x402-trust-layer 5.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +55 -0
- package/DEPLOY.md +53 -0
- package/Dockerfile +30 -0
- package/LICENSE +21 -0
- package/README.md +294 -0
- package/dist/agents/a2a-payment.d.ts +37 -0
- package/dist/agents/a2a-payment.js +105 -0
- package/dist/agents/agent-escrow.d.ts +30 -0
- package/dist/agents/agent-escrow.js +23 -0
- package/dist/agents/agent-verify.d.ts +15 -0
- package/dist/agents/agent-verify.js +112 -0
- package/dist/agents/api-router.d.ts +32 -0
- package/dist/agents/api-router.js +228 -0
- package/dist/agents/attestation-registry.d.ts +35 -0
- package/dist/agents/attestation-registry.js +76 -0
- package/dist/agents/audition-coach.d.ts +45 -0
- package/dist/agents/audition-coach.js +257 -0
- package/dist/agents/bedrock-bridge.d.ts +3 -0
- package/dist/agents/bedrock-bridge.js +60 -0
- package/dist/agents/budget-allocator.d.ts +24 -0
- package/dist/agents/budget-allocator.js +31 -0
- package/dist/agents/compliance-ledger.d.ts +66 -0
- package/dist/agents/compliance-ledger.js +80 -0
- package/dist/agents/dispute-resolver.d.ts +62 -0
- package/dist/agents/dispute-resolver.js +124 -0
- package/dist/agents/evidence-locker.d.ts +30 -0
- package/dist/agents/evidence-locker.js +47 -0
- package/dist/agents/facilitator-failover.d.ts +15 -0
- package/dist/agents/facilitator-failover.js +18 -0
- package/dist/agents/identity-gate.d.ts +20 -0
- package/dist/agents/identity-gate.js +79 -0
- package/dist/agents/mandate-compiler.d.ts +51 -0
- package/dist/agents/mandate-compiler.js +73 -0
- package/dist/agents/mandate-diff.d.ts +41 -0
- package/dist/agents/mandate-diff.js +170 -0
- package/dist/agents/market-buy-advisor.d.ts +65 -0
- package/dist/agents/market-buy-advisor.js +234 -0
- package/dist/agents/merchant-trust.d.ts +38 -0
- package/dist/agents/merchant-trust.js +171 -0
- package/dist/agents/mpp-session-broker.d.ts +27 -0
- package/dist/agents/mpp-session-broker.js +29 -0
- package/dist/agents/mpp-session-v2.d.ts +76 -0
- package/dist/agents/mpp-session-v2.js +269 -0
- package/dist/agents/payment-intent-compiler.d.ts +21 -0
- package/dist/agents/payment-intent-compiler.js +45 -0
- package/dist/agents/pipeline-execute.d.ts +40 -0
- package/dist/agents/pipeline-execute.js +100 -0
- package/dist/agents/pipeline-trust-v2.d.ts +31 -0
- package/dist/agents/pipeline-trust-v2.js +111 -0
- package/dist/agents/pre-x402-guard.d.ts +35 -0
- package/dist/agents/pre-x402-guard.js +84 -0
- package/dist/agents/quality-escrow-semantic.d.ts +88 -0
- package/dist/agents/quality-escrow-semantic.js +137 -0
- package/dist/agents/quality-escrow.d.ts +65 -0
- package/dist/agents/quality-escrow.js +104 -0
- package/dist/agents/quality-monitor.d.ts +32 -0
- package/dist/agents/quality-monitor.js +77 -0
- package/dist/agents/rail-optimizer.d.ts +33 -0
- package/dist/agents/rail-optimizer.js +133 -0
- package/dist/agents/receipt-auditor.d.ts +14 -0
- package/dist/agents/receipt-auditor.js +145 -0
- package/dist/agents/refund-arbiter.d.ts +24 -0
- package/dist/agents/refund-arbiter.js +70 -0
- package/dist/agents/research-brief.d.ts +14 -0
- package/dist/agents/research-brief.js +66 -0
- package/dist/agents/risk-gate.d.ts +11 -0
- package/dist/agents/risk-gate.js +78 -0
- package/dist/agents/settlement-graph.d.ts +16 -0
- package/dist/agents/settlement-graph.js +38 -0
- package/dist/agents/spend-governor.d.ts +2 -0
- package/dist/agents/spend-governor.js +70 -0
- package/dist/agents/trust-network.d.ts +138 -0
- package/dist/agents/trust-network.js +244 -0
- package/dist/agents/x402-proxy.d.ts +32 -0
- package/dist/agents/x402-proxy.js +90 -0
- package/dist/client/demo-alchemy-live.d.ts +1 -0
- package/dist/client/demo-alchemy-live.js +226 -0
- package/dist/client/demo-tail.d.ts +1 -0
- package/dist/client/demo-tail.js +100 -0
- package/dist/client/demo.d.ts +1 -0
- package/dist/client/demo.js +293 -0
- package/dist/config.d.ts +94 -0
- package/dist/config.js +223 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.js +389 -0
- package/dist/lib/agent-response.d.ts +14 -0
- package/dist/lib/agent-response.js +13 -0
- package/dist/lib/agentic-gateways.d.ts +5 -0
- package/dist/lib/agentic-gateways.js +15 -0
- package/dist/lib/agentic-probes.d.ts +10 -0
- package/dist/lib/agentic-probes.js +49 -0
- package/dist/lib/alchemy-x402-fetch.d.ts +16 -0
- package/dist/lib/alchemy-x402-fetch.js +95 -0
- package/dist/lib/apply-verifier-body.d.ts +7 -0
- package/dist/lib/apply-verifier-body.js +179 -0
- package/dist/lib/attestation.d.ts +30 -0
- package/dist/lib/attestation.js +107 -0
- package/dist/lib/bazaar-extension.d.ts +15 -0
- package/dist/lib/bazaar-extension.js +265 -0
- package/dist/lib/bazaar.d.ts +100 -0
- package/dist/lib/bazaar.js +341 -0
- package/dist/lib/certified-sellers.d.ts +41 -0
- package/dist/lib/certified-sellers.js +129 -0
- package/dist/lib/chains.d.ts +20 -0
- package/dist/lib/chains.js +78 -0
- package/dist/lib/db-persistence.d.ts +7 -0
- package/dist/lib/db-persistence.js +65 -0
- package/dist/lib/db.d.ts +5 -0
- package/dist/lib/db.js +113 -0
- package/dist/lib/discovery-page.d.ts +2 -0
- package/dist/lib/discovery-page.js +71 -0
- package/dist/lib/ecosystem-telemetry.d.ts +20 -0
- package/dist/lib/ecosystem-telemetry.js +80 -0
- package/dist/lib/erc8004/agent-card.d.ts +34 -0
- package/dist/lib/erc8004/agent-card.js +151 -0
- package/dist/lib/erc8004/cache.d.ts +3 -0
- package/dist/lib/erc8004/cache.js +17 -0
- package/dist/lib/erc8004/constants.d.ts +22 -0
- package/dist/lib/erc8004/constants.js +35 -0
