npm - web-agent-bridge - Versions diffs - 3.3.0 → 3.4.0 - Mend

web-agent-bridge 3.3.0 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

package/LICENSE +12 -0
package/README.ar.md +18 -0
package/README.md +198 -1664
package/bin/wab-init.js +223 -0
package/examples/azure-dns-wab.js +83 -0
package/examples/cloudflare-wab-dns.js +121 -0
package/examples/cpanel-wab-dns.js +114 -0
package/examples/dns-discovery-agent.js +166 -0
package/examples/gcp-dns-wab.js +76 -0
package/examples/governance-agent.js +169 -0
package/examples/plesk-wab-dns.js +103 -0
package/examples/route53-wab-dns.js +144 -0
package/examples/safe-mode-agent.js +96 -0
package/examples/wab-sign.js +74 -0
package/examples/wab-verify.js +60 -0
package/package.json +5 -5
package/public/.well-known/wab.json +28 -0
package/public/activate.html +368 -0
package/public/adoption-metrics.html +188 -0
package/public/api.html +1 -1
package/public/azure-dns-integration.html +289 -0
package/public/cloudflare-integration.html +380 -0
package/public/cpanel-integration.html +398 -0
package/public/css/styles.css +28 -0
package/public/dashboard.html +1 -0
package/public/dns.html +101 -172
package/public/docs.html +1 -0
package/public/gcp-dns-integration.html +318 -0
package/public/growth.html +4 -2
package/public/index.html +227 -31
package/public/integrations.html +1 -1
package/public/js/activate.js +145 -0
package/public/js/auth-nav.js +34 -0
package/public/js/dns.js +438 -0
package/public/openapi.json +89 -0
package/public/plesk-integration.html +375 -0
package/public/premium.html +1 -1
package/public/provider-onboarding.html +172 -0
package/public/provider-sandbox.html +134 -0
package/public/providers.html +359 -0
package/public/registrar-integrations.html +141 -0
package/public/robots.txt +12 -0
package/public/route53-integration.html +531 -0
package/public/shieldqr.html +231 -0
package/public/sitemap.xml +6 -0
package/public/wab-trust.html +200 -0
package/public/wab-vs-protocols.html +210 -0
package/public/whitepaper.html +449 -0
package/sdk/auto-discovery.js +288 -0
package/sdk/governance.js +262 -0
package/sdk/index.js +13 -0
package/sdk/package.json +2 -2
package/sdk/safe-mode.js +221 -0
package/server/index.js +144 -5
package/server/migrations/007_governance.sql +106 -0
package/server/migrations/008_plans.sql +144 -0
package/server/migrations/009_shieldqr.sql +30 -0
package/server/migrations/010_extended_trust.sql +33 -0
package/server/models/adapters/mysql.js +1 -1
package/server/models/adapters/postgresql.js +1 -1
package/server/models/db.js +60 -1
package/server/routes/admin-plans.js +76 -0
package/server/routes/admin-premium.js +4 -2
package/server/routes/admin-shieldqr.js +90 -0
package/server/routes/admin-trust-monitor.js +83 -0
package/server/routes/admin.js +289 -1
package/server/routes/billing.js +16 -4
package/server/routes/discovery.js +1933 -2
package/server/routes/governance.js +208 -0
package/server/routes/plans.js +33 -0
package/server/routes/providers.js +650 -0
package/server/routes/shieldqr.js +88 -0
package/server/services/email.js +29 -0
package/server/services/governance.js +466 -0
package/server/services/plans.js +214 -0
package/server/services/premium.js +1 -1
package/server/services/provider-clients.js +740 -0
package/server/services/shieldqr.js +322 -0
package/server/services/ssl-inspector.js +42 -0
package/server/services/ssl-monitor.js +167 -0
package/server/services/stripe.js +18 -5
package/server/services/vision.js +1 -1
package/server/services/wab-crypto.js +178 -0

package/public/dns.html CHANGED Viewed

@@ -12,10 +12,10 @@
   <link rel="stylesheet" href="/css/styles.css?v=3.2.0">
