qurl-conformance 0.1.1__tar.gz

qurl_conformance-0.1.1/PKG-INFO

@@ -0,0 +1,9 @@
+Metadata-Version: 2.4
+Name: qurl-conformance
+Version: 0.1.1
+Summary: qURL v2 cross-language conformance vectors
+License: MIT
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+
+qURL v2 cross-language conformance vectors (Python accessor).

qurl_conformance-0.1.1/README.md

@@ -0,0 +1 @@
+qURL v2 cross-language conformance vectors (Python accessor).

qurl_conformance-0.1.1/pyproject.toml

@@ -0,0 +1,17 @@
+[build-system]
+requires = ["setuptools>=68"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "qurl-conformance"
+version = "0.1.1"
+description = "qURL v2 cross-language conformance vectors"
+readme = "README.md"
+license = { text = "MIT" }
+requires-python = ">=3.9"
+
+[tool.setuptools]
+packages = ["qurl_conformance"]
+
+[tool.setuptools.package-data]
+qurl_conformance = ["_data/*.json"]

qurl_conformance-0.1.1/qurl_conformance/__init__.py

@@ -0,0 +1,22 @@
+"""qURL v2 cross-language conformance vectors (Python accessor)."""
+import json
+from importlib import resources
+
+
+def _load(name: str):
+    return json.loads((resources.files(__package__) / "_data" / name).read_text(encoding="utf-8"))
+
+
+def qv2_vectors():
+    """Return the parsed qv2_conformance_vectors.json."""
+    return _load("qv2_conformance_vectors.json")
+
+
+def issuer_signature_vectors():
+    """Return the parsed issuer_signature_vectors.json."""
+    return _load("issuer_signature_vectors.json")
+
+
+def relay_knock_vectors():
+    """Return the parsed relay_knock_golden.json."""
+    return _load("relay_knock_golden.json")

