sigild 0.0.1 → 0.0.3

package/dist/src/policy/evaluate.js

@@ -0,0 +1,73 @@
+/**
+ * Pure evaluator. Takes a (request, policy), returns Allow or Deny(reason).
+ *
+ * The reason string is what the caller writes into the audit log and surfaces
+ * as the RPC_POLICY_DENIED error message — write it for a human.
+ *
+ * Permissive mode short-circuits to Allow for everything. Strict mode walks
+ * the rules in a fixed order and returns the first failing one — the order
+ * doesn't matter for correctness, only for which reason the user sees first.
+ */
+export function evaluate(request, policy) {
+    if (policy.mode === 'permissive')
+        return { allow: true };
+    switch (request.kind) {
+        case 'transaction':
+            return evaluateTransaction(request.tx, policy);
+        case 'message':
+            return policy.allowMessageSigning
+                ? { allow: true }
+                : {
+                    allow: false,
+                    reason: 'personal_sign denied — strict mode + allow_message_signing=false',
+                };
+        case 'typed_data':
+            return policy.allowTypedData
+                ? { allow: true }
+                : {
+                    allow: false,
+                    reason: 'EIP-712 typed-data denied — strict mode + allow_typed_data=false',
+                };
+    }
+}
+function evaluateTransaction(tx, policy) {
+    // 1. chain ID
+    if (!policy.chainIds.includes(Number(tx.chainId))) {
+        return {
+            allow: false,
+            reason: `tx denied — chain ${tx.chainId} not in chain_ids ${JSON.stringify(policy.chainIds)}`,
+        };
+    }
+    // 2. contract creation (to: null) — denied by default; future "allow_contract_creation" toggle
+    if (tx.to === null) {
+        return { allow: false, reason: 'tx denied — contract creation not allowed' };
+    }
+    // 3. destination allowlist (case-insensitive; allow_to is pre-lowercased)
+    const to = tx.to.toLowerCase();
+    if (!policy.allowTo.includes(to)) {
+        return { allow: false, reason: `tx denied — destination ${to} not in allow_to` };
+    }
+    // 4. per-tx value cap
+    if (tx.value > policy.maxValueWei) {
+        return {
+            allow: false,
+            reason: `tx denied — value ${tx.value} wei exceeds max_value_wei ${policy.maxValueWei}`,
+        };
+    }
+    // 5. function selector allowlist (only for txs with calldata)
+    const dataHex = typeof tx.data === 'string' ? tx.data : ('0x' + tx.data.toString('hex'));
+    if (dataHex.length > 2) {
+        if (dataHex.length < 10) {
+            return { allow: false, reason: `tx denied — calldata too short to extract selector` };
+        }
+        const selector = dataHex.slice(0, 10).toLowerCase();
+        if (!policy.allowedSelectors.includes(selector)) {
+            return {
+                allow: false,
+                reason: `tx denied — selector ${selector} not in allowed_selectors`,
+            };
+        }
+    }
+    return { allow: true };
+}
+//# sourceMappingURL=evaluate.js.map

package/dist/src/policy/evaluate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"evaluate.js","sourceRoot":"","sources":["../../../src/policy/evaluate.ts"],"names":[],"mappings":"AAGA;;;;;;;;;GASG;AACH,MAAM,UAAU,QAAQ,CAAC,OAAsB,EAAE,MAAc;IAC7D,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY;QAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzD,QAAQ,OAAO,CAAC,IAAI,EAAE,CAAC;QACrB,KAAK,aAAa;YAChB,OAAO,mBAAmB,CAAC,OAAO,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;QACjD,KAAK,SAAS;YACZ,OAAO,MAAM,CAAC,mBAAmB;gBAC/B,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;gBACjB,CAAC,CAAC;oBACE,KAAK,EAAE,KAAK;oBACZ,MAAM,EAAE,kEAAkE;iBAC3E,CAAC;QACR,KAAK,YAAY;YACf,OAAO,MAAM,CAAC,cAAc;gBAC1B,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;gBACjB,CAAC,CAAC;oBACE,KAAK,EAAE,KAAK;oBACZ,MAAM,EAAE,kEAAkE;iBAC3E,CAAC;IACV,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,EAAc,EAAE,MAAc;IACzD,cAAc;IACd,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QAClD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,qBAAqB,EAAE,CAAC,OAAO,qBAAqB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE;SAC9F,CAAC;IACJ,CAAC;IAED,+FAA+F;IAC/F,IAAI,EAAE,CAAC,EAAE,KAAK,IAAI,EAAE,CAAC;QACnB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,2CAA2C,EAAE,CAAC;IAC/E,CAAC;IAED,0EAA0E;IAC1E,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;QACjC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,2BAA2B,EAAE,kBAAkB,EAAE,CAAC;IACnF,CAAC;IAED,sBAAsB;IACtB,IAAI,EAAE,CAAC,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QAClC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,qBAAqB,EAAE,CAAC,KAAK,8BAA8B,MAAM,CAAC,WAAW,EAAE;SACxF,CAAC;IACJ,CAAC;IAED,8DAA8D;IAC9D,MAAM,OAAO,GAAG,OAAO,EAAE,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;IACzF,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YACxB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,oDAAoD,EAAE,CAAC;QACxF,CAAC;QACD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QACpD,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChD,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,wBAAwB,QAAQ,2BAA2B;aACpE,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC"}

