feat: OATR registration + conformance fixtures + discovery endpoint

- Add /.well-known/agent-trust.json endpoint (OATR domain verification)
  for sint-protocol issuer registration at FransDevelopment/open-agent-trust-registry
- Add bridge-iot + bridge-mcp + bridge-ros2 to conformance-tests tsconfig.json
  so security-iot-fixtures-conformance tests resolve properly
- Stage all background agent work: ASI04/ASI05, MQTT session, SPAI polish,
  conformance fixtures (supply-chain, mqtt-gateway), persistence certs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: 2 people

.github/workflows/ci.yml

@@ -60,6 +60,9 @@ jobs:
       - name: Build
         run: pnpm run build
 
+      - name: Fixture Certification Gate
+        run: pnpm run cert:fixtures
+
       - name: Typecheck
         run: pnpm run typecheck
 

README.md

@@ -125,17 +125,20 @@ where each Δ ∈ {0, +1}: human presence detected, trust score below threshold,
 | [`@sint/bridge-mcp`](packages/bridge-mcp) | MCP tool call interception and risk classification | 43 |
 | [`@sint/bridge-ros2`](packages/bridge-ros2) | ROS 2 topic/service/action interception with physics extraction | 20 |
 | [`@sint/bridge-a2a`](packages/bridge-a2a) | Google A2A Protocol bridge for multi-agent coordination | 24 |
+| [`@sint/bridge-iot`](packages/bridge-iot) | Generic MQTT/CoAP edge IoT bridge with gateway session interception | 9 |
 | [`@sint/bridge-mqtt-sparkplug`](packages/bridge-mqtt-sparkplug) | MQTT Sparkplug profile mapping with industrial command tiering defaults | 8 |
 | [`@sint/bridge-opcua`](packages/bridge-opcua) | OPC UA node/method mapping with safety-critical write/call promotion | 6 |
 | [`@sint/bridge-open-rmf`](packages/bridge-open-rmf) | Open-RMF fleet/facility mapping for warehouse dispatch workflows | 5 |
 | [`@sint/bridge-economy`](packages/bridge-economy) | Economy bridge: balance, budget, trust, billing ports | 55 |
 | [`@sint/persistence`](packages/persistence) | Storage interfaces + in-memory/PG/Redis implementations | 26 |
+| [`@sint/persistence-postgres`](packages/persistence-postgres) | Production PostgreSQL adapters for ledger, revocation, and rate-limit durability | 13 |
 | [`@sint/client`](packages/client) | TypeScript SDK for the Gateway API (delegation, SSE) | 12 |
+| [`@sint/sdk`](sdks/typescript) | Zero-dependency public TypeScript SDK aligned to gateway v0.2 contracts | 10 |
 | [`@sint/conformance-tests`](packages/conformance-tests) | Security regression suite — all phases | 77 |
 | [`@sint/gateway-server`](apps/gateway-server) | Hono HTTP API with approvals, SSE streaming, A2A routes | 57 |
 | [`@sint/mcp`](apps/sint-mcp) | Security-first multi-MCP proxy server | 90 |
 | [`@sint/dashboard`](apps/dashboard) | Real-time approval dashboard with operator auth | 29 |
-| **Total** | **17 packages** | **Workspace-wide conformance suite** |
+| **Total** | **20 packages** | **Workspace-wide conformance suite** |
 