qurl_conformance-0.1.1/qurl_conformance/_data/issuer_signature_vectors.json

@@ -0,0 +1,44 @@
+{
+  "algorithm": "ECC_NIST_P256 / ECDSA_SHA_256, wire = raw r||s (64 bytes), low-S",
+  "description": "qURL v2 issuer-signature golden vectors: P-256 raw r||s low-S wire signatures over the exact claims bytes. These are VERIFY fixtures (ECDSA's nonce is random, so signatures are re-verified by consumers, never reproduced).",
+  "domain_separation_prefix": "NHP-QURL-V2-ISSUER",
+  "issuer": {
+    "jwk": {
+      "crv": "P-256",
+      "kty": "EC",
+      "x": "pDu9mdM6E96ncBm5qjKn16Rjv6sWoHRQQz2ElwKSg5Y",
+      "y": "EAywr6H7hG-4JiHdmASr92F3K3XN7ZgWokc2Ah_R6ek"
+    },
+    "kid": "qurl-issuer-vector-key",
+    "spki_der_b64": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEpDu9mdM6E96ncBm5qjKn16Rjv6sWoHRQQz2ElwKSg5YQDLCvofuEb7gmId2YBKv3YXcrdc3tmBaiRzYCH9Hp6Q"
+  },
+  "vectors": [
+    {
+      "claims_b64": "eyJ2IjoyLCJpc3MiOiJxdXJsLXNlcnZpY2UiLCJraWQiOiJxdXJsLWlzc3Vlci12ZWN0b3Ita2V5IiwiaWF0IjoxNzgxOTEwMDAwLCJuYmYiOjE3ODE5MTAwMDAsImV4cCI6MTc4MTkxMDMwMCwianRpIjoicXVybF8wMUpWRUNUT1JGSVhUVVJFMDAwMCIsImNlbGxfcHVibGljX2tleV9iNjQiOiJSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVRIiwiY2VsbF9pZCI6InZlY3Rvci1jZWxsIiwicmVsYXlfdXJsIjoiaHR0cHM6Ly9yZWxheS5leGFtcGxlLmNvbSIsInJlc291cmNlX3B1YmxpY19rZXlfYjY0IjoiTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFUDRpR2pVLVpoUzVyRmNNbjk0Y3BTdlB1MXJGTU1vWlFMMTB4Q2ZTRDZpNUhTcWwzclFaN0NYUlpDdUtwOTFMSFAwNEROUGcwdkluLU1xbm4tRnM5cHciLCJxdXJsX3VzZXJfcHVibGljX2tleV9iNjQiOiJWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZVIn0",
+      "expect": "accept",
+      "name": "accept_valid_low_s",
+      "reason": "valid 64-byte low-S raw r||s signature over the exact claims bytes",
+      "sig_b64": "a6UIAEY71V27RoEFV8xLiKSXpfCjwYBys9xSpDt1fwQ8m1u-UPS4DqVapOcpPevgLs60yT6MrIeMqP0lz01Ovw",
+      "sig_encoding": "raw_r_s",
+      "signing_input_b64": "TkhQLVFVUkwtVjItSVNTVUVSAGV5SjJJam95TENKcGMzTWlPaUp4ZFhKc0xYTmxjblpwWTJVaUxDSnJhV1FpT2lKeGRYSnNMV2x6YzNWbGNpMTJaV04wYjNJdGEyVjVJaXdpYVdGMElqb3hOemd4T1RFd01EQXdMQ0p1WW1ZaU9qRTNPREU1TVRBd01EQXNJbVY0Y0NJNk1UYzRNVGt4TURNd01Dd2lhblJwSWpvaWNYVnliRjh3TVVwV1JVTlVUMUpHU1ZoVVZWSkZNREF3TUNJc0ltTmxiR3hmY0hWaWJHbGpYMnRsZVY5aU5qUWlPaUpTUlZKRlVrVlNSVkpGVWtWU1JWSkZVa1ZTUlZKRlVrVlNSVkpGVWtWU1JWSkZVa1ZTUlZKRlVrVlJJaXdpWTJWc2JGOXBaQ0k2SW5abFkzUnZjaTFqWld4c0lpd2ljbVZzWVhsZmRYSnNJam9pYUhSMGNITTZMeTl5Wld4aGVTNWxlR0Z0Y0d4bExtTnZiU0lzSW5KbGMyOTFjbU5sWDNCMVlteHBZMTlyWlhsZllqWTBJam9pVFVacmQwVjNXVWhMYjFwSmVtb3dRMEZSV1VsTGIxcEplbW93UkVGUlkwUlJaMEZGVURScFIycFZMVnBvVXpWeVJtTk5iamswWTNCVGRsQjFNWEpHVFUxdldsRk1NVEI0UTJaVFJEWnBOVWhUY1d3emNsRmFOME5ZVWxwRGRVdHdPVEZNU0ZBd05FUk9VR2N3ZGtsdUxVMXhibTR0Um5NNWNIY2lMQ0p4ZFhKc1gzVnpaWEpmY0hWaWJHbGpYMnRsZVY5aU5qUWlPaUpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWlZJbjA"
+    },
+    {
+      "claims_b64": "eyJ2IjoyLCJpc3MiOiJxdXJsLXNlcnZpY2UiLCJraWQiOiJxdXJsLWlzc3Vlci12ZWN0b3Ita2V5IiwiaWF0IjoxNzgxOTEwMDAwLCJuYmYiOjE3ODE5MTAwMDAsImV4cCI6MTc4MTkxMDMwMCwianRpIjoicXVybF8wMUpWRUNUT1JGSVhUVVJFMDAwMCIsImNlbGxfcHVibGljX2tleV9iNjQiOiJSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVRIiwiY2VsbF9pZCI6InZlY3Rvci1jZWxsIiwicmVsYXlfdXJsIjoiaHR0cHM6Ly9yZWxheS5leGFtcGxlLmNvbSIsInJlc291cmNlX3B1YmxpY19rZXlfYjY0IjoiTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFUDRpR2pVLVpoUzVyRmNNbjk0Y3BTdlB1MXJGTU1vWlFMMTB4Q2ZTRDZpNUhTcWwzclFaN0NYUlpDdUtwOTFMSFAwNEROUGcwdkluLU1xbm4tRnM5cHciLCJxdXJsX3VzZXJfcHVibGljX2tleV9iNjQiOiJWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZVIn0",