package/dist/src/policy/index.d.ts

@@ -0,0 +1,5 @@
+export { type Policy, type PolicyRequest, type PolicyDecision, type PolicyResolver, PolicyLoadError, } from './types.js';
+export { parsePolicy, FileSystemPolicyResolver, permissivePolicyResolver, } from './loader.js';
+export { evaluate } from './evaluate.js';
+export { type PolicyMode, PERMISSIVE_TEMPLATE, STRICT_TEMPLATE, policyTemplate, } from './template.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/policy/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/policy/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,MAAM,EACX,KAAK,aAAa,EAClB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,eAAe,GAChB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,WAAW,EACX,wBAAwB,EACxB,wBAAwB,GACzB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EACL,KAAK,UAAU,EACf,mBAAmB,EACnB,eAAe,EACf,cAAc,GACf,MAAM,eAAe,CAAC"}

package/dist/src/policy/index.js

@@ -0,0 +1,5 @@
+export { PolicyLoadError, } from './types.js';
+export { parsePolicy, FileSystemPolicyResolver, permissivePolicyResolver, } from './loader.js';
+export { evaluate } from './evaluate.js';
+export { PERMISSIVE_TEMPLATE, STRICT_TEMPLATE, policyTemplate, } from './template.js';
+//# sourceMappingURL=index.js.map

package/dist/src/policy/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/policy/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,eAAe,GAChB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,WAAW,EACX,wBAAwB,EACxB,wBAAwB,GACzB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAEL,mBAAmB,EACnB,eAAe,EACf,cAAc,GACf,MAAM,eAAe,CAAC"}

package/dist/src/policy/loader.d.ts

@@ -0,0 +1,33 @@
+import { type Policy, type PolicyResolver } from './types.js';
+/**
+ * Parse + validate + normalize a TOML policy file. Throws PolicyLoadError on
+ * any schema violation with a message pointing at the offending field.
+ *
+ * Normalization:
+ *   - addresses lowercased so allowlist membership is case-insensitive
+ *   - selectors lowercased likewise
+ *   - max_value_wei string → bigint
+ *
+ * Permissive mode tolerates missing strict fields (they're ignored anyway).
+ * Strict mode applies defaults: chain_ids must be present; everything else
+ * defaults to a closed/zero value.
+ */
+export declare function parsePolicy(source: string): Policy;
+/**
+ * A PolicyResolver that returns the same permissive policy for every handle.
+ * Useful for tests that want to exercise sign methods without provisioning
+ * a TOML file per portal.
+ */
+export declare function permissivePolicyResolver(): PolicyResolver;
+/**
+ * File-backed PolicyResolver: reads ~/.sigil/policy/<handle>.toml every time
+ * resolve() is called. Sign calls are human-paced so the read is cheap; the
+ * fresh read also means policy edits take effect immediately (no daemon
+ * restart).
+ */
+export declare class FileSystemPolicyResolver implements PolicyResolver {
+    #private;
+    constructor(policyDir: string);
+    resolve(handle: string): Policy;
+}
+//# sourceMappingURL=loader.d.ts.map

package/dist/src/policy/loader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"loader.d.ts","sourceRoot":"","sources":["../../../src/policy/loader.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,KAAK,MAAM,EAAmB,KAAK,cAAc,EAAE,MAAM,YAAY,CAAC;AAM/E;;;;;;;;;;;;GAYG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CA+DlD;AAED;;;;GAIG;AACH,wBAAgB,wBAAwB,IAAI,cAAc,CAWzD;AAED;;;;;GAKG;AACH,qBAAa,wBAAyB,YAAW,cAAc;;gBAEjD,SAAS,EAAE,MAAM;IAG7B,OAAO,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM;CAehC"}

