FlowGuard API - v1.2.0-tp.1
    Preparing search index...

    Function verifyTimestampTokensForEvents

    • Parameters

      • input: {
            events: readonly Readonly<
                {
                    id: string;
                    sessionId: string;
                    phase: string;
                    event: string;
                    timestamp: string;
                    actor: string;
                    auditFormatVersion?: "audit-chain.v1"
                    | "audit-chain.v2";
                    detail: Record<string, unknown>;
                    actorInfo?: Readonly<
                        {
                            id: string;
                            email: string
                            | null;
                            displayName?: string | null;
                            source: "unknown" | "env" | "git" | "claim" | "oidc";
                            assurance: "best_effort" | "claim_validated" | "idp_verified";
                            verificationMeta?: Readonly<
                                {
                                    issuer: string;
                                    audience: (...)[];
                                    keyId: string;
                                    algorithm: string;
                                    verifiedAt: string;
                                },
                            >;
                        },
                    >;
                    prevHash?: string;
                    chainHash?: string;
                    canonicalEventDigest?: string;
                    timestampEvidence?: {
                        status: | "local"
                        | "ntp_checked"
                        | "tsa_stamped"
                        | "tsa_verified"
                        | "tsa_failed";
                        source: "local_clock"
                        | "ntp"
                        | "tsa";
                        ntp?: { offsetMs: number; server: string; driftWarned: boolean };
                        tsa?: {
                            tokenDerBase64: string;
                            receivedAt: string;
                            messageImprint?: string;
                            digestAlgorithm?: string;
                            policyOid?: string;
                            serialNumber?: string;
                            tsaTimestamp?: string;
                            signerSubject?: string;
                            verificationStatus: "unchecked" | "valid" | "invalid";
                            verificationReason?: string;
                        };
                        warning?: string;
                        resolvedAt: string;
                    };
                    enforcementLevel?: "advisory"
                    | "synchronous"
                    | "hook_gated";
                },
            >[];
            verifier: TimestampVerifier;
            trustAnchors: readonly string[];
        }

      Returns Promise<TimestampTokenVerificationResult>