ubl_wasm/

lib.rs

//! UBL WASM — Chip execution engine for WebAssembly
//!
//! CONSTITUTION: Decoder ≠ Canon
//! - serde_json: decoder-only (from_str::<T> into TYPED structs)
//! - json_atomic: canonizer (ONLY source of canonical bytes / stable hashing)
//! - NEVER serde_json::Value, NEVER json!, NEVER Map as semantic model.

use wasm_bindgen::prelude::*;
use serde::{Deserialize, Serialize};
use json_atomic::canonize;
use std::collections::BTreeMap;

// ============================================================================
// TYPED STRUCTS — the only semantic truth
// ============================================================================

#[derive(Debug, Clone, Deserialize, Serialize)]
pub struct ChipInput {
    pub did: String,
    pub cid: String,
    pub logic: LogicExpr,
}

// LogicExpr supports typical JSON policy AST forms:
// - {">=":[{"$ref":"user.age"}, 18]}
// - {"and":[ {...}, {...} ]}
// - {"or":[ {...}, {...} ]}
// - {"not": {...}}
// - true / false
#[derive(Debug, Clone, Deserialize, Serialize)]
#[serde(untagged)]
pub enum LogicExpr {
    Bool(bool),
    OpMap(BTreeMap<String, serde_json::Value>), // decoder-only intermediate; immediately retyped in parse_op()
}

#[derive(Debug, Clone)]
pub enum Op {
    Gte([Operand; 2]),
    Lte([Operand; 2]),
    Gt([Operand; 2]),
    Lt([Operand; 2]),
    Eq([Operand; 2]),
    And(Vec<LogicExprStrict>),
    Or(Vec<LogicExprStrict>),
    Not(Box<LogicExprStrict>),
}

#[derive(Debug, Clone)]
pub enum LogicExprStrict {
    Bool(bool),
    Op(Op),
}

#[derive(Debug, Clone, Deserialize, Serialize)]
#[serde(untagged)]
pub enum Operand {
    LiteralNumber(f64),
    LiteralBool(bool),
    LiteralString(String),
    Ref(RefOperand),
}

#[derive(Debug, Clone, Deserialize, Serialize)]
pub struct RefOperand {
    #[serde(rename = "$ref")]
    pub path: String,
}

// Context is a typed tree (no serde_json::Value)
#[derive(Debug, Clone, Deserialize, Serialize)]
pub struct Context {
    #[serde(flatten)]
    pub fields: BTreeMap<String, ContextValue>,
}

#[derive(Debug, Clone, Deserialize, Serialize)]
#[serde(untagged)]
pub enum ContextValue {
    Null,
    Bool(bool),
    Number(f64),
    String(String),
    Array(Vec<ContextValue>),
    Object(BTreeMap<String, ContextValue>),
}

#[derive(Debug, Clone, Serialize)]
pub struct DecisionOutput {
    pub reason: String,
    pub result: bool,
}

#[derive(Debug, Clone, Serialize)]
pub struct ChipResult {
    pub chip_cid: String,
    pub decision_cid: String,
    pub did: String,
    pub reason: String,
    pub result: bool,
}

// ============================================================================
// WASM EXPORTS
// ============================================================================

#[wasm_bindgen]
pub fn blake3_hex(data: &[u8]) -> String {
    blake3::hash(data).to_hex().to_string()
}

#[wasm_bindgen]
pub fn canonicalize_context(ctx_json: &str) -> Result<String, JsValue> {
    // decoder-only parse into typed Context
    let ctx: Context = serde_json::from_str(ctx_json)
        .map_err(|e| JsValue::from_str(&format!("Parse error: {}", e)))?;

    // canonize uses json_atomic only
    let bytes = canonize(&ctx.fields)
        .map_err(|e| JsValue::from_str(&format!("Canonize error: {}", e)))?;

    String::from_utf8(bytes)
        .map_err(|e| JsValue::from_str(&format!("UTF-8 error: {}", e)))
}

#[wasm_bindgen]
pub fn decision_cid(
    did: &str,
    chip_cid: &str,
    ctx_json: &str,
    result: bool,
    reason: &str,
) -> Result<String, JsValue> {
    let ctx: Context = serde_json::from_str(ctx_json)
        .map_err(|e| JsValue::from_str(&format!("Parse error: {}", e)))?;

    let ctx_canon = canonize(&ctx.fields)
        .map_err(|e| JsValue::from_str(&format!("Canonize error: {}", e)))?;

    let out = DecisionOutput {
        reason: reason.to_string(),
        result,
    };

    let out_canon = canonize(&out)
        .map_err(|e| JsValue::from_str(&format!("Canonize error: {}", e)))?;

