wyrm-mcp 3.7.2 → 5.0.0

package/dist/agent-loop.d.ts

@@ -0,0 +1,86 @@
+/**
+ * Agent loop — OODA + ReAct (Observe → Orient → Decide → Act).
+ *
+ * This is the thing that turns Wyrm from "memory tool" into "agent".
+ * Given a goal (or ad-hoc query), we run a multi-turn loop where:
+ *
+ *   1. Observe — assemble relevant context from Wyrm's own data
+ *                (failures, truths, sessions, symbols, prior iterations)
+ *   2. Orient   — LLM synthesises: "given this context, what's the state?"
+ *   3. Decide   — LLM proposes ONE action: either a Wyrm tool call,
+ *                 an external MCP server call, or 'done' / 'block' / 'escalate'
+ *   4. Act      — execute the proposed action, capture result
+ *   5. Loop     — feed result back into the next Observe step
+ *
+ * Each iteration logs to `goal_iterations` if attached to a goal.
+ * Hard caps: `max_iterations` per goal, ~60s wall clock per iteration,
+ * actions matched against a whitelist (no `wyrm_audit_export` or other
+ * data-exfiltration tools from inside the loop).
+ *
+ * LLM protocol — JSON envelope works with both:
+ *   - Ollama JSON mode  (most models 7B+)
+ *   - OpenAI native function calling  (gpt-4o, gpt-4o-mini, ...)
+ *
+ * The response shape we ask for:
+ *   {"thought":"...","action":"<tool_name>","args":{...}} or
+ *   {"thought":"...","action":"done","summary":"..."} or
+ *   {"thought":"...","action":"block","reason":"..."}
+ *
+ * @copyright 2026 Ghost Protocol (Pvt) Ltd. All Rights Reserved.
+ * @license Proprietary
+ */
+import type Database from 'better-sqlite3';
+import { OutboundMcpClient } from './mcp-client.js';
+export interface AgentAction {
+    thought?: string;
+    action: string;
+    args?: Record<string, unknown>;
+    summary?: string;
+    reason?: string;
+}
+export interface IterationResult {
+    iteration_num: number;
+    observe_summary: string;
+    orient_summary: string;
+    decided: AgentAction;
+    action_result: string;
+    outcome: 'progressed' | 'blocked' | 'done' | 'error';
+    latency_ms: number;
+    tokens_in?: number;
+    tokens_out?: number;
+    model: string;
+    degraded: boolean;
+}
+export interface ToolDispatcher {
+    (toolName: string, args: Record<string, unknown>): Promise<{
+        ok: boolean;
+        result?: unknown;
+        error?: string;
+    }>;
+}
+export declare class AgentLoop {
+    private db;
+    private externalClient;
+    private internalToolDispatch;
+    private subAgent;
+    private goals;
+    private failures;
+    constructor(db: Database.Database, externalClient: OutboundMcpClient, internalToolDispatch: ToolDispatcher);
+    /** Run ONE OODA iteration on a goal. Returns the iteration result. */
+    iterate(goal_id: number, opts?: {
+        ollama_url?: string;
+        openai_api_key?: string;
+        model_override?: string;
+    }): Promise<IterationResult | null>;
+    /** Iterate until done / blocked / cap hit. Returns the array of iterations. */
+    pursue(goal_id: number, opts?: {
+        max_steps?: number;
+        ollama_url?: string;
+        openai_api_key?: string;
+        model_override?: string;
+    }): Promise<IterationResult[]>;
+    private observe;
+    private orientAndDecide;
+    private act;
+}
+//# sourceMappingURL=agent-loop.d.ts.map

package/dist/agent-loop.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-loop.d.ts","sourceRoot":"","sources":["../src/agent-loop.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAEH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAI3C,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AAwBpD,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;IACvB,OAAO,EAAE,WAAW,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,YAAY,GAAG,SAAS,GAAG,MAAM,GAAG,OAAO,CAAC;IACrD,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAC/G;AAED,qBAAa,SAAS;IAMlB,OAAO,CAAC,EAAE;IACV,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,oBAAoB;IAP9B,OAAO,CAAC,QAAQ,CAAW;IAC3B,OAAO,CAAC,KAAK,CAAQ;IACrB,OAAO,CAAC,QAAQ,CAAkB;gBAGxB,EAAE,EAAE,QAAQ,CAAC,QAAQ,EACrB,cAAc,EAAE,iBAAiB,EACjC,oBAAoB,EAAE,cAAc;IAO9C,sEAAsE;IAChE,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,cAAc,CAAC,EAAE,MAAM,CAAC;QAAC,cAAc,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;IA+EjJ,+EAA+E;IACzE,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,cAAc,CAAC,EAAE,MAAM,CAAC;QAAC,cAAc,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAgB/J,OAAO,CAAC,OAAO;YAwED,eAAe;YA0Ef,GAAG;CA4BlB"}

package/dist/agent-loop.js

@@ -0,0 +1,321 @@
+/**
+ * Agent loop — OODA + ReAct (Observe → Orient → Decide → Act).
+ *
+ * This is the thing that turns Wyrm from "memory tool" into "agent".
