@agenticvault/agentic-vault 0.1.0

package/README.zh-CN.md

@@ -0,0 +1,163 @@
+<!-- Source: README.md | Commit: 96a8dcc | Last synced: 2026-02-16 -->
+
+# Agentic Vault
+
+[![npm version](https://img.shields.io/npm/v/@agenticvault/agentic-vault)](https://www.npmjs.com/package/@agenticvault/agentic-vault)
+[![CI](https://github.com/agenticvault/agentic-vault/actions/workflows/ci.yml/badge.svg)](https://github.com/agenticvault/agentic-vault/actions/workflows/ci.yml)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+[English](README.md) | [繁體中文](README.zh-TW.md) | 简体中文 | [日本語](README.ja.md) | [한국어](README.ko.md)
+
+基于 AWS KMS 的服务器端 EVM 签名，内建 DeFi 协议解析。通过 MCP、CLI 或 OpenClaw 将钱包暴露给 AI 代理，搭配默认拒绝的策略引擎与完整审计日志。
+
+## 为什么选择 Agentic Vault
+
+AI 代理需要签署区块链交易，但直接给予私钥非常危险。Agentic Vault 将密钥保存在 AWS KMS（HSM）中，并提供策略引擎限制代理可签署的操作范围。代理只看到高级工具（`sign_swap`、`sign_permit`），私钥永远不会离开硬件。
+
+## 特性
+
+- **HSM 安全签名** -- 私钥永远不离开 AWS KMS，仅传送摘要进行签署
+- **DeFi 协议感知** -- 支持 ERC-20、Uniswap V3、Aave V3 的 calldata 解码与协议专属策略规则
+- **默认拒绝策略引擎** -- 链 ID、合约、选择器、金额、期限及协议层级约束
+- **多种接口** -- 可作为 TypeScript 库、CLI、MCP 服务器或 OpenClaw 插件使用
+- **审计日志** -- 每次签名操作（批准、拒绝、错误）皆有结构化 JSON 审计记录
+- **EVM 原生** -- 基于 [viem](https://viem.sh) 构建，完整支持 EIP-712 类型化数据
+
+## 快速开始
+
+```bash
+npm install @agenticvault/agentic-vault
+```
+
+```typescript
+import { createSigningProvider, EvmSignerAdapter } from '@agenticvault/agentic-vault';
+
+const provider = createSigningProvider({
+  provider: 'aws-kms',
+  keyId: 'arn:aws:kms:us-east-1:123456789:key/your-key-id',
+  region: 'us-east-1',
+});
+
+const signer = new EvmSignerAdapter(provider);
+const address = await signer.getAddress();
+```
+
+无需 AWS 的快速测试，可使用 `dry-run` 模式（仅解码 + 策略检查，不签名）：
+
+```bash
+npx agentic-vault dry-run --chain-id 1 --to 0xa0b869... --data 0x095ea7b3...
+```
+
+密钥创建与 IAM 配置请参阅 [AWS KMS 配置指南](docs/guides/aws-kms-setup.md)。
+
+## 接口
+
+| 接口 | 使用场景 | 需要 AWS |
+|------|----------|:---:|
+| TypeScript 库 | 将签名功能嵌入应用程序 | 是 |
+| CLI | 命令行签名 + 模拟执行 | 部分 |
+| MCP 服务器 | 将钱包暴露给 AI 代理（Claude 等） | 是 |
+| OpenClaw 插件 | 作为 OpenClaw 代理工具使用 | 是 |
+
+使用示例与配置请参阅[接口指南](docs/guides/interfaces.md)。
+
+## 支持的协议
+
+| 协议 | 操作 | 解码器 | 策略评估器 |
+|------|------|:---:|:---:|
+| ERC-20 | `approve`、`transfer` | 有 | 有（授权上限、spender 白名单） |
+| Uniswap V3 | `exactInputSingle` | 有 | 有（代币对、滑点、接收者） |
+| Aave V3 | `supply`、`borrow`、`repay`、`withdraw` | 有 | 有（资产白名单、利率模式） |
+
+未知 calldata 一律拒绝（失败关闭）。Dispatcher 使用两阶段解析：先依合约地址，再依选择器回退（如 ERC-20）。
