axon-frontend 0.18.0

AXON compiler frontend — lexer, parser, AST, epistemic type system, type checker, IR generator. Zero runtime dependencies. v0.18.0 adds the Request Binding Contract totality check — an axonendpoint's `execute:` flow parameters must be covered by its `body:` type, proven at compile time (Fase 37). v0.17.0 adds `in_memory` to the axonstore backend catalog — the agent pattern runs with zero infrastructure (Fase 36.x). v0.12.0 ships Fase 33.z.k Wire-format adapter cycle: parametrized transport grammar `transport: sse(<dialect>)` + closed 5-dialect catalog AXONENDPOINT_TRANSPORT_DIALECTS `{axon, openai, kimi, glm, anthropic}` + resolve_effective_dialect resolver (Q1 default rules) + AxonEndpointDefinition.transport_dialect AST field. v0.11.0 Fase 32 Axonendpoint as First-Class HTTP REST. v0.10.0 Fase 31 Type-Driven Wire Inference. v0.9.0 Fase 30 HTTP transport. v0.2.0–v0.8.0 earlier compiler cycles.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210

//! Refinement types — `Trusted<T>` / `Untrusted<T>` + closed Trust Catalog.
//!
//! §λ-L-E Fase 11.a — Temporal Algebraic Effects + Trust Types.
//!
//! Axon's type system tracks a payload's *refinement status* at the
//! type level. An `Untrusted<T>` value — e.g. an HTTP body, a
//! WebSocket frame, an OAuth2 redirect code — cannot reach any effect
//! that consumes `Trusted<T>` unless it first passes through a
//! verifier registered in [`TRUST_CATALOG`]. Forgetting to verify =
//! compile-time error emitted by [`crate::type_checker`].
//!
//! The catalogue is **closed**: adding a new proof kind requires a
//! compiler patch + security review, because new verifiers are a
//! load-bearing security boundary. An adopter who wants to refine
//! payloads by some custom predicate must contribute the verifier
//! upstream — not wire their own `verify_hmac` with a non-constant-
//! time comparison.
//!
//! Naming is generic: Axon is adopter-agnostic. These primitives exist
//! at the language layer and are consumed by any adopter that needs
//! to validate HMAC-signed webhooks, JWT-bearing requests, OAuth2
//! code exchanges, or Ed25519-signed detached payloads.

use std::fmt;

// ── Closed catalogue ─────────────────────────────────────────────────

/// Canonical identifiers of the verifiers that can produce a
/// `Trusted<T>` from an `Untrusted<T>`. Each identifier maps to a
/// runtime impl in [`crate::trust_verifiers`].
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
pub enum TrustProof {
    /// HMAC-SHA256 over the raw payload with a shared secret; used for
    /// webhook signature verification (Stripe, GitHub, generic HMAC).
    Hmac,
    /// JWT signature verification (RS256/RS384/RS512) via a JWKS
    /// endpoint. Shared with Fase 10.e's [`crate::jwt_verifier`].
    JwtSig,
    /// OAuth2 authorization-code exchange using PKCE S256. Returns an
    /// access token proof that the bearer controls the code verifier.
    OAuthCodeExchange,
    /// Ed25519 detached signature verification (Sigstore-style).
    Ed25519,
}

impl TrustProof {
    /// Every variant. Keeping this as an explicit slice ensures the
    /// compiler errors if we add a variant without updating the
    /// catalogue consumers.
    pub const ALL: &'static [TrustProof] = &[
        TrustProof::Hmac,
        TrustProof::JwtSig,
        TrustProof::OAuthCodeExchange,
        TrustProof::Ed25519,
    ];

    /// Slug used in source text — appears in `#[refines(...)]`
    /// annotations and in [`crate::type_checker`] diagnostics.
    pub fn slug(self) -> &'static str {
        match self {
            TrustProof::Hmac => "hmac",
            TrustProof::JwtSig => "jwt_sig",
            TrustProof::OAuthCodeExchange => "oauth_code_exchange",
            TrustProof::Ed25519 => "ed25519",
        }
    }

    /// Resolve a slug to a proof, returning `None` for unknown
    /// identifiers. The checker uses this to reject annotations that
    /// don't map to the closed catalogue.
    pub fn from_slug(slug: &str) -> Option<TrustProof> {
        Self::ALL.iter().copied().find(|p| p.slug() == slug)
    }
}

impl fmt::Display for TrustProof {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        f.write_str(self.slug())
    }
}

/// Catalogue lookup for the checker's diagnostic messages.
///
/// ```text
/// error: unknown trust proof 'crc32'. Valid: hmac, jwt_sig, oauth_code_exchange, ed25519
/// ```
pub const TRUST_CATALOG: &[&str] = &["hmac", "jwt_sig", "oauth_code_exchange", "ed25519"];

