yakmesh 2.9.0 → 3.0.0

package/security/mesh-revocation.js

@@ -11,12 +11,18 @@
  * @version 1.0.0
  */
 
-import { sha3_256 } from '@noble/hashes/sha3.js';
+import { sha3_256 as _nobleSha3 } from '@noble/hashes/sha3.js';
 import { bytesToHex, hexToBytes } from '@noble/hashes/utils.js';
 import { ml_dsa65 } from '@noble/post-quantum/ml-dsa.js';
+// ACCEL: Hardware-accelerated crypto
+import { sha3_256, mlDsa65Sign, mlDsa65Verify } from '../utils/accel.js';
 import { EventEmitter } from 'events';
 import { createLogger } from '../utils/logger.js';
 
+// ═══ TRIBHUJ — Balanced ternary for revocation status ═══
+// POSITIVE: retained (not revoked), NEUTRAL: forming (insufficient network), NEGATIVE: revoked
+import { POSITIVE, NEUTRAL, NEGATIVE } from '../oracle/tribhuj.js';
+
 const log = createLogger('security:mesh-revocation');
 
 /**
@@ -85,7 +91,7 @@ export class Attestation {
    */
   sign(privateKey) {
     const bytes = this.getSignableBytes();
-    const sig = ml_dsa65.sign(bytes, privateKey);
+    const sig = mlDsa65Sign(bytes, privateKey);
     this.signature = bytesToHex(sig);
     return this;
   }
@@ -100,7 +106,7 @@ export class Attestation {
       const bytes = this.getSignableBytes();
       const sig = hexToBytes(this.signature);
       const pubKey = typeof publicKey === 'string' ? hexToBytes(publicKey) : publicKey;
-      return ml_dsa65.verify(sig, bytes, pubKey);
+      return mlDsa65Verify(sig, bytes, pubKey);
     } catch (e) {
       return false;
     }
@@ -220,11 +226,16 @@ export class RevocationState {
 
   /**
    * Check if threshold is met
-   * This is THE mathematical determination
+   * This is THE mathematical determination.
+   * 
+   * Returns `revoked` boolean (backward compat) plus `status` trit:
+   *   POSITIVE (+1): retained — below threshold, DOKO is valid
+   *   NEUTRAL  ( 0): forming — insufficient network to determine
+   *   NEGATIVE (-1): revoked — threshold met, DOKO is revoked
    */
   isRevoked(activeNodeCount, config = DEFAULT_CONFIG) {
     if (activeNodeCount < config.minNodes) {
-      return { revoked: false, reason: 'INSUFFICIENT_NETWORK' };
+      return { revoked: false, status: NEUTRAL, reason: 'INSUFFICIENT_NETWORK' };
     }
 
     const threshold = Math.ceil(activeNodeCount * config.threshold);
@@ -233,6 +244,7 @@ export class RevocationState {
     if (count >= threshold) {
       return {
         revoked: true,
+        status: NEGATIVE,
         reason: this.primaryReason,
         attestationCount: count,
         threshold,
@@ -243,6 +255,7 @@ export class RevocationState {
 
     return {
       revoked: false,
+      status: POSITIVE,
       reason: 'BELOW_THRESHOLD',
       attestationCount: count,
       threshold,