+      "expect": "reject",
+      "name": "reject_high_s",
+      "reason": "high_s",
+      "sig_b64": "a6UIAEY71V27RoEFV8xLiKSXpfCjwYBys9xSpDt1fwTDZKRArwtH8lqlWxjWwhQfjhhF5GiK8f1nEM2dLRXWkg",
+      "sig_encoding": "raw_r_s",
+      "signing_input_b64": "TkhQLVFVUkwtVjItSVNTVUVSAGV5SjJJam95TENKcGMzTWlPaUp4ZFhKc0xYTmxjblpwWTJVaUxDSnJhV1FpT2lKeGRYSnNMV2x6YzNWbGNpMTJaV04wYjNJdGEyVjVJaXdpYVdGMElqb3hOemd4T1RFd01EQXdMQ0p1WW1ZaU9qRTNPREU1TVRBd01EQXNJbVY0Y0NJNk1UYzRNVGt4TURNd01Dd2lhblJwSWpvaWNYVnliRjh3TVVwV1JVTlVUMUpHU1ZoVVZWSkZNREF3TUNJc0ltTmxiR3hmY0hWaWJHbGpYMnRsZVY5aU5qUWlPaUpTUlZKRlVrVlNSVkpGVWtWU1JWSkZVa1ZTUlZKRlVrVlNSVkpGVWtWU1JWSkZVa1ZTUlZKRlVrVlJJaXdpWTJWc2JGOXBaQ0k2SW5abFkzUnZjaTFqWld4c0lpd2ljbVZzWVhsZmRYSnNJam9pYUhSMGNITTZMeTl5Wld4aGVTNWxlR0Z0Y0d4bExtTnZiU0lzSW5KbGMyOTFjbU5sWDNCMVlteHBZMTlyWlhsZllqWTBJam9pVFVacmQwVjNXVWhMYjFwSmVtb3dRMEZSV1VsTGIxcEplbW93UkVGUlkwUlJaMEZGVURScFIycFZMVnBvVXpWeVJtTk5iamswWTNCVGRsQjFNWEpHVFUxdldsRk1NVEI0UTJaVFJEWnBOVWhUY1d3emNsRmFOME5ZVWxwRGRVdHdPVEZNU0ZBd05FUk9VR2N3ZGtsdUxVMXhibTR0Um5NNWNIY2lMQ0p4ZFhKc1gzVnpaWEpmY0hWaWJHbGpYMnRsZVY5aU5qUWlPaUpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWlZJbjA"
+    },
+    {
+      "claims_b64": "eyJ2IjoyLCJpc3MiOiJxdXJsLXNlcnZpY2UiLCJraWQiOiJxdXJsLWlzc3Vlci12ZWN0b3Ita2V5IiwiaWF0IjoxNzgxOTEwMDAwLCJuYmYiOjE3ODE5MTAwMDAsImV4cCI6MTc4MTkxMDMwMCwianRpIjoicXVybF8wMUpWRUNUT1JGSVhUVVJFMDAwMCIsImNlbGxfcHVibGljX2tleV9iNjQiOiJSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVRIiwiY2VsbF9pZCI6InZlY3Rvci1jZWxsIiwicmVsYXlfdXJsIjoiaHR0cHM6Ly9yZWxheS5leGFtcGxlLmNvbSIsInJlc291cmNlX3B1YmxpY19rZXlfYjY0IjoiTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFUDRpR2pVLVpoUzVyRmNNbjk0Y3BTdlB1MXJGTU1vWlFMMTB4Q2ZTRDZpNUhTcWwzclFaN0NYUlpDdUtwOTFMSFAwNEROUGcwdkluLU1xbm4tRnM5cHciLCJxdXJsX3VzZXJfcHVibGljX2tleV9iNjQiOiJWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZVIn0",
+      "expect": "reject",
+      "name": "reject_wrong_length_der",
+      "reason": "wrong_length",
+      "sig_b64": "MEQCIGulCABGO9Vdu0aBBVfMS4ikl6Xwo8GAcrPcUqQ7dX8EAiA8m1u-UPS4DqVapOcpPevgLs60yT6MrIeMqP0lz01Ovw",
+      "sig_encoding": "der",
+      "signing_input_b64": "TkhQLVFVUkwtVjItSVNTVUVSAGV5SjJJam95TENKcGMzTWlPaUp4ZFhKc0xYTmxjblpwWTJVaUxDSnJhV1FpT2lKeGRYSnNMV2x6YzNWbGNpMTJaV04wYjNJdGEyVjVJaXdpYVdGMElqb3hOemd4T1RFd01EQXdMQ0p1WW1ZaU9qRTNPREU1TVRBd01EQXNJbVY0Y0NJNk1UYzRNVGt4TURNd01Dd2lhblJwSWpvaWNYVnliRjh3TVVwV1JVTlVUMUpHU1ZoVVZWSkZNREF3TUNJc0ltTmxiR3hmY0hWaWJHbGpYMnRsZVY5aU5qUWlPaUpTUlZKRlVrVlNSVkpGVWtWU1JWSkZVa1ZTUlZKRlVrVlNSVkpGVWtWU1JWSkZVa1ZTUlZKRlVrVlJJaXdpWTJWc2JGOXBaQ0k2SW5abFkzUnZjaTFqWld4c0lpd2ljbVZzWVhsZmRYSnNJam9pYUhSMGNITTZMeTl5Wld4aGVTNWxlR0Z0Y0d4bExtTnZiU0lzSW5KbGMyOTFjbU5sWDNCMVlteHBZMTlyWlhsZllqWTBJam9pVFVacmQwVjNXVWhMYjFwSmVtb3dRMEZSV1VsTGIxcEplbW93UkVGUlkwUlJaMEZGVURScFIycFZMVnBvVXpWeVJtTk5iamswWTNCVGRsQjFNWEpHVFUxdldsRk1NVEI0UTJaVFJEWnBOVWhUY1d3emNsRmFOME5ZVWxwRGRVdHdPVEZNU0ZBd05FUk9VR2N3ZGtsdUxVMXhibTR0Um5NNWNIY2lMQ0p4ZFhKc1gzVnpaWEpmY0hWaWJHbGpYMnRsZVY5aU5qUWlPaUpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWldWbFpXVmxaV1ZsWlZJbjA"
+    }
+  ]
+}

