0nmcp 1.4.0 → 1.5.0

package/connections.js

@@ -244,8 +244,12 @@ export class ConnectionManager {
 
   /**
    * Get credentials for a service.
+   * Checks vault unsealed cache first for sealed connections.
    */
   getCredentials(serviceKey) {
+    // Check if vault has unsealed credentials in memory
+    const unsealed = this._vaultCache?.get(serviceKey);
+    if (unsealed) return unsealed;
     return this.connections[serviceKey]?.credentials || null;
   }
 

package/index.js

@@ -27,15 +27,18 @@ import { Orchestrator } from "./orchestrator.js";
 import { WorkflowRunner } from "./workflow.js";
 import { registerAllTools } from "./tools.js";
 import { registerCrmTools } from "./crm/index.js";
+import { registerVaultTools, autoUnseal } from "./vault/index.js";
+import { unsealedCache } from "./vault/cache.js";
 
 // ── Initialize ─────────────────────────────────────────────
 const connections = new ConnectionManager();
+connections._vaultCache = unsealedCache;
 const orchestrator = new Orchestrator(connections);
 const workflowRunner = new WorkflowRunner(connections);
 
 const server = new McpServer({
   name: "0nMCP",
-  version: "1.4.0",
+  version: "1.5.0",
 });
 
 // ============================================================
@@ -51,6 +54,18 @@ registerAllTools(server, connections, orchestrator, workflowRunner);
 import { z } from "zod";
 registerCrmTools(server, z);
 
+// ============================================================
+// VAULT TOOLS (machine-bound credential encryption)
+// ============================================================
+
+registerVaultTools(server, z);
+
+// Auto-unseal sealed connections if ON_VAULT_PASSPHRASE is set
+const vaultResult = autoUnseal();
+if (vaultResult.unsealed.length > 0) {
+  console.error(`Vault: auto-unsealed ${vaultResult.unsealed.length} connection(s)`);
+}
+
 // ============================================================
 // START SERVER (stdio transport)
 // ============================================================

package/lib/badges.json

@@ -26,7 +26,7 @@
   "total": {
     "schemaVersion": 1,
     "label": "capabilities",
-    "message": "693",
+    "message": "697",
     "color": "00ff88"
   }
 }

package/lib/stats.json

@@ -1,5 +1,5 @@
 {
-  "generated": "2026-02-15T00:13:31.784Z",
+  "generated": "2026-02-15T00:30:00.808Z",
   "catalogVersion": "1.2.2",
   "services": 26,
   "tools": 290,
@@ -792,6 +792,7 @@
     "mongodb"
   ],
   "crmTools": 245,
-  "totalTools": 535,
-  "totalCapabilities": 693
+  "vaultTools": 4,
+  "totalTools": 539,
+  "totalCapabilities": 697
 }

package/package.json

@@ -1,8 +1,8 @@
 {
   "name": "0nmcp",
-  "version": "1.4.0",
+  "version": "1.5.0",
   "mcpName": "io.github.0nork/0nMCP",
-  "description": "Universal AI API Orchestrator — 535 tools, 26 services, natural language interface. The most comprehensive MCP server available. Free and open source from 0nORK.",
+  "description": "Universal AI API Orchestrator — 539 tools, 26 services, machine-bound vault encryption. The most comprehensive MCP server available. Free and open source from 0nORK.",
   "type": "module",
   "main": "index.js",
   "types": "types/index.d.ts",
@@ -43,6 +43,9 @@
     },
     "./server": {
       "import": "./server.js"
+    },
+    "./vault": {
+      "import": "./vault/index.js"
     }
   },
   "scripts": {
@@ -107,6 +110,10 @@
     "teams",
     "onedrive",
     "mongodb",
+    "vault",
+    "encryption",
+    "machine-bound",
+    "credential-storage",
     "0n",
     "0nork",
     "0nmcp"
@@ -156,6 +163,7 @@
     "crm/",
     "webhooks.js",
     "ratelimit.js",
+    "vault/",
     "lib/",
     "types/",
     "README.md",
@@ -164,12 +172,13 @@
   "0nmcp-stats": {
     "tools": 290,
     "crmTools": 245,
-    "totalTools": 535,
+    "vaultTools": 4,
+    "totalTools": 539,
     "services": 26,
     "actions": 65,
     "triggers": 93,
-    "totalCapabilities": 693,
+    "totalCapabilities": 697,
     "categories": 13,
-    "lastUpdated": "2026-02-15T00:13:31.784Z"
+    "lastUpdated": "2026-02-15T00:30:00.808Z"
   }
 }