package/security/namche-gateway.js

@@ -5,30 +5,38 @@
  * "Math as Authority - No human in the loop, no human weakness."
  * 
  * ═══════════════════════════════════════════════════════════════════════════════
- * ⚠️  SECURITY: This module implements the 7-step verification flow.
+ * ⚠️  SECURITY: This module implements the 8-step verification flow.
  *     All trust decisions are mathematical computations - no exceptions.
+ *     Defense-in-depth: NIST (Gate 2) + 144T (Gate 8) must BOTH verify.
  * ═══════════════════════════════════════════════════════════════════════════════
  * 
- * The 7 Gates of Verification:
- * 1. STRUCTURE_OK  - Valid DOKO format
- * 2. SIGNATURE_OK  - ML-DSA-65 signature verifies
- * 3. NODEID_OK     - NodeID matches two-part derivation (network + instance)
- * 4. TEMPORAL_OK   - Not expired, not from future
- * 5. NETWORK_OK    - Correct network name
- * 6. NOT_REVOKED   - Not in revocation log
- * 7. DOMAINS_OK    - Quorum verified domain claims (if applicable)
+ * The 8 Gates of Verification:
+ * 1. STRUCTURE_OK       - Valid DOKO format
+ * 2. SIGNATURE_OK       - ML-DSA-65 signature verifies (NIST)
+ * 3. NODEID_OK          - NodeID matches two-part derivation (network + instance)
+ * 4. TEMPORAL_OK        - Not expired, not from future
+ * 5. NETWORK_OK         - Correct network name
+ * 6. NOT_REVOKED        - Not in revocation log
+ * 7. DOMAINS_OK         - Quorum verified domain claims (if applicable)
+ * 8. TRIT_COMMITMENT_OK - 144T backbone verification (if present)
  * 
  * @module security/namche-gateway
  * @version 1.0.0
  */
 
 import { ml_dsa65 } from '@noble/post-quantum/ml-dsa.js';
-import { sha3_256 } from '@noble/hashes/sha3.js';
+import { sha3_256 as _nobleSha3 } from '@noble/hashes/sha3.js';
 import { bytesToHex, hexToBytes, utf8ToBytes } from '@noble/hashes/utils.js';
+// ACCEL: Hardware-accelerated crypto
+import { sha3_256, mlDsa65Verify } from '../utils/accel.js';
 import { EventEmitter } from 'events';
-import { generateNodeId, getCodebaseHash } from '../identity/node-key.js';
+import { generateNodeId, getCodebaseHash, signMessage } from '../identity/node-key.js';
 import { deriveNetworkName } from '../oracle/network-identity.js';
 import { createLogger } from '../utils/logger.js';
+// SAKSHI: Observational verification & revocation agreement
+import { NodeWitness, checkMathematicalAgreement, checkRevocationAgreement } from './sakshi.js';
+// 144T: Ternary backbone security (defense-in-depth with NIST)
+import { TritCommitment } from './trit-commitment.js';
 
 const log = createLogger('security:namche');
 
@@ -71,6 +79,7 @@ export const VERIFY_RESULT = {
   REVOKED: 'REVOKED',
   DOMAIN_VERIFICATION_FAILED: 'DOMAIN_VERIFICATION_FAILED',
   INSUFFICIENT_QUORUM: 'INSUFFICIENT_QUORUM',
+  TRIT_COMMITMENT_INVALID: 'TRIT_COMMITMENT_INVALID',
 };
 
 /**
@@ -187,7 +196,8 @@ export class NamcheGateway extends EventEmitter {
     this.dokoCache = new LRUCache(this.config.dokoCacheSize);
     this.revocationLog = new RevocationLog();
     this.verifiedDomains = new Map(); // domain -> doko that verified it
-    
+    this.revocationReports = new Map(); // dokoHash -> Array of { witness, evidence }
+
     this.stats = {
       verificationsAttempted: 0,
       verificationsSucceeded: 0,
@@ -312,11 +322,29 @@ export class NamcheGateway extends EventEmitter {
         checks.push('DOMAINS_OK');
       }
 