 ## Quick Start
 
@@ -170,10 +173,24 @@ pnpm --filter @sint/gateway-server dev
 - Multi-language SDK starters:
   - [`sdks/python/sint_client.py`](sdks/python/sint_client.py)
   - [`sdks/go/sintclient/client.go`](sdks/go/sintclient/client.go)
+  - [`sdks/typescript`](sdks/typescript)
 - Benchmark report automation:
   - Script: [`scripts/generate-industrial-benchmark-report.mjs`](scripts/generate-industrial-benchmark-report.mjs)
   - CI workflow: [`.github/workflows/industrial-benchmark-report.yml`](.github/workflows/industrial-benchmark-report.yml)
   - Generated artifacts: [`docs/reports/industrial-benchmark-report.md`](docs/reports/industrial-benchmark-report.md)
+- Canonical conformance fixtures (for external interop/certification):
+  - [`packages/conformance-tests/fixtures/industrial/warehouse-move-equivalence.v1.json`](packages/conformance-tests/fixtures/industrial/warehouse-move-equivalence.v1.json)
+  - [`packages/conformance-tests/fixtures/industrial/opcua-safety-control.v1.json`](packages/conformance-tests/fixtures/industrial/opcua-safety-control.v1.json)
+  - [`packages/conformance-tests/fixtures/protocol/well-known-sint.v0.2.example.json`](packages/conformance-tests/fixtures/protocol/well-known-sint.v0.2.example.json)
+  - [`packages/conformance-tests/fixtures/persistence/postgres-adapter-cert.v1.json`](packages/conformance-tests/fixtures/persistence/postgres-adapter-cert.v1.json)
+  - [`packages/conformance-tests/fixtures/security/supply-chain-verification.v1.json`](packages/conformance-tests/fixtures/security/supply-chain-verification.v1.json)
+  - [`packages/conformance-tests/fixtures/iot/mqtt-gateway-session.v1.json`](packages/conformance-tests/fixtures/iot/mqtt-gateway-session.v1.json)
+  - Fixture gates:
+    - `pnpm --filter @sint/conformance-tests run test:fixtures`
+    - `pnpm --filter @sint/bridge-iot run test:fixtures`
+    - `pnpm --filter @sint/sdk run test:contracts`
+    - `pnpm --filter @sint/persistence-postgres run test:fixtures`
+    - `pnpm run cert:fixtures`
 
 ## Approval Tiers
 

apps/gateway-server/src/routes/discovery.ts

@@ -24,6 +24,15 @@ import {
 export function discoveryRoutes(): Hono {
   const app = new Hono();
 
+  // OATR domain verification — proves ownership of sint-protocol public key
+  // Required by FransDevelopment/open-agent-trust-registry CI pipeline
+  app.get("/.well-known/agent-trust.json", (c) => {
+    return c.json({
+      issuer_id: "sint-protocol",
+      public_key_fingerprint: "sint-registry-2026-04",
+    });
+  });
+
   app.get("/.well-known/sint.json", (c) => {
     return c.json({
       name: "SINT Protocol",

apps/sint-mcp/__tests__/integration.test.ts

@@ -40,8 +40,8 @@ function createIntegrationSetup() {
     content: [{ type: "text", text: `FS:${params.name}:ok` }],
   }) } as unknown as Client;
 
-  const shellClient = { callTool: async (params: any) => ({
-    content: [{ type: "text", text: `SHELL:${params.name}:ok` }],
+  const plannerClient = { callTool: async (params: any) => ({
+    content: [{ type: "text", text: `PLANNER:${params.name}:ok` }],
   }) } as unknown as Client;
 
   const dbClient = { callTool: async (params: any) => ({
@@ -60,12 +60,12 @@ function createIntegrationSetup() {
     { policy: { maxTier: "T2_act" } },
   );
 
-  // Shell server (requires approval for all)
+  // Planner server (requires approval for all non-observe actions)
   downstream.addConnectedClient(
-    "shell",
-    shellClient,
+    "planner",
+    plannerClient,
     [
-      { name: "run", description: "Run a command", inputSchema: { type: "object" } },
+      { name: "runPlan", description: "Execute a prepared plan", inputSchema: { type: "object" } },
     ],
     { policy: { requireApproval: true } },
   );
@@ -108,7 +108,7 @@ describe("Integration: Full SINT MCP Flow", () => {
       "filesystem__deleteFile",
       "filesystem__readFile",
       "filesystem__writeFile",
-      "shell__run",
+      "planner__runPlan",
     ]);
   });
 
@@ -139,21 +139,21 @@ describe("Integration: Full SINT MCP Flow", () => {
     expect(result.result!.content[0]!.text).toBe("DB:query:ok");
   });
 
-  it("shell server with requireApproval forces escalation", async () => {
+  it("requireApproval server forces escalation", async () => {
     const { enforcer, approvalQueue } = createIntegrationSetup();
 
-    const parsed = parseNamespace("shell__run");
-    const enforcePromise = enforcer.enforce(parsed!, { command: "ls -la" });
+    const parsed = parseNamespace("planner__runPlan");
+    const enforcePromise = enforcer.enforce(parsed!, { task: "pick-and-place" });
 
     // Wait for the approval to be enqueued
     await new Promise((r) => setTimeout(r, 50));
 
     const pending = approvalQueue.getPending();
     expect(pending.length).toBeGreaterThan(0);
 
-    // The pending request should reference the shell server
+    // The pending request should reference the requireApproval server
     const req = pending[0]!;
-    expect(req.request.resource).toBe("mcp://shell/run");
+    expect(req.request.resource).toBe("mcp://planner/runPlan");
 