+ * Given a goal (or ad-hoc query), we run a multi-turn loop where:
+ *
+ *   1. Observe — assemble relevant context from Wyrm's own data
+ *                (failures, truths, sessions, symbols, prior iterations)
+ *   2. Orient   — LLM synthesises: "given this context, what's the state?"
+ *   3. Decide   — LLM proposes ONE action: either a Wyrm tool call,
+ *                 an external MCP server call, or 'done' / 'block' / 'escalate'
+ *   4. Act      — execute the proposed action, capture result
+ *   5. Loop     — feed result back into the next Observe step
+ *
+ * Each iteration logs to `goal_iterations` if attached to a goal.
+ * Hard caps: `max_iterations` per goal, ~60s wall clock per iteration,
+ * actions matched against a whitelist (no `wyrm_audit_export` or other
+ * data-exfiltration tools from inside the loop).
+ *
+ * LLM protocol — JSON envelope works with both:
+ *   - Ollama JSON mode  (most models 7B+)
+ *   - OpenAI native function calling  (gpt-4o, gpt-4o-mini, ...)
+ *
+ * The response shape we ask for:
+ *   {"thought":"...","action":"<tool_name>","args":{...}} or
+ *   {"thought":"...","action":"done","summary":"..."} or
+ *   {"thought":"...","action":"block","reason":"..."}
+ *
+ * @copyright 2026 Ghost Protocol (Pvt) Ltd. All Rights Reserved.
+ * @license Proprietary
+ */
+import { Goals } from './goals.js';
+import { SubAgent } from './sub-agent.js';
+import { FailurePatterns } from './failure-patterns.js';
+import { sanitizeFtsQuery } from './security.js';
+const DEFAULT_MAX_ITERATIONS = 20;
+const ITER_HARD_TIMEOUT_MS = 90_000;
+// Tools the agent is allowed to call from inside the loop. Whitelist —
+// excludes audit export, sync push, prune, encrypt setup, etc.
+const SAFE_INTERNAL_TOOLS = new Set([
+    // Read-mostly
+    'wyrm_search', 'wyrm_recall', 'wyrm_project_context', 'wyrm_global_context',
+    'wyrm_truth_get', 'wyrm_all_quests', 'wyrm_failure_check', 'wyrm_failure_list',
+    'wyrm_symbol_search', 'wyrm_symbol_callers', 'wyrm_symbol_stats',
+    'wyrm_session_rehydrate', 'wyrm_decision_upstream', 'wyrm_decision_downstream',
+    'wyrm_presence_list', 'wyrm_sync_conflicts',
+    // Bounded writes (operator can audit each via goal_iterations)
+    'wyrm_quest_add', 'wyrm_failure_record', 'wyrm_decided_because',
+    'wyrm_capture', 'wyrm_remember', 'wyrm_distill',
+    // Status updates
+    'wyrm_quest_complete',
+    // External call gateway
+    'wyrm_call_external',
+]);
+export class AgentLoop {
+    db;
+    externalClient;
+    internalToolDispatch;
+    subAgent;
+    goals;
+    failures;
+    constructor(db, externalClient, internalToolDispatch) {
+        this.db = db;
+        this.externalClient = externalClient;
+        this.internalToolDispatch = internalToolDispatch;
+        this.subAgent = new SubAgent(db);
+        this.goals = new Goals(db);
+        this.failures = new FailurePatterns(db);
+    }
+    /** Run ONE OODA iteration on a goal. Returns the iteration result. */
+    async iterate(goal_id, opts) {
+        const goal = this.goals.get(goal_id);
+        if (!goal)
+            return null;
+        if (goal.status !== 'active')
+            return null;
+        if (goal.iterations_count >= goal.max_iterations) {
+            // Hit the cap — record a final 'blocked' iteration and abandon.
+            this.goals.recordIteration(goal_id, {
+                outcome: 'blocked',
+                notes: `Hit max_iterations=${goal.max_iterations}`,
+                latency_ms: 0,
+            });
+            this.goals.abandon(goal_id, `Exceeded max_iterations=${goal.max_iterations}`);
+            return null;
+        }
+        const start = Date.now();
+        // ---- 1. OBSERVE ----
+        const observation = this.observe(goal);
+        // ---- 2. ORIENT + DECIDE (one LLM call) ----
+        const { decided, orient_summary, model, tokens_in, tokens_out, degraded } = await this.orientAndDecide(goal, observation, opts);
+        // ---- 3. ACT ----
+        const actionResult = await this.act(decided);
+        const latency = Date.now() - start;
+        const outcome = decided.action === 'done' ? 'done'
+            : decided.action === 'block' || decided.action === 'escalate' ? 'blocked'
+                : actionResult.startsWith('ERROR:') ? 'error'
+                    : 'progressed';
+        // ---- 4. RECORD ----
+        this.goals.recordIteration(goal_id, {
+            observe_summary: observation.summary,
+            orient_summary,
+            decided_action: JSON.stringify(decided),
+            action_result: actionResult.slice(0, 4000),
+            outcome,
+            latency_ms: latency,
+            tokens_in,
+            tokens_out,
+            model,
+        });
+        // Append an agent_actions row too — the higher-level audit
+        try {
+            this.db.prepare(`
+        INSERT INTO agent_actions
+          (actor, goal_id, action_kind, summary, result_status)
+        VALUES ('wyrm-loop', ?, ?, ?, ?)