+
+## 配置
+
+策略引擎使用 JSON 配置文件。未提供配置文件时，所有受策略管控的签名操作皆被拒绝（默认拒绝）。
+
+完整结构与示例请参阅[策略参考文档](docs/reference/policy.md)，或从 [`policy.example.json`](policy.example.json) 开始。
+
+## 安全模型
+
+### 信任边界
+
+```
+ AI 代理（Claude / MCP Client / OpenClaw）
+          |
+          | MCP Protocol / OpenClaw Plugin API
+          v
+ +------------------------------------+
+ |   Agentic Vault                    |
+ |  +-----------+ +--------+ +-----+ |
+ |  | Protocol  | | Policy | | Audit| |
+ |  | Dispatcher| | Engine | | Sink | |
+ |  +-----------+ +--------+ +-----+ |
+ |          |                         |
+ |  +--------------------+           |
+ |  | EvmSignerAdapter   |           |
+ |  +--------------------+           |
+ +-----------|------------------------+
+             | 仅传送摘要
+             v
+ +------------------------------------+
+ |       AWS KMS (HSM)                |
+ |   私钥永远不离开                     |
+ +------------------------------------+
+```
+
+### 核心原则
+
+| 原则 | 说明 |
+|------|------|
+| 密钥隔离 | 私钥保留在 HSM 中，仅传送 32 字节摘要进行签名 |
+| 默认拒绝 | 策略引擎拒绝所有未明确允许的请求 |
+| 失败关闭 | 未知 calldata 一律拒绝；已知协议但无评估器也拒绝 |
+| 审计追踪 | 每次操作以结构化 JSON 记录至 stderr，含调用者标记 |
+| 最小暴露面 | 原始签名工具（`sign_transaction`、`sign_typed_data`）默认禁用 |
+
+## Claude Code 插件
+
+4 个技能通过 MCP 工具与钱包交互，绝不直接访问密钥。
+
+| 技能 | 说明 |
+|------|------|
+| `sign-swap` | 协调 swap 签名操作 |
+| `sign-permit` | 协调 EIP-2612 permit 签名 |
+| `check-wallet` | 检查钱包地址与健康状态 |
+| `audit-log` | 查询审计日志 |
+
+## 包导出
+
+| 子路径 | 内容 | MCP 依赖 |
+|--------|------|:-:|
+| `@agenticvault/agentic-vault` | 核心签名（SigningProvider、EvmSignerAdapter、factory） | 无 |
+| `@agenticvault/agentic-vault/protocols` | 协议解码器、dispatcher、PolicyEngine V2、workflows | 无 |
+| `@agenticvault/agentic-vault/agentic` | MCP 服务器、审计日志记录器 | 有 |
+
+## 文档
+
+| 文档 | 说明 |
+|------|------|
+| [接口指南](docs/guides/interfaces.md) | TypeScript、CLI、MCP、OpenClaw 使用方式 |
+| [策略参考](docs/reference/policy.md) | 策略 JSON 结构、字段与示例 |
+| [AWS KMS 配置](docs/guides/aws-kms-setup.md) | 密钥创建、IAM 策略、认证方式 |
+| [OpenClaw 插件](packages/openclaw-plugin/) | OpenClaw 插件包与配置 |
+| [架构决策](docs/project/adrs/ADR-001-architecture-decisions.md) | 关键设计决策的 ADR |
+| [贡献指南](CONTRIBUTING.md) | 开发流程与规范 |
+
+## 路线图
+
+- 更多签名提供者（GCP KMS、HashiCorp Vault）
+- 更多协议解码器（Curve、Compound V3）
+- 多重签名支持
+- 远程 MCP 服务器模式（HTTP 传输 + OAuth 2.1）
+
+## 贡献
+
+请参阅 [CONTRIBUTING.md](CONTRIBUTING.md) 了解开发流程、分支命名与提交规范。
+
+本项目遵循 [Contributor Covenant 行为准则](CODE_OF_CONDUCT.md)。
+
+## 许可证
+
+[MIT](LICENSE)

