@agentvault/agentvault 0.17.4 → 0.18.0

package/dist/index.js

@@ -46265,6 +46265,123 @@ var init_dist = __esm({
   }
 });
 
+// src/credential-store.ts
+var CredentialStore;
+var init_credential_store = __esm({
+  "src/credential-store.ts"() {
+    "use strict";
+    CredentialStore = class _CredentialStore {
+      /** Map<roomId, Map<credentialKey, RenterCredential>> */
+      _store = /* @__PURE__ */ new Map();
+      /** Seen nonces for replay prevention — bounded per room */
+      _seenNonces = /* @__PURE__ */ new Map();
+      static MAX_NONCES_PER_ROOM = 1e3;
+      constructor() {
+        const purge = () => this.purgeAll();
+        process.on("exit", purge);
+        process.on("SIGINT", () => {
+          purge();
+          process.exit(0);
+        });
+        process.on("SIGTERM", () => {
+          purge();
+          process.exit(0);
+        });
+      }
+      /**
+       * Check if a nonce has been seen (replay prevention).
+       * Returns true if the nonce is new (not a replay), false if seen before.
+       */
+      checkNonce(roomId, nonce) {
+        if (!nonce) return true;
+        let nonces = this._seenNonces.get(roomId);
+        if (!nonces) {
+          nonces = /* @__PURE__ */ new Set();
+          this._seenNonces.set(roomId, nonces);
+        }
+        if (nonces.has(nonce)) return false;
+        nonces.add(nonce);
+        if (nonces.size > _CredentialStore.MAX_NONCES_PER_ROOM) {
+          const iter = nonces.values();
+          for (let i2 = 0; i2 < 100; i2++) {
+            const val = iter.next().value;
+            if (val !== void 0) nonces.delete(val);
+          }
+        }
+        return true;
+      }
+      /** Store a credential for a room. */
+      grant(roomId, credential) {
+        let room = this._store.get(roomId);
+        if (!room) {
+          room = /* @__PURE__ */ new Map();
+          this._store.set(roomId, room);
+        }
+        room.set(credential.key, credential);
+      }
+      /** Revoke a specific credential. */
+      revoke(roomId, key) {
+        const room = this._store.get(roomId);
+        if (!room) return false;
+        return room.delete(key);
+      }
+      /** Revoke all credentials for a room. */
+      revokeAll(roomId) {
+        this._store.delete(roomId);
+      }
+      /** Get a credential value. */
+      get(roomId, key) {
+        return this._store.get(roomId)?.get(key);
+      }
+      /** Get all credentials for a room (values included — only for agent context injection). */
+      getAll(roomId) {
+        const room = this._store.get(roomId);
+        if (!room) return [];
+        return Array.from(room.values());
+      }
+      /** Get credential info without values (safe for logging). */
+      getInfo(roomId) {
+        const room = this._store.get(roomId);
+        if (!room) return [];
+        return Array.from(room.values()).map((c2) => ({
+          key: c2.key,
+          type: c2.type,
+          scope: c2.scope,
+          grantedAt: c2.grantedAt
+        }));
+      }
+      /** Check if a specific credential exists. */
+      has(roomId, key) {
+        return this._store.get(roomId)?.has(key) ?? false;
+      }
+      /** Get credential count for a room. */
+      count(roomId) {
+        return this._store.get(roomId)?.size ?? 0;
+      }
+      /** Purge all credentials for a room (rental end). */
+      purgeForRoom(roomId) {
+        this._store.delete(roomId);
+        this._seenNonces.delete(roomId);
+      }
+      /** Purge everything (process exit). */
+      purgeAll() {
+        this._store.clear();
+        this._seenNonces.clear();
+      }
+      /** Get a map of credential key → value for context injection. */
+      getCredentialMap(roomId) {
+        const room = this._store.get(roomId);
+        if (!room) return {};
+        const result = {};
+        for (const [key, cred] of room) {
+          result[key] = cred.value;
+        }
+        return result;
+      }
+    };
+  }
+});
+
 // src/crypto-helpers.ts
 var init_crypto_helpers = __esm({
   async "src/crypto-helpers.ts"() {
@@ -46934,12 +47051,13 @@ function migratePersistedState(raw) {
     messageHistory: []
   };
 }
-var ROOM_AGENT_TYPES, POLL_INTERVAL_MS, RECONNECT_BASE_MS, RECONNECT_MAX_MS, PENDING_POLL_INTERVAL_MS, SecureChannel;
+var ROOM_AGENT_TYPES, CREDENTIAL_MESSAGE_TYPES, POLL_INTERVAL_MS, RECONNECT_BASE_MS, RECONNECT_MAX_MS, PENDING_POLL_INTERVAL_MS, SecureChannel;