package/server.js

@@ -20,6 +20,8 @@ import { Orchestrator } from "./orchestrator.js";
 import { WorkflowRunner } from "./workflow.js";
 import { registerAllTools } from "./tools.js";
 import { registerCrmTools } from "./crm/index.js";
+import { registerVaultTools, autoUnseal } from "./vault/index.js";
+import { unsealedCache } from "./vault/cache.js";
 import { z } from "zod";
 import {
   verifyStripeSignature,
@@ -45,11 +47,18 @@ export async function createApp() {
   }
 
   const connections = new ConnectionManager();
+  connections._vaultCache = unsealedCache;
   const orchestrator = new Orchestrator(connections);
   const workflowRunner = new WorkflowRunner(connections);
 
   const app = express();
 
+  // Auto-unseal vault if passphrase is set
+  const vaultResult = autoUnseal();
+  if (vaultResult.unsealed.length > 0) {
+    console.log(`Vault: auto-unsealed ${vaultResult.unsealed.length} connection(s)`);
+  }
+
   // ── Raw body capture for webhooks (before json parsing) ──
   app.use("/webhooks", express.raw({ type: "*/*" }));
   app.use(express.json());
@@ -82,9 +91,10 @@ export async function createApp() {
 
       // New session
       const transport = new StreamableHTTPServerTransport({ sessionIdGenerator: () => crypto.randomUUID() });
-      const server = new McpServer({ name: "0nMCP", version: "1.4.0" });
+      const server = new McpServer({ name: "0nMCP", version: "1.5.0" });
       registerAllTools(server, connections, orchestrator, workflowRunner);
       registerCrmTools(server, z);
+      registerVaultTools(server, z);
 
       await server.connect(transport);
 

package/vault/cache.js

@@ -0,0 +1,28 @@
+// ============================================================
+// 0nMCP — Vault: Shared Credential Cache
+// ============================================================
+// In-memory store for unsealed credentials. Shared between
+// vault/index.js (writes) and connections.js (reads).
+// Never written to disk — credentials exist only in memory.
+// ============================================================
+
+/** @type {Map<string, object>} */
+export const unsealedCache = new Map();
+
+/**
+ * Get unsealed credentials from memory cache.
+ * @param {string} service - Service key
+ * @returns {object|null}
+ */
+export function getUnsealedCredentials(service) {
+  return unsealedCache.get(service) || null;
+}
+
+/**
+ * Check if a service has unsealed credentials.
+ * @param {string} service - Service key
+ * @returns {boolean}
+ */
+export function isUnsealed(service) {
+  return unsealedCache.has(service);
+}