package/README.zh-TW.md

@@ -0,0 +1,163 @@
+<!-- Source: README.md | Commit: 96a8dcc | Last synced: 2026-02-16 -->
+
+# Agentic Vault
+
+[![npm version](https://img.shields.io/npm/v/@agenticvault/agentic-vault)](https://www.npmjs.com/package/@agenticvault/agentic-vault)
+[![CI](https://github.com/agenticvault/agentic-vault/actions/workflows/ci.yml/badge.svg)](https://github.com/agenticvault/agentic-vault/actions/workflows/ci.yml)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+[English](README.md) | 繁體中文 | [简体中文](README.zh-CN.md) | [日本語](README.ja.md) | [한국어](README.ko.md)
+
+以 AWS KMS 進行伺服器端 EVM 簽章，內建 DeFi 協議解析。透過 MCP、CLI 或 OpenClaw 將錢包暴露給 AI 代理，搭配預設拒絕的策略引擎與完整稽核日誌。
+
+## 為什麼選擇 Agentic Vault
+
+AI 代理需要簽署區塊鏈交易，但直接給予私鑰非常危險。Agentic Vault 將金鑰保存在 AWS KMS（HSM）中，並提供策略引擎限制代理可簽署的操作範圍。代理只看到高階工具（`sign_swap`、`sign_permit`），私鑰永遠不會離開硬體。
+
+## 特色
+
+- **HSM 安全簽章** -- 私鑰永遠不離開 AWS KMS，僅傳送摘要進行簽署
+- **DeFi 協議感知** -- 支援 ERC-20、Uniswap V3、Aave V3 的 calldata 解碼與協議專屬策略規則
+- **預設拒絕策略引擎** -- 鏈 ID、合約、選擇器、金額、期限及協議層級約束
+- **多種介面** -- 可作為 TypeScript 函式庫、CLI、MCP 伺服器或 OpenClaw 插件使用
+- **稽核日誌** -- 每次簽署操作（核准、拒絕、錯誤）皆有結構化 JSON 稽核紀錄
+- **EVM 原生** -- 基於 [viem](https://viem.sh) 建構，完整支援 EIP-712 型別化資料
+
+## 快速開始
+
+```bash
+npm install @agenticvault/agentic-vault
+```
+
+```typescript
+import { createSigningProvider, EvmSignerAdapter } from '@agenticvault/agentic-vault';
+
+const provider = createSigningProvider({
+  provider: 'aws-kms',
+  keyId: 'arn:aws:kms:us-east-1:123456789:key/your-key-id',
+  region: 'us-east-1',
+});
+
+const signer = new EvmSignerAdapter(provider);
+const address = await signer.getAddress();
+```
+
+無需 AWS 的快速測試，可使用 `dry-run` 模式（僅解碼 + 策略檢查，不簽署）：
+
+```bash
+npx agentic-vault dry-run --chain-id 1 --to 0xa0b869... --data 0x095ea7b3...
+```
+
+金鑰建立與 IAM 設定請參閱 [AWS KMS 設定指南](docs/guides/aws-kms-setup.md)。
+
+## 介面
+
+| 介面 | 使用情境 | 需要 AWS |
+|------|----------|:---:|
+| TypeScript 函式庫 | 將簽署功能嵌入應用程式 | 是 |
+| CLI | 命令列簽署 + 模擬執行 | 部分 |
+| MCP 伺服器 | 將錢包暴露給 AI 代理（Claude 等） | 是 |
+| OpenClaw 插件 | 作為 OpenClaw 代理工具使用 | 是 |
+
+使用範例與設定請參閱[介面指南](docs/guides/interfaces.md)。
+
+## 支援的協議
+
+| 協議 | 操作 | 解碼器 | 策略評估器 |
+|------|------|:---:|:---:|
+| ERC-20 | `approve`、`transfer` | 有 | 有（授權上限、spender 白名單） |
+| Uniswap V3 | `exactInputSingle` | 有 | 有（代幣對、滑點、接收者） |
+| Aave V3 | `supply`、`borrow`、`repay`、`withdraw` | 有 | 有（資產白名單、利率模式） |
+
+未知 calldata 一律拒絕（失敗關閉）。Dispatcher 使用兩階段解析：先依合約地址，再依選擇器回退（如 ERC-20）。
+
+## 設定
+
