/** * Reasons emitted when identity composition verification fails. * Aligned with the A2A composition-contract RFC §5 error shape * (edisonduran/agent-did spec/a2a-composition-contract). */ export type IdentityCompositionErrorReason = 'rotation_window_closed' | 'emergency_revoked' | 'key_purpose_violation' | 'tampered'; export interface IdentityCompositionErrorContext { keyId?: string; expectedPurpose?: 'assertionMethod' | 'authentication' | 'capabilityDelegation' | 'keyAgreement' | 'capabilityInvocation'; foundIn?: ReadonlyArray; [key: string]: unknown; } export declare class IdentityCompositionError extends Error { readonly reason: IdentityCompositionErrorReason; readonly context?: IdentityCompositionErrorContext | undefined; constructor(reason: IdentityCompositionErrorReason, message: string, context?: IdentityCompositionErrorContext | undefined); } /** * Asserts that the given keyId is authorized for the required verification * relationship in the resolved DID document. Throws IdentityCompositionError * with reason='key_purpose_violation' if not. * * Implements the §6.3 normative requirement that the per-request signature key * MUST resolve to a verification method whose verification relationship in the * resolved DID document matches the operation context (typically assertionMethod). */ export declare function assertKeyPurpose(keyId: string, didDoc: { assertionMethod?: ReadonlyArray; authentication?: ReadonlyArray; capabilityDelegation?: ReadonlyArray; keyAgreement?: ReadonlyArray; capabilityInvocation?: ReadonlyArray; }, requiredPurpose: NonNullable): void; //# sourceMappingURL=identity-composition-error.d.ts.map