package/dist/src/policy/loader.js

@@ -0,0 +1,170 @@
+import { readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import toml from '@iarna/toml';
+import { PolicyLoadError } from './types.js';
+const ADDR_RE = /^0x[0-9a-fA-F]{40}$/;
+const SELECTOR_RE = /^0x[0-9a-fA-F]{8}$/;
+const DEC_RE = /^[0-9]+$/;
+/**
+ * Parse + validate + normalize a TOML policy file. Throws PolicyLoadError on
+ * any schema violation with a message pointing at the offending field.
+ *
+ * Normalization:
+ *   - addresses lowercased so allowlist membership is case-insensitive
+ *   - selectors lowercased likewise
+ *   - max_value_wei string → bigint
+ *
+ * Permissive mode tolerates missing strict fields (they're ignored anyway).
+ * Strict mode applies defaults: chain_ids must be present; everything else
+ * defaults to a closed/zero value.
+ */
+export function parsePolicy(source) {
+    let raw;
+    try {
+        raw = toml.parse(source);
+    }
+    catch (err) {
+        throw new PolicyLoadError(`policy: invalid TOML — ${err.message}`, err);
+    }
+    const mode = raw['mode'];
+    if (mode !== 'permissive' && mode !== 'strict') {
+        throw new PolicyLoadError(`policy.mode must be "permissive" or "strict" (got ${JSON.stringify(mode)})`);
+    }
+    if (mode === 'permissive') {
+        return {
+            mode: 'permissive',
+            chainIds: [],
+            allowTo: [],
+            maxValueWei: 0n,
+            allowedSelectors: [],
+            allowMessageSigning: true,
+            allowTypedData: true,
+        };
+    }
+    // strict mode — every field is consulted; apply defaults for absent ones.
+    const chainIds = asNumberArray(raw['chain_ids'], 'chain_ids', { required: true });
+    for (const id of chainIds) {
+        if (!Number.isInteger(id) || id < 0) {
+            throw new PolicyLoadError(`policy.chain_ids[*] must be non-negative integers (got ${id})`);
+        }
+    }
+    const allowToRaw = asStringArray(raw['allow_to'], 'allow_to');
+    const allowTo = allowToRaw.map((s, i) => {
+        if (!ADDR_RE.test(s)) {
+            throw new PolicyLoadError(`policy.allow_to[${i}] must be 0x-prefixed 20-byte address`);
+        }
+        return s.toLowerCase();
+    });
+    const maxValueWei = parseMaxValue(raw['max_value_wei']);
+    const selectorsRaw = asStringArray(raw['allowed_selectors'], 'allowed_selectors');
+    const allowedSelectors = selectorsRaw.map((s, i) => {
+        if (!SELECTOR_RE.test(s)) {
+            throw new PolicyLoadError(`policy.allowed_selectors[${i}] must be 0x + 4 hex bytes (got ${JSON.stringify(s)})`);
+        }
+        return s.toLowerCase();
+    });
+    const allowMessageSigning = asBool(raw['allow_message_signing'], 'allow_message_signing', false);
+    const allowTypedData = asBool(raw['allow_typed_data'], 'allow_typed_data', false);
+    return {
+        mode: 'strict',
+        chainIds,
+        allowTo,
+        maxValueWei,
+        allowedSelectors,
+        allowMessageSigning,
+        allowTypedData,
+    };
+}
+/**
+ * A PolicyResolver that returns the same permissive policy for every handle.
+ * Useful for tests that want to exercise sign methods without provisioning
+ * a TOML file per portal.
+ */
+export function permissivePolicyResolver() {
+    const policy = {
+        mode: 'permissive',
+        chainIds: [],
+        allowTo: [],
+        maxValueWei: 0n,
+        allowedSelectors: [],
+        allowMessageSigning: true,
+        allowTypedData: true,
+    };
+    return { resolve: () => policy };
+}
+/**
+ * File-backed PolicyResolver: reads ~/.sigil/policy/<handle>.toml every time
+ * resolve() is called. Sign calls are human-paced so the read is cheap; the
+ * fresh read also means policy edits take effect immediately (no daemon
+ * restart).
+ */
+export class FileSystemPolicyResolver {
+    #policyDir;
+    constructor(policyDir) {
+        this.#policyDir = policyDir;
+    }
+    resolve(handle) {
+        const path = join(this.#policyDir, `${handle}.toml`);
+        let source;
+        try {
+            source = readFileSync(path, 'utf8');
+        }
+        catch (err) {
+            if (err.code === 'ENOENT') {
+                throw new PolicyLoadError(`policy: no policy file for portal "${handle}" at ${path} — run "sigil portal add" to provision`);
+            }
+            throw new PolicyLoadError(`policy: failed to read ${path}`, err);
+        }
+        return parsePolicy(source);
+    }
+}
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function asNumberArray(v, name, opts = {}) {
+    if (v === undefined) {
+        if (opts.required)
+            throw new PolicyLoadError(`policy.${name} is required in strict mode`);
+        return [];
+    }
+    if (!Array.isArray(v))
+        throw new PolicyLoadError(`policy.${name} must be an array`);
+    return v.map((item, i) => {
+        if (typeof item !== 'number') {
+            throw new PolicyLoadError(`policy.${name}[${i}] must be a number (got ${typeof item})`);
+        }
+        return item;
+    });
+}
+function asStringArray(v, name) {
+    if (v === undefined)
+        return [];
+    if (!Array.isArray(v))
+        throw new PolicyLoadError(`policy.${name} must be an array`);
+    return v.map((item, i) => {
+        if (typeof item !== 'string') {
+            throw new PolicyLoadError(`policy.${name}[${i}] must be a string (got ${typeof item})`);
+        }
+        return item;
+    });
+}
+function asBool(v, name, def) {
+    if (v === undefined)
+        return def;
+    if (typeof v !== 'boolean') {
+        throw new PolicyLoadError(`policy.${name} must be a boolean (got ${typeof v})`);
+    }
+    return v;
+}
+function parseMaxValue(v) {
+    if (v === undefined)
+        return 0n;
+    if (typeof v !== 'string') {
+        throw new PolicyLoadError(`policy.max_value_wei must be a decimal string (e.g. "100000000000000000"); got ${typeof v}`);
+    }
+    if (!DEC_RE.test(v)) {
+        throw new PolicyLoadError(`policy.max_value_wei must be a decimal integer string (got ${JSON.stringify(v)})`);
+    }
+    return BigInt(v);
+}
+//# sourceMappingURL=loader.js.map