   <style>
     body{background:#070d19;color:#e5edff}
-    .hero{padding:110px 24px 32px;text-align:center}
+    .hero{padding:120px 24px 32px !important;text-align:center;flex-direction:column;justify-content:center;align-items:center;min-height:auto !important}
     .hero h1{font-size:clamp(2rem,4vw,3rem);margin-bottom:10px}
     .hero p{max-width:880px;margin:0 auto;color:#99a8c7;line-height:1.7}
-    .lang{display:flex;gap:10px;justify-content:center;margin:0 0 22px}
+    .lang{display:flex;gap:8px;align-items:center}
     .lang button{border:1px solid rgba(255,255,255,.15);background:rgba(255,255,255,.04);color:#e5edff;padding:8px 14px;border-radius:10px;cursor:pointer}
     .lang button.active{background:linear-gradient(135deg,#f59e0b,#b45309);border-color:transparent}
     .wrap{max-width:1100px;margin:0 auto;padding:0 22px 60px}
@@ -43,6 +43,12 @@
     .toc{display:flex;flex-wrap:wrap;gap:8px;justify-content:center;margin:0 0 14px}
     .toc a{background:rgba(255,255,255,.04);border:1px solid rgba(148,163,184,.22);color:#e5edff;padding:6px 12px;border-radius:999px;font-size:.85rem;text-decoration:none}
     .toc a:hover{border-color:#fbbf24;color:#fcd34d}
+    .advanced-block{display:none}
+    .live-grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(240px,1fr));gap:12px;margin-top:12px}
+    .live-item{background:rgba(2,6,23,.6);border:1px solid rgba(148,163,184,.2);border-radius:12px;padding:12px}
+    .live-item h4{margin:0 0 6px;color:#fef3c7;font-size:.98rem}
+    .live-item p{margin:0 0 8px;color:#cbd5e1;font-size:.88rem;line-height:1.55}
+    .live-meta{font-size:.78rem;color:#93c5fd}
   </style>
 </head>
 <body>
@@ -57,20 +63,22 @@
         <li><a href="/sovereign">Sovereign</a></li>
         <li><a href="/docs">Docs</a></li>
       </ul>
+      <div class="lang" style="display:flex;gap:8px;align-items:center;margin-left:16px">
+        <button id="enBtn" class="active" style="border:1px solid rgba(255,255,255,.2);background:rgba(255,255,255,.06);color:#e5edff;padding:5px 12px;border-radius:8px;cursor:pointer;font-size:.82rem;font-weight:600">English</button>
+        <button id="arBtn" style="border:1px solid rgba(255,255,255,.2);background:rgba(255,255,255,.06);color:#e5edff;padding:5px 12px;border-radius:8px;cursor:pointer;font-size:.82rem;font-weight:600">العربية</button>
+      </div>
     </div>
   </nav>
   <section class="hero">
-    <div class="lang">
-      <button id="enBtn" class="active" onclick="setLang('en')">English</button>
-      <button id="arBtn" onclick="setLang('ar')">العربية</button>
-    </div>
     <h1 data-en="WAB DNS Discovery" data-ar="اكتشاف WAB عبر DNS">WAB DNS Discovery</h1>
     <p data-en="Announce your AI-readiness at the infrastructure level. Add a single DNS TXT record at _wab.yourdomain.com and any compatible AI agent will instantly find your wab.json capabilities — no HTTP probe required." data-ar="أعلن عن جاهزية موقعك للذكاء الاصطناعي على مستوى البنية التحتية. أضف سجل TXT واحد في _wab.yourdomain.com وسيجد أي وكيل ذكاء اصطناعي متوافق ملف القدرات wab.json فوراً — دون الحاجة لأي طلب HTTP أولي.">Announce your AI-readiness at the infrastructure level. Add a single DNS TXT record at <code>_wab.yourdomain.com</code> and any compatible AI agent will instantly find your <code>wab.json</code> capabilities — no HTTP probe required.</p>
     <div class="toc">
       <a href="#what-is">What & Why</a>
+      <a href="#quickstart">3 Steps</a>
       <a href="#format">Record Format</a>
       <a href="#verifier">Live Verifier</a>
+      <a href="#proof-lab">Proof Lab</a>
       <a href="#setup">Setup Guides</a>
