tether-name 2.0.0 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +81 -3
- package/dist/index.d.mts +92 -2
- package/dist/index.d.ts +92 -2
- package/dist/index.js +154 -2
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +154 -2
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -147,7 +147,7 @@ Create and manage agents programmatically with an API key:
|
|
|
147
147
|
const client = new TetherClient({ apiKey: 'sk-tether-name-...' });
|
|
148
148
|
|
|
149
149
|
// Create an agent
|
|
150
|
-
const agent = await client.createAgent('my-bot', 'Does helpful things');
|
|
150
|
+
const agent = await client.createAgent('my-bot', 'Does helpful things', 'verified-domain-id');
|
|
151
151
|
console.log(agent.id); // "abc123"
|
|
152
152
|
console.log(agent.agentName); // "my-bot"
|
|
153
153
|
console.log(agent.registrationToken); // Use to register the agent
|
|
@@ -155,8 +155,28 @@ console.log(agent.registrationToken); // Use to register the agent
|
|
|
155
155
|
// List all agents
|
|
156
156
|
const agents = await client.listAgents();
|
|
157
157
|
|
|
158
|
+
// List registered domains
|
|
159
|
+
const domains = await client.listDomains();
|
|
160
|
+
|
|
158
161
|
// Delete an agent
|
|
159
162
|
await client.deleteAgent(agent.id);
|
|
163
|
+
|
|
164
|
+
// List key lifecycle entries for an agent
|
|
165
|
+
const keys = await client.listAgentKeys(agent.id);
|
|
166
|
+
|
|
167
|
+
// Rotate key (requires step-up via email code OR challenge+proof)
|
|
168
|
+
const rotated = await client.rotateAgentKey(agent.id, {
|
|
169
|
+
publicKey: 'BASE64_SPKI_PUBLIC_KEY',
|
|
170
|
+
gracePeriodHours: 24,
|
|
171
|
+
reason: 'routine_rotation',
|
|
172
|
+
stepUpCode: '123456',
|
|
173
|
+
});
|
|
174
|
+
|
|
175
|
+
// Revoke a key
|
|
176
|
+
const revoked = await client.revokeAgentKey(agent.id, rotated.newKeyId, {
|
|
177
|
+
reason: 'compromised',
|
|
178
|
+
stepUpCode: '654321',
|
|
179
|
+
});
|
|
160
180
|
```
|
|
161
181
|
|
|
162
182
|
## Environment Variables
|
|
@@ -205,18 +225,34 @@ Signs a challenge using the configured private key.
|
|
|
205
225
|
|
|
206
226
|
Submits signed proof to verify the challenge.
|
|
207
227
|
|
|
208
|
-
#### `async createAgent(agentName: string, description?: string): Promise<Agent>`
|
|
228
|
+
#### `async createAgent(agentName: string, description?: string, domainId?: string): Promise<Agent>`
|
|
209
229
|
|
|
210
|
-
Creates a new agent. Requires API key authentication.
|
|
230
|
+
Creates a new agent. Requires API key authentication. `domainId` is optional and links this agent to a verified domain.
|
|
211
231
|
|
|
212
232
|
#### `async listAgents(): Promise<Agent[]>`
|
|
213
233
|
|
|
214
234
|
Lists all agents for the authenticated account. Requires API key authentication.
|
|
215
235
|
|
|
236
|
+
#### `async listDomains(): Promise<Domain[]>`
|
|
237
|
+
|
|
238
|
+
Lists all registered domains for the authenticated account. Requires API key authentication.
|
|
239
|
+
|
|
216
240
|
#### `async deleteAgent(agentId: string): Promise<boolean>`
|
|
217
241
|
|
|
218
242
|
Deletes an agent by ID. Requires API key authentication. Returns `true` on success.
|
|
219
243
|
|
|
244
|
+
#### `async listAgentKeys(agentId: string): Promise<AgentKey[]>`
|
|
245
|
+
|
|
246
|
+
Lists key lifecycle entries (`active`, `grace`, `revoked`) for an agent. Requires API key authentication.
|
|
247
|
+
|
|
248
|
+
#### `async rotateAgentKey(agentId: string, request: RotateAgentKeyRequest): Promise<RotateAgentKeyResponse>`
|
|
249
|
+
|
|
250
|
+
Rotates an agent key. Requires API key authentication plus step-up verification via either `stepUpCode` or `challenge` + `proof`.
|
|
251
|
+
|
|
252
|
+
#### `async revokeAgentKey(agentId: string, keyId: string, request?: RevokeAgentKeyRequest): Promise<RevokeAgentKeyResponse>`
|
|
253
|
+
|
|
254
|
+
Revokes an agent key. Requires API key authentication plus step-up verification via either `stepUpCode` or `challenge` + `proof`.
|
|
255
|
+
|
|
220
256
|
### Types
|
|
221
257
|
|
|
222
258
|
```typescript
|
|
@@ -225,6 +261,7 @@ interface VerificationResult {
|
|
|
225
261
|
agentName?: string; // Registered agent name
|
|
226
262
|
verifyUrl?: string; // Public verification URL
|
|
227
263
|
email?: string; // Registered email
|
|
264
|
+
domain?: string; // Verified domain (if assigned)
|
|
228
265
|
registeredSince?: string; // ISO date of registration
|
|
229
266
|
error?: string; // Error message if failed
|
|
230
267
|
challenge?: string; // The verified challenge
|
|
@@ -236,12 +273,53 @@ interface Agent {
|
|
|
236
273
|
id: string; // Unique agent ID
|
|
237
274
|
agentName: string; // Agent display name
|
|
238
275
|
description: string; // Agent description
|
|
276
|
+
domainId?: string; // Optional assigned domain ID
|
|
277
|
+
domain?: string | null; // Resolved assigned domain name
|
|
239
278
|
createdAt: number; // Creation time (epoch ms)
|
|
240
279
|
registrationToken?: string; // Token for key registration (returned on create)
|
|
241
280
|
lastVerifiedAt?: number; // Last verification time (epoch ms)
|
|
242
281
|
}
|
|
243
282
|
```
|
|
244
283
|
|
|
284
|
+
```typescript
|
|
285
|
+
interface Domain {
|
|
286
|
+
id: string;
|
|
287
|
+
domain: string;
|
|
288
|
+
verified: boolean;
|
|
289
|
+
verifiedAt: number;
|
|
290
|
+
lastCheckedAt: number;
|
|
291
|
+
createdAt: number;
|
|
292
|
+
}
|
|
293
|
+
```
|
|
294
|
+
|
|
295
|
+
```typescript
|
|
296
|
+
interface AgentKey {
|
|
297
|
+
id: string;
|
|
298
|
+
status: 'active' | 'grace' | 'revoked';
|
|
299
|
+
createdAt: number;
|
|
300
|
+
activatedAt: number;
|
|
301
|
+
graceUntil: number;
|
|
302
|
+
revokedAt: number;
|
|
303
|
+
revokedReason: string;
|
|
304
|
+
}
|
|
305
|
+
|
|
306
|
+
interface RotateAgentKeyRequest {
|
|
307
|
+
publicKey: string;
|
|
308
|
+
gracePeriodHours?: number;
|
|
309
|
+
reason?: string;
|
|
310
|
+
stepUpCode?: string;
|
|
311
|
+
challenge?: string;
|
|
312
|
+
proof?: string;
|
|
313
|
+
}
|
|
314
|
+
|
|
315
|
+
interface RevokeAgentKeyRequest {
|
|
316
|
+
reason?: string;
|
|
317
|
+
stepUpCode?: string;
|
|
318
|
+
challenge?: string;
|
|
319
|
+
proof?: string;
|
|
320
|
+
}
|
|
321
|
+
```
|
|
322
|
+
|
|
245
323
|
### Errors
|
|
246
324
|
|
|
247
325
|
- `TetherError` - Base error class
|
package/dist/index.d.mts
CHANGED
|
@@ -37,6 +37,7 @@ interface VerificationResponse {
|
|
|
37
37
|
verifyUrl?: string;
|
|
38
38
|
agentName?: string;
|
|
39
39
|
email?: string;
|
|
40
|
+
domain?: string;
|
|
40
41
|
/** Raw API value (epoch ms from service; older services may return ISO strings) */
|
|
41
42
|
registeredSince?: number | string;
|
|
42
43
|
error?: string;
|
|
@@ -53,6 +54,8 @@ interface VerificationResult {
|
|
|
53
54
|
verifyUrl?: string;
|
|
54
55
|
/** The agent's registered email */
|
|
55
56
|
email?: string;
|
|
57
|
+
/** Verified domain (if this agent has a domain assigned) */
|
|
58
|
+
domain?: string;
|
|
56
59
|
/** ISO date string of when the agent was registered */
|
|
57
60
|
registeredSince?: string;
|
|
58
61
|
/** Error message if verification failed */
|
|
@@ -71,10 +74,23 @@ interface Agent {
|
|
|
71
74
|
id: string;
|
|
72
75
|
agentName: string;
|
|
73
76
|
description: string;
|
|
77
|
+
domainId?: string;
|
|
78
|
+
domain?: string | null;
|
|
74
79
|
createdAt: number;
|
|
75
80
|
registrationToken?: string;
|
|
76
81
|
lastVerifiedAt?: number;
|
|
77
82
|
}
|
|
83
|
+
/**
|
|
84
|
+
* A domain registered to the authenticated account
|
|
85
|
+
*/
|
|
86
|
+
interface Domain {
|
|
87
|
+
id: string;
|
|
88
|
+
domain: string;
|
|
89
|
+
verified: boolean;
|
|
90
|
+
verifiedAt: number;
|
|
91
|
+
lastCheckedAt: number;
|
|
92
|
+
createdAt: number;
|
|
93
|
+
}
|
|
78
94
|
/**
|
|
79
95
|
* Response from the issue agent endpoint
|
|
80
96
|
*/
|
|
@@ -82,9 +98,67 @@ interface IssueAgentResponse {
|
|
|
82
98
|
id: string;
|
|
83
99
|
agentName: string;
|
|
84
100
|
description: string;
|
|
101
|
+
domainId?: string;
|
|
85
102
|
createdAt: number;
|
|
86
103
|
registrationToken: string;
|
|
87
104
|
}
|
|
105
|
+
/**
|
|
106
|
+
* Agent key lifecycle entry
|
|
107
|
+
*/
|
|
108
|
+
interface AgentKey {
|
|
109
|
+
id: string;
|
|
110
|
+
status: 'active' | 'grace' | 'revoked';
|
|
111
|
+
createdAt: number;
|
|
112
|
+
activatedAt: number;
|
|
113
|
+
graceUntil: number;
|
|
114
|
+
revokedAt: number;
|
|
115
|
+
revokedReason: string;
|
|
116
|
+
}
|
|
117
|
+
/**
|
|
118
|
+
* Step-up authentication inputs for sensitive key operations
|
|
119
|
+
*/
|
|
120
|
+
interface StepUpAuthInput {
|
|
121
|
+
/** Optional email step-up code */
|
|
122
|
+
stepUpCode?: string;
|
|
123
|
+
/** Optional challenge code for key-proof step-up */
|
|
124
|
+
challenge?: string;
|
|
125
|
+
/** Optional signature for key-proof step-up */
|
|
126
|
+
proof?: string;
|
|
127
|
+
}
|
|
128
|
+
/**
|
|
129
|
+
* Rotate key request options
|
|
130
|
+
*/
|
|
131
|
+
interface RotateAgentKeyRequest extends StepUpAuthInput {
|
|
132
|
+
publicKey: string;
|
|
133
|
+
gracePeriodHours?: number;
|
|
134
|
+
reason?: string;
|
|
135
|
+
}
|
|
136
|
+
/**
|
|
137
|
+
* Rotate key API response
|
|
138
|
+
*/
|
|
139
|
+
interface RotateAgentKeyResponse {
|
|
140
|
+
agentId: string;
|
|
141
|
+
previousKeyId?: string | null;
|
|
142
|
+
newKeyId: string;
|
|
143
|
+
graceUntil: number;
|
|
144
|
+
message: string;
|
|
145
|
+
}
|
|
146
|
+
/**
|
|
147
|
+
* Revoke key request options
|
|
148
|
+
*/
|
|
149
|
+
interface RevokeAgentKeyRequest extends StepUpAuthInput {
|
|
150
|
+
reason?: string;
|
|
151
|
+
}
|
|
152
|
+
/**
|
|
153
|
+
* Revoke key API response
|
|
154
|
+
*/
|
|
155
|
+
interface RevokeAgentKeyResponse {
|
|
156
|
+
agentId: string;
|
|
157
|
+
keyId: string;
|
|
158
|
+
revoked: boolean;
|
|
159
|
+
promotedKeyId?: string | null;
|
|
160
|
+
message: string;
|
|
161
|
+
}
|
|
88
162
|
|
|
89
163
|
/**
|
|
90
164
|
* TetherClient - Official SDK for tether.name agent identity verification
|
|
@@ -130,15 +204,31 @@ declare class TetherClient {
|
|
|
130
204
|
/**
|
|
131
205
|
* Create a new agent
|
|
132
206
|
*/
|
|
133
|
-
createAgent(agentName: string, description?: string): Promise<Agent>;
|
|
207
|
+
createAgent(agentName: string, description?: string, domainId?: string): Promise<Agent>;
|
|
134
208
|
/**
|
|
135
209
|
* List all agents
|
|
136
210
|
*/
|
|
137
211
|
listAgents(): Promise<Agent[]>;
|
|
212
|
+
/**
|
|
213
|
+
* List all registered domains
|
|
214
|
+
*/
|
|
215
|
+
listDomains(): Promise<Domain[]>;
|
|
138
216
|
/**
|
|
139
217
|
* Delete an agent by ID
|
|
140
218
|
*/
|
|
141
219
|
deleteAgent(agentId: string): Promise<boolean>;
|
|
220
|
+
/**
|
|
221
|
+
* List key lifecycle entries for an agent.
|
|
222
|
+
*/
|
|
223
|
+
listAgentKeys(agentId: string): Promise<AgentKey[]>;
|
|
224
|
+
/**
|
|
225
|
+
* Rotate an agent key with optional step-up auth.
|
|
226
|
+
*/
|
|
227
|
+
rotateAgentKey(agentId: string, request: RotateAgentKeyRequest): Promise<RotateAgentKeyResponse>;
|
|
228
|
+
/**
|
|
229
|
+
* Revoke an agent key with optional step-up auth.