package/vault/cipher.js

@@ -0,0 +1,147 @@
+// ============================================================
+// 0nMCP — Vault: Cipher Engine
+// ============================================================
+// AES-256-GCM encryption with PBKDF2 key derivation.
+// Keys are derived from passphrase + machine fingerprint,
+// making sealed files machine-bound — they can ONLY be
+// unsealed on the same hardware they were sealed on.
+//
+// Zero external dependencies — Node.js built-in `crypto` only.
+//
+// Patent Pending: US Provisional Patent Application #63/968,814
+// ============================================================
+
+import { randomBytes, createCipheriv, createDecipheriv, pbkdf2Sync } from "crypto";
+import { getFingerprint } from "./fingerprint.js";
+
+const ALGORITHM = "aes-256-gcm";
+const KEY_LENGTH = 32; // 256 bits
+const IV_LENGTH = 16; // 128 bits
+const SALT_LENGTH = 32; // 256 bits
+const TAG_LENGTH = 16; // 128 bits (GCM auth tag)
+const PBKDF2_ITERATIONS = 100000;
+const PBKDF2_DIGEST = "sha512";
+
+/**
+ * Derive an encryption key from passphrase + machine fingerprint.
+ *
+ * The fingerprint is mixed into the key derivation so that
+ * the same passphrase on a different machine produces a
+ * completely different key — making sealed files machine-bound.
+ *
+ * @param {string} passphrase - User-provided passphrase
+ * @param {Buffer} salt - Random salt for PBKDF2
+ * @returns {Buffer} 32-byte AES-256 key
+ */
+function deriveKey(passphrase, salt) {
+  const fingerprint = getFingerprint();
+  const material = `${passphrase}:${fingerprint}`;
+  return pbkdf2Sync(material, salt, PBKDF2_ITERATIONS, KEY_LENGTH, PBKDF2_DIGEST);
+}
+
+/**
+ * Encrypt plaintext data using AES-256-GCM.
+ *
+ * Output format (binary concat):
+ *   [salt:32][iv:16][authTag:16][ciphertext:*]
+ *
+ * @param {string} plaintext - Data to encrypt (JSON string)
+ * @param {string} passphrase - Encryption passphrase
+ * @returns {{ sealed: string, fingerprint: string }}
+ */
+export function seal(plaintext, passphrase) {
+  const salt = randomBytes(SALT_LENGTH);
+  const iv = randomBytes(IV_LENGTH);
+  const key = deriveKey(passphrase, salt);
+
+  const cipher = createCipheriv(ALGORITHM, key, iv);
+  const encrypted = Buffer.concat([
+    cipher.update(plaintext, "utf8"),
+    cipher.final(),
+  ]);
+  const authTag = cipher.getAuthTag();
+
+  // Combine: salt + iv + authTag + ciphertext → base64
+  const combined = Buffer.concat([salt, iv, authTag, encrypted]);
+  const sealed = combined.toString("base64");
+
+  return {
+    sealed,
+    fingerprint: getFingerprint(),
+  };
+}
+
+/**
+ * Decrypt sealed data using AES-256-GCM.
+ *
+ * @param {string} sealedData - Base64-encoded sealed data
+ * @param {string} passphrase - Decryption passphrase
+ * @returns {string} Decrypted plaintext
+ * @throws {Error} If passphrase is wrong or file is not machine-bound to this hardware
+ */
+export function unseal(sealedData, passphrase) {
+  const combined = Buffer.from(sealedData, "base64");
+
+  if (combined.length < SALT_LENGTH + IV_LENGTH + TAG_LENGTH + 1) {
+    throw new Error("Invalid sealed data: too short");
+  }
+
+  // Extract components
+  const salt = combined.subarray(0, SALT_LENGTH);
+  const iv = combined.subarray(SALT_LENGTH, SALT_LENGTH + IV_LENGTH);
+  const authTag = combined.subarray(SALT_LENGTH + IV_LENGTH, SALT_LENGTH + IV_LENGTH + TAG_LENGTH);
+  const ciphertext = combined.subarray(SALT_LENGTH + IV_LENGTH + TAG_LENGTH);
+
+  const key = deriveKey(passphrase, salt);
+
+  const decipher = createDecipheriv(ALGORITHM, key, iv);
+  decipher.setAuthTag(authTag);
+
+  try {
+    const decrypted = Buffer.concat([
+      decipher.update(ciphertext),
+      decipher.final(),
+    ]);
+    return decrypted.toString("utf8");
+  } catch {
+    throw new Error(
+      "Unseal failed — wrong passphrase or file was sealed on a different machine. " +
+      "Vault files are machine-bound and can only be unsealed on the same hardware."
+    );
+  }
+}
+
+/**
+ * Verify that sealed data can be unsealed on this machine.
+ * Also checks stored fingerprint against current hardware.
+ *
+ * @param {string} sealedData - Base64-encoded sealed data
+ * @param {string} storedFingerprint - Fingerprint stored when file was sealed
+ * @param {string} passphrase - Passphrase to test
+ * @returns {{ valid: boolean, machineBound: boolean, error?: string }}
+ */
+export function verify(sealedData, storedFingerprint, passphrase) {
+  const currentFingerprint = getFingerprint();
+  const machineBound = currentFingerprint === storedFingerprint;
+
+  if (!machineBound) {
+    return {
+      valid: false,
+      machineBound: false,
+      error: "Machine fingerprint mismatch — this file was sealed on a different machine.",
+      currentFingerprint,
+      storedFingerprint,
+    };
+  }
+
+  try {
+    unseal(sealedData, passphrase);
+    return { valid: true, machineBound: true };
+  } catch (err) {
+    return {
+      valid: false,
+      machineBound: true,
+      error: err.message,
+    };
+  }
+}

