAmB,CAAC,OAAO,EAAE,EAAE,EAAE,YAAY,CAAC,CAAC;IACvE,MAAM,CAAC,qBAAqB,GAAG,SAAS,CAAC,KAAK,CAAC;IAC/C,2EAA2E;IAC3E,IAAI,SAAS,CAAC,MAAM,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;QAClD,MAAM,CAAC,kBAAkB,GAAG,SAAS,CAAC,MAAM,CAAC,cAAc,CAAC;IAC9D,CAAC;IACD,MAAM,CAAC,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC;IAC9B,MAAM,CAAC,QAAQ,GAAG,SAAS,CAAC,eAAe,CAAC;IAC5C,IAAI,CAAC,SAAS,CAAC,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAEvD,iBAAiB;IACjB,MAAM,aAAa,GAAW,SAAS,CAAC,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;IACjE,IAAI,aAAa,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;QAC/B,MAAM,SAAS,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7C,MAAM,CAAC,WAAW,GAAG,SAAS,KAAK,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAClE,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,CAAC,IAAI,CACT,+CAA+C,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO;gBAC1E,uBAAuB,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAC3E,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,WAAW,GAAG,KAAK,CAAC;QAC3B,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IAC7D,CAAC;IAED,0BAA0B;IAC1B,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACpC,IAAI,OAAO,IAAI,OAAO,EAAE,CAAC;gBACvB,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,IAAI,CAAC;gBAClB,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;YAClC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;QACnC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;IACnC,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAC3D,MAAM,CAAC,qBAAqB,GAAG,SAAS,CAAC,KAAK,CAAC;QAC/C,MAAM,CAAC,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC;QAC9B,IAAI,CAAC,SAAS,CAAC,KAAK;YAAE,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;QAEvD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,QAAQ,GAAW,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,aAAa,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;YAChC,MAAM,UAAU,GAAG,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YAChD,MAAM,CAAC,WAAW,GAAG,UAAU,KAAK,QAAQ,CAAC;YAC7C,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBACxB,MAAM,CAAC,IAAI,CACT,gDAAgD,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO;oBAC5E,iBAAiB,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAC/C,CAAC;YACJ,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,WAAW,GAAG,KAAK,CAAC;YAC3B,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;QACtC,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,MAAM,aAAa,GAAG,oBAAoB,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAE/B,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACpE,MAAM,CAAC,iBAAiB,GAAG,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC;QACvE,MAAM,CAAC,QAAQ,GAAG,cAAc,CAAC;QACjC,IAAI,cAAc,CAAC,MAAM,KAAK,oBAAoB,EAAE,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;QACtF,CAAC;aAAM,IAAI,cAAc,CAAC,MAAM,KAAK,eAAe,EAAE,CAAC;YACrD,MAAM,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACtD,MAAM,CAAC,gBAAgB,GAAG,KAAK,CAAC;IAClC,CAAC;IAED,mBAAmB;IACnB,MAAM,cAAc,GAAG;QACrB,MAAM,CAAC,cAAc;QACrB,MAAM,CAAC,iBAAiB;QACxB,MAAM,CAAC,iBAAiB;QACxB,MAAM,CAAC,qBAAqB;QAC5B,MAAM,CAAC,WAAW;QAClB,CAAC,CAAC,MAAM,CAAC,iBAAiB;KAC3B,CAAC;IACF,IAAI,UAAU,EAAE,CAAC;QACf,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;QACpD,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC5C,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAE5C,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;AACnE,CAAC;AAED,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,OAAe,EACf,KAAa,EACb,YAAY,GAAG,KAAK;IAEpB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,MAAM,GAA4B,EAAE,CAAC;IAE3C,IAAI,QAAuB,CAAC;IAC5B,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC9C,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC;IAC/B,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACrD,MAAM,CAAC,cAAc,GAAG,KAAK,CAAC;QAC9B,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACzD,MAAM,CAAC,MAAM,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC;IAE3D,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
1
|
+
{"version":3,"file":"agent.js","sourceRoot":"","sources":["../src/agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAqB,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAExE,OAAO,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAC/C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAC;AAEvE,MAAM,YAAY,GAAG;IACnB,0DAA0D;IAC1D,0DAA0D;CAC3D,CAAC;AAEF,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,SAAS,iBAAiB,CAAC,GAAY;IACrC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,EAAE,CAAC;IACnC,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE;QAChC,MAAM,KAAK,GAAG,CAAC,OAAO,IAAI,EAAE,CAA4B,CAAC;QACzD,MAAM,IAAI,GAAG,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9D,MAAM,QAAQ,GAAG,OAAO,KAAK,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,MAAM,WAAW,GAAG,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;QACnF,OAAO;YACL,IAAI,EAAE,IAAI,IAAI,WAAW,KAAK,GAAG,CAAC,EAAE;YACpC,QAAQ;YACR,WAAW;SACZ,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAwB;IACpD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ;YAAE,OAAO,CAAC,CAAC,QAAQ,CAAC;IAC3E,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAAE,OAAO,CAAC,CAAC,QAAQ,CAAC;IACrE,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAwB;IACpD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ;YAAE,OAAO,CAAC,CAAC,QAAQ,CAAC;IAC3E,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAgB;IACzC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACxE,OAAO,WAAW,QAAQ,EAAE,CAAC;IAC/B,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAe,EACf,KAAa;IAEb,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;IAChC,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,QAAQ,CAClC,WAAW,CAAC,eAAe,EAC3B,YAAY,EACZ,QAAQ,CACT,CAAC;IAEF,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9C,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CACb,iDAAiD,OAAO,OAAO,WAAW,CAAC,IAAI,EAAE,CAClF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,8CAA8C,OAAO,EAAE,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,QAAiC,CAAC;IACtC,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,2DAA2D;QAC3D,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAE,CAAC;QAC3C,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACzE,CAAC;SAAM,CAAC;QACN,IAAI,QAAQ,GAAG,QAAQ,CAAC;QACxB,IAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACnC,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,SAAS,EAAE,uBAAuB,CAAC,CAAC;QAClE,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,uCAAuC,QAAQ,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAC1F,CAAC;QACD,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAA4B,CAAC;IAC5D,CAAC;IAED,MAAM,KAAK,GACR,QAAQ,CAAC,cAAuC;QAChD,QAAQ,CAAC,eAAwC;QAClD,EAAE,CAAC;IAEL,OAAO;QACL,IAAI,EACF,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE;YACvD,CAAC,CAAC,QAAQ,CAAC,IAAI;YACf,CAAC,CAAC,SAAS,OAAO,EAAE;QACxB,WAAW,EACT,OAAO,QAAQ,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;QAC7E,cAAc,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;QACjD,QAAQ,EAAE,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,IAAI,QAAQ,CAAC,SAAS,CAAC;QACpE,KAAK,EAAE,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;QACtE,IAAI,EAAE,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QACnE,MAAM,EAAE,QAAQ,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI;QACvE,WAAW,EAAE,OAAO,CAAC,QAAQ,CAAC,WAAW,IAAI,KAAK,CAAC;QACnD,UAAU,EAAG,QAAQ,CAAC,UAAkC,IAAI,EAAE;QAC9D,GAAG,EAAE,QAAQ;KACd,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,sBAAsB;AACtB,8EAA8E;AAE9E;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,QAAuB,EACvB,YAAY,GAAG,KAAK;IAEpB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,MAAM,MAAM,GAAwB,EAAE,CAAC;IAEvC,MAAM,CAAC,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC;IAElC,uBAAuB;IACvB,MAAM,iBAAiB,GAAG,QAAQ,CAAC,cAAc;SAC9C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;SAC3B,QAAQ,CAAC,iBAAiB,CAAC,CAAC;IAC/B,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QACtD,MAAM,CAAC,cAAc,GAAG,KAAK,CAAC;QAC9B,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACjF,CAAC;IAED,MAAM,gBAAgB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACjE,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;QACpE,MAAM,CAAC,cAAc,GAAG,KAAK,CAAC;QAC9B,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACjF,CAAC;IACD,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC;IAE7B,iBAAiB;IACjB,MAAM,OAAO,GAAG,iBAAiB,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,MAAM,CAAC;IACrE,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC;QACnC,CAAC,CAAC,GAAG,OAAO,MAAM,CAAC;IAErB,MAAM,eAAe,GAAG,oBAAoB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChE,MAAM,WAAW,GAAG,eAAe;QACjC,CAAC,CAAC,iBAAiB,CAAC,eAAe,CAAC;QACpC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;YACxB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,iBAAiB,CAAC;YAC9C,CAAC,CAAC,GAAG,OAAO,iBAAiB,CAAC;IAElC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACxF,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC;IAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAErD,iCAAiC;IACjC,IAAI,cAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,cAAc,GAAG,MAAM,qBAAqB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC/B,MAAM,CAAC,eAAe,GAAG,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAC3D,MAAM,CAAC,gBAAgB,GAAG,KAAK,CAAC;QAChC,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACjF,CAAC;IAED,gCAAgC;IAChC,IAAI,OAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAClC,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACvD,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;QACjC,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACjF,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,mBAAmB,CAAC,OAAO,EAAE,EAAE,EAAE,YAAY,CAAC,CAAC;IACvE,MAAM,CAAC,kBAAkB,GAAG,SAAS,CAAC,KAAK,CAAC;IAC5C,MAAM,CAAC,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC;IAC9B,MAAM,CAAC,QAAQ,GAAG,SAAS,CAAC,eAAe,CAAC;IAC5C,IAAI,CAAC,SAAS,CAAC,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAEvD,iBAAiB;IACjB,MAAM,aAAa,GAAW,SAAS,CAAC,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;IACjE,IAAI,aAAa,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;QAC/B,MAAM,SAAS,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7C,MAAM,CAAC,oBAAoB,GAAG,SAAS,KAAK,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC3E,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;YACjC,MAAM,CAAC,IAAI,CACT,+CAA+C,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO;gBAC1E,uBAAuB,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAC3E,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,oBAAoB,GAAG,KAAK,CAAC;QACpC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IAC7D,CAAC;IAED,0BAA0B;IAC1B,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACpC,IAAI,OAAO,IAAI,OAAO,EAAE,CAAC;gBACvB,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,IAAI,CAAC;gBAClB,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;YAClC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;QACnC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;IACnC,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAC3D,MAAM,CAAC,kBAAkB,GAAG,SAAS,CAAC,KAAK,CAAC;QAC5C,MAAM,CAAC,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC;QAC9B,IAAI,CAAC,SAAS,CAAC,KAAK;YAAE,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;QAEvD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,QAAQ,GAAW,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,aAAa,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;YAChC,MAAM,UAAU,GAAG,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YAChD,MAAM,CAAC,oBAAoB,GAAG,UAAU,KAAK,QAAQ,CAAC;YACtD,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;gBACjC,MAAM,CAAC,IAAI,CACT,gDAAgD,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO;oBAC5E,iBAAiB,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAC/C,CAAC;YACJ,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,oBAAoB,GAAG,KAAK,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;QACtC,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,MAAM,aAAa,GAAG,oBAAoB,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAE/B,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACpE,MAAM,CAAC,yBAAyB,GAAG,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC;QAC/E,MAAM,CAAC,QAAQ,GAAG,cAAc,CAAC;QACjC,IAAI,cAAc,CAAC,MAAM,KAAK,oBAAoB,EAAE,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;QACtF,CAAC;aAAM,IAAI,cAAc,CAAC,MAAM,KAAK,eAAe,EAAE,CAAC;YACrD,MAAM,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACtD,MAAM,CAAC,gBAAgB,GAAG,KAAK,CAAC;IAClC,CAAC;IAED,oEAAoE;IACpE,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,CAAC,uBAAuB,GAAG,SAAS,CAAC,KAAK,CAAC;IACjD,IAAI,SAAS,CAAC,MAAM,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;QAClD,MAAM,CAAC,cAAc,GAAG,SAAS,CAAC,MAAM,CAAC,cAAc,CAAC;IAC1D,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,mBAAmB;IACnB,MAAM,cAAc,GAAG;QACrB,MAAM,CAAC,cAAc;QACrB,MAAM,CAAC,gBAAgB;QACvB,MAAM,CAAC,iBAAiB;QACxB,MAAM,CAAC,kBAAkB;QACzB,MAAM,CAAC,oBAAoB;QAC3B,CAAC,CAAC,MAAM,CAAC,yBAAyB;QAClC,CAAC,CAAC,MAAM,CAAC,uBAAuB;KACjC,CAAC;IACF,IAAI,UAAU,EAAE,CAAC;QACf,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACjD,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;IACrD,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAE5C,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;AACxF,CAAC;AAED,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,OAAe,EACf,KAAa,EACb,YAAY,GAAG,KAAK;IAEpB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,MAAM,GAA4B,EAAE,CAAC;IAE3C,IAAI,QAAuB,CAAC;IAC5B,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC9C,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC;IAC/B,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACrD,MAAM,CAAC,cAAc,GAAG,KAAK,CAAC;QAC9B,OAAO,UAAU,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACzD,MAAM,CAAC,MAAM,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC;IAE3D,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/dist/cli.js
CHANGED
|
@@ -1,8 +1,22 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
import { readFileSync } from "node:fs";
|
|
3
|
-
import { checkSecretVm, checkCpuAttestation, checkTdxCpuAttestation, checkSevCpuAttestation, checkNvidiaGpuAttestation, detectCpuQuoteType, resolveSecretVmVersion, resolveAmdSevVersion, verifyWorkload, formatWorkloadResult, } from "./index.js";
|
|
3
|
+
import { checkSecretVm, checkCpuAttestation, checkTdxCpuAttestation, checkSevCpuAttestation, checkNvidiaGpuAttestation, checkProofOfCloud, detectCpuQuoteType, resolveSecretVmVersion, resolveAmdSevVersion, verifyWorkload, formatWorkloadResult, } from "./index.js";
|
|
4
4
|
import { verifyAgent, checkAgent } from "./agent.js";
|
|
5
5
|
import { extractDockerCompose } from "./vm.js";
|
|
6
|
+
import { orderChecks } from "./types.js";
|
|
7
|
+
async function mergeProofOfCloud(result, quote) {
|
|
8
|
+
const poc = await checkProofOfCloud(quote);
|
|
9
|
+
result.checks.proof_of_cloud_verified = poc.valid;
|
|
10
|
+
result.checks = orderChecks(result.checks);
|
|
11
|
+
if (poc.report.proof_of_cloud !== undefined) {
|
|
12
|
+
result.report.proof_of_cloud = poc.report.proof_of_cloud;
|
|
13
|
+
}
|
|
14
|
+
if (!poc.valid) {
|
|
15
|
+
result.errors.push(...poc.errors);
|
|
16
|
+
result.valid = false;
|
|
17
|
+
}
|
|
18
|
+
return result;
|
|
19
|
+
}
|
|
6
20
|
const args = process.argv.slice(2);
|
|
7
21
|
function getFlag(name) {
|
|
8
22
|
return args.includes(name);
|
|
@@ -17,14 +31,15 @@ function getPositional() {
|
|
|
17
31
|
return args.find((a) => !a.startsWith("--") && a !== "-v" && a !== "-rv" && a !== "-vw");
|
|
18
32
|
}
|
|
19
33
|
const raw = getFlag("--raw");
|
|
34
|
+
const json = getFlag("--json");
|
|
35
|
+
const jsonOut = raw || json;
|
|
20
36
|
const verbose = getFlag("--verbose") || getFlag("-v");
|
|
37
|
+
function minimalJson(result) {
|
|
38
|
+
const { report: _report, ...rest } = result;
|
|
39
|
+
return rest;
|
|
40
|
+
}
|
|
21
41
|
const product = getFlagValue("--product") ?? "";
|
|
22
42
|
const vmUrl = getFlagValue("--vm");
|
|
23
|
-
// `--secretvm` defaults to a terse output (verdict + errors only). Use
|
|
24
|
-
// `--verbose` (or `-v`) to also show the per-check breakdown and report
|
|
25
|
-
// fields. Other modes (--cpu, --tdx, --sev, --gpu, etc.) keep their
|
|
26
|
-
// detailed default output.
|
|
27
|
-
const isSecretvm = getFlag("--secretvm");
|
|
28
43
|
// `--reload-amd-kds` bypasses the local AMD KDS cache and re-fetches
|
|
29
44
|
// VCEK, AMD CA cert chain, and CRL from kdsintf.amd.com. No effect on TDX.
|
|
30
45
|
const reloadAmdKds = getFlag("--reload-amd-kds");
|
|
@@ -74,7 +89,7 @@ async function getGpuQuote(flagName) {
|
|
|
74
89
|
}
|
|
75
90
|
return readFileSync(file, "utf8");
|
|
76
91
|
}
|
|
77
|
-
const USAGE = `Usage: secretvm-verify <command> <value> [--product NAME] [--raw] [--verbose|-v]
|
|
92
|
+
const USAGE = `Usage: secretvm-verify <command> <value> [--product NAME] [--json|--raw] [--verbose|-v]
|
|
78
93
|
|
|
79
94
|
Commands:
|
|
80
95
|
--secretvm <url> Verify a Secret VM (CPU + GPU + TLS binding)
|
|
@@ -94,8 +109,9 @@ Options:
|
|
|
94
109
|
--vm <url> Fetch quote from a VM instead of a file (works with --cpu, --tdx, --sev, --gpu, -rv, -vw)
|
|
95
110
|
--chain NAME Chain name for --check-agent (e.g. base, ethereum, arbitrum)
|
|
96
111
|
--product NAME AMD product name (Genoa, Milan, Turin)
|
|
97
|
-
--
|
|
98
|
-
--
|
|
112
|
+
--json Output minimal JSON (valid, checks, errors) — omits the report fields
|
|
113
|
+
--raw Output full JSON result (includes the parsed report fields)
|
|
114
|
+
--verbose, -v Print all attestation report fields (text mode only)
|
|
99
115
|
--reload-amd-kds Bypass the local AMD KDS cache and re-fetch VCEK,
|
|
100
116
|
cert chain, and CRL from kdsintf.amd.com (no effect on TDX)
|
|
101
117
|
|
|
@@ -137,35 +153,38 @@ try {
|
|
|
137
153
|
console.log(USAGE);
|
|
138
154
|
process.exit(1);
|
|
139
155
|
}
|
|
140
|
-
if (!
|
|
141
|
-
console.log(`
|
|
156
|
+
if (!jsonOut)
|
|
157
|
+
console.log(`Verifying ${url}\n`);
|
|
142
158
|
result = await checkSecretVm(url, product, reloadAmdKds);
|
|
143
159
|
}
|
|
144
160
|
else if (getFlag("--cpu")) {
|
|
145
161
|
const quoteData = await getCpuQuote("--cpu");
|
|
146
162
|
const source = vmUrl ? vmUrl : getFlagValue("--cpu") ?? getPositional();
|
|
147
|
-
if (!
|
|
163
|
+
if (!jsonOut)
|
|
148
164
|
console.log(`Verifying CPU quote from ${source} ...\n`);
|
|
149
165
|
result = await checkCpuAttestation(quoteData, product, reloadAmdKds);
|
|
166
|
+
result = await mergeProofOfCloud(result, quoteData);
|
|
150
167
|
}
|
|
151
168
|
else if (getFlag("--tdx")) {
|
|
152
169
|
const quoteData = await getCpuQuote("--tdx");
|
|
153
170
|
const source = vmUrl ? vmUrl : getFlagValue("--tdx") ?? getPositional();
|
|
154
|
-
if (!
|
|
171
|
+
if (!jsonOut)
|
|
155
172
|
console.log(`Verifying TDX quote from ${source} ...\n`);
|
|
156
173
|
result = await checkTdxCpuAttestation(quoteData);
|
|
174
|
+
result = await mergeProofOfCloud(result, quoteData);
|
|
157
175
|
}
|
|
158
176
|
else if (getFlag("--sev")) {
|
|
159
177
|
const quoteData = await getCpuQuote("--sev");
|
|
160
178
|
const source = vmUrl ? vmUrl : getFlagValue("--sev") ?? getPositional();
|
|
161
|
-
if (!
|
|
179
|
+
if (!jsonOut)
|
|
162
180
|
console.log(`Verifying AMD SEV-SNP report from ${source} ...\n`);
|
|
163
181
|
result = await checkSevCpuAttestation(quoteData, product, reloadAmdKds);
|
|
182
|
+
result = await mergeProofOfCloud(result, quoteData);
|
|
164
183
|
}
|
|
165
184
|
else if (getFlag("--gpu")) {
|
|
166
185
|
const quoteData = await getGpuQuote("--gpu");
|
|
167
186
|
const source = vmUrl ? vmUrl : getFlagValue("--gpu") ?? getPositional();
|
|
168
|
-
if (!