- package/dist/lib/erc8004/registry.d.ts +19 -0
- package/dist/lib/erc8004/registry.js +171 -0
- package/dist/lib/erc8004/resolve-agent.d.ts +7 -0
- package/dist/lib/erc8004/resolve-agent.js +70 -0
- package/dist/lib/erc8004/trust-score.d.ts +33 -0
- package/dist/lib/erc8004/trust-score.js +136 -0
- package/dist/lib/escrow-ledger.d.ts +14 -0
- package/dist/lib/escrow-ledger.js +54 -0
- package/dist/lib/escrow-unified.d.ts +15 -0
- package/dist/lib/escrow-unified.js +28 -0
- package/dist/lib/facilitator-extra.d.ts +13 -0
- package/dist/lib/facilitator-extra.js +52 -0
- package/dist/lib/facilitators.d.ts +20 -0
- package/dist/lib/facilitators.js +89 -0
- package/dist/lib/host-policy.d.ts +4 -0
- package/dist/lib/host-policy.js +20 -0
- package/dist/lib/idempotency.d.ts +4 -0
- package/dist/lib/idempotency.js +120 -0
- package/dist/lib/ledger.d.ts +2 -0
- package/dist/lib/ledger.js +17 -0
- package/dist/lib/logger.d.ts +6 -0
- package/dist/lib/logger.js +24 -0
- package/dist/lib/mandate-vc.d.ts +20 -0
- package/dist/lib/mandate-vc.js +25 -0
- package/dist/lib/mandate.d.ts +44 -0
- package/dist/lib/mandate.js +190 -0
- package/dist/lib/marketplace.d.ts +7 -0
- package/dist/lib/marketplace.js +127 -0
- package/dist/lib/migrations.d.ts +2 -0
- package/dist/lib/migrations.js +130 -0
- package/dist/lib/nonce-store.d.ts +6 -0
- package/dist/lib/nonce-store.js +109 -0
- package/dist/lib/openapi-agentcash.d.ts +5 -0
- package/dist/lib/openapi-agentcash.js +288 -0
- package/dist/lib/openapi-meta.d.ts +5 -0
- package/dist/lib/openapi-meta.js +235 -0
- package/dist/lib/otel.d.ts +2 -0
- package/dist/lib/otel.js +25 -0
- package/dist/lib/paid-resource-url.d.ts +6 -0
- package/dist/lib/paid-resource-url.js +47 -0
- package/dist/lib/parse-with-verifier-fallback.d.ts +3 -0
- package/dist/lib/parse-with-verifier-fallback.js +13 -0
- package/dist/lib/payment-request-context.d.ts +10 -0
- package/dist/lib/payment-request-context.js +5 -0
- package/dist/lib/payment-response.d.ts +13 -0
- package/dist/lib/payment-response.js +39 -0
- package/dist/lib/payto-guard.d.ts +10 -0
- package/dist/lib/payto-guard.js +20 -0
- package/dist/lib/probe.d.ts +29 -0
- package/dist/lib/probe.js +157 -0
- package/dist/lib/problem-detail.d.ts +10 -0
- package/dist/lib/problem-detail.js +14 -0
- package/dist/lib/rate-limit.d.ts +12 -0
- package/dist/lib/rate-limit.js +126 -0
- package/dist/lib/replay-middleware.d.ts +3 -0
- package/dist/lib/replay-middleware.js +27 -0
- package/dist/lib/response-guard.d.ts +5 -0
- package/dist/lib/response-guard.js +40 -0
- package/dist/lib/safe-fetch.d.ts +5 -0
- package/dist/lib/safe-fetch.js +19 -0
- package/dist/lib/security.d.ts +13 -0
- package/dist/lib/security.js +61 -0
- package/dist/lib/semantic-judge.d.ts +14 -0
- package/dist/lib/semantic-judge.js +107 -0
- package/dist/lib/semantic-judge.test.d.ts +1 -0
- package/dist/lib/semantic-judge.test.js +11 -0
- package/dist/lib/ssrf.d.ts +10 -0
- package/dist/lib/ssrf.js +130 -0
- package/dist/lib/ssrf.test.d.ts +1 -0
- package/dist/lib/ssrf.test.js +16 -0
- package/dist/lib/suite-catalog.d.ts +83 -0
- package/dist/lib/suite-catalog.js +131 -0
- package/dist/lib/telemetry.d.ts +5 -0
- package/dist/lib/telemetry.js +37 -0
- package/dist/lib/verifier-fast-path.d.ts +10 -0
- package/dist/lib/verifier-fast-path.js +44 -0
- package/dist/lib/verifier-probe-protocol.d.ts +7 -0
- package/dist/lib/verifier-probe-protocol.js +115 -0
- package/dist/lib/verify-examples.d.ts +2 -0
- package/dist/lib/verify-examples.js +438 -0
- package/dist/lib/version.d.ts +2 -0
- package/dist/lib/version.js +2 -0
- package/dist/lib/webhook-auth.d.ts +3 -0
- package/dist/lib/webhook-auth.js +34 -0
- package/dist/lib/webhook-routes.d.ts +2 -0
- package/dist/lib/webhook-routes.js +112 -0
- package/dist/lib/webhooks.d.ts +23 -0
- package/dist/lib/webhooks.js +123 -0
- package/dist/lib/webhooks.test.d.ts +1 -0
- package/dist/lib/webhooks.test.js +16 -0
- package/dist/lib/x402-client-options.d.ts +28 -0
- package/dist/lib/x402-client-options.js +138 -0
- package/dist/lib/x402-headers.d.ts +10 -0
- package/dist/lib/x402-headers.js +27 -0
- package/dist/lib/x402-paid.d.ts +5 -0
- package/dist/lib/x402-paid.js +252 -0
- package/dist/lib/x402-payment-replay.d.ts +22 -0
- package/dist/lib/x402-payment-replay.js +57 -0
- package/dist/lib/x402gle-host-verify.d.ts +3 -0
- package/dist/lib/x402gle-host-verify.js +27 -0
- package/dist/protocol/agent-passport.d.ts +34 -0
- package/dist/protocol/agent-passport.js +44 -0
- package/dist/protocol/compliance-v2.d.ts +21 -0
- package/dist/protocol/compliance-v2.js +19 -0
- package/dist/protocol/credit-bureau.d.ts +18 -0
- package/dist/protocol/credit-bureau.js +44 -0
- package/dist/protocol/crypto.d.ts +6 -0
- package/dist/protocol/crypto.js +41 -0
- package/dist/protocol/escrow-fsm.d.ts +33 -0
- package/dist/protocol/escrow-fsm.js +99 -0
- package/dist/protocol/fraud-engine.d.ts +28 -0
- package/dist/protocol/fraud-engine.js +77 -0
- package/dist/protocol/observability.d.ts +14 -0
- package/dist/protocol/observability.js +21 -0
- package/dist/protocol/pipeline-full-trust.d.ts +40 -0
- package/dist/protocol/pipeline-full-trust.js +96 -0
- package/dist/protocol/proof-of-execution.d.ts +36 -0
- package/dist/protocol/proof-of-execution.js +48 -0
- package/dist/protocol/reasoning-audit.d.ts +27 -0
- package/dist/protocol/reasoning-audit.js +51 -0
- package/dist/protocol/replay-guard.d.ts +28 -0
- package/dist/protocol/replay-guard.js +76 -0
- package/dist/protocol/replay-guard.test.d.ts +1 -0
- package/dist/protocol/replay-guard.test.js +10 -0