       <a href="#troubleshoot">Troubleshooting</a>
       <a href="#repo-links">Repo & Docs</a>
@@ -93,6 +101,18 @@
       <span class="badge" data-en="MIT-licensed open protocol" data-ar="بروتوكول مفتوح برخصة MIT">MIT-licensed open protocol</span>
     </div>
+    <!-- ═══════════════ QUICKSTART ═══════════════ -->
+    <div class="card" id="quickstart">
+      <h3 data-en="The whole thing in 3 steps" data-ar="كل العملية في 3 خطوات">The whole thing in 3 steps</h3>
+      <ol>
+        <li data-en="Add TXT at _wab.yourdomain.com" data-ar="أضف TXT في _wab.yourdomain.com">Add TXT at <code>_wab.yourdomain.com</code></li>
+        <li data-en="Serve /.well-known/wab.json" data-ar="وفّر /.well-known/wab.json">Serve <code>/.well-known/wab.json</code></li>
+        <li data-en="Run Verify Live + Test with Agent" data-ar="شغّل Verify Live + Test with Agent">Run <b>Verify Live</b> + <b>Test with Agent</b></li>
+      </ol>
+      <p data-en="No appId required for protocol verification. DNS + wab.json are sufficient." data-ar="لا يلزم appId للتحقق البروتوكولي. DNS + wab.json كافيان.">No appId required for protocol verification. DNS + wab.json are sufficient.</p>
+      <button id="dnsAdvancedToggleBtn" class="btn secondary" style="margin-top:4px" data-en="Show Advanced Trust/Privacy Layer" data-ar="إظهار طبقة الثقة/الخصوصية المتقدمة">Show Advanced Trust/Privacy Layer</button>
+    </div>
     <!-- ═══════════════ HOW IT WORKS ═══════════════ -->
     <div class="card">
       <h3 data-en="How it works (under the hood)" data-ar="كيف يعمل (الآلية الداخلية)">How it works (under the hood)</h3>
@@ -197,15 +217,83 @@
             </select>
           </div>
         </div>
-        <button class="btn" onclick="verifyDns()" data-en="Verify _wab Record" data-ar="تحقق من سجل _wab">Verify _wab Record</button>
-        <button class="btn secondary" onclick="copyExample()" data-en="Copy Example Record" data-ar="انسخ سجلاً نموذجياً">Copy Example Record</button>
+        <button id="dnsVerifyBtn" class="btn" data-en="Verify _wab Record" data-ar="تحقق من سجل _wab">Verify _wab Record</button>
+        <button id="dnsCopyBtn" class="btn secondary" data-en="Copy Example Record" data-ar="انسخ سجلاً نموذجياً">Copy Example Record</button>
         <div id="dnsStatus" style="margin-top:10px;font-size:.92rem"></div>
         <pre id="dnsOut">{}</pre>
       </div>
     </div>
+    <!-- ═══════════════ PROOF LAB ═══════════════ -->
+    <div class="card" id="proof-lab">
+      <h3 data-en="Proof Lab — verify and execute live" data-ar="مختبر الإثبات — تحقق ونفّذ مباشرة">Proof Lab — verify and execute live</h3>
+      <p data-en="This section proves real activation and real usage. For each domain: DNS TXT, wab.json URL, live verify, and agent test flow (discover → ping)." data-ar="هذا القسم يثبت التفعيل الحقيقي والاستخدام الحقيقي. لكل نطاق: DNS TXT، رابط wab.json، تحقق مباشر، وتدفق اختبار الوكيل (discover → ping).">This section proves real activation and real usage.</p>
+      <div class="verifier">
+        <button id="dnsProofVerifyBtn" class="btn" data-en="Verify Live" data-ar="تحقق مباشر">Verify Live</button>
+        <button id="dnsProofAgentBtn" class="btn secondary" data-en="Test with Agent" data-ar="اختبر مع وكيل">Test with Agent</button>
+        <div style="margin-top:10px" class="row">
+          <div>
+            <label data-en="API Key (optional, for real execution proof)" data-ar="مفتاح API (اختياري لإثبات تنفيذ فعلي)">API Key (optional, for real execution proof)</label>
+            <input id="dnsUsageApiKey" type="password" placeholder="wab_xxxxx">
+          </div>
+          <div>