package/vault/fingerprint.js

@@ -0,0 +1,58 @@
+// ============================================================
+// 0nMCP — Vault: Machine Fingerprint
+// ============================================================
+// Generates a deterministic, machine-bound hardware fingerprint
+// using SHA-256 hash of system identifiers. Zero dependencies —
+// uses only Node.js built-in modules.
+//
+// Patent Pending: US Provisional Patent Application #63/968,814
+// ============================================================
+
+import { createHash } from "crypto";
+import { hostname, cpus, platform, arch, totalmem } from "os";
+
+/**
+ * Generate a deterministic machine fingerprint.
+ *
+ * Components:
+ *   - hostname
+ *   - CPU model (first core)
+ *   - CPU core count
+ *   - OS platform
+ *   - CPU architecture
+ *   - Total system memory
+ *
+ * @returns {{ fingerprint: string, components: object }}
+ */
+export function generateFingerprint() {
+  const cpuInfo = cpus();
+  const components = {
+    hostname: hostname(),
+    cpuModel: cpuInfo.length > 0 ? cpuInfo[0].model : "unknown",
+    cpuCores: cpuInfo.length,
+    platform: platform(),
+    arch: arch(),
+    totalMemory: totalmem(),
+  };
+
+  const raw = [
+    components.hostname,
+    components.cpuModel,
+    components.cpuCores,
+    components.platform,
+    components.arch,
+    components.totalMemory,
+  ].join("|");
+
+  const fingerprint = createHash("sha256").update(raw).digest("hex");
+
+  return { fingerprint, components };
+}
+
+/**
+ * Get just the fingerprint string.
+ * @returns {string} 64-char hex SHA-256 hash
+ */
+export function getFingerprint() {
+  return generateFingerprint().fingerprint;
+}