- package/dist/protocol/security-audit.d.ts +18 -0
- package/dist/protocol/security-audit.js +45 -0
- package/dist/protocol/store.d.ts +5 -0
- package/dist/protocol/store.js +59 -0
- package/dist/protocol/threat-catalog.d.ts +13 -0
- package/dist/protocol/threat-catalog.js +75 -0
- package/dist/protocol/trust-oracle.d.ts +23 -0
- package/dist/protocol/trust-oracle.js +30 -0
- package/dist/protocol/trust-score-v2.d.ts +33 -0
- package/dist/protocol/trust-score-v2.js +78 -0
- package/dist/protocol/zk-proofs.d.ts +24 -0
- package/dist/protocol/zk-proofs.js +32 -0
- package/dist/routes/a2a-agent-card.d.ts +3 -0
- package/dist/routes/a2a-agent-card.js +28 -0
- package/dist/routes/catalog.d.ts +5 -0
- package/dist/routes/catalog.js +47 -0
- package/dist/routes/register-all.d.ts +3 -0
- package/dist/routes/register-all.js +1240 -0
- package/dist/routes/schemas.d.ts +83 -0
- package/dist/routes/schemas.js +38 -0
- package/dist/routes/shared.d.ts +16 -0
- package/dist/routes/shared.js +27 -0
- package/dist/routes-protocol.d.ts +10 -0
- package/dist/routes-protocol.js +322 -0
- package/dist/routes.d.ts +2 -0
- package/dist/routes.js +2 -0
- package/dist/types.d.ts +66 -0
- package/dist/types.js +1 -0
- package/openapi.json +7940 -0
- package/package.json +124 -0
- package/public/.well-known/ai-plugin.json +12 -0
- package/public/assets/aegis-logo-blue.png +0 -0
- package/public/assets/aegis-logo-gold.png +0 -0
- package/public/assets/aegis-logo-green.png +0 -0
- package/public/assets/aegis-logo-purple.png +0 -0
- package/public/assets/aegis-logo-red.png +0 -0
- package/public/assets/aegis-logo-white.png +0 -0
- package/public/assets/aegis-logo.png +0 -0
- package/public/assets/x402-trustlayer-logo.png +0 -0
- package/public/assets/x402-trustlayer-logo.svg +5 -0
- package/public/data/agents.json +1528 -0
- package/public/index.html +198 -0
- package/public/landing.css +342 -0
- package/public/landing.js +405 -0
- package/public/llms-full.txt +582 -0
- package/public/llms.txt +132 -0
- package/public/skill.md +135 -0
- package/railway.toml +9 -0
- package/scripts/docker-entrypoint.sh +7 -0
- package/scripts/patch-facilitator-timeout.mjs +61 -0
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export declare const hostListSchema: z.ZodEffects<z.ZodArray<z.ZodString, "many">, string[], unknown>;
|
|
3
|
+
export declare const policySchema: z.ZodObject<{
|
|
4
|
+
dailyCapUsdc: z.ZodNumber;
|
|
5
|
+
perCallCapUsdc: z.ZodNumber;
|
|
6
|
+
allowedHosts: z.ZodOptional<z.ZodEffects<z.ZodArray<z.ZodString, "many">, string[], unknown>>;
|
|
7
|
+
blockedHosts: z.ZodOptional<z.ZodEffects<z.ZodArray<z.ZodString, "many">, string[], unknown>>;
|
|
8
|
+
allowedNetworks: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
9
|
+
}, "strip", z.ZodTypeAny, {
|
|
10
|
+
perCallCapUsdc: number;
|
|
11
|
+
dailyCapUsdc: number;
|
|
12
|
+
allowedHosts?: string[] | undefined;
|
|
13
|
+
blockedHosts?: string[] | undefined;
|
|
14
|
+
allowedNetworks?: string[] | undefined;
|
|
15
|
+
}, {
|
|
16
|
+
perCallCapUsdc: number;
|
|
17
|
+
dailyCapUsdc: number;
|
|
18
|
+
allowedHosts?: unknown;
|
|
19
|
+
blockedHosts?: unknown;
|
|
20
|
+
allowedNetworks?: string[] | undefined;
|
|
21
|
+
}>;
|
|
22
|
+
export declare const guardBodySchema: z.ZodObject<{
|
|
23
|
+
agentId: z.ZodString;
|
|
24
|
+
walletAddress: z.ZodString;
|
|
25
|
+
targetUrl: z.ZodString;
|
|
26
|
+
estimatedCostUsdc: z.ZodNumber;
|
|
27
|
+
network: z.ZodOptional<z.ZodString>;
|
|
28
|
+
policy: z.ZodObject<{
|
|
29
|
+
dailyCapUsdc: z.ZodNumber;
|
|
30
|
+
perCallCapUsdc: z.ZodNumber;
|
|
31
|
+
allowedHosts: z.ZodOptional<z.ZodEffects<z.ZodArray<z.ZodString, "many">, string[], unknown>>;
|
|
32
|
+
blockedHosts: z.ZodOptional<z.ZodEffects<z.ZodArray<z.ZodString, "many">, string[], unknown>>;
|
|
33
|
+
allowedNetworks: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
34
|
+
}, "strip", z.ZodTypeAny, {
|
|
35
|
+
perCallCapUsdc: number;
|
|
36
|
+
dailyCapUsdc: number;
|
|
37
|
+
allowedHosts?: string[] | undefined;
|
|
38
|
+
blockedHosts?: string[] | undefined;
|
|
39
|
+
allowedNetworks?: string[] | undefined;
|
|
40
|
+
}, {
|
|
41
|
+
perCallCapUsdc: number;
|
|
42
|
+
dailyCapUsdc: number;
|
|
43
|
+
allowedHosts?: unknown;
|
|
44
|
+
blockedHosts?: unknown;
|
|
45
|
+
allowedNetworks?: string[] | undefined;
|
|
46
|
+
}>;
|
|
47
|
+
maxTierSpendUsdc: z.ZodOptional<z.ZodNumber>;
|
|
48
|
+
minAgentTier: z.ZodOptional<z.ZodEnum<["BRONZE", "SILVER", "GOLD", "PLATINUM"]>>;
|
|
49
|
+
minTrustScore: z.ZodOptional<z.ZodNumber>;
|
|
50
|
+
}, "strip", z.ZodTypeAny, {
|
|
51
|
+
targetUrl: string;
|
|
52
|
+
policy: {
|
|
53
|
+
perCallCapUsdc: number;
|
|
54
|
+
dailyCapUsdc: number;
|
|
55
|
+
allowedHosts?: string[] | undefined;
|
|
56
|
+
blockedHosts?: string[] | undefined;
|
|
57
|
+
allowedNetworks?: string[] | undefined;
|
|
58
|
+
};
|
|
59
|
+
walletAddress: string;
|
|
60
|
+
agentId: string;
|
|
61
|
+
estimatedCostUsdc: number;
|
|
62
|
+
network?: string | undefined;
|
|
63
|
+
minAgentTier?: "SILVER" | "GOLD" | "PLATINUM" | "BRONZE" | undefined;
|
|
64
|
+
minTrustScore?: number | undefined;
|
|
65
|
+
maxTierSpendUsdc?: number | undefined;
|
|
66
|
+
}, {
|
|
67
|
+
targetUrl: string;
|
|
68
|
+
policy: {
|
|
69
|
+
perCallCapUsdc: number;
|
|
70
|
+
dailyCapUsdc: number;
|
|
71
|
+
allowedHosts?: unknown;
|
|
72
|
+
blockedHosts?: unknown;
|
|
73
|
+
allowedNetworks?: string[] | undefined;
|
|
74
|
+
};
|
|
75
|
+
walletAddress: string;
|
|
76
|
+
agentId: string;
|
|
77
|
