import type { ActionReceipt } from '../accountability/types/action.js'; export type RejectReason = 'INVALID_CLAIM_TYPE' | 'RECEIPT_ID_MISMATCH' | 'SIGNATURE_INVALID' | 'DELEGATION_EXPIRED' | 'DELEGATION_REVOKED' | 'OVER_BUDGET' | 'WRONG_PRINCIPAL' | 'STALE_POLICY' | 'REPLAYED' | 'WRONG_CLAIM' | 'POLICY_NOT_EXECUTED'; /** The closed set of crypto-layer reasons, for callers that want to * branch on which layer surfaced a rejection without re-running the * verifier. Mirrors {@link RejectReason}'s crypto subset. */ export declare const CRYPTO_LAYER_REASONS: readonly RejectReason[]; export interface ReceiptContext { now: string; /** Delegation chain root the verifier currently treats as authoritative. */ active_delegation_root: string; /** Delegation expiry, ISO 8601. Receipt timestamp must be at or before this. */ delegation_expires_at: string; /** Delegation roots the verifier has seen revoked. */ revoked_delegation_roots: string[]; /** Budget ceiling, integer base units. */ budget_base_units: bigint; /** Cost the receipt's action draws against the budget, base units. */ action_cost_base_units: bigint; /** Principal the verifier expects to be accountable. */ expected_principal_did: string; /** Policy version the verifier currently enforces. */ active_policy_version: number; /** Policy version actually evaluated, carried in the receipt's policy_ref. */ evaluated_policy_version: number; /** receipt_ids the verifier has already accepted in this window. */ seen_receipt_ids: string[]; /** The claim the receipt is being presented to support. */ presented_as_claim_type: string; /** Whether an execution attestation accompanies the policy decision. */ execution_attested: boolean; } export interface ContextVerifyResult { valid: boolean; reason?: RejectReason; } /** * Context-layer verification. Runs the crypto verifier first, then the * verifier-responsibility checks an external party MUST apply before * treating a receipt as authoritative. Order matters: a tampered or * unsigned receipt is rejected before any context is consulted. * * Pure and offline. No I/O, no network, no clock read; the verifier's * notion of "now" and "already seen" is supplied entirely through * {@link ReceiptContext}. */ export declare function verifyReceiptContext(receipt: ActionReceipt, ctx: ReceiptContext): ContextVerifyResult; //# sourceMappingURL=context.d.ts.map