package/vault/index.js

@@ -0,0 +1,314 @@
+// ============================================================
+// 0nMCP — Vault Module
+// ============================================================
+// Machine-bound encrypted credential storage for .0n files.
+// Seals credentials using AES-256-GCM with PBKDF2 key derivation
+// from passphrase + hardware fingerprint.
+//
+// Zero external dependencies — Node.js built-in `crypto` only.
+// Backward compatible — plaintext .0n files keep working.
+//
+// 4 MCP Tools:
+//   vault_seal        — Encrypt a service's credentials on disk
+//   vault_unseal      — Decrypt credentials into memory only
+//   vault_verify      — Check machine binding + file integrity
+//   vault_fingerprint — Show your machine's hardware fingerprint
+//
+// Patent Pending: US Provisional Patent Application #63/968,814
+// ============================================================
+
+import { readFileSync, writeFileSync, existsSync, readdirSync } from "fs";
+import { join } from "path";
+import { seal, unseal, verify } from "./cipher.js";
+import { generateFingerprint, getFingerprint } from "./fingerprint.js";
+import { CONNECTIONS_PATH } from "../connections.js";
+import { unsealedCache, getUnsealedCredentials, isUnsealed } from "./cache.js";
+
+// Auto-unseal passphrase from environment
+const AUTO_PASSPHRASE = process.env.ON_VAULT_PASSPHRASE || null;
+
+/**
+ * Seal a service's .0n connection file — encrypts credentials on disk.
+ *
+ * @param {string} service - Service key (e.g., "stripe", "openai")
+ * @param {string} passphrase - Encryption passphrase
+ * @returns {{ success: boolean, service?: string, error?: string }}
+ */
+export function sealConnection(service, passphrase) {
+  const filePath = join(CONNECTIONS_PATH, `${service}.0n`);
+
+  if (!existsSync(filePath)) {
+    return { success: false, error: `No connection file found for service: ${service}` };
+  }
+
+  try {
+    const raw = readFileSync(filePath, "utf-8");
+    const data = JSON.parse(raw);
+
+    // Already sealed?
+    if (data.$0n?.sealed) {
+      return { success: false, error: `Service "${service}" is already sealed. Unseal first to re-seal.` };
+    }
+
+    if (!data.auth?.credentials) {
+      return { success: false, error: `No credentials found in ${service}.0n to seal.` };
+    }
+
+    // Seal only the credentials
+    const credentialsJson = JSON.stringify(data.auth.credentials);
+    const { sealed, fingerprint } = seal(credentialsJson, passphrase);
+
+    // Replace credentials with sealed envelope
+    data.auth.credentials = {};
+    data.$0n.sealed = true;
+    data.$0n.vault = {
+      sealed_at: new Date().toISOString(),
+      fingerprint,
+      algorithm: "aes-256-gcm",
+      kdf: "pbkdf2-sha512-100k",
+    };
+    data.vault = { data: sealed };
+
+    writeFileSync(filePath, JSON.stringify(data, null, 2));
+
+    return {
+      success: true,
+      service,
+      fingerprint,
+      message: `Credentials for "${service}" have been sealed. They can only be unsealed on this machine.`,
+    };
+  } catch (err) {
+    return { success: false, error: `Failed to seal ${service}: ${err.message}` };
+  }
+}
+
+/**
+ * Unseal a service's credentials — decrypts into memory only.
+ * The .0n file on disk remains encrypted.
+ *
+ * @param {string} service - Service key
+ * @param {string} passphrase - Decryption passphrase
+ * @returns {{ success: boolean, service?: string, error?: string }}
+ */
+export function unsealConnection(service, passphrase) {
+  const filePath = join(CONNECTIONS_PATH, `${service}.0n`);
+
+  if (!existsSync(filePath)) {
+    return { success: false, error: `No connection file found for service: ${service}` };
+  }
+
+  try {
+    const raw = readFileSync(filePath, "utf-8");
+    const data = JSON.parse(raw);
+
+    if (!data.$0n?.sealed || !data.vault?.data) {
+      return { success: false, error: `Service "${service}" is not sealed. Nothing to unseal.` };
+    }
+
+    const decrypted = unseal(data.vault.data, passphrase);
+    const credentials = JSON.parse(decrypted);
+
+    // Store in memory only — never write back to disk
+    unsealedCache.set(service, credentials);
+
+    return {
+      success: true,
+      service,
+      message: `Credentials for "${service}" unsealed into memory. File on disk remains encrypted.`,
+      credential_keys: Object.keys(credentials),
+    };
+  } catch (err) {
+    return { success: false, error: err.message };
+  }
+}
+
+/**
+ * Verify a sealed connection's integrity and machine binding.
+ *
+ * @param {string} service - Service key
+ * @param {string} passphrase - Passphrase to verify
+ * @returns {{ success: boolean, valid?: boolean, machineBound?: boolean, error?: string }}
+ */
+export function verifyConnection(service, passphrase) {
+  const filePath = join(CONNECTIONS_PATH, `${service}.0n`);
+
+  if (!existsSync(filePath)) {
+    return { success: false, error: `No connection file found for service: ${service}` };
+  }
+
+  try {
+    const raw = readFileSync(filePath, "utf-8");
+    const data = JSON.parse(raw);
+
+    if (!data.$0n?.sealed || !data.vault?.data) {
+      return {
+        success: true,
+        sealed: false,
+        message: `Service "${service}" is not sealed — credentials are stored in plaintext.`,
+      };
+    }
+