|
|
230
|
+
*/
|
|
231
|
+
revokeAgentKey(agentId: string, keyId: string, request?: RevokeAgentKeyRequest): Promise<RevokeAgentKeyResponse>;
|
|
142
232
|
}
|
|
143
233
|
|
|
144
234
|
/**
|
|
@@ -181,4 +271,4 @@ declare function signChallenge(privateKey: KeyObject, challenge: string): string
|
|
|
181
271
|
*/
|
|
182
272
|
declare function detectKeyFormat(keyPath: string): KeyFormat;
|
|
183
273
|
|
|
184
|
-
export { type Agent, type ChallengeResponse, type IssueAgentResponse, type KeyFormat, TetherAPIError, TetherClient, type TetherClientConfig, TetherError, TetherVerificationError, type VerificationRequest, type VerificationResponse, type VerificationResult, detectKeyFormat, loadPrivateKey, signChallenge };
|
|
274
|
+
export { type Agent, type AgentKey, type ChallengeResponse, type Domain, type IssueAgentResponse, type KeyFormat, type RevokeAgentKeyRequest, type RevokeAgentKeyResponse, type RotateAgentKeyRequest, type RotateAgentKeyResponse, type StepUpAuthInput, TetherAPIError, TetherClient, type TetherClientConfig, TetherError, TetherVerificationError, type VerificationRequest, type VerificationResponse, type VerificationResult, detectKeyFormat, loadPrivateKey, signChallenge };
|
package/dist/index.d.ts
CHANGED
|
@@ -37,6 +37,7 @@ interface VerificationResponse {
|
|
|
37
37
|
verifyUrl?: string;
|
|
38
38
|
agentName?: string;
|
|
39
39
|
email?: string;
|
|
40
|
+
domain?: string;
|
|
40
41
|
/** Raw API value (epoch ms from service; older services may return ISO strings) */
|
|
41
42
|
registeredSince?: number | string;
|
|
42
43
|
error?: string;
|
|
@@ -53,6 +54,8 @@ interface VerificationResult {
|
|
|
53
54
|
verifyUrl?: string;
|
|
54
55
|
/** The agent's registered email */
|
|
55
56
|
email?: string;
|
|
57
|
+
/** Verified domain (if this agent has a domain assigned) */
|
|
58
|
+
domain?: string;
|
|
56
59
|
/** ISO date string of when the agent was registered */
|
|
57
60
|
registeredSince?: string;
|
|
58
61
|
/** Error message if verification failed */
|
|
@@ -71,10 +74,23 @@ interface Agent {
|
|
|
71
74
|
id: string;
|
|
72
75
|
agentName: string;
|
|
73
76
|
description: string;
|
|
77
|
+
domainId?: string;
|
|
78
|
+
domain?: string | null;
|
|
74
79
|
createdAt: number;
|
|
75
80
|
registrationToken?: string;
|
|
76
81
|
lastVerifiedAt?: number;
|
|
77
82
|
}
|
|
83
|
+
/**
|
|
84
|
+
* A domain registered to the authenticated account
|
|
85
|
+
*/
|
|
86
|
+
interface Domain {
|
|
87
|
+
id: string;
|
|
88
|
+
domain: string;
|
|
89
|
+
verified: boolean;
|
|
90
|
+
verifiedAt: number;
|
|
91
|
+
lastCheckedAt: number;
|
|
92
|
+
createdAt: number;
|
|
93
|
+
}
|
|
78
94
|
/**
|
|
79
95
|
* Response from the issue agent endpoint
|
|
80
96
|
*/
|
|
@@ -82,9 +98,67 @@ interface IssueAgentResponse {
|
|
|
82
98
|
id: string;
|
|
83
99
|
agentName: string;
|
|
84
100
|
description: string;
|
|
101
|
+
domainId?: string;
|
|
85
102
|
createdAt: number;
|
|
86
103
|
registrationToken: string;
|
|
87
104
|
}
|
|
105
|
+
/**
|
|
106
|
+
* Agent key lifecycle entry
|
|
107
|
+
*/
|
|
108
|
+
interface AgentKey {
|
|
109
|
+
id: string;
|
|
110
|
+
status: 'active' | 'grace' | 'revoked';
|
|
111
|
+
createdAt: number;
|
|
112
|
+
activatedAt: number;
|
|
113
|
+
graceUntil: number;
|
|
114
|
+
revokedAt: number;
|
|
115
|
+
revokedReason: string;
|
|
116
|
+
}
|
|
117
|
+
/**
|
|
118
|
+
* Step-up authentication inputs for sensitive key operations
|
|
119
|
+
*/
|
|
120
|
+
interface StepUpAuthInput {
|
|
121
|
+
/** Optional email step-up code */
|
|
122
|
+
stepUpCode?: string;
|
|
123
|
+
/** Optional challenge code for key-proof step-up */
|
|
124
|
+
challenge?: string;
|
|
125
|
+
/** Optional signature for key-proof step-up */
|
|
126
|
+
proof?: string;
|
|
127
|
+
}
|
|
128
|
+
/**
|
|
129
|
+
* Rotate key request options
|
|
130
|
+
*/
|
|
131
|
+
interface RotateAgentKeyRequest extends StepUpAuthInput {
|
|
132
|
+
publicKey: string;
|
|
133
|
+
gracePeriodHours?: number;
|
|
134
|
+
reason?: string;
|
|
135
|
+
}
|
|
136
|
+
/**
|
|
137
|
+
* Rotate key API response
|
|
138
|
+
*/
|
|
139
|
+
interface RotateAgentKeyResponse {
|
|
140
|
+
agentId: string;
|
|
141
|
+
previousKeyId?: string | null;
|
|
142
|
+
newKeyId: string;
|
|
143
|
+
graceUntil: number;
|
|
144
|
+
message: string;
|
|
145
|
+
}
|
|
146
|
+
/**
|
|
147
|
+
* Revoke key request options
|
|
148
|
+
*/
|
|
149
|
+
interface RevokeAgentKeyRequest extends StepUpAuthInput {
|
|
150
|
+
reason?: string;
|
|
151
|
+
}
|
|
152
|
+
/**
|
|
153
|
+
* Revoke key API response
|
|
154
|
+
*/
|
|
155
|
+
interface RevokeAgentKeyResponse {
|
|
156
|
+
agentId: string;
|
|
157
|
+
keyId: string;
|
|
158
|
+
revoked: boolean;
|
|
159
|
+
promotedKeyId?: string | null;
|
|
160
|
+
message: string;
|
|
161
|
+
}
|
|
88
162
|
|
|
89
163
|
/**
|
|
90
164
|
* TetherClient - Official SDK for tether.name agent identity verification
|
|
@@ -130,15 +204,31 @@ declare class TetherClient {
|
|
|
130
204
|
/**
|
|
131
205
|
* Create a new agent
|
|
132
206
|
*/
|
|
133
|
-
createAgent(agentName: string, description?: string): Promise<Agent>;
|
|
207
|
+
createAgent(agentName: string, description?: string, domainId?: string): Promise<Agent>;
|
|
134
208
|
/**
|
|
135
209
|
* List all agents
|
|
136
210
|
*/
|
|
137
211
|
listAgents(): Promise<Agent[]>;
|
|
212
|
+
/**
|
|
213
|
+
* List all registered domains
|
|
214
|
+
*/
|
|
215
|
+
listDomains(): Promise<Domain[]>;
|
|
138
216
|
/**
|
|
139
217
|
* Delete an agent by ID
|
|
140
218
|
*/
|
|
141
219
|
deleteAgent(agentId: string): Promise<boolean>;
|
|
220
|
+
/**
|
|
221
|
+
* List key lifecycle entries for an agent.
|
|
222
|
+
*/
|
|
223
|
+
listAgentKeys(agentId: string): Promise<AgentKey[]>;
|
|
224
|
+
/**
|
|
225
|
+
* Rotate an agent key with optional step-up auth.
|
|
226
|
+
*/
|
|
227
|
+
rotateAgentKey(agentId: string, request: RotateAgentKeyRequest): Promise<RotateAgentKeyResponse>;
|
|
228
|
+
/**
|
|
229
|
+
* Revoke an agent key with optional step-up auth.
|
|
230
|
+
*/
|
|
231
|
+
revokeAgentKey(agentId: string, keyId: string, request?: RevokeAgentKeyRequest): Promise<RevokeAgentKeyResponse>;
|
|
142
232
|
}
|
|
143
233
|
|
|
144
234
|
/**
|
|
@@ -181,4 +271,4 @@ declare function signChallenge(privateKey: KeyObject, challenge: string): string
|
|
|
181
271
|
*/
|
|
182
272
|
declare function detectKeyFormat(keyPath: string): KeyFormat;
|
|
183
273
|
|
|
184
|
-
export { type Agent, type ChallengeResponse, type IssueAgentResponse, type KeyFormat, TetherAPIError, TetherClient, type TetherClientConfig, TetherError, TetherVerificationError, type VerificationRequest, type VerificationResponse, type VerificationResult, detectKeyFormat, loadPrivateKey, signChallenge };
|
|
274
|
+
export { type Agent, type AgentKey, type ChallengeResponse, type Domain, type IssueAgentResponse, type KeyFormat, type RevokeAgentKeyRequest, type RevokeAgentKeyResponse, type RotateAgentKeyRequest, type RotateAgentKeyResponse, type StepUpAuthInput, TetherAPIError, TetherClient, type TetherClientConfig, TetherError, TetherVerificationError, type VerificationRequest, type VerificationResponse, type VerificationResult, detectKeyFormat, loadPrivateKey, signChallenge };
|
package/dist/index.js
CHANGED
|
@@ -274,6 +274,7 @@ var TetherClient = class {
|
|
|
274
274
|
agentName: data.agentName,
|
|
275
275
|
verifyUrl: data.verifyUrl,
|
|
276
276
|
email: data.email,
|
|
277
|
+
domain: data.domain,
|
|
277
278
|
registeredSince,
|
|
278
279
|
error: data.error,
|
|
279
280
|
challenge
|
|
@@ -317,7 +318,7 @@ var TetherClient = class {
|
|
|
317
318
|
/**
|
|
318
319
|
* Create a new agent
|
|
319
320
|
*/
|
|
320
|
-
async createAgent(agentName, description = "") {
|
|
321
|
+
async createAgent(agentName, description = "", domainId) {
|
|
321
322
|
this._requireApiKey();
|
|
322
323
|
try {
|
|
323
324
|
const response = await fetch(`${this.baseUrl}/agents/issue`, {
|
|
@@ -326,7 +327,7 @@ var TetherClient = class {
|
|
|
326
327
|
"Content-Type": "application/json",
|
|
327
328
|
...this._authHeaders()
|
|
328
329
|
},
|
|
329
|
-
body: JSON.stringify({ agentName, description })
|
|
330
|
+
body: JSON.stringify({ agentName, description, ...domainId ? { domainId } : {} })
|
|
330
331
|
});
|
|
331
332
|
if (!response.ok) {
|
|
332
333
|
const errorText = await response.text().catch(() => "Unknown error");
|
|
@@ -384,6 +385,40 @@ var TetherClient = class {
|
|
|
384
385
|
);
|
|
385
386
|
}
|
|
386
387
|
}
|
|
388
|
+
/**
|
|
389
|
+
* List all registered domains
|
|
390
|
+
*/
|
|
391
|
+
async listDomains() {
|
|
392
|
+
this._requireApiKey();
|
|
393
|
+
try {
|
|
394
|
+
const response = await fetch(`${this.baseUrl}/domains`, {
|
|
395
|
+
method: "GET",
|
|
396
|
+
headers: {
|
|
397
|
+
...this._authHeaders()
|
|
398
|
+
}
|
|
399
|
+
});
|
|
400
|
+
if (!response.ok) {
|
|
401
|
+
const errorText = await response.text().catch(() => "Unknown error");
|
|
402
|
+
throw new TetherAPIError(
|
|
403
|
+
`List domains failed: ${response.status} ${response.statusText}`,
|
|
404
|
+
response.status,
|
|
405
|
+
errorText
|
|
406
|
+
);
|
|
407
|
+
}
|
|
408
|
+
const data = await response.json();
|
|
409
|
+
return data;
|
|
410
|
+
} catch (error) {
|
|
411
|
+
if (error instanceof TetherError) {
|
|
412
|
+
throw error;
|
|
413
|
+
}
|
|
414
|
+
throw new TetherAPIError(
|
|
415
|
+
`Failed to list domains: ${error instanceof Error ? error.message : String(error)}`,
|
|
416
|
+
void 0,
|
|
417
|
+
void 0,
|
|
418
|
+
error instanceof Error ? error : void 0
|
|
419
|
+
);
|
|
420
|
+
}
|
|
421
|
+
}
|
|
387
422
|
/**
|
|
388
423
|
* Delete an agent by ID
|
|
389
424
|
*/
|
|
@@ -417,6 +452,123 @@ var TetherClient = class {
|
|
|
417
452
|
);
|
|
418
453
|
}
|
|
419
454
|
}
|
|
455
|
+
/**
|
|
456
|
+
* List key lifecycle entries for an agent.
|
|
457
|
+
*/
|
|
458
|
+
async listAgentKeys(agentId) {
|
|
459
|
+
this._requireApiKey();
|
|
460
|
+
try {
|
|
461
|
+
const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys`, {
|
|
462
|
+
method: "GET",
|
|
463
|
+
headers: {
|
|
464
|
+
...this._authHeaders()
|
|
465
|
+
}
|
|
466
|
+
});
|
|
467
|
+
if (!response.ok) {
|
|
468
|
+
const errorText = await response.text().catch(() => "Unknown error");
|
|
469
|
+
throw new TetherAPIError(
|
|
470
|
+
`List agent keys failed: ${response.status} ${response.statusText}`,
|
|
471
|
+
response.status,
|
|
472
|
+
errorText
|
|
473
|
+
);
|
|
474
|
+
}
|
|
475
|
+
return await response.json();
|
|
476
|
+
} catch (error) {
|
|
477
|
+
if (error instanceof TetherError) {
|
|
478
|
+
throw error;
|
|
479
|
+
}
|
|
480
|
+
throw new TetherAPIError(
|
|
481
|
+
`Failed to list agent keys: ${error instanceof Error ? error.message : String(error)}`,
|
|
482
|
+
void 0,
|
|
483
|
+
void 0,
|
|
484
|
+
error instanceof Error ? error : void 0
|
|
485
|
+
);
|
|
486
|
+
}
|
|
487
|
+
}
|
|
488
|
+
/**
|
|
489
|
+
* Rotate an agent key with optional step-up auth.
|
|
490
|
+
*/
|
|
491
|
+
async rotateAgentKey(agentId, request) {
|
|
492
|
+
this._requireApiKey();
|
|
493
|
+
try {
|
|
494
|
+
const payload = {
|
|
495
|
+
publicKey: request.publicKey,
|
|
496
|
+
...request.gracePeriodHours !== void 0 ? { gracePeriodHours: request.gracePeriodHours } : {},
|
|
497
|
+
...request.reason ? { reason: request.reason } : {},
|
|
498
|
+
...request.stepUpCode ? { stepUpCode: request.stepUpCode } : {},
|
|
499
|
+
...request.challenge ? { challenge: request.challenge } : {},
|
|
500
|
+
...request.proof ? { proof: request.proof } : {}
|
|
501
|
+
};
|
|
502
|
+
const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys/rotate`, {
|
|
503
|
+
method: "POST",
|
|
504
|
+
headers: {
|
|
505
|
+
"Content-Type": "application/json",
|
|
506
|
+
...this._authHeaders()
|
|
507
|
+
},
|
|
508
|
+
body: JSON.stringify(payload)
|
|
509
|
+
});
|
|
510
|
+
if (!response.ok) {
|
|
511
|
+
const errorText = await response.text().catch(() => "Unknown error");
|
|
512
|
+
throw new TetherAPIError(
|
|
513
|
+
`Rotate key failed: ${response.status} ${response.statusText}`,
|
|
514
|
+
response.status,
|
|
515
|
+
errorText
|
|
516
|
+
);
|
|
517
|
+
}
|
|
518
|
+
return await response.json();
|
|
519
|
+
} catch (error) {
|
|
520
|
+
if (error instanceof TetherError) {
|
|
521
|
+
throw error;
|
|
522
|
+
}
|
|
523
|
+
throw new TetherAPIError(
|
|
524
|
+
`Failed to rotate agent key: ${error instanceof Error ? error.message : String(error)}`,
|
|
525
|
+
void 0,
|
|
526
|
+
void 0,
|
|
527
|
+
error instanceof Error ? error : void 0
|
|
528
|
+
);
|
|
529
|
+
}
|
|
530
|
+
}
|
|
531
|
+
/**
|
|
532
|
+
* Revoke an agent key with optional step-up auth.