+      `).run(goal_id, decided.action === 'done' || decided.action === 'block' ? decided.action : 'act', `${decided.action}: ${(decided.thought ?? decided.summary ?? '').slice(0, 200)}`, outcome === 'done' ? 'success'
+                : outcome === 'progressed' ? 'partial'
+                    : outcome === 'blocked' ? 'noop'
+                        : 'failure');
+        }
+        catch { /* best-effort */ }
+        return {
+            iteration_num: goal.iterations_count + 1,
+            observe_summary: observation.summary,
+            orient_summary,
+            decided,
+            action_result: actionResult,
+            outcome,
+            latency_ms: latency,
+            tokens_in,
+            tokens_out,
+            model,
+            degraded,
+        };
+    }
+    /** Iterate until done / blocked / cap hit. Returns the array of iterations. */
+    async pursue(goal_id, opts) {
+        const cap = Math.min(50, Math.max(1, opts?.max_steps ?? 10));
+        const out = [];
+        for (let i = 0; i < cap; i++) {
+            const r = await this.iterate(goal_id, opts);
+            if (!r)
+                break;
+            out.push(r);
+            if (r.outcome === 'done' || r.outcome === 'blocked' || r.outcome === 'error')
+                break;
+        }
+        return out;
+    }
+    // ============================================================
+    // OODA stages
+    // ============================================================
+    observe(goal) {
+        const parts = [];
+        const tags = [];
+        // Last 3 iterations — what's been tried already
+        const prior = this.goals.iterationsFor(goal.id, 3);
+        if (prior.length > 0) {
+            parts.push('## Recent iterations');
+            for (const it of prior.reverse()) {
+                parts.push(`- #${it.iteration_num} (${it.outcome}): ${it.notes ?? it.action_result?.slice(0, 200) ?? '(no notes)'}`);
+            }
+            tags.push(`iter:${prior.length}`);
+        }
+        // Project context (truths + open quests)
+        if (goal.project_id != null) {
+            try {
+                const truths = this.db.prepare(`
+          SELECT category, key, value, rationale FROM ground_truths
+          WHERE project_id = ? AND is_current = 1
+          ORDER BY confidence DESC LIMIT 10
+        `).all(goal.project_id);
+                if (truths.length > 0) {
+                    parts.push('## Ground truths');
+                    for (const t of truths) {
+                        parts.push(`- ${t.category}.${t.key} = ${t.value}${t.rationale ? ` (${t.rationale})` : ''}`);
+                    }
+                    tags.push(`truths:${truths.length}`);
+                }
+                const quests = this.db.prepare(`
+          SELECT id, title, priority FROM quests
+          WHERE project_id = ? AND status IN ('pending','in_progress')
+          ORDER BY
+            CASE priority WHEN 'critical' THEN 0 WHEN 'high' THEN 1
+                          WHEN 'medium' THEN 2 ELSE 3 END
+          LIMIT 8
+        `).all(goal.project_id);
+                if (quests.length > 0) {
+                    parts.push('## Open quests');
+                    for (const q of quests)
+                        parts.push(`- #${q.id} [${q.priority}] ${q.title}`);
+                    tags.push(`quests:${quests.length}`);
+                }
+            }
+            catch { /* tables may not exist on very old DBs */ }
+        }
+        // Failures around the goal topic
+        try {
+            const failsQuery = sanitizeFtsQuery(goal.title.slice(0, 100));
+            if (failsQuery) {
+                const fails = this.db.prepare(`
+          SELECT fp.id, fp.scope, fp.target, fp.description, fp.why_failed
+          FROM failure_patterns fp
+          JOIN failure_patterns_fts fts ON fts.rowid = fp.id
+          WHERE failure_patterns_fts MATCH ? AND fp.resolved = 0
+          ORDER BY fp.occurrences DESC LIMIT 5
+        `).all(failsQuery);
+                if (fails.length > 0) {
+                    parts.push('## Known failures — DO NOT repeat');
+                    for (const f of fails) {
+                        parts.push(`- #${f.id} ${f.scope}:${f.target} — ${f.description}${f.why_failed ? ` (why: ${f.why_failed})` : ''}`);
+                    }
+                    tags.push(`fails:${fails.length}`);
+                }
+            }
+        }
+        catch { /* failure_patterns may not exist */ }
+        const detail = parts.join('\n');
+        const summary = tags.join(' ') || '(no signal)';
+        return { summary, detail };
+    }
+    async orientAndDecide(goal, observation, opts) {
+        const toolNames = Array.from(SAFE_INTERNAL_TOOLS).sort();
+        const prompt = [
+            `You are Wyrm, an autonomous agent pursuing this goal across multiple sessions.`,
+            ``,
+            `GOAL: ${goal.title}`,
+            goal.description ? `DESCRIPTION: ${goal.description}` : '',
+            goal.success_criteria ? `SUCCESS CRITERIA: ${goal.success_criteria}` : '',
+            goal.deadline ? `DEADLINE: ${goal.deadline}` : '',
+            ``,
+            `=== OBSERVED CONTEXT ===`,
+            observation.detail || '(no context — fresh start)',
+            `=== END CONTEXT ===`,
+            ``,
+            `Decide ONE next action. Respond with a single JSON object only. Schema:`,
+            `  {"thought": "<reasoning>", "action": "<one of: done | block | escalate | ${toolNames.join(' | ')}>", "args": {...}, "summary": "<if done>", "reason": "<if block>"}`,
+            ``,
+            `Rules:`,
+            `- If success_criteria is met based on context, respond with action="done" and a summary.`,
+            `- If you are stuck (need human input, missing capability), respond with action="block" and a reason.`,
+            `- If you've tried the same approach 3+ times unsuccessfully, switch tactics or block.`,
+            `- Otherwise pick exactly ONE tool from the list. Provide "args" matching that tool's schema.`,
+            `- Do NOT repeat actions listed in "Known failures".`,
+            ``,
+            `Respond with ONLY the JSON object — no markdown, no preamble.`,
+        ].filter(Boolean).join('\n');
+        // We use SubAgent.ask but bypass its context assembly — we supply the
+        // full prompt and just want the LLM response.
