web-agent-bridge 3.0.0 → 3.2.0

package/server/services/modules/collective-bargaining.js

@@ -0,0 +1,92 @@
+/**
+ * WAB Collective Bargaining (04-collective-bargaining) — PUBLIC JOIN API, PRIVATE MATCHING ENGINE
+ * Groups buyers to negotiate bulk discounts.
+ * Join interface is open, matching engine is closed.
+ *
+ * Powered by WAB — Web Agent Bridge
+ * https://www.webagentbridge.com
+ */
+
+'use strict';
+
+const crypto = require('crypto');
+
+const demandPools = new Map();
+const NEGOTIATION_THRESHOLDS = {
+  electronics: { minBuyers: 10, targetDiscount: 0.15 },
+  travel: { minBuyers: 5, targetDiscount: 0.20 },
+  fashion: { minBuyers: 20, targetDiscount: 0.25 },
+  software: { minBuyers: 50, targetDiscount: 0.30 },
+  default: { minBuyers: 15, targetDiscount: 0.15 },
+};
+
+let matchingEngine;
+try { matchingEngine = require('./bargaining-engine'); } catch { matchingEngine = null; }
+
+function createRouter(express) {
+  const router = express.Router();
+
+  router.post('/join', (req, res) => {
+    const { platform, product_id, product_name, category, current_price, currency, max_price } = req.body;
+    if (!platform || !product_id || !current_price) {
+      return res.status(400).json({ error: 'platform, product_id, and current_price required' });
+    }
+
+    const poolKey = `${platform}:${product_id}`;
+    if (!demandPools.has(poolKey)) {
+      const cat = category || 'default';
+      const threshold = NEGOTIATION_THRESHOLDS[cat] || NEGOTIATION_THRESHOLDS.default;
+      demandPools.set(poolKey, {
+        id: 'POOL-' + crypto.randomBytes(8).toString('hex').toUpperCase(),
+        platform, product_id, product_name: product_name || product_id,
+        category: cat, current_price: parseFloat(current_price), currency: currency || 'USD',
+        target_price: parseFloat((current_price * (1 - threshold.targetDiscount)).toFixed(2)),
+        target_discount_pct: Math.round(threshold.targetDiscount * 100),
+        min_buyers: threshold.minBuyers, members: 0, status: 'OPEN',
+        created_at: new Date().toISOString(),
+      });
+    }
+
+    const pool = demandPools.get(poolKey);
+    if (pool.status !== 'OPEN') return res.status(400).json({ error: 'Pool is not open' });
+    pool.members++;
+
+    if (matchingEngine && pool.members >= pool.min_buyers) {
+      const deal = matchingEngine.negotiate(pool);
+      pool.status = deal ? 'DEAL_REACHED' : 'NEGOTIATING';
+    }
+
+    res.json({
+      success: true, pool_id: pool.id, member_count: pool.members, status: pool.status,
+      progress_pct: Math.min(100, Math.round(pool.members / pool.min_buyers * 100)),
+      members_needed: Math.max(0, pool.min_buyers - pool.members),
+      target_price: pool.target_price, target_discount_pct: pool.target_discount_pct,
+    });
+  });
+
+  router.get('/pools', (req, res) => {
+    const pools = Array.from(demandPools.values()).map(p => ({
+      pool_id: p.id, platform: p.platform, product_name: p.product_name,
+      current_price: p.current_price, target_price: p.target_price,
+      members: p.members, min_buyers: p.min_buyers, status: p.status,
+      progress_pct: Math.min(100, Math.round(p.members / p.min_buyers * 100)),
+    }));
+    res.json({ total: pools.length, pools: pools.filter(p => p.status === 'OPEN').slice(0, 50) });
+  });
+
+  router.get('/pool/:id', (req, res) => {
+    const pool = Array.from(demandPools.values()).find(p => p.id === req.params.id);
+    if (!pool) return res.status(404).json({ error: 'Pool not found' });
+    res.json(pool);
+  });
+
+  router.get('/stats', (req, res) => {
+    let totalMembers = 0, activePoolsCount = 0;
+    for (const p of demandPools.values()) { totalMembers += p.members; if (p.status === 'OPEN') activePoolsCount++; }
+    res.json({ total_pools: demandPools.size, active_pools: activePoolsCount, total_participants: totalMembers });
+  });
+
+  return router;
+}
+
+module.exports = { createRouter };