package/dist/src/policy/loader.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"loader.js","sourceRoot":"","sources":["../../../src/policy/loader.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,IAAI,MAAM,aAAa,CAAC;AAC/B,OAAO,EAAe,eAAe,EAAuB,MAAM,YAAY,CAAC;AAE/E,MAAM,OAAO,GAAG,qBAAqB,CAAC;AACtC,MAAM,WAAW,GAAG,oBAAoB,CAAC;AACzC,MAAM,MAAM,GAAG,UAAU,CAAC;AAE1B;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,WAAW,CAAC,MAAc;IACxC,IAAI,GAAiB,CAAC;IACtB,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,eAAe,CAAC,0BAA2B,GAAa,CAAC,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC;IACrF,CAAC;IAED,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;IACzB,IAAI,IAAI,KAAK,YAAY,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,MAAM,IAAI,eAAe,CAAC,qDAAqD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1G,CAAC;IAED,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;QAC1B,OAAO;YACL,IAAI,EAAE,YAAY;YAClB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,gBAAgB,EAAE,EAAE;YACpB,mBAAmB,EAAE,IAAI;YACzB,cAAc,EAAE,IAAI;SACrB,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,WAAW,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IAClF,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC1B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,eAAe,CAAC,0DAA0D,EAAE,GAAG,CAAC,CAAC;QAC7F,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC,CAAC;IAC9D,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACtC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,eAAe,CAAC,mBAAmB,CAAC,uCAAuC,CAAC,CAAC;QACzF,CAAC;QACD,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC;IAExD,MAAM,YAAY,GAAG,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAAE,mBAAmB,CAAC,CAAC;IAClF,MAAM,gBAAgB,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACjD,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,eAAe,CAAC,4BAA4B,CAAC,mCAAmC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAClH,CAAC;QACD,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,MAAM,mBAAmB,GAAG,MAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,EAAE,uBAAuB,EAAE,KAAK,CAAC,CAAC;IACjG,MAAM,cAAc,GAAG,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,kBAAkB,EAAE,KAAK,CAAC,CAAC;IAElF,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,QAAQ;QACR,OAAO;QACP,WAAW;QACX,gBAAgB;QAChB,mBAAmB;QACnB,cAAc;KACf,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,wBAAwB;IACtC,MAAM,MAAM,GAAW;QACrB,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,EAAE;QACZ,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,gBAAgB,EAAE,EAAE;QACpB,mBAAmB,EAAE,IAAI;QACzB,cAAc,EAAE,IAAI;KACrB,CAAC;IACF,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC;AACnC,CAAC;AAED;;;;;GAKG;AACH,MAAM,OAAO,wBAAwB;IAC1B,UAAU,CAAS;IAC5B,YAAY,SAAiB;QAC3B,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;IAC9B,CAAC;IACD,OAAO,CAAC,MAAc;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,MAAM,OAAO,CAAC,CAAC;QACrD,IAAI,MAAc,CAAC;QACnB,IAAI,CAAC;YACH,MAAM,GAAG,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACrD,MAAM,IAAI,eAAe,CACvB,sCAAsC,MAAM,QAAQ,IAAI,wCAAwC,CACjG,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,eAAe,CAAC,0BAA0B,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC;QACnE,CAAC;QACD,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC;IAC7B,CAAC;CACF;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,SAAS,aAAa,CAAC,CAAU,EAAE,IAAY,EAAE,OAA+B,EAAE;IAChF,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;QACpB,IAAI,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,eAAe,CAAC,UAAU,IAAI,6BAA6B,CAAC,CAAC;QAC1F,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,eAAe,CAAC,UAAU,IAAI,mBAAmB,CAAC,CAAC;IACpF,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACvB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,IAAI,eAAe,CAAC,UAAU,IAAI,IAAI,CAAC,2BAA2B,OAAO,IAAI,GAAG,CAAC,CAAC;QAC1F,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,aAAa,CAAC,CAAU,EAAE,IAAY;IAC7C,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,eAAe,CAAC,UAAU,IAAI,mBAAmB,CAAC,CAAC;IACpF,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACvB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,IAAI,eAAe,CAAC,UAAU,IAAI,IAAI,CAAC,2BAA2B,OAAO,IAAI,GAAG,CAAC,CAAC;QAC1F,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,MAAM,CAAC,CAAU,EAAE,IAAY,EAAE,GAAY;IACpD,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,GAAG,CAAC;IAChC,IAAI,OAAO,CAAC,KAAK,SAAS,EAAE,CAAC;QAC3B,MAAM,IAAI,eAAe,CAAC,UAAU,IAAI,2BAA2B,OAAO,CAAC,GAAG,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,aAAa,CAAC,CAAU;IAC/B,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,EAAE,CAAC;IAC/B,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;QAC1B,MAAM,IAAI,eAAe,CACvB,kFAAkF,OAAO,CAAC,EAAE,CAC7F,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,eAAe,CACvB,8DAA8D,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CACnF,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;AACnB,CAAC"}

