web-agent-bridge 3.4.0 → 3.9.0

package/examples/wab-sign.js

@@ -1,74 +1,74 @@
-#!/usr/bin/env node
-/**
- * wab-sign — generate Ed25519 keys and sign WAB discovery manifests.
- *
- * Usage:
- *   wab-sign keygen                            # print a new keypair (save private offline)
- *   wab-sign sign  manifest.json key.priv      # sign a manifest, write manifest.signed.json
- *   wab-sign txt   <pubkey-b64> <endpoint>     # print the matching _wab TXT line
- *
- * Examples:
- *   $ node wab-sign.js keygen > keys.json
- *   $ jq -r .private_key keys.json > key.priv
- *   $ node wab-sign.js sign wab.json key.priv
- *
- *   $ node wab-sign.js txt <(jq -r .public_key keys.json) https://example.com/.well-known/wab.json
- */
-
-'use strict';
-
-const fs = require('fs');
-const path = require('path');
-const { generateKeyPair, signManifest, fingerprint } = require(
-  // try the bundled service first; fall back to a local copy if invoked from a downloads/ extract
-  fs.existsSync(path.join(__dirname, '..', 'server', 'services', 'wab-crypto.js'))
-    ? path.join(__dirname, '..', 'server', 'services', 'wab-crypto.js')
-    : './wab-crypto'
-);
-
-const [,, cmd, a1, a2] = process.argv;
-
-function usage() {
-  console.error('Usage:');
-  console.error('  wab-sign keygen');
-  console.error('  wab-sign sign <manifest.json> <key.priv>');
-  console.error('  wab-sign txt  <public-key-b64>  <endpoint-url>');
-  process.exit(1);
-}
-
-if (!cmd) usage();
-
-if (cmd === 'keygen') {
-  const kp = generateKeyPair();
-  process.stdout.write(JSON.stringify(kp, null, 2) + '\n');
-  process.stderr.write('\n[!] private_key is shown ONLY here. Save it offline immediately.\n');
-  process.stderr.write('[!] Publish public_key in your _wab DNS TXT as: pk=ed25519:' + kp.public_key + '\n');
-  process.exit(0);
-}
-
-if (cmd === 'sign') {
-  if (!a1 || !a2) usage();
-  const manifest = JSON.parse(fs.readFileSync(a1, 'utf8'));
-  const priv = fs.readFileSync(a2, 'utf8').trim();
-  const signed = signManifest(manifest, priv);
-  const out = a1.replace(/\.json$/, '') + '.signed.json';
-  fs.writeFileSync(out, JSON.stringify(signed, null, 2) + '\n');
-  console.log(`[OK] Signed manifest written: ${out}`);
-  console.log(`[OK] Signature key_id: ${signed.signature.key_id}`);
-  console.log(`[OK] Upload ${out} to https://${manifest.domain || '<your-domain>'}/.well-known/wab.json`);
-  process.exit(0);
-}
-
-if (cmd === 'txt') {
-  if (!a1 || !a2) usage();
-  const pub = a1.trim();
-  const endpoint = a2.trim();
-  if (!/^https:\/\//i.test(endpoint)) { console.error('endpoint must be HTTPS'); process.exit(1); }
-  const fp = fingerprint(pub);
-  console.log(`# _wab.${endpoint.replace(/^https?:\/\//,'').replace(/\/.*$/,'')}  TXT record:`);
-  console.log(`v=wab1; endpoint=${endpoint}; pk=ed25519:${pub}`);
-  console.log(`# key_id (fingerprint): ${fp}`);
-  process.exit(0);
-}
-
-usage();
+#!/usr/bin/env node
+/**
+ * wab-sign — generate Ed25519 keys and sign WAB discovery manifests.