|
|
533
|
+
*/
|
|
534
|
+
async revokeAgentKey(agentId, keyId, request = {}) {
|
|
535
|
+
this._requireApiKey();
|
|
536
|
+
try {
|
|
537
|
+
const payload = {
|
|
538
|
+
...request.reason ? { reason: request.reason } : {},
|
|
539
|
+
...request.stepUpCode ? { stepUpCode: request.stepUpCode } : {},
|
|
540
|
+
...request.challenge ? { challenge: request.challenge } : {},
|
|
541
|
+
...request.proof ? { proof: request.proof } : {}
|
|
542
|
+
};
|
|
543
|
+
const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys/${keyId}/revoke`, {
|
|
544
|
+
method: "POST",
|
|
545
|
+
headers: {
|
|
546
|
+
"Content-Type": "application/json",
|
|
547
|
+
...this._authHeaders()
|
|
548
|
+
},
|
|
549
|
+
body: JSON.stringify(payload)
|
|
550
|
+
});
|
|
551
|
+
if (!response.ok) {
|
|
552
|
+
const errorText = await response.text().catch(() => "Unknown error");
|
|
553
|
+
throw new TetherAPIError(
|
|
554
|
+
`Revoke key failed: ${response.status} ${response.statusText}`,
|
|
555
|
+
response.status,
|
|
556
|
+
errorText
|
|
557
|
+
);
|
|
558
|
+
}
|
|
559
|
+
return await response.json();
|
|
560
|
+
} catch (error) {
|
|
561
|
+
if (error instanceof TetherError) {
|
|
562
|
+
throw error;
|
|
563
|
+
}
|
|
564
|
+
throw new TetherAPIError(
|
|
565
|
+
`Failed to revoke agent key: ${error instanceof Error ? error.message : String(error)}`,
|
|
566
|
+
void 0,
|
|
567
|
+
void 0,
|
|
568
|
+
error instanceof Error ? error : void 0
|
|
569
|
+
);
|
|
570
|
+
}
|
|
571
|
+
}
|
|
420
572
|
};
|
|
421
573
|
// Annotate the CommonJS export names for ESM import in node:
|
|
422
574
|
0 && (module.exports = {
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/crypto.ts","../src/client.ts"],"sourcesContent":["/**\n * Tether Name SDK - Official Node.js library for tether.name agent identity verification\n * \n * @example\n * ```typescript\n * import { TetherClient } from 'tether-name';\n * \n * const client = new TetherClient({\n * agentId: 'your-agent-id',\n * privateKeyPath: '/path/to/key.pem'\n * });\n * \n * const result = await client.verify();\n * console.log(result.verified, result.agentName);\n * ```\n */\n\n// Main exports\nexport { TetherClient } from './client.js';\n\n// Types\nexport type {\n TetherClientConfig,\n ChallengeResponse,\n Agent,\n IssueAgentResponse,\n VerificationRequest,\n VerificationResponse,\n VerificationResult,\n KeyFormat\n} from './types.js';\n\n// Errors\nexport {\n TetherError,\n TetherAPIError,\n TetherVerificationError\n} from './errors.js';\n\n// Crypto utilities (for advanced use cases)\nexport {\n loadPrivateKey,\n signChallenge,\n detectKeyFormat\n} from './crypto.js';","/**\n * Base error class for all Tether-related errors\n */\nexport class TetherError extends Error {\n constructor(message: string, public readonly cause?: Error) {\n super(message);\n this.name = 'TetherError';\n \n // Maintain proper stack trace for where our error was thrown (only available on V8)\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, TetherError);\n }\n }\n}\n\n/**\n * Error thrown when verification fails\n */\nexport class TetherVerificationError extends TetherError {\n constructor(message: string, cause?: Error) {\n super(message, cause);\n this.name = 'TetherVerificationError';\n }\n}\n\n/**\n * Error thrown when API requests fail\n */\nexport class TetherAPIError extends TetherError {\n constructor(\n message: string,\n public readonly status?: number,\n public readonly response?: string,\n cause?: Error\n ) {\n super(message, cause);\n this.name = 'TetherAPIError';\n }\n}","import { createSign, createPrivateKey, KeyObject } from 'crypto';\nimport { readFileSync } from 'fs';\nimport { TetherError } from './errors.js';\nimport type { KeyFormat } from './types.js';\n\n/**\n * Imports a DER-encoded private key, trying PKCS#8 first then PKCS#1.\n */\nfunction importDerKey(derData: Buffer): KeyObject {\n try {\n return createPrivateKey({ key: derData, format: 'der', type: 'pkcs8' });\n } catch {\n // PKCS#8 failed — try PKCS#1\n }\n try {\n return createPrivateKey({ key: derData, format: 'der', type: 'pkcs1' });\n } catch {\n // PKCS#1 also failed\n }\n throw new TetherError(\n 'Failed to load DER private key: data is not valid PKCS#8 or PKCS#1. ' +\n 'Ensure the file is an RSA private key in DER format.'\n );\n}\n\n/**\n * Loads a private key from various sources\n */\nexport function loadPrivateKey(options: {\n keyPath?: string;\n keyPem?: string;\n keyBuffer?: Buffer;\n}): KeyObject {\n const { keyPath, keyPem, keyBuffer } = options;\n\n try {\n if (keyPem) {\n // PEM string provided directly\n return createPrivateKey(keyPem);\n }\n\n if (keyBuffer) {\n // DER buffer provided directly\n return importDerKey(keyBuffer);\n }\n\n if (keyPath) {\n // Read from file - detect format by extension or content\n const keyData = readFileSync(keyPath);\n\n // Try to detect format\n if (keyPath.endsWith('.pem') || keyData.toString().includes('-----BEGIN')) {\n // PEM format\n return createPrivateKey(keyData);\n } else {\n // Assume DER format\n return importDerKey(keyData);\n }\n }\n\n throw new TetherError('No private key provided');\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherError(\n `Failed to load private key: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n}\n\n/**\n * Signs a challenge string using RSA-SHA256\n * Returns URL-safe base64 encoded signature (no padding)\n */\nexport function signChallenge(privateKey: KeyObject, challenge: string): string {\n try {\n const sign = createSign('SHA256');\n sign.update(challenge);\n sign.end();\n \n const signature = sign.sign(privateKey);\n \n // Convert to URL-safe base64 without padding\n return signature\n .toString('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '');\n } catch (error) {\n throw new TetherError(\n `Failed to sign challenge: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n}\n\n/**\n * Utility function to detect key format from file extension or content\n */\nexport function detectKeyFormat(keyPath: string): KeyFormat {\n if (keyPath.endsWith('.pem')) {\n return 'pem';\n }\n if (keyPath.endsWith('.der')) {\n return 'der';\n }\n \n // Try to read a small portion to detect format\n try {\n const keyData = readFileSync(keyPath, { encoding: 'utf8', flag: 'r' });\n if (keyData.includes('-----BEGIN')) {\n return 'pem';\n }\n } catch {\n // If we can't read as text, it's probably DER\n }\n \n return 'der';\n}","import { KeyObject } from 'crypto';\nimport { TetherError, TetherAPIError, TetherVerificationError } from './errors.js';\nimport { loadPrivateKey, signChallenge } from './crypto.js';\nimport type {\n TetherClientConfig,\n ChallengeResponse,\n Agent,\n IssueAgentResponse,\n VerificationRequest,\n VerificationResponse,\n VerificationResult\n} from './types.js';\n\n/**\n * TetherClient - Official SDK for tether.name agent identity verification\n */\nexport class TetherClient {\n private readonly agentId: string;\n private readonly privateKey: KeyObject | null;\n private readonly baseUrl: string;\n private readonly apiKey?: string;\n\n constructor(config: TetherClientConfig) {\n // Set base URL\n this.baseUrl = 'https://api.tether.name';\n\n // Get API key from config or environment\n this.apiKey = config.apiKey || process.env.TETHER_API_KEY;\n\n // Get agent ID from config or environment\n this.agentId = config.agentId || process.env.TETHER_AGENT_ID || '';\n\n // Load private key if key material is provided\n const keyPath = config.privateKeyPath || process.env.TETHER_PRIVATE_KEY_PATH;\n const hasKeyMaterial = keyPath || config.privateKeyPem || config.privateKeyBuffer;\n\n if (hasKeyMaterial) {\n this.privateKey = loadPrivateKey({\n keyPath,\n keyPem: config.privateKeyPem,\n keyBuffer: config.privateKeyBuffer\n });\n } else {\n this.privateKey = null;\n }\n\n // If no API key and no private key, agent ID and key are still needed for verify/sign\n // but we defer the error to when those methods are called\n if (!this.apiKey && !this.privateKey) {\n // Allow construction — errors thrown at method call time\n }\n\n if (!this.apiKey && !this.agentId) {\n // Allow construction — errors thrown at method call time\n }\n }\n\n /**\n * Returns authorization headers when an API key is configured\n */\n private _authHeaders(): Record<string, string> {\n if (this.apiKey) {\n return { 'Authorization': `Bearer ${this.apiKey}` };\n }\n return {};\n }\n\n /**\n * Ensures a private key is available, throwing if not\n */\n private _requirePrivateKey(): KeyObject {\n if (!this.privateKey) {\n throw new TetherError(\n 'Private key is required for this operation. Provide privateKeyPath, privateKeyPem, or privateKeyBuffer in config, or set TETHER_PRIVATE_KEY_PATH environment variable.'\n );\n }\n return this.privateKey;\n }\n\n /**\n * Ensures an API key is available, throwing if not\n */\n private _requireApiKey(): void {\n if (!this.apiKey) {\n throw new TetherError(\n 'API key is required for agent management operations. Provide apiKey in config or set TETHER_API_KEY environment variable.'\n );\n }\n }\n\n /**\n * Ensures an agent ID is available, throwing if not\n */\n private _requireAgentId(): string {\n if (!this.agentId) {\n throw new TetherError(\n 'Agent ID is required for this operation. Provide it in config or set TETHER_AGENT_ID environment variable.'\n );\n }\n return this.agentId;\n }\n\n /**\n * Request a challenge from the Tether API\n */\n async requestChallenge(): Promise<string> {\n try {\n const response = await fetch(`${this.baseUrl}/challenge`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Challenge request failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as ChallengeResponse;\n\n if (!data.code) {\n throw new TetherAPIError('Invalid challenge response: missing code');\n }\n\n return data.code;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to request challenge: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Sign a challenge string\n */\n sign(challenge: string): string {\n const key = this._requirePrivateKey();\n return signChallenge(key, challenge);\n }\n\n /**\n * Submit proof for a challenge\n */\n async submitProof(challenge: string, proof: string): Promise<VerificationResult> {\n const agentId = this._requireAgentId();\n\n try {\n const payload: VerificationRequest = {\n challenge,\n proof,\n agentId\n };\n\n const response = await fetch(`${this.baseUrl}/challenge/verify`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n },\n body: JSON.stringify(payload)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Verification failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as VerificationResponse;\n\n // Convert API response to our result format\n const registeredSince = typeof data.registeredSince === 'number'\n ? new Date(data.registeredSince).toISOString()\n : data.registeredSince;\n\n return {\n verified: data.valid,\n agentName: data.agentName,\n verifyUrl: data.verifyUrl,\n email: data.email,\n registeredSince,\n error: data.error,\n challenge\n };\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to submit proof: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Perform complete verification in one call\n */\n async verify(): Promise<VerificationResult> {\n try {\n const challenge = await this.requestChallenge();\n const proof = this.sign(challenge);\n const result = await this.submitProof(challenge, proof);\n\n if (!result.verified) {\n throw new TetherVerificationError(\n result.error || 'Verification failed for unknown reason'\n );\n }\n\n return result;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherVerificationError(\n `Verification failed: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Create a new agent\n */\n async createAgent(agentName: string, description: string = ''): Promise<Agent> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/issue`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...this._authHeaders()\n },\n body: JSON.stringify({ agentName, description })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Create agent failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as IssueAgentResponse;\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to create agent: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * List all agents\n */\n async listAgents(): Promise<Agent[]> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents`, {\n method: 'GET',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `List agents failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as Agent[];\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to list agents: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Delete an agent by ID\n */\n async deleteAgent(agentId: string): Promise<boolean> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/${agentId}`, {\n method: 'DELETE',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Delete agent failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return true;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to delete