@kya-os/mcp-i

/** * Delegation Credential Issuer * * Issues W3C Verifiable Credentials for delegations with Ed25519 signatures. * Follows the Python POC design (Delegation-Service.md:136-163) where * delegations are issued AS W3C VCs. * * Related Spec: MCP-I §4.1, §4.2, W3C VC Data Model 1.1 * Python Reference: Delegation-Service.md */ import { DelegationCredential, DelegationRecord } from '@kya-os/contracts/delegation'; import { CredentialStatus } from '@kya-os/contracts/vc'; import { AgentIdentity } from '../identity'; /** * Options for issuing a delegation credential */ export interface IssueDelegationOptions { /** VC ID (optional, will be generated if not provided) */ id?: string; /** Issuance date (optional, defaults to now) */ issuanceDate?: string; /** Expiration date (optional, derived from constraints if not provided) */ expirationDate?: string; /** Credential status for StatusList2021 (optional) */ credentialStatus?: CredentialStatus; /** Additional context URIs (optional) */ additionalContexts?: string[]; } /** * Delegation Credential Issuer * * Issues W3C Verifiable Credentials for delegations. * Per Python POC (Delegation-Service.md:136-146): * - Every delegation MUST be issued as a VC * - VC is signed with Ed25519 (Ed25519Signature2020) * - StatusList2021 support for efficient revocation */ export declare class DelegationCredentialIssuer { private identity; constructor(identity: AgentIdentity); /** * Issue a delegation credential * * Creates a W3C Verifiable Credential from a delegation record. * Signs it with Ed25519 and returns the complete DelegationCredential. * * @param delegation - The delegation record to issue as a VC * @param options - Issuance options * @returns Signed DelegationCredential */ issueDelegationCredential(delegation: DelegationRecord, options?: IssueDelegationOptions): Promise<DelegationCredential>; /** * Create a delegation record and issue it as a VC in one step * * Convenience method for creating a new delegation from scratch. * * @param params - Delegation parameters * @param options - Issuance options * @returns Signed DelegationCredential */ createAndIssueDelegation(params: { id: string; issuerDid: string; subjectDid: string; controller?: string; parentId?: string; constraints: DelegationRecord['constraints']; status?: DelegationRecord['status']; metadata?: Record<string, any>; }, options?: IssueDelegationOptions): Promise<DelegationCredential>; /** * Canonicalize VC for signing * * Uses JCS (JSON Canonicalization Scheme, RFC 8785) to create * a deterministic representation of the VC. * * @param vc - The unsigned VC * @returns Canonical JSON string */ private canonicalizeVC; /** * Sign VC with Ed25519 (Ed25519Signature2020) * * Creates an Ed25519Signature2020 proof for the VC. * Uses the same signing pattern as proof generation. * * @param vc - The unsigned VC * @param canonicalVC - The canonical representation for signing * @returns Proof object */ private signVC; /** * Format base64 private key as PKCS#8 PEM for JOSE library * * Same as proof generator format. */ private formatPrivateKeyAsPEM; /** * Get issuer DID * * @returns The DID of this issuer */ getIssuerDid(): string; /** * Get issuer key ID * * @returns The key ID of this issuer */ getIssuerKeyId(): string; } /** * Create a delegation credential issuer from identity * * Convenience factory function. * * @param identity - Agent identity * @returns DelegationCredentialIssuer instance */ export declare function createDelegationIssuer(identity: AgentIdentity): DelegationCredentialIssuer;