qurl_conformance-0.1.1/qurl_conformance/_data/qv2_conformance_vectors.json

@@ -0,0 +1,376 @@
+{
+  "artifact": "qurl-v2-conformance-vectors",
+  "schema_version": 1,
+  "description": "Language-agnostic qURL v2 conformance vectors: the single wire-truth every qURL v2 verifier re-runs against its own implementation. Each class names the verifier entry point it targets and the input shape it consumes; consumers feed the input through their real parser/validator and assert the declared accept/reject outcome and reject_class.",
+  "source_of_truth": "layervai/qurl-conformance",
+  "notes": [
+    "Every committed input is deterministic: keys are fixed fill bytes or the exact keys carried by the composed signature fixture, never freshly minted.",
+    "claims_json / secret_json values are RAW JSON TEXT (ASCII), fed directly to parseClaims/parseSecret -- NOT base64. Duplicate keys and other JSON-layer faults survive because they live inside a JSON string value, not as object members a re-serializer would normalize away.",
+    "strict_base64 inputs are the base64url string VERBATIM (the fault is in the encoding layer); a consumer feeds them straight to its strict base64url decoder.",
+    "fragment inputs are full fragment bodies fed to ParseFragment, which does NOT verify the issuer signature -- the fragment class pins wire SHAPE only; signature accept/reject is the signature class.",
+    "The signature class is COMPOSED from issuer_signature_vectors.json (already byte-shared by the Go and TS verifiers); it is referenced here, not duplicated, so there is exactly one copy of the signature bytes.",
+    "KNK/ACK Noise handshake packet vectors live in the separate sibling artifact relay_knock_golden.json, not this one -- they belong to the Noise handshake layer, which the qURL v2 claims/signature/fragment layer does not import; the two families are split by layer."
+  ],
+  "signature_class": {
+    "entry_point": "qv2.VerifyRawIssuerSignature(pub, claimsB64, rawSig)",
+    "composes": "issuer_signature_vectors.json",
+    "comment": "Run the composed file's vectors through the issuer-signature verifier. accept => verifies; reject => fails with the declared reject_class (high_s | wrong_length). The composed file pins the P-256 raw r||s low-S wire encoding and the 0x00 domain separator across KMS sign output, Go verify, and WebCrypto verify.",
+    "tamper_derivation": {
+      "reject_class": "tamper",
+      "comment": "Language-agnostic payload-tamper reject DERIVED from the composed file's accept vector -- so every consumer (Go, other language implementations, the Go SDK) synthesizes the SAME negative without a third copy of signature bytes. Procedure: take the accept vector's valid 64-byte low-S signature UNCHANGED, and verify it against a claims input formed by flipping the FIRST character of the accept vector's claims_b64 between base64url 'A' and 'B' (i.e. 'A' -> 'B', any other char -> 'A'). The FIRST symbol encodes the top 6 bits of decoded byte 0 -- always fully significant, never a don't-care tail bit -- so the transformed claims_b64 stays CANONICAL base64url AND decodes to DIFFERENT bytes. That portability matters: a consumer may hash the base64 string (qURL v2's Go verifier does), decode-then-hash, or strict-decode before verifying; only a change that is both canonical and decoded-differing yields the SAME tamper rejection for all three. (A last-char flip would only touch a don't-care padding bit when len(claims_b64) mod 4 != 0, decoding to identical bytes and producing a non-canonical string -- not portable.) The signature stays structurally well-formed, so it passes the length/range/low-S gates and fails ONLY at the curve check: a verifier MUST reject it with its signature-invalid sentinel (Go: bare ErrSignature, NOT ErrSignatureHighS/ErrSignatureLength). This is the most basic signature negative -- a valid signature over the wrong message -- and is intentionally specified here as a derivation rather than stored bytes.",
+      "derive_from": "accept_vector",
+      "claims_transform": "flip_first_base64url_char_A_B"
+    }
+  },
+  "classes": {
+    "claims_parse": {
+      "entry_point": "strict claims parser (raw JSON -> Claims)",
+      "input": "claims_json",
+      "vectors": [
+        {
+          "name": "accept_valid_full",
+          "expect": "accept",
+          "reason": "schema-valid claims object with every required field, valid key lengths, and coherent iat<=exp / nbf<=exp bounds",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "accept_cell_id_absent",
+          "expect": "accept",
+          "reason": "cell_id is the one optional claim; absent entirely must still parse",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_duplicate_key",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "duplicate v key; a strict parser must reject (lenient last-wins is a signature-bypass hazard). The duplicate survives storage because it is inside a JSON string value.",
+          "claims_json": "{\"v\":2,\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_unknown_field",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "extra is not in the claim allowlist",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"extra\":\"x\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_null_required",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "jti is null; a null in a scalar field must be rejected, not coerced to the zero value",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":null,\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_missing_required",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "jti member dropped entirely",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_float_time",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "exp is fractional; integer time fields must reject a float",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300.0,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_string_time",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "exp is a string; a string-where-int must be rejected",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":\"1781910300\",\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_array_for_scalar",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "jti is an array; an array-where-scalar must be rejected",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":[\"x\"],\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_wrong_version",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "v is 1; the version is pinned to 2 and not negotiated from the payload",
