web-agent-bridge 2.4.0 → 2.6.0

package/server/registry/certification.js

@@ -0,0 +1,271 @@
+'use strict';
+
+/**
+ * Agent Certification System
+ *
+ * Verifies that sites are agent-compatible, issues badges/certificates,
+ * and enforces compliance checks for the WAP ecosystem.
+ */
+
+const crypto = require('crypto');
+const { bus } = require('../runtime/event-bus');
+
+const CertLevel = {
+  NONE: 'none',
+  BASIC: 'basic',         // Has WAB script, basic commands exposed
+  STANDARD: 'standard',   // Structured data, capability negotiation
+  PREMIUM: 'premium',     // Full WAP support, semantic actions, discovery
+  SOVEREIGN: 'sovereign', // P2P, no intermediary, full protocol
+};
+
+class CertificationEngine {
+  constructor() {
+    this._certificates = new Map();    // domain → Certificate
+    this._checks = this._defaultChecks();
+  }
+
+  /**
+   * Verify a site's agent compatibility
+   */
+  async verify(domain, probeData = {}) {
+    const result = {
+      domain,
+      timestamp: Date.now(),
+      level: CertLevel.NONE,
+      checks: [],
+      score: 0,
+      maxScore: 0,
+      badge: null,
+      expiresAt: null,
+    };
+
+    // Run all checks
+    for (const check of this._checks) {
+      result.maxScore += check.weight;
+      const checkResult = {
+        name: check.name,
+        category: check.category,
+        weight: check.weight,
+        passed: false,
+        details: null,
+      };
+
+      try {
+        const passed = check.test(probeData);
+        checkResult.passed = passed;
+        if (passed) result.score += check.weight;
+      } catch (err) {
+        checkResult.details = err.message;
+      }
+
+      result.checks.push(checkResult);
+    }
+
+    // Determine certification level
+    const ratio = result.maxScore > 0 ? result.score / result.maxScore : 0;
+    if (ratio >= 0.9) result.level = CertLevel.SOVEREIGN;
+    else if (ratio >= 0.7) result.level = CertLevel.PREMIUM;
+    else if (ratio >= 0.5) result.level = CertLevel.STANDARD;
+    else if (ratio >= 0.25) result.level = CertLevel.BASIC;
+
+    // Generate certificate if passes basic
+    if (result.level !== CertLevel.NONE) {
+      const cert = this._issueCertificate(domain, result);
+      result.badge = cert.badge;
+      result.expiresAt = cert.expiresAt;
+      result.certificateId = cert.id;
+    }
+
+    bus.emit('certification.verified', {
+      domain,
+      level: result.level,
+      score: result.score,
+      maxScore: result.maxScore,
+    });
+
+    return result;
+  }
+
+  /**
+   * Get certificate for a domain
+   */
+  getCertificate(domain) {
+    const cert = this._certificates.get(domain);
+    if (!cert) return null;
+    if (cert.expiresAt < Date.now()) {
+      this._certificates.delete(domain);
+      return null;
+    }
+    return cert;
+  }
+
+  /**
+   * List all active certificates
+   */
+  listCertificates(filters = {}, limit = 50) {
+    const now = Date.now();
+    let certs = Array.from(this._certificates.values()).filter(c => c.expiresAt >= now);
+
+    if (filters.level) certs = certs.filter(c => c.level === filters.level);
+    if (filters.minScore) certs = certs.filter(c => c.score >= filters.minScore);
+
+    return certs.slice(0, limit).map(c => ({
+      id: c.id,
+      domain: c.domain,
+      level: c.level,
+      score: c.score,
+      maxScore: c.maxScore,
+      issuedAt: c.issuedAt,
+      expiresAt: c.expiresAt,
+      badge: c.badge,
+    }));
+  }
+
+  /**
+   * Revoke a certificate
+   */
+  revoke(domain) {
+    this._certificates.delete(domain);
+    bus.emit('certification.revoked', { domain });
+  }
+
+  /**
+   * Get badge URL for a certification level
+   */
+  getBadge(level) {
+    return `/badge/agent-${level}.svg`;
+  }
+
+  getStats() {
+    return {
+      totalCertificates: this._certificates.size,
+      byLevel: this._countByLevel(),
+      checks: this._checks.length,
+    };
+  }
+
+  // ── Internal ──
+
+  _issueCertificate(domain, result) {
+    const id = `cert_${crypto.randomBytes(8).toString('hex')}`;
+    const cert = {
+      id,