package/server/services/modules/dark-pattern.js

@@ -0,0 +1,66 @@
+/**
+ * WAB Dark Pattern Detector (03-dark-pattern) — FULLY CLOSED
+ * DSA compliance engine detects all 17 OECD dark patterns.
+ * All detection rules are proprietary.
+ *
+ * Powered by WAB — Web Agent Bridge
+ * https://www.webagentbridge.com
+ */
+
+'use strict';
+
+let darkPatternEngine;
+try { darkPatternEngine = require('./dark-pattern-engine'); } catch { darkPatternEngine = null; }
+
+function createRouter(express) {
+  const router = express.Router();
+
+  router.post('/audit', async (req, res) => {
+    const { url: targetUrl } = req.body;
+    if (!targetUrl) return res.status(400).json({ error: 'url required' });
+    if (!darkPatternEngine) return res.status(503).json({ error: 'Dark pattern engine not available', code: 'MODULE_UNAVAILABLE' });
+    try {
+      const report = await darkPatternEngine.generateReport(targetUrl);
+      res.json(report);
+    } catch (e) { res.status(500).json({ error: e.message }); }
+  });
+
+  router.post('/scan', (req, res) => {
+    const { html, page_url } = req.body;
+    if (!html) return res.status(400).json({ error: 'html content required' });
+    if (!darkPatternEngine) return res.status(503).json({ error: 'Dark pattern engine not available', code: 'MODULE_UNAVAILABLE' });
+    const result = darkPatternEngine.scanContent(html, page_url);
+    res.json(result);
+  });
+
+  router.get('/patterns', (req, res) => {
+    res.json({ total: 17, categories: [
+      { id: 'DP001', name: 'False Urgency', severity: 'HIGH', dsa_article: 'Article 25(1)(a)' },
+      { id: 'DP002', name: 'Scarcity Manipulation', severity: 'HIGH', dsa_article: 'Article 25(1)(a)' },
+      { id: 'DP003', name: 'Hidden Costs', severity: 'CRITICAL', dsa_article: 'Article 25(1)(b)' },
+      { id: 'DP004', name: 'Trick Question', severity: 'HIGH', dsa_article: 'Article 25(1)(c)' },
+      { id: 'DP005', name: 'Roach Motel', severity: 'CRITICAL', dsa_article: 'Article 25(1)(d)' },
+      { id: 'DP006', name: 'Confirmshaming', severity: 'MEDIUM', dsa_article: 'Article 25(1)(a)' },
+      { id: 'DP007', name: 'Forced Continuity', severity: 'CRITICAL', dsa_article: 'Article 25(1)(b)' },
+      { id: 'DP008', name: 'Misdirection', severity: 'MEDIUM', dsa_article: 'Article 25(1)(a)' },
+      { id: 'DP009', name: 'Disguised Ads', severity: 'HIGH', dsa_article: 'Article 26' },
+      { id: 'DP010', name: 'Nagging', severity: 'LOW', dsa_article: 'Article 25(1)(a)' },
+      { id: 'DP011', name: 'Basket Sneaking', severity: 'CRITICAL', dsa_article: 'Article 25(1)(b)' },
+      { id: 'DP012', name: 'Bait and Switch', severity: 'CRITICAL', dsa_article: 'Article 25(1)(b)' },
+      { id: 'DP013', name: 'Privacy Zuckering', severity: 'HIGH', dsa_article: 'Article 25(1)(c)' },
+      { id: 'DP014', name: 'Fake Social Proof', severity: 'HIGH', dsa_article: 'Article 25(1)(a)' },
+      { id: 'DP015', name: 'Interface Interference', severity: 'MEDIUM', dsa_article: 'Article 25(1)(a)' },
+      { id: 'DP016', name: 'Drip Pricing', severity: 'HIGH', dsa_article: 'Article 25(1)(b)' },
+      { id: 'DP017', name: 'Disguised Subscription', severity: 'CRITICAL', dsa_article: 'Article 25(1)(b)' },
+    ]});
+  });
+
+  router.get('/stats', (req, res) => {
+    if (!darkPatternEngine) return res.json({ status: 'engine_not_loaded', patterns_tracked: 17 });
+    res.json(darkPatternEngine.getStats());
+  });
+
+  return router;
+}
+
+module.exports = { createRouter };