+ *
+ * Usage:
+ *   wab-sign keygen                            # print a new keypair (save private offline)
+ *   wab-sign sign  manifest.json key.priv      # sign a manifest, write manifest.signed.json
+ *   wab-sign txt   <pubkey-b64> <endpoint>     # print the matching _wab TXT line
+ *
+ * Examples:
+ *   $ node wab-sign.js keygen > keys.json
+ *   $ jq -r .private_key keys.json > key.priv
+ *   $ node wab-sign.js sign wab.json key.priv
+ *
+ *   $ node wab-sign.js txt <(jq -r .public_key keys.json) https://example.com/.well-known/wab.json
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const { generateKeyPair, signManifest, fingerprint } = require(
+  // try the bundled service first; fall back to a local copy if invoked from a downloads/ extract
+  fs.existsSync(path.join(__dirname, '..', 'server', 'services', 'wab-crypto.js'))
+    ? path.join(__dirname, '..', 'server', 'services', 'wab-crypto.js')
+    : './wab-crypto'
+);
+
+const [,, cmd, a1, a2] = process.argv;
+
+function usage() {
+  console.error('Usage:');
+  console.error('  wab-sign keygen');
+  console.error('  wab-sign sign <manifest.json> <key.priv>');
+  console.error('  wab-sign txt  <public-key-b64>  <endpoint-url>');
+  process.exit(1);
+}
+
+if (!cmd) usage();
+
+if (cmd === 'keygen') {
+  const kp = generateKeyPair();
+  process.stdout.write(JSON.stringify(kp, null, 2) + '\n');
+  process.stderr.write('\n[!] private_key is shown ONLY here. Save it offline immediately.\n');
+  process.stderr.write('[!] Publish public_key in your _wab DNS TXT as: pk=ed25519:' + kp.public_key + '\n');
+  process.exit(0);
+}
+
+if (cmd === 'sign') {
+  if (!a1 || !a2) usage();
+  const manifest = JSON.parse(fs.readFileSync(a1, 'utf8'));
+  const priv = fs.readFileSync(a2, 'utf8').trim();
+  const signed = signManifest(manifest, priv);
+  const out = a1.replace(/\.json$/, '') + '.signed.json';
+  fs.writeFileSync(out, JSON.stringify(signed, null, 2) + '\n');
+  console.log(`[OK] Signed manifest written: ${out}`);
+  console.log(`[OK] Signature key_id: ${signed.signature.key_id}`);
+  console.log(`[OK] Upload ${out} to https://${manifest.domain || '<your-domain>'}/.well-known/wab.json`);
+  process.exit(0);
+}
+
+if (cmd === 'txt') {
+  if (!a1 || !a2) usage();
+  const pub = a1.trim();
+  const endpoint = a2.trim();
+  if (!/^https:\/\//i.test(endpoint)) { console.error('endpoint must be HTTPS'); process.exit(1); }
+  const fp = fingerprint(pub);
+  console.log(`# _wab.${endpoint.replace(/^https?:\/\//,'').replace(/\/.*$/,'')}  TXT record:`);
+  console.log(`v=wab1; endpoint=${endpoint}; pk=ed25519:${pub}`);
+  console.log(`# key_id (fingerprint): ${fp}`);
+  process.exit(0);
+}
+
+usage();

package/examples/wab-verify.js

@@ -1,60 +1,60 @@
-#!/usr/bin/env node
-/**
- * wab-verify — full trust check on a domain's WAB DNS Discovery setup.
- *
- * Usage:
- *   wab-verify <domain>                  # full DNS + DNSSEC + signature trust report
- *   wab-verify --json <domain>           # JSON output (for CI / scripts)
- *   wab-verify --strict <domain>         # exit non-zero unless trust_score == 100
- *
- * Hits the public WAB Trust API at /api/discovery/trust/:domain.