+      // ─────────────────────────────────────────────────────────────────────
+      // GATE 8: 144T COMMITMENT (if present — defense-in-depth)
+      // ─────────────────────────────────────────────────────────────────────
+      // The 144T commitment provides a second cryptographic layer independent
+      // of NIST. Both ML-DSA-65 (Gate 2) AND 144T must verify for full trust.
+      // This means an attacker must break BOTH NIST and lattice-hard SIS.
+      if (doko.tritCommitment) {
+        const tritResult = this.checkTritCommitment(doko);
+        if (!tritResult.valid) {
+          return this.fail(
+            VERIFY_RESULT.TRIT_COMMITMENT_INVALID,
+            tritResult.detail,
+            { tritChecks: tritResult.checks }
+          );
+        }
+        checks.push('TRIT_COMMITMENT_OK');
+      }
+
       // ═══════════════════════════════════════════════════════════════════════
-      // ALL 7 GATES PASSED - MATHEMATICALLY VERIFIED
+      // ALL 8 GATES PASSED - MATHEMATICALLY VERIFIED (DUAL-LAYER)
       // ═══════════════════════════════════════════════════════════════════════
       this.stats.verificationsSucceeded++;
-      
+
       // Cache the verified DOKO
       this.dokoCache.set(dokoHash, {
         doko,
@@ -362,7 +390,7 @@ export class NamcheGateway extends EventEmitter {
    */
   checkStructure(doko) {
     const required = ['version', 'type', 'nodeId', 'publicKey', 'issuedAt', 'expiresAt', 'signature'];
-    
+
     for (const field of required) {
       if (!(field in doko)) {
         return { valid: false, detail: `Missing required field: ${field}` };
@@ -394,12 +422,12 @@ export class NamcheGateway extends EventEmitter {
       const publicKey = hexToBytes(doko.publicKey);
       const signature = hexToBytes(doko.signature);
 
-      const valid = ml_dsa65.verify(signature, payloadBytes, publicKey);
-      
+      const valid = mlDsa65Verify(signature, payloadBytes, publicKey);
+
       if (!valid) {
         return { valid: false, detail: 'ML-DSA-65 signature verification failed' };
       }
-      
+
       return { valid: true };
     } catch (error) {
       return { valid: false, detail: `Signature check error: ${error.message}` };
@@ -419,35 +447,35 @@ export class NamcheGateway extends EventEmitter {
     try {
       // The nodeId must follow the format: node-[networkName]-[instanceId]
       if (!doko.nodeId.startsWith('node-')) {
-        return { 
-          valid: false, 
+        return {
+          valid: false,
           reason: VERIFY_RESULT.NODEID_MISMATCH,
-          detail: 'NodeID must start with "node-"' 
+          detail: 'NodeID must start with "node-"'
         };
       }
 
       // Extract the network name from the nodeId
       const parts = doko.nodeId.split('-');
       if (parts.length < 3) {
-        return { 
-          valid: false, 
+        return {
+          valid: false,
           reason: VERIFY_RESULT.NODEID_MISMATCH,
-          detail: 'NodeID must have format node-[networkName]-[instanceId]' 
+          detail: 'NodeID must have format node-[networkName]-[instanceId]'
         };
       }
 
       // Verify the network portion matches our expected network
       const ourNetworkName = this.getNetworkName();
-      
+
       // The network name could be multiple words (e.g., "qubit-lattice-prism")
       // We need to check if the nodeId contains our network name after "node-"
       const nodeIdWithoutPrefix = doko.nodeId.substring(5); // Remove "node-"
-      
+
       if (!nodeIdWithoutPrefix.startsWith(ourNetworkName + '-')) {
-        return { 
-          valid: false, 
+        return {
+          valid: false,
           reason: VERIFY_RESULT.WRONG_NETWORK_IN_NODEID,
-          detail: `NodeID network mismatch. Expected: ${ourNetworkName}, Got: ${nodeIdWithoutPrefix.split('-').slice(0, -1).join('-')}` 
+          detail: `NodeID network mismatch. Expected: ${ourNetworkName}, Got: ${nodeIdWithoutPrefix.split('-').slice(0, -1).join('-')}`
         };
       }
 