+
estimatedCostUsdc: number;
|
|
78
|
+
network?: string | undefined;
|
|
79
|
+
minAgentTier?: "SILVER" | "GOLD" | "PLATINUM" | "BRONZE" | undefined;
|
|
80
|
+
minTrustScore?: number | undefined;
|
|
81
|
+
maxTierSpendUsdc?: number | undefined;
|
|
82
|
+
}>;
|
|
83
|
+
export declare function verifierFallback(path: string): Record<string, unknown> | null;
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { VERIFY_EXAMPLES } from "../lib/verify-examples.js";
|
|
3
|
+
export const hostListSchema = z.preprocess((val) => {
|
|
4
|
+
if (!Array.isArray(val))
|
|
5
|
+
return val;
|
|
6
|
+
return val.map((h) => {
|
|
7
|
+
if (typeof h === "string")
|
|
8
|
+
return h;
|
|
9
|
+
if (h && typeof h === "object" && "host" in h && typeof h.host === "string") {
|
|
10
|
+
return h.host;
|
|
11
|
+
}
|
|
12
|
+
return String(h);
|
|
13
|
+
});
|
|
14
|
+
}, z.array(z.string()));
|
|
15
|
+
export const policySchema = z.object({
|
|
16
|
+
dailyCapUsdc: z.coerce.number().positive(),
|
|
17
|
+
perCallCapUsdc: z.coerce.number().positive(),
|
|
18
|
+
allowedHosts: hostListSchema.optional(),
|
|
19
|
+
blockedHosts: hostListSchema.optional(),
|
|
20
|
+
allowedNetworks: z.array(z.string()).optional(),
|
|
21
|
+
});
|
|
22
|
+
export const guardBodySchema = z.object({
|
|
23
|
+
agentId: z.string().min(1),
|
|
24
|
+
walletAddress: z.string().min(16),
|
|
25
|
+
targetUrl: z.string().url(),
|
|
26
|
+
estimatedCostUsdc: z.coerce.number().nonnegative(),
|
|
27
|
+
network: z.string().optional(),
|
|
28
|
+
policy: policySchema,
|
|
29
|
+
maxTierSpendUsdc: z.number().optional(),
|
|
30
|
+
minAgentTier: z.enum(["BRONZE", "SILVER", "GOLD", "PLATINUM"]).optional(),
|
|
31
|
+
minTrustScore: z.number().min(0).max(100).optional(),
|
|
32
|
+
});
|
|
33
|
+
export function verifierFallback(path) {
|
|
34
|
+
const ex = VERIFY_EXAMPLES[path];
|
|
35
|
+
if (!ex || typeof ex !== "object" || Array.isArray(ex))
|
|
36
|
+
return null;
|
|
37
|
+
return ex;
|
|
38
|
+
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import type { Request, Response, NextFunction, RequestHandler } from "express";
|
|
2
|
+
import type { Express as ExpressType } from "express";
|
|
3
|
+
export type PaidMw = ReturnType<typeof import("@dexterai/x402/server").x402Middleware>;
|
|
4
|
+
export type PaidFn = (amount: string, description: string) => PaidMw;
|
|
5
|
+
export type AsyncRoute = (handler: (req: Request, res: Response) => Promise<void>) => (req: Request, res: Response, next: NextFunction) => void;
|
|
6
|
+
export declare function withRequestHeaders<T extends Record<string, unknown>>(body: T, req: Request): T & {
|
|
7
|
+
requestHeaders: Record<string, unknown>;
|
|
8
|
+
};
|
|
9
|
+
export type RouteContext = {
|
|
10
|
+
app: ExpressType;
|
|
11
|
+
paid: PaidFn;
|
|
12
|
+
asyncRoute: AsyncRoute;
|
|
13
|
+
postHandlers: Map<string, RequestHandler>;
|
|
14
|
+
};
|
|
15
|
+
export declare function createGet(ctx: RouteContext): (path: string, amount: string | number, description: string, handler: (req: Request, res: Response) => Promise<void>) => void;
|
|
16
|
+
export declare function createPost(ctx: RouteContext): (path: string, amount: string | number, description: string, handler: (req: Request, res: Response) => Promise<void>) => void;
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
import { idempotencyCapture, idempotencyPreCheck } from "../lib/idempotency.js";
|
|
2
|
+
const SENSITIVE_HEADERS = new Set([
|
|
3
|
+
"authorization",
|
|
4
|
+
"payment-signature",
|
|
5
|
+
"cookie",
|
|
6
|
+
"x-api-key",
|
|
7
|
+
"x-payment",
|
|
8
|
+
"x402-payment",
|
|
9
|
+
]);
|
|
10
|
+
export function withRequestHeaders(body, req) {
|
|
11
|
+
const safe = Object.fromEntries(Object.entries(req.headers).filter(([k]) => !SENSITIVE_HEADERS.has(k.toLowerCase())));
|
|
12
|
+
return { ...body, requestHeaders: safe };
|
|
13
|
+
}
|
|
14
|
+
export function createGet(ctx) {
|
|
15
|
+
return (path, amount, description, handler) => {
|
|
16
|
+
const core = ctx.asyncRoute(handler);
|
|
17
|
+
ctx.app.get(path, ctx.paid(String(amount), description), core);
|
|
18
|
+
ctx.postHandlers.set(path, core);
|
|
19
|
+
};
|
|
20
|
+
}
|
|
21
|
+
export function createPost(ctx) {
|
|
22
|
+
return (path, amount, description, handler) => {
|
|
23
|
+
const core = ctx.asyncRoute(handler);
|
|
24
|
+
ctx.app.post(path, idempotencyPreCheck, ctx.paid(String(amount), description), idempotencyCapture, core);
|
|
25
|
+
ctx.postHandlers.set(path, core);
|
|
26
|
+
};
|
|
27
|
+
}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { Express, Request, Response, RequestHandler } from "express";
|
|
2
|
+
type PaidFn = (amount: string, description: string) => RequestHandler;
|
|
3
|
+
type AsyncRoute = (handler: (req: Request, res: Response) => Promise<void>) => (req: Request, res: Response, next: (err?: unknown) => void) => void;
|
|
4
|
+
export declare function listProtocolEndpoints(): {
|
|
5
|
+
path: string;
|
|
6
|
+
price: string;
|
|
7
|
+
tier: string;
|
|
8
|
+
}[];
|
|
9
|
+
export declare function registerProtocolRoutes(app: Express, paid: PaidFn, asyncRoute: AsyncRoute): void;
|
|
10
|
+
export {};
|
|
@@ -0,0 +1,322 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { config, pricing } from "./config.js";
|
|
3
|
+
import { parseWithVerifierFallback } from "./lib/parse-with-verifier-fallback.js";
|
|
4
|
+
import { agentTrustMeta, withAgentTrust } from "./lib/agent-response.js";
|
|
5
|
+
import { issueAgentPassport, verifyAgentPassport } from "./protocol/agent-passport.js";
|
|
6