+        const r = await this.subAgent.ask({
+            query: prompt,
+            project_id: goal.project_id ?? null,
+            max_context_chars: 200, // minimal, we supply our own
+            ollama_url: opts?.ollama_url,
+            openai_api_key: opts?.openai_api_key,
+            model_override: opts?.model_override,
+        });
+        // Parse the JSON response (LLMs sometimes wrap with markdown — strip it)
+        const cleaned = r.answer
+            .replace(/^[\s\S]*?```(?:json)?/, '')
+            .replace(/```[\s\S]*$/, '')
+            .trim();
+        let decided;
+        try {
+            decided = JSON.parse(cleaned.length > 0 ? cleaned : r.answer);
+        }
+        catch {
+            // LLM gave non-JSON. Treat as 'block'.
+            decided = {
+                action: 'block',
+                reason: r.degraded
+                    ? 'No LLM available'
+                    : 'LLM returned non-JSON response (could not parse decision)',
+                thought: r.answer.slice(0, 500),
+            };
+        }
+        if (!decided.action)
+            decided.action = 'block';
+        return {
+            decided,
+            orient_summary: decided.thought ?? '(no thought)',
+            model: r.model,
+            tokens_in: r.tokens_in,
+            tokens_out: r.tokens_out,
+            degraded: r.degraded,
+        };
+    }
+    async act(decided) {
+        if (decided.action === 'done')
+            return `DONE: ${decided.summary ?? '(no summary)'}`;
+        if (decided.action === 'block')
+            return `BLOCKED: ${decided.reason ?? '(no reason)'}`;
+        if (decided.action === 'escalate')
+            return `ESCALATED: ${decided.reason ?? decided.summary ?? '(no reason)'}`;
+        // Whitelist check — refuse anything not in SAFE_INTERNAL_TOOLS or a recognized external pattern
+        if (decided.action === 'wyrm_call_external') {
+            const args = decided.args;
+            if (!args?.server || !args?.tool)
+                return 'ERROR: wyrm_call_external requires server + tool';
+            const r = await this.externalClient.call(args.server, args.tool, args.args ?? {});
+            return r.ok
+                ? `OK external ${args.server}.${args.tool}: ${JSON.stringify(r.result).slice(0, 500)}`
+                : `ERROR external ${args.server}.${args.tool}: ${r.error ?? 'unknown'}`;
+        }
+        if (!SAFE_INTERNAL_TOOLS.has(decided.action)) {
+            return `ERROR: tool '${decided.action}' is not in the agent-loop whitelist`;
+        }
+        // Internal tool dispatch via the harness function
+        try {
+            const r = await this.internalToolDispatch(decided.action, decided.args ?? {});
+            if (r.ok)
+                return `OK ${decided.action}: ${JSON.stringify(r.result).slice(0, 500)}`;
+            return `ERROR ${decided.action}: ${r.error ?? 'unknown'}`;
+        }
+        catch (err) {
+            return `ERROR ${decided.action}: ${err.message}`;
+        }
+    }
+}
+//# sourceMappingURL=agent-loop.js.map

package/dist/agent-loop.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-loop.js","sourceRoot":"","sources":["../src/agent-loop.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAGH,OAAO,EAAE,KAAK,EAAiC,MAAM,YAAY,CAAC;AAClE,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,eAAe,EAAqB,MAAM,uBAAuB,CAAC;AAE3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAEjD,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAClC,MAAM,oBAAoB,GAAG,MAAM,CAAC;AAEpC,uEAAuE;AACvE,+DAA+D;AAC/D,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAS;IAC1C,cAAc;IACd,aAAa,EAAE,aAAa,EAAE,sBAAsB,EAAE,qBAAqB;IAC3E,gBAAgB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,mBAAmB;IAC9E,oBAAoB,EAAE,qBAAqB,EAAE,mBAAmB;IAChE,wBAAwB,EAAE,wBAAwB,EAAE,0BAA0B;IAC9E,oBAAoB,EAAE,qBAAqB;IAC3C,+DAA+D;IAC/D,gBAAgB,EAAE,qBAAqB,EAAE,sBAAsB;IAC/D,cAAc,EAAE,eAAe,EAAE,cAAc;IAC/C,iBAAiB;IACjB,qBAAqB;IACrB,wBAAwB;IACxB,oBAAoB;CACrB,CAAC,CAAC;AA4BH,MAAM,OAAO,SAAS;IAMV;IACA;IACA;IAPF,QAAQ,CAAW;IACnB,KAAK,CAAQ;IACb,QAAQ,CAAkB;IAElC,YACU,EAAqB,EACrB,cAAiC,EACjC,oBAAoC;QAFpC,OAAE,GAAF,EAAE,CAAmB;QACrB,mBAAc,GAAd,cAAc,CAAmB;QACjC,yBAAoB,GAApB,oBAAoB,CAAgB;QAE5C,IAAI,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,EAAE,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,CAAC;QAC3B,IAAI,CAAC,QAAQ,GAAG,IAAI,eAAe,CAAC,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