import type { ActionIntent, PolicyDecision, PolicyReceipt, PolicyValidator, ValidationContext, PolicyEvaluationResult, EpistemicClaims } from '../types/policy.js'; import type { ActionReceipt, Delegation } from '../types/passport.js'; import { type DecisionReceiptEnvelope } from '../decisionReceipt.js'; /** * Agent declares what it wants to do before doing it. * This is the "ask" — signed by the requesting agent. */ export declare function createActionIntent(opts: { agentId: string; agentPublicKey: string; delegationId: string; action: ActionIntent['action']; context?: string; privateKey: string; }): ActionIntent; export declare function verifyActionIntent(intent: ActionIntent): { valid: boolean; errors: string[]; }; /** * Evaluate an intent against the floor using a validator. * The evaluator signs the decision — cryptographic proof of * what was checked and what was decided. */ export declare function evaluateIntent(opts: { intent: ActionIntent; validator: PolicyValidator; validationContext: ValidationContext; evaluatorId: string; evaluatorPublicKey: string; evaluatorPrivateKey: string; decisionTTLMinutes?: number; }): PolicyDecision; export declare function verifyPolicyDecision(decision: PolicyDecision): { valid: boolean; errors: string[]; }; /** * After execution, create the policy receipt that links: * intent (agent signed) → decision (evaluator signed) → receipt (executor signed) * * This is the complete audit trail. Any third party can verify * all three signatures independently. */ export declare function createPolicyReceipt(opts: { intent: ActionIntent; decision: PolicyDecision; receipt: ActionReceipt; verifierPrivateKey: string; /** v2.3 — ordered root-to-leaf delegation chain. * When supplied, the returned receipt carries delegation_chain_root and * delegation_depth. Optional for v2.2.x back-compat. */ delegationChain?: Delegation[]; /** v2.3 — typed epistemic labels for the four claim classes. * When supplied, embedded on the PolicyReceipt and carried into the * parallel Decision Receipt envelope (when emitted). */ epistemicClaims?: EpistemicClaims; }): PolicyReceipt; /** v2.3 — emit a PolicyReceipt + parallel in-toto Decision Receipt envelope. * * Returns both artifacts so v2.2.x consumers keep working against the * PolicyReceipt while v2.3-aware verifiers (APS-aware sinks, cross-repo * verifiers like @veritasacta/verify) consume the Decision Receipt envelope. * * Reference implementation of ENFORCEMENT-TRUST-ANCHOR.md Component A. * This is a protocol primitive — gateway integration happens at the caller * (e.g. @aeoess/gateway's ProxyGateway.emit). */ export declare function createPolicyReceiptWithDecisionReceipt(opts: { intent: ActionIntent; decision: PolicyDecision; receipt: ActionReceipt; verifierPrivateKey: string; delegationChain: Delegation[]; epistemicClaims: EpistemicClaims; policyId: string; issuerId: string; signerKeyId: string; }): { policyReceipt: PolicyReceipt; decisionReceipt: DecisionReceiptEnvelope; }; export declare function verifyPolicyReceipt(policyReceipt: PolicyReceipt, verifierPublicKey: string): { valid: boolean; errors: string[]; }; export declare class FloorValidatorV1 implements PolicyValidator { readonly version = "1.0"; readonly name = "floor-validator-v1"; evaluate(intent: Omit, ctx: ValidationContext): PolicyEvaluationResult; private checkTraceability; private checkIdentity; private checkScope; private checkRevocability; private checkAuditability; private checkSpend; } /** * Execute the full three-signature chain: * 1. Create ActionIntent (agent signs) * 2. Evaluate against floor (evaluator signs) * 3. If permitted, return the decision for the caller to proceed * * The ActionReceipt is created separately after execution * (by the existing createReceipt function), then linked via * createPolicyReceipt. */ export declare function requestAction(opts: { agentId: string; agentPublicKey: string; agentPrivateKey: string; delegationId: string; action: ActionIntent['action']; context?: string; validator: PolicyValidator; validationContext: ValidationContext; evaluatorId: string; evaluatorPublicKey: