import type { ScopedReputation, TierDefinition, EvidenceClass, TaskClassification, EvidencePortfolio, EvidenceDiversity, PromotionRequirements, PromotionReview, RuntimeProfile, RuntimeChangeClass, TierEscalation, TierCheckContext } from '../types/reputation-authority.js'; import type { AutonomyLevel } from '../types/intent.js'; /** Strictness constant for effective score: score = mu - K * sigma */ export declare const DEFAULT_K = 2; /** Maximum uncertainty value */ export declare const MAX_SIGMA = 25; /** Initial mu for a new agent (slight benefit of doubt) */ export declare const INITIAL_MU = 25; /** Initial sigma for a new agent (maximum uncertainty) */ export declare const INITIAL_SIGMA = 25; /** Points added to promotion threshold per demotion (cryptographic scarring) */ export declare const SCARRING_PENALTY = 5; /** Maximum number of evidence events retained in the ScopedReputation * recentObservations ring buffer (FIFO eviction). * * Default is 30. Rationale: NexusGuard's PDR sliding window analysis in * Nanook PDR v2.19 §6.6 finds that window sizes 5-30 cover the full * detection sensitivity range (5 catches drift in 5 events with * alert-fatigue risk; 30 dilutes brief degradation episodes but produces * stable signal). 30 is the upper end of that range, which means the * ring buffer holds enough history to support every window size the * paper explores without storing more than necessary. Memory cost per * reputation: ~30 × 5 fields ≈ 150 small primitives, negligible. * * Reference: Nanook PDR v2.19 §6.6, gap audit §3 row 8 / §5 rank 3. */ export declare const RECENT_OBSERVATIONS_CAP = 30; /** Default tier definitions with hysteresis */ export declare const DEFAULT_TIERS: TierDefinition[]; /** * Compute effective reputation score from (mu, sigma). * Higher sigma (uncertainty) penalizes the score. * Result clamped to [0, 100]. */ export declare function computeEffectiveScore(mu: number, sigma: number, k?: number): number; /** * Create a fresh reputation state for a new (principal, agent, scope) tuple. */ export declare function createScopedReputation(principalId: string, agentId: string, scope: string): ScopedReputation; /** * Create empty evidence diversity metadata. */ export declare function createEvidenceDiversity(): EvidenceDiversity; /** Default temporal spread calibration window in days. * Configurable per deployment. Nanook's empirical data suggests * window ≥ 5 observations achieves reliable drift detection. * 14 days is a conservative default for most agent deployments. */ export declare const DEFAULT_TEMPORAL_SPREAD_DAYS = 14; /** * Compute confidence (0-1) from evidence diversity, volume, and temporal spread. * * Confidence is the product of five sub-scores: * 1. Volume: log-scaled receipt count (saturates around 100 receipts) * 2. Diversity of principals: more distinct principals = harder to sybil * 3. Diversity of evidence classes: not all trivial tasks * 4. Success/failure balance: some failures are HEALTHIER than 100% success * (100% success with few interactions is suspicious) * 5. Temporal spread: evidence clustered in a short window is penalized * (prevents gaming through burst submissions — Nanook PDR paper §6.4) * * Each sub-score is [0, 1]. Final confidence = geometric mean (5th root). * This means ALL dimensions must be non-zero for meaningful confidence. */ export declare function computeConfidence(rep: ScopedReputation, opts?: { temporalSpreadDays?: number; }): number; /** * Deterministic evidence class from delegator-provided task metadata. * Classification is based on counting complexity signals across 4 dimensions. * The delegator sets TaskClassification BEFORE the agent executes, * preventing self-reported complexity gaming. */ export declare function classifyEvidence(tc: TaskClassification): EvidenceClass; /** * Resolve the highest tier an agent qualifies for based on effective score. * Cryptographic scarring: each past demotion increases the threshold. * Returns the TierDefinition the agent is at, NOT the next one. */ export declare function resolveAuthorityTier(effectiveScore: number, demotionCount?: number, tiers?: TierDefinition[]): TierDefinition; /** * Check if an agent should be demoted from their current tier. * Uses the demoteAt threshold (lower than promoteAt = hysteresis). * Only behavioral demotions increase the scarring counter. */ export declare function shouldDemote(effectiveScore: number, currentTier: number, tiers?: TierDefinition[]): boolean; /** * Compute effective autonomy level: min(delegation, tier). * Delegation says "you're allowed up to X." * Tier says "you've earned up to Y." * Neither can independently expand authority. */ export declare function effectiveAutonomy(delegationAutonomy: AutonomyLevel, tierAutonomy: AutonomyLevel): AutonomyLevel; export declare function effectiveSpendLimit(delegationSpend: number, tierMaxSpend: number): number; export declare function effectiveDelegationDepth(delegationMaxDepth: number, tierMaxDepth: number): number; /** * Classify the severity of a runtime profile change. * Returns null if profiles are identical. */ export declare function classifyRuntimeChange(oldProfile: RuntimeProfile, newProfile: RuntimeProfile): RuntimeChangeClass | null; /** * Compute new sigma after a runtime profile change. * Minor: small increase. Major: large reset. Architecture: full reset. */ export declare function sigmaAfterRuntimeChange(currentSigma: number, changeClass: RuntimeChangeClass): number; /** Default promotion requirements per tier. Higher tiers need more diverse evidence. */ export declare const DEFAULT_PROMOTION_REQUIREMENTS: Record; /** * Check if an evidence portfolio meets promotion requirements. * Returns