|
+
import { computeTrustScoreV2 } from "./protocol/trust-score-v2.js";
|
|
7
|
+
import { runFraudScan } from "./protocol/fraud-engine.js";
|
|
8
|
+
import { runTrustOracleConsensus } from "./protocol/trust-oracle.js";
|
|
9
|
+
import { issueExecutionReceipt, verifyExecutionReceipt, } from "./protocol/proof-of-execution.js";
|
|
10
|
+
import { commitReasoningAudit, selectiveDisclose } from "./protocol/reasoning-audit.js";
|
|
11
|
+
import { createProtocolEscrow, transitionEscrow, getEscrowStatus, ESCROW_STATES, } from "./protocol/escrow-fsm.js";
|
|
12
|
+
import { createReplayBinding, verifyReplayBinding } from "./protocol/replay-guard.js";
|
|
13
|
+
import { generateZkProof } from "./protocol/zk-proofs.js";
|
|
14
|
+
import { computeAgentCreditScore } from "./protocol/credit-bureau.js";
|
|
15
|
+
import { assessCompliance } from "./protocol/compliance-v2.js";
|
|
16
|
+
import { runFullTrustPipeline } from "./protocol/pipeline-full-trust.js";
|
|
17
|
+
import { getThreatModel } from "./protocol/threat-catalog.js";
|
|
18
|
+
import { generateSecurityAuditReport } from "./protocol/security-audit.js";
|
|
19
|
+
import { getProtocolMetricsSnapshot, recordProtocolMetric } from "./protocol/observability.js";
|
|
20
|
+
import { idempotencyCapture, idempotencyPreCheck } from "./lib/idempotency.js";
|
|
21
|
+
export function listProtocolEndpoints() {
|
|
22
|
+
return [
|
|
23
|
+
{ path: "POST /api/protocol/pipeline/full-trust", price: `$${pricing.protocolFullTrust}`, tier: "protocol" },
|
|
24
|
+
{ path: "POST /api/protocol/passport/issue", price: `$${pricing.protocolPassportIssue}`, tier: "protocol" },
|
|
25
|
+
{ path: "POST /api/protocol/passport/verify", price: `$${pricing.protocolPassportVerify}`, tier: "protocol" },
|
|
26
|
+
{ path: "POST /api/protocol/trust-score/v2", price: `$${pricing.protocolTrustScoreV2}`, tier: "protocol" },
|
|
27
|
+
{ path: "POST /api/protocol/fraud/scan", price: `$${pricing.protocolFraudScan}`, tier: "protocol" },
|
|
28
|
+
{ path: "POST /api/protocol/oracle/consensus", price: `$${pricing.protocolOracleConsensus}`, tier: "protocol" },
|
|
29
|
+
{ path: "POST /api/protocol/execution/issue", price: `$${pricing.protocolExecutionIssue}`, tier: "protocol" },
|
|
30
|
+
{ path: "POST /api/protocol/execution/verify", price: `$${pricing.protocolExecutionVerify}`, tier: "protocol" },
|
|
31
|
+
{ path: "POST /api/protocol/reasoning/commit", price: `$${pricing.protocolReasoningCommit}`, tier: "protocol" },
|
|
32
|
+
{ path: "POST /api/protocol/reasoning/disclose", price: `$${pricing.protocolReasoningDisclose}`, tier: "protocol" },
|
|
33
|
+
{ path: "POST /api/protocol/escrow/create", price: `$${pricing.protocolEscrowCreate}`, tier: "protocol" },
|
|
34
|
+
{ path: "POST /api/protocol/escrow/transition", price: `$${pricing.protocolEscrowTransition}`, tier: "protocol" },
|
|
35
|
+
{ path: "POST /api/protocol/escrow/status", price: `$${pricing.protocolEscrowStatus}`, tier: "protocol" },
|
|
36
|
+
{ path: "POST /api/protocol/replay/bind", price: `$${pricing.protocolReplayBind}`, tier: "protocol" },
|
|
37
|
+
{ path: "POST /api/protocol/replay/verify", price: `$${pricing.protocolReplayVerify}`, tier: "protocol" },
|
|
38
|
+
{ path: "POST /api/protocol/zk/prove", price: `$${pricing.protocolZkProve}`, tier: "protocol" },
|
|
39
|
+
{ path: "POST /api/protocol/credit/score", price: `$${pricing.protocolCreditScore}`, tier: "protocol" },
|
|
40
|
+
{ path: "POST /api/protocol/compliance/assess", price: `$${pricing.protocolComplianceAssess}`, tier: "protocol" },
|
|
41
|
+
];
|
|
42
|
+
}
|
|
43
|
+
const policySchema = z.object({
|
|
44
|
+
dailyCapUsdc: z.coerce.number().positive(),
|
|
45
|
+
perCallCapUsdc: z.coerce.number().positive(),
|
|
46
|
+
allowedHosts: z.array(z.string()).optional(),
|
|
47
|
+
});
|
|
48
|
+
export function registerProtocolRoutes(app, paid, asyncRoute) {
|
|
49
|
+
const post = (path, amount, description, handler) => {
|
|
50
|
+
app.post(path, idempotencyPreCheck, paid(String(amount), description), idempotencyCapture, asyncRoute(handler));
|
|
51
|
+
};
|
|
52
|
+
app.get("/api/protocol/threat-model", (_req, res) => {
|
|
53
|
+
res.json(getThreatModel());
|
|
54
|
+
});
|
|
55
|
+
app.get("/api/protocol/security/audit", (_req, res) => {
|
|
56
|
+
res.json(generateSecurityAuditReport());
|
|
57
|
+
});
|
|
58
|
+
app.get("/api/protocol/architecture", (_req, res) => {
|
|
59
|
+
res.json({
|
|
60
|
+
name: "x402 Agent Trust Protocol v4",
|
|
61
|
+
version: "4.0.0",
|
|
62
|
+
layers: [
|
|
63
|
+
"identity-passport",
|
|
64
|
+
"trust-score-v2",
|
|
65
|
+
"fraud-engine",
|
|
66
|
+
"trust-oracle",
|
|
67
|
+
"proof-of-execution",
|
|
68
|
+
"reasoning-audit",
|
|
69
|
+
"escrow-fsm",
|
|
70
|
+
"replay-guard",
|
|
71
|
+
"zk-proofs",
|
|
72
|
+
"credit-bureau",
|
|
73
|
+
"compliance-v2",
|
|
74
|
+
],
|
|
75
|
+
paidRoutes: listProtocolEndpoints().map((e) => e.path),
|
|
76
|
+
freeRoutes: [
|
|
77
|
+
"GET /api/protocol/threat-model",
|
|
78
|
+
"GET /api/protocol/security/audit",
|
|
79
|
+
"GET /api/protocol/architecture",
|
|
80
|
+
"GET /api/protocol/metrics",
|
|
81
|
+
],
|
|
82
|
+
canonicalOrigin: config.canonicalOrigin,
|
|
83
|
+
});
|
|
84
|
+
});
|
|
85
|
+
app.get("/api/protocol/metrics", async (_req, res) => {
|
|
86
|
+
res.json(await getProtocolMetricsSnapshot());
|
|
87
|
+
});
|
|
88
|
+
post("/api/protocol/pipeline/full-trust", pricing.protocolFullTrust, "Full trust pipeline: passport, trust v2, fraud, oracle, credit, compliance, guard, replay bind", async (req, res) => {