|
|
187
|
+
if (!jsonOut)
|
|
169
188
|
console.log(`Verifying NVIDIA GPU attestation from ${source} ...\n`);
|
|
170
189
|
result = await checkNvidiaGpuAttestation(quoteData);
|
|
171
190
|
}
|
|
@@ -181,6 +200,10 @@ try {
|
|
|
181
200
|
console.log(JSON.stringify({ quote: quoteResult, version }, null, 2));
|
|
182
201
|
process.exit(quoteResult.valid && !!version ? 0 : 1);
|
|
183
202
|
}
|
|
203
|
+
if (json) {
|
|
204
|
+
console.log(JSON.stringify({ quote: minimalJson(quoteResult), version }, null, 2));
|
|
205
|
+
process.exit(quoteResult.valid && !!version ? 0 : 1);
|
|
206
|
+
}
|
|
184
207
|
if (!quoteResult.valid) {
|
|
185
208
|
console.log("🚫 Quote cryptographic verification failed");
|
|
186
209
|
process.exit(1);
|
|
@@ -203,6 +226,10 @@ try {
|
|
|
203
226
|
console.log(JSON.stringify({ quote: quoteResult, version }, null, 2));
|
|
204
227
|
process.exit(quoteResult.valid && !!version ? 0 : 1);
|
|
205
228
|
}
|
|
229
|
+
if (json) {
|
|
230
|
+
console.log(JSON.stringify({ quote: minimalJson(quoteResult), version }, null, 2));
|
|
231
|
+
process.exit(quoteResult.valid && !!version ? 0 : 1);
|
|
232
|
+
}
|
|
206
233
|
if (!quoteResult.valid) {
|
|
207
234
|
console.log("🚫 Attestation doesn't belong to an authentic SecretVM");
|
|
208
235
|
process.exit(1);
|
|
@@ -240,6 +267,11 @@ try {
|
|
|
240
267
|
console.log(JSON.stringify({ quote: quoteResult, workload: workloadResult }, null, 2));
|
|
241
268
|
process.exit(quoteResult.valid && workloadResult.status === "authentic_match" ? 0 : 1);
|
|
242
269
|
}
|
|
270
|
+
if (json) {
|
|
271
|
+
const workloadResult = await verifyWorkload(quoteData, composeData);
|
|
272
|
+
console.log(JSON.stringify({ quote: minimalJson(quoteResult), workload: workloadResult }, null, 2));
|
|
273
|
+
process.exit(quoteResult.valid && workloadResult.status === "authentic_match" ? 0 : 1);
|
|
274
|
+
}
|
|
243
275
|
if (!quoteResult.valid) {
|
|
244
276
|
console.log("🚫 Quote cryptographic verification failed");
|
|
245
277
|
process.exit(1);
|
|
@@ -269,6 +301,11 @@ try {
|
|
|
269
301
|
console.log(JSON.stringify({ quote: quoteResult, workload: workloadResult }, null, 2));
|
|
270
302
|
process.exit(quoteResult.valid && workloadResult.status === "authentic_match" ? 0 : 1);
|
|
271
303
|
}
|
|
304
|
+
if (json) {
|
|
305
|
+
const workloadResult = await verifyWorkload(quoteData, composeData);
|
|
306
|
+
console.log(JSON.stringify({ quote: minimalJson(quoteResult), workload: workloadResult }, null, 2));
|
|
307
|
+
process.exit(quoteResult.valid && workloadResult.status === "authentic_match" ? 0 : 1);
|
|
308
|
+
}
|
|
272
309
|
if (!quoteResult.valid) {
|
|
273
310
|
console.log("🚫 Attestation doesn't belong to an authentic SecretVM");
|
|
274
311
|
process.exit(1);
|
|
@@ -285,7 +322,7 @@ try {
|
|
|
285
322
|
console.log(USAGE);
|
|
286
323
|
process.exit(1);
|
|
287
324
|
}
|
|
288
|
-
if (!
|
|
325
|
+
if (!jsonOut)
|
|
289
326
|
console.log(`Resolving and verifying agent ${id} on ${chain} ...\n`);
|
|
290
327
|
result = await checkAgent(Number(id), chain, reloadAmdKds);
|
|
291
328
|
}
|
|
@@ -296,7 +333,7 @@ try {
|
|
|
296
333
|
process.exit(1);
|
|
297
334
|
}
|
|
298
335
|
const metadata = JSON.parse(readFileSync(file, "utf8"));
|
|
299
|
-
if (!
|
|
336
|
+
if (!jsonOut)
|
|
300
337
|
console.log(`Verifying agent "${metadata.name}" ...\n`);
|
|
301
338
|
result = await verifyAgent(metadata, reloadAmdKds);
|
|
302
339
|
}
|
|
@@ -307,8 +344,8 @@ try {
|
|
|
307
344
|
console.log(USAGE);
|
|
308
345
|
process.exit(1);
|
|
309
346
|
}
|
|
310
|
-
if (!
|
|
311
|
-
console.log(`
|
|
347
|
+
if (!jsonOut)
|
|
348
|
+
console.log(`Verifying ${url}\n`);
|
|
312
349
|
result = await checkSecretVm(url, product, reloadAmdKds);
|
|
313
350
|
}
|
|
314
351
|
// Output
|
|
@@ -316,34 +353,10 @@ try {
|
|
|
316
353
|
console.log(JSON.stringify(result, null, 2));
|
|
317
354
|
process.exit(result.valid ? 0 : 1);
|
|
318
355
|
}
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
// verifyAgent). Fall back to other CPU verdict signals so this line works
|
|
323
|
-
// across all attestation types.
|
|
324
|
-
function getAttestationVerdict(r) {
|
|
325
|
-
const c = r.checks;
|
|
326
|
-
if (c.quote_verified !== undefined)
|
|
327
|
-
return !!c.quote_verified;
|
|
328
|
-
if (c.cpu_quote_verified !== undefined)
|
|
329
|
-
return !!c.cpu_quote_verified;
|
|
330
|
-
if (c.report_signature_valid !== undefined)
|
|
331
|
-
return !!c.report_signature_valid;
|
|
332
|
-
if (c.cpu_attestation_valid !== undefined)
|
|
333
|
-
return !!c.cpu_attestation_valid;
|
|
334
|
-
return null;
|
|
335
|
-
}
|
|
336
|
-
const verdict = getAttestationVerdict(result);
|
|
337
|
-
if (verdict !== null) {
|
|
338
|
-
const label = verdict ? "PASS" : "FAIL";
|
|
339
|
-
const icon = verdict ? "✅" : "🚫";
|
|
340
|
-
console.log(`${icon} Attestation verified: ${label}\n`);
|
|
356
|
+
if (json) {
|
|
357
|
+
console.log(JSON.stringify(minimalJson(result), null, 2));
|
|
358
|
+
process.exit(result.valid ? 0 : 1);
|
|
341
359
|
}
|
|
342
|
-
// The per-check PASS/FAIL breakdown is always shown. The report-field
|
|
343
|
-
// details (CPU/TLS/RTMR/TCB/GPU specifics) are hidden in `--secretvm` mode
|
|
344
|
-
// without `--verbose`. Other modes (--cpu, --tdx, --sev, --gpu,
|
|
345
|
-
// --check-agent, etc.) always show the report fields.
|
|
346
|
-
const showReportFields = !isSecretvm || verbose;
|
|
347
360
|
const report = result.report;
|
|
348
361
|
console.log("Checks:");
|
|
349
362
|
for (const [name, passed] of Object.entries(result.checks)) {
|
|
@@ -354,67 +367,32 @@ try {
|
|
|
354
367
|
const status = passed ? "PASS" : "FAIL";
|
|
355
368
|
console.log(` ${(name + ":").padEnd(35)} ${status}`);
|
|
356
369
|
}
|
|
357
|
-
if (showReportFields) {
|
|
358
|
-
// Secret VM specific fields
|
|
359
|
-
if (report.cpu_type)
|
|
360
|
-
console.log(`\nCPU type: ${report.cpu_type}`);
|
|
361
|
-
if (report.tls_fingerprint)
|
|
362
|
-
console.log(`TLS fingerprint: ${report.tls_fingerprint}`);
|
|
363
|
-
// CPU fields (direct or nested under cpu)
|
|
364
|
-
const cpu = report.cpu ?? report;
|
|
365
|
-
if (cpu.report_data)
|
|
366
|
-
console.log(`Report data: ${cpu.report_data}`);
|
|
367
|
-
if (cpu.measurement)
|
|
368
|
-
console.log(`Measurement: ${cpu.measurement}`);
|
|
369
|
-
if (cpu.mr_td)
|
|
370
|
-
console.log(`MR TD: ${cpu.mr_td}`);
|
|
371
|
-
if (cpu.rt_mr0)
|
|
372
|
-
console.log(`RTMR0: ${cpu.rt_mr0}`);
|
|
373
|
-
if (cpu.rt_mr1)
|
|
374
|
-
console.log(`RTMR1: ${cpu.rt_mr1}`);
|
|
375
|
-
if (cpu.rt_mr2)
|
|
376
|
-
console.log(`RTMR2: ${cpu.rt_mr2}`);
|
|
377
|
-
if (cpu.rt_mr3)
|
|
378
|
-
console.log(`RTMR3: ${cpu.rt_mr3}`);
|
|
379
|
-
if (cpu.tcb_status)
|
|
380
|
-
console.log(`TCB status: ${cpu.tcb_status}`);
|
|
381
|
-
if (cpu.product)
|
|
382
|
-
console.log(`AMD product: ${cpu.product}`);
|
|
383
|
-
if (cpu.chip_id)
|
|
384
|
-
console.log(`Chip ID: ${cpu.chip_id}`);
|
|
385
|
-
if (cpu.fmspc)
|
|
386
|
-
console.log(`FMSPC: ${cpu.fmspc}`);
|
|
387
|
-
// GPU fields (direct or nested under gpu)
|
|
388
|
-
const gpu = report.gpu ?? report;
|
|
389
|
-
if (gpu.overall_result !== undefined)
|
|
390
|
-
console.log(`\nGPU overall result: ${gpu.overall_result}`);
|
|
391
|
-
if (gpu.gpus) {
|
|
392
|
-
for (const [gpuId, info] of Object.entries(gpu.gpus)) {
|
|
393
|
-
console.log(`\n${gpuId}:`);
|
|
394
|
-
console.log(` Model: ${info.model}`);
|
|
395
|
-
console.log(` Driver: ${info.driver_version}`);
|
|
396
|
-
console.log(` Secure boot: ${info.secure_boot}`);
|
|
397
|
-
}
|
|
398
|
-
}
|
|
399
|
-
}
|
|
400
|
-
// Verbose: print all report fields
|
|
401
370
|
if (verbose) {
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
371
|
+
// For direct --tdx/--sev calls the CPU fields live at report top-level.
