185 lines
5.7 KiB
TypeScript
185 lines
5.7 KiB
TypeScript
/**
|
|
* Proof Envelope - Cryptographic Evidence Trail
|
|
*
|
|
* Makes every run auditable and tamper-evident by producing a hash-chained,
|
|
* HMAC-signed envelope for each RunEvent. Each envelope captures:
|
|
*
|
|
* - SHA-256 content hash of the run event
|
|
* - Hash chain linking to the previous envelope (genesis = '0' x 64)
|
|
* - Individual tool call hashes
|
|
* - Memory lineage (reads/writes with value hashes)
|
|
* - HMAC-SHA256 signature over the entire envelope body
|
|
*
|
|
* @module @claude-flow/guidance/proof
|
|
*/
|
|
import type { RunEvent } from './types.js';
|
|
/**
|
|
* Record of a single tool invocation with its parameters and result.
|
|
*/
|
|
export interface ToolCallRecord {
|
|
/** Unique call identifier */
|
|
callId: string;
|
|
/** Name of the tool invoked */
|
|
toolName: string;
|
|
/** Parameters passed to the tool */
|
|
params: Record<string, unknown>;
|
|
/** Result returned by the tool */
|
|
result: unknown;
|
|
/** Timestamp of the call (epoch ms) */
|
|
timestamp: number;
|
|
/** Duration of the call in milliseconds */
|
|
durationMs: number;
|
|
}
|
|
/**
|
|
* Record of a memory read, write, or delete operation.
|
|
*/
|
|
export interface MemoryOperation {
|
|
/** Memory key */
|
|
key: string;
|
|
/** Memory namespace */
|
|
namespace: string;
|
|
/** Type of operation */
|
|
operation: 'read' | 'write' | 'delete';
|
|
/** SHA-256 hash of the value */
|
|
valueHash: string;
|
|
/** Timestamp of the operation (epoch ms) */
|
|
timestamp: number;
|
|
}
|
|
/**
|
|
* Entry in the memory lineage array stored inside a ProofEnvelope.
|
|
*/
|
|
export interface MemoryLineageEntry {
|
|
key: string;
|
|
namespace: string;
|
|
operation: 'read' | 'write' | 'delete';
|
|
hash: string;
|
|
}
|
|
/**
|
|
* Metadata attached to every proof envelope.
|
|
*/
|
|
export interface ProofEnvelopeMetadata {
|
|
agentId: string;
|
|
sessionId: string;
|
|
parentEnvelopeId?: string;
|
|
}
|
|
/**
|
|
* A cryptographically signed, hash-chained proof envelope.
|
|
*/
|
|
export interface ProofEnvelope {
|
|
/** Unique envelope identifier */
|
|
envelopeId: string;
|
|
/** Reference to the RunEvent this envelope covers */
|
|
runEventId: string;
|
|
/** ISO 8601 timestamp of envelope creation */
|
|
timestamp: string;
|
|
/** SHA-256 hash of the full RunEvent */
|
|
contentHash: string;
|
|
/** Hash of the previous envelope in the chain (genesis = '0'.repeat(64)) */
|
|
previousHash: string;
|
|
/** Map of tool call ID to SHA-256(toolName + params + result) */
|
|
toolCallHashes: Record<string, string>;
|
|
/** SHA-256 hash of the policy bundle used */
|
|
guidanceHash: string;
|
|
/** Lineage of memory operations during the run */
|
|
memoryLineage: MemoryLineageEntry[];
|
|
/** HMAC-SHA256 signature of the envelope content */
|
|
signature: string;
|
|
/** Contextual metadata */
|
|
metadata: ProofEnvelopeMetadata;
|
|
}
|
|
/**
|
|
* Serializable chain representation for export/import.
|
|
*/
|
|
export interface SerializedProofChain {
|
|
envelopes: ProofEnvelope[];
|
|
createdAt: string;
|
|
version: number;
|
|
}
|
|
/**
|
|
* A tamper-evident, hash-chained sequence of ProofEnvelopes.
|
|
*
|
|
* Each envelope links to the previous one via `previousHash`, forming
|
|
* a blockchain-like structure. Every envelope is HMAC-signed so any
|
|
* modification to the chain can be detected.
|
|
*/
|
|
export declare class ProofChain {
|
|
private envelopes;
|
|
private readonly signingKey;
|
|
constructor(signingKey: string);
|
|
/**
|
|
* Append a new ProofEnvelope to the chain.
|
|
*
|
|
* @param runEvent - The RunEvent to wrap
|
|
* @param toolCalls - Tool call records from the run
|
|
* @param memoryOps - Memory operations from the run
|
|
* @param metadata - Optional metadata overrides
|
|
* @returns The newly created and signed ProofEnvelope
|
|
*/
|
|
append(runEvent: RunEvent, toolCalls?: ToolCallRecord[], memoryOps?: MemoryOperation[], metadata?: Partial<ProofEnvelopeMetadata>): ProofEnvelope;
|
|
/**
|
|
* Verify a single envelope's HMAC signature and hash chain link.
|
|
*
|
|
* @returns true if the signature is valid and the previousHash is correct
|
|
*/
|
|
verify(envelope: ProofEnvelope): boolean;
|
|
/**
|
|
* Verify the entire chain from genesis to tip.
|
|
*
|
|
* Checks that every envelope:
|
|
* 1. Has a valid HMAC signature
|
|
* 2. Links correctly to the previous envelope's contentHash
|
|
*
|
|
* @returns true if the full chain is intact
|
|
*/
|
|
verifyChain(): boolean;
|
|
/**
|
|
* Retrieve an envelope by its ID.
|
|
*/
|
|
getEnvelope(id: string): ProofEnvelope | undefined;
|
|
/**
|
|
* Get the most recent envelope in the chain.
|
|
*/
|
|
getChainTip(): ProofEnvelope | undefined;
|
|
/**
|
|
* Get the number of envelopes in the chain.
|
|
*/
|
|
getChainLength(): number;
|
|
/**
|
|
* Export the chain as a serializable object.
|
|
*/
|
|
export(): SerializedProofChain;
|
|
/**
|
|
* Restore the chain from a previously exported object.
|
|
*
|
|
* Replaces the current chain contents entirely.
|
|
*/
|
|
import(data: SerializedProofChain): void;
|
|
/**
|
|
* Compute the SHA-256 content hash of a RunEvent.
|
|
*/
|
|
private computeContentHash;
|
|
/**
|
|
* Compute the SHA-256 hash of a single tool call.
|
|
*
|
|
* Hash = SHA-256(toolName + JSON(params) + JSON(result))
|
|
*/
|
|
private computeToolCallHash;
|
|
/**
|
|
* Produce the HMAC-SHA256 signature for an envelope.
|
|
*
|
|
* The signature covers every field except `signature` itself.
|
|
*/
|
|
private signEnvelope;
|
|
}
|
|
/**
|
|
* Create a new ProofChain instance.
|
|
*
|
|
* @param config - Configuration with a required `signingKey` for HMAC signing.
|
|
* Callers that previously relied on the optional signature must now provide
|
|
* an explicit key (see ADR-G026).
|
|
* @returns A fresh ProofChain
|
|
*/
|
|
export declare function createProofChain(config: {
|
|
signingKey: string;
|
|
}): ProofChain;
|
|
//# sourceMappingURL=proof.d.ts.map
|