     // Approve it
     approvalQueue.resolve(req.requestId, {
@@ -164,14 +164,14 @@ describe("Integration: Full SINT MCP Flow", () => {
     const result = await enforcePromise;
     expect(result.allowed).toBe(true);
     expect(result.approvalRequestId).toBeDefined();
-    expect(result.result!.content[0]!.text).toBe("SHELL:run:ok");
+    expect(result.result!.content[0]!.text).toBe("PLANNER:runPlan:ok");
   });
 
-  it("shell server denied when operator denies", async () => {
+  it("requireApproval server denied when operator denies", async () => {
     const { enforcer, approvalQueue } = createIntegrationSetup();
 
-    const parsed = parseNamespace("shell__run");
-    const enforcePromise = enforcer.enforce(parsed!, { command: "rm -rf /" });
+    const parsed = parseNamespace("planner__runPlan");
+    const enforcePromise = enforcer.enforce(parsed!, { task: "restricted-operation" });
 
     await new Promise((r) => setTimeout(r, 50));
 
@@ -285,9 +285,9 @@ describe("Integration: Full SINT MCP Flow", () => {
     expect(fsConfig).toBeDefined();
     expect(fsConfig!.policy?.maxTier).toBe("T2_act");
 
-    const shellConfig = downstream.getServerConfig("shell");
-    expect(shellConfig).toBeDefined();
-    expect(shellConfig!.policy?.requireApproval).toBe(true);
+    const plannerConfig = downstream.getServerConfig("planner");
+    expect(plannerConfig).toBeDefined();
+    expect(plannerConfig!.policy?.requireApproval).toBe(true);
 
     const dbConfig = downstream.getServerConfig("database");
     expect(dbConfig).toBeDefined();

docs/CONFORMANCE_CERTIFICATION_MATRIX_v0.2.md

@@ -2,21 +2,25 @@
 
 This matrix tracks canonical fixture coverage for major interoperability paths.
 