+      domain,
+      level: result.level,
+      score: result.score,
+      maxScore: result.maxScore,
+      checks: result.checks.map(c => ({ name: c.name, passed: c.passed })),
+      issuedAt: Date.now(),
+      expiresAt: Date.now() + 90 * 24 * 3600_000,  // 90 days
+      badge: this.getBadge(result.level),
+      signature: this._signCertificate(id, domain, result.level),
+    };
+
+    this._certificates.set(domain, cert);
+    return cert;
+  }
+
+  _signCertificate(id, domain, level) {
+    const secret = process.env.WAB_CERT_SECRET || 'wab-certification-key';
+    return crypto
+      .createHmac('sha256', secret)
+      .update(`${id}:${domain}:${level}`)
+      .digest('hex')
+      .slice(0, 32);
+  }
+
+  _countByLevel() {
+    const counts = {};
+    for (const cert of this._certificates.values()) {
+      counts[cert.level] = (counts[cert.level] || 0) + 1;
+    }
+    return counts;
+  }
+
+  _defaultChecks() {
+    return [
+      {
+        name: 'wab_script_present',
+        category: 'integration',
+        weight: 10,
+        test: (data) => !!(data.hasWABScript || data.wabVersion),
+      },
+      {
+        name: 'well_known_discovery',
+        category: 'protocol',
+        weight: 10,
+        test: (data) => !!(data.wellKnown || data.agentToolsJson),
+      },
+      {
+        name: 'structured_metadata',
+        category: 'data',
+        weight: 8,
+        test: (data) => !!(data.jsonLd || data.structuredData || data.openGraph),
+      },
+      {
+        name: 'semantic_actions',
+        category: 'protocol',
+        weight: 10,
+        test: (data) => !!(data.semanticActions && data.semanticActions.length > 0),
+      },
+      {
+        name: 'capability_negotiation',
+        category: 'security',
+        weight: 10,
+        test: (data) => !!data.capabilityNegotiation,
+      },
+      {
+        name: 'command_schema',
+        category: 'protocol',
+        weight: 8,
+        test: (data) => !!(data.commands && data.commands.length > 0),
+      },
+      {
+        name: 'https_enabled',
+        category: 'security',
+        weight: 5,
+        test: (data) => data.https !== false,
+      },
+      {
+        name: 'cors_agent_friendly',
+        category: 'security',
+        weight: 5,
+        test: (data) => !!data.corsAllowsAgents,
+      },
+      {
+        name: 'rate_limit_info',
+        category: 'fairness',
+        weight: 5,
+        test: (data) => !!data.rateLimitInfo,
+      },
+      {
+        name: 'error_handling',
+        category: 'reliability',
+        weight: 5,
+        test: (data) => !!data.errorSchemaProvided,
+      },
+      {
+        name: 'data_privacy_declaration',
+        category: 'compliance',
+        weight: 7,
+        test: (data) => !!(data.privacyPolicy || data.dataUsagePolicy),
+      },
+      {
+        name: 'agent_terms_of_service',
+        category: 'compliance',
+        weight: 7,
+        test: (data) => !!data.agentTOS,
+      },
+      {
+        name: 'p2p_sovereign_support',
+        category: 'sovereignty',
+        weight: 10,
+        test: (data) => !!data.sovereignMode,
+      },
+    ];
+  }
+}
+
+const certificationEngine = new CertificationEngine();
+
+module.exports = { CertificationEngine, CertLevel, certificationEngine };

package/server/registry/index.js

@@ -0,0 +1,326 @@
+'use strict';
+
+/**
+ * WAB Registry - Agent & Command Registry
+ *
+ * Ecosystem foundation (like npm for agents):
+ * - Command registry (registered site capabilities)
+ * - Agent registry (available agents & their capabilities)
+ * - Site registry (WAB-enabled sites)
+ * - Template registry (reusable agent workflows)
+ */
+
+const crypto = require('crypto');
+const { bus } = require('../runtime/event-bus');
+const { metrics } = require('../observability');
+
+// ─── Command Registry ───────────────────────────────────────────────────────
+
+class CommandRegistry {
+  constructor() {
+    this._commands = new Map();    // commandId → command definition
+    this._siteCommands = new Map(); // siteId → Set<commandId>