package/dist/src/policy/template.d.ts

@@ -0,0 +1,10 @@
+/**
+ * TOML template strings written by `sigil portal add`. Hand-written rather
+ * than serialized so we can include explanatory comments — TOML serializers
+ * generally strip those.
+ */
+export declare const PERMISSIVE_TEMPLATE = "# sigil policy file \u2014 permissive mode (default)\n#\n# This portal will sign anything the agent asks for. Your private key is\n# still encrypted at rest and never enters Claude's context, but signing\n# authority is unbounded.\n#\n# To restrict what this portal can sign, run:\n#\n#   sigil portal remove <handle>\n#   sigil portal add <handle> --key-file <path> --strict\n#\n# ...and edit the resulting policy file. Or just change \"permissive\" below\n# to \"strict\" and add the rules in the commented template at:\n# https://github.com/cdrn/sigil#policy-engine\n\nmode = \"permissive\"\n";
+export declare const STRICT_TEMPLATE = "# sigil policy file \u2014 strict mode\n#\n# Every sign request is checked against the rules below before the key is\n# used. Edit the values to fit your portal. Anything you leave at the\n# default-zero/empty state will deny.\n\nmode = \"strict\"\n\n# Allowed chain IDs (decimal). At least one is required.\n#   1 = ethereum mainnet\n#   8453 = base\n#   42161 = arbitrum one\n#   10 = optimism\n#   11155111 = sepolia testnet\nchain_ids = [1]\n\n# Allowed destination addresses (lowercase 0x-prefixed). Empty = no tx allowed.\n# Example:\n#   allow_to = [\"0x000000000000000000000000000000000000dead\"]\nallow_to = []\n\n# Per-tx value cap in wei. Default 0 = no ETH sends allowed at all.\n# 0.1 ether = \"100000000000000000\"\n# 1 ether   = \"1000000000000000000\"\n# Quoted because uint256 doesn't fit in a TOML integer.\nmax_value_wei = \"0\"\n\n# 4-byte function selectors that are callable. Empty = pure ETH sends only.\n# Common selectors:\n#   \"0xa9059cbb\"  ERC-20 transfer(address,uint256)\n#   \"0x095ea7b3\"  ERC-20 approve(address,uint256)\n#   \"0x23b872dd\"  ERC-20 transferFrom(address,address,uint256)\nallowed_selectors = []\n\n# EIP-191 personal_sign \u2014 typically safe (used by Sign-In With Ethereum and\n# similar login flows). Set true to permit.\nallow_message_signing = false\n\n# EIP-712 typed data \u2014 CAN authorize off-chain financial actions (Permit,\n# OpenSea orders, gasless approvals). Treat with the same care as signing\n# transactions. Set true to permit.\nallow_typed_data = false\n";
+export type PolicyMode = 'permissive' | 'strict';
+export declare function policyTemplate(mode: PolicyMode): string;
+//# sourceMappingURL=template.d.ts.map

package/dist/src/policy/template.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"template.d.ts","sourceRoot":"","sources":["../../../src/policy/template.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,eAAO,MAAM,mBAAmB,wlBAgB/B,CAAC;AAEF,eAAO,MAAM,eAAe,2/CA0C3B,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG,YAAY,GAAG,QAAQ,CAAC;AAEjD,wBAAgB,cAAc,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM,CAEvD"}