-| Path | Protocol Surface | Canonical Fixture | Expected Outcome |
-|---|---|---|---|
-| MCP tool call interception | `@sint/bridge-mcp` + gateway | `packages/conformance-tests/src/bridge-mcp-regression.test.ts` | Correct tiering, denial on invalid token, ledger evidence |
-| A2A delegated task path | `@sint/bridge-a2a` + gateway | `packages/conformance-tests/src/phase4-regression.test.ts` | Unauthorized denied, physical tasks escalated |
-| ROS 2 physical command path | `@sint/bridge-ros2` + gateway | `packages/conformance-tests/src/bridge-ros2-regression.test.ts` | Constraint enforcement, T2/T3 escalation deterministic |
-| MQTT Sparkplug command path | `@sint/bridge-mqtt-sparkplug` + gateway | `packages/conformance-tests/src/industrial-interoperability.test.ts` | Equivalent approval behavior vs ROS2/RMF route |
-| OPC UA control path | `@sint/bridge-opcua` + gateway | `packages/bridge-opcua/__tests__/opcua-resource-mapper.test.ts` | Safety-critical writes/calls elevated |
-| Open-RMF dispatch path | `@sint/bridge-open-rmf` + gateway | `packages/conformance-tests/src/industrial-interoperability.test.ts` | Dispatch actions mapped to T2 escalation |
-| Revocation under load | token store + gateway | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | No T2/T3 fail-open after revocation |
-| Stale corridor envelope | gateway execution envelope checks | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | Deterministic deny on stale/mismatch corridor |
-| Safety-zone breach | geofence + constraint checker | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | Deterministic deny when crossing safety boundary |
-| Model swap guardrail | token `modelConstraints` + request runtime model metadata | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | Deny on non-allowlisted runtime model |
-| Multi-fleet conflict | Open-RMF `override` + quorum escalation | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | T3 escalation with attached approval quorum |
-| Edge central-control fail-closed | edge control-plane hooks + gateway | `packages/conformance-tests/src/edge-mode-conformance.test.ts` | T0/T1 local pass; T2/T3 denied offline, escalated online |
-| v0 client compatibility | token/request gateway path | `packages/conformance-tests/src/backward-compatibility-v0-clients.test.ts` | Legacy payloads remain valid without new optional fields |
+| Path | Protocol Surface | Canonical Fixture | Validation Test | Expected Outcome |
+|---|---|---|---|---|
+| MCP tool call interception | `@sint/bridge-mcp` + gateway | `packages/conformance-tests/src/bridge-mcp-regression.test.ts` | `packages/conformance-tests/src/bridge-mcp-regression.test.ts` | Correct tiering, denial on invalid token, ledger evidence |
+| A2A delegated task path | `@sint/bridge-a2a` + gateway | `packages/conformance-tests/src/phase4-regression.test.ts` | `packages/conformance-tests/src/phase4-regression.test.ts` | Unauthorized denied, physical tasks escalated |
+| ROS 2 physical command path | `@sint/bridge-ros2` + gateway | `packages/conformance-tests/src/bridge-ros2-regression.test.ts` | `packages/conformance-tests/src/bridge-ros2-regression.test.ts` | Constraint enforcement, T2/T3 escalation deterministic |
+| MQTT Sparkplug command path | `@sint/bridge-mqtt-sparkplug` + gateway | `packages/conformance-tests/fixtures/industrial/warehouse-move-equivalence.v1.json` | `packages/conformance-tests/src/canonical-fixtures-conformance.test.ts` | Equivalent approval behavior vs ROS2/RMF route |
+| OPC UA control path | `@sint/bridge-opcua` + gateway | `packages/conformance-tests/fixtures/industrial/opcua-safety-control.v1.json` | `packages/conformance-tests/src/canonical-fixtures-conformance.test.ts` | Safety-critical writes/calls elevated |
+| Open-RMF dispatch path | `@sint/bridge-open-rmf` + gateway | `packages/conformance-tests/fixtures/industrial/warehouse-move-equivalence.v1.json` | `packages/conformance-tests/src/canonical-fixtures-conformance.test.ts` | Dispatch actions mapped to T2 escalation |
+| Revocation under load | token store + gateway | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | No T2/T3 fail-open after revocation |
+| Stale corridor envelope | gateway execution envelope checks | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | Deterministic deny on stale/mismatch corridor |
+| Safety-zone breach | geofence + constraint checker | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | Deterministic deny when crossing safety boundary |
+| Model swap guardrail | token `modelConstraints` + request runtime model metadata | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | Deny on non-allowlisted runtime model |
+| Multi-fleet conflict | Open-RMF `override` + quorum escalation | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts` | T3 escalation with attached approval quorum |
+| Edge central-control fail-closed | edge control-plane hooks + gateway | `packages/conformance-tests/src/edge-mode-conformance.test.ts` | `packages/conformance-tests/src/edge-mode-conformance.test.ts` | T0/T1 local pass; T2/T3 denied offline, escalated online |
+| v0 client compatibility | token/request gateway path | `packages/conformance-tests/src/backward-compatibility-v0-clients.test.ts` | `packages/conformance-tests/src/backward-compatibility-v0-clients.test.ts` | Legacy payloads remain valid without new optional fields |
+| TypeScript SDK gateway contract | `@sint/sdk` + gateway REST | `packages/conformance-tests/fixtures/protocol/well-known-sint.v0.2.example.json`, `packages/conformance-tests/fixtures/industrial/warehouse-move-equivalence.v1.json` | `sdks/typescript/src/__tests__/client.test.ts` | Request metadata generation, header contract, and endpoint payloads stay in sync with v0.2 |
+| PostgreSQL persistence adapter contract | `@sint/persistence-postgres` | `packages/conformance-tests/fixtures/persistence/postgres-adapter-cert.v1.json` | `packages/persistence-postgres/src/__tests__/certification-fixtures.test.ts` | Ledger chain mapping, revocation checks, and rate-limit increments are deterministic |
+| ASI04 supply-chain runtime verification | `@sint/gate-policy-gateway` (`DefaultSupplyChainVerifier`) | `packages/conformance-tests/fixtures/security/supply-chain-verification.v1.json` | `packages/conformance-tests/src/security-iot-fixtures-conformance.test.ts` | Fingerprint/allowlist mismatch is denied pre-execution; bridge mismatch emits warning and remains fail-safe |
+| MQTT IoT session fail-closed forwarding | `@sint/bridge-iot` + gateway | `packages/conformance-tests/fixtures/iot/mqtt-gateway-session.v1.json` | `packages/conformance-tests/src/security-iot-fixtures-conformance.test.ts`, `packages/bridge-iot/__tests__/mqtt-session.test.ts` | T2/T3 pre-approval paths are blocked from execution; only `allow` forwards publish/subscribe |
 