+    this._categories = new Map();   // category → Set<commandId>
+  }
+
+  /**
+   * Register a command that a site supports
+   */
+  register(siteId, command) {
+    const commandId = `cmd_${crypto.randomBytes(12).toString('hex')}`;
+    const entry = {
+      id: commandId,
+      siteId,
+      name: command.name,
+      description: command.description || '',
+      category: command.category || 'general',
+      version: command.version || '1.0.0',
+      input: command.input || {},   // JSON Schema
+      output: command.output || {}, // JSON Schema
+      capabilities: command.capabilities || [],
+      examples: command.examples || [],
+      tags: command.tags || [],
+      deprecated: command.deprecated || false,
+      registeredAt: Date.now(),
+      usageCount: 0,
+      lastUsed: null,
+    };
+
+    this._commands.set(commandId, entry);
+
+    // Index by site
+    if (!this._siteCommands.has(siteId)) this._siteCommands.set(siteId, new Set());
+    this._siteCommands.get(siteId).add(commandId);
+
+    // Index by category
+    if (!this._categories.has(entry.category)) this._categories.set(entry.category, new Set());
+    this._categories.get(entry.category).add(commandId);
+
+    metrics.increment('registry.commands.registered');
+    bus.emit('registry.command.registered', { commandId, siteId, name: command.name });
+
+    return entry;
+  }
+
+  /**
+   * Search commands
+   */
+  search(query = {}) {
+    const results = [];
+
+    for (const [, cmd] of this._commands) {
+      if (query.siteId && cmd.siteId !== query.siteId) continue;
+      if (query.category && cmd.category !== query.category) continue;
+      if (query.name && !cmd.name.toLowerCase().includes(query.name.toLowerCase())) continue;
+      if (query.tag && !cmd.tags.includes(query.tag)) continue;
+      if (query.capability) {
+        if (!cmd.capabilities.some(c => c.includes(query.capability))) continue;
+      }
+      results.push(cmd);
+    }
+
+    // Sort by usage
+    results.sort((a, b) => b.usageCount - a.usageCount);
+    return results.slice(0, query.limit || 50);
+  }
+
+  /**
+   * Get commands for a site
+   */
+  getSiteCommands(siteId) {
+    const ids = this._siteCommands.get(siteId);
+    if (!ids) return [];
+    return [...ids].map(id => this._commands.get(id)).filter(Boolean);
+  }
+
+  /**
+   * Get command by ID
+   */
+  getCommand(commandId) {
+    return this._commands.get(commandId) || null;
+  }
+
+  /**
+   * Track command usage
+   */
+  trackUsage(commandId) {
+    const cmd = this._commands.get(commandId);
+    if (cmd) {
+      cmd.usageCount++;
+      cmd.lastUsed = Date.now();
+    }
+  }
+
+  /**
+   * Get categories with counts
+   */
+  getCategories() {
+    const cats = {};
+    for (const [cat, ids] of this._categories) {
+      cats[cat] = ids.size;
+    }
+    return cats;
+  }
+
+  /**
+   * Unregister all commands for a site
+   */
+  unregisterSite(siteId) {
+    const ids = this._siteCommands.get(siteId);
+    if (!ids) return;
+    for (const id of ids) {
+      const cmd = this._commands.get(id);
+      if (cmd) {
+        const catIds = this._categories.get(cmd.category);
+        if (catIds) catIds.delete(id);
+      }
+      this._commands.delete(id);
+    }
+    this._siteCommands.delete(siteId);
+  }
+
+  getStats() {
+    return {
+      totalCommands: this._commands.size,
+      totalSites: this._siteCommands.size,
+      categories: this.getCategories(),
+    };
+  }
+}
+
+// ─── Site Registry ──────────────────────────────────────────────────────────
+
+class SiteRegistry {
+  constructor() {
+    this._sites = new Map(); // domain → site entry
+  }
+
+  /**
+   * Register a WAB-enabled site
+   */
+  register(domain, info) {
+    const entry = {
+      domain,
+      name: info.name || domain,
+      description: info.description || '',
+      tier: info.tier || 'free',
+      protocolVersion: info.protocolVersion || '1.0.0',
+      capabilities: info.capabilities || [],
+      endpoints: {
+        discover: info.discoverUrl || `https://${domain}/.well-known/wab.json`,