+          "claims_json": "{\"v\":1,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_nbf_after_exp",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "nbf > exp; the clock-free ordering bound nbf<=exp rejects a structurally incoherent window",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781920000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_short_cell_key",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "cell_public_key_b64 decodes to 3 bytes, not the required 32; each key field is length-checked against its own size",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"AAAA\",\"cell_id\":\"vector-cell\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}"
+        },
+        {
+          "name": "reject_top_level_array",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "top-level value is an array, not a single object",
+          "claims_json": "[{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}]"
+        },
+        {
+          "name": "reject_trailing_data",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "a second concatenated JSON value follows the object; a lenient parser would ignore it",
+          "claims_json": "{\"v\":2,\"iss\":\"qurl-service\",\"kid\":\"qurl-issuer-vector-key\",\"iat\":1781910000,\"nbf\":1781910000,\"exp\":1781910300,\"jti\":\"qurl_01JVECTORFIXTURE0000\",\"cell_public_key_b64\":\"REREREREREREREREREREREREREREREREREREREREREQ\",\"relay_url\":\"https://relay.example.com\",\"resource_public_key_b64\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcOtuxu2qhc3gt1E7BiEU0CLqEDlXDwzZq0JnESgMAwERX6y_XXF5Cn5SKITWIZQmUhCZ0pHHlVn7SmFUTAnTGQ\",\"qurl_user_public_key_b64\":\"VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVU\"}{}"
+        }
+      ]
+    },
+    "secret_parse": {
+      "entry_point": "strict secret parser (raw JSON -> Secret)",
+      "input": "secret_json",
+      "vectors": [
+        {
+          "name": "accept_valid",
+          "expect": "accept",
+          "reason": "exactly one required field carrying a 32-byte X25519 private key in base64url",
+          "secret_json": "{\"qurl_user_private_key_b64\":\"CQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQk\"}"
+        },
+        {
+          "name": "reject_unknown_field",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "extra field x not in the secret allowlist",
+          "secret_json": "{\"qurl_user_private_key_b64\":\"CQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQk\",\"x\":1}"
+        },
+        {
+          "name": "reject_missing_required",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "empty object; the one required field is absent",
+          "secret_json": "{}"
+        },
+        {
+          "name": "reject_duplicate_key",
+          "expect": "reject",
+          "reject_class": "parse",
+          "reason": "the private-key field appears twice; the DUPLICATE is the sole fault -- both values are the valid 32-byte key, so a length-check alone cannot reject this. A verifier that does not detect duplicate JSON keys (lenient last-wins) MUST still reject it, which is the signature-bypass hazard this isolates for cross-language consumers.",
+          "secret_json": "{\"qurl_user_private_key_b64\":\"CQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQk\",\"qurl_user_private_key_b64\":\"CQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQk\"}"
+        },
+        {
+          "name": "reject_short_private_key",
+          "expect": "reject",
+          "reject_class": "key_length",
+          "reason": "valid base64url but decodes to 3 bytes, not the 32-byte X25519 scalar; the PoP secret is length-checked at parse, not deferred",
+          "secret_json": "{\"qurl_user_private_key_b64\":\"AQID\"}"
+        }
+      ]
+    },
+    "strict_base64": {
+      "entry_point": "strict base64url decoder (string -> bytes)",
+      "input": "value_b64",
+      "comment": "Encoding-layer rejections a browser's lenient atob would silently accept. Two cases are load-bearing because they decode leniently to the SAME bytes as a canonical string, so the strict decoder must reject them to keep one string per byte slice (a signature-bypass guard and the cross-language agreement point on which STRINGS are well-formed): non-canonical trailing bits, and embedded CR/LF, which Go's base64 decoder skips in every mode (including Strict). A verifier that only strict-decodes, without a re-encode/round-trip canonicality check, will WRONGLY accept the embedded-whitespace vectors.",
+      "vectors": [
+        {
+          "name": "accept_canonical_32_byte_key",
+          "expect": "accept",
+          "reason": "canonical unpadded base64url of 32 zero bytes (43 chars)",
+          "value_b64": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+        },
+        {
+          "name": "reject_non_canonical_trailing_bits",
+          "expect": "reject",
+          "reject_class": "encoding",
+          "reason": "final char carries non-zero don't-care trailing bits; lenient decode yields the same 32 zero bytes but strict must reject",
+          "value_b64": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB"
+        },
+        {
+          "name": "reject_padded",
+          "expect": "reject",
+          "reject_class": "encoding",
+          "reason": "trailing '=' padding is not in the unpadded base64url alphabet",
+          "value_b64": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="
+        },
+        {
+          "name": "reject_non_alphabet_char",
+          "expect": "reject",
+          "reject_class": "encoding",
+          "reason": "'+' is a standard-base64 char, not base64url; a '.' (the fragment separator) fails the same way",