@@ -461,24 +489,24 @@ export class NamcheGateway extends EventEmitter {
         // Full verification: regenerate the expected nodeId from the publicKey
         const publicKeyBytes = hexToBytes(doko.publicKey);
         const expectedNodeId = generateNodeId(publicKeyBytes, codebaseHash);
-        
+
         if (doko.nodeId !== expectedNodeId) {
-          return { 
-            valid: false, 
+          return {
+            valid: false,
             reason: VERIFY_RESULT.NODEID_MISMATCH,
-            detail: `NodeID does not match public key derivation. Expected: ${expectedNodeId}, Got: ${doko.nodeId}` 
+            detail: `NodeID does not match public key derivation. Expected: ${expectedNodeId}, Got: ${doko.nodeId}`
           };
         }
       }
       // If no codebase hash, we can only verify structure (cross-network scenario)
       // This is a known limitation documented in SECURITY.md
-      
+
       return { valid: true };
     } catch (error) {
-      return { 
-        valid: false, 
+      return {
+        valid: false,
         reason: VERIFY_RESULT.NODEID_MISMATCH,
-        detail: `NodeID check error: ${error.message}` 
+        detail: `NodeID check error: ${error.message}`
       };
     }
   }
@@ -492,19 +520,19 @@ export class NamcheGateway extends EventEmitter {
 
     // Check not issued in the future (with clock skew allowance)
     if (doko.issuedAt > now + maxSkew) {
-      return { 
-        valid: false, 
+      return {
+        valid: false,
         reason: VERIFY_RESULT.ISSUED_IN_FUTURE,
-        detail: `DOKO issued in future: ${new Date(doko.issuedAt).toISOString()}` 
+        detail: `DOKO issued in future: ${new Date(doko.issuedAt).toISOString()}`
       };
     }
 
     // Check not expired
     if (doko.expiresAt < now) {
-      return { 
-        valid: false, 
+      return {
+        valid: false,
         reason: VERIFY_RESULT.EXPIRED,
-        detail: `DOKO expired at: ${new Date(doko.expiresAt).toISOString()}` 
+        detail: `DOKO expired at: ${new Date(doko.expiresAt).toISOString()}`
       };
     }
 
@@ -516,9 +544,9 @@ export class NamcheGateway extends EventEmitter {
    */
   checkNetwork(doko) {
     if (doko.networkName && doko.networkName !== this.networkName) {
-      return { 
-        valid: false, 
-        detail: `Network mismatch. Expected: ${this.networkName}, Got: ${doko.networkName}` 
+      return {
+        valid: false,
+        detail: `Network mismatch. Expected: ${this.networkName}, Got: ${doko.networkName}`
       };
     }
     return { valid: true };
@@ -530,9 +558,9 @@ export class NamcheGateway extends EventEmitter {
   checkRevocation(dokoHash) {
     if (this.revocationLog.contains(dokoHash)) {
       const revocation = this.revocationLog.get(dokoHash);
-      return { 
-        valid: false, 
-        detail: `DOKO revoked at ${new Date(revocation.revokedAt).toISOString()}, reason: ${revocation.reason}` 
+      return {
+        valid: false,
+        detail: `DOKO revoked at ${new Date(revocation.revokedAt).toISOString()}, reason: ${revocation.reason}`
       };
     }
     return { valid: true };
@@ -546,12 +574,12 @@ export class NamcheGateway extends EventEmitter {
 
     for (const domain of doko.domains) {
       const validProofs = await this.verifyDomainProofs(domain);
-      
+
       if (validProofs < quorum) {
-        return { 
-          valid: false, 
+        return {
+          valid: false,
           domain: domain.name,
-          detail: `Insufficient quorum for ${domain.name}: have ${validProofs}, need ${quorum}` 
+          detail: `Insufficient quorum for ${domain.name}: have ${validProofs}, need ${quorum}`
         };
       }
     }
@@ -559,8 +587,61 @@ export class NamcheGateway extends EventEmitter {
     return { valid: true };
   }
 
