import type { Delegation, RevocationRecord, ActionReceipt, SignedPassport, FloorAttestation } from '../types/passport.js'; import type { ScopedReputation, DemotionEvent } from '../types/reputation-authority.js'; import type { KeyRotationEntry } from '../types/identity.js'; export interface CursorPage { items: T[]; nextCursor?: string; hasMore: boolean; } export interface ReceiptFilter { agentId?: string; delegationId?: string; scope?: string; after?: string; before?: string; } export interface SpendReservation { reservationId: string; delegationId: string; amount: number; currency: string; reservedAt: string; expiresAt: string; status: 'reserved' | 'committed' | 'released'; } export interface SpendReservationResult { success: boolean; reservationId?: string; currentSpent?: number; limit?: number; reason?: string; } export interface StoredAgentRecord { agentId: string; passport: SignedPassport; attestation: FloorAttestation; registeredAt: string; metadata?: Record; } export interface GatewayCheckpoint { checkpointId: string; gatewayId: string; sequence: number; receiptHeadHash: string; stateRootHash: string; delegationCount: number; revocationCount: number; receiptCount: number; protocolVersion: string; createdAt: string; previousCheckpointHash: string; signature: string; } export interface IntegrityReport { schemaVersion: number; receiptChainValid: boolean; receiptCount: number; brokenLinks: string[]; delegationCount: number; revocationCount: number; checkpointSequence: number; checkpointValid: boolean; errors: string[]; } export type CheckpointCallback = (hash: string, sequence: number) => void | Promise; export interface StorageOperations { putAgent(agent: StoredAgentRecord): Promise; getAgent(agentId: string): Promise; listAgents(): Promise; putDelegation(delegation: Delegation): Promise; getDelegation(delegationId: string): Promise; getDelegationsForAgent(agentPublicKey: string): Promise; reserveSpend(delegationId: string, amount: number, currency: string, ttlSeconds?: number): Promise; commitSpend(reservationId: string): Promise; releaseSpend(reservationId: string): Promise; getSpentAmount(delegationId: string): Promise; appendRevocation(revocation: RevocationRecord): Promise; isRevoked(delegationId: string): Promise; getRevocationsBy(revokedBy: string): Promise; appendReceipt(receipt: ActionReceipt): Promise; getReceipt(receiptId: string): Promise; queryReceipts(filter: ReceiptFilter, limit?: number, cursor?: string): Promise>; getReceiptCount(agentId?: string, scope?: string): Promise; /** GDPR tombstone: redacts payload but preserves hash chain + signature */ tombstoneReceipt(receiptId: string, reason: string): Promise; getReputation(agentId: string, scope: string): Promise; putReputation(rep: ScopedReputation): Promise; appendDemotion(demotion: DemotionEvent): Promise; getDemotionCount(agentId: string): Promise; getDemotions(agentId: string): Promise; appendKeyRotation(entry: KeyRotationEntry): Promise; getKeyRotations(publicKey: string): Promise; checkAndStoreNonce(requestId: string, ttlSeconds: number): Promise; } export interface StorageBackend extends StorageOperations { /** Initialize the backend (create tables, run migrations, etc) */ initialize(): Promise; /** Clean shutdown */ close(): Promise; /** * Run multiple operations in an atomic ACID transaction. * If any operation throws, ALL operations roll back. * The callback receives a transactional StorageOperations object. * CRITICAL: Use tx methods inside the callback, not the outer backend. */ transaction(fn: (tx: StorageOperations) => Promise): Promise; /** * Verify integrity of persisted state on startup. * Checks: receipt chain hashes, checkpoint sequence monotonicity, * delegation/revocation consistency, schema version. * Gateway should enter read-only mode if this returns errors. */ verifyIntegrity(): Promise; /** * Rebuild derived state (reputation, spend totals) from event log. * Called when cache and events disagree, or after recovery. */ rebuildDerivedState(): Promise; /** Prune expired replay nonces and spend reservations */ pruneExpired(): Promise<{ nonces: number; reservations: number; }>; /** Generate and store a new checkpoint. Returns the checkpoint. */ createCheckpoint(gatewayId: string, gatewayPrivateKey: string): Promise; /** Get the latest checkpoint (for rollback detection on startup) */ getLatestCheckpoint(): Promise; /** Register a callback for external checkpoint anchoring. * Called after every createCheckpoint with (hash, sequence). * Default: noop. In production: log, webhook, email, etc. * The system cannot prove its own temporal integrity from within. */ onCheckpoint(callback: CheckpointCallback): void; /** Export receipts as a signed, self-contained verifiable bundle */ exportReceipts(filter: ReceiptFilter): Promise<{ receipts: ActionReceipt[]; chainValid: boolean; }>; } //# sourceMappingURL=types.d.ts.map