import type { ActionIntent, PolicyDecision } from '../types/policy.js'; import type { ContentHash, EvaluationMethod, ScopeInterpretation, DecisionSemantics, DecisionArtifact, DecisionArtifactVerification } from '../types/decision-semantics.js'; /** * Minimum required identity boundary fields per artifact type. * The spec declares these minimums — artifacts can commit to more but not fewer. */ export declare const MINIMUM_IDENTITY_FIELDS: Record; /** * Compute a content hash of an ActionIntent (unsigned fields only). * Uses SHA-256 of canonical JSON serialization. * Makes the intent content-addressable — reference by hash, not just signature. * * The identity boundary (sorted field names) is committed into the hash, * making the artifact self-describing: any engine can verify which fields * define identity without depending on external projection rules. */ export declare function computeContentHash(intent: Omit): Promise; /** * Verify that a content hash matches the intent it claims to represent. * If identityBoundary is present, verifies the boundary was committed into the hash. */ export declare function verifyContentHash(intent: ActionIntent): Promise<{ valid: boolean; error?: string; }>; /** * Validate that an identity boundary meets the spec minimum for its artifact type. * The spec declares minimum required fields — the artifact can commit to more but not fewer. */ export declare function validateIdentityBoundary(boundary: string[], artifactType: string): { valid: boolean; missing: string[]; }; /** * Create an ActionIntent with a content hash embedded. * The hash is computed over the unsigned, unhashed intent, * then included in the object before signing. * This means the signature covers the hash — binding content identity to signer identity. */ export declare function createContentAddressableIntent(opts: { agentId: string; agentPublicKey: string; delegationId: string; action: ActionIntent['action']; context?: string; privateKey: string; }): Promise; /** * Classify the evaluation method of a PolicyDecision. * If the decision already has evaluationMethod set, returns it. * Otherwise infers from the principles evaluated. */ export declare function classifyEvaluationMethod(decision: PolicyDecision): EvaluationMethod; /** * Decompose a PolicyDecision into structural vs trust components. * Structural: F-001 through F-005 (scope, delegation, registration) * Trust: F-006, F-007, and any reputation/behavioral checks */ export declare function decomposeDecision(decision: PolicyDecision): DecisionSemantics; /** * Create a cross-engine decision artifact from an intent + decision pair. * Bundles the pre-execution decision with its semantic decomposition * into a single verifiable, content-addressable object. */ export declare function createDecisionArtifact(opts: { intent: ActionIntent; decision: PolicyDecision; engine: string; version?: string; signerPrivateKey: string; }): Promise; /** * Verify all cryptographic properties of a decision artifact. * Checks: content hash, intent signature, decision signature, artifact signature. */ export declare function verifyDecisionArtifact(artifact: DecisionArtifact, keys: { intentSignerPublicKey: string; decisionSignerPublicKey: string; artifactSignerPublicKey: string; }, originalIntent: ActionIntent, originalDecision: PolicyDecision): Promise; /** * Get the effective scope interpretation for a delegation. * Defaults to 'hierarchical' — APS's native scope matching. */ export declare function getEffectiveScopeInterpretation(delegation: { scopeInterpretation?: ScopeInterpretation; }): ScopeInterpretation; export declare function sha256Hex(data: string): Promise; //# sourceMappingURL=decision-semantics.d.ts.map