- * Override base URL with WAB_BASE_URL=https://your-instance.example.com
- */
-
-'use strict';
-
-const fetch = (() => { try { return require('node-fetch'); } catch { return globalThis.fetch; } })();
-
-const args = process.argv.slice(2);
-const json   = args.includes('--json');
-const strict = args.includes('--strict');
-const domain = args.find(a => !a.startsWith('--'));
-const BASE   = process.env.WAB_BASE_URL || 'https://www.webagentbridge.com';
-
-if (!domain) {
-  console.error('Usage: wab-verify [--json] [--strict] <domain>');
-  process.exit(2);
-}
-
-(async () => {
-  const r = await fetch(`${BASE}/api/discovery/trust/${encodeURIComponent(domain)}`);
-  if (!r.ok) { console.error(`HTTP ${r.status}`); process.exit(2); }
-  const data = await r.json();
-
-  if (json) {
-    process.stdout.write(JSON.stringify(data, null, 2) + '\n');
-  } else {
-    const c = data.checks || {};
-    const tick = (b) => b ? '✓' : '✗';
-    console.log(`\nWAB Trust Report — ${data.domain}`);
-    console.log('═'.repeat(50));
-    console.log(`  Trust Score:   ${data.trust_score}/100   [${data.trust_label.toUpperCase()}]`);
-    console.log('  ──────────────────────────────────────────────');
-    console.log(`  ${tick(c.dns_resolved)}  DNS _wab record present`);
-    console.log(`  ${tick(c.dnssec_verified)}  DNSSEC verified (AD flag)`);
-    console.log(`  ${tick(c.has_public_key)}  Public key in DNS (pk=${c.pk_algorithm || '—'})`);
-    console.log(`  ${tick(c.https_endpoint && c.manifest_fetched)}  HTTPS manifest reachable`);
-    console.log(`  ${tick(c.signature_valid)}  Manifest signature valid`);
-    console.log('  ──────────────────────────────────────────────');
-    if (data.public_key) console.log(`  Key ID: ${data.public_key.fingerprint}  (ed25519)`);
-    if (data.endpoint)   console.log(`  Endpoint: ${data.endpoint}`);
-    if (data.findings && data.findings.length) {
-      console.log('\n  Findings:');
-      for (const f of data.findings) console.log('    • ' + f);
-    }
-    console.log('');
-  }
-
-  if (strict && data.trust_score < 100) process.exit(1);
-  process.exit(0);
-})().catch(err => { console.error('[ERROR]', err.message); process.exit(2); });
+#!/usr/bin/env node
+/**
+ * wab-verify — full trust check on a domain's WAB DNS Discovery setup.
+ *
+ * Usage:
+ *   wab-verify <domain>                  # full DNS + DNSSEC + signature trust report
+ *   wab-verify --json <domain>           # JSON output (for CI / scripts)
+ *   wab-verify --strict <domain>         # exit non-zero unless trust_score == 100
+ *
+ * Hits the public WAB Trust API at /api/discovery/trust/:domain.
+ * Override base URL with WAB_BASE_URL=https://your-instance.example.com
+ */
+
+'use strict';
+
+const fetch = (() => { try { return require('node-fetch'); } catch { return globalThis.fetch; } })();
+
+const args = process.argv.slice(2);
+const json   = args.includes('--json');
+const strict = args.includes('--strict');
+const domain = args.find(a => !a.startsWith('--'));
+const BASE   = process.env.WAB_BASE_URL || 'https://www.webagentbridge.com';
+
+if (!domain) {
+  console.error('Usage: wab-verify [--json] [--strict] <domain>');
+  process.exit(2);
+}
+
+(async () => {
+  const r = await fetch(`${BASE}/api/discovery/trust/${encodeURIComponent(domain)}`);
+  if (!r.ok) { console.error(`HTTP ${r.status}`); process.exit(2); }
+  const data = await r.json();
+
+  if (json) {
+    process.stdout.write(JSON.stringify(data, null, 2) + '\n');
+  } else {
+    const c = data.checks || {};
+    const tick = (b) => b ? '✓' : '✗';
+    console.log(`\nWAB Trust Report — ${data.domain}`);
+    console.log('═'.repeat(50));
+    console.log(`  Trust Score:   ${data.trust_score}/100   [${data.trust_label.toUpperCase()}]`);
+    console.log('  ──────────────────────────────────────────────');
+    console.log(`  ${tick(c.dns_resolved)}  DNS _wab record present`);