// ── Refinement type names ────────────────────────────────────────────

/// Type constructor names the checker recognises at the AST level.
/// Both take a single generic parameter (`Trusted<HttpBody>`,
/// `Untrusted<WsFrame>`). The parameter itself is an arbitrary type;
/// the refinement is carried by the constructor.
pub const TRUSTED_TYPE_CTOR: &str = "Trusted";
pub const UNTRUSTED_TYPE_CTOR: &str = "Untrusted";

/// True when `name` is one of the refinement constructors.
pub fn is_refinement_type(name: &str) -> bool {
    name == TRUSTED_TYPE_CTOR || name == UNTRUSTED_TYPE_CTOR
}

/// True when `name` is specifically the safe-to-consume side.
pub fn is_trusted_type(name: &str) -> bool {
    name == TRUSTED_TYPE_CTOR
}

/// True when `name` is specifically the unsafe side.
pub fn is_untrusted_type(name: &str) -> bool {
    name == UNTRUSTED_TYPE_CTOR
}

// ── Refinement annotation parsing ────────────────────────────────────

/// A `#[refines(proof, ...options...)]` annotation attached to a
/// function body or to a specific `let` binding, declaring that the
/// body produces a `Trusted<T>` iff the named proof succeeds.
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct RefinementAnnotation {
    pub proof: TrustProof,
    /// Raw `key=value` pairs accepted by the verifier (e.g.
    /// `key=env.HMAC_KEY`, `algorithm=SHA256`). The checker does not
    /// interpret these; the runtime verifier does.
    pub options: Vec<(String, String)>,
}

/// Parse a refinement annotation body of the form `hmac` or
/// `hmac, key=env.HMAC_KEY`. Returns `None` when the proof slug is not
/// in [`TRUST_CATALOG`] so the checker can emit a targeted error.
pub fn parse_refinement_annotation(body: &str) -> Option<RefinementAnnotation> {
    let mut parts = body.split(',').map(|p| p.trim());
    let proof_slug = parts.next()?.trim();
    let proof = TrustProof::from_slug(proof_slug)?;

    let mut options = Vec::new();
    for raw in parts {
        if raw.is_empty() {
            continue;
        }
        if let Some((k, v)) = raw.split_once('=') {
            options.push((k.trim().to_string(), v.trim().to_string()));
        } else {
            // Malformed option — signal by returning None so the
            // checker can emit `expected key=value, got '<raw>'`.
            return None;
        }
    }
    Some(RefinementAnnotation { proof, options })
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn slug_roundtrip_covers_closed_catalog() {
        for proof in TrustProof::ALL {
            let slug = proof.slug();
            assert_eq!(Some(*proof), TrustProof::from_slug(slug));
            assert!(TRUST_CATALOG.contains(&slug));
        }
        assert_eq!(TrustProof::ALL.len(), TRUST_CATALOG.len());
    }

    #[test]
    fn unknown_slug_is_rejected() {
        assert!(TrustProof::from_slug("crc32").is_none());
        assert!(TrustProof::from_slug("").is_none());
        assert!(TrustProof::from_slug("HMAC").is_none()); // case-sensitive
    }

    #[test]
    fn refinement_constructors_recognised() {
        assert!(is_refinement_type("Trusted"));
        assert!(is_refinement_type("Untrusted"));
        assert!(!is_refinement_type("Option"));
        assert!(!is_refinement_type("trusted")); // case-sensitive
    }

    #[test]
    fn parse_annotation_minimal() {
        let ann = parse_refinement_annotation("hmac").unwrap();
        assert_eq!(ann.proof, TrustProof::Hmac);
        assert!(ann.options.is_empty());
    }

    #[test]
    fn parse_annotation_with_options() {
        let ann = parse_refinement_annotation("hmac, key=env.HMAC_KEY, algorithm=SHA256").unwrap();
        assert_eq!(ann.proof, TrustProof::Hmac);
        assert_eq!(
            ann.options,
            vec![
                ("key".to_string(), "env.HMAC_KEY".to_string()),
                ("algorithm".to_string(), "SHA256".to_string()),
            ]
        );
    }

    #[test]
    fn parse_annotation_rejects_unknown_proof() {
        assert!(parse_refinement_annotation("crc32, key=foo").is_none());
    }

    #[test]
    fn parse_annotation_rejects_malformed_option() {
        // 'key_without_value' has no '=' sign.
        assert!(parse_refinement_annotation("hmac, key_without_value").is_none());
    }
}