+          "value_b64": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+"
+        },
+        {
+          "name": "reject_length_1_mod_4",
+          "expect": "reject",
+          "reject_class": "encoding",
+          "reason": "a single base64url char cannot encode a byte (length 1 mod 4)",
+          "value_b64": "A"
+        },
+        {
+          "name": "reject_embedded_lf",
+          "expect": "reject",
+          "reject_class": "encoding",
+          "reason": "an embedded LF inside an otherwise-canonical 43-char key; a browser's lenient atob silently skips '\\n' and recovers the same 32 bytes, so the strict decoder must reject it to keep one string per byte slice",
+          "value_b64": "AAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAA"
+        },
+        {
+          "name": "reject_embedded_cr",
+          "expect": "reject",
+          "reject_class": "encoding",
+          "reason": "an embedded CR inside an otherwise-canonical 43-char key; lenient atob silently skips '\\r' and recovers the same 32 bytes, so strict must reject it",
+          "value_b64": "AAAAAAAAAAAAAAAAAAAAA\rAAAAAAAAAAAAAAAAAAAAAA"
+        },
+        {
+          "name": "reject_embedded_crlf",
+          "expect": "reject",
+          "reject_class": "encoding",
+          "reason": "an embedded CRLF pair inside an otherwise-canonical 43-char key; lenient atob silently skips '\\r\\n' and recovers the same 32 bytes, so strict must reject it",
+          "value_b64": "AAAAAAAAAAAAAAAAAAAAA\r\nAAAAAAAAAAAAAAAAAAAAAA"
+        }
+      ]
+    },
+    "fragment": {
+      "entry_point": "ParseFragment(body)",
+      "input": "fragment",
+      "comment": "ParseFragment pins wire SHAPE and strict-parses the claims/secret parts; it does NOT verify the issuer signature, so the sig part need only be a base64url 64-byte blob. The accept fragment composes the signature fixture's accept claims part with a valid secret part and the fixture's accept sig.",
+      "vectors": [
+        {
+          "name": "accept_valid_fragment",
+          "expect": "accept",
+          "reason": "qv2 prefix, four dot-separated parts, strict-valid claims and secret, base64url 64-byte sig",
+          "fragment": "qv2.eyJ2IjoyLCJpc3MiOiJxdXJsLXNlcnZpY2UiLCJraWQiOiJxdXJsLWlzc3Vlci12ZWN0b3Ita2V5IiwiaWF0IjoxNzgxOTEwMDAwLCJuYmYiOjE3ODE5MTAwMDAsImV4cCI6MTc4MTkxMDMwMCwianRpIjoicXVybF8wMUpWRUNUT1JGSVhUVVJFMDAwMCIsImNlbGxfcHVibGljX2tleV9iNjQiOiJSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVRIiwiY2VsbF9pZCI6InZlY3Rvci1jZWxsIiwicmVsYXlfdXJsIjoiaHR0cHM6Ly9yZWxheS5leGFtcGxlLmNvbSIsInJlc291cmNlX3B1YmxpY19rZXlfYjY0IjoiTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFUDRpR2pVLVpoUzVyRmNNbjk0Y3BTdlB1MXJGTU1vWlFMMTB4Q2ZTRDZpNUhTcWwzclFaN0NYUlpDdUtwOTFMSFAwNEROUGcwdkluLU1xbm4tRnM5cHciLCJxdXJsX3VzZXJfcHVibGljX2tleV9iNjQiOiJWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZVIn0.eyJxdXJsX3VzZXJfcHJpdmF0ZV9rZXlfYjY0IjoiQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRayJ9.a6UIAEY71V27RoEFV8xLiKSXpfCjwYBys9xSpDt1fwQ8m1u-UPS4DqVapOcpPevgLs60yT6MrIeMqP0lz01Ovw"
+        },
+        {
+          "name": "reject_wrong_prefix",
+          "expect": "reject",
+          "reject_class": "fragment",
+          "reason": "prefix is qv1, not the literal qv2",
+          "fragment": "qv1.eyJ2IjoyLCJpc3MiOiJxdXJsLXNlcnZpY2UiLCJraWQiOiJxdXJsLWlzc3Vlci12ZWN0b3Ita2V5IiwiaWF0IjoxNzgxOTEwMDAwLCJuYmYiOjE3ODE5MTAwMDAsImV4cCI6MTc4MTkxMDMwMCwianRpIjoicXVybF8wMUpWRUNUT1JGSVhUVVJFMDAwMCIsImNlbGxfcHVibGljX2tleV9iNjQiOiJSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVRIiwiY2VsbF9pZCI6InZlY3Rvci1jZWxsIiwicmVsYXlfdXJsIjoiaHR0cHM6Ly9yZWxheS5leGFtcGxlLmNvbSIsInJlc291cmNlX3B1YmxpY19rZXlfYjY0IjoiTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFY090dXh1MnFoYzNndDFFN0JpRVUwQ0xxRURsWER3elpxMEpuRVNnTUF3RVJYNnlfWFhGNUNuNVNLSVRXSVpRbVVoQ1owcEhIbFZuN1NtRlVUQW5UR1EiLCJxdXJsX3VzZXJfcHVibGljX2tleV9iNjQiOiJWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZVIn0.eyJxdXJsX3VzZXJfcHJpdmF0ZV9rZXlfYjY0IjoiQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRayJ9.zvNKPXCqjQEbjUtqfqqTL2IN7GeLHVUTODPlwTvyAew53yasEYsqmoUMEDFXzR1UAe2JQ3kETR5MG0HGd1JpJQ"
+        },
+        {
+          "name": "reject_too_few_parts",
+          "expect": "reject",
+          "reject_class": "fragment",
+          "reason": "only three dot-separated tokens (prefix + claims + secret); the sig part is missing",
+          "fragment": "qv2.eyJ2IjoyLCJpc3MiOiJxdXJsLXNlcnZpY2UiLCJraWQiOiJxdXJsLWlzc3Vlci12ZWN0b3Ita2V5IiwiaWF0IjoxNzgxOTEwMDAwLCJuYmYiOjE3ODE5MTAwMDAsImV4cCI6MTc4MTkxMDMwMCwianRpIjoicXVybF8wMUpWRUNUT1JGSVhUVVJFMDAwMCIsImNlbGxfcHVibGljX2tleV9iNjQiOiJSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVRIiwiY2VsbF9pZCI6InZlY3Rvci1jZWxsIiwicmVsYXlfdXJsIjoiaHR0cHM6Ly9yZWxheS5leGFtcGxlLmNvbSIsInJlc291cmNlX3B1YmxpY19rZXlfYjY0IjoiTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFY090dXh1MnFoYzNndDFFN0JpRVUwQ0xxRURsWER3elpxMEpuRVNnTUF3RVJYNnlfWFhGNUNuNVNLSVRXSVpRbVVoQ1owcEhIbFZuN1NtRlVUQW5UR1EiLCJxdXJsX3VzZXJfcHVibGljX2tleV9iNjQiOiJWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZVIn0.eyJxdXJsX3VzZXJfcHJpdmF0ZV9rZXlfYjY0IjoiQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRayJ9"
+        },
+        {
+          "name": "reject_empty_sig_part",
+          "expect": "reject",
+          "reject_class": "fragment",
+          "reason": "four parts but the sig part is empty",
+          "fragment": "qv2.eyJ2IjoyLCJpc3MiOiJxdXJsLXNlcnZpY2UiLCJraWQiOiJxdXJsLWlzc3Vlci12ZWN0b3Ita2V5IiwiaWF0IjoxNzgxOTEwMDAwLCJuYmYiOjE3ODE5MTAwMDAsImV4cCI6MTc4MTkxMDMwMCwianRpIjoicXVybF8wMUpWRUNUT1JGSVhUVVJFMDAwMCIsImNlbGxfcHVibGljX2tleV9iNjQiOiJSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVSRVJFUkVRIiwiY2VsbF9pZCI6InZlY3Rvci1jZWxsIiwicmVsYXlfdXJsIjoiaHR0cHM6Ly9yZWxheS5leGFtcGxlLmNvbSIsInJlc291cmNlX3B1YmxpY19rZXlfYjY0IjoiTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFY090dXh1MnFoYzNndDFFN0JpRVUwQ0xxRURsWER3elpxMEpuRVNnTUF3RVJYNnlfWFhGNUNuNVNLSVRXSVpRbVVoQ1owcEhIbFZuN1NtRlVUQW5UR1EiLCJxdXJsX3VzZXJfcHVibGljX2tleV9iNjQiOiJWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZWVlZVIn0.eyJxdXJsX3VzZXJfcHJpdmF0ZV9rZXlfYjY0IjoiQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRa0pDUWtKQ1FrSkNRayJ9."