+    console.log(`  ${tick(c.dnssec_verified)}  DNSSEC verified (AD flag)`);
+    console.log(`  ${tick(c.has_public_key)}  Public key in DNS (pk=${c.pk_algorithm || '—'})`);
+    console.log(`  ${tick(c.https_endpoint && c.manifest_fetched)}  HTTPS manifest reachable`);
+    console.log(`  ${tick(c.signature_valid)}  Manifest signature valid`);
+    console.log('  ──────────────────────────────────────────────');
+    if (data.public_key) console.log(`  Key ID: ${data.public_key.fingerprint}  (ed25519)`);
+    if (data.endpoint)   console.log(`  Endpoint: ${data.endpoint}`);
+    if (data.findings && data.findings.length) {
+      console.log('\n  Findings:');
+      for (const f of data.findings) console.log('    • ' + f);
+    }
+    console.log('');
+  }
+
+  if (strict && data.trust_score < 100) process.exit(1);
+  process.exit(0);
+})().catch(err => { console.error('[ERROR]', err.message); process.exit(2); });

package/examples/wordpress-elementor/README.md

@@ -1,77 +1,77 @@
-# WordPress + Elementor + WAB
-
-This snippet works with Elementor pages and exposes actions without changing your theme files heavily.
-
-## 1) Add WAB scripts
-
-In WordPress (Elementor Custom Code or theme footer):
-
-```html
-<script src="https://webagentbridge.com/script/wab.min.js"></script>
-<script src="https://webagentbridge.com/script/wab-schema.js"></script>
-<script src="/wp-content/uploads/wab-elementor.js"></script>
-```
-
-## 2) Add this JS file as `wab-elementor.js`
-
-```js
-(function () {
-  if (!window.WAB) return;
-
-  var products = window.WABSchema ? window.WABSchema.scanJsonLd() : [];
-  var suggested = window.WABSchema ? window.WABSchema.suggestActions(products) : [];
-
-  var config = window.WABSchema
-    ? window.WABSchema.mergeWithManual(
-        {
-          getHeroTitle: {
-            description: 'Read Elementor hero heading',
-            run: function () {
-              var title = document.querySelector('.elementor-heading-title');
-              return { title: title ? title.textContent.trim() : null };
-            }
-          },
-          submitVisibleElementorForm: {
-            description: 'Fill and submit the first visible Elementor form',
-            run: function (params) {
-              var form = document.querySelector('.elementor-form');
-              if (!form) return { success: false, error: 'No Elementor form found' };
-
-              var fields = form.querySelectorAll('input, textarea, select');
-              fields.forEach(function (field) {
-                var key = field.name || field.id;
-                if (!key || params[key] == null) return;
-                field.value = String(params[key]);
-                field.dispatchEvent(new Event('input', { bubbles: true }));
-                field.dispatchEvent(new Event('change', { bubbles: true }));
-              });
-
-              var submit = form.querySelector('[type="submit"], button');
-              if (!submit) return { success: false, error: 'No submit button found' };
-              submit.click();
-              return { success: true };
-            }
-          }
-        },
-        suggested
-      )
-    : {
-        actions: {
-          getHeroTitle: {
-            description: 'Read Elementor hero heading',
-            run: function () {
-              var title = document.querySelector('.elementor-heading-title');
-              return { title: title ? title.textContent.trim() : null };
-            }
-          }
-        }
-      };
-
-  window.WAB.init({
-    name: document.title,
-    actions: config.actions
-  });
-})();
-```
-
-This gives agents discoverable actions for Elementor content + schema-derived product helpers.
+# WordPress + Elementor + WAB
+
+This snippet works with Elementor pages and exposes actions without changing your theme files heavily.
