/** * Interface for pluggable key storage backends. * Implementations must handle key material securely. */ export interface KeyStorageBackend { /** Store a keypair under an agent ID */ store(agentId: string, privateKey: string, publicKey: string): Promise; /** Retrieve a keypair by agent ID. Returns null if not found. */ retrieve(agentId: string): Promise<{ privateKey: string; publicKey: string; } | null>; /** Delete a stored keypair */ delete(agentId: string): Promise; /** List all stored agent IDs */ list(): Promise; } /** * Default in-memory key storage. Keys stored as raw hex in a Map. * WARNING: Not safe for production — keys lost on process restart, * no encryption at rest. */ export declare class InMemoryKeyStorage implements KeyStorageBackend { private keys; store(agentId: string, privateKey: string, publicKey: string): Promise; retrieve(agentId: string): Promise<{ privateKey: string; publicKey: string; } | null>; delete(agentId: string): Promise; list(): Promise; } /** * Encrypted file key storage. Keys encrypted with AES-256-GCM * using a password-derived key (scrypt). Stores as JSON file. * Better than raw hex — suitable for development and testing. * For production, implement HSM/KMS backend. */ export declare class EncryptedFileKeyStorage implements KeyStorageBackend { private password; private filePath; private cache; private loaded; constructor(filePath: string, password: string); private encrypt; private decrypt; private load; private save; store(agentId: string, privateKey: string, publicKey: string): Promise; retrieve(agentId: string): Promise<{ privateKey: string; publicKey: string; } | null>; delete(agentId: string): Promise; list(): Promise; } //# sourceMappingURL=key-storage.d.ts.map