 var init_channel = __esm({
   async "src/channel.ts"() {
     "use strict";
     await init_libsodium_wrappers();
     await init_dist();
+    init_credential_store();
     await init_crypto_helpers();
     await init_state();
     init_transport2();
@@ -46950,6 +47068,11 @@ var init_channel = __esm({
       "decision_response",
       "artifact_share"
     ]);
+    CREDENTIAL_MESSAGE_TYPES = /* @__PURE__ */ new Set([
+      "credential_grant",
+      "credential_revoke",
+      "credential_request"
+    ]);
     POLL_INTERVAL_MS = 6e3;
     RECONNECT_BASE_MS = 1e3;
     RECONNECT_MAX_MS = 3e4;
@@ -46992,6 +47115,8 @@ var init_channel = __esm({
       _senderKeyChains = /* @__PURE__ */ new Map();
       /** Sender Key peer state — peer chains per room for decryption */
       _senderKeyStates = /* @__PURE__ */ new Map();
+      /** In-memory credential store for renter-provided credentials (never persisted). */
+      _credentialStore = new CredentialStore();
       /** Queued A2A messages for responder channels not yet activated (no first initiator message received). */
       _a2aPendingQueue = {};
       /** Dedup buffer for A2A message IDs (prevents double-delivery via direct + Redis) */
@@ -49778,6 +49903,14 @@ ${messageText}`;
           messageType = "message";
           messageText = plaintext;
         }
+        if (CREDENTIAL_MESSAGE_TYPES.has(messageType)) {
+          this._handleCredentialMessage(msgData.room_id, messageType, messageText, msgData.message_id);
+          if (msgData.created_at && this._persisted) {
+            this._persisted.lastMessageTimestamp = msgData.created_at;
+          }
+          await this._persistState();
+          return;
+        }
         if (!ROOM_AGENT_TYPES.has(messageType)) {
           return;
         }
@@ -49814,6 +49947,94 @@ ${messageText}`;
           console.error("[SecureChannel] onMessage callback error:", err);
         });
       }
+      /**
+       * Handle credential protocol messages (grant, revoke, request).
+       * These are intercepted before reaching the agent's onMessage callback.
+       */
+      _handleCredentialMessage(roomId, messageType, plaintext, messageId) {
+        try {
+          const payload = JSON.parse(plaintext);
+          if (messageType === "credential_grant") {
+            const grant = payload;
+            if (grant.nonce && !this._credentialStore.checkNonce(roomId, grant.nonce)) {
+              console.warn(`[SecureChannel] Credential grant replay detected for room ${roomId.slice(0, 8)}..., ignoring`);
+              return;
+            }
+            const keys = [];
+            for (const cred of grant.credentials || []) {
+              this._credentialStore.grant(roomId, {
+                key: cred.key,
+                value: cred.value,
+                type: cred.type,
+                scope: cred.scope,
+                grantedAt: grant.timestamp || (/* @__PURE__ */ new Date()).toISOString(),
+                agreementId: grant.agreement_id,
+                roomId
+              });
+              keys.push(cred.key);
+            }
+            console.log(
+              `[SecureChannel] Credentials granted for room ${roomId.slice(0, 8)}...: ${keys.join(", ")} (${keys.length} keys)`
+            );
+            this._sendCredentialAck(roomId, grant.agreement_id, keys, "stored");
+            this.emit("credentials_granted", { roomId, keys, agreementId: grant.agreement_id });
+          } else if (messageType === "credential_revoke") {
+            const revoke = payload;
+            const revoked = [];
+            for (const key of revoke.credential_keys || []) {
+              if (this._credentialStore.revoke(roomId, key)) {
+                revoked.push(key);
+              }
+            }
+            console.log(
+              `[SecureChannel] Credentials revoked for room ${roomId.slice(0, 8)}...: ${revoked.join(", ")} (reason: ${revoke.reason || "none"})`
+            );
+            this._sendCredentialAck(roomId, revoke.agreement_id, revoked, "revoked");
+            this.emit("credentials_revoked", { roomId, keys: revoked, agreementId: revoke.agreement_id });
+          }
+        } catch (err) {
+          console.error("[SecureChannel] Error handling credential message:", err);
+        }
+        if (messageId) {
+          this._sendAck(messageId);
+        }
+      }
+      /**
+       * Send a credential_ack back to a room.