package/server/services/modules/gov-intelligence.js

@@ -0,0 +1,45 @@
+/**
+ * WAB Gov Intelligence (05-gov-intelligence) — FULLY CLOSED
+ * Regulatory compliance and government intelligence database.
+ * All data and logic is proprietary.
+ *
+ * Powered by WAB — Web Agent Bridge
+ * https://www.webagentbridge.com
+ */
+
+'use strict';
+
+let govEngine;
+try { govEngine = require('./gov-engine'); } catch { govEngine = null; }
+
+function createRouter(express) {
+  const router = express.Router();
+
+  router.get('/check/:domain', (req, res) => {
+    if (!govEngine) return res.status(503).json({ error: 'Gov intelligence engine not available', code: 'MODULE_UNAVAILABLE' });
+    const result = govEngine.checkDomain(req.params.domain);
+    res.json(result);
+  });
+
+  router.get('/regulations', (req, res) => {
+    const { country, sector } = req.query;
+    if (!govEngine) return res.status(503).json({ error: 'Gov intelligence engine not available', code: 'MODULE_UNAVAILABLE' });
+    res.json(govEngine.getRegulations(country, sector));
+  });
+
+  router.post('/compliance-report', (req, res) => {
+    const { domain, country } = req.body;
+    if (!domain) return res.status(400).json({ error: 'domain required' });
+    if (!govEngine) return res.status(503).json({ error: 'Gov intelligence engine not available', code: 'MODULE_UNAVAILABLE' });
+    res.json(govEngine.generateComplianceReport(domain, country));
+  });
+
+  router.get('/stats', (req, res) => {
+    if (!govEngine) return res.json({ status: 'offline' });
+    res.json(govEngine.getStats());
+  });
+
+  return router;
+}
+
+module.exports = { createRouter };

package/server/services/modules/neural.js

@@ -0,0 +1,55 @@
+/**
+ * WAB Neural Engine (07-neural) — FULLY CLOSED
+ * Local AI inference engine. All logic is proprietary.
+ * Only the API interface is exposed here.
+ *
+ * Powered by WAB — Web Agent Bridge
+ * https://www.webagentbridge.com
+ */
+
+'use strict';
+
+let neuralEngine;
+try { neuralEngine = require('./neural-engine'); } catch { neuralEngine = null; }
+
+function createRouter(express) {
+  const router = express.Router();
+
+  router.post('/analyze-url', (req, res) => {
+    const { url: targetUrl } = req.body;
+    if (!targetUrl) return res.status(400).json({ error: 'url required' });
+    if (!neuralEngine) return res.status(503).json({ error: 'Neural engine not available', code: 'MODULE_UNAVAILABLE' });
+    const result = neuralEngine.analyzeUrl(targetUrl);
+    res.json(result);
+  });
+
+  router.post('/classify', (req, res) => {
+    const { content, categories } = req.body;
+    if (!content) return res.status(400).json({ error: 'content required' });
+    if (!neuralEngine) return res.status(503).json({ error: 'Neural engine not available', code: 'MODULE_UNAVAILABLE' });
+    const result = neuralEngine.classify(content, categories);
+    res.json(result);
+  });
+
+  router.post('/embeddings', (req, res) => {
+    const { text } = req.body;
+    if (!text) return res.status(400).json({ error: 'text required' });
+    if (!neuralEngine) return res.status(503).json({ error: 'Neural engine not available', code: 'MODULE_UNAVAILABLE' });
+    const result = neuralEngine.embed(text);
+    res.json(result);
+  });
+
+  router.get('/models', (req, res) => {
+    if (!neuralEngine) return res.json({ models: [], message: 'Neural engine not loaded' });
+    res.json(neuralEngine.listModels());
+  });
+
+  router.get('/stats', (req, res) => {
+    if (!neuralEngine) return res.json({ status: 'offline' });
+    res.json(neuralEngine.getStats());
+  });
+
+  return router;
+}
+
+module.exports = { createRouter };