+策略引擎使用 JSON 設定檔。未提供設定檔時，所有受策略管控的簽署操作皆被拒絕（預設拒絕）。
+
+完整結構與範例請參閱[策略參考文件](docs/reference/policy.md)，或從 [`policy.example.json`](policy.example.json) 開始。
+
+## 安全模型
+
+### 信任邊界
+
+```
+ AI 代理（Claude / MCP Client / OpenClaw）
+          |
+          | MCP Protocol / OpenClaw Plugin API
+          v
+ +------------------------------------+
+ |   Agentic Vault                    |
+ |  +-----------+ +--------+ +-----+ |
+ |  | Protocol  | | Policy | | Audit| |
+ |  | Dispatcher| | Engine | | Sink | |
+ |  +-----------+ +--------+ +-----+ |
+ |          |                         |
+ |  +--------------------+           |
+ |  | EvmSignerAdapter   |           |
+ |  +--------------------+           |
+ +-----------|------------------------+
+             | 僅傳送摘要
+             v
+ +------------------------------------+
+ |       AWS KMS (HSM)                |
+ |   私鑰永遠不離開                     |
+ +------------------------------------+
+```
+
+### 核心原則
+
+| 原則 | 說明 |
+|------|------|
+| 金鑰隔離 | 私鑰保留在 HSM 中，僅傳送 32 位元摘要進行簽署 |
+| 預設拒絕 | 策略引擎拒絕所有未明確允許的請求 |
+| 失敗關閉 | 未知 calldata 一律拒絕；已知協議但無評估器也拒絕 |
+| 稽核軌跡 | 每次操作以結構化 JSON 記錄至 stderr，含呼叫者標記 |
+| 最小暴露面 | 原始簽署工具（`sign_transaction`、`sign_typed_data`）預設停用 |
+
+## Claude Code 插件
+
+4 個技能透過 MCP 工具與錢包互動，絕不直接存取金鑰。
+
+| 技能 | 說明 |
+|------|------|
+| `sign-swap` | 協調 swap 簽署操作 |
+| `sign-permit` | 協調 EIP-2612 permit 簽署 |
+| `check-wallet` | 檢查錢包地址與健康狀態 |
+| `audit-log` | 查詢稽核日誌 |
+
+## 套件匯出
+
+| 子路徑 | 內容 | MCP 依賴 |
+|--------|------|:-:|
+| `@agenticvault/agentic-vault` | 核心簽署（SigningProvider、EvmSignerAdapter、factory） | 無 |
+| `@agenticvault/agentic-vault/protocols` | 協議解碼器、dispatcher、PolicyEngine V2、workflows | 無 |
+| `@agenticvault/agentic-vault/agentic` | MCP 伺服器、稽核日誌記錄器 | 有 |
+
+## 文件
+
+| 文件 | 說明 |
+|------|------|
+| [介面指南](docs/guides/interfaces.md) | TypeScript、CLI、MCP、OpenClaw 使用方式 |
+| [策略參考](docs/reference/policy.md) | 策略 JSON 結構、欄位與範例 |
+| [AWS KMS 設定](docs/guides/aws-kms-setup.md) | 金鑰建立、IAM 策略、驗證方式 |
+| [OpenClaw 插件](packages/openclaw-plugin/) | OpenClaw 插件套件與設定 |
+| [架構決策](docs/project/adrs/ADR-001-architecture-decisions.md) | 關鍵設計決策的 ADR |
+| [貢獻指南](CONTRIBUTING.md) | 開發流程與規範 |
+
+## 路線圖
+
+- 更多簽署提供者（GCP KMS、HashiCorp Vault）
+- 更多協議解碼器（Curve、Compound V3）
+- 多重簽章支援
+- 遠端 MCP 伺服器模式（HTTP 傳輸 + OAuth 2.1）
+
+## 貢獻
+
+請參閱 [CONTRIBUTING.md](CONTRIBUTING.md) 了解開發流程、分支命名與提交規範。
+
+本專案遵循 [Contributor Covenant 行為準則](CODE_OF_CONDUCT.md)。
+
+## 授權
+
+[MIT](LICENSE)