+  /**
+   * GATE 8: Check 144T commitment (backbone verification)
+   * 
+   * This gate provides DEFENSE-IN-DEPTH alongside NIST (Gate 2).
+   * The 144T commitment uses YPC-27 (lattice-hard SIS problem) and
+   * polynomial binding to ensure the payload is tied to the sender's
+   * 144T mesh address.
+   * 
+   * Security properties:
+   * - YPC-27 operates in ring Z[x]/(x^27-1) mod 3
+   * - Forging requires solving the Shortest Vector Problem
+   * - Independent of NIST — if NIST is backdoored, 144T still holds
+   * - Both layers must be broken to compromise a message
+   * 
+   * @param {Object} doko — DOKO with tritCommitment field
+   * @returns {Object} — { valid, detail?, checks? }
+   */
+  checkTritCommitment(doko) {
+    // Get the payload (everything except signature and tritCommitment)
+    const { signature, tritCommitment, ...payloadFields } = doko;
+
+    if (!TritCommitment.isValidStructure(tritCommitment)) {
+      return {
+        valid: false,
+        detail: 'Invalid tritCommitment structure',
+        checks: [],
+      };
+    }
+
+    // Verify the 144T commitment against the DOKO payload
+    const result = TritCommitment.verify(payloadFields, tritCommitment);
+
+    if (!result.valid) {
+      log.warn('144T commitment verification FAILED', {
+        reason: result.reason,
+        detail: result.detail,
+        checks: result.checks,
+      });
+      return {
+        valid: false,
+        detail: `144T: ${result.reason} — ${result.detail || 'verification failed'}`,
+        checks: result.checks,
+      };
+    }
+
+    log.debug('144T commitment verified (defense-in-depth active)', {
+      checks: result.checks,
+    });
+
+    return { valid: true, checks: result.checks };
+  }
+
   /**
    * Verify domain proofs from multiple verifiers
+   * Uses SAKSHI observational verification — mathematical agreement, not voting
    */
   async verifyDomainProofs(domainClaim) {
     let validProofs = 0;
@@ -569,6 +650,9 @@ export class NamcheGateway extends EventEmitter {
       return 0;
     }
 
+    // Collect SAKSHI observations from each proof verifier
+    const observations = [];
+
     for (const proof of domainClaim.proofs) {
       try {
         // Verify the verifier's signature on the beacon hash
@@ -582,13 +666,18 @@ export class NamcheGateway extends EventEmitter {
         const publicKey = hexToBytes(proof.verifierPublicKey);
         const signature = hexToBytes(proof.signature);
 
-        const proofValid = ml_dsa65.verify(signature, payloadBytes, publicKey);
+        const proofValid = mlDsa65Verify(signature, payloadBytes, publicKey);
+
+        // SAKSHI: Record each verifier's observation
+        const witness = new NodeWitness({
+          nodeId: proof.verifierNodeId || bytesToHex(publicKey.slice(0, 16)),
+        });
+        observations.push({
+          witness,
+          value: proofValid ? proof.beaconHash : 'INVALID_SIGNATURE',
+        });
 
         if (proofValid) {
-          // TODO: Integrate with SAKSHI observational verification
-          // SAKSHI philosophy: Binary verification (signature valid or not),
-          // NOT tier-weighted voting (SIRDAR counts more than PATHIK)
-          // For now, we accept any valid signature
           validProofs++;
         }
       } catch (error) {
@@ -597,6 +686,26 @@ export class NamcheGateway extends EventEmitter {
       }
     }
 
+    // SAKSHI: Check mathematical agreement across all proof observations
+    if (observations.length > 0) {
+      const agreement = checkMathematicalAgreement(observations);
+      if (agreement.isAgreed) {
+        log.debug('SAKSHI: Domain proofs agree mathematically', {
+          domain: domainClaim.name,
+          proofCount: validProofs,
+          confidence: agreement.confidence,
+        });
+      } else if (agreement.isDisagreed) {
+        log.warn('SAKSHI: Domain proof disagreement — flagging for recomputation', {
+          domain: domainClaim.name,
+          reason: agreement.reason,
+          action: agreement.data?.action,
+        });
+        // Disagreement means proofs don't agree — return 0 to fail quorum
+        return 0;
+      }
+    }
+
     return validProofs;
   }
 