package/dist/src/policy/template.js

@@ -0,0 +1,69 @@
+/**
+ * TOML template strings written by `sigil portal add`. Hand-written rather
+ * than serialized so we can include explanatory comments — TOML serializers
+ * generally strip those.
+ */
+export const PERMISSIVE_TEMPLATE = `# sigil policy file — permissive mode (default)
+#
+# This portal will sign anything the agent asks for. Your private key is
+# still encrypted at rest and never enters Claude's context, but signing
+# authority is unbounded.
+#
+# To restrict what this portal can sign, run:
+#
+#   sigil portal remove <handle>
+#   sigil portal add <handle> --key-file <path> --strict
+#
+# ...and edit the resulting policy file. Or just change "permissive" below
+# to "strict" and add the rules in the commented template at:
+# https://github.com/cdrn/sigil#policy-engine
+
+mode = "permissive"
+`;
+export const STRICT_TEMPLATE = `# sigil policy file — strict mode
+#
+# Every sign request is checked against the rules below before the key is
+# used. Edit the values to fit your portal. Anything you leave at the
+# default-zero/empty state will deny.
+
+mode = "strict"
+
+# Allowed chain IDs (decimal). At least one is required.
+#   1 = ethereum mainnet
+#   8453 = base
+#   42161 = arbitrum one
+#   10 = optimism
+#   11155111 = sepolia testnet
+chain_ids = [1]
+
+# Allowed destination addresses (lowercase 0x-prefixed). Empty = no tx allowed.
+# Example:
+#   allow_to = ["0x000000000000000000000000000000000000dead"]
+allow_to = []
+
+# Per-tx value cap in wei. Default 0 = no ETH sends allowed at all.
+# 0.1 ether = "100000000000000000"
+# 1 ether   = "1000000000000000000"
+# Quoted because uint256 doesn't fit in a TOML integer.
+max_value_wei = "0"
+
+# 4-byte function selectors that are callable. Empty = pure ETH sends only.
+# Common selectors:
+#   "0xa9059cbb"  ERC-20 transfer(address,uint256)
+#   "0x095ea7b3"  ERC-20 approve(address,uint256)
+#   "0x23b872dd"  ERC-20 transferFrom(address,address,uint256)
+allowed_selectors = []
+
+# EIP-191 personal_sign — typically safe (used by Sign-In With Ethereum and
+# similar login flows). Set true to permit.
+allow_message_signing = false
+
+# EIP-712 typed data — CAN authorize off-chain financial actions (Permit,
+# OpenSea orders, gasless approvals). Treat with the same care as signing
+# transactions. Set true to permit.
+allow_typed_data = false
+`;
+export function policyTemplate(mode) {
+    return mode === 'permissive' ? PERMISSIVE_TEMPLATE : STRICT_TEMPLATE;
+}
+//# sourceMappingURL=template.js.map

package/dist/src/policy/template.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"template.js","sourceRoot":"","sources":["../../../src/policy/template.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG;;;;;;;;;;;;;;;;CAgBlC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA0C9B,CAAC;AAIF,MAAM,UAAU,cAAc,CAAC,IAAgB;IAC7C,OAAO,IAAI,KAAK,YAAY,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,eAAe,CAAC;AACvE,CAAC"}

package/dist/src/policy/types.d.ts

@@ -0,0 +1,62 @@
+import type { SignableTx, TypedData } from '../eth/index.js';
+/**
+ * A loaded + validated per-portal policy.
+ *
+ * Stored on disk at ~/.sigil/policy/<handle>.toml; loaded once per sign call
+ * (cheap — file is small, sign calls are human-paced).
+ *
+ * Two modes:
+ *   - "permissive": evaluator returns Allow for everything. The other fields
+ *     are ignored. This is the default written by `sigil portal add`; the
+ *     user is opting into key isolation without any signing constraints.
+ *   - "strict": every field below is enforced. `sigil portal add --strict`
+ *     writes a template with conservative defaults the user fills in.
+ *
+ * `max_value_wei` is a string in the TOML and is parsed to bigint at load
+ * time — uint256 doesn't fit in TOML's int64.
+ */
+export interface Policy {
+    mode: 'permissive' | 'strict';
+    chainIds: readonly number[];
+    /** Lowercase 0x-prefixed addresses, normalized at load time. */
+    allowTo: readonly string[];
+    /** Per-tx value cap, in wei. 0n means "no value sends allowed at all". */
+    maxValueWei: bigint;
+    /** 4-byte function selectors, lowercase 0x-prefixed, normalized at load time. */
+    allowedSelectors: readonly string[];
+    allowMessageSigning: boolean;
+    allowTypedData: boolean;
+}
+/** What the evaluator gets asked about. */
+export type PolicyRequest = {
+    kind: 'transaction';
+    tx: SignableTx;
+} | {
+    kind: 'message';
+    messageBytes: Buffer;
+} | {
+    kind: 'typed_data';
+    typedData: TypedData;
+};
+/** Evaluator output. Reason is human-readable + audit-loggable on Deny. */
+export type PolicyDecision = {
+    allow: true;
+} | {
+    allow: false;
+    reason: string;
+};
+/**
+ * Resolves a portal handle to its current policy. Wrapped in an interface so
+ * tests can inject a constant policy without going through the filesystem.
+ *
+ * Throws PolicyLoadError if the file is missing or malformed. Sign methods
+ * treat any throw as a hard Deny + audit it.
+ */
+export interface PolicyResolver {
+    resolve(handle: string): Policy;
+}
+export declare class PolicyLoadError extends Error {
+    readonly cause?: unknown;
+    constructor(message: string, cause?: unknown);
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/src/policy/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/policy/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE7D;;;;;;;;;;;;;;;GAeG;AACH,MAAM,WAAW,MAAM;IACrB,IAAI,EAAE,YAAY,GAAG,QAAQ,CAAC;IAC9B,QAAQ,EAAE,SAAS,MAAM,EAAE,CAAC;IAC5B,gEAAgE;IAChE,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,0EAA0E;IAC1E,WAAW,EAAE,MAAM,CAAC;IACpB,iFAAiF;IACjF,gBAAgB,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC,mBAAmB,EAAE,OAAO,CAAC;IAC7B,cAAc,EAAE,OAAO,CAAC;CACzB;AAED,2CAA2C;AAC3C,MAAM,MAAM,aAAa,GACrB;IAAE,IAAI,EAAE,aAAa,CAAC;IAAC,EAAE,EAAE,UAAU,CAAA;CAAE,GACvC;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,GACzC;IAAE,IAAI,EAAE,YAAY,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC;AAEjD,2EAA2E;AAC3E,MAAM,MAAM,cAAc,GACtB;IAAE,KAAK,EAAE,IAAI,CAAA;CAAE,GACf;IAAE,KAAK,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAErC;;;;;;GAMG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;CACjC;AAED,qBAAa,eAAgB,SAAQ,KAAK;IACxC,SAAkB,KAAK,CAAC,EAAE,OAAO,CAAC;gBACtB,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO;CAK7C"}