|
|
89
|
+
const parsed = parseWithVerifierFallback("/api/protocol/pipeline/full-trust", z.object({
|
|
90
|
+
agentId: z.string().min(1),
|
|
91
|
+
walletAddress: z.string().min(16),
|
|
92
|
+
targetUrl: z.string().url(),
|
|
93
|
+
estimatedCostUsdc: z.coerce.number().nonnegative(),
|
|
94
|
+
organizationId: z.string().optional(),
|
|
95
|
+
policy: policySchema,
|
|
96
|
+
}), req.body);
|
|
97
|
+
if (!parsed.success)
|
|
98
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
99
|
+
await recordProtocolMetric("api.protocol.full_trust");
|
|
100
|
+
res.json(await runFullTrustPipeline(parsed.data));
|
|
101
|
+
});
|
|
102
|
+
post("/api/protocol/passport/issue", pricing.protocolPassportIssue, "Issue W3C-style Agent Passport DID credential with capabilities and permissions", async (req, res) => {
|
|
103
|
+
const parsed = parseWithVerifierFallback("/api/protocol/passport/issue", z.object({
|
|
104
|
+
agentId: z.string().min(1),
|
|
105
|
+
publicKey: z.string().optional(),
|
|
106
|
+
walletAddress: z.string().optional(),
|
|
107
|
+
ownerIdentity: z.string().optional(),
|
|
108
|
+
capabilities: z.array(z.string()).optional(),
|
|
109
|
+
permissions: z.array(z.string()).optional(),
|
|
110
|
+
}), req.body);
|
|
111
|
+
if (!parsed.success)
|
|
112
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
113
|
+
const passport = await issueAgentPassport(parsed.data);
|
|
114
|
+
res.json(withAgentTrust({ status: "ok", passport, hardwareAttestation: { available: true } }, agentTrustMeta(["passport_issued"], { sources: ["agent-passport-protocol"] })));
|
|
115
|
+
});
|
|
116
|
+
post("/api/protocol/passport/verify", pricing.protocolPassportVerify, "Verify Agent Passport DID credential signature", async (req, res) => {
|
|
117
|
+
const parsed = parseWithVerifierFallback("/api/protocol/passport/verify", z.object({ did: z.string().min(10) }), req.body);
|
|
118
|
+
if (!parsed.success)
|
|
119
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
120
|
+
res.json(await verifyAgentPassport(parsed.data.did));
|
|
121
|
+
});
|
|
122
|
+
post("/api/protocol/trust-score/v2", pricing.protocolTrustScoreV2, "Multi-factor tamper-resistant TrustScore v2 with cryptographic proof", async (req, res) => {
|
|
123
|
+
const parsed = parseWithVerifierFallback("/api/protocol/trust-score/v2", z.object({
|
|
124
|
+
agentId: z.string().min(1),
|
|
125
|
+
walletAddress: z.string().min(16),
|
|
126
|
+
disputeRatePct: z.coerce.number().optional(),
|
|
127
|
+
refundRatePct: z.coerce.number().optional(),
|
|
128
|
+
uptimePct: z.coerce.number().optional(),
|
|
129
|
+
deliveryQualityScore: z.coerce.number().optional(),
|
|
130
|
+
stakeWeightUsdc: z.coerce.number().optional(),
|
|
131
|
+
counterpartyCount: z.coerce.number().optional(),
|
|
132
|
+
}), req.body);
|
|
133
|
+
if (!parsed.success)
|
|
134
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
135
|
+
res.json(withAgentTrust({ status: "ok", ...(await computeTrustScoreV2(parsed.data)) }, agentTrustMeta(["trustscore_v2"], { confidence: 0.88, sources: ["trustscore-v2", "erc8004"] })));
|
|
136
|
+
});
|
|
137
|
+
post("/api/protocol/fraud/scan", pricing.protocolFraudScan, "Graph-based fraud scan: Sybil clusters, wash trading, circular payments", async (req, res) => {
|
|
138
|
+
const parsed = parseWithVerifierFallback("/api/protocol/fraud/scan", z.object({
|
|
139
|
+
agentId: z.string().optional(),
|
|
140
|
+
walletAddress: z.string().optional(),
|
|
141
|
+
merchantHost: z.string().optional(),
|
|
142
|
+
transactionHashes: z.array(z.string()).optional(),
|
|
143
|
+
amountUsdc: z.coerce.number().optional(),
|
|
144
|
+
peerWallets: z.array(z.string()).optional(),
|
|
145
|
+
}), req.body);
|
|
146
|
+
if (!parsed.success)
|
|
147
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
148
|
+
res.json(withAgentTrust({ status: "ok", ...(await runFraudScan(parsed.data)) }, agentTrustMeta(["fraud_scan"])));
|
|
149
|
+
});
|
|
150
|
+
post("/api/protocol/oracle/consensus", pricing.protocolOracleConsensus, "Trust oracle quorum consensus (4 validators, BFT-style quorum)", async (req, res) => {
|
|
151
|
+
const parsed = parseWithVerifierFallback("/api/protocol/oracle/consensus", z.object({
|
|
152
|
+
subjectType: z.enum(["agent", "merchant", "receipt"]),
|
|
153
|
+
subjectId: z.string().min(1),
|
|
154
|
+
claims: z.record(z.unknown()),
|
|
155
|
+
minQuorum: z.coerce.number().int().min(2).max(4).optional(),
|
|
156
|
+
}), req.body);
|
|
157
|
+
if (!parsed.success)
|
|
158
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
159
|
+
res.json(withAgentTrust({ status: "ok", ...(await runTrustOracleConsensus(parsed.data)) }, agentTrustMeta(["oracle_consensus"])));
|
|
160
|
+
});
|
|
161
|
+
post("/api/protocol/execution/issue", pricing.protocolExecutionIssue, "Proof of Execution: task receipt, execution hash, tool trace, settlement proof", async (req, res) => {
|
|
162
|
+
const parsed = parseWithVerifierFallback("/api/protocol/execution/issue", z.object({
|
|
163
|
+
agentId: z.string().min(1),
|
|
164
|
+
taskId: z.string().optional(),
|
|
165
|
+
targetUrl: z.string().url().optional(),
|
|
166
|
+
toolTrace: z
|
|
167
|
+
.array(z.object({
|
|
168
|
+
name: z.string(),
|
|
169
|
+
url: z.string().optional(),
|
|
170
|
+
amountUsdc: z.coerce.number().optional(),
|
|
171
|
+
}))
|
|
172
|
+
.optional(),
|
|
173
|
+
decisionTrace: z.array(z.string()).optional(),
|
|
174
|
+
settlement: z
|
|
175
|
+
.object({
|
|
176
|
+
transactionHash: z.string().optional(),
|
|
177
|
+
network: z.string().optional(),