+
+## 1) Add WAB scripts
+
+In WordPress (Elementor Custom Code or theme footer):
+
+```html
+<script src="https://webagentbridge.com/script/wab.min.js"></script>
+<script src="https://webagentbridge.com/script/wab-schema.js"></script>
+<script src="/wp-content/uploads/wab-elementor.js"></script>
+```
+
+## 2) Add this JS file as `wab-elementor.js`
+
+```js
+(function () {
+  if (!window.WAB) return;
+
+  var products = window.WABSchema ? window.WABSchema.scanJsonLd() : [];
+  var suggested = window.WABSchema ? window.WABSchema.suggestActions(products) : [];
+
+  var config = window.WABSchema
+    ? window.WABSchema.mergeWithManual(
+        {
+          getHeroTitle: {
+            description: 'Read Elementor hero heading',
+            run: function () {
+              var title = document.querySelector('.elementor-heading-title');
+              return { title: title ? title.textContent.trim() : null };
+            }
+          },
+          submitVisibleElementorForm: {
+            description: 'Fill and submit the first visible Elementor form',
+            run: function (params) {
+              var form = document.querySelector('.elementor-form');
+              if (!form) return { success: false, error: 'No Elementor form found' };
+
+              var fields = form.querySelectorAll('input, textarea, select');
+              fields.forEach(function (field) {
+                var key = field.name || field.id;
+                if (!key || params[key] == null) return;
+                field.value = String(params[key]);
+                field.dispatchEvent(new Event('input', { bubbles: true }));
+                field.dispatchEvent(new Event('change', { bubbles: true }));
+              });
+
+              var submit = form.querySelector('[type="submit"], button');
+              if (!submit) return { success: false, error: 'No submit button found' };
+              submit.click();
+              return { success: true };
+            }
+          }
+        },
+        suggested
+      )
+    : {
+        actions: {
+          getHeroTitle: {
+            description: 'Read Elementor hero heading',
+            run: function () {
+              var title = document.querySelector('.elementor-heading-title');
+              return { title: title ? title.textContent.trim() : null };
+            }
+          }
+        }
+      };
+
+  window.WAB.init({
+    name: document.title,
+    actions: config.actions
+  });
+})();
+```
+
+This gives agents discoverable actions for Elementor content + schema-derived product helpers.

package/package.json

@@ -1,93 +1,93 @@
-{
-  "name": "web-agent-bridge",
-  "version": "3.4.0",
-  "description": "Open AI↔Web protocol & agent platform: standardized command interface, sovereign browser, ShieldQR trust verifier, SSL health monitor, zero-config adoption (Cloudflare/Vercel/Netlify/Next.js), DNS discovery, agent mesh, and unified API gateway for safe AI–website interaction",
-  "author": "Web Agent Bridge <dev@webagentbridge.com>",
-  "main": "server/index.js",
-  "bin": {
-    "web-agent-bridge": "./bin/cli.js",
-    "wab": "./bin/cli.js",
-    "wab-agent": "./bin/cli.js",
-    "wab-init": "./bin/wab-init.js"
-  },
-  "scripts": {
-    "start": "node server/index.js",
-    "dev": "node server/index.js",
-    "test": "jest --forceExit --detectOpenHandles",
-    "build:script": "node scripts/build.js",
-    "prepublishOnly": "npm test"
-  },
-  "keywords": [
-    "ai",
-    "agent",
-    "bridge",
-    "protocol",
-    "platform",
-    "automation",
-    "web",
-    "ai-agent",
-    "agent-mesh",
-    "sovereign-browser",
-    "phone-shield",
-    "dns-discovery",
-    "api-gateway",
-    "browser-automation",