agent: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACGO,IAAM,cAAN,MAAM,qBAAoB,MAAM;AAAA,EACrC,YAAY,SAAiC,OAAe;AAC1D,UAAM,OAAO;AAD8B;AAE3C,SAAK,OAAO;AAGZ,QAAI,MAAM,mBAAmB;AAC3B,YAAM,kBAAkB,MAAM,YAAW;AAAA,IAC3C;AAAA,EACF;AACF;AAKO,IAAM,0BAAN,cAAsC,YAAY;AAAA,EACvD,YAAY,SAAiB,OAAe;AAC1C,UAAM,SAAS,KAAK;AACpB,SAAK,OAAO;AAAA,EACd;AACF;AAKO,IAAM,iBAAN,cAA6B,YAAY;AAAA,EAC9C,YACE,SACgB,QACA,UAChB,OACA;AACA,UAAM,SAAS,KAAK;AAJJ;AACA;AAIhB,SAAK,OAAO;AAAA,EACd;AACF;;;ACtCA,oBAAwD;AACxD,gBAA6B;AAO7B,SAAS,aAAa,SAA4B;AAChD,MAAI;AACF,eAAO,gCAAiB,EAAE,KAAK,SAAS,QAAQ,OAAO,MAAM,QAAQ,CAAC;AAAA,EACxE,QAAQ;AAAA,EAER;AACA,MAAI;AACF,eAAO,gCAAiB,EAAE,KAAK,SAAS,QAAQ,OAAO,MAAM,QAAQ,CAAC;AAAA,EACxE,QAAQ;AAAA,EAER;AACA,QAAM,IAAI;AAAA,IACR;AAAA,EAEF;AACF;AAKO,SAAS,eAAe,SAIjB;AACZ,QAAM,EAAE,SAAS,QAAQ,UAAU,IAAI;AAEvC,MAAI;AACF,QAAI,QAAQ;AAEV,iBAAO,gCAAiB,MAAM;AAAA,IAChC;AAEA,QAAI,WAAW;AAEb,aAAO,aAAa,SAAS;AAAA,IAC/B;AAEA,QAAI,SAAS;AAEX,YAAM,cAAU,wBAAa,OAAO;AAGpC,UAAI,QAAQ,SAAS,MAAM,KAAK,QAAQ,SAAS,EAAE,SAAS,YAAY,GAAG;AAEzE,mBAAO,gCAAiB,OAAO;AAAA,MACjC,OAAO;AAEL,eAAO,aAAa,OAAO;AAAA,MAC7B;AAAA,IACF;AAEA,UAAM,IAAI,YAAY,yBAAyB;AAAA,EACjD,SAAS,OAAO;AACd,QAAI,iBAAiB,aAAa;AAChC,YAAM;AAAA,IACR;AACA,UAAM,IAAI;AAAA,MACR,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,MACrF,iBAAiB,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACF;AACF;AAMO,SAAS,cAAc,YAAuB,WAA2B;AAC9E,MAAI;AACF,UAAM,WAAO,0BAAW,QAAQ;AAChC,SAAK,OAAO,SAAS;AACrB,SAAK,IAAI;AAET,UAAM,YAAY,KAAK,KAAK,UAAU;AAGtC,WAAO,UACJ,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AAAA,EACrB,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,6BAA6B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,MACnF,iBAAiB,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACF;AACF;AAKO,SAAS,gBAAgB,SAA4B;AAC1D,MAAI,QAAQ,SAAS,MAAM,GAAG;AAC5B,WAAO;AAAA,EACT;AACA,MAAI,QAAQ,SAAS,MAAM,GAAG;AAC5B,WAAO;AAAA,EACT;AAGA,MAAI;AACF,UAAM,cAAU,wBAAa,SAAS,EAAE,UAAU,QAAQ,MAAM,IAAI,CAAC;AACrE,QAAI,QAAQ,SAAS,YAAY,GAAG;AAClC,aAAO;AAAA,IACT;AAAA,EACF,QAAQ;AAAA,EAER;AAEA,SAAO;AACT;;;ACxGO,IAAM,eAAN,MAAmB;AAAA,EACP;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,QAA4B;AAEtC,SAAK,UAAU;AAGf,SAAK,SAAS,OAAO,UAAU,QAAQ,IAAI;AAG3C,SAAK,UAAU,OAAO,WAAW,QAAQ,IAAI,mBAAmB;AAGhE,UAAM,UAAU,OAAO,kBAAkB,QAAQ,IAAI;AACrD,UAAM,iBAAiB,WAAW,OAAO,iBAAiB,OAAO;AAEjE,QAAI,gBAAgB;AAClB,WAAK,aAAa,eAAe;AAAA,QAC/B;AAAA,QACA,QAAQ,OAAO;AAAA,QACf,WAAW,OAAO;AAAA,MACpB,CAAC;AAAA,IACH,OAAO;AACL,WAAK,aAAa;AAAA,IACpB;AAIA,QAAI,CAAC,KAAK,UAAU,CAAC,KAAK,YAAY;AAAA,IAEtC;AAEA,QAAI,CAAC,KAAK,UAAU,CAAC,KAAK,SAAS;AAAA,IAEnC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAuC;AAC7C,QAAI,KAAK,QAAQ;AACf,aAAO,EAAE,iBAAiB,UAAU,KAAK,MAAM,GAAG;AAAA,IACpD;AACA,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAKQ,qBAAgC;AACtC,QAAI,CAAC,KAAK,YAAY;AACpB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKQ,iBAAuB;AAC7B,QAAI,CAAC,KAAK,QAAQ;AAChB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAA0B;AAChC,QAAI,CAAC,KAAK,SAAS;AACjB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBAAoC;AACxC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,cAAc;AAAA,QACxD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,6BAA6B,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UACnE,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,UAAI,CAAC,KAAK,MAAM;AACd,cAAM,IAAI,eAAe,0CAA0C;AAAA,MACrE;AAEA,aAAO,KAAK;AAAA,IACd,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,gCAAgC,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACtF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,WAA2B;AAC9B,UAAM,MAAM,KAAK,mBAAmB;AACpC,WAAO,cAAc,KAAK,SAAS;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,WAAmB,OAA4C;AAC/E,UAAM,UAAU,KAAK,gBAAgB;AAErC,QAAI;AACF,YAAM,UAA+B;AAAA,QACnC;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEA,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,qBAAqB;AAAA,QAC/D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AAGjC,YAAM,kBAAkB,OAAO,KAAK,oBAAoB,WACpD,IAAI,KAAK,KAAK,eAAe,EAAE,YAAY,IAC3C,KAAK;AAET,aAAO;AAAA,QACL,UAAU,KAAK;AAAA,QACf,WAAW,KAAK;AAAA,QAChB,WAAW,KAAK;AAAA,QAChB,OAAO,KAAK;AAAA,QACZ;AAAA,QACA,OAAO,KAAK;AAAA,QACZ;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAsC;AAC1C,QAAI;AACF,YAAM,YAAY,MAAM,KAAK,iBAAiB;AAC9C,YAAM,QAAQ,KAAK,KAAK,SAAS;AACjC,YAAM,SAAS,MAAM,KAAK,YAAY,WAAW,KAAK;AAEtD,UAAI,CAAC,OAAO,UAAU;AACpB,cAAM,IAAI;AAAA,UACR,OAAO,SAAS;AAAA,QAClB;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,wBAAwB,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QAC9E,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,WAAmB,cAAsB,IAAoB;AAC7E,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,iBAAiB;AAAA,QAC3D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,WAAW,YAAY,CAAC;AAAA,MACjD,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAA+B;AACnC,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW;AAAA,QACrD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,uBAAuB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC7D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,0BAA0B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QAChF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAmC;AACnD,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,IAAI;AAAA,QAChE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AACF;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/crypto.ts","../src/client.ts"],"sourcesContent":["/**\n * Tether Name SDK - Official Node.js library for tether.name agent identity verification\n * \n * @example\n * ```typescript\n * import { TetherClient } from 'tether-name';\n * \n * const client = new TetherClient({\n * agentId: 'your-agent-id',\n * privateKeyPath: '/path/to/key.pem'\n * });\n * \n * const result = await client.verify();\n * console.log(result.verified, result.agentName);\n * ```\n */\n\n// Main exports\nexport { TetherClient } from './client.js';\n\n// Types\nexport type {\n TetherClientConfig,\n ChallengeResponse,\n Agent,\n Domain,\n IssueAgentResponse,\n VerificationRequest,\n VerificationResponse,\n VerificationResult,\n AgentKey,\n StepUpAuthInput,\n RotateAgentKeyRequest,\n RotateAgentKeyResponse,\n RevokeAgentKeyRequest,\n RevokeAgentKeyResponse,\n KeyFormat\n} from './types.js';\n\n// Errors\nexport {\n TetherError,\n TetherAPIError,\n TetherVerificationError\n} from './errors.js';\n\n// Crypto utilities (for advanced use cases)\nexport {\n loadPrivateKey,\n signChallenge,\n detectKeyFormat\n} from './crypto.js';","/**\n * Base error class for all Tether-related errors\n */\nexport class TetherError extends Error {\n constructor(message: string, public readonly cause?: Error) {\n super(message);\n this.name = 'TetherError';\n \n // Maintain proper stack trace for where our error was thrown (only available on V8)\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, TetherError);\n }\n }\n}\n\n/**\n * Error thrown when verification fails\n */\nexport class TetherVerificationError extends TetherError {\n constructor(message: string, cause?: Error) {\n super(message, cause);\n this.name = 'TetherVerificationError';\n }\n}\n\n/**\n * Error thrown when API requests fail\n */\nexport class TetherAPIError extends TetherError {\n constructor(\n message: string,\n public readonly status?: number,\n public readonly response?: string,\n cause?: Error\n ) {\n super(message, cause);\n this.name = 'TetherAPIError';\n }\n}","import { createSign, createPrivateKey, KeyObject } from 'crypto';\nimport { readFileSync } from 'fs';\nimport { TetherError } from './errors.js';\nimport type { KeyFormat } from './types.js';\n\n/**\n * Imports a DER-encoded private key, trying PKCS#8 first then PKCS#1.\n */\nfunction importDerKey(derData: Buffer): KeyObject {\n try {\n return createPrivateKey({ key: derData, format: 'der', type: 'pkcs8' });\n } catch {\n // PKCS#8 failed — try PKCS#1\n }\n try {\n return createPrivateKey({ key: derData, format: 'der', type: 'pkcs1' });\n } catch {\n // PKCS#1 also failed\n }\n throw new TetherError(\n 'Failed to load DER private key: data is not valid PKCS#8 or PKCS#1. ' +\n 'Ensure the file is an RSA private key in DER format.'\n );\n}\n\n/**\n * Loads a private key from various sources\n */\nexport function loadPrivateKey(options: {\n keyPath?: string;\n keyPem?: string;\n keyBuffer?: Buffer;\n}): KeyObject {\n const { keyPath, keyPem, keyBuffer } = options;\n\n try {\n if (keyPem) {\n // PEM string provided directly\n return createPrivateKey(keyPem);\n }\n\n if (keyBuffer) {\n // DER buffer provided directly\n return importDerKey(keyBuffer);\n }\n\n if (keyPath) {\n // Read from file - detect format by extension or content\n const keyData = readFileSync(keyPath);\n\n // Try to detect format\n if (keyPath.endsWith('.pem') || keyData.toString().includes('-----BEGIN')) {\n // PEM format\n return createPrivateKey(keyData);\n } else {\n // Assume DER format\n return importDerKey(keyData);\n }\n }\n\n throw new TetherError('No private key provided');\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherError(\n `Failed to load private key: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n}\n\n/**\n * Signs a challenge string using RSA-SHA256\n * Returns URL-safe base64 encoded signature (no padding)\n */\nexport function signChallenge(privateKey: KeyObject, challenge: string): string {\n try {\n const sign = createSign('SHA256');\n sign.update(challenge);\n sign.end();\n \n const signature = sign.sign(privateKey);\n \n // Convert to URL-safe base64 without padding\n return signature\n .toString('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '');\n } catch (error) {\n throw new TetherError(\n `Failed to sign challenge: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n}\n\n/**\n * Utility function to detect key format from file extension or content\n */\nexport function detectKeyFormat(keyPath: string): KeyFormat {\n if (keyPath.endsWith('.pem')) {\n return 'pem';\n }\n if (keyPath.endsWith('.der')) {\n return 'der';\n }\n \n // Try to read a small portion to detect format\n try {\n const keyData = readFileSync(keyPath, { encoding: 'utf8', flag: 'r' });\n if (keyData.includes('-----BEGIN')) {\n return 'pem';\n }\n } catch {\n // If we can't read as text, it's probably DER\n }\n \n return 'der';\n}","import { KeyObject } from 'crypto';\nimport { TetherError, TetherAPIError, TetherVerificationError } from './errors.js';\nimport { loadPrivateKey, signChallenge } from './crypto.js';\nimport type {\n TetherClientConfig,\n ChallengeResponse,\n Agent,\n Domain,\n IssueAgentResponse,\n VerificationRequest,\n VerificationResponse,\n VerificationResult,\n AgentKey,\n RotateAgentKeyRequest,\n RotateAgentKeyResponse,\n RevokeAgentKeyRequest,\n RevokeAgentKeyResponse\n} from './types.js';\n\n/**\n * TetherClient - Official SDK for tether.name agent identity verification\n */\nexport class TetherClient {\n private readonly agentId: string;\n private readonly privateKey: KeyObject | null;\n private readonly baseUrl: string;\n private readonly apiKey?: string;\n\n constructor(config: TetherClientConfig) {\n // Set base URL\n this.baseUrl = 'https://api.tether.name';\n\n // Get API key from config or environment\n this.apiKey = config.apiKey || process.env.TETHER_API_KEY;\n\n // Get agent ID from config or environment\n this.agentId = config.agentId || process.env.TETHER_AGENT_ID || '';\n\n // Load private key if key material is provided\n const keyPath = config.privateKeyPath || process.env.TETHER_PRIVATE_KEY_PATH;\n const hasKeyMaterial = keyPath || config.privateKeyPem || config.privateKeyBuffer;\n\n if (hasKeyMaterial) {\n this.privateKey = loadPrivateKey({\n keyPath,\n keyPem: config.privateKeyPem,\n keyBuffer: config.privateKeyBuffer\n });\n } else {\n this.privateKey = null;\n }\n\n // If no API key and no private key, agent ID and key are still needed for verify/sign\n // but we defer the error to when those methods are called\n if (!this.apiKey && !this.privateKey) {\n // Allow construction — errors thrown at method call time\n }\n\n if (!this.apiKey && !this.agentId) {\n // Allow construction — errors thrown at method call time\n }\n }\n\n /**\n * Returns authorization headers when an API key is configured\n */\n private _authHeaders(): Record<string, string> {\n if (this.apiKey) {\n return { 'Authorization': `Bearer ${this.apiKey}` };\n }\n return {};\n }\n\n /**\n * Ensures a private key is available, throwing if not\n */\n private _requirePrivateKey(): KeyObject {\n if (!this.privateKey) {\n throw new TetherError(\n 'Private key is required for this operation. Provide privateKeyPath, privateKeyPem, or privateKeyBuffer in config, or set TETHER_PRIVATE_KEY_PATH environment variable.'\n );\n }\n return this.privateKey;\n }\n\n /**\n * Ensures an API key is available, throwing if not\n */\n private _requireApiKey(): void {\n if (!this.apiKey) {\n throw new TetherError(\n 'API key is required for agent management operations. Provide apiKey in config or set TETHER_API_KEY environment variable.'\n );\n }\n }\n\n /**\n * Ensures an agent ID is available, throwing if not\n */\n private _requireAgentId(): string {\n if (!this.agentId) {\n throw new TetherError(\n 'Agent ID is required for this operation. Provide it in config or set TETHER_AGENT_ID environment variable.'\n );\n }\n return this.agentId;\n }\n\n /**\n * Request a challenge from the Tether API\n */\n async requestChallenge(): Promise<string> {\n try {\n const response = await fetch(`${this.baseUrl}/challenge`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Challenge request failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as ChallengeResponse;\n\n if (!data.code) {\n throw new TetherAPIError('Invalid challenge response: missing code');\n }\n\n return data.code;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to request challenge: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Sign a challenge string\n */\n sign(challenge: string): string {\n const key = this._requirePrivateKey();\n return signChallenge(key, challenge);\n }\n\n /**\n * Submit proof for a challenge\n */\n async submitProof(challenge: string, proof: string): Promise<VerificationResult> {\n const agentId = this._requireAgentId();\n\n try {\n const payload: VerificationRequest = {\n challenge,\n proof,\n agentId\n };\n\n const response = await fetch(`${this.baseUrl}/challenge/verify`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n },\n body: JSON.stringify(payload)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Verification failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as VerificationResponse;\n\n // Convert API response to our result format\n const registeredSince = typeof data.registeredSince === 'number'\n ? new Date(data.registeredSince).toISOString()\n : data.registeredSince;\n\n return {\n verified: data.valid,\n agentName: data.agentName,\n verifyUrl: data.verifyUrl,\n email: data.email,\n domain: data.domain,\n registeredSince,\n error: data.error,\n challenge\n };\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to submit proof: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Perform complete verification in one call\n */\n async verify(): Promise<VerificationResult> {\n try {\n const challenge = await this.requestChallenge();\n const proof = this.sign(challenge);\n const result = await this.submitProof(challenge, proof);\n\n if (!result.verified) {\n throw new TetherVerificationError(\n result.error || 'Verification failed for unknown reason'\n );\n }\n\n return result;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherVerificationError(\n `Verification failed: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Create a new agent\n */\n async createAgent(agentName: string, description: string = '', domainId?: string): Promise<Agent> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/issue`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...this._authHeaders()\n },\n body: JSON.stringify({ agentName, description, ...