@1ly/mcp-server 0.1.3 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +61 -29
- package/dist/budget.d.ts.map +1 -1
- package/dist/budget.js +22 -1
- package/dist/budget.js.map +1 -1
- package/dist/config.d.ts +4 -1
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +81 -15
- package/dist/config.js.map +1 -1
- package/dist/http.d.ts +2 -0
- package/dist/http.d.ts.map +1 -1
- package/dist/http.js +27 -1
- package/dist/http.js.map +1 -1
- package/dist/index.js +1 -1
- package/dist/rate-limit.d.ts +24 -0
- package/dist/rate-limit.d.ts.map +1 -0
- package/dist/rate-limit.js +50 -0
- package/dist/rate-limit.js.map +1 -0
- package/dist/security-log.d.ts +55 -0
- package/dist/security-log.d.ts.map +1 -0
- package/dist/security-log.js +52 -0
- package/dist/security-log.js.map +1 -0
- package/dist/tools/call.d.ts.map +1 -1
- package/dist/tools/call.js +59 -20
- package/dist/tools/call.js.map +1 -1
- package/dist/tools/update-avatar.d.ts.map +1 -1
- package/dist/tools/update-avatar.js +30 -4
- package/dist/tools/update-avatar.js.map +1 -1
- package/dist/wallet/agentic.d.ts +19 -0
- package/dist/wallet/agentic.d.ts.map +1 -0
- package/dist/wallet/agentic.js +77 -0
- package/dist/wallet/agentic.js.map +1 -0
- package/dist/wallet/evm.d.ts.map +1 -1
- package/dist/wallet/evm.js +46 -4
- package/dist/wallet/evm.js.map +1 -1
- package/dist/wallet/solana.d.ts.map +1 -1
- package/dist/wallet/solana.js +43 -5
- package/dist/wallet/solana.js.map +1 -1
- package/package.json +4 -1
package/dist/wallet/solana.js
CHANGED
|
@@ -38,18 +38,59 @@ exports.getWalletAddress = getWalletAddress;
|
|
|
38
38
|
exports.buildSolanaPaymentSignature = buildSolanaPaymentSignature;
|
|
39
39
|
const web3_js_1 = require("@solana/web3.js");
|
|
40
40
|
const fs = __importStar(require("fs"));
|
|
41
|
+
const path_1 = require("path");
|
|
42
|
+
const os = __importStar(require("os"));
|
|
41
43
|
const client_1 = require("@x402/core/client");
|
|
42
44
|
const http_1 = require("@x402/core/http");
|
|
43
45
|
const client_2 = require("@x402/svm/exact/client");
|
|
44
46
|
const svm_1 = require("@x402/svm");
|
|
45
47
|
const signers_1 = require("@solana/signers");
|
|
48
|
+
function expandTilde(inputPath) {
|
|
49
|
+
if (!inputPath.startsWith("~/"))
|
|
50
|
+
return inputPath;
|
|
51
|
+
return (0, path_1.resolve)(os.homedir(), inputPath.slice(2));
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Validates wallet file path to prevent directory traversal attacks.
|
|
55
|
+
* Only allows files in home directory or /tmp (for testing).
|
|
56
|
+
*/
|
|
57
|
+
function validateWalletPath(keyPath) {
|
|
58
|
+
try {
|
|
59
|
+
const normalizedPath = (0, path_1.normalize)((0, path_1.resolve)(keyPath));
|
|
60
|
+
const homeDir = os.homedir();
|
|
61
|
+
// Allow files in home directory or /tmp
|
|
62
|
+
const isInHome = normalizedPath.startsWith(homeDir);
|
|
63
|
+
const isInTmp = normalizedPath.startsWith("/tmp") || normalizedPath.startsWith(os.tmpdir());
|
|
64
|
+
if (!isInHome && !isInTmp) {
|
|
65
|
+
throw new Error("Wallet file must be in home directory or /tmp for security. Path: " + normalizedPath);
|
|
66
|
+
}
|
|
67
|
+
// Block sensitive directories
|
|
68
|
+
const blockedPaths = [".ssh", ".gnupg", ".aws", ".kube"];
|
|
69
|
+
if (blockedPaths.some((p) => normalizedPath.includes(`/${p}/`))) {
|
|
70
|
+
throw new Error("Cannot load wallet from sensitive directory");
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
catch (err) {
|
|
74
|
+
if (err instanceof Error && err.message.includes("Wallet file must be")) {
|
|
75
|
+
throw err;
|
|
76
|
+
}
|
|
77
|
+
throw new Error("Invalid wallet file path");
|
|
78
|
+
}
|
|
79
|
+
}
|
|
46
80
|
async function loadSolanaWallet(keyPath) {
|
|
47
81
|
let keyData;
|
|
48
82
|
if (keyPath.startsWith("[")) {
|
|
83
|
+
// Inline JSON array format - no path validation needed
|
|
49
84
|
keyData = JSON.parse(keyPath);
|
|
50
85
|
}
|
|
51
|
-
else
|
|
52
|
-
const
|
|
86
|
+
else {
|
|
87
|
+
const expandedPath = expandTilde(keyPath);
|
|
88
|
+
if (!fs.existsSync(expandedPath)) {
|
|
89
|
+
throw new Error(`Wallet key file not found: ${keyPath}`);
|
|
90
|
+
}
|
|
91
|
+
// File path - validate before reading
|
|
92
|
+
validateWalletPath(expandedPath);
|
|
93
|
+
const fileContent = fs.readFileSync(expandedPath, "utf-8");