+            <label data-en="Preferred use-case" data-ar="الاستخدام المفضل">Preferred use-case</label>
+            <select id="dnsUsageUseCase">
+              <option value="">Auto</option>
+              <option value="booking">booking</option>
+              <option value="messaging">messaging</option>
+              <option value="payment">payment</option>
+              <option value="checkout">checkout</option>
+              <option value="search">search</option>
+            </select>
+          </div>
+        </div>
+        <button id="dnsUsageProofBtn" class="btn" data-en="Run Usage Proof" data-ar="شغّل إثبات الاستخدام">Run Usage Proof</button>
+        <a href="/downloads/wab-dns-provider.postman_collection.json" download class="btn secondary" style="margin-left:8px;font-size:.87rem;padding:6px 14px" data-en="Download Postman Collection" data-ar="تحميل مجموعة Postman">⬇ Download Postman Collection</a>
+        <div id="proofStatus" style="margin-top:10px;font-size:.92rem"></div>
+        <div id="proofDiscoverPathBadge" style="display:none;margin-top:8px"></div>
+        </div>
+        <div class="grid" style="grid-template-columns:repeat(auto-fit,minmax(220px,1fr));margin-top:10px">
+          <div class="card" style="padding:12px">
+            <h4 style="margin:0 0 6px">State</h4>
+            <div id="stateBadges" style="font-size:.9rem;color:#cbd5e1"></div>
+          </div>
+          <div class="card" style="padding:12px">
+            <h4 style="margin:0 0 6px">Use-case</h4>
+            <div id="useCaseValue" style="font-size:.9rem;color:#cbd5e1">—</div>
+          </div>
+          <div class="card" style="padding:12px">
+            <h4 style="margin:0 0 6px">DNS TXT</h4>
+            <div id="proofTxt" style="font-size:.84rem;color:#cbd5e1;word-break:break-word">—</div>
+          </div>
+          <div class="card" style="padding:12px">
+            <h4 style="margin:0 0 6px">wab.json</h4>
+            <div id="proofWabJson" style="font-size:.84rem;color:#cbd5e1;word-break:break-word">—</div>
+          </div>
+        </div>
+        <div class="card" style="padding:12px;margin-top:10px">
+          <h4 style="margin:0 0 6px">Usage KPI</h4>
+          <div id="usageKpiValue" style="font-size:.9rem;color:#cbd5e1">—</div>
+        </div>
+        <div class="card" style="padding:12px;margin-top:10px">
+          <h4 style="margin:0 0 6px">Usage Trend (Last 20 Runs)</h4>
+          <div id="usageTrendSummary" style="font-size:.9rem;color:#cbd5e1">—</div>
+          <div id="usageTrendList" style="margin-top:8px;font-size:.82rem;color:#aab6d3;line-height:1.6">—</div>
+        </div>
+        <pre id="proofOut">{}</pre>
+      </div>
+    </div>
+    <!-- ═══════════════ LIVE ADOPTION ═══════════════ -->
+    <div class="card" id="live-adoption">
+      <h3 data-en="Businesses Using WAB DNS Discovery (Live)" data-ar="الشركات التي تستخدم WAB DNS Discovery (مباشر)">Businesses Using WAB DNS Discovery (Live)</h3>
+      <p data-en="Auto-listed from real registrations only. No static or manually seeded entries." data-ar="قائمة تلقائية من التسجيلات الحقيقية فقط. لا توجد بيانات ثابتة أو مزروعة يدويًا.">Auto-listed from real registrations only. No static or manually seeded entries.</p>
+      <div id="liveAdoptionStatus" style="margin-top:8px;font-size:.9rem;color:#94a3b8">Loading live registry…</div>
+      <div id="liveAdoptionList" class="live-grid" style="display:none"></div>
+    </div>
     <!-- ═══════════════ PRIVACY MODEL ═══════════════ -->
-    <div class="card" id="privacy">
+    <div class="card advanced-block" id="privacy">