|
|
372
|
+
// After mergeProofOfCloud splices proof_of_cloud into report, we must
|
|
373
|
+
// exclude it from the CPU quote dump or it renders twice.
|
|
374
|
+
let cpuQuote = null;
|
|
375
|
+
if (report.cpu) {
|
|
376
|
+
cpuQuote = report.cpu;
|
|
377
|
+
}
|
|
378
|
+
else if (["TDX", "SEV-SNP"].includes(result.attestationType)) {
|
|
379
|
+
const { proof_of_cloud: _poc, ...cpuFields } = report;
|
|
380
|
+
cpuQuote = cpuFields;
|
|
381
|
+
}
|
|
382
|
+
const gpuQuote = report.gpu ??
|
|
383
|
+
(result.attestationType === "NVIDIA-GPU" ? report : null);
|
|
384
|
+
const poc = report.proof_of_cloud;
|
|
385
|
+
if (cpuQuote) {
|
|
386
|
+
console.log("\nCPU quote:");
|
|
387
|
+
console.log(JSON.stringify(cpuQuote, null, 2));
|
|
388
|
+
}
|
|
389
|
+
if (gpuQuote) {
|
|
390
|
+
console.log("\nGPU quote:");
|
|
391
|
+
console.log(JSON.stringify(gpuQuote, null, 2));
|
|
392
|
+
}
|
|
393
|
+
if (poc) {
|
|
394
|
+
console.log("\nProof of cloud:");
|
|
395
|
+
console.log(JSON.stringify(poc, null, 2));
|
|
418
396
|
}
|
|
419
397
|
}
|
|
420
398
|
if (result.errors.length > 0) {
|
|
@@ -422,7 +400,7 @@ try {
|
|
|
422
400
|
for (const err of result.errors)
|
|
423
401
|
console.log(` - ${err}`);
|
|
424
402
|
}
|
|
425
|
-
console.log(`\n${result.valid ? "
|
|
403
|
+
console.log(`\n${result.valid ? "✅ All Passed" : "🚫 Failed"}`);
|
|
426
404
|
process.exit(result.valid ? 0 : 1);
|
|
427
405
|
}
|
|
428
406
|
catch (err) {
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,yBAAyB,EACzB,kBAAkB,EAClB,sBAAsB,EACtB,oBAAoB,EACpB,cAAc,EACd,oBAAoB,GACrB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAgB,WAAW,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,SAAS,CAAC;AAG/C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEnC,SAAS,OAAO,CAAC,IAAY;IAC3B,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,YAAY,CAAC,IAAY;IAChC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IAC5D,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,KAAK,KAAK,CAAC,CAAC;AAC3F,CAAC;AAED,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;AAC7B,MAAM,OAAO,GAAG,OAAO,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;AACtD,MAAM,OAAO,GAAG,YAAY,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;AAChD,MAAM,KAAK,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;AACnC,uEAAuE;AACvE,wEAAwE;AACxE,oEAAoE;AACpE,2BAA2B;AAC3B,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;AACzC,qEAAqE;AACrE,2EAA2E;AAC3E,MAAM,YAAY,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;AAEjD,MAAM,cAAc,GAAG,KAAK,CAAC;AAE7B,KAAK,UAAU,WAAW,CAAC,QAAgB;IACzC,IAAI,GAAG,GAAG,KAAM,CAAC;IACjB,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,GAAG,GAAG,WAAW,GAAG,EAAE,CAAC;IACjD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,cAAc,CAAC;IAC3C,MAAM,IAAI,GAAG,WAAW,MAAM,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAC;IAClD,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC,CAAC;IAChD,IAAI,CAAC,IAAI,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,MAAM,SAAS,IAAI,IAAI,QAAQ,EAAE,CAAC,CAAC;IAC9E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IAC/B,IAAI,QAAQ,KAAK,gBAAgB;QAAE,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC;IACrE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,YAAY,CAAC,QAAgB,EAAE,SAAkB;IACxD,IAAI,KAAK;QAAE,OAAO,EAAE,CAAC,CAAC,qCAAqC;IAC3D,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,aAAa,EAAE,CAAC;IAC5G,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAgB,EAAE,SAAkB;IAC7D,IAAI,KAAK;QAAE,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,aAAa,EAAE,CAAC;IAC5G,IAAI,CAAC,IAAI,EAAE,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IACnD,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAgB;IACzC,IAAI,KAAK;QAAE,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;IACvD,IAAI,CAAC,IAAI,EAAE,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IACnD,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,MAAM,KAAK,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wCAsC0B,CAAC;AAEzC,SAAS,WAAW,CAAC,GAAQ;IAC3B,MAAM,KAAK,GAAG,GAAG,EAAE,KAAK,CAAC;IACzB,IAAI,KAAK,EAAE,IAAI,KAAK,cAAc,EAAE,CAAC;QACnC,OAAO,wBAAwB,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,IAAI,uBAAuB,CAAC;IACpF,CAAC;IACD,IAAI,KAAK,EAAE,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,OAAO,+BAA+B,KAAK,CAAC,QAAQ,EAAE,CAAC;IACzD,CAAC;IACD,IAAI,KAAK,EAAE,IAAI,KAAK,WAAW,IAAI,KAAK,EAAE,IAAI,KAAK,YAAY,EAAE,CAAC;QAChE,OAAO,iBAAiB,KAAK,CAAC,OAAO,IAAI,MAAM,IAAI,KAAK,CAAC,IAAI,IAAI,EAAE,YAAY,CAAC;IAClF,CAAC;IACD,IAAI,GAAG,EAAE,OAAO;QAAE,OAAO,GAAG,CAAC,OAAO,CAAC;IACrC,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC;AAED,iCAAiC;AACjC,IAAI,MAAyB,CAAC;AAE9B,IAAI,CAAC;IAEL,IAAI,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC1B,MAAM,GAAG,GAAG,YAAY,CAAC,YAAY,CAAC,IAAI,aAAa,EAAE,CAAC;QAC1D,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,GAAG,QAAQ,CAAC,CAAC;QAC/D,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAC3D,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,aAAa,EAAE,CAAC;QACxE,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,MAAM,QAAQ,CAAC,CAAC;QAClE,MAAM,GAAG,MAAM,mBAAmB,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IACvE,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,aAAa,EAAE,CAAC;QACxE,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,MAAM,QAAQ,CAAC,CAAC;QAClE,MAAM,GAAG,MAAM,sBAAsB,CAAC,SAAS,CAAC,CAAC;IACnD,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,aAAa,EAAE,CAAC;QACxE,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,qCAAqC,MAAM,QAAQ,CAAC,CAAC;QAC3E,MAAM,GAAG,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAC1E,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,aAAa,EAAE,CAAC;QACxE,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,yCAAyC,MAAM,QAAQ,CAAC,CAAC;QAC/E,MAAM,GAAG,MAAM,yBAAyB,CAAC,SAAS,CAAC,CAAC;IACtD,CAAC;SAAM,IAAI,OAAO,CAAC,mBAAmB,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QAChE,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;QAChD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,2CAA2C;YAC3C,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;YACnF,0BAA0B;YAC1B,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,SAAS,CAAC,CAAC;YACtD,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACtE,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvD,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;gBAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;gBAClD,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC5C,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;YAC/E,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,SAAS,CAAC,CAAC;YAC5D,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,SAAS,CAAC,CAAC;YACxD,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACtE,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvD,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;gBACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;gBAClD,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;YACjE,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,CAAC,mBAAmB,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QAChE,IAAI,WAAmB,CAAC;QACxB,IAAI,KAAK,EAAE,CAAC;YACV,WAAW,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;YAC9C,IAAI,CAAC,WAAW,EAAE,CAAC;gBAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAAC,CAAC;YAC1D,WAAW,GAAG,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAClD,CAAC;QACD,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;QAChD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,2CAA2C;YAC3C,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;YACnF,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,cAAc,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACvF,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzF,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;gBAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,8DAA8D;YAC9D,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,SAAS,CAAC,CAAC;YACtD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;gBAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,mCAAmC,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;YACpH,+CAA+C;YAC/C,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;YACpE,IAAI,cAAc,CAAC,MAAM,KAAK,iBAAiB,EAAE,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,2EAA2E,KAAK,uBAAuB,CAAC,CAAC;YACvH,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,wCAAwC,KAAK,uBAAuB,CAAC,CAAC,CAAC,mCAAmC,CAAC;gBAC/H,OAAO,CAAC,GAAG,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAC;YACtD,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,SAAS,CAAC,CAAC;YAC5D,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,cAAc,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACvF,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzF,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;gBACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;YACpE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC,CAAC;YACzD,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;QACpC,MAAM,EAAE,GAAG,YAAY,CAAC,eAAe,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;QACtC,IAAI,CAAC,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,OAAO,KAAK,QAAQ,CAAC,CAAC;QAC/E,MAAM,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;IAC7D,CAAC;SAAM,IAAI,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,YAAY,CAAC,SAAS,CAAC,IAAI,aAAa,EAAE,CAAC;QACxD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;QACxD,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,QAAQ,CAAC,IAAI,SAAS,CAAC,CAAC;QAClE,MAAM,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACrD,CAAC;SAAM,CAAC;QACN,0CAA0C;QAC1C,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;QAC5B,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,GAAG,QAAQ,CAAC,CAAC;QAC/D,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAC3D,CAAC;IAED,SAAS;IACT,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrC,CAAC;IAED,yDAAyD;IACzD,uEAAuE;IACvE,sEAAsE;IACtE,0EAA0E;IAC1E,gCAAgC;IAChC,SAAS,qBAAqB,CAAC,CAAoB;QACjD,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;QACnB,IAAI,CAAC,CAAC,cAAc,KAAK,SAAS;YAAE,OAAO,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC;QAC9D,IAAI,CAAC,CAAC,kBAAkB,KAAK,SAAS;YAAE,OAAO,CAAC,CAAC,CAAC,CAAC,kBAAkB,CAAC;QACtE,IAAI,CAAC,CAAC,sBAAsB,KAAK,SAAS;YAAE,OAAO,CAAC,CAAC,CAAC,CAAC,sBAAsB,CAAC;QAC9E,IAAI,CAAC,CAAC,qBAAqB,KAAK,SAAS;YAAE,OAAO,CAAC,CAAC,CAAC,CAAC,qBAAqB,CAAC;QAC5E,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,OAAO,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC9C,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACxC,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,0BAA0B,KAAK,IAAI,CAAC,CAAC;IAC1D,CAAC;IAED,sEAAsE;IACtE,2EAA2E;IAC3E,gEAAgE;IAChE,sDAAsD;IACtD,MAAM,gBAAgB,GAAG,CAAC,UAAU,IAAI,OAAO,CAAC;IAChD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;IAE7B,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACvB,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3D,IAAI,IAAI,KAAK,mBAAmB,IAAI,CAAC,MAAM,EAAE,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,kBAAkB,CAAC,CAAC;YACtD,SAAS;QACX,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,gBAAgB,EAAE,CAAC;QACrB,4BAA4B;QAC5B,IAAI,MAAM,CAAC,QAAQ;YAAE,OAAO,CAAC,GAAG,CAAC,eAAe,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QACnE,IAAI,MAAM,CAAC,eAAe;YAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC;QAEtF,0CAA0C;QAC1C,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC;QACjC,IAAI,GAAG,CAAC,WAAW;YAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;QACpE,IAAI,GAAG,CAAC,WAAW;YAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;QACpE,IAAI,GAAG,CAAC,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;QACnD,IAAI,GAAG,CAAC,MAAM;YAAE,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,IAAI,GAAG,CAAC,MAAM;YAAE,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,IAAI,GAAG,CAAC,MAAM;YAAE,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,IAAI,GAAG,CAAC,MAAM;YAAE,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,IAAI,GAAG,CAAC,UAAU;YAAE,OAAO,CAAC,GAAG,CAAC,eAAe,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;QACjE,IAAI,GAAG,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5D,IAAI,GAAG,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACxD,IAAI,GAAG,CAAC,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;QAElD,0CAA0C;QAC1C,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC;QACjC,IAAI,GAAG,CAAC,cAAc,KAAK,SAAS;YAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB,GAAG,CAAC,cAAc,EAAE,CAAC,CAAC;QACjG,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;YACb,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAM,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,GAAG,CAAC,CAAC;gBAC3B,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;gBACtC,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;QAChD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;gBACzB,KAAK,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBACvD,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;wBACtD,OAAO,CAAC,GAAG,CAAC,OAAO,MAAM,KAAK,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;oBAC5D,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,GAAG,CAAC,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC,CAAC;oBAC5C,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,KAAK,KAAK,EAAE,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,MAAM;YAAE,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IACvD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAEnC,CAAC;AAAC,OAAO,GAAQ,EAAE,CAAC;IAClB,OAAO,CAAC,KAAK,CAAC,UAAU,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC"}
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,yBAAyB,EACzB,iBAAiB,EACjB,kBAAkB,EAClB,sBAAsB,EACtB,oBAAoB,EACpB,cAAc,EACd,oBAAoB,GACrB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAgB,WAAW,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAGzC,KAAK,UAAU,iBAAiB,CAC9B,MAAyB,EACzB,KAAa;IAEb,MAAM,GAAG,GAAG,MAAM,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAC3C,MAAM,CAAC,MAAM,CAAC,uBAAuB,GAAG,GAAG,CAAC,KAAK,CAAC;IAClD,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC3C,IAAI,GAAG,CAAC,MAAM,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;QAC5C,MAAM,CAAC,MAAM,CAAC,cAAc,GAAG,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC;IAC3D,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;QAClC,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;IACvB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEnC,SAAS,OAAO,CAAC,IAAY;IAC3B,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,YAAY,CAAC,IAAY;IAChC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IAC5D,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,KAAK,KAAK,CAAC,CAAC;AAC3F,CAAC;AAED,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;AAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;AAC/B,MAAM,OAAO,GAAG,GAAG,IAAI,IAAI,CAAC;AAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;AAEtD,SAAS,WAAW,CAAC,MAAyB;IAC5C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,EAAE,GAAG,MAAM,CAAC;IAC5C,OAAO,IAAI,CAAC;AACd,CAAC;AACD,MAAM,OAAO,GAAG,YAAY,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;AAChD,MAAM,KAAK,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;AACnC,qEAAqE;AACrE,2EAA2E;AAC3E,MAAM,YAAY,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;AAEjD,MAAM,cAAc,GAAG,KAAK,CAAC;AAE7B,KAAK,UAAU,WAAW,CAAC,QAAgB;IACzC,IAAI,GAAG,GAAG,KAAM,CAAC;IACjB,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,GAAG,GAAG,WAAW,GAAG,EAAE,CAAC;IACjD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,cAAc,CAAC;IAC3C,MAAM,IAAI,GAAG,WAAW,MAAM,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAC;IAClD,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC,CAAC;IAChD,IAAI,CAAC,IAAI,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,MAAM,SAAS,IAAI,IAAI,QAAQ,EAAE,CAAC,CAAC;IAC9E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IAC/B,IAAI,QAAQ,KAAK,gBAAgB;QAAE,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC;IACrE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,YAAY,CAAC,QAAgB,EAAE,SAAkB;IACxD,IAAI,KAAK;QAAE,OAAO,EAAE,CAAC,CAAC,qCAAqC;IAC3D,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,aAAa,EAAE,CAAC;IAC5G,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAgB,EAAE,SAAkB;IAC7D,IAAI,KAAK;QAAE,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,aAAa,EAAE,CAAC;IAC5G,IAAI,CAAC,IAAI,EAAE,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IACnD,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAgB;IACzC,IAAI,KAAK;QAAE,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;IACvD,IAAI,CAAC,IAAI,EAAE,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IACnD,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,MAAM,KAAK,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wCAuC0B,CAAC;AAEzC,SAAS,WAAW,CAAC,GAAQ;IAC3B,MAAM,KAAK,GAAG,GAAG,EAAE,KAAK,CAAC;IACzB,IAAI,KAAK,EAAE,IAAI,KAAK,cAAc,EAAE,CAAC;QACnC,OAAO,wBAAwB,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,IAAI,uBAAuB,CAAC;IACpF,CAAC;IACD,IAAI,KAAK,EAAE,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,OAAO,+BAA+B,KAAK,CAAC,QAAQ,EAAE,CAAC;IACzD,CAAC;IACD,IAAI,KAAK,EAAE,IAAI,KAAK,WAAW,IAAI,KAAK,EAAE,IAAI,KAAK,YAAY,EAAE,CAAC;QAChE,OAAO,iBAAiB,KAAK,CAAC,OAAO,IAAI,MAAM,IAAI,KAAK,CAAC,IAAI,IAAI,EAAE,YAAY,CAAC;IAClF,CAAC;IACD,IAAI,GAAG,EAAE,OAAO;QAAE,OAAO,GAAG,CAAC,OAAO,CAAC;IACrC,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC;AAED,iCAAiC;AACjC,IAAI,MAAyB,CAAC;AAE9B,IAAI,CAAC;IAEL,IAAI,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC1B,MAAM,GAAG,GAAG,YAAY,CAAC,YAAY,CAAC,IAAI,aAAa,EAAE,CAAC;QAC1D,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAC3D,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,aAAa,EAAE,CAAC;QACxE,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,MAAM,QAAQ,CAAC,CAAC;QACtE,MAAM,GAAG,MAAM,mBAAmB,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QACrE,MAAM,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACtD,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,aAAa,EAAE,CAAC;QACxE,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,MAAM,QAAQ,CAAC,CAAC;QACtE,MAAM,GAAG,MAAM,sBAAsB,CAAC,SAAS,CAAC,CAAC;QACjD,MAAM,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACtD,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,aAAa,EAAE,CAAC;QACxE,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,qCAAqC,MAAM,QAAQ,CAAC,CAAC;QAC/E,MAAM,GAAG,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QACxE,MAAM,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACtD,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,aAAa,EAAE,CAAC;QACxE,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,yCAAyC,MAAM,QAAQ,CAAC,CAAC;QACnF,MAAM,GAAG,MAAM,yBAAyB,CAAC,SAAS,CAAC,CAAC;IACtD,CAAC;SAAM,IAAI,OAAO,CAAC,mBAAmB,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QAChE,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;QAChD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,2CAA2C;YAC3C,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;YACnF,0BAA0B;YAC1B,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,SAAS,CAAC,CAAC;YACtD,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACtE,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvD,CAAC;YACD,IAAI,IAAI,EAAE,CAAC;gBACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,WAAW,CAAC,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACnF,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvD,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;gBAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;gBAClD,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC5C,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;YAC/E,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,SAAS,CAAC,CAAC;YAC5D,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,SAAS,CAAC,CAAC;YACxD,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACtE,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvD,CAAC;YACD,IAAI,IAAI,EAAE,CAAC;gBACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,WAAW,CAAC,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACnF,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvD,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;gBACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;gBAClD,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;YACjE,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,CAAC,mBAAmB,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;QAChE,IAAI,WAAmB,CAAC;QACxB,IAAI,KAAK,EAAE,CAAC;YACV,WAAW,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;YAC9C,IAAI,CAAC,WAAW,EAAE,CAAC;gBAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAAC,CAAC;YAC1D,WAAW,GAAG,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAClD,CAAC;QACD,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;QAChD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,2CAA2C;YAC3C,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;YACnF,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,cAAc,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACvF,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzF,CAAC;YACD,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,WAAW,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACpG,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzF,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;gBAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,8DAA8D;YAC9D,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,SAAS,CAAC,CAAC;YACtD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;gBAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,mCAAmC,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;YACpH,+CAA+C;YAC/C,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;YACpE,IAAI,cAAc,CAAC,MAAM,KAAK,iBAAiB,EAAE,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,2EAA2E,KAAK,uBAAuB,CAAC,CAAC;YACvH,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,wCAAwC,KAAK,uBAAuB,CAAC,CAAC,CAAC,mCAAmC,CAAC;gBAC/H,OAAO,CAAC,GAAG,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAC;YACtD,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,SAAS,CAAC,CAAC;YAC5D,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,cAAc,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACvF,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzF,CAAC;YACD,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,WAAW,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACpG,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzF,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;gBACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;YACpE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC,CAAC;YACzD,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;QACpC,MAAM,EAAE,GAAG,YAAY,CAAC,eAAe,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;QACtC,IAAI,CAAC,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,OAAO,KAAK,QAAQ,CAAC,CAAC;QACnF,MAAM,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;IAC7D,CAAC;SAAM,IAAI,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,YAAY,CAAC,SAAS,CAAC,IAAI,aAAa,EAAE,CAAC;QACxD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;QACxD,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,QAAQ,CAAC,IAAI,SAAS,CAAC,CAAC;QACtE,MAAM,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACrD,CAAC;SAAM,CAAC;QACN,0CAA0C;QAC1C,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;QAC5B,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAC3D,CAAC;IAED,SAAS;IACT,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrC,CAAC;IACD,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;IAE7B,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACvB,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3D,IAAI,IAAI,KAAK,mBAAmB,IAAI,CAAC,MAAM,EAAE,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,kBAAkB,CAAC,CAAC;YACtD,SAAS;QACX,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,OAAO,EAAE,CAAC;QACZ,wEAAwE;QACxE,sEAAsE;QACtE,0DAA0D;QAC1D,IAAI,QAAQ,GAAQ,IAAI,CAAC;QACzB,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;YACf,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC;QACxB,CAAC;aAAM,IAAI,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;YAC/D,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,SAAS,EAAE,GAAG,MAAM,CAAC;YACtD,QAAQ,GAAG,SAAS,CAAC;QACvB,CAAC;QACD,MAAM,QAAQ,GACZ,MAAM,CAAC,GAAG;YACV,CAAC,MAAM,CAAC,eAAe,KAAK,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC5D,MAAM,GAAG,GAAG,MAAM,CAAC,cAAc,CAAC;QAClC,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC;QACD,IAAI,GAAG,EAAE,CAAC;YACR,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,MAAM;YAAE,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IAChE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAEnC,CAAC;AAAC,OAAO,GAAQ,EAAE,CAAC;IAClB,OAAO,CAAC,KAAK,CAAC,UAAU,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -5,6 +5,7 @@ export { checkSevCpuAttestation } from "./amd.js";
|
|
|
5
5
|
export { checkNvidiaGpuAttestation } from "./nvidia.js";
|
|
6
6
|
export { checkCpuAttestation, detectCpuQuoteType } from "./cpu.js";
|
|
7
7
|
export { checkSecretVm } from "./vm.js";
|
|
8
|
+
export { checkProofOfCloud } from "./proofOfCloud.js";
|
|
8
9
|
export { resolveSecretVmVersion, resolveAmdSevVersion, verifyTdxWorkload, verifySevWorkload, verifyWorkload, formatWorkloadResult, } from "./workload.js";
|
|
9
10
|
export type { WorkloadResult, WorkloadStatus } from "./workload.js";
|
|
10
11
|
export { loadTdxRegistry, findMatchingArtifacts, pickNewestVersion, resolveVersion, } from "./artifacts.js";
|
package/dist/index.js
CHANGED
|
@@ -3,6 +3,7 @@ export { checkSevCpuAttestation } from "./amd.js";
|
|
|
3
3
|
export { checkNvidiaGpuAttestation } from "./nvidia.js";
|
|
4
4
|
export { checkCpuAttestation, detectCpuQuoteType } from "./cpu.js";
|
|
5
5
|
export { checkSecretVm } from "./vm.js";
|
|
6
|
+
export { checkProofOfCloud } from "./proofOfCloud.js";
|
|
6
7
|
export { resolveSecretVmVersion, resolveAmdSevVersion, verifyTdxWorkload, verifySevWorkload, verifyWorkload, formatWorkloadResult, } from "./workload.js";
|
|
7
8
|
export { loadTdxRegistry, findMatchingArtifacts, pickNewestVersion, resolveVersion, } from "./artifacts.js";
|
|
8
9
|
export { resolveAgent, verifyAgent, checkAgent } from "./agent.js";
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAEvE,OAAO,EAAE,sBAAsB,EAAE,MAAM,UAAU,CAAC;AAClD,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AACnE,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EACH,sBAAsB,EACtB,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,oBAAoB,GACvB,MAAM,eAAe,CAAC;AAEvB,OAAO,EACH,eAAe,EACf,qBAAqB,EACrB,iBAAiB,EACjB,cAAc,GACjB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAEnE,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAEvE,OAAO,EAAE,sBAAsB,EAAE,MAAM,UAAU,CAAC;AAClD,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AACnE,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EACH,sBAAsB,EACtB,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,oBAAoB,GACvB,MAAM,eAAe,CAAC;AAEvB,OAAO,EACH,eAAe,EACf,qBAAqB,EACrB,iBAAiB,EACjB,cAAc,GACjB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAEnE,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { AttestationResult } from "./types.js";
|
|
2
|
+
/**
|
|
3
|
+
* Verify a CPU quote against SCRT Labs' proof-of-cloud endpoint.
|
|
4
|
+
*
|
|
5
|
+
* The endpoint at https://secretai.scrtlabs.com/api/quote-parse echoes the
|
|
6
|
+
* parsed quote and adds a `proof_of_cloud` boolean identifying the VM as
|
|
7
|
+
* a Secret VM. This function posts the raw quote and reduces the response
|
|
8
|
+
* to a display-friendly subset (origin, status, machine_id) — the 35 KB
|
|
9
|
+
* `collateral` hex and the redundant quote dump are discarded.
|
|
10
|
+
*/
|
|
11
|
+
export declare function checkProofOfCloud(quote: string): Promise<AttestationResult>;
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
import { makeResult, orderChecks } from "./types.js";
|
|
2
|
+
const POC_URL = "https://secretai.scrtlabs.com/api/quote-parse";
|
|
3
|
+
function curateResponse(body) {
|
|
4
|
+
const quote = (body && typeof body === "object" ? body.quote : null) ?? {};
|
|
5
|
+
return {
|
|
6
|
+
origin: body?.origin ?? null,
|
|
7
|
+
proof_of_cloud: body?.proof_of_cloud ?? null,
|
|
8
|
+
status: body?.status ?? null,
|
|
9
|
+
machine_id: typeof quote === "object" ? quote.machine_id ?? null : null,
|
|
10
|
+
};
|
|
11
|
+
}
|
|
12
|
+
/**
|
|
13
|
+
* Verify a CPU quote against SCRT Labs' proof-of-cloud endpoint.
|
|
14
|
+
*
|
|
15
|
+
* The endpoint at https://secretai.scrtlabs.com/api/quote-parse echoes the
|
|
16
|
+
* parsed quote and adds a `proof_of_cloud` boolean identifying the VM as
|
|
17
|
+
* a Secret VM. This function posts the raw quote and reduces the response
|
|
18
|
+
* to a display-friendly subset (origin, status, machine_id) — the 35 KB
|
|
19
|
+
* `collateral` hex and the redundant quote dump are discarded.
|
|
20
|
+
*/
|
|
21
|
+
export async function checkProofOfCloud(quote) {
|
|
22
|
+
const checks = {};
|
|
23
|
+
const report = {};
|
|
24
|
+
const errors = [];
|
|
25
|
+
let resp;
|
|
26
|
+
try {
|
|
27
|
+
resp = await fetch(POC_URL, {
|
|
28
|
+
method: "POST",
|
|
29
|
+
headers: { "Content-Type": "application/json" },
|
|
30
|
+
body: JSON.stringify({ quote: quote.trim() }),
|
|
31
|
+
});
|
|
32
|
+
}
|
|
33
|
+
catch (e) {
|
|
34
|
+
errors.push(`Failed to reach proof-of-cloud endpoint: ${e.message ?? e}`);
|
|
35
|
+
checks.proof_of_cloud_verified = false;
|
|
36
|
+
return makeResult("PROOF-OF-CLOUD", {
|
|
37
|
+
checks: orderChecks(checks), report, errors,
|
|
38
|
+
});
|
|
39
|
+
}
|
|
40
|
+
if (!resp.ok) {
|
|
41
|
+
errors.push(`Proof-of-cloud endpoint returned HTTP ${resp.status}`);
|
|
42
|
+
checks.proof_of_cloud_verified = false;
|
|
43
|
+
return makeResult("PROOF-OF-CLOUD", {
|
|
44
|
+
checks: orderChecks(checks), report, errors,
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
let body;
|
|
48
|
+
try {
|
|
49
|
+
body = await resp.json();
|
|
50
|
+
}
|
|
51
|
+
catch (e) {
|
|
52
|
+
errors.push(`Proof-of-cloud response was not valid JSON: ${e.message ?? e}`);
|
|
53
|
+
checks.proof_of_cloud_verified = false;
|
|
54
|
+
return makeResult("PROOF-OF-CLOUD", {
|
|
55
|
+
checks: orderChecks(checks), report, errors,
|
|
56
|
+
});
|
|
57
|
+
}
|
|
58
|
+
report.proof_of_cloud = curateResponse(body);
|
|
59
|
+
const passed = body?.proof_of_cloud === true;
|
|
60
|
+
checks.proof_of_cloud_verified = passed;
|
|
61
|
+
if (!passed) {
|
|
62
|
+
errors.push("Proof-of-cloud endpoint reported proof_of_cloud=false");
|
|
63
|
+
}
|
|
64
|
+
return makeResult("PROOF-OF-CLOUD", {
|
|
65
|
+
valid: passed, checks: orderChecks(checks), report, errors,
|
|
66
|
+
});
|
|
67
|
+
}
|
|
68
|
+
//# sourceMappingURL=proofOfCloud.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"proofOfCloud.js","sourceRoot":"","sources":["../src/proofOfCloud.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAExE,MAAM,OAAO,GAAG,+CAA+C,CAAC;AAEhE,SAAS,cAAc,CAAC,IAAS;IAC/B,MAAM,KAAK,GAAG,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;IAC3E,OAAO;QACL,MAAM,EAAE,IAAI,EAAE,MAAM,IAAI,IAAI;QAC5B,cAAc,EAAE,IAAI,EAAE,cAAc,IAAI,IAAI;QAC5C,MAAM,EAAE,IAAI,EAAE,MAAM,IAAI,IAAI;QAC5B,UAAU,EAAE,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI;KACxE,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,KAAa;IAEb,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,MAAM,MAAM,GAAwB,EAAE,CAAC;IACvC,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,IAAI,IAAc,CAAC;IACnB,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;YAC1B,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;SAC9C,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC,OAAO,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1E,MAAM,CAAC,uBAAuB,GAAG,KAAK,CAAC;QACvC,OAAO,UAAU,CAAC,gBAAgB,EAAE;YAClC,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CAAC,yCAAyC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QACpE,MAAM,CAAC,uBAAuB,GAAG,KAAK,CAAC;QACvC,OAAO,UAAU,CAAC,gBAAgB,EAAE;YAClC,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,IAAI,IAAS,CAAC;IACd,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC,OAAO,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7E,MAAM,CAAC,uBAAuB,GAAG,KAAK,CAAC;QACvC,OAAO,UAAU,CAAC,gBAAgB,EAAE;YAClC,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,MAAM,CAAC,cAAc,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,MAAM,GAAG,IAAI,EAAE,cAAc,KAAK,IAAI,CAAC;IAC7C,MAAM,CAAC,uBAAuB,GAAG,MAAM,CAAC;IACxC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;IACvE,CAAC;IAED,OAAO,UAAU,CAAC,gBAAgB,EAAE;QAClC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM;KAC3D,CAAC,CAAC;AACL,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -6,6 +6,7 @@ export interface AttestationResult {
|
|
|
6
6
|
errors: string[];
|
|
7
7
|
}
|
|
8
8
|
export declare function makeResult(attestationType: string, overrides?: Partial<AttestationResult>): AttestationResult;
|
|
9
|
+
export declare function orderChecks(checks: Record<string, boolean>): Record<string, boolean>;
|
|
9
10
|
export interface AgentService {
|
|
10
11
|
name: string;
|
|
11
12
|
endpoint: string;
|
package/dist/types.js
CHANGED
|
@@ -8,4 +8,42 @@ export function makeResult(attestationType, overrides = {}) {
|
|
|
8
8
|
...overrides,
|
|
9
9
|
};
|
|
10
10
|
}
|
|
11
|
+
// Canonical ordering for the per-check list. Keys are inserted into the final
|
|
12
|
+
// `result.checks` object in this order; any keys not listed are appended at
|
|
13
|
+
// the end (future-proofing).