+        execute: info.executeUrl || `https://${domain}/api/wab/execute`,
+        negotiate: info.negotiateUrl || null,
+      },
+      verified: info.verified || false,
+      registeredAt: Date.now(),
+      lastSeen: Date.now(),
+      commandCount: 0,
+      agentVisits: 0,
+    };
+
+    this._sites.set(domain, entry);
+    metrics.increment('registry.sites.registered');
+    bus.emit('registry.site.registered', { domain });
+    return entry;
+  }
+
+  /**
+   * Get site info
+   */
+  getSite(domain) {
+    return this._sites.get(domain) || null;
+  }
+
+  /**
+   * Search sites
+   */
+  search(query = {}) {
+    const results = [];
+    for (const [, site] of this._sites) {
+      if (query.tier && site.tier !== query.tier) continue;
+      if (query.capability && !site.capabilities.includes(query.capability)) continue;
+      if (query.name && !site.name.toLowerCase().includes(query.name.toLowerCase())) continue;
+      if (query.verified !== undefined && site.verified !== query.verified) continue;
+      results.push(site);
+    }
+    results.sort((a, b) => b.agentVisits - a.agentVisits);
+    return results.slice(0, query.limit || 50);
+  }
+
+  /**
+   * Track a visit
+   */
+  trackVisit(domain) {
+    const site = this._sites.get(domain);
+    if (site) {
+      site.agentVisits++;
+      site.lastSeen = Date.now();
+    }
+  }
+
+  /**
+   * List all sites
+   */
+  listSites(limit = 100) {
+    return Array.from(this._sites.values()).slice(0, limit);
+  }
+
+  getStats() {
+    return {
+      totalSites: this._sites.size,
+      verifiedSites: Array.from(this._sites.values()).filter(s => s.verified).length,
+    };
+  }
+}
+
+// ─── Template Registry ──────────────────────────────────────────────────────
+
+class TemplateRegistry {
+  constructor() {
+    this._templates = new Map(); // templateId → template
+  }
+
+  /**
+   * Register a workflow template
+   */
+  register(template) {
+    const templateId = template.id || `tmpl_${crypto.randomBytes(12).toString('hex')}`;
+    const entry = {
+      id: templateId,
+      name: template.name,
+      description: template.description || '',
+      category: template.category || 'general',
+      author: template.author || 'system',
+      version: template.version || '1.0.0',
+
+      // Workflow definition
+      steps: template.steps || [],
+      variables: template.variables || {},
+      requiredCapabilities: template.requiredCapabilities || [],
+
+      // Metadata
+      tags: template.tags || [],
+      downloads: 0,
+      rating: 0,
+      reviews: 0,
+      registeredAt: Date.now(),
+    };
+
+    this._templates.set(templateId, entry);
+    metrics.increment('registry.templates.registered');
+    return entry;
+  }
+
+  /**
+   * Get a template
+   */
+  getTemplate(templateId) {
+    return this._templates.get(templateId) || null;
+  }
+
+  /**
+   * Search templates
+   */
+  search(query = {}) {
+    const results = [];
+    for (const [, tmpl] of this._templates) {
+      if (query.category && tmpl.category !== query.category) continue;
+      if (query.name && !tmpl.name.toLowerCase().includes(query.name.toLowerCase())) continue;
+      if (query.tag && !tmpl.tags.includes(query.tag)) continue;
+      results.push(tmpl);
+    }
+    results.sort((a, b) => b.downloads - a.downloads);
+    return results.slice(0, query.limit || 50);
+  }
+
+  /**
+   * Track template download
+   */
+  trackDownload(templateId) {
+    const tmpl = this._templates.get(templateId);
+    if (tmpl) tmpl.downloads++;
+  }
+
+  listTemplates(limit = 50) {
+    return Array.from(this._templates.values()).slice(0, limit);
+  }
+
+  getStats() {
+    return { totalTemplates: this._templates.size };
+  }
+}
+
+// ─── Singletons ─────────────────────────────────────────────────────────────
+
+const commandRegistry = new CommandRegistry();
+const siteRegistry = new SiteRegistry();
+const templateRegistry = new TemplateRegistry();
+
+module.exports = {
+  CommandRegistry,
+  SiteRegistry,
+  TemplateRegistry,
+  commandRegistry,
+  siteRegistry,
+  templateRegistry,
+};