 ## Operational Certification Artifacts
 
@@ -26,3 +30,23 @@ This matrix tracks canonical fixture coverage for major interoperability paths.
 - Benchmark report outputs:
   - `docs/reports/industrial-benchmark-report.json`
   - `docs/reports/industrial-benchmark-report.md`
+
+## Canonical Fixture Pack (v0.2)
+
+- Warehouse cross-bridge equivalence fixture:
+  - `packages/conformance-tests/fixtures/industrial/warehouse-move-equivalence.v1.json`
+- OPC UA industrial-cell safety fixture:
+  - `packages/conformance-tests/fixtures/industrial/opcua-safety-control.v1.json`
+- Well-known discovery contract fixture:
+  - `packages/conformance-tests/fixtures/protocol/well-known-sint.v0.2.example.json`
+- PostgreSQL persistence adapter fixture:
+  - `packages/conformance-tests/fixtures/persistence/postgres-adapter-cert.v1.json`
+- Supply-chain runtime verification fixture:
+  - `packages/conformance-tests/fixtures/security/supply-chain-verification.v1.json`
+- MQTT session certification fixture:
+  - `packages/conformance-tests/fixtures/iot/mqtt-gateway-session.v1.json`
+- Executable fixture conformance gate:
+  - `pnpm --filter @sint/conformance-tests run test:fixtures`
+  - `pnpm --filter @sint/bridge-iot run test:fixtures`
+  - `pnpm --filter @sint/sdk run test:contracts`
+  - `pnpm --filter @sint/persistence-postgres run test:fixtures`

docs/RELEASE_NOTES_v0.2.md

@@ -25,10 +25,26 @@
 - SDK starters added:
   - `sdks/python/sint_client.py`
   - `sdks/go/sintclient/client.go`
+  - `sdks/typescript` (`@sint/sdk`) contract-aligned with gateway v0.2
 - Added industrial interoperability conformance fixture:
   - `packages/conformance-tests/src/industrial-interoperability.test.ts`
 - Added industrial benchmark scenario fixture set:
   - `packages/conformance-tests/src/industrial-benchmark-scenarios.test.ts`
+- Added canonical industrial certification fixtures:
+  - `packages/conformance-tests/fixtures/industrial/warehouse-move-equivalence.v1.json`
+  - `packages/conformance-tests/fixtures/industrial/opcua-safety-control.v1.json`
+  - `packages/conformance-tests/src/canonical-fixtures-conformance.test.ts`
+- Added protocol/persistence certification fixtures:
+  - `packages/conformance-tests/fixtures/protocol/well-known-sint.v0.2.example.json`
+  - `packages/conformance-tests/fixtures/persistence/postgres-adapter-cert.v1.json`
+  - `packages/persistence-postgres/src/__tests__/certification-fixtures.test.ts`
+- Added security/IoT certification fixtures:
+  - `packages/conformance-tests/fixtures/security/supply-chain-verification.v1.json`
+  - `packages/conformance-tests/fixtures/iot/mqtt-gateway-session.v1.json`
+  - `packages/conformance-tests/src/security-iot-fixtures-conformance.test.ts`
+- Hardened `@sint/bridge-iot` session semantics:
+  - MQTT publish/subscribe now execute only on gateway `allow`
+  - T2/T3 `escalate` responses are fail-closed until approval resolution
 - Added edge and compatibility conformance fixtures:
   - `packages/conformance-tests/src/edge-mode-conformance.test.ts`
   - `packages/conformance-tests/src/backward-compatibility-v0-clients.test.ts`

package.json

@@ -11,6 +11,7 @@
     "typecheck": "turbo run typecheck",
     "clean": "turbo run clean",
     "demo": "pnpm --filter @sint/conformance-tests exec vitest run src/e2e-demo.test.ts --reporter=verbose",
+    "cert:fixtures": "pnpm --filter ./packages/policy-gateway build && pnpm --filter ./packages/conformance-tests run test:fixtures && pnpm --filter ./packages/bridge-iot run test:fixtures && pnpm --filter ./sdks/typescript run test:contracts && pnpm --filter ./packages/persistence-postgres run test:fixtures",
     "benchmark:industrial": "pnpm --filter @sint/conformance-tests exec vitest run src/industrial-interoperability.test.ts src/industrial-benchmark-scenarios.test.ts --reporter=verbose",
     "benchmark:report": "node ./scripts/generate-industrial-benchmark-report.mjs"
   },