|
|
14
|
+
const CHECK_ORDER = [
|
|
15
|
+
"metadata_valid",
|
|
16
|
+
"cpu_quote_fetched",
|
|
17
|
+
"tls_cert_fetched",
|
|
18
|
+
// TDX-specific detail keys (present on direct checkTdxCpuAttestation results)
|
|
19
|
+
"quote_parsed",
|
|
20
|
+
"quote_verified",
|
|
21
|
+
// SEV-specific detail keys (present on direct checkSevCpuAttestation results)
|
|
22
|
+
"report_parsed",
|
|
23
|
+
"vcek_fetched",
|
|
24
|
+
"cert_chain_valid",
|
|
25
|
+
"crl_check_passed",
|
|
26
|
+
"report_signature_valid",
|
|
27
|
+
// VM-level rollup (present on checkSecretVm results)
|
|
28
|
+
"cpu_quote_verified",
|
|
29
|
+
"tls_binding_verified",
|
|
30
|
+
"gpu_quote_fetched",
|
|
31
|
+
"gpu_quote_verified",
|
|
32
|
+
"gpu_binding_verified",
|
|
33
|
+
"workload_fetched",
|
|
34
|
+
"workload_binding_verified",
|
|
35
|
+
"proof_of_cloud_verified",
|
|
36
|
+
];
|
|
37
|
+
export function orderChecks(checks) {
|
|
38
|
+
const out = {};
|
|
39
|
+
for (const key of CHECK_ORDER) {
|
|
40
|
+
if (key in checks)
|
|
41
|
+
out[key] = checks[key];
|
|
42
|
+
}
|
|
43
|
+
for (const key of Object.keys(checks)) {
|
|
44
|
+
if (!(key in out))
|
|
45
|
+
out[key] = checks[key];
|
|
46
|
+
}
|
|
47
|
+
return out;
|
|
48
|
+
}
|
|
11
49
|
//# sourceMappingURL=types.js.map
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAQA,MAAM,UAAU,UAAU,CACxB,eAAuB,EACvB,YAAwC,EAAE;IAE1C,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,eAAe;QACf,MAAM,EAAE,EAAE;QACV,MAAM,EAAE,EAAE;QACV,MAAM,EAAE,EAAE;QACV,GAAG,SAAS;KACb,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAQA,MAAM,UAAU,UAAU,CACxB,eAAuB,EACvB,YAAwC,EAAE;IAE1C,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,eAAe;QACf,MAAM,EAAE,EAAE;QACV,MAAM,EAAE,EAAE;QACV,MAAM,EAAE,EAAE;QACV,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,4EAA4E;AAC5E,6BAA6B;AAC7B,MAAM,WAAW,GAAa;IAC5B,gBAAgB;IAChB,mBAAmB;IACnB,kBAAkB;IAClB,8EAA8E;IAC9E,cAAc;IACd,gBAAgB;IAChB,8EAA8E;IAC9E,eAAe;IACf,cAAc;IACd,kBAAkB;IAClB,kBAAkB;IAClB,wBAAwB;IACxB,qDAAqD;IACrD,oBAAoB;IACpB,sBAAsB;IACtB,mBAAmB;IACnB,oBAAoB;IACpB,sBAAsB;IACtB,kBAAkB;IAClB,2BAA2B;IAC3B,yBAAyB;CAC1B,CAAC;AAEF,MAAM,UAAU,WAAW,CACzB,MAA+B;IAE/B,MAAM,GAAG,GAA4B,EAAE,CAAC;IACxC,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;QAC9B,IAAI,GAAG,IAAI,MAAM;YAAE,GAAG,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC;YAAE,GAAG,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
|
package/dist/vm.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
|
-
import { makeResult } from "./types.js";
|
|
1
|
+
import { makeResult, orderChecks } from "./types.js";
|
|
2
2
|
import { checkCpuAttestation } from "./cpu.js";
|
|
3
3
|
import { checkNvidiaGpuAttestation } from "./nvidia.js";
|
|
4
|
+
import { checkProofOfCloud } from "./proofOfCloud.js";
|
|
4
5
|
import { verifyWorkload } from "./workload.js";
|
|
5
6
|
import { extractDockerCompose, getTlsCertFingerprint } from "./url.js";
|
|
6
7
|
const SECRET_VM_PORT = 29343;
|
|
@@ -38,13 +39,13 @@ export async function checkSecretVm(url, product = "", reloadAmdKds = false) {
|
|
|
38
39
|
let tlsFingerprint;
|
|
39
40
|
try {
|
|
40
41
|
tlsFingerprint = await getTlsCertFingerprint(host, port);
|
|
41
|
-
checks.
|
|
42
|
+
checks.tls_cert_fetched = true;
|
|
42
43
|
report.tls_fingerprint = tlsFingerprint.toString("hex");
|
|
43
44
|
}
|
|
44
45
|
catch (e) {
|
|
45
46
|
errors.push(`Failed to get TLS certificate: ${e.message}`);
|
|
46
|
-
checks.
|
|
47
|
-
return makeResult("SECRET-VM", { checks, report, errors });
|
|
47
|
+
checks.tls_cert_fetched = false;
|
|
48
|
+
return makeResult("SECRET-VM", { checks: orderChecks(checks), report, errors });
|
|
48
49
|
}
|
|
49
50
|
// 2. Fetch and verify CPU quote
|
|
50
51
|
let cpuData;
|
|
@@ -58,16 +59,10 @@ export async function checkSecretVm(url, product = "", reloadAmdKds = false) {
|
|
|
58
59
|
catch (e) {
|
|
59
60
|
errors.push(`Failed to fetch CPU quote: ${e.message}`);
|
|
60
61
|
checks.cpu_quote_fetched = false;
|
|
61
|
-
return makeResult("SECRET-VM", { checks, report, errors });
|
|
62
|
+
return makeResult("SECRET-VM", { checks: orderChecks(checks), report, errors });
|
|
62
63
|
}
|
|
63
64
|
const cpuResult = await checkCpuAttestation(cpuData, product, reloadAmdKds);
|
|
64
|
-
checks.
|
|
65
|
-
// Propagate the inner DCAP/QVL verification verdict so callers (and the CLI)
|
|
66
|
-
// can surface it prominently. Only TDX currently uses QVL; SEV results don't
|
|
67
|
-
// populate this key.
|
|
68
|
-
if (cpuResult.checks.quote_verified !== undefined) {
|
|
69
|
-
checks.cpu_quote_verified = cpuResult.checks.quote_verified;
|
|
70
|
-
}
|
|
65
|
+
checks.cpu_quote_verified = cpuResult.valid;
|
|
71
66
|
report.cpu = cpuResult.report;
|
|
72
67
|
report.cpu_type = cpuResult.attestationType;
|
|
73
68
|
if (!cpuResult.valid) {
|
|
@@ -77,14 +72,14 @@ export async function checkSecretVm(url, product = "", reloadAmdKds = false) {
|
|
|
77
72
|
const reportDataHex = cpuResult.report.report_data ?? "";
|
|
78
73
|
if (reportDataHex.length >= 64) {
|
|
79
74
|
const firstHalf = reportDataHex.slice(0, 64);
|
|
80
|
-
checks.
|
|
81
|
-
if (!checks.
|
|
75
|
+
checks.tls_binding_verified = firstHalf === tlsFingerprint.toString("hex");
|
|
76
|
+
if (!checks.tls_binding_verified) {
|
|
82
77
|
errors.push(`TLS binding failed: report_data first half (${firstHalf.slice(0, 16)}...) ` +
|
|
83
78
|
`!= TLS fingerprint (${tlsFingerprint.toString("hex").slice(0, 16)}...)`);
|
|
84
79
|
}
|
|
85
80
|
}
|
|
86
81
|
else {
|
|
87
|
-
checks.