+    const storedFingerprint = data.$0n.vault?.fingerprint;
+    const result = verify(data.vault.data, storedFingerprint, passphrase);
+
+    return {
+      success: true,
+      sealed: true,
+      valid: result.valid,
+      machineBound: result.machineBound,
+      algorithm: data.$0n.vault?.algorithm,
+      sealed_at: data.$0n.vault?.sealed_at,
+      error: result.error,
+    };
+  } catch (err) {
+    return { success: false, error: err.message };
+  }
+}
+
+/**
+ * Auto-unseal all sealed connections using ON_VAULT_PASSPHRASE env var.
+ * Called during MCP server startup when env var is set.
+ *
+ * @returns {{ unsealed: string[], failed: string[], skipped: string[] }}
+ */
+export function autoUnseal() {
+  if (!AUTO_PASSPHRASE) {
+    return { unsealed: [], failed: [], skipped: [], message: "ON_VAULT_PASSPHRASE not set" };
+  }
+
+  const results = { unsealed: [], failed: [], skipped: [] };
+
+  if (!existsSync(CONNECTIONS_PATH)) return results;
+
+  const files = readdirSync(CONNECTIONS_PATH);
+
+  for (const file of files) {
+    if (!file.endsWith(".0n") && !file.endsWith(".0n.json")) continue;
+
+    const service = file.replace(/\.0n(\.json)?$/, "");
+
+    try {
+      const raw = readFileSync(join(CONNECTIONS_PATH, file), "utf-8");
+      const data = JSON.parse(raw);
+
+      if (!data.$0n?.sealed || !data.vault?.data) {
+        results.skipped.push(service);
+        continue;
+      }
+
+      const result = unsealConnection(service, AUTO_PASSPHRASE);
+      if (result.success) {
+        results.unsealed.push(service);
+      } else {
+        results.failed.push(service);
+      }
+    } catch {
+      results.failed.push(service);
+    }
+  }
+
+  return results;
+}
+
+/**
+ * Register vault tools on an MCP server instance.
+ *
+ * @param {import("@modelcontextprotocol/sdk/server/mcp.js").McpServer} server
+ * @param {import("zod").ZodType} z - Zod instance for parameter validation
+ */
+export function registerVaultTools(server, z) {
+  // ─── vault_seal ──────────────────────────────────────────
+  server.tool(
+    "vault_seal",
+    `Encrypt a service's credentials on disk using AES-256-GCM.
+The sealed file is machine-bound — it can ONLY be unsealed on the same hardware.
+Credentials are replaced with an encrypted envelope in the .0n file.
+
+Example: vault_seal({ service: "stripe", passphrase: "my-secret-phrase" })`,
+    {
+      service: z.string().describe("Service key to seal (e.g., stripe, openai, slack)"),
+      passphrase: z.string().describe("Passphrase for encryption — remember this to unseal later"),
+    },
+    async ({ service, passphrase }) => {
+      const result = sealConnection(service, passphrase);
+      return {
+        content: [{
+          type: "text",
+          text: JSON.stringify(result, null, 2),
+        }],
+      };
+    }
+  );
+
+  // ─── vault_unseal ────────────────────────────────────────
+  server.tool(
+    "vault_unseal",
+    `Decrypt a service's sealed credentials into memory only.
+The .0n file on disk remains encrypted — credentials exist only in process memory.
+Must be run on the same machine where the file was sealed.
+
+Example: vault_unseal({ service: "stripe", passphrase: "my-secret-phrase" })`,
+    {
+      service: z.string().describe("Service key to unseal"),
+      passphrase: z.string().describe("Passphrase used when sealing"),
+    },
+    async ({ service, passphrase }) => {
+      const result = unsealConnection(service, passphrase);
+      return {
+        content: [{
+          type: "text",
+          text: JSON.stringify(result, null, 2),
+        }],
+      };
+    }
+  );
+
+  // ─── vault_verify ────────────────────────────────────────
+  server.tool(
+    "vault_verify",
+    `Check a sealed connection's integrity and machine binding.
+Verifies the passphrase is correct AND the file was sealed on this machine.
+
+Example: vault_verify({ service: "stripe", passphrase: "my-secret-phrase" })`,
+    {
+      service: z.string().describe("Service key to verify"),
+      passphrase: z.string().describe("Passphrase to test"),
+    },
+    async ({ service, passphrase }) => {
+      const result = verifyConnection(service, passphrase);
+      return {
+        content: [{
+          type: "text",
+          text: JSON.stringify(result, null, 2),
+        }],
+      };
+    }
+  );
+
+  // ─── vault_fingerprint ──────────────────────────────────
+  server.tool(
+    "vault_fingerprint",
+    `Show your machine's hardware fingerprint.
+This is the unique identifier used for machine-binding sealed vault files.
+The fingerprint is a SHA-256 hash of: hostname, CPU model, cores, platform, arch, and total memory.`,
+    {},
+    async () => {
+      const { fingerprint, components } = generateFingerprint();
+      return {
+        content: [{
+          type: "text",
+          text: JSON.stringify({
+            fingerprint,
+            components,
+            message: "This fingerprint is used to bind sealed vault files to this machine.",
+          }, null, 2),
+        }],
+      };
+    }
+  );
+}
+
+// ── Exports ────────────────────────────────────────────────
+export { generateFingerprint, getFingerprint } from "./fingerprint.js";
+export { seal, unseal, verify } from "./cipher.js";
+export { getUnsealedCredentials, isUnsealed } from "./cache.js";