JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 91
  • Score
    100M100P100Q88126F
  • License MIT

Safe Commit for Autonomous Systems

Package Exports

  • @lyhna/bind
  • @lyhna/bind/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@lyhna/bind) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

@lyhna/bind

bind() is a commit gate for autonomous systems.

If a license/receipt exists, execution proceeds. If it doesn’t, execution cannot occur.

Lyhna turns “an agent wants to do something irreversible” into a signed, offline-verifiable receipt.

Install

npm i @lyhna/bind

(For deterministic demos, you can also install from a local tarball you packed:)

npm i ./lyhna-bind-0.1.0.tgz

API

This package exports two functions:

bind(request) → returns a signed receipt (LYHNA_RECEIPT_V1)

verifyReceipt(receipt) → returns true/false (offline verification)

Request shape (required fields)

{

action_type: string,

payload_hash: string,

authority_tier: "TIER_1" | "TIER_2" | "TIER_3" | "SOVEREIGN",

intent: string

}

Example: generate receipts + prove offline verification

Create demo.mjs with the following contents:

import fs from "node:fs";

import { bind } from "@lyhna/bind";

function write(name, obj) {

fs.writeFileSync(name, JSON.stringify(obj, null, 2), "utf8");

console.log(WROTE ${name} outcome=${obj.outcome});

}

async function main() {

const base = {

action_type: "vendor_payment",

payload_hash: "sha256:demo_payload_hash_001",

intent: "invoice_payment_v1",

};

// APPROVED (TIER_3)

const approved = await bind({ ...base, authority_tier: "TIER_3" });

write("receipt-approved.json", approved);

// ESCALATED (TIER_1)

const escalated = await bind({ ...base, authority_tier: "TIER_1" });

write("receipt-escalated.json", escalated);

// TAMPERED COPY (modify one field after signing)

const tampered = { ...approved, payload_hash: "sha256:TAMPERED_payload_hash_999" };

fs.writeFileSync("receipt-tampered.json", JSON.stringify(tampered, null, 2), "utf8");

console.log("WROTE receipt-tampered.json (tampered payload_hash)");

}

main().catch((e) => {

console.error(e);

process.exit(1);

});

Create verify.mjs with the following contents:

import fs from "node:fs";

import { verifyReceipt } from "@lyhna/bind";

const file = process.argv[2];

if (!file) {

console.error("Usage: node verify.mjs <receipt.json>");

process.exit(1);

}

const receipt = JSON.parse(fs.readFileSync(file, "utf8"));

const valid = await verifyReceipt(receipt);

console.log(JSON.stringify({ file, valid }, null, 2));

Run:

node demo.mjs

node verify.mjs receipt-approved.json

node verify.mjs receipt-escalated.json

node verify.mjs receipt-tampered.json

Expected:

receipt-approved.json → valid: true

receipt-escalated.json → valid: true

receipt-tampered.json → valid: false

CLI (if enabled)

If your install exposes the lyhna binary:

lyhna verify receipt-approved.json

(If the CLI isn’t wired yet, the verify.mjs script above is the canonical offline verifier.)