/**
 * Capability Algebra
 *
 * All permissions become typed objects that can be composed, restricted,
 * delegated, revoked, and reasoned about. Supports delegation chains,
 * attestations, constraint evaluation, and set-theoretic composition
 * (intersection for actions, union for constraints).
 *
 * @module @claude-flow/guidance/capabilities
 */
/**
 * Scope categories for capabilities
 */
export type CapabilityScope = 'tool' | 'memory' | 'network' | 'file' | 'model' | 'system';
/**
 * Constraint applied to a capability
 */
export interface CapabilityConstraint {
    /** Constraint type */
    type: 'rate-limit' | 'budget' | 'time-window' | 'condition' | 'scope-restriction';
    /** Type-specific parameters */
    params: Record<string, unknown>;
}
/**
 * Cryptographic attestation for a capability
 */
export interface Attestation {
    /** ID of the attesting agent or authority */
    attesterId: string;
    /** When the attestation was made (ms since epoch) */
    attestedAt: number;
    /** Claim being attested (e.g., "agent passed security audit") */
    claim: string;
    /** Optional evidence supporting the claim */
    evidence: string | null;
    /** Signature over the claim (hex-encoded) */
    signature: string;
}
/**
 * A typed permission object representing a granted capability
 */
export interface Capability {
    /** Unique capability identifier (UUID) */
    id: string;
    /** Scope category */
    scope: CapabilityScope;
    /** Target resource (tool name, namespace, path pattern, etc.) */
    resource: string;
    /** Allowed actions (e.g., 'read', 'write', 'execute', 'delete') */
    actions: string[];
    /** Active constraints on this capability */
    constraints: CapabilityConstraint[];
    /** Agent or authority that granted this capability */
    grantedBy: string;
    /** Agent this capability is granted to */
    grantedTo: string;
    /** When the capability was granted (ms since epoch) */
    grantedAt: number;
    /** When the capability expires, or null for no expiry */
    expiresAt: number | null;
    /** Whether this capability can be delegated to sub-agents */
    delegatable: boolean;
    /** Whether this capability has been revoked */
    revoked: boolean;
    /** When the capability was revoked, or null if not revoked */
    revokedAt: number | null;
    /** Attestations attached to this capability */
    attestations: Attestation[];
    /** Parent capability ID for delegation chains, or null for root grants */
    parentCapabilityId: string | null;
}
/**
 * Result of evaluating a capability check
 */
export interface CapabilityCheckResult {
    /** Whether the requested action is allowed */
    allowed: boolean;
    /** Capabilities that matched the check criteria */
    capabilities: Capability[];
    /** Human-readable reason for the decision */
    reason: string;
    /** Active constraints that applied during evaluation */
    constraints: CapabilityConstraint[];
}
/**
 * Capability Algebra
 *
 * Manages the lifecycle of typed capabilities: granting, restricting,
 * delegating, revoking, attesting, checking, and composing permissions.
 * All mutations produce new capability objects; the original is never
 * modified in place (except for revocation which is a state change).
 */
export declare class CapabilityAlgebra {
    /** All capabilities indexed by ID */
    private readonly capabilities;
    /** Index: agentId -> set of capability IDs */
    private readonly agentIndex;
    /** Index: parentCapabilityId -> set of child capability IDs */
    private readonly delegationIndex;
    /**
     * Grant a new root capability.
     *
     * Creates a capability with no parent (it is a root grant from an
     * authority to an agent).
     */
    grant(params: {
        scope: CapabilityScope;
        resource: string;
        actions: string[];
        grantedBy: string;
        grantedTo: string;
        constraints?: CapabilityConstraint[];
        expiresAt?: number | null;
        delegatable?: boolean;
    }): Capability;
    /**
     * Restrict a capability, producing a new capability with tighter constraints.
     *
     * Restrictions can only narrow permissions, never widen them:
     * - Actions can only be removed, never added
     * - Constraints can only be added, never removed
     * - Expiry can only be shortened, never extended
     * - Delegatable can only be set to false, never promoted to true
     */
    restrict(capability: Capability, restrictions: Partial<Capability>): Capability;
    /**
     * Delegate a capability to another agent.
     *
     * Creates a child capability with the new grantedTo agent. The parent
     * capability must have delegatable=true. Optional further restrictions
     * can be applied during delegation.
     *
     * @throws Error if the capability is not delegatable
     */
    delegate(capability: Capability, toAgentId: string, restrictions?: Partial<Capability>): Capability;
    /**
     * Expire a capability immediately by setting expiresAt to now.
     */
    expire(capabilityId: string): void;
    /**
     * Revoke a capability and cascade revocation to all delegated children.
     */
    revoke(capabilityId: string, _reason?: string): void;
    /**
     * Add an attestation to a capability.
     */
    attest(capabilityId: string, attestation: Omit<Attestation, 'attestedAt'>): void;
    /**
     * Check whether an agent is allowed to perform an action on a resource.
     *
     * Finds all non-revoked, non-expired capabilities for the agent that
     * match the requested scope and resource, checks if the requested action
     * is allowed, and verifies all constraints are satisfied.
     */
    check(agentId: string, scope: CapabilityScope, resource: string, action: string, context?: Record<string, unknown>): CapabilityCheckResult;
    /**
     * Get all capabilities granted to a specific agent.
     */
    getCapabilities(agentId: string): Capability[];
    /**
     * Get a capability by ID.
     */
    getCapability(id: string): Capability | undefined;
    /**
     * Get the full delegation chain from root to the given capability.
     *
     * Returns an array ordered from the root ancestor to the given capability.
     */
    getDelegationChain(capabilityId: string): Capability[];
    /**
     * Compose two capabilities via intersection.
     *
     * - Actions = intersection of both action sets
     * - Constraints = union of both constraint sets
     * - Expiry = the tighter (earlier) of the two
     * - Delegatable = true only if both are delegatable
     * - Scope and resource must match; throws if they differ
     *
     * @throws Error if scope or resource do not match
     */
    compose(cap1: Capability, cap2: Capability): Capability;
    /**
     * Check if inner's permission set is a subset of outer's.
     *
     * Returns true if:
     * - inner.scope === outer.scope
     * - inner.resource === outer.resource
     * - Every action in inner is present in outer
     * - inner.expiresAt is <= outer.expiresAt (or outer has no expiry)
     */
    isSubset(inner: Capability, outer: Capability): boolean;
    /**
     * Evaluate whether all constraints on a capability are satisfied.
     */
    private satisfiesConstraints;
    /**
     * Cascade revocation to all delegated children of a capability.
     */
    private cascadeRevoke;
    /**
     * Store a capability and update indices.
     */
    private store;
}
/**
 * Create a CapabilityAlgebra instance
 */
export declare function createCapabilityAlgebra(): CapabilityAlgebra;
//# sourceMappingURL=capabilities.d.ts.map