       <h3 data-en="DNS Privacy Model — what DoH does and does not protect" data-ar="نموذج خصوصية DNS — ما الذي يحميه DoH وما لا يحميه">DNS Privacy Model — what DoH does and does not protect</h3>
       <p data-en="WAB Discovery never uses plain UDP DNS. Every lookup of _wab.example.com uses DNS over HTTPS (DoH), so the query is encrypted between the agent and the resolver. This is a real privacy upgrade — but it is not perfect, and we want you to understand the exact threat model." data-ar="لا يستخدم اكتشاف WAB أبداً DNS التقليدي عبر UDP. كل استعلام لـ _wab.example.com يتم عبر DNS over HTTPS (DoH)، فيكون مشفراً بين الوكيل والمحلل. هذه تحسين خصوصية حقيقي — لكنه ليس مثالياً، ونريد أن تفهم نموذج التهديد بدقة.">WAB Discovery never uses plain UDP DNS. Every lookup of <code>_wab.example.com</code> uses DNS over HTTPS (DoH), so the query is encrypted between the agent and the resolver.</p>
       <table class="table">
@@ -223,7 +311,7 @@
     </div>
     <!-- ═══════════════ SILENT HANDSHAKE ═══════════════ -->
-    <div class="card" id="silent-handshake">
+    <div class="card advanced-block" id="silent-handshake">
       <h3 data-en="Silent Handshake — agent-aware sites, zero cookie banners" data-ar="المصافحة الصامتة — مواقع تفهم الوكلاء بدون نوافذ كوكيز">Silent Handshake — agent-aware sites, zero cookie banners</h3>
       <p data-en="When a WAB-aware site advertises _wab and _wab-trust over DNS, the visiting agent and the site can negotiate intent in the background — no privacy popup, no cookie banner, no consent click-fest. The site declares 'I respect your agent, here is the contract' once, in DNS, signed and cacheable." data-ar="عندما يعلن موقع متوافق مع WAB عن _wab و _wab-trust في DNS، يمكن للوكيل الزائر والموقع أن يتفاوضا في الخلفية — بدون نوافذ خصوصية ولا بانر كوكيز ولا نقرات موافقة. يعلن الموقع مرة واحدة في DNS: «أنا أحترم وكيلك، هذا هو العقد».">When a WAB-aware site advertises <code>_wab</code> and <code>_wab-trust</code> over DNS, the agent and site negotiate intent in the background — no privacy popup, no cookie banner, no consent click-fest.</p>
       <ol>
@@ -334,6 +422,7 @@ curl -s -H 'accept: application/dns-json' \
       <ul>
         <li><a href="https://github.com/abokenan444/web-agent-bridge/blob/master/DNS-DISCOVERY.md" target="_blank" rel="noopener">DNS-DISCOVERY.md (English)</a></li>
         <li><a href="https://github.com/abokenan444/web-agent-bridge/blob/master/DNS-DISCOVERY.ar.md" target="_blank" rel="noopener">DNS-DISCOVERY.ar.md (العربية)</a></li>
+        <li><a href="/provider-onboarding">Provider Onboarding (DNS providers & registrars)</a></li>
         <li><a href="https://github.com/abokenan444/web-agent-bridge/blob/master/docs/SPEC.md#4-discovery-protocol" target="_blank" rel="noopener">docs/SPEC.md — Discovery Protocol §4</a></li>
         <li><a href="/.well-known/wab.json" target="_blank">/.well-known/wab.json (this site's capabilities)</a></li>
       </ul>
@@ -341,167 +430,7 @@ curl -s -H 'accept: application/dns-json' \
   </div>
-  <script>
-    // ═══════════ Bilingual toggle ═══════════
-    function setLang(lang){
-      const isAr = lang === 'ar';
-      document.documentElement.lang = isAr ? 'ar' : 'en';
-      document.documentElement.dir = isAr ? 'rtl' : 'ltr';
-      document.getElementById('enBtn').classList.toggle('active', !isAr);
-      document.getElementById('arBtn').classList.toggle('active', isAr);
-      document.querySelectorAll('[data-en]').forEach(el=>{
-        el.textContent = isAr ? (el.getAttribute('data-ar') || el.textContent) : (el.getAttribute('data-en') || el.textContent);
-      });
-    }
-    // ═══════════ Live DoH Verifier ═══════════
