@scopeblind/trusted-context

Trusted Context Builder (TCB v1). Turn an approved file (a positions or NAV export, a blotter, a mandate, a research folder) into a signed, offline-verifiable TrustedContextPack before any agent or gate operates over it.

The pack is a gate-tuple ({ payload, digest, signature, verification_key }): digest = sha256(canonical(payload)), the signature is Ed25519 over the 32 digest bytes, and verification_key is the raw 32-byte key in hex. It re-verifies offline with the open @veritasacta/verify tool and no ScopeBlind code.

Fail closed. gate_status is usable | needs_approval | blocked, derived from the parse confidence and freshness. A low-confidence or stale parse is never silently fed to a decision. The consumer (requireUsablePack / positionsFromPack / navFromPack) refuses anything that is not usable unless a human approves it, and a relabel guard rejects any pack whose gate_status does not follow from its signed confidence and freshness.

Zero runtime dependencies (node:crypto). Signing is injected, so the private key stays wherever it belongs (a signer worker, a vault).

import { ingestSource, verifyTrustedContextPack, ed25519Signer } from '@scopeblind/trusted-context'

const signer = ed25519Signer() // or signerFromPrivateKeyPem(bridgeKeyPem)
const pack = ingestSource({ file_name: 'positions.csv', bytes: csv }, { workspace_id: 'fund' }, signer)
verifyTrustedContextPack(pack) // { valid: true, gate_status: 'usable', ... }

What a pack proves: these exact bytes parsed to this context at this confidence and freshness, signed by this key. What it does not prove: that the source file is authentic, complete, or the fund's true book; that needs a custodian-signed or DKIM/PAdES source (a stronger tier).

License: Apache-2.0.