(domainId ? { domainId } : {}) })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Create agent failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as IssueAgentResponse;\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to create agent: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * List all agents\n */\n async listAgents(): Promise<Agent[]> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents`, {\n method: 'GET',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `List agents failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as Agent[];\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to list agents: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * List all registered domains\n */\n async listDomains(): Promise<Domain[]> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/domains`, {\n method: 'GET',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `List domains failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as Domain[];\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to list domains: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Delete an agent by ID\n */\n async deleteAgent(agentId: string): Promise<boolean> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/${agentId}`, {\n method: 'DELETE',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Delete agent failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return true;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to delete agent: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * List key lifecycle entries for an agent.\n */\n async listAgentKeys(agentId: string): Promise<AgentKey[]> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys`, {\n method: 'GET',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `List agent keys failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return await response.json() as AgentKey[];\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to list agent keys: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Rotate an agent key with optional step-up auth.\n */\n async rotateAgentKey(agentId: string, request: RotateAgentKeyRequest): Promise<RotateAgentKeyResponse> {\n this._requireApiKey();\n try {\n const payload: RotateAgentKeyRequest = {\n publicKey: request.publicKey,\n ...(request.gracePeriodHours !== undefined ? { gracePeriodHours: request.gracePeriodHours } : {}),\n ...(request.reason ? { reason: request.reason } : {}),\n ...(request.stepUpCode ? { stepUpCode: request.stepUpCode } : {}),\n ...(request.challenge ? { challenge: request.challenge } : {}),\n ...(request.proof ? { proof: request.proof } : {}),\n };\n\n const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys/rotate`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...this._authHeaders()\n },\n body: JSON.stringify(payload)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Rotate key failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return await response.json() as RotateAgentKeyResponse;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to rotate agent key: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Revoke an agent key with optional step-up auth.\n */\n async revokeAgentKey(agentId: string, keyId: string, request: RevokeAgentKeyRequest = {}): Promise<RevokeAgentKeyResponse> {\n this._requireApiKey();\n try {\n const payload: RevokeAgentKeyRequest = {\n ...(request.reason ? { reason: request.reason } : {}),\n ...(request.stepUpCode ? { stepUpCode: request.stepUpCode } : {}),\n ...(request.challenge ? { challenge: request.challenge } : {}),\n ...(request.proof ? { proof: request.proof } : {}),\n };\n\n const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys/${keyId}/revoke`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...this._authHeaders()\n },\n body: JSON.stringify(payload)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Revoke key failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return await response.json() as RevokeAgentKeyResponse;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to revoke agent key: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACGO,IAAM,cAAN,MAAM,qBAAoB,MAAM;AAAA,EACrC,YAAY,SAAiC,OAAe;AAC1D,UAAM,OAAO;AAD8B;AAE3C,SAAK,OAAO;AAGZ,QAAI,MAAM,mBAAmB;AAC3B,YAAM,kBAAkB,MAAM,YAAW;AAAA,IAC3C;AAAA,EACF;AACF;AAKO,IAAM,0BAAN,cAAsC,YAAY;AAAA,EACvD,YAAY,SAAiB,OAAe;AAC1C,UAAM,SAAS,KAAK;AACpB,SAAK,OAAO;AAAA,EACd;AACF;AAKO,IAAM,iBAAN,cAA6B,YAAY;AAAA,EAC9C,YACE,SACgB,QACA,UAChB,OACA;AACA,UAAM,SAAS,KAAK;AAJJ;AACA;AAIhB,SAAK,OAAO;AAAA,EACd;AACF;;;ACtCA,oBAAwD;AACxD,gBAA6B;AAO7B,SAAS,aAAa,SAA4B;AAChD,MAAI;AACF,eAAO,gCAAiB,EAAE,KAAK,SAAS,QAAQ,OAAO,MAAM,QAAQ,CAAC;AAAA,EACxE,QAAQ;AAAA,EAER;AACA,MAAI;AACF,eAAO,gCAAiB,EAAE,KAAK,SAAS,QAAQ,OAAO,MAAM,QAAQ,CAAC;AAAA,EACxE,QAAQ;AAAA,EAER;AACA,QAAM,IAAI;AAAA,IACR;AAAA,EAEF;AACF;AAKO,SAAS,eAAe,SAIjB;AACZ,QAAM,EAAE,SAAS,QAAQ,UAAU,IAAI;AAEvC,MAAI;AACF,QAAI,QAAQ;AAEV,iBAAO,gCAAiB,MAAM;AAAA,IAChC;AAEA,QAAI,WAAW;AAEb,aAAO,aAAa,SAAS;AAAA,IAC/B;AAEA,QAAI,SAAS;AAEX,YAAM,cAAU,wBAAa,OAAO;AAGpC,UAAI,QAAQ,SAAS,MAAM,KAAK,QAAQ,SAAS,EAAE,SAAS,YAAY,GAAG;AAEzE,mBAAO,gCAAiB,OAAO;AAAA,MACjC,OAAO;AAEL,eAAO,aAAa,OAAO;AAAA,MAC7B;AAAA,IACF;AAEA,UAAM,IAAI,YAAY,yBAAyB;AAAA,EACjD,SAAS,OAAO;AACd,QAAI,iBAAiB,aAAa;AAChC,YAAM;AAAA,IACR;AACA,UAAM,IAAI;AAAA,MACR,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,MACrF,iBAAiB,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACF;AACF;AAMO,SAAS,cAAc,YAAuB,WAA2B;AAC9E,MAAI;AACF,UAAM,WAAO,0BAAW,QAAQ;AAChC,SAAK,OAAO,SAAS;AACrB,SAAK,IAAI;AAET,UAAM,YAAY,KAAK,KAAK,UAAU;AAGtC,WAAO,UACJ,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AAAA,EACrB,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,6BAA6B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,MACnF,iBAAiB,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACF;AACF;AAKO,SAAS,gBAAgB,SAA4B;AAC1D,MAAI,QAAQ,SAAS,MAAM,GAAG;AAC5B,WAAO;AAAA,EACT;AACA,MAAI,QAAQ,SAAS,MAAM,GAAG;AAC5B,WAAO;AAAA,EACT;AAGA,MAAI;AACF,UAAM,cAAU,wBAAa,SAAS,EAAE,UAAU,QAAQ,MAAM,IAAI,CAAC;AACrE,QAAI,QAAQ,SAAS,YAAY,GAAG;AAClC,aAAO;AAAA,IACT;AAAA,EACF,QAAQ;AAAA,EAER;AAEA,SAAO;AACT;;;AClGO,IAAM,eAAN,MAAmB;AAAA,EACP;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,QAA4B;AAEtC,SAAK,UAAU;AAGf,SAAK,SAAS,OAAO,UAAU,QAAQ,IAAI;AAG3C,SAAK,UAAU,OAAO,WAAW,QAAQ,IAAI,mBAAmB;AAGhE,UAAM,UAAU,OAAO,kBAAkB,QAAQ,IAAI;AACrD,UAAM,iBAAiB,WAAW,OAAO,iBAAiB,OAAO;AAEjE,QAAI,gBAAgB;AAClB,WAAK,aAAa,eAAe;AAAA,QAC/B;AAAA,QACA,QAAQ,OAAO;AAAA,QACf,WAAW,OAAO;AAAA,MACpB,CAAC;AAAA,IACH,OAAO;AACL,WAAK,aAAa;AAAA,IACpB;AAIA,QAAI,CAAC,KAAK,UAAU,CAAC,KAAK,YAAY;AAAA,IAEtC;AAEA,QAAI,CAAC,KAAK,UAAU,CAAC,KAAK,SAAS;AAAA,IAEnC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAuC;AAC7C,QAAI,KAAK,QAAQ;AACf,aAAO,EAAE,iBAAiB,UAAU,KAAK,MAAM,GAAG;AAAA,IACpD;AACA,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAKQ,qBAAgC;AACtC,QAAI,CAAC,KAAK,YAAY;AACpB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKQ,iBAAuB;AAC7B,QAAI,CAAC,KAAK,QAAQ;AAChB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAA0B;AAChC,QAAI,CAAC,KAAK,SAAS;AACjB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBAAoC;AACxC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,cAAc;AAAA,QACxD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,6BAA6B,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UACnE,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,UAAI,CAAC,KAAK,MAAM;AACd,cAAM,IAAI,eAAe,0CAA0C;AAAA,MACrE;AAEA,aAAO,KAAK;AAAA,IACd,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,gCAAgC,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACtF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,WAA2B;AAC9B,UAAM,MAAM,KAAK,mBAAmB;AACpC,WAAO,cAAc,KAAK,SAAS;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,WAAmB,OAA4C;AAC/E,UAAM,UAAU,KAAK,gBAAgB;AAErC,QAAI;AACF,YAAM,UAA+B;AAAA,QACnC;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEA,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,qBAAqB;AAAA,QAC/D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AAGjC,YAAM,kBAAkB,OAAO,KAAK,oBAAoB,WACpD,IAAI,KAAK,KAAK,eAAe,EAAE,YAAY,IAC3C,KAAK;AAET,aAAO;AAAA,QACL,UAAU,KAAK;AAAA,QACf,WAAW,KAAK;AAAA,QAChB,WAAW,KAAK;AAAA,QAChB,OAAO,KAAK;AAAA,QACZ,QAAQ,KAAK;AAAA,QACb;AAAA,QACA,OAAO,KAAK;AAAA,QACZ;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAsC;AAC1C,QAAI;AACF,YAAM,YAAY,MAAM,KAAK,iBAAiB;AAC9C,YAAM,QAAQ,KAAK,KAAK,SAAS;AACjC,YAAM,SAAS,MAAM,KAAK,YAAY,WAAW,KAAK;AAEtD,UAAI,CAAC,OAAO,UAAU;AACpB,cAAM,IAAI;AAAA,UACR,OAAO,SAAS;AAAA,QAClB;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,wBAAwB,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QAC9E,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,WAAmB,cAAsB,IAAI,UAAmC;AAChG,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,iBAAiB;AAAA,QAC3D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,WAAW,aAAa,GAAI,WAAW,EAAE,SAAS,IAAI,CAAC,EAAG,CAAC;AAAA,MACpF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAA+B;AACnC,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW;AAAA,QACrD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,uBAAuB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC7D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,0BAA0B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QAChF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,cAAiC;AACrC,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,YAAY;AAAA,QACtD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAmC;AACnD,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,IAAI;AAAA,QAChE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,cAAc,SAAsC;AACxD,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,SAAS;AAAA,QACrE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,2BAA2B,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UACjE,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO,MAAM,SAAS,KAAK;AAAA,IAC7B,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,8BAA8B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACpF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eAAe,SAAiB,SAAiE;AACrG,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,UAAiC;AAAA,QACrC,WAAW,QAAQ;AAAA,QACnB,GAAI,QAAQ,qBAAqB,SAAY,EAAE,kBAAkB,QAAQ,iBAAiB,IAAI,CAAC;AAAA,QAC/F,GAAI,QAAQ,SAAS,EAAE,QAAQ,QAAQ,OAAO,IAAI,CAAC;AAAA,QACnD,GAAI,QAAQ,aAAa,EAAE,YAAY,QAAQ,WAAW,IAAI,CAAC;AAAA,QAC/D,GAAI,QAAQ,YAAY,EAAE,WAAW,QAAQ,UAAU,IAAI,CAAC;AAAA,QAC5D,GAAI,QAAQ,QAAQ,EAAE,OAAO,QAAQ,MAAM,IAAI,CAAC;AAAA,MAClD;AAEA,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,gBAAgB;AAAA,QAC5E,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,sBAAsB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC5D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO,MAAM,SAAS,KAAK;AAAA,IAC7B,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACrF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eAAe,SAAiB,OAAe,UAAiC,CAAC,GAAoC;AACzH,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,UAAiC;AAAA,QACrC,GAAI,QAAQ,SAAS,EAAE,QAAQ,QAAQ,OAAO,IAAI,CAAC;AAAA,QACnD,GAAI,QAAQ,aAAa,EAAE,YAAY,QAAQ,WAAW,IAAI,CAAC;AAAA,QAC/D,GAAI,QAAQ,YAAY,EAAE,WAAW,QAAQ,UAAU,IAAI,CAAC;AAAA,QAC5D,GAAI,QAAQ,QAAQ,EAAE,OAAO,QAAQ,MAAM,IAAI,CAAC;AAAA,MAClD;AAEA,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,SAAS,KAAK,WAAW;AAAA,QACrF,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,sBAAsB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC5D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO,MAAM,SAAS,KAAK;AAAA,IAC7B,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACrF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AACF;","names":[]}
|
package/dist/index.mjs
CHANGED
|
@@ -242,6 +242,7 @@ var TetherClient = class {
|
|
|
242
242
|
agentName: data.agentName,
|
|
243
243
|
verifyUrl: data.verifyUrl,
|
|
244
244
|
email: data.email,
|
|
245
|
+
domain: data.domain,
|
|
245
246
|
registeredSince,
|
|
246
247
|
error: data.error,
|
|
247
248
|
challenge
|
|
@@ -285,7 +286,7 @@ var TetherClient = class {
|
|
|
285
286
|
/**
|
|
286
287
|
* Create a new agent
|
|
287
288
|
*/
|
|
288
|
-
async createAgent(agentName, description = "") {
|
|
289
|
+
async createAgent(agentName, description = "", domainId) {
|
|
289
290
|
this._requireApiKey();
|
|
290
291
|
try {
|
|
291
292
|
const response = await fetch(`${this.baseUrl}/agents/issue`, {
|
|
@@ -294,7 +295,7 @@ var TetherClient = class {
|
|
|
294
295
|
"Content-Type": "application/json",
|
|
295
296
|
...this._authHeaders()
|
|
296
297
|
},
|
|
297
|
-
body: JSON.stringify({ agentName, description })
|
|
298
|
+
body: JSON.stringify({ agentName, description, ...domainId ? { domainId } : {} })
|
|
298
299
|
});
|
|
299
300
|
if (!response.ok) {
|
|
300
301
|
const errorText = await response.text().catch(() => "Unknown error");
|
|
@@ -352,6 +353,40 @@ var TetherClient = class {
|
|
|
352
353
|
);
|
|
353
354
|
}
|
|
354
355
|
}
|
|
356
|
+
/**
|
|
357
|
+
* List all registered domains
|
|
358
|
+
*/
|
|
359
|
+
async listDomains() {
|
|
360
|
+
this._requireApiKey();
|
|
361
|
+
try {
|
|
362
|
+
const response = await fetch(`${this.baseUrl}/domains`, {
|
|
363
|
+
method: "GET",
|
|
364
|
+
headers: {
|
|
365
|
+
...this._authHeaders()
|
|
366
|
+
}
|
|
367
|
+
});
|
|
368
|
+
if (!response.ok) {
|
|
369
|
+
const errorText = await response.text().catch(() => "Unknown error");
|
|
370
|
+
throw new TetherAPIError(
|
|
371
|
+
`List domains failed: ${response.status} ${response.statusText}`,
|
|
372
|
+
response.status,
|
|
373
|
+
errorText
|
|
374
|
+
);
|
|
375
|
+
}
|
|
376
|
+
const data = await response.json();
|
|
377
|
+
return data;
|
|
378
|
+
} catch (error) {
|
|
379
|
+
if (error instanceof TetherError) {
|
|
380
|
+
throw error;
|
|
381
|
+
}
|
|
382
|
+
throw new TetherAPIError(
|
|
383
|
+
`Failed to list domains: ${error instanceof Error ? error.message : String(error)}`,
|
|
384
|
+
void 0,
|
|
385
|
+
void 0,
|
|
386
|
+
error instanceof Error ? error : void 0
|
|
387
|
+
);
|
|
388
|
+
}
|
|
389
|
+
}
|
|
355
390
|
/**
|
|
356
391
|
* Delete an agent by ID
|
|
357
392
|
*/
|
|
@@ -385,6 +420,123 @@ var TetherClient = class {
|
|
|
385
420
|
);
|
|
386
421
|
}
|
|
387
422
|
}
|
|
423
|
+
/**
|
|
424
|
+
* List key lifecycle entries for an agent.