pass/fail with specific reasons for each failed check. */ export declare function meetsPromotionRequirements(portfolio: EvidencePortfolio, requirements: PromotionRequirements): { eligible: boolean; failures: string[]; }; /** * Validate a promotion review's cryptographic signature and structural rules. * Pure function: verifies the Ed25519 signature and checks the structural * invariants (reviewer must be earned, reviewer tier > target tier, no * self-promotion). * * The inverse constructor `createPromotionReview` lives in * @aeoess/gateway (product workflow). Validation stays here because it is * pure input→output cryptographic verification. */ export declare function validatePromotionReview(review: PromotionReview, reviewerPublicKey: string): { valid: boolean; errors: string[]; }; /** * Check if an agent's earned tier permits a specific action. * Called alongside evaluateIntent() — not inside it (zero blast radius). * * Returns null if the tier check passes (agent has sufficient earned authority). * Returns TierEscalation if the action requires higher tier than earned. */ export declare function checkTierForIntent(opts: { tierContext: TierCheckContext; requestedAutonomy?: AutonomyLevel; requestedSpend?: number; requestedDepth?: number; }): TierEscalation | null; /** * Advisory soft precheck before intent creation. * Returns warnings but does NOT block the agent. * The agent can still create the intent — this is for ergonomics only. */ export declare function advisoryTierPrecheck(opts: { tierContext: TierCheckContext; requestedAutonomy?: AutonomyLevel; requestedSpend?: number; }): string[]; /** Minimum sigma — we never have perfect certainty */ export declare const MIN_SIGMA = 1; /** * Update reputation (mu, sigma) from an action result. * Success → mu increases, sigma decreases (more confident of capability). * Failure → mu decreases, sigma increases (less confident). * Higher evidence class → larger updates (complex tasks are more informative). */ export declare function updateReputationFromResult(rep: ScopedReputation, success: boolean, evidenceClass: EvidenceClass, /** Optional diversity metadata — pass to enable sybil-resistant confidence scoring */ diversityUpdate?: { principalHash?: string; taskType?: string; }): ScopedReputation; /** How many days of inactivity it takes for sigma to drift from MIN_SIGMA to * MAX_SIGMA at the default rate. 180 days is a deliberate round number: it * matches the typical employee-review cadence and is long enough that an * agent operating weekly never reaches max uncertainty from inactivity alone. */ export declare const DEFAULT_DECAY_DAYS = 180; /** Default drift rate per day, derived so that sigma traverses the full * [MIN_SIGMA, MAX_SIGMA] range in DEFAULT_DECAY_DAYS. Linear, not exponential — * the function is the discrete first-order step of a continuous diffusion. */ export declare const DEFAULT_DRIFT_RATE_PER_DAY: number; /** * Apply temporal decay to a reputation by growing sigma linearly with elapsed * time. Pure function — does not mutate input. * * Semantics: * - sigma += driftRatePerDay * (elapsedSeconds / 86400), clamped to * [MIN_SIGMA, maxSigma] * - mu is unchanged. Decay is uncertainty growth, not capability change. * - lastUpdatedAt is advanced by elapsedSeconds. The function does NOT * consult the system clock; elapsedSeconds is the authoritative delta. * - receiptCount is unchanged. Decay does not consume evidence. * - Idempotent: applyTemporalDecay(applyTemporalDecay(r, t1), t2) equals * applyTemporalDecay(r, t1 + t2) within floating-point tolerance, as long * as no clamp is reached in the intermediate step. * * @param rep Source reputation. Not mutated. * @param elapsedSeconds Non-negative seconds of elapsed time to apply. * @param opts.maxSigma Override the max sigma ceiling (default MAX_SIGMA = 25). * @param opts.driftRatePerDay Override the drift rate (default 24/180/day). * * Reference: Nanook PDR v2.19 §7.6.1, gap audit §5 rank 1. */ export declare function applyTemporalDecay(rep: ScopedReputation, elapsedSeconds: number, opts?: { maxSigma?: number; driftRatePerDay?: number; }): ScopedReputation; export interface ConfidenceBreakdown { /** Receipt-volume sub-score: log2(1+n) / log2(101). Range [0, 1]. */ volume: number; /** Distinct-principals sub-score: 0.2 + 0.2 * distinctPrincipals. Range [0, 1]. */ principal: number; /** Distinct-evidence-classes sub-score: 0.25 * distinctEvidenceClasses. Range [0, 1]. */ class: number; /** Failure-rate health sub-score. 1.0 in healthy 5-15% band, 0.2 above 50%, 0.5 if all-success and few interactions, 0.7 otherwise. */ health: number; /** Temporal-spread sub-score: 0.5 + 0.5 * min(spanDays/spreadDays, 1). Floor 0.5. */ temporal: number; /** Composite confidence equal to computeConfidence(rep). The 5-way geometric * mean of the sub-scores above (with rounding to 3 decimals as in computeConfidence). */ composite: number; } /** * Decompose computeConfidence(rep) into its five named sub-scores. * * The composite field is guaranteed equal to computeConfidence(rep) by * construction. The sub-scores reproduce the same internal calculation * computeConfidence performs, exposing them for inspection and re-weighting. * * In the early-exit cases where computeConfidence returns 0 (no diversity, * zero receipts, or zero success+failure events), all sub-scores are reported * as 0 so that any geometric or weighted mean over them also yields 0, * preserving the "re-weighting reproduces composite" invariant. * * Reference: Nanook PDR v2.19 §6.4, gap audit §3 row 17. */ export declare function confidenceBreakdown(rep: ScopedReputation): ConfidenceBreakdown; //# sourceMappingURL=reputation-authority.d.ts.map