,sEAAsE;IACtE,KAAK,CAAC,OAAO,CAAC,OAAe,EAAE,IAAgF;QAC7G,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QACvB,IAAI,IAAI,CAAC,MAAM,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC1C,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACjD,gEAAgE;YAChE,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,EAAE;gBAClC,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,sBAAsB,IAAI,CAAC,cAAc,EAAE;gBAClD,UAAU,EAAE,CAAC;aACd,CAAC,CAAC;YACH,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,2BAA2B,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;YAC9E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEzB,uBAAuB;QACvB,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAEvC,8CAA8C;QAC9C,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,GACvE,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;QAEtD,mBAAmB;QACnB,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE7C,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;QACnC,MAAM,OAAO,GACX,OAAO,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM;YAClC,CAAC,CAAC,OAAO,CAAC,MAAM,KAAK,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,SAAS;gBACzE,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO;oBAC7C,CAAC,CAAC,YAAY,CAAC;QAEjB,sBAAsB;QACtB,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,EAAE;YAClC,eAAe,EAAE,WAAW,CAAC,OAAO;YACpC,cAAc;YACd,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YACvC,aAAa,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;YAC1C,OAAO;YACP,UAAU,EAAE,OAAO;YACnB,SAAS;YACT,UAAU;YACV,KAAK;SACN,CAAC,CAAC;QAEH,2DAA2D;QAC3D,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;OAIf,CAAC,CAAC,GAAG,CACJ,OAAO,EACP,OAAO,CAAC,MAAM,KAAK,MAAM,IAAI,OAAO,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,EAChF,GAAG,OAAO,CAAC,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAChF,OAAO,KAAK,MAAM,CAAC,CAAC,CAAC,SAAS;gBAC5B,CAAC,CAAC,OAAO,KAAK,YAAY,CAAC,CAAC,CAAC,SAAS;oBACtC,CAAC,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM;wBAChC,CAAC,CAAC,SAAS,CACd,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;QAE7B,OAAO;YACL,aAAa,EAAE,IAAI,CAAC,gBAAgB,GAAG,CAAC;YACxC,eAAe,EAAE,WAAW,CAAC,OAAO;YACpC,cAAc;YACd,OAAO;YACP,aAAa,EAAE,YAAY;YAC3B,OAAO;YACP,UAAU,EAAE,OAAO;YACnB,SAAS;YACT,UAAU;YACV,KAAK;YACL,QAAQ;SACT,CAAC;IACJ,CAAC;IAED,+EAA+E;IAC/E,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,IAAoG;QAChI,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC;QAC7D,MAAM,GAAG,GAAsB,EAAE,CAAC;QAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7B,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAC5C,IAAI,CAAC,CAAC;gBAAE,MAAM;YACd,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACZ,IAAI,CAAC,CAAC,OAAO,KAAK,MAAM,IAAI,CAAC,CAAC,OAAO,KAAK,SAAS,IAAI,CAAC,CAAC,OAAO,KAAK,OAAO;gBAAE,MAAM;QACtF,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,+DAA+D;IAC/D,cAAc;IACd,+DAA+D;IAEvD,OAAO,CAAC,IAAU;QACxB,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAa,EAAE,CAAC;QAE1B,gDAAgD;QAChD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACnD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACnC,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;gBACjC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,aAAa,KAAK,EAAE,CAAC,OAAO,MAAM,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,YAAY,EAAE,CAAC,CAAC;YACvH,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,QAAQ,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QACpC,CAAC;QAED,yCAAyC;QACzC,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;SAI9B,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAsF,CAAC;gBAC7G,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACtB,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;oBAC/B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;wBACvB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC/F,CAAC;oBACD,IAAI,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;gBACvC,CAAC;gBAED,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;;;;SAO9B,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAA2D,CAAC;gBAClF,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACtB,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;oBAC7B,KAAK,MAAM,CAAC,IAAI,MAAM;wBAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;oBAC5E,IAAI,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;gBACvC,CAAC;YACH,CAAC;YAAC,MAAM,CAAC,CAAC,0CAA0C,CAAC,CAAC;QACxD,CAAC;QAED,iCAAiC;QACjC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YAC9D,