|
|
53
94
|
const parsed = JSON.parse(fileContent);
|
|
54
95
|
// Handle both formats:
|
|
55
96
|
// 1. { publicKey: "...", secretKey: [...] } - test wallet format
|
|
@@ -64,9 +105,6 @@ async function loadSolanaWallet(keyPath) {
|
|
|
64
105
|
throw new Error("Invalid wallet file format");
|
|
65
106
|
}
|
|
66
107
|
}
|
|
67
|
-
else {
|
|
68
|
-
throw new Error(`Wallet key file not found: ${keyPath}`);
|
|
69
|
-
}
|
|
70
108
|
return web3_js_1.Keypair.fromSecretKey(Uint8Array.from(keyData));
|
|
71
109
|
}
|
|
72
110
|
async function getWalletAddress(type, key) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"solana.js","sourceRoot":"","sources":["../../src/wallet/solana.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"solana.js","sourceRoot":"","sources":["../../src/wallet/solana.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgDA,4CA6BC;AAED,4CASC;AAED,kEAwBC;AAlHD,6CAA0C;AAC1C,uCAAyB;AACzB,+BAA0C;AAC1C,uCAAyB;AACzB,8CAA+C;AAC/C,0CAAiD;AACjD,mDAAgE;AAChE,mCAA8C;AAC9C,6CAA+D;AAG/D,SAAS,WAAW,CAAC,SAAiB;IACpC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,SAAS,CAAC;IAClD,OAAO,IAAA,cAAO,EAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CAAC,OAAe;IACzC,IAAI,CAAC;QACH,MAAM,cAAc,GAAG,IAAA,gBAAS,EAAC,IAAA,cAAO,EAAC,OAAO,CAAC,CAAC,CAAC;QACnD,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAE7B,wCAAwC;QACxC,MAAM,QAAQ,GAAG,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QACpD,MAAM,OAAO,GAAG,cAAc,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC;QAE5F,IAAI,CAAC,QAAQ,IAAI,CAAC,OAAO,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CACb,oEAAoE,GAAG,cAAc,CACtF,CAAC;QACJ,CAAC;QAED,8BAA8B;QAC9B,MAAM,YAAY,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QACzD,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;YACxE,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC9C,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,gBAAgB,CAAC,OAAe;IACpD,IAAI,OAAiB,CAAC;IAEtB,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5B,uDAAuD;QACvD,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAChC,CAAC;SAAM,CAAC;QACN,MAAM,YAAY,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QAC1C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,8BAA8B,OAAO,EAAE,CAAC,CAAC;QAC3D,CAAC;QACD,sCAAsC;QACtC,kBAAkB,CAAC,YAAY,CAAC,CAAC;QACjC,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAEvC,uBAAuB;QACvB,iEAAiE;QACjE,4CAA4C;QAC5C,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,OAAO,GAAG,MAAM,CAAC;QACnB,CAAC;aAAM,IAAI,MAAM,CAAC,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/D,OAAO,GAAG,MAAM,CAAC,SAAS,CAAC;QAC7B,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,OAAO,iBAAO,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACzD,CAAC;AAEM,KAAK,UAAU,gBAAgB,CACpC,IAAsB,EACtB,GAAW;IAEX,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;QAC3C,OAAO,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;IACrC,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;AACpD,CAAC;AAEM,KAAK,UAAU,2BAA2B,CAC/C,eAAgC,EAChC,MAAe;IAEf,MAAM,MAAM,GAAG,MAAM,IAAA,sCAA4B,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpE,MAAM,SAAS,GAAG,IAAA,uBAAiB,EAAC,MAAM,CAAC,CAAC;IAC5C,MAAM,UAAU,GAAG,IAAI,mBAAU,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE;QAC/C,OAAO,CACL,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YACpE,OAAO,CAAC,CAAC,CAAC,CACX,CAAC;IACJ,CAAC,CAAC,CAAC;IACH,IAAA,+BAAsB,EAAC,UAAU,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,IAAI,qBAAc,CAAC,UAAU,CAAC,CAAC;IAClD,MAAM,cAAc,GAAG,MAAM,UAAU,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAC;IAC9E,MAAM,OAAO,GAAG,UAAU,CAAC,4BAA4B,CAAC,cAAc,CAAC,CAAC;IAExE,OAAO,CACL,OAAO,CAAC,mBAAmB,CAAC;QAC5B,OAAO,CAAC,mBAAmB,CAAC;QAC5B,OAAO,CAAC,mBAAmB,CAAC;QAC5B,OAAO,CAAC,WAAW,CAAC;QACpB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAC/D,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@1ly/mcp-server",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.5",
|
|
4
4
|
"description": "MCP server for 1ly.store - Discover and pay for APIs with AI agents",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -66,5 +66,8 @@
|
|
|
66
66
|
"tsx": "^4.21.0",
|
|
67
67
|
"typescript": "^5.0.0",
|
|
68
68
|
"vitest": "^2.0.0"
|
|
69
|
+
},
|
|
70
|
+
"overrides": {
|
|
71
|
+
"borsh": "^2.0.0"
|
|
69
72
|
}
|
|
70
73
|
}
|