string; evaluatorPrivateKey: string; }): { intent: ActionIntent; decision: PolicyDecision; }; /** * Compute a compound digest binding ActionIntent + PolicyReceipt + executionFrameId. * A third party can verify the binding from this single value without retrieving * both artifacts separately. (desiorac, A2A#1672) */ export declare function computeCompoundDigest(opts: { intent: ActionIntent; receipt: PolicyReceipt; executionFrameId: string; timestamp: string; }): string; /** * Capture routing context at a point in time. Use at intent declaration time * and at execution time. Compare the two with detectRoutingDivergence(). */ export declare function captureRoutingContext(opts: { did?: string; didDocument?: string | Record; endpoint?: string; }): { did?: string; didDocumentHash?: string; endpointHash?: string; }; export type DivergencePattern = 'none' | 'endpoint_migration' | 'key_rotation' | 'full_migration' | 'entity_change' | 'partial'; /** * Detect routing divergence between intent time and execution time. * Returns a structured report with the divergence pattern and details. * Three distinct patterns (desiorac, OATR#2): * 1. DID stable + endpoint changed + doc stable = operational migration (benign) * 2. DID stable + endpoint stable + doc changed = key rotation (re-attest) * 3. DID changed = different entity (always flag) */ export declare function detectRoutingDivergence(opts: { intent: { did?: string; didDocumentHash?: string; endpointHash?: string; }; execution: { did?: string; didDocumentHash?: string; endpointHash?: string; }; resolutionDeltaMs?: number; }): { pattern: DivergencePattern; didChanged: boolean; documentChanged: boolean; endpointChanged: boolean; resolutionDeltaMs?: number; riskLevel: 'none' | 'low' | 'medium' | 'high'; }; export interface PolicyChainEntry { /** Position in the chain (0-indexed) */ index: number; /** The agent this chain belongs to */ agentId: string; /** SHA-256(canonicalized constraints + previousHash) */ policyHash: string; /** Previous entry's hash (null for genesis) */ previousPolicyHash: string | null; /** The constraint snapshot that produced this hash */ constraints: PolicyConstraintSnapshot; /** When this entry was created */ timestamp: string; /** Optional: which policy evaluation triggered this entry */ decisionId?: string; } export interface PolicyConstraintSnapshot { /** Active delegation scopes */ scopes: string[]; /** Spend limit remaining */ spendLimit?: number; /** Trust level / passport grade */ trustLevel?: number; /** Max delegation depth remaining */ maxDepth?: number; /** Expiry timestamp of active delegation */ expiresAt?: string; /** Reversibility ceiling */ maxReversibility?: string; /** Any additional constraint dimensions */ [key: string]: unknown; } export interface PolicyChain { agentId: string; entries: PolicyChainEntry[]; currentHash: string | null; } /** * Create a new empty policy chain for an agent. */ export declare function createPolicyChain(agentId: string): PolicyChain; /** * Append a new constraint snapshot to the chain. * Returns the new entry with its computed hash. */ export declare function appendPolicyChainEntry(chain: PolicyChain, constraints: PolicyConstraintSnapshot, decisionId?: string): PolicyChainEntry; /** * Verify the integrity of a policy chain. * Recomputes every hash from the constraint snapshots. * If any entry was tampered with (constraints changed, entry removed/inserted), * the chain breaks and verification fails. */ export declare function verifyPolicyChain(chain: PolicyChain): { valid: boolean; brokenAt?: number; expectedHash?: string; actualHash?: string; length: number; }; /** * Detect constraint drift between consecutive chain entries. * Returns which constraint dimensions changed and whether the change * was a narrowing (safe) or widening (violation). */ export declare function detectConstraintDrift(chain: PolicyChain): { drifts: Array<{ fromIndex: number; toIndex: number; field: string; before: unknown; after: unknown; direction: 'narrowed' | 'widened' | 'changed'; }>; hasDrift: boolean; hasWidening: boolean; }; //# sourceMappingURL=policy.d.ts.map