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;;;SAM7B,CAAC,CAAC,GAAG,CAAC,UAAU,CAAyG,CAAC;gBAC3H,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,KAAK,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;oBAChD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;wBACtB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,MAAM,MAAM,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACrH,CAAC;oBACD,IAAI,CAAC,IAAI,CAAC,SAAS,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,oCAAoC,CAAC,CAAC;QAEhD,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC;QAChD,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IAC7B,CAAC;IAEO,KAAK,CAAC,eAAe,CAC3B,IAAU,EACV,WAAgD,EAChD,IAAgF;QAEhF,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,IAAI,EAAE,CAAC;QACzD,MAAM,MAAM,GAAG;YACb,gFAAgF;YAChF,EAAE;YACF,SAAS,IAAI,CAAC,KAAK,EAAE;YACrB,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,gBAAgB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE;YAC1D,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,qBAAqB,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE;YACzE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE;YACjD,EAAE;YACF,0BAA0B;YAC1B,WAAW,CAAC,MAAM,IAAI,4BAA4B;YAClD,qBAAqB;YACrB,EAAE;YACF,yEAAyE;YACzE,8EAA8E,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,oEAAoE;YACvK,EAAE;YACF,QAAQ;YACR,0FAA0F;YAC1F,sGAAsG;YACtG,uFAAuF;YACvF,8FAA8F;YAC9F,qDAAqD;YACrD,EAAE;YACF,+DAA+D;SAChE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE7B,sEAAsE;QACtE,8CAA8C;QAC9C,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;YAChC,KAAK,EAAE,MAAM;YACb,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,IAAI;YACnC,iBAAiB,EAAE,GAAG,EAAmB,6BAA6B;YACtE,UAAU,EAAE,IAAI,EAAE,UAAU;YAC5B,cAAc,EAAE,IAAI,EAAE,cAAc;YACpC,cAAc,EAAE,IAAI,EAAE,cAAc;SACrC,CAAC,CAAC;QAEH,yEAAyE;QACzE,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM;aACrB,OAAO,CAAC,uBAAuB,EAAE,EAAE,CAAC;aACpC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC;aAC1B,IAAI,EAAE,CAAC;QAEV,IAAI,OAAoB,CAAC;QACzB,IAAI,CAAC;YACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAgB,CAAC;QAC/E,CAAC;QAAC,MAAM,CAAC;YACP,uCAAuC;YACvC,OAAO,GAAG;gBACR,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,CAAC,CAAC,QAAQ;oBAChB,CAAC,CAAC,kBAAkB;oBACpB,CAAC,CAAC,2DAA2D;gBAC/D,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;aAChC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,MAAM;YAAE,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC;QAE9C,OAAO;YACL,OAAO;YACP,cAAc,EAAE,OAAO,CAAC,OAAO,IAAI,cAAc;YACjD,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,UAAU,EAAE,CAAC,CAAC,UAAU;YACxB,QAAQ,EAAE,CAAC,CAAC,QAAQ;SACrB,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,GAAG,CAAC,OAAoB;QACpC,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM;YAAE,OAAO,SAAS,OAAO,CAAC,OAAO,IAAI,cAAc,EAAE,CAAC;QACnF,IAAI,OAAO,CAAC,MAAM,KAAK,OAAO;YAAE,OAAO,YAAY,OAAO,CAAC,MAAM,IAAI,aAAa,EAAE,CAAC;QACrF,IAAI,OAAO,CAAC,MAAM,KAAK,UAAU;YAAE,OAAO,cAAc,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,aAAa,EAAE,CAAC;QAE7G,gGAAgG;QAChG,IAAI,OAAO,CAAC,MAAM,KAAK,oBAAoB,EAAE,CAAC;YAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAsF,CAAC;YAC5G,IAAI,CAAC,IAAI,EAAE,MAAM,IAAI,CAAC,IAAI,EAAE,IAAI;gBAAE,OAAO,kDAAkD,CAAC;YAC5F,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;YAClF,OAAO,CAAC,CAAC,EAAE;gBACT,CAAC,CAAC,eAAe,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACtF,CAAC,CAAC,kBAAkB,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,KAAK,IAAI,SAAS,EAAE,CAAC;QAC5E,CAAC;QAED,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7C,OAAO,gBAAgB,OAAO,CAAC,MAAM,sCAAsC,CAAC;QAC9E,CAAC;QAED,kDAAkD;QAClD,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;YAC9E,IAAI,CAAC,CAAC,EAAE;gBAAE,OAAO,MAAM,OAAO,CAAC,MAAM,KAAK,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;YACnF,OAAO,SAAS,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,KAAK,IAAI,SAAS,EAAE,CAAC;QAC5D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,OAAO,CAAC,MAAM,KAAM,GAAa,CAAC,OAAO,EAAE,CAAC;QAC9D,CAAC;IACH,CAAC;CACF"}

package/dist/audit.d.ts

@@ -0,0 +1,82 @@
+/**
+ * Compliance audit trail (Tier 3.9).
+ *
+ * Hash-chained event log: each row records sha256(prev_hash || payload ||
+ * timestamp). Tampering with any historical entry breaks the chain.
+ * Optional Ed25519 signing layered on top provides a SOC2 / HIPAA-grade
+ * audit surface — every AI decision, prompt, tool call, code edit, with
+ * the prompt that caused it.
