/**
 * PEAC Structured Error Model
 *
 * Standardized error responses for protocol failures.
 * See docs/specs/ERRORS.md for complete error registry.
 */
import type { ErrorCategory } from '@peac/kernel';
export type { ErrorCategory };
/**
 * @deprecated Use ERROR_CATEGORIES from @peac/kernel instead.
 * Re-exported for backwards compatibility.
 */
export declare const ERROR_CATEGORIES_CANONICAL: readonly ["attribution", "bundle", "control", "cryptography", "dispute", "identity", "infrastructure", "interaction", "ucp", "validation", "verification", "verifier", "workflow"];
/**
 * Error severity
 */
export type ErrorSeverity = 'error' | 'warning';
/**
 * Structured PEAC error
 *
 * Provides machine-readable error information with:
 * - Stable error codes
 * - Category classification
 * - Retryability hints
 * - Remediation guidance
 */
export interface PEACError {
    /**
     * Error code
     *
     * Stable identifier for this error type.
     * See docs/specs/ERRORS.md for registry.
     *
     * Examples:
     * - "E_CONTROL_REQUIRED"
     * - "E_INVALID_SIGNATURE"
     * - "E_SSRF_BLOCKED"
     * - "E_DPOP_REPLAY"
     */
    code: string;
    /**
     * Error category
     *
     * Broad classification for programmatic handling.
     */
    category: ErrorCategory;
    /**
     * Error severity
     *
     * - "error": Operation failed, cannot proceed
     * - "warning": Operation succeeded but with caveats
     */
    severity: ErrorSeverity;
    /**
     * Whether the operation is retryable
     *
     * - true: Client should retry (network, rate limit, transient)
     * - false: Client should not retry (validation, security, permanent)
     */
    retryable: boolean;
    /**
     * Suggested HTTP status code
     *
     * Maps error to appropriate HTTP response code.
     * Examples:
     * - 400: Validation errors
     * - 401: Verification failures (signature, attestation temporal)
     * - 403: Control denials (authorization)
     * - 502: Infrastructure failures (JWKS fetch, etc.)
     */
    http_status?: number;
    /**
     * JSON Pointer (RFC 6901) to problematic field
     *
     * Identifies the specific field that caused the error.
     * Examples:
     * - "/auth/control" - Missing control block
     * - "/evidence/payment/amount" - Invalid amount
     * - "/auth/control/chain/0/result" - Invalid result value
     */
    pointer?: string;
    /**
     * Human-readable remediation guidance
     *
     * Short hint for fixing the error.
     * Examples:
     * - "Add control{} block when payment{} is present"
     * - "Ensure JWS signature is valid"
     * - "Retry after 60 seconds"
     */
    remediation?: string;
    /**
     * Implementation-specific error details
     *
     * Additional context for debugging.
     * Structure varies by error code.
     */
    details?: unknown;
}
/**
 * Error code registry
 *
 * Well-known error codes. See docs/specs/ERRORS.md for complete list.
 */
export declare const ERROR_CODES: {
    readonly E_CONTROL_REQUIRED: "E_CONTROL_REQUIRED";
    readonly E_INVALID_ENVELOPE: "E_INVALID_ENVELOPE";
    readonly E_INVALID_CONTROL_CHAIN: "E_INVALID_CONTROL_CHAIN";
    readonly E_INVALID_PAYMENT: "E_INVALID_PAYMENT";
    readonly E_INVALID_POLICY_HASH: "E_INVALID_POLICY_HASH";
    readonly E_EXPIRED_RECEIPT: "E_EXPIRED_RECEIPT";
    readonly E_EVIDENCE_NOT_JSON: "E_EVIDENCE_NOT_JSON";
    readonly E_INVALID_SIGNATURE: "E_INVALID_SIGNATURE";
    readonly E_SSRF_BLOCKED: "E_SSRF_BLOCKED";
    readonly E_DPOP_REPLAY: "E_DPOP_REPLAY";
    readonly E_DPOP_INVALID: "E_DPOP_INVALID";
    readonly E_CONTROL_DENIED: "E_CONTROL_DENIED";
    readonly E_JWKS_FETCH_FAILED: "E_JWKS_FETCH_FAILED";
    readonly E_POLICY_FETCH_FAILED: "E_POLICY_FETCH_FAILED";
    readonly E_NETWORK_ERROR: "E_NETWORK_ERROR";
    readonly E_WORKFLOW_CONTEXT_INVALID: "E_WORKFLOW_CONTEXT_INVALID";
    readonly E_WORKFLOW_DAG_INVALID: "E_WORKFLOW_DAG_INVALID";
    readonly E_WORKFLOW_LIMIT_EXCEEDED: "E_WORKFLOW_LIMIT_EXCEEDED";
    readonly E_WORKFLOW_ID_INVALID: "E_WORKFLOW_ID_INVALID";
    readonly E_WORKFLOW_STEP_ID_INVALID: "E_WORKFLOW_STEP_ID_INVALID";
    readonly E_WORKFLOW_PARENT_NOT_FOUND: "E_WORKFLOW_PARENT_NOT_FOUND";
    readonly E_WORKFLOW_SUMMARY_INVALID: "E_WORKFLOW_SUMMARY_INVALID";
    readonly E_WORKFLOW_CYCLE_DETECTED: "E_WORKFLOW_CYCLE_DETECTED";
    readonly E_CONSTRAINT_VIOLATION: "E_CONSTRAINT_VIOLATION";
    readonly E_INVALID_EXTENSION_KEY: "E_INVALID_EXTENSION_KEY";
};
/**
 * Error code type
 */
export type ErrorCode = (typeof ERROR_CODES)[keyof typeof ERROR_CODES];
/**
 * Helper to create a structured error
 */
export declare function createPEACError(code: ErrorCode, category: ErrorCategory, severity: ErrorSeverity, retryable: boolean, options?: {
    http_status?: number;
    pointer?: string;
    remediation?: string;
    details?: unknown;
}): PEACError;
/**
 * Create an evidence validation error
 *
 * Used when evidence contains non-JSON-safe values like NaN, Infinity,
 * undefined, Date, Map, Set, BigInt, functions, or class instances.
 */
export declare function createEvidenceNotJsonError(message: string, path?: (string | number)[]): PEACError;
/**
 * Create a workflow context validation error
 *
 * Used when workflow_context does not conform to WorkflowContextSchema.
 */
export declare function createWorkflowContextInvalidError(details?: string): PEACError;
/**
 * Create a workflow DAG validation error
 *
 * Used when workflow DAG semantics are violated (self-parent, duplicate parents, cycle).
 */
export declare function createWorkflowDagInvalidError(reason: 'self_parent' | 'duplicate_parent' | 'cycle'): PEACError;
/**
 * Create a kernel constraint violation error
 *
 * Used when receipt claims violate structural kernel constraints
 * (depth, array length, object keys, string length, total nodes).
 */
export declare function createConstraintViolationError(violations: Array<{
    constraint: string;
    actual: number;
    limit: number;
    path?: string;
}>): PEACError;
//# sourceMappingURL=errors.d.ts.map