-    "webdriver-bidi"
-  ],
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/abokenan444/web-agent-bridge.git"
-  },
-  "homepage": "https://github.com/abokenan444/web-agent-bridge#readme",
-  "bugs": {
-    "url": "https://github.com/abokenan444/web-agent-bridge/issues"
-  },
-  "files": [
-    "bin/",
-    "server/",
-    "public/*.html",
-    "public/*.txt",
-    "public/*.xml",
-    "public/*.json",
-    "public/css/",
-    "public/js/",
-    "public/script/",
-    "public/assets/",
-    "public/.well-known/",
-    "script/",
-    "sdk/",
-    "templates/",
-    "examples/",
-    "README.md",
-    "README.ar.md",
-    "LICENSE"
-  ],
-  "engines": {
-    "node": ">=18.0.0"
-  },
-  "license": "MIT",
-  "dependencies": {
-    "bcryptjs": "^3.0.3",
-    "better-sqlite3": "^11.6.0",
-    "cors": "^2.8.5",
-    "dotenv": "^16.4.5",
-    "express": "^4.21.0",
-    "express-rate-limit": "^7.4.1",
-    "helmet": "^8.0.0",
-    "jsonwebtoken": "^9.0.2",
-    "nodemailer": "^8.0.7",
-    "stripe": "^20.4.1",
-    "ws": "^8.20.0"
-  },
-  "devDependencies": {
-    "all-contributors-cli": "^6.26.1",
-    "jest": "^30.3.0",
-    "supertest": "^7.2.2"
-  },
-  "jest": {
-    "testPathIgnorePatterns": [
-      "/node_modules/",
-      "/packages/"
-    ]
-  }
-}
+{
+  "name": "web-agent-bridge",
+  "version": "3.9.0",
+  "description": "Agent Transaction Bridge — the trust + transaction layer for agentic commerce. Signed intent contracts, idempotent transactions, Ed25519-verifiable receipts, explicit compensation. Plus the original WAB stack: sovereign browser, ShieldQR, SSL health, DNS discovery, agent mesh, and unified gateway for safe AI–website interaction.",
+  "author": "Web Agent Bridge <dev@webagentbridge.com>",
+  "main": "server/index.js",
+  "bin": {
+    "web-agent-bridge": "./bin/cli.js",
+    "wab": "./bin/cli.js",
+    "wab-agent": "./bin/cli.js",
+    "wab-init": "./bin/wab-init.js"
+  },
+  "scripts": {
+    "start": "node server/index.js",
+    "dev": "node server/index.js",
+    "test": "jest --forceExit --detectOpenHandles",
+    "build:script": "node scripts/build.js",
+    "prepublishOnly": "npm test"
+  },
+  "keywords": [
+    "ai",
+    "agent",
+    "bridge",
+    "protocol",
+    "platform",
+    "automation",
+    "web",
+    "ai-agent",
+    "agent-mesh",
+    "sovereign-browser",
+    "phone-shield",
+    "dns-discovery",
+    "api-gateway",
+    "browser-automation",
+    "webdriver-bidi"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/abokenan444/web-agent-bridge.git"
+  },
+  "homepage": "https://github.com/abokenan444/web-agent-bridge#readme",
+  "bugs": {
+    "url": "https://github.com/abokenan444/web-agent-bridge/issues"
+  },
+  "files": [
+    "bin/",
+    "server/",
+    "public/*.html",
+    "public/*.txt",
+    "public/*.xml",
+    "public/*.json",
+    "public/css/",
+    "public/js/",
+    "public/script/",
+    "public/assets/",
+    "public/.well-known/",
+    "script/",
+    "sdk/",
+    "templates/",
+    "examples/",
+    "README.md",
+    "README.ar.md",
+    "LICENSE"
+  ],
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "license": "MIT",
+  "dependencies": {
+    "bcryptjs": "^3.0.3",
+    "better-sqlite3": "^11.6.0",
+    "cors": "^2.8.5",
+    "dotenv": "^16.4.5",
+    "express": "^4.21.0",
+    "express-rate-limit": "^7.4.1",
+    "helmet": "^8.0.0",
+    "jsonwebtoken": "^9.0.2",
+    "nodemailer": "^8.0.7",
+    "stripe": "^20.4.1",
+    "ws": "^8.20.0"
+  },
+  "devDependencies": {
+    "all-contributors-cli": "^6.26.1",
+    "jest": "^30.3.0",
+    "supertest": "^7.2.2"
+  },
+  "jest": {
+    "testPathIgnorePatterns": [
+      "/node_modules/",
+      "/packages/"
+    ]
+  }
+}