-    async function verifyDns(){
-      const domain = (document.getElementById('dnsDomain').value || '').trim().replace(/^https?:\/\//,'').replace(/\/.*$/,'');
-      const resolver = document.getElementById('dnsResolver').value;
-      const status = document.getElementById('dnsStatus');
-      const out = document.getElementById('dnsOut');
-      if(!domain){ status.innerHTML = '<span class="danger">Please enter a domain.</span>'; return; }
-      const fqdn = '_wab.' + domain;
-      status.innerHTML = '<span class="warn">Querying ' + fqdn + ' …</span>';
-      out.textContent = '';
-      try {
-        const url = resolver + '?name=' + encodeURIComponent(fqdn) + '&type=TXT';
-        const res = await fetch(url, { headers: { 'accept': 'application/dns-json' } });
-        const data = await res.json();
-        out.textContent = JSON.stringify(data, null, 2);
-        const answers = (data.Answer || []).filter(a => a.type === 16);
-        if (!answers.length) {
-          status.innerHTML = '<span class="danger">No _wab TXT record found for <b>' + domain + '</b>. The domain has not enabled WAB DNS Discovery (yet).</span>';
-          return;
-        }
-        const value = answers.map(a => (a.data || '').replace(/^"|"$/g,'').replace(/" "/g,'')).join(' ');
-        const versionMatch = /v=([^;\s]+)/.exec(value);
-        const endpointMatch = /endpoint=([^;\s]+)/.exec(value);
-        if (versionMatch && endpointMatch && versionMatch[1].startsWith('wab')) {
-          status.innerHTML = '<span class="ok">✓ Valid WAB record found. Version: <b>' + versionMatch[1] + '</b> · Endpoint: <a href="' + endpointMatch[1] + '" target="_blank" style="color:#7dd3fc">' + endpointMatch[1] + '</a></span>';
-        } else {
-          status.innerHTML = '<span class="warn">TXT record found but it does not match the WAB format (v=wab1; endpoint=…).</span>';
-        }
-      } catch (err) {
-        status.innerHTML = '<span class="danger">Lookup failed: ' + (err && err.message || err) + '</span>';
-      }
-    }
-    function copyExample(){
-      const txt = 'v=wab1; endpoint=https://yourdomain.com/.well-known/wab.json';
-      navigator.clipboard.writeText(txt).then(()=>{
-        const s = document.getElementById('dnsStatus');
-        s.innerHTML = '<span class="ok">✓ Example record copied to clipboard.</span>';
-      });
-    }
-    // ═══════════ Canonical records — live status ═══════════
-    const RR_TYPE = { TXT: 16, CAA: 257, A: 1, AAAA: 28, CNAME: 5 };
-    function _decodeCAARdata(hex){
-      // RFC 8659: 1 byte flags, 1 byte tag-length, tag, value (rest)
-      try {
-        const bytes = hex.replace(/\\#\s*\d+\s*/, '').replace(/\s+/g, '');
-        const buf = bytes.match(/.{1,2}/g).map(b => parseInt(b, 16));
-        const tagLen = buf[1];
-        let tag = '', val = '';
-        for (let i = 0; i < tagLen; i++) tag += String.fromCharCode(buf[2 + i]);
-        for (let i = 2 + tagLen; i < buf.length; i++) val += String.fromCharCode(buf[i]);
-        return { tag, value: val };
-      } catch { return null; }
-    }
-    function _normalizeAnswer(answer, type){
-      const data = answer.data || '';
-      if (type === 'CAA') {
-        const decoded = _decodeCAARdata(data);
-        if (decoded) return decoded.tag + ' ' + decoded.value;
-        // Some resolvers return the parsed form already (e.g. '0 issue "letsencrypt.org"')
-        return data;
-      }
-      return data.replace(/^"|"$/g, '').replace(/"\s*"/g, '');
-    }
-    async function _doh(name, type){
-      // do=1 asks Cloudflare to set the AD flag when the answer is DNSSEC-validated.