|
|
425
|
+
*/
|
|
426
|
+
async listAgentKeys(agentId) {
|
|
427
|
+
this._requireApiKey();
|
|
428
|
+
try {
|
|
429
|
+
const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys`, {
|
|
430
|
+
method: "GET",
|
|
431
|
+
headers: {
|
|
432
|
+
...this._authHeaders()
|
|
433
|
+
}
|
|
434
|
+
});
|
|
435
|
+
if (!response.ok) {
|
|
436
|
+
const errorText = await response.text().catch(() => "Unknown error");
|
|
437
|
+
throw new TetherAPIError(
|
|
438
|
+
`List agent keys failed: ${response.status} ${response.statusText}`,
|
|
439
|
+
response.status,
|
|
440
|
+
errorText
|
|
441
|
+
);
|
|
442
|
+
}
|
|
443
|
+
return await response.json();
|
|
444
|
+
} catch (error) {
|
|
445
|
+
if (error instanceof TetherError) {
|
|
446
|
+
throw error;
|
|
447
|
+
}
|
|
448
|
+
throw new TetherAPIError(
|
|
449
|
+
`Failed to list agent keys: ${error instanceof Error ? error.message : String(error)}`,
|
|
450
|
+
void 0,
|
|
451
|
+
void 0,
|
|
452
|
+
error instanceof Error ? error : void 0
|
|
453
|
+
);
|
|
454
|
+
}
|
|
455
|
+
}
|
|
456
|
+
/**
|
|
457
|
+
* Rotate an agent key with optional step-up auth.
|
|
458
|
+
*/
|
|
459
|
+
async rotateAgentKey(agentId, request) {
|
|
460
|
+
this._requireApiKey();
|
|
461
|
+
try {
|
|
462
|
+
const payload = {
|
|
463
|
+
publicKey: request.publicKey,
|
|
464
|
+
...request.gracePeriodHours !== void 0 ? { gracePeriodHours: request.gracePeriodHours } : {},
|
|
465
|
+
...request.reason ? { reason: request.reason } : {},
|
|
466
|
+
...request.stepUpCode ? { stepUpCode: request.stepUpCode } : {},
|
|
467
|
+
...request.challenge ? { challenge: request.challenge } : {},
|
|
468
|
+
...request.proof ? { proof: request.proof } : {}
|
|
469
|
+
};
|
|
470
|
+
const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys/rotate`, {
|
|
471
|
+
method: "POST",
|
|
472
|
+
headers: {
|
|
473
|
+
"Content-Type": "application/json",
|
|
474
|
+
...this._authHeaders()
|
|
475
|
+
},
|
|
476
|
+
body: JSON.stringify(payload)
|
|
477
|
+
});
|
|
478
|
+
if (!response.ok) {
|
|
479
|
+
const errorText = await response.text().catch(() => "Unknown error");
|
|
480
|
+
throw new TetherAPIError(
|
|
481
|
+
`Rotate key failed: ${response.status} ${response.statusText}`,
|
|
482
|
+
response.status,
|
|
483
|
+
errorText
|
|
484
|
+
);
|
|
485
|
+
}
|
|
486
|
+
return await response.json();
|
|
487
|
+
} catch (error) {
|
|
488
|
+
if (error instanceof TetherError) {
|
|
489
|
+
throw error;
|
|
490
|
+
}
|
|
491
|
+
throw new TetherAPIError(
|
|
492
|
+
`Failed to rotate agent key: ${error instanceof Error ? error.message : String(error)}`,
|
|
493
|
+
void 0,
|
|
494
|
+
void 0,
|
|
495
|
+
error instanceof Error ? error : void 0
|
|
496
|
+
);
|
|
497
|
+
}
|
|
498
|
+
}
|
|
499
|
+
/**
|
|
500
|
+
* Revoke an agent key with optional step-up auth.
|
|
501
|
+
*/
|
|
502
|
+
async revokeAgentKey(agentId, keyId, request = {}) {
|
|
503
|
+
this._requireApiKey();
|
|
504
|
+
try {
|
|
505
|
+
const payload = {
|
|
506
|
+
...request.reason ? { reason: request.reason } : {},
|
|
507
|
+
...request.stepUpCode ? { stepUpCode: request.stepUpCode } : {},
|
|
508
|
+
...request.challenge ? { challenge: request.challenge } : {},
|
|
509
|
+
...request.proof ? { proof: request.proof } : {}
|
|
510
|
+
};
|
|
511
|
+
const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys/${keyId}/revoke`, {
|
|
512
|
+
method: "POST",
|
|
513
|
+
headers: {
|
|
514
|
+
"Content-Type": "application/json",
|
|
515
|
+
...this._authHeaders()
|
|
516
|
+
},
|
|
517
|
+
body: JSON.stringify(payload)
|
|
518
|
+
});
|
|
519
|
+
if (!response.ok) {
|
|
520
|
+
const errorText = await response.text().catch(() => "Unknown error");
|
|
521
|
+
throw new TetherAPIError(
|
|
522
|
+
`Revoke key failed: ${response.status} ${response.statusText}`,
|
|
523
|
+
response.status,
|
|
524
|
+
errorText
|
|
525
|
+
);
|
|
526
|
+
}
|
|
527
|
+
return await response.json();
|
|
528
|
+
} catch (error) {
|
|
529
|
+
if (error instanceof TetherError) {
|
|
530
|
+
throw error;
|
|
531
|
+
}
|
|
532
|
+
throw new TetherAPIError(
|
|
533
|
+
`Failed to revoke agent key: ${error instanceof Error ? error.message : String(error)}`,
|
|
534
|
+
void 0,
|
|
535
|
+
void 0,
|
|
536
|
+
error instanceof Error ? error : void 0
|
|
537
|
+
);
|
|
538
|
+
}
|
|
539
|
+
}
|
|
388
540
|
};
|
|
389
541
|
export {
|
|
390
542
|
TetherAPIError,
|
package/dist/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/errors.ts","../src/crypto.ts","../src/client.ts"],"sourcesContent":["/**\n * Base error class for all Tether-related errors\n */\nexport class TetherError extends Error {\n constructor(message: string, public readonly cause?: Error) {\n super(message);\n this.name = 'TetherError';\n \n // Maintain proper stack trace for where our error was thrown (only available on V8)\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, TetherError);\n }\n }\n}\n\n/**\n * Error thrown when verification fails\n */\nexport class TetherVerificationError extends TetherError {\n constructor(message: string, cause?: Error) {\n super(message, cause);\n this.name = 'TetherVerificationError';\n }\n}\n\n/**\n * Error thrown when API requests fail\n */\nexport class TetherAPIError extends TetherError {\n constructor(\n message: string,\n public readonly status?: number,\n public readonly response?: string,\n cause?: Error\n ) {\n super(message, cause);\n this.name = 'TetherAPIError';\n }\n}","import { createSign, createPrivateKey, KeyObject } from 'crypto';\nimport { readFileSync } from 'fs';\nimport { TetherError } from './errors.js';\nimport type { KeyFormat } from './types.js';\n\n/**\n * Imports a DER-encoded private key, trying PKCS#8 first then PKCS#1.\n */\nfunction importDerKey(derData: Buffer): KeyObject {\n try {\n return createPrivateKey({ key: derData, format: 'der', type: 'pkcs8' });\n } catch {\n // PKCS#8 failed — try PKCS#1\n }\n try {\n return createPrivateKey({ key: derData, format: 'der', type: 'pkcs1' });\n } catch {\n // PKCS#1 also failed\n }\n throw new TetherError(\n 'Failed to load DER private key: data is not valid PKCS#8 or PKCS#1. ' +\n 'Ensure the file is an RSA private key in DER format.'\n );\n}\n\n/**\n * Loads a private key from various sources\n */\nexport function loadPrivateKey(options: {\n keyPath?: string;\n keyPem?: string;\n keyBuffer?: Buffer;\n}): KeyObject {\n const { keyPath, keyPem, keyBuffer } = options;\n\n try {\n if (keyPem) {\n // PEM string provided directly\n return createPrivateKey(keyPem);\n }\n\n if (keyBuffer) {\n // DER buffer provided directly\n return importDerKey(keyBuffer);\n }\n\n if (keyPath) {\n // Read from file - detect format by extension or content\n const keyData = readFileSync(keyPath);\n\n // Try to detect format\n if (keyPath.endsWith('.pem') || keyData.toString().includes('-----BEGIN')) {\n // PEM format\n return createPrivateKey(keyData);\n } else {\n // Assume DER format\n return importDerKey(keyData);\n }\n }\n\n throw new TetherError('No private key provided');\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherError(\n `Failed to load private key: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n}\n\n/**\n * Signs a challenge string using RSA-SHA256\n * Returns URL-safe base64 encoded signature (no padding)\n */\nexport function signChallenge(privateKey: KeyObject, challenge: string): string {\n try {\n const sign = createSign('SHA256');\n sign.update(challenge);\n sign.end();\n \n const signature = sign.sign(privateKey);\n \n // Convert to URL-safe base64 without padding\n return signature\n .toString('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '');\n } catch (error) {\n throw new TetherError(\n `Failed to sign challenge: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n}\n\n/**\n * Utility function to detect key format from file extension or content\n */\nexport function detectKeyFormat(keyPath: string): KeyFormat {\n if (keyPath.endsWith('.pem')) {\n return 'pem';\n }\n if (keyPath.endsWith('.der')) {\n return 'der';\n }\n \n // Try to read a small portion to detect format\n try {\n const keyData = readFileSync(keyPath, { encoding: 'utf8', flag: 'r' });\n if (keyData.includes('-----BEGIN')) {\n return 'pem';\n }\n } catch {\n // If we can't read as text, it's probably DER\n }\n \n return 'der';\n}","import { KeyObject } from 'crypto';\nimport { TetherError, TetherAPIError, TetherVerificationError } from './errors.js';\nimport { loadPrivateKey, signChallenge } from './crypto.js';\nimport type {\n TetherClientConfig,\n ChallengeResponse,\n Agent,\n IssueAgentResponse,\n VerificationRequest,\n VerificationResponse,\n VerificationResult\n} from './types.js';\n\n/**\n * TetherClient - Official SDK for tether.name agent identity verification\n */\nexport class TetherClient {\n private readonly agentId: string;\n private readonly privateKey: KeyObject | null;\n private readonly baseUrl: string;\n private readonly apiKey?: string;\n\n constructor(config: TetherClientConfig) {\n // Set base URL\n this.baseUrl = 'https://api.tether.name';\n\n // Get API key from config or environment\n this.apiKey = config.apiKey || process.env.TETHER_API_KEY;\n\n // Get agent ID from config or environment\n this.agentId = config.agentId || process.env.TETHER_AGENT_ID || '';\n\n // Load private key if key material is provided\n const keyPath = config.privateKeyPath || process.env.TETHER_PRIVATE_KEY_PATH;\n const hasKeyMaterial = keyPath || config.privateKeyPem || config.privateKeyBuffer;\n\n if (hasKeyMaterial) {\n this.privateKey = loadPrivateKey({\n keyPath,\n keyPem: config.privateKeyPem,\n keyBuffer: config.privateKeyBuffer\n });\n } else {\n this.privateKey = null;\n }\n\n // If no API key and no private key, agent ID and key are still needed for verify/sign\n // but we defer the error to when those methods are called\n if (!this.apiKey && !this.privateKey) {\n // Allow construction — errors thrown at method call time\n }\n\n if (!this.apiKey && !this.agentId) {\n // Allow construction — errors thrown at method call time\n }\n }\n\n /**\n * Returns authorization headers when an API key is configured\n */\n private _authHeaders(): Record<string, string> {\n if (this.apiKey) {\n return { 'Authorization': `Bearer ${this.apiKey}` };\n }\n return {};\n }\n\n /**\n * Ensures a private key is available, throwing if not\n */\n private _requirePrivateKey(): KeyObject {\n if (!this.privateKey) {\n throw new TetherError(\n 'Private key is required for this operation. Provide privateKeyPath, privateKeyPem, or privateKeyBuffer in config, or set TETHER_PRIVATE_KEY_PATH environment variable.'\n );\n }\n return this.privateKey;\n }\n\n /**\n * Ensures an API key is available, throwing if not\n */\n private _requireApiKey(): void {\n if (!this.apiKey) {\n throw new TetherError(\n 'API key is required for agent management operations. Provide apiKey in config or set TETHER_API_KEY environment variable.'\n );\n }\n }\n\n /**\n * Ensures an agent ID is available, throwing if not\n */\n private _requireAgentId(): string {\n if (!this.agentId) {\n throw new TetherError(\n 'Agent ID is required for this operation. Provide it in config or set TETHER_AGENT_ID environment variable.'\n );\n }\n return this.agentId;\n }\n\n /**\n * Request a challenge from the Tether API\n */\n async requestChallenge(): Promise<string> {\n try {\n const response = await fetch(`${this.baseUrl}/challenge`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Challenge request failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as ChallengeResponse;\n\n if (!data.code) {\n throw new TetherAPIError('Invalid challenge response: missing code');\n }\n\n return data.code;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to request challenge: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Sign a challenge string\n */\n sign(challenge: string): string {\n const key = this._requirePrivateKey();\n return signChallenge(key, challenge);\n }\n\n /**\n * Submit proof for a challenge\n */\n async submitProof(challenge: string, proof: string): Promise<VerificationResult> {\n const agentId = this._requireAgentId();\n\n try {\n const payload: VerificationRequest = {\n challenge,\n proof,\n agentId\n };\n\n const response = await fetch(`${this.baseUrl}/challenge/verify`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n },\n body: JSON.stringify(payload)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Verification failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as VerificationResponse;\n\n // Convert API response to our result format\n const registeredSince = typeof data.registeredSince === 'number'\n ? new Date(data.registeredSince).toISOString()\n : data.registeredSince;\n\n return {\n verified: data.valid,\n agentName: data.agentName,\n verifyUrl: data.verifyUrl,\n email: data.email,\n registeredSince,\n error: data.error,\n challenge\n };\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to submit proof: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Perform complete verification in one call\n */\n async verify(): Promise<VerificationResult> {\n try {\n const challenge = await this.requestChallenge();\n const proof = this.sign(challenge);\n const result = await this.submitProof(challenge, proof);\n\n if (!result.verified) {\n throw new TetherVerificationError(\n result.error || 'Verification failed for unknown reason'\n );\n }\n\n return result;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherVerificationError(\n `Verification failed: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Create a new agent\n */\n async createAgent(agentName: string, description: string = ''): Promise<Agent> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/issue`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...this._authHeaders()\n },\n body: JSON.stringify({ agentName, description })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Create agent failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as IssueAgentResponse;\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to