+ *
+ * `wyrm_audit_export(range)` produces a tamper-evident JSON bundle that
+ * an external auditor can verify offline:
+ *   1. Recompute the hash chain from genesis through the range.
+ *   2. Verify Ed25519 signatures against the operator's public key.
+ *   3. Confirm no gaps in IDs.
+ *
+ * @copyright 2026 Ghost Protocol (Pvt) Ltd. All Rights Reserved.
+ * @license Proprietary
+ */
+import type Database from 'better-sqlite3';
+export interface AuditEntry {
+    id: number;
+    event_kind: string;
+    actor: string | null;
+    project_id: number | null;
+    payload_json: string;
+    prev_hash: string;
+    row_hash: string;
+    signature: string | null;
+    logged_at: string;
+}
+export interface LogInput {
+    event_kind: string;
+    actor?: string | null;
+    project_id?: number | null;
+    payload: Record<string, unknown>;
+    signature?: string | null;
+}
+export interface AuditBundle {
+    version: 1;
+    range: {
+        start: string;
+        end: string;
+    };
+    exported_at: string;
+    entry_count: number;
+    first_id: number | null;
+    last_id: number | null;
+    genesis_prev_hash: string;
+    final_row_hash: string;
+    entries: AuditEntry[];
+}
+export interface VerificationResult {
+    ok: boolean;
+    total: number;
+    verified: number;
+    first_invalid_id?: number;
+    reason?: string;
+}
+export declare class AuditLog {
+    private db;
+    constructor(db: Database.Database);
+    /** Get the hash of the most recent entry (or 'genesis' if empty). */
+    private latestHash;
+    /** Append a hash-chained event. Returns the inserted row. */
+    log(input: LogInput): AuditEntry;
+    get(id: number): AuditEntry | null;
+    /** Verify the entire chain from the first row through the latest.
+     * Useful for periodic self-audits. */
+    verify(): VerificationResult;
+    /** Export a date-ranged tamper-evident bundle. Range is inclusive on
+     * both ends. Verification still walks from genesis to ensure no gaps. */
+    export(opts: {
+        range_start?: string;
+        range_end?: string;
+    }): AuditBundle;
+    /** Statically verify a previously-exported bundle (no DB required).
+     * Useful for the external auditor who only has the JSON file. */
+    static verifyBundle(bundle: AuditBundle): VerificationResult;
+    /** Slim query for recent entries — UI / dashboards. */
+    recent(limit?: number, kind?: string): AuditEntry[];
+}
+//# sourceMappingURL=audit.d.ts.map

package/dist/audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAG3C,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,QAAQ;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,CAAC,CAAC;IACX,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACtC,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,OAAO,EAAE,UAAU,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,OAAO,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAID,qBAAa,QAAQ;IACP,OAAO,CAAC,EAAE;gBAAF,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAEzC,qEAAqE;IACrE,OAAO,CAAC,UAAU;IAOlB,6DAA6D;IAC7D,GAAG,CAAC,KAAK,EAAE,QAAQ,GAAG,UAAU;IAwBhC,GAAG,CAAC,EAAE,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI;IAMlC;0CACsC;IACtC,MAAM,IAAI,kBAAkB;IA8B5B;6EACyE;IACzE,MAAM,CAAC,IAAI,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,WAAW;IA+BvE;qEACiE;IACjE,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,WAAW,GAAG,kBAAkB;IAoC5D,uDAAuD;IACvD,MAAM,CAAC,KAAK,SAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,UAAU,EAAE;CAUjD"}

package/dist/audit.js

@@ -0,0 +1,151 @@
+/**
+ * Compliance audit trail (Tier 3.9).
+ *
+ * Hash-chained event log: each row records sha256(prev_hash || payload ||
+ * timestamp). Tampering with any historical entry breaks the chain.
+ * Optional Ed25519 signing layered on top provides a SOC2 / HIPAA-grade
+ * audit surface — every AI decision, prompt, tool call, code edit, with
+ * the prompt that caused it.
+ *
+ * `wyrm_audit_export(range)` produces a tamper-evident JSON bundle that
+ * an external auditor can verify offline:
+ *   1. Recompute the hash chain from genesis through the range.
+ *   2. Verify Ed25519 signatures against the operator's public key.
+ *   3. Confirm no gaps in IDs.
+ *
+ * @copyright 2026 Ghost Protocol (Pvt) Ltd. All Rights Reserved.
+ * @license Proprietary
+ */
+import { createHash } from 'crypto';
+const GENESIS_HASH = 'genesis';
+export class AuditLog {
+    db;
+    constructor(db) {
+        this.db = db;
+    }
+    /** Get the hash of the most recent entry (or 'genesis' if empty). */
+    latestHash() {
+        const row = this.db.prepare('SELECT row_hash FROM audit_log ORDER BY id DESC LIMIT 1').get();
+        return row?.row_hash ?? GENESIS_HASH;
+    }
+    /** Append a hash-chained event. Returns the inserted row. */
+    log(input) {
+        const payloadJson = JSON.stringify(input.payload);
+        const loggedAt = new Date().toISOString();
+        const prevHash = this.latestHash();
+        const hashInput = `${prevHash}|${input.event_kind}|${payloadJson}|${loggedAt}`;
+        const rowHash = createHash('sha256').update(hashInput).digest('hex');
+        const info = this.db.prepare(`
+      INSERT INTO audit_log
+        (event_kind, actor, project_id, payload_json, prev_hash, row_hash, signature, logged_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+    `).run(input.event_kind, input.actor ?? null, input.project_id ?? null, payloadJson, prevHash, rowHash, input.signature ?? null, loggedAt);
+        return this.get(info.lastInsertRowid);
+    }
+    get(id) {
+        return this.db.prepare('SELECT * FROM audit_log WHERE id = ?').get(id) ?? null;
+    }
+    /** Verify the entire chain from the first row through the latest.