package/server/services/modules/notary.js

@@ -0,0 +1,49 @@
+/**
+ * WAB Notary (02-notary) — FULLY CLOSED
+ * Cryptographic certificate system for price discrimination evidence.
+ * Signing algorithm is proprietary.
+ *
+ * Powered by WAB — Web Agent Bridge
+ * https://www.webagentbridge.com
+ */
+
+'use strict';
+
+let notaryEngine;
+try { notaryEngine = require('./notary-engine'); } catch { notaryEngine = null; }
+
+function createRouter(express) {
+  const router = express.Router();
+
+  router.post('/price', (req, res) => {
+    const { platform, productId, priceShown } = req.body;
+    if (!platform || !productId || priceShown === undefined) {
+      return res.status(400).json({ error: 'platform, productId, and priceShown required' });
+    }
+    if (!notaryEngine) return res.status(503).json({ error: 'Notary engine not available', code: 'MODULE_UNAVAILABLE' });
+    const cert = notaryEngine.issuePriceCertificate(req.body);
+    res.status(201).json(cert);
+  });
+
+  router.post('/transaction', (req, res) => {
+    if (!notaryEngine) return res.status(503).json({ error: 'Notary engine not available', code: 'MODULE_UNAVAILABLE' });
+    const cert = notaryEngine.issueTransactionCertificate(req.body);
+    res.status(201).json(cert);
+  });
+
+  router.get('/verify/:certId', (req, res) => {
+    if (!notaryEngine) return res.status(503).json({ error: 'Notary engine not available', code: 'MODULE_UNAVAILABLE' });
+    const result = notaryEngine.verifyCertificate(req.params.certId);
+    if (!result) return res.status(404).json({ error: 'Certificate not found' });
+    res.json(result);
+  });
+
+  router.get('/stats', (req, res) => {
+    if (!notaryEngine) return res.json({ status: 'offline' });
+    res.json(notaryEngine.getStats());
+  });
+
+  return router;
+}
+
+module.exports = { createRouter };

package/server/services/modules/price-time-machine.js

@@ -0,0 +1,86 @@
+/**
+ * WAB Price Time Machine (06-price-time-machine) — PUBLIC API, PRIVATE ENGINE
+ * Historical price tracking and fake discount detection.
+ * API is open, database and detection algorithm are closed.
+ *
+ * Powered by WAB — Web Agent Bridge
+ * https://www.webagentbridge.com
+ */
+
+'use strict';
+
+const crypto = require('crypto');
+
+const priceStore = new Map();
+const alertStore = new Map();
+
+let priceEngine;
+try { priceEngine = require('./price-engine'); } catch { priceEngine = null; }
+
+function createRouter(express) {
+  const router = express.Router();
+
+  router.post('/track', (req, res) => {
+    const { platform, product_id, product_name, price, currency, url: productUrl } = req.body;
+    if (!platform || !product_id || price === undefined) {
+      return res.status(400).json({ error: 'platform, product_id, and price are required' });
+    }
+
+    const key = `${platform}:${product_id}`;
+    if (!priceStore.has(key)) priceStore.set(key, { entries: [], metadata: { platform, product_id, product_name, currency: currency || 'USD', url: productUrl } });
+    const record = priceStore.get(key);
+    record.entries.push({ price: parseFloat(price), timestamp: Date.now(), date: new Date().toISOString() });
+    if (record.entries.length > 5000) record.entries.splice(0, record.entries.length - 5000);
+
+    const prices = record.entries.map(e => e.price);
+    const avg = prices.reduce((a, b) => a + b, 0) / prices.length;
+    const min = Math.min(...prices);
+    const max = Math.max(...prices);
+
+    let fakeDiscount = null;
+    if (priceEngine) {
+      fakeDiscount = priceEngine.detectFakeDiscount(record.entries);
+    }
+
+    res.json({
+      tracked: true, product_id, platform, current_price: price, data_points: record.entries.length,
+      statistics: { average: parseFloat(avg.toFixed(2)), min, max, range_pct: parseFloat(((max - min) / avg * 100).toFixed(1)) },
+      fake_discount: fakeDiscount,
+    });
+  });
+
+  router.get('/history/:platform/:productId', (req, res) => {
+    const key = `${req.params.platform}:${req.params.productId}`;
+    const record = priceStore.get(key);
+    if (!record) return res.status(404).json({ error: 'No price history for this product' });
+    const days = parseInt(req.query.days) || 30;
+    const cutoff = Date.now() - days * 86400000;
+    const filtered = record.entries.filter(e => e.timestamp >= cutoff);
+    res.json({ ...record.metadata, period_days: days, data_points: filtered.length, history: filtered });
+  });
+
+  router.get('/compare', (req, res) => {
+    const { product_name } = req.query;
+    if (!product_name) return res.status(400).json({ error: 'product_name query param required' });
+    const results = [];
+    const search = product_name.toLowerCase();
+    for (const [key, record] of priceStore) {
+      if (record.metadata.product_name && record.metadata.product_name.toLowerCase().includes(search)) {
+        const prices = record.entries.map(e => e.price);
+        results.push({ platform: record.metadata.platform, product_id: record.metadata.product_id, product_name: record.metadata.product_name,
+          current_price: prices[prices.length - 1], lowest_price: Math.min(...prices), highest_price: Math.max(...prices), data_points: prices.length });
+      }
+    }
+    res.json({ query: product_name, results: results.sort((a, b) => a.current_price - b.current_price) });
+  });
+
+  router.get('/stats', (req, res) => {
+    let totalPoints = 0;
+    for (const r of priceStore.values()) totalPoints += r.entries.length;
+    res.json({ products_tracked: priceStore.size, total_data_points: totalPoints, alerts_active: alertStore.size });
+  });
+
+  return router;
+}
+
+module.exports = { createRouter };