+       */
+      _sendCredentialAck(roomId, agreementId, keys, ackStatus) {
+        const ack = JSON.stringify({
+          type: "credential_ack",
+          agreement_id: agreementId,
+          acknowledged_keys: keys,
+          status: ackStatus,
+          timestamp: (/* @__PURE__ */ new Date()).toISOString()
+        });
+        this.sendToRoom(roomId, ack, { messageType: "credential_ack" }).catch((err) => {
+          console.warn("[SecureChannel] Failed to send credential ACK:", err);
+        });
+      }
+      // --- Public credential accessors ---
+      /** Get a specific renter credential for a room. */
+      getCredential(roomId, key) {
+        return this._credentialStore.get(roomId, key);
+      }
+      /** Get all renter credentials for a room (includes values — for agent context). */
+      getCredentials(roomId) {
+        return this._credentialStore.getAll(roomId);
+      }
+      /** Get credential key→value map for a room (for context injection). */
+      getCredentialMap(roomId) {
+        return this._credentialStore.getCredentialMap(roomId);
+      }
+      /** Check if a specific credential exists for a room. */
+      hasCredential(roomId, key) {
+        return this._credentialStore.has(roomId, key);
+      }
+      /** Purge all credentials for a room (call on rental end). */
+      purgeRoomCredentials(roomId) {
+        this._credentialStore.purgeForRoom(roomId);
+      }
       /**
        * Find the pairwise conversation ID for a given sender in a room.
        */
@@ -49976,6 +50197,14 @@ ${messageText}`;
           messageType = "message";
           messageText = plaintext;
         }
+        if (CREDENTIAL_MESSAGE_TYPES.has(messageType)) {
+          this._handleCredentialMessage(msgData.room_id, messageType, messageText, msgData.message_id);
+          if (msgData.created_at && this._persisted) {
+            this._persisted.lastMessageTimestamp = msgData.created_at;
+          }
+          await this._persistState();
+          return;
+        }
         if (!ROOM_AGENT_TYPES.has(messageType)) {
           return;
         }
@@ -51007,6 +51236,20 @@ var init_fetch_interceptor = __esm({
   }
 });
 
+// src/openclaw-entry.ts
+var isUsingManagedRoutes;
+var init_openclaw_entry = __esm({
+  "src/openclaw-entry.ts"() {
+    "use strict";
+    init_account_config();
+    init_fetch_interceptor();
+    init_http_handlers();
+    init_openclaw_compat();
+    init_types();
+    isUsingManagedRoutes = false;
+  }
+});
+
 // ../../node_modules/zod/v3/helpers/util.js
 var util, objectUtil, ZodParsedType, getParsedType;
 var init_util = __esm({
@@ -76507,6 +76750,44 @@ var init_mcp_server2 = __esm({
   }
 });
 
+// src/mcp-handlers.ts
+function createMcpHandler(mcpServer, basePath = "/mcp") {
+  return (req, res, next) => {
+    const url2 = new URL(req.url ?? "/", `http://${req.headers.host ?? "localhost"}`);
+    const pathname = url2.pathname;
+    if (!pathname.startsWith(basePath)) {
+      if (next) next();
+      return;
+    }
+    if (!mcpServer) {
+      res.writeHead(503, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "MCP server not initialized" }));
+      return;
+    }
+    mcpServer.handleRequest(req, res).catch((err) => {
+      console.error("[MCP] Request handling error:", err);
+      if (!res.headersSent) {
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Internal MCP error" }));
+      }
+    });
+  };
+}
+function getMcpStatus(mcpServer) {
+  if (!mcpServer) {
+    return { mcp_enabled: false, mcp_skills_count: 0 };
+  }
+  return {
+    mcp_enabled: true,
+    mcp_skills_count: mcpServer.skillCount
+  };
+}
+var init_mcp_handlers = __esm({
+  "src/mcp-handlers.ts"() {
+    "use strict";
+  }
+});
+
 // src/skill-manifest.ts
 import { readFileSync, existsSync, readdirSync } from "node:fs";
 import { resolve as resolve2, join as join4 } from "node:path";
@@ -76612,21 +76893,26 @@ function loadSkillsFromDirectory(dir) {
   const skills = [];
   const absDir = resolve2(dir);
   if (!existsSync(absDir)) return skills;
-  const rootSkill = join4(absDir, "SKILL.md");
-  if (existsSync(rootSkill)) {
-    const content = readFileSync(rootSkill, "utf-8");
-    const skill = parseSkillMd(content);
-    if (skill) skills.push(skill);
+  const seen = /* @__PURE__ */ new Set();
+  function tryLoad(filePath) {
+    if (seen.has(filePath)) return;
+    seen.add(filePath);
+    try {
+      const content = readFileSync(filePath, "utf-8");
+      const skill = parseSkillMd(content);
+      if (skill) skills.push(skill);
+    } catch {
+    }
   }
   try {
     const entries = readdirSync(absDir, { withFileTypes: true });
     for (const entry of entries) {
-      if (entry.isDirectory()) {
+      if (entry.isFile() && entry.name.endsWith("SKILL.md")) {
+        tryLoad(join4(absDir, entry.name));
+      } else if (entry.isDirectory()) {
         const subSkill = join4(absDir, entry.name, "SKILL.md");
         if (existsSync(subSkill)) {
-          const content = readFileSync(subSkill, "utf-8");
-          const skill = parseSkillMd(content);
-          if (skill) skills.push(skill);
+          tryLoad(subSkill);
         }
       }
     }
@@ -76674,60 +76960,6 @@ var init_skill_manifest = __esm({
   }
 });
 
-// src/openclaw-entry.ts
-var isUsingManagedRoutes;
-var init_openclaw_entry = __esm({
-  "src/openclaw-entry.ts"() {
-    "use strict";
-    init_account_config();
-    init_fetch_interceptor();
-    init_http_handlers();
-    init_openclaw_compat();
-    init_types();
-    init_mcp_server2();
-    init_skill_manifest();
-    isUsingManagedRoutes = false;
-  }
-});
-
-// src/mcp-handlers.ts
-function createMcpHandler(mcpServer, basePath = "/mcp") {
-  return (req, res, next) => {
-    const url2 = new URL(req.url ?? "/", `http://${req.headers.host ?? "localhost"}`);
-    const pathname = url2.pathname;
-    if (!pathname.startsWith(basePath)) {
-      if (next) next();
-      return;
-    }
-    if (!mcpServer) {
-      res.writeHead(503, { "Content-Type": "application/json" });
-      res.end(JSON.stringify({ error: "MCP server not initialized" }));
-      return;
-    }
-    mcpServer.handleRequest(req, res).catch((err) => {
-      console.error("[MCP] Request handling error:", err);
-      if (!res.headersSent) {
-        res.writeHead(500, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: "Internal MCP error" }));
-      }
-    });
-  };
-}
-function getMcpStatus(mcpServer) {
-  if (!mcpServer) {
-    return { mcp_enabled: false, mcp_skills_count: 0 };
-  }
-  return {
-    mcp_enabled: true,
-    mcp_skills_count: mcpServer.skillCount
-  };
-}
-var init_mcp_handlers = __esm({
-  "src/mcp-handlers.ts"() {
-    "use strict";
-  }
-});
-
 // src/skill-invoker.ts
 async function invokeSkill(opts, handler) {
   const start = Date.now();
@@ -77081,6 +77313,7 @@ var init_index = __esm({
   async "src/index.ts"() {
     await init_channel();
     init_types();
+    init_credential_store();
     init_account_config();
     await init_openclaw_plugin();
     init_gateway_send();
@@ -77099,6 +77332,7 @@ var init_index = __esm({
 await init_index();
 export {
   AgentVaultMcpServer,
+  CredentialStore,
   PolicyEnforcer,
   SecureChannel,
   VERSION,