-      const url = 'https://cloudflare-dns.com/dns-query?name=' +
-        encodeURIComponent(name) + '&type=' + encodeURIComponent(type) + '&do=1';
-      const res = await fetch(url, { headers: { 'accept': 'application/dns-json' } });
-      const data = await res.json();
-      const want = RR_TYPE[type];
-      const answers = (data.Answer || []).filter(a => a.type === want)
-        .map(a => _normalizeAnswer(a, type));
-      // Attach AD flag (DNSSEC validated) as a non-enumerable property
-      Object.defineProperty(answers, '_ad', { value: !!data.AD, enumerable: false });
-      return answers;
-    }
-    async function checkDnssecForWab(){
-      const el = document.getElementById('dnssecLiveStatus');
-      const rowState = document.getElementById('dnssecRowState');
-      if (!el) return;
-      try {
-        const ans = await _doh('_wab.webagentbridge.com', 'TXT');
-        if (ans._ad) {
-          el.className = 'ok';
-          el.textContent = '✓ DNSSEC validated (AD=1) at resolver';
-          if (rowState) { rowState.className = 'ok'; rowState.textContent = '✓ DNSSEC validated'; }
-        } else {
-          el.className = 'warn';
-          el.textContent = '⚠ DNSSEC not yet enabled on this zone (AD=0). Roadmap: enable DS at registrar.';
-        }
-      } catch {
-        el.className = 'warn';
-        el.textContent = '… could not verify (DoH unreachable)';
-      }
-    }
-    async function checkCanonicalRecords(){
-      const rows = document.querySelectorAll('#recordsTable tr[data-record]');
-      const summary = document.getElementById('recordsLiveStatus');
-      let pass = 0, fail = 0;
-      const tasks = Array.from(rows).map(async (row) => {
-        const cell = row.querySelector('.live-cell');
-        const name = row.dataset.record;
-        const type = row.dataset.rtype;
-        const match = row.dataset.match;
-        try {
-          const answers = await _doh(name, type);
-          const hit = answers.some(a => a.toLowerCase().includes(match.toLowerCase()));
-          if (hit) {
-            cell.innerHTML = '<span class="ok" title="Verified live via Cloudflare DoH">✓ live</span>';
-            pass++;
-          } else {
-            cell.innerHTML = '<span class="danger" title="Record not yet propagated or missing">✗ missing</span>';
-            fail++;
-          }
-        } catch (err) {
-          cell.innerHTML = '<span class="warn" title="Lookup failed">… error</span>';
-        }
-      });
-      await Promise.allSettled(tasks);
-      const total = pass + fail;
-      summary.innerHTML = '<span class="' + (fail === 0 ? 'ok' : 'warn') + '">' +
-        (fail === 0 ? '✓ All ' + total + ' canonical records verified live (Cloudflare DoH).'
-                    : '⚠ ' + pass + '/' + total + ' records live — ' + fail + ' missing or propagating.') + '</span>';
-    }
-    document.addEventListener('DOMContentLoaded', () => {
-      // Don't block the page; run the live checks in the background.
-      checkCanonicalRecords().catch(()=>{});
-      checkDnssecForWab().catch(()=>{});
-    });
-  </script>
-  <script>
-    // navbar scroll background (consistent with other pages)
-    const navbar = document.getElementById('navbar');
-    window.addEventListener('scroll', () => {
-      if (!navbar) return;
-      navbar.style.background = window.scrollY > 50
-        ? 'rgba(7, 13, 25, 0.92)'
-        : 'rgba(7, 13, 25, 0.78)';
-    });
-  </script>
+  <script src="/js/dns.js"></script>
 </body>
 </html>

package/public/docs.html CHANGED Viewed

@@ -24,6 +24,7 @@
         <li><a href="/#features">Features</a></li>
         <li><a href="/#pricing">Pricing</a></li>
         <li><a href="/docs" style="color:var(--text-primary);">Docs</a></li>
+        <li><a href="/whitepaper">Whitepaper</a></li>
       </ul>
       <div class="navbar-actions">
         <a href="/login" class="btn btn-ghost" data-wab-auth="guest">Sign In</a>