package/server/services/modules/protocol.js

@@ -0,0 +1,104 @@
+/**
+ * WAB Protocol Validator (08-protocol) — OPEN SOURCE
+ * Validates wab.json trust protocol files.
+ * This module is fully open to become a web standard.
+ *
+ * Powered by WAB — Web Agent Bridge
+ * https://www.webagentbridge.com
+ */
+
+'use strict';
+
+const https = require('https');
+const http = require('http');
+
+const WAB_PROTOCOL_SCHEMA = {
+  required: ['wab_version', 'site', 'permissions'],
+  optional: ['pricing', 'returns', 'trust', 'accessibility', 'dark_patterns_policy'],
+  permissions_fields: ['ai_agents', 'price_comparison', 'automated_checkout', 'data_export'],
+};
+
+function validateWabJson(wabJson) {
+  const errors = [];
+  const warnings = [];
+  let score = 100;
+
+  if (!wabJson || typeof wabJson !== 'object') return { valid: false, score: 0, errors: ['Invalid JSON structure'] };
+
+  for (const field of WAB_PROTOCOL_SCHEMA.required) {
+    if (!wabJson[field]) { errors.push(`Missing required field: ${field}`); score -= 20; }
+  }
+
+  if (wabJson.wab_version && !/^\d+\.\d+(\.\d+)?$/.test(wabJson.wab_version)) {
+    errors.push('Invalid wab_version format. Expected semver (e.g., "1.0.0")'); score -= 10;
+  }
+
+  if (wabJson.permissions) {
+    const p = wabJson.permissions;
+    if (typeof p.ai_agents !== 'undefined' && typeof p.ai_agents !== 'boolean' && typeof p.ai_agents !== 'string') {
+      warnings.push('permissions.ai_agents should be boolean or policy string');
+    }
+  }
+
+  for (const field of WAB_PROTOCOL_SCHEMA.optional) {
+    if (wabJson[field]) score = Math.min(100, score + 3);
+  }
+
+  return {
+    valid: errors.length === 0, score: Math.max(0, score), errors, warnings,
+    fields_present: Object.keys(wabJson),
+    completeness: `${Object.keys(wabJson).length} fields`,
+    protocol_version: wabJson.wab_version || 'unknown',
+  };
+}
+
+async function fetchAndValidate(domain) {
+  const wabUrl = `https://${domain}/wab.json`;
+  return new Promise((resolve) => {
+    const protocol = wabUrl.startsWith('https') ? https : http;
+    const req = protocol.get(wabUrl, { timeout: 8000, headers: { 'User-Agent': 'WAB-Protocol-Validator/1.0' } }, (res) => {
+      if (res.statusCode !== 200) {
+        return resolve({ found: false, domain, url: wabUrl, error: `HTTP ${res.statusCode}`, recommendation: 'Add a wab.json file to your site root' });
+      }
+      let data = '';
+      res.on('data', c => data += c);
+      res.on('end', () => {
+        try {
+          const json = JSON.parse(data);
+          const result = validateWabJson(json);
+          resolve({ found: true, domain, url: wabUrl, ...result, raw: json });
+        } catch { resolve({ found: false, domain, url: wabUrl, error: 'Invalid JSON in wab.json' }); }
+      });
+    });
+    req.on('error', () => resolve({ found: false, domain, url: wabUrl, error: 'Could not reach domain' }));
+    req.on('timeout', () => { req.destroy(); resolve({ found: false, domain, url: wabUrl, error: 'Request timed out' }); });
+  });
+}
+
+function createRouter(express) {
+  const router = express.Router();
+
+  router.post('/validate', (req, res) => {
+    const { wab_json } = req.body;
+    if (!wab_json) return res.status(400).json({ error: 'wab_json object is required' });
+    res.json(validateWabJson(wab_json));
+  });
+
+  router.get('/check/:domain', async (req, res) => {
+    const result = await fetchAndValidate(req.params.domain);
+    res.json(result);
+  });
+
+  router.get('/schema', (req, res) => {
+    res.json({ version: '1.0', schema: WAB_PROTOCOL_SCHEMA, example: {
+      wab_version: '1.0.0', site: { name: 'Example Store', domain: 'example.com', type: 'e-commerce' },
+      permissions: { ai_agents: true, price_comparison: true, automated_checkout: false, data_export: true },
+      pricing: { transparency: 'full', currency: 'USD', includes_tax: false },
+      dark_patterns_policy: { commitment: 'none', last_audit: '2026-01-01' },
+    }});
+  });
+
+  return router;
+}
+
+module.exports = { createRouter, validateWabJson, fetchAndValidate };