+        }
+      ]
+    },
+    "relay_allowlist": {
+      "entry_point": "ValidateRelayURL(url, NewRelayAllowlist(entries))",
+      "input": "entries + url",
+      "comment": "Pins the relay_url HTTPS + allowlist contract acted on only AFTER signature verification. Covers match PRECEDENCE (exact host:port vs bare-host-any-port), the userinfo embedded-credentials bypass, the http rejection, and fail-closed on an empty/absent allowlist. There is no entry-ORDER semantic in the matcher; these vectors pin precedence/coverage, not ordering of the entries slice.",
+      "vectors": [
+        {
+          "name": "accept_bare_host_default_port",
+          "expect": "accept",
+          "reason": "a bare-host entry matches a no-explicit-port URL: with no port, host == hostname, so the exact host[:port] lookup already hits (the bare-host-any-port fallback path is exercised separately by accept_bare_host_any_port)",
+          "entries": ["relay.example.com", "relay2.example.com:8443"],
+          "url": "https://relay.example.com"
+        },
+        {
+          "name": "accept_bare_host_any_port",
+          "expect": "accept",
+          "reason": "a bare-host entry matches any explicit port",
+          "entries": ["relay.example.com", "relay2.example.com:8443"],
+          "url": "https://relay.example.com:9000"
+        },
+        {
+          "name": "accept_exact_host_port",
+          "expect": "accept",
+          "reason": "an explicit host:port entry matches the same host:port",
+          "entries": ["relay.example.com", "relay2.example.com:8443"],
+          "url": "https://relay2.example.com:8443"
+        },
+        {
+          "name": "reject_exact_host_port_other_port",
+          "expect": "reject",
+          "reject_class": "relay_url",
+          "reason": "an explicit host:port entry does NOT match a different port for that host (precedence: the :8443 entry is literal)",
+          "entries": ["relay.example.com", "relay2.example.com:8443"],
+          "url": "https://relay2.example.com:9999"
+        },
+        {
+          "name": "reject_http_scheme",
+          "expect": "reject",
+          "reject_class": "relay_url",
+          "reason": "scheme must be https",
+          "entries": ["relay.example.com"],
+          "url": "http://relay.example.com"
+        },
+        {
+          "name": "reject_off_allowlist",
+          "expect": "reject",
+          "reject_class": "relay_url",
+          "reason": "host is on no allowlist entry",
+          "entries": ["relay.example.com"],
+          "url": "https://evil.example.com"
+        },
+        {
+          "name": "reject_userinfo_bypass",
+          "expect": "reject",
+          "reject_class": "relay_url",
+          "reason": "classic allowlist bypass: the real host is evil.example.com with the allowlisted host smuggled into userinfo; userinfo-bearing URLs are rejected outright",
+          "entries": ["allowed.example.com"],
+          "url": "https://allowed.example.com@evil.example.com"
+        },
+        {
+          "name": "reject_userinfo_real_host_allowlisted",
+          "expect": "reject",
+          "reject_class": "relay_url",
+          "reason": "decisive case: even when the REAL post-@ host equals the allowlisted host, the userinfo guard (not the allowlist) must reject it",
+          "entries": ["allowed.example.com"],
+          "url": "https://allowed.example.com@allowed.example.com"
+        },
+        {
+          "name": "reject_empty_allowlist_fail_closed",
+          "expect": "reject",
+          "reject_class": "relay_url",
+          "reason": "an empty allowlist rejects every URL (fail closed)",
+          "entries": [],
+          "url": "https://relay.example.com"
+        }
+      ]
+    },
+    "server_id": {
+      "entry_point": "PubKeyFingerprint(decode(cell_public_key_b64))",
+      "input": "cell_public_key_b64 -> server_id",
+      "comment": "The relay routing id the JS/headless agent derives from the cell public key for POST /relay/{serverId}: base64url(SHA-256(rawCellPubKey)[:8]), 11 chars, no padding. The consumer DECODES cell_public_key_b64 to raw bytes, recomputes the fingerprint with its OWN canonical implementation, and asserts it equals server_id -- so the routing contract is recomputed, never a trusted stored value. The fill-0x42 / fill-0x70 samples reuse the existing fingerprint golden inputs/outputs (crypto_fingerprint_test.go <-> fingerprint.test.ts) so this class cannot fork that contract.",
+      "vectors": [
+        {
+          "name": "cell_fill_0x44_fixture_cell",
+          "expect": "accept",
+          "reason": "the exact cell key carried by the composed signature fixture (32 bytes of 0x44)",
+          "cell_public_key_b64": "REREREREREREREREREREREREREREREREREREREREREQ",
+          "server_id": "uzkUFcBeOdc"
+        },
+        {
+          "name": "cell_fill_0x42_golden",
+          "expect": "accept",
+          "reason": "reuses the fill-0x42 fingerprint golden vector input/output",
+          "cell_public_key_b64": "QkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkI",
+          "server_id": "Ql7U5KNrMOo"
+        },
+        {
+          "name": "cell_fill_0x70_substitution",
+          "expect": "accept",
+          "reason": "reuses the fill-0x70 golden vector whose 8-byte SHA-256 prefix exercises both base64url + -> - and / -> _ substitutions",
+          "cell_public_key_b64": "cHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHA",
+          "server_id": "p8u_3-Ocffc"
+        },
+        {
+          "name": "cell_seq_1to32_golden",
+          "expect": "accept",
+          "reason": "reuses the seq-1to32 fingerprint golden vector input/output (cell key = 32 bytes of 0x01..0x20), shared with the relay-knock PubKeyFingerprint golden so the routing-id contract cannot fork",
+          "cell_public_key_b64": "AQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyA",
+          "server_id": "riFsLvUkejc"
+        }
+      ]
+    }
+  }
+}