    // IMPORTANT: keep the preimage format stable forever (constitution string)
    let mut preimage = Vec::new();
    preimage.extend_from_slice(b"UBL_DECISION_V1\0");
    preimage.extend_from_slice(did.as_bytes());
    preimage.push(0);
    preimage.extend_from_slice(chip_cid.as_bytes());
    preimage.push(0);
    preimage.extend_from_slice(&ctx_canon);
    preimage.push(0);
    preimage.extend_from_slice(&out_canon);

    Ok(blake3_hex(&preimage))
}

#[wasm_bindgen]
pub fn evaluate_chip(chip_json: &str, ctx_json: &str) -> Result<String, JsValue> {
    // chip decode (typed)
    let chip: ChipInput = serde_json::from_str(chip_json)
        .map_err(|e| JsValue::from_str(&format!("Parse chip error: {}", e)))?;

    // ctx decode (typed)
    let ctx: Context = serde_json::from_str(ctx_json)
        .map_err(|e| JsValue::from_str(&format!("Parse ctx error: {}", e)))?;

    // normalize logic into strict typed expression
    let strict = to_strict(&chip.logic)
        .map_err(|e| JsValue::from_str(&format!("Logic parse error: {}", e)))?;

    let (result, reason) = eval_logic(&strict, &ctx);

    let cid = decision_cid(&chip.did, &chip.cid, ctx_json, result, &reason)?;

    let out = ChipResult {
        chip_cid: chip.cid.clone(),
        decision_cid: cid,
        did: chip.did.clone(),
        reason,
        result,
    };

    let bytes = canonize(&out)
        .map_err(|e| JsValue::from_str(&format!("Canonize error: {}", e)))?;

    String::from_utf8(bytes)
        .map_err(|e| JsValue::from_str(&format!("UTF-8 error: {}", e)))
}

// ============================================================================
// LOGIC NORMALIZATION (serde_json only as decoder-only intermediate)
// ============================================================================

fn to_strict(expr: &LogicExpr) -> Result<LogicExprStrict, String> {
    match expr {
        LogicExpr::Bool(b) => Ok(LogicExprStrict::Bool(*b)),
        LogicExpr::OpMap(map) => {
            if map.len() != 1 {
                return Err("Logic op map must have exactly 1 key".to_string());
            }
            let (k, v) = map.iter().next().unwrap();
            let op = parse_op(k, v)?;
            Ok(LogicExprStrict::Op(op))
        }
    }
}

fn parse_op(op: &str, v: &serde_json::Value) -> Result<Op, String> {
    match op {
        ">=" => Ok(Op::Gte(parse_two_operands(v)?)),
        "<=" => Ok(Op::Lte(parse_two_operands(v)?)),
        ">"  => Ok(Op::Gt(parse_two_operands(v)?)),
        "<"  => Ok(Op::Lt(parse_two_operands(v)?)),
        "==" => Ok(Op::Eq(parse_two_operands(v)?)),
        "and" => {
            let arr = v.as_array().ok_or("and expects array")?;
            let mut items = Vec::new();
            for item in arr {
                let e: LogicExpr = serde_json::from_value(item.clone()).map_err(|e| e.to_string())?;
                items.push(to_strict(&e)?);
            }
            Ok(Op::And(items))
        }
        "or" => {
            let arr = v.as_array().ok_or("or expects array")?;
            let mut items = Vec::new();
            for item in arr {
                let e: LogicExpr = serde_json::from_value(item.clone()).map_err(|e| e.to_string())?;
                items.push(to_strict(&e)?);
            }
            Ok(Op::Or(items))
        }
        "not" => {
            let e: LogicExpr = serde_json::from_value(v.clone()).map_err(|e| e.to_string())?;
            Ok(Op::Not(Box::new(to_strict(&e)?)))
        }
        _ => Err(format!("Unknown operator: {}", op)),
    }
}

fn parse_two_operands(v: &serde_json::Value) -> Result<[Operand; 2], String> {
    let arr = v.as_array().ok_or("comparison expects array")?;
    if arr.len() != 2 {
        return Err("comparison expects exactly 2 operands".to_string());
    }
    let a: Operand = serde_json::from_value(arr[0].clone()).map_err(|e| e.to_string())?;
    let b: Operand = serde_json::from_value(arr[1].clone()).map_err(|e| e.to_string())?;
    Ok([a, b])
}