create agent: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * List all agents\n */\n async listAgents(): Promise<Agent[]> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents`, {\n method: 'GET',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `List agents failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as Agent[];\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to list agents: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Delete an agent by ID\n */\n async deleteAgent(agentId: string): Promise<boolean> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/${agentId}`, {\n method: 'DELETE',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Delete agent failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return true;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to delete agent: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n}\n"],"mappings":";AAGO,IAAM,cAAN,MAAM,qBAAoB,MAAM;AAAA,EACrC,YAAY,SAAiC,OAAe;AAC1D,UAAM,OAAO;AAD8B;AAE3C,SAAK,OAAO;AAGZ,QAAI,MAAM,mBAAmB;AAC3B,YAAM,kBAAkB,MAAM,YAAW;AAAA,IAC3C;AAAA,EACF;AACF;AAKO,IAAM,0BAAN,cAAsC,YAAY;AAAA,EACvD,YAAY,SAAiB,OAAe;AAC1C,UAAM,SAAS,KAAK;AACpB,SAAK,OAAO;AAAA,EACd;AACF;AAKO,IAAM,iBAAN,cAA6B,YAAY;AAAA,EAC9C,YACE,SACgB,QACA,UAChB,OACA;AACA,UAAM,SAAS,KAAK;AAJJ;AACA;AAIhB,SAAK,OAAO;AAAA,EACd;AACF;;;ACtCA,SAAS,YAAY,wBAAmC;AACxD,SAAS,oBAAoB;AAO7B,SAAS,aAAa,SAA4B;AAChD,MAAI;AACF,WAAO,iBAAiB,EAAE,KAAK,SAAS,QAAQ,OAAO,MAAM,QAAQ,CAAC;AAAA,EACxE,QAAQ;AAAA,EAER;AACA,MAAI;AACF,WAAO,iBAAiB,EAAE,KAAK,SAAS,QAAQ,OAAO,MAAM,QAAQ,CAAC;AAAA,EACxE,QAAQ;AAAA,EAER;AACA,QAAM,IAAI;AAAA,IACR;AAAA,EAEF;AACF;AAKO,SAAS,eAAe,SAIjB;AACZ,QAAM,EAAE,SAAS,QAAQ,UAAU,IAAI;AAEvC,MAAI;AACF,QAAI,QAAQ;AAEV,aAAO,iBAAiB,MAAM;AAAA,IAChC;AAEA,QAAI,WAAW;AAEb,aAAO,aAAa,SAAS;AAAA,IAC/B;AAEA,QAAI,SAAS;AAEX,YAAM,UAAU,aAAa,OAAO;AAGpC,UAAI,QAAQ,SAAS,MAAM,KAAK,QAAQ,SAAS,EAAE,SAAS,YAAY,GAAG;AAEzE,eAAO,iBAAiB,OAAO;AAAA,MACjC,OAAO;AAEL,eAAO,aAAa,OAAO;AAAA,MAC7B;AAAA,IACF;AAEA,UAAM,IAAI,YAAY,yBAAyB;AAAA,EACjD,SAAS,OAAO;AACd,QAAI,iBAAiB,aAAa;AAChC,YAAM;AAAA,IACR;AACA,UAAM,IAAI;AAAA,MACR,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,MACrF,iBAAiB,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACF;AACF;AAMO,SAAS,cAAc,YAAuB,WAA2B;AAC9E,MAAI;AACF,UAAM,OAAO,WAAW,QAAQ;AAChC,SAAK,OAAO,SAAS;AACrB,SAAK,IAAI;AAET,UAAM,YAAY,KAAK,KAAK,UAAU;AAGtC,WAAO,UACJ,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AAAA,EACrB,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,6BAA6B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,MACnF,iBAAiB,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACF;AACF;AAKO,SAAS,gBAAgB,SAA4B;AAC1D,MAAI,QAAQ,SAAS,MAAM,GAAG;AAC5B,WAAO;AAAA,EACT;AACA,MAAI,QAAQ,SAAS,MAAM,GAAG;AAC5B,WAAO;AAAA,EACT;AAGA,MAAI;AACF,UAAM,UAAU,aAAa,SAAS,EAAE,UAAU,QAAQ,MAAM,IAAI,CAAC;AACrE,QAAI,QAAQ,SAAS,YAAY,GAAG;AAClC,aAAO;AAAA,IACT;AAAA,EACF,QAAQ;AAAA,EAER;AAEA,SAAO;AACT;;;ACxGO,IAAM,eAAN,MAAmB;AAAA,EACP;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,QAA4B;AAEtC,SAAK,UAAU;AAGf,SAAK,SAAS,OAAO,UAAU,QAAQ,IAAI;AAG3C,SAAK,UAAU,OAAO,WAAW,QAAQ,IAAI,mBAAmB;AAGhE,UAAM,UAAU,OAAO,kBAAkB,QAAQ,IAAI;AACrD,UAAM,iBAAiB,WAAW,OAAO,iBAAiB,OAAO;AAEjE,QAAI,gBAAgB;AAClB,WAAK,aAAa,eAAe;AAAA,QAC/B;AAAA,QACA,QAAQ,OAAO;AAAA,QACf,WAAW,OAAO;AAAA,MACpB,CAAC;AAAA,IACH,OAAO;AACL,WAAK,aAAa;AAAA,IACpB;AAIA,QAAI,CAAC,KAAK,UAAU,CAAC,KAAK,YAAY;AAAA,IAEtC;AAEA,QAAI,CAAC,KAAK,UAAU,CAAC,KAAK,SAAS;AAAA,IAEnC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAuC;AAC7C,QAAI,KAAK,QAAQ;AACf,aAAO,EAAE,iBAAiB,UAAU,KAAK,MAAM,GAAG;AAAA,IACpD;AACA,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAKQ,qBAAgC;AACtC,QAAI,CAAC,KAAK,YAAY;AACpB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKQ,iBAAuB;AAC7B,QAAI,CAAC,KAAK,QAAQ;AAChB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAA0B;AAChC,QAAI,CAAC,KAAK,SAAS;AACjB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBAAoC;AACxC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,cAAc;AAAA,QACxD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,6BAA6B,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UACnE,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,UAAI,CAAC,KAAK,MAAM;AACd,cAAM,IAAI,eAAe,0CAA0C;AAAA,MACrE;AAEA,aAAO,KAAK;AAAA,IACd,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,gCAAgC,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACtF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,WAA2B;AAC9B,UAAM,MAAM,KAAK,mBAAmB;AACpC,WAAO,cAAc,KAAK,SAAS;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,WAAmB,OAA4C;AAC/E,UAAM,UAAU,KAAK,gBAAgB;AAErC,QAAI;AACF,YAAM,UAA+B;AAAA,QACnC;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEA,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,qBAAqB;AAAA,QAC/D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AAGjC,YAAM,kBAAkB,OAAO,KAAK,oBAAoB,WACpD,IAAI,KAAK,KAAK,eAAe,EAAE,YAAY,IAC3C,KAAK;AAET,aAAO;AAAA,QACL,UAAU,KAAK;AAAA,QACf,WAAW,KAAK;AAAA,QAChB,WAAW,KAAK;AAAA,QAChB,OAAO,KAAK;AAAA,QACZ;AAAA,QACA,OAAO,KAAK;AAAA,QACZ;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAsC;AAC1C,QAAI;AACF,YAAM,YAAY,MAAM,KAAK,iBAAiB;AAC9C,YAAM,QAAQ,KAAK,KAAK,SAAS;AACjC,YAAM,SAAS,MAAM,KAAK,YAAY,WAAW,KAAK;AAEtD,UAAI,CAAC,OAAO,UAAU;AACpB,cAAM,IAAI;AAAA,UACR,OAAO,SAAS;AAAA,QAClB;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,wBAAwB,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QAC9E,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,WAAmB,cAAsB,IAAoB;AAC7E,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,iBAAiB;AAAA,QAC3D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,WAAW,YAAY,CAAC;AAAA,MACjD,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAA+B;AACnC,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW;AAAA,QACrD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,uBAAuB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC7D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,0BAA0B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QAChF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAmC;AACnD,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,IAAI;AAAA,QAChE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AACF;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../src/errors.ts","../src/crypto.ts","../src/client.ts"],"sourcesContent":["/**\n * Base error class for all Tether-related errors\n */\nexport class TetherError extends Error {\n constructor(message: string, public readonly cause?: Error) {\n super(message);\n this.name = 'TetherError';\n \n // Maintain proper stack trace for where our error was thrown (only available on V8)\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, TetherError);\n }\n }\n}\n\n/**\n * Error thrown when verification fails\n */\nexport class TetherVerificationError extends TetherError {\n constructor(message: string, cause?: Error) {\n super(message, cause);\n this.name = 'TetherVerificationError';\n }\n}\n\n/**\n * Error thrown when API requests fail\n */\nexport class TetherAPIError extends TetherError {\n constructor(\n message: string,\n public readonly status?: number,\n public readonly response?: string,\n cause?: Error\n ) {\n super(message, cause);\n this.name = 'TetherAPIError';\n }\n}","import { createSign, createPrivateKey, KeyObject } from 'crypto';\nimport { readFileSync } from 'fs';\nimport { TetherError } from './errors.js';\nimport type { KeyFormat } from './types.js';\n\n/**\n * Imports a DER-encoded private key, trying PKCS#8 first then PKCS#1.\n */\nfunction importDerKey(derData: Buffer): KeyObject {\n try {\n return createPrivateKey({ key: derData, format: 'der', type: 'pkcs8' });\n } catch {\n // PKCS#8 failed — try PKCS#1\n }\n try {\n return createPrivateKey({ key: derData, format: 'der', type: 'pkcs1' });\n } catch {\n // PKCS#1 also failed\n }\n throw new TetherError(\n 'Failed to load DER private key: data is not valid PKCS#8 or PKCS#1. ' +\n 'Ensure the file is an RSA private key in DER format.'\n );\n}\n\n/**\n * Loads a private key from various sources\n */\nexport function loadPrivateKey(options: {\n keyPath?: string;\n keyPem?: string;\n keyBuffer?: Buffer;\n}): KeyObject {\n const { keyPath, keyPem, keyBuffer } = options;\n\n try {\n if (keyPem) {\n // PEM string provided directly\n return createPrivateKey(keyPem);\n }\n\n if (keyBuffer) {\n // DER buffer provided directly\n return importDerKey(keyBuffer);\n }\n\n if (keyPath) {\n // Read from file - detect format by extension or content\n const keyData = readFileSync(keyPath);\n\n // Try to detect format\n if (keyPath.endsWith('.pem') || keyData.toString().includes('-----BEGIN')) {\n // PEM format\n return createPrivateKey(keyData);\n } else {\n // Assume DER format\n return importDerKey(keyData);\n }\n }\n\n throw new TetherError('No private key provided');\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherError(\n `Failed to load private key: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n}\n\n/**\n * Signs a challenge string using RSA-SHA256\n * Returns URL-safe base64 encoded signature (no padding)\n */\nexport function signChallenge(privateKey: KeyObject, challenge: string): string {\n try {\n const sign = createSign('SHA256');\n sign.update(challenge);\n sign.end();\n \n const signature = sign.sign(privateKey);\n \n // Convert to URL-safe base64 without padding\n return signature\n .toString('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '');\n } catch (error) {\n throw new TetherError(\n `Failed to sign challenge: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n}\n\n/**\n * Utility function to detect key format from file extension or content\n */\nexport function detectKeyFormat(keyPath: string): KeyFormat {\n if (keyPath.endsWith('.pem')) {\n return 'pem';\n }\n if (keyPath.endsWith('.der')) {\n return 'der';\n }\n \n // Try to read a small portion to detect format\n try {\n const keyData = readFileSync(keyPath, { encoding: 'utf8', flag: 'r' });\n if (keyData.includes('-----BEGIN')) {\n return 'pem';\n }\n } catch {\n // If we can't read as text, it's probably DER\n }\n \n return 'der';\n}","import { KeyObject } from 'crypto';\nimport { TetherError, TetherAPIError, TetherVerificationError } from './errors.js';\nimport { loadPrivateKey, signChallenge } from './crypto.js';\nimport type {\n TetherClientConfig,\n ChallengeResponse,\n Agent,\n Domain,\n IssueAgentResponse,\n VerificationRequest,\n VerificationResponse,\n VerificationResult,\n AgentKey,\n RotateAgentKeyRequest,\n RotateAgentKeyResponse,\n RevokeAgentKeyRequest,\n RevokeAgentKeyResponse\n} from './types.js';\n\n/**\n * TetherClient - Official SDK for tether.name agent identity verification\n */\nexport class TetherClient {\n private readonly agentId: string;\n private readonly privateKey: KeyObject | null;\n private readonly baseUrl: string;\n private readonly apiKey?: string;\n\n constructor(config: TetherClientConfig) {\n // Set base URL\n this.baseUrl = 'https://api.tether.name';\n\n // Get API key from config or environment\n this.apiKey = config.apiKey || process.env.TETHER_API_KEY;\n\n // Get agent ID from config or environment\n this.agentId = config.agentId || process.env.TETHER_AGENT_ID || '';\n\n // Load private key if key material is provided\n const keyPath = config.privateKeyPath || process.env.TETHER_PRIVATE_KEY_PATH;\n const hasKeyMaterial = keyPath || config.privateKeyPem || config.privateKeyBuffer;\n\n if (hasKeyMaterial) {\n this.privateKey = loadPrivateKey({\n keyPath,\n keyPem: config.privateKeyPem,\n keyBuffer: config.privateKeyBuffer\n });\n } else {\n this.privateKey = null;\n }\n\n // If no API key and no private key, agent ID and key are still needed for verify/sign\n // but we defer the error to when those methods are called\n if (!this.apiKey && !this.privateKey) {\n // Allow construction — errors thrown at method call time\n }\n\n if (!this.apiKey && !this.agentId) {\n // Allow construction — errors thrown at method call time\n }\n }\n\n /**\n * Returns authorization headers when an API key is configured\n */\n private _authHeaders(): Record<string, string> {\n if (this.apiKey) {\n return { 'Authorization': `Bearer ${this.apiKey}` };\n }\n return {};\n }\n\n /**\n * Ensures a private key is available, throwing if not\n */\n private _requirePrivateKey(): KeyObject {\n if (!this.privateKey) {\n throw new TetherError(\n 'Private key is required for this operation. Provide privateKeyPath, privateKeyPem, or privateKeyBuffer in config, or set TETHER_PRIVATE_KEY_PATH environment variable.'\n );\n }\n return this.privateKey;\n }\n\n /**\n * Ensures an API key is available, throwing if not\n */\n private _requireApiKey(): void {\n if (!this.apiKey) {\n throw new TetherError(\n 'API key is required for agent management operations. Provide apiKey in config or set TETHER_API_KEY environment variable.'\n );\n }\n }\n\n /**\n * Ensures an agent ID is available, throwing if not\n */\n private _requireAgentId(): string {\n if (!this.agentId) {\n throw new TetherError(\n 'Agent ID is required for this operation. Provide it in config or set TETHER_AGENT_ID environment variable.'