package/dist/agentic/audit/logger.d.ts

@@ -0,0 +1,7 @@
+import { type AuditEntry } from './types.js';
+export declare class AuditLogger {
+    private readonly output;
+    constructor(output?: NodeJS.WritableStream);
+    log(entry: Omit<AuditEntry, 'timestamp' | 'traceId'>): AuditEntry;
+    createTraceId(): string;
+}

package/dist/agentic/audit/logger.js

@@ -0,0 +1,19 @@
+export class AuditLogger {
+    output;
+    constructor(output) {
+        this.output = output ?? process.stderr;
+    }
+    log(entry) {
+        const full = {
+            timestamp: new Date().toISOString(),
+            traceId: this.createTraceId(),
+            ...entry,
+        };
+        this.output.write(JSON.stringify(full) + '\n');
+        return full;
+    }
+    createTraceId() {
+        return crypto.randomUUID();
+    }
+}
+//# sourceMappingURL=logger.js.map

package/dist/agentic/audit/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../../src/agentic/audit/logger.ts"],"names":[],"mappings":"AAEA,MAAM,OAAO,WAAW;IACL,MAAM,CAAwB;IAE/C,YAAY,MAA8B;QACxC,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IACzC,CAAC;IAED,GAAG,CAAC,KAAgD;QAClD,MAAM,IAAI,GAAe;YACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,OAAO,EAAE,IAAI,CAAC,aAAa,EAAE;YAC7B,GAAG,KAAK;SACT,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;QAC/C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa;QACX,OAAO,MAAM,CAAC,UAAU,EAAE,CAAC;IAC7B,CAAC;CACF"}

package/dist/agentic/audit/types.d.ts

@@ -0,0 +1,11 @@
+export interface AuditEntry {
+    timestamp: string;
+    traceId: string;
+    service: string;
+    action: string;
+    who: string;
+    what: string;
+    why: string;
+    result: 'approved' | 'denied' | 'error';
+    details?: Record<string, unknown>;
+}

package/dist/agentic/audit/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/agentic/audit/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/agentic/audit/types.ts"],"names":[],"mappings":""}

package/dist/agentic/cli.d.ts

@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+export declare function parseArgs(argv: string[]): {
+    keyId: string;
+    region: string;
+    expectedAddress?: string;
+    unsafeRawSign: boolean;
+    policyConfig?: string;
+};

package/dist/agentic/cli.js

@@ -0,0 +1,87 @@
+#!/usr/bin/env node
+import { createSigningProvider, EvmSignerAdapter, } from '../index.js';
+import { PolicyEngine, erc20Evaluator, uniswapV3Evaluator, aaveV3Evaluator, loadPolicyConfigFromFile, } from '../protocols/index.js';
+import { AuditLogger } from './audit/logger.js';
+import { startStdioServer } from './mcp/server.js';
+export function parseArgs(argv) {
+    let keyId = '';
+    let region = '';
+    let expectedAddress;
+    let unsafeRawSign = false;
+    let policyConfig;
+    for (let i = 2; i < argv.length; i++) {
+        const arg = argv[i];
+        switch (arg) {
+            case '--key-id':
+                keyId = argv[++i];
+                break;
+            case '--region':
+                region = argv[++i];
+                break;
+            case '--expected-address':
+                expectedAddress = argv[++i];
+                break;
+            case '--unsafe-raw-sign':
+                unsafeRawSign = true;
+                break;
+            case '--policy-config':
+                policyConfig = argv[++i];
+                break;
+            default:
+                // Ignore unknown arguments
+                break;
+        }
+    }
+    if (!keyId)
+        keyId = process.env.VAULT_KEY_ID ?? '';
+    if (!region)
+        region = process.env.VAULT_REGION ?? '';
+    if (!keyId)
+        throw new Error('--key-id or VAULT_KEY_ID environment variable is required');
+    if (!region)
+        throw new Error('--region or VAULT_REGION environment variable is required');
+    return { keyId, region, expectedAddress, unsafeRawSign, policyConfig };
+}
+const DEFAULT_POLICY = {
+    allowedChainIds: [],
+    allowedContracts: [],
+    allowedSelectors: [],
+    maxAmountWei: 0n,
+    maxDeadlineSeconds: 0,
+};
+async function main() {
+    const args = parseArgs(process.argv);
+    // Create signer via factory
+    const provider = createSigningProvider({
+        provider: 'aws-kms',
+        keyId: args.keyId,
+        region: args.region,
+    });
+    const signer = new EvmSignerAdapter(provider, {
+        expectedAddress: args.expectedAddress,
+    });
+    // Create policy engine
+    const policyConfig = args.policyConfig
+        ? loadPolicyConfigFromFile(args.policyConfig)
+        : DEFAULT_POLICY;
+    const policyEngine = new PolicyEngine(policyConfig, [erc20Evaluator, uniswapV3Evaluator, aaveV3Evaluator]);
+    // Create audit logger
+    const auditLogger = new AuditLogger();
+    // Start MCP stdio server
+    await startStdioServer({
+        signer,
+        policyEngine,
+        auditLogger,
+        unsafeRawSign: args.unsafeRawSign,
+    });
+}
+main().catch((error) => {
+    process.stderr.write(JSON.stringify({
+        timestamp: new Date().toISOString(),
+        service: 'agentic-vault-mcp',
+        level: 'error',
+        message: error instanceof Error ? error.message : String(error),
+    }) + '\n');
+    process.exit(1);
+});
+//# sourceMappingURL=cli.js.map