@@ -610,16 +719,26 @@ export class NamcheGateway extends EventEmitter {
    * @param {Object} originalDoko - The DOKO being revoked (for verification)
    */
   async processRevocation(revocation, originalDoko) {
-    // Verify the revocation is signed by the DOKO owner
-    if (revocation.revokedBy !== originalDoko.nodeId) {
-      // Only owner can revoke (for now)
-      // TODO: Integrate SAKSHI checkRevocationAgreement() for mesh revocation
-      // SAKSHI uses mathematical agreement (do nodes agree on what happened?)
-      // NOT tier-weighted voting (SIRDAR's revocation counts 2x)
-      return { success: false, reason: 'Only DOKO owner can revoke' };
+    // Owner can always revoke directly (self-revocation)
+    if (revocation.revokedBy === originalDoko.nodeId) {
+      return this._processOwnerRevocation(revocation, originalDoko);
     }
 
-    // Verify signature
+    // Non-owner: treat as a revocation REPORT for SAKSHI consensus
+    // SAKSHI uses mathematical agreement (do nodes agree on what happened?)
+    // NOT tier-weighted voting (SIRDAR's revocation counts 2x)
+    return this.processRevocationReport({
+      reportedBy: revocation.revokedBy,
+      reason: revocation.reason,
+      timestamp: revocation.revokedAt,
+    }, revocation.dokoHash);
+  }
+
+  /**
+   * Process self-revocation from the DOKO owner
+   * @private
+   */
+  async _processOwnerRevocation(revocation, originalDoko) {
     const revocationPayload = canonicalize({
       dokoHash: revocation.dokoHash,
       reason: revocation.reason,
@@ -632,7 +751,7 @@ export class NamcheGateway extends EventEmitter {
       const publicKey = hexToBytes(originalDoko.publicKey);
       const signature = hexToBytes(revocation.signature);
 
-      const valid = ml_dsa65.verify(signature, payloadBytes, publicKey);
+      const valid = mlDsa65Verify(signature, payloadBytes, publicKey);
 
       if (!valid) {
         return { success: false, reason: 'Invalid revocation signature' };
@@ -653,6 +772,87 @@ export class NamcheGateway extends EventEmitter {
     }
   }
 