\n );\n }\n return this.agentId;\n }\n\n /**\n * Request a challenge from the Tether API\n */\n async requestChallenge(): Promise<string> {\n try {\n const response = await fetch(`${this.baseUrl}/challenge`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Challenge request failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as ChallengeResponse;\n\n if (!data.code) {\n throw new TetherAPIError('Invalid challenge response: missing code');\n }\n\n return data.code;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to request challenge: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Sign a challenge string\n */\n sign(challenge: string): string {\n const key = this._requirePrivateKey();\n return signChallenge(key, challenge);\n }\n\n /**\n * Submit proof for a challenge\n */\n async submitProof(challenge: string, proof: string): Promise<VerificationResult> {\n const agentId = this._requireAgentId();\n\n try {\n const payload: VerificationRequest = {\n challenge,\n proof,\n agentId\n };\n\n const response = await fetch(`${this.baseUrl}/challenge/verify`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n },\n body: JSON.stringify(payload)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Verification failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as VerificationResponse;\n\n // Convert API response to our result format\n const registeredSince = typeof data.registeredSince === 'number'\n ? new Date(data.registeredSince).toISOString()\n : data.registeredSince;\n\n return {\n verified: data.valid,\n agentName: data.agentName,\n verifyUrl: data.verifyUrl,\n email: data.email,\n domain: data.domain,\n registeredSince,\n error: data.error,\n challenge\n };\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to submit proof: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Perform complete verification in one call\n */\n async verify(): Promise<VerificationResult> {\n try {\n const challenge = await this.requestChallenge();\n const proof = this.sign(challenge);\n const result = await this.submitProof(challenge, proof);\n\n if (!result.verified) {\n throw new TetherVerificationError(\n result.error || 'Verification failed for unknown reason'\n );\n }\n\n return result;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherVerificationError(\n `Verification failed: ${error instanceof Error ? error.message : String(error)}`,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Create a new agent\n */\n async createAgent(agentName: string, description: string = '', domainId?: string): Promise<Agent> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/issue`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...this._authHeaders()\n },\n body: JSON.stringify({ agentName, description, ...(domainId ? { domainId } : {}) })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Create agent failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as IssueAgentResponse;\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to create agent: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * List all agents\n */\n async listAgents(): Promise<Agent[]> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents`, {\n method: 'GET',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `List agents failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as Agent[];\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to list agents: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * List all registered domains\n */\n async listDomains(): Promise<Domain[]> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/domains`, {\n method: 'GET',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `List domains failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n const data = await response.json() as Domain[];\n return data;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to list domains: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Delete an agent by ID\n */\n async deleteAgent(agentId: string): Promise<boolean> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/${agentId}`, {\n method: 'DELETE',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Delete agent failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return true;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to delete agent: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * List key lifecycle entries for an agent.\n */\n async listAgentKeys(agentId: string): Promise<AgentKey[]> {\n this._requireApiKey();\n try {\n const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys`, {\n method: 'GET',\n headers: {\n ...this._authHeaders()\n }\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `List agent keys failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return await response.json() as AgentKey[];\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to list agent keys: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Rotate an agent key with optional step-up auth.\n */\n async rotateAgentKey(agentId: string, request: RotateAgentKeyRequest): Promise<RotateAgentKeyResponse> {\n this._requireApiKey();\n try {\n const payload: RotateAgentKeyRequest = {\n publicKey: request.publicKey,\n ...(request.gracePeriodHours !== undefined ? { gracePeriodHours: request.gracePeriodHours } : {}),\n ...(request.reason ? { reason: request.reason } : {}),\n ...(request.stepUpCode ? { stepUpCode: request.stepUpCode } : {}),\n ...(request.challenge ? { challenge: request.challenge } : {}),\n ...(request.proof ? { proof: request.proof } : {}),\n };\n\n const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys/rotate`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...this._authHeaders()\n },\n body: JSON.stringify(payload)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Rotate key failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return await response.json() as RotateAgentKeyResponse;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to rotate agent key: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n\n /**\n * Revoke an agent key with optional step-up auth.\n */\n async revokeAgentKey(agentId: string, keyId: string, request: RevokeAgentKeyRequest = {}): Promise<RevokeAgentKeyResponse> {\n this._requireApiKey();\n try {\n const payload: RevokeAgentKeyRequest = {\n ...(request.reason ? { reason: request.reason } : {}),\n ...(request.stepUpCode ? { stepUpCode: request.stepUpCode } : {}),\n ...(request.challenge ? { challenge: request.challenge } : {}),\n ...(request.proof ? { proof: request.proof } : {}),\n };\n\n const response = await fetch(`${this.baseUrl}/agents/${agentId}/keys/${keyId}/revoke`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...this._authHeaders()\n },\n body: JSON.stringify(payload)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Unknown error');\n throw new TetherAPIError(\n `Revoke key failed: ${response.status} ${response.statusText}`,\n response.status,\n errorText\n );\n }\n\n return await response.json() as RevokeAgentKeyResponse;\n } catch (error) {\n if (error instanceof TetherError) {\n throw error;\n }\n throw new TetherAPIError(\n `Failed to revoke agent key: ${error instanceof Error ? error.message : String(error)}`,\n undefined,\n undefined,\n error instanceof Error ? error : undefined\n );\n }\n }\n}\n\n"],"mappings":";AAGO,IAAM,cAAN,MAAM,qBAAoB,MAAM;AAAA,EACrC,YAAY,SAAiC,OAAe;AAC1D,UAAM,OAAO;AAD8B;AAE3C,SAAK,OAAO;AAGZ,QAAI,MAAM,mBAAmB;AAC3B,YAAM,kBAAkB,MAAM,YAAW;AAAA,IAC3C;AAAA,EACF;AACF;AAKO,IAAM,0BAAN,cAAsC,YAAY;AAAA,EACvD,YAAY,SAAiB,OAAe;AAC1C,UAAM,SAAS,KAAK;AACpB,SAAK,OAAO;AAAA,EACd;AACF;AAKO,IAAM,iBAAN,cAA6B,YAAY;AAAA,EAC9C,YACE,SACgB,QACA,UAChB,OACA;AACA,UAAM,SAAS,KAAK;AAJJ;AACA;AAIhB,SAAK,OAAO;AAAA,EACd;AACF;;;ACtCA,SAAS,YAAY,wBAAmC;AACxD,SAAS,oBAAoB;AAO7B,SAAS,aAAa,SAA4B;AAChD,MAAI;AACF,WAAO,iBAAiB,EAAE,KAAK,SAAS,QAAQ,OAAO,MAAM,QAAQ,CAAC;AAAA,EACxE,QAAQ;AAAA,EAER;AACA,MAAI;AACF,WAAO,iBAAiB,EAAE,KAAK,SAAS,QAAQ,OAAO,MAAM,QAAQ,CAAC;AAAA,EACxE,QAAQ;AAAA,EAER;AACA,QAAM,IAAI;AAAA,IACR;AAAA,EAEF;AACF;AAKO,SAAS,eAAe,SAIjB;AACZ,QAAM,EAAE,SAAS,QAAQ,UAAU,IAAI;AAEvC,MAAI;AACF,QAAI,QAAQ;AAEV,aAAO,iBAAiB,MAAM;AAAA,IAChC;AAEA,QAAI,WAAW;AAEb,aAAO,aAAa,SAAS;AAAA,IAC/B;AAEA,QAAI,SAAS;AAEX,YAAM,UAAU,aAAa,OAAO;AAGpC,UAAI,QAAQ,SAAS,MAAM,KAAK,QAAQ,SAAS,EAAE,SAAS,YAAY,GAAG;AAEzE,eAAO,iBAAiB,OAAO;AAAA,MACjC,OAAO;AAEL,eAAO,aAAa,OAAO;AAAA,MAC7B;AAAA,IACF;AAEA,UAAM,IAAI,YAAY,yBAAyB;AAAA,EACjD,SAAS,OAAO;AACd,QAAI,iBAAiB,aAAa;AAChC,YAAM;AAAA,IACR;AACA,UAAM,IAAI;AAAA,MACR,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,MACrF,iBAAiB,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACF;AACF;AAMO,SAAS,cAAc,YAAuB,WAA2B;AAC9E,MAAI;AACF,UAAM,OAAO,WAAW,QAAQ;AAChC,SAAK,OAAO,SAAS;AACrB,SAAK,IAAI;AAET,UAAM,YAAY,KAAK,KAAK,UAAU;AAGtC,WAAO,UACJ,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AAAA,EACrB,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,6BAA6B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,MACnF,iBAAiB,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACF;AACF;AAKO,SAAS,gBAAgB,SAA4B;AAC1D,MAAI,QAAQ,SAAS,MAAM,GAAG;AAC5B,WAAO;AAAA,EACT;AACA,MAAI,QAAQ,SAAS,MAAM,GAAG;AAC5B,WAAO;AAAA,EACT;AAGA,MAAI;AACF,UAAM,UAAU,aAAa,SAAS,EAAE,UAAU,QAAQ,MAAM,IAAI,CAAC;AACrE,QAAI,QAAQ,SAAS,YAAY,GAAG;AAClC,aAAO;AAAA,IACT;AAAA,EACF,QAAQ;AAAA,EAER;AAEA,SAAO;AACT;;;AClGO,IAAM,eAAN,MAAmB;AAAA,EACP;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,QAA4B;AAEtC,SAAK,UAAU;AAGf,SAAK,SAAS,OAAO,UAAU,QAAQ,IAAI;AAG3C,SAAK,UAAU,OAAO,WAAW,QAAQ,IAAI,mBAAmB;AAGhE,UAAM,UAAU,OAAO,kBAAkB,QAAQ,IAAI;AACrD,UAAM,iBAAiB,WAAW,OAAO,iBAAiB,OAAO;AAEjE,QAAI,gBAAgB;AAClB,WAAK,aAAa,eAAe;AAAA,QAC/B;AAAA,QACA,QAAQ,OAAO;AAAA,QACf,WAAW,OAAO;AAAA,MACpB,CAAC;AAAA,IACH,OAAO;AACL,WAAK,aAAa;AAAA,IACpB;AAIA,QAAI,CAAC,KAAK,UAAU,CAAC,KAAK,YAAY;AAAA,IAEtC;AAEA,QAAI,CAAC,KAAK,UAAU,CAAC,KAAK,SAAS;AAAA,IAEnC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAuC;AAC7C,QAAI,KAAK,QAAQ;AACf,aAAO,EAAE,iBAAiB,UAAU,KAAK,MAAM,GAAG;AAAA,IACpD;AACA,WAAO,CAAC;AAAA,EACV;AAAA;AAAA;AAAA;AAAA,EAKQ,qBAAgC;AACtC,QAAI,CAAC,KAAK,YAAY;AACpB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKQ,iBAAuB;AAC7B,QAAI,CAAC,KAAK,QAAQ;AAChB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAA0B;AAChC,QAAI,CAAC,KAAK,SAAS;AACjB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBAAoC;AACxC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,cAAc;AAAA,QACxD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,6BAA6B,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UACnE,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,UAAI,CAAC,KAAK,MAAM;AACd,cAAM,IAAI,eAAe,0CAA0C;AAAA,MACrE;AAEA,aAAO,KAAK;AAAA,IACd,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,gCAAgC,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACtF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,WAA2B;AAC9B,UAAM,MAAM,KAAK,mBAAmB;AACpC,WAAO,cAAc,KAAK,SAAS;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,WAAmB,OAA4C;AAC/E,UAAM,UAAU,KAAK,gBAAgB;AAErC,QAAI;AACF,YAAM,UAA+B;AAAA,QACnC;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEA,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,qBAAqB;AAAA,QAC/D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AAGjC,YAAM,kBAAkB,OAAO,KAAK,oBAAoB,WACpD,IAAI,KAAK,KAAK,eAAe,EAAE,YAAY,IAC3C,KAAK;AAET,aAAO;AAAA,QACL,UAAU,KAAK;AAAA,QACf,WAAW,KAAK;AAAA,QAChB,WAAW,KAAK;AAAA,QAChB,OAAO,KAAK;AAAA,QACZ,QAAQ,KAAK;AAAA,QACb;AAAA,QACA,OAAO,KAAK;AAAA,QACZ;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAsC;AAC1C,QAAI;AACF,YAAM,YAAY,MAAM,KAAK,iBAAiB;AAC9C,YAAM,QAAQ,KAAK,KAAK,SAAS;AACjC,YAAM,SAAS,MAAM,KAAK,YAAY,WAAW,KAAK;AAEtD,UAAI,CAAC,OAAO,UAAU;AACpB,cAAM,IAAI;AAAA,UACR,OAAO,SAAS;AAAA,QAClB;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,wBAAwB,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QAC9E,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,WAAmB,cAAsB,IAAI,UAAmC;AAChG,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,iBAAiB;AAAA,QAC3D,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,WAAW,aAAa,GAAI,WAAW,EAAE,SAAS,IAAI,CAAC,EAAG,CAAC;AAAA,MACpF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAA+B;AACnC,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW;AAAA,QACrD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,uBAAuB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC7D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,0BAA0B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QAChF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,cAAiC;AACrC,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,YAAY;AAAA,QACtD,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAmC;AACnD,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,IAAI;AAAA,QAChE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,wBAAwB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC9D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,cAAc,SAAsC;AACxD,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,SAAS;AAAA,QACrE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,MACF,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,2BAA2B,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UACjE,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO,MAAM,SAAS,KAAK;AAAA,IAC7B,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,8BAA8B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACpF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eAAe,SAAiB,SAAiE;AACrG,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,UAAiC;AAAA,QACrC,WAAW,QAAQ;AAAA,QACnB,GAAI,QAAQ,qBAAqB,SAAY,EAAE,kBAAkB,QAAQ,iBAAiB,IAAI,CAAC;AAAA,QAC/F,GAAI,QAAQ,SAAS,EAAE,QAAQ,QAAQ,OAAO,IAAI,CAAC;AAAA,QACnD,GAAI,QAAQ,aAAa,EAAE,YAAY,QAAQ,WAAW,IAAI,CAAC;AAAA,QAC/D,GAAI,QAAQ,YAAY,EAAE,WAAW,QAAQ,UAAU,IAAI,CAAC;AAAA,QAC5D,GAAI,QAAQ,QAAQ,EAAE,OAAO,QAAQ,MAAM,IAAI,CAAC;AAAA,MAClD;AAEA,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,gBAAgB;AAAA,QAC5E,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,sBAAsB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC5D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO,MAAM,SAAS,KAAK;AAAA,IAC7B,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACrF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eAAe,SAAiB,OAAe,UAAiC,CAAC,GAAoC;AACzH,SAAK,eAAe;AACpB,QAAI;AACF,YAAM,UAAiC;AAAA,QACrC,GAAI,QAAQ,SAAS,EAAE,QAAQ,QAAQ,OAAO,IAAI,CAAC;AAAA,QACnD,GAAI,QAAQ,aAAa,EAAE,YAAY,QAAQ,WAAW,IAAI,CAAC;AAAA,QAC/D,GAAI,QAAQ,YAAY,EAAE,WAAW,QAAQ,UAAU,IAAI,CAAC;AAAA,QAC5D,GAAI,QAAQ,QAAQ,EAAE,OAAO,QAAQ,MAAM,IAAI,CAAC;AAAA,MAClD;AAEA,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,WAAW,OAAO,SAAS,KAAK,WAAW;AAAA,QACrF,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAG,KAAK,aAAa;AAAA,QACvB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,cAAM,IAAI;AAAA,UACR,sBAAsB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,UAC5D,SAAS;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAEA,aAAO,MAAM,SAAS,KAAK;AAAA,IAC7B,SAAS,OAAO;AACd,UAAI,iBAAiB,aAAa;AAChC,cAAM;AAAA,MACR;AACA,YAAM,IAAI;AAAA,QACR,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACrF;AAAA,QACA;AAAA,QACA,iBAAiB,QAAQ,QAAQ;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AACF;","names":[]}
|