|
|
178
|
+
amountUsdc: z.coerce.number().optional(),
|
|
179
|
+
})
|
|
180
|
+
.optional(),
|
|
181
|
+
responseSummary: z.string().optional(),
|
|
182
|
+
}), req.body);
|
|
183
|
+
if (!parsed.success)
|
|
184
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
185
|
+
const receipt = await issueExecutionReceipt(parsed.data, config.publicBaseUrl);
|
|
186
|
+
res.json(withAgentTrust({ status: "ok", receipt }, agentTrustMeta(["poe_issued"])));
|
|
187
|
+
});
|
|
188
|
+
post("/api/protocol/execution/verify", pricing.protocolExecutionVerify, "Third-party verify Proof of Execution receipt", async (req, res) => {
|
|
189
|
+
const parsed = parseWithVerifierFallback("/api/protocol/execution/verify", z.object({ receiptId: z.string().min(8) }), req.body);
|
|
190
|
+
if (!parsed.success)
|
|
191
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
192
|
+
res.json(await verifyExecutionReceipt(parsed.data.receiptId));
|
|
193
|
+
});
|
|
194
|
+
post("/api/protocol/reasoning/commit", pricing.protocolReasoningCommit, "Commit reasoning audit log to Merkle tree (tool calls, prompt hashes, policy checks)", async (req, res) => {
|
|
195
|
+
const parsed = parseWithVerifierFallback("/api/protocol/reasoning/commit", z.object({
|
|
196
|
+
agentId: z.string().min(1),
|
|
197
|
+
sessionId: z.string().optional(),
|
|
198
|
+
toolCalls: z.array(z.object({ name: z.string(), argsHash: z.string().optional() })),
|
|
199
|
+
policyChecks: z.array(z.string()),
|
|
200
|
+
promptHashes: z.array(z.string()),
|
|
201
|
+
riskAnalysis: z.string().optional(),
|
|
202
|
+
decisionGraph: z.record(z.unknown()).optional(),
|
|
203
|
+
}), req.body);
|
|
204
|
+
if (!parsed.success)
|
|
205
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
206
|
+
res.json(withAgentTrust({ status: "ok", ...(await commitReasoningAudit(parsed.data)) }, agentTrustMeta(["reasoning_commit"])));
|
|
207
|
+
});
|
|
208
|
+
post("/api/protocol/reasoning/disclose", pricing.protocolReasoningDisclose, "Selective disclosure of reasoning audit Merkle leaves", async (req, res) => {
|
|
209
|
+
const parsed = parseWithVerifierFallback("/api/protocol/reasoning/disclose", z.object({
|
|
210
|
+
auditId: z.string().min(8),
|
|
211
|
+
leafIndices: z.array(z.coerce.number().int().nonnegative()),
|
|
212
|
+
}), req.body);
|
|
213
|
+
if (!parsed.success)
|
|
214
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
215
|
+
res.json(await selectiveDisclose(parsed.data.auditId, parsed.data.leafIndices));
|
|
216
|
+
});
|
|
217
|
+
post("/api/protocol/escrow/create", pricing.protocolEscrowCreate, "Create protocol escrow FSM in CREATED state", async (req, res) => {
|
|
218
|
+
const parsed = parseWithVerifierFallback("/api/protocol/escrow/create", z.object({
|
|
219
|
+
payerAgentId: z.string().min(1),
|
|
220
|
+
payeeMerchant: z.string().min(1),
|
|
221
|
+
amountUsdc: z.coerce.number().positive(),
|
|
222
|
+
resourceHash: z.string().optional(),
|
|
223
|
+
sessionId: z.string().optional(),
|
|
224
|
+
}), req.body);
|
|
225
|
+
if (!parsed.success)
|
|
226
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
227
|
+
res.json({ status: "ok", escrow: await createProtocolEscrow(parsed.data), validStates: ESCROW_STATES });
|
|
228
|
+
});
|
|
229
|
+
post("/api/protocol/escrow/transition", pricing.protocolEscrowTransition, "Transition escrow FSM state (atomic settlement path)", async (req, res) => {
|
|
230
|
+
const parsed = parseWithVerifierFallback("/api/protocol/escrow/transition", z.object({
|
|
231
|
+
escrowId: z.string().uuid(),
|
|
232
|
+
nextState: z.enum(ESCROW_STATES),
|
|
233
|
+
note: z.string().optional(),
|
|
234
|
+
}), req.body);
|
|
235
|
+
if (!parsed.success)
|
|
236
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
237
|
+
const result = await transitionEscrow(parsed.data.escrowId, parsed.data.nextState, parsed.data.note);
|
|
238
|
+
if (!result.ok)
|
|
239
|
+
return void res.status(409).json({ error: result.error });
|
|
240
|
+
res.json({ status: "ok", escrow: result.escrow });
|
|
241
|
+
});
|
|
242
|
+
post("/api/protocol/escrow/status", pricing.protocolEscrowStatus, "Query protocol escrow FSM status and history", async (req, res) => {
|
|
243
|
+
const parsed = parseWithVerifierFallback("/api/protocol/escrow/status", z.object({ escrowId: z.string().uuid() }), req.body);
|
|
244
|
+
if (!parsed.success)
|
|
245
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
246
|
+
const escrow = await getEscrowStatus(parsed.data.escrowId);
|
|
247
|
+
if (!escrow)
|
|
248
|
+
return void res.status(404).json({ error: "Escrow not found" });
|
|
249
|
+
res.json({ status: "ok", escrow });
|
|
250
|
+
});
|
|
251
|
+
post("/api/protocol/replay/bind", pricing.protocolReplayBind, "Bind nonce + resource hash + request hash for replay-safe x402 pay", async (req, res) => {
|
|
252
|
+
const parsed = parseWithVerifierFallback("/api/protocol/replay/bind", z.object({
|
|
253
|
+
agentId: z.string().min(1),
|
|
254
|
+
sessionId: z.string().optional(),
|
|
255
|
+
resourceUrl: z.string().url(),
|
|
256
|
+
requestBody: z.record(z.unknown()).optional(),
|
|
257
|
+
ttlSeconds: z.coerce.number().int().positive().optional(),
|
|
258
|
+
}), req.body);
|
|
259
|
+
if (!parsed.success)
|
|
260
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
261
|
+
const binding = await createReplayBinding(parsed.data);
|
|
262
|
+
res.json({
|
|
263
|
+
status: "ok",
|
|
264
|
+
binding,
|
|
265
|
+
usage: "Send X-Trust-Replay-Binding and X-Trust-Replay-Nonce on paid API calls",
|
|
266
|
+
});
|
|
267
|
+
});