package/dist/agentic/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/agentic/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EACL,qBAAqB,EACrB,gBAAgB,GAEjB,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,YAAY,EAEZ,cAAc,EACd,kBAAkB,EAClB,eAAe,EACf,wBAAwB,GACzB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAEnD,MAAM,UAAU,SAAS,CAAC,IAAc;IAOtC,IAAI,KAAK,GAAG,EAAE,CAAC;IACf,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,eAAmC,CAAC;IACxC,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,IAAI,YAAgC,CAAC;IAErC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,UAAU;gBACb,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBAClB,MAAM;YACR,KAAK,UAAU;gBACb,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBACnB,MAAM;YACR,KAAK,oBAAoB;gBACvB,eAAe,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC5B,MAAM;YACR,KAAK,mBAAmB;gBACtB,aAAa,GAAG,IAAI,CAAC;gBACrB,MAAM;YACR,KAAK,iBAAiB;gBACpB,YAAY,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBACzB,MAAM;YACR;gBACE,2BAA2B;gBAC3B,MAAM;QACV,CAAC;IACH,CAAC;IAED,IAAI,CAAC,KAAK;QAAE,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC;IACnD,IAAI,CAAC,MAAM;QAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC;IAErD,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;IACzF,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;IAE1F,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC;AACzE,CAAC;AAED,MAAM,cAAc,GAAmB;IACrC,eAAe,EAAE,EAAE;IACnB,gBAAgB,EAAE,EAAE;IACpB,gBAAgB,EAAE,EAAE;IACpB,YAAY,EAAE,EAAE;IAChB,kBAAkB,EAAE,CAAC;CACtB,CAAC;AAEF,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAErC,4BAA4B;IAC5B,MAAM,QAAQ,GAAG,qBAAqB,CAAC;QACrC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,MAAM,EAAE,IAAI,CAAC,MAAM;KACpB,CAAC,CAAC;IACH,MAAM,MAAM,GAAkB,IAAI,gBAAgB,CAAC,QAAQ,EAAE;QAC3D,eAAe,EAAE,IAAI,CAAC,eAA4C;KACnE,CAAC,CAAC;IAEH,uBAAuB;IACvB,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY;QACpC,CAAC,CAAC,wBAAwB,CAAC,IAAI,CAAC,YAAY,CAAC;QAC7C,CAAC,CAAC,cAAc,CAAC;IACnB,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC,YAAY,EAAE,CAAC,cAAc,EAAE,kBAAkB,EAAE,eAAe,CAAC,CAAC,CAAC;IAE3G,sBAAsB;IACtB,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;IAEtC,yBAAyB;IACzB,MAAM,gBAAgB,CAAC;QACrB,MAAM;QACN,YAAY;QACZ,WAAW;QACX,aAAa,EAAE,IAAI,CAAC,aAAa;KAClC,CAAC,CAAC;AACL,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,IAAI,CAAC,SAAS,CAAC;QACb,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,mBAAmB;QAC5B,KAAK,EAAE,OAAO;QACd,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;KAChE,CAAC,GAAG,IAAI,CACV,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/agentic/index.d.ts

@@ -0,0 +1,5 @@
+export { PolicyEngine } from '../protocols/index.js';
+export type { PolicyConfig, PolicyRequest, PolicyEvaluation, PolicyConfigV2, PolicyRequestV2, ProtocolPolicyConfig, ProtocolPolicyEvaluator, } from '../protocols/index.js';
+export { AuditLogger } from './audit/logger.js';
+export type { AuditEntry } from './audit/types.js';
+export { createMcpServer, startStdioServer } from './mcp/server.js';

package/dist/agentic/index.js

@@ -0,0 +1,7 @@
+// ─── Policy Engine (deprecated — use @agenticvault/agentic-vault/protocols) ───
+export { PolicyEngine } from '../protocols/index.js';
+// ─── Audit Logger ───
+export { AuditLogger } from './audit/logger.js';
+// ─── MCP Server ───
+export { createMcpServer, startStdioServer } from './mcp/server.js';
+//# sourceMappingURL=index.js.map

package/dist/agentic/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/agentic/index.ts"],"names":[],"mappings":"AAAA,iFAAiF;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAWrD,uBAAuB;AACvB,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAGhD,qBAAqB;AACrB,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/agentic/mcp/server.d.ts

