import type { SignedPassport, VerificationResult, Challenge } from '../types/passport.js'; import type { CoreVerifyClockOptions } from '../types/policy.js'; /** * Verify passport structural integrity and signature. * WARNING: Without trustedIssuers, this trusts self-signed passports. * For production, pass trustedIssuers to verify the passport was issued * by a known authority, not just self-signed. */ export declare function verifyPassport(signed: SignedPassport, opts?: { trustedIssuers?: string[]; /** M4. Uniform clock-skew option. When provided, passport expiry is * tolerated within `allowedClockSkewMs` of the verifier clock. Omitting * it preserves the prior exact-boundary behavior. This consolidates the * per-verifier skews in ap2 (`clock_skew_seconds`) and * instruction-provenance (`clockSkewMs`); those remain available. */ clock?: CoreVerifyClockOptions; }): VerificationResult; export declare function createChallenge(expiresInSeconds?: number): Challenge; export declare function verifyChallenge(challenge: Challenge, signatureHex: string, publicKeyHex: string): boolean; //# sourceMappingURL=verify.d.ts.map