package/dist/src/policy/types.js

@@ -0,0 +1,10 @@
+export class PolicyLoadError extends Error {
+    cause;
+    constructor(message, cause) {
+        super(message);
+        this.name = 'PolicyLoadError';
+        if (cause !== undefined)
+            this.cause = cause;
+    }
+}
+//# sourceMappingURL=types.js.map

package/dist/src/policy/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/policy/types.ts"],"names":[],"mappings":"AAqDA,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACtB,KAAK,CAAW;IAClC,YAAY,OAAe,EAAE,KAAe;QAC1C,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;QAC9B,IAAI,KAAK,KAAK,SAAS;YAAE,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IAC9C,CAAC;CACF"}

package/package.json

@@ -1,7 +1,8 @@
 {
   "name": "sigild",
-  "version": "0.0.1",
-  "description": "Claude can sign, but never see. Local signing daemon that keeps private keys out of LLM context.",
+  "version": "0.0.3",
+  "mcpName": "io.github.cdrn/sigil",
+  "description": "Claude can sign, but never see. MCP server + CLI that keeps private keys out of the LLM's context window.",
   "license": "Apache-2.0",
   "author": "Chris Doran",
   "homepage": "https://github.com/cdrn/sigil#readme",
@@ -30,7 +31,11 @@
   ],
   "type": "module",
   "bin": {
-    "sigild": "dist/src/bin/sigild.js"
+    "sigil": "dist/src/bin/sigil.js",
+    "sigil-mcp": "dist/src/bin/sigil-mcp.js",
+    "sigild": "dist/src/bin/sigil-mcp.js",
+    "sigil-hook-pre": "dist/src/bin/sigil-hook-pre.js",
+    "sigil-hook-post": "dist/src/bin/sigil-hook-post.js"
   },
   "files": [
     "dist/src/**/*",
@@ -48,6 +53,7 @@
     "test:watch": "node --watch --test 'dist/test/**/*.test.js'"
   },
   "dependencies": {
+    "@iarna/toml": "2.2.5",
     "@noble/ciphers": "1.3.0",
     "@noble/hashes": "1.8.0",
     "@noble/secp256k1": "3.1.0"

package/dist/src/bin/sigild.d.ts

@@ -1,3 +0,0 @@
-#!/usr/bin/env node
-export {};
-//# sourceMappingURL=sigild.d.ts.map

package/dist/src/bin/sigild.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"sigild.d.ts","sourceRoot":"","sources":["../../../src/bin/sigild.ts"],"names":[],"mappings":""}

package/dist/src/bin/sigild.js

@@ -1,30 +0,0 @@
-#!/usr/bin/env node
-import { homedir } from 'node:os';
-import { join } from 'node:path';
-import { readPassphrase } from '../daemon/passphrase.js';
-import { runDaemon } from '../daemon/runtime.js';
-const sigilHome = process.env['SIGIL_HOME'] ?? join(homedir(), '.sigil');
-let shutting = false;
-async function main() {
-    const handle = await runDaemon({
-        sigilHome,
-        passphrase: () => readPassphrase('sigil passphrase: '),
-        onLog: (e) => process.stderr.write(JSON.stringify(e) + '\n'),
-    });
-    process.stderr.write(`sigild ready: ${handle.portals} portal(s) loaded, listening on ${handle.socketPath}\n`);
-    const shutdown = async (signal) => {
-        if (shutting)
-            return;
-        shutting = true;
-        process.stderr.write(`sigild: ${signal} received, shutting down\n`);
-        await handle.shutdown();
-        process.exit(0);
-    };
-    process.on('SIGINT', () => { void shutdown('SIGINT'); });
-    process.on('SIGTERM', () => { void shutdown('SIGTERM'); });
-}
-main().catch((err) => {
-    process.stderr.write(`sigild: ${err.message}\n`);
-    process.exit(1);
-});
-//# sourceMappingURL=sigild.js.map