@@ -0,0 +1,8 @@
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { type RegisterToolsOptions, type ToolContext } from './tools/index.js';
+export interface McpServerOptions extends ToolContext, RegisterToolsOptions {
+    name?: string;
+    version?: string;
+}
+export declare function createMcpServer(options: McpServerOptions): McpServer;
+export declare function startStdioServer(options: McpServerOptions): Promise<McpServer>;

package/dist/agentic/mcp/server.js

@@ -0,0 +1,25 @@
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { ProtocolDispatcher, createDefaultRegistry } from '../../protocols/index.js';
+import { registerTools } from './tools/index.js';
+export function createMcpServer(options) {
+    const server = new McpServer({
+        name: options.name ?? 'agentic-vault-mcp',
+        version: options.version ?? '0.3.0',
+    });
+    const ctx = {
+        signer: options.signer,
+        policyEngine: options.policyEngine,
+        auditLogger: options.auditLogger,
+        dispatcher: options.dispatcher ?? new ProtocolDispatcher(createDefaultRegistry()),
+    };
+    registerTools(server, ctx, { unsafeRawSign: options.unsafeRawSign });
+    return server;
+}
+export async function startStdioServer(options) {
+    const server = createMcpServer(options);
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    return server;
+}
+//# sourceMappingURL=server.js.map

package/dist/agentic/mcp/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../src/agentic/mcp/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACrF,OAAO,EAAE,aAAa,EAA+C,MAAM,kBAAkB,CAAC;AAO9F,MAAM,UAAU,eAAe,CAAC,OAAyB;IACvD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;QAC3B,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,mBAAmB;QACzC,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,OAAO;KACpC,CAAC,CAAC;IAEH,MAAM,GAAG,GAAgB;QACvB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,IAAI,kBAAkB,CAAC,qBAAqB,EAAE,CAAC;KAClF,CAAC;IAEF,aAAa,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,aAAa,EAAE,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;IAErE,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAyB;IAC9D,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/agentic/mcp/tools/decoded-call-pipeline.d.ts

@@ -0,0 +1,14 @@
+import { type ToolContext } from './shared.js';
+import { type McpToolResult } from './result-adapter.js';
+interface DecodedCallArgs {
+    chainId: number;
+    to: string;
+    data: string;
+    value?: string;
+}
+/**
+ * MCP adapter for decoded-call signing workflow.
+ * Delegates to signDefiCall() and converts WorkflowResult to MCP format.
+ */
+export declare function executeDecodedCallPipeline(ctx: ToolContext, toolName: string, args: DecodedCallArgs): Promise<McpToolResult>;
+export {};

package/dist/agentic/mcp/tools/decoded-call-pipeline.js

@@ -0,0 +1,18 @@
+import { signDefiCall } from '../../../protocols/index.js';
+import { toMcpResult } from './result-adapter.js';
+/**
+ * MCP adapter for decoded-call signing workflow.
+ * Delegates to signDefiCall() and converts WorkflowResult to MCP format.
+ */
+export async function executeDecodedCallPipeline(ctx, toolName, args) {
+    const result = await signDefiCall({
+        signer: ctx.signer,
+        policyEngine: ctx.policyEngine,
+        auditSink: ctx.auditLogger,
+        dispatcher: ctx.dispatcher,
+        caller: 'mcp-client',
+        service: 'agentic-vault-mcp',
+    }, toolName, args);
+    return toMcpResult(result);
+}
+//# sourceMappingURL=decoded-call-pipeline.js.map

package/dist/agentic/mcp/tools/decoded-call-pipeline.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decoded-call-pipeline.js","sourceRoot":"","sources":["../../../../src/agentic/mcp/tools/decoded-call-pipeline.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAsB,MAAM,qBAAqB,CAAC;AAStE;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,GAAgB,EAChB,QAAgB,EAChB,IAAqB;IAErB,MAAM,MAAM,GAAG,MAAM,YAAY,CAC/B;QACE,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,YAAY,EAAE,GAAG,CAAC,YAAY;QAC9B,SAAS,EAAE,GAAG,CAAC,WAAW;QAC1B,UAAU,EAAE,GAAG,CAAC,UAAU;QAC1B,MAAM,EAAE,YAAY;QACpB,OAAO,EAAE,mBAAmB;KAC7B,EACD,QAAQ,EACR,IAAI,CACL,CAAC;IACF,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC;AAC7B,CAAC"}

package/dist/agentic/mcp/tools/get-address.d.ts

@@ -0,0 +1,3 @@
+import { type McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { type ToolContext } from './shared.js';
+export declare function registerGetAddress(server: McpServer, ctx: ToolContext): void;