|
|
82
|
+
checks.tls_binding_verified = false;
|
|
88
83
|
errors.push("report_data too short for TLS binding check");
|
|
89
84
|
}
|
|
90
85
|
// 4. Fetch GPU quote (optional)
|
|
@@ -112,7 +107,7 @@ export async function checkSecretVm(url, product = "", reloadAmdKds = false) {
|
|
|
112
107
|
}
|
|
113
108
|
if (gpuPresent) {
|
|
114
109
|
const gpuResult = await checkNvidiaGpuAttestation(gpuData);
|
|
115
|
-
checks.
|
|
110
|
+
checks.gpu_quote_verified = gpuResult.valid;
|
|
116
111
|
report.gpu = gpuResult.report;
|
|
117
112
|
if (!gpuResult.valid) {
|
|
118
113
|
errors.push(...gpuResult.errors);
|
|
@@ -122,14 +117,14 @@ export async function checkSecretVm(url, product = "", reloadAmdKds = false) {
|
|
|
122
117
|
const gpuNonce = gpuJson.nonce ?? "";
|
|
123
118
|
if (reportDataHex.length >= 128) {
|
|
124
119
|
const secondHalf = reportDataHex.slice(64, 128);
|
|
125
|
-
checks.
|
|
126
|
-
if (!checks.
|
|
120
|
+
checks.gpu_binding_verified = secondHalf === gpuNonce;
|
|
121
|
+
if (!checks.gpu_binding_verified) {
|
|
127
122
|
errors.push(`GPU binding failed: report_data second half (${secondHalf.slice(0, 16)}...) ` +
|
|
128
123
|
`!= GPU nonce (${gpuNonce.slice(0, 16)}...)`);
|
|
129
124
|
}
|
|
130
125
|
}
|
|
131
126
|
else {
|
|
132
|
-
checks.
|
|
127
|
+
checks.gpu_binding_verified = false;
|
|
133
128
|
errors.push("report_data too short for GPU binding check");
|
|
134
129
|
}
|
|
135
130
|
}
|
|
@@ -141,7 +136,7 @@ export async function checkSecretVm(url, product = "", reloadAmdKds = false) {
|
|
|
141
136
|
const dockerCompose = extractDockerCompose(await resp.text());
|
|
142
137
|
checks.workload_fetched = true;
|
|
143
138
|
const workloadResult = await verifyWorkload(cpuData, dockerCompose);
|
|
144
|
-
checks.
|
|
139
|
+
checks.workload_binding_verified = workloadResult.status === "authentic_match";
|
|
145
140
|
report.workload = workloadResult;
|
|
146
141
|
if (workloadResult.status === "authentic_mismatch") {
|
|
147
142
|
errors.push("Workload mismatch: VM is authentic but docker-compose does not match");
|
|
@@ -154,19 +149,30 @@ export async function checkSecretVm(url, product = "", reloadAmdKds = false) {
|
|
|
154
149
|
errors.push(`Failed to fetch workload: ${e.message}`);
|
|
155
150
|
checks.workload_fetched = false;
|
|
156
151
|
}
|
|
152
|
+
// 7. Proof of cloud: SCRT Labs' quote-parse endpoint identifies the VM
|
|
153
|
+
// as a Secret VM.
|
|
154
|
+
const pocResult = await checkProofOfCloud(cpuData);
|
|
155
|
+
checks.proof_of_cloud_verified = pocResult.valid;
|
|
156
|
+
if (pocResult.report.proof_of_cloud !== undefined) {
|
|
157
|
+
report.proof_of_cloud = pocResult.report.proof_of_cloud;
|
|
158
|
+
}
|
|
159
|
+
if (!pocResult.valid) {
|
|
160
|
+
errors.push(...pocResult.errors);
|
|
161
|
+
}
|
|
157
162
|
// Overall validity
|
|
158
163
|
const requiredChecks = [
|
|
159
|
-
checks.
|
|
164
|
+
checks.tls_cert_fetched,
|
|
160
165
|
checks.cpu_quote_fetched,
|
|
161
|
-
checks.
|
|
162
|
-
checks.
|
|
163
|
-
!!checks.
|
|
166
|
+
checks.cpu_quote_verified,
|
|
167
|
+
checks.tls_binding_verified,
|
|
168
|
+
!!checks.workload_binding_verified,
|
|
169
|
+
!!checks.proof_of_cloud_verified,
|
|
164
170
|
];
|
|
165
171
|
if (gpuPresent) {
|
|
166
|
-
requiredChecks.push(!!checks.
|
|
167
|
-
requiredChecks.push(!!checks.
|
|
172
|
+
requiredChecks.push(!!checks.gpu_quote_verified);
|
|
173
|
+
requiredChecks.push(!!checks.gpu_binding_verified);
|
|
168
174
|
}
|
|
169
175
|
const valid = requiredChecks.every(Boolean);
|
|
170
|
-
return makeResult("SECRET-VM", { valid, checks, report, errors });
|
|
176
|
+
return makeResult("SECRET-VM", { valid, checks: orderChecks(checks), report, errors });
|
|
171
177
|
}
|
|
172
178
|
//# sourceMappingURL=vm.js.map
|
package/dist/vm.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vm.js","sourceRoot":"","sources":["../src/vm.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,UAAU,EAAE,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"vm.js","sourceRoot":"","sources":["../src/vm.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACxE,OAAO,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAC/C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAC;AAEvE,MAAM,cAAc,GAAG,KAAK,CAAC;AAE7B,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,wCAAwC;AACxC,OAAO,EAAE,oBAAoB,EAAE,CAAC;AAEhC,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,GAAG,GAAG,WAAW,GAAG,EAAE,CAAC;IACjD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5B,OAAO;QACL,IAAI,EAAE,MAAM,CAAC,QAAQ;QACrB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,cAAc;KACzD,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAE9E,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,GAAW,EACX,OAAO,GAAG,EAAE,EACZ,YAAY,GAAG,KAAK;IAEpB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,MAAM,MAAM,GAAwB,EAAE,CAAC;IAEvC,IAAI,IAAY,CAAC;IACjB,IAAI,IAAY,CAAC;IACjB,IAAI,CAAC;QACH,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;IACrC,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,UAAU,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,OAAO,GAAG,WAAW,IAAI,IAAI,IAAI,EAAE,CAAC;IAE1C,iCAAiC;IACjC,IAAI,cAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,cAAc,GAAG,MAAM,qBAAqB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC/B,MAAM,CAAC,eAAe,GAAG,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAC3D,MAAM,CAAC,gBAAgB,GAAG,KAAK,CAAC;QAChC,OAAO,UAAU,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,gCAAgC;IAChC,IAAI,OAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,MAAM,CAAC,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAClC,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACvD,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;QACjC,OAAO,UAAU,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAC5E,MAAM,CAAC,kBAAkB,GAAG,SAAS,CAAC,KAAK,CAAC;IAC5C,MAAM,CAAC,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC;IAC9B,MAAM,CAAC,QAAQ,GAAG,SAAS,CAAC,eAAe,CAAC;IAC5C,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,qEAAqE;IACrE,MAAM,aAAa,GAAW,SAAS,CAAC,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;IACjE,IAAI,aAAa,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;QAC/B,MAAM,SAAS,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7C,MAAM,CAAC,oBAAoB,GAAG,SAAS,KAAK,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC3E,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;YACjC,MAAM,CAAC,IAAI,CACT,+CAA+C,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO;gBAC1E,uBAAuB,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAC3E,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,oBAAoB,GAAG,KAAK,CAAC;QACpC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IAC7D,CAAC;IAED,gCAAgC;IAChC,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,MAAM,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACnC,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;gBACtB,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,IAAI,CAAC;gBAClB,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;YAClC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;QACnC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,iBAAiB,GAAG,KAAK,CAAC;IACnC,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAC3D,MAAM,CAAC,kBAAkB,GAAG,SAAS,CAAC,KAAK,CAAC;QAC5C,MAAM,CAAC,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC;QAC9B,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;YACrB,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;QACnC,CAAC;QAED,8DAA8D;QAC9D,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,QAAQ,GAAW,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,aAAa,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;YAChC,MAAM,UAAU,GAAG,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YAChD,MAAM,CAAC,oBAAoB,GAAG,UAAU,KAAK,QAAQ,CAAC;YACtD,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;gBACjC,MAAM,CAAC,IAAI,CACT,gDAAgD,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO;oBAC5E,iBAAiB,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAC/C,CAAC;YACJ,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,oBAAoB,GAAG,KAAK,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,gDAAgD;IAChD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;QACtD,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,MAAM,aAAa,GAAG,oBAAoB,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAE/B,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACpE,MAAM,CAAC,yBAAyB,GAAG,cAAc,CAAC,MAAM,KAAK,iBAAiB,CAAC;QAC/E,MAAM,CAAC,QAAQ,GAAG,cAAc,CAAC;QACjC,IAAI,cAAc,CAAC,MAAM,KAAK,oBAAoB,EAAE,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;QACtF,CAAC;aAAM,IAAI,cAAc,CAAC,MAAM,KAAK,eAAe,EAAE,CAAC;YACrD,MAAM,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QACtD,MAAM,CAAC,gBAAgB,GAAG,KAAK,CAAC;IAClC,CAAC;IAED,uEAAuE;IACvE,kBAAkB;IAClB,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,CAAC,uBAAuB,GAAG,SAAS,CAAC,KAAK,CAAC;IACjD,IAAI,SAAS,CAAC,MAAM,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;QAClD,MAAM,CAAC,cAAc,GAAG,SAAS,CAAC,MAAM,CAAC,cAAc,CAAC;IAC1D,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,mBAAmB;IACnB,MAAM,cAAc,GAAG;QACrB,MAAM,CAAC,gBAAgB;QACvB,MAAM,CAAC,iBAAiB;QACxB,MAAM,CAAC,kBAAkB;QACzB,MAAM,CAAC,oBAAoB;QAC3B,CAAC,CAAC,MAAM,CAAC,yBAAyB;QAClC,CAAC,CAAC,MAAM,CAAC,uBAAuB;KACjC,CAAC;IACF,IAAI,UAAU,EAAE,CAAC;QACf,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACjD,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;IACrD,CAAC;IACD,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAE5C,OAAO,UAAU,CAAC,WAAW,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;AACzF,CAAC"}
|