package/server/services/premium.js

@@ -1392,7 +1392,7 @@ function generateCdnUrl(siteId, customDomain) {
   if (customDomain) {
     return `https://${customDomain}/bridge/${siteId}/ai-agent-bridge.js`;
   }
-  return `https://cdn.webagentbridge.com/bridge/${siteId}/ai-agent-bridge.js`;
+  return `https://webagentbridge.com/bridge/${siteId}/ai-agent-bridge.js`;
 }
 
 // ═══════════════════════════════════════════════════════════════════════

package/server/services/price-intelligence.js

@@ -15,7 +15,8 @@
 const crypto = require('crypto');
 const { db } = require('../models/db');
 const scraper = require('./universal-scraper');
-const { getWabBridgeInfo } = require('./fairness-engine');
+let getWabBridgeInfo;
+try { ({ getWabBridgeInfo } = require('./fairness-engine')); } catch { getWabBridgeInfo = () => null; }
 
 // ─── Schema ──────────────────────────────────────────────────────────
 

package/server/services/vision.js

@@ -1070,10 +1070,10 @@ function getDomExtractionScript() {
      'aria-labelledby','aria-checked','data-action','checked','disabled'].forEach(function(a){
       if(el.hasAttribute(a))n.attributes[a]=el.getAttribute(a);
     });if(el.checked)n.attributes.checked='checked';
-    if(LAY.has(t)||INT.has(t)){n.children=[];for(var c of el.children){var cn=ext(c,d+1);if(cn)n.children.push(cn);}}
+    if(LAY.has(t)||INT.has(t)){n.children=[];var ch=Array.from(el.children);for(var j=0;j<ch.length;j++){var cn=ext(ch[j],d+1);if(cn)n.children.push(cn);}}
     return n;
   }
-  function sel(el){if(el.id)return'#'+CSS.escape(el.id);var p=[];var c=el;
+  function sel(el){if(!el||!el.tagName)return'unknown';if(el.id)return'#'+CSS.escape(el.id);var p=[];var c=el;
     for(var i=0;i<4&&c&&c!==document.body;i++){var s=c.tagName.toLowerCase();
       if(c.id){p.unshift('#'+CSS.escape(c.id));break;}
       if(c.className&&typeof c.className==='string'){var cl=c.className.trim().split(/\\s+/).slice(0,2).map(function(x){return'.'+CSS.escape(x);}).join('');if(cl)s+=cl;}