qurl_conformance-0.1.1/qurl_conformance/_data/relay_knock_golden.json

@@ -0,0 +1,31 @@
+{
+  "artifact": "qurl-relay-knock-golden-vectors",
+  "schema_version": 1,
+  "description": "NHP relay-knock Noise-handshake golden packets (X25519 / AES-256-GCM / BLAKE2s).",
+  "source_of_truth": "github.com/layervai/qurl-conformance",
+  "notes": [
+    "knock: a conformant initiator MUST reproduce knock.packet_hex byte-for-byte from the listed inputs.",
+    "ack: the server reply is generated at origin by the NHP server seal with a RANDOM server ephemeral key, so it is NOT reproducible by a client; a consumer can only decrypt it and MUST recover type=ACK, counter, timestamp_nanos, and body_hex. Re-hosted here verbatim as a frozen golden value.",
+    "Origin: the NHP cross-language handshake fixtures; re-hosted and pinned here."
+  ],
+  "knock": {
+    "server_static_priv_hex": "0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20",
+    "server_static_pub_hex": "07a37cbc142093c8b755dc1b10e86cb426374ad16aa853ed0bdfc0b2b86d1c7c",
+    "device_static_priv_hex": "4142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f60",
+    "device_static_pub_hex": "64b101b1d0be5a8704bd078f9895001fc03e8e9f9522f188dd128d9846d48466",
+    "ephemeral_priv_hex": "8182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0",
+    "timestamp_nanos": "1700000000000000000",
+    "counter": "1",
+    "preamble_hex": "11223344",
+    "body_hex": "7b2274657374223a226a732d6167656e74206b6e6f636b227d",
+    "packet_hex": "112233441123336d01000000000000000000000000000001883186b800b41d5cf0429695da9b3cc4f328ebcd184a6e482fa578c103f06c770000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e033f9d754b03a03eac48c26963c36f336bd3f1cd4ebf20c39cb3179646bf3b8ac43e2e886508ebded4a9d25e693f13d6f8bbd76bde5ac81b3cf11ca8bfc60dac9f5d290dfb7e979e019974fa54fbf0f501cae15125de39e22f6fd6d4be21f53724f2edb234b305275e5958b30dbee3212980ea4ca98b63f436c12da56e6587097ba12762e2f4d61dcb8023603f82f1d6d"
+  },
+  "ack": {
+    "server_static_pub_hex": "07a37cbc142093c8b755dc1b10e86cb426374ad16aa853ed0bdfc0b2b86d1c7c",
+    "agent_static_priv_hex": "4142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f60",
+    "timestamp_nanos": "1781494443173070000",
+    "counter_hex": "1122334455667788",
+    "body_hex": "7b22657272436f6465223a2230222c22726573486f7374223a7b22725f6a736167656e74223a2231302e302e302e37227d2c226f706e54696d65223a3930302c226167656e7441646472223a223230332e302e3131332e39222c226163546f6b656e73223a7b22725f6a736167656e74223a22746f6b2d616263313233227d7d",
+    "packet_hex": "455e3ec8455c3e4b01000002000000001122334455667788345bdbe28c304e7dae8ca4e672fbca9b48d9ec7d673566ce09c9b7ef662707670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a332e8cfa2e4eff64b7636eed1d047c275f7b0aced2debd8138daecf49e29bd92e89bc40a2cd98f2bf9f29d0c451b186b825b5d2d55a6668c06eed5f504087255b267fac40a7eac3f612fd2d62f6740740c53495dfbd7fc12d42acea3eab519b3015e532128a9bd3d75a3e46313f2b4ce17d50551f9eb1fbbbb331f2ccb5aa8ad1d04a191feabdebc03b0984b9098823085259197e4ba00cffc238599766960438fd6225d945f8af6edece5d9feffb9bda0ec3ec5d3f65b0e0eb9d35c36c500809edbb2854a4cf25ea206f96f33383ae71919ac3ad64e7178936e09906169d2197e42e52ad8e1676ccb5c5"
+  }
+}

qurl_conformance-0.1.1/qurl_conformance.egg-info/PKG-INFO

@@ -0,0 +1,9 @@
+Metadata-Version: 2.4
+Name: qurl-conformance
+Version: 0.1.1
+Summary: qURL v2 cross-language conformance vectors
+License: MIT
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+
+qURL v2 cross-language conformance vectors (Python accessor).

qurl_conformance-0.1.1/qurl_conformance.egg-info/SOURCES.txt

@@ -0,0 +1,10 @@
+README.md
+pyproject.toml
+qurl_conformance/__init__.py
+qurl_conformance.egg-info/PKG-INFO
+qurl_conformance.egg-info/SOURCES.txt
+qurl_conformance.egg-info/dependency_links.txt
+qurl_conformance.egg-info/top_level.txt
+qurl_conformance/_data/issuer_signature_vectors.json
+qurl_conformance/_data/qv2_conformance_vectors.json
+qurl_conformance/_data/relay_knock_golden.json

qurl_conformance-0.1.1/qurl_conformance.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

qurl_conformance-0.1.1/qurl_conformance.egg-info/top_level.txt

@@ -0,0 +1 @@
+qurl_conformance

qurl_conformance-0.1.1/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+