// ============================================================================
// LOGIC EVALUATION (pure, no I/O)
// ============================================================================

fn eval_logic(expr: &LogicExprStrict, ctx: &Context) -> (bool, String) {
    match expr {
        LogicExprStrict::Bool(b) => (*b, format!("{}", b)),
        LogicExprStrict::Op(op) => match op {
            Op::Gte([a,b]) => eval_cmp(a,b,ctx,">=", |x,y| x>=y),
            Op::Lte([a,b]) => eval_cmp(a,b,ctx,"<=", |x,y| x<=y),
            Op::Gt([a,b])  => eval_cmp(a,b,ctx,">",  |x,y| x>y),
            Op::Lt([a,b])  => eval_cmp(a,b,ctx,"<",  |x,y| x<y),
            Op::Eq([a,b])  => eval_eq(a,b,ctx),
            Op::And(items) => {
                let mut reasons = Vec::new();
                for it in items {
                    let (r, rs) = eval_logic(it, ctx);
                    reasons.push(rs);
                    if !r {
                        return (false, format!("and(false): {}", reasons.join(" ∧ ")));
                    }
                }
                (true, format!("and(true): {}", reasons.join(" ∧ ")))
            }
            Op::Or(items) => {
                let mut reasons = Vec::new();
                for it in items {
                    let (r, rs) = eval_logic(it, ctx);
                    reasons.push(rs);
                    if r {
                        return (true, format!("or(true): {}", reasons.join(" ∨ ")));
                    }
                }
                (false, format!("or(false): {}", reasons.join(" ∨ ")))
            }
            Op::Not(inner) => {
                let (r, rs) = eval_logic(inner, ctx);
                (!r, format!("not({})", rs))
            }
        }
    }
}

fn eval_cmp<F>(a: &Operand, b: &Operand, ctx: &Context, op: &str, f: F) -> (bool, String)
where
    F: Fn(f64, f64) -> bool,
{
    let la = resolve_number(a, ctx);
    let lb = resolve_number(b, ctx);
    match (la, lb) {
        (Some(x), Some(y)) => {
            let r = f(x, y);
            (r, format!("{} {} {} = {}", x, op, y, r))
        }
        _ => (false, format!("invalid {} operands", op)),
    }
}

fn eval_eq(a: &Operand, b: &Operand, ctx: &Context) -> (bool, String) {
    let ra = resolve_any(a, ctx);
    let rb = resolve_any(b, ctx);
    let r = ra == rb;
    (r, format!("{:?} == {:?} = {}", ra, rb, r))
}

#[derive(Debug, Clone, PartialEq)]
enum AnyVal {
    Null,
    Bool(bool),
    Num(f64),
    Str(String),
}

fn resolve_any(op: &Operand, ctx: &Context) -> AnyVal {
    match op {
        Operand::LiteralNumber(n) => AnyVal::Num(*n),
        Operand::LiteralBool(b) => AnyVal::Bool(*b),
        Operand::LiteralString(s) => AnyVal::Str(s.clone()),
        Operand::Ref(r) => {
            match get_ctx_value(ctx, &r.path) {
                Some(ContextValue::Null) => AnyVal::Null,
                Some(ContextValue::Bool(b)) => AnyVal::Bool(*b),
                Some(ContextValue::Number(n)) => AnyVal::Num(*n),
                Some(ContextValue::String(s)) => AnyVal::Str(s.clone()),
                _ => AnyVal::Null,
            }
        }
    }
}

fn resolve_number(op: &Operand, ctx: &Context) -> Option<f64> {
    match op {
        Operand::LiteralNumber(n) => Some(*n),
        Operand::Ref(r) => match get_ctx_value(ctx, &r.path) {
            Some(ContextValue::Number(n)) => Some(*n),
            _ => None,
        },
        _ => None,
    }
}

fn get_ctx_value<'a>(ctx: &'a Context, path: &str) -> Option<&'a ContextValue> {
    let parts: Vec<&str> = path.split('.').collect();
    let mut cur = &ctx.fields;

    for (i, part) in parts.iter().enumerate() {
        let v = cur.get(*part)?;
        if i == parts.len() - 1 {
            return Some(v);
        }
        match v {
            ContextValue::Object(obj) => cur = obj,
            _ => return None,
        }
    }
    None
}