+     * Useful for periodic self-audits. */
+    verify() {
+        const rows = this.db.prepare('SELECT * FROM audit_log ORDER BY id ASC').all();
+        if (rows.length === 0)
+            return { ok: true, total: 0, verified: 0 };
+        let expectedPrev = GENESIS_HASH;
+        for (const row of rows) {
+            if (row.prev_hash !== expectedPrev) {
+                return {
+                    ok: false, total: rows.length, verified: row.id - 1,
+                    first_invalid_id: row.id,
+                    reason: `prev_hash mismatch: expected ${expectedPrev}, got ${row.prev_hash}`,
+                };
+            }
+            const recomputed = createHash('sha256')
+                .update(`${row.prev_hash}|${row.event_kind}|${row.payload_json}|${row.logged_at}`)
+                .digest('hex');
+            if (recomputed !== row.row_hash) {
+                return {
+                    ok: false, total: rows.length, verified: row.id - 1,
+                    first_invalid_id: row.id,
+                    reason: `row_hash mismatch at id ${row.id}: recomputed ${recomputed}, stored ${row.row_hash}`,
+                };
+            }
+            expectedPrev = row.row_hash;
+        }
+        return { ok: true, total: rows.length, verified: rows.length };
+    }
+    /** Export a date-ranged tamper-evident bundle. Range is inclusive on
+     * both ends. Verification still walks from genesis to ensure no gaps. */
+    export(opts) {
+        const params = [];
+        let where = '';
+        if (opts.range_start) {
+            where += ' AND logged_at >= ?';
+            params.push(opts.range_start);
+        }
+        if (opts.range_end) {
+            where += ' AND logged_at <= ?';
+            params.push(opts.range_end);
+        }
+        const entries = this.db.prepare(`SELECT * FROM audit_log WHERE 1=1 ${where} ORDER BY id ASC`).all(...params);
+        return {
+            version: 1,
+            range: {
+                start: opts.range_start ?? entries[0]?.logged_at ?? new Date(0).toISOString(),
+                end: opts.range_end ?? entries[entries.length - 1]?.logged_at ?? new Date().toISOString(),
+            },
+            exported_at: new Date().toISOString(),
+            entry_count: entries.length,
+            first_id: entries[0]?.id ?? null,
+            last_id: entries[entries.length - 1]?.id ?? null,
+            genesis_prev_hash: entries[0]?.prev_hash ?? GENESIS_HASH,
+            final_row_hash: entries[entries.length - 1]?.row_hash ?? GENESIS_HASH,
+            entries,
+        };
+    }
+    /** Statically verify a previously-exported bundle (no DB required).
+     * Useful for the external auditor who only has the JSON file. */
+    static verifyBundle(bundle) {
+        if (bundle.version !== 1) {
+            return { ok: false, total: bundle.entry_count, verified: 0, reason: `Unknown bundle version ${bundle.version}` };
+        }
+        let expectedPrev = bundle.genesis_prev_hash;
+        let verified = 0;
+        for (const row of bundle.entries) {
+            if (row.prev_hash !== expectedPrev) {
+                return {
+                    ok: false, total: bundle.entries.length, verified,
+                    first_invalid_id: row.id,
+                    reason: `prev_hash mismatch: expected ${expectedPrev}, got ${row.prev_hash}`,
+                };
+            }
+            const recomputed = createHash('sha256')
+                .update(`${row.prev_hash}|${row.event_kind}|${row.payload_json}|${row.logged_at}`)
+                .digest('hex');
+            if (recomputed !== row.row_hash) {
+                return {
+                    ok: false, total: bundle.entries.length, verified,
+                    first_invalid_id: row.id,
+                    reason: `row_hash mismatch at id ${row.id}`,
+                };
+            }
+            expectedPrev = row.row_hash;
+            verified++;
+        }
+        if (bundle.entries.length > 0 && bundle.final_row_hash !== expectedPrev) {
+            return {
+                ok: false, total: bundle.entries.length, verified,
+                reason: `final_row_hash mismatch`,
+            };
+        }
+        return { ok: true, total: bundle.entries.length, verified };
+    }
+    /** Slim query for recent entries — UI / dashboards. */
+    recent(limit = 100, kind) {
+        if (kind) {
+            return this.db.prepare('SELECT * FROM audit_log WHERE event_kind = ? ORDER BY id DESC LIMIT ?').all(kind, limit);
+        }
+        return this.db.prepare('SELECT * FROM audit_log ORDER BY id DESC LIMIT ?').all(limit);
+    }
+}
+//# sourceMappingURL=audit.js.map