|
|
268
|
+
post("/api/protocol/replay/verify", pricing.protocolReplayVerify, "Verify and consume replay binding (one-time nonce)", async (req, res) => {
|
|
269
|
+
const parsed = parseWithVerifierFallback("/api/protocol/replay/verify", z.object({
|
|
270
|
+
bindingId: z.string().min(8),
|
|
271
|
+
nonce: z.string().optional(),
|
|
272
|
+
resourceUrl: z.string().url().optional(),
|
|
273
|
+
requestBody: z.record(z.unknown()).optional(),
|
|
274
|
+
}), req.body);
|
|
275
|
+
if (!parsed.success)
|
|
276
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
277
|
+
res.json(await verifyReplayBinding(parsed.data.bindingId, parsed.data));
|
|
278
|
+
});
|
|
279
|
+
post("/api/protocol/zk/prove", pricing.protocolZkProve, "Generate zk-style proof of authorization, budget, reputation, or compliance", async (req, res) => {
|
|
280
|
+
const parsed = parseWithVerifierFallback("/api/protocol/zk/prove", z.object({
|
|
281
|
+
proofType: z.enum(["authorization", "creditworthiness", "reputation", "budget", "compliance"]),
|
|
282
|
+
agentId: z.string().min(1),
|
|
283
|
+
witness: z.record(z.unknown()),
|
|
284
|
+
publicInputs: z.record(z.unknown()).optional(),
|
|
285
|
+
}), req.body);
|
|
286
|
+
if (!parsed.success)
|
|
287
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
288
|
+
try {
|
|
289
|
+
res.setHeader("X-ZK-Simulated", "true");
|
|
290
|
+
res.json(withAgentTrust({ status: "ok", proof: generateZkProof(parsed.data) }, agentTrustMeta(["zk_prove"])));
|
|
291
|
+
}
|
|
292
|
+
catch (err) {
|
|
293
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
294
|
+
res.status(503).json({ error: message, zkSimulateAllowed: false });
|
|
295
|
+
}
|
|
296
|
+
});
|
|
297
|
+
post("/api/protocol/credit/score", pricing.protocolCreditScore, "AI Agent Credit Bureau score 300-900 with spend limit suggestions", async (req, res) => {
|
|
298
|
+
const parsed = parseWithVerifierFallback("/api/protocol/credit/score", z.object({
|
|
299
|
+
agentId: z.string().min(1),
|
|
300
|
+
walletAddress: z.string().min(16),
|
|
301
|
+
disputeCount: z.coerce.number().int().nonnegative().optional(),
|
|
302
|
+
settlementCount: z.coerce.number().int().nonnegative().optional(),
|
|
303
|
+
uptimePct: z.coerce.number().optional(),
|
|
304
|
+
}), req.body);
|
|
305
|
+
if (!parsed.success)
|
|
306
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
307
|
+
res.json(withAgentTrust({ status: "ok", ...(await computeAgentCreditScore(parsed.data)) }, agentTrustMeta(["credit_bureau"])));
|
|
308
|
+
});
|
|
309
|
+
post("/api/protocol/compliance/assess", pricing.protocolComplianceAssess, "Enterprise compliance assess: AML risk, KYC gate, audit trail refs", async (req, res) => {
|
|
310
|
+
const parsed = parseWithVerifierFallback("/api/protocol/compliance/assess", z.object({
|
|
311
|
+
organizationId: z.string().min(1),
|
|
312
|
+
agentId: z.string().min(1),
|
|
313
|
+
jurisdiction: z.string().optional(),
|
|
314
|
+
monthlyVolumeUsdc: z.coerce.number().optional(),
|
|
315
|
+
rails: z.array(z.string()).optional(),
|
|
316
|
+
requiresKyc: z.coerce.boolean().optional(),
|
|
317
|
+
}), req.body);
|
|
318
|
+
if (!parsed.success)
|
|
319
|
+
return void res.status(400).json({ error: parsed.error.flatten() });
|
|
320
|
+
res.json(withAgentTrust({ status: "ok", ...assessCompliance(parsed.data) }, agentTrustMeta(["compliance_assess"])));
|
|
321
|
+
});
|
|
322
|
+
}
|
package/dist/routes.d.ts
ADDED
package/dist/routes.js
ADDED
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
export type Policy = {
|
|
2
|
+
dailyCapUsdc: number;
|
|
3
|
+
perCallCapUsdc: number;
|
|
4
|
+
allowedHosts?: string[];
|
|
5
|
+
blockedHosts?: string[];
|
|
6
|
+
allowedNetworks?: string[];
|
|
7
|
+
};
|
|
8
|
+
export type SpendGovernorInput = {
|
|
9
|
+
agentId: string;
|
|
10
|
+
estimatedCostUsdc: number;
|
|
11
|
+
targetUrl?: string;
|
|
12
|
+
network?: string;
|
|
13
|
+
policy: Policy;
|
|
14
|
+
};
|
|
15
|
+
export type SpendGovernorResult = {
|
|
16
|
+
allowed: boolean;
|
|
17
|
+
reason: string;
|
|
18
|
+
spentTodayUsdc: number;
|
|
19
|
+
remainingDailyUsdc: number;
|
|
20
|
+
perCallCapUsdc: number;
|
|
21
|
+
};
|
|
22
|
+
export type ReceiptAuditorInput = {
|
|
23
|
+
transactionHash?: string;
|
|
24
|
+
network: string;
|
|
25
|
+
expectedAmountUsdc?: number;
|
|
26
|
+
payTo?: string;
|
|
27
|
+
settlement?: {
|
|
28
|
+
transaction?: string;
|
|
29
|
+
payer?: string;
|
|
30
|
+
amountUsdc?: number;
|
|
31
|
+
network?: string;
|
|
32
|
+
};
|
|
33
|
+
};
|
|
34
|
+
export type RiskGateInput = {
|
|
35
|
+
targetUrl: string;
|
|
36
|
+
estimatedCostUsdc?: number;
|
|
37
|
+
fastProbe?: boolean;
|
|
38
|
+
policy?: {
|
|
39
|
+
perCallCapUsdc?: number;
|
|
40
|
+
blockedHosts?: string[];
|
|
41
|
+
};
|
|
42
|
+
};
|
|
43
|
+
export type RouterInput = {
|
|
44
|
+
query: string;
|
|
45
|
+
preferNetwork?: string;
|
|
46
|
+
maxPriceUsdc?: number;
|
|
47
|
+
execute?: boolean;
|
|
48
|
+
skipProbes?: boolean;
|
|
49
|
+
};
|
|
50
|
+
export type ResearchInput = {
|
|
51
|
+
topic: string;
|
|
52
|
+
includePrice?: boolean;
|
|
53
|
+
language?: string;
|
|
54
|
+
fastProbe?: boolean;
|
|
55
|
+
};
|
|
56
|
+
export type MarketplaceResource = {
|
|
57
|
+
name?: string;
|
|
58
|
+
url?: string;
|
|
59
|
+
description?: string;
|
|
60
|
+
qualityScore?: number;
|
|
61
|
+
priceUsdc?: number;
|
|
62
|
+
network?: string;
|
|
63
|
+
host?: string;
|
|
64
|
+
latencyP50Ms?: number;
|
|
65
|
+
tags?: string[];
|
|
66
|
+
};
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|