package/dist/src/bin/sigild.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"sigild.js","sourceRoot":"","sources":["../../../src/bin/sigild.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAEjD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,CAAC;AAEzE,IAAI,QAAQ,GAAG,KAAK,CAAC;AAErB,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC;QAC7B,SAAS;QACT,UAAU,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,oBAAoB,CAAC;QACtD,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KAC7D,CAAC,CAAC;IAEH,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,iBAAiB,MAAM,CAAC,OAAO,mCAAmC,MAAM,CAAC,UAAU,IAAI,CACxF,CAAC;IAEF,MAAM,QAAQ,GAAG,KAAK,EAAE,MAAc,EAAiB,EAAE;QACvD,IAAI,QAAQ;YAAE,OAAO;QACrB,QAAQ,GAAG,IAAI,CAAC;QAChB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,MAAM,4BAA4B,CAAC,CAAC;QACpE,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;QACxB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,GAAG,KAAK,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,KAAK,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAU,EAAE,EAAE;IAC1B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,GAAG,CAAC,OAAO,IAAI,CAAC,CAAC;IACjD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/src/daemon/rpc.d.ts

@@ -1,61 +0,0 @@
-/**
- * JSON-RPC 2.0 over newline-delimited JSON (NDJSON).
- * Pure functions only — no IO. The server in server.ts wires this onto sockets.
- *
- * We use the strict JSON-RPC 2.0 envelope: every request has `jsonrpc: "2.0"`,
- * a method, and either an id (for requests expecting a response) or no id (for
- * notifications, which sigil currently rejects since every sign decision needs
- * to round-trip through the audit log).
- */
-export declare const RPC_VERSION = "2.0";
-export type RpcId = string | number | null;
-export interface RpcRequest {
-    jsonrpc: '2.0';
-    id: RpcId;
-    method: string;
-    params: unknown;
-}
-export interface RpcSuccess {
-    jsonrpc: '2.0';
-    id: RpcId;
-    result: unknown;
-}
-export interface RpcErrorObject {
-    code: number;
-    message: string;
-    data?: unknown;
-}
-export interface RpcError {
-    jsonrpc: '2.0';
-    id: RpcId;
-    error: RpcErrorObject;
-}
-export type RpcResponse = RpcSuccess | RpcError;
-export declare const RPC_PARSE_ERROR = -32700;
-export declare const RPC_INVALID_REQUEST = -32600;
-export declare const RPC_METHOD_NOT_FOUND = -32601;
-export declare const RPC_INVALID_PARAMS = -32602;
-export declare const RPC_INTERNAL_ERROR = -32603;
-export declare const RPC_PORTAL_NOT_FOUND = -32000;
-export declare const RPC_POLICY_DENIED = -32001;
-export declare const RPC_INVALID_PAYLOAD = -32002;
-export type ParseResult = {
-    kind: 'request';
-    request: RpcRequest;
-} | {
-    kind: 'parse_error';
-} | {
-    kind: 'invalid';
-    id: RpcId;
-    reason: string;
-};
-/**
- * Parse a single NDJSON line into a JSON-RPC request.
- * Returns either a valid request, a parse_error (if the line is not JSON), or
- * an invalid envelope along with the id that should be echoed in the error
- * response (which is null if the id couldn't be extracted).
- */
-export declare function parseRequest(line: string): ParseResult;
-export declare function encodeResponse(id: RpcId, result: unknown): string;
-export declare function encodeError(id: RpcId, code: number, message: string, data?: unknown): string;
-//# sourceMappingURL=rpc.d.ts.map

package/dist/src/daemon/rpc.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"rpc.d.ts","sourceRoot":"","sources":["../../../src/daemon/rpc.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,eAAO,MAAM,WAAW,QAAQ,CAAC;AAEjC,MAAM,MAAM,KAAK,GAAG,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;AAE3C,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,KAAK,CAAC;IACf,EAAE,EAAE,KAAK,CAAC;IACV,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,KAAK,CAAC;IACf,EAAE,EAAE,KAAK,CAAC;IACV,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,QAAQ;IACvB,OAAO,EAAE,KAAK,CAAC;IACf,EAAE,EAAE,KAAK,CAAC;IACV,KAAK,EAAE,cAAc,CAAC;CACvB;AAED,MAAM,MAAM,WAAW,GAAG,UAAU,GAAG,QAAQ,CAAC;AAGhD,eAAO,MAAM,eAAe,SAAS,CAAC;AACtC,eAAO,MAAM,mBAAmB,SAAS,CAAC;AAC1C,eAAO,MAAM,oBAAoB,SAAS,CAAC;AAC3C,eAAO,MAAM,kBAAkB,SAAS,CAAC;AACzC,eAAO,MAAM,kBAAkB,SAAS,CAAC;AAGzC,eAAO,MAAM,oBAAoB,SAAS,CAAC;AAC3C,eAAO,MAAM,iBAAiB,SAAS,CAAC;AACxC,eAAO,MAAM,mBAAmB,SAAS,CAAC;AAE1C,MAAM,MAAM,WAAW,GACnB;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,GACxC;IAAE,IAAI,EAAE,aAAa,CAAA;CAAE,GACvB;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,EAAE,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAEnD;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,CAuCtD;AAED,wBAAgB,cAAc,CAAC,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,GAAG,MAAM,CAGjE;AAED,wBAAgB,WAAW,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,MAAM,CAI5F"}