package/dist/agentic/mcp/tools/get-address.js

@@ -0,0 +1,25 @@
+import { getAddressWorkflow } from '../../../protocols/index.js';
+export function registerGetAddress(server, ctx) {
+    server.registerTool('get_address', {
+        description: 'Get the wallet address managed by this vault',
+    }, async () => {
+        const result = await getAddressWorkflow({
+            signer: ctx.signer,
+            policyEngine: ctx.policyEngine,
+            auditSink: ctx.auditLogger,
+            caller: 'mcp-client',
+            service: 'agentic-vault-mcp',
+        });
+        switch (result.status) {
+            case 'approved':
+                return { content: [{ type: 'text', text: result.data }] };
+            case 'error':
+                return { content: [{ type: 'text', text: `Error: ${result.reason}` }], isError: true };
+            case 'denied':
+                return { content: [{ type: 'text', text: `Error: ${result.reason}` }], isError: true };
+            default:
+                return { content: [{ type: 'text', text: 'Unexpected result' }], isError: true };
+        }
+    });
+}
+//# sourceMappingURL=get-address.js.map

package/dist/agentic/mcp/tools/get-address.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-address.js","sourceRoot":"","sources":["../../../../src/agentic/mcp/tools/get-address.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAEjE,MAAM,UAAU,kBAAkB,CAAC,MAAiB,EAAE,GAAgB;IACpE,MAAM,CAAC,YAAY,CAAC,aAAa,EAAE;QACjC,WAAW,EAAE,8CAA8C;KAC5D,EAAE,KAAK,IAAI,EAAE;QACZ,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC;YACtC,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;YAC9B,SAAS,EAAE,GAAG,CAAC,WAAW;YAC1B,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,mBAAmB;SAC7B,CAAC,CAAC;QAEH,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;YACtB,KAAK,UAAU;gBACb,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YACrE,KAAK,OAAO;gBACV,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,UAAU,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAClG,KAAK,QAAQ;gBACX,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,UAAU,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAClG;gBACE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,mBAAmB,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC9F,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/agentic/mcp/tools/health-check.d.ts

@@ -0,0 +1,3 @@
+import { type McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { type ToolContext } from './shared.js';
+export declare function registerHealthCheck(server: McpServer, ctx: ToolContext): void;

package/dist/agentic/mcp/tools/health-check.js

@@ -0,0 +1,25 @@
+import { healthCheckWorkflow } from '../../../protocols/index.js';
+export function registerHealthCheck(server, ctx) {
+    server.registerTool('health_check', {
+        description: 'Check the health status of the vault signer',
+    }, async () => {
+        const result = await healthCheckWorkflow({
+            signer: ctx.signer,
+            policyEngine: ctx.policyEngine,
+            auditSink: ctx.auditLogger,
+            caller: 'mcp-client',
+            service: 'agentic-vault-mcp',
+        });
+        switch (result.status) {
+            case 'approved':
+                return { content: [{ type: 'text', text: result.data }] };
+            case 'error':
+                return { content: [{ type: 'text', text: JSON.stringify({ status: 'unhealthy', error: result.reason }) }], isError: true };
+            case 'denied':
+                return { content: [{ type: 'text', text: JSON.stringify({ status: 'unhealthy', error: result.reason }) }], isError: true };
+            default:
+                return { content: [{ type: 'text', text: JSON.stringify({ status: 'unhealthy', error: 'Unexpected result' }) }], isError: true };
+        }
+    });
+}
+//# sourceMappingURL=health-check.js.map

package/dist/agentic/mcp/tools/health-check.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"health-check.js","sourceRoot":"","sources":["../../../../src/agentic/mcp/tools/health-check.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAElE,MAAM,UAAU,mBAAmB,CAAC,MAAiB,EAAE,GAAgB;IACrE,MAAM,CAAC,YAAY,CAAC,cAAc,EAAE;QAClC,WAAW,EAAE,6CAA6C;KAC3D,EAAE,KAAK,IAAI,EAAE;QACZ,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC;YACvC,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;YAC9B,SAAS,EAAE,GAAG,CAAC,WAAW;YAC1B,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,mBAAmB;SAC7B,CAAC,CAAC;QAEH,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;YACtB,KAAK,UAAU;gBACb,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YACrE,KAAK,OAAO;gBACV,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACtI,KAAK,QAAQ;gBACX,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACtI;gBACE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC9I,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}