feat: implement scope chain verification in LangChain trust

[imran-siddique]

Implement cryptographic scope chain verification in LangChain integration

File: packages/agentmesh-integrations/langchain-agentmesh/langchain_agentmesh/trust.py

What

There is an explicit TODO: "A full cryptographic verification of the scope chain is needed." This means the LangChain integration currently accepts trust delegation claims without verifying the cryptographic chain.

Why

Without scope chain verification, a malicious agent could claim delegated permissions it was never granted. This is a trust escalation vulnerability.

How

1. Read the existing trust verification in packages/agent-mesh/src/agentmesh/trust/
2. Implement verify_scope_chain() that walks the delegation chain and verifies each Ed25519 signature
3. Each link in the chain should include: delegator DID, delegatee DID, scoped permissions, expiry, signature
4. Reject chains with: expired links, broken signatures, missing permissions, circular delegations
5. Add tests with valid chains, broken chains, expired chains

Reference

• Trust model: packages/agent-mesh/src/agentmesh/trust/identity.py
• Delegation chain: packages/agent-mesh/src/agentmesh/trust/delegation.py

Acceptance Criteria

• verify_scope_chain() implemented with full cryptographic verification
• Tests cover: valid chain, broken signature, expired link, circular delegation
• TODO comment removed
• No runtime regressions in existing LangChain integration tests

[zeel2104]

I would like to work on it. Could you assign it to me?

[imran-siddique]

Thanks @zeel2104! Assigned. The existing LangChain integration is at \packages/agentmesh-integrations/langchain-agentmesh/\ — the scope chain logic should build on \DelegationScope\ from the ADK adapter (\packages/agentmesh-integrations/adk-agentmesh/).