+  /**
+   * Process a revocation report from the mesh (SAKSHI consensus)
+   * 
+   * Multiple nodes can report evidence of compromise/malice.
+   * Revocation happens when reports mathematically agree — not by weighted vote.
+   * 
+   * @param {Object} report - The revocation report
+   * @param {string} report.reportedBy - NodeId of the reporting node
+   * @param {string} report.reason - Reason for revocation
+   * @param {number} [report.timestamp] - When the issue was observed
+   * @param {string} targetDokoHash - Hash of the DOKO to potentially revoke
+   * @returns {Object} Result: { success, method?, reason?, state? }
+   */
+  processRevocationReport(report, targetDokoHash) {
+    if (!this.revocationReports.has(targetDokoHash)) {
+      this.revocationReports.set(targetDokoHash, []);
+    }
+
+    const reports = this.revocationReports.get(targetDokoHash);
+    const witness = new NodeWitness({ nodeId: report.reportedBy });
+
+    reports.push({
+      witness,
+      evidence: {
+        reason: report.reason,
+        targetId: targetDokoHash,
+        timestamp: report.timestamp || Date.now(),
+      },
+    });
+
+    // SAKSHI: Check mathematical agreement across all revocation reports
+    const minReports = this.config.minRevocationReports || 3;
+    const result = checkRevocationAgreement(reports, { minReports });
+
+    if (result.isAgreed) {
+      // Mesh agrees on revocation — execute it
+      const revocationRecord = {
+        dokoHash: targetDokoHash,
+        reason: result.data.evidence?.reason || report.reason,
+        revokedAt: result.data.timestamp || Date.now(),
+        revokedBy: 'MESH_CONSENSUS',
+        reportCount: result.data.reportCount,
+        method: 'SAKSHI_AGREEMENT',
+      };
+
+      this.revocationLog.add(targetDokoHash, revocationRecord);
+      this.dokoCache.delete(targetDokoHash);
+      this.revocationReports.delete(targetDokoHash);
+      this.stats.revocationsProcessed++;
+
+      log.info('SAKSHI: Mesh revocation consensus reached', {
+        dokoHash: targetDokoHash,
+        reportCount: result.data.reportCount,
+      });
+
+      this.emit('revoked', {
+        dokoHash: targetDokoHash,
+        revocation: revocationRecord,
+        method: 'SAKSHI_AGREEMENT',
+      });
+
+      return { success: true, method: 'SAKSHI_AGREEMENT' };
+    }
+
+    if (result.isDisagreed) {
+      log.debug('SAKSHI: Revocation reports disagree', {
+        dokoHash: targetDokoHash,
+        reason: result.reason,
+      });
+      return { success: false, reason: 'Reports disagree on evidence', details: result.reason };
+    }
+
+    // PENDING — need more reports
+    log.debug('SAKSHI: Revocation report recorded, awaiting consensus', {
+      dokoHash: targetDokoHash,
+      currentReports: reports.length,
+      minRequired: minReports,
+    });
+    return { success: false, reason: 'Pending — need more reports', state: 'PENDING' };
+  }
+
   // ═══════════════════════════════════════════════════════════════════════════
   // CACHE & LOOKUP
   // ═══════════════════════════════════════════════════════════════════════════
@@ -695,13 +895,13 @@ export class NamcheGateway extends EventEmitter {
    */
   lookupByDomain(domain) {
     const normalizedDomain = domain.toLowerCase().replace(/^www\./, '');
-    
+
     for (const [hash, cached] of this.dokoCache.cache.entries()) {
       // Check TTL first
       if (Date.now() - cached.verifiedAt >= this.config.dokoCacheTTL) {
         continue;
       }
-      
+
       // Check if DOKO has domain claims
       const doko = cached.doko;
       if (doko.claims?.domains) {
@@ -726,6 +926,35 @@ export class NamcheGateway extends EventEmitter {
       revocationsCount: this.revocationLog.size,
     };
   }
+
+  /**
+   * Create a DOKO with 144T commitment (dual-layer security).
+   * 
+   * This is the recommended way to create DOKOs for full defense-in-depth:
+   * - NIST layer: ML-DSA-65 signature
+   * - 144T layer: YPC-27 + polynomial binding commitment
+   * 
+   * @param {Object} dokoFields — DOKO fields (type, nodeId, publicKey, etc.)
+   * @param {string} secretKey — Sender's ML-DSA-65 secret key (hex)
+   * @param {TritAddress} senderAddress — Sender's 144T mesh address
+   * @returns {Object} — Complete DOKO with signature and tritCommitment
+   */
+  static createDokoWithCommitment(dokoFields, secretKey, senderAddress) {
+    // Canonicalize for deterministic signing
+    const payload = canonicalize(dokoFields);
+
+    // Layer 1: NIST signature (ML-DSA-65)
+    const signature = signMessage(payload, secretKey);
+
+    // Layer 2: 144T commitment (YPC-27 + polynomial binding)
+    const tritCommitment = TritCommitment.create(dokoFields, senderAddress);
+
+    return {
+      ...dokoFields,
+      signature,
+      tritCommitment,
+    };
+  }
 }
 
 export default NamcheGateway;